From d9feeb93f502f4314ddc357b75f0e4cd62a40892 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <tianon@debian.org>
Date: Mon, 4 Jul 2016 17:59:44 +0100
Subject: [PATCH] Import docker.io_1.11.2~ds1.orig.tar.gz

[dgit import orig docker.io_1.11.2~ds1.orig.tar.gz]
---
 .dockerignore                                 |    3 +
 .github/ISSUE_TEMPLATE.md                     |   51 +
 .github/PULL_REQUEST_TEMPLATE.md              |   23 +
 .gitignore                                    |   27 +
 .mailmap                                      |  237 +
 AUTHORS                                       | 1460 ++++
 CHANGELOG.md                                  | 2435 ++++++
 CONTRIBUTING.md                               |  436 ++
 Dockerfile                                    |  269 +
 Dockerfile.aarch64                            |  209 +
 Dockerfile.armhf                              |  227 +
 Dockerfile.gccgo                              |  102 +
 Dockerfile.ppc64le                            |  225 +
 Dockerfile.s390x                              |  206 +
 Dockerfile.simple                             |   56 +
 Dockerfile.windows                            |  101 +
 LICENSE                                       |  191 +
 MAINTAINERS                                   |  255 +
 Makefile                                      |  106 +
 NOTICE                                        |   19 +
 README.md                                     |  301 +
 ROADMAP.md                                    |  140 +
 VENDORING.md                                  |   45 +
 VERSION                                       |    1 +
 api/README.md                                 |    5 +
 api/client/attach.go                          |  109 +
 api/client/build.go                           |  399 +
 api/client/cli.go                             |  215 +
 api/client/client.go                          |    5 +
 api/client/commit.go                          |   85 +
 api/client/cp.go                              |  298 +
 api/client/create.go                          |  180 +
 api/client/diff.go                            |   49 +
 api/client/events.go                          |  146 +
 api/client/exec.go                            |  166 +
 api/client/exec_test.go                       |  130 +
 api/client/export.go                          |   42 +
 api/client/formatter/custom.go                |  242 +
 api/client/formatter/custom_test.go           |  192 +
 api/client/formatter/formatter.go             |  255 +
 api/client/formatter/formatter_test.go        |  535 ++
 api/client/hijack.go                          |   56 +
 api/client/history.go                         |   76 +
 api/client/images.go                          |   81 +
 api/client/import.go                          |   82 +
 api/client/info.go                            |  155 +
 api/client/inspect.go                         |  127 +
 api/client/inspect/inspector.go               |  119 +
 api/client/inspect/inspector_go14.go          |   40 +
 api/client/inspect/inspector_go15.go          |   29 +
 api/client/inspect/inspector_test.go          |  221 +
 api/client/kill.go                            |   35 +
 api/client/load.go                            |   50 +
 api/client/login.go                           |  177 +
 api/client/logout.go                          |   41 +
 api/client/logs.go                            |   65 +
 api/client/network.go                         |  392 +
 api/client/pause.go                           |   34 +
 api/client/port.go                            |   61 +
 api/client/ps.go                              |   89 +
 api/client/pull.go                            |   89 +
 api/client/push.go                            |   76 +
 api/client/rename.go                          |   34 +
 api/client/restart.go                         |   35 +
 api/client/rm.go                              |   56 +
 api/client/rmi.go                             |   59 +
 api/client/run.go                             |  287 +
 api/client/save.go                            |   42 +
 api/client/search.go                          |   93 +
 api/client/start.go                           |  157 +
 api/client/stats.go                           |  208 +
 api/client/stats_helpers.go                   |  219 +
 api/client/stats_unit_test.go                 |   47 +
 api/client/stop.go                            |   37 +
 api/client/tag.go                             |   46 +
 api/client/top.go                             |   41 +
 api/client/trust.go                           |  559 ++
 api/client/trust_test.go                      |   56 +
 api/client/unpause.go                         |   34 +
 api/client/update.go                          |  117 +
 api/client/utils.go                           |  202 +
 api/client/version.go                         |   95 +
 api/client/volume.go                          |  177 +
 api/client/wait.go                            |   37 +
 api/common.go                                 |  146 +
 api/common_test.go                            |  341 +
 api/fixtures/keyfile                          |    7 +
 api/server/httputils/errors.go                |   70 +
 api/server/httputils/form.go                  |   73 +
 api/server/httputils/form_test.go             |  105 +
 api/server/httputils/httputils.go             |  107 +
 api/server/middleware.go                      |   41 +
 api/server/middleware/authorization.go        |   42 +
 api/server/middleware/cors.go                 |   33 +
 api/server/middleware/debug.go                |   56 +
 api/server/middleware/middleware.go           |    7 +
 api/server/middleware/user_agent.go           |   37 +
 api/server/middleware/version.go              |   45 +
 api/server/middleware/version_test.go         |   64 +
 api/server/profiler.go                        |   40 +
 api/server/router/build/backend.go            |   20 +
 api/server/router/build/build.go              |   29 +
 api/server/router/build/build_routes.go       |  213 +
 api/server/router/container/backend.go        |   71 +
 api/server/router/container/container.go      |   63 +
 .../router/container/container_routes.go      |  531 ++
 api/server/router/container/copy.go           |  112 +
 api/server/router/container/exec.go           |  134 +
 api/server/router/container/inspect.go        |   21 +
 api/server/router/image/backend.go            |   44 +
 api/server/router/image/image.go              |   44 +
 api/server/router/image/image_routes.go       |  383 +
 api/server/router/local.go                    |   61 +
 api/server/router/network/backend.go          |   19 +
 api/server/router/network/filter.go           |  110 +
 api/server/router/network/network.go          |   37 +
 api/server/router/network/network_routes.go   |  277 +
 api/server/router/router.go                   |   19 +
 api/server/router/system/backend.go           |   18 +
 api/server/router/system/system.go            |   33 +
 api/server/router/system/system_routes.go     |  125 +
 api/server/router/volume/backend.go           |   15 +
 api/server/router/volume/volume.go            |   35 +
 api/server/router/volume/volume_routes.go     |   66 +
 api/server/router_swapper.go                  |   30 +
 api/server/server.go                          |  195 +
 api/server/server_test.go                     |   34 +
 api/types/backend/backend.go                  |   69 +
 builder/builder.go                            |  153 +
 builder/context.go                            |  260 +
 builder/context_unix.go                       |   11 +
 builder/context_windows.go                    |   17 +
 builder/dockerfile/bflag.go                   |  176 +
 builder/dockerfile/bflag_test.go              |  187 +
 builder/dockerfile/builder.go                 |  326 +
 builder/dockerfile/command/command.go         |   42 +
 builder/dockerfile/dispatchers.go             |  639 ++
 builder/dockerfile/envVarTest                 |  112 +
 builder/dockerfile/evaluator.go               |  215 +
 builder/dockerfile/internals.go               |  662 ++
 builder/dockerfile/parser/dumper/main.go      |   32 +
 builder/dockerfile/parser/json_test.go        |   55 +
 builder/dockerfile/parser/line_parsers.go     |  331 +
 builder/dockerfile/parser/parser.go           |  161 +
 builder/dockerfile/parser/parser_test.go      |  154 +
 .../parser/testfile-line/Dockerfile           |   34 +
 .../env_no_value/Dockerfile                   |    3 +
 .../shykes-nested-json/Dockerfile             |    1 +
 .../testfiles/ADD-COPY-with-JSON/Dockerfile   |   11 +
 .../testfiles/ADD-COPY-with-JSON/result       |   10 +
 .../testfiles/brimstone-consuldock/Dockerfile |   25 +
 .../testfiles/brimstone-consuldock/result     |    5 +
 .../brimstone-docker-consul/Dockerfile        |   52 +
 .../testfiles/brimstone-docker-consul/result  |    9 +
 .../testfiles/continueIndent/Dockerfile       |   36 +
 .../parser/testfiles/continueIndent/result    |   10 +
 .../testfiles/cpuguy83-nagios/Dockerfile      |   54 +
 .../parser/testfiles/cpuguy83-nagios/result   |   40 +
 .../parser/testfiles/docker/Dockerfile        |  103 +
 .../dockerfile/parser/testfiles/docker/result |   24 +
 .../parser/testfiles/env/Dockerfile           |   23 +
 .../dockerfile/parser/testfiles/env/result    |   16 +
 .../parser/testfiles/escapes/Dockerfile       |   14 +
 .../parser/testfiles/escapes/result           |    6 +
 .../parser/testfiles/flags/Dockerfile         |   10 +
 .../dockerfile/parser/testfiles/flags/result  |   10 +
 .../parser/testfiles/influxdb/Dockerfile      |   15 +
 .../parser/testfiles/influxdb/result          |   11 +
 .../Dockerfile                                |    1 +
 .../result                                    |    1 +
 .../Dockerfile                                |    1 +
 .../result                                    |    1 +
 .../Dockerfile                                |    1 +
 .../jeztah-invalid-json-single-quotes/result  |    1 +
 .../Dockerfile                                |    1 +
 .../result                                    |    1 +
 .../Dockerfile                                |    1 +
 .../result                                    |    1 +
 .../parser/testfiles/json/Dockerfile          |    8 +
 .../dockerfile/parser/testfiles/json/result   |    8 +
 .../kartar-entrypoint-oddities/Dockerfile     |    7 +
 .../kartar-entrypoint-oddities/result         |    7 +
 .../lk4d4-the-edge-case-generator/Dockerfile  |   48 +
 .../lk4d4-the-edge-case-generator/result      |   29 +
 .../parser/testfiles/mail/Dockerfile          |   16 +
 .../dockerfile/parser/testfiles/mail/result   |   14 +
 .../testfiles/multiple-volumes/Dockerfile     |    3 +
 .../parser/testfiles/multiple-volumes/result  |    2 +
 .../parser/testfiles/mumble/Dockerfile        |    7 +
 .../dockerfile/parser/testfiles/mumble/result |    4 +
 .../parser/testfiles/nginx/Dockerfile         |   14 +
 .../dockerfile/parser/testfiles/nginx/result  |   11 +
 .../parser/testfiles/tf2/Dockerfile           |   23 +
 .../dockerfile/parser/testfiles/tf2/result    |   20 +
 .../parser/testfiles/weechat/Dockerfile       |    9 +
 .../parser/testfiles/weechat/result           |    6 +
 .../parser/testfiles/znc/Dockerfile           |    7 +
 .../dockerfile/parser/testfiles/znc/result    |    5 +
 builder/dockerfile/parser/utils.go            |  176 +
 builder/dockerfile/shell_parser.go            |  314 +
 builder/dockerfile/shell_parser_test.go       |  143 +
 builder/dockerfile/support.go                 |   16 +
 builder/dockerfile/wordsTest                  |   25 +
 builder/dockerignore.go                       |   47 +
 builder/dockerignore/dockerignore.go          |   35 +
 builder/dockerignore/dockerignore_test.go     |   55 +
 builder/git.go                                |   28 +
 builder/remote.go                             |  152 +
 builder/remote_test.go                        |  146 +
 builder/tarsum.go                             |  158 +
 cli/cli.go                                    |  200 +
 cli/client.go                                 |   12 +
 cli/common.go                                 |   80 +
 cliconfig/config.go                           |  289 +
 cliconfig/config_test.go                      |  565 ++
 cliconfig/credentials/credentials.go          |   17 +
 cliconfig/credentials/default_store.go        |   22 +
 cliconfig/credentials/default_store_darwin.go |    3 +
 cliconfig/credentials/default_store_linux.go  |    3 +
 .../credentials/default_store_unsupported.go  |    5 +
 .../credentials/default_store_windows.go      |    3 +
 cliconfig/credentials/file_store.go           |   67 +
 cliconfig/credentials/file_store_test.go      |  138 +
 cliconfig/credentials/native_store.go         |  196 +
 cliconfig/credentials/native_store_test.go    |  354 +
 cliconfig/credentials/shell_command.go        |   28 +
 container/archive.go                          |   69 +
 container/container.go                        |  947 +++
 container/container_unit_test.go              |   36 +
 container/container_unix.go                   |  405 +
 container/container_windows.go                |  105 +
 container/history.go                          |   30 +
 container/memory_store.go                     |   92 +
 container/memory_store_test.go                |  106 +
 container/monitor.go                          |   60 +
 container/mounts_unix.go                      |   12 +
 container/mounts_windows.go                   |    8 +
 container/state.go                            |  283 +
 container/state_test.go                       |  109 +
 container/state_unix.go                       |   10 +
 container/state_windows.go                    |    7 +
 container/store.go                            |   28 +
 contrib/README.md                             |    4 +
 contrib/REVIEWERS                             |    1 +
 contrib/apparmor/main.go                      |   56 +
 contrib/apparmor/template.go                  |  268 +
 contrib/builder/deb/amd64/README.md           |    5 +
 contrib/builder/deb/amd64/build.sh            |   10 +
 .../deb/amd64/debian-jessie/Dockerfile        |   16 +
 .../deb/amd64/debian-stretch/Dockerfile       |   16 +
 .../deb/amd64/debian-wheezy/Dockerfile        |   17 +
 contrib/builder/deb/amd64/generate.sh         |  131 +
 .../deb/amd64/ubuntu-precise/Dockerfile       |   16 +
 .../deb/amd64/ubuntu-trusty/Dockerfile        |   16 +
 .../builder/deb/amd64/ubuntu-wily/Dockerfile  |   16 +
 .../deb/amd64/ubuntu-xenial/Dockerfile        |   16 +
 .../deb/armhf/debian-jessie/Dockerfile        |   10 +
 contrib/builder/rpm/amd64/README.md           |    5 +
 contrib/builder/rpm/amd64/build.sh            |   10 +
 contrib/builder/rpm/amd64/centos-7/Dockerfile |   19 +
 .../builder/rpm/amd64/fedora-22/Dockerfile    |   18 +
 .../builder/rpm/amd64/fedora-23/Dockerfile    |   18 +
 contrib/builder/rpm/amd64/generate.sh         |  174 +
 .../rpm/amd64/opensuse-13.2/Dockerfile        |   18 +
 .../rpm/amd64/oraclelinux-6/Dockerfile        |   28 +
 .../rpm/amd64/oraclelinux-7/Dockerfile        |   18 +
 contrib/check-config.sh                       |  267 +
 contrib/completion/REVIEWERS                  |    2 +
 contrib/completion/bash/docker                | 2251 ++++++
 contrib/completion/fish/docker.fish           |  400 +
 .../completion/powershell/posh-docker.psm1    |  179 +
 contrib/completion/zsh/REVIEWERS              |    2 +
 contrib/completion/zsh/_docker                | 1160 +++
 contrib/desktop-integration/README.md         |   11 +
 .../desktop-integration/chromium/Dockerfile   |   36 +
 .../desktop-integration/gparted/Dockerfile    |   31 +
 contrib/docker-device-tool/device_tool.go     |  176 +
 .../docker-device-tool/device_tool_windows.go |    4 +
 contrib/docker-engine-selinux/LICENSE         |  340 +
 contrib/docker-engine-selinux/Makefile        |   16 +
 contrib/docker-engine-selinux/docker.fc       |   20 +
 contrib/docker-engine-selinux/docker.if       |  461 ++
 contrib/docker-engine-selinux/docker.te       |  414 +
 .../docker-engine-selinux/docker_selinux.8.gz |  Bin 0 -> 2847 bytes
 contrib/dockerize-disk.sh                     |  118 +
 contrib/download-frozen-image-v1.sh           |  108 +
 contrib/download-frozen-image-v2.sh           |  121 +
 contrib/httpserver/Dockerfile                 |    4 +
 contrib/httpserver/server.go                  |   12 +
 contrib/init/openrc/docker.confd              |   13 +
 contrib/init/openrc/docker.initd              |   19 +
 contrib/init/systemd/REVIEWERS                |    3 +
 contrib/init/systemd/docker.service           |   22 +
 contrib/init/systemd/docker.socket            |   12 +
 contrib/init/sysvinit-debian/docker           |  149 +
 contrib/init/sysvinit-debian/docker.default   |   20 +
 contrib/init/sysvinit-redhat/docker           |  153 +
 contrib/init/sysvinit-redhat/docker.sysconfig |    7 +
 contrib/init/upstart/REVIEWERS                |    2 +
 contrib/init/upstart/docker.conf              |   68 +
 contrib/mkimage-alpine.sh                     |   87 +
 contrib/mkimage-arch-pacman.conf              |   92 +
 contrib/mkimage-arch.sh                       |  122 +
 contrib/mkimage-archarm-pacman.conf           |   98 +
 contrib/mkimage-busybox.sh                    |   43 +
 contrib/mkimage-crux.sh                       |   75 +
 contrib/mkimage-debootstrap.sh                |  297 +
 contrib/mkimage-rinse.sh                      |  123 +
 contrib/mkimage-yum.sh                        |  134 +
 contrib/mkimage.sh                            |  117 +
 contrib/mkimage/.febootstrap-minimize         |   28 +
 contrib/mkimage/busybox-static                |   34 +
 contrib/mkimage/debootstrap                   |  240 +
 contrib/mkimage/mageia-urpmi                  |   61 +
 contrib/mkimage/rinse                         |   25 +
 contrib/nnp-test/Dockerfile                   |    9 +
 contrib/nnp-test/nnp-test.c                   |   10 +
 contrib/nuke-graph-directory.sh               |   65 +
 contrib/project-stats.sh                      |   22 +
 contrib/report-issue.sh                       |  105 +
 contrib/reprepro/suites.sh                    |   12 +
 contrib/syntax/kate/Dockerfile.xml            |   70 +
 contrib/syntax/nano/Dockerfile.nanorc         |   26 +
 contrib/syntax/nano/README.md                 |   32 +
 .../Preferences/Dockerfile.tmPreferences      |   24 +
 .../Syntaxes/Dockerfile.tmLanguage            |  143 +
 .../textmate/Docker.tmbundle/info.plist       |   16 +
 contrib/syntax/textmate/README.md             |   17 +
 contrib/syntax/textmate/REVIEWERS             |    1 +
 contrib/syntax/vim/LICENSE                    |   22 +
 contrib/syntax/vim/README.md                  |   26 +
 contrib/syntax/vim/doc/dockerfile.txt         |   18 +
 contrib/syntax/vim/ftdetect/dockerfile.vim    |    1 +
 contrib/syntax/vim/syntax/dockerfile.vim      |   31 +
 contrib/syscall-test/Dockerfile               |    9 +
 contrib/syscall-test/acct.c                   |   16 +
 contrib/syscall-test/ns.c                     |   63 +
 contrib/syscall-test/userns.c                 |   63 +
 contrib/udev/80-docker.rules                  |    3 +
 contrib/vagrant-docker/README.md              |   50 +
 daemon/apparmor_default.go                    |   30 +
 daemon/apparmor_default_unsupported.go        |    6 +
 daemon/archive.go                             |  429 +
 daemon/archive_unix.go                        |   57 +
 daemon/archive_windows.go                     |   18 +
 daemon/attach.go                              |  120 +
 daemon/caps/utils_unix.go                     |  131 +
 daemon/changes.go                             |   15 +
 daemon/commit.go                              |  233 +
 daemon/config.go                              |  374 +
 daemon/config_experimental.go                 |    8 +
 daemon/config_stub.go                         |    8 +
 daemon/config_test.go                         |  278 +
 daemon/config_unix.go                         |   88 +
 daemon/config_windows.go                      |   45 +
 daemon/container_operations.go                |  742 ++
 daemon/container_operations_unix.go           |  389 +
 daemon/container_operations_windows.go        |   62 +
 daemon/create.go                              |  185 +
 daemon/create_unix.go                         |   76 +
 daemon/create_windows.go                      |   75 +
 daemon/daemon.go                              | 1765 +++++
 daemon/daemon_experimental.go                 |    9 +
 daemon/daemon_linux.go                        |   80 +
 daemon/daemon_linux_test.go                   |  104 +
 daemon/daemon_stub.go                         |    9 +
 daemon/daemon_test.go                         |  532 ++
 daemon/daemon_unix.go                         | 1126 +++
 daemon/daemon_unix_test.go                    |  199 +
 daemon/daemon_unsupported.go                  |    5 +
 daemon/daemon_windows.go                      |  467 ++
 daemon/debugtrap_unix.go                      |   21 +
 daemon/debugtrap_unsupported.go               |    7 +
 daemon/debugtrap_windows.go                   |   30 +
 daemon/delete.go                              |  157 +
 daemon/delete_test.go                         |   42 +
 daemon/discovery.go                           |  203 +
 daemon/discovery_test.go                      |  152 +
 daemon/errors.go                              |   57 +
 daemon/events.go                              |   88 +
 daemon/events/events.go                       |  142 +
 daemon/events/events_test.go                  |  196 +
 daemon/events/filter.go                       |   82 +
 daemon/events/testutils/testutils.go          |   76 +
 daemon/events_test.go                         |   94 +
 daemon/exec.go                                |  246 +
 daemon/exec/exec.go                           |   93 +
 daemon/exec_linux.go                          |   26 +
 daemon/exec_windows.go                        |   14 +
 daemon/export.go                              |   55 +
 daemon/graphdriver/aufs/aufs.go               |  564 ++
 daemon/graphdriver/aufs/aufs_test.go          |  801 ++
 daemon/graphdriver/aufs/dirs.go               |   64 +
 daemon/graphdriver/aufs/mount.go              |   21 +
 daemon/graphdriver/aufs/mount_linux.go        |    7 +
 daemon/graphdriver/aufs/mount_unsupported.go  |   12 +
 daemon/graphdriver/btrfs/btrfs.go             |  330 +
 daemon/graphdriver/btrfs/btrfs_test.go        |   63 +
 daemon/graphdriver/btrfs/dummy_unsupported.go |    3 +
 daemon/graphdriver/btrfs/version.go           |   26 +
 daemon/graphdriver/btrfs/version_none.go      |   14 +
 daemon/graphdriver/btrfs/version_test.go      |   13 +
 daemon/graphdriver/counter.go                 |   32 +
 daemon/graphdriver/devmapper/README.md        |   96 +
 daemon/graphdriver/devmapper/deviceset.go     | 2570 ++++++
 daemon/graphdriver/devmapper/devmapper_doc.go |  106 +
 .../graphdriver/devmapper/devmapper_test.go   |  110 +
 daemon/graphdriver/devmapper/driver.go        |  219 +
 daemon/graphdriver/devmapper/mount.go         |   89 +
 daemon/graphdriver/driver.go                  |  234 +
 daemon/graphdriver/driver_freebsd.go          |   19 +
 daemon/graphdriver/driver_linux.go            |   99 +
 daemon/graphdriver/driver_unsupported.go      |   15 +
 daemon/graphdriver/driver_windows.go          |   16 +
 daemon/graphdriver/fsdiff.go                  |  162 +
 .../graphdriver/graphtest/graphtest_unix.go   |  299 +
 .../graphtest/graphtest_windows.go            |    1 +
 daemon/graphdriver/overlay/copy.go            |  169 +
 daemon/graphdriver/overlay/overlay.go         |  486 ++
 daemon/graphdriver/overlay/overlay_test.go    |   31 +
 .../overlay/overlay_unsupported.go            |    3 +
 daemon/graphdriver/plugin.go                  |   32 +
 daemon/graphdriver/plugin_unsupported.go      |    7 +
 daemon/graphdriver/proxy.go                   |  209 +
 daemon/graphdriver/register/register_aufs.go  |    8 +
 daemon/graphdriver/register/register_btrfs.go |    8 +
 .../register/register_devicemapper.go         |    8 +
 .../graphdriver/register/register_overlay.go  |    8 +
 daemon/graphdriver/register/register_vfs.go   |    6 +
 .../graphdriver/register/register_windows.go  |    6 +
 daemon/graphdriver/register/register_zfs.go   |    8 +
 daemon/graphdriver/vfs/driver.go              |  135 +
 daemon/graphdriver/vfs/vfs_test.go            |   37 +
 daemon/graphdriver/windows/windows.go         |  745 ++
 daemon/graphdriver/zfs/MAINTAINERS            |    2 +
 daemon/graphdriver/zfs/zfs.go                 |  359 +
 daemon/graphdriver/zfs/zfs_freebsd.go         |   38 +
 daemon/graphdriver/zfs/zfs_linux.go           |   27 +
 daemon/graphdriver/zfs/zfs_test.go            |   31 +
 daemon/graphdriver/zfs/zfs_unsupported.go     |   11 +
 daemon/image_delete.go                        |  371 +
 daemon/images.go                              |  162 +
 daemon/import.go                              |  109 +
 daemon/info.go                                |  167 +
 daemon/inspect.go                             |  245 +
 daemon/inspect_unix.go                        |   91 +
 daemon/inspect_windows.go                     |   40 +
 daemon/kill.go                                |  153 +
 daemon/links.go                               |  128 +
 daemon/links/links.go                         |  141 +
 daemon/links/links_test.go                    |  213 +
 daemon/links_test.go                          |   98 +
 daemon/list.go                                |  515 ++
 daemon/list_unix.go                           |   11 +
 daemon/list_windows.go                        |   20 +
 daemon/logdrivers_linux.go                    |   14 +
 daemon/logdrivers_windows.go                  |   10 +
 daemon/logger/awslogs/cloudwatchlogs.go       |  376 +
 daemon/logger/awslogs/cloudwatchlogs_test.go  |  627 ++
 .../logger/awslogs/cwlogsiface_mock_test.go   |   76 +
 daemon/logger/context.go                      |  112 +
 daemon/logger/copier.go                       |   86 +
 daemon/logger/copier_test.go                  |  132 +
 daemon/logger/etwlogs/etwlogs_windows.go      |  183 +
 daemon/logger/factory.go                      |   89 +
 daemon/logger/fluentd/fluentd.go              |  201 +
 daemon/logger/gcplogs/gcplogging.go           |  191 +
 daemon/logger/gelf/gelf.go                    |  212 +
 daemon/logger/gelf/gelf_unsupported.go        |    3 +
 daemon/logger/journald/journald.go            |   95 +
 .../logger/journald/journald_unsupported.go   |    6 +
 daemon/logger/journald/read.go                |  330 +
 daemon/logger/journald/read_native.go         |    6 +
 daemon/logger/journald/read_native_compat.go  |    6 +
 daemon/logger/journald/read_unsupported.go    |    7 +
 daemon/logger/jsonfilelog/jsonfilelog.go      |  147 +
 daemon/logger/jsonfilelog/jsonfilelog_test.go |  248 +
 daemon/logger/jsonfilelog/read.go             |  235 +
 daemon/logger/logger.go                       |   87 +
 daemon/logger/loggerutils/log_tag.go          |   46 +
 daemon/logger/loggerutils/log_tag_test.go     |   58 +
 daemon/logger/loggerutils/rotatefilewriter.go |  124 +
 daemon/logger/splunk/splunk.go                |  266 +
 daemon/logger/syslog/syslog.go                |  247 +
 daemon/logger/syslog/syslog_test.go           |   45 +
 daemon/logger/syslog/syslog_unsupported.go    |    3 +
 daemon/logs.go                                |  154 +
 daemon/monitor.go                             |  144 +
 daemon/monitor_linux.go                       |   14 +
 daemon/monitor_windows.go                     |   13 +
 daemon/mounts.go                              |   48 +
 daemon/network.go                             |  205 +
 daemon/network/settings.go                    |   22 +
 daemon/oci_linux.go                           |  687 ++
 daemon/oci_windows.go                         |  187 +
 daemon/pause.go                               |   49 +
 daemon/rename.go                              |   85 +
 daemon/resize.go                              |   40 +
 daemon/restart.go                             |   48 +
 daemon/seccomp_disabled.go                    |   12 +
 daemon/seccomp_linux.go                       |   46 +
 daemon/selinux_linux.go                       |   17 +
 daemon/selinux_unsupported.go                 |   13 +
 daemon/start.go                               |  185 +
 daemon/stats.go                               |  121 +
 daemon/stats_collector_unix.go                |  189 +
 daemon/stats_collector_windows.go             |   35 +
 daemon/stop.go                                |   65 +
 daemon/top_unix.go                            |   85 +
 daemon/top_windows.go                         |   32 +
 daemon/unpause.go                             |   43 +
 daemon/update.go                              |  100 +
 daemon/update_linux.go                        |   25 +
 daemon/update_windows.go                      |   13 +
 daemon/volumes.go                             |  178 +
 daemon/volumes_unit_test.go                   |   39 +
 daemon/volumes_unix.go                        |   78 +
 daemon/volumes_windows.go                     |   51 +
 daemon/wait.go                                |   17 +
 distribution/errors.go                        |  113 +
 .../fixtures/validate_manifest/bad_manifest   |   38 +
 .../validate_manifest/extra_data_manifest     |   46 +
 .../fixtures/validate_manifest/good_manifest  |   38 +
 distribution/metadata/metadata.go             |   77 +
 distribution/metadata/v1_id_service.go        |   44 +
 distribution/metadata/v1_id_service_test.go   |   83 +
 distribution/metadata/v2_metadata_service.go  |  137 +
 .../metadata/v2_metadata_service_test.go      |  115 +
 distribution/pull.go                          |  205 +
 distribution/pull_v1.go                       |  362 +
 distribution/pull_v2.go                       |  840 ++
 distribution/pull_v2_test.go                  |  183 +
 distribution/pull_v2_unix.go                  |   12 +
 distribution/pull_v2_windows.go               |   29 +
 distribution/push.go                          |  219 +
 distribution/push_v1.go                       |  454 ++
 distribution/push_v2.go                       |  438 ++
 distribution/registry.go                      |  130 +
 distribution/registry_unit_test.go            |  133 +
 distribution/xfer/download.go                 |  430 +
 distribution/xfer/download_test.go            |  340 +
 distribution/xfer/transfer.go                 |  392 +
 distribution/xfer/transfer_test.go            |  414 +
 distribution/xfer/upload.go                   |  163 +
 distribution/xfer/upload_test.go              |  143 +
 docker/README.md                              |    3 +
 docker/client.go                              |   33 +
 docker/client_test.go                         |   23 +
 docker/common.go                              |  100 +
 docker/daemon.go                              |  421 +
 docker/daemon_freebsd.go                      |    7 +
 docker/daemon_linux.go                        |   13 +
 docker/daemon_none.go                         |   13 +
 docker/daemon_test.go                         |  296 +
 docker/daemon_unix.go                         |   82 +
 docker/daemon_unix_test.go                    |  212 +
 docker/daemon_windows.go                      |   64 +
 docker/docker.go                              |   82 +
 docker/docker_windows.go                      |    5 +
 docker/flags.go                               |   30 +
 docker/flags_test.go                          |   13 +
 docker/listeners/listeners.go                 |   22 +
 docker/listeners/listeners_unix.go            |  119 +
 docker/listeners/listeners_windows.go         |   58 +
 dockerversion/useragent.go                    |   74 +
 dockerversion/version_lib.go                  |   13 +
 docs/.gitignore                               |    2 +
 docs/Dockerfile                               |   17 +
 docs/Makefile                                 |   54 +
 docs/README.md                                |  288 +
 docs/admin/ambassador_pattern_linking.md      |  159 +
 docs/admin/b2d_volume_images/add_cd.png       |  Bin 0 -> 27607 bytes
 .../b2d_volume_images/add_new_controller.png  |  Bin 0 -> 36100 bytes
 docs/admin/b2d_volume_images/add_volume.png   |  Bin 0 -> 30506 bytes
 docs/admin/b2d_volume_images/boot_order.png   |  Bin 0 -> 28432 bytes
 docs/admin/b2d_volume_images/gparted.png      |  Bin 0 -> 77989 bytes
 docs/admin/b2d_volume_images/gparted2.png     |  Bin 0 -> 71561 bytes
 docs/admin/b2d_volume_images/verify.png       |  Bin 0 -> 9581 bytes
 docs/admin/b2d_volume_resize.md               |  165 +
 docs/admin/cfengine_process_management.md     |  150 +
 docs/admin/chef.md                            |   75 +
 docs/admin/configuring.md                     |  280 +
 docs/admin/dsc.md                             |  174 +
 docs/admin/formatting.md                      |   66 +
 docs/admin/host_integration.md                |   88 +
 docs/admin/index.md                           |   11 +
 docs/admin/logging/awslogs.md                 |   90 +
 docs/admin/logging/etwlogs.md                 |   69 +
 docs/admin/logging/fluentd.md                 |  115 +
 docs/admin/logging/gcplogs.md                 |   70 +
 docs/admin/logging/index.md                   |   23 +
 docs/admin/logging/journald.md                |   92 +
 docs/admin/logging/log_tags.md                |   51 +
 docs/admin/logging/overview.md                |  246 +
 docs/admin/logging/splunk.md                  |   69 +
 docs/admin/puppet.md                          |  100 +
 docs/admin/registry_mirror.md                 |   19 +
 docs/admin/runmetrics.md                      |  464 ++
 docs/admin/systemd.md                         |  159 +
 docs/admin/using_supervisord.md               |  119 +
 docs/article-img/architecture.svg             | 2597 ++++++
 docs/breaking_changes.md                      |   52 +
 docs/deprecated.md                            |  148 +
 docs/examples/apt-cacher-ng.Dockerfile        |   15 +
 docs/examples/apt-cacher-ng.md                |  126 +
 docs/examples/couchbase.md                    |  235 +
 docs/examples/couchbase/web-console.png       |  Bin 0 -> 162338 bytes
 docs/examples/couchdb_data_volumes.md         |   49 +
 docs/examples/index.md                        |   23 +
 docs/examples/mongodb.md                      |  177 +
 docs/examples/mongodb/Dockerfile              |   22 +
 docs/examples/nodejs_web_app.md               |  199 +
 docs/examples/postgresql_service.Dockerfile   |   49 +
 docs/examples/postgresql_service.md           |  153 +
 docs/examples/running_redis_service.md        |   89 +
 docs/examples/running_riak_service.Dockerfile |   31 +
 docs/examples/running_riak_service.md         |  108 +
 docs/examples/running_ssh_service.Dockerfile  |   20 +
 docs/examples/running_ssh_service.md          |   84 +
 docs/examples/supervisord.conf                |   12 +
 docs/extend/images/authz_additional_info.png  |  Bin 0 -> 45916 bytes
 docs/extend/images/authz_allow.png            |  Bin 0 -> 33505 bytes
 docs/extend/images/authz_chunked.png          |  Bin 0 -> 33168 bytes
 .../extend/images/authz_connection_hijack.png |  Bin 0 -> 38780 bytes
 docs/extend/images/authz_deny.png             |  Bin 0 -> 27099 bytes
 docs/extend/index.md                          |   22 +
 docs/extend/plugin_api.md                     |  188 +
 docs/extend/plugins.md                        |  115 +
 docs/extend/plugins_authorization.md          |  254 +
 docs/extend/plugins_network.md                |   57 +
 docs/extend/plugins_volume.md                 |  216 +
 docs/faq.md                                   |  294 +
 docs/index.md                                 |  121 +
 docs/installation/binaries.md                 |  249 +
 docs/installation/cloud/cloud-ex-aws.md       |  208 +
 .../cloud/cloud-ex-machine-ocean.md           |  201 +
 docs/installation/cloud/index.md              |   25 +
 docs/installation/cloud/overview.md           |   56 +
 docs/installation/images/bad_host.png         |  Bin 0 -> 27367 bytes
 docs/installation/images/cool_view.png        |  Bin 0 -> 24385 bytes
 docs/installation/images/ec2-ubuntu.png       |  Bin 0 -> 238001 bytes
 .../images/ec2_instance_details.png           |  Bin 0 -> 187842 bytes
 .../installation/images/ec2_instance_type.png |  Bin 0 -> 145409 bytes
 .../images/ec2_launch_instance.png            |  Bin 0 -> 234843 bytes
 docs/installation/images/good_host.png        |  Bin 0 -> 30853 bytes
 docs/installation/images/kitematic.png        |  Bin 0 -> 14191 bytes
 .../installation/images/linux_docker_host.svg | 1195 +++
 .../installation/images/mac-page-finished.png |  Bin 0 -> 158534 bytes
 docs/installation/images/mac-page-two.png     |  Bin 0 -> 140504 bytes
 .../images/mac-password-prompt.png            |  Bin 0 -> 30903 bytes
 docs/installation/images/mac-success.png      |  Bin 0 -> 28755 bytes
 docs/installation/images/mac-welcome-page.png |  Bin 0 -> 155430 bytes
 docs/installation/images/mac_docker_host.svg  | 1243 +++
 docs/installation/images/my-docker-vm.png     |  Bin 0 -> 136985 bytes
 docs/installation/images/newsite_view.png     |  Bin 0 -> 21403 bytes
 docs/installation/images/nginx-webserver.png  |  Bin 0 -> 82642 bytes
 docs/installation/images/ocean_click_api.png  |  Bin 0 -> 37127 bytes
 docs/installation/images/ocean_droplet.png    |  Bin 0 -> 26453 bytes
 .../images/ocean_droplet_ubuntu.png           |  Bin 0 -> 26811 bytes
 docs/installation/images/ocean_gen_token.png  |  Bin 0 -> 42803 bytes
 docs/installation/images/ocean_save_token.png |  Bin 0 -> 51520 bytes
 .../images/ocean_token_create.png             |  Bin 0 -> 57138 bytes
 docs/installation/images/virtualization.png   |  Bin 0 -> 59249 bytes
 docs/installation/images/win-page-6.png       |  Bin 0 -> 88115 bytes
 docs/installation/images/win-welcome.png      |  Bin 0 -> 94143 bytes
 docs/installation/images/win_docker_host.svg  | 1259 +++
 docs/installation/images/win_ver.png          |  Bin 0 -> 50312 bytes
 .../images/windows-boot2docker-cmd.png        |  Bin 0 -> 37436 bytes
 .../images/windows-boot2docker-powershell.png |  Bin 0 -> 37945 bytes
 .../images/windows-boot2docker-start.png      |  Bin 0 -> 75786 bytes
 docs/installation/images/windows-finish.png   |  Bin 0 -> 119402 bytes
 docs/installation/index.md                    |   48 +
 docs/installation/linux/SUSE.md               |  117 +
 docs/installation/linux/archlinux.md          |  105 +
 docs/installation/linux/centos.md             |  192 +
 docs/installation/linux/cruxlinux.md          |   93 +
 docs/installation/linux/debian.md             |  184 +
 docs/installation/linux/fedora.md             |  203 +
 docs/installation/linux/frugalware.md         |   75 +
 docs/installation/linux/gentoolinux.md        |  122 +
 docs/installation/linux/index.md              |   29 +
 docs/installation/linux/oracle.md             |  214 +
 docs/installation/linux/rhel.md               |  184 +
 docs/installation/linux/ubuntulinux.md        |  452 ++
 docs/installation/mac.md                      |  428 +
 docs/installation/windows.md                  |  379 +
 docs/migration.md                             |   84 +
 docs/quickstart.md                            |  205 +
 docs/reference/api/README.md                  |   15 +
 .../_static/io_oauth_authorization_page.png   |  Bin 0 -> 39458 bytes
 docs/reference/api/docker-io_api.md           |   16 +
 docs/reference/api/docker_io_accounts_api.md  |  277 +
 docs/reference/api/docker_remote_api.md       |  291 +
 docs/reference/api/docker_remote_api_v1.14.md | 1470 ++++
 docs/reference/api/docker_remote_api_v1.15.md | 1764 +++++
 docs/reference/api/docker_remote_api_v1.16.md | 1834 +++++
 docs/reference/api/docker_remote_api_v1.17.md | 2008 +++++
 docs/reference/api/docker_remote_api_v1.18.md | 2125 +++++
 docs/reference/api/docker_remote_api_v1.19.md | 2206 ++++++
 docs/reference/api/docker_remote_api_v1.20.md | 2346 ++++++
 docs/reference/api/docker_remote_api_v1.21.md | 2914 +++++++
 docs/reference/api/docker_remote_api_v1.22.md | 3142 ++++++++
 docs/reference/api/docker_remote_api_v1.23.md | 3228 ++++++++
 docs/reference/api/hub_registry_spec.md       |   18 +
 docs/reference/api/images/event_state.gliffy  |    1 +
 docs/reference/api/images/event_state.png     |  Bin 0 -> 78354 bytes
 docs/reference/api/index.md                   |   16 +
 .../api/remote_api_client_libraries.md        |  248 +
 docs/reference/builder.md                     | 1344 ++++
 docs/reference/commandline/attach.md          |  115 +
 docs/reference/commandline/build.md           |  318 +
 docs/reference/commandline/cli.md             |  209 +
 docs/reference/commandline/commit.md          |   82 +
 docs/reference/commandline/cp.md              |   89 +
 docs/reference/commandline/create.md          |  162 +
 docs/reference/commandline/daemon.md          |  958 +++
 docs/reference/commandline/diff.md            |   40 +
 docs/reference/commandline/docker_images.gif  |  Bin 0 -> 35785 bytes
 docs/reference/commandline/events.md          |  165 +
 docs/reference/commandline/exec.md            |   56 +
 docs/reference/commandline/export.md          |   35 +
 docs/reference/commandline/history.md         |   40 +
 docs/reference/commandline/images.md          |  229 +
 docs/reference/commandline/import.md          |   69 +
 docs/reference/commandline/index.md           |   88 +
 docs/reference/commandline/info.md            |   69 +
 docs/reference/commandline/inspect.md         |   76 +
 docs/reference/commandline/kill.md            |   26 +
 docs/reference/commandline/load.md            |   37 +
 docs/reference/commandline/login.md           |  117 +
 docs/reference/commandline/logout.md          |   22 +
 docs/reference/commandline/logs.md            |   50 +
 docs/reference/commandline/network_connect.md |   93 +
 docs/reference/commandline/network_create.md  |  169 +
 .../commandline/network_disconnect.md         |   35 +
 docs/reference/commandline/network_inspect.md |  119 +
 docs/reference/commandline/network_ls.md      |  135 +
 docs/reference/commandline/network_rm.md      |   47 +
 docs/reference/commandline/pause.md           |   27 +
 docs/reference/commandline/port.md            |   34 +
 docs/reference/commandline/ps.md              |  251 +
 docs/reference/commandline/pull.md            |  228 +
 docs/reference/commandline/push.md            |   26 +
 docs/reference/commandline/rename.md          |   19 +
 docs/reference/commandline/restart.md         |   18 +
 docs/reference/commandline/rm.md              |   61 +
 docs/reference/commandline/rmi.md             |   75 +
 docs/reference/commandline/run.md             |  614 ++
 docs/reference/commandline/save.md            |   37 +
 docs/reference/commandline/search.md          |   97 +
 docs/reference/commandline/start.md           |   20 +
 docs/reference/commandline/stats.md           |   40 +
 docs/reference/commandline/stop.md            |   22 +
 docs/reference/commandline/tag.md             |   20 +
 docs/reference/commandline/top.md             |   17 +
 docs/reference/commandline/unpause.md         |   24 +
 docs/reference/commandline/update.md          |   73 +
 docs/reference/commandline/version.md         |   55 +
 docs/reference/commandline/volume_create.md   |   76 +
 docs/reference/commandline/volume_inspect.md  |   47 +
 docs/reference/commandline/volume_ls.md       |   41 +
 docs/reference/commandline/volume_rm.md       |   29 +
 docs/reference/commandline/wait.md            |   17 +
 docs/reference/glossary.md                    |  221 +
 docs/reference/index.md                       |   18 +
 docs/reference/run.md                         | 1468 ++++
 docs/security/apparmor.md                     |  183 +
 docs/security/certificates.md                 |   85 +
 docs/security/https.md                        |  216 +
 docs/security/https/Dockerfile                |   10 +
 docs/security/https/Makefile                  |   24 +
 docs/security/https/README.md                 |   33 +
 docs/security/https/make_certs.sh             |   23 +
 docs/security/https/parsedocs.sh              |   10 +
 docs/security/index.md                        |   24 +
 docs/security/seccomp.md                      |  143 +
 docs/security/security.md                     |  276 +
 docs/security/trust/content_trust.md          |  300 +
 docs/security/trust/deploying_notary.md       |   34 +
 docs/security/trust/images/tag_signing.png    |  Bin 0 -> 74416 bytes
 docs/security/trust/images/trust_.gliffy      |    1 +
 .../trust/images/trust_components.gliffy      |    1 +
 .../trust/images/trust_components.png         |  Bin 0 -> 124071 bytes
 .../trust/images/trust_signing.gliffy         |    1 +
 docs/security/trust/images/trust_signing.png  |  Bin 0 -> 71621 bytes
 docs/security/trust/images/trust_view.gliffy  |    1 +
 docs/security/trust/images/trust_view.png     |  Bin 0 -> 59533 bytes
 docs/security/trust/index.md                  |   21 +
 docs/security/trust/trust_automation.md       |   80 +
 docs/security/trust/trust_delegation.md       |  226 +
 docs/security/trust/trust_key_mng.md          |   90 +
 docs/security/trust/trust_sandbox.md          |  331 +
 docs/static_files/README.md                   |   17 +
 docs/static_files/contributors.png            |  Bin 0 -> 23100 bytes
 docs/static_files/docker-logo-compressed.png  |  Bin 0 -> 4972 bytes
 docs/static_files/docker_pull_chart.png       |  Bin 0 -> 7188 bytes
 docs/static_files/docker_push_chart.png       |  Bin 0 -> 8700 bytes
 docs/static_files/dockerlogo-v.png            |  Bin 0 -> 9670 bytes
 docs/touch-up.sh                              |   20 +
 docs/understanding-docker.md                  |  278 +
 docs/userguide/containers/dockerimages.md     |  554 ++
 docs/userguide/containers/dockerizing.md      |  194 +
 docs/userguide/containers/dockerrepos.md      |  187 +
 docs/userguide/containers/dockervolumes.md    |  372 +
 docs/userguide/containers/index.md            |   19 +
 .../containers/networkingcontainers.md        |  247 +
 docs/userguide/containers/search.png          |  Bin 0 -> 17923 bytes
 docs/userguide/containers/usingdocker.md      |  306 +
 docs/userguide/containers/webapp1.png         |  Bin 0 -> 13345 bytes
 docs/userguide/eng-image/baseimages.md        |   71 +
 .../eng-image/dockerfile_best-practices.md    |  495 ++
 docs/userguide/eng-image/image_management.md  |   53 +
 docs/userguide/eng-image/index.md             |   16 +
 docs/userguide/index.md                       |   63 +
 docs/userguide/intro.md                       |  118 +
 docs/userguide/labels-custom-metadata.md      |  229 +
 docs/userguide/networking/configure-dns.md    |  138 +
 .../networking/default_network/binding.md     |  103 +
 .../default_network/build-bridges.md          |   78 +
 .../default_network/configure-dns.md          |  132 +
 .../container-communication.md                |  125 +
 .../default_network/custom-docker0.md         |   62 +
 .../networking/default_network/dockerlinks.md |  358 +
 .../images/ipv6_basic_host_config.gliffy      |    1 +
 .../images/ipv6_basic_host_config.svg         |    1 +
 .../images/ipv6_ndp_proxying.gliffy           |    1 +
 .../images/ipv6_ndp_proxying.svg              |    1 +
 .../images/ipv6_routed_network_example.gliffy |    1 +
 .../images/ipv6_routed_network_example.svg    |    1 +
 .../images/ipv6_slash64_subnet_config.gliffy  |    1 +
 .../images/ipv6_slash64_subnet_config.svg     |    1 +
 .../ipv6_switched_network_example.gliffy      |    1 +
 .../images/ipv6_switched_network_example.svg  |    1 +
 .../networking/default_network/index.md       |   25 +
 .../networking/default_network/ipv6.md        |  259 +
 docs/userguide/networking/dockernetworks.md   |  523 ++
 .../networking/get-started-overlay.md         |  326 +
 .../networking/images/bridge_network.gliffy   |    1 +
 .../networking/images/bridge_network.png      |  Bin 0 -> 15878 bytes
 .../networking/images/bridge_network.svg      |    1 +
 .../networking/images/engine_on_net.gliffy    |    1 +
 .../networking/images/engine_on_net.png       |  Bin 0 -> 14032 bytes
 .../networking/images/engine_on_net.svg       |    1 +
 .../networking/images/key_value.gliffy        |    1 +
 .../userguide/networking/images/key_value.png |  Bin 0 -> 12898 bytes
 .../userguide/networking/images/key_value.svg |    1 +
 .../networking/images/network_access.gliffy   |    1 +
 .../networking/images/network_access.png      |  Bin 0 -> 30649 bytes
 .../networking/images/network_access.svg      |    1 +
 .../images/overlay-network-final.gliffy       |    1 +
 .../images/overlay-network-final.png          |  Bin 0 -> 28072 bytes
 .../images/overlay-network-final.svg          |    1 +
 .../networking/images/overlay_network.gliffy  |    1 +
 .../networking/images/overlay_network.png     |  Bin 0 -> 23276 bytes
 .../networking/images/overlay_network.svg     |    1 +
 .../networking/images/working.gliffy          |    1 +
 docs/userguide/networking/images/working.png  |  Bin 0 -> 18319 bytes
 docs/userguide/networking/images/working.svg  |    1 +
 docs/userguide/networking/index.md            |   21 +
 .../networking/work-with-networks.md          |  863 ++
 docs/userguide/storagedriver/aufs-driver.md   |  216 +
 docs/userguide/storagedriver/btrfs-driver.md  |  315 +
 .../storagedriver/device-mapper-driver.md     |  467 ++
 .../storagedriver/images/aufs_delete.jpg      |  Bin 0 -> 39059 bytes
 .../storagedriver/images/aufs_layers.jpg      |  Bin 0 -> 82675 bytes
 .../storagedriver/images/aufs_metadata.jpg    |  Bin 0 -> 26599 bytes
 .../storagedriver/images/base_device.jpg      |  Bin 0 -> 46684 bytes
 .../storagedriver/images/btfs_constructs.jpg  |  Bin 0 -> 63773 bytes
 .../images/btfs_container_layer.jpg           |  Bin 0 -> 67433 bytes
 .../storagedriver/images/btfs_layers.png      |  Bin 0 -> 69487 bytes
 .../storagedriver/images/btfs_pool.jpg        |  Bin 0 -> 43267 bytes
 .../storagedriver/images/btfs_snapshots.jpg   |  Bin 0 -> 19902 bytes
 .../storagedriver/images/btfs_subvolume.jpg   |  Bin 0 -> 30522 bytes
 .../images/container-layers-cas.jpg           |  Bin 0 -> 139325 bytes
 .../storagedriver/images/container-layers.jpg |  Bin 0 -> 46046 bytes
 .../storagedriver/images/dm_container.jpg     |  Bin 0 -> 51563 bytes
 .../storagedriver/images/driver-pros-cons.png |  Bin 0 -> 105762 bytes
 .../storagedriver/images/image-layers.jpg     |  Bin 0 -> 26599 bytes
 .../images/overlay_constructs.jpg             |  Bin 0 -> 49536 bytes
 .../images/overlay_constructs2.jpg            |  Bin 0 -> 84972 bytes
 .../storagedriver/images/saving-space.jpg     |  Bin 0 -> 57009 bytes
 .../storagedriver/images/shared-uuid.jpg      |  Bin 0 -> 251815 bytes
 .../storagedriver/images/shared-volume.jpg    |  Bin 0 -> 48857 bytes
 .../storagedriver/images/sharing-layers.jpg   |  Bin 0 -> 56036 bytes
 .../storagedriver/images/two_dm_container.jpg |  Bin 0 -> 65447 bytes
 .../storagedriver/images/zfs_clones.jpg       |  Bin 0 -> 23027 bytes
 .../storagedriver/images/zfs_zpool.jpg        |  Bin 0 -> 30560 bytes
 .../storagedriver/images/zpool_blocks.jpg     |  Bin 0 -> 42455 bytes
 .../storagedriver/imagesandcontainers.md      |  495 ++
 docs/userguide/storagedriver/index.md         |   38 +
 .../storagedriver/overlayfs-driver.md         |  299 +
 docs/userguide/storagedriver/selectadriver.md |  206 +
 docs/userguide/storagedriver/zfs-driver.md    |  296 +
 errors/errors.go                              |   41 +
 experimental/README.md                        |   81 +
 experimental/images/ipvlan-l3.gliffy          |    1 +
 experimental/images/ipvlan-l3.png             |  Bin 0 -> 18260 bytes
 experimental/images/ipvlan-l3.svg             |    1 +
 experimental/images/ipvlan_l2_simple.gliffy   |    1 +
 experimental/images/ipvlan_l2_simple.png      |  Bin 0 -> 20145 bytes
 experimental/images/ipvlan_l2_simple.svg      |    1 +
 .../images/macvlan-bridge-ipvlan-l2.gliffy    |    1 +
 .../images/macvlan-bridge-ipvlan-l2.png       |  Bin 0 -> 14527 bytes
 .../images/macvlan-bridge-ipvlan-l2.svg       |    1 +
 .../images/macvlan_bridge_simple.gliffy       |    1 +
 experimental/images/macvlan_bridge_simple.png |  Bin 0 -> 22392 bytes
 experimental/images/macvlan_bridge_simple.svg |    1 +
 .../images/multi_tenant_8021q_vlans.gliffy    |    1 +
 .../images/multi_tenant_8021q_vlans.png       |  Bin 0 -> 17879 bytes
 .../images/multi_tenant_8021q_vlans.svg       |    1 +
 experimental/images/vlans-deeper-look.gliffy  |    1 +
 experimental/images/vlans-deeper-look.png     |  Bin 0 -> 38837 bytes
 experimental/images/vlans-deeper-look.svg     |    1 +
 experimental/plugins_graphdriver.md           |  321 +
 experimental/vlan-networks.md                 |  721 ++
 hack/.vendor-helpers.sh                       |  160 +
 hack/Jenkins/W2L/postbuild.sh                 |   35 +
 hack/Jenkins/W2L/setup.sh                     |  274 +
 hack/Jenkins/readme.md                        |    3 +
 hack/dind                                     |   33 +
 hack/generate-authors.sh                      |   15 +
 hack/install.sh                               |  506 ++
 hack/make.sh                                  |  355 +
 hack/make/.build-deb/compat                   |    1 +
 hack/make/.build-deb/control                  |   29 +
 .../.build-deb/docker-engine.bash-completion  |    1 +
 .../.build-deb/docker-engine.docker.default   |    1 +
 .../make/.build-deb/docker-engine.docker.init |    1 +
 .../.build-deb/docker-engine.docker.upstart   |    1 +
 hack/make/.build-deb/docker-engine.install    |   12 +
 hack/make/.build-deb/docker-engine.manpages   |    1 +
 hack/make/.build-deb/docker-engine.postinst   |   20 +
 hack/make/.build-deb/docker-engine.udev       |    1 +
 hack/make/.build-deb/docs                     |    1 +
 hack/make/.build-deb/rules                    |   45 +
 .../.build-rpm/docker-engine-selinux.spec     |  109 +
 hack/make/.build-rpm/docker-engine.spec       |  230 +
 hack/make/.detect-daemon-osarch               |   66 +
 hack/make/.ensure-emptyfs                     |   23 +
 hack/make/.ensure-frozen-images               |   67 +
 hack/make/.ensure-frozen-images-windows       |   25 +
 hack/make/.ensure-httpserver                  |   15 +
 hack/make/.ensure-nnp-test                    |   22 +
 hack/make/.ensure-syscall-test                |   23 +
 hack/make/.go-autogen                         |   63 +
 hack/make/.integration-daemon-setup           |   14 +
 hack/make/.integration-daemon-start           |   99 +
 hack/make/.integration-daemon-stop            |   27 +
 .../.resources-windows/docker.exe.manifest    |   18 +
 hack/make/.resources-windows/docker.ico       |  Bin 0 -> 370070 bytes
 hack/make/.resources-windows/docker.png       |  Bin 0 -> 658195 bytes
 hack/make/.validate                           |   33 +
 hack/make/README.md                           |   17 +
 hack/make/binary                              |   65 +
 hack/make/build-deb                           |   98 +
 hack/make/build-rpm                           |  153 +
 hack/make/clean-apt-repo                      |   43 +
 hack/make/clean-yum-repo                      |   20 +
 hack/make/cover                               |   20 +
 hack/make/cross                               |   34 +
 hack/make/dynbinary                           |   10 +
 hack/make/dyngccgo                            |   11 +
 hack/make/gccgo                               |   30 +
 hack/make/generate-index-listing              |   74 +
 hack/make/install-script                      |   63 +
 hack/make/release-deb                         |  150 +
 hack/make/release-rpm                         |   78 +
 hack/make/sign-repos                          |   55 +
 hack/make/test-deb-install                    |   68 +
 hack/make/test-docker-py                      |   18 +
 hack/make/test-install-script                 |   31 +
 hack/make/test-integration-cli                |   18 +
 hack/make/test-old-apt-repo                   |   29 +
 hack/make/test-unit                           |   35 +
 hack/make/tgz                                 |   69 +
 hack/make/ubuntu                              |  190 +
 hack/make/update-apt-repo                     |   70 +
 hack/make/validate-dco                        |   54 +
 hack/make/validate-default-seccomp            |   27 +
 hack/make/validate-gofmt                      |   30 +
 hack/make/validate-lint                       |   30 +
 hack/make/validate-pkg                        |   32 +
 hack/make/validate-test                       |   35 +
 hack/make/validate-toml                       |   30 +
 hack/make/validate-vendor                     |   27 +
 hack/make/validate-vet                        |   31 +
 hack/make/win                                 |   20 +
 hack/release.sh                               |  318 +
 hack/vendor.sh                                |   94 +
 image/fs.go                                   |  184 +
 image/fs_test.go                              |  384 +
 image/image.go                                |  138 +
 image/image_test.go                           |   59 +
 image/rootfs.go                               |    8 +
 image/rootfs_unix.go                          |   23 +
 image/rootfs_windows.go                       |   37 +
 image/spec/v1.md                              |  573 ++
 image/store.go                                |  295 +
 image/store_test.go                           |  300 +
 image/tarexport/load.go                       |  372 +
 image/tarexport/save.go                       |  319 +
 image/tarexport/tarexport.go                  |   37 +
 image/v1/imagev1.go                           |  148 +
 integration-cli/benchmark_test.go             |   95 +
 integration-cli/check_test.go                 |  216 +
 integration-cli/daemon.go                     |  486 ++
 integration-cli/docker_api_attach_test.go     |  164 +
 integration-cli/docker_api_auth_test.go       |   23 +
 integration-cli/docker_api_build_test.go      |  257 +
 integration-cli/docker_api_containers_test.go | 1626 ++++
 integration-cli/docker_api_create_test.go     |   45 +
 integration-cli/docker_api_events_test.go     |   73 +
 .../docker_api_exec_resize_test.go            |  105 +
 integration-cli/docker_api_exec_test.go       |  183 +
 integration-cli/docker_api_images_test.go     |  129 +
 integration-cli/docker_api_info_test.go       |   40 +
 integration-cli/docker_api_inspect_test.go    |  183 +
 .../docker_api_inspect_unix_test.go           |   35 +
 integration-cli/docker_api_logs_test.go       |   89 +
 integration-cli/docker_api_network_test.go    |  337 +
 integration-cli/docker_api_resize_test.go     |   44 +
 integration-cli/docker_api_stats_test.go      |  257 +
 integration-cli/docker_api_test.go            |  101 +
 .../docker_api_update_unix_test.go            |   35 +
 integration-cli/docker_api_version_test.go    |   23 +
 integration-cli/docker_api_volumes_test.go    |   88 +
 integration-cli/docker_cli_attach_test.go     |  162 +
 .../docker_cli_attach_unix_test.go            |  230 +
 integration-cli/docker_cli_authz_unix_test.go |  363 +
 integration-cli/docker_cli_build_test.go      | 6976 +++++++++++++++++
 integration-cli/docker_cli_build_unix_test.go |  206 +
 integration-cli/docker_cli_by_digest_test.go  |  585 ++
 integration-cli/docker_cli_commit_test.go     |  189 +
 integration-cli/docker_cli_config_test.go     |  138 +
 .../docker_cli_cp_from_container_test.go      |  489 ++
 integration-cli/docker_cli_cp_test.go         |  665 ++
 .../docker_cli_cp_to_container_test.go        |  605 ++
 .../docker_cli_cp_to_container_unix_test.go   |   39 +
 integration-cli/docker_cli_cp_utils.go        |  303 +
 integration-cli/docker_cli_create_test.go     |  460 ++
 .../docker_cli_daemon_experimental_test.go    |  195 +
 ...docker_cli_daemon_not_experimental_test.go |   59 +
 integration-cli/docker_cli_daemon_test.go     | 2161 +++++
 integration-cli/docker_cli_diff_test.go       |   87 +
 integration-cli/docker_cli_events_test.go     |  647 ++
 .../docker_cli_events_unix_test.go            |  362 +
 integration-cli/docker_cli_exec_test.go       |  511 ++
 integration-cli/docker_cli_exec_unix_test.go  |   70 +
 .../docker_cli_experimental_test.go           |   21 +
 .../docker_cli_export_import_test.go          |   49 +
 ...cker_cli_external_graphdriver_unix_test.go |  384 +
 integration-cli/docker_cli_help_test.go       |  298 +
 integration-cli/docker_cli_history_test.go    |  125 +
 integration-cli/docker_cli_images_test.go     |  290 +
 integration-cli/docker_cli_import_test.go     |  123 +
 integration-cli/docker_cli_info_test.go       |  166 +
 .../docker_cli_inspect_experimental_test.go   |   33 +
 integration-cli/docker_cli_inspect_test.go    |  393 +
 integration-cli/docker_cli_kill_test.go       |   95 +
 integration-cli/docker_cli_links_test.go      |  213 +
 integration-cli/docker_cli_links_unix_test.go |   26 +
 integration-cli/docker_cli_login_test.go      |   44 +
 integration-cli/docker_cli_logout_test.go     |   56 +
 integration-cli/docker_cli_logs_bench_test.go |   32 +
 integration-cli/docker_cli_logs_test.go       |  309 +
 integration-cli/docker_cli_nat_test.go        |   93 +
 integration-cli/docker_cli_netmode_test.go    |   88 +
 .../docker_cli_network_unix_test.go           | 1513 ++++
 integration-cli/docker_cli_oom_killed_test.go |   30 +
 integration-cli/docker_cli_pause_test.go      |   67 +
 integration-cli/docker_cli_port_test.go       |  319 +
 integration-cli/docker_cli_proxy_test.go      |   53 +
 integration-cli/docker_cli_ps_test.go         |  852 ++
 integration-cli/docker_cli_pull_local_test.go |  423 +
 integration-cli/docker_cli_pull_test.go       |  265 +
 .../docker_cli_pull_trusted_test.go           |  365 +
 integration-cli/docker_cli_push_test.go       |  728 ++
 .../docker_cli_registry_user_agent_test.go    |  120 +
 integration-cli/docker_cli_rename_test.go     |   86 +
 integration-cli/docker_cli_restart_test.go    |  249 +
 integration-cli/docker_cli_rm_test.go         |   86 +
 integration-cli/docker_cli_rmi_test.go        |  362 +
 integration-cli/docker_cli_run_test.go        | 4311 ++++++++++
 integration-cli/docker_cli_run_unix_test.go   | 1009 +++
 integration-cli/docker_cli_save_load_test.go  |  352 +
 .../docker_cli_save_load_unix_test.go         |   87 +
 integration-cli/docker_cli_search_test.go     |   55 +
 integration-cli/docker_cli_sni_test.go        |   44 +
 integration-cli/docker_cli_start_test.go      |  173 +
 ...ocker_cli_start_volume_driver_unix_test.go |  443 ++
 integration-cli/docker_cli_stats_test.go      |  162 +
 integration-cli/docker_cli_tag_test.go        |  251 +
 integration-cli/docker_cli_top_test.go        |   43 +
 integration-cli/docker_cli_update_test.go     |   31 +
 .../docker_cli_update_unix_test.go            |  212 +
 integration-cli/docker_cli_userns_test.go     |   86 +
 integration-cli/docker_cli_v2_only_test.go    |  125 +
 integration-cli/docker_cli_version_test.go    |   58 +
 integration-cli/docker_cli_volume_test.go     |  283 +
 integration-cli/docker_cli_wait_test.go       |   95 +
 .../docker_experimental_network_test.go       |  591 ++
 integration-cli/docker_hub_pull_suite_test.go |   90 +
 integration-cli/docker_test_vars.go           |  129 +
 integration-cli/docker_utils.go               | 1495 ++++
 integration-cli/events_utils.go               |  206 +
 .../auth/docker-credential-shell-test         |   33 +
 integration-cli/fixtures/https/ca.pem         |   23 +
 .../fixtures/https/client-cert.pem            |   73 +
 integration-cli/fixtures/https/client-key.pem |   16 +
 .../fixtures/https/client-rogue-cert.pem      |   73 +
 .../fixtures/https/client-rogue-key.pem       |   16 +
 .../fixtures/https/server-cert.pem            |   76 +
 integration-cli/fixtures/https/server-key.pem |   16 +
 .../fixtures/https/server-rogue-cert.pem      |   76 +
 .../fixtures/https/server-rogue-key.pem       |   16 +
 integration-cli/fixtures/load/emptyLayer.tar  |  Bin 0 -> 30720 bytes
 integration-cli/fixtures/notary/delgkey1.crt  |   24 +
 integration-cli/fixtures/notary/delgkey1.key  |   27 +
 integration-cli/fixtures/notary/delgkey2.crt  |   24 +
 integration-cli/fixtures/notary/delgkey2.key  |   27 +
 integration-cli/fixtures/notary/delgkey3.crt  |   24 +
 integration-cli/fixtures/notary/delgkey3.key  |   27 +
 integration-cli/fixtures/notary/delgkey4.crt  |   24 +
 integration-cli/fixtures/notary/delgkey4.key  |   27 +
 .../fixtures/notary/localhost.cert            |   19 +
 integration-cli/fixtures/notary/localhost.key |   27 +
 integration-cli/fixtures/registry/cert.pem    |   21 +
 integration-cli/npipe.go                      |   12 +
 integration-cli/npipe_windows.go              |   12 +
 integration-cli/registry.go                   |  175 +
 integration-cli/registry_mock.go              |   55 +
 integration-cli/requirements.go               |  189 +
 integration-cli/requirements_unix.go          |  106 +
 integration-cli/test_vars_exec.go             |    8 +
 integration-cli/test_vars_noexec.go           |    8 +
 integration-cli/test_vars_noseccomp.go        |    8 +
 integration-cli/test_vars_seccomp.go          |    8 +
 integration-cli/test_vars_unix.go             |   16 +
 integration-cli/test_vars_windows.go          |   18 +
 integration-cli/trust_server.go               |  336 +
 integration-cli/utils.go                      |   85 +
 layer/empty.go                                |   48 +
 layer/empty_test.go                           |   46 +
 layer/filestore.go                            |  326 +
 layer/filestore_test.go                       |  104 +
 layer/layer.go                                |  262 +
 layer/layer_store.go                          |  666 ++
 layer/layer_test.go                           |  788 ++
 layer/layer_unix.go                           |    9 +
 layer/layer_unix_test.go                      |   71 +
 layer/layer_windows.go                        |   98 +
 layer/migration.go                            |  256 +
 layer/migration_test.go                       |  448 ++
 layer/mount_test.go                           |  230 +
 layer/mounted_layer.go                        |  188 +
 layer/ro_layer.go                             |  164 +
 libcontainerd/client.go                       |   46 +
 libcontainerd/client_linux.go                 |  401 +
 libcontainerd/client_liverestore_linux.go     |   83 +
 libcontainerd/client_shutdownrestore_linux.go |   46 +
 libcontainerd/client_windows.go               |  567 ++
 libcontainerd/container.go                    |   40 +
 libcontainerd/container_linux.go              |  209 +
 libcontainerd/container_windows.go            |  206 +
 libcontainerd/pausemonitor_linux.go           |   31 +
 libcontainerd/process.go                      |   18 +
 libcontainerd/process_linux.go                |  110 +
 libcontainerd/process_windows.go              |   27 +
 libcontainerd/queue_linux.go                  |   29 +
 libcontainerd/remote.go                       |   18 +
 libcontainerd/remote_linux.go                 |  449 ++
 libcontainerd/remote_windows.go               |   27 +
 libcontainerd/types.go                        |   60 +
 libcontainerd/types_linux.go                  |   47 +
 libcontainerd/types_windows.go                |   24 +
 libcontainerd/utils_linux.go                  |   52 +
 libcontainerd/utils_windows.go                |   16 +
 libcontainerd/windowsoci/oci_windows.go       |  190 +
 libcontainerd/windowsoci/unsupported.go       |    3 +
 man/Dockerfile                                |    7 +
 man/Dockerfile.5.md                           |  472 ++
 man/README.md                                 |   33 +
 man/config-json.5.md                          |   72 +
 man/docker-attach.1.md                        |   99 +
 man/docker-build.1.md                         |  311 +
 man/docker-commit.1.md                        |   70 +
 man/docker-cp.1.md                            |  166 +
 man/docker-create.1.md                        |  470 ++
 man/docker-daemon.8.md                        |  568 ++
 man/docker-diff.1.md                          |   49 +
 man/docker-events.1.md                        |   96 +
 man/docker-exec.1.md                          |   64 +
 man/docker-export.1.md                        |   46 +
 man/docker-history.1.md                       |   52 +
 man/docker-images.1.md                        |  111 +
 man/docker-import.1.md                        |   72 +
 man/docker-info.1.md                          |   66 +
 man/docker-inspect.1.md                       |  322 +
 man/docker-kill.1.md                          |   28 +
 man/docker-load.1.md                          |   49 +
 man/docker-login.1.md                         |   56 +
 man/docker-logout.1.md                        |   32 +
 man/docker-logs.1.md                          |   64 +
 man/docker-network-connect.1.md               |   69 +
 man/docker-network-create.1.md                |  170 +
 man/docker-network-disconnect.1.md            |   36 +
 man/docker-network-inspect.1.md               |  112 +
 man/docker-network-ls.1.md                    |  138 +
 man/docker-network-rm.1.md                    |   43 +
 man/docker-pause.1.md                         |   30 +
 man/docker-port.1.md                          |   47 +
 man/docker-ps.1.md                            |  141 +
 man/docker-pull.1.md                          |  220 +
 man/docker-push.1.md                          |   54 +
 man/docker-rename.1.md                        |   15 +
 man/docker-restart.1.md                       |   26 +
 man/docker-rm.1.md                            |   72 +
 man/docker-rmi.1.md                           |   42 +
 man/docker-run.1.md                           |  955 +++
 man/docker-save.1.md                          |   45 +
 man/docker-search.1.md                        |   65 +
 man/docker-start.1.md                         |   39 +
 man/docker-stats.1.md                         |   43 +
 man/docker-stop.1.md                          |   30 +
 man/docker-tag.1.md                           |   61 +
 man/docker-top.1.md                           |   36 +
 man/docker-unpause.1.md                       |   27 +
 man/docker-update.1.md                        |  108 +
 man/docker-version.1.md                       |   62 +
 man/docker-volume-create.1.md                 |   65 +
 man/docker-volume-inspect.1.md                |   29 +
 man/docker-volume-ls.1.md                     |   30 +
 man/docker-volume-rm.1.md                     |   26 +
 man/docker-volume.1.md                        |   51 +
 man/docker-wait.1.md                          |   30 +
 man/docker.1.md                               |  244 +
 man/md2man-all.sh                             |   22 +
 migrate/v1/migratev1.go                       |  508 ++
 migrate/v1/migratev1_test.go                  |  429 +
 oci/defaults_linux.go                         |  210 +
 oci/defaults_windows.go                       |   23 +
 opts/hosts.go                                 |  148 +
 opts/hosts_test.go                            |  154 +
 opts/hosts_unix.go                            |    8 +
 opts/hosts_windows.go                         |    6 +
 opts/ip.go                                    |   42 +
 opts/ip_test.go                               |   54 +
 opts/opts.go                                  |  242 +
 opts/opts_test.go                             |  232 +
 opts/opts_unix.go                             |    6 +
 opts/opts_windows.go                          |   56 +
 pkg/README.md                                 |   11 +
 pkg/aaparser/aaparser.go                      |   92 +
 pkg/aaparser/aaparser_test.go                 |   73 +
 pkg/archive/README.md                         |    1 +
 pkg/archive/archive.go                        | 1087 +++
 pkg/archive/archive_test.go                   | 1148 +++
 pkg/archive/archive_unix.go                   |  112 +
 pkg/archive/archive_unix_test.go              |  245 +
 pkg/archive/archive_windows.go                |   70 +
 pkg/archive/archive_windows_test.go           |   91 +
 pkg/archive/changes.go                        |  416 +
 pkg/archive/changes_linux.go                  |  285 +
 pkg/archive/changes_other.go                  |   97 +
 pkg/archive/changes_posix_test.go             |  127 +
 pkg/archive/changes_test.go                   |  565 ++
 pkg/archive/changes_unix.go                   |   36 +
 pkg/archive/changes_windows.go                |   30 +
 pkg/archive/copy.go                           |  458 ++
 pkg/archive/copy_unix.go                      |   11 +
 pkg/archive/copy_unix_test.go                 |  978 +++
 pkg/archive/copy_windows.go                   |    9 +
 pkg/archive/diff.go                           |  279 +
 pkg/archive/diff_test.go                      |  386 +
 pkg/archive/example_changes.go                |   97 +
 pkg/archive/testdata/broken.tar               |  Bin 0 -> 13824 bytes
 pkg/archive/time_linux.go                     |   16 +
 pkg/archive/time_unsupported.go               |   16 +
 pkg/archive/utils_test.go                     |  166 +
 pkg/archive/whiteouts.go                      |   23 +
 pkg/archive/wrap.go                           |   59 +
 pkg/archive/wrap_test.go                      |   98 +
 pkg/authorization/api.go                      |   54 +
 pkg/authorization/authz.go                    |  165 +
 pkg/authorization/authz_unix_test.go          |  276 +
 pkg/authorization/plugin.go                   |   83 +
 pkg/authorization/response.go                 |  203 +
 pkg/broadcaster/unbuffered.go                 |   49 +
 pkg/broadcaster/unbuffered_test.go            |  162 +
 pkg/chrootarchive/archive.go                  |   97 +
 pkg/chrootarchive/archive_test.go             |  394 +
 pkg/chrootarchive/archive_unix.go             |   94 +
 pkg/chrootarchive/archive_windows.go          |   22 +
 pkg/chrootarchive/diff.go                     |   19 +
 pkg/chrootarchive/diff_unix.go                |  120 +
 pkg/chrootarchive/diff_windows.go             |   44 +
 pkg/chrootarchive/init_unix.go                |   28 +
 pkg/chrootarchive/init_windows.go             |    4 +
 pkg/devicemapper/devmapper.go                 |  807 ++
 pkg/devicemapper/devmapper_log.go             |   35 +
 pkg/devicemapper/devmapper_wrapper.go         |  251 +
 .../devmapper_wrapper_deferred_remove.go      |   34 +
 .../devmapper_wrapper_no_deferred_remove.go   |   15 +
 pkg/devicemapper/ioctl.go                     |   27 +
 pkg/devicemapper/log.go                       |   11 +
 pkg/directory/directory.go                    |   26 +
 pkg/directory/directory_test.go               |  185 +
 pkg/directory/directory_unix.go               |   39 +
 pkg/directory/directory_windows.go            |   28 +
 pkg/discovery/README.md                       |   41 +
 pkg/discovery/backends.go                     |  107 +
 pkg/discovery/discovery.go                    |   35 +
 pkg/discovery/discovery_test.go               |  137 +
 pkg/discovery/entry.go                        |   94 +
 pkg/discovery/file/file.go                    |  109 +
 pkg/discovery/file/file_test.go               |  114 +
 pkg/discovery/generator.go                    |   35 +
 pkg/discovery/generator_test.go               |   53 +
 pkg/discovery/kv/kv.go                        |  192 +
 pkg/discovery/kv/kv_test.go                   |  324 +
 pkg/discovery/memory/memory.go                |   83 +
 pkg/discovery/memory/memory_test.go           |   48 +
 pkg/discovery/nodes/nodes.go                  |   54 +
 pkg/discovery/nodes/nodes_test.go             |   51 +
 pkg/filenotify/filenotify.go                  |   40 +
 pkg/filenotify/fsnotify.go                    |   18 +
 pkg/filenotify/poller.go                      |  204 +
 pkg/filenotify/poller_test.go                 |  119 +
 pkg/fileutils/fileutils.go                    |  283 +
 pkg/fileutils/fileutils_test.go               |  585 ++
 pkg/fileutils/fileutils_unix.go               |   22 +
 pkg/fileutils/fileutils_windows.go            |    7 +
 pkg/gitutils/gitutils.go                      |  100 +
 pkg/gitutils/gitutils_test.go                 |  204 +
 pkg/graphdb/conn_sqlite3.go                   |   15 +
 pkg/graphdb/conn_sqlite3_unix.go              |    7 +
 pkg/graphdb/conn_sqlite3_windows.go           |    7 +
 pkg/graphdb/conn_unsupported.go               |    8 +
 pkg/graphdb/graphdb.go                        |  551 ++
 pkg/graphdb/graphdb_test.go                   |  721 ++
 pkg/graphdb/sort.go                           |   27 +
 pkg/graphdb/sort_test.go                      |   29 +
 pkg/graphdb/utils.go                          |   32 +
 pkg/homedir/homedir.go                        |   39 +
 pkg/homedir/homedir_test.go                   |   24 +
 pkg/httputils/httputils.go                    |   56 +
 pkg/httputils/httputils_test.go               |  115 +
 pkg/httputils/mimetype.go                     |   30 +
 pkg/httputils/mimetype_test.go                |   13 +
 pkg/httputils/resumablerequestreader.go       |   95 +
 pkg/httputils/resumablerequestreader_test.go  |  307 +
 pkg/idtools/idtools.go                        |  197 +
 pkg/idtools/idtools_unix.go                   |   60 +
 pkg/idtools/idtools_unix_test.go              |  271 +
 pkg/idtools/idtools_windows.go                |   18 +
 pkg/idtools/usergroupadd_linux.go             |  188 +
 pkg/idtools/usergroupadd_unsupported.go       |   12 +
 pkg/integration/checker/checker.go            |   46 +
 pkg/integration/dockerCmd_utils.go            |   78 +
 pkg/integration/dockerCmd_utils_test.go       |  405 +
 pkg/integration/utils.go                      |  361 +
 pkg/integration/utils_test.go                 |  570 ++
 pkg/ioutils/bytespipe.go                      |  156 +
 pkg/ioutils/bytespipe_test.go                 |  158 +
 pkg/ioutils/fmt.go                            |   22 +
 pkg/ioutils/fmt_test.go                       |   17 +
 pkg/ioutils/multireader.go                    |  226 +
 pkg/ioutils/multireader_test.go               |  149 +
 pkg/ioutils/readers.go                        |  154 +
 pkg/ioutils/readers_test.go                   |   94 +
 pkg/ioutils/scheduler.go                      |    6 +
 pkg/ioutils/scheduler_gccgo.go                |   13 +
 pkg/ioutils/temp_unix.go                      |   10 +
 pkg/ioutils/temp_windows.go                   |   18 +
 pkg/ioutils/writeflusher.go                   |   92 +
 pkg/ioutils/writers.go                        |   66 +
 pkg/ioutils/writers_test.go                   |   65 +
 pkg/jsonlog/jsonlog.go                        |   40 +
 pkg/jsonlog/jsonlog_marshalling.go            |  178 +
 pkg/jsonlog/jsonlog_marshalling_test.go       |   34 +
 pkg/jsonlog/jsonlogbytes.go                   |  122 +
 pkg/jsonlog/jsonlogbytes_test.go              |   39 +
 pkg/jsonlog/time_marshalling.go               |   27 +
 pkg/jsonlog/time_marshalling_test.go          |   47 +
 pkg/jsonmessage/jsonmessage.go                |  221 +
 pkg/jsonmessage/jsonmessage_test.go           |  231 +
 pkg/locker/README.md                          |   65 +
 pkg/locker/locker.go                          |  112 +
 pkg/locker/locker_test.go                     |  124 +
 pkg/longpath/longpath.go                      |   26 +
 pkg/longpath/longpath_test.go                 |   22 +
 pkg/loopback/attach_loopback.go               |  137 +
 pkg/loopback/ioctl.go                         |   53 +
 pkg/loopback/loop_wrapper.go                  |   52 +
 pkg/loopback/loopback.go                      |   63 +
 pkg/mflag/LICENSE                             |   27 +
 pkg/mflag/README.md                           |   40 +
 pkg/mflag/example/example.go                  |   36 +
 pkg/mflag/flag.go                             | 1280 +++
 pkg/mflag/flag_test.go                        |  527 ++
 pkg/mount/flags.go                            |   92 +
 pkg/mount/flags_freebsd.go                    |   48 +
 pkg/mount/flags_linux.go                      |   85 +
 pkg/mount/flags_unsupported.go                |   30 +
 pkg/mount/mount.go                            |   74 +
 pkg/mount/mount_unix_test.go                  |  139 +
 pkg/mount/mounter_freebsd.go                  |   59 +
 pkg/mount/mounter_linux.go                    |   21 +
 pkg/mount/mounter_unsupported.go              |   11 +
 pkg/mount/mountinfo.go                        |   40 +
 pkg/mount/mountinfo_freebsd.go                |   41 +
 pkg/mount/mountinfo_linux.go                  |   95 +
 pkg/mount/mountinfo_linux_test.go             |  476 ++
 pkg/mount/mountinfo_unsupported.go            |   12 +
 pkg/mount/mountinfo_windows.go                |    6 +
 pkg/mount/sharedsubtree_linux.go              |   69 +
 pkg/mount/sharedsubtree_linux_test.go         |  331 +
 .../cmd/names-generator/main.go               |   11 +
 pkg/namesgenerator/names-generator.go         |  524 ++
 pkg/namesgenerator/names-generator_test.go    |   45 +
 pkg/parsers/kernel/kernel.go                  |  100 +
 pkg/parsers/kernel/kernel_unix_test.go        |   96 +
 pkg/parsers/kernel/kernel_windows.go          |   67 +
 pkg/parsers/kernel/uname_linux.go             |   19 +
 pkg/parsers/kernel/uname_unsupported.go       |   18 +
 .../operatingsystem_freebsd.go                |   18 +
 .../operatingsystem/operatingsystem_linux.go  |   77 +
 .../operatingsystem_unix_test.go              |  247 +
 .../operatingsystem_windows.go                |   49 +
 pkg/parsers/parsers.go                        |   69 +
 pkg/parsers/parsers_test.go                   |   70 +
 pkg/pidfile/pidfile.go                        |   50 +
 pkg/pidfile/pidfile_test.go                   |   32 +
 pkg/platform/architecture_freebsd.go          |   15 +
 pkg/platform/architecture_linux.go            |   16 +
 pkg/platform/architecture_windows.go          |   52 +
 pkg/platform/platform.go                      |   23 +
 pkg/platform/utsname_int8.go                  |   18 +
 pkg/platform/utsname_uint8.go                 |   18 +
 pkg/plugins/client.go                         |  186 +
 pkg/plugins/client_test.go                    |  134 +
 pkg/plugins/discovery.go                      |  132 +
 pkg/plugins/discovery_test.go                 |  119 +
 pkg/plugins/discovery_unix_test.go            |   61 +
 pkg/plugins/errors.go                         |   33 +
 pkg/plugins/pluginrpc-gen/README.md           |   68 +
 pkg/plugins/pluginrpc-gen/fixtures/foo.go     |   41 +
 pkg/plugins/pluginrpc-gen/main.go             |   91 +
 pkg/plugins/pluginrpc-gen/parser.go           |  163 +
 pkg/plugins/pluginrpc-gen/parser_test.go      |  168 +
 pkg/plugins/pluginrpc-gen/template.go         |   97 +
 pkg/plugins/plugins.go                        |  257 +
 pkg/plugins/transport/http.go                 |   36 +
 pkg/plugins/transport/transport.go            |   36 +
 pkg/pools/pools.go                            |  119 +
 pkg/pools/pools_test.go                       |  161 +
 pkg/progress/progress.go                      |   73 +
 pkg/progress/progressreader.go                |   59 +
 pkg/progress/progressreader_test.go           |   75 +
 pkg/promise/promise.go                        |   11 +
 pkg/proxy/network_proxy_test.go               |  216 +
 pkg/proxy/proxy.go                            |   37 +
 pkg/proxy/stub_proxy.go                       |   31 +
 pkg/proxy/tcp_proxy.go                        |   99 +
 pkg/proxy/udp_proxy.go                        |  169 +
 pkg/pubsub/publisher.go                       |  111 +
 pkg/pubsub/publisher_test.go                  |  142 +
 pkg/random/random.go                          |   71 +
 pkg/random/random_test.go                     |   22 +
 pkg/reexec/README.md                          |    5 +
 pkg/reexec/command_freebsd.go                 |   23 +
 pkg/reexec/command_linux.go                   |   28 +
 pkg/reexec/command_unsupported.go             |   12 +
 pkg/reexec/command_windows.go                 |   23 +
 pkg/reexec/reexec.go                          |   47 +
 pkg/registrar/registrar.go                    |  127 +
 pkg/registrar/registrar_test.go               |  119 +
 pkg/signal/README.md                          |    1 +
 pkg/signal/signal.go                          |   54 +
 pkg/signal/signal_darwin.go                   |   41 +
 pkg/signal/signal_freebsd.go                  |   43 +
 pkg/signal/signal_linux.go                    |   80 +
 pkg/signal/signal_unix.go                     |   21 +
 pkg/signal/signal_unsupported.go              |   10 +
 pkg/signal/signal_windows.go                  |   28 +
 pkg/signal/trap.go                            |   74 +
 pkg/stdcopy/stdcopy.go                        |  178 +
 pkg/stdcopy/stdcopy_test.go                   |  260 +
 pkg/streamformatter/streamformatter.go        |  172 +
 pkg/streamformatter/streamformatter_test.go   |  104 +
 pkg/stringid/README.md                        |    1 +
 pkg/stringid/stringid.go                      |   71 +
 pkg/stringid/stringid_test.go                 |   56 +
 pkg/stringutils/README.md                     |    1 +
 pkg/stringutils/stringutils.go                |   87 +
 pkg/stringutils/stringutils_test.go           |  105 +
 pkg/symlink/LICENSE.APACHE                    |  191 +
 pkg/symlink/LICENSE.BSD                       |   27 +
 pkg/symlink/README.md                         |    6 +
 pkg/symlink/fs.go                             |  143 +
 pkg/symlink/fs_unix.go                        |   11 +
 pkg/symlink/fs_unix_test.go                   |  407 +
 pkg/symlink/fs_windows.go                     |  155 +
 pkg/sysinfo/README.md                         |    1 +
 pkg/sysinfo/sysinfo.go                        |  128 +
 pkg/sysinfo/sysinfo_freebsd.go                |    7 +
 pkg/sysinfo/sysinfo_linux.go                  |  246 +
 pkg/sysinfo/sysinfo_linux_test.go             |   58 +
 pkg/sysinfo/sysinfo_test.go                   |   26 +
 pkg/sysinfo/sysinfo_windows.go                |    7 +
 pkg/system/chtimes.go                         |   52 +
 pkg/system/chtimes_test.go                    |   94 +
 pkg/system/chtimes_unix.go                    |   14 +
 pkg/system/chtimes_unix_test.go               |   91 +
 pkg/system/chtimes_windows.go                 |   27 +
 pkg/system/chtimes_windows_test.go            |   86 +
 pkg/system/errors.go                          |   10 +
 pkg/system/events_windows.go                  |   83 +
 pkg/system/filesys.go                         |   19 +
 pkg/system/filesys_windows.go                 |   82 +
 pkg/system/lstat.go                           |   19 +
 pkg/system/lstat_unix_test.go                 |   30 +
 pkg/system/lstat_windows.go                   |   25 +
 pkg/system/meminfo.go                         |   17 +
 pkg/system/meminfo_linux.go                   |   65 +
 pkg/system/meminfo_unix_test.go               |   40 +
 pkg/system/meminfo_unsupported.go             |    8 +
 pkg/system/meminfo_windows.go                 |   44 +
 pkg/system/mknod.go                           |   22 +
 pkg/system/mknod_windows.go                   |   13 +
 pkg/system/path_unix.go                       |    8 +
 pkg/system/path_windows.go                    |    7 +
 pkg/system/stat.go                            |   53 +
 pkg/system/stat_freebsd.go                    |   27 +
 pkg/system/stat_linux.go                      |   33 +
 pkg/system/stat_openbsd.go                    |   15 +
 pkg/system/stat_solaris.go                    |   17 +
 pkg/system/stat_unix_test.go                  |   39 +
 pkg/system/stat_unsupported.go                |   17 +
 pkg/system/stat_windows.go                    |   43 +
 pkg/system/syscall_unix.go                    |   17 +
 pkg/system/syscall_windows.go                 |   60 +
 pkg/system/umask.go                           |   13 +
 pkg/system/umask_windows.go                   |    9 +
 pkg/system/utimes_darwin.go                   |    8 +
 pkg/system/utimes_freebsd.go                  |   22 +
 pkg/system/utimes_linux.go                    |   26 +
 pkg/system/utimes_unix_test.go                |   68 +
 pkg/system/utimes_unsupported.go              |   10 +
 pkg/system/xattrs_linux.go                    |   63 +
 pkg/system/xattrs_unsupported.go              |   13 +
 pkg/tailfile/tailfile.go                      |   66 +
 pkg/tailfile/tailfile_test.go                 |  148 +
 pkg/tarsum/builder_context.go                 |   21 +
 pkg/tarsum/builder_context_test.go            |   63 +
 pkg/tarsum/fileinfosums.go                    |  126 +
 pkg/tarsum/fileinfosums_test.go               |   62 +
 pkg/tarsum/tarsum.go                          |  294 +
 pkg/tarsum/tarsum_spec.md                     |  230 +
 pkg/tarsum/tarsum_test.go                     |  656 ++
 .../json                                      |    1 +
 .../layer.tar                                 |  Bin 0 -> 9216 bytes
 .../json                                      |    1 +
 .../layer.tar                                 |  Bin 0 -> 1536 bytes
 pkg/tarsum/testdata/collision/collision-0.tar |  Bin 0 -> 10240 bytes
 pkg/tarsum/testdata/collision/collision-1.tar |  Bin 0 -> 10240 bytes
 pkg/tarsum/testdata/collision/collision-2.tar |  Bin 0 -> 10240 bytes
 pkg/tarsum/testdata/collision/collision-3.tar |  Bin 0 -> 10240 bytes
 pkg/tarsum/testdata/xattr/json                |    1 +
 pkg/tarsum/testdata/xattr/layer.tar           |  Bin 0 -> 2560 bytes
 pkg/tarsum/versioning.go                      |  150 +
 pkg/tarsum/versioning_test.go                 |   98 +
 pkg/tarsum/writercloser.go                    |   22 +
 pkg/term/ascii.go                             |   66 +
 pkg/term/ascii_test.go                        |   43 +
 pkg/term/tc_linux_cgo.go                      |   50 +
 pkg/term/tc_other.go                          |   19 +
 pkg/term/term.go                              |  131 +
 pkg/term/term_windows.go                      |  305 +
 pkg/term/termios_darwin.go                    |   69 +
 pkg/term/termios_freebsd.go                   |   69 +
 pkg/term/termios_linux.go                     |   47 +
 pkg/term/termios_openbsd.go                   |   69 +
 pkg/term/windows/ansi_reader.go               |  257 +
 pkg/term/windows/ansi_writer.go               |   76 +
 pkg/term/windows/console.go                   |   97 +
 pkg/term/windows/windows.go                   |    5 +
 pkg/term/windows/windows_test.go              |    3 +
 pkg/tlsconfig/config.go                       |  133 +
 pkg/truncindex/truncindex.go                  |  137 +
 pkg/truncindex/truncindex_test.go             |  429 +
 pkg/urlutil/urlutil.go                        |   50 +
 pkg/urlutil/urlutil_test.go                   |   69 +
 pkg/useragent/README.md                       |    1 +
 pkg/useragent/useragent.go                    |   55 +
 pkg/useragent/useragent_test.go               |   31 +
 pkg/version/version.go                        |   68 +
 pkg/version/version_test.go                   |   27 +
 profiles/apparmor/apparmor.go                 |  115 +
 profiles/apparmor/template.go                 |   46 +
 profiles/seccomp/default.json                 | 1628 ++++
 profiles/seccomp/fixtures/example.json        |   27 +
 profiles/seccomp/generate.go                  |   32 +
 profiles/seccomp/seccomp.go                   |   74 +
 profiles/seccomp/seccomp_default.go           | 1659 ++++
 profiles/seccomp/seccomp_test.go              |   28 +
 profiles/seccomp/seccomp_unsupported.go       |   10 +
 project/ARM.md                                |   45 +
 project/BRANCHES-AND-TAGS.md                  |   35 +
 project/CONTRIBUTORS.md                       |    1 +
 project/GOVERNANCE.md                         |   17 +
 project/IRC-ADMINISTRATION.md                 |   37 +
 project/ISSUE-TRIAGE.md                       |   91 +
 project/PACKAGE-REPO-MAINTENANCE.md           |   74 +
 project/PACKAGERS.md                          |  308 +
 project/PATCH-RELEASES.md                     |   68 +
 project/PRINCIPLES.md                         |   19 +
 project/README.md                             |   24 +
 project/RELEASE-CHECKLIST.md                  |  512 ++
 project/RELEASE-PROCESS.md                    |   78 +
 project/REVIEWING.md                          |  195 +
 project/TOOLS.md                              |   63 +
 reference/reference.go                        |  211 +
 reference/reference_test.go                   |  275 +
 reference/store.go                            |  298 +
 reference/store_test.go                       |  356 +
 registry/auth.go                              |  262 +
 registry/auth_test.go                         |  120 +
 registry/config.go                            |  274 +
 registry/config_test.go                       |   49 +
 registry/config_unix.go                       |   16 +
 registry/config_windows.go                    |   18 +
 registry/endpoint_test.go                     |   78 +
 registry/endpoint_v1.go                       |  198 +
 registry/reference.go                         |   68 +
 registry/registry.go                          |  180 +
 registry/registry_mock_test.go                |  476 ++
 registry/registry_test.go                     |  873 +++
 registry/service.go                           |  205 +
 registry/service_v1.go                        |   53 +
 registry/service_v2.go                        |   79 +
 registry/session.go                           |  770 ++
 registry/types.go                             |   70 +
 restartmanager/restartmanager.go              |  131 +
 restartmanager/restartmanager_test.go         |   34 +
 runconfig/compare.go                          |   61 +
 runconfig/compare_test.go                     |  126 +
 runconfig/config.go                           |   71 +
 runconfig/config_test.go                      |  134 +
 runconfig/config_unix.go                      |   59 +
 runconfig/config_windows.go                   |   19 +
 runconfig/errors.go                           |   40 +
 .../fixtures/unix/container_config_1_14.json  |   30 +
 .../fixtures/unix/container_config_1_17.json  |   50 +
 .../fixtures/unix/container_config_1_19.json  |   58 +
 .../unix/container_hostconfig_1_14.json       |   18 +
 .../unix/container_hostconfig_1_19.json       |   30 +
 .../windows/container_config_1_19.json        |   58 +
 runconfig/hostconfig.go                       |   35 +
 runconfig/hostconfig_test.go                  |  222 +
 runconfig/hostconfig_unix.go                  |   89 +
 runconfig/hostconfig_windows.go               |   46 +
 runconfig/opts/envfile.go                     |   67 +
 runconfig/opts/envfile_test.go                |  142 +
 runconfig/opts/fixtures/valid.env             |    1 +
 runconfig/opts/fixtures/valid.label           |    1 +
 runconfig/opts/opts.go                        |   70 +
 runconfig/opts/opts_test.go                   |  108 +
 runconfig/opts/parse.go                       |  766 ++
 runconfig/opts/parse_test.go                  |  839 ++
 runconfig/opts/throttledevice.go              |  108 +
 runconfig/opts/ulimit.go                      |   52 +
 runconfig/opts/ulimit_test.go                 |   42 +
 runconfig/opts/weightdevice.go                |   84 +
 runconfig/streams.go                          |  109 +
 utils/debug.go                                |   26 +
 utils/debug_test.go                           |   43 +
 utils/experimental.go                         |    9 +
 utils/names.go                                |   12 +
 utils/process_unix.go                         |   22 +
 utils/process_windows.go                      |   20 +
 utils/stubs.go                                |    9 +
 utils/templates/templates.go                  |   33 +
 utils/templates/templates_test.go             |   38 +
 utils/utils.go                                |   87 +
 utils/utils_test.go                           |   21 +
 .../src/github.com/docker/notary/.gitignore   |   11 +
 .../src/github.com/docker/notary/CHANGELOG.md |   26 +
 .../github.com/docker/notary/CONTRIBUTING.md  |   85 +
 .../src/github.com/docker/notary/CONTRIBUTORS |    4 +
 .../src/github.com/docker/notary/Dockerfile   |   15 +
 vendor/src/github.com/docker/notary/LICENSE   |  201 +
 .../src/github.com/docker/notary/MAINTAINERS  |   58 +
 vendor/src/github.com/docker/notary/Makefile  |  204 +
 .../github.com/docker/notary/NOTARY_VERSION   |    1 +
 vendor/src/github.com/docker/notary/README.md |  194 +
 .../src/github.com/docker/notary/ROADMAP.md   |    7 +
 .../github.com/docker/notary/certs/certs.go   |  280 +
 .../src/github.com/docker/notary/circle.yml   |   82 +
 .../docker/notary/client/changelist/change.go |  101 +
 .../notary/client/changelist/changelist.go    |   59 +
 .../client/changelist/file_changelist.go      |  176 +
 .../notary/client/changelist/interface.go     |   70 +
 .../github.com/docker/notary/client/client.go |  965 +++
 .../docker/notary/client/delegations.go       |  294 +
 .../docker/notary/client/helpers.go           |  237 +
 .../github.com/docker/notary/client/repo.go   |   27 +
 .../docker/notary/client/repo_pkcs11.go       |   33 +
 vendor/src/github.com/docker/notary/const.go  |   61 +
 .../src/github.com/docker/notary/coverpkg.sh  |   10 +
 .../notary/cryptoservice/certificate.go       |   48 +
 .../notary/cryptoservice/crypto_service.go    |  155 +
 .../notary/cryptoservice/import_export.go     |  313 +
 .../docker/notary/docker-compose.yml          |   34 +
 .../docker/notary/passphrase/passphrase.go    |  201 +
 .../docker/notary/server.Dockerfile           |   28 +
 .../docker/notary/signer.Dockerfile           |   30 +
 .../docker/notary/trustmanager/filestore.go   |  191 +
 .../notary/trustmanager/keyfilestore.go       |  497 ++
 .../docker/notary/trustmanager/keystore.go    |   57 +
 .../docker/notary/trustmanager/memorystore.go |   67 +
 .../docker/notary/trustmanager/store.go       |   52 +
 .../notary/trustmanager/x509filestore.go      |  276 +
 .../notary/trustmanager/x509memstore.go       |  203 +
 .../docker/notary/trustmanager/x509store.go   |  144 +
 .../docker/notary/trustmanager/x509utils.go   |  613 ++
 .../notary/trustmanager/yubikey/non_pkcs11.go |    9 +
 .../trustmanager/yubikey/pkcs11_darwin.go     |    9 +
 .../trustmanager/yubikey/pkcs11_interface.go  |   40 +
 .../trustmanager/yubikey/pkcs11_linux.go      |   10 +
 .../trustmanager/yubikey/yubikeystore.go      |  888 +++
 .../src/github.com/docker/notary/tuf/LICENSE  |   30 +
 .../github.com/docker/notary/tuf/README.md    |   36 +
 .../docker/notary/tuf/client/client.go        |  546 ++
 .../docker/notary/tuf/client/errors.go        |   23 +
 .../docker/notary/tuf/data/errors.go          |   22 +
 .../github.com/docker/notary/tuf/data/keys.go |  528 ++
 .../docker/notary/tuf/data/roles.go           |  297 +
 .../github.com/docker/notary/tuf/data/root.go |  161 +
 .../docker/notary/tuf/data/serializer.go      |   36 +
 .../docker/notary/tuf/data/snapshot.go        |  163 +
 .../docker/notary/tuf/data/targets.go         |  194 +
 .../docker/notary/tuf/data/timestamp.go       |  132 +
 .../docker/notary/tuf/data/types.go           |  275 +
 .../docker/notary/tuf/signed/ed25519.go       |  107 +
 .../docker/notary/tuf/signed/errors.go        |   72 +
 .../docker/notary/tuf/signed/interface.go     |   46 +
 .../docker/notary/tuf/signed/sign.go          |  103 +
 .../docker/notary/tuf/signed/verifiers.go     |  283 +
 .../docker/notary/tuf/signed/verify.go        |  155 +
 .../docker/notary/tuf/store/errors.go         |   13 +
 .../docker/notary/tuf/store/filestore.go      |  101 +
 .../docker/notary/tuf/store/httpstore.go      |  296 +
 .../docker/notary/tuf/store/interfaces.go     |   28 +
 .../docker/notary/tuf/store/memorystore.go    |  106 +
 .../docker/notary/tuf/store/offlinestore.go   |   53 +
 .../src/github.com/docker/notary/tuf/tuf.go   |  926 +++
 .../docker/notary/tuf/utils/role_sort.go      |   31 +
 .../docker/notary/tuf/utils/stack.go          |   85 +
 .../docker/notary/tuf/utils/util.go           |  109 +
 .../docker/notary/tuf/utils/utils.go          |  152 +
 .../docker/notary/tuf/validation/errors.go    |  126 +
 volume/drivers/adapter.go                     |  106 +
 volume/drivers/extpoint.go                    |  164 +
 volume/drivers/extpoint_test.go               |   23 +
 volume/drivers/proxy.go                       |  207 +
 volume/drivers/proxy_test.go                  |  122 +
 volume/local/local.go                         |  330 +
 volume/local/local_test.go                    |  249 +
 volume/local/local_unix.go                    |   69 +
 volume/local/local_windows.go                 |   34 +
 volume/store/errors.go                        |   74 +
 volume/store/store.go                         |  506 ++
 volume/store/store_test.go                    |  201 +
 volume/store/store_unix.go                    |    9 +
 volume/store/store_windows.go                 |   12 +
 volume/testutils/testutils.go                 |  105 +
 volume/volume.go                              |  133 +
 volume/volume_copy.go                         |   28 +
 volume/volume_propagation_linux.go            |   44 +
 volume/volume_propagation_linux_test.go       |   65 +
 volume/volume_propagation_unsupported.go      |   22 +
 volume/volume_test.go                         |  212 +
 volume/volume_unix.go                         |  186 +
 volume/volume_windows.go                      |  199 +
 1785 files changed, 264420 insertions(+)
 create mode 100644 .dockerignore
 create mode 100644 .github/ISSUE_TEMPLATE.md
 create mode 100644 .github/PULL_REQUEST_TEMPLATE.md
 create mode 100644 .gitignore
 create mode 100644 .mailmap
 create mode 100644 AUTHORS
 create mode 100644 CHANGELOG.md
 create mode 100644 CONTRIBUTING.md
 create mode 100644 Dockerfile
 create mode 100644 Dockerfile.aarch64
 create mode 100644 Dockerfile.armhf
 create mode 100644 Dockerfile.gccgo
 create mode 100644 Dockerfile.ppc64le
 create mode 100644 Dockerfile.s390x
 create mode 100644 Dockerfile.simple
 create mode 100755 Dockerfile.windows
 create mode 100644 LICENSE
 create mode 100644 MAINTAINERS
 create mode 100644 Makefile
 create mode 100644 NOTICE
 create mode 100644 README.md
 create mode 100644 ROADMAP.md
 create mode 100644 VENDORING.md
 create mode 100644 VERSION
 create mode 100644 api/README.md
 create mode 100644 api/client/attach.go
 create mode 100644 api/client/build.go
 create mode 100644 api/client/cli.go
 create mode 100644 api/client/client.go
 create mode 100644 api/client/commit.go
 create mode 100644 api/client/cp.go
 create mode 100644 api/client/create.go
 create mode 100644 api/client/diff.go
 create mode 100644 api/client/events.go
 create mode 100644 api/client/exec.go
 create mode 100644 api/client/exec_test.go
 create mode 100644 api/client/export.go
 create mode 100644 api/client/formatter/custom.go
 create mode 100644 api/client/formatter/custom_test.go
 create mode 100644 api/client/formatter/formatter.go
 create mode 100644 api/client/formatter/formatter_test.go
 create mode 100644 api/client/hijack.go
 create mode 100644 api/client/history.go
 create mode 100644 api/client/images.go
 create mode 100644 api/client/import.go
 create mode 100644 api/client/info.go
 create mode 100644 api/client/inspect.go
 create mode 100644 api/client/inspect/inspector.go
 create mode 100644 api/client/inspect/inspector_go14.go
 create mode 100644 api/client/inspect/inspector_go15.go
 create mode 100644 api/client/inspect/inspector_test.go
 create mode 100644 api/client/kill.go
 create mode 100644 api/client/load.go
 create mode 100644 api/client/login.go
 create mode 100644 api/client/logout.go
 create mode 100644 api/client/logs.go
 create mode 100644 api/client/network.go
 create mode 100644 api/client/pause.go
 create mode 100644 api/client/port.go
 create mode 100644 api/client/ps.go
 create mode 100644 api/client/pull.go
 create mode 100644 api/client/push.go
 create mode 100644 api/client/rename.go
 create mode 100644 api/client/restart.go
 create mode 100644 api/client/rm.go
 create mode 100644 api/client/rmi.go
 create mode 100644 api/client/run.go
 create mode 100644 api/client/save.go
 create mode 100644 api/client/search.go
 create mode 100644 api/client/start.go
 create mode 100644 api/client/stats.go
 create mode 100644 api/client/stats_helpers.go
 create mode 100644 api/client/stats_unit_test.go
 create mode 100644 api/client/stop.go
 create mode 100644 api/client/tag.go
 create mode 100644 api/client/top.go
 create mode 100644 api/client/trust.go
 create mode 100644 api/client/trust_test.go
 create mode 100644 api/client/unpause.go
 create mode 100644 api/client/update.go
 create mode 100644 api/client/utils.go
 create mode 100644 api/client/version.go
 create mode 100644 api/client/volume.go
 create mode 100644 api/client/wait.go
 create mode 100644 api/common.go
 create mode 100644 api/common_test.go
 create mode 100644 api/fixtures/keyfile
 create mode 100644 api/server/httputils/errors.go
 create mode 100644 api/server/httputils/form.go
 create mode 100644 api/server/httputils/form_test.go
 create mode 100644 api/server/httputils/httputils.go
 create mode 100644 api/server/middleware.go
 create mode 100644 api/server/middleware/authorization.go
 create mode 100644 api/server/middleware/cors.go
 create mode 100644 api/server/middleware/debug.go
 create mode 100644 api/server/middleware/middleware.go
 create mode 100644 api/server/middleware/user_agent.go
 create mode 100644 api/server/middleware/version.go
 create mode 100644 api/server/middleware/version_test.go
 create mode 100644 api/server/profiler.go
 create mode 100644 api/server/router/build/backend.go
 create mode 100644 api/server/router/build/build.go
 create mode 100644 api/server/router/build/build_routes.go
 create mode 100644 api/server/router/container/backend.go
 create mode 100644 api/server/router/container/container.go
 create mode 100644 api/server/router/container/container_routes.go
 create mode 100644 api/server/router/container/copy.go
 create mode 100644 api/server/router/container/exec.go
 create mode 100644 api/server/router/container/inspect.go
 create mode 100644 api/server/router/image/backend.go
 create mode 100644 api/server/router/image/image.go
 create mode 100644 api/server/router/image/image_routes.go
 create mode 100644 api/server/router/local.go
 create mode 100644 api/server/router/network/backend.go
 create mode 100644 api/server/router/network/filter.go
 create mode 100644 api/server/router/network/network.go
 create mode 100644 api/server/router/network/network_routes.go
 create mode 100644 api/server/router/router.go
 create mode 100644 api/server/router/system/backend.go
 create mode 100644 api/server/router/system/system.go
 create mode 100644 api/server/router/system/system_routes.go
 create mode 100644 api/server/router/volume/backend.go
 create mode 100644 api/server/router/volume/volume.go
 create mode 100644 api/server/router/volume/volume_routes.go
 create mode 100644 api/server/router_swapper.go
 create mode 100644 api/server/server.go
 create mode 100644 api/server/server_test.go
 create mode 100644 api/types/backend/backend.go
 create mode 100644 builder/builder.go
 create mode 100644 builder/context.go
 create mode 100644 builder/context_unix.go
 create mode 100644 builder/context_windows.go
 create mode 100644 builder/dockerfile/bflag.go
 create mode 100644 builder/dockerfile/bflag_test.go
 create mode 100644 builder/dockerfile/builder.go
 create mode 100644 builder/dockerfile/command/command.go
 create mode 100644 builder/dockerfile/dispatchers.go
 create mode 100644 builder/dockerfile/envVarTest
 create mode 100644 builder/dockerfile/evaluator.go
 create mode 100644 builder/dockerfile/internals.go
 create mode 100644 builder/dockerfile/parser/dumper/main.go
 create mode 100644 builder/dockerfile/parser/json_test.go
 create mode 100644 builder/dockerfile/parser/line_parsers.go
 create mode 100644 builder/dockerfile/parser/parser.go
 create mode 100644 builder/dockerfile/parser/parser_test.go
 create mode 100644 builder/dockerfile/parser/testfile-line/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles-negative/env_no_value/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles-negative/shykes-nested-json/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/ADD-COPY-with-JSON/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/ADD-COPY-with-JSON/result
 create mode 100644 builder/dockerfile/parser/testfiles/brimstone-consuldock/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/brimstone-consuldock/result
 create mode 100644 builder/dockerfile/parser/testfiles/brimstone-docker-consul/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/brimstone-docker-consul/result
 create mode 100644 builder/dockerfile/parser/testfiles/continueIndent/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/continueIndent/result
 create mode 100644 builder/dockerfile/parser/testfiles/cpuguy83-nagios/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/cpuguy83-nagios/result
 create mode 100644 builder/dockerfile/parser/testfiles/docker/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/docker/result
 create mode 100644 builder/dockerfile/parser/testfiles/env/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/env/result
 create mode 100644 builder/dockerfile/parser/testfiles/escapes/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/escapes/result
 create mode 100644 builder/dockerfile/parser/testfiles/flags/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/flags/result
 create mode 100644 builder/dockerfile/parser/testfiles/influxdb/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/influxdb/result
 create mode 100644 builder/dockerfile/parser/testfiles/jeztah-invalid-json-json-inside-string-double/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/jeztah-invalid-json-json-inside-string-double/result
 create mode 100644 builder/dockerfile/parser/testfiles/jeztah-invalid-json-json-inside-string/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/jeztah-invalid-json-json-inside-string/result
 create mode 100644 builder/dockerfile/parser/testfiles/jeztah-invalid-json-single-quotes/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/jeztah-invalid-json-single-quotes/result
 create mode 100644 builder/dockerfile/parser/testfiles/jeztah-invalid-json-unterminated-bracket/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/jeztah-invalid-json-unterminated-bracket/result
 create mode 100644 builder/dockerfile/parser/testfiles/jeztah-invalid-json-unterminated-string/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/jeztah-invalid-json-unterminated-string/result
 create mode 100644 builder/dockerfile/parser/testfiles/json/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/json/result
 create mode 100644 builder/dockerfile/parser/testfiles/kartar-entrypoint-oddities/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/kartar-entrypoint-oddities/result
 create mode 100644 builder/dockerfile/parser/testfiles/lk4d4-the-edge-case-generator/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/lk4d4-the-edge-case-generator/result
 create mode 100644 builder/dockerfile/parser/testfiles/mail/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/mail/result
 create mode 100644 builder/dockerfile/parser/testfiles/multiple-volumes/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/multiple-volumes/result
 create mode 100644 builder/dockerfile/parser/testfiles/mumble/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/mumble/result
 create mode 100644 builder/dockerfile/parser/testfiles/nginx/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/nginx/result
 create mode 100644 builder/dockerfile/parser/testfiles/tf2/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/tf2/result
 create mode 100644 builder/dockerfile/parser/testfiles/weechat/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/weechat/result
 create mode 100644 builder/dockerfile/parser/testfiles/znc/Dockerfile
 create mode 100644 builder/dockerfile/parser/testfiles/znc/result
 create mode 100644 builder/dockerfile/parser/utils.go
 create mode 100644 builder/dockerfile/shell_parser.go
 create mode 100644 builder/dockerfile/shell_parser_test.go
 create mode 100644 builder/dockerfile/support.go
 create mode 100644 builder/dockerfile/wordsTest
 create mode 100644 builder/dockerignore.go
 create mode 100644 builder/dockerignore/dockerignore.go
 create mode 100644 builder/dockerignore/dockerignore_test.go
 create mode 100644 builder/git.go
 create mode 100644 builder/remote.go
 create mode 100644 builder/remote_test.go
 create mode 100644 builder/tarsum.go
 create mode 100644 cli/cli.go
 create mode 100644 cli/client.go
 create mode 100644 cli/common.go
 create mode 100644 cliconfig/config.go
 create mode 100644 cliconfig/config_test.go
 create mode 100644 cliconfig/credentials/credentials.go
 create mode 100644 cliconfig/credentials/default_store.go
 create mode 100644 cliconfig/credentials/default_store_darwin.go
 create mode 100644 cliconfig/credentials/default_store_linux.go
 create mode 100644 cliconfig/credentials/default_store_unsupported.go
 create mode 100644 cliconfig/credentials/default_store_windows.go
 create mode 100644 cliconfig/credentials/file_store.go
 create mode 100644 cliconfig/credentials/file_store_test.go
 create mode 100644 cliconfig/credentials/native_store.go
 create mode 100644 cliconfig/credentials/native_store_test.go
 create mode 100644 cliconfig/credentials/shell_command.go
 create mode 100644 container/archive.go
 create mode 100644 container/container.go
 create mode 100644 container/container_unit_test.go
 create mode 100644 container/container_unix.go
 create mode 100644 container/container_windows.go
 create mode 100644 container/history.go
 create mode 100644 container/memory_store.go
 create mode 100644 container/memory_store_test.go
 create mode 100644 container/monitor.go
 create mode 100644 container/mounts_unix.go
 create mode 100644 container/mounts_windows.go
 create mode 100644 container/state.go
 create mode 100644 container/state_test.go
 create mode 100644 container/state_unix.go
 create mode 100644 container/state_windows.go
 create mode 100644 container/store.go
 create mode 100644 contrib/README.md
 create mode 100644 contrib/REVIEWERS
 create mode 100644 contrib/apparmor/main.go
 create mode 100644 contrib/apparmor/template.go
 create mode 100644 contrib/builder/deb/amd64/README.md
 create mode 100755 contrib/builder/deb/amd64/build.sh
 create mode 100644 contrib/builder/deb/amd64/debian-jessie/Dockerfile
 create mode 100644 contrib/builder/deb/amd64/debian-stretch/Dockerfile
 create mode 100644 contrib/builder/deb/amd64/debian-wheezy/Dockerfile
 create mode 100755 contrib/builder/deb/amd64/generate.sh
 create mode 100644 contrib/builder/deb/amd64/ubuntu-precise/Dockerfile
 create mode 100644 contrib/builder/deb/amd64/ubuntu-trusty/Dockerfile
 create mode 100644 contrib/builder/deb/amd64/ubuntu-wily/Dockerfile
 create mode 100644 contrib/builder/deb/amd64/ubuntu-xenial/Dockerfile
 create mode 100644 contrib/builder/deb/armhf/debian-jessie/Dockerfile
 create mode 100644 contrib/builder/rpm/amd64/README.md
 create mode 100755 contrib/builder/rpm/amd64/build.sh
 create mode 100644 contrib/builder/rpm/amd64/centos-7/Dockerfile
 create mode 100644 contrib/builder/rpm/amd64/fedora-22/Dockerfile
 create mode 100644 contrib/builder/rpm/amd64/fedora-23/Dockerfile
 create mode 100755 contrib/builder/rpm/amd64/generate.sh
 create mode 100644 contrib/builder/rpm/amd64/opensuse-13.2/Dockerfile
 create mode 100644 contrib/builder/rpm/amd64/oraclelinux-6/Dockerfile
 create mode 100644 contrib/builder/rpm/amd64/oraclelinux-7/Dockerfile
 create mode 100755 contrib/check-config.sh
 create mode 100644 contrib/completion/REVIEWERS
 create mode 100644 contrib/completion/bash/docker
 create mode 100644 contrib/completion/fish/docker.fish
 create mode 100644 contrib/completion/powershell/posh-docker.psm1
 create mode 100644 contrib/completion/zsh/REVIEWERS
 create mode 100644 contrib/completion/zsh/_docker
 create mode 100644 contrib/desktop-integration/README.md
 create mode 100644 contrib/desktop-integration/chromium/Dockerfile
 create mode 100644 contrib/desktop-integration/gparted/Dockerfile
 create mode 100644 contrib/docker-device-tool/device_tool.go
 create mode 100644 contrib/docker-device-tool/device_tool_windows.go
 create mode 100644 contrib/docker-engine-selinux/LICENSE
 create mode 100644 contrib/docker-engine-selinux/Makefile
 create mode 100644 contrib/docker-engine-selinux/docker.fc
 create mode 100644 contrib/docker-engine-selinux/docker.if
 create mode 100644 contrib/docker-engine-selinux/docker.te
 create mode 100644 contrib/docker-engine-selinux/docker_selinux.8.gz
 create mode 100755 contrib/dockerize-disk.sh
 create mode 100755 contrib/download-frozen-image-v1.sh
 create mode 100755 contrib/download-frozen-image-v2.sh
 create mode 100644 contrib/httpserver/Dockerfile
 create mode 100644 contrib/httpserver/server.go
 create mode 100644 contrib/init/openrc/docker.confd
 create mode 100644 contrib/init/openrc/docker.initd
 create mode 100644 contrib/init/systemd/REVIEWERS
 create mode 100644 contrib/init/systemd/docker.service
 create mode 100644 contrib/init/systemd/docker.socket
 create mode 100755 contrib/init/sysvinit-debian/docker
 create mode 100644 contrib/init/sysvinit-debian/docker.default
 create mode 100755 contrib/init/sysvinit-redhat/docker
 create mode 100644 contrib/init/sysvinit-redhat/docker.sysconfig
 create mode 100644 contrib/init/upstart/REVIEWERS
 create mode 100644 contrib/init/upstart/docker.conf
 create mode 100755 contrib/mkimage-alpine.sh
 create mode 100644 contrib/mkimage-arch-pacman.conf
 create mode 100755 contrib/mkimage-arch.sh
 create mode 100644 contrib/mkimage-archarm-pacman.conf
 create mode 100755 contrib/mkimage-busybox.sh
 create mode 100755 contrib/mkimage-crux.sh
 create mode 100755 contrib/mkimage-debootstrap.sh
 create mode 100755 contrib/mkimage-rinse.sh
 create mode 100755 contrib/mkimage-yum.sh
 create mode 100755 contrib/mkimage.sh
 create mode 100755 contrib/mkimage/.febootstrap-minimize
 create mode 100755 contrib/mkimage/busybox-static
 create mode 100755 contrib/mkimage/debootstrap
 create mode 100755 contrib/mkimage/mageia-urpmi
 create mode 100755 contrib/mkimage/rinse
 create mode 100644 contrib/nnp-test/Dockerfile
 create mode 100644 contrib/nnp-test/nnp-test.c
 create mode 100755 contrib/nuke-graph-directory.sh
 create mode 100755 contrib/project-stats.sh
 create mode 100755 contrib/report-issue.sh
 create mode 100755 contrib/reprepro/suites.sh
 create mode 100644 contrib/syntax/kate/Dockerfile.xml
 create mode 100644 contrib/syntax/nano/Dockerfile.nanorc
 create mode 100644 contrib/syntax/nano/README.md
 create mode 100644 contrib/syntax/textmate/Docker.tmbundle/Preferences/Dockerfile.tmPreferences
 create mode 100644 contrib/syntax/textmate/Docker.tmbundle/Syntaxes/Dockerfile.tmLanguage
 create mode 100644 contrib/syntax/textmate/Docker.tmbundle/info.plist
 create mode 100644 contrib/syntax/textmate/README.md
 create mode 100644 contrib/syntax/textmate/REVIEWERS
 create mode 100644 contrib/syntax/vim/LICENSE
 create mode 100644 contrib/syntax/vim/README.md
 create mode 100644 contrib/syntax/vim/doc/dockerfile.txt
 create mode 100644 contrib/syntax/vim/ftdetect/dockerfile.vim
 create mode 100644 contrib/syntax/vim/syntax/dockerfile.vim
 create mode 100644 contrib/syscall-test/Dockerfile
 create mode 100644 contrib/syscall-test/acct.c
 create mode 100644 contrib/syscall-test/ns.c
 create mode 100644 contrib/syscall-test/userns.c
 create mode 100644 contrib/udev/80-docker.rules
 create mode 100644 contrib/vagrant-docker/README.md
 create mode 100644 daemon/apparmor_default.go
 create mode 100644 daemon/apparmor_default_unsupported.go
 create mode 100644 daemon/archive.go
 create mode 100644 daemon/archive_unix.go
 create mode 100644 daemon/archive_windows.go
 create mode 100644 daemon/attach.go
 create mode 100644 daemon/caps/utils_unix.go
 create mode 100644 daemon/changes.go
 create mode 100644 daemon/commit.go
 create mode 100644 daemon/config.go
 create mode 100644 daemon/config_experimental.go
 create mode 100644 daemon/config_stub.go
 create mode 100644 daemon/config_test.go
 create mode 100644 daemon/config_unix.go
 create mode 100644 daemon/config_windows.go
 create mode 100644 daemon/container_operations.go
 create mode 100644 daemon/container_operations_unix.go
 create mode 100644 daemon/container_operations_windows.go
 create mode 100644 daemon/create.go
 create mode 100644 daemon/create_unix.go
 create mode 100644 daemon/create_windows.go
 create mode 100644 daemon/daemon.go
 create mode 100644 daemon/daemon_experimental.go
 create mode 100644 daemon/daemon_linux.go
 create mode 100644 daemon/daemon_linux_test.go
 create mode 100644 daemon/daemon_stub.go
 create mode 100644 daemon/daemon_test.go
 create mode 100644 daemon/daemon_unix.go
 create mode 100644 daemon/daemon_unix_test.go
 create mode 100644 daemon/daemon_unsupported.go
 create mode 100644 daemon/daemon_windows.go
 create mode 100644 daemon/debugtrap_unix.go
 create mode 100644 daemon/debugtrap_unsupported.go
 create mode 100644 daemon/debugtrap_windows.go
 create mode 100644 daemon/delete.go
 create mode 100644 daemon/delete_test.go
 create mode 100644 daemon/discovery.go
 create mode 100644 daemon/discovery_test.go
 create mode 100644 daemon/errors.go
 create mode 100644 daemon/events.go
 create mode 100644 daemon/events/events.go
 create mode 100644 daemon/events/events_test.go
 create mode 100644 daemon/events/filter.go
 create mode 100644 daemon/events/testutils/testutils.go
 create mode 100644 daemon/events_test.go
 create mode 100644 daemon/exec.go
 create mode 100644 daemon/exec/exec.go
 create mode 100644 daemon/exec_linux.go
 create mode 100644 daemon/exec_windows.go
 create mode 100644 daemon/export.go
 create mode 100644 daemon/graphdriver/aufs/aufs.go
 create mode 100644 daemon/graphdriver/aufs/aufs_test.go
 create mode 100644 daemon/graphdriver/aufs/dirs.go
 create mode 100644 daemon/graphdriver/aufs/mount.go
 create mode 100644 daemon/graphdriver/aufs/mount_linux.go
 create mode 100644 daemon/graphdriver/aufs/mount_unsupported.go
 create mode 100644 daemon/graphdriver/btrfs/btrfs.go
 create mode 100644 daemon/graphdriver/btrfs/btrfs_test.go
 create mode 100644 daemon/graphdriver/btrfs/dummy_unsupported.go
 create mode 100644 daemon/graphdriver/btrfs/version.go
 create mode 100644 daemon/graphdriver/btrfs/version_none.go
 create mode 100644 daemon/graphdriver/btrfs/version_test.go
 create mode 100644 daemon/graphdriver/counter.go
 create mode 100644 daemon/graphdriver/devmapper/README.md
 create mode 100644 daemon/graphdriver/devmapper/deviceset.go
 create mode 100644 daemon/graphdriver/devmapper/devmapper_doc.go
 create mode 100644 daemon/graphdriver/devmapper/devmapper_test.go
 create mode 100644 daemon/graphdriver/devmapper/driver.go
 create mode 100644 daemon/graphdriver/devmapper/mount.go
 create mode 100644 daemon/graphdriver/driver.go
 create mode 100644 daemon/graphdriver/driver_freebsd.go
 create mode 100644 daemon/graphdriver/driver_linux.go
 create mode 100644 daemon/graphdriver/driver_unsupported.go
 create mode 100644 daemon/graphdriver/driver_windows.go
 create mode 100644 daemon/graphdriver/fsdiff.go
 create mode 100644 daemon/graphdriver/graphtest/graphtest_unix.go
 create mode 100644 daemon/graphdriver/graphtest/graphtest_windows.go
 create mode 100644 daemon/graphdriver/overlay/copy.go
 create mode 100644 daemon/graphdriver/overlay/overlay.go
 create mode 100644 daemon/graphdriver/overlay/overlay_test.go
 create mode 100644 daemon/graphdriver/overlay/overlay_unsupported.go
 create mode 100644 daemon/graphdriver/plugin.go
 create mode 100644 daemon/graphdriver/plugin_unsupported.go
 create mode 100644 daemon/graphdriver/proxy.go
 create mode 100644 daemon/graphdriver/register/register_aufs.go
 create mode 100644 daemon/graphdriver/register/register_btrfs.go
 create mode 100644 daemon/graphdriver/register/register_devicemapper.go
 create mode 100644 daemon/graphdriver/register/register_overlay.go
 create mode 100644 daemon/graphdriver/register/register_vfs.go
 create mode 100644 daemon/graphdriver/register/register_windows.go
 create mode 100644 daemon/graphdriver/register/register_zfs.go
 create mode 100644 daemon/graphdriver/vfs/driver.go
 create mode 100644 daemon/graphdriver/vfs/vfs_test.go
 create mode 100644 daemon/graphdriver/windows/windows.go
 create mode 100644 daemon/graphdriver/zfs/MAINTAINERS
 create mode 100644 daemon/graphdriver/zfs/zfs.go
 create mode 100644 daemon/graphdriver/zfs/zfs_freebsd.go
 create mode 100644 daemon/graphdriver/zfs/zfs_linux.go
 create mode 100644 daemon/graphdriver/zfs/zfs_test.go
 create mode 100644 daemon/graphdriver/zfs/zfs_unsupported.go
 create mode 100644 daemon/image_delete.go
 create mode 100644 daemon/images.go
 create mode 100644 daemon/import.go
 create mode 100644 daemon/info.go
 create mode 100644 daemon/inspect.go
 create mode 100644 daemon/inspect_unix.go
 create mode 100644 daemon/inspect_windows.go
 create mode 100644 daemon/kill.go
 create mode 100644 daemon/links.go
 create mode 100644 daemon/links/links.go
 create mode 100644 daemon/links/links_test.go
 create mode 100644 daemon/links_test.go
 create mode 100644 daemon/list.go
 create mode 100644 daemon/list_unix.go
 create mode 100644 daemon/list_windows.go
 create mode 100644 daemon/logdrivers_linux.go
 create mode 100644 daemon/logdrivers_windows.go
 create mode 100644 daemon/logger/awslogs/cloudwatchlogs.go
 create mode 100644 daemon/logger/awslogs/cloudwatchlogs_test.go
 create mode 100644 daemon/logger/awslogs/cwlogsiface_mock_test.go
 create mode 100644 daemon/logger/context.go
 create mode 100644 daemon/logger/copier.go
 create mode 100644 daemon/logger/copier_test.go
 create mode 100644 daemon/logger/etwlogs/etwlogs_windows.go
 create mode 100644 daemon/logger/factory.go
 create mode 100644 daemon/logger/fluentd/fluentd.go
 create mode 100644 daemon/logger/gcplogs/gcplogging.go
 create mode 100644 daemon/logger/gelf/gelf.go
 create mode 100644 daemon/logger/gelf/gelf_unsupported.go
 create mode 100644 daemon/logger/journald/journald.go
 create mode 100644 daemon/logger/journald/journald_unsupported.go
 create mode 100644 daemon/logger/journald/read.go
 create mode 100644 daemon/logger/journald/read_native.go
 create mode 100644 daemon/logger/journald/read_native_compat.go
 create mode 100644 daemon/logger/journald/read_unsupported.go
 create mode 100644 daemon/logger/jsonfilelog/jsonfilelog.go
 create mode 100644 daemon/logger/jsonfilelog/jsonfilelog_test.go
 create mode 100644 daemon/logger/jsonfilelog/read.go
 create mode 100644 daemon/logger/logger.go
 create mode 100644 daemon/logger/loggerutils/log_tag.go
 create mode 100644 daemon/logger/loggerutils/log_tag_test.go
 create mode 100644 daemon/logger/loggerutils/rotatefilewriter.go
 create mode 100644 daemon/logger/splunk/splunk.go
 create mode 100644 daemon/logger/syslog/syslog.go
 create mode 100644 daemon/logger/syslog/syslog_test.go
 create mode 100644 daemon/logger/syslog/syslog_unsupported.go
 create mode 100644 daemon/logs.go
 create mode 100644 daemon/monitor.go
 create mode 100644 daemon/monitor_linux.go
 create mode 100644 daemon/monitor_windows.go
 create mode 100644 daemon/mounts.go
 create mode 100644 daemon/network.go
 create mode 100644 daemon/network/settings.go
 create mode 100644 daemon/oci_linux.go
 create mode 100644 daemon/oci_windows.go
 create mode 100644 daemon/pause.go
 create mode 100644 daemon/rename.go
 create mode 100644 daemon/resize.go
 create mode 100644 daemon/restart.go
 create mode 100644 daemon/seccomp_disabled.go
 create mode 100644 daemon/seccomp_linux.go
 create mode 100644 daemon/selinux_linux.go
 create mode 100644 daemon/selinux_unsupported.go
 create mode 100644 daemon/start.go
 create mode 100644 daemon/stats.go
 create mode 100644 daemon/stats_collector_unix.go
 create mode 100644 daemon/stats_collector_windows.go
 create mode 100644 daemon/stop.go
 create mode 100644 daemon/top_unix.go
 create mode 100644 daemon/top_windows.go
 create mode 100644 daemon/unpause.go
 create mode 100644 daemon/update.go
 create mode 100644 daemon/update_linux.go
 create mode 100644 daemon/update_windows.go
 create mode 100644 daemon/volumes.go
 create mode 100644 daemon/volumes_unit_test.go
 create mode 100644 daemon/volumes_unix.go
 create mode 100644 daemon/volumes_windows.go
 create mode 100644 daemon/wait.go
 create mode 100644 distribution/errors.go
 create mode 100644 distribution/fixtures/validate_manifest/bad_manifest
 create mode 100644 distribution/fixtures/validate_manifest/extra_data_manifest
 create mode 100644 distribution/fixtures/validate_manifest/good_manifest
 create mode 100644 distribution/metadata/metadata.go
 create mode 100644 distribution/metadata/v1_id_service.go
 create mode 100644 distribution/metadata/v1_id_service_test.go
 create mode 100644 distribution/metadata/v2_metadata_service.go
 create mode 100644 distribution/metadata/v2_metadata_service_test.go
 create mode 100644 distribution/pull.go
 create mode 100644 distribution/pull_v1.go
 create mode 100644 distribution/pull_v2.go
 create mode 100644 distribution/pull_v2_test.go
 create mode 100644 distribution/pull_v2_unix.go
 create mode 100644 distribution/pull_v2_windows.go
 create mode 100644 distribution/push.go
 create mode 100644 distribution/push_v1.go
 create mode 100644 distribution/push_v2.go
 create mode 100644 distribution/registry.go
 create mode 100644 distribution/registry_unit_test.go
 create mode 100644 distribution/xfer/download.go
 create mode 100644 distribution/xfer/download_test.go
 create mode 100644 distribution/xfer/transfer.go
 create mode 100644 distribution/xfer/transfer_test.go
 create mode 100644 distribution/xfer/upload.go
 create mode 100644 distribution/xfer/upload_test.go
 create mode 100644 docker/README.md
 create mode 100644 docker/client.go
 create mode 100644 docker/client_test.go
 create mode 100644 docker/common.go
 create mode 100644 docker/daemon.go
 create mode 100644 docker/daemon_freebsd.go
 create mode 100644 docker/daemon_linux.go
 create mode 100644 docker/daemon_none.go
 create mode 100644 docker/daemon_test.go
 create mode 100644 docker/daemon_unix.go
 create mode 100644 docker/daemon_unix_test.go
 create mode 100644 docker/daemon_windows.go
 create mode 100644 docker/docker.go
 create mode 100644 docker/docker_windows.go
 create mode 100644 docker/flags.go
 create mode 100644 docker/flags_test.go
 create mode 100644 docker/listeners/listeners.go
 create mode 100644 docker/listeners/listeners_unix.go
 create mode 100644 docker/listeners/listeners_windows.go
 create mode 100644 dockerversion/useragent.go
 create mode 100644 dockerversion/version_lib.go
 create mode 100644 docs/.gitignore
 create mode 100644 docs/Dockerfile
 create mode 100644 docs/Makefile
 create mode 100644 docs/README.md
 create mode 100644 docs/admin/ambassador_pattern_linking.md
 create mode 100644 docs/admin/b2d_volume_images/add_cd.png
 create mode 100644 docs/admin/b2d_volume_images/add_new_controller.png
 create mode 100644 docs/admin/b2d_volume_images/add_volume.png
 create mode 100644 docs/admin/b2d_volume_images/boot_order.png
 create mode 100644 docs/admin/b2d_volume_images/gparted.png
 create mode 100644 docs/admin/b2d_volume_images/gparted2.png
 create mode 100644 docs/admin/b2d_volume_images/verify.png
 create mode 100644 docs/admin/b2d_volume_resize.md
 create mode 100644 docs/admin/cfengine_process_management.md
 create mode 100644 docs/admin/chef.md
 create mode 100644 docs/admin/configuring.md
 create mode 100644 docs/admin/dsc.md
 create mode 100644 docs/admin/formatting.md
 create mode 100644 docs/admin/host_integration.md
 create mode 100644 docs/admin/index.md
 create mode 100644 docs/admin/logging/awslogs.md
 create mode 100644 docs/admin/logging/etwlogs.md
 create mode 100644 docs/admin/logging/fluentd.md
 create mode 100644 docs/admin/logging/gcplogs.md
 create mode 100644 docs/admin/logging/index.md
 create mode 100644 docs/admin/logging/journald.md
 create mode 100644 docs/admin/logging/log_tags.md
 create mode 100644 docs/admin/logging/overview.md
 create mode 100644 docs/admin/logging/splunk.md
 create mode 100644 docs/admin/puppet.md
 create mode 100644 docs/admin/registry_mirror.md
 create mode 100644 docs/admin/runmetrics.md
 create mode 100644 docs/admin/systemd.md
 create mode 100644 docs/admin/using_supervisord.md
 create mode 100644 docs/article-img/architecture.svg
 create mode 100644 docs/breaking_changes.md
 create mode 100644 docs/deprecated.md
 create mode 100644 docs/examples/apt-cacher-ng.Dockerfile
 create mode 100644 docs/examples/apt-cacher-ng.md
 create mode 100644 docs/examples/couchbase.md
 create mode 100644 docs/examples/couchbase/web-console.png
 create mode 100644 docs/examples/couchdb_data_volumes.md
 create mode 100644 docs/examples/index.md
 create mode 100644 docs/examples/mongodb.md
 create mode 100644 docs/examples/mongodb/Dockerfile
 create mode 100644 docs/examples/nodejs_web_app.md
 create mode 100644 docs/examples/postgresql_service.Dockerfile
 create mode 100644 docs/examples/postgresql_service.md
 create mode 100644 docs/examples/running_redis_service.md
 create mode 100644 docs/examples/running_riak_service.Dockerfile
 create mode 100644 docs/examples/running_riak_service.md
 create mode 100644 docs/examples/running_ssh_service.Dockerfile
 create mode 100644 docs/examples/running_ssh_service.md
 create mode 100644 docs/examples/supervisord.conf
 create mode 100644 docs/extend/images/authz_additional_info.png
 create mode 100644 docs/extend/images/authz_allow.png
 create mode 100644 docs/extend/images/authz_chunked.png
 create mode 100644 docs/extend/images/authz_connection_hijack.png
 create mode 100644 docs/extend/images/authz_deny.png
 create mode 100644 docs/extend/index.md
 create mode 100644 docs/extend/plugin_api.md
 create mode 100644 docs/extend/plugins.md
 create mode 100644 docs/extend/plugins_authorization.md
 create mode 100644 docs/extend/plugins_network.md
 create mode 100644 docs/extend/plugins_volume.md
 create mode 100644 docs/faq.md
 create mode 100644 docs/index.md
 create mode 100644 docs/installation/binaries.md
 create mode 100644 docs/installation/cloud/cloud-ex-aws.md
 create mode 100644 docs/installation/cloud/cloud-ex-machine-ocean.md
 create mode 100644 docs/installation/cloud/index.md
 create mode 100644 docs/installation/cloud/overview.md
 create mode 100644 docs/installation/images/bad_host.png
 create mode 100644 docs/installation/images/cool_view.png
 create mode 100644 docs/installation/images/ec2-ubuntu.png
 create mode 100644 docs/installation/images/ec2_instance_details.png
 create mode 100644 docs/installation/images/ec2_instance_type.png
 create mode 100644 docs/installation/images/ec2_launch_instance.png
 create mode 100644 docs/installation/images/good_host.png
 create mode 100644 docs/installation/images/kitematic.png
 create mode 100644 docs/installation/images/linux_docker_host.svg
 create mode 100644 docs/installation/images/mac-page-finished.png
 create mode 100644 docs/installation/images/mac-page-two.png
 create mode 100644 docs/installation/images/mac-password-prompt.png
 create mode 100644 docs/installation/images/mac-success.png
 create mode 100644 docs/installation/images/mac-welcome-page.png
 create mode 100644 docs/installation/images/mac_docker_host.svg
 create mode 100644 docs/installation/images/my-docker-vm.png
 create mode 100644 docs/installation/images/newsite_view.png
 create mode 100644 docs/installation/images/nginx-webserver.png
 create mode 100644 docs/installation/images/ocean_click_api.png
 create mode 100644 docs/installation/images/ocean_droplet.png
 create mode 100644 docs/installation/images/ocean_droplet_ubuntu.png
 create mode 100644 docs/installation/images/ocean_gen_token.png
 create mode 100644 docs/installation/images/ocean_save_token.png
 create mode 100644 docs/installation/images/ocean_token_create.png
 create mode 100644 docs/installation/images/virtualization.png
 create mode 100644 docs/installation/images/win-page-6.png
 create mode 100644 docs/installation/images/win-welcome.png
 create mode 100644 docs/installation/images/win_docker_host.svg
 create mode 100644 docs/installation/images/win_ver.png
 create mode 100644 docs/installation/images/windows-boot2docker-cmd.png
 create mode 100644 docs/installation/images/windows-boot2docker-powershell.png
 create mode 100644 docs/installation/images/windows-boot2docker-start.png
 create mode 100644 docs/installation/images/windows-finish.png
 create mode 100644 docs/installation/index.md
 create mode 100644 docs/installation/linux/SUSE.md
 create mode 100644 docs/installation/linux/archlinux.md
 create mode 100644 docs/installation/linux/centos.md
 create mode 100644 docs/installation/linux/cruxlinux.md
 create mode 100644 docs/installation/linux/debian.md
 create mode 100644 docs/installation/linux/fedora.md
 create mode 100644 docs/installation/linux/frugalware.md
 create mode 100644 docs/installation/linux/gentoolinux.md
 create mode 100644 docs/installation/linux/index.md
 create mode 100644 docs/installation/linux/oracle.md
 create mode 100644 docs/installation/linux/rhel.md
 create mode 100644 docs/installation/linux/ubuntulinux.md
 create mode 100644 docs/installation/mac.md
 create mode 100644 docs/installation/windows.md
 create mode 100644 docs/migration.md
 create mode 100644 docs/quickstart.md
 create mode 100644 docs/reference/api/README.md
 create mode 100644 docs/reference/api/_static/io_oauth_authorization_page.png
 create mode 100644 docs/reference/api/docker-io_api.md
 create mode 100644 docs/reference/api/docker_io_accounts_api.md
 create mode 100644 docs/reference/api/docker_remote_api.md
 create mode 100644 docs/reference/api/docker_remote_api_v1.14.md
 create mode 100644 docs/reference/api/docker_remote_api_v1.15.md
 create mode 100644 docs/reference/api/docker_remote_api_v1.16.md
 create mode 100644 docs/reference/api/docker_remote_api_v1.17.md
 create mode 100644 docs/reference/api/docker_remote_api_v1.18.md
 create mode 100644 docs/reference/api/docker_remote_api_v1.19.md
 create mode 100644 docs/reference/api/docker_remote_api_v1.20.md
 create mode 100644 docs/reference/api/docker_remote_api_v1.21.md
 create mode 100644 docs/reference/api/docker_remote_api_v1.22.md
 create mode 100644 docs/reference/api/docker_remote_api_v1.23.md
 create mode 100644 docs/reference/api/hub_registry_spec.md
 create mode 100644 docs/reference/api/images/event_state.gliffy
 create mode 100644 docs/reference/api/images/event_state.png
 create mode 100644 docs/reference/api/index.md
 create mode 100644 docs/reference/api/remote_api_client_libraries.md
 create mode 100644 docs/reference/builder.md
 create mode 100644 docs/reference/commandline/attach.md
 create mode 100644 docs/reference/commandline/build.md
 create mode 100644 docs/reference/commandline/cli.md
 create mode 100644 docs/reference/commandline/commit.md
 create mode 100644 docs/reference/commandline/cp.md
 create mode 100644 docs/reference/commandline/create.md
 create mode 100644 docs/reference/commandline/daemon.md
 create mode 100644 docs/reference/commandline/diff.md
 create mode 100644 docs/reference/commandline/docker_images.gif
 create mode 100644 docs/reference/commandline/events.md
 create mode 100644 docs/reference/commandline/exec.md
 create mode 100644 docs/reference/commandline/export.md
 create mode 100644 docs/reference/commandline/history.md
 create mode 100644 docs/reference/commandline/images.md
 create mode 100644 docs/reference/commandline/import.md
 create mode 100644 docs/reference/commandline/index.md
 create mode 100644 docs/reference/commandline/info.md
 create mode 100644 docs/reference/commandline/inspect.md
 create mode 100644 docs/reference/commandline/kill.md
 create mode 100644 docs/reference/commandline/load.md
 create mode 100644 docs/reference/commandline/login.md
 create mode 100644 docs/reference/commandline/logout.md
 create mode 100644 docs/reference/commandline/logs.md
 create mode 100644 docs/reference/commandline/network_connect.md
 create mode 100644 docs/reference/commandline/network_create.md
 create mode 100644 docs/reference/commandline/network_disconnect.md
 create mode 100644 docs/reference/commandline/network_inspect.md
 create mode 100644 docs/reference/commandline/network_ls.md
 create mode 100644 docs/reference/commandline/network_rm.md
 create mode 100644 docs/reference/commandline/pause.md
 create mode 100644 docs/reference/commandline/port.md
 create mode 100644 docs/reference/commandline/ps.md
 create mode 100644 docs/reference/commandline/pull.md
 create mode 100644 docs/reference/commandline/push.md
 create mode 100644 docs/reference/commandline/rename.md
 create mode 100644 docs/reference/commandline/restart.md
 create mode 100644 docs/reference/commandline/rm.md
 create mode 100644 docs/reference/commandline/rmi.md
 create mode 100644 docs/reference/commandline/run.md
 create mode 100644 docs/reference/commandline/save.md
 create mode 100644 docs/reference/commandline/search.md
 create mode 100644 docs/reference/commandline/start.md
 create mode 100644 docs/reference/commandline/stats.md
 create mode 100644 docs/reference/commandline/stop.md
 create mode 100644 docs/reference/commandline/tag.md
 create mode 100644 docs/reference/commandline/top.md
 create mode 100644 docs/reference/commandline/unpause.md
 create mode 100644 docs/reference/commandline/update.md
 create mode 100644 docs/reference/commandline/version.md
 create mode 100644 docs/reference/commandline/volume_create.md
 create mode 100644 docs/reference/commandline/volume_inspect.md
 create mode 100644 docs/reference/commandline/volume_ls.md
 create mode 100644 docs/reference/commandline/volume_rm.md
 create mode 100644 docs/reference/commandline/wait.md
 create mode 100644 docs/reference/glossary.md
 create mode 100644 docs/reference/index.md
 create mode 100644 docs/reference/run.md
 create mode 100644 docs/security/apparmor.md
 create mode 100644 docs/security/certificates.md
 create mode 100644 docs/security/https.md
 create mode 100644 docs/security/https/Dockerfile
 create mode 100644 docs/security/https/Makefile
 create mode 100644 docs/security/https/README.md
 create mode 100755 docs/security/https/make_certs.sh
 create mode 100755 docs/security/https/parsedocs.sh
 create mode 100644 docs/security/index.md
 create mode 100644 docs/security/seccomp.md
 create mode 100644 docs/security/security.md
 create mode 100644 docs/security/trust/content_trust.md
 create mode 100644 docs/security/trust/deploying_notary.md
 create mode 100644 docs/security/trust/images/tag_signing.png
 create mode 100644 docs/security/trust/images/trust_.gliffy
 create mode 100644 docs/security/trust/images/trust_components.gliffy
 create mode 100644 docs/security/trust/images/trust_components.png
 create mode 100644 docs/security/trust/images/trust_signing.gliffy
 create mode 100644 docs/security/trust/images/trust_signing.png
 create mode 100644 docs/security/trust/images/trust_view.gliffy
 create mode 100644 docs/security/trust/images/trust_view.png
 create mode 100644 docs/security/trust/index.md
 create mode 100644 docs/security/trust/trust_automation.md
 create mode 100644 docs/security/trust/trust_delegation.md
 create mode 100644 docs/security/trust/trust_key_mng.md
 create mode 100644 docs/security/trust/trust_sandbox.md
 create mode 100644 docs/static_files/README.md
 create mode 100644 docs/static_files/contributors.png
 create mode 100644 docs/static_files/docker-logo-compressed.png
 create mode 100644 docs/static_files/docker_pull_chart.png
 create mode 100644 docs/static_files/docker_push_chart.png
 create mode 100644 docs/static_files/dockerlogo-v.png
 create mode 100755 docs/touch-up.sh
 create mode 100644 docs/understanding-docker.md
 create mode 100644 docs/userguide/containers/dockerimages.md
 create mode 100644 docs/userguide/containers/dockerizing.md
 create mode 100644 docs/userguide/containers/dockerrepos.md
 create mode 100644 docs/userguide/containers/dockervolumes.md
 create mode 100644 docs/userguide/containers/index.md
 create mode 100644 docs/userguide/containers/networkingcontainers.md
 create mode 100644 docs/userguide/containers/search.png
 create mode 100644 docs/userguide/containers/usingdocker.md
 create mode 100644 docs/userguide/containers/webapp1.png
 create mode 100644 docs/userguide/eng-image/baseimages.md
 create mode 100644 docs/userguide/eng-image/dockerfile_best-practices.md
 create mode 100644 docs/userguide/eng-image/image_management.md
 create mode 100644 docs/userguide/eng-image/index.md
 create mode 100644 docs/userguide/index.md
 create mode 100644 docs/userguide/intro.md
 create mode 100644 docs/userguide/labels-custom-metadata.md
 create mode 100644 docs/userguide/networking/configure-dns.md
 create mode 100644 docs/userguide/networking/default_network/binding.md
 create mode 100644 docs/userguide/networking/default_network/build-bridges.md
 create mode 100644 docs/userguide/networking/default_network/configure-dns.md
 create mode 100644 docs/userguide/networking/default_network/container-communication.md
 create mode 100644 docs/userguide/networking/default_network/custom-docker0.md
 create mode 100644 docs/userguide/networking/default_network/dockerlinks.md
 create mode 100644 docs/userguide/networking/default_network/images/ipv6_basic_host_config.gliffy
 create mode 100644 docs/userguide/networking/default_network/images/ipv6_basic_host_config.svg
 create mode 100644 docs/userguide/networking/default_network/images/ipv6_ndp_proxying.gliffy
 create mode 100644 docs/userguide/networking/default_network/images/ipv6_ndp_proxying.svg
 create mode 100644 docs/userguide/networking/default_network/images/ipv6_routed_network_example.gliffy
 create mode 100644 docs/userguide/networking/default_network/images/ipv6_routed_network_example.svg
 create mode 100644 docs/userguide/networking/default_network/images/ipv6_slash64_subnet_config.gliffy
 create mode 100644 docs/userguide/networking/default_network/images/ipv6_slash64_subnet_config.svg
 create mode 100644 docs/userguide/networking/default_network/images/ipv6_switched_network_example.gliffy
 create mode 100644 docs/userguide/networking/default_network/images/ipv6_switched_network_example.svg
 create mode 100644 docs/userguide/networking/default_network/index.md
 create mode 100644 docs/userguide/networking/default_network/ipv6.md
 create mode 100644 docs/userguide/networking/dockernetworks.md
 create mode 100644 docs/userguide/networking/get-started-overlay.md
 create mode 100644 docs/userguide/networking/images/bridge_network.gliffy
 create mode 100644 docs/userguide/networking/images/bridge_network.png
 create mode 100644 docs/userguide/networking/images/bridge_network.svg
 create mode 100644 docs/userguide/networking/images/engine_on_net.gliffy
 create mode 100644 docs/userguide/networking/images/engine_on_net.png
 create mode 100644 docs/userguide/networking/images/engine_on_net.svg
 create mode 100644 docs/userguide/networking/images/key_value.gliffy
 create mode 100644 docs/userguide/networking/images/key_value.png
 create mode 100644 docs/userguide/networking/images/key_value.svg
 create mode 100644 docs/userguide/networking/images/network_access.gliffy
 create mode 100644 docs/userguide/networking/images/network_access.png
 create mode 100644 docs/userguide/networking/images/network_access.svg
 create mode 100644 docs/userguide/networking/images/overlay-network-final.gliffy
 create mode 100644 docs/userguide/networking/images/overlay-network-final.png
 create mode 100644 docs/userguide/networking/images/overlay-network-final.svg
 create mode 100644 docs/userguide/networking/images/overlay_network.gliffy
 create mode 100644 docs/userguide/networking/images/overlay_network.png
 create mode 100644 docs/userguide/networking/images/overlay_network.svg
 create mode 100644 docs/userguide/networking/images/working.gliffy
 create mode 100644 docs/userguide/networking/images/working.png
 create mode 100644 docs/userguide/networking/images/working.svg
 create mode 100644 docs/userguide/networking/index.md
 create mode 100644 docs/userguide/networking/work-with-networks.md
 create mode 100644 docs/userguide/storagedriver/aufs-driver.md
 create mode 100644 docs/userguide/storagedriver/btrfs-driver.md
 create mode 100644 docs/userguide/storagedriver/device-mapper-driver.md
 create mode 100644 docs/userguide/storagedriver/images/aufs_delete.jpg
 create mode 100644 docs/userguide/storagedriver/images/aufs_layers.jpg
 create mode 100644 docs/userguide/storagedriver/images/aufs_metadata.jpg
 create mode 100644 docs/userguide/storagedriver/images/base_device.jpg
 create mode 100644 docs/userguide/storagedriver/images/btfs_constructs.jpg
 create mode 100644 docs/userguide/storagedriver/images/btfs_container_layer.jpg
 create mode 100644 docs/userguide/storagedriver/images/btfs_layers.png
 create mode 100644 docs/userguide/storagedriver/images/btfs_pool.jpg
 create mode 100644 docs/userguide/storagedriver/images/btfs_snapshots.jpg
 create mode 100644 docs/userguide/storagedriver/images/btfs_subvolume.jpg
 create mode 100644 docs/userguide/storagedriver/images/container-layers-cas.jpg
 create mode 100644 docs/userguide/storagedriver/images/container-layers.jpg
 create mode 100644 docs/userguide/storagedriver/images/dm_container.jpg
 create mode 100644 docs/userguide/storagedriver/images/driver-pros-cons.png
 create mode 100644 docs/userguide/storagedriver/images/image-layers.jpg
 create mode 100644 docs/userguide/storagedriver/images/overlay_constructs.jpg
 create mode 100644 docs/userguide/storagedriver/images/overlay_constructs2.jpg
 create mode 100644 docs/userguide/storagedriver/images/saving-space.jpg
 create mode 100644 docs/userguide/storagedriver/images/shared-uuid.jpg
 create mode 100644 docs/userguide/storagedriver/images/shared-volume.jpg
 create mode 100644 docs/userguide/storagedriver/images/sharing-layers.jpg
 create mode 100644 docs/userguide/storagedriver/images/two_dm_container.jpg
 create mode 100644 docs/userguide/storagedriver/images/zfs_clones.jpg
 create mode 100644 docs/userguide/storagedriver/images/zfs_zpool.jpg
 create mode 100644 docs/userguide/storagedriver/images/zpool_blocks.jpg
 create mode 100644 docs/userguide/storagedriver/imagesandcontainers.md
 create mode 100644 docs/userguide/storagedriver/index.md
 create mode 100644 docs/userguide/storagedriver/overlayfs-driver.md
 create mode 100644 docs/userguide/storagedriver/selectadriver.md
 create mode 100644 docs/userguide/storagedriver/zfs-driver.md
 create mode 100644 errors/errors.go
 create mode 100644 experimental/README.md
 create mode 100644 experimental/images/ipvlan-l3.gliffy
 create mode 100644 experimental/images/ipvlan-l3.png
 create mode 100644 experimental/images/ipvlan-l3.svg
 create mode 100644 experimental/images/ipvlan_l2_simple.gliffy
 create mode 100644 experimental/images/ipvlan_l2_simple.png
 create mode 100644 experimental/images/ipvlan_l2_simple.svg
 create mode 100644 experimental/images/macvlan-bridge-ipvlan-l2.gliffy
 create mode 100644 experimental/images/macvlan-bridge-ipvlan-l2.png
 create mode 100644 experimental/images/macvlan-bridge-ipvlan-l2.svg
 create mode 100644 experimental/images/macvlan_bridge_simple.gliffy
 create mode 100644 experimental/images/macvlan_bridge_simple.png
 create mode 100644 experimental/images/macvlan_bridge_simple.svg
 create mode 100644 experimental/images/multi_tenant_8021q_vlans.gliffy
 create mode 100644 experimental/images/multi_tenant_8021q_vlans.png
 create mode 100644 experimental/images/multi_tenant_8021q_vlans.svg
 create mode 100644 experimental/images/vlans-deeper-look.gliffy
 create mode 100644 experimental/images/vlans-deeper-look.png
 create mode 100644 experimental/images/vlans-deeper-look.svg
 create mode 100644 experimental/plugins_graphdriver.md
 create mode 100644 experimental/vlan-networks.md
 create mode 100755 hack/.vendor-helpers.sh
 create mode 100644 hack/Jenkins/W2L/postbuild.sh
 create mode 100644 hack/Jenkins/W2L/setup.sh
 create mode 100644 hack/Jenkins/readme.md
 create mode 100755 hack/dind
 create mode 100755 hack/generate-authors.sh
 create mode 100755 hack/install.sh
 create mode 100755 hack/make.sh
 create mode 100644 hack/make/.build-deb/compat
 create mode 100644 hack/make/.build-deb/control
 create mode 100644 hack/make/.build-deb/docker-engine.bash-completion
 create mode 120000 hack/make/.build-deb/docker-engine.docker.default
 create mode 120000 hack/make/.build-deb/docker-engine.docker.init
 create mode 120000 hack/make/.build-deb/docker-engine.docker.upstart
 create mode 100644 hack/make/.build-deb/docker-engine.install
 create mode 100644 hack/make/.build-deb/docker-engine.manpages
 create mode 100644 hack/make/.build-deb/docker-engine.postinst
 create mode 120000 hack/make/.build-deb/docker-engine.udev
 create mode 100644 hack/make/.build-deb/docs
 create mode 100755 hack/make/.build-deb/rules
 create mode 100644 hack/make/.build-rpm/docker-engine-selinux.spec
 create mode 100644 hack/make/.build-rpm/docker-engine.spec
 create mode 100644 hack/make/.detect-daemon-osarch
 create mode 100644 hack/make/.ensure-emptyfs
 create mode 100644 hack/make/.ensure-frozen-images
 create mode 100644 hack/make/.ensure-frozen-images-windows
 create mode 100644 hack/make/.ensure-httpserver
 create mode 100644 hack/make/.ensure-nnp-test
 create mode 100644 hack/make/.ensure-syscall-test
 create mode 100644 hack/make/.go-autogen
 create mode 100644 hack/make/.integration-daemon-setup
 create mode 100644 hack/make/.integration-daemon-start
 create mode 100644 hack/make/.integration-daemon-stop
 create mode 100644 hack/make/.resources-windows/docker.exe.manifest
 create mode 100644 hack/make/.resources-windows/docker.ico
 create mode 100644 hack/make/.resources-windows/docker.png
 create mode 100644 hack/make/.validate
 create mode 100644 hack/make/README.md
 create mode 100644 hack/make/binary
 create mode 100644 hack/make/build-deb
 create mode 100644 hack/make/build-rpm
 create mode 100755 hack/make/clean-apt-repo
 create mode 100755 hack/make/clean-yum-repo
 create mode 100644 hack/make/cover
 create mode 100644 hack/make/cross
 create mode 100644 hack/make/dynbinary
 create mode 100644 hack/make/dyngccgo
 create mode 100644 hack/make/gccgo
 create mode 100755 hack/make/generate-index-listing
 create mode 100644 hack/make/install-script
 create mode 100755 hack/make/release-deb
 create mode 100755 hack/make/release-rpm
 create mode 100755 hack/make/sign-repos
 create mode 100755 hack/make/test-deb-install
 create mode 100644 hack/make/test-docker-py
 create mode 100755 hack/make/test-install-script
 create mode 100644 hack/make/test-integration-cli
 create mode 100755 hack/make/test-old-apt-repo
 create mode 100644 hack/make/test-unit
 create mode 100644 hack/make/tgz
 create mode 100644 hack/make/ubuntu
 create mode 100755 hack/make/update-apt-repo
 create mode 100644 hack/make/validate-dco
 create mode 100644 hack/make/validate-default-seccomp
 create mode 100644 hack/make/validate-gofmt
 create mode 100644 hack/make/validate-lint
 create mode 100644 hack/make/validate-pkg
 create mode 100644 hack/make/validate-test
 create mode 100644 hack/make/validate-toml
 create mode 100644 hack/make/validate-vendor
 create mode 100644 hack/make/validate-vet
 create mode 100644 hack/make/win
 create mode 100755 hack/release.sh
 create mode 100755 hack/vendor.sh
 create mode 100644 image/fs.go
 create mode 100644 image/fs_test.go
 create mode 100644 image/image.go
 create mode 100644 image/image_test.go
 create mode 100644 image/rootfs.go
 create mode 100644 image/rootfs_unix.go
 create mode 100644 image/rootfs_windows.go
 create mode 100644 image/spec/v1.md
 create mode 100644 image/store.go
 create mode 100644 image/store_test.go
 create mode 100644 image/tarexport/load.go
 create mode 100644 image/tarexport/save.go
 create mode 100644 image/tarexport/tarexport.go
 create mode 100644 image/v1/imagev1.go
 create mode 100644 integration-cli/benchmark_test.go
 create mode 100644 integration-cli/check_test.go
 create mode 100644 integration-cli/daemon.go
 create mode 100644 integration-cli/docker_api_attach_test.go
 create mode 100644 integration-cli/docker_api_auth_test.go
 create mode 100644 integration-cli/docker_api_build_test.go
 create mode 100644 integration-cli/docker_api_containers_test.go
 create mode 100644 integration-cli/docker_api_create_test.go
 create mode 100644 integration-cli/docker_api_events_test.go
 create mode 100644 integration-cli/docker_api_exec_resize_test.go
 create mode 100644 integration-cli/docker_api_exec_test.go
 create mode 100644 integration-cli/docker_api_images_test.go
 create mode 100644 integration-cli/docker_api_info_test.go
 create mode 100644 integration-cli/docker_api_inspect_test.go
 create mode 100644 integration-cli/docker_api_inspect_unix_test.go
 create mode 100644 integration-cli/docker_api_logs_test.go
 create mode 100644 integration-cli/docker_api_network_test.go
 create mode 100644 integration-cli/docker_api_resize_test.go
 create mode 100644 integration-cli/docker_api_stats_test.go
 create mode 100644 integration-cli/docker_api_test.go
 create mode 100644 integration-cli/docker_api_update_unix_test.go
 create mode 100644 integration-cli/docker_api_version_test.go
 create mode 100644 integration-cli/docker_api_volumes_test.go
 create mode 100644 integration-cli/docker_cli_attach_test.go
 create mode 100644 integration-cli/docker_cli_attach_unix_test.go
 create mode 100644 integration-cli/docker_cli_authz_unix_test.go
 create mode 100644 integration-cli/docker_cli_build_test.go
 create mode 100644 integration-cli/docker_cli_build_unix_test.go
 create mode 100644 integration-cli/docker_cli_by_digest_test.go
 create mode 100644 integration-cli/docker_cli_commit_test.go
 create mode 100644 integration-cli/docker_cli_config_test.go
 create mode 100644 integration-cli/docker_cli_cp_from_container_test.go
 create mode 100644 integration-cli/docker_cli_cp_test.go
 create mode 100644 integration-cli/docker_cli_cp_to_container_test.go
 create mode 100644 integration-cli/docker_cli_cp_to_container_unix_test.go
 create mode 100644 integration-cli/docker_cli_cp_utils.go
 create mode 100644 integration-cli/docker_cli_create_test.go
 create mode 100644 integration-cli/docker_cli_daemon_experimental_test.go
 create mode 100644 integration-cli/docker_cli_daemon_not_experimental_test.go
 create mode 100644 integration-cli/docker_cli_daemon_test.go
 create mode 100644 integration-cli/docker_cli_diff_test.go
 create mode 100644 integration-cli/docker_cli_events_test.go
 create mode 100644 integration-cli/docker_cli_events_unix_test.go
 create mode 100644 integration-cli/docker_cli_exec_test.go
 create mode 100644 integration-cli/docker_cli_exec_unix_test.go
 create mode 100644 integration-cli/docker_cli_experimental_test.go
 create mode 100644 integration-cli/docker_cli_export_import_test.go
 create mode 100644 integration-cli/docker_cli_external_graphdriver_unix_test.go
 create mode 100644 integration-cli/docker_cli_help_test.go
 create mode 100644 integration-cli/docker_cli_history_test.go
 create mode 100644 integration-cli/docker_cli_images_test.go
 create mode 100644 integration-cli/docker_cli_import_test.go
 create mode 100644 integration-cli/docker_cli_info_test.go
 create mode 100644 integration-cli/docker_cli_inspect_experimental_test.go
 create mode 100644 integration-cli/docker_cli_inspect_test.go
 create mode 100644 integration-cli/docker_cli_kill_test.go
 create mode 100644 integration-cli/docker_cli_links_test.go
 create mode 100644 integration-cli/docker_cli_links_unix_test.go
 create mode 100644 integration-cli/docker_cli_login_test.go
 create mode 100644 integration-cli/docker_cli_logout_test.go
 create mode 100644 integration-cli/docker_cli_logs_bench_test.go
 create mode 100644 integration-cli/docker_cli_logs_test.go
 create mode 100644 integration-cli/docker_cli_nat_test.go
 create mode 100644 integration-cli/docker_cli_netmode_test.go
 create mode 100644 integration-cli/docker_cli_network_unix_test.go
 create mode 100644 integration-cli/docker_cli_oom_killed_test.go
 create mode 100644 integration-cli/docker_cli_pause_test.go
 create mode 100644 integration-cli/docker_cli_port_test.go
 create mode 100644 integration-cli/docker_cli_proxy_test.go
 create mode 100644 integration-cli/docker_cli_ps_test.go
 create mode 100644 integration-cli/docker_cli_pull_local_test.go
 create mode 100644 integration-cli/docker_cli_pull_test.go
 create mode 100644 integration-cli/docker_cli_pull_trusted_test.go
 create mode 100644 integration-cli/docker_cli_push_test.go
 create mode 100644 integration-cli/docker_cli_registry_user_agent_test.go
 create mode 100644 integration-cli/docker_cli_rename_test.go
 create mode 100644 integration-cli/docker_cli_restart_test.go
 create mode 100644 integration-cli/docker_cli_rm_test.go
 create mode 100644 integration-cli/docker_cli_rmi_test.go
 create mode 100644 integration-cli/docker_cli_run_test.go
 create mode 100644 integration-cli/docker_cli_run_unix_test.go
 create mode 100644 integration-cli/docker_cli_save_load_test.go
 create mode 100644 integration-cli/docker_cli_save_load_unix_test.go
 create mode 100644 integration-cli/docker_cli_search_test.go
 create mode 100644 integration-cli/docker_cli_sni_test.go
 create mode 100644 integration-cli/docker_cli_start_test.go
 create mode 100644 integration-cli/docker_cli_start_volume_driver_unix_test.go
 create mode 100644 integration-cli/docker_cli_stats_test.go
 create mode 100644 integration-cli/docker_cli_tag_test.go
 create mode 100644 integration-cli/docker_cli_top_test.go
 create mode 100644 integration-cli/docker_cli_update_test.go
 create mode 100644 integration-cli/docker_cli_update_unix_test.go
 create mode 100644 integration-cli/docker_cli_userns_test.go
 create mode 100644 integration-cli/docker_cli_v2_only_test.go
 create mode 100644 integration-cli/docker_cli_version_test.go
 create mode 100644 integration-cli/docker_cli_volume_test.go
 create mode 100644 integration-cli/docker_cli_wait_test.go
 create mode 100644 integration-cli/docker_experimental_network_test.go
 create mode 100644 integration-cli/docker_hub_pull_suite_test.go
 create mode 100644 integration-cli/docker_test_vars.go
 create mode 100644 integration-cli/docker_utils.go
 create mode 100644 integration-cli/events_utils.go
 create mode 100755 integration-cli/fixtures/auth/docker-credential-shell-test
 create mode 100644 integration-cli/fixtures/https/ca.pem
 create mode 100644 integration-cli/fixtures/https/client-cert.pem
 create mode 100644 integration-cli/fixtures/https/client-key.pem
 create mode 100644 integration-cli/fixtures/https/client-rogue-cert.pem
 create mode 100644 integration-cli/fixtures/https/client-rogue-key.pem
 create mode 100644 integration-cli/fixtures/https/server-cert.pem
 create mode 100644 integration-cli/fixtures/https/server-key.pem
 create mode 100644 integration-cli/fixtures/https/server-rogue-cert.pem
 create mode 100644 integration-cli/fixtures/https/server-rogue-key.pem
 create mode 100644 integration-cli/fixtures/load/emptyLayer.tar
 create mode 100644 integration-cli/fixtures/notary/delgkey1.crt
 create mode 100644 integration-cli/fixtures/notary/delgkey1.key
 create mode 100644 integration-cli/fixtures/notary/delgkey2.crt
 create mode 100644 integration-cli/fixtures/notary/delgkey2.key
 create mode 100644 integration-cli/fixtures/notary/delgkey3.crt
 create mode 100644 integration-cli/fixtures/notary/delgkey3.key
 create mode 100644 integration-cli/fixtures/notary/delgkey4.crt
 create mode 100644 integration-cli/fixtures/notary/delgkey4.key
 create mode 100644 integration-cli/fixtures/notary/localhost.cert
 create mode 100644 integration-cli/fixtures/notary/localhost.key
 create mode 100644 integration-cli/fixtures/registry/cert.pem
 create mode 100644 integration-cli/npipe.go
 create mode 100644 integration-cli/npipe_windows.go
 create mode 100644 integration-cli/registry.go
 create mode 100644 integration-cli/registry_mock.go
 create mode 100644 integration-cli/requirements.go
 create mode 100644 integration-cli/requirements_unix.go
 create mode 100644 integration-cli/test_vars_exec.go
 create mode 100644 integration-cli/test_vars_noexec.go
 create mode 100644 integration-cli/test_vars_noseccomp.go
 create mode 100644 integration-cli/test_vars_seccomp.go
 create mode 100644 integration-cli/test_vars_unix.go
 create mode 100644 integration-cli/test_vars_windows.go
 create mode 100644 integration-cli/trust_server.go
 create mode 100644 integration-cli/utils.go
 create mode 100644 layer/empty.go
 create mode 100644 layer/empty_test.go
 create mode 100644 layer/filestore.go
 create mode 100644 layer/filestore_test.go
 create mode 100644 layer/layer.go
 create mode 100644 layer/layer_store.go
 create mode 100644 layer/layer_test.go
 create mode 100644 layer/layer_unix.go
 create mode 100644 layer/layer_unix_test.go
 create mode 100644 layer/layer_windows.go
 create mode 100644 layer/migration.go
 create mode 100644 layer/migration_test.go
 create mode 100644 layer/mount_test.go
 create mode 100644 layer/mounted_layer.go
 create mode 100644 layer/ro_layer.go
 create mode 100644 libcontainerd/client.go
 create mode 100644 libcontainerd/client_linux.go
 create mode 100644 libcontainerd/client_liverestore_linux.go
 create mode 100644 libcontainerd/client_shutdownrestore_linux.go
 create mode 100644 libcontainerd/client_windows.go
 create mode 100644 libcontainerd/container.go
 create mode 100644 libcontainerd/container_linux.go
 create mode 100644 libcontainerd/container_windows.go
 create mode 100644 libcontainerd/pausemonitor_linux.go
 create mode 100644 libcontainerd/process.go
 create mode 100644 libcontainerd/process_linux.go
 create mode 100644 libcontainerd/process_windows.go
 create mode 100644 libcontainerd/queue_linux.go
 create mode 100644 libcontainerd/remote.go
 create mode 100644 libcontainerd/remote_linux.go
 create mode 100644 libcontainerd/remote_windows.go
 create mode 100644 libcontainerd/types.go
 create mode 100644 libcontainerd/types_linux.go
 create mode 100644 libcontainerd/types_windows.go
 create mode 100644 libcontainerd/utils_linux.go
 create mode 100644 libcontainerd/utils_windows.go
 create mode 100644 libcontainerd/windowsoci/oci_windows.go
 create mode 100644 libcontainerd/windowsoci/unsupported.go
 create mode 100644 man/Dockerfile
 create mode 100644 man/Dockerfile.5.md
 create mode 100644 man/README.md
 create mode 100644 man/config-json.5.md
 create mode 100644 man/docker-attach.1.md
 create mode 100644 man/docker-build.1.md
 create mode 100644 man/docker-commit.1.md
 create mode 100644 man/docker-cp.1.md
 create mode 100644 man/docker-create.1.md
 create mode 100644 man/docker-daemon.8.md
 create mode 100644 man/docker-diff.1.md
 create mode 100644 man/docker-events.1.md
 create mode 100644 man/docker-exec.1.md
 create mode 100644 man/docker-export.1.md
 create mode 100644 man/docker-history.1.md
 create mode 100644 man/docker-images.1.md
 create mode 100644 man/docker-import.1.md
 create mode 100644 man/docker-info.1.md
 create mode 100644 man/docker-inspect.1.md
 create mode 100644 man/docker-kill.1.md
 create mode 100644 man/docker-load.1.md
 create mode 100644 man/docker-login.1.md
 create mode 100644 man/docker-logout.1.md
 create mode 100644 man/docker-logs.1.md
 create mode 100644 man/docker-network-connect.1.md
 create mode 100644 man/docker-network-create.1.md
 create mode 100644 man/docker-network-disconnect.1.md
 create mode 100644 man/docker-network-inspect.1.md
 create mode 100644 man/docker-network-ls.1.md
 create mode 100644 man/docker-network-rm.1.md
 create mode 100644 man/docker-pause.1.md
 create mode 100644 man/docker-port.1.md
 create mode 100644 man/docker-ps.1.md
 create mode 100644 man/docker-pull.1.md
 create mode 100644 man/docker-push.1.md
 create mode 100644 man/docker-rename.1.md
 create mode 100644 man/docker-restart.1.md
 create mode 100644 man/docker-rm.1.md
 create mode 100644 man/docker-rmi.1.md
 create mode 100644 man/docker-run.1.md
 create mode 100644 man/docker-save.1.md
 create mode 100644 man/docker-search.1.md
 create mode 100644 man/docker-start.1.md
 create mode 100644 man/docker-stats.1.md
 create mode 100644 man/docker-stop.1.md
 create mode 100644 man/docker-tag.1.md
 create mode 100644 man/docker-top.1.md
 create mode 100644 man/docker-unpause.1.md
 create mode 100644 man/docker-update.1.md
 create mode 100644 man/docker-version.1.md
 create mode 100644 man/docker-volume-create.1.md
 create mode 100644 man/docker-volume-inspect.1.md
 create mode 100644 man/docker-volume-ls.1.md
 create mode 100644 man/docker-volume-rm.1.md
 create mode 100644 man/docker-volume.1.md
 create mode 100644 man/docker-wait.1.md
 create mode 100644 man/docker.1.md
 create mode 100755 man/md2man-all.sh
 create mode 100644 migrate/v1/migratev1.go
 create mode 100644 migrate/v1/migratev1_test.go
 create mode 100644 oci/defaults_linux.go
 create mode 100644 oci/defaults_windows.go
 create mode 100644 opts/hosts.go
 create mode 100644 opts/hosts_test.go
 create mode 100644 opts/hosts_unix.go
 create mode 100644 opts/hosts_windows.go
 create mode 100644 opts/ip.go
 create mode 100644 opts/ip_test.go
 create mode 100644 opts/opts.go
 create mode 100644 opts/opts_test.go
 create mode 100644 opts/opts_unix.go
 create mode 100644 opts/opts_windows.go
 create mode 100644 pkg/README.md
 create mode 100644 pkg/aaparser/aaparser.go
 create mode 100644 pkg/aaparser/aaparser_test.go
 create mode 100644 pkg/archive/README.md
 create mode 100644 pkg/archive/archive.go
 create mode 100644 pkg/archive/archive_test.go
 create mode 100644 pkg/archive/archive_unix.go
 create mode 100644 pkg/archive/archive_unix_test.go
 create mode 100644 pkg/archive/archive_windows.go
 create mode 100644 pkg/archive/archive_windows_test.go
 create mode 100644 pkg/archive/changes.go
 create mode 100644 pkg/archive/changes_linux.go
 create mode 100644 pkg/archive/changes_other.go
 create mode 100644 pkg/archive/changes_posix_test.go
 create mode 100644 pkg/archive/changes_test.go
 create mode 100644 pkg/archive/changes_unix.go
 create mode 100644 pkg/archive/changes_windows.go
 create mode 100644 pkg/archive/copy.go
 create mode 100644 pkg/archive/copy_unix.go
 create mode 100644 pkg/archive/copy_unix_test.go
 create mode 100644 pkg/archive/copy_windows.go
 create mode 100644 pkg/archive/diff.go
 create mode 100644 pkg/archive/diff_test.go
 create mode 100644 pkg/archive/example_changes.go
 create mode 100644 pkg/archive/testdata/broken.tar
 create mode 100644 pkg/archive/time_linux.go
 create mode 100644 pkg/archive/time_unsupported.go
 create mode 100644 pkg/archive/utils_test.go
 create mode 100644 pkg/archive/whiteouts.go
 create mode 100644 pkg/archive/wrap.go
 create mode 100644 pkg/archive/wrap_test.go
 create mode 100644 pkg/authorization/api.go
 create mode 100644 pkg/authorization/authz.go
 create mode 100644 pkg/authorization/authz_unix_test.go
 create mode 100644 pkg/authorization/plugin.go
 create mode 100644 pkg/authorization/response.go
 create mode 100644 pkg/broadcaster/unbuffered.go
 create mode 100644 pkg/broadcaster/unbuffered_test.go
 create mode 100644 pkg/chrootarchive/archive.go
 create mode 100644 pkg/chrootarchive/archive_test.go
 create mode 100644 pkg/chrootarchive/archive_unix.go
 create mode 100644 pkg/chrootarchive/archive_windows.go
 create mode 100644 pkg/chrootarchive/diff.go
 create mode 100644 pkg/chrootarchive/diff_unix.go
 create mode 100644 pkg/chrootarchive/diff_windows.go
 create mode 100644 pkg/chrootarchive/init_unix.go
 create mode 100644 pkg/chrootarchive/init_windows.go
 create mode 100644 pkg/devicemapper/devmapper.go
 create mode 100644 pkg/devicemapper/devmapper_log.go
 create mode 100644 pkg/devicemapper/devmapper_wrapper.go
 create mode 100644 pkg/devicemapper/devmapper_wrapper_deferred_remove.go
 create mode 100644 pkg/devicemapper/devmapper_wrapper_no_deferred_remove.go
 create mode 100644 pkg/devicemapper/ioctl.go
 create mode 100644 pkg/devicemapper/log.go
 create mode 100644 pkg/directory/directory.go
 create mode 100644 pkg/directory/directory_test.go
 create mode 100644 pkg/directory/directory_unix.go
 create mode 100644 pkg/directory/directory_windows.go
 create mode 100644 pkg/discovery/README.md
 create mode 100644 pkg/discovery/backends.go
 create mode 100644 pkg/discovery/discovery.go
 create mode 100644 pkg/discovery/discovery_test.go
 create mode 100644 pkg/discovery/entry.go
 create mode 100644 pkg/discovery/file/file.go
 create mode 100644 pkg/discovery/file/file_test.go
 create mode 100644 pkg/discovery/generator.go
 create mode 100644 pkg/discovery/generator_test.go
 create mode 100644 pkg/discovery/kv/kv.go
 create mode 100644 pkg/discovery/kv/kv_test.go
 create mode 100644 pkg/discovery/memory/memory.go
 create mode 100644 pkg/discovery/memory/memory_test.go
 create mode 100644 pkg/discovery/nodes/nodes.go
 create mode 100644 pkg/discovery/nodes/nodes_test.go
 create mode 100644 pkg/filenotify/filenotify.go
 create mode 100644 pkg/filenotify/fsnotify.go
 create mode 100644 pkg/filenotify/poller.go
 create mode 100644 pkg/filenotify/poller_test.go
 create mode 100644 pkg/fileutils/fileutils.go
 create mode 100644 pkg/fileutils/fileutils_test.go
 create mode 100644 pkg/fileutils/fileutils_unix.go
 create mode 100644 pkg/fileutils/fileutils_windows.go
 create mode 100644 pkg/gitutils/gitutils.go
 create mode 100644 pkg/gitutils/gitutils_test.go
 create mode 100644 pkg/graphdb/conn_sqlite3.go
 create mode 100644 pkg/graphdb/conn_sqlite3_unix.go
 create mode 100644 pkg/graphdb/conn_sqlite3_windows.go
 create mode 100644 pkg/graphdb/conn_unsupported.go
 create mode 100644 pkg/graphdb/graphdb.go
 create mode 100644 pkg/graphdb/graphdb_test.go
 create mode 100644 pkg/graphdb/sort.go
 create mode 100644 pkg/graphdb/sort_test.go
 create mode 100644 pkg/graphdb/utils.go
 create mode 100644 pkg/homedir/homedir.go
 create mode 100644 pkg/homedir/homedir_test.go
 create mode 100644 pkg/httputils/httputils.go
 create mode 100644 pkg/httputils/httputils_test.go
 create mode 100644 pkg/httputils/mimetype.go
 create mode 100644 pkg/httputils/mimetype_test.go
 create mode 100644 pkg/httputils/resumablerequestreader.go
 create mode 100644 pkg/httputils/resumablerequestreader_test.go
 create mode 100644 pkg/idtools/idtools.go
 create mode 100644 pkg/idtools/idtools_unix.go
 create mode 100644 pkg/idtools/idtools_unix_test.go
 create mode 100644 pkg/idtools/idtools_windows.go
 create mode 100644 pkg/idtools/usergroupadd_linux.go
 create mode 100644 pkg/idtools/usergroupadd_unsupported.go
 create mode 100644 pkg/integration/checker/checker.go
 create mode 100644 pkg/integration/dockerCmd_utils.go
 create mode 100644 pkg/integration/dockerCmd_utils_test.go
 create mode 100644 pkg/integration/utils.go
 create mode 100644 pkg/integration/utils_test.go
 create mode 100644 pkg/ioutils/bytespipe.go
 create mode 100644 pkg/ioutils/bytespipe_test.go
 create mode 100644 pkg/ioutils/fmt.go
 create mode 100644 pkg/ioutils/fmt_test.go
 create mode 100644 pkg/ioutils/multireader.go
 create mode 100644 pkg/ioutils/multireader_test.go
 create mode 100644 pkg/ioutils/readers.go
 create mode 100644 pkg/ioutils/readers_test.go
 create mode 100644 pkg/ioutils/scheduler.go
 create mode 100644 pkg/ioutils/scheduler_gccgo.go
 create mode 100644 pkg/ioutils/temp_unix.go
 create mode 100644 pkg/ioutils/temp_windows.go
 create mode 100644 pkg/ioutils/writeflusher.go
 create mode 100644 pkg/ioutils/writers.go
 create mode 100644 pkg/ioutils/writers_test.go
 create mode 100644 pkg/jsonlog/jsonlog.go
 create mode 100644 pkg/jsonlog/jsonlog_marshalling.go
 create mode 100644 pkg/jsonlog/jsonlog_marshalling_test.go
 create mode 100644 pkg/jsonlog/jsonlogbytes.go
 create mode 100644 pkg/jsonlog/jsonlogbytes_test.go
 create mode 100644 pkg/jsonlog/time_marshalling.go
 create mode 100644 pkg/jsonlog/time_marshalling_test.go
 create mode 100644 pkg/jsonmessage/jsonmessage.go
 create mode 100644 pkg/jsonmessage/jsonmessage_test.go
 create mode 100644 pkg/locker/README.md
 create mode 100644 pkg/locker/locker.go
 create mode 100644 pkg/locker/locker_test.go
 create mode 100644 pkg/longpath/longpath.go
 create mode 100644 pkg/longpath/longpath_test.go
 create mode 100644 pkg/loopback/attach_loopback.go
 create mode 100644 pkg/loopback/ioctl.go
 create mode 100644 pkg/loopback/loop_wrapper.go
 create mode 100644 pkg/loopback/loopback.go
 create mode 100644 pkg/mflag/LICENSE
 create mode 100644 pkg/mflag/README.md
 create mode 100644 pkg/mflag/example/example.go
 create mode 100644 pkg/mflag/flag.go
 create mode 100644 pkg/mflag/flag_test.go
 create mode 100644 pkg/mount/flags.go
 create mode 100644 pkg/mount/flags_freebsd.go
 create mode 100644 pkg/mount/flags_linux.go
 create mode 100644 pkg/mount/flags_unsupported.go
 create mode 100644 pkg/mount/mount.go
 create mode 100644 pkg/mount/mount_unix_test.go
 create mode 100644 pkg/mount/mounter_freebsd.go
 create mode 100644 pkg/mount/mounter_linux.go
 create mode 100644 pkg/mount/mounter_unsupported.go
 create mode 100644 pkg/mount/mountinfo.go
 create mode 100644 pkg/mount/mountinfo_freebsd.go
 create mode 100644 pkg/mount/mountinfo_linux.go
 create mode 100644 pkg/mount/mountinfo_linux_test.go
 create mode 100644 pkg/mount/mountinfo_unsupported.go
 create mode 100644 pkg/mount/mountinfo_windows.go
 create mode 100644 pkg/mount/sharedsubtree_linux.go
 create mode 100644 pkg/mount/sharedsubtree_linux_test.go
 create mode 100644 pkg/namesgenerator/cmd/names-generator/main.go
 create mode 100644 pkg/namesgenerator/names-generator.go
 create mode 100644 pkg/namesgenerator/names-generator_test.go
 create mode 100644 pkg/parsers/kernel/kernel.go
 create mode 100644 pkg/parsers/kernel/kernel_unix_test.go
 create mode 100644 pkg/parsers/kernel/kernel_windows.go
 create mode 100644 pkg/parsers/kernel/uname_linux.go
 create mode 100644 pkg/parsers/kernel/uname_unsupported.go
 create mode 100644 pkg/parsers/operatingsystem/operatingsystem_freebsd.go
 create mode 100644 pkg/parsers/operatingsystem/operatingsystem_linux.go
 create mode 100644 pkg/parsers/operatingsystem/operatingsystem_unix_test.go
 create mode 100644 pkg/parsers/operatingsystem/operatingsystem_windows.go
 create mode 100644 pkg/parsers/parsers.go
 create mode 100644 pkg/parsers/parsers_test.go
 create mode 100644 pkg/pidfile/pidfile.go
 create mode 100644 pkg/pidfile/pidfile_test.go
 create mode 100644 pkg/platform/architecture_freebsd.go
 create mode 100644 pkg/platform/architecture_linux.go
 create mode 100644 pkg/platform/architecture_windows.go
 create mode 100644 pkg/platform/platform.go
 create mode 100644 pkg/platform/utsname_int8.go
 create mode 100644 pkg/platform/utsname_uint8.go
 create mode 100644 pkg/plugins/client.go
 create mode 100644 pkg/plugins/client_test.go
 create mode 100644 pkg/plugins/discovery.go
 create mode 100644 pkg/plugins/discovery_test.go
 create mode 100644 pkg/plugins/discovery_unix_test.go
 create mode 100644 pkg/plugins/errors.go
 create mode 100644 pkg/plugins/pluginrpc-gen/README.md
 create mode 100644 pkg/plugins/pluginrpc-gen/fixtures/foo.go
 create mode 100644 pkg/plugins/pluginrpc-gen/main.go
 create mode 100644 pkg/plugins/pluginrpc-gen/parser.go
 create mode 100644 pkg/plugins/pluginrpc-gen/parser_test.go
 create mode 100644 pkg/plugins/pluginrpc-gen/template.go
 create mode 100644 pkg/plugins/plugins.go
 create mode 100644 pkg/plugins/transport/http.go
 create mode 100644 pkg/plugins/transport/transport.go
 create mode 100644 pkg/pools/pools.go
 create mode 100644 pkg/pools/pools_test.go
 create mode 100644 pkg/progress/progress.go
 create mode 100644 pkg/progress/progressreader.go
 create mode 100644 pkg/progress/progressreader_test.go
 create mode 100644 pkg/promise/promise.go
 create mode 100644 pkg/proxy/network_proxy_test.go
 create mode 100644 pkg/proxy/proxy.go
 create mode 100644 pkg/proxy/stub_proxy.go
 create mode 100644 pkg/proxy/tcp_proxy.go
 create mode 100644 pkg/proxy/udp_proxy.go
 create mode 100644 pkg/pubsub/publisher.go
 create mode 100644 pkg/pubsub/publisher_test.go
 create mode 100644 pkg/random/random.go
 create mode 100644 pkg/random/random_test.go
 create mode 100644 pkg/reexec/README.md
 create mode 100644 pkg/reexec/command_freebsd.go
 create mode 100644 pkg/reexec/command_linux.go
 create mode 100644 pkg/reexec/command_unsupported.go
 create mode 100644 pkg/reexec/command_windows.go
 create mode 100644 pkg/reexec/reexec.go
 create mode 100644 pkg/registrar/registrar.go
 create mode 100644 pkg/registrar/registrar_test.go
 create mode 100644 pkg/signal/README.md
 create mode 100644 pkg/signal/signal.go
 create mode 100644 pkg/signal/signal_darwin.go
 create mode 100644 pkg/signal/signal_freebsd.go
 create mode 100644 pkg/signal/signal_linux.go
 create mode 100644 pkg/signal/signal_unix.go
 create mode 100644 pkg/signal/signal_unsupported.go
 create mode 100644 pkg/signal/signal_windows.go
 create mode 100644 pkg/signal/trap.go
 create mode 100644 pkg/stdcopy/stdcopy.go
 create mode 100644 pkg/stdcopy/stdcopy_test.go
 create mode 100644 pkg/streamformatter/streamformatter.go
 create mode 100644 pkg/streamformatter/streamformatter_test.go
 create mode 100644 pkg/stringid/README.md
 create mode 100644 pkg/stringid/stringid.go
 create mode 100644 pkg/stringid/stringid_test.go
 create mode 100644 pkg/stringutils/README.md
 create mode 100644 pkg/stringutils/stringutils.go
 create mode 100644 pkg/stringutils/stringutils_test.go
 create mode 100644 pkg/symlink/LICENSE.APACHE
 create mode 100644 pkg/symlink/LICENSE.BSD
 create mode 100644 pkg/symlink/README.md
 create mode 100644 pkg/symlink/fs.go
 create mode 100644 pkg/symlink/fs_unix.go
 create mode 100644 pkg/symlink/fs_unix_test.go
 create mode 100644 pkg/symlink/fs_windows.go
 create mode 100644 pkg/sysinfo/README.md
 create mode 100644 pkg/sysinfo/sysinfo.go
 create mode 100644 pkg/sysinfo/sysinfo_freebsd.go
 create mode 100644 pkg/sysinfo/sysinfo_linux.go
 create mode 100644 pkg/sysinfo/sysinfo_linux_test.go
 create mode 100644 pkg/sysinfo/sysinfo_test.go
 create mode 100644 pkg/sysinfo/sysinfo_windows.go
 create mode 100644 pkg/system/chtimes.go
 create mode 100644 pkg/system/chtimes_test.go
 create mode 100644 pkg/system/chtimes_unix.go
 create mode 100644 pkg/system/chtimes_unix_test.go
 create mode 100644 pkg/system/chtimes_windows.go
 create mode 100644 pkg/system/chtimes_windows_test.go
 create mode 100644 pkg/system/errors.go
 create mode 100644 pkg/system/events_windows.go
 create mode 100644 pkg/system/filesys.go
 create mode 100644 pkg/system/filesys_windows.go
 create mode 100644 pkg/system/lstat.go
 create mode 100644 pkg/system/lstat_unix_test.go
 create mode 100644 pkg/system/lstat_windows.go
 create mode 100644 pkg/system/meminfo.go
 create mode 100644 pkg/system/meminfo_linux.go
 create mode 100644 pkg/system/meminfo_unix_test.go
 create mode 100644 pkg/system/meminfo_unsupported.go
 create mode 100644 pkg/system/meminfo_windows.go
 create mode 100644 pkg/system/mknod.go
 create mode 100644 pkg/system/mknod_windows.go
 create mode 100644 pkg/system/path_unix.go
 create mode 100644 pkg/system/path_windows.go
 create mode 100644 pkg/system/stat.go
 create mode 100644 pkg/system/stat_freebsd.go
 create mode 100644 pkg/system/stat_linux.go
 create mode 100644 pkg/system/stat_openbsd.go
 create mode 100644 pkg/system/stat_solaris.go
 create mode 100644 pkg/system/stat_unix_test.go
 create mode 100644 pkg/system/stat_unsupported.go
 create mode 100644 pkg/system/stat_windows.go
 create mode 100644 pkg/system/syscall_unix.go
 create mode 100644 pkg/system/syscall_windows.go
 create mode 100644 pkg/system/umask.go
 create mode 100644 pkg/system/umask_windows.go
 create mode 100644 pkg/system/utimes_darwin.go
 create mode 100644 pkg/system/utimes_freebsd.go
 create mode 100644 pkg/system/utimes_linux.go
 create mode 100644 pkg/system/utimes_unix_test.go
 create mode 100644 pkg/system/utimes_unsupported.go
 create mode 100644 pkg/system/xattrs_linux.go
 create mode 100644 pkg/system/xattrs_unsupported.go
 create mode 100644 pkg/tailfile/tailfile.go
 create mode 100644 pkg/tailfile/tailfile_test.go
 create mode 100644 pkg/tarsum/builder_context.go
 create mode 100644 pkg/tarsum/builder_context_test.go
 create mode 100644 pkg/tarsum/fileinfosums.go
 create mode 100644 pkg/tarsum/fileinfosums_test.go
 create mode 100644 pkg/tarsum/tarsum.go
 create mode 100644 pkg/tarsum/tarsum_spec.md
 create mode 100644 pkg/tarsum/tarsum_test.go
 create mode 100644 pkg/tarsum/testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/json
 create mode 100644 pkg/tarsum/testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/layer.tar
 create mode 100644 pkg/tarsum/testdata/511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158/json
 create mode 100644 pkg/tarsum/testdata/511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158/layer.tar
 create mode 100644 pkg/tarsum/testdata/collision/collision-0.tar
 create mode 100644 pkg/tarsum/testdata/collision/collision-1.tar
 create mode 100644 pkg/tarsum/testdata/collision/collision-2.tar
 create mode 100644 pkg/tarsum/testdata/collision/collision-3.tar
 create mode 100644 pkg/tarsum/testdata/xattr/json
 create mode 100644 pkg/tarsum/testdata/xattr/layer.tar
 create mode 100644 pkg/tarsum/versioning.go
 create mode 100644 pkg/tarsum/versioning_test.go
 create mode 100644 pkg/tarsum/writercloser.go
 create mode 100644 pkg/term/ascii.go
 create mode 100644 pkg/term/ascii_test.go
 create mode 100644 pkg/term/tc_linux_cgo.go
 create mode 100644 pkg/term/tc_other.go
 create mode 100644 pkg/term/term.go
 create mode 100644 pkg/term/term_windows.go
 create mode 100644 pkg/term/termios_darwin.go
 create mode 100644 pkg/term/termios_freebsd.go
 create mode 100644 pkg/term/termios_linux.go
 create mode 100644 pkg/term/termios_openbsd.go
 create mode 100644 pkg/term/windows/ansi_reader.go
 create mode 100644 pkg/term/windows/ansi_writer.go
 create mode 100644 pkg/term/windows/console.go
 create mode 100644 pkg/term/windows/windows.go
 create mode 100644 pkg/term/windows/windows_test.go
 create mode 100644 pkg/tlsconfig/config.go
 create mode 100644 pkg/truncindex/truncindex.go
 create mode 100644 pkg/truncindex/truncindex_test.go
 create mode 100644 pkg/urlutil/urlutil.go
 create mode 100644 pkg/urlutil/urlutil_test.go
 create mode 100644 pkg/useragent/README.md
 create mode 100644 pkg/useragent/useragent.go
 create mode 100644 pkg/useragent/useragent_test.go
 create mode 100644 pkg/version/version.go
 create mode 100644 pkg/version/version_test.go
 create mode 100644 profiles/apparmor/apparmor.go
 create mode 100644 profiles/apparmor/template.go
 create mode 100755 profiles/seccomp/default.json
 create mode 100755 profiles/seccomp/fixtures/example.json
 create mode 100644 profiles/seccomp/generate.go
 create mode 100644 profiles/seccomp/seccomp.go
 create mode 100644 profiles/seccomp/seccomp_default.go
 create mode 100644 profiles/seccomp/seccomp_test.go
 create mode 100644 profiles/seccomp/seccomp_unsupported.go
 create mode 100644 project/ARM.md
 create mode 100644 project/BRANCHES-AND-TAGS.md
 create mode 120000 project/CONTRIBUTORS.md
 create mode 100644 project/GOVERNANCE.md
 create mode 100644 project/IRC-ADMINISTRATION.md
 create mode 100644 project/ISSUE-TRIAGE.md
 create mode 100644 project/PACKAGE-REPO-MAINTENANCE.md
 create mode 100644 project/PACKAGERS.md
 create mode 100644 project/PATCH-RELEASES.md
 create mode 100644 project/PRINCIPLES.md
 create mode 100644 project/README.md
 create mode 100644 project/RELEASE-CHECKLIST.md
 create mode 100644 project/RELEASE-PROCESS.md
 create mode 100644 project/REVIEWING.md
 create mode 100644 project/TOOLS.md
 create mode 100644 reference/reference.go
 create mode 100644 reference/reference_test.go
 create mode 100644 reference/store.go
 create mode 100644 reference/store_test.go
 create mode 100644 registry/auth.go
 create mode 100644 registry/auth_test.go
 create mode 100644 registry/config.go
 create mode 100644 registry/config_test.go
 create mode 100644 registry/config_unix.go
 create mode 100644 registry/config_windows.go
 create mode 100644 registry/endpoint_test.go
 create mode 100644 registry/endpoint_v1.go
 create mode 100644 registry/reference.go
 create mode 100644 registry/registry.go
 create mode 100644 registry/registry_mock_test.go
 create mode 100644 registry/registry_test.go
 create mode 100644 registry/service.go
 create mode 100644 registry/service_v1.go
 create mode 100644 registry/service_v2.go
 create mode 100644 registry/session.go
 create mode 100644 registry/types.go
 create mode 100644 restartmanager/restartmanager.go
 create mode 100644 restartmanager/restartmanager_test.go
 create mode 100644 runconfig/compare.go
 create mode 100644 runconfig/compare_test.go
 create mode 100644 runconfig/config.go
 create mode 100644 runconfig/config_test.go
 create mode 100644 runconfig/config_unix.go
 create mode 100644 runconfig/config_windows.go
 create mode 100644 runconfig/errors.go
 create mode 100644 runconfig/fixtures/unix/container_config_1_14.json
 create mode 100644 runconfig/fixtures/unix/container_config_1_17.json
 create mode 100644 runconfig/fixtures/unix/container_config_1_19.json
 create mode 100644 runconfig/fixtures/unix/container_hostconfig_1_14.json
 create mode 100644 runconfig/fixtures/unix/container_hostconfig_1_19.json
 create mode 100644 runconfig/fixtures/windows/container_config_1_19.json
 create mode 100644 runconfig/hostconfig.go
 create mode 100644 runconfig/hostconfig_test.go
 create mode 100644 runconfig/hostconfig_unix.go
 create mode 100644 runconfig/hostconfig_windows.go
 create mode 100644 runconfig/opts/envfile.go
 create mode 100644 runconfig/opts/envfile_test.go
 create mode 100644 runconfig/opts/fixtures/valid.env
 create mode 100644 runconfig/opts/fixtures/valid.label
 create mode 100644 runconfig/opts/opts.go
 create mode 100644 runconfig/opts/opts_test.go
 create mode 100644 runconfig/opts/parse.go
 create mode 100644 runconfig/opts/parse_test.go
 create mode 100644 runconfig/opts/throttledevice.go
 create mode 100644 runconfig/opts/ulimit.go
 create mode 100644 runconfig/opts/ulimit_test.go
 create mode 100644 runconfig/opts/weightdevice.go
 create mode 100644 runconfig/streams.go
 create mode 100644 utils/debug.go
 create mode 100644 utils/debug_test.go
 create mode 100644 utils/experimental.go
 create mode 100644 utils/names.go
 create mode 100644 utils/process_unix.go
 create mode 100644 utils/process_windows.go
 create mode 100644 utils/stubs.go
 create mode 100644 utils/templates/templates.go
 create mode 100644 utils/templates/templates_test.go
 create mode 100644 utils/utils.go
 create mode 100644 utils/utils_test.go
 create mode 100644 vendor/src/github.com/docker/notary/.gitignore
 create mode 100644 vendor/src/github.com/docker/notary/CHANGELOG.md
 create mode 100644 vendor/src/github.com/docker/notary/CONTRIBUTING.md
 create mode 100644 vendor/src/github.com/docker/notary/CONTRIBUTORS
 create mode 100644 vendor/src/github.com/docker/notary/Dockerfile
 create mode 100644 vendor/src/github.com/docker/notary/LICENSE
 create mode 100644 vendor/src/github.com/docker/notary/MAINTAINERS
 create mode 100644 vendor/src/github.com/docker/notary/Makefile
 create mode 100644 vendor/src/github.com/docker/notary/NOTARY_VERSION
 create mode 100644 vendor/src/github.com/docker/notary/README.md
 create mode 100644 vendor/src/github.com/docker/notary/ROADMAP.md
 create mode 100644 vendor/src/github.com/docker/notary/certs/certs.go
 create mode 100644 vendor/src/github.com/docker/notary/circle.yml
 create mode 100644 vendor/src/github.com/docker/notary/client/changelist/change.go
 create mode 100644 vendor/src/github.com/docker/notary/client/changelist/changelist.go
 create mode 100644 vendor/src/github.com/docker/notary/client/changelist/file_changelist.go
 create mode 100644 vendor/src/github.com/docker/notary/client/changelist/interface.go
 create mode 100644 vendor/src/github.com/docker/notary/client/client.go
 create mode 100644 vendor/src/github.com/docker/notary/client/delegations.go
 create mode 100644 vendor/src/github.com/docker/notary/client/helpers.go
 create mode 100644 vendor/src/github.com/docker/notary/client/repo.go
 create mode 100644 vendor/src/github.com/docker/notary/client/repo_pkcs11.go
 create mode 100644 vendor/src/github.com/docker/notary/const.go
 create mode 100755 vendor/src/github.com/docker/notary/coverpkg.sh
 create mode 100644 vendor/src/github.com/docker/notary/cryptoservice/certificate.go
 create mode 100644 vendor/src/github.com/docker/notary/cryptoservice/crypto_service.go
 create mode 100644 vendor/src/github.com/docker/notary/cryptoservice/import_export.go
 create mode 100644 vendor/src/github.com/docker/notary/docker-compose.yml
 create mode 100644 vendor/src/github.com/docker/notary/passphrase/passphrase.go
 create mode 100644 vendor/src/github.com/docker/notary/server.Dockerfile
 create mode 100644 vendor/src/github.com/docker/notary/signer.Dockerfile
 create mode 100644 vendor/src/github.com/docker/notary/trustmanager/filestore.go
 create mode 100644 vendor/src/github.com/docker/notary/trustmanager/keyfilestore.go
 create mode 100644 vendor/src/github.com/docker/notary/trustmanager/keystore.go
 create mode 100644 vendor/src/github.com/docker/notary/trustmanager/memorystore.go
 create mode 100644 vendor/src/github.com/docker/notary/trustmanager/store.go
 create mode 100644 vendor/src/github.com/docker/notary/trustmanager/x509filestore.go
 create mode 100644 vendor/src/github.com/docker/notary/trustmanager/x509memstore.go
 create mode 100644 vendor/src/github.com/docker/notary/trustmanager/x509store.go
 create mode 100644 vendor/src/github.com/docker/notary/trustmanager/x509utils.go
 create mode 100644 vendor/src/github.com/docker/notary/trustmanager/yubikey/non_pkcs11.go
 create mode 100644 vendor/src/github.com/docker/notary/trustmanager/yubikey/pkcs11_darwin.go
 create mode 100644 vendor/src/github.com/docker/notary/trustmanager/yubikey/pkcs11_interface.go
 create mode 100644 vendor/src/github.com/docker/notary/trustmanager/yubikey/pkcs11_linux.go
 create mode 100644 vendor/src/github.com/docker/notary/trustmanager/yubikey/yubikeystore.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/LICENSE
 create mode 100644 vendor/src/github.com/docker/notary/tuf/README.md
 create mode 100644 vendor/src/github.com/docker/notary/tuf/client/client.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/client/errors.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/data/errors.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/data/keys.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/data/roles.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/data/root.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/data/serializer.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/data/snapshot.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/data/targets.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/data/timestamp.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/data/types.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/signed/ed25519.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/signed/errors.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/signed/interface.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/signed/sign.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/signed/verifiers.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/signed/verify.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/store/errors.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/store/filestore.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/store/httpstore.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/store/interfaces.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/store/memorystore.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/store/offlinestore.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/tuf.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/utils/role_sort.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/utils/stack.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/utils/util.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/utils/utils.go
 create mode 100644 vendor/src/github.com/docker/notary/tuf/validation/errors.go
 create mode 100644 volume/drivers/adapter.go
 create mode 100644 volume/drivers/extpoint.go
 create mode 100644 volume/drivers/extpoint_test.go
 create mode 100644 volume/drivers/proxy.go
 create mode 100644 volume/drivers/proxy_test.go
 create mode 100644 volume/local/local.go
 create mode 100644 volume/local/local_test.go
 create mode 100644 volume/local/local_unix.go
 create mode 100644 volume/local/local_windows.go
 create mode 100644 volume/store/errors.go
 create mode 100644 volume/store/store.go
 create mode 100644 volume/store/store_test.go
 create mode 100644 volume/store/store_unix.go
 create mode 100644 volume/store/store_windows.go
 create mode 100644 volume/testutils/testutils.go
 create mode 100644 volume/volume.go
 create mode 100644 volume/volume_copy.go
 create mode 100644 volume/volume_propagation_linux.go
 create mode 100644 volume/volume_propagation_linux_test.go
 create mode 100644 volume/volume_propagation_unsupported.go
 create mode 100644 volume/volume_test.go
 create mode 100644 volume/volume_unix.go
 create mode 100644 volume/volume_windows.go

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 00000000..9bd2c021
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,3 @@
+bundles
+.gopath
+vendor/pkg
diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md
new file mode 100644
index 00000000..53e518f7
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE.md
@@ -0,0 +1,51 @@
+<!--
+If you are reporting a new issue, make sure that we do not have any duplicates
+already open. You can ensure this by searching the issue list for this
+repository. If there is a duplicate, please close your issue and add a comment
+to the existing issue instead.
+
+If you suspect your issue is a bug, please edit your issue description to
+include the BUG REPORT INFORMATION shown below. If you fail to provide this
+information within 7 days, we cannot debug your issue and will close it. We
+will, however, reopen it if you later provide the information.
+
+For more information about reporting issues, see
+https://github.com/docker/docker/blob/master/CONTRIBUTING.md#reporting-other-issues
+
+---------------------------------------------------
+BUG REPORT INFORMATION
+---------------------------------------------------
+Use the commands below to provide key information from your environment:
+You do NOT have to include this information if this is a FEATURE REQUEST
+-->
+
+**Output of `docker version`:**
+
+```
+(paste your output here)
+```
+
+
+**Output of `docker info`:**
+
+```
+(paste your output here)
+```
+
+**Additional environment details (AWS, VirtualBox, physical, etc.):**
+
+
+
+**Steps to reproduce the issue:**
+1.
+2.
+3.
+
+
+**Describe the results you received:**
+
+
+**Describe the results you expected:**
+
+
+**Additional information you deem important (e.g. issue happens only occasionally):**
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
new file mode 100644
index 00000000..69f1538b
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,23 @@
+<!--
+Please make sure you've read and understood our contributing guidelines;
+https://github.com/docker/docker/blob/master/CONTRIBUTING.md
+
+** Make sure all your commits include a signature generated with `git commit -s` **
+
+For additional information on our contributing process, read our contributing
+guide https://docs.docker.com/opensource/code/
+
+If this is a bug fix, make sure your description includes "fixes #xxxx", or
+"closes #xxxx"
+
+Please provide the following information:
+-->
+
+**- What I did**
+
+**- How I did it**
+
+**- How to verify it**
+
+**- A picture of a cute animal (not mandatory but encouraged)**
+
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 00000000..9ea55ed0
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,27 @@
+# Docker project generated files to ignore
+#  if you want to ignore files created by your editor/tools,
+#  please consider a global .gitignore https://help.github.com/articles/ignoring-files
+*.exe
+*.exe~
+*.orig
+*.test
+.*.swp
+.DS_Store
+.gopath/
+autogen/
+bundles/
+docker/docker
+dockerversion/version_autogen.go
+docs/AWS_S3_BUCKET
+docs/GITCOMMIT
+docs/GIT_BRANCH
+docs/VERSION
+docs/_build
+docs/_static
+docs/_templates
+docs/changed-files
+# generated by man/md2man-all.sh
+man/man1
+man/man5
+man/man8
+vendor/pkg/
diff --git a/.mailmap b/.mailmap
new file mode 100644
index 00000000..685f8e6b
--- /dev/null
+++ b/.mailmap
@@ -0,0 +1,237 @@
+# Generate AUTHORS: hack/generate-authors.sh
+
+# Tip for finding duplicates (besides scanning the output of AUTHORS for name
+# duplicates that aren't also email duplicates): scan the output of:
+#   git log --format='%aE - %aN' | sort -uf
+#
+# For explanation on this file format: man git-shortlog
+
+Patrick Stapleton <github@gdi2290.com>
+Shishir Mahajan <shishir.mahajan@redhat.com> <smahajan@redhat.com>
+Erwin van der Koogh <info@erronis.nl>
+Ahmed Kamal <email.ahmedkamal@googlemail.com>
+Tejesh Mehta <tejesh.mehta@gmail.com> <tj@init.me>
+Cristian Staretu <cristian.staretu@gmail.com>
+Cristian Staretu <cristian.staretu@gmail.com> <unclejacksons@gmail.com>
+Cristian Staretu <cristian.staretu@gmail.com> <unclejack@users.noreply.github.com>
+Marcus Linke <marcus.linke@gmx.de>
+Aleksandrs Fadins <aleks@s-ko.net>
+Christopher Latham <sudosurootdev@gmail.com>
+Hu Keping <hukeping@huawei.com>
+Wayne Chang <wayne@neverfear.org>
+Chen Chao <cc272309126@gmail.com>
+Daehyeok Mun <daehyeok@gmail.com>
+<daehyeok@gmail.com> <daehyeok@daehyeokui-MacBook-Air.local>
+<jt@yadutaf.fr> <admin@jtlebi.fr>
+<jeff@docker.com> <jefferya@programmerq.net>
+<charles.hooper@dotcloud.com> <chooper@plumata.com>
+<daniel.mizyrycki@dotcloud.com> <daniel@dotcloud.com>
+<daniel.mizyrycki@dotcloud.com> <mzdaniel@glidelink.net>
+Guillaume J. Charmes <guillaume.charmes@docker.com> <charmes.guillaume@gmail.com>
+<guillaume.charmes@docker.com> <guillaume@dotcloud.com>
+<guillaume.charmes@docker.com> <guillaume@docker.com>
+<guillaume.charmes@docker.com> <guillaume.charmes@dotcloud.com>
+<guillaume.charmes@docker.com> <guillaume@charmes.net>
+<kencochrane@gmail.com> <KenCochrane@gmail.com>
+Thatcher Peskens <thatcher@docker.com>
+Thatcher Peskens <thatcher@docker.com> <thatcher@dotcloud.com>
+Thatcher Peskens <thatcher@docker.com> dhrp <thatcher@gmx.net>
+Jérôme Petazzoni <jerome.petazzoni@dotcloud.com> jpetazzo <jerome.petazzoni@dotcloud.com>
+Jérôme Petazzoni <jerome.petazzoni@dotcloud.com> <jp@enix.org>
+Joffrey F <joffrey@docker.com>
+Joffrey F <joffrey@docker.com> <joffrey@dotcloud.com>
+Joffrey F <joffrey@docker.com> <f.joffrey@gmail.com>
+Tim Terhorst <mynamewastaken+git@gmail.com>
+Andy Smith <github@anarkystic.com>
+<kalessin@kalessin.fr> <louis@dotcloud.com>
+<victor.vieux@docker.com> <victor.vieux@dotcloud.com>
+<victor.vieux@docker.com> <victor@dotcloud.com>
+<victor.vieux@docker.com> <dev@vvieux.com>
+<victor.vieux@docker.com> <victor@docker.com>
+<victor.vieux@docker.com> <vieux@docker.com>
+<victor.vieux@docker.com> <victorvieux@gmail.com>
+<dominik@honnef.co> <dominikh@fork-bomb.org>
+<ehanchrow@ine.com> <eric.hanchrow@gmail.com>
+Walter Stanish <walter@pratyeka.org>
+<daniel@gasienica.ch> <dgasienica@zynga.com>
+Roberto Hashioka <roberto_hashioka@hotmail.com>
+Konstantin Pelykh <kpelykh@zettaset.com>
+David Sissitka <me@dsissitka.com>
+Nolan Darilek <nolan@thewordnerd.info>
+<mastahyeti@gmail.com> <mastahyeti@users.noreply.github.com>
+Benoit Chesneau <bchesneau@gmail.com>
+Jordan Arentsen <blissdev@gmail.com>
+Daniel Garcia <daniel@danielgarcia.info>
+Miguel Angel Fernández <elmendalerenda@gmail.com>
+Bhiraj Butala <abhiraj.butala@gmail.com>
+Faiz Khan <faizkhan00@gmail.com>
+Victor Lyuboslavsky <victor@victoreda.com>
+Jean-Baptiste Barth <jeanbaptiste.barth@gmail.com>
+Matthew Mueller <mattmuelle@gmail.com>
+<mosoni@ebay.com> <mohitsoni1989@gmail.com>
+Shih-Yuan Lee <fourdollars@gmail.com>
+Daniel Mizyrycki <daniel.mizyrycki@dotcloud.com> root <root@vagrant-ubuntu-12.10.vagrantup.com>
+Jean-Baptiste Dalido <jeanbaptiste@appgratis.com>
+<proppy@google.com> <proppy@aminche.com>
+<michael@docker.com> <michael@crosbymichael.com>
+<michael@docker.com> <crosby.michael@gmail.com>
+<michael@docker.com> <crosbymichael@gmail.com>
+<github@developersupport.net> <github@metaliveblog.com>
+<brandon@ifup.org> <brandon@ifup.co>
+<dano@spotify.com> <daniel.norberg@gmail.com>
+<danny@codeaholics.org> <Danny.Yates@mailonline.co.uk>
+<gurjeet@singh.im> <singh.gurjeet@gmail.com>
+<shawn@churchofgit.com> <shawnlandden@gmail.com>
+<sjoerd-github@linuxonly.nl> <sjoerd@byte.nl>
+<solomon@docker.com> <solomon.hykes@dotcloud.com>
+<solomon@docker.com> <solomon@dotcloud.com>
+<solomon@docker.com> <s@docker.com>
+Sven Dowideit <SvenDowideit@home.org.au>
+Sven Dowideit <SvenDowideit@home.org.au> <SvenDowideit@fosiki.com>
+Sven Dowideit <SvenDowideit@home.org.au> <SvenDowideit@docker.com>
+Sven Dowideit <SvenDowideit@home.org.au> <¨SvenDowideit@home.org.au¨>
+Sven Dowideit <SvenDowideit@home.org.au> <SvenDowideit@users.noreply.github.com>
+Sven Dowideit <SvenDowideit@home.org.au> <sven@t440s.home.gateway>
+<alexl@redhat.com> <alexander.larsson@gmail.com>
+Alexander Morozov <lk4d4@docker.com> <lk4d4math@gmail.com>
+Alexander Morozov <lk4d4@docker.com>
+<git.nivoc@neverbox.com> <kuehnle@online.de>
+O.S. Tezer <ostezer@gmail.com>
+<ostezer@gmail.com> <ostezer@users.noreply.github.com>
+Roberto G. Hashioka <roberto.hashioka@docker.com> <roberto_hashioka@hotmail.com>
+<justin.p.simonelis@gmail.com> <justin.simonelis@PTS-JSIMON2.toronto.exclamation.com>
+<taim@bosboot.org> <maztaim@users.noreply.github.com>
+<viktor.vojnovski@amadeus.com> <vojnovski@gmail.com>
+<vbatts@redhat.com> <vbatts@hashbangbash.com>
+<altsysrq@gmail.com> <iamironbob@gmail.com>
+Sridhar Ratnakumar <sridharr@activestate.com>
+Sridhar Ratnakumar <sridharr@activestate.com> <github@srid.name>
+Liang-Chi Hsieh <viirya@gmail.com>
+Aleksa Sarai <asarai@suse.de>
+Aleksa Sarai <asarai@suse.de> <asarai@suse.com>
+Aleksa Sarai <asarai@suse.de> <cyphar@cyphar.com>
+Will Weaver <monkey@buildingbananas.com>
+Timothy Hobbs <timothyhobbs@seznam.cz>
+Nathan LeClaire <nathan.leclaire@docker.com> <nathan.leclaire@gmail.com>
+Nathan LeClaire <nathan.leclaire@docker.com> <nathanleclaire@gmail.com>
+<github@hollensbe.org> <erik+github@hollensbe.org>
+<github@albersweb.de> <albers@users.noreply.github.com>
+<lsm5@fedoraproject.org> <lsm5@redhat.com>
+<marc@marc-abramowitz.com> <msabramo@gmail.com>
+Matthew Heon <mheon@redhat.com> <mheon@mheonlaptop.redhat.com>
+<bernat@luffy.cx> <vincent@bernat.im>
+<bernat@luffy.cx> <Vincent.Bernat@exoscale.ch>
+<p@pwaller.net> <peter@scraperwiki.com>
+<andrew.weiss@outlook.com> <andrew.weiss@microsoft.com>
+Francisco Carriedo <fcarriedo@gmail.com>
+<julienbordellier@gmail.com> <git@julienbordellier.com>
+<ahmetb@microsoft.com> <ahmetalpbalkan@gmail.com>
+<arnaud.porterie@docker.com> <icecrime@gmail.com>
+<baloo@gandi.net> <superbaloo+registrations.github@superbaloo.net>
+Brian Goff <cpuguy83@gmail.com>
+<cpuguy83@gmail.com> <bgoff@cpuguy83-mbp.home>
+<eric@windisch.us> <ewindisch@docker.com>
+<frank.rosquin+github@gmail.com> <frank.rosquin@gmail.com>
+Hollie Teal <hollie@docker.com>
+<hollie@docker.com> <hollie.teal@docker.com>
+<hollie@docker.com> <hollietealok@users.noreply.github.com>
+<huu@prismskylabs.com> <whoshuu@gmail.com>
+Jessica Frazelle <jess@mesosphere.com>
+Jessica Frazelle <jess@mesosphere.com> <jfrazelle@users.noreply.github.com>
+Jessica Frazelle <jess@mesosphere.com> <acidburn@docker.com>
+Jessica Frazelle <jess@mesosphere.com> <jess@docker.com>
+Jessica Frazelle <jess@mesosphere.com> <princess@docker.com>
+<konrad.wilhelm.kleine@gmail.com> <kwk@users.noreply.github.com>
+<tintypemolly@gmail.com> <tintypemolly@Ohui-MacBook-Pro.local>
+<estesp@linux.vnet.ibm.com> <estesp@gmail.com>
+<github@gone.nl> <thaJeztah@users.noreply.github.com>
+Thomas LEVEIL <thomasleveil@gmail.com> Thomas LÉVEIL <thomasleveil@users.noreply.github.com>
+<oi@truffles.me.uk> <timruffles@googlemail.com>
+<Vincent.Bernat@exoscale.ch> <bernat@luffy.cx>
+Antonio Murdaca <antonio.murdaca@gmail.com> <amurdaca@redhat.com>
+Antonio Murdaca <antonio.murdaca@gmail.com> <runcom@redhat.com>
+Antonio Murdaca <antonio.murdaca@gmail.com> <me@runcom.ninja>
+Antonio Murdaca <antonio.murdaca@gmail.com> <runcom@linux.com>
+Antonio Murdaca <antonio.murdaca@gmail.com> <runcom@users.noreply.github.com>
+Darren Shepherd <darren.s.shepherd@gmail.com> <darren@rancher.com>
+Deshi Xiao <dxiao@redhat.com> <dsxiao@dataman-inc.com>
+Deshi Xiao <dxiao@redhat.com> <xiaods@gmail.com>
+Doug Davis <dug@us.ibm.com> <duglin@users.noreply.github.com>
+Jacob Atzen <jacob@jacobatzen.dk> <jatzen@gmail.com>
+Jeff Nickoloff <jeff.nickoloff@gmail.com> <jeff@allingeek.com>
+John Howard (VM) <John.Howard@microsoft.com>
+John Howard (VM) <John.Howard@microsoft.com> <john.howard@microsoft.com>
+John Howard (VM) <John.Howard@microsoft.com> <jhoward@microsoft.com>
+Madhu Venugopal <madhu@socketplane.io> <madhu@docker.com>
+Mary Anthony <mary.anthony@docker.com> <mary@docker.com>
+Mary Anthony <mary.anthony@docker.com> moxiegirl <mary@docker.com>
+Mary Anthony <mary.anthony@docker.com> <moxieandmore@gmail.com>
+mattyw <mattyw@me.com> <gh@mattyw.net>
+resouer <resouer@163.com> <resouer@gmail.com>
+AJ Bowen <aj@gandi.net> soulshake <amy@gandi.net> 
+AJ Bowen <aj@gandi.net> soulshake <aj@gandi.net>
+Tibor Vass <teabee89@gmail.com> <tibor@docker.com>
+Tibor Vass <teabee89@gmail.com> <tiborvass@users.noreply.github.com>
+Vincent Bernat <bernat@luffy.cx> <Vincent.Bernat@exoscale.ch>
+Yestin Sun <sunyi0804@gmail.com> <yestin.sun@polyera.com>
+bin liu <liubin0329@users.noreply.github.com> <liubin0329@gmail.com>
+John Howard (VM) <John.Howard@microsoft.com> jhowardmsft <jhoward@microsoft.com>
+Ankush Agarwal <ankushagarwal11@gmail.com> <ankushagarwal@users.noreply.github.com>
+Tangi COLIN <tangicolin@gmail.com> tangicolin <tangicolin@gmail.com>
+Allen Sun <allen.sun@daocloud.io>
+Adrien Gallouët <adrien@gallouet.fr> <angt@users.noreply.github.com>
+<aanm90@gmail.com> <martins@noironetworks.com>
+Anuj Bahuguna <anujbahuguna.dev@gmail.com>
+Anusha Ragunathan <anusha.ragunathan@docker.com> <anusha@docker.com>
+Avi Miller <avi.miller@oracle.com> <avi.miller@gmail.com>
+Brent Salisbury <brent.salisbury@docker.com> <brent@docker.com>
+Chander G <chandergovind@gmail.com>
+Chun Chen <ramichen@tencent.com> <chenchun.feed@gmail.com>
+Ying Li <cyli@twistedmatrix.com>
+Daehyeok Mun <daehyeok@gmail.com> <daehyeok@daehyeok-ui-MacBook-Air.local>
+<dqminh@cloudflare.com> <dqminh89@gmail.com>
+Daniel, Dao Quang Minh <dqminh@cloudflare.com>
+Daniel Nephin <dnephin@docker.com> <dnephin@gmail.com>
+Dave Tucker <dt@docker.com> <dave@dtucker.co.uk>
+Doug Tangren <d.tangren@gmail.com>
+Frederick F. Kautz IV <fkautz@redhat.com> <fkautz@alumni.cmu.edu>
+Ben Golub <ben.golub@dotcloud.com>
+Harold Cooper <hrldcpr@gmail.com>
+hsinko <21551195@zju.edu.cn> <hsinko@users.noreply.github.com>
+Josh Hawn <josh.hawn@docker.com> <jlhawn@berkeley.edu>
+Justin Cormack <justin.cormack@docker.com>
+<justin.cormack@docker.com> <justin.cormack@unikernel.com>
+<justin.cormack@docker.com> <justin@specialbusservice.com>
+Kamil Domański <kamil@domanski.co>
+Lei Jitang <leijitang@huawei.com>
+<leijitang@huawei.com> <leijitang@gmail.com>
+Linus Heckemann <lheckemann@twig-world.com>
+<lheckemann@twig-world.com> <anonymouse2048@gmail.com>
+Lynda O'Leary <lyndaoleary29@gmail.com>
+<lyndaoleary29@gmail.com> <lyndaoleary@hotmail.com>
+Marianna Tessel <mtesselh@gmail.com>
+Michael Huettermann <michael@huettermann.net>
+Moysés Borges <moysesb@gmail.com>
+<moysesb@gmail.com> <moyses.furtado@wplex.com.br>
+Nigel Poulton <nigelpoulton@hotmail.com>
+Qiang Huang <h.huangqiang@huawei.com>
+<h.huangqiang@huawei.com> <qhuang@10.0.2.15>
+Boaz Shuster <ripcurld.github@gmail.com>
+Shuwei Hao <haosw@cn.ibm.com>
+<haosw@cn.ibm.com> <haoshuwei24@gmail.com>
+Soshi Katsuta <soshi.katsuta@gmail.com>
+<soshi.katsuta@gmail.com> <katsuta_soshi@cyberagent.co.jp>
+Stefan Berger <stefanb@linux.vnet.ibm.com>
+<stefanb@linux.vnet.ibm.com> <stefanb@us.ibm.com>
+Stephen Day <stephen.day@docker.com>
+<stephen.day@docker.com> <stevvooe@users.noreply.github.com>
+Toli Kuznets <toli@docker.com>
+Tristan Carel <tristan@cogniteev.com>
+<tristan@cogniteev.com> <tristan.carel@gmail.com>
+Vincent Demeester <vincent@sbr.pm>
+<vincent@sbr.pm> <vincent+github@demeester.fr>
+Vishnu Kannan <vishnuk@google.com>
+xlgao-zju <xlgao@zju.edu.cn> xlgao <xlgao@zju.edu.cn>
+yuchangchun <yuchangchun1@huawei.com> y00277921 <yuchangchun1@huawei.com> 
+<zij@case.edu> <zjaffee@us.ibm.com>
+
diff --git a/AUTHORS b/AUTHORS
new file mode 100644
index 00000000..bfb128ca
--- /dev/null
+++ b/AUTHORS
@@ -0,0 +1,1460 @@
+# This file lists all individuals having contributed content to the repository.
+# For how it is generated, see `hack/generate-authors.sh`.
+
+Aanand Prasad <aanand.prasad@gmail.com>
+Aaron Davidson <aaron@databricks.com>
+Aaron Feng <aaron.feng@gmail.com>
+Aaron Huslage <huslage@gmail.com>
+Aaron Lehmann <aaron.lehmann@docker.com>
+Aaron Welch <welch@packet.net>
+Abel Muiño <amuino@gmail.com>
+Abhijeet Kasurde <akasurde@redhat.com>
+Abhinav Ajgaonkar <abhinav316@gmail.com>
+Abhishek Chanda <abhishek.becs@gmail.com>
+Abin Shahab <ashahab@altiscale.com>
+Adam Miller <admiller@redhat.com>
+Adam Singer <financeCoding@gmail.com>
+Aditi Rajagopal <arajagopal@us.ibm.com>
+Aditya <aditya@netroy.in>
+Adria Casas <adriacasas88@gmail.com>
+Adrian Mouat <adrian.mouat@gmail.com>
+Adrian Oprea <adrian@codesi.nz>
+Adrien Folie <folie.adrien@gmail.com>
+Adrien Gallouët <adrien@gallouet.fr>
+Ahmed Kamal <email.ahmedkamal@googlemail.com>
+Ahmet Alp Balkan <ahmetb@microsoft.com>
+Aidan Feldman <aidan.feldman@gmail.com>
+Aidan Hobson Sayers <aidanhs@cantab.net>
+AJ Bowen <aj@gandi.net>
+Ajey Charantimath <ajey.charantimath@gmail.com>
+ajneu <ajneu@users.noreply.github.com>
+Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
+Al Tobey <al@ooyala.com>
+alambike <alambike@gmail.com>
+Alan Thompson <cloojure@gmail.com>
+Albert Callarisa <shark234@gmail.com>
+Albert Zhang <zhgwenming@gmail.com>
+Aleksa Sarai <asarai@suse.de>
+Aleksandrs Fadins <aleks@s-ko.net>
+Alena Prokharchyk <alena@rancher.com>
+Alessandro Boch <aboch@docker.com>
+Alessio Biancalana <dottorblaster@gmail.com>
+Alex Chan <alex@alexwlchan.net>
+Alex Crawford <alex.crawford@coreos.com>
+Alex Gaynor <alex.gaynor@gmail.com>
+Alex Samorukov <samm@os2.kiev.ua>
+Alex Warhawk <ax.warhawk@gmail.com>
+Alexander Artemenko <svetlyak.40wt@gmail.com>
+Alexander Boyd <alex@opengroove.org>
+Alexander Larsson <alexl@redhat.com>
+Alexander Morozov <lk4d4@docker.com>
+Alexander Shopov <ash@kambanaria.org>
+Alexandre Beslic <abronan@docker.com>
+Alexandre González <agonzalezro@gmail.com>
+Alexandru Sfirlogea <alexandru.sfirlogea@gmail.com>
+Alexey Guskov <lexag@mail.ru>
+Alexey Kotlyarov <alexey@infoxchange.net.au>
+Alexey Shamrin <shamrin@gmail.com>
+Alexis THOMAS <fr.alexisthomas@gmail.com>
+Allen Madsen <blatyo@gmail.com>
+Allen Sun <allen.sun@daocloud.io>
+almoehi <almoehi@users.noreply.github.com>
+Alvin Richards <alvin.richards@docker.com>
+amangoel <amangoel@gmail.com>
+Amen Belayneh <amenbelayneh@gmail.com>
+Amit Bakshi <ambakshi@gmail.com>
+Amit Krishnan <amit.krishnan@oracle.com>
+Amy Lindburg <amy.lindburg@docker.com>
+Anand Patil <anand.prabhakar.patil@gmail.com>
+AnandkumarPatel <anandkumarpatel@gmail.com>
+Anatoly Borodin <anatoly.borodin@gmail.com>
+Anchal Agrawal <aagrawa4@illinois.edu>
+Anders Janmyr <anders@janmyr.com>
+Andre Dublin <81dublin@gmail.com>
+Andre Granovsky <robotciti@live.com>
+Andrea Luzzardi <aluzzardi@gmail.com>
+Andrea Turli <andrea.turli@gmail.com>
+Andreas Köhler <andi5.py@gmx.net>
+Andreas Savvides <andreas@editd.com>
+Andreas Tiefenthaler <at@an-ti.eu>
+Andrew C. Bodine <acbodine@us.ibm.com>
+Andrew Clay Shafer <andrewcshafer@gmail.com>
+Andrew Duckworth <grillopress@gmail.com>
+Andrew France <andrew@avito.co.uk>
+Andrew Gerrand <adg@golang.org>
+Andrew Guenther <guenther.andrew.j@gmail.com>
+Andrew Kuklewicz <kookster@gmail.com>
+Andrew Macgregor <andrew.macgregor@agworld.com.au>
+Andrew Macpherson <hopscotch23@gmail.com>
+Andrew Martin <sublimino@gmail.com>
+Andrew Munsell <andrew@wizardapps.net>
+Andrew Weiss <andrew.weiss@outlook.com>
+Andrew Williams <williams.andrew@gmail.com>
+Andrews Medina <andrewsmedina@gmail.com>
+Andrey Petrov <andrey.petrov@shazow.net>
+Andrey Stolbovsky <andrey.stolbovsky@gmail.com>
+André Martins <aanm90@gmail.com>
+andy <ztao@tibco-support.com>
+Andy Chambers <anchambers@paypal.com>
+andy diller <dillera@gmail.com>
+Andy Goldstein <agoldste@redhat.com>
+Andy Kipp <andy@rstudio.com>
+Andy Rothfusz <github@developersupport.net>
+Andy Smith <github@anarkystic.com>
+Andy Wilson <wilson.andrew.j+github@gmail.com>
+Anes Hasicic <anes.hasicic@gmail.com>
+Anil Belur <askb23@gmail.com>
+Ankush Agarwal <ankushagarwal11@gmail.com>
+Anonmily <michelle@michelleliu.io>
+Anthon van der Neut <anthon@mnt.org>
+Anthony Baire <Anthony.Baire@irisa.fr>
+Anthony Bishopric <git@anthonybishopric.com>
+Anthony Dahanne <anthony.dahanne@gmail.com>
+Anton Löfgren <anton.lofgren@gmail.com>
+Anton Nikitin <anton.k.nikitin@gmail.com>
+Anton Polonskiy <anton.polonskiy@gmail.com>
+Anton Tiurin <noxiouz@yandex.ru>
+Antonio Murdaca <antonio.murdaca@gmail.com>
+Antony Messerli <amesserl@rackspace.com>
+Anuj Bahuguna <anujbahuguna.dev@gmail.com>
+Anusha Ragunathan <anusha.ragunathan@docker.com>
+apocas <petermdias@gmail.com>
+ArikaChen <eaglesora@gmail.com>
+Arnaud Porterie <arnaud.porterie@docker.com>
+Arthur Barr <arthur.barr@uk.ibm.com>
+Arthur Gautier <baloo@gandi.net>
+Artur Meyster <arthurfbi@yahoo.com>
+Arun Gupta <arun.gupta@gmail.com>
+Asbjørn Enge <asbjorn@hanafjedle.net>
+averagehuman <averagehuman@users.noreply.github.com>
+Avi Das <andas222@gmail.com>
+Avi Miller <avi.miller@oracle.com>
+ayoshitake <airandfingers@gmail.com>
+Azat Khuyiyakhmetov <shadow_uz@mail.ru>
+Bardia Keyoumarsi <bkeyouma@ucsc.edu>
+Barnaby Gray <barnaby@pickle.me.uk>
+Barry Allard <barry.allard@gmail.com>
+Bartłomiej Piotrowski <b@bpiotrowski.pl>
+Bastiaan Bakker <bbakker@xebia.com>
+bdevloed <boris.de.vloed@gmail.com>
+Ben Firshman <ben@firshman.co.uk>
+Ben Golub <ben.golub@dotcloud.com>
+Ben Hall <ben@benhall.me.uk>
+Ben Sargent <ben@brokendigits.com>
+Ben Severson <BenSeverson@users.noreply.github.com>
+Ben Toews <mastahyeti@gmail.com>
+Ben Wiklund <ben@daisyowl.com>
+Benjamin Atkin <ben@benatkin.com>
+Benoit Chesneau <bchesneau@gmail.com>
+Bernerd Schaefer <bj.schaefer@gmail.com>
+Bert Goethals <bert@bertg.be>
+Bharath Thiruveedula <bharath_ves@hotmail.com>
+Bhiraj Butala <abhiraj.butala@gmail.com>
+Bill W <SydOps@users.noreply.github.com>
+bin liu <liubin0329@users.noreply.github.com>
+Blake Geno <blakegeno@gmail.com>
+Boaz Shuster <ripcurld.github@gmail.com>
+bobby abbott <ttobbaybbob@gmail.com>
+boucher <rboucher@gmail.com>
+Bouke Haarsma <bouke@webatoom.nl>
+Boyd Hemphill <boyd@feedmagnet.com>
+Bradley Cicenas <bradley.cicenas@gmail.com>
+Bradley Wright <brad@intranation.com>
+Brandon Liu <bdon@bdon.org>
+Brandon Philips <brandon@ifup.org>
+Brandon Rhodes <brandon@rhodesmill.org>
+Brendan Dixon <brendand@microsoft.com>
+Brent Salisbury <brent.salisbury@docker.com>
+Brett Kochendorfer <brett.kochendorfer@gmail.com>
+Brian (bex) Exelbierd <bexelbie@redhat.com>
+Brian Bland <brian.bland@docker.com>
+Brian DeHamer <brian@dehamer.com>
+Brian Dorsey <brian@dorseys.org>
+Brian Flad <bflad417@gmail.com>
+Brian Goff <cpuguy83@gmail.com>
+Brian McCallister <brianm@skife.org>
+Brian Olsen <brian@maven-group.org>
+Brian Shumate <brian@couchbase.com>
+Brian Torres-Gil <brian@dralth.com>
+Brice Jaglin <bjaglin@teads.tv>
+Briehan Lombaard <briehan.lombaard@gmail.com>
+Bruno Bigras <bigras.bruno@gmail.com>
+Bruno Binet <bruno.binet@gmail.com>
+Bruno Gazzera <bgazzera@paginar.com>
+Bruno Renié <brutasse@gmail.com>
+Bryan Bess <squarejaw@bsbess.com>
+Bryan Boreham <bjboreham@gmail.com>
+Bryan Matsuo <bryan.matsuo@gmail.com>
+Bryan Murphy <bmurphy1976@gmail.com>
+buddhamagnet <buddhamagnet@gmail.com>
+Burke Libbey <burke@libbey.me>
+Byung Kang <byung.kang.ctr@amrdec.army.mil>
+Caleb Spare <cespare@gmail.com>
+Calen Pennington <cale@edx.org>
+Cameron Boehmer <cameron.boehmer@gmail.com>
+Cameron Spear <cameronspear@gmail.com>
+Campbell Allen <campbell.allen@gmail.com>
+Candid Dauth <cdauth@cdauth.eu>
+Carl Henrik Lunde <chlunde@ping.uio.no>
+Carl X. Su <bcbcarl@gmail.com>
+Carlos Sanchez <carlos@apache.org>
+Carol Fager-Higgins <carol.fager-higgins@docker.com>
+Cary <caryhartline@users.noreply.github.com>
+Casey Bisson <casey.bisson@joyent.com>
+Cedric Davies <cedricda@microsoft.com>
+Cezar Sa Espinola <cezarsa@gmail.com>
+Chad Swenson <chadswen@gmail.com>
+Chance Zibolski <chance.zibolski@gmail.com>
+Chander G <chandergovind@gmail.com>
+Charles Chan <charleswhchan@users.noreply.github.com>
+Charles Hooper <charles.hooper@dotcloud.com>
+Charles Lindsay <chaz@chazomatic.us>
+Charles Merriam <charles.merriam@gmail.com>
+Charles Sarrazin <charles@sarraz.in>
+Charlie Lewis <charliel@lab41.org>
+Chase Bolt <chase.bolt@gmail.com>
+ChaYoung You <yousbe@gmail.com>
+Chen Chao <cc272309126@gmail.com>
+Chen Hanxiao <chenhanxiao@cn.fujitsu.com>
+cheney90 <cheney-90@hotmail.com>
+Chewey <prosto-chewey@users.noreply.github.com>
+Chia-liang Kao <clkao@clkao.org>
+chli <chli@freewheel.tv>
+Cholerae Hu <choleraehyq@gmail.com>
+Chris Alfonso <calfonso@redhat.com>
+Chris Armstrong <chris@opdemand.com>
+Chris Dituri <csdituri@gmail.com>
+Chris Fordham <chris@fordham-nagy.id.au>
+Chris Khoo <chris.khoo@gmail.com>
+Chris McKinnel <chrismckinnel@gmail.com>
+Chris Seto <chriskseto@gmail.com>
+Chris Snow <chsnow123@gmail.com>
+Chris St. Pierre <chris.a.st.pierre@gmail.com>
+Chris Stivers <chris@stivers.us>
+Chris Swan <chris.swan@iee.org>
+Chris Wahl <github@wahlnetwork.com>
+Chris Weyl <cweyl@alumni.drew.edu>
+chrismckinnel <chris.mckinnel@tangentlabs.co.uk>
+Christian Berendt <berendt@b1-systems.de>
+Christian Böhme <developement@boehme3d.de>
+Christian Rotzoll <ch.rotzoll@gmail.com>
+Christian Simon <simon@swine.de>
+Christian Stefanescu <st.chris@gmail.com>
+ChristoperBiscardi <biscarch@sketcht.com>
+Christophe Mehay <cmehay@online.net>
+Christophe Troestler <christophe.Troestler@umons.ac.be>
+Christopher Currie <codemonkey+github@gmail.com>
+Christopher Jones <tophj@linux.vnet.ibm.com>
+Christopher Latham <sudosurootdev@gmail.com>
+Christopher Rigor <crigor@gmail.com>
+Christy Perez <christy@linux.vnet.ibm.com>
+Chun Chen <ramichen@tencent.com>
+Ciro S. Costa <ciro.costa@usp.br>
+Clayton Coleman <ccoleman@redhat.com>
+Clinton Kitson <clintonskitson@gmail.com>
+Coenraad Loubser <coenraad@wish.org.za>
+Colin Dunklau <colin.dunklau@gmail.com>
+Colin Rice <colin@daedrum.net>
+Colin Walters <walters@verbum.org>
+Collin Guarino <collin.guarino@gmail.com>
+Colm Hally <colmhally@gmail.com>
+companycy <companycy@gmail.com>
+Cory Forsyth <cory.forsyth@gmail.com>
+cressie176 <github@stephen-cresswell.net>
+Cristian Staretu <cristian.staretu@gmail.com>
+cristiano balducci <cristiano.balducci@gmail.com>
+Cruceru Calin-Cristian <crucerucalincristian@gmail.com>
+Cyril F <cyrilf7x@gmail.com>
+Daan van Berkel <daan.v.berkel.1980@gmail.com>
+Daehyeok Mun <daehyeok@gmail.com>
+Dafydd Crosby <dtcrsby@gmail.com>
+dalanlan <dalanlan925@gmail.com>
+Damien Nozay <damien.nozay@gmail.com>
+Damjan Georgievski <gdamjan@gmail.com>
+Dan Anolik <dan@anolik.net>
+Dan Buch <d.buch@modcloth.com>
+Dan Cotora <dan@bluevision.ro>
+Dan Griffin <dgriffin@peer1.com>
+Dan Hirsch <thequux@upstandinghackers.com>
+Dan Keder <dan.keder@gmail.com>
+Dan Levy <dan@danlevy.net>
+Dan McPherson <dmcphers@redhat.com>
+Dan Stine <sw@stinemail.com>
+Dan Walsh <dwalsh@redhat.com>
+Dan Williams <me@deedubs.com>
+Daniel Antlinger <d.antlinger@gmx.at>
+Daniel Exner <dex@dragonslave.de>
+Daniel Farrell <dfarrell@redhat.com>
+Daniel Garcia <daniel@danielgarcia.info>
+Daniel Gasienica <daniel@gasienica.ch>
+Daniel Hiltgen <daniel.hiltgen@docker.com>
+Daniel Menet <membership@sontags.ch>
+Daniel Mizyrycki <daniel.mizyrycki@dotcloud.com>
+Daniel Nephin <dnephin@docker.com>
+Daniel Norberg <dano@spotify.com>
+Daniel Nordberg <dnordberg@gmail.com>
+Daniel Robinson <gottagetmac@gmail.com>
+Daniel S <dan.streby@gmail.com>
+Daniel Von Fange <daniel@leancoder.com>
+Daniel YC Lin <dlin.tw@gmail.com>
+Daniel Zhang <jmzwcn@gmail.com>
+Daniel, Dao Quang Minh <dqminh@cloudflare.com>
+Danny Berger <dpb587@gmail.com>
+Danny Yates <danny@codeaholics.org>
+Darren Coxall <darren@darrencoxall.com>
+Darren Shepherd <darren.s.shepherd@gmail.com>
+Darren Stahl <darst@microsoft.com>
+Dave Barboza <dbarboza@datto.com>
+Dave Henderson <Dave.Henderson@ca.ibm.com>
+Dave Tucker <dt@docker.com>
+David Anderson <dave@natulte.net>
+David Calavera <david.calavera@gmail.com>
+David Corking <dmc-source@dcorking.com>
+David Cramer <davcrame@cisco.com>
+David Currie <david_currie@uk.ibm.com>
+David Davis <daviddavis@redhat.com>
+David Gageot <david@gageot.net>
+David Gebler <davidgebler@gmail.com>
+David Lawrence <david.lawrence@docker.com>
+David Mackey <tdmackey@booleanhaiku.com>
+David Mat <david@davidmat.com>
+David Mcanulty <github@hellspark.com>
+David Pelaez <pelaez89@gmail.com>
+David R. Jenni <david.r.jenni@gmail.com>
+David Röthlisberger <david@rothlis.net>
+David Sheets <sheets@alum.mit.edu>
+David Sissitka <me@dsissitka.com>
+David Xia <dxia@spotify.com>
+David Young <yangboh@cn.ibm.com>
+Davide Ceretti <davide.ceretti@hogarthww.com>
+Dawn Chen <dawnchen@google.com>
+dcylabs <dcylabs@gmail.com>
+decadent <decadent@users.noreply.github.com>
+Deng Guangxing <dengguangxing@huawei.com>
+Deni Bertovic <deni@kset.org>
+Denis Gladkikh <denis@gladkikh.email>
+Denis Ollier <larchunix@users.noreply.github.com>
+Dennis Docter <dennis@d23.nl>
+Derek <crq@kernel.org>
+Derek <crquan@gmail.com>
+Derek Ch <denc716@gmail.com>
+Derek McGowan <derek@mcgstyle.net>
+Deric Crago <deric.crago@gmail.com>
+Deshi Xiao <dxiao@redhat.com>
+devmeyster <arthurfbi@yahoo.com>
+Devvyn Murphy <devvyn@devvyn.com>
+Dharmit Shah <shahdharmit@gmail.com>
+Dieter Reuter <dieter.reuter@me.com>
+Dima Stopel <dima@twistlock.com>
+Dimitri John Ledkov <dimitri.j.ledkov@intel.com>
+Dinesh Subhraveti <dineshs@altiscale.com>
+Diogo Monica <diogo@docker.com>
+DiuDiugirl <sophia.wang@pku.edu.cn>
+Djibril Koné <kone.djibril@gmail.com>
+dkumor <daniel@dkumor.com>
+Dmitry Demeshchuk <demeshchuk@gmail.com>
+Dmitry Gusev <dmitry.gusev@gmail.com>
+Dmitry V. Krivenok <krivenok.dmitry@gmail.com>
+Dmitry Vorobev <dimahabr@gmail.com>
+Dolph Mathews <dolph.mathews@gmail.com>
+Dominik Finkbeiner <finkes93@gmail.com>
+Dominik Honnef <dominik@honnef.co>
+Don Kirkby <donkirkby@users.noreply.github.com>
+Don Kjer <don.kjer@gmail.com>
+Don Spaulding <donspauldingii@gmail.com>
+Donald Huang <don.hcd@gmail.com>
+Dong Chen <dongluo.chen@docker.com>
+Donovan Jones <git@gamma.net.nz>
+Doug Davis <dug@us.ibm.com>
+Doug MacEachern <dougm@vmware.com>
+Doug Tangren <d.tangren@gmail.com>
+Dr Nic Williams <drnicwilliams@gmail.com>
+dragon788 <dragon788@users.noreply.github.com>
+Dražen Lučanin <kermit666@gmail.com>
+Dustin Sallings <dustin@spy.net>
+Ed Costello <epc@epcostello.com>
+Edmund Wagner <edmund-wagner@web.de>
+Eiichi Tsukata <devel@etsukata.com>
+Eike Herzbach <eike@herzbach.net>
+Eivind Uggedal <eivind@uggedal.com>
+Elan Ruusamäe <glen@delfi.ee>
+Elias Probst <mail@eliasprobst.eu>
+Elijah Zupancic <elijah@zupancic.name>
+eluck <mail@eluck.me>
+Elvir Kuric <elvirkuric@gmail.com>
+Emil Hernvall <emil@quench.at>
+Emily Maier <emily@emilymaier.net>
+Emily Rose <emily@contactvibe.com>
+Emir Ozer <emirozer@yandex.com>
+Enguerran <engcolson@gmail.com>
+Eohyung Lee <liquidnuker@gmail.com>
+Eric Hanchrow <ehanchrow@ine.com>
+Eric Lee <thenorthsecedes@gmail.com>
+Eric Myhre <hash@exultant.us>
+Eric Paris <eparis@redhat.com>
+Eric Rafaloff <erafaloff@gmail.com>
+Eric Rosenberg <ehaydenr@users.noreply.github.com>
+Eric Sage <eric.david.sage@gmail.com>
+Eric Windisch <eric@windisch.us>
+Eric-Olivier Lamey <eo@lamey.me>
+Erik Bray <erik.m.bray@gmail.com>
+Erik Dubbelboer <erik@dubbelboer.com>
+Erik Hollensbe <github@hollensbe.org>
+Erik Inge Bolsø <knan@redpill-linpro.com>
+Erik Kristensen <erik@erikkristensen.com>
+Erik Weathers <erikdw@gmail.com>
+Erno Hopearuoho <erno.hopearuoho@gmail.com>
+Erwin van der Koogh <info@erronis.nl>
+Euan <euank@amazon.com>
+Eugene Yakubovich <eugene.yakubovich@coreos.com>
+eugenkrizo <eugen.krizo@gmail.com>
+evalle <shmarnev@gmail.com>
+Evan Allrich <evan@unguku.com>
+Evan Carmi <carmi@users.noreply.github.com>
+Evan Hazlett <ejhazlett@gmail.com>
+Evan Krall <krall@yelp.com>
+Evan Phoenix <evan@fallingsnow.net>
+Evan Wies <evan@neomantra.net>
+Evgeny Vereshchagin <evvers@ya.ru>
+Ewa Czechowska <ewa@ai-traders.com>
+Eystein Måløy Stenberg <eystein.maloy.stenberg@cfengine.com>
+ezbercih <cem.ezberci@gmail.com>
+Fabiano Rosas <farosas@br.ibm.com>
+Fabio Falci <fabiofalci@gmail.com>
+Fabio Rehm <fgrehm@gmail.com>
+Fabrizio Regini <freegenie@gmail.com>
+Faiz Khan <faizkhan00@gmail.com>
+falmp <chico.lopes@gmail.com>
+Fangyuan Gao <21551127@zju.edu.cn>
+Fareed Dudhia <fareeddudhia@googlemail.com>
+Fathi Boudra <fathi.boudra@linaro.org>
+Federico Gimenez <fgimenez@coit.es>
+Felix Geisendörfer <felix@debuggable.com>
+Felix Hupfeld <quofelix@users.noreply.github.com>
+Felix Rabe <felix@rabe.io>
+Felix Schindler <fschindler@weluse.de>
+Ferenc Szabo <pragmaticfrank@gmail.com>
+Fernando <fermayo@gmail.com>
+Fero Volar <alian@alian.info>
+Filipe Brandenburger <filbranden@google.com>
+Filipe Oliveira <contato@fmoliveira.com.br>
+fl0yd <fl0yd@me.com>
+Flavio Castelli <fcastelli@suse.com>
+FLGMwt <ryan.stelly@live.com>
+Florian Klein <florian.klein@free.fr>
+Florian Maier <marsmensch@users.noreply.github.com>
+Florian Weingarten <flo@hackvalue.de>
+Florin Asavoaie <florin.asavoaie@gmail.com>
+Francesc Campoy <campoy@google.com>
+Francisco Carriedo <fcarriedo@gmail.com>
+Francisco Souza <f@souza.cc>
+Frank Groeneveld <frank@ivaldi.nl>
+Frank Herrmann <fgh@4gh.tv>
+Frank Macreery <frank@macreery.com>
+Frank Rosquin <frank.rosquin+github@gmail.com>
+Fred Lifton <fred.lifton@docker.com>
+Frederick F. Kautz IV <fkautz@redhat.com>
+Frederik Loeffert <frederik@zitrusmedia.de>
+Frederik Nordahl Jul Sabroe <frederikns@gmail.com>
+Freek Kalter <freek@kalteronline.org>
+Félix Baylac-Jacqué <baylac.felix@gmail.com>
+Félix Cantournet <felix.cantournet@cloudwatt.com>
+Gabe Rosenhouse <gabe@missionst.com>
+Gabor Nagy <mail@aigeruth.hu>
+Gabriel Monroy <gabriel@opdemand.com>
+GabrielNicolasAvellaneda <avellaneda.gabriel@gmail.com>
+Galen Sampson <galen.sampson@gmail.com>
+Gareth Rushgrove <gareth@morethanseven.net>
+Garrett Barboza <garrett@garrettbarboza.com>
+Gaurav <gaurav.gosec@gmail.com>
+gautam, prasanna <prasannagautam@gmail.com>
+GennadySpb <lipenkov@gmail.com>
+Geoffrey Bachelet <grosfrais@gmail.com>
+George MacRorie <gmacr31@gmail.com>
+George Xie <georgexsh@gmail.com>
+Georgi Hristozov <georgi@forkbomb.nl>
+Gereon Frey <gereon.frey@dynport.de>
+German DZ <germ@ndz.com.ar>
+Gert van Valkenhoef <g.h.m.van.valkenhoef@rug.nl>
+Gianluca Borello <g.borello@gmail.com>
+Gildas Cuisinier <gildas.cuisinier@gcuisinier.net>
+gissehel <public-devgit-dantus@gissehel.org>
+Giuseppe Mazzotta <gdm85@users.noreply.github.com>
+Gleb Fotengauer-Malinovskiy <glebfm@altlinux.org>
+Gleb M Borisov <borisov.gleb@gmail.com>
+Glyn Normington <gnormington@gopivotal.com>
+GoBella <caili_welcome@163.com>
+Goffert van Gool <goffert@phusion.nl>
+Gosuke Miyashita <gosukenator@gmail.com>
+Gou Rao <gourao@users.noreply.github.com>
+Govinda Fichtner <govinda.fichtner@googlemail.com>
+Grant Reaber <grant.reaber@gmail.com>
+Graydon Hoare <graydon@pobox.com>
+Greg Fausak <greg@tacodata.com>
+Greg Thornton <xdissent@me.com>
+grossws <grossws@gmail.com>
+grunny <mwgrunny@gmail.com>
+gs11 <gustav.sinder@gmail.com>
+Guilhem Lettron <guilhem+github@lettron.fr>
+Guilherme Salgado <gsalgado@gmail.com>
+Guillaume Dufour <gdufour.prestataire@voyages-sncf.com>
+Guillaume J. Charmes <guillaume.charmes@docker.com>
+guoxiuyan <guoxiuyan@huawei.com>
+Gurjeet Singh <gurjeet@singh.im>
+Guruprasad <lgp171188@gmail.com>
+gwx296173 <gaojing3@huawei.com>
+Günter Zöchbauer <guenter@gzoechbauer.com>
+Hans Kristian Flaatten <hans@starefossen.com>
+Hans Rødtang <hansrodtang@gmail.com>
+Hao Zhang <21521210@zju.edu.cn>
+Harald Albers <github@albersweb.de>
+Harley Laue <losinggeneration@gmail.com>
+Harold Cooper <hrldcpr@gmail.com>
+Harry Zhang <harryzhang@zju.edu.cn>
+He Simei <hesimei@zju.edu.cn>
+heartlock <21521209@zju.edu.cn>
+Hector Castro <hectcastro@gmail.com>
+Henning Sprang <henning.sprang@gmail.com>
+Hobofan <goisser94@gmail.com>
+Hollie Teal <hollie@docker.com>
+Hong Xu <hong@topbug.net>
+hsinko <21551195@zju.edu.cn>
+Hu Keping <hukeping@huawei.com>
+Hu Tao <hutao@cn.fujitsu.com>
+Huanzhong Zhang <zhanghuanzhong90@gmail.com>
+Huayi Zhang <irachex@gmail.com>
+Hugo Duncan <hugo@hugoduncan.org>
+Hugo Marisco <0x6875676f@gmail.com>
+Hunter Blanks <hunter@twilio.com>
+huqun <huqun@zju.edu.cn>
+Huu Nguyen <huu@prismskylabs.com>
+hyeongkyu.lee <hyeongkyu.lee@navercorp.com>
+hyp3rdino <markus.kortlang@lhsystems.com>
+Ian Babrou <ibobrik@gmail.com>
+Ian Bishop <ianbishop@pace7.com>
+Ian Bull <irbull@gmail.com>
+Ian Calvert <ianjcalvert@gmail.com>
+Ian Lee <IanLee1521@gmail.com>
+Ian Main <imain@redhat.com>
+Ian Truslove <ian.truslove@gmail.com>
+Iavael <iavaelooeyt@gmail.com>
+Icaro Seara <icaro.seara@gmail.com>
+Igor Dolzhikov <bluesriverz@gmail.com>
+Ilkka Laukkanen <ilkka@ilkka.io>
+Ilya Dmitrichenko <errordeveloper@gmail.com>
+Ilya Gusev <mail@igusev.ru>
+ILYA Khlopotov <ilya.khlopotov@gmail.com>
+imre Fitos <imre.fitos+github@gmail.com>
+inglesp <peter.inglesby@gmail.com>
+Ingo Gottwald <in.gottwald@gmail.com>
+Isaac Dupree <antispam@idupree.com>
+Isabel Jimenez <contact.isabeljimenez@gmail.com>
+Isao Jonas <isao.jonas@gmail.com>
+Ivan Babrou <ibobrik@gmail.com>
+Ivan Fraixedes <ifcdev@gmail.com>
+J Bruni <joaohbruni@yahoo.com.br>
+J. Nunn <jbnunn@gmail.com>
+Jack Danger Canty <jackdanger@squareup.com>
+Jacob Atzen <jacob@jacobatzen.dk>
+Jacob Edelman <edelman.jd@gmail.com>
+Jake Champlin <jake.champlin.27@gmail.com>
+Jake Moshenko <jake@devtable.com>
+jakedt <jake@devtable.com>
+James Allen <jamesallen0108@gmail.com>
+James Carey <jecarey@us.ibm.com>
+James Carr <james.r.carr@gmail.com>
+James DeFelice <james.defelice@ishisystems.com>
+James Harrison Fisher <jameshfisher@gmail.com>
+James Kyburz <james.kyburz@gmail.com>
+James Kyle <james@jameskyle.org>
+James Lal <james@lightsofapollo.com>
+James Mills <prologic@shortcircuit.net.au>
+James Nugent <james@jen20.com>
+James Turnbull <james@lovedthanlost.net>
+Jamie Hannaford <jamie.hannaford@rackspace.com>
+Jamshid Afshar <jafshar@yahoo.com>
+Jan Keromnes <janx@linux.com>
+Jan Koprowski <jan.koprowski@gmail.com>
+Jan Pazdziora <jpazdziora@redhat.com>
+Jan Toebes <jan@toebes.info>
+Jan-Gerd Tenberge <janten@gmail.com>
+Jan-Jaap Driessen <janjaapdriessen@gmail.com>
+Jana Radhakrishnan <mrjana@docker.com>
+Januar Wayong <januar@gmail.com>
+Jared Biel <jared.biel@bolderthinking.com>
+Jaroslaw Zabiello <hipertracker@gmail.com>
+jaseg <jaseg@jaseg.net>
+Jasmine Hegman <jasmine@jhegman.com>
+Jason Divock <jdivock@gmail.com>
+Jason Giedymin <jasong@apache.org>
+Jason Green <Jason.Green@AverInformatics.Com>
+Jason Hall <imjasonh@gmail.com>
+Jason Heiss <jheiss@aput.net>
+Jason Livesay <ithkuil@gmail.com>
+Jason McVetta <jason.mcvetta@gmail.com>
+Jason Plum <jplum@devonit.com>
+Jason Shepherd <jason@jasonshepherd.net>
+Jason Smith <jasonrichardsmith@gmail.com>
+Jason Sommer <jsdirv@gmail.com>
+Jason Stangroome <jason@codeassassin.com>
+jaxgeller <jacksongeller@gmail.com>
+Jay <imjching@hotmail.com>
+Jay <teguhwpurwanto@gmail.com>
+Jay Kamat <github@jgkamat.33mail.com>
+Jean-Baptiste Barth <jeanbaptiste.barth@gmail.com>
+Jean-Baptiste Dalido <jeanbaptiste@appgratis.com>
+Jean-Paul Calderone <exarkun@twistedmatrix.com>
+Jean-Tiare Le Bigot <jt@yadutaf.fr>
+Jeff Anderson <jeff@docker.com>
+Jeff Johnston <jeff.johnston.mn@gmail.com>
+Jeff Lindsay <progrium@gmail.com>
+Jeff Mickey <j@codemac.net>
+Jeff Minard <jeff@creditkarma.com>
+Jeff Nickoloff <jeff.nickoloff@gmail.com>
+Jeff Welch <whatthejeff@gmail.com>
+Jeffrey Bolle <jeffreybolle@gmail.com>
+Jeffrey Morgan <jmorganca@gmail.com>
+Jeffrey van Gogh <jvg@google.com>
+Jenny Gebske <jennifer@gebske.de>
+Jeremy Grosser <jeremy@synack.me>
+Jeremy Price <jprice.rhit@gmail.com>
+Jeremy Qian <vanpire110@163.com>
+Jeremy Unruh <jeremybunruh@gmail.com>
+Jeroen Jacobs <github@jeroenj.be>
+Jesse Dearing <jesse.dearing@gmail.com>
+Jesse Dubay <jesse@thefortytwo.net>
+Jessica Frazelle <jess@mesosphere.com>
+Jezeniel Zapanta <jpzapanta22@gmail.com>
+jgeiger <jgeiger@gmail.com>
+Jian Zhang <zhangjian.fnst@cn.fujitsu.com>
+jianbosun <wonderflow.sun@gmail.com>
+Jilles Oldenbeuving <ojilles@gmail.com>
+Jim Alateras <jima@comware.com.au>
+Jim Perrin <jperrin@centos.org>
+Jimmy Cuadra <jimmy@jimmycuadra.com>
+Jimmy Puckett <jimmy.puckett@spinen.com>
+jimmyxian <jimmyxian2004@yahoo.com.cn>
+Jinsoo Park <cellpjs@gmail.com>
+Jiri Popelka <jpopelka@redhat.com>
+Jiří Župka <jzupka@redhat.com>
+jjy <jiangjinyang@outlook.com>
+jmzwcn <jmzwcn@gmail.com>
+Joe Beda <joe.github@bedafamily.com>
+Joe Doliner <jdoliner@pachyderm.io>
+Joe Ferguson <joe@infosiftr.com>
+Joe Gordon <joe.gordon0@gmail.com>
+Joe Shaw <joe@joeshaw.org>
+Joe Van Dyk <joe@tanga.com>
+Joel Friedly <joelfriedly@gmail.com>
+Joel Handwell <joelhandwell@gmail.com>
+Joel Hansson <joel.hansson@ecraft.com>
+Joel Wurtz <jwurtz@jolicode.com>
+Joey Geiger <jgeiger@users.noreply.github.com>
+Joey Gibson <joey@joeygibson.com>
+Joffrey F <joffrey@docker.com>
+Johan Euphrosine <proppy@google.com>
+Johan Rydberg <johan.rydberg@gmail.com>
+Johannes 'fish' Ziemke <github@freigeist.org>
+John Costa <john.costa@gmail.com>
+John Feminella <jxf@jxf.me>
+John Gardiner Myers <jgmyers@proofpoint.com>
+John Gossman <johngos@microsoft.com>
+John Howard (VM) <John.Howard@microsoft.com>
+John OBrien III <jobrieniii@yahoo.com>
+John Starks <jostarks@microsoft.com>
+John Tims <john.k.tims@gmail.com>
+John Warwick <jwarwick@gmail.com>
+John Willis <john.willis@docker.com>
+Jon Wedaman <jweede@gmail.com>
+Jonas Pfenniger <jonas@pfenniger.name>
+Jonathan A. Sternberg <jonathansternberg@gmail.com>
+Jonathan Boulle <jonathanboulle@gmail.com>
+Jonathan Camp <jonathan@irondojo.com>
+Jonathan Dowland <jon+github@alcopop.org>
+Jonathan Lebon <jlebon@redhat.com>
+Jonathan McCrohan <jmccrohan@gmail.com>
+Jonathan Mueller <j.mueller@apoveda.ch>
+Jonathan Pares <jonathanpa@users.noreply.github.com>
+Jonathan Rudenberg <jonathan@titanous.com>
+Joost Cassee <joost@cassee.net>
+Jordan <jjn2009@users.noreply.github.com>
+Jordan Arentsen <blissdev@gmail.com>
+Jordan Sissel <jls@semicomplete.com>
+Jose Diaz-Gonzalez <josegonzalez@users.noreply.github.com>
+Joseph Anthony Pasquale Holsten <joseph@josephholsten.com>
+Joseph Hager <ajhager@gmail.com>
+Joseph Kern <jkern@semafour.net>
+Josh <jokajak@gmail.com>
+Josh Hawn <josh.hawn@docker.com>
+Josh Poimboeuf <jpoimboe@redhat.com>
+Josiah Kiehl <jkiehl@riotgames.com>
+José Tomás Albornoz <jojo@eljojo.net>
+JP <jpellerin@leapfrogonline.com>
+jrabbit <jackjrabbit@gmail.com>
+Julian Taylor <jtaylor.debian@googlemail.com>
+Julien Barbier <write0@gmail.com>
+Julien Bisconti <veggiemonk@users.noreply.github.com>
+Julien Bordellier <julienbordellier@gmail.com>
+Julien Dubois <julien.dubois@gmail.com>
+Julien Pervillé <julien.perville@perfect-memory.com>
+Jun-Ru Chang <jrjang@gmail.com>
+Jussi Nummelin <jussi.nummelin@gmail.com>
+Justas Brazauskas <brazauskasjustas@gmail.com>
+Justin Cormack <justin.cormack@docker.com>
+Justin Force <justin.force@gmail.com>
+Justin Plock <jplock@users.noreply.github.com>
+Justin Simonelis <justin.p.simonelis@gmail.com>
+Jyrki Puttonen <jyrkiput@gmail.com>
+Jérôme Petazzoni <jerome.petazzoni@dotcloud.com>
+Jörg Thalheim <joerg@higgsboson.tk>
+Kai Blin <kai@samba.org>
+Kai Qiang Wu(Kennan) <wkqwu@cn.ibm.com>
+Kamil Domański <kamil@domanski.co>
+Kanstantsin Shautsou <kanstantsin.sha@gmail.com>
+Karan Lyons <karan@karanlyons.com>
+Kareem Khazem <karkhaz@karkhaz.com>
+kargakis <kargakis@users.noreply.github.com>
+Karl Grzeszczak <karlgrz@gmail.com>
+Karol Duleba <mr.fuxi@gmail.com>
+Katie McLaughlin <katie@glasnt.com>
+Kato Kazuyoshi <kato.kazuyoshi@gmail.com>
+Katrina Owen <katrina.owen@gmail.com>
+Kawsar Saiyeed <kawsar.saiyeed@projiris.com>
+kayrus <kay.diam@gmail.com>
+Keli Hu <dev@keli.hu>
+Ken Cochrane <kencochrane@gmail.com>
+Ken ICHIKAWA <ichikawa.ken@jp.fujitsu.com>
+Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
+Kenjiro Nakayama <nakayamakenjiro@gmail.com>
+Kent Johnson <kentoj@gmail.com>
+Kevin "qwazerty" Houdebert <kevin.houdebert@gmail.com>
+Kevin Clark <kevin.clark@gmail.com>
+Kevin J. Lynagh <kevin@keminglabs.com>
+Kevin Menard <kevin@nirvdrum.com>
+Kevin P. Kucharczyk <kevinkucharczyk@gmail.com>
+Kevin Shi <kshi@andrew.cmu.edu>
+Kevin Wallace <kevin@pentabarf.net>
+Kevin Yap <me@kevinyap.ca>
+Keyvan Fatehi <keyvanfatehi@gmail.com>
+kies <lleelm@gmail.com>
+Kim BKC Carlbacker <kim.carlbacker@gmail.com>
+Kim Eik <kim@heldig.org>
+Kimbro Staken <kstaken@kstaken.com>
+Kir Kolyshkin <kir@openvz.org>
+Kiran Gangadharan <kiran.daredevil@gmail.com>
+Kirill SIbirev <l0kix2@gmail.com>
+knappe <tyler.knappe@gmail.com>
+Kohei Tsuruta <coheyxyz@gmail.com>
+Koichi Shiraishi <k@zchee.io>
+Konrad Kleine <konrad.wilhelm.kleine@gmail.com>
+Konstantin Pelykh <kpelykh@zettaset.com>
+Krasimir Georgiev <support@vip-consult.co.uk>
+Kristian Haugene <kristian.haugene@capgemini.com>
+Kristina Zabunova <triara.xiii@gmail.com>
+krrg <krrgithub@gmail.com>
+Kun Zhang <zkazure@gmail.com>
+Kunal Kushwaha <kunal.kushwaha@gmail.com>
+Kyle Conroy <kyle.j.conroy@gmail.com>
+kyu <leehk1227@gmail.com>
+Lachlan Coote <lcoote@vmware.com>
+Lai Jiangshan <jiangshanlai@gmail.com>
+Lajos Papp <lajos.papp@sequenceiq.com>
+Lakshan Perera <lakshan@laktek.com>
+Lalatendu Mohanty <lmohanty@redhat.com>
+lalyos <lalyos@yahoo.com>
+Lance Chen <cyen0312@gmail.com>
+Lance Kinley <lkinley@loyaltymethods.com>
+Lars Kellogg-Stedman <lars@redhat.com>
+Lars R. Damerow <lars@pixar.com>
+Laszlo Meszaros <lacienator@gmail.com>
+Laurent Erignoux <lerignoux@gmail.com>
+Laurie Voss <github@seldo.com>
+Leandro Siqueira <leandro.siqueira@gmail.com>
+Lee, Meng-Han <sunrisedm4@gmail.com>
+leeplay <hyeongkyu.lee@navercorp.com>
+Lei Jitang <leijitang@huawei.com>
+Len Weincier <len@cloudafrica.net>
+Lennie <github@consolejunkie.net>
+Leszek Kowalski <github@leszekkowalski.pl>
+Levi Blackstone <levi.blackstone@rackspace.com>
+Levi Gross <levi@levigross.com>
+Lewis Marshall <lewis@lmars.net>
+Lewis Peckover <lew+github@lew.io>
+Liana Lo <liana.lixia@gmail.com>
+Liang Mingqiang <mqliang.zju@gmail.com>
+Liang-Chi Hsieh <viirya@gmail.com>
+liaoqingwei <liaoqingwei@huawei.com>
+limsy <seongyeol37@gmail.com>
+Linus Heckemann <lheckemann@twig-world.com>
+Liran Tal <liran.tal@gmail.com>
+Liron Levin <liron@twistlock.com>
+Liu Bo <bo.li.liu@oracle.com>
+Liu Hua <sdu.liu@huawei.com>
+LIZAO LI <lzlarryli@gmail.com>
+Lloyd Dewolf <foolswisdom@gmail.com>
+Lokesh Mandvekar <lsm5@fedoraproject.org>
+longliqiang88 <394564827@qq.com>
+Lorenz Leutgeb <lorenz.leutgeb@gmail.com>
+Lorenzo Fontana <fontanalorenzo@me.com>
+Louis Opter <kalessin@kalessin.fr>
+Luca Marturana <lucamarturana@gmail.com>
+Luca Orlandi <luca.orlandi@gmail.com>
+Luca-Bogdan Grigorescu <Luca-Bogdan Grigorescu>
+Lucas Chan <lucas-github@lucaschan.com>
+Luis Martínez de Bartolomé Izquierdo <lmartinez@biicode.com>
+Lukas Waslowski <cr7pt0gr4ph7@gmail.com>
+lukaspustina <lukas.pustina@centerdevice.com>
+lukemarsden <luke@digital-crocus.com>
+Lynda O'Leary <lyndaoleary29@gmail.com>
+Lénaïc Huard <lhuard@amadeus.com>
+Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
+Mabin <bin.ma@huawei.com>
+Madhav Puri <madhav.puri@gmail.com>
+Madhu Venugopal <madhu@socketplane.io>
+Mageee <21521230.zju.edu.cn>
+Mahesh Tiyyagura <tmahesh@gmail.com>
+malnick <malnick@gmail..com>
+Malte Janduda <mail@janduda.net>
+manchoz <giampaolo@trampolineup.com>
+Manfred Touron <m@42.am>
+Manfred Zabarauskas <manfredas@zabarauskas.com>
+Manuel Meurer <manuel@krautcomputing.com>
+Manuel Woelker <github@manuel.woelker.org>
+mapk0y <mapk0y@gmail.com>
+Marc Abramowitz <marc@marc-abramowitz.com>
+Marc Kuo <kuomarc2@gmail.com>
+Marc Tamsky <mtamsky@gmail.com>
+Marcelo Salazar <chelosalazar@gmail.com>
+Marco Hennings <marco.hennings@freiheit.com>
+Marcus Farkas <toothlessgear@finitebox.com>
+Marcus Linke <marcus.linke@gmx.de>
+Marcus Ramberg <marcus@nordaaker.com>
+Marek Goldmann <marek.goldmann@gmail.com>
+Marian Marinov <mm@yuhu.biz>
+Marianna Tessel <mtesselh@gmail.com>
+Mario Loriedo <mario.loriedo@gmail.com>
+Marius Gundersen <me@mariusgundersen.net>
+Marius Sturm <marius@graylog.com>
+Marius Voila <marius.voila@gmail.com>
+Mark Allen <mrallen1@yahoo.com>
+Mark McGranaghan <mmcgrana@gmail.com>
+Mark McKinstry <mmckinst@umich.edu>
+Mark West <markewest@gmail.com>
+Marko Mikulicic <mmikulicic@gmail.com>
+Marko Tibold <marko@tibold.nl>
+Markus Fix <lispmeister@gmail.com>
+Martijn Dwars <ikben@martijndwars.nl>
+Martijn van Oosterhout <kleptog@svana.org>
+Martin Honermeyer <maze@strahlungsfrei.de>
+Martin Kelly <martin@surround.io>
+Martin Mosegaard Amdisen <martin.amdisen@praqma.com>
+Martin Redmond <martin@tinychat.com>
+Mary Anthony <mary.anthony@docker.com>
+Masahito Zembutsu <zembutsu@users.noreply.github.com>
+Mason Malone <mason.malone@gmail.com>
+Mateusz Sulima <sulima.mateusz@gmail.com>
+Mathias Monnerville <mathias@monnerville.com>
+Mathieu Le Marec - Pasquet <kiorky@cryptelium.net>
+Matt Apperson <me@mattapperson.com>
+Matt Bachmann <bachmann.matt@gmail.com>
+Matt Bentley <mbentley@mbentley.net>
+Matt Haggard <haggardii@gmail.com>
+Matt McCormick <matt.mccormick@kitware.com>
+Matt Moore <mattmoor@google.com>
+Matt Robenolt <matt@ydekproductions.com>
+Matthew Heon <mheon@redhat.com>
+Matthew Mayer <matthewkmayer@gmail.com>
+Matthew Mueller <mattmuelle@gmail.com>
+Matthew Riley <mattdr@google.com>
+Matthias Klumpp <matthias@tenstral.net>
+Matthias Kühnle <git.nivoc@neverbox.com>
+Matthias Rampke <mr@soundcloud.com>
+Matthieu Hauglustaine <matt.hauglustaine@gmail.com>
+mattymo <raytrac3r@gmail.com>
+mattyw <mattyw@me.com>
+Mauricio Garavaglia <mauriciogaravaglia@gmail.com>
+mauriyouth <mauriyouth@gmail.com>
+Max Shytikov <mshytikov@gmail.com>
+Maxim Ivanov <ivanov.maxim@gmail.com>
+Maxim Kulkin <mkulkin@mirantis.com>
+Maxim Treskin <zerthurd@gmail.com>
+Maxime Petazzoni <max@signalfuse.com>
+Meaglith Ma <genedna@gmail.com>
+meejah <meejah@meejah.ca>
+Megan Kostick <mkostick@us.ibm.com>
+Mehul Kar <mehul.kar@gmail.com>
+Mengdi Gao <usrgdd@gmail.com>
+Mert Yazıcıoğlu <merty@users.noreply.github.com>
+Micah Zoltu <micah@newrelic.com>
+Michael A. Smith <michael@smith-li.com>
+Michael Bridgen <mikeb@squaremobius.net>
+Michael Brown <michael@netdirect.ca>
+Michael Chiang <mchiang@docker.com>
+Michael Crosby <michael@docker.com>
+Michael Currie <mcurrie@bruceforceresearch.com>
+Michael Gorsuch <gorsuch@github.com>
+Michael Grauer <michael.grauer@kitware.com>
+Michael Hudson-Doyle <michael.hudson@linaro.org>
+Michael Huettermann <michael@huettermann.net>
+Michael Käufl <docker@c.michael-kaeufl.de>
+Michael Neale <michael.neale@gmail.com>
+Michael Prokop <github@michael-prokop.at>
+Michael Scharf <github@scharf.gr>
+Michael Stapelberg <michael+gh@stapelberg.de>
+Michael Steinert <mike.steinert@gmail.com>
+Michael Thies <michaelthies78@gmail.com>
+Michael West <mwest@mdsol.com>
+Michal Fojtik <mfojtik@redhat.com>
+Michal Gebauer <mishak@mishak.net>
+Michal Jemala <michal.jemala@gmail.com>
+Michal Minar <miminar@redhat.com>
+Michaël Pailloncy <mpapo.dev@gmail.com>
+Michał Czeraszkiewicz <czerasz@gmail.com>
+Michiel@unhosted <michiel@unhosted.org>
+Miguel Angel Fernández <elmendalerenda@gmail.com>
+Miguel Morales <mimoralea@gmail.com>
+Mihai Borobocea <MihaiBorobocea@gmail.com>
+Mihuleacc Sergiu <mihuleac.sergiu@gmail.com>
+Mike Brown <brownwm@us.ibm.com>
+Mike Chelen <michael.chelen@gmail.com>
+Mike Danese <mikedanese@google.com>
+Mike Dillon <mike@embody.org>
+Mike Dougherty <mike.dougherty@docker.com>
+Mike Gaffney <mike@uberu.com>
+Mike Goelzer <mgoelzer@docker.com>
+Mike Leone <mleone896@gmail.com>
+Mike MacCana <mike.maccana@gmail.com>
+Mike Naberezny <mike@naberezny.com>
+Mike Snitzer <snitzer@redhat.com>
+Mikhail Sobolev <mss@mawhrin.net>
+Miloslav Trmač <mitr@redhat.com>
+mingqing <limingqing@cyou-inc.com>
+Mingzhen Feng <fmzhen@zju.edu.cn>
+Mitch Capper <mitch.capper@gmail.com>
+mlarcher <github@ringabell.org>
+Mohammad Banikazemi <mb@us.ibm.com>
+Mohammed Aaqib Ansari <maaquib@gmail.com>
+Mohit Soni <mosoni@ebay.com>
+Morgan Bauer <mbauer@us.ibm.com>
+Morgante Pell <morgante.pell@morgante.net>
+Morgy93 <thomas@ulfertsprygoda.de>
+Morten Siebuhr <sbhr@sbhr.dk>
+Morton Fox <github@qslw.com>
+Moysés Borges <moysesb@gmail.com>
+mqliang <mqliang.zju@gmail.com>
+Mrunal Patel <mrunalp@gmail.com>
+msabansal <sabansal@microsoft.com>
+mschurenko <matt.schurenko@gmail.com>
+Mustafa Akın <mustafa91@gmail.com>
+Muthukumar R <muthur@gmail.com>
+Médi-Rémi Hashim <medimatrix@users.noreply.github.com>
+Nakul Pathak <nakulpathak3@hotmail.com>
+Nalin Dahyabhai <nalin@redhat.com>
+Nan Monnand Deng <monnand@gmail.com>
+Naoki Orii <norii@cs.cmu.edu>
+Natalie Parker <nparker@omnifone.com>
+Nate Brennand <nate.brennand@clever.com>
+Nate Eagleson <nate@nateeag.com>
+Nate Jones <nate@endot.org>
+Nathan Hsieh <hsieh.nathan@gmail.com>
+Nathan Kleyn <nathan@nathankleyn.com>
+Nathan LeClaire <nathan.leclaire@docker.com>
+Nathan McCauley <nathan.mccauley@docker.com>
+Nathan Williams <nathan@teamtreehouse.com>
+Neal McBurnett <neal@mcburnett.org>
+Nelson Chen <crazysim@gmail.com>
+Nghia Tran <nghia@google.com>
+Niall O'Higgins <niallo@unworkable.org>
+Nicholas E. Rabenau <nerab@gmx.at>
+Nick Irvine <nfirvine@nfirvine.com>
+Nick Parker <nikaios@gmail.com>
+Nick Payne <nick@kurai.co.uk>
+Nick Stenning <nick.stenning@digital.cabinet-office.gov.uk>
+Nick Stinemates <nick@stinemates.org>
+Nicolas Borboën <ponsfrilus@users.noreply.github.com>
+Nicolas De loof <nicolas.deloof@gmail.com>
+Nicolas Dudebout <nicolas.dudebout@gatech.edu>
+Nicolas Goy <kuon@goyman.com>
+Nicolas Kaiser <nikai@nikai.net>
+Nicolás Hock Isaza <nhocki@gmail.com>
+Nigel Poulton <nigelpoulton@hotmail.com>
+NikolaMandic <mn080202@gmail.com>
+nikolas <nnyby@columbia.edu>
+Nishant Totla <nishanttotla@gmail.com>
+NIWA Hideyuki <niwa.niwa@nifty.ne.jp>
+noducks <onemannoducks@gmail.com>
+Nolan Darilek <nolan@thewordnerd.info>
+nponeccop <andy.melnikov@gmail.com>
+Nuutti Kotivuori <naked@iki.fi>
+nzwsch <hi@nzwsch.com>
+O.S. Tezer <ostezer@gmail.com>
+OddBloke <daniel@daniel-watkins.co.uk>
+odk- <github@odkurzacz.org>
+Oguz Bilgic <fisyonet@gmail.com>
+Oh Jinkyun <tintypemolly@gmail.com>
+Ohad Schneider <ohadschn@users.noreply.github.com>
+Ole Reifschneider <mail@ole-reifschneider.de>
+Oliver Neal <ItsVeryWindy@users.noreply.github.com>
+Olivier Gambier <dmp42@users.noreply.github.com>
+Olle Jonsson <olle.jonsson@gmail.com>
+Oriol Francès <oriolfa@gmail.com>
+Otto Kekäläinen <otto@seravo.fi>
+oyld <oyld0210@163.com>
+ozlerhakan <hakan.ozler@kodcu.com>
+paetling <paetling@gmail.com>
+pandrew <letters@paulnotcom.se>
+panticz <mail@konczalski.de>
+Paolo G. Giarrusso <p.giarrusso@gmail.com>
+Pascal Borreli <pascal@borreli.com>
+Pascal Hartig <phartig@rdrei.net>
+Patrick Devine <patrick.devine@docker.com>
+Patrick Hemmer <patrick.hemmer@gmail.com>
+Patrick Stapleton <github@gdi2290.com>
+pattichen <craftsbear@gmail.com>
+Paul <paul9869@gmail.com>
+paul <paul@inkling.com>
+Paul Annesley <paul@annesley.cc>
+Paul Bellamy <paul.a.bellamy@gmail.com>
+Paul Bowsher <pbowsher@globalpersonals.co.uk>
+Paul Hammond <paul@paulhammond.org>
+Paul Jimenez <pj@place.org>
+Paul Lietar <paul@lietar.net>
+Paul Liljenberg <liljenberg.paul@gmail.com>
+Paul Morie <pmorie@gmail.com>
+Paul Nasrat <pnasrat@gmail.com>
+Paul Weaver <pauweave@cisco.com>
+Pavel Lobashov <ShockwaveNN@gmail.com>
+Pavel Pospisil <pospispa@gmail.com>
+Pavel Sutyrin <pavel.sutyrin@gmail.com>
+Pavel Tikhomirov <ptikhomirov@parallels.com>
+Pavlos Ratis <dastergon@gentoo.org>
+Peeyush Gupta <gpeeyush@linux.vnet.ibm.com>
+Peggy Li <peggyli.224@gmail.com>
+Pei Su <sillyousu@gmail.com>
+Penghan Wang <ph.wang@daocloud.io>
+perhapszzy@sina.com <perhapszzy@sina.com>
+Peter Bourgon <peter@bourgon.org>
+Peter Braden <peterbraden@peterbraden.co.uk>
+Peter Choi <reikani@Peters-MacBook-Pro.local>
+Peter Dave Hello <PeterDaveHello@users.noreply.github.com>
+Peter Edge <peter.edge@gmail.com>
+Peter Ericson <pdericson@gmail.com>
+Peter Esbensen <pkesbensen@gmail.com>
+Peter Malmgren <ptmalmgren@gmail.com>
+Peter Salvatore <peter@psftw.com>
+Peter Volpe <petervo@redhat.com>
+Peter Waller <p@pwaller.net>
+Phil <underscorephil@gmail.com>
+Phil Estes <estesp@linux.vnet.ibm.com>
+Phil Spitler <pspitler@gmail.com>
+Philip Monroe <phil@philmonroe.com>
+Philipp Wahala <philipp.wahala@gmail.com>
+Philipp Weissensteiner <mail@philippweissensteiner.com>
+Phillip Alexander <git@phillipalexander.io>
+pidster <pid@pidster.com>
+Piergiuliano Bossi <pgbossi@gmail.com>
+Pierre <py@poujade.org>
+Pierre Carrier <pierre@meteor.com>
+Pierre Wacrenier <pierre.wacrenier@gmail.com>
+Pierre-Alain RIVIERE <pariviere@ippon.fr>
+Piotr Bogdan <ppbogdan@gmail.com>
+pixelistik <pixelistik@users.noreply.github.com>
+Porjo <porjo38@yahoo.com.au>
+Poul Kjeldager Sørensen <pks@s-innovations.net>
+Pradeep Chhetri <pradeep@indix.com>
+Prasanna Gautam <prasannagautam@gmail.com>
+Prayag Verma <prayag.verma@gmail.com>
+Przemek Hejman <przemyslaw.hejman@gmail.com>
+pysqz <randomq@126.com>
+qg <1373319223@qq.com>
+qhuang <h.huangqiang@huawei.com>
+Qiang Huang <h.huangqiang@huawei.com>
+qq690388648 <690388648@qq.com>
+Quentin Brossard <qbrossard@gmail.com>
+Quentin Perez <qperez@ocs.online.net>
+Quentin Tayssier <qtayssier@gmail.com>
+r0n22 <cameron.regan@gmail.com>
+Rafal Jeczalik <rjeczalik@gmail.com>
+Rafe Colton <rafael.colton@gmail.com>
+Raghavendra K T <raghavendra.kt@linux.vnet.ibm.com>
+Raghuram Devarakonda <draghuram@gmail.com>
+Rajat Pandit <rp@rajatpandit.com>
+Rajdeep Dua <dua_rajdeep@yahoo.com>
+Ralle <spam@rasmusa.net>
+Ralph Bean <rbean@redhat.com>
+Ramkumar Ramachandra <artagnon@gmail.com>
+Ramon van Alteren <ramon@vanalteren.nl>
+Ray Tsang <saturnism@users.noreply.github.com>
+ReadmeCritic <frankensteinbot@gmail.com>
+Recursive Madman <recursive.madman@gmx.de>
+Regan McCooey <rmccooey27@aol.com>
+Remi Rampin <remirampin@gmail.com>
+Renato Riccieri Santos Zannon <renato.riccieri@gmail.com>
+resouer <resouer@163.com>
+rgstephens <greg@udon.org>
+Rhys Hiltner <rhys@twitch.tv>
+Rich Seymour <rseymour@gmail.com>
+Richard <richard.scothern@gmail.com>
+Richard Burnison <rburnison@ebay.com>
+Richard Harvey <richard@squarecows.com>
+Richard Metzler <richard@paadee.com>
+Richard Scothern <richard.scothern@gmail.com>
+Richo Healey <richo@psych0tik.net>
+Rick Bradley <rick@users.noreply.github.com>
+Rick van de Loo <rickvandeloo@gmail.com>
+Rick Wieman <git@rickw.nl>
+Rik Nijessen <rik@keefo.nl>
+Riku Voipio <riku.voipio@linaro.org>
+Riley Guerin <rileytg.dev@gmail.com>
+Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
+Rob Vesse <rvesse@dotnetrdf.org>
+Robert Bachmann <rb@robertbachmann.at>
+Robert Bittle <guywithnose@gmail.com>
+Robert Obryk <robryk@gmail.com>
+Robert Stern <lexandro2000@gmail.com>
+Robert Wallis <smilingrob@gmail.com>
+Roberto G. Hashioka <roberto.hashioka@docker.com>
+Robin Naundorf <r.naundorf@fh-muenster.de>
+Robin Schneider <ypid@riseup.net>
+Robin Speekenbrink <robin@kingsquare.nl>
+robpc <rpcann@gmail.com>
+Rodrigo Vaz <rodrigo.vaz@gmail.com>
+Roel Van Nyen <roel.vannyen@gmail.com>
+Roger Peppe <rogpeppe@gmail.com>
+Rohit Jnagal <jnagal@google.com>
+Rohit Kadam <rohit.d.kadam@gmail.com>
+Roland Huß <roland@jolokia.org>
+Roland Moriz <rmoriz@users.noreply.github.com>
+Roma Sokolov <sokolov.r.v@gmail.com>
+Roman Strashkin <roman.strashkin@gmail.com>
+Ron Smits <ron.smits@gmail.com>
+root <docker-dummy@example.com>
+root <root@ubuntu-14.04-amd64-vbox>
+root <root@webm215.cluster016.ha.ovh.net>
+Rory Hunter <roryhunter2@gmail.com>
+Rory McCune <raesene@gmail.com>
+Ross Boucher <rboucher@gmail.com>
+Rovanion Luckey <rovanion.luckey@gmail.com>
+Rozhnov Alexandr <nox73@ya.ru>
+rsmoorthy <rsmoorthy@users.noreply.github.com>
+Rudolph Gottesheim <r.gottesheim@loot.at>
+Rui Lopes <rgl@ruilopes.com>
+Ryan Anderson <anderson.ryanc@gmail.com>
+Ryan Aslett <github@mixologic.com>
+Ryan Belgrave <rmb1993@gmail.com>
+Ryan Detzel <ryan.detzel@gmail.com>
+Ryan Fowler <rwfowler@gmail.com>
+Ryan McLaughlin <rmclaughlin@insidesales.com>
+Ryan O'Donnell <odonnellryanc@gmail.com>
+Ryan Seto <ryanseto@yak.net>
+Ryan Thomas <rthomas@atlassian.com>
+Ryan Trauntvein <rtrauntvein@novacoast.com>
+Ryan Wallner <ryan.wallner@clusterhq.com>
+RyanDeng <sheldon.d1018@gmail.com>
+Rémy Greinhofer <remy.greinhofer@livelovely.com>
+s. rannou <mxs@sbrk.org>
+s00318865 <sunyuan3@huawei.com>
+Sabin Basyal <sabin.basyal@gmail.com>
+Sachin Joshi <sachin_jayant_joshi@hotmail.com>
+Sagar Hani <sagarhani33@gmail.com>
+Sally O'Malley <somalley@redhat.com>
+Sam Abed <sam.abed@gmail.com>
+Sam Alba <sam.alba@gmail.com>
+Sam Bailey <cyprix@cyprix.com.au>
+Sam J Sharpe <sam.sharpe@digital.cabinet-office.gov.uk>
+Sam Neirinck <sam@samneirinck.com>
+Sam Reis <sreis@atlassian.com>
+Sam Rijs <srijs@airpost.net>
+Sambuddha Basu <sambuddhabasu1@gmail.com>
+Sami Wagiaalla <swagiaal@redhat.com>
+Samuel Andaya <samuel@andaya.net>
+Samuel Dion-Girardeau <samuel.diongirardeau@gmail.com>
+Samuel Karp <skarp@amazon.com>
+Samuel PHAN <samuel-phan@users.noreply.github.com>
+Sankar சங்கர் <sankar.curiosity@gmail.com>
+Sanket Saurav <sanketsaurav@gmail.com>
+Santhosh Manohar <santhosh@docker.com>
+sapphiredev <se.imas.kr@gmail.com>
+Satnam Singh <satnam@raintown.org>
+satoru <satorulogic@gmail.com>
+Satoshi Amemiya <satoshi_amemiya@voyagegroup.com>
+scaleoutsean <scaleoutsean@users.noreply.github.com>
+Scott Bessler <scottbessler@gmail.com>
+Scott Collier <emailscottcollier@gmail.com>
+Scott Johnston <scott@docker.com>
+Scott Stamp <scottstamp851@gmail.com>
+Scott Walls <sawalls@umich.edu>
+sdreyesg <sdreyesg@gmail.com>
+Sean Cronin <seancron@gmail.com>
+Sean OMeara <sean@chef.io>
+Sean P. Kane <skane@newrelic.com>
+Sebastiaan van Steenis <mail@superseb.nl>
+Sebastiaan van Stijn <github@gone.nl>
+Senthil Kumar Selvaraj <senthil.thecoder@gmail.com>
+SeongJae Park <sj38.park@gmail.com>
+Seongyeol Lim <seongyeol37@gmail.com>
+Sergey Alekseev <sergey.alekseev.minsk@gmail.com>
+Sergey Evstifeev <sergey.evstifeev@gmail.com>
+Sevki Hasirci <s@sevki.org>
+Shane Canon <scanon@lbl.gov>
+Shane da Silva <shane@dasilva.io>
+shaunol <shaunol@gmail.com>
+Shawn Landden <shawn@churchofgit.com>
+Shawn Siefkas <shawn.siefkas@meredith.com>
+Shekhar Gulati <shekhargulati84@gmail.com>
+Sheng Yang <sheng@yasker.org>
+Shih-Yuan Lee <fourdollars@gmail.com>
+Shijiang Wei <mountkin@gmail.com>
+Shishir Mahajan <shishir.mahajan@redhat.com>
+shuai-z <zs.broccoli@gmail.com>
+Shuwei Hao <haosw@cn.ibm.com>
+Sian Lerk Lau <kiawin@gmail.com>
+sidharthamani <sid@rancher.com>
+Silas Sewell <silas@sewell.org>
+Simei He <hesimei@zju.edu.cn>
+Simon Eskildsen <sirup@sirupsen.com>
+Simon Leinen <simon.leinen@gmail.com>
+Simon Taranto <simon.taranto@gmail.com>
+Sindhu S <sindhus@live.in>
+Sjoerd Langkemper <sjoerd-github@linuxonly.nl>
+Solganik Alexander <solganik@gmail.com>
+Solomon Hykes <solomon@docker.com>
+Song Gao <song@gao.io>
+Soshi Katsuta <soshi.katsuta@gmail.com>
+Soulou <leo@unbekandt.eu>
+Spencer Brown <spencer@spencerbrown.org>
+Spencer Smith <robertspencersmith@gmail.com>
+Sridatta Thatipamala <sthatipamala@gmail.com>
+Sridhar Ratnakumar <sridharr@activestate.com>
+Srini Brahmaroutu <sbrahma@us.ibm.com>
+Srini Brahmaroutu <srbrahma@us.ibm.com>
+Steeve Morin <steeve.morin@gmail.com>
+Stefan Berger <stefanb@linux.vnet.ibm.com>
+Stefan J. Wernli <swernli@microsoft.com>
+Stefan Praszalowicz <stefan@greplin.com>
+Stefan Scherer <scherer_stefan@icloud.com>
+Stefan Staudenmeyer <doerte@instana.com>
+Stefan Weil <sw@weilnetz.de>
+Stephen Crosby <stevecrozz@gmail.com>
+Stephen Day <stephen.day@docker.com>
+Stephen Rust <srust@blockbridge.com>
+Steve Durrheimer <s.durrheimer@gmail.com>
+Steve Francia <steve.francia@gmail.com>
+Steve Koch <stevekochscience@gmail.com>
+Steven Burgess <steven.a.burgess@hotmail.com>
+Steven Iveson <sjiveson@outlook.com>
+Steven Merrill <steven.merrill@gmail.com>
+Steven Richards <steven@axiomzen.co>
+Steven Taylor <steven.taylor@me.com>
+Sujith Haridasan <sujith.h@gmail.com>
+Suryakumar Sudar <surya.trunks@gmail.com>
+Sven Dowideit <SvenDowideit@home.org.au>
+Swapnil Daingade <swapnil.daingade@gmail.com>
+Sylvain Baubeau <sbaubeau@redhat.com>
+Sylvain Bellemare <sylvain.bellemare@ezeep.com>
+Sébastien <sebastien@yoozio.com>
+Sébastien Luttringer <seblu@seblu.net>
+Sébastien Stormacq <sebsto@users.noreply.github.com>
+TAGOMORI Satoshi <tagomoris@gmail.com>
+tang0th <tang0th@gmx.com>
+Tangi COLIN <tangicolin@gmail.com>
+Tatsuki Sugiura <sugi@nemui.org>
+Tatsushi Inagaki <e29253@jp.ibm.com>
+Taylor Jones <monitorjbl@gmail.com>
+tbonza <tylers.pile@gmail.com>
+Ted M. Young <tedyoung@gmail.com>
+Tehmasp Chaudhri <tehmasp@gmail.com>
+Tejesh Mehta <tejesh.mehta@gmail.com>
+terryding77 <550147740@qq.com>
+tgic <farmer1992@gmail.com>
+Thatcher Peskens <thatcher@docker.com>
+theadactyl <thea.lamkin@gmail.com>
+Thell 'Bo' Fowler <thell@tbfowler.name>
+Thermionix <bond711@gmail.com>
+Thijs Terlouw <thijsterlouw@gmail.com>
+Thomas Bikeev <thomas.bikeev@mac.com>
+Thomas Frössman <thomasf@jossystem.se>
+Thomas Gazagnaire <thomas@gazagnaire.org>
+Thomas Hansen <thomas.hansen@gmail.com>
+Thomas LEVEIL <thomasleveil@gmail.com>
+Thomas Orozco <thomas@orozco.fr>
+Thomas Schroeter <thomas@cliqz.com>
+Thomas Sjögren <konstruktoid@users.noreply.github.com>
+Thomas Swift <tgs242@gmail.com>
+Thomas Texier <sharkone@en-mousse.org>
+Tianon Gravi <admwiggin@gmail.com>
+Tibor Vass <teabee89@gmail.com>
+Tiffany Low <tiffany@box.com>
+Tim Bosse <taim@bosboot.org>
+Tim Dettrick <t.dettrick@uq.edu.au>
+Tim Hockin <thockin@google.com>
+Tim Ruffles <oi@truffles.me.uk>
+Tim Smith <timbot@google.com>
+Tim Terhorst <mynamewastaken+git@gmail.com>
+Tim Wang <timwangdev@gmail.com>
+Tim Waugh <twaugh@redhat.com>
+Tim Wraight <tim.wraight@tangentlabs.co.uk>
+Timothy Hobbs <timothyhobbs@seznam.cz>
+tjwebb123 <tjwebb123@users.noreply.github.com>
+tobe <tobegit3hub@gmail.com>
+Tobias Bieniek <Tobias.Bieniek@gmx.de>
+Tobias Bradtke <webwurst@gmail.com>
+Tobias Gesellchen <tobias@gesellix.de>
+Tobias Klauser <tklauser@distanz.ch>
+Tobias Schmidt <ts@soundcloud.com>
+Tobias Schwab <tobias.schwab@dynport.de>
+Todd Crane <todd@toddcrane.com>
+Todd Lunter <tlunter@gmail.com>
+Todd Whiteman <todd.whiteman@joyent.com>
+Toli Kuznets <toli@docker.com>
+Tom Barlow <tomwbarlow@gmail.com>
+Tom Denham <tom@tomdee.co.uk>
+Tom Fotherby <tom+github@peopleperhour.com>
+Tom Howe <tom.howe@enstratius.com>
+Tom Hulihan <hulihan.tom159@gmail.com>
+Tom Maaswinkel <tom.maaswinkel@12wiki.eu>
+Tom X. Tobin <tomxtobin@tomxtobin.com>
+Tomas Tomecek <ttomecek@redhat.com>
+Tomasz Kopczynski <tomek@kopczynski.net.pl>
+Tomasz Lipinski <tlipinski@users.noreply.github.com>
+Tomasz Nurkiewicz <nurkiewicz@gmail.com>
+Tommaso Visconti <tommaso.visconti@gmail.com>
+Tomáš Hrčka <thrcka@redhat.com>
+Tonis Tiigi <tonistiigi@gmail.com>
+Tonny Xu <tonny.xu@gmail.com>
+Tony Daws <tony@daws.ca>
+Tony Miller <mcfiredrill@gmail.com>
+toogley <toogley@mailbox.org>
+Torstein Husebø <torstein@huseboe.net>
+tpng <benny.tpng@gmail.com>
+tracylihui <793912329@qq.com>
+Travis Cline <travis.cline@gmail.com>
+Travis Thieman <travis.thieman@gmail.com>
+Trent Ogren <tedwardo2@gmail.com>
+Trevor <trevinwoodstock@gmail.com>
+Trevor Pounds <trevor.pounds@gmail.com>
+trishnaguha <trishnaguha17@gmail.com>
+Tristan Carel <tristan@cogniteev.com>
+Troy Denton <trdenton@gmail.com>
+Tyler Brock <tyler.brock@gmail.com>
+Tzu-Jung Lee <roylee17@gmail.com>
+Tõnis Tiigi <tonistiigi@gmail.com>
+Ulysse Carion <ulyssecarion@gmail.com>
+unknown <sebastiaan@ws-key-sebas3.dpi1.dpi>
+vagrant <vagrant@ubuntu-14.04-amd64-vbox>
+Vaidas Jablonskis <jablonskis@gmail.com>
+Veres Lajos <vlajos@gmail.com>
+vgeta <gopikannan.venugopalsamy@gmail.com>
+Victor Coisne <victor.coisne@dotcloud.com>
+Victor Costan <costan@gmail.com>
+Victor I. Wood <viw@t2am.com>
+Victor Lyuboslavsky <victor@victoreda.com>
+Victor Marmol <vmarmol@google.com>
+Victor Palma <palma.victor@gmail.com>
+Victor Vieux <victor.vieux@docker.com>
+Victoria Bialas <victoria.bialas@docker.com>
+Vijaya Kumar K <vijayak@caviumnetworks.com>
+Viktor Stanchev <me@viktorstanchev.com>
+Viktor Vojnovski <viktor.vojnovski@amadeus.com>
+VinayRaghavanKS <raghavan.vinay@gmail.com>
+Vincent Batts <vbatts@redhat.com>
+Vincent Bernat <bernat@luffy.cx>
+Vincent Bernat <Vincent.Bernat@exoscale.ch>
+Vincent Demeester <vincent@sbr.pm>
+Vincent Giersch <vincent.giersch@ovh.net>
+Vincent Mayers <vincent.mayers@inbloom.org>
+Vincent Woo <me@vincentwoo.com>
+Vinod Kulkarni <vinod.kulkarni@gmail.com>
+Vishal Doshi <vishal.doshi@gmail.com>
+Vishnu Kannan <vishnuk@google.com>
+Vitor Monteiro <vmrmonteiro@gmail.com>
+Vivek Agarwal <me@vivek.im>
+Vivek Dasgupta <vdasgupt@redhat.com>
+Vivek Goyal <vgoyal@redhat.com>
+Vladimir Bulyga <xx@ccxx.cc>
+Vladimir Kirillov <proger@wilab.org.ua>
+Vladimir Rutsky <altsysrq@gmail.com>
+Vladimir Varankin <nek.narqo+git@gmail.com>
+VladimirAus <v_roudakov@yahoo.com>
+Vojtech Vitek (V-Teq) <vvitek@redhat.com>
+waitingkuo <waitingkuo0527@gmail.com>
+Walter Leibbrandt <github@wrl.co.za>
+Walter Stanish <walter@pratyeka.org>
+WANG Chao <wcwxyz@gmail.com>
+Ward Vandewege <ward@jhvc.com>
+WarheadsSE <max@warheads.net>
+Wayne Chang <wayne@neverfear.org>
+Wei-Ting Kuo <waitingkuo0527@gmail.com>
+weiyan <weiyan3@huawei.com>
+Weiyang Zhu <cnresonant@gmail.com>
+Wen Cheng Ma <wenchma@cn.ibm.com>
+Wenxuan Zhao <viz@linux.com>
+Wenyu You <21551128@zju.edu.cn>
+Wes Morgan <cap10morgan@gmail.com>
+Will Dietz <w@wdtz.org>
+Will Rouesnel <w.rouesnel@gmail.com>
+Will Weaver <monkey@buildingbananas.com>
+willhf <willhf@gmail.com>
+William Delanoue <william.delanoue@gmail.com>
+William Henry <whenry@redhat.com>
+William Hubbs <w.d.hubbs@gmail.com>
+William Riancho <wr.wllm@gmail.com>
+William Thurston <thurstw@amazon.com>
+WiseTrem <shepelyov.g@gmail.com>
+wlan0 <sidharthamn@gmail.com>
+Wolfgang Powisch <powo@powo.priv.at>
+wonderflow <wonderflow.sun@gmail.com>
+xamyzhao <x.amy.zhao@gmail.com>
+XiaoBing Jiang <s7v7nislands@gmail.com>
+Xiaoxu Chen <chenxiaoxu14@otcaix.iscas.ac.cn>
+xiekeyang <xiekeyang@huawei.com>
+Xinzi Zhou <imdreamrunner@gmail.com>
+Xiuming Chen <cc@cxm.cc>
+xlgao-zju <xlgao@zju.edu.cn>
+xuzhaokui <cynicholas@gmail.com>
+Yahya <ya7yaz@gmail.com>
+YAMADA Tsuyoshi <tyamada@minimum2scp.org>
+Yan Feng <yanfeng2@huawei.com>
+Yang Bai <hamo.by@gmail.com>
+yangshukui <yangshukui@huawei.com>
+Yasunori Mahata <nori@mahata.net>
+Yestin Sun <sunyi0804@gmail.com>
+Yi EungJun <eungjun.yi@navercorp.com>
+Yibai Zhang <xm1994@gmail.com>
+Yihang Ho <hoyihang5@gmail.com>
+Ying Li <cyli@twistedmatrix.com>
+Yohei Ueda <yohei@jp.ibm.com>
+Yong Tang <yong.tang.github@outlook.com>
+Yongzhi Pan <panyongzhi@gmail.com>
+Youcef YEKHLEF <yyekhlef@gmail.com>
+Yuan Sun <sunyuan3@huawei.com>
+yuchangchun <yuchangchun1@huawei.com>
+yuchengxia <yuchengxia@huawei.com>
+Yurii Rashkovskii <yrashk@gmail.com>
+yuzou <zouyu7@huawei.com>
+Zac Dover <zdover@redhat.com>
+Zach Borboa <zachborboa@gmail.com>
+Zachary Jaffee <zij@case.edu>
+Zain Memon <zain@inzain.net>
+Zaiste! <oh@zaiste.net>
+Zane DeGraffenried <zane.deg@gmail.com>
+Zefan Li <lizefan@huawei.com>
+Zen Lin(Zhinan Lin) <linzhinan@huawei.com>
+Zhang Kun <zkazure@gmail.com>
+Zhang Wei <zhangwei555@huawei.com>
+Zhang Wentao <zhangwentao234@huawei.com>
+Zhenan Ye <21551168@zju.edu.cn>
+Zhu Guihua <zhugh.fnst@cn.fujitsu.com>
+Zhuoyun Wei <wzyboy@wzyboy.org>
+Zilin Du <zilin.du@gmail.com>
+zimbatm <zimbatm@zimbatm.com>
+Ziming Dong <bnudzm@foxmail.com>
+ZJUshuaizhou <21551191@zju.edu.cn>
+zmarouf <zeid.marouf@gmail.com>
+Zoltan Tombol <zoltan.tombol@gmail.com>
+zqh <zqhxuyuan@gmail.com>
+Zuhayr Elahi <elahi.zuhayr@gmail.com>
+Álex González <agonzalezro@gmail.com>
+Álvaro Lázaro <alvaro.lazaro.g@gmail.com>
+Átila Camurça Alves <camurca.home@gmail.com>
+尹吉峰 <jifeng.yin@gmail.com>
diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 00000000..c160b542
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,2435 @@
+# Changelog
+
+Items starting with `DEPRECATE` are important deprecation notices. For more
+information on the list of deprecated flags and APIs please have a look at
+https://docs.docker.com/engine/deprecated/ where target removal dates can also
+be found.
+
+## 1.11.2 (2016-05-31)
+
+### Networking
+
+- Fix a stale endpoint issue on overlay networks during ungraceful restart ([#23015](https://github.com/docker/docker/pull/23015))
+- Fix an issue where the wrong port could be reported by `docker inspect/ps/port` ([#22997](https://github.com/docker/docker/pull/22997))
+
+### Runtime
+
+- Fix a potential panic when running `docker build` ([#23032](https://github.com/docker/docker/pull/23032))
+- Fix interpretation of `--user` parameter ([#22998](https://github.com/docker/docker/pull/22998))
+- Fix a bug preventing container statistics to be correctly reported ([#22955](https://github.com/docker/docker/pull/22955))
+- Fix an issue preventing container to be restarted after daemon restart ([#22947](https://github.com/docker/docker/pull/22947))
+- Fix issues when running 32 bit binaries on Ubuntu 16.04 ([#22922](https://github.com/docker/docker/pull/22922))
+- Fix a possible deadlock on image deletion and container attach ([#22918](https://github.com/docker/docker/pull/22918))
+- Fix an issue where containers fail to start after a daemon restart if they depend on a containerized cluster store ([#22561](https://github.com/docker/docker/pull/22561))
+- Fix an issue causing `docker ps` to hang on CentOS when using devicemapper ([#22168](https://github.com/docker/docker/pull/22168), [#23067](https://github.com/docker/docker/pull/23067))
+- Fix a bug preventing to `docker exec` into a container when using devicemapper ([#22168](https://github.com/docker/docker/pull/22168), [#23067](https://github.com/docker/docker/pull/23067))
+
+
+## 1.11.1 (2016-04-26)
+
+### Distribution
+
+- Fix schema2 manifest media type to be of type `application/vnd.docker.container.image.v1+json` ([#21949](https://github.com/docker/docker/pull/21949))
+
+### Documentation
+
++ Add missing API documentation for changes introduced with 1.11.0 ([#22048](https://github.com/docker/docker/pull/22048))
+
+### Builder
+
+* Append label passed to `docker build` as arguments as an implicit `LABEL` command at the end of the processed `Dockerfile` ([#22184](https://github.com/docker/docker/pull/22184))
+
+### Networking
+
+- Fix a panic that would occur when forwarding DNS query ([#22261](https://github.com/docker/docker/pull/22261))
+- Fix an issue where OS threads could end up within an incorrect network namespace when using user defined networks ([#22261](https://github.com/docker/docker/pull/22261))
+
+### Runtime
+
+- Fix a bug preventing labels configuration to be reloaded via the config file ([#22299](https://github.com/docker/docker/pull/22299))
+- Fix a regression where container mounting `/var/run` would prevent other containers from being removed ([#22256](https://github.com/docker/docker/pull/22256))
+- Fix an issue where it would be impossible to update both `memory-swap` and `memory` value together ([#22255](https://github.com/docker/docker/pull/22255))
+- Fix a regression from 1.11.0 where the `/auth` endpoint would not initialize `serveraddress` if it is not provided ([#22254](https://github.com/docker/docker/pull/22254))
+- Add missing cleanup of container temporary files when cancelling a schedule restart ([#22237](https://github.com/docker/docker/pull/22237))
+- Removed scary error message when no restart policy is specified ([#21993](https://github.com/docker/docker/pull/21993))
+- Fix a panic that would occur when the plugins were activated via the json spec ([#22191](https://github.com/docker/docker/pull/22191))
+- Fix restart backoff logic to correctly reset delay if container ran for at least 10secs ([#22125](https://github.com/docker/docker/pull/22125))
+- Remove error message when a container restart get cancelled ([#22123](https://github.com/docker/docker/pull/22123))
+- Fix an issue where `docker` would not correcly clean up after `docker exec` ([#22121](https://github.com/docker/docker/pull/22121))
+- Fix a panic that could occur when servicing concurrent `docker stats` commands ([#22120](https://github.com/docker/docker/pull/22120))`
+- Revert deprecation of non-existing host directories auto-creation ([#22065](https://github.com/docker/docker/pull/22065))
+- Hide misleading rpc error on daemon shutdown ([#22058](https://github.com/docker/docker/pull/22058))
+
+## 1.11.0 (2016-04-13)
+
+**IMPORTANT**: With Docker 1.11, a Linux docker installation is now made of 4 binaries (`docker`, [`docker-containerd`](https://github.com/docker/containerd), [`docker-containerd-shim`](https://github.com/docker/containerd) and [`docker-runc`](https://github.com/opencontainers/runc)). If you have scripts relying on docker being a single static binaries, please make sure to update them. Interaction with the daemon stay the same otherwise, the usage of the other binaries should be transparent. A Windows docker installation remains a single binary, `docker.exe`.
+
+### Builder
+
+- Fix a bug where Docker would not used the correct uid/gid when processing the `WORKDIR` command ([#21033](https://github.com/docker/docker/pull/21033))
+- Fix a bug where copy operations with userns would not use the proper uid/gid ([#20782](https://github.com/docker/docker/pull/20782), [#21162](https://github.com/docker/docker/pull/21162))
+
+### Client
+
+* Usage of the `:` separator for security option has been deprecated. `=` should be used instead ([#21232](https://github.com/docker/docker/pull/21232))
++ The client user agent is now passed to the registry on `pull`, `build`, `push`, `login` and `search` operations ([#21306](https://github.com/docker/docker/pull/21306), [#21373](https://github.com/docker/docker/pull/21373))
+* Allow setting the Domainname and Hostname separately through the API ([#20200](https://github.com/docker/docker/pull/20200))
+* Docker info will now warn users if it can not detect the kernel version or the operating system ([#21128](https://github.com/docker/docker/pull/21128))
+- Fix an issue where `docker stats --no-stream` output could be all 0s ([#20803](https://github.com/docker/docker/pull/20803))
+- Fix a bug where some newly started container would not appear in a running `docker stats` command ([#20792](https://github.com/docker/docker/pull/20792))
+* Post processing is no longer enabled for linux-cgo terminals ([#20587](https://github.com/docker/docker/pull/20587))
+- Values to `--hostname` are now refused if they do not comply with [RFC1123](https://tools.ietf.org/html/rfc1123) ([#20566](https://github.com/docker/docker/pull/20566))
++ Docker learned how to use a SOCKS proxy ([#20366](https://github.com/docker/docker/pull/20366), [#18373](https://github.com/docker/docker/pull/18373))
++ Docker now supports external credential stores ([#20107](https://github.com/docker/docker/pull/20107))
+* `docker ps` now supports displaying the list of volumes mounted inside a container ([#20017](https://github.com/docker/docker/pull/20017))
+* `docker info` now also report Docker's root directory location ([#19986](https://github.com/docker/docker/pull/19986))
+- Docker now prohibits login in with an empty username (spaces are trimmed) ([#19806](https://github.com/docker/docker/pull/19806))
+* Docker events attributes are now sorted by key ([#19761](https://github.com/docker/docker/pull/19761))
+* `docker ps` no longer show exported port for stopped containers ([#19483](https://github.com/docker/docker/pull/19483))
+- Docker now cleans after itself if a save/export command fails ([#17849](https://github.com/docker/docker/pull/17849))
+* Docker load learned how to display a progress bar ([#17329](https://github.com/docker/docker/pull/17329), [#120078](https://github.com/docker/docker/pull/20078))
+
+### Distribution
+
+- Fix a panic that occurred when pulling an images with 0 layers ([#21222](https://github.com/docker/docker/pull/21222))
+- Fix a panic that could occur on error while pushing to a registry with a misconfigured token service ([#21212](https://github.com/docker/docker/pull/21212))
++ All first-level delegation roles are now signed when doing a trusted push ([#21046](https://github.com/docker/docker/pull/21046))
++ OAuth support for registries was added ([#20970](https://github.com/docker/docker/pull/20970))
+* `docker login` now handles token using the implementation found in [docker/distribution](https://github.com/docker/distribution) ([#20832](https://github.com/docker/docker/pull/20832))
+* `docker login` will no longer prompt for an email ([#20565](https://github.com/docker/docker/pull/20565))
+* Docker will now fallback to registry V1 if no basic auth credentials are available ([#20241](https://github.com/docker/docker/pull/20241))
+* Docker will now try to resume layer download where it left off after a network error/timeout ([#19840](https://github.com/docker/docker/pull/19840))
+- Fix generated manifest mediaType when pushing cross-repository ([#19509](https://github.com/docker/docker/pull/19509))
+- Fix docker requesting additional push credentials when pulling an image if Content Trust is enabled ([#20382](https://github.com/docker/docker/pull/20382))
+
+### Logging
+
+- Fix a race in the journald log driver ([#21311](https://github.com/docker/docker/pull/21311))
+* Docker syslog driver now uses the RFC-5424 format when emitting logs ([#20121](https://github.com/docker/docker/pull/20121))
+* Docker GELF log driver now allows to specify the compression algorithm and level via the `gelf-compression-type` and `gelf-compression-level` options ([#19831](https://github.com/docker/docker/pull/19831))
+* Docker daemon learned to output uncolorized logs via the `--raw-logs` options ([#19794](https://github.com/docker/docker/pull/19794))
++ Docker, on Windows platform, now includes an ETW (Event Tracing in Windows) logging driver named `etwlogs` ([#19689](https://github.com/docker/docker/pull/19689))
+* Journald log driver learned how to handle tags ([#19564](https://github.com/docker/docker/pull/19564))
++ The fluentd log driver learned the following options: `fluentd-address`, `fluentd-buffer-limit`, `fluentd-retry-wait`, `fluentd-max-retries` and `fluentd-async-connect` ([#19439](https://github.com/docker/docker/pull/19439))
++ Docker learned to send log to Google Cloud via the new `gcplogs` logging driver. ([#18766](https://github.com/docker/docker/pull/18766))
+
+
+### Misc
+
++ When saving linked images together with `docker save` a subsequent `docker load` will correctly restore their parent/child relationship ([#21385](https://github.com/docker/docker/pull/c))
++ Support for building the Docker cli for OpenBSD was added ([#21325](https://github.com/docker/docker/pull/21325))
++ Labels can now be applied at network, volume and image creation ([#21270](https://github.com/docker/docker/pull/21270))
+* The `dockremap` is now created as a system user ([#21266](https://github.com/docker/docker/pull/21266))
+- Fix a few response body leaks ([#21258](https://github.com/docker/docker/pull/21258))
+- Docker, when run as a service with systemd, will now properly manage its processes cgroups ([#20633](https://github.com/docker/docker/pull/20633))
+* Docker info now reports the value of cgroup KernelMemory or emits a warning if it is not supported ([#20863](https://github.com/docker/docker/pull/20863))
+* Docker info now also reports the cgroup driver in use ([#20388](https://github.com/docker/docker/pull/20388))
+* Docker completion is now available on PowerShell ([#19894](https://github.com/docker/docker/pull/19894))
+* `dockerinit` is no more ([#19490](https://github.com/docker/docker/pull/19490),[#19851](https://github.com/docker/docker/pull/19851))
++ Support for building Docker on arm64 was added ([#19013](https://github.com/docker/docker/pull/19013))
++ Experimental support for building docker.exe in a native Windows Docker installation ([#18348](https://github.com/docker/docker/pull/18348))
+
+### Networking
+
+- Fix panic if a node is forcibly removed from the cluster ([#21671](https://github.com/docker/docker/pull/21671))
+- Fix "error creating vxlan interface" when starting a container in a Swarm cluster ([#21671](https://github.com/docker/docker/pull/21671))
+* `docker network inspect` will now report all endpoints whether they have an active container or not ([#21160](https://github.com/docker/docker/pull/21160))
++ Experimental support for the MacVlan and IPVlan network drivers have been added ([#21122](https://github.com/docker/docker/pull/21122))
+* Output of `docker network ls` is now sorted by network name ([#20383](https://github.com/docker/docker/pull/20383))
+- Fix a bug where Docker would allow a network to be created with the reserved `default` name ([#19431](https://github.com/docker/docker/pull/19431))
+* `docker network inspect` returns whether a network is internal or not ([#19357](https://github.com/docker/docker/pull/19357))
++ Control IPv6 via explicit option when creating a network (`docker network create --ipv6`). This shows up as a new `EnableIPv6` field in `docker network inspect` ([#17513](https://github.com/docker/docker/pull/17513))
+* Support for AAAA Records (aka IPv6 Service Discovery) in embedded DNS Server ([#21396](https://github.com/docker/docker/pull/21396))
+- Fix to not forward docker domain IPv6 queries to external servers ([#21396](https://github.com/docker/docker/pull/21396))
+* Multiple A/AAAA records from embedded DNS Server for DNS Round robin ([#21019](https://github.com/docker/docker/pull/21019))
+- Fix endpoint count inconsistency after an ungraceful dameon restart ([#21261](https://github.com/docker/docker/pull/21261))
+- Move the ownership of exposed ports and port-mapping options from Endpoint to Sandbox ([#21019](https://github.com/docker/docker/pull/21019))
+- Fixed a bug which prevents docker reload when host is configured with ipv6.disable=1 ([#21019](https://github.com/docker/docker/pull/21019))
+- Added inbuilt nil IPAM driver ([#21019](https://github.com/docker/docker/pull/21019))
+- Fixed bug in iptables.Exists() logic [#21019](https://github.com/docker/docker/pull/21019)
+- Fixed a Veth interface leak when using overlay network ([#21019](https://github.com/docker/docker/pull/21019))
+- Fixed a bug which prevents docker reload after a network delete during shutdown ([#20214](https://github.com/docker/docker/pull/20214))
+- Make sure iptables chains are recreated on firewalld reload ([#20419](https://github.com/docker/docker/pull/20419))
+- Allow to pass global datastore during config reload ([#20419](https://github.com/docker/docker/pull/20419))
+- For anonymous containers use the alias name for IP to name mapping, ie:DNS PTR record ([#21019](https://github.com/docker/docker/pull/21019))
+- Fix a panic when deleting an entry from /etc/hosts file  ([#21019](https://github.com/docker/docker/pull/21019))
+- Source the forwarded DNS queries from the container net namespace  ([#21019](https://github.com/docker/docker/pull/21019))
+- Fix to retain the network internal mode config for bridge networks on daemon reload ([#21780] (https://github.com/docker/docker/pull/21780))
+- Fix to retain IPAM driver option configs on daemon reload ([#21914] (https://github.com/docker/docker/pull/21914))
+
+### Plugins
+
+- Fix a file descriptor leak that would occur every time plugins were enumerated ([#20686](https://github.com/docker/docker/pull/20686))
+- Fix an issue where Authz plugin would corrupt the payload body when faced with a large amount of data ([#20602](https://github.com/docker/docker/pull/20602))
+
+### Runtime
+
+- Fix a panic that could occur when cleanup after a container started with invalid parameters ([#21716](https://github.com/docker/docker/pull/21716))
+- Fix a race with event timers stopping early ([#21692](https://github.com/docker/docker/pull/21692))
+- Fix race conditions in the layer store, potentially corrupting the map and crashing the process ([#21677](https://github.com/docker/docker/pull/21677))
+- Un-deprecate auto-creation of host directories for mounts. This feature was marked deprecated in ([#21666](https://github.com/docker/docker/pull/21666))  
+  Docker 1.9, but was decided to be too much of an backward-incompatible change, so it was decided to keep the feature.
++ It is now possible for containers to share the NET and IPC namespaces when `userns` is enabled ([#21383](https://github.com/docker/docker/pull/21383))
++ `docker inspect <image-id>` will now expose the rootfs layers ([#21370](https://github.com/docker/docker/pull/21370))
++ Docker Windows gained a minimal `top` implementation ([#21354](https://github.com/docker/docker/pull/21354))
+* Docker learned to report the faulty exe when a container cannot be started due to its condition ([#21345](https://github.com/docker/docker/pull/21345))
+* Docker with device mapper will now refuse to run if `udev sync` is not available ([#21097](https://github.com/docker/docker/pull/21097))
+- Fix a bug where Docker would not validate the config file upon configuration reload ([#21089](https://github.com/docker/docker/pull/21089))
+- Fix a hang that would happen on attach if initial start was to fail ([#21048](https://github.com/docker/docker/pull/21048))
+- Fix an issue where registry service options in the daemon configuration file were not properly taken into account ([#21045](https://github.com/docker/docker/pull/21045))
+- Fix a race between the exec and resize operations ([#21022](https://github.com/docker/docker/pull/21022))
+- Fix an issue where nanoseconds were not correctly taken in account when filtering Docker events ([#21013](https://github.com/docker/docker/pull/21013))
+- Fix the handling of Docker command when passed a 64 bytes id ([#21002](https://github.com/docker/docker/pull/21002))
+* Docker will now return a `204` (i.e http.StatusNoContent) code when it successfully deleted a network ([#20977](https://github.com/docker/docker/pull/20977))
+- Fix a bug where the daemon would wait indefinitely in case the process it was about to killed had already exited on its own ([#20967](https://github.com/docker/docker/pull/20967)
+* The devmapper driver learned the `dm.min_free_space` option. If the mapped device free space reaches the passed value, new device creation will be prohibited. ([#20786](https://github.com/docker/docker/pull/20786))
++ Docker can now prevent processes in container to gain new privileges via the `--security-opt=no-new-privileges` flag ([#20727](https://github.com/docker/docker/pull/20727))
+- Starting a container with the `--device` option will now correctly resolves symlinks ([#20684](https://github.com/docker/docker/pull/20684))
++ Docker now relies on [`containerd`](https://github.com/docker/containerd) and [`runc`](https://github.com/opencontainers/runc) to spawn containers. ([#20662](https://github.com/docker/docker/pull/20662))
+- Fix docker configuration reloading to only alter value present in the given config file ([#20604](https://github.com/docker/docker/pull/20604))
++ Docker now allows setting a container hostname via the `--hostname` flag when `--net=host` ([#20177](https://github.com/docker/docker/pull/20177))
++ Docker now allows executing privileged container while running with `--userns-remap` if both `--privileged` and the new `--userns=host` flag are specified ([#20111](https://github.com/docker/docker/pull/20111))
+- Fix Docker not cleaning up correctly old containers upon restarting after a crash ([#19679](https://github.com/docker/docker/pull/19679))
+* Docker will now error out if it doesn't recognize a configuration key within the config file ([#19517](https://github.com/docker/docker/pull/19517))
+- Fix container loading, on daemon startup, when they depends on a plugin running within a container ([#19500](https://github.com/docker/docker/pull/19500))
+* `docker update` learned how to change a container restart policy ([#19116](https://github.com/docker/docker/pull/19116))
+* `docker inspect` now also returns a new `State` field containing the container state in a human readable way (i.e. one of `created`, `restarting`, `running`, `paused`, `exited` or `dead`)([#18966](https://github.com/docker/docker/pull/18966))
++ Docker learned to limit the number of active pids (i.e. processes) within the container via the `pids-limit` flags. NOTE: This requires `CGROUP_PIDS=y` to be in the kernel configuration. ([#18697](https://github.com/docker/docker/pull/18697))
+- `docker load` now has a `--quiet` option to suppress the load output ([#20078](https://github.com/docker/docker/pull/20078))
+- Fix a bug in neighbor discovery for IPv6 peers ([#20842](https://github.com/docker/docker/pull/20842))
+- Fix a panic during cleanup if a container was started with invalid options ([#21802](https://github.com/docker/docker/pull/21802))
+- Fix a situation where a container cannot be stopped if the terminal is closed ([#21840](https://github.com/docker/docker/pull/21840))
+
+### Security
+
+* Object with the `pcp_pmcd_t` selinux type were given management access to `/var/lib/docker(/.*)?` ([#21370](https://github.com/docker/docker/pull/21370))
+* `restart_syscall`, `copy_file_range`, `mlock2` joined the list of allowed calls in the default seccomp profile ([#21117](https://github.com/docker/docker/pull/21117), [#21262](https://github.com/docker/docker/pull/21262))
+* `send`, `recv` and `x32` were added to the list of allowed syscalls and arch in the default seccomp profile ([#19432](https://github.com/docker/docker/pull/19432))
+* Docker Content Trust now requests the server to perform snapshot signing ([#21046](https://github.com/docker/docker/pull/21046))
+* Support for using YubiKeys for Content Trust signing has been moved out of experimental ([#21591](https://github.com/docker/docker/pull/21591))
+
+### Volumes
+
+* Output of `docker volume ls` is now sorted by volume name ([#20389](https://github.com/docker/docker/pull/20389))
+* Local volumes can now accepts options similar to the unix `mount` tool ([#20262](https://github.com/docker/docker/pull/20262))
+- Fix an issue where one letter directory name could not be used as source for volumes ([#21106](https://github.com/docker/docker/pull/21106))
++ `docker run -v` now accepts a new flag `nocopy`. This tell the runtime not to copy the container path content into the volume (which is the default behavior) ([#21223](https://github.com/docker/docker/pull/21223))
+
+## 1.10.3 (2016-03-10)
+
+### Runtime
+
+- Fix Docker client exiting with an "Unrecognized input header" error [#20706](https://github.com/docker/docker/pull/20706)
+- Fix Docker exiting if Exec is started with both `AttachStdin` and `Detach` [#20647](https://github.com/docker/docker/pull/20647)
+
+### Distribution
+
+- Fix a crash when pushing multiple images sharing the same layers to the same repository in parallel [#20831](https://github.com/docker/docker/pull/20831)
+- Fix a panic when pushing images to a registry which uses a misconfigured token service [#21030](https://github.com/docker/docker/pull/21030)
+
+### Plugin system
+
+- Fix issue preventing volume plugins to start when SELinux is enabled [#20834](https://github.com/docker/docker/pull/20834)
+- Prevent Docker from exiting if a volume plugin returns a null response for Get requests [#20682](https://github.com/docker/docker/pull/20682)
+- Fix plugin system leaking file descriptors if a plugin has an error [#20680](https://github.com/docker/docker/pull/20680)
+
+### Security
+
+- Fix linux32 emulation to fail during docker build [#20672](https://github.com/docker/docker/pull/20672)
+  It was due to the `personality` syscall being blocked by the default seccomp profile.
+- Fix Oracle XE 10g failing to start in a container [#20981](https://github.com/docker/docker/pull/20981)
+  It was due to the `ipc` syscall being blocked by the default seccomp profile.
+- Fix user namespaces not working on Linux From Scratch [#20685](https://github.com/docker/docker/pull/20685)
+- Fix issue preventing daemon to start if userns is enabled and the `subuid` or `subgid` files contain comments [#20725](https://github.com/docker/docker/pull/20725)
+
+## 1.10.2 (2016-02-22)
+
+### Runtime
+
+- Prevent systemd from deleting containers' cgroups when its configuration is reloaded [#20518](https://github.com/docker/docker/pull/20518)
+- Fix SELinux issues by disregarding `--read-only` when mounting `/dev/mqueue` [#20333](https://github.com/docker/docker/pull/20333)
+- Fix chown permissions used during `docker cp` when userns is used [#20446](https://github.com/docker/docker/pull/20446)
+- Fix configuration loading issue with all booleans defaulting to `true` [#20471](https://github.com/docker/docker/pull/20471)
+- Fix occasional panic with `docker logs -f` [#20522](https://github.com/docker/docker/pull/20522)
+
+### Distribution
+
+- Keep layer reference if deletion failed to avoid a badly inconsistent state [#20513](https://github.com/docker/docker/pull/20513)
+- Handle gracefully a corner case when canceling migration [#20372](https://github.com/docker/docker/pull/20372)
+- Fix docker import on compressed data [#20367](https://github.com/docker/docker/pull/20367)
+- Fix tar-split files corruption during migration that later cause docker push and docker save to fail [#20458](https://github.com/docker/docker/pull/20458)
+
+### Networking
+
+- Fix daemon crash if embedded DNS is sent garbage [#20510](https://github.com/docker/docker/pull/20510)
+
+### Volumes
+
+- Fix issue with multiple volume references with same name [#20381](https://github.com/docker/docker/pull/20381)
+
+### Security
+
+- Fix potential cache corruption and delegation conflict issues [#20523](https://github.com/docker/docker/pull/20523)
+
+## 1.10.1 (2016-02-11)
+
+### Runtime
+
+* Do not stop daemon on migration hard failure [#20156](https://github.com/docker/docker/pull/20156)
+- Fix various issues with migration to content-addressable images [#20058](https://github.com/docker/docker/pull/20058)
+- Fix ZFS permission bug with user namespaces [#20045](https://github.com/docker/docker/pull/20045)
+- Do not leak /dev/mqueue from the host to all containers, keep it container-specific [#19876](https://github.com/docker/docker/pull/19876) [#20133](https://github.com/docker/docker/pull/20133)
+- Fix `docker ps --filter before=...` to not show stopped containers without providing `-a` flag [#20135](https://github.com/docker/docker/pull/20135)
+
+### Security
+
+- Fix issue preventing docker events to work properly with authorization plugin [#20002](https://github.com/docker/docker/pull/20002)
+
+### Distribution
+
+* Add additional verifications and prevent from uploading invalid data to registries [#20164](https://github.com/docker/docker/pull/20164)
+- Fix regression preventing uppercase characters in image reference hostname [#20175](https://github.com/docker/docker/pull/20175)
+
+### Networking
+
+- Fix embedded DNS for user-defined networks in the presence of firewalld [#20060](https://github.com/docker/docker/pull/20060)
+- Fix issue where removing a network during shutdown left Docker inoperable [#20181](https://github.com/docker/docker/issues/20181) [#20235](https://github.com/docker/docker/issues/20235)
+- Embedded DNS is now able to return compressed results [#20181](https://github.com/docker/docker/issues/20181)
+- Fix port-mapping issue with `userland-proxy=false` [#20181](https://github.com/docker/docker/issues/20181)
+
+### Logging
+
+- Fix bug where tcp+tls protocol would be rejected [#20109](https://github.com/docker/docker/pull/20109)
+
+### Volumes
+
+- Fix issue whereby older volume drivers would not receive volume options [#19983](https://github.com/docker/docker/pull/19983)
+
+### Misc
+
+- Remove TasksMax from Docker systemd service [#20167](https://github.com/docker/docker/pull/20167)
+
+## 1.10.0 (2016-02-04)
+
+**IMPORTANT**: Docker 1.10 uses a new content-addressable storage for images and layers.
+A migration is performed the first time docker is run, and can take a significant amount of time depending on the number of images present.
+Refer to this page on the wiki for more information: https://github.com/docker/docker/wiki/Engine-v1.10.0-content-addressability-migration
+We also released a cool migration utility that enables you to perform the migration before updating to reduce downtime.
+Engine 1.10 migrator can be found on Docker Hub: https://hub.docker.com/r/docker/v1.10-migrator/
+
+### Runtime
+
++ New `docker update` command that allows updating resource constraints on running containers [#15078](https://github.com/docker/docker/pull/15078)
++ Add `--tmpfs` flag to `docker run` to create a tmpfs mount in a container [#13587](https://github.com/docker/docker/pull/13587)
++ Add `--format` flag to `docker images` command [#17692](https://github.com/docker/docker/pull/17692)
++ Allow to set daemon configuration in a file and hot-reload it with the `SIGHUP` signal [#18587](https://github.com/docker/docker/pull/18587)
++ Updated docker events to include more meta-data and event types [#18888](https://github.com/docker/docker/pull/18888)
+  This change is backward compatible in the API, but not on the CLI.
++ Add `--blkio-weight-device` flag to `docker run` [#13959](https://github.com/docker/docker/pull/13959)
++ Add `--device-read-bps` and `--device-write-bps` flags to `docker run` [#14466](https://github.com/docker/docker/pull/14466)
++ Add `--device-read-iops` and `--device-write-iops` flags to `docker run` [#15879](https://github.com/docker/docker/pull/15879)
++ Add `--oom-score-adj` flag to `docker run` [#16277](https://github.com/docker/docker/pull/16277)
++ Add `--detach-keys` flag to `attach`, `run`, `start` and `exec` commands to override the default key sequence that detaches from a container  [#15666](https://github.com/docker/docker/pull/15666)
++ Add `--shm-size` flag to `run`, `create` and `build` to set the size of `/dev/shm` [#16168](https://github.com/docker/docker/pull/16168)
++ Show the number of running, stopped, and paused containers in `docker info` [#19249](https://github.com/docker/docker/pull/19249)
++ Show the `OSType` and `Architecture` in `docker info` [#17478](https://github.com/docker/docker/pull/17478)
++ Add `--cgroup-parent` flag on `daemon` to set cgroup parent for all containers [#19062](https://github.com/docker/docker/pull/19062)
++ Add `-L` flag to docker cp to follow symlinks [#16613](https://github.com/docker/docker/pull/16613)
++ New `status=dead` filter for `docker ps` [#17908](https://github.com/docker/docker/pull/17908)
+* Change `docker run` exit codes to distinguish between runtime and application errors [#14012](https://github.com/docker/docker/pull/14012)
+* Enhance `docker events --since` and `--until` to support nanoseconds and timezones [#17495](https://github.com/docker/docker/pull/17495)
+* Add `--all`/`-a` flag to `stats` to include both running and stopped containers [#16742](https://github.com/docker/docker/pull/16742)
+* Change the default cgroup-driver to `cgroupfs` [#17704](https://github.com/docker/docker/pull/17704)
+* Emit a "tag" event when tagging an image with `build -t` [#17115](https://github.com/docker/docker/pull/17115)
+* Best effort for linked containers' start order when starting the daemon [#18208](https://github.com/docker/docker/pull/18208)
+* Add ability to add multiple tags on `build` [#15780](https://github.com/docker/docker/pull/15780)
+* Permit `OPTIONS` request against any url, thus fixing issue with CORS [#19569](https://github.com/docker/docker/pull/19569)
+- Fix the `--quiet` flag on `docker build` to actually be quiet [#17428](https://github.com/docker/docker/pull/17428)
+- Fix `docker images --filter dangling=false` to now show all non-dangling images [#19326](https://github.com/docker/docker/pull/19326)
+- Fix race condition causing autorestart turning off on restart [#17629](https://github.com/docker/docker/pull/17629)
+- Recognize GPFS filesystems [#19216](https://github.com/docker/docker/pull/19216)
+- Fix obscure bug preventing to start containers [#19751](https://github.com/docker/docker/pull/19751)
+- Forbid `exec` during container restart [#19722](https://github.com/docker/docker/pull/19722)
+- devicemapper: Increasing `--storage-opt dm.basesize` will now increase the base device size on daemon restart [#19123](https://github.com/docker/docker/pull/19123)
+
+### Security
+
++ Add `--userns-remap` flag to `daemon` to support user namespaces (previously in experimental) [#19187](https://github.com/docker/docker/pull/19187)
++ Add support for custom seccomp profiles in `--security-opt` [#17989](https://github.com/docker/docker/pull/17989)
++ Add default seccomp profile [#18780](https://github.com/docker/docker/pull/18780)
++ Add `--authorization-plugin` flag to `daemon` to customize ACLs [#15365](https://github.com/docker/docker/pull/15365)
++ Docker Content Trust now supports the ability to read and write user delegations [#18887](https://github.com/docker/docker/pull/18887)
+  This is an optional, opt-in feature that requires the explicit use of the Notary command-line utility in order to be enabled.
+  Enabling delegation support in a specific repository will break the ability of Docker 1.9 and 1.8 to pull from that repository, if content trust is enabled.
+* Allow SELinux to run in a container when using the BTRFS storage driver [#16452](https://github.com/docker/docker/pull/16452)
+
+### Distribution
+
+* Use content-addressable storage for images and layers [#17924](https://github.com/docker/docker/pull/17924)
+  Note that a migration is performed the first time docker is run; it can take a significant amount of time depending on the number of images and containers present.
+  Images no longer depend on the parent chain but contain a list of layer references.
+  `docker load`/`docker save` tarballs now also contain content-addressable image configurations.
+  For more information: https://github.com/docker/docker/wiki/Engine-v1.10.0-content-addressability-migration
+* Add support for the new [manifest format ("schema2")](https://github.com/docker/distribution/blob/master/docs/spec/manifest-v2-2.md) [#18785](https://github.com/docker/docker/pull/18785)
+* Lots of improvements for push and pull: performance++, retries on failed downloads, cancelling on client disconnect [#18353](https://github.com/docker/docker/pull/18353), [#18418](https://github.com/docker/docker/pull/18418), [#19109](https://github.com/docker/docker/pull/19109), [#18353](https://github.com/docker/docker/pull/18353)
+* Limit v1 protocol fallbacks [#18590](https://github.com/docker/docker/pull/18590)
+- Fix issue where docker could hang indefinitely waiting for a nonexistent process to pull an image [#19743](https://github.com/docker/docker/pull/19743)
+
+### Networking
+
++ Use DNS-based discovery instead of `/etc/hosts` [#19198](https://github.com/docker/docker/pull/19198)
++ Support for network-scoped alias using `--net-alias` on `run` and `--alias` on `network connect` [#19242](https://github.com/docker/docker/pull/19242)
++ Add `--ip` and `--ip6` on `run` and `network connect` to support custom IP addresses for a container in a network [#19001](https://github.com/docker/docker/pull/19001)
++ Add `--ipam-opt` to `network create` for passing custom IPAM options [#17316](https://github.com/docker/docker/pull/17316)
++ Add `--internal` flag to `network create` to restrict external access to and from the network [#19276](https://github.com/docker/docker/pull/19276)
++ Add `kv.path` option to `--cluster-store-opt` [#19167](https://github.com/docker/docker/pull/19167)
++ Add `discovery.heartbeat` and `discovery.ttl` options to `--cluster-store-opt` to configure discovery TTL and heartbeat timer [#18204](https://github.com/docker/docker/pull/18204)
++ Add `--format` flag to `network inspect` [#17481](https://github.com/docker/docker/pull/17481)
++ Add `--link` to `network connect` to provide a container-local alias [#19229](https://github.com/docker/docker/pull/19229)
++ Support for Capability exchange with remote IPAM plugins [#18775](https://github.com/docker/docker/pull/18775)
++ Add `--force` to `network disconnect` to force container to be disconnected from network [#19317](https://github.com/docker/docker/pull/19317)
+* Support for multi-host networking using built-in overlay driver for all engine supported kernels: 3.10+ [#18775](https://github.com/docker/docker/pull/18775)
+* `--link` is now supported on `docker run` for containers in user-defined network [#19229](https://github.com/docker/docker/pull/19229)
+* Enhance `docker network rm` to allow removing multiple networks [#17489](https://github.com/docker/docker/pull/17489)
+* Include container names in `network inspect` [#17615](https://github.com/docker/docker/pull/17615)
+* Include auto-generated subnets for user-defined networks in `network inspect` [#17316](https://github.com/docker/docker/pull/17316)
+* Add `--filter` flag to `network ls` to hide predefined networks [#17782](https://github.com/docker/docker/pull/17782)
+* Add support for network connect/disconnect to stopped containers [#18906](https://github.com/docker/docker/pull/18906)
+* Add network ID to container inspect [#19323](https://github.com/docker/docker/pull/19323)
+- Fix MTU issue where Docker would not start with two or more default routes [#18108](https://github.com/docker/docker/pull/18108)
+- Fix duplicate IP address for containers [#18106](https://github.com/docker/docker/pull/18106)
+- Fix issue preventing sometimes docker from creating the bridge network [#19338](https://github.com/docker/docker/pull/19338)
+- Do not substitute 127.0.0.1 name server when using `--net=host` [#19573](https://github.com/docker/docker/pull/19573)
+
+### Logging
+
++ New logging driver for Splunk [#16488](https://github.com/docker/docker/pull/16488)
++ Add support for syslog over TCP+TLS [#18998](https://github.com/docker/docker/pull/18998)
+* Enhance `docker logs --since` and `--until` to support nanoseconds and time [#17495](https://github.com/docker/docker/pull/17495)
+* Enhance AWS logs to auto-detect region [#16640](https://github.com/docker/docker/pull/16640)
+
+### Volumes
+
++ Add support to set the mount propagation mode for a volume [#17034](https://github.com/docker/docker/pull/17034)
+* Add `ls` and `inspect` endpoints to volume plugin API [#16534](https://github.com/docker/docker/pull/16534)
+  Existing plugins need to make use of these new APIs to satisfy users' expectation
+  For that, please use the new MIME type `application/vnd.docker.plugins.v1.2+json` [#19549](https://github.com/docker/docker/pull/19549)
+- Fix data not being copied to named volumes [#19175](https://github.com/docker/docker/pull/19175)
+- Fix issues preventing volume drivers from being containerized [#19500](https://github.com/docker/docker/pull/19500)
+- Fix `docker volumes ls --dangling=false` to now show all non-dangling volumes [#19671](https://github.com/docker/docker/pull/19671)
+- Do not remove named volumes on container removal [#19568](https://github.com/docker/docker/pull/19568)
+- Allow external volume drivers to host anonymous volumes [#19190](https://github.com/docker/docker/pull/19190)
+
+### Builder
+
++ Add support for `**` in `.dockerignore` to wildcard multiple levels of directories [#17090](https://github.com/docker/docker/pull/17090)
+- Fix handling of UTF-8 characters in Dockerfiles [#17055](https://github.com/docker/docker/pull/17055)
+- Fix permissions problem when reading from STDIN [#19283](https://github.com/docker/docker/pull/19283)
+
+### Client
+
++ Add support for overriding the API version to use via an `DOCKER_API_VERSION` environment-variable [#15964](https://github.com/docker/docker/pull/15964)
+- Fix a bug preventing Windows clients to log in to Docker Hub [#19891](https://github.com/docker/docker/pull/19891)
+
+### Misc
+
+* systemd: Set TasksMax in addition to LimitNPROC in systemd service file [#19391](https://github.com/docker/docker/pull/19391)
+
+### Deprecations
+
+* Remove LXC support. The LXC driver was deprecated in Docker 1.8, and has now been removed [#17700](https://github.com/docker/docker/pull/17700)
+* Remove `--exec-driver` daemon flag, because it is no longer in use [#17700](https://github.com/docker/docker/pull/17700)
+* Remove old deprecated single-dashed long CLI flags (such as `-rm`; use `--rm` instead) [#17724](https://github.com/docker/docker/pull/17724)
+* Deprecate HostConfig at API container start [#17799](https://github.com/docker/docker/pull/17799)
+* Deprecate docker packages for newly EOL'd Linux distributions: Fedora 21 and Ubuntu 15.04 (Vivid) [#18794](https://github.com/docker/docker/pull/18794), [#18809](https://github.com/docker/docker/pull/18809)
+* Deprecate `-f` flag for docker tag [#18350](https://github.com/docker/docker/pull/18350)
+
+## 1.9.1 (2015-11-21)
+
+### Runtime
+
+- Do not prevent daemon from booting if images could not be restored (#17695)
+- Force IPC mount to unmount on daemon shutdown/init (#17539)
+- Turn IPC unmount errors into warnings (#17554)
+- Fix `docker stats` performance regression (#17638)
+- Clarify cryptic error message upon `docker logs` if `--log-driver=none` (#17767)
+- Fix seldom panics (#17639, #17634, #17703)
+- Fix opq whiteouts problems for files with dot prefix (#17819)
+- devicemapper: try defaulting to xfs instead of ext4 for performance reasons (#17903, #17918)
+- devicemapper: fix displayed fs in docker info (#17974)
+- selinux: only relabel if user requested so with the `z` option (#17450, #17834)
+- Do not make network calls when normalizing names (#18014)
+
+### Client
+
+- Fix `docker login` on windows (#17738)
+- Fix bug with `docker inspect` output when not connected to daemon (#17715)
+- Fix `docker inspect -f {{.HostConfig.Dns}} somecontainer` (#17680)
+
+### Builder
+
+- Fix regression with symlink behavior in ADD/COPY (#17710)
+
+### Networking
+
+- Allow passing a network ID as an argument for `--net` (#17558)
+- Fix connect to host and prevent disconnect from host for `host` network (#17476)
+- Fix `--fixed-cidr` issue when gateway ip falls in ip-range and ip-range is
+  not the first block in the network (#17853)
+- Restore deterministic `IPv6` generation from `MAC` address on default `bridge` network (#17890)
+- Allow port-mapping only for endpoints created on docker run (#17858)
+- Fixed an endpoint delete issue with a possible stale sbox (#18102)
+
+### Distribution
+
+- Correct parent chain in v2 push when v1Compatibility files on the disk are inconsistent (#18047)
+
+## 1.9.0 (2015-11-03)
+
+### Runtime
+
++ `docker stats` now returns block IO metrics (#15005)
++ `docker stats` now details network stats per interface (#15786)
++ Add `ancestor=<image>` filter to `docker ps --filter` flag to filter
+containers based on their ancestor images (#14570)
++ Add `label=<somelabel>` filter to `docker ps --filter` to filter containers
+based on label (#16530)
++ Add `--kernel-memory` flag to `docker run` (#14006)
++ Add `--message` flag to `docker import` allowing to specify an optional
+message (#15711)
++ Add `--privileged` flag to `docker exec` (#14113)
++ Add `--stop-signal` flag to `docker run` allowing to replace the container
+process stopping signal (#15307)
++ Add a new `unless-stopped` restart policy (#15348)
++ Inspecting an image now returns tags (#13185)
++ Add container size information to `docker inspect` (#15796)
++ Add `RepoTags` and `RepoDigests` field to `/images/{name:.*}/json` (#17275)
+- Remove the deprecated `/container/ps` endpoint from the API (#15972)
+- Send and document correct HTTP codes for `/exec/<name>/start` (#16250)
+- Share shm and mqueue between containers sharing IPC namespace (#15862)
+- Event stream now shows OOM status when `--oom-kill-disable` is set (#16235)
+- Ensure special network files (/etc/hosts etc.) are read-only if bind-mounted
+with `ro` option (#14965)
+- Improve `rmi` performance (#16890)
+- Do not update /etc/hosts for the default bridge network, except for links (#17325)
+- Fix conflict with duplicate container names (#17389)
+- Fix an issue with incorrect template execution in `docker inspect` (#17284)
+- DEPRECATE `-c` short flag variant for `--cpu-shares` in docker run (#16271)
+
+### Client
+
++ Allow `docker import` to import from local files (#11907)
+
+### Builder
+
++ Add a `STOPSIGNAL` Dockerfile instruction allowing to set a different
+stop-signal for the container process (#15307)
++ Add an `ARG` Dockerfile instruction and a `--build-arg` flag to `docker build`
+that allows to add build-time environment variables (#15182)
+- Improve cache miss performance (#16890)
+
+### Storage
+
+- devicemapper: Implement deferred deletion capability (#16381)
+
+## Networking
+
++ `docker network` exits experimental and is part of standard release (#16645)
++ New network top-level concept, with associated subcommands and API (#16645)
+  WARNING: the API is different from the experimental API
++ Support for multiple isolated/micro-segmented networks (#16645)
++ Built-in multihost networking using VXLAN based overlay driver (#14071)
++ Support for third-party network plugins (#13424)
++ Ability to dynamically connect containers to multiple networks (#16645)
++ Support for user-defined IP address management via pluggable IPAM drivers (#16910)
++ Add daemon flags `--cluster-store` and `--cluster-advertise` for built-in nodes discovery (#16229)
++ Add `--cluster-store-opt` for setting up TLS settings (#16644)
++ Add `--dns-opt` to the daemon (#16031)
+- DEPRECATE following container `NetworkSettings` fields in API v1.21: `EndpointID`, `Gateway`,
+  `GlobalIPv6Address`, `GlobalIPv6PrefixLen`, `IPAddress`, `IPPrefixLen`, `IPv6Gateway` and `MacAddress`.
+  Those are now specific to the `bridge` network. Use `NetworkSettings.Networks` to inspect
+  the networking settings of a container per network.
+
+### Volumes
+
++ New top-level `volume` subcommand and API (#14242)
+- Move API volume driver settings to host-specific config (#15798)
+- Print an error message if volume name is not unique (#16009)
+- Ensure volumes created from Dockerfiles always use the local volume driver
+(#15507)
+- DEPRECATE auto-creating missing host paths for bind mounts (#16349)
+
+### Logging
+
++ Add `awslogs` logging driver for Amazon CloudWatch (#15495)
++ Add generic `tag` log option to allow customizing container/image
+information passed to driver (e.g. show container names) (#15384)
+- Implement the `docker logs` endpoint for the journald driver (#13707)
+- DEPRECATE driver-specific log tags (e.g. `syslog-tag`, etc.) (#15384)
+
+### Distribution
+
++ `docker search` now works with partial names (#16509)
+- Push optimization: avoid buffering to file (#15493)
+- The daemon will display progress for images that were already being pulled
+by another client (#15489)
+- Only permissions required for the current action being performed are requested (#)
++ Renaming trust keys (and respective environment variables) from `offline` to
+`root` and `tagging` to `repository` (#16894)
+- DEPRECATE trust key environment variables
+`DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE` and
+`DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE` (#16894)
+
+### Security
+
++ Add SELinux profiles to the rpm package (#15832)
+- Fix various issues with AppArmor profiles provided in the deb package
+(#14609)
+- Add AppArmor policy that prevents writing to /proc (#15571)
+
+## 1.8.3 (2015-10-12)
+
+### Distribution
+
+- Fix layer IDs lead to local graph poisoning (CVE-2014-8178)
+- Fix manifest validation and parsing logic errors allow pull-by-digest validation bypass (CVE-2014-8179)
++ Add `--disable-legacy-registry` to prevent a daemon from using a v1 registry
+
+## 1.8.2 (2015-09-10)
+
+### Distribution
+
+- Fixes rare edge case of handling GNU LongLink and LongName entries.
+- Fix ^C on docker pull.
+- Fix docker pull issues on client disconnection.
+- Fix issue that caused the daemon to panic when loggers weren't configured properly.
+- Fix goroutine leak pulling images from registry V2.
+
+### Runtime
+
+- Fix a bug mounting cgroups for docker daemons running inside docker containers.
+- Initialize log configuration properly.
+
+### Client:
+
+- Handle `-q` flag in `docker ps` properly when there is a default format.
+
+### Networking
+
+- Fix several corner cases with netlink.
+
+### Contrib
+
+- Fix several issues with bash completion.
+
+## 1.8.1 (2015-08-12)
+
+### Distribution
+
+* Fix a bug where pushing multiple tags would result in invalid images
+
+## 1.8.0 (2015-08-11)
+
+### Distribution
+
++ Trusted pull, push and build, disabled by default
+* Make tar layers deterministic between registries
+* Don't allow deleting the image of running containers
+* Check if a tag name to load is a valid digest
+* Allow one character repository names
+* Add a more accurate error description for invalid tag name
+* Make build cache ignore mtime
+
+### Cli
+
++ Add support for DOCKER_CONFIG/--config to specify config file dir
++ Add --type flag  for docker inspect command
++ Add formatting options to `docker ps` with `--format`
++ Replace `docker -d` with new subcommand `docker daemon`
+* Zsh completion updates and improvements
+* Add some missing events to bash completion
+* Support daemon urls with base paths in `docker -H`
+* Validate status= filter to docker ps
+* Display when a container is in --net=host in docker ps
+* Extend docker inspect to export image metadata related to graph driver
+* Restore --default-gateway{,-v6} daemon options
+* Add missing unpublished ports in docker ps
+* Allow duration strings in `docker events` as --since/--until
+* Expose more mounts information in `docker inspect`
+
+### Runtime
+
++ Add new Fluentd logging driver
++ Allow `docker import` to load from local files
++ Add logging driver for GELF via UDP
++ Allow to copy files from host to containers with `docker cp`
++ Promote volume drivers from experimental to master
++ Add rollover options to json-file log driver, and --log-driver-opts flag
++ Add memory swappiness tuning options
+* Remove cgroup read-only flag when privileged
+* Make /proc, /sys, & /dev readonly for readonly containers
+* Add cgroup bind mount by default
+* Overlay: Export metadata for container and image in `docker inspect`
+* Devicemapper: external device activation
+* Devicemapper: Compare uuid of base device on startup
+* Remove RC4 from the list of registry cipher suites
+* Add syslog-facility option
+* LXC execdriver compatibility with recent LXC versions
+* Mark LXC execriver as deprecated (to be removed with the migration to runc)
+
+### Plugins
+
+* Separate plugin sockets and specs locations
+* Allow TLS connections to plugins
+
+### Bug fixes
+
+- Add missing 'Names' field to /containers/json API output
+- Make `docker rmi` of dangling images safe while pulling
+- Devicemapper: Change default basesize to 100G
+- Go Scheduler issue with sync.Mutex and gcc
+- Fix issue where Search API endpoint would panic due to empty AuthConfig
+- Set image canonical names correctly
+- Check dockerinit only if lxc driver is used
+- Fix ulimit usage of nproc
+- Always attach STDIN if -i,--interactive is specified
+- Show error messages when saving container state fails
+- Fixed incorrect assumption on --bridge=none treated as disable network
+- Check for invalid port specifications in host configuration
+- Fix endpoint leave failure for --net=host mode
+- Fix goroutine leak in the stats API if the container is not running
+- Check for apparmor file before reading it
+- Fix DOCKER_TLS_VERIFY being ignored
+- Set umask to the default on startup
+- Correct the message of pause and unpause a non-running container
+- Adjust disallowed CpuShares in container creation
+- ZFS: correctly apply selinux context
+- Display empty string instead of <nil> when IP opt is nil
+- `docker kill` returns error when container is not running
+- Fix COPY/ADD quoted/json form
+- Fix goroutine leak on logs -f with no output
+- Remove panic in nat package on invalid hostport
+- Fix container linking in Fedora 22
+- Fix error caused using default gateways outside of the allocated range
+- Format times in inspect command with a template as RFC3339Nano
+- Make registry client to accept 2xx and 3xx http status responses as successful
+- Fix race issue that caused the daemon to crash with certain layer downloads failed in a specific order.
+- Fix error when the docker ps format was not valid.
+- Remove redundant ip forward check.
+- Fix issue trying to push images to repository mirrors.
+- Fix error cleaning up network entrypoints when there is an initialization issue.
+
+## 1.7.1 (2015-07-14)
+
+#### Runtime
+
+- Fix default user spawning exec process with `docker exec`
+- Make `--bridge=none` not to configure the network bridge
+- Publish networking stats properly
+- Fix implicit devicemapper selection with static binaries
+- Fix socket connections that hung intermittently
+- Fix bridge interface creation on CentOS/RHEL 6.6
+- Fix local dns lookups added to resolv.conf
+- Fix copy command mounting volumes
+- Fix read/write privileges in volumes mounted with --volumes-from
+
+#### Remote API
+
+- Fix unmarshalling of Command and Entrypoint
+- Set limit for minimum client version supported
+- Validate port specification
+- Return proper errors when attach/reattach fail
+
+#### Distribution
+
+- Fix pulling private images
+- Fix fallback between registry V2 and V1
+
+## 1.7.0 (2015-06-16)
+
+#### Runtime
++ Experimental feature: support for out-of-process volume plugins
+* The userland proxy can be disabled in favor of hairpin NAT using the daemon’s `--userland-proxy=false` flag
+* The `exec` command supports the `-u|--user` flag to specify the new process owner
++ Default gateway for containers can be specified daemon-wide using the `--default-gateway` and `--default-gateway-v6` flags
++ The CPU CFS (Completely Fair Scheduler) quota can be set in `docker run` using `--cpu-quota`
++ Container block IO can be controlled in `docker run` using`--blkio-weight`
++ ZFS support
++ The `docker logs` command supports a `--since` argument
++ UTS namespace can be shared with the host with `docker run --uts=host`
+
+#### Quality
+* Networking stack was entirely rewritten as part of the libnetwork effort
+* Engine internals refactoring
+* Volumes code was entirely rewritten to support the plugins effort
++ Sending SIGUSR1 to a daemon will dump all goroutines stacks without exiting
+
+#### Build
++ Support ${variable:-value} and ${variable:+value} syntax for environment variables
++ Support resource management flags `--cgroup-parent`, `--cpu-period`, `--cpu-quota`, `--cpuset-cpus`, `--cpuset-mems`
++ git context changes with branches and directories
+* The .dockerignore file support exclusion rules
+
+#### Distribution
++ Client support for v2 mirroring support for the official registry
+
+#### Bugfixes
+* Firewalld is now supported and will automatically be used when available
+* mounting --device recursively
+
+## 1.6.2 (2015-05-13)
+
+####  Runtime
+- Revert change prohibiting mounting into /sys
+
+## 1.6.1 (2015-05-07)
+
+####  Security
+- Fix read/write /proc paths (CVE-2015-3630)
+- Prohibit VOLUME /proc and VOLUME / (CVE-2015-3631)
+- Fix opening of file-descriptor 1 (CVE-2015-3627)
+- Fix symlink traversal on container respawn allowing local privilege escalation (CVE-2015-3629)
+- Prohibit mount of /sys
+
+#### Runtime
+- Update AppArmor policy to not allow mounts
+
+## 1.6.0 (2015-04-07)
+
+#### Builder
++ Building images from an image ID
++ Build containers with resource constraints, ie `docker build --cpu-shares=100 --memory=1024m...`
++ `commit --change` to apply specified Dockerfile instructions while committing the image
++ `import --change` to apply specified Dockerfile instructions while importing the image
++ Builds no longer continue in the background when canceled with CTRL-C
+
+#### Client
++ Windows Support
+
+#### Runtime
++ Container and image Labels
++ `--cgroup-parent` for specifying a parent cgroup to place container cgroup within
++ Logging drivers, `json-file`, `syslog`, or `none`
++ Pulling images by ID
++ `--ulimit` to set the ulimit on a container
++ `--default-ulimit` option on the daemon which applies to all created containers (and overwritten by `--ulimit` on run)
+
+## 1.5.0 (2015-02-10)
+
+#### Builder
++ Dockerfile to use for a given `docker build` can be specified with the `-f` flag
+* Dockerfile and .dockerignore files can be themselves excluded as part of the .dockerignore file, thus preventing modifications to these files invalidating ADD or COPY instructions cache
+* ADD and COPY instructions accept relative paths
+* Dockerfile `FROM scratch` instruction is now interpreted as a no-base specifier
+* Improve performance when exposing a large number of ports
+
+#### Hack
++ Allow client-side only integration tests for Windows
+* Include docker-py integration tests against Docker daemon as part of our test suites
+
+#### Packaging
++ Support for the new version of the registry HTTP API
+* Speed up `docker push` for images with a majority of already existing layers
+- Fixed contacting a private registry through a proxy
+
+#### Remote API
++ A new endpoint will stream live container resource metrics and can be accessed with the `docker stats` command
++ Containers can be renamed using the new `rename` endpoint and the associated `docker rename` command
+* Container `inspect` endpoint show the ID of `exec` commands running in this container
+* Container `inspect` endpoint show the number of times Docker auto-restarted the container
+* New types of event can be streamed by the `events` endpoint: ‘OOM’ (container died with out of memory), ‘exec_create’, and ‘exec_start'
+- Fixed returned string fields which hold numeric characters incorrectly omitting surrounding double quotes
+
+#### Runtime
++ Docker daemon has full IPv6 support
++ The `docker run` command can take the `--pid=host` flag to use the host PID namespace, which makes it possible for example to debug host processes using containerized debugging tools
++ The `docker run` command can take the `--read-only` flag to make the container’s root filesystem mounted as readonly, which can be used in combination with volumes to force a container’s processes to only write to locations that will be persisted
++ Container total memory usage can be limited for `docker run` using the `--memory-swap` flag
+* Major stability improvements for devicemapper storage driver
+* Better integration with host system: containers will reflect changes to the host's `/etc/resolv.conf` file when restarted
+* Better integration with host system: per-container iptable rules are moved to the DOCKER chain
+- Fixed container exiting on out of memory to return an invalid exit code
+
+#### Other
+* The HTTP_PROXY, HTTPS_PROXY, and NO_PROXY environment variables are properly taken into account by the client when connecting to the Docker daemon
+
+## 1.4.1 (2014-12-15)
+
+#### Runtime
+- Fix issue with volumes-from and bind mounts not being honored after create
+
+## 1.4.0 (2014-12-11)
+
+#### Notable Features since 1.3.0
++ Set key=value labels to the daemon (displayed in `docker info`), applied with
+  new `-label` daemon flag
++ Add support for `ENV` in Dockerfile of the form:
+  `ENV name=value name2=value2...`
++ New Overlayfs Storage Driver
++ `docker info` now returns an `ID` and `Name` field
++ Filter events by event name, container, or image
++ `docker cp` now supports copying from container volumes
+- Fixed `docker tag`, so it honors `--force` when overriding a tag for existing
+  image.
+
+## 1.3.3 (2014-12-11)
+
+#### Security
+- Fix path traversal vulnerability in processing of absolute symbolic links (CVE-2014-9356)
+- Fix decompression of xz image archives, preventing privilege escalation (CVE-2014-9357)
+- Validate image IDs (CVE-2014-9358)
+
+#### Runtime
+- Fix an issue when image archives are being read slowly
+
+#### Client
+- Fix a regression related to stdin redirection
+- Fix a regression with `docker cp` when destination is the current directory
+
+## 1.3.2 (2014-11-20)
+
+#### Security
+- Fix tar breakout vulnerability
+* Extractions are now sandboxed chroot
+- Security options are no longer committed to images
+
+#### Runtime
+- Fix deadlock in `docker ps -f exited=1`
+- Fix a bug when `--volumes-from` references a container that failed to start
+
+#### Registry
++ `--insecure-registry` now accepts CIDR notation such as 10.1.0.0/16
+* Private registries whose IPs fall in the 127.0.0.0/8 range do no need the `--insecure-registry` flag
+- Skip the experimental registry v2 API when mirroring is enabled
+
+## 1.3.1 (2014-10-28)
+
+#### Security
+* Prevent fallback to SSL protocols < TLS 1.0 for client, daemon and registry
++ Secure HTTPS connection to registries with certificate verification and without HTTP fallback unless `--insecure-registry` is specified
+
+#### Runtime
+- Fix issue where volumes would not be shared
+
+#### Client
+- Fix issue with `--iptables=false` not automatically setting `--ip-masq=false`
+- Fix docker run output to non-TTY stdout
+
+#### Builder
+- Fix escaping `$` for environment variables
+- Fix issue with lowercase `onbuild` Dockerfile instruction
+- Restrict environment variable expansion to `ENV`, `ADD`, `COPY`, `WORKDIR`, `EXPOSE`, `VOLUME` and `USER`
+
+## 1.3.0 (2014-10-14)
+
+#### Notable features since 1.2.0
++ Docker `exec` allows you to run additional processes inside existing containers
++ Docker `create` gives you the ability to create a container via the CLI without executing a process
++ `--security-opts` options to allow user to customize container labels and apparmor profiles
++ Docker `ps` filters
+- Wildcard support to COPY/ADD
++ Move production URLs to get.docker.com from get.docker.io
++ Allocate IP address on the bridge inside a valid CIDR
++ Use drone.io for PR and CI testing
++ Ability to setup an official registry mirror
++ Ability to save multiple images with docker `save`
+
+## 1.2.0 (2014-08-20)
+
+#### Runtime
++ Make /etc/hosts /etc/resolv.conf and /etc/hostname editable at runtime
++ Auto-restart containers using policies
++ Use /var/lib/docker/tmp for large temporary files
++ `--cap-add` and `--cap-drop` to tweak what linux capability you want
++ `--device` to use devices in containers
+
+#### Client
++ `docker search` on private registries
++ Add `exited` filter to `docker ps --filter`
+* `docker rm -f` now kills instead of stop
++ Support for IPv6 addresses in `--dns` flag
+
+#### Proxy
++ Proxy instances in separate processes
+* Small bug fix on UDP proxy
+
+## 1.1.2 (2014-07-23)
+
+#### Runtime
++ Fix port allocation for existing containers
++ Fix containers restart on daemon restart
+
+#### Packaging
++ Fix /etc/init.d/docker issue on Debian
+
+## 1.1.1 (2014-07-09)
+
+#### Builder
+* Fix issue with ADD
+
+## 1.1.0 (2014-07-03)
+
+#### Notable features since 1.0.1
++ Add `.dockerignore` support
++ Pause containers during `docker commit`
++ Add `--tail` to `docker logs`
+
+#### Builder
++ Allow a tar file as context for `docker build`
+* Fix issue with white-spaces and multi-lines in `Dockerfiles`
+
+#### Runtime
+* Overall performance improvements
+* Allow `/` as source of `docker run -v`
+* Fix port allocation
+* Fix bug in `docker save`
+* Add links information to `docker inspect`
+
+#### Client
+* Improve command line parsing for `docker commit`
+
+#### Remote API
+* Improve status code for the `start` and `stop` endpoints
+
+## 1.0.1 (2014-06-19)
+
+#### Notable features since 1.0.0
+* Enhance security for the LXC driver
+
+#### Builder
+* Fix `ONBUILD` instruction passed to grandchildren
+
+#### Runtime
+* Fix events subscription
+* Fix /etc/hostname file with host networking
+* Allow `-h` and `--net=none`
+* Fix issue with hotplug devices in `--privileged`
+
+#### Client
+* Fix artifacts with events
+* Fix a panic with empty flags
+* Fix `docker cp` on Mac OS X
+
+#### Miscellaneous
+* Fix compilation on Mac OS X
+* Fix several races
+
+## 1.0.0 (2014-06-09)
+
+#### Notable features since 0.12.0
+* Production support
+
+## 0.12.0 (2014-06-05)
+
+#### Notable features since 0.11.0
+* 40+ various improvements to stability, performance and usability
+* New `COPY` Dockerfile instruction to allow copying a local file from the context into the container without ever extracting if the file is a tar file
+* Inherit file permissions from the host on `ADD`
+* New `pause` and `unpause` commands to allow pausing and unpausing of containers using cgroup freezer
+* The `images` command has a `-f`/`--filter` option to filter the list of images
+* Add `--force-rm` to clean up after a failed build
+* Standardize JSON keys in Remote API to CamelCase
+* Pull from a docker run now assumes `latest` tag if not specified
+* Enhance security on Linux capabilities and device nodes
+
+## 0.11.1 (2014-05-07)
+
+#### Registry
+- Fix push and pull to private registry
+
+## 0.11.0 (2014-05-07)
+
+#### Notable features since 0.10.0
+
+* SELinux support for mount and process labels
+* Linked containers can be accessed by hostname
+* Use the net `--net` flag to allow advanced network configuration such as host networking so that containers can use the host's network interfaces
+* Add a ping endpoint to the Remote API to do healthchecks of your docker daemon
+* Logs can now be returned with an optional timestamp
+* Docker now works with registries that support SHA-512
+* Multiple registry endpoints are supported to allow registry mirrors
+
+## 0.10.0 (2014-04-08)
+
+#### Builder
+- Fix printing multiple messages on a single line. Fixes broken output during builds.
+- Follow symlinks inside container's root for ADD build instructions.
+- Fix EXPOSE caching.
+
+#### Documentation
+- Add the new options of `docker ps` to the documentation.
+- Add the options of `docker restart` to the documentation.
+- Update daemon docs and help messages for --iptables and --ip-forward.
+- Updated apt-cacher-ng docs example.
+- Remove duplicate description of --mtu from docs.
+- Add missing -t and -v for `docker images` to the docs.
+- Add fixes to the cli docs.
+- Update libcontainer docs.
+- Update images in docs to remove references to AUFS and LXC.
+- Update the nodejs_web_app in the docs to use the new epel RPM address.
+- Fix external link on security of containers.
+- Update remote API docs.
+- Add image size to history docs.
+- Be explicit about binding to all interfaces in redis example.
+- Document DisableNetwork flag in the 1.10 remote api.
+- Document that `--lxc-conf` is lxc only.
+- Add chef usage documentation.
+- Add example for an image with multiple for `docker load`.
+- Explain what `docker run -a` does in the docs.
+
+#### Contrib
+- Add variable for DOCKER_LOGFILE to sysvinit and use append instead of overwrite in opening the logfile.
+- Fix init script cgroup mounting workarounds to be more similar to cgroupfs-mount and thus work properly.
+- Remove inotifywait hack from the upstart host-integration example because it's not necessary any more.
+- Add check-config script to contrib.
+- Fix fish shell completion.
+
+#### Hack
+* Clean up "go test" output from "make test" to be much more readable/scannable.
+* Exclude more "definitely not unit tested Go source code" directories from hack/make/test.
++ Generate md5 and sha256 hashes when building, and upload them via hack/release.sh.
+- Include contributed completions in Ubuntu PPA.
++ Add cli integration tests.
+* Add tweaks to the hack scripts to make them simpler.
+
+#### Remote API
++ Add TLS auth support for API.
+* Move git clone from daemon to client.
+- Fix content-type detection in docker cp.
+* Split API into 2 go packages.
+
+#### Runtime
+* Support hairpin NAT without going through Docker server.
+- devicemapper: succeed immediately when removing non-existing devices.
+- devicemapper: improve handling of devicemapper devices (add per device lock, increase sleep time and unlock while sleeping).
+- devicemapper: increase timeout in waitClose to 10 seconds.
+- devicemapper: ensure we shut down thin pool cleanly.
+- devicemapper: pass info, rather than hash to activateDeviceIfNeeded, deactivateDevice, setInitialized, deleteDevice.
+- devicemapper: avoid AB-BA deadlock.
+- devicemapper: make shutdown better/faster.
+- improve alpha sorting in mflag.
+- Remove manual http cookie management because the cookiejar is being used.
+- Use BSD raw mode on Darwin. Fixes nano, tmux and others.
+- Add FreeBSD support for the client.
+- Merge auth package into registry.
+- Add deprecation warning for -t on `docker pull`.
+- Remove goroutine leak on error.
+- Update parseLxcInfo to comply with new lxc1.0 format.
+- Fix attach exit on darwin.
+- Improve deprecation message.
+- Retry to retrieve the layer metadata up to 5 times for `docker pull`.
+- Only unshare the mount namespace for execin.
+- Merge existing config when committing.
+- Disable daemon startup timeout.
+- Fix issue #4681: add loopback interface when networking is disabled.
+- Add failing test case for issue #4681.
+- Send SIGTERM to child, instead of SIGKILL.
+- Show the driver and the kernel version in `docker info` even when not in debug mode.
+- Always symlink /dev/ptmx for libcontainer. This fixes console related problems.
+- Fix issue caused by the absence of /etc/apparmor.d.
+- Don't leave empty cidFile behind when failing to create the container.
+- Mount cgroups automatically if they're not mounted already.
+- Use mock for search tests.
+- Update to double-dash everywhere.
+- Move .dockerenv parsing to lxc driver.
+- Move all bind-mounts in the container inside the namespace.
+- Don't use separate bind mount for container.
+- Always symlink /dev/ptmx for libcontainer.
+- Don't kill by pid for other drivers.
+- Add initial logging to libcontainer.
+* Sort by port in `docker ps`.
+- Move networking drivers into runtime top level package.
++ Add --no-prune to `docker rmi`.
++ Add time since exit in `docker ps`.
+- graphdriver: add build tags.
+- Prevent allocation of previously allocated ports & prevent improve port allocation.
+* Add support for --since/--before in `docker ps`.
+- Clean up container stop.
++ Add support for configurable dns search domains.
+- Add support for relative WORKDIR instructions.
+- Add --output flag for docker save.
+- Remove duplication of DNS entries in config merging.
+- Add cpuset.cpus to cgroups and native driver options.
+- Remove docker-ci.
+- Promote btrfs. btrfs is no longer considered experimental.
+- Add --input flag to `docker load`.
+- Return error when existing bridge doesn't match IP address.
+- Strip comments before parsing line continuations to avoid interpreting instructions as comments.
+- Fix TestOnlyLoopbackExistsWhenUsingDisableNetworkOption to ignore "DOWN" interfaces.
+- Add systemd implementation of cgroups and make containers show up as systemd units.
+- Fix commit and import when no repository is specified.
+- Remount /var/lib/docker as --private to fix scaling issue.
+- Use the environment's proxy when pinging the remote registry.
+- Reduce error level from harmless errors.
+* Allow --volumes-from to be individual files.
+- Fix expanding buffer in StdCopy.
+- Set error regardless of attach or stdin. This fixes #3364.
+- Add support for --env-file to load environment variables from files.
+- Symlink /etc/mtab and /proc/mounts.
+- Allow pushing a single tag.
+- Shut down containers cleanly at shutdown and wait forever for the containers to shut down. This makes container shutdown on daemon shutdown work properly via SIGTERM.
+- Don't throw error when starting an already running container.
+- Fix dynamic port allocation limit.
+- remove setupDev from libcontainer.
+- Add API version to `docker version`.
+- Return correct exit code when receiving signal and make SIGQUIT quit without cleanup.
+- Fix --volumes-from mount failure.
+- Allow non-privileged containers to create device nodes.
+- Skip login tests because of external dependency on a hosted service.
+- Deprecate `docker images --tree` and `docker images --viz`.
+- Deprecate `docker insert`.
+- Include base abstraction for apparmor. This fixes some apparmor related problems on Ubuntu 14.04.
+- Add specific error message when hitting 401 over HTTP on push.
+- Fix absolute volume check.
+- Remove volumes-from from the config.
+- Move DNS options to hostconfig.
+- Update the apparmor profile for libcontainer.
+- Add deprecation notice for `docker commit -run`.
+
+## 0.9.1 (2014-03-24)
+
+#### Builder
+- Fix printing multiple messages on a single line. Fixes broken output during builds.
+
+#### Documentation
+- Fix external link on security of containers.
+
+#### Contrib
+- Fix init script cgroup mounting workarounds to be more similar to cgroupfs-mount and thus work properly.
+- Add variable for DOCKER_LOGFILE to sysvinit and use append instead of overwrite in opening the logfile.
+
+#### Hack
+- Generate md5 and sha256 hashes when building, and upload them via hack/release.sh.
+
+#### Remote API
+- Fix content-type detection in `docker cp`.
+
+#### Runtime
+- Use BSD raw mode on Darwin. Fixes nano, tmux and others.
+- Only unshare the mount namespace for execin.
+- Retry to retrieve the layer metadata up to 5 times for `docker pull`.
+- Merge existing config when committing.
+- Fix panic in monitor.
+- Disable daemon startup timeout.
+- Fix issue #4681: add loopback interface when networking is disabled.
+- Add failing test case for issue #4681.
+- Send SIGTERM to child, instead of SIGKILL.
+- Show the driver and the kernel version in `docker info` even when not in debug mode.
+- Always symlink /dev/ptmx for libcontainer. This fixes console related problems.
+- Fix issue caused by the absence of /etc/apparmor.d.
+- Don't leave empty cidFile behind when failing to create the container.
+- Improve deprecation message.
+- Fix attach exit on darwin.
+- devicemapper: improve handling of devicemapper devices (add per device lock, increase sleep time, unlock while sleeping).
+- devicemapper: succeed immediately when removing non-existing devices.
+- devicemapper: increase timeout in waitClose to 10 seconds.
+- Remove goroutine leak on error.
+- Update parseLxcInfo to comply with new lxc1.0 format.
+
+## 0.9.0 (2014-03-10)
+
+#### Builder
+- Avoid extra mount/unmount during build. This fixes mount/unmount related errors during build.
+- Add error to docker build --rm. This adds missing error handling.
+- Forbid chained onbuild, `onbuild from` and  `onbuild maintainer` triggers.
+- Make `--rm` the default for `docker build`.
+
+#### Documentation
+- Download the docker client binary for Mac over https.
+- Update the titles of the install instructions & descriptions.
+* Add instructions for upgrading boot2docker.
+* Add port forwarding example in OS X install docs.
+- Attempt to disentangle repository and registry.
+- Update docs to explain more about `docker ps`.
+- Update sshd example to use a Dockerfile.
+- Rework some examples, including the Python examples.
+- Update docs to include instructions for a container's lifecycle.
+- Update docs documentation to discuss the docs branch.
+- Don't skip cert check for an example & use HTTPS.
+- Bring back the memory and swap accounting section which was lost when the kernel page was removed.
+- Explain DNS warnings and how to fix them on systems running and using a local nameserver.
+
+#### Contrib
+- Add Tanglu support for mkimage-debootstrap.
+- Add SteamOS support for mkimage-debootstrap.
+
+#### Hack
+- Get package coverage when running integration tests.
+- Remove the Vagrantfile. This is being replaced with boot2docker.
+- Fix tests on systems where aufs isn't available.
+- Update packaging instructions and remove the dependency on lxc.
+
+#### Remote API
+* Move code specific to the API to the api package.
+- Fix header content type for the API. Makes all endpoints use proper content type.
+- Fix registry auth & remove ping calls from CmdPush and CmdPull.
+- Add newlines to the JSON stream functions.
+
+#### Runtime
+* Do not ping the registry from the CLI. All requests to registries flow through the daemon.
+- Check for nil information return in the lxc driver. This fixes panics with older lxc versions.
+- Devicemapper: cleanups and fix for unmount. Fixes two problems which were causing unmount to fail intermittently.
+- Devicemapper: remove directory when removing device. Directories don't get left behind when removing the device.
+* Devicemapper: enable skip_block_zeroing. Improves performance by not zeroing blocks.
+- Devicemapper: fix shutdown warnings. Fixes shutdown warnings concerning pool device removal.
+- Ensure docker cp stream is closed properly. Fixes problems with files not being copied by `docker cp`.
+- Stop making `tcp://` default to `127.0.0.1:4243` and remove the default port for tcp.
+- Fix `--run` in `docker commit`. This makes `docker commit --run` work again.
+- Fix custom bridge related options. This makes custom bridges work again.
++ Mount-bind the PTY as container console. This allows tmux/screen to run.
++ Add the pure Go libcontainer library to make it possible to run containers using only features of the Linux kernel.
++ Add native exec driver which uses libcontainer and make it the default exec driver.
+- Add support for handling extended attributes in archives.
+* Set the container MTU to be the same as the host MTU.
++ Add simple sha256 checksums for layers to speed up `docker push`.
+* Improve kernel version parsing.
+* Allow flag grouping (`docker run -it`).
+- Remove chroot exec driver.
+- Fix divide by zero to fix panic.
+- Rewrite `docker rmi`.
+- Fix docker info with lxc 1.0.0.
+- Fix fedora tty with apparmor.
+* Don't always append env vars, replace defaults with vars from config.
+* Fix a goroutine leak.
+* Switch to Go 1.2.1.
+- Fix unique constraint error checks.
+* Handle symlinks for Docker's data directory and for TMPDIR.
+- Add deprecation warnings for flags (-flag is deprecated in favor of --flag)
+- Add apparmor profile for the native execution driver.
+* Move system specific code from archive to pkg/system.
+- Fix duplicate signal for `docker run -i -t` (issue #3336).
+- Return correct process pid for lxc.
+- Add a -G option to specify the group which unix sockets belong to.
++ Add `-f` flag to `docker rm` to force removal of running containers.
++ Kill ghost containers and restart all ghost containers when the docker daemon restarts.
++ Add `DOCKER_RAMDISK` environment variable to make Docker work when the root is on a ramdisk.
+
+## 0.8.1 (2014-02-18)
+
+#### Builder
+
+- Avoid extra mount/unmount during build. This removes an unneeded mount/unmount operation which was causing problems with devicemapper
+- Fix regression with ADD of tar files. This stops Docker from decompressing tarballs added via ADD from the local file system
+- Add error to `docker build --rm`. This adds a missing error check to ensure failures to remove containers are detected and reported
+
+#### Documentation
+
+* Update issue filing instructions
+* Warn against the use of symlinks for Docker's storage folder
+* Replace the Firefox example with an IceWeasel example
+* Rewrite the PostgresSQL example using a Dockerfile and add more details to it
+* Improve the OS X documentation
+
+#### Remote API
+
+- Fix broken images API for version less than 1.7
+- Use the right encoding for all API endpoints which return JSON
+- Move remote api client to api/
+- Queue calls to the API using generic socket wait
+
+#### Runtime
+
+- Fix the use of custom settings for bridges and custom bridges
+- Refactor the devicemapper code to avoid many mount/unmount race conditions and failures
+- Remove two panics which could make Docker crash in some situations
+- Don't ping registry from the CLI client
+- Enable skip_block_zeroing for devicemapper. This stops devicemapper from always zeroing entire blocks
+- Fix --run in `docker commit`. This makes docker commit store `--run` in the image configuration
+- Remove directory when removing devicemapper device. This cleans up leftover mount directories
+- Drop NET_ADMIN capability for non-privileged containers. Unprivileged containers can't change their network configuration
+- Ensure `docker cp` stream is closed properly
+- Avoid extra mount/unmount during container registration. This removes an unneeded mount/unmount operation which was causing problems with devicemapper
+- Stop allowing tcp:// as a default tcp bin address which binds to 127.0.0.1:4243 and remove the default port
++ Mount-bind the PTY as container console. This allows tmux and screen to run in a container
+- Clean up archive closing. This fixes and improves archive handling
+- Fix engine tests on systems where temp directories are symlinked
+- Add test methods for save and load
+- Avoid temporarily unmounting the container when restarting it. This fixes a race for devicemapper during restart
+- Support submodules when building from a GitHub repository
+- Quote volume path to allow spaces
+- Fix remote tar ADD behavior. This fixes a regression which was causing Docker to extract tarballs
+
+## 0.8.0 (2014-02-04)
+
+#### Notable features since 0.7.0
+
+* Images and containers can be removed much faster
+* Building an image from source with docker build is now much faster
+* The Docker daemon starts and stops much faster
+* The memory footprint of many common operations has been reduced, by streaming files instead of buffering them in memory, fixing memory leaks, and fixing various suboptimal memory allocations
+* Several race conditions were fixed, making Docker more stable under very high concurrency load. This makes Docker more stable and less likely to crash and reduces the memory footprint of many common operations
+* All packaging operations are now built on the Go language’s standard tar implementation, which is bundled with Docker itself. This makes packaging more portable across host distributions, and solves several issues caused by quirks and incompatibilities between different distributions of tar
+* Docker can now create, remove and modify larger numbers of containers and images graciously thanks to more aggressive releasing of system resources. For example the storage driver API now allows Docker to do reference counting on mounts created by the drivers
+With the ongoing changes to the networking and execution subsystems of docker testing these areas have been a focus of the refactoring.  By moving these subsystems into separate packages we can test, analyze, and monitor coverage and quality of these packages
+* Many components have been separated into smaller sub-packages, each with a dedicated test suite. As a result the code is better-tested, more readable and easier to change
+
+* The ADD instruction now supports caching, which avoids unnecessarily re-uploading the same source content again and again when it hasn’t changed
+* The new ONBUILD instruction adds to your image a “trigger” instruction to be executed at a later time, when the image is used as the base for another build
+* Docker now ships with an experimental storage driver which uses the BTRFS filesystem for copy-on-write
+* Docker is officially supported on Mac OS X
+* The Docker daemon supports systemd socket activation
+
+## 0.7.6 (2014-01-14)
+
+#### Builder
+
+* Do not follow symlink outside of build context
+
+#### Runtime
+
+- Remount bind mounts when ro is specified
+* Use https for fetching docker version
+
+#### Other
+
+* Inline the test.docker.io fingerprint
+* Add ca-certificates to packaging documentation
+
+## 0.7.5 (2014-01-09)
+
+#### Builder
+
+* Disable compression for build. More space usage but a much faster upload
+- Fix ADD caching for certain paths
+- Do not compress archive from git build
+
+#### Documentation
+
+- Fix error in GROUP add example
+* Make sure the GPG fingerprint is inline in the documentation
+* Give more specific advice on setting up signing of commits for DCO
+
+#### Runtime
+
+- Fix misspelled container names
+- Do not add hostname when networking is disabled
+* Return most recent image from the cache by date
+- Return all errors from docker wait
+* Add Content-Type Header "application/json" to GET /version and /info responses
+
+#### Other
+
+* Update DCO to version 1.1
++ Update Makefile to use "docker:GIT_BRANCH" as the generated image name
+* Update Travis to check for new 1.1 DCO version
+
+## 0.7.4 (2014-01-07)
+
+#### Builder
+
+- Fix ADD caching issue with . prefixed path
+- Fix docker build on devicemapper by reverting sparse file tar option
+- Fix issue with file caching and prevent wrong cache hit
+* Use same error handling while unmarshalling CMD and ENTRYPOINT
+
+#### Documentation
+
+* Simplify and streamline Amazon Quickstart
+* Install instructions use unprefixed Fedora image
+* Update instructions for mtu flag for Docker on GCE
++ Add Ubuntu Saucy to installation
+- Fix for wrong version warning on master instead of latest
+
+#### Runtime
+
+- Only get the image's rootfs when we need to calculate the image size
+- Correctly handle unmapping UDP ports
+* Make CopyFileWithTar use a pipe instead of a buffer to save memory on docker build
+- Fix login message to say pull instead of push
+- Fix "docker load" help by removing "SOURCE" prompt and mentioning STDIN
+* Make blank -H option default to the same as no -H was sent
+* Extract cgroups utilities to own submodule
+
+#### Other
+
++ Add Travis CI configuration to validate DCO and gofmt requirements
++ Add Developer Certificate of Origin Text
+* Upgrade VBox Guest Additions
+* Check standalone header when pinging a registry server
+
+## 0.7.3 (2014-01-02)
+
+#### Builder
+
++ Update ADD to use the image cache, based on a hash of the added content
+* Add error message for empty Dockerfile
+
+#### Documentation
+
+- Fix outdated link to the "Introduction" on www.docker.io
++ Update the docs to get wider when the screen does
+- Add information about needing to install LXC when using raw binaries
+* Update Fedora documentation to disentangle the docker and docker.io conflict
+* Add a note about using the new `-mtu` flag in several GCE zones
++ Add FrugalWare installation instructions
++ Add a more complete example of `docker run`
+- Fix API documentation for creating and starting Privileged containers
+- Add missing "name" parameter documentation on "/containers/create"
+* Add a mention of `lxc-checkconfig` as a way to check for some of the necessary kernel configuration
+- Update the 1.8 API documentation with some additions that were added to the docs for 1.7
+
+#### Hack
+
+- Add missing libdevmapper dependency to the packagers documentation
+* Update minimum Go requirement to a hard line at Go 1.2+
+* Many minor improvements to the Vagrantfile
++ Add ability to customize dockerinit search locations when compiling (to be used very sparingly only by packagers of platforms who require a nonstandard location)
++ Add coverprofile generation reporting
+- Add `-a` to our Go build flags, removing the need for recompiling the stdlib manually
+* Update Dockerfile to be more canonical and have less spurious warnings during build
+- Fix some miscellaneous `docker pull` progress bar display issues
+* Migrate more miscellaneous packages under the "pkg" folder
+* Update TextMate highlighting to automatically be enabled for files named "Dockerfile"
+* Reorganize syntax highlighting files under a common "contrib/syntax" directory
+* Update install.sh script (https://get.docker.io/) to not fail if busybox fails to download or run at the end of the Ubuntu/Debian installation
+* Add support for container names in bash completion
+
+#### Packaging
+
++ Add an official Docker client binary for Darwin (Mac OS X)
+* Remove empty "Vendor" string and added "License" on deb package
++ Add a stubbed version of "/etc/default/docker" in the deb package
+
+#### Runtime
+
+* Update layer application to extract tars in place, avoiding file churn while handling whiteouts
+- Fix permissiveness of mtime comparisons in tar handling (since GNU tar and Go tar do not yet support sub-second mtime precision)
+* Reimplement `docker top` in pure Go to work more consistently, and even inside Docker-in-Docker (thus removing the shell injection vulnerability present in some versions of `lxc-ps`)
++ Update `-H unix://` to work similarly to `-H tcp://` by inserting the default values for missing portions
+- Fix more edge cases regarding dockerinit and deleted or replaced docker or dockerinit files
+* Update container name validation to include '.'
+- Fix use of a symlink or non-absolute path as the argument to `-g` to work as expected
+* Update to handle external mounts outside of LXC, fixing many small mounting quirks and making future execution backends and other features simpler
+* Update to use proper box-drawing characters everywhere in `docker images -tree`
+* Move MTU setting from LXC configuration to directly use netlink
+* Add `-S` option to external tar invocation for more efficient spare file handling
++ Add arch/os info to User-Agent string, especially for registry requests
++ Add `-mtu` option to Docker daemon for configuring MTU
+- Fix `docker build` to exit with a non-zero exit code on error
++ Add `DOCKER_HOST` environment variable to configure the client `-H` flag without specifying it manually for every invocation
+
+## 0.7.2 (2013-12-16)
+
+#### Runtime
+
++ Validate container names on creation with standard regex
+* Increase maximum image depth to 127 from 42
+* Continue to move api endpoints to the job api
++ Add -bip flag to allow specification of dynamic bridge IP via CIDR
+- Allow bridge creation when ipv6 is not enabled on certain systems
+* Set hostname and IP address from within dockerinit
+* Drop capabilities from within dockerinit
+- Fix volumes on host when symlink is present the image
+- Prevent deletion of image if ANY container is depending on it even if the container is not running
+* Update docker push to use new progress display
+* Use os.Lstat to allow mounting unix sockets when inspecting volumes
+- Adjust handling of inactive user login
+- Add missing defines in devicemapper for older kernels
+- Allow untag operations with no container validation
+- Add auth config to docker build
+
+#### Documentation
+
+* Add more information about Docker logging
++ Add RHEL documentation
+* Add a direct example for changing the CMD that is run in a container
+* Update Arch installation documentation
++ Add section on Trusted Builds
++ Add Network documentation page
+
+#### Other
+
++ Add new cover bundle for providing code coverage reporting
+* Separate integration tests in bundles
+* Make Tianon the hack maintainer
+* Update mkimage-debootstrap with more tweaks for keeping images small
+* Use https to get the install script
+* Remove vendored dotcloud/tar now that Go 1.2 has been released
+
+## 0.7.1 (2013-12-05)
+
+#### Documentation
+
++ Add @SvenDowideit as documentation maintainer
++ Add links example
++ Add documentation regarding ambassador pattern
++ Add Google Cloud Platform docs
++ Add dockerfile best practices
+* Update doc for RHEL
+* Update doc for registry
+* Update Postgres examples
+* Update doc for Ubuntu install
+* Improve remote api doc
+
+#### Runtime
+
++ Add hostconfig to docker inspect
++ Implement `docker log -f` to stream logs
++ Add env variable to disable kernel version warning
++ Add -format to `docker inspect`
++ Support bind-mount for files
+- Fix bridge creation on RHEL
+- Fix image size calculation
+- Make sure iptables are called even if the bridge already exists
+- Fix issue with stderr only attach
+- Remove init layer when destroying a container
+- Fix same port binding on different interfaces
+- `docker build` now returns the correct exit code
+- Fix `docker port` to display correct port
+- `docker build` now check that the dockerfile exists client side
+- `docker attach` now returns the correct exit code
+- Remove the name entry when the container does not exist
+
+#### Registry
+
+* Improve progress bars, add ETA for downloads
+* Simultaneous pulls now waits for the first to finish instead of failing
+- Tag only the top-layer image when pushing to registry
+- Fix issue with offline image transfer
+- Fix issue preventing using ':' in password for registry
+
+#### Other
+
++ Add pprof handler for debug
++ Create a Makefile
+* Use stdlib tar that now includes fix
+* Improve make.sh test script
+* Handle SIGQUIT on the daemon
+* Disable verbose during tests
+* Upgrade to go1.2 for official build
+* Improve unit tests
+* The test suite now runs all tests even if one fails
+* Refactor C in Go (Devmapper)
+- Fix OS X compilation
+
+## 0.7.0 (2013-11-25)
+
+#### Notable features since 0.6.0
+
+* Storage drivers: choose from aufs, device-mapper, or vfs.
+* Standard Linux support: docker now runs on unmodified Linux kernels and all major distributions.
+* Links: compose complex software stacks by connecting containers to each other.
+* Container naming: organize your containers by giving them memorable names.
+* Advanced port redirects: specify port redirects per interface, or keep sensitive ports private.
+* Offline transfer: push and pull images to the filesystem without losing information.
+* Quality: numerous bugfixes and small usability improvements. Significant increase in test coverage.
+
+## 0.6.7 (2013-11-21)
+
+#### Runtime
+
+* Improve stability, fixes some race conditions
+* Skip the volumes mounted when deleting the volumes of container.
+* Fix layer size computation: handle hard links correctly
+* Use the work Path for docker cp CONTAINER:PATH
+* Fix tmp dir never cleanup
+* Speedup docker ps
+* More informative error message on name collisions
+* Fix nameserver regex
+* Always return long id's
+* Fix container restart race condition
+* Keep published ports on docker stop;docker start
+* Fix container networking on Fedora
+* Correctly express "any address" to iptables
+* Fix network setup when reconnecting to ghost container
+* Prevent deletion if image is used by a running container
+* Lock around read operations in graph
+
+#### RemoteAPI
+
+* Return full ID on docker rmi
+
+#### Client
+
++ Add -tree option to images
++ Offline image transfer
+* Exit with status 2 on usage error and display usage on stderr
+* Do not forward SIGCHLD to container
+* Use string timestamp for docker events -since
+
+#### Other
+
+* Update to go 1.2rc5
++ Add /etc/default/docker support to upstart
+
+## 0.6.6 (2013-11-06)
+
+#### Runtime
+
+* Ensure container name on register
+* Fix regression in /etc/hosts
++ Add lock around write operations in graph
+* Check if port is valid
+* Fix restart runtime error with ghost container networking
++ Add some more colors and animals to increase the pool of generated names
+* Fix issues in docker inspect
++ Escape apparmor confinement
++ Set environment variables using a file.
+* Prevent docker insert to erase something
++ Prevent DNS server conflicts in CreateBridgeIface
++ Validate bind mounts on the server side
++ Use parent image config in docker build
+* Fix regression in /etc/hosts
+
+#### Client
+
++ Add -P flag to publish all exposed ports
++ Add -notrunc and -q flags to docker history
+* Fix docker commit, tag and import usage
++ Add stars, trusted builds and library flags in docker search
+* Fix docker logs with tty
+
+#### RemoteAPI
+
+* Make /events API send headers immediately
+* Do not split last column docker top
++ Add size to history
+
+#### Other
+
++ Contrib: Desktop integration. Firefox usecase.
++ Dockerfile: bump to go1.2rc3
+
+## 0.6.5 (2013-10-29)
+
+#### Runtime
+
++ Containers can now be named
++ Containers can now be linked together for service discovery
++ 'run -a', 'start -a' and 'attach' can forward signals to the container for better integration with process supervisors
++ Automatically start crashed containers after a reboot
++ Expose IP, port, and proto as separate environment vars for container links
+* Allow ports to be published to specific ips
+* Prohibit inter-container communication by default
+- Ignore ErrClosedPipe for stdin in Container.Attach
+- Remove unused field kernelVersion
+* Fix issue when mounting subdirectories of /mnt in container
+- Fix untag during removal of images
+* Check return value of syscall.Chdir when changing working directory inside dockerinit
+
+#### Client
+
+- Only pass stdin to hijack when needed to avoid closed pipe errors
+* Use less reflection in command-line method invocation
+- Monitor the tty size after starting the container, not prior
+- Remove useless os.Exit() calls after log.Fatal
+
+#### Hack
+
++ Add initial init scripts library and a safer Ubuntu packaging script that works for Debian
+* Add -p option to invoke debootstrap with http_proxy
+- Update install.sh with $sh_c to get sudo/su for modprobe
+* Update all the mkimage scripts to use --numeric-owner as a tar argument
+* Update hack/release.sh process to automatically invoke hack/make.sh and bail on build and test issues
+
+#### Other
+
+* Documentation: Fix the flags for nc in example
+* Testing: Remove warnings and prevent mount issues
+- Testing: Change logic for tty resize to avoid warning in tests
+- Builder: Fix race condition in docker build with verbose output
+- Registry: Fix content-type for PushImageJSONIndex method
+* Contrib: Improve helper tools to generate debian and Arch linux server images
+
+## 0.6.4 (2013-10-16)
+
+#### Runtime
+
+- Add cleanup of container when Start() fails
+* Add better comments to utils/stdcopy.go
+* Add utils.Errorf for error logging
++ Add -rm to docker run for removing a container on exit
+- Remove error messages which are not actually errors
+- Fix `docker rm` with volumes
+- Fix some error cases where a HTTP body might not be closed
+- Fix panic with wrong dockercfg file
+- Fix the attach behavior with -i
+* Record termination time in state.
+- Use empty string so TempDir uses the OS's temp dir automatically
+- Make sure to close the network allocators
++ Autorestart containers by default
+* Bump vendor kr/pty to commit 3b1f6487b `(syscall.O_NOCTTY)`
+* lxc: Allow set_file_cap capability in container
+- Move run -rm to the cli only
+* Split stdout stderr
+* Always create a new session for the container
+
+#### Testing
+
+- Add aggregated docker-ci email report
+- Add cleanup to remove leftover containers
+* Add nightly release to docker-ci
+* Add more tests around auth.ResolveAuthConfig
+- Remove a few errors in tests
+- Catch errClosing error when TCP and UDP proxies are terminated
+* Only run certain tests with TESTFLAGS='-run TestName' make.sh
+* Prevent docker-ci to test closing PRs
+* Replace panic by log.Fatal in tests
+- Increase TestRunDetach timeout
+
+#### Documentation
+
+* Add initial draft of the Docker infrastructure doc
+* Add devenvironment link to CONTRIBUTING.md
+* Add `apt-get install curl` to Ubuntu docs
+* Add explanation for export restrictions
+* Add .dockercfg doc
+* Remove Gentoo install notes about #1422 workaround
+* Fix help text for -v option
+* Fix Ping endpoint documentation
+- Fix parameter names in docs for ADD command
+- Fix ironic typo in changelog
+* Various command fixes in postgres example
+* Document how to edit and release docs
+- Minor updates to `postgresql_service.rst`
+* Clarify LGTM process to contributors
+- Corrected error in the package name
+* Document what `vagrant up` is actually doing
++ improve doc search results
+* Cleanup whitespace in API 1.5 docs
+* use angle brackets in MAINTAINER example email
+* Update archlinux.rst
++ Changes to a new style for the docs. Includes version switcher.
+* Formatting, add information about multiline json
+* Improve registry and index REST API documentation
+- Replace deprecated upgrading reference to docker-latest.tgz, which hasn't been updated since 0.5.3
+* Update Gentoo installation documentation now that we're in the portage tree proper
+* Cleanup and reorganize docs and tooling for contributors and maintainers
+- Minor spelling correction of protocoll -> protocol
+
+#### Contrib
+
+* Add vim syntax highlighting for Dockerfiles from @honza
+* Add mkimage-arch.sh
+* Reorganize contributed completion scripts to add zsh completion
+
+#### Hack
+
+* Add vagrant user to the docker group
+* Add proper bash completion for "docker push"
+* Add xz utils as a runtime dep
+* Add cleanup/refactor portion of #2010 for hack and Dockerfile updates
++ Add contrib/mkimage-centos.sh back (from #1621), and associated documentation link
+* Add several of the small make.sh fixes from #1920, and make the output more consistent and contributor-friendly
++ Add @tianon to hack/MAINTAINERS
+* Improve network performance for VirtualBox
+* Revamp install.sh to be usable by more people, and to use official install methods whenever possible (apt repo, portage tree, etc.)
+- Fix contrib/mkimage-debian.sh apt caching prevention
++ Add Dockerfile.tmLanguage to contrib
+* Configured FPM to make /etc/init/docker.conf a config file
+* Enable SSH Agent forwarding in Vagrant VM
+* Several small tweaks/fixes for contrib/mkimage-debian.sh
+
+#### Other
+
+- Builder: Abort build if mergeConfig returns an error and fix duplicate error message
+- Packaging: Remove deprecated packaging directory
+- Registry: Use correct auth config when logging in.
+- Registry: Fix the error message so it is the same as the regex
+
+## 0.6.3 (2013-09-23)
+
+#### Packaging
+
+* Add 'docker' group on install for ubuntu package
+* Update tar vendor dependency
+* Download apt key over HTTPS
+
+#### Runtime
+
+- Only copy and change permissions on non-bindmount volumes
+* Allow multiple volumes-from
+- Fix HTTP imports from STDIN
+
+#### Documentation
+
+* Update section on extracting the docker binary after build
+* Update development environment docs for new build process
+* Remove 'base' image from documentation
+
+#### Other
+
+- Client: Fix detach issue
+- Registry: Update regular expression to match index
+
+## 0.6.2 (2013-09-17)
+
+#### Runtime
+
++ Add domainname support
++ Implement image filtering with path.Match
+* Remove unnecessary warnings
+* Remove os/user dependency
+* Only mount the hostname file when the config exists
+* Handle signals within the `docker login` command
+- UID and GID are now also applied to volumes
+- `docker start` set error code upon error
+- `docker run` set the same error code as the process started
+
+#### Builder
+
++ Add -rm option in order to remove intermediate containers
+* Allow multiline for the RUN instruction
+
+#### Registry
+
+* Implement login with private registry
+- Fix push issues
+
+#### Other
+
++ Hack: Vendor all dependencies
+* Remote API: Bump to v1.5
+* Packaging: Break down hack/make.sh into small scripts, one per 'bundle': test, binary, ubuntu etc.
+* Documentation: General improvements
+
+## 0.6.1 (2013-08-23)
+
+#### Registry
+
+* Pass "meta" headers in API calls to the registry
+
+#### Packaging
+
+- Use correct upstart script with new build tool
+- Use libffi-dev, don`t build it from sources
+- Remove duplicate mercurial install command
+
+## 0.6.0 (2013-08-22)
+
+#### Runtime
+
++ Add lxc-conf flag to allow custom lxc options
++ Add an option to set the working directory
+* Add Image name to LogEvent tests
++ Add -privileged flag and relevant tests, docs, and examples
+* Add websocket support to /container/<name>/attach/ws
+* Add warning when net.ipv4.ip_forwarding = 0
+* Add hostname to environment
+* Add last stable version in `docker version`
+- Fix race conditions in parallel pull
+- Fix Graph ByParent() to generate list of child images per parent image.
+- Fix typo: fmt.Sprint -> fmt.Sprintf
+- Fix small \n error un docker build
+* Fix to "Inject dockerinit at /.dockerinit"
+* Fix #910. print user name to docker info output
+* Use Go 1.1.2 for dockerbuilder
+* Use ranged for loop on channels
+- Use utils.ParseRepositoryTag instead of strings.Split(name, ":") in server.ImageDelete
+- Improve CMD, ENTRYPOINT, and attach docs.
+- Improve connect message with socket error
+- Load authConfig only when needed and fix useless WARNING
+- Show tag used when image is missing
+* Apply volumes-from before creating volumes
+- Make docker run handle SIGINT/SIGTERM
+- Prevent crash when .dockercfg not readable
+- Install script should be fetched over https, not http.
+* API, issue 1471: Use groups for socket permissions
+- Correctly detect IPv4 forwarding
+* Mount /dev/shm as a tmpfs
+- Switch from http to https for get.docker.io
+* Let userland proxy handle container-bound traffic
+* Update the Docker CLI to specify a value for the "Host" header.
+- Change network range to avoid conflict with EC2 DNS
+- Reduce connect and read timeout when pinging the registry
+* Parallel pull
+- Handle ip route showing mask-less IP addresses
+* Allow ENTRYPOINT without CMD
+- Always consider localhost as a domain name when parsing the FQN repos name
+* Refactor checksum
+
+#### Documentation
+
+* Add MongoDB image example
+* Add instructions for creating and using the docker group
+* Add sudo to examples and installation to documentation
+* Add ufw doc
+* Add a reference to ps -a
+* Add information about Docker`s high level tools over LXC.
+* Fix typo in docs for docker run -dns
+* Fix a typo in the ubuntu installation guide
+* Fix to docs regarding adding docker groups
+* Update default -H docs
+* Update readme with dependencies for building
+* Update amazon.rst to explain that Vagrant is not necessary for running Docker on ec2
+* PostgreSQL service example in documentation
+* Suggest installing linux-headers by default.
+* Change the twitter handle
+* Clarify Amazon EC2 installation
+* 'Base' image is deprecated and should no longer be referenced in the docs.
+* Move note about officially supported kernel
+- Solved the logo being squished in Safari
+
+#### Builder
+
++ Add USER instruction do Dockerfile
++ Add workdir support for the Buildfile
+* Add no cache for docker build
+- Fix docker build and docker events output
+- Only count known instructions as build steps
+- Make sure ENV instruction within build perform a commit each time
+- Forbid certain paths within docker build ADD
+- Repository name (and optionally a tag) in build usage
+- Make sure ADD will create everything in 0755
+
+#### Remote API
+
+* Sort Images by most recent creation date.
+* Reworking opaque requests in registry module
+* Add image name in /events
+* Use mime pkg to parse Content-Type
+* 650 http utils and user agent field
+
+#### Hack
+
++ Bash Completion: Limit commands to containers of a relevant state
+* Add docker dependencies coverage testing into docker-ci
+
+#### Packaging
+
++ Docker-brew 0.5.2 support and memory footprint reduction
+* Add new docker dependencies into docker-ci
+- Revert "docker.upstart: avoid spawning a `sh` process"
++ Docker-brew and Docker standard library
++ Release docker with docker
+* Fix the upstart script generated by get.docker.io
+* Enabled the docs to generate manpages.
+* Revert Bind daemon to 0.0.0.0 in Vagrant.
+
+#### Register
+
+* Improve auth push
+* Registry unit tests + mock registry
+
+#### Tests
+
+* Improve TestKillDifferentUser to prevent timeout on buildbot
+- Fix typo in TestBindMounts (runContainer called without image)
+* Improve TestGetContainersTop so it does not rely on sleep
+* Relax the lo interface test to allow iface index != 1
+* Add registry functional test to docker-ci
+* Add some tests in server and utils
+
+#### Other
+
+* Contrib: bash completion script
+* Client: Add docker cp command and copy api endpoint to copy container files/folders to the host
+* Don`t read from stdout when only attached to stdin
+
+## 0.5.3 (2013-08-13)
+
+#### Runtime
+
+* Use docker group for socket permissions
+- Spawn shell within upstart script
+- Handle ip route showing mask-less IP addresses
+- Add hostname to environment
+
+#### Builder
+
+- Make sure ENV instruction within build perform a commit each time
+
+## 0.5.2 (2013-08-08)
+
+* Builder: Forbid certain paths within docker build ADD
+- Runtime: Change network range to avoid conflict with EC2 DNS
+* API: Change daemon to listen on unix socket by default
+
+## 0.5.1 (2013-07-30)
+
+#### Runtime
+
++ Add `ps` args to `docker top`
++ Add support for container ID files (pidfile like)
++ Add container=lxc in default env
++ Support networkless containers with `docker run -n` and `docker -d -b=none`
+* Stdout/stderr logs are now stored in the same file as JSON
+* Allocate a /16 IP range by default, with fallback to /24. Try 12 ranges instead of 3.
+* Change .dockercfg format to json and support multiple auth remote
+- Do not override volumes from config
+- Fix issue with EXPOSE override
+
+#### API
+
++ Docker client now sets useragent (RFC 2616)
++ Add /events endpoint
+
+#### Builder
+
++ ADD command now understands URLs
++ CmdAdd and CmdEnv now respect Dockerfile-set ENV variables
+- Create directories with 755 instead of 700 within ADD instruction
+
+#### Hack
+
+* Simplify unit tests with helpers
+* Improve docker.upstart event
+* Add coverage testing into docker-ci
+
+## 0.5.0 (2013-07-17)
+
+#### Runtime
+
++ List all processes running inside a container with 'docker top'
++ Host directories can be mounted as volumes with 'docker run -v'
++ Containers can expose public UDP ports (eg, '-p 123/udp')
++ Optionally specify an exact public port (eg. '-p 80:4500')
+* 'docker login' supports additional options
+- Don't save a container`s hostname when committing an image.
+
+#### Registry
+
++ New image naming scheme inspired by Go packaging convention allows arbitrary combinations of registries
+- Fix issues when uploading images to a private registry
+
+#### Builder
+
++ ENTRYPOINT instruction sets a default binary entry point to a container
++ VOLUME instruction marks a part of the container as persistent data
+* 'docker build' displays the full output of a build by default
+
+## 0.4.8 (2013-07-01)
+
++ Builder: New build operation ENTRYPOINT adds an executable entry point to the container.  - Runtime: Fix a bug which caused 'docker run -d' to no longer print the container ID.
+- Tests: Fix issues in the test suite
+
+## 0.4.7 (2013-06-28)
+
+#### Remote API
+
+* The progress bar updates faster when downloading and uploading large files
+- Fix a bug in the optional unix socket transport
+
+#### Runtime
+
+* Improve detection of kernel version
++ Host directories can be mounted as volumes with 'docker run -b'
+- fix an issue when only attaching to stdin
+* Use 'tar --numeric-owner' to avoid uid mismatch across multiple hosts
+
+#### Hack
+
+* Improve test suite and dev environment
+* Remove dependency on unit tests on 'os/user'
+
+#### Other
+
+* Registry: easier push/pull to a custom registry
++ Documentation: add terminology section
+
+## 0.4.6 (2013-06-22)
+
+- Runtime: fix a bug which caused creation of empty images (and volumes) to crash.
+
+## 0.4.5 (2013-06-21)
+
++ Builder: 'docker build git://URL' fetches and builds a remote git repository
+* Runtime: 'docker ps -s' optionally prints container size
+* Tests: improved and simplified
+- Runtime: fix a regression introduced in 0.4.3 which caused the logs command to fail.
+- Builder: fix a regression when using ADD with single regular file.
+
+## 0.4.4 (2013-06-19)
+
+- Builder: fix a regression introduced in 0.4.3 which caused builds to fail on new clients.
+
+## 0.4.3 (2013-06-19)
+
+#### Builder
+
++ ADD of a local file will detect tar archives and unpack them
+* ADD improvements: use tar for copy + automatically unpack local archives
+* ADD uses tar/untar for copies instead of calling 'cp -ar'
+* Fix the behavior of ADD to be (mostly) reverse-compatible, predictable and well-documented.
+- Fix a bug which caused builds to fail if ADD was the first command
+* Nicer output for 'docker build'
+
+#### Runtime
+
+* Remove bsdtar dependency
+* Add unix socket and multiple -H support
+* Prevent rm of running containers
+* Use go1.1 cookiejar
+- Fix issue detaching from running TTY container
+- Forbid parallel push/pull for a single image/repo. Fixes #311
+- Fix race condition within Run command when attaching.
+
+#### Client
+
+* HumanReadable ProgressBar sizes in pull
+* Fix docker version`s git commit output
+
+#### API
+
+* Send all tags on History API call
+* Add tag lookup to history command. Fixes #882
+
+#### Documentation
+
+- Fix missing command in irc bouncer example
+
+## 0.4.2 (2013-06-17)
+
+- Packaging: Bumped version to work around an Ubuntu bug
+
+## 0.4.1 (2013-06-17)
+
+#### Remote Api
+
++ Add flag to enable cross domain requests
++ Add images and containers sizes in docker ps and docker images
+
+#### Runtime
+
++ Configure dns configuration host-wide with 'docker -d -dns'
++ Detect faulty DNS configuration and replace it with a public default
++ Allow docker run <name>:<id>
++ You can now specify public port (ex: -p 80:4500)
+* Improve image removal to garbage-collect unreferenced parents
+
+#### Client
+
+* Allow multiple params in inspect
+* Print the container id before the hijack in `docker run`
+
+#### Registry
+
+* Add regexp check on repo`s name
+* Move auth to the client
+- Remove login check on pull
+
+#### Other
+
+* Vagrantfile: Add the rest api port to vagrantfile`s port_forward
+* Upgrade to Go 1.1
+- Builder: don`t ignore last line in Dockerfile when it doesn`t end with \n
+
+## 0.4.0 (2013-06-03)
+
+#### Builder
+
++ Introducing Builder
++ 'docker build' builds a container, layer by layer, from a source repository containing a Dockerfile
+
+#### Remote API
+
++ Introducing Remote API
++ control Docker programmatically using a simple HTTP/json API
+
+#### Runtime
+
+* Various reliability and usability improvements
+
+## 0.3.4 (2013-05-30)
+
+#### Builder
+
++ 'docker build' builds a container, layer by layer, from a source repository containing a Dockerfile
++ 'docker build -t FOO' applies the tag FOO to the newly built container.
+
+#### Runtime
+
++ Interactive TTYs correctly handle window resize
+* Fix how configuration is merged between layers
+
+#### Remote API
+
++ Split stdout and stderr on 'docker run'
++ Optionally listen on a different IP and port (use at your own risk)
+
+#### Documentation
+
+* Improve install instructions.
+
+## 0.3.3 (2013-05-23)
+
+- Registry: Fix push regression
+- Various bugfixes
+
+## 0.3.2 (2013-05-09)
+
+#### Registry
+
+* Improve the checksum process
+* Use the size to have a good progress bar while pushing
+* Use the actual archive if it exists in order to speed up the push
+- Fix error 400 on push
+
+#### Runtime
+
+* Store the actual archive on commit
+
+## 0.3.1 (2013-05-08)
+
+#### Builder
+
++ Implement the autorun capability within docker builder
++ Add caching to docker builder
++ Add support for docker builder with native API as top level command
++ Implement ENV within docker builder
+- Check the command existence prior create and add Unit tests for the case
+* use any whitespaces instead of tabs
+
+#### Runtime
+
++ Add go version to debug infos
+* Kernel version - don`t show the dash if flavor is empty
+
+#### Registry
+
++ Add docker search top level command in order to search a repository
+- Fix pull for official images with specific tag
+- Fix issue when login in with a different user and trying to push
+* Improve checksum - async calculation
+
+#### Images
+
++ Output graph of images to dot (graphviz)
+- Fix ByParent function
+
+#### Documentation
+
++ New introduction and high-level overview
++ Add the documentation for docker builder
+- CSS fix for docker documentation to make REST API docs look better.
+- Fix CouchDB example page header mistake
+- Fix README formatting
+* Update www.docker.io website.
+
+#### Other
+
++ Website: new high-level overview
+- Makefile: Swap "go get" for "go get -d", especially to compile on go1.1rc
+* Packaging: packaging ubuntu; issue #510: Use goland-stable PPA package to build docker
+
+## 0.3.0 (2013-05-06)
+
+#### Runtime
+
+- Fix the command existence check
+- strings.Split may return an empty string on no match
+- Fix an index out of range crash if cgroup memory is not
+
+#### Documentation
+
+* Various improvements
++ New example: sharing data between 2 couchdb databases
+
+#### Other
+
+* Vagrant: Use only one deb line in /etc/apt
++ Registry: Implement the new registry
+
+## 0.2.2 (2013-05-03)
+
++ Support for data volumes ('docker run -v=PATH')
++ Share data volumes between containers ('docker run -volumes-from')
++ Improve documentation
+* Upgrade to Go 1.0.3
+* Various upgrades to the dev environment for contributors
+
+## 0.2.1 (2013-05-01)
+
++ 'docker commit -run' bundles a layer with default runtime options: command, ports etc.
+* Improve install process on Vagrant
++ New Dockerfile operation: "maintainer"
++ New Dockerfile operation: "expose"
++ New Dockerfile operation: "cmd"
++ Contrib script to build a Debian base layer
++ 'docker -d -r': restart crashed containers at daemon startup
+* Runtime: improve test coverage
+
+## 0.2.0 (2013-04-23)
+
+- Runtime: ghost containers can be killed and waited for
+* Documentation: update install instructions
+- Packaging: fix Vagrantfile
+- Development: automate releasing binaries and ubuntu packages
++ Add a changelog
+- Various bugfixes
+
+## 0.1.8 (2013-04-22)
+
+- Dynamically detect cgroup capabilities
+- Issue stability warning on kernels <3.8
+- 'docker push' buffers on disk instead of memory
+- Fix 'docker diff' for removed files
+- Fix 'docker stop' for ghost containers
+- Fix handling of pidfile
+- Various bugfixes and stability improvements
+
+## 0.1.7 (2013-04-18)
+
+- Container ports are available on localhost
+- 'docker ps' shows allocated TCP ports
+- Contributors can run 'make hack' to start a continuous integration VM
+- Streamline ubuntu packaging & uploading
+- Various bugfixes and stability improvements
+
+## 0.1.6 (2013-04-17)
+
+- Record the author an image with 'docker commit -author'
+
+## 0.1.5 (2013-04-17)
+
+- Disable standalone mode
+- Use a custom DNS resolver with 'docker -d -dns'
+- Detect ghost containers
+- Improve diagnosis of missing system capabilities
+- Allow disabling memory limits at compile time
+- Add debian packaging
+- Documentation: installing on Arch Linux
+- Documentation: running Redis on docker
+- Fix lxc 0.9 compatibility
+- Automatically load aufs module
+- Various bugfixes and stability improvements
+
+## 0.1.4 (2013-04-09)
+
+- Full support for TTY emulation
+- Detach from a TTY session with the escape sequence `C-p C-q`
+- Various bugfixes and stability improvements
+- Minor UI improvements
+- Automatically create our own bridge interface 'docker0'
+
+## 0.1.3 (2013-04-04)
+
+- Choose TCP frontend port with '-p :PORT'
+- Layer format is versioned
+- Major reliability improvements to the process manager
+- Various bugfixes and stability improvements
+
+## 0.1.2 (2013-04-03)
+
+- Set container hostname with 'docker run -h'
+- Selective attach at run with 'docker run -a [stdin[,stdout[,stderr]]]'
+- Various bugfixes and stability improvements
+- UI polish
+- Progress bar on push/pull
+- Use XZ compression by default
+- Make IP allocator lazy
+
+## 0.1.1 (2013-03-31)
+
+- Display shorthand IDs for convenience
+- Stabilize process management
+- Layers can include a commit message
+- Simplified 'docker attach'
+- Fix support for re-attaching
+- Various bugfixes and stability improvements
+- Auto-download at run
+- Auto-login on push
+- Beefed up documentation
+
+## 0.1.0 (2013-03-23)
+
+Initial public release
+
+- Implement registry in order to push/pull images
+- TCP port allocation
+- Fix termcaps on Linux
+- Add documentation
+- Add Vagrant support with Vagrantfile
+- Add unit tests
+- Add repository/tags to ease image management
+- Improve the layer implementation
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
new file mode 100644
index 00000000..6b875d69
--- /dev/null
+++ b/CONTRIBUTING.md
@@ -0,0 +1,436 @@
+# Contributing to Docker
+
+Want to hack on Docker? Awesome!  We have a contributor's guide that explains
+[setting up a Docker development environment and the contribution
+process](https://docs.docker.com/opensource/project/who-written-for/). 
+
+![Contributors guide](docs/static_files/contributors.png)
+
+This page contains information about reporting issues as well as some tips and
+guidelines useful to experienced open source contributors. Finally, make sure
+you read our [community guidelines](#docker-community-guidelines) before you
+start participating.
+
+## Topics
+
+* [Reporting Security Issues](#reporting-security-issues)
+* [Design and Cleanup Proposals](#design-and-cleanup-proposals)
+* [Reporting Issues](#reporting-other-issues)
+* [Quick Contribution Tips and Guidelines](#quick-contribution-tips-and-guidelines)
+* [Community Guidelines](#docker-community-guidelines)
+
+## Reporting security issues
+
+The Docker maintainers take security seriously. If you discover a security
+issue, please bring it to their attention right away!
+
+Please **DO NOT** file a public issue, instead send your report privately to
+[security@docker.com](mailto:security@docker.com).
+
+Security reports are greatly appreciated and we will publicly thank you for it.
+We also like to send gifts&mdash;if you're into Docker schwag, make sure to let
+us know. We currently do not offer a paid security bounty program, but are not
+ruling it out in the future.
+
+
+## Reporting other issues
+
+A great way to contribute to the project is to send a detailed report when you
+encounter an issue. We always appreciate a well-written, thorough bug report,
+and will thank you for it!
+
+Check that [our issue database](https://github.com/docker/docker/issues)
+doesn't already include that problem or suggestion before submitting an issue.
+If you find a match, you can use the "subscribe" button to get notified on
+updates. Do *not* leave random "+1" or "I have this too" comments, as they
+only clutter the discussion, and don't help resolving it. However, if you
+have ways to reproduce the issue or have additional information that may help
+resolving the issue, please leave a comment.
+
+When reporting issues, always include:
+
+* The output of `docker version`.
+* The output of `docker info`.
+
+Also include the steps required to reproduce the problem if possible and
+applicable. This information will help us review and fix your issue faster.
+When sending lengthy log-files, consider posting them as a gist (https://gist.github.com).
+Don't forget to remove sensitive data from your logfiles before posting (you can
+replace those parts with "REDACTED").
+
+**Issue Report Template**:
+
+```
+Description of problem:
+
+
+`docker version`:
+
+
+`docker info`:
+
+
+`uname -a`:
+
+
+Environment details (AWS, VirtualBox, physical, etc.):
+
+
+How reproducible:
+
+
+Steps to Reproduce:
+1.
+2.
+3.
+
+
+Actual Results:
+
+
+Expected Results:
+
+
+Additional info:
+
+
+
+```
+
+
+##Quick contribution tips and guidelines
+
+This section gives the experienced contributor some tips and guidelines.
+
+###Pull requests are always welcome
+
+Not sure if that typo is worth a pull request? Found a bug and know how to fix
+it? Do it! We will appreciate it. Any significant improvement should be
+documented as [a GitHub issue](https://github.com/docker/docker/issues) before
+anybody starts working on it.
+
+We are always thrilled to receive pull requests. We do our best to process them
+quickly. If your pull request is not accepted on the first try,
+don't get discouraged! Our contributor's guide explains [the review process we
+use for simple changes](https://docs.docker.com/opensource/workflow/make-a-contribution/).
+
+### Design and cleanup proposals
+
+You can propose new designs for existing Docker features. You can also design
+entirely new features. We really appreciate contributors who want to refactor or
+otherwise cleanup our project. For information on making these types of
+contributions, see [the advanced contribution
+section](https://docs.docker.com/opensource/workflow/advanced-contributing/) in
+the contributors guide.
+
+We try hard to keep Docker lean and focused. Docker can't do everything for
+everybody. This means that we might decide against incorporating a new feature.
+However, there might be a way to implement that feature *on top of* Docker.
+
+### Talking to other Docker users and contributors
+
+<table class="tg">
+  <col width="45%">
+  <col width="65%">
+  <tr>
+    <td>Internet&nbsp;Relay&nbsp;Chat&nbsp;(IRC)</td>
+    <td>
+      <p>
+        IRC a direct line to our most knowledgeable Docker users; we have
+        both the  <code>#docker</code> and <code>#docker-dev</code> group on
+        <strong>irc.freenode.net</strong>.
+        IRC is a rich chat protocol but it can overwhelm new users. You can search
+        <a href="https://botbot.me/freenode/docker/#" target="_blank">our chat archives</a>.
+      </p>
+      Read our <a href="https://docs.docker.com/opensource/get-help/#irc-quickstart" target="_blank">IRC quickstart guide</a> for an easy way to get started.
+    </td>
+  </tr>
+  <tr>
+    <td>Google Groups</td>
+    <td>
+      There are two groups.
+      <a href="https://groups.google.com/forum/#!forum/docker-user" target="_blank">Docker-user</a>
+      is for people using Docker containers.
+      The <a href="https://groups.google.com/forum/#!forum/docker-dev" target="_blank">docker-dev</a>
+      group is for contributors and other people contributing to the Docker
+      project.
+      You can join them without an google account by sending an email to e.g. "docker-user+subscribe@googlegroups.com".
+      After receiving the join-request message, you can simply reply to that to confirm the subscribtion.
+    </td>
+  </tr>
+  <tr>
+    <td>Twitter</td>
+    <td>
+      You can follow <a href="https://twitter.com/docker/" target="_blank">Docker's Twitter feed</a>
+      to get updates on our products. You can also tweet us questions or just
+      share blogs or stories.
+    </td>
+  </tr>
+  <tr>
+    <td>Stack Overflow</td>
+    <td>
+      Stack Overflow has over 17000 Docker questions listed. We regularly
+      monitor <a href="https://stackoverflow.com/search?tab=newest&q=docker" target="_blank">Docker questions</a>
+      and so do many other knowledgeable Docker users.
+    </td>
+  </tr>
+</table>
+
+
+### Conventions
+
+Fork the repository and make changes on your fork in a feature branch:
+
+- If it's a bug fix branch, name it XXXX-something where XXXX is the number of
+	the issue. 
+- If it's a feature branch, create an enhancement issue to announce
+	your intentions, and name it XXXX-something where XXXX is the number of the
+	issue.
+
+Submit unit tests for your changes. Go has a great test framework built in; use
+it! Take a look at existing tests for inspiration. [Run the full test
+suite](https://docs.docker.com/opensource/project/test-and-docs/) on your branch before
+submitting a pull request.
+
+Update the documentation when creating or modifying features. Test your
+documentation changes for clarity, concision, and correctness, as well as a
+clean documentation build. See our contributors guide for [our style
+guide](https://docs.docker.com/opensource/doc-style) and instructions on [building
+the documentation](https://docs.docker.com/opensource/project/test-and-docs/#build-and-test-the-documentation).
+
+Write clean code. Universally formatted code promotes ease of writing, reading,
+and maintenance. Always run `gofmt -s -w file.go` on each changed file before
+committing your changes. Most editors have plug-ins that do this automatically.
+
+Pull request descriptions should be as clear as possible and include a reference
+to all the issues that they address.
+
+Commit messages must start with a capitalized and short summary (max. 50 chars)
+written in the imperative, followed by an optional, more detailed explanatory
+text which is separated from the summary by an empty line.
+
+Code review comments may be added to your pull request. Discuss, then make the
+suggested modifications and push additional commits to your feature branch. Post
+a comment after pushing. New commits show up in the pull request automatically,
+but the reviewers are notified only when you comment.
+
+Pull requests must be cleanly rebased on top of master without multiple branches
+mixed into the PR.
+
+**Git tip**: If your PR no longer merges cleanly, use `rebase master` in your
+feature branch to update your pull request rather than `merge master`.
+
+Before you make a pull request, squash your commits into logical units of work
+using `git rebase -i` and `git push -f`. A logical unit of work is a consistent
+set of patches that should be reviewed together: for example, upgrading the
+version of a vendored dependency and taking advantage of its now available new
+feature constitute two separate units of work. Implementing a new function and
+calling it in another file constitute a single logical unit of work. The very
+high majority of submissions should have a single commit, so if in doubt: squash
+down to one.
+
+After every commit, [make sure the test suite passes]
+(https://docs.docker.com/opensource/project/test-and-docs/). Include documentation
+changes in the same pull request so that a revert would remove all traces of
+the feature or fix.
+
+Include an issue reference like `Closes #XXXX` or `Fixes #XXXX` in commits that
+close an issue. Including references automatically closes the issue on a merge.
+
+Please do not add yourself to the `AUTHORS` file, as it is regenerated regularly
+from the Git history.
+
+Please see the [Coding Style](#coding-style) for further guidelines.
+
+### Merge approval
+
+Docker maintainers use LGTM (Looks Good To Me) in comments on the code review to
+indicate acceptance.
+
+A change requires LGTMs from an absolute majority of the maintainers of each
+component affected. For example, if a change affects `docs/` and `registry/`, it
+needs an absolute majority from the maintainers of `docs/` AND, separately, an
+absolute majority of the maintainers of `registry/`.
+
+For more details, see the [MAINTAINERS](MAINTAINERS) page.
+
+### Sign your work
+
+The sign-off is a simple line at the end of the explanation for the patch. Your
+signature certifies that you wrote the patch or otherwise have the right to pass
+it on as an open-source patch. The rules are pretty simple: if you can certify
+the below (from [developercertificate.org](http://developercertificate.org/)):
+
+```
+Developer Certificate of Origin
+Version 1.1
+
+Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
+660 York Street, Suite 102,
+San Francisco, CA 94110 USA
+
+Everyone is permitted to copy and distribute verbatim copies of this
+license document, but changing it is not allowed.
+
+Developer's Certificate of Origin 1.1
+
+By making a contribution to this project, I certify that:
+
+(a) The contribution was created in whole or in part by me and I
+    have the right to submit it under the open source license
+    indicated in the file; or
+
+(b) The contribution is based upon previous work that, to the best
+    of my knowledge, is covered under an appropriate open source
+    license and I have the right under that license to submit that
+    work with modifications, whether created in whole or in part
+    by me, under the same open source license (unless I am
+    permitted to submit under a different license), as indicated
+    in the file; or
+
+(c) The contribution was provided directly to me by some other
+    person who certified (a), (b) or (c) and I have not modified
+    it.
+
+(d) I understand and agree that this project and the contribution
+    are public and that a record of the contribution (including all
+    personal information I submit with it, including my sign-off) is
+    maintained indefinitely and may be redistributed consistent with
+    this project or the open source license(s) involved.
+```
+
+Then you just add a line to every git commit message:
+
+    Signed-off-by: Joe Smith <joe.smith@email.com>
+
+Use your real name (sorry, no pseudonyms or anonymous contributions.)
+
+If you set your `user.name` and `user.email` git configs, you can sign your
+commit automatically with `git commit -s`.
+
+Note that the old-style `Docker-DCO-1.1-Signed-off-by: ...` format is still
+accepted, so there is no need to update outstanding pull requests to the new
+format right away, but please do adjust your processes for future contributions.
+
+### How can I become a maintainer?
+
+The procedures for adding new maintainers are explained in the 
+global [MAINTAINERS](https://github.com/docker/opensource/blob/master/MAINTAINERS)
+file in the [https://github.com/docker/opensource/](https://github.com/docker/opensource/)
+repository.
+
+Don't forget: being a maintainer is a time investment. Make sure you
+will have time to make yourself available. You don't have to be a
+maintainer to make a difference on the project!
+
+## Docker community guidelines
+
+We want to keep the Docker community awesome, growing and collaborative. We need
+your help to keep it that way. To help with this we've come up with some general
+guidelines for the community as a whole:
+
+* Be nice: Be courteous, respectful and polite to fellow community members:
+  no regional, racial, gender, or other abuse will be tolerated. We like
+  nice people way better than mean ones!
+
+* Encourage diversity and participation: Make everyone in our community feel
+  welcome, regardless of their background and the extent of their
+  contributions, and do everything possible to encourage participation in
+  our community.
+
+* Keep it legal: Basically, don't get us in trouble. Share only content that
+  you own, do not share private or sensitive information, and don't break
+  the law.
+
+* Stay on topic: Make sure that you are posting to the correct channel and
+  avoid off-topic discussions. Remember when you update an issue or respond
+  to an email you are potentially sending to a large number of people. Please
+  consider this before you update. Also remember that nobody likes spam.
+
+* Don't send email to the maintainers: There's no need to send email to the
+  maintainers to ask them to investigate an issue or to take a look at a
+  pull request. Instead of sending an email, GitHub mentions should be
+  used to ping maintainers to review a pull request, a proposal or an
+  issue.
+
+### Guideline violations — 3 strikes method
+
+The point of this section is not to find opportunities to punish people, but we
+do need a fair way to deal with people who are making our community suck.
+
+1. First occurrence: We'll give you a friendly, but public reminder that the
+   behavior is inappropriate according to our guidelines.
+
+2. Second occurrence: We will send you a private message with a warning that
+   any additional violations will result in removal from the community.
+
+3. Third occurrence: Depending on the violation, we may need to delete or ban
+   your account.
+
+**Notes:**
+
+* Obvious spammers are banned on first occurrence. If we don't do this, we'll
+  have spam all over the place.
+
+* Violations are forgiven after 6 months of good behavior, and we won't hold a
+  grudge.
+
+* People who commit minor infractions will get some education, rather than
+  hammering them in the 3 strikes process.
+
+* The rules apply equally to everyone in the community, no matter how much
+	you've contributed.
+
+* Extreme violations of a threatening, abusive, destructive or illegal nature
+	will be addressed immediately and are not subject to 3 strikes or forgiveness.
+
+* Contact abuse@docker.com to report abuse or appeal violations. In the case of
+	appeals, we know that mistakes happen, and we'll work with you to come up with a
+	fair solution if there has been a misunderstanding.
+
+## Coding Style
+
+Unless explicitly stated, we follow all coding guidelines from the Go
+community. While some of these standards may seem arbitrary, they somehow seem
+to result in a solid, consistent codebase.
+
+It is possible that the code base does not currently comply with these
+guidelines. We are not looking for a massive PR that fixes this, since that
+goes against the spirit of the guidelines. All new contributions should make a
+best effort to clean up and make the code base better than they left it.
+Obviously, apply your best judgement. Remember, the goal here is to make the
+code base easier for humans to navigate and understand. Always keep that in
+mind when nudging others to comply.
+
+The rules:
+
+1. All code should be formatted with `gofmt -s`.
+2. All code should pass the default levels of
+   [`golint`](https://github.com/golang/lint).
+3. All code should follow the guidelines covered in [Effective
+   Go](http://golang.org/doc/effective_go.html) and [Go Code Review
+   Comments](https://github.com/golang/go/wiki/CodeReviewComments).
+4. Comment the code. Tell us the why, the history and the context.
+5. Document _all_ declarations and methods, even private ones. Declare
+   expectations, caveats and anything else that may be important. If a type
+   gets exported, having the comments already there will ensure it's ready.
+6. Variable name length should be proportional to it's context and no longer.
+   `noCommaALongVariableNameLikeThisIsNotMoreClearWhenASimpleCommentWouldDo`.
+   In practice, short methods will have short variable names and globals will
+   have longer names.
+7. No underscores in package names. If you need a compound name, step back,
+   and re-examine why you need a compound name. If you still think you need a
+   compound name, lose the underscore.
+8. No utils or helpers packages. If a function is not general enough to
+   warrant it's own package, it has not been written generally enough to be a
+   part of a util package. Just leave it unexported and well-documented.
+9. All tests should run with `go test` and outside tooling should not be
+   required. No, we don't need another unit testing framework. Assertion
+   packages are acceptable if they provide _real_ incremental value.
+10. Even though we call these "rules" above, they are actually just
+    guidelines. Since you've read all the rules, you now know that.
+
+If you are having trouble getting into the mood of idiomatic Go, we recommend
+reading through [Effective Go](http://golang.org/doc/effective_go.html). The
+[Go Blog](http://blog.golang.org/) is also a great resource. Drinking the
+kool-aid is a lot easier than going thirsty.
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 00000000..b6d152fe
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,269 @@
+# This file describes the standard way to build Docker, using docker
+#
+# Usage:
+#
+# # Assemble the full dev environment. This is slow the first time.
+# docker build -t docker .
+#
+# # Mount your source in an interactive container for quick testing:
+# docker run -v `pwd`:/go/src/github.com/docker/docker --privileged -i -t docker bash
+#
+# # Run the test suite:
+# docker run --privileged docker hack/make.sh test
+#
+# # Publish a release:
+# docker run --privileged \
+#  -e AWS_S3_BUCKET=baz \
+#  -e AWS_ACCESS_KEY=foo \
+#  -e AWS_SECRET_KEY=bar \
+#  -e GPG_PASSPHRASE=gloubiboulga \
+#  docker hack/release.sh
+#
+# Note: AppArmor used to mess with privileged mode, but this is no longer
+# the case. Therefore, you don't have to disable it anymore.
+#
+
+FROM debian:jessie
+
+# add zfs ppa
+RUN apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys E871F18B51E0147C77796AC81196BA81F6B0FC61 \
+	|| apt-key adv --keyserver hkp://pgp.mit.edu:80 --recv-keys E871F18B51E0147C77796AC81196BA81F6B0FC61
+RUN echo deb http://ppa.launchpad.net/zfs-native/stable/ubuntu trusty main > /etc/apt/sources.list.d/zfs.list
+
+
+# allow replacing httpredir mirror
+ARG APT_MIRROR=httpredir.debian.org
+RUN sed -i s/httpredir.debian.org/$APT_MIRROR/g /etc/apt/sources.list
+
+# Packaged dependencies
+RUN apt-get update && apt-get install -y \
+	apparmor \
+	apt-utils \
+	aufs-tools \
+	automake \
+	bash-completion \
+	bsdmainutils \
+	btrfs-tools \
+	build-essential \
+	clang \
+	createrepo \
+	curl \
+	dpkg-sig \
+	gcc-mingw-w64 \
+	git \
+	iptables \
+	jq \
+	libapparmor-dev \
+	libcap-dev \
+	libltdl-dev \
+	libsqlite3-dev \
+	libsystemd-journal-dev \
+	libtool \
+	mercurial \
+	net-tools \
+	pkg-config \
+	python-dev \
+	python-mock \
+	python-pip \
+	python-websocket \
+	ubuntu-zfs \
+	xfsprogs \
+	libzfs-dev \
+	tar \
+	zip \
+	--no-install-recommends \
+	&& pip install awscli==1.10.15
+# Get lvm2 source for compiling statically
+ENV LVM2_VERSION 2.02.103
+RUN mkdir -p /usr/local/lvm2 \
+	&& curl -fsSL "https://mirrors.kernel.org/sourceware/lvm2/LVM2.${LVM2_VERSION}.tgz" \
+		| tar -xzC /usr/local/lvm2 --strip-components=1
+# see https://git.fedorahosted.org/cgit/lvm2.git/refs/tags for release tags
+
+# Compile and install lvm2
+RUN cd /usr/local/lvm2 \
+	&& ./configure \
+		--build="$(gcc -print-multiarch)" \
+		--enable-static_link \
+	&& make device-mapper \
+	&& make install_device-mapper
+# see https://git.fedorahosted.org/cgit/lvm2.git/tree/INSTALL
+
+# Configure the container for OSX cross compilation
+ENV OSX_SDK MacOSX10.11.sdk
+ENV OSX_CROSS_COMMIT 8aa9b71a394905e6c5f4b59e2b97b87a004658a4
+RUN set -x \
+	&& export OSXCROSS_PATH="/osxcross" \
+	&& git clone https://github.com/tpoechtrager/osxcross.git $OSXCROSS_PATH \
+	&& ( cd $OSXCROSS_PATH && git checkout -q $OSX_CROSS_COMMIT) \
+	&& curl -sSL https://s3.dockerproject.org/darwin/v2/${OSX_SDK}.tar.xz -o "${OSXCROSS_PATH}/tarballs/${OSX_SDK}.tar.xz" \
+	&& UNATTENDED=yes OSX_VERSION_MIN=10.6 ${OSXCROSS_PATH}/build.sh
+ENV PATH /osxcross/target/bin:$PATH
+
+# install seccomp: the version shipped in trusty is too old
+ENV SECCOMP_VERSION 2.3.0
+RUN set -x \
+	&& export SECCOMP_PATH="$(mktemp -d)" \
+	&& curl -fsSL "https://github.com/seccomp/libseccomp/releases/download/v${SECCOMP_VERSION}/libseccomp-${SECCOMP_VERSION}.tar.gz" \
+		| tar -xzC "$SECCOMP_PATH" --strip-components=1 \
+	&& ( \
+		cd "$SECCOMP_PATH" \
+		&& ./configure --prefix=/usr/local \
+		&& make \
+		&& make install \
+		&& ldconfig \
+	) \
+	&& rm -rf "$SECCOMP_PATH"
+
+# Install Go
+# IMPORTANT: If the version of Go is updated, the Windows to Linux CI machines
+#            will need updating, to avoid errors. Ping #docker-maintainers on IRC
+#            with a heads-up.
+ENV GO_VERSION 1.5.4
+RUN curl -fsSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" \
+	| tar -xzC /usr/local
+ENV PATH /go/bin:/usr/local/go/bin:$PATH
+ENV GOPATH /go:/go/src/github.com/docker/docker/vendor
+
+# Compile Go for cross compilation
+ENV DOCKER_CROSSPLATFORMS \
+	linux/386 linux/arm \
+	darwin/amd64 \
+	freebsd/amd64 freebsd/386 freebsd/arm \
+	windows/amd64 windows/386
+
+# This has been commented out and kept as reference because we don't support compiling with older Go anymore.
+# ENV GOFMT_VERSION 1.3.3
+# RUN curl -sSL https://storage.googleapis.com/golang/go${GOFMT_VERSION}.$(go env GOOS)-$(go env GOARCH).tar.gz | tar -C /go/bin -xz --strip-components=2 go/bin/gofmt
+
+ENV GO_TOOLS_COMMIT 823804e1ae08dbb14eb807afc7db9993bc9e3cc3
+# Grab Go's cover tool for dead-simple code coverage testing
+# Grab Go's vet tool for examining go code to find suspicious constructs
+# and help prevent errors that the compiler might not catch
+RUN git clone https://github.com/golang/tools.git /go/src/golang.org/x/tools \
+	&& (cd /go/src/golang.org/x/tools && git checkout -q $GO_TOOLS_COMMIT) \
+	&& go install -v golang.org/x/tools/cmd/cover \
+	&& go install -v golang.org/x/tools/cmd/vet
+# Grab Go's lint tool
+ENV GO_LINT_COMMIT 32a87160691b3c96046c0c678fe57c5bef761456
+RUN git clone https://github.com/golang/lint.git /go/src/github.com/golang/lint \
+	&& (cd /go/src/github.com/golang/lint && git checkout -q $GO_LINT_COMMIT) \
+	&& go install -v github.com/golang/lint/golint
+
+# Install two versions of the registry. The first is an older version that
+# only supports schema1 manifests. The second is a newer version that supports
+# both. This allows integration-cli tests to cover push/pull with both schema1
+# and schema2 manifests.
+ENV REGISTRY_COMMIT_SCHEMA1 ec87e9b6971d831f0eff752ddb54fb64693e51cd
+ENV REGISTRY_COMMIT 47a064d4195a9b56133891bbb13620c3ac83a827
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone https://github.com/docker/distribution.git "$GOPATH/src/github.com/docker/distribution" \
+	&& (cd "$GOPATH/src/github.com/docker/distribution" && git checkout -q "$REGISTRY_COMMIT") \
+	&& GOPATH="$GOPATH/src/github.com/docker/distribution/Godeps/_workspace:$GOPATH" \
+		go build -o /usr/local/bin/registry-v2 github.com/docker/distribution/cmd/registry \
+	&& (cd "$GOPATH/src/github.com/docker/distribution" && git checkout -q "$REGISTRY_COMMIT_SCHEMA1") \
+	&& GOPATH="$GOPATH/src/github.com/docker/distribution/Godeps/_workspace:$GOPATH" \
+		go build -o /usr/local/bin/registry-v2-schema1 github.com/docker/distribution/cmd/registry \
+	&& rm -rf "$GOPATH"
+
+# Install notary server
+ENV NOTARY_VERSION docker-v1.11-3
+RUN set -x \
+	&& export GO15VENDOREXPERIMENT=1 \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone https://github.com/docker/notary.git "$GOPATH/src/github.com/docker/notary" \
+	&& (cd "$GOPATH/src/github.com/docker/notary" && git checkout -q "$NOTARY_VERSION") \
+	&& GOPATH="$GOPATH/src/github.com/docker/notary/vendor:$GOPATH" \
+		go build -o /usr/local/bin/notary-server github.com/docker/notary/cmd/notary-server \
+	&& GOPATH="$GOPATH/src/github.com/docker/notary/vendor:$GOPATH" \
+		go build -o /usr/local/bin/notary github.com/docker/notary/cmd/notary \
+	&& rm -rf "$GOPATH"
+
+# Get the "docker-py" source so we can run their integration tests
+ENV DOCKER_PY_COMMIT e2878cbcc3a7eef99917adc1be252800b0e41ece
+RUN git clone https://github.com/docker/docker-py.git /docker-py \
+	&& cd /docker-py \
+	&& git checkout -q $DOCKER_PY_COMMIT \
+	&& pip install -r test-requirements.txt
+
+# Set user.email so crosbymichael's in-container merge commits go smoothly
+RUN git config --global user.email 'docker-dummy@example.com'
+
+# Add an unprivileged user to be used for tests which need it
+RUN groupadd -r docker
+RUN useradd --create-home --gid docker unprivilegeduser
+
+VOLUME /var/lib/docker
+WORKDIR /go/src/github.com/docker/docker
+ENV DOCKER_BUILDTAGS apparmor pkcs11 seccomp selinux
+
+# Let us use a .bashrc file
+RUN ln -sfv $PWD/.bashrc ~/.bashrc
+
+# Register Docker's bash completion.
+RUN ln -sv $PWD/contrib/completion/bash/docker /etc/bash_completion.d/docker
+
+# Get useful and necessary Hub images so we can "docker load" locally instead of pulling
+COPY contrib/download-frozen-image-v2.sh /go/src/github.com/docker/docker/contrib/
+RUN ./contrib/download-frozen-image-v2.sh /docker-frozen-images \
+	buildpack-deps:jessie@sha256:25785f89240fbcdd8a74bdaf30dd5599a9523882c6dfc567f2e9ef7cf6f79db6 \
+	busybox:latest@sha256:e4f93f6ed15a0cdd342f5aae387886fba0ab98af0a102da6276eaf24d6e6ade0 \
+	debian:jessie@sha256:f968f10b4b523737e253a97eac59b0d1420b5c19b69928d35801a6373ffe330e \
+	hello-world:latest@sha256:8be990ef2aeb16dbcb9271ddfe2610fa6658d13f6dfb8bc72074cc1ca36966a7
+# see also "hack/make/.ensure-frozen-images" (which needs to be updated any time this list is)
+
+# Download man page generator
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone --depth 1 -b v1.0.4 https://github.com/cpuguy83/go-md2man.git "$GOPATH/src/github.com/cpuguy83/go-md2man" \
+	&& git clone --depth 1 -b v1.4 https://github.com/russross/blackfriday.git "$GOPATH/src/github.com/russross/blackfriday" \
+	&& go get -v -d github.com/cpuguy83/go-md2man \
+	&& go build -v -o /usr/local/bin/go-md2man github.com/cpuguy83/go-md2man \
+	&& rm -rf "$GOPATH"
+
+# Download toml validator
+ENV TOMLV_COMMIT 9baf8a8a9f2ed20a8e54160840c492f937eeaf9a
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone https://github.com/BurntSushi/toml.git "$GOPATH/src/github.com/BurntSushi/toml" \
+	&& (cd "$GOPATH/src/github.com/BurntSushi/toml" && git checkout -q "$TOMLV_COMMIT") \
+	&& go build -v -o /usr/local/bin/tomlv github.com/BurntSushi/toml/cmd/tomlv \
+	&& rm -rf "$GOPATH"
+
+# Build/install the tool for embedding resources in Windows binaries
+ENV RSRC_COMMIT ba14da1f827188454a4591717fff29999010887f
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone https://github.com/akavel/rsrc.git "$GOPATH/src/github.com/akavel/rsrc" \
+	&& (cd "$GOPATH/src/github.com/akavel/rsrc" && git checkout -q "$RSRC_COMMIT") \
+	&& go build -v -o /usr/local/bin/rsrc github.com/akavel/rsrc \
+	&& rm -rf "$GOPATH"
+
+# Install runc
+ENV RUNC_COMMIT baf6536d6259209c3edfa2b22237af82942d3dfa
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone git://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" \
+	&& cd "$GOPATH/src/github.com/opencontainers/runc" \
+	&& git checkout -q "$RUNC_COMMIT" \
+	&& make static BUILDTAGS="seccomp apparmor selinux" \
+	&& cp runc /usr/local/bin/docker-runc
+
+# Install containerd
+ENV CONTAINERD_COMMIT 9dc2b3273db42c75368988a3885a3afd770069d9
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone git://github.com/docker/containerd.git "$GOPATH/src/github.com/docker/containerd" \
+	&& cd "$GOPATH/src/github.com/docker/containerd" \
+	&& git checkout -q "$CONTAINERD_COMMIT" \
+	&& make static \
+	&& cp bin/containerd /usr/local/bin/docker-containerd \
+	&& cp bin/containerd-shim /usr/local/bin/docker-containerd-shim \
+	&& cp bin/ctr /usr/local/bin/docker-containerd-ctr
+
+# Wrap all commands in the "docker-in-docker" script to allow nested containers
+ENTRYPOINT ["hack/dind"]
+
+# Upload docker source
+COPY . /go/src/github.com/docker/docker
diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64
new file mode 100644
index 00000000..30ad57d1
--- /dev/null
+++ b/Dockerfile.aarch64
@@ -0,0 +1,209 @@
+# This file describes the standard way to build Docker on aarch64, using docker
+#
+# Usage:
+#
+# # Assemble the full dev environment. This is slow the first time.
+# docker build -t docker -f Dockerfile.aarch64 .
+#
+# # Mount your source in an interactive container for quick testing:
+# docker run -v `pwd`:/go/src/github.com/docker/docker --privileged -i -t docker bash
+#
+# # Run the test suite:
+# docker run --privileged docker hack/make.sh test
+#
+# Note: AppArmor used to mess with privileged mode, but this is no longer
+# the case. Therefore, you don't have to disable it anymore.
+#
+
+FROM aarch64/ubuntu:wily
+
+# Packaged dependencies
+RUN apt-get update && apt-get install -y \
+	apparmor \
+	aufs-tools \
+	automake \
+	bash-completion \
+	btrfs-tools \
+	build-essential \
+	createrepo \
+	curl \
+	dpkg-sig \
+	g++ \
+	gcc \
+	git \
+	iptables \
+	jq \
+	libapparmor-dev \
+	libc6-dev \
+	libcap-dev \
+	libsqlite3-dev \
+	libsystemd-dev \
+	mercurial \
+	net-tools \
+	parallel \
+	pkg-config \
+	python-dev \
+	python-mock \
+	python-pip \
+	python-websocket \
+	gccgo \
+	--no-install-recommends
+
+# Install armhf loader to use armv6 binaries on armv8
+RUN dpkg --add-architecture armhf \
+	&& apt-get update \
+	&& apt-get install -y libc6:armhf
+
+# Get lvm2 source for compiling statically
+ENV LVM2_VERSION 2.02.103
+RUN mkdir -p /usr/local/lvm2 \
+	&& curl -fsSL "https://mirrors.kernel.org/sourceware/lvm2/LVM2.${LVM2_VERSION}.tgz" \
+		| tar -xzC /usr/local/lvm2 --strip-components=1
+# see https://git.fedorahosted.org/cgit/lvm2.git/refs/tags for release tags
+
+# fix platform enablement in lvm2 to support aarch64 properly
+RUN set -e \
+	&& for f in config.guess config.sub; do \
+		curl -fsSL -o "/usr/local/lvm2/autoconf/$f" "http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=$f;hb=HEAD"; \
+	done
+# "arch.c:78:2: error: #error the arch code needs to know about your machine type"
+
+# Compile and install lvm2
+RUN cd /usr/local/lvm2 \
+	&& ./configure \
+		--build="$(gcc -print-multiarch)" \
+		--enable-static_link \
+	&& make device-mapper \
+	&& make install_device-mapper
+# see https://git.fedorahosted.org/cgit/lvm2.git/tree/INSTALL
+
+# install seccomp: the version shipped in trusty is too old
+ENV SECCOMP_VERSION 2.3.0
+RUN set -x \
+	&& export SECCOMP_PATH="$(mktemp -d)" \
+	&& curl -fsSL "https://github.com/seccomp/libseccomp/releases/download/v${SECCOMP_VERSION}/libseccomp-${SECCOMP_VERSION}.tar.gz" \
+		| tar -xzC "$SECCOMP_PATH" --strip-components=1 \
+	&& ( \
+		cd "$SECCOMP_PATH" \
+		&& ./configure --prefix=/usr/local \
+		&& make \
+		&& make install \
+		&& ldconfig \
+	) \
+	&& rm -rf "$SECCOMP_PATH"
+
+# Install Go
+# We don't have official binary tarballs for ARM64, eigher for Go or bootstrap,
+# so we use the official armv6 released binaries as a GOROOT_BOOTSTRAP, and
+# build Go from source code.
+ENV GO_VERSION 1.5.4
+RUN mkdir /usr/src/go && curl -fsSL https://storage.googleapis.com/golang/go${GO_VERSION}.src.tar.gz | tar -v -C /usr/src/go -xz --strip-components=1 \
+	&& cd /usr/src/go/src \
+	&& GOOS=linux GOARCH=arm64 GOROOT_BOOTSTRAP="$(go env GOROOT)" ./make.bash
+
+ENV PATH /usr/src/go/bin:$PATH
+ENV GOPATH /go:/go/src/github.com/docker/docker/vendor
+
+# Only install one version of the registry, because old version which support
+# schema1 manifests is not working on ARM64, we should skip integration-cli
+# tests for schema1 manifests on ARM64.
+ENV REGISTRY_COMMIT 47a064d4195a9b56133891bbb13620c3ac83a827
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone https://github.com/docker/distribution.git "$GOPATH/src/github.com/docker/distribution" \
+	&& (cd "$GOPATH/src/github.com/docker/distribution" && git checkout -q "$REGISTRY_COMMIT") \
+	&& GOPATH="$GOPATH/src/github.com/docker/distribution/Godeps/_workspace:$GOPATH" \
+		go build -o /usr/local/bin/registry-v2 github.com/docker/distribution/cmd/registry \
+	&& rm -rf "$GOPATH"
+
+# Install notary server
+ENV NOTARY_VERSION docker-v1.11-3
+RUN set -x \
+	&& export GO15VENDOREXPERIMENT=1 \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone https://github.com/docker/notary.git "$GOPATH/src/github.com/docker/notary" \
+	&& (cd "$GOPATH/src/github.com/docker/notary" && git checkout -q "$NOTARY_VERSION") \
+	&& GOPATH="$GOPATH/src/github.com/docker/notary/vendor:$GOPATH" \
+		go build -o /usr/local/bin/notary-server github.com/docker/notary/cmd/notary-server \
+	&& GOPATH="$GOPATH/src/github.com/docker/notary/vendor:$GOPATH" \
+		go build -o /usr/local/bin/notary github.com/docker/notary/cmd/notary \
+	&& rm -rf "$GOPATH"
+
+# Get the "docker-py" source so we can run their integration tests
+ENV DOCKER_PY_COMMIT e2878cbcc3a7eef99917adc1be252800b0e41ece
+RUN git clone https://github.com/docker/docker-py.git /docker-py \
+	&& cd /docker-py \
+	&& git checkout -q $DOCKER_PY_COMMIT \
+	&& pip install -r test-requirements.txt
+
+# Set user.email so crosbymichael's in-container merge commits go smoothly
+RUN git config --global user.email 'docker-dummy@example.com'
+
+# Add an unprivileged user to be used for tests which need it
+RUN groupadd -r docker
+RUN useradd --create-home --gid docker unprivilegeduser
+
+VOLUME /var/lib/docker
+WORKDIR /go/src/github.com/docker/docker
+ENV DOCKER_BUILDTAGS apparmor pkcs11 seccomp selinux
+
+# Let us use a .bashrc file
+RUN ln -sfv $PWD/.bashrc ~/.bashrc
+
+# Register Docker's bash completion.
+RUN ln -sv $PWD/contrib/completion/bash/docker /etc/bash_completion.d/docker
+
+# Get useful and necessary Hub images so we can "docker load" locally instead of pulling
+COPY contrib/download-frozen-image-v2.sh /go/src/github.com/docker/docker/contrib/
+RUN ./contrib/download-frozen-image-v2.sh /docker-frozen-images \
+	aarch64/buildpack-deps:jessie@sha256:6aa1d6910791b7ac78265fd0798e5abd6cb3f27ae992f6f960f6c303ec9535f2 \
+	aarch64/busybox:latest@sha256:b23a6a37cf269dff6e46d2473b6e227afa42b037e6d23435f1d2bc40fc8c2828 \
+	aarch64/debian:jessie@sha256:4be74a41a7c70ebe887b634b11ffe516cf4fcd56864a54941e56bb49883c3170 \
+	aarch64/hello-world:latest@sha256:65a4a158587b307bb02db4de41b836addb0c35175bdc801367b1ac1ddeb9afda
+# see also "hack/make/.ensure-frozen-images" (which needs to be updated any time this list is)
+
+# Download man page generator
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone --depth 1 -b v1.0.4 https://github.com/cpuguy83/go-md2man.git "$GOPATH/src/github.com/cpuguy83/go-md2man" \
+	&& git clone --depth 1 -b v1.4 https://github.com/russross/blackfriday.git "$GOPATH/src/github.com/russross/blackfriday" \
+	&& go get -v -d github.com/cpuguy83/go-md2man \
+	&& go build -v -o /usr/local/bin/go-md2man github.com/cpuguy83/go-md2man \
+	&& rm -rf "$GOPATH"
+
+# Download toml validator
+ENV TOMLV_COMMIT 9baf8a8a9f2ed20a8e54160840c492f937eeaf9a
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone https://github.com/BurntSushi/toml.git "$GOPATH/src/github.com/BurntSushi/toml" \
+	&& (cd "$GOPATH/src/github.com/BurntSushi/toml" && git checkout -q "$TOMLV_COMMIT") \
+	&& go build -v -o /usr/local/bin/tomlv github.com/BurntSushi/toml/cmd/tomlv \
+	&& rm -rf "$GOPATH"
+
+# Install runc
+ENV RUNC_COMMIT baf6536d6259209c3edfa2b22237af82942d3dfa
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone git://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" \
+	&& cd "$GOPATH/src/github.com/opencontainers/runc" \
+	&& git checkout -q "$RUNC_COMMIT" \
+	&& make static BUILDTAGS="seccomp apparmor selinux" \
+	&& cp runc /usr/local/bin/docker-runc
+
+# Install containerd
+ENV CONTAINERD_COMMIT 9dc2b3273db42c75368988a3885a3afd770069d9
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone git://github.com/docker/containerd.git "$GOPATH/src/github.com/docker/containerd" \
+	&& cd "$GOPATH/src/github.com/docker/containerd" \
+	&& git checkout -q "$CONTAINERD_COMMIT" \
+	&& make static \
+	&& cp bin/containerd /usr/local/bin/docker-containerd \
+	&& cp bin/containerd-shim /usr/local/bin/docker-containerd-shim \
+	&& cp bin/ctr /usr/local/bin/docker-containerd-ctr
+
+# Wrap all commands in the "docker-in-docker" script to allow nested containers
+ENTRYPOINT ["hack/dind"]
+
+# Upload docker source
+COPY . /go/src/github.com/docker/docker
diff --git a/Dockerfile.armhf b/Dockerfile.armhf
new file mode 100644
index 00000000..ce532ac0
--- /dev/null
+++ b/Dockerfile.armhf
@@ -0,0 +1,227 @@
+# This file describes the standard way to build Docker on ARMv7, using docker
+#
+# Usage:
+#
+# # Assemble the full dev environment. This is slow the first time.
+# docker build -t docker -f Dockerfile.armhf .
+#
+# # Mount your source in an interactive container for quick testing:
+# docker run -v `pwd`:/go/src/github.com/docker/docker --privileged -i -t docker bash
+#
+# # Run the test suite:
+# docker run --privileged docker hack/make.sh test
+#
+# Note: AppArmor used to mess with privileged mode, but this is no longer
+# the case. Therefore, you don't have to disable it anymore.
+#
+
+FROM armhf/debian:jessie
+
+# Packaged dependencies
+RUN apt-get update && apt-get install -y \
+	apparmor \
+	aufs-tools \
+	automake \
+	bash-completion \
+	btrfs-tools \
+	build-essential \
+	createrepo \
+	curl \
+	dpkg-sig \
+	git \
+	iptables \
+	jq \
+	net-tools \
+	libapparmor-dev \
+	libcap-dev \
+	libltdl-dev \
+	libsqlite3-dev \
+	libsystemd-journal-dev \
+	libtool \
+	mercurial \
+	pkg-config \
+	python-dev \
+	python-mock \
+	python-pip \
+	python-websocket \
+	xfsprogs \
+	tar \
+	--no-install-recommends
+
+# Get lvm2 source for compiling statically
+ENV LVM2_VERSION 2.02.103
+RUN mkdir -p /usr/local/lvm2 \
+	&& curl -fsSL "https://mirrors.kernel.org/sourceware/lvm2/LVM2.${LVM2_VERSION}.tgz" \
+		| tar -xzC /usr/local/lvm2 --strip-components=1
+# see https://git.fedorahosted.org/cgit/lvm2.git/refs/tags for release tags
+
+# Compile and install lvm2
+RUN cd /usr/local/lvm2 \
+	&& ./configure \
+		--build="$(gcc -print-multiarch)" \
+		--enable-static_link \
+	&& make device-mapper \
+	&& make install_device-mapper
+# see https://git.fedorahosted.org/cgit/lvm2.git/tree/INSTALL
+
+# Install Go
+# TODO Update to 1.5.4 once available, or build from source, as these builds
+# are marked "end of life", see http://dave.cheney.net/unofficial-arm-tarballs
+ENV GO_VERSION 1.5.3
+RUN curl -fsSL "http://dave.cheney.net/paste/go${GO_VERSION}.linux-arm.tar.gz" \
+	| tar -xzC /usr/local
+ENV PATH /go/bin:/usr/local/go/bin:$PATH
+ENV GOPATH /go:/go/src/github.com/docker/docker/vendor
+
+# we're building for armhf, which is ARMv7, so let's be explicit about that
+ENV GOARCH arm
+ENV GOARM 7
+
+# This has been commented out and kept as reference because we don't support compiling with older Go anymore.
+# ENV GOFMT_VERSION 1.3.3
+# RUN curl -sSL https://storage.googleapis.com/golang/go${GOFMT_VERSION}.$(go env GOOS)-$(go env GOARCH).tar.gz | tar -C /go/bin -xz --strip-components=2 go/bin/gofmt
+
+ENV GO_TOOLS_COMMIT 823804e1ae08dbb14eb807afc7db9993bc9e3cc3
+# Grab Go's cover tool for dead-simple code coverage testing
+# Grab Go's vet tool for examining go code to find suspicious constructs
+# and help prevent errors that the compiler might not catch
+RUN git clone https://github.com/golang/tools.git /go/src/golang.org/x/tools \
+	&& (cd /go/src/golang.org/x/tools && git checkout -q $GO_TOOLS_COMMIT) \
+	&& go install -v golang.org/x/tools/cmd/cover \
+	&& go install -v golang.org/x/tools/cmd/vet
+# Grab Go's lint tool
+ENV GO_LINT_COMMIT 32a87160691b3c96046c0c678fe57c5bef761456
+RUN git clone https://github.com/golang/lint.git /go/src/github.com/golang/lint \
+	&& (cd /go/src/github.com/golang/lint && git checkout -q $GO_LINT_COMMIT) \
+	&& go install -v github.com/golang/lint/golint
+
+# install seccomp: the version shipped in trusty is too old
+ENV SECCOMP_VERSION 2.3.0
+RUN set -x \
+	&& export SECCOMP_PATH="$(mktemp -d)" \
+	&& curl -fsSL "https://github.com/seccomp/libseccomp/releases/download/v${SECCOMP_VERSION}/libseccomp-${SECCOMP_VERSION}.tar.gz" \
+		| tar -xzC "$SECCOMP_PATH" --strip-components=1 \
+	&& ( \
+		cd "$SECCOMP_PATH" \
+		&& ./configure --prefix=/usr/local \
+		&& make \
+		&& make install \
+		&& ldconfig \
+	) \
+	&& rm -rf "$SECCOMP_PATH"
+
+# Install two versions of the registry. The first is an older version that
+# only supports schema1 manifests. The second is a newer version that supports
+# both. This allows integration-cli tests to cover push/pull with both schema1
+# and schema2 manifests.
+ENV REGISTRY_COMMIT_SCHEMA1 ec87e9b6971d831f0eff752ddb54fb64693e51cd
+ENV REGISTRY_COMMIT cb08de17d74bef86ce6c5abe8b240e282f5750be
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone https://github.com/docker/distribution.git "$GOPATH/src/github.com/docker/distribution" \
+	&& (cd "$GOPATH/src/github.com/docker/distribution" && git checkout -q "$REGISTRY_COMMIT") \
+	&& GOPATH="$GOPATH/src/github.com/docker/distribution/Godeps/_workspace:$GOPATH" \
+		go build -o /usr/local/bin/registry-v2 github.com/docker/distribution/cmd/registry \
+	&& (cd "$GOPATH/src/github.com/docker/distribution" && git checkout -q "$REGISTRY_COMMIT_SCHEMA1") \
+	&& GOPATH="$GOPATH/src/github.com/docker/distribution/Godeps/_workspace:$GOPATH" \
+		go build -o /usr/local/bin/registry-v2-schema1 github.com/docker/distribution/cmd/registry \
+	&& rm -rf "$GOPATH"
+
+# Install notary server
+ENV NOTARY_VERSION docker-v1.11-3
+RUN set -x \
+	&& export GO15VENDOREXPERIMENT=1 \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone https://github.com/docker/notary.git "$GOPATH/src/github.com/docker/notary" \
+	&& (cd "$GOPATH/src/github.com/docker/notary" && git checkout -q "$NOTARY_VERSION") \
+	&& GOPATH="$GOPATH/src/github.com/docker/notary/vendor:$GOPATH" \
+		go build -o /usr/local/bin/notary-server github.com/docker/notary/cmd/notary-server \
+	&& GOPATH="$GOPATH/src/github.com/docker/notary/vendor:$GOPATH" \
+		go build -o /usr/local/bin/notary github.com/docker/notary/cmd/notary \
+	&& rm -rf "$GOPATH"
+
+# Get the "docker-py" source so we can run their integration tests
+ENV DOCKER_PY_COMMIT e2878cbcc3a7eef99917adc1be252800b0e41ece
+RUN git clone https://github.com/docker/docker-py.git /docker-py \
+	&& cd /docker-py \
+	&& git checkout -q $DOCKER_PY_COMMIT \
+	&& pip install -r test-requirements.txt
+
+# Set user.email so crosbymichael's in-container merge commits go smoothly
+RUN git config --global user.email 'docker-dummy@example.com'
+
+# Add an unprivileged user to be used for tests which need it
+RUN groupadd -r docker
+RUN useradd --create-home --gid docker unprivilegeduser
+
+VOLUME /var/lib/docker
+WORKDIR /go/src/github.com/docker/docker
+ENV DOCKER_BUILDTAGS apparmor pkcs11 seccomp selinux
+
+# Let us use a .bashrc file
+RUN ln -sfv $PWD/.bashrc ~/.bashrc
+
+# Register Docker's bash completion.
+RUN ln -sv $PWD/contrib/completion/bash/docker /etc/bash_completion.d/docker
+
+# Get useful and necessary Hub images so we can "docker load" locally instead of pulling
+COPY contrib/download-frozen-image-v2.sh /go/src/github.com/docker/docker/contrib/
+RUN ./contrib/download-frozen-image-v2.sh /docker-frozen-images \
+	armhf/buildpack-deps:jessie@sha256:ca6cce8e5bf5c952129889b5cc15cd6aa8d995d77e55e3749bbaadae50e476cb \
+	armhf/busybox:latest@sha256:d98a7343ac750ffe387e3d514f8521ba69846c216778919b01414b8617cfb3d4 \
+	armhf/debian:jessie@sha256:4a2187483f04a84f9830910fe3581d69b3c985cc045d9f01d8e2f3795b28107b \
+	armhf/hello-world:latest@sha256:161dcecea0225975b2ad5f768058212c1e0d39e8211098666ffa1ac74cfb7791
+# see also "hack/make/.ensure-frozen-images" (which needs to be updated any time this list is)
+
+# Download man page generator
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone --depth 1 -b v1.0.4 https://github.com/cpuguy83/go-md2man.git "$GOPATH/src/github.com/cpuguy83/go-md2man" \
+	&& git clone --depth 1 -b v1.4 https://github.com/russross/blackfriday.git "$GOPATH/src/github.com/russross/blackfriday" \
+	&& go get -v -d github.com/cpuguy83/go-md2man \
+	&& go build -v -o /usr/local/bin/go-md2man github.com/cpuguy83/go-md2man \
+	&& rm -rf "$GOPATH"
+
+# Download toml validator
+ENV TOMLV_COMMIT 9baf8a8a9f2ed20a8e54160840c492f937eeaf9a
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone https://github.com/BurntSushi/toml.git "$GOPATH/src/github.com/BurntSushi/toml" \
+	&& (cd "$GOPATH/src/github.com/BurntSushi/toml" && git checkout -q "$TOMLV_COMMIT") \
+	&& go build -v -o /usr/local/bin/tomlv github.com/BurntSushi/toml/cmd/tomlv \
+	&& rm -rf "$GOPATH"
+
+# Build/install the tool for embedding resources in Windows binaries
+ENV RSRC_VERSION v2
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone --depth 1 -b "$RSRC_VERSION" https://github.com/akavel/rsrc.git "$GOPATH/src/github.com/akavel/rsrc" \
+	&& go build -v -o /usr/local/bin/rsrc github.com/akavel/rsrc \
+	&& rm -rf "$GOPATH"
+
+# Install runc
+ENV RUNC_COMMIT baf6536d6259209c3edfa2b22237af82942d3dfa
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone git://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" \
+	&& cd "$GOPATH/src/github.com/opencontainers/runc" \
+	&& git checkout -q "$RUNC_COMMIT" \
+	&& make static BUILDTAGS="seccomp apparmor selinux" \
+	&& cp runc /usr/local/bin/docker-runc
+
+# Install containerd
+ENV CONTAINERD_COMMIT 9dc2b3273db42c75368988a3885a3afd770069d9
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone git://github.com/docker/containerd.git "$GOPATH/src/github.com/docker/containerd" \
+	&& cd "$GOPATH/src/github.com/docker/containerd" \
+	&& git checkout -q "$CONTAINERD_COMMIT" \
+	&& make static \
+	&& cp bin/containerd /usr/local/bin/docker-containerd \
+	&& cp bin/containerd-shim /usr/local/bin/docker-containerd-shim \
+	&& cp bin/ctr /usr/local/bin/docker-containerd-ctr
+
+ENTRYPOINT ["hack/dind"]
+
+# Upload docker source
+COPY . /go/src/github.com/docker/docker
diff --git a/Dockerfile.gccgo b/Dockerfile.gccgo
new file mode 100644
index 00000000..eadd15ce
--- /dev/null
+++ b/Dockerfile.gccgo
@@ -0,0 +1,102 @@
+# This file describes the standard way to build Docker, using docker
+#
+# Usage:
+#
+# # Assemble the full dev environment. This is slow the first time.
+# docker build -t docker -f Dockerfile.gccgo .
+#
+
+FROM gcc:5.3
+
+# Packaged dependencies
+RUN apt-get update && apt-get install -y \
+	apparmor \
+	aufs-tools \
+	btrfs-tools \
+	build-essential \
+	curl \
+	git \
+	iptables \
+	jq \
+	net-tools \
+	libapparmor-dev \
+	libcap-dev \
+	libsqlite3-dev \
+	mercurial \
+	net-tools \
+	parallel \
+	python-dev \
+	python-mock \
+	python-pip \
+	python-websocket \
+	--no-install-recommends
+
+# Get lvm2 source for compiling statically
+RUN git clone -b v2_02_103 https://git.fedorahosted.org/git/lvm2.git /usr/local/lvm2
+# see https://git.fedorahosted.org/cgit/lvm2.git/refs/tags for release tags
+
+# Compile and install lvm2
+RUN cd /usr/local/lvm2 \
+	&& ./configure --enable-static_link \
+	&& make device-mapper \
+	&& make install_device-mapper
+# see https://git.fedorahosted.org/cgit/lvm2.git/tree/INSTALL
+
+# install seccomp: the version shipped in jessie is too old
+ENV SECCOMP_VERSION v2.3.0
+RUN set -x \
+    && export SECCOMP_PATH=$(mktemp -d) \
+    && git clone https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \
+    && ( \
+        cd "$SECCOMP_PATH" \
+        && git checkout "$SECCOMP_VERSION" \
+        && ./autogen.sh \
+        && ./configure --prefix=/usr \
+        && make \
+        && make install \
+    ) \
+    && rm -rf "$SECCOMP_PATH"
+
+ENV GOPATH /go:/go/src/github.com/docker/docker/vendor
+
+# Get the "docker-py" source so we can run their integration tests
+ENV DOCKER_PY_COMMIT e2878cbcc3a7eef99917adc1be252800b0e41ece
+RUN git clone https://github.com/docker/docker-py.git /docker-py \
+	&& cd /docker-py \
+	&& git checkout -q $DOCKER_PY_COMMIT
+
+# Add an unprivileged user to be used for tests which need it
+RUN groupadd -r docker
+RUN useradd --create-home --gid docker unprivilegeduser
+
+VOLUME /var/lib/docker
+WORKDIR /go/src/github.com/docker/docker
+ENV DOCKER_BUILDTAGS apparmor seccomp selinux
+
+# Install runc
+ENV RUNC_COMMIT baf6536d6259209c3edfa2b22237af82942d3dfa
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone git://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" \
+	&& cd "$GOPATH/src/github.com/opencontainers/runc" \
+	&& git checkout -q "$RUNC_COMMIT" \
+	&& make static BUILDTAGS="seccomp apparmor selinux" \
+	&& cp runc /usr/local/bin/docker-runc
+
+# Install containerd
+ENV CONTAINERD_COMMIT 9dc2b3273db42c75368988a3885a3afd770069d9
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone git://github.com/docker/containerd.git "$GOPATH/src/github.com/docker/containerd" \
+	&& cd "$GOPATH/src/github.com/docker/containerd" \
+	&& git checkout -q "$CONTAINERD_COMMIT" \
+	&& make static \
+	&& cp bin/containerd /usr/local/bin/docker-containerd \
+	&& cp bin/containerd-shim /usr/local/bin/docker-containerd-shim \
+	&& cp bin/ctr /usr/local/bin/docker-containerd-ctr
+
+# Wrap all commands in the "docker-in-docker" script to allow nested containers
+ENTRYPOINT ["hack/dind"]
+
+# Upload docker source
+COPY . /go/src/github.com/docker/docker
diff --git a/Dockerfile.ppc64le b/Dockerfile.ppc64le
new file mode 100644
index 00000000..626415d2
--- /dev/null
+++ b/Dockerfile.ppc64le
@@ -0,0 +1,225 @@
+# This file describes the standard way to build Docker on ppc64le, using docker
+#
+# Usage:
+#
+# # Assemble the full dev environment. This is slow the first time.
+# docker build -t docker -f Dockerfile.ppc64le .
+#
+# # Mount your source in an interactive container for quick testing:
+# docker run -v `pwd`:/go/src/github.com/docker/docker --privileged -i -t docker bash
+#
+# # Run the test suite:
+# docker run --privileged docker hack/make.sh test
+#
+# Note: AppArmor used to mess with privileged mode, but this is no longer
+# the case. Therefore, you don't have to disable it anymore.
+#
+
+FROM ppc64le/gcc:5.3
+
+# Packaged dependencies
+RUN apt-get update && apt-get install -y \
+	apparmor \
+	aufs-tools \
+	automake \
+	bash-completion \
+	btrfs-tools \
+	build-essential \
+	createrepo \
+	curl \
+	dpkg-sig \
+	git \
+	iptables \
+	jq \
+	net-tools \
+	libapparmor-dev \
+	libcap-dev \
+	libltdl-dev \
+	libsqlite3-dev \
+	libsystemd-journal-dev \
+	libtool \
+	mercurial \
+	pkg-config \
+	python-dev \
+	python-mock \
+	python-pip \
+	python-websocket \
+	xfsprogs \
+	tar \
+	--no-install-recommends
+
+# Get lvm2 source for compiling statically
+ENV LVM2_VERSION 2.02.103
+RUN mkdir -p /usr/local/lvm2 \
+	&& curl -fsSL "https://mirrors.kernel.org/sourceware/lvm2/LVM2.${LVM2_VERSION}.tgz" \
+		| tar -xzC /usr/local/lvm2 --strip-components=1
+# see https://git.fedorahosted.org/cgit/lvm2.git/refs/tags for release tags
+
+# fix platform enablement in lvm2 to support ppc64le properly
+RUN set -e \
+	&& for f in config.guess config.sub; do \
+		curl -fsSL -o "/usr/local/lvm2/autoconf/$f" "http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=$f;hb=HEAD"; \
+	done
+# "arch.c:78:2: error: #error the arch code needs to know about your machine type"
+
+# Compile and install lvm2
+RUN cd /usr/local/lvm2 \
+	&& ./configure \
+		--build="$(gcc -print-multiarch)" \
+		--enable-static_link \
+	&& make device-mapper \
+	&& make install_device-mapper
+# see https://git.fedorahosted.org/cgit/lvm2.git/tree/INSTALL
+
+## BUILD GOLANG 1.6
+# NOTE: ppc64le has compatibility issues with older versions of go, so make sure the version >= 1.6
+ENV GO_VERSION 1.6.2
+ENV GO_DOWNLOAD_URL https://golang.org/dl/go${GO_VERSION}.src.tar.gz
+ENV GO_DOWNLOAD_SHA256 787b0b750d037016a30c6ed05a8a70a91b2e9db4bd9b1a2453aa502a63f1bccc
+ENV GOROOT_BOOTSTRAP /usr/local
+
+RUN curl -fsSL "$GO_DOWNLOAD_URL" -o golang.tar.gz \
+    && echo "$GO_DOWNLOAD_SHA256  golang.tar.gz" | sha256sum -c - \
+    && tar -C /usr/src -xzf golang.tar.gz \
+    && rm golang.tar.gz \
+    && cd /usr/src/go/src && ./make.bash 2>&1
+
+ENV GOROOT_BOOTSTRAP /usr/src/
+
+ENV PATH /usr/src/go/bin/:/go/bin:$PATH
+ENV GOPATH /go:/go/src/github.com/docker/docker/vendor
+
+# This has been commented out and kept as reference because we don't support compiling with older Go anymore.
+# ENV GOFMT_VERSION 1.3.3
+# RUN curl -sSL https://storage.googleapis.com/golang/go${GOFMT_VERSION}.$(go env GOOS)-$(go env GOARCH).tar.gz | tar -C /go/bin -xz --strip-components=2 go/bin/gofmt
+
+ENV GO_TOOLS_COMMIT 823804e1ae08dbb14eb807afc7db9993bc9e3cc3
+# Grab Go's cover tool for dead-simple code coverage testing
+# Grab Go's vet tool for examining go code to find suspicious constructs
+# and help prevent errors that the compiler might not catch
+RUN git clone https://github.com/golang/tools.git /go/src/golang.org/x/tools \
+	&& (cd /go/src/golang.org/x/tools && git checkout -q $GO_TOOLS_COMMIT) \
+	&& go install -v golang.org/x/tools/cmd/cover \
+	&& go install -v golang.org/x/tools/cmd/vet
+# Grab Go's lint tool
+ENV GO_LINT_COMMIT 32a87160691b3c96046c0c678fe57c5bef761456
+RUN git clone https://github.com/golang/lint.git /go/src/github.com/golang/lint \
+	&& (cd /go/src/github.com/golang/lint && git checkout -q $GO_LINT_COMMIT) \
+	&& go install -v github.com/golang/lint/golint
+
+# Install two versions of the registry. The first is an older version that
+# only supports schema1 manifests. The second is a newer version that supports
+# both. This allows integration-cli tests to cover push/pull with both schema1
+# and schema2 manifests.
+ENV REGISTRY_COMMIT_SCHEMA1 ec87e9b6971d831f0eff752ddb54fb64693e51cd
+ENV REGISTRY_COMMIT 47a064d4195a9b56133891bbb13620c3ac83a827
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone https://github.com/docker/distribution.git "$GOPATH/src/github.com/docker/distribution" \
+	&& (cd "$GOPATH/src/github.com/docker/distribution" && git checkout -q "$REGISTRY_COMMIT") \
+	&& GOPATH="$GOPATH/src/github.com/docker/distribution/Godeps/_workspace:$GOPATH" \
+		go build -o /usr/local/bin/registry-v2 github.com/docker/distribution/cmd/registry \
+	&& (cd "$GOPATH/src/github.com/docker/distribution" && git checkout -q "$REGISTRY_COMMIT_SCHEMA1") \
+	&& GOPATH="$GOPATH/src/github.com/docker/distribution/Godeps/_workspace:$GOPATH" \
+		go build -o /usr/local/bin/registry-v2-schema1 github.com/docker/distribution/cmd/registry \
+	&& rm -rf "$GOPATH"
+
+# Install notary and notary-server
+ENV NOTARY_VERSION docker-v1.11-3
+RUN set -x \
+	&& export GO15VENDOREXPERIMENT=1 \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone https://github.com/docker/notary.git "$GOPATH/src/github.com/docker/notary" \
+	&& (cd "$GOPATH/src/github.com/docker/notary" && git checkout -q "$NOTARY_VERSION") \
+	&& GOPATH="$GOPATH/src/github.com/docker/notary/vendor:$GOPATH" \
+		go build -o /usr/local/bin/notary-server github.com/docker/notary/cmd/notary-server \
+	&& GOPATH="$GOPATH/src/github.com/docker/notary/vendor:$GOPATH" \
+		go build -o /usr/local/bin/notary github.com/docker/notary/cmd/notary \
+	&& rm -rf "$GOPATH"
+
+# Get the "docker-py" source so we can run their integration tests
+ENV DOCKER_PY_COMMIT e2878cbcc3a7eef99917adc1be252800b0e41ece
+RUN git clone https://github.com/docker/docker-py.git /docker-py \
+	&& cd /docker-py \
+	&& git checkout -q $DOCKER_PY_COMMIT \
+	&& pip install -r test-requirements.txt
+
+# Set user.email so crosbymichael's in-container merge commits go smoothly
+RUN git config --global user.email 'docker-dummy@example.com'
+
+# Add an unprivileged user to be used for tests which need it
+RUN groupadd -r docker
+RUN useradd --create-home --gid docker unprivilegeduser
+
+VOLUME /var/lib/docker
+WORKDIR /go/src/github.com/docker/docker
+ENV DOCKER_BUILDTAGS apparmor pkcs11 selinux
+
+# Let us use a .bashrc file
+RUN ln -sfv $PWD/.bashrc ~/.bashrc
+
+# Register Docker's bash completion.
+RUN ln -sv $PWD/contrib/completion/bash/docker /etc/bash_completion.d/docker
+
+# Get useful and necessary Hub images so we can "docker load" locally instead of pulling
+COPY contrib/download-frozen-image-v2.sh /go/src/github.com/docker/docker/contrib/
+RUN ./contrib/download-frozen-image-v2.sh /docker-frozen-images \
+	ppc64le/buildpack-deps:jessie@sha256:902bfe4ef1389f94d143d64516dd50a2de75bca2e66d4a44b1d73f63ddf05dda \
+	ppc64le/busybox:latest@sha256:38bb82085248d5a3c24bd7a5dc146f2f2c191e189da0441f1c2ca560e3fc6f1b \
+	ppc64le/debian:jessie@sha256:412845f51b6ab662afba71bc7a716e20fdb9b84f185d180d4c7504f8a75c4f91 \
+	ppc64le/hello-world:latest@sha256:186a40a9a02ca26df0b6c8acdfb8ac2f3ae6678996a838f977e57fac9d963974
+# see also "hack/make/.ensure-frozen-images" (which needs to be updated any time this list is)
+
+# Download man page generator
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone --depth 1 -b v1.0.4 https://github.com/cpuguy83/go-md2man.git "$GOPATH/src/github.com/cpuguy83/go-md2man" \
+	&& git clone --depth 1 -b v1.4 https://github.com/russross/blackfriday.git "$GOPATH/src/github.com/russross/blackfriday" \
+	&& go get -v -d github.com/cpuguy83/go-md2man \
+	&& go build -v -o /usr/local/bin/go-md2man github.com/cpuguy83/go-md2man \
+	&& rm -rf "$GOPATH"
+
+# Download toml validator
+ENV TOMLV_COMMIT 9baf8a8a9f2ed20a8e54160840c492f937eeaf9a
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone https://github.com/BurntSushi/toml.git "$GOPATH/src/github.com/BurntSushi/toml" \
+	&& (cd "$GOPATH/src/github.com/BurntSushi/toml" && git checkout -q "$TOMLV_COMMIT") \
+	&& go build -v -o /usr/local/bin/tomlv github.com/BurntSushi/toml/cmd/tomlv \
+	&& rm -rf "$GOPATH"
+
+# Build/install the tool for embedding resources in Windows binaries
+ENV RSRC_VERSION v2
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone --depth 1 -b "$RSRC_VERSION" https://github.com/akavel/rsrc.git "$GOPATH/src/github.com/akavel/rsrc" \
+	&& go build -v -o /usr/local/bin/rsrc github.com/akavel/rsrc \
+	&& rm -rf "$GOPATH"
+
+# Install runc
+ENV RUNC_COMMIT baf6536d6259209c3edfa2b22237af82942d3dfa
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone git://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" \
+	&& cd "$GOPATH/src/github.com/opencontainers/runc" \
+	&& git checkout -q "$RUNC_COMMIT" \
+	&& make static BUILDTAGS="apparmor selinux" \
+	&& cp runc /usr/local/bin/docker-runc
+
+# Install containerd
+ENV CONTAINERD_COMMIT 9dc2b3273db42c75368988a3885a3afd770069d9
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone git://github.com/docker/containerd.git "$GOPATH/src/github.com/docker/containerd" \
+	&& cd "$GOPATH/src/github.com/docker/containerd" \
+	&& git checkout -q "$CONTAINERD_COMMIT" \
+	&& make static \
+	&& cp bin/containerd /usr/local/bin/docker-containerd \
+	&& cp bin/containerd-shim /usr/local/bin/docker-containerd-shim \
+	&& cp bin/ctr /usr/local/bin/docker-containerd-ctr
+
+# Wrap all commands in the "docker-in-docker" script to allow nested containers
+ENTRYPOINT ["hack/dind"]
+
+# Upload docker source
+COPY . /go/src/github.com/docker/docker
diff --git a/Dockerfile.s390x b/Dockerfile.s390x
new file mode 100644
index 00000000..3b2ba3fa
--- /dev/null
+++ b/Dockerfile.s390x
@@ -0,0 +1,206 @@
+# This file describes the standard way to build Docker on s390x, using docker
+#
+# Usage:
+#
+# # Assemble the full dev environment. This is slow the first time.
+# docker build -t docker -f Dockerfile.s390x .
+#
+# # Mount your source in an interactive container for quick testing:
+# docker run -v `pwd`:/go/src/github.com/docker/docker --privileged -i -t docker bash
+#
+# # Run the test suite:
+# docker run --privileged docker hack/make.sh test
+#
+# Note: AppArmor used to mess with privileged mode, but this is no longer
+# the case. Therefore, you don't have to disable it anymore.
+#
+
+FROM s390x/gcc:5.3
+
+# Packaged dependencies
+RUN apt-get update && apt-get install -y \
+	apparmor \
+	aufs-tools \
+	automake \
+	bash-completion \
+	btrfs-tools \
+	build-essential \
+	createrepo \
+	curl \
+	dpkg-sig \
+	git \
+	iptables \
+	jq \
+	net-tools \
+	libapparmor-dev \
+	libcap-dev \
+	libltdl-dev \
+	libsqlite3-dev \
+	libsystemd-journal-dev \
+	libtool \
+	mercurial \
+	pkg-config \
+	python-dev \
+	python-mock \
+	python-pip \
+	python-websocket \
+	xfsprogs \
+	tar \
+	--no-install-recommends
+
+# Get lvm2 source for compiling statically
+ENV LVM2_VERSION 2.02.103
+RUN mkdir -p /usr/local/lvm2 \
+	&& curl -fsSL "https://mirrors.kernel.org/sourceware/lvm2/LVM2.${LVM2_VERSION}.tgz" \
+		| tar -xzC /usr/local/lvm2 --strip-components=1
+# see https://git.fedorahosted.org/cgit/lvm2.git/refs/tags for release tags
+
+# fix platform enablement in lvm2 to support s390x properly
+RUN set -e \
+	&& for f in config.guess config.sub; do \
+		curl -fsSL -o "/usr/local/lvm2/autoconf/$f" "http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=$f;hb=HEAD"; \
+	done
+# "arch.c:78:2: error: #error the arch code needs to know about your machine type"
+
+# Compile and install lvm2
+RUN cd /usr/local/lvm2 \
+	&& ./configure \
+		--build="$(gcc -print-multiarch)" \
+		--enable-static_link \
+	&& make device-mapper \
+	&& make install_device-mapper
+# see https://git.fedorahosted.org/cgit/lvm2.git/tree/INSTALL
+
+# Note: Go comes from the base image (gccgo, specifically)
+# We can't compile Go proper because s390x isn't an officially supported architecture yet.
+
+ENV PATH /go/bin:$PATH
+ENV GOPATH /go:/go/src/github.com/docker/docker/vendor
+
+# This has been commented out and kept as reference because we don't support compiling with older Go anymore.
+# ENV GOFMT_VERSION 1.3.3
+# RUN curl -sSL https://storage.googleapis.com/golang/go${GOFMT_VERSION}.$(go env GOOS)-$(go env GOARCH).tar.gz | tar -C /go/bin -xz --strip-components=2 go/bin/gofmt
+
+# TODO update this sha when we upgrade to Go 1.5+
+ENV GO_TOOLS_COMMIT 069d2f3bcb68257b627205f0486d6cc69a231ff9
+# Grab Go's cover tool for dead-simple code coverage testing
+# Grab Go's vet tool for examining go code to find suspicious constructs
+# and help prevent errors that the compiler might not catch
+RUN git clone https://github.com/golang/tools.git /go/src/golang.org/x/tools \
+	&& (cd /go/src/golang.org/x/tools && git checkout -q $GO_TOOLS_COMMIT) \
+	&& go install -v golang.org/x/tools/cmd/cover \
+	&& go install -v golang.org/x/tools/cmd/vet
+# Grab Go's lint tool
+ENV GO_LINT_COMMIT f42f5c1c440621302702cb0741e9d2ca547ae80f
+RUN git clone https://github.com/golang/lint.git /go/src/github.com/golang/lint \
+	&& (cd /go/src/github.com/golang/lint && git checkout -q $GO_LINT_COMMIT) \
+	&& go install -v github.com/golang/lint/golint
+
+
+# Install registry
+ENV REGISTRY_COMMIT ec87e9b6971d831f0eff752ddb54fb64693e51cd
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone https://github.com/docker/distribution.git "$GOPATH/src/github.com/docker/distribution" \
+	&& (cd "$GOPATH/src/github.com/docker/distribution" && git checkout -q "$REGISTRY_COMMIT") \
+	&& GOPATH="$GOPATH/src/github.com/docker/distribution/Godeps/_workspace:$GOPATH" \
+		go build -o /usr/local/bin/registry-v2 github.com/docker/distribution/cmd/registry \
+	&& rm -rf "$GOPATH"
+
+# Install notary server
+ENV NOTARY_VERSION docker-v1.11-3
+RUN set -x \
+	&& export GO15VENDOREXPERIMENT=1 \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone https://github.com/docker/notary.git "$GOPATH/src/github.com/docker/notary" \
+	&& (cd "$GOPATH/src/github.com/docker/notary" && git checkout -q "$NOTARY_VERSION") \
+	&& GOPATH="$GOPATH/src/github.com/docker/notary/vendor:$GOPATH" \
+		go build -o /usr/local/bin/notary-server github.com/docker/notary/cmd/notary-server \
+	&& rm -rf "$GOPATH"
+
+# Get the "docker-py" source so we can run their integration tests
+ENV DOCKER_PY_COMMIT e2878cbcc3a7eef99917adc1be252800b0e41ece
+RUN git clone https://github.com/docker/docker-py.git /docker-py \
+	&& cd /docker-py \
+	&& git checkout -q $DOCKER_PY_COMMIT \
+	&& pip install -r test-requirements.txt
+
+# Set user.email so crosbymichael's in-container merge commits go smoothly
+RUN git config --global user.email 'docker-dummy@example.com'
+
+# Add an unprivileged user to be used for tests which need it
+RUN groupadd -r docker
+RUN useradd --create-home --gid docker unprivilegeduser
+
+VOLUME /var/lib/docker
+WORKDIR /go/src/github.com/docker/docker
+ENV DOCKER_BUILDTAGS apparmor pkcs11 selinux
+
+# Let us use a .bashrc file
+RUN ln -sfv $PWD/.bashrc ~/.bashrc
+
+# Register Docker's bash completion.
+RUN ln -sv $PWD/contrib/completion/bash/docker /etc/bash_completion.d/docker
+
+# Get useful and necessary Hub images so we can "docker load" locally instead of pulling
+COPY contrib/download-frozen-image-v2.sh /go/src/github.com/docker/docker/contrib/
+RUN ./contrib/download-frozen-image-v2.sh /docker-frozen-images \
+	s390x/buildpack-deps:jessie@sha256:4d1381224acaca6c4bfe3604de3af6972083a8558a99672cb6989c7541780099 \
+	s390x/busybox:latest@sha256:dd61522c983884a66ed72d60301925889028c6d2d5e0220a8fe1d9b4c6a4f01b \
+	s390x/debian:jessie@sha256:b74c863400909eff3c5e196cac9bfd1f6333ce47aae6a38398d87d5875da170a \
+	s390x/hello-world:latest@sha256:780d80b3a7677c3788c0d5cd9168281320c8d4a6d9183892d8ee5cdd610f5699
+# see also "hack/make/.ensure-frozen-images" (which needs to be updated any time this list is)
+
+# Download man page generator
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone --depth 1 -b v1.0.4 https://github.com/cpuguy83/go-md2man.git "$GOPATH/src/github.com/cpuguy83/go-md2man" \
+	&& git clone --depth 1 -b v1.4 https://github.com/russross/blackfriday.git "$GOPATH/src/github.com/russross/blackfriday" \
+	&& go get -v -d github.com/cpuguy83/go-md2man \
+	&& go build -v -o /usr/local/bin/go-md2man github.com/cpuguy83/go-md2man \
+	&& rm -rf "$GOPATH"
+
+# Download toml validator
+ENV TOMLV_COMMIT 9baf8a8a9f2ed20a8e54160840c492f937eeaf9a
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone https://github.com/BurntSushi/toml.git "$GOPATH/src/github.com/BurntSushi/toml" \
+	&& (cd "$GOPATH/src/github.com/BurntSushi/toml" && git checkout -q "$TOMLV_COMMIT") \
+	&& go build -v -o /usr/local/bin/tomlv github.com/BurntSushi/toml/cmd/tomlv \
+	&& rm -rf "$GOPATH"
+
+# Build/install the tool for embedding resources in Windows binaries
+ENV RSRC_VERSION v2
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone --depth 1 -b "$RSRC_VERSION" https://github.com/akavel/rsrc.git "$GOPATH/src/github.com/akavel/rsrc" \
+	&& go build -v -o /usr/local/bin/rsrc github.com/akavel/rsrc \
+	&& rm -rf "$GOPATH"
+
+# Install runc
+ENV RUNC_COMMIT baf6536d6259209c3edfa2b22237af82942d3dfa
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone git://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" \
+	&& cd "$GOPATH/src/github.com/opencontainers/runc" \
+	&& git checkout -q "$RUNC_COMMIT" \
+	&& make static BUILDTAGS="seccomp apparmor selinux" \
+	&& cp runc /usr/local/bin/docker-runc
+
+# Install containerd
+ENV CONTAINERD_COMMIT 9dc2b3273db42c75368988a3885a3afd770069d9
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone git://github.com/docker/containerd.git "$GOPATH/src/github.com/docker/containerd" \
+	&& cd "$GOPATH/src/github.com/docker/containerd" \
+	&& git checkout -q "$CONTAINERD_COMMIT" \
+	&& make static \
+	&& cp bin/containerd /usr/local/bin/docker-containerd \
+	&& cp bin/containerd-shim /usr/local/bin/docker-containerd-shim \
+	&& cp bin/ctr /usr/local/bin/docker-containerd-ctr
+
+# Wrap all commands in the "docker-in-docker" script to allow nested containers
+ENTRYPOINT ["hack/dind"]
+
+# Upload docker source
+COPY . /go/src/github.com/docker/docker
diff --git a/Dockerfile.simple b/Dockerfile.simple
new file mode 100644
index 00000000..2cd461fa
--- /dev/null
+++ b/Dockerfile.simple
@@ -0,0 +1,56 @@
+# docker build -t docker:simple -f Dockerfile.simple .
+# docker run --rm docker:simple hack/make.sh dynbinary
+# docker run --rm --privileged docker:simple hack/dind hack/make.sh test-unit
+# docker run --rm --privileged -v /var/lib/docker docker:simple hack/dind hack/make.sh dynbinary test-integration-cli
+
+# This represents the bare minimum required to build and test Docker.
+
+FROM debian:jessie
+
+# compile and runtime deps
+# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies
+# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#runtime-dependencies
+RUN apt-get update && apt-get install -y --no-install-recommends \
+		btrfs-tools \
+		curl \
+		gcc \
+		git \
+		golang \
+		libdevmapper-dev \
+		libsqlite3-dev \
+		\
+		ca-certificates \
+		e2fsprogs \
+		iptables \
+		procps \
+		xfsprogs \
+		xz-utils \
+		\
+		aufs-tools \
+	&& rm -rf /var/lib/apt/lists/*
+
+# Install runc
+ENV RUNC_COMMIT baf6536d6259209c3edfa2b22237af82942d3dfa
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone git://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" \
+	&& cd "$GOPATH/src/github.com/opencontainers/runc" \
+	&& git checkout -q "$RUNC_COMMIT" \
+	&& make static BUILDTAGS="seccomp apparmor selinux" \
+	&& cp runc /usr/local/bin/docker-runc
+
+# Install containerd
+ENV CONTAINERD_COMMIT 9dc2b3273db42c75368988a3885a3afd770069d9
+RUN set -x \
+	&& export GOPATH="$(mktemp -d)" \
+	&& git clone git://github.com/docker/containerd.git "$GOPATH/src/github.com/docker/containerd" \
+	&& cd "$GOPATH/src/github.com/docker/containerd" \
+	&& git checkout -q "$CONTAINERD_COMMIT" \
+	&& make static \
+	&& cp bin/containerd /usr/local/bin/docker-containerd \
+	&& cp bin/containerd-shim /usr/local/bin/docker-containerd-shim \
+	&& cp bin/ctr /usr/local/bin/docker-containerd-ctr
+
+ENV AUTO_GOPATH 1
+WORKDIR /usr/src/docker
+COPY . /usr/src/docker
diff --git a/Dockerfile.windows b/Dockerfile.windows
new file mode 100755
index 00000000..d288ab62
--- /dev/null
+++ b/Dockerfile.windows
@@ -0,0 +1,101 @@
+# This file describes the standard way to build Docker, using a docker container on Windows 
+# Server 2016
+#
+# Usage:
+#
+# # Assemble the full dev environment. This is slow the first time. Run this from
+# # a directory containing the sources you are validating. For example from 
+# # c:\go\src\github.com\docker\docker
+#
+# docker build -t docker -f Dockerfile.windows .
+#
+#
+# # Build docker in a container. Run the following from a Windows cmd command prommpt,
+# # replacing c:\built with the directory you want the binaries to be placed on the
+# # host system.
+#
+# docker run --rm -v "c:\built:c:\target" docker sh -c 'cd /c/go/src/github.com/docker/docker; hack/make.sh binary; ec=$?; if [ $ec -eq 0 ]; then robocopy /c/go/src/github.com/docker/docker/bundles/$(cat VERSION)/binary /c/target/binary; fi; exit $ec'
+#
+# Important notes:
+# ---------------
+#
+# 'Start-Sleep' is a deliberate workaround for a current problem on containers in Windows 
+# Server 2016. It ensures that the network is up and available for when the command is
+# network related. This bug is being tracked internally at Microsoft and exists in TP4.
+# Generally sleep 1 or 2 is probably enough, but making it 5 to make the build file
+# as bullet proof as possible. This isn't a big deal as this only runs the first time.
+#
+# The cygwin posix utilities from GIT aren't usable interactively as at January 2016. This
+# is because they require a console window which isn't present in a container in Windows.
+# See the example at the top of this file. Do NOT use -it in that docker run!!! 
+#
+# Don't try to use a volume for passing the source through. The cygwin posix utilities will
+# balk at reparse points. Again, see the example at the top of this file on how use a volume
+# to get the built binary out of the container.
+#
+# The steps are minimised dramatically to improve performance (TP4 is slow on commit)
+
+FROM windowsservercore
+
+# Environment variable notes:
+#  - GO_VERSION must consistent with 'Dockerfile' used by Linux'.
+#  - FROM_DOCKERFILE is used for detection of building within a container.
+ENV GO_VERSION=1.5.4 \
+    GIT_LOCATION=https://github.com/git-for-windows/git/releases/download/v2.7.2.windows.1/Git-2.7.2-64-bit.exe \
+    RSRC_COMMIT=ba14da1f827188454a4591717fff29999010887f \
+    GOPATH=C:/go;C:/go/src/github.com/docker/docker/vendor \
+    FROM_DOCKERFILE=1
+
+WORKDIR c:/
+
+# Everything downloaded/installed in one go (better performance, esp on TP4)
+RUN \
+ setx /M Path "c:\git\cmd;c:\git\bin;c:\git\usr\bin;%Path%;c:\gcc\bin;c:\go\bin" && \
+ setx GOROOT "c:\go" && \
+ powershell -command \
+  $ErrorActionPreference = 'Stop'; \
+  Start-Sleep -Seconds 5; \
+  Function Download-File([string] $source, [string] $target) { \
+   $wc = New-Object net.webclient; $wc.Downloadfile($source, $target) \
+  } \
+  \
+  Write-Host INFO: Downloading git...; \		
+  Download-File %GIT_LOCATION% gitsetup.exe; \
+  \
+  Write-Host INFO: Downloading go...; \
+  Download-File https://storage.googleapis.com/golang/go%GO_VERSION%.windows-amd64.msi go.msi; \
+  \
+  Write-Host INFO: Downloading compiler 1 of 3...; \
+  Download-File https://raw.githubusercontent.com/jhowardmsft/docker-tdmgcc/master/gcc.zip gcc.zip; \
+  \
+  Write-Host INFO: Downloading compiler 2 of 3...; \
+  Download-File https://raw.githubusercontent.com/jhowardmsft/docker-tdmgcc/master/runtime.zip runtime.zip; \
+  \
+  Write-Host INFO: Downloading compiler 3 of 3...; \
+  Download-File https://raw.githubusercontent.com/jhowardmsft/docker-tdmgcc/master/binutils.zip binutils.zip; \
+  \
+  Write-Host INFO: Installing git...; \
+  Start-Process gitsetup.exe -ArgumentList '/VERYSILENT /SUPPRESSMSGBOXES /CLOSEAPPLICATIONS /DIR=c:\git\' -Wait; \
+  \
+  Write-Host INFO: Installing go..."; \
+  Start-Process msiexec -ArgumentList '-i go.msi -quiet' -Wait; \
+  \
+  Write-Host INFO: Unzipping compiler...; \
+  c:\git\usr\bin\unzip.exe -q -o gcc.zip -d /c/gcc; \
+  c:\git\usr\bin\unzip.exe -q -o runtime.zip -d /c/gcc; \
+  c:\git\usr\bin\unzip.exe -q -o binutils.zip -d /c/gcc"; \
+  \
+  Write-Host INFO: Removing interim files; \
+  Remove-Item *.zip; \
+  Remove-Item go.msi; \
+  Remove-Item gitsetup.exe; \
+  \
+  Write-Host INFO: Cloning and installing RSRC; \
+  c:\git\bin\git.exe clone https://github.com/akavel/rsrc.git c:\go\src\github.com\akavel\rsrc; \
+  cd \go\src\github.com\akavel\rsrc; c:\git\bin\git.exe checkout -q %RSRC_COMMIT%; c:\go\bin\go.exe install -v; \
+  \
+  Write-Host INFO: Completed
+  
+# Prepare for building
+COPY . /go/src/github.com/docker/docker
+
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 00000000..8f3fee62
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,191 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        https://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   Copyright 2013-2016 Docker, Inc.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       https://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/MAINTAINERS b/MAINTAINERS
new file mode 100644
index 00000000..802e288a
--- /dev/null
+++ b/MAINTAINERS
@@ -0,0 +1,255 @@
+# Docker maintainers file
+#
+# This file describes who runs the docker/docker project and how.
+# This is a living document - if you see something out of date or missing, speak up!
+#
+# It is structured to be consumable by both humans and programs.
+# To extract its contents programmatically, use any TOML-compliant
+# parser.
+#
+# This file is compiled into the MAINTAINERS file in docker/opensource.
+#
+[Org]
+
+	[Org."Core maintainers"]
+
+	# The Core maintainers are the ghostbusters of the project: when there's a problem others
+	# can't solve, they show up and fix it with bizarre devices and weaponry.
+	# They have final say on technical implementation and coding style.
+	# They are ultimately responsible for quality in all its forms: usability polish,
+	# bugfixes, performance, stability, etc. When ownership  can cleanly be passed to
+	# a subsystem, they are responsible for doing so and holding the
+	# subsystem maintainers accountable. If ownership is unclear, they are the de facto owners.
+
+	# For each release (including minor releases), a "release captain" is assigned from the
+	# pool of core maintainers. Rotation is encouraged across all maintainers, to ensure
+	# the release process is clear and up-to-date.
+
+		people = [
+			"aaronlehmann",
+			"calavera",
+			"coolljt0725",
+			"cpuguy83",
+			"crosbymichael",
+			"duglin",
+			"estesp",
+			"icecrime",
+			"jhowardmsft",
+			"jfrazelle",
+			"lk4d4",
+			"mhbauer",
+			"runcom",
+			"tianon",
+			"tibor",
+			"tonistiigi",
+			"unclejack",
+			"vbatts",
+			"vdemeester"
+		]
+
+	[Org."Docs maintainers"]
+
+	# TODO Describe the docs maintainers role.
+
+		people = [
+			"jamtur01",
+			"moxiegirl",
+			"sven",
+			"thajeztah"
+		]
+
+	[Org.Curators]
+
+	# The curators help ensure that incoming issues and pull requests are properly triaged and
+	# that our various contribution and reviewing processes are respected. With their knowledge of
+	# the repository activity, they can also guide contributors to relevant material or
+	# discussions.
+	#
+	# They are neither code nor docs reviewers, so they are never expected to merge. They can
+	# however:
+	# - close an issue or pull request when it's an exact duplicate
+	# - close an issue or pull request when it's inappropriate or off-topic
+
+		people = [
+			"programmerq",
+			"thajeztah"
+		]
+
+	[Org.Alumni]
+
+	# This list contains maintainers that are no longer active on the project.
+	# It is thanks to these people that the project has become what it is today.
+	# Thank you!
+
+		people = [
+			# As a maintainer, Erik was responsible for the "builder", and
+			# started the first designs for the new networking model in
+			# Docker. Erik is now working on all kinds of plugins for Docker
+			# (https://github.com/contiv) and various open source projects
+			# in his own repository https://github.com/erikh. You may
+			# still stumble into him in our issue tracker, or on IRC.
+			"erikh",
+
+			# Victor is one of the earliest contributors to Docker, having worked on the
+			# project when it was still "dotCloud" in April 2013. He's been responsible
+			# for multiple releases (https://github.com/docker/docker/pulls?q=is%3Apr+bump+in%3Atitle+author%3Avieux),
+			# and up until today (2015), our number 2 contributor. Although he's no longer
+			# a maintainer for the Docker "Engine", he's still actively involved in other
+			# Docker projects, and most likely can be found in the Docker Swarm repository,
+			# for which he's a core maintainer.
+			"vieux",
+
+			# Vishnu became a maintainer to help out on the daemon codebase and
+			# libcontainer integration. He's currently involved in the
+			# Open Containers Initiative, working on the specifications,
+			# besides his work on cAdvisor and Kubernetes for Google.
+			"vishh"
+		]
+
+[people]
+
+# A reference list of all people associated with the project.
+# All other sections should refer to people by their canonical key
+# in the people section.
+
+	# ADD YOURSELF HERE IN ALPHABETICAL ORDER
+
+	[people.aaronlehmann]
+	Name = "Aaron Lehmann"
+	Email = "aaron.lehmann@docker.com"
+	GitHub = "aaronlehmann"
+
+	[people.calavera]
+	Name = "David Calavera"
+	Email = "david.calavera@gmail.com"
+	GitHub = "calavera"
+
+	[people.coolljt0725]
+	Name = "Lei Jitang"
+	Email = "leijitang@huawei.com"
+	GitHub = "coolljt0725"
+
+	[people.cpuguy83]
+	Name = "Brian Goff"
+	Email = "cpuguy83@gmail.com"
+	Github = "cpuguy83"
+
+	[people.crosbymichael]
+	Name = "Michael Crosby"
+	Email = "crosbymichael@gmail.com"
+	GitHub = "crosbymichael"
+
+	[people.duglin]
+	Name = "Doug Davis"
+	Email = "dug@us.ibm.com"
+	GitHub = "duglin"
+
+	[people.erikh]
+	Name = "Erik Hollensbe"
+	Email = "erik@docker.com"
+	GitHub = "erikh"
+
+	[people.estesp]
+	Name = "Phil Estes"
+	Email = "estesp@linux.vnet.ibm.com"
+	GitHub = "estesp"
+
+	[people.icecrime]
+	Name = "Arnaud Porterie"
+	Email = "arnaud@docker.com"
+	GitHub = "icecrime"
+
+	[people.jamtur01]
+	Name = "James Turnbull"
+	Email = "james@lovedthanlost.net"
+	GitHub = "jamtur01"
+
+	[people.jhowardmsft]
+	Name = "John Howard"
+	Email = "jhoward@microsoft.com"
+	GitHub = "jhowardmsft"
+
+	[people.jfrazelle]
+	Name = "Jessie Frazelle"
+	Email = "jess@linux.com"
+	GitHub = "jfrazelle"
+
+	[people.lk4d4]
+	Name = "Alexander Morozov"
+	Email = "lk4d4@docker.com"
+	GitHub = "lk4d4"
+
+	[people.mhbauer]
+	Name = "Morgan Bauer"
+	Email = "mbauer@us.ibm.com"
+	GitHub = "mhbauer"
+
+	[people.moxiegirl]
+	Name = "Mary Anthony"
+	Email = "mary.anthony@docker.com"
+	GitHub = "moxiegirl"
+
+	[people.programmerq]
+	Name = "Jeff Anderson"
+	Email = "jeff@docker.com"
+	GitHub = "programmerq"
+
+	[people.runcom]
+	Name = "Antonio Murdaca"
+	Email = "runcom@redhat.com"
+	GitHub = "runcom"
+
+	[people.shykes]
+	Name = "Solomon Hykes"
+	Email = "solomon@docker.com"
+	GitHub = "shykes"
+
+	[people.sven]
+	Name = "Sven Dowideit"
+	Email = "SvenDowideit@home.org.au"
+	GitHub = "SvenDowideit"
+
+	[people.thajeztah]
+	Name = "Sebastiaan van Stijn"
+	Email = "github@gone.nl"
+	GitHub = "thaJeztah"
+
+	[people.tianon]
+	Name = "Tianon Gravi"
+	Email = "admwiggin@gmail.com"
+	GitHub = "tianon"
+
+	[people.tibor]
+	Name = "Tibor Vass"
+	Email = "tibor@docker.com"
+	GitHub = "tiborvass"
+
+	[people.tonistiigi]
+	Name = "Tõnis Tiigi"
+	Email = "tonis@docker.com"
+	GitHub = "tonistiigi"
+
+	[people.unclejack]
+	Name = "Cristian Staretu"
+	Email = "cristian.staretu@gmail.com"
+	GitHub = "unclejack"
+
+	[people.vbatts]
+	Name = "Vincent Batts"
+	Email = "vbatts@redhat.com"
+	GitHub = "vbatts"
+
+	[people.vdemeester]
+	Name = "Vincent Demeester"
+	Email = "vincent@sbr.pm"
+	GitHub = "vdemeester"
+
+	[people.vieux]
+	Name = "Victor Vieux"
+	Email = "vieux@docker.com"
+	GitHub = "vieux"
+
+	[people.vishh]
+	Name = "Vishnu Kannan"
+	Email = "vishnuk@google.com"
+	GitHub = "vishh"
diff --git a/Makefile b/Makefile
new file mode 100644
index 00000000..e0ba358c
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,106 @@
+.PHONY: all binary build cross default docs docs-build docs-shell shell test test-docker-py test-integration-cli test-unit validate
+
+# get OS/Arch of docker engine
+DOCKER_OSARCH := $(shell bash -c 'source hack/make/.detect-daemon-osarch && echo $${DOCKER_ENGINE_OSARCH:-$$DOCKER_CLIENT_OSARCH}')
+DOCKERFILE := $(shell bash -c 'source hack/make/.detect-daemon-osarch && echo $${DOCKERFILE}')
+
+# env vars passed through directly to Docker's build scripts
+# to allow things like `make DOCKER_CLIENTONLY=1 binary` easily
+# `docs/sources/contributing/devenvironment.md ` and `project/PACKAGERS.md` have some limited documentation of some of these
+DOCKER_ENVS := \
+	-e BUILDFLAGS \
+	-e KEEPBUNDLE \
+	-e DOCKER_BUILD_GOGC \
+	-e DOCKER_BUILD_PKGS \
+	-e DOCKER_CLIENTONLY \
+	-e DOCKER_DEBUG \
+	-e DOCKER_EXPERIMENTAL \
+	-e DOCKER_GRAPHDRIVER \
+	-e DOCKER_INCREMENTAL_BINARY \
+	-e DOCKER_REMAP_ROOT \
+	-e DOCKER_STORAGE_OPTS \
+	-e DOCKER_USERLANDPROXY \
+	-e TESTDIRS \
+	-e TESTFLAGS \
+	-e TIMEOUT
+# note: we _cannot_ add "-e DOCKER_BUILDTAGS" here because even if it's unset in the shell, that would shadow the "ENV DOCKER_BUILDTAGS" set in our Dockerfile, which is very important for our official builds
+
+# to allow `make BIND_DIR=. shell` or `make BIND_DIR= test`
+# (default to no bind mount if DOCKER_HOST is set)
+# note: BINDDIR is supported for backwards-compatibility here
+BIND_DIR := $(if $(BINDDIR),$(BINDDIR),$(if $(DOCKER_HOST),,bundles))
+DOCKER_MOUNT := $(if $(BIND_DIR),-v "$(CURDIR)/$(BIND_DIR):/go/src/github.com/docker/docker/$(BIND_DIR)")
+
+# This allows the test suite to be able to run without worrying about the underlying fs used by the container running the daemon (e.g. aufs-on-aufs), so long as the host running the container is running a supported fs.
+# The volume will be cleaned up when the container is removed due to `--rm`.
+# Note that `BIND_DIR` will already be set to `bundles` if `DOCKER_HOST` is not set (see above BIND_DIR line), in such case this will do nothing since `DOCKER_MOUNT` will already be set.
+DOCKER_MOUNT := $(if $(DOCKER_MOUNT),$(DOCKER_MOUNT),-v "/go/src/github.com/docker/docker/bundles")
+
+GIT_BRANCH := $(shell git rev-parse --abbrev-ref HEAD 2>/dev/null)
+DOCKER_IMAGE := docker-dev$(if $(GIT_BRANCH),:$(GIT_BRANCH))
+DOCKER_DOCS_IMAGE := docker-docs$(if $(GIT_BRANCH),:$(GIT_BRANCH))
+
+DOCKER_FLAGS := docker run --rm -i --privileged $(DOCKER_ENVS) $(DOCKER_MOUNT)
+
+# if this session isn't interactive, then we don't want to allocate a
+# TTY, which would fail, but if it is interactive, we do want to attach
+# so that the user can send e.g. ^C through.
+INTERACTIVE := $(shell [ -t 0 ] && echo 1 || echo 0)
+ifeq ($(INTERACTIVE), 1)
+	DOCKER_FLAGS += -t
+endif
+
+DOCKER_RUN_DOCKER := $(DOCKER_FLAGS) "$(DOCKER_IMAGE)"
+
+default: binary
+
+all: build
+	$(DOCKER_RUN_DOCKER) hack/make.sh
+
+binary: build
+	$(DOCKER_RUN_DOCKER) hack/make.sh binary
+
+build: bundles
+	docker build ${DOCKER_BUILD_ARGS} -t "$(DOCKER_IMAGE)" -f "$(DOCKERFILE)" .
+
+bundles:
+	mkdir bundles
+
+cross: build
+	$(DOCKER_RUN_DOCKER) hack/make.sh dynbinary binary cross
+
+win: build
+	$(DOCKER_RUN_DOCKER) hack/make.sh win
+
+tgz: build
+	$(DOCKER_RUN_DOCKER) hack/make.sh dynbinary binary cross tgz
+
+deb: build
+	$(DOCKER_RUN_DOCKER) hack/make.sh dynbinary build-deb
+
+docs:
+	$(MAKE) -C docs docs
+
+gccgo: build
+	$(DOCKER_RUN_DOCKER) hack/make.sh gccgo
+
+rpm: build
+	$(DOCKER_RUN_DOCKER) hack/make.sh dynbinary build-rpm
+
+shell: build
+	$(DOCKER_RUN_DOCKER) bash
+
+test: build
+	$(DOCKER_RUN_DOCKER) hack/make.sh dynbinary cross test-unit test-integration-cli test-docker-py
+
+test-docker-py: build
+	$(DOCKER_RUN_DOCKER) hack/make.sh dynbinary test-docker-py
+
+test-integration-cli: build
+	$(DOCKER_RUN_DOCKER) hack/make.sh dynbinary test-integration-cli
+
+test-unit: build
+	$(DOCKER_RUN_DOCKER) hack/make.sh test-unit
+
+validate: build
+	$(DOCKER_RUN_DOCKER) hack/make.sh validate-dco validate-default-seccomp validate-gofmt validate-pkg validate-lint validate-test validate-toml validate-vet validate-vendor
diff --git a/NOTICE b/NOTICE
new file mode 100644
index 00000000..8a37c1c7
--- /dev/null
+++ b/NOTICE
@@ -0,0 +1,19 @@
+Docker
+Copyright 2012-2016 Docker, Inc.
+
+This product includes software developed at Docker, Inc. (https://www.docker.com).
+
+This product contains software (https://github.com/kr/pty) developed
+by Keith Rarick, licensed under the MIT License.
+
+The following is courtesy of our legal counsel:
+
+
+Use and transfer of Docker may be subject to certain restrictions by the
+United States and other governments.
+It is your responsibility to ensure that your use and/or transfer does not
+violate applicable laws.
+
+For more information, please see https://www.bis.doc.gov
+
+See also https://www.apache.org/dev/crypto.html and/or seek legal counsel.
diff --git a/README.md b/README.md
new file mode 100644
index 00000000..aa9cc0ea
--- /dev/null
+++ b/README.md
@@ -0,0 +1,301 @@
+Docker: the container engine [![Release](https://img.shields.io/github/release/docker/docker.svg)](https://github.com/docker/docker/releases/latest)
+============================
+
+Docker is an open source project to pack, ship and run any application
+as a lightweight container.
+
+Docker containers are both *hardware-agnostic* and *platform-agnostic*.
+This means they can run anywhere, from your laptop to the largest
+cloud compute instance and everything in between - and they don't require
+you to use a particular language, framework or packaging system. That
+makes them great building blocks for deploying and scaling web apps,
+databases, and backend services without depending on a particular stack
+or provider.
+
+Docker began as an open-source implementation of the deployment engine which
+powers [dotCloud](https://www.dotcloud.com), a popular Platform-as-a-Service.
+It benefits directly from the experience accumulated over several years
+of large-scale operation and support of hundreds of thousands of
+applications and databases.
+
+![](docs/static_files/docker-logo-compressed.png "Docker")
+
+## Security Disclosure
+
+Security is very important to us. If you have any issue regarding security, 
+please disclose the information responsibly by sending an email to 
+security@docker.com and not by creating a github issue.
+
+## Better than VMs
+
+A common method for distributing applications and sandboxing their
+execution is to use virtual machines, or VMs. Typical VM formats are
+VMware's vmdk, Oracle VirtualBox's vdi, and Amazon EC2's ami. In theory
+these formats should allow every developer to automatically package
+their application into a "machine" for easy distribution and deployment.
+In practice, that almost never happens, for a few reasons:
+
+  * *Size*: VMs are very large which makes them impractical to store
+     and transfer.
+  * *Performance*: running VMs consumes significant CPU and memory,
+    which makes them impractical in many scenarios, for example local
+    development of multi-tier applications, and large-scale deployment
+    of cpu and memory-intensive applications on large numbers of
+    machines.
+  * *Portability*: competing VM environments don't play well with each
+     other. Although conversion tools do exist, they are limited and
+     add even more overhead.
+  * *Hardware-centric*: VMs were designed with machine operators in
+    mind, not software developers. As a result, they offer very
+    limited tooling for what developers need most: building, testing
+    and running their software. For example, VMs offer no facilities
+    for application versioning, monitoring, configuration, logging or
+    service discovery.
+
+By contrast, Docker relies on a different sandboxing method known as
+*containerization*. Unlike traditional virtualization, containerization
+takes place at the kernel level. Most modern operating system kernels
+now support the primitives necessary for containerization, including
+Linux with [openvz](https://openvz.org),
+[vserver](http://linux-vserver.org) and more recently
+[lxc](https://linuxcontainers.org/), Solaris with
+[zones](https://docs.oracle.com/cd/E26502_01/html/E29024/preface-1.html#scrolltoc),
+and FreeBSD with
+[Jails](https://www.freebsd.org/doc/handbook/jails.html).
+
+Docker builds on top of these low-level primitives to offer developers a
+portable format and runtime environment that solves all four problems.
+Docker containers are small (and their transfer can be optimized with
+layers), they have basically zero memory and cpu overhead, they are
+completely portable, and are designed from the ground up with an
+application-centric design.
+
+Perhaps best of all, because Docker operates at the OS level, it can still be
+run inside a VM!
+
+## Plays well with others
+
+Docker does not require you to buy into a particular programming
+language, framework, packaging system, or configuration language.
+
+Is your application a Unix process? Does it use files, tcp connections,
+environment variables, standard Unix streams and command-line arguments
+as inputs and outputs? Then Docker can run it.
+
+Can your application's build be expressed as a sequence of such
+commands? Then Docker can build it.
+
+## Escape dependency hell
+
+A common problem for developers is the difficulty of managing all
+their application's dependencies in a simple and automated way.
+
+This is usually difficult for several reasons:
+
+  * *Cross-platform dependencies*. Modern applications often depend on
+    a combination of system libraries and binaries, language-specific
+    packages, framework-specific modules, internal components
+    developed for another project, etc. These dependencies live in
+    different "worlds" and require different tools - these tools
+    typically don't work well with each other, requiring awkward
+    custom integrations.
+
+  * *Conflicting dependencies*. Different applications may depend on
+    different versions of the same dependency. Packaging tools handle
+    these situations with various degrees of ease - but they all
+    handle them in different and incompatible ways, which again forces
+    the developer to do extra work.
+
+  * *Custom dependencies*. A developer may need to prepare a custom
+    version of their application's dependency. Some packaging systems
+    can handle custom versions of a dependency, others can't - and all
+    of them handle it differently.
+
+
+Docker solves the problem of dependency hell by giving the developer a simple
+way to express *all* their application's dependencies in one place, while
+streamlining the process of assembling them. If this makes you think of
+[XKCD 927](https://xkcd.com/927/), don't worry. Docker doesn't
+*replace* your favorite packaging systems. It simply orchestrates
+their use in a simple and repeatable way. How does it do that? With
+layers.
+
+Docker defines a build as running a sequence of Unix commands, one
+after the other, in the same container. Build commands modify the
+contents of the container (usually by installing new files on the
+filesystem), the next command modifies it some more, etc. Since each
+build command inherits the result of the previous commands, the
+*order* in which the commands are executed expresses *dependencies*.
+
+Here's a typical Docker build process:
+
+```bash
+FROM ubuntu:12.04
+RUN apt-get update && apt-get install -y python python-pip curl
+RUN curl -sSL https://github.com/shykes/helloflask/archive/master.tar.gz | tar -xzv
+RUN cd helloflask-master && pip install -r requirements.txt
+```
+
+Note that Docker doesn't care *how* dependencies are built - as long
+as they can be built by running a Unix command in a container.
+
+
+Getting started
+===============
+
+Docker can be installed either on your computer for building applications or
+on servers for running them. To get started, [check out the installation
+instructions in the
+documentation](https://docs.docker.com/engine/installation/).
+
+We also offer an [interactive tutorial](https://www.docker.com/tryit/)
+for quickly learning the basics of using Docker.
+
+Usage examples
+==============
+
+Docker can be used to run short-lived commands, long-running daemons
+(app servers, databases, etc.), interactive shell sessions, etc.
+
+You can find a [list of real-world
+examples](https://docs.docker.com/engine/examples/) in the
+documentation.
+
+Under the hood
+--------------
+
+Under the hood, Docker is built on the following components:
+
+* The
+  [cgroups](https://www.kernel.org/doc/Documentation/cgroup-v1/cgroups.txt)
+  and
+  [namespaces](http://man7.org/linux/man-pages/man7/namespaces.7.html)
+  capabilities of the Linux kernel
+* The [Go](https://golang.org) programming language
+* The [Docker Image Specification](https://github.com/docker/docker/blob/master/image/spec/v1.md)
+* The [Libcontainer Specification](https://github.com/opencontainers/runc/blob/master/libcontainer/SPEC.md)
+
+Contributing to Docker [![GoDoc](https://godoc.org/github.com/docker/docker?status.svg)](https://godoc.org/github.com/docker/docker)
+======================
+
+| **Master** (Linux) | **Experimental** (linux) | **Windows** | **FreeBSD** |
+|------------------|----------------------|---------|---------|
+| [![Jenkins Build Status](https://jenkins.dockerproject.org/view/Docker/job/Docker%20Master/badge/icon)](https://jenkins.dockerproject.org/view/Docker/job/Docker%20Master/) | [![Jenkins Build Status](https://jenkins.dockerproject.org/view/Docker/job/Docker%20Master%20%28experimental%29/badge/icon)](https://jenkins.dockerproject.org/view/Docker/job/Docker%20Master%20%28experimental%29/) | [![Build Status](http://jenkins.dockerproject.org/job/Docker%20Master%20(windows)/badge/icon)](http://jenkins.dockerproject.org/job/Docker%20Master%20(windows)/) | [![Build Status](http://jenkins.dockerproject.org/job/Docker%20Master%20(freebsd)/badge/icon)](http://jenkins.dockerproject.org/job/Docker%20Master%20(freebsd)/) |
+
+Want to hack on Docker? Awesome! We have [instructions to help you get
+started contributing code or documentation](https://docs.docker.com/opensource/project/who-written-for/).
+
+These instructions are probably not perfect, please let us know if anything
+feels wrong or incomplete. Better yet, submit a PR and improve them yourself.
+
+Getting the development builds
+==============================
+
+Want to run Docker from a master build? You can download 
+master builds at [master.dockerproject.org](https://master.dockerproject.org). 
+They are updated with each commit merged into the master branch.
+
+Don't know how to use that super cool new feature in the master build? Check
+out the master docs at
+[docs.master.dockerproject.org](http://docs.master.dockerproject.org).
+
+How the project is run
+======================
+
+Docker is a very, very active project. If you want to learn more about how it is run,
+or want to get more involved, the best place to start is [the project directory](https://github.com/docker/docker/tree/master/project).
+
+We are always open to suggestions on process improvements, and are always looking for more maintainers.
+
+### Talking to other Docker users and contributors
+
+<table class="tg">
+  <col width="45%">
+  <col width="65%">
+  <tr>
+    <td>Internet&nbsp;Relay&nbsp;Chat&nbsp;(IRC)</td>
+    <td>
+      <p>
+        IRC is a direct line to our most knowledgeable Docker users; we have
+        both the  <code>#docker</code> and <code>#docker-dev</code> group on
+        <strong>irc.freenode.net</strong>.
+        IRC is a rich chat protocol but it can overwhelm new users. You can search
+        <a href="https://botbot.me/freenode/docker/#" target="_blank">our chat archives</a>.
+      </p>
+      Read our <a href="https://docs.docker.com/project/get-help/#irc-quickstart" target="_blank">IRC quickstart guide</a> for an easy way to get started.
+    </td>
+  </tr>
+  <tr>
+    <td>Google Groups</td>
+    <td>
+      There are two groups.
+      <a href="https://groups.google.com/forum/#!forum/docker-user" target="_blank">Docker-user</a>
+      is for people using Docker containers.
+      The <a href="https://groups.google.com/forum/#!forum/docker-dev" target="_blank">docker-dev</a>
+      group is for contributors and other people contributing to the Docker
+      project.
+      You can join them without an google account by sending an email to e.g. "docker-user+subscribe@googlegroups.com".
+      After receiving the join-request message, you can simply reply to that to confirm the subscribtion.
+    </td>
+  </tr>
+  <tr>
+    <td>Twitter</td>
+    <td>
+      You can follow <a href="https://twitter.com/docker/" target="_blank">Docker's Twitter feed</a>
+      to get updates on our products. You can also tweet us questions or just
+      share blogs or stories.
+    </td>
+  </tr>
+  <tr>
+    <td>Stack Overflow</td>
+    <td>
+      Stack Overflow has over 7000 Docker questions listed. We regularly
+      monitor <a href="https://stackoverflow.com/search?tab=newest&q=docker" target="_blank">Docker questions</a>
+      and so do many other knowledgeable Docker users.
+    </td>
+  </tr>
+</table>
+
+### Legal
+
+*Brought to you courtesy of our legal counsel. For more context,
+please see the [NOTICE](https://github.com/docker/docker/blob/master/NOTICE) document in this repo.*
+
+Use and transfer of Docker may be subject to certain restrictions by the
+United States and other governments.
+
+It is your responsibility to ensure that your use and/or transfer does not
+violate applicable laws.
+
+For more information, please see https://www.bis.doc.gov
+
+
+Licensing
+=========
+Docker is licensed under the Apache License, Version 2.0. See
+[LICENSE](https://github.com/docker/docker/blob/master/LICENSE) for the full
+license text.
+
+Other Docker Related Projects
+=============================
+There are a number of projects under development that are based on Docker's
+core technology. These projects expand the tooling built around the
+Docker platform to broaden its application and utility.
+
+* [Docker Registry](https://github.com/docker/distribution): Registry 
+server for Docker (hosting/delivery of repositories and images)
+* [Docker Machine](https://github.com/docker/machine): Machine management 
+for a container-centric world
+* [Docker Swarm](https://github.com/docker/swarm): A Docker-native clustering 
+system
+* [Docker Compose](https://github.com/docker/compose) (formerly Fig): 
+Define and run multi-container apps
+* [Kitematic](https://github.com/docker/kitematic): The easiest way to use 
+Docker on Mac and Windows
+
+If you know of another project underway that should be listed here, please help 
+us keep this list up-to-date by submitting a PR.
+
+Awesome-Docker
+==============
+You can find more projects, tools and articles related to Docker on the [awesome-docker list](https://github.com/veggiemonk/awesome-docker). Add your project there.
diff --git a/ROADMAP.md b/ROADMAP.md
new file mode 100644
index 00000000..514fdb74
--- /dev/null
+++ b/ROADMAP.md
@@ -0,0 +1,140 @@
+Docker Engine Roadmap
+=====================
+
+### How should I use this document?
+
+This document provides description of items that the project decided to prioritize. This should
+serve as a reference point for Docker contributors to understand where the project is going, and
+help determine if a contribution could be conflicting with some longer terms plans.
+
+The fact that a feature isn't listed here doesn't mean that a patch for it will automatically be
+refused (except for those mentioned as "frozen features" below)! We are always happy to receive
+patches for new cool features we haven't thought about, or didn't judge priority. Please however
+understand that such patches might take longer for us to review.
+
+### How can I help?
+
+Short term objectives are listed in the [wiki](https://github.com/docker/docker/wiki) and described
+in [Issues](https://github.com/docker/docker/issues?q=is%3Aopen+is%3Aissue+label%3Aroadmap). Our
+goal is to split down the workload in such way that anybody can jump in and help. Please comment on
+issues if you want to take it to avoid duplicating effort! Similarly, if a maintainer is already
+assigned on an issue you'd like to participate in, pinging him on IRC or GitHub to offer your help is
+the best way to go.
+
+### How can I add something to the roadmap?
+
+The roadmap process is new to the Docker Engine: we are only beginning to structure and document the
+project objectives. Our immediate goal is to be more transparent, and work with our community to
+focus our efforts on fewer prioritized topics.
+
+We hope to offer in the near future a process allowing anyone to propose a topic to the roadmap, but
+we are not quite there yet. For the time being, the BDFL remains the keeper of the roadmap, and we
+won't be accepting pull requests adding or removing items from this file.
+
+# 1. Features and refactoring
+
+## 1.1 Runtime improvements
+
+We recently introduced [`runC`](https://runc.io) as a standalone low-level tool for container
+execution. The initial goal was to integrate runC as a replacement in the Engine for the traditional
+default libcontainer `execdriver`, but the Engine internals were not ready for this.
+
+As runC continued evolving, and the OCI specification along with it, we created
+[`containerd`](https://containerd.tools/), a daemon to control and monitor multiple `runC`. This is
+the new target for Engine integration, as it can entirely replace the whole `execdriver`
+architecture, and container monitoring along with it.
+
+Docker Engine will rely on a long-running `containerd` companion daemon for all container execution
+related operations. This could open the door in the future for Engine restarts without interrupting
+running containers.
+
+## 1.2 Plugins improvements
+
+Docker Engine 1.7.0 introduced plugin support, initially for the use cases of volumes and networks
+extensions. The plugin infrastructure was kept minimal as we were collecting use cases and real
+world feedback before optimizing for any particular workflow.
+
+In the future, we'd like plugins to become first class citizens, and encourage an ecosystem of
+plugins. This implies in particular making it trivially easy to distribute plugins as containers
+through any Registry instance, as well as solving the commonly heard pain points of plugins needing
+to be treated as somewhat special (being active at all time, started before any other user
+containers, and not as easily dismissed).
+
+## 1.3 Internal decoupling
+
+A lot of work has been done in trying to decouple the Docker Engine's internals. In particular, the
+API implementation has been refactored and ongoing work is happening to move the code to a separate
+repository ([`docker/engine-api`](https://github.com/docker/engine-api)), and the Builder side of
+the daemon is now [fully independent](https://github.com/docker/docker/tree/master/builder) while
+still residing in the same repository.
+
+We are exploring ways to go further with that decoupling, capitalizing on the work introduced by the
+runtime renovation and plugins improvement efforts. Indeed, the combination of `containerd` support
+with the concept of "special" containers opens the door for bootstrapping more Engine internals
+using the same facilities.
+
+## 1.4 Cluster capable Engine
+
+The community has been pushing for a more cluster capable Docker Engine, and a huge effort was spent
+adding features such as multihost networking, and node discovery down at the Engine level. Yet, the
+Engine is currently incapable of taking scheduling decisions alone, and continues relying on Swarm
+for that.
+
+We plan to complete this effort and make Engine fully cluster capable. Multiple instances of the
+Docker Engine being already capable of discovering each other and establish overlay networking for
+their container to communicate, the next step is for a given Engine to gain ability to dispatch work
+to another node in the cluster. This will be introduced in a backward compatible way, such that a
+`docker run` invocation on a particular node remains fully deterministic.
+
+# 2 Frozen features
+
+## 2.1 Docker exec
+
+We won't accept patches expanding the surface of `docker exec`, which we intend to keep as a
+*debugging* feature, as well as being strongly dependent on the Runtime ingredient effort.
+
+## 2.2 Dockerfile syntax
+
+The Dockerfile syntax as we know it is simple, and has proven successful in supporting all our
+[official images](https://github.com/docker-library/official-images). Although this is *not* a
+definitive move, we temporarily won't accept more patches to the Dockerfile syntax for several
+reasons:
+
+  - Long term impact of syntax changes is a sensitive matter that require an amount of attention the
+    volume of Engine codebase and activity today doesn't allow us to provide.
+  - Allowing the Builder to be implemented as a separate utility consuming the Engine's API will
+    open the door for many possibilities, such as offering alternate syntaxes or DSL for existing
+    languages without cluttering the Engine's codebase.
+  - A standalone Builder will also offer the opportunity for a better dedicated group of maintainers
+    to own the Dockerfile syntax and decide collectively on the direction to give it.
+  - Our experience with official images tend to show that no new instruction or syntax expansion is
+    *strictly* necessary for the majority of use cases, and although we are aware many things are
+    still lacking for many, we cannot make it a priority yet for the above reasons.
+
+Again, this is not about saying that the Dockerfile syntax is done, it's about making choices about
+what we want to do first!
+
+## 2.3 Remote Registry Operations
+
+A large amount of work is ongoing in the area of image distribution and provenance. This includes
+moving to the V2 Registry API and heavily refactoring the code that powers these features. The
+desired result is more secure, reliable and easier to use image distribution.
+
+Part of the problem with this part of the code base is the lack of a stable and flexible interface.
+If new features are added that access the registry without solidifying these interfaces, achieving
+feature parity will continue to be elusive. While we get a handle on this situation, we are imposing
+a moratorium on new code that accesses the Registry API in commands that don't already make remote
+calls.
+
+Currently, only the following commands cause interaction with a remote registry:
+
+  - push
+  - pull
+  - run
+  - build
+  - search
+  - login
+
+In the interest of stabilizing the registry access model during this ongoing work, we are not
+accepting additions to other commands that will cause remote interaction with the Registry API. This
+moratorium will lift when the goals of the distribution project have been met.
diff --git a/VENDORING.md b/VENDORING.md
new file mode 100644
index 00000000..c6bb5086
--- /dev/null
+++ b/VENDORING.md
@@ -0,0 +1,45 @@
+# Vendoring policies
+
+This document outlines recommended Vendoring policies for Docker repositories.
+(Example, libnetwork is a Docker repo and logrus is not.)
+
+## Vendoring using tags
+
+Commit ID based vendoring provides little/no information about the updates
+vendored. To fix this, vendors will now require that repositories use annotated
+tags along with commit ids to snapshot commits. Annotated tags by themselves
+are not sufficient, since the same tag can be force updated to reference
+different commits.
+
+Each tag should:
+- Follow Semantic Versioning rules (refer to section on "Semantic Versioning")
+- Have a corresponding entry in the change tracking document.
+
+Each repo should:
+- Have a change tracking document between tags/releases. Ex: CHANGELOG.md,
+github releases file.
+
+The goal here is for consuming repos to be able to use the tag version and
+changelog updates to determine whether the vendoring will cause any  breaking or
+backward incompatible changes. This also means that repos can specify having
+dependency on a package of a specific version or greater up to the next major
+release, without encountering breaking changes.
+
+## Semantic Versioning
+Annotated version tags should follow Schema Versioning policies.
+According to http://semver.org:
+
+"Given a version number MAJOR.MINOR.PATCH, increment the:
+    MAJOR version when you make incompatible API changes,
+    MINOR version when you add functionality in a backwards-compatible manner, and
+    PATCH version when you make backwards-compatible bug fixes.
+Additional labels for pre-release and build metadata are available as extensions
+to the MAJOR.MINOR.PATCH format."
+
+## Vendoring cadence
+In order to avoid huge vendoring changes, it is recommended to have a regular
+cadence for vendoring updates. eg. monthly.
+
+## Pre-merge vendoring tests
+All related repos will be vendored into docker/docker.
+CI on docker/docker should catch any breaking changes involving multiple repos.
diff --git a/VERSION b/VERSION
new file mode 100644
index 00000000..ca717669
--- /dev/null
+++ b/VERSION
@@ -0,0 +1 @@
+1.11.2
diff --git a/api/README.md b/api/README.md
new file mode 100644
index 00000000..453f61a1
--- /dev/null
+++ b/api/README.md
@@ -0,0 +1,5 @@
+This directory contains code pertaining to the Docker API:
+
+ - Used by the docker client when communicating with the docker daemon
+
+ - Used by third party tools wishing to interface with the docker daemon
diff --git a/api/client/attach.go b/api/client/attach.go
new file mode 100644
index 00000000..e89644d6
--- /dev/null
+++ b/api/client/attach.go
@@ -0,0 +1,109 @@
+package client
+
+import (
+	"fmt"
+	"io"
+
+	"golang.org/x/net/context"
+
+	"github.com/Sirupsen/logrus"
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/pkg/signal"
+	"github.com/docker/engine-api/types"
+)
+
+// CmdAttach attaches to a running container.
+//
+// Usage: docker attach [OPTIONS] CONTAINER
+func (cli *DockerCli) CmdAttach(args ...string) error {
+	cmd := Cli.Subcmd("attach", []string{"CONTAINER"}, Cli.DockerCommands["attach"].Description, true)
+	noStdin := cmd.Bool([]string{"-no-stdin"}, false, "Do not attach STDIN")
+	proxy := cmd.Bool([]string{"-sig-proxy"}, true, "Proxy all received signals to the process")
+	detachKeys := cmd.String([]string{"-detach-keys"}, "", "Override the key sequence for detaching a container")
+
+	cmd.Require(flag.Exact, 1)
+
+	cmd.ParseFlags(args, true)
+
+	c, err := cli.client.ContainerInspect(context.Background(), cmd.Arg(0))
+	if err != nil {
+		return err
+	}
+
+	if !c.State.Running {
+		return fmt.Errorf("You cannot attach to a stopped container, start it first")
+	}
+
+	if c.State.Paused {
+		return fmt.Errorf("You cannot attach to a paused container, unpause it first")
+	}
+
+	if err := cli.CheckTtyInput(!*noStdin, c.Config.Tty); err != nil {
+		return err
+	}
+
+	if *detachKeys != "" {
+		cli.configFile.DetachKeys = *detachKeys
+	}
+
+	options := types.ContainerAttachOptions{
+		ContainerID: cmd.Arg(0),
+		Stream:      true,
+		Stdin:       !*noStdin && c.Config.OpenStdin,
+		Stdout:      true,
+		Stderr:      true,
+		DetachKeys:  cli.configFile.DetachKeys,
+	}
+
+	var in io.ReadCloser
+	if options.Stdin {
+		in = cli.in
+	}
+
+	if *proxy && !c.Config.Tty {
+		sigc := cli.forwardAllSignals(options.ContainerID)
+		defer signal.StopCatch(sigc)
+	}
+
+	resp, err := cli.client.ContainerAttach(context.Background(), options)
+	if err != nil {
+		return err
+	}
+	defer resp.Close()
+	if in != nil && c.Config.Tty {
+		if err := cli.setRawTerminal(); err != nil {
+			return err
+		}
+		defer cli.restoreTerminal(in)
+	}
+
+	if c.Config.Tty && cli.isTerminalOut {
+		height, width := cli.getTtySize()
+		// To handle the case where a user repeatedly attaches/detaches without resizing their
+		// terminal, the only way to get the shell prompt to display for attaches 2+ is to artificially
+		// resize it, then go back to normal. Without this, every attach after the first will
+		// require the user to manually resize or hit enter.
+		cli.resizeTtyTo(cmd.Arg(0), height+1, width+1, false)
+
+		// After the above resizing occurs, the call to monitorTtySize below will handle resetting back
+		// to the actual size.
+		if err := cli.monitorTtySize(cmd.Arg(0), false); err != nil {
+			logrus.Debugf("Error monitoring TTY size: %s", err)
+		}
+	}
+
+	if err := cli.holdHijackedConnection(c.Config.Tty, in, cli.out, cli.err, resp); err != nil {
+		return err
+	}
+
+	_, status, err := getExitCode(cli, options.ContainerID)
+	if err != nil {
+		return err
+	}
+	if status != 0 {
+		return Cli.StatusError{StatusCode: status}
+	}
+
+	return nil
+}
diff --git a/api/client/build.go b/api/client/build.go
new file mode 100644
index 00000000..300d0cd9
--- /dev/null
+++ b/api/client/build.go
@@ -0,0 +1,399 @@
+package client
+
+import (
+	"archive/tar"
+	"bufio"
+	"bytes"
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+	"regexp"
+	"runtime"
+
+	"golang.org/x/net/context"
+
+	"github.com/docker/docker/api"
+	"github.com/docker/docker/builder"
+	"github.com/docker/docker/builder/dockerignore"
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/docker/opts"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/fileutils"
+	"github.com/docker/docker/pkg/jsonmessage"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/pkg/progress"
+	"github.com/docker/docker/pkg/streamformatter"
+	"github.com/docker/docker/pkg/urlutil"
+	"github.com/docker/docker/reference"
+	runconfigopts "github.com/docker/docker/runconfig/opts"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/container"
+	"github.com/docker/go-units"
+)
+
+type translatorFunc func(reference.NamedTagged) (reference.Canonical, error)
+
+// CmdBuild builds a new image from the source code at a given path.
+//
+// If '-' is provided instead of a path or URL, Docker will build an image from either a Dockerfile or tar archive read from STDIN.
+//
+// Usage: docker build [OPTIONS] PATH | URL | -
+func (cli *DockerCli) CmdBuild(args ...string) error {
+	cmd := Cli.Subcmd("build", []string{"PATH | URL | -"}, Cli.DockerCommands["build"].Description, true)
+	flTags := opts.NewListOpts(validateTag)
+	cmd.Var(&flTags, []string{"t", "-tag"}, "Name and optionally a tag in the 'name:tag' format")
+	suppressOutput := cmd.Bool([]string{"q", "-quiet"}, false, "Suppress the build output and print image ID on success")
+	noCache := cmd.Bool([]string{"-no-cache"}, false, "Do not use cache when building the image")
+	rm := cmd.Bool([]string{"-rm"}, true, "Remove intermediate containers after a successful build")
+	forceRm := cmd.Bool([]string{"-force-rm"}, false, "Always remove intermediate containers")
+	pull := cmd.Bool([]string{"-pull"}, false, "Always attempt to pull a newer version of the image")
+	dockerfileName := cmd.String([]string{"f", "-file"}, "", "Name of the Dockerfile (Default is 'PATH/Dockerfile')")
+	flMemoryString := cmd.String([]string{"m", "-memory"}, "", "Memory limit")
+	flMemorySwap := cmd.String([]string{"-memory-swap"}, "", "Swap limit equal to memory plus swap: '-1' to enable unlimited swap")
+	flShmSize := cmd.String([]string{"-shm-size"}, "", "Size of /dev/shm, default value is 64MB")
+	flCPUShares := cmd.Int64([]string{"#c", "-cpu-shares"}, 0, "CPU shares (relative weight)")
+	flCPUPeriod := cmd.Int64([]string{"-cpu-period"}, 0, "Limit the CPU CFS (Completely Fair Scheduler) period")
+	flCPUQuota := cmd.Int64([]string{"-cpu-quota"}, 0, "Limit the CPU CFS (Completely Fair Scheduler) quota")
+	flCPUSetCpus := cmd.String([]string{"-cpuset-cpus"}, "", "CPUs in which to allow execution (0-3, 0,1)")
+	flCPUSetMems := cmd.String([]string{"-cpuset-mems"}, "", "MEMs in which to allow execution (0-3, 0,1)")
+	flCgroupParent := cmd.String([]string{"-cgroup-parent"}, "", "Optional parent cgroup for the container")
+	flBuildArg := opts.NewListOpts(runconfigopts.ValidateEnv)
+	cmd.Var(&flBuildArg, []string{"-build-arg"}, "Set build-time variables")
+	isolation := cmd.String([]string{"-isolation"}, "", "Container isolation technology")
+
+	flLabels := opts.NewListOpts(nil)
+	cmd.Var(&flLabels, []string{"-label"}, "Set metadata for an image")
+
+	ulimits := make(map[string]*units.Ulimit)
+	flUlimits := runconfigopts.NewUlimitOpt(&ulimits)
+	cmd.Var(flUlimits, []string{"-ulimit"}, "Ulimit options")
+
+	cmd.Require(flag.Exact, 1)
+
+	// For trusted pull on "FROM <image>" instruction.
+	addTrustedFlags(cmd, true)
+
+	cmd.ParseFlags(args, true)
+
+	var (
+		ctx io.ReadCloser
+		err error
+	)
+
+	specifiedContext := cmd.Arg(0)
+
+	var (
+		contextDir    string
+		tempDir       string
+		relDockerfile string
+		progBuff      io.Writer
+		buildBuff     io.Writer
+	)
+
+	progBuff = cli.out
+	buildBuff = cli.out
+	if *suppressOutput {
+		progBuff = bytes.NewBuffer(nil)
+		buildBuff = bytes.NewBuffer(nil)
+	}
+
+	switch {
+	case specifiedContext == "-":
+		ctx, relDockerfile, err = builder.GetContextFromReader(cli.in, *dockerfileName)
+	case urlutil.IsGitURL(specifiedContext):
+		tempDir, relDockerfile, err = builder.GetContextFromGitURL(specifiedContext, *dockerfileName)
+	case urlutil.IsURL(specifiedContext):
+		ctx, relDockerfile, err = builder.GetContextFromURL(progBuff, specifiedContext, *dockerfileName)
+	default:
+		contextDir, relDockerfile, err = builder.GetContextFromLocalDir(specifiedContext, *dockerfileName)
+	}
+
+	if err != nil {
+		if *suppressOutput && urlutil.IsURL(specifiedContext) {
+			fmt.Fprintln(cli.err, progBuff)
+		}
+		return fmt.Errorf("unable to prepare context: %s", err)
+	}
+
+	if tempDir != "" {
+		defer os.RemoveAll(tempDir)
+		contextDir = tempDir
+	}
+
+	if ctx == nil {
+		// And canonicalize dockerfile name to a platform-independent one
+		relDockerfile, err = archive.CanonicalTarNameForPath(relDockerfile)
+		if err != nil {
+			return fmt.Errorf("cannot canonicalize dockerfile path %s: %v", relDockerfile, err)
+		}
+
+		f, err := os.Open(filepath.Join(contextDir, ".dockerignore"))
+		if err != nil && !os.IsNotExist(err) {
+			return err
+		}
+
+		var excludes []string
+		if err == nil {
+			excludes, err = dockerignore.ReadAll(f)
+			if err != nil {
+				return err
+			}
+		}
+
+		if err := builder.ValidateContextDirectory(contextDir, excludes); err != nil {
+			return fmt.Errorf("Error checking context: '%s'.", err)
+		}
+
+		// If .dockerignore mentions .dockerignore or the Dockerfile
+		// then make sure we send both files over to the daemon
+		// because Dockerfile is, obviously, needed no matter what, and
+		// .dockerignore is needed to know if either one needs to be
+		// removed. The daemon will remove them for us, if needed, after it
+		// parses the Dockerfile. Ignore errors here, as they will have been
+		// caught by validateContextDirectory above.
+		var includes = []string{"."}
+		keepThem1, _ := fileutils.Matches(".dockerignore", excludes)
+		keepThem2, _ := fileutils.Matches(relDockerfile, excludes)
+		if keepThem1 || keepThem2 {
+			includes = append(includes, ".dockerignore", relDockerfile)
+		}
+
+		ctx, err = archive.TarWithOptions(contextDir, &archive.TarOptions{
+			Compression:     archive.Uncompressed,
+			ExcludePatterns: excludes,
+			IncludeFiles:    includes,
+		})
+		if err != nil {
+			return err
+		}
+	}
+
+	var resolvedTags []*resolvedTag
+	if isTrusted() {
+		// Wrap the tar archive to replace the Dockerfile entry with the rewritten
+		// Dockerfile which uses trusted pulls.
+		ctx = replaceDockerfileTarWrapper(ctx, relDockerfile, cli.trustedReference, &resolvedTags)
+	}
+
+	// Setup an upload progress bar
+	progressOutput := streamformatter.NewStreamFormatter().NewProgressOutput(progBuff, true)
+
+	var body io.Reader = progress.NewProgressReader(ctx, progressOutput, 0, "", "Sending build context to Docker daemon")
+
+	var memory int64
+	if *flMemoryString != "" {
+		parsedMemory, err := units.RAMInBytes(*flMemoryString)
+		if err != nil {
+			return err
+		}
+		memory = parsedMemory
+	}
+
+	var memorySwap int64
+	if *flMemorySwap != "" {
+		if *flMemorySwap == "-1" {
+			memorySwap = -1
+		} else {
+			parsedMemorySwap, err := units.RAMInBytes(*flMemorySwap)
+			if err != nil {
+				return err
+			}
+			memorySwap = parsedMemorySwap
+		}
+	}
+
+	var shmSize int64
+	if *flShmSize != "" {
+		shmSize, err = units.RAMInBytes(*flShmSize)
+		if err != nil {
+			return err
+		}
+	}
+
+	options := types.ImageBuildOptions{
+		Context:        body,
+		Memory:         memory,
+		MemorySwap:     memorySwap,
+		Tags:           flTags.GetAll(),
+		SuppressOutput: *suppressOutput,
+		NoCache:        *noCache,
+		Remove:         *rm,
+		ForceRemove:    *forceRm,
+		PullParent:     *pull,
+		Isolation:      container.Isolation(*isolation),
+		CPUSetCPUs:     *flCPUSetCpus,
+		CPUSetMems:     *flCPUSetMems,
+		CPUShares:      *flCPUShares,
+		CPUQuota:       *flCPUQuota,
+		CPUPeriod:      *flCPUPeriod,
+		CgroupParent:   *flCgroupParent,
+		Dockerfile:     relDockerfile,
+		ShmSize:        shmSize,
+		Ulimits:        flUlimits.GetList(),
+		BuildArgs:      runconfigopts.ConvertKVStringsToMap(flBuildArg.GetAll()),
+		AuthConfigs:    cli.retrieveAuthConfigs(),
+		Labels:         runconfigopts.ConvertKVStringsToMap(flLabels.GetAll()),
+	}
+
+	response, err := cli.client.ImageBuild(context.Background(), options)
+	if err != nil {
+		return err
+	}
+	defer response.Body.Close()
+
+	err = jsonmessage.DisplayJSONMessagesStream(response.Body, buildBuff, cli.outFd, cli.isTerminalOut, nil)
+	if err != nil {
+		if jerr, ok := err.(*jsonmessage.JSONError); ok {
+			// If no error code is set, default to 1
+			if jerr.Code == 0 {
+				jerr.Code = 1
+			}
+			if *suppressOutput {
+				fmt.Fprintf(cli.err, "%s%s", progBuff, buildBuff)
+			}
+			return Cli.StatusError{Status: jerr.Message, StatusCode: jerr.Code}
+		}
+	}
+
+	// Windows: show error message about modified file permissions if the
+	// daemon isn't running Windows.
+	if response.OSType != "windows" && runtime.GOOS == "windows" {
+		fmt.Fprintln(cli.err, `SECURITY WARNING: You are building a Docker image from Windows against a non-Windows Docker host. All files and directories added to build context will have '-rwxr-xr-x' permissions. It is recommended to double check and reset permissions for sensitive files and directories.`)
+	}
+
+	// Everything worked so if -q was provided the output from the daemon
+	// should be just the image ID and we'll print that to stdout.
+	if *suppressOutput {
+		fmt.Fprintf(cli.out, "%s", buildBuff)
+	}
+
+	if isTrusted() {
+		// Since the build was successful, now we must tag any of the resolved
+		// images from the above Dockerfile rewrite.
+		for _, resolved := range resolvedTags {
+			if err := cli.tagTrusted(resolved.digestRef, resolved.tagRef); err != nil {
+				return err
+			}
+		}
+	}
+
+	return nil
+}
+
+// validateTag checks if the given image name can be resolved.
+func validateTag(rawRepo string) (string, error) {
+	_, err := reference.ParseNamed(rawRepo)
+	if err != nil {
+		return "", err
+	}
+
+	return rawRepo, nil
+}
+
+var dockerfileFromLinePattern = regexp.MustCompile(`(?i)^[\s]*FROM[ \f\r\t\v]+(?P<image>[^ \f\r\t\v\n#]+)`)
+
+// resolvedTag records the repository, tag, and resolved digest reference
+// from a Dockerfile rewrite.
+type resolvedTag struct {
+	digestRef reference.Canonical
+	tagRef    reference.NamedTagged
+}
+
+// rewriteDockerfileFrom rewrites the given Dockerfile by resolving images in
+// "FROM <image>" instructions to a digest reference. `translator` is a
+// function that takes a repository name and tag reference and returns a
+// trusted digest reference.
+func rewriteDockerfileFrom(dockerfile io.Reader, translator translatorFunc) (newDockerfile []byte, resolvedTags []*resolvedTag, err error) {
+	scanner := bufio.NewScanner(dockerfile)
+	buf := bytes.NewBuffer(nil)
+
+	// Scan the lines of the Dockerfile, looking for a "FROM" line.
+	for scanner.Scan() {
+		line := scanner.Text()
+
+		matches := dockerfileFromLinePattern.FindStringSubmatch(line)
+		if matches != nil && matches[1] != api.NoBaseImageSpecifier {
+			// Replace the line with a resolved "FROM repo@digest"
+			ref, err := reference.ParseNamed(matches[1])
+			if err != nil {
+				return nil, nil, err
+			}
+			ref = reference.WithDefaultTag(ref)
+			if ref, ok := ref.(reference.NamedTagged); ok && isTrusted() {
+				trustedRef, err := translator(ref)
+				if err != nil {
+					return nil, nil, err
+				}
+
+				line = dockerfileFromLinePattern.ReplaceAllLiteralString(line, fmt.Sprintf("FROM %s", trustedRef.String()))
+				resolvedTags = append(resolvedTags, &resolvedTag{
+					digestRef: trustedRef,
+					tagRef:    ref,
+				})
+			}
+		}
+
+		_, err := fmt.Fprintln(buf, line)
+		if err != nil {
+			return nil, nil, err
+		}
+	}
+
+	return buf.Bytes(), resolvedTags, scanner.Err()
+}
+
+// replaceDockerfileTarWrapper wraps the given input tar archive stream and
+// replaces the entry with the given Dockerfile name with the contents of the
+// new Dockerfile. Returns a new tar archive stream with the replaced
+// Dockerfile.
+func replaceDockerfileTarWrapper(inputTarStream io.ReadCloser, dockerfileName string, translator translatorFunc, resolvedTags *[]*resolvedTag) io.ReadCloser {
+	pipeReader, pipeWriter := io.Pipe()
+	go func() {
+		tarReader := tar.NewReader(inputTarStream)
+		tarWriter := tar.NewWriter(pipeWriter)
+
+		defer inputTarStream.Close()
+
+		for {
+			hdr, err := tarReader.Next()
+			if err == io.EOF {
+				// Signals end of archive.
+				tarWriter.Close()
+				pipeWriter.Close()
+				return
+			}
+			if err != nil {
+				pipeWriter.CloseWithError(err)
+				return
+			}
+
+			var content io.Reader = tarReader
+			if hdr.Name == dockerfileName {
+				// This entry is the Dockerfile. Since the tar archive was
+				// generated from a directory on the local filesystem, the
+				// Dockerfile will only appear once in the archive.
+				var newDockerfile []byte
+				newDockerfile, *resolvedTags, err = rewriteDockerfileFrom(content, translator)
+				if err != nil {
+					pipeWriter.CloseWithError(err)
+					return
+				}
+				hdr.Size = int64(len(newDockerfile))
+				content = bytes.NewBuffer(newDockerfile)
+			}
+
+			if err := tarWriter.WriteHeader(hdr); err != nil {
+				pipeWriter.CloseWithError(err)
+				return
+			}
+
+			if _, err := io.Copy(tarWriter, content); err != nil {
+				pipeWriter.CloseWithError(err)
+				return
+			}
+		}
+	}()
+
+	return pipeReader
+}
diff --git a/api/client/cli.go b/api/client/cli.go
new file mode 100644
index 00000000..6c673da4
--- /dev/null
+++ b/api/client/cli.go
@@ -0,0 +1,215 @@
+package client
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"net/http"
+	"os"
+	"runtime"
+
+	"github.com/docker/docker/api"
+	"github.com/docker/docker/cli"
+	"github.com/docker/docker/cliconfig"
+	"github.com/docker/docker/cliconfig/credentials"
+	"github.com/docker/docker/dockerversion"
+	"github.com/docker/docker/opts"
+	"github.com/docker/docker/pkg/term"
+	"github.com/docker/engine-api/client"
+	"github.com/docker/go-connections/sockets"
+	"github.com/docker/go-connections/tlsconfig"
+)
+
+// DockerCli represents the docker command line client.
+// Instances of the client can be returned from NewDockerCli.
+type DockerCli struct {
+	// initializing closure
+	init func() error
+
+	// configFile has the client configuration file
+	configFile *cliconfig.ConfigFile
+	// in holds the input stream and closer (io.ReadCloser) for the client.
+	in io.ReadCloser
+	// out holds the output stream (io.Writer) for the client.
+	out io.Writer
+	// err holds the error stream (io.Writer) for the client.
+	err io.Writer
+	// keyFile holds the key file as a string.
+	keyFile string
+	// inFd holds the file descriptor of the client's STDIN (if valid).
+	inFd uintptr
+	// outFd holds file descriptor of the client's STDOUT (if valid).
+	outFd uintptr
+	// isTerminalIn indicates whether the client's STDIN is a TTY
+	isTerminalIn bool
+	// isTerminalOut indicates whether the client's STDOUT is a TTY
+	isTerminalOut bool
+	// client is the http client that performs all API operations
+	client client.APIClient
+	// state holds the terminal state
+	state *term.State
+}
+
+// Initialize calls the init function that will setup the configuration for the client
+// such as the TLS, tcp and other parameters used to run the client.
+func (cli *DockerCli) Initialize() error {
+	if cli.init == nil {
+		return nil
+	}
+	return cli.init()
+}
+
+// CheckTtyInput checks if we are trying to attach to a container tty
+// from a non-tty client input stream, and if so, returns an error.
+func (cli *DockerCli) CheckTtyInput(attachStdin, ttyMode bool) error {
+	// In order to attach to a container tty, input stream for the client must
+	// be a tty itself: redirecting or piping the client standard input is
+	// incompatible with `docker run -t`, `docker exec -t` or `docker attach`.
+	if ttyMode && attachStdin && !cli.isTerminalIn {
+		return errors.New("cannot enable tty mode on non tty input")
+	}
+	return nil
+}
+
+// PsFormat returns the format string specified in the configuration.
+// String contains columns and format specification, for example {{ID}}\t{{Name}}.
+func (cli *DockerCli) PsFormat() string {
+	return cli.configFile.PsFormat
+}
+
+// ImagesFormat returns the format string specified in the configuration.
+// String contains columns and format specification, for example {{ID}}\t{{Name}}.
+func (cli *DockerCli) ImagesFormat() string {
+	return cli.configFile.ImagesFormat
+}
+
+func (cli *DockerCli) setRawTerminal() error {
+	if cli.isTerminalIn && os.Getenv("NORAW") == "" {
+		state, err := term.SetRawTerminal(cli.inFd)
+		if err != nil {
+			return err
+		}
+		cli.state = state
+	}
+	return nil
+}
+
+func (cli *DockerCli) restoreTerminal(in io.Closer) error {
+	if cli.state != nil {
+		term.RestoreTerminal(cli.inFd, cli.state)
+	}
+	// WARNING: DO NOT REMOVE THE OS CHECK !!!
+	// For some reason this Close call blocks on darwin..
+	// As the client exists right after, simply discard the close
+	// until we find a better solution.
+	if in != nil && runtime.GOOS != "darwin" {
+		return in.Close()
+	}
+	return nil
+}
+
+// NewDockerCli returns a DockerCli instance with IO output and error streams set by in, out and err.
+// The key file, protocol (i.e. unix) and address are passed in as strings, along with the tls.Config. If the tls.Config
+// is set the client scheme will be set to https.
+// The client will be given a 32-second timeout (see https://github.com/docker/docker/pull/8035).
+func NewDockerCli(in io.ReadCloser, out, err io.Writer, clientFlags *cli.ClientFlags) *DockerCli {
+	cli := &DockerCli{
+		in:      in,
+		out:     out,
+		err:     err,
+		keyFile: clientFlags.Common.TrustKey,
+	}
+
+	cli.init = func() error {
+		clientFlags.PostParse()
+		configFile, e := cliconfig.Load(cliconfig.ConfigDir())
+		if e != nil {
+			fmt.Fprintf(cli.err, "WARNING: Error loading config file:%v\n", e)
+		}
+		if !configFile.ContainsAuth() {
+			credentials.DetectDefaultStore(configFile)
+		}
+		cli.configFile = configFile
+
+		host, err := getServerHost(clientFlags.Common.Hosts, clientFlags.Common.TLSOptions)
+		if err != nil {
+			return err
+		}
+
+		customHeaders := cli.configFile.HTTPHeaders
+		if customHeaders == nil {
+			customHeaders = map[string]string{}
+		}
+		customHeaders["User-Agent"] = clientUserAgent()
+
+		verStr := api.DefaultVersion.String()
+		if tmpStr := os.Getenv("DOCKER_API_VERSION"); tmpStr != "" {
+			verStr = tmpStr
+		}
+
+		httpClient, err := newHTTPClient(host, clientFlags.Common.TLSOptions)
+		if err != nil {
+			return err
+		}
+
+		client, err := client.NewClient(host, verStr, httpClient, customHeaders)
+		if err != nil {
+			return err
+		}
+		cli.client = client
+
+		if cli.in != nil {
+			cli.inFd, cli.isTerminalIn = term.GetFdInfo(cli.in)
+		}
+		if cli.out != nil {
+			cli.outFd, cli.isTerminalOut = term.GetFdInfo(cli.out)
+		}
+
+		return nil
+	}
+
+	return cli
+}
+
+func getServerHost(hosts []string, tlsOptions *tlsconfig.Options) (host string, err error) {
+	switch len(hosts) {
+	case 0:
+		host = os.Getenv("DOCKER_HOST")
+	case 1:
+		host = hosts[0]
+	default:
+		return "", errors.New("Please specify only one -H")
+	}
+
+	host, err = opts.ParseHost(tlsOptions != nil, host)
+	return
+}
+
+func newHTTPClient(host string, tlsOptions *tlsconfig.Options) (*http.Client, error) {
+	if tlsOptions == nil {
+		// let the api client configure the default transport.
+		return nil, nil
+	}
+
+	config, err := tlsconfig.Client(*tlsOptions)
+	if err != nil {
+		return nil, err
+	}
+	tr := &http.Transport{
+		TLSClientConfig: config,
+	}
+	proto, addr, _, err := client.ParseHost(host)
+	if err != nil {
+		return nil, err
+	}
+
+	sockets.ConfigureTransport(tr, proto, addr)
+
+	return &http.Client{
+		Transport: tr,
+	}, nil
+}
+
+func clientUserAgent() string {
+	return "Docker-Client/" + dockerversion.Version + " (" + runtime.GOOS + ")"
+}
diff --git a/api/client/client.go b/api/client/client.go
new file mode 100644
index 00000000..4cfce5f6
--- /dev/null
+++ b/api/client/client.go
@@ -0,0 +1,5 @@
+// Package client provides a command-line interface for Docker.
+//
+// Run "docker help SUBCOMMAND" or "docker SUBCOMMAND --help" to see more information on any Docker subcommand, including the full list of options supported for the subcommand.
+// See https://docs.docker.com/installation/ for instructions on installing Docker.
+package client
diff --git a/api/client/commit.go b/api/client/commit.go
new file mode 100644
index 00000000..6bec4297
--- /dev/null
+++ b/api/client/commit.go
@@ -0,0 +1,85 @@
+package client
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/docker/opts"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/reference"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/container"
+)
+
+// CmdCommit creates a new image from a container's changes.
+//
+// Usage: docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
+func (cli *DockerCli) CmdCommit(args ...string) error {
+	cmd := Cli.Subcmd("commit", []string{"CONTAINER [REPOSITORY[:TAG]]"}, Cli.DockerCommands["commit"].Description, true)
+	flPause := cmd.Bool([]string{"p", "-pause"}, true, "Pause container during commit")
+	flComment := cmd.String([]string{"m", "-message"}, "", "Commit message")
+	flAuthor := cmd.String([]string{"a", "-author"}, "", "Author (e.g., \"John Hannibal Smith <hannibal@a-team.com>\")")
+	flChanges := opts.NewListOpts(nil)
+	cmd.Var(&flChanges, []string{"c", "-change"}, "Apply Dockerfile instruction to the created image")
+	// FIXME: --run is deprecated, it will be replaced with inline Dockerfile commands.
+	flConfig := cmd.String([]string{"#-run"}, "", "This option is deprecated and will be removed in a future version in favor of inline Dockerfile-compatible commands")
+	cmd.Require(flag.Max, 2)
+	cmd.Require(flag.Min, 1)
+
+	cmd.ParseFlags(args, true)
+
+	var (
+		name             = cmd.Arg(0)
+		repositoryAndTag = cmd.Arg(1)
+		repositoryName   string
+		tag              string
+	)
+
+	//Check if the given image name can be resolved
+	if repositoryAndTag != "" {
+		ref, err := reference.ParseNamed(repositoryAndTag)
+		if err != nil {
+			return err
+		}
+
+		repositoryName = ref.Name()
+
+		switch x := ref.(type) {
+		case reference.Canonical:
+			return errors.New("cannot commit to digest reference")
+		case reference.NamedTagged:
+			tag = x.Tag()
+		}
+	}
+
+	var config *container.Config
+	if *flConfig != "" {
+		config = &container.Config{}
+		if err := json.Unmarshal([]byte(*flConfig), config); err != nil {
+			return err
+		}
+	}
+
+	options := types.ContainerCommitOptions{
+		ContainerID:    name,
+		RepositoryName: repositoryName,
+		Tag:            tag,
+		Comment:        *flComment,
+		Author:         *flAuthor,
+		Changes:        flChanges.GetAll(),
+		Pause:          *flPause,
+		Config:         config,
+	}
+
+	response, err := cli.client.ContainerCommit(context.Background(), options)
+	if err != nil {
+		return err
+	}
+
+	fmt.Fprintln(cli.out, response.ID)
+	return nil
+}
diff --git a/api/client/cp.go b/api/client/cp.go
new file mode 100644
index 00000000..61005602
--- /dev/null
+++ b/api/client/cp.go
@@ -0,0 +1,298 @@
+package client
+
+import (
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/docker/pkg/archive"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/pkg/system"
+	"github.com/docker/engine-api/types"
+)
+
+type copyDirection int
+
+const (
+	fromContainer copyDirection = (1 << iota)
+	toContainer
+	acrossContainers = fromContainer | toContainer
+)
+
+type cpConfig struct {
+	followLink bool
+}
+
+// CmdCp copies files/folders to or from a path in a container.
+//
+// When copying from a container, if DEST_PATH is '-' the data is written as a
+// tar archive file to STDOUT.
+//
+// When copying to a container, if SRC_PATH is '-' the data is read as a tar
+// archive file from STDIN, and the destination CONTAINER:DEST_PATH, must specify
+// a directory.
+//
+// Usage:
+// 	docker cp CONTAINER:SRC_PATH DEST_PATH|-
+// 	docker cp SRC_PATH|- CONTAINER:DEST_PATH
+func (cli *DockerCli) CmdCp(args ...string) error {
+	cmd := Cli.Subcmd(
+		"cp",
+		[]string{"CONTAINER:SRC_PATH DEST_PATH|-", "SRC_PATH|- CONTAINER:DEST_PATH"},
+		strings.Join([]string{
+			Cli.DockerCommands["cp"].Description,
+			"\nUse '-' as the source to read a tar archive from stdin\n",
+			"and extract it to a directory destination in a container.\n",
+			"Use '-' as the destination to stream a tar archive of a\n",
+			"container source to stdout.",
+		}, ""),
+		true,
+	)
+
+	followLink := cmd.Bool([]string{"L", "-follow-link"}, false, "Always follow symbol link in SRC_PATH")
+
+	cmd.Require(flag.Exact, 2)
+	cmd.ParseFlags(args, true)
+
+	if cmd.Arg(0) == "" {
+		return fmt.Errorf("source can not be empty")
+	}
+	if cmd.Arg(1) == "" {
+		return fmt.Errorf("destination can not be empty")
+	}
+
+	srcContainer, srcPath := splitCpArg(cmd.Arg(0))
+	dstContainer, dstPath := splitCpArg(cmd.Arg(1))
+
+	var direction copyDirection
+	if srcContainer != "" {
+		direction |= fromContainer
+	}
+	if dstContainer != "" {
+		direction |= toContainer
+	}
+
+	cpParam := &cpConfig{
+		followLink: *followLink,
+	}
+
+	switch direction {
+	case fromContainer:
+		return cli.copyFromContainer(srcContainer, srcPath, dstPath, cpParam)
+	case toContainer:
+		return cli.copyToContainer(srcPath, dstContainer, dstPath, cpParam)
+	case acrossContainers:
+		// Copying between containers isn't supported.
+		return fmt.Errorf("copying between containers is not supported")
+	default:
+		// User didn't specify any container.
+		return fmt.Errorf("must specify at least one container source")
+	}
+}
+
+// We use `:` as a delimiter between CONTAINER and PATH, but `:` could also be
+// in a valid LOCALPATH, like `file:name.txt`. We can resolve this ambiguity by
+// requiring a LOCALPATH with a `:` to be made explicit with a relative or
+// absolute path:
+// 	`/path/to/file:name.txt` or `./file:name.txt`
+//
+// This is apparently how `scp` handles this as well:
+// 	http://www.cyberciti.biz/faq/rsync-scp-file-name-with-colon-punctuation-in-it/
+//
+// We can't simply check for a filepath separator because container names may
+// have a separator, e.g., "host0/cname1" if container is in a Docker cluster,
+// so we have to check for a `/` or `.` prefix. Also, in the case of a Windows
+// client, a `:` could be part of an absolute Windows path, in which case it
+// is immediately proceeded by a backslash.
+func splitCpArg(arg string) (container, path string) {
+	if system.IsAbs(arg) {
+		// Explicit local absolute path, e.g., `C:\foo` or `/foo`.
+		return "", arg
+	}
+
+	parts := strings.SplitN(arg, ":", 2)
+
+	if len(parts) == 1 || strings.HasPrefix(parts[0], ".") {
+		// Either there's no `:` in the arg
+		// OR it's an explicit local relative path like `./file:name.txt`.
+		return "", arg
+	}
+
+	return parts[0], parts[1]
+}
+
+func (cli *DockerCli) statContainerPath(containerName, path string) (types.ContainerPathStat, error) {
+	return cli.client.ContainerStatPath(context.Background(), containerName, path)
+}
+
+func resolveLocalPath(localPath string) (absPath string, err error) {
+	if absPath, err = filepath.Abs(localPath); err != nil {
+		return
+	}
+
+	return archive.PreserveTrailingDotOrSeparator(absPath, localPath), nil
+}
+
+func (cli *DockerCli) copyFromContainer(srcContainer, srcPath, dstPath string, cpParam *cpConfig) (err error) {
+	if dstPath != "-" {
+		// Get an absolute destination path.
+		dstPath, err = resolveLocalPath(dstPath)
+		if err != nil {
+			return err
+		}
+	}
+
+	// if client requests to follow symbol link, then must decide target file to be copied
+	var rebaseName string
+	if cpParam.followLink {
+		srcStat, err := cli.statContainerPath(srcContainer, srcPath)
+
+		// If the destination is a symbolic link, we should follow it.
+		if err == nil && srcStat.Mode&os.ModeSymlink != 0 {
+			linkTarget := srcStat.LinkTarget
+			if !system.IsAbs(linkTarget) {
+				// Join with the parent directory.
+				srcParent, _ := archive.SplitPathDirEntry(srcPath)
+				linkTarget = filepath.Join(srcParent, linkTarget)
+			}
+
+			linkTarget, rebaseName = archive.GetRebaseName(srcPath, linkTarget)
+			srcPath = linkTarget
+		}
+
+	}
+
+	content, stat, err := cli.client.CopyFromContainer(context.Background(), srcContainer, srcPath)
+	if err != nil {
+		return err
+	}
+	defer content.Close()
+
+	if dstPath == "-" {
+		// Send the response to STDOUT.
+		_, err = io.Copy(os.Stdout, content)
+
+		return err
+	}
+
+	// Prepare source copy info.
+	srcInfo := archive.CopyInfo{
+		Path:       srcPath,
+		Exists:     true,
+		IsDir:      stat.Mode.IsDir(),
+		RebaseName: rebaseName,
+	}
+
+	preArchive := content
+	if len(srcInfo.RebaseName) != 0 {
+		_, srcBase := archive.SplitPathDirEntry(srcInfo.Path)
+		preArchive = archive.RebaseArchiveEntries(content, srcBase, srcInfo.RebaseName)
+	}
+	// See comments in the implementation of `archive.CopyTo` for exactly what
+	// goes into deciding how and whether the source archive needs to be
+	// altered for the correct copy behavior.
+	return archive.CopyTo(preArchive, srcInfo, dstPath)
+}
+
+func (cli *DockerCli) copyToContainer(srcPath, dstContainer, dstPath string, cpParam *cpConfig) (err error) {
+	if srcPath != "-" {
+		// Get an absolute source path.
+		srcPath, err = resolveLocalPath(srcPath)
+		if err != nil {
+			return err
+		}
+	}
+
+	// In order to get the copy behavior right, we need to know information
+	// about both the source and destination. The API is a simple tar
+	// archive/extract API but we can use the stat info header about the
+	// destination to be more informed about exactly what the destination is.
+
+	// Prepare destination copy info by stat-ing the container path.
+	dstInfo := archive.CopyInfo{Path: dstPath}
+	dstStat, err := cli.statContainerPath(dstContainer, dstPath)
+
+	// If the destination is a symbolic link, we should evaluate it.
+	if err == nil && dstStat.Mode&os.ModeSymlink != 0 {
+		linkTarget := dstStat.LinkTarget
+		if !system.IsAbs(linkTarget) {
+			// Join with the parent directory.
+			dstParent, _ := archive.SplitPathDirEntry(dstPath)
+			linkTarget = filepath.Join(dstParent, linkTarget)
+		}
+
+		dstInfo.Path = linkTarget
+		dstStat, err = cli.statContainerPath(dstContainer, linkTarget)
+	}
+
+	// Ignore any error and assume that the parent directory of the destination
+	// path exists, in which case the copy may still succeed. If there is any
+	// type of conflict (e.g., non-directory overwriting an existing directory
+	// or vice versa) the extraction will fail. If the destination simply did
+	// not exist, but the parent directory does, the extraction will still
+	// succeed.
+	if err == nil {
+		dstInfo.Exists, dstInfo.IsDir = true, dstStat.Mode.IsDir()
+	}
+
+	var (
+		content         io.Reader
+		resolvedDstPath string
+	)
+
+	if srcPath == "-" {
+		// Use STDIN.
+		content = os.Stdin
+		resolvedDstPath = dstInfo.Path
+		if !dstInfo.IsDir {
+			return fmt.Errorf("destination %q must be a directory", fmt.Sprintf("%s:%s", dstContainer, dstPath))
+		}
+	} else {
+		// Prepare source copy info.
+		srcInfo, err := archive.CopyInfoSourcePath(srcPath, cpParam.followLink)
+		if err != nil {
+			return err
+		}
+
+		srcArchive, err := archive.TarResource(srcInfo)
+		if err != nil {
+			return err
+		}
+		defer srcArchive.Close()
+
+		// With the stat info about the local source as well as the
+		// destination, we have enough information to know whether we need to
+		// alter the archive that we upload so that when the server extracts
+		// it to the specified directory in the container we get the desired
+		// copy behavior.
+
+		// See comments in the implementation of `archive.PrepareArchiveCopy`
+		// for exactly what goes into deciding how and whether the source
+		// archive needs to be altered for the correct copy behavior when it is
+		// extracted. This function also infers from the source and destination
+		// info which directory to extract to, which may be the parent of the
+		// destination that the user specified.
+		dstDir, preparedArchive, err := archive.PrepareArchiveCopy(srcArchive, srcInfo, dstInfo)
+		if err != nil {
+			return err
+		}
+		defer preparedArchive.Close()
+
+		resolvedDstPath = dstDir
+		content = preparedArchive
+	}
+
+	options := types.CopyToContainerOptions{
+		ContainerID:               dstContainer,
+		Path:                      resolvedDstPath,
+		Content:                   content,
+		AllowOverwriteDirWithFile: false,
+	}
+
+	return cli.client.CopyToContainer(context.Background(), options)
+}
diff --git a/api/client/create.go b/api/client/create.go
new file mode 100644
index 00000000..cca677f0
--- /dev/null
+++ b/api/client/create.go
@@ -0,0 +1,180 @@
+package client
+
+import (
+	"fmt"
+	"io"
+	"os"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/docker/pkg/jsonmessage"
+	"github.com/docker/docker/reference"
+	"github.com/docker/docker/registry"
+	runconfigopts "github.com/docker/docker/runconfig/opts"
+	"github.com/docker/engine-api/client"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/container"
+	networktypes "github.com/docker/engine-api/types/network"
+)
+
+func (cli *DockerCli) pullImage(image string) error {
+	return cli.pullImageCustomOut(image, cli.out)
+}
+
+func (cli *DockerCli) pullImageCustomOut(image string, out io.Writer) error {
+	ref, err := reference.ParseNamed(image)
+	if err != nil {
+		return err
+	}
+
+	var tag string
+	switch x := reference.WithDefaultTag(ref).(type) {
+	case reference.Canonical:
+		tag = x.Digest().String()
+	case reference.NamedTagged:
+		tag = x.Tag()
+	}
+
+	// Resolve the Repository name from fqn to RepositoryInfo
+	repoInfo, err := registry.ParseRepositoryInfo(ref)
+	if err != nil {
+		return err
+	}
+
+	authConfig := cli.resolveAuthConfig(repoInfo.Index)
+	encodedAuth, err := encodeAuthToBase64(authConfig)
+	if err != nil {
+		return err
+	}
+
+	options := types.ImageCreateOptions{
+		Parent:       ref.Name(),
+		Tag:          tag,
+		RegistryAuth: encodedAuth,
+	}
+
+	responseBody, err := cli.client.ImageCreate(context.Background(), options)
+	if err != nil {
+		return err
+	}
+	defer responseBody.Close()
+
+	return jsonmessage.DisplayJSONMessagesStream(responseBody, out, cli.outFd, cli.isTerminalOut, nil)
+}
+
+type cidFile struct {
+	path    string
+	file    *os.File
+	written bool
+}
+
+func newCIDFile(path string) (*cidFile, error) {
+	if _, err := os.Stat(path); err == nil {
+		return nil, fmt.Errorf("Container ID file found, make sure the other container isn't running or delete %s", path)
+	}
+
+	f, err := os.Create(path)
+	if err != nil {
+		return nil, fmt.Errorf("Failed to create the container ID file: %s", err)
+	}
+
+	return &cidFile{path: path, file: f}, nil
+}
+
+func (cli *DockerCli) createContainer(config *container.Config, hostConfig *container.HostConfig, networkingConfig *networktypes.NetworkingConfig, cidfile, name string) (*types.ContainerCreateResponse, error) {
+	var containerIDFile *cidFile
+	if cidfile != "" {
+		var err error
+		if containerIDFile, err = newCIDFile(cidfile); err != nil {
+			return nil, err
+		}
+		defer containerIDFile.Close()
+	}
+
+	var trustedRef reference.Canonical
+	_, ref, err := reference.ParseIDOrReference(config.Image)
+	if err != nil {
+		return nil, err
+	}
+	if ref != nil {
+		ref = reference.WithDefaultTag(ref)
+
+		if ref, ok := ref.(reference.NamedTagged); ok && isTrusted() {
+			var err error
+			trustedRef, err = cli.trustedReference(ref)
+			if err != nil {
+				return nil, err
+			}
+			config.Image = trustedRef.String()
+		}
+	}
+
+	//create the container
+	response, err := cli.client.ContainerCreate(context.Background(), config, hostConfig, networkingConfig, name)
+
+	//if image not found try to pull it
+	if err != nil {
+		if client.IsErrImageNotFound(err) && ref != nil {
+			fmt.Fprintf(cli.err, "Unable to find image '%s' locally\n", ref.String())
+
+			// we don't want to write to stdout anything apart from container.ID
+			if err = cli.pullImageCustomOut(config.Image, cli.err); err != nil {
+				return nil, err
+			}
+			if ref, ok := ref.(reference.NamedTagged); ok && trustedRef != nil {
+				if err := cli.tagTrusted(trustedRef, ref); err != nil {
+					return nil, err
+				}
+			}
+			// Retry
+			var retryErr error
+			response, retryErr = cli.client.ContainerCreate(context.Background(), config, hostConfig, networkingConfig, name)
+			if retryErr != nil {
+				return nil, retryErr
+			}
+		} else {
+			return nil, err
+		}
+	}
+
+	for _, warning := range response.Warnings {
+		fmt.Fprintf(cli.err, "WARNING: %s\n", warning)
+	}
+	if containerIDFile != nil {
+		if err = containerIDFile.Write(response.ID); err != nil {
+			return nil, err
+		}
+	}
+	return &response, nil
+}
+
+// CmdCreate creates a new container from a given image.
+//
+// Usage: docker create [OPTIONS] IMAGE [COMMAND] [ARG...]
+func (cli *DockerCli) CmdCreate(args ...string) error {
+	cmd := Cli.Subcmd("create", []string{"IMAGE [COMMAND] [ARG...]"}, Cli.DockerCommands["create"].Description, true)
+	addTrustedFlags(cmd, true)
+
+	// These are flags not stored in Config/HostConfig
+	var (
+		flName = cmd.String([]string{"-name"}, "", "Assign a name to the container")
+	)
+
+	config, hostConfig, networkingConfig, cmd, err := runconfigopts.Parse(cmd, args)
+
+	if err != nil {
+		cmd.ReportError(err.Error(), true)
+		os.Exit(1)
+	}
+	if config.Image == "" {
+		cmd.Usage()
+		return nil
+	}
+	response, err := cli.createContainer(config, hostConfig, networkingConfig, hostConfig.ContainerIDFile, *flName)
+	if err != nil {
+		return err
+	}
+	fmt.Fprintf(cli.out, "%s\n", response.ID)
+	return nil
+}
diff --git a/api/client/diff.go b/api/client/diff.go
new file mode 100644
index 00000000..e17768fd
--- /dev/null
+++ b/api/client/diff.go
@@ -0,0 +1,49 @@
+package client
+
+import (
+	"fmt"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/docker/pkg/archive"
+	flag "github.com/docker/docker/pkg/mflag"
+)
+
+// CmdDiff shows changes on a container's filesystem.
+//
+// Each changed file is printed on a separate line, prefixed with a single
+// character that indicates the status of the file: C (modified), A (added),
+// or D (deleted).
+//
+// Usage: docker diff CONTAINER
+func (cli *DockerCli) CmdDiff(args ...string) error {
+	cmd := Cli.Subcmd("diff", []string{"CONTAINER"}, Cli.DockerCommands["diff"].Description, true)
+	cmd.Require(flag.Exact, 1)
+
+	cmd.ParseFlags(args, true)
+
+	if cmd.Arg(0) == "" {
+		return fmt.Errorf("Container name cannot be empty")
+	}
+
+	changes, err := cli.client.ContainerDiff(context.Background(), cmd.Arg(0))
+	if err != nil {
+		return err
+	}
+
+	for _, change := range changes {
+		var kind string
+		switch change.Kind {
+		case archive.ChangeModify:
+			kind = "C"
+		case archive.ChangeAdd:
+			kind = "A"
+		case archive.ChangeDelete:
+			kind = "D"
+		}
+		fmt.Fprintf(cli.out, "%s %s\n", kind, change.Path)
+	}
+
+	return nil
+}
diff --git a/api/client/events.go b/api/client/events.go
new file mode 100644
index 00000000..d2408c19
--- /dev/null
+++ b/api/client/events.go
@@ -0,0 +1,146 @@
+package client
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"sort"
+	"strings"
+	"sync"
+	"time"
+
+	"golang.org/x/net/context"
+
+	"github.com/Sirupsen/logrus"
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/docker/opts"
+	"github.com/docker/docker/pkg/jsonlog"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/engine-api/types"
+	eventtypes "github.com/docker/engine-api/types/events"
+	"github.com/docker/engine-api/types/filters"
+)
+
+// CmdEvents prints a live stream of real time events from the server.
+//
+// Usage: docker events [OPTIONS]
+func (cli *DockerCli) CmdEvents(args ...string) error {
+	cmd := Cli.Subcmd("events", nil, Cli.DockerCommands["events"].Description, true)
+	since := cmd.String([]string{"-since"}, "", "Show all events created since timestamp")
+	until := cmd.String([]string{"-until"}, "", "Stream events until this timestamp")
+	flFilter := opts.NewListOpts(nil)
+	cmd.Var(&flFilter, []string{"f", "-filter"}, "Filter output based on conditions provided")
+	cmd.Require(flag.Exact, 0)
+
+	cmd.ParseFlags(args, true)
+
+	eventFilterArgs := filters.NewArgs()
+
+	// Consolidate all filter flags, and sanity check them early.
+	// They'll get process in the daemon/server.
+	for _, f := range flFilter.GetAll() {
+		var err error
+		eventFilterArgs, err = filters.ParseFlag(f, eventFilterArgs)
+		if err != nil {
+			return err
+		}
+	}
+
+	options := types.EventsOptions{
+		Since:   *since,
+		Until:   *until,
+		Filters: eventFilterArgs,
+	}
+
+	responseBody, err := cli.client.Events(context.Background(), options)
+	if err != nil {
+		return err
+	}
+	defer responseBody.Close()
+
+	return streamEvents(responseBody, cli.out)
+}
+
+// streamEvents decodes prints the incoming events in the provided output.
+func streamEvents(input io.Reader, output io.Writer) error {
+	return decodeEvents(input, func(event eventtypes.Message, err error) error {
+		if err != nil {
+			return err
+		}
+		printOutput(event, output)
+		return nil
+	})
+}
+
+type eventProcessor func(event eventtypes.Message, err error) error
+
+func decodeEvents(input io.Reader, ep eventProcessor) error {
+	dec := json.NewDecoder(input)
+	for {
+		var event eventtypes.Message
+		err := dec.Decode(&event)
+		if err != nil && err == io.EOF {
+			break
+		}
+
+		if procErr := ep(event, err); procErr != nil {
+			return procErr
+		}
+	}
+	return nil
+}
+
+// printOutput prints all types of event information.
+// Each output includes the event type, actor id, name and action.
+// Actor attributes are printed at the end if the actor has any.
+func printOutput(event eventtypes.Message, output io.Writer) {
+	if event.TimeNano != 0 {
+		fmt.Fprintf(output, "%s ", time.Unix(0, event.TimeNano).Format(jsonlog.RFC3339NanoFixed))
+	} else if event.Time != 0 {
+		fmt.Fprintf(output, "%s ", time.Unix(event.Time, 0).Format(jsonlog.RFC3339NanoFixed))
+	}
+
+	fmt.Fprintf(output, "%s %s %s", event.Type, event.Action, event.Actor.ID)
+
+	if len(event.Actor.Attributes) > 0 {
+		var attrs []string
+		var keys []string
+		for k := range event.Actor.Attributes {
+			keys = append(keys, k)
+		}
+		sort.Strings(keys)
+		for _, k := range keys {
+			v := event.Actor.Attributes[k]
+			attrs = append(attrs, fmt.Sprintf("%s=%s", k, v))
+		}
+		fmt.Fprintf(output, " (%s)", strings.Join(attrs, ", "))
+	}
+	fmt.Fprint(output, "\n")
+}
+
+type eventHandler struct {
+	handlers map[string]func(eventtypes.Message)
+	mu       sync.Mutex
+}
+
+func (w *eventHandler) Handle(action string, h func(eventtypes.Message)) {
+	w.mu.Lock()
+	w.handlers[action] = h
+	w.mu.Unlock()
+}
+
+// Watch ranges over the passed in event chan and processes the events based on the
+// handlers created for a given action.
+// To stop watching, close the event chan.
+func (w *eventHandler) Watch(c <-chan eventtypes.Message) {
+	for e := range c {
+		w.mu.Lock()
+		h, exists := w.handlers[e.Action]
+		w.mu.Unlock()
+		if !exists {
+			continue
+		}
+		logrus.Debugf("event handler: received event: %v", e)
+		go h(e)
+	}
+}
diff --git a/api/client/exec.go b/api/client/exec.go
new file mode 100644
index 00000000..520c3a38
--- /dev/null
+++ b/api/client/exec.go
@@ -0,0 +1,166 @@
+package client
+
+import (
+	"fmt"
+	"io"
+
+	"golang.org/x/net/context"
+
+	"github.com/Sirupsen/logrus"
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/pkg/promise"
+	"github.com/docker/engine-api/types"
+)
+
+// CmdExec runs a command in a running container.
+//
+// Usage: docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
+func (cli *DockerCli) CmdExec(args ...string) error {
+	cmd := Cli.Subcmd("exec", []string{"CONTAINER COMMAND [ARG...]"}, Cli.DockerCommands["exec"].Description, true)
+	detachKeys := cmd.String([]string{"-detach-keys"}, "", "Override the key sequence for detaching a container")
+
+	execConfig, err := ParseExec(cmd, args)
+	// just in case the ParseExec does not exit
+	if execConfig.Container == "" || err != nil {
+		return Cli.StatusError{StatusCode: 1}
+	}
+
+	if *detachKeys != "" {
+		cli.configFile.DetachKeys = *detachKeys
+	}
+
+	// Send client escape keys
+	execConfig.DetachKeys = cli.configFile.DetachKeys
+
+	response, err := cli.client.ContainerExecCreate(context.Background(), *execConfig)
+	if err != nil {
+		return err
+	}
+
+	execID := response.ID
+	if execID == "" {
+		fmt.Fprintf(cli.out, "exec ID empty")
+		return nil
+	}
+
+	//Temp struct for execStart so that we don't need to transfer all the execConfig
+	if !execConfig.Detach {
+		if err := cli.CheckTtyInput(execConfig.AttachStdin, execConfig.Tty); err != nil {
+			return err
+		}
+	} else {
+		execStartCheck := types.ExecStartCheck{
+			Detach: execConfig.Detach,
+			Tty:    execConfig.Tty,
+		}
+
+		if err := cli.client.ContainerExecStart(context.Background(), execID, execStartCheck); err != nil {
+			return err
+		}
+		// For now don't print this - wait for when we support exec wait()
+		// fmt.Fprintf(cli.out, "%s\n", execID)
+		return nil
+	}
+
+	// Interactive exec requested.
+	var (
+		out, stderr io.Writer
+		in          io.ReadCloser
+		errCh       chan error
+	)
+
+	if execConfig.AttachStdin {
+		in = cli.in
+	}
+	if execConfig.AttachStdout {
+		out = cli.out
+	}
+	if execConfig.AttachStderr {
+		if execConfig.Tty {
+			stderr = cli.out
+		} else {
+			stderr = cli.err
+		}
+	}
+
+	resp, err := cli.client.ContainerExecAttach(context.Background(), execID, *execConfig)
+	if err != nil {
+		return err
+	}
+	defer resp.Close()
+	if in != nil && execConfig.Tty {
+		if err := cli.setRawTerminal(); err != nil {
+			return err
+		}
+		defer cli.restoreTerminal(in)
+	}
+	errCh = promise.Go(func() error {
+		return cli.holdHijackedConnection(execConfig.Tty, in, out, stderr, resp)
+	})
+
+	if execConfig.Tty && cli.isTerminalIn {
+		if err := cli.monitorTtySize(execID, true); err != nil {
+			fmt.Fprintf(cli.err, "Error monitoring TTY size: %s\n", err)
+		}
+	}
+
+	if err := <-errCh; err != nil {
+		logrus.Debugf("Error hijack: %s", err)
+		return err
+	}
+
+	var status int
+	if _, status, err = getExecExitCode(cli, execID); err != nil {
+		return err
+	}
+
+	if status != 0 {
+		return Cli.StatusError{StatusCode: status}
+	}
+
+	return nil
+}
+
+// ParseExec parses the specified args for the specified command and generates
+// an ExecConfig from it.
+// If the minimal number of specified args is not right or if specified args are
+// not valid, it will return an error.
+func ParseExec(cmd *flag.FlagSet, args []string) (*types.ExecConfig, error) {
+	var (
+		flStdin      = cmd.Bool([]string{"i", "-interactive"}, false, "Keep STDIN open even if not attached")
+		flTty        = cmd.Bool([]string{"t", "-tty"}, false, "Allocate a pseudo-TTY")
+		flDetach     = cmd.Bool([]string{"d", "-detach"}, false, "Detached mode: run command in the background")
+		flUser       = cmd.String([]string{"u", "-user"}, "", "Username or UID (format: <name|uid>[:<group|gid>])")
+		flPrivileged = cmd.Bool([]string{"-privileged"}, false, "Give extended privileges to the command")
+		execCmd      []string
+		container    string
+	)
+	cmd.Require(flag.Min, 2)
+	if err := cmd.ParseFlags(args, true); err != nil {
+		return nil, err
+	}
+	container = cmd.Arg(0)
+	parsedArgs := cmd.Args()
+	execCmd = parsedArgs[1:]
+
+	execConfig := &types.ExecConfig{
+		User:       *flUser,
+		Privileged: *flPrivileged,
+		Tty:        *flTty,
+		Cmd:        execCmd,
+		Container:  container,
+		Detach:     *flDetach,
+	}
+
+	// If -d is not set, attach to everything by default
+	if !*flDetach {
+		execConfig.AttachStdout = true
+		execConfig.AttachStderr = true
+		if *flStdin {
+			execConfig.AttachStdin = true
+		}
+	}
+
+	return execConfig, nil
+}
diff --git a/api/client/exec_test.go b/api/client/exec_test.go
new file mode 100644
index 00000000..1680fa6e
--- /dev/null
+++ b/api/client/exec_test.go
@@ -0,0 +1,130 @@
+package client
+
+import (
+	"fmt"
+	"io/ioutil"
+	"testing"
+
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/engine-api/types"
+)
+
+type arguments struct {
+	args []string
+}
+
+func TestParseExec(t *testing.T) {
+	invalids := map[*arguments]error{
+		&arguments{[]string{"-unknown"}}: fmt.Errorf("flag provided but not defined: -unknown"),
+		&arguments{[]string{"-u"}}:       fmt.Errorf("flag needs an argument: -u"),
+		&arguments{[]string{"--user"}}:   fmt.Errorf("flag needs an argument: --user"),
+	}
+	valids := map[*arguments]*types.ExecConfig{
+		&arguments{
+			[]string{"container", "command"},
+		}: {
+			Container:    "container",
+			Cmd:          []string{"command"},
+			AttachStdout: true,
+			AttachStderr: true,
+		},
+		&arguments{
+			[]string{"container", "command1", "command2"},
+		}: {
+			Container:    "container",
+			Cmd:          []string{"command1", "command2"},
+			AttachStdout: true,
+			AttachStderr: true,
+		},
+		&arguments{
+			[]string{"-i", "-t", "-u", "uid", "container", "command"},
+		}: {
+			User:         "uid",
+			AttachStdin:  true,
+			AttachStdout: true,
+			AttachStderr: true,
+			Tty:          true,
+			Container:    "container",
+			Cmd:          []string{"command"},
+		},
+		&arguments{
+			[]string{"-d", "container", "command"},
+		}: {
+			AttachStdin:  false,
+			AttachStdout: false,
+			AttachStderr: false,
+			Detach:       true,
+			Container:    "container",
+			Cmd:          []string{"command"},
+		},
+		&arguments{
+			[]string{"-t", "-i", "-d", "container", "command"},
+		}: {
+			AttachStdin:  false,
+			AttachStdout: false,
+			AttachStderr: false,
+			Detach:       true,
+			Tty:          true,
+			Container:    "container",
+			Cmd:          []string{"command"},
+		},
+	}
+	for invalid, expectedError := range invalids {
+		cmd := flag.NewFlagSet("exec", flag.ContinueOnError)
+		cmd.ShortUsage = func() {}
+		cmd.SetOutput(ioutil.Discard)
+		_, err := ParseExec(cmd, invalid.args)
+		if err == nil || err.Error() != expectedError.Error() {
+			t.Fatalf("Expected an error [%v] for %v, got %v", expectedError, invalid, err)
+		}
+
+	}
+	for valid, expectedExecConfig := range valids {
+		cmd := flag.NewFlagSet("exec", flag.ContinueOnError)
+		cmd.ShortUsage = func() {}
+		cmd.SetOutput(ioutil.Discard)
+		execConfig, err := ParseExec(cmd, valid.args)
+		if err != nil {
+			t.Fatal(err)
+		}
+		if !compareExecConfig(expectedExecConfig, execConfig) {
+			t.Fatalf("Expected [%v] for %v, got [%v]", expectedExecConfig, valid, execConfig)
+		}
+	}
+}
+
+func compareExecConfig(config1 *types.ExecConfig, config2 *types.ExecConfig) bool {
+	if config1.AttachStderr != config2.AttachStderr {
+		return false
+	}
+	if config1.AttachStdin != config2.AttachStdin {
+		return false
+	}
+	if config1.AttachStdout != config2.AttachStdout {
+		return false
+	}
+	if config1.Container != config2.Container {
+		return false
+	}
+	if config1.Detach != config2.Detach {
+		return false
+	}
+	if config1.Privileged != config2.Privileged {
+		return false
+	}
+	if config1.Tty != config2.Tty {
+		return false
+	}
+	if config1.User != config2.User {
+		return false
+	}
+	if len(config1.Cmd) != len(config2.Cmd) {
+		return false
+	}
+	for index, value := range config1.Cmd {
+		if value != config2.Cmd[index] {
+			return false
+		}
+	}
+	return true
+}
diff --git a/api/client/export.go b/api/client/export.go
new file mode 100644
index 00000000..a1d3ebe7
--- /dev/null
+++ b/api/client/export.go
@@ -0,0 +1,42 @@
+package client
+
+import (
+	"errors"
+	"io"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+)
+
+// CmdExport exports a filesystem as a tar archive.
+//
+// The tar archive is streamed to STDOUT by default or written to a file.
+//
+// Usage: docker export [OPTIONS] CONTAINER
+func (cli *DockerCli) CmdExport(args ...string) error {
+	cmd := Cli.Subcmd("export", []string{"CONTAINER"}, Cli.DockerCommands["export"].Description, true)
+	outfile := cmd.String([]string{"o", "-output"}, "", "Write to a file, instead of STDOUT")
+	cmd.Require(flag.Exact, 1)
+
+	cmd.ParseFlags(args, true)
+
+	if *outfile == "" && cli.isTerminalOut {
+		return errors.New("Cowardly refusing to save to a terminal. Use the -o flag or redirect.")
+	}
+
+	responseBody, err := cli.client.ContainerExport(context.Background(), cmd.Arg(0))
+	if err != nil {
+		return err
+	}
+	defer responseBody.Close()
+
+	if *outfile == "" {
+		_, err := io.Copy(cli.out, responseBody)
+		return err
+	}
+
+	return copyToFile(*outfile, responseBody)
+
+}
diff --git a/api/client/formatter/custom.go b/api/client/formatter/custom.go
new file mode 100644
index 00000000..2bb26a3d
--- /dev/null
+++ b/api/client/formatter/custom.go
@@ -0,0 +1,242 @@
+package formatter
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/api"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/docker/pkg/stringutils"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/go-units"
+)
+
+const (
+	tableKey = "table"
+
+	containerIDHeader  = "CONTAINER ID"
+	imageHeader        = "IMAGE"
+	namesHeader        = "NAMES"
+	commandHeader      = "COMMAND"
+	createdSinceHeader = "CREATED"
+	createdAtHeader    = "CREATED AT"
+	runningForHeader   = "CREATED"
+	statusHeader       = "STATUS"
+	portsHeader        = "PORTS"
+	sizeHeader         = "SIZE"
+	labelsHeader       = "LABELS"
+	imageIDHeader      = "IMAGE ID"
+	repositoryHeader   = "REPOSITORY"
+	tagHeader          = "TAG"
+	digestHeader       = "DIGEST"
+	mountsHeader       = "MOUNTS"
+)
+
+type containerContext struct {
+	baseSubContext
+	trunc bool
+	c     types.Container
+}
+
+func (c *containerContext) ID() string {
+	c.addHeader(containerIDHeader)
+	if c.trunc {
+		return stringid.TruncateID(c.c.ID)
+	}
+	return c.c.ID
+}
+
+func (c *containerContext) Names() string {
+	c.addHeader(namesHeader)
+	names := stripNamePrefix(c.c.Names)
+	if c.trunc {
+		for _, name := range names {
+			if len(strings.Split(name, "/")) == 1 {
+				names = []string{name}
+				break
+			}
+		}
+	}
+	return strings.Join(names, ",")
+}
+
+func (c *containerContext) Image() string {
+	c.addHeader(imageHeader)
+	if c.c.Image == "" {
+		return "<no image>"
+	}
+	if c.trunc {
+		if trunc := stringid.TruncateID(c.c.ImageID); trunc == stringid.TruncateID(c.c.Image) {
+			return trunc
+		}
+	}
+	return c.c.Image
+}
+
+func (c *containerContext) Command() string {
+	c.addHeader(commandHeader)
+	command := c.c.Command
+	if c.trunc {
+		command = stringutils.Truncate(command, 20)
+	}
+	return strconv.Quote(command)
+}
+
+func (c *containerContext) CreatedAt() string {
+	c.addHeader(createdAtHeader)
+	return time.Unix(int64(c.c.Created), 0).String()
+}
+
+func (c *containerContext) RunningFor() string {
+	c.addHeader(runningForHeader)
+	createdAt := time.Unix(int64(c.c.Created), 0)
+	return units.HumanDuration(time.Now().UTC().Sub(createdAt))
+}
+
+func (c *containerContext) Ports() string {
+	c.addHeader(portsHeader)
+	return api.DisplayablePorts(c.c.Ports)
+}
+
+func (c *containerContext) Status() string {
+	c.addHeader(statusHeader)
+	return c.c.Status
+}
+
+func (c *containerContext) Size() string {
+	c.addHeader(sizeHeader)
+	srw := units.HumanSize(float64(c.c.SizeRw))
+	sv := units.HumanSize(float64(c.c.SizeRootFs))
+
+	sf := srw
+	if c.c.SizeRootFs > 0 {
+		sf = fmt.Sprintf("%s (virtual %s)", srw, sv)
+	}
+	return sf
+}
+
+func (c *containerContext) Labels() string {
+	c.addHeader(labelsHeader)
+	if c.c.Labels == nil {
+		return ""
+	}
+
+	var joinLabels []string
+	for k, v := range c.c.Labels {
+		joinLabels = append(joinLabels, fmt.Sprintf("%s=%s", k, v))
+	}
+	return strings.Join(joinLabels, ",")
+}
+
+func (c *containerContext) Label(name string) string {
+	n := strings.Split(name, ".")
+	r := strings.NewReplacer("-", " ", "_", " ")
+	h := r.Replace(n[len(n)-1])
+
+	c.addHeader(h)
+
+	if c.c.Labels == nil {
+		return ""
+	}
+	return c.c.Labels[name]
+}
+
+func (c *containerContext) Mounts() string {
+	c.addHeader(mountsHeader)
+
+	var name string
+	var mounts []string
+	for _, m := range c.c.Mounts {
+		if m.Name == "" {
+			name = m.Source
+		} else {
+			name = m.Name
+		}
+		if c.trunc {
+			name = stringutils.Truncate(name, 15)
+		}
+		mounts = append(mounts, name)
+	}
+	return strings.Join(mounts, ",")
+}
+
+type imageContext struct {
+	baseSubContext
+	trunc  bool
+	i      types.Image
+	repo   string
+	tag    string
+	digest string
+}
+
+func (c *imageContext) ID() string {
+	c.addHeader(imageIDHeader)
+	if c.trunc {
+		return stringid.TruncateID(c.i.ID)
+	}
+	return c.i.ID
+}
+
+func (c *imageContext) Repository() string {
+	c.addHeader(repositoryHeader)
+	return c.repo
+}
+
+func (c *imageContext) Tag() string {
+	c.addHeader(tagHeader)
+	return c.tag
+}
+
+func (c *imageContext) Digest() string {
+	c.addHeader(digestHeader)
+	return c.digest
+}
+
+func (c *imageContext) CreatedSince() string {
+	c.addHeader(createdSinceHeader)
+	createdAt := time.Unix(int64(c.i.Created), 0)
+	return units.HumanDuration(time.Now().UTC().Sub(createdAt))
+}
+
+func (c *imageContext) CreatedAt() string {
+	c.addHeader(createdAtHeader)
+	return time.Unix(int64(c.i.Created), 0).String()
+}
+
+func (c *imageContext) Size() string {
+	c.addHeader(sizeHeader)
+	return units.HumanSize(float64(c.i.Size))
+}
+
+type subContext interface {
+	fullHeader() string
+	addHeader(header string)
+}
+
+type baseSubContext struct {
+	header []string
+}
+
+func (c *baseSubContext) fullHeader() string {
+	if c.header == nil {
+		return ""
+	}
+	return strings.Join(c.header, "\t")
+}
+
+func (c *baseSubContext) addHeader(header string) {
+	if c.header == nil {
+		c.header = []string{}
+	}
+	c.header = append(c.header, strings.ToUpper(header))
+}
+
+func stripNamePrefix(ss []string) []string {
+	for i, s := range ss {
+		ss[i] = s[1:]
+	}
+
+	return ss
+}
diff --git a/api/client/formatter/custom_test.go b/api/client/formatter/custom_test.go
new file mode 100644
index 00000000..6a21f2bc
--- /dev/null
+++ b/api/client/formatter/custom_test.go
@@ -0,0 +1,192 @@
+package formatter
+
+import (
+	"reflect"
+	"strings"
+	"testing"
+	"time"
+
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/engine-api/types"
+)
+
+func TestContainerPsContext(t *testing.T) {
+	containerID := stringid.GenerateRandomID()
+	unix := time.Now().Add(-65 * time.Second).Unix()
+
+	var ctx containerContext
+	cases := []struct {
+		container types.Container
+		trunc     bool
+		expValue  string
+		expHeader string
+		call      func() string
+	}{
+		{types.Container{ID: containerID}, true, stringid.TruncateID(containerID), containerIDHeader, ctx.ID},
+		{types.Container{ID: containerID}, false, containerID, containerIDHeader, ctx.ID},
+		{types.Container{Names: []string{"/foobar_baz"}}, true, "foobar_baz", namesHeader, ctx.Names},
+		{types.Container{Image: "ubuntu"}, true, "ubuntu", imageHeader, ctx.Image},
+		{types.Container{Image: "verylongimagename"}, true, "verylongimagename", imageHeader, ctx.Image},
+		{types.Container{Image: "verylongimagename"}, false, "verylongimagename", imageHeader, ctx.Image},
+		{types.Container{
+			Image:   "a5a665ff33eced1e0803148700880edab4",
+			ImageID: "a5a665ff33eced1e0803148700880edab4269067ed77e27737a708d0d293fbf5",
+		},
+			true,
+			"a5a665ff33ec",
+			imageHeader,
+			ctx.Image,
+		},
+		{types.Container{
+			Image:   "a5a665ff33eced1e0803148700880edab4",
+			ImageID: "a5a665ff33eced1e0803148700880edab4269067ed77e27737a708d0d293fbf5",
+		},
+			false,
+			"a5a665ff33eced1e0803148700880edab4",
+			imageHeader,
+			ctx.Image,
+		},
+		{types.Container{Image: ""}, true, "<no image>", imageHeader, ctx.Image},
+		{types.Container{Command: "sh -c 'ls -la'"}, true, `"sh -c 'ls -la'"`, commandHeader, ctx.Command},
+		{types.Container{Created: unix}, true, time.Unix(unix, 0).String(), createdAtHeader, ctx.CreatedAt},
+		{types.Container{Ports: []types.Port{{PrivatePort: 8080, PublicPort: 8080, Type: "tcp"}}}, true, "8080/tcp", portsHeader, ctx.Ports},
+		{types.Container{Status: "RUNNING"}, true, "RUNNING", statusHeader, ctx.Status},
+		{types.Container{SizeRw: 10}, true, "10 B", sizeHeader, ctx.Size},
+		{types.Container{SizeRw: 10, SizeRootFs: 20}, true, "10 B (virtual 20 B)", sizeHeader, ctx.Size},
+		{types.Container{}, true, "", labelsHeader, ctx.Labels},
+		{types.Container{Labels: map[string]string{"cpu": "6", "storage": "ssd"}}, true, "cpu=6,storage=ssd", labelsHeader, ctx.Labels},
+		{types.Container{Created: unix}, true, "About a minute", runningForHeader, ctx.RunningFor},
+	}
+
+	for _, c := range cases {
+		ctx = containerContext{c: c.container, trunc: c.trunc}
+		v := c.call()
+		if strings.Contains(v, ",") {
+			compareMultipleValues(t, v, c.expValue)
+		} else if v != c.expValue {
+			t.Fatalf("Expected %s, was %s\n", c.expValue, v)
+		}
+
+		h := ctx.fullHeader()
+		if h != c.expHeader {
+			t.Fatalf("Expected %s, was %s\n", c.expHeader, h)
+		}
+	}
+
+	c1 := types.Container{Labels: map[string]string{"com.docker.swarm.swarm-id": "33", "com.docker.swarm.node_name": "ubuntu"}}
+	ctx = containerContext{c: c1, trunc: true}
+
+	sid := ctx.Label("com.docker.swarm.swarm-id")
+	node := ctx.Label("com.docker.swarm.node_name")
+	if sid != "33" {
+		t.Fatalf("Expected 33, was %s\n", sid)
+	}
+
+	if node != "ubuntu" {
+		t.Fatalf("Expected ubuntu, was %s\n", node)
+	}
+
+	h := ctx.fullHeader()
+	if h != "SWARM ID\tNODE NAME" {
+		t.Fatalf("Expected %s, was %s\n", "SWARM ID\tNODE NAME", h)
+
+	}
+
+	c2 := types.Container{}
+	ctx = containerContext{c: c2, trunc: true}
+
+	label := ctx.Label("anything.really")
+	if label != "" {
+		t.Fatalf("Expected an empty string, was %s", label)
+	}
+
+	ctx = containerContext{c: c2, trunc: true}
+	fullHeader := ctx.fullHeader()
+	if fullHeader != "" {
+		t.Fatalf("Expected fullHeader to be empty, was %s", fullHeader)
+	}
+
+}
+
+func TestImagesContext(t *testing.T) {
+	imageID := stringid.GenerateRandomID()
+	unix := time.Now().Unix()
+
+	var ctx imageContext
+	cases := []struct {
+		imageCtx  imageContext
+		expValue  string
+		expHeader string
+		call      func() string
+	}{
+		{imageContext{
+			i:     types.Image{ID: imageID},
+			trunc: true,
+		}, stringid.TruncateID(imageID), imageIDHeader, ctx.ID},
+		{imageContext{
+			i:     types.Image{ID: imageID},
+			trunc: false,
+		}, imageID, imageIDHeader, ctx.ID},
+		{imageContext{
+			i:     types.Image{Size: 10},
+			trunc: true,
+		}, "10 B", sizeHeader, ctx.Size},
+		{imageContext{
+			i:     types.Image{Created: unix},
+			trunc: true,
+		}, time.Unix(unix, 0).String(), createdAtHeader, ctx.CreatedAt},
+		// FIXME
+		// {imageContext{
+		// 	i:     types.Image{Created: unix},
+		// 	trunc: true,
+		// }, units.HumanDuration(time.Unix(unix, 0)), createdSinceHeader, ctx.CreatedSince},
+		{imageContext{
+			i:    types.Image{},
+			repo: "busybox",
+		}, "busybox", repositoryHeader, ctx.Repository},
+		{imageContext{
+			i:   types.Image{},
+			tag: "latest",
+		}, "latest", tagHeader, ctx.Tag},
+		{imageContext{
+			i:      types.Image{},
+			digest: "sha256:d149ab53f8718e987c3a3024bb8aa0e2caadf6c0328f1d9d850b2a2a67f2819a",
+		}, "sha256:d149ab53f8718e987c3a3024bb8aa0e2caadf6c0328f1d9d850b2a2a67f2819a", digestHeader, ctx.Digest},
+	}
+
+	for _, c := range cases {
+		ctx = c.imageCtx
+		v := c.call()
+		if strings.Contains(v, ",") {
+			compareMultipleValues(t, v, c.expValue)
+		} else if v != c.expValue {
+			t.Fatalf("Expected %s, was %s\n", c.expValue, v)
+		}
+
+		h := ctx.fullHeader()
+		if h != c.expHeader {
+			t.Fatalf("Expected %s, was %s\n", c.expHeader, h)
+		}
+	}
+}
+
+func compareMultipleValues(t *testing.T, value, expected string) {
+	// comma-separated values means probably a map input, which won't
+	// be guaranteed to have the same order as our expected value
+	// We'll create maps and use reflect.DeepEquals to check instead:
+	entriesMap := make(map[string]string)
+	expMap := make(map[string]string)
+	entries := strings.Split(value, ",")
+	expectedEntries := strings.Split(expected, ",")
+	for _, entry := range entries {
+		keyval := strings.Split(entry, "=")
+		entriesMap[keyval[0]] = keyval[1]
+	}
+	for _, expected := range expectedEntries {
+		keyval := strings.Split(expected, "=")
+		expMap[keyval[0]] = keyval[1]
+	}
+	if !reflect.DeepEqual(expMap, entriesMap) {
+		t.Fatalf("Expected entries: %v, got: %v", expected, value)
+	}
+}
diff --git a/api/client/formatter/formatter.go b/api/client/formatter/formatter.go
new file mode 100644
index 00000000..bc3d50c9
--- /dev/null
+++ b/api/client/formatter/formatter.go
@@ -0,0 +1,255 @@
+package formatter
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+	"strings"
+	"text/tabwriter"
+	"text/template"
+
+	"github.com/docker/docker/reference"
+	"github.com/docker/docker/utils/templates"
+	"github.com/docker/engine-api/types"
+)
+
+const (
+	tableFormatKey = "table"
+	rawFormatKey   = "raw"
+
+	defaultContainerTableFormat       = "table {{.ID}}\t{{.Image}}\t{{.Command}}\t{{.RunningFor}} ago\t{{.Status}}\t{{.Ports}}\t{{.Names}}"
+	defaultImageTableFormat           = "table {{.Repository}}\t{{.Tag}}\t{{.ID}}\t{{.CreatedSince}} ago\t{{.Size}}"
+	defaultImageTableFormatWithDigest = "table {{.Repository}}\t{{.Tag}}\t{{.Digest}}\t{{.ID}}\t{{.CreatedSince}} ago\t{{.Size}}"
+	defaultQuietFormat                = "{{.ID}}"
+)
+
+// Context contains information required by the formatter to print the output as desired.
+type Context struct {
+	// Output is the output stream to which the formatted string is written.
+	Output io.Writer
+	// Format is used to choose raw, table or custom format for the output.
+	Format string
+	// Quiet when set to true will simply print minimal information.
+	Quiet bool
+	// Trunc when set to true will truncate the output of certain fields such as Container ID.
+	Trunc bool
+
+	// internal element
+	table       bool
+	finalFormat string
+	header      string
+	buffer      *bytes.Buffer
+}
+
+func (c *Context) preformat() {
+	c.finalFormat = c.Format
+
+	if strings.HasPrefix(c.Format, tableKey) {
+		c.table = true
+		c.finalFormat = c.finalFormat[len(tableKey):]
+	}
+
+	c.finalFormat = strings.Trim(c.finalFormat, " ")
+	r := strings.NewReplacer(`\t`, "\t", `\n`, "\n")
+	c.finalFormat = r.Replace(c.finalFormat)
+}
+
+func (c *Context) parseFormat() (*template.Template, error) {
+	tmpl, err := templates.Parse(c.finalFormat)
+	if err != nil {
+		c.buffer.WriteString(fmt.Sprintf("Template parsing error: %v\n", err))
+		c.buffer.WriteTo(c.Output)
+	}
+	return tmpl, err
+}
+
+func (c *Context) postformat(tmpl *template.Template, subContext subContext) {
+	if c.table {
+		if len(c.header) == 0 {
+			// if we still don't have a header, we didn't have any containers so we need to fake it to get the right headers from the template
+			tmpl.Execute(bytes.NewBufferString(""), subContext)
+			c.header = subContext.fullHeader()
+		}
+
+		t := tabwriter.NewWriter(c.Output, 20, 1, 3, ' ', 0)
+		t.Write([]byte(c.header))
+		t.Write([]byte("\n"))
+		c.buffer.WriteTo(t)
+		t.Flush()
+	} else {
+		c.buffer.WriteTo(c.Output)
+	}
+}
+
+func (c *Context) contextFormat(tmpl *template.Template, subContext subContext) error {
+	if err := tmpl.Execute(c.buffer, subContext); err != nil {
+		c.buffer = bytes.NewBufferString(fmt.Sprintf("Template parsing error: %v\n", err))
+		c.buffer.WriteTo(c.Output)
+		return err
+	}
+	if c.table && len(c.header) == 0 {
+		c.header = subContext.fullHeader()
+	}
+	c.buffer.WriteString("\n")
+	return nil
+}
+
+// ContainerContext contains container specific information required by the formater, encapsulate a Context struct.
+type ContainerContext struct {
+	Context
+	// Size when set to true will display the size of the output.
+	Size bool
+	// Containers
+	Containers []types.Container
+}
+
+// ImageContext contains image specific information required by the formater, encapsulate a Context struct.
+type ImageContext struct {
+	Context
+	Digest bool
+	// Images
+	Images []types.Image
+}
+
+func (ctx ContainerContext) Write() {
+	switch ctx.Format {
+	case tableFormatKey:
+		ctx.Format = defaultContainerTableFormat
+		if ctx.Quiet {
+			ctx.Format = defaultQuietFormat
+		}
+	case rawFormatKey:
+		if ctx.Quiet {
+			ctx.Format = `container_id: {{.ID}}`
+		} else {
+			ctx.Format = `container_id: {{.ID}}
+image: {{.Image}}
+command: {{.Command}}
+created_at: {{.CreatedAt}}
+status: {{.Status}}
+names: {{.Names}}
+labels: {{.Labels}}
+ports: {{.Ports}}
+`
+			if ctx.Size {
+				ctx.Format += `size: {{.Size}}
+`
+			}
+		}
+	}
+
+	ctx.buffer = bytes.NewBufferString("")
+	ctx.preformat()
+	if ctx.table && ctx.Size {
+		ctx.finalFormat += "\t{{.Size}}"
+	}
+
+	tmpl, err := ctx.parseFormat()
+	if err != nil {
+		return
+	}
+
+	for _, container := range ctx.Containers {
+		containerCtx := &containerContext{
+			trunc: ctx.Trunc,
+			c:     container,
+		}
+		err = ctx.contextFormat(tmpl, containerCtx)
+		if err != nil {
+			return
+		}
+	}
+
+	ctx.postformat(tmpl, &containerContext{})
+}
+
+func (ctx ImageContext) Write() {
+	switch ctx.Format {
+	case tableFormatKey:
+		ctx.Format = defaultImageTableFormat
+		if ctx.Digest {
+			ctx.Format = defaultImageTableFormatWithDigest
+		}
+		if ctx.Quiet {
+			ctx.Format = defaultQuietFormat
+		}
+	case rawFormatKey:
+		if ctx.Quiet {
+			ctx.Format = `image_id: {{.ID}}`
+		} else {
+			if ctx.Digest {
+				ctx.Format = `repository: {{ .Repository }}
+tag: {{.Tag}}
+digest: {{.Digest}}
+image_id: {{.ID}}
+created_at: {{.CreatedAt}}
+virtual_size: {{.Size}}
+`
+			} else {
+				ctx.Format = `repository: {{ .Repository }}
+tag: {{.Tag}}
+image_id: {{.ID}}
+created_at: {{.CreatedAt}}
+virtual_size: {{.Size}}
+`
+			}
+		}
+	}
+
+	ctx.buffer = bytes.NewBufferString("")
+	ctx.preformat()
+	if ctx.table && ctx.Digest && !strings.Contains(ctx.Format, "{{.Digest}}") {
+		ctx.finalFormat += "\t{{.Digest}}"
+	}
+
+	tmpl, err := ctx.parseFormat()
+	if err != nil {
+		return
+	}
+
+	for _, image := range ctx.Images {
+
+		repoTags := image.RepoTags
+		repoDigests := image.RepoDigests
+
+		if len(repoTags) == 1 && repoTags[0] == "<none>:<none>" && len(repoDigests) == 1 && repoDigests[0] == "<none>@<none>" {
+			// dangling image - clear out either repoTags or repoDigests so we only show it once below
+			repoDigests = []string{}
+		}
+		// combine the tags and digests lists
+		tagsAndDigests := append(repoTags, repoDigests...)
+		for _, repoAndRef := range tagsAndDigests {
+			repo := "<none>"
+			tag := "<none>"
+			digest := "<none>"
+
+			if !strings.HasPrefix(repoAndRef, "<none>") {
+				ref, err := reference.ParseNamed(repoAndRef)
+				if err != nil {
+					continue
+				}
+				repo = ref.Name()
+
+				switch x := ref.(type) {
+				case reference.Canonical:
+					digest = x.Digest().String()
+				case reference.NamedTagged:
+					tag = x.Tag()
+				}
+			}
+			imageCtx := &imageContext{
+				trunc:  ctx.Trunc,
+				i:      image,
+				repo:   repo,
+				tag:    tag,
+				digest: digest,
+			}
+			err = ctx.contextFormat(tmpl, imageCtx)
+			if err != nil {
+				return
+			}
+		}
+	}
+
+	ctx.postformat(tmpl, &imageContext{})
+}
diff --git a/api/client/formatter/formatter_test.go b/api/client/formatter/formatter_test.go
new file mode 100644
index 00000000..223cab97
--- /dev/null
+++ b/api/client/formatter/formatter_test.go
@@ -0,0 +1,535 @@
+package formatter
+
+import (
+	"bytes"
+	"fmt"
+	"testing"
+	"time"
+
+	"github.com/docker/engine-api/types"
+)
+
+func TestContainerContextWrite(t *testing.T) {
+	unixTime := time.Now().AddDate(0, 0, -1).Unix()
+	expectedTime := time.Unix(unixTime, 0).String()
+
+	contexts := []struct {
+		context  ContainerContext
+		expected string
+	}{
+		// Errors
+		{
+			ContainerContext{
+				Context: Context{
+					Format: "{{InvalidFunction}}",
+				},
+			},
+			`Template parsing error: template: :1: function "InvalidFunction" not defined
+`,
+		},
+		{
+			ContainerContext{
+				Context: Context{
+					Format: "{{nil}}",
+				},
+			},
+			`Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
+`,
+		},
+		// Table Format
+		{
+			ContainerContext{
+				Context: Context{
+					Format: "table",
+				},
+			},
+			`CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
+containerID1        ubuntu              ""                  24 hours ago                                                foobar_baz
+containerID2        ubuntu              ""                  24 hours ago                                                foobar_bar
+`,
+		},
+		{
+			ContainerContext{
+				Context: Context{
+					Format: "table {{.Image}}",
+				},
+			},
+			"IMAGE\nubuntu\nubuntu\n",
+		},
+		{
+			ContainerContext{
+				Context: Context{
+					Format: "table {{.Image}}",
+				},
+				Size: true,
+			},
+			"IMAGE               SIZE\nubuntu              0 B\nubuntu              0 B\n",
+		},
+		{
+			ContainerContext{
+				Context: Context{
+					Format: "table {{.Image}}",
+					Quiet:  true,
+				},
+			},
+			"IMAGE\nubuntu\nubuntu\n",
+		},
+		{
+			ContainerContext{
+				Context: Context{
+					Format: "table",
+					Quiet:  true,
+				},
+			},
+			"containerID1\ncontainerID2\n",
+		},
+		// Raw Format
+		{
+			ContainerContext{
+				Context: Context{
+					Format: "raw",
+				},
+			},
+			fmt.Sprintf(`container_id: containerID1
+image: ubuntu
+command: ""
+created_at: %s
+status: 
+names: foobar_baz
+labels: 
+ports: 
+
+container_id: containerID2
+image: ubuntu
+command: ""
+created_at: %s
+status: 
+names: foobar_bar
+labels: 
+ports: 
+
+`, expectedTime, expectedTime),
+		},
+		{
+			ContainerContext{
+				Context: Context{
+					Format: "raw",
+				},
+				Size: true,
+			},
+			fmt.Sprintf(`container_id: containerID1
+image: ubuntu
+command: ""
+created_at: %s
+status: 
+names: foobar_baz
+labels: 
+ports: 
+size: 0 B
+
+container_id: containerID2
+image: ubuntu
+command: ""
+created_at: %s
+status: 
+names: foobar_bar
+labels: 
+ports: 
+size: 0 B
+
+`, expectedTime, expectedTime),
+		},
+		{
+			ContainerContext{
+				Context: Context{
+					Format: "raw",
+					Quiet:  true,
+				},
+			},
+			"container_id: containerID1\ncontainer_id: containerID2\n",
+		},
+		// Custom Format
+		{
+			ContainerContext{
+				Context: Context{
+					Format: "{{.Image}}",
+				},
+			},
+			"ubuntu\nubuntu\n",
+		},
+		{
+			ContainerContext{
+				Context: Context{
+					Format: "{{.Image}}",
+				},
+				Size: true,
+			},
+			"ubuntu\nubuntu\n",
+		},
+	}
+
+	for _, context := range contexts {
+		containers := []types.Container{
+			{ID: "containerID1", Names: []string{"/foobar_baz"}, Image: "ubuntu", Created: unixTime},
+			{ID: "containerID2", Names: []string{"/foobar_bar"}, Image: "ubuntu", Created: unixTime},
+		}
+		out := bytes.NewBufferString("")
+		context.context.Output = out
+		context.context.Containers = containers
+		context.context.Write()
+		actual := out.String()
+		if actual != context.expected {
+			t.Fatalf("Expected \n%s, got \n%s", context.expected, actual)
+		}
+		// Clean buffer
+		out.Reset()
+	}
+}
+
+func TestContainerContextWriteWithNoContainers(t *testing.T) {
+	out := bytes.NewBufferString("")
+	containers := []types.Container{}
+
+	contexts := []struct {
+		context  ContainerContext
+		expected string
+	}{
+		{
+			ContainerContext{
+				Context: Context{
+					Format: "{{.Image}}",
+					Output: out,
+				},
+			},
+			"",
+		},
+		{
+			ContainerContext{
+				Context: Context{
+					Format: "table {{.Image}}",
+					Output: out,
+				},
+			},
+			"IMAGE\n",
+		},
+		{
+			ContainerContext{
+				Context: Context{
+					Format: "{{.Image}}",
+					Output: out,
+				},
+				Size: true,
+			},
+			"",
+		},
+		{
+			ContainerContext{
+				Context: Context{
+					Format: "table {{.Image}}",
+					Output: out,
+				},
+				Size: true,
+			},
+			"IMAGE               SIZE\n",
+		},
+	}
+
+	for _, context := range contexts {
+		context.context.Containers = containers
+		context.context.Write()
+		actual := out.String()
+		if actual != context.expected {
+			t.Fatalf("Expected \n%s, got \n%s", context.expected, actual)
+		}
+		// Clean buffer
+		out.Reset()
+	}
+}
+
+func TestImageContextWrite(t *testing.T) {
+	unixTime := time.Now().AddDate(0, 0, -1).Unix()
+	expectedTime := time.Unix(unixTime, 0).String()
+
+	contexts := []struct {
+		context  ImageContext
+		expected string
+	}{
+		// Errors
+		{
+			ImageContext{
+				Context: Context{
+					Format: "{{InvalidFunction}}",
+				},
+			},
+			`Template parsing error: template: :1: function "InvalidFunction" not defined
+`,
+		},
+		{
+			ImageContext{
+				Context: Context{
+					Format: "{{nil}}",
+				},
+			},
+			`Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
+`,
+		},
+		// Table Format
+		{
+			ImageContext{
+				Context: Context{
+					Format: "table",
+				},
+			},
+			`REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
+image               tag1                imageID1            24 hours ago        0 B
+image               <none>              imageID1            24 hours ago        0 B
+image               tag2                imageID2            24 hours ago        0 B
+<none>              <none>              imageID3            24 hours ago        0 B
+`,
+		},
+		{
+			ImageContext{
+				Context: Context{
+					Format: "table {{.Repository}}",
+				},
+			},
+			"REPOSITORY\nimage\nimage\nimage\n<none>\n",
+		},
+		{
+			ImageContext{
+				Context: Context{
+					Format: "table {{.Repository}}",
+				},
+				Digest: true,
+			},
+			`REPOSITORY          DIGEST
+image               <none>
+image               sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
+image               <none>
+<none>              <none>
+`,
+		},
+		{
+			ImageContext{
+				Context: Context{
+					Format: "table {{.Repository}}",
+					Quiet:  true,
+				},
+			},
+			"REPOSITORY\nimage\nimage\nimage\n<none>\n",
+		},
+		{
+			ImageContext{
+				Context: Context{
+					Format: "table",
+					Quiet:  true,
+				},
+			},
+			"imageID1\nimageID1\nimageID2\nimageID3\n",
+		},
+		{
+			ImageContext{
+				Context: Context{
+					Format: "table",
+					Quiet:  false,
+				},
+				Digest: true,
+			},
+			`REPOSITORY          TAG                 DIGEST                                                                    IMAGE ID            CREATED             SIZE
+image               tag1                <none>                                                                    imageID1            24 hours ago        0 B
+image               <none>              sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf   imageID1            24 hours ago        0 B
+image               tag2                <none>                                                                    imageID2            24 hours ago        0 B
+<none>              <none>              <none>                                                                    imageID3            24 hours ago        0 B
+`,
+		},
+		{
+			ImageContext{
+				Context: Context{
+					Format: "table",
+					Quiet:  true,
+				},
+				Digest: true,
+			},
+			"imageID1\nimageID1\nimageID2\nimageID3\n",
+		},
+		// Raw Format
+		{
+			ImageContext{
+				Context: Context{
+					Format: "raw",
+				},
+			},
+			fmt.Sprintf(`repository: image
+tag: tag1
+image_id: imageID1
+created_at: %s
+virtual_size: 0 B
+
+repository: image
+tag: <none>
+image_id: imageID1
+created_at: %s
+virtual_size: 0 B
+
+repository: image
+tag: tag2
+image_id: imageID2
+created_at: %s
+virtual_size: 0 B
+
+repository: <none>
+tag: <none>
+image_id: imageID3
+created_at: %s
+virtual_size: 0 B
+
+`, expectedTime, expectedTime, expectedTime, expectedTime),
+		},
+		{
+			ImageContext{
+				Context: Context{
+					Format: "raw",
+				},
+				Digest: true,
+			},
+			fmt.Sprintf(`repository: image
+tag: tag1
+digest: <none>
+image_id: imageID1
+created_at: %s
+virtual_size: 0 B
+
+repository: image
+tag: <none>
+digest: sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
+image_id: imageID1
+created_at: %s
+virtual_size: 0 B
+
+repository: image
+tag: tag2
+digest: <none>
+image_id: imageID2
+created_at: %s
+virtual_size: 0 B
+
+repository: <none>
+tag: <none>
+digest: <none>
+image_id: imageID3
+created_at: %s
+virtual_size: 0 B
+
+`, expectedTime, expectedTime, expectedTime, expectedTime),
+		},
+		{
+			ImageContext{
+				Context: Context{
+					Format: "raw",
+					Quiet:  true,
+				},
+			},
+			`image_id: imageID1
+image_id: imageID1
+image_id: imageID2
+image_id: imageID3
+`,
+		},
+		// Custom Format
+		{
+			ImageContext{
+				Context: Context{
+					Format: "{{.Repository}}",
+				},
+			},
+			"image\nimage\nimage\n<none>\n",
+		},
+		{
+			ImageContext{
+				Context: Context{
+					Format: "{{.Repository}}",
+				},
+				Digest: true,
+			},
+			"image\nimage\nimage\n<none>\n",
+		},
+	}
+
+	for _, context := range contexts {
+		images := []types.Image{
+			{ID: "imageID1", RepoTags: []string{"image:tag1"}, RepoDigests: []string{"image@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf"}, Created: unixTime},
+			{ID: "imageID2", RepoTags: []string{"image:tag2"}, Created: unixTime},
+			{ID: "imageID3", RepoTags: []string{"<none>:<none>"}, RepoDigests: []string{"<none>@<none>"}, Created: unixTime},
+		}
+		out := bytes.NewBufferString("")
+		context.context.Output = out
+		context.context.Images = images
+		context.context.Write()
+		actual := out.String()
+		if actual != context.expected {
+			t.Fatalf("Expected \n%s, got \n%s", context.expected, actual)
+		}
+		// Clean buffer
+		out.Reset()
+	}
+}
+
+func TestImageContextWriteWithNoImage(t *testing.T) {
+	out := bytes.NewBufferString("")
+	images := []types.Image{}
+
+	contexts := []struct {
+		context  ImageContext
+		expected string
+	}{
+		{
+			ImageContext{
+				Context: Context{
+					Format: "{{.Repository}}",
+					Output: out,
+				},
+			},
+			"",
+		},
+		{
+			ImageContext{
+				Context: Context{
+					Format: "table {{.Repository}}",
+					Output: out,
+				},
+			},
+			"REPOSITORY\n",
+		},
+		{
+			ImageContext{
+				Context: Context{
+					Format: "{{.Repository}}",
+					Output: out,
+				},
+				Digest: true,
+			},
+			"",
+		},
+		{
+			ImageContext{
+				Context: Context{
+					Format: "table {{.Repository}}",
+					Output: out,
+				},
+				Digest: true,
+			},
+			"REPOSITORY          DIGEST\n",
+		},
+	}
+
+	for _, context := range contexts {
+		context.context.Images = images
+		context.context.Write()
+		actual := out.String()
+		if actual != context.expected {
+			t.Fatalf("Expected \n%s, got \n%s", context.expected, actual)
+		}
+		// Clean buffer
+		out.Reset()
+	}
+}
diff --git a/api/client/hijack.go b/api/client/hijack.go
new file mode 100644
index 00000000..4c80fe1c
--- /dev/null
+++ b/api/client/hijack.go
@@ -0,0 +1,56 @@
+package client
+
+import (
+	"io"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/pkg/stdcopy"
+	"github.com/docker/engine-api/types"
+)
+
+func (cli *DockerCli) holdHijackedConnection(tty bool, inputStream io.ReadCloser, outputStream, errorStream io.Writer, resp types.HijackedResponse) error {
+	var err error
+	receiveStdout := make(chan error, 1)
+	if outputStream != nil || errorStream != nil {
+		go func() {
+			// When TTY is ON, use regular copy
+			if tty && outputStream != nil {
+				_, err = io.Copy(outputStream, resp.Reader)
+			} else {
+				_, err = stdcopy.StdCopy(outputStream, errorStream, resp.Reader)
+			}
+			logrus.Debugf("[hijack] End of stdout")
+			receiveStdout <- err
+		}()
+	}
+
+	stdinDone := make(chan struct{})
+	go func() {
+		if inputStream != nil {
+			io.Copy(resp.Conn, inputStream)
+			logrus.Debugf("[hijack] End of stdin")
+		}
+
+		if err := resp.CloseWrite(); err != nil {
+			logrus.Debugf("Couldn't send EOF: %s", err)
+		}
+		close(stdinDone)
+	}()
+
+	select {
+	case err := <-receiveStdout:
+		if err != nil {
+			logrus.Debugf("Error receiveStdout: %s", err)
+			return err
+		}
+	case <-stdinDone:
+		if outputStream != nil || errorStream != nil {
+			if err := <-receiveStdout; err != nil {
+				logrus.Debugf("Error receiveStdout: %s", err)
+				return err
+			}
+		}
+	}
+
+	return nil
+}
diff --git a/api/client/history.go b/api/client/history.go
new file mode 100644
index 00000000..25bb4157
--- /dev/null
+++ b/api/client/history.go
@@ -0,0 +1,76 @@
+package client
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+	"text/tabwriter"
+	"time"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/docker/pkg/stringutils"
+	"github.com/docker/go-units"
+)
+
+// CmdHistory shows the history of an image.
+//
+// Usage: docker history [OPTIONS] IMAGE
+func (cli *DockerCli) CmdHistory(args ...string) error {
+	cmd := Cli.Subcmd("history", []string{"IMAGE"}, Cli.DockerCommands["history"].Description, true)
+	human := cmd.Bool([]string{"H", "-human"}, true, "Print sizes and dates in human readable format")
+	quiet := cmd.Bool([]string{"q", "-quiet"}, false, "Only show numeric IDs")
+	noTrunc := cmd.Bool([]string{"-no-trunc"}, false, "Don't truncate output")
+	cmd.Require(flag.Exact, 1)
+
+	cmd.ParseFlags(args, true)
+
+	history, err := cli.client.ImageHistory(context.Background(), cmd.Arg(0))
+	if err != nil {
+		return err
+	}
+
+	w := tabwriter.NewWriter(cli.out, 20, 1, 3, ' ', 0)
+
+	if *quiet {
+		for _, entry := range history {
+			if *noTrunc {
+				fmt.Fprintf(w, "%s\n", entry.ID)
+			} else {
+				fmt.Fprintf(w, "%s\n", stringid.TruncateID(entry.ID))
+			}
+		}
+		w.Flush()
+		return nil
+	}
+
+	var imageID string
+	var createdBy string
+	var created string
+	var size string
+
+	fmt.Fprintln(w, "IMAGE\tCREATED\tCREATED BY\tSIZE\tCOMMENT")
+	for _, entry := range history {
+		imageID = entry.ID
+		createdBy = strings.Replace(entry.CreatedBy, "\t", " ", -1)
+		if *noTrunc == false {
+			createdBy = stringutils.Truncate(createdBy, 45)
+			imageID = stringid.TruncateID(entry.ID)
+		}
+
+		if *human {
+			created = units.HumanDuration(time.Now().UTC().Sub(time.Unix(entry.Created, 0))) + " ago"
+			size = units.HumanSize(float64(entry.Size))
+		} else {
+			created = time.Unix(entry.Created, 0).Format(time.RFC3339)
+			size = strconv.FormatInt(entry.Size, 10)
+		}
+
+		fmt.Fprintf(w, "%s\t%s\t%s\t%s\t%s\n", imageID, created, createdBy, size, entry.Comment)
+	}
+	w.Flush()
+	return nil
+}
diff --git a/api/client/images.go b/api/client/images.go
new file mode 100644
index 00000000..4840b63d
--- /dev/null
+++ b/api/client/images.go
@@ -0,0 +1,81 @@
+package client
+
+import (
+	"golang.org/x/net/context"
+
+	"github.com/docker/docker/api/client/formatter"
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/docker/opts"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/filters"
+)
+
+// CmdImages lists the images in a specified repository, or all top-level images if no repository is specified.
+//
+// Usage: docker images [OPTIONS] [REPOSITORY]
+func (cli *DockerCli) CmdImages(args ...string) error {
+	cmd := Cli.Subcmd("images", []string{"[REPOSITORY[:TAG]]"}, Cli.DockerCommands["images"].Description, true)
+	quiet := cmd.Bool([]string{"q", "-quiet"}, false, "Only show numeric IDs")
+	all := cmd.Bool([]string{"a", "-all"}, false, "Show all images (default hides intermediate images)")
+	noTrunc := cmd.Bool([]string{"-no-trunc"}, false, "Don't truncate output")
+	showDigests := cmd.Bool([]string{"-digests"}, false, "Show digests")
+	format := cmd.String([]string{"-format"}, "", "Pretty-print images using a Go template")
+
+	flFilter := opts.NewListOpts(nil)
+	cmd.Var(&flFilter, []string{"f", "-filter"}, "Filter output based on conditions provided")
+	cmd.Require(flag.Max, 1)
+
+	cmd.ParseFlags(args, true)
+
+	// Consolidate all filter flags, and sanity check them early.
+	// They'll get process in the daemon/server.
+	imageFilterArgs := filters.NewArgs()
+	for _, f := range flFilter.GetAll() {
+		var err error
+		imageFilterArgs, err = filters.ParseFlag(f, imageFilterArgs)
+		if err != nil {
+			return err
+		}
+	}
+
+	var matchName string
+	if cmd.NArg() == 1 {
+		matchName = cmd.Arg(0)
+	}
+
+	options := types.ImageListOptions{
+		MatchName: matchName,
+		All:       *all,
+		Filters:   imageFilterArgs,
+	}
+
+	images, err := cli.client.ImageList(context.Background(), options)
+	if err != nil {
+		return err
+	}
+
+	f := *format
+	if len(f) == 0 {
+		if len(cli.ImagesFormat()) > 0 && !*quiet {
+			f = cli.ImagesFormat()
+		} else {
+			f = "table"
+		}
+	}
+
+	imagesCtx := formatter.ImageContext{
+		Context: formatter.Context{
+			Output: cli.out,
+			Format: f,
+			Quiet:  *quiet,
+			Trunc:  !*noTrunc,
+		},
+		Digest: *showDigests,
+		Images: images,
+	}
+
+	imagesCtx.Write()
+
+	return nil
+}
diff --git a/api/client/import.go b/api/client/import.go
new file mode 100644
index 00000000..c96e1e97
--- /dev/null
+++ b/api/client/import.go
@@ -0,0 +1,82 @@
+package client
+
+import (
+	"fmt"
+	"io"
+	"os"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/docker/opts"
+	"github.com/docker/docker/pkg/jsonmessage"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/pkg/urlutil"
+	"github.com/docker/docker/reference"
+	"github.com/docker/engine-api/types"
+)
+
+// CmdImport creates an empty filesystem image, imports the contents of the tarball into the image, and optionally tags the image.
+//
+// The URL argument is the address of a tarball (.tar, .tar.gz, .tgz, .bzip, .tar.xz, .txz) file or a path to local file relative to docker client. If the URL is '-', then the tar file is read from STDIN.
+//
+// Usage: docker import [OPTIONS] file|URL|- [REPOSITORY[:TAG]]
+func (cli *DockerCli) CmdImport(args ...string) error {
+	cmd := Cli.Subcmd("import", []string{"file|URL|- [REPOSITORY[:TAG]]"}, Cli.DockerCommands["import"].Description, true)
+	flChanges := opts.NewListOpts(nil)
+	cmd.Var(&flChanges, []string{"c", "-change"}, "Apply Dockerfile instruction to the created image")
+	message := cmd.String([]string{"m", "-message"}, "", "Set commit message for imported image")
+	cmd.Require(flag.Min, 1)
+
+	cmd.ParseFlags(args, true)
+
+	var (
+		in         io.Reader
+		tag        string
+		src        = cmd.Arg(0)
+		srcName    = src
+		repository = cmd.Arg(1)
+		changes    = flChanges.GetAll()
+	)
+
+	if cmd.NArg() == 3 {
+		fmt.Fprintf(cli.err, "[DEPRECATED] The format 'file|URL|- [REPOSITORY [TAG]]' has been deprecated. Please use file|URL|- [REPOSITORY[:TAG]]\n")
+		tag = cmd.Arg(2)
+	}
+
+	if repository != "" {
+		//Check if the given image name can be resolved
+		if _, err := reference.ParseNamed(repository); err != nil {
+			return err
+		}
+	}
+
+	if src == "-" {
+		in = cli.in
+	} else if !urlutil.IsURL(src) {
+		srcName = "-"
+		file, err := os.Open(src)
+		if err != nil {
+			return err
+		}
+		defer file.Close()
+		in = file
+	}
+
+	options := types.ImageImportOptions{
+		Source:         in,
+		SourceName:     srcName,
+		RepositoryName: repository,
+		Message:        *message,
+		Tag:            tag,
+		Changes:        changes,
+	}
+
+	responseBody, err := cli.client.ImageImport(context.Background(), options)
+	if err != nil {
+		return err
+	}
+	defer responseBody.Close()
+
+	return jsonmessage.DisplayJSONMessagesStream(responseBody, cli.out, cli.outFd, cli.isTerminalOut, nil)
+}
diff --git a/api/client/info.go b/api/client/info.go
new file mode 100644
index 00000000..29df605e
--- /dev/null
+++ b/api/client/info.go
@@ -0,0 +1,155 @@
+package client
+
+import (
+	"fmt"
+	"strings"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/docker/pkg/ioutils"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/utils"
+	"github.com/docker/go-units"
+)
+
+// CmdInfo displays system-wide information.
+//
+// Usage: docker info
+func (cli *DockerCli) CmdInfo(args ...string) error {
+	cmd := Cli.Subcmd("info", nil, Cli.DockerCommands["info"].Description, true)
+	cmd.Require(flag.Exact, 0)
+
+	cmd.ParseFlags(args, true)
+
+	info, err := cli.client.Info(context.Background())
+	if err != nil {
+		return err
+	}
+
+	fmt.Fprintf(cli.out, "Containers: %d\n", info.Containers)
+	fmt.Fprintf(cli.out, " Running: %d\n", info.ContainersRunning)
+	fmt.Fprintf(cli.out, " Paused: %d\n", info.ContainersPaused)
+	fmt.Fprintf(cli.out, " Stopped: %d\n", info.ContainersStopped)
+	fmt.Fprintf(cli.out, "Images: %d\n", info.Images)
+	ioutils.FprintfIfNotEmpty(cli.out, "Server Version: %s\n", info.ServerVersion)
+	ioutils.FprintfIfNotEmpty(cli.out, "Storage Driver: %s\n", info.Driver)
+	if info.DriverStatus != nil {
+		for _, pair := range info.DriverStatus {
+			fmt.Fprintf(cli.out, " %s: %s\n", pair[0], pair[1])
+
+			// print a warning if devicemapper is using a loopback file
+			if pair[0] == "Data loop file" {
+				fmt.Fprintln(cli.err, " WARNING: Usage of loopback devices is strongly discouraged for production use. Either use `--storage-opt dm.thinpooldev` or use `--storage-opt dm.no_warn_on_loop_devices=true` to suppress this warning.")
+			}
+		}
+
+	}
+	if info.SystemStatus != nil {
+		for _, pair := range info.SystemStatus {
+			fmt.Fprintf(cli.out, "%s: %s\n", pair[0], pair[1])
+		}
+	}
+	ioutils.FprintfIfNotEmpty(cli.out, "Execution Driver: %s\n", info.ExecutionDriver)
+	ioutils.FprintfIfNotEmpty(cli.out, "Logging Driver: %s\n", info.LoggingDriver)
+	ioutils.FprintfIfNotEmpty(cli.out, "Cgroup Driver: %s\n", info.CgroupDriver)
+
+	fmt.Fprintf(cli.out, "Plugins: \n")
+	fmt.Fprintf(cli.out, " Volume:")
+	fmt.Fprintf(cli.out, " %s", strings.Join(info.Plugins.Volume, " "))
+	fmt.Fprintf(cli.out, "\n")
+	fmt.Fprintf(cli.out, " Network:")
+	fmt.Fprintf(cli.out, " %s", strings.Join(info.Plugins.Network, " "))
+	fmt.Fprintf(cli.out, "\n")
+
+	if len(info.Plugins.Authorization) != 0 {
+		fmt.Fprintf(cli.out, " Authorization:")
+		fmt.Fprintf(cli.out, " %s", strings.Join(info.Plugins.Authorization, " "))
+		fmt.Fprintf(cli.out, "\n")
+	}
+
+	ioutils.FprintfIfNotEmpty(cli.out, "Kernel Version: %s\n", info.KernelVersion)
+	ioutils.FprintfIfNotEmpty(cli.out, "Operating System: %s\n", info.OperatingSystem)
+	ioutils.FprintfIfNotEmpty(cli.out, "OSType: %s\n", info.OSType)
+	ioutils.FprintfIfNotEmpty(cli.out, "Architecture: %s\n", info.Architecture)
+	fmt.Fprintf(cli.out, "CPUs: %d\n", info.NCPU)
+	fmt.Fprintf(cli.out, "Total Memory: %s\n", units.BytesSize(float64(info.MemTotal)))
+	ioutils.FprintfIfNotEmpty(cli.out, "Name: %s\n", info.Name)
+	ioutils.FprintfIfNotEmpty(cli.out, "ID: %s\n", info.ID)
+	fmt.Fprintf(cli.out, "Docker Root Dir: %s\n", info.DockerRootDir)
+	fmt.Fprintf(cli.out, "Debug mode (client): %v\n", utils.IsDebugEnabled())
+	fmt.Fprintf(cli.out, "Debug mode (server): %v\n", info.Debug)
+
+	if info.Debug {
+		fmt.Fprintf(cli.out, " File Descriptors: %d\n", info.NFd)
+		fmt.Fprintf(cli.out, " Goroutines: %d\n", info.NGoroutines)
+		fmt.Fprintf(cli.out, " System Time: %s\n", info.SystemTime)
+		fmt.Fprintf(cli.out, " EventsListeners: %d\n", info.NEventsListener)
+	}
+
+	ioutils.FprintfIfNotEmpty(cli.out, "Http Proxy: %s\n", info.HTTPProxy)
+	ioutils.FprintfIfNotEmpty(cli.out, "Https Proxy: %s\n", info.HTTPSProxy)
+	ioutils.FprintfIfNotEmpty(cli.out, "No Proxy: %s\n", info.NoProxy)
+
+	if info.IndexServerAddress != "" {
+		u := cli.configFile.AuthConfigs[info.IndexServerAddress].Username
+		if len(u) > 0 {
+			fmt.Fprintf(cli.out, "Username: %v\n", u)
+		}
+		fmt.Fprintf(cli.out, "Registry: %v\n", info.IndexServerAddress)
+	}
+
+	// Only output these warnings if the server does not support these features
+	if info.OSType != "windows" {
+		if !info.MemoryLimit {
+			fmt.Fprintln(cli.err, "WARNING: No memory limit support")
+		}
+		if !info.SwapLimit {
+			fmt.Fprintln(cli.err, "WARNING: No swap limit support")
+		}
+		if !info.KernelMemory {
+			fmt.Fprintln(cli.err, "WARNING: No kernel memory limit support")
+		}
+		if !info.OomKillDisable {
+			fmt.Fprintln(cli.err, "WARNING: No oom kill disable support")
+		}
+		if !info.CPUCfsQuota {
+			fmt.Fprintln(cli.err, "WARNING: No cpu cfs quota support")
+		}
+		if !info.CPUCfsPeriod {
+			fmt.Fprintln(cli.err, "WARNING: No cpu cfs period support")
+		}
+		if !info.CPUShares {
+			fmt.Fprintln(cli.err, "WARNING: No cpu shares support")
+		}
+		if !info.CPUSet {
+			fmt.Fprintln(cli.err, "WARNING: No cpuset support")
+		}
+		if !info.IPv4Forwarding {
+			fmt.Fprintln(cli.err, "WARNING: IPv4 forwarding is disabled")
+		}
+		if !info.BridgeNfIptables {
+			fmt.Fprintln(cli.err, "WARNING: bridge-nf-call-iptables is disabled")
+		}
+		if !info.BridgeNfIP6tables {
+			fmt.Fprintln(cli.err, "WARNING: bridge-nf-call-ip6tables is disabled")
+		}
+	}
+
+	if info.Labels != nil {
+		fmt.Fprintln(cli.out, "Labels:")
+		for _, attribute := range info.Labels {
+			fmt.Fprintf(cli.out, " %s\n", attribute)
+		}
+	}
+
+	ioutils.FprintfIfTrue(cli.out, "Experimental: %v\n", info.ExperimentalBuild)
+	if info.ClusterStore != "" {
+		fmt.Fprintf(cli.out, "Cluster store: %s\n", info.ClusterStore)
+	}
+
+	if info.ClusterAdvertise != "" {
+		fmt.Fprintf(cli.out, "Cluster advertise: %s\n", info.ClusterAdvertise)
+	}
+	return nil
+}
diff --git a/api/client/inspect.go b/api/client/inspect.go
new file mode 100644
index 00000000..2e97a5aa
--- /dev/null
+++ b/api/client/inspect.go
@@ -0,0 +1,127 @@
+package client
+
+import (
+	"fmt"
+
+	"golang.org/x/net/context"
+
+	"github.com/docker/docker/api/client/inspect"
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/utils/templates"
+	"github.com/docker/engine-api/client"
+)
+
+// CmdInspect displays low-level information on one or more containers or images.
+//
+// Usage: docker inspect [OPTIONS] CONTAINER|IMAGE [CONTAINER|IMAGE...]
+func (cli *DockerCli) CmdInspect(args ...string) error {
+	cmd := Cli.Subcmd("inspect", []string{"CONTAINER|IMAGE [CONTAINER|IMAGE...]"}, Cli.DockerCommands["inspect"].Description, true)
+	tmplStr := cmd.String([]string{"f", "-format"}, "", "Format the output using the given go template")
+	inspectType := cmd.String([]string{"-type"}, "", "Return JSON for specified type, (e.g image or container)")
+	size := cmd.Bool([]string{"s", "-size"}, false, "Display total file sizes if the type is container")
+	cmd.Require(flag.Min, 1)
+
+	cmd.ParseFlags(args, true)
+
+	if *inspectType != "" && *inspectType != "container" && *inspectType != "image" {
+		return fmt.Errorf("%q is not a valid value for --type", *inspectType)
+	}
+
+	var elementSearcher inspectSearcher
+	switch *inspectType {
+	case "container":
+		elementSearcher = cli.inspectContainers(*size)
+	case "image":
+		elementSearcher = cli.inspectImages(*size)
+	default:
+		elementSearcher = cli.inspectAll(*size)
+	}
+
+	return cli.inspectElements(*tmplStr, cmd.Args(), elementSearcher)
+}
+
+func (cli *DockerCli) inspectContainers(getSize bool) inspectSearcher {
+	return func(ref string) (interface{}, []byte, error) {
+		return cli.client.ContainerInspectWithRaw(context.Background(), ref, getSize)
+	}
+}
+
+func (cli *DockerCli) inspectImages(getSize bool) inspectSearcher {
+	return func(ref string) (interface{}, []byte, error) {
+		return cli.client.ImageInspectWithRaw(context.Background(), ref, getSize)
+	}
+}
+
+func (cli *DockerCli) inspectAll(getSize bool) inspectSearcher {
+	return func(ref string) (interface{}, []byte, error) {
+		c, rawContainer, err := cli.client.ContainerInspectWithRaw(context.Background(), ref, getSize)
+		if err != nil {
+			// Search for image with that id if a container doesn't exist.
+			if client.IsErrContainerNotFound(err) {
+				i, rawImage, err := cli.client.ImageInspectWithRaw(context.Background(), ref, getSize)
+				if err != nil {
+					if client.IsErrImageNotFound(err) {
+						return nil, nil, fmt.Errorf("Error: No such image or container: %s", ref)
+					}
+					return nil, nil, err
+				}
+				return i, rawImage, err
+			}
+			return nil, nil, err
+		}
+		return c, rawContainer, err
+	}
+}
+
+type inspectSearcher func(ref string) (interface{}, []byte, error)
+
+func (cli *DockerCli) inspectElements(tmplStr string, references []string, searchByReference inspectSearcher) error {
+	elementInspector, err := cli.newInspectorWithTemplate(tmplStr)
+	if err != nil {
+		return Cli.StatusError{StatusCode: 64, Status: err.Error()}
+	}
+
+	var inspectErr error
+	for _, ref := range references {
+		element, raw, err := searchByReference(ref)
+		if err != nil {
+			inspectErr = err
+			break
+		}
+
+		if err := elementInspector.Inspect(element, raw); err != nil {
+			inspectErr = err
+			break
+		}
+	}
+
+	if err := elementInspector.Flush(); err != nil {
+		cli.inspectErrorStatus(err)
+	}
+
+	if status := cli.inspectErrorStatus(inspectErr); status != 0 {
+		return Cli.StatusError{StatusCode: status}
+	}
+	return nil
+}
+
+func (cli *DockerCli) inspectErrorStatus(err error) (status int) {
+	if err != nil {
+		fmt.Fprintf(cli.err, "%s\n", err)
+		status = 1
+	}
+	return
+}
+
+func (cli *DockerCli) newInspectorWithTemplate(tmplStr string) (inspect.Inspector, error) {
+	elementInspector := inspect.NewIndentedInspector(cli.out)
+	if tmplStr != "" {
+		tmpl, err := templates.Parse(tmplStr)
+		if err != nil {
+			return nil, fmt.Errorf("Template parsing error: %s", err)
+		}
+		elementInspector = inspect.NewTemplateInspector(cli.out, tmpl)
+	}
+	return elementInspector, nil
+}
diff --git a/api/client/inspect/inspector.go b/api/client/inspect/inspector.go
new file mode 100644
index 00000000..a1d16d47
--- /dev/null
+++ b/api/client/inspect/inspector.go
@@ -0,0 +1,119 @@
+package inspect
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"text/template"
+)
+
+// Inspector defines an interface to implement to process elements
+type Inspector interface {
+	Inspect(typedElement interface{}, rawElement []byte) error
+	Flush() error
+}
+
+// TemplateInspector uses a text template to inspect elements.
+type TemplateInspector struct {
+	outputStream io.Writer
+	buffer       *bytes.Buffer
+	tmpl         *template.Template
+}
+
+// NewTemplateInspector creates a new inspector with a template.
+func NewTemplateInspector(outputStream io.Writer, tmpl *template.Template) Inspector {
+	return &TemplateInspector{
+		outputStream: outputStream,
+		buffer:       new(bytes.Buffer),
+		tmpl:         tmpl,
+	}
+}
+
+// Inspect executes the inspect template.
+// It decodes the raw element into a map if the initial execution fails.
+// This allows docker cli to parse inspect structs injected with Swarm fields.
+func (i *TemplateInspector) Inspect(typedElement interface{}, rawElement []byte) error {
+	buffer := new(bytes.Buffer)
+	if err := i.tmpl.Execute(buffer, typedElement); err != nil {
+		if rawElement == nil {
+			return fmt.Errorf("Template parsing error: %v", err)
+		}
+		return i.tryRawInspectFallback(rawElement, err)
+	}
+	i.buffer.Write(buffer.Bytes())
+	i.buffer.WriteByte('\n')
+	return nil
+}
+
+// Flush write the result of inspecting all elements into the output stream.
+func (i *TemplateInspector) Flush() error {
+	if i.buffer.Len() == 0 {
+		_, err := io.WriteString(i.outputStream, "\n")
+		return err
+	}
+	_, err := io.Copy(i.outputStream, i.buffer)
+	return err
+}
+
+// IndentedInspector uses a buffer to stop the indented representation of an element.
+type IndentedInspector struct {
+	outputStream io.Writer
+	elements     []interface{}
+	rawElements  [][]byte
+}
+
+// NewIndentedInspector generates a new IndentedInspector.
+func NewIndentedInspector(outputStream io.Writer) Inspector {
+	return &IndentedInspector{
+		outputStream: outputStream,
+	}
+}
+
+// Inspect writes the raw element with an indented json format.
+func (i *IndentedInspector) Inspect(typedElement interface{}, rawElement []byte) error {
+	if rawElement != nil {
+		i.rawElements = append(i.rawElements, rawElement)
+	} else {
+		i.elements = append(i.elements, typedElement)
+	}
+	return nil
+}
+
+// Flush write the result of inspecting all elements into the output stream.
+func (i *IndentedInspector) Flush() error {
+	if len(i.elements) == 0 && len(i.rawElements) == 0 {
+		_, err := io.WriteString(i.outputStream, "[]\n")
+		return err
+	}
+
+	var buffer io.Reader
+	if len(i.rawElements) > 0 {
+		bytesBuffer := new(bytes.Buffer)
+		bytesBuffer.WriteString("[")
+		for idx, r := range i.rawElements {
+			bytesBuffer.Write(r)
+			if idx < len(i.rawElements)-1 {
+				bytesBuffer.WriteString(",")
+			}
+		}
+		bytesBuffer.WriteString("]")
+		indented := new(bytes.Buffer)
+		if err := json.Indent(indented, bytesBuffer.Bytes(), "", "    "); err != nil {
+			return err
+		}
+		buffer = indented
+	} else {
+		b, err := json.MarshalIndent(i.elements, "", "    ")
+		if err != nil {
+			return err
+		}
+		buffer = bytes.NewReader(b)
+	}
+
+	if _, err := io.Copy(i.outputStream, buffer); err != nil {
+		return err
+	}
+	_, err := io.WriteString(i.outputStream, "\n")
+	return err
+}
diff --git a/api/client/inspect/inspector_go14.go b/api/client/inspect/inspector_go14.go
new file mode 100644
index 00000000..39a0510c
--- /dev/null
+++ b/api/client/inspect/inspector_go14.go
@@ -0,0 +1,40 @@
+// +build !go1.5
+
+package inspect
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"strings"
+)
+
+// tryeRawInspectFallback executes the inspect template with a raw interface.
+// This allows docker cli to parse inspect structs injected with Swarm fields.
+// Unfortunately, go 1.4 doesn't fail executing invalid templates when the input is an interface.
+// It doesn't allow to modify this behavior either, sending <no value> messages to the output.
+// We assume that the template is invalid when there is a <no value>, if the template was valid
+// we'd get <nil> or "" values. In that case we fail with the original error raised executing the
+// template with the typed input.
+func (i *TemplateInspector) tryRawInspectFallback(rawElement []byte, originalErr error) error {
+	var raw interface{}
+	buffer := new(bytes.Buffer)
+	rdr := bytes.NewReader(rawElement)
+	dec := json.NewDecoder(rdr)
+
+	if rawErr := dec.Decode(&raw); rawErr != nil {
+		return fmt.Errorf("unable to read inspect data: %v", rawErr)
+	}
+
+	if rawErr := i.tmpl.Execute(buffer, raw); rawErr != nil {
+		return fmt.Errorf("Template parsing error: %v", rawErr)
+	}
+
+	if strings.Contains(buffer.String(), "<no value>") {
+		return fmt.Errorf("Template parsing error: %v", originalErr)
+	}
+
+	i.buffer.Write(buffer.Bytes())
+	i.buffer.WriteByte('\n')
+	return nil
+}
diff --git a/api/client/inspect/inspector_go15.go b/api/client/inspect/inspector_go15.go
new file mode 100644
index 00000000..b098f415
--- /dev/null
+++ b/api/client/inspect/inspector_go15.go
@@ -0,0 +1,29 @@
+// +build go1.5
+
+package inspect
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+)
+
+func (i *TemplateInspector) tryRawInspectFallback(rawElement []byte, _ error) error {
+	var raw interface{}
+	buffer := new(bytes.Buffer)
+	rdr := bytes.NewReader(rawElement)
+	dec := json.NewDecoder(rdr)
+
+	if rawErr := dec.Decode(&raw); rawErr != nil {
+		return fmt.Errorf("unable to read inspect data: %v", rawErr)
+	}
+
+	tmplMissingKey := i.tmpl.Option("missingkey=error")
+	if rawErr := tmplMissingKey.Execute(buffer, raw); rawErr != nil {
+		return fmt.Errorf("Template parsing error: %v", rawErr)
+	}
+
+	i.buffer.Write(buffer.Bytes())
+	i.buffer.WriteByte('\n')
+	return nil
+}
diff --git a/api/client/inspect/inspector_test.go b/api/client/inspect/inspector_test.go
new file mode 100644
index 00000000..1ce1593a
--- /dev/null
+++ b/api/client/inspect/inspector_test.go
@@ -0,0 +1,221 @@
+package inspect
+
+import (
+	"bytes"
+	"strings"
+	"testing"
+
+	"github.com/docker/docker/utils/templates"
+)
+
+type testElement struct {
+	DNS string `json:"Dns"`
+}
+
+func TestTemplateInspectorDefault(t *testing.T) {
+	b := new(bytes.Buffer)
+	tmpl, err := templates.Parse("{{.DNS}}")
+	if err != nil {
+		t.Fatal(err)
+	}
+	i := NewTemplateInspector(b, tmpl)
+	if err := i.Inspect(testElement{"0.0.0.0"}, nil); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := i.Flush(); err != nil {
+		t.Fatal(err)
+	}
+	if b.String() != "0.0.0.0\n" {
+		t.Fatalf("Expected `0.0.0.0\\n`, got `%s`", b.String())
+	}
+}
+
+func TestTemplateInspectorEmpty(t *testing.T) {
+	b := new(bytes.Buffer)
+	tmpl, err := templates.Parse("{{.DNS}}")
+	if err != nil {
+		t.Fatal(err)
+	}
+	i := NewTemplateInspector(b, tmpl)
+
+	if err := i.Flush(); err != nil {
+		t.Fatal(err)
+	}
+	if b.String() != "\n" {
+		t.Fatalf("Expected `\\n`, got `%s`", b.String())
+	}
+}
+
+func TestTemplateInspectorTemplateError(t *testing.T) {
+	b := new(bytes.Buffer)
+	tmpl, err := templates.Parse("{{.Foo}}")
+	if err != nil {
+		t.Fatal(err)
+	}
+	i := NewTemplateInspector(b, tmpl)
+
+	err = i.Inspect(testElement{"0.0.0.0"}, nil)
+	if err == nil {
+		t.Fatal("Expected error got nil")
+	}
+
+	if !strings.HasPrefix(err.Error(), "Template parsing error") {
+		t.Fatalf("Expected template error, got %v", err)
+	}
+}
+
+func TestTemplateInspectorRawFallback(t *testing.T) {
+	b := new(bytes.Buffer)
+	tmpl, err := templates.Parse("{{.Dns}}")
+	if err != nil {
+		t.Fatal(err)
+	}
+	i := NewTemplateInspector(b, tmpl)
+	if err := i.Inspect(testElement{"0.0.0.0"}, []byte(`{"Dns": "0.0.0.0"}`)); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := i.Flush(); err != nil {
+		t.Fatal(err)
+	}
+	if b.String() != "0.0.0.0\n" {
+		t.Fatalf("Expected `0.0.0.0\\n`, got `%s`", b.String())
+	}
+}
+
+func TestTemplateInspectorRawFallbackError(t *testing.T) {
+	b := new(bytes.Buffer)
+	tmpl, err := templates.Parse("{{.Dns}}")
+	if err != nil {
+		t.Fatal(err)
+	}
+	i := NewTemplateInspector(b, tmpl)
+	err = i.Inspect(testElement{"0.0.0.0"}, []byte(`{"Foo": "0.0.0.0"}`))
+	if err == nil {
+		t.Fatal("Expected error got nil")
+	}
+
+	if !strings.HasPrefix(err.Error(), "Template parsing error") {
+		t.Fatalf("Expected template error, got %v", err)
+	}
+}
+
+func TestTemplateInspectorMultiple(t *testing.T) {
+	b := new(bytes.Buffer)
+	tmpl, err := templates.Parse("{{.DNS}}")
+	if err != nil {
+		t.Fatal(err)
+	}
+	i := NewTemplateInspector(b, tmpl)
+
+	if err := i.Inspect(testElement{"0.0.0.0"}, nil); err != nil {
+		t.Fatal(err)
+	}
+	if err := i.Inspect(testElement{"1.1.1.1"}, nil); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := i.Flush(); err != nil {
+		t.Fatal(err)
+	}
+	if b.String() != "0.0.0.0\n1.1.1.1\n" {
+		t.Fatalf("Expected `0.0.0.0\\n1.1.1.1\\n`, got `%s`", b.String())
+	}
+}
+
+func TestIndentedInspectorDefault(t *testing.T) {
+	b := new(bytes.Buffer)
+	i := NewIndentedInspector(b)
+	if err := i.Inspect(testElement{"0.0.0.0"}, nil); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := i.Flush(); err != nil {
+		t.Fatal(err)
+	}
+
+	expected := `[
+    {
+        "Dns": "0.0.0.0"
+    }
+]
+`
+	if b.String() != expected {
+		t.Fatalf("Expected `%s`, got `%s`", expected, b.String())
+	}
+}
+
+func TestIndentedInspectorMultiple(t *testing.T) {
+	b := new(bytes.Buffer)
+	i := NewIndentedInspector(b)
+	if err := i.Inspect(testElement{"0.0.0.0"}, nil); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := i.Inspect(testElement{"1.1.1.1"}, nil); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := i.Flush(); err != nil {
+		t.Fatal(err)
+	}
+
+	expected := `[
+    {
+        "Dns": "0.0.0.0"
+    },
+    {
+        "Dns": "1.1.1.1"
+    }
+]
+`
+	if b.String() != expected {
+		t.Fatalf("Expected `%s`, got `%s`", expected, b.String())
+	}
+}
+
+func TestIndentedInspectorEmpty(t *testing.T) {
+	b := new(bytes.Buffer)
+	i := NewIndentedInspector(b)
+
+	if err := i.Flush(); err != nil {
+		t.Fatal(err)
+	}
+
+	expected := "[]\n"
+	if b.String() != expected {
+		t.Fatalf("Expected `%s`, got `%s`", expected, b.String())
+	}
+}
+
+func TestIndentedInspectorRawElements(t *testing.T) {
+	b := new(bytes.Buffer)
+	i := NewIndentedInspector(b)
+	if err := i.Inspect(testElement{"0.0.0.0"}, []byte(`{"Dns": "0.0.0.0", "Node": "0"}`)); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := i.Inspect(testElement{"1.1.1.1"}, []byte(`{"Dns": "1.1.1.1", "Node": "1"}`)); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := i.Flush(); err != nil {
+		t.Fatal(err)
+	}
+
+	expected := `[
+    {
+        "Dns": "0.0.0.0",
+        "Node": "0"
+    },
+    {
+        "Dns": "1.1.1.1",
+        "Node": "1"
+    }
+]
+`
+	if b.String() != expected {
+		t.Fatalf("Expected `%s`, got `%s`", expected, b.String())
+	}
+}
diff --git a/api/client/kill.go b/api/client/kill.go
new file mode 100644
index 00000000..9841ba4d
--- /dev/null
+++ b/api/client/kill.go
@@ -0,0 +1,35 @@
+package client
+
+import (
+	"fmt"
+	"strings"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+)
+
+// CmdKill kills one or more running container using SIGKILL or a specified signal.
+//
+// Usage: docker kill [OPTIONS] CONTAINER [CONTAINER...]
+func (cli *DockerCli) CmdKill(args ...string) error {
+	cmd := Cli.Subcmd("kill", []string{"CONTAINER [CONTAINER...]"}, Cli.DockerCommands["kill"].Description, true)
+	signal := cmd.String([]string{"s", "-signal"}, "KILL", "Signal to send to the container")
+	cmd.Require(flag.Min, 1)
+
+	cmd.ParseFlags(args, true)
+
+	var errs []string
+	for _, name := range cmd.Args() {
+		if err := cli.client.ContainerKill(context.Background(), name, *signal); err != nil {
+			errs = append(errs, err.Error())
+		} else {
+			fmt.Fprintf(cli.out, "%s\n", name)
+		}
+	}
+	if len(errs) > 0 {
+		return fmt.Errorf("%s", strings.Join(errs, "\n"))
+	}
+	return nil
+}
diff --git a/api/client/load.go b/api/client/load.go
new file mode 100644
index 00000000..820fdc0e
--- /dev/null
+++ b/api/client/load.go
@@ -0,0 +1,50 @@
+package client
+
+import (
+	"io"
+	"os"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/docker/pkg/jsonmessage"
+	flag "github.com/docker/docker/pkg/mflag"
+)
+
+// CmdLoad loads an image from a tar archive.
+//
+// The tar archive is read from STDIN by default, or from a tar archive file.
+//
+// Usage: docker load [OPTIONS]
+func (cli *DockerCli) CmdLoad(args ...string) error {
+	cmd := Cli.Subcmd("load", nil, Cli.DockerCommands["load"].Description, true)
+	infile := cmd.String([]string{"i", "-input"}, "", "Read from a tar archive file, instead of STDIN")
+	quiet := cmd.Bool([]string{"q", "-quiet"}, false, "Suppress the load output")
+	cmd.Require(flag.Exact, 0)
+	cmd.ParseFlags(args, true)
+
+	var input io.Reader = cli.in
+	if *infile != "" {
+		file, err := os.Open(*infile)
+		if err != nil {
+			return err
+		}
+		defer file.Close()
+		input = file
+	}
+	if !cli.isTerminalOut {
+		*quiet = true
+	}
+	response, err := cli.client.ImageLoad(context.Background(), input, *quiet)
+	if err != nil {
+		return err
+	}
+	defer response.Body.Close()
+
+	if response.Body != nil && response.JSON {
+		return jsonmessage.DisplayJSONMessagesStream(response.Body, cli.out, cli.outFd, cli.isTerminalOut, nil)
+	}
+
+	_, err = io.Copy(cli.out, response.Body)
+	return err
+}
diff --git a/api/client/login.go b/api/client/login.go
new file mode 100644
index 00000000..a772348c
--- /dev/null
+++ b/api/client/login.go
@@ -0,0 +1,177 @@
+package client
+
+import (
+	"bufio"
+	"fmt"
+	"io"
+	"os"
+	"runtime"
+	"strings"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/docker/cliconfig"
+	"github.com/docker/docker/cliconfig/credentials"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/pkg/term"
+	"github.com/docker/engine-api/types"
+)
+
+// CmdLogin logs in a user to a Docker registry service.
+//
+// If no server is specified, the user will be logged into or registered to the registry's index server.
+//
+// Usage: docker login SERVER
+func (cli *DockerCli) CmdLogin(args ...string) error {
+	cmd := Cli.Subcmd("login", []string{"[SERVER]"}, Cli.DockerCommands["login"].Description+".\nIf no server is specified, the default is defined by the daemon.", true)
+	cmd.Require(flag.Max, 1)
+
+	flUser := cmd.String([]string{"u", "-username"}, "", "Username")
+	flPassword := cmd.String([]string{"p", "-password"}, "", "Password")
+
+	// Deprecated in 1.11: Should be removed in docker 1.13
+	cmd.String([]string{"#e", "#-email"}, "", "Email")
+
+	cmd.ParseFlags(args, true)
+
+	// On Windows, force the use of the regular OS stdin stream. Fixes #14336/#14210
+	if runtime.GOOS == "windows" {
+		cli.in = os.Stdin
+	}
+
+	var serverAddress string
+	var isDefaultRegistry bool
+	if len(cmd.Args()) > 0 {
+		serverAddress = cmd.Arg(0)
+	} else {
+		serverAddress = cli.electAuthServer()
+		isDefaultRegistry = true
+	}
+
+	authConfig, err := cli.configureAuth(*flUser, *flPassword, serverAddress, isDefaultRegistry)
+	if err != nil {
+		return err
+	}
+
+	response, err := cli.client.RegistryLogin(context.Background(), authConfig)
+	if err != nil {
+		return err
+	}
+
+	if response.IdentityToken != "" {
+		authConfig.Password = ""
+		authConfig.IdentityToken = response.IdentityToken
+	}
+	if err := storeCredentials(cli.configFile, authConfig); err != nil {
+		return fmt.Errorf("Error saving credentials: %v", err)
+	}
+
+	if response.Status != "" {
+		fmt.Fprintln(cli.out, response.Status)
+	}
+	return nil
+}
+
+func (cli *DockerCli) promptWithDefault(prompt string, configDefault string) {
+	if configDefault == "" {
+		fmt.Fprintf(cli.out, "%s: ", prompt)
+	} else {
+		fmt.Fprintf(cli.out, "%s (%s): ", prompt, configDefault)
+	}
+}
+
+func (cli *DockerCli) configureAuth(flUser, flPassword, serverAddress string, isDefaultRegistry bool) (types.AuthConfig, error) {
+	authconfig, err := getCredentials(cli.configFile, serverAddress)
+	if err != nil {
+		return authconfig, err
+	}
+
+	authconfig.Username = strings.TrimSpace(authconfig.Username)
+
+	if flUser = strings.TrimSpace(flUser); flUser == "" {
+		if isDefaultRegistry {
+			// if this is a defauly registry (docker hub), then display the following message.
+			fmt.Fprintln(cli.out, "Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.")
+		}
+		cli.promptWithDefault("Username", authconfig.Username)
+		flUser = readInput(cli.in, cli.out)
+		flUser = strings.TrimSpace(flUser)
+		if flUser == "" {
+			flUser = authconfig.Username
+		}
+	}
+
+	if flUser == "" {
+		return authconfig, fmt.Errorf("Error: Non-null Username Required")
+	}
+
+	if flPassword == "" {
+		oldState, err := term.SaveState(cli.inFd)
+		if err != nil {
+			return authconfig, err
+		}
+		fmt.Fprintf(cli.out, "Password: ")
+		term.DisableEcho(cli.inFd, oldState)
+
+		flPassword = readInput(cli.in, cli.out)
+		fmt.Fprint(cli.out, "\n")
+
+		term.RestoreTerminal(cli.inFd, oldState)
+		if flPassword == "" {
+			return authconfig, fmt.Errorf("Error: Password Required")
+		}
+	}
+
+	authconfig.Username = flUser
+	authconfig.Password = flPassword
+	authconfig.ServerAddress = serverAddress
+	authconfig.IdentityToken = ""
+
+	return authconfig, nil
+}
+
+func readInput(in io.Reader, out io.Writer) string {
+	reader := bufio.NewReader(in)
+	line, _, err := reader.ReadLine()
+	if err != nil {
+		fmt.Fprintln(out, err.Error())
+		os.Exit(1)
+	}
+	return string(line)
+}
+
+// getCredentials loads the user credentials from a credentials store.
+// The store is determined by the config file settings.
+func getCredentials(c *cliconfig.ConfigFile, serverAddress string) (types.AuthConfig, error) {
+	s := loadCredentialsStore(c)
+	return s.Get(serverAddress)
+}
+
+func getAllCredentials(c *cliconfig.ConfigFile) (map[string]types.AuthConfig, error) {
+	s := loadCredentialsStore(c)
+	return s.GetAll()
+}
+
+// storeCredentials saves the user credentials in a credentials store.
+// The store is determined by the config file settings.
+func storeCredentials(c *cliconfig.ConfigFile, auth types.AuthConfig) error {
+	s := loadCredentialsStore(c)
+	return s.Store(auth)
+}
+
+// eraseCredentials removes the user credentials from a credentials store.
+// The store is determined by the config file settings.
+func eraseCredentials(c *cliconfig.ConfigFile, serverAddress string) error {
+	s := loadCredentialsStore(c)
+	return s.Erase(serverAddress)
+}
+
+// loadCredentialsStore initializes a new credentials store based
+// in the settings provided in the configuration file.
+func loadCredentialsStore(c *cliconfig.ConfigFile) credentials.Store {
+	if c.CredentialsStore != "" {
+		return credentials.NewNativeStore(c)
+	}
+	return credentials.NewFileStore(c)
+}
diff --git a/api/client/logout.go b/api/client/logout.go
new file mode 100644
index 00000000..b5ff59dd
--- /dev/null
+++ b/api/client/logout.go
@@ -0,0 +1,41 @@
+package client
+
+import (
+	"fmt"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+)
+
+// CmdLogout logs a user out from a Docker registry.
+//
+// If no server is specified, the user will be logged out from the registry's index server.
+//
+// Usage: docker logout [SERVER]
+func (cli *DockerCli) CmdLogout(args ...string) error {
+	cmd := Cli.Subcmd("logout", []string{"[SERVER]"}, Cli.DockerCommands["logout"].Description+".\nIf no server is specified, the default is defined by the daemon.", true)
+	cmd.Require(flag.Max, 1)
+
+	cmd.ParseFlags(args, true)
+
+	var serverAddress string
+	if len(cmd.Args()) > 0 {
+		serverAddress = cmd.Arg(0)
+	} else {
+		serverAddress = cli.electAuthServer()
+	}
+
+	// check if we're logged in based on the records in the config file
+	// which means it couldn't have user/pass cause they may be in the creds store
+	if _, ok := cli.configFile.AuthConfigs[serverAddress]; !ok {
+		fmt.Fprintf(cli.out, "Not logged in to %s\n", serverAddress)
+		return nil
+	}
+
+	fmt.Fprintf(cli.out, "Remove login credentials for %s\n", serverAddress)
+	if err := eraseCredentials(cli.configFile, serverAddress); err != nil {
+		fmt.Fprintf(cli.out, "WARNING: could not erase credentials: %v\n", err)
+	}
+
+	return nil
+}
diff --git a/api/client/logs.go b/api/client/logs.go
new file mode 100644
index 00000000..7cd5605e
--- /dev/null
+++ b/api/client/logs.go
@@ -0,0 +1,65 @@
+package client
+
+import (
+	"fmt"
+	"io"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/pkg/stdcopy"
+	"github.com/docker/engine-api/types"
+)
+
+var validDrivers = map[string]bool{
+	"json-file": true,
+	"journald":  true,
+}
+
+// CmdLogs fetches the logs of a given container.
+//
+// docker logs [OPTIONS] CONTAINER
+func (cli *DockerCli) CmdLogs(args ...string) error {
+	cmd := Cli.Subcmd("logs", []string{"CONTAINER"}, Cli.DockerCommands["logs"].Description, true)
+	follow := cmd.Bool([]string{"f", "-follow"}, false, "Follow log output")
+	since := cmd.String([]string{"-since"}, "", "Show logs since timestamp")
+	times := cmd.Bool([]string{"t", "-timestamps"}, false, "Show timestamps")
+	tail := cmd.String([]string{"-tail"}, "all", "Number of lines to show from the end of the logs")
+	cmd.Require(flag.Exact, 1)
+
+	cmd.ParseFlags(args, true)
+
+	name := cmd.Arg(0)
+
+	c, err := cli.client.ContainerInspect(context.Background(), name)
+	if err != nil {
+		return err
+	}
+
+	if !validDrivers[c.HostConfig.LogConfig.Type] {
+		return fmt.Errorf("\"logs\" command is supported only for \"json-file\" and \"journald\" logging drivers (got: %s)", c.HostConfig.LogConfig.Type)
+	}
+
+	options := types.ContainerLogsOptions{
+		ContainerID: name,
+		ShowStdout:  true,
+		ShowStderr:  true,
+		Since:       *since,
+		Timestamps:  *times,
+		Follow:      *follow,
+		Tail:        *tail,
+	}
+	responseBody, err := cli.client.ContainerLogs(context.Background(), options)
+	if err != nil {
+		return err
+	}
+	defer responseBody.Close()
+
+	if c.Config.Tty {
+		_, err = io.Copy(cli.out, responseBody)
+	} else {
+		_, err = stdcopy.StdCopy(cli.out, cli.err, responseBody)
+	}
+	return err
+}
diff --git a/api/client/network.go b/api/client/network.go
new file mode 100644
index 00000000..4bbc7154
--- /dev/null
+++ b/api/client/network.go
@@ -0,0 +1,392 @@
+package client
+
+import (
+	"fmt"
+	"net"
+	"sort"
+	"strings"
+	"text/tabwriter"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/docker/opts"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/pkg/stringid"
+	runconfigopts "github.com/docker/docker/runconfig/opts"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/filters"
+	"github.com/docker/engine-api/types/network"
+)
+
+// CmdNetwork is the parent subcommand for all network commands
+//
+// Usage: docker network <COMMAND> [OPTIONS]
+func (cli *DockerCli) CmdNetwork(args ...string) error {
+	cmd := Cli.Subcmd("network", []string{"COMMAND [OPTIONS]"}, networkUsage(), false)
+	cmd.Require(flag.Min, 1)
+	err := cmd.ParseFlags(args, true)
+	cmd.Usage()
+	return err
+}
+
+// CmdNetworkCreate creates a new network with a given name
+//
+// Usage: docker network create [OPTIONS] <NETWORK-NAME>
+func (cli *DockerCli) CmdNetworkCreate(args ...string) error {
+	cmd := Cli.Subcmd("network create", []string{"NETWORK-NAME"}, "Creates a new network with a name specified by the user", false)
+	flDriver := cmd.String([]string{"d", "-driver"}, "bridge", "Driver to manage the Network")
+	flOpts := opts.NewMapOpts(nil, nil)
+
+	flIpamDriver := cmd.String([]string{"-ipam-driver"}, "default", "IP Address Management Driver")
+	flIpamSubnet := opts.NewListOpts(nil)
+	flIpamIPRange := opts.NewListOpts(nil)
+	flIpamGateway := opts.NewListOpts(nil)
+	flIpamAux := opts.NewMapOpts(nil, nil)
+	flIpamOpt := opts.NewMapOpts(nil, nil)
+	flLabels := opts.NewListOpts(nil)
+
+	cmd.Var(&flIpamSubnet, []string{"-subnet"}, "subnet in CIDR format that represents a network segment")
+	cmd.Var(&flIpamIPRange, []string{"-ip-range"}, "allocate container ip from a sub-range")
+	cmd.Var(&flIpamGateway, []string{"-gateway"}, "ipv4 or ipv6 Gateway for the master subnet")
+	cmd.Var(flIpamAux, []string{"-aux-address"}, "auxiliary ipv4 or ipv6 addresses used by Network driver")
+	cmd.Var(flOpts, []string{"o", "-opt"}, "set driver specific options")
+	cmd.Var(flIpamOpt, []string{"-ipam-opt"}, "set IPAM driver specific options")
+	cmd.Var(&flLabels, []string{"-label"}, "set metadata on a network")
+
+	flInternal := cmd.Bool([]string{"-internal"}, false, "restricts external access to the network")
+	flIPv6 := cmd.Bool([]string{"-ipv6"}, false, "enable IPv6 networking")
+
+	cmd.Require(flag.Exact, 1)
+	err := cmd.ParseFlags(args, true)
+	if err != nil {
+		return err
+	}
+
+	// Set the default driver to "" if the user didn't set the value.
+	// That way we can know whether it was user input or not.
+	driver := *flDriver
+	if !cmd.IsSet("-driver") && !cmd.IsSet("d") {
+		driver = ""
+	}
+
+	ipamCfg, err := consolidateIpam(flIpamSubnet.GetAll(), flIpamIPRange.GetAll(), flIpamGateway.GetAll(), flIpamAux.GetAll())
+	if err != nil {
+		return err
+	}
+
+	// Construct network create request body
+	nc := types.NetworkCreate{
+		Name:           cmd.Arg(0),
+		Driver:         driver,
+		IPAM:           network.IPAM{Driver: *flIpamDriver, Config: ipamCfg, Options: flIpamOpt.GetAll()},
+		Options:        flOpts.GetAll(),
+		CheckDuplicate: true,
+		Internal:       *flInternal,
+		EnableIPv6:     *flIPv6,
+		Labels:         runconfigopts.ConvertKVStringsToMap(flLabels.GetAll()),
+	}
+
+	resp, err := cli.client.NetworkCreate(context.Background(), nc)
+	if err != nil {
+		return err
+	}
+	fmt.Fprintf(cli.out, "%s\n", resp.ID)
+	return nil
+}
+
+// CmdNetworkRm deletes one or more networks
+//
+// Usage: docker network rm NETWORK-NAME|NETWORK-ID [NETWORK-NAME|NETWORK-ID...]
+func (cli *DockerCli) CmdNetworkRm(args ...string) error {
+	cmd := Cli.Subcmd("network rm", []string{"NETWORK [NETWORK...]"}, "Deletes one or more networks", false)
+	cmd.Require(flag.Min, 1)
+	if err := cmd.ParseFlags(args, true); err != nil {
+		return err
+	}
+
+	status := 0
+	for _, net := range cmd.Args() {
+		if err := cli.client.NetworkRemove(context.Background(), net); err != nil {
+			fmt.Fprintf(cli.err, "%s\n", err)
+			status = 1
+			continue
+		}
+	}
+	if status != 0 {
+		return Cli.StatusError{StatusCode: status}
+	}
+	return nil
+}
+
+// CmdNetworkConnect connects a container to a network
+//
+// Usage: docker network connect [OPTIONS] <NETWORK> <CONTAINER>
+func (cli *DockerCli) CmdNetworkConnect(args ...string) error {
+	cmd := Cli.Subcmd("network connect", []string{"NETWORK CONTAINER"}, "Connects a container to a network", false)
+	flIPAddress := cmd.String([]string{"-ip"}, "", "IP Address")
+	flIPv6Address := cmd.String([]string{"-ip6"}, "", "IPv6 Address")
+	flLinks := opts.NewListOpts(runconfigopts.ValidateLink)
+	cmd.Var(&flLinks, []string{"-link"}, "Add link to another container")
+	flAliases := opts.NewListOpts(nil)
+	cmd.Var(&flAliases, []string{"-alias"}, "Add network-scoped alias for the container")
+	cmd.Require(flag.Min, 2)
+	if err := cmd.ParseFlags(args, true); err != nil {
+		return err
+	}
+	epConfig := &network.EndpointSettings{
+		IPAMConfig: &network.EndpointIPAMConfig{
+			IPv4Address: *flIPAddress,
+			IPv6Address: *flIPv6Address,
+		},
+		Links:   flLinks.GetAll(),
+		Aliases: flAliases.GetAll(),
+	}
+	return cli.client.NetworkConnect(context.Background(), cmd.Arg(0), cmd.Arg(1), epConfig)
+}
+
+// CmdNetworkDisconnect disconnects a container from a network
+//
+// Usage: docker network disconnect <NETWORK> <CONTAINER>
+func (cli *DockerCli) CmdNetworkDisconnect(args ...string) error {
+	cmd := Cli.Subcmd("network disconnect", []string{"NETWORK CONTAINER"}, "Disconnects container from a network", false)
+	force := cmd.Bool([]string{"f", "-force"}, false, "Force the container to disconnect from a network")
+	cmd.Require(flag.Exact, 2)
+	if err := cmd.ParseFlags(args, true); err != nil {
+		return err
+	}
+
+	return cli.client.NetworkDisconnect(context.Background(), cmd.Arg(0), cmd.Arg(1), *force)
+}
+
+// CmdNetworkLs lists all the networks managed by docker daemon
+//
+// Usage: docker network ls [OPTIONS]
+func (cli *DockerCli) CmdNetworkLs(args ...string) error {
+	cmd := Cli.Subcmd("network ls", nil, "Lists networks", true)
+	quiet := cmd.Bool([]string{"q", "-quiet"}, false, "Only display numeric IDs")
+	noTrunc := cmd.Bool([]string{"-no-trunc"}, false, "Do not truncate the output")
+
+	flFilter := opts.NewListOpts(nil)
+	cmd.Var(&flFilter, []string{"f", "-filter"}, "Filter output based on conditions provided")
+
+	cmd.Require(flag.Exact, 0)
+	err := cmd.ParseFlags(args, true)
+	if err != nil {
+		return err
+	}
+
+	// Consolidate all filter flags, and sanity check them early.
+	// They'll get process after get response from server.
+	netFilterArgs := filters.NewArgs()
+	for _, f := range flFilter.GetAll() {
+		if netFilterArgs, err = filters.ParseFlag(f, netFilterArgs); err != nil {
+			return err
+		}
+	}
+
+	options := types.NetworkListOptions{
+		Filters: netFilterArgs,
+	}
+
+	networkResources, err := cli.client.NetworkList(context.Background(), options)
+	if err != nil {
+		return err
+	}
+
+	wr := tabwriter.NewWriter(cli.out, 20, 1, 3, ' ', 0)
+
+	// unless quiet (-q) is specified, print field titles
+	if !*quiet {
+		fmt.Fprintln(wr, "NETWORK ID\tNAME\tDRIVER")
+	}
+	sort.Sort(byNetworkName(networkResources))
+	for _, networkResource := range networkResources {
+		ID := networkResource.ID
+		netName := networkResource.Name
+		if !*noTrunc {
+			ID = stringid.TruncateID(ID)
+		}
+		if *quiet {
+			fmt.Fprintln(wr, ID)
+			continue
+		}
+		driver := networkResource.Driver
+		fmt.Fprintf(wr, "%s\t%s\t%s\t",
+			ID,
+			netName,
+			driver)
+		fmt.Fprint(wr, "\n")
+	}
+	wr.Flush()
+	return nil
+}
+
+type byNetworkName []types.NetworkResource
+
+func (r byNetworkName) Len() int           { return len(r) }
+func (r byNetworkName) Swap(i, j int)      { r[i], r[j] = r[j], r[i] }
+func (r byNetworkName) Less(i, j int) bool { return r[i].Name < r[j].Name }
+
+// CmdNetworkInspect inspects the network object for more details
+//
+// Usage: docker network inspect [OPTIONS] <NETWORK> [NETWORK...]
+func (cli *DockerCli) CmdNetworkInspect(args ...string) error {
+	cmd := Cli.Subcmd("network inspect", []string{"NETWORK [NETWORK...]"}, "Displays detailed information on one or more networks", false)
+	tmplStr := cmd.String([]string{"f", "-format"}, "", "Format the output using the given go template")
+	cmd.Require(flag.Min, 1)
+
+	if err := cmd.ParseFlags(args, true); err != nil {
+		return err
+	}
+
+	inspectSearcher := func(name string) (interface{}, []byte, error) {
+		i, err := cli.client.NetworkInspect(context.Background(), name)
+		return i, nil, err
+	}
+
+	return cli.inspectElements(*tmplStr, cmd.Args(), inspectSearcher)
+}
+
+// Consolidates the ipam configuration as a group from different related configurations
+// user can configure network with multiple non-overlapping subnets and hence it is
+// possible to correlate the various related parameters and consolidate them.
+// consoidateIpam consolidates subnets, ip-ranges, gateways and auxiliary addresses into
+// structured ipam data.
+func consolidateIpam(subnets, ranges, gateways []string, auxaddrs map[string]string) ([]network.IPAMConfig, error) {
+	if len(subnets) < len(ranges) || len(subnets) < len(gateways) {
+		return nil, fmt.Errorf("every ip-range or gateway must have a corresponding subnet")
+	}
+	iData := map[string]*network.IPAMConfig{}
+
+	// Populate non-overlapping subnets into consolidation map
+	for _, s := range subnets {
+		for k := range iData {
+			ok1, err := subnetMatches(s, k)
+			if err != nil {
+				return nil, err
+			}
+			ok2, err := subnetMatches(k, s)
+			if err != nil {
+				return nil, err
+			}
+			if ok1 || ok2 {
+				return nil, fmt.Errorf("multiple overlapping subnet configuration is not supported")
+			}
+		}
+		iData[s] = &network.IPAMConfig{Subnet: s, AuxAddress: map[string]string{}}
+	}
+
+	// Validate and add valid ip ranges
+	for _, r := range ranges {
+		match := false
+		for _, s := range subnets {
+			ok, err := subnetMatches(s, r)
+			if err != nil {
+				return nil, err
+			}
+			if !ok {
+				continue
+			}
+			if iData[s].IPRange != "" {
+				return nil, fmt.Errorf("cannot configure multiple ranges (%s, %s) on the same subnet (%s)", r, iData[s].IPRange, s)
+			}
+			d := iData[s]
+			d.IPRange = r
+			match = true
+		}
+		if !match {
+			return nil, fmt.Errorf("no matching subnet for range %s", r)
+		}
+	}
+
+	// Validate and add valid gateways
+	for _, g := range gateways {
+		match := false
+		for _, s := range subnets {
+			ok, err := subnetMatches(s, g)
+			if err != nil {
+				return nil, err
+			}
+			if !ok {
+				continue
+			}
+			if iData[s].Gateway != "" {
+				return nil, fmt.Errorf("cannot configure multiple gateways (%s, %s) for the same subnet (%s)", g, iData[s].Gateway, s)
+			}
+			d := iData[s]
+			d.Gateway = g
+			match = true
+		}
+		if !match {
+			return nil, fmt.Errorf("no matching subnet for gateway %s", g)
+		}
+	}
+
+	// Validate and add aux-addresses
+	for key, aa := range auxaddrs {
+		match := false
+		for _, s := range subnets {
+			ok, err := subnetMatches(s, aa)
+			if err != nil {
+				return nil, err
+			}
+			if !ok {
+				continue
+			}
+			iData[s].AuxAddress[key] = aa
+			match = true
+		}
+		if !match {
+			return nil, fmt.Errorf("no matching subnet for aux-address %s", aa)
+		}
+	}
+
+	idl := []network.IPAMConfig{}
+	for _, v := range iData {
+		idl = append(idl, *v)
+	}
+	return idl, nil
+}
+
+func subnetMatches(subnet, data string) (bool, error) {
+	var (
+		ip net.IP
+	)
+
+	_, s, err := net.ParseCIDR(subnet)
+	if err != nil {
+		return false, fmt.Errorf("Invalid subnet %s : %v", s, err)
+	}
+
+	if strings.Contains(data, "/") {
+		ip, _, err = net.ParseCIDR(data)
+		if err != nil {
+			return false, fmt.Errorf("Invalid cidr %s : %v", data, err)
+		}
+	} else {
+		ip = net.ParseIP(data)
+	}
+
+	return s.Contains(ip), nil
+}
+
+func networkUsage() string {
+	networkCommands := map[string]string{
+		"create":     "Create a network",
+		"connect":    "Connect container to a network",
+		"disconnect": "Disconnect container from a network",
+		"inspect":    "Display detailed network information",
+		"ls":         "List all networks",
+		"rm":         "Remove a network",
+	}
+
+	help := "Commands:\n"
+
+	for cmd, description := range networkCommands {
+		help += fmt.Sprintf("  %-25.25s%s\n", cmd, description)
+	}
+
+	help += fmt.Sprintf("\nRun 'docker network COMMAND --help' for more information on a command.")
+	return help
+}
diff --git a/api/client/pause.go b/api/client/pause.go
new file mode 100644
index 00000000..ffba1c9a
--- /dev/null
+++ b/api/client/pause.go
@@ -0,0 +1,34 @@
+package client
+
+import (
+	"fmt"
+	"strings"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+)
+
+// CmdPause pauses all processes within one or more containers.
+//
+// Usage: docker pause CONTAINER [CONTAINER...]
+func (cli *DockerCli) CmdPause(args ...string) error {
+	cmd := Cli.Subcmd("pause", []string{"CONTAINER [CONTAINER...]"}, Cli.DockerCommands["pause"].Description, true)
+	cmd.Require(flag.Min, 1)
+
+	cmd.ParseFlags(args, true)
+
+	var errs []string
+	for _, name := range cmd.Args() {
+		if err := cli.client.ContainerPause(context.Background(), name); err != nil {
+			errs = append(errs, err.Error())
+		} else {
+			fmt.Fprintf(cli.out, "%s\n", name)
+		}
+	}
+	if len(errs) > 0 {
+		return fmt.Errorf("%s", strings.Join(errs, "\n"))
+	}
+	return nil
+}
diff --git a/api/client/port.go b/api/client/port.go
new file mode 100644
index 00000000..9b545f56
--- /dev/null
+++ b/api/client/port.go
@@ -0,0 +1,61 @@
+package client
+
+import (
+	"fmt"
+	"strings"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/go-connections/nat"
+)
+
+// CmdPort lists port mappings for a container.
+// If a private port is specified, it also shows the public-facing port that is NATed to the private port.
+//
+// Usage: docker port CONTAINER [PRIVATE_PORT[/PROTO]]
+func (cli *DockerCli) CmdPort(args ...string) error {
+	cmd := Cli.Subcmd("port", []string{"CONTAINER [PRIVATE_PORT[/PROTO]]"}, Cli.DockerCommands["port"].Description, true)
+	cmd.Require(flag.Min, 1)
+
+	cmd.ParseFlags(args, true)
+
+	c, err := cli.client.ContainerInspect(context.Background(), cmd.Arg(0))
+	if err != nil {
+		return err
+	}
+
+	if cmd.NArg() == 2 {
+		var (
+			port  = cmd.Arg(1)
+			proto = "tcp"
+			parts = strings.SplitN(port, "/", 2)
+		)
+
+		if len(parts) == 2 && len(parts[1]) != 0 {
+			port = parts[0]
+			proto = parts[1]
+		}
+		natPort := port + "/" + proto
+		newP, err := nat.NewPort(proto, port)
+		if err != nil {
+			return err
+		}
+		if frontends, exists := c.NetworkSettings.Ports[newP]; exists && frontends != nil {
+			for _, frontend := range frontends {
+				fmt.Fprintf(cli.out, "%s:%s\n", frontend.HostIP, frontend.HostPort)
+			}
+			return nil
+		}
+		return fmt.Errorf("Error: No public port '%s' published for %s", natPort, cmd.Arg(0))
+	}
+
+	for from, frontends := range c.NetworkSettings.Ports {
+		for _, frontend := range frontends {
+			fmt.Fprintf(cli.out, "%s -> %s:%s\n", from, frontend.HostIP, frontend.HostPort)
+		}
+	}
+
+	return nil
+}
diff --git a/api/client/ps.go b/api/client/ps.go
new file mode 100644
index 00000000..3627ffc1
--- /dev/null
+++ b/api/client/ps.go
@@ -0,0 +1,89 @@
+package client
+
+import (
+	"golang.org/x/net/context"
+
+	"github.com/docker/docker/api/client/formatter"
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/docker/opts"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/filters"
+)
+
+// CmdPs outputs a list of Docker containers.
+//
+// Usage: docker ps [OPTIONS]
+func (cli *DockerCli) CmdPs(args ...string) error {
+	var (
+		err error
+
+		psFilterArgs = filters.NewArgs()
+
+		cmd      = Cli.Subcmd("ps", nil, Cli.DockerCommands["ps"].Description, true)
+		quiet    = cmd.Bool([]string{"q", "-quiet"}, false, "Only display numeric IDs")
+		size     = cmd.Bool([]string{"s", "-size"}, false, "Display total file sizes")
+		all      = cmd.Bool([]string{"a", "-all"}, false, "Show all containers (default shows just running)")
+		noTrunc  = cmd.Bool([]string{"-no-trunc"}, false, "Don't truncate output")
+		nLatest  = cmd.Bool([]string{"l", "-latest"}, false, "Show the latest created container (includes all states)")
+		since    = cmd.String([]string{"#-since"}, "", "Show containers created since Id or Name (includes all states)")
+		before   = cmd.String([]string{"#-before"}, "", "Only show containers created before Id or Name")
+		last     = cmd.Int([]string{"n"}, -1, "Show n last created containers (includes all states)")
+		format   = cmd.String([]string{"-format"}, "", "Pretty-print containers using a Go template")
+		flFilter = opts.NewListOpts(nil)
+	)
+	cmd.Require(flag.Exact, 0)
+
+	cmd.Var(&flFilter, []string{"f", "-filter"}, "Filter output based on conditions provided")
+
+	cmd.ParseFlags(args, true)
+	if *last == -1 && *nLatest {
+		*last = 1
+	}
+
+	// Consolidate all filter flags, and sanity check them.
+	// They'll get processed in the daemon/server.
+	for _, f := range flFilter.GetAll() {
+		if psFilterArgs, err = filters.ParseFlag(f, psFilterArgs); err != nil {
+			return err
+		}
+	}
+
+	options := types.ContainerListOptions{
+		All:    *all,
+		Limit:  *last,
+		Since:  *since,
+		Before: *before,
+		Size:   *size,
+		Filter: psFilterArgs,
+	}
+
+	containers, err := cli.client.ContainerList(context.Background(), options)
+	if err != nil {
+		return err
+	}
+
+	f := *format
+	if len(f) == 0 {
+		if len(cli.PsFormat()) > 0 && !*quiet {
+			f = cli.PsFormat()
+		} else {
+			f = "table"
+		}
+	}
+
+	psCtx := formatter.ContainerContext{
+		Context: formatter.Context{
+			Output: cli.out,
+			Format: f,
+			Quiet:  *quiet,
+			Trunc:  !*noTrunc,
+		},
+		Size:       *size,
+		Containers: containers,
+	}
+
+	psCtx.Write()
+
+	return nil
+}
diff --git a/api/client/pull.go b/api/client/pull.go
new file mode 100644
index 00000000..29d9677e
--- /dev/null
+++ b/api/client/pull.go
@@ -0,0 +1,89 @@
+package client
+
+import (
+	"errors"
+	"fmt"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/docker/pkg/jsonmessage"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/reference"
+	"github.com/docker/docker/registry"
+	"github.com/docker/engine-api/client"
+	"github.com/docker/engine-api/types"
+)
+
+// CmdPull pulls an image or a repository from the registry.
+//
+// Usage: docker pull [OPTIONS] IMAGENAME[:TAG|@DIGEST]
+func (cli *DockerCli) CmdPull(args ...string) error {
+	cmd := Cli.Subcmd("pull", []string{"NAME[:TAG|@DIGEST]"}, Cli.DockerCommands["pull"].Description, true)
+	allTags := cmd.Bool([]string{"a", "-all-tags"}, false, "Download all tagged images in the repository")
+	addTrustedFlags(cmd, true)
+	cmd.Require(flag.Exact, 1)
+
+	cmd.ParseFlags(args, true)
+	remote := cmd.Arg(0)
+
+	distributionRef, err := reference.ParseNamed(remote)
+	if err != nil {
+		return err
+	}
+	if *allTags && !reference.IsNameOnly(distributionRef) {
+		return errors.New("tag can't be used with --all-tags/-a")
+	}
+
+	if !*allTags && reference.IsNameOnly(distributionRef) {
+		distributionRef = reference.WithDefaultTag(distributionRef)
+		fmt.Fprintf(cli.out, "Using default tag: %s\n", reference.DefaultTag)
+	}
+
+	var tag string
+	switch x := distributionRef.(type) {
+	case reference.Canonical:
+		tag = x.Digest().String()
+	case reference.NamedTagged:
+		tag = x.Tag()
+	}
+
+	ref := registry.ParseReference(tag)
+
+	// Resolve the Repository name from fqn to RepositoryInfo
+	repoInfo, err := registry.ParseRepositoryInfo(distributionRef)
+	if err != nil {
+		return err
+	}
+
+	authConfig := cli.resolveAuthConfig(repoInfo.Index)
+	requestPrivilege := cli.registryAuthenticationPrivilegedFunc(repoInfo.Index, "pull")
+
+	if isTrusted() && !ref.HasDigest() {
+		// Check if tag is digest
+		return cli.trustedPull(repoInfo, ref, authConfig, requestPrivilege)
+	}
+
+	return cli.imagePullPrivileged(authConfig, distributionRef.String(), "", requestPrivilege)
+}
+
+func (cli *DockerCli) imagePullPrivileged(authConfig types.AuthConfig, imageID, tag string, requestPrivilege client.RequestPrivilegeFunc) error {
+
+	encodedAuth, err := encodeAuthToBase64(authConfig)
+	if err != nil {
+		return err
+	}
+	options := types.ImagePullOptions{
+		ImageID:      imageID,
+		Tag:          tag,
+		RegistryAuth: encodedAuth,
+	}
+
+	responseBody, err := cli.client.ImagePull(context.Background(), options, requestPrivilege)
+	if err != nil {
+		return err
+	}
+	defer responseBody.Close()
+
+	return jsonmessage.DisplayJSONMessagesStream(responseBody, cli.out, cli.outFd, cli.isTerminalOut, nil)
+}
diff --git a/api/client/push.go b/api/client/push.go
new file mode 100644
index 00000000..29f26c46
--- /dev/null
+++ b/api/client/push.go
@@ -0,0 +1,76 @@
+package client
+
+import (
+	"errors"
+	"io"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/docker/pkg/jsonmessage"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/reference"
+	"github.com/docker/docker/registry"
+	"github.com/docker/engine-api/client"
+	"github.com/docker/engine-api/types"
+)
+
+// CmdPush pushes an image or repository to the registry.
+//
+// Usage: docker push NAME[:TAG]
+func (cli *DockerCli) CmdPush(args ...string) error {
+	cmd := Cli.Subcmd("push", []string{"NAME[:TAG]"}, Cli.DockerCommands["push"].Description, true)
+	addTrustedFlags(cmd, false)
+	cmd.Require(flag.Exact, 1)
+
+	cmd.ParseFlags(args, true)
+
+	ref, err := reference.ParseNamed(cmd.Arg(0))
+	if err != nil {
+		return err
+	}
+
+	var tag string
+	switch x := ref.(type) {
+	case reference.Canonical:
+		return errors.New("cannot push a digest reference")
+	case reference.NamedTagged:
+		tag = x.Tag()
+	}
+
+	// Resolve the Repository name from fqn to RepositoryInfo
+	repoInfo, err := registry.ParseRepositoryInfo(ref)
+	if err != nil {
+		return err
+	}
+	// Resolve the Auth config relevant for this server
+	authConfig := cli.resolveAuthConfig(repoInfo.Index)
+
+	requestPrivilege := cli.registryAuthenticationPrivilegedFunc(repoInfo.Index, "push")
+	if isTrusted() {
+		return cli.trustedPush(repoInfo, tag, authConfig, requestPrivilege)
+	}
+
+	responseBody, err := cli.imagePushPrivileged(authConfig, ref.Name(), tag, requestPrivilege)
+	if err != nil {
+		return err
+	}
+
+	defer responseBody.Close()
+
+	return jsonmessage.DisplayJSONMessagesStream(responseBody, cli.out, cli.outFd, cli.isTerminalOut, nil)
+}
+
+func (cli *DockerCli) imagePushPrivileged(authConfig types.AuthConfig, imageID, tag string, requestPrivilege client.RequestPrivilegeFunc) (io.ReadCloser, error) {
+	encodedAuth, err := encodeAuthToBase64(authConfig)
+	if err != nil {
+		return nil, err
+	}
+	options := types.ImagePushOptions{
+		ImageID:      imageID,
+		Tag:          tag,
+		RegistryAuth: encodedAuth,
+	}
+
+	return cli.client.ImagePush(context.Background(), options, requestPrivilege)
+}
diff --git a/api/client/rename.go b/api/client/rename.go
new file mode 100644
index 00000000..68369881
--- /dev/null
+++ b/api/client/rename.go
@@ -0,0 +1,34 @@
+package client
+
+import (
+	"fmt"
+	"strings"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+)
+
+// CmdRename renames a container.
+//
+// Usage: docker rename OLD_NAME NEW_NAME
+func (cli *DockerCli) CmdRename(args ...string) error {
+	cmd := Cli.Subcmd("rename", []string{"OLD_NAME NEW_NAME"}, Cli.DockerCommands["rename"].Description, true)
+	cmd.Require(flag.Exact, 2)
+
+	cmd.ParseFlags(args, true)
+
+	oldName := strings.TrimSpace(cmd.Arg(0))
+	newName := strings.TrimSpace(cmd.Arg(1))
+
+	if oldName == "" || newName == "" {
+		return fmt.Errorf("Error: Neither old nor new names may be empty")
+	}
+
+	if err := cli.client.ContainerRename(context.Background(), oldName, newName); err != nil {
+		fmt.Fprintf(cli.err, "%s\n", err)
+		return fmt.Errorf("Error: failed to rename container named %s", oldName)
+	}
+	return nil
+}
diff --git a/api/client/restart.go b/api/client/restart.go
new file mode 100644
index 00000000..c0a04bd1
--- /dev/null
+++ b/api/client/restart.go
@@ -0,0 +1,35 @@
+package client
+
+import (
+	"fmt"
+	"strings"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+)
+
+// CmdRestart restarts one or more containers.
+//
+// Usage: docker restart [OPTIONS] CONTAINER [CONTAINER...]
+func (cli *DockerCli) CmdRestart(args ...string) error {
+	cmd := Cli.Subcmd("restart", []string{"CONTAINER [CONTAINER...]"}, Cli.DockerCommands["restart"].Description, true)
+	nSeconds := cmd.Int([]string{"t", "-time"}, 10, "Seconds to wait for stop before killing the container")
+	cmd.Require(flag.Min, 1)
+
+	cmd.ParseFlags(args, true)
+
+	var errs []string
+	for _, name := range cmd.Args() {
+		if err := cli.client.ContainerRestart(context.Background(), name, *nSeconds); err != nil {
+			errs = append(errs, err.Error())
+		} else {
+			fmt.Fprintf(cli.out, "%s\n", name)
+		}
+	}
+	if len(errs) > 0 {
+		return fmt.Errorf("%s", strings.Join(errs, "\n"))
+	}
+	return nil
+}
diff --git a/api/client/rm.go b/api/client/rm.go
new file mode 100644
index 00000000..c252b1f7
--- /dev/null
+++ b/api/client/rm.go
@@ -0,0 +1,56 @@
+package client
+
+import (
+	"fmt"
+	"strings"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/engine-api/types"
+)
+
+// CmdRm removes one or more containers.
+//
+// Usage: docker rm [OPTIONS] CONTAINER [CONTAINER...]
+func (cli *DockerCli) CmdRm(args ...string) error {
+	cmd := Cli.Subcmd("rm", []string{"CONTAINER [CONTAINER...]"}, Cli.DockerCommands["rm"].Description, true)
+	v := cmd.Bool([]string{"v", "-volumes"}, false, "Remove the volumes associated with the container")
+	link := cmd.Bool([]string{"l", "-link"}, false, "Remove the specified link")
+	force := cmd.Bool([]string{"f", "-force"}, false, "Force the removal of a running container (uses SIGKILL)")
+	cmd.Require(flag.Min, 1)
+
+	cmd.ParseFlags(args, true)
+
+	var errs []string
+	for _, name := range cmd.Args() {
+		if name == "" {
+			return fmt.Errorf("Container name cannot be empty")
+		}
+		name = strings.Trim(name, "/")
+
+		if err := cli.removeContainer(name, *v, *link, *force); err != nil {
+			errs = append(errs, err.Error())
+		} else {
+			fmt.Fprintf(cli.out, "%s\n", name)
+		}
+	}
+	if len(errs) > 0 {
+		return fmt.Errorf("%s", strings.Join(errs, "\n"))
+	}
+	return nil
+}
+
+func (cli *DockerCli) removeContainer(containerID string, removeVolumes, removeLinks, force bool) error {
+	options := types.ContainerRemoveOptions{
+		ContainerID:   containerID,
+		RemoveVolumes: removeVolumes,
+		RemoveLinks:   removeLinks,
+		Force:         force,
+	}
+	if err := cli.client.ContainerRemove(context.Background(), options); err != nil {
+		return err
+	}
+	return nil
+}
diff --git a/api/client/rmi.go b/api/client/rmi.go
new file mode 100644
index 00000000..ac1b41db
--- /dev/null
+++ b/api/client/rmi.go
@@ -0,0 +1,59 @@
+package client
+
+import (
+	"fmt"
+	"net/url"
+	"strings"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/engine-api/types"
+)
+
+// CmdRmi removes all images with the specified name(s).
+//
+// Usage: docker rmi [OPTIONS] IMAGE [IMAGE...]
+func (cli *DockerCli) CmdRmi(args ...string) error {
+	cmd := Cli.Subcmd("rmi", []string{"IMAGE [IMAGE...]"}, Cli.DockerCommands["rmi"].Description, true)
+	force := cmd.Bool([]string{"f", "-force"}, false, "Force removal of the image")
+	noprune := cmd.Bool([]string{"-no-prune"}, false, "Do not delete untagged parents")
+	cmd.Require(flag.Min, 1)
+
+	cmd.ParseFlags(args, true)
+
+	v := url.Values{}
+	if *force {
+		v.Set("force", "1")
+	}
+	if *noprune {
+		v.Set("noprune", "1")
+	}
+
+	var errs []string
+	for _, name := range cmd.Args() {
+		options := types.ImageRemoveOptions{
+			ImageID:       name,
+			Force:         *force,
+			PruneChildren: !*noprune,
+		}
+
+		dels, err := cli.client.ImageRemove(context.Background(), options)
+		if err != nil {
+			errs = append(errs, err.Error())
+		} else {
+			for _, del := range dels {
+				if del.Deleted != "" {
+					fmt.Fprintf(cli.out, "Deleted: %s\n", del.Deleted)
+				} else {
+					fmt.Fprintf(cli.out, "Untagged: %s\n", del.Untagged)
+				}
+			}
+		}
+	}
+	if len(errs) > 0 {
+		return fmt.Errorf("%s", strings.Join(errs, "\n"))
+	}
+	return nil
+}
diff --git a/api/client/run.go b/api/client/run.go
new file mode 100644
index 00000000..2e832310
--- /dev/null
+++ b/api/client/run.go
@@ -0,0 +1,287 @@
+package client
+
+import (
+	"fmt"
+	"io"
+	"os"
+	"runtime"
+	"strings"
+
+	"golang.org/x/net/context"
+
+	"github.com/Sirupsen/logrus"
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/docker/opts"
+	"github.com/docker/docker/pkg/promise"
+	"github.com/docker/docker/pkg/signal"
+	runconfigopts "github.com/docker/docker/runconfig/opts"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/libnetwork/resolvconf/dns"
+)
+
+const (
+	errCmdNotFound          = "not found or does not exist."
+	errCmdCouldNotBeInvoked = "could not be invoked."
+)
+
+func (cid *cidFile) Close() error {
+	cid.file.Close()
+
+	if !cid.written {
+		if err := os.Remove(cid.path); err != nil {
+			return fmt.Errorf("failed to remove the CID file '%s': %s \n", cid.path, err)
+		}
+	}
+
+	return nil
+}
+
+func (cid *cidFile) Write(id string) error {
+	if _, err := cid.file.Write([]byte(id)); err != nil {
+		return fmt.Errorf("Failed to write the container ID to the file: %s", err)
+	}
+	cid.written = true
+	return nil
+}
+
+// if container start fails with 'command not found' error, return 127
+// if container start fails with 'command cannot be invoked' error, return 126
+// return 125 for generic docker daemon failures
+func runStartContainerErr(err error) error {
+	trimmedErr := strings.Trim(err.Error(), "Error response from daemon: ")
+	statusError := Cli.StatusError{StatusCode: 125}
+
+	if strings.HasPrefix(trimmedErr, "Container command") {
+		if strings.Contains(trimmedErr, errCmdNotFound) {
+			statusError = Cli.StatusError{StatusCode: 127}
+		} else if strings.Contains(trimmedErr, errCmdCouldNotBeInvoked) {
+			statusError = Cli.StatusError{StatusCode: 126}
+		}
+	}
+
+	return statusError
+}
+
+// CmdRun runs a command in a new container.
+//
+// Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
+func (cli *DockerCli) CmdRun(args ...string) error {
+	cmd := Cli.Subcmd("run", []string{"IMAGE [COMMAND] [ARG...]"}, Cli.DockerCommands["run"].Description, true)
+	addTrustedFlags(cmd, true)
+
+	// These are flags not stored in Config/HostConfig
+	var (
+		flAutoRemove = cmd.Bool([]string{"-rm"}, false, "Automatically remove the container when it exits")
+		flDetach     = cmd.Bool([]string{"d", "-detach"}, false, "Run container in background and print container ID")
+		flSigProxy   = cmd.Bool([]string{"-sig-proxy"}, true, "Proxy received signals to the process")
+		flName       = cmd.String([]string{"-name"}, "", "Assign a name to the container")
+		flDetachKeys = cmd.String([]string{"-detach-keys"}, "", "Override the key sequence for detaching a container")
+		flAttach     *opts.ListOpts
+
+		ErrConflictAttachDetach               = fmt.Errorf("Conflicting options: -a and -d")
+		ErrConflictRestartPolicyAndAutoRemove = fmt.Errorf("Conflicting options: --restart and --rm")
+		ErrConflictDetachAutoRemove           = fmt.Errorf("Conflicting options: --rm and -d")
+	)
+
+	config, hostConfig, networkingConfig, cmd, err := runconfigopts.Parse(cmd, args)
+
+	// just in case the Parse does not exit
+	if err != nil {
+		cmd.ReportError(err.Error(), true)
+		os.Exit(125)
+	}
+
+	if hostConfig.OomKillDisable != nil && *hostConfig.OomKillDisable && hostConfig.Memory == 0 {
+		fmt.Fprintf(cli.err, "WARNING: Disabling the OOM killer on containers without setting a '-m/--memory' limit may be dangerous.\n")
+	}
+
+	if len(hostConfig.DNS) > 0 {
+		// check the DNS settings passed via --dns against
+		// localhost regexp to warn if they are trying to
+		// set a DNS to a localhost address
+		for _, dnsIP := range hostConfig.DNS {
+			if dns.IsLocalhost(dnsIP) {
+				fmt.Fprintf(cli.err, "WARNING: Localhost DNS setting (--dns=%s) may fail in containers.\n", dnsIP)
+				break
+			}
+		}
+	}
+	if config.Image == "" {
+		cmd.Usage()
+		return nil
+	}
+
+	config.ArgsEscaped = false
+
+	if !*flDetach {
+		if err := cli.CheckTtyInput(config.AttachStdin, config.Tty); err != nil {
+			return err
+		}
+	} else {
+		if fl := cmd.Lookup("-attach"); fl != nil {
+			flAttach = fl.Value.(*opts.ListOpts)
+			if flAttach.Len() != 0 {
+				return ErrConflictAttachDetach
+			}
+		}
+		if *flAutoRemove {
+			return ErrConflictDetachAutoRemove
+		}
+
+		config.AttachStdin = false
+		config.AttachStdout = false
+		config.AttachStderr = false
+		config.StdinOnce = false
+	}
+
+	// Disable flSigProxy when in TTY mode
+	sigProxy := *flSigProxy
+	if config.Tty {
+		sigProxy = false
+	}
+
+	// Telling the Windows daemon the initial size of the tty during start makes
+	// a far better user experience rather than relying on subsequent resizes
+	// to cause things to catch up.
+	if runtime.GOOS == "windows" {
+		hostConfig.ConsoleSize[0], hostConfig.ConsoleSize[1] = cli.getTtySize()
+	}
+
+	createResponse, err := cli.createContainer(config, hostConfig, networkingConfig, hostConfig.ContainerIDFile, *flName)
+	if err != nil {
+		cmd.ReportError(err.Error(), true)
+		return runStartContainerErr(err)
+	}
+	if sigProxy {
+		sigc := cli.forwardAllSignals(createResponse.ID)
+		defer signal.StopCatch(sigc)
+	}
+	var (
+		waitDisplayID chan struct{}
+		errCh         chan error
+	)
+	if !config.AttachStdout && !config.AttachStderr {
+		// Make this asynchronous to allow the client to write to stdin before having to read the ID
+		waitDisplayID = make(chan struct{})
+		go func() {
+			defer close(waitDisplayID)
+			fmt.Fprintf(cli.out, "%s\n", createResponse.ID)
+		}()
+	}
+	if *flAutoRemove && (hostConfig.RestartPolicy.IsAlways() || hostConfig.RestartPolicy.IsOnFailure()) {
+		return ErrConflictRestartPolicyAndAutoRemove
+	}
+
+	if config.AttachStdin || config.AttachStdout || config.AttachStderr {
+		var (
+			out, stderr io.Writer
+			in          io.ReadCloser
+		)
+		if config.AttachStdin {
+			in = cli.in
+		}
+		if config.AttachStdout {
+			out = cli.out
+		}
+		if config.AttachStderr {
+			if config.Tty {
+				stderr = cli.out
+			} else {
+				stderr = cli.err
+			}
+		}
+
+		if *flDetachKeys != "" {
+			cli.configFile.DetachKeys = *flDetachKeys
+		}
+
+		options := types.ContainerAttachOptions{
+			ContainerID: createResponse.ID,
+			Stream:      true,
+			Stdin:       config.AttachStdin,
+			Stdout:      config.AttachStdout,
+			Stderr:      config.AttachStderr,
+			DetachKeys:  cli.configFile.DetachKeys,
+		}
+
+		resp, err := cli.client.ContainerAttach(context.Background(), options)
+		if err != nil {
+			return err
+		}
+		if in != nil && config.Tty {
+			if err := cli.setRawTerminal(); err != nil {
+				return err
+			}
+			defer cli.restoreTerminal(in)
+		}
+		errCh = promise.Go(func() error {
+			return cli.holdHijackedConnection(config.Tty, in, out, stderr, resp)
+		})
+	}
+
+	if *flAutoRemove {
+		defer func() {
+			if err := cli.removeContainer(createResponse.ID, true, false, false); err != nil {
+				fmt.Fprintf(cli.err, "%v\n", err)
+			}
+		}()
+	}
+
+	//start the container
+	if err := cli.client.ContainerStart(context.Background(), createResponse.ID); err != nil {
+		cmd.ReportError(err.Error(), false)
+		return runStartContainerErr(err)
+	}
+
+	if (config.AttachStdin || config.AttachStdout || config.AttachStderr) && config.Tty && cli.isTerminalOut {
+		if err := cli.monitorTtySize(createResponse.ID, false); err != nil {
+			fmt.Fprintf(cli.err, "Error monitoring TTY size: %s\n", err)
+		}
+	}
+
+	if errCh != nil {
+		if err := <-errCh; err != nil {
+			logrus.Debugf("Error hijack: %s", err)
+			return err
+		}
+	}
+
+	// Detached mode: wait for the id to be displayed and return.
+	if !config.AttachStdout && !config.AttachStderr {
+		// Detached mode
+		<-waitDisplayID
+		return nil
+	}
+
+	var status int
+
+	// Attached mode
+	if *flAutoRemove {
+		// Autoremove: wait for the container to finish, retrieve
+		// the exit code and remove the container
+		if status, err = cli.client.ContainerWait(context.Background(), createResponse.ID); err != nil {
+			return runStartContainerErr(err)
+		}
+		if _, status, err = getExitCode(cli, createResponse.ID); err != nil {
+			return err
+		}
+	} else {
+		// No Autoremove: Simply retrieve the exit code
+		if !config.Tty {
+			// In non-TTY mode, we can't detach, so we must wait for container exit
+			if status, err = cli.client.ContainerWait(context.Background(), createResponse.ID); err != nil {
+				return err
+			}
+		} else {
+			// In TTY mode, there is a race: if the process dies too slowly, the state could
+			// be updated after the getExitCode call and result in the wrong exit code being reported
+			if _, status, err = getExitCode(cli, createResponse.ID); err != nil {
+				return err
+			}
+		}
+	}
+	if status != 0 {
+		return Cli.StatusError{StatusCode: status}
+	}
+	return nil
+}
diff --git a/api/client/save.go b/api/client/save.go
new file mode 100644
index 00000000..4aabf1bd
--- /dev/null
+++ b/api/client/save.go
@@ -0,0 +1,42 @@
+package client
+
+import (
+	"errors"
+	"io"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+)
+
+// CmdSave saves one or more images to a tar archive.
+//
+// The tar archive is written to STDOUT by default, or written to a file.
+//
+// Usage: docker save [OPTIONS] IMAGE [IMAGE...]
+func (cli *DockerCli) CmdSave(args ...string) error {
+	cmd := Cli.Subcmd("save", []string{"IMAGE [IMAGE...]"}, Cli.DockerCommands["save"].Description+" (streamed to STDOUT by default)", true)
+	outfile := cmd.String([]string{"o", "-output"}, "", "Write to a file, instead of STDOUT")
+	cmd.Require(flag.Min, 1)
+
+	cmd.ParseFlags(args, true)
+
+	if *outfile == "" && cli.isTerminalOut {
+		return errors.New("Cowardly refusing to save to a terminal. Use the -o flag or redirect.")
+	}
+
+	responseBody, err := cli.client.ImageSave(context.Background(), cmd.Args())
+	if err != nil {
+		return err
+	}
+	defer responseBody.Close()
+
+	if *outfile == "" {
+		_, err := io.Copy(cli.out, responseBody)
+		return err
+	}
+
+	return copyToFile(*outfile, responseBody)
+
+}
diff --git a/api/client/search.go b/api/client/search.go
new file mode 100644
index 00000000..82deb409
--- /dev/null
+++ b/api/client/search.go
@@ -0,0 +1,93 @@
+package client
+
+import (
+	"fmt"
+	"net/url"
+	"sort"
+	"strings"
+	"text/tabwriter"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/pkg/stringutils"
+	"github.com/docker/docker/registry"
+	"github.com/docker/engine-api/types"
+	registrytypes "github.com/docker/engine-api/types/registry"
+)
+
+// CmdSearch searches the Docker Hub for images.
+//
+// Usage: docker search [OPTIONS] TERM
+func (cli *DockerCli) CmdSearch(args ...string) error {
+	cmd := Cli.Subcmd("search", []string{"TERM"}, Cli.DockerCommands["search"].Description, true)
+	noTrunc := cmd.Bool([]string{"-no-trunc"}, false, "Don't truncate output")
+	automated := cmd.Bool([]string{"-automated"}, false, "Only show automated builds")
+	stars := cmd.Uint([]string{"s", "-stars"}, 0, "Only displays with at least x stars")
+	cmd.Require(flag.Exact, 1)
+
+	cmd.ParseFlags(args, true)
+
+	name := cmd.Arg(0)
+	v := url.Values{}
+	v.Set("term", name)
+
+	indexInfo, err := registry.ParseSearchIndexInfo(name)
+	if err != nil {
+		return err
+	}
+
+	authConfig := cli.resolveAuthConfig(indexInfo)
+	requestPrivilege := cli.registryAuthenticationPrivilegedFunc(indexInfo, "search")
+
+	encodedAuth, err := encodeAuthToBase64(authConfig)
+	if err != nil {
+		return err
+	}
+
+	options := types.ImageSearchOptions{
+		Term:         name,
+		RegistryAuth: encodedAuth,
+	}
+
+	unorderedResults, err := cli.client.ImageSearch(context.Background(), options, requestPrivilege)
+	if err != nil {
+		return err
+	}
+
+	results := searchResultsByStars(unorderedResults)
+	sort.Sort(results)
+
+	w := tabwriter.NewWriter(cli.out, 10, 1, 3, ' ', 0)
+	fmt.Fprintf(w, "NAME\tDESCRIPTION\tSTARS\tOFFICIAL\tAUTOMATED\n")
+	for _, res := range results {
+		if (*automated && !res.IsAutomated) || (int(*stars) > res.StarCount) {
+			continue
+		}
+		desc := strings.Replace(res.Description, "\n", " ", -1)
+		desc = strings.Replace(desc, "\r", " ", -1)
+		if !*noTrunc && len(desc) > 45 {
+			desc = stringutils.Truncate(desc, 42) + "..."
+		}
+		fmt.Fprintf(w, "%s\t%s\t%d\t", res.Name, desc, res.StarCount)
+		if res.IsOfficial {
+			fmt.Fprint(w, "[OK]")
+
+		}
+		fmt.Fprint(w, "\t")
+		if res.IsAutomated || res.IsTrusted {
+			fmt.Fprint(w, "[OK]")
+		}
+		fmt.Fprint(w, "\n")
+	}
+	w.Flush()
+	return nil
+}
+
+// SearchResultsByStars sorts search results in descending order by number of stars.
+type searchResultsByStars []registrytypes.SearchResult
+
+func (r searchResultsByStars) Len() int           { return len(r) }
+func (r searchResultsByStars) Swap(i, j int)      { r[i], r[j] = r[j], r[i] }
+func (r searchResultsByStars) Less(i, j int) bool { return r[j].StarCount < r[i].StarCount }
diff --git a/api/client/start.go b/api/client/start.go
new file mode 100644
index 00000000..1ff2845f
--- /dev/null
+++ b/api/client/start.go
@@ -0,0 +1,157 @@
+package client
+
+import (
+	"fmt"
+	"io"
+	"os"
+	"strings"
+
+	"golang.org/x/net/context"
+
+	"github.com/Sirupsen/logrus"
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/pkg/promise"
+	"github.com/docker/docker/pkg/signal"
+	"github.com/docker/engine-api/types"
+)
+
+func (cli *DockerCli) forwardAllSignals(cid string) chan os.Signal {
+	sigc := make(chan os.Signal, 128)
+	signal.CatchAll(sigc)
+	go func() {
+		for s := range sigc {
+			if s == signal.SIGCHLD || s == signal.SIGPIPE {
+				continue
+			}
+			var sig string
+			for sigStr, sigN := range signal.SignalMap {
+				if sigN == s {
+					sig = sigStr
+					break
+				}
+			}
+			if sig == "" {
+				fmt.Fprintf(cli.err, "Unsupported signal: %v. Discarding.\n", s)
+				continue
+			}
+
+			if err := cli.client.ContainerKill(context.Background(), cid, sig); err != nil {
+				logrus.Debugf("Error sending signal: %s", err)
+			}
+		}
+	}()
+	return sigc
+}
+
+// CmdStart starts one or more containers.
+//
+// Usage: docker start [OPTIONS] CONTAINER [CONTAINER...]
+func (cli *DockerCli) CmdStart(args ...string) error {
+	cmd := Cli.Subcmd("start", []string{"CONTAINER [CONTAINER...]"}, Cli.DockerCommands["start"].Description, true)
+	attach := cmd.Bool([]string{"a", "-attach"}, false, "Attach STDOUT/STDERR and forward signals")
+	openStdin := cmd.Bool([]string{"i", "-interactive"}, false, "Attach container's STDIN")
+	detachKeys := cmd.String([]string{"-detach-keys"}, "", "Override the key sequence for detaching a container")
+	cmd.Require(flag.Min, 1)
+
+	cmd.ParseFlags(args, true)
+
+	if *attach || *openStdin {
+		// We're going to attach to a container.
+		// 1. Ensure we only have one container.
+		if cmd.NArg() > 1 {
+			return fmt.Errorf("You cannot start and attach multiple containers at once.")
+		}
+
+		// 2. Attach to the container.
+		containerID := cmd.Arg(0)
+		c, err := cli.client.ContainerInspect(context.Background(), containerID)
+		if err != nil {
+			return err
+		}
+
+		if !c.Config.Tty {
+			sigc := cli.forwardAllSignals(containerID)
+			defer signal.StopCatch(sigc)
+		}
+
+		if *detachKeys != "" {
+			cli.configFile.DetachKeys = *detachKeys
+		}
+
+		options := types.ContainerAttachOptions{
+			ContainerID: containerID,
+			Stream:      true,
+			Stdin:       *openStdin && c.Config.OpenStdin,
+			Stdout:      true,
+			Stderr:      true,
+			DetachKeys:  cli.configFile.DetachKeys,
+		}
+
+		var in io.ReadCloser
+		if options.Stdin {
+			in = cli.in
+		}
+
+		resp, err := cli.client.ContainerAttach(context.Background(), options)
+		if err != nil {
+			return err
+		}
+		defer resp.Close()
+		if in != nil && c.Config.Tty {
+			if err := cli.setRawTerminal(); err != nil {
+				return err
+			}
+			defer cli.restoreTerminal(in)
+		}
+
+		cErr := promise.Go(func() error {
+			return cli.holdHijackedConnection(c.Config.Tty, in, cli.out, cli.err, resp)
+		})
+
+		// 3. Start the container.
+		if err := cli.client.ContainerStart(context.Background(), containerID); err != nil {
+			return err
+		}
+
+		// 4. Wait for attachment to break.
+		if c.Config.Tty && cli.isTerminalOut {
+			if err := cli.monitorTtySize(containerID, false); err != nil {
+				fmt.Fprintf(cli.err, "Error monitoring TTY size: %s\n", err)
+			}
+		}
+		if attchErr := <-cErr; attchErr != nil {
+			return attchErr
+		}
+		_, status, err := getExitCode(cli, containerID)
+		if err != nil {
+			return err
+		}
+		if status != 0 {
+			return Cli.StatusError{StatusCode: status}
+		}
+	} else {
+		// We're not going to attach to anything.
+		// Start as many containers as we want.
+		return cli.startContainersWithoutAttachments(cmd.Args())
+	}
+
+	return nil
+}
+
+func (cli *DockerCli) startContainersWithoutAttachments(containerIDs []string) error {
+	var failedContainers []string
+	for _, containerID := range containerIDs {
+		if err := cli.client.ContainerStart(context.Background(), containerID); err != nil {
+			fmt.Fprintf(cli.err, "%s\n", err)
+			failedContainers = append(failedContainers, containerID)
+		} else {
+			fmt.Fprintf(cli.out, "%s\n", containerID)
+		}
+	}
+
+	if len(failedContainers) > 0 {
+		return fmt.Errorf("Error: failed to start containers: %v", strings.Join(failedContainers, ", "))
+	}
+	return nil
+}
diff --git a/api/client/stats.go b/api/client/stats.go
new file mode 100644
index 00000000..b84ac3e0
--- /dev/null
+++ b/api/client/stats.go
@@ -0,0 +1,208 @@
+package client
+
+import (
+	"fmt"
+	"io"
+	"strings"
+	"sync"
+	"text/tabwriter"
+	"time"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/events"
+	"github.com/docker/engine-api/types/filters"
+)
+
+// CmdStats displays a live stream of resource usage statistics for one or more containers.
+//
+// This shows real-time information on CPU usage, memory usage, and network I/O.
+//
+// Usage: docker stats [OPTIONS] [CONTAINER...]
+func (cli *DockerCli) CmdStats(args ...string) error {
+	cmd := Cli.Subcmd("stats", []string{"[CONTAINER...]"}, Cli.DockerCommands["stats"].Description, true)
+	all := cmd.Bool([]string{"a", "-all"}, false, "Show all containers (default shows just running)")
+	noStream := cmd.Bool([]string{"-no-stream"}, false, "Disable streaming stats and only pull the first result")
+
+	cmd.ParseFlags(args, true)
+
+	names := cmd.Args()
+	showAll := len(names) == 0
+	closeChan := make(chan error)
+
+	// monitorContainerEvents watches for container creation and removal (only
+	// used when calling `docker stats` without arguments).
+	monitorContainerEvents := func(started chan<- struct{}, c chan events.Message) {
+		f := filters.NewArgs()
+		f.Add("type", "container")
+		options := types.EventsOptions{
+			Filters: f,
+		}
+		resBody, err := cli.client.Events(context.Background(), options)
+		// Whether we successfully subscribed to events or not, we can now
+		// unblock the main goroutine.
+		close(started)
+		if err != nil {
+			closeChan <- err
+			return
+		}
+		defer resBody.Close()
+
+		decodeEvents(resBody, func(event events.Message, err error) error {
+			if err != nil {
+				closeChan <- err
+				return nil
+			}
+			c <- event
+			return nil
+		})
+	}
+
+	// waitFirst is a WaitGroup to wait first stat data's reach for each container
+	waitFirst := &sync.WaitGroup{}
+
+	cStats := stats{}
+	// getContainerList simulates creation event for all previously existing
+	// containers (only used when calling `docker stats` without arguments).
+	getContainerList := func() {
+		options := types.ContainerListOptions{
+			All: *all,
+		}
+		cs, err := cli.client.ContainerList(context.Background(), options)
+		if err != nil {
+			closeChan <- err
+		}
+		for _, container := range cs {
+			s := &containerStats{Name: container.ID[:12]}
+			if cStats.add(s) {
+				waitFirst.Add(1)
+				go s.Collect(cli.client, !*noStream, waitFirst)
+			}
+		}
+	}
+
+	if showAll {
+		// If no names were specified, start a long running goroutine which
+		// monitors container events. We make sure we're subscribed before
+		// retrieving the list of running containers to avoid a race where we
+		// would "miss" a creation.
+		started := make(chan struct{})
+		eh := eventHandler{handlers: make(map[string]func(events.Message))}
+		eh.Handle("create", func(e events.Message) {
+			if *all {
+				s := &containerStats{Name: e.ID[:12]}
+				if cStats.add(s) {
+					waitFirst.Add(1)
+					go s.Collect(cli.client, !*noStream, waitFirst)
+				}
+			}
+		})
+
+		eh.Handle("start", func(e events.Message) {
+			s := &containerStats{Name: e.ID[:12]}
+			if cStats.add(s) {
+				waitFirst.Add(1)
+				go s.Collect(cli.client, !*noStream, waitFirst)
+			}
+		})
+
+		eh.Handle("die", func(e events.Message) {
+			if !*all {
+				cStats.remove(e.ID[:12])
+			}
+		})
+
+		eventChan := make(chan events.Message)
+		go eh.Watch(eventChan)
+		go monitorContainerEvents(started, eventChan)
+		defer close(eventChan)
+		<-started
+
+		// Start a short-lived goroutine to retrieve the initial list of
+		// containers.
+		getContainerList()
+	} else {
+		// Artificially send creation events for the containers we were asked to
+		// monitor (same code path than we use when monitoring all containers).
+		for _, name := range names {
+			s := &containerStats{Name: name}
+			if cStats.add(s) {
+				waitFirst.Add(1)
+				go s.Collect(cli.client, !*noStream, waitFirst)
+			}
+		}
+
+		// We don't expect any asynchronous errors: closeChan can be closed.
+		close(closeChan)
+
+		// Do a quick pause to detect any error with the provided list of
+		// container names.
+		time.Sleep(1500 * time.Millisecond)
+		var errs []string
+		cStats.mu.Lock()
+		for _, c := range cStats.cs {
+			c.mu.Lock()
+			if c.err != nil {
+				errs = append(errs, fmt.Sprintf("%s: %v", c.Name, c.err))
+			}
+			c.mu.Unlock()
+		}
+		cStats.mu.Unlock()
+		if len(errs) > 0 {
+			return fmt.Errorf("%s", strings.Join(errs, ", "))
+		}
+	}
+
+	// before print to screen, make sure each container get at least one valid stat data
+	waitFirst.Wait()
+
+	w := tabwriter.NewWriter(cli.out, 20, 1, 3, ' ', 0)
+	printHeader := func() {
+		if !*noStream {
+			fmt.Fprint(cli.out, "\033[2J")
+			fmt.Fprint(cli.out, "\033[H")
+		}
+		io.WriteString(w, "CONTAINER\tCPU %\tMEM USAGE / LIMIT\tMEM %\tNET I/O\tBLOCK I/O\tPIDS\n")
+	}
+
+	for range time.Tick(500 * time.Millisecond) {
+		printHeader()
+		toRemove := []int{}
+		cStats.mu.Lock()
+		for i, s := range cStats.cs {
+			if err := s.Display(w); err != nil && !*noStream {
+				toRemove = append(toRemove, i)
+			}
+		}
+		for j := len(toRemove) - 1; j >= 0; j-- {
+			i := toRemove[j]
+			cStats.cs = append(cStats.cs[:i], cStats.cs[i+1:]...)
+		}
+		if len(cStats.cs) == 0 && !showAll {
+			return nil
+		}
+		cStats.mu.Unlock()
+		w.Flush()
+		if *noStream {
+			break
+		}
+		select {
+		case err, ok := <-closeChan:
+			if ok {
+				if err != nil {
+					// this is suppressing "unexpected EOF" in the cli when the
+					// daemon restarts so it shutdowns cleanly
+					if err == io.ErrUnexpectedEOF {
+						return nil
+					}
+					return err
+				}
+			}
+		default:
+			// just skip
+		}
+	}
+	return nil
+}
diff --git a/api/client/stats_helpers.go b/api/client/stats_helpers.go
new file mode 100644
index 00000000..404c3ff1
--- /dev/null
+++ b/api/client/stats_helpers.go
@@ -0,0 +1,219 @@
+package client
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/docker/engine-api/client"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/go-units"
+	"golang.org/x/net/context"
+)
+
+type containerStats struct {
+	Name             string
+	CPUPercentage    float64
+	Memory           float64
+	MemoryLimit      float64
+	MemoryPercentage float64
+	NetworkRx        float64
+	NetworkTx        float64
+	BlockRead        float64
+	BlockWrite       float64
+	PidsCurrent      uint64
+	mu               sync.RWMutex
+	err              error
+}
+
+type stats struct {
+	mu sync.Mutex
+	cs []*containerStats
+}
+
+func (s *stats) add(cs *containerStats) bool {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	if _, exists := s.isKnownContainer(cs.Name); !exists {
+		s.cs = append(s.cs, cs)
+		return true
+	}
+	return false
+}
+
+func (s *stats) remove(id string) {
+	s.mu.Lock()
+	if i, exists := s.isKnownContainer(id); exists {
+		s.cs = append(s.cs[:i], s.cs[i+1:]...)
+	}
+	s.mu.Unlock()
+}
+
+func (s *stats) isKnownContainer(cid string) (int, bool) {
+	for i, c := range s.cs {
+		if c.Name == cid {
+			return i, true
+		}
+	}
+	return -1, false
+}
+
+func (s *containerStats) Collect(cli client.APIClient, streamStats bool, waitFirst *sync.WaitGroup) {
+	var (
+		getFirst       bool
+		previousCPU    uint64
+		previousSystem uint64
+		u              = make(chan error, 1)
+	)
+
+	defer func() {
+		// if error happens and we get nothing of stats, release wait group whatever
+		if !getFirst {
+			getFirst = true
+			waitFirst.Done()
+		}
+	}()
+
+	responseBody, err := cli.ContainerStats(context.Background(), s.Name, streamStats)
+	if err != nil {
+		s.mu.Lock()
+		s.err = err
+		s.mu.Unlock()
+		return
+	}
+	defer responseBody.Close()
+
+	dec := json.NewDecoder(responseBody)
+	go func() {
+		for {
+			var v *types.StatsJSON
+			if err := dec.Decode(&v); err != nil {
+				u <- err
+				return
+			}
+
+			var memPercent = 0.0
+			var cpuPercent = 0.0
+
+			// MemoryStats.Limit will never be 0 unless the container is not running and we haven't
+			// got any data from cgroup
+			if v.MemoryStats.Limit != 0 {
+				memPercent = float64(v.MemoryStats.Usage) / float64(v.MemoryStats.Limit) * 100.0
+			}
+
+			previousCPU = v.PreCPUStats.CPUUsage.TotalUsage
+			previousSystem = v.PreCPUStats.SystemUsage
+			cpuPercent = calculateCPUPercent(previousCPU, previousSystem, v)
+			blkRead, blkWrite := calculateBlockIO(v.BlkioStats)
+			s.mu.Lock()
+			s.CPUPercentage = cpuPercent
+			s.Memory = float64(v.MemoryStats.Usage)
+			s.MemoryLimit = float64(v.MemoryStats.Limit)
+			s.MemoryPercentage = memPercent
+			s.NetworkRx, s.NetworkTx = calculateNetwork(v.Networks)
+			s.BlockRead = float64(blkRead)
+			s.BlockWrite = float64(blkWrite)
+			s.PidsCurrent = v.PidsStats.Current
+			s.mu.Unlock()
+			u <- nil
+			if !streamStats {
+				return
+			}
+		}
+	}()
+	for {
+		select {
+		case <-time.After(2 * time.Second):
+			// zero out the values if we have not received an update within
+			// the specified duration.
+			s.mu.Lock()
+			s.CPUPercentage = 0
+			s.Memory = 0
+			s.MemoryPercentage = 0
+			s.MemoryLimit = 0
+			s.NetworkRx = 0
+			s.NetworkTx = 0
+			s.BlockRead = 0
+			s.BlockWrite = 0
+			s.PidsCurrent = 0
+			s.mu.Unlock()
+			// if this is the first stat you get, release WaitGroup
+			if !getFirst {
+				getFirst = true
+				waitFirst.Done()
+			}
+		case err := <-u:
+			if err != nil {
+				s.mu.Lock()
+				s.err = err
+				s.mu.Unlock()
+				return
+			}
+			// if this is the first stat you get, release WaitGroup
+			if !getFirst {
+				getFirst = true
+				waitFirst.Done()
+			}
+		}
+		if !streamStats {
+			return
+		}
+	}
+}
+
+func (s *containerStats) Display(w io.Writer) error {
+	s.mu.RLock()
+	defer s.mu.RUnlock()
+	if s.err != nil {
+		return s.err
+	}
+	fmt.Fprintf(w, "%s\t%.2f%%\t%s / %s\t%.2f%%\t%s / %s\t%s / %s\t%d\n",
+		s.Name,
+		s.CPUPercentage,
+		units.HumanSize(s.Memory), units.HumanSize(s.MemoryLimit),
+		s.MemoryPercentage,
+		units.HumanSize(s.NetworkRx), units.HumanSize(s.NetworkTx),
+		units.HumanSize(s.BlockRead), units.HumanSize(s.BlockWrite),
+		s.PidsCurrent)
+	return nil
+}
+
+func calculateCPUPercent(previousCPU, previousSystem uint64, v *types.StatsJSON) float64 {
+	var (
+		cpuPercent = 0.0
+		// calculate the change for the cpu usage of the container in between readings
+		cpuDelta = float64(v.CPUStats.CPUUsage.TotalUsage) - float64(previousCPU)
+		// calculate the change for the entire system between readings
+		systemDelta = float64(v.CPUStats.SystemUsage) - float64(previousSystem)
+	)
+
+	if systemDelta > 0.0 && cpuDelta > 0.0 {
+		cpuPercent = (cpuDelta / systemDelta) * float64(len(v.CPUStats.CPUUsage.PercpuUsage)) * 100.0
+	}
+	return cpuPercent
+}
+
+func calculateBlockIO(blkio types.BlkioStats) (blkRead uint64, blkWrite uint64) {
+	for _, bioEntry := range blkio.IoServiceBytesRecursive {
+		switch strings.ToLower(bioEntry.Op) {
+		case "read":
+			blkRead = blkRead + bioEntry.Value
+		case "write":
+			blkWrite = blkWrite + bioEntry.Value
+		}
+	}
+	return
+}
+
+func calculateNetwork(network map[string]types.NetworkStats) (float64, float64) {
+	var rx, tx float64
+
+	for _, v := range network {
+		rx += float64(v.RxBytes)
+		tx += float64(v.TxBytes)
+	}
+	return rx, tx
+}
diff --git a/api/client/stats_unit_test.go b/api/client/stats_unit_test.go
new file mode 100644
index 00000000..36081c57
--- /dev/null
+++ b/api/client/stats_unit_test.go
@@ -0,0 +1,47 @@
+package client
+
+import (
+	"bytes"
+	"sync"
+	"testing"
+
+	"github.com/docker/engine-api/types"
+)
+
+func TestDisplay(t *testing.T) {
+	c := &containerStats{
+		Name:             "app",
+		CPUPercentage:    30.0,
+		Memory:           100 * 1024 * 1024.0,
+		MemoryLimit:      2048 * 1024 * 1024.0,
+		MemoryPercentage: 100.0 / 2048.0 * 100.0,
+		NetworkRx:        100 * 1024 * 1024,
+		NetworkTx:        800 * 1024 * 1024,
+		BlockRead:        100 * 1024 * 1024,
+		BlockWrite:       800 * 1024 * 1024,
+		PidsCurrent:      1,
+		mu:               sync.RWMutex{},
+	}
+	var b bytes.Buffer
+	if err := c.Display(&b); err != nil {
+		t.Fatalf("c.Display() gave error: %s", err)
+	}
+	got := b.String()
+	want := "app\t30.00%\t104.9 MB / 2.147 GB\t4.88%\t104.9 MB / 838.9 MB\t104.9 MB / 838.9 MB\t1\n"
+	if got != want {
+		t.Fatalf("c.Display() = %q, want %q", got, want)
+	}
+}
+
+func TestCalculBlockIO(t *testing.T) {
+	blkio := types.BlkioStats{
+		IoServiceBytesRecursive: []types.BlkioStatEntry{{8, 0, "read", 1234}, {8, 1, "read", 4567}, {8, 0, "write", 123}, {8, 1, "write", 456}},
+	}
+	blkRead, blkWrite := calculateBlockIO(blkio)
+	if blkRead != 5801 {
+		t.Fatalf("blkRead = %d, want 5801", blkRead)
+	}
+	if blkWrite != 579 {
+		t.Fatalf("blkWrite = %d, want 579", blkWrite)
+	}
+}
diff --git a/api/client/stop.go b/api/client/stop.go
new file mode 100644
index 00000000..23d53447
--- /dev/null
+++ b/api/client/stop.go
@@ -0,0 +1,37 @@
+package client
+
+import (
+	"fmt"
+	"strings"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+)
+
+// CmdStop stops one or more containers.
+//
+// A running container is stopped by first sending SIGTERM and then SIGKILL if the container fails to stop within a grace period (the default is 10 seconds).
+//
+// Usage: docker stop [OPTIONS] CONTAINER [CONTAINER...]
+func (cli *DockerCli) CmdStop(args ...string) error {
+	cmd := Cli.Subcmd("stop", []string{"CONTAINER [CONTAINER...]"}, Cli.DockerCommands["stop"].Description+".\nSending SIGTERM and then SIGKILL after a grace period", true)
+	nSeconds := cmd.Int([]string{"t", "-time"}, 10, "Seconds to wait for stop before killing it")
+	cmd.Require(flag.Min, 1)
+
+	cmd.ParseFlags(args, true)
+
+	var errs []string
+	for _, name := range cmd.Args() {
+		if err := cli.client.ContainerStop(context.Background(), name, *nSeconds); err != nil {
+			errs = append(errs, err.Error())
+		} else {
+			fmt.Fprintf(cli.out, "%s\n", name)
+		}
+	}
+	if len(errs) > 0 {
+		return fmt.Errorf("%s", strings.Join(errs, "\n"))
+	}
+	return nil
+}
diff --git a/api/client/tag.go b/api/client/tag.go
new file mode 100644
index 00000000..1d87e437
--- /dev/null
+++ b/api/client/tag.go
@@ -0,0 +1,46 @@
+package client
+
+import (
+	"errors"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/reference"
+	"github.com/docker/engine-api/types"
+)
+
+// CmdTag tags an image into a repository.
+//
+// Usage: docker tag [OPTIONS] IMAGE[:TAG] [REGISTRYHOST/][USERNAME/]NAME[:TAG]
+func (cli *DockerCli) CmdTag(args ...string) error {
+	cmd := Cli.Subcmd("tag", []string{"IMAGE[:TAG] [REGISTRYHOST/][USERNAME/]NAME[:TAG]"}, Cli.DockerCommands["tag"].Description, true)
+	force := cmd.Bool([]string{"#f", "#-force"}, false, "Force the tagging even if there's a conflict")
+	cmd.Require(flag.Exact, 2)
+
+	cmd.ParseFlags(args, true)
+
+	ref, err := reference.ParseNamed(cmd.Arg(1))
+	if err != nil {
+		return err
+	}
+
+	if _, isCanonical := ref.(reference.Canonical); isCanonical {
+		return errors.New("refusing to create a tag with a digest reference")
+	}
+
+	var tag string
+	if tagged, isTagged := ref.(reference.NamedTagged); isTagged {
+		tag = tagged.Tag()
+	}
+
+	options := types.ImageTagOptions{
+		ImageID:        cmd.Arg(0),
+		RepositoryName: ref.Name(),
+		Tag:            tag,
+		Force:          *force,
+	}
+
+	return cli.client.ImageTag(context.Background(), options)
+}
diff --git a/api/client/top.go b/api/client/top.go
new file mode 100644
index 00000000..bb2ec46c
--- /dev/null
+++ b/api/client/top.go
@@ -0,0 +1,41 @@
+package client
+
+import (
+	"fmt"
+	"strings"
+	"text/tabwriter"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+)
+
+// CmdTop displays the running processes of a container.
+//
+// Usage: docker top CONTAINER
+func (cli *DockerCli) CmdTop(args ...string) error {
+	cmd := Cli.Subcmd("top", []string{"CONTAINER [ps OPTIONS]"}, Cli.DockerCommands["top"].Description, true)
+	cmd.Require(flag.Min, 1)
+
+	cmd.ParseFlags(args, true)
+
+	var arguments []string
+	if cmd.NArg() > 1 {
+		arguments = cmd.Args()[1:]
+	}
+
+	procList, err := cli.client.ContainerTop(context.Background(), cmd.Arg(0), arguments)
+	if err != nil {
+		return err
+	}
+
+	w := tabwriter.NewWriter(cli.out, 20, 1, 3, ' ', 0)
+	fmt.Fprintln(w, strings.Join(procList.Titles, "\t"))
+
+	for _, proc := range procList.Processes {
+		fmt.Fprintln(w, strings.Join(proc, "\t"))
+	}
+	w.Flush()
+	return nil
+}
diff --git a/api/client/trust.go b/api/client/trust.go
new file mode 100644
index 00000000..bf22d3a2
--- /dev/null
+++ b/api/client/trust.go
@@ -0,0 +1,559 @@
+package client
+
+import (
+	"encoding/hex"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"net"
+	"net/http"
+	"net/url"
+	"os"
+	"path"
+	"path/filepath"
+	"sort"
+	"strconv"
+	"time"
+
+	"golang.org/x/net/context"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/digest"
+	"github.com/docker/distribution/registry/client/auth"
+	"github.com/docker/distribution/registry/client/transport"
+	"github.com/docker/docker/cliconfig"
+	"github.com/docker/docker/distribution"
+	"github.com/docker/docker/pkg/jsonmessage"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/reference"
+	"github.com/docker/docker/registry"
+	apiclient "github.com/docker/engine-api/client"
+	"github.com/docker/engine-api/types"
+	registrytypes "github.com/docker/engine-api/types/registry"
+	"github.com/docker/go-connections/tlsconfig"
+	"github.com/docker/notary/client"
+	"github.com/docker/notary/passphrase"
+	"github.com/docker/notary/trustmanager"
+	"github.com/docker/notary/tuf/data"
+	"github.com/docker/notary/tuf/signed"
+	"github.com/docker/notary/tuf/store"
+)
+
+var (
+	releasesRole = path.Join(data.CanonicalTargetsRole, "releases")
+	untrusted    bool
+)
+
+func addTrustedFlags(fs *flag.FlagSet, verify bool) {
+	var trusted bool
+	if e := os.Getenv("DOCKER_CONTENT_TRUST"); e != "" {
+		if t, err := strconv.ParseBool(e); t || err != nil {
+			// treat any other value as true
+			trusted = true
+		}
+	}
+	message := "Skip image signing"
+	if verify {
+		message = "Skip image verification"
+	}
+	fs.BoolVar(&untrusted, []string{"-disable-content-trust"}, !trusted, message)
+}
+
+func isTrusted() bool {
+	return !untrusted
+}
+
+type target struct {
+	reference registry.Reference
+	digest    digest.Digest
+	size      int64
+}
+
+func (cli *DockerCli) trustDirectory() string {
+	return filepath.Join(cliconfig.ConfigDir(), "trust")
+}
+
+// certificateDirectory returns the directory containing
+// TLS certificates for the given server. An error is
+// returned if there was an error parsing the server string.
+func (cli *DockerCli) certificateDirectory(server string) (string, error) {
+	u, err := url.Parse(server)
+	if err != nil {
+		return "", err
+	}
+
+	return filepath.Join(cliconfig.ConfigDir(), "tls", u.Host), nil
+}
+
+func trustServer(index *registrytypes.IndexInfo) (string, error) {
+	if s := os.Getenv("DOCKER_CONTENT_TRUST_SERVER"); s != "" {
+		urlObj, err := url.Parse(s)
+		if err != nil || urlObj.Scheme != "https" {
+			return "", fmt.Errorf("valid https URL required for trust server, got %s", s)
+		}
+
+		return s, nil
+	}
+	if index.Official {
+		return registry.NotaryServer, nil
+	}
+	return "https://" + index.Name, nil
+}
+
+type simpleCredentialStore struct {
+	auth types.AuthConfig
+}
+
+func (scs simpleCredentialStore) Basic(u *url.URL) (string, string) {
+	return scs.auth.Username, scs.auth.Password
+}
+
+func (scs simpleCredentialStore) RefreshToken(u *url.URL, service string) string {
+	return scs.auth.IdentityToken
+}
+
+func (scs simpleCredentialStore) SetRefreshToken(*url.URL, string, string) {
+}
+
+// getNotaryRepository returns a NotaryRepository which stores all the
+// information needed to operate on a notary repository.
+// It creates a HTTP transport providing authentication support.
+func (cli *DockerCli) getNotaryRepository(repoInfo *registry.RepositoryInfo, authConfig types.AuthConfig, actions ...string) (*client.NotaryRepository, error) {
+	server, err := trustServer(repoInfo.Index)
+	if err != nil {
+		return nil, err
+	}
+
+	var cfg = tlsconfig.ClientDefault
+	cfg.InsecureSkipVerify = !repoInfo.Index.Secure
+
+	// Get certificate base directory
+	certDir, err := cli.certificateDirectory(server)
+	if err != nil {
+		return nil, err
+	}
+	logrus.Debugf("reading certificate directory: %s", certDir)
+
+	if err := registry.ReadCertsDirectory(&cfg, certDir); err != nil {
+		return nil, err
+	}
+
+	base := &http.Transport{
+		Proxy: http.ProxyFromEnvironment,
+		Dial: (&net.Dialer{
+			Timeout:   30 * time.Second,
+			KeepAlive: 30 * time.Second,
+			DualStack: true,
+		}).Dial,
+		TLSHandshakeTimeout: 10 * time.Second,
+		TLSClientConfig:     &cfg,
+		DisableKeepAlives:   true,
+	}
+
+	// Skip configuration headers since request is not going to Docker daemon
+	modifiers := registry.DockerHeaders(clientUserAgent(), http.Header{})
+	authTransport := transport.NewTransport(base, modifiers...)
+	pingClient := &http.Client{
+		Transport: authTransport,
+		Timeout:   5 * time.Second,
+	}
+	endpointStr := server + "/v2/"
+	req, err := http.NewRequest("GET", endpointStr, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	challengeManager := auth.NewSimpleChallengeManager()
+
+	resp, err := pingClient.Do(req)
+	if err != nil {
+		// Ignore error on ping to operate in offline mode
+		logrus.Debugf("Error pinging notary server %q: %s", endpointStr, err)
+	} else {
+		defer resp.Body.Close()
+
+		// Add response to the challenge manager to parse out
+		// authentication header and register authentication method
+		if err := challengeManager.AddResponse(resp); err != nil {
+			return nil, err
+		}
+	}
+
+	creds := simpleCredentialStore{auth: authConfig}
+	tokenHandler := auth.NewTokenHandler(authTransport, creds, repoInfo.FullName(), actions...)
+	basicHandler := auth.NewBasicHandler(creds)
+	modifiers = append(modifiers, transport.RequestModifier(auth.NewAuthorizer(challengeManager, tokenHandler, basicHandler)))
+	tr := transport.NewTransport(base, modifiers...)
+
+	return client.NewNotaryRepository(cli.trustDirectory(), repoInfo.FullName(), server, tr, cli.getPassphraseRetriever())
+}
+
+func convertTarget(t client.Target) (target, error) {
+	h, ok := t.Hashes["sha256"]
+	if !ok {
+		return target{}, errors.New("no valid hash, expecting sha256")
+	}
+	return target{
+		reference: registry.ParseReference(t.Name),
+		digest:    digest.NewDigestFromHex("sha256", hex.EncodeToString(h)),
+		size:      t.Length,
+	}, nil
+}
+
+func (cli *DockerCli) getPassphraseRetriever() passphrase.Retriever {
+	aliasMap := map[string]string{
+		"root":     "root",
+		"snapshot": "repository",
+		"targets":  "repository",
+		"default":  "repository",
+	}
+	baseRetriever := passphrase.PromptRetrieverWithInOut(cli.in, cli.out, aliasMap)
+	env := map[string]string{
+		"root":     os.Getenv("DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE"),
+		"snapshot": os.Getenv("DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE"),
+		"targets":  os.Getenv("DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE"),
+		"default":  os.Getenv("DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE"),
+	}
+
+	// Backwards compatibility with old env names. We should remove this in 1.10
+	if env["root"] == "" {
+		if passphrase := os.Getenv("DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE"); passphrase != "" {
+			env["root"] = passphrase
+			fmt.Fprintf(cli.err, "[DEPRECATED] The environment variable DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE has been deprecated and will be removed in v1.10. Please use DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE\n")
+		}
+	}
+	if env["snapshot"] == "" || env["targets"] == "" || env["default"] == "" {
+		if passphrase := os.Getenv("DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE"); passphrase != "" {
+			env["snapshot"] = passphrase
+			env["targets"] = passphrase
+			env["default"] = passphrase
+			fmt.Fprintf(cli.err, "[DEPRECATED] The environment variable DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE has been deprecated and will be removed in v1.10. Please use DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE\n")
+		}
+	}
+
+	return func(keyName string, alias string, createNew bool, numAttempts int) (string, bool, error) {
+		if v := env[alias]; v != "" {
+			return v, numAttempts > 1, nil
+		}
+		// For non-root roles, we can also try the "default" alias if it is specified
+		if v := env["default"]; v != "" && alias != data.CanonicalRootRole {
+			return v, numAttempts > 1, nil
+		}
+		return baseRetriever(keyName, alias, createNew, numAttempts)
+	}
+}
+
+func (cli *DockerCli) trustedReference(ref reference.NamedTagged) (reference.Canonical, error) {
+	repoInfo, err := registry.ParseRepositoryInfo(ref)
+	if err != nil {
+		return nil, err
+	}
+
+	// Resolve the Auth config relevant for this server
+	authConfig := cli.resolveAuthConfig(repoInfo.Index)
+
+	notaryRepo, err := cli.getNotaryRepository(repoInfo, authConfig, "pull")
+	if err != nil {
+		fmt.Fprintf(cli.out, "Error establishing connection to trust repository: %s\n", err)
+		return nil, err
+	}
+
+	t, err := notaryRepo.GetTargetByName(ref.Tag(), releasesRole, data.CanonicalTargetsRole)
+	if err != nil {
+		return nil, err
+	}
+	// Only list tags in the top level targets role or the releases delegation role - ignore
+	// all other delegation roles
+	if t.Role != releasesRole && t.Role != data.CanonicalTargetsRole {
+		return nil, notaryError(repoInfo.FullName(), fmt.Errorf("No trust data for %s", ref.Tag()))
+	}
+	r, err := convertTarget(t.Target)
+	if err != nil {
+		return nil, err
+
+	}
+
+	return reference.WithDigest(ref, r.digest)
+}
+
+func (cli *DockerCli) tagTrusted(trustedRef reference.Canonical, ref reference.NamedTagged) error {
+	fmt.Fprintf(cli.out, "Tagging %s as %s\n", trustedRef.String(), ref.String())
+
+	options := types.ImageTagOptions{
+		ImageID:        trustedRef.String(),
+		RepositoryName: trustedRef.Name(),
+		Tag:            ref.Tag(),
+		Force:          true,
+	}
+
+	return cli.client.ImageTag(context.Background(), options)
+}
+
+func notaryError(repoName string, err error) error {
+	switch err.(type) {
+	case *json.SyntaxError:
+		logrus.Debugf("Notary syntax error: %s", err)
+		return fmt.Errorf("Error: no trust data available for remote repository %s. Try running notary server and setting DOCKER_CONTENT_TRUST_SERVER to its HTTPS address?", repoName)
+	case signed.ErrExpired:
+		return fmt.Errorf("Error: remote repository %s out-of-date: %v", repoName, err)
+	case trustmanager.ErrKeyNotFound:
+		return fmt.Errorf("Error: signing keys for remote repository %s not found: %v", repoName, err)
+	case *net.OpError:
+		return fmt.Errorf("Error: error contacting notary server: %v", err)
+	case store.ErrMetaNotFound:
+		return fmt.Errorf("Error: trust data missing for remote repository %s or remote repository not found: %v", repoName, err)
+	case signed.ErrInvalidKeyType:
+		return fmt.Errorf("Warning: potential malicious behavior - trust data mismatch for remote repository %s: %v", repoName, err)
+	case signed.ErrNoKeys:
+		return fmt.Errorf("Error: could not find signing keys for remote repository %s, or could not decrypt signing key: %v", repoName, err)
+	case signed.ErrLowVersion:
+		return fmt.Errorf("Warning: potential malicious behavior - trust data version is lower than expected for remote repository %s: %v", repoName, err)
+	case signed.ErrRoleThreshold:
+		return fmt.Errorf("Warning: potential malicious behavior - trust data has insufficient signatures for remote repository %s: %v", repoName, err)
+	case client.ErrRepositoryNotExist:
+		return fmt.Errorf("Error: remote trust data does not exist for %s: %v", repoName, err)
+	case signed.ErrInsufficientSignatures:
+		return fmt.Errorf("Error: could not produce valid signature for %s.  If Yubikey was used, was touch input provided?: %v", repoName, err)
+	}
+
+	return err
+}
+
+func (cli *DockerCli) trustedPull(repoInfo *registry.RepositoryInfo, ref registry.Reference, authConfig types.AuthConfig, requestPrivilege apiclient.RequestPrivilegeFunc) error {
+	var refs []target
+
+	notaryRepo, err := cli.getNotaryRepository(repoInfo, authConfig, "pull")
+	if err != nil {
+		fmt.Fprintf(cli.out, "Error establishing connection to trust repository: %s\n", err)
+		return err
+	}
+
+	if ref.String() == "" {
+		// List all targets
+		targets, err := notaryRepo.ListTargets(releasesRole, data.CanonicalTargetsRole)
+		if err != nil {
+			return notaryError(repoInfo.FullName(), err)
+		}
+		for _, tgt := range targets {
+			t, err := convertTarget(tgt.Target)
+			if err != nil {
+				fmt.Fprintf(cli.out, "Skipping target for %q\n", repoInfo.Name())
+				continue
+			}
+			// Only list tags in the top level targets role or the releases delegation role - ignore
+			// all other delegation roles
+			if tgt.Role != releasesRole && tgt.Role != data.CanonicalTargetsRole {
+				continue
+			}
+			refs = append(refs, t)
+		}
+		if len(refs) == 0 {
+			return notaryError(repoInfo.FullName(), fmt.Errorf("No trusted tags for %s", repoInfo.FullName()))
+		}
+	} else {
+		t, err := notaryRepo.GetTargetByName(ref.String(), releasesRole, data.CanonicalTargetsRole)
+		if err != nil {
+			return notaryError(repoInfo.FullName(), err)
+		}
+		// Only get the tag if it's in the top level targets role or the releases delegation role
+		// ignore it if it's in any other delegation roles
+		if t.Role != releasesRole && t.Role != data.CanonicalTargetsRole {
+			return notaryError(repoInfo.FullName(), fmt.Errorf("No trust data for %s", ref.String()))
+		}
+
+		logrus.Debugf("retrieving target for %s role\n", t.Role)
+		r, err := convertTarget(t.Target)
+		if err != nil {
+			return err
+
+		}
+		refs = append(refs, r)
+	}
+
+	for i, r := range refs {
+		displayTag := r.reference.String()
+		if displayTag != "" {
+			displayTag = ":" + displayTag
+		}
+		fmt.Fprintf(cli.out, "Pull (%d of %d): %s%s@%s\n", i+1, len(refs), repoInfo.Name(), displayTag, r.digest)
+
+		if err := cli.imagePullPrivileged(authConfig, repoInfo.Name(), r.digest.String(), requestPrivilege); err != nil {
+			return err
+		}
+
+		// If reference is not trusted, tag by trusted reference
+		if !r.reference.HasDigest() {
+			tagged, err := reference.WithTag(repoInfo, r.reference.String())
+			if err != nil {
+				return err
+			}
+			trustedRef, err := reference.WithDigest(repoInfo, r.digest)
+			if err != nil {
+				return err
+			}
+			if err := cli.tagTrusted(trustedRef, tagged); err != nil {
+				return err
+			}
+		}
+	}
+	return nil
+}
+
+func (cli *DockerCli) trustedPush(repoInfo *registry.RepositoryInfo, tag string, authConfig types.AuthConfig, requestPrivilege apiclient.RequestPrivilegeFunc) error {
+	responseBody, err := cli.imagePushPrivileged(authConfig, repoInfo.Name(), tag, requestPrivilege)
+	if err != nil {
+		return err
+	}
+
+	defer responseBody.Close()
+
+	// If it is a trusted push we would like to find the target entry which match the
+	// tag provided in the function and then do an AddTarget later.
+	target := &client.Target{}
+	// Count the times of calling for handleTarget,
+	// if it is called more that once, that should be considered an error in a trusted push.
+	cnt := 0
+	handleTarget := func(aux *json.RawMessage) {
+		cnt++
+		if cnt > 1 {
+			// handleTarget should only be called one. This will be treated as an error.
+			return
+		}
+
+		var pushResult distribution.PushResult
+		err := json.Unmarshal(*aux, &pushResult)
+		if err == nil && pushResult.Tag != "" && pushResult.Digest.Validate() == nil {
+			h, err := hex.DecodeString(pushResult.Digest.Hex())
+			if err != nil {
+				target = nil
+				return
+			}
+			target.Name = registry.ParseReference(pushResult.Tag).String()
+			target.Hashes = data.Hashes{string(pushResult.Digest.Algorithm()): h}
+			target.Length = int64(pushResult.Size)
+		}
+	}
+
+	// We want trust signatures to always take an explicit tag,
+	// otherwise it will act as an untrusted push.
+	if tag == "" {
+		if err = jsonmessage.DisplayJSONMessagesStream(responseBody, cli.out, cli.outFd, cli.isTerminalOut, nil); err != nil {
+			return err
+		}
+		fmt.Fprintln(cli.out, "No tag specified, skipping trust metadata push")
+		return nil
+	}
+
+	if err = jsonmessage.DisplayJSONMessagesStream(responseBody, cli.out, cli.outFd, cli.isTerminalOut, handleTarget); err != nil {
+		return err
+	}
+
+	if cnt > 1 {
+		return fmt.Errorf("internal error: only one call to handleTarget expected")
+	}
+
+	if target == nil {
+		fmt.Fprintln(cli.out, "No targets found, please provide a specific tag in order to sign it")
+		return nil
+	}
+
+	fmt.Fprintln(cli.out, "Signing and pushing trust metadata")
+
+	repo, err := cli.getNotaryRepository(repoInfo, authConfig, "push", "pull")
+	if err != nil {
+		fmt.Fprintf(cli.out, "Error establishing connection to notary repository: %s\n", err)
+		return err
+	}
+
+	// get the latest repository metadata so we can figure out which roles to sign
+	_, err = repo.Update(false)
+
+	switch err.(type) {
+	case client.ErrRepoNotInitialized, client.ErrRepositoryNotExist:
+		keys := repo.CryptoService.ListKeys(data.CanonicalRootRole)
+		var rootKeyID string
+		// always select the first root key
+		if len(keys) > 0 {
+			sort.Strings(keys)
+			rootKeyID = keys[0]
+		} else {
+			rootPublicKey, err := repo.CryptoService.Create(data.CanonicalRootRole, "", data.ECDSAKey)
+			if err != nil {
+				return err
+			}
+			rootKeyID = rootPublicKey.ID()
+		}
+
+		// Initialize the notary repository with a remotely managed snapshot key
+		if err := repo.Initialize(rootKeyID, data.CanonicalSnapshotRole); err != nil {
+			return notaryError(repoInfo.FullName(), err)
+		}
+		fmt.Fprintf(cli.out, "Finished initializing %q\n", repoInfo.FullName())
+		err = repo.AddTarget(target, data.CanonicalTargetsRole)
+	case nil:
+		// already initialized and we have successfully downloaded the latest metadata
+		err = cli.addTargetToAllSignableRoles(repo, target)
+	default:
+		return notaryError(repoInfo.FullName(), err)
+	}
+
+	if err == nil {
+		err = repo.Publish()
+	}
+
+	if err != nil {
+		fmt.Fprintf(cli.out, "Failed to sign %q:%s - %s\n", repoInfo.FullName(), tag, err.Error())
+		return notaryError(repoInfo.FullName(), err)
+	}
+
+	fmt.Fprintf(cli.out, "Successfully signed %q:%s\n", repoInfo.FullName(), tag)
+	return nil
+}
+
+// Attempt to add the image target to all the top level delegation roles we can
+// (based on whether we have the signing key and whether the role's path allows
+// us to).
+// If there are no delegation roles, we add to the targets role.
+func (cli *DockerCli) addTargetToAllSignableRoles(repo *client.NotaryRepository, target *client.Target) error {
+	var signableRoles []string
+
+	// translate the full key names, which includes the GUN, into just the key IDs
+	allCanonicalKeyIDs := make(map[string]struct{})
+	for fullKeyID := range repo.CryptoService.ListAllKeys() {
+		allCanonicalKeyIDs[path.Base(fullKeyID)] = struct{}{}
+	}
+
+	allDelegationRoles, err := repo.GetDelegationRoles()
+	if err != nil {
+		return err
+	}
+
+	// if there are no delegation roles, then just try to sign it into the targets role
+	if len(allDelegationRoles) == 0 {
+		return repo.AddTarget(target, data.CanonicalTargetsRole)
+	}
+
+	// there are delegation roles, find every delegation role we have a key for, and
+	// attempt to sign into into all those roles.
+	for _, delegationRole := range allDelegationRoles {
+		// We do not support signing any delegation role that isn't a direct child of the targets role.
+		// Also don't bother checking the keys if we can't add the target
+		// to this role due to path restrictions
+		if path.Dir(delegationRole.Name) != data.CanonicalTargetsRole || !delegationRole.CheckPaths(target.Name) {
+			continue
+		}
+
+		for _, canonicalKeyID := range delegationRole.KeyIDs {
+			if _, ok := allCanonicalKeyIDs[canonicalKeyID]; ok {
+				signableRoles = append(signableRoles, delegationRole.Name)
+				break
+			}
+		}
+	}
+
+	if len(signableRoles) == 0 {
+		return fmt.Errorf("no valid signing keys for delegation roles")
+	}
+
+	return repo.AddTarget(target, signableRoles...)
+}
diff --git a/api/client/trust_test.go b/api/client/trust_test.go
new file mode 100644
index 00000000..ec95bd9d
--- /dev/null
+++ b/api/client/trust_test.go
@@ -0,0 +1,56 @@
+package client
+
+import (
+	"os"
+	"testing"
+
+	"github.com/docker/docker/registry"
+	registrytypes "github.com/docker/engine-api/types/registry"
+)
+
+func unsetENV() {
+	os.Unsetenv("DOCKER_CONTENT_TRUST")
+	os.Unsetenv("DOCKER_CONTENT_TRUST_SERVER")
+}
+
+func TestENVTrustServer(t *testing.T) {
+	defer unsetENV()
+	indexInfo := &registrytypes.IndexInfo{Name: "testserver"}
+	if err := os.Setenv("DOCKER_CONTENT_TRUST_SERVER", "https://notary-test.com:5000"); err != nil {
+		t.Fatal("Failed to set ENV variable")
+	}
+	output, err := trustServer(indexInfo)
+	expectedStr := "https://notary-test.com:5000"
+	if err != nil || output != expectedStr {
+		t.Fatalf("Expected server to be %s, got %s", expectedStr, output)
+	}
+}
+
+func TestHTTPENVTrustServer(t *testing.T) {
+	defer unsetENV()
+	indexInfo := &registrytypes.IndexInfo{Name: "testserver"}
+	if err := os.Setenv("DOCKER_CONTENT_TRUST_SERVER", "http://notary-test.com:5000"); err != nil {
+		t.Fatal("Failed to set ENV variable")
+	}
+	_, err := trustServer(indexInfo)
+	if err == nil {
+		t.Fatal("Expected error with invalid scheme")
+	}
+}
+
+func TestOfficialTrustServer(t *testing.T) {
+	indexInfo := &registrytypes.IndexInfo{Name: "testserver", Official: true}
+	output, err := trustServer(indexInfo)
+	if err != nil || output != registry.NotaryServer {
+		t.Fatalf("Expected server to be %s, got %s", registry.NotaryServer, output)
+	}
+}
+
+func TestNonOfficialTrustServer(t *testing.T) {
+	indexInfo := &registrytypes.IndexInfo{Name: "testserver", Official: false}
+	output, err := trustServer(indexInfo)
+	expectedStr := "https://" + indexInfo.Name
+	if err != nil || output != expectedStr {
+		t.Fatalf("Expected server to be %s, got %s", expectedStr, output)
+	}
+}
diff --git a/api/client/unpause.go b/api/client/unpause.go
new file mode 100644
index 00000000..b8630b1f
--- /dev/null
+++ b/api/client/unpause.go
@@ -0,0 +1,34 @@
+package client
+
+import (
+	"fmt"
+	"strings"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+)
+
+// CmdUnpause unpauses all processes within a container, for one or more containers.
+//
+// Usage: docker unpause CONTAINER [CONTAINER...]
+func (cli *DockerCli) CmdUnpause(args ...string) error {
+	cmd := Cli.Subcmd("unpause", []string{"CONTAINER [CONTAINER...]"}, Cli.DockerCommands["unpause"].Description, true)
+	cmd.Require(flag.Min, 1)
+
+	cmd.ParseFlags(args, true)
+
+	var errs []string
+	for _, name := range cmd.Args() {
+		if err := cli.client.ContainerUnpause(context.Background(), name); err != nil {
+			errs = append(errs, err.Error())
+		} else {
+			fmt.Fprintf(cli.out, "%s\n", name)
+		}
+	}
+	if len(errs) > 0 {
+		return fmt.Errorf("%s", strings.Join(errs, "\n"))
+	}
+	return nil
+}
diff --git a/api/client/update.go b/api/client/update.go
new file mode 100644
index 00000000..a2f9e534
--- /dev/null
+++ b/api/client/update.go
@@ -0,0 +1,117 @@
+package client
+
+import (
+	"fmt"
+	"strings"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/runconfig/opts"
+	"github.com/docker/engine-api/types/container"
+	"github.com/docker/go-units"
+)
+
+// CmdUpdate updates resources of one or more containers.
+//
+// Usage: docker update [OPTIONS] CONTAINER [CONTAINER...]
+func (cli *DockerCli) CmdUpdate(args ...string) error {
+	cmd := Cli.Subcmd("update", []string{"CONTAINER [CONTAINER...]"}, Cli.DockerCommands["update"].Description, true)
+	flBlkioWeight := cmd.Uint16([]string{"-blkio-weight"}, 0, "Block IO (relative weight), between 10 and 1000")
+	flCPUPeriod := cmd.Int64([]string{"-cpu-period"}, 0, "Limit CPU CFS (Completely Fair Scheduler) period")
+	flCPUQuota := cmd.Int64([]string{"-cpu-quota"}, 0, "Limit CPU CFS (Completely Fair Scheduler) quota")
+	flCpusetCpus := cmd.String([]string{"-cpuset-cpus"}, "", "CPUs in which to allow execution (0-3, 0,1)")
+	flCpusetMems := cmd.String([]string{"-cpuset-mems"}, "", "MEMs in which to allow execution (0-3, 0,1)")
+	flCPUShares := cmd.Int64([]string{"#c", "-cpu-shares"}, 0, "CPU shares (relative weight)")
+	flMemoryString := cmd.String([]string{"m", "-memory"}, "", "Memory limit")
+	flMemoryReservation := cmd.String([]string{"-memory-reservation"}, "", "Memory soft limit")
+	flMemorySwap := cmd.String([]string{"-memory-swap"}, "", "Swap limit equal to memory plus swap: '-1' to enable unlimited swap")
+	flKernelMemory := cmd.String([]string{"-kernel-memory"}, "", "Kernel memory limit")
+	flRestartPolicy := cmd.String([]string{"-restart"}, "", "Restart policy to apply when a container exits")
+
+	cmd.Require(flag.Min, 1)
+	cmd.ParseFlags(args, true)
+	if cmd.NFlag() == 0 {
+		return fmt.Errorf("You must provide one or more flags when using this command.")
+	}
+
+	var err error
+	var flMemory int64
+	if *flMemoryString != "" {
+		flMemory, err = units.RAMInBytes(*flMemoryString)
+		if err != nil {
+			return err
+		}
+	}
+
+	var memoryReservation int64
+	if *flMemoryReservation != "" {
+		memoryReservation, err = units.RAMInBytes(*flMemoryReservation)
+		if err != nil {
+			return err
+		}
+	}
+
+	var memorySwap int64
+	if *flMemorySwap != "" {
+		if *flMemorySwap == "-1" {
+			memorySwap = -1
+		} else {
+			memorySwap, err = units.RAMInBytes(*flMemorySwap)
+			if err != nil {
+				return err
+			}
+		}
+	}
+
+	var kernelMemory int64
+	if *flKernelMemory != "" {
+		kernelMemory, err = units.RAMInBytes(*flKernelMemory)
+		if err != nil {
+			return err
+		}
+	}
+
+	var restartPolicy container.RestartPolicy
+	if *flRestartPolicy != "" {
+		restartPolicy, err = opts.ParseRestartPolicy(*flRestartPolicy)
+		if err != nil {
+			return err
+		}
+	}
+
+	resources := container.Resources{
+		BlkioWeight:       *flBlkioWeight,
+		CpusetCpus:        *flCpusetCpus,
+		CpusetMems:        *flCpusetMems,
+		CPUShares:         *flCPUShares,
+		Memory:            flMemory,
+		MemoryReservation: memoryReservation,
+		MemorySwap:        memorySwap,
+		KernelMemory:      kernelMemory,
+		CPUPeriod:         *flCPUPeriod,
+		CPUQuota:          *flCPUQuota,
+	}
+
+	updateConfig := container.UpdateConfig{
+		Resources:     resources,
+		RestartPolicy: restartPolicy,
+	}
+
+	names := cmd.Args()
+	var errs []string
+	for _, name := range names {
+		if err := cli.client.ContainerUpdate(context.Background(), name, updateConfig); err != nil {
+			errs = append(errs, err.Error())
+		} else {
+			fmt.Fprintf(cli.out, "%s\n", name)
+		}
+	}
+
+	if len(errs) > 0 {
+		return fmt.Errorf("%s", strings.Join(errs, "\n"))
+	}
+
+	return nil
+}
diff --git a/api/client/utils.go b/api/client/utils.go
new file mode 100644
index 00000000..4deee224
--- /dev/null
+++ b/api/client/utils.go
@@ -0,0 +1,202 @@
+package client
+
+import (
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	gosignal "os/signal"
+	"path/filepath"
+	"runtime"
+	"time"
+
+	"golang.org/x/net/context"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/pkg/signal"
+	"github.com/docker/docker/pkg/term"
+	"github.com/docker/docker/registry"
+	"github.com/docker/engine-api/client"
+	"github.com/docker/engine-api/types"
+	registrytypes "github.com/docker/engine-api/types/registry"
+)
+
+func (cli *DockerCli) electAuthServer() string {
+	// The daemon `/info` endpoint informs us of the default registry being
+	// used. This is essential in cross-platforms environment, where for
+	// example a Linux client might be interacting with a Windows daemon, hence
+	// the default registry URL might be Windows specific.
+	serverAddress := registry.IndexServer
+	if info, err := cli.client.Info(context.Background()); err != nil {
+		fmt.Fprintf(cli.out, "Warning: failed to get default registry endpoint from daemon (%v). Using system default: %s\n", err, serverAddress)
+	} else {
+		serverAddress = info.IndexServerAddress
+	}
+	return serverAddress
+}
+
+// encodeAuthToBase64 serializes the auth configuration as JSON base64 payload
+func encodeAuthToBase64(authConfig types.AuthConfig) (string, error) {
+	buf, err := json.Marshal(authConfig)
+	if err != nil {
+		return "", err
+	}
+	return base64.URLEncoding.EncodeToString(buf), nil
+}
+
+func (cli *DockerCli) registryAuthenticationPrivilegedFunc(index *registrytypes.IndexInfo, cmdName string) client.RequestPrivilegeFunc {
+	return func() (string, error) {
+		fmt.Fprintf(cli.out, "\nPlease login prior to %s:\n", cmdName)
+		indexServer := registry.GetAuthConfigKey(index)
+		authConfig, err := cli.configureAuth("", "", indexServer, false)
+		if err != nil {
+			return "", err
+		}
+		return encodeAuthToBase64(authConfig)
+	}
+}
+
+func (cli *DockerCli) resizeTty(id string, isExec bool) {
+	height, width := cli.getTtySize()
+	cli.resizeTtyTo(id, height, width, isExec)
+}
+
+func (cli *DockerCli) resizeTtyTo(id string, height, width int, isExec bool) {
+	if height == 0 && width == 0 {
+		return
+	}
+
+	options := types.ResizeOptions{
+		ID:     id,
+		Height: height,
+		Width:  width,
+	}
+
+	var err error
+	if isExec {
+		err = cli.client.ContainerExecResize(context.Background(), options)
+	} else {
+		err = cli.client.ContainerResize(context.Background(), options)
+	}
+
+	if err != nil {
+		logrus.Debugf("Error resize: %s", err)
+	}
+}
+
+// getExitCode perform an inspect on the container. It returns
+// the running state and the exit code.
+func getExitCode(cli *DockerCli, containerID string) (bool, int, error) {
+	c, err := cli.client.ContainerInspect(context.Background(), containerID)
+	if err != nil {
+		// If we can't connect, then the daemon probably died.
+		if err != client.ErrConnectionFailed {
+			return false, -1, err
+		}
+		return false, -1, nil
+	}
+
+	return c.State.Running, c.State.ExitCode, nil
+}
+
+// getExecExitCode perform an inspect on the exec command. It returns
+// the running state and the exit code.
+func getExecExitCode(cli *DockerCli, execID string) (bool, int, error) {
+	resp, err := cli.client.ContainerExecInspect(context.Background(), execID)
+	if err != nil {
+		// If we can't connect, then the daemon probably died.
+		if err != client.ErrConnectionFailed {
+			return false, -1, err
+		}
+		return false, -1, nil
+	}
+
+	return resp.Running, resp.ExitCode, nil
+}
+
+func (cli *DockerCli) monitorTtySize(id string, isExec bool) error {
+	cli.resizeTty(id, isExec)
+
+	if runtime.GOOS == "windows" {
+		go func() {
+			prevH, prevW := cli.getTtySize()
+			for {
+				time.Sleep(time.Millisecond * 250)
+				h, w := cli.getTtySize()
+
+				if prevW != w || prevH != h {
+					cli.resizeTty(id, isExec)
+				}
+				prevH = h
+				prevW = w
+			}
+		}()
+	} else {
+		sigchan := make(chan os.Signal, 1)
+		gosignal.Notify(sigchan, signal.SIGWINCH)
+		go func() {
+			for range sigchan {
+				cli.resizeTty(id, isExec)
+			}
+		}()
+	}
+	return nil
+}
+
+func (cli *DockerCli) getTtySize() (int, int) {
+	if !cli.isTerminalOut {
+		return 0, 0
+	}
+	ws, err := term.GetWinsize(cli.outFd)
+	if err != nil {
+		logrus.Debugf("Error getting size: %s", err)
+		if ws == nil {
+			return 0, 0
+		}
+	}
+	return int(ws.Height), int(ws.Width)
+}
+
+func copyToFile(outfile string, r io.Reader) error {
+	tmpFile, err := ioutil.TempFile(filepath.Dir(outfile), ".docker_temp_")
+	if err != nil {
+		return err
+	}
+
+	tmpPath := tmpFile.Name()
+
+	_, err = io.Copy(tmpFile, r)
+	tmpFile.Close()
+
+	if err != nil {
+		os.Remove(tmpPath)
+		return err
+	}
+
+	if err = os.Rename(tmpPath, outfile); err != nil {
+		os.Remove(tmpPath)
+		return err
+	}
+
+	return nil
+}
+
+// resolveAuthConfig is like registry.ResolveAuthConfig, but if using the
+// default index, it uses the default index name for the daemon's platform,
+// not the client's platform.
+func (cli *DockerCli) resolveAuthConfig(index *registrytypes.IndexInfo) types.AuthConfig {
+	configKey := index.Name
+	if index.Official {
+		configKey = cli.electAuthServer()
+	}
+
+	a, _ := getCredentials(cli.configFile, configKey)
+	return a
+}
+
+func (cli *DockerCli) retrieveAuthConfigs() map[string]types.AuthConfig {
+	acs, _ := getAllCredentials(cli.configFile)
+	return acs
+}
diff --git a/api/client/version.go b/api/client/version.go
new file mode 100644
index 00000000..ebec4def
--- /dev/null
+++ b/api/client/version.go
@@ -0,0 +1,95 @@
+package client
+
+import (
+	"runtime"
+	"text/template"
+	"time"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/docker/dockerversion"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/utils"
+	"github.com/docker/docker/utils/templates"
+	"github.com/docker/engine-api/types"
+)
+
+var versionTemplate = `Client:
+ Version:      {{.Client.Version}}
+ API version:  {{.Client.APIVersion}}
+ Go version:   {{.Client.GoVersion}}
+ Git commit:   {{.Client.GitCommit}}
+ Built:        {{.Client.BuildTime}}
+ OS/Arch:      {{.Client.Os}}/{{.Client.Arch}}{{if .Client.Experimental}}
+ Experimental: {{.Client.Experimental}}{{end}}{{if .ServerOK}}
+
+Server:
+ Version:      {{.Server.Version}}
+ API version:  {{.Server.APIVersion}}
+ Go version:   {{.Server.GoVersion}}
+ Git commit:   {{.Server.GitCommit}}
+ Built:        {{.Server.BuildTime}}
+ OS/Arch:      {{.Server.Os}}/{{.Server.Arch}}{{if .Server.Experimental}}
+ Experimental: {{.Server.Experimental}}{{end}}{{end}}`
+
+// CmdVersion shows Docker version information.
+//
+// Available version information is shown for: client Docker version, client API version, client Go version, client Git commit, client OS/Arch, server Docker version, server API version, server Go version, server Git commit, and server OS/Arch.
+//
+// Usage: docker version
+func (cli *DockerCli) CmdVersion(args ...string) (err error) {
+	cmd := Cli.Subcmd("version", nil, Cli.DockerCommands["version"].Description, true)
+	tmplStr := cmd.String([]string{"f", "#format", "-format"}, "", "Format the output using the given go template")
+	cmd.Require(flag.Exact, 0)
+
+	cmd.ParseFlags(args, true)
+
+	templateFormat := versionTemplate
+	if *tmplStr != "" {
+		templateFormat = *tmplStr
+	}
+
+	var tmpl *template.Template
+	if tmpl, err = templates.Parse(templateFormat); err != nil {
+		return Cli.StatusError{StatusCode: 64,
+			Status: "Template parsing error: " + err.Error()}
+	}
+
+	vd := types.VersionResponse{
+		Client: &types.Version{
+			Version:      dockerversion.Version,
+			APIVersion:   cli.client.ClientVersion(),
+			GoVersion:    runtime.Version(),
+			GitCommit:    dockerversion.GitCommit,
+			BuildTime:    dockerversion.BuildTime,
+			Os:           runtime.GOOS,
+			Arch:         runtime.GOARCH,
+			Experimental: utils.ExperimentalBuild(),
+		},
+	}
+
+	serverVersion, err := cli.client.ServerVersion(context.Background())
+	if err == nil {
+		vd.Server = &serverVersion
+	}
+
+	// first we need to make BuildTime more human friendly
+	t, errTime := time.Parse(time.RFC3339Nano, vd.Client.BuildTime)
+	if errTime == nil {
+		vd.Client.BuildTime = t.Format(time.ANSIC)
+	}
+
+	if vd.ServerOK() {
+		t, errTime = time.Parse(time.RFC3339Nano, vd.Server.BuildTime)
+		if errTime == nil {
+			vd.Server.BuildTime = t.Format(time.ANSIC)
+		}
+	}
+
+	if err2 := tmpl.Execute(cli.out, vd); err2 != nil && err == nil {
+		err = err2
+	}
+	cli.out.Write([]byte{'\n'})
+	return err
+}
diff --git a/api/client/volume.go b/api/client/volume.go
new file mode 100644
index 00000000..37e623fb
--- /dev/null
+++ b/api/client/volume.go
@@ -0,0 +1,177 @@
+package client
+
+import (
+	"fmt"
+	"sort"
+	"text/tabwriter"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	"github.com/docker/docker/opts"
+	flag "github.com/docker/docker/pkg/mflag"
+	runconfigopts "github.com/docker/docker/runconfig/opts"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/filters"
+)
+
+// CmdVolume is the parent subcommand for all volume commands
+//
+// Usage: docker volume <COMMAND> <OPTS>
+func (cli *DockerCli) CmdVolume(args ...string) error {
+	description := Cli.DockerCommands["volume"].Description + "\n\nCommands:\n"
+	commands := [][]string{
+		{"create", "Create a volume"},
+		{"inspect", "Return low-level information on a volume"},
+		{"ls", "List volumes"},
+		{"rm", "Remove a volume"},
+	}
+
+	for _, cmd := range commands {
+		description += fmt.Sprintf("  %-25.25s%s\n", cmd[0], cmd[1])
+	}
+
+	description += "\nRun 'docker volume COMMAND --help' for more information on a command"
+	cmd := Cli.Subcmd("volume", []string{"[COMMAND]"}, description, false)
+
+	cmd.Require(flag.Exact, 0)
+	err := cmd.ParseFlags(args, true)
+	cmd.Usage()
+	return err
+}
+
+// CmdVolumeLs outputs a list of Docker volumes.
+//
+// Usage: docker volume ls [OPTIONS]
+func (cli *DockerCli) CmdVolumeLs(args ...string) error {
+	cmd := Cli.Subcmd("volume ls", nil, "List volumes", true)
+
+	quiet := cmd.Bool([]string{"q", "-quiet"}, false, "Only display volume names")
+	flFilter := opts.NewListOpts(nil)
+	cmd.Var(&flFilter, []string{"f", "-filter"}, "Provide filter values (i.e. 'dangling=true')")
+
+	cmd.Require(flag.Exact, 0)
+	cmd.ParseFlags(args, true)
+
+	volFilterArgs := filters.NewArgs()
+	for _, f := range flFilter.GetAll() {
+		var err error
+		volFilterArgs, err = filters.ParseFlag(f, volFilterArgs)
+		if err != nil {
+			return err
+		}
+	}
+
+	volumes, err := cli.client.VolumeList(context.Background(), volFilterArgs)
+	if err != nil {
+		return err
+	}
+
+	w := tabwriter.NewWriter(cli.out, 20, 1, 3, ' ', 0)
+	if !*quiet {
+		for _, warn := range volumes.Warnings {
+			fmt.Fprintln(cli.err, warn)
+		}
+		fmt.Fprintf(w, "DRIVER \tVOLUME NAME")
+		fmt.Fprintf(w, "\n")
+	}
+
+	sort.Sort(byVolumeName(volumes.Volumes))
+	for _, vol := range volumes.Volumes {
+		if *quiet {
+			fmt.Fprintln(w, vol.Name)
+			continue
+		}
+		fmt.Fprintf(w, "%s\t%s\n", vol.Driver, vol.Name)
+	}
+	w.Flush()
+	return nil
+}
+
+type byVolumeName []*types.Volume
+
+func (r byVolumeName) Len() int      { return len(r) }
+func (r byVolumeName) Swap(i, j int) { r[i], r[j] = r[j], r[i] }
+func (r byVolumeName) Less(i, j int) bool {
+	return r[i].Name < r[j].Name
+}
+
+// CmdVolumeInspect displays low-level information on one or more volumes.
+//
+// Usage: docker volume inspect [OPTIONS] VOLUME [VOLUME...]
+func (cli *DockerCli) CmdVolumeInspect(args ...string) error {
+	cmd := Cli.Subcmd("volume inspect", []string{"VOLUME [VOLUME...]"}, "Return low-level information on a volume", true)
+	tmplStr := cmd.String([]string{"f", "-format"}, "", "Format the output using the given go template")
+
+	cmd.Require(flag.Min, 1)
+	cmd.ParseFlags(args, true)
+
+	if err := cmd.Parse(args); err != nil {
+		return nil
+	}
+
+	inspectSearcher := func(name string) (interface{}, []byte, error) {
+		i, err := cli.client.VolumeInspect(context.Background(), name)
+		return i, nil, err
+	}
+
+	return cli.inspectElements(*tmplStr, cmd.Args(), inspectSearcher)
+}
+
+// CmdVolumeCreate creates a new volume.
+//
+// Usage: docker volume create [OPTIONS]
+func (cli *DockerCli) CmdVolumeCreate(args ...string) error {
+	cmd := Cli.Subcmd("volume create", nil, "Create a volume", true)
+	flDriver := cmd.String([]string{"d", "-driver"}, "local", "Specify volume driver name")
+	flName := cmd.String([]string{"-name"}, "", "Specify volume name")
+
+	flDriverOpts := opts.NewMapOpts(nil, nil)
+	cmd.Var(flDriverOpts, []string{"o", "-opt"}, "Set driver specific options")
+
+	flLabels := opts.NewListOpts(nil)
+	cmd.Var(&flLabels, []string{"-label"}, "Set metadata for a volume")
+
+	cmd.Require(flag.Exact, 0)
+	cmd.ParseFlags(args, true)
+
+	volReq := types.VolumeCreateRequest{
+		Driver:     *flDriver,
+		DriverOpts: flDriverOpts.GetAll(),
+		Name:       *flName,
+		Labels:     runconfigopts.ConvertKVStringsToMap(flLabels.GetAll()),
+	}
+
+	vol, err := cli.client.VolumeCreate(context.Background(), volReq)
+	if err != nil {
+		return err
+	}
+
+	fmt.Fprintf(cli.out, "%s\n", vol.Name)
+	return nil
+}
+
+// CmdVolumeRm removes one or more volumes.
+//
+// Usage: docker volume rm VOLUME [VOLUME...]
+func (cli *DockerCli) CmdVolumeRm(args ...string) error {
+	cmd := Cli.Subcmd("volume rm", []string{"VOLUME [VOLUME...]"}, "Remove a volume", true)
+	cmd.Require(flag.Min, 1)
+	cmd.ParseFlags(args, true)
+
+	var status = 0
+
+	for _, name := range cmd.Args() {
+		if err := cli.client.VolumeRemove(context.Background(), name); err != nil {
+			fmt.Fprintf(cli.err, "%s\n", err)
+			status = 1
+			continue
+		}
+		fmt.Fprintf(cli.out, "%s\n", name)
+	}
+
+	if status != 0 {
+		return Cli.StatusError{StatusCode: status}
+	}
+	return nil
+}
diff --git a/api/client/wait.go b/api/client/wait.go
new file mode 100644
index 00000000..609cd3be
--- /dev/null
+++ b/api/client/wait.go
@@ -0,0 +1,37 @@
+package client
+
+import (
+	"fmt"
+	"strings"
+
+	"golang.org/x/net/context"
+
+	Cli "github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+)
+
+// CmdWait blocks until a container stops, then prints its exit code.
+//
+// If more than one container is specified, this will wait synchronously on each container.
+//
+// Usage: docker wait CONTAINER [CONTAINER...]
+func (cli *DockerCli) CmdWait(args ...string) error {
+	cmd := Cli.Subcmd("wait", []string{"CONTAINER [CONTAINER...]"}, Cli.DockerCommands["wait"].Description, true)
+	cmd.Require(flag.Min, 1)
+
+	cmd.ParseFlags(args, true)
+
+	var errs []string
+	for _, name := range cmd.Args() {
+		status, err := cli.client.ContainerWait(context.Background(), name)
+		if err != nil {
+			errs = append(errs, err.Error())
+		} else {
+			fmt.Fprintf(cli.out, "%d\n", status)
+		}
+	}
+	if len(errs) > 0 {
+		return fmt.Errorf("%s", strings.Join(errs, "\n"))
+	}
+	return nil
+}
diff --git a/api/common.go b/api/common.go
new file mode 100644
index 00000000..63560c6d
--- /dev/null
+++ b/api/common.go
@@ -0,0 +1,146 @@
+package api
+
+import (
+	"fmt"
+	"mime"
+	"path/filepath"
+	"sort"
+	"strconv"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/pkg/system"
+	"github.com/docker/docker/pkg/version"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/libtrust"
+)
+
+// Common constants for daemon and client.
+const (
+	// Version of Current REST API
+	DefaultVersion version.Version = "1.23"
+
+	// MinVersion represents Minimum REST API version supported
+	MinVersion version.Version = "1.12"
+
+	// NoBaseImageSpecifier is the symbol used by the FROM
+	// command to specify that no base image is to be used.
+	NoBaseImageSpecifier string = "scratch"
+)
+
+// byPortInfo is a temporary type used to sort types.Port by its fields
+type byPortInfo []types.Port
+
+func (r byPortInfo) Len() int      { return len(r) }
+func (r byPortInfo) Swap(i, j int) { r[i], r[j] = r[j], r[i] }
+func (r byPortInfo) Less(i, j int) bool {
+	if r[i].PrivatePort != r[j].PrivatePort {
+		return r[i].PrivatePort < r[j].PrivatePort
+	}
+
+	if r[i].IP != r[j].IP {
+		return r[i].IP < r[j].IP
+	}
+
+	if r[i].PublicPort != r[j].PublicPort {
+		return r[i].PublicPort < r[j].PublicPort
+	}
+
+	return r[i].Type < r[j].Type
+}
+
+// DisplayablePorts returns formatted string representing open ports of container
+// e.g. "0.0.0.0:80->9090/tcp, 9988/tcp"
+// it's used by command 'docker ps'
+func DisplayablePorts(ports []types.Port) string {
+	type portGroup struct {
+		first int
+		last  int
+	}
+	groupMap := make(map[string]*portGroup)
+	var result []string
+	var hostMappings []string
+	var groupMapKeys []string
+	sort.Sort(byPortInfo(ports))
+	for _, port := range ports {
+		current := port.PrivatePort
+		portKey := port.Type
+		if port.IP != "" {
+			if port.PublicPort != current {
+				hostMappings = append(hostMappings, fmt.Sprintf("%s:%d->%d/%s", port.IP, port.PublicPort, port.PrivatePort, port.Type))
+				continue
+			}
+			portKey = fmt.Sprintf("%s/%s", port.IP, port.Type)
+		}
+		group := groupMap[portKey]
+
+		if group == nil {
+			groupMap[portKey] = &portGroup{first: current, last: current}
+			// record order that groupMap keys are created
+			groupMapKeys = append(groupMapKeys, portKey)
+			continue
+		}
+		if current == (group.last + 1) {
+			group.last = current
+			continue
+		}
+
+		result = append(result, formGroup(portKey, group.first, group.last))
+		groupMap[portKey] = &portGroup{first: current, last: current}
+	}
+	for _, portKey := range groupMapKeys {
+		g := groupMap[portKey]
+		result = append(result, formGroup(portKey, g.first, g.last))
+	}
+	result = append(result, hostMappings...)
+	return strings.Join(result, ", ")
+}
+
+func formGroup(key string, start, last int) string {
+	parts := strings.Split(key, "/")
+	groupType := parts[0]
+	var ip string
+	if len(parts) > 1 {
+		ip = parts[0]
+		groupType = parts[1]
+	}
+	group := strconv.Itoa(start)
+	if start != last {
+		group = fmt.Sprintf("%s-%d", group, last)
+	}
+	if ip != "" {
+		group = fmt.Sprintf("%s:%s->%s", ip, group, group)
+	}
+	return fmt.Sprintf("%s/%s", group, groupType)
+}
+
+// MatchesContentType validates the content type against the expected one
+func MatchesContentType(contentType, expectedType string) bool {
+	mimetype, _, err := mime.ParseMediaType(contentType)
+	if err != nil {
+		logrus.Errorf("Error parsing media type: %s error: %v", contentType, err)
+	}
+	return err == nil && mimetype == expectedType
+}
+
+// LoadOrCreateTrustKey attempts to load the libtrust key at the given path,
+// otherwise generates a new one
+func LoadOrCreateTrustKey(trustKeyPath string) (libtrust.PrivateKey, error) {
+	err := system.MkdirAll(filepath.Dir(trustKeyPath), 0700)
+	if err != nil {
+		return nil, err
+	}
+	trustKey, err := libtrust.LoadKeyFile(trustKeyPath)
+	if err == libtrust.ErrKeyFileDoesNotExist {
+		trustKey, err = libtrust.GenerateECP256PrivateKey()
+		if err != nil {
+			return nil, fmt.Errorf("Error generating key: %s", err)
+		}
+		if err := libtrust.SaveKey(trustKeyPath, trustKey); err != nil {
+			return nil, fmt.Errorf("Error saving key file: %s", err)
+		}
+	} else if err != nil {
+		return nil, fmt.Errorf("Error loading key file %s: %s", trustKeyPath, err)
+	}
+	return trustKey, nil
+}
diff --git a/api/common_test.go b/api/common_test.go
new file mode 100644
index 00000000..c214660c
--- /dev/null
+++ b/api/common_test.go
@@ -0,0 +1,341 @@
+package api
+
+import (
+	"io/ioutil"
+	"path/filepath"
+	"testing"
+
+	"os"
+
+	"github.com/docker/engine-api/types"
+)
+
+type ports struct {
+	ports    []types.Port
+	expected string
+}
+
+// DisplayablePorts
+func TestDisplayablePorts(t *testing.T) {
+	cases := []ports{
+		{
+			[]types.Port{
+				{
+					PrivatePort: 9988,
+					Type:        "tcp",
+				},
+			},
+			"9988/tcp"},
+		{
+			[]types.Port{
+				{
+					PrivatePort: 9988,
+					Type:        "udp",
+				},
+			},
+			"9988/udp",
+		},
+		{
+			[]types.Port{
+				{
+					IP:          "0.0.0.0",
+					PrivatePort: 9988,
+					Type:        "tcp",
+				},
+			},
+			"0.0.0.0:0->9988/tcp",
+		},
+		{
+			[]types.Port{
+				{
+					PrivatePort: 9988,
+					PublicPort:  8899,
+					Type:        "tcp",
+				},
+			},
+			"9988/tcp",
+		},
+		{
+			[]types.Port{
+				{
+					IP:          "4.3.2.1",
+					PrivatePort: 9988,
+					PublicPort:  8899,
+					Type:        "tcp",
+				},
+			},
+			"4.3.2.1:8899->9988/tcp",
+		},
+		{
+			[]types.Port{
+				{
+					IP:          "4.3.2.1",
+					PrivatePort: 9988,
+					PublicPort:  9988,
+					Type:        "tcp",
+				},
+			},
+			"4.3.2.1:9988->9988/tcp",
+		},
+		{
+			[]types.Port{
+				{
+					PrivatePort: 9988,
+					Type:        "udp",
+				}, {
+					PrivatePort: 9988,
+					Type:        "udp",
+				},
+			},
+			"9988/udp, 9988/udp",
+		},
+		{
+			[]types.Port{
+				{
+					IP:          "1.2.3.4",
+					PublicPort:  9998,
+					PrivatePort: 9998,
+					Type:        "udp",
+				}, {
+					IP:          "1.2.3.4",
+					PublicPort:  9999,
+					PrivatePort: 9999,
+					Type:        "udp",
+				},
+			},
+			"1.2.3.4:9998-9999->9998-9999/udp",
+		},
+		{
+			[]types.Port{
+				{
+					IP:          "1.2.3.4",
+					PublicPort:  8887,
+					PrivatePort: 9998,
+					Type:        "udp",
+				}, {
+					IP:          "1.2.3.4",
+					PublicPort:  8888,
+					PrivatePort: 9999,
+					Type:        "udp",
+				},
+			},
+			"1.2.3.4:8887->9998/udp, 1.2.3.4:8888->9999/udp",
+		},
+		{
+			[]types.Port{
+				{
+					PrivatePort: 9998,
+					Type:        "udp",
+				}, {
+					PrivatePort: 9999,
+					Type:        "udp",
+				},
+			},
+			"9998-9999/udp",
+		},
+		{
+			[]types.Port{
+				{
+					IP:          "1.2.3.4",
+					PrivatePort: 6677,
+					PublicPort:  7766,
+					Type:        "tcp",
+				}, {
+					PrivatePort: 9988,
+					PublicPort:  8899,
+					Type:        "udp",
+				},
+			},
+			"9988/udp, 1.2.3.4:7766->6677/tcp",
+		},
+		{
+			[]types.Port{
+				{
+					IP:          "1.2.3.4",
+					PrivatePort: 9988,
+					PublicPort:  8899,
+					Type:        "udp",
+				}, {
+					IP:          "1.2.3.4",
+					PrivatePort: 9988,
+					PublicPort:  8899,
+					Type:        "tcp",
+				}, {
+					IP:          "4.3.2.1",
+					PrivatePort: 2233,
+					PublicPort:  3322,
+					Type:        "tcp",
+				},
+			},
+			"4.3.2.1:3322->2233/tcp, 1.2.3.4:8899->9988/tcp, 1.2.3.4:8899->9988/udp",
+		},
+		{
+			[]types.Port{
+				{
+					PrivatePort: 9988,
+					PublicPort:  8899,
+					Type:        "udp",
+				}, {
+					IP:          "1.2.3.4",
+					PrivatePort: 6677,
+					PublicPort:  7766,
+					Type:        "tcp",
+				}, {
+					IP:          "4.3.2.1",
+					PrivatePort: 2233,
+					PublicPort:  3322,
+					Type:        "tcp",
+				},
+			},
+			"9988/udp, 4.3.2.1:3322->2233/tcp, 1.2.3.4:7766->6677/tcp",
+		},
+		{
+			[]types.Port{
+				{
+					PrivatePort: 80,
+					Type:        "tcp",
+				}, {
+					PrivatePort: 1024,
+					Type:        "tcp",
+				}, {
+					PrivatePort: 80,
+					Type:        "udp",
+				}, {
+					PrivatePort: 1024,
+					Type:        "udp",
+				}, {
+					IP:          "1.1.1.1",
+					PublicPort:  80,
+					PrivatePort: 1024,
+					Type:        "tcp",
+				}, {
+					IP:          "1.1.1.1",
+					PublicPort:  80,
+					PrivatePort: 1024,
+					Type:        "udp",
+				}, {
+					IP:          "1.1.1.1",
+					PublicPort:  1024,
+					PrivatePort: 80,
+					Type:        "tcp",
+				}, {
+					IP:          "1.1.1.1",
+					PublicPort:  1024,
+					PrivatePort: 80,
+					Type:        "udp",
+				}, {
+					IP:          "2.1.1.1",
+					PublicPort:  80,
+					PrivatePort: 1024,
+					Type:        "tcp",
+				}, {
+					IP:          "2.1.1.1",
+					PublicPort:  80,
+					PrivatePort: 1024,
+					Type:        "udp",
+				}, {
+					IP:          "2.1.1.1",
+					PublicPort:  1024,
+					PrivatePort: 80,
+					Type:        "tcp",
+				}, {
+					IP:          "2.1.1.1",
+					PublicPort:  1024,
+					PrivatePort: 80,
+					Type:        "udp",
+				},
+			},
+			"80/tcp, 80/udp, 1024/tcp, 1024/udp, 1.1.1.1:1024->80/tcp, 1.1.1.1:1024->80/udp, 2.1.1.1:1024->80/tcp, 2.1.1.1:1024->80/udp, 1.1.1.1:80->1024/tcp, 1.1.1.1:80->1024/udp, 2.1.1.1:80->1024/tcp, 2.1.1.1:80->1024/udp",
+		},
+	}
+
+	for _, port := range cases {
+		actual := DisplayablePorts(port.ports)
+		if port.expected != actual {
+			t.Fatalf("Expected %s, got %s.", port.expected, actual)
+		}
+	}
+}
+
+// MatchesContentType
+func TestJsonContentType(t *testing.T) {
+	if !MatchesContentType("application/json", "application/json") {
+		t.Fail()
+	}
+
+	if !MatchesContentType("application/json; charset=utf-8", "application/json") {
+		t.Fail()
+	}
+
+	if MatchesContentType("dockerapplication/json", "application/json") {
+		t.Fail()
+	}
+}
+
+// LoadOrCreateTrustKey
+func TestLoadOrCreateTrustKeyInvalidKeyFile(t *testing.T) {
+	tmpKeyFolderPath, err := ioutil.TempDir("", "api-trustkey-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpKeyFolderPath)
+
+	tmpKeyFile, err := ioutil.TempFile(tmpKeyFolderPath, "keyfile")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := LoadOrCreateTrustKey(tmpKeyFile.Name()); err == nil {
+		t.Fatalf("expected an error, got nothing.")
+	}
+
+}
+
+func TestLoadOrCreateTrustKeyCreateKey(t *testing.T) {
+	tmpKeyFolderPath, err := ioutil.TempDir("", "api-trustkey-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpKeyFolderPath)
+
+	// Without the need to create the folder hierarchy
+	tmpKeyFile := filepath.Join(tmpKeyFolderPath, "keyfile")
+
+	if key, err := LoadOrCreateTrustKey(tmpKeyFile); err != nil || key == nil {
+		t.Fatalf("expected a new key file, got : %v and %v", err, key)
+	}
+
+	if _, err := os.Stat(tmpKeyFile); err != nil {
+		t.Fatalf("Expected to find a file %s, got %v", tmpKeyFile, err)
+	}
+
+	// With the need to create the folder hierarchy as tmpKeyFie is in a path
+	// where some folders do not exist.
+	tmpKeyFile = filepath.Join(tmpKeyFolderPath, "folder/hierarchy/keyfile")
+
+	if key, err := LoadOrCreateTrustKey(tmpKeyFile); err != nil || key == nil {
+		t.Fatalf("expected a new key file, got : %v and %v", err, key)
+	}
+
+	if _, err := os.Stat(tmpKeyFile); err != nil {
+		t.Fatalf("Expected to find a file %s, got %v", tmpKeyFile, err)
+	}
+
+	// With no path at all
+	defer os.Remove("keyfile")
+	if key, err := LoadOrCreateTrustKey("keyfile"); err != nil || key == nil {
+		t.Fatalf("expected a new key file, got : %v and %v", err, key)
+	}
+
+	if _, err := os.Stat("keyfile"); err != nil {
+		t.Fatalf("Expected to find a file keyfile, got %v", err)
+	}
+}
+
+func TestLoadOrCreateTrustKeyLoadValidKey(t *testing.T) {
+	tmpKeyFile := filepath.Join("fixtures", "keyfile")
+
+	if key, err := LoadOrCreateTrustKey(tmpKeyFile); err != nil || key == nil {
+		t.Fatalf("expected a key file, got : %v and %v", err, key)
+	}
+}
diff --git a/api/fixtures/keyfile b/api/fixtures/keyfile
new file mode 100644
index 00000000..322f2544
--- /dev/null
+++ b/api/fixtures/keyfile
@@ -0,0 +1,7 @@
+-----BEGIN EC PRIVATE KEY-----
+keyID: AWX2:I27X:WQFX:IOMK:CNAK:O7PW:VYNB:ZLKC:CVAE:YJP2:SI4A:XXAY
+
+MHcCAQEEILHTRWdcpKWsnORxSFyBnndJ4ROU41hMtr/GCiLVvwBQoAoGCCqGSM49
+AwEHoUQDQgAElpVFbQ2V2UQKajqdE3fVxJ+/pE/YuEFOxWbOxF2be19BY209/iky
+NzeFFK7SLpQ4CBJ7zDVXOHsMzrkY/GquGA==
+-----END EC PRIVATE KEY-----
diff --git a/api/server/httputils/errors.go b/api/server/httputils/errors.go
new file mode 100644
index 00000000..cf8d2ae6
--- /dev/null
+++ b/api/server/httputils/errors.go
@@ -0,0 +1,70 @@
+package httputils
+
+import (
+	"net/http"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+)
+
+// httpStatusError is an interface
+// that errors with custom status codes
+// implement to tell the api layer
+// which response status to set.
+type httpStatusError interface {
+	HTTPErrorStatusCode() int
+}
+
+// inputValidationError is an interface
+// that errors generated by invalid
+// inputs can implement to tell the
+// api layer to set a 400 status code
+// in the response.
+type inputValidationError interface {
+	IsValidationError() bool
+}
+
+// WriteError decodes a specific docker error and sends it in the response.
+func WriteError(w http.ResponseWriter, err error) {
+	if err == nil || w == nil {
+		logrus.WithFields(logrus.Fields{"error": err, "writer": w}).Error("unexpected HTTP error handling")
+		return
+	}
+
+	var statusCode int
+	errMsg := err.Error()
+
+	switch e := err.(type) {
+	case httpStatusError:
+		statusCode = e.HTTPErrorStatusCode()
+	case inputValidationError:
+		statusCode = http.StatusBadRequest
+	default:
+		// FIXME: this is brittle and should not be necessary, but we still need to identify if
+		// there are errors falling back into this logic.
+		// If we need to differentiate between different possible error types,
+		// we should create appropriate error types that implement the httpStatusError interface.
+		errStr := strings.ToLower(errMsg)
+		for keyword, status := range map[string]int{
+			"not found":             http.StatusNotFound,
+			"no such":               http.StatusNotFound,
+			"bad parameter":         http.StatusBadRequest,
+			"conflict":              http.StatusConflict,
+			"impossible":            http.StatusNotAcceptable,
+			"wrong login/password":  http.StatusUnauthorized,
+			"unauthorized":          http.StatusUnauthorized,
+			"hasn't been activated": http.StatusForbidden,
+		} {
+			if strings.Contains(errStr, keyword) {
+				statusCode = status
+				break
+			}
+		}
+	}
+
+	if statusCode == 0 {
+		statusCode = http.StatusInternalServerError
+	}
+
+	http.Error(w, errMsg, statusCode)
+}
diff --git a/api/server/httputils/form.go b/api/server/httputils/form.go
new file mode 100644
index 00000000..20188c12
--- /dev/null
+++ b/api/server/httputils/form.go
@@ -0,0 +1,73 @@
+package httputils
+
+import (
+	"fmt"
+	"net/http"
+	"path/filepath"
+	"strconv"
+	"strings"
+)
+
+// BoolValue transforms a form value in different formats into a boolean type.
+func BoolValue(r *http.Request, k string) bool {
+	s := strings.ToLower(strings.TrimSpace(r.FormValue(k)))
+	return !(s == "" || s == "0" || s == "no" || s == "false" || s == "none")
+}
+
+// BoolValueOrDefault returns the default bool passed if the query param is
+// missing, otherwise it's just a proxy to boolValue above
+func BoolValueOrDefault(r *http.Request, k string, d bool) bool {
+	if _, ok := r.Form[k]; !ok {
+		return d
+	}
+	return BoolValue(r, k)
+}
+
+// Int64ValueOrZero parses a form value into an int64 type.
+// It returns 0 if the parsing fails.
+func Int64ValueOrZero(r *http.Request, k string) int64 {
+	val, err := Int64ValueOrDefault(r, k, 0)
+	if err != nil {
+		return 0
+	}
+	return val
+}
+
+// Int64ValueOrDefault parses a form value into an int64 type. If there is an
+// error, returns the error. If there is no value returns the default value.
+func Int64ValueOrDefault(r *http.Request, field string, def int64) (int64, error) {
+	if r.Form.Get(field) != "" {
+		value, err := strconv.ParseInt(r.Form.Get(field), 10, 64)
+		if err != nil {
+			return value, err
+		}
+		return value, nil
+	}
+	return def, nil
+}
+
+// ArchiveOptions stores archive information for different operations.
+type ArchiveOptions struct {
+	Name string
+	Path string
+}
+
+// ArchiveFormValues parses form values and turns them into ArchiveOptions.
+// It fails if the archive name and path are not in the request.
+func ArchiveFormValues(r *http.Request, vars map[string]string) (ArchiveOptions, error) {
+	if err := ParseForm(r); err != nil {
+		return ArchiveOptions{}, err
+	}
+
+	name := vars["name"]
+	path := filepath.FromSlash(r.Form.Get("path"))
+
+	switch {
+	case name == "":
+		return ArchiveOptions{}, fmt.Errorf("bad parameter: 'name' cannot be empty")
+	case path == "":
+		return ArchiveOptions{}, fmt.Errorf("bad parameter: 'path' cannot be empty")
+	}
+
+	return ArchiveOptions{name, path}, nil
+}
diff --git a/api/server/httputils/form_test.go b/api/server/httputils/form_test.go
new file mode 100644
index 00000000..c56f7c15
--- /dev/null
+++ b/api/server/httputils/form_test.go
@@ -0,0 +1,105 @@
+package httputils
+
+import (
+	"net/http"
+	"net/url"
+	"testing"
+)
+
+func TestBoolValue(t *testing.T) {
+	cases := map[string]bool{
+		"":      false,
+		"0":     false,
+		"no":    false,
+		"false": false,
+		"none":  false,
+		"1":     true,
+		"yes":   true,
+		"true":  true,
+		"one":   true,
+		"100":   true,
+	}
+
+	for c, e := range cases {
+		v := url.Values{}
+		v.Set("test", c)
+		r, _ := http.NewRequest("POST", "", nil)
+		r.Form = v
+
+		a := BoolValue(r, "test")
+		if a != e {
+			t.Fatalf("Value: %s, expected: %v, actual: %v", c, e, a)
+		}
+	}
+}
+
+func TestBoolValueOrDefault(t *testing.T) {
+	r, _ := http.NewRequest("GET", "", nil)
+	if !BoolValueOrDefault(r, "queryparam", true) {
+		t.Fatal("Expected to get true default value, got false")
+	}
+
+	v := url.Values{}
+	v.Set("param", "")
+	r, _ = http.NewRequest("GET", "", nil)
+	r.Form = v
+	if BoolValueOrDefault(r, "param", true) {
+		t.Fatal("Expected not to get true")
+	}
+}
+
+func TestInt64ValueOrZero(t *testing.T) {
+	cases := map[string]int64{
+		"":     0,
+		"asdf": 0,
+		"0":    0,
+		"1":    1,
+	}
+
+	for c, e := range cases {
+		v := url.Values{}
+		v.Set("test", c)
+		r, _ := http.NewRequest("POST", "", nil)
+		r.Form = v
+
+		a := Int64ValueOrZero(r, "test")
+		if a != e {
+			t.Fatalf("Value: %s, expected: %v, actual: %v", c, e, a)
+		}
+	}
+}
+
+func TestInt64ValueOrDefault(t *testing.T) {
+	cases := map[string]int64{
+		"":   -1,
+		"-1": -1,
+		"42": 42,
+	}
+
+	for c, e := range cases {
+		v := url.Values{}
+		v.Set("test", c)
+		r, _ := http.NewRequest("POST", "", nil)
+		r.Form = v
+
+		a, err := Int64ValueOrDefault(r, "test", -1)
+		if a != e {
+			t.Fatalf("Value: %s, expected: %v, actual: %v", c, e, a)
+		}
+		if err != nil {
+			t.Fatalf("Error should be nil, but received: %s", err)
+		}
+	}
+}
+
+func TestInt64ValueOrDefaultWithError(t *testing.T) {
+	v := url.Values{}
+	v.Set("test", "invalid")
+	r, _ := http.NewRequest("POST", "", nil)
+	r.Form = v
+
+	_, err := Int64ValueOrDefault(r, "test", -1)
+	if err == nil {
+		t.Fatalf("Expected an error.")
+	}
+}
diff --git a/api/server/httputils/httputils.go b/api/server/httputils/httputils.go
new file mode 100644
index 00000000..59ee0308
--- /dev/null
+++ b/api/server/httputils/httputils.go
@@ -0,0 +1,107 @@
+package httputils
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"strings"
+
+	"golang.org/x/net/context"
+
+	"github.com/docker/docker/api"
+	"github.com/docker/docker/pkg/version"
+)
+
+// APIVersionKey is the client's requested API version.
+const APIVersionKey = "api-version"
+
+// UAStringKey is used as key type for user-agent string in net/context struct
+const UAStringKey = "upstream-user-agent"
+
+// APIFunc is an adapter to allow the use of ordinary functions as Docker API endpoints.
+// Any function that has the appropriate signature can be registered as a API endpoint (e.g. getVersion).
+type APIFunc func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error
+
+// HijackConnection interrupts the http response writer to get the
+// underlying connection and operate with it.
+func HijackConnection(w http.ResponseWriter) (io.ReadCloser, io.Writer, error) {
+	conn, _, err := w.(http.Hijacker).Hijack()
+	if err != nil {
+		return nil, nil, err
+	}
+	// Flush the options to make sure the client sets the raw mode
+	conn.Write([]byte{})
+	return conn, conn, nil
+}
+
+// CloseStreams ensures that a list for http streams are properly closed.
+func CloseStreams(streams ...interface{}) {
+	for _, stream := range streams {
+		if tcpc, ok := stream.(interface {
+			CloseWrite() error
+		}); ok {
+			tcpc.CloseWrite()
+		} else if closer, ok := stream.(io.Closer); ok {
+			closer.Close()
+		}
+	}
+}
+
+// CheckForJSON makes sure that the request's Content-Type is application/json.
+func CheckForJSON(r *http.Request) error {
+	ct := r.Header.Get("Content-Type")
+
+	// No Content-Type header is ok as long as there's no Body
+	if ct == "" {
+		if r.Body == nil || r.ContentLength == 0 {
+			return nil
+		}
+	}
+
+	// Otherwise it better be json
+	if api.MatchesContentType(ct, "application/json") {
+		return nil
+	}
+	return fmt.Errorf("Content-Type specified (%s) must be 'application/json'", ct)
+}
+
+// ParseForm ensures the request form is parsed even with invalid content types.
+// If we don't do this, POST method without Content-type (even with empty body) will fail.
+func ParseForm(r *http.Request) error {
+	if r == nil {
+		return nil
+	}
+	if err := r.ParseForm(); err != nil && !strings.HasPrefix(err.Error(), "mime:") {
+		return err
+	}
+	return nil
+}
+
+// ParseMultipartForm ensures the request form is parsed, even with invalid content types.
+func ParseMultipartForm(r *http.Request) error {
+	if err := r.ParseMultipartForm(4096); err != nil && !strings.HasPrefix(err.Error(), "mime:") {
+		return err
+	}
+	return nil
+}
+
+// WriteJSON writes the value v to the http response stream as json with standard json encoding.
+func WriteJSON(w http.ResponseWriter, code int, v interface{}) error {
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(code)
+	return json.NewEncoder(w).Encode(v)
+}
+
+// VersionFromContext returns an API version from the context using APIVersionKey.
+// It panics if the context value does not have version.Version type.
+func VersionFromContext(ctx context.Context) (ver version.Version) {
+	if ctx == nil {
+		return
+	}
+	val := ctx.Value(APIVersionKey)
+	if val == nil {
+		return
+	}
+	return val.(version.Version)
+}
diff --git a/api/server/middleware.go b/api/server/middleware.go
new file mode 100644
index 00000000..2622bf1b
--- /dev/null
+++ b/api/server/middleware.go
@@ -0,0 +1,41 @@
+package server
+
+import (
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/api"
+	"github.com/docker/docker/api/server/httputils"
+	"github.com/docker/docker/api/server/middleware"
+	"github.com/docker/docker/dockerversion"
+	"github.com/docker/docker/pkg/authorization"
+)
+
+// handleWithGlobalMiddlwares wraps the handler function for a request with
+// the server's global middlewares. The order of the middlewares is backwards,
+// meaning that the first in the list will be evaluated last.
+func (s *Server) handleWithGlobalMiddlewares(handler httputils.APIFunc) httputils.APIFunc {
+	next := handler
+
+	handleVersion := middleware.NewVersionMiddleware(dockerversion.Version, api.DefaultVersion, api.MinVersion)
+	next = handleVersion(next)
+
+	if s.cfg.EnableCors {
+		handleCORS := middleware.NewCORSMiddleware(s.cfg.CorsHeaders)
+		next = handleCORS(next)
+	}
+
+	handleUserAgent := middleware.NewUserAgentMiddleware(s.cfg.Version)
+	next = handleUserAgent(next)
+
+	// Only want this on debug level
+	if s.cfg.Logging && logrus.GetLevel() == logrus.DebugLevel {
+		next = middleware.DebugRequestMiddleware(next)
+	}
+
+	if len(s.cfg.AuthorizationPluginNames) > 0 {
+		s.authZPlugins = authorization.NewPlugins(s.cfg.AuthorizationPluginNames)
+		handleAuthorization := middleware.NewAuthorizationMiddleware(s.authZPlugins)
+		next = handleAuthorization(next)
+	}
+
+	return next
+}
diff --git a/api/server/middleware/authorization.go b/api/server/middleware/authorization.go
new file mode 100644
index 00000000..cbfa99e7
--- /dev/null
+++ b/api/server/middleware/authorization.go
@@ -0,0 +1,42 @@
+package middleware
+
+import (
+	"net/http"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/api/server/httputils"
+	"github.com/docker/docker/pkg/authorization"
+	"golang.org/x/net/context"
+)
+
+// NewAuthorizationMiddleware creates a new Authorization middleware.
+func NewAuthorizationMiddleware(plugins []authorization.Plugin) Middleware {
+	return func(handler httputils.APIFunc) httputils.APIFunc {
+		return func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+			// FIXME: fill when authN gets in
+			// User and UserAuthNMethod are taken from AuthN plugins
+			// Currently tracked in https://github.com/docker/docker/pull/13994
+			user := ""
+			userAuthNMethod := ""
+			authCtx := authorization.NewCtx(plugins, user, userAuthNMethod, r.Method, r.RequestURI)
+
+			if err := authCtx.AuthZRequest(w, r); err != nil {
+				logrus.Errorf("AuthZRequest for %s %s returned error: %s", r.Method, r.RequestURI, err)
+				return err
+			}
+
+			rw := authorization.NewResponseModifier(w)
+
+			if err := handler(ctx, rw, r, vars); err != nil {
+				logrus.Errorf("Handler for %s %s returned error: %s", r.Method, r.RequestURI, err)
+				return err
+			}
+
+			if err := authCtx.AuthZResponse(rw, r); err != nil {
+				logrus.Errorf("AuthZResponse for %s %s returned error: %s", r.Method, r.RequestURI, err)
+				return err
+			}
+			return nil
+		}
+	}
+}
diff --git a/api/server/middleware/cors.go b/api/server/middleware/cors.go
new file mode 100644
index 00000000..de21897d
--- /dev/null
+++ b/api/server/middleware/cors.go
@@ -0,0 +1,33 @@
+package middleware
+
+import (
+	"net/http"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/api/server/httputils"
+	"golang.org/x/net/context"
+)
+
+// NewCORSMiddleware creates a new CORS middleware.
+func NewCORSMiddleware(defaultHeaders string) Middleware {
+	return func(handler httputils.APIFunc) httputils.APIFunc {
+		return func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+			// If "api-cors-header" is not given, but "api-enable-cors" is true, we set cors to "*"
+			// otherwise, all head values will be passed to HTTP handler
+			corsHeaders := defaultHeaders
+			if corsHeaders == "" {
+				corsHeaders = "*"
+			}
+
+			writeCorsHeaders(w, r, corsHeaders)
+			return handler(ctx, w, r, vars)
+		}
+	}
+}
+
+func writeCorsHeaders(w http.ResponseWriter, r *http.Request, corsHeaders string) {
+	logrus.Debugf("CORS header is enabled and set to: %s", corsHeaders)
+	w.Header().Add("Access-Control-Allow-Origin", corsHeaders)
+	w.Header().Add("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, X-Registry-Auth")
+	w.Header().Add("Access-Control-Allow-Methods", "HEAD, GET, POST, DELETE, PUT, OPTIONS")
+}
diff --git a/api/server/middleware/debug.go b/api/server/middleware/debug.go
new file mode 100644
index 00000000..be7056f6
--- /dev/null
+++ b/api/server/middleware/debug.go
@@ -0,0 +1,56 @@
+package middleware
+
+import (
+	"bufio"
+	"encoding/json"
+	"io"
+	"net/http"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/api/server/httputils"
+	"github.com/docker/docker/pkg/ioutils"
+	"golang.org/x/net/context"
+)
+
+// DebugRequestMiddleware dumps the request to logger
+func DebugRequestMiddleware(handler httputils.APIFunc) httputils.APIFunc {
+	return func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+		logrus.Debugf("Calling %s %s", r.Method, r.RequestURI)
+
+		if r.Method != "POST" {
+			return handler(ctx, w, r, vars)
+		}
+		if err := httputils.CheckForJSON(r); err != nil {
+			return handler(ctx, w, r, vars)
+		}
+		maxBodySize := 4096 // 4KB
+		if r.ContentLength > int64(maxBodySize) {
+			return handler(ctx, w, r, vars)
+		}
+
+		body := r.Body
+		bufReader := bufio.NewReaderSize(body, maxBodySize)
+		r.Body = ioutils.NewReadCloserWrapper(bufReader, func() error { return body.Close() })
+
+		b, err := bufReader.Peek(maxBodySize)
+		if err != io.EOF {
+			// either there was an error reading, or the buffer is full (in which case the request is too large)
+			return handler(ctx, w, r, vars)
+		}
+
+		var postForm map[string]interface{}
+		if err := json.Unmarshal(b, &postForm); err == nil {
+			if _, exists := postForm["password"]; exists {
+				postForm["password"] = "*****"
+			}
+			formStr, errMarshal := json.Marshal(postForm)
+			if errMarshal == nil {
+				logrus.Debugf("form data: %s", string(formStr))
+			} else {
+				logrus.Debugf("form data: %q", postForm)
+			}
+		}
+
+		return handler(ctx, w, r, vars)
+	}
+}
diff --git a/api/server/middleware/middleware.go b/api/server/middleware/middleware.go
new file mode 100644
index 00000000..588331ae
--- /dev/null
+++ b/api/server/middleware/middleware.go
@@ -0,0 +1,7 @@
+package middleware
+
+import "github.com/docker/docker/api/server/httputils"
+
+// Middleware is an adapter to allow the use of ordinary functions as Docker API filters.
+// Any function that has the appropriate signature can be registered as a middleware.
+type Middleware func(handler httputils.APIFunc) httputils.APIFunc
diff --git a/api/server/middleware/user_agent.go b/api/server/middleware/user_agent.go
new file mode 100644
index 00000000..188196bf
--- /dev/null
+++ b/api/server/middleware/user_agent.go
@@ -0,0 +1,37 @@
+package middleware
+
+import (
+	"net/http"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/api/server/httputils"
+	"github.com/docker/docker/pkg/version"
+	"golang.org/x/net/context"
+)
+
+// NewUserAgentMiddleware creates a new UserAgent middleware.
+func NewUserAgentMiddleware(versionCheck string) Middleware {
+	serverVersion := version.Version(versionCheck)
+
+	return func(handler httputils.APIFunc) httputils.APIFunc {
+		return func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+			ctx = context.WithValue(ctx, httputils.UAStringKey, r.Header.Get("User-Agent"))
+
+			if strings.Contains(r.Header.Get("User-Agent"), "Docker-Client/") {
+				userAgent := strings.Split(r.Header.Get("User-Agent"), "/")
+
+				// v1.20 onwards includes the GOOS of the client after the version
+				// such as Docker/1.7.0 (linux)
+				if len(userAgent) == 2 && strings.Contains(userAgent[1], " ") {
+					userAgent[1] = strings.Split(userAgent[1], " ")[0]
+				}
+
+				if len(userAgent) == 2 && !serverVersion.Equal(version.Version(userAgent[1])) {
+					logrus.Debugf("Client and server don't have the same version (client: %s, server: %s)", userAgent[1], serverVersion)
+				}
+			}
+			return handler(ctx, w, r, vars)
+		}
+	}
+}
diff --git a/api/server/middleware/version.go b/api/server/middleware/version.go
new file mode 100644
index 00000000..41d518bc
--- /dev/null
+++ b/api/server/middleware/version.go
@@ -0,0 +1,45 @@
+package middleware
+
+import (
+	"fmt"
+	"net/http"
+	"runtime"
+
+	"github.com/docker/docker/api/server/httputils"
+	"github.com/docker/docker/pkg/version"
+	"golang.org/x/net/context"
+)
+
+type badRequestError struct {
+	error
+}
+
+func (badRequestError) HTTPErrorStatusCode() int {
+	return http.StatusBadRequest
+}
+
+// NewVersionMiddleware creates a new Version middleware.
+func NewVersionMiddleware(versionCheck string, defaultVersion, minVersion version.Version) Middleware {
+	serverVersion := version.Version(versionCheck)
+
+	return func(handler httputils.APIFunc) httputils.APIFunc {
+		return func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+			apiVersion := version.Version(vars["version"])
+			if apiVersion == "" {
+				apiVersion = defaultVersion
+			}
+
+			if apiVersion.GreaterThan(defaultVersion) {
+				return badRequestError{fmt.Errorf("client is newer than server (client API version: %s, server API version: %s)", apiVersion, defaultVersion)}
+			}
+			if apiVersion.LessThan(minVersion) {
+				return badRequestError{fmt.Errorf("client version %s is too old. Minimum supported API version is %s, please upgrade your client to a newer version", apiVersion, minVersion)}
+			}
+
+			header := fmt.Sprintf("Docker/%s (%s)", serverVersion, runtime.GOOS)
+			w.Header().Set("Server", header)
+			ctx = context.WithValue(ctx, httputils.APIVersionKey, apiVersion)
+			return handler(ctx, w, r, vars)
+		}
+	}
+}
diff --git a/api/server/middleware/version_test.go b/api/server/middleware/version_test.go
new file mode 100644
index 00000000..f60a98e5
--- /dev/null
+++ b/api/server/middleware/version_test.go
@@ -0,0 +1,64 @@
+package middleware
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"strings"
+	"testing"
+
+	"github.com/docker/docker/api/server/httputils"
+	"github.com/docker/docker/pkg/version"
+	"golang.org/x/net/context"
+)
+
+func TestVersionMiddleware(t *testing.T) {
+	handler := func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+		if httputils.VersionFromContext(ctx) == "" {
+			t.Fatalf("Expected version, got empty string")
+		}
+		return nil
+	}
+
+	defaultVersion := version.Version("1.10.0")
+	minVersion := version.Version("1.2.0")
+	m := NewVersionMiddleware(defaultVersion.String(), defaultVersion, minVersion)
+	h := m(handler)
+
+	req, _ := http.NewRequest("GET", "/containers/json", nil)
+	resp := httptest.NewRecorder()
+	ctx := context.Background()
+	if err := h(ctx, resp, req, map[string]string{}); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestVersionMiddlewareWithErrors(t *testing.T) {
+	handler := func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+		if httputils.VersionFromContext(ctx) == "" {
+			t.Fatalf("Expected version, got empty string")
+		}
+		return nil
+	}
+
+	defaultVersion := version.Version("1.10.0")
+	minVersion := version.Version("1.2.0")
+	m := NewVersionMiddleware(defaultVersion.String(), defaultVersion, minVersion)
+	h := m(handler)
+
+	req, _ := http.NewRequest("GET", "/containers/json", nil)
+	resp := httptest.NewRecorder()
+	ctx := context.Background()
+
+	vars := map[string]string{"version": "0.1"}
+	err := h(ctx, resp, req, vars)
+
+	if !strings.Contains(err.Error(), "client version 0.1 is too old. Minimum supported API version is 1.2.0") {
+		t.Fatalf("Expected too old client error, got %v", err)
+	}
+
+	vars["version"] = "100000"
+	err = h(ctx, resp, req, vars)
+	if !strings.Contains(err.Error(), "client is newer than server") {
+		t.Fatalf("Expected client newer than server error, got %v", err)
+	}
+}
diff --git a/api/server/profiler.go b/api/server/profiler.go
new file mode 100644
index 00000000..3c0dfd08
--- /dev/null
+++ b/api/server/profiler.go
@@ -0,0 +1,40 @@
+package server
+
+import (
+	"expvar"
+	"fmt"
+	"net/http"
+	"net/http/pprof"
+
+	"github.com/gorilla/mux"
+)
+
+const debugPathPrefix = "/debug/"
+
+func profilerSetup(mainRouter *mux.Router) {
+	var r = mainRouter.PathPrefix(debugPathPrefix).Subrouter()
+	r.HandleFunc("/vars", expVars)
+	r.HandleFunc("/pprof/", pprof.Index)
+	r.HandleFunc("/pprof/cmdline", pprof.Cmdline)
+	r.HandleFunc("/pprof/profile", pprof.Profile)
+	r.HandleFunc("/pprof/symbol", pprof.Symbol)
+	r.HandleFunc("/pprof/block", pprof.Handler("block").ServeHTTP)
+	r.HandleFunc("/pprof/heap", pprof.Handler("heap").ServeHTTP)
+	r.HandleFunc("/pprof/goroutine", pprof.Handler("goroutine").ServeHTTP)
+	r.HandleFunc("/pprof/threadcreate", pprof.Handler("threadcreate").ServeHTTP)
+}
+
+// Replicated from expvar.go as not public.
+func expVars(w http.ResponseWriter, r *http.Request) {
+	first := true
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	fmt.Fprintf(w, "{\n")
+	expvar.Do(func(kv expvar.KeyValue) {
+		if !first {
+			fmt.Fprintf(w, ",\n")
+		}
+		first = false
+		fmt.Fprintf(w, "%q: %s", kv.Key, kv.Value)
+	})
+	fmt.Fprintf(w, "\n}\n")
+}
diff --git a/api/server/router/build/backend.go b/api/server/router/build/backend.go
new file mode 100644
index 00000000..839f3160
--- /dev/null
+++ b/api/server/router/build/backend.go
@@ -0,0 +1,20 @@
+package build
+
+import (
+	"io"
+
+	"github.com/docker/docker/builder"
+	"github.com/docker/engine-api/types"
+	"golang.org/x/net/context"
+)
+
+// Backend abstracts an image builder whose only purpose is to build an image referenced by an imageID.
+type Backend interface {
+	// Build builds a Docker image referenced by an imageID string.
+	//
+	// Note: Tagging an image should not be done by a Builder, it should instead be done
+	// by the caller.
+	//
+	// TODO: make this return a reference instead of string
+	Build(clientCtx context.Context, config *types.ImageBuildOptions, context builder.Context, stdout io.Writer, stderr io.Writer, out io.Writer, clientGone <-chan bool) (string, error)
+}
diff --git a/api/server/router/build/build.go b/api/server/router/build/build.go
new file mode 100644
index 00000000..dc85d1df
--- /dev/null
+++ b/api/server/router/build/build.go
@@ -0,0 +1,29 @@
+package build
+
+import "github.com/docker/docker/api/server/router"
+
+// buildRouter is a router to talk with the build controller
+type buildRouter struct {
+	backend Backend
+	routes  []router.Route
+}
+
+// NewRouter initializes a new build router
+func NewRouter(b Backend) router.Router {
+	r := &buildRouter{
+		backend: b,
+	}
+	r.initRoutes()
+	return r
+}
+
+// Routes returns the available routers to the build controller
+func (r *buildRouter) Routes() []router.Route {
+	return r.routes
+}
+
+func (r *buildRouter) initRoutes() {
+	r.routes = []router.Route{
+		router.NewPostRoute("/build", r.postBuild),
+	}
+}
diff --git a/api/server/router/build/build_routes.go b/api/server/router/build/build_routes.go
new file mode 100644
index 00000000..a6b787d5
--- /dev/null
+++ b/api/server/router/build/build_routes.go
@@ -0,0 +1,213 @@
+package build
+
+import (
+	"bytes"
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"strconv"
+	"strings"
+	"sync"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/api/server/httputils"
+	"github.com/docker/docker/builder"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/pkg/progress"
+	"github.com/docker/docker/pkg/streamformatter"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/container"
+	"github.com/docker/go-units"
+	"golang.org/x/net/context"
+)
+
+func newImageBuildOptions(ctx context.Context, r *http.Request) (*types.ImageBuildOptions, error) {
+	version := httputils.VersionFromContext(ctx)
+	options := &types.ImageBuildOptions{}
+	if httputils.BoolValue(r, "forcerm") && version.GreaterThanOrEqualTo("1.12") {
+		options.Remove = true
+	} else if r.FormValue("rm") == "" && version.GreaterThanOrEqualTo("1.12") {
+		options.Remove = true
+	} else {
+		options.Remove = httputils.BoolValue(r, "rm")
+	}
+	if httputils.BoolValue(r, "pull") && version.GreaterThanOrEqualTo("1.16") {
+		options.PullParent = true
+	}
+
+	options.Dockerfile = r.FormValue("dockerfile")
+	options.SuppressOutput = httputils.BoolValue(r, "q")
+	options.NoCache = httputils.BoolValue(r, "nocache")
+	options.ForceRemove = httputils.BoolValue(r, "forcerm")
+	options.MemorySwap = httputils.Int64ValueOrZero(r, "memswap")
+	options.Memory = httputils.Int64ValueOrZero(r, "memory")
+	options.CPUShares = httputils.Int64ValueOrZero(r, "cpushares")
+	options.CPUPeriod = httputils.Int64ValueOrZero(r, "cpuperiod")
+	options.CPUQuota = httputils.Int64ValueOrZero(r, "cpuquota")
+	options.CPUSetCPUs = r.FormValue("cpusetcpus")
+	options.CPUSetMems = r.FormValue("cpusetmems")
+	options.CgroupParent = r.FormValue("cgroupparent")
+	options.Tags = r.Form["t"]
+
+	if r.Form.Get("shmsize") != "" {
+		shmSize, err := strconv.ParseInt(r.Form.Get("shmsize"), 10, 64)
+		if err != nil {
+			return nil, err
+		}
+		options.ShmSize = shmSize
+	}
+
+	if i := container.Isolation(r.FormValue("isolation")); i != "" {
+		if !container.Isolation.IsValid(i) {
+			return nil, fmt.Errorf("Unsupported isolation: %q", i)
+		}
+		options.Isolation = i
+	}
+
+	var buildUlimits = []*units.Ulimit{}
+	ulimitsJSON := r.FormValue("ulimits")
+	if ulimitsJSON != "" {
+		if err := json.NewDecoder(strings.NewReader(ulimitsJSON)).Decode(&buildUlimits); err != nil {
+			return nil, err
+		}
+		options.Ulimits = buildUlimits
+	}
+
+	var buildArgs = map[string]string{}
+	buildArgsJSON := r.FormValue("buildargs")
+	if buildArgsJSON != "" {
+		if err := json.NewDecoder(strings.NewReader(buildArgsJSON)).Decode(&buildArgs); err != nil {
+			return nil, err
+		}
+		options.BuildArgs = buildArgs
+	}
+	var labels = map[string]string{}
+	labelsJSON := r.FormValue("labels")
+	if labelsJSON != "" {
+		if err := json.NewDecoder(strings.NewReader(labelsJSON)).Decode(&labels); err != nil {
+			return nil, err
+		}
+		options.Labels = labels
+	}
+
+	return options, nil
+}
+
+type syncWriter struct {
+	w  io.Writer
+	mu sync.Mutex
+}
+
+func (s *syncWriter) Write(b []byte) (count int, err error) {
+	s.mu.Lock()
+	count, err = s.w.Write(b)
+	s.mu.Unlock()
+	return
+}
+
+func (br *buildRouter) postBuild(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	var (
+		authConfigs        = map[string]types.AuthConfig{}
+		authConfigsEncoded = r.Header.Get("X-Registry-Config")
+		notVerboseBuffer   = bytes.NewBuffer(nil)
+	)
+
+	if authConfigsEncoded != "" {
+		authConfigsJSON := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authConfigsEncoded))
+		if err := json.NewDecoder(authConfigsJSON).Decode(&authConfigs); err != nil {
+			// for a pull it is not an error if no auth was given
+			// to increase compatibility with the existing api it is defaulting
+			// to be empty.
+		}
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+
+	output := ioutils.NewWriteFlusher(w)
+	defer output.Close()
+	sf := streamformatter.NewJSONStreamFormatter()
+	errf := func(err error) error {
+		if httputils.BoolValue(r, "q") && notVerboseBuffer.Len() > 0 {
+			output.Write(notVerboseBuffer.Bytes())
+		}
+		// Do not write the error in the http output if it's still empty.
+		// This prevents from writing a 200(OK) when there is an internal error.
+		if !output.Flushed() {
+			return err
+		}
+		_, err = w.Write(sf.FormatError(err))
+		if err != nil {
+			logrus.Warnf("could not write error response: %v", err)
+		}
+		return nil
+	}
+
+	buildOptions, err := newImageBuildOptions(ctx, r)
+	if err != nil {
+		return errf(err)
+	}
+
+	remoteURL := r.FormValue("remote")
+
+	// Currently, only used if context is from a remote url.
+	// Look at code in DetectContextFromRemoteURL for more information.
+	createProgressReader := func(in io.ReadCloser) io.ReadCloser {
+		progressOutput := sf.NewProgressOutput(output, true)
+		if buildOptions.SuppressOutput {
+			progressOutput = sf.NewProgressOutput(notVerboseBuffer, true)
+		}
+		return progress.NewProgressReader(in, progressOutput, r.ContentLength, "Downloading context", remoteURL)
+	}
+
+	var (
+		context        builder.ModifiableContext
+		dockerfileName string
+		out            io.Writer
+	)
+	context, dockerfileName, err = builder.DetectContextFromRemoteURL(r.Body, remoteURL, createProgressReader)
+	if err != nil {
+		return errf(err)
+	}
+	defer func() {
+		if err := context.Close(); err != nil {
+			logrus.Debugf("[BUILDER] failed to remove temporary context: %v", err)
+		}
+	}()
+	if len(dockerfileName) > 0 {
+		buildOptions.Dockerfile = dockerfileName
+	}
+
+	buildOptions.AuthConfigs = authConfigs
+
+	out = output
+	if buildOptions.SuppressOutput {
+		out = notVerboseBuffer
+	}
+	out = &syncWriter{w: out}
+	stdout := &streamformatter.StdoutFormatter{Writer: out, StreamFormatter: sf}
+	stderr := &streamformatter.StderrFormatter{Writer: out, StreamFormatter: sf}
+
+	closeNotifier := make(<-chan bool)
+	if notifier, ok := w.(http.CloseNotifier); ok {
+		closeNotifier = notifier.CloseNotify()
+	}
+
+	imgID, err := br.backend.Build(ctx, buildOptions,
+		builder.DockerIgnoreContext{ModifiableContext: context},
+		stdout, stderr, out,
+		closeNotifier)
+	if err != nil {
+		return errf(err)
+	}
+
+	// Everything worked so if -q was provided the output from the daemon
+	// should be just the image ID and we'll print that to stdout.
+	if buildOptions.SuppressOutput {
+		stdout := &streamformatter.StdoutFormatter{Writer: output, StreamFormatter: sf}
+		fmt.Fprintf(stdout, "%s\n", string(imgID))
+	}
+
+	return nil
+}
diff --git a/api/server/router/container/backend.go b/api/server/router/container/backend.go
new file mode 100644
index 00000000..bd891975
--- /dev/null
+++ b/api/server/router/container/backend.go
@@ -0,0 +1,71 @@
+package container
+
+import (
+	"io"
+	"time"
+
+	"github.com/docker/docker/api/types/backend"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/version"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/container"
+)
+
+// execBackend includes functions to implement to provide exec functionality.
+type execBackend interface {
+	ContainerExecCreate(config *types.ExecConfig) (string, error)
+	ContainerExecInspect(id string) (*backend.ExecInspect, error)
+	ContainerExecResize(name string, height, width int) error
+	ContainerExecStart(name string, stdin io.ReadCloser, stdout io.Writer, stderr io.Writer) error
+	ExecExists(name string) (bool, error)
+}
+
+// copyBackend includes functions to implement to provide container copy functionality.
+type copyBackend interface {
+	ContainerArchivePath(name string, path string) (content io.ReadCloser, stat *types.ContainerPathStat, err error)
+	ContainerCopy(name string, res string) (io.ReadCloser, error)
+	ContainerExport(name string, out io.Writer) error
+	ContainerExtractToDir(name, path string, noOverwriteDirNonDir bool, content io.Reader) error
+	ContainerStatPath(name string, path string) (stat *types.ContainerPathStat, err error)
+}
+
+// stateBackend includes functions to implement to provide container state lifecycle functionality.
+type stateBackend interface {
+	ContainerCreate(types.ContainerCreateConfig) (types.ContainerCreateResponse, error)
+	ContainerKill(name string, sig uint64) error
+	ContainerPause(name string) error
+	ContainerRename(oldName, newName string) error
+	ContainerResize(name string, height, width int) error
+	ContainerRestart(name string, seconds int) error
+	ContainerRm(name string, config *types.ContainerRmConfig) error
+	ContainerStart(name string, hostConfig *container.HostConfig) error
+	ContainerStop(name string, seconds int) error
+	ContainerUnpause(name string) error
+	ContainerUpdate(name string, hostConfig *container.HostConfig) ([]string, error)
+	ContainerWait(name string, timeout time.Duration) (int, error)
+}
+
+// monitorBackend includes functions to implement to provide containers monitoring functionality.
+type monitorBackend interface {
+	ContainerChanges(name string) ([]archive.Change, error)
+	ContainerInspect(name string, size bool, version version.Version) (interface{}, error)
+	ContainerLogs(name string, config *backend.ContainerLogsConfig, started chan struct{}) error
+	ContainerStats(name string, config *backend.ContainerStatsConfig) error
+	ContainerTop(name string, psArgs string) (*types.ContainerProcessList, error)
+
+	Containers(config *types.ContainerListOptions) ([]*types.Container, error)
+}
+
+// attachBackend includes function to implement to provide container attaching functionality.
+type attachBackend interface {
+	ContainerAttach(name string, c *backend.ContainerAttachConfig) error
+}
+
+// Backend is all the methods that need to be implemented to provide container specific functionality.
+type Backend interface {
+	execBackend
+	copyBackend
+	stateBackend
+	monitorBackend
+	attachBackend
+}
diff --git a/api/server/router/container/container.go b/api/server/router/container/container.go
new file mode 100644
index 00000000..873f13d2
--- /dev/null
+++ b/api/server/router/container/container.go
@@ -0,0 +1,63 @@
+package container
+
+import "github.com/docker/docker/api/server/router"
+
+// containerRouter is a router to talk with the container controller
+type containerRouter struct {
+	backend Backend
+	routes  []router.Route
+}
+
+// NewRouter initializes a new container router
+func NewRouter(b Backend) router.Router {
+	r := &containerRouter{
+		backend: b,
+	}
+	r.initRoutes()
+	return r
+}
+
+// Routes returns the available routes to the container controller
+func (r *containerRouter) Routes() []router.Route {
+	return r.routes
+}
+
+// initRoutes initializes the routes in container router
+func (r *containerRouter) initRoutes() {
+	r.routes = []router.Route{
+		// HEAD
+		router.NewHeadRoute("/containers/{name:.*}/archive", r.headContainersArchive),
+		// GET
+		router.NewGetRoute("/containers/json", r.getContainersJSON),
+		router.NewGetRoute("/containers/{name:.*}/export", r.getContainersExport),
+		router.NewGetRoute("/containers/{name:.*}/changes", r.getContainersChanges),
+		router.NewGetRoute("/containers/{name:.*}/json", r.getContainersByName),
+		router.NewGetRoute("/containers/{name:.*}/top", r.getContainersTop),
+		router.NewGetRoute("/containers/{name:.*}/logs", r.getContainersLogs),
+		router.NewGetRoute("/containers/{name:.*}/stats", r.getContainersStats),
+		router.NewGetRoute("/containers/{name:.*}/attach/ws", r.wsContainersAttach),
+		router.NewGetRoute("/exec/{id:.*}/json", r.getExecByID),
+		router.NewGetRoute("/containers/{name:.*}/archive", r.getContainersArchive),
+		// POST
+		router.NewPostRoute("/containers/create", r.postContainersCreate),
+		router.NewPostRoute("/containers/{name:.*}/kill", r.postContainersKill),
+		router.NewPostRoute("/containers/{name:.*}/pause", r.postContainersPause),
+		router.NewPostRoute("/containers/{name:.*}/unpause", r.postContainersUnpause),
+		router.NewPostRoute("/containers/{name:.*}/restart", r.postContainersRestart),
+		router.NewPostRoute("/containers/{name:.*}/start", r.postContainersStart),
+		router.NewPostRoute("/containers/{name:.*}/stop", r.postContainersStop),
+		router.NewPostRoute("/containers/{name:.*}/wait", r.postContainersWait),
+		router.NewPostRoute("/containers/{name:.*}/resize", r.postContainersResize),
+		router.NewPostRoute("/containers/{name:.*}/attach", r.postContainersAttach),
+		router.NewPostRoute("/containers/{name:.*}/copy", r.postContainersCopy),
+		router.NewPostRoute("/containers/{name:.*}/exec", r.postContainerExecCreate),
+		router.NewPostRoute("/exec/{name:.*}/start", r.postContainerExecStart),
+		router.NewPostRoute("/exec/{name:.*}/resize", r.postContainerExecResize),
+		router.NewPostRoute("/containers/{name:.*}/rename", r.postContainerRename),
+		router.NewPostRoute("/containers/{name:.*}/update", r.postContainerUpdate),
+		// PUT
+		router.NewPutRoute("/containers/{name:.*}/archive", r.putContainersArchive),
+		// DELETE
+		router.NewDeleteRoute("/containers/{name:.*}", r.deleteContainers),
+	}
+}
diff --git a/api/server/router/container/container_routes.go b/api/server/router/container/container_routes.go
new file mode 100644
index 00000000..016e00f0
--- /dev/null
+++ b/api/server/router/container/container_routes.go
@@ -0,0 +1,531 @@
+package container
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"strconv"
+	"strings"
+	"syscall"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/api/server/httputils"
+	"github.com/docker/docker/api/types/backend"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/pkg/signal"
+	"github.com/docker/docker/pkg/term"
+	"github.com/docker/docker/runconfig"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/container"
+	"github.com/docker/engine-api/types/filters"
+	"golang.org/x/net/context"
+	"golang.org/x/net/websocket"
+)
+
+func (s *containerRouter) getContainersJSON(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+	filter, err := filters.FromParam(r.Form.Get("filters"))
+	if err != nil {
+		return err
+	}
+
+	config := &types.ContainerListOptions{
+		All:    httputils.BoolValue(r, "all"),
+		Size:   httputils.BoolValue(r, "size"),
+		Since:  r.Form.Get("since"),
+		Before: r.Form.Get("before"),
+		Filter: filter,
+	}
+
+	if tmpLimit := r.Form.Get("limit"); tmpLimit != "" {
+		limit, err := strconv.Atoi(tmpLimit)
+		if err != nil {
+			return err
+		}
+		config.Limit = limit
+	}
+
+	containers, err := s.backend.Containers(config)
+	if err != nil {
+		return err
+	}
+
+	return httputils.WriteJSON(w, http.StatusOK, containers)
+}
+
+func (s *containerRouter) getContainersStats(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	stream := httputils.BoolValueOrDefault(r, "stream", true)
+	if !stream {
+		w.Header().Set("Content-Type", "application/json")
+	}
+
+	var closeNotifier <-chan bool
+	if notifier, ok := w.(http.CloseNotifier); ok {
+		closeNotifier = notifier.CloseNotify()
+	}
+
+	config := &backend.ContainerStatsConfig{
+		Stream:    stream,
+		OutStream: w,
+		Stop:      closeNotifier,
+		Version:   string(httputils.VersionFromContext(ctx)),
+	}
+
+	return s.backend.ContainerStats(vars["name"], config)
+}
+
+func (s *containerRouter) getContainersLogs(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	// Args are validated before the stream starts because when it starts we're
+	// sending HTTP 200 by writing an empty chunk of data to tell the client that
+	// daemon is going to stream. By sending this initial HTTP 200 we can't report
+	// any error after the stream starts (i.e. container not found, wrong parameters)
+	// with the appropriate status code.
+	stdout, stderr := httputils.BoolValue(r, "stdout"), httputils.BoolValue(r, "stderr")
+	if !(stdout || stderr) {
+		return fmt.Errorf("Bad parameters: you must choose at least one stream")
+	}
+
+	var closeNotifier <-chan bool
+	if notifier, ok := w.(http.CloseNotifier); ok {
+		closeNotifier = notifier.CloseNotify()
+	}
+
+	containerName := vars["name"]
+	logsConfig := &backend.ContainerLogsConfig{
+		ContainerLogsOptions: types.ContainerLogsOptions{
+			Follow:     httputils.BoolValue(r, "follow"),
+			Timestamps: httputils.BoolValue(r, "timestamps"),
+			Since:      r.Form.Get("since"),
+			Tail:       r.Form.Get("tail"),
+			ShowStdout: stdout,
+			ShowStderr: stderr,
+		},
+		OutStream: w,
+		Stop:      closeNotifier,
+	}
+
+	chStarted := make(chan struct{})
+	if err := s.backend.ContainerLogs(containerName, logsConfig, chStarted); err != nil {
+		select {
+		case <-chStarted:
+			// The client may be expecting all of the data we're sending to
+			// be multiplexed, so send it through OutStream, which will
+			// have been set up to handle that if needed.
+			fmt.Fprintf(logsConfig.OutStream, "Error running logs job: %v\n", err)
+		default:
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (s *containerRouter) getContainersExport(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	return s.backend.ContainerExport(vars["name"], w)
+}
+
+func (s *containerRouter) postContainersStart(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	// If contentLength is -1, we can assumed chunked encoding
+	// or more technically that the length is unknown
+	// https://golang.org/src/pkg/net/http/request.go#L139
+	// net/http otherwise seems to swallow any headers related to chunked encoding
+	// including r.TransferEncoding
+	// allow a nil body for backwards compatibility
+	var hostConfig *container.HostConfig
+	if r.Body != nil && (r.ContentLength > 0 || r.ContentLength == -1) {
+		if err := httputils.CheckForJSON(r); err != nil {
+			return err
+		}
+
+		c, err := runconfig.DecodeHostConfig(r.Body)
+		if err != nil {
+			return err
+		}
+
+		hostConfig = c
+	}
+
+	if err := s.backend.ContainerStart(vars["name"], hostConfig); err != nil {
+		return err
+	}
+	w.WriteHeader(http.StatusNoContent)
+	return nil
+}
+
+func (s *containerRouter) postContainersStop(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	seconds, _ := strconv.Atoi(r.Form.Get("t"))
+
+	if err := s.backend.ContainerStop(vars["name"], seconds); err != nil {
+		return err
+	}
+	w.WriteHeader(http.StatusNoContent)
+
+	return nil
+}
+
+type errContainerIsRunning interface {
+	ContainerIsRunning() bool
+}
+
+func (s *containerRouter) postContainersKill(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	var sig syscall.Signal
+	name := vars["name"]
+
+	// If we have a signal, look at it. Otherwise, do nothing
+	if sigStr := r.Form.Get("signal"); sigStr != "" {
+		var err error
+		if sig, err = signal.ParseSignal(sigStr); err != nil {
+			return err
+		}
+	}
+
+	if err := s.backend.ContainerKill(name, uint64(sig)); err != nil {
+		var isStopped bool
+		if e, ok := err.(errContainerIsRunning); ok {
+			isStopped = !e.ContainerIsRunning()
+		}
+
+		// Return error that's not caused because the container is stopped.
+		// Return error if the container is not running and the api is >= 1.20
+		// to keep backwards compatibility.
+		version := httputils.VersionFromContext(ctx)
+		if version.GreaterThanOrEqualTo("1.20") || !isStopped {
+			return fmt.Errorf("Cannot kill container %s: %v", name, err)
+		}
+	}
+
+	w.WriteHeader(http.StatusNoContent)
+	return nil
+}
+
+func (s *containerRouter) postContainersRestart(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	timeout, _ := strconv.Atoi(r.Form.Get("t"))
+
+	if err := s.backend.ContainerRestart(vars["name"], timeout); err != nil {
+		return err
+	}
+
+	w.WriteHeader(http.StatusNoContent)
+
+	return nil
+}
+
+func (s *containerRouter) postContainersPause(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	if err := s.backend.ContainerPause(vars["name"]); err != nil {
+		return err
+	}
+
+	w.WriteHeader(http.StatusNoContent)
+
+	return nil
+}
+
+func (s *containerRouter) postContainersUnpause(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	if err := s.backend.ContainerUnpause(vars["name"]); err != nil {
+		return err
+	}
+
+	w.WriteHeader(http.StatusNoContent)
+
+	return nil
+}
+
+func (s *containerRouter) postContainersWait(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	status, err := s.backend.ContainerWait(vars["name"], -1*time.Second)
+	if err != nil {
+		return err
+	}
+
+	return httputils.WriteJSON(w, http.StatusOK, &types.ContainerWaitResponse{
+		StatusCode: status,
+	})
+}
+
+func (s *containerRouter) getContainersChanges(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	changes, err := s.backend.ContainerChanges(vars["name"])
+	if err != nil {
+		return err
+	}
+
+	return httputils.WriteJSON(w, http.StatusOK, changes)
+}
+
+func (s *containerRouter) getContainersTop(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	procList, err := s.backend.ContainerTop(vars["name"], r.Form.Get("ps_args"))
+	if err != nil {
+		return err
+	}
+
+	return httputils.WriteJSON(w, http.StatusOK, procList)
+}
+
+func (s *containerRouter) postContainerRename(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	name := vars["name"]
+	newName := r.Form.Get("name")
+	if err := s.backend.ContainerRename(name, newName); err != nil {
+		return err
+	}
+	w.WriteHeader(http.StatusNoContent)
+	return nil
+}
+
+func (s *containerRouter) postContainerUpdate(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+	if err := httputils.CheckForJSON(r); err != nil {
+		return err
+	}
+
+	var updateConfig container.UpdateConfig
+
+	decoder := json.NewDecoder(r.Body)
+	if err := decoder.Decode(&updateConfig); err != nil {
+		return err
+	}
+
+	hostConfig := &container.HostConfig{
+		Resources:     updateConfig.Resources,
+		RestartPolicy: updateConfig.RestartPolicy,
+	}
+
+	name := vars["name"]
+	warnings, err := s.backend.ContainerUpdate(name, hostConfig)
+	if err != nil {
+		return err
+	}
+
+	return httputils.WriteJSON(w, http.StatusOK, &types.ContainerUpdateResponse{
+		Warnings: warnings,
+	})
+}
+
+func (s *containerRouter) postContainersCreate(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+	if err := httputils.CheckForJSON(r); err != nil {
+		return err
+	}
+
+	name := r.Form.Get("name")
+
+	config, hostConfig, networkingConfig, err := runconfig.DecodeContainerConfig(r.Body)
+	if err != nil {
+		return err
+	}
+	version := httputils.VersionFromContext(ctx)
+	adjustCPUShares := version.LessThan("1.19")
+
+	ccr, err := s.backend.ContainerCreate(types.ContainerCreateConfig{
+		Name:             name,
+		Config:           config,
+		HostConfig:       hostConfig,
+		NetworkingConfig: networkingConfig,
+		AdjustCPUShares:  adjustCPUShares,
+	})
+	if err != nil {
+		return err
+	}
+
+	return httputils.WriteJSON(w, http.StatusCreated, ccr)
+}
+
+func (s *containerRouter) deleteContainers(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	name := vars["name"]
+	config := &types.ContainerRmConfig{
+		ForceRemove:  httputils.BoolValue(r, "force"),
+		RemoveVolume: httputils.BoolValue(r, "v"),
+		RemoveLink:   httputils.BoolValue(r, "link"),
+	}
+
+	if err := s.backend.ContainerRm(name, config); err != nil {
+		// Force a 404 for the empty string
+		if strings.Contains(strings.ToLower(err.Error()), "prefix can't be empty") {
+			return fmt.Errorf("no such container: \"\"")
+		}
+		return err
+	}
+
+	w.WriteHeader(http.StatusNoContent)
+
+	return nil
+}
+
+func (s *containerRouter) postContainersResize(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	height, err := strconv.Atoi(r.Form.Get("h"))
+	if err != nil {
+		return err
+	}
+	width, err := strconv.Atoi(r.Form.Get("w"))
+	if err != nil {
+		return err
+	}
+
+	return s.backend.ContainerResize(vars["name"], height, width)
+}
+
+func (s *containerRouter) postContainersAttach(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	err := httputils.ParseForm(r)
+	if err != nil {
+		return err
+	}
+	containerName := vars["name"]
+
+	_, upgrade := r.Header["Upgrade"]
+
+	keys := []byte{}
+	detachKeys := r.FormValue("detachKeys")
+	if detachKeys != "" {
+		keys, err = term.ToBytes(detachKeys)
+		if err != nil {
+			logrus.Warnf("Invalid escape keys provided (%s) using default : ctrl-p ctrl-q", detachKeys)
+		}
+	}
+
+	hijacker, ok := w.(http.Hijacker)
+	if !ok {
+		return fmt.Errorf("error attaching to container %s, hijack connection missing", containerName)
+	}
+
+	setupStreams := func() (io.ReadCloser, io.Writer, io.Writer, error) {
+		conn, _, err := hijacker.Hijack()
+		if err != nil {
+			return nil, nil, nil, err
+		}
+
+		// set raw mode
+		conn.Write([]byte{})
+
+		if upgrade {
+			fmt.Fprintf(conn, "HTTP/1.1 101 UPGRADED\r\nContent-Type: application/vnd.docker.raw-stream\r\nConnection: Upgrade\r\nUpgrade: tcp\r\n\r\n")
+		} else {
+			fmt.Fprintf(conn, "HTTP/1.1 200 OK\r\nContent-Type: application/vnd.docker.raw-stream\r\n\r\n")
+		}
+
+		closer := func() error {
+			httputils.CloseStreams(conn)
+			return nil
+		}
+		return ioutils.NewReadCloserWrapper(conn, closer), conn, conn, nil
+	}
+
+	attachConfig := &backend.ContainerAttachConfig{
+		GetStreams: setupStreams,
+		UseStdin:   httputils.BoolValue(r, "stdin"),
+		UseStdout:  httputils.BoolValue(r, "stdout"),
+		UseStderr:  httputils.BoolValue(r, "stderr"),
+		Logs:       httputils.BoolValue(r, "logs"),
+		Stream:     httputils.BoolValue(r, "stream"),
+		DetachKeys: keys,
+		MuxStreams: true,
+	}
+
+	return s.backend.ContainerAttach(containerName, attachConfig)
+}
+
+func (s *containerRouter) wsContainersAttach(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+	containerName := vars["name"]
+
+	var keys []byte
+	var err error
+	detachKeys := r.FormValue("detachKeys")
+	if detachKeys != "" {
+		keys, err = term.ToBytes(detachKeys)
+		if err != nil {
+			logrus.Warnf("Invalid escape keys provided (%s) using default : ctrl-p ctrl-q", detachKeys)
+		}
+	}
+
+	done := make(chan struct{})
+	started := make(chan struct{})
+
+	setupStreams := func() (io.ReadCloser, io.Writer, io.Writer, error) {
+		wsChan := make(chan *websocket.Conn)
+		h := func(conn *websocket.Conn) {
+			wsChan <- conn
+			<-done
+		}
+
+		srv := websocket.Server{Handler: h, Handshake: nil}
+		go func() {
+			close(started)
+			srv.ServeHTTP(w, r)
+		}()
+
+		conn := <-wsChan
+		return conn, conn, conn, nil
+	}
+
+	attachConfig := &backend.ContainerAttachConfig{
+		GetStreams: setupStreams,
+		Logs:       httputils.BoolValue(r, "logs"),
+		Stream:     httputils.BoolValue(r, "stream"),
+		DetachKeys: keys,
+		UseStdin:   true,
+		UseStdout:  true,
+		UseStderr:  true,
+		MuxStreams: false, // TODO: this should be true since it's a single stream for both stdout and stderr
+	}
+
+	err = s.backend.ContainerAttach(containerName, attachConfig)
+	close(done)
+	select {
+	case <-started:
+		logrus.Errorf("Error attaching websocket: %s", err)
+		return nil
+	default:
+	}
+	return err
+}
diff --git a/api/server/router/container/copy.go b/api/server/router/container/copy.go
new file mode 100644
index 00000000..69584b31
--- /dev/null
+++ b/api/server/router/container/copy.go
@@ -0,0 +1,112 @@
+package container
+
+import (
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"os"
+	"strings"
+
+	"github.com/docker/docker/api/server/httputils"
+	"github.com/docker/engine-api/types"
+	"golang.org/x/net/context"
+)
+
+// postContainersCopy is deprecated in favor of getContainersArchive.
+func (s *containerRouter) postContainersCopy(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.CheckForJSON(r); err != nil {
+		return err
+	}
+
+	cfg := types.CopyConfig{}
+	if err := json.NewDecoder(r.Body).Decode(&cfg); err != nil {
+		return err
+	}
+
+	if cfg.Resource == "" {
+		return fmt.Errorf("Path cannot be empty")
+	}
+
+	data, err := s.backend.ContainerCopy(vars["name"], cfg.Resource)
+	if err != nil {
+		if strings.Contains(strings.ToLower(err.Error()), "no such container") {
+			w.WriteHeader(http.StatusNotFound)
+			return nil
+		}
+		if os.IsNotExist(err) {
+			return fmt.Errorf("Could not find the file %s in container %s", cfg.Resource, vars["name"])
+		}
+		return err
+	}
+	defer data.Close()
+
+	w.Header().Set("Content-Type", "application/x-tar")
+	if _, err := io.Copy(w, data); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// // Encode the stat to JSON, base64 encode, and place in a header.
+func setContainerPathStatHeader(stat *types.ContainerPathStat, header http.Header) error {
+	statJSON, err := json.Marshal(stat)
+	if err != nil {
+		return err
+	}
+
+	header.Set(
+		"X-Docker-Container-Path-Stat",
+		base64.StdEncoding.EncodeToString(statJSON),
+	)
+
+	return nil
+}
+
+func (s *containerRouter) headContainersArchive(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	v, err := httputils.ArchiveFormValues(r, vars)
+	if err != nil {
+		return err
+	}
+
+	stat, err := s.backend.ContainerStatPath(v.Name, v.Path)
+	if err != nil {
+		return err
+	}
+
+	return setContainerPathStatHeader(stat, w.Header())
+}
+
+func (s *containerRouter) getContainersArchive(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	v, err := httputils.ArchiveFormValues(r, vars)
+	if err != nil {
+		return err
+	}
+
+	tarArchive, stat, err := s.backend.ContainerArchivePath(v.Name, v.Path)
+	if err != nil {
+		return err
+	}
+	defer tarArchive.Close()
+
+	if err := setContainerPathStatHeader(stat, w.Header()); err != nil {
+		return err
+	}
+
+	w.Header().Set("Content-Type", "application/x-tar")
+	_, err = io.Copy(w, tarArchive)
+
+	return err
+}
+
+func (s *containerRouter) putContainersArchive(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	v, err := httputils.ArchiveFormValues(r, vars)
+	if err != nil {
+		return err
+	}
+
+	noOverwriteDirNonDir := httputils.BoolValue(r, "noOverwriteDirNonDir")
+	return s.backend.ContainerExtractToDir(v.Name, v.Path, noOverwriteDirNonDir, r.Body)
+}
diff --git a/api/server/router/container/exec.go b/api/server/router/container/exec.go
new file mode 100644
index 00000000..1a3ddc4c
--- /dev/null
+++ b/api/server/router/container/exec.go
@@ -0,0 +1,134 @@
+package container
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"strconv"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/api/server/httputils"
+	"github.com/docker/docker/pkg/stdcopy"
+	"github.com/docker/engine-api/types"
+	"golang.org/x/net/context"
+)
+
+func (s *containerRouter) getExecByID(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	eConfig, err := s.backend.ContainerExecInspect(vars["id"])
+	if err != nil {
+		return err
+	}
+
+	return httputils.WriteJSON(w, http.StatusOK, eConfig)
+}
+
+func (s *containerRouter) postContainerExecCreate(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+	if err := httputils.CheckForJSON(r); err != nil {
+		return err
+	}
+	name := vars["name"]
+
+	execConfig := &types.ExecConfig{}
+	if err := json.NewDecoder(r.Body).Decode(execConfig); err != nil {
+		return err
+	}
+	execConfig.Container = name
+
+	if len(execConfig.Cmd) == 0 {
+		return fmt.Errorf("No exec command specified")
+	}
+
+	// Register an instance of Exec in container.
+	id, err := s.backend.ContainerExecCreate(execConfig)
+	if err != nil {
+		logrus.Errorf("Error setting up exec command in container %s: %v", name, err)
+		return err
+	}
+
+	return httputils.WriteJSON(w, http.StatusCreated, &types.ContainerExecCreateResponse{
+		ID: id,
+	})
+}
+
+// TODO(vishh): Refactor the code to avoid having to specify stream config as part of both create and start.
+func (s *containerRouter) postContainerExecStart(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	version := httputils.VersionFromContext(ctx)
+	if version.GreaterThan("1.21") {
+		if err := httputils.CheckForJSON(r); err != nil {
+			return err
+		}
+	}
+
+	var (
+		execName                  = vars["name"]
+		stdin, inStream           io.ReadCloser
+		stdout, stderr, outStream io.Writer
+	)
+
+	execStartCheck := &types.ExecStartCheck{}
+	if err := json.NewDecoder(r.Body).Decode(execStartCheck); err != nil {
+		return err
+	}
+
+	if exists, err := s.backend.ExecExists(execName); !exists {
+		return err
+	}
+
+	if !execStartCheck.Detach {
+		var err error
+		// Setting up the streaming http interface.
+		inStream, outStream, err = httputils.HijackConnection(w)
+		if err != nil {
+			return err
+		}
+		defer httputils.CloseStreams(inStream, outStream)
+
+		if _, ok := r.Header["Upgrade"]; ok {
+			fmt.Fprintf(outStream, "HTTP/1.1 101 UPGRADED\r\nContent-Type: application/vnd.docker.raw-stream\r\nConnection: Upgrade\r\nUpgrade: tcp\r\n\r\n")
+		} else {
+			fmt.Fprintf(outStream, "HTTP/1.1 200 OK\r\nContent-Type: application/vnd.docker.raw-stream\r\n\r\n")
+		}
+
+		stdin = inStream
+		stdout = outStream
+		if !execStartCheck.Tty {
+			stderr = stdcopy.NewStdWriter(outStream, stdcopy.Stderr)
+			stdout = stdcopy.NewStdWriter(outStream, stdcopy.Stdout)
+		}
+	}
+
+	// Now run the user process in container.
+	if err := s.backend.ContainerExecStart(execName, stdin, stdout, stderr); err != nil {
+		if execStartCheck.Detach {
+			return err
+		}
+		stdout.Write([]byte(err.Error()))
+		logrus.Errorf("Error running exec in container: %v\n", err)
+		return err
+	}
+	return nil
+}
+
+func (s *containerRouter) postContainerExecResize(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+	height, err := strconv.Atoi(r.Form.Get("h"))
+	if err != nil {
+		return err
+	}
+	width, err := strconv.Atoi(r.Form.Get("w"))
+	if err != nil {
+		return err
+	}
+
+	return s.backend.ContainerExecResize(vars["name"], height, width)
+}
diff --git a/api/server/router/container/inspect.go b/api/server/router/container/inspect.go
new file mode 100644
index 00000000..dbbced7e
--- /dev/null
+++ b/api/server/router/container/inspect.go
@@ -0,0 +1,21 @@
+package container
+
+import (
+	"net/http"
+
+	"github.com/docker/docker/api/server/httputils"
+	"golang.org/x/net/context"
+)
+
+// getContainersByName inspects container's configuration and serializes it as json.
+func (s *containerRouter) getContainersByName(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	displaySize := httputils.BoolValue(r, "size")
+
+	version := httputils.VersionFromContext(ctx)
+	json, err := s.backend.ContainerInspect(vars["name"], displaySize, version)
+	if err != nil {
+		return err
+	}
+
+	return httputils.WriteJSON(w, http.StatusOK, json)
+}
diff --git a/api/server/router/image/backend.go b/api/server/router/image/backend.go
new file mode 100644
index 00000000..dfb02a4d
--- /dev/null
+++ b/api/server/router/image/backend.go
@@ -0,0 +1,44 @@
+package image
+
+import (
+	"io"
+
+	"github.com/docker/docker/reference"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/container"
+	"github.com/docker/engine-api/types/registry"
+	"golang.org/x/net/context"
+)
+
+// Backend is all the methods that need to be implemented
+// to provide image specific functionality.
+type Backend interface {
+	containerBackend
+	imageBackend
+	importExportBackend
+	registryBackend
+}
+
+type containerBackend interface {
+	Commit(name string, config *types.ContainerCommitConfig) (imageID string, err error)
+}
+
+type imageBackend interface {
+	ImageDelete(imageRef string, force, prune bool) ([]types.ImageDelete, error)
+	ImageHistory(imageName string) ([]*types.ImageHistory, error)
+	Images(filterArgs string, filter string, all bool) ([]*types.Image, error)
+	LookupImage(name string) (*types.ImageInspect, error)
+	TagImage(newTag reference.Named, imageName string) error
+}
+
+type importExportBackend interface {
+	LoadImage(inTar io.ReadCloser, outStream io.Writer, quiet bool) error
+	ImportImage(src string, newRef reference.Named, msg string, inConfig io.ReadCloser, outStream io.Writer, config *container.Config) error
+	ExportImage(names []string, outStream io.Writer) error
+}
+
+type registryBackend interface {
+	PullImage(ctx context.Context, ref reference.Named, metaHeaders map[string][]string, authConfig *types.AuthConfig, outStream io.Writer) error
+	PushImage(ctx context.Context, ref reference.Named, metaHeaders map[string][]string, authConfig *types.AuthConfig, outStream io.Writer) error
+	SearchRegistryForImages(ctx context.Context, term string, authConfig *types.AuthConfig, metaHeaders map[string][]string) (*registry.SearchResults, error)
+}
diff --git a/api/server/router/image/image.go b/api/server/router/image/image.go
new file mode 100644
index 00000000..d6a1297a
--- /dev/null
+++ b/api/server/router/image/image.go
@@ -0,0 +1,44 @@
+package image
+
+import "github.com/docker/docker/api/server/router"
+
+// imageRouter is a router to talk with the image controller
+type imageRouter struct {
+	backend Backend
+	routes  []router.Route
+}
+
+// NewRouter initializes a new image router
+func NewRouter(backend Backend) router.Router {
+	r := &imageRouter{
+		backend: backend,
+	}
+	r.initRoutes()
+	return r
+}
+
+// Routes returns the available routes to the image controller
+func (r *imageRouter) Routes() []router.Route {
+	return r.routes
+}
+
+// initRoutes initializes the routes in the image router
+func (r *imageRouter) initRoutes() {
+	r.routes = []router.Route{
+		// GET
+		router.NewGetRoute("/images/json", r.getImagesJSON),
+		router.NewGetRoute("/images/search", r.getImagesSearch),
+		router.NewGetRoute("/images/get", r.getImagesGet),
+		router.NewGetRoute("/images/{name:.*}/get", r.getImagesGet),
+		router.NewGetRoute("/images/{name:.*}/history", r.getImagesHistory),
+		router.NewGetRoute("/images/{name:.*}/json", r.getImagesByName),
+		// POST
+		router.NewPostRoute("/commit", r.postCommit),
+		router.NewPostRoute("/images/create", r.postImagesCreate),
+		router.NewPostRoute("/images/load", r.postImagesLoad),
+		router.NewPostRoute("/images/{name:.*}/push", r.postImagesPush),
+		router.NewPostRoute("/images/{name:.*}/tag", r.postImagesTag),
+		// DELETE
+		router.NewDeleteRoute("/images/{name:.*}", r.deleteImages),
+	}
+}
diff --git a/api/server/router/image/image_routes.go b/api/server/router/image/image_routes.go
new file mode 100644
index 00000000..58abd4b4
--- /dev/null
+++ b/api/server/router/image/image_routes.go
@@ -0,0 +1,383 @@
+package image
+
+import (
+	"encoding/base64"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"net/http"
+	"strings"
+
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/api/server/httputils"
+	"github.com/docker/docker/builder/dockerfile"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/pkg/streamformatter"
+	"github.com/docker/docker/reference"
+	"github.com/docker/docker/runconfig"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/container"
+	"golang.org/x/net/context"
+)
+
+func (s *imageRouter) postCommit(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	if err := httputils.CheckForJSON(r); err != nil {
+		return err
+	}
+
+	cname := r.Form.Get("container")
+
+	pause := httputils.BoolValue(r, "pause")
+	version := httputils.VersionFromContext(ctx)
+	if r.FormValue("pause") == "" && version.GreaterThanOrEqualTo("1.13") {
+		pause = true
+	}
+
+	c, _, _, err := runconfig.DecodeContainerConfig(r.Body)
+	if err != nil && err != io.EOF { //Do not fail if body is empty.
+		return err
+	}
+	if c == nil {
+		c = &container.Config{}
+	}
+
+	newConfig, err := dockerfile.BuildFromConfig(c, r.Form["changes"])
+	if err != nil {
+		return err
+	}
+
+	commitCfg := &types.ContainerCommitConfig{
+		Pause:        pause,
+		Repo:         r.Form.Get("repo"),
+		Tag:          r.Form.Get("tag"),
+		Author:       r.Form.Get("author"),
+		Comment:      r.Form.Get("comment"),
+		Config:       newConfig,
+		MergeConfigs: true,
+	}
+
+	imgID, err := s.backend.Commit(cname, commitCfg)
+	if err != nil {
+		return err
+	}
+
+	return httputils.WriteJSON(w, http.StatusCreated, &types.ContainerCommitResponse{
+		ID: string(imgID),
+	})
+}
+
+// Creates an image from Pull or from Import
+func (s *imageRouter) postImagesCreate(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	var (
+		image   = r.Form.Get("fromImage")
+		repo    = r.Form.Get("repo")
+		tag     = r.Form.Get("tag")
+		message = r.Form.Get("message")
+		err     error
+		output  = ioutils.NewWriteFlusher(w)
+	)
+	defer output.Close()
+
+	w.Header().Set("Content-Type", "application/json")
+
+	if image != "" { //pull
+		// Special case: "pull -a" may send an image name with a
+		// trailing :. This is ugly, but let's not break API
+		// compatibility.
+		image = strings.TrimSuffix(image, ":")
+
+		var ref reference.Named
+		ref, err = reference.ParseNamed(image)
+		if err == nil {
+			if tag != "" {
+				// The "tag" could actually be a digest.
+				var dgst digest.Digest
+				dgst, err = digest.ParseDigest(tag)
+				if err == nil {
+					ref, err = reference.WithDigest(ref, dgst)
+				} else {
+					ref, err = reference.WithTag(ref, tag)
+				}
+			}
+			if err == nil {
+				metaHeaders := map[string][]string{}
+				for k, v := range r.Header {
+					if strings.HasPrefix(k, "X-Meta-") {
+						metaHeaders[k] = v
+					}
+				}
+
+				authEncoded := r.Header.Get("X-Registry-Auth")
+				authConfig := &types.AuthConfig{}
+				if authEncoded != "" {
+					authJSON := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded))
+					if err := json.NewDecoder(authJSON).Decode(authConfig); err != nil {
+						// for a pull it is not an error if no auth was given
+						// to increase compatibility with the existing api it is defaulting to be empty
+						authConfig = &types.AuthConfig{}
+					}
+				}
+
+				err = s.backend.PullImage(ctx, ref, metaHeaders, authConfig, output)
+			}
+		}
+	} else { //import
+		var newRef reference.Named
+		if repo != "" {
+			var err error
+			newRef, err = reference.ParseNamed(repo)
+			if err != nil {
+				return err
+			}
+
+			if _, isCanonical := newRef.(reference.Canonical); isCanonical {
+				return errors.New("cannot import digest reference")
+			}
+
+			if tag != "" {
+				newRef, err = reference.WithTag(newRef, tag)
+				if err != nil {
+					return err
+				}
+			}
+		}
+
+		src := r.Form.Get("fromSrc")
+
+		// 'err' MUST NOT be defined within this block, we need any error
+		// generated from the download to be available to the output
+		// stream processing below
+		var newConfig *container.Config
+		newConfig, err = dockerfile.BuildFromConfig(&container.Config{}, r.Form["changes"])
+		if err != nil {
+			return err
+		}
+
+		err = s.backend.ImportImage(src, newRef, message, r.Body, output, newConfig)
+	}
+	if err != nil {
+		if !output.Flushed() {
+			return err
+		}
+		sf := streamformatter.NewJSONStreamFormatter()
+		output.Write(sf.FormatError(err))
+	}
+
+	return nil
+}
+
+func (s *imageRouter) postImagesPush(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	metaHeaders := map[string][]string{}
+	for k, v := range r.Header {
+		if strings.HasPrefix(k, "X-Meta-") {
+			metaHeaders[k] = v
+		}
+	}
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+	authConfig := &types.AuthConfig{}
+
+	authEncoded := r.Header.Get("X-Registry-Auth")
+	if authEncoded != "" {
+		// the new format is to handle the authConfig as a header
+		authJSON := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded))
+		if err := json.NewDecoder(authJSON).Decode(authConfig); err != nil {
+			// to increase compatibility to existing api it is defaulting to be empty
+			authConfig = &types.AuthConfig{}
+		}
+	} else {
+		// the old format is supported for compatibility if there was no authConfig header
+		if err := json.NewDecoder(r.Body).Decode(authConfig); err != nil {
+			return fmt.Errorf("Bad parameters and missing X-Registry-Auth: %v", err)
+		}
+	}
+
+	ref, err := reference.ParseNamed(vars["name"])
+	if err != nil {
+		return err
+	}
+	tag := r.Form.Get("tag")
+	if tag != "" {
+		// Push by digest is not supported, so only tags are supported.
+		ref, err = reference.WithTag(ref, tag)
+		if err != nil {
+			return err
+		}
+	}
+
+	output := ioutils.NewWriteFlusher(w)
+	defer output.Close()
+
+	w.Header().Set("Content-Type", "application/json")
+
+	if err := s.backend.PushImage(ctx, ref, metaHeaders, authConfig, output); err != nil {
+		if !output.Flushed() {
+			return err
+		}
+		sf := streamformatter.NewJSONStreamFormatter()
+		output.Write(sf.FormatError(err))
+	}
+	return nil
+}
+
+func (s *imageRouter) getImagesGet(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	w.Header().Set("Content-Type", "application/x-tar")
+
+	output := ioutils.NewWriteFlusher(w)
+	defer output.Close()
+	var names []string
+	if name, ok := vars["name"]; ok {
+		names = []string{name}
+	} else {
+		names = r.Form["names"]
+	}
+
+	if err := s.backend.ExportImage(names, output); err != nil {
+		if !output.Flushed() {
+			return err
+		}
+		sf := streamformatter.NewJSONStreamFormatter()
+		output.Write(sf.FormatError(err))
+	}
+	return nil
+}
+
+func (s *imageRouter) postImagesLoad(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+	quiet := httputils.BoolValueOrDefault(r, "quiet", true)
+
+	if !quiet {
+		w.Header().Set("Content-Type", "application/json")
+
+		output := ioutils.NewWriteFlusher(w)
+		defer output.Close()
+		if err := s.backend.LoadImage(r.Body, output, quiet); err != nil {
+			output.Write(streamformatter.NewJSONStreamFormatter().FormatError(err))
+		}
+		return nil
+	}
+	return s.backend.LoadImage(r.Body, w, quiet)
+}
+
+func (s *imageRouter) deleteImages(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	name := vars["name"]
+
+	if strings.TrimSpace(name) == "" {
+		return fmt.Errorf("image name cannot be blank")
+	}
+
+	force := httputils.BoolValue(r, "force")
+	prune := !httputils.BoolValue(r, "noprune")
+
+	list, err := s.backend.ImageDelete(name, force, prune)
+	if err != nil {
+		return err
+	}
+
+	return httputils.WriteJSON(w, http.StatusOK, list)
+}
+
+func (s *imageRouter) getImagesByName(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	imageInspect, err := s.backend.LookupImage(vars["name"])
+	if err != nil {
+		return err
+	}
+
+	return httputils.WriteJSON(w, http.StatusOK, imageInspect)
+}
+
+func (s *imageRouter) getImagesJSON(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	// FIXME: The filter parameter could just be a match filter
+	images, err := s.backend.Images(r.Form.Get("filters"), r.Form.Get("filter"), httputils.BoolValue(r, "all"))
+	if err != nil {
+		return err
+	}
+
+	return httputils.WriteJSON(w, http.StatusOK, images)
+}
+
+func (s *imageRouter) getImagesHistory(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	name := vars["name"]
+	history, err := s.backend.ImageHistory(name)
+	if err != nil {
+		return err
+	}
+
+	return httputils.WriteJSON(w, http.StatusOK, history)
+}
+
+func (s *imageRouter) postImagesTag(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+	repo := r.Form.Get("repo")
+	tag := r.Form.Get("tag")
+	newTag, err := reference.WithName(repo)
+	if err != nil {
+		return err
+	}
+	if tag != "" {
+		if newTag, err = reference.WithTag(newTag, tag); err != nil {
+			return err
+		}
+	}
+	if err := s.backend.TagImage(newTag, vars["name"]); err != nil {
+		return err
+	}
+	w.WriteHeader(http.StatusCreated)
+	return nil
+}
+
+func (s *imageRouter) getImagesSearch(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+	var (
+		config      *types.AuthConfig
+		authEncoded = r.Header.Get("X-Registry-Auth")
+		headers     = map[string][]string{}
+	)
+
+	if authEncoded != "" {
+		authJSON := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded))
+		if err := json.NewDecoder(authJSON).Decode(&config); err != nil {
+			// for a search it is not an error if no auth was given
+			// to increase compatibility with the existing api it is defaulting to be empty
+			config = &types.AuthConfig{}
+		}
+	}
+	for k, v := range r.Header {
+		if strings.HasPrefix(k, "X-Meta-") {
+			headers[k] = v
+		}
+	}
+	query, err := s.backend.SearchRegistryForImages(ctx, r.Form.Get("term"), config, headers)
+	if err != nil {
+		return err
+	}
+	return httputils.WriteJSON(w, http.StatusOK, query.Results)
+}
diff --git a/api/server/router/local.go b/api/server/router/local.go
new file mode 100644
index 00000000..99db4242
--- /dev/null
+++ b/api/server/router/local.go
@@ -0,0 +1,61 @@
+package router
+
+import "github.com/docker/docker/api/server/httputils"
+
+// localRoute defines an individual API route to connect
+// with the docker daemon. It implements Route.
+type localRoute struct {
+	method  string
+	path    string
+	handler httputils.APIFunc
+}
+
+// Handler returns the APIFunc to let the server wrap it in middlewares.
+func (l localRoute) Handler() httputils.APIFunc {
+	return l.handler
+}
+
+// Method returns the http method that the route responds to.
+func (l localRoute) Method() string {
+	return l.method
+}
+
+// Path returns the subpath where the route responds to.
+func (l localRoute) Path() string {
+	return l.path
+}
+
+// NewRoute initializes a new local route for the router.
+func NewRoute(method, path string, handler httputils.APIFunc) Route {
+	return localRoute{method, path, handler}
+}
+
+// NewGetRoute initializes a new route with the http method GET.
+func NewGetRoute(path string, handler httputils.APIFunc) Route {
+	return NewRoute("GET", path, handler)
+}
+
+// NewPostRoute initializes a new route with the http method POST.
+func NewPostRoute(path string, handler httputils.APIFunc) Route {
+	return NewRoute("POST", path, handler)
+}
+
+// NewPutRoute initializes a new route with the http method PUT.
+func NewPutRoute(path string, handler httputils.APIFunc) Route {
+	return NewRoute("PUT", path, handler)
+}
+
+// NewDeleteRoute initializes a new route with the http method DELETE.
+func NewDeleteRoute(path string, handler httputils.APIFunc) Route {
+	return NewRoute("DELETE", path, handler)
+}
+
+// NewOptionsRoute initializes a new route with the http method OPTIONS.
+func NewOptionsRoute(path string, handler httputils.APIFunc) Route {
+	return NewRoute("OPTIONS", path, handler)
+}
+
+// NewHeadRoute initializes a new route with the http method HEAD.
+func NewHeadRoute(path string, handler httputils.APIFunc) Route {
+	return NewRoute("HEAD", path, handler)
+}
diff --git a/api/server/router/network/backend.go b/api/server/router/network/backend.go
new file mode 100644
index 00000000..7bbbca4d
--- /dev/null
+++ b/api/server/router/network/backend.go
@@ -0,0 +1,19 @@
+package network
+
+import (
+	"github.com/docker/engine-api/types/network"
+	"github.com/docker/libnetwork"
+)
+
+// Backend is all the methods that need to be implemented
+// to provide network specific functionality.
+type Backend interface {
+	FindNetwork(idName string) (libnetwork.Network, error)
+	GetNetworkByName(idName string) (libnetwork.Network, error)
+	GetNetworksByID(partialID string) []libnetwork.Network
+	GetAllNetworks() []libnetwork.Network
+	CreateNetwork(name, driver string, ipam network.IPAM, options map[string]string, labels map[string]string, internal bool, enableIPv6 bool) (libnetwork.Network, error)
+	ConnectContainerToNetwork(containerName, networkName string, endpointConfig *network.EndpointSettings) error
+	DisconnectContainerFromNetwork(containerName string, network libnetwork.Network, force bool) error
+	DeleteNetwork(name string) error
+}
diff --git a/api/server/router/network/filter.go b/api/server/router/network/filter.go
new file mode 100644
index 00000000..f1648cc2
--- /dev/null
+++ b/api/server/router/network/filter.go
@@ -0,0 +1,110 @@
+package network
+
+import (
+	"fmt"
+	"regexp"
+	"strings"
+
+	"github.com/docker/docker/runconfig"
+	"github.com/docker/engine-api/types/filters"
+	"github.com/docker/libnetwork"
+)
+
+type filterHandler func([]libnetwork.Network, string) ([]libnetwork.Network, error)
+
+var (
+	// supportedFilters predefined some supported filter handler function
+	supportedFilters = map[string]filterHandler{
+		"type": filterNetworkByType,
+		"name": filterNetworkByName,
+		"id":   filterNetworkByID,
+	}
+
+	// acceptFilters is an acceptable filter flag list
+	// generated for validation. e.g.
+	// acceptedFilters = map[string]bool{
+	//     "type": true,
+	//     "name": true,
+	//     "id":   true,
+	// }
+	acceptedFilters = func() map[string]bool {
+		ret := make(map[string]bool)
+		for k := range supportedFilters {
+			ret[k] = true
+		}
+		return ret
+	}()
+)
+
+func filterNetworkByType(nws []libnetwork.Network, netType string) (retNws []libnetwork.Network, err error) {
+	switch netType {
+	case "builtin":
+		for _, nw := range nws {
+			if runconfig.IsPreDefinedNetwork(nw.Name()) {
+				retNws = append(retNws, nw)
+			}
+		}
+	case "custom":
+		for _, nw := range nws {
+			if !runconfig.IsPreDefinedNetwork(nw.Name()) {
+				retNws = append(retNws, nw)
+			}
+		}
+	default:
+		return nil, fmt.Errorf("Invalid filter: 'type'='%s'", netType)
+	}
+	return retNws, nil
+}
+
+func filterNetworkByName(nws []libnetwork.Network, name string) (retNws []libnetwork.Network, err error) {
+	for _, nw := range nws {
+		// exact match (fast path)
+		if nw.Name() == name {
+			retNws = append(retNws, nw)
+			continue
+		}
+
+		// regexp match (slow path)
+		match, err := regexp.MatchString(name, nw.Name())
+		if err != nil || !match {
+			continue
+		} else {
+			retNws = append(retNws, nw)
+		}
+	}
+	return retNws, nil
+}
+
+func filterNetworkByID(nws []libnetwork.Network, id string) (retNws []libnetwork.Network, err error) {
+	for _, nw := range nws {
+		if strings.HasPrefix(nw.ID(), id) {
+			retNws = append(retNws, nw)
+		}
+	}
+	return retNws, nil
+}
+
+// filterAllNetworks filters network list according to user specified filter
+// and returns user chosen networks
+func filterNetworks(nws []libnetwork.Network, filter filters.Args) ([]libnetwork.Network, error) {
+	// if filter is empty, return original network list
+	if filter.Len() == 0 {
+		return nws, nil
+	}
+
+	var displayNet []libnetwork.Network
+	for fkey, fhandler := range supportedFilters {
+		errFilter := filter.WalkValues(fkey, func(fval string) error {
+			passList, err := fhandler(nws, fval)
+			if err != nil {
+				return err
+			}
+			displayNet = append(displayNet, passList...)
+			return nil
+		})
+		if errFilter != nil {
+			return nil, errFilter
+		}
+	}
+	return displayNet, nil
+}
diff --git a/api/server/router/network/network.go b/api/server/router/network/network.go
new file mode 100644
index 00000000..7c880896
--- /dev/null
+++ b/api/server/router/network/network.go
@@ -0,0 +1,37 @@
+package network
+
+import "github.com/docker/docker/api/server/router"
+
+// networkRouter is a router to talk with the network controller
+type networkRouter struct {
+	backend Backend
+	routes  []router.Route
+}
+
+// NewRouter initializes a new network router
+func NewRouter(b Backend) router.Router {
+	r := &networkRouter{
+		backend: b,
+	}
+	r.initRoutes()
+	return r
+}
+
+// Routes returns the available routes to the network controller
+func (r *networkRouter) Routes() []router.Route {
+	return r.routes
+}
+
+func (r *networkRouter) initRoutes() {
+	r.routes = []router.Route{
+		// GET
+		router.NewGetRoute("/networks", r.getNetworksList),
+		router.NewGetRoute("/networks/{id:.*}", r.getNetwork),
+		// POST
+		router.NewPostRoute("/networks/create", r.postNetworkCreate),
+		router.NewPostRoute("/networks/{id:.*}/connect", r.postNetworkConnect),
+		router.NewPostRoute("/networks/{id:.*}/disconnect", r.postNetworkDisconnect),
+		// DELETE
+		router.NewDeleteRoute("/networks/{id:.*}", r.deleteNetwork),
+	}
+}
diff --git a/api/server/router/network/network_routes.go b/api/server/router/network/network_routes.go
new file mode 100644
index 00000000..f052f541
--- /dev/null
+++ b/api/server/router/network/network_routes.go
@@ -0,0 +1,277 @@
+package network
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+
+	"golang.org/x/net/context"
+
+	"github.com/docker/docker/api/server/httputils"
+	"github.com/docker/docker/runconfig"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/filters"
+	"github.com/docker/engine-api/types/network"
+	"github.com/docker/libnetwork"
+)
+
+func (n *networkRouter) getNetworksList(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	filter := r.Form.Get("filters")
+	netFilters, err := filters.FromParam(filter)
+	if err != nil {
+		return err
+	}
+
+	if netFilters.Len() != 0 {
+		if err := netFilters.Validate(acceptedFilters); err != nil {
+			return err
+		}
+	}
+
+	list := []*types.NetworkResource{}
+
+	nwList := n.backend.GetAllNetworks()
+	displayable, err := filterNetworks(nwList, netFilters)
+	if err != nil {
+		return err
+	}
+
+	for _, nw := range displayable {
+		list = append(list, buildNetworkResource(nw))
+	}
+
+	return httputils.WriteJSON(w, http.StatusOK, list)
+}
+
+func (n *networkRouter) getNetwork(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	nw, err := n.backend.FindNetwork(vars["id"])
+	if err != nil {
+		return err
+	}
+	return httputils.WriteJSON(w, http.StatusOK, buildNetworkResource(nw))
+}
+
+func (n *networkRouter) postNetworkCreate(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	var create types.NetworkCreate
+	var warning string
+
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	if err := httputils.CheckForJSON(r); err != nil {
+		return err
+	}
+
+	if err := json.NewDecoder(r.Body).Decode(&create); err != nil {
+		return err
+	}
+
+	if runconfig.IsPreDefinedNetwork(create.Name) {
+		return httputils.WriteJSON(w, http.StatusForbidden,
+			fmt.Sprintf("%s is a pre-defined network and cannot be created", create.Name))
+	}
+
+	nw, err := n.backend.GetNetworkByName(create.Name)
+	if _, ok := err.(libnetwork.ErrNoSuchNetwork); err != nil && !ok {
+		return err
+	}
+	if nw != nil {
+		if create.CheckDuplicate {
+			return libnetwork.NetworkNameError(create.Name)
+		}
+		warning = fmt.Sprintf("Network with name %s (id : %s) already exists", nw.Name(), nw.ID())
+	}
+
+	nw, err = n.backend.CreateNetwork(create.Name, create.Driver, create.IPAM, create.Options, create.Labels, create.Internal, create.EnableIPv6)
+	if err != nil {
+		return err
+	}
+
+	return httputils.WriteJSON(w, http.StatusCreated, &types.NetworkCreateResponse{
+		ID:      nw.ID(),
+		Warning: warning,
+	})
+}
+
+func (n *networkRouter) postNetworkConnect(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	var connect types.NetworkConnect
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	if err := httputils.CheckForJSON(r); err != nil {
+		return err
+	}
+
+	if err := json.NewDecoder(r.Body).Decode(&connect); err != nil {
+		return err
+	}
+
+	nw, err := n.backend.FindNetwork(vars["id"])
+	if err != nil {
+		return err
+	}
+
+	return n.backend.ConnectContainerToNetwork(connect.Container, nw.Name(), connect.EndpointConfig)
+}
+
+func (n *networkRouter) postNetworkDisconnect(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	var disconnect types.NetworkDisconnect
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	if err := httputils.CheckForJSON(r); err != nil {
+		return err
+	}
+
+	if err := json.NewDecoder(r.Body).Decode(&disconnect); err != nil {
+		return err
+	}
+
+	nw, err := n.backend.FindNetwork(vars["id"])
+	if err != nil {
+		return err
+	}
+
+	return n.backend.DisconnectContainerFromNetwork(disconnect.Container, nw, disconnect.Force)
+}
+
+func (n *networkRouter) deleteNetwork(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+	if err := n.backend.DeleteNetwork(vars["id"]); err != nil {
+		return err
+	}
+	w.WriteHeader(http.StatusNoContent)
+	return nil
+}
+
+func buildNetworkResource(nw libnetwork.Network) *types.NetworkResource {
+	r := &types.NetworkResource{}
+	if nw == nil {
+		return r
+	}
+
+	info := nw.Info()
+	r.Name = nw.Name()
+	r.ID = nw.ID()
+	r.Scope = info.Scope()
+	r.Driver = nw.Type()
+	r.EnableIPv6 = info.IPv6Enabled()
+	r.Internal = info.Internal()
+	r.Options = info.DriverOptions()
+	r.Containers = make(map[string]types.EndpointResource)
+	buildIpamResources(r, info)
+	r.Internal = info.Internal()
+	r.Labels = info.Labels()
+
+	epl := nw.Endpoints()
+	for _, e := range epl {
+		ei := e.Info()
+		if ei == nil {
+			continue
+		}
+		sb := ei.Sandbox()
+		key := "ep-" + e.ID()
+		if sb != nil {
+			key = sb.ContainerID()
+		}
+
+		r.Containers[key] = buildEndpointResource(e)
+	}
+	return r
+}
+
+func buildIpamResources(r *types.NetworkResource, nwInfo libnetwork.NetworkInfo) {
+	id, opts, ipv4conf, ipv6conf := nwInfo.IpamConfig()
+
+	ipv4Info, ipv6Info := nwInfo.IpamInfo()
+
+	r.IPAM.Driver = id
+
+	r.IPAM.Options = opts
+
+	r.IPAM.Config = []network.IPAMConfig{}
+	for _, ip4 := range ipv4conf {
+		if ip4.PreferredPool == "" {
+			continue
+		}
+		iData := network.IPAMConfig{}
+		iData.Subnet = ip4.PreferredPool
+		iData.IPRange = ip4.SubPool
+		iData.Gateway = ip4.Gateway
+		iData.AuxAddress = ip4.AuxAddresses
+		r.IPAM.Config = append(r.IPAM.Config, iData)
+	}
+
+	if len(r.IPAM.Config) == 0 {
+		for _, ip4Info := range ipv4Info {
+			iData := network.IPAMConfig{}
+			iData.Subnet = ip4Info.IPAMData.Pool.String()
+			iData.Gateway = ip4Info.IPAMData.Gateway.String()
+			r.IPAM.Config = append(r.IPAM.Config, iData)
+		}
+	}
+
+	hasIpv6Conf := false
+	for _, ip6 := range ipv6conf {
+		if ip6.PreferredPool == "" {
+			continue
+		}
+		hasIpv6Conf = true
+		iData := network.IPAMConfig{}
+		iData.Subnet = ip6.PreferredPool
+		iData.IPRange = ip6.SubPool
+		iData.Gateway = ip6.Gateway
+		iData.AuxAddress = ip6.AuxAddresses
+		r.IPAM.Config = append(r.IPAM.Config, iData)
+	}
+
+	if !hasIpv6Conf {
+		for _, ip6Info := range ipv6Info {
+			iData := network.IPAMConfig{}
+			iData.Subnet = ip6Info.IPAMData.Pool.String()
+			iData.Gateway = ip6Info.IPAMData.Gateway.String()
+			r.IPAM.Config = append(r.IPAM.Config, iData)
+		}
+	}
+}
+
+func buildEndpointResource(e libnetwork.Endpoint) types.EndpointResource {
+	er := types.EndpointResource{}
+	if e == nil {
+		return er
+	}
+
+	er.EndpointID = e.ID()
+	er.Name = e.Name()
+	ei := e.Info()
+	if ei == nil {
+		return er
+	}
+
+	if iface := ei.Iface(); iface != nil {
+		if mac := iface.MacAddress(); mac != nil {
+			er.MacAddress = mac.String()
+		}
+		if ip := iface.Address(); ip != nil && len(ip.IP) > 0 {
+			er.IPv4Address = ip.String()
+		}
+
+		if ipv6 := iface.AddressIPv6(); ipv6 != nil && len(ipv6.IP) > 0 {
+			er.IPv6Address = ipv6.String()
+		}
+	}
+	return er
+}
diff --git a/api/server/router/router.go b/api/server/router/router.go
new file mode 100644
index 00000000..2de25c27
--- /dev/null
+++ b/api/server/router/router.go
@@ -0,0 +1,19 @@
+package router
+
+import "github.com/docker/docker/api/server/httputils"
+
+// Router defines an interface to specify a group of routes to add to the docker server.
+type Router interface {
+	// Routes returns the list of routes to add to the docker server.
+	Routes() []Route
+}
+
+// Route defines an individual API route in the docker server.
+type Route interface {
+	// Handler returns the raw function to create the http handler.
+	Handler() httputils.APIFunc
+	// Method returns the http method that the route responds to.
+	Method() string
+	// Path returns the subpath where the route responds to.
+	Path() string
+}
diff --git a/api/server/router/system/backend.go b/api/server/router/system/backend.go
new file mode 100644
index 00000000..e6284cd4
--- /dev/null
+++ b/api/server/router/system/backend.go
@@ -0,0 +1,18 @@
+package system
+
+import (
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/events"
+	"github.com/docker/engine-api/types/filters"
+	"golang.org/x/net/context"
+)
+
+// Backend is the methods that need to be implemented to provide
+// system specific functionality.
+type Backend interface {
+	SystemInfo() (*types.Info, error)
+	SystemVersion() types.Version
+	SubscribeToEvents(since, sinceNano int64, ef filters.Args) ([]events.Message, chan interface{})
+	UnsubscribeFromEvents(chan interface{})
+	AuthenticateToRegistry(ctx context.Context, authConfig *types.AuthConfig) (string, string, error)
+}
diff --git a/api/server/router/system/system.go b/api/server/router/system/system.go
new file mode 100644
index 00000000..76da5c52
--- /dev/null
+++ b/api/server/router/system/system.go
@@ -0,0 +1,33 @@
+package system
+
+import "github.com/docker/docker/api/server/router"
+
+// systemRouter provides information about the Docker system overall.
+// It gathers information about host, daemon and container events.
+type systemRouter struct {
+	backend Backend
+	routes  []router.Route
+}
+
+// NewRouter initializes a new system router
+func NewRouter(b Backend) router.Router {
+	r := &systemRouter{
+		backend: b,
+	}
+
+	r.routes = []router.Route{
+		router.NewOptionsRoute("/{anyroute:.*}", optionsHandler),
+		router.NewGetRoute("/_ping", pingHandler),
+		router.NewGetRoute("/events", r.getEvents),
+		router.NewGetRoute("/info", r.getInfo),
+		router.NewGetRoute("/version", r.getVersion),
+		router.NewPostRoute("/auth", r.postAuth),
+	}
+
+	return r
+}
+
+// Routes returns all the API routes dedicated to the docker system
+func (s *systemRouter) Routes() []router.Route {
+	return s.routes
+}
diff --git a/api/server/router/system/system_routes.go b/api/server/router/system/system_routes.go
new file mode 100644
index 00000000..defaa0d6
--- /dev/null
+++ b/api/server/router/system/system_routes.go
@@ -0,0 +1,125 @@
+package system
+
+import (
+	"encoding/json"
+	"net/http"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/api"
+	"github.com/docker/docker/api/server/httputils"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/events"
+	"github.com/docker/engine-api/types/filters"
+	timetypes "github.com/docker/engine-api/types/time"
+	"golang.org/x/net/context"
+)
+
+func optionsHandler(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	w.WriteHeader(http.StatusOK)
+	return nil
+}
+
+func pingHandler(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	_, err := w.Write([]byte{'O', 'K'})
+	return err
+}
+
+func (s *systemRouter) getInfo(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	info, err := s.backend.SystemInfo()
+	if err != nil {
+		return err
+	}
+
+	return httputils.WriteJSON(w, http.StatusOK, info)
+}
+
+func (s *systemRouter) getVersion(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	info := s.backend.SystemVersion()
+	info.APIVersion = api.DefaultVersion.String()
+
+	return httputils.WriteJSON(w, http.StatusOK, info)
+}
+
+func (s *systemRouter) getEvents(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+	since, sinceNano, err := timetypes.ParseTimestamps(r.Form.Get("since"), -1)
+	if err != nil {
+		return err
+	}
+	until, untilNano, err := timetypes.ParseTimestamps(r.Form.Get("until"), -1)
+	if err != nil {
+		return err
+	}
+
+	var timeout <-chan time.Time
+	if until > 0 || untilNano > 0 {
+		dur := time.Unix(until, untilNano).Sub(time.Now())
+		timeout = time.NewTimer(dur).C
+	}
+
+	ef, err := filters.FromParam(r.Form.Get("filters"))
+	if err != nil {
+		return err
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	output := ioutils.NewWriteFlusher(w)
+	defer output.Close()
+	output.Flush()
+
+	enc := json.NewEncoder(output)
+
+	buffered, l := s.backend.SubscribeToEvents(since, sinceNano, ef)
+	defer s.backend.UnsubscribeFromEvents(l)
+
+	for _, ev := range buffered {
+		if err := enc.Encode(ev); err != nil {
+			return err
+		}
+	}
+
+	var closeNotify <-chan bool
+	if closeNotifier, ok := w.(http.CloseNotifier); ok {
+		closeNotify = closeNotifier.CloseNotify()
+	}
+
+	for {
+		select {
+		case ev := <-l:
+			jev, ok := ev.(events.Message)
+			if !ok {
+				logrus.Warnf("unexpected event message: %q", ev)
+				continue
+			}
+			if err := enc.Encode(jev); err != nil {
+				return err
+			}
+		case <-timeout:
+			return nil
+		case <-closeNotify:
+			logrus.Debug("Client disconnected, stop sending events")
+			return nil
+		}
+	}
+}
+
+func (s *systemRouter) postAuth(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	var config *types.AuthConfig
+	err := json.NewDecoder(r.Body).Decode(&config)
+	r.Body.Close()
+	if err != nil {
+		return err
+	}
+	status, token, err := s.backend.AuthenticateToRegistry(ctx, config)
+	if err != nil {
+		return err
+	}
+	return httputils.WriteJSON(w, http.StatusOK, &types.AuthResponse{
+		Status:        status,
+		IdentityToken: token,
+	})
+}
diff --git a/api/server/router/volume/backend.go b/api/server/router/volume/backend.go
new file mode 100644
index 00000000..fbf5ed27
--- /dev/null
+++ b/api/server/router/volume/backend.go
@@ -0,0 +1,15 @@
+package volume
+
+import (
+	// TODO return types need to be refactored into pkg
+	"github.com/docker/engine-api/types"
+)
+
+// Backend is the methods that need to be implemented to provide
+// volume specific functionality
+type Backend interface {
+	Volumes(filter string) ([]*types.Volume, []string, error)
+	VolumeInspect(name string) (*types.Volume, error)
+	VolumeCreate(name, driverName string, opts, labels map[string]string) (*types.Volume, error)
+	VolumeRm(name string) error
+}
diff --git a/api/server/router/volume/volume.go b/api/server/router/volume/volume.go
new file mode 100644
index 00000000..2683dcec
--- /dev/null
+++ b/api/server/router/volume/volume.go
@@ -0,0 +1,35 @@
+package volume
+
+import "github.com/docker/docker/api/server/router"
+
+// volumeRouter is a router to talk with the volumes controller
+type volumeRouter struct {
+	backend Backend
+	routes  []router.Route
+}
+
+// NewRouter initializes a new volume router
+func NewRouter(b Backend) router.Router {
+	r := &volumeRouter{
+		backend: b,
+	}
+	r.initRoutes()
+	return r
+}
+
+// Routes returns the available routes to the volumes controller
+func (r *volumeRouter) Routes() []router.Route {
+	return r.routes
+}
+
+func (r *volumeRouter) initRoutes() {
+	r.routes = []router.Route{
+		// GET
+		router.NewGetRoute("/volumes", r.getVolumesList),
+		router.NewGetRoute("/volumes/{name:.*}", r.getVolumeByName),
+		// POST
+		router.NewPostRoute("/volumes/create", r.postVolumesCreate),
+		// DELETE
+		router.NewDeleteRoute("/volumes/{name:.*}", r.deleteVolumes),
+	}
+}
diff --git a/api/server/router/volume/volume_routes.go b/api/server/router/volume/volume_routes.go
new file mode 100644
index 00000000..5aa0d4a7
--- /dev/null
+++ b/api/server/router/volume/volume_routes.go
@@ -0,0 +1,66 @@
+package volume
+
+import (
+	"encoding/json"
+	"net/http"
+
+	"github.com/docker/docker/api/server/httputils"
+	"github.com/docker/engine-api/types"
+	"golang.org/x/net/context"
+)
+
+func (v *volumeRouter) getVolumesList(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	volumes, warnings, err := v.backend.Volumes(r.Form.Get("filters"))
+	if err != nil {
+		return err
+	}
+	return httputils.WriteJSON(w, http.StatusOK, &types.VolumesListResponse{Volumes: volumes, Warnings: warnings})
+}
+
+func (v *volumeRouter) getVolumeByName(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	volume, err := v.backend.VolumeInspect(vars["name"])
+	if err != nil {
+		return err
+	}
+	return httputils.WriteJSON(w, http.StatusOK, volume)
+}
+
+func (v *volumeRouter) postVolumesCreate(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+
+	if err := httputils.CheckForJSON(r); err != nil {
+		return err
+	}
+
+	var req types.VolumeCreateRequest
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		return err
+	}
+
+	volume, err := v.backend.VolumeCreate(req.Name, req.Driver, req.DriverOpts, req.Labels)
+	if err != nil {
+		return err
+	}
+	return httputils.WriteJSON(w, http.StatusCreated, volume)
+}
+
+func (v *volumeRouter) deleteVolumes(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := httputils.ParseForm(r); err != nil {
+		return err
+	}
+	if err := v.backend.VolumeRm(vars["name"]); err != nil {
+		return err
+	}
+	w.WriteHeader(http.StatusNoContent)
+	return nil
+}
diff --git a/api/server/router_swapper.go b/api/server/router_swapper.go
new file mode 100644
index 00000000..1ecc7a7f
--- /dev/null
+++ b/api/server/router_swapper.go
@@ -0,0 +1,30 @@
+package server
+
+import (
+	"net/http"
+	"sync"
+
+	"github.com/gorilla/mux"
+)
+
+// routerSwapper is an http.Handler that allows you to swap
+// mux routers.
+type routerSwapper struct {
+	mu     sync.Mutex
+	router *mux.Router
+}
+
+// Swap changes the old router with the new one.
+func (rs *routerSwapper) Swap(newRouter *mux.Router) {
+	rs.mu.Lock()
+	rs.router = newRouter
+	rs.mu.Unlock()
+}
+
+// ServeHTTP makes the routerSwapper to implement the http.Handler interface.
+func (rs *routerSwapper) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	rs.mu.Lock()
+	router := rs.router
+	rs.mu.Unlock()
+	router.ServeHTTP(w, r)
+}
diff --git a/api/server/server.go b/api/server/server.go
new file mode 100644
index 00000000..1379b737
--- /dev/null
+++ b/api/server/server.go
@@ -0,0 +1,195 @@
+package server
+
+import (
+	"crypto/tls"
+	"net"
+	"net/http"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/api/server/httputils"
+	"github.com/docker/docker/api/server/router"
+	"github.com/docker/docker/pkg/authorization"
+	"github.com/gorilla/mux"
+	"golang.org/x/net/context"
+)
+
+// versionMatcher defines a variable matcher to be parsed by the router
+// when a request is about to be served.
+const versionMatcher = "/v{version:[0-9.]+}"
+
+// Config provides the configuration for the API server
+type Config struct {
+	Logging                  bool
+	EnableCors               bool
+	CorsHeaders              string
+	AuthorizationPluginNames []string
+	Version                  string
+	SocketGroup              string
+	TLSConfig                *tls.Config
+}
+
+// Server contains instance details for the server
+type Server struct {
+	cfg           *Config
+	servers       []*HTTPServer
+	routers       []router.Router
+	authZPlugins  []authorization.Plugin
+	routerSwapper *routerSwapper
+}
+
+// New returns a new instance of the server based on the specified configuration.
+// It allocates resources which will be needed for ServeAPI(ports, unix-sockets).
+func New(cfg *Config) *Server {
+	return &Server{
+		cfg: cfg,
+	}
+}
+
+// Accept sets a listener the server accepts connections into.
+func (s *Server) Accept(addr string, listeners ...net.Listener) {
+	for _, listener := range listeners {
+		httpServer := &HTTPServer{
+			srv: &http.Server{
+				Addr: addr,
+			},
+			l: listener,
+		}
+		s.servers = append(s.servers, httpServer)
+	}
+}
+
+// Close closes servers and thus stop receiving requests
+func (s *Server) Close() {
+	for _, srv := range s.servers {
+		if err := srv.Close(); err != nil {
+			logrus.Error(err)
+		}
+	}
+}
+
+// serveAPI loops through all initialized servers and spawns goroutine
+// with Server method for each. It sets createMux() as Handler also.
+func (s *Server) serveAPI() error {
+	var chErrors = make(chan error, len(s.servers))
+	for _, srv := range s.servers {
+		srv.srv.Handler = s.routerSwapper
+		go func(srv *HTTPServer) {
+			var err error
+			logrus.Infof("API listen on %s", srv.l.Addr())
+			if err = srv.Serve(); err != nil && strings.Contains(err.Error(), "use of closed network connection") {
+				err = nil
+			}
+			chErrors <- err
+		}(srv)
+	}
+
+	for i := 0; i < len(s.servers); i++ {
+		err := <-chErrors
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// HTTPServer contains an instance of http server and the listener.
+// srv *http.Server, contains configuration to create a http server and a mux router with all api end points.
+// l   net.Listener, is a TCP or Socket listener that dispatches incoming request to the router.
+type HTTPServer struct {
+	srv *http.Server
+	l   net.Listener
+}
+
+// Serve starts listening for inbound requests.
+func (s *HTTPServer) Serve() error {
+	return s.srv.Serve(s.l)
+}
+
+// Close closes the HTTPServer from listening for the inbound requests.
+func (s *HTTPServer) Close() error {
+	return s.l.Close()
+}
+
+func (s *Server) makeHTTPHandler(handler httputils.APIFunc) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		// Define the context that we'll pass around to share info
+		// like the docker-request-id.
+		//
+		// The 'context' will be used for global data that should
+		// apply to all requests. Data that is specific to the
+		// immediate function being called should still be passed
+		// as 'args' on the function call.
+		ctx := context.Background()
+		handlerFunc := s.handleWithGlobalMiddlewares(handler)
+
+		vars := mux.Vars(r)
+		if vars == nil {
+			vars = make(map[string]string)
+		}
+
+		if err := handlerFunc(ctx, w, r, vars); err != nil {
+			logrus.Errorf("Handler for %s %s returned error: %v", r.Method, r.URL.Path, err)
+			httputils.WriteError(w, err)
+		}
+	}
+}
+
+// InitRouter initializes the list of routers for the server.
+// This method also enables the Go profiler if enableProfiler is true.
+func (s *Server) InitRouter(enableProfiler bool, routers ...router.Router) {
+	for _, r := range routers {
+		s.routers = append(s.routers, r)
+	}
+
+	m := s.createMux()
+	if enableProfiler {
+		profilerSetup(m)
+	}
+	s.routerSwapper = &routerSwapper{
+		router: m,
+	}
+}
+
+// createMux initializes the main router the server uses.
+func (s *Server) createMux() *mux.Router {
+	m := mux.NewRouter()
+
+	logrus.Debugf("Registering routers")
+	for _, apiRouter := range s.routers {
+		for _, r := range apiRouter.Routes() {
+			f := s.makeHTTPHandler(r.Handler())
+
+			logrus.Debugf("Registering %s, %s", r.Method(), r.Path())
+			m.Path(versionMatcher + r.Path()).Methods(r.Method()).Handler(f)
+			m.Path(r.Path()).Methods(r.Method()).Handler(f)
+		}
+	}
+
+	return m
+}
+
+// Wait blocks the server goroutine until it exits.
+// It sends an error message if there is any error during
+// the API execution.
+func (s *Server) Wait(waitChan chan error) {
+	if err := s.serveAPI(); err != nil {
+		logrus.Errorf("ServeAPI error: %v", err)
+		waitChan <- err
+		return
+	}
+	waitChan <- nil
+}
+
+// DisableProfiler reloads the server mux without adding the profiler routes.
+func (s *Server) DisableProfiler() {
+	s.routerSwapper.Swap(s.createMux())
+}
+
+// EnableProfiler reloads the server mux adding the profiler routes.
+func (s *Server) EnableProfiler() {
+	m := s.createMux()
+	profilerSetup(m)
+	s.routerSwapper.Swap(m)
+}
diff --git a/api/server/server_test.go b/api/server/server_test.go
new file mode 100644
index 00000000..f3256c31
--- /dev/null
+++ b/api/server/server_test.go
@@ -0,0 +1,34 @@
+package server
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"github.com/docker/docker/api/server/httputils"
+
+	"golang.org/x/net/context"
+)
+
+func TestMiddlewares(t *testing.T) {
+	cfg := &Config{}
+	srv := &Server{
+		cfg: cfg,
+	}
+
+	req, _ := http.NewRequest("GET", "/containers/json", nil)
+	resp := httptest.NewRecorder()
+	ctx := context.Background()
+
+	localHandler := func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+		if httputils.VersionFromContext(ctx) == "" {
+			t.Fatalf("Expected version, got empty string")
+		}
+		return nil
+	}
+
+	handlerFunc := srv.handleWithGlobalMiddlewares(localHandler)
+	if err := handlerFunc(ctx, resp, req, map[string]string{}); err != nil {
+		t.Fatal(err)
+	}
+}
diff --git a/api/types/backend/backend.go b/api/types/backend/backend.go
new file mode 100644
index 00000000..ffe9b709
--- /dev/null
+++ b/api/types/backend/backend.go
@@ -0,0 +1,69 @@
+// Package backend includes types to send information to server backends.
+// TODO(calavera): This package is pending of extraction to engine-api
+// when the server package is clean of daemon dependencies.
+package backend
+
+import (
+	"io"
+
+	"github.com/docker/engine-api/types"
+)
+
+// ContainerAttachConfig holds the streams to use when connecting to a container to view logs.
+type ContainerAttachConfig struct {
+	GetStreams func() (io.ReadCloser, io.Writer, io.Writer, error)
+	UseStdin   bool
+	UseStdout  bool
+	UseStderr  bool
+	Logs       bool
+	Stream     bool
+	DetachKeys []byte
+
+	// Used to signify that streams are multiplexed and therefore need a StdWriter to encode stdout/sderr messages accordingly.
+	// TODO @cpuguy83: This shouldn't be needed. It was only added so that http and websocket endpoints can use the same function, and the websocket function was not using a stdwriter prior to this change...
+	// HOWEVER, the websocket endpoint is using a single stream and SHOULD be encoded with stdout/stderr as is done for HTTP since it is still just a single stream.
+	// Since such a change is an API change unrelated to the current changeset we'll keep it as is here and change separately.
+	MuxStreams bool
+}
+
+// ContainerLogsConfig holds configs for logging operations. Exists
+// for users of the backend to to pass it a logging configuration.
+type ContainerLogsConfig struct {
+	types.ContainerLogsOptions
+	OutStream io.Writer
+	Stop      <-chan bool
+}
+
+// ContainerStatsConfig holds information for configuring the runtime
+// behavior of a backend.ContainerStats() call.
+type ContainerStatsConfig struct {
+	Stream    bool
+	OutStream io.Writer
+	Stop      <-chan bool
+	Version   string
+}
+
+// ExecInspect holds information about a running process started
+// with docker exec.
+type ExecInspect struct {
+	ID            string
+	Running       bool
+	ExitCode      *int
+	ProcessConfig *ExecProcessConfig
+	OpenStdin     bool
+	OpenStderr    bool
+	OpenStdout    bool
+	CanRemove     bool
+	ContainerID   string
+	DetachKeys    []byte
+}
+
+// ExecProcessConfig holds information about the exec process
+// running on the host.
+type ExecProcessConfig struct {
+	Tty        bool     `json:"tty"`
+	Entrypoint string   `json:"entrypoint"`
+	Arguments  []string `json:"arguments"`
+	Privileged *bool    `json:"privileged,omitempty"`
+	User       string   `json:"user,omitempty"`
+}
diff --git a/builder/builder.go b/builder/builder.go
new file mode 100644
index 00000000..6f8fdb8d
--- /dev/null
+++ b/builder/builder.go
@@ -0,0 +1,153 @@
+// Package builder defines interfaces for any Docker builder to implement.
+//
+// Historically, only server-side Dockerfile interpreters existed.
+// This package allows for other implementations of Docker builders.
+package builder
+
+import (
+	"io"
+	"os"
+	"time"
+
+	"github.com/docker/docker/reference"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/container"
+	"golang.org/x/net/context"
+)
+
+const (
+	// DefaultDockerfileName is the Default filename with Docker commands, read by docker build
+	DefaultDockerfileName string = "Dockerfile"
+)
+
+// Context represents a file system tree.
+type Context interface {
+	// Close allows to signal that the filesystem tree won't be used anymore.
+	// For Context implementations using a temporary directory, it is recommended to
+	// delete the temporary directory in Close().
+	Close() error
+	// Stat returns an entry corresponding to path if any.
+	// It is recommended to return an error if path was not found.
+	// If path is a symlink it also returns the path to the target file.
+	Stat(path string) (string, FileInfo, error)
+	// Open opens path from the context and returns a readable stream of it.
+	Open(path string) (io.ReadCloser, error)
+	// Walk walks the tree of the context with the function passed to it.
+	Walk(root string, walkFn WalkFunc) error
+}
+
+// WalkFunc is the type of the function called for each file or directory visited by Context.Walk().
+type WalkFunc func(path string, fi FileInfo, err error) error
+
+// ModifiableContext represents a modifiable Context.
+// TODO: remove this interface once we can get rid of Remove()
+type ModifiableContext interface {
+	Context
+	// Remove deletes the entry specified by `path`.
+	// It is usual for directory entries to delete all its subentries.
+	Remove(path string) error
+}
+
+// FileInfo extends os.FileInfo to allow retrieving an absolute path to the file.
+// TODO: remove this interface once pkg/archive exposes a walk function that Context can use.
+type FileInfo interface {
+	os.FileInfo
+	Path() string
+}
+
+// PathFileInfo is a convenience struct that implements the FileInfo interface.
+type PathFileInfo struct {
+	os.FileInfo
+	// FilePath holds the absolute path to the file.
+	FilePath string
+	// Name holds the basename for the file.
+	FileName string
+}
+
+// Path returns the absolute path to the file.
+func (fi PathFileInfo) Path() string {
+	return fi.FilePath
+}
+
+// Name returns the basename of the file.
+func (fi PathFileInfo) Name() string {
+	if fi.FileName != "" {
+		return fi.FileName
+	}
+	return fi.FileInfo.Name()
+}
+
+// Hashed defines an extra method intended for implementations of os.FileInfo.
+type Hashed interface {
+	// Hash returns the hash of a file.
+	Hash() string
+	SetHash(string)
+}
+
+// HashedFileInfo is a convenient struct that augments FileInfo with a field.
+type HashedFileInfo struct {
+	FileInfo
+	// FileHash represents the hash of a file.
+	FileHash string
+}
+
+// Hash returns the hash of a file.
+func (fi HashedFileInfo) Hash() string {
+	return fi.FileHash
+}
+
+// SetHash sets the hash of a file.
+func (fi *HashedFileInfo) SetHash(h string) {
+	fi.FileHash = h
+}
+
+// Backend abstracts calls to a Docker Daemon.
+type Backend interface {
+	// TODO: use digest reference instead of name
+
+	// GetImage looks up a Docker image referenced by `name`.
+	GetImageOnBuild(name string) (Image, error)
+	// Tag an image with newTag
+	TagImage(newTag reference.Named, imageName string) error
+	// Pull tells Docker to pull image referenced by `name`.
+	PullOnBuild(ctx context.Context, name string, authConfigs map[string]types.AuthConfig, output io.Writer) (Image, error)
+	// ContainerAttach attaches to container.
+	ContainerAttachRaw(cID string, stdin io.ReadCloser, stdout, stderr io.Writer, stream bool) error
+	// ContainerCreate creates a new Docker container and returns potential warnings
+	ContainerCreate(types.ContainerCreateConfig) (types.ContainerCreateResponse, error)
+	// ContainerRm removes a container specified by `id`.
+	ContainerRm(name string, config *types.ContainerRmConfig) error
+	// Commit creates a new Docker image from an existing Docker container.
+	Commit(string, *types.ContainerCommitConfig) (string, error)
+	// Kill stops the container execution abruptly.
+	ContainerKill(containerID string, sig uint64) error
+	// Start starts a new container
+	ContainerStart(containerID string, hostConfig *container.HostConfig) error
+	// ContainerWait stops processing until the given container is stopped.
+	ContainerWait(containerID string, timeout time.Duration) (int, error)
+	// ContainerUpdateCmd updates container.Path and container.Args
+	ContainerUpdateCmdOnBuild(containerID string, cmd []string) error
+
+	// ContainerCopy copies/extracts a source FileInfo to a destination path inside a container
+	// specified by a container object.
+	// TODO: make an Extract method instead of passing `decompress`
+	// TODO: do not pass a FileInfo, instead refactor the archive package to export a Walk function that can be used
+	// with Context.Walk
+	//ContainerCopy(name string, res string) (io.ReadCloser, error)
+	// TODO: use copyBackend api
+	CopyOnBuild(containerID string, destPath string, src FileInfo, decompress bool) error
+}
+
+// Image represents a Docker image used by the builder.
+type Image interface {
+	ImageID() string
+	RunConfig() *container.Config
+}
+
+// ImageCache abstracts an image cache store.
+// (parent image, child runconfig) -> child image
+type ImageCache interface {
+	// GetCachedImageOnBuild returns a reference to a cached image whose parent equals `parent`
+	// and runconfig equals `cfg`. A cache miss is expected to return an empty ID and a nil error.
+	GetCachedImageOnBuild(parentID string, cfg *container.Config) (imageID string, err error)
+}
diff --git a/builder/context.go b/builder/context.go
new file mode 100644
index 00000000..3b5cc2a2
--- /dev/null
+++ b/builder/context.go
@@ -0,0 +1,260 @@
+package builder
+
+import (
+	"bufio"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"runtime"
+	"strings"
+
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/fileutils"
+	"github.com/docker/docker/pkg/gitutils"
+	"github.com/docker/docker/pkg/httputils"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/pkg/progress"
+	"github.com/docker/docker/pkg/streamformatter"
+)
+
+// ValidateContextDirectory checks if all the contents of the directory
+// can be read and returns an error if some files can't be read
+// symlinks which point to non-existing files don't trigger an error
+func ValidateContextDirectory(srcPath string, excludes []string) error {
+	contextRoot, err := getContextRoot(srcPath)
+	if err != nil {
+		return err
+	}
+	return filepath.Walk(contextRoot, func(filePath string, f os.FileInfo, err error) error {
+		if err != nil {
+			if os.IsPermission(err) {
+				return fmt.Errorf("can't stat '%s'", filePath)
+			}
+			if os.IsNotExist(err) {
+				return nil
+			}
+			return err
+		}
+
+		// skip this directory/file if it's not in the path, it won't get added to the context
+		if relFilePath, err := filepath.Rel(contextRoot, filePath); err != nil {
+			return err
+		} else if skip, err := fileutils.Matches(relFilePath, excludes); err != nil {
+			return err
+		} else if skip {
+			if f.IsDir() {
+				return filepath.SkipDir
+			}
+			return nil
+		}
+
+		// skip checking if symlinks point to non-existing files, such symlinks can be useful
+		// also skip named pipes, because they hanging on open
+		if f.Mode()&(os.ModeSymlink|os.ModeNamedPipe) != 0 {
+			return nil
+		}
+
+		if !f.IsDir() {
+			currentFile, err := os.Open(filePath)
+			if err != nil && os.IsPermission(err) {
+				return fmt.Errorf("no permission to read from '%s'", filePath)
+			}
+			currentFile.Close()
+		}
+		return nil
+	})
+}
+
+// GetContextFromReader will read the contents of the given reader as either a
+// Dockerfile or tar archive. Returns a tar archive used as a context and a
+// path to the Dockerfile inside the tar.
+func GetContextFromReader(r io.ReadCloser, dockerfileName string) (out io.ReadCloser, relDockerfile string, err error) {
+	buf := bufio.NewReader(r)
+
+	magic, err := buf.Peek(archive.HeaderSize)
+	if err != nil && err != io.EOF {
+		return nil, "", fmt.Errorf("failed to peek context header from STDIN: %v", err)
+	}
+
+	if archive.IsArchive(magic) {
+		return ioutils.NewReadCloserWrapper(buf, func() error { return r.Close() }), dockerfileName, nil
+	}
+
+	// Input should be read as a Dockerfile.
+	tmpDir, err := ioutil.TempDir("", "docker-build-context-")
+	if err != nil {
+		return nil, "", fmt.Errorf("unbale to create temporary context directory: %v", err)
+	}
+
+	f, err := os.Create(filepath.Join(tmpDir, DefaultDockerfileName))
+	if err != nil {
+		return nil, "", err
+	}
+	_, err = io.Copy(f, buf)
+	if err != nil {
+		f.Close()
+		return nil, "", err
+	}
+
+	if err := f.Close(); err != nil {
+		return nil, "", err
+	}
+	if err := r.Close(); err != nil {
+		return nil, "", err
+	}
+
+	tar, err := archive.Tar(tmpDir, archive.Uncompressed)
+	if err != nil {
+		return nil, "", err
+	}
+
+	return ioutils.NewReadCloserWrapper(tar, func() error {
+		err := tar.Close()
+		os.RemoveAll(tmpDir)
+		return err
+	}), DefaultDockerfileName, nil
+
+}
+
+// GetContextFromGitURL uses a Git URL as context for a `docker build`. The
+// git repo is cloned into a temporary directory used as the context directory.
+// Returns the absolute path to the temporary context directory, the relative
+// path of the dockerfile in that context directory, and a non-nil error on
+// success.
+func GetContextFromGitURL(gitURL, dockerfileName string) (absContextDir, relDockerfile string, err error) {
+	if _, err := exec.LookPath("git"); err != nil {
+		return "", "", fmt.Errorf("unable to find 'git': %v", err)
+	}
+	if absContextDir, err = gitutils.Clone(gitURL); err != nil {
+		return "", "", fmt.Errorf("unable to 'git clone' to temporary context directory: %v", err)
+	}
+
+	return getDockerfileRelPath(absContextDir, dockerfileName)
+}
+
+// GetContextFromURL uses a remote URL as context for a `docker build`. The
+// remote resource is downloaded as either a Dockerfile or a tar archive.
+// Returns the tar archive used for the context and a path of the
+// dockerfile inside the tar.
+func GetContextFromURL(out io.Writer, remoteURL, dockerfileName string) (io.ReadCloser, string, error) {
+	response, err := httputils.Download(remoteURL)
+	if err != nil {
+		return nil, "", fmt.Errorf("unable to download remote context %s: %v", remoteURL, err)
+	}
+	progressOutput := streamformatter.NewStreamFormatter().NewProgressOutput(out, true)
+
+	// Pass the response body through a progress reader.
+	progReader := progress.NewProgressReader(response.Body, progressOutput, response.ContentLength, "", fmt.Sprintf("Downloading build context from remote url: %s", remoteURL))
+
+	return GetContextFromReader(ioutils.NewReadCloserWrapper(progReader, func() error { return response.Body.Close() }), dockerfileName)
+}
+
+// GetContextFromLocalDir uses the given local directory as context for a
+// `docker build`. Returns the absolute path to the local context directory,
+// the relative path of the dockerfile in that context directory, and a non-nil
+// error on success.
+func GetContextFromLocalDir(localDir, dockerfileName string) (absContextDir, relDockerfile string, err error) {
+	// When using a local context directory, when the Dockerfile is specified
+	// with the `-f/--file` option then it is considered relative to the
+	// current directory and not the context directory.
+	if dockerfileName != "" {
+		if dockerfileName, err = filepath.Abs(dockerfileName); err != nil {
+			return "", "", fmt.Errorf("unable to get absolute path to Dockerfile: %v", err)
+		}
+	}
+
+	return getDockerfileRelPath(localDir, dockerfileName)
+}
+
+// getDockerfileRelPath uses the given context directory for a `docker build`
+// and returns the absolute path to the context directory, the relative path of
+// the dockerfile in that context directory, and a non-nil error on success.
+func getDockerfileRelPath(givenContextDir, givenDockerfile string) (absContextDir, relDockerfile string, err error) {
+	if absContextDir, err = filepath.Abs(givenContextDir); err != nil {
+		return "", "", fmt.Errorf("unable to get absolute context directory: %v", err)
+	}
+
+	// The context dir might be a symbolic link, so follow it to the actual
+	// target directory.
+	//
+	// FIXME. We use isUNC (always false on non-Windows platforms) to workaround
+	// an issue in golang. On Windows, EvalSymLinks does not work on UNC file
+	// paths (those starting with \\). This hack means that when using links
+	// on UNC paths, they will not be followed.
+	if !isUNC(absContextDir) {
+		absContextDir, err = filepath.EvalSymlinks(absContextDir)
+		if err != nil {
+			return "", "", fmt.Errorf("unable to evaluate symlinks in context path: %v", err)
+		}
+	}
+
+	stat, err := os.Lstat(absContextDir)
+	if err != nil {
+		return "", "", fmt.Errorf("unable to stat context directory %q: %v", absContextDir, err)
+	}
+
+	if !stat.IsDir() {
+		return "", "", fmt.Errorf("context must be a directory: %s", absContextDir)
+	}
+
+	absDockerfile := givenDockerfile
+	if absDockerfile == "" {
+		// No -f/--file was specified so use the default relative to the
+		// context directory.
+		absDockerfile = filepath.Join(absContextDir, DefaultDockerfileName)
+
+		// Just to be nice ;-) look for 'dockerfile' too but only
+		// use it if we found it, otherwise ignore this check
+		if _, err = os.Lstat(absDockerfile); os.IsNotExist(err) {
+			altPath := filepath.Join(absContextDir, strings.ToLower(DefaultDockerfileName))
+			if _, err = os.Lstat(altPath); err == nil {
+				absDockerfile = altPath
+			}
+		}
+	}
+
+	// If not already an absolute path, the Dockerfile path should be joined to
+	// the base directory.
+	if !filepath.IsAbs(absDockerfile) {
+		absDockerfile = filepath.Join(absContextDir, absDockerfile)
+	}
+
+	// Evaluate symlinks in the path to the Dockerfile too.
+	//
+	// FIXME. We use isUNC (always false on non-Windows platforms) to workaround
+	// an issue in golang. On Windows, EvalSymLinks does not work on UNC file
+	// paths (those starting with \\). This hack means that when using links
+	// on UNC paths, they will not be followed.
+	if !isUNC(absDockerfile) {
+		absDockerfile, err = filepath.EvalSymlinks(absDockerfile)
+		if err != nil {
+			return "", "", fmt.Errorf("unable to evaluate symlinks in Dockerfile path: %v", err)
+		}
+	}
+
+	if _, err := os.Lstat(absDockerfile); err != nil {
+		if os.IsNotExist(err) {
+			return "", "", fmt.Errorf("Cannot locate Dockerfile: %q", absDockerfile)
+		}
+		return "", "", fmt.Errorf("unable to stat Dockerfile: %v", err)
+	}
+
+	if relDockerfile, err = filepath.Rel(absContextDir, absDockerfile); err != nil {
+		return "", "", fmt.Errorf("unable to get relative Dockerfile path: %v", err)
+	}
+
+	if strings.HasPrefix(relDockerfile, ".."+string(filepath.Separator)) {
+		return "", "", fmt.Errorf("The Dockerfile (%s) must be within the build context (%s)", givenDockerfile, givenContextDir)
+	}
+
+	return absContextDir, relDockerfile, nil
+}
+
+// isUNC returns true if the path is UNC (one starting \\). It always returns
+// false on Linux.
+func isUNC(path string) bool {
+	return runtime.GOOS == "windows" && strings.HasPrefix(path, `\\`)
+}
diff --git a/builder/context_unix.go b/builder/context_unix.go
new file mode 100644
index 00000000..d1f72e05
--- /dev/null
+++ b/builder/context_unix.go
@@ -0,0 +1,11 @@
+// +build !windows
+
+package builder
+
+import (
+	"path/filepath"
+)
+
+func getContextRoot(srcPath string) (string, error) {
+	return filepath.Join(srcPath, "."), nil
+}
diff --git a/builder/context_windows.go b/builder/context_windows.go
new file mode 100644
index 00000000..b8ba2ba2
--- /dev/null
+++ b/builder/context_windows.go
@@ -0,0 +1,17 @@
+// +build windows
+
+package builder
+
+import (
+	"path/filepath"
+
+	"github.com/docker/docker/pkg/longpath"
+)
+
+func getContextRoot(srcPath string) (string, error) {
+	cr, err := filepath.Abs(srcPath)
+	if err != nil {
+		return "", err
+	}
+	return longpath.AddPrefix(cr), nil
+}
diff --git a/builder/dockerfile/bflag.go b/builder/dockerfile/bflag.go
new file mode 100644
index 00000000..c2e6c7da
--- /dev/null
+++ b/builder/dockerfile/bflag.go
@@ -0,0 +1,176 @@
+package dockerfile
+
+import (
+	"fmt"
+	"strings"
+)
+
+// FlagType is the type of the build flag
+type FlagType int
+
+const (
+	boolType FlagType = iota
+	stringType
+)
+
+// BFlags contains all flags information for the builder
+type BFlags struct {
+	Args  []string // actual flags/args from cmd line
+	flags map[string]*Flag
+	used  map[string]*Flag
+	Err   error
+}
+
+// Flag contains all information for a flag
+type Flag struct {
+	bf       *BFlags
+	name     string
+	flagType FlagType
+	Value    string
+}
+
+// NewBFlags return the new BFlags struct
+func NewBFlags() *BFlags {
+	return &BFlags{
+		flags: make(map[string]*Flag),
+		used:  make(map[string]*Flag),
+	}
+}
+
+// AddBool adds a bool flag to BFlags
+// Note, any error will be generated when Parse() is called (see Parse).
+func (bf *BFlags) AddBool(name string, def bool) *Flag {
+	flag := bf.addFlag(name, boolType)
+	if flag == nil {
+		return nil
+	}
+	if def {
+		flag.Value = "true"
+	} else {
+		flag.Value = "false"
+	}
+	return flag
+}
+
+// AddString adds a string flag to BFlags
+// Note, any error will be generated when Parse() is called (see Parse).
+func (bf *BFlags) AddString(name string, def string) *Flag {
+	flag := bf.addFlag(name, stringType)
+	if flag == nil {
+		return nil
+	}
+	flag.Value = def
+	return flag
+}
+
+// addFlag is a generic func used by the other AddXXX() func
+// to add a new flag to the BFlags struct.
+// Note, any error will be generated when Parse() is called (see Parse).
+func (bf *BFlags) addFlag(name string, flagType FlagType) *Flag {
+	if _, ok := bf.flags[name]; ok {
+		bf.Err = fmt.Errorf("Duplicate flag defined: %s", name)
+		return nil
+	}
+
+	newFlag := &Flag{
+		bf:       bf,
+		name:     name,
+		flagType: flagType,
+	}
+	bf.flags[name] = newFlag
+
+	return newFlag
+}
+
+// IsUsed checks if the flag is used
+func (fl *Flag) IsUsed() bool {
+	if _, ok := fl.bf.used[fl.name]; ok {
+		return true
+	}
+	return false
+}
+
+// IsTrue checks if a bool flag is true
+func (fl *Flag) IsTrue() bool {
+	if fl.flagType != boolType {
+		// Should never get here
+		panic(fmt.Errorf("Trying to use IsTrue on a non-boolean: %s", fl.name))
+	}
+	return fl.Value == "true"
+}
+
+// Parse parses and checks if the BFlags is valid.
+// Any error noticed during the AddXXX() funcs will be generated/returned
+// here.  We do this because an error during AddXXX() is more like a
+// compile time error so it doesn't matter too much when we stop our
+// processing as long as we do stop it, so this allows the code
+// around AddXXX() to be just:
+//     defFlag := AddString("description", "")
+// w/o needing to add an if-statement around each one.
+func (bf *BFlags) Parse() error {
+	// If there was an error while defining the possible flags
+	// go ahead and bubble it back up here since we didn't do it
+	// earlier in the processing
+	if bf.Err != nil {
+		return fmt.Errorf("Error setting up flags: %s", bf.Err)
+	}
+
+	for _, arg := range bf.Args {
+		if !strings.HasPrefix(arg, "--") {
+			return fmt.Errorf("Arg should start with -- : %s", arg)
+		}
+
+		if arg == "--" {
+			return nil
+		}
+
+		arg = arg[2:]
+		value := ""
+
+		index := strings.Index(arg, "=")
+		if index >= 0 {
+			value = arg[index+1:]
+			arg = arg[:index]
+		}
+
+		flag, ok := bf.flags[arg]
+		if !ok {
+			return fmt.Errorf("Unknown flag: %s", arg)
+		}
+
+		if _, ok = bf.used[arg]; ok {
+			return fmt.Errorf("Duplicate flag specified: %s", arg)
+		}
+
+		bf.used[arg] = flag
+
+		switch flag.flagType {
+		case boolType:
+			// value == "" is only ok if no "=" was specified
+			if index >= 0 && value == "" {
+				return fmt.Errorf("Missing a value on flag: %s", arg)
+			}
+
+			lower := strings.ToLower(value)
+			if lower == "" {
+				flag.Value = "true"
+			} else if lower == "true" || lower == "false" {
+				flag.Value = lower
+			} else {
+				return fmt.Errorf("Expecting boolean value for flag %s, not: %s", arg, value)
+			}
+
+		case stringType:
+			if index < 0 {
+				return fmt.Errorf("Missing a value on flag: %s", arg)
+			}
+			flag.Value = value
+
+		default:
+			panic(fmt.Errorf("No idea what kind of flag we have! Should never get here!"))
+		}
+
+	}
+
+	return nil
+}
diff --git a/builder/dockerfile/bflag_test.go b/builder/dockerfile/bflag_test.go
new file mode 100644
index 00000000..65cfcead
--- /dev/null
+++ b/builder/dockerfile/bflag_test.go
@@ -0,0 +1,187 @@
+package dockerfile
+
+import (
+	"testing"
+)
+
+func TestBuilderFlags(t *testing.T) {
+	var expected string
+	var err error
+
+	// ---
+
+	bf := NewBFlags()
+	bf.Args = []string{}
+	if err := bf.Parse(); err != nil {
+		t.Fatalf("Test1 of %q was supposed to work: %s", bf.Args, err)
+	}
+
+	// ---
+
+	bf = NewBFlags()
+	bf.Args = []string{"--"}
+	if err := bf.Parse(); err != nil {
+		t.Fatalf("Test2 of %q was supposed to work: %s", bf.Args, err)
+	}
+
+	// ---
+
+	bf = NewBFlags()
+	flStr1 := bf.AddString("str1", "")
+	flBool1 := bf.AddBool("bool1", false)
+	bf.Args = []string{}
+	if err = bf.Parse(); err != nil {
+		t.Fatalf("Test3 of %q was supposed to work: %s", bf.Args, err)
+	}
+
+	if flStr1.IsUsed() == true {
+		t.Fatalf("Test3 - str1 was not used!")
+	}
+	if flBool1.IsUsed() == true {
+		t.Fatalf("Test3 - bool1 was not used!")
+	}
+
+	// ---
+
+	bf = NewBFlags()
+	flStr1 = bf.AddString("str1", "HI")
+	flBool1 = bf.AddBool("bool1", false)
+	bf.Args = []string{}
+
+	if err = bf.Parse(); err != nil {
+		t.Fatalf("Test4 of %q was supposed to work: %s", bf.Args, err)
+	}
+
+	if flStr1.Value != "HI" {
+		t.Fatalf("Str1 was supposed to default to: HI")
+	}
+	if flBool1.IsTrue() {
+		t.Fatalf("Bool1 was supposed to default to: false")
+	}
+	if flStr1.IsUsed() == true {
+		t.Fatalf("Str1 was not used!")
+	}
+	if flBool1.IsUsed() == true {
+		t.Fatalf("Bool1 was not used!")
+	}
+
+	// ---
+
+	bf = NewBFlags()
+	flStr1 = bf.AddString("str1", "HI")
+	bf.Args = []string{"--str1"}
+
+	if err = bf.Parse(); err == nil {
+		t.Fatalf("Test %q was supposed to fail", bf.Args)
+	}
+
+	// ---
+
+	bf = NewBFlags()
+	flStr1 = bf.AddString("str1", "HI")
+	bf.Args = []string{"--str1="}
+
+	if err = bf.Parse(); err != nil {
+		t.Fatalf("Test %q was supposed to work: %s", bf.Args, err)
+	}
+
+	expected = ""
+	if flStr1.Value != expected {
+		t.Fatalf("Str1 (%q) should be: %q", flStr1.Value, expected)
+	}
+
+	// ---
+
+	bf = NewBFlags()
+	flStr1 = bf.AddString("str1", "HI")
+	bf.Args = []string{"--str1=BYE"}
+
+	if err = bf.Parse(); err != nil {
+		t.Fatalf("Test %q was supposed to work: %s", bf.Args, err)
+	}
+
+	expected = "BYE"
+	if flStr1.Value != expected {
+		t.Fatalf("Str1 (%q) should be: %q", flStr1.Value, expected)
+	}
+
+	// ---
+
+	bf = NewBFlags()
+	flBool1 = bf.AddBool("bool1", false)
+	bf.Args = []string{"--bool1"}
+
+	if err = bf.Parse(); err != nil {
+		t.Fatalf("Test %q was supposed to work: %s", bf.Args, err)
+	}
+
+	if !flBool1.IsTrue() {
+		t.Fatalf("Test-b1 Bool1 was supposed to be true")
+	}
+
+	// ---
+
+	bf = NewBFlags()
+	flBool1 = bf.AddBool("bool1", false)
+	bf.Args = []string{"--bool1=true"}
+
+	if err = bf.Parse(); err != nil {
+		t.Fatalf("Test %q was supposed to work: %s", bf.Args, err)
+	}
+
+	if !flBool1.IsTrue() {
+		t.Fatalf("Test-b2 Bool1 was supposed to be true")
+	}
+
+	// ---
+
+	bf = NewBFlags()
+	flBool1 = bf.AddBool("bool1", false)
+	bf.Args = []string{"--bool1=false"}
+
+	if err = bf.Parse(); err != nil {
+		t.Fatalf("Test %q was supposed to work: %s", bf.Args, err)
+	}
+
+	if flBool1.IsTrue() {
+		t.Fatalf("Test-b3 Bool1 was supposed to be false")
+	}
+
+	// ---
+
+	bf = NewBFlags()
+	flBool1 = bf.AddBool("bool1", false)
+	bf.Args = []string{"--bool1=false1"}
+
+	if err = bf.Parse(); err == nil {
+		t.Fatalf("Test %q was supposed to fail", bf.Args)
+	}
+
+	// ---
+
+	bf = NewBFlags()
+	flBool1 = bf.AddBool("bool1", false)
+	bf.Args = []string{"--bool2"}
+
+	if err = bf.Parse(); err == nil {
+		t.Fatalf("Test %q was supposed to fail", bf.Args)
+	}
+
+	// ---
+
+	bf = NewBFlags()
+	flStr1 = bf.AddString("str1", "HI")
+	flBool1 = bf.AddBool("bool1", false)
+	bf.Args = []string{"--bool1", "--str1=BYE"}
+
+	if err = bf.Parse(); err != nil {
+		t.Fatalf("Test %q was supposed to work: %s", bf.Args, err)
+	}
+
+	if flStr1.Value != "BYE" {
+		t.Fatalf("Teset %s, str1 should be BYE", bf.Args)
+	}
+	if !flBool1.IsTrue() {
+		t.Fatalf("Teset %s, bool1 should be true", bf.Args)
+	}
+}
diff --git a/builder/dockerfile/builder.go b/builder/dockerfile/builder.go
new file mode 100644
index 00000000..daa70498
--- /dev/null
+++ b/builder/dockerfile/builder.go
@@ -0,0 +1,326 @@
+package dockerfile
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"strings"
+	"sync"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/builder"
+	"github.com/docker/docker/builder/dockerfile/parser"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/docker/reference"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/container"
+	"golang.org/x/net/context"
+)
+
+var validCommitCommands = map[string]bool{
+	"cmd":        true,
+	"entrypoint": true,
+	"env":        true,
+	"expose":     true,
+	"label":      true,
+	"onbuild":    true,
+	"user":       true,
+	"volume":     true,
+	"workdir":    true,
+}
+
+// BuiltinAllowedBuildArgs is list of built-in allowed build args
+var BuiltinAllowedBuildArgs = map[string]bool{
+	"HTTP_PROXY":  true,
+	"http_proxy":  true,
+	"HTTPS_PROXY": true,
+	"https_proxy": true,
+	"FTP_PROXY":   true,
+	"ftp_proxy":   true,
+	"NO_PROXY":    true,
+	"no_proxy":    true,
+}
+
+// Builder is a Dockerfile builder
+// It implements the builder.Backend interface.
+type Builder struct {
+	options *types.ImageBuildOptions
+
+	Stdout io.Writer
+	Stderr io.Writer
+	Output io.Writer
+
+	docker    builder.Backend
+	context   builder.Context
+	clientCtx context.Context
+
+	dockerfile       *parser.Node
+	runConfig        *container.Config // runconfig for cmd, run, entrypoint etc.
+	flags            *BFlags
+	tmpContainers    map[string]struct{}
+	image            string // imageID
+	noBaseImage      bool
+	maintainer       string
+	cmdSet           bool
+	disableCommit    bool
+	cacheBusted      bool
+	cancelled        chan struct{}
+	cancelOnce       sync.Once
+	allowedBuildArgs map[string]bool // list of build-time args that are allowed for expansion/substitution and passing to commands in 'run'.
+
+	// TODO: remove once docker.Commit can receive a tag
+	id string
+}
+
+// BuildManager implements builder.Backend and is shared across all Builder objects.
+type BuildManager struct {
+	backend builder.Backend
+}
+
+// NewBuildManager creates a BuildManager.
+func NewBuildManager(b builder.Backend) (bm *BuildManager) {
+	return &BuildManager{backend: b}
+}
+
+// NewBuilder creates a new Dockerfile builder from an optional dockerfile and a Config.
+// If dockerfile is nil, the Dockerfile specified by Config.DockerfileName,
+// will be read from the Context passed to Build().
+func NewBuilder(clientCtx context.Context, config *types.ImageBuildOptions, backend builder.Backend, context builder.Context, dockerfile io.ReadCloser) (b *Builder, err error) {
+	if config == nil {
+		config = new(types.ImageBuildOptions)
+	}
+	if config.BuildArgs == nil {
+		config.BuildArgs = make(map[string]string)
+	}
+	b = &Builder{
+		clientCtx:        clientCtx,
+		options:          config,
+		Stdout:           os.Stdout,
+		Stderr:           os.Stderr,
+		docker:           backend,
+		context:          context,
+		runConfig:        new(container.Config),
+		tmpContainers:    map[string]struct{}{},
+		cancelled:        make(chan struct{}),
+		id:               stringid.GenerateNonCryptoID(),
+		allowedBuildArgs: make(map[string]bool),
+	}
+	if dockerfile != nil {
+		b.dockerfile, err = parser.Parse(dockerfile)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	return b, nil
+}
+
+// sanitizeRepoAndTags parses the raw "t" parameter received from the client
+// to a slice of repoAndTag.
+// It also validates each repoName and tag.
+func sanitizeRepoAndTags(names []string) ([]reference.Named, error) {
+	var (
+		repoAndTags []reference.Named
+		// This map is used for deduplicating the "-t" parameter.
+		uniqNames = make(map[string]struct{})
+	)
+	for _, repo := range names {
+		if repo == "" {
+			continue
+		}
+
+		ref, err := reference.ParseNamed(repo)
+		if err != nil {
+			return nil, err
+		}
+
+		ref = reference.WithDefaultTag(ref)
+
+		if _, isCanonical := ref.(reference.Canonical); isCanonical {
+			return nil, errors.New("build tag cannot contain a digest")
+		}
+
+		if _, isTagged := ref.(reference.NamedTagged); !isTagged {
+			ref, err = reference.WithTag(ref, reference.DefaultTag)
+			if err != nil {
+				return nil, err
+			}
+		}
+
+		nameWithTag := ref.String()
+
+		if _, exists := uniqNames[nameWithTag]; !exists {
+			uniqNames[nameWithTag] = struct{}{}
+			repoAndTags = append(repoAndTags, ref)
+		}
+	}
+	return repoAndTags, nil
+}
+
+// Build creates a NewBuilder, which builds the image.
+func (bm *BuildManager) Build(clientCtx context.Context, config *types.ImageBuildOptions, context builder.Context, stdout io.Writer, stderr io.Writer, out io.Writer, clientGone <-chan bool) (string, error) {
+	b, err := NewBuilder(clientCtx, config, bm.backend, context, nil)
+	if err != nil {
+		return "", err
+	}
+	img, err := b.build(config, context, stdout, stderr, out, clientGone)
+	return img, err
+
+}
+
+// build runs the Dockerfile builder from a context and a docker object that allows to make calls
+// to Docker.
+//
+// This will (barring errors):
+//
+// * read the dockerfile from context
+// * parse the dockerfile if not already parsed
+// * walk the AST and execute it by dispatching to handlers. If Remove
+//   or ForceRemove is set, additional cleanup around containers happens after
+//   processing.
+// * Tag image, if applicable.
+// * Print a happy message and return the image ID.
+//
+func (b *Builder) build(config *types.ImageBuildOptions, context builder.Context, stdout io.Writer, stderr io.Writer, out io.Writer, clientGone <-chan bool) (string, error) {
+	b.options = config
+	b.context = context
+	b.Stdout = stdout
+	b.Stderr = stderr
+	b.Output = out
+
+	// If Dockerfile was not parsed yet, extract it from the Context
+	if b.dockerfile == nil {
+		if err := b.readDockerfile(); err != nil {
+			return "", err
+		}
+	}
+
+	finished := make(chan struct{})
+	defer close(finished)
+	go func() {
+		select {
+		case <-finished:
+		case <-clientGone:
+			b.cancelOnce.Do(func() {
+				close(b.cancelled)
+			})
+		}
+
+	}()
+
+	repoAndTags, err := sanitizeRepoAndTags(config.Tags)
+	if err != nil {
+		return "", err
+	}
+
+	if len(b.options.Labels) > 0 {
+		line := "LABEL "
+		for k, v := range b.options.Labels {
+			line += fmt.Sprintf("%q=%q ", k, v)
+		}
+		_, node, err := parser.ParseLine(line)
+		if err != nil {
+			return "", err
+		}
+		b.dockerfile.Children = append(b.dockerfile.Children, node)
+	}
+
+	var shortImgID string
+	for i, n := range b.dockerfile.Children {
+		select {
+		case <-b.cancelled:
+			logrus.Debug("Builder: build cancelled!")
+			fmt.Fprintf(b.Stdout, "Build cancelled")
+			return "", fmt.Errorf("Build cancelled")
+		default:
+			// Not cancelled yet, keep going...
+		}
+		if err := b.dispatch(i, n); err != nil {
+			if b.options.ForceRemove {
+				b.clearTmp()
+			}
+			return "", err
+		}
+
+		shortImgID = stringid.TruncateID(b.image)
+		fmt.Fprintf(b.Stdout, " ---> %s\n", shortImgID)
+		if b.options.Remove {
+			b.clearTmp()
+		}
+	}
+
+	// check if there are any leftover build-args that were passed but not
+	// consumed during build. Return an error, if there are any.
+	leftoverArgs := []string{}
+	for arg := range b.options.BuildArgs {
+		if !b.isBuildArgAllowed(arg) {
+			leftoverArgs = append(leftoverArgs, arg)
+		}
+	}
+	if len(leftoverArgs) > 0 {
+		return "", fmt.Errorf("One or more build-args %v were not consumed, failing build.", leftoverArgs)
+	}
+
+	if b.image == "" {
+		return "", fmt.Errorf("No image was generated. Is your Dockerfile empty?")
+	}
+
+	for _, rt := range repoAndTags {
+		if err := b.docker.TagImage(rt, b.image); err != nil {
+			return "", err
+		}
+	}
+
+	fmt.Fprintf(b.Stdout, "Successfully built %s\n", shortImgID)
+	return b.image, nil
+}
+
+// Cancel cancels an ongoing Dockerfile build.
+func (b *Builder) Cancel() {
+	b.cancelOnce.Do(func() {
+		close(b.cancelled)
+	})
+}
+
+// BuildFromConfig builds directly from `changes`, treating it as if it were the contents of a Dockerfile
+// It will:
+// - Call parse.Parse() to get an AST root for the concatenated Dockerfile entries.
+// - Do build by calling builder.dispatch() to call all entries' handling routines
+//
+// BuildFromConfig is used by the /commit endpoint, with the changes
+// coming from the query parameter of the same name.
+//
+// TODO: Remove?
+func BuildFromConfig(config *container.Config, changes []string) (*container.Config, error) {
+	ast, err := parser.Parse(bytes.NewBufferString(strings.Join(changes, "\n")))
+	if err != nil {
+		return nil, err
+	}
+
+	// ensure that the commands are valid
+	for _, n := range ast.Children {
+		if !validCommitCommands[n.Value] {
+			return nil, fmt.Errorf("%s is not a valid change command", n.Value)
+		}
+	}
+
+	b, err := NewBuilder(context.Background(), nil, nil, nil, nil)
+	if err != nil {
+		return nil, err
+	}
+	b.runConfig = config
+	b.Stdout = ioutil.Discard
+	b.Stderr = ioutil.Discard
+	b.disableCommit = true
+
+	for i, n := range ast.Children {
+		if err := b.dispatch(i, n); err != nil {
+			return nil, err
+		}
+	}
+
+	return b.runConfig, nil
+}
diff --git a/builder/dockerfile/command/command.go b/builder/dockerfile/command/command.go
new file mode 100644
index 00000000..9e1b799d
--- /dev/null
+++ b/builder/dockerfile/command/command.go
@@ -0,0 +1,42 @@
+// Package command contains the set of Dockerfile commands.
+package command
+
+// Define constants for the command strings
+const (
+	Env        = "env"
+	Label      = "label"
+	Maintainer = "maintainer"
+	Add        = "add"
+	Copy       = "copy"
+	From       = "from"
+	Onbuild    = "onbuild"
+	Workdir    = "workdir"
+	Run        = "run"
+	Cmd        = "cmd"
+	Entrypoint = "entrypoint"
+	Expose     = "expose"
+	Volume     = "volume"
+	User       = "user"
+	StopSignal = "stopsignal"
+	Arg        = "arg"
+)
+
+// Commands is list of all Dockerfile commands
+var Commands = map[string]struct{}{
+	Env:        {},
+	Label:      {},
+	Maintainer: {},
+	Add:        {},
+	Copy:       {},
+	From:       {},
+	Onbuild:    {},
+	Workdir:    {},
+	Run:        {},
+	Cmd:        {},
+	Entrypoint: {},
+	Expose:     {},
+	Volume:     {},
+	User:       {},
+	StopSignal: {},
+	Arg:        {},
+}
diff --git a/builder/dockerfile/dispatchers.go b/builder/dockerfile/dispatchers.go
new file mode 100644
index 00000000..ac7c2b07
--- /dev/null
+++ b/builder/dockerfile/dispatchers.go
@@ -0,0 +1,639 @@
+package dockerfile
+
+// This file contains the dispatchers for each command. Note that
+// `nullDispatch` is not actually a command, but support for commands we parse
+// but do nothing with.
+//
+// See evaluator.go for a higher level discussion of the whole evaluator
+// package.
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"regexp"
+	"runtime"
+	"sort"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/api"
+	"github.com/docker/docker/builder"
+	"github.com/docker/docker/pkg/signal"
+	"github.com/docker/docker/pkg/system"
+	runconfigopts "github.com/docker/docker/runconfig/opts"
+	"github.com/docker/engine-api/types/container"
+	"github.com/docker/engine-api/types/strslice"
+	"github.com/docker/go-connections/nat"
+)
+
+// ENV foo bar
+//
+// Sets the environment variable foo to bar, also makes interpolation
+// in the dockerfile available from the next statement on via ${foo}.
+//
+func env(b *Builder, args []string, attributes map[string]bool, original string) error {
+	if len(args) == 0 {
+		return errAtLeastOneArgument("ENV")
+	}
+
+	if len(args)%2 != 0 {
+		// should never get here, but just in case
+		return errTooManyArguments("ENV")
+	}
+
+	if err := b.flags.Parse(); err != nil {
+		return err
+	}
+
+	// TODO/FIXME/NOT USED
+	// Just here to show how to use the builder flags stuff within the
+	// context of a builder command. Will remove once we actually add
+	// a builder command to something!
+	/*
+		flBool1 := b.flags.AddBool("bool1", false)
+		flStr1 := b.flags.AddString("str1", "HI")
+
+		if err := b.flags.Parse(); err != nil {
+			return err
+		}
+
+		fmt.Printf("Bool1:%v\n", flBool1)
+		fmt.Printf("Str1:%v\n", flStr1)
+	*/
+
+	commitStr := "ENV"
+
+	for j := 0; j < len(args); j++ {
+		// name  ==> args[j]
+		// value ==> args[j+1]
+		newVar := args[j] + "=" + args[j+1] + ""
+		commitStr += " " + newVar
+
+		gotOne := false
+		for i, envVar := range b.runConfig.Env {
+			envParts := strings.SplitN(envVar, "=", 2)
+			if envParts[0] == args[j] {
+				b.runConfig.Env[i] = newVar
+				gotOne = true
+				break
+			}
+		}
+		if !gotOne {
+			b.runConfig.Env = append(b.runConfig.Env, newVar)
+		}
+		j++
+	}
+
+	return b.commit("", b.runConfig.Cmd, commitStr)
+}
+
+// MAINTAINER some text <maybe@an.email.address>
+//
+// Sets the maintainer metadata.
+func maintainer(b *Builder, args []string, attributes map[string]bool, original string) error {
+	if len(args) != 1 {
+		return errExactlyOneArgument("MAINTAINER")
+	}
+
+	if err := b.flags.Parse(); err != nil {
+		return err
+	}
+
+	b.maintainer = args[0]
+	return b.commit("", b.runConfig.Cmd, fmt.Sprintf("MAINTAINER %s", b.maintainer))
+}
+
+// LABEL some json data describing the image
+//
+// Sets the Label variable foo to bar,
+//
+func label(b *Builder, args []string, attributes map[string]bool, original string) error {
+	if len(args) == 0 {
+		return errAtLeastOneArgument("LABEL")
+	}
+	if len(args)%2 != 0 {
+		// should never get here, but just in case
+		return errTooManyArguments("LABEL")
+	}
+
+	if err := b.flags.Parse(); err != nil {
+		return err
+	}
+
+	commitStr := "LABEL"
+
+	if b.runConfig.Labels == nil {
+		b.runConfig.Labels = map[string]string{}
+	}
+
+	for j := 0; j < len(args); j++ {
+		// name  ==> args[j]
+		// value ==> args[j+1]
+		newVar := args[j] + "=" + args[j+1] + ""
+		commitStr += " " + newVar
+
+		b.runConfig.Labels[args[j]] = args[j+1]
+		j++
+	}
+	return b.commit("", b.runConfig.Cmd, commitStr)
+}
+
+// ADD foo /path
+//
+// Add the file 'foo' to '/path'. Tarball and Remote URL (git, http) handling
+// exist here. If you do not wish to have this automatic handling, use COPY.
+//
+func add(b *Builder, args []string, attributes map[string]bool, original string) error {
+	if len(args) < 2 {
+		return errAtLeastOneArgument("ADD")
+	}
+
+	if err := b.flags.Parse(); err != nil {
+		return err
+	}
+
+	return b.runContextCommand(args, true, true, "ADD")
+}
+
+// COPY foo /path
+//
+// Same as 'ADD' but without the tar and remote url handling.
+//
+func dispatchCopy(b *Builder, args []string, attributes map[string]bool, original string) error {
+	if len(args) < 2 {
+		return errAtLeastOneArgument("COPY")
+	}
+
+	if err := b.flags.Parse(); err != nil {
+		return err
+	}
+
+	return b.runContextCommand(args, false, false, "COPY")
+}
+
+// FROM imagename
+//
+// This sets the image the dockerfile will build on top of.
+//
+func from(b *Builder, args []string, attributes map[string]bool, original string) error {
+	if len(args) != 1 {
+		return errExactlyOneArgument("FROM")
+	}
+
+	if err := b.flags.Parse(); err != nil {
+		return err
+	}
+
+	name := args[0]
+
+	var (
+		image builder.Image
+		err   error
+	)
+
+	// Windows cannot support a container with no base image.
+	if name == api.NoBaseImageSpecifier {
+		if runtime.GOOS == "windows" {
+			return fmt.Errorf("Windows does not support FROM scratch")
+		}
+		b.image = ""
+		b.noBaseImage = true
+	} else {
+		// TODO: don't use `name`, instead resolve it to a digest
+		if !b.options.PullParent {
+			image, err = b.docker.GetImageOnBuild(name)
+			// TODO: shouldn't we error out if error is different from "not found" ?
+		}
+		if image == nil {
+			image, err = b.docker.PullOnBuild(b.clientCtx, name, b.options.AuthConfigs, b.Output)
+			if err != nil {
+				return err
+			}
+		}
+	}
+
+	return b.processImageFrom(image)
+}
+
+// ONBUILD RUN echo yo
+//
+// ONBUILD triggers run when the image is used in a FROM statement.
+//
+// ONBUILD handling has a lot of special-case functionality, the heading in
+// evaluator.go and comments around dispatch() in the same file explain the
+// special cases. search for 'OnBuild' in internals.go for additional special
+// cases.
+//
+func onbuild(b *Builder, args []string, attributes map[string]bool, original string) error {
+	if len(args) == 0 {
+		return errAtLeastOneArgument("ONBUILD")
+	}
+
+	if err := b.flags.Parse(); err != nil {
+		return err
+	}
+
+	triggerInstruction := strings.ToUpper(strings.TrimSpace(args[0]))
+	switch triggerInstruction {
+	case "ONBUILD":
+		return fmt.Errorf("Chaining ONBUILD via `ONBUILD ONBUILD` isn't allowed")
+	case "MAINTAINER", "FROM":
+		return fmt.Errorf("%s isn't allowed as an ONBUILD trigger", triggerInstruction)
+	}
+
+	original = regexp.MustCompile(`(?i)^\s*ONBUILD\s*`).ReplaceAllString(original, "")
+
+	b.runConfig.OnBuild = append(b.runConfig.OnBuild, original)
+	return b.commit("", b.runConfig.Cmd, fmt.Sprintf("ONBUILD %s", original))
+}
+
+// WORKDIR /tmp
+//
+// Set the working directory for future RUN/CMD/etc statements.
+//
+func workdir(b *Builder, args []string, attributes map[string]bool, original string) error {
+	if len(args) != 1 {
+		return errExactlyOneArgument("WORKDIR")
+	}
+
+	if err := b.flags.Parse(); err != nil {
+		return err
+	}
+
+	// This is from the Dockerfile and will not necessarily be in platform
+	// specific semantics, hence ensure it is converted.
+	workdir := filepath.FromSlash(args[0])
+
+	if !system.IsAbs(workdir) {
+		current := filepath.FromSlash(b.runConfig.WorkingDir)
+		workdir = filepath.Join(string(os.PathSeparator), current, workdir)
+	}
+
+	b.runConfig.WorkingDir = workdir
+
+	return b.commit("", b.runConfig.Cmd, fmt.Sprintf("WORKDIR %v", workdir))
+}
+
+// RUN some command yo
+//
+// run a command and commit the image. Args are automatically prepended with
+// 'sh -c' under linux or 'cmd /S /C' under Windows, in the event there is
+// only one argument. The difference in processing:
+//
+// RUN echo hi          # sh -c echo hi       (Linux)
+// RUN echo hi          # cmd /S /C echo hi   (Windows)
+// RUN [ "echo", "hi" ] # echo hi
+//
+func run(b *Builder, args []string, attributes map[string]bool, original string) error {
+	if b.image == "" && !b.noBaseImage {
+		return fmt.Errorf("Please provide a source image with `from` prior to run")
+	}
+
+	if err := b.flags.Parse(); err != nil {
+		return err
+	}
+
+	args = handleJSONArgs(args, attributes)
+
+	if !attributes["json"] {
+		if runtime.GOOS != "windows" {
+			args = append([]string{"/bin/sh", "-c"}, args...)
+		} else {
+			args = append([]string{"cmd", "/S", "/C"}, args...)
+		}
+	}
+
+	config := &container.Config{
+		Cmd:   strslice.StrSlice(args),
+		Image: b.image,
+	}
+
+	// stash the cmd
+	cmd := b.runConfig.Cmd
+	if len(b.runConfig.Entrypoint) == 0 && len(b.runConfig.Cmd) == 0 {
+		b.runConfig.Cmd = config.Cmd
+	}
+
+	// stash the config environment
+	env := b.runConfig.Env
+
+	defer func(cmd strslice.StrSlice) { b.runConfig.Cmd = cmd }(cmd)
+	defer func(env []string) { b.runConfig.Env = env }(env)
+
+	// derive the net build-time environment for this run. We let config
+	// environment override the build time environment.
+	// This means that we take the b.buildArgs list of env vars and remove
+	// any of those variables that are defined as part of the container. In other
+	// words, anything in b.Config.Env. What's left is the list of build-time env
+	// vars that we need to add to each RUN command - note the list could be empty.
+	//
+	// We don't persist the build time environment with container's config
+	// environment, but just sort and prepend it to the command string at time
+	// of commit.
+	// This helps with tracing back the image's actual environment at the time
+	// of RUN, without leaking it to the final image. It also aids cache
+	// lookup for same image built with same build time environment.
+	cmdBuildEnv := []string{}
+	configEnv := runconfigopts.ConvertKVStringsToMap(b.runConfig.Env)
+	for key, val := range b.options.BuildArgs {
+		if !b.isBuildArgAllowed(key) {
+			// skip build-args that are not in allowed list, meaning they have
+			// not been defined by an "ARG" Dockerfile command yet.
+			// This is an error condition but only if there is no "ARG" in the entire
+			// Dockerfile, so we'll generate any necessary errors after we parsed
+			// the entire file (see 'leftoverArgs' processing in evaluator.go )
+			continue
+		}
+		if _, ok := configEnv[key]; !ok {
+			cmdBuildEnv = append(cmdBuildEnv, fmt.Sprintf("%s=%s", key, val))
+		}
+	}
+
+	// derive the command to use for probeCache() and to commit in this container.
+	// Note that we only do this if there are any build-time env vars.  Also, we
+	// use the special argument "|#" at the start of the args array. This will
+	// avoid conflicts with any RUN command since commands can not
+	// start with | (vertical bar). The "#" (number of build envs) is there to
+	// help ensure proper cache matches. We don't want a RUN command
+	// that starts with "foo=abc" to be considered part of a build-time env var.
+	saveCmd := config.Cmd
+	if len(cmdBuildEnv) > 0 {
+		sort.Strings(cmdBuildEnv)
+		tmpEnv := append([]string{fmt.Sprintf("|%d", len(cmdBuildEnv))}, cmdBuildEnv...)
+		saveCmd = strslice.StrSlice(append(tmpEnv, saveCmd...))
+	}
+
+	b.runConfig.Cmd = saveCmd
+	hit, err := b.probeCache()
+	if err != nil {
+		return err
+	}
+	if hit {
+		return nil
+	}
+
+	// set Cmd manually, this is special case only for Dockerfiles
+	b.runConfig.Cmd = config.Cmd
+	// set build-time environment for 'run'.
+	b.runConfig.Env = append(b.runConfig.Env, cmdBuildEnv...)
+	// set config as already being escaped, this prevents double escaping on windows
+	b.runConfig.ArgsEscaped = true
+
+	logrus.Debugf("[BUILDER] Command to be executed: %v", b.runConfig.Cmd)
+
+	cID, err := b.create()
+	if err != nil {
+		return err
+	}
+
+	if err := b.run(cID); err != nil {
+		return err
+	}
+
+	// revert to original config environment and set the command string to
+	// have the build-time env vars in it (if any) so that future cache look-ups
+	// properly match it.
+	b.runConfig.Env = env
+	b.runConfig.Cmd = saveCmd
+	return b.commit(cID, cmd, "run")
+}
+
+// CMD foo
+//
+// Set the default command to run in the container (which may be empty).
+// Argument handling is the same as RUN.
+//
+func cmd(b *Builder, args []string, attributes map[string]bool, original string) error {
+	if err := b.flags.Parse(); err != nil {
+		return err
+	}
+
+	cmdSlice := handleJSONArgs(args, attributes)
+
+	if !attributes["json"] {
+		if runtime.GOOS != "windows" {
+			cmdSlice = append([]string{"/bin/sh", "-c"}, cmdSlice...)
+		} else {
+			cmdSlice = append([]string{"cmd", "/S", "/C"}, cmdSlice...)
+		}
+	}
+
+	b.runConfig.Cmd = strslice.StrSlice(cmdSlice)
+
+	if err := b.commit("", b.runConfig.Cmd, fmt.Sprintf("CMD %q", cmdSlice)); err != nil {
+		return err
+	}
+
+	if len(args) != 0 {
+		b.cmdSet = true
+	}
+
+	return nil
+}
+
+// ENTRYPOINT /usr/sbin/nginx
+//
+// Set the entrypoint (which defaults to sh -c on linux, or cmd /S /C on Windows) to
+// /usr/sbin/nginx. Will accept the CMD as the arguments to /usr/sbin/nginx.
+//
+// Handles command processing similar to CMD and RUN, only b.runConfig.Entrypoint
+// is initialized at NewBuilder time instead of through argument parsing.
+//
+func entrypoint(b *Builder, args []string, attributes map[string]bool, original string) error {
+	if err := b.flags.Parse(); err != nil {
+		return err
+	}
+
+	parsed := handleJSONArgs(args, attributes)
+
+	switch {
+	case attributes["json"]:
+		// ENTRYPOINT ["echo", "hi"]
+		b.runConfig.Entrypoint = strslice.StrSlice(parsed)
+	case len(parsed) == 0:
+		// ENTRYPOINT []
+		b.runConfig.Entrypoint = nil
+	default:
+		// ENTRYPOINT echo hi
+		if runtime.GOOS != "windows" {
+			b.runConfig.Entrypoint = strslice.StrSlice{"/bin/sh", "-c", parsed[0]}
+		} else {
+			b.runConfig.Entrypoint = strslice.StrSlice{"cmd", "/S", "/C", parsed[0]}
+		}
+	}
+
+	// when setting the entrypoint if a CMD was not explicitly set then
+	// set the command to nil
+	if !b.cmdSet {
+		b.runConfig.Cmd = nil
+	}
+
+	if err := b.commit("", b.runConfig.Cmd, fmt.Sprintf("ENTRYPOINT %q", b.runConfig.Entrypoint)); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// EXPOSE 6667/tcp 7000/tcp
+//
+// Expose ports for links and port mappings. This all ends up in
+// b.runConfig.ExposedPorts for runconfig.
+//
+func expose(b *Builder, args []string, attributes map[string]bool, original string) error {
+	portsTab := args
+
+	if len(args) == 0 {
+		return errAtLeastOneArgument("EXPOSE")
+	}
+
+	if err := b.flags.Parse(); err != nil {
+		return err
+	}
+
+	if b.runConfig.ExposedPorts == nil {
+		b.runConfig.ExposedPorts = make(nat.PortSet)
+	}
+
+	ports, _, err := nat.ParsePortSpecs(portsTab)
+	if err != nil {
+		return err
+	}
+
+	// instead of using ports directly, we build a list of ports and sort it so
+	// the order is consistent. This prevents cache burst where map ordering
+	// changes between builds
+	portList := make([]string, len(ports))
+	var i int
+	for port := range ports {
+		if _, exists := b.runConfig.ExposedPorts[port]; !exists {
+			b.runConfig.ExposedPorts[port] = struct{}{}
+		}
+		portList[i] = string(port)
+		i++
+	}
+	sort.Strings(portList)
+	return b.commit("", b.runConfig.Cmd, fmt.Sprintf("EXPOSE %s", strings.Join(portList, " ")))
+}
+
+// USER foo
+//
+// Set the user to 'foo' for future commands and when running the
+// ENTRYPOINT/CMD at container run time.
+//
+func user(b *Builder, args []string, attributes map[string]bool, original string) error {
+	if len(args) != 1 {
+		return errExactlyOneArgument("USER")
+	}
+
+	if err := b.flags.Parse(); err != nil {
+		return err
+	}
+
+	b.runConfig.User = args[0]
+	return b.commit("", b.runConfig.Cmd, fmt.Sprintf("USER %v", args))
+}
+
+// VOLUME /foo
+//
+// Expose the volume /foo for use. Will also accept the JSON array form.
+//
+func volume(b *Builder, args []string, attributes map[string]bool, original string) error {
+	if len(args) == 0 {
+		return errAtLeastOneArgument("VOLUME")
+	}
+
+	if err := b.flags.Parse(); err != nil {
+		return err
+	}
+
+	if b.runConfig.Volumes == nil {
+		b.runConfig.Volumes = map[string]struct{}{}
+	}
+	for _, v := range args {
+		v = strings.TrimSpace(v)
+		if v == "" {
+			return fmt.Errorf("Volume specified can not be an empty string")
+		}
+		b.runConfig.Volumes[v] = struct{}{}
+	}
+	if err := b.commit("", b.runConfig.Cmd, fmt.Sprintf("VOLUME %v", args)); err != nil {
+		return err
+	}
+	return nil
+}
+
+// STOPSIGNAL signal
+//
+// Set the signal that will be used to kill the container.
+func stopSignal(b *Builder, args []string, attributes map[string]bool, original string) error {
+	if len(args) != 1 {
+		return fmt.Errorf("STOPSIGNAL requires exactly one argument")
+	}
+
+	sig := args[0]
+	_, err := signal.ParseSignal(sig)
+	if err != nil {
+		return err
+	}
+
+	b.runConfig.StopSignal = sig
+	return b.commit("", b.runConfig.Cmd, fmt.Sprintf("STOPSIGNAL %v", args))
+}
+
+// ARG name[=value]
+//
+// Adds the variable foo to the trusted list of variables that can be passed
+// to builder using the --build-arg flag for expansion/subsitution or passing to 'run'.
+// Dockerfile author may optionally set a default value of this variable.
+func arg(b *Builder, args []string, attributes map[string]bool, original string) error {
+	if len(args) != 1 {
+		return fmt.Errorf("ARG requires exactly one argument definition")
+	}
+
+	var (
+		name       string
+		value      string
+		hasDefault bool
+	)
+
+	arg := args[0]
+	// 'arg' can just be a name or name-value pair. Note that this is different
+	// from 'env' that handles the split of name and value at the parser level.
+	// The reason for doing it differently for 'arg' is that we support just
+	// defining an arg and not assign it a value (while 'env' always expects a
+	// name-value pair). If possible, it will be good to harmonize the two.
+	if strings.Contains(arg, "=") {
+		parts := strings.SplitN(arg, "=", 2)
+		name = parts[0]
+		value = parts[1]
+		hasDefault = true
+	} else {
+		name = arg
+		hasDefault = false
+	}
+	// add the arg to allowed list of build-time args from this step on.
+	b.allowedBuildArgs[name] = true
+
+	// If there is a default value associated with this arg then add it to the
+	// b.buildArgs if one is not already passed to the builder. The args passed
+	// to builder override the default value of 'arg'.
+	if _, ok := b.options.BuildArgs[name]; !ok && hasDefault {
+		b.options.BuildArgs[name] = value
+	}
+
+	return b.commit("", b.runConfig.Cmd, fmt.Sprintf("ARG %s", arg))
+}
+
+func errAtLeastOneArgument(command string) error {
+	return fmt.Errorf("%s requires at least one argument", command)
+}
+
+func errExactlyOneArgument(command string) error {
+	return fmt.Errorf("%s requires exactly one argument", command)
+}
+
+func errTooManyArguments(command string) error {
+	return fmt.Errorf("Bad input to %s, too many arguments", command)
+}
diff --git a/builder/dockerfile/envVarTest b/builder/dockerfile/envVarTest
new file mode 100644
index 00000000..1a7fe975
--- /dev/null
+++ b/builder/dockerfile/envVarTest
@@ -0,0 +1,112 @@
+hello                    |     hello
+he'll'o                  |     hello
+he'llo                   |     hello
+he\'llo                  |     he'llo
+he\\'llo                 |     he\llo
+abc\tdef                 |     abctdef
+"abc\tdef"               |     abc\tdef
+'abc\tdef'               |     abc\tdef
+hello\                   |     hello
+hello\\                  |     hello\
+"hello                   |     hello
+"hello\"                 |     hello"
+"hel'lo"                 |     hel'lo
+'hello                   |     hello
+'hello\'                 |     hello\
+"''"                     |     ''
+$.                       |     $.
+$1                       |
+he$1x                    |     hex
+he$.x                    |     he$.x
+he$pwd.                  |     he.
+he$PWD                   |     he/home
+he\$PWD                  |     he$PWD
+he\\$PWD                 |     he\/home
+he\${}                   |     he${}
+he\${}xx                 |     he${}xx
+he${}                    |     he
+he${}xx                  |     hexx
+he${hi}                  |     he
+he${hi}xx                |     hexx
+he${PWD}                 |     he/home
+he${.}                   |     error
+he${XXX:-000}xx          |     he000xx
+he${PWD:-000}xx          |     he/homexx
+he${XXX:-$PWD}xx         |     he/homexx
+he${XXX:-${PWD:-yyy}}xx  |     he/homexx
+he${XXX:-${YYY:-yyy}}xx  |     heyyyxx
+he${XXX:YYY}             |     error
+he${XXX:+${PWD}}xx       |     hexx
+he${PWD:+${XXX}}xx       |     hexx
+he${PWD:+${SHELL}}xx     |     hebashxx
+he${XXX:+000}xx          |     hexx
+he${PWD:+000}xx          |     he000xx
+'he${XX}'                |     he${XX}
+"he${PWD}"               |     he/home
+"he'$PWD'"               |     he'/home'
+"$PWD"                   |     /home
+'$PWD'                   |     $PWD
+'\$PWD'                  |     \$PWD
+'"hello"'                |     "hello"
+he\$PWD                  |     he$PWD
+"he\$PWD"                |     he$PWD
+'he\$PWD'                |     he\$PWD
+he${PWD                  |     error
+he${PWD:=000}xx          |     error
+he${PWD:+${PWD}:}xx      |     he/home:xx
+he${XXX:-\$PWD:}xx       |     he$PWD:xx
+he${XXX:-\${PWD}z}xx     |     he${PWDz}xx
+안녕하세요                 |     안녕하세요
+안'녕'하세요               |     안녕하세요
+안'녕하세요                |     안녕하세요
+안녕\'하세요               |     안녕'하세요
+안\\'녕하세요              |     안\녕하세요
+안녕\t하세요               |     안녕t하세요
+"안녕\t하세요"             |     안녕\t하세요
+'안녕\t하세요              |     안녕\t하세요
+안녕하세요\                |     안녕하세요
+안녕하세요\\               |     안녕하세요\
+"안녕하세요                |     안녕하세요
+"안녕하세요\"              |     안녕하세요"
+"안녕'하세요"              |     안녕'하세요
+'안녕하세요                |     안녕하세요
+'안녕하세요\'              |     안녕하세요\
+안녕$1x                    |     안녕x
+안녕$.x                    |     안녕$.x
+안녕$pwd.                  |     안녕.
+안녕$PWD                   |     안녕/home
+안녕\$PWD                  |     안녕$PWD
+안녕\\$PWD                 |     안녕\/home
+안녕\${}                   |     안녕${}
+안녕\${}xx                 |     안녕${}xx
+안녕${}                    |     안녕
+안녕${}xx                  |     안녕xx
+안녕${hi}                  |     안녕
+안녕${hi}xx                |     안녕xx
+안녕${PWD}                 |     안녕/home
+안녕${.}                   |     error
+안녕${XXX:-000}xx          |     안녕000xx
+안녕${PWD:-000}xx          |     안녕/homexx
+안녕${XXX:-$PWD}xx         |     안녕/homexx
+안녕${XXX:-${PWD:-yyy}}xx  |     안녕/homexx
+안녕${XXX:-${YYY:-yyy}}xx  |     안녕yyyxx
+안녕${XXX:YYY}             |     error
+안녕${XXX:+${PWD}}xx       |     안녕xx
+안녕${PWD:+${XXX}}xx       |     안녕xx
+안녕${PWD:+${SHELL}}xx     |     안녕bashxx
+안녕${XXX:+000}xx          |     안녕xx
+안녕${PWD:+000}xx          |     안녕000xx
+'안녕${XX}'                |     안녕${XX}
+"안녕${PWD}"               |     안녕/home
+"안녕'$PWD'"               |     안녕'/home'
+'"안녕"'                   |     "안녕"
+안녕\$PWD                  |     안녕$PWD
+"안녕\$PWD"                |     안녕$PWD
+'안녕\$PWD'                |     안녕\$PWD
+안녕${PWD                  |     error
+안녕${PWD:=000}xx          |     error
+안녕${PWD:+${PWD}:}xx      |     안녕/home:xx
+안녕${XXX:-\$PWD:}xx       |     안녕$PWD:xx
+안녕${XXX:-\${PWD}z}xx     |     안녕${PWDz}xx
+$KOREAN                    |     한국어
+안녕$KOREAN                |     안녕한국어
diff --git a/builder/dockerfile/evaluator.go b/builder/dockerfile/evaluator.go
new file mode 100644
index 00000000..270e3a4f
--- /dev/null
+++ b/builder/dockerfile/evaluator.go
@@ -0,0 +1,215 @@
+// Package dockerfile is the evaluation step in the Dockerfile parse/evaluate pipeline.
+//
+// It incorporates a dispatch table based on the parser.Node values (see the
+// parser package for more information) that are yielded from the parser itself.
+// Calling NewBuilder with the BuildOpts struct can be used to customize the
+// experience for execution purposes only. Parsing is controlled in the parser
+// package, and this division of responsibility should be respected.
+//
+// Please see the jump table targets for the actual invocations, most of which
+// will call out to the functions in internals.go to deal with their tasks.
+//
+// ONBUILD is a special case, which is covered in the onbuild() func in
+// dispatchers.go.
+//
+// The evaluator uses the concept of "steps", which are usually each processable
+// line in the Dockerfile. Each step is numbered and certain actions are taken
+// before and after each step, such as creating an image ID and removing temporary
+// containers and images. Note that ONBUILD creates a kinda-sorta "sub run" which
+// includes its own set of steps (usually only one of them).
+package dockerfile
+
+import (
+	"fmt"
+	"runtime"
+	"strings"
+
+	"github.com/docker/docker/builder/dockerfile/command"
+	"github.com/docker/docker/builder/dockerfile/parser"
+)
+
+// Environment variable interpolation will happen on these statements only.
+var replaceEnvAllowed = map[string]bool{
+	command.Env:        true,
+	command.Label:      true,
+	command.Add:        true,
+	command.Copy:       true,
+	command.Workdir:    true,
+	command.Expose:     true,
+	command.Volume:     true,
+	command.User:       true,
+	command.StopSignal: true,
+	command.Arg:        true,
+}
+
+// Certain commands are allowed to have their args split into more
+// words after env var replacements. Meaning:
+//   ENV foo="123 456"
+//   EXPOSE $foo
+// should result in the same thing as:
+//   EXPOSE 123 456
+// and not treat "123 456" as a single word.
+// Note that: EXPOSE "$foo" and EXPOSE $foo are not the same thing.
+// Quotes will cause it to still be treated as single word.
+var allowWordExpansion = map[string]bool{
+	command.Expose: true,
+}
+
+var evaluateTable map[string]func(*Builder, []string, map[string]bool, string) error
+
+func init() {
+	evaluateTable = map[string]func(*Builder, []string, map[string]bool, string) error{
+		command.Env:        env,
+		command.Label:      label,
+		command.Maintainer: maintainer,
+		command.Add:        add,
+		command.Copy:       dispatchCopy, // copy() is a go builtin
+		command.From:       from,
+		command.Onbuild:    onbuild,
+		command.Workdir:    workdir,
+		command.Run:        run,
+		command.Cmd:        cmd,
+		command.Entrypoint: entrypoint,
+		command.Expose:     expose,
+		command.Volume:     volume,
+		command.User:       user,
+		command.StopSignal: stopSignal,
+		command.Arg:        arg,
+	}
+}
+
+// This method is the entrypoint to all statement handling routines.
+//
+// Almost all nodes will have this structure:
+// Child[Node, Node, Node] where Child is from parser.Node.Children and each
+// node comes from parser.Node.Next. This forms a "line" with a statement and
+// arguments and we process them in this normalized form by hitting
+// evaluateTable with the leaf nodes of the command and the Builder object.
+//
+// ONBUILD is a special case; in this case the parser will emit:
+// Child[Node, Child[Node, Node...]] where the first node is the literal
+// "onbuild" and the child entrypoint is the command of the ONBUILD statement,
+// such as `RUN` in ONBUILD RUN foo. There is special case logic in here to
+// deal with that, at least until it becomes more of a general concern with new
+// features.
+func (b *Builder) dispatch(stepN int, ast *parser.Node) error {
+	cmd := ast.Value
+	upperCasedCmd := strings.ToUpper(cmd)
+
+	// To ensure the user is given a decent error message if the platform
+	// on which the daemon is running does not support a builder command.
+	if err := platformSupports(strings.ToLower(cmd)); err != nil {
+		return err
+	}
+
+	attrs := ast.Attributes
+	original := ast.Original
+	flags := ast.Flags
+	strList := []string{}
+	msg := fmt.Sprintf("Step %d : %s", stepN+1, upperCasedCmd)
+
+	if len(ast.Flags) > 0 {
+		msg += " " + strings.Join(ast.Flags, " ")
+	}
+
+	if cmd == "onbuild" {
+		if ast.Next == nil {
+			return fmt.Errorf("ONBUILD requires at least one argument")
+		}
+		ast = ast.Next.Children[0]
+		strList = append(strList, ast.Value)
+		msg += " " + ast.Value
+
+		if len(ast.Flags) > 0 {
+			msg += " " + strings.Join(ast.Flags, " ")
+		}
+
+	}
+
+	// count the number of nodes that we are going to traverse first
+	// so we can pre-create the argument and message array. This speeds up the
+	// allocation of those list a lot when they have a lot of arguments
+	cursor := ast
+	var n int
+	for cursor.Next != nil {
+		cursor = cursor.Next
+		n++
+	}
+	msgList := make([]string, n)
+
+	var i int
+	// Append the build-time args to config-environment.
+	// This allows builder config to override the variables, making the behavior similar to
+	// a shell script i.e. `ENV foo bar` overrides value of `foo` passed in build
+	// context. But `ENV foo $foo` will use the value from build context if one
+	// isn't already been defined by a previous ENV primitive.
+	// Note, we get this behavior because we know that ProcessWord() will
+	// stop on the first occurrence of a variable name and not notice
+	// a subsequent one. So, putting the buildArgs list after the Config.Env
+	// list, in 'envs', is safe.
+	envs := b.runConfig.Env
+	for key, val := range b.options.BuildArgs {
+		if !b.isBuildArgAllowed(key) {
+			// skip build-args that are not in allowed list, meaning they have
+			// not been defined by an "ARG" Dockerfile command yet.
+			// This is an error condition but only if there is no "ARG" in the entire
+			// Dockerfile, so we'll generate any necessary errors after we parsed
+			// the entire file (see 'leftoverArgs' processing in evaluator.go )
+			continue
+		}
+		envs = append(envs, fmt.Sprintf("%s=%s", key, val))
+	}
+	for ast.Next != nil {
+		ast = ast.Next
+		var str string
+		str = ast.Value
+		if replaceEnvAllowed[cmd] {
+			var err error
+			var words []string
+
+			if allowWordExpansion[cmd] {
+				words, err = ProcessWords(str, envs)
+				if err != nil {
+					return err
+				}
+				strList = append(strList, words...)
+			} else {
+				str, err = ProcessWord(str, envs)
+				if err != nil {
+					return err
+				}
+				strList = append(strList, str)
+			}
+		} else {
+			strList = append(strList, str)
+		}
+		msgList[i] = ast.Value
+		i++
+	}
+
+	msg += " " + strings.Join(msgList, " ")
+	fmt.Fprintln(b.Stdout, msg)
+
+	// XXX yes, we skip any cmds that are not valid; the parser should have
+	// picked these out already.
+	if f, ok := evaluateTable[cmd]; ok {
+		b.flags = NewBFlags()
+		b.flags.Args = flags
+		return f(b, strList, attrs, original)
+	}
+
+	return fmt.Errorf("Unknown instruction: %s", upperCasedCmd)
+}
+
+// platformSupports is a short-term function to give users a quality error
+// message if a Dockerfile uses a command not supported on the platform.
+func platformSupports(command string) error {
+	if runtime.GOOS != "windows" {
+		return nil
+	}
+	switch command {
+	case "expose", "user", "stopsignal", "arg":
+		return fmt.Errorf("The daemon on this platform does not support the command '%s'", command)
+	}
+	return nil
+}
diff --git a/builder/dockerfile/internals.go b/builder/dockerfile/internals.go
new file mode 100644
index 00000000..a9be9fdd
--- /dev/null
+++ b/builder/dockerfile/internals.go
@@ -0,0 +1,662 @@
+package dockerfile
+
+// internals for handling commands. Covers many areas and a lot of
+// non-contiguous functionality. Please read the comments.
+
+import (
+	"crypto/sha256"
+	"encoding/hex"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"os"
+	"path/filepath"
+	"runtime"
+	"sort"
+	"strings"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/builder"
+	"github.com/docker/docker/builder/dockerfile/parser"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/httputils"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/pkg/jsonmessage"
+	"github.com/docker/docker/pkg/progress"
+	"github.com/docker/docker/pkg/streamformatter"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/docker/pkg/system"
+	"github.com/docker/docker/pkg/tarsum"
+	"github.com/docker/docker/pkg/urlutil"
+	"github.com/docker/docker/runconfig/opts"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/container"
+	"github.com/docker/engine-api/types/strslice"
+)
+
+func (b *Builder) commit(id string, autoCmd strslice.StrSlice, comment string) error {
+	if b.disableCommit {
+		return nil
+	}
+	if b.image == "" && !b.noBaseImage {
+		return fmt.Errorf("Please provide a source image with `from` prior to commit")
+	}
+	b.runConfig.Image = b.image
+
+	if id == "" {
+		cmd := b.runConfig.Cmd
+		if runtime.GOOS != "windows" {
+			b.runConfig.Cmd = strslice.StrSlice{"/bin/sh", "-c", "#(nop) " + comment}
+		} else {
+			b.runConfig.Cmd = strslice.StrSlice{"cmd", "/S /C", "REM (nop) " + comment}
+		}
+		defer func(cmd strslice.StrSlice) { b.runConfig.Cmd = cmd }(cmd)
+
+		hit, err := b.probeCache()
+		if err != nil {
+			return err
+		} else if hit {
+			return nil
+		}
+		id, err = b.create()
+		if err != nil {
+			return err
+		}
+	}
+
+	// Note: Actually copy the struct
+	autoConfig := *b.runConfig
+	autoConfig.Cmd = autoCmd
+
+	commitCfg := &types.ContainerCommitConfig{
+		Author: b.maintainer,
+		Pause:  true,
+		Config: &autoConfig,
+	}
+
+	// Commit the container
+	imageID, err := b.docker.Commit(id, commitCfg)
+	if err != nil {
+		return err
+	}
+
+	b.image = imageID
+	return nil
+}
+
+type copyInfo struct {
+	builder.FileInfo
+	decompress bool
+}
+
+func (b *Builder) runContextCommand(args []string, allowRemote bool, allowLocalDecompression bool, cmdName string) error {
+	if b.context == nil {
+		return fmt.Errorf("No context given. Impossible to use %s", cmdName)
+	}
+
+	if len(args) < 2 {
+		return fmt.Errorf("Invalid %s format - at least two arguments required", cmdName)
+	}
+
+	// Work in daemon-specific filepath semantics
+	dest := filepath.FromSlash(args[len(args)-1]) // last one is always the dest
+
+	b.runConfig.Image = b.image
+
+	var infos []copyInfo
+
+	// Loop through each src file and calculate the info we need to
+	// do the copy (e.g. hash value if cached).  Don't actually do
+	// the copy until we've looked at all src files
+	var err error
+	for _, orig := range args[0 : len(args)-1] {
+		var fi builder.FileInfo
+		decompress := allowLocalDecompression
+		if urlutil.IsURL(orig) {
+			if !allowRemote {
+				return fmt.Errorf("Source can't be a URL for %s", cmdName)
+			}
+			fi, err = b.download(orig)
+			if err != nil {
+				return err
+			}
+			defer os.RemoveAll(filepath.Dir(fi.Path()))
+			decompress = false
+			infos = append(infos, copyInfo{fi, decompress})
+			continue
+		}
+		// not a URL
+		subInfos, err := b.calcCopyInfo(cmdName, orig, allowLocalDecompression, true)
+		if err != nil {
+			return err
+		}
+
+		infos = append(infos, subInfos...)
+	}
+
+	if len(infos) == 0 {
+		return fmt.Errorf("No source files were specified")
+	}
+	if len(infos) > 1 && !strings.HasSuffix(dest, string(os.PathSeparator)) {
+		return fmt.Errorf("When using %s with more than one source file, the destination must be a directory and end with a /", cmdName)
+	}
+
+	// For backwards compat, if there's just one info then use it as the
+	// cache look-up string, otherwise hash 'em all into one
+	var srcHash string
+	var origPaths string
+
+	if len(infos) == 1 {
+		fi := infos[0].FileInfo
+		origPaths = fi.Name()
+		if hfi, ok := fi.(builder.Hashed); ok {
+			srcHash = hfi.Hash()
+		}
+	} else {
+		var hashs []string
+		var origs []string
+		for _, info := range infos {
+			fi := info.FileInfo
+			origs = append(origs, fi.Name())
+			if hfi, ok := fi.(builder.Hashed); ok {
+				hashs = append(hashs, hfi.Hash())
+			}
+		}
+		hasher := sha256.New()
+		hasher.Write([]byte(strings.Join(hashs, ",")))
+		srcHash = "multi:" + hex.EncodeToString(hasher.Sum(nil))
+		origPaths = strings.Join(origs, " ")
+	}
+
+	cmd := b.runConfig.Cmd
+	if runtime.GOOS != "windows" {
+		b.runConfig.Cmd = strslice.StrSlice{"/bin/sh", "-c", fmt.Sprintf("#(nop) %s %s in %s", cmdName, srcHash, dest)}
+	} else {
+		b.runConfig.Cmd = strslice.StrSlice{"cmd", "/S", "/C", fmt.Sprintf("REM (nop) %s %s in %s", cmdName, srcHash, dest)}
+	}
+	defer func(cmd strslice.StrSlice) { b.runConfig.Cmd = cmd }(cmd)
+
+	if hit, err := b.probeCache(); err != nil {
+		return err
+	} else if hit {
+		return nil
+	}
+
+	container, err := b.docker.ContainerCreate(types.ContainerCreateConfig{Config: b.runConfig})
+	if err != nil {
+		return err
+	}
+	b.tmpContainers[container.ID] = struct{}{}
+
+	comment := fmt.Sprintf("%s %s in %s", cmdName, origPaths, dest)
+
+	// Twiddle the destination when its a relative path - meaning, make it
+	// relative to the WORKINGDIR
+	if !system.IsAbs(dest) {
+		hasSlash := strings.HasSuffix(dest, string(os.PathSeparator))
+		dest = filepath.Join(string(os.PathSeparator), filepath.FromSlash(b.runConfig.WorkingDir), dest)
+
+		// Make sure we preserve any trailing slash
+		if hasSlash {
+			dest += string(os.PathSeparator)
+		}
+	}
+
+	for _, info := range infos {
+		if err := b.docker.CopyOnBuild(container.ID, dest, info.FileInfo, info.decompress); err != nil {
+			return err
+		}
+	}
+
+	return b.commit(container.ID, cmd, comment)
+}
+
+func (b *Builder) download(srcURL string) (fi builder.FileInfo, err error) {
+	// get filename from URL
+	u, err := url.Parse(srcURL)
+	if err != nil {
+		return
+	}
+	path := filepath.FromSlash(u.Path) // Ensure in platform semantics
+	if strings.HasSuffix(path, string(os.PathSeparator)) {
+		path = path[:len(path)-1]
+	}
+	parts := strings.Split(path, string(os.PathSeparator))
+	filename := parts[len(parts)-1]
+	if filename == "" {
+		err = fmt.Errorf("cannot determine filename from url: %s", u)
+		return
+	}
+
+	// Initiate the download
+	resp, err := httputils.Download(srcURL)
+	if err != nil {
+		return
+	}
+
+	// Prepare file in a tmp dir
+	tmpDir, err := ioutils.TempDir("", "docker-remote")
+	if err != nil {
+		return
+	}
+	defer func() {
+		if err != nil {
+			os.RemoveAll(tmpDir)
+		}
+	}()
+	tmpFileName := filepath.Join(tmpDir, filename)
+	tmpFile, err := os.OpenFile(tmpFileName, os.O_RDWR|os.O_CREATE|os.O_EXCL, 0600)
+	if err != nil {
+		return
+	}
+
+	stdoutFormatter := b.Stdout.(*streamformatter.StdoutFormatter)
+	progressOutput := stdoutFormatter.StreamFormatter.NewProgressOutput(stdoutFormatter.Writer, true)
+	progressReader := progress.NewProgressReader(resp.Body, progressOutput, resp.ContentLength, "", "Downloading")
+	// Download and dump result to tmp file
+	if _, err = io.Copy(tmpFile, progressReader); err != nil {
+		tmpFile.Close()
+		return
+	}
+	fmt.Fprintln(b.Stdout)
+	// ignoring error because the file was already opened successfully
+	tmpFileSt, err := tmpFile.Stat()
+	if err != nil {
+		return
+	}
+	tmpFile.Close()
+
+	// Set the mtime to the Last-Modified header value if present
+	// Otherwise just remove atime and mtime
+	mTime := time.Time{}
+
+	lastMod := resp.Header.Get("Last-Modified")
+	if lastMod != "" {
+		// If we can't parse it then just let it default to 'zero'
+		// otherwise use the parsed time value
+		if parsedMTime, err := http.ParseTime(lastMod); err == nil {
+			mTime = parsedMTime
+		}
+	}
+
+	if err = system.Chtimes(tmpFileName, mTime, mTime); err != nil {
+		return
+	}
+
+	// Calc the checksum, even if we're using the cache
+	r, err := archive.Tar(tmpFileName, archive.Uncompressed)
+	if err != nil {
+		return
+	}
+	tarSum, err := tarsum.NewTarSum(r, true, tarsum.Version1)
+	if err != nil {
+		return
+	}
+	if _, err = io.Copy(ioutil.Discard, tarSum); err != nil {
+		return
+	}
+	hash := tarSum.Sum(nil)
+	r.Close()
+	return &builder.HashedFileInfo{FileInfo: builder.PathFileInfo{FileInfo: tmpFileSt, FilePath: tmpFileName}, FileHash: hash}, nil
+}
+
+func (b *Builder) calcCopyInfo(cmdName, origPath string, allowLocalDecompression, allowWildcards bool) ([]copyInfo, error) {
+
+	// Work in daemon-specific OS filepath semantics
+	origPath = filepath.FromSlash(origPath)
+
+	if origPath != "" && origPath[0] == os.PathSeparator && len(origPath) > 1 {
+		origPath = origPath[1:]
+	}
+	origPath = strings.TrimPrefix(origPath, "."+string(os.PathSeparator))
+
+	// Deal with wildcards
+	if allowWildcards && containsWildcards(origPath) {
+		var copyInfos []copyInfo
+		if err := b.context.Walk("", func(path string, info builder.FileInfo, err error) error {
+			if err != nil {
+				return err
+			}
+			if info.Name() == "" {
+				// Why are we doing this check?
+				return nil
+			}
+			if match, _ := filepath.Match(origPath, path); !match {
+				return nil
+			}
+
+			// Note we set allowWildcards to false in case the name has
+			// a * in it
+			subInfos, err := b.calcCopyInfo(cmdName, path, allowLocalDecompression, false)
+			if err != nil {
+				return err
+			}
+			copyInfos = append(copyInfos, subInfos...)
+			return nil
+		}); err != nil {
+			return nil, err
+		}
+		return copyInfos, nil
+	}
+
+	// Must be a dir or a file
+
+	statPath, fi, err := b.context.Stat(origPath)
+	if err != nil {
+		return nil, err
+	}
+
+	copyInfos := []copyInfo{{FileInfo: fi, decompress: allowLocalDecompression}}
+
+	hfi, handleHash := fi.(builder.Hashed)
+	if !handleHash {
+		return copyInfos, nil
+	}
+
+	// Deal with the single file case
+	if !fi.IsDir() {
+		hfi.SetHash("file:" + hfi.Hash())
+		return copyInfos, nil
+	}
+	// Must be a dir
+	var subfiles []string
+	err = b.context.Walk(statPath, func(path string, info builder.FileInfo, err error) error {
+		if err != nil {
+			return err
+		}
+		// we already checked handleHash above
+		subfiles = append(subfiles, info.(builder.Hashed).Hash())
+		return nil
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	sort.Strings(subfiles)
+	hasher := sha256.New()
+	hasher.Write([]byte(strings.Join(subfiles, ",")))
+	hfi.SetHash("dir:" + hex.EncodeToString(hasher.Sum(nil)))
+
+	return copyInfos, nil
+}
+
+func containsWildcards(name string) bool {
+	for i := 0; i < len(name); i++ {
+		ch := name[i]
+		if ch == '\\' {
+			i++
+		} else if ch == '*' || ch == '?' || ch == '[' {
+			return true
+		}
+	}
+	return false
+}
+
+func (b *Builder) processImageFrom(img builder.Image) error {
+	if img != nil {
+		b.image = img.ImageID()
+
+		if img.RunConfig() != nil {
+			b.runConfig = img.RunConfig()
+		}
+	}
+
+	// Check to see if we have a default PATH, note that windows won't
+	// have one as its set by HCS
+	if system.DefaultPathEnv != "" {
+		// Convert the slice of strings that represent the current list
+		// of env vars into a map so we can see if PATH is already set.
+		// If its not set then go ahead and give it our default value
+		configEnv := opts.ConvertKVStringsToMap(b.runConfig.Env)
+		if _, ok := configEnv["PATH"]; !ok {
+			b.runConfig.Env = append(b.runConfig.Env,
+				"PATH="+system.DefaultPathEnv)
+		}
+	}
+
+	if img == nil {
+		// Typically this means they used "FROM scratch"
+		return nil
+	}
+
+	// Process ONBUILD triggers if they exist
+	if nTriggers := len(b.runConfig.OnBuild); nTriggers != 0 {
+		word := "trigger"
+		if nTriggers > 1 {
+			word = "triggers"
+		}
+		fmt.Fprintf(b.Stderr, "# Executing %d build %s...\n", nTriggers, word)
+	}
+
+	// Copy the ONBUILD triggers, and remove them from the config, since the config will be committed.
+	onBuildTriggers := b.runConfig.OnBuild
+	b.runConfig.OnBuild = []string{}
+
+	// parse the ONBUILD triggers by invoking the parser
+	for _, step := range onBuildTriggers {
+		ast, err := parser.Parse(strings.NewReader(step))
+		if err != nil {
+			return err
+		}
+
+		for i, n := range ast.Children {
+			switch strings.ToUpper(n.Value) {
+			case "ONBUILD":
+				return fmt.Errorf("Chaining ONBUILD via `ONBUILD ONBUILD` isn't allowed")
+			case "MAINTAINER", "FROM":
+				return fmt.Errorf("%s isn't allowed as an ONBUILD trigger", n.Value)
+			}
+
+			if err := b.dispatch(i, n); err != nil {
+				return err
+			}
+		}
+	}
+
+	return nil
+}
+
+// probeCache checks if `b.docker` implements builder.ImageCache and image-caching
+// is enabled (`b.UseCache`).
+// If so attempts to look up the current `b.image` and `b.runConfig` pair with `b.docker`.
+// If an image is found, probeCache returns `(true, nil)`.
+// If no image is found, it returns `(false, nil)`.
+// If there is any error, it returns `(false, err)`.
+func (b *Builder) probeCache() (bool, error) {
+	c, ok := b.docker.(builder.ImageCache)
+	if !ok || b.options.NoCache || b.cacheBusted {
+		return false, nil
+	}
+	cache, err := c.GetCachedImageOnBuild(b.image, b.runConfig)
+	if err != nil {
+		return false, err
+	}
+	if len(cache) == 0 {
+		logrus.Debugf("[BUILDER] Cache miss: %s", b.runConfig.Cmd)
+		b.cacheBusted = true
+		return false, nil
+	}
+
+	fmt.Fprintf(b.Stdout, " ---> Using cache\n")
+	logrus.Debugf("[BUILDER] Use cached version: %s", b.runConfig.Cmd)
+	b.image = string(cache)
+
+	return true, nil
+}
+
+func (b *Builder) create() (string, error) {
+	if b.image == "" && !b.noBaseImage {
+		return "", fmt.Errorf("Please provide a source image with `from` prior to run")
+	}
+	b.runConfig.Image = b.image
+
+	resources := container.Resources{
+		CgroupParent: b.options.CgroupParent,
+		CPUShares:    b.options.CPUShares,
+		CPUPeriod:    b.options.CPUPeriod,
+		CPUQuota:     b.options.CPUQuota,
+		CpusetCpus:   b.options.CPUSetCPUs,
+		CpusetMems:   b.options.CPUSetMems,
+		Memory:       b.options.Memory,
+		MemorySwap:   b.options.MemorySwap,
+		Ulimits:      b.options.Ulimits,
+	}
+
+	// TODO: why not embed a hostconfig in builder?
+	hostConfig := &container.HostConfig{
+		Isolation: b.options.Isolation,
+		ShmSize:   b.options.ShmSize,
+		Resources: resources,
+	}
+
+	config := *b.runConfig
+
+	// Create the container
+	c, err := b.docker.ContainerCreate(types.ContainerCreateConfig{
+		Config:     b.runConfig,
+		HostConfig: hostConfig,
+	})
+	if err != nil {
+		return "", err
+	}
+	for _, warning := range c.Warnings {
+		fmt.Fprintf(b.Stdout, " ---> [Warning] %s\n", warning)
+	}
+
+	b.tmpContainers[c.ID] = struct{}{}
+	fmt.Fprintf(b.Stdout, " ---> Running in %s\n", stringid.TruncateID(c.ID))
+
+	// override the entry point that may have been picked up from the base image
+	if err := b.docker.ContainerUpdateCmdOnBuild(c.ID, config.Cmd); err != nil {
+		return "", err
+	}
+
+	return c.ID, nil
+}
+
+func (b *Builder) run(cID string) (err error) {
+	errCh := make(chan error)
+	go func() {
+		errCh <- b.docker.ContainerAttachRaw(cID, nil, b.Stdout, b.Stderr, true)
+	}()
+
+	finished := make(chan struct{})
+	defer close(finished)
+	go func() {
+		select {
+		case <-b.cancelled:
+			logrus.Debugln("Build cancelled, killing and removing container:", cID)
+			b.docker.ContainerKill(cID, 0)
+			b.removeContainer(cID)
+		case <-finished:
+		}
+	}()
+
+	if err := b.docker.ContainerStart(cID, nil); err != nil {
+		return err
+	}
+
+	// Block on reading output from container, stop on err or chan closed
+	if err := <-errCh; err != nil {
+		return err
+	}
+
+	if ret, _ := b.docker.ContainerWait(cID, -1); ret != 0 {
+		// TODO: change error type, because jsonmessage.JSONError assumes HTTP
+		return &jsonmessage.JSONError{
+			Message: fmt.Sprintf("The command '%s' returned a non-zero code: %d", strings.Join(b.runConfig.Cmd, " "), ret),
+			Code:    ret,
+		}
+	}
+
+	return nil
+}
+
+func (b *Builder) removeContainer(c string) error {
+	rmConfig := &types.ContainerRmConfig{
+		ForceRemove:  true,
+		RemoveVolume: true,
+	}
+	if err := b.docker.ContainerRm(c, rmConfig); err != nil {
+		fmt.Fprintf(b.Stdout, "Error removing intermediate container %s: %v\n", stringid.TruncateID(c), err)
+		return err
+	}
+	return nil
+}
+
+func (b *Builder) clearTmp() {
+	for c := range b.tmpContainers {
+		if err := b.removeContainer(c); err != nil {
+			return
+		}
+		delete(b.tmpContainers, c)
+		fmt.Fprintf(b.Stdout, "Removing intermediate container %s\n", stringid.TruncateID(c))
+	}
+}
+
+// readDockerfile reads a Dockerfile from the current context.
+func (b *Builder) readDockerfile() error {
+	// If no -f was specified then look for 'Dockerfile'. If we can't find
+	// that then look for 'dockerfile'.  If neither are found then default
+	// back to 'Dockerfile' and use that in the error message.
+	if b.options.Dockerfile == "" {
+		b.options.Dockerfile = builder.DefaultDockerfileName
+		if _, _, err := b.context.Stat(b.options.Dockerfile); os.IsNotExist(err) {
+			lowercase := strings.ToLower(b.options.Dockerfile)
+			if _, _, err := b.context.Stat(lowercase); err == nil {
+				b.options.Dockerfile = lowercase
+			}
+		}
+	}
+
+	f, err := b.context.Open(b.options.Dockerfile)
+	if err != nil {
+		if os.IsNotExist(err) {
+			return fmt.Errorf("Cannot locate specified Dockerfile: %s", b.options.Dockerfile)
+		}
+		return err
+	}
+	if f, ok := f.(*os.File); ok {
+		// ignoring error because Open already succeeded
+		fi, err := f.Stat()
+		if err != nil {
+			return fmt.Errorf("Unexpected error reading Dockerfile: %v", err)
+		}
+		if fi.Size() == 0 {
+			return fmt.Errorf("The Dockerfile (%s) cannot be empty", b.options.Dockerfile)
+		}
+	}
+	b.dockerfile, err = parser.Parse(f)
+	f.Close()
+	if err != nil {
+		return err
+	}
+
+	// After the Dockerfile has been parsed, we need to check the .dockerignore
+	// file for either "Dockerfile" or ".dockerignore", and if either are
+	// present then erase them from the build context. These files should never
+	// have been sent from the client but we did send them to make sure that
+	// we had the Dockerfile to actually parse, and then we also need the
+	// .dockerignore file to know whether either file should be removed.
+	// Note that this assumes the Dockerfile has been read into memory and
+	// is now safe to be removed.
+	if dockerIgnore, ok := b.context.(builder.DockerIgnoreContext); ok {
+		dockerIgnore.Process([]string{b.options.Dockerfile})
+	}
+	return nil
+}
+
+// determine if build arg is part of built-in args or user
+// defined args in Dockerfile at any point in time.
+func (b *Builder) isBuildArgAllowed(arg string) bool {
+	if _, ok := BuiltinAllowedBuildArgs[arg]; ok {
+		return true
+	}
+	if _, ok := b.allowedBuildArgs[arg]; ok {
+		return true
+	}
+	return false
+}
diff --git a/builder/dockerfile/parser/dumper/main.go b/builder/dockerfile/parser/dumper/main.go
new file mode 100644
index 00000000..8c357f4c
--- /dev/null
+++ b/builder/dockerfile/parser/dumper/main.go
@@ -0,0 +1,32 @@
+package main
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/docker/docker/builder/dockerfile/parser"
+)
+
+func main() {
+	var f *os.File
+	var err error
+
+	if len(os.Args) < 2 {
+		fmt.Println("please supply filename(s)")
+		os.Exit(1)
+	}
+
+	for _, fn := range os.Args[1:] {
+		f, err = os.Open(fn)
+		if err != nil {
+			panic(err)
+		}
+
+		ast, err := parser.Parse(f)
+		if err != nil {
+			panic(err)
+		} else {
+			fmt.Println(ast.Dump())
+		}
+	}
+}
diff --git a/builder/dockerfile/parser/json_test.go b/builder/dockerfile/parser/json_test.go
new file mode 100644
index 00000000..a256f845
--- /dev/null
+++ b/builder/dockerfile/parser/json_test.go
@@ -0,0 +1,55 @@
+package parser
+
+import (
+	"testing"
+)
+
+var invalidJSONArraysOfStrings = []string{
+	`["a",42,"b"]`,
+	`["a",123.456,"b"]`,
+	`["a",{},"b"]`,
+	`["a",{"c": "d"},"b"]`,
+	`["a",["c"],"b"]`,
+	`["a",true,"b"]`,
+	`["a",false,"b"]`,
+	`["a",null,"b"]`,
+}
+
+var validJSONArraysOfStrings = map[string][]string{
+	`[]`:           {},
+	`[""]`:         {""},
+	`["a"]`:        {"a"},
+	`["a","b"]`:    {"a", "b"},
+	`[ "a", "b" ]`: {"a", "b"},
+	`[	"a",	"b"	]`: {"a", "b"},
+	`	[	"a",	"b"	]	`: {"a", "b"},
+	`["abc 123", "♥", "☃", "\" \\ \/ \b \f \n \r \t \u0000"]`: {"abc 123", "♥", "☃", "\" \\ / \b \f \n \r \t \u0000"},
+}
+
+func TestJSONArraysOfStrings(t *testing.T) {
+	for json, expected := range validJSONArraysOfStrings {
+		if node, _, err := parseJSON(json); err != nil {
+			t.Fatalf("%q should be a valid JSON array of strings, but wasn't! (err: %q)", json, err)
+		} else {
+			i := 0
+			for node != nil {
+				if i >= len(expected) {
+					t.Fatalf("expected result is shorter than parsed result (%d vs %d+) in %q", len(expected), i+1, json)
+				}
+				if node.Value != expected[i] {
+					t.Fatalf("expected %q (not %q) in %q at pos %d", expected[i], node.Value, json, i)
+				}
+				node = node.Next
+				i++
+			}
+			if i != len(expected) {
+				t.Fatalf("expected result is longer than parsed result (%d vs %d) in %q", len(expected), i+1, json)
+			}
+		}
+	}
+	for _, json := range invalidJSONArraysOfStrings {
+		if _, _, err := parseJSON(json); err != errDockerfileNotStringArray {
+			t.Fatalf("%q should be an invalid JSON array of strings, but wasn't!", json)
+		}
+	}
+}
diff --git a/builder/dockerfile/parser/line_parsers.go b/builder/dockerfile/parser/line_parsers.go
new file mode 100644
index 00000000..1d7ece43
--- /dev/null
+++ b/builder/dockerfile/parser/line_parsers.go
@@ -0,0 +1,331 @@
+package parser
+
+// line parsers are dispatch calls that parse a single unit of text into a
+// Node object which contains the whole statement. Dockerfiles have varied
+// (but not usually unique, see ONBUILD for a unique example) parsing rules
+// per-command, and these unify the processing in a way that makes it
+// manageable.
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"strings"
+	"unicode"
+)
+
+var (
+	errDockerfileNotStringArray = errors.New("When using JSON array syntax, arrays must be comprised of strings only.")
+)
+
+// ignore the current argument. This will still leave a command parsed, but
+// will not incorporate the arguments into the ast.
+func parseIgnore(rest string) (*Node, map[string]bool, error) {
+	return &Node{}, nil, nil
+}
+
+// used for onbuild. Could potentially be used for anything that represents a
+// statement with sub-statements.
+//
+// ONBUILD RUN foo bar -> (onbuild (run foo bar))
+//
+func parseSubCommand(rest string) (*Node, map[string]bool, error) {
+	if rest == "" {
+		return nil, nil, nil
+	}
+
+	_, child, err := ParseLine(rest)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	return &Node{Children: []*Node{child}}, nil, nil
+}
+
+// helper to parse words (i.e space delimited or quoted strings) in a statement.
+// The quotes are preserved as part of this function and they are stripped later
+// as part of processWords().
+func parseWords(rest string) []string {
+	const (
+		inSpaces = iota // looking for start of a word
+		inWord
+		inQuote
+	)
+
+	words := []string{}
+	phase := inSpaces
+	word := ""
+	quote := '\000'
+	blankOK := false
+	var ch rune
+
+	for pos := 0; pos <= len(rest); pos++ {
+		if pos != len(rest) {
+			ch = rune(rest[pos])
+		}
+
+		if phase == inSpaces { // Looking for start of word
+			if pos == len(rest) { // end of input
+				break
+			}
+			if unicode.IsSpace(ch) { // skip spaces
+				continue
+			}
+			phase = inWord // found it, fall through
+		}
+		if (phase == inWord || phase == inQuote) && (pos == len(rest)) {
+			if blankOK || len(word) > 0 {
+				words = append(words, word)
+			}
+			break
+		}
+		if phase == inWord {
+			if unicode.IsSpace(ch) {
+				phase = inSpaces
+				if blankOK || len(word) > 0 {
+					words = append(words, word)
+				}
+				word = ""
+				blankOK = false
+				continue
+			}
+			if ch == '\'' || ch == '"' {
+				quote = ch
+				blankOK = true
+				phase = inQuote
+			}
+			if ch == '\\' {
+				if pos+1 == len(rest) {
+					continue // just skip \ at end
+				}
+				// If we're not quoted and we see a \, then always just
+				// add \ plus the char to the word, even if the char
+				// is a quote.
+				word += string(ch)
+				pos++
+				ch = rune(rest[pos])
+			}
+			word += string(ch)
+			continue
+		}
+		if phase == inQuote {
+			if ch == quote {
+				phase = inWord
+			}
+			// \ is special except for ' quotes - can't escape anything for '
+			if ch == '\\' && quote != '\'' {
+				if pos+1 == len(rest) {
+					phase = inWord
+					continue // just skip \ at end
+				}
+				pos++
+				nextCh := rune(rest[pos])
+				word += string(ch)
+				ch = nextCh
+			}
+			word += string(ch)
+		}
+	}
+
+	return words
+}
+
+// parse environment like statements. Note that this does *not* handle
+// variable interpolation, which will be handled in the evaluator.
+func parseNameVal(rest string, key string) (*Node, map[string]bool, error) {
+	// This is kind of tricky because we need to support the old
+	// variant:   KEY name value
+	// as well as the new one:    KEY name=value ...
+	// The trigger to know which one is being used will be whether we hit
+	// a space or = first.  space ==> old, "=" ==> new
+
+	words := parseWords(rest)
+	if len(words) == 0 {
+		return nil, nil, nil
+	}
+
+	var rootnode *Node
+
+	// Old format (KEY name value)
+	if !strings.Contains(words[0], "=") {
+		node := &Node{}
+		rootnode = node
+		strs := tokenWhitespace.Split(rest, 2)
+
+		if len(strs) < 2 {
+			return nil, nil, fmt.Errorf(key + " must have two arguments")
+		}
+
+		node.Value = strs[0]
+		node.Next = &Node{}
+		node.Next.Value = strs[1]
+	} else {
+		var prevNode *Node
+		for i, word := range words {
+			if !strings.Contains(word, "=") {
+				return nil, nil, fmt.Errorf("Syntax error - can't find = in %q. Must be of the form: name=value", word)
+			}
+			parts := strings.SplitN(word, "=", 2)
+
+			name := &Node{}
+			value := &Node{}
+
+			name.Next = value
+			name.Value = parts[0]
+			value.Value = parts[1]
+
+			if i == 0 {
+				rootnode = name
+			} else {
+				prevNode.Next = name
+			}
+			prevNode = value
+		}
+	}
+
+	return rootnode, nil, nil
+}
+
+func parseEnv(rest string) (*Node, map[string]bool, error) {
+	return parseNameVal(rest, "ENV")
+}
+
+func parseLabel(rest string) (*Node, map[string]bool, error) {
+	return parseNameVal(rest, "LABEL")
+}
+
+// parses a statement containing one or more keyword definition(s) and/or
+// value assignments, like `name1 name2= name3="" name4=value`.
+// Note that this is a stricter format than the old format of assignment,
+// allowed by parseNameVal(), in a way that this only allows assignment of the
+// form `keyword=[<value>]` like  `name2=`, `name3=""`, and `name4=value` above.
+// In addition, a keyword definition alone is of the form `keyword` like `name1`
+// above. And the assignments `name2=` and `name3=""` are equivalent and
+// assign an empty value to the respective keywords.
+func parseNameOrNameVal(rest string) (*Node, map[string]bool, error) {
+	words := parseWords(rest)
+	if len(words) == 0 {
+		return nil, nil, nil
+	}
+
+	var (
+		rootnode *Node
+		prevNode *Node
+	)
+	for i, word := range words {
+		node := &Node{}
+		node.Value = word
+		if i == 0 {
+			rootnode = node
+		} else {
+			prevNode.Next = node
+		}
+		prevNode = node
+	}
+
+	return rootnode, nil, nil
+}
+
+// parses a whitespace-delimited set of arguments. The result is effectively a
+// linked list of string arguments.
+func parseStringsWhitespaceDelimited(rest string) (*Node, map[string]bool, error) {
+	if rest == "" {
+		return nil, nil, nil
+	}
+
+	node := &Node{}
+	rootnode := node
+	prevnode := node
+	for _, str := range tokenWhitespace.Split(rest, -1) { // use regexp
+		prevnode = node
+		node.Value = str
+		node.Next = &Node{}
+		node = node.Next
+	}
+
+	// XXX to get around regexp.Split *always* providing an empty string at the
+	// end due to how our loop is constructed, nil out the last node in the
+	// chain.
+	prevnode.Next = nil
+
+	return rootnode, nil, nil
+}
+
+// parsestring just wraps the string in quotes and returns a working node.
+func parseString(rest string) (*Node, map[string]bool, error) {
+	if rest == "" {
+		return nil, nil, nil
+	}
+	n := &Node{}
+	n.Value = rest
+	return n, nil, nil
+}
+
+// parseJSON converts JSON arrays to an AST.
+func parseJSON(rest string) (*Node, map[string]bool, error) {
+	rest = strings.TrimLeftFunc(rest, unicode.IsSpace)
+	if !strings.HasPrefix(rest, "[") {
+		return nil, nil, fmt.Errorf(`Error parsing "%s" as a JSON array`, rest)
+	}
+
+	var myJSON []interface{}
+	if err := json.NewDecoder(strings.NewReader(rest)).Decode(&myJSON); err != nil {
+		return nil, nil, err
+	}
+
+	var top, prev *Node
+	for _, str := range myJSON {
+		s, ok := str.(string)
+		if !ok {
+			return nil, nil, errDockerfileNotStringArray
+		}
+
+		node := &Node{Value: s}
+		if prev == nil {
+			top = node
+		} else {
+			prev.Next = node
+		}
+		prev = node
+	}
+
+	return top, map[string]bool{"json": true}, nil
+}
+
+// parseMaybeJSON determines if the argument appears to be a JSON array. If
+// so, passes to parseJSON; if not, quotes the result and returns a single
+// node.
+func parseMaybeJSON(rest string) (*Node, map[string]bool, error) {
+	if rest == "" {
+		return nil, nil, nil
+	}
+
+	node, attrs, err := parseJSON(rest)
+
+	if err == nil {
+		return node, attrs, nil
+	}
+	if err == errDockerfileNotStringArray {
+		return nil, nil, err
+	}
+
+	node = &Node{}
+	node.Value = rest
+	return node, nil, nil
+}
+
+// parseMaybeJSONToList determines if the argument appears to be a JSON array. If
+// so, passes to parseJSON; if not, attempts to parse it as a whitespace
+// delimited string.
+func parseMaybeJSONToList(rest string) (*Node, map[string]bool, error) {
+	node, attrs, err := parseJSON(rest)
+
+	if err == nil {
+		return node, attrs, nil
+	}
+	if err == errDockerfileNotStringArray {
+		return nil, nil, err
+	}
+
+	return parseStringsWhitespaceDelimited(rest)
+}
diff --git a/builder/dockerfile/parser/parser.go b/builder/dockerfile/parser/parser.go
new file mode 100644
index 00000000..ece601a9
--- /dev/null
+++ b/builder/dockerfile/parser/parser.go
@@ -0,0 +1,161 @@
+// Package parser implements a parser and parse tree dumper for Dockerfiles.
+package parser
+
+import (
+	"bufio"
+	"io"
+	"regexp"
+	"strings"
+	"unicode"
+
+	"github.com/docker/docker/builder/dockerfile/command"
+)
+
+// Node is a structure used to represent a parse tree.
+//
+// In the node there are three fields, Value, Next, and Children. Value is the
+// current token's string value. Next is always the next non-child token, and
+// children contains all the children. Here's an example:
+//
+// (value next (child child-next child-next-next) next-next)
+//
+// This data structure is frankly pretty lousy for handling complex languages,
+// but lucky for us the Dockerfile isn't very complicated. This structure
+// works a little more effectively than a "proper" parse tree for our needs.
+//
+type Node struct {
+	Value      string          // actual content
+	Next       *Node           // the next item in the current sexp
+	Children   []*Node         // the children of this sexp
+	Attributes map[string]bool // special attributes for this node
+	Original   string          // original line used before parsing
+	Flags      []string        // only top Node should have this set
+	StartLine  int             // the line in the original dockerfile where the node begins
+	EndLine    int             // the line in the original dockerfile where the node ends
+}
+
+var (
+	dispatch              map[string]func(string) (*Node, map[string]bool, error)
+	tokenWhitespace       = regexp.MustCompile(`[\t\v\f\r ]+`)
+	tokenLineContinuation = regexp.MustCompile(`\\[ \t]*$`)
+	tokenComment          = regexp.MustCompile(`^#.*$`)
+)
+
+func init() {
+	// Dispatch Table. see line_parsers.go for the parse functions.
+	// The command is parsed and mapped to the line parser. The line parser
+	// receives the arguments but not the command, and returns an AST after
+	// reformulating the arguments according to the rules in the parser
+	// functions. Errors are propagated up by Parse() and the resulting AST can
+	// be incorporated directly into the existing AST as a next.
+	dispatch = map[string]func(string) (*Node, map[string]bool, error){
+		command.User:       parseString,
+		command.Onbuild:    parseSubCommand,
+		command.Workdir:    parseString,
+		command.Env:        parseEnv,
+		command.Label:      parseLabel,
+		command.Maintainer: parseString,
+		command.From:       parseString,
+		command.Add:        parseMaybeJSONToList,
+		command.Copy:       parseMaybeJSONToList,
+		command.Run:        parseMaybeJSON,
+		command.Cmd:        parseMaybeJSON,
+		command.Entrypoint: parseMaybeJSON,
+		command.Expose:     parseStringsWhitespaceDelimited,
+		command.Volume:     parseMaybeJSONToList,
+		command.StopSignal: parseString,
+		command.Arg:        parseNameOrNameVal,
+	}
+}
+
+// ParseLine parse a line and return the remainder.
+func ParseLine(line string) (string, *Node, error) {
+	if line = stripComments(line); line == "" {
+		return "", nil, nil
+	}
+
+	if tokenLineContinuation.MatchString(line) {
+		line = tokenLineContinuation.ReplaceAllString(line, "")
+		return line, nil, nil
+	}
+
+	cmd, flags, args, err := splitCommand(line)
+	if err != nil {
+		return "", nil, err
+	}
+
+	node := &Node{}
+	node.Value = cmd
+
+	sexp, attrs, err := fullDispatch(cmd, args)
+	if err != nil {
+		return "", nil, err
+	}
+
+	node.Next = sexp
+	node.Attributes = attrs
+	node.Original = line
+	node.Flags = flags
+
+	return "", node, nil
+}
+
+// Parse is the main parse routine.
+// It handles an io.ReadWriteCloser and returns the root of the AST.
+func Parse(rwc io.Reader) (*Node, error) {
+	currentLine := 0
+	root := &Node{}
+	root.StartLine = -1
+	scanner := bufio.NewScanner(rwc)
+
+	for scanner.Scan() {
+		scannedLine := strings.TrimLeftFunc(scanner.Text(), unicode.IsSpace)
+		currentLine++
+		line, child, err := ParseLine(scannedLine)
+		if err != nil {
+			return nil, err
+		}
+		startLine := currentLine
+
+		if line != "" && child == nil {
+			for scanner.Scan() {
+				newline := scanner.Text()
+				currentLine++
+
+				if stripComments(strings.TrimSpace(newline)) == "" {
+					continue
+				}
+
+				line, child, err = ParseLine(line + newline)
+				if err != nil {
+					return nil, err
+				}
+
+				if child != nil {
+					break
+				}
+			}
+			if child == nil && line != "" {
+				_, child, err = ParseLine(line)
+				if err != nil {
+					return nil, err
+				}
+			}
+		}
+
+		if child != nil {
+			// Update the line information for the current child.
+			child.StartLine = startLine
+			child.EndLine = currentLine
+			// Update the line information for the root. The starting line of the root is always the
+			// starting line of the first child and the ending line is the ending line of the last child.
+			if root.StartLine < 0 {
+				root.StartLine = currentLine
+			}
+			root.EndLine = currentLine
+			root.Children = append(root.Children, child)
+		}
+	}
+
+	return root, nil
+}
diff --git a/builder/dockerfile/parser/parser_test.go b/builder/dockerfile/parser/parser_test.go
new file mode 100644
index 00000000..983a590a
--- /dev/null
+++ b/builder/dockerfile/parser/parser_test.go
@@ -0,0 +1,154 @@
+package parser
+
+import (
+	"bytes"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"runtime"
+	"testing"
+)
+
+const testDir = "testfiles"
+const negativeTestDir = "testfiles-negative"
+const testFileLineInfo = "testfile-line/Dockerfile"
+
+func getDirs(t *testing.T, dir string) []string {
+	f, err := os.Open(dir)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	defer f.Close()
+
+	dirs, err := f.Readdirnames(0)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	return dirs
+}
+
+func TestTestNegative(t *testing.T) {
+	for _, dir := range getDirs(t, negativeTestDir) {
+		dockerfile := filepath.Join(negativeTestDir, dir, "Dockerfile")
+
+		df, err := os.Open(dockerfile)
+		if err != nil {
+			t.Fatalf("Dockerfile missing for %s: %v", dir, err)
+		}
+
+		_, err = Parse(df)
+		if err == nil {
+			t.Fatalf("No error parsing broken dockerfile for %s", dir)
+		}
+
+		df.Close()
+	}
+}
+
+func TestTestData(t *testing.T) {
+	for _, dir := range getDirs(t, testDir) {
+		dockerfile := filepath.Join(testDir, dir, "Dockerfile")
+		resultfile := filepath.Join(testDir, dir, "result")
+
+		df, err := os.Open(dockerfile)
+		if err != nil {
+			t.Fatalf("Dockerfile missing for %s: %v", dir, err)
+		}
+		defer df.Close()
+
+		ast, err := Parse(df)
+		if err != nil {
+			t.Fatalf("Error parsing %s's dockerfile: %v", dir, err)
+		}
+
+		content, err := ioutil.ReadFile(resultfile)
+		if err != nil {
+			t.Fatalf("Error reading %s's result file: %v", dir, err)
+		}
+
+		if runtime.GOOS == "windows" {
+			// CRLF --> CR to match Unix behavior
+			content = bytes.Replace(content, []byte{'\x0d', '\x0a'}, []byte{'\x0a'}, -1)
+		}
+
+		if ast.Dump()+"\n" != string(content) {
+			fmt.Fprintln(os.Stderr, "Result:\n"+ast.Dump())
+			fmt.Fprintln(os.Stderr, "Expected:\n"+string(content))
+			t.Fatalf("%s: AST dump of dockerfile does not match result", dir)
+		}
+	}
+}
+
+func TestParseWords(t *testing.T) {
+	tests := []map[string][]string{
+		{
+			"input":  {"foo"},
+			"expect": {"foo"},
+		},
+		{
+			"input":  {"foo bar"},
+			"expect": {"foo", "bar"},
+		},
+		{
+			"input":  {"foo=bar"},
+			"expect": {"foo=bar"},
+		},
+		{
+			"input":  {"foo bar 'abc xyz'"},
+			"expect": {"foo", "bar", "'abc xyz'"},
+		},
+		{
+			"input":  {`foo bar "abc xyz"`},
+			"expect": {"foo", "bar", `"abc xyz"`},
+		},
+	}
+
+	for _, test := range tests {
+		words := parseWords(test["input"][0])
+		if len(words) != len(test["expect"]) {
+			t.Fatalf("length check failed. input: %v, expect: %v, output: %v", test["input"][0], test["expect"], words)
+		}
+		for i, word := range words {
+			if word != test["expect"][i] {
+				t.Fatalf("word check failed for word: %q. input: %v, expect: %v, output: %v", word, test["input"][0], test["expect"], words)
+			}
+		}
+	}
+}
+
+func TestLineInformation(t *testing.T) {
+	df, err := os.Open(testFileLineInfo)
+	if err != nil {
+		t.Fatalf("Dockerfile missing for %s: %v", testFileLineInfo, err)
+	}
+	defer df.Close()
+
+	ast, err := Parse(df)
+	if err != nil {
+		t.Fatalf("Error parsing dockerfile %s: %v", testFileLineInfo, err)
+	}
+
+	if ast.StartLine != 4 || ast.EndLine != 30 {
+		fmt.Fprintf(os.Stderr, "Wrong root line information: expected(%d-%d), actual(%d-%d)\n", 4, 30, ast.StartLine, ast.EndLine)
+		t.Fatalf("Root line information doesn't match result.")
+	}
+	if len(ast.Children) != 3 {
+		fmt.Fprintf(os.Stderr, "Wrong number of child: expected(%d), actual(%d)\n", 3, len(ast.Children))
+		t.Fatalf("Root line information doesn't match result.")
+	}
+	expected := [][]int{
+		{4, 4},
+		{10, 11},
+		{16, 30},
+	}
+	for i, child := range ast.Children {
+		if child.StartLine != expected[i][0] || child.EndLine != expected[i][1] {
+			fmt.Fprintf(os.Stderr, "Wrong line information for child %d: expected(%d-%d), actual(%d-%d)\n",
+				i, expected[i][0], expected[i][1], child.StartLine, child.EndLine)
+			t.Fatalf("Root line information doesn't match result.")
+		}
+	}
+}
diff --git a/builder/dockerfile/parser/testfile-line/Dockerfile b/builder/dockerfile/parser/testfile-line/Dockerfile
new file mode 100644
index 00000000..0e77e85e
--- /dev/null
+++ b/builder/dockerfile/parser/testfile-line/Dockerfile
@@ -0,0 +1,34 @@
+
+
+
+FROM brimstone/ubuntu:14.04
+
+
+# TORUN -v /var/run/docker.sock:/var/run/docker.sock
+
+
+ENV GOPATH \
+/go
+
+
+
+# Install the packages we need, clean up after them and us
+RUN apt-get update \
+	&& dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.clean \
+
+
+    && apt-get install -y --no-install-recommends git golang ca-certificates \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists \
+
+	&& go get -v github.com/brimstone/consuldock \
+    && mv $GOPATH/bin/consuldock /usr/local/bin/consuldock \
+
+	&& dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.dirty \
+	&& apt-get remove --purge -y $(diff /tmp/dpkg.clean /tmp/dpkg.dirty | awk '/^>/ {print $2}') \
+	&& rm /tmp/dpkg.* \
+	&& rm -rf $GOPATH
+
+
+
+
diff --git a/builder/dockerfile/parser/testfiles-negative/env_no_value/Dockerfile b/builder/dockerfile/parser/testfiles-negative/env_no_value/Dockerfile
new file mode 100644
index 00000000..1d655787
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles-negative/env_no_value/Dockerfile
@@ -0,0 +1,3 @@
+FROM busybox
+
+ENV PATH
diff --git a/builder/dockerfile/parser/testfiles-negative/shykes-nested-json/Dockerfile b/builder/dockerfile/parser/testfiles-negative/shykes-nested-json/Dockerfile
new file mode 100644
index 00000000..d1be4596
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles-negative/shykes-nested-json/Dockerfile
@@ -0,0 +1 @@
+CMD [ "echo", [ "nested json" ] ]
diff --git a/builder/dockerfile/parser/testfiles/ADD-COPY-with-JSON/Dockerfile b/builder/dockerfile/parser/testfiles/ADD-COPY-with-JSON/Dockerfile
new file mode 100644
index 00000000..00b444cb
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/ADD-COPY-with-JSON/Dockerfile
@@ -0,0 +1,11 @@
+FROM	ubuntu:14.04
+MAINTAINER	Seongyeol Lim <seongyeol37@gmail.com>
+
+COPY	.	/go/src/github.com/docker/docker
+ADD		.	/
+ADD		null /
+COPY	nullfile /tmp
+ADD		[ "vimrc", "/tmp" ]
+COPY	[ "bashrc", "/tmp" ]
+COPY	[ "test file", "/tmp" ]
+ADD		[ "test file", "/tmp/test file" ]
diff --git a/builder/dockerfile/parser/testfiles/ADD-COPY-with-JSON/result b/builder/dockerfile/parser/testfiles/ADD-COPY-with-JSON/result
new file mode 100644
index 00000000..85aee640
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/ADD-COPY-with-JSON/result
@@ -0,0 +1,10 @@
+(from "ubuntu:14.04")
+(maintainer "Seongyeol Lim <seongyeol37@gmail.com>")
+(copy "." "/go/src/github.com/docker/docker")
+(add "." "/")
+(add "null" "/")
+(copy "nullfile" "/tmp")
+(add "vimrc" "/tmp")
+(copy "bashrc" "/tmp")
+(copy "test file" "/tmp")
+(add "test file" "/tmp/test file")
diff --git a/builder/dockerfile/parser/testfiles/brimstone-consuldock/Dockerfile b/builder/dockerfile/parser/testfiles/brimstone-consuldock/Dockerfile
new file mode 100644
index 00000000..5c75a2e0
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/brimstone-consuldock/Dockerfile
@@ -0,0 +1,25 @@
+FROM brimstone/ubuntu:14.04
+
+MAINTAINER brimstone@the.narro.ws
+
+# TORUN -v /var/run/docker.sock:/var/run/docker.sock
+
+ENV GOPATH /go
+
+# Set our command
+ENTRYPOINT ["/usr/local/bin/consuldock"]
+
+# Install the packages we need, clean up after them and us
+RUN apt-get update \
+	&& dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.clean \
+    && apt-get install -y --no-install-recommends git golang ca-certificates \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists \
+
+	&& go get -v github.com/brimstone/consuldock \
+    && mv $GOPATH/bin/consuldock /usr/local/bin/consuldock \
+
+	&& dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.dirty \
+	&& apt-get remove --purge -y $(diff /tmp/dpkg.clean /tmp/dpkg.dirty | awk '/^>/ {print $2}') \
+	&& rm /tmp/dpkg.* \
+	&& rm -rf $GOPATH
diff --git a/builder/dockerfile/parser/testfiles/brimstone-consuldock/result b/builder/dockerfile/parser/testfiles/brimstone-consuldock/result
new file mode 100644
index 00000000..227f748c
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/brimstone-consuldock/result
@@ -0,0 +1,5 @@
+(from "brimstone/ubuntu:14.04")
+(maintainer "brimstone@the.narro.ws")
+(env "GOPATH" "/go")
+(entrypoint "/usr/local/bin/consuldock")
+(run "apt-get update \t&& dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.clean     && apt-get install -y --no-install-recommends git golang ca-certificates     && apt-get clean     && rm -rf /var/lib/apt/lists \t&& go get -v github.com/brimstone/consuldock     && mv $GOPATH/bin/consuldock /usr/local/bin/consuldock \t&& dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.dirty \t&& apt-get remove --purge -y $(diff /tmp/dpkg.clean /tmp/dpkg.dirty | awk '/^>/ {print $2}') \t&& rm /tmp/dpkg.* \t&& rm -rf $GOPATH")
diff --git a/builder/dockerfile/parser/testfiles/brimstone-docker-consul/Dockerfile b/builder/dockerfile/parser/testfiles/brimstone-docker-consul/Dockerfile
new file mode 100644
index 00000000..25ae3521
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/brimstone-docker-consul/Dockerfile
@@ -0,0 +1,52 @@
+FROM brimstone/ubuntu:14.04
+
+CMD []
+
+ENTRYPOINT ["/usr/bin/consul", "agent", "-server", "-data-dir=/consul", "-client=0.0.0.0", "-ui-dir=/webui"]
+
+EXPOSE 8500 8600 8400 8301 8302
+
+RUN apt-get update \
+    && apt-get install -y unzip wget \
+	&& apt-get clean \
+	&& rm -rf /var/lib/apt/lists
+
+RUN cd /tmp \
+    && wget https://dl.bintray.com/mitchellh/consul/0.3.1_web_ui.zip \
+       -O web_ui.zip \
+    && unzip web_ui.zip \
+    && mv dist /webui \
+    && rm web_ui.zip
+
+RUN apt-get update \
+	&& dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.clean \
+    && apt-get install -y --no-install-recommends unzip wget \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists \
+
+    && cd /tmp \
+    && wget https://dl.bintray.com/mitchellh/consul/0.3.1_web_ui.zip \
+       -O web_ui.zip \
+    && unzip web_ui.zip \
+    && mv dist /webui \
+    && rm web_ui.zip \
+
+	&& dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.dirty \
+	&& apt-get remove --purge -y $(diff /tmp/dpkg.clean /tmp/dpkg.dirty | awk '/^>/ {print $2}') \
+	&& rm /tmp/dpkg.*
+
+ENV GOPATH /go
+
+RUN apt-get update \
+	&& dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.clean \
+    && apt-get install -y --no-install-recommends git golang ca-certificates build-essential \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists \
+
+	&& go get -v github.com/hashicorp/consul \
+	&& mv $GOPATH/bin/consul /usr/bin/consul \
+
+	&& dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.dirty \
+	&& apt-get remove --purge -y $(diff /tmp/dpkg.clean /tmp/dpkg.dirty | awk '/^>/ {print $2}') \
+	&& rm /tmp/dpkg.* \
+	&& rm -rf $GOPATH
diff --git a/builder/dockerfile/parser/testfiles/brimstone-docker-consul/result b/builder/dockerfile/parser/testfiles/brimstone-docker-consul/result
new file mode 100644
index 00000000..16492e51
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/brimstone-docker-consul/result
@@ -0,0 +1,9 @@
+(from "brimstone/ubuntu:14.04")
+(cmd)
+(entrypoint "/usr/bin/consul" "agent" "-server" "-data-dir=/consul" "-client=0.0.0.0" "-ui-dir=/webui")
+(expose "8500" "8600" "8400" "8301" "8302")
+(run "apt-get update     && apt-get install -y unzip wget \t&& apt-get clean \t&& rm -rf /var/lib/apt/lists")
+(run "cd /tmp     && wget https://dl.bintray.com/mitchellh/consul/0.3.1_web_ui.zip        -O web_ui.zip     && unzip web_ui.zip     && mv dist /webui     && rm web_ui.zip")
+(run "apt-get update \t&& dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.clean     && apt-get install -y --no-install-recommends unzip wget     && apt-get clean     && rm -rf /var/lib/apt/lists     && cd /tmp     && wget https://dl.bintray.com/mitchellh/consul/0.3.1_web_ui.zip        -O web_ui.zip     && unzip web_ui.zip     && mv dist /webui     && rm web_ui.zip \t&& dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.dirty \t&& apt-get remove --purge -y $(diff /tmp/dpkg.clean /tmp/dpkg.dirty | awk '/^>/ {print $2}') \t&& rm /tmp/dpkg.*")
+(env "GOPATH" "/go")
+(run "apt-get update \t&& dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.clean     && apt-get install -y --no-install-recommends git golang ca-certificates build-essential     && apt-get clean     && rm -rf /var/lib/apt/lists \t&& go get -v github.com/hashicorp/consul \t&& mv $GOPATH/bin/consul /usr/bin/consul \t&& dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.dirty \t&& apt-get remove --purge -y $(diff /tmp/dpkg.clean /tmp/dpkg.dirty | awk '/^>/ {print $2}') \t&& rm /tmp/dpkg.* \t&& rm -rf $GOPATH")
diff --git a/builder/dockerfile/parser/testfiles/continueIndent/Dockerfile b/builder/dockerfile/parser/testfiles/continueIndent/Dockerfile
new file mode 100644
index 00000000..42b324e7
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/continueIndent/Dockerfile
@@ -0,0 +1,36 @@
+FROM ubuntu:14.04
+
+RUN echo hello\
+  world\
+  goodnight  \
+  moon\
+  light\
+ning
+RUN echo hello  \
+  world
+RUN echo hello  \
+world
+RUN echo hello \
+goodbye\
+frog
+RUN echo hello  \  
+world
+RUN echo hi \
+ \
+ world \
+\
+ good\
+\
+night
+RUN echo goodbye\
+frog
+RUN echo good\
+bye\
+frog
+
+RUN echo hello \
+# this is a comment
+
+# this is a comment with a blank line surrounding it
+
+this is some more useful stuff
diff --git a/builder/dockerfile/parser/testfiles/continueIndent/result b/builder/dockerfile/parser/testfiles/continueIndent/result
new file mode 100644
index 00000000..268ae073
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/continueIndent/result
@@ -0,0 +1,10 @@
+(from "ubuntu:14.04")
+(run "echo hello  world  goodnight    moon  lightning")
+(run "echo hello    world")
+(run "echo hello  world")
+(run "echo hello goodbyefrog")
+(run "echo hello  world")
+(run "echo hi   world  goodnight")
+(run "echo goodbyefrog")
+(run "echo goodbyefrog")
+(run "echo hello this is some more useful stuff")
diff --git a/builder/dockerfile/parser/testfiles/cpuguy83-nagios/Dockerfile b/builder/dockerfile/parser/testfiles/cpuguy83-nagios/Dockerfile
new file mode 100644
index 00000000..8ccb71a5
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/cpuguy83-nagios/Dockerfile
@@ -0,0 +1,54 @@
+FROM cpuguy83/ubuntu
+ENV NAGIOS_HOME /opt/nagios
+ENV NAGIOS_USER nagios
+ENV NAGIOS_GROUP nagios
+ENV NAGIOS_CMDUSER nagios
+ENV NAGIOS_CMDGROUP nagios
+ENV NAGIOSADMIN_USER nagiosadmin
+ENV NAGIOSADMIN_PASS nagios
+ENV APACHE_RUN_USER nagios
+ENV APACHE_RUN_GROUP nagios
+ENV NAGIOS_TIMEZONE UTC
+
+RUN sed -i 's/universe/universe multiverse/' /etc/apt/sources.list
+RUN apt-get update && apt-get install -y iputils-ping netcat build-essential snmp snmpd snmp-mibs-downloader php5-cli apache2 libapache2-mod-php5 runit bc postfix bsd-mailx
+RUN ( egrep -i  "^${NAGIOS_GROUP}" /etc/group || groupadd $NAGIOS_GROUP ) && ( egrep -i "^${NAGIOS_CMDGROUP}" /etc/group || groupadd $NAGIOS_CMDGROUP )
+RUN ( id -u $NAGIOS_USER || useradd --system $NAGIOS_USER -g $NAGIOS_GROUP -d $NAGIOS_HOME ) && ( id -u $NAGIOS_CMDUSER || useradd --system -d $NAGIOS_HOME -g $NAGIOS_CMDGROUP $NAGIOS_CMDUSER )
+
+ADD http://downloads.sourceforge.net/project/nagios/nagios-3.x/nagios-3.5.1/nagios-3.5.1.tar.gz?r=http%3A%2F%2Fwww.nagios.org%2Fdownload%2Fcore%2Fthanks%2F%3Ft%3D1398863696&ts=1398863718&use_mirror=superb-dca3 /tmp/nagios.tar.gz
+RUN cd /tmp && tar -zxvf nagios.tar.gz && cd nagios  && ./configure --prefix=${NAGIOS_HOME} --exec-prefix=${NAGIOS_HOME} --enable-event-broker --with-nagios-command-user=${NAGIOS_CMDUSER} --with-command-group=${NAGIOS_CMDGROUP} --with-nagios-user=${NAGIOS_USER} --with-nagios-group=${NAGIOS_GROUP} && make all && make install && make install-config && make install-commandmode && cp sample-config/httpd.conf /etc/apache2/conf.d/nagios.conf
+ADD http://www.nagios-plugins.org/download/nagios-plugins-1.5.tar.gz /tmp/
+RUN cd /tmp && tar -zxvf nagios-plugins-1.5.tar.gz && cd nagios-plugins-1.5 && ./configure --prefix=${NAGIOS_HOME} && make && make install
+
+RUN sed -i.bak 's/.*\=www\-data//g' /etc/apache2/envvars
+RUN export DOC_ROOT="DocumentRoot $(echo $NAGIOS_HOME/share)"; sed -i "s,DocumentRoot.*,$DOC_ROOT," /etc/apache2/sites-enabled/000-default
+
+RUN ln -s ${NAGIOS_HOME}/bin/nagios /usr/local/bin/nagios && mkdir -p /usr/share/snmp/mibs && chmod 0755 /usr/share/snmp/mibs && touch /usr/share/snmp/mibs/.foo
+
+RUN echo "use_timezone=$NAGIOS_TIMEZONE" >> ${NAGIOS_HOME}/etc/nagios.cfg && echo "SetEnv TZ \"${NAGIOS_TIMEZONE}\"" >> /etc/apache2/conf.d/nagios.conf
+
+RUN mkdir -p ${NAGIOS_HOME}/etc/conf.d && mkdir -p ${NAGIOS_HOME}/etc/monitor && ln -s /usr/share/snmp/mibs ${NAGIOS_HOME}/libexec/mibs
+RUN echo "cfg_dir=${NAGIOS_HOME}/etc/conf.d" >> ${NAGIOS_HOME}/etc/nagios.cfg
+RUN echo "cfg_dir=${NAGIOS_HOME}/etc/monitor" >> ${NAGIOS_HOME}/etc/nagios.cfg
+RUN download-mibs && echo "mibs +ALL" > /etc/snmp/snmp.conf
+
+RUN sed -i 's,/bin/mail,/usr/bin/mail,' /opt/nagios/etc/objects/commands.cfg && \
+  sed -i 's,/usr/usr,/usr,' /opt/nagios/etc/objects/commands.cfg
+RUN cp /etc/services /var/spool/postfix/etc/
+
+RUN mkdir -p /etc/sv/nagios && mkdir -p /etc/sv/apache && rm -rf /etc/sv/getty-5 && mkdir -p /etc/sv/postfix
+ADD nagios.init /etc/sv/nagios/run
+ADD apache.init /etc/sv/apache/run
+ADD postfix.init /etc/sv/postfix/run
+ADD postfix.stop /etc/sv/postfix/finish
+
+ADD start.sh /usr/local/bin/start_nagios
+
+ENV APACHE_LOCK_DIR /var/run
+ENV APACHE_LOG_DIR /var/log/apache2
+
+EXPOSE 80
+
+VOLUME ["/opt/nagios/var", "/opt/nagios/etc", "/opt/nagios/libexec", "/var/log/apache2", "/usr/share/snmp/mibs"]
+
+CMD ["/usr/local/bin/start_nagios"]
diff --git a/builder/dockerfile/parser/testfiles/cpuguy83-nagios/result b/builder/dockerfile/parser/testfiles/cpuguy83-nagios/result
new file mode 100644
index 00000000..25dd3ddf
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/cpuguy83-nagios/result
@@ -0,0 +1,40 @@
+(from "cpuguy83/ubuntu")
+(env "NAGIOS_HOME" "/opt/nagios")
+(env "NAGIOS_USER" "nagios")
+(env "NAGIOS_GROUP" "nagios")
+(env "NAGIOS_CMDUSER" "nagios")
+(env "NAGIOS_CMDGROUP" "nagios")
+(env "NAGIOSADMIN_USER" "nagiosadmin")
+(env "NAGIOSADMIN_PASS" "nagios")
+(env "APACHE_RUN_USER" "nagios")
+(env "APACHE_RUN_GROUP" "nagios")
+(env "NAGIOS_TIMEZONE" "UTC")
+(run "sed -i 's/universe/universe multiverse/' /etc/apt/sources.list")
+(run "apt-get update && apt-get install -y iputils-ping netcat build-essential snmp snmpd snmp-mibs-downloader php5-cli apache2 libapache2-mod-php5 runit bc postfix bsd-mailx")
+(run "( egrep -i  \"^${NAGIOS_GROUP}\" /etc/group || groupadd $NAGIOS_GROUP ) && ( egrep -i \"^${NAGIOS_CMDGROUP}\" /etc/group || groupadd $NAGIOS_CMDGROUP )")
+(run "( id -u $NAGIOS_USER || useradd --system $NAGIOS_USER -g $NAGIOS_GROUP -d $NAGIOS_HOME ) && ( id -u $NAGIOS_CMDUSER || useradd --system -d $NAGIOS_HOME -g $NAGIOS_CMDGROUP $NAGIOS_CMDUSER )")
+(add "http://downloads.sourceforge.net/project/nagios/nagios-3.x/nagios-3.5.1/nagios-3.5.1.tar.gz?r=http%3A%2F%2Fwww.nagios.org%2Fdownload%2Fcore%2Fthanks%2F%3Ft%3D1398863696&ts=1398863718&use_mirror=superb-dca3" "/tmp/nagios.tar.gz")
+(run "cd /tmp && tar -zxvf nagios.tar.gz && cd nagios  && ./configure --prefix=${NAGIOS_HOME} --exec-prefix=${NAGIOS_HOME} --enable-event-broker --with-nagios-command-user=${NAGIOS_CMDUSER} --with-command-group=${NAGIOS_CMDGROUP} --with-nagios-user=${NAGIOS_USER} --with-nagios-group=${NAGIOS_GROUP} && make all && make install && make install-config && make install-commandmode && cp sample-config/httpd.conf /etc/apache2/conf.d/nagios.conf")
+(add "http://www.nagios-plugins.org/download/nagios-plugins-1.5.tar.gz" "/tmp/")
+(run "cd /tmp && tar -zxvf nagios-plugins-1.5.tar.gz && cd nagios-plugins-1.5 && ./configure --prefix=${NAGIOS_HOME} && make && make install")
+(run "sed -i.bak 's/.*\\=www\\-data//g' /etc/apache2/envvars")
+(run "export DOC_ROOT=\"DocumentRoot $(echo $NAGIOS_HOME/share)\"; sed -i \"s,DocumentRoot.*,$DOC_ROOT,\" /etc/apache2/sites-enabled/000-default")
+(run "ln -s ${NAGIOS_HOME}/bin/nagios /usr/local/bin/nagios && mkdir -p /usr/share/snmp/mibs && chmod 0755 /usr/share/snmp/mibs && touch /usr/share/snmp/mibs/.foo")
+(run "echo \"use_timezone=$NAGIOS_TIMEZONE\" >> ${NAGIOS_HOME}/etc/nagios.cfg && echo \"SetEnv TZ \\\"${NAGIOS_TIMEZONE}\\\"\" >> /etc/apache2/conf.d/nagios.conf")
+(run "mkdir -p ${NAGIOS_HOME}/etc/conf.d && mkdir -p ${NAGIOS_HOME}/etc/monitor && ln -s /usr/share/snmp/mibs ${NAGIOS_HOME}/libexec/mibs")
+(run "echo \"cfg_dir=${NAGIOS_HOME}/etc/conf.d\" >> ${NAGIOS_HOME}/etc/nagios.cfg")
+(run "echo \"cfg_dir=${NAGIOS_HOME}/etc/monitor\" >> ${NAGIOS_HOME}/etc/nagios.cfg")
+(run "download-mibs && echo \"mibs +ALL\" > /etc/snmp/snmp.conf")
+(run "sed -i 's,/bin/mail,/usr/bin/mail,' /opt/nagios/etc/objects/commands.cfg &&   sed -i 's,/usr/usr,/usr,' /opt/nagios/etc/objects/commands.cfg")
+(run "cp /etc/services /var/spool/postfix/etc/")
+(run "mkdir -p /etc/sv/nagios && mkdir -p /etc/sv/apache && rm -rf /etc/sv/getty-5 && mkdir -p /etc/sv/postfix")
+(add "nagios.init" "/etc/sv/nagios/run")
+(add "apache.init" "/etc/sv/apache/run")
+(add "postfix.init" "/etc/sv/postfix/run")
+(add "postfix.stop" "/etc/sv/postfix/finish")
+(add "start.sh" "/usr/local/bin/start_nagios")
+(env "APACHE_LOCK_DIR" "/var/run")
+(env "APACHE_LOG_DIR" "/var/log/apache2")
+(expose "80")
+(volume "/opt/nagios/var" "/opt/nagios/etc" "/opt/nagios/libexec" "/var/log/apache2" "/usr/share/snmp/mibs")
+(cmd "/usr/local/bin/start_nagios")
diff --git a/builder/dockerfile/parser/testfiles/docker/Dockerfile b/builder/dockerfile/parser/testfiles/docker/Dockerfile
new file mode 100644
index 00000000..9717adbd
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/docker/Dockerfile
@@ -0,0 +1,103 @@
+# This file describes the standard way to build Docker, using docker
+#
+# Usage:
+#
+# # Assemble the full dev environment. This is slow the first time.
+# docker build -t docker .
+#
+# # Mount your source in an interactive container for quick testing:
+# docker run -v `pwd`:/go/src/github.com/docker/docker --privileged -i -t docker bash
+#
+# # Run the test suite:
+# docker run --privileged docker hack/make.sh test
+#
+# # Publish a release:
+# docker run --privileged \
+#  -e AWS_S3_BUCKET=baz \
+#  -e AWS_ACCESS_KEY=foo \
+#  -e AWS_SECRET_KEY=bar \
+#  -e GPG_PASSPHRASE=gloubiboulga \
+#  docker hack/release.sh
+#
+# Note: AppArmor used to mess with privileged mode, but this is no longer
+# the case. Therefore, you don't have to disable it anymore.
+#
+
+FROM	ubuntu:14.04
+MAINTAINER	Tianon Gravi <admwiggin@gmail.com> (@tianon)
+
+# Packaged dependencies
+RUN	apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -yq \
+	apt-utils \
+	aufs-tools \
+	automake \
+	btrfs-tools \
+	build-essential \
+	curl \
+	dpkg-sig \
+	git \
+	iptables \
+	libapparmor-dev \
+	libcap-dev \
+	libsqlite3-dev \
+	mercurial \
+	pandoc \
+	parallel \
+	reprepro \
+	ruby1.9.1 \
+	ruby1.9.1-dev \
+	s3cmd=1.1.0* \
+	--no-install-recommends
+
+# Get lvm2 source for compiling statically
+RUN	git clone --no-checkout https://git.fedorahosted.org/git/lvm2.git /usr/local/lvm2 && cd /usr/local/lvm2 && git checkout -q v2_02_103
+# see https://git.fedorahosted.org/cgit/lvm2.git/refs/tags for release tags
+# note: we don't use "git clone -b" above because it then spews big nasty warnings about 'detached HEAD' state that we can't silence as easily as we can silence them using "git checkout" directly
+
+# Compile and install lvm2
+RUN	cd /usr/local/lvm2 && ./configure --enable-static_link && make device-mapper && make install_device-mapper
+# see https://git.fedorahosted.org/cgit/lvm2.git/tree/INSTALL
+
+# Install Go
+RUN	curl -sSL https://golang.org/dl/go1.3.src.tar.gz | tar -v -C /usr/local -xz
+ENV	PATH	/usr/local/go/bin:$PATH
+ENV	GOPATH	/go:/go/src/github.com/docker/docker/vendor
+RUN	cd /usr/local/go/src && ./make.bash --no-clean 2>&1
+
+# Compile Go for cross compilation
+ENV	DOCKER_CROSSPLATFORMS	\
+	linux/386 linux/arm \
+	darwin/amd64 darwin/386 \
+	freebsd/amd64 freebsd/386 freebsd/arm
+# (set an explicit GOARM of 5 for maximum compatibility)
+ENV	GOARM	5
+RUN	cd /usr/local/go/src && bash -xc 'for platform in $DOCKER_CROSSPLATFORMS; do GOOS=${platform%/*} GOARCH=${platform##*/} ./make.bash --no-clean 2>&1; done'
+
+# Grab Go's cover tool for dead-simple code coverage testing
+RUN	go get golang.org/x/tools/cmd/cover
+
+# TODO replace FPM with some very minimal debhelper stuff
+RUN	gem install --no-rdoc --no-ri fpm --version 1.0.2
+
+# Get the "busybox" image source so we can build locally instead of pulling
+RUN	git clone -b buildroot-2014.02 https://github.com/jpetazzo/docker-busybox.git /docker-busybox
+
+# Setup s3cmd config
+RUN	/bin/echo -e '[default]\naccess_key=$AWS_ACCESS_KEY\nsecret_key=$AWS_SECRET_KEY' > /.s3cfg
+
+# Set user.email so crosbymichael's in-container merge commits go smoothly
+RUN	git config --global user.email 'docker-dummy@example.com'
+
+# Add an unprivileged user to be used for tests which need it
+RUN groupadd -r docker
+RUN useradd --create-home --gid docker unprivilegeduser
+
+VOLUME	/var/lib/docker
+WORKDIR	/go/src/github.com/docker/docker
+ENV	DOCKER_BUILDTAGS	apparmor selinux
+
+# Wrap all commands in the "docker-in-docker" script to allow nested containers
+ENTRYPOINT	["hack/dind"]
+
+# Upload docker source
+COPY	.	/go/src/github.com/docker/docker
diff --git a/builder/dockerfile/parser/testfiles/docker/result b/builder/dockerfile/parser/testfiles/docker/result
new file mode 100644
index 00000000..d032f9ba
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/docker/result
@@ -0,0 +1,24 @@
+(from "ubuntu:14.04")
+(maintainer "Tianon Gravi <admwiggin@gmail.com> (@tianon)")
+(run "apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -yq \tapt-utils \taufs-tools \tautomake \tbtrfs-tools \tbuild-essential \tcurl \tdpkg-sig \tgit \tiptables \tlibapparmor-dev \tlibcap-dev \tlibsqlite3-dev \tmercurial \tpandoc \tparallel \treprepro \truby1.9.1 \truby1.9.1-dev \ts3cmd=1.1.0* \t--no-install-recommends")
+(run "git clone --no-checkout https://git.fedorahosted.org/git/lvm2.git /usr/local/lvm2 && cd /usr/local/lvm2 && git checkout -q v2_02_103")
+(run "cd /usr/local/lvm2 && ./configure --enable-static_link && make device-mapper && make install_device-mapper")
+(run "curl -sSL https://golang.org/dl/go1.3.src.tar.gz | tar -v -C /usr/local -xz")
+(env "PATH" "/usr/local/go/bin:$PATH")
+(env "GOPATH" "/go:/go/src/github.com/docker/docker/vendor")
+(run "cd /usr/local/go/src && ./make.bash --no-clean 2>&1")
+(env "DOCKER_CROSSPLATFORMS" "linux/386 linux/arm \tdarwin/amd64 darwin/386 \tfreebsd/amd64 freebsd/386 freebsd/arm")
+(env "GOARM" "5")
+(run "cd /usr/local/go/src && bash -xc 'for platform in $DOCKER_CROSSPLATFORMS; do GOOS=${platform%/*} GOARCH=${platform##*/} ./make.bash --no-clean 2>&1; done'")
+(run "go get golang.org/x/tools/cmd/cover")
+(run "gem install --no-rdoc --no-ri fpm --version 1.0.2")
+(run "git clone -b buildroot-2014.02 https://github.com/jpetazzo/docker-busybox.git /docker-busybox")
+(run "/bin/echo -e '[default]\\naccess_key=$AWS_ACCESS_KEY\\nsecret_key=$AWS_SECRET_KEY' > /.s3cfg")
+(run "git config --global user.email 'docker-dummy@example.com'")
+(run "groupadd -r docker")
+(run "useradd --create-home --gid docker unprivilegeduser")
+(volume "/var/lib/docker")
+(workdir "/go/src/github.com/docker/docker")
+(env "DOCKER_BUILDTAGS" "apparmor selinux")
+(entrypoint "hack/dind")
+(copy "." "/go/src/github.com/docker/docker")
diff --git a/builder/dockerfile/parser/testfiles/env/Dockerfile b/builder/dockerfile/parser/testfiles/env/Dockerfile
new file mode 100644
index 00000000..08fa18ac
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/env/Dockerfile
@@ -0,0 +1,23 @@
+FROM ubuntu
+ENV name value
+ENV name=value
+ENV name=value name2=value2
+ENV name="value value1"
+ENV name=value\ value2
+ENV name="value'quote space'value2"
+ENV name='value"double quote"value2'
+ENV name=value\ value2 name2=value2\ value3
+ENV name="a\"b"
+ENV name="a\'b"
+ENV name='a\'b'
+ENV name='a\'b''
+ENV name='a\"b'
+ENV name="''"
+# don't put anything after the next line - it must be the last line of the
+# Dockerfile and it must end with \
+ENV name=value \
+    name1=value1 \
+    name2="value2a \
+           value2b" \
+    name3="value3a\n\"value3b\"" \
+	name4="value4a\\nvalue4b" \
diff --git a/builder/dockerfile/parser/testfiles/env/result b/builder/dockerfile/parser/testfiles/env/result
new file mode 100644
index 00000000..ba0a6dd7
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/env/result
@@ -0,0 +1,16 @@
+(from "ubuntu")
+(env "name" "value")
+(env "name" "value")
+(env "name" "value" "name2" "value2")
+(env "name" "\"value value1\"")
+(env "name" "value\\ value2")
+(env "name" "\"value'quote space'value2\"")
+(env "name" "'value\"double quote\"value2'")
+(env "name" "value\\ value2" "name2" "value2\\ value3")
+(env "name" "\"a\\\"b\"")
+(env "name" "\"a\\'b\"")
+(env "name" "'a\\'b'")
+(env "name" "'a\\'b''")
+(env "name" "'a\\\"b'")
+(env "name" "\"''\"")
+(env "name" "value" "name1" "value1" "name2" "\"value2a            value2b\"" "name3" "\"value3a\\n\\\"value3b\\\"\"" "name4" "\"value4a\\\\nvalue4b\"")
diff --git a/builder/dockerfile/parser/testfiles/escapes/Dockerfile b/builder/dockerfile/parser/testfiles/escapes/Dockerfile
new file mode 100644
index 00000000..1ffb17ef
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/escapes/Dockerfile
@@ -0,0 +1,14 @@
+FROM ubuntu:14.04
+MAINTAINER Erik \\Hollensbe <erik@hollensbe.org>\"
+
+RUN apt-get \update && \
+  apt-get \"install znc -y
+ADD \conf\\" /.znc
+
+RUN foo \
+
+bar \
+
+baz
+
+CMD [ "\/usr\\\"/bin/znc", "-f", "-r" ]
diff --git a/builder/dockerfile/parser/testfiles/escapes/result b/builder/dockerfile/parser/testfiles/escapes/result
new file mode 100644
index 00000000..13e409cb
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/escapes/result
@@ -0,0 +1,6 @@
+(from "ubuntu:14.04")
+(maintainer "Erik \\\\Hollensbe <erik@hollensbe.org>\\\"")
+(run "apt-get \\update &&   apt-get \\\"install znc -y")
+(add "\\conf\\\\\"" "/.znc")
+(run "foo bar baz")
+(cmd "/usr\\\"/bin/znc" "-f" "-r")
diff --git a/builder/dockerfile/parser/testfiles/flags/Dockerfile b/builder/dockerfile/parser/testfiles/flags/Dockerfile
new file mode 100644
index 00000000..2418e0f0
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/flags/Dockerfile
@@ -0,0 +1,10 @@
+FROM scratch
+COPY foo /tmp/
+COPY --user=me foo /tmp/
+COPY --doit=true foo /tmp/
+COPY --user=me --doit=true foo /tmp/
+COPY --doit=true -- foo /tmp/
+COPY -- foo /tmp/
+CMD --doit [ "a", "b" ]
+CMD --doit=true -- [ "a", "b" ]
+CMD --doit -- [ ]
diff --git a/builder/dockerfile/parser/testfiles/flags/result b/builder/dockerfile/parser/testfiles/flags/result
new file mode 100644
index 00000000..4578f4cb
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/flags/result
@@ -0,0 +1,10 @@
+(from "scratch")
+(copy "foo" "/tmp/")
+(copy ["--user=me"] "foo" "/tmp/")
+(copy ["--doit=true"] "foo" "/tmp/")
+(copy ["--user=me" "--doit=true"] "foo" "/tmp/")
+(copy ["--doit=true"] "foo" "/tmp/")
+(copy "foo" "/tmp/")
+(cmd ["--doit"] "a" "b")
+(cmd ["--doit=true"] "a" "b")
+(cmd ["--doit"])
diff --git a/builder/dockerfile/parser/testfiles/influxdb/Dockerfile b/builder/dockerfile/parser/testfiles/influxdb/Dockerfile
new file mode 100644
index 00000000..587fb9b5
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/influxdb/Dockerfile
@@ -0,0 +1,15 @@
+FROM ubuntu:14.04
+
+RUN apt-get update && apt-get install wget -y
+RUN wget http://s3.amazonaws.com/influxdb/influxdb_latest_amd64.deb
+RUN dpkg -i influxdb_latest_amd64.deb
+RUN rm -r /opt/influxdb/shared
+
+VOLUME /opt/influxdb/shared
+
+CMD /usr/bin/influxdb --pidfile /var/run/influxdb.pid -config /opt/influxdb/shared/config.toml
+
+EXPOSE 8083
+EXPOSE 8086
+EXPOSE 8090
+EXPOSE 8099
diff --git a/builder/dockerfile/parser/testfiles/influxdb/result b/builder/dockerfile/parser/testfiles/influxdb/result
new file mode 100644
index 00000000..0998e87e
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/influxdb/result
@@ -0,0 +1,11 @@
+(from "ubuntu:14.04")
+(run "apt-get update && apt-get install wget -y")
+(run "wget http://s3.amazonaws.com/influxdb/influxdb_latest_amd64.deb")
+(run "dpkg -i influxdb_latest_amd64.deb")
+(run "rm -r /opt/influxdb/shared")
+(volume "/opt/influxdb/shared")
+(cmd "/usr/bin/influxdb --pidfile /var/run/influxdb.pid -config /opt/influxdb/shared/config.toml")
+(expose "8083")
+(expose "8086")
+(expose "8090")
+(expose "8099")
diff --git a/builder/dockerfile/parser/testfiles/jeztah-invalid-json-json-inside-string-double/Dockerfile b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-json-inside-string-double/Dockerfile
new file mode 100644
index 00000000..39fe27d9
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-json-inside-string-double/Dockerfile
@@ -0,0 +1 @@
+CMD "[\"echo\", \"Phew, I just managed to escaped those double quotes\"]"
diff --git a/builder/dockerfile/parser/testfiles/jeztah-invalid-json-json-inside-string-double/result b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-json-inside-string-double/result
new file mode 100644
index 00000000..afc220c2
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-json-inside-string-double/result
@@ -0,0 +1 @@
+(cmd "\"[\\\"echo\\\", \\\"Phew, I just managed to escaped those double quotes\\\"]\"")
diff --git a/builder/dockerfile/parser/testfiles/jeztah-invalid-json-json-inside-string/Dockerfile b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-json-inside-string/Dockerfile
new file mode 100644
index 00000000..eaae081a
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-json-inside-string/Dockerfile
@@ -0,0 +1 @@
+CMD '["echo", "Well, JSON in a string is JSON too?"]'
diff --git a/builder/dockerfile/parser/testfiles/jeztah-invalid-json-json-inside-string/result b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-json-inside-string/result
new file mode 100644
index 00000000..484804e2
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-json-inside-string/result
@@ -0,0 +1 @@
+(cmd "'[\"echo\", \"Well, JSON in a string is JSON too?\"]'")
diff --git a/builder/dockerfile/parser/testfiles/jeztah-invalid-json-single-quotes/Dockerfile b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-single-quotes/Dockerfile
new file mode 100644
index 00000000..c3ac63c0
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-single-quotes/Dockerfile
@@ -0,0 +1 @@
+CMD ['echo','single quotes are invalid JSON']
diff --git a/builder/dockerfile/parser/testfiles/jeztah-invalid-json-single-quotes/result b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-single-quotes/result
new file mode 100644
index 00000000..61478912
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-single-quotes/result
@@ -0,0 +1 @@
+(cmd "['echo','single quotes are invalid JSON']")
diff --git a/builder/dockerfile/parser/testfiles/jeztah-invalid-json-unterminated-bracket/Dockerfile b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-unterminated-bracket/Dockerfile
new file mode 100644
index 00000000..5fd4afa5
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-unterminated-bracket/Dockerfile
@@ -0,0 +1 @@
+CMD ["echo", "Please, close the brackets when you're done"
diff --git a/builder/dockerfile/parser/testfiles/jeztah-invalid-json-unterminated-bracket/result b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-unterminated-bracket/result
new file mode 100644
index 00000000..1ffbb8ff
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-unterminated-bracket/result
@@ -0,0 +1 @@
+(cmd "[\"echo\", \"Please, close the brackets when you're done\"")
diff --git a/builder/dockerfile/parser/testfiles/jeztah-invalid-json-unterminated-string/Dockerfile b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-unterminated-string/Dockerfile
new file mode 100644
index 00000000..30cc4bb4
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-unterminated-string/Dockerfile
@@ -0,0 +1 @@
+CMD ["echo", "look ma, no quote!]
diff --git a/builder/dockerfile/parser/testfiles/jeztah-invalid-json-unterminated-string/result b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-unterminated-string/result
new file mode 100644
index 00000000..32048147
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/jeztah-invalid-json-unterminated-string/result
@@ -0,0 +1 @@
+(cmd "[\"echo\", \"look ma, no quote!]")
diff --git a/builder/dockerfile/parser/testfiles/json/Dockerfile b/builder/dockerfile/parser/testfiles/json/Dockerfile
new file mode 100644
index 00000000..a5869171
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/json/Dockerfile
@@ -0,0 +1,8 @@
+CMD []
+CMD [""]
+CMD ["a"]
+CMD ["a","b"]
+CMD [ "a", "b" ]
+CMD [	"a",	"b"	]
+CMD	[	"a",	"b"	]	
+CMD ["abc 123", "♥", "☃", "\" \\ \/ \b \f \n \r \t \u0000"]
diff --git a/builder/dockerfile/parser/testfiles/json/result b/builder/dockerfile/parser/testfiles/json/result
new file mode 100644
index 00000000..c6553e6e
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/json/result
@@ -0,0 +1,8 @@
+(cmd)
+(cmd "")
+(cmd "a")
+(cmd "a" "b")
+(cmd "a" "b")
+(cmd "a" "b")
+(cmd "a" "b")
+(cmd "abc 123" "♥" "☃" "\" \\ / \b \f \n \r \t \x00")
diff --git a/builder/dockerfile/parser/testfiles/kartar-entrypoint-oddities/Dockerfile b/builder/dockerfile/parser/testfiles/kartar-entrypoint-oddities/Dockerfile
new file mode 100644
index 00000000..35f9c24a
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/kartar-entrypoint-oddities/Dockerfile
@@ -0,0 +1,7 @@
+FROM ubuntu:14.04
+MAINTAINER James Turnbull "james@example.com"
+ENV REFRESHED_AT 2014-06-01
+RUN apt-get update
+RUN apt-get -y install redis-server redis-tools
+EXPOSE 6379
+ENTRYPOINT [ "/usr/bin/redis-server" ]
diff --git a/builder/dockerfile/parser/testfiles/kartar-entrypoint-oddities/result b/builder/dockerfile/parser/testfiles/kartar-entrypoint-oddities/result
new file mode 100644
index 00000000..b5ac6fe4
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/kartar-entrypoint-oddities/result
@@ -0,0 +1,7 @@
+(from "ubuntu:14.04")
+(maintainer "James Turnbull \"james@example.com\"")
+(env "REFRESHED_AT" "2014-06-01")
+(run "apt-get update")
+(run "apt-get -y install redis-server redis-tools")
+(expose "6379")
+(entrypoint "/usr/bin/redis-server")
diff --git a/builder/dockerfile/parser/testfiles/lk4d4-the-edge-case-generator/Dockerfile b/builder/dockerfile/parser/testfiles/lk4d4-the-edge-case-generator/Dockerfile
new file mode 100644
index 00000000..188395fe
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/lk4d4-the-edge-case-generator/Dockerfile
@@ -0,0 +1,48 @@
+FROM busybox:buildroot-2014.02
+
+MAINTAINER docker <docker@docker.io>
+
+ONBUILD RUN ["echo", "test"]
+ONBUILD RUN echo test
+ONBUILD COPY . /
+
+
+# RUN Commands \
+# linebreak in comment \
+RUN ["ls", "-la"]
+RUN ["echo", "'1234'"]
+RUN echo "1234"
+RUN echo 1234
+RUN echo '1234' && \
+    echo "456" && \
+    echo 789
+RUN    sh -c 'echo root:testpass \
+        > /tmp/passwd'
+RUN mkdir -p /test /test2 /test3/test
+
+# ENV \
+ENV SCUBA 1 DUBA 3
+ENV SCUBA "1 DUBA 3"
+
+# CMD \
+CMD ["echo", "test"]
+CMD echo test
+CMD echo "test"
+CMD echo 'test'
+CMD echo 'test' | wc -
+
+#EXPOSE\
+EXPOSE 3000
+EXPOSE 9000 5000 6000
+
+USER docker
+USER docker:root
+
+VOLUME ["/test"]
+VOLUME ["/test", "/test2"]
+VOLUME /test3
+
+WORKDIR /test
+
+ADD . /
+COPY . copy
diff --git a/builder/dockerfile/parser/testfiles/lk4d4-the-edge-case-generator/result b/builder/dockerfile/parser/testfiles/lk4d4-the-edge-case-generator/result
new file mode 100644
index 00000000..6f7d57a3
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/lk4d4-the-edge-case-generator/result
@@ -0,0 +1,29 @@
+(from "busybox:buildroot-2014.02")
+(maintainer "docker <docker@docker.io>")
+(onbuild (run "echo" "test"))
+(onbuild (run "echo test"))
+(onbuild (copy "." "/"))
+(run "ls" "-la")
+(run "echo" "'1234'")
+(run "echo \"1234\"")
+(run "echo 1234")
+(run "echo '1234' &&     echo \"456\" &&     echo 789")
+(run "sh -c 'echo root:testpass         > /tmp/passwd'")
+(run "mkdir -p /test /test2 /test3/test")
+(env "SCUBA" "1 DUBA 3")
+(env "SCUBA" "\"1 DUBA 3\"")
+(cmd "echo" "test")
+(cmd "echo test")
+(cmd "echo \"test\"")
+(cmd "echo 'test'")
+(cmd "echo 'test' | wc -")
+(expose "3000")
+(expose "9000" "5000" "6000")
+(user "docker")
+(user "docker:root")
+(volume "/test")
+(volume "/test" "/test2")
+(volume "/test3")
+(workdir "/test")
+(add "." "/")
+(copy "." "copy")
diff --git a/builder/dockerfile/parser/testfiles/mail/Dockerfile b/builder/dockerfile/parser/testfiles/mail/Dockerfile
new file mode 100644
index 00000000..f64c1168
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/mail/Dockerfile
@@ -0,0 +1,16 @@
+FROM ubuntu:14.04
+
+RUN apt-get update -qy && apt-get install mutt offlineimap vim-nox abook elinks curl tmux cron zsh -y
+ADD .muttrc /
+ADD .offlineimaprc /
+ADD .tmux.conf /
+ADD mutt /.mutt
+ADD vim /.vim
+ADD vimrc /.vimrc
+ADD crontab /etc/crontab
+RUN chmod 644 /etc/crontab
+RUN mkdir /Mail
+RUN mkdir /.offlineimap
+RUN echo "export TERM=screen-256color" >/.zshenv
+
+CMD setsid cron; tmux -2
diff --git a/builder/dockerfile/parser/testfiles/mail/result b/builder/dockerfile/parser/testfiles/mail/result
new file mode 100644
index 00000000..a0efcf04
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/mail/result
@@ -0,0 +1,14 @@
+(from "ubuntu:14.04")
+(run "apt-get update -qy && apt-get install mutt offlineimap vim-nox abook elinks curl tmux cron zsh -y")
+(add ".muttrc" "/")
+(add ".offlineimaprc" "/")
+(add ".tmux.conf" "/")
+(add "mutt" "/.mutt")
+(add "vim" "/.vim")
+(add "vimrc" "/.vimrc")
+(add "crontab" "/etc/crontab")
+(run "chmod 644 /etc/crontab")
+(run "mkdir /Mail")
+(run "mkdir /.offlineimap")
+(run "echo \"export TERM=screen-256color\" >/.zshenv")
+(cmd "setsid cron; tmux -2")
diff --git a/builder/dockerfile/parser/testfiles/multiple-volumes/Dockerfile b/builder/dockerfile/parser/testfiles/multiple-volumes/Dockerfile
new file mode 100644
index 00000000..57bb5976
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/multiple-volumes/Dockerfile
@@ -0,0 +1,3 @@
+FROM foo
+
+VOLUME /opt/nagios/var /opt/nagios/etc /opt/nagios/libexec /var/log/apache2 /usr/share/snmp/mibs
diff --git a/builder/dockerfile/parser/testfiles/multiple-volumes/result b/builder/dockerfile/parser/testfiles/multiple-volumes/result
new file mode 100644
index 00000000..18dbdeea
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/multiple-volumes/result
@@ -0,0 +1,2 @@
+(from "foo")
+(volume "/opt/nagios/var" "/opt/nagios/etc" "/opt/nagios/libexec" "/var/log/apache2" "/usr/share/snmp/mibs")
diff --git a/builder/dockerfile/parser/testfiles/mumble/Dockerfile b/builder/dockerfile/parser/testfiles/mumble/Dockerfile
new file mode 100644
index 00000000..5b9ec06a
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/mumble/Dockerfile
@@ -0,0 +1,7 @@
+FROM ubuntu:14.04
+
+RUN apt-get update && apt-get install libcap2-bin mumble-server -y
+
+ADD ./mumble-server.ini /etc/mumble-server.ini
+
+CMD /usr/sbin/murmurd
diff --git a/builder/dockerfile/parser/testfiles/mumble/result b/builder/dockerfile/parser/testfiles/mumble/result
new file mode 100644
index 00000000..a0036a94
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/mumble/result
@@ -0,0 +1,4 @@
+(from "ubuntu:14.04")
+(run "apt-get update && apt-get install libcap2-bin mumble-server -y")
+(add "./mumble-server.ini" "/etc/mumble-server.ini")
+(cmd "/usr/sbin/murmurd")
diff --git a/builder/dockerfile/parser/testfiles/nginx/Dockerfile b/builder/dockerfile/parser/testfiles/nginx/Dockerfile
new file mode 100644
index 00000000..bf8368e1
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/nginx/Dockerfile
@@ -0,0 +1,14 @@
+FROM ubuntu:14.04
+MAINTAINER Erik Hollensbe <erik@hollensbe.org>
+
+RUN apt-get update && apt-get install nginx-full -y
+RUN rm -rf /etc/nginx
+ADD etc /etc/nginx
+RUN chown -R root:root /etc/nginx
+RUN /usr/sbin/nginx -qt
+RUN mkdir /www
+
+CMD ["/usr/sbin/nginx"]
+
+VOLUME /www
+EXPOSE 80
diff --git a/builder/dockerfile/parser/testfiles/nginx/result b/builder/dockerfile/parser/testfiles/nginx/result
new file mode 100644
index 00000000..56ddb6f2
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/nginx/result
@@ -0,0 +1,11 @@
+(from "ubuntu:14.04")
+(maintainer "Erik Hollensbe <erik@hollensbe.org>")
+(run "apt-get update && apt-get install nginx-full -y")
+(run "rm -rf /etc/nginx")
+(add "etc" "/etc/nginx")
+(run "chown -R root:root /etc/nginx")
+(run "/usr/sbin/nginx -qt")
+(run "mkdir /www")
+(cmd "/usr/sbin/nginx")
+(volume "/www")
+(expose "80")
diff --git a/builder/dockerfile/parser/testfiles/tf2/Dockerfile b/builder/dockerfile/parser/testfiles/tf2/Dockerfile
new file mode 100644
index 00000000..72b79bdd
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/tf2/Dockerfile
@@ -0,0 +1,23 @@
+FROM ubuntu:12.04
+
+EXPOSE 27015
+EXPOSE 27005
+EXPOSE 26901
+EXPOSE 27020
+
+RUN apt-get update && apt-get install libc6-dev-i386 curl unzip -y
+RUN mkdir -p /steam
+RUN curl http://media.steampowered.com/client/steamcmd_linux.tar.gz | tar vxz -C /steam
+ADD ./script /steam/script
+RUN /steam/steamcmd.sh +runscript /steam/script
+RUN curl http://mirror.pointysoftware.net/alliedmodders/mmsource-1.10.0-linux.tar.gz | tar vxz -C /steam/tf2/tf
+RUN curl http://mirror.pointysoftware.net/alliedmodders/sourcemod-1.5.3-linux.tar.gz | tar vxz -C /steam/tf2/tf
+ADD ./server.cfg /steam/tf2/tf/cfg/server.cfg
+ADD ./ctf_2fort.cfg /steam/tf2/tf/cfg/ctf_2fort.cfg
+ADD ./sourcemod.cfg /steam/tf2/tf/cfg/sourcemod/sourcemod.cfg
+RUN rm -r /steam/tf2/tf/addons/sourcemod/configs
+ADD ./configs /steam/tf2/tf/addons/sourcemod/configs
+RUN mkdir -p /steam/tf2/tf/addons/sourcemod/translations/en
+RUN cp /steam/tf2/tf/addons/sourcemod/translations/*.txt /steam/tf2/tf/addons/sourcemod/translations/en
+
+CMD cd /steam/tf2 && ./srcds_run -port 27015 +ip 0.0.0.0 +map ctf_2fort -autoupdate -steam_dir /steam -steamcmd_script /steam/script +tf_bot_quota 12 +tf_bot_quota_mode fill
diff --git a/builder/dockerfile/parser/testfiles/tf2/result b/builder/dockerfile/parser/testfiles/tf2/result
new file mode 100644
index 00000000..d4f94cd8
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/tf2/result
@@ -0,0 +1,20 @@
+(from "ubuntu:12.04")
+(expose "27015")
+(expose "27005")
+(expose "26901")
+(expose "27020")
+(run "apt-get update && apt-get install libc6-dev-i386 curl unzip -y")
+(run "mkdir -p /steam")
+(run "curl http://media.steampowered.com/client/steamcmd_linux.tar.gz | tar vxz -C /steam")
+(add "./script" "/steam/script")
+(run "/steam/steamcmd.sh +runscript /steam/script")
+(run "curl http://mirror.pointysoftware.net/alliedmodders/mmsource-1.10.0-linux.tar.gz | tar vxz -C /steam/tf2/tf")
+(run "curl http://mirror.pointysoftware.net/alliedmodders/sourcemod-1.5.3-linux.tar.gz | tar vxz -C /steam/tf2/tf")
+(add "./server.cfg" "/steam/tf2/tf/cfg/server.cfg")
+(add "./ctf_2fort.cfg" "/steam/tf2/tf/cfg/ctf_2fort.cfg")
+(add "./sourcemod.cfg" "/steam/tf2/tf/cfg/sourcemod/sourcemod.cfg")
+(run "rm -r /steam/tf2/tf/addons/sourcemod/configs")
+(add "./configs" "/steam/tf2/tf/addons/sourcemod/configs")
+(run "mkdir -p /steam/tf2/tf/addons/sourcemod/translations/en")
+(run "cp /steam/tf2/tf/addons/sourcemod/translations/*.txt /steam/tf2/tf/addons/sourcemod/translations/en")
+(cmd "cd /steam/tf2 && ./srcds_run -port 27015 +ip 0.0.0.0 +map ctf_2fort -autoupdate -steam_dir /steam -steamcmd_script /steam/script +tf_bot_quota 12 +tf_bot_quota_mode fill")
diff --git a/builder/dockerfile/parser/testfiles/weechat/Dockerfile b/builder/dockerfile/parser/testfiles/weechat/Dockerfile
new file mode 100644
index 00000000..48420881
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/weechat/Dockerfile
@@ -0,0 +1,9 @@
+FROM ubuntu:14.04
+
+RUN apt-get update -qy && apt-get install tmux zsh weechat-curses -y
+
+ADD .weechat /.weechat
+ADD .tmux.conf /
+RUN echo "export TERM=screen-256color" >/.zshenv
+
+CMD zsh -c weechat
diff --git a/builder/dockerfile/parser/testfiles/weechat/result b/builder/dockerfile/parser/testfiles/weechat/result
new file mode 100644
index 00000000..c3abb4c5
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/weechat/result
@@ -0,0 +1,6 @@
+(from "ubuntu:14.04")
+(run "apt-get update -qy && apt-get install tmux zsh weechat-curses -y")
+(add ".weechat" "/.weechat")
+(add ".tmux.conf" "/")
+(run "echo \"export TERM=screen-256color\" >/.zshenv")
+(cmd "zsh -c weechat")
diff --git a/builder/dockerfile/parser/testfiles/znc/Dockerfile b/builder/dockerfile/parser/testfiles/znc/Dockerfile
new file mode 100644
index 00000000..3a4da6e9
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/znc/Dockerfile
@@ -0,0 +1,7 @@
+FROM ubuntu:14.04
+MAINTAINER Erik Hollensbe <erik@hollensbe.org>
+
+RUN apt-get update && apt-get install znc -y
+ADD conf /.znc
+
+CMD [ "/usr/bin/znc", "-f", "-r" ]
diff --git a/builder/dockerfile/parser/testfiles/znc/result b/builder/dockerfile/parser/testfiles/znc/result
new file mode 100644
index 00000000..5493b255
--- /dev/null
+++ b/builder/dockerfile/parser/testfiles/znc/result
@@ -0,0 +1,5 @@
+(from "ubuntu:14.04")
+(maintainer "Erik Hollensbe <erik@hollensbe.org>")
+(run "apt-get update && apt-get install znc -y")
+(add "conf" "/.znc")
+(cmd "/usr/bin/znc" "-f" "-r")
diff --git a/builder/dockerfile/parser/utils.go b/builder/dockerfile/parser/utils.go
new file mode 100644
index 00000000..b21eb62a
--- /dev/null
+++ b/builder/dockerfile/parser/utils.go
@@ -0,0 +1,176 @@
+package parser
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+	"unicode"
+)
+
+// Dump dumps the AST defined by `node` as a list of sexps.
+// Returns a string suitable for printing.
+func (node *Node) Dump() string {
+	str := ""
+	str += node.Value
+
+	if len(node.Flags) > 0 {
+		str += fmt.Sprintf(" %q", node.Flags)
+	}
+
+	for _, n := range node.Children {
+		str += "(" + n.Dump() + ")\n"
+	}
+
+	if node.Next != nil {
+		for n := node.Next; n != nil; n = n.Next {
+			if len(n.Children) > 0 {
+				str += " " + n.Dump()
+			} else {
+				str += " " + strconv.Quote(n.Value)
+			}
+		}
+	}
+
+	return strings.TrimSpace(str)
+}
+
+// performs the dispatch based on the two primal strings, cmd and args. Please
+// look at the dispatch table in parser.go to see how these dispatchers work.
+func fullDispatch(cmd, args string) (*Node, map[string]bool, error) {
+	fn := dispatch[cmd]
+
+	// Ignore invalid Dockerfile instructions
+	if fn == nil {
+		fn = parseIgnore
+	}
+
+	sexp, attrs, err := fn(args)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	return sexp, attrs, nil
+}
+
+// splitCommand takes a single line of text and parses out the cmd and args,
+// which are used for dispatching to more exact parsing functions.
+func splitCommand(line string) (string, []string, string, error) {
+	var args string
+	var flags []string
+
+	// Make sure we get the same results irrespective of leading/trailing spaces
+	cmdline := tokenWhitespace.Split(strings.TrimSpace(line), 2)
+	cmd := strings.ToLower(cmdline[0])
+
+	if len(cmdline) == 2 {
+		var err error
+		args, flags, err = extractBuilderFlags(cmdline[1])
+		if err != nil {
+			return "", nil, "", err
+		}
+	}
+
+	return cmd, flags, strings.TrimSpace(args), nil
+}
+
+// covers comments and empty lines. Lines should be trimmed before passing to
+// this function.
+func stripComments(line string) string {
+	// string is already trimmed at this point
+	if tokenComment.MatchString(line) {
+		return tokenComment.ReplaceAllString(line, "")
+	}
+
+	return line
+}
+
+func extractBuilderFlags(line string) (string, []string, error) {
+	// Parses the BuilderFlags and returns the remaining part of the line
+
+	const (
+		inSpaces = iota // looking for start of a word
+		inWord
+		inQuote
+	)
+
+	words := []string{}
+	phase := inSpaces
+	word := ""
+	quote := '\000'
+	blankOK := false
+	var ch rune
+
+	for pos := 0; pos <= len(line); pos++ {
+		if pos != len(line) {
+			ch = rune(line[pos])
+		}
+
+		if phase == inSpaces { // Looking for start of word
+			if pos == len(line) { // end of input
+				break
+			}
+			if unicode.IsSpace(ch) { // skip spaces
+				continue
+			}
+
+			// Only keep going if the next word starts with --
+			if ch != '-' || pos+1 == len(line) || rune(line[pos+1]) != '-' {
+				return line[pos:], words, nil
+			}
+
+			phase = inWord // found someting with "--", fall through
+		}
+		if (phase == inWord || phase == inQuote) && (pos == len(line)) {
+			if word != "--" && (blankOK || len(word) > 0) {
+				words = append(words, word)
+			}
+			break
+		}
+		if phase == inWord {
+			if unicode.IsSpace(ch) {
+				phase = inSpaces
+				if word == "--" {
+					return line[pos:], words, nil
+				}
+				if blankOK || len(word) > 0 {
+					words = append(words, word)
+				}
+				word = ""
+				blankOK = false
+				continue
+			}
+			if ch == '\'' || ch == '"' {
+				quote = ch
+				blankOK = true
+				phase = inQuote
+				continue
+			}
+			if ch == '\\' {
+				if pos+1 == len(line) {
+					continue // just skip \ at end
+				}
+				pos++
+				ch = rune(line[pos])
+			}
+			word += string(ch)
+			continue
+		}
+		if phase == inQuote {
+			if ch == quote {
+				phase = inWord
+				continue
+			}
+			if ch == '\\' {
+				if pos+1 == len(line) {
+					phase = inWord
+					continue // just skip \ at end
+				}
+				pos++
+				ch = rune(line[pos])
+			}
+			word += string(ch)
+		}
+	}
+
+	return "", words, nil
+}
diff --git a/builder/dockerfile/shell_parser.go b/builder/dockerfile/shell_parser.go
new file mode 100644
index 00000000..c7142667
--- /dev/null
+++ b/builder/dockerfile/shell_parser.go
@@ -0,0 +1,314 @@
+package dockerfile
+
+// This will take a single word and an array of env variables and
+// process all quotes (" and ') as well as $xxx and ${xxx} env variable
+// tokens.  Tries to mimic bash shell process.
+// It doesn't support all flavors of ${xx:...} formats but new ones can
+// be added by adding code to the "special ${} format processing" section
+
+import (
+	"fmt"
+	"strings"
+	"text/scanner"
+	"unicode"
+)
+
+type shellWord struct {
+	word    string
+	scanner scanner.Scanner
+	envs    []string
+	pos     int
+}
+
+// ProcessWord will use the 'env' list of environment variables,
+// and replace any env var references in 'word'.
+func ProcessWord(word string, env []string) (string, error) {
+	sw := &shellWord{
+		word: word,
+		envs: env,
+		pos:  0,
+	}
+	sw.scanner.Init(strings.NewReader(word))
+	word, _, err := sw.process()
+	return word, err
+}
+
+// ProcessWords will use the 'env' list of environment variables,
+// and replace any env var references in 'word' then it will also
+// return a slice of strings which represents the 'word'
+// split up based on spaces - taking into account quotes.  Note that
+// this splitting is done **after** the env var substitutions are done.
+// Note, each one is trimmed to remove leading and trailing spaces (unless
+// they are quoted", but ProcessWord retains spaces between words.
+func ProcessWords(word string, env []string) ([]string, error) {
+	sw := &shellWord{
+		word: word,
+		envs: env,
+		pos:  0,
+	}
+	sw.scanner.Init(strings.NewReader(word))
+	_, words, err := sw.process()
+	return words, err
+}
+
+func (sw *shellWord) process() (string, []string, error) {
+	return sw.processStopOn(scanner.EOF)
+}
+
+type wordsStruct struct {
+	word   string
+	words  []string
+	inWord bool
+}
+
+func (w *wordsStruct) addChar(ch rune) {
+	if unicode.IsSpace(ch) && w.inWord {
+		if len(w.word) != 0 {
+			w.words = append(w.words, w.word)
+			w.word = ""
+			w.inWord = false
+		}
+	} else if !unicode.IsSpace(ch) {
+		w.addRawChar(ch)
+	}
+}
+
+func (w *wordsStruct) addRawChar(ch rune) {
+	w.word += string(ch)
+	w.inWord = true
+}
+
+func (w *wordsStruct) addString(str string) {
+	var scan scanner.Scanner
+	scan.Init(strings.NewReader(str))
+	for scan.Peek() != scanner.EOF {
+		w.addChar(scan.Next())
+	}
+}
+
+func (w *wordsStruct) addRawString(str string) {
+	w.word += str
+	w.inWord = true
+}
+
+func (w *wordsStruct) getWords() []string {
+	if len(w.word) > 0 {
+		w.words = append(w.words, w.word)
+
+		// Just in case we're called again by mistake
+		w.word = ""
+		w.inWord = false
+	}
+	return w.words
+}
+
+// Process the word, starting at 'pos', and stop when we get to the
+// end of the word or the 'stopChar' character
+func (sw *shellWord) processStopOn(stopChar rune) (string, []string, error) {
+	var result string
+	var words wordsStruct
+
+	var charFuncMapping = map[rune]func() (string, error){
+		'\'': sw.processSingleQuote,
+		'"':  sw.processDoubleQuote,
+		'$':  sw.processDollar,
+	}
+
+	for sw.scanner.Peek() != scanner.EOF {
+		ch := sw.scanner.Peek()
+
+		if stopChar != scanner.EOF && ch == stopChar {
+			sw.scanner.Next()
+			break
+		}
+		if fn, ok := charFuncMapping[ch]; ok {
+			// Call special processing func for certain chars
+			tmp, err := fn()
+			if err != nil {
+				return "", []string{}, err
+			}
+			result += tmp
+
+			if ch == rune('$') {
+				words.addString(tmp)
+			} else {
+				words.addRawString(tmp)
+			}
+		} else {
+			// Not special, just add it to the result
+			ch = sw.scanner.Next()
+
+			if ch == '\\' {
+				// '\' escapes, except end of line
+
+				ch = sw.scanner.Next()
+
+				if ch == scanner.EOF {
+					break
+				}
+
+				words.addRawChar(ch)
+			} else {
+				words.addChar(ch)
+			}
+
+			result += string(ch)
+		}
+	}
+
+	return result, words.getWords(), nil
+}
+
+func (sw *shellWord) processSingleQuote() (string, error) {
+	// All chars between single quotes are taken as-is
+	// Note, you can't escape '
+	var result string
+
+	sw.scanner.Next()
+
+	for {
+		ch := sw.scanner.Next()
+		if ch == '\'' || ch == scanner.EOF {
+			break
+		}
+		result += string(ch)
+	}
+
+	return result, nil
+}
+
+func (sw *shellWord) processDoubleQuote() (string, error) {
+	// All chars up to the next " are taken as-is, even ', except any $ chars
+	// But you can escape " with a \
+	var result string
+
+	sw.scanner.Next()
+
+	for sw.scanner.Peek() != scanner.EOF {
+		ch := sw.scanner.Peek()
+		if ch == '"' {
+			sw.scanner.Next()
+			break
+		}
+		if ch == '$' {
+			tmp, err := sw.processDollar()
+			if err != nil {
+				return "", err
+			}
+			result += tmp
+		} else {
+			ch = sw.scanner.Next()
+			if ch == '\\' {
+				chNext := sw.scanner.Peek()
+
+				if chNext == scanner.EOF {
+					// Ignore \ at end of word
+					continue
+				}
+
+				if chNext == '"' || chNext == '$' {
+					// \" and \$ can be escaped, all other \'s are left as-is
+					ch = sw.scanner.Next()
+				}
+			}
+			result += string(ch)
+		}
+	}
+
+	return result, nil
+}
+
+func (sw *shellWord) processDollar() (string, error) {
+	sw.scanner.Next()
+	ch := sw.scanner.Peek()
+	if ch == '{' {
+		sw.scanner.Next()
+		name := sw.processName()
+		ch = sw.scanner.Peek()
+		if ch == '}' {
+			// Normal ${xx} case
+			sw.scanner.Next()
+			return sw.getEnv(name), nil
+		}
+		if ch == ':' {
+			// Special ${xx:...} format processing
+			// Yes it allows for recursive $'s in the ... spot
+
+			sw.scanner.Next() // skip over :
+			modifier := sw.scanner.Next()
+
+			word, _, err := sw.processStopOn('}')
+			if err != nil {
+				return "", err
+			}
+
+			// Grab the current value of the variable in question so we
+			// can use to to determine what to do based on the modifier
+			newValue := sw.getEnv(name)
+
+			switch modifier {
+			case '+':
+				if newValue != "" {
+					newValue = word
+				}
+				return newValue, nil
+
+			case '-':
+				if newValue == "" {
+					newValue = word
+				}
+				return newValue, nil
+
+			default:
+				return "", fmt.Errorf("Unsupported modifier (%c) in substitution: %s", modifier, sw.word)
+			}
+		}
+		return "", fmt.Errorf("Missing ':' in substitution: %s", sw.word)
+	}
+	// $xxx case
+	name := sw.processName()
+	if name == "" {
+		return "$", nil
+	}
+	return sw.getEnv(name), nil
+}
+
+func (sw *shellWord) processName() string {
+	// Read in a name (alphanumeric or _)
+	// If it starts with a numeric then just return $#
+	var name string
+
+	for sw.scanner.Peek() != scanner.EOF {
+		ch := sw.scanner.Peek()
+		if len(name) == 0 && unicode.IsDigit(ch) {
+			ch = sw.scanner.Next()
+			return string(ch)
+		}
+		if !unicode.IsLetter(ch) && !unicode.IsDigit(ch) && ch != '_' {
+			break
+		}
+		ch = sw.scanner.Next()
+		name += string(ch)
+	}
+
+	return name
+}
+
+func (sw *shellWord) getEnv(name string) string {
+	for _, env := range sw.envs {
+		i := strings.Index(env, "=")
+		if i < 0 {
+			if name == env {
+				// Should probably never get here, but just in case treat
+				// it like "var" and "var=" are the same
+				return ""
+			}
+			continue
+		}
+		if name != env[:i] {
+			continue
+		}
+		return env[i+1:]
+	}
+	return ""
+}
diff --git a/builder/dockerfile/shell_parser_test.go b/builder/dockerfile/shell_parser_test.go
new file mode 100644
index 00000000..81ac591e
--- /dev/null
+++ b/builder/dockerfile/shell_parser_test.go
@@ -0,0 +1,143 @@
+package dockerfile
+
+import (
+	"bufio"
+	"os"
+	"strings"
+	"testing"
+)
+
+func TestShellParser4EnvVars(t *testing.T) {
+	fn := "envVarTest"
+
+	file, err := os.Open(fn)
+	if err != nil {
+		t.Fatalf("Can't open '%s': %s", err, fn)
+	}
+	defer file.Close()
+
+	scanner := bufio.NewScanner(file)
+	envs := []string{"PWD=/home", "SHELL=bash", "KOREAN=한국어"}
+	for scanner.Scan() {
+		line := scanner.Text()
+
+		// Trim comments and blank lines
+		i := strings.Index(line, "#")
+		if i >= 0 {
+			line = line[:i]
+		}
+		line = strings.TrimSpace(line)
+
+		if line == "" {
+			continue
+		}
+
+		words := strings.Split(line, "|")
+		if len(words) != 2 {
+			t.Fatalf("Error in '%s' - should be exactly one | in:%q", fn, line)
+		}
+
+		words[0] = strings.TrimSpace(words[0])
+		words[1] = strings.TrimSpace(words[1])
+
+		newWord, err := ProcessWord(words[0], envs)
+
+		if err != nil {
+			newWord = "error"
+		}
+
+		if newWord != words[1] {
+			t.Fatalf("Error. Src: %s  Calc: %s  Expected: %s", words[0], newWord, words[1])
+		}
+	}
+}
+
+func TestShellParser4Words(t *testing.T) {
+	fn := "wordsTest"
+
+	file, err := os.Open(fn)
+	if err != nil {
+		t.Fatalf("Can't open '%s': %s", err, fn)
+	}
+	defer file.Close()
+
+	envs := []string{}
+	scanner := bufio.NewScanner(file)
+	for scanner.Scan() {
+		line := scanner.Text()
+
+		if strings.HasPrefix(line, "#") {
+			continue
+		}
+
+		if strings.HasPrefix(line, "ENV ") {
+			line = strings.TrimLeft(line[3:], " ")
+			envs = append(envs, line)
+			continue
+		}
+
+		words := strings.Split(line, "|")
+		if len(words) != 2 {
+			t.Fatalf("Error in '%s' - should be exactly one | in: %q", fn, line)
+		}
+		test := strings.TrimSpace(words[0])
+		expected := strings.Split(strings.TrimLeft(words[1], " "), ",")
+
+		result, err := ProcessWords(test, envs)
+
+		if err != nil {
+			result = []string{"error"}
+		}
+
+		if len(result) != len(expected) {
+			t.Fatalf("Error. %q was suppose to result in %q, but got %q instead", test, expected, result)
+		}
+		for i, w := range expected {
+			if w != result[i] {
+				t.Fatalf("Error. %q was suppose to result in %q, but got %q instead", test, expected, result)
+			}
+		}
+	}
+}
+
+func TestGetEnv(t *testing.T) {
+	sw := &shellWord{
+		word: "",
+		envs: nil,
+		pos:  0,
+	}
+
+	sw.envs = []string{}
+	if sw.getEnv("foo") != "" {
+		t.Fatalf("2 - 'foo' should map to ''")
+	}
+
+	sw.envs = []string{"foo"}
+	if sw.getEnv("foo") != "" {
+		t.Fatalf("3 - 'foo' should map to ''")
+	}
+
+	sw.envs = []string{"foo="}
+	if sw.getEnv("foo") != "" {
+		t.Fatalf("4 - 'foo' should map to ''")
+	}
+
+	sw.envs = []string{"foo=bar"}
+	if sw.getEnv("foo") != "bar" {
+		t.Fatalf("5 - 'foo' should map to 'bar'")
+	}
+
+	sw.envs = []string{"foo=bar", "car=hat"}
+	if sw.getEnv("foo") != "bar" {
+		t.Fatalf("6 - 'foo' should map to 'bar'")
+	}
+	if sw.getEnv("car") != "hat" {
+		t.Fatalf("7 - 'car' should map to 'hat'")
+	}
+
+	// Make sure we grab the first 'car' in the list
+	sw.envs = []string{"foo=bar", "car=hat", "car=bike"}
+	if sw.getEnv("car") != "hat" {
+		t.Fatalf("8 - 'car' should map to 'hat'")
+	}
+}
diff --git a/builder/dockerfile/support.go b/builder/dockerfile/support.go
new file mode 100644
index 00000000..38897b2c
--- /dev/null
+++ b/builder/dockerfile/support.go
@@ -0,0 +1,16 @@
+package dockerfile
+
+import "strings"
+
+func handleJSONArgs(args []string, attributes map[string]bool) []string {
+	if len(args) == 0 {
+		return []string{}
+	}
+
+	if attributes != nil && attributes["json"] {
+		return args
+	}
+
+	// literal string command, not an exec array
+	return []string{strings.Join(args, " ")}
+}
diff --git a/builder/dockerfile/wordsTest b/builder/dockerfile/wordsTest
new file mode 100644
index 00000000..fa916c67
--- /dev/null
+++ b/builder/dockerfile/wordsTest
@@ -0,0 +1,25 @@
+hello | hello
+hello${hi}bye | hellobye
+ENV hi=hi
+hello${hi}bye | hellohibye
+ENV space=abc  def
+hello${space}bye | helloabc,defbye
+hello"${space}"bye | helloabc  defbye
+hello "${space}"bye | hello,abc  defbye
+ENV leading=  ab c
+hello${leading}def | hello,ab,cdef
+hello"${leading}" def | hello  ab c,def
+hello"${leading}" | hello  ab c
+hello${leading} | hello,ab,c
+# next line MUST have 3 trailing spaces, don't erase them!
+ENV trailing=ab c   
+hello${trailing} | helloab,c
+hello${trailing}d | helloab,c,d
+hello"${trailing}"d | helloab c   d
+# next line MUST have 3 trailing spaces, don't erase them!
+hel"lo${trailing}" | helloab c   
+hello" there  " | hello there  
+hello there     | hello,there
+hello\ there | hello there
+hello" there | hello there
+hello\" there | hello",there
diff --git a/builder/dockerignore.go b/builder/dockerignore.go
new file mode 100644
index 00000000..2990770a
--- /dev/null
+++ b/builder/dockerignore.go
@@ -0,0 +1,47 @@
+package builder
+
+import (
+	"os"
+
+	"github.com/docker/docker/builder/dockerignore"
+	"github.com/docker/docker/pkg/fileutils"
+)
+
+// DockerIgnoreContext wraps a ModifiableContext to add a method
+// for handling the .dockerignore file at the root of the context.
+type DockerIgnoreContext struct {
+	ModifiableContext
+}
+
+// Process reads the .dockerignore file at the root of the embedded context.
+// If .dockerignore does not exist in the context, then nil is returned.
+//
+// It can take a list of files to be removed after .dockerignore is removed.
+// This is used for server-side implementations of builders that need to send
+// the .dockerignore file as well as the special files specified in filesToRemove,
+// but expect them to be excluded from the context after they were processed.
+//
+// For example, server-side Dockerfile builders are expected to pass in the name
+// of the Dockerfile to be removed after it was parsed.
+//
+// TODO: Don't require a ModifiableContext (use Context instead) and don't remove
+// files, instead handle a list of files to be excluded from the context.
+func (c DockerIgnoreContext) Process(filesToRemove []string) error {
+	f, err := c.Open(".dockerignore")
+	// Note that a missing .dockerignore file isn't treated as an error
+	if err != nil {
+		if os.IsNotExist(err) {
+			return nil
+		}
+		return err
+	}
+	excludes, _ := dockerignore.ReadAll(f)
+	filesToRemove = append([]string{".dockerignore"}, filesToRemove...)
+	for _, fileToRemove := range filesToRemove {
+		rm, _ := fileutils.Matches(fileToRemove, excludes)
+		if rm {
+			c.Remove(fileToRemove)
+		}
+	}
+	return nil
+}
diff --git a/builder/dockerignore/dockerignore.go b/builder/dockerignore/dockerignore.go
new file mode 100644
index 00000000..1fed3199
--- /dev/null
+++ b/builder/dockerignore/dockerignore.go
@@ -0,0 +1,35 @@
+package dockerignore
+
+import (
+	"bufio"
+	"fmt"
+	"io"
+	"path/filepath"
+	"strings"
+)
+
+// ReadAll reads a .dockerignore file and returns the list of file patterns
+// to ignore. Note this will trim whitespace from each line as well
+// as use GO's "clean" func to get the shortest/cleanest path for each.
+func ReadAll(reader io.ReadCloser) ([]string, error) {
+	if reader == nil {
+		return nil, nil
+	}
+	defer reader.Close()
+	scanner := bufio.NewScanner(reader)
+	var excludes []string
+
+	for scanner.Scan() {
+		pattern := strings.TrimSpace(scanner.Text())
+		if pattern == "" {
+			continue
+		}
+		pattern = filepath.Clean(pattern)
+		pattern = filepath.ToSlash(pattern)
+		excludes = append(excludes, pattern)
+	}
+	if err := scanner.Err(); err != nil {
+		return nil, fmt.Errorf("Error reading .dockerignore: %v", err)
+	}
+	return excludes, nil
+}
diff --git a/builder/dockerignore/dockerignore_test.go b/builder/dockerignore/dockerignore_test.go
new file mode 100644
index 00000000..361b0419
--- /dev/null
+++ b/builder/dockerignore/dockerignore_test.go
@@ -0,0 +1,55 @@
+package dockerignore
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"testing"
+)
+
+func TestReadAll(t *testing.T) {
+	tmpDir, err := ioutil.TempDir("", "dockerignore-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpDir)
+
+	di, err := ReadAll(nil)
+	if err != nil {
+		t.Fatalf("Expected not to have error, got %v", err)
+	}
+
+	if diLen := len(di); diLen != 0 {
+		t.Fatalf("Expected to have zero dockerignore entry, got %d", diLen)
+	}
+
+	diName := filepath.Join(tmpDir, ".dockerignore")
+	content := fmt.Sprintf("test1\n/test2\n/a/file/here\n\nlastfile")
+	err = ioutil.WriteFile(diName, []byte(content), 0777)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	diFd, err := os.Open(diName)
+	if err != nil {
+		t.Fatal(err)
+	}
+	di, err = ReadAll(diFd)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if di[0] != "test1" {
+		t.Fatalf("First element is not test1")
+	}
+	if di[1] != "/test2" {
+		t.Fatalf("Second element is not /test2")
+	}
+	if di[2] != "/a/file/here" {
+		t.Fatalf("Third element is not /a/file/here")
+	}
+	if di[3] != "lastfile" {
+		t.Fatalf("Fourth element is not lastfile")
+	}
+}
diff --git a/builder/git.go b/builder/git.go
new file mode 100644
index 00000000..74df2446
--- /dev/null
+++ b/builder/git.go
@@ -0,0 +1,28 @@
+package builder
+
+import (
+	"os"
+
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/gitutils"
+)
+
+// MakeGitContext returns a Context from gitURL that is cloned in a temporary directory.
+func MakeGitContext(gitURL string) (ModifiableContext, error) {
+	root, err := gitutils.Clone(gitURL)
+	if err != nil {
+		return nil, err
+	}
+
+	c, err := archive.Tar(root, archive.Uncompressed)
+	if err != nil {
+		return nil, err
+	}
+
+	defer func() {
+		// TODO: print errors?
+		c.Close()
+		os.RemoveAll(root)
+	}()
+	return MakeTarSumContext(c)
+}
diff --git a/builder/remote.go b/builder/remote.go
new file mode 100644
index 00000000..12f34c7b
--- /dev/null
+++ b/builder/remote.go
@@ -0,0 +1,152 @@
+package builder
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"regexp"
+
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/httputils"
+	"github.com/docker/docker/pkg/urlutil"
+)
+
+// When downloading remote contexts, limit the amount (in bytes)
+// to be read from the response body in order to detect its Content-Type
+const maxPreambleLength = 100
+
+const acceptableRemoteMIME = `(?:application/(?:(?:x\-)?tar|octet\-stream|((?:x\-)?(?:gzip|bzip2?|xz)))|(?:text/plain))`
+
+var mimeRe = regexp.MustCompile(acceptableRemoteMIME)
+
+// MakeRemoteContext downloads a context from remoteURL and returns it.
+//
+// If contentTypeHandlers is non-nil, then the Content-Type header is read along with a maximum of
+// maxPreambleLength bytes from the body to help detecting the MIME type.
+// Look at acceptableRemoteMIME for more details.
+//
+// If a match is found, then the body is sent to the contentType handler and a (potentially compressed) tar stream is expected
+// to be returned. If no match is found, it is assumed the body is a tar stream (compressed or not).
+// In either case, an (assumed) tar stream is passed to MakeTarSumContext whose result is returned.
+func MakeRemoteContext(remoteURL string, contentTypeHandlers map[string]func(io.ReadCloser) (io.ReadCloser, error)) (ModifiableContext, error) {
+	f, err := httputils.Download(remoteURL)
+	if err != nil {
+		return nil, fmt.Errorf("Error downloading remote context %s: %v", remoteURL, err)
+	}
+	defer f.Body.Close()
+
+	var contextReader io.ReadCloser
+	if contentTypeHandlers != nil {
+		contentType := f.Header.Get("Content-Type")
+		clen := f.ContentLength
+
+		contentType, contextReader, err = inspectResponse(contentType, f.Body, clen)
+		if err != nil {
+			return nil, fmt.Errorf("Error detecting content type for remote %s: %v", remoteURL, err)
+		}
+		defer contextReader.Close()
+
+		// This loop tries to find a content-type handler for the detected content-type.
+		// If it could not find one from the caller-supplied map, it tries the empty content-type `""`
+		// which is interpreted as a fallback handler (usually used for raw tar contexts).
+		for _, ct := range []string{contentType, ""} {
+			if fn, ok := contentTypeHandlers[ct]; ok {
+				defer contextReader.Close()
+				if contextReader, err = fn(contextReader); err != nil {
+					return nil, err
+				}
+				break
+			}
+		}
+	}
+
+	// Pass through - this is a pre-packaged context, presumably
+	// with a Dockerfile with the right name inside it.
+	return MakeTarSumContext(contextReader)
+}
+
+// DetectContextFromRemoteURL returns a context and in certain cases the name of the dockerfile to be used
+// irrespective of user input.
+// progressReader is only used if remoteURL is actually a URL (not empty, and not a Git endpoint).
+func DetectContextFromRemoteURL(r io.ReadCloser, remoteURL string, createProgressReader func(in io.ReadCloser) io.ReadCloser) (context ModifiableContext, dockerfileName string, err error) {
+	switch {
+	case remoteURL == "":
+		context, err = MakeTarSumContext(r)
+	case urlutil.IsGitURL(remoteURL):
+		context, err = MakeGitContext(remoteURL)
+	case urlutil.IsURL(remoteURL):
+		context, err = MakeRemoteContext(remoteURL, map[string]func(io.ReadCloser) (io.ReadCloser, error){
+			httputils.MimeTypes.TextPlain: func(rc io.ReadCloser) (io.ReadCloser, error) {
+				dockerfile, err := ioutil.ReadAll(rc)
+				if err != nil {
+					return nil, err
+				}
+
+				// dockerfileName is set to signal that the remote was interpreted as a single Dockerfile, in which case the caller
+				// should use dockerfileName as the new name for the Dockerfile, irrespective of any other user input.
+				dockerfileName = DefaultDockerfileName
+
+				// TODO: return a context without tarsum
+				return archive.Generate(dockerfileName, string(dockerfile))
+			},
+			// fallback handler (tar context)
+			"": func(rc io.ReadCloser) (io.ReadCloser, error) {
+				return createProgressReader(rc), nil
+			},
+		})
+	default:
+		err = fmt.Errorf("remoteURL (%s) could not be recognized as URL", remoteURL)
+	}
+	return
+}
+
+// inspectResponse looks into the http response data at r to determine whether its
+// content-type is on the list of acceptable content types for remote build contexts.
+// This function returns:
+//    - a string representation of the detected content-type
+//    - an io.Reader for the response body
+//    - an error value which will be non-nil either when something goes wrong while
+//      reading bytes from r or when the detected content-type is not acceptable.
+func inspectResponse(ct string, r io.ReadCloser, clen int64) (string, io.ReadCloser, error) {
+	plen := clen
+	if plen <= 0 || plen > maxPreambleLength {
+		plen = maxPreambleLength
+	}
+
+	preamble := make([]byte, plen, plen)
+	rlen, err := r.Read(preamble)
+	if rlen == 0 {
+		return ct, r, errors.New("Empty response")
+	}
+	if err != nil && err != io.EOF {
+		return ct, r, err
+	}
+
+	preambleR := bytes.NewReader(preamble)
+	bodyReader := ioutil.NopCloser(io.MultiReader(preambleR, r))
+	// Some web servers will use application/octet-stream as the default
+	// content type for files without an extension (e.g. 'Dockerfile')
+	// so if we receive this value we better check for text content
+	contentType := ct
+	if len(ct) == 0 || ct == httputils.MimeTypes.OctetStream {
+		contentType, _, err = httputils.DetectContentType(preamble)
+		if err != nil {
+			return contentType, bodyReader, err
+		}
+	}
+
+	contentType = selectAcceptableMIME(contentType)
+	var cterr error
+	if len(contentType) == 0 {
+		cterr = fmt.Errorf("unsupported Content-Type %q", ct)
+		contentType = ct
+	}
+
+	return contentType, bodyReader, cterr
+}
+
+func selectAcceptableMIME(ct string) string {
+	return mimeRe.FindString(ct)
+}
diff --git a/builder/remote_test.go b/builder/remote_test.go
new file mode 100644
index 00000000..10d73ee5
--- /dev/null
+++ b/builder/remote_test.go
@@ -0,0 +1,146 @@
+package builder
+
+import (
+	"bytes"
+	"io/ioutil"
+	"testing"
+)
+
+var textPlainDockerfile = "FROM busybox"
+var binaryContext = []byte{0xFD, 0x37, 0x7A, 0x58, 0x5A, 0x00} //xz magic
+
+func TestSelectAcceptableMIME(t *testing.T) {
+	validMimeStrings := []string{
+		"application/x-bzip2",
+		"application/bzip2",
+		"application/gzip",
+		"application/x-gzip",
+		"application/x-xz",
+		"application/xz",
+		"application/tar",
+		"application/x-tar",
+		"application/octet-stream",
+		"text/plain",
+	}
+
+	invalidMimeStrings := []string{
+		"",
+		"application/octet",
+		"application/json",
+	}
+
+	for _, m := range invalidMimeStrings {
+		if len(selectAcceptableMIME(m)) > 0 {
+			t.Fatalf("Should not have accepted %q", m)
+		}
+	}
+
+	for _, m := range validMimeStrings {
+		if str := selectAcceptableMIME(m); str == "" {
+			t.Fatalf("Should have accepted %q", m)
+		}
+	}
+}
+
+func TestInspectEmptyResponse(t *testing.T) {
+	ct := "application/octet-stream"
+	br := ioutil.NopCloser(bytes.NewReader([]byte("")))
+	contentType, bReader, err := inspectResponse(ct, br, 0)
+	if err == nil {
+		t.Fatalf("Should have generated an error for an empty response")
+	}
+	if contentType != "application/octet-stream" {
+		t.Fatalf("Content type should be 'application/octet-stream' but is %q", contentType)
+	}
+	body, err := ioutil.ReadAll(bReader)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(body) != 0 {
+		t.Fatal("response body should remain empty")
+	}
+}
+
+func TestInspectResponseBinary(t *testing.T) {
+	ct := "application/octet-stream"
+	br := ioutil.NopCloser(bytes.NewReader(binaryContext))
+	contentType, bReader, err := inspectResponse(ct, br, int64(len(binaryContext)))
+	if err != nil {
+		t.Fatal(err)
+	}
+	if contentType != "application/octet-stream" {
+		t.Fatalf("Content type should be 'application/octet-stream' but is %q", contentType)
+	}
+	body, err := ioutil.ReadAll(bReader)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(body) != len(binaryContext) {
+		t.Fatalf("Wrong response size %d, should be == len(binaryContext)", len(body))
+	}
+	for i := range body {
+		if body[i] != binaryContext[i] {
+			t.Fatalf("Corrupted response body at byte index %d", i)
+		}
+	}
+}
+
+func TestResponseUnsupportedContentType(t *testing.T) {
+	content := []byte(textPlainDockerfile)
+	ct := "application/json"
+	br := ioutil.NopCloser(bytes.NewReader(content))
+	contentType, bReader, err := inspectResponse(ct, br, int64(len(textPlainDockerfile)))
+
+	if err == nil {
+		t.Fatal("Should have returned an error on content-type 'application/json'")
+	}
+	if contentType != ct {
+		t.Fatalf("Should not have altered content-type: orig: %s, altered: %s", ct, contentType)
+	}
+	body, err := ioutil.ReadAll(bReader)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if string(body) != textPlainDockerfile {
+		t.Fatalf("Corrupted response body %s", body)
+	}
+}
+
+func TestInspectResponseTextSimple(t *testing.T) {
+	content := []byte(textPlainDockerfile)
+	ct := "text/plain"
+	br := ioutil.NopCloser(bytes.NewReader(content))
+	contentType, bReader, err := inspectResponse(ct, br, int64(len(content)))
+	if err != nil {
+		t.Fatal(err)
+	}
+	if contentType != "text/plain" {
+		t.Fatalf("Content type should be 'text/plain' but is %q", contentType)
+	}
+	body, err := ioutil.ReadAll(bReader)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if string(body) != textPlainDockerfile {
+		t.Fatalf("Corrupted response body %s", body)
+	}
+}
+
+func TestInspectResponseEmptyContentType(t *testing.T) {
+	content := []byte(textPlainDockerfile)
+	br := ioutil.NopCloser(bytes.NewReader(content))
+	contentType, bodyReader, err := inspectResponse("", br, int64(len(content)))
+	if err != nil {
+		t.Fatal(err)
+	}
+	if contentType != "text/plain" {
+		t.Fatalf("Content type should be 'text/plain' but is %q", contentType)
+	}
+	body, err := ioutil.ReadAll(bodyReader)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if string(body) != textPlainDockerfile {
+		t.Fatalf("Corrupted response body %s", body)
+	}
+}
diff --git a/builder/tarsum.go b/builder/tarsum.go
new file mode 100644
index 00000000..201e3ef7
--- /dev/null
+++ b/builder/tarsum.go
@@ -0,0 +1,158 @@
+package builder
+
+import (
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/chrootarchive"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/pkg/symlink"
+	"github.com/docker/docker/pkg/tarsum"
+)
+
+type tarSumContext struct {
+	root string
+	sums tarsum.FileInfoSums
+}
+
+func (c *tarSumContext) Close() error {
+	return os.RemoveAll(c.root)
+}
+
+func convertPathError(err error, cleanpath string) error {
+	if err, ok := err.(*os.PathError); ok {
+		err.Path = cleanpath
+		return err
+	}
+	return err
+}
+
+func (c *tarSumContext) Open(path string) (io.ReadCloser, error) {
+	cleanpath, fullpath, err := c.normalize(path)
+	if err != nil {
+		return nil, err
+	}
+	r, err := os.Open(fullpath)
+	if err != nil {
+		return nil, convertPathError(err, cleanpath)
+	}
+	return r, nil
+}
+
+func (c *tarSumContext) Stat(path string) (string, FileInfo, error) {
+	cleanpath, fullpath, err := c.normalize(path)
+	if err != nil {
+		return "", nil, err
+	}
+
+	st, err := os.Lstat(fullpath)
+	if err != nil {
+		return "", nil, convertPathError(err, cleanpath)
+	}
+
+	rel, err := filepath.Rel(c.root, fullpath)
+	if err != nil {
+		return "", nil, convertPathError(err, cleanpath)
+	}
+
+	// We set sum to path by default for the case where GetFile returns nil.
+	// The usual case is if relative path is empty.
+	sum := path
+	// Use the checksum of the followed path(not the possible symlink) because
+	// this is the file that is actually copied.
+	if tsInfo := c.sums.GetFile(rel); tsInfo != nil {
+		sum = tsInfo.Sum()
+	}
+	fi := &HashedFileInfo{PathFileInfo{st, fullpath, filepath.Base(cleanpath)}, sum}
+	return rel, fi, nil
+}
+
+// MakeTarSumContext returns a build Context from a tar stream.
+//
+// It extracts the tar stream to a temporary folder that is deleted as soon as
+// the Context is closed.
+// As the extraction happens, a tarsum is calculated for every file, and the set of
+// all those sums then becomes the source of truth for all operations on this Context.
+//
+// Closing tarStream has to be done by the caller.
+func MakeTarSumContext(tarStream io.Reader) (ModifiableContext, error) {
+	root, err := ioutils.TempDir("", "docker-builder")
+	if err != nil {
+		return nil, err
+	}
+
+	tsc := &tarSumContext{root: root}
+
+	// Make sure we clean-up upon error.  In the happy case the caller
+	// is expected to manage the clean-up
+	defer func() {
+		if err != nil {
+			tsc.Close()
+		}
+	}()
+
+	decompressedStream, err := archive.DecompressStream(tarStream)
+	if err != nil {
+		return nil, err
+	}
+
+	sum, err := tarsum.NewTarSum(decompressedStream, true, tarsum.Version1)
+	if err != nil {
+		return nil, err
+	}
+
+	if err := chrootarchive.Untar(sum, root, nil); err != nil {
+		return nil, err
+	}
+
+	tsc.sums = sum.GetSums()
+
+	return tsc, nil
+}
+
+func (c *tarSumContext) normalize(path string) (cleanpath, fullpath string, err error) {
+	cleanpath = filepath.Clean(string(os.PathSeparator) + path)[1:]
+	fullpath, err = symlink.FollowSymlinkInScope(filepath.Join(c.root, path), c.root)
+	if err != nil {
+		return "", "", fmt.Errorf("Forbidden path outside the build context: %s (%s)", path, fullpath)
+	}
+	_, err = os.Lstat(fullpath)
+	if err != nil {
+		return "", "", convertPathError(err, path)
+	}
+	return
+}
+
+func (c *tarSumContext) Walk(root string, walkFn WalkFunc) error {
+	root = filepath.Join(c.root, filepath.Join(string(filepath.Separator), root))
+	return filepath.Walk(root, func(fullpath string, info os.FileInfo, err error) error {
+		rel, err := filepath.Rel(c.root, fullpath)
+		if err != nil {
+			return err
+		}
+		if rel == "." {
+			return nil
+		}
+
+		sum := rel
+		if tsInfo := c.sums.GetFile(rel); tsInfo != nil {
+			sum = tsInfo.Sum()
+		}
+		fi := &HashedFileInfo{PathFileInfo{FileInfo: info, FilePath: fullpath}, sum}
+		if err := walkFn(rel, fi, nil); err != nil {
+			return err
+		}
+		return nil
+	})
+}
+
+func (c *tarSumContext) Remove(path string) error {
+	_, fullpath, err := c.normalize(path)
+	if err != nil {
+		return err
+	}
+	return os.RemoveAll(fullpath)
+}
diff --git a/cli/cli.go b/cli/cli.go
new file mode 100644
index 00000000..8e559fc3
--- /dev/null
+++ b/cli/cli.go
@@ -0,0 +1,200 @@
+package cli
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"os"
+	"reflect"
+	"strings"
+
+	flag "github.com/docker/docker/pkg/mflag"
+)
+
+// Cli represents a command line interface.
+type Cli struct {
+	Stderr   io.Writer
+	handlers []Handler
+	Usage    func()
+}
+
+// Handler holds the different commands Cli will call
+// It should have methods with names starting with `Cmd` like:
+// 	func (h myHandler) CmdFoo(args ...string) error
+type Handler interface{}
+
+// Initializer can be optionally implemented by a Handler to
+// initialize before each call to one of its commands.
+type Initializer interface {
+	Initialize() error
+}
+
+// New instantiates a ready-to-use Cli.
+func New(handlers ...Handler) *Cli {
+	// make the generic Cli object the first cli handler
+	// in order to handle `docker help` appropriately
+	cli := new(Cli)
+	cli.handlers = append([]Handler{cli}, handlers...)
+	return cli
+}
+
+// initErr is an error returned upon initialization of a handler implementing Initializer.
+type initErr struct{ error }
+
+func (err initErr) Error() string {
+	return err.Error()
+}
+
+func (cli *Cli) command(args ...string) (func(...string) error, error) {
+	for _, c := range cli.handlers {
+		if c == nil {
+			continue
+		}
+		camelArgs := make([]string, len(args))
+		for i, s := range args {
+			if len(s) == 0 {
+				return nil, errors.New("empty command")
+			}
+			camelArgs[i] = strings.ToUpper(s[:1]) + strings.ToLower(s[1:])
+		}
+		methodName := "Cmd" + strings.Join(camelArgs, "")
+		method := reflect.ValueOf(c).MethodByName(methodName)
+		if method.IsValid() {
+			if c, ok := c.(Initializer); ok {
+				if err := c.Initialize(); err != nil {
+					return nil, initErr{err}
+				}
+			}
+			return method.Interface().(func(...string) error), nil
+		}
+	}
+	return nil, errors.New("command not found")
+}
+
+// Run executes the specified command.
+func (cli *Cli) Run(args ...string) error {
+	if len(args) > 1 {
+		command, err := cli.command(args[:2]...)
+		switch err := err.(type) {
+		case nil:
+			return command(args[2:]...)
+		case initErr:
+			return err.error
+		}
+	}
+	if len(args) > 0 {
+		command, err := cli.command(args[0])
+		switch err := err.(type) {
+		case nil:
+			return command(args[1:]...)
+		case initErr:
+			return err.error
+		}
+		cli.noSuchCommand(args[0])
+	}
+	return cli.CmdHelp()
+}
+
+func (cli *Cli) noSuchCommand(command string) {
+	if cli.Stderr == nil {
+		cli.Stderr = os.Stderr
+	}
+	fmt.Fprintf(cli.Stderr, "docker: '%s' is not a docker command.\nSee 'docker --help'.\n", command)
+	os.Exit(1)
+}
+
+// CmdHelp displays information on a Docker command.
+//
+// If more than one command is specified, information is only shown for the first command.
+//
+// Usage: docker help COMMAND or docker COMMAND --help
+func (cli *Cli) CmdHelp(args ...string) error {
+	if len(args) > 1 {
+		command, err := cli.command(args[:2]...)
+		switch err := err.(type) {
+		case nil:
+			command("--help")
+			return nil
+		case initErr:
+			return err.error
+		}
+	}
+	if len(args) > 0 {
+		command, err := cli.command(args[0])
+		switch err := err.(type) {
+		case nil:
+			command("--help")
+			return nil
+		case initErr:
+			return err.error
+		}
+		cli.noSuchCommand(args[0])
+	}
+
+	if cli.Usage == nil {
+		flag.Usage()
+	} else {
+		cli.Usage()
+	}
+
+	return nil
+}
+
+// Subcmd is a subcommand of the main "docker" command.
+// A subcommand represents an action that can be performed
+// from the Docker command line client.
+//
+// To see all available subcommands, run "docker --help".
+func Subcmd(name string, synopses []string, description string, exitOnError bool) *flag.FlagSet {
+	var errorHandling flag.ErrorHandling
+	if exitOnError {
+		errorHandling = flag.ExitOnError
+	} else {
+		errorHandling = flag.ContinueOnError
+	}
+	flags := flag.NewFlagSet(name, errorHandling)
+	flags.Usage = func() {
+		flags.ShortUsage()
+		flags.PrintDefaults()
+	}
+
+	flags.ShortUsage = func() {
+		options := ""
+		if flags.FlagCountUndeprecated() > 0 {
+			options = " [OPTIONS]"
+		}
+
+		if len(synopses) == 0 {
+			synopses = []string{""}
+		}
+
+		// Allow for multiple command usage synopses.
+		for i, synopsis := range synopses {
+			lead := "\t"
+			if i == 0 {
+				// First line needs the word 'Usage'.
+				lead = "Usage:\t"
+			}
+
+			if synopsis != "" {
+				synopsis = " " + synopsis
+			}
+
+			fmt.Fprintf(flags.Out(), "\n%sdocker %s%s%s", lead, name, options, synopsis)
+		}
+
+		fmt.Fprintf(flags.Out(), "\n\n%s\n", description)
+	}
+
+	return flags
+}
+
+// An StatusError reports an unsuccessful exit by a command.
+type StatusError struct {
+	Status     string
+	StatusCode int
+}
+
+func (e StatusError) Error() string {
+	return fmt.Sprintf("Status: %s, Code: %d", e.Status, e.StatusCode)
+}
diff --git a/cli/client.go b/cli/client.go
new file mode 100644
index 00000000..6a82eb52
--- /dev/null
+++ b/cli/client.go
@@ -0,0 +1,12 @@
+package cli
+
+import flag "github.com/docker/docker/pkg/mflag"
+
+// ClientFlags represents flags for the docker client.
+type ClientFlags struct {
+	FlagSet   *flag.FlagSet
+	Common    *CommonFlags
+	PostParse func()
+
+	ConfigDir string
+}
diff --git a/cli/common.go b/cli/common.go
new file mode 100644
index 00000000..7f6a24ba
--- /dev/null
+++ b/cli/common.go
@@ -0,0 +1,80 @@
+package cli
+
+import (
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/go-connections/tlsconfig"
+)
+
+// CommonFlags represents flags that are common to both the client and the daemon.
+type CommonFlags struct {
+	FlagSet   *flag.FlagSet
+	PostParse func()
+
+	Debug      bool
+	Hosts      []string
+	LogLevel   string
+	TLS        bool
+	TLSVerify  bool
+	TLSOptions *tlsconfig.Options
+	TrustKey   string
+}
+
+// Command is the struct containing the command name and description
+type Command struct {
+	Name        string
+	Description string
+}
+
+var dockerCommands = []Command{
+	{"attach", "Attach to a running container"},
+	{"build", "Build an image from a Dockerfile"},
+	{"commit", "Create a new image from a container's changes"},
+	{"cp", "Copy files/folders between a container and the local filesystem"},
+	{"create", "Create a new container"},
+	{"diff", "Inspect changes on a container's filesystem"},
+	{"events", "Get real time events from the server"},
+	{"exec", "Run a command in a running container"},
+	{"export", "Export a container's filesystem as a tar archive"},
+	{"history", "Show the history of an image"},
+	{"images", "List images"},
+	{"import", "Import the contents from a tarball to create a filesystem image"},
+	{"info", "Display system-wide information"},
+	{"inspect", "Return low-level information on a container or image"},
+	{"kill", "Kill a running container"},
+	{"load", "Load an image from a tar archive or STDIN"},
+	{"login", "Log in to a Docker registry"},
+	{"logout", "Log out from a Docker registry"},
+	{"logs", "Fetch the logs of a container"},
+	{"network", "Manage Docker networks"},
+	{"pause", "Pause all processes within a container"},
+	{"port", "List port mappings or a specific mapping for the CONTAINER"},
+	{"ps", "List containers"},
+	{"pull", "Pull an image or a repository from a registry"},
+	{"push", "Push an image or a repository to a registry"},
+	{"rename", "Rename a container"},
+	{"restart", "Restart a container"},
+	{"rm", "Remove one or more containers"},
+	{"rmi", "Remove one or more images"},
+	{"run", "Run a command in a new container"},
+	{"save", "Save one or more images to a tar archive"},
+	{"search", "Search the Docker Hub for images"},
+	{"start", "Start one or more stopped containers"},
+	{"stats", "Display a live stream of container(s) resource usage statistics"},
+	{"stop", "Stop a running container"},
+	{"tag", "Tag an image into a repository"},
+	{"top", "Display the running processes of a container"},
+	{"unpause", "Unpause all processes within a container"},
+	{"update", "Update configuration of one or more containers"},
+	{"version", "Show the Docker version information"},
+	{"volume", "Manage Docker volumes"},
+	{"wait", "Block until a container stops, then print its exit code"},
+}
+
+// DockerCommands stores all the docker command
+var DockerCommands = make(map[string]Command)
+
+func init() {
+	for _, cmd := range dockerCommands {
+		DockerCommands[cmd.Name] = cmd
+	}
+}
diff --git a/cliconfig/config.go b/cliconfig/config.go
new file mode 100644
index 00000000..54e0ea38
--- /dev/null
+++ b/cliconfig/config.go
@@ -0,0 +1,289 @@
+package cliconfig
+
+import (
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/docker/docker/pkg/homedir"
+	"github.com/docker/engine-api/types"
+)
+
+const (
+	// ConfigFileName is the name of config file
+	ConfigFileName = "config.json"
+	configFileDir  = ".docker"
+	oldConfigfile  = ".dockercfg"
+
+	// This constant is only used for really old config files when the
+	// URL wasn't saved as part of the config file and it was just
+	// assumed to be this value.
+	defaultIndexserver = "https://index.docker.io/v1/"
+)
+
+var (
+	configDir = os.Getenv("DOCKER_CONFIG")
+)
+
+func init() {
+	if configDir == "" {
+		configDir = filepath.Join(homedir.Get(), configFileDir)
+	}
+}
+
+// ConfigDir returns the directory the configuration file is stored in
+func ConfigDir() string {
+	return configDir
+}
+
+// SetConfigDir sets the directory the configuration file is stored in
+func SetConfigDir(dir string) {
+	configDir = dir
+}
+
+// ConfigFile ~/.docker/config.json file info
+type ConfigFile struct {
+	AuthConfigs      map[string]types.AuthConfig `json:"auths"`
+	HTTPHeaders      map[string]string           `json:"HttpHeaders,omitempty"`
+	PsFormat         string                      `json:"psFormat,omitempty"`
+	ImagesFormat     string                      `json:"imagesFormat,omitempty"`
+	DetachKeys       string                      `json:"detachKeys,omitempty"`
+	CredentialsStore string                      `json:"credsStore,omitempty"`
+	filename         string                      // Note: not serialized - for internal use only
+}
+
+// NewConfigFile initializes an empty configuration file for the given filename 'fn'
+func NewConfigFile(fn string) *ConfigFile {
+	return &ConfigFile{
+		AuthConfigs: make(map[string]types.AuthConfig),
+		HTTPHeaders: make(map[string]string),
+		filename:    fn,
+	}
+}
+
+// LegacyLoadFromReader reads the non-nested configuration data given and sets up the
+// auth config information with given directory and populates the receiver object
+func (configFile *ConfigFile) LegacyLoadFromReader(configData io.Reader) error {
+	b, err := ioutil.ReadAll(configData)
+	if err != nil {
+		return err
+	}
+
+	if err := json.Unmarshal(b, &configFile.AuthConfigs); err != nil {
+		arr := strings.Split(string(b), "\n")
+		if len(arr) < 2 {
+			return fmt.Errorf("The Auth config file is empty")
+		}
+		authConfig := types.AuthConfig{}
+		origAuth := strings.Split(arr[0], " = ")
+		if len(origAuth) != 2 {
+			return fmt.Errorf("Invalid Auth config file")
+		}
+		authConfig.Username, authConfig.Password, err = decodeAuth(origAuth[1])
+		if err != nil {
+			return err
+		}
+		authConfig.ServerAddress = defaultIndexserver
+		configFile.AuthConfigs[defaultIndexserver] = authConfig
+	} else {
+		for k, authConfig := range configFile.AuthConfigs {
+			authConfig.Username, authConfig.Password, err = decodeAuth(authConfig.Auth)
+			if err != nil {
+				return err
+			}
+			authConfig.Auth = ""
+			authConfig.ServerAddress = k
+			configFile.AuthConfigs[k] = authConfig
+		}
+	}
+	return nil
+}
+
+// LoadFromReader reads the configuration data given and sets up the auth config
+// information with given directory and populates the receiver object
+func (configFile *ConfigFile) LoadFromReader(configData io.Reader) error {
+	if err := json.NewDecoder(configData).Decode(&configFile); err != nil {
+		return err
+	}
+	var err error
+	for addr, ac := range configFile.AuthConfigs {
+		ac.Username, ac.Password, err = decodeAuth(ac.Auth)
+		if err != nil {
+			return err
+		}
+		ac.Auth = ""
+		ac.ServerAddress = addr
+		configFile.AuthConfigs[addr] = ac
+	}
+	return nil
+}
+
+// ContainsAuth returns whether there is authentication configured
+// in this file or not.
+func (configFile *ConfigFile) ContainsAuth() bool {
+	return configFile.CredentialsStore != "" ||
+		(configFile.AuthConfigs != nil && len(configFile.AuthConfigs) > 0)
+}
+
+// LegacyLoadFromReader is a convenience function that creates a ConfigFile object from
+// a non-nested reader
+func LegacyLoadFromReader(configData io.Reader) (*ConfigFile, error) {
+	configFile := ConfigFile{
+		AuthConfigs: make(map[string]types.AuthConfig),
+	}
+	err := configFile.LegacyLoadFromReader(configData)
+	return &configFile, err
+}
+
+// LoadFromReader is a convenience function that creates a ConfigFile object from
+// a reader
+func LoadFromReader(configData io.Reader) (*ConfigFile, error) {
+	configFile := ConfigFile{
+		AuthConfigs: make(map[string]types.AuthConfig),
+	}
+	err := configFile.LoadFromReader(configData)
+	return &configFile, err
+}
+
+// Load reads the configuration files in the given directory, and sets up
+// the auth config information and return values.
+// FIXME: use the internal golang config parser
+func Load(configDir string) (*ConfigFile, error) {
+	if configDir == "" {
+		configDir = ConfigDir()
+	}
+
+	configFile := ConfigFile{
+		AuthConfigs: make(map[string]types.AuthConfig),
+		filename:    filepath.Join(configDir, ConfigFileName),
+	}
+
+	// Try happy path first - latest config file
+	if _, err := os.Stat(configFile.filename); err == nil {
+		file, err := os.Open(configFile.filename)
+		if err != nil {
+			return &configFile, fmt.Errorf("%s - %v", configFile.filename, err)
+		}
+		defer file.Close()
+		err = configFile.LoadFromReader(file)
+		if err != nil {
+			err = fmt.Errorf("%s - %v", configFile.filename, err)
+		}
+		return &configFile, err
+	} else if !os.IsNotExist(err) {
+		// if file is there but we can't stat it for any reason other
+		// than it doesn't exist then stop
+		return &configFile, fmt.Errorf("%s - %v", configFile.filename, err)
+	}
+
+	// Can't find latest config file so check for the old one
+	confFile := filepath.Join(homedir.Get(), oldConfigfile)
+	if _, err := os.Stat(confFile); err != nil {
+		return &configFile, nil //missing file is not an error
+	}
+	file, err := os.Open(confFile)
+	if err != nil {
+		return &configFile, fmt.Errorf("%s - %v", confFile, err)
+	}
+	defer file.Close()
+	err = configFile.LegacyLoadFromReader(file)
+	if err != nil {
+		return &configFile, fmt.Errorf("%s - %v", confFile, err)
+	}
+
+	if configFile.HTTPHeaders == nil {
+		configFile.HTTPHeaders = map[string]string{}
+	}
+	return &configFile, nil
+}
+
+// SaveToWriter encodes and writes out all the authorization information to
+// the given writer
+func (configFile *ConfigFile) SaveToWriter(writer io.Writer) error {
+	// Encode sensitive data into a new/temp struct
+	tmpAuthConfigs := make(map[string]types.AuthConfig, len(configFile.AuthConfigs))
+	for k, authConfig := range configFile.AuthConfigs {
+		authCopy := authConfig
+		// encode and save the authstring, while blanking out the original fields
+		authCopy.Auth = encodeAuth(&authCopy)
+		authCopy.Username = ""
+		authCopy.Password = ""
+		authCopy.ServerAddress = ""
+		tmpAuthConfigs[k] = authCopy
+	}
+
+	saveAuthConfigs := configFile.AuthConfigs
+	configFile.AuthConfigs = tmpAuthConfigs
+	defer func() { configFile.AuthConfigs = saveAuthConfigs }()
+
+	data, err := json.MarshalIndent(configFile, "", "\t")
+	if err != nil {
+		return err
+	}
+	_, err = writer.Write(data)
+	return err
+}
+
+// Save encodes and writes out all the authorization information
+func (configFile *ConfigFile) Save() error {
+	if configFile.Filename() == "" {
+		return fmt.Errorf("Can't save config with empty filename")
+	}
+
+	if err := os.MkdirAll(filepath.Dir(configFile.filename), 0700); err != nil {
+		return err
+	}
+	f, err := os.OpenFile(configFile.filename, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+	return configFile.SaveToWriter(f)
+}
+
+// Filename returns the name of the configuration file
+func (configFile *ConfigFile) Filename() string {
+	return configFile.filename
+}
+
+// encodeAuth creates a base64 encoded string to containing authorization information
+func encodeAuth(authConfig *types.AuthConfig) string {
+	if authConfig.Username == "" && authConfig.Password == "" {
+		return ""
+	}
+
+	authStr := authConfig.Username + ":" + authConfig.Password
+	msg := []byte(authStr)
+	encoded := make([]byte, base64.StdEncoding.EncodedLen(len(msg)))
+	base64.StdEncoding.Encode(encoded, msg)
+	return string(encoded)
+}
+
+// decodeAuth decodes a base64 encoded string and returns username and password
+func decodeAuth(authStr string) (string, string, error) {
+	if authStr == "" {
+		return "", "", nil
+	}
+
+	decLen := base64.StdEncoding.DecodedLen(len(authStr))
+	decoded := make([]byte, decLen)
+	authByte := []byte(authStr)
+	n, err := base64.StdEncoding.Decode(decoded, authByte)
+	if err != nil {
+		return "", "", err
+	}
+	if n > decLen {
+		return "", "", fmt.Errorf("Something went wrong decoding auth config")
+	}
+	arr := strings.SplitN(string(decoded), ":", 2)
+	if len(arr) != 2 {
+		return "", "", fmt.Errorf("Invalid auth configuration file")
+	}
+	password := strings.Trim(arr[1], "\x00")
+	return arr[0], password, nil
+}
diff --git a/cliconfig/config_test.go b/cliconfig/config_test.go
new file mode 100644
index 00000000..30c17770
--- /dev/null
+++ b/cliconfig/config_test.go
@@ -0,0 +1,565 @@
+package cliconfig
+
+import (
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"strings"
+	"testing"
+
+	"github.com/docker/docker/pkg/homedir"
+	"github.com/docker/engine-api/types"
+)
+
+func TestEmptyConfigDir(t *testing.T) {
+	tmpHome, err := ioutil.TempDir("", "config-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpHome)
+
+	SetConfigDir(tmpHome)
+
+	config, err := Load("")
+	if err != nil {
+		t.Fatalf("Failed loading on empty config dir: %q", err)
+	}
+
+	expectedConfigFilename := filepath.Join(tmpHome, ConfigFileName)
+	if config.Filename() != expectedConfigFilename {
+		t.Fatalf("Expected config filename %s, got %s", expectedConfigFilename, config.Filename())
+	}
+
+	// Now save it and make sure it shows up in new form
+	saveConfigAndValidateNewFormat(t, config, tmpHome)
+}
+
+func TestMissingFile(t *testing.T) {
+	tmpHome, err := ioutil.TempDir("", "config-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpHome)
+
+	config, err := Load(tmpHome)
+	if err != nil {
+		t.Fatalf("Failed loading on missing file: %q", err)
+	}
+
+	// Now save it and make sure it shows up in new form
+	saveConfigAndValidateNewFormat(t, config, tmpHome)
+}
+
+func TestSaveFileToDirs(t *testing.T) {
+	tmpHome, err := ioutil.TempDir("", "config-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpHome)
+
+	tmpHome += "/.docker"
+
+	config, err := Load(tmpHome)
+	if err != nil {
+		t.Fatalf("Failed loading on missing file: %q", err)
+	}
+
+	// Now save it and make sure it shows up in new form
+	saveConfigAndValidateNewFormat(t, config, tmpHome)
+}
+
+func TestEmptyFile(t *testing.T) {
+	tmpHome, err := ioutil.TempDir("", "config-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpHome)
+
+	fn := filepath.Join(tmpHome, ConfigFileName)
+	if err := ioutil.WriteFile(fn, []byte(""), 0600); err != nil {
+		t.Fatal(err)
+	}
+
+	_, err = Load(tmpHome)
+	if err == nil {
+		t.Fatalf("Was supposed to fail")
+	}
+}
+
+func TestEmptyJson(t *testing.T) {
+	tmpHome, err := ioutil.TempDir("", "config-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpHome)
+
+	fn := filepath.Join(tmpHome, ConfigFileName)
+	if err := ioutil.WriteFile(fn, []byte("{}"), 0600); err != nil {
+		t.Fatal(err)
+	}
+
+	config, err := Load(tmpHome)
+	if err != nil {
+		t.Fatalf("Failed loading on empty json file: %q", err)
+	}
+
+	// Now save it and make sure it shows up in new form
+	saveConfigAndValidateNewFormat(t, config, tmpHome)
+}
+
+func TestOldInvalidsAuth(t *testing.T) {
+	invalids := map[string]string{
+		`username = test`: "The Auth config file is empty",
+		`username
+password`: "Invalid Auth config file",
+		`username = test
+email`: "Invalid auth configuration file",
+	}
+
+	tmpHome, err := ioutil.TempDir("", "config-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpHome)
+
+	homeKey := homedir.Key()
+	homeVal := homedir.Get()
+
+	defer func() { os.Setenv(homeKey, homeVal) }()
+	os.Setenv(homeKey, tmpHome)
+
+	for content, expectedError := range invalids {
+		fn := filepath.Join(tmpHome, oldConfigfile)
+		if err := ioutil.WriteFile(fn, []byte(content), 0600); err != nil {
+			t.Fatal(err)
+		}
+
+		config, err := Load(tmpHome)
+		// Use Contains instead of == since the file name will change each time
+		if err == nil || !strings.Contains(err.Error(), expectedError) {
+			t.Fatalf("Should have failed\nConfig: %v\nGot: %v\nExpected: %v", config, err, expectedError)
+		}
+
+	}
+}
+
+func TestOldValidAuth(t *testing.T) {
+	tmpHome, err := ioutil.TempDir("", "config-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpHome)
+
+	homeKey := homedir.Key()
+	homeVal := homedir.Get()
+
+	defer func() { os.Setenv(homeKey, homeVal) }()
+	os.Setenv(homeKey, tmpHome)
+
+	fn := filepath.Join(tmpHome, oldConfigfile)
+	js := `username = am9lam9lOmhlbGxv
+	email = user@example.com`
+	if err := ioutil.WriteFile(fn, []byte(js), 0600); err != nil {
+		t.Fatal(err)
+	}
+
+	config, err := Load(tmpHome)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// defaultIndexserver is https://index.docker.io/v1/
+	ac := config.AuthConfigs["https://index.docker.io/v1/"]
+	if ac.Username != "joejoe" || ac.Password != "hello" {
+		t.Fatalf("Missing data from parsing:\n%q", config)
+	}
+
+	// Now save it and make sure it shows up in new form
+	configStr := saveConfigAndValidateNewFormat(t, config, tmpHome)
+
+	expConfStr := `{
+	"auths": {
+		"https://index.docker.io/v1/": {
+			"auth": "am9lam9lOmhlbGxv"
+		}
+	}
+}`
+
+	if configStr != expConfStr {
+		t.Fatalf("Should have save in new form: \n%s\n not \n%s", configStr, expConfStr)
+	}
+}
+
+func TestOldJsonInvalid(t *testing.T) {
+	tmpHome, err := ioutil.TempDir("", "config-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpHome)
+
+	homeKey := homedir.Key()
+	homeVal := homedir.Get()
+
+	defer func() { os.Setenv(homeKey, homeVal) }()
+	os.Setenv(homeKey, tmpHome)
+
+	fn := filepath.Join(tmpHome, oldConfigfile)
+	js := `{"https://index.docker.io/v1/":{"auth":"test","email":"user@example.com"}}`
+	if err := ioutil.WriteFile(fn, []byte(js), 0600); err != nil {
+		t.Fatal(err)
+	}
+
+	config, err := Load(tmpHome)
+	// Use Contains instead of == since the file name will change each time
+	if err == nil || !strings.Contains(err.Error(), "Invalid auth configuration file") {
+		t.Fatalf("Expected an error got : %v, %v", config, err)
+	}
+}
+
+func TestOldJson(t *testing.T) {
+	tmpHome, err := ioutil.TempDir("", "config-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpHome)
+
+	homeKey := homedir.Key()
+	homeVal := homedir.Get()
+
+	defer func() { os.Setenv(homeKey, homeVal) }()
+	os.Setenv(homeKey, tmpHome)
+
+	fn := filepath.Join(tmpHome, oldConfigfile)
+	js := `{"https://index.docker.io/v1/":{"auth":"am9lam9lOmhlbGxv","email":"user@example.com"}}`
+	if err := ioutil.WriteFile(fn, []byte(js), 0600); err != nil {
+		t.Fatal(err)
+	}
+
+	config, err := Load(tmpHome)
+	if err != nil {
+		t.Fatalf("Failed loading on empty json file: %q", err)
+	}
+
+	ac := config.AuthConfigs["https://index.docker.io/v1/"]
+	if ac.Username != "joejoe" || ac.Password != "hello" {
+		t.Fatalf("Missing data from parsing:\n%q", config)
+	}
+
+	// Now save it and make sure it shows up in new form
+	configStr := saveConfigAndValidateNewFormat(t, config, tmpHome)
+
+	expConfStr := `{
+	"auths": {
+		"https://index.docker.io/v1/": {
+			"auth": "am9lam9lOmhlbGxv",
+			"email": "user@example.com"
+		}
+	}
+}`
+
+	if configStr != expConfStr {
+		t.Fatalf("Should have save in new form: \n'%s'\n not \n'%s'\n", configStr, expConfStr)
+	}
+}
+
+func TestNewJson(t *testing.T) {
+	tmpHome, err := ioutil.TempDir("", "config-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpHome)
+
+	fn := filepath.Join(tmpHome, ConfigFileName)
+	js := ` { "auths": { "https://index.docker.io/v1/": { "auth": "am9lam9lOmhlbGxv" } } }`
+	if err := ioutil.WriteFile(fn, []byte(js), 0600); err != nil {
+		t.Fatal(err)
+	}
+
+	config, err := Load(tmpHome)
+	if err != nil {
+		t.Fatalf("Failed loading on empty json file: %q", err)
+	}
+
+	ac := config.AuthConfigs["https://index.docker.io/v1/"]
+	if ac.Username != "joejoe" || ac.Password != "hello" {
+		t.Fatalf("Missing data from parsing:\n%q", config)
+	}
+
+	// Now save it and make sure it shows up in new form
+	configStr := saveConfigAndValidateNewFormat(t, config, tmpHome)
+
+	expConfStr := `{
+	"auths": {
+		"https://index.docker.io/v1/": {
+			"auth": "am9lam9lOmhlbGxv"
+		}
+	}
+}`
+
+	if configStr != expConfStr {
+		t.Fatalf("Should have save in new form: \n%s\n not \n%s", configStr, expConfStr)
+	}
+}
+
+func TestNewJsonNoEmail(t *testing.T) {
+	tmpHome, err := ioutil.TempDir("", "config-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpHome)
+
+	fn := filepath.Join(tmpHome, ConfigFileName)
+	js := ` { "auths": { "https://index.docker.io/v1/": { "auth": "am9lam9lOmhlbGxv" } } }`
+	if err := ioutil.WriteFile(fn, []byte(js), 0600); err != nil {
+		t.Fatal(err)
+	}
+
+	config, err := Load(tmpHome)
+	if err != nil {
+		t.Fatalf("Failed loading on empty json file: %q", err)
+	}
+
+	ac := config.AuthConfigs["https://index.docker.io/v1/"]
+	if ac.Username != "joejoe" || ac.Password != "hello" {
+		t.Fatalf("Missing data from parsing:\n%q", config)
+	}
+
+	// Now save it and make sure it shows up in new form
+	configStr := saveConfigAndValidateNewFormat(t, config, tmpHome)
+
+	expConfStr := `{
+	"auths": {
+		"https://index.docker.io/v1/": {
+			"auth": "am9lam9lOmhlbGxv"
+		}
+	}
+}`
+
+	if configStr != expConfStr {
+		t.Fatalf("Should have save in new form: \n%s\n not \n%s", configStr, expConfStr)
+	}
+}
+
+func TestJsonWithPsFormat(t *testing.T) {
+	tmpHome, err := ioutil.TempDir("", "config-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpHome)
+
+	fn := filepath.Join(tmpHome, ConfigFileName)
+	js := `{
+		"auths": { "https://index.docker.io/v1/": { "auth": "am9lam9lOmhlbGxv", "email": "user@example.com" } },
+		"psFormat": "table {{.ID}}\\t{{.Label \"com.docker.label.cpu\"}}"
+}`
+	if err := ioutil.WriteFile(fn, []byte(js), 0600); err != nil {
+		t.Fatal(err)
+	}
+
+	config, err := Load(tmpHome)
+	if err != nil {
+		t.Fatalf("Failed loading on empty json file: %q", err)
+	}
+
+	if config.PsFormat != `table {{.ID}}\t{{.Label "com.docker.label.cpu"}}` {
+		t.Fatalf("Unknown ps format: %s\n", config.PsFormat)
+	}
+
+	// Now save it and make sure it shows up in new form
+	configStr := saveConfigAndValidateNewFormat(t, config, tmpHome)
+	if !strings.Contains(configStr, `"psFormat":`) ||
+		!strings.Contains(configStr, "{{.ID}}") {
+		t.Fatalf("Should have save in new form: %s", configStr)
+	}
+}
+
+// Save it and make sure it shows up in new form
+func saveConfigAndValidateNewFormat(t *testing.T, config *ConfigFile, homeFolder string) string {
+	if err := config.Save(); err != nil {
+		t.Fatalf("Failed to save: %q", err)
+	}
+
+	buf, err := ioutil.ReadFile(filepath.Join(homeFolder, ConfigFileName))
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !strings.Contains(string(buf), `"auths":`) {
+		t.Fatalf("Should have save in new form: %s", string(buf))
+	}
+	return string(buf)
+}
+
+func TestConfigDir(t *testing.T) {
+	tmpHome, err := ioutil.TempDir("", "config-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpHome)
+
+	if ConfigDir() == tmpHome {
+		t.Fatalf("Expected ConfigDir to be different than %s by default, but was the same", tmpHome)
+	}
+
+	// Update configDir
+	SetConfigDir(tmpHome)
+
+	if ConfigDir() != tmpHome {
+		t.Fatalf("Expected ConfigDir to %s, but was %s", tmpHome, ConfigDir())
+	}
+}
+
+func TestConfigFile(t *testing.T) {
+	configFilename := "configFilename"
+	configFile := NewConfigFile(configFilename)
+
+	if configFile.Filename() != configFilename {
+		t.Fatalf("Expected %s, got %s", configFilename, configFile.Filename())
+	}
+}
+
+func TestJsonReaderNoFile(t *testing.T) {
+	js := ` { "auths": { "https://index.docker.io/v1/": { "auth": "am9lam9lOmhlbGxv", "email": "user@example.com" } } }`
+
+	config, err := LoadFromReader(strings.NewReader(js))
+	if err != nil {
+		t.Fatalf("Failed loading on empty json file: %q", err)
+	}
+
+	ac := config.AuthConfigs["https://index.docker.io/v1/"]
+	if ac.Username != "joejoe" || ac.Password != "hello" {
+		t.Fatalf("Missing data from parsing:\n%q", config)
+	}
+
+}
+
+func TestOldJsonReaderNoFile(t *testing.T) {
+	js := `{"https://index.docker.io/v1/":{"auth":"am9lam9lOmhlbGxv","email":"user@example.com"}}`
+
+	config, err := LegacyLoadFromReader(strings.NewReader(js))
+	if err != nil {
+		t.Fatalf("Failed loading on empty json file: %q", err)
+	}
+
+	ac := config.AuthConfigs["https://index.docker.io/v1/"]
+	if ac.Username != "joejoe" || ac.Password != "hello" {
+		t.Fatalf("Missing data from parsing:\n%q", config)
+	}
+}
+
+func TestJsonWithPsFormatNoFile(t *testing.T) {
+	js := `{
+		"auths": { "https://index.docker.io/v1/": { "auth": "am9lam9lOmhlbGxv", "email": "user@example.com" } },
+		"psFormat": "table {{.ID}}\\t{{.Label \"com.docker.label.cpu\"}}"
+}`
+	config, err := LoadFromReader(strings.NewReader(js))
+	if err != nil {
+		t.Fatalf("Failed loading on empty json file: %q", err)
+	}
+
+	if config.PsFormat != `table {{.ID}}\t{{.Label "com.docker.label.cpu"}}` {
+		t.Fatalf("Unknown ps format: %s\n", config.PsFormat)
+	}
+
+}
+
+func TestJsonSaveWithNoFile(t *testing.T) {
+	js := `{
+		"auths": { "https://index.docker.io/v1/": { "auth": "am9lam9lOmhlbGxv" } },
+		"psFormat": "table {{.ID}}\\t{{.Label \"com.docker.label.cpu\"}}"
+}`
+	config, err := LoadFromReader(strings.NewReader(js))
+	err = config.Save()
+	if err == nil {
+		t.Fatalf("Expected error. File should not have been able to save with no file name.")
+	}
+
+	tmpHome, err := ioutil.TempDir("", "config-test")
+	if err != nil {
+		t.Fatalf("Failed to create a temp dir: %q", err)
+	}
+	defer os.RemoveAll(tmpHome)
+
+	fn := filepath.Join(tmpHome, ConfigFileName)
+	f, _ := os.OpenFile(fn, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
+	err = config.SaveToWriter(f)
+	if err != nil {
+		t.Fatalf("Failed saving to file: %q", err)
+	}
+	buf, err := ioutil.ReadFile(filepath.Join(tmpHome, ConfigFileName))
+	if err != nil {
+		t.Fatal(err)
+	}
+	expConfStr := `{
+	"auths": {
+		"https://index.docker.io/v1/": {
+			"auth": "am9lam9lOmhlbGxv"
+		}
+	},
+	"psFormat": "table {{.ID}}\\t{{.Label \"com.docker.label.cpu\"}}"
+}`
+	if string(buf) != expConfStr {
+		t.Fatalf("Should have save in new form: \n%s\nnot \n%s", string(buf), expConfStr)
+	}
+}
+
+func TestLegacyJsonSaveWithNoFile(t *testing.T) {
+
+	js := `{"https://index.docker.io/v1/":{"auth":"am9lam9lOmhlbGxv","email":"user@example.com"}}`
+	config, err := LegacyLoadFromReader(strings.NewReader(js))
+	err = config.Save()
+	if err == nil {
+		t.Fatalf("Expected error. File should not have been able to save with no file name.")
+	}
+
+	tmpHome, err := ioutil.TempDir("", "config-test")
+	if err != nil {
+		t.Fatalf("Failed to create a temp dir: %q", err)
+	}
+	defer os.RemoveAll(tmpHome)
+
+	fn := filepath.Join(tmpHome, ConfigFileName)
+	f, _ := os.OpenFile(fn, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
+	if err = config.SaveToWriter(f); err != nil {
+		t.Fatalf("Failed saving to file: %q", err)
+	}
+	buf, err := ioutil.ReadFile(filepath.Join(tmpHome, ConfigFileName))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	expConfStr := `{
+	"auths": {
+		"https://index.docker.io/v1/": {
+			"auth": "am9lam9lOmhlbGxv",
+			"email": "user@example.com"
+		}
+	}
+}`
+
+	if string(buf) != expConfStr {
+		t.Fatalf("Should have save in new form: \n%s\n not \n%s", string(buf), expConfStr)
+	}
+}
+
+func TestEncodeAuth(t *testing.T) {
+	newAuthConfig := &types.AuthConfig{Username: "ken", Password: "test"}
+	authStr := encodeAuth(newAuthConfig)
+	decAuthConfig := &types.AuthConfig{}
+	var err error
+	decAuthConfig.Username, decAuthConfig.Password, err = decodeAuth(authStr)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if newAuthConfig.Username != decAuthConfig.Username {
+		t.Fatal("Encode Username doesn't match decoded Username")
+	}
+	if newAuthConfig.Password != decAuthConfig.Password {
+		t.Fatal("Encode Password doesn't match decoded Password")
+	}
+	if authStr != "a2VuOnRlc3Q=" {
+		t.Fatal("AuthString encoding isn't correct.")
+	}
+}
diff --git a/cliconfig/credentials/credentials.go b/cliconfig/credentials/credentials.go
new file mode 100644
index 00000000..510cf8cf
--- /dev/null
+++ b/cliconfig/credentials/credentials.go
@@ -0,0 +1,17 @@
+package credentials
+
+import (
+	"github.com/docker/engine-api/types"
+)
+
+// Store is the interface that any credentials store must implement.
+type Store interface {
+	// Erase removes credentials from the store for a given server.
+	Erase(serverAddress string) error
+	// Get retrieves credentials from the store for a given server.
+	Get(serverAddress string) (types.AuthConfig, error)
+	// GetAll retrieves all the credentials from the store.
+	GetAll() (map[string]types.AuthConfig, error)
+	// Store saves credentials in the store.
+	Store(authConfig types.AuthConfig) error
+}
diff --git a/cliconfig/credentials/default_store.go b/cliconfig/credentials/default_store.go
new file mode 100644
index 00000000..b5fc47cc
--- /dev/null
+++ b/cliconfig/credentials/default_store.go
@@ -0,0 +1,22 @@
+package credentials
+
+import (
+	"os/exec"
+
+	"github.com/docker/docker/cliconfig"
+)
+
+// DetectDefaultStore sets the default credentials store
+// if the host includes the default store helper program.
+func DetectDefaultStore(c *cliconfig.ConfigFile) {
+	if c.CredentialsStore != "" {
+		// user defined
+		return
+	}
+
+	if defaultCredentialsStore != "" {
+		if _, err := exec.LookPath(remoteCredentialsPrefix + defaultCredentialsStore); err == nil {
+			c.CredentialsStore = defaultCredentialsStore
+		}
+	}
+}
diff --git a/cliconfig/credentials/default_store_darwin.go b/cliconfig/credentials/default_store_darwin.go
new file mode 100644
index 00000000..63e8ed40
--- /dev/null
+++ b/cliconfig/credentials/default_store_darwin.go
@@ -0,0 +1,3 @@
+package credentials
+
+const defaultCredentialsStore = "osxkeychain"
diff --git a/cliconfig/credentials/default_store_linux.go b/cliconfig/credentials/default_store_linux.go
new file mode 100644
index 00000000..864c540f
--- /dev/null
+++ b/cliconfig/credentials/default_store_linux.go
@@ -0,0 +1,3 @@
+package credentials
+
+const defaultCredentialsStore = "secretservice"
diff --git a/cliconfig/credentials/default_store_unsupported.go b/cliconfig/credentials/default_store_unsupported.go
new file mode 100644
index 00000000..519ef53d
--- /dev/null
+++ b/cliconfig/credentials/default_store_unsupported.go
@@ -0,0 +1,5 @@
+// +build !windows,!darwin,!linux
+
+package credentials
+
+const defaultCredentialsStore = ""
diff --git a/cliconfig/credentials/default_store_windows.go b/cliconfig/credentials/default_store_windows.go
new file mode 100644
index 00000000..fb6a9745
--- /dev/null
+++ b/cliconfig/credentials/default_store_windows.go
@@ -0,0 +1,3 @@
+package credentials
+
+const defaultCredentialsStore = "wincred"
diff --git a/cliconfig/credentials/file_store.go b/cliconfig/credentials/file_store.go
new file mode 100644
index 00000000..8e7edd62
--- /dev/null
+++ b/cliconfig/credentials/file_store.go
@@ -0,0 +1,67 @@
+package credentials
+
+import (
+	"strings"
+
+	"github.com/docker/docker/cliconfig"
+	"github.com/docker/engine-api/types"
+)
+
+// fileStore implements a credentials store using
+// the docker configuration file to keep the credentials in plain text.
+type fileStore struct {
+	file *cliconfig.ConfigFile
+}
+
+// NewFileStore creates a new file credentials store.
+func NewFileStore(file *cliconfig.ConfigFile) Store {
+	return &fileStore{
+		file: file,
+	}
+}
+
+// Erase removes the given credentials from the file store.
+func (c *fileStore) Erase(serverAddress string) error {
+	delete(c.file.AuthConfigs, serverAddress)
+	return c.file.Save()
+}
+
+// Get retrieves credentials for a specific server from the file store.
+func (c *fileStore) Get(serverAddress string) (types.AuthConfig, error) {
+	authConfig, ok := c.file.AuthConfigs[serverAddress]
+	if !ok {
+		// Maybe they have a legacy config file, we will iterate the keys converting
+		// them to the new format and testing
+		for registry, ac := range c.file.AuthConfigs {
+			if serverAddress == convertToHostname(registry) {
+				return ac, nil
+			}
+		}
+
+		authConfig = types.AuthConfig{}
+	}
+	return authConfig, nil
+}
+
+func (c *fileStore) GetAll() (map[string]types.AuthConfig, error) {
+	return c.file.AuthConfigs, nil
+}
+
+// Store saves the given credentials in the file store.
+func (c *fileStore) Store(authConfig types.AuthConfig) error {
+	c.file.AuthConfigs[authConfig.ServerAddress] = authConfig
+	return c.file.Save()
+}
+
+func convertToHostname(url string) string {
+	stripped := url
+	if strings.HasPrefix(url, "http://") {
+		stripped = strings.Replace(url, "http://", "", 1)
+	} else if strings.HasPrefix(url, "https://") {
+		stripped = strings.Replace(url, "https://", "", 1)
+	}
+
+	nameParts := strings.SplitN(stripped, "/", 2)
+
+	return nameParts[0]
+}
diff --git a/cliconfig/credentials/file_store_test.go b/cliconfig/credentials/file_store_test.go
new file mode 100644
index 00000000..668b6f09
--- /dev/null
+++ b/cliconfig/credentials/file_store_test.go
@@ -0,0 +1,138 @@
+package credentials
+
+import (
+	"io/ioutil"
+	"testing"
+
+	"github.com/docker/docker/cliconfig"
+	"github.com/docker/engine-api/types"
+)
+
+func newConfigFile(auths map[string]types.AuthConfig) *cliconfig.ConfigFile {
+	tmp, _ := ioutil.TempFile("", "docker-test")
+	name := tmp.Name()
+	tmp.Close()
+
+	c := cliconfig.NewConfigFile(name)
+	c.AuthConfigs = auths
+	return c
+}
+
+func TestFileStoreAddCredentials(t *testing.T) {
+	f := newConfigFile(make(map[string]types.AuthConfig))
+
+	s := NewFileStore(f)
+	err := s.Store(types.AuthConfig{
+		Auth:          "super_secret_token",
+		Email:         "foo@example.com",
+		ServerAddress: "https://example.com",
+	})
+
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(f.AuthConfigs) != 1 {
+		t.Fatalf("expected 1 auth config, got %d", len(f.AuthConfigs))
+	}
+
+	a, ok := f.AuthConfigs["https://example.com"]
+	if !ok {
+		t.Fatalf("expected auth for https://example.com, got %v", f.AuthConfigs)
+	}
+	if a.Auth != "super_secret_token" {
+		t.Fatalf("expected auth `super_secret_token`, got %s", a.Auth)
+	}
+	if a.Email != "foo@example.com" {
+		t.Fatalf("expected email `foo@example.com`, got %s", a.Email)
+	}
+}
+
+func TestFileStoreGet(t *testing.T) {
+	f := newConfigFile(map[string]types.AuthConfig{
+		"https://example.com": {
+			Auth:          "super_secret_token",
+			Email:         "foo@example.com",
+			ServerAddress: "https://example.com",
+		},
+	})
+
+	s := NewFileStore(f)
+	a, err := s.Get("https://example.com")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if a.Auth != "super_secret_token" {
+		t.Fatalf("expected auth `super_secret_token`, got %s", a.Auth)
+	}
+	if a.Email != "foo@example.com" {
+		t.Fatalf("expected email `foo@example.com`, got %s", a.Email)
+	}
+}
+
+func TestFileStoreGetAll(t *testing.T) {
+	s1 := "https://example.com"
+	s2 := "https://example2.com"
+	f := newConfigFile(map[string]types.AuthConfig{
+		s1: {
+			Auth:          "super_secret_token",
+			Email:         "foo@example.com",
+			ServerAddress: "https://example.com",
+		},
+		s2: {
+			Auth:          "super_secret_token2",
+			Email:         "foo@example2.com",
+			ServerAddress: "https://example2.com",
+		},
+	})
+
+	s := NewFileStore(f)
+	as, err := s.GetAll()
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(as) != 2 {
+		t.Fatalf("wanted 2, got %d", len(as))
+	}
+	if as[s1].Auth != "super_secret_token" {
+		t.Fatalf("expected auth `super_secret_token`, got %s", as[s1].Auth)
+	}
+	if as[s1].Email != "foo@example.com" {
+		t.Fatalf("expected email `foo@example.com`, got %s", as[s1].Email)
+	}
+	if as[s2].Auth != "super_secret_token2" {
+		t.Fatalf("expected auth `super_secret_token2`, got %s", as[s2].Auth)
+	}
+	if as[s2].Email != "foo@example2.com" {
+		t.Fatalf("expected email `foo@example2.com`, got %s", as[s2].Email)
+	}
+}
+
+func TestFileStoreErase(t *testing.T) {
+	f := newConfigFile(map[string]types.AuthConfig{
+		"https://example.com": {
+			Auth:          "super_secret_token",
+			Email:         "foo@example.com",
+			ServerAddress: "https://example.com",
+		},
+	})
+
+	s := NewFileStore(f)
+	err := s.Erase("https://example.com")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// file store never returns errors, check that the auth config is empty
+	a, err := s.Get("https://example.com")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if a.Auth != "" {
+		t.Fatalf("expected empty auth token, got %s", a.Auth)
+	}
+	if a.Email != "" {
+		t.Fatalf("expected empty email, got %s", a.Email)
+	}
+}
diff --git a/cliconfig/credentials/native_store.go b/cliconfig/credentials/native_store.go
new file mode 100644
index 00000000..9b8997dd
--- /dev/null
+++ b/cliconfig/credentials/native_store.go
@@ -0,0 +1,196 @@
+package credentials
+
+import (
+	"bytes"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/cliconfig"
+	"github.com/docker/engine-api/types"
+)
+
+const (
+	remoteCredentialsPrefix = "docker-credential-"
+	tokenUsername           = "<token>"
+)
+
+// Standarize the not found error, so every helper returns
+// the same message and docker can handle it properly.
+var errCredentialsNotFound = errors.New("credentials not found in native keychain")
+
+// command is an interface that remote executed commands implement.
+type command interface {
+	Output() ([]byte, error)
+	Input(in io.Reader)
+}
+
+// credentialsRequest holds information shared between docker and a remote credential store.
+type credentialsRequest struct {
+	ServerURL string
+	Username  string
+	Secret    string
+}
+
+// credentialsGetResponse is the information serialized from a remote store
+// when the plugin sends requests to get the user credentials.
+type credentialsGetResponse struct {
+	Username string
+	Secret   string
+}
+
+// nativeStore implements a credentials store
+// using native keychain to keep credentials secure.
+// It piggybacks into a file store to keep users' emails.
+type nativeStore struct {
+	commandFn func(args ...string) command
+	fileStore Store
+}
+
+// NewNativeStore creates a new native store that
+// uses a remote helper program to manage credentials.
+func NewNativeStore(file *cliconfig.ConfigFile) Store {
+	return &nativeStore{
+		commandFn: shellCommandFn(file.CredentialsStore),
+		fileStore: NewFileStore(file),
+	}
+}
+
+// Erase removes the given credentials from the native store.
+func (c *nativeStore) Erase(serverAddress string) error {
+	if err := c.eraseCredentialsFromStore(serverAddress); err != nil {
+		return err
+	}
+
+	// Fallback to plain text store to remove email
+	return c.fileStore.Erase(serverAddress)
+}
+
+// Get retrieves credentials for a specific server from the native store.
+func (c *nativeStore) Get(serverAddress string) (types.AuthConfig, error) {
+	// load user email if it exist or an empty auth config.
+	auth, _ := c.fileStore.Get(serverAddress)
+
+	creds, err := c.getCredentialsFromStore(serverAddress)
+	if err != nil {
+		return auth, err
+	}
+	auth.Username = creds.Username
+	auth.IdentityToken = creds.IdentityToken
+	auth.Password = creds.Password
+
+	return auth, nil
+}
+
+// GetAll retrieves all the credentials from the native store.
+func (c *nativeStore) GetAll() (map[string]types.AuthConfig, error) {
+	auths, _ := c.fileStore.GetAll()
+
+	for s, ac := range auths {
+		creds, _ := c.getCredentialsFromStore(s)
+		ac.Username = creds.Username
+		ac.Password = creds.Password
+		ac.IdentityToken = creds.IdentityToken
+		auths[s] = ac
+	}
+
+	return auths, nil
+}
+
+// Store saves the given credentials in the file store.
+func (c *nativeStore) Store(authConfig types.AuthConfig) error {
+	if err := c.storeCredentialsInStore(authConfig); err != nil {
+		return err
+	}
+	authConfig.Username = ""
+	authConfig.Password = ""
+	authConfig.IdentityToken = ""
+
+	// Fallback to old credential in plain text to save only the email
+	return c.fileStore.Store(authConfig)
+}
+
+// storeCredentialsInStore executes the command to store the credentials in the native store.
+func (c *nativeStore) storeCredentialsInStore(config types.AuthConfig) error {
+	cmd := c.commandFn("store")
+	creds := &credentialsRequest{
+		ServerURL: config.ServerAddress,
+		Username:  config.Username,
+		Secret:    config.Password,
+	}
+
+	if config.IdentityToken != "" {
+		creds.Username = tokenUsername
+		creds.Secret = config.IdentityToken
+	}
+
+	buffer := new(bytes.Buffer)
+	if err := json.NewEncoder(buffer).Encode(creds); err != nil {
+		return err
+	}
+	cmd.Input(buffer)
+
+	out, err := cmd.Output()
+	if err != nil {
+		t := strings.TrimSpace(string(out))
+		logrus.Debugf("error adding credentials - err: %v, out: `%s`", err, t)
+		return fmt.Errorf(t)
+	}
+
+	return nil
+}
+
+// getCredentialsFromStore executes the command to get the credentials from the native store.
+func (c *nativeStore) getCredentialsFromStore(serverAddress string) (types.AuthConfig, error) {
+	var ret types.AuthConfig
+
+	cmd := c.commandFn("get")
+	cmd.Input(strings.NewReader(serverAddress))
+
+	out, err := cmd.Output()
+	if err != nil {
+		t := strings.TrimSpace(string(out))
+
+		// do not return an error if the credentials are not
+		// in the keyckain. Let docker ask for new credentials.
+		if t == errCredentialsNotFound.Error() {
+			return ret, nil
+		}
+
+		logrus.Debugf("error getting credentials - err: %v, out: `%s`", err, t)
+		return ret, fmt.Errorf(t)
+	}
+
+	var resp credentialsGetResponse
+	if err := json.NewDecoder(bytes.NewReader(out)).Decode(&resp); err != nil {
+		return ret, err
+	}
+
+	if resp.Username == tokenUsername {
+		ret.IdentityToken = resp.Secret
+	} else {
+		ret.Password = resp.Secret
+		ret.Username = resp.Username
+	}
+
+	ret.ServerAddress = serverAddress
+	return ret, nil
+}
+
+// eraseCredentialsFromStore executes the command to remove the server credentails from the native store.
+func (c *nativeStore) eraseCredentialsFromStore(serverURL string) error {
+	cmd := c.commandFn("erase")
+	cmd.Input(strings.NewReader(serverURL))
+
+	out, err := cmd.Output()
+	if err != nil {
+		t := strings.TrimSpace(string(out))
+		logrus.Debugf("error erasing credentials - err: %v, out: `%s`", err, t)
+		return fmt.Errorf(t)
+	}
+
+	return nil
+}
diff --git a/cliconfig/credentials/native_store_test.go b/cliconfig/credentials/native_store_test.go
new file mode 100644
index 00000000..35422102
--- /dev/null
+++ b/cliconfig/credentials/native_store_test.go
@@ -0,0 +1,354 @@
+package credentials
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"strings"
+	"testing"
+
+	"github.com/docker/engine-api/types"
+)
+
+const (
+	validServerAddress   = "https://index.docker.io/v1"
+	validServerAddress2  = "https://example.com:5002"
+	invalidServerAddress = "https://foobar.example.com"
+	missingCredsAddress  = "https://missing.docker.io/v1"
+)
+
+var errCommandExited = fmt.Errorf("exited 1")
+
+// mockCommand simulates interactions between the docker client and a remote
+// credentials helper.
+// Unit tests inject this mocked command into the remote to control execution.
+type mockCommand struct {
+	arg   string
+	input io.Reader
+}
+
+// Output returns responses from the remote credentials helper.
+// It mocks those reponses based in the input in the mock.
+func (m *mockCommand) Output() ([]byte, error) {
+	in, err := ioutil.ReadAll(m.input)
+	if err != nil {
+		return nil, err
+	}
+	inS := string(in)
+
+	switch m.arg {
+	case "erase":
+		switch inS {
+		case validServerAddress:
+			return nil, nil
+		default:
+			return []byte("error erasing credentials"), errCommandExited
+		}
+	case "get":
+		switch inS {
+		case validServerAddress:
+			return []byte(`{"Username": "foo", "Secret": "bar"}`), nil
+		case validServerAddress2:
+			return []byte(`{"Username": "<token>", "Secret": "abcd1234"}`), nil
+		case missingCredsAddress:
+			return []byte(errCredentialsNotFound.Error()), errCommandExited
+		case invalidServerAddress:
+			return []byte("error getting credentials"), errCommandExited
+		}
+	case "store":
+		var c credentialsRequest
+		err := json.NewDecoder(strings.NewReader(inS)).Decode(&c)
+		if err != nil {
+			return []byte("error storing credentials"), errCommandExited
+		}
+		switch c.ServerURL {
+		case validServerAddress:
+			return nil, nil
+		default:
+			return []byte("error storing credentials"), errCommandExited
+		}
+	}
+
+	return []byte(fmt.Sprintf("unknown argument %q with %q", m.arg, inS)), errCommandExited
+}
+
+// Input sets the input to send to a remote credentials helper.
+func (m *mockCommand) Input(in io.Reader) {
+	m.input = in
+}
+
+func mockCommandFn(args ...string) command {
+	return &mockCommand{
+		arg: args[0],
+	}
+}
+
+func TestNativeStoreAddCredentials(t *testing.T) {
+	f := newConfigFile(make(map[string]types.AuthConfig))
+	f.CredentialsStore = "mock"
+
+	s := &nativeStore{
+		commandFn: mockCommandFn,
+		fileStore: NewFileStore(f),
+	}
+	err := s.Store(types.AuthConfig{
+		Username:      "foo",
+		Password:      "bar",
+		Email:         "foo@example.com",
+		ServerAddress: validServerAddress,
+	})
+
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(f.AuthConfigs) != 1 {
+		t.Fatalf("expected 1 auth config, got %d", len(f.AuthConfigs))
+	}
+
+	a, ok := f.AuthConfigs[validServerAddress]
+	if !ok {
+		t.Fatalf("expected auth for %s, got %v", validServerAddress, f.AuthConfigs)
+	}
+	if a.Auth != "" {
+		t.Fatalf("expected auth to be empty, got %s", a.Auth)
+	}
+	if a.Username != "" {
+		t.Fatalf("expected username to be empty, got %s", a.Username)
+	}
+	if a.Password != "" {
+		t.Fatalf("expected password to be empty, got %s", a.Password)
+	}
+	if a.IdentityToken != "" {
+		t.Fatalf("expected identity token to be empty, got %s", a.IdentityToken)
+	}
+	if a.Email != "foo@example.com" {
+		t.Fatalf("expected email `foo@example.com`, got %s", a.Email)
+	}
+}
+
+func TestNativeStoreAddInvalidCredentials(t *testing.T) {
+	f := newConfigFile(make(map[string]types.AuthConfig))
+	f.CredentialsStore = "mock"
+
+	s := &nativeStore{
+		commandFn: mockCommandFn,
+		fileStore: NewFileStore(f),
+	}
+	err := s.Store(types.AuthConfig{
+		Username:      "foo",
+		Password:      "bar",
+		Email:         "foo@example.com",
+		ServerAddress: invalidServerAddress,
+	})
+
+	if err == nil {
+		t.Fatal("expected error, got nil")
+	}
+
+	if err.Error() != "error storing credentials" {
+		t.Fatalf("expected `error storing credentials`, got %v", err)
+	}
+
+	if len(f.AuthConfigs) != 0 {
+		t.Fatalf("expected 0 auth config, got %d", len(f.AuthConfigs))
+	}
+}
+
+func TestNativeStoreGet(t *testing.T) {
+	f := newConfigFile(map[string]types.AuthConfig{
+		validServerAddress: {
+			Email: "foo@example.com",
+		},
+	})
+	f.CredentialsStore = "mock"
+
+	s := &nativeStore{
+		commandFn: mockCommandFn,
+		fileStore: NewFileStore(f),
+	}
+	a, err := s.Get(validServerAddress)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if a.Username != "foo" {
+		t.Fatalf("expected username `foo`, got %s", a.Username)
+	}
+	if a.Password != "bar" {
+		t.Fatalf("expected password `bar`, got %s", a.Password)
+	}
+	if a.IdentityToken != "" {
+		t.Fatalf("expected identity token to be empty, got %s", a.IdentityToken)
+	}
+	if a.Email != "foo@example.com" {
+		t.Fatalf("expected email `foo@example.com`, got %s", a.Email)
+	}
+}
+
+func TestNativeStoreGetIdentityToken(t *testing.T) {
+	f := newConfigFile(map[string]types.AuthConfig{
+		validServerAddress2: {
+			Email: "foo@example2.com",
+		},
+	})
+	f.CredentialsStore = "mock"
+
+	s := &nativeStore{
+		commandFn: mockCommandFn,
+		fileStore: NewFileStore(f),
+	}
+	a, err := s.Get(validServerAddress2)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if a.Username != "" {
+		t.Fatalf("expected username to be empty, got %s", a.Username)
+	}
+	if a.Password != "" {
+		t.Fatalf("expected password to be empty, got %s", a.Password)
+	}
+	if a.IdentityToken != "abcd1234" {
+		t.Fatalf("expected identity token `abcd1234`, got %s", a.IdentityToken)
+	}
+	if a.Email != "foo@example2.com" {
+		t.Fatalf("expected email `foo@example2.com`, got %s", a.Email)
+	}
+}
+
+func TestNativeStoreGetAll(t *testing.T) {
+	f := newConfigFile(map[string]types.AuthConfig{
+		validServerAddress: {
+			Email: "foo@example.com",
+		},
+		validServerAddress2: {
+			Email: "foo@example2.com",
+		},
+	})
+	f.CredentialsStore = "mock"
+
+	s := &nativeStore{
+		commandFn: mockCommandFn,
+		fileStore: NewFileStore(f),
+	}
+	as, err := s.GetAll()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(as) != 2 {
+		t.Fatalf("wanted 2, got %d", len(as))
+	}
+
+	if as[validServerAddress].Username != "foo" {
+		t.Fatalf("expected username `foo` for %s, got %s", validServerAddress, as[validServerAddress].Username)
+	}
+	if as[validServerAddress].Password != "bar" {
+		t.Fatalf("expected password `bar` for %s, got %s", validServerAddress, as[validServerAddress].Password)
+	}
+	if as[validServerAddress].IdentityToken != "" {
+		t.Fatalf("expected identity to be empty for %s, got %s", validServerAddress, as[validServerAddress].IdentityToken)
+	}
+	if as[validServerAddress].Email != "foo@example.com" {
+		t.Fatalf("expected email `foo@example.com` for %s, got %s", validServerAddress, as[validServerAddress].Email)
+	}
+	if as[validServerAddress2].Username != "" {
+		t.Fatalf("expected username to be empty for %s, got %s", validServerAddress2, as[validServerAddress2].Username)
+	}
+	if as[validServerAddress2].Password != "" {
+		t.Fatalf("expected password to be empty for %s, got %s", validServerAddress2, as[validServerAddress2].Password)
+	}
+	if as[validServerAddress2].IdentityToken != "abcd1234" {
+		t.Fatalf("expected identity token `abcd1324` for %s, got %s", validServerAddress2, as[validServerAddress2].IdentityToken)
+	}
+	if as[validServerAddress2].Email != "foo@example2.com" {
+		t.Fatalf("expected email `foo@example2.com` for %s, got %s", validServerAddress2, as[validServerAddress2].Email)
+	}
+}
+
+func TestNativeStoreGetMissingCredentials(t *testing.T) {
+	f := newConfigFile(map[string]types.AuthConfig{
+		validServerAddress: {
+			Email: "foo@example.com",
+		},
+	})
+	f.CredentialsStore = "mock"
+
+	s := &nativeStore{
+		commandFn: mockCommandFn,
+		fileStore: NewFileStore(f),
+	}
+	_, err := s.Get(missingCredsAddress)
+	if err != nil {
+		// missing credentials do not produce an error
+		t.Fatal(err)
+	}
+}
+
+func TestNativeStoreGetInvalidAddress(t *testing.T) {
+	f := newConfigFile(map[string]types.AuthConfig{
+		validServerAddress: {
+			Email: "foo@example.com",
+		},
+	})
+	f.CredentialsStore = "mock"
+
+	s := &nativeStore{
+		commandFn: mockCommandFn,
+		fileStore: NewFileStore(f),
+	}
+	_, err := s.Get(invalidServerAddress)
+	if err == nil {
+		t.Fatal("expected error, got nil")
+	}
+
+	if err.Error() != "error getting credentials" {
+		t.Fatalf("expected `error getting credentials`, got %v", err)
+	}
+}
+
+func TestNativeStoreErase(t *testing.T) {
+	f := newConfigFile(map[string]types.AuthConfig{
+		validServerAddress: {
+			Email: "foo@example.com",
+		},
+	})
+	f.CredentialsStore = "mock"
+
+	s := &nativeStore{
+		commandFn: mockCommandFn,
+		fileStore: NewFileStore(f),
+	}
+	err := s.Erase(validServerAddress)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(f.AuthConfigs) != 0 {
+		t.Fatalf("expected 0 auth configs, got %d", len(f.AuthConfigs))
+	}
+}
+
+func TestNativeStoreEraseInvalidAddress(t *testing.T) {
+	f := newConfigFile(map[string]types.AuthConfig{
+		validServerAddress: {
+			Email: "foo@example.com",
+		},
+	})
+	f.CredentialsStore = "mock"
+
+	s := &nativeStore{
+		commandFn: mockCommandFn,
+		fileStore: NewFileStore(f),
+	}
+	err := s.Erase(invalidServerAddress)
+	if err == nil {
+		t.Fatal("expected error, got nil")
+	}
+
+	if err.Error() != "error erasing credentials" {
+		t.Fatalf("expected `error erasing credentials`, got %v", err)
+	}
+}
diff --git a/cliconfig/credentials/shell_command.go b/cliconfig/credentials/shell_command.go
new file mode 100644
index 00000000..fa481b19
--- /dev/null
+++ b/cliconfig/credentials/shell_command.go
@@ -0,0 +1,28 @@
+package credentials
+
+import (
+	"io"
+	"os/exec"
+)
+
+func shellCommandFn(storeName string) func(args ...string) command {
+	name := remoteCredentialsPrefix + storeName
+	return func(args ...string) command {
+		return &shell{cmd: exec.Command(name, args...)}
+	}
+}
+
+// shell invokes shell commands to talk with a remote credentials helper.
+type shell struct {
+	cmd *exec.Cmd
+}
+
+// Output returns responses from the remote credentials helper.
+func (s *shell) Output() ([]byte, error) {
+	return s.cmd.Output()
+}
+
+// Input sets the input to send to a remote credentials helper.
+func (s *shell) Input(in io.Reader) {
+	s.cmd.Stdin = in
+}
diff --git a/container/archive.go b/container/archive.go
new file mode 100644
index 00000000..95b68285
--- /dev/null
+++ b/container/archive.go
@@ -0,0 +1,69 @@
+package container
+
+import (
+	"os"
+	"path/filepath"
+
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/engine-api/types"
+)
+
+// ResolvePath resolves the given path in the container to a resource on the
+// host. Returns a resolved path (absolute path to the resource on the host),
+// the absolute path to the resource relative to the container's rootfs, and
+// a error if the path points to outside the container's rootfs.
+func (container *Container) ResolvePath(path string) (resolvedPath, absPath string, err error) {
+	// Consider the given path as an absolute path in the container.
+	absPath = archive.PreserveTrailingDotOrSeparator(filepath.Join(string(filepath.Separator), path), path)
+
+	// Split the absPath into its Directory and Base components. We will
+	// resolve the dir in the scope of the container then append the base.
+	dirPath, basePath := filepath.Split(absPath)
+
+	resolvedDirPath, err := container.GetResourcePath(dirPath)
+	if err != nil {
+		return "", "", err
+	}
+
+	// resolvedDirPath will have been cleaned (no trailing path separators) so
+	// we can manually join it with the base path element.
+	resolvedPath = resolvedDirPath + string(filepath.Separator) + basePath
+
+	return resolvedPath, absPath, nil
+}
+
+// StatPath is the unexported version of StatPath. Locks and mounts should
+// be acquired before calling this method and the given path should be fully
+// resolved to a path on the host corresponding to the given absolute path
+// inside the container.
+func (container *Container) StatPath(resolvedPath, absPath string) (stat *types.ContainerPathStat, err error) {
+	lstat, err := os.Lstat(resolvedPath)
+	if err != nil {
+		return nil, err
+	}
+
+	var linkTarget string
+	if lstat.Mode()&os.ModeSymlink != 0 {
+		// Fully evaluate the symlink in the scope of the container rootfs.
+		hostPath, err := container.GetResourcePath(absPath)
+		if err != nil {
+			return nil, err
+		}
+
+		linkTarget, err = filepath.Rel(container.BaseFS, hostPath)
+		if err != nil {
+			return nil, err
+		}
+
+		// Make it an absolute path.
+		linkTarget = filepath.Join(string(filepath.Separator), linkTarget)
+	}
+
+	return &types.ContainerPathStat{
+		Name:       filepath.Base(absPath),
+		Size:       lstat.Size(),
+		Mode:       lstat.Mode(),
+		Mtime:      lstat.ModTime(),
+		LinkTarget: linkTarget,
+	}, nil
+}
diff --git a/container/container.go b/container/container.go
new file mode 100644
index 00000000..8781b796
--- /dev/null
+++ b/container/container.go
@@ -0,0 +1,947 @@
+package container
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"net"
+	"os"
+	"path/filepath"
+	"strconv"
+	"strings"
+	"sync"
+	"syscall"
+	"time"
+
+	"golang.org/x/net/context"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/daemon/exec"
+	"github.com/docker/docker/daemon/logger"
+	"github.com/docker/docker/daemon/logger/jsonfilelog"
+	"github.com/docker/docker/daemon/network"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/promise"
+	"github.com/docker/docker/pkg/signal"
+	"github.com/docker/docker/pkg/symlink"
+	"github.com/docker/docker/restartmanager"
+	"github.com/docker/docker/runconfig"
+	runconfigopts "github.com/docker/docker/runconfig/opts"
+	"github.com/docker/docker/volume"
+	containertypes "github.com/docker/engine-api/types/container"
+	networktypes "github.com/docker/engine-api/types/network"
+	"github.com/docker/go-connections/nat"
+	"github.com/docker/libnetwork"
+	"github.com/docker/libnetwork/netlabel"
+	"github.com/docker/libnetwork/options"
+	"github.com/docker/libnetwork/types"
+	"github.com/opencontainers/runc/libcontainer/label"
+)
+
+const configFileName = "config.v2.json"
+
+var (
+	errInvalidEndpoint = fmt.Errorf("invalid endpoint while building port map info")
+	errInvalidNetwork  = fmt.Errorf("invalid network settings while building port map info")
+)
+
+// CommonContainer holds the fields for a container which are
+// applicable across all platforms supported by the daemon.
+type CommonContainer struct {
+	*runconfig.StreamConfig
+	// embed for Container to support states directly.
+	*State          `json:"State"` // Needed for remote api version <= 1.11
+	Root            string         `json:"-"` // Path to the "home" of the container, including metadata.
+	BaseFS          string         `json:"-"` // Path to the graphdriver mountpoint
+	RWLayer         layer.RWLayer  `json:"-"`
+	ID              string
+	Created         time.Time
+	Path            string
+	Args            []string
+	Config          *containertypes.Config
+	ImageID         image.ID `json:"Image"`
+	NetworkSettings *network.Settings
+	LogPath         string
+	Name            string
+	Driver          string
+	// MountLabel contains the options for the 'mount' command
+	MountLabel             string
+	ProcessLabel           string
+	RestartCount           int
+	HasBeenStartedBefore   bool
+	HasBeenManuallyStopped bool // used for unless-stopped restart policy
+	MountPoints            map[string]*volume.MountPoint
+	HostConfig             *containertypes.HostConfig `json:"-"` // do not serialize the host config in the json, otherwise we'll make the container unportable
+	ExecCommands           *exec.Store                `json:"-"`
+	// logDriver for closing
+	LogDriver      logger.Logger  `json:"-"`
+	LogCopier      *logger.Copier `json:"-"`
+	restartManager restartmanager.RestartManager
+	attachContext  *attachContext
+}
+
+// NewBaseContainer creates a new container with its
+// basic configuration.
+func NewBaseContainer(id, root string) *Container {
+	return &Container{
+		CommonContainer: CommonContainer{
+			ID:            id,
+			State:         NewState(),
+			ExecCommands:  exec.NewStore(),
+			Root:          root,
+			MountPoints:   make(map[string]*volume.MountPoint),
+			StreamConfig:  runconfig.NewStreamConfig(),
+			attachContext: &attachContext{},
+		},
+	}
+}
+
+// FromDisk loads the container configuration stored in the host.
+func (container *Container) FromDisk() error {
+	pth, err := container.ConfigPath()
+	if err != nil {
+		return err
+	}
+
+	jsonSource, err := os.Open(pth)
+	if err != nil {
+		return err
+	}
+	defer jsonSource.Close()
+
+	dec := json.NewDecoder(jsonSource)
+
+	// Load container settings
+	if err := dec.Decode(container); err != nil {
+		return err
+	}
+
+	if err := label.ReserveLabel(container.ProcessLabel); err != nil {
+		return err
+	}
+	return container.readHostConfig()
+}
+
+// ToDisk saves the container configuration on disk.
+func (container *Container) ToDisk() error {
+	pth, err := container.ConfigPath()
+	if err != nil {
+		return err
+	}
+
+	jsonSource, err := os.Create(pth)
+	if err != nil {
+		return err
+	}
+	defer jsonSource.Close()
+
+	enc := json.NewEncoder(jsonSource)
+
+	// Save container settings
+	if err := enc.Encode(container); err != nil {
+		return err
+	}
+
+	return container.WriteHostConfig()
+}
+
+// ToDiskLocking saves the container configuration on disk in a thread safe way.
+func (container *Container) ToDiskLocking() error {
+	container.Lock()
+	err := container.ToDisk()
+	container.Unlock()
+	return err
+}
+
+// readHostConfig reads the host configuration from disk for the container.
+func (container *Container) readHostConfig() error {
+	container.HostConfig = &containertypes.HostConfig{}
+	// If the hostconfig file does not exist, do not read it.
+	// (We still have to initialize container.HostConfig,
+	// but that's OK, since we just did that above.)
+	pth, err := container.HostConfigPath()
+	if err != nil {
+		return err
+	}
+
+	f, err := os.Open(pth)
+	if err != nil {
+		if os.IsNotExist(err) {
+			return nil
+		}
+		return err
+	}
+	defer f.Close()
+
+	if err := json.NewDecoder(f).Decode(&container.HostConfig); err != nil {
+		return err
+	}
+
+	container.InitDNSHostConfig()
+
+	return nil
+}
+
+// WriteHostConfig saves the host configuration on disk for the container.
+func (container *Container) WriteHostConfig() error {
+	pth, err := container.HostConfigPath()
+	if err != nil {
+		return err
+	}
+
+	f, err := os.Create(pth)
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	return json.NewEncoder(f).Encode(&container.HostConfig)
+}
+
+// SetupWorkingDirectory sets up the container's working directory as set in container.Config.WorkingDir
+func (container *Container) SetupWorkingDirectory(rootUID, rootGID int) error {
+	if container.Config.WorkingDir == "" {
+		return nil
+	}
+
+	// If can't mount container FS at this point (eg Hyper-V Containers on
+	// Windows) bail out now with no action.
+	if !container.canMountFS() {
+		return nil
+	}
+
+	container.Config.WorkingDir = filepath.Clean(container.Config.WorkingDir)
+
+	pth, err := container.GetResourcePath(container.Config.WorkingDir)
+	if err != nil {
+		return err
+	}
+
+	if err := idtools.MkdirAllNewAs(pth, 0755, rootUID, rootGID); err != nil {
+		pthInfo, err2 := os.Stat(pth)
+		if err2 == nil && pthInfo != nil && !pthInfo.IsDir() {
+			return fmt.Errorf("Cannot mkdir: %s is not a directory", container.Config.WorkingDir)
+		}
+
+		return err
+	}
+
+	return nil
+}
+
+// GetResourcePath evaluates `path` in the scope of the container's BaseFS, with proper path
+// sanitisation. Symlinks are all scoped to the BaseFS of the container, as
+// though the container's BaseFS was `/`.
+//
+// The BaseFS of a container is the host-facing path which is bind-mounted as
+// `/` inside the container. This method is essentially used to access a
+// particular path inside the container as though you were a process in that
+// container.
+//
+// NOTE: The returned path is *only* safely scoped inside the container's BaseFS
+//       if no component of the returned path changes (such as a component
+//       symlinking to a different path) between using this method and using the
+//       path. See symlink.FollowSymlinkInScope for more details.
+func (container *Container) GetResourcePath(path string) (string, error) {
+	// IMPORTANT - These are paths on the OS where the daemon is running, hence
+	// any filepath operations must be done in an OS agnostic way.
+
+	cleanPath := cleanResourcePath(path)
+	r, e := symlink.FollowSymlinkInScope(filepath.Join(container.BaseFS, cleanPath), container.BaseFS)
+	return r, e
+}
+
+// GetRootResourcePath evaluates `path` in the scope of the container's root, with proper path
+// sanitisation. Symlinks are all scoped to the root of the container, as
+// though the container's root was `/`.
+//
+// The root of a container is the host-facing configuration metadata directory.
+// Only use this method to safely access the container's `container.json` or
+// other metadata files. If in doubt, use container.GetResourcePath.
+//
+// NOTE: The returned path is *only* safely scoped inside the container's root
+//       if no component of the returned path changes (such as a component
+//       symlinking to a different path) between using this method and using the
+//       path. See symlink.FollowSymlinkInScope for more details.
+func (container *Container) GetRootResourcePath(path string) (string, error) {
+	// IMPORTANT - These are paths on the OS where the daemon is running, hence
+	// any filepath operations must be done in an OS agnostic way.
+	cleanPath := filepath.Join(string(os.PathSeparator), path)
+	return symlink.FollowSymlinkInScope(filepath.Join(container.Root, cleanPath), container.Root)
+}
+
+// ExitOnNext signals to the monitor that it should not restart the container
+// after we send the kill signal.
+func (container *Container) ExitOnNext() {
+	if container.restartManager != nil {
+		container.restartManager.Cancel()
+	}
+}
+
+// HostConfigPath returns the path to the container's JSON hostconfig
+func (container *Container) HostConfigPath() (string, error) {
+	return container.GetRootResourcePath("hostconfig.json")
+}
+
+// ConfigPath returns the path to the container's JSON config
+func (container *Container) ConfigPath() (string, error) {
+	return container.GetRootResourcePath(configFileName)
+}
+
+// StartLogger starts a new logger driver for the container.
+func (container *Container) StartLogger(cfg containertypes.LogConfig) (logger.Logger, error) {
+	c, err := logger.GetLogDriver(cfg.Type)
+	if err != nil {
+		return nil, fmt.Errorf("Failed to get logging factory: %v", err)
+	}
+	ctx := logger.Context{
+		Config:              cfg.Config,
+		ContainerID:         container.ID,
+		ContainerName:       container.Name,
+		ContainerEntrypoint: container.Path,
+		ContainerArgs:       container.Args,
+		ContainerImageID:    container.ImageID.String(),
+		ContainerImageName:  container.Config.Image,
+		ContainerCreated:    container.Created,
+		ContainerEnv:        container.Config.Env,
+		ContainerLabels:     container.Config.Labels,
+	}
+
+	// Set logging file for "json-logger"
+	if cfg.Type == jsonfilelog.Name {
+		ctx.LogPath, err = container.GetRootResourcePath(fmt.Sprintf("%s-json.log", container.ID))
+		if err != nil {
+			return nil, err
+		}
+	}
+	return c(ctx)
+}
+
+// GetProcessLabel returns the process label for the container.
+func (container *Container) GetProcessLabel() string {
+	// even if we have a process label return "" if we are running
+	// in privileged mode
+	if container.HostConfig.Privileged {
+		return ""
+	}
+	return container.ProcessLabel
+}
+
+// GetMountLabel returns the mounting label for the container.
+// This label is empty if the container is privileged.
+func (container *Container) GetMountLabel() string {
+	if container.HostConfig.Privileged {
+		return ""
+	}
+	return container.MountLabel
+}
+
+// GetExecIDs returns the list of exec commands running on the container.
+func (container *Container) GetExecIDs() []string {
+	return container.ExecCommands.List()
+}
+
+// Attach connects to the container's TTY, delegating to standard
+// streams or websockets depending on the configuration.
+func (container *Container) Attach(stdin io.ReadCloser, stdout io.Writer, stderr io.Writer, keys []byte) chan error {
+	ctx := container.InitAttachContext()
+	return AttachStreams(ctx, container.StreamConfig, container.Config.OpenStdin, container.Config.StdinOnce, container.Config.Tty, stdin, stdout, stderr, keys)
+}
+
+// AttachStreams connects streams to a TTY.
+// Used by exec too. Should this move somewhere else?
+func AttachStreams(ctx context.Context, streamConfig *runconfig.StreamConfig, openStdin, stdinOnce, tty bool, stdin io.ReadCloser, stdout io.Writer, stderr io.Writer, keys []byte) chan error {
+	var (
+		cStdout, cStderr io.ReadCloser
+		cStdin           io.WriteCloser
+		wg               sync.WaitGroup
+		errors           = make(chan error, 3)
+	)
+
+	if stdin != nil && openStdin {
+		cStdin = streamConfig.StdinPipe()
+		wg.Add(1)
+	}
+
+	if stdout != nil {
+		cStdout = streamConfig.StdoutPipe()
+		wg.Add(1)
+	}
+
+	if stderr != nil {
+		cStderr = streamConfig.StderrPipe()
+		wg.Add(1)
+	}
+
+	// Connect stdin of container to the http conn.
+	go func() {
+		if stdin == nil || !openStdin {
+			return
+		}
+		logrus.Debugf("attach: stdin: begin")
+
+		var err error
+		if tty {
+			_, err = copyEscapable(cStdin, stdin, keys)
+		} else {
+			_, err = io.Copy(cStdin, stdin)
+
+		}
+		if err == io.ErrClosedPipe {
+			err = nil
+		}
+		if err != nil {
+			logrus.Errorf("attach: stdin: %s", err)
+			errors <- err
+		}
+		if stdinOnce && !tty {
+			cStdin.Close()
+		} else {
+			// No matter what, when stdin is closed (io.Copy unblock), close stdout and stderr
+			if cStdout != nil {
+				cStdout.Close()
+			}
+			if cStderr != nil {
+				cStderr.Close()
+			}
+		}
+		logrus.Debugf("attach: stdin: end")
+		wg.Done()
+	}()
+
+	attachStream := func(name string, stream io.Writer, streamPipe io.ReadCloser) {
+		if stream == nil {
+			return
+		}
+
+		logrus.Debugf("attach: %s: begin", name)
+		_, err := io.Copy(stream, streamPipe)
+		if err == io.ErrClosedPipe {
+			err = nil
+		}
+		if err != nil {
+			logrus.Errorf("attach: %s: %v", name, err)
+			errors <- err
+		}
+		// Make sure stdin gets closed
+		if stdin != nil {
+			stdin.Close()
+		}
+		streamPipe.Close()
+		logrus.Debugf("attach: %s: end", name)
+		wg.Done()
+	}
+
+	go attachStream("stdout", stdout, cStdout)
+	go attachStream("stderr", stderr, cStderr)
+
+	return promise.Go(func() error {
+		done := make(chan struct{})
+		go func() {
+			wg.Wait()
+			close(done)
+		}()
+		select {
+		case <-done:
+		case <-ctx.Done():
+			// close all pipes
+			if cStdin != nil {
+				cStdin.Close()
+			}
+			if cStdout != nil {
+				cStdout.Close()
+			}
+			if cStderr != nil {
+				cStderr.Close()
+			}
+			<-done
+		}
+		close(errors)
+		for err := range errors {
+			if err != nil {
+				return err
+			}
+		}
+		return nil
+	})
+}
+
+// Code c/c from io.Copy() modified to handle escape sequence
+func copyEscapable(dst io.Writer, src io.ReadCloser, keys []byte) (written int64, err error) {
+	if len(keys) == 0 {
+		// Default keys : ctrl-p ctrl-q
+		keys = []byte{16, 17}
+	}
+	buf := make([]byte, 32*1024)
+	for {
+		nr, er := src.Read(buf)
+		if nr > 0 {
+			// ---- Docker addition
+			for i, key := range keys {
+				if nr != 1 || buf[0] != key {
+					break
+				}
+				if i == len(keys)-1 {
+					if err := src.Close(); err != nil {
+						return 0, err
+					}
+					return 0, nil
+				}
+				nr, er = src.Read(buf)
+			}
+			// ---- End of docker
+			nw, ew := dst.Write(buf[0:nr])
+			if nw > 0 {
+				written += int64(nw)
+			}
+			if ew != nil {
+				err = ew
+				break
+			}
+			if nr != nw {
+				err = io.ErrShortWrite
+				break
+			}
+		}
+		if er == io.EOF {
+			break
+		}
+		if er != nil {
+			err = er
+			break
+		}
+	}
+	return written, err
+}
+
+// ShouldRestartOnBoot decides whether the daemon should restart the container or not.
+// This is based on the container's restart policy.
+func (container *Container) ShouldRestartOnBoot() bool {
+	return container.HostConfig.RestartPolicy.Name == "always" ||
+		(container.HostConfig.RestartPolicy.Name == "unless-stopped" && !container.HasBeenManuallyStopped) ||
+		(container.HostConfig.RestartPolicy.Name == "on-failure" && container.ExitCode != 0)
+}
+
+// AddBindMountPoint adds a new bind mount point configuration to the container.
+func (container *Container) AddBindMountPoint(name, source, destination string, rw bool) {
+	container.MountPoints[destination] = &volume.MountPoint{
+		Name:        name,
+		Source:      source,
+		Destination: destination,
+		RW:          rw,
+	}
+}
+
+// AddLocalMountPoint adds a new local mount point configuration to the container.
+func (container *Container) AddLocalMountPoint(name, destination string, rw bool) {
+	container.MountPoints[destination] = &volume.MountPoint{
+		Name:        name,
+		Driver:      volume.DefaultDriverName,
+		Destination: destination,
+		RW:          rw,
+	}
+}
+
+// AddMountPointWithVolume adds a new mount point configured with a volume to the container.
+func (container *Container) AddMountPointWithVolume(destination string, vol volume.Volume, rw bool) {
+	container.MountPoints[destination] = &volume.MountPoint{
+		Name:        vol.Name(),
+		Driver:      vol.DriverName(),
+		Destination: destination,
+		RW:          rw,
+		Volume:      vol,
+		CopyData:    volume.DefaultCopyMode,
+	}
+}
+
+// IsDestinationMounted checks whether a path is mounted on the container or not.
+func (container *Container) IsDestinationMounted(destination string) bool {
+	return container.MountPoints[destination] != nil
+}
+
+// StopSignal returns the signal used to stop the container.
+func (container *Container) StopSignal() int {
+	var stopSignal syscall.Signal
+	if container.Config.StopSignal != "" {
+		stopSignal, _ = signal.ParseSignal(container.Config.StopSignal)
+	}
+
+	if int(stopSignal) == 0 {
+		stopSignal, _ = signal.ParseSignal(signal.DefaultStopSignal)
+	}
+	return int(stopSignal)
+}
+
+// InitDNSHostConfig ensures that the dns fields are never nil.
+// New containers don't ever have those fields nil,
+// but pre created containers can still have those nil values.
+// The non-recommended host configuration in the start api can
+// make these fields nil again, this corrects that issue until
+// we remove that behavior for good.
+// See https://github.com/docker/docker/pull/17779
+// for a more detailed explanation on why we don't want that.
+func (container *Container) InitDNSHostConfig() {
+	container.Lock()
+	defer container.Unlock()
+	if container.HostConfig.DNS == nil {
+		container.HostConfig.DNS = make([]string, 0)
+	}
+
+	if container.HostConfig.DNSSearch == nil {
+		container.HostConfig.DNSSearch = make([]string, 0)
+	}
+
+	if container.HostConfig.DNSOptions == nil {
+		container.HostConfig.DNSOptions = make([]string, 0)
+	}
+}
+
+// GetEndpointInNetwork returns the container's endpoint to the provided network.
+func (container *Container) GetEndpointInNetwork(n libnetwork.Network) (libnetwork.Endpoint, error) {
+	endpointName := strings.TrimPrefix(container.Name, "/")
+	return n.EndpointByName(endpointName)
+}
+
+func (container *Container) buildPortMapInfo(ep libnetwork.Endpoint) error {
+	if ep == nil {
+		return errInvalidEndpoint
+	}
+
+	networkSettings := container.NetworkSettings
+	if networkSettings == nil {
+		return errInvalidNetwork
+	}
+
+	if len(networkSettings.Ports) == 0 {
+		pm, err := getEndpointPortMapInfo(ep)
+		if err != nil {
+			return err
+		}
+		networkSettings.Ports = pm
+	}
+	return nil
+}
+
+func getEndpointPortMapInfo(ep libnetwork.Endpoint) (nat.PortMap, error) {
+	pm := nat.PortMap{}
+	driverInfo, err := ep.DriverInfo()
+	if err != nil {
+		return pm, err
+	}
+
+	if driverInfo == nil {
+		// It is not an error for epInfo to be nil
+		return pm, nil
+	}
+
+	if expData, ok := driverInfo[netlabel.ExposedPorts]; ok {
+		if exposedPorts, ok := expData.([]types.TransportPort); ok {
+			for _, tp := range exposedPorts {
+				natPort, err := nat.NewPort(tp.Proto.String(), strconv.Itoa(int(tp.Port)))
+				if err != nil {
+					return pm, fmt.Errorf("Error parsing Port value(%v):%v", tp.Port, err)
+				}
+				pm[natPort] = nil
+			}
+		}
+	}
+
+	mapData, ok := driverInfo[netlabel.PortMap]
+	if !ok {
+		return pm, nil
+	}
+
+	if portMapping, ok := mapData.([]types.PortBinding); ok {
+		for _, pp := range portMapping {
+			natPort, err := nat.NewPort(pp.Proto.String(), strconv.Itoa(int(pp.Port)))
+			if err != nil {
+				return pm, err
+			}
+			natBndg := nat.PortBinding{HostIP: pp.HostIP.String(), HostPort: strconv.Itoa(int(pp.HostPort))}
+			pm[natPort] = append(pm[natPort], natBndg)
+		}
+	}
+
+	return pm, nil
+}
+
+// GetSandboxPortMapInfo retrieves the current port-mapping programmed for the given sandbox
+func GetSandboxPortMapInfo(sb libnetwork.Sandbox) nat.PortMap {
+	pm := nat.PortMap{}
+	if sb == nil {
+		return pm
+	}
+
+	for _, ep := range sb.Endpoints() {
+		pm, _ = getEndpointPortMapInfo(ep)
+		if len(pm) > 0 {
+			break
+		}
+	}
+	return pm
+}
+
+// BuildEndpointInfo sets endpoint-related fields on container.NetworkSettings based on the provided network and endpoint.
+func (container *Container) BuildEndpointInfo(n libnetwork.Network, ep libnetwork.Endpoint) error {
+	if ep == nil {
+		return errInvalidEndpoint
+	}
+
+	networkSettings := container.NetworkSettings
+	if networkSettings == nil {
+		return errInvalidNetwork
+	}
+
+	epInfo := ep.Info()
+	if epInfo == nil {
+		// It is not an error to get an empty endpoint info
+		return nil
+	}
+
+	if _, ok := networkSettings.Networks[n.Name()]; !ok {
+		networkSettings.Networks[n.Name()] = new(networktypes.EndpointSettings)
+	}
+	networkSettings.Networks[n.Name()].NetworkID = n.ID()
+	networkSettings.Networks[n.Name()].EndpointID = ep.ID()
+
+	iface := epInfo.Iface()
+	if iface == nil {
+		return nil
+	}
+
+	if iface.MacAddress() != nil {
+		networkSettings.Networks[n.Name()].MacAddress = iface.MacAddress().String()
+	}
+
+	if iface.Address() != nil {
+		ones, _ := iface.Address().Mask.Size()
+		networkSettings.Networks[n.Name()].IPAddress = iface.Address().IP.String()
+		networkSettings.Networks[n.Name()].IPPrefixLen = ones
+	}
+
+	if iface.AddressIPv6() != nil && iface.AddressIPv6().IP.To16() != nil {
+		onesv6, _ := iface.AddressIPv6().Mask.Size()
+		networkSettings.Networks[n.Name()].GlobalIPv6Address = iface.AddressIPv6().IP.String()
+		networkSettings.Networks[n.Name()].GlobalIPv6PrefixLen = onesv6
+	}
+
+	return nil
+}
+
+// UpdateJoinInfo updates network settings when container joins network n with endpoint ep.
+func (container *Container) UpdateJoinInfo(n libnetwork.Network, ep libnetwork.Endpoint) error {
+	if err := container.buildPortMapInfo(ep); err != nil {
+		return err
+	}
+
+	epInfo := ep.Info()
+	if epInfo == nil {
+		// It is not an error to get an empty endpoint info
+		return nil
+	}
+	if epInfo.Gateway() != nil {
+		container.NetworkSettings.Networks[n.Name()].Gateway = epInfo.Gateway().String()
+	}
+	if epInfo.GatewayIPv6().To16() != nil {
+		container.NetworkSettings.Networks[n.Name()].IPv6Gateway = epInfo.GatewayIPv6().String()
+	}
+
+	return nil
+}
+
+// UpdateSandboxNetworkSettings updates the sandbox ID and Key.
+func (container *Container) UpdateSandboxNetworkSettings(sb libnetwork.Sandbox) error {
+	container.NetworkSettings.SandboxID = sb.ID()
+	container.NetworkSettings.SandboxKey = sb.Key()
+	return nil
+}
+
+// BuildJoinOptions builds endpoint Join options from a given network.
+func (container *Container) BuildJoinOptions(n libnetwork.Network) ([]libnetwork.EndpointOption, error) {
+	var joinOptions []libnetwork.EndpointOption
+	if epConfig, ok := container.NetworkSettings.Networks[n.Name()]; ok {
+		for _, str := range epConfig.Links {
+			name, alias, err := runconfigopts.ParseLink(str)
+			if err != nil {
+				return nil, err
+			}
+			joinOptions = append(joinOptions, libnetwork.CreateOptionAlias(name, alias))
+		}
+	}
+	return joinOptions, nil
+}
+
+// BuildCreateEndpointOptions builds endpoint options from a given network.
+func (container *Container) BuildCreateEndpointOptions(n libnetwork.Network, epConfig *networktypes.EndpointSettings, sb libnetwork.Sandbox) ([]libnetwork.EndpointOption, error) {
+	var (
+		bindings      = make(nat.PortMap)
+		pbList        []types.PortBinding
+		exposeList    []types.TransportPort
+		createOptions []libnetwork.EndpointOption
+	)
+
+	defaultNetName := runconfig.DefaultDaemonNetworkMode().NetworkName()
+
+	if n.Name() == defaultNetName || container.NetworkSettings.IsAnonymousEndpoint {
+		createOptions = append(createOptions, libnetwork.CreateOptionAnonymous())
+	}
+
+	if epConfig != nil {
+		ipam := epConfig.IPAMConfig
+		if ipam != nil && (ipam.IPv4Address != "" || ipam.IPv6Address != "") {
+			createOptions = append(createOptions,
+				libnetwork.CreateOptionIpam(net.ParseIP(ipam.IPv4Address), net.ParseIP(ipam.IPv6Address), nil))
+		}
+
+		for _, alias := range epConfig.Aliases {
+			createOptions = append(createOptions, libnetwork.CreateOptionMyAlias(alias))
+		}
+	}
+
+	if !containertypes.NetworkMode(n.Name()).IsUserDefined() {
+		createOptions = append(createOptions, libnetwork.CreateOptionDisableResolution())
+	}
+
+	// configs that are applicable only for the endpoint in the network
+	// to which container was connected to on docker run.
+	// Ideally all these network-specific endpoint configurations must be moved under
+	// container.NetworkSettings.Networks[n.Name()]
+	if n.Name() == container.HostConfig.NetworkMode.NetworkName() ||
+		(n.Name() == defaultNetName && container.HostConfig.NetworkMode.IsDefault()) {
+		if container.Config.MacAddress != "" {
+			mac, err := net.ParseMAC(container.Config.MacAddress)
+			if err != nil {
+				return nil, err
+			}
+
+			genericOption := options.Generic{
+				netlabel.MacAddress: mac,
+			}
+
+			createOptions = append(createOptions, libnetwork.EndpointOptionGeneric(genericOption))
+		}
+	}
+
+	// Port-mapping rules belong to the container & applicable only to non-internal networks
+	portmaps := GetSandboxPortMapInfo(sb)
+	if n.Info().Internal() || len(portmaps) > 0 {
+		return createOptions, nil
+	}
+
+	if container.HostConfig.PortBindings != nil {
+		for p, b := range container.HostConfig.PortBindings {
+			bindings[p] = []nat.PortBinding{}
+			for _, bb := range b {
+				bindings[p] = append(bindings[p], nat.PortBinding{
+					HostIP:   bb.HostIP,
+					HostPort: bb.HostPort,
+				})
+			}
+		}
+	}
+
+	portSpecs := container.Config.ExposedPorts
+	ports := make([]nat.Port, len(portSpecs))
+	var i int
+	for p := range portSpecs {
+		ports[i] = p
+		i++
+	}
+	nat.SortPortMap(ports, bindings)
+	for _, port := range ports {
+		expose := types.TransportPort{}
+		expose.Proto = types.ParseProtocol(port.Proto())
+		expose.Port = uint16(port.Int())
+		exposeList = append(exposeList, expose)
+
+		pb := types.PortBinding{Port: expose.Port, Proto: expose.Proto}
+		binding := bindings[port]
+		for i := 0; i < len(binding); i++ {
+			pbCopy := pb.GetCopy()
+			newP, err := nat.NewPort(nat.SplitProtoPort(binding[i].HostPort))
+			var portStart, portEnd int
+			if err == nil {
+				portStart, portEnd, err = newP.Range()
+			}
+			if err != nil {
+				return nil, fmt.Errorf("Error parsing HostPort value(%s):%v", binding[i].HostPort, err)
+			}
+			pbCopy.HostPort = uint16(portStart)
+			pbCopy.HostPortEnd = uint16(portEnd)
+			pbCopy.HostIP = net.ParseIP(binding[i].HostIP)
+			pbList = append(pbList, pbCopy)
+		}
+
+		if container.HostConfig.PublishAllPorts && len(binding) == 0 {
+			pbList = append(pbList, pb)
+		}
+	}
+
+	createOptions = append(createOptions,
+		libnetwork.CreateOptionPortMapping(pbList),
+		libnetwork.CreateOptionExposedPorts(exposeList))
+
+	return createOptions, nil
+}
+
+// UpdateMonitor updates monitor configure for running container
+func (container *Container) UpdateMonitor(restartPolicy containertypes.RestartPolicy) {
+	type policySetter interface {
+		SetPolicy(containertypes.RestartPolicy)
+	}
+
+	if rm, ok := container.RestartManager(false).(policySetter); ok {
+		rm.SetPolicy(restartPolicy)
+	}
+}
+
+// FullHostname returns hostname and optional domain appended to it.
+func (container *Container) FullHostname() string {
+	fullHostname := container.Config.Hostname
+	if container.Config.Domainname != "" {
+		fullHostname = fmt.Sprintf("%s.%s", fullHostname, container.Config.Domainname)
+	}
+	return fullHostname
+}
+
+// RestartManager returns the current restartmanager instace connected to container.
+func (container *Container) RestartManager(reset bool) restartmanager.RestartManager {
+	if reset {
+		container.RestartCount = 0
+		container.restartManager = nil
+	}
+	if container.restartManager == nil {
+		container.restartManager = restartmanager.New(container.HostConfig.RestartPolicy)
+	}
+	return container.restartManager
+}
+
+type attachContext struct {
+	ctx    context.Context
+	cancel context.CancelFunc
+	mu     sync.Mutex
+}
+
+// InitAttachContext initialize or returns existing context for attach calls to
+// track container liveness.
+func (container *Container) InitAttachContext() context.Context {
+	container.attachContext.mu.Lock()
+	defer container.attachContext.mu.Unlock()
+	if container.attachContext.ctx == nil {
+		container.attachContext.ctx, container.attachContext.cancel = context.WithCancel(context.Background())
+	}
+	return container.attachContext.ctx
+}
+
+// CancelAttachContext cancel attach context. All attach calls should detach
+// after this call.
+func (container *Container) CancelAttachContext() {
+	container.attachContext.mu.Lock()
+	if container.attachContext.ctx != nil {
+		container.attachContext.cancel()
+		container.attachContext.ctx = nil
+	}
+	container.attachContext.mu.Unlock()
+}
diff --git a/container/container_unit_test.go b/container/container_unit_test.go
new file mode 100644
index 00000000..67b829f9
--- /dev/null
+++ b/container/container_unit_test.go
@@ -0,0 +1,36 @@
+package container
+
+import (
+	"testing"
+
+	"github.com/docker/docker/pkg/signal"
+	"github.com/docker/engine-api/types/container"
+)
+
+func TestContainerStopSignal(t *testing.T) {
+	c := &Container{
+		CommonContainer: CommonContainer{
+			Config: &container.Config{},
+		},
+	}
+
+	def, err := signal.ParseSignal(signal.DefaultStopSignal)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	s := c.StopSignal()
+	if s != int(def) {
+		t.Fatalf("Expected %v, got %v", def, s)
+	}
+
+	c = &Container{
+		CommonContainer: CommonContainer{
+			Config: &container.Config{StopSignal: "SIGKILL"},
+		},
+	}
+	s = c.StopSignal()
+	if s != 9 {
+		t.Fatalf("Expected 9, got %v", s)
+	}
+}
diff --git a/container/container_unix.go b/container/container_unix.go
new file mode 100644
index 00000000..754090f9
--- /dev/null
+++ b/container/container_unix.go
@@ -0,0 +1,405 @@
+// +build linux freebsd
+
+package container
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"strings"
+	"syscall"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/pkg/chrootarchive"
+	"github.com/docker/docker/pkg/symlink"
+	"github.com/docker/docker/pkg/system"
+	"github.com/docker/docker/utils"
+	"github.com/docker/docker/volume"
+	containertypes "github.com/docker/engine-api/types/container"
+	"github.com/opencontainers/runc/libcontainer/label"
+)
+
+// DefaultSHMSize is the default size (64MB) of the SHM which will be mounted in the container
+const DefaultSHMSize int64 = 67108864
+
+// Container holds the fields specific to unixen implementations.
+// See CommonContainer for standard fields common to all containers.
+type Container struct {
+	CommonContainer
+
+	// Fields below here are platform specific.
+	AppArmorProfile string
+	HostnamePath    string
+	HostsPath       string
+	ShmPath         string
+	ResolvConfPath  string
+	SeccompProfile  string
+	NoNewPrivileges bool
+}
+
+// ExitStatus provides exit reasons for a container.
+type ExitStatus struct {
+	// The exit code with which the container exited.
+	ExitCode int
+
+	// Whether the container encountered an OOM.
+	OOMKilled bool
+}
+
+// CreateDaemonEnvironment returns the list of all environment variables given the list of
+// environment variables related to links.
+// Sets PATH, HOSTNAME and if container.Config.Tty is set: TERM.
+// The defaults set here do not override the values in container.Config.Env
+func (container *Container) CreateDaemonEnvironment(linkedEnv []string) []string {
+	// Setup environment
+	env := []string{
+		"PATH=" + system.DefaultPathEnv,
+		"HOSTNAME=" + container.Config.Hostname,
+	}
+	if container.Config.Tty {
+		env = append(env, "TERM=xterm")
+	}
+	env = append(env, linkedEnv...)
+	// because the env on the container can override certain default values
+	// we need to replace the 'env' keys where they match and append anything
+	// else.
+	env = utils.ReplaceOrAppendEnvValues(env, container.Config.Env)
+	return env
+}
+
+// TrySetNetworkMount attempts to set the network mounts given a provided destination and
+// the path to use for it; return true if the given destination was a network mount file
+func (container *Container) TrySetNetworkMount(destination string, path string) bool {
+	if destination == "/etc/resolv.conf" {
+		container.ResolvConfPath = path
+		return true
+	}
+	if destination == "/etc/hostname" {
+		container.HostnamePath = path
+		return true
+	}
+	if destination == "/etc/hosts" {
+		container.HostsPath = path
+		return true
+	}
+
+	return false
+}
+
+// BuildHostnameFile writes the container's hostname file.
+func (container *Container) BuildHostnameFile() error {
+	hostnamePath, err := container.GetRootResourcePath("hostname")
+	if err != nil {
+		return err
+	}
+	container.HostnamePath = hostnamePath
+	return ioutil.WriteFile(container.HostnamePath, []byte(container.Config.Hostname+"\n"), 0644)
+}
+
+// appendNetworkMounts appends any network mounts to the array of mount points passed in
+func appendNetworkMounts(container *Container, volumeMounts []volume.MountPoint) ([]volume.MountPoint, error) {
+	for _, mnt := range container.NetworkMounts() {
+		dest, err := container.GetResourcePath(mnt.Destination)
+		if err != nil {
+			return nil, err
+		}
+		volumeMounts = append(volumeMounts, volume.MountPoint{Destination: dest})
+	}
+	return volumeMounts, nil
+}
+
+// NetworkMounts returns the list of network mounts.
+func (container *Container) NetworkMounts() []Mount {
+	var mounts []Mount
+	shared := container.HostConfig.NetworkMode.IsContainer()
+	if container.ResolvConfPath != "" {
+		if _, err := os.Stat(container.ResolvConfPath); err != nil {
+			logrus.Warnf("ResolvConfPath set to %q, but can't stat this filename (err = %v); skipping", container.ResolvConfPath, err)
+		} else {
+			label.Relabel(container.ResolvConfPath, container.MountLabel, shared)
+			writable := !container.HostConfig.ReadonlyRootfs
+			if m, exists := container.MountPoints["/etc/resolv.conf"]; exists {
+				writable = m.RW
+			}
+			mounts = append(mounts, Mount{
+				Source:      container.ResolvConfPath,
+				Destination: "/etc/resolv.conf",
+				Writable:    writable,
+				Propagation: volume.DefaultPropagationMode,
+			})
+		}
+	}
+	if container.HostnamePath != "" {
+		if _, err := os.Stat(container.HostnamePath); err != nil {
+			logrus.Warnf("HostnamePath set to %q, but can't stat this filename (err = %v); skipping", container.HostnamePath, err)
+		} else {
+			label.Relabel(container.HostnamePath, container.MountLabel, shared)
+			writable := !container.HostConfig.ReadonlyRootfs
+			if m, exists := container.MountPoints["/etc/hostname"]; exists {
+				writable = m.RW
+			}
+			mounts = append(mounts, Mount{
+				Source:      container.HostnamePath,
+				Destination: "/etc/hostname",
+				Writable:    writable,
+				Propagation: volume.DefaultPropagationMode,
+			})
+		}
+	}
+	if container.HostsPath != "" {
+		if _, err := os.Stat(container.HostsPath); err != nil {
+			logrus.Warnf("HostsPath set to %q, but can't stat this filename (err = %v); skipping", container.HostsPath, err)
+		} else {
+			label.Relabel(container.HostsPath, container.MountLabel, shared)
+			writable := !container.HostConfig.ReadonlyRootfs
+			if m, exists := container.MountPoints["/etc/hosts"]; exists {
+				writable = m.RW
+			}
+			mounts = append(mounts, Mount{
+				Source:      container.HostsPath,
+				Destination: "/etc/hosts",
+				Writable:    writable,
+				Propagation: volume.DefaultPropagationMode,
+			})
+		}
+	}
+	return mounts
+}
+
+// CopyImagePathContent copies files in destination to the volume.
+func (container *Container) CopyImagePathContent(v volume.Volume, destination string) error {
+	rootfs, err := symlink.FollowSymlinkInScope(filepath.Join(container.BaseFS, destination), container.BaseFS)
+	if err != nil {
+		return err
+	}
+
+	if _, err = ioutil.ReadDir(rootfs); err != nil {
+		if os.IsNotExist(err) {
+			return nil
+		}
+		return err
+	}
+
+	path, err := v.Mount()
+	if err != nil {
+		return err
+	}
+	defer v.Unmount()
+	return copyExistingContents(rootfs, path)
+}
+
+// ShmResourcePath returns path to shm
+func (container *Container) ShmResourcePath() (string, error) {
+	return container.GetRootResourcePath("shm")
+}
+
+// HasMountFor checks if path is a mountpoint
+func (container *Container) HasMountFor(path string) bool {
+	_, exists := container.MountPoints[path]
+	return exists
+}
+
+// UnmountIpcMounts uses the provided unmount function to unmount shm and mqueue if they were mounted
+func (container *Container) UnmountIpcMounts(unmount func(pth string) error) {
+	if container.HostConfig.IpcMode.IsContainer() || container.HostConfig.IpcMode.IsHost() {
+		return
+	}
+
+	var warnings []string
+
+	if !container.HasMountFor("/dev/shm") {
+		shmPath, err := container.ShmResourcePath()
+		if err != nil {
+			logrus.Error(err)
+			warnings = append(warnings, err.Error())
+		} else if shmPath != "" {
+			if err := unmount(shmPath); err != nil {
+				warnings = append(warnings, fmt.Sprintf("failed to umount %s: %v", shmPath, err))
+			}
+
+		}
+	}
+
+	if len(warnings) > 0 {
+		logrus.Warnf("failed to cleanup ipc mounts:\n%v", strings.Join(warnings, "\n"))
+	}
+}
+
+// IpcMounts returns the list of IPC mounts
+func (container *Container) IpcMounts() []Mount {
+	var mounts []Mount
+
+	if !container.HasMountFor("/dev/shm") {
+		label.SetFileLabel(container.ShmPath, container.MountLabel)
+		mounts = append(mounts, Mount{
+			Source:      container.ShmPath,
+			Destination: "/dev/shm",
+			Writable:    true,
+			Propagation: volume.DefaultPropagationMode,
+		})
+	}
+
+	return mounts
+}
+
+// UpdateContainer updates configuration of a container.
+func (container *Container) UpdateContainer(hostConfig *containertypes.HostConfig) error {
+	container.Lock()
+	defer container.Unlock()
+
+	// update resources of container
+	resources := hostConfig.Resources
+	cResources := &container.HostConfig.Resources
+	if resources.BlkioWeight != 0 {
+		cResources.BlkioWeight = resources.BlkioWeight
+	}
+	if resources.CPUShares != 0 {
+		cResources.CPUShares = resources.CPUShares
+	}
+	if resources.CPUPeriod != 0 {
+		cResources.CPUPeriod = resources.CPUPeriod
+	}
+	if resources.CPUQuota != 0 {
+		cResources.CPUQuota = resources.CPUQuota
+	}
+	if resources.CpusetCpus != "" {
+		cResources.CpusetCpus = resources.CpusetCpus
+	}
+	if resources.CpusetMems != "" {
+		cResources.CpusetMems = resources.CpusetMems
+	}
+	if resources.Memory != 0 {
+		cResources.Memory = resources.Memory
+	}
+	if resources.MemorySwap != 0 {
+		cResources.MemorySwap = resources.MemorySwap
+	}
+	if resources.MemoryReservation != 0 {
+		cResources.MemoryReservation = resources.MemoryReservation
+	}
+	if resources.KernelMemory != 0 {
+		cResources.KernelMemory = resources.KernelMemory
+	}
+
+	// update HostConfig of container
+	if hostConfig.RestartPolicy.Name != "" {
+		container.HostConfig.RestartPolicy = hostConfig.RestartPolicy
+	}
+
+	if err := container.ToDisk(); err != nil {
+		logrus.Errorf("Error saving updated container: %v", err)
+		return err
+	}
+
+	return nil
+}
+
+func detachMounted(path string) error {
+	return syscall.Unmount(path, syscall.MNT_DETACH)
+}
+
+// UnmountVolumes unmounts all volumes
+func (container *Container) UnmountVolumes(forceSyscall bool, volumeEventLog func(name, action string, attributes map[string]string)) error {
+	var (
+		volumeMounts []volume.MountPoint
+		err          error
+	)
+
+	for _, mntPoint := range container.MountPoints {
+		dest, err := container.GetResourcePath(mntPoint.Destination)
+		if err != nil {
+			return err
+		}
+
+		volumeMounts = append(volumeMounts, volume.MountPoint{Destination: dest, Volume: mntPoint.Volume})
+	}
+
+	// Append any network mounts to the list (this is a no-op on Windows)
+	if volumeMounts, err = appendNetworkMounts(container, volumeMounts); err != nil {
+		return err
+	}
+
+	for _, volumeMount := range volumeMounts {
+		if forceSyscall {
+			if err := detachMounted(volumeMount.Destination); err != nil {
+				logrus.Warnf("%s unmountVolumes: Failed to do lazy umount %v", container.ID, err)
+			}
+		}
+
+		if volumeMount.Volume != nil {
+			if err := volumeMount.Volume.Unmount(); err != nil {
+				return err
+			}
+
+			attributes := map[string]string{
+				"driver":    volumeMount.Volume.DriverName(),
+				"container": container.ID,
+			}
+			volumeEventLog(volumeMount.Volume.Name(), "unmount", attributes)
+		}
+	}
+
+	return nil
+}
+
+// copyExistingContents copies from the source to the destination and
+// ensures the ownership is appropriately set.
+func copyExistingContents(source, destination string) error {
+	volList, err := ioutil.ReadDir(source)
+	if err != nil {
+		return err
+	}
+	if len(volList) > 0 {
+		srcList, err := ioutil.ReadDir(destination)
+		if err != nil {
+			return err
+		}
+		if len(srcList) == 0 {
+			// If the source volume is empty, copies files from the root into the volume
+			if err := chrootarchive.CopyWithTar(source, destination); err != nil {
+				return err
+			}
+		}
+	}
+	return copyOwnership(source, destination)
+}
+
+// copyOwnership copies the permissions and uid:gid of the source file
+// to the destination file
+func copyOwnership(source, destination string) error {
+	stat, err := system.Stat(source)
+	if err != nil {
+		return err
+	}
+
+	if err := os.Chown(destination, int(stat.UID()), int(stat.GID())); err != nil {
+		return err
+	}
+
+	return os.Chmod(destination, os.FileMode(stat.Mode()))
+}
+
+// TmpfsMounts returns the list of tmpfs mounts
+func (container *Container) TmpfsMounts() []Mount {
+	var mounts []Mount
+	for dest, data := range container.HostConfig.Tmpfs {
+		mounts = append(mounts, Mount{
+			Source:      "tmpfs",
+			Destination: dest,
+			Data:        data,
+		})
+	}
+	return mounts
+}
+
+// cleanResourcePath cleans a resource path and prepares to combine with mnt path
+func cleanResourcePath(path string) string {
+	return filepath.Join(string(os.PathSeparator), path)
+}
+
+// canMountFS determines if the file system for the container
+// can be mounted locally. A no-op on non-Windows platforms
+func (container *Container) canMountFS() bool {
+	return true
+}
diff --git a/container/container_windows.go b/container/container_windows.go
new file mode 100644
index 00000000..5c923960
--- /dev/null
+++ b/container/container_windows.go
@@ -0,0 +1,105 @@
+// +build windows
+
+package container
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+
+	"github.com/docker/docker/volume"
+	containertypes "github.com/docker/engine-api/types/container"
+)
+
+// Container holds fields specific to the Windows implementation. See
+// CommonContainer for standard fields common to all containers.
+type Container struct {
+	CommonContainer
+
+	HostnamePath   string
+	HostsPath      string
+	ResolvConfPath string
+	// Fields below here are platform specific.
+}
+
+// ExitStatus provides exit reasons for a container.
+type ExitStatus struct {
+	// The exit code with which the container exited.
+	ExitCode int
+}
+
+// CreateDaemonEnvironment creates a new environment variable slice for this container.
+func (container *Container) CreateDaemonEnvironment(linkedEnv []string) []string {
+	// On Windows, nothing to link. Just return the container environment.
+	return container.Config.Env
+}
+
+// UnmountIpcMounts unmount Ipc related mounts.
+// This is a NOOP on windows.
+func (container *Container) UnmountIpcMounts(unmount func(pth string) error) {
+}
+
+// IpcMounts returns the list of Ipc related mounts.
+func (container *Container) IpcMounts() []Mount {
+	return nil
+}
+
+// UnmountVolumes explicitly unmounts volumes from the container.
+func (container *Container) UnmountVolumes(forceSyscall bool, volumeEventLog func(name, action string, attributes map[string]string)) error {
+	return nil
+}
+
+// TmpfsMounts returns the list of tmpfs mounts
+func (container *Container) TmpfsMounts() []Mount {
+	return nil
+}
+
+// UpdateContainer updates configuration of a container
+func (container *Container) UpdateContainer(hostConfig *containertypes.HostConfig) error {
+	container.Lock()
+	defer container.Unlock()
+	resources := hostConfig.Resources
+	if resources.BlkioWeight != 0 || resources.CPUShares != 0 ||
+		resources.CPUPeriod != 0 || resources.CPUQuota != 0 ||
+		resources.CpusetCpus != "" || resources.CpusetMems != "" ||
+		resources.Memory != 0 || resources.MemorySwap != 0 ||
+		resources.MemoryReservation != 0 || resources.KernelMemory != 0 {
+		return fmt.Errorf("Resource updating isn't supported on Windows")
+	}
+	// update HostConfig of container
+	if hostConfig.RestartPolicy.Name != "" {
+		container.HostConfig.RestartPolicy = hostConfig.RestartPolicy
+	}
+	return nil
+}
+
+// appendNetworkMounts appends any network mounts to the array of mount points passed in.
+// Windows does not support network mounts (not to be confused with SMB network mounts), so
+// this is a no-op.
+func appendNetworkMounts(container *Container, volumeMounts []volume.MountPoint) ([]volume.MountPoint, error) {
+	return volumeMounts, nil
+}
+
+// cleanResourcePath cleans a resource path by removing C:\ syntax, and prepares
+// to combine with a volume path
+func cleanResourcePath(path string) string {
+	if len(path) >= 2 {
+		c := path[0]
+		if path[1] == ':' && ('a' <= c && c <= 'z' || 'A' <= c && c <= 'Z') {
+			path = path[2:]
+		}
+	}
+	return filepath.Join(string(os.PathSeparator), path)
+}
+
+// BuildHostnameFile writes the container's hostname file.
+func (container *Container) BuildHostnameFile() error {
+	return nil
+}
+
+// canMountFS determines if the file system for the container
+// can be mounted locally. In the case of Windows, this is not possible
+// for Hyper-V containers during WORKDIR execution for example.
+func (container *Container) canMountFS() bool {
+	return !containertypes.Isolation.IsHyperV(container.HostConfig.Isolation)
+}
diff --git a/container/history.go b/container/history.go
new file mode 100644
index 00000000..c80c2aa0
--- /dev/null
+++ b/container/history.go
@@ -0,0 +1,30 @@
+package container
+
+import "sort"
+
+// History is a convenience type for storing a list of containers,
+// sorted by creation date in descendant order.
+type History []*Container
+
+// Len returns the number of containers in the history.
+func (history *History) Len() int {
+	return len(*history)
+}
+
+// Less compares two containers and returns true if the second one
+// was created before the first one.
+func (history *History) Less(i, j int) bool {
+	containers := *history
+	return containers[j].Created.Before(containers[i].Created)
+}
+
+// Swap switches containers i and j positions in the history.
+func (history *History) Swap(i, j int) {
+	containers := *history
+	containers[i], containers[j] = containers[j], containers[i]
+}
+
+// sort orders the history by creation date in descendant order.
+func (history *History) sort() {
+	sort.Sort(history)
+}
diff --git a/container/memory_store.go b/container/memory_store.go
new file mode 100644
index 00000000..9fa1165d
--- /dev/null
+++ b/container/memory_store.go
@@ -0,0 +1,92 @@
+package container
+
+import "sync"
+
+// memoryStore implements a Store in memory.
+type memoryStore struct {
+	s map[string]*Container
+	sync.RWMutex
+}
+
+// NewMemoryStore initializes a new memory store.
+func NewMemoryStore() Store {
+	return &memoryStore{
+		s: make(map[string]*Container),
+	}
+}
+
+// Add appends a new container to the memory store.
+// It overrides the id if it existed before.
+func (c *memoryStore) Add(id string, cont *Container) {
+	c.Lock()
+	c.s[id] = cont
+	c.Unlock()
+}
+
+// Get returns a container from the store by id.
+func (c *memoryStore) Get(id string) *Container {
+	c.RLock()
+	res := c.s[id]
+	c.RUnlock()
+	return res
+}
+
+// Delete removes a container from the store by id.
+func (c *memoryStore) Delete(id string) {
+	c.Lock()
+	delete(c.s, id)
+	c.Unlock()
+}
+
+// List returns a sorted list of containers from the store.
+// The containers are ordered by creation date.
+func (c *memoryStore) List() []*Container {
+	containers := History(c.all())
+	containers.sort()
+	return containers
+}
+
+// Size returns the number of containers in the store.
+func (c *memoryStore) Size() int {
+	c.RLock()
+	defer c.RUnlock()
+	return len(c.s)
+}
+
+// First returns the first container found in the store by a given filter.
+func (c *memoryStore) First(filter StoreFilter) *Container {
+	for _, cont := range c.all() {
+		if filter(cont) {
+			return cont
+		}
+	}
+	return nil
+}
+
+// ApplyAll calls the reducer function with every container in the store.
+// This operation is asyncronous in the memory store.
+// NOTE: Modifications to the store MUST NOT be done by the StoreReducer.
+func (c *memoryStore) ApplyAll(apply StoreReducer) {
+	wg := new(sync.WaitGroup)
+	for _, cont := range c.all() {
+		wg.Add(1)
+		go func(container *Container) {
+			apply(container)
+			wg.Done()
+		}(cont)
+	}
+
+	wg.Wait()
+}
+
+func (c *memoryStore) all() []*Container {
+	c.RLock()
+	containers := make([]*Container, 0, len(c.s))
+	for _, cont := range c.s {
+		containers = append(containers, cont)
+	}
+	c.RUnlock()
+	return containers
+}
+
+var _ Store = &memoryStore{}
diff --git a/container/memory_store_test.go b/container/memory_store_test.go
new file mode 100644
index 00000000..f81738fa
--- /dev/null
+++ b/container/memory_store_test.go
@@ -0,0 +1,106 @@
+package container
+
+import (
+	"testing"
+	"time"
+)
+
+func TestNewMemoryStore(t *testing.T) {
+	s := NewMemoryStore()
+	m, ok := s.(*memoryStore)
+	if !ok {
+		t.Fatalf("store is not a memory store %v", s)
+	}
+	if m.s == nil {
+		t.Fatal("expected store map to not be nil")
+	}
+}
+
+func TestAddContainers(t *testing.T) {
+	s := NewMemoryStore()
+	s.Add("id", NewBaseContainer("id", "root"))
+	if s.Size() != 1 {
+		t.Fatalf("expected store size 1, got %v", s.Size())
+	}
+}
+
+func TestGetContainer(t *testing.T) {
+	s := NewMemoryStore()
+	s.Add("id", NewBaseContainer("id", "root"))
+	c := s.Get("id")
+	if c == nil {
+		t.Fatal("expected container to not be nil")
+	}
+}
+
+func TestDeleteContainer(t *testing.T) {
+	s := NewMemoryStore()
+	s.Add("id", NewBaseContainer("id", "root"))
+	s.Delete("id")
+	if c := s.Get("id"); c != nil {
+		t.Fatalf("expected container to be nil after removal, got %v", c)
+	}
+
+	if s.Size() != 0 {
+		t.Fatalf("expected store size to be 0, got %v", s.Size())
+	}
+}
+
+func TestListContainers(t *testing.T) {
+	s := NewMemoryStore()
+
+	cont := NewBaseContainer("id", "root")
+	cont.Created = time.Now()
+	cont2 := NewBaseContainer("id2", "root")
+	cont2.Created = time.Now().Add(24 * time.Hour)
+
+	s.Add("id", cont)
+	s.Add("id2", cont2)
+
+	list := s.List()
+	if len(list) != 2 {
+		t.Fatalf("expected list size 2, got %v", len(list))
+	}
+	if list[0].ID != "id2" {
+		t.Fatalf("expected older container to be first, got %v", list[0].ID)
+	}
+}
+
+func TestFirstContainer(t *testing.T) {
+	s := NewMemoryStore()
+
+	s.Add("id", NewBaseContainer("id", "root"))
+	s.Add("id2", NewBaseContainer("id2", "root"))
+
+	first := s.First(func(cont *Container) bool {
+		return cont.ID == "id2"
+	})
+
+	if first == nil {
+		t.Fatal("expected container to not be nil")
+	}
+	if first.ID != "id2" {
+		t.Fatalf("expected id2, got %v", first)
+	}
+}
+
+func TestApplyAllContainer(t *testing.T) {
+	s := NewMemoryStore()
+
+	s.Add("id", NewBaseContainer("id", "root"))
+	s.Add("id2", NewBaseContainer("id2", "root"))
+
+	s.ApplyAll(func(cont *Container) {
+		if cont.ID == "id2" {
+			cont.ID = "newID"
+		}
+	})
+
+	cont := s.Get("id2")
+	if cont == nil {
+		t.Fatal("expected container to not be nil")
+	}
+	if cont.ID != "newID" {
+		t.Fatalf("expected newID, got %v", cont)
+	}
+}
diff --git a/container/monitor.go b/container/monitor.go
new file mode 100644
index 00000000..ba82d875
--- /dev/null
+++ b/container/monitor.go
@@ -0,0 +1,60 @@
+package container
+
+import (
+	"time"
+
+	"github.com/Sirupsen/logrus"
+)
+
+const (
+	loggerCloseTimeout = 10 * time.Second
+)
+
+// supervisor defines the interface that a supervisor must implement
+type supervisor interface {
+	// LogContainerEvent generates events related to a given container
+	LogContainerEvent(*Container, string)
+	// Cleanup ensures that the container is properly unmounted
+	Cleanup(*Container)
+	// StartLogging starts the logging driver for the container
+	StartLogging(*Container) error
+	// Run starts a container
+	Run(c *Container) error
+	// IsShuttingDown tells whether the supervisor is shutting down or not
+	IsShuttingDown() bool
+}
+
+// Reset puts a container into a state where it can be restarted again.
+func (container *Container) Reset(lock bool) {
+	if lock {
+		container.Lock()
+		defer container.Unlock()
+	}
+
+	if err := container.CloseStreams(); err != nil {
+		logrus.Errorf("%s: %s", container.ID, err)
+	}
+
+	// Re-create a brand new stdin pipe once the container exited
+	if container.Config.OpenStdin {
+		container.NewInputPipes()
+	}
+
+	if container.LogDriver != nil {
+		if container.LogCopier != nil {
+			exit := make(chan struct{})
+			go func() {
+				container.LogCopier.Wait()
+				close(exit)
+			}()
+			select {
+			case <-time.After(loggerCloseTimeout):
+				logrus.Warnf("Logger didn't exit in time: logs may be truncated")
+			case <-exit:
+			}
+		}
+		container.LogDriver.Close()
+		container.LogCopier = nil
+		container.LogDriver = nil
+	}
+}
diff --git a/container/mounts_unix.go b/container/mounts_unix.go
new file mode 100644
index 00000000..c52abed2
--- /dev/null
+++ b/container/mounts_unix.go
@@ -0,0 +1,12 @@
+// +build !windows
+
+package container
+
+// Mount contains information for a mount operation.
+type Mount struct {
+	Source      string `json:"source"`
+	Destination string `json:"destination"`
+	Writable    bool   `json:"writable"`
+	Data        string `json:"data"`
+	Propagation string `json:"mountpropagation"`
+}
diff --git a/container/mounts_windows.go b/container/mounts_windows.go
new file mode 100644
index 00000000..01b327f7
--- /dev/null
+++ b/container/mounts_windows.go
@@ -0,0 +1,8 @@
+package container
+
+// Mount contains information for a mount operation.
+type Mount struct {
+	Source      string `json:"source"`
+	Destination string `json:"destination"`
+	Writable    bool   `json:"writable"`
+}
diff --git a/container/state.go b/container/state.go
new file mode 100644
index 00000000..a12a193e
--- /dev/null
+++ b/container/state.go
@@ -0,0 +1,283 @@
+package container
+
+import (
+	"fmt"
+	"sync"
+	"time"
+
+	"github.com/docker/go-units"
+)
+
+// State holds the current container state, and has methods to get and
+// set the state. Container has an embed, which allows all of the
+// functions defined against State to run against Container.
+type State struct {
+	sync.Mutex
+	// FIXME: Why do we have both paused and running if a
+	// container cannot be paused and running at the same time?
+	Running           bool
+	Paused            bool
+	Restarting        bool
+	OOMKilled         bool
+	RemovalInProgress bool // Not need for this to be persistent on disk.
+	Dead              bool
+	Pid               int
+	ExitCode          int
+	Error             string // contains last known error when starting the container
+	StartedAt         time.Time
+	FinishedAt        time.Time
+	waitChan          chan struct{}
+}
+
+// NewState creates a default state object with a fresh channel for state changes.
+func NewState() *State {
+	return &State{
+		waitChan: make(chan struct{}),
+	}
+}
+
+// String returns a human-readable description of the state
+func (s *State) String() string {
+	if s.Running {
+		if s.Paused {
+			return fmt.Sprintf("Up %s (Paused)", units.HumanDuration(time.Now().UTC().Sub(s.StartedAt)))
+		}
+		if s.Restarting {
+			return fmt.Sprintf("Restarting (%d) %s ago", s.ExitCode, units.HumanDuration(time.Now().UTC().Sub(s.FinishedAt)))
+		}
+
+		return fmt.Sprintf("Up %s", units.HumanDuration(time.Now().UTC().Sub(s.StartedAt)))
+	}
+
+	if s.RemovalInProgress {
+		return "Removal In Progress"
+	}
+
+	if s.Dead {
+		return "Dead"
+	}
+
+	if s.StartedAt.IsZero() {
+		return "Created"
+	}
+
+	if s.FinishedAt.IsZero() {
+		return ""
+	}
+
+	return fmt.Sprintf("Exited (%d) %s ago", s.ExitCode, units.HumanDuration(time.Now().UTC().Sub(s.FinishedAt)))
+}
+
+// StateString returns a single string to describe state
+func (s *State) StateString() string {
+	if s.Running {
+		if s.Paused {
+			return "paused"
+		}
+		if s.Restarting {
+			return "restarting"
+		}
+		return "running"
+	}
+
+	if s.Dead {
+		return "dead"
+	}
+
+	if s.StartedAt.IsZero() {
+		return "created"
+	}
+
+	return "exited"
+}
+
+// IsValidStateString checks if the provided string is a valid container state or not.
+func IsValidStateString(s string) bool {
+	if s != "paused" &&
+		s != "restarting" &&
+		s != "running" &&
+		s != "dead" &&
+		s != "created" &&
+		s != "exited" {
+		return false
+	}
+	return true
+}
+
+func wait(waitChan <-chan struct{}, timeout time.Duration) error {
+	if timeout < 0 {
+		<-waitChan
+		return nil
+	}
+	select {
+	case <-time.After(timeout):
+		return fmt.Errorf("Timed out: %v", timeout)
+	case <-waitChan:
+		return nil
+	}
+}
+
+// WaitRunning waits until state is running. If state is already
+// running it returns immediately. If you want wait forever you must
+// supply negative timeout. Returns pid, that was passed to
+// SetRunning.
+func (s *State) WaitRunning(timeout time.Duration) (int, error) {
+	s.Lock()
+	if s.Running {
+		pid := s.Pid
+		s.Unlock()
+		return pid, nil
+	}
+	waitChan := s.waitChan
+	s.Unlock()
+	if err := wait(waitChan, timeout); err != nil {
+		return -1, err
+	}
+	return s.GetPID(), nil
+}
+
+// WaitStop waits until state is stopped. If state already stopped it returns
+// immediately. If you want wait forever you must supply negative timeout.
+// Returns exit code, that was passed to SetStoppedLocking
+func (s *State) WaitStop(timeout time.Duration) (int, error) {
+	s.Lock()
+	if !s.Running {
+		exitCode := s.ExitCode
+		s.Unlock()
+		return exitCode, nil
+	}
+	waitChan := s.waitChan
+	s.Unlock()
+	if err := wait(waitChan, timeout); err != nil {
+		return -1, err
+	}
+	return s.getExitCode(), nil
+}
+
+// IsRunning returns whether the running flag is set. Used by Container to check whether a container is running.
+func (s *State) IsRunning() bool {
+	s.Lock()
+	res := s.Running
+	s.Unlock()
+	return res
+}
+
+// GetPID holds the process id of a container.
+func (s *State) GetPID() int {
+	s.Lock()
+	res := s.Pid
+	s.Unlock()
+	return res
+}
+
+func (s *State) getExitCode() int {
+	s.Lock()
+	res := s.ExitCode
+	s.Unlock()
+	return res
+}
+
+// SetRunning sets the state of the container to "running".
+func (s *State) SetRunning(pid int, initial bool) {
+	s.Error = ""
+	s.Running = true
+	s.Paused = false
+	s.Restarting = false
+	s.ExitCode = 0
+	s.Pid = pid
+	if initial {
+		s.StartedAt = time.Now().UTC()
+	}
+	close(s.waitChan) // fire waiters for start
+	s.waitChan = make(chan struct{})
+}
+
+// SetStoppedLocking locks the container state is sets it to "stopped".
+func (s *State) SetStoppedLocking(exitStatus *ExitStatus) {
+	s.Lock()
+	s.SetStopped(exitStatus)
+	s.Unlock()
+}
+
+// SetStopped sets the container state to "stopped" without locking.
+func (s *State) SetStopped(exitStatus *ExitStatus) {
+	s.Running = false
+	s.Paused = false
+	s.Restarting = false
+	s.Pid = 0
+	s.FinishedAt = time.Now().UTC()
+	s.setFromExitStatus(exitStatus)
+	close(s.waitChan) // fire waiters for stop
+	s.waitChan = make(chan struct{})
+}
+
+// SetRestartingLocking is when docker handles the auto restart of containers when they are
+// in the middle of a stop and being restarted again
+func (s *State) SetRestartingLocking(exitStatus *ExitStatus) {
+	s.Lock()
+	s.SetRestarting(exitStatus)
+	s.Unlock()
+}
+
+// SetRestarting sets the container state to "restarting".
+// It also sets the container PID to 0.
+func (s *State) SetRestarting(exitStatus *ExitStatus) {
+	// we should consider the container running when it is restarting because of
+	// all the checks in docker around rm/stop/etc
+	s.Running = true
+	s.Restarting = true
+	s.Pid = 0
+	s.FinishedAt = time.Now().UTC()
+	s.setFromExitStatus(exitStatus)
+	close(s.waitChan) // fire waiters for stop
+	s.waitChan = make(chan struct{})
+}
+
+// SetError sets the container's error state. This is useful when we want to
+// know the error that occurred when container transits to another state
+// when inspecting it
+func (s *State) SetError(err error) {
+	s.Error = err.Error()
+}
+
+// IsPaused returns whether the container is paused or not.
+func (s *State) IsPaused() bool {
+	s.Lock()
+	res := s.Paused
+	s.Unlock()
+	return res
+}
+
+// IsRestarting returns whether the container is restarting or not.
+func (s *State) IsRestarting() bool {
+	s.Lock()
+	res := s.Restarting
+	s.Unlock()
+	return res
+}
+
+// SetRemovalInProgress sets the container state as being removed.
+// It returns true if the container was already in that state.
+func (s *State) SetRemovalInProgress() bool {
+	s.Lock()
+	defer s.Unlock()
+	if s.RemovalInProgress {
+		return true
+	}
+	s.RemovalInProgress = true
+	return false
+}
+
+// ResetRemovalInProgress make the RemovalInProgress state to false.
+func (s *State) ResetRemovalInProgress() {
+	s.Lock()
+	s.RemovalInProgress = false
+	s.Unlock()
+}
+
+// SetDead sets the container state to "dead"
+func (s *State) SetDead() {
+	s.Lock()
+	s.Dead = true
+	s.Unlock()
+}
diff --git a/container/state_test.go b/container/state_test.go
new file mode 100644
index 00000000..7b35b178
--- /dev/null
+++ b/container/state_test.go
@@ -0,0 +1,109 @@
+package container
+
+import (
+	"sync/atomic"
+	"testing"
+	"time"
+)
+
+func TestStateRunStop(t *testing.T) {
+	s := NewState()
+	for i := 1; i < 3; i++ { // full lifecycle two times
+		started := make(chan struct{})
+		var pid int64
+		go func() {
+			runPid, _ := s.WaitRunning(-1 * time.Second)
+			atomic.StoreInt64(&pid, int64(runPid))
+			close(started)
+		}()
+		s.Lock()
+		s.SetRunning(i+100, false)
+		s.Unlock()
+
+		if !s.IsRunning() {
+			t.Fatal("State not running")
+		}
+		if s.Pid != i+100 {
+			t.Fatalf("Pid %v, expected %v", s.Pid, i+100)
+		}
+		if s.ExitCode != 0 {
+			t.Fatalf("ExitCode %v, expected 0", s.ExitCode)
+		}
+		select {
+		case <-time.After(100 * time.Millisecond):
+			t.Fatal("Start callback doesn't fire in 100 milliseconds")
+		case <-started:
+			t.Log("Start callback fired")
+		}
+		runPid := int(atomic.LoadInt64(&pid))
+		if runPid != i+100 {
+			t.Fatalf("Pid %v, expected %v", runPid, i+100)
+		}
+		if pid, err := s.WaitRunning(-1 * time.Second); err != nil || pid != i+100 {
+			t.Fatalf("WaitRunning returned pid: %v, err: %v, expected pid: %v, err: %v", pid, err, i+100, nil)
+		}
+
+		stopped := make(chan struct{})
+		var exit int64
+		go func() {
+			exitCode, _ := s.WaitStop(-1 * time.Second)
+			atomic.StoreInt64(&exit, int64(exitCode))
+			close(stopped)
+		}()
+		s.SetStoppedLocking(&ExitStatus{ExitCode: i})
+		if s.IsRunning() {
+			t.Fatal("State is running")
+		}
+		if s.ExitCode != i {
+			t.Fatalf("ExitCode %v, expected %v", s.ExitCode, i)
+		}
+		if s.Pid != 0 {
+			t.Fatalf("Pid %v, expected 0", s.Pid)
+		}
+		select {
+		case <-time.After(100 * time.Millisecond):
+			t.Fatal("Stop callback doesn't fire in 100 milliseconds")
+		case <-stopped:
+			t.Log("Stop callback fired")
+		}
+		exitCode := int(atomic.LoadInt64(&exit))
+		if exitCode != i {
+			t.Fatalf("ExitCode %v, expected %v", exitCode, i)
+		}
+		if exitCode, err := s.WaitStop(-1 * time.Second); err != nil || exitCode != i {
+			t.Fatalf("WaitStop returned exitCode: %v, err: %v, expected exitCode: %v, err: %v", exitCode, err, i, nil)
+		}
+	}
+}
+
+func TestStateTimeoutWait(t *testing.T) {
+	s := NewState()
+	started := make(chan struct{})
+	go func() {
+		s.WaitRunning(100 * time.Millisecond)
+		close(started)
+	}()
+	select {
+	case <-time.After(200 * time.Millisecond):
+		t.Fatal("Start callback doesn't fire in 100 milliseconds")
+	case <-started:
+		t.Log("Start callback fired")
+	}
+
+	s.Lock()
+	s.SetRunning(49, false)
+	s.Unlock()
+
+	stopped := make(chan struct{})
+	go func() {
+		s.WaitRunning(100 * time.Millisecond)
+		close(stopped)
+	}()
+	select {
+	case <-time.After(200 * time.Millisecond):
+		t.Fatal("Start callback doesn't fire in 100 milliseconds")
+	case <-stopped:
+		t.Log("Start callback fired")
+	}
+
+}
diff --git a/container/state_unix.go b/container/state_unix.go
new file mode 100644
index 00000000..8d25a237
--- /dev/null
+++ b/container/state_unix.go
@@ -0,0 +1,10 @@
+// +build linux freebsd
+
+package container
+
+// setFromExitStatus is a platform specific helper function to set the state
+// based on the ExitStatus structure.
+func (s *State) setFromExitStatus(exitStatus *ExitStatus) {
+	s.ExitCode = exitStatus.ExitCode
+	s.OOMKilled = exitStatus.OOMKilled
+}
diff --git a/container/state_windows.go b/container/state_windows.go
new file mode 100644
index 00000000..02802a02
--- /dev/null
+++ b/container/state_windows.go
@@ -0,0 +1,7 @@
+package container
+
+// setFromExitStatus is a platform specific helper function to set the state
+// based on the ExitStatus structure.
+func (s *State) setFromExitStatus(exitStatus *ExitStatus) {
+	s.ExitCode = exitStatus.ExitCode
+}
diff --git a/container/store.go b/container/store.go
new file mode 100644
index 00000000..042fb1a3
--- /dev/null
+++ b/container/store.go
@@ -0,0 +1,28 @@
+package container
+
+// StoreFilter defines a function to filter
+// container in the store.
+type StoreFilter func(*Container) bool
+
+// StoreReducer defines a function to
+// manipulate containers in the store
+type StoreReducer func(*Container)
+
+// Store defines an interface that
+// any container store must implement.
+type Store interface {
+	// Add appends a new container to the store.
+	Add(string, *Container)
+	// Get returns a container from the store by the identifier it was stored with.
+	Get(string) *Container
+	// Delete removes a container from the store by the identifier it was stored with.
+	Delete(string)
+	// List returns a list of containers from the store.
+	List() []*Container
+	// Size returns the number of containers in the store.
+	Size() int
+	// First returns the first container found in the store by a given filter.
+	First(StoreFilter) *Container
+	// ApplyAll calls the reducer function with every container in the store.
+	ApplyAll(StoreReducer)
+}
diff --git a/contrib/README.md b/contrib/README.md
new file mode 100644
index 00000000..92b1d944
--- /dev/null
+++ b/contrib/README.md
@@ -0,0 +1,4 @@
+The `contrib` directory contains scripts, images, and other helpful things
+which are not part of the core docker distribution. Please note that they
+could be out of date, since they do not receive the same attention as the
+rest of the repository.
diff --git a/contrib/REVIEWERS b/contrib/REVIEWERS
new file mode 100644
index 00000000..18e05a30
--- /dev/null
+++ b/contrib/REVIEWERS
@@ -0,0 +1 @@
+Tianon Gravi <admwiggin@gmail.com> (@tianon)
diff --git a/contrib/apparmor/main.go b/contrib/apparmor/main.go
new file mode 100644
index 00000000..f4a2978b
--- /dev/null
+++ b/contrib/apparmor/main.go
@@ -0,0 +1,56 @@
+package main
+
+import (
+	"fmt"
+	"log"
+	"os"
+	"path"
+	"text/template"
+
+	"github.com/docker/docker/pkg/aaparser"
+)
+
+type profileData struct {
+	Version int
+}
+
+func main() {
+	if len(os.Args) < 2 {
+		log.Fatal("pass a filename to save the profile in.")
+	}
+
+	// parse the arg
+	apparmorProfilePath := os.Args[1]
+
+	version, err := aaparser.GetVersion()
+	if err != nil {
+		log.Fatal(err)
+	}
+	data := profileData{
+		Version: version,
+	}
+	fmt.Printf("apparmor_parser is of version %+v\n", data)
+
+	// parse the template
+	compiled, err := template.New("apparmor_profile").Parse(dockerProfileTemplate)
+	if err != nil {
+		log.Fatalf("parsing template failed: %v", err)
+	}
+
+	// make sure /etc/apparmor.d exists
+	if err := os.MkdirAll(path.Dir(apparmorProfilePath), 0755); err != nil {
+		log.Fatal(err)
+	}
+
+	f, err := os.OpenFile(apparmorProfilePath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0644)
+	if err != nil {
+		log.Fatal(err)
+	}
+	defer f.Close()
+
+	if err := compiled.Execute(f, data); err != nil {
+		log.Fatalf("executing template failed: %v", err)
+	}
+
+	fmt.Printf("created apparmor profile for version %+v at %q\n", data, apparmorProfilePath)
+}
diff --git a/contrib/apparmor/template.go b/contrib/apparmor/template.go
new file mode 100644
index 00000000..e5e1c8be
--- /dev/null
+++ b/contrib/apparmor/template.go
@@ -0,0 +1,268 @@
+package main
+
+const dockerProfileTemplate = `@{DOCKER_GRAPH_PATH}=/var/lib/docker
+
+profile /usr/bin/docker (attach_disconnected, complain) {
+  # Prevent following links to these files during container setup.
+  deny /etc/** mkl,
+  deny /dev/** kl,
+  deny /sys/** mkl,
+  deny /proc/** mkl,
+
+  mount -> @{DOCKER_GRAPH_PATH}/**,
+  mount -> /,
+  mount -> /proc/**,
+  mount -> /sys/**,
+  mount -> /run/docker/netns/**,
+  mount -> /.pivot_root[0-9]*/,
+
+  / r,
+
+  umount,
+  pivot_root,
+{{if ge .Version 209000}}
+  signal (receive) peer=@{profile_name},
+  signal (receive) peer=unconfined,
+  signal (send),
+{{end}}
+  network,
+  capability,
+  owner /** rw,
+  @{DOCKER_GRAPH_PATH}/** rwl,
+  @{DOCKER_GRAPH_PATH}/linkgraph.db k,
+  @{DOCKER_GRAPH_PATH}/network/files/boltdb.db k,
+  @{DOCKER_GRAPH_PATH}/network/files/local-kv.db k,
+  @{DOCKER_GRAPH_PATH}/[0-9]*.[0-9]*/linkgraph.db k,
+
+  # For non-root client use:
+  /dev/urandom r,
+  /dev/null rw,
+  /dev/pts/[0-9]* rw,
+  /run/docker.sock rw,
+  /proc/** r,
+  /proc/[0-9]*/attr/exec w,
+  /sys/kernel/mm/hugepages/ r,
+  /etc/localtime r,
+  /etc/ld.so.cache r,
+  /etc/passwd r,
+
+{{if ge .Version 209000}}
+  ptrace peer=@{profile_name},
+  ptrace (read) peer=docker-default,
+  deny ptrace (trace) peer=docker-default,
+  deny ptrace peer=/usr/bin/docker///bin/ps,
+{{end}}
+
+  /usr/lib/** rm,
+  /lib/** rm,
+
+  /usr/bin/docker pix,
+  /sbin/xtables-multi rCx,
+  /sbin/iptables rCx,
+  /sbin/modprobe rCx,
+  /sbin/auplink rCx,
+  /sbin/mke2fs rCx,
+  /sbin/tune2fs rCx,
+  /sbin/blkid rCx,
+  /bin/kmod rCx,
+  /usr/bin/xz rCx,
+  /bin/ps rCx,
+  /bin/tar rCx,
+  /bin/cat rCx,
+  /sbin/zfs rCx,
+  /sbin/apparmor_parser rCx,
+
+{{if ge .Version 209000}}
+  # Transitions
+  change_profile -> docker-*,
+  change_profile -> unconfined,
+{{end}}
+
+  profile /bin/cat (complain) {
+    /etc/ld.so.cache r,
+    /lib/** rm,
+    /dev/null rw,
+    /proc r,
+    /bin/cat mr,
+
+    # For reading in 'docker stats':
+    /proc/[0-9]*/net/dev r,
+  }
+  profile /bin/ps (complain) {
+    /etc/ld.so.cache r,
+    /etc/localtime r,
+    /etc/passwd r,
+    /etc/nsswitch.conf r,
+    /lib/** rm,
+    /proc/[0-9]*/** r,
+    /dev/null rw,
+    /bin/ps mr,
+
+{{if ge .Version 209000}}
+    # We don't need ptrace so we'll deny and ignore the error.
+    deny ptrace (read, trace),
+{{end}}
+
+    # Quiet dac_override denials
+    deny capability dac_override,
+    deny capability dac_read_search,
+    deny capability sys_ptrace,
+
+    /dev/tty r,
+    /proc/stat r,
+    /proc/cpuinfo r,
+    /proc/meminfo r,
+    /proc/uptime r,
+    /sys/devices/system/cpu/online r,
+    /proc/sys/kernel/pid_max r,
+    /proc/ r,
+    /proc/tty/drivers r,
+  }
+  profile /sbin/iptables (complain) {
+{{if ge .Version 209000}}
+    signal (receive) peer=/usr/bin/docker,
+{{end}}
+    capability net_admin,
+  }
+  profile /sbin/auplink flags=(attach_disconnected, complain) {
+{{if ge .Version 209000}}
+    signal (receive) peer=/usr/bin/docker,
+{{end}}
+    capability sys_admin,
+    capability dac_override,
+
+    @{DOCKER_GRAPH_PATH}/aufs/** rw,
+    @{DOCKER_GRAPH_PATH}/tmp/** rw,
+    # For user namespaces:
+    @{DOCKER_GRAPH_PATH}/[0-9]*.[0-9]*/** rw,
+
+    /sys/fs/aufs/** r,
+    /lib/** rm,
+    /apparmor/.null r,
+    /dev/null rw,
+    /etc/ld.so.cache r,
+    /sbin/auplink rm,
+    /proc/fs/aufs/** rw,
+    /proc/[0-9]*/mounts rw,
+  }
+  profile /sbin/modprobe /bin/kmod (complain) {
+{{if ge .Version 209000}}
+    signal (receive) peer=/usr/bin/docker,
+{{end}}
+    capability sys_module,
+    /etc/ld.so.cache r,
+    /lib/** rm,
+    /dev/null rw,
+    /apparmor/.null rw,
+    /sbin/modprobe rm,
+    /bin/kmod rm,
+    /proc/cmdline r,
+    /sys/module/** r,
+    /etc/modprobe.d{/,/**} r,
+  }
+  # xz works via pipes, so we do not need access to the filesystem.
+  profile /usr/bin/xz (complain) {
+{{if ge .Version 209000}}
+    signal (receive) peer=/usr/bin/docker,
+{{end}}
+    /etc/ld.so.cache r,
+    /lib/** rm,
+    /usr/bin/xz rm,
+    deny /proc/** rw,
+    deny /sys/** rw,
+  }
+  profile /sbin/xtables-multi (attach_disconnected, complain) {
+    /etc/ld.so.cache r,
+    /lib/** rm,
+    /sbin/xtables-multi rm,
+    /apparmor/.null w,
+    /dev/null rw,
+
+    /proc r,
+
+    capability net_raw,
+    capability net_admin,
+    network raw,
+  }
+  profile /sbin/zfs (attach_disconnected, complain) {
+    file,
+    capability,
+  }
+  profile /sbin/mke2fs (complain) {
+    /sbin/mke2fs rm,
+
+    /lib/** rm,
+
+    /apparmor/.null w,
+
+    /etc/ld.so.cache r,
+    /etc/mke2fs.conf r,
+    /etc/mtab r,
+
+    /dev/dm-* rw,
+    /dev/urandom r,
+    /dev/null rw,
+
+    /proc/swaps r,
+    /proc/[0-9]*/mounts r,
+  }
+  profile /sbin/tune2fs (complain) {
+    /sbin/tune2fs rm,
+
+    /lib/** rm,
+
+    /apparmor/.null w,
+
+    /etc/blkid.conf r,
+    /etc/mtab r,
+    /etc/ld.so.cache r,
+
+    /dev/null rw,
+    /dev/.blkid.tab r,
+    /dev/dm-* rw,
+
+    /proc/swaps r,
+    /proc/[0-9]*/mounts r,
+  }
+  profile /sbin/blkid (complain) {
+    /sbin/blkid rm,
+
+    /lib/** rm,
+    /apparmor/.null w,
+
+    /etc/ld.so.cache r,
+    /etc/blkid.conf r,
+
+    /dev/null rw,
+    /dev/.blkid.tab rl,
+    /dev/.blkid.tab* rwl,
+    /dev/dm-* r,
+
+    /sys/devices/virtual/block/** r,
+
+    capability mknod,
+
+    mount -> @{DOCKER_GRAPH_PATH}/**,
+  }
+  profile /sbin/apparmor_parser (complain) {
+    /sbin/apparmor_parser rm,
+
+    /lib/** rm,
+
+    /etc/ld.so.cache r,
+    /etc/apparmor/** r,
+    /etc/apparmor.d/** r,
+    /etc/apparmor.d/cache/** w,
+
+    /dev/null rw,
+
+    /sys/kernel/security/apparmor/** r,
+    /sys/kernel/security/apparmor/.replace w,
+
+    /proc/[0-9]*/mounts r,
+    /proc/sys/kernel/osrelease r,
+    /proc r,
+
+    capability mac_admin,
+  }
+}`
diff --git a/contrib/builder/deb/amd64/README.md b/contrib/builder/deb/amd64/README.md
new file mode 100644
index 00000000..20a0ff10
--- /dev/null
+++ b/contrib/builder/deb/amd64/README.md
@@ -0,0 +1,5 @@
+# `dockercore/builder-deb`
+
+This image's tags contain the dependencies for building Docker `.deb`s for each of the Debian-based platforms Docker targets.
+
+To add new tags, see [`contrib/builder/deb/amd64` in https://github.com/docker/docker](https://github.com/docker/docker/tree/master/contrib/builder/deb/amd64), specifically the `generate.sh` script, whose usage is described in a comment at the top of the file.
diff --git a/contrib/builder/deb/amd64/build.sh b/contrib/builder/deb/amd64/build.sh
new file mode 100755
index 00000000..8271d9dc
--- /dev/null
+++ b/contrib/builder/deb/amd64/build.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+set -e
+
+cd "$(dirname "$(readlink -f "$BASH_SOURCE")")"
+
+set -x
+./generate.sh
+for d in */; do
+	docker build -t "dockercore/builder-deb:$(basename "$d")" "$d"
+done
diff --git a/contrib/builder/deb/amd64/debian-jessie/Dockerfile b/contrib/builder/deb/amd64/debian-jessie/Dockerfile
new file mode 100644
index 00000000..43e2cb08
--- /dev/null
+++ b/contrib/builder/deb/amd64/debian-jessie/Dockerfile
@@ -0,0 +1,16 @@
+#
+# THIS FILE IS AUTOGENERATED; SEE "contrib/builder/deb/amd64/generate.sh"!
+#
+
+FROM debian:jessie
+
+RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev  libsqlite3-dev pkg-config libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
+
+ENV GO_VERSION 1.5.4
+RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
+ENV PATH $PATH:/usr/local/go/bin
+
+ENV AUTO_GOPATH 1
+
+ENV DOCKER_BUILDTAGS apparmor pkcs11 selinux
+ENV RUNC_BUILDTAGS apparmor selinux
diff --git a/contrib/builder/deb/amd64/debian-stretch/Dockerfile b/contrib/builder/deb/amd64/debian-stretch/Dockerfile
new file mode 100644
index 00000000..5bba0ae0
--- /dev/null
+++ b/contrib/builder/deb/amd64/debian-stretch/Dockerfile
@@ -0,0 +1,16 @@
+#
+# THIS FILE IS AUTOGENERATED; SEE "contrib/builder/deb/amd64/generate.sh"!
+#
+
+FROM debian:stretch
+
+RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libseccomp-dev libsqlite3-dev pkg-config libsystemd-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
+
+ENV GO_VERSION 1.5.4
+RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
+ENV PATH $PATH:/usr/local/go/bin
+
+ENV AUTO_GOPATH 1
+
+ENV DOCKER_BUILDTAGS apparmor pkcs11 seccomp selinux
+ENV RUNC_BUILDTAGS apparmor seccomp selinux
diff --git a/contrib/builder/deb/amd64/debian-wheezy/Dockerfile b/contrib/builder/deb/amd64/debian-wheezy/Dockerfile
new file mode 100644
index 00000000..3568c69d
--- /dev/null
+++ b/contrib/builder/deb/amd64/debian-wheezy/Dockerfile
@@ -0,0 +1,17 @@
+#
+# THIS FILE IS AUTOGENERATED; SEE "contrib/builder/deb/amd64/generate.sh"!
+#
+
+FROM debian:wheezy-backports
+
+RUN apt-get update && apt-get install -y -t wheezy-backports btrfs-tools --no-install-recommends && rm -rf /var/lib/apt/lists/*
+RUN apt-get update && apt-get install -y apparmor bash-completion  build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev  libsqlite3-dev pkg-config --no-install-recommends && rm -rf /var/lib/apt/lists/*
+
+ENV GO_VERSION 1.5.4
+RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
+ENV PATH $PATH:/usr/local/go/bin
+
+ENV AUTO_GOPATH 1
+
+ENV DOCKER_BUILDTAGS apparmor pkcs11 selinux
+ENV RUNC_BUILDTAGS apparmor selinux
diff --git a/contrib/builder/deb/amd64/generate.sh b/contrib/builder/deb/amd64/generate.sh
new file mode 100755
index 00000000..fe9ff224
--- /dev/null
+++ b/contrib/builder/deb/amd64/generate.sh
@@ -0,0 +1,131 @@
+#!/bin/bash
+set -e
+
+# usage: ./generate.sh [versions]
+#    ie: ./generate.sh
+#        to update all Dockerfiles in this directory
+#    or: ./generate.sh debian-jessie
+#        to only update debian-jessie/Dockerfile
+#    or: ./generate.sh debian-newversion
+#        to create a new folder and a Dockerfile within it
+
+cd "$(dirname "$(readlink -f "$BASH_SOURCE")")"
+
+versions=( "$@" )
+if [ ${#versions[@]} -eq 0 ]; then
+	versions=( */ )
+fi
+versions=( "${versions[@]%/}" )
+
+for version in "${versions[@]}"; do
+	distro="${version%-*}"
+	suite="${version##*-}"
+	from="${distro}:${suite}"
+
+	case "$from" in
+		debian:wheezy)
+			# add -backports, like our users have to
+			from+='-backports'
+			;;
+	esac
+
+	mkdir -p "$version"
+	echo "$version -> FROM $from"
+	cat > "$version/Dockerfile" <<-EOF
+		#
+		# THIS FILE IS AUTOGENERATED; SEE "contrib/builder/deb/amd64/generate.sh"!
+		#
+
+		FROM $from
+	EOF
+
+	echo >> "$version/Dockerfile"
+
+	extraBuildTags='pkcs11'
+	runcBuildTags=
+
+	# this list is sorted alphabetically; please keep it that way
+	packages=(
+		apparmor # for apparmor_parser for testing the profile
+		bash-completion # for bash-completion debhelper integration
+		btrfs-tools # for "btrfs/ioctl.h" (and "version.h" if possible)
+		build-essential # "essential for building Debian packages"
+		curl ca-certificates # for downloading Go
+		debhelper # for easy ".deb" building
+		dh-apparmor # for apparmor debhelper
+		dh-systemd # for systemd debhelper integration
+		git # for "git commit" info in "docker -v"
+		libapparmor-dev # for "sys/apparmor.h"
+		libdevmapper-dev # for "libdevmapper.h"
+		libltdl-dev # for pkcs11 "ltdl.h"
+		libseccomp-dev  # for "seccomp.h" & "libseccomp.so"
+		libsqlite3-dev # for "sqlite3.h"
+		pkg-config # for detecting things like libsystemd-journal dynamically
+	)
+	# packaging for "sd-journal.h" and libraries varies
+	case "$suite" in
+		precise|wheezy) ;;
+		sid|stretch|wily|xenial) packages+=( libsystemd-dev );;
+		*) packages+=( libsystemd-journal-dev );;
+	esac
+
+	# debian wheezy & ubuntu precise do not have the right libseccomp libs
+	# debian jessie & ubuntu trusty have a libseccomp < 2.2.1 :(
+	case "$suite" in
+		precise|wheezy|jessie|trusty)
+			packages=( "${packages[@]/libseccomp-dev}" )
+			runcBuildTags="apparmor selinux"
+			;;
+		*)
+			extraBuildTags+=' seccomp'
+			runcBuildTags="apparmor seccomp selinux"
+			;;
+	esac
+
+
+	if [ "$suite" = 'precise' ]; then
+		# precise has a few package issues
+
+		# - dh-systemd doesn't exist at all
+		packages=( "${packages[@]/dh-systemd}" )
+
+		# - libdevmapper-dev is missing critical structs (too old)
+		packages=( "${packages[@]/libdevmapper-dev}" )
+		extraBuildTags+=' exclude_graphdriver_devicemapper'
+
+		# - btrfs-tools is missing "ioctl.h" (too old), so it's useless
+		#   (since kernels on precise are old too, just skip btrfs entirely)
+		packages=( "${packages[@]/btrfs-tools}" )
+		extraBuildTags+=' exclude_graphdriver_btrfs'
+	fi
+
+	if [ "$suite" = 'wheezy' ]; then
+		# pull a couple packages from backports explicitly
+		# (build failures otherwise)
+		backportsPackages=( btrfs-tools )
+		for pkg in "${backportsPackages[@]}"; do
+			packages=( "${packages[@]/$pkg}" )
+		done
+		echo "RUN apt-get update && apt-get install -y -t $suite-backports ${backportsPackages[*]} --no-install-recommends && rm -rf /var/lib/apt/lists/*" >> "$version/Dockerfile"
+	fi
+
+	echo "RUN apt-get update && apt-get install -y ${packages[*]} --no-install-recommends && rm -rf /var/lib/apt/lists/*" >> "$version/Dockerfile"
+
+	echo >> "$version/Dockerfile"
+
+	awk '$1 == "ENV" && $2 == "GO_VERSION" { print; exit }' ../../../../Dockerfile >> "$version/Dockerfile"
+	echo 'RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local' >> "$version/Dockerfile"
+	echo 'ENV PATH $PATH:/usr/local/go/bin' >> "$version/Dockerfile"
+
+	echo >> "$version/Dockerfile"
+
+	echo 'ENV AUTO_GOPATH 1' >> "$version/Dockerfile"
+
+	echo >> "$version/Dockerfile"
+
+	# print build tags in alphabetical order
+	buildTags=$( echo "apparmor selinux $extraBuildTags" | xargs -n1 | sort -n | tr '\n' ' ' | sed -e 's/[[:space:]]*$//' )
+
+	echo "ENV DOCKER_BUILDTAGS $buildTags" >> "$version/Dockerfile"
+	echo "ENV RUNC_BUILDTAGS $runcBuildTags" >> "$version/Dockerfile"
+done
diff --git a/contrib/builder/deb/amd64/ubuntu-precise/Dockerfile b/contrib/builder/deb/amd64/ubuntu-precise/Dockerfile
new file mode 100644
index 00000000..d88301ed
--- /dev/null
+++ b/contrib/builder/deb/amd64/ubuntu-precise/Dockerfile
@@ -0,0 +1,16 @@
+#
+# THIS FILE IS AUTOGENERATED; SEE "contrib/builder/deb/amd64/generate.sh"!
+#
+
+FROM ubuntu:precise
+
+RUN apt-get update && apt-get install -y apparmor bash-completion  build-essential curl ca-certificates debhelper dh-apparmor  git libapparmor-dev  libltdl-dev  libsqlite3-dev pkg-config --no-install-recommends && rm -rf /var/lib/apt/lists/*
+
+ENV GO_VERSION 1.5.4
+RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
+ENV PATH $PATH:/usr/local/go/bin
+
+ENV AUTO_GOPATH 1
+
+ENV DOCKER_BUILDTAGS apparmor exclude_graphdriver_btrfs exclude_graphdriver_devicemapper pkcs11 selinux
+ENV RUNC_BUILDTAGS apparmor selinux
diff --git a/contrib/builder/deb/amd64/ubuntu-trusty/Dockerfile b/contrib/builder/deb/amd64/ubuntu-trusty/Dockerfile
new file mode 100644
index 00000000..1e83056f
--- /dev/null
+++ b/contrib/builder/deb/amd64/ubuntu-trusty/Dockerfile
@@ -0,0 +1,16 @@
+#
+# THIS FILE IS AUTOGENERATED; SEE "contrib/builder/deb/amd64/generate.sh"!
+#
+
+FROM ubuntu:trusty
+
+RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev  libsqlite3-dev pkg-config libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
+
+ENV GO_VERSION 1.5.4
+RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
+ENV PATH $PATH:/usr/local/go/bin
+
+ENV AUTO_GOPATH 1
+
+ENV DOCKER_BUILDTAGS apparmor pkcs11 selinux
+ENV RUNC_BUILDTAGS apparmor selinux
diff --git a/contrib/builder/deb/amd64/ubuntu-wily/Dockerfile b/contrib/builder/deb/amd64/ubuntu-wily/Dockerfile
new file mode 100644
index 00000000..acf268f7
--- /dev/null
+++ b/contrib/builder/deb/amd64/ubuntu-wily/Dockerfile
@@ -0,0 +1,16 @@
+#
+# THIS FILE IS AUTOGENERATED; SEE "contrib/builder/deb/amd64/generate.sh"!
+#
+
+FROM ubuntu:wily
+
+RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libseccomp-dev libsqlite3-dev pkg-config libsystemd-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
+
+ENV GO_VERSION 1.5.4
+RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
+ENV PATH $PATH:/usr/local/go/bin
+
+ENV AUTO_GOPATH 1
+
+ENV DOCKER_BUILDTAGS apparmor pkcs11 seccomp selinux
+ENV RUNC_BUILDTAGS apparmor seccomp selinux
diff --git a/contrib/builder/deb/amd64/ubuntu-xenial/Dockerfile b/contrib/builder/deb/amd64/ubuntu-xenial/Dockerfile
new file mode 100644
index 00000000..1a4cc8e4
--- /dev/null
+++ b/contrib/builder/deb/amd64/ubuntu-xenial/Dockerfile
@@ -0,0 +1,16 @@
+#
+# THIS FILE IS AUTOGENERATED; SEE "contrib/builder/deb/amd64/generate.sh"!
+#
+
+FROM ubuntu:xenial
+
+RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libseccomp-dev libsqlite3-dev pkg-config libsystemd-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
+
+ENV GO_VERSION 1.5.4
+RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
+ENV PATH $PATH:/usr/local/go/bin
+
+ENV AUTO_GOPATH 1
+
+ENV DOCKER_BUILDTAGS apparmor pkcs11 seccomp selinux
+ENV RUNC_BUILDTAGS apparmor seccomp selinux
diff --git a/contrib/builder/deb/armhf/debian-jessie/Dockerfile b/contrib/builder/deb/armhf/debian-jessie/Dockerfile
new file mode 100644
index 00000000..fff136d7
--- /dev/null
+++ b/contrib/builder/deb/armhf/debian-jessie/Dockerfile
@@ -0,0 +1,10 @@
+FROM armhf/debian:jessie
+
+RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libsqlite3-dev libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
+
+ENV GO_VERSION 1.4.3
+RUN curl -fSL "https://github.com/hypriot/golang-armbuilds/releases/download/v${GO_VERSION}/go${GO_VERSION}.linux-armv7.tar.gz" | tar xzC /usr/local
+ENV PATH $PATH:/usr/local/go/bin
+
+ENV AUTO_GOPATH 1
+ENV DOCKER_BUILDTAGS apparmor selinux
diff --git a/contrib/builder/rpm/amd64/README.md b/contrib/builder/rpm/amd64/README.md
new file mode 100644
index 00000000..5f2e888c
--- /dev/null
+++ b/contrib/builder/rpm/amd64/README.md
@@ -0,0 +1,5 @@
+# `dockercore/builder-rpm`
+
+This image's tags contain the dependencies for building Docker `.rpm`s for each of the RPM-based platforms Docker targets.
+
+To add new tags, see [`contrib/builder/rpm/amd64` in https://github.com/docker/docker](https://github.com/docker/docker/tree/master/contrib/builder/rpm/amd64), specifically the `generate.sh` script, whose usage is described in a comment at the top of the file.
diff --git a/contrib/builder/rpm/amd64/build.sh b/contrib/builder/rpm/amd64/build.sh
new file mode 100755
index 00000000..558f7ee0
--- /dev/null
+++ b/contrib/builder/rpm/amd64/build.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+set -e
+
+cd "$(dirname "$(readlink -f "$BASH_SOURCE")")"
+
+set -x
+./generate.sh
+for d in */; do
+	docker build -t "dockercore/builder-rpm:$(basename "$d")" "$d"
+done
diff --git a/contrib/builder/rpm/amd64/centos-7/Dockerfile b/contrib/builder/rpm/amd64/centos-7/Dockerfile
new file mode 100644
index 00000000..25d09df9
--- /dev/null
+++ b/contrib/builder/rpm/amd64/centos-7/Dockerfile
@@ -0,0 +1,19 @@
+#
+# THIS FILE IS AUTOGENERATED; SEE "contrib/builder/rpm/amd64/generate.sh"!
+#
+
+FROM centos:7
+
+RUN yum groupinstall -y "Development Tools"
+RUN yum -y swap -- remove systemd-container systemd-container-libs -- install systemd systemd-libs
+RUN yum install -y btrfs-progs-devel device-mapper-devel glibc-static  libselinux-devel libtool-ltdl-devel pkgconfig selinux-policy selinux-policy-devel sqlite-devel systemd-devel tar git
+
+ENV GO_VERSION 1.5.4
+RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
+ENV PATH $PATH:/usr/local/go/bin
+
+ENV AUTO_GOPATH 1
+
+ENV DOCKER_BUILDTAGS pkcs11 selinux
+ENV RUNC_BUILDTAGS selinux
+
diff --git a/contrib/builder/rpm/amd64/fedora-22/Dockerfile b/contrib/builder/rpm/amd64/fedora-22/Dockerfile
new file mode 100644
index 00000000..40138038
--- /dev/null
+++ b/contrib/builder/rpm/amd64/fedora-22/Dockerfile
@@ -0,0 +1,18 @@
+#
+# THIS FILE IS AUTOGENERATED; SEE "contrib/builder/rpm/amd64/generate.sh"!
+#
+
+FROM fedora:22
+
+RUN dnf install -y @development-tools fedora-packager
+RUN dnf install -y btrfs-progs-devel device-mapper-devel glibc-static libseccomp-devel libselinux-devel libtool-ltdl-devel pkgconfig selinux-policy selinux-policy-devel sqlite-devel systemd-devel tar git
+
+ENV GO_VERSION 1.5.4
+RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
+ENV PATH $PATH:/usr/local/go/bin
+
+ENV AUTO_GOPATH 1
+
+ENV DOCKER_BUILDTAGS pkcs11 seccomp selinux
+ENV RUNC_BUILDTAGS seccomp selinux
+
diff --git a/contrib/builder/rpm/amd64/fedora-23/Dockerfile b/contrib/builder/rpm/amd64/fedora-23/Dockerfile
new file mode 100644
index 00000000..5d311a00
--- /dev/null
+++ b/contrib/builder/rpm/amd64/fedora-23/Dockerfile
@@ -0,0 +1,18 @@
+#
+# THIS FILE IS AUTOGENERATED; SEE "contrib/builder/rpm/amd64/generate.sh"!
+#
+
+FROM fedora:23
+
+RUN dnf install -y @development-tools fedora-packager
+RUN dnf install -y btrfs-progs-devel device-mapper-devel glibc-static libseccomp-devel libselinux-devel libtool-ltdl-devel pkgconfig selinux-policy selinux-policy-devel sqlite-devel systemd-devel tar git
+
+ENV GO_VERSION 1.5.4
+RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
+ENV PATH $PATH:/usr/local/go/bin
+
+ENV AUTO_GOPATH 1
+
+ENV DOCKER_BUILDTAGS pkcs11 seccomp selinux
+ENV RUNC_BUILDTAGS seccomp selinux
+
diff --git a/contrib/builder/rpm/amd64/generate.sh b/contrib/builder/rpm/amd64/generate.sh
new file mode 100755
index 00000000..a8f9c35f
--- /dev/null
+++ b/contrib/builder/rpm/amd64/generate.sh
@@ -0,0 +1,174 @@
+#!/bin/bash
+set -e
+
+# usage: ./generate.sh [versions]
+#    ie: ./generate.sh
+#        to update all Dockerfiles in this directory
+#    or: ./generate.sh
+#        to only update fedora-23/Dockerfile
+#    or: ./generate.sh fedora-newversion
+#        to create a new folder and a Dockerfile within it
+
+cd "$(dirname "$(readlink -f "$BASH_SOURCE")")"
+
+versions=( "$@" )
+if [ ${#versions[@]} -eq 0 ]; then
+	versions=( */ )
+fi
+versions=( "${versions[@]%/}" )
+
+for version in "${versions[@]}"; do
+	distro="${version%-*}"
+	suite="${version##*-}"
+	from="${distro}:${suite}"
+	installer=yum
+	if [[ "$distro" == "fedora" ]]; then
+		installer=dnf
+	fi
+
+	mkdir -p "$version"
+	echo "$version -> FROM $from"
+	cat > "$version/Dockerfile" <<-EOF
+		#
+		# THIS FILE IS AUTOGENERATED; SEE "contrib/builder/rpm/amd64/generate.sh"!
+		#
+
+		FROM $from
+	EOF
+
+	echo >> "$version/Dockerfile"
+
+	extraBuildTags='pkcs11'
+	runcBuildTags=
+
+	case "$from" in
+		centos:*)
+			# get "Development Tools" packages dependencies
+			echo 'RUN yum groupinstall -y "Development Tools"' >> "$version/Dockerfile"
+
+			if [[ "$version" == "centos-7" ]]; then
+				echo 'RUN yum -y swap -- remove systemd-container systemd-container-libs -- install systemd systemd-libs' >> "$version/Dockerfile"
+			fi
+			;;
+		oraclelinux:*)
+			# get "Development Tools" packages and dependencies
+			# we also need yum-utils for yum-config-manager to pull the latest repo file
+			echo 'RUN yum groupinstall -y "Development Tools"' >> "$version/Dockerfile"
+			;;
+		opensuse:*)
+			# get rpm-build and curl packages and dependencies
+			echo 'RUN zypper --non-interactive install ca-certificates* curl gzip rpm-build' >> "$version/Dockerfile"
+			;;
+		*)
+			echo "RUN ${installer} install -y @development-tools fedora-packager" >> "$version/Dockerfile"
+			;;
+	esac
+
+	# this list is sorted alphabetically; please keep it that way
+	packages=(
+		btrfs-progs-devel # for "btrfs/ioctl.h" (and "version.h" if possible)
+		device-mapper-devel # for "libdevmapper.h"
+		glibc-static
+		libseccomp-devel # for "seccomp.h" & "libseccomp.so"
+		libselinux-devel # for "libselinux.so"
+		libtool-ltdl-devel # for pkcs11 "ltdl.h"
+		pkgconfig # for the pkg-config command
+		selinux-policy
+		selinux-policy-devel
+		sqlite-devel # for "sqlite3.h"
+		systemd-devel # for "sd-journal.h" and libraries
+		tar # older versions of dev-tools do not have tar
+		git # required for containerd and runc clone
+	)
+
+	case "$from" in
+		oraclelinux:7)
+			# Enable the optional repository
+			packages=( --enablerepo=ol7_optional_latest "${packages[*]}" )
+			;;
+	esac
+
+	case "$from" in
+		oraclelinux:6)
+			# doesn't use systemd, doesn't have a devel package for it
+			packages=( "${packages[@]/systemd-devel}" )
+			;;
+	esac
+
+	# opensuse & oraclelinx:6 do not have the right libseccomp libs
+	# centos:7 and oraclelinux:7 have a libseccomp < 2.2.1 :(
+	case "$from" in
+		opensuse:*|oraclelinux:*|centos:7)
+			packages=( "${packages[@]/libseccomp-devel}" )
+			runcBuildTags="selinux"
+			;;
+		*)
+			extraBuildTags+=' seccomp'
+			runcBuildTags="seccomp selinux"
+			;;
+	esac
+
+	case "$from" in
+		opensuse:*)
+			packages=( "${packages[@]/btrfs-progs-devel/libbtrfs-devel}" )
+			packages=( "${packages[@]/pkgconfig/pkg-config}" )
+			if [[ "$from" == "opensuse:13."* ]]; then
+				packages+=( systemd-rpm-macros )
+			fi
+
+			# use zypper
+			echo "RUN zypper --non-interactive install ${packages[*]}" >> "$version/Dockerfile"
+			;;
+		*)
+			echo "RUN ${installer} install -y ${packages[*]}" >> "$version/Dockerfile"
+			;;
+	esac
+
+	echo >> "$version/Dockerfile"
+
+	case "$from" in
+		oraclelinux:6)
+			# We need a known version of the kernel-uek-devel headers to set CGO_CPPFLAGS, so grab the UEKR4 GA version
+			# This requires using yum-config-manager from yum-utils to enable the UEKR4 yum repo
+			echo "RUN yum install -y yum-utils && curl -o /etc/yum.repos.d/public-yum-ol6.repo http://yum.oracle.com/public-yum-ol6.repo && yum-config-manager -q --enable ol6_UEKR4"  >> "$version/Dockerfile"
+			echo "RUN yum install -y kernel-uek-devel-4.1.12-32.el6uek"  >> "$version/Dockerfile"
+			echo >> "$version/Dockerfile"
+			;;
+		*) ;;
+	esac
+
+
+	awk '$1 == "ENV" && $2 == "GO_VERSION" { print; exit }' ../../../../Dockerfile >> "$version/Dockerfile"
+	echo 'RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local' >> "$version/Dockerfile"
+	echo 'ENV PATH $PATH:/usr/local/go/bin' >> "$version/Dockerfile"
+
+	echo >> "$version/Dockerfile"
+
+	echo 'ENV AUTO_GOPATH 1' >> "$version/Dockerfile"
+
+	echo >> "$version/Dockerfile"
+
+	# print build tags in alphabetical order
+	buildTags=$( echo "selinux $extraBuildTags" | xargs -n1 | sort -n | tr '\n' ' ' | sed -e 's/[[:space:]]*$//' )
+
+	echo "ENV DOCKER_BUILDTAGS $buildTags" >> "$version/Dockerfile"
+	echo "ENV RUNC_BUILDTAGS $runcBuildTags" >> "$version/Dockerfile"
+	echo >> "$version/Dockerfile"
+
+	case "$from" in
+                oraclelinux:6)
+                        # We need to set the CGO_CPPFLAGS environment to use the updated UEKR4 headers with all the userns stuff.
+                        # The ordering is very important and should not be changed.
+                        echo 'ENV CGO_CPPFLAGS -D__EXPORTED_HEADERS__ \'  >> "$version/Dockerfile"
+                        echo '                 -I/usr/src/kernels/4.1.12-32.el6uek.x86_64/arch/x86/include/generated/uapi \'  >> "$version/Dockerfile"
+                        echo '                 -I/usr/src/kernels/4.1.12-32.el6uek.x86_64/arch/x86/include/uapi \'  >> "$version/Dockerfile"
+                        echo '                 -I/usr/src/kernels/4.1.12-32.el6uek.x86_64/include/generated/uapi \'  >> "$version/Dockerfile"
+                        echo '                 -I/usr/src/kernels/4.1.12-32.el6uek.x86_64/include/uapi \'  >> "$version/Dockerfile"
+                        echo '                 -I/usr/src/kernels/4.1.12-32.el6uek.x86_64/include'  >> "$version/Dockerfile"
+                        echo >> "$version/Dockerfile"
+                        ;;
+                *) ;;
+        esac
+
+
+done
diff --git a/contrib/builder/rpm/amd64/opensuse-13.2/Dockerfile b/contrib/builder/rpm/amd64/opensuse-13.2/Dockerfile
new file mode 100644
index 00000000..348e2607
--- /dev/null
+++ b/contrib/builder/rpm/amd64/opensuse-13.2/Dockerfile
@@ -0,0 +1,18 @@
+#
+# THIS FILE IS AUTOGENERATED; SEE "contrib/builder/rpm/amd64/generate.sh"!
+#
+
+FROM opensuse:13.2
+
+RUN zypper --non-interactive install ca-certificates* curl gzip rpm-build
+RUN zypper --non-interactive install libbtrfs-devel device-mapper-devel glibc-static  libselinux-devel libtool-ltdl-devel pkg-config selinux-policy selinux-policy-devel sqlite-devel systemd-devel tar git systemd-rpm-macros
+
+ENV GO_VERSION 1.5.4
+RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
+ENV PATH $PATH:/usr/local/go/bin
+
+ENV AUTO_GOPATH 1
+
+ENV DOCKER_BUILDTAGS pkcs11 selinux
+ENV RUNC_BUILDTAGS selinux
+
diff --git a/contrib/builder/rpm/amd64/oraclelinux-6/Dockerfile b/contrib/builder/rpm/amd64/oraclelinux-6/Dockerfile
new file mode 100644
index 00000000..a8f9c15e
--- /dev/null
+++ b/contrib/builder/rpm/amd64/oraclelinux-6/Dockerfile
@@ -0,0 +1,28 @@
+#
+# THIS FILE IS AUTOGENERATED; SEE "contrib/builder/rpm/amd64/generate.sh"!
+#
+
+FROM oraclelinux:6
+
+RUN yum groupinstall -y "Development Tools"
+RUN yum install -y btrfs-progs-devel device-mapper-devel glibc-static  libselinux-devel libtool-ltdl-devel pkgconfig selinux-policy selinux-policy-devel sqlite-devel  tar git
+
+RUN yum install -y yum-utils && curl -o /etc/yum.repos.d/public-yum-ol6.repo http://yum.oracle.com/public-yum-ol6.repo && yum-config-manager -q --enable ol6_UEKR4
+RUN yum install -y kernel-uek-devel-4.1.12-32.el6uek
+
+ENV GO_VERSION 1.5.4
+RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
+ENV PATH $PATH:/usr/local/go/bin
+
+ENV AUTO_GOPATH 1
+
+ENV DOCKER_BUILDTAGS pkcs11 selinux
+ENV RUNC_BUILDTAGS selinux
+
+ENV CGO_CPPFLAGS -D__EXPORTED_HEADERS__ \
+                 -I/usr/src/kernels/4.1.12-32.el6uek.x86_64/arch/x86/include/generated/uapi \
+                 -I/usr/src/kernels/4.1.12-32.el6uek.x86_64/arch/x86/include/uapi \
+                 -I/usr/src/kernels/4.1.12-32.el6uek.x86_64/include/generated/uapi \
+                 -I/usr/src/kernels/4.1.12-32.el6uek.x86_64/include/uapi \
+                 -I/usr/src/kernels/4.1.12-32.el6uek.x86_64/include
+
diff --git a/contrib/builder/rpm/amd64/oraclelinux-7/Dockerfile b/contrib/builder/rpm/amd64/oraclelinux-7/Dockerfile
new file mode 100644
index 00000000..30572e43
--- /dev/null
+++ b/contrib/builder/rpm/amd64/oraclelinux-7/Dockerfile
@@ -0,0 +1,18 @@
+#
+# THIS FILE IS AUTOGENERATED; SEE "contrib/builder/rpm/amd64/generate.sh"!
+#
+
+FROM oraclelinux:7
+
+RUN yum groupinstall -y "Development Tools"
+RUN yum install -y --enablerepo=ol7_optional_latest btrfs-progs-devel device-mapper-devel glibc-static  libselinux-devel libtool-ltdl-devel pkgconfig selinux-policy selinux-policy-devel sqlite-devel systemd-devel tar git
+
+ENV GO_VERSION 1.5.4
+RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
+ENV PATH $PATH:/usr/local/go/bin
+
+ENV AUTO_GOPATH 1
+
+ENV DOCKER_BUILDTAGS pkcs11 selinux
+ENV RUNC_BUILDTAGS selinux
+
diff --git a/contrib/check-config.sh b/contrib/check-config.sh
new file mode 100755
index 00000000..bcc90d4a
--- /dev/null
+++ b/contrib/check-config.sh
@@ -0,0 +1,267 @@
+#!/usr/bin/env bash
+set -e
+
+# bits of this were adapted from lxc-checkconfig
+# see also https://github.com/lxc/lxc/blob/lxc-1.0.2/src/lxc/lxc-checkconfig.in
+
+possibleConfigs=(
+	'/proc/config.gz'
+	"/boot/config-$(uname -r)"
+	"/usr/src/linux-$(uname -r)/.config"
+	'/usr/src/linux/.config'
+)
+
+if [ $# -gt 0 ]; then
+	CONFIG="$1"
+else
+	: ${CONFIG:="${possibleConfigs[0]}"}
+fi
+
+if ! command -v zgrep &> /dev/null; then
+	zgrep() {
+		zcat "$2" | grep "$1"
+	}
+fi
+
+kernelVersion="$(uname -r)"
+kernelMajor="${kernelVersion%%.*}"
+kernelMinor="${kernelVersion#$kernelMajor.}"
+kernelMinor="${kernelMinor%%.*}"
+
+is_set() {
+	zgrep "CONFIG_$1=[y|m]" "$CONFIG" > /dev/null
+}
+is_set_in_kernel() {
+	zgrep "CONFIG_$1=y" "$CONFIG" > /dev/null
+}
+is_set_as_module() {
+	zgrep "CONFIG_$1=m" "$CONFIG" > /dev/null
+}
+
+color() {
+	local codes=()
+	if [ "$1" = 'bold' ]; then
+		codes=( "${codes[@]}" '1' )
+		shift
+	fi
+	if [ "$#" -gt 0 ]; then
+		local code=
+		case "$1" in
+			# see https://en.wikipedia.org/wiki/ANSI_escape_code#Colors
+			black) code=30 ;;
+			red) code=31 ;;
+			green) code=32 ;;
+			yellow) code=33 ;;
+			blue) code=34 ;;
+			magenta) code=35 ;;
+			cyan) code=36 ;;
+			white) code=37 ;;
+		esac
+		if [ "$code" ]; then
+			codes=( "${codes[@]}" "$code" )
+		fi
+	fi
+	local IFS=';'
+	echo -en '\033['"${codes[*]}"'m'
+}
+wrap_color() {
+	text="$1"
+	shift
+	color "$@"
+	echo -n "$text"
+	color reset
+	echo
+}
+
+wrap_good() {
+	echo "$(wrap_color "$1" white): $(wrap_color "$2" green)"
+}
+wrap_bad() {
+	echo "$(wrap_color "$1" bold): $(wrap_color "$2" bold red)"
+}
+wrap_warning() {
+	wrap_color >&2 "$*" red
+}
+
+check_flag() {
+	if is_set_in_kernel "$1"; then
+		wrap_good "CONFIG_$1" 'enabled'
+	elif is_set_as_module "$1"; then
+		wrap_good "CONFIG_$1" 'enabled (as module)'
+	else
+		wrap_bad "CONFIG_$1" 'missing'
+	fi
+}
+
+check_flags() {
+	for flag in "$@"; do
+		echo "- $(check_flag "$flag")"
+	done
+}
+
+check_command() {
+	if command -v "$1" >/dev/null 2>&1; then
+		wrap_good "$1 command" 'available'
+	else
+		wrap_bad "$1 command" 'missing'
+	fi
+}
+
+check_device() {
+	if [ -c "$1" ]; then
+		wrap_good "$1" 'present'
+	else
+		wrap_bad "$1" 'missing'
+	fi
+}
+
+check_distro_userns() {
+	source /etc/os-release 2>/dev/null || /bin/true
+	if [[ "${ID}" =~ ^(centos|rhel)$ && "${VERSION_ID}" =~ ^7 ]]; then
+		# this is a CentOS7 or RHEL7 system
+		grep -q "user_namespace.enable=1" /proc/cmdline || {
+			# no user namespace support enabled
+			wrap_bad "  (RHEL7/CentOS7" "User namespaces disabled; add 'user_namespace.enable=1' to boot command line)"
+		}
+	fi
+}
+
+if [ ! -e "$CONFIG" ]; then
+	wrap_warning "warning: $CONFIG does not exist, searching other paths for kernel config ..."
+	for tryConfig in "${possibleConfigs[@]}"; do
+		if [ -e "$tryConfig" ]; then
+			CONFIG="$tryConfig"
+			break
+		fi
+	done
+	if [ ! -e "$CONFIG" ]; then
+		wrap_warning "error: cannot find kernel config"
+		wrap_warning "  try running this script again, specifying the kernel config:"
+		wrap_warning "    CONFIG=/path/to/kernel/.config $0 or $0 /path/to/kernel/.config"
+		exit 1
+	fi
+fi
+
+wrap_color "info: reading kernel config from $CONFIG ..." white
+echo
+
+echo 'Generally Necessary:'
+
+echo -n '- '
+cgroupSubsystemDir="$(awk '/[, ](cpu|cpuacct|cpuset|devices|freezer|memory)[, ]/ && $3 == "cgroup" { print $2 }' /proc/mounts | head -n1)"
+cgroupDir="$(dirname "$cgroupSubsystemDir")"
+if [ -d "$cgroupDir/cpu" -o -d "$cgroupDir/cpuacct" -o -d "$cgroupDir/cpuset" -o -d "$cgroupDir/devices" -o -d "$cgroupDir/freezer" -o -d "$cgroupDir/memory" ]; then
+	echo "$(wrap_good 'cgroup hierarchy' 'properly mounted') [$cgroupDir]"
+else
+	if [ "$cgroupSubsystemDir" ]; then
+		echo "$(wrap_bad 'cgroup hierarchy' 'single mountpoint!') [$cgroupSubsystemDir]"
+	else
+		echo "$(wrap_bad 'cgroup hierarchy' 'nonexistent??')"
+	fi
+	echo "    $(wrap_color '(see https://github.com/tianon/cgroupfs-mount)' yellow)"
+fi
+
+if [ "$(cat /sys/module/apparmor/parameters/enabled 2>/dev/null)" = 'Y' ]; then
+	echo -n '- '
+	if command -v apparmor_parser &> /dev/null; then
+		echo "$(wrap_good 'apparmor' 'enabled and tools installed')"
+	else
+		echo "$(wrap_bad 'apparmor' 'enabled, but apparmor_parser missing')"
+		echo -n '    '
+		if command -v apt-get &> /dev/null; then
+			echo "$(wrap_color '(use "apt-get install apparmor" to fix this)')"
+		elif command -v yum &> /dev/null; then
+			echo "$(wrap_color '(your best bet is "yum install apparmor-parser")')"
+		else
+			echo "$(wrap_color '(look for an "apparmor" package for your distribution)')"
+		fi
+	fi
+fi
+
+flags=(
+	NAMESPACES {NET,PID,IPC,UTS}_NS
+	DEVPTS_MULTIPLE_INSTANCES
+	CGROUPS CGROUP_CPUACCT CGROUP_DEVICE CGROUP_FREEZER CGROUP_SCHED CPUSETS MEMCG
+	KEYS
+	MACVLAN VETH BRIDGE BRIDGE_NETFILTER
+	NF_NAT_IPV4 IP_NF_FILTER IP_NF_TARGET_MASQUERADE
+	NETFILTER_XT_MATCH_{ADDRTYPE,CONNTRACK}
+	NF_NAT NF_NAT_NEEDED
+
+	# required for bind-mounting /dev/mqueue into containers
+	POSIX_MQUEUE
+)
+check_flags "${flags[@]}"
+echo
+
+echo 'Optional Features:'
+{
+	check_flags USER_NS
+	check_distro_userns
+}
+{
+	check_flags SECCOMP
+}
+{
+	check_flags CGROUP_PIDS
+}
+{
+	check_flags MEMCG_KMEM MEMCG_SWAP MEMCG_SWAP_ENABLED
+	if  is_set MEMCG_SWAP && ! is_set MEMCG_SWAP_ENABLED; then
+		echo "    $(wrap_color '(note that cgroup swap accounting is not enabled in your kernel config, you can enable it by setting boot option "swapaccount=1")' bold black)"
+	fi
+}
+
+if [ "$kernelMajor" -lt 3 ] || [ "$kernelMajor" -eq 3 -a "$kernelMinor" -le 18 ]; then
+	check_flags RESOURCE_COUNTERS
+fi
+
+if [ "$kernelMajor" -lt 3 ] || [ "$kernelMajor" -eq 3 -a "$kernelMinor" -le 13 ]; then
+	netprio=NETPRIO_CGROUP
+else
+	netprio=CGROUP_NET_PRIO
+fi
+
+flags=(
+	BLK_CGROUP IOSCHED_CFQ BLK_DEV_THROTTLING
+	CGROUP_PERF
+	CGROUP_HUGETLB
+	NET_CLS_CGROUP $netprio
+	CFS_BANDWIDTH FAIR_GROUP_SCHED RT_GROUP_SCHED
+)
+check_flags "${flags[@]}"
+
+check_flags EXT3_FS EXT3_FS_XATTR EXT3_FS_POSIX_ACL EXT3_FS_SECURITY
+if ! is_set EXT3_FS || ! is_set EXT3_FS_XATTR || ! is_set EXT3_FS_POSIX_ACL || ! is_set EXT3_FS_SECURITY; then
+	echo "    $(wrap_color '(enable these ext3 configs if you are using ext3 as backing filesystem)' bold black)"
+fi
+
+check_flags EXT4_FS EXT4_FS_POSIX_ACL EXT4_FS_SECURITY
+if ! is_set EXT4_FS || ! is_set EXT4_FS_POSIX_ACL || ! is_set EXT4_FS_SECURITY; then
+	echo "    $(wrap_color 'enable these ext4 configs if you are using ext4 as backing filesystem' bold black)"
+fi
+
+echo '- Storage Drivers:'
+{
+	echo '- "'$(wrap_color 'aufs' blue)'":'
+	check_flags AUFS_FS | sed 's/^/  /'
+	if ! is_set AUFS_FS && grep -q aufs /proc/filesystems; then
+		echo "    $(wrap_color '(note that some kernels include AUFS patches but not the AUFS_FS flag)' bold black)"
+	fi
+
+	echo '- "'$(wrap_color 'btrfs' blue)'":'
+	check_flags BTRFS_FS | sed 's/^/  /'
+
+	echo '- "'$(wrap_color 'devicemapper' blue)'":'
+	check_flags BLK_DEV_DM DM_THIN_PROVISIONING | sed 's/^/  /'
+
+	echo '- "'$(wrap_color 'overlay' blue)'":'
+	check_flags OVERLAY_FS | sed 's/^/  /'
+
+	echo '- "'$(wrap_color 'zfs' blue)'":'
+	echo "  - $(check_device /dev/zfs)"
+	echo "  - $(check_command zfs)"
+	echo "  - $(check_command zpool)"
+} | sed 's/^/  /'
+echo
+
diff --git a/contrib/completion/REVIEWERS b/contrib/completion/REVIEWERS
new file mode 100644
index 00000000..03ee2dde
--- /dev/null
+++ b/contrib/completion/REVIEWERS
@@ -0,0 +1,2 @@
+Tianon Gravi <admwiggin@gmail.com> (@tianon)
+Jessie Frazelle <jess@docker.com> (@jfrazelle)
diff --git a/contrib/completion/bash/docker b/contrib/completion/bash/docker
new file mode 100644
index 00000000..05ae2ca8
--- /dev/null
+++ b/contrib/completion/bash/docker
@@ -0,0 +1,2251 @@
+#!/bin/bash
+#
+# bash completion file for core docker commands
+#
+# This script provides completion of:
+#  - commands and their options
+#  - container ids and names
+#  - image repos and tags
+#  - filepaths
+#
+# To enable the completions either:
+#  - place this file in /etc/bash_completion.d
+#  or
+#  - copy this file to e.g. ~/.docker-completion.sh and add the line
+#    below to your .bashrc after bash completion features are loaded
+#    . ~/.docker-completion.sh
+#
+# Configuration:
+#
+# For several commands, the amount of completions can be configured by
+# setting environment variables.
+#
+# DOCKER_COMPLETION_SHOW_NETWORK_IDS
+#   "no"  - Show names only (default)
+#   "yes" - Show names and ids
+#
+# You can tailor completion for the "events", "history", "inspect", "run",
+# "rmi" and "save" commands by settings the following environment
+# variables:
+#
+# DOCKER_COMPLETION_SHOW_IMAGE_IDS
+#   "none" - Show names only (default)
+#   "non-intermediate" - Show names and ids, but omit intermediate image IDs
+#   "all" - Show names and ids, including intermediate image IDs
+#
+# DOCKER_COMPLETION_SHOW_TAGS
+#   "yes" - include tags in completion options (default)
+#   "no"  - don't include tags in completion options
+
+#
+# Note:
+# Currently, the completions will not work if the docker daemon is not
+# bound to the default communication port/socket
+# If the docker daemon is using a unix socket for communication your user
+# must have access to the socket for the completions to function correctly
+#
+# Note for developers:
+# Please arrange options sorted alphabetically by long name with the short
+# options immediately following their corresponding long form.
+# This order should be applied to lists, alternatives and code blocks.
+
+__docker_previous_extglob_setting=$(shopt -p extglob)
+shopt -s extglob
+
+__docker_q() {
+	docker ${host:+-H "$host"} ${config:+--config "$config"} 2>/dev/null "$@"
+}
+
+__docker_complete_containers_all() {
+	local IFS=$'\n'
+	local containers=( $(__docker_q ps -aq --no-trunc) )
+	if [ "$1" ]; then
+		containers=( $(__docker_q inspect --format "{{if $1}}{{.Id}}{{end}}" "${containers[@]}") )
+	fi
+	local names=( $(__docker_q inspect --format '{{.Name}}' "${containers[@]}") )
+	names=( "${names[@]#/}" ) # trim off the leading "/" from the container names
+	unset IFS
+	COMPREPLY=( $(compgen -W "${names[*]} ${containers[*]}" -- "$cur") )
+}
+
+__docker_complete_containers_running() {
+	__docker_complete_containers_all '.State.Running'
+}
+
+__docker_complete_containers_stopped() {
+	__docker_complete_containers_all 'not .State.Running'
+}
+
+__docker_complete_containers_pauseable() {
+	__docker_complete_containers_all 'and .State.Running (not .State.Paused)'
+}
+
+__docker_complete_containers_unpauseable() {
+	__docker_complete_containers_all '.State.Paused'
+}
+
+__docker_complete_container_names() {
+	local containers=( $(__docker_q ps -aq --no-trunc) )
+	local names=( $(__docker_q inspect --format '{{.Name}}' "${containers[@]}") )
+	names=( "${names[@]#/}" ) # trim off the leading "/" from the container names
+	COMPREPLY=( $(compgen -W "${names[*]}" -- "$cur") )
+}
+
+__docker_complete_container_ids() {
+	local containers=( $(__docker_q ps -aq) )
+	COMPREPLY=( $(compgen -W "${containers[*]}" -- "$cur") )
+}
+
+__docker_complete_images() {
+	local images_args=""
+
+	case "$DOCKER_COMPLETION_SHOW_IMAGE_IDS" in
+		all)
+			images_args="--no-trunc -a"
+			;;
+		non-intermediate)
+			images_args="--no-trunc"
+			;;
+	esac
+
+	local repo_print_command
+	if [ "${DOCKER_COMPLETION_SHOW_TAGS:-yes}" = "yes" ]; then
+		repo_print_command='print $1; print $1":"$2'
+	else
+		repo_print_command='print $1'
+	fi
+
+	local awk_script
+	case "$DOCKER_COMPLETION_SHOW_IMAGE_IDS" in
+		all|non-intermediate)
+			awk_script='NR>1 { print $3; if ($1 != "<none>") { '"$repo_print_command"' } }'
+			;;
+		none|*)
+			awk_script='NR>1 && $1 != "<none>" { '"$repo_print_command"' }'
+			;;
+	esac
+
+	local images=$(__docker_q images $images_args | awk "$awk_script")
+	COMPREPLY=( $(compgen -W "$images" -- "$cur") )
+	__ltrim_colon_completions "$cur"
+}
+
+__docker_complete_image_repos() {
+	local repos="$(__docker_q images | awk 'NR>1 && $1 != "<none>" { print $1 }')"
+	COMPREPLY=( $(compgen -W "$repos" -- "$cur") )
+}
+
+__docker_complete_image_repos_and_tags() {
+	local reposAndTags="$(__docker_q images | awk 'NR>1 && $1 != "<none>" { print $1; print $1":"$2 }')"
+	COMPREPLY=( $(compgen -W "$reposAndTags" -- "$cur") )
+	__ltrim_colon_completions "$cur"
+}
+
+__docker_complete_containers_and_images() {
+	__docker_complete_containers_all
+	local containers=( "${COMPREPLY[@]}" )
+	__docker_complete_images
+	COMPREPLY+=( "${containers[@]}" )
+}
+
+# Returns the names and optionally IDs of networks.
+# The selection can be narrowed by an optional filter parameter, e.g. 'type=custom'
+__docker_networks() {
+	local filter="$1"
+	# By default, only network names are completed.
+	# Set DOCKER_COMPLETION_SHOW_NETWORK_IDS=yes to also complete network IDs.
+	local fields='$2'
+	[ "${DOCKER_COMPLETION_SHOW_NETWORK_IDS}" = yes ] && fields='$1,$2'
+	__docker_q network ls --no-trunc ${filter:+-f "$filter"} | awk "NR>1 {print $fields}"
+	#__docker_q network ls --no-trunc | awk "NR>1 {print $fields}"
+}
+
+__docker_complete_networks() {
+	COMPREPLY=( $(compgen -W "$(__docker_networks $@)" -- "$cur") )
+}
+
+__docker_complete_network_ids() {
+	COMPREPLY=( $(compgen -W "$(__docker_q network ls -q --no-trunc)" -- "$cur") )
+}
+
+__docker_complete_network_names() {
+	COMPREPLY=( $(compgen -W "$(__docker_q network ls | awk 'NR>1 {print $2}')" -- "$cur") )
+}
+
+__docker_complete_containers_in_network() {
+	local containers=$(__docker_q network inspect -f '{{range $i, $c := .Containers}}{{$i}} {{$c.Name}} {{end}}' "$1")
+	COMPREPLY=( $(compgen -W "$containers" -- "$cur") )
+}
+
+__docker_complete_volumes() {
+	COMPREPLY=( $(compgen -W "$(__docker_q volume ls -q)" -- "$cur") )
+}
+
+__docker_plugins() {
+	__docker_q info | sed -n "/^Plugins/,/^[^ ]/s/ $1: //p"
+}
+
+__docker_complete_plugins() {
+	COMPREPLY=( $(compgen -W "$(__docker_plugins $1)" -- "$cur") )
+}
+
+# Finds the position of the first word that is neither option nor an option's argument.
+# If there are options that require arguments, you should pass a glob describing those
+# options, e.g. "--option1|-o|--option2"
+# Use this function to restrict completions to exact positions after the argument list.
+__docker_pos_first_nonflag() {
+	local argument_flags=$1
+
+	local counter=$((${subcommand_pos:-${command_pos}} + 1))
+	while [ $counter -le $cword ]; do
+		if [ -n "$argument_flags" ] && eval "case '${words[$counter]}' in $argument_flags) true ;; *) false ;; esac"; then
+			(( counter++ ))
+			# eat "=" in case of --option=arg syntax
+			[ "${words[$counter]}" = "=" ] && (( counter++ ))
+		else
+			case "${words[$counter]}" in
+				-*)
+					;;
+				*)
+					break
+					;;
+			esac
+		fi
+
+		# Bash splits words at "=", retaining "=" as a word, examples:
+		# "--debug=false" => 3 words, "--log-opt syslog-facility=daemon" => 4 words
+		while [ "${words[$counter + 1]}" = "=" ] ; do
+			counter=$(( counter + 2))
+		done
+
+		(( counter++ ))
+	done
+
+	echo $counter
+}
+
+# If we are currently completing the value of a map option (key=value)
+# which matches the extglob given as an argument, returns key.
+# This function is needed for key-specific completions.
+__docker_map_key_of_current_option() {
+	local glob="$1"
+
+	local key glob_pos
+	if [ "$cur" = "=" ] ; then        # key= case
+		key="$prev"
+		glob_pos=$((cword - 2))
+	elif [[ $cur == *=* ]] ; then     # key=value case (OSX)
+		key=${cur%=*}
+		glob_pos=$((cword - 1))
+	elif [ "$prev" = "=" ] ; then
+		key=${words[$cword - 2]}  # key=value case
+		glob_pos=$((cword - 3))
+	else
+		return
+	fi
+
+	[ "${words[$glob_pos]}" = "=" ] && ((glob_pos--))  # --option=key=value syntax
+
+	[[ ${words[$glob_pos]} == @($glob) ]] && echo "$key"
+}
+
+# Returns the value of the first option matching option_glob.
+# Valid values for option_glob are option names like '--log-level' and
+# globs like '--log-level|-l'
+# Only positions between the command and the current word are considered.
+__docker_value_of_option() {
+	local option_extglob=$(__docker_to_extglob "$1")
+
+	local counter=$((command_pos + 1))
+	while [ $counter -lt $cword ]; do
+		case ${words[$counter]} in
+			$option_extglob )
+				echo ${words[$counter + 1]}
+				break
+				;;
+		esac
+		(( counter++ ))
+	done
+}
+
+# Transforms a multiline list of strings into a single line string
+# with the words separated by "|".
+# This is used to prepare arguments to __docker_pos_first_nonflag().
+__docker_to_alternatives() {
+	local parts=( $1 )
+	local IFS='|'
+	echo "${parts[*]}"
+}
+
+# Transforms a multiline list of options into an extglob pattern
+# suitable for use in case statements.
+__docker_to_extglob() {
+	local extglob=$( __docker_to_alternatives "$1" )
+	echo "@($extglob)"
+}
+
+# Subcommand processing.
+# Locates the first occurrence of any of the subcommands contained in the
+# first argument. In case of a match, calls the corresponding completion
+# function and returns 0.
+# If no match is found, 1 is returned. The calling function can then
+# continue processing its completion.
+#
+# TODO if the preceding command has options that accept arguments and an
+# argument is equal ot one of the subcommands, this is falsely detected as
+# a match.
+__docker_subcommands() {
+	local subcommands="$1"
+
+	local counter=$(($command_pos + 1))
+	while [ $counter -lt $cword ]; do
+		case "${words[$counter]}" in
+			$(__docker_to_extglob "$subcommands") )
+				subcommand_pos=$counter
+				local subcommand=${words[$counter]}
+				local completions_func=_docker_${command}_${subcommand}
+				declare -F $completions_func >/dev/null && $completions_func
+				return 0
+				;;
+		esac
+		(( counter++ ))
+	done
+	return 1
+}
+
+# suppress trailing whitespace
+__docker_nospace() {
+	# compopt is not available in ancient bash versions
+	type compopt &>/dev/null && compopt -o nospace
+}
+
+__docker_complete_resolved_hostname() {
+	command -v host >/dev/null 2>&1 || return
+	COMPREPLY=( $(host 2>/dev/null "${cur%:}" | awk '/has address/ {print $4}') )
+}
+
+__docker_complete_capabilities() {
+	# The list of capabilities is defined in types.go, ALL was added manually.
+	COMPREPLY=( $( compgen -W "
+		ALL
+		AUDIT_CONTROL
+		AUDIT_WRITE
+		AUDIT_READ
+		BLOCK_SUSPEND
+		CHOWN
+		DAC_OVERRIDE
+		DAC_READ_SEARCH
+		FOWNER
+		FSETID
+		IPC_LOCK
+		IPC_OWNER
+		KILL
+		LEASE
+		LINUX_IMMUTABLE
+		MAC_ADMIN
+		MAC_OVERRIDE
+		MKNOD
+		NET_ADMIN
+		NET_BIND_SERVICE
+		NET_BROADCAST
+		NET_RAW
+		SETFCAP
+		SETGID
+		SETPCAP
+		SETUID
+		SYS_ADMIN
+		SYS_BOOT
+		SYS_CHROOT
+		SYSLOG
+		SYS_MODULE
+		SYS_NICE
+		SYS_PACCT
+		SYS_PTRACE
+		SYS_RAWIO
+		SYS_RESOURCE
+		SYS_TIME
+		SYS_TTY_CONFIG
+		WAKE_ALARM
+	" -- "$cur" ) )
+}
+
+__docker_complete_detach-keys() {
+	case "$prev" in
+		--detach-keys)
+			case "$cur" in
+				*,)
+					COMPREPLY=( $( compgen -W "${cur}ctrl-" -- "$cur" ) )
+					;;
+				*)
+					COMPREPLY=( $( compgen -W "ctrl-" -- "$cur" ) )
+					;;
+			esac
+
+			__docker_nospace
+			return
+			;;
+	esac
+	return 1
+}
+
+__docker_complete_isolation() {
+	COMPREPLY=( $( compgen -W "default hyperv process" -- "$cur" ) )
+}
+
+__docker_complete_log_drivers() {
+	COMPREPLY=( $( compgen -W "
+		awslogs
+		etwlogs
+		fluentd
+		gcplogs
+		gelf
+		journald
+		json-file
+		none
+		splunk
+		syslog
+	" -- "$cur" ) )
+}
+
+__docker_complete_log_options() {
+	# see docs/reference/logging/index.md
+	local awslogs_options="awslogs-region awslogs-group awslogs-stream"
+	local fluentd_options="env fluentd-address fluentd-async-connect fluentd-buffer-limit fluentd-retry-wait fluentd-max-retries labels tag"
+	local gcplogs_options="env gcp-log-cmd gcp-project labels"
+	local gelf_options="env gelf-address gelf-compression-level gelf-compression-type labels tag"
+	local journald_options="env labels tag"
+	local json_file_options="env labels max-file max-size"
+	local syslog_options="syslog-address syslog-format syslog-tls-ca-cert syslog-tls-cert syslog-tls-key syslog-tls-skip-verify syslog-facility tag"
+	local splunk_options="env labels splunk-caname splunk-capath splunk-index splunk-insecureskipverify splunk-source splunk-sourcetype splunk-token splunk-url tag"
+
+	local all_options="$fluentd_options $gcplogs_options $gelf_options $journald_options $json_file_options $syslog_options $splunk_options"
+
+	case $(__docker_value_of_option --log-driver) in
+		'')
+			COMPREPLY=( $( compgen -W "$all_options" -S = -- "$cur" ) )
+			;;
+		awslogs)
+			COMPREPLY=( $( compgen -W "$awslogs_options" -S = -- "$cur" ) )
+			;;
+		fluentd)
+			COMPREPLY=( $( compgen -W "$fluentd_options" -S = -- "$cur" ) )
+			;;
+		gcplogs)
+			COMPREPLY=( $( compgen -W "$gcplogs_options" -S = -- "$cur" ) )
+			;;
+		gelf)
+			COMPREPLY=( $( compgen -W "$gelf_options" -S = -- "$cur" ) )
+			;;
+		journald)
+			COMPREPLY=( $( compgen -W "$journald_options" -S = -- "$cur" ) )
+			;;
+		json-file)
+			COMPREPLY=( $( compgen -W "$json_file_options" -S = -- "$cur" ) )
+			;;
+		syslog)
+			COMPREPLY=( $( compgen -W "$syslog_options" -S = -- "$cur" ) )
+			;;
+		splunk)
+			COMPREPLY=( $( compgen -W "$splunk_options" -S = -- "$cur" ) )
+			;;
+		*)
+			return
+			;;
+	esac
+
+	__docker_nospace
+}
+
+__docker_complete_log_driver_options() {
+	local key=$(__docker_map_key_of_current_option '--log-opt')
+	case "$key" in
+		fluentd-async-connect)
+			COMPREPLY=( $( compgen -W "false true" -- "${cur##*=}" ) )
+			return
+			;;
+		gelf-address)
+			COMPREPLY=( $( compgen -W "udp" -S "://" -- "${cur##*=}" ) )
+			__docker_nospace
+			return
+			;;
+		gelf-compression-level)
+			COMPREPLY=( $( compgen -W "1 2 3 4 5 6 7 8 9" -- "${cur##*=}" ) )
+			return
+			;;
+		gelf-compression-type)
+			COMPREPLY=( $( compgen -W "gzip none zlib" -- "${cur##*=}" ) )
+			return
+			;;
+		syslog-address)
+			COMPREPLY=( $( compgen -W "tcp:// tcp+tls:// udp:// unix://" -- "${cur##*=}" ) )
+			__docker_nospace
+			__ltrim_colon_completions "${cur}"
+			return
+			;;
+		syslog-facility)
+			COMPREPLY=( $( compgen -W "
+				auth
+				authpriv
+				cron
+				daemon
+				ftp
+				kern
+				local0
+				local1
+				local2
+				local3
+				local4
+				local5
+				local6
+				local7
+				lpr
+				mail
+				news
+				syslog
+				user
+				uucp
+			" -- "${cur##*=}" ) )
+			return
+			;;
+		syslog-format)
+			COMPREPLY=( $( compgen -W "rfc3164 rfc5424" -- "${cur##*=}" ) )
+			return
+			;;
+		syslog-tls-@(ca-cert|cert|key))
+			_filedir
+			return
+			;;
+		syslog-tls-skip-verify)
+			COMPREPLY=( $( compgen -W "true" -- "${cur##*=}" ) )
+			return
+			;;
+		splunk-url)
+			COMPREPLY=( $( compgen -W "http:// https://" -- "${cur##*=}" ) )
+			__docker_nospace
+			__ltrim_colon_completions "${cur}"
+			return
+			;;
+		splunk-insecureskipverify)
+			COMPREPLY=( $( compgen -W "false true" -- "${cur##*=}" ) )
+			return
+			;;
+	esac
+	return 1
+}
+
+__docker_complete_log_levels() {
+	COMPREPLY=( $( compgen -W "debug info warn error fatal" -- "$cur" ) )
+}
+
+__docker_complete_restart() {
+	case "$prev" in
+		--restart)
+			case "$cur" in
+				on-failure:*)
+					;;
+				*)
+					COMPREPLY=( $( compgen -W "always no on-failure on-failure: unless-stopped" -- "$cur") )
+					;;
+			esac
+			return
+			;;
+	esac
+	return 1
+}
+
+# a selection of the available signals that is most likely of interest in the
+# context of docker containers.
+__docker_complete_signals() {
+	local signals=(
+		SIGCONT
+		SIGHUP
+		SIGINT
+		SIGKILL
+		SIGQUIT
+		SIGSTOP
+		SIGTERM
+		SIGUSR1
+		SIGUSR2
+	)
+	COMPREPLY=( $( compgen -W "${signals[*]} ${signals[*]#SIG}" -- "$( echo $cur | tr '[:lower:]' '[:upper:]')" ) )
+}
+
+__docker_complete_user_group() {
+	if [[ $cur == *:* ]] ; then
+		COMPREPLY=( $(compgen -g -- "${cur#*:}") )
+	else
+		COMPREPLY=( $(compgen -u -S : -- "$cur") )
+		__docker_nospace
+	fi
+}
+
+# global options that may appear after the docker command
+_docker_docker() {
+	local boolean_options="
+		$global_boolean_options
+		--help
+		--version -v
+	"
+
+	case "$prev" in
+		--config)
+			_filedir -d
+			return
+			;;
+		--log-level|-l)
+			__docker_complete_log_levels
+			return
+			;;
+		$(__docker_to_extglob "$global_options_with_args") )
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "$boolean_options $global_options_with_args" -- "$cur" ) )
+			;;
+		*)
+			local counter=$( __docker_pos_first_nonflag $(__docker_to_extglob "$global_options_with_args") )
+			if [ $cword -eq $counter ]; then
+				COMPREPLY=( $( compgen -W "${commands[*]} help" -- "$cur" ) )
+			fi
+			;;
+	esac
+}
+
+_docker_attach() {
+	__docker_complete_detach-keys && return
+
+ 	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--detach-keys --help --no-stdin --sig-proxy=false" -- "$cur" ) )
+			;;
+		*)
+			local counter=$(__docker_pos_first_nonflag '--detach-keys')
+			if [ $cword -eq $counter ]; then
+				__docker_complete_containers_running
+			fi
+			;;
+	esac
+}
+
+_docker_build() {
+	local options_with_args="
+		--build-arg
+		--cgroup-parent
+		--cpuset-cpus
+		--cpuset-mems
+		--cpu-shares
+		--cpu-period
+		--cpu-quota
+		--file -f
+		--isolation
+		--label
+		--memory -m
+		--memory-swap
+		--shm-size
+		--tag -t
+		--ulimit
+	"
+
+	local boolean_options="
+		--disable-content-trust=false
+		--force-rm
+		--help
+		--no-cache
+		--pull
+		--quiet -q
+		--rm
+	"
+
+	local all_options="$options_with_args $boolean_options"
+
+	case "$prev" in
+		--build-arg)
+			COMPREPLY=( $( compgen -e -- "$cur" ) )
+			__docker_nospace
+			return
+			;;
+		--file|-f)
+			_filedir
+			return
+			;;
+		--isolation)
+			__docker_complete_isolation
+			return
+			;;
+		--tag|-t)
+			__docker_complete_image_repos_and_tags
+			return
+			;;
+		$(__docker_to_extglob "$options_with_args") )
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "$all_options" -- "$cur" ) )
+			;;
+		*)
+			local counter=$( __docker_pos_first_nonflag $( __docker_to_alternatives "$options_with_args" ) )
+			if [ $cword -eq $counter ]; then
+				_filedir -d
+			fi
+			;;
+	esac
+}
+
+_docker_commit() {
+	case "$prev" in
+		--author|-a|--change|-c|--message|-m)
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--author -a --change -c --help --message -m --pause=false -p=false" -- "$cur" ) )
+			;;
+		*)
+			local counter=$(__docker_pos_first_nonflag '--author|-a|--change|-c|--message|-m')
+
+			if [ $cword -eq $counter ]; then
+				__docker_complete_containers_all
+				return
+			fi
+			(( counter++ ))
+
+			if [ $cword -eq $counter ]; then
+				__docker_complete_image_repos_and_tags
+				return
+			fi
+			;;
+	esac
+}
+
+_docker_cp() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--follow-link -L --help" -- "$cur" ) )
+			;;
+		*)
+			local counter=$(__docker_pos_first_nonflag)
+			if [ $cword -eq $counter ]; then
+				case "$cur" in
+					*:)
+						return
+						;;
+					*)
+						# combined container and filename completion
+						_filedir
+						local files=( ${COMPREPLY[@]} )
+
+						__docker_complete_containers_all
+						COMPREPLY=( $( compgen -W "${COMPREPLY[*]}" -S ':' ) )
+						local containers=( ${COMPREPLY[@]} )
+
+						COMPREPLY=( $( compgen -W "${files[*]} ${containers[*]}" -- "$cur" ) )
+						if [[ "$COMPREPLY" == *: ]]; then
+							__docker_nospace
+						fi
+						return
+						;;
+				esac
+			fi
+			(( counter++ ))
+
+			if [ $cword -eq $counter ]; then
+				if [ -e "$prev" ]; then
+					__docker_complete_containers_all
+					COMPREPLY=( $( compgen -W "${COMPREPLY[*]}" -S ':' ) )
+					__docker_nospace
+				else
+					_filedir
+				fi
+				return
+			fi
+			;;
+	esac
+}
+
+_docker_create() {
+	_docker_run
+}
+
+_docker_daemon() {
+	local boolean_options="
+		$global_boolean_options
+		--disable-legacy-registry
+		--help
+		--icc=false
+		--ip-forward=false
+		--ip-masq=false
+		--iptables=false
+		--ipv6
+		--raw-logs
+		--selinux-enabled
+		--userland-proxy=false
+	"
+	local options_with_args="
+		$global_options_with_args
+		--api-cors-header
+		--authorization-plugin
+		--bip
+		--bridge -b
+		--cgroup-parent
+		--cluster-advertise
+		--cluster-store
+		--cluster-store-opt
+		--containerd
+		--default-gateway
+		--default-gateway-v6
+		--default-ulimit
+		--dns
+		--dns-search
+		--dns-opt
+		--exec-opt
+		--exec-root
+		--fixed-cidr
+		--fixed-cidr-v6
+		--graph -g
+		--group -G
+		--insecure-registry
+		--ip
+		--label
+		--log-driver
+		--log-opt
+		--mtu
+		--pidfile -p
+		--registry-mirror
+		--storage-driver -s
+		--storage-opt
+		--userns-remap
+	"
+
+	__docker_complete_log_driver_options && return
+
+ 	key=$(__docker_map_key_of_current_option '--cluster-store-opt')
+ 	case "$key" in
+ 		kv.*file)
+			cur=${cur##*=}
+ 			_filedir
+ 			return
+ 			;;
+ 	esac
+
+ 	local key=$(__docker_map_key_of_current_option '--storage-opt')
+ 	case "$key" in
+ 		dm.@(blkdiscard|override_udev_sync_check|use_deferred_@(removal|deletion)))
+ 			COMPREPLY=( $( compgen -W "false true" -- "${cur##*=}" ) )
+ 			return
+ 			;;
+ 		dm.fs)
+ 			COMPREPLY=( $( compgen -W "ext4 xfs" -- "${cur##*=}" ) )
+ 			return
+ 			;;
+ 		dm.thinpooldev)
+			cur=${cur##*=}
+ 			_filedir
+ 			return
+ 			;;
+ 	esac
+
+	case "$prev" in
+		--authorization-plugin)
+			__docker_complete_plugins Authorization
+			return
+			;;
+		--cluster-store)
+			COMPREPLY=( $( compgen -W "consul etcd zk" -S "://" -- "$cur" ) )
+			__docker_nospace
+			return
+			;;
+		--cluster-store-opt)
+			COMPREPLY=( $( compgen -W "discovery.heartbeat discovery.ttl kv.cacertfile kv.certfile kv.keyfile kv.path" -S = -- "$cur" ) )
+			__docker_nospace
+			return
+			;;
+		--exec-root|--graph|-g)
+			_filedir -d
+			return
+			;;
+		--log-driver)
+			__docker_complete_log_drivers
+			return
+			;;
+		--containerd|--pidfile|-p|--tlscacert|--tlscert|--tlskey)
+			_filedir
+			return
+			;;
+		--storage-driver|-s)
+			COMPREPLY=( $( compgen -W "aufs btrfs devicemapper overlay vfs zfs" -- "$(echo $cur | tr '[:upper:]' '[:lower:]')" ) )
+			return
+			;;
+		--storage-opt)
+			local devicemapper_options="
+				dm.basesize
+				dm.blkdiscard
+				dm.blocksize
+				dm.fs
+				dm.loopdatasize
+				dm.loopmetadatasize
+				dm.min_free_space
+				dm.mkfsarg
+				dm.mountopt
+				dm.override_udev_sync_check
+				dm.thinpooldev
+				dm.use_deferred_deletion
+				dm.use_deferred_removal
+			"
+			local zfs_options="zfs.fsname"
+
+			case $(__docker_value_of_option '--storage-driver|-s') in
+				'')
+					COMPREPLY=( $( compgen -W "$devicemapper_options $zfs_options" -S = -- "$cur" ) )
+					;;
+				devicemapper)
+					COMPREPLY=( $( compgen -W "$devicemapper_options" -S = -- "$cur" ) )
+					;;
+				zfs)
+					COMPREPLY=( $( compgen -W "$zfs_options" -S = -- "$cur" ) )
+					;;
+				*)
+					return
+					;;
+			esac
+			__docker_nospace
+			return
+			;;
+		--log-level|-l)
+			__docker_complete_log_levels
+			return
+			;;
+		--log-opt)
+			__docker_complete_log_options
+			return
+			;;
+		--userns-remap)
+			__docker_complete_user_group
+			return
+			;;
+		$(__docker_to_extglob "$options_with_args") )
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "$boolean_options $options_with_args" -- "$cur" ) )
+			;;
+	esac
+}
+
+_docker_diff() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+			;;
+		*)
+			local counter=$(__docker_pos_first_nonflag)
+			if [ $cword -eq $counter ]; then
+				__docker_complete_containers_all
+			fi
+			;;
+	esac
+}
+
+_docker_events() {
+	local key=$(__docker_map_key_of_current_option '-f|--filter')
+	case "$key" in
+		container)
+			cur="${cur##*=}"
+			__docker_complete_containers_all
+			return
+			;;
+		event)
+			COMPREPLY=( $( compgen -W "
+				attach
+				commit
+				connect
+				copy
+				create
+				delete
+				destroy
+				die
+				disconnect
+				exec_create
+				exec_start
+				export
+				import
+				kill
+				mount
+				oom
+				pause
+				pull
+				push
+				rename
+				resize
+				restart
+				start
+				stop
+				tag
+				top
+				unmount
+				unpause
+				untag
+				update
+			" -- "${cur##*=}" ) )
+			return
+			;;
+		image)
+			cur="${cur##*=}"
+			__docker_complete_images
+			return
+			;;
+		network)
+			cur="${cur##*=}"
+			__docker_complete_networks
+			return
+			;;
+		type)
+			COMPREPLY=( $( compgen -W "container image network volume" -- "${cur##*=}" ) )
+			return
+			;;
+		volume)
+			cur="${cur##*=}"
+			__docker_complete_volumes
+			return
+			;;
+	esac
+
+	case "$prev" in
+		--filter|-f)
+			COMPREPLY=( $( compgen -S = -W "container event image label network type volume" -- "$cur" ) )
+			__docker_nospace
+			return
+			;;
+		--since|--until)
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--filter -f --help --since --until" -- "$cur" ) )
+			;;
+	esac
+}
+
+_docker_exec() {
+	__docker_complete_detach-keys && return
+
+	case "$prev" in
+		--user|-u)
+			__docker_complete_user_group
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--detach -d --detach-keys --help --interactive -i --privileged -t --tty -u --user" -- "$cur" ) )
+			;;
+		*)
+			__docker_complete_containers_running
+			;;
+	esac
+}
+
+_docker_export() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+			;;
+		*)
+			local counter=$(__docker_pos_first_nonflag)
+			if [ $cword -eq $counter ]; then
+				__docker_complete_containers_all
+			fi
+			;;
+	esac
+}
+
+_docker_help() {
+	local counter=$(__docker_pos_first_nonflag)
+	if [ $cword -eq $counter ]; then
+		COMPREPLY=( $( compgen -W "${commands[*]}" -- "$cur" ) )
+	fi
+}
+
+_docker_history() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help --human=false -H=false --no-trunc --quiet -q" -- "$cur" ) )
+			;;
+		*)
+			local counter=$(__docker_pos_first_nonflag)
+			if [ $cword -eq $counter ]; then
+				__docker_complete_images
+			fi
+			;;
+	esac
+}
+
+_docker_images() {
+	local key=$(__docker_map_key_of_current_option '--filter|-f')
+	case "$key" in
+		dangling)
+			COMPREPLY=( $( compgen -W "false true" -- "${cur##*=}" ) )
+			return
+			;;
+		label)
+			return
+			;;
+	esac
+
+	case "$prev" in
+		--filter|-f)
+			COMPREPLY=( $( compgen -S = -W "dangling label" -- "$cur" ) )
+			__docker_nospace
+			return
+			;;
+                --format)
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--all -a --digests --filter -f --format --help --no-trunc --quiet -q" -- "$cur" ) )
+			;;
+		=)
+			return
+			;;
+		*)
+			__docker_complete_image_repos
+			;;
+	esac
+}
+
+_docker_import() {
+	case "$prev" in
+		--change|-c|--message|-m)
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--change -c --help --message -m" -- "$cur" ) )
+			;;
+		*)
+			local counter=$(__docker_pos_first_nonflag '--change|-c|--message|-m')
+			if [ $cword -eq $counter ]; then
+				return
+			fi
+			(( counter++ ))
+
+			if [ $cword -eq $counter ]; then
+				__docker_complete_image_repos_and_tags
+				return
+			fi
+			;;
+	esac
+}
+
+_docker_info() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+			;;
+	esac
+}
+
+_docker_inspect() {
+	case "$prev" in
+		--format|-f)
+			return
+			;;
+		--type)
+                     COMPREPLY=( $( compgen -W "image container" -- "$cur" ) )
+                     return
+                        ;;
+
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--format -f --help --size -s --type" -- "$cur" ) )
+			;;
+		*)
+			case $(__docker_value_of_option --type) in
+				'')
+					__docker_complete_containers_and_images
+					;;
+				container)
+					__docker_complete_containers_all
+					;;
+				image)
+					__docker_complete_images
+					;;
+			esac
+	esac
+}
+
+_docker_kill() {
+	case "$prev" in
+		--signal|-s)
+			__docker_complete_signals
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help --signal -s" -- "$cur" ) )
+			;;
+		*)
+			__docker_complete_containers_running
+			;;
+	esac
+}
+
+_docker_load() {
+	case "$prev" in
+		--input|-i)
+			_filedir
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help --input -i --quiet -q" -- "$cur" ) )
+			;;
+	esac
+}
+
+_docker_login() {
+	case "$prev" in
+		--password|-p|--username|-u)
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help --password -p --username -u" -- "$cur" ) )
+			;;
+	esac
+}
+
+_docker_logout() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+			;;
+	esac
+}
+
+_docker_logs() {
+	case "$prev" in
+		--since|--tail)
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--follow -f --help --since --tail --timestamps -t" -- "$cur" ) )
+			;;
+		*)
+			local counter=$(__docker_pos_first_nonflag '--tail')
+			if [ $cword -eq $counter ]; then
+				__docker_complete_containers_all
+			fi
+			;;
+	esac
+}
+
+_docker_network_connect() {
+	local options_with_args="
+		--alias
+		--ip
+		--ip6
+		--link
+	"
+
+	local boolean_options="
+		--help
+	"
+
+	case "$prev" in
+		--link)
+			case "$cur" in
+				*:*)
+					;;
+				*)
+					__docker_complete_containers_running
+					COMPREPLY=( $( compgen -W "${COMPREPLY[*]}" -S ':' ) )
+					__docker_nospace
+					;;
+			esac
+			return
+			;;
+		$(__docker_to_extglob "$options_with_args") )
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "$boolean_options $options_with_args" -- "$cur" ) )
+			;;
+		*)
+			local counter=$( __docker_pos_first_nonflag $( __docker_to_alternatives "$options_with_args" ) )
+			if [ $cword -eq $counter ]; then
+				__docker_complete_networks
+			elif [ $cword -eq $(($counter + 1)) ]; then
+				__docker_complete_containers_all
+			fi
+			;;
+	esac
+}
+
+_docker_network_create() {
+	case "$prev" in
+		--aux-address|--gateway|--internal|--ip-range|--ipam-opt|--ipv6|--opt|-o|--subnet)
+			return
+			;;
+		--ipam-driver)
+			COMPREPLY=( $( compgen -W "default" -- "$cur" ) )
+			return
+			;;
+		--driver|-d)
+			local plugins=" $(__docker_plugins Network) "
+			# remove drivers that allow one instance only
+			plugins=${plugins/ host / }
+			plugins=${plugins/ null / }
+			COMPREPLY=( $(compgen -W "$plugins" -- "$cur") )
+			return
+			;;
+		--label)
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--aux-address --driver -d --gateway --help --internal --ip-range --ipam-driver --ipam-opt --ipv6 --label --opt -o --subnet" -- "$cur" ) )
+			;;
+	esac
+}
+
+_docker_network_disconnect() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+			;;
+		*)
+			local counter=$(__docker_pos_first_nonflag)
+			if [ $cword -eq $counter ]; then
+				__docker_complete_networks
+			elif [ $cword -eq $(($counter + 1)) ]; then
+				__docker_complete_containers_in_network "$prev"
+			fi
+			;;
+	esac
+}
+
+_docker_network_inspect() {
+	case "$prev" in
+		--format|-f)
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--format -f --help" -- "$cur" ) )
+			;;
+		*)
+			__docker_complete_networks
+	esac
+}
+
+_docker_network_ls() {
+	local key=$(__docker_map_key_of_current_option '--filter|-f')
+	case "$key" in
+		id)
+			cur="${cur##*=}"
+			__docker_complete_network_ids
+			return
+			;;
+		name)
+			cur="${cur##*=}"
+			__docker_complete_network_names
+			return
+			;;
+		type)
+			COMPREPLY=( $( compgen -W "builtin custom" -- "${cur##*=}" ) )
+			return
+			;;
+	esac
+
+	case "$prev" in
+		--filter|-f)
+			COMPREPLY=( $( compgen -S = -W "id name type" -- "$cur" ) )
+			__docker_nospace
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--filter -f --help --no-trunc --quiet -q" -- "$cur" ) )
+			;;
+	esac
+}
+
+_docker_network_rm() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+			;;
+		*)
+			__docker_complete_networks type=custom
+	esac
+}
+
+_docker_network() {
+	local subcommands="
+		connect
+		create
+		disconnect
+		inspect
+		ls
+		rm
+	"
+	__docker_subcommands "$subcommands" && return
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+			;;
+		*)
+			COMPREPLY=( $( compgen -W "$subcommands" -- "$cur" ) )
+			;;
+	esac
+}
+
+_docker_pause() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+			;;
+		*)
+			local counter=$(__docker_pos_first_nonflag)
+			if [ $cword -eq $counter ]; then
+				__docker_complete_containers_pauseable
+			fi
+			;;
+	esac
+}
+
+_docker_port() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+			;;
+		*)
+			local counter=$(__docker_pos_first_nonflag)
+			if [ $cword -eq $counter ]; then
+				__docker_complete_containers_all
+			fi
+			;;
+	esac
+}
+
+_docker_ps() {
+	local key=$(__docker_map_key_of_current_option '--filter|-f')
+	case "$key" in
+		ancestor)
+			cur="${cur##*=}"
+			__docker_complete_images
+			return
+			;;
+		id)
+			cur="${cur##*=}"
+			__docker_complete_container_ids
+			return
+			;;
+		name)
+			cur="${cur##*=}"
+			__docker_complete_container_names
+			return
+			;;
+		status)
+			COMPREPLY=( $( compgen -W "created dead exited paused restarting running" -- "${cur##*=}" ) )
+			return
+			;;
+		volume)
+			cur="${cur##*=}"
+			__docker_complete_volumes
+			return
+			;;
+	esac
+
+	case "$prev" in
+		--before|--since)
+			__docker_complete_containers_all
+			;;
+		--filter|-f)
+			COMPREPLY=( $( compgen -S = -W "ancestor exited id label name status volume" -- "$cur" ) )
+			__docker_nospace
+			return
+			;;
+		--format|-n)
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--all -a --before --filter -f --format --help --latest -l -n --no-trunc --quiet -q --size -s --since" -- "$cur" ) )
+			;;
+	esac
+}
+
+_docker_pull() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--all-tags -a --disable-content-trust=false --help" -- "$cur" ) )
+			;;
+		*)
+			local counter=$(__docker_pos_first_nonflag)
+			if [ $cword -eq $counter ]; then
+				for arg in "${COMP_WORDS[@]}"; do
+					case "$arg" in
+						--all-tags|-a)
+							__docker_complete_image_repos
+							return
+							;;
+					esac
+				done
+				__docker_complete_image_repos_and_tags
+			fi
+			;;
+	esac
+}
+
+_docker_push() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--disable-content-trust=false --help" -- "$cur" ) )
+			;;
+		*)
+			local counter=$(__docker_pos_first_nonflag)
+			if [ $cword -eq $counter ]; then
+				__docker_complete_image_repos_and_tags
+			fi
+			;;
+	esac
+}
+
+_docker_rename() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+			;;
+		*)
+			local counter=$(__docker_pos_first_nonflag)
+			if [ $cword -eq $counter ]; then
+				__docker_complete_containers_all
+			fi
+			;;
+	esac
+}
+
+_docker_restart() {
+	case "$prev" in
+		--time|-t)
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help --time -t" -- "$cur" ) )
+			;;
+		*)
+			__docker_complete_containers_all
+			;;
+	esac
+}
+
+_docker_rm() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--force -f --help --link -l --volumes -v" -- "$cur" ) )
+			;;
+		*)
+			for arg in "${COMP_WORDS[@]}"; do
+				case "$arg" in
+					--force|-f)
+						__docker_complete_containers_all
+						return
+						;;
+				esac
+			done
+			__docker_complete_containers_stopped
+			;;
+	esac
+}
+
+_docker_rmi() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--force -f --help --no-prune" -- "$cur" ) )
+			;;
+		*)
+			__docker_complete_images
+			;;
+	esac
+}
+
+_docker_run() {
+	local options_with_args="
+		--add-host
+		--attach -a
+		--blkio-weight
+		--blkio-weight-device
+		--cap-add
+		--cap-drop
+		--cgroup-parent
+		--cidfile
+		--cpu-period
+		--cpu-quota
+		--cpuset-cpus
+		--cpuset-mems
+		--cpu-shares
+		--device
+		--device-read-bps
+		--device-read-iops
+		--device-write-bps
+		--device-write-iops
+		--dns
+		--dns-opt
+		--dns-search
+		--entrypoint
+		--env -e
+		--env-file
+		--expose
+		--group-add
+		--hostname -h
+		--ip
+		--ip6
+		--ipc
+		--isolation
+		--kernel-memory
+		--label-file
+		--label -l
+		--link
+		--log-driver
+		--log-opt
+		--mac-address
+		--memory -m
+		--memory-swap
+		--memory-swappiness
+		--memory-reservation
+		--name
+		--net
+		--net-alias
+		--oom-score-adj
+		--pid
+		--pids-limit
+		--publish -p
+		--restart
+		--security-opt
+		--shm-size
+		--stop-signal
+		--tmpfs
+		--ulimit
+		--user -u
+		--userns
+		--uts
+		--volume-driver
+		--volumes-from
+		--volume -v
+		--workdir -w
+	"
+
+	local boolean_options="
+		--disable-content-trust=false
+		--help
+		--interactive -i
+		--oom-kill-disable
+		--privileged
+		--publish-all -P
+		--read-only
+		--tty -t
+	"
+
+	if [ "$command" = "run" ] ; then
+		options_with_args="$options_with_args
+			--detach-keys
+		"
+		boolean_options="$boolean_options
+			--detach -d
+			--rm
+			--sig-proxy=false
+		"
+		__docker_complete_detach-keys && return
+	fi
+
+	local all_options="$options_with_args $boolean_options"
+
+
+	__docker_complete_log_driver_options && return
+	__docker_complete_restart && return
+
+	local key=$(__docker_map_key_of_current_option '--security-opt')
+	case "$key" in
+		label)
+			[[ $cur == *: ]] && return
+			COMPREPLY=( $( compgen -W "user: role: type: level: disable" -- "${cur##*=}") )
+			if [ "${COMPREPLY[*]}" != "disable" ] ; then
+				__docker_nospace
+			fi
+			return
+			;;
+		seccomp)
+			local cur=${cur##*=}
+			_filedir
+			COMPREPLY+=( $( compgen -W "unconfined" -- "$cur" ) )
+			return
+			;;
+	esac
+
+	case "$prev" in
+		--add-host)
+			case "$cur" in
+				*:)
+					__docker_complete_resolved_hostname
+					return
+					;;
+			esac
+			;;
+		--attach|-a)
+			COMPREPLY=( $( compgen -W 'stdin stdout stderr' -- "$cur" ) )
+			return
+			;;
+		--cap-add|--cap-drop)
+			__docker_complete_capabilities
+			return
+			;;
+		--cidfile|--env-file|--label-file)
+			_filedir
+			return
+			;;
+		--device|--tmpfs|--volume|-v)
+			case "$cur" in
+				*:*)
+					# TODO somehow do _filedir for stuff inside the image, if it's already specified (which is also somewhat difficult to determine)
+					;;
+				'')
+					COMPREPLY=( $( compgen -W '/' -- "$cur" ) )
+					__docker_nospace
+					;;
+				/*)
+					_filedir
+					__docker_nospace
+					;;
+			esac
+			return
+			;;
+		--env|-e)
+			COMPREPLY=( $( compgen -e -- "$cur" ) )
+			__docker_nospace
+			return
+			;;
+		--ipc)
+			case "$cur" in
+				*:*)
+					cur="${cur#*:}"
+					__docker_complete_containers_running
+					;;
+				*)
+					COMPREPLY=( $( compgen -W 'host container:' -- "$cur" ) )
+					if [ "$COMPREPLY" = "container:" ]; then
+						__docker_nospace
+					fi
+					;;
+			esac
+			return
+			;;
+		--isolation)
+			__docker_complete_isolation
+			return
+			;;
+		--link)
+			case "$cur" in
+				*:*)
+					;;
+				*)
+					__docker_complete_containers_running
+					COMPREPLY=( $( compgen -W "${COMPREPLY[*]}" -S ':' ) )
+					__docker_nospace
+					;;
+			esac
+			return
+			;;
+		--log-driver)
+			__docker_complete_log_drivers
+			return
+			;;
+		--log-opt)
+			__docker_complete_log_options
+			return
+			;;
+		--net)
+			case "$cur" in
+				container:*)
+					local cur=${cur#*:}
+					__docker_complete_containers_all
+					;;
+				*)
+					COMPREPLY=( $( compgen -W "$(__docker_plugins Network) $(__docker_networks) container:" -- "$cur") )
+					if [ "${COMPREPLY[*]}" = "container:" ] ; then
+						__docker_nospace
+					fi
+					;;
+			esac
+			return
+			;;
+		--security-opt)
+			COMPREPLY=( $( compgen -W "apparmor= label= no-new-privileges seccomp=" -- "$cur") )
+			if [ "${COMPREPLY[*]}" != "no-new-privileges" ] ; then
+				__docker_nospace
+			fi
+			return
+			;;
+		--user|-u)
+			__docker_complete_user_group
+			return
+			;;
+		--userns)
+			COMPREPLY=( $( compgen -W "host" -- "$cur" ) )
+			return
+			;;
+		--volume-driver)
+			__docker_complete_plugins Volume
+			return
+			;;
+		--volumes-from)
+			__docker_complete_containers_all
+			return
+			;;
+		$(__docker_to_extglob "$options_with_args") )
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "$all_options" -- "$cur" ) )
+			;;
+		*)
+			local counter=$( __docker_pos_first_nonflag $( __docker_to_alternatives "$options_with_args" ) )
+			if [ $cword -eq $counter ]; then
+				__docker_complete_images
+			fi
+			;;
+	esac
+}
+
+_docker_save() {
+	case "$prev" in
+		--output|-o)
+			_filedir
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help --output -o" -- "$cur" ) )
+			;;
+		*)
+			__docker_complete_images
+			;;
+	esac
+}
+
+_docker_search() {
+	case "$prev" in
+		--stars|-s)
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--automated --help --no-trunc --stars -s" -- "$cur" ) )
+			;;
+	esac
+}
+
+_docker_start() {
+	__docker_complete_detach-keys && return
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--attach -a --detach-keys --help --interactive -i" -- "$cur" ) )
+			;;
+		*)
+			__docker_complete_containers_stopped
+			;;
+	esac
+}
+
+_docker_stats() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--all -a --help --no-stream" -- "$cur" ) )
+			;;
+		*)
+			__docker_complete_containers_running
+			;;
+	esac
+}
+
+_docker_stop() {
+	case "$prev" in
+		--time|-t)
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help --time -t" -- "$cur" ) )
+			;;
+		*)
+			__docker_complete_containers_running
+			;;
+	esac
+}
+
+_docker_tag() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+			;;
+		*)
+			local counter=$(__docker_pos_first_nonflag)
+
+			if [ $cword -eq $counter ]; then
+				__docker_complete_image_repos_and_tags
+				return
+			fi
+			(( counter++ ))
+
+			if [ $cword -eq $counter ]; then
+				__docker_complete_image_repos_and_tags
+				return
+			fi
+			;;
+	esac
+}
+
+_docker_unpause() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+			;;
+		*)
+			local counter=$(__docker_pos_first_nonflag)
+			if [ $cword -eq $counter ]; then
+				__docker_complete_containers_unpauseable
+			fi
+			;;
+	esac
+}
+
+_docker_update() {
+	local options_with_args="
+		--blkio-weight
+		--cpu-period
+		--cpu-quota
+		--cpuset-cpus
+		--cpuset-mems
+		--cpu-shares
+		--kernel-memory
+		--memory -m
+		--memory-reservation
+		--memory-swap
+		--restart
+	"
+
+	local boolean_options="
+		--help
+	"
+
+	local all_options="$options_with_args $boolean_options"
+
+	__docker_complete_restart && return
+
+	case "$prev" in
+		$(__docker_to_extglob "$options_with_args") )
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "$all_options" -- "$cur" ) )
+			;;
+		*)
+			__docker_complete_containers_all
+			;;
+	esac
+}
+
+_docker_top() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+			;;
+		*)
+			local counter=$(__docker_pos_first_nonflag)
+			if [ $cword -eq $counter ]; then
+				__docker_complete_containers_running
+			fi
+			;;
+	esac
+}
+
+_docker_version() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+			;;
+	esac
+}
+
+_docker_volume_create() {
+	case "$prev" in
+		--driver|-d)
+			__docker_complete_plugins Volume
+			return
+			;;
+		--label|--name|--opt|-o)
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--driver -d --help --label --name --opt -o" -- "$cur" ) )
+			;;
+	esac
+}
+
+_docker_volume_inspect() {
+	case "$prev" in
+		--format|-f)
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--format -f --help" -- "$cur" ) )
+			;;
+		*)
+			__docker_complete_volumes
+			;;
+	esac
+}
+
+_docker_volume_ls() {
+	local key=$(__docker_map_key_of_current_option '--filter|-f')
+	case "$key" in
+		dangling)
+			COMPREPLY=( $( compgen -W "true false" -- "${cur##*=}" ) )
+			return
+			;;
+	esac
+
+	case "$prev" in
+		--filter|-f)
+			COMPREPLY=( $( compgen -S = -W "dangling" -- "$cur" ) )
+			__docker_nospace
+			return
+			;;
+	esac
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--filter -f --help --quiet -q" -- "$cur" ) )
+			;;
+	esac
+}
+
+_docker_volume_rm() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+			;;
+		*)
+			__docker_complete_volumes
+			;;
+	esac
+}
+
+_docker_volume() {
+	local subcommands="
+		create
+		inspect
+		ls
+		rm
+	"
+	__docker_subcommands "$subcommands" && return
+
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+			;;
+		*)
+			COMPREPLY=( $( compgen -W "$subcommands" -- "$cur" ) )
+			;;
+	esac
+}
+
+_docker_wait() {
+	case "$cur" in
+		-*)
+			COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+			;;
+		*)
+			__docker_complete_containers_all
+			;;
+	esac
+}
+
+_docker() {
+	local previous_extglob_setting=$(shopt -p extglob)
+	shopt -s extglob
+
+	local commands=(
+		attach
+		build
+		commit
+		cp
+		create
+		daemon
+		diff
+		events
+		exec
+		export
+		history
+		images
+		import
+		info
+		inspect
+		kill
+		load
+		login
+		logout
+		logs
+		network
+		pause
+		port
+		ps
+		pull
+		push
+		rename
+		restart
+		rm
+		rmi
+		run
+		save
+		search
+		start
+		stats
+		stop
+		tag
+		top
+		unpause
+		update
+		version
+		volume
+		wait
+	)
+
+	# These options are valid as global options for all client commands
+	# and valid as command options for `docker daemon`
+	local global_boolean_options="
+		--debug -D
+		--tls
+		--tlsverify
+	"
+	local global_options_with_args="
+		--config
+		--host -H
+		--log-level -l
+		--tlscacert
+		--tlscert
+		--tlskey
+	"
+
+	local host config
+
+	COMPREPLY=()
+	local cur prev words cword
+	_get_comp_words_by_ref -n : cur prev words cword
+
+	local command='docker' command_pos=0 subcommand_pos
+	local counter=1
+	while [ $counter -lt $cword ]; do
+		case "${words[$counter]}" in
+			# save host so that completion can use custom daemon
+			--host|-H)
+				(( counter++ ))
+				host="${words[$counter]}"
+				;;
+			# save config so that completion can use custom configuration directories
+			--config)
+				(( counter++ ))
+				config="${words[$counter]}"
+				;;
+			$(__docker_to_extglob "$global_options_with_args") )
+				(( counter++ ))
+				;;
+			-*)
+				;;
+			=)
+				(( counter++ ))
+				;;
+			*)
+				command="${words[$counter]}"
+				command_pos=$counter
+				break
+				;;
+		esac
+		(( counter++ ))
+	done
+
+	local completions_func=_docker_${command}
+	declare -F $completions_func >/dev/null && $completions_func
+
+	eval "$previous_extglob_setting"
+	return 0
+}
+
+eval "$__docker_previous_extglob_setting"
+unset __docker_previous_extglob_setting
+
+complete -F _docker docker
diff --git a/contrib/completion/fish/docker.fish b/contrib/completion/fish/docker.fish
new file mode 100644
index 00000000..72ccd055
--- /dev/null
+++ b/contrib/completion/fish/docker.fish
@@ -0,0 +1,400 @@
+# docker.fish - docker completions for fish shell
+#
+# This file is generated by gen_docker_fish_completions.py from:
+# https://github.com/barnybug/docker-fish-completion
+#
+# To install the completions:
+# mkdir -p ~/.config/fish/completions
+# cp docker.fish ~/.config/fish/completions
+#
+# Completion supported:
+# - parameters
+# - commands
+# - containers
+# - images
+# - repositories
+
+function __fish_docker_no_subcommand --description 'Test if docker has yet to be given the subcommand'
+    for i in (commandline -opc)
+        if contains -- $i attach build commit cp create diff events exec export history images import info inspect kill load login logout logs pause port ps pull push rename restart rm rmi run save search start stop tag top unpause version wait stats
+            return 1
+        end
+    end
+    return 0
+end
+
+function __fish_print_docker_containers --description 'Print a list of docker containers' -a select
+    switch $select
+        case running
+            docker ps -a --no-trunc | command awk 'NR>1' | command awk 'BEGIN {FS="  +"}; $5 ~ "^Up" {print $1 "\n" $(NF)}' | tr ',' '\n'
+        case stopped
+            docker ps -a --no-trunc | command awk 'NR>1' | command awk 'BEGIN {FS="  +"}; $5 ~ "^Exit" {print $1 "\n" $(NF)}' | tr ',' '\n'
+        case all
+            docker ps -a --no-trunc | command awk 'NR>1' | command awk 'BEGIN {FS="  +"}; {print $1 "\n" $(NF)}' | tr ',' '\n'
+    end
+end
+
+function __fish_print_docker_images --description 'Print a list of docker images'
+    docker images | command awk 'NR>1' | command grep -v '<none>' | command awk '{print $1":"$2}'
+end
+
+function __fish_print_docker_repositories --description 'Print a list of docker repositories'
+    docker images | command awk 'NR>1' | command grep -v '<none>' | command awk '{print $1}' | command sort | command uniq
+end
+
+# common options
+complete -c docker -f -n '__fish_docker_no_subcommand' -l api-cors-header -d "Set CORS headers in the remote API. Default is cors disabled"
+complete -c docker -f -n '__fish_docker_no_subcommand' -s b -l bridge -d 'Attach containers to a pre-existing network bridge'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l bip -d "Use this CIDR notation address for the network bridge's IP, not compatible with -b"
+complete -c docker -f -n '__fish_docker_no_subcommand' -s D -l debug -d 'Enable debug mode'
+complete -c docker -f -n '__fish_docker_no_subcommand' -s d -l daemon -d 'Enable daemon mode'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l dns -d 'Force Docker to use specific DNS servers'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l dns-opt -d 'Force Docker to use specific DNS options'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l dns-search -d 'Force Docker to use specific DNS search domains'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l exec-opt -d 'Set runtime execution options'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l fixed-cidr -d 'IPv4 subnet for fixed IPs (e.g. 10.20.0.0/16)'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l fixed-cidr-v6 -d 'IPv6 subnet for fixed IPs (e.g.: 2001:a02b/48)'
+complete -c docker -f -n '__fish_docker_no_subcommand' -s G -l group -d 'Group to assign the unix socket specified by -H when running in daemon mode'
+complete -c docker -f -n '__fish_docker_no_subcommand' -s g -l graph -d 'Path to use as the root of the Docker runtime'
+complete -c docker -f -n '__fish_docker_no_subcommand' -s H -l host -d 'The socket(s) to bind to in daemon mode or connect to in client mode, specified using one or more tcp://host:port, unix:///path/to/socket, fd://* or fd://socketfd.'
+complete -c docker -f -n '__fish_docker_no_subcommand' -s h -l help -d 'Print usage'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l icc -d 'Allow unrestricted inter-container and Docker daemon host communication'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l insecure-registry -d 'Enable insecure communication with specified registries (no certificate verification for HTTPS and enable HTTP fallback) (e.g., localhost:5000 or 10.20.0.0/16)'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l ip -d 'Default IP address to use when binding container ports'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l ip-forward -d 'Enable net.ipv4.ip_forward and IPv6 forwarding if --fixed-cidr-v6 is defined. IPv6 forwarding may interfere with your existing IPv6 configuration when using Router Advertisement.'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l ip-masq -d "Enable IP masquerading for bridge's IP range"
+complete -c docker -f -n '__fish_docker_no_subcommand' -l iptables -d "Enable Docker's addition of iptables rules"
+complete -c docker -f -n '__fish_docker_no_subcommand' -l ipv6 -d 'Enable IPv6 networking'
+complete -c docker -f -n '__fish_docker_no_subcommand' -s l -l log-level -d 'Set the logging level (debug, info, warn, error, fatal)'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l label -d 'Set key=value labels to the daemon (displayed in `docker info`)'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l mtu -d 'Set the containers network MTU'
+complete -c docker -f -n '__fish_docker_no_subcommand' -s p -l pidfile -d 'Path to use for daemon PID file'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l registry-mirror -d 'Specify a preferred Docker registry mirror'
+complete -c docker -f -n '__fish_docker_no_subcommand' -s s -l storage-driver -d 'Force the Docker runtime to use a specific storage driver'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l selinux-enabled -d 'Enable selinux support. SELinux does not presently support the BTRFS storage driver'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l storage-opt -d 'Set storage driver options'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l tls -d 'Use TLS; implied by --tlsverify'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l tlscacert -d 'Trust only remotes providing a certificate signed by the CA given here'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l tlscert -d 'Path to TLS certificate file'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l tlskey -d 'Path to TLS key file'
+complete -c docker -f -n '__fish_docker_no_subcommand' -l tlsverify -d 'Use TLS and verify the remote (daemon: verify client, client: verify daemon)'
+complete -c docker -f -n '__fish_docker_no_subcommand' -s v -l version -d 'Print version information and quit'
+
+# subcommands
+# attach
+complete -c docker -f -n '__fish_docker_no_subcommand' -a attach -d 'Attach to a running container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from attach' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from attach' -l no-stdin -d 'Do not attach STDIN'
+complete -c docker -A -f -n '__fish_seen_subcommand_from attach' -l sig-proxy -d 'Proxy all received signals to the process (non-TTY mode only). SIGCHLD, SIGKILL, and SIGSTOP are not proxied.'
+complete -c docker -A -f -n '__fish_seen_subcommand_from attach' -a '(__fish_print_docker_containers running)' -d "Container"
+
+# build
+complete -c docker -f -n '__fish_docker_no_subcommand' -a build -d 'Build an image from a Dockerfile'
+complete -c docker -A -f -n '__fish_seen_subcommand_from build' -s f -l file -d "Name of the Dockerfile(Default is 'Dockerfile' at context root)"
+complete -c docker -A -f -n '__fish_seen_subcommand_from build' -l force-rm -d 'Always remove intermediate containers, even after unsuccessful builds'
+complete -c docker -A -f -n '__fish_seen_subcommand_from build' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from build' -l no-cache -d 'Do not use cache when building the image'
+complete -c docker -A -f -n '__fish_seen_subcommand_from build' -l pull -d 'Always attempt to pull a newer version of the image'
+complete -c docker -A -f -n '__fish_seen_subcommand_from build' -s q -l quiet -d 'Suppress the build output and print image ID on success'
+complete -c docker -A -f -n '__fish_seen_subcommand_from build' -l rm -d 'Remove intermediate containers after a successful build'
+complete -c docker -A -f -n '__fish_seen_subcommand_from build' -s t -l tag -d 'Repository name (and optionally a tag) to be applied to the resulting image in case of success'
+
+# commit
+complete -c docker -f -n '__fish_docker_no_subcommand' -a commit -d "Create a new image from a container's changes"
+complete -c docker -A -f -n '__fish_seen_subcommand_from commit' -s a -l author -d 'Author (e.g., "John Hannibal Smith <hannibal@a-team.com>")'
+complete -c docker -A -f -n '__fish_seen_subcommand_from commit' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from commit' -s m -l message -d 'Commit message'
+complete -c docker -A -f -n '__fish_seen_subcommand_from commit' -s p -l pause -d 'Pause container during commit'
+complete -c docker -A -f -n '__fish_seen_subcommand_from commit' -a '(__fish_print_docker_containers all)' -d "Container"
+
+# cp
+complete -c docker -f -n '__fish_docker_no_subcommand' -a cp -d "Copy files/folders between a container and the local filesystem"
+complete -c docker -A -f -n '__fish_seen_subcommand_from cp' -l help -d 'Print usage'
+
+# create
+complete -c docker -f -n '__fish_docker_no_subcommand' -a create -d 'Create a new container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -s a -l attach -d 'Attach to STDIN, STDOUT or STDERR.'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l add-host -d 'Add a custom host-to-IP mapping (host:ip)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l cpu-shares -d 'CPU shares (relative weight)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l cap-add -d 'Add Linux capabilities'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l cap-drop -d 'Drop Linux capabilities'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l cidfile -d 'Write the container ID to the file'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l cpuset -d 'CPUs in which to allow execution (0-3, 0,1)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l device -d 'Add a host device to the container (e.g. --device=/dev/sdc:/dev/xvdc:rwm)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l dns -d 'Set custom DNS servers'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l dns-opt -d "Set custom DNS options (Use --dns-opt='' if you don't wish to set options)"
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l dns-search -d "Set custom DNS search domains (Use --dns-search=. if you don't wish to set the search domain)"
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -s e -l env -d 'Set environment variables'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l entrypoint -d 'Overwrite the default ENTRYPOINT of the image'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l env-file -d 'Read in a line delimited file of environment variables'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l expose -d 'Expose a port or a range of ports (e.g. --expose=3300-3310) from the container without publishing it to your host'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l group-add -d 'Add additional groups to run as'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -s h -l hostname -d 'Container host name'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -s i -l interactive -d 'Keep STDIN open even if not attached'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l ipc -d 'Default is to create a private IPC namespace (POSIX SysV IPC) for the container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l link -d 'Add link to another container in the form of <name|id>:alias'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -s m -l memory -d 'Memory limit (format: <number>[<unit>], where unit = b, k, m or g)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l mac-address -d 'Container MAC address (e.g. 92:d0:c6:0a:29:33)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l memory-swap -d "Total memory usage (memory + swap), set '-1' to disable swap (format: <number>[<unit>], where unit = b, k, m or g)"
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l name -d 'Assign a name to the container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l net -d 'Set the Network mode for the container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -s P -l publish-all -d 'Publish all exposed ports to random ports on the host interfaces'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -s p -l publish -d "Publish a container's port to the host"
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l pid -d 'Default is to create a private PID namespace for the container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l privileged -d 'Give extended privileges to this container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l read-only -d "Mount the container's root filesystem as read only"
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l restart -d 'Restart policy to apply when a container exits (no, on-failure[:max-retry], always)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l security-opt -d 'Security Options'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -s t -l tty -d 'Allocate a pseudo-TTY'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -s u -l user -d 'Username or UID'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -s v -l volume -d 'Bind mount a volume (e.g., from the host: -v /host:/container, from Docker: -v /container)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l volumes-from -d 'Mount volumes from the specified container(s)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -s w -l workdir -d 'Working directory inside the container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -a '(__fish_print_docker_images)' -d "Image"
+
+# diff
+complete -c docker -f -n '__fish_docker_no_subcommand' -a diff -d "Inspect changes on a container's filesystem"
+complete -c docker -A -f -n '__fish_seen_subcommand_from diff' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from diff' -a '(__fish_print_docker_containers all)' -d "Container"
+
+# events
+complete -c docker -f -n '__fish_docker_no_subcommand' -a events -d 'Get real time events from the server'
+complete -c docker -A -f -n '__fish_seen_subcommand_from events' -s f -l filter -d "Provide filter values (i.e., 'event=stop')"
+complete -c docker -A -f -n '__fish_seen_subcommand_from events' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from events' -l since -d 'Show all events created since timestamp'
+complete -c docker -A -f -n '__fish_seen_subcommand_from events' -l until -d 'Stream events until this timestamp'
+
+# exec
+complete -c docker -f -n '__fish_docker_no_subcommand' -a exec -d 'Run a command in a running container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from exec' -s d -l detach -d 'Detached mode: run command in the background'
+complete -c docker -A -f -n '__fish_seen_subcommand_from exec' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from exec' -s i -l interactive -d 'Keep STDIN open even if not attached'
+complete -c docker -A -f -n '__fish_seen_subcommand_from exec' -s t -l tty -d 'Allocate a pseudo-TTY'
+complete -c docker -A -f -n '__fish_seen_subcommand_from exec' -a '(__fish_print_docker_containers running)' -d "Container"
+
+# export
+complete -c docker -f -n '__fish_docker_no_subcommand' -a export -d 'Stream the contents of a container as a tar archive'
+complete -c docker -A -f -n '__fish_seen_subcommand_from export' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from export' -a '(__fish_print_docker_containers all)' -d "Container"
+
+# history
+complete -c docker -f -n '__fish_docker_no_subcommand' -a history -d 'Show the history of an image'
+complete -c docker -A -f -n '__fish_seen_subcommand_from history' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from history' -l no-trunc -d "Don't truncate output"
+complete -c docker -A -f -n '__fish_seen_subcommand_from history' -s q -l quiet -d 'Only show numeric IDs'
+complete -c docker -A -f -n '__fish_seen_subcommand_from history' -a '(__fish_print_docker_images)' -d "Image"
+
+# images
+complete -c docker -f -n '__fish_docker_no_subcommand' -a images -d 'List images'
+complete -c docker -A -f -n '__fish_seen_subcommand_from images' -s a -l all -d 'Show all images (by default filter out the intermediate image layers)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from images' -s f -l filter -d "Provide filter values (i.e., 'dangling=true')"
+complete -c docker -A -f -n '__fish_seen_subcommand_from images' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from images' -l no-trunc -d "Don't truncate output"
+complete -c docker -A -f -n '__fish_seen_subcommand_from images' -s q -l quiet -d 'Only show numeric IDs'
+complete -c docker -A -f -n '__fish_seen_subcommand_from images' -a '(__fish_print_docker_repositories)' -d "Repository"
+
+# import
+complete -c docker -f -n '__fish_docker_no_subcommand' -a import -d 'Create a new filesystem image from the contents of a tarball'
+complete -c docker -A -f -n '__fish_seen_subcommand_from import' -l help -d 'Print usage'
+
+# info
+complete -c docker -f -n '__fish_docker_no_subcommand' -a info -d 'Display system-wide information'
+
+# inspect
+complete -c docker -f -n '__fish_docker_no_subcommand' -a inspect -d 'Return low-level information on a container or image'
+complete -c docker -A -f -n '__fish_seen_subcommand_from inspect' -s f -l format -d 'Format the output using the given go template.'
+complete -c docker -A -f -n '__fish_seen_subcommand_from inspect' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from inspect' -s s -l size -d 'Display total file sizes if the type is container.'
+complete -c docker -A -f -n '__fish_seen_subcommand_from inspect' -a '(__fish_print_docker_images)' -d "Image"
+complete -c docker -A -f -n '__fish_seen_subcommand_from inspect' -a '(__fish_print_docker_containers all)' -d "Container"
+
+# kill
+complete -c docker -f -n '__fish_docker_no_subcommand' -a kill -d 'Kill a running container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from kill' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from kill' -s s -l signal -d 'Signal to send to the container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from kill' -a '(__fish_print_docker_containers running)' -d "Container"
+
+# load
+complete -c docker -f -n '__fish_docker_no_subcommand' -a load -d 'Load an image from a tar archive'
+complete -c docker -A -f -n '__fish_seen_subcommand_from load' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from load' -s i -l input -d 'Read from a tar archive file, instead of STDIN'
+
+# login
+complete -c docker -f -n '__fish_docker_no_subcommand' -a login -d 'Log in to a Docker registry server'
+complete -c docker -A -f -n '__fish_seen_subcommand_from login' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from login' -s p -l password -d 'Password'
+complete -c docker -A -f -n '__fish_seen_subcommand_from login' -s u -l username -d 'Username'
+
+# logout
+complete -c docker -f -n '__fish_docker_no_subcommand' -a logout -d 'Log out from a Docker registry server'
+
+# logs
+complete -c docker -f -n '__fish_docker_no_subcommand' -a logs -d 'Fetch the logs of a container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from logs' -s f -l follow -d 'Follow log output'
+complete -c docker -A -f -n '__fish_seen_subcommand_from logs' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from logs' -s t -l timestamps -d 'Show timestamps'
+complete -c docker -A -f -n '__fish_seen_subcommand_from logs' -l since -d 'Show logs since timestamp'
+complete -c docker -A -f -n '__fish_seen_subcommand_from logs' -l tail -d 'Output the specified number of lines at the end of logs (defaults to all logs)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from logs' -a '(__fish_print_docker_containers running)' -d "Container"
+
+# port
+complete -c docker -f -n '__fish_docker_no_subcommand' -a port -d 'Lookup the public-facing port that is NAT-ed to PRIVATE_PORT'
+complete -c docker -A -f -n '__fish_seen_subcommand_from port' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from port' -a '(__fish_print_docker_containers running)' -d "Container"
+
+# pause
+complete -c docker -f -n '__fish_docker_no_subcommand' -a pause -d 'Pause all processes within a container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from pause' -a '(__fish_print_docker_containers running)' -d "Container"
+
+# ps
+complete -c docker -f -n '__fish_docker_no_subcommand' -a ps -d 'List containers'
+complete -c docker -A -f -n '__fish_seen_subcommand_from ps' -s a -l all -d 'Show all containers. Only running containers are shown by default.'
+complete -c docker -A -f -n '__fish_seen_subcommand_from ps' -l before -d 'Show only container created before Id or Name, include non-running ones.'
+complete -c docker -A -f -n '__fish_seen_subcommand_from ps' -s f -l filter -d 'Provide filter values. Valid filters:'
+complete -c docker -A -f -n '__fish_seen_subcommand_from ps' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from ps' -s l -l latest -d 'Show only the latest created container, include non-running ones.'
+complete -c docker -A -f -n '__fish_seen_subcommand_from ps' -s n -d 'Show n last created containers, include non-running ones.'
+complete -c docker -A -f -n '__fish_seen_subcommand_from ps' -l no-trunc -d "Don't truncate output"
+complete -c docker -A -f -n '__fish_seen_subcommand_from ps' -s q -l quiet -d 'Only display numeric IDs'
+complete -c docker -A -f -n '__fish_seen_subcommand_from ps' -s s -l size -d 'Display total file sizes'
+complete -c docker -A -f -n '__fish_seen_subcommand_from ps' -l since -d 'Show only containers created since Id or Name, include non-running ones.'
+
+# pull
+complete -c docker -f -n '__fish_docker_no_subcommand' -a pull -d 'Pull an image or a repository from a Docker registry server'
+complete -c docker -A -f -n '__fish_seen_subcommand_from pull' -s a -l all-tags -d 'Download all tagged images in the repository'
+complete -c docker -A -f -n '__fish_seen_subcommand_from pull' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from pull' -a '(__fish_print_docker_images)' -d "Image"
+complete -c docker -A -f -n '__fish_seen_subcommand_from pull' -a '(__fish_print_docker_repositories)' -d "Repository"
+
+# push
+complete -c docker -f -n '__fish_docker_no_subcommand' -a push -d 'Push an image or a repository to a Docker registry server'
+complete -c docker -A -f -n '__fish_seen_subcommand_from push' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from push' -a '(__fish_print_docker_images)' -d "Image"
+complete -c docker -A -f -n '__fish_seen_subcommand_from push' -a '(__fish_print_docker_repositories)' -d "Repository"
+
+# rename
+complete -c docker -f -n '__fish_docker_no_subcommand' -a rename -d 'Rename an existing container'
+
+# restart
+complete -c docker -f -n '__fish_docker_no_subcommand' -a restart -d 'Restart a container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from restart' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from restart' -s t -l time -d 'Number of seconds to try to stop for before killing the container. Once killed it will then be restarted. Default is 10 seconds.'
+complete -c docker -A -f -n '__fish_seen_subcommand_from restart' -a '(__fish_print_docker_containers running)' -d "Container"
+
+# rm
+complete -c docker -f -n '__fish_docker_no_subcommand' -a rm -d 'Remove one or more containers'
+complete -c docker -A -f -n '__fish_seen_subcommand_from rm' -s f -l force -d 'Force the removal of a running container (uses SIGKILL)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from rm' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from rm' -s l -l link -d 'Remove the specified link and not the underlying container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from rm' -s v -l volumes -d 'Remove the volumes associated with the container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from rm' -a '(__fish_print_docker_containers stopped)' -d "Container"
+complete -c docker -A -f -n '__fish_seen_subcommand_from rm' -s f -l force -a '(__fish_print_docker_containers all)' -d "Container"
+
+# rmi
+complete -c docker -f -n '__fish_docker_no_subcommand' -a rmi -d 'Remove one or more images'
+complete -c docker -A -f -n '__fish_seen_subcommand_from rmi' -s f -l force -d 'Force removal of the image'
+complete -c docker -A -f -n '__fish_seen_subcommand_from rmi' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from rmi' -l no-prune -d 'Do not delete untagged parents'
+complete -c docker -A -f -n '__fish_seen_subcommand_from rmi' -a '(__fish_print_docker_images)' -d "Image"
+
+# run
+complete -c docker -f -n '__fish_docker_no_subcommand' -a run -d 'Run a command in a new container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -s a -l attach -d 'Attach to STDIN, STDOUT or STDERR.'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l add-host -d 'Add a custom host-to-IP mapping (host:ip)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -s c -l cpu-shares -d 'CPU shares (relative weight)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l cap-add -d 'Add Linux capabilities'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l cap-drop -d 'Drop Linux capabilities'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l cidfile -d 'Write the container ID to the file'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l cpuset -d 'CPUs in which to allow execution (0-3, 0,1)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -s d -l detach -d 'Detached mode: run the container in the background and print the new container ID'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l device -d 'Add a host device to the container (e.g. --device=/dev/sdc:/dev/xvdc:rwm)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l dns -d 'Set custom DNS servers'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l dns-opt -d "Set custom DNS options (Use --dns-opt='' if you don't wish to set options)"
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l dns-search -d "Set custom DNS search domains (Use --dns-search=. if you don't wish to set the search domain)"
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -s e -l env -d 'Set environment variables'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l entrypoint -d 'Overwrite the default ENTRYPOINT of the image'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l env-file -d 'Read in a line delimited file of environment variables'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l expose -d 'Expose a port or a range of ports (e.g. --expose=3300-3310) from the container without publishing it to your host'
+complete -c docker -A -f -n '__fish_seen_subcommand_from create' -l group-add -d 'Add additional groups to run as'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -s h -l hostname -d 'Container host name'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -s i -l interactive -d 'Keep STDIN open even if not attached'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l ipc -d 'Default is to create a private IPC namespace (POSIX SysV IPC) for the container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l link -d 'Add link to another container in the form of <name|id>:alias'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -s m -l memory -d 'Memory limit (format: <number>[<unit>], where unit = b, k, m or g)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l mac-address -d 'Container MAC address (e.g. 92:d0:c6:0a:29:33)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l memory-swap -d "Total memory usage (memory + swap), set '-1' to disable swap (format: <number>[<unit>], where unit = b, k, m or g)"
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l name -d 'Assign a name to the container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l net -d 'Set the Network mode for the container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -s P -l publish-all -d 'Publish all exposed ports to random ports on the host interfaces'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -s p -l publish -d "Publish a container's port to the host"
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l pid -d 'Default is to create a private PID namespace for the container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l privileged -d 'Give extended privileges to this container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l read-only -d "Mount the container's root filesystem as read only"
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l restart -d 'Restart policy to apply when a container exits (no, on-failure[:max-retry], always)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l rm -d 'Automatically remove the container when it exits (incompatible with -d)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l security-opt -d 'Security Options'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l sig-proxy -d 'Proxy received signals to the process (non-TTY mode only). SIGCHLD, SIGSTOP, and SIGKILL are not proxied.'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l stop-signal -d 'Signal to kill a container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -s t -l tty -d 'Allocate a pseudo-TTY'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -s u -l user -d 'Username or UID'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l tmpfs -d 'Mount tmpfs on a directory'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -s v -l volume -d 'Bind mount a volume (e.g., from the host: -v /host:/container, from Docker: -v /container)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -l volumes-from -d 'Mount volumes from the specified container(s)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -s w -l workdir -d 'Working directory inside the container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from run' -a '(__fish_print_docker_images)' -d "Image"
+
+# save
+complete -c docker -f -n '__fish_docker_no_subcommand' -a save -d 'Save an image to a tar archive'
+complete -c docker -A -f -n '__fish_seen_subcommand_from save' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from save' -s o -l output -d 'Write to an file, instead of STDOUT'
+complete -c docker -A -f -n '__fish_seen_subcommand_from save' -a '(__fish_print_docker_images)' -d "Image"
+
+# search
+complete -c docker -f -n '__fish_docker_no_subcommand' -a search -d 'Search for an image on the registry (defaults to the Docker Hub)'
+complete -c docker -A -f -n '__fish_seen_subcommand_from search' -l automated -d 'Only show automated builds'
+complete -c docker -A -f -n '__fish_seen_subcommand_from search' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from search' -l no-trunc -d "Don't truncate output"
+complete -c docker -A -f -n '__fish_seen_subcommand_from search' -s s -l stars -d 'Only displays with at least x stars'
+
+# start
+complete -c docker -f -n '__fish_docker_no_subcommand' -a start -d 'Start a container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from start' -s a -l attach -d "Attach container's STDOUT and STDERR and forward all signals to the process"
+complete -c docker -A -f -n '__fish_seen_subcommand_from start' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from start' -s i -l interactive -d "Attach container's STDIN"
+complete -c docker -A -f -n '__fish_seen_subcommand_from start' -a '(__fish_print_docker_containers stopped)' -d "Container"
+
+# stats
+complete -c docker -f -n '__fish_docker_no_subcommand' -a stats -d "Display a live stream of one or more containers' resource usage statistics"
+complete -c docker -A -f -n '__fish_seen_subcommand_from stats' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from stats' -l no-stream -d 'Disable streaming stats and only pull the first result'
+complete -c docker -A -f -n '__fish_seen_subcommand_from stats' -a '(__fish_print_docker_containers running)' -d "Container"
+
+# stop
+complete -c docker -f -n '__fish_docker_no_subcommand' -a stop -d 'Stop a container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from stop' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from stop' -s t -l time -d 'Number of seconds to wait for the container to stop before killing it. Default is 10 seconds.'
+complete -c docker -A -f -n '__fish_seen_subcommand_from stop' -a '(__fish_print_docker_containers running)' -d "Container"
+
+# tag
+complete -c docker -f -n '__fish_docker_no_subcommand' -a tag -d 'Tag an image into a repository'
+complete -c docker -A -f -n '__fish_seen_subcommand_from tag' -s f -l force -d 'Force'
+complete -c docker -A -f -n '__fish_seen_subcommand_from tag' -l help -d 'Print usage'
+
+# top
+complete -c docker -f -n '__fish_docker_no_subcommand' -a top -d 'Lookup the running processes of a container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from top' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from top' -a '(__fish_print_docker_containers running)' -d "Container"
+
+# unpause
+complete -c docker -f -n '__fish_docker_no_subcommand' -a unpause -d 'Unpause a paused container'
+complete -c docker -A -f -n '__fish_seen_subcommand_from unpause' -a '(__fish_print_docker_containers running)' -d "Container"
+
+# version
+complete -c docker -f -n '__fish_docker_no_subcommand' -a version -d 'Show the Docker version information'
+
+# wait
+complete -c docker -f -n '__fish_docker_no_subcommand' -a wait -d 'Block until a container stops, then print its exit code'
+complete -c docker -A -f -n '__fish_seen_subcommand_from wait' -l help -d 'Print usage'
+complete -c docker -A -f -n '__fish_seen_subcommand_from wait' -a '(__fish_print_docker_containers running)' -d "Container"
diff --git a/contrib/completion/powershell/posh-docker.psm1 b/contrib/completion/powershell/posh-docker.psm1
new file mode 100644
index 00000000..c0d6cc6b
--- /dev/null
+++ b/contrib/completion/powershell/posh-docker.psm1
@@ -0,0 +1,179 @@
+# Powershell completion for docker
+
+### Prerequisite
+# Docker.exe needs to be in your PATH.
+# If the command is not found, you will need to add a docker alias or add the docker installation folder (e.g. `%ProgramFiles%\Docker Toolbox`) to your PATH environment variable.
+
+### Installation (Latest stable)
+# Windows 10 / Windows Server 2016: 
+# 1. Open a powershell prompt
+# 2. Run `Install-Module -Scope CurrentUser posh-docker`
+#
+# Earlier Windows versions:
+# 1. Install [PackageManagement PowerShell Modules Preview](https://www.microsoft.com/en-us/download/details.aspx?id=49186)
+# 2. Open a powershell prompt
+# 3. Run `Install-Module -Scope CurrentUser posh-docker`
+
+### Installation (From source)
+# Copy this file to the %userprofile%\Documents\WindowsPowerShell\Modules\posh-docker directory (create directories as needed)
+
+### Usage
+# After installation, execute the following line to enable autocompletion for the current powershell session:
+#
+# Import-Module posh-docker
+#
+# To make it persistent, add the above line to your profile. For example, run `notepad $PROFILE` and insert the line above.
+
+$global:DockerCompletion = @{}
+
+$script:flagRegex = "^  (-[^, =]+),? ?(--[^= ]+)?"
+
+function script:Get-Containers($filter)
+{
+    if ($filter -eq $null)
+    {
+       docker ps -a --no-trunc --format "{{.Names}}"
+    } else {
+       docker ps -a --no-trunc --format "{{.Names}}" --filter $filter
+    }
+}
+
+function script:Get-AutoCompleteResult
+{
+    param([Parameter(ValueFromPipeline=$true)] $value)
+    
+    Process
+    {
+        New-Object System.Management.Automation.CompletionResult $value
+    }
+}
+
+filter script:MatchingCommand($commandName)
+{
+    if ($_.StartsWith($commandName))
+    {
+        $_
+    }
+}
+
+$completion_Docker = {
+    param($commandName, $commandAst, $cursorPosition)
+
+    $command = $null
+    $commandParameters = @{}
+    $state = "Unknown"
+    $wordToComplete = $commandAst.CommandElements | Where-Object { $_.ToString() -eq $commandName } | Foreach-Object { $commandAst.CommandElements.IndexOf($_) }
+
+    for ($i=1; $i -lt $commandAst.CommandElements.Count; $i++)
+    {
+        $p = $commandAst.CommandElements[$i].ToString()
+
+        if ($p.StartsWith("-"))
+        {
+            if ($state -eq "Unknown" -or $state -eq "Options")
+            {
+                $commandParameters[$i] = "Option"
+                $state = "Options"
+            }
+            else
+            {
+                $commandParameters[$i] = "CommandOption"
+                $state = "CommandOptions"
+            }
+        } 
+        else 
+        {
+            if ($state -ne "CommandOptions")
+            {
+                $commandParameters[$i] = "Command"
+                $command = $p
+                $state = "CommandOptions"
+            } 
+            else 
+            {
+                $commandParameters[$i] = "CommandOther"
+            }
+        }
+    }
+
+    if ($global:DockerCompletion.Count -eq 0)
+    {
+        $global:DockerCompletion["commands"] = @{}
+        $global:DockerCompletion["options"] = @()
+        
+        docker --help | ForEach-Object {
+            Write-Output $_
+            if ($_ -match "^    (\w+)\s+(.+)")
+            {
+                $global:DockerCompletion["commands"][$Matches[1]] = @{}
+                
+                $currentCommand = $global:DockerCompletion["commands"][$Matches[1]]
+                $currentCommand["options"] = @()
+            }
+            elseif ($_ -match $flagRegex)
+            {
+                $global:DockerCompletion["options"] += $Matches[1]
+                if ($Matches[2] -ne $null)
+                {
+                    $global:DockerCompletion["options"] += $Matches[2]
+                 }
+            }
+        }
+
+    }
+    
+    if ($wordToComplete -eq $null)
+    {
+        $commandToComplete = "Command"
+        if ($commandParameters.Count -gt 0)
+        {
+            if ($commandParameters[$commandParameters.Count] -eq "Command")
+            {
+                $commandToComplete = "CommandOther"
+            }
+        } 
+    } else {
+        $commandToComplete = $commandParameters[$wordToComplete]
+    }
+
+    switch ($commandToComplete)
+    {
+        "Command" { $global:DockerCompletion["commands"].Keys | MatchingCommand -Command $commandName | Sort-Object | Get-AutoCompleteResult }
+        "Option" { $global:DockerCompletion["options"] | MatchingCommand -Command $commandName | Sort-Object | Get-AutoCompleteResult }
+        "CommandOption" { 
+            $options = $global:DockerCompletion["commands"][$command]["options"]
+            if ($options.Count -eq 0)
+            {
+                docker $command --help | % {
+                if ($_ -match $flagRegex)
+                    {
+                        $options += $Matches[1]
+                        if ($Matches[2] -ne $null)
+                        {
+                            $options += $Matches[2]
+                        }
+                    }
+                }
+            }
+
+            $global:DockerCompletion["commands"][$command]["options"] = $options
+            $options | MatchingCommand -Command $commandName | Sort-Object | Get-AutoCompleteResult
+        }
+        "CommandOther" {
+            $filter = $null 
+            switch ($command)
+            {
+                "start" { $filter = "status=exited" }
+                "stop" { $filter = "status=running" }
+            }
+            Get-Containers $filter | MatchingCommand -Command $commandName | Sort-Object | Get-AutoCompleteResult
+        }
+        default { $global:DockerCompletion["commands"].Keys | MatchingCommand -Command $commandName }
+    }
+}
+
+# Register the TabExpension2 function
+if (-not $global:options) { $global:options = @{CustomArgumentCompleters = @{};NativeArgumentCompleters = @{}}}
+$global:options['NativeArgumentCompleters']['docker'] = $Completion_Docker
+
+$function:tabexpansion2 = $function:tabexpansion2 -replace 'End\r\n{','End { if ($null -ne $options) { $options += $global:options} else {$options = $global:options}'
\ No newline at end of file
diff --git a/contrib/completion/zsh/REVIEWERS b/contrib/completion/zsh/REVIEWERS
new file mode 100644
index 00000000..03ee2dde
--- /dev/null
+++ b/contrib/completion/zsh/REVIEWERS
@@ -0,0 +1,2 @@
+Tianon Gravi <admwiggin@gmail.com> (@tianon)
+Jessie Frazelle <jess@docker.com> (@jfrazelle)
diff --git a/contrib/completion/zsh/_docker b/contrib/completion/zsh/_docker
new file mode 100644
index 00000000..cb007b90
--- /dev/null
+++ b/contrib/completion/zsh/_docker
@@ -0,0 +1,1160 @@
+#compdef docker
+#
+# zsh completion for docker (http://docker.com)
+#
+# version:  0.3.0
+# github:   https://github.com/felixr/docker-zsh-completion
+#
+# contributors:
+#   - Felix Riedel
+#   - Steve Durrheimer
+#   - Vincent Bernat
+#
+# license:
+#
+# Copyright (c) 2013, Felix Riedel
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#     * Redistributions of source code must retain the above copyright
+#       notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above copyright
+#       notice, this list of conditions and the following disclaimer in the
+#       documentation and/or other materials provided with the distribution.
+#     * Neither the name of the <organization> nor the
+#       names of its contributors may be used to endorse or promote products
+#       derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+
+# Short-option stacking can be enabled with:
+#  zstyle ':completion:*:*:docker:*' option-stacking yes
+#  zstyle ':completion:*:*:docker-*:*' option-stacking yes
+__docker_arguments() {
+    if zstyle -t ":completion:${curcontext}:" option-stacking; then
+        print -- -s
+    fi
+}
+
+__docker_get_containers() {
+    [[ $PREFIX = -* ]] && return 1
+    integer ret=1
+    local kind type line s
+    declare -a running stopped lines args names
+
+    kind=$1; shift
+    type=$1; shift
+    [[ $kind = (stopped|all) ]] && args=($args -a)
+
+    lines=(${(f)"$(_call_program commands docker $docker_options ps --no-trunc $args)"})
+
+    # Parse header line to find columns
+    local i=1 j=1 k header=${lines[1]}
+    declare -A begin end
+    while (( j < ${#header} - 1 )); do
+        i=$(( j + ${${header[$j,-1]}[(i)[^ ]]} - 1 ))
+        j=$(( i + ${${header[$i,-1]}[(i)  ]} - 1 ))
+        k=$(( j + ${${header[$j,-1]}[(i)[^ ]]} - 2 ))
+        begin[${header[$i,$((j-1))]}]=$i
+        end[${header[$i,$((j-1))]}]=$k
+    done
+    end[${header[$i,$((j-1))]}]=-1 # Last column, should go to the end of the line
+    lines=(${lines[2,-1]})
+
+    # Container ID
+    if [[ $type = (ids|all) ]]; then
+        for line in $lines; do
+            s="${${line[${begin[CONTAINER ID]},${end[CONTAINER ID]}]%% ##}[0,12]}"
+            s="$s:${(l:15:: :::)${${line[${begin[CREATED]},${end[CREATED]}]/ ago/}%% ##}}"
+            s="$s, ${${${line[${begin[IMAGE]},${end[IMAGE]}]}/:/\\:}%% ##}"
+            if [[ ${line[${begin[STATUS]},${end[STATUS]}]} = Exit* ]]; then
+                stopped=($stopped $s)
+            else
+                running=($running $s)
+            fi
+        done
+    fi
+
+    # Names: we only display the one without slash. All other names
+    # are generated and may clutter the completion. However, with
+    # Swarm, all names may be prefixed by the swarm node name.
+    if [[ $type = (names|all) ]]; then
+        for line in $lines; do
+            names=(${(ps:,:)${${line[${begin[NAMES]},${end[NAMES]}]}%% *}})
+            # First step: find a common prefix and strip it (swarm node case)
+            (( ${#${(u)names%%/*}} == 1 )) && names=${names#${names[1]%%/*}/}
+            # Second step: only keep the first name without a /
+            s=${${names:#*/*}[1]}
+            # If no name, well give up.
+            (( $#s != 0 )) || continue
+            s="$s:${(l:15:: :::)${${line[${begin[CREATED]},${end[CREATED]}]/ ago/}%% ##}}"
+            s="$s, ${${${line[${begin[IMAGE]},${end[IMAGE]}]}/:/\\:}%% ##}"
+            if [[ ${line[${begin[STATUS]},${end[STATUS]}]} = Exit* ]]; then
+                stopped=($stopped $s)
+            else
+                running=($running $s)
+            fi
+        done
+    fi
+
+    [[ $kind = (running|all) ]] && _describe -t containers-running "running containers" running "$@" && ret=0
+    [[ $kind = (stopped|all) ]] && _describe -t containers-stopped "stopped containers" stopped "$@" && ret=0
+    return ret
+}
+
+__docker_stoppedcontainers() {
+    [[ $PREFIX = -* ]] && return 1
+    __docker_get_containers stopped all "$@"
+}
+
+__docker_runningcontainers() {
+    [[ $PREFIX = -* ]] && return 1
+    __docker_get_containers running all "$@"
+}
+
+__docker_containers() {
+    [[ $PREFIX = -* ]] && return 1
+    __docker_get_containers all all "$@"
+}
+
+__docker_containers_ids() {
+    [[ $PREFIX = -* ]] && return 1
+    __docker_get_containers all ids "$@"
+}
+
+__docker_containers_names() {
+    [[ $PREFIX = -* ]] && return 1
+    __docker_get_containers all names "$@"
+}
+
+__docker_images() {
+    [[ $PREFIX = -* ]] && return 1
+    integer ret=1
+    declare -a images
+    images=(${${${(f)"$(_call_program commands docker $docker_options images)"}[2,-1]}/(#b)([^ ]##) ##([^ ]##) ##([^ ]##)*/${match[3]}:${(r:15:: :::)match[2]} in ${match[1]}})
+    _describe -t docker-images "images" images && ret=0
+    __docker_repositories_with_tags && ret=0
+    return ret
+}
+
+__docker_repositories() {
+    [[ $PREFIX = -* ]] && return 1
+    declare -a repos
+    repos=(${${${(f)"$(_call_program commands docker $docker_options images)"}%% *}[2,-1]})
+    repos=(${repos#<none>})
+    _describe -t docker-repos "repositories" repos
+}
+
+__docker_repositories_with_tags() {
+    [[ $PREFIX = -* ]] && return 1
+    integer ret=1
+    declare -a repos onlyrepos matched
+    declare m
+    repos=(${${${${(f)"$(_call_program commands docker $docker_options images)"}[2,-1]}/ ##/:::}%% *})
+    repos=(${${repos%:::<none>}#<none>})
+    # Check if we have a prefix-match for the current prefix.
+    onlyrepos=(${repos%::*})
+    for m in $onlyrepos; do
+        [[ ${PREFIX##${~~m}} != ${PREFIX} ]] && {
+            # Yes, complete with tags
+            repos=(${${repos/:::/:}/:/\\:})
+            _describe -t docker-repos-with-tags "repositories with tags" repos && ret=0
+            return ret
+        }
+    done
+    # No, only complete repositories
+    onlyrepos=(${${repos%:::*}/:/\\:})
+    _describe -t docker-repos "repositories" onlyrepos -qS : && ret=0
+
+    return ret
+}
+
+__docker_search() {
+    [[ $PREFIX = -* ]] && return 1
+    local cache_policy
+    zstyle -s ":completion:${curcontext}:" cache-policy cache_policy
+    if [[ -z "$cache_policy" ]]; then
+        zstyle ":completion:${curcontext}:" cache-policy __docker_caching_policy
+    fi
+
+    local searchterm cachename
+    searchterm="${words[$CURRENT]%/}"
+    cachename=_docker-search-$searchterm
+
+    local expl
+    local -a result
+    if ( [[ ${(P)+cachename} -eq 0 ]] || _cache_invalid ${cachename#_} ) \
+        && ! _retrieve_cache ${cachename#_}; then
+        _message "Searching for ${searchterm}..."
+        result=(${${${(f)"$(_call_program commands docker $docker_options search $searchterm)"}%% *}[2,-1]})
+        _store_cache ${cachename#_} result
+    fi
+    _wanted dockersearch expl 'available images' compadd -a result
+}
+
+__docker_get_log_options() {
+    [[ $PREFIX = -* ]] && return 1
+
+    integer ret=1
+    local log_driver=${opt_args[--log-driver]:-"all"}
+    local -a awslogs_options fluentd_options gelf_options journald_options json_file_options syslog_options splunk_options
+
+    awslogs_options=("awslogs-region" "awslogs-group" "awslogs-stream")
+    fluentd_options=("env" "fluentd-address" "fluentd-async-connect" "fluentd-buffer-limit" "fluentd-retry-wait" "fluentd-max-retries" "labels" "tag")
+    gcplogs_options=("env" "gcp-log-cmd" "gcp-project" "labels")
+    gelf_options=("env" "gelf-address" "gelf-compression-level" "gelf-compression-type" "labels" "tag")
+    journald_options=("env" "labels" "tag")
+    json_file_options=("env" "labels" "max-file" "max-size")
+    syslog_options=("syslog-address" "syslog-format" "syslog-tls-ca-cert" "syslog-tls-cert" "syslog-tls-key" "syslog-tls-skip-verify" "syslog-facility" "tag")
+    splunk_options=("env" "labels" "splunk-caname" "splunk-capath" "splunk-index" "splunk-insecureskipverify" "splunk-source" "splunk-sourcetype" "splunk-token" "splunk-url" "tag")
+
+    [[ $log_driver = (awslogs|all) ]] && _describe -t awslogs-options "awslogs options" awslogs_options "$@" && ret=0
+    [[ $log_driver = (fluentd|all) ]] && _describe -t fluentd-options "fluentd options" fluentd_options "$@" && ret=0
+    [[ $log_driver = (gcplogs|all) ]] && _describe -t gcplogs-options "gcplogs options" gcplogs_options "$@" && ret=0
+    [[ $log_driver = (gelf|all) ]] && _describe -t gelf-options "gelf options" gelf_options "$@" && ret=0
+    [[ $log_driver = (journald|all) ]] && _describe -t journald-options "journald options" journald_options "$@" && ret=0
+    [[ $log_driver = (json-file|all) ]] && _describe -t json-file-options "json-file options" json_file_options "$@" && ret=0
+    [[ $log_driver = (syslog|all) ]] && _describe -t syslog-options "syslog options" syslog_options "$@" && ret=0
+    [[ $log_driver = (splunk|all) ]] && _describe -t splunk-options "splunk options" splunk_options "$@" && ret=0
+
+    return ret
+}
+
+__docker_log_options() {
+    [[ $PREFIX = -* ]] && return 1
+    integer ret=1
+
+    if compset -P '*='; then
+        case "${${words[-1]%=*}#*=}" in
+            (syslog-format)
+                syslog_format_opts=('rfc3164' 'rfc5424')
+                _describe -t syslog-format-opts "Syslog format Options" syslog_format_opts && ret=0
+                ;;
+            *)
+                _message 'value' && ret=0
+                ;;
+        esac
+    else
+        __docker_get_log_options -qS "=" && ret=0
+    fi
+
+    return ret
+}
+
+__docker_complete_detach_keys() {
+    [[ $PREFIX = -* ]] && return 1
+    integer ret=1
+
+    compset -P "*,"
+    keys=(${:-{a-z}})
+    ctrl_keys=(${:-ctrl-{{a-z},{@,'[','\\','^',']',_}}})
+    _describe -t detach_keys "[a-z]" keys -qS "," && ret=0
+    _describe -t detach_keys-ctrl "'ctrl-' + 'a-z @ [ \\\\ ] ^ _'" ctrl_keys -qS "," && ret=0
+}
+
+__docker_complete_ps_filters() {
+    [[ $PREFIX = -* ]] && return 1
+    integer ret=1
+
+    if compset -P '*='; then
+        case "${${words[-1]%=*}#*=}" in
+            (ancestor)
+                __docker_images && ret=0
+                ;;
+            (before|since)
+                __docker_containers && ret=0
+                ;;
+            (id)
+                __docker_containers_ids && ret=0
+                ;;
+            (name)
+                __docker_containers_names && ret=0
+                ;;
+            (status)
+                status_opts=('created' 'dead' 'exited' 'paused' 'restarting' 'running')
+                _describe -t status-filter-opts "Status Filter Options" status_opts && ret=0
+                ;;
+            (volume)
+                __docker_volumes && ret=0
+                ;;
+            *)
+                _message 'value' && ret=0
+                ;;
+        esac
+    else
+        opts=('ancestor' 'before' 'exited' 'id' 'label' 'name' 'since' 'status' 'volume')
+        _describe -t filter-opts "Filter Options" opts -qS "=" && ret=0
+    fi
+
+    return ret
+}
+
+__docker_networks() {
+    [[ $PREFIX = -* ]] && return 1
+    integer ret=1
+    declare -a lines networks
+
+    lines=(${(f)"$(_call_program commands docker $docker_options network ls)"})
+
+    # Parse header line to find columns
+    local i=1 j=1 k header=${lines[1]}
+    declare -A begin end
+    while (( j < ${#header} - 1 )); do
+        i=$(( j + ${${header[$j,-1]}[(i)[^ ]]} - 1 ))
+        j=$(( i + ${${header[$i,-1]}[(i)  ]} - 1 ))
+        k=$(( j + ${${header[$j,-1]}[(i)[^ ]]} - 2 ))
+        begin[${header[$i,$((j-1))]}]=$i
+        end[${header[$i,$((j-1))]}]=$k
+    done
+    end[${header[$i,$((j-1))]}]=-1
+    lines=(${lines[2,-1]})
+
+    # Network ID
+    local line s
+    for line in $lines; do
+        s="${line[${begin[NETWORK ID]},${end[NETWORK ID]}]%% ##}"
+        s="$s:${(l:7:: :::)${${line[${begin[DRIVER]},${end[DRIVER]}]}%% ##}}"
+        networks=($networks $s)
+    done
+
+    # Names
+    for line in $lines; do
+        s="${line[${begin[NAME]},${end[NAME]}]%% ##}"
+        s="$s:${(l:7:: :::)${${line[${begin[DRIVER]},${end[DRIVER]}]}%% ##}}"
+        networks=($networks $s)
+    done
+
+    _describe -t networks-list "networks" networks && ret=0
+    return ret
+}
+
+__docker_network_commands() {
+    local -a _docker_network_subcommands
+    _docker_network_subcommands=(
+        "connect:onnects a container to a network"
+        "create:Creates a new network with a name specified by the user"
+        "disconnect:Disconnects a container from a network"
+        "inspect:Displays detailed information on a network"
+        "ls:Lists all the networks created by the user"
+        "rm:Deletes one or more networks"
+    )
+    _describe -t docker-network-commands "docker network command" _docker_network_subcommands
+}
+
+__docker_network_subcommand() {
+    local -a _command_args opts_help
+    local expl help="--help"
+    integer ret=1
+
+    opts_help=("(: -)--help[Print usage]")
+
+    case "$words[1]" in
+        (connect)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help)*--alias=[Add network-scoped alias for the container]:alias: " \
+                "($help)--ip=[Container IPv4 address]:IPv4: " \
+                "($help)--ip6=[Container IPv6 address]:IPv6: " \
+                "($help)*--link=[Add a link to another container]:link:->link" \
+                "($help -)1:network:__docker_networks" \
+                "($help -)2:containers:__docker_containers" && ret=0
+
+            case $state in
+                (link)
+                    if compset -P "*:"; then
+                        _wanted alias expl "Alias" compadd -E "" && ret=0
+                    else
+                        __docker_runningcontainers -qS ":" && ret=0
+                    fi
+                    ;;
+            esac
+            ;;
+        (create)
+            _arguments $(__docker_arguments) -A '-*' \
+                $opts_help \
+                "($help)*--aux-address[Auxiliary IPv4 or IPv6 addresses used by network driver]:key=IP: " \
+                "($help -d --driver)"{-d=,--driver=}"[Driver to manage the Network]:driver:(null host bridge overlay)" \
+                "($help)*--gateway=[IPv4 or IPv6 Gateway for the master subnet]:IP: " \
+                "($help)--internal[Restricts external access to the network]" \
+                "($help)*--ip-range=[Allocate container ip from a sub-range]:IP/mask: " \
+                "($help)--ipam-driver=[IP Address Management Driver]:driver:(default)" \
+                "($help)*--ipam-opt=[Custom IPAM plugin options]:opt=value: " \
+                "($help)--ipv6[Enable IPv6 networking]" \
+                "($help)*--label=[Set metadata on a network]:label=value: " \
+                "($help)*"{-o=,--opt=}"[Driver specific options]:opt=value: " \
+                "($help)*--subnet=[Subnet in CIDR format that represents a network segment]:IP/mask: " \
+                "($help -)1:Network Name: " && ret=0
+            ;;
+        (disconnect)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -)1:network:__docker_networks" \
+                "($help -)2:containers:__docker_containers" && ret=0
+            ;;
+        (inspect)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -f --format)"{-f=,--format=}"[Format the output using the given go template]:template: " \
+                "($help -)*:network:__docker_networks" && ret=0
+            ;;
+        (ls)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help)--no-trunc[Do not truncate the output]" \
+                "($help -q --quiet)"{-q,--quiet}"[Only display numeric IDs]" && ret=0
+            ;;
+        (rm)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -)*:network:__docker_networks" && ret=0
+            ;;
+        (help)
+            _arguments $(__docker_arguments) ":subcommand:__docker_network_commands" && ret=0
+            ;;
+    esac
+
+    return ret
+}
+
+__docker_volumes() {
+    [[ $PREFIX = -* ]] && return 1
+    integer ret=1
+    declare -a lines volumes
+
+    lines=(${(f)"$(_call_program commands docker $docker_options volume ls)"})
+
+    # Parse header line to find columns
+    local i=1 j=1 k header=${lines[1]}
+    declare -A begin end
+    while (( j < ${#header} - 1 )); do
+        i=$(( j + ${${header[$j,-1]}[(i)[^ ]]} - 1 ))
+        j=$(( i + ${${header[$i,-1]}[(i)  ]} - 1 ))
+        k=$(( j + ${${header[$j,-1]}[(i)[^ ]]} - 2 ))
+        begin[${header[$i,$((j-1))]}]=$i
+        end[${header[$i,$((j-1))]}]=$k
+    done
+    end[${header[$i,$((j-1))]}]=-1
+    lines=(${lines[2,-1]})
+
+    # Names
+    local line s
+    for line in $lines; do
+        s="${line[${begin[VOLUME NAME]},${end[VOLUME NAME]}]%% ##}"
+        s="$s:${(l:7:: :::)${${line[${begin[DRIVER]},${end[DRIVER]}]}%% ##}}"
+        volumes=($volumes $s)
+    done
+
+    _describe -t volumes-list "volumes" volumes && ret=0
+    return ret
+}
+
+__docker_volume_commands() {
+    local -a _docker_volume_subcommands
+    _docker_volume_subcommands=(
+        "create:Create a volume"
+        "inspect:Return low-level information on a volume"
+        "ls:List volumes"
+        "rm:Remove a volume"
+    )
+    _describe -t docker-volume-commands "docker volume command" _docker_volume_subcommands
+}
+
+__docker_volume_subcommand() {
+    local -a _command_args opts_help
+    local expl help="--help"
+    integer ret=1
+
+    opts_help=("(: -)--help[Print usage]")
+
+    case "$words[1]" in
+        (create)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -d --driver)"{-d=,--driver=}"[Volume driver name]:Driver name:(local)" \
+                "($help)*--label=[Set metadata for a volume]:label=value: " \
+                "($help)--name=[Volume name]" \
+                "($help)*"{-o=,--opt=}"[Driver specific options]:Driver option: " && ret=0
+            ;;
+        (inspect)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -f --format)"{-f=,--format=}"[Format the output using the given go template]:template: " \
+                "($help -)1:volume:__docker_volumes" && ret=0
+            ;;
+        (ls)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help)*"{-f=,--filter=}"[Provide filter values (i.e. 'dangling=true')]:filter: " \
+                "($help -q --quiet)"{-q,--quiet}"[Only display volume names]" && ret=0
+            ;;
+        (rm)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -):volume:__docker_volumes" && ret=0
+            ;;
+        (help)
+            _arguments $(__docker_arguments) ":subcommand:__docker_volume_commands" && ret=0
+            ;;
+    esac
+
+    return ret
+}
+
+__docker_caching_policy() {
+  oldp=( "$1"(Nmh+1) )     # 1 hour
+  (( $#oldp ))
+}
+
+__docker_commands() {
+    local cache_policy
+
+    zstyle -s ":completion:${curcontext}:" cache-policy cache_policy
+    if [[ -z "$cache_policy" ]]; then
+        zstyle ":completion:${curcontext}:" cache-policy __docker_caching_policy
+    fi
+
+    if ( [[ ${+_docker_subcommands} -eq 0 ]] || _cache_invalid docker_subcommands) \
+        && ! _retrieve_cache docker_subcommands;
+    then
+        local -a lines
+        lines=(${(f)"$(_call_program commands docker 2>&1)"})
+        _docker_subcommands=(${${${lines[$((${lines[(i)Commands:]} + 1)),${lines[(I)    *]}]}## #}/ ##/:})
+        _docker_subcommands=($_docker_subcommands 'daemon:Enable daemon mode' 'help:Show help for a command')
+        (( $#_docker_subcommands > 2 )) && _store_cache docker_subcommands _docker_subcommands
+    fi
+    _describe -t docker-commands "docker command" _docker_subcommands
+}
+
+__docker_subcommand() {
+    local -a _command_args opts_help opts_build_create_run opts_build_create_run_update opts_create_run opts_create_run_update
+    local expl help="--help"
+    integer ret=1
+
+    opts_help=("(: -)--help[Print usage]")
+    opts_build_create_run=(
+        "($help)--cgroup-parent=[Parent cgroup for the container]:cgroup: "
+        "($help)--isolation=[Container isolation technology]:isolation:(default hyperv process)"
+        "($help)*--shm-size=[Size of '/dev/shm' (format is '<number><unit>')]:shm size: "
+        "($help)*--ulimit=[ulimit options]:ulimit: "
+        "($help)--userns=[Container user namespace]:user namespace:(host)"
+    )
+    opts_build_create_run_update=(
+        "($help)--cpu-shares=[CPU shares (relative weight)]:CPU shares:(0 10 100 200 500 800 1000)"
+        "($help)--cpu-period=[Limit the CPU CFS (Completely Fair Scheduler) period]:CPU period: "
+        "($help)--cpu-quota=[Limit the CPU CFS (Completely Fair Scheduler) quota]:CPU quota: "
+        "($help)--cpuset-cpus=[CPUs in which to allow execution]:CPUs: "
+        "($help)--cpuset-mems=[MEMs in which to allow execution]:MEMs: "
+        "($help -m --memory)"{-m=,--memory=}"[Memory limit]:Memory limit: "
+        "($help)--memory-swap=[Total memory limit with swap]:Memory limit: "
+    )
+    opts_create_run=(
+        "($help -a --attach)"{-a=,--attach=}"[Attach to stdin, stdout or stderr]:device:(STDIN STDOUT STDERR)"
+        "($help)*--add-host=[Add a custom host-to-IP mapping]:host\:ip mapping: "
+        "($help)*--blkio-weight-device=[Block IO (relative device weight)]:device:Block IO weight: "
+        "($help)*--cap-add=[Add Linux capabilities]:capability: "
+        "($help)*--cap-drop=[Drop Linux capabilities]:capability: "
+        "($help)--cidfile=[Write the container ID to the file]:CID file:_files"
+        "($help)*--device=[Add a host device to the container]:device:_files"
+        "($help)*--device-read-bps=[Limit the read rate (bytes per second) from a device]:device:IO rate: "
+        "($help)*--device-read-iops=[Limit the read rate (IO per second) from a device]:device:IO rate: "
+        "($help)*--device-write-bps=[Limit the write rate (bytes per second) to a device]:device:IO rate: "
+        "($help)*--device-write-iops=[Limit the write rate (IO per second) to a device]:device:IO rate: "
+        "($help)*--dns=[Custom DNS servers]:DNS server: "
+        "($help)*--dns-opt=[Custom DNS options]:DNS option: "
+        "($help)*--dns-search=[Custom DNS search domains]:DNS domains: "
+        "($help)*"{-e=,--env=}"[Environment variables]:environment variable: "
+        "($help)--entrypoint=[Overwrite the default entrypoint of the image]:entry point: "
+        "($help)*--env-file=[Read environment variables from a file]:environment file:_files"
+        "($help)*--expose=[Expose a port from the container without publishing it]: "
+        "($help)*--group-add=[Add additional groups to run as]:group:_groups"
+        "($help -h --hostname)"{-h=,--hostname=}"[Container host name]:hostname:_hosts"
+        "($help -i --interactive)"{-i,--interactive}"[Keep stdin open even if not attached]"
+        "($help)--ip=[Container IPv4 address]:IPv4: "
+        "($help)--ip6=[Container IPv6 address]:IPv6: "
+        "($help)--ipc=[IPC namespace to use]:IPC namespace: "
+        "($help)*--link=[Add link to another container]:link:->link"
+        "($help)*"{-l=,--label=}"[Container metadata]:label: "
+        "($help)--log-driver=[Default driver for container logs]:Logging driver:(awslogs etwlogs fluentd gcplogs gelf journald json-file none splunk syslog)"
+        "($help)*--log-opt=[Log driver specific options]:log driver options:__docker_log_options"
+        "($help)--mac-address=[Container MAC address]:MAC address: "
+        "($help)--name=[Container name]:name: "
+        "($help)--net=[Connect a container to a network]:network mode:(bridge none container host)"
+        "($help)*--net-alias=[Add network-scoped alias for the container]:alias: "
+        "($help)--oom-kill-disable[Disable OOM Killer]"
+        "($help)--oom-score-adj[Tune the host's OOM preferences for containers (accepts -1000 to 1000)]"
+        "($help)--pids-limit[Tune container pids limit (set -1 for unlimited)]"
+        "($help -P --publish-all)"{-P,--publish-all}"[Publish all exposed ports]"
+        "($help)*"{-p=,--publish=}"[Expose a container's port to the host]:port:_ports"
+        "($help)--pid=[PID namespace to use]:PID: "
+        "($help)--privileged[Give extended privileges to this container]"
+        "($help)--read-only[Mount the container's root filesystem as read only]"
+        "($help)*--security-opt=[Security options]:security option: "
+        "($help -t --tty)"{-t,--tty}"[Allocate a pseudo-tty]"
+        "($help -u --user)"{-u=,--user=}"[Username or UID]:user:_users"
+        "($help)--tmpfs[mount tmpfs]"
+        "($help)*-v[Bind mount a volume]:volume: "
+        "($help)--volume-driver=[Optional volume driver for the container]:volume driver:(local)"
+        "($help)*--volumes-from=[Mount volumes from the specified container]:volume: "
+        "($help -w --workdir)"{-w=,--workdir=}"[Working directory inside the container]:directory:_directories"
+    )
+    opts_create_run_update=(
+        "($help)--blkio-weight=[Block IO (relative weight), between 10 and 1000]:Block IO weight:(10 100 500 1000)"
+        "($help)--kernel-memory=[Kernel memory limit in bytes]:Memory limit: "
+        "($help)--memory-reservation=[Memory soft limit]:Memory limit: "
+        "($help)--restart=[Restart policy]:restart policy:(no on-failure always unless-stopped)"
+    )
+    opts_attach_exec_run_start=(
+        "($help)--detach-keys=[Escape key sequence used to detach a container]:sequence:__docker_complete_detach_keys"
+    )
+
+    case "$words[1]" in
+        (attach)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                $opts_attach_exec_run_start \
+                "($help)--no-stdin[Do not attach stdin]" \
+                "($help)--sig-proxy[Proxy all received signals to the process (non-TTY mode only)]" \
+                "($help -):containers:__docker_runningcontainers" && ret=0
+            ;;
+        (build)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                $opts_build_create_run \
+                $opts_build_create_run_update \
+                "($help)*--build-arg[Build-time variables]:<varname>=<value>: " \
+                "($help -f --file)"{-f=,--file=}"[Name of the Dockerfile]:Dockerfile:_files" \
+                "($help)--force-rm[Always remove intermediate containers]" \
+                "($help)*--label=[Set metadata for an image]:label=value: " \
+                "($help)--no-cache[Do not use cache when building the image]" \
+                "($help)--pull[Attempt to pull a newer version of the image]" \
+                "($help -q --quiet)"{-q,--quiet}"[Suppress verbose build output]" \
+                "($help)--rm[Remove intermediate containers after a successful build]" \
+                "($help -t --tag)*"{-t=,--tag=}"[Repository, name and tag for the image]: :__docker_repositories_with_tags" \
+                "($help -):path or URL:_directories" && ret=0
+            ;;
+        (commit)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -a --author)"{-a=,--author=}"[Author]:author: " \
+                "($help)*"{-c=,--change=}"[Apply Dockerfile instruction to the created image]:Dockerfile:_files" \
+                "($help -m --message)"{-m=,--message=}"[Commit message]:message: " \
+                "($help -p --pause)"{-p,--pause}"[Pause container during commit]" \
+                "($help -):container:__docker_containers" \
+                "($help -): :__docker_repositories_with_tags" && ret=0
+            ;;
+        (cp)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -L --follow-link)"{-L,--follow-link}"[Always follow symbol link]" \
+                "($help -)1:container:->container" \
+                "($help -)2:hostpath:_files" && ret=0
+            case $state in
+                (container)
+                    if compset -P "*:"; then
+                        _files && ret=0
+                    else
+                        __docker_containers -qS ":" && ret=0
+                    fi
+                    ;;
+            esac
+            ;;
+        (create)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                $opts_build_create_run \
+                $opts_build_create_run_update \
+                $opts_create_run \
+                $opts_create_run_update \
+                "($help -): :__docker_images" \
+                "($help -):command: _command_names -e" \
+                "($help -)*::arguments: _normal" && ret=0
+
+            case $state in
+                (link)
+                    if compset -P "*:"; then
+                        _wanted alias expl "Alias" compadd -E "" && ret=0
+                    else
+                        __docker_runningcontainers -qS ":" && ret=0
+                    fi
+                    ;;
+            esac
+
+            ;;
+        (daemon)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help)--api-cors-header=[CORS headers in the remote API]:CORS headers: " \
+                "($help)*--authorization-plugin=[Authorization plugins to load]" \
+                "($help -b --bridge)"{-b=,--bridge=}"[Attach containers to a network bridge]:bridge:_net_interfaces" \
+                "($help)--bip=[Network bridge IP]:IP address: " \
+                "($help)--cgroup-parent=[Parent cgroup for all containers]:cgroup: " \
+                "($help)--containerd=[Path to containerd socket]:socket:_files -g \"*.sock\"" \
+                "($help -D --debug)"{-D,--debug}"[Enable debug mode]" \
+                "($help)--default-gateway[Container default gateway IPv4 address]:IPv4 address: " \
+                "($help)--default-gateway-v6[Container default gateway IPv6 address]:IPv6 address: " \
+                "($help)--cluster-store=[URL of the distributed storage backend]:Cluster Store:->cluster-store" \
+                "($help)--cluster-advertise=[Address of the daemon instance to advertise]:Instance to advertise (host\:port): " \
+                "($help)*--cluster-store-opt=[Cluster options]:Cluster options:->cluster-store-options" \
+                "($help)*--dns=[DNS server to use]:DNS: " \
+                "($help)*--dns-search=[DNS search domains to use]:DNS search: " \
+                "($help)*--dns-opt=[DNS options to use]:DNS option: " \
+                "($help)*--default-ulimit=[Default ulimit settings for containers]:ulimit: " \
+                "($help)--disable-legacy-registry[Do not contact legacy registries]" \
+                "($help)*--exec-opt=[Runtime execution options]:runtime execution options: " \
+                "($help)--exec-root=[Root directory for execution state files]:path:_directories" \
+                "($help)--fixed-cidr=[IPv4 subnet for fixed IPs]:IPv4 subnet: " \
+                "($help)--fixed-cidr-v6=[IPv6 subnet for fixed IPs]:IPv6 subnet: " \
+                "($help -G --group)"{-G=,--group=}"[Group for the unix socket]:group:_groups" \
+                "($help -g --graph)"{-g=,--graph=}"[Root of the Docker runtime]:path:_directories" \
+                "($help -H --host)"{-H=,--host=}"[tcp://host:port to bind/connect to]:host: " \
+                "($help)--icc[Enable inter-container communication]" \
+                "($help)*--insecure-registry=[Enable insecure registry communication]:registry: " \
+                "($help)--ip=[Default IP when binding container ports]" \
+                "($help)--ip-forward[Enable net.ipv4.ip_forward]" \
+                "($help)--ip-masq[Enable IP masquerading]" \
+                "($help)--iptables[Enable addition of iptables rules]" \
+                "($help)--ipv6[Enable IPv6 networking]" \
+                "($help -l --log-level)"{-l=,--log-level=}"[Logging level]:level:(debug info warn error fatal)" \
+                "($help)*--label=[Key=value labels]:label: " \
+                "($help)--log-driver=[Default driver for container logs]:Logging driver:(awslogs etwlogs fluentd gcplogs gelf journald json-file none splunk syslog)" \
+                "($help)*--log-opt=[Log driver specific options]:log driver options:__docker_log_options" \
+                "($help)--mtu=[Network MTU]:mtu:(0 576 1420 1500 9000)" \
+                "($help -p --pidfile)"{-p=,--pidfile=}"[Path to use for daemon PID file]:PID file:_files" \
+                "($help)--raw-logs[Full timestamps without ANSI coloring]" \
+                "($help)*--registry-mirror=[Preferred Docker registry mirror]:registry mirror: " \
+                "($help -s --storage-driver)"{-s=,--storage-driver=}"[Storage driver to use]:driver:(aufs devicemapper btrfs zfs overlay)" \
+                "($help)--selinux-enabled[Enable selinux support]" \
+                "($help)*--storage-opt=[Storage driver options]:storage driver options: " \
+                "($help)--tls[Use TLS]" \
+                "($help)--tlscacert=[Trust certs signed only by this CA]:PEM file:_files -g \"*.(pem|crt)\"" \
+                "($help)--tlscert=[Path to TLS certificate file]:PEM file:_files -g \"*.(pem|crt)\"" \
+                "($help)--tlskey=[Path to TLS key file]:Key file:_files -g \"*.(pem|key)\"" \
+                "($help)--tlsverify[Use TLS and verify the remote]" \
+                "($help)--userns-remap=[User/Group setting for user namespaces]:user\:group:->users-groups" \
+                "($help)--userland-proxy[Use userland proxy for loopback traffic]" && ret=0
+
+            case $state in
+                (cluster-store)
+                    if compset -P '*://'; then
+                        _message 'host:port' && ret=0
+                    else
+                        store=('consul' 'etcd' 'zk')
+                        _describe -t cluster-store "Cluster Store" store -qS "://" && ret=0
+                    fi
+                    ;;
+                (cluster-store-options)
+                    if compset -P '*='; then
+                        _files && ret=0
+                    else
+                        opts=('discovery.heartbeat' 'discovery.ttl' 'kv.cacertfile' 'kv.certfile' 'kv.keyfile' 'kv.path')
+                        _describe -t cluster-store-opts "Cluster Store Options" opts -qS "=" && ret=0
+                    fi
+                    ;;
+                (users-groups)
+                    if compset -P '*:'; then
+                        _groups && ret=0
+                    else
+                        _describe -t userns-default "default Docker user management" '(default)' && ret=0
+                        _users && ret=0
+                    fi
+                    ;;
+            esac
+            ;;
+        (diff)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -)*:containers:__docker_containers" && ret=0
+            ;;
+        (events)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help)*"{-f=,--filter=}"[Filter values]:filter: " \
+                "($help)--since=[Events created since this timestamp]:timestamp: " \
+                "($help)--until=[Events created until this timestamp]:timestamp: " && ret=0
+            ;;
+        (exec)
+            local state
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                $opts_attach_exec_run_start \
+                "($help -d --detach)"{-d,--detach}"[Detached mode: leave the container running in the background]" \
+                "($help -i --interactive)"{-i,--interactive}"[Keep stdin open even if not attached]" \
+                "($help)--privileged[Give extended Linux capabilities to the command]" \
+                "($help -t --tty)"{-t,--tty}"[Allocate a pseudo-tty]" \
+                "($help -u --user)"{-u=,--user=}"[Username or UID]:user:_users" \
+                "($help -):containers:__docker_runningcontainers" \
+                "($help -)*::command:->anycommand" && ret=0
+
+            case $state in
+                (anycommand)
+                    shift 1 words
+                    (( CURRENT-- ))
+                    _normal && ret=0
+                    ;;
+            esac
+            ;;
+        (export)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -o --output)"{-o=,--output=}"[Write to a file, instead of stdout]:output file:_files" \
+                "($help -)*:containers:__docker_containers" && ret=0
+            ;;
+        (history)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -H --human)"{-H,--human}"[Print sizes and dates in human readable format]" \
+                "($help)--no-trunc[Do not truncate output]" \
+                "($help -q --quiet)"{-q,--quiet}"[Only show numeric IDs]" \
+                "($help -)*: :__docker_images" && ret=0
+            ;;
+        (images)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -a --all)"{-a,--all}"[Show all images]" \
+                "($help)--digests[Show digests]" \
+                "($help)*"{-f=,--filter=}"[Filter values]:filter: " \
+                "($help)--format[Pretty-print containers using a Go template]:format: " \
+                "($help)--no-trunc[Do not truncate output]" \
+                "($help -q --quiet)"{-q,--quiet}"[Only show numeric IDs]" \
+                "($help -): :__docker_repositories" && ret=0
+            ;;
+        (import)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help)*"{-c=,--change=}"[Apply Dockerfile instruction to the created image]:Dockerfile:_files" \
+                "($help -m --message)"{-m=,--message=}"[Commit message for imported image]:message: " \
+                "($help -):URL:(- http:// file://)" \
+                "($help -): :__docker_repositories_with_tags" && ret=0
+            ;;
+        (info|version)
+            _arguments $(__docker_arguments) \
+                $opts_help && ret=0
+            ;;
+        (inspect)
+            local state
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -f --format)"{-f=,--format=}"[Format the output using the given go template]:template: " \
+                "($help -s --size)"{-s,--size}"[Display total file sizes if the type is container]" \
+                "($help)--type=[Return JSON for specified type]:type:(image container)" \
+                "($help -)*: :->values" && ret=0
+
+            case $state in
+                (values)
+                    if [[ ${words[(r)--type=container]} == --type=container ]]; then
+                        __docker_containers && ret=0
+                    elif [[ ${words[(r)--type=image]} == --type=image ]]; then
+                        __docker_images && ret=0
+                    else
+                        __docker_images && __docker_containers && ret=0
+                    fi
+                    ;;
+            esac
+            ;;
+        (kill)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -s --signal)"{-s=,--signal=}"[Signal to send]:signal:_signals" \
+                "($help -)*:containers:__docker_runningcontainers" && ret=0
+            ;;
+        (load)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -i --input)"{-i=,--input=}"[Read from tar archive file]:archive file:_files -g \"*.((tar|TAR)(.gz|.GZ|.Z|.bz2|.lzma|.xz|)|(tbz|tgz|txz))(-.)\"" \
+                "($help -q --quiet)"{-q,--quiet}"[Suppress the load output]" && ret=0
+            ;;
+        (login)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -p --password)"{-p=,--password=}"[Password]:password: " \
+                "($help -u --user)"{-u=,--user=}"[Username]:username: " \
+                "($help -)1:server: " && ret=0
+            ;;
+        (logout)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -)1:server: " && ret=0
+            ;;
+        (logs)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -f --follow)"{-f,--follow}"[Follow log output]" \
+                "($help -s --since)"{-s=,--since=}"[Show logs since this timestamp]:timestamp: " \
+                "($help -t --timestamps)"{-t,--timestamps}"[Show timestamps]" \
+                "($help)--tail=[Output the last K lines]:lines:(1 10 20 50 all)" \
+                "($help -)*:containers:__docker_containers" && ret=0
+            ;;
+        (network)
+            local curcontext="$curcontext" state
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -): :->command" \
+                "($help -)*:: :->option-or-argument" && ret=0
+
+            case $state in
+                (command)
+                    __docker_network_commands && ret=0
+                    ;;
+                (option-or-argument)
+                    curcontext=${curcontext%:*:*}:docker-${words[-1]}:
+                    __docker_network_subcommand && ret=0
+                    ;;
+            esac
+            ;;
+        (pause|unpause)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -)*:containers:__docker_runningcontainers" && ret=0
+            ;;
+        (port)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -)1:containers:__docker_runningcontainers" \
+                "($help -)2:port:_ports" && ret=0
+            ;;
+        (ps)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -a --all)"{-a,--all}"[Show all containers]" \
+                "($help)--before=[Show only container created before...]:containers:__docker_containers" \
+                "($help)*"{-f=,--filter=}"[Filter values]:filter:->filter-options" \
+                "($help)--format[Pretty-print containers using a Go template]:format: " \
+                "($help -l --latest)"{-l,--latest}"[Show only the latest created container]" \
+                "($help)-n[Show n last created containers, include non-running one]:n:(1 5 10 25 50)" \
+                "($help)--no-trunc[Do not truncate output]" \
+                "($help -q --quiet)"{-q,--quiet}"[Only show numeric IDs]" \
+                "($help -s --size)"{-s,--size}"[Display total file sizes]" \
+                "($help)--since=[Show only containers created since...]:containers:__docker_containers" && ret=0
+
+            case $state in
+                (filter-options)
+                    __docker_complete_ps_filters && ret=0
+                    ;;
+            esac
+            ;;
+        (pull)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -a --all-tags)"{-a,--all-tags}"[Download all tagged images]" \
+                "($help)--disable-content-trust[Skip image verification]" \
+                "($help -):name:__docker_search" && ret=0
+            ;;
+        (push)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help)--disable-content-trust[Skip image signing]" \
+                "($help -): :__docker_images" && ret=0
+            ;;
+        (rename)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -):old name:__docker_containers" \
+                "($help -):new name: " && ret=0
+            ;;
+        (restart|stop)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -t --time)"{-t=,--time=}"[Number of seconds to try to stop for before killing the container]:seconds to before killing:(1 5 10 30 60)" \
+                "($help -)*:containers:__docker_runningcontainers" && ret=0
+            ;;
+        (rm)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -f --force)"{-f,--force}"[Force removal]" \
+                "($help -l --link)"{-l,--link}"[Remove the specified link and not the underlying container]" \
+                "($help -v --volumes)"{-v,--volumes}"[Remove the volumes associated to the container]" \
+                "($help -)*:containers:__docker_stoppedcontainers" && ret=0
+            ;;
+        (rmi)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -f --force)"{-f,--force}"[Force removal]" \
+                "($help)--no-prune[Do not delete untagged parents]" \
+                "($help -)*: :__docker_images" && ret=0
+            ;;
+        (run)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                $opts_build_create_run \
+                $opts_build_create_run_update \
+                $opts_create_run \
+                $opts_create_run_update \
+                $opts_attach_exec_run_start \
+                "($help -d --detach)"{-d,--detach}"[Detached mode: leave the container running in the background]" \
+                "($help)--rm[Remove intermediate containers when it exits]" \
+                "($help)--sig-proxy[Proxy all received signals to the process (non-TTY mode only)]" \
+                "($help)--stop-signal=[Signal to kill a container]:signal:_signals" \
+                "($help -): :__docker_images" \
+                "($help -):command: _command_names -e" \
+                "($help -)*::arguments: _normal" && ret=0
+
+            case $state in
+                (link)
+                    if compset -P "*:"; then
+                        _wanted alias expl "Alias" compadd -E "" && ret=0
+                    else
+                        __docker_runningcontainers -qS ":" && ret=0
+                    fi
+                    ;;
+            esac
+
+            ;;
+        (save)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -o --output)"{-o=,--output=}"[Write to file]:file:_files" \
+                "($help -)*: :__docker_images" && ret=0
+            ;;
+        (search)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help)--automated[Only show automated builds]" \
+                "($help)--no-trunc[Do not truncate output]" \
+                "($help -s --stars)"{-s=,--stars=}"[Only display with at least X stars]:stars:(0 10 100 1000)" \
+                "($help -):term: " && ret=0
+            ;;
+        (start)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                $opts_attach_exec_run_start \
+                "($help -a --attach)"{-a,--attach}"[Attach container's stdout/stderr and forward all signals]" \
+                "($help -i --interactive)"{-i,--interactive}"[Attach container's stding]" \
+                "($help -)*:containers:__docker_stoppedcontainers" && ret=0
+            ;;
+        (stats)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -a --all)"{-a,--all}"[Show all containers (default shows just running)]" \
+                "($help)--no-stream[Disable streaming stats and only pull the first result]" \
+                "($help -)*:containers:__docker_runningcontainers" && ret=0
+            ;;
+        (tag)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -):source:__docker_images"\
+                "($help -):destination:__docker_repositories_with_tags" && ret=0
+            ;;
+        (top)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -)1:containers:__docker_runningcontainers" \
+                "($help -)*:: :->ps-arguments" && ret=0
+            case $state in
+                (ps-arguments)
+                    _ps && ret=0
+                    ;;
+            esac
+
+            ;;
+        (update)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                $opts_create_run_update \
+                $opts_build_create_run_update \
+                "($help -)*: :->values" && ret=0
+
+            case $state in
+                (values)
+                    if [[ ${words[(r)--kernel-memory*]} = (--kernel-memory*) ]]; then
+                        __docker_stoppedcontainers && ret=0
+                    else
+                        __docker_containers && ret=0
+                    fi
+                    ;;
+            esac
+            ;;
+        (volume)
+            local curcontext="$curcontext" state
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -): :->command" \
+                "($help -)*:: :->option-or-argument" && ret=0
+
+            case $state in
+                (command)
+                    __docker_volume_commands && ret=0
+                    ;;
+                (option-or-argument)
+                    curcontext=${curcontext%:*:*}:docker-${words[-1]}:
+                    __docker_volume_subcommand && ret=0
+                    ;;
+            esac
+            ;;
+        (wait)
+            _arguments $(__docker_arguments) \
+                $opts_help \
+                "($help -)*:containers:__docker_runningcontainers" && ret=0
+            ;;
+        (help)
+            _arguments $(__docker_arguments) ":subcommand:__docker_commands" && ret=0
+            ;;
+    esac
+
+    return ret
+}
+
+_docker() {
+    # Support for subservices, which allows for `compdef _docker docker-shell=_docker_containers`.
+    # Based on /usr/share/zsh/functions/Completion/Unix/_git without support for `ret`.
+    if [[ $service != docker ]]; then
+        _call_function - _$service
+        return
+    fi
+
+    local curcontext="$curcontext" state line help="-h --help"
+    integer ret=1
+    typeset -A opt_args
+
+    _arguments $(__docker_arguments) -C \
+        "(: -)"{-h,--help}"[Print usage]" \
+        "($help)--config[Location of client config files]:path:_directories" \
+        "($help -D --debug)"{-D,--debug}"[Enable debug mode]" \
+        "($help -H --host)"{-H=,--host=}"[tcp://host:port to bind/connect to]:host: " \
+        "($help -l --log-level)"{-l=,--log-level=}"[Logging level]:level:(debug info warn error fatal)" \
+        "($help)--tls[Use TLS]" \
+        "($help)--tlscacert=[Trust certs signed only by this CA]:PEM file:_files -g "*.(pem|crt)"" \
+        "($help)--tlscert=[Path to TLS certificate file]:PEM file:_files -g "*.(pem|crt)"" \
+        "($help)--tlskey=[Path to TLS key file]:Key file:_files -g "*.(pem|key)"" \
+        "($help)--tlsverify[Use TLS and verify the remote]" \
+        "($help)--userland-proxy[Use userland proxy for loopback traffic]" \
+        "($help -v --version)"{-v,--version}"[Print version information and quit]" \
+        "($help -): :->command" \
+        "($help -)*:: :->option-or-argument" && ret=0
+
+    local host=${opt_args[-H]}${opt_args[--host]}
+    local config=${opt_args[--config]}
+    local docker_options="${host:+--host $host} ${config:+--config $config}"
+
+    case $state in
+        (command)
+            __docker_commands && ret=0
+            ;;
+        (option-or-argument)
+            curcontext=${curcontext%:*:*}:docker-$words[1]:
+            __docker_subcommand && ret=0
+            ;;
+    esac
+
+    return ret
+}
+
+_docker "$@"
+
+# Local Variables:
+# mode: Shell-Script
+# sh-indentation: 4
+# indent-tabs-mode: nil
+# sh-basic-offset: 4
+# End:
+# vim: ft=zsh sw=4 ts=4 et
diff --git a/contrib/desktop-integration/README.md b/contrib/desktop-integration/README.md
new file mode 100644
index 00000000..85a01b9e
--- /dev/null
+++ b/contrib/desktop-integration/README.md
@@ -0,0 +1,11 @@
+Desktop Integration
+===================
+
+The ./contrib/desktop-integration contains examples of typical dockerized
+desktop applications.
+
+Examples
+========
+
+* Chromium: ./chromium/Dockerfile shows a way to dockerize a common application
+* Gparted: ./gparted/Dockerfile shows a way to dockerize a common application w devices
diff --git a/contrib/desktop-integration/chromium/Dockerfile b/contrib/desktop-integration/chromium/Dockerfile
new file mode 100644
index 00000000..5cacd1f9
--- /dev/null
+++ b/contrib/desktop-integration/chromium/Dockerfile
@@ -0,0 +1,36 @@
+# VERSION:        0.1
+# DESCRIPTION:    Create chromium container with its dependencies
+# AUTHOR:         Jessica Frazelle <jess@docker.com>
+# COMMENTS:
+#   This file describes how to build a Chromium container with all
+#   dependencies installed. It uses native X11 unix socket.
+#   Tested on Debian Jessie
+# USAGE:
+#   # Download Chromium Dockerfile
+#   wget http://raw.githubusercontent.com/docker/docker/master/contrib/desktop-integration/chromium/Dockerfile
+#
+#   # Build chromium image
+#   docker build -t chromium .
+#
+#   # Run stateful data-on-host chromium. For ephemeral, remove -v /data/chromium:/data
+#   docker run -v /data/chromium:/data -v /tmp/.X11-unix:/tmp/.X11-unix \
+#   -e DISPLAY=unix$DISPLAY chromium
+
+#   # To run stateful dockerized data containers
+#   docker run --volumes-from chromium-data -v /tmp/.X11-unix:/tmp/.X11-unix \
+#   -e DISPLAY=unix$DISPLAY chromium
+
+# Base docker image
+FROM debian:jessie
+MAINTAINER Jessica Frazelle <jess@docker.com>
+
+# Install Chromium
+RUN apt-get update && apt-get install -y \
+    chromium \
+    chromium-l10n \
+    libcanberra-gtk-module \
+    libexif-dev \
+    --no-install-recommends
+
+# Autorun chromium
+CMD ["/usr/bin/chromium", "--no-sandbox", "--user-data-dir=/data"]
diff --git a/contrib/desktop-integration/gparted/Dockerfile b/contrib/desktop-integration/gparted/Dockerfile
new file mode 100644
index 00000000..3ddb2320
--- /dev/null
+++ b/contrib/desktop-integration/gparted/Dockerfile
@@ -0,0 +1,31 @@
+# VERSION:        0.1
+# DESCRIPTION:    Create gparted container with its dependencies
+# AUTHOR:         Jessica Frazelle <jess@docker.com>
+# COMMENTS:
+#   This file describes how to build a gparted container with all
+#   dependencies installed. It uses native X11 unix socket.
+#   Tested on Debian Jessie
+# USAGE:
+#   # Download gparted Dockerfile
+#   wget http://raw.githubusercontent.com/docker/docker/master/contrib/desktop-integration/gparted/Dockerfile
+#
+#   # Build gparted image
+#   docker build -t gparted .
+#
+#   docker run -v /tmp/.X11-unix:/tmp/.X11-unix \
+#     --device=/dev/sda:/dev/sda \
+#     -e DISPLAY=unix$DISPLAY gparted
+#
+
+# Base docker image
+FROM debian:jessie
+MAINTAINER Jessica Frazelle <jess@docker.com>
+
+# Install Gparted and its dependencies
+RUN apt-get update && apt-get install -y \
+    gparted \
+    libcanberra-gtk-module \
+    --no-install-recommends
+
+# Autorun gparted
+CMD ["/usr/sbin/gparted"]
diff --git a/contrib/docker-device-tool/device_tool.go b/contrib/docker-device-tool/device_tool.go
new file mode 100644
index 00000000..cb538f28
--- /dev/null
+++ b/contrib/docker-device-tool/device_tool.go
@@ -0,0 +1,176 @@
+// +build !windows
+
+package main
+
+import (
+	"flag"
+	"fmt"
+	"os"
+	"path"
+	"sort"
+	"strconv"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/daemon/graphdriver/devmapper"
+	"github.com/docker/docker/pkg/devicemapper"
+)
+
+func usage() {
+	fmt.Fprintf(os.Stderr, "Usage: %s <flags>  [status] | [list] | [device id]  | [resize new-pool-size] | [snap new-id base-id] | [remove id] | [mount id mountpoint]\n", os.Args[0])
+	flag.PrintDefaults()
+	os.Exit(1)
+}
+
+func byteSizeFromString(arg string) (int64, error) {
+	digits := ""
+	rest := ""
+	last := strings.LastIndexAny(arg, "0123456789")
+	if last >= 0 {
+		digits = arg[:last+1]
+		rest = arg[last+1:]
+	}
+
+	val, err := strconv.ParseInt(digits, 10, 64)
+	if err != nil {
+		return val, err
+	}
+
+	rest = strings.ToLower(strings.TrimSpace(rest))
+
+	var multiplier int64 = 1
+	switch rest {
+	case "":
+		multiplier = 1
+	case "k", "kb":
+		multiplier = 1024
+	case "m", "mb":
+		multiplier = 1024 * 1024
+	case "g", "gb":
+		multiplier = 1024 * 1024 * 1024
+	case "t", "tb":
+		multiplier = 1024 * 1024 * 1024 * 1024
+	default:
+		return 0, fmt.Errorf("Unknown size unit: %s", rest)
+	}
+
+	return val * multiplier, nil
+}
+
+func main() {
+	root := flag.String("r", "/var/lib/docker", "Docker root dir")
+	flDebug := flag.Bool("D", false, "Debug mode")
+
+	flag.Parse()
+
+	if *flDebug {
+		os.Setenv("DEBUG", "1")
+		logrus.SetLevel(logrus.DebugLevel)
+	}
+
+	if flag.NArg() < 1 {
+		usage()
+	}
+
+	args := flag.Args()
+
+	home := path.Join(*root, "devicemapper")
+	devices, err := devmapper.NewDeviceSet(home, false, nil, nil, nil)
+	if err != nil {
+		fmt.Println("Can't initialize device mapper: ", err)
+		os.Exit(1)
+	}
+
+	switch args[0] {
+	case "status":
+		status := devices.Status()
+		fmt.Printf("Pool name: %s\n", status.PoolName)
+		fmt.Printf("Data Loopback file: %s\n", status.DataLoopback)
+		fmt.Printf("Metadata Loopback file: %s\n", status.MetadataLoopback)
+		fmt.Printf("Sector size: %d\n", status.SectorSize)
+		fmt.Printf("Data use: %d of %d (%.1f %%)\n", status.Data.Used, status.Data.Total, 100.0*float64(status.Data.Used)/float64(status.Data.Total))
+		fmt.Printf("Metadata use: %d of %d (%.1f %%)\n", status.Metadata.Used, status.Metadata.Total, 100.0*float64(status.Metadata.Used)/float64(status.Metadata.Total))
+		break
+	case "list":
+		ids := devices.List()
+		sort.Strings(ids)
+		for _, id := range ids {
+			fmt.Println(id)
+		}
+		break
+	case "device":
+		if flag.NArg() < 2 {
+			usage()
+		}
+		status, err := devices.GetDeviceStatus(args[1])
+		if err != nil {
+			fmt.Println("Can't get device info: ", err)
+			os.Exit(1)
+		}
+		fmt.Printf("Id: %d\n", status.DeviceID)
+		fmt.Printf("Size: %d\n", status.Size)
+		fmt.Printf("Transaction Id: %d\n", status.TransactionID)
+		fmt.Printf("Size in Sectors: %d\n", status.SizeInSectors)
+		fmt.Printf("Mapped Sectors: %d\n", status.MappedSectors)
+		fmt.Printf("Highest Mapped Sector: %d\n", status.HighestMappedSector)
+		break
+	case "resize":
+		if flag.NArg() < 2 {
+			usage()
+		}
+
+		size, err := byteSizeFromString(args[1])
+		if err != nil {
+			fmt.Println("Invalid size: ", err)
+			os.Exit(1)
+		}
+
+		err = devices.ResizePool(size)
+		if err != nil {
+			fmt.Println("Error resizing pool: ", err)
+			os.Exit(1)
+		}
+
+		break
+	case "snap":
+		if flag.NArg() < 3 {
+			usage()
+		}
+
+		err := devices.AddDevice(args[1], args[2])
+		if err != nil {
+			fmt.Println("Can't create snap device: ", err)
+			os.Exit(1)
+		}
+		break
+	case "remove":
+		if flag.NArg() < 2 {
+			usage()
+		}
+
+		err := devicemapper.RemoveDevice(args[1])
+		if err != nil {
+			fmt.Println("Can't remove device: ", err)
+			os.Exit(1)
+		}
+		break
+	case "mount":
+		if flag.NArg() < 3 {
+			usage()
+		}
+
+		err := devices.MountDevice(args[1], args[2], "")
+		if err != nil {
+			fmt.Println("Can't create snap device: ", err)
+			os.Exit(1)
+		}
+		break
+	default:
+		fmt.Printf("Unknown command %s\n", args[0])
+		usage()
+
+		os.Exit(1)
+	}
+
+	return
+}
diff --git a/contrib/docker-device-tool/device_tool_windows.go b/contrib/docker-device-tool/device_tool_windows.go
new file mode 100644
index 00000000..da29a2ca
--- /dev/null
+++ b/contrib/docker-device-tool/device_tool_windows.go
@@ -0,0 +1,4 @@
+package main
+
+func main() {
+}
diff --git a/contrib/docker-engine-selinux/LICENSE b/contrib/docker-engine-selinux/LICENSE
new file mode 100644
index 00000000..5b6e7c66
--- /dev/null
+++ b/contrib/docker-engine-selinux/LICENSE
@@ -0,0 +1,340 @@
+		    GNU GENERAL PUBLIC LICENSE
+		       Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.
+                       59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+			    Preamble
+
+  The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users.  This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it.  (Some other Free Software Foundation software is covered by
+the GNU Library General Public License instead.)  You can apply it to
+your programs, too.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+  To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have.  You must make sure that they, too, receive or can get the
+source code.  And you must show them these terms so they know their
+rights.
+
+  We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+  Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software.  If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+  Finally, any free program is threatened constantly by software
+patents.  We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary.  To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+		    GNU GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License.  The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language.  (Hereinafter, translation is included without limitation in
+the term "modification".)  Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+  1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+  2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+    a) You must cause the modified files to carry prominent notices
+    stating that you changed the files and the date of any change.
+
+    b) You must cause any work that you distribute or publish, that in
+    whole or in part contains or is derived from the Program or any
+    part thereof, to be licensed as a whole at no charge to all third
+    parties under the terms of this License.
+
+    c) If the modified program normally reads commands interactively
+    when run, you must cause it, when started running for such
+    interactive use in the most ordinary way, to print or display an
+    announcement including an appropriate copyright notice and a
+    notice that there is no warranty (or else, saying that you provide
+    a warranty) and that users may redistribute the program under
+    these conditions, and telling the user how to view a copy of this
+    License.  (Exception: if the Program itself is interactive but
+    does not normally print such an announcement, your work based on
+    the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+  3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+    a) Accompany it with the complete corresponding machine-readable
+    source code, which must be distributed under the terms of Sections
+    1 and 2 above on a medium customarily used for software interchange; or,
+
+    b) Accompany it with a written offer, valid for at least three
+    years, to give any third party, for a charge no more than your
+    cost of physically performing source distribution, a complete
+    machine-readable copy of the corresponding source code, to be
+    distributed under the terms of Sections 1 and 2 above on a medium
+    customarily used for software interchange; or,
+
+    c) Accompany it with the information you received as to the offer
+    to distribute corresponding source code.  (This alternative is
+    allowed only for noncommercial distribution and only if you
+    received the program in object code or executable form with such
+    an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it.  For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable.  However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+  4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License.  Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+  5. You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Program or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+  6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+  7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+  8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded.  In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+  9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation.  If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+  10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission.  For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this.  Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+			    NO WARRANTY
+
+  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+		     END OF TERMS AND CONDITIONS
+
+	    How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 2 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+    Gnomovision version 69, Copyright (C) year name of author
+    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+    This is free software, and you are welcome to redistribute it
+    under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License.  Of course, the commands you use may
+be called something other than `show w' and `show c'; they could even be
+mouse-clicks or menu items--whatever suits your program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary.  Here is a sample; alter the names:
+
+  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
+  `Gnomovision' (which makes passes at compilers) written by James Hacker.
+
+  <signature of Ty Coon>, 1 April 1989
+  Ty Coon, President of Vice
+
+This General Public License does not permit incorporating your program into
+proprietary programs.  If your program is a subroutine library, you may
+consider it more useful to permit linking proprietary applications with the
+library.  If this is what you want to do, use the GNU Library General
+Public License instead of this License.
diff --git a/contrib/docker-engine-selinux/Makefile b/contrib/docker-engine-selinux/Makefile
new file mode 100644
index 00000000..1bdc695a
--- /dev/null
+++ b/contrib/docker-engine-selinux/Makefile
@@ -0,0 +1,16 @@
+TARGETS?=docker
+MODULES?=${TARGETS:=.pp.bz2}
+SHAREDIR?=/usr/share
+
+all: ${TARGETS:=.pp.bz2}
+
+%.pp.bz2: %.pp
+	@echo Compressing $^ -\> $@
+	bzip2 -9 $^
+
+%.pp: %.te
+	make -f ${SHAREDIR}/selinux/devel/Makefile $@
+
+clean:
+	rm -f *~  *.tc *.pp *.pp.bz2
+	rm -rf tmp *.tar.gz
diff --git a/contrib/docker-engine-selinux/docker.fc b/contrib/docker-engine-selinux/docker.fc
new file mode 100644
index 00000000..589ee287
--- /dev/null
+++ b/contrib/docker-engine-selinux/docker.fc
@@ -0,0 +1,20 @@
+/root/\.docker	gen_context(system_u:object_r:docker_home_t,s0)
+
+/usr/bin/docker			--	gen_context(system_u:object_r:docker_exec_t,s0)
+
+/usr/lib/systemd/system/docker.service		--	gen_context(system_u:object_r:docker_unit_file_t,s0)
+
+/etc/docker(/.*)?		gen_context(system_u:object_r:docker_config_t,s0)
+
+/var/lib/docker(/.*)?		gen_context(system_u:object_r:docker_var_lib_t,s0)
+/var/lib/kublet(/.*)?		gen_context(system_u:object_r:docker_var_lib_t,s0)
+/var/lib/docker/vfs(/.*)?	gen_context(system_u:object_r:svirt_sandbox_file_t,s0)
+
+/var/run/docker\.pid		--	gen_context(system_u:object_r:docker_var_run_t,s0)
+/var/run/docker\.sock		-s	gen_context(system_u:object_r:docker_var_run_t,s0)
+/var/run/docker-client(/.*)?		gen_context(system_u:object_r:docker_var_run_t,s0)
+
+/var/lib/docker/init(/.*)?		gen_context(system_u:object_r:docker_share_t,s0)
+/var/lib/docker/containers/.*/hosts		gen_context(system_u:object_r:docker_share_t,s0)
+/var/lib/docker/containers/.*/hostname		gen_context(system_u:object_r:docker_share_t,s0)
+/var/lib/docker/.*/config\.env	gen_context(system_u:object_r:docker_share_t,s0)
diff --git a/contrib/docker-engine-selinux/docker.if b/contrib/docker-engine-selinux/docker.if
new file mode 100644
index 00000000..ca075c05
--- /dev/null
+++ b/contrib/docker-engine-selinux/docker.if
@@ -0,0 +1,461 @@
+
+## <summary>The open-source application container engine.</summary>
+
+########################################
+## <summary>
+##	Execute docker in the docker domain.
+## </summary>
+## <param name="domain">
+## <summary>
+##	Domain allowed to transition.
+## </summary>
+## </param>
+#
+interface(`docker_domtrans',`
+	gen_require(`
+		type docker_t, docker_exec_t;
+	')
+
+	corecmd_search_bin($1)
+	domtrans_pattern($1, docker_exec_t, docker_t)
+')
+
+########################################
+## <summary>
+##	Execute docker in the caller domain.
+## </summary>
+## <param name="domain">
+## <summary>
+##	Domain allowed to transition.
+## </summary>
+## </param>
+#
+interface(`docker_exec',`
+	gen_require(`
+		type docker_exec_t;
+	')
+
+	corecmd_search_bin($1)
+	can_exec($1, docker_exec_t)
+')
+
+########################################
+## <summary>
+##	Search docker lib directories.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`docker_search_lib',`
+	gen_require(`
+		type docker_var_lib_t;
+	')
+
+	allow $1 docker_var_lib_t:dir search_dir_perms;
+	files_search_var_lib($1)
+')
+
+########################################
+## <summary>
+##	Execute docker lib directories.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`docker_exec_lib',`
+	gen_require(`
+		type docker_var_lib_t;
+	')
+
+	allow $1 docker_var_lib_t:dir search_dir_perms;
+	can_exec($1, docker_var_lib_t)
+')
+
+########################################
+## <summary>
+##	Read docker lib files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`docker_read_lib_files',`
+	gen_require(`
+		type docker_var_lib_t;
+	')
+
+	files_search_var_lib($1)
+	read_files_pattern($1, docker_var_lib_t, docker_var_lib_t)
+')
+
+########################################
+## <summary>
+##	Read docker share files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`docker_read_share_files',`
+	gen_require(`
+		type docker_share_t;
+	')
+
+	files_search_var_lib($1)
+	read_files_pattern($1, docker_share_t, docker_share_t)
+')
+
+########################################
+## <summary>
+##	Manage docker lib files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`docker_manage_lib_files',`
+	gen_require(`
+		type docker_var_lib_t;
+	')
+
+	files_search_var_lib($1)
+	manage_files_pattern($1, docker_var_lib_t, docker_var_lib_t)
+	manage_lnk_files_pattern($1, docker_var_lib_t, docker_var_lib_t)
+')
+
+########################################
+## <summary>
+##	Manage docker lib directories.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`docker_manage_lib_dirs',`
+	gen_require(`
+		type docker_var_lib_t;
+	')
+
+	files_search_var_lib($1)
+	manage_dirs_pattern($1, docker_var_lib_t, docker_var_lib_t)
+')
+
+########################################
+## <summary>
+##	Create objects in a docker var lib directory
+##	with an automatic type transition to
+##	a specified private type.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+## <param name="private_type">
+##	<summary>
+##	The type of the object to create.
+##	</summary>
+## </param>
+## <param name="object_class">
+##	<summary>
+##	The class of the object to be created.
+##	</summary>
+## </param>
+## <param name="name" optional="true">
+##	<summary>
+##	The name of the object being created.
+##	</summary>
+## </param>
+#
+interface(`docker_lib_filetrans',`
+	gen_require(`
+		type docker_var_lib_t;
+	')
+
+	filetrans_pattern($1, docker_var_lib_t, $2, $3, $4)
+')
+
+########################################
+## <summary>
+##	Read docker PID files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`docker_read_pid_files',`
+	gen_require(`
+		type docker_var_run_t;
+	')
+
+	files_search_pids($1)
+	read_files_pattern($1, docker_var_run_t, docker_var_run_t)
+')
+
+########################################
+## <summary>
+##	Execute docker server in the docker domain.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed to transition.
+##	</summary>
+## </param>
+#
+interface(`docker_systemctl',`
+	gen_require(`
+		type docker_t;
+		type docker_unit_file_t;
+	')
+
+	systemd_exec_systemctl($1)
+	init_reload_services($1)
+        systemd_read_fifo_file_passwd_run($1)
+	allow $1 docker_unit_file_t:file read_file_perms;
+	allow $1 docker_unit_file_t:service manage_service_perms;
+
+	ps_process_pattern($1, docker_t)
+')
+
+########################################
+## <summary>
+##	Read and write docker shared memory.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`docker_rw_sem',`
+	gen_require(`
+		type docker_t;
+	')
+
+	allow $1 docker_t:sem rw_sem_perms;
+')
+
+#######################################
+## <summary>
+##  Read and write the docker pty type.
+## </summary>
+## <param name="domain">
+##  <summary>
+##  Domain allowed access.
+##  </summary>
+## </param>
+#
+interface(`docker_use_ptys',`
+    gen_require(`
+        type docker_devpts_t;
+    ')
+
+    allow $1 docker_devpts_t:chr_file rw_term_perms;
+')
+
+#######################################
+## <summary>
+##      Allow domain to create docker content
+## </summary>
+## <param name="domain">
+##      <summary>
+##      Domain allowed access.
+##      </summary>
+## </param>
+#
+interface(`docker_filetrans_named_content',`
+
+    gen_require(`
+        type docker_var_lib_t;
+        type docker_share_t;
+	type docker_log_t;
+	    type docker_var_run_t;
+        type docker_home_t;
+    ')
+
+    files_pid_filetrans($1, docker_var_run_t, file, "docker.pid")
+    files_pid_filetrans($1, docker_var_run_t, sock_file, "docker.sock")
+    files_pid_filetrans($1, docker_var_run_t, dir, "docker-client")
+    files_var_lib_filetrans($1, docker_var_lib_t, dir, "docker")
+    filetrans_pattern($1, docker_var_lib_t, docker_share_t, file, "config.env")
+    filetrans_pattern($1, docker_var_lib_t, docker_share_t, file, "hosts")
+    filetrans_pattern($1, docker_var_lib_t, docker_share_t, file, "hostname")
+    filetrans_pattern($1, docker_var_lib_t, docker_share_t, file, "resolv.conf")
+    filetrans_pattern($1, docker_var_lib_t, docker_share_t, dir, "init")
+    userdom_admin_home_dir_filetrans($1, docker_home_t, dir, ".docker")
+')
+
+########################################
+## <summary>
+##	Connect to docker over a unix stream socket.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`docker_stream_connect',`
+	gen_require(`
+		type docker_t, docker_var_run_t;
+	')
+
+	files_search_pids($1)
+	stream_connect_pattern($1, docker_var_run_t, docker_var_run_t, docker_t)
+')
+
+########################################
+## <summary>
+##	Connect to SPC containers over a unix stream socket.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`docker_spc_stream_connect',`
+	gen_require(`
+		type spc_t, spc_var_run_t;
+	')
+
+	files_search_pids($1)
+	files_write_all_pid_sockets($1)
+	allow $1 spc_t:unix_stream_socket connectto;
+')
+
+
+########################################
+## <summary>
+##	All of the rules required to administrate
+##	an docker environment
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`docker_admin',`
+	gen_require(`
+		type docker_t;
+		type docker_var_lib_t, docker_var_run_t;
+		type docker_unit_file_t;
+		type docker_lock_t;
+		type docker_log_t;
+		type docker_config_t;
+	')
+
+	allow $1 docker_t:process { ptrace signal_perms };
+	ps_process_pattern($1, docker_t)
+
+	admin_pattern($1, docker_config_t)
+
+	files_search_var_lib($1)
+	admin_pattern($1, docker_var_lib_t)
+
+	files_search_pids($1)
+	admin_pattern($1, docker_var_run_t)
+
+	files_search_locks($1)
+	admin_pattern($1, docker_lock_t)
+
+	logging_search_logs($1)
+	admin_pattern($1, docker_log_t)
+
+	docker_systemctl($1)
+	admin_pattern($1, docker_unit_file_t)
+	allow $1 docker_unit_file_t:service all_service_perms;
+
+	optional_policy(`
+		systemd_passwd_agent_exec($1)
+		systemd_read_fifo_file_passwd_run($1)
+	')
+')
+
+interface(`domain_stub_named_filetrans_domain',`
+    gen_require(`
+        attribute named_filetrans_domain;
+    ')
+')
+
+interface(`lvm_stub',`
+    gen_require(`
+        type lvm_t;
+    ')
+')
+interface(`staff_stub',`
+    gen_require(`
+        type staff_t;
+    ')
+')
+interface(`virt_stub_svirt_sandbox_domain',`
+	gen_require(`
+		attribute svirt_sandbox_domain;
+	')
+')
+interface(`virt_stub_svirt_sandbox_file',`
+	gen_require(`
+		type svirt_sandbox_file_t;
+	')
+')
+interface(`fs_dontaudit_remount_tmpfs',`
+	gen_require(`
+		type tmpfs_t;
+	')
+
+	dontaudit $1 tmpfs_t:filesystem remount;
+')
+interface(`dev_dontaudit_list_all_dev_nodes',`
+	gen_require(`
+		type device_t;
+	')
+
+	dontaudit $1 device_t:dir list_dir_perms;
+')
+interface(`kernel_unlabeled_entry_type',`
+	gen_require(`
+		type unlabeled_t;
+	')
+
+	domain_entry_file($1, unlabeled_t)
+')
+interface(`kernel_unlabeled_domtrans',`
+	gen_require(`
+		type unlabeled_t;
+	')
+
+	read_lnk_files_pattern($1, unlabeled_t, unlabeled_t)
+	domain_transition_pattern($1, unlabeled_t, $2)
+	type_transition $1 unlabeled_t:process $2;
+')
+interface(`files_write_all_pid_sockets',`
+	gen_require(`
+		attribute pidfile;
+	')
+
+	allow $1 pidfile:sock_file write_sock_file_perms;
+')
+interface(`dev_dontaudit_mounton_sysfs',`
+	gen_require(`
+		type sysfs_t;
+	')
+
+	dontaudit $1 sysfs_t:dir mounton;
+')
diff --git a/contrib/docker-engine-selinux/docker.te b/contrib/docker-engine-selinux/docker.te
new file mode 100644
index 00000000..999742f3
--- /dev/null
+++ b/contrib/docker-engine-selinux/docker.te
@@ -0,0 +1,414 @@
+policy_module(docker, 1.0.0)
+
+########################################
+#
+# Declarations
+#
+
+## <desc>
+## <p>
+## Allow sandbox containers manage fuse files
+## </p>
+## </desc>
+gen_tunable(virt_sandbox_use_fusefs, false)
+
+## <desc>
+##  <p>
+##  Determine whether docker can
+##  connect to all TCP ports.
+##  </p>
+## </desc>
+gen_tunable(docker_connect_any, false)
+
+type docker_t;
+type docker_exec_t;
+init_daemon_domain(docker_t, docker_exec_t)
+domain_subj_id_change_exemption(docker_t)
+domain_role_change_exemption(docker_t)
+
+type spc_t;
+domain_type(spc_t)
+role system_r types spc_t;
+
+type spc_var_run_t;
+files_pid_file(spc_var_run_t)
+
+type docker_var_lib_t;
+files_type(docker_var_lib_t)
+
+type docker_home_t;
+userdom_user_home_content(docker_home_t)
+
+type docker_config_t;
+files_config_file(docker_config_t)
+
+type docker_lock_t;
+files_lock_file(docker_lock_t)
+
+type docker_log_t;
+logging_log_file(docker_log_t)
+
+type docker_tmp_t;
+files_tmp_file(docker_tmp_t)
+
+type docker_tmpfs_t;
+files_tmpfs_file(docker_tmpfs_t)
+
+type docker_var_run_t;
+files_pid_file(docker_var_run_t)
+
+type docker_unit_file_t;
+systemd_unit_file(docker_unit_file_t)
+
+type docker_devpts_t;
+term_pty(docker_devpts_t)
+
+type docker_share_t;
+files_type(docker_share_t)
+
+########################################
+#
+# docker local policy
+#
+allow docker_t self:capability { chown kill fowner fsetid mknod net_admin net_bind_service net_raw setfcap };
+allow docker_t self:tun_socket relabelto;
+allow docker_t self:process { getattr signal_perms setrlimit setfscreate };
+allow docker_t self:fifo_file rw_fifo_file_perms;
+allow docker_t self:unix_stream_socket create_stream_socket_perms;
+allow docker_t self:tcp_socket create_stream_socket_perms;
+allow docker_t self:udp_socket create_socket_perms;
+allow docker_t self:capability2 block_suspend;
+
+manage_files_pattern(docker_t, docker_home_t, docker_home_t)
+manage_dirs_pattern(docker_t, docker_home_t, docker_home_t)
+manage_lnk_files_pattern(docker_t, docker_home_t, docker_home_t)
+userdom_admin_home_dir_filetrans(docker_t, docker_home_t, dir, ".docker")
+
+manage_dirs_pattern(docker_t, docker_config_t, docker_config_t)
+manage_files_pattern(docker_t, docker_config_t, docker_config_t)
+files_etc_filetrans(docker_t, docker_config_t, dir, "docker")
+
+manage_dirs_pattern(docker_t, docker_lock_t, docker_lock_t)
+manage_files_pattern(docker_t, docker_lock_t, docker_lock_t)
+
+manage_dirs_pattern(docker_t, docker_log_t, docker_log_t)
+manage_files_pattern(docker_t, docker_log_t, docker_log_t)
+manage_lnk_files_pattern(docker_t, docker_log_t, docker_log_t)
+logging_log_filetrans(docker_t, docker_log_t, { dir file lnk_file })
+allow docker_t docker_log_t:dir_file_class_set { relabelfrom relabelto };
+
+manage_dirs_pattern(docker_t, docker_tmp_t, docker_tmp_t)
+manage_files_pattern(docker_t, docker_tmp_t, docker_tmp_t)
+manage_lnk_files_pattern(docker_t, docker_tmp_t, docker_tmp_t)
+files_tmp_filetrans(docker_t, docker_tmp_t, { dir file lnk_file })
+
+manage_dirs_pattern(docker_t, docker_tmpfs_t, docker_tmpfs_t)
+manage_files_pattern(docker_t, docker_tmpfs_t, docker_tmpfs_t)
+manage_lnk_files_pattern(docker_t, docker_tmpfs_t, docker_tmpfs_t)
+manage_fifo_files_pattern(docker_t, docker_tmpfs_t, docker_tmpfs_t)
+manage_chr_files_pattern(docker_t, docker_tmpfs_t, docker_tmpfs_t)
+manage_blk_files_pattern(docker_t, docker_tmpfs_t, docker_tmpfs_t)
+allow docker_t docker_tmpfs_t:dir relabelfrom;
+can_exec(docker_t, docker_tmpfs_t)
+fs_tmpfs_filetrans(docker_t, docker_tmpfs_t, { dir file })
+allow docker_t docker_tmpfs_t:chr_file mounton;
+
+manage_dirs_pattern(docker_t, docker_share_t, docker_share_t)
+manage_files_pattern(docker_t, docker_share_t, docker_share_t)
+manage_lnk_files_pattern(docker_t, docker_share_t, docker_share_t)
+allow docker_t docker_share_t:dir_file_class_set { relabelfrom relabelto };
+
+can_exec(docker_t, docker_share_t)
+#docker_filetrans_named_content(docker_t)
+
+manage_dirs_pattern(docker_t, docker_var_lib_t, docker_var_lib_t)
+manage_chr_files_pattern(docker_t, docker_var_lib_t, docker_var_lib_t)
+manage_blk_files_pattern(docker_t, docker_var_lib_t, docker_var_lib_t)
+manage_files_pattern(docker_t, docker_var_lib_t, docker_var_lib_t)
+manage_lnk_files_pattern(docker_t, docker_var_lib_t, docker_var_lib_t)
+allow docker_t docker_var_lib_t:dir_file_class_set { relabelfrom relabelto };
+files_var_lib_filetrans(docker_t, docker_var_lib_t, { dir file lnk_file })
+
+manage_dirs_pattern(docker_t, docker_var_run_t, docker_var_run_t)
+manage_files_pattern(docker_t, docker_var_run_t, docker_var_run_t)
+manage_sock_files_pattern(docker_t, docker_var_run_t, docker_var_run_t)
+manage_lnk_files_pattern(docker_t, docker_var_run_t, docker_var_run_t)
+files_pid_filetrans(docker_t, docker_var_run_t, { dir file lnk_file sock_file })
+
+allow docker_t docker_devpts_t:chr_file { relabelfrom rw_chr_file_perms setattr_chr_file_perms };
+term_create_pty(docker_t, docker_devpts_t)
+
+kernel_read_system_state(docker_t)
+kernel_read_network_state(docker_t)
+kernel_read_all_sysctls(docker_t)
+kernel_rw_net_sysctls(docker_t)
+kernel_setsched(docker_t)
+kernel_read_all_proc(docker_t)
+
+domain_use_interactive_fds(docker_t)
+domain_dontaudit_read_all_domains_state(docker_t)
+
+corecmd_exec_bin(docker_t)
+corecmd_exec_shell(docker_t)
+
+corenet_tcp_bind_generic_node(docker_t)
+corenet_tcp_sendrecv_generic_if(docker_t)
+corenet_tcp_sendrecv_generic_node(docker_t)
+corenet_tcp_sendrecv_generic_port(docker_t)
+corenet_tcp_bind_all_ports(docker_t)
+corenet_tcp_connect_http_port(docker_t)
+corenet_tcp_connect_commplex_main_port(docker_t)
+corenet_udp_sendrecv_generic_if(docker_t)
+corenet_udp_sendrecv_generic_node(docker_t)
+corenet_udp_sendrecv_all_ports(docker_t)
+corenet_udp_bind_generic_node(docker_t)
+corenet_udp_bind_all_ports(docker_t)
+
+files_read_config_files(docker_t)
+files_dontaudit_getattr_all_dirs(docker_t)
+files_dontaudit_getattr_all_files(docker_t)
+
+fs_read_cgroup_files(docker_t)
+fs_read_tmpfs_symlinks(docker_t)
+fs_search_all(docker_t)
+fs_getattr_all_fs(docker_t)
+
+storage_raw_rw_fixed_disk(docker_t)
+
+auth_use_nsswitch(docker_t)
+auth_dontaudit_getattr_shadow(docker_t)
+
+init_read_state(docker_t)
+init_status(docker_t)
+
+logging_send_audit_msgs(docker_t)
+logging_send_syslog_msg(docker_t)
+
+miscfiles_read_localization(docker_t)
+
+mount_domtrans(docker_t)
+
+seutil_read_default_contexts(docker_t)
+seutil_read_config(docker_t)
+
+sysnet_dns_name_resolve(docker_t)
+sysnet_exec_ifconfig(docker_t)
+
+optional_policy(`
+	rpm_exec(docker_t)
+	rpm_read_db(docker_t)
+	rpm_exec(docker_t)
+')
+
+optional_policy(`
+	fstools_domtrans(docker_t)
+')
+
+optional_policy(`
+	iptables_domtrans(docker_t)
+')
+
+optional_policy(`
+	openvswitch_stream_connect(docker_t)
+')
+
+allow docker_t self:capability { dac_override setgid setpcap setuid sys_admin sys_boot sys_chroot sys_ptrace };
+
+allow docker_t self:process { getcap setcap setexec setpgid setsched signal_perms };
+
+allow docker_t self:netlink_route_socket rw_netlink_socket_perms;;
+allow docker_t self:netlink_audit_socket create_netlink_socket_perms;
+allow docker_t self:unix_dgram_socket { create_socket_perms sendto };
+allow docker_t self:unix_stream_socket { create_stream_socket_perms connectto };
+
+allow docker_t docker_var_lib_t:dir mounton;
+allow docker_t docker_var_lib_t:chr_file mounton;
+can_exec(docker_t, docker_var_lib_t)
+
+kernel_dontaudit_setsched(docker_t)
+kernel_get_sysvipc_info(docker_t)
+kernel_request_load_module(docker_t)
+kernel_mounton_messages(docker_t)
+kernel_mounton_all_proc(docker_t)
+kernel_mounton_all_sysctls(docker_t)
+kernel_unlabeled_entry_type(spc_t)
+kernel_unlabeled_domtrans(docker_t, spc_t)
+
+dev_getattr_all(docker_t)
+dev_getattr_sysfs_fs(docker_t)
+dev_read_urand(docker_t)
+dev_read_lvm_control(docker_t)
+dev_rw_sysfs(docker_t)
+dev_rw_loop_control(docker_t)
+dev_rw_lvm_control(docker_t)
+
+files_getattr_isid_type_dirs(docker_t)
+files_manage_isid_type_dirs(docker_t)
+files_manage_isid_type_files(docker_t)
+files_manage_isid_type_symlinks(docker_t)
+files_manage_isid_type_chr_files(docker_t)
+files_manage_isid_type_blk_files(docker_t)
+files_exec_isid_files(docker_t)
+files_mounton_isid(docker_t)
+files_mounton_non_security(docker_t)
+files_mounton_isid_type_chr_file(docker_t)
+
+fs_mount_all_fs(docker_t)
+fs_unmount_all_fs(docker_t)
+fs_remount_all_fs(docker_t)
+files_mounton_isid(docker_t)
+fs_manage_cgroup_dirs(docker_t)
+fs_manage_cgroup_files(docker_t)
+fs_relabelfrom_xattr_fs(docker_t)
+fs_relabelfrom_tmpfs(docker_t)
+fs_read_tmpfs_symlinks(docker_t)
+fs_list_hugetlbfs(docker_t)
+
+term_use_generic_ptys(docker_t)
+term_use_ptmx(docker_t)
+term_getattr_pty_fs(docker_t)
+term_relabel_pty_fs(docker_t)
+term_mounton_unallocated_ttys(docker_t)
+
+modutils_domtrans_insmod(docker_t)
+
+systemd_status_all_unit_files(docker_t)
+systemd_start_systemd_services(docker_t)
+
+userdom_stream_connect(docker_t)
+userdom_search_user_home_content(docker_t)
+userdom_read_all_users_state(docker_t)
+userdom_relabel_user_home_files(docker_t)
+userdom_relabel_user_tmp_files(docker_t)
+userdom_relabel_user_tmp_dirs(docker_t)
+
+optional_policy(`
+	gpm_getattr_gpmctl(docker_t)
+')
+
+optional_policy(`
+	dbus_system_bus_client(docker_t)
+	init_dbus_chat(docker_t)
+	init_start_transient_unit(docker_t)
+
+	optional_policy(`
+		systemd_dbus_chat_logind(docker_t)
+	')
+
+	optional_policy(`
+		firewalld_dbus_chat(docker_t)
+	')
+')
+
+optional_policy(`
+	udev_read_db(docker_t)
+')
+
+optional_policy(`
+	virt_read_config(docker_t)
+	virt_exec(docker_t)
+	virt_stream_connect(docker_t)
+	virt_stream_connect_sandbox(docker_t)
+	virt_exec_sandbox_files(docker_t)
+	virt_manage_sandbox_files(docker_t)
+	virt_relabel_sandbox_filesystem(docker_t)
+	virt_transition_svirt_sandbox(docker_t, system_r)
+	virt_mounton_sandbox_file(docker_t)
+#	virt_attach_sandbox_tun_iface(docker_t)
+	allow docker_t svirt_sandbox_domain:tun_socket relabelfrom;
+')
+
+tunable_policy(`docker_connect_any',`
+    corenet_tcp_connect_all_ports(docker_t)
+    corenet_sendrecv_all_packets(docker_t)
+    corenet_tcp_sendrecv_all_ports(docker_t)
+')
+
+########################################
+#
+# spc local policy
+#
+domain_entry_file(spc_t, docker_share_t)
+domain_entry_file(spc_t, docker_var_lib_t)
+role system_r types spc_t;
+
+domain_entry_file(spc_t, docker_share_t)
+domain_entry_file(spc_t, docker_var_lib_t)
+domtrans_pattern(docker_t, docker_share_t, spc_t)
+domtrans_pattern(docker_t, docker_var_lib_t, spc_t)
+allow docker_t spc_t:process { setsched signal_perms };
+ps_process_pattern(docker_t, spc_t)
+allow docker_t spc_t:socket_class_set { relabelto relabelfrom };
+
+optional_policy(`
+	dbus_chat_system_bus(spc_t)
+')
+
+optional_policy(`
+	unconfined_domain_noaudit(spc_t)
+')
+
+optional_policy(`
+	unconfined_domain(docker_t)
+')
+
+optional_policy(`
+	virt_transition_svirt_sandbox(spc_t, system_r)
+')
+
+########################################
+#
+# docker upstream policy
+#
+
+optional_policy(`
+#    domain_stub_named_filetrans_domain()
+     gen_require(`
+        attribute named_filetrans_domain;
+     ')
+
+      docker_filetrans_named_content(named_filetrans_domain)
+')
+
+optional_policy(`
+    lvm_stub()
+    docker_rw_sem(lvm_t)
+')
+
+optional_policy(`
+    staff_stub()
+    docker_stream_connect(staff_t)
+    docker_exec(staff_t)
+')
+
+optional_policy(`
+    virt_stub_svirt_sandbox_domain()
+    virt_stub_svirt_sandbox_file()
+    allow svirt_sandbox_domain self:netlink_kobject_uevent_socket create_socket_perms;
+    docker_read_share_files(svirt_sandbox_domain)
+    docker_lib_filetrans(svirt_sandbox_domain,svirt_sandbox_file_t, sock_file)
+    docker_use_ptys(svirt_sandbox_domain)
+    docker_spc_stream_connect(svirt_sandbox_domain)
+    fs_list_tmpfs(svirt_sandbox_domain)
+    fs_rw_hugetlbfs_files(svirt_sandbox_domain)
+    fs_dontaudit_remount_tmpfs(svirt_sandbox_domain)
+    dev_dontaudit_mounton_sysfs(svirt_sandbox_domain)
+
+    tunable_policy(`virt_sandbox_use_fusefs',`
+	fs_manage_fusefs_dirs(svirt_sandbox_domain)
+	fs_manage_fusefs_files(svirt_sandbox_domain)
+	fs_manage_fusefs_symlinks(svirt_sandbox_domain)
+    ')
+     gen_require(`
+        attribute domain;
+     ')
+
+     dontaudit svirt_sandbox_domain domain:key {search link};
+')
+
+optional_policy(`
+	gen_require(`
+		type pcp_pmcd_t;
+	')
+	docker_manage_lib_files(pcp_pmcd_t)
+')
diff --git a/contrib/docker-engine-selinux/docker_selinux.8.gz b/contrib/docker-engine-selinux/docker_selinux.8.gz
new file mode 100644
index 0000000000000000000000000000000000000000..ab5d59445ac1601ca378aaa3e71fb9cff43a1592
GIT binary patch
literal 2847
zcmV+)3*hu0iwFo7v)okz17vSwYh`j@b7gF4ZgqGrH~__3TaVke5`I4V6@*`!6l=S|
zL4lsU6wa>G7)ZQ6Yo}<61q526ZDJ)-B`NQ^I6wZ(@S=+?ue_UwK6D$4GsAB#9L|h1
zT74p9kjmtNshEi^7cAB+<Dz^Tz``&1=iSf4pZ-1k=|6)&2>)14KO+rU$c!fk;-5#O
z<tH+jPrghCQKw9DKO{?*l!}`JnTj112}?;!)J7^|cFc<;g^~%=nrSEdX1ct-n=Mwe
z+xZ}hf~et<D2>mV?vz9JoRUq(p7=UrB&Q;!Mydm$39gew3ZrB;ilS8)GkXHjhLJ~Z
zb`9~dA;BW%P_PmCCQFh~L6RLy9thu%13cK#JwqnV8WL401Q%PfK6v5y10~;YJ{0<X
zvj9jr!mRg%mHXkJxb#;^Grr+W0p5>bIQB&IB4h8PX!L;;nhe>W<bPzVSWy9uB4^3z
ze0BG2aXXu@mV>6UN2*vY){HP=m;wW%^*n~)VL%-lM6=;wQLDcf$Tqah4DzZ&A-OQ5
zpk}9!d<;9LGN)V+s;qrrJ<H@H7y=X-ms*Y2T#OyD1;4nvy`C<YWc6(^T}A;eYzLvH
zgKaGmP2M=!`mNoS(PUQ<1k+1lchv`NSRRcQizv8HGY1Hxf;|}`H-uK~rEa*&J46<S
zqd4i^w_aFzKDM`V&y;X+S;rfqP8$*7!bDng>QSwpk3}bnLm)E<+bWW&HyOZUN+Z8!
zrYvwTu1*6Pt*!k*0iAMYb~43Bh141ajx6w1(;G*YMQ=Hqr`EP^4~)I(9~ggC#Eqs?
zD{L+egeI(L1_4dCa15BrIqU}t4{6QdV-7S)QIVWJI5#x+uY;!+G9tCH0HBZ%Sxi)C
z8$>lWY$<a^)}^s~On$#6Z|aZ|oMsR^IZy&%r?fUa%gB}qrl?`*$epMUx3{0ClX)GF
zwWpF&8=3RJDLQIRQ7s6Pj8Sa@HpTubIUKMNIdwEdo?<!6n%;(du(J+?D4-cxO9|p^
zXi?*0!KNH*J;94I1EkJ|PAm$5_z#;^xyA79&afI+9S)K8;moD7M+%1-gs04)MFnKU
z9fT08BF!d0DFjO_9UvmB>jj8Y28@j&axe-pr4r%%d53zgn1bWHS|f79H5xC)H0jgI
zs0uU)bj^^I3>RHe-bFS9yYM?pRYwLc4Vmq2<beaI){m*pUK~81f_oB!PEax@SxO56
z?njm3kMP-m60LO#h!ptcjGnYKyG+8h7z@~dn`9TmezBGK3Wc8&*Q+`DC8aEv!s`DB
zw<%^j#ccAyN8@wea$Ip*=0%JguX5IjkY^AxVb4#J0Ti%$E>q_6juX;@({ab1JGR{4
zfw)WDORWuVA|@%o>a>8w)TaS@706>x{ypfAMZF9;#_*bFSi{*fL({Pf9G43qVP2w%
zIefPU=Gn9DQa}6`GQB;xg;6xIw?0G;TbJ9dJ-0w6?P0F2$a6Y?)YuAX#LrY*3cta9
znbBSK62e9L9P1w1f-7Y@QM`a6_IzSR@_3V?)m{U-#s5;+q3R`&mIcd5CTWU?x6D`%
zV8;+6L+lw|cO#sY_EKF!`4838h8Nl%`!hOJ>#s0)&D)<2@%Y(r-jGtktqviMNwER^
z48UzB*EEZ@e$}nh;O;eIRpUakf#QQ=iR`XhC_rrG0lrx?CC@<(%RcL-uQ2I}h+fpL
z9caOv&z5Hp3f=+ka%(o(UvEx4okAy2e(WgrYB{7zbvTC@2yGVCyZlv<oBS1K>@2@b
z=9Ay1H{|2&^EC99RZZMk!DF%LI|5gCWOU6CMOBv8JxJALYABUav}-9d4&F+u4l=Z!
zt$tIpHaGSo&AtLQ{yMwy<-K68`LOBhW^!G%4q$9F$y%XFlC6?ufnD{##t<;$jUKy4
zmY|~YRRVg>(K3^a{nIz&(T{I`?WEsR6=!_ySm4JPevFGmrwyKZ;Z$C|CJP8Jt~=KX
zH>2s6DdEf<MABNsjvN<vj4HEc)O4~wzgoZzh<#n3`f&DY_2I`jQTd5L`y2u&9{qUq
zRO!UzMJEH81Jn5l%X!>(n*uUl@{rz-3Z5RXd1H00sjUle)ye1-ZW8H-mPzWaX2Z92
z2)V}{CiL_>nKMVNq%`CEQ5d3}lA>0PK!ac7>?t`f8d{Df`Sy8gn~~aa>{ftd?6kTc
zF|j|25>LYg?~WqBj^i1)>7ay0aXYDvzLZeVoOJ<)sByEh<EI<l@x1e(_Bp3ByxrO`
z$vE_#oe}6Ly22=|X!w6?Lv+5|#&e)SRobG_d#+5Zp@LY;rx^2OQ%}fkPH~&&I&^Zk
zWg5Gtxm!0+Gp71sXz8R%J5}r=9Ii1YJ9aLGzb&fSCSE+``gXpW{;{gZF@D0LN!8lg
z)DBk<dooO<czYOV_19S7+4cc%SzpUlgU#OQpr!2{4QAgr8mup~e|kV@|9}^!|NT1q
zee!uazn+qt+1>Pdb$d6PF5P+?nTA#c=PA@scfsdyQ}Y5_8NS&t1%dCZ80_lCjU~9q
zjg5~^n4io*sRMU<sF-A#rBD<+SaaDOeFqAgqH2x3Dt60>j<t<BPK3jpGK}CsRssdL
zabW}Tw5J&p3BE@t3b1Vh0F-R5fC!s&uW~~Vt@gNky}5%Ox{P+=<1xGs7O%i<f}Mtx
z3{S0tyNnxoAM*jTpn#7I@5pf9rfGO}xth#xCU-ZjBNd%Y+^aLv_E>w&e-&PXRHliX
zY20}XrJnZnS;I@=y@9J_Lt)mmQkSDND_Fue2MBz)TLn7JCJNW?r(tTxn%2Mxv7ZB5
zT8-6m%Jsu2I&X4wlF-Qy)}Z;JzP3%3&VP8`3&%{68=F@ZwA>hn8)wGbGNbs`rvO<x
zv;o@d?KQ9y;hdVJanO9`h(<HAI#XSrAMd+%zy-*0U1GZce8*>w+<HuDH)(~0&1-nL
zs&LYnZo)j-@<E4dlPDgfD=<O{NzEsew0W?gHfm&rPRQ=HRX<=ycMdKUnp;Hn8o_|H
zO}R_a$M3hgf%qD&7l@<l2I3BqH<e@OuFZ4F9(nr=;tRlD9FFd#{zESBwo`Y7inE4z
z2I2NHfEUD<O~p-k+uoq^g>Ii6L#f+~(-Xebl9tVa4Q=RZL4J-Fm?7Us&zIL%<a}v;
zy4F!vUqWO{>JG!WlDgL{mh6HshYGQfieib=4EQndS1#f<%XMS1_3R~RknrMThpB*A
zCYMWHDccRA1lxy7yBA1<_@xnpti)d@-AL;Gr58s<`kYA`A6_^qr^Q>}F{(R=iy*ms
z_mz-vzy~*6=s#M}x=+}dR_%&(wP_tsZHrdF6ek~>)suhy9Ri#~Hp*p+-+449V#y8*
z2Vd{B>(20^n+gC1%*l?5Ejz8!n$?sqc{{6|sNQ9TW$Yu)$1I|Q6&gyDs=UJFgs-`Q
z0ehv#<~$8HY8O8d4mOJ-J2c8J|4Myuef#ALRG`bj8C+l}nrYeoSfF~{9fp7{rG2HY
zM<;c3{cS*>;P9>+Vg|o4pzX0HSg7$y!pS!7-9zUVZUj6|-4GUXvo>%SjTOt~zIt=-
z-(4J4q<(_iha62Dz7?pde3zq!?w%O>PqiXYgOcCA&On092;Ebjh1w>3&(N6b`qqva
z<BV(lH~G5ybbA-spaBqYu|gpaU>_kj(bC9a^$msVm=VkX>UOUv6-Ye@!LXc8$>j6$
xb`W`pZ+>}u<<GSJXE28SQ3sg)X^+dBcb3Y@hsV)XJ=4aY{|A)3lDQ5i005DdZwCMX

literal 0
HcmV?d00001

diff --git a/contrib/dockerize-disk.sh b/contrib/dockerize-disk.sh
new file mode 100755
index 00000000..444e243a
--- /dev/null
+++ b/contrib/dockerize-disk.sh
@@ -0,0 +1,118 @@
+#!/usr/bin/env bash
+set -e
+
+if ! command -v qemu-nbd &> /dev/null; then
+  echo >&2 'error: "qemu-nbd" not found!'
+  exit 1
+fi
+
+usage() {
+  echo "Convert disk image to docker image"
+  echo ""
+  echo "usage: $0 image-name disk-image-file [ base-image ]"
+  echo "   ie: $0 cirros:0.3.3 cirros-0.3.3-x86_64-disk.img"
+  echo "       $0 ubuntu:cloud ubuntu-14.04-server-cloudimg-amd64-disk1.img ubuntu:14.04"
+}
+
+if [ "$#" -lt 2 ]; then
+  usage
+  exit 1
+fi
+
+CURDIR=$(pwd)
+
+image_name="${1%:*}"
+image_tag="${1#*:}"
+if [ "$image_tag" == "$1" ]; then
+  image_tag="latest"
+fi
+
+disk_image_file="$2"
+docker_base_image="$3"
+
+block_device=/dev/nbd0
+
+builddir=$(mktemp -d)
+
+cleanup() {
+  umount "$builddir/disk_image" || true
+  umount "$builddir/workdir" || true
+  qemu-nbd -d $block_device &> /dev/null || true
+  rm -rf $builddir
+}
+trap cleanup EXIT
+
+# Mount disk image
+modprobe nbd max_part=63
+qemu-nbd -rc ${block_device} -P 1 "$disk_image_file"
+mkdir "$builddir/disk_image"
+mount -o ro ${block_device} "$builddir/disk_image"
+
+mkdir "$builddir/workdir"
+mkdir "$builddir/diff"
+
+base_image_mounts=""
+
+# Unpack base image
+if [ -n "$docker_base_image" ]; then
+  mkdir -p "$builddir/base"
+  docker pull "$docker_base_image"
+  docker save "$docker_base_image" | tar -xC "$builddir/base"
+
+  image_id=$(docker inspect -f "{{.Id}}" "$docker_base_image")
+  while [ -n "$image_id" ]; do
+    mkdir -p "$builddir/base/$image_id/layer"
+    tar -xf "$builddir/base/$image_id/layer.tar" -C "$builddir/base/$image_id/layer"
+
+    base_image_mounts="${base_image_mounts}:$builddir/base/$image_id/layer=ro+wh"
+    image_id=$(docker inspect -f "{{.Parent}}" "$image_id")
+  done
+fi
+
+# Mount work directory
+mount -t aufs -o "br=$builddir/diff=rw${base_image_mounts},dio,xino=/dev/shm/aufs.xino" none "$builddir/workdir"
+
+# Update files
+cd $builddir
+LC_ALL=C diff -rq disk_image workdir \
+  | sed -re "s|Only in workdir(.*?): |DEL \1/|g;s|Only in disk_image(.*?): |ADD \1/|g;s|Files disk_image/(.+) and workdir/(.+) differ|UPDATE /\1|g" \
+  | while read action entry; do
+      case "$action" in
+        ADD|UPDATE)
+          cp -a "disk_image$entry" "workdir$entry"
+          ;;
+        DEL)
+          rm -rf "workdir$entry"
+          ;;
+        *)
+          echo "Error: unknown diff line: $action $entry" >&2
+          ;;
+      esac
+    done
+
+# Pack new image
+new_image_id="$(for i in $(seq 1 32); do printf "%02x" $(($RANDOM % 256)); done)"
+mkdir -p $builddir/result/$new_image_id
+cd diff
+tar -cf $builddir/result/$new_image_id/layer.tar *
+echo "1.0" > $builddir/result/$new_image_id/VERSION
+cat > $builddir/result/$new_image_id/json <<-EOS
+{ "docker_version": "1.4.1"
+, "id": "$new_image_id"
+, "created": "$(date -u +%Y-%m-%dT%H:%M:%S.%NZ)"
+EOS
+
+if [ -n "$docker_base_image" ]; then
+  image_id=$(docker inspect -f "{{.Id}}" "$docker_base_image")
+  echo ", \"parent\": \"$image_id\"" >> $builddir/result/$new_image_id/json
+fi
+
+echo "}" >> $builddir/result/$new_image_id/json
+
+echo "{\"$image_name\":{\"$image_tag\":\"$new_image_id\"}}" > $builddir/result/repositories
+
+cd $builddir/result
+
+# mkdir -p $CURDIR/$image_name
+# cp -r * $CURDIR/$image_name
+tar -c * | docker load
diff --git a/contrib/download-frozen-image-v1.sh b/contrib/download-frozen-image-v1.sh
new file mode 100755
index 00000000..29d7ff59
--- /dev/null
+++ b/contrib/download-frozen-image-v1.sh
@@ -0,0 +1,108 @@
+#!/bin/bash
+set -e
+
+# hello-world                      latest              ef872312fe1b        3 months ago        910 B
+# hello-world                      latest              ef872312fe1bbc5e05aae626791a47ee9b032efa8f3bda39cc0be7b56bfe59b9   3 months ago        910 B
+
+# debian                           latest              f6fab3b798be        10 weeks ago        85.1 MB
+# debian                           latest              f6fab3b798be3174f45aa1eb731f8182705555f89c9026d8c1ef230cbf8301dd   10 weeks ago        85.1 MB
+
+if ! command -v curl &> /dev/null; then
+	echo >&2 'error: "curl" not found!'
+	exit 1
+fi
+
+usage() {
+	echo "usage: $0 dir image[:tag][@image-id] ..."
+	echo "   ie: $0 /tmp/hello-world hello-world"
+	echo "       $0 /tmp/debian-jessie debian:jessie"
+	echo "       $0 /tmp/old-hello-world hello-world@ef872312fe1bbc5e05aae626791a47ee9b032efa8f3bda39cc0be7b56bfe59b9"
+	echo "       $0 /tmp/old-debian debian:latest@f6fab3b798be3174f45aa1eb731f8182705555f89c9026d8c1ef230cbf8301dd"
+	[ -z "$1" ] || exit "$1"
+}
+
+dir="$1" # dir for building tar in
+shift || usage 1 >&2
+
+[ $# -gt 0 -a "$dir" ] || usage 2 >&2
+mkdir -p "$dir"
+
+# hacky workarounds for Bash 3 support (no associative arrays)
+images=()
+rm -f "$dir"/tags-*.tmp
+# repositories[busybox]='"latest": "...", "ubuntu-14.04": "..."'
+
+while [ $# -gt 0 ]; do
+	imageTag="$1"
+	shift
+	image="${imageTag%%[:@]*}"
+	tag="${imageTag#*:}"
+	imageId="${tag##*@}"
+	[ "$imageId" != "$tag" ] || imageId=
+	[ "$tag" != "$imageTag" ] || tag='latest'
+	tag="${tag%@*}"
+
+	imageFile="${image//\//_}" # "/" can't be in filenames :)
+
+	token="$(curl -sSL -o /dev/null -D- -H 'X-Docker-Token: true' "https://index.docker.io/v1/repositories/$image/images" | tr -d '\r' | awk -F ': *' '$1 == "X-Docker-Token" { print $2 }')"
+
+	if [ -z "$imageId" ]; then
+		imageId="$(curl -sSL -H "Authorization: Token $token" "https://registry-1.docker.io/v1/repositories/$image/tags/$tag")"
+		imageId="${imageId//\"/}"
+	fi
+
+	ancestryJson="$(curl -sSL -H "Authorization: Token $token" "https://registry-1.docker.io/v1/images/$imageId/ancestry")"
+	if [ "${ancestryJson:0:1}" != '[' ]; then
+		echo >&2 "error: /v1/images/$imageId/ancestry returned something unexpected:"
+		echo >&2 "  $ancestryJson"
+		exit 1
+	fi
+
+	IFS=','
+	ancestry=( ${ancestryJson//[\[\] \"]/} )
+	unset IFS
+
+	if [ -s "$dir/tags-$imageFile.tmp" ]; then
+		echo -n ', ' >> "$dir/tags-$imageFile.tmp"
+	else
+		images=( "${images[@]}" "$image" )
+	fi
+	echo -n '"'"$tag"'": "'"$imageId"'"' >> "$dir/tags-$imageFile.tmp"
+
+	echo "Downloading '$imageTag' (${#ancestry[@]} layers)..."
+	for imageId in "${ancestry[@]}"; do
+		mkdir -p "$dir/$imageId"
+		echo '1.0' > "$dir/$imageId/VERSION"
+
+		curl -sSL -H "Authorization: Token $token" "https://registry-1.docker.io/v1/images/$imageId/json" -o "$dir/$imageId/json"
+
+		# TODO figure out why "-C -" doesn't work here
+		# "curl: (33) HTTP server doesn't seem to support byte ranges. Cannot resume."
+		# "HTTP/1.1 416 Requested Range Not Satisfiable"
+		if [ -f "$dir/$imageId/layer.tar" ]; then
+			# TODO hackpatch for no -C support :'(
+			echo "skipping existing ${imageId:0:12}"
+			continue
+		fi
+		curl -SL --progress -H "Authorization: Token $token" "https://registry-1.docker.io/v1/images/$imageId/layer" -o "$dir/$imageId/layer.tar" # -C -
+	done
+	echo
+done
+
+echo -n '{' > "$dir/repositories"
+firstImage=1
+for image in "${images[@]}"; do
+	imageFile="${image//\//_}" # "/" can't be in filenames :)
+
+	[ "$firstImage" ] || echo -n ',' >> "$dir/repositories"
+	firstImage=
+	echo -n $'\n\t' >> "$dir/repositories"
+	echo -n '"'"$image"'": { '"$(cat "$dir/tags-$imageFile.tmp")"' }' >> "$dir/repositories"
+done
+echo -n $'\n}\n' >> "$dir/repositories"
+
+rm -f "$dir"/tags-*.tmp
+
+echo "Download of images into '$dir' complete."
+echo "Use something like the following to load the result into a Docker daemon:"
+echo "  tar -cC '$dir' . | docker load"
diff --git a/contrib/download-frozen-image-v2.sh b/contrib/download-frozen-image-v2.sh
new file mode 100755
index 00000000..111e3fa2
--- /dev/null
+++ b/contrib/download-frozen-image-v2.sh
@@ -0,0 +1,121 @@
+#!/bin/bash
+set -e
+
+# hello-world                      latest              ef872312fe1b        3 months ago        910 B
+# hello-world                      latest              ef872312fe1bbc5e05aae626791a47ee9b032efa8f3bda39cc0be7b56bfe59b9   3 months ago        910 B
+
+# debian                           latest              f6fab3b798be        10 weeks ago        85.1 MB
+# debian                           latest              f6fab3b798be3174f45aa1eb731f8182705555f89c9026d8c1ef230cbf8301dd   10 weeks ago        85.1 MB
+
+if ! command -v curl &> /dev/null; then
+	echo >&2 'error: "curl" not found!'
+	exit 1
+fi
+
+usage() {
+	echo "usage: $0 dir image[:tag][@digest] ..."
+	echo "       $0 /tmp/old-hello-world hello-world:latest@sha256:8be990ef2aeb16dbcb9271ddfe2610fa6658d13f6dfb8bc72074cc1ca36966a7"
+	[ -z "$1" ] || exit "$1"
+}
+
+dir="$1" # dir for building tar in
+shift || usage 1 >&2
+
+[ $# -gt 0 -a "$dir" ] || usage 2 >&2
+mkdir -p "$dir"
+
+# hacky workarounds for Bash 3 support (no associative arrays)
+images=()
+rm -f "$dir"/tags-*.tmp
+# repositories[busybox]='"latest": "...", "ubuntu-14.04": "..."'
+
+while [ $# -gt 0 ]; do
+	imageTag="$1"
+	shift
+	image="${imageTag%%[:@]*}"
+	imageTag="${imageTag#*:}"
+	digest="${imageTag##*@}"
+	tag="${imageTag%%@*}"
+
+	# add prefix library if passed official image
+	if [[ "$image" != *"/"* ]]; then
+		image="library/$image"
+	fi
+
+	imageFile="${image//\//_}" # "/" can't be in filenames :)
+
+	token="$(curl -sSL "https://auth.docker.io/token?service=registry.docker.io&scope=repository:$image:pull" | jq --raw-output .token)"
+
+	manifestJson="$(curl -sSL -H "Authorization: Bearer $token" "https://registry-1.docker.io/v2/$image/manifests/$digest")"
+	if [ "${manifestJson:0:1}" != '{' ]; then
+		echo >&2 "error: /v2/$image/manifests/$digest returned something unexpected:"
+		echo >&2 "  $manifestJson"
+		exit 1
+	fi
+
+	layersFs=$(echo "$manifestJson" | jq --raw-output '.fsLayers | .[] | .blobSum')
+
+	IFS=$'\n'
+	# bash v4 on Windows CI requires CRLF separator
+	if [ "$(go env GOHOSTOS)" = 'windows' ]; then
+		major=$(echo ${BASH_VERSION%%[^0.9]} | cut -d. -f1)
+		if [ "$major" -ge 4 ]; then
+			IFS=$'\r\n'
+		fi
+	fi
+	layers=( ${layersFs} )
+	unset IFS
+
+	history=$(echo "$manifestJson" | jq '.history | [.[] | .v1Compatibility]')
+	imageId=$(echo "$history" | jq --raw-output .[0] | jq --raw-output .id)
+
+	if [ -s "$dir/tags-$imageFile.tmp" ]; then
+		echo -n ', ' >> "$dir/tags-$imageFile.tmp"
+	else
+		images=( "${images[@]}" "$image" )
+	fi
+	echo -n '"'"$tag"'": "'"$imageId"'"' >> "$dir/tags-$imageFile.tmp"
+
+	echo "Downloading '${image}:${tag}@${digest}' (${#layers[@]} layers)..."
+	for i in "${!layers[@]}"; do
+		imageJson=$(echo "$history" | jq --raw-output .[${i}])
+		imageId=$(echo "$imageJson" | jq --raw-output .id)
+		imageLayer=${layers[$i]}
+
+		mkdir -p "$dir/$imageId"
+		echo '1.0' > "$dir/$imageId/VERSION"
+
+		echo "$imageJson" > "$dir/$imageId/json"
+
+		# TODO figure out why "-C -" doesn't work here
+		# "curl: (33) HTTP server doesn't seem to support byte ranges. Cannot resume."
+		# "HTTP/1.1 416 Requested Range Not Satisfiable"
+		if [ -f "$dir/$imageId/layer.tar" ]; then
+			# TODO hackpatch for no -C support :'(
+			echo "skipping existing ${imageId:0:12}"
+			continue
+		fi
+		token="$(curl -sSL "https://auth.docker.io/token?service=registry.docker.io&scope=repository:$image:pull" | jq --raw-output .token)"
+		curl -SL --progress -H "Authorization: Bearer $token" "https://registry-1.docker.io/v2/$image/blobs/$imageLayer" -o "$dir/$imageId/layer.tar" # -C -
+	done
+	echo
+done
+
+echo -n '{' > "$dir/repositories"
+firstImage=1
+for image in "${images[@]}"; do
+	imageFile="${image//\//_}" # "/" can't be in filenames :)
+	image="${image#library\/}"
+
+	[ "$firstImage" ] || echo -n ',' >> "$dir/repositories"
+	firstImage=
+	echo -n $'\n\t' >> "$dir/repositories"
+	echo -n '"'"$image"'": { '"$(cat "$dir/tags-$imageFile.tmp")"' }' >> "$dir/repositories"
+done
+echo -n $'\n}\n' >> "$dir/repositories"
+
+rm -f "$dir"/tags-*.tmp
+
+echo "Download of images into '$dir' complete."
+echo "Use something like the following to load the result into a Docker daemon:"
+echo "  tar -cC '$dir' . | docker load"
diff --git a/contrib/httpserver/Dockerfile b/contrib/httpserver/Dockerfile
new file mode 100644
index 00000000..747dc91b
--- /dev/null
+++ b/contrib/httpserver/Dockerfile
@@ -0,0 +1,4 @@
+FROM busybox
+EXPOSE 80/tcp
+COPY httpserver .
+CMD ["./httpserver"]
diff --git a/contrib/httpserver/server.go b/contrib/httpserver/server.go
new file mode 100644
index 00000000..a75d5abb
--- /dev/null
+++ b/contrib/httpserver/server.go
@@ -0,0 +1,12 @@
+package main
+
+import (
+	"log"
+	"net/http"
+)
+
+func main() {
+	fs := http.FileServer(http.Dir("/static"))
+	http.Handle("/", fs)
+	log.Panic(http.ListenAndServe(":80", nil))
+}
diff --git a/contrib/init/openrc/docker.confd b/contrib/init/openrc/docker.confd
new file mode 100644
index 00000000..ae247c00
--- /dev/null
+++ b/contrib/init/openrc/docker.confd
@@ -0,0 +1,13 @@
+# /etc/conf.d/docker: config file for /etc/init.d/docker
+
+# where the docker daemon output gets piped
+#DOCKER_LOGFILE="/var/log/docker.log"
+
+# where docker's pid get stored
+#DOCKER_PIDFILE="/run/docker.pid"
+
+# where the docker daemon itself is run from
+#DOCKER_BINARY="/usr/bin/docker"
+
+# any other random options you want to pass to docker
+DOCKER_OPTS=""
diff --git a/contrib/init/openrc/docker.initd b/contrib/init/openrc/docker.initd
new file mode 100644
index 00000000..ea8a3b22
--- /dev/null
+++ b/contrib/init/openrc/docker.initd
@@ -0,0 +1,19 @@
+#!/sbin/openrc-run
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+command="${DOCKER_BINARY:-/usr/bin/docker}"
+pidfile="${DOCKER_PIDFILE:-/run/${RC_SVCNAME}.pid}"
+command_args="daemon -p \"${pidfile}\" ${DOCKER_OPTS}"
+DOCKER_LOGFILE="${DOCKER_LOGFILE:-/var/log/${RC_SVCNAME}.log}"
+start_stop_daemon_args="--background \
+	--stderr \"${DOCKER_LOGFILE}\" --stdout \"${DOCKER_LOGFILE}\""
+
+start_pre() {
+	checkpath -f -m 0644 -o root:docker "$DOCKER_LOGFILE"
+
+	ulimit -n 1048576
+	ulimit -u 1048576
+
+	return 0
+}
diff --git a/contrib/init/systemd/REVIEWERS b/contrib/init/systemd/REVIEWERS
new file mode 100644
index 00000000..b9ba55b3
--- /dev/null
+++ b/contrib/init/systemd/REVIEWERS
@@ -0,0 +1,3 @@
+Lokesh Mandvekar <lsm5@fedoraproject.org> (@lsm5)
+Brandon Philips <brandon.philips@coreos.com> (@philips)
+Jessie Frazelle <jess@docker.com> (@jfrazelle)
diff --git a/contrib/init/systemd/docker.service b/contrib/init/systemd/docker.service
new file mode 100644
index 00000000..75cb68c8
--- /dev/null
+++ b/contrib/init/systemd/docker.service
@@ -0,0 +1,22 @@
+[Unit]
+Description=Docker Application Container Engine
+Documentation=https://docs.docker.com
+After=network.target docker.socket
+Requires=docker.socket
+
+[Service]
+Type=notify
+# the default is not to use systemd for cgroups because the delegate issues still
+# exists and systemd currently does not support the cgroup feature set required
+# for containers run by docker
+ExecStart=/usr/bin/docker daemon -H fd://
+MountFlags=slave
+LimitNOFILE=1048576
+LimitNPROC=1048576
+LimitCORE=infinity
+TimeoutStartSec=0
+# set delegate yes so that systemd does not reset the cgroups of docker containers
+Delegate=yes
+
+[Install]
+WantedBy=multi-user.target
diff --git a/contrib/init/systemd/docker.socket b/contrib/init/systemd/docker.socket
new file mode 100644
index 00000000..7dd95098
--- /dev/null
+++ b/contrib/init/systemd/docker.socket
@@ -0,0 +1,12 @@
+[Unit]
+Description=Docker Socket for the API
+PartOf=docker.service
+
+[Socket]
+ListenStream=/var/run/docker.sock
+SocketMode=0660
+SocketUser=root
+SocketGroup=docker
+
+[Install]
+WantedBy=sockets.target
diff --git a/contrib/init/sysvinit-debian/docker b/contrib/init/sysvinit-debian/docker
new file mode 100755
index 00000000..fc4b05b3
--- /dev/null
+++ b/contrib/init/sysvinit-debian/docker
@@ -0,0 +1,149 @@
+#!/bin/sh
+set -e
+
+### BEGIN INIT INFO
+# Provides:           docker
+# Required-Start:     $syslog $remote_fs
+# Required-Stop:      $syslog $remote_fs
+# Should-Start:       cgroupfs-mount cgroup-lite
+# Should-Stop:        cgroupfs-mount cgroup-lite
+# Default-Start:      2 3 4 5
+# Default-Stop:       0 1 6
+# Short-Description:  Create lightweight, portable, self-sufficient containers.
+# Description:
+#  Docker is an open-source project to easily create lightweight, portable,
+#  self-sufficient containers from any application. The same container that a
+#  developer builds and tests on a laptop can run at scale, in production, on
+#  VMs, bare metal, OpenStack clusters, public clouds and more.
+### END INIT INFO
+
+export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
+
+BASE=docker
+
+# modify these in /etc/default/$BASE (/etc/default/docker)
+DOCKER=/usr/bin/$BASE
+# This is the pid file managed by docker itself
+DOCKER_PIDFILE=/var/run/$BASE.pid
+# This is the pid file created/managed by start-stop-daemon
+DOCKER_SSD_PIDFILE=/var/run/$BASE-ssd.pid
+DOCKER_LOGFILE=/var/log/$BASE.log
+DOCKER_OPTS=
+DOCKER_DESC="Docker"
+
+# Get lsb functions
+. /lib/lsb/init-functions
+
+if [ -f /etc/default/$BASE ]; then
+	. /etc/default/$BASE
+fi
+
+# Check docker is present
+if [ ! -x $DOCKER ]; then
+	log_failure_msg "$DOCKER not present or not executable"
+	exit 1
+fi
+
+check_init() {
+	 # see also init_is_upstart in /lib/lsb/init-functions (which isn't available in Ubuntu 12.04, or we'd use it directly)
+	 if [ -x /sbin/initctl ] && /sbin/initctl version 2>/dev/null | grep -q upstart; then        
+                log_failure_msg "$DOCKER_DESC is managed via upstart, try using service $BASE $1"
+                exit 1
+         fi
+}
+
+fail_unless_root() {
+	if [ "$(id -u)" != '0' ]; then
+		log_failure_msg "$DOCKER_DESC must be run as root"
+		exit 1
+	fi
+}
+
+cgroupfs_mount() {
+	# see also https://github.com/tianon/cgroupfs-mount/blob/master/cgroupfs-mount
+	if grep -v '^#' /etc/fstab | grep -q cgroup \
+		|| [ ! -e /proc/cgroups ] \
+		|| [ ! -d /sys/fs/cgroup ]; then
+		return
+	fi
+	if ! mountpoint -q /sys/fs/cgroup; then
+		mount -t tmpfs -o uid=0,gid=0,mode=0755 cgroup /sys/fs/cgroup
+	fi
+	(
+		cd /sys/fs/cgroup
+		for sys in $(awk '!/^#/ { if ($4 == 1) print $1 }' /proc/cgroups); do
+			mkdir -p $sys
+			if ! mountpoint -q $sys; then
+				if ! mount -n -t cgroup -o $sys cgroup $sys; then
+					rmdir $sys || true
+				fi
+			fi
+		done
+	)
+}
+
+case "$1" in
+	start)
+		check_init
+		
+		fail_unless_root
+
+		cgroupfs_mount
+
+		touch "$DOCKER_LOGFILE"
+		chgrp docker "$DOCKER_LOGFILE"
+
+		ulimit -n 1048576
+		if [ "$BASH" ]; then
+			ulimit -u 1048576
+		else
+			ulimit -p 1048576
+		fi
+
+		log_begin_msg "Starting $DOCKER_DESC: $BASE"
+		start-stop-daemon --start --background \
+			--no-close \
+			--exec "$DOCKER" \
+			--pidfile "$DOCKER_SSD_PIDFILE" \
+			--make-pidfile \
+			-- \
+				daemon -p "$DOCKER_PIDFILE" \
+				$DOCKER_OPTS \
+					>> "$DOCKER_LOGFILE" 2>&1
+		log_end_msg $?
+		;;
+
+	stop)
+		check_init
+		fail_unless_root
+		log_begin_msg "Stopping $DOCKER_DESC: $BASE"
+		start-stop-daemon --stop --pidfile "$DOCKER_SSD_PIDFILE" --retry 10
+		log_end_msg $?
+		;;
+
+	restart)
+		check_init
+		fail_unless_root
+		docker_pid=`cat "$DOCKER_SSD_PIDFILE" 2>/dev/null`
+		[ -n "$docker_pid" ] \
+			&& ps -p $docker_pid > /dev/null 2>&1 \
+			&& $0 stop
+		$0 start
+		;;
+
+	force-reload)
+		check_init
+		fail_unless_root
+		$0 restart
+		;;
+
+	status)
+		check_init
+		status_of_proc -p "$DOCKER_SSD_PIDFILE" "$DOCKER" "$DOCKER_DESC"
+		;;
+
+	*)
+		echo "Usage: service docker {start|stop|restart|status}"
+		exit 1
+		;;
+esac
diff --git a/contrib/init/sysvinit-debian/docker.default b/contrib/init/sysvinit-debian/docker.default
new file mode 100644
index 00000000..da23c57c
--- /dev/null
+++ b/contrib/init/sysvinit-debian/docker.default
@@ -0,0 +1,20 @@
+# Docker Upstart and SysVinit configuration file
+
+#
+# THIS FILE DOES NOT APPLY TO SYSTEMD
+#
+#   Please see the documentation for "systemd drop-ins":
+#   https://docs.docker.com/engine/articles/systemd/
+#
+
+# Customize location of Docker binary (especially for development testing).
+#DOCKER="/usr/local/bin/docker"
+
+# Use DOCKER_OPTS to modify the daemon startup options.
+#DOCKER_OPTS="--dns 8.8.8.8 --dns 8.8.4.4"
+
+# If you need Docker to use an HTTP proxy, it can also be specified here.
+#export http_proxy="http://127.0.0.1:3128/"
+
+# This is also a handy place to tweak where Docker's temporary files go.
+#export TMPDIR="/mnt/bigdrive/docker-tmp"
diff --git a/contrib/init/sysvinit-redhat/docker b/contrib/init/sysvinit-redhat/docker
new file mode 100755
index 00000000..3f88bb52
--- /dev/null
+++ b/contrib/init/sysvinit-redhat/docker
@@ -0,0 +1,153 @@
+#!/bin/sh
+#
+#       /etc/rc.d/init.d/docker
+#
+#       Daemon for docker.com
+#
+# chkconfig:   2345 95 95
+# description: Daemon for docker.com
+
+### BEGIN INIT INFO
+# Provides:       docker
+# Required-Start: $network cgconfig
+# Required-Stop:
+# Should-Start:
+# Should-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop:  0 1 6
+# Short-Description: start and stop docker
+# Description: Daemon for docker.com
+### END INIT INFO
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+prog="docker"
+unshare=/usr/bin/unshare
+exec="/usr/bin/$prog"
+pidfile="/var/run/$prog.pid"
+lockfile="/var/lock/subsys/$prog"
+logfile="/var/log/$prog"
+
+[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
+
+prestart() {
+    service cgconfig status > /dev/null
+
+    if [[ $? != 0 ]]; then
+        service cgconfig start
+    fi
+
+}
+
+start() {
+    if [ ! -x $exec ]; then
+      if [ ! -e $exec ]; then
+        echo "Docker executable $exec not found"
+      else
+        echo "You do not have permission to execute the Docker executable $exec"
+      fi	      
+      exit 5
+    fi
+
+    check_for_cleanup
+
+    if ! [ -f $pidfile ]; then
+        prestart
+        printf "Starting $prog:\t"
+        echo "\n$(date)\n" >> $logfile
+        "$unshare" -m -- $exec daemon $other_args >> $logfile 2>&1 &
+        pid=$!
+        touch $lockfile
+        # wait up to 10 seconds for the pidfile to exist.  see
+        # https://github.com/docker/docker/issues/5359
+        tries=0
+        while [ ! -f $pidfile -a $tries -lt 10 ]; do
+            sleep 1
+            tries=$((tries + 1))
+            echo -n '.'
+        done
+        if [ ! -f $pidfile ]; then
+          failure
+          echo
+          exit 1
+        fi
+        success
+        echo
+    else
+        failure
+        echo
+        printf "$pidfile still exists...\n"
+        exit 7
+    fi
+}
+
+stop() {
+    echo -n $"Stopping $prog: "
+    killproc -p $pidfile -d 300 $prog
+    retval=$?
+    echo
+    [ $retval -eq 0 ] && rm -f $lockfile
+    return $retval
+}
+
+restart() {
+    stop
+    start
+}
+
+reload() {
+    restart
+}
+
+force_reload() {
+    restart
+}
+
+rh_status() {
+    status -p $pidfile $prog
+}
+
+rh_status_q() {
+    rh_status >/dev/null 2>&1
+}
+
+
+check_for_cleanup() {
+    if [ -f ${pidfile} ]; then
+        /bin/ps -fp $(cat ${pidfile}) > /dev/null || rm ${pidfile}
+    fi
+}
+
+case "$1" in
+    start)
+        rh_status_q && exit 0
+        $1
+        ;;
+    stop)
+        rh_status_q || exit 0
+        $1
+        ;;
+    restart)
+        $1
+        ;;
+    reload)
+        rh_status_q || exit 7
+        $1
+        ;;
+    force-reload)
+        force_reload
+        ;;
+    status)
+        rh_status
+        ;;
+    condrestart|try-restart)
+        rh_status_q || exit 0
+        restart
+        ;;
+    *)
+        echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
+        exit 2
+esac
+
+exit $?
diff --git a/contrib/init/sysvinit-redhat/docker.sysconfig b/contrib/init/sysvinit-redhat/docker.sysconfig
new file mode 100644
index 00000000..0864b3d7
--- /dev/null
+++ b/contrib/init/sysvinit-redhat/docker.sysconfig
@@ -0,0 +1,7 @@
+# /etc/sysconfig/docker
+#
+# Other arguments to pass to the docker daemon process
+# These will be parsed by the sysv initscript and appended
+# to the arguments list passed to docker daemon
+
+other_args=""
diff --git a/contrib/init/upstart/REVIEWERS b/contrib/init/upstart/REVIEWERS
new file mode 100644
index 00000000..03ee2dde
--- /dev/null
+++ b/contrib/init/upstart/REVIEWERS
@@ -0,0 +1,2 @@
+Tianon Gravi <admwiggin@gmail.com> (@tianon)
+Jessie Frazelle <jess@docker.com> (@jfrazelle)
diff --git a/contrib/init/upstart/docker.conf b/contrib/init/upstart/docker.conf
new file mode 100644
index 00000000..6cf02c56
--- /dev/null
+++ b/contrib/init/upstart/docker.conf
@@ -0,0 +1,68 @@
+description "Docker daemon"
+
+start on (filesystem and net-device-up IFACE!=lo)
+stop on runlevel [!2345]
+limit nofile 524288 1048576
+limit nproc 524288 1048576
+
+respawn
+
+kill timeout 20
+
+pre-start script
+	# see also https://github.com/tianon/cgroupfs-mount/blob/master/cgroupfs-mount
+	if grep -v '^#' /etc/fstab | grep -q cgroup \
+		|| [ ! -e /proc/cgroups ] \
+		|| [ ! -d /sys/fs/cgroup ]; then
+		exit 0
+	fi
+	if ! mountpoint -q /sys/fs/cgroup; then
+		mount -t tmpfs -o uid=0,gid=0,mode=0755 cgroup /sys/fs/cgroup
+	fi
+	(
+		cd /sys/fs/cgroup
+		for sys in $(awk '!/^#/ { if ($4 == 1) print $1 }' /proc/cgroups); do
+			mkdir -p $sys
+			if ! mountpoint -q $sys; then
+				if ! mount -n -t cgroup -o $sys cgroup $sys; then
+					rmdir $sys || true
+				fi
+			fi
+		done
+	)
+end script
+
+script
+	# modify these in /etc/default/$UPSTART_JOB (/etc/default/docker)
+	DOCKER=/usr/bin/$UPSTART_JOB
+	DOCKER_OPTS=
+	if [ -f /etc/default/$UPSTART_JOB ]; then
+		. /etc/default/$UPSTART_JOB
+	fi
+	exec "$DOCKER" daemon $DOCKER_OPTS --raw-logs
+end script
+
+# Don't emit "started" event until docker.sock is ready.
+# See https://github.com/docker/docker/issues/6647
+post-start script
+	DOCKER_OPTS=
+	DOCKER_SOCKET=
+	if [ -f /etc/default/$UPSTART_JOB ]; then
+		. /etc/default/$UPSTART_JOB
+	fi
+
+	if ! printf "%s" "$DOCKER_OPTS" | grep -qE -e '-H|--host'; then
+		DOCKER_SOCKET=/var/run/docker.sock
+	else
+		DOCKER_SOCKET=$(printf "%s" "$DOCKER_OPTS" | grep -oP -e '(-H|--host)\W*unix://\K(\S+)')
+	fi
+
+	if [ -n "$DOCKER_SOCKET" ]; then
+		while ! [ -e "$DOCKER_SOCKET" ]; do
+			initctl status $UPSTART_JOB | grep -qE "(stop|respawn)/" && exit 1
+			echo "Waiting for $DOCKER_SOCKET"
+			sleep 0.1
+		done
+		echo "$DOCKER_SOCKET is up"
+	fi
+end script
diff --git a/contrib/mkimage-alpine.sh b/contrib/mkimage-alpine.sh
new file mode 100755
index 00000000..47cd35ce
--- /dev/null
+++ b/contrib/mkimage-alpine.sh
@@ -0,0 +1,87 @@
+#!/bin/sh
+
+set -e
+
+[ $(id -u) -eq 0 ] || {
+	printf >&2 '%s requires root\n' "$0"
+	exit 1
+}
+
+usage() {
+	printf >&2 '%s: [-r release] [-m mirror] [-s]  [-c additional repository]\n' "$0"
+	exit 1
+}
+
+tmp() {
+	TMP=$(mktemp -d ${TMPDIR:-/var/tmp}/alpine-docker-XXXXXXXXXX)
+	ROOTFS=$(mktemp -d ${TMPDIR:-/var/tmp}/alpine-docker-rootfs-XXXXXXXXXX)
+	trap "rm -rf $TMP $ROOTFS" EXIT TERM INT
+}
+
+apkv() {
+	curl -sSL $MAINREPO/$ARCH/APKINDEX.tar.gz | tar -Oxz |
+		grep --text '^P:apk-tools-static$' -A1 | tail -n1 | cut -d: -f2
+}
+
+getapk() {
+	curl -sSL $MAINREPO/$ARCH/apk-tools-static-$(apkv).apk |
+		tar -xz -C $TMP sbin/apk.static
+}
+
+mkbase() {
+	$TMP/sbin/apk.static --repository $MAINREPO --update-cache --allow-untrusted \
+		--root $ROOTFS --initdb add alpine-base
+}
+
+conf() {
+	printf '%s\n' $MAINREPO > $ROOTFS/etc/apk/repositories
+	printf '%s\n' $ADDITIONALREPO >> $ROOTFS/etc/apk/repositories
+}
+
+pack() {
+	local id
+	id=$(tar --numeric-owner -C $ROOTFS -c . | docker import - alpine:$REL)
+
+	docker tag $id alpine:latest
+	docker run -i -t --rm alpine printf 'alpine:%s with id=%s created!\n' $REL $id
+}
+
+save() {
+	[ $SAVE -eq 1 ] || return
+
+	tar --numeric-owner -C $ROOTFS -c . | xz > rootfs.tar.xz
+}
+
+while getopts "hr:m:s" opt; do
+	case $opt in
+		r)
+			REL=$OPTARG
+			;;
+		m)
+			MIRROR=$OPTARG
+			;;
+		s)
+			SAVE=1
+			;;
+		c)
+			ADDITIONALREPO=community
+			;;
+		*)
+			usage
+			;;
+	esac
+done
+
+REL=${REL:-edge}
+MIRROR=${MIRROR:-http://nl.alpinelinux.org/alpine}
+SAVE=${SAVE:-0}
+MAINREPO=$MIRROR/$REL/main
+ADDITIONALREPO=$MIRROR/$REL/community
+ARCH=${ARCH:-$(uname -m)}
+
+tmp
+getapk
+mkbase
+conf
+pack
+save
diff --git a/contrib/mkimage-arch-pacman.conf b/contrib/mkimage-arch-pacman.conf
new file mode 100644
index 00000000..45fe03dc
--- /dev/null
+++ b/contrib/mkimage-arch-pacman.conf
@@ -0,0 +1,92 @@
+#
+# /etc/pacman.conf
+#
+# See the pacman.conf(5) manpage for option and repository directives
+
+#
+# GENERAL OPTIONS
+#
+[options]
+# The following paths are commented out with their default values listed.
+# If you wish to use different paths, uncomment and update the paths.
+#RootDir     = /
+#DBPath      = /var/lib/pacman/
+#CacheDir    = /var/cache/pacman/pkg/
+#LogFile     = /var/log/pacman.log
+#GPGDir      = /etc/pacman.d/gnupg/
+HoldPkg     = pacman glibc
+#XferCommand = /usr/bin/curl -C - -f %u > %o
+#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
+#CleanMethod = KeepInstalled
+#UseDelta    = 0.7
+Architecture = auto
+
+# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup
+#IgnorePkg   =
+#IgnoreGroup =
+
+#NoUpgrade   =
+#NoExtract   =
+
+# Misc options
+#UseSyslog
+#Color
+#TotalDownload
+# We cannot check disk space from within a chroot environment
+#CheckSpace
+#VerbosePkgLists
+
+# By default, pacman accepts packages signed by keys that its local keyring
+# trusts (see pacman-key and its man page), as well as unsigned packages.
+SigLevel    = Required DatabaseOptional
+LocalFileSigLevel = Optional
+#RemoteFileSigLevel = Required
+
+# NOTE: You must run `pacman-key --init` before first using pacman; the local
+# keyring can then be populated with the keys of all official Arch Linux
+# packagers with `pacman-key --populate archlinux`.
+
+#
+# REPOSITORIES
+#   - can be defined here or included from another file
+#   - pacman will search repositories in the order defined here
+#   - local/custom mirrors can be added here or in separate files
+#   - repositories listed first will take precedence when packages
+#     have identical names, regardless of version number
+#   - URLs will have $repo replaced by the name of the current repo
+#   - URLs will have $arch replaced by the name of the architecture
+#
+# Repository entries are of the format:
+#       [repo-name]
+#       Server = ServerName
+#       Include = IncludePath
+#
+# The header [repo-name] is crucial - it must be present and
+# uncommented to enable the repo.
+#
+
+# The testing repositories are disabled by default. To enable, uncomment the
+# repo name header and Include lines. You can add preferred servers immediately
+# after the header, and they will be used before the default mirrors.
+
+#[testing]
+#Include = /etc/pacman.d/mirrorlist
+
+[core]
+Include = /etc/pacman.d/mirrorlist
+
+[extra]
+Include = /etc/pacman.d/mirrorlist
+
+#[community-testing]
+#Include = /etc/pacman.d/mirrorlist
+
+[community]
+Include = /etc/pacman.d/mirrorlist
+
+# An example of a custom package repository.  See the pacman manpage for
+# tips on creating your own repositories.
+#[custom]
+#SigLevel = Optional TrustAll
+#Server = file:///home/custompkgs
+
diff --git a/contrib/mkimage-arch.sh b/contrib/mkimage-arch.sh
new file mode 100755
index 00000000..793b21e3
--- /dev/null
+++ b/contrib/mkimage-arch.sh
@@ -0,0 +1,122 @@
+#!/usr/bin/env bash
+# Generate a minimal filesystem for archlinux and load it into the local
+# docker as "archlinux"
+# requires root
+set -e
+
+hash pacstrap &>/dev/null || {
+	echo "Could not find pacstrap. Run pacman -S arch-install-scripts"
+	exit 1
+}
+
+hash expect &>/dev/null || {
+	echo "Could not find expect. Run pacman -S expect"
+	exit 1
+}
+
+
+export LANG="C.UTF-8"
+
+ROOTFS=$(mktemp -d ${TMPDIR:-/var/tmp}/rootfs-archlinux-XXXXXXXXXX)
+chmod 755 $ROOTFS
+
+# packages to ignore for space savings
+PKGIGNORE=(
+    cryptsetup
+    device-mapper
+    dhcpcd
+    iproute2
+    jfsutils
+    linux
+    lvm2
+    man-db
+    man-pages
+    mdadm
+    nano
+    netctl
+    openresolv
+    pciutils
+    pcmciautils
+    reiserfsprogs
+    s-nail
+    systemd-sysvcompat
+    usbutils
+    vi
+    xfsprogs
+)
+IFS=','
+PKGIGNORE="${PKGIGNORE[*]}"
+unset IFS
+
+case "$(uname -m)" in
+	armv*)
+		if pacman -Q archlinuxarm-keyring >/dev/null 2>&1; then
+			pacman-key --init
+			pacman-key --populate archlinuxarm
+		else
+			echo "Could not find archlinuxarm-keyring. Please, install it and run pacman-key --populate archlinuxarm"
+			exit 1
+		fi
+		PACMAN_CONF='./mkimage-archarm-pacman.conf'
+		PACMAN_MIRRORLIST='Server = http://mirror.archlinuxarm.org/$arch/$repo'
+		PACMAN_EXTRA_PKGS='archlinuxarm-keyring'
+		EXPECT_TIMEOUT=120
+		ARCH_KEYRING=archlinuxarm
+		DOCKER_IMAGE_NAME=archlinuxarm
+		;;
+	*)
+		PACMAN_CONF='./mkimage-arch-pacman.conf'
+		PACMAN_MIRRORLIST='Server = https://mirrors.kernel.org/archlinux/$repo/os/$arch'
+		PACMAN_EXTRA_PKGS=''
+		EXPECT_TIMEOUT=60
+		ARCH_KEYRING=archlinux
+		DOCKER_IMAGE_NAME=archlinux
+		;;
+esac
+
+export PACMAN_MIRRORLIST
+
+expect <<EOF
+	set send_slow {1 .1}
+	proc send {ignore arg} {
+		sleep .1
+		exp_send -s -- \$arg
+	}
+	set timeout $EXPECT_TIMEOUT
+
+	spawn pacstrap -C $PACMAN_CONF -c -d -G -i $ROOTFS base haveged $PACMAN_EXTRA_PKGS --ignore $PKGIGNORE
+	expect {
+		-exact "anyway? \[Y/n\] " { send -- "n\r"; exp_continue }
+		-exact "(default=all): " { send -- "\r"; exp_continue }
+		-exact "installation? \[Y/n\]" { send -- "y\r"; exp_continue }
+	}
+EOF
+
+arch-chroot $ROOTFS /bin/sh -c 'rm -r /usr/share/man/*'
+arch-chroot $ROOTFS /bin/sh -c "haveged -w 1024; pacman-key --init; pkill haveged; pacman -Rs --noconfirm haveged; pacman-key --populate $ARCH_KEYRING; pkill gpg-agent"
+arch-chroot $ROOTFS /bin/sh -c "ln -s /usr/share/zoneinfo/UTC /etc/localtime"
+echo 'en_US.UTF-8 UTF-8' > $ROOTFS/etc/locale.gen
+arch-chroot $ROOTFS locale-gen
+arch-chroot $ROOTFS /bin/sh -c 'echo $PACMAN_MIRRORLIST > /etc/pacman.d/mirrorlist'
+
+# udev doesn't work in containers, rebuild /dev
+DEV=$ROOTFS/dev
+rm -rf $DEV
+mkdir -p $DEV
+mknod -m 666 $DEV/null c 1 3
+mknod -m 666 $DEV/zero c 1 5
+mknod -m 666 $DEV/random c 1 8
+mknod -m 666 $DEV/urandom c 1 9
+mkdir -m 755 $DEV/pts
+mkdir -m 1777 $DEV/shm
+mknod -m 666 $DEV/tty c 5 0
+mknod -m 600 $DEV/console c 5 1
+mknod -m 666 $DEV/tty0 c 4 0
+mknod -m 666 $DEV/full c 1 7
+mknod -m 600 $DEV/initctl p
+mknod -m 666 $DEV/ptmx c 5 2
+ln -sf /proc/self/fd $DEV/fd
+
+tar --numeric-owner --xattrs --acls -C $ROOTFS -c . | docker import - $DOCKER_IMAGE_NAME
+docker run --rm -t $DOCKER_IMAGE_NAME echo Success.
+rm -rf $ROOTFS
diff --git a/contrib/mkimage-archarm-pacman.conf b/contrib/mkimage-archarm-pacman.conf
new file mode 100644
index 00000000..38b01bf4
--- /dev/null
+++ b/contrib/mkimage-archarm-pacman.conf
@@ -0,0 +1,98 @@
+#
+# /etc/pacman.conf
+#
+# See the pacman.conf(5) manpage for option and repository directives
+
+#
+# GENERAL OPTIONS
+#
+[options]
+# The following paths are commented out with their default values listed.
+# If you wish to use different paths, uncomment and update the paths.
+#RootDir     = /
+#DBPath      = /var/lib/pacman/
+#CacheDir    = /var/cache/pacman/pkg/
+#LogFile     = /var/log/pacman.log
+#GPGDir      = /etc/pacman.d/gnupg/
+HoldPkg     = pacman glibc
+#XferCommand = /usr/bin/curl -C - -f %u > %o
+#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
+#CleanMethod = KeepInstalled
+#UseDelta    = 0.7
+Architecture = armv7h
+
+# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup
+#IgnorePkg   =
+#IgnoreGroup =
+
+#NoUpgrade   =
+#NoExtract   =
+
+# Misc options
+#UseSyslog
+#Color
+#TotalDownload
+# We cannot check disk space from within a chroot environment
+#CheckSpace
+#VerbosePkgLists
+
+# By default, pacman accepts packages signed by keys that its local keyring
+# trusts (see pacman-key and its man page), as well as unsigned packages.
+SigLevel    = Required DatabaseOptional
+LocalFileSigLevel = Optional
+#RemoteFileSigLevel = Required
+
+# NOTE: You must run `pacman-key --init` before first using pacman; the local
+# keyring can then be populated with the keys of all official Arch Linux
+# packagers with `pacman-key --populate archlinux`.
+
+#
+# REPOSITORIES
+#   - can be defined here or included from another file
+#   - pacman will search repositories in the order defined here
+#   - local/custom mirrors can be added here or in separate files
+#   - repositories listed first will take precedence when packages
+#     have identical names, regardless of version number
+#   - URLs will have $repo replaced by the name of the current repo
+#   - URLs will have $arch replaced by the name of the architecture
+#
+# Repository entries are of the format:
+#       [repo-name]
+#       Server = ServerName
+#       Include = IncludePath
+#
+# The header [repo-name] is crucial - it must be present and
+# uncommented to enable the repo.
+#
+
+# The testing repositories are disabled by default. To enable, uncomment the
+# repo name header and Include lines. You can add preferred servers immediately
+# after the header, and they will be used before the default mirrors.
+
+#[testing]
+#Include = /etc/pacman.d/mirrorlist
+
+[core]
+Include = /etc/pacman.d/mirrorlist
+
+[extra]
+Include = /etc/pacman.d/mirrorlist
+
+#[community-testing]
+#Include = /etc/pacman.d/mirrorlist
+
+[community]
+Include = /etc/pacman.d/mirrorlist
+
+[alarm]
+Include = /etc/pacman.d/mirrorlist
+
+[aur]
+Include = /etc/pacman.d/mirrorlist
+
+# An example of a custom package repository.  See the pacman manpage for
+# tips on creating your own repositories.
+#[custom]
+#SigLevel = Optional TrustAll
+#Server = file:///home/custompkgs
+
diff --git a/contrib/mkimage-busybox.sh b/contrib/mkimage-busybox.sh
new file mode 100755
index 00000000..b11a6bb2
--- /dev/null
+++ b/contrib/mkimage-busybox.sh
@@ -0,0 +1,43 @@
+#!/usr/bin/env bash
+# Generate a very minimal filesystem based on busybox-static,
+# and load it into the local docker under the name "busybox".
+
+echo >&2
+echo >&2 'warning: this script is deprecated - see mkimage.sh and mkimage/busybox-static'
+echo >&2
+
+BUSYBOX=$(which busybox)
+[ "$BUSYBOX" ] || {
+    echo "Sorry, I could not locate busybox."
+    echo "Try 'apt-get install busybox-static'?"
+    exit 1
+}
+
+set -e
+ROOTFS=${TMPDIR:-/var/tmp}/rootfs-busybox-$$-$RANDOM
+mkdir $ROOTFS
+cd $ROOTFS
+
+mkdir bin etc dev dev/pts lib proc sys tmp
+touch etc/resolv.conf
+cp /etc/nsswitch.conf etc/nsswitch.conf
+echo root:x:0:0:root:/:/bin/sh > etc/passwd
+echo root:x:0: > etc/group
+ln -s lib lib64
+ln -s bin sbin
+cp $BUSYBOX bin
+for X in $(busybox --list)
+do
+    ln -s busybox bin/$X
+done
+rm bin/init
+ln bin/busybox bin/init
+cp /lib/x86_64-linux-gnu/lib{pthread,c,dl,nsl,nss_*}.so.* lib
+cp /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 lib
+for X in console null ptmx random stdin stdout stderr tty urandom zero
+do
+    cp -a /dev/$X dev
+done
+
+tar --numeric-owner -cf- . | docker import - busybox
+docker run -i -u root busybox /bin/echo Success.
diff --git a/contrib/mkimage-crux.sh b/contrib/mkimage-crux.sh
new file mode 100755
index 00000000..3f0bdcae
--- /dev/null
+++ b/contrib/mkimage-crux.sh
@@ -0,0 +1,75 @@
+#!/usr/bin/env bash
+# Generate a minimal filesystem for CRUX/Linux and load it into the local
+# docker as "cruxlinux"
+# requires root and the crux iso (http://crux.nu)
+
+set -e
+
+die () {
+    echo >&2 "$@"
+    exit 1
+}
+
+[ "$#" -eq 1 ] || die "1 argument(s) required, $# provided. Usage: ./mkimage-crux.sh /path/to/iso"
+
+ISO=${1}
+
+ROOTFS=$(mktemp -d ${TMPDIR:-/var/tmp}/rootfs-crux-XXXXXXXXXX)
+CRUX=$(mktemp -d ${TMPDIR:-/var/tmp}/crux-XXXXXXXXXX)
+TMP=$(mktemp -d ${TMPDIR:-/var/tmp}/XXXXXXXXXX)
+
+VERSION=$(basename --suffix=.iso $ISO | sed 's/[^0-9.]*\([0-9.]*\).*/\1/')
+
+# Mount the ISO
+mount -o ro,loop $ISO $CRUX
+
+# Extract pkgutils
+tar -C $TMP -xf $CRUX/tools/pkgutils#*.pkg.tar.gz
+
+# Put pkgadd in the $PATH
+export PATH="$TMP/usr/bin:$PATH"
+
+# Install core packages
+mkdir -p $ROOTFS/var/lib/pkg
+touch $ROOTFS/var/lib/pkg/db
+for pkg in $CRUX/crux/core/*; do
+    pkgadd -r $ROOTFS $pkg
+done
+
+# Remove agetty and inittab config
+if (grep agetty ${ROOTFS}/etc/inittab 2>&1 > /dev/null); then
+    echo "Removing agetty from /etc/inittab ..."
+    chroot ${ROOTFS} sed -i -e "/agetty/d" /etc/inittab
+    chroot ${ROOTFS} sed -i -e "/shutdown/d" /etc/inittab
+    chroot ${ROOTFS} sed -i -e "/^$/N;/^\n$/d" /etc/inittab
+fi
+
+# Remove kernel source
+rm -rf $ROOTFS/usr/src/*
+
+# udev doesn't work in containers, rebuild /dev
+DEV=$ROOTFS/dev
+rm -rf $DEV
+mkdir -p $DEV
+mknod -m 666 $DEV/null c 1 3
+mknod -m 666 $DEV/zero c 1 5
+mknod -m 666 $DEV/random c 1 8
+mknod -m 666 $DEV/urandom c 1 9
+mkdir -m 755 $DEV/pts
+mkdir -m 1777 $DEV/shm
+mknod -m 666 $DEV/tty c 5 0
+mknod -m 600 $DEV/console c 5 1
+mknod -m 666 $DEV/tty0 c 4 0
+mknod -m 666 $DEV/full c 1 7
+mknod -m 600 $DEV/initctl p
+mknod -m 666 $DEV/ptmx c 5 2
+
+IMAGE_ID=$(tar --numeric-owner -C $ROOTFS -c . | docker import - crux:$VERSION)
+docker tag $IMAGE_ID crux:latest
+docker run -i -t crux echo Success.
+
+# Cleanup
+umount $CRUX
+rm -rf $ROOTFS
+rm -rf $CRUX
+rm -rf $TMP
diff --git a/contrib/mkimage-debootstrap.sh b/contrib/mkimage-debootstrap.sh
new file mode 100755
index 00000000..412a5ce0
--- /dev/null
+++ b/contrib/mkimage-debootstrap.sh
@@ -0,0 +1,297 @@
+#!/usr/bin/env bash
+set -e
+
+echo >&2
+echo >&2 'warning: this script is deprecated - see mkimage.sh and mkimage/debootstrap'
+echo >&2
+
+variant='minbase'
+include='iproute,iputils-ping'
+arch='amd64' # intentionally undocumented for now
+skipDetection=
+strictDebootstrap=
+justTar=
+
+usage() {
+	echo >&2
+
+	echo >&2 "usage: $0 [options] repo suite [mirror]"
+
+	echo >&2
+	echo >&2 'options: (not recommended)'
+	echo >&2 "  -p set an http_proxy for debootstrap"
+	echo >&2 "  -v $variant # change default debootstrap variant"
+	echo >&2 "  -i $include # change default package includes"
+	echo >&2 "  -d # strict debootstrap (do not apply any docker-specific tweaks)"
+	echo >&2 "  -s # skip version detection and tagging (ie, precise also tagged as 12.04)"
+	echo >&2 "     # note that this will also skip adding universe and/or security/updates to sources.list"
+	echo >&2 "  -t # just create a tarball, especially for dockerbrew (uses repo as tarball name)"
+
+	echo >&2
+	echo >&2 "   ie: $0 username/debian squeeze"
+	echo >&2 "       $0 username/debian squeeze http://ftp.uk.debian.org/debian/"
+
+	echo >&2
+	echo >&2 "   ie: $0 username/ubuntu precise"
+	echo >&2 "       $0 username/ubuntu precise http://mirrors.melbourne.co.uk/ubuntu/"
+
+	echo >&2
+	echo >&2 "   ie: $0 -t precise.tar.bz2 precise"
+	echo >&2 "       $0 -t wheezy.tgz wheezy"
+	echo >&2 "       $0 -t wheezy-uk.tar.xz wheezy http://ftp.uk.debian.org/debian/"
+
+	echo >&2
+}
+
+# these should match the names found at http://www.debian.org/releases/
+debianStable=wheezy
+debianUnstable=sid
+# this should match the name found at http://releases.ubuntu.com/
+ubuntuLatestLTS=trusty
+# this should match the name found at http://releases.tanglu.org/
+tangluLatest=aequorea
+
+while getopts v:i:a:p:dst name; do
+	case "$name" in
+		p)
+			http_proxy="$OPTARG"
+			;;
+		v)
+			variant="$OPTARG"
+			;;
+		i)
+			include="$OPTARG"
+			;;
+		a)
+			arch="$OPTARG"
+			;;
+		d)
+			strictDebootstrap=1
+			;;
+		s)
+			skipDetection=1
+			;;
+		t)
+			justTar=1
+			;;
+		?)
+			usage
+			exit 0
+			;;
+	esac
+done
+shift $(($OPTIND - 1))
+
+repo="$1"
+suite="$2"
+mirror="${3:-}" # stick to the default debootstrap mirror if one is not provided
+
+if [ ! "$repo" ] || [ ! "$suite" ]; then
+	usage
+	exit 1
+fi
+
+# some rudimentary detection for whether we need to "sudo" our docker calls
+docker=''
+if docker version > /dev/null 2>&1; then
+	docker='docker'
+elif sudo docker version > /dev/null 2>&1; then
+	docker='sudo docker'
+elif command -v docker > /dev/null 2>&1; then
+	docker='docker'
+else
+	echo >&2 "warning: either docker isn't installed, or your current user cannot run it;"
+	echo >&2 "         this script is not likely to work as expected"
+	sleep 3
+	docker='docker' # give us a command-not-found later
+fi
+
+# make sure we have an absolute path to our final tarball so we can still reference it properly after we change directory
+if [ "$justTar" ]; then
+	if [ ! -d "$(dirname "$repo")" ]; then
+		echo >&2 "error: $(dirname "$repo") does not exist"
+		exit 1
+	fi
+	repo="$(cd "$(dirname "$repo")" && pwd -P)/$(basename "$repo")"
+fi
+
+# will be filled in later, if [ -z "$skipDetection" ]
+lsbDist=''
+
+target="${TMPDIR:-/var/tmp}/docker-rootfs-debootstrap-$suite-$$-$RANDOM"
+
+cd "$(dirname "$(readlink -f "$BASH_SOURCE")")"
+returnTo="$(pwd -P)"
+
+if [ "$suite" = 'lucid' ]; then
+	# lucid fails and doesn't include gpgv in minbase; "apt-get update" fails
+	include+=',gpgv'
+fi
+
+set -x
+
+# bootstrap
+mkdir -p "$target"
+sudo http_proxy=$http_proxy debootstrap --verbose --variant="$variant" --include="$include" --arch="$arch" "$suite" "$target" "$mirror"
+
+cd "$target"
+
+if [ -z "$strictDebootstrap" ]; then
+	# prevent init scripts from running during install/update
+	#  policy-rc.d (for most scripts)
+	echo $'#!/bin/sh\nexit 101' | sudo tee usr/sbin/policy-rc.d > /dev/null
+	sudo chmod +x usr/sbin/policy-rc.d
+	#  initctl (for some pesky upstart scripts)
+	sudo chroot . dpkg-divert --local --rename --add /sbin/initctl
+	sudo ln -sf /bin/true sbin/initctl
+	# see https://github.com/docker/docker/issues/446#issuecomment-16953173
+
+	# shrink the image, since apt makes us fat (wheezy: ~157.5MB vs ~120MB)
+	sudo chroot . apt-get clean
+
+	if strings usr/bin/dpkg | grep -q unsafe-io; then
+		# while we're at it, apt is unnecessarily slow inside containers
+		#  this forces dpkg not to call sync() after package extraction and speeds up install
+		#    the benefit is huge on spinning disks, and the penalty is nonexistent on SSD or decent server virtualization
+		echo 'force-unsafe-io' | sudo tee etc/dpkg/dpkg.cfg.d/02apt-speedup > /dev/null
+		# we have this wrapped up in an "if" because the "force-unsafe-io"
+		# option was added in dpkg 1.15.8.6
+		# (see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584254#82),
+		# and ubuntu lucid/10.04 only has 1.15.5.6
+	fi
+
+	# we want to effectively run "apt-get clean" after every install to keep images small (see output of "apt-get clean -s" for context)
+	{
+		aptGetClean='"rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true";'
+		echo "DPkg::Post-Invoke { ${aptGetClean} };"
+		echo "APT::Update::Post-Invoke { ${aptGetClean} };"
+		echo 'Dir::Cache::pkgcache ""; Dir::Cache::srcpkgcache "";'
+	} | sudo tee etc/apt/apt.conf.d/no-cache > /dev/null
+
+	# and remove the translations, too
+	echo 'Acquire::Languages "none";' | sudo tee etc/apt/apt.conf.d/no-languages > /dev/null
+
+	# helpful undo lines for each the above tweaks (for lack of a better home to keep track of them):
+	#  rm /usr/sbin/policy-rc.d
+	#  rm /sbin/initctl; dpkg-divert --rename --remove /sbin/initctl
+	#  rm /etc/dpkg/dpkg.cfg.d/02apt-speedup
+	#  rm /etc/apt/apt.conf.d/no-cache
+	#  rm /etc/apt/apt.conf.d/no-languages
+
+	if [ -z "$skipDetection" ]; then
+		# see also rudimentary platform detection in hack/install.sh
+		lsbDist=''
+		if [ -r etc/lsb-release ]; then
+			lsbDist="$(. etc/lsb-release && echo "$DISTRIB_ID")"
+		fi
+		if [ -z "$lsbDist" ] && [ -r etc/debian_version ]; then
+			lsbDist='Debian'
+		fi
+
+		case "$lsbDist" in
+			Debian)
+				# add the updates and security repositories
+				if [ "$suite" != "$debianUnstable" -a "$suite" != 'unstable' ]; then
+					# ${suite}-updates only applies to non-unstable
+					sudo sed -i "p; s/ $suite main$/ ${suite}-updates main/" etc/apt/sources.list
+
+					# same for security updates
+					echo "deb http://security.debian.org/ $suite/updates main" | sudo tee -a etc/apt/sources.list > /dev/null
+				fi
+				;;
+			Ubuntu)
+				# add the universe, updates, and security repositories
+				sudo sed -i "
+					s/ $suite main$/ $suite main universe/; p;
+					s/ $suite main/ ${suite}-updates main/; p;
+					s/ $suite-updates main/ ${suite}-security main/
+				" etc/apt/sources.list
+				;;
+			Tanglu)
+				# add the updates repository
+				if [ "$suite" = "$tangluLatest" ]; then
+					# ${suite}-updates only applies to stable Tanglu versions
+					sudo sed -i "p; s/ $suite main$/ ${suite}-updates main/" etc/apt/sources.list
+				fi
+				;;
+			SteamOS)
+				# add contrib and non-free
+				sudo sed -i "s/ $suite main$/ $suite main contrib non-free/" etc/apt/sources.list
+				;;
+		esac
+	fi
+
+	# make sure our packages lists are as up to date as we can get them
+	sudo chroot . apt-get update
+	sudo chroot . apt-get dist-upgrade -y
+fi
+
+if [ "$justTar" ]; then
+	# create the tarball file so it has the right permissions (ie, not root)
+	touch "$repo"
+
+	# fill the tarball
+	sudo tar --numeric-owner -caf "$repo" .
+else
+	# create the image (and tag $repo:$suite)
+	sudo tar --numeric-owner -c . | $docker import - $repo:$suite
+
+	# test the image
+	$docker run -i -t $repo:$suite echo success
+
+	if [ -z "$skipDetection" ]; then
+		case "$lsbDist" in
+			Debian)
+				if [ "$suite" = "$debianStable" -o "$suite" = 'stable' ] && [ -r etc/debian_version ]; then
+					# tag latest
+					$docker tag $repo:$suite $repo:latest
+
+					if [ -r etc/debian_version ]; then
+						# tag the specific debian release version (which is only reasonable to tag on debian stable)
+						ver=$(cat etc/debian_version)
+						$docker tag $repo:$suite $repo:$ver
+					fi
+				fi
+				;;
+			Ubuntu)
+				if [ "$suite" = "$ubuntuLatestLTS" ]; then
+					# tag latest
+					$docker tag $repo:$suite $repo:latest
+				fi
+				if [ -r etc/lsb-release ]; then
+					lsbRelease="$(. etc/lsb-release && echo "$DISTRIB_RELEASE")"
+					if [ "$lsbRelease" ]; then
+						# tag specific Ubuntu version number, if available (12.04, etc.)
+						$docker tag $repo:$suite $repo:$lsbRelease
+					fi
+				fi
+				;;
+			Tanglu)
+				if [ "$suite" = "$tangluLatest" ]; then
+					# tag latest
+					$docker tag $repo:$suite $repo:latest
+				fi
+				if [ -r etc/lsb-release ]; then
+					lsbRelease="$(. etc/lsb-release && echo "$DISTRIB_RELEASE")"
+					if [ "$lsbRelease" ]; then
+						# tag specific Tanglu version number, if available (1.0, 2.0, etc.)
+						$docker tag $repo:$suite $repo:$lsbRelease
+					fi
+				fi
+				;;
+			SteamOS)
+				if [ -r etc/lsb-release ]; then
+					lsbRelease="$(. etc/lsb-release && echo "$DISTRIB_RELEASE")"
+					if [ "$lsbRelease" ]; then
+						# tag specific SteamOS version number, if available (1.0, 2.0, etc.)
+						$docker tag $repo:$suite $repo:$lsbRelease
+					fi
+				fi
+				;;
+		esac
+	fi
+fi
+
+# cleanup
+cd "$returnTo"
+sudo rm -rf "$target"
diff --git a/contrib/mkimage-rinse.sh b/contrib/mkimage-rinse.sh
new file mode 100755
index 00000000..7e093506
--- /dev/null
+++ b/contrib/mkimage-rinse.sh
@@ -0,0 +1,123 @@
+#!/usr/bin/env bash
+#
+# Create a base CentOS Docker image.
+
+# This script is useful on systems with rinse available (e.g.,
+# building a CentOS image on Debian).  See contrib/mkimage-yum.sh for
+# a way to build CentOS images on systems with yum installed.
+
+set -e
+
+echo >&2
+echo >&2 'warning: this script is deprecated - see mkimage.sh and mkimage/rinse'
+echo >&2
+
+repo="$1"
+distro="$2"
+mirror="$3"
+
+if [ ! "$repo" ] || [ ! "$distro" ]; then
+	self="$(basename $0)"
+	echo >&2 "usage: $self repo distro [mirror]"
+	echo >&2
+	echo >&2 "   ie: $self username/centos centos-5"
+	echo >&2 "       $self username/centos centos-6"
+	echo >&2
+	echo >&2 "   ie: $self username/slc slc-5"
+	echo >&2 "       $self username/slc slc-6"
+	echo >&2
+	echo >&2 "   ie: $self username/centos centos-5 http://vault.centos.org/5.8/os/x86_64/CentOS/"
+	echo >&2 "       $self username/centos centos-6 http://vault.centos.org/6.3/os/x86_64/Packages/"
+	echo >&2
+	echo >&2 'See /etc/rinse for supported values of "distro" and for examples of'
+	echo >&2 '  expected values of "mirror".'
+	echo >&2
+	echo >&2 'This script is tested to work with the original upstream version of rinse,'
+	echo >&2 '  found at http://www.steve.org.uk/Software/rinse/ and also in Debian at'
+	echo >&2 '  http://packages.debian.org/wheezy/rinse -- as always, YMMV.'
+	echo >&2
+	exit 1
+fi
+
+target="${TMPDIR:-/var/tmp}/docker-rootfs-rinse-$distro-$$-$RANDOM"
+
+cd "$(dirname "$(readlink -f "$BASH_SOURCE")")"
+returnTo="$(pwd -P)"
+
+rinseArgs=( --arch amd64 --distribution "$distro" --directory "$target" )
+if [ "$mirror" ]; then
+	rinseArgs+=( --mirror "$mirror" )
+fi
+
+set -x
+
+mkdir -p "$target"
+
+sudo rinse "${rinseArgs[@]}"
+
+cd "$target"
+
+# rinse fails a little at setting up /dev, so we'll just wipe it out and create our own
+sudo rm -rf dev
+sudo mkdir -m 755 dev
+(
+	cd dev
+	sudo ln -sf /proc/self/fd ./
+	sudo mkdir -m 755 pts
+	sudo mkdir -m 1777 shm
+	sudo mknod -m 600 console c 5 1
+	sudo mknod -m 600 initctl p
+	sudo mknod -m 666 full c 1 7
+	sudo mknod -m 666 null c 1 3
+	sudo mknod -m 666 ptmx c 5 2
+	sudo mknod -m 666 random c 1 8
+	sudo mknod -m 666 tty c 5 0
+	sudo mknod -m 666 tty0 c 4 0
+	sudo mknod -m 666 urandom c 1 9
+	sudo mknod -m 666 zero c 1 5
+)
+
+# effectively: febootstrap-minimize --keep-zoneinfo --keep-rpmdb --keep-services "$target"
+#  locales
+sudo rm -rf usr/{{lib,share}/locale,{lib,lib64}/gconv,bin/localedef,sbin/build-locale-archive}
+#  docs and man pages
+sudo rm -rf usr/share/{man,doc,info,gnome/help}
+#  cracklib
+sudo rm -rf usr/share/cracklib
+#  i18n
+sudo rm -rf usr/share/i18n
+#  yum cache
+sudo rm -rf var/cache/yum
+sudo mkdir -p --mode=0755 var/cache/yum
+#  sln
+sudo rm -rf sbin/sln
+#  ldconfig
+#sudo rm -rf sbin/ldconfig
+sudo rm -rf etc/ld.so.cache var/cache/ldconfig
+sudo mkdir -p --mode=0755 var/cache/ldconfig
+
+# allow networking init scripts inside the container to work without extra steps
+echo 'NETWORKING=yes' | sudo tee etc/sysconfig/network > /dev/null
+
+# to restore locales later:
+#  yum reinstall glibc-common
+
+version=
+if [ -r etc/redhat-release ]; then
+	version="$(sed -E 's/^[^0-9.]*([0-9.]+).*$/\1/' etc/redhat-release)"
+elif [ -r etc/SuSE-release ]; then
+	version="$(awk '/^VERSION/ { print $3 }' etc/SuSE-release)"
+fi
+
+if [ -z "$version" ]; then
+	echo >&2 "warning: cannot autodetect OS version, using $distro as tag"
+	sleep 20
+	version="$distro"
+fi
+
+sudo tar --numeric-owner -c . | docker import - $repo:$version
+
+docker run -i -t $repo:$version echo success
+
+cd "$returnTo"
+sudo rm -rf "$target"
diff --git a/contrib/mkimage-yum.sh b/contrib/mkimage-yum.sh
new file mode 100755
index 00000000..919160c8
--- /dev/null
+++ b/contrib/mkimage-yum.sh
@@ -0,0 +1,134 @@
+#!/usr/bin/env bash
+#
+# Create a base CentOS Docker image.
+#
+# This script is useful on systems with yum installed (e.g., building
+# a CentOS image on CentOS).  See contrib/mkimage-rinse.sh for a way
+# to build CentOS images on other systems.
+
+usage() {
+    cat <<EOOPTS
+$(basename $0) [OPTIONS] <name>
+OPTIONS:
+  -p "<packages>"  The list of packages to install in the container.
+                   The default is blank.
+  -g "<groups>"    The groups of packages to install in the container.
+                   The default is "Core".
+  -y <yumconf>     The path to the yum config to install packages from. The
+                   default is /etc/yum.conf for Centos/RHEL and /etc/dnf/dnf.conf for Fedora
+EOOPTS
+    exit 1
+}
+
+# option defaults
+yum_config=/etc/yum.conf
+if [ -f /etc/dnf/dnf.conf ] && command -v dnf &> /dev/null; then
+	yum_config=/etc/dnf/dnf.conf
+	alias yum=dnf
+fi
+install_groups="Core"
+while getopts ":y:p:g:h" opt; do
+    case $opt in
+        y)
+            yum_config=$OPTARG
+            ;;
+        h)
+            usage
+            ;;
+        p)
+            install_packages="$OPTARG"
+            ;;
+        g)
+            install_groups="$OPTARG"
+            ;;
+        \?)
+            echo "Invalid option: -$OPTARG"
+            usage
+            ;;
+    esac
+done
+shift $((OPTIND - 1))
+name=$1
+
+if [[ -z $name ]]; then
+    usage
+fi
+
+target=$(mktemp -d --tmpdir $(basename $0).XXXXXX)
+
+set -x
+
+mkdir -m 755 "$target"/dev
+mknod -m 600 "$target"/dev/console c 5 1
+mknod -m 600 "$target"/dev/initctl p
+mknod -m 666 "$target"/dev/full c 1 7
+mknod -m 666 "$target"/dev/null c 1 3
+mknod -m 666 "$target"/dev/ptmx c 5 2
+mknod -m 666 "$target"/dev/random c 1 8
+mknod -m 666 "$target"/dev/tty c 5 0
+mknod -m 666 "$target"/dev/tty0 c 4 0
+mknod -m 666 "$target"/dev/urandom c 1 9
+mknod -m 666 "$target"/dev/zero c 1 5
+
+# amazon linux yum will fail without vars set
+if [ -d /etc/yum/vars ]; then
+	mkdir -p -m 755 "$target"/etc/yum
+	cp -a /etc/yum/vars "$target"/etc/yum/
+fi
+
+if [[ -n "$install_groups" ]];
+then
+    yum -c "$yum_config" --installroot="$target" --releasever=/ --setopt=tsflags=nodocs \
+        --setopt=group_package_types=mandatory -y groupinstall $install_groups
+fi
+
+if [[ -n "$install_packages" ]];
+then
+    yum -c "$yum_config" --installroot="$target" --releasever=/ --setopt=tsflags=nodocs \
+        --setopt=group_package_types=mandatory -y install $install_packages
+fi
+
+yum -c "$yum_config" --installroot="$target" -y clean all
+
+cat > "$target"/etc/sysconfig/network <<EOF
+NETWORKING=yes
+HOSTNAME=localhost.localdomain
+EOF
+
+# effectively: febootstrap-minimize --keep-zoneinfo --keep-rpmdb --keep-services "$target".
+#  locales
+rm -rf "$target"/usr/{{lib,share}/locale,{lib,lib64}/gconv,bin/localedef,sbin/build-locale-archive}
+#  docs and man pages
+rm -rf "$target"/usr/share/{man,doc,info,gnome/help}
+#  cracklib
+rm -rf "$target"/usr/share/cracklib
+#  i18n
+rm -rf "$target"/usr/share/i18n
+#  yum cache
+rm -rf "$target"/var/cache/yum
+mkdir -p --mode=0755 "$target"/var/cache/yum
+#  sln
+rm -rf "$target"/sbin/sln
+#  ldconfig
+rm -rf "$target"/etc/ld.so.cache "$target"/var/cache/ldconfig
+mkdir -p --mode=0755 "$target"/var/cache/ldconfig
+
+version=
+for file in "$target"/etc/{redhat,system}-release
+do
+    if [ -r "$file" ]; then
+        version="$(sed 's/^[^0-9\]*\([0-9.]\+\).*$/\1/' "$file")"
+        break
+    fi
+done
+
+if [ -z "$version" ]; then
+    echo >&2 "warning: cannot autodetect OS version, using '$name' as tag"
+    version=$name
+fi
+
+tar --numeric-owner -c -C "$target" . | docker import - $name:$version
+
+docker run -i -t --rm $name:$version /bin/bash -c 'echo success'
+
+rm -rf "$target"
diff --git a/contrib/mkimage.sh b/contrib/mkimage.sh
new file mode 100755
index 00000000..3976d72d
--- /dev/null
+++ b/contrib/mkimage.sh
@@ -0,0 +1,117 @@
+#!/usr/bin/env bash
+set -e
+
+mkimg="$(basename "$0")"
+
+usage() {
+	echo >&2 "usage: $mkimg [-d dir] [-t tag] [--compression algo| --no-compression] script [script-args]"
+	echo >&2 "   ie: $mkimg -t someuser/debian debootstrap --variant=minbase jessie"
+	echo >&2 "       $mkimg -t someuser/ubuntu debootstrap --include=ubuntu-minimal --components=main,universe trusty"
+	echo >&2 "       $mkimg -t someuser/busybox busybox-static"
+	echo >&2 "       $mkimg -t someuser/centos:5 rinse --distribution centos-5"
+	echo >&2 "       $mkimg -t someuser/mageia:4 mageia-urpmi --version=4"
+	echo >&2 "       $mkimg -t someuser/mageia:4 mageia-urpmi --version=4 --mirror=http://somemirror/"
+	exit 1
+}
+
+scriptDir="$(dirname "$(readlink -f "$BASH_SOURCE")")/mkimage"
+
+optTemp=$(getopt --options '+d:t:c:hC' --longoptions 'dir:,tag:,compression:,no-compression,help' --name "$mkimg" -- "$@")
+eval set -- "$optTemp"
+unset optTemp
+
+dir=
+tag=
+compression="auto"
+while true; do
+	case "$1" in
+		-d|--dir) dir="$2" ; shift 2 ;;
+		-t|--tag) tag="$2" ; shift 2 ;;
+		--compression)    compression="$2"   ; shift 2 ;;
+		--no-compression) compression="none" ; shift 1 ;;
+		-h|--help) usage ;;
+		--) shift ; break ;;
+	esac
+done
+
+script="$1"
+[ "$script" ] || usage
+shift
+
+if [ "$compression" == 'auto' ] || [ -z "$compression" ]
+then
+    compression='xz'
+fi
+
+[ "$compression" == 'none' ] && compression=''
+
+if [ ! -x "$scriptDir/$script" ]; then
+	echo >&2 "error: $script does not exist or is not executable"
+	echo >&2 "  see $scriptDir for possible scripts"
+	exit 1
+fi
+
+# don't mistake common scripts like .febootstrap-minimize as image-creators
+if [[ "$script" == .* ]]; then
+	echo >&2 "error: $script is a script helper, not a script"
+	echo >&2 "  see $scriptDir for possible scripts"
+	exit 1
+fi
+
+delDir=
+if [ -z "$dir" ]; then
+	dir="$(mktemp -d ${TMPDIR:-/var/tmp}/docker-mkimage.XXXXXXXXXX)"
+	delDir=1
+fi
+
+rootfsDir="$dir/rootfs"
+( set -x; mkdir -p "$rootfsDir" )
+
+# pass all remaining arguments to $script
+"$scriptDir/$script" "$rootfsDir" "$@"
+
+# Docker mounts tmpfs at /dev and procfs at /proc so we can remove them
+rm -rf "$rootfsDir/dev" "$rootfsDir/proc"
+mkdir -p "$rootfsDir/dev" "$rootfsDir/proc"
+
+# make sure /etc/resolv.conf has something useful in it
+mkdir -p "$rootfsDir/etc"
+cat > "$rootfsDir/etc/resolv.conf" <<'EOF'
+nameserver 8.8.8.8
+nameserver 8.8.4.4
+EOF
+
+tarFile="$dir/rootfs.tar${compression:+.$compression}"
+touch "$tarFile"
+
+(
+	set -x
+	tar --numeric-owner --create --auto-compress --file "$tarFile" --directory "$rootfsDir" --transform='s,^./,,' .
+)
+
+echo >&2 "+ cat > '$dir/Dockerfile'"
+cat > "$dir/Dockerfile" <<EOF
+FROM scratch
+ADD $(basename "$tarFile") /
+EOF
+
+# if our generated image has a decent shell, let's set a default command
+for shell in /bin/bash /usr/bin/fish /usr/bin/zsh /bin/sh; do
+	if [ -x "$rootfsDir/$shell" ]; then
+		( set -x; echo 'CMD ["'"$shell"'"]' >> "$dir/Dockerfile" )
+		break
+	fi
+done
+
+( set -x; rm -rf "$rootfsDir" )
+
+if [ "$tag" ]; then
+	( set -x; docker build -t "$tag" "$dir" )
+elif [ "$delDir" ]; then
+	# if we didn't specify a tag and we're going to delete our dir, let's just build an untagged image so that we did _something_
+	( set -x; docker build "$dir" )
+fi
+
+if [ "$delDir" ]; then
+	( set -x; rm -rf "$dir" )
+fi
diff --git a/contrib/mkimage/.febootstrap-minimize b/contrib/mkimage/.febootstrap-minimize
new file mode 100755
index 00000000..7749e63f
--- /dev/null
+++ b/contrib/mkimage/.febootstrap-minimize
@@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+set -e
+
+rootfsDir="$1"
+shift
+
+(
+	cd "$rootfsDir"
+
+	# effectively: febootstrap-minimize --keep-zoneinfo --keep-rpmdb --keep-services "$target"
+	#  locales
+	rm -rf usr/{{lib,share}/locale,{lib,lib64}/gconv,bin/localedef,sbin/build-locale-archive}
+	#  docs and man pages
+	rm -rf usr/share/{man,doc,info,gnome/help}
+	#  cracklib
+	rm -rf usr/share/cracklib
+	#  i18n
+	rm -rf usr/share/i18n
+	#  yum cache
+	rm -rf var/cache/yum
+	mkdir -p --mode=0755 var/cache/yum
+	#  sln
+	rm -rf sbin/sln
+	#  ldconfig
+	#rm -rf sbin/ldconfig
+	rm -rf etc/ld.so.cache var/cache/ldconfig
+	mkdir -p --mode=0755 var/cache/ldconfig
+)
diff --git a/contrib/mkimage/busybox-static b/contrib/mkimage/busybox-static
new file mode 100755
index 00000000..e15322b4
--- /dev/null
+++ b/contrib/mkimage/busybox-static
@@ -0,0 +1,34 @@
+#!/usr/bin/env bash
+set -e
+
+rootfsDir="$1"
+shift
+
+busybox="$(which busybox 2>/dev/null || true)"
+if [ -z "$busybox" ]; then
+	echo >&2 'error: busybox: not found'
+	echo >&2 '  install it with your distribution "busybox-static" package'
+	exit 1
+fi
+if ! ldd "$busybox" 2>&1 | grep -q 'not a dynamic executable'; then
+	echo >&2 "error: '$busybox' appears to be a dynamic executable"
+	echo >&2 '  you should install your distribution "busybox-static" package instead'
+	exit 1
+fi
+
+mkdir -p "$rootfsDir/bin"
+rm -f "$rootfsDir/bin/busybox" # just in case
+cp "$busybox" "$rootfsDir/bin/busybox"
+
+(
+	cd "$rootfsDir"
+
+	IFS=$'\n'
+	modules=( $(bin/busybox --list-modules) )
+	unset IFS
+
+	for module in "${modules[@]}"; do
+		mkdir -p "$(dirname "$module")"
+		ln -sf /bin/busybox "$module"
+	done
+)
diff --git a/contrib/mkimage/debootstrap b/contrib/mkimage/debootstrap
new file mode 100755
index 00000000..c613d537
--- /dev/null
+++ b/contrib/mkimage/debootstrap
@@ -0,0 +1,240 @@
+#!/usr/bin/env bash
+set -e
+
+rootfsDir="$1"
+shift
+
+# we have to do a little fancy footwork to make sure "rootfsDir" becomes the second non-option argument to debootstrap
+
+before=()
+while [ $# -gt 0 ] && [[ "$1" == -* ]]; do
+	before+=( "$1" )
+	shift
+done
+
+suite="$1"
+shift
+
+# get path to "chroot" in our current PATH
+chrootPath="$(type -P chroot)"
+rootfs_chroot() {
+	# "chroot" doesn't set PATH, so we need to set it explicitly to something our new debootstrap chroot can use appropriately!
+
+	# set PATH and chroot away!
+	PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' \
+		"$chrootPath" "$rootfsDir" "$@"
+}
+
+# allow for DEBOOTSTRAP=qemu-debootstrap ./mkimage.sh ...
+: ${DEBOOTSTRAP:=debootstrap}
+
+(
+	set -x
+	$DEBOOTSTRAP "${before[@]}" "$suite" "$rootfsDir" "$@"
+)
+
+# now for some Docker-specific tweaks
+
+# prevent init scripts from running during install/update
+echo >&2 "+ echo exit 101 > '$rootfsDir/usr/sbin/policy-rc.d'"
+cat > "$rootfsDir/usr/sbin/policy-rc.d" <<-'EOF'
+	#!/bin/sh
+
+	# For most Docker users, "apt-get install" only happens during "docker build",
+	# where starting services doesn't work and often fails in humorous ways. This
+	# prevents those failures by stopping the services from attempting to start.
+
+	exit 101
+EOF
+chmod +x "$rootfsDir/usr/sbin/policy-rc.d"
+
+# prevent upstart scripts from running during install/update
+(
+	set -x
+	rootfs_chroot dpkg-divert --local --rename --add /sbin/initctl
+	cp -a "$rootfsDir/usr/sbin/policy-rc.d" "$rootfsDir/sbin/initctl"
+	sed -i 's/^exit.*/exit 0/' "$rootfsDir/sbin/initctl"
+)
+
+# shrink a little, since apt makes us cache-fat (wheezy: ~157.5MB vs ~120MB)
+( set -x; rootfs_chroot apt-get clean )
+
+# this file is one APT creates to make sure we don't "autoremove" our currently
+# in-use kernel, which doesn't really apply to debootstraps/Docker images that
+# don't even have kernels installed
+rm -f "$rootfsDir/etc/apt/apt.conf.d/01autoremove-kernels"
+
+# Ubuntu 10.04 sucks... :)
+if strings "$rootfsDir/usr/bin/dpkg" | grep -q unsafe-io; then
+	# force dpkg not to call sync() after package extraction (speeding up installs)
+	echo >&2 "+ echo force-unsafe-io > '$rootfsDir/etc/dpkg/dpkg.cfg.d/docker-apt-speedup'"
+	cat > "$rootfsDir/etc/dpkg/dpkg.cfg.d/docker-apt-speedup" <<-'EOF'
+		# For most Docker users, package installs happen during "docker build", which
+		# doesn't survive power loss and gets restarted clean afterwards anyhow, so
+		# this minor tweak gives us a nice speedup (much nicer on spinning disks,
+		# obviously).
+
+		force-unsafe-io
+	EOF
+fi
+
+if [ -d "$rootfsDir/etc/apt/apt.conf.d" ]; then
+	# _keep_ us lean by effectively running "apt-get clean" after every install
+	aptGetClean='"rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true";'
+	echo >&2 "+ cat > '$rootfsDir/etc/apt/apt.conf.d/docker-clean'"
+	cat > "$rootfsDir/etc/apt/apt.conf.d/docker-clean" <<-EOF
+		# Since for most Docker users, package installs happen in "docker build" steps,
+		# they essentially become individual layers due to the way Docker handles
+		# layering, especially using CoW filesystems.  What this means for us is that
+		# the caches that APT keeps end up just wasting space in those layers, making
+		# our layers unnecessarily large (especially since we'll normally never use
+		# these caches again and will instead just "docker build" again and make a brand
+		# new image).
+
+		# Ideally, these would just be invoking "apt-get clean", but in our testing,
+		# that ended up being cyclic and we got stuck on APT's lock, so we get this fun
+		# creation that's essentially just "apt-get clean".
+		DPkg::Post-Invoke { ${aptGetClean} };
+		APT::Update::Post-Invoke { ${aptGetClean} };
+
+		Dir::Cache::pkgcache "";
+		Dir::Cache::srcpkgcache "";
+
+		# Note that we do realize this isn't the ideal way to do this, and are always
+		# open to better suggestions (https://github.com/docker/docker/issues).
+	EOF
+
+	# remove apt-cache translations for fast "apt-get update"
+	echo >&2 "+ echo Acquire::Languages 'none' > '$rootfsDir/etc/apt/apt.conf.d/docker-no-languages'"
+	cat > "$rootfsDir/etc/apt/apt.conf.d/docker-no-languages" <<-'EOF'
+		# In Docker, we don't often need the "Translations" files, so we're just wasting
+		# time and space by downloading them, and this inhibits that.  For users that do
+		# need them, it's a simple matter to delete this file and "apt-get update". :)
+
+		Acquire::Languages "none";
+	EOF
+
+	echo >&2 "+ echo Acquire::GzipIndexes 'true' > '$rootfsDir/etc/apt/apt.conf.d/docker-gzip-indexes'"
+	cat > "$rootfsDir/etc/apt/apt.conf.d/docker-gzip-indexes" <<-'EOF'
+		# Since Docker users using "RUN apt-get update && apt-get install -y ..." in
+		# their Dockerfiles don't go delete the lists files afterwards, we want them to
+		# be as small as possible on-disk, so we explicitly request "gz" versions and
+		# tell Apt to keep them gzipped on-disk.
+
+		# For comparison, an "apt-get update" layer without this on a pristine
+		# "debian:wheezy" base image was "29.88 MB", where with this it was only
+		# "8.273 MB".
+
+		Acquire::GzipIndexes "true";
+		Acquire::CompressionTypes::Order:: "gz";
+	EOF
+
+	# update "autoremove" configuration to be aggressive about removing suggests deps that weren't manually installed
+	echo >&2 "+ echo Apt::AutoRemove::SuggestsImportant 'false' > '$rootfsDir/etc/apt/apt.conf.d/docker-autoremove-suggests'"
+	cat > "$rootfsDir/etc/apt/apt.conf.d/docker-autoremove-suggests" <<-'EOF'
+		# Since Docker users are looking for the smallest possible final images, the
+		# following emerges as a very common pattern:
+
+		#   RUN apt-get update \
+		#       && apt-get install -y <packages> \
+		#       && <do some compilation work> \
+		#       && apt-get purge -y --auto-remove <packages>
+
+		# By default, APT will actually _keep_ packages installed via Recommends or
+		# Depends if another package Suggests them, even and including if the package
+		# that originally caused them to be installed is removed.  Setting this to
+		# "false" ensures that APT is appropriately aggressive about removing the
+		# packages it added.
+
+		# https://aptitude.alioth.debian.org/doc/en/ch02s05s05.html#configApt-AutoRemove-SuggestsImportant
+		Apt::AutoRemove::SuggestsImportant "false";
+	EOF
+fi
+
+if [ -z "$DONT_TOUCH_SOURCES_LIST" ]; then
+	# tweak sources.list, where appropriate
+	lsbDist=
+	if [ -z "$lsbDist" -a -r "$rootfsDir/etc/os-release" ]; then
+		lsbDist="$(. "$rootfsDir/etc/os-release" && echo "$ID")"
+	fi
+	if [ -z "$lsbDist" -a -r "$rootfsDir/etc/lsb-release" ]; then
+		lsbDist="$(. "$rootfsDir/etc/lsb-release" && echo "$DISTRIB_ID")"
+	fi
+	if [ -z "$lsbDist" -a -r "$rootfsDir/etc/debian_version" ]; then
+		lsbDist='Debian'
+	fi
+	# normalize to lowercase for easier matching
+	lsbDist="$(echo "$lsbDist" | tr '[:upper:]' '[:lower:]')"
+	case "$lsbDist" in
+		debian)
+			# updates and security!
+			if [ "$suite" != 'sid' -a "$suite" != 'unstable' ]; then
+				(
+					set -x
+					sed -i "
+						p;
+						s/ $suite / ${suite}-updates /
+					" "$rootfsDir/etc/apt/sources.list"
+					echo "deb http://security.debian.org $suite/updates main" >> "$rootfsDir/etc/apt/sources.list"
+					# squeeze-lts
+					if [ -f "$rootfsDir/etc/debian_version" ]; then
+						ltsSuite=
+						case "$(cat "$rootfsDir/etc/debian_version")" in
+							6.*) ltsSuite='squeeze-lts' ;;
+							#7.*) ltsSuite='wheezy-lts' ;;
+							#8.*) ltsSuite='jessie-lts' ;;
+						esac
+						if [ "$ltsSuite" ]; then
+							head -1 "$rootfsDir/etc/apt/sources.list" \
+								| sed "s/ $suite / $ltsSuite /" \
+									>> "$rootfsDir/etc/apt/sources.list"
+						fi
+					fi
+				)
+			fi
+			;;
+		ubuntu)
+			# add the updates and security repositories
+			(
+				set -x
+				sed -i "
+					p;
+					s/ $suite / ${suite}-updates /; p;
+					s/ $suite-updates / ${suite}-security /
+				" "$rootfsDir/etc/apt/sources.list"
+			)
+			;;
+		tanglu)
+			# add the updates repository
+			if [ "$suite" != 'devel' ]; then
+				(
+					set -x
+					sed -i "
+						p;
+						s/ $suite / ${suite}-updates /
+					" "$rootfsDir/etc/apt/sources.list"
+				)
+			fi
+			;;
+		steamos)
+			# add contrib and non-free if "main" is the only component
+			(
+				set -x
+				sed -i "s/ $suite main$/ $suite main contrib non-free/" "$rootfsDir/etc/apt/sources.list"
+			)
+			;;
+	esac
+fi
+
+(
+	set -x
+
+	# make sure we're fully up-to-date
+	rootfs_chroot sh -xc 'apt-get update && apt-get dist-upgrade -y'
+
+	# delete all the apt list files since they're big and get stale quickly
+	rm -rf "$rootfsDir/var/lib/apt/lists"/*
+	# this forces "apt-get update" in dependent images, which is also good
+
+	mkdir "$rootfsDir/var/lib/apt/lists/partial" # Lucid... "E: Lists directory /var/lib/apt/lists/partial is missing."
+)
diff --git a/contrib/mkimage/mageia-urpmi b/contrib/mkimage/mageia-urpmi
new file mode 100755
index 00000000..93fb289c
--- /dev/null
+++ b/contrib/mkimage/mageia-urpmi
@@ -0,0 +1,61 @@
+#!/usr/bin/env bash
+#
+# Needs to be run from Mageia 4 or greater for kernel support for docker.
+#
+# Mageia 4 does not have docker available in official repos, so please
+# install and run the docker binary manually.
+#
+# Tested working versions are for Mageia 2 onwards (inc. cauldron).
+#
+set -e
+
+rootfsDir="$1"
+shift
+
+optTemp=$(getopt --options '+v:,m:' --longoptions 'version:,mirror:' --name mageia-urpmi -- "$@")
+eval set -- "$optTemp"
+unset optTemp
+
+installversion=
+mirror=
+while true; do
+	case "$1" in
+		-v|--version) installversion="$2" ; shift 2 ;;
+		-m|--mirror) mirror="$2" ; shift 2 ;;
+		--) shift ; break ;;
+	esac
+done
+
+if [ -z $installversion ]; then
+	# Attempt to match host version
+	if [ -r /etc/mageia-release ]; then
+		installversion="$(sed 's/^[^0-9\]*\([0-9.]\+\).*$/\1/' /etc/mageia-release)"
+	else
+		echo "Error: no version supplied and unable to detect host mageia version"
+		exit 1
+	fi
+fi
+
+if [ -z $mirror ]; then
+	# No mirror provided, default to mirrorlist
+	mirror="--mirrorlist https://mirrors.mageia.org/api/mageia.$installversion.x86_64.list"
+fi
+
+(
+	set -x
+	urpmi.addmedia --distrib \
+		$mirror \
+		--urpmi-root "$rootfsDir"
+	urpmi basesystem-minimal urpmi \
+		--auto \
+		--no-suggests \
+		--urpmi-root "$rootfsDir" \
+		--root "$rootfsDir"
+)
+
+"$(dirname "$BASH_SOURCE")/.febootstrap-minimize" "$rootfsDir"
+
+if [ -d "$rootfsDir/etc/sysconfig" ]; then
+	# allow networking init scripts inside the container to work without extra steps
+	echo 'NETWORKING=yes' > "$rootfsDir/etc/sysconfig/network"
+fi
diff --git a/contrib/mkimage/rinse b/contrib/mkimage/rinse
new file mode 100755
index 00000000..75eb4f0d
--- /dev/null
+++ b/contrib/mkimage/rinse
@@ -0,0 +1,25 @@
+#!/usr/bin/env bash
+set -e
+
+rootfsDir="$1"
+shift
+
+# specifying --arch below is safe because "$@" can override it and the "latest" one wins :)
+
+(
+	set -x
+	rinse --directory "$rootfsDir" --arch amd64 "$@"
+)
+
+"$(dirname "$BASH_SOURCE")/.febootstrap-minimize" "$rootfsDir"
+
+if [ -d "$rootfsDir/etc/sysconfig" ]; then
+	# allow networking init scripts inside the container to work without extra steps
+	echo 'NETWORKING=yes' > "$rootfsDir/etc/sysconfig/network"
+fi
+
+# make sure we're fully up-to-date, too
+(
+	set -x
+	chroot "$rootfsDir" yum update -y
+)
diff --git a/contrib/nnp-test/Dockerfile b/contrib/nnp-test/Dockerfile
new file mode 100644
index 00000000..026d8695
--- /dev/null
+++ b/contrib/nnp-test/Dockerfile
@@ -0,0 +1,9 @@
+FROM buildpack-deps:jessie
+
+COPY . /usr/src/
+
+WORKDIR /usr/src/
+
+RUN gcc -g -Wall -static nnp-test.c -o /usr/bin/nnp-test
+
+RUN chmod +s /usr/bin/nnp-test
diff --git a/contrib/nnp-test/nnp-test.c b/contrib/nnp-test/nnp-test.c
new file mode 100644
index 00000000..b767da7e
--- /dev/null
+++ b/contrib/nnp-test/nnp-test.c
@@ -0,0 +1,10 @@
+#include <stdio.h>
+#include <unistd.h>
+#include <sys/types.h>
+
+int main(int argc, char *argv[])
+{
+        printf("EUID=%d\n", geteuid());
+        return 0;
+}
+
diff --git a/contrib/nuke-graph-directory.sh b/contrib/nuke-graph-directory.sh
new file mode 100755
index 00000000..99b527de
--- /dev/null
+++ b/contrib/nuke-graph-directory.sh
@@ -0,0 +1,65 @@
+#!/bin/sh
+set -e
+
+dir="$1"
+
+if [ -z "$dir" ]; then
+	{
+		echo 'This script is for destroying old /var/lib/docker directories more safely than'
+		echo '  "rm -rf", which can cause data loss or other serious issues.'
+		echo
+		echo "usage: $0 directory"
+		echo "   ie: $0 /var/lib/docker"
+	} >&2
+	exit 1
+fi
+
+if [ "$(id -u)" != 0 ]; then
+	echo >&2 "error: $0 must be run as root"
+	exit 1
+fi
+
+if [ ! -d "$dir" ]; then
+	echo >&2 "error: $dir is not a directory"
+	exit 1
+fi
+
+dir="$(readlink -f "$dir")"
+
+echo
+echo "Nuking $dir ..."
+echo '  (if this is wrong, press Ctrl+C NOW!)'
+echo
+
+( set -x; sleep 10 )
+echo
+
+dir_in_dir() {
+	inner="$1"
+	outer="$2"
+	[ "${inner#$outer}" != "$inner" ]
+}
+
+# let's start by unmounting any submounts in $dir
+#   (like -v /home:... for example - DON'T DELETE MY HOME DIRECTORY BRU!)
+for mount in $(awk '{ print $5 }' /proc/self/mountinfo); do
+	mount="$(readlink -f "$mount" || true)"
+	if dir_in_dir "$mount" "$dir"; then
+		( set -x; umount -f "$mount" )
+	fi
+done
+
+# now, let's go destroy individual btrfs subvolumes, if any exist
+if command -v btrfs > /dev/null 2>&1; then
+	root="$(df "$dir" | awk 'NR>1 { print $NF }')"
+	root="${root%/}" # if root is "/", we want it to become ""
+	for subvol in $(btrfs subvolume list -o "$root/" 2>/dev/null | awk -F' path ' '{ print $2 }' | sort -r); do
+		subvolDir="$root/$subvol"
+		if dir_in_dir "$subvolDir" "$dir"; then
+			( set -x; btrfs subvolume delete "$subvolDir" )
+		fi
+	done
+fi
+
+# finally, DESTROY ALL THINGS
+( set -x; rm -rf "$dir" )
diff --git a/contrib/project-stats.sh b/contrib/project-stats.sh
new file mode 100755
index 00000000..2691c72f
--- /dev/null
+++ b/contrib/project-stats.sh
@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+
+## Run this script from the root of the docker repository
+## to query project stats useful to the maintainers.
+## You will need to install `pulls` and `issues` from
+## https://github.com/crosbymichael/pulls
+
+set -e
+
+echo -n "Open pulls: "
+PULLS=$(pulls | wc -l); let PULLS=$PULLS-1
+echo $PULLS
+
+echo -n "Pulls alru: "
+pulls alru
+
+echo -n "Open issues: "
+ISSUES=$(issues list | wc -l); let ISSUES=$ISSUES-1
+echo $ISSUES
+
+echo -n "Issues alru: "
+issues alru
diff --git a/contrib/report-issue.sh b/contrib/report-issue.sh
new file mode 100755
index 00000000..cb54f1a5
--- /dev/null
+++ b/contrib/report-issue.sh
@@ -0,0 +1,105 @@
+#!/bin/sh
+
+# This is a convenience script for reporting issues that include a base
+# template of information. See https://github.com/docker/docker/pull/8845
+
+set -e
+
+DOCKER_ISSUE_URL=${DOCKER_ISSUE_URL:-"https://github.com/docker/docker/issues/new"}
+DOCKER_ISSUE_NAME_PREFIX=${DOCKER_ISSUE_NAME_PREFIX:-"Report: "}
+DOCKER=${DOCKER:-"docker"}
+DOCKER_COMMAND="${DOCKER}"
+export DOCKER_COMMAND
+
+# pulled from https://gist.github.com/cdown/1163649
+function urlencode() {
+	# urlencode <string>
+
+	local length="${#1}"
+	for (( i = 0; i < length; i++ )); do
+			local c="${1:i:1}"
+			case $c in
+					[a-zA-Z0-9.~_-]) printf "$c" ;;
+					*) printf '%%%02X' "'$c"
+			esac
+	done
+}
+
+function template() {
+# this should always match the template from CONTRIBUTING.md
+	cat <<- EOM
+	Description of problem:
+
+
+	\`docker version\`:
+	`${DOCKER_COMMAND} -D version`
+
+
+	\`docker info\`:
+	`${DOCKER_COMMAND} -D info`
+
+
+	\`uname -a\`:
+	`uname -a`
+
+
+	Environment details (AWS, VirtualBox, physical, etc.):
+
+
+	How reproducible:
+
+
+	Steps to Reproduce:
+	1.
+	2.
+	3.
+
+
+	Actual Results:
+
+
+	Expected Results:
+
+
+	Additional info:
+
+
+	EOM
+}
+
+function format_issue_url() {
+	if [ ${#@} -ne 2 ] ; then
+		return 1
+	fi
+	local issue_name=$(urlencode "${DOCKER_ISSUE_NAME_PREFIX}${1}")
+	local issue_body=$(urlencode "${2}")
+	echo "${DOCKER_ISSUE_URL}?title=${issue_name}&body=${issue_body}"
+}
+
+
+echo -ne "Do you use \`sudo\` to call docker? [y|N]: "
+read -r -n 1 use_sudo
+echo ""
+
+if [ "x${use_sudo}" = "xy" -o "x${use_sudo}" = "xY" ]; then
+	export DOCKER_COMMAND="sudo ${DOCKER}"
+fi
+
+echo -ne "Title of new issue?: "
+read -r issue_title
+echo ""
+
+issue_url=$(format_issue_url "${issue_title}" "$(template)")
+
+if which xdg-open 2>/dev/null >/dev/null ; then
+	echo -ne "Would like to launch this report in your browser? [Y|n]: "
+	read -r -n 1 launch_now
+	echo ""
+
+	if [ "${launch_now}" != "n" -a "${launch_now}" != "N" ]; then
+		xdg-open "${issue_url}"
+	fi
+fi
+
+echo "If you would like to manually open the url, you can open this link if your browser: ${issue_url}"
+
diff --git a/contrib/reprepro/suites.sh b/contrib/reprepro/suites.sh
new file mode 100755
index 00000000..9ecf99d4
--- /dev/null
+++ b/contrib/reprepro/suites.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+set -e
+
+cd "$(dirname "$BASH_SOURCE")/../.."
+
+targets_from() {
+       git fetch -q https://github.com/docker/docker.git "$1"
+       git ls-tree -r --name-only "$(git rev-parse FETCH_HEAD)" contrib/builder/deb/ | grep '/Dockerfile$' | sed -r 's!^contrib/builder/deb/|^contrib/builder/deb/amd64/|-debootstrap|/Dockerfile$!!g' | grep -v /
+}
+
+release_branch=$(git ls-remote --heads https://github.com/docker/docker.git | awk -F 'refs/heads/' '$2 ~ /^release/ { print $2 }' | sort -V | tail -1)
+{ targets_from master; targets_from "$release_branch"; } | sort -u
diff --git a/contrib/syntax/kate/Dockerfile.xml b/contrib/syntax/kate/Dockerfile.xml
new file mode 100644
index 00000000..05692504
--- /dev/null
+++ b/contrib/syntax/kate/Dockerfile.xml
@@ -0,0 +1,70 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE language SYSTEM "language.dtd">
+<!-- Dockerfile syntaxfile v1.0 by James Turnbull <james@lovedthanlost.net> -->
+<language name="Dockerfile" section="Other"
+          version="1.0" kateversion="2.4"
+          extensions="Dockerfile"
+          mimetype="text/plain"
+          author="James Turnbull (james@lovedthanlost.net)"
+          license="GPL">
+  <highlighting>
+    <list name="keywords">
+      <item> FROM </item>
+      <item> MAINTAINER </item>
+      <item> ENV </item>
+      <item> RUN </item>
+      <item> ONBUILD </item>
+      <item> COPY </item>
+      <item> ADD </item>
+      <item> VOLUME </item>
+      <item> EXPOSE </item>
+      <item> ENTRYPOINT </item>
+      <item> CMD </item>
+      <item> WORKDIR </item>
+      <item> USER </item>
+      <item> LABEL </item>
+      <item> STOPSIGNAL </item>
+    </list>
+
+    <contexts>
+      <context name="normal" attribute="Normal" lineEndContext="#stay">
+        <DetectSpaces/>
+        <DetectChar attribute="Comment" context="Comment" char="#"/>
+        <keyword attribute="Keyword"  context="#stay" String="keywords"/>
+        <DetectIdentifier/>
+        <DetectChar attribute="String" context="string&quot;" char="&quot;"/>
+        <DetectChar attribute="String" context="string'" char="'"/>
+      </context>
+
+      <context attribute="Comment" lineEndContext="#pop" name="Comment">
+        <LineContinue attribute="Comment" context="#stay" />
+      </context>
+
+      <context name="string&quot;" attribute="String" lineEndContext="#pop">
+        <LineContinue attribute="Operator" context="#stay"/>
+        <DetectChar attribute="String" context="#pop" char="&quot;"/>
+        <DetectChar attribute="Operator" context="dollar" char="$"/>
+      </context>
+
+      <context name="string'" attribute="String" lineEndContext="#pop">
+        <LineContinue attribute="String" context="#stay"/>
+        <DetectChar attribute="String" context="#pop" char="'"/>
+        <DetectChar attribute="Operator" context="dollar" char="$"/>
+      </context>
+
+    </contexts>
+    <itemDatas>
+      <itemData name="Normal"    defStyleNum="dsNormal" spellChecking="0"/>
+      <itemData name="Keyword"   defStyleNum="dsKeyword" spellChecking="0"/>
+      <itemData name="Comment"   defStyleNum="dsComment"/>
+      <itemData name="String"    defStyleNum="dsString" spellChecking="0"/>
+    </itemDatas>
+  </highlighting>
+  <general>
+    <comments>
+      <comment name = "singleLine" start = "#"/>
+    </comments>
+  </general>
+</language>
+<!-- kate: space-indent on; indent-width 2; replace-tabs on; -->
+
diff --git a/contrib/syntax/nano/Dockerfile.nanorc b/contrib/syntax/nano/Dockerfile.nanorc
new file mode 100644
index 00000000..80e56dfb
--- /dev/null
+++ b/contrib/syntax/nano/Dockerfile.nanorc
@@ -0,0 +1,26 @@
+## Syntax highlighting for Dockerfiles
+syntax "Dockerfile" "Dockerfile[^/]*$"
+
+## Keywords
+icolor red "^(FROM|MAINTAINER|RUN|CMD|LABEL|EXPOSE|ENV|ADD|COPY|ENTRYPOINT|VOLUME|USER|WORKDIR|ONBUILD)[[:space:]]"
+
+## Brackets & parenthesis
+color brightgreen "(\(|\)|\[|\])"
+
+## Double ampersand
+color brightmagenta "&&"
+
+## Comments
+icolor cyan "^[[:space:]]*#.*$"
+
+## Blank space at EOL
+color ,green "[[:space:]]+$"
+
+## Strings, single-quoted
+color brightwhite "'([^']|(\\'))*'" "%[qw]\{[^}]*\}" "%[qw]\([^)]*\)" "%[qw]<[^>]*>" "%[qw]\[[^]]*\]" "%[qw]\$[^$]*\$" "%[qw]\^[^^]*\^" "%[qw]![^!]*!"
+
+## Strings, double-quoted
+color brightwhite ""([^"]|(\\"))*"" "%[QW]?\{[^}]*\}" "%[QW]?\([^)]*\)" "%[QW]?<[^>]*>" "%[QW]?\[[^]]*\]" "%[QW]?\$[^$]*\$" "%[QW]?\^[^^]*\^" "%[QW]?![^!]*!"
+
+## Single and double quotes
+color brightyellow "('|\")"
diff --git a/contrib/syntax/nano/README.md b/contrib/syntax/nano/README.md
new file mode 100644
index 00000000..5985208b
--- /dev/null
+++ b/contrib/syntax/nano/README.md
@@ -0,0 +1,32 @@
+Dockerfile.nanorc
+=================
+
+Dockerfile syntax highlighting for nano
+
+Single User Installation
+------------------------
+1. Create a nano syntax directory in your home directory:
+ * `mkdir -p ~/.nano/syntax`
+
+2. Copy `Dockerfile.nanorc` to` ~/.nano/syntax/`
+ * `cp Dockerfile.nanorc ~/.nano/syntax/`
+
+3. Add the following to your `~/.nanorc` to tell nano where to find the `Dockerfile.nanorc` file
+  ```
+## Dockerfile files
+include "~/.nano/syntax/Dockerfile.nanorc"
+  ```
+
+System Wide Installation
+------------------------
+1. Create a nano syntax directory: 
+  * `mkdir /usr/local/share/nano`
+
+2. Copy `Dockerfile.nanorc` to `/usr/local/share/nano`
+  * `cp Dockerfile.nanorc /usr/local/share/nano/`
+
+3. Add the following to your `/etc/nanorc`:
+  ```
+## Dockerfile files
+include "/usr/local/share/nano/Dockerfile.nanorc"
+  ```
diff --git a/contrib/syntax/textmate/Docker.tmbundle/Preferences/Dockerfile.tmPreferences b/contrib/syntax/textmate/Docker.tmbundle/Preferences/Dockerfile.tmPreferences
new file mode 100644
index 00000000..20f0d04c
--- /dev/null
+++ b/contrib/syntax/textmate/Docker.tmbundle/Preferences/Dockerfile.tmPreferences
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>name</key>
+	<string>Comments</string>
+	<key>scope</key>
+	<string>source.dockerfile</string>
+	<key>settings</key>
+	<dict>
+		<key>shellVariables</key>
+		<array>
+			<dict>
+				<key>name</key>
+				<string>TM_COMMENT_START</string>
+				<key>value</key>
+				<string># </string>
+			</dict>
+		</array>
+	</dict>
+	<key>uuid</key>
+	<string>2B215AC0-A7F3-4090-9FF6-F4842BD56CA7</string>
+</dict>
+</plist>
diff --git a/contrib/syntax/textmate/Docker.tmbundle/Syntaxes/Dockerfile.tmLanguage b/contrib/syntax/textmate/Docker.tmbundle/Syntaxes/Dockerfile.tmLanguage
new file mode 100644
index 00000000..f45f6669
--- /dev/null
+++ b/contrib/syntax/textmate/Docker.tmbundle/Syntaxes/Dockerfile.tmLanguage
@@ -0,0 +1,143 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>fileTypes</key>
+	<array>
+		<string>Dockerfile</string>
+	</array>
+	<key>name</key>
+	<string>Dockerfile</string>
+	<key>patterns</key>
+	<array>
+		<dict>
+			<key>captures</key>
+			<dict>
+				<key>1</key>
+				<dict>
+					<key>name</key>
+					<string>keyword.control.dockerfile</string>
+				</dict>
+				<key>2</key>
+				<dict>
+					<key>name</key>
+					<string>keyword.other.special-method.dockerfile</string>
+				</dict>
+			</dict>
+			<key>match</key>
+			<string>^\s*(?:(ONBUILD)\s+)?(FROM|MAINTAINER|RUN|EXPOSE|ENV|ADD|VOLUME|USER|WORKDIR|COPY|LABEL|STOPSIGNAL|ARG)\s</string>
+		</dict>
+		<dict>
+			<key>captures</key>
+			<dict>
+				<key>1</key>
+				<dict>
+					<key>name</key>
+					<string>keyword.operator.dockerfile</string>
+				</dict>
+				<key>2</key>
+				<dict>
+					<key>name</key>
+					<string>keyword.other.special-method.dockerfile</string>
+				</dict>
+			</dict>
+			<key>match</key>
+			<string>^\s*(?:(ONBUILD)\s+)?(CMD|ENTRYPOINT)\s</string>
+		</dict>
+		<dict>
+			<key>begin</key>
+			<string>"</string>
+			<key>beginCaptures</key>
+			<dict>
+				<key>1</key>
+				<dict>
+					<key>name</key>
+					<string>punctuation.definition.string.begin.dockerfile</string>
+				</dict>
+			</dict>
+			<key>end</key>
+			<string>"</string>
+			<key>endCaptures</key>
+			<dict>
+				<key>1</key>
+				<dict>
+					<key>name</key>
+					<string>punctuation.definition.string.end.dockerfile</string>
+				</dict>
+			</dict>
+			<key>name</key>
+			<string>string.quoted.double.dockerfile</string>
+			<key>patterns</key>
+			<array>
+				<dict>
+					<key>match</key>
+					<string>\\.</string>
+					<key>name</key>
+					<string>constant.character.escaped.dockerfile</string>
+				</dict>
+			</array>
+		</dict>
+		<dict>
+			<key>begin</key>
+			<string>'</string>
+			<key>beginCaptures</key>
+			<dict>
+				<key>1</key>
+				<dict>
+					<key>name</key>
+					<string>punctuation.definition.string.begin.dockerfile</string>
+				</dict>
+			</dict>
+			<key>end</key>
+			<string>'</string>
+			<key>endCaptures</key>
+			<dict>
+				<key>1</key>
+				<dict>
+					<key>name</key>
+					<string>punctuation.definition.string.end.dockerfile</string>
+				</dict>
+			</dict>
+			<key>name</key>
+			<string>string.quoted.single.dockerfile</string>
+			<key>patterns</key>
+			<array>
+				<dict>
+					<key>match</key>
+					<string>\\.</string>
+					<key>name</key>
+					<string>constant.character.escaped.dockerfile</string>
+				</dict>
+			</array>
+		</dict>
+		<dict>
+			<key>captures</key>
+			<dict>
+				<key>1</key>
+				<dict>
+					<key>name</key>
+					<string>punctuation.whitespace.comment.leading.dockerfile</string>
+				</dict>
+				<key>2</key>
+				<dict>
+					<key>name</key>
+					<string>comment.line.number-sign.dockerfile</string>
+				</dict>
+				<key>3</key>
+				<dict>
+					<key>name</key>
+					<string>punctuation.definition.comment.dockerfile</string>
+				</dict>
+			</dict>
+			<key>comment</key>
+			<string>comment.line</string>
+			<key>match</key>
+			<string>^(\s*)((#).*$\n?)</string>
+		</dict>
+	</array>
+	<key>scopeName</key>
+	<string>source.dockerfile</string>
+	<key>uuid</key>
+	<string>a39d8795-59d2-49af-aa00-fe74ee29576e</string>
+</dict>
+</plist>
diff --git a/contrib/syntax/textmate/Docker.tmbundle/info.plist b/contrib/syntax/textmate/Docker.tmbundle/info.plist
new file mode 100644
index 00000000..239f4b0a
--- /dev/null
+++ b/contrib/syntax/textmate/Docker.tmbundle/info.plist
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>contactEmailRot13</key>
+	<string>germ@andz.com.ar</string>
+	<key>contactName</key>
+	<string>GermanDZ</string>
+	<key>description</key>
+	<string>Helpers for Docker.</string>
+	<key>name</key>
+	<string>Docker</string>
+	<key>uuid</key>
+	<string>8B9DDBAF-E65C-4E12-FFA7-467D4AA535B1</string>
+</dict>
+</plist>
diff --git a/contrib/syntax/textmate/README.md b/contrib/syntax/textmate/README.md
new file mode 100644
index 00000000..ce611018
--- /dev/null
+++ b/contrib/syntax/textmate/README.md
@@ -0,0 +1,17 @@
+# Docker.tmbundle
+
+Dockerfile syntax highlighting for TextMate and Sublime Text.
+
+## Install
+
+### Sublime Text
+
+Available for Sublime Text under [package control](https://sublime.wbond.net/packages/Dockerfile%20Syntax%20Highlighting).
+Search for *Dockerfile Syntax Highlighting*
+
+### TextMate 2
+
+You can install this bundle in TextMate by opening the preferences and going to the bundles tab. After installation it will be automatically updated for you.
+
+enjoy.
+
diff --git a/contrib/syntax/textmate/REVIEWERS b/contrib/syntax/textmate/REVIEWERS
new file mode 100644
index 00000000..965743df
--- /dev/null
+++ b/contrib/syntax/textmate/REVIEWERS
@@ -0,0 +1 @@
+Asbjorn Enge <asbjorn@hanafjedle.net> (@asbjornenge)
diff --git a/contrib/syntax/vim/LICENSE b/contrib/syntax/vim/LICENSE
new file mode 100644
index 00000000..e67cdabd
--- /dev/null
+++ b/contrib/syntax/vim/LICENSE
@@ -0,0 +1,22 @@
+Copyright (c) 2013 Honza Pokorny
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright
+   notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/contrib/syntax/vim/README.md b/contrib/syntax/vim/README.md
new file mode 100644
index 00000000..5aa9bd82
--- /dev/null
+++ b/contrib/syntax/vim/README.md
@@ -0,0 +1,26 @@
+dockerfile.vim
+==============
+
+Syntax highlighting for Dockerfiles
+
+Installation
+------------
+With [pathogen](https://github.com/tpope/vim-pathogen), the usual way...
+
+With [Vundle](https://github.com/gmarik/Vundle.vim)
+  
+    Plugin 'docker/docker' , {'rtp': '/contrib/syntax/vim/'}
+
+Features
+--------
+
+The syntax highlighting includes:
+
+* The directives (e.g. `FROM`)
+* Strings
+* Comments
+
+License
+-------
+
+BSD, short and sweet
diff --git a/contrib/syntax/vim/doc/dockerfile.txt b/contrib/syntax/vim/doc/dockerfile.txt
new file mode 100644
index 00000000..e69e2b7b
--- /dev/null
+++ b/contrib/syntax/vim/doc/dockerfile.txt
@@ -0,0 +1,18 @@
+*dockerfile.txt*  Syntax highlighting for Dockerfiles
+
+Author: Honza Pokorny <https://honza.ca>
+License: BSD
+
+INSTALLATION                                                     *installation*
+
+Drop it on your Pathogen path and you're all set.
+
+FEATURES                                                             *features*
+
+The syntax highlighting includes:
+
+* The directives (e.g. FROM)
+* Strings
+* Comments
+
+ vim:tw=78:et:ft=help:norl:
diff --git a/contrib/syntax/vim/ftdetect/dockerfile.vim b/contrib/syntax/vim/ftdetect/dockerfile.vim
new file mode 100644
index 00000000..ee10e5d6
--- /dev/null
+++ b/contrib/syntax/vim/ftdetect/dockerfile.vim
@@ -0,0 +1 @@
+au BufNewFile,BufRead [Dd]ockerfile,Dockerfile.* set filetype=dockerfile
diff --git a/contrib/syntax/vim/syntax/dockerfile.vim b/contrib/syntax/vim/syntax/dockerfile.vim
new file mode 100644
index 00000000..bb75da85
--- /dev/null
+++ b/contrib/syntax/vim/syntax/dockerfile.vim
@@ -0,0 +1,31 @@
+" dockerfile.vim - Syntax highlighting for Dockerfiles
+" Maintainer:   Honza Pokorny <https://honza.ca>
+" Version:      0.5
+
+
+if exists("b:current_syntax")
+    finish
+endif
+
+let b:current_syntax = "dockerfile"
+
+syntax case ignore
+
+syntax match dockerfileKeyword /\v^\s*(ONBUILD\s+)?(ADD|CMD|ENTRYPOINT|ENV|EXPOSE|FROM|MAINTAINER|RUN|USER|LABEL|VOLUME|WORKDIR|COPY|STOPSIGNAL|ARG)\s/
+highlight link dockerfileKeyword Keyword
+
+syntax region dockerfileString start=/\v"/ skip=/\v\\./ end=/\v"/
+highlight link dockerfileString String
+
+syntax match dockerfileComment "\v^\s*#.*$"
+highlight link dockerfileComment Comment
+
+set commentstring=#\ %s
+
+" match "RUN", "CMD", and "ENTRYPOINT" lines, and parse them as shell
+let s:current_syntax = b:current_syntax
+unlet b:current_syntax
+syntax include @SH syntax/sh.vim
+let b:current_syntax = s:current_syntax
+syntax region shLine matchgroup=dockerfileKeyword start=/\v^\s*(RUN|CMD|ENTRYPOINT)\s/ end=/\v$/ contains=@SH
+" since @SH will handle "\" as part of the same line automatically, this "just works" for line continuation too, but with the caveat that it will highlight "RUN echo '" followed by a newline as if it were a block because the "'" is shell line continuation...  not sure how to fix that just yet (TODO)
diff --git a/contrib/syscall-test/Dockerfile b/contrib/syscall-test/Dockerfile
new file mode 100644
index 00000000..8cd6bebf
--- /dev/null
+++ b/contrib/syscall-test/Dockerfile
@@ -0,0 +1,9 @@
+FROM buildpack-deps:jessie
+
+COPY . /usr/src/
+
+WORKDIR /usr/src/
+
+RUN gcc -g -Wall -static userns.c -o /usr/bin/userns-test \
+	&& gcc -g -Wall -static ns.c -o /usr/bin/ns-test \
+	&& gcc -g -Wall -static acct.c -o /usr/bin/acct-test
diff --git a/contrib/syscall-test/acct.c b/contrib/syscall-test/acct.c
new file mode 100644
index 00000000..88ac2879
--- /dev/null
+++ b/contrib/syscall-test/acct.c
@@ -0,0 +1,16 @@
+#define _GNU_SOURCE
+#include <unistd.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+
+int main(int argc, char **argv)
+{
+	int err = acct("/tmp/t");
+	if (err == -1) {
+		fprintf(stderr, "acct failed: %s\n", strerror(errno));
+		exit(EXIT_FAILURE);
+	}
+	exit(EXIT_SUCCESS);
+}
diff --git a/contrib/syscall-test/ns.c b/contrib/syscall-test/ns.c
new file mode 100644
index 00000000..bc897add
--- /dev/null
+++ b/contrib/syscall-test/ns.c
@@ -0,0 +1,63 @@
+#define _GNU_SOURCE
+#include <errno.h>
+#include <sched.h>
+#include <signal.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/mman.h>
+#include <sys/wait.h>
+#include <unistd.h>
+
+#define STACK_SIZE (1024 * 1024)	/* Stack size for cloned child */
+
+struct clone_args {
+	char **argv;
+};
+
+// child_exec is the func that will be executed as the result of clone
+static int child_exec(void *stuff)
+{
+	struct clone_args *args = (struct clone_args *)stuff;
+	if (execvp(args->argv[0], args->argv) != 0) {
+		fprintf(stderr, "failed to execvp argments %s\n",
+			strerror(errno));
+		exit(-1);
+	}
+	// we should never reach here!
+	exit(EXIT_FAILURE);
+}
+
+int main(int argc, char **argv)
+{
+	struct clone_args args;
+	args.argv = &argv[1];
+
+	int clone_flags = CLONE_NEWNS | CLONE_NEWPID | SIGCHLD;
+
+	// allocate stack for child
+	char *stack;		/* Start of stack buffer */
+	char *child_stack;	/* End of stack buffer */
+	stack =
+	    mmap(NULL, STACK_SIZE, PROT_READ | PROT_WRITE,
+		 MAP_SHARED | MAP_ANON | MAP_STACK, -1, 0);
+	if (stack == MAP_FAILED) {
+		fprintf(stderr, "mmap failed: %s\n", strerror(errno));
+		exit(EXIT_FAILURE);
+	}
+	child_stack = stack + STACK_SIZE;	/* Assume stack grows downward */
+
+	// the result of this call is that our child_exec will be run in another
+	// process returning it's pid
+	pid_t pid = clone(child_exec, child_stack, clone_flags, &args);
+	if (pid < 0) {
+		fprintf(stderr, "clone failed: %s\n", strerror(errno));
+		exit(EXIT_FAILURE);
+	}
+	// lets wait on our child process here before we, the parent, exits
+	if (waitpid(pid, NULL, 0) == -1) {
+		fprintf(stderr, "failed to wait pid %d\n", pid);
+		exit(EXIT_FAILURE);
+	}
+	exit(EXIT_SUCCESS);
+}
diff --git a/contrib/syscall-test/userns.c b/contrib/syscall-test/userns.c
new file mode 100644
index 00000000..6ec553fe
--- /dev/null
+++ b/contrib/syscall-test/userns.c
@@ -0,0 +1,63 @@
+#define _GNU_SOURCE
+#include <errno.h>
+#include <sched.h>
+#include <signal.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/mman.h>
+#include <sys/wait.h>
+#include <unistd.h>
+
+#define STACK_SIZE (1024 * 1024)	/* Stack size for cloned child */
+
+struct clone_args {
+	char **argv;
+};
+
+// child_exec is the func that will be executed as the result of clone
+static int child_exec(void *stuff)
+{
+	struct clone_args *args = (struct clone_args *)stuff;
+	if (execvp(args->argv[0], args->argv) != 0) {
+		fprintf(stderr, "failed to execvp argments %s\n",
+			strerror(errno));
+		exit(-1);
+	}
+	// we should never reach here!
+	exit(EXIT_FAILURE);
+}
+
+int main(int argc, char **argv)
+{
+	struct clone_args args;
+	args.argv = &argv[1];
+
+	int clone_flags = CLONE_NEWUSER | SIGCHLD;
+
+	// allocate stack for child
+	char *stack;		/* Start of stack buffer */
+	char *child_stack;	/* End of stack buffer */
+	stack =
+	    mmap(NULL, STACK_SIZE, PROT_READ | PROT_WRITE,
+		 MAP_SHARED | MAP_ANON | MAP_STACK, -1, 0);
+	if (stack == MAP_FAILED) {
+		fprintf(stderr, "mmap failed: %s\n", strerror(errno));
+		exit(EXIT_FAILURE);
+	}
+	child_stack = stack + STACK_SIZE;	/* Assume stack grows downward */
+
+	// the result of this call is that our child_exec will be run in another
+	// process returning it's pid
+	pid_t pid = clone(child_exec, child_stack, clone_flags, &args);
+	if (pid < 0) {
+		fprintf(stderr, "clone failed: %s\n", strerror(errno));
+		exit(EXIT_FAILURE);
+	}
+	// lets wait on our child process here before we, the parent, exits
+	if (waitpid(pid, NULL, 0) == -1) {
+		fprintf(stderr, "failed to wait pid %d\n", pid);
+		exit(EXIT_FAILURE);
+	}
+	exit(EXIT_SUCCESS);
+}
diff --git a/contrib/udev/80-docker.rules b/contrib/udev/80-docker.rules
new file mode 100644
index 00000000..f934c017
--- /dev/null
+++ b/contrib/udev/80-docker.rules
@@ -0,0 +1,3 @@
+# hide docker's loopback devices from udisks, and thus from user desktops
+SUBSYSTEM=="block", ENV{DM_NAME}=="docker-*", ENV{UDISKS_PRESENTATION_HIDE}="1", ENV{UDISKS_IGNORE}="1"
+SUBSYSTEM=="block", DEVPATH=="/devices/virtual/block/loop*", ATTR{loop/backing_file}=="/var/lib/docker/*", ENV{UDISKS_PRESENTATION_HIDE}="1", ENV{UDISKS_IGNORE}="1"
diff --git a/contrib/vagrant-docker/README.md b/contrib/vagrant-docker/README.md
new file mode 100644
index 00000000..360bfad3
--- /dev/null
+++ b/contrib/vagrant-docker/README.md
@@ -0,0 +1,50 @@
+# Vagrant integration
+
+Currently there are at least 4 different projects that we are aware of that deals
+with integration with [Vagrant](http://vagrantup.com/) at different levels. One
+approach is to use Docker as a [provisioner](http://docs.vagrantup.com/v2/provisioning/index.html)
+which means you can create containers and pull base images on VMs using Docker's
+CLI and the other is to use Docker as a [provider](http://docs.vagrantup.com/v2/providers/index.html),
+meaning you can use Vagrant to control Docker containers.
+
+
+### Provisioners
+
+* [Vocker](https://github.com/fgrehm/vocker)
+* [Ventriloquist](https://github.com/fgrehm/ventriloquist)
+
+### Providers
+
+* [docker-provider](https://github.com/fgrehm/docker-provider)
+* [vagrant-shell](https://github.com/destructuring/vagrant-shell)
+
+## Setting up Vagrant-docker with the Remote API
+
+The initial Docker upstart script will not work because it runs on `127.0.0.1`, which is not accessible to the host machine. Instead, we need to change the script to connect to `0.0.0.0`. To do this, modify `/etc/init/docker.conf` to look like this:
+
+```
+description     "Docker daemon"
+
+start on filesystem
+stop on runlevel [!2345]
+
+respawn
+
+script
+    /usr/bin/docker daemon -H=tcp://0.0.0.0:2375
+end script
+```
+
+Once that's done, you need to set up a SSH tunnel between your host machine and the vagrant machine that's running Docker. This can be done by running the following command in a host terminal:
+
+```
+ssh -L 2375:localhost:2375 -p 2222 vagrant@localhost
+```
+
+(The first 2375 is what your host can connect to, the second 2375 is what port Docker is running on in the vagrant machine, and the 2222 is the port Vagrant is providing for SSH. If VirtualBox is the VM you're using, you can see what value "2222" should be by going to: Network > Adapter 1 > Advanced > Port Forwarding in the VirtualBox GUI.)
+
+Note that because the port has been changed, to run docker commands from within the command line you must run them like this:
+
+```
+sudo docker -H 0.0.0.0:2375 < commands for docker >
+```
diff --git a/daemon/apparmor_default.go b/daemon/apparmor_default.go
new file mode 100644
index 00000000..e4065b4a
--- /dev/null
+++ b/daemon/apparmor_default.go
@@ -0,0 +1,30 @@
+// +build linux
+
+package daemon
+
+import (
+	"github.com/Sirupsen/logrus"
+	aaprofile "github.com/docker/docker/profiles/apparmor"
+	"github.com/opencontainers/runc/libcontainer/apparmor"
+)
+
+// Define constants for native driver
+const (
+	defaultApparmorProfile = "docker-default"
+)
+
+func installDefaultAppArmorProfile() {
+	if apparmor.IsEnabled() {
+		if err := aaprofile.InstallDefault(defaultApparmorProfile); err != nil {
+			apparmorProfiles := []string{defaultApparmorProfile}
+
+			// Allow daemon to run if loading failed, but are active
+			// (possibly through another run, manually, or via system startup)
+			for _, policy := range apparmorProfiles {
+				if err := aaprofile.IsLoaded(policy); err != nil {
+					logrus.Errorf("AppArmor enabled on system but the %s profile could not be loaded.", policy)
+				}
+			}
+		}
+	}
+}
diff --git a/daemon/apparmor_default_unsupported.go b/daemon/apparmor_default_unsupported.go
new file mode 100644
index 00000000..f186a68a
--- /dev/null
+++ b/daemon/apparmor_default_unsupported.go
@@ -0,0 +1,6 @@
+// +build !linux
+
+package daemon
+
+func installDefaultAppArmorProfile() {
+}
diff --git a/daemon/archive.go b/daemon/archive.go
new file mode 100644
index 00000000..5cf69852
--- /dev/null
+++ b/daemon/archive.go
@@ -0,0 +1,429 @@
+package daemon
+
+import (
+	"errors"
+	"io"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/docker/docker/builder"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/chrootarchive"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/engine-api/types"
+)
+
+// ErrExtractPointNotDirectory is used to convey that the operation to extract
+// a tar archive to a directory in a container has failed because the specified
+// path does not refer to a directory.
+var ErrExtractPointNotDirectory = errors.New("extraction point is not a directory")
+
+// ContainerCopy performs a deprecated operation of archiving the resource at
+// the specified path in the container identified by the given name.
+func (daemon *Daemon) ContainerCopy(name string, res string) (io.ReadCloser, error) {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return nil, err
+	}
+
+	if res[0] == '/' || res[0] == '\\' {
+		res = res[1:]
+	}
+
+	return daemon.containerCopy(container, res)
+}
+
+// ContainerStatPath stats the filesystem resource at the specified path in the
+// container identified by the given name.
+func (daemon *Daemon) ContainerStatPath(name string, path string) (stat *types.ContainerPathStat, err error) {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return nil, err
+	}
+
+	return daemon.containerStatPath(container, path)
+}
+
+// ContainerArchivePath creates an archive of the filesystem resource at the
+// specified path in the container identified by the given name. Returns a
+// tar archive of the resource and whether it was a directory or a single file.
+func (daemon *Daemon) ContainerArchivePath(name string, path string) (content io.ReadCloser, stat *types.ContainerPathStat, err error) {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	return daemon.containerArchivePath(container, path)
+}
+
+// ContainerExtractToDir extracts the given archive to the specified location
+// in the filesystem of the container identified by the given name. The given
+// path must be of a directory in the container. If it is not, the error will
+// be ErrExtractPointNotDirectory. If noOverwriteDirNonDir is true then it will
+// be an error if unpacking the given content would cause an existing directory
+// to be replaced with a non-directory and vice versa.
+func (daemon *Daemon) ContainerExtractToDir(name, path string, noOverwriteDirNonDir bool, content io.Reader) error {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return err
+	}
+
+	return daemon.containerExtractToDir(container, path, noOverwriteDirNonDir, content)
+}
+
+// containerStatPath stats the filesystem resource at the specified path in this
+// container. Returns stat info about the resource.
+func (daemon *Daemon) containerStatPath(container *container.Container, path string) (stat *types.ContainerPathStat, err error) {
+	container.Lock()
+	defer container.Unlock()
+
+	if err = daemon.Mount(container); err != nil {
+		return nil, err
+	}
+	defer daemon.Unmount(container)
+
+	err = daemon.mountVolumes(container)
+	defer container.UnmountVolumes(true, daemon.LogVolumeEvent)
+	if err != nil {
+		return nil, err
+	}
+
+	resolvedPath, absPath, err := container.ResolvePath(path)
+	if err != nil {
+		return nil, err
+	}
+
+	return container.StatPath(resolvedPath, absPath)
+}
+
+// containerArchivePath creates an archive of the filesystem resource at the specified
+// path in this container. Returns a tar archive of the resource and stat info
+// about the resource.
+func (daemon *Daemon) containerArchivePath(container *container.Container, path string) (content io.ReadCloser, stat *types.ContainerPathStat, err error) {
+	container.Lock()
+
+	defer func() {
+		if err != nil {
+			// Wait to unlock the container until the archive is fully read
+			// (see the ReadCloseWrapper func below) or if there is an error
+			// before that occurs.
+			container.Unlock()
+		}
+	}()
+
+	if err = daemon.Mount(container); err != nil {
+		return nil, nil, err
+	}
+
+	defer func() {
+		if err != nil {
+			// unmount any volumes
+			container.UnmountVolumes(true, daemon.LogVolumeEvent)
+			// unmount the container's rootfs
+			daemon.Unmount(container)
+		}
+	}()
+
+	if err = daemon.mountVolumes(container); err != nil {
+		return nil, nil, err
+	}
+
+	resolvedPath, absPath, err := container.ResolvePath(path)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	stat, err = container.StatPath(resolvedPath, absPath)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	// We need to rebase the archive entries if the last element of the
+	// resolved path was a symlink that was evaluated and is now different
+	// than the requested path. For example, if the given path was "/foo/bar/",
+	// but it resolved to "/var/lib/docker/containers/{id}/foo/baz/", we want
+	// to ensure that the archive entries start with "bar" and not "baz". This
+	// also catches the case when the root directory of the container is
+	// requested: we want the archive entries to start with "/" and not the
+	// container ID.
+	data, err := archive.TarResourceRebase(resolvedPath, filepath.Base(absPath))
+	if err != nil {
+		return nil, nil, err
+	}
+
+	content = ioutils.NewReadCloserWrapper(data, func() error {
+		err := data.Close()
+		container.UnmountVolumes(true, daemon.LogVolumeEvent)
+		daemon.Unmount(container)
+		container.Unlock()
+		return err
+	})
+
+	daemon.LogContainerEvent(container, "archive-path")
+
+	return content, stat, nil
+}
+
+// containerExtractToDir extracts the given tar archive to the specified location in the
+// filesystem of this container. The given path must be of a directory in the
+// container. If it is not, the error will be ErrExtractPointNotDirectory. If
+// noOverwriteDirNonDir is true then it will be an error if unpacking the
+// given content would cause an existing directory to be replaced with a non-
+// directory and vice versa.
+func (daemon *Daemon) containerExtractToDir(container *container.Container, path string, noOverwriteDirNonDir bool, content io.Reader) (err error) {
+	container.Lock()
+	defer container.Unlock()
+
+	if err = daemon.Mount(container); err != nil {
+		return err
+	}
+	defer daemon.Unmount(container)
+
+	err = daemon.mountVolumes(container)
+	defer container.UnmountVolumes(true, daemon.LogVolumeEvent)
+	if err != nil {
+		return err
+	}
+
+	// The destination path needs to be resolved to a host path, with all
+	// symbolic links followed in the scope of the container's rootfs. Note
+	// that we do not use `container.ResolvePath(path)` here because we need
+	// to also evaluate the last path element if it is a symlink. This is so
+	// that you can extract an archive to a symlink that points to a directory.
+
+	// Consider the given path as an absolute path in the container.
+	absPath := archive.PreserveTrailingDotOrSeparator(filepath.Join(string(filepath.Separator), path), path)
+
+	// This will evaluate the last path element if it is a symlink.
+	resolvedPath, err := container.GetResourcePath(absPath)
+	if err != nil {
+		return err
+	}
+
+	stat, err := os.Lstat(resolvedPath)
+	if err != nil {
+		return err
+	}
+
+	if !stat.IsDir() {
+		return ErrExtractPointNotDirectory
+	}
+
+	// Need to check if the path is in a volume. If it is, it cannot be in a
+	// read-only volume. If it is not in a volume, the container cannot be
+	// configured with a read-only rootfs.
+
+	// Use the resolved path relative to the container rootfs as the new
+	// absPath. This way we fully follow any symlinks in a volume that may
+	// lead back outside the volume.
+	//
+	// The Windows implementation of filepath.Rel in golang 1.4 does not
+	// support volume style file path semantics. On Windows when using the
+	// filter driver, we are guaranteed that the path will always be
+	// a volume file path.
+	var baseRel string
+	if strings.HasPrefix(resolvedPath, `\\?\Volume{`) {
+		if strings.HasPrefix(resolvedPath, container.BaseFS) {
+			baseRel = resolvedPath[len(container.BaseFS):]
+			if baseRel[:1] == `\` {
+				baseRel = baseRel[1:]
+			}
+		}
+	} else {
+		baseRel, err = filepath.Rel(container.BaseFS, resolvedPath)
+	}
+	if err != nil {
+		return err
+	}
+	// Make it an absolute path.
+	absPath = filepath.Join(string(filepath.Separator), baseRel)
+
+	toVolume, err := checkIfPathIsInAVolume(container, absPath)
+	if err != nil {
+		return err
+	}
+
+	if !toVolume && container.HostConfig.ReadonlyRootfs {
+		return ErrRootFSReadOnly
+	}
+
+	uid, gid := daemon.GetRemappedUIDGID()
+	options := &archive.TarOptions{
+		NoOverwriteDirNonDir: noOverwriteDirNonDir,
+		ChownOpts: &archive.TarChownOptions{
+			UID: uid, GID: gid, // TODO: should all ownership be set to root (either real or remapped)?
+		},
+	}
+	if err := chrootarchive.Untar(content, resolvedPath, options); err != nil {
+		return err
+	}
+
+	daemon.LogContainerEvent(container, "extract-to-dir")
+
+	return nil
+}
+
+func (daemon *Daemon) containerCopy(container *container.Container, resource string) (rc io.ReadCloser, err error) {
+	container.Lock()
+
+	defer func() {
+		if err != nil {
+			// Wait to unlock the container until the archive is fully read
+			// (see the ReadCloseWrapper func below) or if there is an error
+			// before that occurs.
+			container.Unlock()
+		}
+	}()
+
+	if err := daemon.Mount(container); err != nil {
+		return nil, err
+	}
+
+	defer func() {
+		if err != nil {
+			// unmount any volumes
+			container.UnmountVolumes(true, daemon.LogVolumeEvent)
+			// unmount the container's rootfs
+			daemon.Unmount(container)
+		}
+	}()
+
+	if err := daemon.mountVolumes(container); err != nil {
+		return nil, err
+	}
+
+	basePath, err := container.GetResourcePath(resource)
+	if err != nil {
+		return nil, err
+	}
+	stat, err := os.Stat(basePath)
+	if err != nil {
+		return nil, err
+	}
+	var filter []string
+	if !stat.IsDir() {
+		d, f := filepath.Split(basePath)
+		basePath = d
+		filter = []string{f}
+	} else {
+		filter = []string{filepath.Base(basePath)}
+		basePath = filepath.Dir(basePath)
+	}
+	archive, err := archive.TarWithOptions(basePath, &archive.TarOptions{
+		Compression:  archive.Uncompressed,
+		IncludeFiles: filter,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	reader := ioutils.NewReadCloserWrapper(archive, func() error {
+		err := archive.Close()
+		container.UnmountVolumes(true, daemon.LogVolumeEvent)
+		daemon.Unmount(container)
+		container.Unlock()
+		return err
+	})
+	daemon.LogContainerEvent(container, "copy")
+	return reader, nil
+}
+
+// CopyOnBuild copies/extracts a source FileInfo to a destination path inside a container
+// specified by a container object.
+// TODO: make sure callers don't unnecessarily convert destPath with filepath.FromSlash (Copy does it already).
+// CopyOnBuild should take in abstract paths (with slashes) and the implementation should convert it to OS-specific paths.
+func (daemon *Daemon) CopyOnBuild(cID string, destPath string, src builder.FileInfo, decompress bool) error {
+	srcPath := src.Path()
+	destExists := true
+	destDir := false
+	rootUID, rootGID := daemon.GetRemappedUIDGID()
+
+	// Work in daemon-local OS specific file paths
+	destPath = filepath.FromSlash(destPath)
+
+	c, err := daemon.GetContainer(cID)
+	if err != nil {
+		return err
+	}
+	err = daemon.Mount(c)
+	if err != nil {
+		return err
+	}
+	defer daemon.Unmount(c)
+
+	dest, err := c.GetResourcePath(destPath)
+	if err != nil {
+		return err
+	}
+
+	// Preserve the trailing slash
+	// TODO: why are we appending another path separator if there was already one?
+	if strings.HasSuffix(destPath, string(os.PathSeparator)) || destPath == "." {
+		destDir = true
+		dest += string(os.PathSeparator)
+	}
+
+	destPath = dest
+
+	destStat, err := os.Stat(destPath)
+	if err != nil {
+		if !os.IsNotExist(err) {
+			//logrus.Errorf("Error performing os.Stat on %s. %s", destPath, err)
+			return err
+		}
+		destExists = false
+	}
+
+	uidMaps, gidMaps := daemon.GetUIDGIDMaps()
+	archiver := &archive.Archiver{
+		Untar:   chrootarchive.Untar,
+		UIDMaps: uidMaps,
+		GIDMaps: gidMaps,
+	}
+
+	if src.IsDir() {
+		// copy as directory
+		if err := archiver.CopyWithTar(srcPath, destPath); err != nil {
+			return err
+		}
+		return fixPermissions(srcPath, destPath, rootUID, rootGID, destExists)
+	}
+	if decompress && archive.IsArchivePath(srcPath) {
+		// Only try to untar if it is a file and that we've been told to decompress (when ADD-ing a remote file)
+
+		// First try to unpack the source as an archive
+		// to support the untar feature we need to clean up the path a little bit
+		// because tar is very forgiving.  First we need to strip off the archive's
+		// filename from the path but this is only added if it does not end in slash
+		tarDest := destPath
+		if strings.HasSuffix(tarDest, string(os.PathSeparator)) {
+			tarDest = filepath.Dir(destPath)
+		}
+
+		// try to successfully untar the orig
+		err := archiver.UntarPath(srcPath, tarDest)
+		/*
+			if err != nil {
+				logrus.Errorf("Couldn't untar to %s: %v", tarDest, err)
+			}
+		*/
+		return err
+	}
+
+	// only needed for fixPermissions, but might as well put it before CopyFileWithTar
+	if destDir || (destExists && destStat.IsDir()) {
+		destPath = filepath.Join(destPath, src.Name())
+	}
+
+	if err := idtools.MkdirAllNewAs(filepath.Dir(destPath), 0755, rootUID, rootGID); err != nil {
+		return err
+	}
+	if err := archiver.CopyFileWithTar(srcPath, destPath); err != nil {
+		return err
+	}
+
+	return fixPermissions(srcPath, destPath, rootUID, rootGID, destExists)
+}
diff --git a/daemon/archive_unix.go b/daemon/archive_unix.go
new file mode 100644
index 00000000..fcea13c9
--- /dev/null
+++ b/daemon/archive_unix.go
@@ -0,0 +1,57 @@
+// +build !windows
+
+package daemon
+
+import (
+	"github.com/docker/docker/container"
+	"os"
+	"path/filepath"
+)
+
+// checkIfPathIsInAVolume checks if the path is in a volume. If it is, it
+// cannot be in a read-only volume. If it  is not in a volume, the container
+// cannot be configured with a read-only rootfs.
+func checkIfPathIsInAVolume(container *container.Container, absPath string) (bool, error) {
+	var toVolume bool
+	for _, mnt := range container.MountPoints {
+		if toVolume = mnt.HasResource(absPath); toVolume {
+			if mnt.RW {
+				break
+			}
+			return false, ErrVolumeReadonly
+		}
+	}
+	return toVolume, nil
+}
+
+func fixPermissions(source, destination string, uid, gid int, destExisted bool) error {
+	// If the destination didn't already exist, or the destination isn't a
+	// directory, then we should Lchown the destination. Otherwise, we shouldn't
+	// Lchown the destination.
+	destStat, err := os.Stat(destination)
+	if err != nil {
+		// This should *never* be reached, because the destination must've already
+		// been created while untar-ing the context.
+		return err
+	}
+	doChownDestination := !destExisted || !destStat.IsDir()
+
+	// We Walk on the source rather than on the destination because we don't
+	// want to change permissions on things we haven't created or modified.
+	return filepath.Walk(source, func(fullpath string, info os.FileInfo, err error) error {
+		// Do not alter the walk root iff. it existed before, as it doesn't fall under
+		// the domain of "things we should chown".
+		if !doChownDestination && (source == fullpath) {
+			return nil
+		}
+
+		// Path is prefixed by source: substitute with destination instead.
+		cleaned, err := filepath.Rel(source, fullpath)
+		if err != nil {
+			return err
+		}
+
+		fullpath = filepath.Join(destination, cleaned)
+		return os.Lchown(fullpath, uid, gid)
+	})
+}
diff --git a/daemon/archive_windows.go b/daemon/archive_windows.go
new file mode 100644
index 00000000..4cefb8de
--- /dev/null
+++ b/daemon/archive_windows.go
@@ -0,0 +1,18 @@
+package daemon
+
+import "github.com/docker/docker/container"
+
+// checkIfPathIsInAVolume checks if the path is in a volume. If it is, it
+// cannot be in a read-only volume. If it  is not in a volume, the container
+// cannot be configured with a read-only rootfs.
+//
+// This is a no-op on Windows which does not support read-only volumes, or
+// extracting to a mount point inside a volume. TODO Windows: FIXME Post-TP4
+func checkIfPathIsInAVolume(container *container.Container, absPath string) (bool, error) {
+	return false, nil
+}
+
+func fixPermissions(source, destination string, uid, gid int, destExisted bool) error {
+	// chown is not supported on Windows
+	return nil
+}
diff --git a/daemon/attach.go b/daemon/attach.go
new file mode 100644
index 00000000..79e9cd51
--- /dev/null
+++ b/daemon/attach.go
@@ -0,0 +1,120 @@
+package daemon
+
+import (
+	"fmt"
+	"io"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/api/types/backend"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/daemon/logger"
+	"github.com/docker/docker/errors"
+	"github.com/docker/docker/pkg/stdcopy"
+)
+
+// ContainerAttach attaches to logs according to the config passed in. See ContainerAttachConfig.
+func (daemon *Daemon) ContainerAttach(prefixOrName string, c *backend.ContainerAttachConfig) error {
+	container, err := daemon.GetContainer(prefixOrName)
+	if err != nil {
+		return err
+	}
+	if container.IsPaused() {
+		err := fmt.Errorf("Container %s is paused. Unpause the container before attach", prefixOrName)
+		return errors.NewRequestConflictError(err)
+	}
+
+	inStream, outStream, errStream, err := c.GetStreams()
+	if err != nil {
+		return err
+	}
+	defer inStream.Close()
+
+	if !container.Config.Tty && c.MuxStreams {
+		errStream = stdcopy.NewStdWriter(errStream, stdcopy.Stderr)
+		outStream = stdcopy.NewStdWriter(outStream, stdcopy.Stdout)
+	}
+
+	var stdin io.ReadCloser
+	var stdout, stderr io.Writer
+
+	if c.UseStdin {
+		stdin = inStream
+	}
+	if c.UseStdout {
+		stdout = outStream
+	}
+	if c.UseStderr {
+		stderr = errStream
+	}
+
+	if err := daemon.containerAttach(container, stdin, stdout, stderr, c.Logs, c.Stream, c.DetachKeys); err != nil {
+		fmt.Fprintf(outStream, "Error attaching: %s\n", err)
+	}
+	return nil
+}
+
+// ContainerAttachRaw attaches the provided streams to the container's stdio
+func (daemon *Daemon) ContainerAttachRaw(prefixOrName string, stdin io.ReadCloser, stdout, stderr io.Writer, stream bool) error {
+	container, err := daemon.GetContainer(prefixOrName)
+	if err != nil {
+		return err
+	}
+	return daemon.containerAttach(container, stdin, stdout, stderr, false, stream, nil)
+}
+
+func (daemon *Daemon) containerAttach(container *container.Container, stdin io.ReadCloser, stdout, stderr io.Writer, logs, stream bool, keys []byte) error {
+	if logs {
+		logDriver, err := daemon.getLogger(container)
+		if err != nil {
+			return err
+		}
+		cLog, ok := logDriver.(logger.LogReader)
+		if !ok {
+			return logger.ErrReadLogsNotSupported
+		}
+		logs := cLog.ReadLogs(logger.ReadConfig{Tail: -1})
+
+	LogLoop:
+		for {
+			select {
+			case msg, ok := <-logs.Msg:
+				if !ok {
+					break LogLoop
+				}
+				if msg.Source == "stdout" && stdout != nil {
+					stdout.Write(msg.Line)
+				}
+				if msg.Source == "stderr" && stderr != nil {
+					stderr.Write(msg.Line)
+				}
+			case err := <-logs.Err:
+				logrus.Errorf("Error streaming logs: %v", err)
+				break LogLoop
+			}
+		}
+	}
+
+	daemon.LogContainerEvent(container, "attach")
+
+	//stream
+	if stream {
+		var stdinPipe io.ReadCloser
+		if stdin != nil {
+			r, w := io.Pipe()
+			go func() {
+				defer w.Close()
+				defer logrus.Debugf("Closing buffered stdin pipe")
+				io.Copy(w, stdin)
+			}()
+			stdinPipe = r
+		}
+		<-container.Attach(stdinPipe, stdout, stderr, keys)
+		// If we are in stdinonce mode, wait for the process to end
+		// otherwise, simply return
+		if container.Config.StdinOnce && !container.Config.Tty {
+			container.WaitStop(-1 * time.Second)
+		}
+	}
+	return nil
+}
diff --git a/daemon/caps/utils_unix.go b/daemon/caps/utils_unix.go
new file mode 100644
index 00000000..c99485f5
--- /dev/null
+++ b/daemon/caps/utils_unix.go
@@ -0,0 +1,131 @@
+// +build !windows
+
+package caps
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/docker/docker/pkg/stringutils"
+	"github.com/syndtr/gocapability/capability"
+)
+
+var capabilityList Capabilities
+
+func init() {
+	last := capability.CAP_LAST_CAP
+	// hack for RHEL6 which has no /proc/sys/kernel/cap_last_cap
+	if last == capability.Cap(63) {
+		last = capability.CAP_BLOCK_SUSPEND
+	}
+	for _, cap := range capability.List() {
+		if cap > last {
+			continue
+		}
+		capabilityList = append(capabilityList,
+			&CapabilityMapping{
+				Key:   "CAP_" + strings.ToUpper(cap.String()),
+				Value: cap,
+			},
+		)
+	}
+}
+
+type (
+	// CapabilityMapping maps linux capability name to its value of capability.Cap type
+	// Capabilities is one of the security systems in Linux Security Module (LSM)
+	// framework provided by the kernel.
+	// For more details on capabilities, see http://man7.org/linux/man-pages/man7/capabilities.7.html
+	CapabilityMapping struct {
+		Key   string         `json:"key,omitempty"`
+		Value capability.Cap `json:"value,omitempty"`
+	}
+	// Capabilities contains all CapabilityMapping
+	Capabilities []*CapabilityMapping
+)
+
+// String returns <key> of CapabilityMapping
+func (c *CapabilityMapping) String() string {
+	return c.Key
+}
+
+// GetCapability returns CapabilityMapping which contains specific key
+func GetCapability(key string) *CapabilityMapping {
+	for _, capp := range capabilityList {
+		if capp.Key == key {
+			cpy := *capp
+			return &cpy
+		}
+	}
+	return nil
+}
+
+// GetAllCapabilities returns all of the capabilities
+func GetAllCapabilities() []string {
+	output := make([]string, len(capabilityList))
+	for i, capability := range capabilityList {
+		output[i] = capability.String()
+	}
+	return output
+}
+
+// TweakCapabilities can tweak capabilities by adding or dropping capabilities
+// based on the basics capabilities.
+func TweakCapabilities(basics, adds, drops []string) ([]string, error) {
+	var (
+		newCaps []string
+		allCaps = GetAllCapabilities()
+	)
+
+	// FIXME(tonistiigi): docker format is without CAP_ prefix, oci is with prefix
+	// Currently they are mixed in here. We should do conversion in one place.
+
+	// look for invalid cap in the drop list
+	for _, cap := range drops {
+		if strings.ToLower(cap) == "all" {
+			continue
+		}
+
+		if !stringutils.InSlice(allCaps, "CAP_"+cap) {
+			return nil, fmt.Errorf("Unknown capability drop: %q", cap)
+		}
+	}
+
+	// handle --cap-add=all
+	if stringutils.InSlice(adds, "all") {
+		basics = allCaps
+	}
+
+	if !stringutils.InSlice(drops, "all") {
+		for _, cap := range basics {
+			// skip `all` already handled above
+			if strings.ToLower(cap) == "all" {
+				continue
+			}
+
+			// if we don't drop `all`, add back all the non-dropped caps
+			if !stringutils.InSlice(drops, cap[4:]) {
+				newCaps = append(newCaps, strings.ToUpper(cap))
+			}
+		}
+	}
+
+	for _, cap := range adds {
+		// skip `all` already handled above
+		if strings.ToLower(cap) == "all" {
+			continue
+		}
+
+		cap = "CAP_" + cap
+
+		if !stringutils.InSlice(allCaps, cap) {
+			return nil, fmt.Errorf("Unknown capability to add: %q", cap)
+		}
+
+		// add cap if not already in the list
+		if !stringutils.InSlice(newCaps, cap) {
+			newCaps = append(newCaps, strings.ToUpper(cap))
+		}
+	}
+	return newCaps, nil
+}
diff --git a/daemon/changes.go b/daemon/changes.go
new file mode 100644
index 00000000..5bc5b9d5
--- /dev/null
+++ b/daemon/changes.go
@@ -0,0 +1,15 @@
+package daemon
+
+import "github.com/docker/docker/pkg/archive"
+
+// ContainerChanges returns a list of container fs changes
+func (daemon *Daemon) ContainerChanges(name string) ([]archive.Change, error) {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return nil, err
+	}
+
+	container.Lock()
+	defer container.Unlock()
+	return daemon.changes(container)
+}
diff --git a/daemon/commit.go b/daemon/commit.go
new file mode 100644
index 00000000..7cdf80c7
--- /dev/null
+++ b/daemon/commit.go
@@ -0,0 +1,233 @@
+package daemon
+
+import (
+	"encoding/json"
+	"fmt"
+	"runtime"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/dockerversion"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/reference"
+	"github.com/docker/engine-api/types"
+	containertypes "github.com/docker/engine-api/types/container"
+	"github.com/docker/go-connections/nat"
+)
+
+// merge merges two Config, the image container configuration (defaults values),
+// and the user container configuration, either passed by the API or generated
+// by the cli.
+// It will mutate the specified user configuration (userConf) with the image
+// configuration where the user configuration is incomplete.
+func merge(userConf, imageConf *containertypes.Config) error {
+	if userConf.User == "" {
+		userConf.User = imageConf.User
+	}
+	if len(userConf.ExposedPorts) == 0 {
+		userConf.ExposedPorts = imageConf.ExposedPorts
+	} else if imageConf.ExposedPorts != nil {
+		if userConf.ExposedPorts == nil {
+			userConf.ExposedPorts = make(nat.PortSet)
+		}
+		for port := range imageConf.ExposedPorts {
+			if _, exists := userConf.ExposedPorts[port]; !exists {
+				userConf.ExposedPorts[port] = struct{}{}
+			}
+		}
+	}
+
+	if len(userConf.Env) == 0 {
+		userConf.Env = imageConf.Env
+	} else {
+		for _, imageEnv := range imageConf.Env {
+			found := false
+			imageEnvKey := strings.Split(imageEnv, "=")[0]
+			for _, userEnv := range userConf.Env {
+				userEnvKey := strings.Split(userEnv, "=")[0]
+				if imageEnvKey == userEnvKey {
+					found = true
+					break
+				}
+			}
+			if !found {
+				userConf.Env = append(userConf.Env, imageEnv)
+			}
+		}
+	}
+
+	if userConf.Labels == nil {
+		userConf.Labels = map[string]string{}
+	}
+	if imageConf.Labels != nil {
+		for l := range userConf.Labels {
+			imageConf.Labels[l] = userConf.Labels[l]
+		}
+		userConf.Labels = imageConf.Labels
+	}
+
+	if len(userConf.Entrypoint) == 0 {
+		if len(userConf.Cmd) == 0 {
+			userConf.Cmd = imageConf.Cmd
+		}
+
+		if userConf.Entrypoint == nil {
+			userConf.Entrypoint = imageConf.Entrypoint
+		}
+	}
+	if userConf.WorkingDir == "" {
+		userConf.WorkingDir = imageConf.WorkingDir
+	}
+	if len(userConf.Volumes) == 0 {
+		userConf.Volumes = imageConf.Volumes
+	} else {
+		for k, v := range imageConf.Volumes {
+			userConf.Volumes[k] = v
+		}
+	}
+
+	if userConf.StopSignal == "" {
+		userConf.StopSignal = imageConf.StopSignal
+	}
+	return nil
+}
+
+// Commit creates a new filesystem image from the current state of a container.
+// The image can optionally be tagged into a repository.
+func (daemon *Daemon) Commit(name string, c *types.ContainerCommitConfig) (string, error) {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return "", err
+	}
+
+	// It is not possible to commit a running container on Windows
+	if runtime.GOOS == "windows" && container.IsRunning() {
+		return "", fmt.Errorf("Windows does not support commit of a running container")
+	}
+
+	if c.Pause && !container.IsPaused() {
+		daemon.containerPause(container)
+		defer daemon.containerUnpause(container)
+	}
+
+	if c.MergeConfigs {
+		if err := merge(c.Config, container.Config); err != nil {
+			return "", err
+		}
+	}
+
+	rwTar, err := daemon.exportContainerRw(container)
+	if err != nil {
+		return "", err
+	}
+	defer func() {
+		if rwTar != nil {
+			rwTar.Close()
+		}
+	}()
+
+	var history []image.History
+	rootFS := image.NewRootFS()
+
+	if container.ImageID != "" {
+		img, err := daemon.imageStore.Get(container.ImageID)
+		if err != nil {
+			return "", err
+		}
+		history = img.History
+		rootFS = img.RootFS
+	}
+
+	l, err := daemon.layerStore.Register(rwTar, rootFS.ChainID())
+	if err != nil {
+		return "", err
+	}
+	defer layer.ReleaseAndLog(daemon.layerStore, l)
+
+	h := image.History{
+		Author:     c.Author,
+		Created:    time.Now().UTC(),
+		CreatedBy:  strings.Join(container.Config.Cmd, " "),
+		Comment:    c.Comment,
+		EmptyLayer: true,
+	}
+
+	if diffID := l.DiffID(); layer.DigestSHA256EmptyTar != diffID {
+		h.EmptyLayer = false
+		rootFS.Append(diffID)
+	}
+
+	history = append(history, h)
+
+	config, err := json.Marshal(&image.Image{
+		V1Image: image.V1Image{
+			DockerVersion:   dockerversion.Version,
+			Config:          c.Config,
+			Architecture:    runtime.GOARCH,
+			OS:              runtime.GOOS,
+			Container:       container.ID,
+			ContainerConfig: *container.Config,
+			Author:          c.Author,
+			Created:         h.Created,
+		},
+		RootFS:  rootFS,
+		History: history,
+	})
+
+	if err != nil {
+		return "", err
+	}
+
+	id, err := daemon.imageStore.Create(config)
+	if err != nil {
+		return "", err
+	}
+
+	if container.ImageID != "" {
+		if err := daemon.imageStore.SetParent(id, container.ImageID); err != nil {
+			return "", err
+		}
+	}
+
+	if c.Repo != "" {
+		newTag, err := reference.WithName(c.Repo) // todo: should move this to API layer
+		if err != nil {
+			return "", err
+		}
+		if c.Tag != "" {
+			if newTag, err = reference.WithTag(newTag, c.Tag); err != nil {
+				return "", err
+			}
+		}
+		if err := daemon.TagImage(newTag, id.String()); err != nil {
+			return "", err
+		}
+	}
+
+	attributes := map[string]string{
+		"comment": c.Comment,
+	}
+	daemon.LogContainerEventWithAttributes(container, "commit", attributes)
+	return id.String(), nil
+}
+
+func (daemon *Daemon) exportContainerRw(container *container.Container) (archive.Archive, error) {
+	if err := daemon.Mount(container); err != nil {
+		return nil, err
+	}
+
+	archive, err := container.RWLayer.TarStream()
+	if err != nil {
+		daemon.Unmount(container) // logging is already handled in the `Unmount` function
+		return nil, err
+	}
+	return ioutils.NewReadCloserWrapper(archive, func() error {
+			archive.Close()
+			return container.RWLayer.Unmount()
+		}),
+		nil
+}
diff --git a/daemon/config.go b/daemon/config.go
new file mode 100644
index 00000000..5e9d5e51
--- /dev/null
+++ b/daemon/config.go
@@ -0,0 +1,374 @@
+package daemon
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"strings"
+	"sync"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/opts"
+	"github.com/docker/docker/pkg/discovery"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/registry"
+	"github.com/imdario/mergo"
+)
+
+const (
+	defaultNetworkMtu    = 1500
+	disableNetworkBridge = "none"
+)
+
+// flatOptions contains configuration keys
+// that MUST NOT be parsed as deep structures.
+// Use this to differentiate these options
+// with others like the ones in CommonTLSOptions.
+var flatOptions = map[string]bool{
+	"cluster-store-opts": true,
+	"log-opts":           true,
+}
+
+// LogConfig represents the default log configuration.
+// It includes json tags to deserialize configuration from a file
+// using the same names that the flags in the command line uses.
+type LogConfig struct {
+	Type   string            `json:"log-driver,omitempty"`
+	Config map[string]string `json:"log-opts,omitempty"`
+}
+
+// CommonTLSOptions defines TLS configuration for the daemon server.
+// It includes json tags to deserialize configuration from a file
+// using the same names that the flags in the command line uses.
+type CommonTLSOptions struct {
+	CAFile   string `json:"tlscacert,omitempty"`
+	CertFile string `json:"tlscert,omitempty"`
+	KeyFile  string `json:"tlskey,omitempty"`
+}
+
+// CommonConfig defines the configuration of a docker daemon which are
+// common across platforms.
+// It includes json tags to deserialize configuration from a file
+// using the same names that the flags in the command line uses.
+type CommonConfig struct {
+	AuthorizationPlugins []string            `json:"authorization-plugins,omitempty"` // AuthorizationPlugins holds list of authorization plugins
+	AutoRestart          bool                `json:"-"`
+	Context              map[string][]string `json:"-"`
+	DisableBridge        bool                `json:"-"`
+	DNS                  []string            `json:"dns,omitempty"`
+	DNSOptions           []string            `json:"dns-opts,omitempty"`
+	DNSSearch            []string            `json:"dns-search,omitempty"`
+	ExecOptions          []string            `json:"exec-opts,omitempty"`
+	ExecRoot             string              `json:"exec-root,omitempty"`
+	GraphDriver          string              `json:"storage-driver,omitempty"`
+	GraphOptions         []string            `json:"storage-opts,omitempty"`
+	Labels               []string            `json:"labels,omitempty"`
+	Mtu                  int                 `json:"mtu,omitempty"`
+	Pidfile              string              `json:"pidfile,omitempty"`
+	RawLogs              bool                `json:"raw-logs,omitempty"`
+	Root                 string              `json:"graph,omitempty"`
+	SocketGroup          string              `json:"group,omitempty"`
+	TrustKeyPath         string              `json:"-"`
+
+	// ClusterStore is the storage backend used for the cluster information. It is used by both
+	// multihost networking (to store networks and endpoints information) and by the node discovery
+	// mechanism.
+	ClusterStore string `json:"cluster-store,omitempty"`
+
+	// ClusterOpts is used to pass options to the discovery package for tuning libkv settings, such
+	// as TLS configuration settings.
+	ClusterOpts map[string]string `json:"cluster-store-opts,omitempty"`
+
+	// ClusterAdvertise is the network endpoint that the Engine advertises for the purpose of node
+	// discovery. This should be a 'host:port' combination on which that daemon instance is
+	// reachable by other hosts.
+	ClusterAdvertise string `json:"cluster-advertise,omitempty"`
+
+	Debug     bool     `json:"debug,omitempty"`
+	Hosts     []string `json:"hosts,omitempty"`
+	LogLevel  string   `json:"log-level,omitempty"`
+	TLS       bool     `json:"tls,omitempty"`
+	TLSVerify bool     `json:"tlsverify,omitempty"`
+
+	// Embedded structs that allow config
+	// deserialization without the full struct.
+	CommonTLSOptions
+	LogConfig
+	bridgeConfig // bridgeConfig holds bridge network specific configuration.
+	registry.ServiceOptions
+
+	reloadLock sync.Mutex
+	valuesSet  map[string]interface{}
+}
+
+// InstallCommonFlags adds command-line options to the top-level flag parser for
+// the current process.
+// Subsequent calls to `flag.Parse` will populate config with values parsed
+// from the command-line.
+func (config *Config) InstallCommonFlags(cmd *flag.FlagSet, usageFn func(string) string) {
+	config.ServiceOptions.InstallCliFlags(cmd, usageFn)
+
+	cmd.Var(opts.NewNamedListOptsRef("storage-opts", &config.GraphOptions, nil), []string{"-storage-opt"}, usageFn("Set storage driver options"))
+	cmd.Var(opts.NewNamedListOptsRef("authorization-plugins", &config.AuthorizationPlugins, nil), []string{"-authorization-plugin"}, usageFn("List authorization plugins in order from first evaluator to last"))
+	cmd.Var(opts.NewNamedListOptsRef("exec-opts", &config.ExecOptions, nil), []string{"-exec-opt"}, usageFn("Set runtime execution options"))
+	cmd.StringVar(&config.Pidfile, []string{"p", "-pidfile"}, defaultPidFile, usageFn("Path to use for daemon PID file"))
+	cmd.StringVar(&config.Root, []string{"g", "-graph"}, defaultGraph, usageFn("Root of the Docker runtime"))
+	cmd.StringVar(&config.ExecRoot, []string{"-exec-root"}, defaultExecRoot, usageFn("Root directory for execution state files"))
+	cmd.BoolVar(&config.AutoRestart, []string{"#r", "#-restart"}, true, usageFn("--restart on the daemon has been deprecated in favor of --restart policies on docker run"))
+	cmd.StringVar(&config.GraphDriver, []string{"s", "-storage-driver"}, "", usageFn("Storage driver to use"))
+	cmd.IntVar(&config.Mtu, []string{"#mtu", "-mtu"}, 0, usageFn("Set the containers network MTU"))
+	cmd.BoolVar(&config.RawLogs, []string{"-raw-logs"}, false, usageFn("Full timestamps without ANSI coloring"))
+	// FIXME: why the inconsistency between "hosts" and "sockets"?
+	cmd.Var(opts.NewListOptsRef(&config.DNS, opts.ValidateIPAddress), []string{"#dns", "-dns"}, usageFn("DNS server to use"))
+	cmd.Var(opts.NewNamedListOptsRef("dns-opts", &config.DNSOptions, nil), []string{"-dns-opt"}, usageFn("DNS options to use"))
+	cmd.Var(opts.NewListOptsRef(&config.DNSSearch, opts.ValidateDNSSearch), []string{"-dns-search"}, usageFn("DNS search domains to use"))
+	cmd.Var(opts.NewNamedListOptsRef("labels", &config.Labels, opts.ValidateLabel), []string{"-label"}, usageFn("Set key=value labels to the daemon"))
+	cmd.StringVar(&config.LogConfig.Type, []string{"-log-driver"}, "json-file", usageFn("Default driver for container logs"))
+	cmd.Var(opts.NewNamedMapOpts("log-opts", config.LogConfig.Config, nil), []string{"-log-opt"}, usageFn("Set log driver options"))
+	cmd.StringVar(&config.ClusterAdvertise, []string{"-cluster-advertise"}, "", usageFn("Address or interface name to advertise"))
+	cmd.StringVar(&config.ClusterStore, []string{"-cluster-store"}, "", usageFn("Set the cluster store"))
+	cmd.Var(opts.NewNamedMapOpts("cluster-store-opts", config.ClusterOpts, nil), []string{"-cluster-store-opt"}, usageFn("Set cluster store options"))
+}
+
+// IsValueSet returns true if a configuration value
+// was explicitly set in the configuration file.
+func (config *Config) IsValueSet(name string) bool {
+	if config.valuesSet == nil {
+		return false
+	}
+	_, ok := config.valuesSet[name]
+	return ok
+}
+
+func parseClusterAdvertiseSettings(clusterStore, clusterAdvertise string) (string, error) {
+	if clusterAdvertise == "" {
+		return "", errDiscoveryDisabled
+	}
+	if clusterStore == "" {
+		return "", fmt.Errorf("invalid cluster configuration. --cluster-advertise must be accompanied by --cluster-store configuration")
+	}
+
+	advertise, err := discovery.ParseAdvertise(clusterAdvertise)
+	if err != nil {
+		return "", fmt.Errorf("discovery advertise parsing failed (%v)", err)
+	}
+	return advertise, nil
+}
+
+// ReloadConfiguration reads the configuration in the host and reloads the daemon and server.
+func ReloadConfiguration(configFile string, flags *flag.FlagSet, reload func(*Config)) error {
+	logrus.Infof("Got signal to reload configuration, reloading from: %s", configFile)
+	newConfig, err := getConflictFreeConfiguration(configFile, flags)
+	if err != nil {
+		return err
+	}
+
+	if err := validateConfiguration(newConfig); err != nil {
+		return fmt.Errorf("file configuration validation failed (%v)", err)
+	}
+
+	reload(newConfig)
+	return nil
+}
+
+// boolValue is an interface that boolean value flags implement
+// to tell the command line how to make -name equivalent to -name=true.
+type boolValue interface {
+	IsBoolFlag() bool
+}
+
+// MergeDaemonConfigurations reads a configuration file,
+// loads the file configuration in an isolated structure,
+// and merges the configuration provided from flags on top
+// if there are no conflicts.
+func MergeDaemonConfigurations(flagsConfig *Config, flags *flag.FlagSet, configFile string) (*Config, error) {
+	fileConfig, err := getConflictFreeConfiguration(configFile, flags)
+	if err != nil {
+		return nil, err
+	}
+
+	if err := validateConfiguration(fileConfig); err != nil {
+		return nil, fmt.Errorf("file configuration validation failed (%v)", err)
+	}
+
+	// merge flags configuration on top of the file configuration
+	if err := mergo.Merge(fileConfig, flagsConfig); err != nil {
+		return nil, err
+	}
+
+	return fileConfig, nil
+}
+
+// getConflictFreeConfiguration loads the configuration from a JSON file.
+// It compares that configuration with the one provided by the flags,
+// and returns an error if there are conflicts.
+func getConflictFreeConfiguration(configFile string, flags *flag.FlagSet) (*Config, error) {
+	b, err := ioutil.ReadFile(configFile)
+	if err != nil {
+		return nil, err
+	}
+
+	var config Config
+	var reader io.Reader
+	if flags != nil {
+		var jsonConfig map[string]interface{}
+		reader = bytes.NewReader(b)
+		if err := json.NewDecoder(reader).Decode(&jsonConfig); err != nil {
+			return nil, err
+		}
+
+		configSet := configValuesSet(jsonConfig)
+
+		if err := findConfigurationConflicts(configSet, flags); err != nil {
+			return nil, err
+		}
+
+		// Override flag values to make sure the values set in the config file with nullable values, like `false`,
+		// are not overriden by default truthy values from the flags that were not explicitly set.
+		// See https://github.com/docker/docker/issues/20289 for an example.
+		//
+		// TODO: Rewrite configuration logic to avoid same issue with other nullable values, like numbers.
+		namedOptions := make(map[string]interface{})
+		for key, value := range configSet {
+			f := flags.Lookup("-" + key)
+			if f == nil { // ignore named flags that don't match
+				namedOptions[key] = value
+				continue
+			}
+
+			if _, ok := f.Value.(boolValue); ok {
+				f.Value.Set(fmt.Sprintf("%v", value))
+			}
+		}
+		if len(namedOptions) > 0 {
+			// set also default for mergeVal flags that are boolValue at the same time.
+			flags.VisitAll(func(f *flag.Flag) {
+				if opt, named := f.Value.(opts.NamedOption); named {
+					v, set := namedOptions[opt.Name()]
+					_, boolean := f.Value.(boolValue)
+					if set && boolean {
+						f.Value.Set(fmt.Sprintf("%v", v))
+					}
+				}
+			})
+		}
+
+		config.valuesSet = configSet
+	}
+
+	reader = bytes.NewReader(b)
+	err = json.NewDecoder(reader).Decode(&config)
+	return &config, err
+}
+
+// configValuesSet returns the configuration values explicitly set in the file.
+func configValuesSet(config map[string]interface{}) map[string]interface{} {
+	flatten := make(map[string]interface{})
+	for k, v := range config {
+		if m, isMap := v.(map[string]interface{}); isMap && !flatOptions[k] {
+			for km, vm := range m {
+				flatten[km] = vm
+			}
+			continue
+		}
+
+		flatten[k] = v
+	}
+	return flatten
+}
+
+// findConfigurationConflicts iterates over the provided flags searching for
+// duplicated configurations and unknown keys. It returns an error with all the conflicts if
+// it finds any.
+func findConfigurationConflicts(config map[string]interface{}, flags *flag.FlagSet) error {
+	// 1. Search keys from the file that we don't recognize as flags.
+	unknownKeys := make(map[string]interface{})
+	for key, value := range config {
+		flagName := "-" + key
+		if flag := flags.Lookup(flagName); flag == nil {
+			unknownKeys[key] = value
+		}
+	}
+
+	// 2. Discard values that implement NamedOption.
+	// Their configuration name differs from their flag name, like `labels` and `label`.
+	if len(unknownKeys) > 0 {
+		unknownNamedConflicts := func(f *flag.Flag) {
+			if namedOption, ok := f.Value.(opts.NamedOption); ok {
+				if _, valid := unknownKeys[namedOption.Name()]; valid {
+					delete(unknownKeys, namedOption.Name())
+				}
+			}
+		}
+		flags.VisitAll(unknownNamedConflicts)
+	}
+
+	if len(unknownKeys) > 0 {
+		var unknown []string
+		for key := range unknownKeys {
+			unknown = append(unknown, key)
+		}
+		return fmt.Errorf("the following directives don't match any configuration option: %s", strings.Join(unknown, ", "))
+	}
+
+	var conflicts []string
+	printConflict := func(name string, flagValue, fileValue interface{}) string {
+		return fmt.Sprintf("%s: (from flag: %v, from file: %v)", name, flagValue, fileValue)
+	}
+
+	// 3. Search keys that are present as a flag and as a file option.
+	duplicatedConflicts := func(f *flag.Flag) {
+		// search option name in the json configuration payload if the value is a named option
+		if namedOption, ok := f.Value.(opts.NamedOption); ok {
+			if optsValue, ok := config[namedOption.Name()]; ok {
+				conflicts = append(conflicts, printConflict(namedOption.Name(), f.Value.String(), optsValue))
+			}
+		} else {
+			// search flag name in the json configuration payload without trailing dashes
+			for _, name := range f.Names {
+				name = strings.TrimLeft(name, "-")
+
+				if value, ok := config[name]; ok {
+					conflicts = append(conflicts, printConflict(name, f.Value.String(), value))
+					break
+				}
+			}
+		}
+	}
+
+	flags.Visit(duplicatedConflicts)
+
+	if len(conflicts) > 0 {
+		return fmt.Errorf("the following directives are specified both as a flag and in the configuration file: %s", strings.Join(conflicts, ", "))
+	}
+	return nil
+}
+
+// validateConfiguration validates some specific configs.
+// such as config.DNS, config.Labels, config.DNSSearch
+func validateConfiguration(config *Config) error {
+	// validate DNS
+	for _, dns := range config.DNS {
+		if _, err := opts.ValidateIPAddress(dns); err != nil {
+			return err
+		}
+	}
+
+	// validate DNSSearch
+	for _, dnsSearch := range config.DNSSearch {
+		if _, err := opts.ValidateDNSSearch(dnsSearch); err != nil {
+			return err
+		}
+	}
+
+	// validate Labels
+	for _, label := range config.Labels {
+		if _, err := opts.ValidateLabel(label); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
diff --git a/daemon/config_experimental.go b/daemon/config_experimental.go
new file mode 100644
index 00000000..ceb7c382
--- /dev/null
+++ b/daemon/config_experimental.go
@@ -0,0 +1,8 @@
+// +build experimental
+
+package daemon
+
+import flag "github.com/docker/docker/pkg/mflag"
+
+func (config *Config) attachExperimentalFlags(cmd *flag.FlagSet, usageFn func(string) string) {
+}
diff --git a/daemon/config_stub.go b/daemon/config_stub.go
new file mode 100644
index 00000000..796e6b6e
--- /dev/null
+++ b/daemon/config_stub.go
@@ -0,0 +1,8 @@
+// +build !experimental
+
+package daemon
+
+import flag "github.com/docker/docker/pkg/mflag"
+
+func (config *Config) attachExperimentalFlags(cmd *flag.FlagSet, usageFn func(string) string) {
+}
diff --git a/daemon/config_test.go b/daemon/config_test.go
new file mode 100644
index 00000000..7647f4d3
--- /dev/null
+++ b/daemon/config_test.go
@@ -0,0 +1,278 @@
+package daemon
+
+import (
+	"io/ioutil"
+	"os"
+	"strings"
+	"testing"
+
+	"github.com/docker/docker/opts"
+	"github.com/docker/docker/pkg/mflag"
+)
+
+func TestDaemonConfigurationMerge(t *testing.T) {
+	f, err := ioutil.TempFile("", "docker-config-")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	configFile := f.Name()
+	f.Write([]byte(`{"debug": true}`))
+	f.Close()
+
+	c := &Config{
+		CommonConfig: CommonConfig{
+			AutoRestart: true,
+			LogConfig: LogConfig{
+				Type:   "syslog",
+				Config: map[string]string{"tag": "test"},
+			},
+		},
+	}
+
+	cc, err := MergeDaemonConfigurations(c, nil, configFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !cc.Debug {
+		t.Fatalf("expected %v, got %v\n", true, cc.Debug)
+	}
+	if !cc.AutoRestart {
+		t.Fatalf("expected %v, got %v\n", true, cc.AutoRestart)
+	}
+	if cc.LogConfig.Type != "syslog" {
+		t.Fatalf("expected syslog config, got %q\n", cc.LogConfig)
+	}
+}
+
+func TestDaemonConfigurationNotFound(t *testing.T) {
+	_, err := MergeDaemonConfigurations(&Config{}, nil, "/tmp/foo-bar-baz-docker")
+	if err == nil || !os.IsNotExist(err) {
+		t.Fatalf("expected does not exist error, got %v", err)
+	}
+}
+
+func TestDaemonBrokenConfiguration(t *testing.T) {
+	f, err := ioutil.TempFile("", "docker-config-")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	configFile := f.Name()
+	f.Write([]byte(`{"Debug": tru`))
+	f.Close()
+
+	_, err = MergeDaemonConfigurations(&Config{}, nil, configFile)
+	if err == nil {
+		t.Fatalf("expected error, got %v", err)
+	}
+}
+
+func TestParseClusterAdvertiseSettings(t *testing.T) {
+	_, err := parseClusterAdvertiseSettings("something", "")
+	if err != errDiscoveryDisabled {
+		t.Fatalf("expected discovery disabled error, got %v\n", err)
+	}
+
+	_, err = parseClusterAdvertiseSettings("", "something")
+	if err == nil {
+		t.Fatalf("expected discovery store error, got %v\n", err)
+	}
+
+	_, err = parseClusterAdvertiseSettings("etcd", "127.0.0.1:8080")
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestFindConfigurationConflicts(t *testing.T) {
+	config := map[string]interface{}{"authorization-plugins": "foobar"}
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+
+	flags.String([]string{"-authorization-plugins"}, "", "")
+	if err := flags.Set("-authorization-plugins", "asdf"); err != nil {
+		t.Fatal(err)
+	}
+
+	err := findConfigurationConflicts(config, flags)
+	if err == nil {
+		t.Fatal("expected error, got nil")
+	}
+	if !strings.Contains(err.Error(), "authorization-plugins: (from flag: asdf, from file: foobar)") {
+		t.Fatalf("expected authorization-plugins conflict, got %v", err)
+	}
+}
+
+func TestFindConfigurationConflictsWithNamedOptions(t *testing.T) {
+	config := map[string]interface{}{"hosts": []string{"qwer"}}
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+
+	var hosts []string
+	flags.Var(opts.NewNamedListOptsRef("hosts", &hosts, opts.ValidateHost), []string{"H", "-host"}, "Daemon socket(s) to connect to")
+	if err := flags.Set("-host", "tcp://127.0.0.1:4444"); err != nil {
+		t.Fatal(err)
+	}
+	if err := flags.Set("H", "unix:///var/run/docker.sock"); err != nil {
+		t.Fatal(err)
+	}
+
+	err := findConfigurationConflicts(config, flags)
+	if err == nil {
+		t.Fatal("expected error, got nil")
+	}
+	if !strings.Contains(err.Error(), "hosts") {
+		t.Fatalf("expected hosts conflict, got %v", err)
+	}
+}
+
+func TestDaemonConfigurationMergeConflicts(t *testing.T) {
+	f, err := ioutil.TempFile("", "docker-config-")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	configFile := f.Name()
+	f.Write([]byte(`{"debug": true}`))
+	f.Close()
+
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+	flags.Bool([]string{"debug"}, false, "")
+	flags.Set("debug", "false")
+
+	_, err = MergeDaemonConfigurations(&Config{}, flags, configFile)
+	if err == nil {
+		t.Fatal("expected error, got nil")
+	}
+	if !strings.Contains(err.Error(), "debug") {
+		t.Fatalf("expected debug conflict, got %v", err)
+	}
+}
+
+func TestDaemonConfigurationMergeConflictsWithInnerStructs(t *testing.T) {
+	f, err := ioutil.TempFile("", "docker-config-")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	configFile := f.Name()
+	f.Write([]byte(`{"tlscacert": "/etc/certificates/ca.pem"}`))
+	f.Close()
+
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+	flags.String([]string{"tlscacert"}, "", "")
+	flags.Set("tlscacert", "~/.docker/ca.pem")
+
+	_, err = MergeDaemonConfigurations(&Config{}, flags, configFile)
+	if err == nil {
+		t.Fatal("expected error, got nil")
+	}
+	if !strings.Contains(err.Error(), "tlscacert") {
+		t.Fatalf("expected tlscacert conflict, got %v", err)
+	}
+}
+
+func TestFindConfigurationConflictsWithUnknownKeys(t *testing.T) {
+	config := map[string]interface{}{"tls-verify": "true"}
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+
+	flags.Bool([]string{"-tlsverify"}, false, "")
+	err := findConfigurationConflicts(config, flags)
+	if err == nil {
+		t.Fatal("expected error, got nil")
+	}
+	if !strings.Contains(err.Error(), "the following directives don't match any configuration option: tls-verify") {
+		t.Fatalf("expected tls-verify conflict, got %v", err)
+	}
+}
+
+func TestFindConfigurationConflictsWithMergedValues(t *testing.T) {
+	var hosts []string
+	config := map[string]interface{}{"hosts": "tcp://127.0.0.1:2345"}
+	base := mflag.NewFlagSet("base", mflag.ContinueOnError)
+	base.Var(opts.NewNamedListOptsRef("hosts", &hosts, nil), []string{"H", "-host"}, "")
+
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+	mflag.Merge(flags, base)
+
+	err := findConfigurationConflicts(config, flags)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	flags.Set("-host", "unix:///var/run/docker.sock")
+	err = findConfigurationConflicts(config, flags)
+	if err == nil {
+		t.Fatal("expected error, got nil")
+	}
+	if !strings.Contains(err.Error(), "hosts: (from flag: [unix:///var/run/docker.sock], from file: tcp://127.0.0.1:2345)") {
+		t.Fatalf("expected hosts conflict, got %v", err)
+	}
+}
+
+func TestValidateConfiguration(t *testing.T) {
+	c1 := &Config{
+		CommonConfig: CommonConfig{
+			Labels: []string{"one"},
+		},
+	}
+
+	err := validateConfiguration(c1)
+	if err == nil {
+		t.Fatal("expected error, got nil")
+	}
+
+	c2 := &Config{
+		CommonConfig: CommonConfig{
+			Labels: []string{"one=two"},
+		},
+	}
+
+	err = validateConfiguration(c2)
+	if err != nil {
+		t.Fatalf("expected no error, got error %v", err)
+	}
+
+	c3 := &Config{
+		CommonConfig: CommonConfig{
+			DNS: []string{"1.1.1.1"},
+		},
+	}
+
+	err = validateConfiguration(c3)
+	if err != nil {
+		t.Fatalf("expected no error, got error %v", err)
+	}
+
+	c4 := &Config{
+		CommonConfig: CommonConfig{
+			DNS: []string{"1.1.1.1o"},
+		},
+	}
+
+	err = validateConfiguration(c4)
+	if err == nil {
+		t.Fatal("expected error, got nil")
+	}
+
+	c5 := &Config{
+		CommonConfig: CommonConfig{
+			DNSSearch: []string{"a.b.c"},
+		},
+	}
+
+	err = validateConfiguration(c5)
+	if err != nil {
+		t.Fatalf("expected no error, got error %v", err)
+	}
+
+	c6 := &Config{
+		CommonConfig: CommonConfig{
+			DNSSearch: []string{"123456"},
+		},
+	}
+
+	err = validateConfiguration(c6)
+	if err == nil {
+		t.Fatal("expected error, got nil")
+	}
+}
diff --git a/daemon/config_unix.go b/daemon/config_unix.go
new file mode 100644
index 00000000..5394949e
--- /dev/null
+++ b/daemon/config_unix.go
@@ -0,0 +1,88 @@
+// +build linux freebsd
+
+package daemon
+
+import (
+	"net"
+
+	"github.com/docker/docker/opts"
+	flag "github.com/docker/docker/pkg/mflag"
+	runconfigopts "github.com/docker/docker/runconfig/opts"
+	"github.com/docker/go-units"
+)
+
+var (
+	defaultPidFile  = "/var/run/docker.pid"
+	defaultGraph    = "/var/lib/docker"
+	defaultExecRoot = "/var/run/docker"
+)
+
+// Config defines the configuration of a docker daemon.
+// It includes json tags to deserialize configuration from a file
+// using the same names that the flags in the command line uses.
+type Config struct {
+	CommonConfig
+
+	// Fields below here are platform specific.
+
+	CorsHeaders          string                   `json:"api-cors-headers,omitempty"`
+	EnableCors           bool                     `json:"api-enable-cors,omitempty"`
+	EnableSelinuxSupport bool                     `json:"selinux-enabled,omitempty"`
+	RemappedRoot         string                   `json:"userns-remap,omitempty"`
+	CgroupParent         string                   `json:"cgroup-parent,omitempty"`
+	Ulimits              map[string]*units.Ulimit `json:"default-ulimits,omitempty"`
+	ContainerdAddr       string                   `json:"containerd,omitempty"`
+}
+
+// bridgeConfig stores all the bridge driver specific
+// configuration.
+type bridgeConfig struct {
+	EnableIPv6                  bool   `json:"ipv6,omitempty"`
+	EnableIPTables              bool   `json:"iptables,omitempty"`
+	EnableIPForward             bool   `json:"ip-forward,omitempty"`
+	EnableIPMasq                bool   `json:"ip-mask,omitempty"`
+	EnableUserlandProxy         bool   `json:"userland-proxy,omitempty"`
+	DefaultIP                   net.IP `json:"ip,omitempty"`
+	Iface                       string `json:"bridge,omitempty"`
+	IP                          string `json:"bip,omitempty"`
+	FixedCIDR                   string `json:"fixed-cidr,omitempty"`
+	FixedCIDRv6                 string `json:"fixed-cidr-v6,omitempty"`
+	DefaultGatewayIPv4          net.IP `json:"default-gateway,omitempty"`
+	DefaultGatewayIPv6          net.IP `json:"default-gateway-v6,omitempty"`
+	InterContainerCommunication bool   `json:"icc,omitempty"`
+}
+
+// InstallFlags adds command-line options to the top-level flag parser for
+// the current process.
+// Subsequent calls to `flag.Parse` will populate config with values parsed
+// from the command-line.
+func (config *Config) InstallFlags(cmd *flag.FlagSet, usageFn func(string) string) {
+	// First handle install flags which are consistent cross-platform
+	config.InstallCommonFlags(cmd, usageFn)
+
+	// Then platform-specific install flags
+	cmd.BoolVar(&config.EnableSelinuxSupport, []string{"-selinux-enabled"}, false, usageFn("Enable selinux support"))
+	cmd.StringVar(&config.SocketGroup, []string{"G", "-group"}, "docker", usageFn("Group for the unix socket"))
+	config.Ulimits = make(map[string]*units.Ulimit)
+	cmd.Var(runconfigopts.NewUlimitOpt(&config.Ulimits), []string{"-default-ulimit"}, usageFn("Set default ulimits for containers"))
+	cmd.BoolVar(&config.bridgeConfig.EnableIPTables, []string{"#iptables", "-iptables"}, true, usageFn("Enable addition of iptables rules"))
+	cmd.BoolVar(&config.bridgeConfig.EnableIPForward, []string{"#ip-forward", "-ip-forward"}, true, usageFn("Enable net.ipv4.ip_forward"))
+	cmd.BoolVar(&config.bridgeConfig.EnableIPMasq, []string{"-ip-masq"}, true, usageFn("Enable IP masquerading"))
+	cmd.BoolVar(&config.bridgeConfig.EnableIPv6, []string{"-ipv6"}, false, usageFn("Enable IPv6 networking"))
+	cmd.StringVar(&config.bridgeConfig.IP, []string{"#bip", "-bip"}, "", usageFn("Specify network bridge IP"))
+	cmd.StringVar(&config.bridgeConfig.Iface, []string{"b", "-bridge"}, "", usageFn("Attach containers to a network bridge"))
+	cmd.StringVar(&config.bridgeConfig.FixedCIDR, []string{"-fixed-cidr"}, "", usageFn("IPv4 subnet for fixed IPs"))
+	cmd.StringVar(&config.bridgeConfig.FixedCIDRv6, []string{"-fixed-cidr-v6"}, "", usageFn("IPv6 subnet for fixed IPs"))
+	cmd.Var(opts.NewIPOpt(&config.bridgeConfig.DefaultGatewayIPv4, ""), []string{"-default-gateway"}, usageFn("Container default gateway IPv4 address"))
+	cmd.Var(opts.NewIPOpt(&config.bridgeConfig.DefaultGatewayIPv6, ""), []string{"-default-gateway-v6"}, usageFn("Container default gateway IPv6 address"))
+	cmd.BoolVar(&config.bridgeConfig.InterContainerCommunication, []string{"#icc", "-icc"}, true, usageFn("Enable inter-container communication"))
+	cmd.Var(opts.NewIPOpt(&config.bridgeConfig.DefaultIP, "0.0.0.0"), []string{"#ip", "-ip"}, usageFn("Default IP when binding container ports"))
+	cmd.BoolVar(&config.bridgeConfig.EnableUserlandProxy, []string{"-userland-proxy"}, true, usageFn("Use userland proxy for loopback traffic"))
+	cmd.BoolVar(&config.EnableCors, []string{"#api-enable-cors", "#-api-enable-cors"}, false, usageFn("Enable CORS headers in the remote API, this is deprecated by --api-cors-header"))
+	cmd.StringVar(&config.CorsHeaders, []string{"-api-cors-header"}, "", usageFn("Set CORS headers in the remote API"))
+	cmd.StringVar(&config.CgroupParent, []string{"-cgroup-parent"}, "", usageFn("Set parent cgroup for all containers"))
+	cmd.StringVar(&config.RemappedRoot, []string{"-userns-remap"}, "", usageFn("User/Group setting for user namespaces"))
+	cmd.StringVar(&config.ContainerdAddr, []string{"-containerd"}, "", usageFn("Path to containerd socket"))
+
+	config.attachExperimentalFlags(cmd, usageFn)
+}
diff --git a/daemon/config_windows.go b/daemon/config_windows.go
new file mode 100644
index 00000000..ca141b98
--- /dev/null
+++ b/daemon/config_windows.go
@@ -0,0 +1,45 @@
+package daemon
+
+import (
+	"os"
+
+	flag "github.com/docker/docker/pkg/mflag"
+)
+
+var (
+	defaultPidFile  = os.Getenv("programdata") + string(os.PathSeparator) + "docker.pid"
+	defaultGraph    = os.Getenv("programdata") + string(os.PathSeparator) + "docker"
+	defaultExecRoot = defaultGraph
+)
+
+// bridgeConfig stores all the bridge driver specific
+// configuration.
+type bridgeConfig struct {
+	FixedCIDR   string
+	NetworkMode string
+	Iface       string `json:"bridge,omitempty"`
+}
+
+// Config defines the configuration of a docker daemon.
+// These are the configuration settings that you pass
+// to the docker daemon when you launch it with say: `docker daemon -e windows`
+type Config struct {
+	CommonConfig
+
+	// Fields below here are platform specific. (There are none presently
+	// for the Windows daemon.)
+}
+
+// InstallFlags adds command-line options to the top-level flag parser for
+// the current process.
+// Subsequent calls to `flag.Parse` will populate config with values parsed
+// from the command-line.
+func (config *Config) InstallFlags(cmd *flag.FlagSet, usageFn func(string) string) {
+	// First handle install flags which are consistent cross-platform
+	config.InstallCommonFlags(cmd, usageFn)
+
+	// Then platform-specific install flags.
+	cmd.StringVar(&config.bridgeConfig.FixedCIDR, []string{"-fixed-cidr"}, "", usageFn("IPv4 subnet for fixed IPs"))
+	cmd.StringVar(&config.bridgeConfig.Iface, []string{"b", "-bridge"}, "", "Attach containers to a virtual switch")
+	cmd.StringVar(&config.SocketGroup, []string{"G", "-group"}, "", usageFn("Users or groups that can access the named pipe"))
+}
diff --git a/daemon/container_operations.go b/daemon/container_operations.go
new file mode 100644
index 00000000..461439a6
--- /dev/null
+++ b/daemon/container_operations.go
@@ -0,0 +1,742 @@
+package daemon
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"os"
+	"path"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/daemon/network"
+	derr "github.com/docker/docker/errors"
+	"github.com/docker/docker/runconfig"
+	containertypes "github.com/docker/engine-api/types/container"
+	networktypes "github.com/docker/engine-api/types/network"
+	"github.com/docker/go-connections/nat"
+	"github.com/docker/libnetwork"
+	"github.com/docker/libnetwork/netlabel"
+	"github.com/docker/libnetwork/options"
+	"github.com/docker/libnetwork/types"
+)
+
+var (
+	// ErrRootFSReadOnly is returned when a container
+	// rootfs is marked readonly.
+	ErrRootFSReadOnly = errors.New("container rootfs is marked read-only")
+	getPortMapInfo    = container.GetSandboxPortMapInfo
+)
+
+func (daemon *Daemon) buildSandboxOptions(container *container.Container, n libnetwork.Network) ([]libnetwork.SandboxOption, error) {
+	var (
+		sboxOptions []libnetwork.SandboxOption
+		err         error
+		dns         []string
+		dnsSearch   []string
+		dnsOptions  []string
+		bindings    = make(nat.PortMap)
+		pbList      []types.PortBinding
+		exposeList  []types.TransportPort
+	)
+
+	defaultNetName := runconfig.DefaultDaemonNetworkMode().NetworkName()
+	sboxOptions = append(sboxOptions, libnetwork.OptionHostname(container.Config.Hostname),
+		libnetwork.OptionDomainname(container.Config.Domainname))
+
+	if container.HostConfig.NetworkMode.IsHost() {
+		sboxOptions = append(sboxOptions, libnetwork.OptionUseDefaultSandbox())
+		sboxOptions = append(sboxOptions, libnetwork.OptionOriginHostsPath("/etc/hosts"))
+		sboxOptions = append(sboxOptions, libnetwork.OptionOriginResolvConfPath("/etc/resolv.conf"))
+	}
+	// OptionUseExternalKey is mandatory for userns support.
+	// But optional for non-userns support
+	sboxOptions = append(sboxOptions, libnetwork.OptionUseExternalKey())
+
+	container.HostsPath, err = container.GetRootResourcePath("hosts")
+	if err != nil {
+		return nil, err
+	}
+	sboxOptions = append(sboxOptions, libnetwork.OptionHostsPath(container.HostsPath))
+
+	container.ResolvConfPath, err = container.GetRootResourcePath("resolv.conf")
+	if err != nil {
+		return nil, err
+	}
+	sboxOptions = append(sboxOptions, libnetwork.OptionResolvConfPath(container.ResolvConfPath))
+
+	if len(container.HostConfig.DNS) > 0 {
+		dns = container.HostConfig.DNS
+	} else if len(daemon.configStore.DNS) > 0 {
+		dns = daemon.configStore.DNS
+	}
+
+	for _, d := range dns {
+		sboxOptions = append(sboxOptions, libnetwork.OptionDNS(d))
+	}
+
+	if len(container.HostConfig.DNSSearch) > 0 {
+		dnsSearch = container.HostConfig.DNSSearch
+	} else if len(daemon.configStore.DNSSearch) > 0 {
+		dnsSearch = daemon.configStore.DNSSearch
+	}
+
+	for _, ds := range dnsSearch {
+		sboxOptions = append(sboxOptions, libnetwork.OptionDNSSearch(ds))
+	}
+
+	if len(container.HostConfig.DNSOptions) > 0 {
+		dnsOptions = container.HostConfig.DNSOptions
+	} else if len(daemon.configStore.DNSOptions) > 0 {
+		dnsOptions = daemon.configStore.DNSOptions
+	}
+
+	for _, ds := range dnsOptions {
+		sboxOptions = append(sboxOptions, libnetwork.OptionDNSOptions(ds))
+	}
+
+	if container.NetworkSettings.SecondaryIPAddresses != nil {
+		name := container.Config.Hostname
+		if container.Config.Domainname != "" {
+			name = name + "." + container.Config.Domainname
+		}
+
+		for _, a := range container.NetworkSettings.SecondaryIPAddresses {
+			sboxOptions = append(sboxOptions, libnetwork.OptionExtraHost(name, a.Addr))
+		}
+	}
+
+	for _, extraHost := range container.HostConfig.ExtraHosts {
+		// allow IPv6 addresses in extra hosts; only split on first ":"
+		parts := strings.SplitN(extraHost, ":", 2)
+		sboxOptions = append(sboxOptions, libnetwork.OptionExtraHost(parts[0], parts[1]))
+	}
+
+	if container.HostConfig.PortBindings != nil {
+		for p, b := range container.HostConfig.PortBindings {
+			bindings[p] = []nat.PortBinding{}
+			for _, bb := range b {
+				bindings[p] = append(bindings[p], nat.PortBinding{
+					HostIP:   bb.HostIP,
+					HostPort: bb.HostPort,
+				})
+			}
+		}
+	}
+
+	portSpecs := container.Config.ExposedPorts
+	ports := make([]nat.Port, len(portSpecs))
+	var i int
+	for p := range portSpecs {
+		ports[i] = p
+		i++
+	}
+	nat.SortPortMap(ports, bindings)
+	for _, port := range ports {
+		expose := types.TransportPort{}
+		expose.Proto = types.ParseProtocol(port.Proto())
+		expose.Port = uint16(port.Int())
+		exposeList = append(exposeList, expose)
+
+		pb := types.PortBinding{Port: expose.Port, Proto: expose.Proto}
+		binding := bindings[port]
+		for i := 0; i < len(binding); i++ {
+			pbCopy := pb.GetCopy()
+			newP, err := nat.NewPort(nat.SplitProtoPort(binding[i].HostPort))
+			var portStart, portEnd int
+			if err == nil {
+				portStart, portEnd, err = newP.Range()
+			}
+			if err != nil {
+				return nil, fmt.Errorf("Error parsing HostPort value(%s):%v", binding[i].HostPort, err)
+			}
+			pbCopy.HostPort = uint16(portStart)
+			pbCopy.HostPortEnd = uint16(portEnd)
+			pbCopy.HostIP = net.ParseIP(binding[i].HostIP)
+			pbList = append(pbList, pbCopy)
+		}
+
+		if container.HostConfig.PublishAllPorts && len(binding) == 0 {
+			pbList = append(pbList, pb)
+		}
+	}
+
+	sboxOptions = append(sboxOptions,
+		libnetwork.OptionPortMapping(pbList),
+		libnetwork.OptionExposedPorts(exposeList))
+
+	// Link feature is supported only for the default bridge network.
+	// return if this call to build join options is not for default bridge network
+	if n.Name() != defaultNetName {
+		return sboxOptions, nil
+	}
+
+	ep, _ := container.GetEndpointInNetwork(n)
+	if ep == nil {
+		return sboxOptions, nil
+	}
+
+	var childEndpoints, parentEndpoints []string
+
+	children := daemon.children(container)
+	for linkAlias, child := range children {
+		if !isLinkable(child) {
+			return nil, fmt.Errorf("Cannot link to %s, as it does not belong to the default network", child.Name)
+		}
+		_, alias := path.Split(linkAlias)
+		// allow access to the linked container via the alias, real name, and container hostname
+		aliasList := alias + " " + child.Config.Hostname
+		// only add the name if alias isn't equal to the name
+		if alias != child.Name[1:] {
+			aliasList = aliasList + " " + child.Name[1:]
+		}
+		sboxOptions = append(sboxOptions, libnetwork.OptionExtraHost(aliasList, child.NetworkSettings.Networks[defaultNetName].IPAddress))
+		cEndpoint, _ := child.GetEndpointInNetwork(n)
+		if cEndpoint != nil && cEndpoint.ID() != "" {
+			childEndpoints = append(childEndpoints, cEndpoint.ID())
+		}
+	}
+
+	bridgeSettings := container.NetworkSettings.Networks[defaultNetName]
+	for alias, parent := range daemon.parents(container) {
+		if daemon.configStore.DisableBridge || !container.HostConfig.NetworkMode.IsPrivate() {
+			continue
+		}
+
+		_, alias = path.Split(alias)
+		logrus.Debugf("Update /etc/hosts of %s for alias %s with ip %s", parent.ID, alias, bridgeSettings.IPAddress)
+		sboxOptions = append(sboxOptions, libnetwork.OptionParentUpdate(
+			parent.ID,
+			alias,
+			bridgeSettings.IPAddress,
+		))
+		if ep.ID() != "" {
+			parentEndpoints = append(parentEndpoints, ep.ID())
+		}
+	}
+
+	linkOptions := options.Generic{
+		netlabel.GenericData: options.Generic{
+			"ParentEndpoints": parentEndpoints,
+			"ChildEndpoints":  childEndpoints,
+		},
+	}
+
+	sboxOptions = append(sboxOptions, libnetwork.OptionGeneric(linkOptions))
+	return sboxOptions, nil
+}
+
+func (daemon *Daemon) updateNetworkSettings(container *container.Container, n libnetwork.Network) error {
+	if container.NetworkSettings == nil {
+		container.NetworkSettings = &network.Settings{Networks: make(map[string]*networktypes.EndpointSettings)}
+	}
+
+	if !container.HostConfig.NetworkMode.IsHost() && containertypes.NetworkMode(n.Type()).IsHost() {
+		return runconfig.ErrConflictHostNetwork
+	}
+
+	for s := range container.NetworkSettings.Networks {
+		sn, err := daemon.FindNetwork(s)
+		if err != nil {
+			continue
+		}
+
+		if sn.Name() == n.Name() {
+			// Avoid duplicate config
+			return nil
+		}
+		if !containertypes.NetworkMode(sn.Type()).IsPrivate() ||
+			!containertypes.NetworkMode(n.Type()).IsPrivate() {
+			return runconfig.ErrConflictSharedNetwork
+		}
+		if containertypes.NetworkMode(sn.Name()).IsNone() ||
+			containertypes.NetworkMode(n.Name()).IsNone() {
+			return runconfig.ErrConflictNoNetwork
+		}
+	}
+
+	if _, ok := container.NetworkSettings.Networks[n.Name()]; !ok {
+		container.NetworkSettings.Networks[n.Name()] = new(networktypes.EndpointSettings)
+	}
+
+	return nil
+}
+
+func (daemon *Daemon) updateEndpointNetworkSettings(container *container.Container, n libnetwork.Network, ep libnetwork.Endpoint) error {
+	if err := container.BuildEndpointInfo(n, ep); err != nil {
+		return err
+	}
+
+	if container.HostConfig.NetworkMode == runconfig.DefaultDaemonNetworkMode() {
+		container.NetworkSettings.Bridge = daemon.configStore.bridgeConfig.Iface
+	}
+
+	return nil
+}
+
+// UpdateNetwork is used to update the container's network (e.g. when linked containers
+// get removed/unlinked).
+func (daemon *Daemon) updateNetwork(container *container.Container) error {
+	ctrl := daemon.netController
+	sid := container.NetworkSettings.SandboxID
+
+	sb, err := ctrl.SandboxByID(sid)
+	if err != nil {
+		return fmt.Errorf("error locating sandbox id %s: %v", sid, err)
+	}
+
+	// Find if container is connected to the default bridge network
+	var n libnetwork.Network
+	for name := range container.NetworkSettings.Networks {
+		sn, err := daemon.FindNetwork(name)
+		if err != nil {
+			continue
+		}
+		if sn.Name() == runconfig.DefaultDaemonNetworkMode().NetworkName() {
+			n = sn
+			break
+		}
+	}
+
+	if n == nil {
+		// Not connected to the default bridge network; Nothing to do
+		return nil
+	}
+
+	options, err := daemon.buildSandboxOptions(container, n)
+	if err != nil {
+		return fmt.Errorf("Update network failed: %v", err)
+	}
+
+	if err := sb.Refresh(options...); err != nil {
+		return fmt.Errorf("Update network failed: Failure in refresh sandbox %s: %v", sid, err)
+	}
+
+	return nil
+}
+
+// updateContainerNetworkSettings update the network settings
+func (daemon *Daemon) updateContainerNetworkSettings(container *container.Container, endpointsConfig map[string]*networktypes.EndpointSettings) error {
+	var (
+		n   libnetwork.Network
+		err error
+	)
+
+	// TODO Windows: Remove this once TP4 builds are not supported
+	// Windows TP4 build don't support libnetwork and in that case
+	// daemon.netController will be nil
+	if daemon.netController == nil {
+		return nil
+	}
+
+	mode := container.HostConfig.NetworkMode
+	if container.Config.NetworkDisabled || mode.IsContainer() {
+		return nil
+	}
+
+	networkName := mode.NetworkName()
+	if mode.IsDefault() {
+		networkName = daemon.netController.Config().Daemon.DefaultNetwork
+	}
+	if mode.IsUserDefined() {
+		n, err = daemon.FindNetwork(networkName)
+		if err != nil {
+			return err
+		}
+		networkName = n.Name()
+	}
+	if container.NetworkSettings == nil {
+		container.NetworkSettings = &network.Settings{}
+	}
+	if len(endpointsConfig) > 0 {
+		container.NetworkSettings.Networks = endpointsConfig
+	}
+	if container.NetworkSettings.Networks == nil {
+		container.NetworkSettings.Networks = make(map[string]*networktypes.EndpointSettings)
+		container.NetworkSettings.Networks[networkName] = new(networktypes.EndpointSettings)
+	}
+	if !mode.IsUserDefined() {
+		return nil
+	}
+	// Make sure to internally store the per network endpoint config by network name
+	if _, ok := container.NetworkSettings.Networks[networkName]; ok {
+		return nil
+	}
+	if nwConfig, ok := container.NetworkSettings.Networks[n.ID()]; ok {
+		container.NetworkSettings.Networks[networkName] = nwConfig
+		delete(container.NetworkSettings.Networks, n.ID())
+		return nil
+	}
+
+	return nil
+}
+
+func (daemon *Daemon) allocateNetwork(container *container.Container) error {
+	controller := daemon.netController
+
+	if daemon.netController == nil {
+		return nil
+	}
+
+	// Cleanup any stale sandbox left over due to ungraceful daemon shutdown
+	if err := controller.SandboxDestroy(container.ID); err != nil {
+		logrus.Errorf("failed to cleanup up stale network sandbox for container %s", container.ID)
+	}
+
+	updateSettings := false
+	if len(container.NetworkSettings.Networks) == 0 {
+		if container.Config.NetworkDisabled || container.HostConfig.NetworkMode.IsContainer() {
+			return nil
+		}
+
+		err := daemon.updateContainerNetworkSettings(container, nil)
+		if err != nil {
+			return err
+		}
+		updateSettings = true
+	}
+
+	for n, nConf := range container.NetworkSettings.Networks {
+		if err := daemon.connectToNetwork(container, n, nConf, updateSettings); err != nil {
+			return err
+		}
+	}
+
+	return container.WriteHostConfig()
+}
+
+func (daemon *Daemon) getNetworkSandbox(container *container.Container) libnetwork.Sandbox {
+	var sb libnetwork.Sandbox
+	daemon.netController.WalkSandboxes(func(s libnetwork.Sandbox) bool {
+		if s.ContainerID() == container.ID {
+			sb = s
+			return true
+		}
+		return false
+	})
+	return sb
+}
+
+// hasUserDefinedIPAddress returns whether the passed endpoint configuration contains IP address configuration
+func hasUserDefinedIPAddress(epConfig *networktypes.EndpointSettings) bool {
+	return epConfig != nil && epConfig.IPAMConfig != nil && (len(epConfig.IPAMConfig.IPv4Address) > 0 || len(epConfig.IPAMConfig.IPv6Address) > 0)
+}
+
+// User specified ip address is acceptable only for networks with user specified subnets.
+func validateNetworkingConfig(n libnetwork.Network, epConfig *networktypes.EndpointSettings) error {
+	if n == nil || epConfig == nil {
+		return nil
+	}
+	if !hasUserDefinedIPAddress(epConfig) {
+		return nil
+	}
+	_, _, nwIPv4Configs, nwIPv6Configs := n.Info().IpamConfig()
+	for _, s := range []struct {
+		ipConfigured  bool
+		subnetConfigs []*libnetwork.IpamConf
+	}{
+		{
+			ipConfigured:  len(epConfig.IPAMConfig.IPv4Address) > 0,
+			subnetConfigs: nwIPv4Configs,
+		},
+		{
+			ipConfigured:  len(epConfig.IPAMConfig.IPv6Address) > 0,
+			subnetConfigs: nwIPv6Configs,
+		},
+	} {
+		if s.ipConfigured {
+			foundSubnet := false
+			for _, cfg := range s.subnetConfigs {
+				if len(cfg.PreferredPool) > 0 {
+					foundSubnet = true
+					break
+				}
+			}
+			if !foundSubnet {
+				return runconfig.ErrUnsupportedNetworkNoSubnetAndIP
+			}
+		}
+	}
+
+	return nil
+}
+
+// cleanOperationalData resets the operational data from the passed endpoint settings
+func cleanOperationalData(es *networktypes.EndpointSettings) {
+	es.EndpointID = ""
+	es.Gateway = ""
+	es.IPAddress = ""
+	es.IPPrefixLen = 0
+	es.IPv6Gateway = ""
+	es.GlobalIPv6Address = ""
+	es.GlobalIPv6PrefixLen = 0
+	es.MacAddress = ""
+}
+
+func (daemon *Daemon) updateNetworkConfig(container *container.Container, idOrName string, endpointConfig *networktypes.EndpointSettings, updateSettings bool) (libnetwork.Network, error) {
+	if container.HostConfig.NetworkMode.IsContainer() {
+		return nil, runconfig.ErrConflictSharedNetwork
+	}
+
+	if containertypes.NetworkMode(idOrName).IsBridge() &&
+		daemon.configStore.DisableBridge {
+		container.Config.NetworkDisabled = true
+		return nil, nil
+	}
+
+	if !containertypes.NetworkMode(idOrName).IsUserDefined() {
+		if hasUserDefinedIPAddress(endpointConfig) {
+			return nil, runconfig.ErrUnsupportedNetworkAndIP
+		}
+		if endpointConfig != nil && len(endpointConfig.Aliases) > 0 {
+			return nil, runconfig.ErrUnsupportedNetworkAndAlias
+		}
+	}
+
+	n, err := daemon.FindNetwork(idOrName)
+	if err != nil {
+		return nil, err
+	}
+
+	if err := validateNetworkingConfig(n, endpointConfig); err != nil {
+		return nil, err
+	}
+
+	if updateSettings {
+		if err := daemon.updateNetworkSettings(container, n); err != nil {
+			return nil, err
+		}
+	}
+	return n, nil
+}
+
+func (daemon *Daemon) connectToNetwork(container *container.Container, idOrName string, endpointConfig *networktypes.EndpointSettings, updateSettings bool) (err error) {
+	// TODO Windows: Remove this once TP4 builds are not supported
+	// Windows TP4 build don't support libnetwork and in that case
+	// daemon.netController will be nil
+	if daemon.netController == nil {
+		return nil
+	}
+
+	n, err := daemon.updateNetworkConfig(container, idOrName, endpointConfig, updateSettings)
+	if err != nil {
+		return err
+	}
+	if n == nil {
+		return nil
+	}
+
+	controller := daemon.netController
+
+	sb := daemon.getNetworkSandbox(container)
+	createOptions, err := container.BuildCreateEndpointOptions(n, endpointConfig, sb)
+	if err != nil {
+		return err
+	}
+
+	endpointName := strings.TrimPrefix(container.Name, "/")
+	ep, err := n.CreateEndpoint(endpointName, createOptions...)
+	if err != nil {
+		return err
+	}
+	defer func() {
+		if err != nil {
+			if e := ep.Delete(false); e != nil {
+				logrus.Warnf("Could not rollback container connection to network %s", idOrName)
+			}
+		}
+	}()
+
+	if endpointConfig != nil {
+		container.NetworkSettings.Networks[n.Name()] = endpointConfig
+	}
+
+	if err := daemon.updateEndpointNetworkSettings(container, n, ep); err != nil {
+		return err
+	}
+
+	if sb == nil {
+		options, err := daemon.buildSandboxOptions(container, n)
+		if err != nil {
+			return err
+		}
+		sb, err = controller.NewSandbox(container.ID, options...)
+		if err != nil {
+			return err
+		}
+
+		container.UpdateSandboxNetworkSettings(sb)
+	}
+
+	joinOptions, err := container.BuildJoinOptions(n)
+	if err != nil {
+		return err
+	}
+
+	if err := ep.Join(sb, joinOptions...); err != nil {
+		return err
+	}
+
+	if err := container.UpdateJoinInfo(n, ep); err != nil {
+		return fmt.Errorf("Updating join info failed: %v", err)
+	}
+
+	container.NetworkSettings.Ports = getPortMapInfo(sb)
+
+	daemon.LogNetworkEventWithAttributes(n, "connect", map[string]string{"container": container.ID})
+	return nil
+}
+
+// ForceEndpointDelete deletes an endpoing from a network forcefully
+func (daemon *Daemon) ForceEndpointDelete(name string, n libnetwork.Network) error {
+	ep, err := n.EndpointByName(name)
+	if err != nil {
+		return err
+	}
+	return ep.Delete(true)
+}
+
+func disconnectFromNetwork(container *container.Container, n libnetwork.Network, force bool) error {
+	var (
+		ep   libnetwork.Endpoint
+		sbox libnetwork.Sandbox
+	)
+
+	s := func(current libnetwork.Endpoint) bool {
+		epInfo := current.Info()
+		if epInfo == nil {
+			return false
+		}
+		if sb := epInfo.Sandbox(); sb != nil {
+			if sb.ContainerID() == container.ID {
+				ep = current
+				sbox = sb
+				return true
+			}
+		}
+		return false
+	}
+	n.WalkEndpoints(s)
+
+	if ep == nil && force {
+		epName := strings.TrimPrefix(container.Name, "/")
+		ep, err := n.EndpointByName(epName)
+		if err != nil {
+			return err
+		}
+		return ep.Delete(force)
+	}
+
+	if ep == nil {
+		return fmt.Errorf("container %s is not connected to the network", container.ID)
+	}
+
+	if err := ep.Leave(sbox); err != nil {
+		return fmt.Errorf("container %s failed to leave network %s: %v", container.ID, n.Name(), err)
+	}
+
+	container.NetworkSettings.Ports = getPortMapInfo(sbox)
+
+	if err := ep.Delete(false); err != nil {
+		return fmt.Errorf("endpoint delete failed for container %s on network %s: %v", container.ID, n.Name(), err)
+	}
+
+	delete(container.NetworkSettings.Networks, n.Name())
+	return nil
+}
+
+func (daemon *Daemon) initializeNetworking(container *container.Container) error {
+	var err error
+
+	// TODO Windows: Remove this once TP4 builds are not supported
+	// Windows TP4 build don't support libnetwork and in that case
+	// daemon.netController will be nil
+	if daemon.netController == nil {
+		return nil
+	}
+
+	if container.HostConfig.NetworkMode.IsContainer() {
+		// we need to get the hosts files from the container to join
+		nc, err := daemon.getNetworkedContainer(container.ID, container.HostConfig.NetworkMode.ConnectedContainer())
+		if err != nil {
+			return err
+		}
+		container.HostnamePath = nc.HostnamePath
+		container.HostsPath = nc.HostsPath
+		container.ResolvConfPath = nc.ResolvConfPath
+		container.Config.Hostname = nc.Config.Hostname
+		container.Config.Domainname = nc.Config.Domainname
+		return nil
+	}
+
+	if container.HostConfig.NetworkMode.IsHost() {
+		container.Config.Hostname, err = os.Hostname()
+		if err != nil {
+			return err
+		}
+	}
+
+	if err := daemon.allocateNetwork(container); err != nil {
+		return err
+	}
+
+	return container.BuildHostnameFile()
+}
+
+func (daemon *Daemon) getNetworkedContainer(containerID, connectedContainerID string) (*container.Container, error) {
+	nc, err := daemon.GetContainer(connectedContainerID)
+	if err != nil {
+		return nil, err
+	}
+	if containerID == nc.ID {
+		return nil, fmt.Errorf("cannot join own network")
+	}
+	if !nc.IsRunning() {
+		err := fmt.Errorf("cannot join network of a non running container: %s", connectedContainerID)
+		return nil, derr.NewRequestConflictError(err)
+	}
+	if nc.IsRestarting() {
+		return nil, errContainerIsRestarting(connectedContainerID)
+	}
+	return nc, nil
+}
+
+func (daemon *Daemon) releaseNetwork(container *container.Container) {
+	if container.HostConfig.NetworkMode.IsContainer() || container.Config.NetworkDisabled {
+		return
+	}
+
+	sid := container.NetworkSettings.SandboxID
+	settings := container.NetworkSettings.Networks
+	container.NetworkSettings.Ports = nil
+
+	if sid == "" || len(settings) == 0 {
+		return
+	}
+
+	var networks []libnetwork.Network
+	for n, epSettings := range settings {
+		if nw, err := daemon.FindNetwork(n); err == nil {
+			networks = append(networks, nw)
+		}
+		cleanOperationalData(epSettings)
+	}
+
+	sb, err := daemon.netController.SandboxByID(sid)
+	if err != nil {
+		logrus.Warnf("error locating sandbox id %s: %v", sid, err)
+		return
+	}
+
+	if err := sb.Delete(); err != nil {
+		logrus.Errorf("Error deleting sandbox id %s for container %s: %v", sid, container.ID, err)
+	}
+
+	attributes := map[string]string{
+		"container": container.ID,
+	}
+	for _, nw := range networks {
+		daemon.LogNetworkEventWithAttributes(nw, "disconnect", attributes)
+	}
+}
diff --git a/daemon/container_operations_unix.go b/daemon/container_operations_unix.go
new file mode 100644
index 00000000..a313ef5c
--- /dev/null
+++ b/daemon/container_operations_unix.go
@@ -0,0 +1,389 @@
+// +build linux freebsd
+
+package daemon
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"strconv"
+	"strings"
+	"syscall"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/daemon/links"
+	"github.com/docker/docker/pkg/fileutils"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/mount"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/docker/runconfig"
+	containertypes "github.com/docker/engine-api/types/container"
+	networktypes "github.com/docker/engine-api/types/network"
+	"github.com/docker/libnetwork"
+	"github.com/opencontainers/runc/libcontainer/configs"
+	"github.com/opencontainers/runc/libcontainer/devices"
+	"github.com/opencontainers/runc/libcontainer/label"
+	"github.com/opencontainers/specs/specs-go"
+)
+
+func u32Ptr(i int64) *uint32     { u := uint32(i); return &u }
+func fmPtr(i int64) *os.FileMode { fm := os.FileMode(i); return &fm }
+
+func (daemon *Daemon) setupLinkedContainers(container *container.Container) ([]string, error) {
+	var env []string
+	children := daemon.children(container)
+
+	bridgeSettings := container.NetworkSettings.Networks[runconfig.DefaultDaemonNetworkMode().NetworkName()]
+	if bridgeSettings == nil {
+		return nil, nil
+	}
+
+	for linkAlias, child := range children {
+		if !child.IsRunning() {
+			return nil, fmt.Errorf("Cannot link to a non running container: %s AS %s", child.Name, linkAlias)
+		}
+
+		childBridgeSettings := child.NetworkSettings.Networks[runconfig.DefaultDaemonNetworkMode().NetworkName()]
+		if childBridgeSettings == nil {
+			return nil, fmt.Errorf("container %s not attached to default bridge network", child.ID)
+		}
+
+		link := links.NewLink(
+			bridgeSettings.IPAddress,
+			childBridgeSettings.IPAddress,
+			linkAlias,
+			child.Config.Env,
+			child.Config.ExposedPorts,
+		)
+
+		for _, envVar := range link.ToEnv() {
+			env = append(env, envVar)
+		}
+	}
+
+	return env, nil
+}
+
+// getSize returns the real size & virtual size of the container.
+func (daemon *Daemon) getSize(container *container.Container) (int64, int64) {
+	var (
+		sizeRw, sizeRootfs int64
+		err                error
+	)
+
+	if err := daemon.Mount(container); err != nil {
+		logrus.Errorf("Failed to compute size of container rootfs %s: %s", container.ID, err)
+		return sizeRw, sizeRootfs
+	}
+	defer daemon.Unmount(container)
+
+	sizeRw, err = container.RWLayer.Size()
+	if err != nil {
+		logrus.Errorf("Driver %s couldn't return diff size of container %s: %s",
+			daemon.GraphDriverName(), container.ID, err)
+		// FIXME: GetSize should return an error. Not changing it now in case
+		// there is a side-effect.
+		sizeRw = -1
+	}
+
+	if parent := container.RWLayer.Parent(); parent != nil {
+		sizeRootfs, err = parent.Size()
+		if err != nil {
+			sizeRootfs = -1
+		} else if sizeRw != -1 {
+			sizeRootfs += sizeRw
+		}
+	}
+	return sizeRw, sizeRootfs
+}
+
+// ConnectToNetwork connects a container to a network
+func (daemon *Daemon) ConnectToNetwork(container *container.Container, idOrName string, endpointConfig *networktypes.EndpointSettings) error {
+	if !container.Running {
+		if container.RemovalInProgress || container.Dead {
+			return errRemovalContainer(container.ID)
+		}
+		if _, err := daemon.updateNetworkConfig(container, idOrName, endpointConfig, true); err != nil {
+			return err
+		}
+		if endpointConfig != nil {
+			container.NetworkSettings.Networks[idOrName] = endpointConfig
+		}
+	} else {
+		if err := daemon.connectToNetwork(container, idOrName, endpointConfig, true); err != nil {
+			return err
+		}
+	}
+	if err := container.ToDiskLocking(); err != nil {
+		return fmt.Errorf("Error saving container to disk: %v", err)
+	}
+	return nil
+}
+
+// DisconnectFromNetwork disconnects container from network n.
+func (daemon *Daemon) DisconnectFromNetwork(container *container.Container, n libnetwork.Network, force bool) error {
+	if container.HostConfig.NetworkMode.IsHost() && containertypes.NetworkMode(n.Type()).IsHost() {
+		return runconfig.ErrConflictHostNetwork
+	}
+	if !container.Running {
+		if container.RemovalInProgress || container.Dead {
+			return errRemovalContainer(container.ID)
+		}
+		if _, ok := container.NetworkSettings.Networks[n.Name()]; ok {
+			delete(container.NetworkSettings.Networks, n.Name())
+		} else {
+			return fmt.Errorf("container %s is not connected to the network %s", container.ID, n.Name())
+		}
+	} else {
+		if err := disconnectFromNetwork(container, n, false); err != nil {
+			return err
+		}
+	}
+
+	if err := container.ToDiskLocking(); err != nil {
+		return fmt.Errorf("Error saving container to disk: %v", err)
+	}
+
+	attributes := map[string]string{
+		"container": container.ID,
+	}
+	daemon.LogNetworkEventWithAttributes(n, "disconnect", attributes)
+	return nil
+}
+
+// called from the libcontainer pre-start hook to set the network
+// namespace configuration linkage to the libnetwork "sandbox" entity
+func (daemon *Daemon) setNetworkNamespaceKey(containerID string, pid int) error {
+	path := fmt.Sprintf("/proc/%d/ns/net", pid)
+	var sandbox libnetwork.Sandbox
+	search := libnetwork.SandboxContainerWalker(&sandbox, containerID)
+	daemon.netController.WalkSandboxes(search)
+	if sandbox == nil {
+		return fmt.Errorf("error locating sandbox id %s: no sandbox found", containerID)
+	}
+
+	return sandbox.SetKey(path)
+}
+
+func (daemon *Daemon) getIpcContainer(container *container.Container) (*container.Container, error) {
+	containerID := container.HostConfig.IpcMode.Container()
+	c, err := daemon.GetContainer(containerID)
+	if err != nil {
+		return nil, err
+	}
+	if !c.IsRunning() {
+		return nil, fmt.Errorf("cannot join IPC of a non running container: %s", containerID)
+	}
+	if c.IsRestarting() {
+		return nil, errContainerIsRestarting(container.ID)
+	}
+	return c, nil
+}
+
+func (daemon *Daemon) setupIpcDirs(c *container.Container) error {
+	var err error
+
+	c.ShmPath, err = c.ShmResourcePath()
+	if err != nil {
+		return err
+	}
+
+	if c.HostConfig.IpcMode.IsContainer() {
+		ic, err := daemon.getIpcContainer(c)
+		if err != nil {
+			return err
+		}
+		c.ShmPath = ic.ShmPath
+	} else if c.HostConfig.IpcMode.IsHost() {
+		if _, err := os.Stat("/dev/shm"); err != nil {
+			return fmt.Errorf("/dev/shm is not mounted, but must be for --ipc=host")
+		}
+		c.ShmPath = "/dev/shm"
+	} else {
+		rootUID, rootGID := daemon.GetRemappedUIDGID()
+		if !c.HasMountFor("/dev/shm") {
+			shmPath, err := c.ShmResourcePath()
+			if err != nil {
+				return err
+			}
+
+			if err := idtools.MkdirAllAs(shmPath, 0700, rootUID, rootGID); err != nil {
+				return err
+			}
+
+			shmSize := container.DefaultSHMSize
+			if c.HostConfig.ShmSize != 0 {
+				shmSize = c.HostConfig.ShmSize
+			}
+			shmproperty := "mode=1777,size=" + strconv.FormatInt(shmSize, 10)
+			if err := syscall.Mount("shm", shmPath, "tmpfs", uintptr(syscall.MS_NOEXEC|syscall.MS_NOSUID|syscall.MS_NODEV), label.FormatMountLabel(shmproperty, c.GetMountLabel())); err != nil {
+				return fmt.Errorf("mounting shm tmpfs: %s", err)
+			}
+			if err := os.Chown(shmPath, rootUID, rootGID); err != nil {
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+func (daemon *Daemon) mountVolumes(container *container.Container) error {
+	mounts, err := daemon.setupMounts(container)
+	if err != nil {
+		return err
+	}
+
+	for _, m := range mounts {
+		dest, err := container.GetResourcePath(m.Destination)
+		if err != nil {
+			return err
+		}
+
+		var stat os.FileInfo
+		stat, err = os.Stat(m.Source)
+		if err != nil {
+			return err
+		}
+		if err = fileutils.CreateIfNotExists(dest, stat.IsDir()); err != nil {
+			return err
+		}
+
+		opts := "rbind,ro"
+		if m.Writable {
+			opts = "rbind,rw"
+		}
+
+		if err := mount.Mount(m.Source, dest, "bind", opts); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func killProcessDirectly(container *container.Container) error {
+	if _, err := container.WaitStop(10 * time.Second); err != nil {
+		// Ensure that we don't kill ourselves
+		if pid := container.GetPID(); pid != 0 {
+			logrus.Infof("Container %s failed to exit within 10 seconds of kill - trying direct SIGKILL", stringid.TruncateID(container.ID))
+			if err := syscall.Kill(pid, 9); err != nil {
+				if err != syscall.ESRCH {
+					return err
+				}
+				e := errNoSuchProcess{pid, 9}
+				logrus.Debug(e)
+				return e
+			}
+		}
+	}
+	return nil
+}
+
+func specDevice(d *configs.Device) specs.Device {
+	return specs.Device{
+		Type:     string(d.Type),
+		Path:     d.Path,
+		Major:    d.Major,
+		Minor:    d.Minor,
+		FileMode: fmPtr(int64(d.FileMode)),
+		UID:      u32Ptr(int64(d.Uid)),
+		GID:      u32Ptr(int64(d.Gid)),
+	}
+}
+
+func specDeviceCgroup(d *configs.Device) specs.DeviceCgroup {
+	t := string(d.Type)
+	return specs.DeviceCgroup{
+		Allow:  true,
+		Type:   &t,
+		Major:  &d.Major,
+		Minor:  &d.Minor,
+		Access: &d.Permissions,
+	}
+}
+
+func getDevicesFromPath(deviceMapping containertypes.DeviceMapping) (devs []specs.Device, devPermissions []specs.DeviceCgroup, err error) {
+	resolvedPathOnHost := deviceMapping.PathOnHost
+
+	// check if it is a symbolic link
+	if src, e := os.Lstat(deviceMapping.PathOnHost); e == nil && src.Mode()&os.ModeSymlink == os.ModeSymlink {
+		if linkedPathOnHost, e := os.Readlink(deviceMapping.PathOnHost); e == nil {
+			resolvedPathOnHost = linkedPathOnHost
+		}
+	}
+
+	device, err := devices.DeviceFromPath(resolvedPathOnHost, deviceMapping.CgroupPermissions)
+	// if there was no error, return the device
+	if err == nil {
+		device.Path = deviceMapping.PathInContainer
+		return append(devs, specDevice(device)), append(devPermissions, specDeviceCgroup(device)), nil
+	}
+
+	// if the device is not a device node
+	// try to see if it's a directory holding many devices
+	if err == devices.ErrNotADevice {
+
+		// check if it is a directory
+		if src, e := os.Stat(resolvedPathOnHost); e == nil && src.IsDir() {
+
+			// mount the internal devices recursively
+			filepath.Walk(resolvedPathOnHost, func(dpath string, f os.FileInfo, e error) error {
+				childDevice, e := devices.DeviceFromPath(dpath, deviceMapping.CgroupPermissions)
+				if e != nil {
+					// ignore the device
+					return nil
+				}
+
+				// add the device to userSpecified devices
+				childDevice.Path = strings.Replace(dpath, resolvedPathOnHost, deviceMapping.PathInContainer, 1)
+				devs = append(devs, specDevice(childDevice))
+				devPermissions = append(devPermissions, specDeviceCgroup(childDevice))
+
+				return nil
+			})
+		}
+	}
+
+	if len(devs) > 0 {
+		return devs, devPermissions, nil
+	}
+
+	return devs, devPermissions, fmt.Errorf("error gathering device information while adding custom device %q: %s", deviceMapping.PathOnHost, err)
+}
+
+func mergeDevices(defaultDevices, userDevices []*configs.Device) []*configs.Device {
+	if len(userDevices) == 0 {
+		return defaultDevices
+	}
+
+	paths := map[string]*configs.Device{}
+	for _, d := range userDevices {
+		paths[d.Path] = d
+	}
+
+	var devs []*configs.Device
+	for _, d := range defaultDevices {
+		if _, defined := paths[d.Path]; !defined {
+			devs = append(devs, d)
+		}
+	}
+	return append(devs, userDevices...)
+}
+
+func detachMounted(path string) error {
+	return syscall.Unmount(path, syscall.MNT_DETACH)
+}
+
+func isLinkable(child *container.Container) bool {
+	// A container is linkable only if it belongs to the default network
+	_, ok := child.NetworkSettings.Networks[runconfig.DefaultDaemonNetworkMode().NetworkName()]
+	return ok
+}
+
+func errRemovalContainer(containerID string) error {
+	return fmt.Errorf("Container %s is marked for removal and cannot be connected or disconnected to the network", containerID)
+}
diff --git a/daemon/container_operations_windows.go b/daemon/container_operations_windows.go
new file mode 100644
index 00000000..701bfd8c
--- /dev/null
+++ b/daemon/container_operations_windows.go
@@ -0,0 +1,62 @@
+// +build windows
+
+package daemon
+
+import (
+	"fmt"
+
+	"github.com/docker/docker/container"
+	networktypes "github.com/docker/engine-api/types/network"
+	"github.com/docker/libnetwork"
+)
+
+func (daemon *Daemon) setupLinkedContainers(container *container.Container) ([]string, error) {
+	return nil, nil
+}
+
+// ConnectToNetwork connects a container to a network
+func (daemon *Daemon) ConnectToNetwork(container *container.Container, idOrName string, endpointConfig *networktypes.EndpointSettings) error {
+	return fmt.Errorf("Windows does not support connecting a running container to a network")
+}
+
+// DisconnectFromNetwork disconnects container from a network.
+func (daemon *Daemon) DisconnectFromNetwork(container *container.Container, n libnetwork.Network, force bool) error {
+	return fmt.Errorf("Windows does not support disconnecting a running container from a network")
+}
+
+// getSize returns real size & virtual size
+func (daemon *Daemon) getSize(container *container.Container) (int64, int64) {
+	// TODO Windows
+	return 0, 0
+}
+
+// setNetworkNamespaceKey is a no-op on Windows.
+func (daemon *Daemon) setNetworkNamespaceKey(containerID string, pid int) error {
+	return nil
+}
+
+func (daemon *Daemon) setupIpcDirs(container *container.Container) error {
+	return nil
+}
+
+// TODO Windows: Fix Post-TP4. This is a hack to allow docker cp to work
+// against containers which have volumes. You will still be able to cp
+// to somewhere on the container drive, but not to any mounted volumes
+// inside the container. Without this fix, docker cp is broken to any
+// container which has a volume, regardless of where the file is inside the
+// container.
+func (daemon *Daemon) mountVolumes(container *container.Container) error {
+	return nil
+}
+
+func detachMounted(path string) error {
+	return nil
+}
+
+func killProcessDirectly(container *container.Container) error {
+	return nil
+}
+
+func isLinkable(child *container.Container) bool {
+	return false
+}
diff --git a/daemon/create.go b/daemon/create.go
new file mode 100644
index 00000000..34f0aa2d
--- /dev/null
+++ b/daemon/create.go
@@ -0,0 +1,185 @@
+package daemon
+
+import (
+	"fmt"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/stringid"
+	volumestore "github.com/docker/docker/volume/store"
+	"github.com/docker/engine-api/types"
+	containertypes "github.com/docker/engine-api/types/container"
+	networktypes "github.com/docker/engine-api/types/network"
+	"github.com/opencontainers/runc/libcontainer/label"
+)
+
+// ContainerCreate creates a container.
+func (daemon *Daemon) ContainerCreate(params types.ContainerCreateConfig) (types.ContainerCreateResponse, error) {
+	if params.Config == nil {
+		return types.ContainerCreateResponse{}, fmt.Errorf("Config cannot be empty in order to create a container")
+	}
+
+	warnings, err := daemon.verifyContainerSettings(params.HostConfig, params.Config, false)
+	if err != nil {
+		return types.ContainerCreateResponse{Warnings: warnings}, err
+	}
+
+	err = daemon.verifyNetworkingConfig(params.NetworkingConfig)
+	if err != nil {
+		return types.ContainerCreateResponse{}, err
+	}
+
+	if params.HostConfig == nil {
+		params.HostConfig = &containertypes.HostConfig{}
+	}
+	err = daemon.adaptContainerSettings(params.HostConfig, params.AdjustCPUShares)
+	if err != nil {
+		return types.ContainerCreateResponse{Warnings: warnings}, err
+	}
+
+	container, err := daemon.create(params)
+	if err != nil {
+		return types.ContainerCreateResponse{Warnings: warnings}, daemon.imageNotExistToErrcode(err)
+	}
+
+	return types.ContainerCreateResponse{ID: container.ID, Warnings: warnings}, nil
+}
+
+// Create creates a new container from the given configuration with a given name.
+func (daemon *Daemon) create(params types.ContainerCreateConfig) (retC *container.Container, retErr error) {
+	var (
+		container *container.Container
+		img       *image.Image
+		imgID     image.ID
+		err       error
+	)
+
+	if params.Config.Image != "" {
+		img, err = daemon.GetImage(params.Config.Image)
+		if err != nil {
+			return nil, err
+		}
+		imgID = img.ID()
+	}
+
+	if err := daemon.mergeAndVerifyConfig(params.Config, img); err != nil {
+		return nil, err
+	}
+
+	if container, err = daemon.newContainer(params.Name, params.Config, imgID); err != nil {
+		return nil, err
+	}
+	defer func() {
+		if retErr != nil {
+			if err := daemon.ContainerRm(container.ID, &types.ContainerRmConfig{ForceRemove: true}); err != nil {
+				logrus.Errorf("Clean up Error! Cannot destroy container %s: %v", container.ID, err)
+			}
+		}
+	}()
+
+	if err := daemon.setSecurityOptions(container, params.HostConfig); err != nil {
+		return nil, err
+	}
+
+	// Set RWLayer for container after mount labels have been set
+	if err := daemon.setRWLayer(container); err != nil {
+		return nil, err
+	}
+
+	if err := daemon.Register(container); err != nil {
+		return nil, err
+	}
+	rootUID, rootGID, err := idtools.GetRootUIDGID(daemon.uidMaps, daemon.gidMaps)
+	if err != nil {
+		return nil, err
+	}
+	if err := idtools.MkdirAs(container.Root, 0700, rootUID, rootGID); err != nil {
+		return nil, err
+	}
+
+	if err := daemon.setHostConfig(container, params.HostConfig); err != nil {
+		return nil, err
+	}
+	defer func() {
+		if retErr != nil {
+			if err := daemon.removeMountPoints(container, true); err != nil {
+				logrus.Error(err)
+			}
+		}
+	}()
+
+	if err := daemon.createContainerPlatformSpecificSettings(container, params.Config, params.HostConfig); err != nil {
+		return nil, err
+	}
+
+	var endpointsConfigs map[string]*networktypes.EndpointSettings
+	if params.NetworkingConfig != nil {
+		endpointsConfigs = params.NetworkingConfig.EndpointsConfig
+	}
+
+	if err := daemon.updateContainerNetworkSettings(container, endpointsConfigs); err != nil {
+		return nil, err
+	}
+
+	if err := container.ToDiskLocking(); err != nil {
+		logrus.Errorf("Error saving new container to disk: %v", err)
+		return nil, err
+	}
+	daemon.LogContainerEvent(container, "create")
+	return container, nil
+}
+
+func (daemon *Daemon) generateSecurityOpt(ipcMode containertypes.IpcMode, pidMode containertypes.PidMode) ([]string, error) {
+	if ipcMode.IsHost() || pidMode.IsHost() {
+		return label.DisableSecOpt(), nil
+	}
+	if ipcContainer := ipcMode.Container(); ipcContainer != "" {
+		c, err := daemon.GetContainer(ipcContainer)
+		if err != nil {
+			return nil, err
+		}
+
+		return label.DupSecOpt(c.ProcessLabel), nil
+	}
+	return nil, nil
+}
+
+func (daemon *Daemon) setRWLayer(container *container.Container) error {
+	var layerID layer.ChainID
+	if container.ImageID != "" {
+		img, err := daemon.imageStore.Get(container.ImageID)
+		if err != nil {
+			return err
+		}
+		layerID = img.RootFS.ChainID()
+	}
+	rwLayer, err := daemon.layerStore.CreateRWLayer(container.ID, layerID, container.MountLabel, daemon.setupInitLayer)
+	if err != nil {
+		return err
+	}
+	container.RWLayer = rwLayer
+
+	return nil
+}
+
+// VolumeCreate creates a volume with the specified name, driver, and opts
+// This is called directly from the remote API
+func (daemon *Daemon) VolumeCreate(name, driverName string, opts, labels map[string]string) (*types.Volume, error) {
+	if name == "" {
+		name = stringid.GenerateNonCryptoID()
+	}
+
+	v, err := daemon.volumes.Create(name, driverName, opts, labels)
+	if err != nil {
+		if volumestore.IsNameConflict(err) {
+			return nil, fmt.Errorf("A volume named %s already exists. Choose a different volume name.", name)
+		}
+		return nil, err
+	}
+
+	daemon.LogVolumeEvent(v.Name(), "create", map[string]string{"driver": v.DriverName()})
+	return volumeToAPIType(v), nil
+}
diff --git a/daemon/create_unix.go b/daemon/create_unix.go
new file mode 100644
index 00000000..37c4a911
--- /dev/null
+++ b/daemon/create_unix.go
@@ -0,0 +1,76 @@
+// +build !windows
+
+package daemon
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/pkg/stringid"
+	containertypes "github.com/docker/engine-api/types/container"
+	"github.com/opencontainers/runc/libcontainer/label"
+)
+
+// createContainerPlatformSpecificSettings performs platform specific container create functionality
+func (daemon *Daemon) createContainerPlatformSpecificSettings(container *container.Container, config *containertypes.Config, hostConfig *containertypes.HostConfig) error {
+	if err := daemon.Mount(container); err != nil {
+		return err
+	}
+	defer daemon.Unmount(container)
+
+	rootUID, rootGID := daemon.GetRemappedUIDGID()
+	if err := container.SetupWorkingDirectory(rootUID, rootGID); err != nil {
+		return err
+	}
+
+	for spec := range config.Volumes {
+		name := stringid.GenerateNonCryptoID()
+		destination := filepath.Clean(spec)
+
+		// Skip volumes for which we already have something mounted on that
+		// destination because of a --volume-from.
+		if container.IsDestinationMounted(destination) {
+			continue
+		}
+		path, err := container.GetResourcePath(destination)
+		if err != nil {
+			return err
+		}
+
+		stat, err := os.Stat(path)
+		if err == nil && !stat.IsDir() {
+			return fmt.Errorf("cannot mount volume over existing file, file exists %s", path)
+		}
+
+		v, err := daemon.volumes.CreateWithRef(name, hostConfig.VolumeDriver, container.ID, nil, nil)
+		if err != nil {
+			return err
+		}
+
+		if err := label.Relabel(v.Path(), container.MountLabel, true); err != nil {
+			return err
+		}
+
+		container.AddMountPointWithVolume(destination, v, true)
+	}
+	return daemon.populateVolumes(container)
+}
+
+// populateVolumes copies data from the container's rootfs into the volume for non-binds.
+// this is only called when the container is created.
+func (daemon *Daemon) populateVolumes(c *container.Container) error {
+	for _, mnt := range c.MountPoints {
+		if !mnt.CopyData || mnt.Volume == nil {
+			continue
+		}
+
+		logrus.Debugf("copying image data from %s:%s, to %s", c.ID, mnt.Destination, mnt.Name)
+		if err := c.CopyImagePathContent(mnt.Volume, mnt.Destination); err != nil {
+			return err
+		}
+	}
+	return nil
+}
diff --git a/daemon/create_windows.go b/daemon/create_windows.go
new file mode 100644
index 00000000..6bb356ad
--- /dev/null
+++ b/daemon/create_windows.go
@@ -0,0 +1,75 @@
+package daemon
+
+import (
+	"fmt"
+
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/docker/volume"
+	containertypes "github.com/docker/engine-api/types/container"
+)
+
+// createContainerPlatformSpecificSettings performs platform specific container create functionality
+func (daemon *Daemon) createContainerPlatformSpecificSettings(container *container.Container, config *containertypes.Config, hostConfig *containertypes.HostConfig) error {
+	for spec := range config.Volumes {
+
+		mp, err := volume.ParseMountSpec(spec, hostConfig.VolumeDriver)
+		if err != nil {
+			return fmt.Errorf("Unrecognised volume spec: %v", err)
+		}
+
+		// If the mountpoint doesn't have a name, generate one.
+		if len(mp.Name) == 0 {
+			mp.Name = stringid.GenerateNonCryptoID()
+		}
+
+		// Skip volumes for which we already have something mounted on that
+		// destination because of a --volume-from.
+		if container.IsDestinationMounted(mp.Destination) {
+			continue
+		}
+
+		volumeDriver := hostConfig.VolumeDriver
+
+		// Create the volume in the volume driver. If it doesn't exist,
+		// a new one will be created.
+		v, err := daemon.volumes.CreateWithRef(mp.Name, volumeDriver, container.ID, nil, nil)
+		if err != nil {
+			return err
+		}
+
+		// FIXME Windows: This code block is present in the Linux version and
+		// allows the contents to be copied to the container FS prior to it
+		// being started. However, the function utilizes the FollowSymLinkInScope
+		// path which does not cope with Windows volume-style file paths. There
+		// is a separate effort to resolve this (@swernli), so this processing
+		// is deferred for now. A case where this would be useful is when
+		// a dockerfile includes a VOLUME statement, but something is created
+		// in that directory during the dockerfile processing. What this means
+		// on Windows for TP4 is that in that scenario, the contents will not
+		// copied, but that's (somewhat) OK as HCS will bomb out soon after
+		// at it doesn't support mapped directories which have contents in the
+		// destination path anyway.
+		//
+		// Example for repro later:
+		//   FROM windowsservercore
+		//   RUN mkdir c:\myvol
+		//   RUN copy c:\windows\system32\ntdll.dll c:\myvol
+		//   VOLUME "c:\myvol"
+		//
+		// Then
+		//   docker build -t vol .
+		//   docker run -it --rm vol cmd  <-- This is where HCS will error out.
+		//
+		//	// never attempt to copy existing content in a container FS to a shared volume
+		//	if v.DriverName() == volume.DefaultDriverName {
+		//		if err := container.CopyImagePathContent(v, mp.Destination); err != nil {
+		//			return err
+		//		}
+		//	}
+
+		// Add it to container.MountPoints
+		container.AddMountPointWithVolume(mp.Destination, v, mp.RW)
+	}
+	return nil
+}
diff --git a/daemon/daemon.go b/daemon/daemon.go
new file mode 100644
index 00000000..25025960
--- /dev/null
+++ b/daemon/daemon.go
@@ -0,0 +1,1765 @@
+// Package daemon exposes the functions that occur on the host server
+// that the Docker daemon is running.
+//
+// In implementing the various functions of the daemon, there is often
+// a method-specific struct for configuring the runtime behavior.
+package daemon
+
+import (
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net"
+	"os"
+	"path"
+	"path/filepath"
+	"runtime"
+	"strings"
+	"sync"
+	"syscall"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	containerd "github.com/docker/containerd/api/grpc/types"
+	"github.com/docker/docker/api"
+	"github.com/docker/docker/builder"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/daemon/events"
+	"github.com/docker/docker/daemon/exec"
+	"github.com/docker/docker/errors"
+	"github.com/docker/engine-api/types"
+	containertypes "github.com/docker/engine-api/types/container"
+	eventtypes "github.com/docker/engine-api/types/events"
+	"github.com/docker/engine-api/types/filters"
+	networktypes "github.com/docker/engine-api/types/network"
+	registrytypes "github.com/docker/engine-api/types/registry"
+	"github.com/docker/engine-api/types/strslice"
+	// register graph drivers
+	_ "github.com/docker/docker/daemon/graphdriver/register"
+	"github.com/docker/docker/daemon/logger"
+	"github.com/docker/docker/daemon/network"
+	"github.com/docker/docker/distribution"
+	dmetadata "github.com/docker/docker/distribution/metadata"
+	"github.com/docker/docker/distribution/xfer"
+	"github.com/docker/docker/dockerversion"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/image/tarexport"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/libcontainerd"
+	"github.com/docker/docker/migrate/v1"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/fileutils"
+	"github.com/docker/docker/pkg/graphdb"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/namesgenerator"
+	"github.com/docker/docker/pkg/progress"
+	"github.com/docker/docker/pkg/registrar"
+	"github.com/docker/docker/pkg/signal"
+	"github.com/docker/docker/pkg/streamformatter"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/docker/pkg/sysinfo"
+	"github.com/docker/docker/pkg/system"
+	"github.com/docker/docker/pkg/truncindex"
+	"github.com/docker/docker/reference"
+	"github.com/docker/docker/registry"
+	"github.com/docker/docker/runconfig"
+	"github.com/docker/docker/utils"
+	volumedrivers "github.com/docker/docker/volume/drivers"
+	"github.com/docker/docker/volume/local"
+	"github.com/docker/docker/volume/store"
+	"github.com/docker/go-connections/nat"
+	"github.com/docker/libnetwork"
+	nwconfig "github.com/docker/libnetwork/config"
+	"github.com/docker/libtrust"
+	"golang.org/x/net/context"
+)
+
+const (
+	// maxDownloadConcurrency is the maximum number of downloads that
+	// may take place at a time for each pull.
+	maxDownloadConcurrency = 3
+	// maxUploadConcurrency is the maximum number of uploads that
+	// may take place at a time for each push.
+	maxUploadConcurrency = 5
+)
+
+var (
+	validContainerNameChars   = utils.RestrictedNameChars
+	validContainerNamePattern = utils.RestrictedNamePattern
+
+	errSystemNotSupported = fmt.Errorf("The Docker daemon is not supported on this platform.")
+)
+
+// ErrImageDoesNotExist is error returned when no image can be found for a reference.
+type ErrImageDoesNotExist struct {
+	RefOrID string
+}
+
+func (e ErrImageDoesNotExist) Error() string {
+	return fmt.Sprintf("no such id: %s", e.RefOrID)
+}
+
+// Daemon holds information about the Docker daemon.
+type Daemon struct {
+	ID                        string
+	repository                string
+	containers                container.Store
+	execCommands              *exec.Store
+	referenceStore            reference.Store
+	downloadManager           *xfer.LayerDownloadManager
+	uploadManager             *xfer.LayerUploadManager
+	distributionMetadataStore dmetadata.Store
+	trustKey                  libtrust.PrivateKey
+	idIndex                   *truncindex.TruncIndex
+	configStore               *Config
+	statsCollector            *statsCollector
+	defaultLogConfig          containertypes.LogConfig
+	RegistryService           *registry.Service
+	EventsService             *events.Events
+	netController             libnetwork.NetworkController
+	volumes                   *store.VolumeStore
+	discoveryWatcher          discoveryReloader
+	root                      string
+	seccompEnabled            bool
+	shutdown                  bool
+	uidMaps                   []idtools.IDMap
+	gidMaps                   []idtools.IDMap
+	layerStore                layer.Store
+	imageStore                image.Store
+	nameIndex                 *registrar.Registrar
+	linkIndex                 *linkIndex
+	containerd                libcontainerd.Client
+	defaultIsolation          containertypes.Isolation // Default isolation mode on Windows
+}
+
+// GetContainer looks for a container using the provided information, which could be
+// one of the following inputs from the caller:
+//  - A full container ID, which will exact match a container in daemon's list
+//  - A container name, which will only exact match via the GetByName() function
+//  - A partial container ID prefix (e.g. short ID) of any length that is
+//    unique enough to only return a single container object
+//  If none of these searches succeed, an error is returned
+func (daemon *Daemon) GetContainer(prefixOrName string) (*container.Container, error) {
+	if len(prefixOrName) == 0 {
+		return nil, errors.NewBadRequestError(fmt.Errorf("No container name or ID supplied"))
+	}
+
+	if containerByID := daemon.containers.Get(prefixOrName); containerByID != nil {
+		// prefix is an exact match to a full container ID
+		return containerByID, nil
+	}
+
+	// GetByName will match only an exact name provided; we ignore errors
+	if containerByName, _ := daemon.GetByName(prefixOrName); containerByName != nil {
+		// prefix is an exact match to a full container Name
+		return containerByName, nil
+	}
+
+	containerID, indexError := daemon.idIndex.Get(prefixOrName)
+	if indexError != nil {
+		// When truncindex defines an error type, use that instead
+		if indexError == truncindex.ErrNotExist {
+			err := fmt.Errorf("No such container: %s", prefixOrName)
+			return nil, errors.NewRequestNotFoundError(err)
+		}
+		return nil, indexError
+	}
+	return daemon.containers.Get(containerID), nil
+}
+
+// Exists returns a true if a container of the specified ID or name exists,
+// false otherwise.
+func (daemon *Daemon) Exists(id string) bool {
+	c, _ := daemon.GetContainer(id)
+	return c != nil
+}
+
+// IsPaused returns a bool indicating if the specified container is paused.
+func (daemon *Daemon) IsPaused(id string) bool {
+	c, _ := daemon.GetContainer(id)
+	return c.State.IsPaused()
+}
+
+func (daemon *Daemon) containerRoot(id string) string {
+	return filepath.Join(daemon.repository, id)
+}
+
+// Load reads the contents of a container from disk
+// This is typically done at startup.
+func (daemon *Daemon) load(id string) (*container.Container, error) {
+	container := daemon.newBaseContainer(id)
+
+	if err := container.FromDisk(); err != nil {
+		return nil, err
+	}
+
+	if container.ID != id {
+		return container, fmt.Errorf("Container %s is stored at %s", container.ID, id)
+	}
+
+	return container, nil
+}
+
+func (daemon *Daemon) registerName(container *container.Container) error {
+	if daemon.Exists(container.ID) {
+		return fmt.Errorf("Container is already loaded")
+	}
+	if err := validateID(container.ID); err != nil {
+		return err
+	}
+	if container.Name == "" {
+		name, err := daemon.generateNewName(container.ID)
+		if err != nil {
+			return err
+		}
+		container.Name = name
+
+		if err := container.ToDiskLocking(); err != nil {
+			logrus.Errorf("Error saving container name to disk: %v", err)
+		}
+	}
+	return daemon.nameIndex.Reserve(container.Name, container.ID)
+}
+
+// Register makes a container object usable by the daemon as <container.ID>
+func (daemon *Daemon) Register(c *container.Container) error {
+	// Attach to stdout and stderr
+	if c.Config.OpenStdin {
+		c.NewInputPipes()
+	} else {
+		c.NewNopInputPipe()
+	}
+
+	daemon.containers.Add(c.ID, c)
+	daemon.idIndex.Add(c.ID)
+
+	return nil
+}
+
+func (daemon *Daemon) restore() error {
+	var (
+		debug         = utils.IsDebugEnabled()
+		currentDriver = daemon.GraphDriverName()
+		containers    = make(map[string]*container.Container)
+	)
+
+	if !debug {
+		logrus.Info("Loading containers: start.")
+	}
+	dir, err := ioutil.ReadDir(daemon.repository)
+	if err != nil {
+		return err
+	}
+
+	for _, v := range dir {
+		id := v.Name()
+		container, err := daemon.load(id)
+		if !debug && logrus.GetLevel() == logrus.InfoLevel {
+			fmt.Print(".")
+		}
+		if err != nil {
+			logrus.Errorf("Failed to load container %v: %v", id, err)
+			continue
+		}
+
+		// Ignore the container if it does not support the current driver being used by the graph
+		if (container.Driver == "" && currentDriver == "aufs") || container.Driver == currentDriver {
+			rwlayer, err := daemon.layerStore.GetRWLayer(container.ID)
+			if err != nil {
+				logrus.Errorf("Failed to load container mount %v: %v", id, err)
+				continue
+			}
+			container.RWLayer = rwlayer
+			logrus.Debugf("Loaded container %v", container.ID)
+
+			containers[container.ID] = container
+		} else {
+			logrus.Debugf("Cannot load container %s because it was created with another graph driver.", container.ID)
+		}
+	}
+
+	var migrateLegacyLinks bool
+	restartContainers := make(map[*container.Container]chan struct{})
+	for _, c := range containers {
+		if err := daemon.registerName(c); err != nil {
+			logrus.Errorf("Failed to register container %s: %s", c.ID, err)
+			continue
+		}
+		if err := daemon.Register(c); err != nil {
+			logrus.Errorf("Failed to register container %s: %s", c.ID, err)
+			continue
+		}
+	}
+	var wg sync.WaitGroup
+	var mapLock sync.Mutex
+	for _, c := range containers {
+		wg.Add(1)
+		go func(c *container.Container) {
+			defer wg.Done()
+			if c.IsRunning() || c.IsPaused() {
+				// Fix activityCount such that graph mounts can be unmounted later
+				if err := daemon.layerStore.ReinitRWLayer(c.RWLayer); err != nil {
+					logrus.Errorf("Failed to ReinitRWLayer for %s due to %s", c.ID, err)
+					return
+				}
+				if err := daemon.containerd.Restore(c.ID, libcontainerd.WithRestartManager(c.RestartManager(true))); err != nil {
+					logrus.Errorf("Failed to restore with containerd: %q", err)
+					return
+				}
+			}
+			// fixme: only if not running
+			// get list of containers we need to restart
+			if daemon.configStore.AutoRestart && !c.IsRunning() && !c.IsPaused() && c.ShouldRestartOnBoot() {
+				mapLock.Lock()
+				restartContainers[c] = make(chan struct{})
+				mapLock.Unlock()
+			}
+
+			// if c.hostConfig.Links is nil (not just empty), then it is using the old sqlite links and needs to be migrated
+			if c.HostConfig != nil && c.HostConfig.Links == nil {
+				migrateLegacyLinks = true
+			}
+		}(c)
+	}
+	wg.Wait()
+
+	// migrate any legacy links from sqlite
+	linkdbFile := filepath.Join(daemon.root, "linkgraph.db")
+	var legacyLinkDB *graphdb.Database
+	if migrateLegacyLinks {
+		legacyLinkDB, err = graphdb.NewSqliteConn(linkdbFile)
+		if err != nil {
+			return fmt.Errorf("error connecting to legacy link graph DB %s, container links may be lost: %v", linkdbFile, err)
+		}
+		defer legacyLinkDB.Close()
+	}
+
+	// Now that all the containers are registered, register the links
+	for _, c := range containers {
+		if migrateLegacyLinks {
+			if err := daemon.migrateLegacySqliteLinks(legacyLinkDB, c); err != nil {
+				return err
+			}
+		}
+		if err := daemon.registerLinks(c, c.HostConfig); err != nil {
+			logrus.Errorf("failed to register link for container %s: %v", c.ID, err)
+		}
+	}
+
+	group := sync.WaitGroup{}
+	for c, notifier := range restartContainers {
+		group.Add(1)
+
+		go func(c *container.Container, chNotify chan struct{}) {
+			defer group.Done()
+
+			logrus.Debugf("Starting container %s", c.ID)
+
+			// ignore errors here as this is a best effort to wait for children to be
+			//   running before we try to start the container
+			children := daemon.children(c)
+			timeout := time.After(5 * time.Second)
+			for _, child := range children {
+				if notifier, exists := restartContainers[child]; exists {
+					select {
+					case <-notifier:
+					case <-timeout:
+					}
+				}
+			}
+
+			// Make sure networks are available before starting
+			daemon.waitForNetworks(c)
+			if err := daemon.containerStart(c); err != nil {
+				logrus.Errorf("Failed to start container %s: %s", c.ID, err)
+			}
+			close(chNotify)
+		}(c, notifier)
+
+	}
+	group.Wait()
+
+	// any containers that were started above would already have had this done,
+	// however we need to now prepare the mountpoints for the rest of the containers as well.
+	// This shouldn't cause any issue running on the containers that already had this run.
+	// This must be run after any containers with a restart policy so that containerized plugins
+	// can have a chance to be running before we try to initialize them.
+	for _, c := range containers {
+		// if the container has restart policy, do not
+		// prepare the mountpoints since it has been done on restarting.
+		// This is to speed up the daemon start when a restart container
+		// has a volume and the volume dirver is not available.
+		if _, ok := restartContainers[c]; ok {
+			continue
+		}
+		group.Add(1)
+		go func(c *container.Container) {
+			defer group.Done()
+			if err := daemon.prepareMountPoints(c); err != nil {
+				logrus.Error(err)
+			}
+		}(c)
+	}
+
+	group.Wait()
+
+	if !debug {
+		if logrus.GetLevel() == logrus.InfoLevel {
+			fmt.Println()
+		}
+		logrus.Info("Loading containers: done.")
+	}
+
+	return nil
+}
+
+// waitForNetworks is used during daemon initialization when starting up containers
+// It ensures that all of a container's networks are available before the daemon tries to start the container.
+// In practice it just makes sure the discovery service is available for containers which use a network that require discovery.
+func (daemon *Daemon) waitForNetworks(c *container.Container) {
+	if daemon.discoveryWatcher == nil {
+		return
+	}
+	// Make sure if the container has a network that requires discovery that the discovery service is available before starting
+	for netName := range c.NetworkSettings.Networks {
+		// If we get `ErrNoSuchNetwork` here, it can assumed that it is due to discovery not being ready
+		// Most likely this is because the K/V store used for discovery is in a container and needs to be started
+		if _, err := daemon.netController.NetworkByName(netName); err != nil {
+			if _, ok := err.(libnetwork.ErrNoSuchNetwork); !ok {
+				continue
+			}
+			// use a longish timeout here due to some slowdowns in libnetwork if the k/v store is on anything other than --net=host
+			// FIXME: why is this slow???
+			logrus.Debugf("Container %s waiting for network to be ready", c.Name)
+			select {
+			case <-daemon.discoveryWatcher.ReadyCh():
+			case <-time.After(60 * time.Second):
+			}
+			return
+		}
+	}
+}
+
+func (daemon *Daemon) mergeAndVerifyConfig(config *containertypes.Config, img *image.Image) error {
+	if img != nil && img.Config != nil {
+		if err := merge(config, img.Config); err != nil {
+			return err
+		}
+	}
+	if len(config.Entrypoint) == 0 && len(config.Cmd) == 0 {
+		return fmt.Errorf("No command specified")
+	}
+	return nil
+}
+
+func (daemon *Daemon) generateIDAndName(name string) (string, string, error) {
+	var (
+		err error
+		id  = stringid.GenerateNonCryptoID()
+	)
+
+	if name == "" {
+		if name, err = daemon.generateNewName(id); err != nil {
+			return "", "", err
+		}
+		return id, name, nil
+	}
+
+	if name, err = daemon.reserveName(id, name); err != nil {
+		return "", "", err
+	}
+
+	return id, name, nil
+}
+
+func (daemon *Daemon) reserveName(id, name string) (string, error) {
+	if !validContainerNamePattern.MatchString(name) {
+		return "", fmt.Errorf("Invalid container name (%s), only %s are allowed", name, validContainerNameChars)
+	}
+	if name[0] != '/' {
+		name = "/" + name
+	}
+
+	if err := daemon.nameIndex.Reserve(name, id); err != nil {
+		if err == registrar.ErrNameReserved {
+			id, err := daemon.nameIndex.Get(name)
+			if err != nil {
+				logrus.Errorf("got unexpected error while looking up reserved name: %v", err)
+				return "", err
+			}
+			return "", fmt.Errorf("Conflict. The name %q is already in use by container %s. You have to remove (or rename) that container to be able to reuse that name.", name, id)
+		}
+		return "", fmt.Errorf("error reserving name: %s, error: %v", name, err)
+	}
+	return name, nil
+}
+
+func (daemon *Daemon) releaseName(name string) {
+	daemon.nameIndex.Release(name)
+}
+
+func (daemon *Daemon) generateNewName(id string) (string, error) {
+	var name string
+	for i := 0; i < 6; i++ {
+		name = namesgenerator.GetRandomName(i)
+		if name[0] != '/' {
+			name = "/" + name
+		}
+
+		if err := daemon.nameIndex.Reserve(name, id); err != nil {
+			if err == registrar.ErrNameReserved {
+				continue
+			}
+			return "", err
+		}
+		return name, nil
+	}
+
+	name = "/" + stringid.TruncateID(id)
+	if err := daemon.nameIndex.Reserve(name, id); err != nil {
+		return "", err
+	}
+	return name, nil
+}
+
+func (daemon *Daemon) generateHostname(id string, config *containertypes.Config) {
+	// Generate default hostname
+	if config.Hostname == "" {
+		config.Hostname = id[:12]
+	}
+}
+
+func (daemon *Daemon) getEntrypointAndArgs(configEntrypoint strslice.StrSlice, configCmd strslice.StrSlice) (string, []string) {
+	if len(configEntrypoint) != 0 {
+		return configEntrypoint[0], append(configEntrypoint[1:], configCmd...)
+	}
+	return configCmd[0], configCmd[1:]
+}
+
+func (daemon *Daemon) newContainer(name string, config *containertypes.Config, imgID image.ID) (*container.Container, error) {
+	var (
+		id             string
+		err            error
+		noExplicitName = name == ""
+	)
+	id, name, err = daemon.generateIDAndName(name)
+	if err != nil {
+		return nil, err
+	}
+
+	daemon.generateHostname(id, config)
+	entrypoint, args := daemon.getEntrypointAndArgs(config.Entrypoint, config.Cmd)
+
+	base := daemon.newBaseContainer(id)
+	base.Created = time.Now().UTC()
+	base.Path = entrypoint
+	base.Args = args //FIXME: de-duplicate from config
+	base.Config = config
+	base.HostConfig = &containertypes.HostConfig{}
+	base.ImageID = imgID
+	base.NetworkSettings = &network.Settings{IsAnonymousEndpoint: noExplicitName}
+	base.Name = name
+	base.Driver = daemon.GraphDriverName()
+
+	return base, err
+}
+
+// GetByName returns a container given a name.
+func (daemon *Daemon) GetByName(name string) (*container.Container, error) {
+	if len(name) == 0 {
+		return nil, fmt.Errorf("No container name supplied")
+	}
+	fullName := name
+	if name[0] != '/' {
+		fullName = "/" + name
+	}
+	id, err := daemon.nameIndex.Get(fullName)
+	if err != nil {
+		return nil, fmt.Errorf("Could not find entity for %s", name)
+	}
+	e := daemon.containers.Get(id)
+	if e == nil {
+		return nil, fmt.Errorf("Could not find container for entity id %s", id)
+	}
+	return e, nil
+}
+
+// SubscribeToEvents returns the currently record of events, a channel to stream new events from, and a function to cancel the stream of events.
+func (daemon *Daemon) SubscribeToEvents(since, sinceNano int64, filter filters.Args) ([]eventtypes.Message, chan interface{}) {
+	ef := events.NewFilter(filter)
+	return daemon.EventsService.SubscribeTopic(since, sinceNano, ef)
+}
+
+// UnsubscribeFromEvents stops the event subscription for a client by closing the
+// channel where the daemon sends events to.
+func (daemon *Daemon) UnsubscribeFromEvents(listener chan interface{}) {
+	daemon.EventsService.Evict(listener)
+}
+
+// GetLabels for a container or image id
+func (daemon *Daemon) GetLabels(id string) map[string]string {
+	// TODO: TestCase
+	container := daemon.containers.Get(id)
+	if container != nil {
+		return container.Config.Labels
+	}
+
+	img, err := daemon.GetImage(id)
+	if err == nil {
+		return img.ContainerConfig.Labels
+	}
+	return nil
+}
+
+func (daemon *Daemon) children(c *container.Container) map[string]*container.Container {
+	return daemon.linkIndex.children(c)
+}
+
+// parents returns the names of the parent containers of the container
+// with the given name.
+func (daemon *Daemon) parents(c *container.Container) map[string]*container.Container {
+	return daemon.linkIndex.parents(c)
+}
+
+func (daemon *Daemon) registerLink(parent, child *container.Container, alias string) error {
+	fullName := path.Join(parent.Name, alias)
+	if err := daemon.nameIndex.Reserve(fullName, child.ID); err != nil {
+		if err == registrar.ErrNameReserved {
+			logrus.Warnf("error registering link for %s, to %s, as alias %s, ignoring: %v", parent.ID, child.ID, alias, err)
+			return nil
+		}
+		return err
+	}
+	daemon.linkIndex.link(parent, child, fullName)
+	return nil
+}
+
+// NewDaemon sets up everything for the daemon to be able to service
+// requests from the webserver.
+func NewDaemon(config *Config, registryService *registry.Service, containerdRemote libcontainerd.Remote) (daemon *Daemon, err error) {
+	setDefaultMtu(config)
+
+	// Ensure we have compatible and valid configuration options
+	if err := verifyDaemonSettings(config); err != nil {
+		return nil, err
+	}
+
+	// Do we have a disabled network?
+	config.DisableBridge = isBridgeNetworkDisabled(config)
+
+	// Verify the platform is supported as a daemon
+	if !platformSupported {
+		return nil, errSystemNotSupported
+	}
+
+	// Validate platform-specific requirements
+	if err := checkSystem(); err != nil {
+		return nil, err
+	}
+
+	// set up SIGUSR1 handler on Unix-like systems, or a Win32 global event
+	// on Windows to dump Go routine stacks
+	setupDumpStackTrap()
+
+	uidMaps, gidMaps, err := setupRemappedRoot(config)
+	if err != nil {
+		return nil, err
+	}
+	rootUID, rootGID, err := idtools.GetRootUIDGID(uidMaps, gidMaps)
+	if err != nil {
+		return nil, err
+	}
+
+	// get the canonical path to the Docker root directory
+	var realRoot string
+	if _, err := os.Stat(config.Root); err != nil && os.IsNotExist(err) {
+		realRoot = config.Root
+	} else {
+		realRoot, err = fileutils.ReadSymlinkedDirectory(config.Root)
+		if err != nil {
+			return nil, fmt.Errorf("Unable to get the full path to root (%s): %s", config.Root, err)
+		}
+	}
+
+	if err = setupDaemonRoot(config, realRoot, rootUID, rootGID); err != nil {
+		return nil, err
+	}
+
+	// set up the tmpDir to use a canonical path
+	tmp, err := tempDir(config.Root, rootUID, rootGID)
+	if err != nil {
+		return nil, fmt.Errorf("Unable to get the TempDir under %s: %s", config.Root, err)
+	}
+	realTmp, err := fileutils.ReadSymlinkedDirectory(tmp)
+	if err != nil {
+		return nil, fmt.Errorf("Unable to get the full path to the TempDir (%s): %s", tmp, err)
+	}
+	os.Setenv("TMPDIR", realTmp)
+
+	d := &Daemon{configStore: config}
+	// Ensure the daemon is properly shutdown if there is a failure during
+	// initialization
+	defer func() {
+		if err != nil {
+			if err := d.Shutdown(); err != nil {
+				logrus.Error(err)
+			}
+		}
+	}()
+
+	// Set the default isolation mode (only applicable on Windows)
+	if err := d.setDefaultIsolation(); err != nil {
+		return nil, fmt.Errorf("error setting default isolation mode: %v", err)
+	}
+
+	// Verify logging driver type
+	if config.LogConfig.Type != "none" {
+		if _, err := logger.GetLogDriver(config.LogConfig.Type); err != nil {
+			return nil, fmt.Errorf("error finding the logging driver: %v", err)
+		}
+	}
+	logrus.Debugf("Using default logging driver %s", config.LogConfig.Type)
+
+	if err := configureMaxThreads(config); err != nil {
+		logrus.Warnf("Failed to configure golang's threads limit: %v", err)
+	}
+
+	installDefaultAppArmorProfile()
+	daemonRepo := filepath.Join(config.Root, "containers")
+	if err := idtools.MkdirAllAs(daemonRepo, 0700, rootUID, rootGID); err != nil && !os.IsExist(err) {
+		return nil, err
+	}
+
+	driverName := os.Getenv("DOCKER_DRIVER")
+	if driverName == "" {
+		driverName = config.GraphDriver
+	}
+	d.layerStore, err = layer.NewStoreFromOptions(layer.StoreOptions{
+		StorePath:                 config.Root,
+		MetadataStorePathTemplate: filepath.Join(config.Root, "image", "%s", "layerdb"),
+		GraphDriver:               driverName,
+		GraphDriverOptions:        config.GraphOptions,
+		UIDMaps:                   uidMaps,
+		GIDMaps:                   gidMaps,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	graphDriver := d.layerStore.DriverName()
+	imageRoot := filepath.Join(config.Root, "image", graphDriver)
+
+	// Configure and validate the kernels security support
+	if err := configureKernelSecuritySupport(config, graphDriver); err != nil {
+		return nil, err
+	}
+
+	d.downloadManager = xfer.NewLayerDownloadManager(d.layerStore, maxDownloadConcurrency)
+	d.uploadManager = xfer.NewLayerUploadManager(maxUploadConcurrency)
+
+	ifs, err := image.NewFSStoreBackend(filepath.Join(imageRoot, "imagedb"))
+	if err != nil {
+		return nil, err
+	}
+
+	d.imageStore, err = image.NewImageStore(ifs, d.layerStore)
+	if err != nil {
+		return nil, err
+	}
+
+	// Configure the volumes driver
+	volStore, err := configureVolumes(config, rootUID, rootGID)
+	if err != nil {
+		return nil, err
+	}
+
+	trustKey, err := api.LoadOrCreateTrustKey(config.TrustKeyPath)
+	if err != nil {
+		return nil, err
+	}
+
+	trustDir := filepath.Join(config.Root, "trust")
+
+	if err := system.MkdirAll(trustDir, 0700); err != nil {
+		return nil, err
+	}
+
+	distributionMetadataStore, err := dmetadata.NewFSMetadataStore(filepath.Join(imageRoot, "distribution"))
+	if err != nil {
+		return nil, err
+	}
+
+	eventsService := events.New()
+
+	referenceStore, err := reference.NewReferenceStore(filepath.Join(imageRoot, "repositories.json"))
+	if err != nil {
+		return nil, fmt.Errorf("Couldn't create Tag store repositories: %s", err)
+	}
+
+	if err := restoreCustomImage(d.imageStore, d.layerStore, referenceStore); err != nil {
+		return nil, fmt.Errorf("Couldn't restore custom images: %s", err)
+	}
+
+	migrationStart := time.Now()
+	if err := v1.Migrate(config.Root, graphDriver, d.layerStore, d.imageStore, referenceStore, distributionMetadataStore); err != nil {
+		logrus.Errorf("Graph migration failed: %q. Your old graph data was found to be too inconsistent for upgrading to content-addressable storage. Some of the old data was probably not upgraded. We recommend starting over with a clean storage directory if possible.", err)
+	}
+	logrus.Infof("Graph migration to content-addressability took %.2f seconds", time.Since(migrationStart).Seconds())
+
+	// Discovery is only enabled when the daemon is launched with an address to advertise.  When
+	// initialized, the daemon is registered and we can store the discovery backend as its read-only
+	if err := d.initDiscovery(config); err != nil {
+		return nil, err
+	}
+
+	d.netController, err = d.initNetworkController(config)
+	if err != nil {
+		return nil, fmt.Errorf("Error initializing network controller: %v", err)
+	}
+
+	sysInfo := sysinfo.New(false)
+	// Check if Devices cgroup is mounted, it is hard requirement for container security,
+	// on Linux/FreeBSD.
+	if runtime.GOOS != "windows" && !sysInfo.CgroupDevicesEnabled {
+		return nil, fmt.Errorf("Devices cgroup isn't mounted")
+	}
+
+	d.ID = trustKey.PublicKey().KeyID()
+	d.repository = daemonRepo
+	d.containers = container.NewMemoryStore()
+	d.execCommands = exec.NewStore()
+	d.referenceStore = referenceStore
+	d.distributionMetadataStore = distributionMetadataStore
+	d.trustKey = trustKey
+	d.idIndex = truncindex.NewTruncIndex([]string{})
+	d.statsCollector = d.newStatsCollector(1 * time.Second)
+	d.defaultLogConfig = containertypes.LogConfig{
+		Type:   config.LogConfig.Type,
+		Config: config.LogConfig.Config,
+	}
+	d.RegistryService = registryService
+	d.EventsService = eventsService
+	d.volumes = volStore
+	d.root = config.Root
+	d.uidMaps = uidMaps
+	d.gidMaps = gidMaps
+	d.seccompEnabled = sysInfo.Seccomp
+
+	d.nameIndex = registrar.NewRegistrar()
+	d.linkIndex = newLinkIndex()
+
+	go d.execCommandGC()
+
+	d.containerd, err = containerdRemote.Client(d)
+	if err != nil {
+		return nil, err
+	}
+
+	if err := d.restore(); err != nil {
+		return nil, err
+	}
+
+	return d, nil
+}
+
+func (daemon *Daemon) shutdownContainer(c *container.Container) error {
+	// TODO(windows): Handle docker restart with paused containers
+	if c.IsPaused() {
+		// To terminate a process in freezer cgroup, we should send
+		// SIGTERM to this process then unfreeze it, and the process will
+		// force to terminate immediately.
+		logrus.Debugf("Found container %s is paused, sending SIGTERM before unpause it", c.ID)
+		sig, ok := signal.SignalMap["TERM"]
+		if !ok {
+			return fmt.Errorf("System doesn not support SIGTERM")
+		}
+		if err := daemon.kill(c, int(sig)); err != nil {
+			return fmt.Errorf("sending SIGTERM to container %s with error: %v", c.ID, err)
+		}
+		if err := daemon.containerUnpause(c); err != nil {
+			return fmt.Errorf("Failed to unpause container %s with error: %v", c.ID, err)
+		}
+		if _, err := c.WaitStop(10 * time.Second); err != nil {
+			logrus.Debugf("container %s failed to exit in 10 second of SIGTERM, sending SIGKILL to force", c.ID)
+			sig, ok := signal.SignalMap["KILL"]
+			if !ok {
+				return fmt.Errorf("System does not support SIGKILL")
+			}
+			if err := daemon.kill(c, int(sig)); err != nil {
+				logrus.Errorf("Failed to SIGKILL container %s", c.ID)
+			}
+			c.WaitStop(-1 * time.Second)
+			return err
+		}
+	}
+	// If container failed to exit in 10 seconds of SIGTERM, then using the force
+	if err := daemon.containerStop(c, 10); err != nil {
+		return fmt.Errorf("Stop container %s with error: %v", c.ID, err)
+	}
+
+	c.WaitStop(-1 * time.Second)
+	return nil
+}
+
+// Shutdown stops the daemon.
+func (daemon *Daemon) Shutdown() error {
+	daemon.shutdown = true
+	if daemon.containers != nil {
+		logrus.Debug("starting clean shutdown of all containers...")
+		daemon.containers.ApplyAll(func(c *container.Container) {
+			if !c.IsRunning() {
+				return
+			}
+			logrus.Debugf("stopping %s", c.ID)
+			if err := daemon.shutdownContainer(c); err != nil {
+				logrus.Errorf("Stop container error: %v", err)
+				return
+			}
+			if mountid, err := daemon.layerStore.GetMountID(c.ID); err == nil {
+				daemon.cleanupMountsByID(mountid)
+			}
+			logrus.Debugf("container stopped %s", c.ID)
+		})
+	}
+
+	// trigger libnetwork Stop only if it's initialized
+	if daemon.netController != nil {
+		daemon.netController.Stop()
+	}
+
+	if daemon.layerStore != nil {
+		if err := daemon.layerStore.Cleanup(); err != nil {
+			logrus.Errorf("Error during layer Store.Cleanup(): %v", err)
+		}
+	}
+
+	if err := daemon.cleanupMounts(); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// Mount sets container.BaseFS
+// (is it not set coming in? why is it unset?)
+func (daemon *Daemon) Mount(container *container.Container) error {
+	dir, err := container.RWLayer.Mount(container.GetMountLabel())
+	if err != nil {
+		return err
+	}
+	logrus.Debugf("container mounted via layerStore: %v", dir)
+
+	if container.BaseFS != dir {
+		// The mount path reported by the graph driver should always be trusted on Windows, since the
+		// volume path for a given mounted layer may change over time.  This should only be an error
+		// on non-Windows operating systems.
+		if container.BaseFS != "" && runtime.GOOS != "windows" {
+			daemon.Unmount(container)
+			return fmt.Errorf("Error: driver %s is returning inconsistent paths for container %s ('%s' then '%s')",
+				daemon.GraphDriverName(), container.ID, container.BaseFS, dir)
+		}
+	}
+	container.BaseFS = dir // TODO: combine these fields
+	return nil
+}
+
+// Unmount unsets the container base filesystem
+func (daemon *Daemon) Unmount(container *container.Container) error {
+	if err := container.RWLayer.Unmount(); err != nil {
+		logrus.Errorf("Error unmounting container %s: %s", container.ID, err)
+		return err
+	}
+	return nil
+}
+
+func (daemon *Daemon) kill(c *container.Container, sig int) error {
+	return daemon.containerd.Signal(c.ID, sig)
+}
+
+func (daemon *Daemon) subscribeToContainerStats(c *container.Container) chan interface{} {
+	return daemon.statsCollector.collect(c)
+}
+
+func (daemon *Daemon) unsubscribeToContainerStats(c *container.Container, ch chan interface{}) {
+	daemon.statsCollector.unsubscribe(c, ch)
+}
+
+func (daemon *Daemon) changes(container *container.Container) ([]archive.Change, error) {
+	return container.RWLayer.Changes()
+}
+
+// TagImage creates the tag specified by newTag, pointing to the image named
+// imageName (alternatively, imageName can also be an image ID).
+func (daemon *Daemon) TagImage(newTag reference.Named, imageName string) error {
+	imageID, err := daemon.GetImageID(imageName)
+	if err != nil {
+		return err
+	}
+	if err := daemon.referenceStore.AddTag(newTag, imageID, true); err != nil {
+		return err
+	}
+
+	daemon.LogImageEvent(imageID.String(), newTag.String(), "tag")
+	return nil
+}
+
+func writeDistributionProgress(cancelFunc func(), outStream io.Writer, progressChan <-chan progress.Progress) {
+	progressOutput := streamformatter.NewJSONStreamFormatter().NewProgressOutput(outStream, false)
+	operationCancelled := false
+
+	for prog := range progressChan {
+		if err := progressOutput.WriteProgress(prog); err != nil && !operationCancelled {
+			// don't log broken pipe errors as this is the normal case when a client aborts
+			if isBrokenPipe(err) {
+				logrus.Info("Pull session cancelled")
+			} else {
+				logrus.Errorf("error writing progress to client: %v", err)
+			}
+			cancelFunc()
+			operationCancelled = true
+			// Don't return, because we need to continue draining
+			// progressChan until it's closed to avoid a deadlock.
+		}
+	}
+}
+
+func isBrokenPipe(e error) bool {
+	if netErr, ok := e.(*net.OpError); ok {
+		e = netErr.Err
+		if sysErr, ok := netErr.Err.(*os.SyscallError); ok {
+			e = sysErr.Err
+		}
+	}
+	return e == syscall.EPIPE
+}
+
+// PullImage initiates a pull operation. image is the repository name to pull, and
+// tag may be either empty, or indicate a specific tag to pull.
+func (daemon *Daemon) PullImage(ctx context.Context, ref reference.Named, metaHeaders map[string][]string, authConfig *types.AuthConfig, outStream io.Writer) error {
+	// Include a buffer so that slow client connections don't affect
+	// transfer performance.
+	progressChan := make(chan progress.Progress, 100)
+
+	writesDone := make(chan struct{})
+
+	ctx, cancelFunc := context.WithCancel(ctx)
+
+	go func() {
+		writeDistributionProgress(cancelFunc, outStream, progressChan)
+		close(writesDone)
+	}()
+
+	imagePullConfig := &distribution.ImagePullConfig{
+		MetaHeaders:      metaHeaders,
+		AuthConfig:       authConfig,
+		ProgressOutput:   progress.ChanOutput(progressChan),
+		RegistryService:  daemon.RegistryService,
+		ImageEventLogger: daemon.LogImageEvent,
+		MetadataStore:    daemon.distributionMetadataStore,
+		ImageStore:       daemon.imageStore,
+		ReferenceStore:   daemon.referenceStore,
+		DownloadManager:  daemon.downloadManager,
+	}
+
+	err := distribution.Pull(ctx, ref, imagePullConfig)
+	close(progressChan)
+	<-writesDone
+	return err
+}
+
+// PullOnBuild tells Docker to pull image referenced by `name`.
+func (daemon *Daemon) PullOnBuild(ctx context.Context, name string, authConfigs map[string]types.AuthConfig, output io.Writer) (builder.Image, error) {
+	ref, err := reference.ParseNamed(name)
+	if err != nil {
+		return nil, err
+	}
+	ref = reference.WithDefaultTag(ref)
+
+	pullRegistryAuth := &types.AuthConfig{}
+	if len(authConfigs) > 0 {
+		// The request came with a full auth config file, we prefer to use that
+		repoInfo, err := daemon.RegistryService.ResolveRepository(ref)
+		if err != nil {
+			return nil, err
+		}
+
+		resolvedConfig := registry.ResolveAuthConfig(
+			authConfigs,
+			repoInfo.Index,
+		)
+		pullRegistryAuth = &resolvedConfig
+	}
+
+	if err := daemon.PullImage(ctx, ref, nil, pullRegistryAuth, output); err != nil {
+		return nil, err
+	}
+	return daemon.GetImage(name)
+}
+
+// ExportImage exports a list of images to the given output stream. The
+// exported images are archived into a tar when written to the output
+// stream. All images with the given tag and all versions containing
+// the same tag are exported. names is the set of tags to export, and
+// outStream is the writer which the images are written to.
+func (daemon *Daemon) ExportImage(names []string, outStream io.Writer) error {
+	imageExporter := tarexport.NewTarExporter(daemon.imageStore, daemon.layerStore, daemon.referenceStore)
+	return imageExporter.Save(names, outStream)
+}
+
+// PushImage initiates a push operation on the repository named localName.
+func (daemon *Daemon) PushImage(ctx context.Context, ref reference.Named, metaHeaders map[string][]string, authConfig *types.AuthConfig, outStream io.Writer) error {
+	// Include a buffer so that slow client connections don't affect
+	// transfer performance.
+	progressChan := make(chan progress.Progress, 100)
+
+	writesDone := make(chan struct{})
+
+	ctx, cancelFunc := context.WithCancel(ctx)
+
+	go func() {
+		writeDistributionProgress(cancelFunc, outStream, progressChan)
+		close(writesDone)
+	}()
+
+	imagePushConfig := &distribution.ImagePushConfig{
+		MetaHeaders:      metaHeaders,
+		AuthConfig:       authConfig,
+		ProgressOutput:   progress.ChanOutput(progressChan),
+		RegistryService:  daemon.RegistryService,
+		ImageEventLogger: daemon.LogImageEvent,
+		MetadataStore:    daemon.distributionMetadataStore,
+		LayerStore:       daemon.layerStore,
+		ImageStore:       daemon.imageStore,
+		ReferenceStore:   daemon.referenceStore,
+		TrustKey:         daemon.trustKey,
+		UploadManager:    daemon.uploadManager,
+	}
+
+	err := distribution.Push(ctx, ref, imagePushConfig)
+	close(progressChan)
+	<-writesDone
+	return err
+}
+
+// LookupImage looks up an image by name and returns it as an ImageInspect
+// structure.
+func (daemon *Daemon) LookupImage(name string) (*types.ImageInspect, error) {
+	img, err := daemon.GetImage(name)
+	if err != nil {
+		return nil, fmt.Errorf("No such image: %s", name)
+	}
+
+	refs := daemon.referenceStore.References(img.ID())
+	repoTags := []string{}
+	repoDigests := []string{}
+	for _, ref := range refs {
+		switch ref.(type) {
+		case reference.NamedTagged:
+			repoTags = append(repoTags, ref.String())
+		case reference.Canonical:
+			repoDigests = append(repoDigests, ref.String())
+		}
+	}
+
+	var size int64
+	var layerMetadata map[string]string
+	layerID := img.RootFS.ChainID()
+	if layerID != "" {
+		l, err := daemon.layerStore.Get(layerID)
+		if err != nil {
+			return nil, err
+		}
+		defer layer.ReleaseAndLog(daemon.layerStore, l)
+		size, err = l.Size()
+		if err != nil {
+			return nil, err
+		}
+
+		layerMetadata, err = l.Metadata()
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	comment := img.Comment
+	if len(comment) == 0 && len(img.History) > 0 {
+		comment = img.History[len(img.History)-1].Comment
+	}
+
+	imageInspect := &types.ImageInspect{
+		ID:              img.ID().String(),
+		RepoTags:        repoTags,
+		RepoDigests:     repoDigests,
+		Parent:          img.Parent.String(),
+		Comment:         comment,
+		Created:         img.Created.Format(time.RFC3339Nano),
+		Container:       img.Container,
+		ContainerConfig: &img.ContainerConfig,
+		DockerVersion:   img.DockerVersion,
+		Author:          img.Author,
+		Config:          img.Config,
+		Architecture:    img.Architecture,
+		Os:              img.OS,
+		Size:            size,
+		VirtualSize:     size, // TODO: field unused, deprecate
+		RootFS:          rootFSToAPIType(img.RootFS),
+	}
+
+	imageInspect.GraphDriver.Name = daemon.GraphDriverName()
+
+	imageInspect.GraphDriver.Data = layerMetadata
+
+	return imageInspect, nil
+}
+
+// LoadImage uploads a set of images into the repository. This is the
+// complement of ImageExport.  The input stream is an uncompressed tar
+// ball containing images and metadata.
+func (daemon *Daemon) LoadImage(inTar io.ReadCloser, outStream io.Writer, quiet bool) error {
+	imageExporter := tarexport.NewTarExporter(daemon.imageStore, daemon.layerStore, daemon.referenceStore)
+	return imageExporter.Load(inTar, outStream, quiet)
+}
+
+// ImageHistory returns a slice of ImageHistory structures for the specified image
+// name by walking the image lineage.
+func (daemon *Daemon) ImageHistory(name string) ([]*types.ImageHistory, error) {
+	img, err := daemon.GetImage(name)
+	if err != nil {
+		return nil, err
+	}
+
+	history := []*types.ImageHistory{}
+
+	layerCounter := 0
+	rootFS := *img.RootFS
+	rootFS.DiffIDs = nil
+
+	for _, h := range img.History {
+		var layerSize int64
+
+		if !h.EmptyLayer {
+			if len(img.RootFS.DiffIDs) <= layerCounter {
+				return nil, fmt.Errorf("too many non-empty layers in History section")
+			}
+
+			rootFS.Append(img.RootFS.DiffIDs[layerCounter])
+			l, err := daemon.layerStore.Get(rootFS.ChainID())
+			if err != nil {
+				return nil, err
+			}
+			layerSize, err = l.DiffSize()
+			layer.ReleaseAndLog(daemon.layerStore, l)
+			if err != nil {
+				return nil, err
+			}
+
+			layerCounter++
+		}
+
+		history = append([]*types.ImageHistory{{
+			ID:        "<missing>",
+			Created:   h.Created.Unix(),
+			CreatedBy: h.CreatedBy,
+			Comment:   h.Comment,
+			Size:      layerSize,
+		}}, history...)
+	}
+
+	// Fill in image IDs and tags
+	histImg := img
+	id := img.ID()
+	for _, h := range history {
+		h.ID = id.String()
+
+		var tags []string
+		for _, r := range daemon.referenceStore.References(id) {
+			if _, ok := r.(reference.NamedTagged); ok {
+				tags = append(tags, r.String())
+			}
+		}
+
+		h.Tags = tags
+
+		id = histImg.Parent
+		if id == "" {
+			break
+		}
+		histImg, err = daemon.GetImage(id.String())
+		if err != nil {
+			break
+		}
+	}
+
+	return history, nil
+}
+
+// GetImageID returns an image ID corresponding to the image referred to by
+// refOrID.
+func (daemon *Daemon) GetImageID(refOrID string) (image.ID, error) {
+	id, ref, err := reference.ParseIDOrReference(refOrID)
+	if err != nil {
+		return "", err
+	}
+	if id != "" {
+		if _, err := daemon.imageStore.Get(image.ID(id)); err != nil {
+			return "", ErrImageDoesNotExist{refOrID}
+		}
+		return image.ID(id), nil
+	}
+
+	if id, err := daemon.referenceStore.Get(ref); err == nil {
+		return id, nil
+	}
+	if tagged, ok := ref.(reference.NamedTagged); ok {
+		if id, err := daemon.imageStore.Search(tagged.Tag()); err == nil {
+			for _, namedRef := range daemon.referenceStore.References(id) {
+				if namedRef.Name() == ref.Name() {
+					return id, nil
+				}
+			}
+		}
+	}
+
+	// Search based on ID
+	if id, err := daemon.imageStore.Search(refOrID); err == nil {
+		return id, nil
+	}
+
+	return "", ErrImageDoesNotExist{refOrID}
+}
+
+// GetImage returns an image corresponding to the image referred to by refOrID.
+func (daemon *Daemon) GetImage(refOrID string) (*image.Image, error) {
+	imgID, err := daemon.GetImageID(refOrID)
+	if err != nil {
+		return nil, err
+	}
+	return daemon.imageStore.Get(imgID)
+}
+
+// GetImageOnBuild looks up a Docker image referenced by `name`.
+func (daemon *Daemon) GetImageOnBuild(name string) (builder.Image, error) {
+	img, err := daemon.GetImage(name)
+	if err != nil {
+		return nil, err
+	}
+	return img, nil
+}
+
+// GraphDriverName returns the name of the graph driver used by the layer.Store
+func (daemon *Daemon) GraphDriverName() string {
+	return daemon.layerStore.DriverName()
+}
+
+// GetUIDGIDMaps returns the current daemon's user namespace settings
+// for the full uid and gid maps which will be applied to containers
+// started in this instance.
+func (daemon *Daemon) GetUIDGIDMaps() ([]idtools.IDMap, []idtools.IDMap) {
+	return daemon.uidMaps, daemon.gidMaps
+}
+
+// GetRemappedUIDGID returns the current daemon's uid and gid values
+// if user namespaces are in use for this daemon instance.  If not
+// this function will return "real" root values of 0, 0.
+func (daemon *Daemon) GetRemappedUIDGID() (int, int) {
+	uid, gid, _ := idtools.GetRootUIDGID(daemon.uidMaps, daemon.gidMaps)
+	return uid, gid
+}
+
+// GetCachedImage returns the most recent created image that is a child
+// of the image with imgID, that had the same config when it was
+// created. nil is returned if a child cannot be found. An error is
+// returned if the parent image cannot be found.
+func (daemon *Daemon) GetCachedImage(imgID image.ID, config *containertypes.Config) (*image.Image, error) {
+	// Loop on the children of the given image and check the config
+	getMatch := func(siblings []image.ID) (*image.Image, error) {
+		var match *image.Image
+		for _, id := range siblings {
+			img, err := daemon.imageStore.Get(id)
+			if err != nil {
+				return nil, fmt.Errorf("unable to find image %q", id)
+			}
+
+			if runconfig.Compare(&img.ContainerConfig, config) {
+				// check for the most up to date match
+				if match == nil || match.Created.Before(img.Created) {
+					match = img
+				}
+			}
+		}
+		return match, nil
+	}
+
+	// In this case, this is `FROM scratch`, which isn't an actual image.
+	if imgID == "" {
+		images := daemon.imageStore.Map()
+		var siblings []image.ID
+		for id, img := range images {
+			if img.Parent == imgID {
+				siblings = append(siblings, id)
+			}
+		}
+		return getMatch(siblings)
+	}
+
+	// find match from child images
+	siblings := daemon.imageStore.Children(imgID)
+	return getMatch(siblings)
+}
+
+// GetCachedImageOnBuild returns a reference to a cached image whose parent equals `parent`
+// and runconfig equals `cfg`. A cache miss is expected to return an empty ID and a nil error.
+func (daemon *Daemon) GetCachedImageOnBuild(imgID string, cfg *containertypes.Config) (string, error) {
+	cache, err := daemon.GetCachedImage(image.ID(imgID), cfg)
+	if cache == nil || err != nil {
+		return "", err
+	}
+	return cache.ID().String(), nil
+}
+
+// tempDir returns the default directory to use for temporary files.
+func tempDir(rootDir string, rootUID, rootGID int) (string, error) {
+	var tmpDir string
+	if tmpDir = os.Getenv("DOCKER_TMPDIR"); tmpDir == "" {
+		tmpDir = filepath.Join(rootDir, "tmp")
+	}
+	return tmpDir, idtools.MkdirAllAs(tmpDir, 0700, rootUID, rootGID)
+}
+
+func (daemon *Daemon) setSecurityOptions(container *container.Container, hostConfig *containertypes.HostConfig) error {
+	container.Lock()
+	defer container.Unlock()
+	return parseSecurityOpt(container, hostConfig)
+}
+
+func (daemon *Daemon) setHostConfig(container *container.Container, hostConfig *containertypes.HostConfig) error {
+	// Do not lock while creating volumes since this could be calling out to external plugins
+	// Don't want to block other actions, like `docker ps` because we're waiting on an external plugin
+	if err := daemon.registerMountPoints(container, hostConfig); err != nil {
+		return err
+	}
+
+	container.Lock()
+	defer container.Unlock()
+
+	// Register any links from the host config before starting the container
+	if err := daemon.registerLinks(container, hostConfig); err != nil {
+		return err
+	}
+
+	// make sure links is not nil
+	// this ensures that on the next daemon restart we don't try to migrate from legacy sqlite links
+	if hostConfig.Links == nil {
+		hostConfig.Links = []string{}
+	}
+
+	container.HostConfig = hostConfig
+	return container.ToDisk()
+}
+
+func (daemon *Daemon) setupInitLayer(initPath string) error {
+	rootUID, rootGID := daemon.GetRemappedUIDGID()
+	return setupInitLayer(initPath, rootUID, rootGID)
+}
+
+func setDefaultMtu(config *Config) {
+	// do nothing if the config does not have the default 0 value.
+	if config.Mtu != 0 {
+		return
+	}
+	config.Mtu = defaultNetworkMtu
+}
+
+// verifyContainerSettings performs validation of the hostconfig and config
+// structures.
+func (daemon *Daemon) verifyContainerSettings(hostConfig *containertypes.HostConfig, config *containertypes.Config, update bool) ([]string, error) {
+
+	// First perform verification of settings common across all platforms.
+	if config != nil {
+		if config.WorkingDir != "" {
+			config.WorkingDir = filepath.FromSlash(config.WorkingDir) // Ensure in platform semantics
+			if !system.IsAbs(config.WorkingDir) {
+				return nil, fmt.Errorf("The working directory '%s' is invalid. It needs to be an absolute path.", config.WorkingDir)
+			}
+		}
+
+		if len(config.StopSignal) > 0 {
+			_, err := signal.ParseSignal(config.StopSignal)
+			if err != nil {
+				return nil, err
+			}
+		}
+	}
+
+	if hostConfig == nil {
+		return nil, nil
+	}
+
+	logCfg := daemon.getLogConfig(hostConfig.LogConfig)
+	if err := logger.ValidateLogOpts(logCfg.Type, logCfg.Config); err != nil {
+		return nil, err
+	}
+
+	for port := range hostConfig.PortBindings {
+		_, portStr := nat.SplitProtoPort(string(port))
+		if _, err := nat.ParsePort(portStr); err != nil {
+			return nil, fmt.Errorf("Invalid port specification: %q", portStr)
+		}
+		for _, pb := range hostConfig.PortBindings[port] {
+			_, err := nat.NewPort(nat.SplitProtoPort(pb.HostPort))
+			if err != nil {
+				return nil, fmt.Errorf("Invalid port specification: %q", pb.HostPort)
+			}
+		}
+	}
+
+	// Now do platform-specific verification
+	return verifyPlatformContainerSettings(daemon, hostConfig, config, update)
+}
+
+// Checks if the client set configurations for more than one network while creating a container
+func (daemon *Daemon) verifyNetworkingConfig(nwConfig *networktypes.NetworkingConfig) error {
+	if nwConfig == nil || len(nwConfig.EndpointsConfig) <= 1 {
+		return nil
+	}
+	l := make([]string, 0, len(nwConfig.EndpointsConfig))
+	for k := range nwConfig.EndpointsConfig {
+		l = append(l, k)
+	}
+	err := fmt.Errorf("Container cannot be connected to network endpoints: %s", strings.Join(l, ", "))
+	return errors.NewBadRequestError(err)
+}
+
+func configureVolumes(config *Config, rootUID, rootGID int) (*store.VolumeStore, error) {
+	volumesDriver, err := local.New(config.Root, rootUID, rootGID)
+	if err != nil {
+		return nil, err
+	}
+
+	volumedrivers.Register(volumesDriver, volumesDriver.Name())
+	return store.New(config.Root)
+}
+
+// AuthenticateToRegistry checks the validity of credentials in authConfig
+func (daemon *Daemon) AuthenticateToRegistry(ctx context.Context, authConfig *types.AuthConfig) (string, string, error) {
+	return daemon.RegistryService.Auth(authConfig, dockerversion.DockerUserAgent(ctx))
+}
+
+// SearchRegistryForImages queries the registry for images matching
+// term. authConfig is used to login.
+func (daemon *Daemon) SearchRegistryForImages(ctx context.Context, term string,
+	authConfig *types.AuthConfig,
+	headers map[string][]string) (*registrytypes.SearchResults, error) {
+	return daemon.RegistryService.Search(term, authConfig, dockerversion.DockerUserAgent(ctx), headers)
+}
+
+// IsShuttingDown tells whether the daemon is shutting down or not
+func (daemon *Daemon) IsShuttingDown() bool {
+	return daemon.shutdown
+}
+
+// GetContainerStats collects all the stats published by a container
+func (daemon *Daemon) GetContainerStats(container *container.Container) (*types.StatsJSON, error) {
+	stats, err := daemon.stats(container)
+	if err != nil {
+		return nil, err
+	}
+
+	if stats.Networks, err = daemon.getNetworkStats(container); err != nil {
+		return nil, err
+	}
+
+	return stats, nil
+}
+
+func (daemon *Daemon) getNetworkStats(c *container.Container) (map[string]types.NetworkStats, error) {
+	sb, err := daemon.netController.SandboxByID(c.NetworkSettings.SandboxID)
+	if err != nil {
+		return nil, err
+	}
+
+	lnstats, err := sb.Statistics()
+	if err != nil {
+		return nil, err
+	}
+
+	stats := make(map[string]types.NetworkStats)
+	// Convert libnetwork nw stats into engine-api stats
+	for ifName, ifStats := range lnstats {
+		stats[ifName] = types.NetworkStats{
+			RxBytes:   ifStats.RxBytes,
+			RxPackets: ifStats.RxPackets,
+			RxErrors:  ifStats.RxErrors,
+			RxDropped: ifStats.RxDropped,
+			TxBytes:   ifStats.TxBytes,
+			TxPackets: ifStats.TxPackets,
+			TxErrors:  ifStats.TxErrors,
+			TxDropped: ifStats.TxDropped,
+		}
+	}
+
+	return stats, nil
+}
+
+// newBaseContainer creates a new container with its initial
+// configuration based on the root storage from the daemon.
+func (daemon *Daemon) newBaseContainer(id string) *container.Container {
+	return container.NewBaseContainer(id, daemon.containerRoot(id))
+}
+
+// initDiscovery initializes the discovery watcher for this daemon.
+func (daemon *Daemon) initDiscovery(config *Config) error {
+	advertise, err := parseClusterAdvertiseSettings(config.ClusterStore, config.ClusterAdvertise)
+	if err != nil {
+		if err == errDiscoveryDisabled {
+			return nil
+		}
+		return err
+	}
+
+	config.ClusterAdvertise = advertise
+	discoveryWatcher, err := initDiscovery(config.ClusterStore, config.ClusterAdvertise, config.ClusterOpts)
+	if err != nil {
+		return fmt.Errorf("discovery initialization failed (%v)", err)
+	}
+
+	daemon.discoveryWatcher = discoveryWatcher
+	return nil
+}
+
+// Reload reads configuration changes and modifies the
+// daemon according to those changes.
+// This are the settings that Reload changes:
+// - Daemon labels.
+// - Cluster discovery (reconfigure and restart).
+func (daemon *Daemon) Reload(config *Config) error {
+	daemon.configStore.reloadLock.Lock()
+	defer daemon.configStore.reloadLock.Unlock()
+	if config.IsValueSet("labels") {
+		daemon.configStore.Labels = config.Labels
+	}
+	if config.IsValueSet("debug") {
+		daemon.configStore.Debug = config.Debug
+	}
+	return daemon.reloadClusterDiscovery(config)
+}
+
+func (daemon *Daemon) reloadClusterDiscovery(config *Config) error {
+	var err error
+	newAdvertise := daemon.configStore.ClusterAdvertise
+	newClusterStore := daemon.configStore.ClusterStore
+	if config.IsValueSet("cluster-advertise") {
+		if config.IsValueSet("cluster-store") {
+			newClusterStore = config.ClusterStore
+		}
+		newAdvertise, err = parseClusterAdvertiseSettings(newClusterStore, config.ClusterAdvertise)
+		if err != nil && err != errDiscoveryDisabled {
+			return err
+		}
+	}
+
+	// check discovery modifications
+	if !modifiedDiscoverySettings(daemon.configStore, newAdvertise, newClusterStore, config.ClusterOpts) {
+		return nil
+	}
+
+	// enable discovery for the first time if it was not previously enabled
+	if daemon.discoveryWatcher == nil {
+		discoveryWatcher, err := initDiscovery(newClusterStore, newAdvertise, config.ClusterOpts)
+		if err != nil {
+			return fmt.Errorf("discovery initialization failed (%v)", err)
+		}
+		daemon.discoveryWatcher = discoveryWatcher
+	} else {
+		if err == errDiscoveryDisabled {
+			// disable discovery if it was previously enabled and it's disabled now
+			daemon.discoveryWatcher.Stop()
+		} else {
+			// reload discovery
+			if err = daemon.discoveryWatcher.Reload(config.ClusterStore, newAdvertise, config.ClusterOpts); err != nil {
+				return err
+			}
+		}
+	}
+
+	daemon.configStore.ClusterStore = newClusterStore
+	daemon.configStore.ClusterOpts = config.ClusterOpts
+	daemon.configStore.ClusterAdvertise = newAdvertise
+
+	if daemon.netController == nil {
+		return nil
+	}
+	netOptions, err := daemon.networkOptions(daemon.configStore)
+	if err != nil {
+		logrus.Warnf("Failed to reload configuration with network controller: %v", err)
+		return nil
+	}
+	err = daemon.netController.ReloadConfiguration(netOptions...)
+	if err != nil {
+		logrus.Warnf("Failed to reload configuration with network controller: %v", err)
+	}
+
+	return nil
+}
+
+func validateID(id string) error {
+	if id == "" {
+		return fmt.Errorf("Invalid empty id")
+	}
+	return nil
+}
+
+func isBridgeNetworkDisabled(config *Config) bool {
+	return config.bridgeConfig.Iface == disableNetworkBridge
+}
+
+func (daemon *Daemon) networkOptions(dconfig *Config) ([]nwconfig.Option, error) {
+	options := []nwconfig.Option{}
+	if dconfig == nil {
+		return options, nil
+	}
+
+	options = append(options, nwconfig.OptionDataDir(dconfig.Root))
+
+	dd := runconfig.DefaultDaemonNetworkMode()
+	dn := runconfig.DefaultDaemonNetworkMode().NetworkName()
+	options = append(options, nwconfig.OptionDefaultDriver(string(dd)))
+	options = append(options, nwconfig.OptionDefaultNetwork(dn))
+
+	if strings.TrimSpace(dconfig.ClusterStore) != "" {
+		kv := strings.Split(dconfig.ClusterStore, "://")
+		if len(kv) != 2 {
+			return nil, fmt.Errorf("kv store daemon config must be of the form KV-PROVIDER://KV-URL")
+		}
+		options = append(options, nwconfig.OptionKVProvider(kv[0]))
+		options = append(options, nwconfig.OptionKVProviderURL(kv[1]))
+	}
+	if len(dconfig.ClusterOpts) > 0 {
+		options = append(options, nwconfig.OptionKVOpts(dconfig.ClusterOpts))
+	}
+
+	if daemon.discoveryWatcher != nil {
+		options = append(options, nwconfig.OptionDiscoveryWatcher(daemon.discoveryWatcher))
+	}
+
+	if dconfig.ClusterAdvertise != "" {
+		options = append(options, nwconfig.OptionDiscoveryAddress(dconfig.ClusterAdvertise))
+	}
+
+	options = append(options, nwconfig.OptionLabels(dconfig.Labels))
+	options = append(options, driverOptions(dconfig)...)
+	return options, nil
+}
+
+func copyBlkioEntry(entries []*containerd.BlkioStatsEntry) []types.BlkioStatEntry {
+	out := make([]types.BlkioStatEntry, len(entries))
+	for i, re := range entries {
+		out[i] = types.BlkioStatEntry{
+			Major: re.Major,
+			Minor: re.Minor,
+			Op:    re.Op,
+			Value: re.Value,
+		}
+	}
+	return out
+}
diff --git a/daemon/daemon_experimental.go b/daemon/daemon_experimental.go
new file mode 100644
index 00000000..3fd0e765
--- /dev/null
+++ b/daemon/daemon_experimental.go
@@ -0,0 +1,9 @@
+// +build experimental
+
+package daemon
+
+import "github.com/docker/engine-api/types/container"
+
+func (daemon *Daemon) verifyExperimentalContainerSettings(hostConfig *container.HostConfig, config *container.Config) ([]string, error) {
+	return nil, nil
+}
diff --git a/daemon/daemon_linux.go b/daemon/daemon_linux.go
new file mode 100644
index 00000000..9bdf6e2b
--- /dev/null
+++ b/daemon/daemon_linux.go
@@ -0,0 +1,80 @@
+package daemon
+
+import (
+	"bufio"
+	"fmt"
+	"io"
+	"os"
+	"regexp"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/pkg/mount"
+)
+
+func (daemon *Daemon) cleanupMountsByID(id string) error {
+	logrus.Debugf("Cleaning up old mountid %s: start.", id)
+	f, err := os.Open("/proc/self/mountinfo")
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	return daemon.cleanupMountsFromReaderByID(f, id, mount.Unmount)
+}
+
+func (daemon *Daemon) cleanupMountsFromReaderByID(reader io.Reader, id string, unmount func(target string) error) error {
+	if daemon.root == "" {
+		return nil
+	}
+	var errors []string
+
+	regexps := getCleanPatterns(id)
+	sc := bufio.NewScanner(reader)
+	for sc.Scan() {
+		if fields := strings.Fields(sc.Text()); len(fields) >= 4 {
+			if mnt := fields[4]; strings.HasPrefix(mnt, daemon.root) {
+				for _, p := range regexps {
+					if p.MatchString(mnt) {
+						if err := unmount(mnt); err != nil {
+							logrus.Error(err)
+							errors = append(errors, err.Error())
+						}
+					}
+				}
+			}
+		}
+	}
+
+	if err := sc.Err(); err != nil {
+		return err
+	}
+
+	if len(errors) > 0 {
+		return fmt.Errorf("Error cleaning up mounts:\n%v", strings.Join(errors, "\n"))
+	}
+
+	logrus.Debugf("Cleaning up old mountid %v: done.", id)
+	return nil
+}
+
+// cleanupMounts umounts shm/mqueue mounts for old containers
+func (daemon *Daemon) cleanupMounts() error {
+	return daemon.cleanupMountsByID("")
+}
+
+func getCleanPatterns(id string) (regexps []*regexp.Regexp) {
+	var patterns []string
+	if id == "" {
+		id = "[0-9a-f]{64}"
+		patterns = append(patterns, "containers/"+id+"/shm")
+	}
+	patterns = append(patterns, "aufs/mnt/"+id+"$", "overlay/"+id+"/merged$", "zfs/graph/"+id+"$")
+	for _, p := range patterns {
+		r, err := regexp.Compile(p)
+		if err == nil {
+			regexps = append(regexps, r)
+		}
+	}
+	return
+}
diff --git a/daemon/daemon_linux_test.go b/daemon/daemon_linux_test.go
new file mode 100644
index 00000000..c40b13ba
--- /dev/null
+++ b/daemon/daemon_linux_test.go
@@ -0,0 +1,104 @@
+// +build linux
+
+package daemon
+
+import (
+	"strings"
+	"testing"
+)
+
+const mountsFixture = `142 78 0:38 / / rw,relatime - aufs none rw,si=573b861da0b3a05b,dio
+143 142 0:60 / /proc rw,nosuid,nodev,noexec,relatime - proc proc rw
+144 142 0:67 / /dev rw,nosuid - tmpfs tmpfs rw,mode=755
+145 144 0:78 / /dev/pts rw,nosuid,noexec,relatime - devpts devpts rw,gid=5,mode=620,ptmxmode=666
+146 144 0:49 / /dev/mqueue rw,nosuid,nodev,noexec,relatime - mqueue mqueue rw
+147 142 0:84 / /sys rw,nosuid,nodev,noexec,relatime - sysfs sysfs rw
+148 147 0:86 / /sys/fs/cgroup rw,nosuid,nodev,noexec,relatime - tmpfs tmpfs rw,mode=755
+149 148 0:22 /docker/5425782a95e643181d8a485a2bab3c0bb21f51d7dfc03511f0e6fbf3f3aa356a /sys/fs/cgroup/cpuset rw,nosuid,nodev,noexec,relatime - cgroup cgroup rw,cpuset
+150 148 0:25 /docker/5425782a95e643181d8a485a2bab3c0bb21f51d7dfc03511f0e6fbf3f3aa356a /sys/fs/cgroup/cpu rw,nosuid,nodev,noexec,relatime - cgroup cgroup rw,cpu
+151 148 0:27 /docker/5425782a95e643181d8a485a2bab3c0bb21f51d7dfc03511f0e6fbf3f3aa356a /sys/fs/cgroup/cpuacct rw,nosuid,nodev,noexec,relatime - cgroup cgroup rw,cpuacct
+152 148 0:28 /docker/5425782a95e643181d8a485a2bab3c0bb21f51d7dfc03511f0e6fbf3f3aa356a /sys/fs/cgroup/memory rw,nosuid,nodev,noexec,relatime - cgroup cgroup rw,memory
+153 148 0:29 /docker/5425782a95e643181d8a485a2bab3c0bb21f51d7dfc03511f0e6fbf3f3aa356a /sys/fs/cgroup/devices rw,nosuid,nodev,noexec,relatime - cgroup cgroup rw,devices
+154 148 0:30 /docker/5425782a95e643181d8a485a2bab3c0bb21f51d7dfc03511f0e6fbf3f3aa356a /sys/fs/cgroup/freezer rw,nosuid,nodev,noexec,relatime - cgroup cgroup rw,freezer
+155 148 0:31 /docker/5425782a95e643181d8a485a2bab3c0bb21f51d7dfc03511f0e6fbf3f3aa356a /sys/fs/cgroup/blkio rw,nosuid,nodev,noexec,relatime - cgroup cgroup rw,blkio
+156 148 0:32 /docker/5425782a95e643181d8a485a2bab3c0bb21f51d7dfc03511f0e6fbf3f3aa356a /sys/fs/cgroup/perf_event rw,nosuid,nodev,noexec,relatime - cgroup cgroup rw,perf_event
+157 148 0:33 /docker/5425782a95e643181d8a485a2bab3c0bb21f51d7dfc03511f0e6fbf3f3aa356a /sys/fs/cgroup/hugetlb rw,nosuid,nodev,noexec,relatime - cgroup cgroup rw,hugetlb
+158 148 0:35 /docker/5425782a95e643181d8a485a2bab3c0bb21f51d7dfc03511f0e6fbf3f3aa356a /sys/fs/cgroup/systemd rw,nosuid,nodev,noexec,relatime - cgroup systemd rw,name=systemd
+159 142 8:4 /home/mlaventure/gopath /home/mlaventure/gopath rw,relatime - ext4 /dev/disk/by-uuid/d99e196c-1fc4-4b4f-bab9-9962b2b34e99 rw,errors=remount-ro,data=ordered
+160 142 8:4 /var/lib/docker/volumes/9a428b651ee4c538130143cad8d87f603a4bf31b928afe7ff3ecd65480692b35/_data /var/lib/docker rw,relatime - ext4 /dev/disk/by-uuid/d99e196c-1fc4-4b4f-bab9-9962b2b34e99 rw,errors=remount-ro,data=ordered
+164 142 8:4 /home/mlaventure/gopath/src/github.com/docker/docker /go/src/github.com/docker/docker rw,relatime - ext4 /dev/disk/by-uuid/d99e196c-1fc4-4b4f-bab9-9962b2b34e99 rw,errors=remount-ro,data=ordered
+165 142 8:4 /var/lib/docker/containers/5425782a95e643181d8a485a2bab3c0bb21f51d7dfc03511f0e6fbf3f3aa356a/resolv.conf /etc/resolv.conf rw,relatime - ext4 /dev/disk/by-uuid/d99e196c-1fc4-4b4f-bab9-9962b2b34e99 rw,errors=remount-ro,data=ordered
+166 142 8:4 /var/lib/docker/containers/5425782a95e643181d8a485a2bab3c0bb21f51d7dfc03511f0e6fbf3f3aa356a/hostname /etc/hostname rw,relatime - ext4 /dev/disk/by-uuid/d99e196c-1fc4-4b4f-bab9-9962b2b34e99 rw,errors=remount-ro,data=ordered
+167 142 8:4 /var/lib/docker/containers/5425782a95e643181d8a485a2bab3c0bb21f51d7dfc03511f0e6fbf3f3aa356a/hosts /etc/hosts rw,relatime - ext4 /dev/disk/by-uuid/d99e196c-1fc4-4b4f-bab9-9962b2b34e99 rw,errors=remount-ro,data=ordered
+168 144 0:39 / /dev/shm rw,nosuid,nodev,noexec,relatime - tmpfs shm rw,size=65536k
+169 144 0:12 /14 /dev/console rw,nosuid,noexec,relatime - devpts devpts rw,gid=5,mode=620,ptmxmode=000
+83 147 0:10 / /sys/kernel/security rw,relatime - securityfs none rw
+89 142 0:87 / /tmp rw,relatime - tmpfs none rw
+97 142 0:60 / /run/docker/netns/default rw,nosuid,nodev,noexec,relatime - proc proc rw
+100 160 8:4 /var/lib/docker/volumes/9a428b651ee4c538130143cad8d87f603a4bf31b928afe7ff3ecd65480692b35/_data/aufs /var/lib/docker/aufs rw,relatime - ext4 /dev/disk/by-uuid/d99e196c-1fc4-4b4f-bab9-9962b2b34e99 rw,errors=remount-ro,data=ordered
+115 100 0:102 / /var/lib/docker/aufs/mnt/0ecda1c63e5b58b3d89ff380bf646c95cc980252cf0b52466d43619aec7c8432 rw,relatime - aufs none rw,si=573b861dbc01905b,dio
+116 160 0:107 / /var/lib/docker/containers/d045dc441d2e2e1d5b3e328d47e5943811a40819fb47497c5f5a5df2d6d13c37/shm rw,nosuid,nodev,noexec,relatime - tmpfs shm rw,size=65536k
+118 142 0:102 / /run/docker/libcontainerd/d045dc441d2e2e1d5b3e328d47e5943811a40819fb47497c5f5a5df2d6d13c37/rootfs rw,relatime - aufs none rw,si=573b861dbc01905b,dio
+242 142 0:60 / /run/docker/netns/c3664df2a0f7 rw,nosuid,nodev,noexec,relatime - proc proc rw
+120 100 0:122 / /var/lib/docker/aufs/mnt/03ca4b49e71f1e49a41108829f4d5c70ac95934526e2af8984a1f65f1de0715d rw,relatime - aufs none rw,si=573b861eb147805b,dio
+171 142 0:122 / /run/docker/libcontainerd/e406ff6f3e18516d50e03dbca4de54767a69a403a6f7ec1edc2762812824521e/rootfs rw,relatime - aufs none rw,si=573b861eb147805b,dio
+310 142 0:60 / /run/docker/netns/71a18572176b rw,nosuid,nodev,noexec,relatime - proc proc rw
+`
+
+func TestCleanupMounts(t *testing.T) {
+	d := &Daemon{
+		root: "/var/lib/docker/",
+	}
+
+	expected := "/var/lib/docker/containers/d045dc441d2e2e1d5b3e328d47e5943811a40819fb47497c5f5a5df2d6d13c37/shm"
+	var unmounted int
+	unmount := func(target string) error {
+		if target == expected {
+			unmounted++
+		}
+		return nil
+	}
+
+	d.cleanupMountsFromReaderByID(strings.NewReader(mountsFixture), "", unmount)
+
+	if unmounted != 1 {
+		t.Fatalf("Expected to unmount the shm (and the shm only)")
+	}
+}
+
+func TestCleanupMountsByID(t *testing.T) {
+	d := &Daemon{
+		root: "/var/lib/docker/",
+	}
+
+	expected := "/var/lib/docker/aufs/mnt/03ca4b49e71f1e49a41108829f4d5c70ac95934526e2af8984a1f65f1de0715d"
+	var unmounted int
+	unmount := func(target string) error {
+		if target == expected {
+			unmounted++
+		}
+		return nil
+	}
+
+	d.cleanupMountsFromReaderByID(strings.NewReader(mountsFixture), "03ca4b49e71f1e49a41108829f4d5c70ac95934526e2af8984a1f65f1de0715d", unmount)
+
+	if unmounted != 1 {
+		t.Fatalf("Expected to unmount the auf root (and that only)")
+	}
+}
+
+func TestNotCleanupMounts(t *testing.T) {
+	d := &Daemon{
+		repository: "",
+	}
+	var unmounted bool
+	unmount := func(target string) error {
+		unmounted = true
+		return nil
+	}
+	mountInfo := `234 232 0:59 / /dev/shm rw,nosuid,nodev,noexec,relatime - tmpfs shm rw,size=65536k`
+	d.cleanupMountsFromReaderByID(strings.NewReader(mountInfo), "", unmount)
+	if unmounted {
+		t.Fatalf("Expected not to clean up /dev/shm")
+	}
+}
diff --git a/daemon/daemon_stub.go b/daemon/daemon_stub.go
new file mode 100644
index 00000000..40e8ddc8
--- /dev/null
+++ b/daemon/daemon_stub.go
@@ -0,0 +1,9 @@
+// +build !experimental
+
+package daemon
+
+import "github.com/docker/engine-api/types/container"
+
+func (daemon *Daemon) verifyExperimentalContainerSettings(hostConfig *container.HostConfig, config *container.Config) ([]string, error) {
+	return nil, nil
+}
diff --git a/daemon/daemon_test.go b/daemon/daemon_test.go
new file mode 100644
index 00000000..609ed952
--- /dev/null
+++ b/daemon/daemon_test.go
@@ -0,0 +1,532 @@
+package daemon
+
+import (
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"reflect"
+	"testing"
+	"time"
+
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/pkg/discovery"
+	_ "github.com/docker/docker/pkg/discovery/memory"
+	"github.com/docker/docker/pkg/registrar"
+	"github.com/docker/docker/pkg/truncindex"
+	"github.com/docker/docker/volume"
+	volumedrivers "github.com/docker/docker/volume/drivers"
+	"github.com/docker/docker/volume/local"
+	"github.com/docker/docker/volume/store"
+	containertypes "github.com/docker/engine-api/types/container"
+	"github.com/docker/go-connections/nat"
+)
+
+//
+// https://github.com/docker/docker/issues/8069
+//
+
+func TestGetContainer(t *testing.T) {
+	c1 := &container.Container{
+		CommonContainer: container.CommonContainer{
+			ID:   "5a4ff6a163ad4533d22d69a2b8960bf7fafdcba06e72d2febdba229008b0bf57",
+			Name: "tender_bardeen",
+		},
+	}
+
+	c2 := &container.Container{
+		CommonContainer: container.CommonContainer{
+			ID:   "3cdbd1aa394fd68559fd1441d6eff2ab7c1e6363582c82febfaa8045df3bd8de",
+			Name: "drunk_hawking",
+		},
+	}
+
+	c3 := &container.Container{
+		CommonContainer: container.CommonContainer{
+			ID:   "3cdbd1aa394fd68559fd1441d6eff2abfafdcba06e72d2febdba229008b0bf57",
+			Name: "3cdbd1aa",
+		},
+	}
+
+	c4 := &container.Container{
+		CommonContainer: container.CommonContainer{
+			ID:   "75fb0b800922abdbef2d27e60abcdfaf7fb0698b2a96d22d3354da361a6ff4a5",
+			Name: "5a4ff6a163ad4533d22d69a2b8960bf7fafdcba06e72d2febdba229008b0bf57",
+		},
+	}
+
+	c5 := &container.Container{
+		CommonContainer: container.CommonContainer{
+			ID:   "d22d69a2b8960bf7fafdcba06e72d2febdba960bf7fafdcba06e72d2f9008b060b",
+			Name: "d22d69a2b896",
+		},
+	}
+
+	store := container.NewMemoryStore()
+	store.Add(c1.ID, c1)
+	store.Add(c2.ID, c2)
+	store.Add(c3.ID, c3)
+	store.Add(c4.ID, c4)
+	store.Add(c5.ID, c5)
+
+	index := truncindex.NewTruncIndex([]string{})
+	index.Add(c1.ID)
+	index.Add(c2.ID)
+	index.Add(c3.ID)
+	index.Add(c4.ID)
+	index.Add(c5.ID)
+
+	daemon := &Daemon{
+		containers: store,
+		idIndex:    index,
+		nameIndex:  registrar.NewRegistrar(),
+	}
+
+	daemon.reserveName(c1.ID, c1.Name)
+	daemon.reserveName(c2.ID, c2.Name)
+	daemon.reserveName(c3.ID, c3.Name)
+	daemon.reserveName(c4.ID, c4.Name)
+	daemon.reserveName(c5.ID, c5.Name)
+
+	if container, _ := daemon.GetContainer("3cdbd1aa394fd68559fd1441d6eff2ab7c1e6363582c82febfaa8045df3bd8de"); container != c2 {
+		t.Fatal("Should explicitly match full container IDs")
+	}
+
+	if container, _ := daemon.GetContainer("75fb0b8009"); container != c4 {
+		t.Fatal("Should match a partial ID")
+	}
+
+	if container, _ := daemon.GetContainer("drunk_hawking"); container != c2 {
+		t.Fatal("Should match a full name")
+	}
+
+	// c3.Name is a partial match for both c3.ID and c2.ID
+	if c, _ := daemon.GetContainer("3cdbd1aa"); c != c3 {
+		t.Fatal("Should match a full name even though it collides with another container's ID")
+	}
+
+	if container, _ := daemon.GetContainer("d22d69a2b896"); container != c5 {
+		t.Fatal("Should match a container where the provided prefix is an exact match to the it's name, and is also a prefix for it's ID")
+	}
+
+	if _, err := daemon.GetContainer("3cdbd1"); err == nil {
+		t.Fatal("Should return an error when provided a prefix that partially matches multiple container ID's")
+	}
+
+	if _, err := daemon.GetContainer("nothing"); err == nil {
+		t.Fatal("Should return an error when provided a prefix that is neither a name or a partial match to an ID")
+	}
+}
+
+func initDaemonWithVolumeStore(tmp string) (*Daemon, error) {
+	var err error
+	daemon := &Daemon{
+		repository: tmp,
+		root:       tmp,
+	}
+	daemon.volumes, err = store.New(tmp)
+	if err != nil {
+		return nil, err
+	}
+
+	volumesDriver, err := local.New(tmp, 0, 0)
+	if err != nil {
+		return nil, err
+	}
+	volumedrivers.Register(volumesDriver, volumesDriver.Name())
+
+	return daemon, nil
+}
+
+func TestValidContainerNames(t *testing.T) {
+	invalidNames := []string{"-rm", "&sdfsfd", "safd%sd"}
+	validNames := []string{"word-word", "word_word", "1weoid"}
+
+	for _, name := range invalidNames {
+		if validContainerNamePattern.MatchString(name) {
+			t.Fatalf("%q is not a valid container name and was returned as valid.", name)
+		}
+	}
+
+	for _, name := range validNames {
+		if !validContainerNamePattern.MatchString(name) {
+			t.Fatalf("%q is a valid container name and was returned as invalid.", name)
+		}
+	}
+}
+
+func TestContainerInitDNS(t *testing.T) {
+	tmp, err := ioutil.TempDir("", "docker-container-test-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmp)
+
+	containerID := "d59df5276e7b219d510fe70565e0404bc06350e0d4b43fe961f22f339980170e"
+	containerPath := filepath.Join(tmp, containerID)
+	if err := os.MkdirAll(containerPath, 0755); err != nil {
+		t.Fatal(err)
+	}
+
+	config := `{"State":{"Running":true,"Paused":false,"Restarting":false,"OOMKilled":false,"Dead":false,"Pid":2464,"ExitCode":0,
+"Error":"","StartedAt":"2015-05-26T16:48:53.869308965Z","FinishedAt":"0001-01-01T00:00:00Z"},
+"ID":"d59df5276e7b219d510fe70565e0404bc06350e0d4b43fe961f22f339980170e","Created":"2015-05-26T16:48:53.7987917Z","Path":"top",
+"Args":[],"Config":{"Hostname":"d59df5276e7b","Domainname":"","User":"","Memory":0,"MemorySwap":0,"CpuShares":0,"Cpuset":"",
+"AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"PortSpecs":null,"ExposedPorts":null,"Tty":true,"OpenStdin":true,
+"StdinOnce":false,"Env":null,"Cmd":["top"],"Image":"ubuntu:latest","Volumes":null,"WorkingDir":"","Entrypoint":null,
+"NetworkDisabled":false,"MacAddress":"","OnBuild":null,"Labels":{}},"Image":"07f8e8c5e66084bef8f848877857537ffe1c47edd01a93af27e7161672ad0e95",
+"NetworkSettings":{"IPAddress":"172.17.0.1","IPPrefixLen":16,"MacAddress":"02:42:ac:11:00:01","LinkLocalIPv6Address":"fe80::42:acff:fe11:1",
+"LinkLocalIPv6PrefixLen":64,"GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"Gateway":"172.17.42.1","IPv6Gateway":"","Bridge":"docker0","Ports":{}},
+"ResolvConfPath":"/var/lib/docker/containers/d59df5276e7b219d510fe70565e0404bc06350e0d4b43fe961f22f339980170e/resolv.conf",
+"HostnamePath":"/var/lib/docker/containers/d59df5276e7b219d510fe70565e0404bc06350e0d4b43fe961f22f339980170e/hostname",
+"HostsPath":"/var/lib/docker/containers/d59df5276e7b219d510fe70565e0404bc06350e0d4b43fe961f22f339980170e/hosts",
+"LogPath":"/var/lib/docker/containers/d59df5276e7b219d510fe70565e0404bc06350e0d4b43fe961f22f339980170e/d59df5276e7b219d510fe70565e0404bc06350e0d4b43fe961f22f339980170e-json.log",
+"Name":"/ubuntu","Driver":"aufs","MountLabel":"","ProcessLabel":"","AppArmorProfile":"","RestartCount":0,
+"UpdateDns":false,"Volumes":{},"VolumesRW":{},"AppliedVolumesFrom":null}`
+
+	// Container struct only used to retrieve path to config file
+	container := &container.Container{CommonContainer: container.CommonContainer{Root: containerPath}}
+	configPath, err := container.ConfigPath()
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err = ioutil.WriteFile(configPath, []byte(config), 0644); err != nil {
+		t.Fatal(err)
+	}
+
+	hostConfig := `{"Binds":[],"ContainerIDFile":"","Memory":0,"MemorySwap":0,"CpuShares":0,"CpusetCpus":"",
+"Privileged":false,"PortBindings":{},"Links":null,"PublishAllPorts":false,"Dns":null,"DnsOptions":null,"DnsSearch":null,"ExtraHosts":null,"VolumesFrom":null,
+"Devices":[],"NetworkMode":"bridge","IpcMode":"","PidMode":"","CapAdd":null,"CapDrop":null,"RestartPolicy":{"Name":"no","MaximumRetryCount":0},
+"SecurityOpt":null,"ReadonlyRootfs":false,"Ulimits":null,"LogConfig":{"Type":"","Config":null},"CgroupParent":""}`
+
+	hostConfigPath, err := container.HostConfigPath()
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err = ioutil.WriteFile(hostConfigPath, []byte(hostConfig), 0644); err != nil {
+		t.Fatal(err)
+	}
+
+	daemon, err := initDaemonWithVolumeStore(tmp)
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer volumedrivers.Unregister(volume.DefaultDriverName)
+
+	c, err := daemon.load(containerID)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if c.HostConfig.DNS == nil {
+		t.Fatal("Expected container DNS to not be nil")
+	}
+
+	if c.HostConfig.DNSSearch == nil {
+		t.Fatal("Expected container DNSSearch to not be nil")
+	}
+
+	if c.HostConfig.DNSOptions == nil {
+		t.Fatal("Expected container DNSOptions to not be nil")
+	}
+}
+
+func newPortNoError(proto, port string) nat.Port {
+	p, _ := nat.NewPort(proto, port)
+	return p
+}
+
+func TestMerge(t *testing.T) {
+	volumesImage := make(map[string]struct{})
+	volumesImage["/test1"] = struct{}{}
+	volumesImage["/test2"] = struct{}{}
+	portsImage := make(nat.PortSet)
+	portsImage[newPortNoError("tcp", "1111")] = struct{}{}
+	portsImage[newPortNoError("tcp", "2222")] = struct{}{}
+	configImage := &containertypes.Config{
+		ExposedPorts: portsImage,
+		Env:          []string{"VAR1=1", "VAR2=2"},
+		Volumes:      volumesImage,
+	}
+
+	portsUser := make(nat.PortSet)
+	portsUser[newPortNoError("tcp", "2222")] = struct{}{}
+	portsUser[newPortNoError("tcp", "3333")] = struct{}{}
+	volumesUser := make(map[string]struct{})
+	volumesUser["/test3"] = struct{}{}
+	configUser := &containertypes.Config{
+		ExposedPorts: portsUser,
+		Env:          []string{"VAR2=3", "VAR3=3"},
+		Volumes:      volumesUser,
+	}
+
+	if err := merge(configUser, configImage); err != nil {
+		t.Error(err)
+	}
+
+	if len(configUser.ExposedPorts) != 3 {
+		t.Fatalf("Expected 3 ExposedPorts, 1111, 2222 and 3333, found %d", len(configUser.ExposedPorts))
+	}
+	for portSpecs := range configUser.ExposedPorts {
+		if portSpecs.Port() != "1111" && portSpecs.Port() != "2222" && portSpecs.Port() != "3333" {
+			t.Fatalf("Expected 1111 or 2222 or 3333, found %s", portSpecs)
+		}
+	}
+	if len(configUser.Env) != 3 {
+		t.Fatalf("Expected 3 env var, VAR1=1, VAR2=3 and VAR3=3, found %d", len(configUser.Env))
+	}
+	for _, env := range configUser.Env {
+		if env != "VAR1=1" && env != "VAR2=3" && env != "VAR3=3" {
+			t.Fatalf("Expected VAR1=1 or VAR2=3 or VAR3=3, found %s", env)
+		}
+	}
+
+	if len(configUser.Volumes) != 3 {
+		t.Fatalf("Expected 3 volumes, /test1, /test2 and /test3, found %d", len(configUser.Volumes))
+	}
+	for v := range configUser.Volumes {
+		if v != "/test1" && v != "/test2" && v != "/test3" {
+			t.Fatalf("Expected /test1 or /test2 or /test3, found %s", v)
+		}
+	}
+
+	ports, _, err := nat.ParsePortSpecs([]string{"0000"})
+	if err != nil {
+		t.Error(err)
+	}
+	configImage2 := &containertypes.Config{
+		ExposedPorts: ports,
+	}
+
+	if err := merge(configUser, configImage2); err != nil {
+		t.Error(err)
+	}
+
+	if len(configUser.ExposedPorts) != 4 {
+		t.Fatalf("Expected 4 ExposedPorts, 0000, 1111, 2222 and 3333, found %d", len(configUser.ExposedPorts))
+	}
+	for portSpecs := range configUser.ExposedPorts {
+		if portSpecs.Port() != "0" && portSpecs.Port() != "1111" && portSpecs.Port() != "2222" && portSpecs.Port() != "3333" {
+			t.Fatalf("Expected %q or %q or %q or %q, found %s", 0, 1111, 2222, 3333, portSpecs)
+		}
+	}
+}
+
+func TestDaemonReloadLabels(t *testing.T) {
+	daemon := &Daemon{}
+	daemon.configStore = &Config{
+		CommonConfig: CommonConfig{
+			Labels: []string{"foo:bar"},
+		},
+	}
+
+	valuesSets := make(map[string]interface{})
+	valuesSets["labels"] = "foo:baz"
+	newConfig := &Config{
+		CommonConfig: CommonConfig{
+			Labels:    []string{"foo:baz"},
+			valuesSet: valuesSets,
+		},
+	}
+
+	daemon.Reload(newConfig)
+	label := daemon.configStore.Labels[0]
+	if label != "foo:baz" {
+		t.Fatalf("Expected daemon label `foo:baz`, got %s", label)
+	}
+}
+
+func TestDaemonReloadNotAffectOthers(t *testing.T) {
+	daemon := &Daemon{}
+	daemon.configStore = &Config{
+		CommonConfig: CommonConfig{
+			Labels: []string{"foo:bar"},
+			Debug:  true,
+		},
+	}
+
+	valuesSets := make(map[string]interface{})
+	valuesSets["labels"] = "foo:baz"
+	newConfig := &Config{
+		CommonConfig: CommonConfig{
+			Labels:    []string{"foo:baz"},
+			valuesSet: valuesSets,
+		},
+	}
+
+	daemon.Reload(newConfig)
+	label := daemon.configStore.Labels[0]
+	if label != "foo:baz" {
+		t.Fatalf("Expected daemon label `foo:baz`, got %s", label)
+	}
+	debug := daemon.configStore.Debug
+	if !debug {
+		t.Fatalf("Expected debug 'enabled', got 'disabled'")
+	}
+}
+
+func TestDaemonDiscoveryReload(t *testing.T) {
+	daemon := &Daemon{}
+	daemon.configStore = &Config{
+		CommonConfig: CommonConfig{
+			ClusterStore:     "memory://127.0.0.1",
+			ClusterAdvertise: "127.0.0.1:3333",
+		},
+	}
+
+	if err := daemon.initDiscovery(daemon.configStore); err != nil {
+		t.Fatal(err)
+	}
+
+	expected := discovery.Entries{
+		&discovery.Entry{Host: "127.0.0.1", Port: "3333"},
+	}
+
+	select {
+	case <-time.After(10 * time.Second):
+		t.Fatal("timeout waiting for discovery")
+	case <-daemon.discoveryWatcher.ReadyCh():
+	}
+
+	stopCh := make(chan struct{})
+	defer close(stopCh)
+	ch, errCh := daemon.discoveryWatcher.Watch(stopCh)
+
+	select {
+	case <-time.After(1 * time.Second):
+		t.Fatal("failed to get discovery advertisements in time")
+	case e := <-ch:
+		if !reflect.DeepEqual(e, expected) {
+			t.Fatalf("expected %v, got %v\n", expected, e)
+		}
+	case e := <-errCh:
+		t.Fatal(e)
+	}
+
+	valuesSets := make(map[string]interface{})
+	valuesSets["cluster-store"] = "memory://127.0.0.1:2222"
+	valuesSets["cluster-advertise"] = "127.0.0.1:5555"
+	newConfig := &Config{
+		CommonConfig: CommonConfig{
+			ClusterStore:     "memory://127.0.0.1:2222",
+			ClusterAdvertise: "127.0.0.1:5555",
+			valuesSet:        valuesSets,
+		},
+	}
+
+	expected = discovery.Entries{
+		&discovery.Entry{Host: "127.0.0.1", Port: "5555"},
+	}
+
+	if err := daemon.Reload(newConfig); err != nil {
+		t.Fatal(err)
+	}
+
+	select {
+	case <-time.After(10 * time.Second):
+		t.Fatal("timeout waiting for discovery")
+	case <-daemon.discoveryWatcher.ReadyCh():
+	}
+
+	ch, errCh = daemon.discoveryWatcher.Watch(stopCh)
+
+	select {
+	case <-time.After(1 * time.Second):
+		t.Fatal("failed to get discovery advertisements in time")
+	case e := <-ch:
+		if !reflect.DeepEqual(e, expected) {
+			t.Fatalf("expected %v, got %v\n", expected, e)
+		}
+	case e := <-errCh:
+		t.Fatal(e)
+	}
+}
+
+func TestDaemonDiscoveryReloadFromEmptyDiscovery(t *testing.T) {
+	daemon := &Daemon{}
+	daemon.configStore = &Config{}
+
+	valuesSet := make(map[string]interface{})
+	valuesSet["cluster-store"] = "memory://127.0.0.1:2222"
+	valuesSet["cluster-advertise"] = "127.0.0.1:5555"
+	newConfig := &Config{
+		CommonConfig: CommonConfig{
+			ClusterStore:     "memory://127.0.0.1:2222",
+			ClusterAdvertise: "127.0.0.1:5555",
+			valuesSet:        valuesSet,
+		},
+	}
+
+	expected := discovery.Entries{
+		&discovery.Entry{Host: "127.0.0.1", Port: "5555"},
+	}
+
+	if err := daemon.Reload(newConfig); err != nil {
+		t.Fatal(err)
+	}
+
+	select {
+	case <-time.After(10 * time.Second):
+		t.Fatal("timeout waiting for discovery")
+	case <-daemon.discoveryWatcher.ReadyCh():
+	}
+
+	stopCh := make(chan struct{})
+	defer close(stopCh)
+	ch, errCh := daemon.discoveryWatcher.Watch(stopCh)
+
+	select {
+	case <-time.After(1 * time.Second):
+		t.Fatal("failed to get discovery advertisements in time")
+	case e := <-ch:
+		if !reflect.DeepEqual(e, expected) {
+			t.Fatalf("expected %v, got %v\n", expected, e)
+		}
+	case e := <-errCh:
+		t.Fatal(e)
+	}
+}
+
+func TestDaemonDiscoveryReloadOnlyClusterAdvertise(t *testing.T) {
+	daemon := &Daemon{}
+	daemon.configStore = &Config{
+		CommonConfig: CommonConfig{
+			ClusterStore: "memory://127.0.0.1",
+		},
+	}
+	valuesSets := make(map[string]interface{})
+	valuesSets["cluster-advertise"] = "127.0.0.1:5555"
+	newConfig := &Config{
+		CommonConfig: CommonConfig{
+			ClusterAdvertise: "127.0.0.1:5555",
+			valuesSet:        valuesSets,
+		},
+	}
+	expected := discovery.Entries{
+		&discovery.Entry{Host: "127.0.0.1", Port: "5555"},
+	}
+
+	if err := daemon.Reload(newConfig); err != nil {
+		t.Fatal(err)
+	}
+
+	select {
+	case <-daemon.discoveryWatcher.ReadyCh():
+	case <-time.After(10 * time.Second):
+		t.Fatal("Timeout waiting for discovery")
+	}
+	stopCh := make(chan struct{})
+	defer close(stopCh)
+	ch, errCh := daemon.discoveryWatcher.Watch(stopCh)
+
+	select {
+	case <-time.After(1 * time.Second):
+		t.Fatal("failed to get discovery advertisements in time")
+	case e := <-ch:
+		if !reflect.DeepEqual(e, expected) {
+			t.Fatalf("expected %v, got %v\n", expected, e)
+		}
+	case e := <-errCh:
+		t.Fatal(e)
+	}
+
+}
diff --git a/daemon/daemon_unix.go b/daemon/daemon_unix.go
new file mode 100644
index 00000000..9a4ab322
--- /dev/null
+++ b/daemon/daemon_unix.go
@@ -0,0 +1,1126 @@
+// +build linux freebsd
+
+package daemon
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net"
+	"os"
+	"path/filepath"
+	"runtime"
+	"runtime/debug"
+	"strconv"
+	"strings"
+	"syscall"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/parsers"
+	"github.com/docker/docker/pkg/parsers/kernel"
+	"github.com/docker/docker/pkg/sysinfo"
+	"github.com/docker/docker/reference"
+	"github.com/docker/docker/runconfig"
+	runconfigopts "github.com/docker/docker/runconfig/opts"
+	"github.com/docker/engine-api/types"
+	pblkiodev "github.com/docker/engine-api/types/blkiodev"
+	containertypes "github.com/docker/engine-api/types/container"
+	"github.com/docker/libnetwork"
+	nwconfig "github.com/docker/libnetwork/config"
+	"github.com/docker/libnetwork/drivers/bridge"
+	"github.com/docker/libnetwork/ipamutils"
+	"github.com/docker/libnetwork/netlabel"
+	"github.com/docker/libnetwork/options"
+	lntypes "github.com/docker/libnetwork/types"
+	"github.com/opencontainers/runc/libcontainer/label"
+	"github.com/opencontainers/runc/libcontainer/user"
+	"github.com/opencontainers/specs/specs-go"
+)
+
+const (
+	// See https://git.kernel.org/cgit/linux/kernel/git/tip/tip.git/tree/kernel/sched/sched.h?id=8cd9234c64c584432f6992fe944ca9e46ca8ea76#n269
+	linuxMinCPUShares = 2
+	linuxMaxCPUShares = 262144
+	platformSupported = true
+	// It's not kernel limit, we want this 4M limit to supply a reasonable functional container
+	linuxMinMemory = 4194304
+	// constants for remapped root settings
+	defaultIDSpecifier string = "default"
+	defaultRemappedID  string = "dockremap"
+
+	// constant for cgroup drivers
+	cgroupFsDriver      = "cgroupfs"
+	cgroupSystemdDriver = "systemd"
+)
+
+func getMemoryResources(config containertypes.Resources) *specs.Memory {
+	memory := specs.Memory{}
+
+	if config.Memory > 0 {
+		limit := uint64(config.Memory)
+		memory.Limit = &limit
+	}
+
+	if config.MemoryReservation > 0 {
+		reservation := uint64(config.MemoryReservation)
+		memory.Reservation = &reservation
+	}
+
+	if config.MemorySwap != 0 {
+		swap := uint64(config.MemorySwap)
+		memory.Swap = &swap
+	}
+
+	if config.MemorySwappiness != nil {
+		swappiness := uint64(*config.MemorySwappiness)
+		memory.Swappiness = &swappiness
+	}
+
+	if config.KernelMemory != 0 {
+		kernelMemory := uint64(config.KernelMemory)
+		memory.Kernel = &kernelMemory
+	}
+
+	return &memory
+}
+
+func getCPUResources(config containertypes.Resources) *specs.CPU {
+	cpu := specs.CPU{}
+
+	if config.CPUShares != 0 {
+		shares := uint64(config.CPUShares)
+		cpu.Shares = &shares
+	}
+
+	if config.CpusetCpus != "" {
+		cpuset := config.CpusetCpus
+		cpu.Cpus = &cpuset
+	}
+
+	if config.CpusetMems != "" {
+		cpuset := config.CpusetMems
+		cpu.Mems = &cpuset
+	}
+
+	if config.CPUPeriod != 0 {
+		period := uint64(config.CPUPeriod)
+		cpu.Period = &period
+	}
+
+	if config.CPUQuota != 0 {
+		quota := uint64(config.CPUQuota)
+		cpu.Quota = &quota
+	}
+
+	return &cpu
+}
+
+func getBlkioWeightDevices(config containertypes.Resources) ([]specs.WeightDevice, error) {
+	var stat syscall.Stat_t
+	var blkioWeightDevices []specs.WeightDevice
+
+	for _, weightDevice := range config.BlkioWeightDevice {
+		if err := syscall.Stat(weightDevice.Path, &stat); err != nil {
+			return nil, err
+		}
+		weight := weightDevice.Weight
+		d := specs.WeightDevice{Weight: &weight}
+		d.Major = int64(stat.Rdev / 256)
+		d.Minor = int64(stat.Rdev % 256)
+		blkioWeightDevices = append(blkioWeightDevices, d)
+	}
+
+	return blkioWeightDevices, nil
+}
+
+func parseSecurityOpt(container *container.Container, config *containertypes.HostConfig) error {
+	var (
+		labelOpts []string
+		err       error
+	)
+
+	for _, opt := range config.SecurityOpt {
+		if opt == "no-new-privileges" {
+			container.NoNewPrivileges = true
+		} else {
+			var con []string
+			if strings.Contains(opt, "=") {
+				con = strings.SplitN(opt, "=", 2)
+			} else if strings.Contains(opt, ":") {
+				con = strings.SplitN(opt, ":", 2)
+				logrus.Warnf("Security options with `:` as a separator are deprecated and will be completely unsupported in 1.13, use `=` instead.")
+			}
+
+			if len(con) != 2 {
+				return fmt.Errorf("Invalid --security-opt 1: %q", opt)
+			}
+
+			switch con[0] {
+			case "label":
+				labelOpts = append(labelOpts, con[1])
+			case "apparmor":
+				container.AppArmorProfile = con[1]
+			case "seccomp":
+				container.SeccompProfile = con[1]
+			default:
+				return fmt.Errorf("Invalid --security-opt 2: %q", opt)
+			}
+		}
+	}
+
+	container.ProcessLabel, container.MountLabel, err = label.InitLabels(labelOpts)
+	return err
+}
+
+func getBlkioReadIOpsDevices(config containertypes.Resources) ([]specs.ThrottleDevice, error) {
+	var blkioReadIOpsDevice []specs.ThrottleDevice
+	var stat syscall.Stat_t
+
+	for _, iopsDevice := range config.BlkioDeviceReadIOps {
+		if err := syscall.Stat(iopsDevice.Path, &stat); err != nil {
+			return nil, err
+		}
+		rate := iopsDevice.Rate
+		d := specs.ThrottleDevice{Rate: &rate}
+		d.Major = int64(stat.Rdev / 256)
+		d.Minor = int64(stat.Rdev % 256)
+		blkioReadIOpsDevice = append(blkioReadIOpsDevice, d)
+	}
+
+	return blkioReadIOpsDevice, nil
+}
+
+func getBlkioWriteIOpsDevices(config containertypes.Resources) ([]specs.ThrottleDevice, error) {
+	var blkioWriteIOpsDevice []specs.ThrottleDevice
+	var stat syscall.Stat_t
+
+	for _, iopsDevice := range config.BlkioDeviceWriteIOps {
+		if err := syscall.Stat(iopsDevice.Path, &stat); err != nil {
+			return nil, err
+		}
+		rate := iopsDevice.Rate
+		d := specs.ThrottleDevice{Rate: &rate}
+		d.Major = int64(stat.Rdev / 256)
+		d.Minor = int64(stat.Rdev % 256)
+		blkioWriteIOpsDevice = append(blkioWriteIOpsDevice, d)
+	}
+
+	return blkioWriteIOpsDevice, nil
+}
+
+func getBlkioReadBpsDevices(config containertypes.Resources) ([]specs.ThrottleDevice, error) {
+	var blkioReadBpsDevice []specs.ThrottleDevice
+	var stat syscall.Stat_t
+
+	for _, bpsDevice := range config.BlkioDeviceReadBps {
+		if err := syscall.Stat(bpsDevice.Path, &stat); err != nil {
+			return nil, err
+		}
+		rate := bpsDevice.Rate
+		d := specs.ThrottleDevice{Rate: &rate}
+		d.Major = int64(stat.Rdev / 256)
+		d.Minor = int64(stat.Rdev % 256)
+		blkioReadBpsDevice = append(blkioReadBpsDevice, d)
+	}
+
+	return blkioReadBpsDevice, nil
+}
+
+func getBlkioWriteBpsDevices(config containertypes.Resources) ([]specs.ThrottleDevice, error) {
+	var blkioWriteBpsDevice []specs.ThrottleDevice
+	var stat syscall.Stat_t
+
+	for _, bpsDevice := range config.BlkioDeviceWriteBps {
+		if err := syscall.Stat(bpsDevice.Path, &stat); err != nil {
+			return nil, err
+		}
+		rate := bpsDevice.Rate
+		d := specs.ThrottleDevice{Rate: &rate}
+		d.Major = int64(stat.Rdev / 256)
+		d.Minor = int64(stat.Rdev % 256)
+		blkioWriteBpsDevice = append(blkioWriteBpsDevice, d)
+	}
+
+	return blkioWriteBpsDevice, nil
+}
+
+func checkKernelVersion(k, major, minor int) bool {
+	if v, err := kernel.GetKernelVersion(); err != nil {
+		logrus.Warnf("%s", err)
+	} else {
+		if kernel.CompareKernelVersion(*v, kernel.VersionInfo{Kernel: k, Major: major, Minor: minor}) < 0 {
+			return false
+		}
+	}
+	return true
+}
+
+func checkKernel() error {
+	// Check for unsupported kernel versions
+	// FIXME: it would be cleaner to not test for specific versions, but rather
+	// test for specific functionalities.
+	// Unfortunately we can't test for the feature "does not cause a kernel panic"
+	// without actually causing a kernel panic, so we need this workaround until
+	// the circumstances of pre-3.10 crashes are clearer.
+	// For details see https://github.com/docker/docker/issues/407
+	if !checkKernelVersion(3, 10, 0) {
+		v, _ := kernel.GetKernelVersion()
+		if os.Getenv("DOCKER_NOWARN_KERNEL_VERSION") == "" {
+			logrus.Warnf("Your Linux kernel version %s can be unstable running docker. Please upgrade your kernel to 3.10.0.", v.String())
+		}
+	}
+	return nil
+}
+
+// adaptContainerSettings is called during container creation to modify any
+// settings necessary in the HostConfig structure.
+func (daemon *Daemon) adaptContainerSettings(hostConfig *containertypes.HostConfig, adjustCPUShares bool) error {
+	if adjustCPUShares && hostConfig.CPUShares > 0 {
+		// Handle unsupported CPUShares
+		if hostConfig.CPUShares < linuxMinCPUShares {
+			logrus.Warnf("Changing requested CPUShares of %d to minimum allowed of %d", hostConfig.CPUShares, linuxMinCPUShares)
+			hostConfig.CPUShares = linuxMinCPUShares
+		} else if hostConfig.CPUShares > linuxMaxCPUShares {
+			logrus.Warnf("Changing requested CPUShares of %d to maximum allowed of %d", hostConfig.CPUShares, linuxMaxCPUShares)
+			hostConfig.CPUShares = linuxMaxCPUShares
+		}
+	}
+	if hostConfig.Memory > 0 && hostConfig.MemorySwap == 0 {
+		// By default, MemorySwap is set to twice the size of Memory.
+		hostConfig.MemorySwap = hostConfig.Memory * 2
+	}
+	if hostConfig.ShmSize == 0 {
+		hostConfig.ShmSize = container.DefaultSHMSize
+	}
+	var err error
+	if hostConfig.SecurityOpt == nil {
+		hostConfig.SecurityOpt, err = daemon.generateSecurityOpt(hostConfig.IpcMode, hostConfig.PidMode)
+		if err != nil {
+			return err
+		}
+	}
+	if hostConfig.MemorySwappiness == nil {
+		defaultSwappiness := int64(-1)
+		hostConfig.MemorySwappiness = &defaultSwappiness
+	}
+	if hostConfig.OomKillDisable == nil {
+		defaultOomKillDisable := false
+		hostConfig.OomKillDisable = &defaultOomKillDisable
+	}
+
+	return nil
+}
+
+func verifyContainerResources(resources *containertypes.Resources, sysInfo *sysinfo.SysInfo, update bool) ([]string, error) {
+	warnings := []string{}
+
+	// memory subsystem checks and adjustments
+	if resources.Memory != 0 && resources.Memory < linuxMinMemory {
+		return warnings, fmt.Errorf("Minimum memory limit allowed is 4MB")
+	}
+	if resources.Memory > 0 && !sysInfo.MemoryLimit {
+		warnings = append(warnings, "Your kernel does not support memory limit capabilities. Limitation discarded.")
+		logrus.Warnf("Your kernel does not support memory limit capabilities. Limitation discarded.")
+		resources.Memory = 0
+		resources.MemorySwap = -1
+	}
+	if resources.Memory > 0 && resources.MemorySwap != -1 && !sysInfo.SwapLimit {
+		warnings = append(warnings, "Your kernel does not support swap limit capabilities, memory limited without swap.")
+		logrus.Warnf("Your kernel does not support swap limit capabilities, memory limited without swap.")
+		resources.MemorySwap = -1
+	}
+	if resources.Memory > 0 && resources.MemorySwap > 0 && resources.MemorySwap < resources.Memory {
+		return warnings, fmt.Errorf("Minimum memoryswap limit should be larger than memory limit, see usage.")
+	}
+	if resources.Memory == 0 && resources.MemorySwap > 0 && !update {
+		return warnings, fmt.Errorf("You should always set the Memory limit when using Memoryswap limit, see usage.")
+	}
+	if resources.MemorySwappiness != nil && *resources.MemorySwappiness != -1 && !sysInfo.MemorySwappiness {
+		warnings = append(warnings, "Your kernel does not support memory swappiness capabilities, memory swappiness discarded.")
+		logrus.Warnf("Your kernel does not support memory swappiness capabilities, memory swappiness discarded.")
+		resources.MemorySwappiness = nil
+	}
+	if resources.MemorySwappiness != nil {
+		swappiness := *resources.MemorySwappiness
+		if swappiness < -1 || swappiness > 100 {
+			return warnings, fmt.Errorf("Invalid value: %v, valid memory swappiness range is 0-100.", swappiness)
+		}
+	}
+	if resources.MemoryReservation > 0 && !sysInfo.MemoryReservation {
+		warnings = append(warnings, "Your kernel does not support memory soft limit capabilities. Limitation discarded.")
+		logrus.Warnf("Your kernel does not support memory soft limit capabilities. Limitation discarded.")
+		resources.MemoryReservation = 0
+	}
+	if resources.Memory > 0 && resources.MemoryReservation > 0 && resources.Memory < resources.MemoryReservation {
+		return warnings, fmt.Errorf("Minimum memory limit should be larger than memory reservation limit, see usage.")
+	}
+	if resources.KernelMemory > 0 && !sysInfo.KernelMemory {
+		warnings = append(warnings, "Your kernel does not support kernel memory limit capabilities. Limitation discarded.")
+		logrus.Warnf("Your kernel does not support kernel memory limit capabilities. Limitation discarded.")
+		resources.KernelMemory = 0
+	}
+	if resources.KernelMemory > 0 && resources.KernelMemory < linuxMinMemory {
+		return warnings, fmt.Errorf("Minimum kernel memory limit allowed is 4MB")
+	}
+	if resources.KernelMemory > 0 && !checkKernelVersion(4, 0, 0) {
+		warnings = append(warnings, "You specified a kernel memory limit on a kernel older than 4.0. Kernel memory limits are experimental on older kernels, it won't work as expected and can cause your system to be unstable.")
+		logrus.Warnf("You specified a kernel memory limit on a kernel older than 4.0. Kernel memory limits are experimental on older kernels, it won't work as expected and can cause your system to be unstable.")
+	}
+	if resources.OomKillDisable != nil && !sysInfo.OomKillDisable {
+		// only produce warnings if the setting wasn't to *disable* the OOM Kill; no point
+		// warning the caller if they already wanted the feature to be off
+		if *resources.OomKillDisable {
+			warnings = append(warnings, "Your kernel does not support OomKillDisable, OomKillDisable discarded.")
+			logrus.Warnf("Your kernel does not support OomKillDisable, OomKillDisable discarded.")
+		}
+		resources.OomKillDisable = nil
+	}
+
+	if resources.PidsLimit != 0 && !sysInfo.PidsLimit {
+		warnings = append(warnings, "Your kernel does not support pids limit capabilities, pids limit discarded.")
+		logrus.Warnf("Your kernel does not support pids limit capabilities, pids limit discarded.")
+		resources.PidsLimit = 0
+	}
+
+	// cpu subsystem checks and adjustments
+	if resources.CPUShares > 0 && !sysInfo.CPUShares {
+		warnings = append(warnings, "Your kernel does not support CPU shares. Shares discarded.")
+		logrus.Warnf("Your kernel does not support CPU shares. Shares discarded.")
+		resources.CPUShares = 0
+	}
+	if resources.CPUPeriod > 0 && !sysInfo.CPUCfsPeriod {
+		warnings = append(warnings, "Your kernel does not support CPU cfs period. Period discarded.")
+		logrus.Warnf("Your kernel does not support CPU cfs period. Period discarded.")
+		resources.CPUPeriod = 0
+	}
+	if resources.CPUQuota > 0 && !sysInfo.CPUCfsQuota {
+		warnings = append(warnings, "Your kernel does not support CPU cfs quota. Quota discarded.")
+		logrus.Warnf("Your kernel does not support CPU cfs quota. Quota discarded.")
+		resources.CPUQuota = 0
+	}
+
+	// cpuset subsystem checks and adjustments
+	if (resources.CpusetCpus != "" || resources.CpusetMems != "") && !sysInfo.Cpuset {
+		warnings = append(warnings, "Your kernel does not support cpuset. Cpuset discarded.")
+		logrus.Warnf("Your kernel does not support cpuset. Cpuset discarded.")
+		resources.CpusetCpus = ""
+		resources.CpusetMems = ""
+	}
+	cpusAvailable, err := sysInfo.IsCpusetCpusAvailable(resources.CpusetCpus)
+	if err != nil {
+		return warnings, fmt.Errorf("Invalid value %s for cpuset cpus.", resources.CpusetCpus)
+	}
+	if !cpusAvailable {
+		return warnings, fmt.Errorf("Requested CPUs are not available - requested %s, available: %s.", resources.CpusetCpus, sysInfo.Cpus)
+	}
+	memsAvailable, err := sysInfo.IsCpusetMemsAvailable(resources.CpusetMems)
+	if err != nil {
+		return warnings, fmt.Errorf("Invalid value %s for cpuset mems.", resources.CpusetMems)
+	}
+	if !memsAvailable {
+		return warnings, fmt.Errorf("Requested memory nodes are not available - requested %s, available: %s.", resources.CpusetMems, sysInfo.Mems)
+	}
+
+	// blkio subsystem checks and adjustments
+	if resources.BlkioWeight > 0 && !sysInfo.BlkioWeight {
+		warnings = append(warnings, "Your kernel does not support Block I/O weight. Weight discarded.")
+		logrus.Warnf("Your kernel does not support Block I/O weight. Weight discarded.")
+		resources.BlkioWeight = 0
+	}
+	if resources.BlkioWeight > 0 && (resources.BlkioWeight < 10 || resources.BlkioWeight > 1000) {
+		return warnings, fmt.Errorf("Range of blkio weight is from 10 to 1000.")
+	}
+	if len(resources.BlkioWeightDevice) > 0 && !sysInfo.BlkioWeightDevice {
+		warnings = append(warnings, "Your kernel does not support Block I/O weight_device.")
+		logrus.Warnf("Your kernel does not support Block I/O weight_device. Weight-device discarded.")
+		resources.BlkioWeightDevice = []*pblkiodev.WeightDevice{}
+	}
+	if len(resources.BlkioDeviceReadBps) > 0 && !sysInfo.BlkioReadBpsDevice {
+		warnings = append(warnings, "Your kernel does not support Block read limit in bytes per second.")
+		logrus.Warnf("Your kernel does not support Block I/O read limit in bytes per second. --device-read-bps discarded.")
+		resources.BlkioDeviceReadBps = []*pblkiodev.ThrottleDevice{}
+	}
+	if len(resources.BlkioDeviceWriteBps) > 0 && !sysInfo.BlkioWriteBpsDevice {
+		warnings = append(warnings, "Your kernel does not support Block write limit in bytes per second.")
+		logrus.Warnf("Your kernel does not support Block I/O write limit in bytes per second. --device-write-bps discarded.")
+		resources.BlkioDeviceWriteBps = []*pblkiodev.ThrottleDevice{}
+	}
+	if len(resources.BlkioDeviceReadIOps) > 0 && !sysInfo.BlkioReadIOpsDevice {
+		warnings = append(warnings, "Your kernel does not support Block read limit in IO per second.")
+		logrus.Warnf("Your kernel does not support Block I/O read limit in IO per second. -device-read-iops discarded.")
+		resources.BlkioDeviceReadIOps = []*pblkiodev.ThrottleDevice{}
+	}
+	if len(resources.BlkioDeviceWriteIOps) > 0 && !sysInfo.BlkioWriteIOpsDevice {
+		warnings = append(warnings, "Your kernel does not support Block write limit in IO per second.")
+		logrus.Warnf("Your kernel does not support Block I/O write limit in IO per second. --device-write-iops discarded.")
+		resources.BlkioDeviceWriteIOps = []*pblkiodev.ThrottleDevice{}
+	}
+
+	return warnings, nil
+}
+
+func (daemon *Daemon) getCgroupDriver() string {
+	cgroupDriver := cgroupFsDriver
+
+	if UsingSystemd(daemon.configStore) {
+		cgroupDriver = cgroupSystemdDriver
+	}
+	return cgroupDriver
+}
+
+// getCD gets the raw value of the native.cgroupdriver option, if set.
+func getCD(config *Config) string {
+	for _, option := range config.ExecOptions {
+		key, val, err := parsers.ParseKeyValueOpt(option)
+		if err != nil || !strings.EqualFold(key, "native.cgroupdriver") {
+			continue
+		}
+		return val
+	}
+	return ""
+}
+
+// VerifyCgroupDriver validates native.cgroupdriver
+func VerifyCgroupDriver(config *Config) error {
+	cd := getCD(config)
+	if cd == "" || cd == cgroupFsDriver || cd == cgroupSystemdDriver {
+		return nil
+	}
+	return fmt.Errorf("native.cgroupdriver option %s not supported", cd)
+}
+
+// UsingSystemd returns true if cli option includes native.cgroupdriver=systemd
+func UsingSystemd(config *Config) bool {
+	return getCD(config) == cgroupSystemdDriver
+}
+
+// verifyPlatformContainerSettings performs platform-specific validation of the
+// hostconfig and config structures.
+func verifyPlatformContainerSettings(daemon *Daemon, hostConfig *containertypes.HostConfig, config *containertypes.Config, update bool) ([]string, error) {
+	warnings := []string{}
+	sysInfo := sysinfo.New(true)
+
+	warnings, err := daemon.verifyExperimentalContainerSettings(hostConfig, config)
+	if err != nil {
+		return warnings, err
+	}
+
+	w, err := verifyContainerResources(&hostConfig.Resources, sysInfo, update)
+	if err != nil {
+		return warnings, err
+	}
+	warnings = append(warnings, w...)
+
+	if hostConfig.ShmSize < 0 {
+		return warnings, fmt.Errorf("SHM size must be greater then 0")
+	}
+
+	if hostConfig.OomScoreAdj < -1000 || hostConfig.OomScoreAdj > 1000 {
+		return warnings, fmt.Errorf("Invalid value %d, range for oom score adj is [-1000, 1000].", hostConfig.OomScoreAdj)
+	}
+	if sysInfo.IPv4ForwardingDisabled {
+		warnings = append(warnings, "IPv4 forwarding is disabled. Networking will not work.")
+		logrus.Warnf("IPv4 forwarding is disabled. Networking will not work")
+	}
+	// check for various conflicting options with user namespaces
+	if daemon.configStore.RemappedRoot != "" && hostConfig.UsernsMode.IsPrivate() {
+		if hostConfig.Privileged {
+			return warnings, fmt.Errorf("Privileged mode is incompatible with user namespaces")
+		}
+		if hostConfig.NetworkMode.IsHost() {
+			return warnings, fmt.Errorf("Cannot share the host's network namespace when user namespaces are enabled")
+		}
+		if hostConfig.PidMode.IsHost() {
+			return warnings, fmt.Errorf("Cannot share the host PID namespace when user namespaces are enabled")
+		}
+		if hostConfig.ReadonlyRootfs {
+			return warnings, fmt.Errorf("Cannot use the --read-only option when user namespaces are enabled")
+		}
+	}
+	if hostConfig.CgroupParent != "" && UsingSystemd(daemon.configStore) {
+		// CgroupParent for systemd cgroup should be named as "xxx.slice"
+		if len(hostConfig.CgroupParent) <= 6 || !strings.HasSuffix(hostConfig.CgroupParent, ".slice") {
+			return warnings, fmt.Errorf("cgroup-parent for systemd cgroup should be a valid slice named as \"xxx.slice\"")
+		}
+	}
+	return warnings, nil
+}
+
+// verifyDaemonSettings performs validation of daemon config struct
+func verifyDaemonSettings(config *Config) error {
+	// Check for mutually incompatible config options
+	if config.bridgeConfig.Iface != "" && config.bridgeConfig.IP != "" {
+		return fmt.Errorf("You specified -b & --bip, mutually exclusive options. Please specify only one")
+	}
+	if !config.bridgeConfig.EnableIPTables && !config.bridgeConfig.InterContainerCommunication {
+		return fmt.Errorf("You specified --iptables=false with --icc=false. ICC=false uses iptables to function. Please set --icc or --iptables to true")
+	}
+	if !config.bridgeConfig.EnableIPTables && config.bridgeConfig.EnableIPMasq {
+		config.bridgeConfig.EnableIPMasq = false
+	}
+	if err := VerifyCgroupDriver(config); err != nil {
+		return err
+	}
+	if config.CgroupParent != "" && UsingSystemd(config) {
+		if len(config.CgroupParent) <= 6 || !strings.HasSuffix(config.CgroupParent, ".slice") {
+			return fmt.Errorf("cgroup-parent for systemd cgroup should be a valid slice named as \"xxx.slice\"")
+		}
+	}
+	return nil
+}
+
+// checkSystem validates platform-specific requirements
+func checkSystem() error {
+	if os.Geteuid() != 0 {
+		return fmt.Errorf("The Docker daemon needs to be run as root")
+	}
+	return checkKernel()
+}
+
+// configureMaxThreads sets the Go runtime max threads threshold
+// which is 90% of the kernel setting from /proc/sys/kernel/threads-max
+func configureMaxThreads(config *Config) error {
+	mt, err := ioutil.ReadFile("/proc/sys/kernel/threads-max")
+	if err != nil {
+		return err
+	}
+	mtint, err := strconv.Atoi(strings.TrimSpace(string(mt)))
+	if err != nil {
+		return err
+	}
+	maxThreads := (mtint / 100) * 90
+	debug.SetMaxThreads(maxThreads)
+	logrus.Debugf("Golang's threads limit set to %d", maxThreads)
+	return nil
+}
+
+// configureKernelSecuritySupport configures and validate security support for the kernel
+func configureKernelSecuritySupport(config *Config, driverName string) error {
+	if config.EnableSelinuxSupport {
+		if selinuxEnabled() {
+			// As Docker on overlayFS and SELinux are incompatible at present, error on overlayfs being enabled
+			if driverName == "overlay" {
+				return fmt.Errorf("SELinux is not supported with the %s graph driver", driverName)
+			}
+			logrus.Debug("SELinux enabled successfully")
+		} else {
+			logrus.Warn("Docker could not enable SELinux on the host system")
+		}
+	} else {
+		selinuxSetDisabled()
+	}
+	return nil
+}
+
+func (daemon *Daemon) initNetworkController(config *Config) (libnetwork.NetworkController, error) {
+	netOptions, err := daemon.networkOptions(config)
+	if err != nil {
+		return nil, err
+	}
+
+	controller, err := libnetwork.New(netOptions...)
+	if err != nil {
+		return nil, fmt.Errorf("error obtaining controller instance: %v", err)
+	}
+
+	// Initialize default network on "null"
+	if _, err := controller.NewNetwork("null", "none", libnetwork.NetworkOptionPersist(false)); err != nil {
+		return nil, fmt.Errorf("Error creating default \"null\" network: %v", err)
+	}
+
+	// Initialize default network on "host"
+	if _, err := controller.NewNetwork("host", "host", libnetwork.NetworkOptionPersist(false)); err != nil {
+		return nil, fmt.Errorf("Error creating default \"host\" network: %v", err)
+	}
+
+	if !config.DisableBridge {
+		// Initialize default driver "bridge"
+		if err := initBridgeDriver(controller, config); err != nil {
+			return nil, err
+		}
+	}
+
+	return controller, nil
+}
+
+func driverOptions(config *Config) []nwconfig.Option {
+	bridgeConfig := options.Generic{
+		"EnableIPForwarding":  config.bridgeConfig.EnableIPForward,
+		"EnableIPTables":      config.bridgeConfig.EnableIPTables,
+		"EnableUserlandProxy": config.bridgeConfig.EnableUserlandProxy}
+	bridgeOption := options.Generic{netlabel.GenericData: bridgeConfig}
+
+	dOptions := []nwconfig.Option{}
+	dOptions = append(dOptions, nwconfig.OptionDriverConfig("bridge", bridgeOption))
+	return dOptions
+}
+
+func initBridgeDriver(controller libnetwork.NetworkController, config *Config) error {
+	if n, err := controller.NetworkByName("bridge"); err == nil {
+		if err = n.Delete(); err != nil {
+			return fmt.Errorf("could not delete the default bridge network: %v", err)
+		}
+	}
+
+	bridgeName := bridge.DefaultBridgeName
+	if config.bridgeConfig.Iface != "" {
+		bridgeName = config.bridgeConfig.Iface
+	}
+	netOption := map[string]string{
+		bridge.BridgeName:         bridgeName,
+		bridge.DefaultBridge:      strconv.FormatBool(true),
+		netlabel.DriverMTU:        strconv.Itoa(config.Mtu),
+		bridge.EnableIPMasquerade: strconv.FormatBool(config.bridgeConfig.EnableIPMasq),
+		bridge.EnableICC:          strconv.FormatBool(config.bridgeConfig.InterContainerCommunication),
+	}
+
+	// --ip processing
+	if config.bridgeConfig.DefaultIP != nil {
+		netOption[bridge.DefaultBindingIP] = config.bridgeConfig.DefaultIP.String()
+	}
+
+	var (
+		ipamV4Conf *libnetwork.IpamConf
+		ipamV6Conf *libnetwork.IpamConf
+	)
+
+	ipamV4Conf = &libnetwork.IpamConf{AuxAddresses: make(map[string]string)}
+
+	nw, nw6List, err := ipamutils.ElectInterfaceAddresses(bridgeName)
+	if err == nil {
+		ipamV4Conf.PreferredPool = lntypes.GetIPNetCanonical(nw).String()
+		hip, _ := lntypes.GetHostPartIP(nw.IP, nw.Mask)
+		if hip.IsGlobalUnicast() {
+			ipamV4Conf.Gateway = nw.IP.String()
+		}
+	}
+
+	if config.bridgeConfig.IP != "" {
+		ipamV4Conf.PreferredPool = config.bridgeConfig.IP
+		ip, _, err := net.ParseCIDR(config.bridgeConfig.IP)
+		if err != nil {
+			return err
+		}
+		ipamV4Conf.Gateway = ip.String()
+	} else if bridgeName == bridge.DefaultBridgeName && ipamV4Conf.PreferredPool != "" {
+		logrus.Infof("Default bridge (%s) is assigned with an IP address %s. Daemon option --bip can be used to set a preferred IP address", bridgeName, ipamV4Conf.PreferredPool)
+	}
+
+	if config.bridgeConfig.FixedCIDR != "" {
+		_, fCIDR, err := net.ParseCIDR(config.bridgeConfig.FixedCIDR)
+		if err != nil {
+			return err
+		}
+
+		ipamV4Conf.SubPool = fCIDR.String()
+	}
+
+	if config.bridgeConfig.DefaultGatewayIPv4 != nil {
+		ipamV4Conf.AuxAddresses["DefaultGatewayIPv4"] = config.bridgeConfig.DefaultGatewayIPv4.String()
+	}
+
+	var deferIPv6Alloc bool
+	if config.bridgeConfig.FixedCIDRv6 != "" {
+		_, fCIDRv6, err := net.ParseCIDR(config.bridgeConfig.FixedCIDRv6)
+		if err != nil {
+			return err
+		}
+
+		// In case user has specified the daemon flag --fixed-cidr-v6 and the passed network has
+		// at least 48 host bits, we need to guarantee the current behavior where the containers'
+		// IPv6 addresses will be constructed based on the containers' interface MAC address.
+		// We do so by telling libnetwork to defer the IPv6 address allocation for the endpoints
+		// on this network until after the driver has created the endpoint and returned the
+		// constructed address. Libnetwork will then reserve this address with the ipam driver.
+		ones, _ := fCIDRv6.Mask.Size()
+		deferIPv6Alloc = ones <= 80
+
+		if ipamV6Conf == nil {
+			ipamV6Conf = &libnetwork.IpamConf{AuxAddresses: make(map[string]string)}
+		}
+		ipamV6Conf.PreferredPool = fCIDRv6.String()
+
+		// In case the --fixed-cidr-v6 is specified and the current docker0 bridge IPv6
+		// address belongs to the same network, we need to inform libnetwork about it, so
+		// that it can be reserved with IPAM and it will not be given away to somebody else
+		for _, nw6 := range nw6List {
+			if fCIDRv6.Contains(nw6.IP) {
+				ipamV6Conf.Gateway = nw6.IP.String()
+				break
+			}
+		}
+	}
+
+	if config.bridgeConfig.DefaultGatewayIPv6 != nil {
+		if ipamV6Conf == nil {
+			ipamV6Conf = &libnetwork.IpamConf{AuxAddresses: make(map[string]string)}
+		}
+		ipamV6Conf.AuxAddresses["DefaultGatewayIPv6"] = config.bridgeConfig.DefaultGatewayIPv6.String()
+	}
+
+	v4Conf := []*libnetwork.IpamConf{ipamV4Conf}
+	v6Conf := []*libnetwork.IpamConf{}
+	if ipamV6Conf != nil {
+		v6Conf = append(v6Conf, ipamV6Conf)
+	}
+	// Initialize default network on "bridge" with the same name
+	_, err = controller.NewNetwork("bridge", "bridge",
+		libnetwork.NetworkOptionEnableIPv6(config.bridgeConfig.EnableIPv6),
+		libnetwork.NetworkOptionDriverOpts(netOption),
+		libnetwork.NetworkOptionIpam("default", "", v4Conf, v6Conf, nil),
+		libnetwork.NetworkOptionDeferIPv6Alloc(deferIPv6Alloc))
+	if err != nil {
+		return fmt.Errorf("Error creating default \"bridge\" network: %v", err)
+	}
+	return nil
+}
+
+// setupInitLayer populates a directory with mountpoints suitable
+// for bind-mounting things into the container.
+//
+// This extra layer is used by all containers as the top-most ro layer. It protects
+// the container from unwanted side-effects on the rw layer.
+func setupInitLayer(initLayer string, rootUID, rootGID int) error {
+	for pth, typ := range map[string]string{
+		"/dev/pts":         "dir",
+		"/dev/shm":         "dir",
+		"/proc":            "dir",
+		"/sys":             "dir",
+		"/.dockerenv":      "file",
+		"/etc/resolv.conf": "file",
+		"/etc/hosts":       "file",
+		"/etc/hostname":    "file",
+		"/dev/console":     "file",
+		"/etc/mtab":        "/proc/mounts",
+	} {
+		parts := strings.Split(pth, "/")
+		prev := "/"
+		for _, p := range parts[1:] {
+			prev = filepath.Join(prev, p)
+			syscall.Unlink(filepath.Join(initLayer, prev))
+		}
+
+		if _, err := os.Stat(filepath.Join(initLayer, pth)); err != nil {
+			if os.IsNotExist(err) {
+				if err := idtools.MkdirAllNewAs(filepath.Join(initLayer, filepath.Dir(pth)), 0755, rootUID, rootGID); err != nil {
+					return err
+				}
+				switch typ {
+				case "dir":
+					if err := idtools.MkdirAllNewAs(filepath.Join(initLayer, pth), 0755, rootUID, rootGID); err != nil {
+						return err
+					}
+				case "file":
+					f, err := os.OpenFile(filepath.Join(initLayer, pth), os.O_CREATE, 0755)
+					if err != nil {
+						return err
+					}
+					f.Chown(rootUID, rootGID)
+					f.Close()
+				default:
+					if err := os.Symlink(typ, filepath.Join(initLayer, pth)); err != nil {
+						return err
+					}
+				}
+			} else {
+				return err
+			}
+		}
+	}
+
+	// Layer is ready to use, if it wasn't before.
+	return nil
+}
+
+// Parse the remapped root (user namespace) option, which can be one of:
+//   username            - valid username from /etc/passwd
+//   username:groupname  - valid username; valid groupname from /etc/group
+//   uid                 - 32-bit unsigned int valid Linux UID value
+//   uid:gid             - uid value; 32-bit unsigned int Linux GID value
+//
+//  If no groupname is specified, and a username is specified, an attempt
+//  will be made to lookup a gid for that username as a groupname
+//
+//  If names are used, they are verified to exist in passwd/group
+func parseRemappedRoot(usergrp string) (string, string, error) {
+
+	var (
+		userID, groupID     int
+		username, groupname string
+	)
+
+	idparts := strings.Split(usergrp, ":")
+	if len(idparts) > 2 {
+		return "", "", fmt.Errorf("Invalid user/group specification in --userns-remap: %q", usergrp)
+	}
+
+	if uid, err := strconv.ParseInt(idparts[0], 10, 32); err == nil {
+		// must be a uid; take it as valid
+		userID = int(uid)
+		luser, err := user.LookupUid(userID)
+		if err != nil {
+			return "", "", fmt.Errorf("Uid %d has no entry in /etc/passwd: %v", userID, err)
+		}
+		username = luser.Name
+		if len(idparts) == 1 {
+			// if the uid was numeric and no gid was specified, take the uid as the gid
+			groupID = userID
+			lgrp, err := user.LookupGid(groupID)
+			if err != nil {
+				return "", "", fmt.Errorf("Gid %d has no entry in /etc/group: %v", groupID, err)
+			}
+			groupname = lgrp.Name
+		}
+	} else {
+		lookupName := idparts[0]
+		// special case: if the user specified "default", they want Docker to create or
+		// use (after creation) the "dockremap" user/group for root remapping
+		if lookupName == defaultIDSpecifier {
+			lookupName = defaultRemappedID
+		}
+		luser, err := user.LookupUser(lookupName)
+		if err != nil && idparts[0] != defaultIDSpecifier {
+			// error if the name requested isn't the special "dockremap" ID
+			return "", "", fmt.Errorf("Error during uid lookup for %q: %v", lookupName, err)
+		} else if err != nil {
+			// special case-- if the username == "default", then we have been asked
+			// to create a new entry pair in /etc/{passwd,group} for which the /etc/sub{uid,gid}
+			// ranges will be used for the user and group mappings in user namespaced containers
+			_, _, err := idtools.AddNamespaceRangesUser(defaultRemappedID)
+			if err == nil {
+				return defaultRemappedID, defaultRemappedID, nil
+			}
+			return "", "", fmt.Errorf("Error during %q user creation: %v", defaultRemappedID, err)
+		}
+		username = luser.Name
+		if len(idparts) == 1 {
+			// we only have a string username, and no group specified; look up gid from username as group
+			group, err := user.LookupGroup(lookupName)
+			if err != nil {
+				return "", "", fmt.Errorf("Error during gid lookup for %q: %v", lookupName, err)
+			}
+			groupID = group.Gid
+			groupname = group.Name
+		}
+	}
+
+	if len(idparts) == 2 {
+		// groupname or gid is separately specified and must be resolved
+		// to a unsigned 32-bit gid
+		if gid, err := strconv.ParseInt(idparts[1], 10, 32); err == nil {
+			// must be a gid, take it as valid
+			groupID = int(gid)
+			lgrp, err := user.LookupGid(groupID)
+			if err != nil {
+				return "", "", fmt.Errorf("Gid %d has no entry in /etc/passwd: %v", groupID, err)
+			}
+			groupname = lgrp.Name
+		} else {
+			// not a number; attempt a lookup
+			if _, err := user.LookupGroup(idparts[1]); err != nil {
+				return "", "", fmt.Errorf("Error during groupname lookup for %q: %v", idparts[1], err)
+			}
+			groupname = idparts[1]
+		}
+	}
+	return username, groupname, nil
+}
+
+func setupRemappedRoot(config *Config) ([]idtools.IDMap, []idtools.IDMap, error) {
+	if runtime.GOOS != "linux" && config.RemappedRoot != "" {
+		return nil, nil, fmt.Errorf("User namespaces are only supported on Linux")
+	}
+
+	// if the daemon was started with remapped root option, parse
+	// the config option to the int uid,gid values
+	var (
+		uidMaps, gidMaps []idtools.IDMap
+	)
+	if config.RemappedRoot != "" {
+		username, groupname, err := parseRemappedRoot(config.RemappedRoot)
+		if err != nil {
+			return nil, nil, err
+		}
+		if username == "root" {
+			// Cannot setup user namespaces with a 1-to-1 mapping; "--root=0:0" is a no-op
+			// effectively
+			logrus.Warnf("User namespaces: root cannot be remapped with itself; user namespaces are OFF")
+			return uidMaps, gidMaps, nil
+		}
+		logrus.Infof("User namespaces: ID ranges will be mapped to subuid/subgid ranges of: %s:%s", username, groupname)
+		// update remapped root setting now that we have resolved them to actual names
+		config.RemappedRoot = fmt.Sprintf("%s:%s", username, groupname)
+
+		uidMaps, gidMaps, err = idtools.CreateIDMappings(username, groupname)
+		if err != nil {
+			return nil, nil, fmt.Errorf("Can't create ID mappings: %v", err)
+		}
+	}
+	return uidMaps, gidMaps, nil
+}
+
+func setupDaemonRoot(config *Config, rootDir string, rootUID, rootGID int) error {
+	config.Root = rootDir
+	// the docker root metadata directory needs to have execute permissions for all users (g+x,o+x)
+	// so that syscalls executing as non-root, operating on subdirectories of the graph root
+	// (e.g. mounted layers of a container) can traverse this path.
+	// The user namespace support will create subdirectories for the remapped root host uid:gid
+	// pair owned by that same uid:gid pair for proper write access to those needed metadata and
+	// layer content subtrees.
+	if _, err := os.Stat(rootDir); err == nil {
+		// root current exists; verify the access bits are correct by setting them
+		if err = os.Chmod(rootDir, 0711); err != nil {
+			return err
+		}
+	} else if os.IsNotExist(err) {
+		// no root exists yet, create it 0711 with root:root ownership
+		if err := os.MkdirAll(rootDir, 0711); err != nil {
+			return err
+		}
+	}
+
+	// if user namespaces are enabled we will create a subtree underneath the specified root
+	// with any/all specified remapped root uid/gid options on the daemon creating
+	// a new subdirectory with ownership set to the remapped uid/gid (so as to allow
+	// `chdir()` to work for containers namespaced to that uid/gid)
+	if config.RemappedRoot != "" {
+		config.Root = filepath.Join(rootDir, fmt.Sprintf("%d.%d", rootUID, rootGID))
+		logrus.Debugf("Creating user namespaced daemon root: %s", config.Root)
+		// Create the root directory if it doesn't exists
+		if err := idtools.MkdirAllAs(config.Root, 0700, rootUID, rootGID); err != nil {
+			return fmt.Errorf("Cannot create daemon root: %s: %v", config.Root, err)
+		}
+	}
+	return nil
+}
+
+// registerLinks writes the links to a file.
+func (daemon *Daemon) registerLinks(container *container.Container, hostConfig *containertypes.HostConfig) error {
+	if hostConfig == nil || hostConfig.NetworkMode.IsUserDefined() {
+		return nil
+	}
+
+	for _, l := range hostConfig.Links {
+		name, alias, err := runconfigopts.ParseLink(l)
+		if err != nil {
+			return err
+		}
+		child, err := daemon.GetContainer(name)
+		if err != nil {
+			//An error from daemon.GetContainer() means this name could not be found
+			return fmt.Errorf("Could not get container for %s", name)
+		}
+		for child.HostConfig.NetworkMode.IsContainer() {
+			parts := strings.SplitN(string(child.HostConfig.NetworkMode), ":", 2)
+			child, err = daemon.GetContainer(parts[1])
+			if err != nil {
+				return fmt.Errorf("Could not get container for %s", parts[1])
+			}
+		}
+		if child.HostConfig.NetworkMode.IsHost() {
+			return runconfig.ErrConflictHostNetworkAndLinks
+		}
+		if err := daemon.registerLink(container, child, alias); err != nil {
+			return err
+		}
+	}
+
+	// After we load all the links into the daemon
+	// set them to nil on the hostconfig
+	return container.WriteHostConfig()
+}
+
+// conditionalMountOnStart is a platform specific helper function during the
+// container start to call mount.
+func (daemon *Daemon) conditionalMountOnStart(container *container.Container) error {
+	return daemon.Mount(container)
+}
+
+// conditionalUnmountOnCleanup is a platform specific helper function called
+// during the cleanup of a container to unmount.
+func (daemon *Daemon) conditionalUnmountOnCleanup(container *container.Container) error {
+	return daemon.Unmount(container)
+}
+
+func restoreCustomImage(is image.Store, ls layer.Store, rs reference.Store) error {
+	// Unix has no custom images to register
+	return nil
+}
+
+func (daemon *Daemon) stats(c *container.Container) (*types.StatsJSON, error) {
+	if !c.IsRunning() {
+		return nil, errNotRunning{c.ID}
+	}
+	stats, err := daemon.containerd.Stats(c.ID)
+	if err != nil {
+		return nil, err
+	}
+	s := &types.StatsJSON{}
+	cgs := stats.CgroupStats
+	if cgs != nil {
+		s.BlkioStats = types.BlkioStats{
+			IoServiceBytesRecursive: copyBlkioEntry(cgs.BlkioStats.IoServiceBytesRecursive),
+			IoServicedRecursive:     copyBlkioEntry(cgs.BlkioStats.IoServicedRecursive),
+			IoQueuedRecursive:       copyBlkioEntry(cgs.BlkioStats.IoQueuedRecursive),
+			IoServiceTimeRecursive:  copyBlkioEntry(cgs.BlkioStats.IoServiceTimeRecursive),
+			IoWaitTimeRecursive:     copyBlkioEntry(cgs.BlkioStats.IoWaitTimeRecursive),
+			IoMergedRecursive:       copyBlkioEntry(cgs.BlkioStats.IoMergedRecursive),
+			IoTimeRecursive:         copyBlkioEntry(cgs.BlkioStats.IoTimeRecursive),
+			SectorsRecursive:        copyBlkioEntry(cgs.BlkioStats.SectorsRecursive),
+		}
+		cpu := cgs.CpuStats
+		s.CPUStats = types.CPUStats{
+			CPUUsage: types.CPUUsage{
+				TotalUsage:        cpu.CpuUsage.TotalUsage,
+				PercpuUsage:       cpu.CpuUsage.PercpuUsage,
+				UsageInKernelmode: cpu.CpuUsage.UsageInKernelmode,
+				UsageInUsermode:   cpu.CpuUsage.UsageInUsermode,
+			},
+			ThrottlingData: types.ThrottlingData{
+				Periods:          cpu.ThrottlingData.Periods,
+				ThrottledPeriods: cpu.ThrottlingData.ThrottledPeriods,
+				ThrottledTime:    cpu.ThrottlingData.ThrottledTime,
+			},
+		}
+		mem := cgs.MemoryStats.Usage
+		s.MemoryStats = types.MemoryStats{
+			Usage:    mem.Usage,
+			MaxUsage: mem.MaxUsage,
+			Stats:    cgs.MemoryStats.Stats,
+			Failcnt:  mem.Failcnt,
+			Limit:    mem.Limit,
+		}
+		// if the container does not set memory limit, use the machineMemory
+		if mem.Limit > daemon.statsCollector.machineMemory && daemon.statsCollector.machineMemory > 0 {
+			s.MemoryStats.Limit = daemon.statsCollector.machineMemory
+		}
+		if cgs.PidsStats != nil {
+			s.PidsStats = types.PidsStats{
+				Current: cgs.PidsStats.Current,
+			}
+		}
+	}
+	s.Read = time.Unix(int64(stats.Timestamp), 0)
+	return s, nil
+}
+
+// setDefaultIsolation determine the default isolation mode for the
+// daemon to run in. This is only applicable on Windows
+func (daemon *Daemon) setDefaultIsolation() error {
+	return nil
+}
+
+func rootFSToAPIType(rootfs *image.RootFS) types.RootFS {
+	var layers []string
+	for _, l := range rootfs.DiffIDs {
+		layers = append(layers, l.String())
+	}
+	return types.RootFS{
+		Type:   rootfs.Type,
+		Layers: layers,
+	}
+}
diff --git a/daemon/daemon_unix_test.go b/daemon/daemon_unix_test.go
new file mode 100644
index 00000000..7bf307cd
--- /dev/null
+++ b/daemon/daemon_unix_test.go
@@ -0,0 +1,199 @@
+// +build !windows
+
+package daemon
+
+import (
+	"io/ioutil"
+	"os"
+	"testing"
+
+	"github.com/docker/docker/container"
+	containertypes "github.com/docker/engine-api/types/container"
+)
+
+// Unix test as uses settings which are not available on Windows
+func TestAdjustCPUShares(t *testing.T) {
+	tmp, err := ioutil.TempDir("", "docker-daemon-unix-test-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmp)
+	daemon := &Daemon{
+		repository: tmp,
+		root:       tmp,
+	}
+
+	hostConfig := &containertypes.HostConfig{
+		Resources: containertypes.Resources{CPUShares: linuxMinCPUShares - 1},
+	}
+	daemon.adaptContainerSettings(hostConfig, true)
+	if hostConfig.CPUShares != linuxMinCPUShares {
+		t.Errorf("Expected CPUShares to be %d", linuxMinCPUShares)
+	}
+
+	hostConfig.CPUShares = linuxMaxCPUShares + 1
+	daemon.adaptContainerSettings(hostConfig, true)
+	if hostConfig.CPUShares != linuxMaxCPUShares {
+		t.Errorf("Expected CPUShares to be %d", linuxMaxCPUShares)
+	}
+
+	hostConfig.CPUShares = 0
+	daemon.adaptContainerSettings(hostConfig, true)
+	if hostConfig.CPUShares != 0 {
+		t.Error("Expected CPUShares to be unchanged")
+	}
+
+	hostConfig.CPUShares = 1024
+	daemon.adaptContainerSettings(hostConfig, true)
+	if hostConfig.CPUShares != 1024 {
+		t.Error("Expected CPUShares to be unchanged")
+	}
+}
+
+// Unix test as uses settings which are not available on Windows
+func TestAdjustCPUSharesNoAdjustment(t *testing.T) {
+	tmp, err := ioutil.TempDir("", "docker-daemon-unix-test-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmp)
+	daemon := &Daemon{
+		repository: tmp,
+		root:       tmp,
+	}
+
+	hostConfig := &containertypes.HostConfig{
+		Resources: containertypes.Resources{CPUShares: linuxMinCPUShares - 1},
+	}
+	daemon.adaptContainerSettings(hostConfig, false)
+	if hostConfig.CPUShares != linuxMinCPUShares-1 {
+		t.Errorf("Expected CPUShares to be %d", linuxMinCPUShares-1)
+	}
+
+	hostConfig.CPUShares = linuxMaxCPUShares + 1
+	daemon.adaptContainerSettings(hostConfig, false)
+	if hostConfig.CPUShares != linuxMaxCPUShares+1 {
+		t.Errorf("Expected CPUShares to be %d", linuxMaxCPUShares+1)
+	}
+
+	hostConfig.CPUShares = 0
+	daemon.adaptContainerSettings(hostConfig, false)
+	if hostConfig.CPUShares != 0 {
+		t.Error("Expected CPUShares to be unchanged")
+	}
+
+	hostConfig.CPUShares = 1024
+	daemon.adaptContainerSettings(hostConfig, false)
+	if hostConfig.CPUShares != 1024 {
+		t.Error("Expected CPUShares to be unchanged")
+	}
+}
+
+// Unix test as uses settings which are not available on Windows
+func TestParseSecurityOptWithDeprecatedColon(t *testing.T) {
+	container := &container.Container{}
+	config := &containertypes.HostConfig{}
+
+	// test apparmor
+	config.SecurityOpt = []string{"apparmor=test_profile"}
+	if err := parseSecurityOpt(container, config); err != nil {
+		t.Fatalf("Unexpected parseSecurityOpt error: %v", err)
+	}
+	if container.AppArmorProfile != "test_profile" {
+		t.Fatalf("Unexpected AppArmorProfile, expected: \"test_profile\", got %q", container.AppArmorProfile)
+	}
+
+	// test seccomp
+	sp := "/path/to/seccomp_test.json"
+	config.SecurityOpt = []string{"seccomp=" + sp}
+	if err := parseSecurityOpt(container, config); err != nil {
+		t.Fatalf("Unexpected parseSecurityOpt error: %v", err)
+	}
+	if container.SeccompProfile != sp {
+		t.Fatalf("Unexpected AppArmorProfile, expected: %q, got %q", sp, container.SeccompProfile)
+	}
+
+	// test valid label
+	config.SecurityOpt = []string{"label=user:USER"}
+	if err := parseSecurityOpt(container, config); err != nil {
+		t.Fatalf("Unexpected parseSecurityOpt error: %v", err)
+	}
+
+	// test invalid label
+	config.SecurityOpt = []string{"label"}
+	if err := parseSecurityOpt(container, config); err == nil {
+		t.Fatal("Expected parseSecurityOpt error, got nil")
+	}
+
+	// test invalid opt
+	config.SecurityOpt = []string{"test"}
+	if err := parseSecurityOpt(container, config); err == nil {
+		t.Fatal("Expected parseSecurityOpt error, got nil")
+	}
+}
+
+func TestParseSecurityOpt(t *testing.T) {
+	container := &container.Container{}
+	config := &containertypes.HostConfig{}
+
+	// test apparmor
+	config.SecurityOpt = []string{"apparmor=test_profile"}
+	if err := parseSecurityOpt(container, config); err != nil {
+		t.Fatalf("Unexpected parseSecurityOpt error: %v", err)
+	}
+	if container.AppArmorProfile != "test_profile" {
+		t.Fatalf("Unexpected AppArmorProfile, expected: \"test_profile\", got %q", container.AppArmorProfile)
+	}
+
+	// test seccomp
+	sp := "/path/to/seccomp_test.json"
+	config.SecurityOpt = []string{"seccomp=" + sp}
+	if err := parseSecurityOpt(container, config); err != nil {
+		t.Fatalf("Unexpected parseSecurityOpt error: %v", err)
+	}
+	if container.SeccompProfile != sp {
+		t.Fatalf("Unexpected SeccompProfile, expected: %q, got %q", sp, container.SeccompProfile)
+	}
+
+	// test valid label
+	config.SecurityOpt = []string{"label=user:USER"}
+	if err := parseSecurityOpt(container, config); err != nil {
+		t.Fatalf("Unexpected parseSecurityOpt error: %v", err)
+	}
+
+	// test invalid label
+	config.SecurityOpt = []string{"label"}
+	if err := parseSecurityOpt(container, config); err == nil {
+		t.Fatal("Expected parseSecurityOpt error, got nil")
+	}
+
+	// test invalid opt
+	config.SecurityOpt = []string{"test"}
+	if err := parseSecurityOpt(container, config); err == nil {
+		t.Fatal("Expected parseSecurityOpt error, got nil")
+	}
+}
+
+func TestNetworkOptions(t *testing.T) {
+	daemon := &Daemon{}
+	dconfigCorrect := &Config{
+		CommonConfig: CommonConfig{
+			ClusterStore:     "consul://localhost:8500",
+			ClusterAdvertise: "192.168.0.1:8000",
+		},
+	}
+
+	if _, err := daemon.networkOptions(dconfigCorrect); err != nil {
+		t.Fatalf("Expect networkOptions success, got error: %v", err)
+	}
+
+	dconfigWrong := &Config{
+		CommonConfig: CommonConfig{
+			ClusterStore: "consul://localhost:8500://test://bbb",
+		},
+	}
+
+	if _, err := daemon.networkOptions(dconfigWrong); err == nil {
+		t.Fatalf("Expected networkOptions error, got nil")
+	}
+}
diff --git a/daemon/daemon_unsupported.go b/daemon/daemon_unsupported.go
new file mode 100644
index 00000000..987528f4
--- /dev/null
+++ b/daemon/daemon_unsupported.go
@@ -0,0 +1,5 @@
+// +build !linux,!freebsd,!windows
+
+package daemon
+
+const platformSupported = false
diff --git a/daemon/daemon_windows.go b/daemon/daemon_windows.go
new file mode 100644
index 00000000..2d07011a
--- /dev/null
+++ b/daemon/daemon_windows.go
@@ -0,0 +1,467 @@
+package daemon
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"os"
+	"path/filepath"
+	"runtime"
+	"strings"
+
+	"github.com/Microsoft/hcsshim"
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/daemon/graphdriver"
+	"github.com/docker/docker/dockerversion"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/reference"
+	"github.com/docker/docker/runconfig"
+	// register the windows graph driver
+	"github.com/docker/docker/daemon/graphdriver/windows"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/parsers"
+	"github.com/docker/docker/pkg/system"
+	"github.com/docker/engine-api/types"
+	containertypes "github.com/docker/engine-api/types/container"
+	"github.com/docker/libnetwork"
+	nwconfig "github.com/docker/libnetwork/config"
+	winlibnetwork "github.com/docker/libnetwork/drivers/windows"
+	"github.com/docker/libnetwork/netlabel"
+	"github.com/docker/libnetwork/options"
+	blkiodev "github.com/opencontainers/runc/libcontainer/configs"
+)
+
+const (
+	defaultVirtualSwitch = "Virtual Switch"
+	defaultNetworkSpace  = "172.16.0.0/12"
+	platformSupported    = true
+	windowsMinCPUShares  = 1
+	windowsMaxCPUShares  = 10000
+)
+
+func getBlkioWeightDevices(config *containertypes.HostConfig) ([]blkiodev.WeightDevice, error) {
+	return nil, nil
+}
+
+func parseSecurityOpt(container *container.Container, config *containertypes.HostConfig) error {
+	return nil
+}
+
+func getBlkioReadIOpsDevices(config *containertypes.HostConfig) ([]blkiodev.ThrottleDevice, error) {
+	return nil, nil
+}
+
+func getBlkioWriteIOpsDevices(config *containertypes.HostConfig) ([]blkiodev.ThrottleDevice, error) {
+	return nil, nil
+}
+
+func getBlkioReadBpsDevices(config *containertypes.HostConfig) ([]blkiodev.ThrottleDevice, error) {
+	return nil, nil
+}
+
+func getBlkioWriteBpsDevices(config *containertypes.HostConfig) ([]blkiodev.ThrottleDevice, error) {
+	return nil, nil
+}
+
+func setupInitLayer(initLayer string, rootUID, rootGID int) error {
+	return nil
+}
+
+func checkKernel() error {
+	return nil
+}
+
+func (daemon *Daemon) getCgroupDriver() string {
+	return ""
+}
+
+// adaptContainerSettings is called during container creation to modify any
+// settings necessary in the HostConfig structure.
+func (daemon *Daemon) adaptContainerSettings(hostConfig *containertypes.HostConfig, adjustCPUShares bool) error {
+	if hostConfig == nil {
+		return nil
+	}
+
+	if hostConfig.CPUShares < 0 {
+		logrus.Warnf("Changing requested CPUShares of %d to minimum allowed of %d", hostConfig.CPUShares, windowsMinCPUShares)
+		hostConfig.CPUShares = windowsMinCPUShares
+	} else if hostConfig.CPUShares > windowsMaxCPUShares {
+		logrus.Warnf("Changing requested CPUShares of %d to maximum allowed of %d", hostConfig.CPUShares, windowsMaxCPUShares)
+		hostConfig.CPUShares = windowsMaxCPUShares
+	}
+
+	return nil
+}
+
+// verifyPlatformContainerSettings performs platform-specific validation of the
+// hostconfig and config structures.
+func verifyPlatformContainerSettings(daemon *Daemon, hostConfig *containertypes.HostConfig, config *containertypes.Config, update bool) ([]string, error) {
+	return nil, nil
+}
+
+// verifyDaemonSettings performs validation of daemon config struct
+func verifyDaemonSettings(config *Config) error {
+	return nil
+}
+
+// checkSystem validates platform-specific requirements
+func checkSystem() error {
+	// Validate the OS version. Note that docker.exe must be manifested for this
+	// call to return the correct version.
+	osv, err := system.GetOSVersion()
+	if err != nil {
+		return err
+	}
+	if osv.MajorVersion < 10 {
+		return fmt.Errorf("This version of Windows does not support the docker daemon")
+	}
+	if osv.Build < 10586 {
+		return fmt.Errorf("The Windows daemon requires Windows Server 2016 Technical Preview 4, build 10586 or later")
+	}
+	return nil
+}
+
+// configureKernelSecuritySupport configures and validate security support for the kernel
+func configureKernelSecuritySupport(config *Config, driverName string) error {
+	return nil
+}
+
+// configureMaxThreads sets the Go runtime max threads threshold
+func configureMaxThreads(config *Config) error {
+	return nil
+}
+
+func (daemon *Daemon) initNetworkController(config *Config) (libnetwork.NetworkController, error) {
+	// TODO Windows: Remove this check once TP4 is no longer supported
+	osv, err := system.GetOSVersion()
+	if err != nil {
+		return nil, err
+	}
+
+	if osv.Build < 14260 {
+		// Set the name of the virtual switch if not specified by -b on daemon start
+		if config.bridgeConfig.Iface == "" {
+			config.bridgeConfig.Iface = defaultVirtualSwitch
+		}
+		logrus.Warnf("Network controller is not supported by the current platform build version")
+		return nil, nil
+	}
+
+	netOptions, err := daemon.networkOptions(config)
+	if err != nil {
+		return nil, err
+	}
+	controller, err := libnetwork.New(netOptions...)
+	if err != nil {
+		return nil, fmt.Errorf("error obtaining controller instance: %v", err)
+	}
+
+	hnsresponse, err := hcsshim.HNSListNetworkRequest("GET", "", "")
+	if err != nil {
+		return nil, err
+	}
+
+	// Remove networks not present in HNS
+	for _, v := range controller.Networks() {
+		options := v.Info().DriverOptions()
+		hnsid := options[winlibnetwork.HNSID]
+		found := false
+
+		for _, v := range hnsresponse {
+			if v.Id == hnsid {
+				found = true
+				break
+			}
+		}
+
+		if !found {
+			err = v.Delete()
+			if err != nil {
+				return nil, err
+			}
+		}
+	}
+
+	_, err = controller.NewNetwork("null", "none", libnetwork.NetworkOptionPersist(false))
+	if err != nil {
+		return nil, err
+	}
+
+	// discover and add HNS networks to windows
+	// network that exist are removed and added again
+	for _, v := range hnsresponse {
+		var n libnetwork.Network
+		s := func(current libnetwork.Network) bool {
+			options := current.Info().DriverOptions()
+			if options[winlibnetwork.HNSID] == v.Id {
+				n = current
+				return true
+			}
+			return false
+		}
+
+		controller.WalkNetworks(s)
+		if n != nil {
+			v.Name = n.Name()
+			n.Delete()
+		}
+
+		netOption := map[string]string{
+			winlibnetwork.NetworkName: v.Name,
+			winlibnetwork.HNSID:       v.Id,
+		}
+
+		v4Conf := []*libnetwork.IpamConf{}
+		for _, subnet := range v.Subnets {
+			ipamV4Conf := libnetwork.IpamConf{}
+			ipamV4Conf.PreferredPool = subnet.AddressPrefix
+			ipamV4Conf.Gateway = subnet.GatewayAddress
+			v4Conf = append(v4Conf, &ipamV4Conf)
+		}
+
+		name := v.Name
+		// There is only one nat network supported in windows.
+		// If it exists with a different name add it as the default name
+		if runconfig.DefaultDaemonNetworkMode() == containertypes.NetworkMode(strings.ToLower(v.Type)) {
+			name = runconfig.DefaultDaemonNetworkMode().NetworkName()
+		}
+
+		v6Conf := []*libnetwork.IpamConf{}
+		_, err := controller.NewNetwork(strings.ToLower(v.Type), name,
+			libnetwork.NetworkOptionGeneric(options.Generic{
+				netlabel.GenericData: netOption,
+			}),
+			libnetwork.NetworkOptionIpam("default", "", v4Conf, v6Conf, nil),
+		)
+
+		if err != nil {
+			logrus.Errorf("Error occurred when creating network %v", err)
+		}
+	}
+
+	if !config.DisableBridge {
+		// Initialize default driver "bridge"
+		if err := initBridgeDriver(controller, config); err != nil {
+			return nil, err
+		}
+	}
+
+	return controller, nil
+}
+
+func initBridgeDriver(controller libnetwork.NetworkController, config *Config) error {
+	if _, err := controller.NetworkByName(runconfig.DefaultDaemonNetworkMode().NetworkName()); err == nil {
+		return nil
+	}
+
+	netOption := map[string]string{
+		winlibnetwork.NetworkName: runconfig.DefaultDaemonNetworkMode().NetworkName(),
+	}
+
+	ipamV4Conf := libnetwork.IpamConf{}
+	if config.bridgeConfig.FixedCIDR == "" {
+		ipamV4Conf.PreferredPool = defaultNetworkSpace
+	} else {
+		ipamV4Conf.PreferredPool = config.bridgeConfig.FixedCIDR
+	}
+
+	v4Conf := []*libnetwork.IpamConf{&ipamV4Conf}
+	v6Conf := []*libnetwork.IpamConf{}
+
+	_, err := controller.NewNetwork(string(runconfig.DefaultDaemonNetworkMode()), runconfig.DefaultDaemonNetworkMode().NetworkName(),
+		libnetwork.NetworkOptionGeneric(options.Generic{
+			netlabel.GenericData: netOption,
+		}),
+		libnetwork.NetworkOptionIpam("default", "", v4Conf, v6Conf, nil),
+	)
+
+	if err != nil {
+		return fmt.Errorf("Error creating default network: %v", err)
+	}
+	return nil
+}
+
+// registerLinks sets up links between containers and writes the
+// configuration out for persistence. As of Windows TP4, links are not supported.
+func (daemon *Daemon) registerLinks(container *container.Container, hostConfig *containertypes.HostConfig) error {
+	return nil
+}
+
+func (daemon *Daemon) cleanupMountsByID(in string) error {
+	return nil
+}
+
+func (daemon *Daemon) cleanupMounts() error {
+	return nil
+}
+
+func setupRemappedRoot(config *Config) ([]idtools.IDMap, []idtools.IDMap, error) {
+	return nil, nil, nil
+}
+
+func setupDaemonRoot(config *Config, rootDir string, rootUID, rootGID int) error {
+	config.Root = rootDir
+	// Create the root directory if it doesn't exists
+	if err := system.MkdirAll(config.Root, 0700); err != nil && !os.IsExist(err) {
+		return err
+	}
+	return nil
+}
+
+// runasHyperVContainer returns true if we are going to run as a Hyper-V container
+func (daemon *Daemon) runAsHyperVContainer(container *container.Container) bool {
+	if container.HostConfig.Isolation.IsDefault() {
+		// Container is set to use the default, so take the default from the daemon configuration
+		return daemon.defaultIsolation.IsHyperV()
+	}
+
+	// Container is requesting an isolation mode. Honour it.
+	return container.HostConfig.Isolation.IsHyperV()
+
+}
+
+// conditionalMountOnStart is a platform specific helper function during the
+// container start to call mount.
+func (daemon *Daemon) conditionalMountOnStart(container *container.Container) error {
+	// We do not mount if a Hyper-V container
+	if !daemon.runAsHyperVContainer(container) {
+		return daemon.Mount(container)
+	}
+	return nil
+}
+
+// conditionalUnmountOnCleanup is a platform specific helper function called
+// during the cleanup of a container to unmount.
+func (daemon *Daemon) conditionalUnmountOnCleanup(container *container.Container) error {
+	// We do not unmount if a Hyper-V container
+	if !daemon.runAsHyperVContainer(container) {
+		return daemon.Unmount(container)
+	}
+	return nil
+}
+
+func restoreCustomImage(is image.Store, ls layer.Store, rs reference.Store) error {
+	type graphDriverStore interface {
+		GraphDriver() graphdriver.Driver
+	}
+
+	gds, ok := ls.(graphDriverStore)
+	if !ok {
+		return nil
+	}
+
+	driver := gds.GraphDriver()
+	wd, ok := driver.(*windows.Driver)
+	if !ok {
+		return nil
+	}
+
+	imageInfos, err := wd.GetCustomImageInfos()
+	if err != nil {
+		return err
+	}
+
+	// Convert imageData to valid image configuration
+	for i := range imageInfos {
+		name := strings.ToLower(imageInfos[i].Name)
+
+		type registrar interface {
+			RegisterDiffID(graphID string, size int64) (layer.Layer, error)
+		}
+		r, ok := ls.(registrar)
+		if !ok {
+			return errors.New("Layerstore doesn't support RegisterDiffID")
+		}
+		if _, err := r.RegisterDiffID(imageInfos[i].ID, imageInfos[i].Size); err != nil {
+			return err
+		}
+		// layer is intentionally not released
+
+		rootFS := image.NewRootFS()
+		rootFS.BaseLayer = filepath.Base(imageInfos[i].Path)
+
+		// Create history for base layer
+		config, err := json.Marshal(&image.Image{
+			V1Image: image.V1Image{
+				DockerVersion: dockerversion.Version,
+				Architecture:  runtime.GOARCH,
+				OS:            runtime.GOOS,
+				Created:       imageInfos[i].CreatedTime,
+			},
+			RootFS:  rootFS,
+			History: []image.History{},
+		})
+
+		named, err := reference.ParseNamed(name)
+		if err != nil {
+			return err
+		}
+
+		ref, err := reference.WithTag(named, imageInfos[i].Version)
+		if err != nil {
+			return err
+		}
+
+		id, err := is.Create(config)
+		if err != nil {
+			return err
+		}
+
+		if err := rs.AddTag(ref, id, true); err != nil {
+			return err
+		}
+
+		logrus.Debugf("Registered base layer %s as %s", ref, id)
+	}
+	return nil
+}
+
+func driverOptions(config *Config) []nwconfig.Option {
+	return []nwconfig.Option{}
+}
+
+func (daemon *Daemon) stats(c *container.Container) (*types.StatsJSON, error) {
+	return nil, nil
+}
+
+// setDefaultIsolation determine the default isolation mode for the
+// daemon to run in. This is only applicable on Windows
+func (daemon *Daemon) setDefaultIsolation() error {
+	daemon.defaultIsolation = containertypes.Isolation("process")
+	for _, option := range daemon.configStore.ExecOptions {
+		key, val, err := parsers.ParseKeyValueOpt(option)
+		if err != nil {
+			return err
+		}
+		key = strings.ToLower(key)
+		switch key {
+
+		case "isolation":
+			if !containertypes.Isolation(val).IsValid() {
+				return fmt.Errorf("Invalid exec-opt value for 'isolation':'%s'", val)
+			}
+			if containertypes.Isolation(val).IsHyperV() {
+				daemon.defaultIsolation = containertypes.Isolation("hyperv")
+			}
+		default:
+			return fmt.Errorf("Unrecognised exec-opt '%s'\n", key)
+		}
+	}
+
+	logrus.Infof("Windows default isolation mode: %s", daemon.defaultIsolation)
+	return nil
+}
+
+func rootFSToAPIType(rootfs *image.RootFS) types.RootFS {
+	var layers []string
+	for _, l := range rootfs.DiffIDs {
+		layers = append(layers, l.String())
+	}
+	return types.RootFS{
+		Type:      rootfs.Type,
+		Layers:    layers,
+		BaseLayer: rootfs.BaseLayer,
+	}
+}
diff --git a/daemon/debugtrap_unix.go b/daemon/debugtrap_unix.go
new file mode 100644
index 00000000..c4a11b07
--- /dev/null
+++ b/daemon/debugtrap_unix.go
@@ -0,0 +1,21 @@
+// +build !windows
+
+package daemon
+
+import (
+	"os"
+	"os/signal"
+	"syscall"
+
+	psignal "github.com/docker/docker/pkg/signal"
+)
+
+func setupDumpStackTrap() {
+	c := make(chan os.Signal, 1)
+	signal.Notify(c, syscall.SIGUSR1)
+	go func() {
+		for range c {
+			psignal.DumpStacks()
+		}
+	}()
+}
diff --git a/daemon/debugtrap_unsupported.go b/daemon/debugtrap_unsupported.go
new file mode 100644
index 00000000..fef1bd77
--- /dev/null
+++ b/daemon/debugtrap_unsupported.go
@@ -0,0 +1,7 @@
+// +build !linux,!darwin,!freebsd,!windows
+
+package daemon
+
+func setupDumpStackTrap() {
+	return
+}
diff --git a/daemon/debugtrap_windows.go b/daemon/debugtrap_windows.go
new file mode 100644
index 00000000..a981c1ea
--- /dev/null
+++ b/daemon/debugtrap_windows.go
@@ -0,0 +1,30 @@
+package daemon
+
+import (
+	"fmt"
+	"os"
+	"syscall"
+
+	"github.com/Sirupsen/logrus"
+	psignal "github.com/docker/docker/pkg/signal"
+	"github.com/docker/docker/pkg/system"
+)
+
+func setupDumpStackTrap() {
+	// Windows does not support signals like *nix systems. So instead of
+	// trapping on SIGUSR1 to dump stacks, we wait on a Win32 event to be
+	// signaled.
+	go func() {
+		sa := syscall.SecurityAttributes{
+			Length: 0,
+		}
+		ev := "Global\\docker-daemon-" + fmt.Sprint(os.Getpid())
+		if h, _ := system.CreateEvent(&sa, false, false, ev); h != 0 {
+			logrus.Debugf("Stackdump - waiting signal at %s", ev)
+			for {
+				syscall.WaitForSingleObject(h, syscall.INFINITE)
+				psignal.DumpStacks()
+			}
+		}
+	}()
+}
diff --git a/daemon/delete.go b/daemon/delete.go
new file mode 100644
index 00000000..ec9d5c5f
--- /dev/null
+++ b/daemon/delete.go
@@ -0,0 +1,157 @@
+package daemon
+
+import (
+	"fmt"
+	"os"
+	"path"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/errors"
+	"github.com/docker/docker/layer"
+	volumestore "github.com/docker/docker/volume/store"
+	"github.com/docker/engine-api/types"
+)
+
+// ContainerRm removes the container id from the filesystem. An error
+// is returned if the container is not found, or if the remove
+// fails. If the remove succeeds, the container name is released, and
+// network links are removed.
+func (daemon *Daemon) ContainerRm(name string, config *types.ContainerRmConfig) error {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return err
+	}
+
+	// Container state RemovalInProgress should be used to avoid races.
+	if inProgress := container.SetRemovalInProgress(); inProgress {
+		return nil
+	}
+	defer container.ResetRemovalInProgress()
+
+	// check if container wasn't deregistered by previous rm since Get
+	if c := daemon.containers.Get(container.ID); c == nil {
+		return nil
+	}
+
+	if config.RemoveLink {
+		return daemon.rmLink(container, name)
+	}
+
+	err = daemon.cleanupContainer(container, config.ForceRemove)
+	if err == nil || config.ForceRemove {
+		if e := daemon.removeMountPoints(container, config.RemoveVolume); e != nil {
+			logrus.Error(e)
+		}
+	}
+
+	return err
+}
+
+func (daemon *Daemon) rmLink(container *container.Container, name string) error {
+	if name[0] != '/' {
+		name = "/" + name
+	}
+	parent, n := path.Split(name)
+	if parent == "/" {
+		return fmt.Errorf("Conflict, cannot remove the default name of the container")
+	}
+
+	parent = strings.TrimSuffix(parent, "/")
+	pe, err := daemon.nameIndex.Get(parent)
+	if err != nil {
+		return fmt.Errorf("Cannot get parent %s for name %s", parent, name)
+	}
+
+	daemon.releaseName(name)
+	parentContainer, _ := daemon.GetContainer(pe)
+	if parentContainer != nil {
+		daemon.linkIndex.unlink(name, container, parentContainer)
+		if err := daemon.updateNetwork(parentContainer); err != nil {
+			logrus.Debugf("Could not update network to remove link %s: %v", n, err)
+		}
+	}
+	return nil
+}
+
+// cleanupContainer unregisters a container from the daemon, stops stats
+// collection and cleanly removes contents and metadata from the filesystem.
+func (daemon *Daemon) cleanupContainer(container *container.Container, forceRemove bool) (err error) {
+	if container.IsRunning() {
+		if !forceRemove {
+			err := fmt.Errorf("You cannot remove a running container %s. Stop the container before attempting removal or use -f", container.ID)
+			return errors.NewRequestConflictError(err)
+		}
+		if err := daemon.Kill(container); err != nil {
+			return fmt.Errorf("Could not kill running container %s, cannot remove - %v", container.ID, err)
+		}
+	}
+
+	// stop collection of stats for the container regardless
+	// if stats are currently getting collected.
+	daemon.statsCollector.stopCollection(container)
+
+	if err = daemon.containerStop(container, 3); err != nil {
+		return err
+	}
+
+	// Mark container dead. We don't want anybody to be restarting it.
+	container.SetDead()
+
+	// Save container state to disk. So that if error happens before
+	// container meta file got removed from disk, then a restart of
+	// docker should not make a dead container alive.
+	if err := container.ToDiskLocking(); err != nil && !os.IsNotExist(err) {
+		logrus.Errorf("Error saving dying container to disk: %v", err)
+	}
+
+	// If force removal is required, delete container from various
+	// indexes even if removal failed.
+	defer func() {
+		if err == nil || forceRemove {
+			daemon.nameIndex.Delete(container.ID)
+			daemon.linkIndex.delete(container)
+			selinuxFreeLxcContexts(container.ProcessLabel)
+			daemon.idIndex.Delete(container.ID)
+			daemon.containers.Delete(container.ID)
+			daemon.LogContainerEvent(container, "destroy")
+		}
+	}()
+
+	if err = os.RemoveAll(container.Root); err != nil {
+		return fmt.Errorf("Unable to remove filesystem for %v: %v", container.ID, err)
+	}
+
+	// When container creation fails and `RWLayer` has not been created yet, we
+	// do not call `ReleaseRWLayer`
+	if container.RWLayer != nil {
+		metadata, err := daemon.layerStore.ReleaseRWLayer(container.RWLayer)
+		layer.LogReleaseMetadata(metadata)
+		if err != nil && err != layer.ErrMountDoesNotExist {
+			return fmt.Errorf("Driver %s failed to remove root filesystem %s: %s", daemon.GraphDriverName(), container.ID, err)
+		}
+	}
+
+	return nil
+}
+
+// VolumeRm removes the volume with the given name.
+// If the volume is referenced by a container it is not removed
+// This is called directly from the remote API
+func (daemon *Daemon) VolumeRm(name string) error {
+	v, err := daemon.volumes.Get(name)
+	if err != nil {
+		return err
+	}
+
+	if err := daemon.volumes.Remove(v); err != nil {
+		if volumestore.IsInUse(err) {
+			err := fmt.Errorf("Unable to remove volume, volume still in use: %v", err)
+			return errors.NewRequestConflictError(err)
+		}
+		return fmt.Errorf("Error while removing volume %s: %v", name, err)
+	}
+	daemon.LogVolumeEvent(v.Name(), "destroy", map[string]string{"driver": v.DriverName()})
+	return nil
+}
diff --git a/daemon/delete_test.go b/daemon/delete_test.go
new file mode 100644
index 00000000..adce2eb8
--- /dev/null
+++ b/daemon/delete_test.go
@@ -0,0 +1,42 @@
+package daemon
+
+import (
+	"io/ioutil"
+	"os"
+	"testing"
+
+	"github.com/docker/docker/container"
+	"github.com/docker/engine-api/types"
+	containertypes "github.com/docker/engine-api/types/container"
+)
+
+func TestContainerDoubleDelete(t *testing.T) {
+	tmp, err := ioutil.TempDir("", "docker-daemon-unix-test-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmp)
+	daemon := &Daemon{
+		repository: tmp,
+		root:       tmp,
+	}
+	daemon.containers = container.NewMemoryStore()
+
+	container := &container.Container{
+		CommonContainer: container.CommonContainer{
+			ID:     "test",
+			State:  container.NewState(),
+			Config: &containertypes.Config{},
+		},
+	}
+	daemon.containers.Add(container.ID, container)
+
+	// Mark the container as having a delete in progress
+	container.SetRemovalInProgress()
+
+	// Try to remove the container when it's start is removalInProgress.
+	// It should ignore the container and not return an error.
+	if err := daemon.ContainerRm(container.ID, &types.ContainerRmConfig{ForceRemove: true}); err != nil {
+		t.Fatal(err)
+	}
+}
diff --git a/daemon/discovery.go b/daemon/discovery.go
new file mode 100644
index 00000000..30d2e02a
--- /dev/null
+++ b/daemon/discovery.go
@@ -0,0 +1,203 @@
+package daemon
+
+import (
+	"errors"
+	"fmt"
+	"reflect"
+	"strconv"
+	"time"
+
+	log "github.com/Sirupsen/logrus"
+	"github.com/docker/docker/pkg/discovery"
+
+	// Register the libkv backends for discovery.
+	_ "github.com/docker/docker/pkg/discovery/kv"
+)
+
+const (
+	// defaultDiscoveryHeartbeat is the default value for discovery heartbeat interval.
+	defaultDiscoveryHeartbeat = 20 * time.Second
+	// defaultDiscoveryTTLFactor is the default TTL factor for discovery
+	defaultDiscoveryTTLFactor = 3
+)
+
+var errDiscoveryDisabled = errors.New("discovery is disabled")
+
+type discoveryReloader interface {
+	discovery.Watcher
+	Stop()
+	Reload(backend, address string, clusterOpts map[string]string) error
+	ReadyCh() <-chan struct{}
+}
+
+type daemonDiscoveryReloader struct {
+	backend discovery.Backend
+	ticker  *time.Ticker
+	term    chan bool
+	readyCh chan struct{}
+}
+
+func (d *daemonDiscoveryReloader) Watch(stopCh <-chan struct{}) (<-chan discovery.Entries, <-chan error) {
+	return d.backend.Watch(stopCh)
+}
+
+func (d *daemonDiscoveryReloader) ReadyCh() <-chan struct{} {
+	return d.readyCh
+}
+
+func discoveryOpts(clusterOpts map[string]string) (time.Duration, time.Duration, error) {
+	var (
+		heartbeat = defaultDiscoveryHeartbeat
+		ttl       = defaultDiscoveryTTLFactor * defaultDiscoveryHeartbeat
+	)
+
+	if hb, ok := clusterOpts["discovery.heartbeat"]; ok {
+		h, err := strconv.Atoi(hb)
+		if err != nil {
+			return time.Duration(0), time.Duration(0), err
+		}
+		heartbeat = time.Duration(h) * time.Second
+		ttl = defaultDiscoveryTTLFactor * heartbeat
+	}
+
+	if tstr, ok := clusterOpts["discovery.ttl"]; ok {
+		t, err := strconv.Atoi(tstr)
+		if err != nil {
+			return time.Duration(0), time.Duration(0), err
+		}
+		ttl = time.Duration(t) * time.Second
+
+		if _, ok := clusterOpts["discovery.heartbeat"]; !ok {
+			h := int(t / defaultDiscoveryTTLFactor)
+			heartbeat = time.Duration(h) * time.Second
+		}
+
+		if ttl <= heartbeat {
+			return time.Duration(0), time.Duration(0),
+				fmt.Errorf("discovery.ttl timer must be greater than discovery.heartbeat")
+		}
+	}
+
+	return heartbeat, ttl, nil
+}
+
+// initDiscovery initializes the nodes discovery subsystem by connecting to the specified backend
+// and starts a registration loop to advertise the current node under the specified address.
+func initDiscovery(backendAddress, advertiseAddress string, clusterOpts map[string]string) (discoveryReloader, error) {
+	heartbeat, backend, err := parseDiscoveryOptions(backendAddress, clusterOpts)
+	if err != nil {
+		return nil, err
+	}
+
+	reloader := &daemonDiscoveryReloader{
+		backend: backend,
+		ticker:  time.NewTicker(heartbeat),
+		term:    make(chan bool),
+		readyCh: make(chan struct{}),
+	}
+	// We call Register() on the discovery backend in a loop for the whole lifetime of the daemon,
+	// but we never actually Watch() for nodes appearing and disappearing for the moment.
+	go reloader.advertiseHeartbeat(advertiseAddress)
+	return reloader, nil
+}
+
+// advertiseHeartbeat registers the current node against the discovery backend using the specified
+// address. The function never returns, as registration against the backend comes with a TTL and
+// requires regular heartbeats.
+func (d *daemonDiscoveryReloader) advertiseHeartbeat(address string) {
+	var ready bool
+	if err := d.initHeartbeat(address); err == nil {
+		ready = true
+		close(d.readyCh)
+	}
+
+	for {
+		select {
+		case <-d.ticker.C:
+			if err := d.backend.Register(address); err != nil {
+				log.Warnf("Registering as %q in discovery failed: %v", address, err)
+			} else {
+				if !ready {
+					close(d.readyCh)
+					ready = true
+				}
+			}
+		case <-d.term:
+			return
+		}
+	}
+}
+
+// initHeartbeat is used to do the first heartbeat. It uses a tight loop until
+// either the timeout period is reached or the heartbeat is successful and returns.
+func (d *daemonDiscoveryReloader) initHeartbeat(address string) error {
+	// Setup a short ticker until the first heartbeat has succeeded
+	t := time.NewTicker(500 * time.Millisecond)
+	defer t.Stop()
+	// timeout makes sure that after a period of time we stop being so aggressive trying to reach the discovery service
+	timeout := time.After(60 * time.Second)
+
+	for {
+		select {
+		case <-timeout:
+			return errors.New("timeout waiting for initial discovery")
+		case <-d.term:
+			return errors.New("terminated")
+		case <-t.C:
+			if err := d.backend.Register(address); err == nil {
+				return nil
+			}
+		}
+	}
+}
+
+// Reload makes the watcher to stop advertising and reconfigures it to advertise in a new address.
+func (d *daemonDiscoveryReloader) Reload(backendAddress, advertiseAddress string, clusterOpts map[string]string) error {
+	d.Stop()
+
+	heartbeat, backend, err := parseDiscoveryOptions(backendAddress, clusterOpts)
+	if err != nil {
+		return err
+	}
+
+	d.backend = backend
+	d.ticker = time.NewTicker(heartbeat)
+	d.readyCh = make(chan struct{})
+
+	go d.advertiseHeartbeat(advertiseAddress)
+	return nil
+}
+
+// Stop terminates the discovery advertising.
+func (d *daemonDiscoveryReloader) Stop() {
+	d.ticker.Stop()
+	d.term <- true
+}
+
+func parseDiscoveryOptions(backendAddress string, clusterOpts map[string]string) (time.Duration, discovery.Backend, error) {
+	heartbeat, ttl, err := discoveryOpts(clusterOpts)
+	if err != nil {
+		return 0, nil, err
+	}
+
+	backend, err := discovery.New(backendAddress, heartbeat, ttl, clusterOpts)
+	if err != nil {
+		return 0, nil, err
+	}
+	return heartbeat, backend, nil
+}
+
+// modifiedDiscoverySettings returns whether the discovery configuration has been modified or not.
+func modifiedDiscoverySettings(config *Config, backendType, advertise string, clusterOpts map[string]string) bool {
+	if config.ClusterStore != backendType || config.ClusterAdvertise != advertise {
+		return true
+	}
+
+	if (config.ClusterOpts == nil && clusterOpts == nil) ||
+		(config.ClusterOpts == nil && len(clusterOpts) == 0) ||
+		(len(config.ClusterOpts) == 0 && clusterOpts == nil) {
+		return false
+	}
+
+	return !reflect.DeepEqual(config.ClusterOpts, clusterOpts)
+}
diff --git a/daemon/discovery_test.go b/daemon/discovery_test.go
new file mode 100644
index 00000000..1764af1e
--- /dev/null
+++ b/daemon/discovery_test.go
@@ -0,0 +1,152 @@
+package daemon
+
+import (
+	"testing"
+	"time"
+)
+
+func TestDiscoveryOpts(t *testing.T) {
+	clusterOpts := map[string]string{"discovery.heartbeat": "10", "discovery.ttl": "5"}
+	heartbeat, ttl, err := discoveryOpts(clusterOpts)
+	if err == nil {
+		t.Fatalf("discovery.ttl < discovery.heartbeat must fail")
+	}
+
+	clusterOpts = map[string]string{"discovery.heartbeat": "10", "discovery.ttl": "10"}
+	heartbeat, ttl, err = discoveryOpts(clusterOpts)
+	if err == nil {
+		t.Fatalf("discovery.ttl == discovery.heartbeat must fail")
+	}
+
+	clusterOpts = map[string]string{"discovery.heartbeat": "invalid"}
+	heartbeat, ttl, err = discoveryOpts(clusterOpts)
+	if err == nil {
+		t.Fatalf("invalid discovery.heartbeat must fail")
+	}
+
+	clusterOpts = map[string]string{"discovery.ttl": "invalid"}
+	heartbeat, ttl, err = discoveryOpts(clusterOpts)
+	if err == nil {
+		t.Fatalf("invalid discovery.ttl must fail")
+	}
+
+	clusterOpts = map[string]string{"discovery.heartbeat": "10", "discovery.ttl": "20"}
+	heartbeat, ttl, err = discoveryOpts(clusterOpts)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if heartbeat != 10*time.Second {
+		t.Fatalf("Heatbeat - Expected : %v, Actual : %v", 10*time.Second, heartbeat)
+	}
+
+	if ttl != 20*time.Second {
+		t.Fatalf("TTL - Expected : %v, Actual : %v", 20*time.Second, ttl)
+	}
+
+	clusterOpts = map[string]string{"discovery.heartbeat": "10"}
+	heartbeat, ttl, err = discoveryOpts(clusterOpts)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if heartbeat != 10*time.Second {
+		t.Fatalf("Heatbeat - Expected : %v, Actual : %v", 10*time.Second, heartbeat)
+	}
+
+	expected := 10 * defaultDiscoveryTTLFactor * time.Second
+	if ttl != expected {
+		t.Fatalf("TTL - Expected : %v, Actual : %v", expected, ttl)
+	}
+
+	clusterOpts = map[string]string{"discovery.ttl": "30"}
+	heartbeat, ttl, err = discoveryOpts(clusterOpts)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if ttl != 30*time.Second {
+		t.Fatalf("TTL - Expected : %v, Actual : %v", 30*time.Second, ttl)
+	}
+
+	expected = 30 * time.Second / defaultDiscoveryTTLFactor
+	if heartbeat != expected {
+		t.Fatalf("Heatbeat - Expected : %v, Actual : %v", expected, heartbeat)
+	}
+
+	clusterOpts = map[string]string{}
+	heartbeat, ttl, err = discoveryOpts(clusterOpts)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if heartbeat != defaultDiscoveryHeartbeat {
+		t.Fatalf("Heatbeat - Expected : %v, Actual : %v", defaultDiscoveryHeartbeat, heartbeat)
+	}
+
+	expected = defaultDiscoveryHeartbeat * defaultDiscoveryTTLFactor
+	if ttl != expected {
+		t.Fatalf("TTL - Expected : %v, Actual : %v", expected, ttl)
+	}
+}
+
+func TestModifiedDiscoverySettings(t *testing.T) {
+	cases := []struct {
+		current  *Config
+		modified *Config
+		expected bool
+	}{
+		{
+			current:  discoveryConfig("foo", "bar", map[string]string{}),
+			modified: discoveryConfig("foo", "bar", map[string]string{}),
+			expected: false,
+		},
+		{
+			current:  discoveryConfig("foo", "bar", map[string]string{"foo": "bar"}),
+			modified: discoveryConfig("foo", "bar", map[string]string{"foo": "bar"}),
+			expected: false,
+		},
+		{
+			current:  discoveryConfig("foo", "bar", map[string]string{}),
+			modified: discoveryConfig("foo", "bar", nil),
+			expected: false,
+		},
+		{
+			current:  discoveryConfig("foo", "bar", nil),
+			modified: discoveryConfig("foo", "bar", map[string]string{}),
+			expected: false,
+		},
+		{
+			current:  discoveryConfig("foo", "bar", nil),
+			modified: discoveryConfig("baz", "bar", nil),
+			expected: true,
+		},
+		{
+			current:  discoveryConfig("foo", "bar", nil),
+			modified: discoveryConfig("foo", "baz", nil),
+			expected: true,
+		},
+		{
+			current:  discoveryConfig("foo", "bar", nil),
+			modified: discoveryConfig("foo", "bar", map[string]string{"foo": "bar"}),
+			expected: true,
+		},
+	}
+
+	for _, c := range cases {
+		got := modifiedDiscoverySettings(c.current, c.modified.ClusterStore, c.modified.ClusterAdvertise, c.modified.ClusterOpts)
+		if c.expected != got {
+			t.Fatalf("expected %v, got %v: current config %v, new config %v", c.expected, got, c.current, c.modified)
+		}
+	}
+}
+
+func discoveryConfig(backendAddr, advertiseAddr string, opts map[string]string) *Config {
+	return &Config{
+		CommonConfig: CommonConfig{
+			ClusterStore:     backendAddr,
+			ClusterAdvertise: advertiseAddr,
+			ClusterOpts:      opts,
+		},
+	}
+}
diff --git a/daemon/errors.go b/daemon/errors.go
new file mode 100644
index 00000000..131c9a1e
--- /dev/null
+++ b/daemon/errors.go
@@ -0,0 +1,57 @@
+package daemon
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/docker/docker/errors"
+	"github.com/docker/docker/reference"
+)
+
+func (d *Daemon) imageNotExistToErrcode(err error) error {
+	if dne, isDNE := err.(ErrImageDoesNotExist); isDNE {
+		if strings.Contains(dne.RefOrID, "@") {
+			e := fmt.Errorf("No such image: %s", dne.RefOrID)
+			return errors.NewRequestNotFoundError(e)
+		}
+		tag := reference.DefaultTag
+		ref, err := reference.ParseNamed(dne.RefOrID)
+		if err != nil {
+			e := fmt.Errorf("No such image: %s:%s", dne.RefOrID, tag)
+			return errors.NewRequestNotFoundError(e)
+		}
+		if tagged, isTagged := ref.(reference.NamedTagged); isTagged {
+			tag = tagged.Tag()
+		}
+		e := fmt.Errorf("No such image: %s:%s", ref.Name(), tag)
+		return errors.NewRequestNotFoundError(e)
+	}
+	return err
+}
+
+type errNotRunning struct {
+	containerID string
+}
+
+func (e errNotRunning) Error() string {
+	return fmt.Sprintf("Container %s is not running", e.containerID)
+}
+
+func (e errNotRunning) ContainerIsRunning() bool {
+	return false
+}
+
+func errContainerIsRestarting(containerID string) error {
+	err := fmt.Errorf("Container %s is restarting, wait until the container is running", containerID)
+	return errors.NewRequestConflictError(err)
+}
+
+func errExecNotFound(id string) error {
+	err := fmt.Errorf("No such exec instance '%s' found in daemon", id)
+	return errors.NewRequestNotFoundError(err)
+}
+
+func errExecPaused(id string) error {
+	err := fmt.Errorf("Container %s is paused, unpause the container before exec", id)
+	return errors.NewRequestConflictError(err)
+}
diff --git a/daemon/events.go b/daemon/events.go
new file mode 100644
index 00000000..0ce0eaf0
--- /dev/null
+++ b/daemon/events.go
@@ -0,0 +1,88 @@
+package daemon
+
+import (
+	"strings"
+
+	"github.com/docker/docker/container"
+	"github.com/docker/engine-api/types/events"
+	"github.com/docker/libnetwork"
+)
+
+// LogContainerEvent generates an event related to a container with only the default attributes.
+func (daemon *Daemon) LogContainerEvent(container *container.Container, action string) {
+	daemon.LogContainerEventWithAttributes(container, action, map[string]string{})
+}
+
+// LogContainerEventWithAttributes generates an event related to a container with specific given attributes.
+func (daemon *Daemon) LogContainerEventWithAttributes(container *container.Container, action string, attributes map[string]string) {
+	copyAttributes(attributes, container.Config.Labels)
+	if container.Config.Image != "" {
+		attributes["image"] = container.Config.Image
+	}
+	attributes["name"] = strings.TrimLeft(container.Name, "/")
+
+	actor := events.Actor{
+		ID:         container.ID,
+		Attributes: attributes,
+	}
+	daemon.EventsService.Log(action, events.ContainerEventType, actor)
+}
+
+// LogImageEvent generates an event related to a container with only the default attributes.
+func (daemon *Daemon) LogImageEvent(imageID, refName, action string) {
+	daemon.LogImageEventWithAttributes(imageID, refName, action, map[string]string{})
+}
+
+// LogImageEventWithAttributes generates an event related to a container with specific given attributes.
+func (daemon *Daemon) LogImageEventWithAttributes(imageID, refName, action string, attributes map[string]string) {
+	img, err := daemon.GetImage(imageID)
+	if err == nil && img.Config != nil {
+		// image has not been removed yet.
+		// it could be missing if the event is `delete`.
+		copyAttributes(attributes, img.Config.Labels)
+	}
+	if refName != "" {
+		attributes["name"] = refName
+	}
+	actor := events.Actor{
+		ID:         imageID,
+		Attributes: attributes,
+	}
+
+	daemon.EventsService.Log(action, events.ImageEventType, actor)
+}
+
+// LogVolumeEvent generates an event related to a volume.
+func (daemon *Daemon) LogVolumeEvent(volumeID, action string, attributes map[string]string) {
+	actor := events.Actor{
+		ID:         volumeID,
+		Attributes: attributes,
+	}
+	daemon.EventsService.Log(action, events.VolumeEventType, actor)
+}
+
+// LogNetworkEvent generates an event related to a network with only the default attributes.
+func (daemon *Daemon) LogNetworkEvent(nw libnetwork.Network, action string) {
+	daemon.LogNetworkEventWithAttributes(nw, action, map[string]string{})
+}
+
+// LogNetworkEventWithAttributes generates an event related to a network with specific given attributes.
+func (daemon *Daemon) LogNetworkEventWithAttributes(nw libnetwork.Network, action string, attributes map[string]string) {
+	attributes["name"] = nw.Name()
+	attributes["type"] = nw.Type()
+	actor := events.Actor{
+		ID:         nw.ID(),
+		Attributes: attributes,
+	}
+	daemon.EventsService.Log(action, events.NetworkEventType, actor)
+}
+
+// copyAttributes guarantees that labels are not mutated by event triggers.
+func copyAttributes(attributes, labels map[string]string) {
+	if labels == nil {
+		return
+	}
+	for k, v := range labels {
+		attributes[k] = v
+	}
+}
diff --git a/daemon/events/events.go b/daemon/events/events.go
new file mode 100644
index 00000000..ac1c98cd
--- /dev/null
+++ b/daemon/events/events.go
@@ -0,0 +1,142 @@
+package events
+
+import (
+	"sync"
+	"time"
+
+	"github.com/docker/docker/pkg/pubsub"
+	eventtypes "github.com/docker/engine-api/types/events"
+)
+
+const (
+	eventsLimit = 64
+	bufferSize  = 1024
+)
+
+// Events is pubsub channel for events generated by the engine.
+type Events struct {
+	mu     sync.Mutex
+	events []eventtypes.Message
+	pub    *pubsub.Publisher
+}
+
+// New returns new *Events instance
+func New() *Events {
+	return &Events{
+		events: make([]eventtypes.Message, 0, eventsLimit),
+		pub:    pubsub.NewPublisher(100*time.Millisecond, bufferSize),
+	}
+}
+
+// Subscribe adds new listener to events, returns slice of 64 stored
+// last events, a channel in which you can expect new events (in form
+// of interface{}, so you need type assertion), and a function to call
+// to stop the stream of events.
+func (e *Events) Subscribe() ([]eventtypes.Message, chan interface{}, func()) {
+	e.mu.Lock()
+	current := make([]eventtypes.Message, len(e.events))
+	copy(current, e.events)
+	l := e.pub.Subscribe()
+	e.mu.Unlock()
+
+	cancel := func() {
+		e.Evict(l)
+	}
+	return current, l, cancel
+}
+
+// SubscribeTopic adds new listener to events, returns slice of 64 stored
+// last events, a channel in which you can expect new events (in form
+// of interface{}, so you need type assertion).
+func (e *Events) SubscribeTopic(since, sinceNano int64, ef *Filter) ([]eventtypes.Message, chan interface{}) {
+	e.mu.Lock()
+
+	var topic func(m interface{}) bool
+	if ef != nil && ef.filter.Len() > 0 {
+		topic = func(m interface{}) bool { return ef.Include(m.(eventtypes.Message)) }
+	}
+
+	buffered := e.loadBufferedEvents(since, sinceNano, topic)
+
+	var ch chan interface{}
+	if topic != nil {
+		ch = e.pub.SubscribeTopic(topic)
+	} else {
+		// Subscribe to all events if there are no filters
+		ch = e.pub.Subscribe()
+	}
+
+	e.mu.Unlock()
+	return buffered, ch
+}
+
+// Evict evicts listener from pubsub
+func (e *Events) Evict(l chan interface{}) {
+	e.pub.Evict(l)
+}
+
+// Log broadcasts event to listeners. Each listener has 100 millisecond for
+// receiving event or it will be skipped.
+func (e *Events) Log(action, eventType string, actor eventtypes.Actor) {
+	now := time.Now().UTC()
+	jm := eventtypes.Message{
+		Action:   action,
+		Type:     eventType,
+		Actor:    actor,
+		Time:     now.Unix(),
+		TimeNano: now.UnixNano(),
+	}
+
+	// fill deprecated fields for container and images
+	switch eventType {
+	case eventtypes.ContainerEventType:
+		jm.ID = actor.ID
+		jm.Status = action
+		jm.From = actor.Attributes["image"]
+	case eventtypes.ImageEventType:
+		jm.ID = actor.ID
+		jm.Status = action
+	}
+
+	e.mu.Lock()
+	if len(e.events) == cap(e.events) {
+		// discard oldest event
+		copy(e.events, e.events[1:])
+		e.events[len(e.events)-1] = jm
+	} else {
+		e.events = append(e.events, jm)
+	}
+	e.mu.Unlock()
+	e.pub.Publish(jm)
+}
+
+// SubscribersCount returns number of event listeners
+func (e *Events) SubscribersCount() int {
+	return e.pub.Len()
+}
+
+// loadBufferedEvents iterates over the cached events in the buffer
+// and returns those that were emitted before a specific date.
+// The date is splitted in two values:
+//   - the `since` argument is a date timestamp without nanoseconds, or -1 to return an empty slice.
+//   - the `sinceNano` argument is the nanoseconds offset from the timestamp.
+// It uses `time.Unix(seconds, nanoseconds)` to generate a valid date with those two first arguments.
+// It filters those buffered messages with a topic function if it's not nil, otherwise it adds all messages.
+func (e *Events) loadBufferedEvents(since, sinceNano int64, topic func(interface{}) bool) []eventtypes.Message {
+	var buffered []eventtypes.Message
+	if since == -1 {
+		return buffered
+	}
+
+	sinceNanoUnix := time.Unix(since, sinceNano).UnixNano()
+	for i := len(e.events) - 1; i >= 0; i-- {
+		ev := e.events[i]
+		if ev.TimeNano < sinceNanoUnix {
+			break
+		}
+		if topic == nil || topic(ev) {
+			buffered = append([]eventtypes.Message{ev}, buffered...)
+		}
+	}
+	return buffered
+}
diff --git a/daemon/events/events_test.go b/daemon/events/events_test.go
new file mode 100644
index 00000000..5fd577b9
--- /dev/null
+++ b/daemon/events/events_test.go
@@ -0,0 +1,196 @@
+package events
+
+import (
+	"fmt"
+	"testing"
+	"time"
+
+	"github.com/docker/docker/daemon/events/testutils"
+	"github.com/docker/engine-api/types/events"
+	timetypes "github.com/docker/engine-api/types/time"
+)
+
+func TestEventsLog(t *testing.T) {
+	e := New()
+	_, l1, _ := e.Subscribe()
+	_, l2, _ := e.Subscribe()
+	defer e.Evict(l1)
+	defer e.Evict(l2)
+	count := e.SubscribersCount()
+	if count != 2 {
+		t.Fatalf("Must be 2 subscribers, got %d", count)
+	}
+	actor := events.Actor{
+		ID:         "cont",
+		Attributes: map[string]string{"image": "image"},
+	}
+	e.Log("test", events.ContainerEventType, actor)
+	select {
+	case msg := <-l1:
+		jmsg, ok := msg.(events.Message)
+		if !ok {
+			t.Fatalf("Unexpected type %T", msg)
+		}
+		if len(e.events) != 1 {
+			t.Fatalf("Must be only one event, got %d", len(e.events))
+		}
+		if jmsg.Status != "test" {
+			t.Fatalf("Status should be test, got %s", jmsg.Status)
+		}
+		if jmsg.ID != "cont" {
+			t.Fatalf("ID should be cont, got %s", jmsg.ID)
+		}
+		if jmsg.From != "image" {
+			t.Fatalf("From should be image, got %s", jmsg.From)
+		}
+	case <-time.After(1 * time.Second):
+		t.Fatal("Timeout waiting for broadcasted message")
+	}
+	select {
+	case msg := <-l2:
+		jmsg, ok := msg.(events.Message)
+		if !ok {
+			t.Fatalf("Unexpected type %T", msg)
+		}
+		if len(e.events) != 1 {
+			t.Fatalf("Must be only one event, got %d", len(e.events))
+		}
+		if jmsg.Status != "test" {
+			t.Fatalf("Status should be test, got %s", jmsg.Status)
+		}
+		if jmsg.ID != "cont" {
+			t.Fatalf("ID should be cont, got %s", jmsg.ID)
+		}
+		if jmsg.From != "image" {
+			t.Fatalf("From should be image, got %s", jmsg.From)
+		}
+	case <-time.After(1 * time.Second):
+		t.Fatal("Timeout waiting for broadcasted message")
+	}
+}
+
+func TestEventsLogTimeout(t *testing.T) {
+	e := New()
+	_, l, _ := e.Subscribe()
+	defer e.Evict(l)
+
+	c := make(chan struct{})
+	go func() {
+		actor := events.Actor{
+			ID: "image",
+		}
+		e.Log("test", events.ImageEventType, actor)
+		close(c)
+	}()
+
+	select {
+	case <-c:
+	case <-time.After(time.Second):
+		t.Fatal("Timeout publishing message")
+	}
+}
+
+func TestLogEvents(t *testing.T) {
+	e := New()
+
+	for i := 0; i < eventsLimit+16; i++ {
+		action := fmt.Sprintf("action_%d", i)
+		id := fmt.Sprintf("cont_%d", i)
+		from := fmt.Sprintf("image_%d", i)
+
+		actor := events.Actor{
+			ID:         id,
+			Attributes: map[string]string{"image": from},
+		}
+		e.Log(action, events.ContainerEventType, actor)
+	}
+	time.Sleep(50 * time.Millisecond)
+	current, l, _ := e.Subscribe()
+	for i := 0; i < 10; i++ {
+		num := i + eventsLimit + 16
+		action := fmt.Sprintf("action_%d", num)
+		id := fmt.Sprintf("cont_%d", num)
+		from := fmt.Sprintf("image_%d", num)
+
+		actor := events.Actor{
+			ID:         id,
+			Attributes: map[string]string{"image": from},
+		}
+		e.Log(action, events.ContainerEventType, actor)
+	}
+	if len(e.events) != eventsLimit {
+		t.Fatalf("Must be %d events, got %d", eventsLimit, len(e.events))
+	}
+
+	var msgs []events.Message
+	for len(msgs) < 10 {
+		m := <-l
+		jm, ok := (m).(events.Message)
+		if !ok {
+			t.Fatalf("Unexpected type %T", m)
+		}
+		msgs = append(msgs, jm)
+	}
+	if len(current) != eventsLimit {
+		t.Fatalf("Must be %d events, got %d", eventsLimit, len(current))
+	}
+	first := current[0]
+	if first.Status != "action_16" {
+		t.Fatalf("First action is %s, must be action_16", first.Status)
+	}
+	last := current[len(current)-1]
+	if last.Status != "action_79" {
+		t.Fatalf("Last action is %s, must be action_79", last.Status)
+	}
+
+	firstC := msgs[0]
+	if firstC.Status != "action_80" {
+		t.Fatalf("First action is %s, must be action_80", firstC.Status)
+	}
+	lastC := msgs[len(msgs)-1]
+	if lastC.Status != "action_89" {
+		t.Fatalf("Last action is %s, must be action_89", lastC.Status)
+	}
+}
+
+// https://github.com/docker/docker/issues/20999
+// Fixtures:
+//
+//2016-03-07T17:28:03.022433271+02:00 container die 0b863f2a26c18557fc6cdadda007c459f9ec81b874780808138aea78a3595079 (image=ubuntu, name=small_hoover)
+//2016-03-07T17:28:03.091719377+02:00 network disconnect 19c5ed41acb798f26b751e0035cd7821741ab79e2bbd59a66b5fd8abf954eaa0 (type=bridge, container=0b863f2a26c18557fc6cdadda007c459f9ec81b874780808138aea78a3595079, name=bridge)
+//2016-03-07T17:28:03.129014751+02:00 container destroy 0b863f2a26c18557fc6cdadda007c459f9ec81b874780808138aea78a3595079 (image=ubuntu, name=small_hoover)
+func TestLoadBufferedEvents(t *testing.T) {
+	now := time.Now()
+	f, err := timetypes.GetTimestamp("2016-03-07T17:28:03.100000000+02:00", now)
+	if err != nil {
+		t.Fatal(err)
+	}
+	since, sinceNano, err := timetypes.ParseTimestamps(f, -1)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	m1, err := eventstestutils.Scan("2016-03-07T17:28:03.022433271+02:00 container die 0b863f2a26c18557fc6cdadda007c459f9ec81b874780808138aea78a3595079 (image=ubuntu, name=small_hoover)")
+	if err != nil {
+		t.Fatal(err)
+	}
+	m2, err := eventstestutils.Scan("2016-03-07T17:28:03.091719377+02:00 network disconnect 19c5ed41acb798f26b751e0035cd7821741ab79e2bbd59a66b5fd8abf954eaa0 (type=bridge, container=0b863f2a26c18557fc6cdadda007c459f9ec81b874780808138aea78a3595079, name=bridge)")
+	if err != nil {
+		t.Fatal(err)
+	}
+	m3, err := eventstestutils.Scan("2016-03-07T17:28:03.129014751+02:00 container destroy 0b863f2a26c18557fc6cdadda007c459f9ec81b874780808138aea78a3595079 (image=ubuntu, name=small_hoover)")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	buffered := []events.Message{*m1, *m2, *m3}
+
+	events := &Events{
+		events: buffered,
+	}
+
+	out := events.loadBufferedEvents(since, sinceNano, nil)
+	if len(out) != 1 {
+		t.Fatalf("expected 1 message, got %d: %v", len(out), out)
+	}
+}
diff --git a/daemon/events/filter.go b/daemon/events/filter.go
new file mode 100644
index 00000000..8936e371
--- /dev/null
+++ b/daemon/events/filter.go
@@ -0,0 +1,82 @@
+package events
+
+import (
+	"github.com/docker/docker/reference"
+	"github.com/docker/engine-api/types/events"
+	"github.com/docker/engine-api/types/filters"
+)
+
+// Filter can filter out docker events from a stream
+type Filter struct {
+	filter filters.Args
+}
+
+// NewFilter creates a new Filter
+func NewFilter(filter filters.Args) *Filter {
+	return &Filter{filter: filter}
+}
+
+// Include returns true when the event ev is included by the filters
+func (ef *Filter) Include(ev events.Message) bool {
+	return ef.filter.ExactMatch("event", ev.Action) &&
+		ef.filter.ExactMatch("type", ev.Type) &&
+		ef.matchContainer(ev) &&
+		ef.matchVolume(ev) &&
+		ef.matchNetwork(ev) &&
+		ef.matchImage(ev) &&
+		ef.matchLabels(ev.Actor.Attributes)
+}
+
+func (ef *Filter) matchLabels(attributes map[string]string) bool {
+	if !ef.filter.Include("label") {
+		return true
+	}
+	return ef.filter.MatchKVList("label", attributes)
+}
+
+func (ef *Filter) matchContainer(ev events.Message) bool {
+	return ef.fuzzyMatchName(ev, events.ContainerEventType)
+}
+
+func (ef *Filter) matchVolume(ev events.Message) bool {
+	return ef.fuzzyMatchName(ev, events.VolumeEventType)
+}
+
+func (ef *Filter) matchNetwork(ev events.Message) bool {
+	return ef.fuzzyMatchName(ev, events.NetworkEventType)
+}
+
+func (ef *Filter) fuzzyMatchName(ev events.Message, eventType string) bool {
+	return ef.filter.FuzzyMatch(eventType, ev.Actor.ID) ||
+		ef.filter.FuzzyMatch(eventType, ev.Actor.Attributes["name"])
+}
+
+// matchImage matches against both event.Actor.ID (for image events)
+// and event.Actor.Attributes["image"] (for container events), so that any container that was created
+// from an image will be included in the image events. Also compare both
+// against the stripped repo name without any tags.
+func (ef *Filter) matchImage(ev events.Message) bool {
+	id := ev.Actor.ID
+	nameAttr := "image"
+	var imageName string
+
+	if ev.Type == events.ImageEventType {
+		nameAttr = "name"
+	}
+
+	if n, ok := ev.Actor.Attributes[nameAttr]; ok {
+		imageName = n
+	}
+	return ef.filter.ExactMatch("image", id) ||
+		ef.filter.ExactMatch("image", imageName) ||
+		ef.filter.ExactMatch("image", stripTag(id)) ||
+		ef.filter.ExactMatch("image", stripTag(imageName))
+}
+
+func stripTag(image string) string {
+	ref, err := reference.ParseNamed(image)
+	if err != nil {
+		return image
+	}
+	return ref.Name()
+}
diff --git a/daemon/events/testutils/testutils.go b/daemon/events/testutils/testutils.go
new file mode 100644
index 00000000..c84418a9
--- /dev/null
+++ b/daemon/events/testutils/testutils.go
@@ -0,0 +1,76 @@
+package eventstestutils
+
+import (
+	"fmt"
+	"regexp"
+	"strings"
+	"time"
+
+	"github.com/docker/engine-api/types/events"
+	timetypes "github.com/docker/engine-api/types/time"
+)
+
+var (
+	reTimestamp  = `(?P<timestamp>\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{9}(:?(:?(:?-|\+)\d{2}:\d{2})|Z))`
+	reEventType  = `(?P<eventType>\w+)`
+	reAction     = `(?P<action>\w+)`
+	reID         = `(?P<id>[^\s]+)`
+	reAttributes = `(\s\((?P<attributes>[^\)]+)\))?`
+	reString     = fmt.Sprintf(`\A%s\s%s\s%s\s%s%s\z`, reTimestamp, reEventType, reAction, reID, reAttributes)
+
+	// eventCliRegexp is a regular expression that matches all possible event outputs in the cli
+	eventCliRegexp = regexp.MustCompile(reString)
+)
+
+// ScanMap turns an event string like the default ones formatted in the cli output
+// and turns it into map.
+func ScanMap(text string) map[string]string {
+	matches := eventCliRegexp.FindAllStringSubmatch(text, -1)
+	md := map[string]string{}
+	if len(matches) == 0 {
+		return md
+	}
+
+	names := eventCliRegexp.SubexpNames()
+	for i, n := range matches[0] {
+		md[names[i]] = n
+	}
+	return md
+}
+
+// Scan turns an event string like the default ones formatted in the cli output
+// and turns it into an event message.
+func Scan(text string) (*events.Message, error) {
+	md := ScanMap(text)
+	if len(md) == 0 {
+		return nil, fmt.Errorf("text is not an event: %s", text)
+	}
+
+	f, err := timetypes.GetTimestamp(md["timestamp"], time.Now())
+	if err != nil {
+		return nil, err
+	}
+
+	t, tn, err := timetypes.ParseTimestamps(f, -1)
+	if err != nil {
+		return nil, err
+	}
+
+	attrs := make(map[string]string)
+	for _, a := range strings.SplitN(md["attributes"], ", ", -1) {
+		kv := strings.SplitN(a, "=", 2)
+		attrs[kv[0]] = kv[1]
+	}
+
+	tu := time.Unix(t, tn)
+	return &events.Message{
+		Time:     t,
+		TimeNano: tu.UnixNano(),
+		Type:     md["eventType"],
+		Action:   md["action"],
+		Actor: events.Actor{
+			ID:         md["id"],
+			Attributes: attrs,
+		},
+	}, nil
+}
diff --git a/daemon/events_test.go b/daemon/events_test.go
new file mode 100644
index 00000000..8ee14a31
--- /dev/null
+++ b/daemon/events_test.go
@@ -0,0 +1,94 @@
+package daemon
+
+import (
+	"testing"
+	"time"
+
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/daemon/events"
+	containertypes "github.com/docker/engine-api/types/container"
+	eventtypes "github.com/docker/engine-api/types/events"
+)
+
+func TestLogContainerEventCopyLabels(t *testing.T) {
+	e := events.New()
+	_, l, _ := e.Subscribe()
+	defer e.Evict(l)
+
+	container := &container.Container{
+		CommonContainer: container.CommonContainer{
+			ID:   "container_id",
+			Name: "container_name",
+			Config: &containertypes.Config{
+				Image: "image_name",
+				Labels: map[string]string{
+					"node": "1",
+					"os":   "alpine",
+				},
+			},
+		},
+	}
+	daemon := &Daemon{
+		EventsService: e,
+	}
+	daemon.LogContainerEvent(container, "create")
+
+	if _, mutated := container.Config.Labels["image"]; mutated {
+		t.Fatalf("Expected to not mutate the container labels, got %q", container.Config.Labels)
+	}
+
+	validateTestAttributes(t, l, map[string]string{
+		"node": "1",
+		"os":   "alpine",
+	})
+}
+
+func TestLogContainerEventWithAttributes(t *testing.T) {
+	e := events.New()
+	_, l, _ := e.Subscribe()
+	defer e.Evict(l)
+
+	container := &container.Container{
+		CommonContainer: container.CommonContainer{
+			ID:   "container_id",
+			Name: "container_name",
+			Config: &containertypes.Config{
+				Labels: map[string]string{
+					"node": "1",
+					"os":   "alpine",
+				},
+			},
+		},
+	}
+	daemon := &Daemon{
+		EventsService: e,
+	}
+	attributes := map[string]string{
+		"node": "2",
+		"foo":  "bar",
+	}
+	daemon.LogContainerEventWithAttributes(container, "create", attributes)
+
+	validateTestAttributes(t, l, map[string]string{
+		"node": "1",
+		"foo":  "bar",
+	})
+}
+
+func validateTestAttributes(t *testing.T, l chan interface{}, expectedAttributesToTest map[string]string) {
+	select {
+	case ev := <-l:
+		event, ok := ev.(eventtypes.Message)
+		if !ok {
+			t.Fatalf("Unexpected event message: %q", ev)
+		}
+		for key, expected := range expectedAttributesToTest {
+			actual, ok := event.Actor.Attributes[key]
+			if !ok || actual != expected {
+				t.Fatalf("Expected value for key %s to be %s, but was %s (event:%v)", key, expected, actual, event)
+			}
+		}
+	case <-time.After(10 * time.Second):
+		t.Fatalf("LogEvent test timed out")
+	}
+}
diff --git a/daemon/exec.go b/daemon/exec.go
new file mode 100644
index 00000000..be06845c
--- /dev/null
+++ b/daemon/exec.go
@@ -0,0 +1,246 @@
+package daemon
+
+import (
+	"fmt"
+	"io"
+	"strings"
+	"time"
+
+	"golang.org/x/net/context"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/daemon/exec"
+	"github.com/docker/docker/errors"
+	"github.com/docker/docker/libcontainerd"
+	"github.com/docker/docker/pkg/pools"
+	"github.com/docker/docker/pkg/term"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/strslice"
+)
+
+func (d *Daemon) registerExecCommand(container *container.Container, config *exec.Config) {
+	// Storing execs in container in order to kill them gracefully whenever the container is stopped or removed.
+	container.ExecCommands.Add(config.ID, config)
+	// Storing execs in daemon for easy access via remote API.
+	d.execCommands.Add(config.ID, config)
+}
+
+// ExecExists looks up the exec instance and returns a bool if it exists or not.
+// It will also return the error produced by `getConfig`
+func (d *Daemon) ExecExists(name string) (bool, error) {
+	if _, err := d.getExecConfig(name); err != nil {
+		return false, err
+	}
+	return true, nil
+}
+
+// getExecConfig looks up the exec instance by name. If the container associated
+// with the exec instance is stopped or paused, it will return an error.
+func (d *Daemon) getExecConfig(name string) (*exec.Config, error) {
+	ec := d.execCommands.Get(name)
+
+	// If the exec is found but its container is not in the daemon's list of
+	// containers then it must have been deleted, in which case instead of
+	// saying the container isn't running, we should return a 404 so that
+	// the user sees the same error now that they will after the
+	// 5 minute clean-up loop is run which erases old/dead execs.
+
+	if ec != nil {
+		if container := d.containers.Get(ec.ContainerID); container != nil {
+			if !container.IsRunning() {
+				return nil, fmt.Errorf("Container %s is not running: %s", container.ID, container.State.String())
+			}
+			if container.IsPaused() {
+				return nil, errExecPaused(container.ID)
+			}
+			if container.IsRestarting() {
+				return nil, errContainerIsRestarting(container.ID)
+			}
+			return ec, nil
+		}
+	}
+
+	return nil, errExecNotFound(name)
+}
+
+func (d *Daemon) unregisterExecCommand(container *container.Container, execConfig *exec.Config) {
+	container.ExecCommands.Delete(execConfig.ID)
+	d.execCommands.Delete(execConfig.ID)
+}
+
+func (d *Daemon) getActiveContainer(name string) (*container.Container, error) {
+	container, err := d.GetContainer(name)
+	if err != nil {
+		return nil, err
+	}
+
+	if !container.IsRunning() {
+		return nil, errNotRunning{container.ID}
+	}
+	if container.IsPaused() {
+		return nil, errExecPaused(name)
+	}
+	if container.IsRestarting() {
+		return nil, errContainerIsRestarting(container.ID)
+	}
+	return container, nil
+}
+
+// ContainerExecCreate sets up an exec in a running container.
+func (d *Daemon) ContainerExecCreate(config *types.ExecConfig) (string, error) {
+	container, err := d.getActiveContainer(config.Container)
+	if err != nil {
+		return "", err
+	}
+
+	cmd := strslice.StrSlice(config.Cmd)
+	entrypoint, args := d.getEntrypointAndArgs(strslice.StrSlice{}, cmd)
+
+	keys := []byte{}
+	if config.DetachKeys != "" {
+		keys, err = term.ToBytes(config.DetachKeys)
+		if err != nil {
+			logrus.Warnf("Wrong escape keys provided (%s, error: %s) using default : ctrl-p ctrl-q", config.DetachKeys, err.Error())
+		}
+	}
+
+	execConfig := exec.NewConfig()
+	execConfig.OpenStdin = config.AttachStdin
+	execConfig.OpenStdout = config.AttachStdout
+	execConfig.OpenStderr = config.AttachStderr
+	execConfig.ContainerID = container.ID
+	execConfig.DetachKeys = keys
+	execConfig.Entrypoint = entrypoint
+	execConfig.Args = args
+	execConfig.Tty = config.Tty
+	execConfig.Privileged = config.Privileged
+	execConfig.User = config.User
+	if len(execConfig.User) == 0 {
+		execConfig.User = container.Config.User
+	}
+
+	d.registerExecCommand(container, execConfig)
+
+	d.LogContainerEvent(container, "exec_create: "+execConfig.Entrypoint+" "+strings.Join(execConfig.Args, " "))
+
+	return execConfig.ID, nil
+}
+
+// ContainerExecStart starts a previously set up exec instance. The
+// std streams are set up.
+func (d *Daemon) ContainerExecStart(name string, stdin io.ReadCloser, stdout io.Writer, stderr io.Writer) (err error) {
+	var (
+		cStdin           io.ReadCloser
+		cStdout, cStderr io.Writer
+	)
+
+	ec, err := d.getExecConfig(name)
+	if err != nil {
+		return errExecNotFound(name)
+	}
+
+	ec.Lock()
+	if ec.ExitCode != nil {
+		ec.Unlock()
+		err := fmt.Errorf("Error: Exec command %s has already run", ec.ID)
+		return errors.NewRequestConflictError(err)
+	}
+
+	if ec.Running {
+		ec.Unlock()
+		return fmt.Errorf("Error: Exec command %s is already running", ec.ID)
+	}
+	ec.Running = true
+	defer func() {
+		if err != nil {
+			ec.Running = false
+			exitCode := 126
+			ec.ExitCode = &exitCode
+		}
+	}()
+	ec.Unlock()
+
+	c := d.containers.Get(ec.ContainerID)
+	logrus.Debugf("starting exec command %s in container %s", ec.ID, c.ID)
+	d.LogContainerEvent(c, "exec_start: "+ec.Entrypoint+" "+strings.Join(ec.Args, " "))
+
+	if ec.OpenStdin && stdin != nil {
+		r, w := io.Pipe()
+		go func() {
+			defer w.Close()
+			defer logrus.Debugf("Closing buffered stdin pipe")
+			pools.Copy(w, stdin)
+		}()
+		cStdin = r
+	}
+	if ec.OpenStdout {
+		cStdout = stdout
+	}
+	if ec.OpenStderr {
+		cStderr = stderr
+	}
+
+	if ec.OpenStdin {
+		ec.NewInputPipes()
+	} else {
+		ec.NewNopInputPipe()
+	}
+
+	p := libcontainerd.Process{
+		Args:     append([]string{ec.Entrypoint}, ec.Args...),
+		Terminal: ec.Tty,
+	}
+
+	if err := execSetPlatformOpt(c, ec, &p); err != nil {
+		return nil
+	}
+
+	attachErr := container.AttachStreams(context.Background(), ec.StreamConfig, ec.OpenStdin, true, ec.Tty, cStdin, cStdout, cStderr, ec.DetachKeys)
+
+	if err := d.containerd.AddProcess(c.ID, name, p); err != nil {
+		return err
+	}
+
+	err = <-attachErr
+	if err != nil {
+		return fmt.Errorf("attach failed with error: %v", err)
+	}
+	return nil
+}
+
+// execCommandGC runs a ticker to clean up the daemon references
+// of exec configs that are no longer part of the container.
+func (d *Daemon) execCommandGC() {
+	for range time.Tick(5 * time.Minute) {
+		var (
+			cleaned          int
+			liveExecCommands = d.containerExecIds()
+		)
+		for id, config := range d.execCommands.Commands() {
+			if config.CanRemove {
+				cleaned++
+				d.execCommands.Delete(id)
+			} else {
+				if _, exists := liveExecCommands[id]; !exists {
+					config.CanRemove = true
+				}
+			}
+		}
+		if cleaned > 0 {
+			logrus.Debugf("clean %d unused exec commands", cleaned)
+		}
+	}
+}
+
+// containerExecIds returns a list of all the current exec ids that are in use
+// and running inside a container.
+func (d *Daemon) containerExecIds() map[string]struct{} {
+	ids := map[string]struct{}{}
+	for _, c := range d.containers.List() {
+		for _, id := range c.ExecCommands.List() {
+			ids[id] = struct{}{}
+		}
+	}
+	return ids
+}
diff --git a/daemon/exec/exec.go b/daemon/exec/exec.go
new file mode 100644
index 00000000..bbeb1c16
--- /dev/null
+++ b/daemon/exec/exec.go
@@ -0,0 +1,93 @@
+package exec
+
+import (
+	"sync"
+
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/docker/runconfig"
+)
+
+// Config holds the configurations for execs. The Daemon keeps
+// track of both running and finished execs so that they can be
+// examined both during and after completion.
+type Config struct {
+	sync.Mutex
+	*runconfig.StreamConfig
+	ID          string
+	Running     bool
+	ExitCode    *int
+	OpenStdin   bool
+	OpenStderr  bool
+	OpenStdout  bool
+	CanRemove   bool
+	ContainerID string
+	DetachKeys  []byte
+	Entrypoint  string
+	Args        []string
+	Tty         bool
+	Privileged  bool
+	User        string
+}
+
+// NewConfig initializes the a new exec configuration
+func NewConfig() *Config {
+	return &Config{
+		ID:           stringid.GenerateNonCryptoID(),
+		StreamConfig: runconfig.NewStreamConfig(),
+	}
+}
+
+// Store keeps track of the exec configurations.
+type Store struct {
+	commands map[string]*Config
+	sync.RWMutex
+}
+
+// NewStore initializes a new exec store.
+func NewStore() *Store {
+	return &Store{commands: make(map[string]*Config, 0)}
+}
+
+// Commands returns the exec configurations in the store.
+func (e *Store) Commands() map[string]*Config {
+	e.RLock()
+	commands := make(map[string]*Config, len(e.commands))
+	for id, config := range e.commands {
+		commands[id] = config
+	}
+	e.RUnlock()
+	return commands
+}
+
+// Add adds a new exec configuration to the store.
+func (e *Store) Add(id string, Config *Config) {
+	e.Lock()
+	e.commands[id] = Config
+	e.Unlock()
+}
+
+// Get returns an exec configuration by its id.
+func (e *Store) Get(id string) *Config {
+	e.RLock()
+	res := e.commands[id]
+	e.RUnlock()
+	return res
+}
+
+// Delete removes an exec configuration from the store.
+func (e *Store) Delete(id string) {
+	e.Lock()
+	delete(e.commands, id)
+	e.Unlock()
+}
+
+// List returns the list of exec ids in the store.
+func (e *Store) List() []string {
+	var IDs []string
+	e.RLock()
+	for id := range e.commands {
+		IDs = append(IDs, id)
+	}
+	e.RUnlock()
+	return IDs
+}
diff --git a/daemon/exec_linux.go b/daemon/exec_linux.go
new file mode 100644
index 00000000..a2c86b28
--- /dev/null
+++ b/daemon/exec_linux.go
@@ -0,0 +1,26 @@
+package daemon
+
+import (
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/daemon/caps"
+	"github.com/docker/docker/daemon/exec"
+	"github.com/docker/docker/libcontainerd"
+)
+
+func execSetPlatformOpt(c *container.Container, ec *exec.Config, p *libcontainerd.Process) error {
+	if len(ec.User) > 0 {
+		uid, gid, additionalGids, err := getUser(c, ec.User)
+		if err != nil {
+			return err
+		}
+		p.User = &libcontainerd.User{
+			UID:            uid,
+			GID:            gid,
+			AdditionalGids: additionalGids,
+		}
+	}
+	if ec.Privileged {
+		p.Capabilities = caps.GetAllCapabilities()
+	}
+	return nil
+}
diff --git a/daemon/exec_windows.go b/daemon/exec_windows.go
new file mode 100644
index 00000000..be25d200
--- /dev/null
+++ b/daemon/exec_windows.go
@@ -0,0 +1,14 @@
+package daemon
+
+import (
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/daemon/exec"
+	"github.com/docker/docker/libcontainerd"
+)
+
+func execSetPlatformOpt(c *container.Container, ec *exec.Config, p *libcontainerd.Process) error {
+	// Process arguments need to be escaped before sending to OCI.
+	// TODO (jstarks): escape the entrypoint too once the tests are fixed to not rely on this behavior
+	p.Args = append([]string{p.Args[0]}, escapeArgs(p.Args[1:])...)
+	return nil
+}
diff --git a/daemon/export.go b/daemon/export.go
new file mode 100644
index 00000000..80d7dbb2
--- /dev/null
+++ b/daemon/export.go
@@ -0,0 +1,55 @@
+package daemon
+
+import (
+	"fmt"
+	"io"
+
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/ioutils"
+)
+
+// ContainerExport writes the contents of the container to the given
+// writer. An error is returned if the container cannot be found.
+func (daemon *Daemon) ContainerExport(name string, out io.Writer) error {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return err
+	}
+
+	data, err := daemon.containerExport(container)
+	if err != nil {
+		return fmt.Errorf("Error exporting container %s: %v", name, err)
+	}
+	defer data.Close()
+
+	// Stream the entire contents of the container (basically a volatile snapshot)
+	if _, err := io.Copy(out, data); err != nil {
+		return fmt.Errorf("Error exporting container %s: %v", name, err)
+	}
+	return nil
+}
+
+func (daemon *Daemon) containerExport(container *container.Container) (archive.Archive, error) {
+	if err := daemon.Mount(container); err != nil {
+		return nil, err
+	}
+
+	uidMaps, gidMaps := daemon.GetUIDGIDMaps()
+	archive, err := archive.TarWithOptions(container.BaseFS, &archive.TarOptions{
+		Compression: archive.Uncompressed,
+		UIDMaps:     uidMaps,
+		GIDMaps:     gidMaps,
+	})
+	if err != nil {
+		daemon.Unmount(container)
+		return nil, err
+	}
+	arch := ioutils.NewReadCloserWrapper(archive, func() error {
+		err := archive.Close()
+		daemon.Unmount(container)
+		return err
+	})
+	daemon.LogContainerEvent(container, "export")
+	return arch, err
+}
diff --git a/daemon/graphdriver/aufs/aufs.go b/daemon/graphdriver/aufs/aufs.go
new file mode 100644
index 00000000..c98e8377
--- /dev/null
+++ b/daemon/graphdriver/aufs/aufs.go
@@ -0,0 +1,564 @@
+// +build linux
+
+/*
+
+aufs driver directory structure
+
+  .
+  ├── layers // Metadata of layers
+  │   ├── 1
+  │   ├── 2
+  │   └── 3
+  ├── diff  // Content of the layer
+  │   ├── 1  // Contains layers that need to be mounted for the id
+  │   ├── 2
+  │   └── 3
+  └── mnt    // Mount points for the rw layers to be mounted
+      ├── 1
+      ├── 2
+      └── 3
+
+*/
+
+package aufs
+
+import (
+	"bufio"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path"
+	"path/filepath"
+	"strings"
+	"sync"
+	"syscall"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/vbatts/tar-split/tar/storage"
+
+	"github.com/docker/docker/daemon/graphdriver"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/chrootarchive"
+	"github.com/docker/docker/pkg/directory"
+	"github.com/docker/docker/pkg/idtools"
+	mountpk "github.com/docker/docker/pkg/mount"
+	"github.com/docker/docker/pkg/stringid"
+
+	"github.com/opencontainers/runc/libcontainer/label"
+)
+
+var (
+	// ErrAufsNotSupported is returned if aufs is not supported by the host.
+	ErrAufsNotSupported = fmt.Errorf("AUFS was not found in /proc/filesystems")
+	incompatibleFsMagic = []graphdriver.FsMagic{
+		graphdriver.FsMagicBtrfs,
+		graphdriver.FsMagicAufs,
+	}
+	backingFs = "<unknown>"
+
+	enableDirpermLock sync.Once
+	enableDirperm     bool
+)
+
+func init() {
+	graphdriver.Register("aufs", Init)
+}
+
+// Driver contains information about the filesystem mounted.
+type Driver struct {
+	sync.Mutex
+	root          string
+	uidMaps       []idtools.IDMap
+	gidMaps       []idtools.IDMap
+	pathCacheLock sync.Mutex
+	pathCache     map[string]string
+}
+
+// Init returns a new AUFS driver.
+// An error is returned if AUFS is not supported.
+func Init(root string, options []string, uidMaps, gidMaps []idtools.IDMap) (graphdriver.Driver, error) {
+
+	// Try to load the aufs kernel module
+	if err := supportsAufs(); err != nil {
+		return nil, graphdriver.ErrNotSupported
+	}
+
+	fsMagic, err := graphdriver.GetFSMagic(root)
+	if err != nil {
+		return nil, err
+	}
+	if fsName, ok := graphdriver.FsNames[fsMagic]; ok {
+		backingFs = fsName
+	}
+
+	for _, magic := range incompatibleFsMagic {
+		if fsMagic == magic {
+			return nil, graphdriver.ErrIncompatibleFS
+		}
+	}
+
+	paths := []string{
+		"mnt",
+		"diff",
+		"layers",
+	}
+
+	a := &Driver{
+		root:      root,
+		uidMaps:   uidMaps,
+		gidMaps:   gidMaps,
+		pathCache: make(map[string]string),
+	}
+
+	rootUID, rootGID, err := idtools.GetRootUIDGID(uidMaps, gidMaps)
+	if err != nil {
+		return nil, err
+	}
+	// Create the root aufs driver dir and return
+	// if it already exists
+	// If not populate the dir structure
+	if err := idtools.MkdirAllAs(root, 0700, rootUID, rootGID); err != nil {
+		if os.IsExist(err) {
+			return a, nil
+		}
+		return nil, err
+	}
+
+	if err := mountpk.MakePrivate(root); err != nil {
+		return nil, err
+	}
+
+	// Populate the dir structure
+	for _, p := range paths {
+		if err := idtools.MkdirAllAs(path.Join(root, p), 0700, rootUID, rootGID); err != nil {
+			return nil, err
+		}
+	}
+	return a, nil
+}
+
+// Return a nil error if the kernel supports aufs
+// We cannot modprobe because inside dind modprobe fails
+// to run
+func supportsAufs() error {
+	// We can try to modprobe aufs first before looking at
+	// proc/filesystems for when aufs is supported
+	exec.Command("modprobe", "aufs").Run()
+
+	f, err := os.Open("/proc/filesystems")
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	s := bufio.NewScanner(f)
+	for s.Scan() {
+		if strings.Contains(s.Text(), "aufs") {
+			return nil
+		}
+	}
+	return ErrAufsNotSupported
+}
+
+func (a *Driver) rootPath() string {
+	return a.root
+}
+
+func (*Driver) String() string {
+	return "aufs"
+}
+
+// Status returns current information about the filesystem such as root directory, number of directories mounted, etc.
+func (a *Driver) Status() [][2]string {
+	ids, _ := loadIds(path.Join(a.rootPath(), "layers"))
+	return [][2]string{
+		{"Root Dir", a.rootPath()},
+		{"Backing Filesystem", backingFs},
+		{"Dirs", fmt.Sprintf("%d", len(ids))},
+		{"Dirperm1 Supported", fmt.Sprintf("%v", useDirperm())},
+	}
+}
+
+// GetMetadata not implemented
+func (a *Driver) GetMetadata(id string) (map[string]string, error) {
+	return nil, nil
+}
+
+// Exists returns true if the given id is registered with
+// this driver
+func (a *Driver) Exists(id string) bool {
+	if _, err := os.Lstat(path.Join(a.rootPath(), "layers", id)); err != nil {
+		return false
+	}
+	return true
+}
+
+// Create three folders for each id
+// mnt, layers, and diff
+func (a *Driver) Create(id, parent, mountLabel string) error {
+	if err := a.createDirsFor(id); err != nil {
+		return err
+	}
+	// Write the layers metadata
+	f, err := os.Create(path.Join(a.rootPath(), "layers", id))
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	if parent != "" {
+		ids, err := getParentIds(a.rootPath(), parent)
+		if err != nil {
+			return err
+		}
+
+		if _, err := fmt.Fprintln(f, parent); err != nil {
+			return err
+		}
+		for _, i := range ids {
+			if _, err := fmt.Fprintln(f, i); err != nil {
+				return err
+			}
+		}
+	}
+
+	return nil
+}
+
+// createDirsFor creates two directories for the given id.
+// mnt and diff
+func (a *Driver) createDirsFor(id string) error {
+	paths := []string{
+		"mnt",
+		"diff",
+	}
+
+	rootUID, rootGID, err := idtools.GetRootUIDGID(a.uidMaps, a.gidMaps)
+	if err != nil {
+		return err
+	}
+	// Directory permission is 0755.
+	// The path of directories are <aufs_root_path>/mnt/<image_id>
+	// and <aufs_root_path>/diff/<image_id>
+	for _, p := range paths {
+		if err := idtools.MkdirAllAs(path.Join(a.rootPath(), p, id), 0755, rootUID, rootGID); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// Remove will unmount and remove the given id.
+func (a *Driver) Remove(id string) error {
+	a.pathCacheLock.Lock()
+	mountpoint, exists := a.pathCache[id]
+	a.pathCacheLock.Unlock()
+	if !exists {
+		mountpoint = a.getMountpoint(id)
+	}
+	if err := a.unmount(mountpoint); err != nil {
+		// no need to return here, we can still try to remove since the `Rename` will fail below if still mounted
+		logrus.Debugf("aufs: error while unmounting %s: %v", mountpoint, err)
+	}
+
+	// Atomically remove each directory in turn by first moving it out of the
+	// way (so that docker doesn't find it anymore) before doing removal of
+	// the whole tree.
+	tmpMntPath := path.Join(a.mntPath(), fmt.Sprintf("%s-removing", id))
+	if err := os.Rename(mountpoint, tmpMntPath); err != nil && !os.IsNotExist(err) {
+		return err
+	}
+	defer os.RemoveAll(tmpMntPath)
+
+	tmpDiffpath := path.Join(a.diffPath(), fmt.Sprintf("%s-removing", id))
+	if err := os.Rename(a.getDiffPath(id), tmpDiffpath); err != nil && !os.IsNotExist(err) {
+		return err
+	}
+	defer os.RemoveAll(tmpDiffpath)
+
+	// Remove the layers file for the id
+	if err := os.Remove(path.Join(a.rootPath(), "layers", id)); err != nil && !os.IsNotExist(err) {
+		return err
+	}
+
+	a.pathCacheLock.Lock()
+	delete(a.pathCache, id)
+	a.pathCacheLock.Unlock()
+	return nil
+}
+
+// Get returns the rootfs path for the id.
+// This will mount the dir at it's given path
+func (a *Driver) Get(id, mountLabel string) (string, error) {
+	parents, err := a.getParentLayerPaths(id)
+	if err != nil && !os.IsNotExist(err) {
+		return "", err
+	}
+
+	a.pathCacheLock.Lock()
+	m, exists := a.pathCache[id]
+	a.pathCacheLock.Unlock()
+
+	if !exists {
+		m = a.getDiffPath(id)
+		if len(parents) > 0 {
+			m = a.getMountpoint(id)
+		}
+	}
+
+	// If a dir does not have a parent ( no layers )do not try to mount
+	// just return the diff path to the data
+	if len(parents) > 0 {
+		if err := a.mount(id, m, mountLabel, parents); err != nil {
+			return "", err
+		}
+	}
+
+	a.pathCacheLock.Lock()
+	a.pathCache[id] = m
+	a.pathCacheLock.Unlock()
+	return m, nil
+}
+
+// Put unmounts and updates list of active mounts.
+func (a *Driver) Put(id string) error {
+	a.pathCacheLock.Lock()
+	m, exists := a.pathCache[id]
+	if !exists {
+		m = a.getMountpoint(id)
+		a.pathCache[id] = m
+	}
+	a.pathCacheLock.Unlock()
+
+	err := a.unmount(m)
+	if err != nil {
+		logrus.Debugf("Failed to unmount %s aufs: %v", id, err)
+	}
+	return err
+}
+
+// Diff produces an archive of the changes between the specified
+// layer and its parent layer which may be "".
+func (a *Driver) Diff(id, parent string) (archive.Archive, error) {
+	// AUFS doesn't need the parent layer to produce a diff.
+	return archive.TarWithOptions(path.Join(a.rootPath(), "diff", id), &archive.TarOptions{
+		Compression:     archive.Uncompressed,
+		ExcludePatterns: []string{archive.WhiteoutMetaPrefix + "*", "!" + archive.WhiteoutOpaqueDir},
+		UIDMaps:         a.uidMaps,
+		GIDMaps:         a.gidMaps,
+	})
+}
+
+type fileGetNilCloser struct {
+	storage.FileGetter
+}
+
+func (f fileGetNilCloser) Close() error {
+	return nil
+}
+
+// DiffGetter returns a FileGetCloser that can read files from the directory that
+// contains files for the layer differences. Used for direct access for tar-split.
+func (a *Driver) DiffGetter(id string) (graphdriver.FileGetCloser, error) {
+	p := path.Join(a.rootPath(), "diff", id)
+	return fileGetNilCloser{storage.NewPathFileGetter(p)}, nil
+}
+
+func (a *Driver) applyDiff(id string, diff archive.Reader) error {
+	return chrootarchive.UntarUncompressed(diff, path.Join(a.rootPath(), "diff", id), &archive.TarOptions{
+		UIDMaps: a.uidMaps,
+		GIDMaps: a.gidMaps,
+	})
+}
+
+// DiffSize calculates the changes between the specified id
+// and its parent and returns the size in bytes of the changes
+// relative to its base filesystem directory.
+func (a *Driver) DiffSize(id, parent string) (size int64, err error) {
+	// AUFS doesn't need the parent layer to calculate the diff size.
+	return directory.Size(path.Join(a.rootPath(), "diff", id))
+}
+
+// ApplyDiff extracts the changeset from the given diff into the
+// layer with the specified id and parent, returning the size of the
+// new layer in bytes.
+func (a *Driver) ApplyDiff(id, parent string, diff archive.Reader) (size int64, err error) {
+	// AUFS doesn't need the parent id to apply the diff.
+	if err = a.applyDiff(id, diff); err != nil {
+		return
+	}
+
+	return a.DiffSize(id, parent)
+}
+
+// Changes produces a list of changes between the specified layer
+// and its parent layer. If parent is "", then all changes will be ADD changes.
+func (a *Driver) Changes(id, parent string) ([]archive.Change, error) {
+	// AUFS doesn't have snapshots, so we need to get changes from all parent
+	// layers.
+	layers, err := a.getParentLayerPaths(id)
+	if err != nil {
+		return nil, err
+	}
+	return archive.Changes(layers, path.Join(a.rootPath(), "diff", id))
+}
+
+func (a *Driver) getParentLayerPaths(id string) ([]string, error) {
+	parentIds, err := getParentIds(a.rootPath(), id)
+	if err != nil {
+		return nil, err
+	}
+	layers := make([]string, len(parentIds))
+
+	// Get the diff paths for all the parent ids
+	for i, p := range parentIds {
+		layers[i] = path.Join(a.rootPath(), "diff", p)
+	}
+	return layers, nil
+}
+
+func (a *Driver) mount(id string, target string, mountLabel string, layers []string) error {
+	a.Lock()
+	defer a.Unlock()
+
+	// If the id is mounted or we get an error return
+	if mounted, err := a.mounted(target); err != nil || mounted {
+		return err
+	}
+
+	rw := a.getDiffPath(id)
+
+	if err := a.aufsMount(layers, rw, target, mountLabel); err != nil {
+		return fmt.Errorf("error creating aufs mount to %s: %v", target, err)
+	}
+	return nil
+}
+
+func (a *Driver) unmount(mountPath string) error {
+	a.Lock()
+	defer a.Unlock()
+
+	if mounted, err := a.mounted(mountPath); err != nil || !mounted {
+		return err
+	}
+	if err := Unmount(mountPath); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (a *Driver) mounted(mountpoint string) (bool, error) {
+	return graphdriver.Mounted(graphdriver.FsMagicAufs, mountpoint)
+}
+
+// Cleanup aufs and unmount all mountpoints
+func (a *Driver) Cleanup() error {
+	var dirs []string
+	if err := filepath.Walk(a.mntPath(), func(path string, info os.FileInfo, err error) error {
+		if err != nil {
+			return err
+		}
+		if !info.IsDir() {
+			return nil
+		}
+		dirs = append(dirs, path)
+		return nil
+	}); err != nil {
+		return err
+	}
+
+	for _, m := range dirs {
+		if err := a.unmount(m); err != nil {
+			logrus.Debugf("aufs error unmounting %s: %s", stringid.TruncateID(m), err)
+		}
+	}
+	return mountpk.Unmount(a.root)
+}
+
+func (a *Driver) aufsMount(ro []string, rw, target, mountLabel string) (err error) {
+	defer func() {
+		if err != nil {
+			Unmount(target)
+		}
+	}()
+
+	// Mount options are clipped to page size(4096 bytes). If there are more
+	// layers then these are remounted individually using append.
+
+	offset := 54
+	if useDirperm() {
+		offset += len("dirperm1")
+	}
+	b := make([]byte, syscall.Getpagesize()-len(mountLabel)-offset) // room for xino & mountLabel
+	bp := copy(b, fmt.Sprintf("br:%s=rw", rw))
+
+	firstMount := true
+	i := 0
+
+	for {
+		for ; i < len(ro); i++ {
+			layer := fmt.Sprintf(":%s=ro+wh", ro[i])
+
+			if firstMount {
+				if bp+len(layer) > len(b) {
+					break
+				}
+				bp += copy(b[bp:], layer)
+			} else {
+				data := label.FormatMountLabel(fmt.Sprintf("append%s", layer), mountLabel)
+				if err = mount("none", target, "aufs", syscall.MS_REMOUNT, data); err != nil {
+					return
+				}
+			}
+		}
+
+		if firstMount {
+			opts := "dio,xino=/dev/shm/aufs.xino"
+			if useDirperm() {
+				opts += ",dirperm1"
+			}
+			data := label.FormatMountLabel(fmt.Sprintf("%s,%s", string(b[:bp]), opts), mountLabel)
+			if err = mount("none", target, "aufs", 0, data); err != nil {
+				return
+			}
+			firstMount = false
+		}
+
+		if i == len(ro) {
+			break
+		}
+	}
+
+	return
+}
+
+// useDirperm checks dirperm1 mount option can be used with the current
+// version of aufs.
+func useDirperm() bool {
+	enableDirpermLock.Do(func() {
+		base, err := ioutil.TempDir("", "docker-aufs-base")
+		if err != nil {
+			logrus.Errorf("error checking dirperm1: %v", err)
+			return
+		}
+		defer os.RemoveAll(base)
+
+		union, err := ioutil.TempDir("", "docker-aufs-union")
+		if err != nil {
+			logrus.Errorf("error checking dirperm1: %v", err)
+			return
+		}
+		defer os.RemoveAll(union)
+
+		opts := fmt.Sprintf("br:%s,dirperm1,xino=/dev/shm/aufs.xino", base)
+		if err := mount("none", union, "aufs", 0, opts); err != nil {
+			return
+		}
+		enableDirperm = true
+		if err := Unmount(union); err != nil {
+			logrus.Errorf("error checking dirperm1: failed to unmount %v", err)
+		}
+	})
+	return enableDirperm
+}
diff --git a/daemon/graphdriver/aufs/aufs_test.go b/daemon/graphdriver/aufs/aufs_test.go
new file mode 100644
index 00000000..b0ddf89a
--- /dev/null
+++ b/daemon/graphdriver/aufs/aufs_test.go
@@ -0,0 +1,801 @@
+// +build linux
+
+package aufs
+
+import (
+	"crypto/sha256"
+	"encoding/hex"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path"
+	"sync"
+	"testing"
+
+	"github.com/docker/docker/daemon/graphdriver"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/reexec"
+	"github.com/docker/docker/pkg/stringid"
+)
+
+var (
+	tmpOuter = path.Join(os.TempDir(), "aufs-tests")
+	tmp      = path.Join(tmpOuter, "aufs")
+)
+
+func init() {
+	reexec.Init()
+}
+
+func testInit(dir string, t testing.TB) graphdriver.Driver {
+	d, err := Init(dir, nil, nil, nil)
+	if err != nil {
+		if err == graphdriver.ErrNotSupported {
+			t.Skip(err)
+		} else {
+			t.Fatal(err)
+		}
+	}
+	return d
+}
+
+func newDriver(t testing.TB) *Driver {
+	if err := os.MkdirAll(tmp, 0755); err != nil {
+		t.Fatal(err)
+	}
+
+	d := testInit(tmp, t)
+	return d.(*Driver)
+}
+
+func TestNewDriver(t *testing.T) {
+	if err := os.MkdirAll(tmp, 0755); err != nil {
+		t.Fatal(err)
+	}
+
+	d := testInit(tmp, t)
+	defer os.RemoveAll(tmp)
+	if d == nil {
+		t.Fatalf("Driver should not be nil")
+	}
+}
+
+func TestAufsString(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+
+	if d.String() != "aufs" {
+		t.Fatalf("Expected aufs got %s", d.String())
+	}
+}
+
+func TestCreateDirStructure(t *testing.T) {
+	newDriver(t)
+	defer os.RemoveAll(tmp)
+
+	paths := []string{
+		"mnt",
+		"layers",
+		"diff",
+	}
+
+	for _, p := range paths {
+		if _, err := os.Stat(path.Join(tmp, p)); err != nil {
+			t.Fatal(err)
+		}
+	}
+}
+
+// We should be able to create two drivers with the same dir structure
+func TestNewDriverFromExistingDir(t *testing.T) {
+	if err := os.MkdirAll(tmp, 0755); err != nil {
+		t.Fatal(err)
+	}
+
+	testInit(tmp, t)
+	testInit(tmp, t)
+	os.RemoveAll(tmp)
+}
+
+func TestCreateNewDir(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+
+	if err := d.Create("1", "", ""); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestCreateNewDirStructure(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+
+	if err := d.Create("1", "", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	paths := []string{
+		"mnt",
+		"diff",
+		"layers",
+	}
+
+	for _, p := range paths {
+		if _, err := os.Stat(path.Join(tmp, p, "1")); err != nil {
+			t.Fatal(err)
+		}
+	}
+}
+
+func TestRemoveImage(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+
+	if err := d.Create("1", "", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := d.Remove("1"); err != nil {
+		t.Fatal(err)
+	}
+
+	paths := []string{
+		"mnt",
+		"diff",
+		"layers",
+	}
+
+	for _, p := range paths {
+		if _, err := os.Stat(path.Join(tmp, p, "1")); err == nil {
+			t.Fatalf("Error should not be nil because dirs with id 1 should be delted: %s", p)
+		}
+	}
+}
+
+func TestGetWithoutParent(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+
+	if err := d.Create("1", "", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	diffPath, err := d.Get("1", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	expected := path.Join(tmp, "diff", "1")
+	if diffPath != expected {
+		t.Fatalf("Expected path %s got %s", expected, diffPath)
+	}
+}
+
+func TestCleanupWithNoDirs(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+
+	if err := d.Cleanup(); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestCleanupWithDir(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+
+	if err := d.Create("1", "", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := d.Cleanup(); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestMountedFalseResponse(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+
+	if err := d.Create("1", "", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	response, err := d.mounted(d.getDiffPath("1"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if response != false {
+		t.Fatalf("Response if dir id 1 is mounted should be false")
+	}
+}
+
+func TestMountedTrueReponse(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+	defer d.Cleanup()
+
+	if err := d.Create("1", "", ""); err != nil {
+		t.Fatal(err)
+	}
+	if err := d.Create("2", "1", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	_, err := d.Get("2", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	response, err := d.mounted(d.pathCache["2"])
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if response != true {
+		t.Fatalf("Response if dir id 2 is mounted should be true")
+	}
+}
+
+func TestMountWithParent(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+
+	if err := d.Create("1", "", ""); err != nil {
+		t.Fatal(err)
+	}
+	if err := d.Create("2", "1", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	defer func() {
+		if err := d.Cleanup(); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	mntPath, err := d.Get("2", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if mntPath == "" {
+		t.Fatal("mntPath should not be empty string")
+	}
+
+	expected := path.Join(tmp, "mnt", "2")
+	if mntPath != expected {
+		t.Fatalf("Expected %s got %s", expected, mntPath)
+	}
+}
+
+func TestRemoveMountedDir(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+
+	if err := d.Create("1", "", ""); err != nil {
+		t.Fatal(err)
+	}
+	if err := d.Create("2", "1", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	defer func() {
+		if err := d.Cleanup(); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	mntPath, err := d.Get("2", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if mntPath == "" {
+		t.Fatal("mntPath should not be empty string")
+	}
+
+	mounted, err := d.mounted(d.pathCache["2"])
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if !mounted {
+		t.Fatalf("Dir id 2 should be mounted")
+	}
+
+	if err := d.Remove("2"); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestCreateWithInvalidParent(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+
+	if err := d.Create("1", "docker", ""); err == nil {
+		t.Fatalf("Error should not be nil with parent does not exist")
+	}
+}
+
+func TestGetDiff(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+
+	if err := d.Create("1", "", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	diffPath, err := d.Get("1", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Add a file to the diff path with a fixed size
+	size := int64(1024)
+
+	f, err := os.Create(path.Join(diffPath, "test_file"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err := f.Truncate(size); err != nil {
+		t.Fatal(err)
+	}
+	f.Close()
+
+	a, err := d.Diff("1", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if a == nil {
+		t.Fatalf("Archive should not be nil")
+	}
+}
+
+func TestChanges(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+
+	if err := d.Create("1", "", ""); err != nil {
+		t.Fatal(err)
+	}
+	if err := d.Create("2", "1", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	defer func() {
+		if err := d.Cleanup(); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	mntPoint, err := d.Get("2", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Create a file to save in the mountpoint
+	f, err := os.Create(path.Join(mntPoint, "test.txt"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := f.WriteString("testline"); err != nil {
+		t.Fatal(err)
+	}
+	if err := f.Close(); err != nil {
+		t.Fatal(err)
+	}
+
+	changes, err := d.Changes("2", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(changes) != 1 {
+		t.Fatalf("Dir 2 should have one change from parent got %d", len(changes))
+	}
+	change := changes[0]
+
+	expectedPath := "/test.txt"
+	if change.Path != expectedPath {
+		t.Fatalf("Expected path %s got %s", expectedPath, change.Path)
+	}
+
+	if change.Kind != archive.ChangeAdd {
+		t.Fatalf("Change kind should be ChangeAdd got %s", change.Kind)
+	}
+
+	if err := d.Create("3", "2", ""); err != nil {
+		t.Fatal(err)
+	}
+	mntPoint, err = d.Get("3", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Create a file to save in the mountpoint
+	f, err = os.Create(path.Join(mntPoint, "test2.txt"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := f.WriteString("testline"); err != nil {
+		t.Fatal(err)
+	}
+	if err := f.Close(); err != nil {
+		t.Fatal(err)
+	}
+
+	changes, err = d.Changes("3", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(changes) != 1 {
+		t.Fatalf("Dir 2 should have one change from parent got %d", len(changes))
+	}
+	change = changes[0]
+
+	expectedPath = "/test2.txt"
+	if change.Path != expectedPath {
+		t.Fatalf("Expected path %s got %s", expectedPath, change.Path)
+	}
+
+	if change.Kind != archive.ChangeAdd {
+		t.Fatalf("Change kind should be ChangeAdd got %s", change.Kind)
+	}
+}
+
+func TestDiffSize(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+
+	if err := d.Create("1", "", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	diffPath, err := d.Get("1", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Add a file to the diff path with a fixed size
+	size := int64(1024)
+
+	f, err := os.Create(path.Join(diffPath, "test_file"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err := f.Truncate(size); err != nil {
+		t.Fatal(err)
+	}
+	s, err := f.Stat()
+	if err != nil {
+		t.Fatal(err)
+	}
+	size = s.Size()
+	if err := f.Close(); err != nil {
+		t.Fatal(err)
+	}
+
+	diffSize, err := d.DiffSize("1", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if diffSize != size {
+		t.Fatalf("Expected size to be %d got %d", size, diffSize)
+	}
+}
+
+func TestChildDiffSize(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+	defer d.Cleanup()
+
+	if err := d.Create("1", "", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	diffPath, err := d.Get("1", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Add a file to the diff path with a fixed size
+	size := int64(1024)
+
+	f, err := os.Create(path.Join(diffPath, "test_file"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err := f.Truncate(size); err != nil {
+		t.Fatal(err)
+	}
+	s, err := f.Stat()
+	if err != nil {
+		t.Fatal(err)
+	}
+	size = s.Size()
+	if err := f.Close(); err != nil {
+		t.Fatal(err)
+	}
+
+	diffSize, err := d.DiffSize("1", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if diffSize != size {
+		t.Fatalf("Expected size to be %d got %d", size, diffSize)
+	}
+
+	if err := d.Create("2", "1", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	diffSize, err = d.DiffSize("2", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	// The diff size for the child should be zero
+	if diffSize != 0 {
+		t.Fatalf("Expected size to be %d got %d", 0, diffSize)
+	}
+}
+
+func TestExists(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+	defer d.Cleanup()
+
+	if err := d.Create("1", "", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	if d.Exists("none") {
+		t.Fatal("id name should not exist in the driver")
+	}
+
+	if !d.Exists("1") {
+		t.Fatal("id 1 should exist in the driver")
+	}
+}
+
+func TestStatus(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+	defer d.Cleanup()
+
+	if err := d.Create("1", "", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	status := d.Status()
+	if status == nil || len(status) == 0 {
+		t.Fatal("Status should not be nil or empty")
+	}
+	rootDir := status[0]
+	dirs := status[2]
+	if rootDir[0] != "Root Dir" {
+		t.Fatalf("Expected Root Dir got %s", rootDir[0])
+	}
+	if rootDir[1] != d.rootPath() {
+		t.Fatalf("Expected %s got %s", d.rootPath(), rootDir[1])
+	}
+	if dirs[0] != "Dirs" {
+		t.Fatalf("Expected Dirs got %s", dirs[0])
+	}
+	if dirs[1] != "1" {
+		t.Fatalf("Expected 1 got %s", dirs[1])
+	}
+}
+
+func TestApplyDiff(t *testing.T) {
+	d := newDriver(t)
+	defer os.RemoveAll(tmp)
+	defer d.Cleanup()
+
+	if err := d.Create("1", "", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	diffPath, err := d.Get("1", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Add a file to the diff path with a fixed size
+	size := int64(1024)
+
+	f, err := os.Create(path.Join(diffPath, "test_file"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err := f.Truncate(size); err != nil {
+		t.Fatal(err)
+	}
+	f.Close()
+
+	diff, err := d.Diff("1", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if err := d.Create("2", "", ""); err != nil {
+		t.Fatal(err)
+	}
+	if err := d.Create("3", "2", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := d.applyDiff("3", diff); err != nil {
+		t.Fatal(err)
+	}
+
+	// Ensure that the file is in the mount point for id 3
+
+	mountPoint, err := d.Get("3", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := os.Stat(path.Join(mountPoint, "test_file")); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func hash(c string) string {
+	h := sha256.New()
+	fmt.Fprint(h, c)
+	return hex.EncodeToString(h.Sum(nil))
+}
+
+func testMountMoreThan42Layers(t *testing.T, mountPath string) {
+	if err := os.MkdirAll(mountPath, 0755); err != nil {
+		t.Fatal(err)
+	}
+
+	defer os.RemoveAll(mountPath)
+	d := testInit(mountPath, t).(*Driver)
+	defer d.Cleanup()
+	var last string
+	var expected int
+
+	for i := 1; i < 127; i++ {
+		expected++
+		var (
+			parent  = fmt.Sprintf("%d", i-1)
+			current = fmt.Sprintf("%d", i)
+		)
+
+		if parent == "0" {
+			parent = ""
+		} else {
+			parent = hash(parent)
+		}
+		current = hash(current)
+
+		if err := d.Create(current, parent, ""); err != nil {
+			t.Logf("Current layer %d", i)
+			t.Error(err)
+		}
+		point, err := d.Get(current, "")
+		if err != nil {
+			t.Logf("Current layer %d", i)
+			t.Error(err)
+		}
+		f, err := os.Create(path.Join(point, current))
+		if err != nil {
+			t.Logf("Current layer %d", i)
+			t.Error(err)
+		}
+		f.Close()
+
+		if i%10 == 0 {
+			if err := os.Remove(path.Join(point, parent)); err != nil {
+				t.Logf("Current layer %d", i)
+				t.Error(err)
+			}
+			expected--
+		}
+		last = current
+	}
+
+	// Perform the actual mount for the top most image
+	point, err := d.Get(last, "")
+	if err != nil {
+		t.Error(err)
+	}
+	files, err := ioutil.ReadDir(point)
+	if err != nil {
+		t.Error(err)
+	}
+	if len(files) != expected {
+		t.Errorf("Expected %d got %d", expected, len(files))
+	}
+}
+
+func TestMountMoreThan42Layers(t *testing.T) {
+	os.RemoveAll(tmpOuter)
+	testMountMoreThan42Layers(t, tmp)
+}
+
+func TestMountMoreThan42LayersMatchingPathLength(t *testing.T) {
+	defer os.RemoveAll(tmpOuter)
+	zeroes := "0"
+	for {
+		// This finds a mount path so that when combined into aufs mount options
+		// 4096 byte boundary would be in between the paths or in permission
+		// section. For '/tmp' it will use '/tmp/aufs-tests/00000000/aufs'
+		mountPath := path.Join(tmpOuter, zeroes, "aufs")
+		pathLength := 77 + len(mountPath)
+
+		if mod := 4095 % pathLength; mod == 0 || mod > pathLength-2 {
+			t.Logf("Using path: %s", mountPath)
+			testMountMoreThan42Layers(t, mountPath)
+			return
+		}
+		zeroes += "0"
+	}
+}
+
+func BenchmarkConcurrentAccess(b *testing.B) {
+	b.StopTimer()
+	b.ResetTimer()
+
+	d := newDriver(b)
+	defer os.RemoveAll(tmp)
+	defer d.Cleanup()
+
+	numConcurent := 256
+	// create a bunch of ids
+	var ids []string
+	for i := 0; i < numConcurent; i++ {
+		ids = append(ids, stringid.GenerateNonCryptoID())
+	}
+
+	if err := d.Create(ids[0], "", ""); err != nil {
+		b.Fatal(err)
+	}
+
+	if err := d.Create(ids[1], ids[0], ""); err != nil {
+		b.Fatal(err)
+	}
+
+	parent := ids[1]
+	ids = append(ids[2:])
+
+	chErr := make(chan error, numConcurent)
+	var outerGroup sync.WaitGroup
+	outerGroup.Add(len(ids))
+	b.StartTimer()
+
+	// here's the actual bench
+	for _, id := range ids {
+		go func(id string) {
+			defer outerGroup.Done()
+			if err := d.Create(id, parent, ""); err != nil {
+				b.Logf("Create %s failed", id)
+				chErr <- err
+				return
+			}
+			var innerGroup sync.WaitGroup
+			for i := 0; i < b.N; i++ {
+				innerGroup.Add(1)
+				go func() {
+					d.Get(id, "")
+					d.Put(id)
+					innerGroup.Done()
+				}()
+			}
+			innerGroup.Wait()
+			d.Remove(id)
+		}(id)
+	}
+
+	outerGroup.Wait()
+	b.StopTimer()
+	close(chErr)
+	for err := range chErr {
+		if err != nil {
+			b.Log(err)
+			b.Fail()
+		}
+	}
+}
diff --git a/daemon/graphdriver/aufs/dirs.go b/daemon/graphdriver/aufs/dirs.go
new file mode 100644
index 00000000..eb298d9e
--- /dev/null
+++ b/daemon/graphdriver/aufs/dirs.go
@@ -0,0 +1,64 @@
+// +build linux
+
+package aufs
+
+import (
+	"bufio"
+	"io/ioutil"
+	"os"
+	"path"
+)
+
+// Return all the directories
+func loadIds(root string) ([]string, error) {
+	dirs, err := ioutil.ReadDir(root)
+	if err != nil {
+		return nil, err
+	}
+	out := []string{}
+	for _, d := range dirs {
+		if !d.IsDir() {
+			out = append(out, d.Name())
+		}
+	}
+	return out, nil
+}
+
+// Read the layers file for the current id and return all the
+// layers represented by new lines in the file
+//
+// If there are no lines in the file then the id has no parent
+// and an empty slice is returned.
+func getParentIds(root, id string) ([]string, error) {
+	f, err := os.Open(path.Join(root, "layers", id))
+	if err != nil {
+		return nil, err
+	}
+	defer f.Close()
+
+	out := []string{}
+	s := bufio.NewScanner(f)
+
+	for s.Scan() {
+		if t := s.Text(); t != "" {
+			out = append(out, s.Text())
+		}
+	}
+	return out, s.Err()
+}
+
+func (a *Driver) getMountpoint(id string) string {
+	return path.Join(a.mntPath(), id)
+}
+
+func (a *Driver) mntPath() string {
+	return path.Join(a.rootPath(), "mnt")
+}
+
+func (a *Driver) getDiffPath(id string) string {
+	return path.Join(a.diffPath(), id)
+}
+
+func (a *Driver) diffPath() string {
+	return path.Join(a.rootPath(), "diff")
+}
diff --git a/daemon/graphdriver/aufs/mount.go b/daemon/graphdriver/aufs/mount.go
new file mode 100644
index 00000000..36fa62e4
--- /dev/null
+++ b/daemon/graphdriver/aufs/mount.go
@@ -0,0 +1,21 @@
+// +build linux
+
+package aufs
+
+import (
+	"os/exec"
+	"syscall"
+
+	"github.com/Sirupsen/logrus"
+)
+
+// Unmount the target specified.
+func Unmount(target string) error {
+	if err := exec.Command("auplink", target, "flush").Run(); err != nil {
+		logrus.Errorf("Couldn't run auplink before unmount %s: %s", target, err)
+	}
+	if err := syscall.Unmount(target, 0); err != nil {
+		return err
+	}
+	return nil
+}
diff --git a/daemon/graphdriver/aufs/mount_linux.go b/daemon/graphdriver/aufs/mount_linux.go
new file mode 100644
index 00000000..8062bae4
--- /dev/null
+++ b/daemon/graphdriver/aufs/mount_linux.go
@@ -0,0 +1,7 @@
+package aufs
+
+import "syscall"
+
+func mount(source string, target string, fstype string, flags uintptr, data string) error {
+	return syscall.Mount(source, target, fstype, flags, data)
+}
diff --git a/daemon/graphdriver/aufs/mount_unsupported.go b/daemon/graphdriver/aufs/mount_unsupported.go
new file mode 100644
index 00000000..d030b066
--- /dev/null
+++ b/daemon/graphdriver/aufs/mount_unsupported.go
@@ -0,0 +1,12 @@
+// +build !linux
+
+package aufs
+
+import "errors"
+
+// MsRemount declared to specify a non-linux system mount.
+const MsRemount = 0
+
+func mount(source string, target string, fstype string, flags uintptr, data string) (err error) {
+	return errors.New("mount is not implemented on this platform")
+}
diff --git a/daemon/graphdriver/btrfs/btrfs.go b/daemon/graphdriver/btrfs/btrfs.go
new file mode 100644
index 00000000..1f18090f
--- /dev/null
+++ b/daemon/graphdriver/btrfs/btrfs.go
@@ -0,0 +1,330 @@
+// +build linux
+
+package btrfs
+
+/*
+#include <stdlib.h>
+#include <dirent.h>
+#include <btrfs/ioctl.h>
+#include <btrfs/ctree.h>
+
+static void set_name_btrfs_ioctl_vol_args_v2(struct btrfs_ioctl_vol_args_v2* btrfs_struct, const char* value) {
+    snprintf(btrfs_struct->name, BTRFS_SUBVOL_NAME_MAX, "%s", value);
+}
+*/
+import "C"
+
+import (
+	"fmt"
+	"os"
+	"path"
+	"path/filepath"
+	"syscall"
+	"unsafe"
+
+	"github.com/docker/docker/daemon/graphdriver"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/mount"
+	"github.com/opencontainers/runc/libcontainer/label"
+)
+
+func init() {
+	graphdriver.Register("btrfs", Init)
+}
+
+// Init returns a new BTRFS driver.
+// An error is returned if BTRFS is not supported.
+func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (graphdriver.Driver, error) {
+
+	fsMagic, err := graphdriver.GetFSMagic(home)
+	if err != nil {
+		return nil, err
+	}
+
+	if fsMagic != graphdriver.FsMagicBtrfs {
+		return nil, graphdriver.ErrPrerequisites
+	}
+
+	rootUID, rootGID, err := idtools.GetRootUIDGID(uidMaps, gidMaps)
+	if err != nil {
+		return nil, err
+	}
+	if err := idtools.MkdirAllAs(home, 0700, rootUID, rootGID); err != nil {
+		return nil, err
+	}
+
+	if err := mount.MakePrivate(home); err != nil {
+		return nil, err
+	}
+
+	driver := &Driver{
+		home:    home,
+		uidMaps: uidMaps,
+		gidMaps: gidMaps,
+	}
+
+	return graphdriver.NewNaiveDiffDriver(driver, uidMaps, gidMaps), nil
+}
+
+// Driver contains information about the filesystem mounted.
+type Driver struct {
+	//root of the file system
+	home    string
+	uidMaps []idtools.IDMap
+	gidMaps []idtools.IDMap
+}
+
+// String prints the name of the driver (btrfs).
+func (d *Driver) String() string {
+	return "btrfs"
+}
+
+// Status returns current driver information in a two dimensional string array.
+// Output contains "Build Version" and "Library Version" of the btrfs libraries used.
+// Version information can be used to check compatibility with your kernel.
+func (d *Driver) Status() [][2]string {
+	status := [][2]string{}
+	if bv := btrfsBuildVersion(); bv != "-" {
+		status = append(status, [2]string{"Build Version", bv})
+	}
+	if lv := btrfsLibVersion(); lv != -1 {
+		status = append(status, [2]string{"Library Version", fmt.Sprintf("%d", lv)})
+	}
+	return status
+}
+
+// GetMetadata returns empty metadata for this driver.
+func (d *Driver) GetMetadata(id string) (map[string]string, error) {
+	return nil, nil
+}
+
+// Cleanup unmounts the home directory.
+func (d *Driver) Cleanup() error {
+	return mount.Unmount(d.home)
+}
+
+func free(p *C.char) {
+	C.free(unsafe.Pointer(p))
+}
+
+func openDir(path string) (*C.DIR, error) {
+	Cpath := C.CString(path)
+	defer free(Cpath)
+
+	dir := C.opendir(Cpath)
+	if dir == nil {
+		return nil, fmt.Errorf("Can't open dir")
+	}
+	return dir, nil
+}
+
+func closeDir(dir *C.DIR) {
+	if dir != nil {
+		C.closedir(dir)
+	}
+}
+
+func getDirFd(dir *C.DIR) uintptr {
+	return uintptr(C.dirfd(dir))
+}
+
+func subvolCreate(path, name string) error {
+	dir, err := openDir(path)
+	if err != nil {
+		return err
+	}
+	defer closeDir(dir)
+
+	var args C.struct_btrfs_ioctl_vol_args
+	for i, c := range []byte(name) {
+		args.name[i] = C.char(c)
+	}
+
+	_, _, errno := syscall.Syscall(syscall.SYS_IOCTL, getDirFd(dir), C.BTRFS_IOC_SUBVOL_CREATE,
+		uintptr(unsafe.Pointer(&args)))
+	if errno != 0 {
+		return fmt.Errorf("Failed to create btrfs subvolume: %v", errno.Error())
+	}
+	return nil
+}
+
+func subvolSnapshot(src, dest, name string) error {
+	srcDir, err := openDir(src)
+	if err != nil {
+		return err
+	}
+	defer closeDir(srcDir)
+
+	destDir, err := openDir(dest)
+	if err != nil {
+		return err
+	}
+	defer closeDir(destDir)
+
+	var args C.struct_btrfs_ioctl_vol_args_v2
+	args.fd = C.__s64(getDirFd(srcDir))
+
+	var cs = C.CString(name)
+	C.set_name_btrfs_ioctl_vol_args_v2(&args, cs)
+	C.free(unsafe.Pointer(cs))
+
+	_, _, errno := syscall.Syscall(syscall.SYS_IOCTL, getDirFd(destDir), C.BTRFS_IOC_SNAP_CREATE_V2,
+		uintptr(unsafe.Pointer(&args)))
+	if errno != 0 {
+		return fmt.Errorf("Failed to create btrfs snapshot: %v", errno.Error())
+	}
+	return nil
+}
+
+func isSubvolume(p string) (bool, error) {
+	var bufStat syscall.Stat_t
+	if err := syscall.Lstat(p, &bufStat); err != nil {
+		return false, err
+	}
+
+	// return true if it is a btrfs subvolume
+	return bufStat.Ino == C.BTRFS_FIRST_FREE_OBJECTID, nil
+}
+
+func subvolDelete(dirpath, name string) error {
+	dir, err := openDir(dirpath)
+	if err != nil {
+		return err
+	}
+	defer closeDir(dir)
+	fullPath := path.Join(dirpath, name)
+
+	var args C.struct_btrfs_ioctl_vol_args
+
+	// walk the btrfs subvolumes
+	walkSubvolumes := func(p string, f os.FileInfo, err error) error {
+		if err != nil {
+			if os.IsNotExist(err) && p != fullPath {
+				// missing most likely because the path was a subvolume that got removed in the previous iteration
+				// since it's gone anyway, we don't care
+				return nil
+			}
+			return fmt.Errorf("error walking subvolumes: %v", err)
+		}
+		// we want to check children only so skip itself
+		// it will be removed after the filepath walk anyways
+		if f.IsDir() && p != fullPath {
+			sv, err := isSubvolume(p)
+			if err != nil {
+				return fmt.Errorf("Failed to test if %s is a btrfs subvolume: %v", p, err)
+			}
+			if sv {
+				if err := subvolDelete(path.Dir(p), f.Name()); err != nil {
+					return fmt.Errorf("Failed to destroy btrfs child subvolume (%s) of parent (%s): %v", p, dirpath, err)
+				}
+			}
+		}
+		return nil
+	}
+	if err := filepath.Walk(path.Join(dirpath, name), walkSubvolumes); err != nil {
+		return fmt.Errorf("Recursively walking subvolumes for %s failed: %v", dirpath, err)
+	}
+
+	// all subvolumes have been removed
+	// now remove the one originally passed in
+	for i, c := range []byte(name) {
+		args.name[i] = C.char(c)
+	}
+	_, _, errno := syscall.Syscall(syscall.SYS_IOCTL, getDirFd(dir), C.BTRFS_IOC_SNAP_DESTROY,
+		uintptr(unsafe.Pointer(&args)))
+	if errno != 0 {
+		return fmt.Errorf("Failed to destroy btrfs snapshot %s for %s: %v", dirpath, name, errno.Error())
+	}
+	return nil
+}
+
+func (d *Driver) subvolumesDir() string {
+	return path.Join(d.home, "subvolumes")
+}
+
+func (d *Driver) subvolumesDirID(id string) string {
+	return path.Join(d.subvolumesDir(), id)
+}
+
+// Create the filesystem with given id.
+func (d *Driver) Create(id, parent, mountLabel string) error {
+	subvolumes := path.Join(d.home, "subvolumes")
+	rootUID, rootGID, err := idtools.GetRootUIDGID(d.uidMaps, d.gidMaps)
+	if err != nil {
+		return err
+	}
+	if err := idtools.MkdirAllAs(subvolumes, 0700, rootUID, rootGID); err != nil {
+		return err
+	}
+	if parent == "" {
+		if err := subvolCreate(subvolumes, id); err != nil {
+			return err
+		}
+	} else {
+		parentDir := d.subvolumesDirID(parent)
+		st, err := os.Stat(parentDir)
+		if err != nil {
+			return err
+		}
+		if !st.IsDir() {
+			return fmt.Errorf("%s: not a directory", parentDir)
+		}
+		if err := subvolSnapshot(parentDir, subvolumes, id); err != nil {
+			return err
+		}
+	}
+
+	// if we have a remapped root (user namespaces enabled), change the created snapshot
+	// dir ownership to match
+	if rootUID != 0 || rootGID != 0 {
+		if err := os.Chown(path.Join(subvolumes, id), rootUID, rootGID); err != nil {
+			return err
+		}
+	}
+
+	return label.Relabel(path.Join(subvolumes, id), mountLabel, false)
+}
+
+// Remove the filesystem with given id.
+func (d *Driver) Remove(id string) error {
+	dir := d.subvolumesDirID(id)
+	if _, err := os.Stat(dir); err != nil {
+		return err
+	}
+	if err := subvolDelete(d.subvolumesDir(), id); err != nil {
+		return err
+	}
+	if err := os.RemoveAll(dir); err != nil && !os.IsNotExist(err) {
+		return err
+	}
+	return nil
+}
+
+// Get the requested filesystem id.
+func (d *Driver) Get(id, mountLabel string) (string, error) {
+	dir := d.subvolumesDirID(id)
+	st, err := os.Stat(dir)
+	if err != nil {
+		return "", err
+	}
+
+	if !st.IsDir() {
+		return "", fmt.Errorf("%s: not a directory", dir)
+	}
+
+	return dir, nil
+}
+
+// Put is not implemented for BTRFS as there is no cleanup required for the id.
+func (d *Driver) Put(id string) error {
+	// Get() creates no runtime resources (like e.g. mounts)
+	// so this doesn't need to do anything.
+	return nil
+}
+
+// Exists checks if the id exists in the filesystem.
+func (d *Driver) Exists(id string) bool {
+	dir := d.subvolumesDirID(id)
+	_, err := os.Stat(dir)
+	return err == nil
+}
diff --git a/daemon/graphdriver/btrfs/btrfs_test.go b/daemon/graphdriver/btrfs/btrfs_test.go
new file mode 100644
index 00000000..7494218d
--- /dev/null
+++ b/daemon/graphdriver/btrfs/btrfs_test.go
@@ -0,0 +1,63 @@
+// +build linux
+
+package btrfs
+
+import (
+	"os"
+	"path"
+	"testing"
+
+	"github.com/docker/docker/daemon/graphdriver/graphtest"
+)
+
+// This avoids creating a new driver for each test if all tests are run
+// Make sure to put new tests between TestBtrfsSetup and TestBtrfsTeardown
+func TestBtrfsSetup(t *testing.T) {
+	graphtest.GetDriver(t, "btrfs")
+}
+
+func TestBtrfsCreateEmpty(t *testing.T) {
+	graphtest.DriverTestCreateEmpty(t, "btrfs")
+}
+
+func TestBtrfsCreateBase(t *testing.T) {
+	graphtest.DriverTestCreateBase(t, "btrfs")
+}
+
+func TestBtrfsCreateSnap(t *testing.T) {
+	graphtest.DriverTestCreateSnap(t, "btrfs")
+}
+
+func TestBtrfsSubvolDelete(t *testing.T) {
+	d := graphtest.GetDriver(t, "btrfs")
+	if err := d.Create("test", "", ""); err != nil {
+		t.Fatal(err)
+	}
+	defer graphtest.PutDriver(t)
+
+	dir, err := d.Get("test", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer d.Put("test")
+
+	if err := subvolCreate(dir, "subvoltest"); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := os.Stat(path.Join(dir, "subvoltest")); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := d.Remove("test"); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := os.Stat(path.Join(dir, "subvoltest")); !os.IsNotExist(err) {
+		t.Fatalf("expected not exist error on nested subvol, got: %v", err)
+	}
+}
+
+func TestBtrfsTeardown(t *testing.T) {
+	graphtest.PutDriver(t)
+}
diff --git a/daemon/graphdriver/btrfs/dummy_unsupported.go b/daemon/graphdriver/btrfs/dummy_unsupported.go
new file mode 100644
index 00000000..f0708888
--- /dev/null
+++ b/daemon/graphdriver/btrfs/dummy_unsupported.go
@@ -0,0 +1,3 @@
+// +build !linux !cgo
+
+package btrfs
diff --git a/daemon/graphdriver/btrfs/version.go b/daemon/graphdriver/btrfs/version.go
new file mode 100644
index 00000000..73d90cdd
--- /dev/null
+++ b/daemon/graphdriver/btrfs/version.go
@@ -0,0 +1,26 @@
+// +build linux,!btrfs_noversion
+
+package btrfs
+
+/*
+#include <btrfs/version.h>
+
+// around version 3.16, they did not define lib version yet
+#ifndef BTRFS_LIB_VERSION
+#define BTRFS_LIB_VERSION -1
+#endif
+
+// upstream had removed it, but now it will be coming back
+#ifndef BTRFS_BUILD_VERSION
+#define BTRFS_BUILD_VERSION "-"
+#endif
+*/
+import "C"
+
+func btrfsBuildVersion() string {
+	return string(C.BTRFS_BUILD_VERSION)
+}
+
+func btrfsLibVersion() int {
+	return int(C.BTRFS_LIB_VERSION)
+}
diff --git a/daemon/graphdriver/btrfs/version_none.go b/daemon/graphdriver/btrfs/version_none.go
new file mode 100644
index 00000000..f802fbc6
--- /dev/null
+++ b/daemon/graphdriver/btrfs/version_none.go
@@ -0,0 +1,14 @@
+// +build linux,btrfs_noversion
+
+package btrfs
+
+// TODO(vbatts) remove this work-around once supported linux distros are on
+// btrfs utilities of >= 3.16.1
+
+func btrfsBuildVersion() string {
+	return "-"
+}
+
+func btrfsLibVersion() int {
+	return -1
+}
diff --git a/daemon/graphdriver/btrfs/version_test.go b/daemon/graphdriver/btrfs/version_test.go
new file mode 100644
index 00000000..15a6e75c
--- /dev/null
+++ b/daemon/graphdriver/btrfs/version_test.go
@@ -0,0 +1,13 @@
+// +build linux,!btrfs_noversion
+
+package btrfs
+
+import (
+	"testing"
+)
+
+func TestLibVersion(t *testing.T) {
+	if btrfsLibVersion() <= 0 {
+		t.Errorf("expected output from btrfs lib version > 0")
+	}
+}
diff --git a/daemon/graphdriver/counter.go b/daemon/graphdriver/counter.go
new file mode 100644
index 00000000..572fc9be
--- /dev/null
+++ b/daemon/graphdriver/counter.go
@@ -0,0 +1,32 @@
+package graphdriver
+
+import "sync"
+
+// RefCounter is a generic counter for use by graphdriver Get/Put calls
+type RefCounter struct {
+	counts map[string]int
+	mu     sync.Mutex
+}
+
+// NewRefCounter returns a new RefCounter
+func NewRefCounter() *RefCounter {
+	return &RefCounter{counts: make(map[string]int)}
+}
+
+// Increment increaes the ref count for the given id and returns the current count
+func (c *RefCounter) Increment(id string) int {
+	c.mu.Lock()
+	c.counts[id]++
+	count := c.counts[id]
+	c.mu.Unlock()
+	return count
+}
+
+// Decrement decreases the ref count for the given id and returns the current count
+func (c *RefCounter) Decrement(id string) int {
+	c.mu.Lock()
+	c.counts[id]--
+	count := c.counts[id]
+	c.mu.Unlock()
+	return count
+}
diff --git a/daemon/graphdriver/devmapper/README.md b/daemon/graphdriver/devmapper/README.md
new file mode 100644
index 00000000..8de7fc22
--- /dev/null
+++ b/daemon/graphdriver/devmapper/README.md
@@ -0,0 +1,96 @@
+## devicemapper - a storage backend based on Device Mapper
+
+### Theory of operation
+
+The device mapper graphdriver uses the device mapper thin provisioning
+module (dm-thinp) to implement CoW snapshots. The preferred model is
+to have a thin pool reserved outside of Docker and passed to the
+daemon via the `--storage-opt dm.thinpooldev` option.
+
+As a fallback if no thin pool is provided, loopback files will be
+created.  Loopback is very slow, but can be used without any
+pre-configuration of storage.  It is strongly recommended that you do
+not use loopback in production.  Ensure your Docker daemon has a
+`--storage-opt dm.thinpooldev` argument provided.
+
+In loopback, a thin pool is created at `/var/lib/docker/devicemapper`
+(devicemapper graph location) based on two block devices, one for
+data and one for metadata. By default these block devices are created
+automatically by using loopback mounts of automatically created sparse
+files.
+
+The default loopback files used are
+`/var/lib/docker/devicemapper/devicemapper/data` and
+`/var/lib/docker/devicemapper/devicemapper/metadata`. Additional metadata
+required to map from docker entities to the corresponding devicemapper
+volumes is stored in the `/var/lib/docker/devicemapper/devicemapper/json`
+file (encoded as Json).
+
+In order to support multiple devicemapper graphs on a system, the thin
+pool will be named something like: `docker-0:33-19478248-pool`, where
+the `0:33` part is the minor/major device nr and `19478248` is the
+inode number of the `/var/lib/docker/devicemapper` directory.
+
+On the thin pool, docker automatically creates a base thin device,
+called something like `docker-0:33-19478248-base` of a fixed
+size. This is automatically formatted with an empty filesystem on
+creation. This device is the base of all docker images and
+containers. All base images are snapshots of this device and those
+images are then in turn used as snapshots for other images and
+eventually containers.
+
+### Information on `docker info`
+
+As of docker-1.4.1, `docker info` when using the `devicemapper` storage driver
+will display something like:
+
+	$ sudo docker info
+	[...]
+	Storage Driver: devicemapper
+	 Pool Name: docker-253:1-17538953-pool
+	 Pool Blocksize: 65.54 kB
+	 Base Device Size: 107.4 GB
+	 Data file: /dev/loop4
+	 Metadata file: /dev/loop4
+	 Data Space Used: 2.536 GB
+	 Data Space Total: 107.4 GB
+	 Data Space Available: 104.8 GB
+	 Metadata Space Used: 7.93 MB
+	 Metadata Space Total: 2.147 GB
+	 Metadata Space Available: 2.14 GB
+	 Udev Sync Supported: true
+	 Data loop file: /home/docker/devicemapper/devicemapper/data
+	 Metadata loop file: /home/docker/devicemapper/devicemapper/metadata
+	 Library Version: 1.02.82-git (2013-10-04)
+	[...]
+
+#### status items
+
+Each item in the indented section under `Storage Driver: devicemapper` are
+status information about the driver.
+ *  `Pool Name` name of the devicemapper pool for this driver.
+ *  `Pool Blocksize` tells the blocksize the thin pool was initialized with. This only changes on creation.
+ *  `Base Device Size` tells the maximum size of a container and image
+ *  `Data file` blockdevice file used for the devicemapper data
+ *  `Metadata file` blockdevice file used for the devicemapper metadata
+ *  `Data Space Used` tells how much of `Data file` is currently used
+ *  `Data Space Total` tells max size the `Data file`
+ *  `Data Space Available` tells how much free space there is in the `Data file`. If you are using a loop device this will report the actual space available to the loop device on the underlying filesystem.
+ *  `Metadata Space Used` tells how much of `Metadata file` is currently used
+ *  `Metadata Space Total` tells max size the `Metadata file`
+ *  `Metadata Space Available` tells how much free space there is in the `Metadata file`. If you are using a loop device this will report the actual space available to the loop device on the underlying filesystem.
+ *  `Udev Sync Supported` tells whether devicemapper is able to sync with Udev. Should be `true`.
+ *  `Data loop file` file attached to `Data file`, if loopback device is used
+ *  `Metadata loop file` file attached to `Metadata file`, if loopback device is used
+ *  `Library Version` from the libdevmapper used
+
+### About the devicemapper options
+
+The devicemapper backend supports some options that you can specify
+when starting the docker daemon using the `--storage-opt` flags.
+This uses the `dm` prefix and would be used something like `docker daemon --storage-opt dm.foo=bar`.
+
+These options are currently documented both in [the man
+page](../../../man/docker.1.md) and in [the online
+documentation](https://docs.docker.com/reference/commandline/daemon/#storage-driver-options).
+If you add an options, update both the `man` page and the documentation.
diff --git a/daemon/graphdriver/devmapper/deviceset.go b/daemon/graphdriver/devmapper/deviceset.go
new file mode 100644
index 00000000..6245fdc2
--- /dev/null
+++ b/daemon/graphdriver/devmapper/deviceset.go
@@ -0,0 +1,2570 @@
+// +build linux
+
+package devmapper
+
+import (
+	"bufio"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path"
+	"path/filepath"
+	"strconv"
+	"strings"
+	"sync"
+	"syscall"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+
+	"github.com/docker/docker/daemon/graphdriver"
+	"github.com/docker/docker/dockerversion"
+	"github.com/docker/docker/pkg/devicemapper"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/loopback"
+	"github.com/docker/docker/pkg/mount"
+	"github.com/docker/docker/pkg/parsers"
+	"github.com/docker/go-units"
+
+	"github.com/opencontainers/runc/libcontainer/label"
+)
+
+var (
+	defaultDataLoopbackSize     int64  = 100 * 1024 * 1024 * 1024
+	defaultMetaDataLoopbackSize int64  = 2 * 1024 * 1024 * 1024
+	defaultBaseFsSize           uint64 = 10 * 1024 * 1024 * 1024
+	defaultThinpBlockSize       uint32 = 128 // 64K = 128 512b sectors
+	defaultUdevSyncOverride            = false
+	maxDeviceID                        = 0xffffff // 24 bit, pool limit
+	deviceIDMapSz                      = (maxDeviceID + 1) / 8
+	// We retry device removal so many a times that even error messages
+	// will fill up console during normal operation. So only log Fatal
+	// messages by default.
+	logLevel                            = devicemapper.LogLevelFatal
+	driverDeferredRemovalSupport        = false
+	enableDeferredRemoval               = false
+	enableDeferredDeletion              = false
+	userBaseSize                        = false
+	defaultMinFreeSpacePercent   uint32 = 10
+)
+
+const deviceSetMetaFile string = "deviceset-metadata"
+const transactionMetaFile string = "transaction-metadata"
+
+type transaction struct {
+	OpenTransactionID uint64 `json:"open_transaction_id"`
+	DeviceIDHash      string `json:"device_hash"`
+	DeviceID          int    `json:"device_id"`
+}
+
+type devInfo struct {
+	Hash          string `json:"-"`
+	DeviceID      int    `json:"device_id"`
+	Size          uint64 `json:"size"`
+	TransactionID uint64 `json:"transaction_id"`
+	Initialized   bool   `json:"initialized"`
+	Deleted       bool   `json:"deleted"`
+	devices       *DeviceSet
+
+	// The global DeviceSet lock guarantees that we serialize all
+	// the calls to libdevmapper (which is not threadsafe), but we
+	// sometimes release that lock while sleeping. In that case
+	// this per-device lock is still held, protecting against
+	// other accesses to the device that we're doing the wait on.
+	//
+	// WARNING: In order to avoid AB-BA deadlocks when releasing
+	// the global lock while holding the per-device locks all
+	// device locks must be acquired *before* the device lock, and
+	// multiple device locks should be acquired parent before child.
+	lock sync.Mutex
+}
+
+type metaData struct {
+	Devices map[string]*devInfo `json:"Devices"`
+}
+
+// DeviceSet holds information about list of devices
+type DeviceSet struct {
+	metaData      `json:"-"`
+	sync.Mutex    `json:"-"` // Protects all fields of DeviceSet and serializes calls into libdevmapper
+	root          string
+	devicePrefix  string
+	TransactionID uint64 `json:"-"`
+	NextDeviceID  int    `json:"next_device_id"`
+	deviceIDMap   []byte
+
+	// Options
+	dataLoopbackSize      int64
+	metaDataLoopbackSize  int64
+	baseFsSize            uint64
+	filesystem            string
+	mountOptions          string
+	mkfsArgs              []string
+	dataDevice            string // block or loop dev
+	dataLoopFile          string // loopback file, if used
+	metadataDevice        string // block or loop dev
+	metadataLoopFile      string // loopback file, if used
+	doBlkDiscard          bool
+	thinpBlockSize        uint32
+	thinPoolDevice        string
+	transaction           `json:"-"`
+	overrideUdevSyncCheck bool
+	deferredRemove        bool   // use deferred removal
+	deferredDelete        bool   // use deferred deletion
+	BaseDeviceUUID        string // save UUID of base device
+	BaseDeviceFilesystem  string // save filesystem of base device
+	nrDeletedDevices      uint   // number of deleted devices
+	deletionWorkerTicker  *time.Ticker
+	uidMaps               []idtools.IDMap
+	gidMaps               []idtools.IDMap
+	minFreeSpacePercent   uint32 //min free space percentage in thinpool
+}
+
+// DiskUsage contains information about disk usage and is used when reporting Status of a device.
+type DiskUsage struct {
+	// Used bytes on the disk.
+	Used uint64
+	// Total bytes on the disk.
+	Total uint64
+	// Available bytes on the disk.
+	Available uint64
+}
+
+// Status returns the information about the device.
+type Status struct {
+	// PoolName is the name of the data pool.
+	PoolName string
+	// DataFile is the actual block device for data.
+	DataFile string
+	// DataLoopback loopback file, if used.
+	DataLoopback string
+	// MetadataFile is the actual block device for metadata.
+	MetadataFile string
+	// MetadataLoopback is the loopback file, if used.
+	MetadataLoopback string
+	// Data is the disk used for data.
+	Data DiskUsage
+	// Metadata is the disk used for meta data.
+	Metadata DiskUsage
+	// BaseDeviceSize is base size of container and image
+	BaseDeviceSize uint64
+	// BaseDeviceFS is backing filesystem.
+	BaseDeviceFS string
+	// SectorSize size of the vector.
+	SectorSize uint64
+	// UdevSyncSupported is true if sync is supported.
+	UdevSyncSupported bool
+	// DeferredRemoveEnabled is true then the device is not unmounted.
+	DeferredRemoveEnabled bool
+	// True if deferred deletion is enabled. This is different from
+	// deferred removal. "removal" means that device mapper device is
+	// deactivated. Thin device is still in thin pool and can be activated
+	// again. But "deletion" means that thin device will be deleted from
+	// thin pool and it can't be activated again.
+	DeferredDeleteEnabled      bool
+	DeferredDeletedDeviceCount uint
+}
+
+// Structure used to export image/container metadata in docker inspect.
+type deviceMetadata struct {
+	deviceID   int
+	deviceSize uint64 // size in bytes
+	deviceName string // Device name as used during activation
+}
+
+// DevStatus returns information about device mounted containing its id, size and sector information.
+type DevStatus struct {
+	// DeviceID is the id of the device.
+	DeviceID int
+	// Size is the size of the filesystem.
+	Size uint64
+	// TransactionID is a unique integer per device set used to identify an operation on the file system, this number is incremental.
+	TransactionID uint64
+	// SizeInSectors indicates the size of the sectors allocated.
+	SizeInSectors uint64
+	// MappedSectors indicates number of mapped sectors.
+	MappedSectors uint64
+	// HighestMappedSector is the pointer to the highest mapped sector.
+	HighestMappedSector uint64
+}
+
+func getDevName(name string) string {
+	return "/dev/mapper/" + name
+}
+
+func (info *devInfo) Name() string {
+	hash := info.Hash
+	if hash == "" {
+		hash = "base"
+	}
+	return fmt.Sprintf("%s-%s", info.devices.devicePrefix, hash)
+}
+
+func (info *devInfo) DevName() string {
+	return getDevName(info.Name())
+}
+
+func (devices *DeviceSet) loopbackDir() string {
+	return path.Join(devices.root, "devicemapper")
+}
+
+func (devices *DeviceSet) metadataDir() string {
+	return path.Join(devices.root, "metadata")
+}
+
+func (devices *DeviceSet) metadataFile(info *devInfo) string {
+	file := info.Hash
+	if file == "" {
+		file = "base"
+	}
+	return path.Join(devices.metadataDir(), file)
+}
+
+func (devices *DeviceSet) transactionMetaFile() string {
+	return path.Join(devices.metadataDir(), transactionMetaFile)
+}
+
+func (devices *DeviceSet) deviceSetMetaFile() string {
+	return path.Join(devices.metadataDir(), deviceSetMetaFile)
+}
+
+func (devices *DeviceSet) oldMetadataFile() string {
+	return path.Join(devices.loopbackDir(), "json")
+}
+
+func (devices *DeviceSet) getPoolName() string {
+	if devices.thinPoolDevice == "" {
+		return devices.devicePrefix + "-pool"
+	}
+	return devices.thinPoolDevice
+}
+
+func (devices *DeviceSet) getPoolDevName() string {
+	return getDevName(devices.getPoolName())
+}
+
+func (devices *DeviceSet) hasImage(name string) bool {
+	dirname := devices.loopbackDir()
+	filename := path.Join(dirname, name)
+
+	_, err := os.Stat(filename)
+	return err == nil
+}
+
+// ensureImage creates a sparse file of <size> bytes at the path
+// <root>/devicemapper/<name>.
+// If the file already exists and new size is larger than its current size, it grows to the new size.
+// Either way it returns the full path.
+func (devices *DeviceSet) ensureImage(name string, size int64) (string, error) {
+	dirname := devices.loopbackDir()
+	filename := path.Join(dirname, name)
+
+	uid, gid, err := idtools.GetRootUIDGID(devices.uidMaps, devices.gidMaps)
+	if err != nil {
+		return "", err
+	}
+	if err := idtools.MkdirAllAs(dirname, 0700, uid, gid); err != nil && !os.IsExist(err) {
+		return "", err
+	}
+
+	if fi, err := os.Stat(filename); err != nil {
+		if !os.IsNotExist(err) {
+			return "", err
+		}
+		logrus.Debugf("devmapper: Creating loopback file %s for device-manage use", filename)
+		file, err := os.OpenFile(filename, os.O_RDWR|os.O_CREATE, 0600)
+		if err != nil {
+			return "", err
+		}
+		defer file.Close()
+
+		if err := file.Truncate(size); err != nil {
+			return "", err
+		}
+	} else {
+		if fi.Size() < size {
+			file, err := os.OpenFile(filename, os.O_RDWR|os.O_CREATE, 0600)
+			if err != nil {
+				return "", err
+			}
+			defer file.Close()
+			if err := file.Truncate(size); err != nil {
+				return "", fmt.Errorf("devmapper: Unable to grow loopback file %s: %v", filename, err)
+			}
+		} else if fi.Size() > size {
+			logrus.Warnf("devmapper: Can't shrink loopback file %s", filename)
+		}
+	}
+	return filename, nil
+}
+
+func (devices *DeviceSet) allocateTransactionID() uint64 {
+	devices.OpenTransactionID = devices.TransactionID + 1
+	return devices.OpenTransactionID
+}
+
+func (devices *DeviceSet) updatePoolTransactionID() error {
+	if err := devicemapper.SetTransactionID(devices.getPoolDevName(), devices.TransactionID, devices.OpenTransactionID); err != nil {
+		return fmt.Errorf("devmapper: Error setting devmapper transaction ID: %s", err)
+	}
+	devices.TransactionID = devices.OpenTransactionID
+	return nil
+}
+
+func (devices *DeviceSet) removeMetadata(info *devInfo) error {
+	if err := os.RemoveAll(devices.metadataFile(info)); err != nil {
+		return fmt.Errorf("devmapper: Error removing metadata file %s: %s", devices.metadataFile(info), err)
+	}
+	return nil
+}
+
+// Given json data and file path, write it to disk
+func (devices *DeviceSet) writeMetaFile(jsonData []byte, filePath string) error {
+	tmpFile, err := ioutil.TempFile(devices.metadataDir(), ".tmp")
+	if err != nil {
+		return fmt.Errorf("devmapper: Error creating metadata file: %s", err)
+	}
+
+	n, err := tmpFile.Write(jsonData)
+	if err != nil {
+		return fmt.Errorf("devmapper: Error writing metadata to %s: %s", tmpFile.Name(), err)
+	}
+	if n < len(jsonData) {
+		return io.ErrShortWrite
+	}
+	if err := tmpFile.Sync(); err != nil {
+		return fmt.Errorf("devmapper: Error syncing metadata file %s: %s", tmpFile.Name(), err)
+	}
+	if err := tmpFile.Close(); err != nil {
+		return fmt.Errorf("devmapper: Error closing metadata file %s: %s", tmpFile.Name(), err)
+	}
+	if err := os.Rename(tmpFile.Name(), filePath); err != nil {
+		return fmt.Errorf("devmapper: Error committing metadata file %s: %s", tmpFile.Name(), err)
+	}
+
+	return nil
+}
+
+func (devices *DeviceSet) saveMetadata(info *devInfo) error {
+	jsonData, err := json.Marshal(info)
+	if err != nil {
+		return fmt.Errorf("devmapper: Error encoding metadata to json: %s", err)
+	}
+	if err := devices.writeMetaFile(jsonData, devices.metadataFile(info)); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (devices *DeviceSet) markDeviceIDUsed(deviceID int) {
+	var mask byte
+	i := deviceID % 8
+	mask = 1 << uint(i)
+	devices.deviceIDMap[deviceID/8] = devices.deviceIDMap[deviceID/8] | mask
+}
+
+func (devices *DeviceSet) markDeviceIDFree(deviceID int) {
+	var mask byte
+	i := deviceID % 8
+	mask = ^(1 << uint(i))
+	devices.deviceIDMap[deviceID/8] = devices.deviceIDMap[deviceID/8] & mask
+}
+
+func (devices *DeviceSet) isDeviceIDFree(deviceID int) bool {
+	var mask byte
+	i := deviceID % 8
+	mask = (1 << uint(i))
+	if (devices.deviceIDMap[deviceID/8] & mask) != 0 {
+		return false
+	}
+	return true
+}
+
+// Should be called with devices.Lock() held.
+func (devices *DeviceSet) lookupDevice(hash string) (*devInfo, error) {
+	info := devices.Devices[hash]
+	if info == nil {
+		info = devices.loadMetadata(hash)
+		if info == nil {
+			return nil, fmt.Errorf("devmapper: Unknown device %s", hash)
+		}
+
+		devices.Devices[hash] = info
+	}
+	return info, nil
+}
+
+func (devices *DeviceSet) lookupDeviceWithLock(hash string) (*devInfo, error) {
+	devices.Lock()
+	defer devices.Unlock()
+	info, err := devices.lookupDevice(hash)
+	return info, err
+}
+
+// This function relies on that device hash map has been loaded in advance.
+// Should be called with devices.Lock() held.
+func (devices *DeviceSet) constructDeviceIDMap() {
+	logrus.Debugf("devmapper: constructDeviceIDMap()")
+	defer logrus.Debugf("devmapper: constructDeviceIDMap() END")
+
+	for _, info := range devices.Devices {
+		devices.markDeviceIDUsed(info.DeviceID)
+		logrus.Debugf("devmapper: Added deviceId=%d to DeviceIdMap", info.DeviceID)
+	}
+}
+
+func (devices *DeviceSet) deviceFileWalkFunction(path string, finfo os.FileInfo) error {
+
+	// Skip some of the meta files which are not device files.
+	if strings.HasSuffix(finfo.Name(), ".migrated") {
+		logrus.Debugf("devmapper: Skipping file %s", path)
+		return nil
+	}
+
+	if strings.HasPrefix(finfo.Name(), ".") {
+		logrus.Debugf("devmapper: Skipping file %s", path)
+		return nil
+	}
+
+	if finfo.Name() == deviceSetMetaFile {
+		logrus.Debugf("devmapper: Skipping file %s", path)
+		return nil
+	}
+
+	if finfo.Name() == transactionMetaFile {
+		logrus.Debugf("devmapper: Skipping file %s", path)
+		return nil
+	}
+
+	logrus.Debugf("devmapper: Loading data for file %s", path)
+
+	hash := finfo.Name()
+	if hash == "base" {
+		hash = ""
+	}
+
+	// Include deleted devices also as cleanup delete device logic
+	// will go through it and see if there are any deleted devices.
+	if _, err := devices.lookupDevice(hash); err != nil {
+		return fmt.Errorf("devmapper: Error looking up device %s:%v", hash, err)
+	}
+
+	return nil
+}
+
+func (devices *DeviceSet) loadDeviceFilesOnStart() error {
+	logrus.Debugf("devmapper: loadDeviceFilesOnStart()")
+	defer logrus.Debugf("devmapper: loadDeviceFilesOnStart() END")
+
+	var scan = func(path string, info os.FileInfo, err error) error {
+		if err != nil {
+			logrus.Debugf("devmapper: Can't walk the file %s", path)
+			return nil
+		}
+
+		// Skip any directories
+		if info.IsDir() {
+			return nil
+		}
+
+		return devices.deviceFileWalkFunction(path, info)
+	}
+
+	return filepath.Walk(devices.metadataDir(), scan)
+}
+
+// Should be called with devices.Lock() held.
+func (devices *DeviceSet) unregisterDevice(id int, hash string) error {
+	logrus.Debugf("devmapper: unregisterDevice(%v, %v)", id, hash)
+	info := &devInfo{
+		Hash:     hash,
+		DeviceID: id,
+	}
+
+	delete(devices.Devices, hash)
+
+	if err := devices.removeMetadata(info); err != nil {
+		logrus.Debugf("devmapper: Error removing metadata: %s", err)
+		return err
+	}
+
+	return nil
+}
+
+// Should be called with devices.Lock() held.
+func (devices *DeviceSet) registerDevice(id int, hash string, size uint64, transactionID uint64) (*devInfo, error) {
+	logrus.Debugf("devmapper: registerDevice(%v, %v)", id, hash)
+	info := &devInfo{
+		Hash:          hash,
+		DeviceID:      id,
+		Size:          size,
+		TransactionID: transactionID,
+		Initialized:   false,
+		devices:       devices,
+	}
+
+	devices.Devices[hash] = info
+
+	if err := devices.saveMetadata(info); err != nil {
+		// Try to remove unused device
+		delete(devices.Devices, hash)
+		return nil, err
+	}
+
+	return info, nil
+}
+
+func (devices *DeviceSet) activateDeviceIfNeeded(info *devInfo, ignoreDeleted bool) error {
+	logrus.Debugf("devmapper: activateDeviceIfNeeded(%v)", info.Hash)
+
+	if info.Deleted && !ignoreDeleted {
+		return fmt.Errorf("devmapper: Can't activate device %v as it is marked for deletion", info.Hash)
+	}
+
+	// Make sure deferred removal on device is canceled, if one was
+	// scheduled.
+	if err := devices.cancelDeferredRemoval(info); err != nil {
+		return fmt.Errorf("devmapper: Device Deferred Removal Cancellation Failed: %s", err)
+	}
+
+	if devinfo, _ := devicemapper.GetInfo(info.Name()); devinfo != nil && devinfo.Exists != 0 {
+		return nil
+	}
+
+	return devicemapper.ActivateDevice(devices.getPoolDevName(), info.Name(), info.DeviceID, info.Size)
+}
+
+// Return true only if kernel supports xfs and mkfs.xfs is available
+func xfsSupported() bool {
+	// Make sure mkfs.xfs is available
+	if _, err := exec.LookPath("mkfs.xfs"); err != nil {
+		return false
+	}
+
+	// Check if kernel supports xfs filesystem or not.
+	exec.Command("modprobe", "xfs").Run()
+
+	f, err := os.Open("/proc/filesystems")
+	if err != nil {
+		logrus.Warnf("devmapper: Could not check if xfs is supported: %v", err)
+		return false
+	}
+	defer f.Close()
+
+	s := bufio.NewScanner(f)
+	for s.Scan() {
+		if strings.HasSuffix(s.Text(), "\txfs") {
+			return true
+		}
+	}
+
+	if err := s.Err(); err != nil {
+		logrus.Warnf("devmapper: Could not check if xfs is supported: %v", err)
+	}
+	return false
+}
+
+func determineDefaultFS() string {
+	if xfsSupported() {
+		return "xfs"
+	}
+
+	logrus.Warn("devmapper: XFS is not supported in your system. Either the kernel doesn't support it or mkfs.xfs is not in your PATH. Defaulting to ext4 filesystem")
+	return "ext4"
+}
+
+func (devices *DeviceSet) createFilesystem(info *devInfo) (err error) {
+	devname := info.DevName()
+
+	args := []string{}
+	for _, arg := range devices.mkfsArgs {
+		args = append(args, arg)
+	}
+
+	args = append(args, devname)
+
+	if devices.filesystem == "" {
+		devices.filesystem = determineDefaultFS()
+	}
+	if err := devices.saveBaseDeviceFilesystem(devices.filesystem); err != nil {
+		return err
+	}
+
+	logrus.Infof("devmapper: Creating filesystem %s on device %s", devices.filesystem, info.Name())
+	defer func() {
+		if err != nil {
+			logrus.Infof("devmapper: Error while creating filesystem %s on device %s: %v", devices.filesystem, info.Name(), err)
+		} else {
+			logrus.Infof("devmapper: Successfully created filesystem %s on device %s", devices.filesystem, info.Name())
+		}
+	}()
+
+	switch devices.filesystem {
+	case "xfs":
+		err = exec.Command("mkfs.xfs", args...).Run()
+	case "ext4":
+		err = exec.Command("mkfs.ext4", append([]string{"-E", "nodiscard,lazy_itable_init=0,lazy_journal_init=0"}, args...)...).Run()
+		if err != nil {
+			err = exec.Command("mkfs.ext4", append([]string{"-E", "nodiscard,lazy_itable_init=0"}, args...)...).Run()
+		}
+		if err != nil {
+			return err
+		}
+		err = exec.Command("tune2fs", append([]string{"-c", "-1", "-i", "0"}, devname)...).Run()
+	default:
+		err = fmt.Errorf("devmapper: Unsupported filesystem type %s", devices.filesystem)
+	}
+	return
+}
+
+func (devices *DeviceSet) migrateOldMetaData() error {
+	// Migrate old metadata file
+	jsonData, err := ioutil.ReadFile(devices.oldMetadataFile())
+	if err != nil && !os.IsNotExist(err) {
+		return err
+	}
+
+	if jsonData != nil {
+		m := metaData{Devices: make(map[string]*devInfo)}
+
+		if err := json.Unmarshal(jsonData, &m); err != nil {
+			return err
+		}
+
+		for hash, info := range m.Devices {
+			info.Hash = hash
+			devices.saveMetadata(info)
+		}
+		if err := os.Rename(devices.oldMetadataFile(), devices.oldMetadataFile()+".migrated"); err != nil {
+			return err
+		}
+
+	}
+
+	return nil
+}
+
+// Cleanup deleted devices. It assumes that all the devices have been
+// loaded in the hash table.
+func (devices *DeviceSet) cleanupDeletedDevices() error {
+	devices.Lock()
+
+	// If there are no deleted devices, there is nothing to do.
+	if devices.nrDeletedDevices == 0 {
+		devices.Unlock()
+		return nil
+	}
+
+	var deletedDevices []*devInfo
+
+	for _, info := range devices.Devices {
+		if !info.Deleted {
+			continue
+		}
+		logrus.Debugf("devmapper: Found deleted device %s.", info.Hash)
+		deletedDevices = append(deletedDevices, info)
+	}
+
+	// Delete the deleted devices. DeleteDevice() first takes the info lock
+	// and then devices.Lock(). So drop it to avoid deadlock.
+	devices.Unlock()
+
+	for _, info := range deletedDevices {
+		// This will again try deferred deletion.
+		if err := devices.DeleteDevice(info.Hash, false); err != nil {
+			logrus.Warnf("devmapper: Deletion of device %s, device_id=%v failed:%v", info.Hash, info.DeviceID, err)
+		}
+	}
+
+	return nil
+}
+
+func (devices *DeviceSet) countDeletedDevices() {
+	for _, info := range devices.Devices {
+		if !info.Deleted {
+			continue
+		}
+		devices.nrDeletedDevices++
+	}
+}
+
+func (devices *DeviceSet) startDeviceDeletionWorker() {
+	// Deferred deletion is not enabled. Don't do anything.
+	if !devices.deferredDelete {
+		return
+	}
+
+	logrus.Debugf("devmapper: Worker to cleanup deleted devices started")
+	for range devices.deletionWorkerTicker.C {
+		devices.cleanupDeletedDevices()
+	}
+}
+
+func (devices *DeviceSet) initMetaData() error {
+	devices.Lock()
+	defer devices.Unlock()
+
+	if err := devices.migrateOldMetaData(); err != nil {
+		return err
+	}
+
+	_, transactionID, _, _, _, _, err := devices.poolStatus()
+	if err != nil {
+		return err
+	}
+
+	devices.TransactionID = transactionID
+
+	if err := devices.loadDeviceFilesOnStart(); err != nil {
+		return fmt.Errorf("devmapper: Failed to load device files:%v", err)
+	}
+
+	devices.constructDeviceIDMap()
+	devices.countDeletedDevices()
+
+	if err := devices.processPendingTransaction(); err != nil {
+		return err
+	}
+
+	// Start a goroutine to cleanup Deleted Devices
+	go devices.startDeviceDeletionWorker()
+	return nil
+}
+
+func (devices *DeviceSet) incNextDeviceID() {
+	// IDs are 24bit, so wrap around
+	devices.NextDeviceID = (devices.NextDeviceID + 1) & maxDeviceID
+}
+
+func (devices *DeviceSet) getNextFreeDeviceID() (int, error) {
+	devices.incNextDeviceID()
+	for i := 0; i <= maxDeviceID; i++ {
+		if devices.isDeviceIDFree(devices.NextDeviceID) {
+			devices.markDeviceIDUsed(devices.NextDeviceID)
+			return devices.NextDeviceID, nil
+		}
+		devices.incNextDeviceID()
+	}
+
+	return 0, fmt.Errorf("devmapper: Unable to find a free device ID")
+}
+
+func (devices *DeviceSet) poolHasFreeSpace() error {
+	if devices.minFreeSpacePercent == 0 {
+		return nil
+	}
+
+	_, _, dataUsed, dataTotal, metadataUsed, metadataTotal, err := devices.poolStatus()
+	if err != nil {
+		return err
+	}
+
+	minFreeData := (dataTotal * uint64(devices.minFreeSpacePercent)) / 100
+	if minFreeData < 1 {
+		minFreeData = 1
+	}
+	dataFree := dataTotal - dataUsed
+	if dataFree < minFreeData {
+		return fmt.Errorf("devmapper: Thin Pool has %v free data blocks which is less than minimum required %v free data blocks. Create more free space in thin pool or use dm.min_free_space option to change behavior", (dataTotal - dataUsed), minFreeData)
+	}
+
+	minFreeMetadata := (metadataTotal * uint64(devices.minFreeSpacePercent)) / 100
+	if minFreeMetadata < 1 {
+		minFreeMetadata = 1
+	}
+
+	metadataFree := metadataTotal - metadataUsed
+	if metadataFree < minFreeMetadata {
+		return fmt.Errorf("devmapper: Thin Pool has %v free metadata blocks which is less than minimum required %v free metadata blocks. Create more free metadata space in thin pool or use dm.min_free_space option to change behavior", (metadataTotal - metadataUsed), minFreeMetadata)
+	}
+
+	return nil
+}
+
+func (devices *DeviceSet) createRegisterDevice(hash string) (*devInfo, error) {
+	devices.Lock()
+	defer devices.Unlock()
+
+	deviceID, err := devices.getNextFreeDeviceID()
+	if err != nil {
+		return nil, err
+	}
+
+	if err := devices.openTransaction(hash, deviceID); err != nil {
+		logrus.Debugf("devmapper: Error opening transaction hash = %s deviceID = %d", hash, deviceID)
+		devices.markDeviceIDFree(deviceID)
+		return nil, err
+	}
+
+	for {
+		if err := devicemapper.CreateDevice(devices.getPoolDevName(), deviceID); err != nil {
+			if devicemapper.DeviceIDExists(err) {
+				// Device ID already exists. This should not
+				// happen. Now we have a mechanism to find
+				// a free device ID. So something is not right.
+				// Give a warning and continue.
+				logrus.Errorf("devmapper: Device ID %d exists in pool but it is supposed to be unused", deviceID)
+				deviceID, err = devices.getNextFreeDeviceID()
+				if err != nil {
+					return nil, err
+				}
+				// Save new device id into transaction
+				devices.refreshTransaction(deviceID)
+				continue
+			}
+			logrus.Debugf("devmapper: Error creating device: %s", err)
+			devices.markDeviceIDFree(deviceID)
+			return nil, err
+		}
+		break
+	}
+
+	logrus.Debugf("devmapper: Registering device (id %v) with FS size %v", deviceID, devices.baseFsSize)
+	info, err := devices.registerDevice(deviceID, hash, devices.baseFsSize, devices.OpenTransactionID)
+	if err != nil {
+		_ = devicemapper.DeleteDevice(devices.getPoolDevName(), deviceID)
+		devices.markDeviceIDFree(deviceID)
+		return nil, err
+	}
+
+	if err := devices.closeTransaction(); err != nil {
+		devices.unregisterDevice(deviceID, hash)
+		devicemapper.DeleteDevice(devices.getPoolDevName(), deviceID)
+		devices.markDeviceIDFree(deviceID)
+		return nil, err
+	}
+	return info, nil
+}
+
+func (devices *DeviceSet) createRegisterSnapDevice(hash string, baseInfo *devInfo) error {
+	if err := devices.poolHasFreeSpace(); err != nil {
+		return err
+	}
+
+	deviceID, err := devices.getNextFreeDeviceID()
+	if err != nil {
+		return err
+	}
+
+	if err := devices.openTransaction(hash, deviceID); err != nil {
+		logrus.Debugf("devmapper: Error opening transaction hash = %s deviceID = %d", hash, deviceID)
+		devices.markDeviceIDFree(deviceID)
+		return err
+	}
+
+	for {
+		if err := devicemapper.CreateSnapDevice(devices.getPoolDevName(), deviceID, baseInfo.Name(), baseInfo.DeviceID); err != nil {
+			if devicemapper.DeviceIDExists(err) {
+				// Device ID already exists. This should not
+				// happen. Now we have a mechanism to find
+				// a free device ID. So something is not right.
+				// Give a warning and continue.
+				logrus.Errorf("devmapper: Device ID %d exists in pool but it is supposed to be unused", deviceID)
+				deviceID, err = devices.getNextFreeDeviceID()
+				if err != nil {
+					return err
+				}
+				// Save new device id into transaction
+				devices.refreshTransaction(deviceID)
+				continue
+			}
+			logrus.Debugf("devmapper: Error creating snap device: %s", err)
+			devices.markDeviceIDFree(deviceID)
+			return err
+		}
+		break
+	}
+
+	if _, err := devices.registerDevice(deviceID, hash, baseInfo.Size, devices.OpenTransactionID); err != nil {
+		devicemapper.DeleteDevice(devices.getPoolDevName(), deviceID)
+		devices.markDeviceIDFree(deviceID)
+		logrus.Debugf("devmapper: Error registering device: %s", err)
+		return err
+	}
+
+	if err := devices.closeTransaction(); err != nil {
+		devices.unregisterDevice(deviceID, hash)
+		devicemapper.DeleteDevice(devices.getPoolDevName(), deviceID)
+		devices.markDeviceIDFree(deviceID)
+		return err
+	}
+	return nil
+}
+
+func (devices *DeviceSet) loadMetadata(hash string) *devInfo {
+	info := &devInfo{Hash: hash, devices: devices}
+
+	jsonData, err := ioutil.ReadFile(devices.metadataFile(info))
+	if err != nil {
+		return nil
+	}
+
+	if err := json.Unmarshal(jsonData, &info); err != nil {
+		return nil
+	}
+
+	if info.DeviceID > maxDeviceID {
+		logrus.Errorf("devmapper: Ignoring Invalid DeviceId=%d", info.DeviceID)
+		return nil
+	}
+
+	return info
+}
+
+func getDeviceUUID(device string) (string, error) {
+	out, err := exec.Command("blkid", "-s", "UUID", "-o", "value", device).Output()
+	if err != nil {
+		return "", fmt.Errorf("devmapper: Failed to find uuid for device %s:%v", device, err)
+	}
+
+	uuid := strings.TrimSuffix(string(out), "\n")
+	uuid = strings.TrimSpace(uuid)
+	logrus.Debugf("devmapper: UUID for device: %s is:%s", device, uuid)
+	return uuid, nil
+}
+
+func (devices *DeviceSet) getBaseDeviceSize() uint64 {
+	info, _ := devices.lookupDevice("")
+	if info == nil {
+		return 0
+	}
+	return info.Size
+}
+
+func (devices *DeviceSet) getBaseDeviceFS() string {
+	return devices.BaseDeviceFilesystem
+}
+
+func (devices *DeviceSet) verifyBaseDeviceUUIDFS(baseInfo *devInfo) error {
+	devices.Lock()
+	defer devices.Unlock()
+
+	if err := devices.activateDeviceIfNeeded(baseInfo, false); err != nil {
+		return err
+	}
+	defer devices.deactivateDevice(baseInfo)
+
+	uuid, err := getDeviceUUID(baseInfo.DevName())
+	if err != nil {
+		return err
+	}
+
+	if devices.BaseDeviceUUID != uuid {
+		return fmt.Errorf("devmapper: Current Base Device UUID:%s does not match with stored UUID:%s. Possibly using a different thin pool than last invocation", uuid, devices.BaseDeviceUUID)
+	}
+
+	if devices.BaseDeviceFilesystem == "" {
+		fsType, err := ProbeFsType(baseInfo.DevName())
+		if err != nil {
+			return err
+		}
+		if err := devices.saveBaseDeviceFilesystem(fsType); err != nil {
+			return err
+		}
+	}
+
+	// If user specified a filesystem using dm.fs option and current
+	// file system of base image is not same, warn user that dm.fs
+	// will be ignored.
+	if devices.BaseDeviceFilesystem != devices.filesystem {
+		logrus.Warnf("devmapper: Base device already exists and has filesystem %s on it. User specified filesystem %s will be ignored.", devices.BaseDeviceFilesystem, devices.filesystem)
+		devices.filesystem = devices.BaseDeviceFilesystem
+	}
+	return nil
+}
+
+func (devices *DeviceSet) saveBaseDeviceFilesystem(fs string) error {
+	devices.BaseDeviceFilesystem = fs
+	return devices.saveDeviceSetMetaData()
+}
+
+func (devices *DeviceSet) saveBaseDeviceUUID(baseInfo *devInfo) error {
+	devices.Lock()
+	defer devices.Unlock()
+
+	if err := devices.activateDeviceIfNeeded(baseInfo, false); err != nil {
+		return err
+	}
+	defer devices.deactivateDevice(baseInfo)
+
+	uuid, err := getDeviceUUID(baseInfo.DevName())
+	if err != nil {
+		return err
+	}
+
+	devices.BaseDeviceUUID = uuid
+	return devices.saveDeviceSetMetaData()
+}
+
+func (devices *DeviceSet) createBaseImage() error {
+	logrus.Debugf("devmapper: Initializing base device-mapper thin volume")
+
+	// Create initial device
+	info, err := devices.createRegisterDevice("")
+	if err != nil {
+		return err
+	}
+
+	logrus.Debugf("devmapper: Creating filesystem on base device-mapper thin volume")
+
+	if err := devices.activateDeviceIfNeeded(info, false); err != nil {
+		return err
+	}
+
+	if err := devices.createFilesystem(info); err != nil {
+		return err
+	}
+
+	info.Initialized = true
+	if err := devices.saveMetadata(info); err != nil {
+		info.Initialized = false
+		return err
+	}
+
+	if err := devices.saveBaseDeviceUUID(info); err != nil {
+		return fmt.Errorf("devmapper: Could not query and save base device UUID:%v", err)
+	}
+
+	return nil
+}
+
+// Returns if thin pool device exists or not. If device exists, also makes
+// sure it is a thin pool device and not some other type of device.
+func (devices *DeviceSet) thinPoolExists(thinPoolDevice string) (bool, error) {
+	logrus.Debugf("devmapper: Checking for existence of the pool %s", thinPoolDevice)
+
+	info, err := devicemapper.GetInfo(thinPoolDevice)
+	if err != nil {
+		return false, fmt.Errorf("devmapper: GetInfo() on device %s failed: %v", thinPoolDevice, err)
+	}
+
+	// Device does not exist.
+	if info.Exists == 0 {
+		return false, nil
+	}
+
+	_, _, deviceType, _, err := devicemapper.GetStatus(thinPoolDevice)
+	if err != nil {
+		return false, fmt.Errorf("devmapper: GetStatus() on device %s failed: %v", thinPoolDevice, err)
+	}
+
+	if deviceType != "thin-pool" {
+		return false, fmt.Errorf("devmapper: Device %s is not a thin pool", thinPoolDevice)
+	}
+
+	return true, nil
+}
+
+func (devices *DeviceSet) checkThinPool() error {
+	_, transactionID, dataUsed, _, _, _, err := devices.poolStatus()
+	if err != nil {
+		return err
+	}
+	if dataUsed != 0 {
+		return fmt.Errorf("devmapper: Unable to take ownership of thin-pool (%s) that already has used data blocks",
+			devices.thinPoolDevice)
+	}
+	if transactionID != 0 {
+		return fmt.Errorf("devmapper: Unable to take ownership of thin-pool (%s) with non-zero transaction ID",
+			devices.thinPoolDevice)
+	}
+	return nil
+}
+
+// Base image is initialized properly. Either save UUID for first time (for
+// upgrade case or verify UUID.
+func (devices *DeviceSet) setupVerifyBaseImageUUIDFS(baseInfo *devInfo) error {
+	// If BaseDeviceUUID is nil (upgrade case), save it and return success.
+	if devices.BaseDeviceUUID == "" {
+		if err := devices.saveBaseDeviceUUID(baseInfo); err != nil {
+			return fmt.Errorf("devmapper: Could not query and save base device UUID:%v", err)
+		}
+		return nil
+	}
+
+	if err := devices.verifyBaseDeviceUUIDFS(baseInfo); err != nil {
+		return fmt.Errorf("devmapper: Base Device UUID and Filesystem verification failed.%v", err)
+	}
+
+	return nil
+}
+
+func (devices *DeviceSet) checkGrowBaseDeviceFS(info *devInfo) error {
+
+	if !userBaseSize {
+		return nil
+	}
+
+	if devices.baseFsSize < devices.getBaseDeviceSize() {
+		return fmt.Errorf("devmapper: Base device size cannot be smaller than %s", units.HumanSize(float64(devices.getBaseDeviceSize())))
+	}
+
+	if devices.baseFsSize == devices.getBaseDeviceSize() {
+		return nil
+	}
+
+	info.lock.Lock()
+	defer info.lock.Unlock()
+
+	devices.Lock()
+	defer devices.Unlock()
+
+	info.Size = devices.baseFsSize
+
+	if err := devices.saveMetadata(info); err != nil {
+		// Try to remove unused device
+		delete(devices.Devices, info.Hash)
+		return err
+	}
+
+	return devices.growFS(info)
+}
+
+func (devices *DeviceSet) growFS(info *devInfo) error {
+	if err := devices.activateDeviceIfNeeded(info, false); err != nil {
+		return fmt.Errorf("Error activating devmapper device: %s", err)
+	}
+
+	defer devices.deactivateDevice(info)
+
+	fsMountPoint := "/run/docker/mnt"
+	if _, err := os.Stat(fsMountPoint); os.IsNotExist(err) {
+		if err := os.MkdirAll(fsMountPoint, 0700); err != nil {
+			return err
+		}
+		defer os.RemoveAll(fsMountPoint)
+	}
+
+	options := ""
+	if devices.BaseDeviceFilesystem == "xfs" {
+		// XFS needs nouuid or it can't mount filesystems with the same fs
+		options = joinMountOptions(options, "nouuid")
+	}
+	options = joinMountOptions(options, devices.mountOptions)
+
+	if err := mount.Mount(info.DevName(), fsMountPoint, devices.BaseDeviceFilesystem, options); err != nil {
+		return fmt.Errorf("Error mounting '%s' on '%s': %s", info.DevName(), fsMountPoint, err)
+	}
+
+	defer syscall.Unmount(fsMountPoint, syscall.MNT_DETACH)
+
+	switch devices.BaseDeviceFilesystem {
+	case "ext4":
+		if out, err := exec.Command("resize2fs", info.DevName()).CombinedOutput(); err != nil {
+			return fmt.Errorf("Failed to grow rootfs:%v:%s", err, string(out))
+		}
+	case "xfs":
+		if out, err := exec.Command("xfs_growfs", info.DevName()).CombinedOutput(); err != nil {
+			return fmt.Errorf("Failed to grow rootfs:%v:%s", err, string(out))
+		}
+	default:
+		return fmt.Errorf("Unsupported filesystem type %s", devices.BaseDeviceFilesystem)
+	}
+	return nil
+}
+
+func (devices *DeviceSet) setupBaseImage() error {
+	oldInfo, _ := devices.lookupDeviceWithLock("")
+
+	// base image already exists. If it is initialized properly, do UUID
+	// verification and return. Otherwise remove image and set it up
+	// fresh.
+
+	if oldInfo != nil {
+		if oldInfo.Initialized && !oldInfo.Deleted {
+			if err := devices.setupVerifyBaseImageUUIDFS(oldInfo); err != nil {
+				return err
+			}
+
+			if err := devices.checkGrowBaseDeviceFS(oldInfo); err != nil {
+				return err
+			}
+
+			return nil
+		}
+
+		logrus.Debugf("devmapper: Removing uninitialized base image")
+		// If previous base device is in deferred delete state,
+		// that needs to be cleaned up first. So don't try
+		// deferred deletion.
+		if err := devices.DeleteDevice("", true); err != nil {
+			return err
+		}
+	}
+
+	// If we are setting up base image for the first time, make sure
+	// thin pool is empty.
+	if devices.thinPoolDevice != "" && oldInfo == nil {
+		if err := devices.checkThinPool(); err != nil {
+			return err
+		}
+	}
+
+	// Create new base image device
+	if err := devices.createBaseImage(); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func setCloseOnExec(name string) {
+	if fileInfos, _ := ioutil.ReadDir("/proc/self/fd"); fileInfos != nil {
+		for _, i := range fileInfos {
+			link, _ := os.Readlink(filepath.Join("/proc/self/fd", i.Name()))
+			if link == name {
+				fd, err := strconv.Atoi(i.Name())
+				if err == nil {
+					syscall.CloseOnExec(fd)
+				}
+			}
+		}
+	}
+}
+
+// DMLog implements logging using DevMapperLogger interface.
+func (devices *DeviceSet) DMLog(level int, file string, line int, dmError int, message string) {
+	// By default libdm sends us all the messages including debug ones.
+	// We need to filter out messages here and figure out which one
+	// should be printed.
+	if level > logLevel {
+		return
+	}
+
+	// FIXME(vbatts) push this back into ./pkg/devicemapper/
+	if level <= devicemapper.LogLevelErr {
+		logrus.Errorf("libdevmapper(%d): %s:%d (%d) %s", level, file, line, dmError, message)
+	} else if level <= devicemapper.LogLevelInfo {
+		logrus.Infof("libdevmapper(%d): %s:%d (%d) %s", level, file, line, dmError, message)
+	} else {
+		// FIXME(vbatts) push this back into ./pkg/devicemapper/
+		logrus.Debugf("libdevmapper(%d): %s:%d (%d) %s", level, file, line, dmError, message)
+	}
+}
+
+func major(device uint64) uint64 {
+	return (device >> 8) & 0xfff
+}
+
+func minor(device uint64) uint64 {
+	return (device & 0xff) | ((device >> 12) & 0xfff00)
+}
+
+// ResizePool increases the size of the pool.
+func (devices *DeviceSet) ResizePool(size int64) error {
+	dirname := devices.loopbackDir()
+	datafilename := path.Join(dirname, "data")
+	if len(devices.dataDevice) > 0 {
+		datafilename = devices.dataDevice
+	}
+	metadatafilename := path.Join(dirname, "metadata")
+	if len(devices.metadataDevice) > 0 {
+		metadatafilename = devices.metadataDevice
+	}
+
+	datafile, err := os.OpenFile(datafilename, os.O_RDWR, 0)
+	if datafile == nil {
+		return err
+	}
+	defer datafile.Close()
+
+	fi, err := datafile.Stat()
+	if fi == nil {
+		return err
+	}
+
+	if fi.Size() > size {
+		return fmt.Errorf("devmapper: Can't shrink file")
+	}
+
+	dataloopback := loopback.FindLoopDeviceFor(datafile)
+	if dataloopback == nil {
+		return fmt.Errorf("devmapper: Unable to find loopback mount for: %s", datafilename)
+	}
+	defer dataloopback.Close()
+
+	metadatafile, err := os.OpenFile(metadatafilename, os.O_RDWR, 0)
+	if metadatafile == nil {
+		return err
+	}
+	defer metadatafile.Close()
+
+	metadataloopback := loopback.FindLoopDeviceFor(metadatafile)
+	if metadataloopback == nil {
+		return fmt.Errorf("devmapper: Unable to find loopback mount for: %s", metadatafilename)
+	}
+	defer metadataloopback.Close()
+
+	// Grow loopback file
+	if err := datafile.Truncate(size); err != nil {
+		return fmt.Errorf("devmapper: Unable to grow loopback file: %s", err)
+	}
+
+	// Reload size for loopback device
+	if err := loopback.SetCapacity(dataloopback); err != nil {
+		return fmt.Errorf("Unable to update loopback capacity: %s", err)
+	}
+
+	// Suspend the pool
+	if err := devicemapper.SuspendDevice(devices.getPoolName()); err != nil {
+		return fmt.Errorf("devmapper: Unable to suspend pool: %s", err)
+	}
+
+	// Reload with the new block sizes
+	if err := devicemapper.ReloadPool(devices.getPoolName(), dataloopback, metadataloopback, devices.thinpBlockSize); err != nil {
+		return fmt.Errorf("devmapper: Unable to reload pool: %s", err)
+	}
+
+	// Resume the pool
+	if err := devicemapper.ResumeDevice(devices.getPoolName()); err != nil {
+		return fmt.Errorf("devmapper: Unable to resume pool: %s", err)
+	}
+
+	return nil
+}
+
+func (devices *DeviceSet) loadTransactionMetaData() error {
+	jsonData, err := ioutil.ReadFile(devices.transactionMetaFile())
+	if err != nil {
+		// There is no active transaction. This will be the case
+		// during upgrade.
+		if os.IsNotExist(err) {
+			devices.OpenTransactionID = devices.TransactionID
+			return nil
+		}
+		return err
+	}
+
+	json.Unmarshal(jsonData, &devices.transaction)
+	return nil
+}
+
+func (devices *DeviceSet) saveTransactionMetaData() error {
+	jsonData, err := json.Marshal(&devices.transaction)
+	if err != nil {
+		return fmt.Errorf("devmapper: Error encoding metadata to json: %s", err)
+	}
+
+	return devices.writeMetaFile(jsonData, devices.transactionMetaFile())
+}
+
+func (devices *DeviceSet) removeTransactionMetaData() error {
+	if err := os.RemoveAll(devices.transactionMetaFile()); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (devices *DeviceSet) rollbackTransaction() error {
+	logrus.Debugf("devmapper: Rolling back open transaction: TransactionID=%d hash=%s device_id=%d", devices.OpenTransactionID, devices.DeviceIDHash, devices.DeviceID)
+
+	// A device id might have already been deleted before transaction
+	// closed. In that case this call will fail. Just leave a message
+	// in case of failure.
+	if err := devicemapper.DeleteDevice(devices.getPoolDevName(), devices.DeviceID); err != nil {
+		logrus.Errorf("devmapper: Unable to delete device: %s", err)
+	}
+
+	dinfo := &devInfo{Hash: devices.DeviceIDHash}
+	if err := devices.removeMetadata(dinfo); err != nil {
+		logrus.Errorf("devmapper: Unable to remove metadata: %s", err)
+	} else {
+		devices.markDeviceIDFree(devices.DeviceID)
+	}
+
+	if err := devices.removeTransactionMetaData(); err != nil {
+		logrus.Errorf("devmapper: Unable to remove transaction meta file %s: %s", devices.transactionMetaFile(), err)
+	}
+
+	return nil
+}
+
+func (devices *DeviceSet) processPendingTransaction() error {
+	if err := devices.loadTransactionMetaData(); err != nil {
+		return err
+	}
+
+	// If there was open transaction but pool transaction ID is same
+	// as open transaction ID, nothing to roll back.
+	if devices.TransactionID == devices.OpenTransactionID {
+		return nil
+	}
+
+	// If open transaction ID is less than pool transaction ID, something
+	// is wrong. Bail out.
+	if devices.OpenTransactionID < devices.TransactionID {
+		logrus.Errorf("devmapper: Open Transaction id %d is less than pool transaction id %d", devices.OpenTransactionID, devices.TransactionID)
+		return nil
+	}
+
+	// Pool transaction ID is not same as open transaction. There is
+	// a transaction which was not completed.
+	if err := devices.rollbackTransaction(); err != nil {
+		return fmt.Errorf("devmapper: Rolling back open transaction failed: %s", err)
+	}
+
+	devices.OpenTransactionID = devices.TransactionID
+	return nil
+}
+
+func (devices *DeviceSet) loadDeviceSetMetaData() error {
+	jsonData, err := ioutil.ReadFile(devices.deviceSetMetaFile())
+	if err != nil {
+		// For backward compatibility return success if file does
+		// not exist.
+		if os.IsNotExist(err) {
+			return nil
+		}
+		return err
+	}
+
+	return json.Unmarshal(jsonData, devices)
+}
+
+func (devices *DeviceSet) saveDeviceSetMetaData() error {
+	jsonData, err := json.Marshal(devices)
+	if err != nil {
+		return fmt.Errorf("devmapper: Error encoding metadata to json: %s", err)
+	}
+
+	return devices.writeMetaFile(jsonData, devices.deviceSetMetaFile())
+}
+
+func (devices *DeviceSet) openTransaction(hash string, DeviceID int) error {
+	devices.allocateTransactionID()
+	devices.DeviceIDHash = hash
+	devices.DeviceID = DeviceID
+	if err := devices.saveTransactionMetaData(); err != nil {
+		return fmt.Errorf("devmapper: Error saving transaction metadata: %s", err)
+	}
+	return nil
+}
+
+func (devices *DeviceSet) refreshTransaction(DeviceID int) error {
+	devices.DeviceID = DeviceID
+	if err := devices.saveTransactionMetaData(); err != nil {
+		return fmt.Errorf("devmapper: Error saving transaction metadata: %s", err)
+	}
+	return nil
+}
+
+func (devices *DeviceSet) closeTransaction() error {
+	if err := devices.updatePoolTransactionID(); err != nil {
+		logrus.Debugf("devmapper: Failed to close Transaction")
+		return err
+	}
+	return nil
+}
+
+func determineDriverCapabilities(version string) error {
+	/*
+	 * Driver version 4.27.0 and greater support deferred activation
+	 * feature.
+	 */
+
+	logrus.Debugf("devicemapper: driver version is %s", version)
+
+	versionSplit := strings.Split(version, ".")
+	major, err := strconv.Atoi(versionSplit[0])
+	if err != nil {
+		return graphdriver.ErrNotSupported
+	}
+
+	if major > 4 {
+		driverDeferredRemovalSupport = true
+		return nil
+	}
+
+	if major < 4 {
+		return nil
+	}
+
+	minor, err := strconv.Atoi(versionSplit[1])
+	if err != nil {
+		return graphdriver.ErrNotSupported
+	}
+
+	/*
+	 * If major is 4 and minor is 27, then there is no need to
+	 * check for patch level as it can not be less than 0.
+	 */
+	if minor >= 27 {
+		driverDeferredRemovalSupport = true
+		return nil
+	}
+
+	return nil
+}
+
+// Determine the major and minor number of loopback device
+func getDeviceMajorMinor(file *os.File) (uint64, uint64, error) {
+	stat, err := file.Stat()
+	if err != nil {
+		return 0, 0, err
+	}
+
+	dev := stat.Sys().(*syscall.Stat_t).Rdev
+	majorNum := major(dev)
+	minorNum := minor(dev)
+
+	logrus.Debugf("devmapper: Major:Minor for device: %s is:%v:%v", file.Name(), majorNum, minorNum)
+	return majorNum, minorNum, nil
+}
+
+// Given a file which is backing file of a loop back device, find the
+// loopback device name and its major/minor number.
+func getLoopFileDeviceMajMin(filename string) (string, uint64, uint64, error) {
+	file, err := os.Open(filename)
+	if err != nil {
+		logrus.Debugf("devmapper: Failed to open file %s", filename)
+		return "", 0, 0, err
+	}
+
+	defer file.Close()
+	loopbackDevice := loopback.FindLoopDeviceFor(file)
+	if loopbackDevice == nil {
+		return "", 0, 0, fmt.Errorf("devmapper: Unable to find loopback mount for: %s", filename)
+	}
+	defer loopbackDevice.Close()
+
+	Major, Minor, err := getDeviceMajorMinor(loopbackDevice)
+	if err != nil {
+		return "", 0, 0, err
+	}
+	return loopbackDevice.Name(), Major, Minor, nil
+}
+
+// Get the major/minor numbers of thin pool data and metadata devices
+func (devices *DeviceSet) getThinPoolDataMetaMajMin() (uint64, uint64, uint64, uint64, error) {
+	var params, poolDataMajMin, poolMetadataMajMin string
+
+	_, _, _, params, err := devicemapper.GetTable(devices.getPoolName())
+	if err != nil {
+		return 0, 0, 0, 0, err
+	}
+
+	if _, err = fmt.Sscanf(params, "%s %s", &poolMetadataMajMin, &poolDataMajMin); err != nil {
+		return 0, 0, 0, 0, err
+	}
+
+	logrus.Debugf("devmapper: poolDataMajMin=%s poolMetaMajMin=%s\n", poolDataMajMin, poolMetadataMajMin)
+
+	poolDataMajMinorSplit := strings.Split(poolDataMajMin, ":")
+	poolDataMajor, err := strconv.ParseUint(poolDataMajMinorSplit[0], 10, 32)
+	if err != nil {
+		return 0, 0, 0, 0, err
+	}
+
+	poolDataMinor, err := strconv.ParseUint(poolDataMajMinorSplit[1], 10, 32)
+	if err != nil {
+		return 0, 0, 0, 0, err
+	}
+
+	poolMetadataMajMinorSplit := strings.Split(poolMetadataMajMin, ":")
+	poolMetadataMajor, err := strconv.ParseUint(poolMetadataMajMinorSplit[0], 10, 32)
+	if err != nil {
+		return 0, 0, 0, 0, err
+	}
+
+	poolMetadataMinor, err := strconv.ParseUint(poolMetadataMajMinorSplit[1], 10, 32)
+	if err != nil {
+		return 0, 0, 0, 0, err
+	}
+
+	return poolDataMajor, poolDataMinor, poolMetadataMajor, poolMetadataMinor, nil
+}
+
+func (devices *DeviceSet) loadThinPoolLoopBackInfo() error {
+	poolDataMajor, poolDataMinor, poolMetadataMajor, poolMetadataMinor, err := devices.getThinPoolDataMetaMajMin()
+	if err != nil {
+		return err
+	}
+
+	dirname := devices.loopbackDir()
+
+	// data device has not been passed in. So there should be a data file
+	// which is being mounted as loop device.
+	if devices.dataDevice == "" {
+		datafilename := path.Join(dirname, "data")
+		dataLoopDevice, dataMajor, dataMinor, err := getLoopFileDeviceMajMin(datafilename)
+		if err != nil {
+			return err
+		}
+
+		// Compare the two
+		if poolDataMajor == dataMajor && poolDataMinor == dataMinor {
+			devices.dataDevice = dataLoopDevice
+			devices.dataLoopFile = datafilename
+		}
+
+	}
+
+	// metadata device has not been passed in. So there should be a
+	// metadata file which is being mounted as loop device.
+	if devices.metadataDevice == "" {
+		metadatafilename := path.Join(dirname, "metadata")
+		metadataLoopDevice, metadataMajor, metadataMinor, err := getLoopFileDeviceMajMin(metadatafilename)
+		if err != nil {
+			return err
+		}
+		if poolMetadataMajor == metadataMajor && poolMetadataMinor == metadataMinor {
+			devices.metadataDevice = metadataLoopDevice
+			devices.metadataLoopFile = metadatafilename
+		}
+	}
+
+	return nil
+}
+
+func (devices *DeviceSet) initDevmapper(doInit bool) error {
+	// give ourselves to libdm as a log handler
+	devicemapper.LogInit(devices)
+
+	version, err := devicemapper.GetDriverVersion()
+	if err != nil {
+		// Can't even get driver version, assume not supported
+		return graphdriver.ErrNotSupported
+	}
+
+	if err := determineDriverCapabilities(version); err != nil {
+		return graphdriver.ErrNotSupported
+	}
+
+	// If user asked for deferred removal then check both libdm library
+	// and kernel driver support deferred removal otherwise error out.
+	if enableDeferredRemoval {
+		if !driverDeferredRemovalSupport {
+			return fmt.Errorf("devmapper: Deferred removal can not be enabled as kernel does not support it")
+		}
+		if !devicemapper.LibraryDeferredRemovalSupport {
+			return fmt.Errorf("devmapper: Deferred removal can not be enabled as libdm does not support it")
+		}
+		logrus.Debugf("devmapper: Deferred removal support enabled.")
+		devices.deferredRemove = true
+	}
+
+	if enableDeferredDeletion {
+		if !devices.deferredRemove {
+			return fmt.Errorf("devmapper: Deferred deletion can not be enabled as deferred removal is not enabled. Enable deferred removal using --storage-opt dm.use_deferred_removal=true parameter")
+		}
+		logrus.Debugf("devmapper: Deferred deletion support enabled.")
+		devices.deferredDelete = true
+	}
+
+	// https://github.com/docker/docker/issues/4036
+	if supported := devicemapper.UdevSetSyncSupport(true); !supported {
+		if dockerversion.IAmStatic == "true" {
+			logrus.Errorf("devmapper: Udev sync is not supported. This will lead to data loss and unexpected behavior. Install a dynamic binary to use devicemapper or select a different storage driver. For more information, see https://docs.docker.com/engine/reference/commandline/daemon/#daemon-storage-driver-option")
+		} else {
+			logrus.Errorf("devmapper: Udev sync is not supported. This will lead to data loss and unexpected behavior. Install a more recent version of libdevmapper or select a different storage driver. For more information, see https://docs.docker.com/engine/reference/commandline/daemon/#daemon-storage-driver-option")
+		}
+
+		if !devices.overrideUdevSyncCheck {
+			return graphdriver.ErrNotSupported
+		}
+	}
+
+	//create the root dir of the devmapper driver ownership to match this
+	//daemon's remapped root uid/gid so containers can start properly
+	uid, gid, err := idtools.GetRootUIDGID(devices.uidMaps, devices.gidMaps)
+	if err != nil {
+		return err
+	}
+	if err := idtools.MkdirAs(devices.root, 0700, uid, gid); err != nil && !os.IsExist(err) {
+		return err
+	}
+	if err := os.MkdirAll(devices.metadataDir(), 0700); err != nil && !os.IsExist(err) {
+		return err
+	}
+
+	// Set the device prefix from the device id and inode of the docker root dir
+
+	st, err := os.Stat(devices.root)
+	if err != nil {
+		return fmt.Errorf("devmapper: Error looking up dir %s: %s", devices.root, err)
+	}
+	sysSt := st.Sys().(*syscall.Stat_t)
+	// "reg-" stands for "regular file".
+	// In the future we might use "dev-" for "device file", etc.
+	// docker-maj,min[-inode] stands for:
+	//	- Managed by docker
+	//	- The target of this device is at major <maj> and minor <min>
+	//	- If <inode> is defined, use that file inside the device as a loopback image. Otherwise use the device itself.
+	devices.devicePrefix = fmt.Sprintf("docker-%d:%d-%d", major(sysSt.Dev), minor(sysSt.Dev), sysSt.Ino)
+	logrus.Debugf("devmapper: Generated prefix: %s", devices.devicePrefix)
+
+	// Check for the existence of the thin-pool device
+	poolExists, err := devices.thinPoolExists(devices.getPoolName())
+	if err != nil {
+		return err
+	}
+
+	// It seems libdevmapper opens this without O_CLOEXEC, and go exec will not close files
+	// that are not Close-on-exec,
+	// so we add this badhack to make sure it closes itself
+	setCloseOnExec("/dev/mapper/control")
+
+	// Make sure the sparse images exist in <root>/devicemapper/data and
+	// <root>/devicemapper/metadata
+
+	createdLoopback := false
+
+	// If the pool doesn't exist, create it
+	if !poolExists && devices.thinPoolDevice == "" {
+		logrus.Debugf("devmapper: Pool doesn't exist. Creating it.")
+
+		var (
+			dataFile     *os.File
+			metadataFile *os.File
+		)
+
+		if devices.dataDevice == "" {
+			// Make sure the sparse images exist in <root>/devicemapper/data
+
+			hasData := devices.hasImage("data")
+
+			if !doInit && !hasData {
+				return errors.New("Loopback data file not found")
+			}
+
+			if !hasData {
+				createdLoopback = true
+			}
+
+			data, err := devices.ensureImage("data", devices.dataLoopbackSize)
+			if err != nil {
+				logrus.Debugf("devmapper: Error device ensureImage (data): %s", err)
+				return err
+			}
+
+			dataFile, err = loopback.AttachLoopDevice(data)
+			if err != nil {
+				return err
+			}
+			devices.dataLoopFile = data
+			devices.dataDevice = dataFile.Name()
+		} else {
+			dataFile, err = os.OpenFile(devices.dataDevice, os.O_RDWR, 0600)
+			if err != nil {
+				return err
+			}
+		}
+		defer dataFile.Close()
+
+		if devices.metadataDevice == "" {
+			// Make sure the sparse images exist in <root>/devicemapper/metadata
+
+			hasMetadata := devices.hasImage("metadata")
+
+			if !doInit && !hasMetadata {
+				return errors.New("Loopback metadata file not found")
+			}
+
+			if !hasMetadata {
+				createdLoopback = true
+			}
+
+			metadata, err := devices.ensureImage("metadata", devices.metaDataLoopbackSize)
+			if err != nil {
+				logrus.Debugf("devmapper: Error device ensureImage (metadata): %s", err)
+				return err
+			}
+
+			metadataFile, err = loopback.AttachLoopDevice(metadata)
+			if err != nil {
+				return err
+			}
+			devices.metadataLoopFile = metadata
+			devices.metadataDevice = metadataFile.Name()
+		} else {
+			metadataFile, err = os.OpenFile(devices.metadataDevice, os.O_RDWR, 0600)
+			if err != nil {
+				return err
+			}
+		}
+		defer metadataFile.Close()
+
+		if err := devicemapper.CreatePool(devices.getPoolName(), dataFile, metadataFile, devices.thinpBlockSize); err != nil {
+			return err
+		}
+	}
+
+	// Pool already exists and caller did not pass us a pool. That means
+	// we probably created pool earlier and could not remove it as some
+	// containers were still using it. Detect some of the properties of
+	// pool, like is it using loop devices.
+	if poolExists && devices.thinPoolDevice == "" {
+		if err := devices.loadThinPoolLoopBackInfo(); err != nil {
+			logrus.Debugf("devmapper: Failed to load thin pool loopback device information:%v", err)
+			return err
+		}
+	}
+
+	// If we didn't just create the data or metadata image, we need to
+	// load the transaction id and migrate old metadata
+	if !createdLoopback {
+		if err := devices.initMetaData(); err != nil {
+			return err
+		}
+	}
+
+	if devices.thinPoolDevice == "" {
+		if devices.metadataLoopFile != "" || devices.dataLoopFile != "" {
+			logrus.Warnf("devmapper: Usage of loopback devices is strongly discouraged for production use. Please use `--storage-opt dm.thinpooldev` or use `man docker` to refer to dm.thinpooldev section.")
+		}
+	}
+
+	// Right now this loads only NextDeviceID. If there is more metadata
+	// down the line, we might have to move it earlier.
+	if err := devices.loadDeviceSetMetaData(); err != nil {
+		return err
+	}
+
+	// Setup the base image
+	if doInit {
+		if err := devices.setupBaseImage(); err != nil {
+			logrus.Debugf("devmapper: Error device setupBaseImage: %s", err)
+			return err
+		}
+	}
+
+	return nil
+}
+
+// AddDevice adds a device and registers in the hash.
+func (devices *DeviceSet) AddDevice(hash, baseHash string) error {
+	logrus.Debugf("devmapper: AddDevice(hash=%s basehash=%s)", hash, baseHash)
+	defer logrus.Debugf("devmapper: AddDevice(hash=%s basehash=%s) END", hash, baseHash)
+
+	// If a deleted device exists, return error.
+	baseInfo, err := devices.lookupDeviceWithLock(baseHash)
+	if err != nil {
+		return err
+	}
+
+	if baseInfo.Deleted {
+		return fmt.Errorf("devmapper: Base device %v has been marked for deferred deletion", baseInfo.Hash)
+	}
+
+	baseInfo.lock.Lock()
+	defer baseInfo.lock.Unlock()
+
+	devices.Lock()
+	defer devices.Unlock()
+
+	// Also include deleted devices in case hash of new device is
+	// same as one of the deleted devices.
+	if info, _ := devices.lookupDevice(hash); info != nil {
+		return fmt.Errorf("devmapper: device %s already exists. Deleted=%v", hash, info.Deleted)
+	}
+
+	if err := devices.createRegisterSnapDevice(hash, baseInfo); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (devices *DeviceSet) markForDeferredDeletion(info *devInfo) error {
+	// If device is already in deleted state, there is nothing to be done.
+	if info.Deleted {
+		return nil
+	}
+
+	logrus.Debugf("devmapper: Marking device %s for deferred deletion.", info.Hash)
+
+	info.Deleted = true
+
+	// save device metadata to reflect deleted state.
+	if err := devices.saveMetadata(info); err != nil {
+		info.Deleted = false
+		return err
+	}
+
+	devices.nrDeletedDevices++
+	return nil
+}
+
+// Should be called with devices.Lock() held.
+func (devices *DeviceSet) deleteTransaction(info *devInfo, syncDelete bool) error {
+	if err := devices.openTransaction(info.Hash, info.DeviceID); err != nil {
+		logrus.Debugf("devmapper: Error opening transaction hash = %s deviceId = %d", "", info.DeviceID)
+		return err
+	}
+
+	defer devices.closeTransaction()
+
+	err := devicemapper.DeleteDevice(devices.getPoolDevName(), info.DeviceID)
+	if err != nil {
+		// If syncDelete is true, we want to return error. If deferred
+		// deletion is not enabled, we return an error. If error is
+		// something other then EBUSY, return an error.
+		if syncDelete || !devices.deferredDelete || err != devicemapper.ErrBusy {
+			logrus.Debugf("devmapper: Error deleting device: %s", err)
+			return err
+		}
+	}
+
+	if err == nil {
+		if err := devices.unregisterDevice(info.DeviceID, info.Hash); err != nil {
+			return err
+		}
+		// If device was already in deferred delete state that means
+		// deletion was being tried again later. Reduce the deleted
+		// device count.
+		if info.Deleted {
+			devices.nrDeletedDevices--
+		}
+		devices.markDeviceIDFree(info.DeviceID)
+	} else {
+		if err := devices.markForDeferredDeletion(info); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// Issue discard only if device open count is zero.
+func (devices *DeviceSet) issueDiscard(info *devInfo) error {
+	logrus.Debugf("devmapper: issueDiscard(device: %s). START", info.Hash)
+	defer logrus.Debugf("devmapper: issueDiscard(device: %s). END", info.Hash)
+	// This is a workaround for the kernel not discarding block so
+	// on the thin pool when we remove a thinp device, so we do it
+	// manually.
+	// Even if device is deferred deleted, activate it and issue
+	// discards.
+	if err := devices.activateDeviceIfNeeded(info, true); err != nil {
+		return err
+	}
+
+	devinfo, err := devicemapper.GetInfo(info.Name())
+	if err != nil {
+		return err
+	}
+
+	if devinfo.OpenCount != 0 {
+		logrus.Debugf("devmapper: Device: %s is in use. OpenCount=%d. Not issuing discards.", info.Hash, devinfo.OpenCount)
+		return nil
+	}
+
+	if err := devicemapper.BlockDeviceDiscard(info.DevName()); err != nil {
+		logrus.Debugf("devmapper: Error discarding block on device: %s (ignoring)", err)
+	}
+	return nil
+}
+
+// Should be called with devices.Lock() held.
+func (devices *DeviceSet) deleteDevice(info *devInfo, syncDelete bool) error {
+	if devices.doBlkDiscard {
+		devices.issueDiscard(info)
+	}
+
+	// Try to deactivate device in case it is active.
+	if err := devices.deactivateDevice(info); err != nil {
+		logrus.Debugf("devmapper: Error deactivating device: %s", err)
+		return err
+	}
+
+	if err := devices.deleteTransaction(info, syncDelete); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// DeleteDevice will return success if device has been marked for deferred
+// removal. If one wants to override that and want DeleteDevice() to fail if
+// device was busy and could not be deleted, set syncDelete=true.
+func (devices *DeviceSet) DeleteDevice(hash string, syncDelete bool) error {
+	logrus.Debugf("devmapper: DeleteDevice(hash=%v syncDelete=%v) START", hash, syncDelete)
+	defer logrus.Debugf("devmapper: DeleteDevice(hash=%v syncDelete=%v) END", hash, syncDelete)
+	info, err := devices.lookupDeviceWithLock(hash)
+	if err != nil {
+		return err
+	}
+
+	info.lock.Lock()
+	defer info.lock.Unlock()
+
+	devices.Lock()
+	defer devices.Unlock()
+
+	return devices.deleteDevice(info, syncDelete)
+}
+
+func (devices *DeviceSet) deactivatePool() error {
+	logrus.Debugf("devmapper: deactivatePool()")
+	defer logrus.Debugf("devmapper: deactivatePool END")
+	devname := devices.getPoolDevName()
+
+	devinfo, err := devicemapper.GetInfo(devname)
+	if err != nil {
+		return err
+	}
+
+	if devinfo.Exists == 0 {
+		return nil
+	}
+	if err := devicemapper.RemoveDevice(devname); err != nil {
+		return err
+	}
+
+	if d, err := devicemapper.GetDeps(devname); err == nil {
+		logrus.Warnf("devmapper: device %s still has %d active dependents", devname, d.Count)
+	}
+
+	return nil
+}
+
+func (devices *DeviceSet) deactivateDevice(info *devInfo) error {
+	logrus.Debugf("devmapper: deactivateDevice(%s)", info.Hash)
+	defer logrus.Debugf("devmapper: deactivateDevice END(%s)", info.Hash)
+
+	devinfo, err := devicemapper.GetInfo(info.Name())
+	if err != nil {
+		return err
+	}
+
+	if devinfo.Exists == 0 {
+		return nil
+	}
+
+	if devices.deferredRemove {
+		if err := devicemapper.RemoveDeviceDeferred(info.Name()); err != nil {
+			return err
+		}
+	} else {
+		if err := devices.removeDevice(info.Name()); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// Issues the underlying dm remove operation.
+func (devices *DeviceSet) removeDevice(devname string) error {
+	var err error
+
+	logrus.Debugf("devmapper: removeDevice START(%s)", devname)
+	defer logrus.Debugf("devmapper: removeDevice END(%s)", devname)
+
+	for i := 0; i < 200; i++ {
+		err = devicemapper.RemoveDevice(devname)
+		if err == nil {
+			break
+		}
+		if err != devicemapper.ErrBusy {
+			return err
+		}
+
+		// If we see EBUSY it may be a transient error,
+		// sleep a bit a retry a few times.
+		devices.Unlock()
+		time.Sleep(100 * time.Millisecond)
+		devices.Lock()
+	}
+
+	return err
+}
+
+func (devices *DeviceSet) cancelDeferredRemoval(info *devInfo) error {
+	if !devices.deferredRemove {
+		return nil
+	}
+
+	logrus.Debugf("devmapper: cancelDeferredRemoval START(%s)", info.Name())
+	defer logrus.Debugf("devmapper: cancelDeferredRemoval END(%s)", info.Name())
+
+	devinfo, err := devicemapper.GetInfoWithDeferred(info.Name())
+
+	if devinfo != nil && devinfo.DeferredRemove == 0 {
+		return nil
+	}
+
+	// Cancel deferred remove
+	for i := 0; i < 100; i++ {
+		err = devicemapper.CancelDeferredRemove(info.Name())
+		if err == nil {
+			break
+		}
+
+		if err == devicemapper.ErrEnxio {
+			// Device is probably already gone. Return success.
+			return nil
+		}
+
+		if err != devicemapper.ErrBusy {
+			return err
+		}
+
+		// If we see EBUSY it may be a transient error,
+		// sleep a bit a retry a few times.
+		devices.Unlock()
+		time.Sleep(100 * time.Millisecond)
+		devices.Lock()
+	}
+	return err
+}
+
+// Shutdown shuts down the device by unmounting the root.
+func (devices *DeviceSet) Shutdown(home string) error {
+	logrus.Debugf("devmapper: [deviceset %s] Shutdown()", devices.devicePrefix)
+	logrus.Debugf("devmapper: Shutting down DeviceSet: %s", devices.root)
+	defer logrus.Debugf("devmapper: [deviceset %s] Shutdown() END", devices.devicePrefix)
+
+	// Stop deletion worker. This should start delivering new events to
+	// ticker channel. That means no new instance of cleanupDeletedDevice()
+	// will run after this call. If one instance is already running at
+	// the time of the call, it must be holding devices.Lock() and
+	// we will block on this lock till cleanup function exits.
+	devices.deletionWorkerTicker.Stop()
+
+	devices.Lock()
+	// Save DeviceSet Metadata first. Docker kills all threads if they
+	// don't finish in certain time. It is possible that Shutdown()
+	// routine does not finish in time as we loop trying to deactivate
+	// some devices while these are busy. In that case shutdown() routine
+	// will be killed and we will not get a chance to save deviceset
+	// metadata. Hence save this early before trying to deactivate devices.
+	devices.saveDeviceSetMetaData()
+
+	// ignore the error since it's just a best effort to not try to unmount something that's mounted
+	mounts, _ := mount.GetMounts()
+	mounted := make(map[string]bool, len(mounts))
+	for _, mnt := range mounts {
+		mounted[mnt.Mountpoint] = true
+	}
+
+	if err := filepath.Walk(path.Join(home, "mnt"), func(p string, info os.FileInfo, err error) error {
+		if err != nil {
+			return err
+		}
+		if !info.IsDir() {
+			return nil
+		}
+
+		if mounted[p] {
+			// We use MNT_DETACH here in case it is still busy in some running
+			// container. This means it'll go away from the global scope directly,
+			// and the device will be released when that container dies.
+			if err := syscall.Unmount(p, syscall.MNT_DETACH); err != nil {
+				logrus.Debugf("devmapper: Shutdown unmounting %s, error: %s", p, err)
+			}
+		}
+
+		if devInfo, err := devices.lookupDevice(path.Base(p)); err != nil {
+			logrus.Debugf("devmapper: Shutdown lookup device %s, error: %s", path.Base(p), err)
+		} else {
+			if err := devices.deactivateDevice(devInfo); err != nil {
+				logrus.Debugf("devmapper: Shutdown deactivate %s , error: %s", devInfo.Hash, err)
+			}
+		}
+
+		return nil
+	}); err != nil && !os.IsNotExist(err) {
+		devices.Unlock()
+		return err
+	}
+
+	devices.Unlock()
+
+	info, _ := devices.lookupDeviceWithLock("")
+	if info != nil {
+		info.lock.Lock()
+		devices.Lock()
+		if err := devices.deactivateDevice(info); err != nil {
+			logrus.Debugf("devmapper: Shutdown deactivate base , error: %s", err)
+		}
+		devices.Unlock()
+		info.lock.Unlock()
+	}
+
+	devices.Lock()
+	if devices.thinPoolDevice == "" {
+		if err := devices.deactivatePool(); err != nil {
+			logrus.Debugf("devmapper: Shutdown deactivate pool , error: %s", err)
+		}
+	}
+	devices.Unlock()
+
+	return nil
+}
+
+// MountDevice mounts the device if not already mounted.
+func (devices *DeviceSet) MountDevice(hash, path, mountLabel string) error {
+	info, err := devices.lookupDeviceWithLock(hash)
+	if err != nil {
+		return err
+	}
+
+	if info.Deleted {
+		return fmt.Errorf("devmapper: Can't mount device %v as it has been marked for deferred deletion", info.Hash)
+	}
+
+	info.lock.Lock()
+	defer info.lock.Unlock()
+
+	devices.Lock()
+	defer devices.Unlock()
+
+	if err := devices.activateDeviceIfNeeded(info, false); err != nil {
+		return fmt.Errorf("devmapper: Error activating devmapper device for '%s': %s", hash, err)
+	}
+
+	fstype, err := ProbeFsType(info.DevName())
+	if err != nil {
+		return err
+	}
+
+	options := ""
+
+	if fstype == "xfs" {
+		// XFS needs nouuid or it can't mount filesystems with the same fs
+		options = joinMountOptions(options, "nouuid")
+	}
+
+	options = joinMountOptions(options, devices.mountOptions)
+	options = joinMountOptions(options, label.FormatMountLabel("", mountLabel))
+
+	if err := mount.Mount(info.DevName(), path, fstype, options); err != nil {
+		return fmt.Errorf("devmapper: Error mounting '%s' on '%s': %s", info.DevName(), path, err)
+	}
+
+	return nil
+}
+
+// UnmountDevice unmounts the device and removes it from hash.
+func (devices *DeviceSet) UnmountDevice(hash, mountPath string) error {
+	logrus.Debugf("devmapper: UnmountDevice(hash=%s)", hash)
+	defer logrus.Debugf("devmapper: UnmountDevice(hash=%s) END", hash)
+
+	info, err := devices.lookupDeviceWithLock(hash)
+	if err != nil {
+		return err
+	}
+
+	info.lock.Lock()
+	defer info.lock.Unlock()
+
+	devices.Lock()
+	defer devices.Unlock()
+
+	logrus.Debugf("devmapper: Unmount(%s)", mountPath)
+	if err := syscall.Unmount(mountPath, syscall.MNT_DETACH); err != nil {
+		return err
+	}
+	logrus.Debugf("devmapper: Unmount done")
+
+	if err := devices.deactivateDevice(info); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// HasDevice returns true if the device metadata exists.
+func (devices *DeviceSet) HasDevice(hash string) bool {
+	info, _ := devices.lookupDeviceWithLock(hash)
+	return info != nil
+}
+
+// List returns a list of device ids.
+func (devices *DeviceSet) List() []string {
+	devices.Lock()
+	defer devices.Unlock()
+
+	ids := make([]string, len(devices.Devices))
+	i := 0
+	for k := range devices.Devices {
+		ids[i] = k
+		i++
+	}
+	return ids
+}
+
+func (devices *DeviceSet) deviceStatus(devName string) (sizeInSectors, mappedSectors, highestMappedSector uint64, err error) {
+	var params string
+	_, sizeInSectors, _, params, err = devicemapper.GetStatus(devName)
+	if err != nil {
+		return
+	}
+	if _, err = fmt.Sscanf(params, "%d %d", &mappedSectors, &highestMappedSector); err == nil {
+		return
+	}
+	return
+}
+
+// GetDeviceStatus provides size, mapped sectors
+func (devices *DeviceSet) GetDeviceStatus(hash string) (*DevStatus, error) {
+	info, err := devices.lookupDeviceWithLock(hash)
+	if err != nil {
+		return nil, err
+	}
+
+	info.lock.Lock()
+	defer info.lock.Unlock()
+
+	devices.Lock()
+	defer devices.Unlock()
+
+	status := &DevStatus{
+		DeviceID:      info.DeviceID,
+		Size:          info.Size,
+		TransactionID: info.TransactionID,
+	}
+
+	if err := devices.activateDeviceIfNeeded(info, false); err != nil {
+		return nil, fmt.Errorf("devmapper: Error activating devmapper device for '%s': %s", hash, err)
+	}
+
+	sizeInSectors, mappedSectors, highestMappedSector, err := devices.deviceStatus(info.DevName())
+
+	if err != nil {
+		return nil, err
+	}
+
+	status.SizeInSectors = sizeInSectors
+	status.MappedSectors = mappedSectors
+	status.HighestMappedSector = highestMappedSector
+
+	return status, nil
+}
+
+func (devices *DeviceSet) poolStatus() (totalSizeInSectors, transactionID, dataUsed, dataTotal, metadataUsed, metadataTotal uint64, err error) {
+	var params string
+	if _, totalSizeInSectors, _, params, err = devicemapper.GetStatus(devices.getPoolName()); err == nil {
+		_, err = fmt.Sscanf(params, "%d %d/%d %d/%d", &transactionID, &metadataUsed, &metadataTotal, &dataUsed, &dataTotal)
+	}
+	return
+}
+
+// DataDevicePath returns the path to the data storage for this deviceset,
+// regardless of loopback or block device
+func (devices *DeviceSet) DataDevicePath() string {
+	return devices.dataDevice
+}
+
+// MetadataDevicePath returns the path to the metadata storage for this deviceset,
+// regardless of loopback or block device
+func (devices *DeviceSet) MetadataDevicePath() string {
+	return devices.metadataDevice
+}
+
+func (devices *DeviceSet) getUnderlyingAvailableSpace(loopFile string) (uint64, error) {
+	buf := new(syscall.Statfs_t)
+	if err := syscall.Statfs(loopFile, buf); err != nil {
+		logrus.Warnf("devmapper: Couldn't stat loopfile filesystem %v: %v", loopFile, err)
+		return 0, err
+	}
+	return buf.Bfree * uint64(buf.Bsize), nil
+}
+
+func (devices *DeviceSet) isRealFile(loopFile string) (bool, error) {
+	if loopFile != "" {
+		fi, err := os.Stat(loopFile)
+		if err != nil {
+			logrus.Warnf("devmapper: Couldn't stat loopfile %v: %v", loopFile, err)
+			return false, err
+		}
+		return fi.Mode().IsRegular(), nil
+	}
+	return false, nil
+}
+
+// Status returns the current status of this deviceset
+func (devices *DeviceSet) Status() *Status {
+	devices.Lock()
+	defer devices.Unlock()
+
+	status := &Status{}
+
+	status.PoolName = devices.getPoolName()
+	status.DataFile = devices.DataDevicePath()
+	status.DataLoopback = devices.dataLoopFile
+	status.MetadataFile = devices.MetadataDevicePath()
+	status.MetadataLoopback = devices.metadataLoopFile
+	status.UdevSyncSupported = devicemapper.UdevSyncSupported()
+	status.DeferredRemoveEnabled = devices.deferredRemove
+	status.DeferredDeleteEnabled = devices.deferredDelete
+	status.DeferredDeletedDeviceCount = devices.nrDeletedDevices
+	status.BaseDeviceSize = devices.getBaseDeviceSize()
+	status.BaseDeviceFS = devices.getBaseDeviceFS()
+
+	totalSizeInSectors, _, dataUsed, dataTotal, metadataUsed, metadataTotal, err := devices.poolStatus()
+	if err == nil {
+		// Convert from blocks to bytes
+		blockSizeInSectors := totalSizeInSectors / dataTotal
+
+		status.Data.Used = dataUsed * blockSizeInSectors * 512
+		status.Data.Total = dataTotal * blockSizeInSectors * 512
+		status.Data.Available = status.Data.Total - status.Data.Used
+
+		// metadata blocks are always 4k
+		status.Metadata.Used = metadataUsed * 4096
+		status.Metadata.Total = metadataTotal * 4096
+		status.Metadata.Available = status.Metadata.Total - status.Metadata.Used
+
+		status.SectorSize = blockSizeInSectors * 512
+
+		if check, _ := devices.isRealFile(devices.dataLoopFile); check {
+			actualSpace, err := devices.getUnderlyingAvailableSpace(devices.dataLoopFile)
+			if err == nil && actualSpace < status.Data.Available {
+				status.Data.Available = actualSpace
+			}
+		}
+
+		if check, _ := devices.isRealFile(devices.metadataLoopFile); check {
+			actualSpace, err := devices.getUnderlyingAvailableSpace(devices.metadataLoopFile)
+			if err == nil && actualSpace < status.Metadata.Available {
+				status.Metadata.Available = actualSpace
+			}
+		}
+	}
+
+	return status
+}
+
+// Status returns the current status of this deviceset
+func (devices *DeviceSet) exportDeviceMetadata(hash string) (*deviceMetadata, error) {
+	info, err := devices.lookupDeviceWithLock(hash)
+	if err != nil {
+		return nil, err
+	}
+
+	info.lock.Lock()
+	defer info.lock.Unlock()
+
+	metadata := &deviceMetadata{info.DeviceID, info.Size, info.Name()}
+	return metadata, nil
+}
+
+// NewDeviceSet creates the device set based on the options provided.
+func NewDeviceSet(root string, doInit bool, options []string, uidMaps, gidMaps []idtools.IDMap) (*DeviceSet, error) {
+	devicemapper.SetDevDir("/dev")
+
+	devices := &DeviceSet{
+		root:                  root,
+		metaData:              metaData{Devices: make(map[string]*devInfo)},
+		dataLoopbackSize:      defaultDataLoopbackSize,
+		metaDataLoopbackSize:  defaultMetaDataLoopbackSize,
+		baseFsSize:            defaultBaseFsSize,
+		overrideUdevSyncCheck: defaultUdevSyncOverride,
+		doBlkDiscard:          true,
+		thinpBlockSize:        defaultThinpBlockSize,
+		deviceIDMap:           make([]byte, deviceIDMapSz),
+		deletionWorkerTicker:  time.NewTicker(time.Second * 30),
+		uidMaps:               uidMaps,
+		gidMaps:               gidMaps,
+		minFreeSpacePercent:   defaultMinFreeSpacePercent,
+	}
+
+	foundBlkDiscard := false
+	for _, option := range options {
+		key, val, err := parsers.ParseKeyValueOpt(option)
+		if err != nil {
+			return nil, err
+		}
+		key = strings.ToLower(key)
+		switch key {
+		case "dm.basesize":
+			size, err := units.RAMInBytes(val)
+			if err != nil {
+				return nil, err
+			}
+			userBaseSize = true
+			devices.baseFsSize = uint64(size)
+		case "dm.loopdatasize":
+			size, err := units.RAMInBytes(val)
+			if err != nil {
+				return nil, err
+			}
+			devices.dataLoopbackSize = size
+		case "dm.loopmetadatasize":
+			size, err := units.RAMInBytes(val)
+			if err != nil {
+				return nil, err
+			}
+			devices.metaDataLoopbackSize = size
+		case "dm.fs":
+			if val != "ext4" && val != "xfs" {
+				return nil, fmt.Errorf("devmapper: Unsupported filesystem %s\n", val)
+			}
+			devices.filesystem = val
+		case "dm.mkfsarg":
+			devices.mkfsArgs = append(devices.mkfsArgs, val)
+		case "dm.mountopt":
+			devices.mountOptions = joinMountOptions(devices.mountOptions, val)
+		case "dm.metadatadev":
+			devices.metadataDevice = val
+		case "dm.datadev":
+			devices.dataDevice = val
+		case "dm.thinpooldev":
+			devices.thinPoolDevice = strings.TrimPrefix(val, "/dev/mapper/")
+		case "dm.blkdiscard":
+			foundBlkDiscard = true
+			devices.doBlkDiscard, err = strconv.ParseBool(val)
+			if err != nil {
+				return nil, err
+			}
+		case "dm.blocksize":
+			size, err := units.RAMInBytes(val)
+			if err != nil {
+				return nil, err
+			}
+			// convert to 512b sectors
+			devices.thinpBlockSize = uint32(size) >> 9
+		case "dm.override_udev_sync_check":
+			devices.overrideUdevSyncCheck, err = strconv.ParseBool(val)
+			if err != nil {
+				return nil, err
+			}
+
+		case "dm.use_deferred_removal":
+			enableDeferredRemoval, err = strconv.ParseBool(val)
+			if err != nil {
+				return nil, err
+			}
+
+		case "dm.use_deferred_deletion":
+			enableDeferredDeletion, err = strconv.ParseBool(val)
+			if err != nil {
+				return nil, err
+			}
+
+		case "dm.min_free_space":
+			if !strings.HasSuffix(val, "%") {
+				return nil, fmt.Errorf("devmapper: Option dm.min_free_space requires %% suffix")
+			}
+
+			valstring := strings.TrimSuffix(val, "%")
+			minFreeSpacePercent, err := strconv.ParseUint(valstring, 10, 32)
+			if err != nil {
+				return nil, err
+			}
+
+			if minFreeSpacePercent >= 100 {
+				return nil, fmt.Errorf("devmapper: Invalid value %v for option dm.min_free_space", val)
+			}
+
+			devices.minFreeSpacePercent = uint32(minFreeSpacePercent)
+		default:
+			return nil, fmt.Errorf("devmapper: Unknown option %s\n", key)
+		}
+	}
+
+	// By default, don't do blk discard hack on raw devices, its rarely useful and is expensive
+	if !foundBlkDiscard && (devices.dataDevice != "" || devices.thinPoolDevice != "") {
+		devices.doBlkDiscard = false
+	}
+
+	if err := devices.initDevmapper(doInit); err != nil {
+		return nil, err
+	}
+
+	return devices, nil
+}
diff --git a/daemon/graphdriver/devmapper/devmapper_doc.go b/daemon/graphdriver/devmapper/devmapper_doc.go
new file mode 100644
index 00000000..9ab3e4f8
--- /dev/null
+++ b/daemon/graphdriver/devmapper/devmapper_doc.go
@@ -0,0 +1,106 @@
+package devmapper
+
+// Definition of struct dm_task and sub structures (from lvm2)
+//
+// struct dm_ioctl {
+// 	/*
+// 	 * The version number is made up of three parts:
+// 	 * major - no backward or forward compatibility,
+// 	 * minor - only backwards compatible,
+// 	 * patch - both backwards and forwards compatible.
+// 	 *
+// 	 * All clients of the ioctl interface should fill in the
+// 	 * version number of the interface that they were
+// 	 * compiled with.
+// 	 *
+// 	 * All recognized ioctl commands (ie. those that don't
+// 	 * return -ENOTTY) fill out this field, even if the
+// 	 * command failed.
+// 	 */
+// 	uint32_t version[3];	/* in/out */
+// 	uint32_t data_size;	/* total size of data passed in
+// 				 * including this struct */
+
+// 	uint32_t data_start;	/* offset to start of data
+// 				 * relative to start of this struct */
+
+// 	uint32_t target_count;	/* in/out */
+// 	int32_t open_count;	/* out */
+// 	uint32_t flags;		/* in/out */
+
+// 	/*
+// 	 * event_nr holds either the event number (input and output) or the
+// 	 * udev cookie value (input only).
+// 	 * The DM_DEV_WAIT ioctl takes an event number as input.
+// 	 * The DM_SUSPEND, DM_DEV_REMOVE and DM_DEV_RENAME ioctls
+// 	 * use the field as a cookie to return in the DM_COOKIE
+// 	 * variable with the uevents they issue.
+// 	 * For output, the ioctls return the event number, not the cookie.
+// 	 */
+// 	uint32_t event_nr;      	/* in/out */
+// 	uint32_t padding;
+
+// 	uint64_t dev;		/* in/out */
+
+// 	char name[DM_NAME_LEN];	/* device name */
+// 	char uuid[DM_UUID_LEN];	/* unique identifier for
+// 				 * the block device */
+// 	char data[7];		/* padding or data */
+// };
+
+// struct target {
+// 	uint64_t start;
+// 	uint64_t length;
+// 	char *type;
+// 	char *params;
+
+// 	struct target *next;
+// };
+
+// typedef enum {
+// 	DM_ADD_NODE_ON_RESUME, /* add /dev/mapper node with dmsetup resume */
+// 	DM_ADD_NODE_ON_CREATE  /* add /dev/mapper node with dmsetup create */
+// } dm_add_node_t;
+
+// struct dm_task {
+// 	int type;
+// 	char *dev_name;
+// 	char *mangled_dev_name;
+
+// 	struct target *head, *tail;
+
+// 	int read_only;
+// 	uint32_t event_nr;
+// 	int major;
+// 	int minor;
+// 	int allow_default_major_fallback;
+// 	uid_t uid;
+// 	gid_t gid;
+// 	mode_t mode;
+// 	uint32_t read_ahead;
+// 	uint32_t read_ahead_flags;
+// 	union {
+// 		struct dm_ioctl *v4;
+// 	} dmi;
+// 	char *newname;
+// 	char *message;
+// 	char *geometry;
+// 	uint64_t sector;
+// 	int no_flush;
+// 	int no_open_count;
+// 	int skip_lockfs;
+// 	int query_inactive_table;
+// 	int suppress_identical_reload;
+// 	dm_add_node_t add_node;
+// 	uint64_t existing_table_size;
+// 	int cookie_set;
+// 	int new_uuid;
+// 	int secure_data;
+// 	int retry_remove;
+// 	int enable_checks;
+// 	int expected_errno;
+
+// 	char *uuid;
+// 	char *mangled_uuid;
+// };
+//
diff --git a/daemon/graphdriver/devmapper/devmapper_test.go b/daemon/graphdriver/devmapper/devmapper_test.go
new file mode 100644
index 00000000..5c2abcef
--- /dev/null
+++ b/daemon/graphdriver/devmapper/devmapper_test.go
@@ -0,0 +1,110 @@
+// +build linux
+
+package devmapper
+
+import (
+	"fmt"
+	"testing"
+	"time"
+
+	"github.com/docker/docker/daemon/graphdriver"
+	"github.com/docker/docker/daemon/graphdriver/graphtest"
+)
+
+func init() {
+	// Reduce the size the the base fs and loopback for the tests
+	defaultDataLoopbackSize = 300 * 1024 * 1024
+	defaultMetaDataLoopbackSize = 200 * 1024 * 1024
+	defaultBaseFsSize = 300 * 1024 * 1024
+	defaultUdevSyncOverride = true
+	if err := graphtest.InitLoopbacks(); err != nil {
+		panic(err)
+	}
+}
+
+// This avoids creating a new driver for each test if all tests are run
+// Make sure to put new tests between TestDevmapperSetup and TestDevmapperTeardown
+func TestDevmapperSetup(t *testing.T) {
+	graphtest.GetDriver(t, "devicemapper")
+}
+
+func TestDevmapperCreateEmpty(t *testing.T) {
+	graphtest.DriverTestCreateEmpty(t, "devicemapper")
+}
+
+func TestDevmapperCreateBase(t *testing.T) {
+	graphtest.DriverTestCreateBase(t, "devicemapper")
+}
+
+func TestDevmapperCreateSnap(t *testing.T) {
+	graphtest.DriverTestCreateSnap(t, "devicemapper")
+}
+
+func TestDevmapperTeardown(t *testing.T) {
+	graphtest.PutDriver(t)
+}
+
+func TestDevmapperReduceLoopBackSize(t *testing.T) {
+	tenMB := int64(10 * 1024 * 1024)
+	testChangeLoopBackSize(t, -tenMB, defaultDataLoopbackSize, defaultMetaDataLoopbackSize)
+}
+
+func TestDevmapperIncreaseLoopBackSize(t *testing.T) {
+	tenMB := int64(10 * 1024 * 1024)
+	testChangeLoopBackSize(t, tenMB, defaultDataLoopbackSize+tenMB, defaultMetaDataLoopbackSize+tenMB)
+}
+
+func testChangeLoopBackSize(t *testing.T, delta, expectDataSize, expectMetaDataSize int64) {
+	driver := graphtest.GetDriver(t, "devicemapper").(*graphtest.Driver).Driver.(*graphdriver.NaiveDiffDriver).ProtoDriver.(*Driver)
+	defer graphtest.PutDriver(t)
+	// make sure data or metadata loopback size are the default size
+	if s := driver.DeviceSet.Status(); s.Data.Total != uint64(defaultDataLoopbackSize) || s.Metadata.Total != uint64(defaultMetaDataLoopbackSize) {
+		t.Fatalf("data or metadata loop back size is incorrect")
+	}
+	if err := driver.Cleanup(); err != nil {
+		t.Fatal(err)
+	}
+	//Reload
+	d, err := Init(driver.home, []string{
+		fmt.Sprintf("dm.loopdatasize=%d", defaultDataLoopbackSize+delta),
+		fmt.Sprintf("dm.loopmetadatasize=%d", defaultMetaDataLoopbackSize+delta),
+	}, nil, nil)
+	if err != nil {
+		t.Fatalf("error creating devicemapper driver: %v", err)
+	}
+	driver = d.(*graphdriver.NaiveDiffDriver).ProtoDriver.(*Driver)
+	if s := driver.DeviceSet.Status(); s.Data.Total != uint64(expectDataSize) || s.Metadata.Total != uint64(expectMetaDataSize) {
+		t.Fatalf("data or metadata loop back size is incorrect")
+	}
+	if err := driver.Cleanup(); err != nil {
+		t.Fatal(err)
+	}
+}
+
+// Make sure devices.Lock() has been release upon return from cleanupDeletedDevices() function
+func TestDevmapperLockReleasedDeviceDeletion(t *testing.T) {
+	driver := graphtest.GetDriver(t, "devicemapper").(*graphtest.Driver).Driver.(*graphdriver.NaiveDiffDriver).ProtoDriver.(*Driver)
+	defer graphtest.PutDriver(t)
+
+	// Call cleanupDeletedDevices() and after the call take and release
+	// DeviceSet Lock. If lock has not been released, this will hang.
+	driver.DeviceSet.cleanupDeletedDevices()
+
+	doneChan := make(chan bool)
+
+	go func() {
+		driver.DeviceSet.Lock()
+		defer driver.DeviceSet.Unlock()
+		doneChan <- true
+	}()
+
+	select {
+	case <-time.After(time.Second * 5):
+		// Timer expired. That means lock was not released upon
+		// function return and we are deadlocked. Release lock
+		// here so that cleanup could succeed and fail the test.
+		driver.DeviceSet.Unlock()
+		t.Fatalf("Could not acquire devices lock after call to cleanupDeletedDevices()")
+	case <-doneChan:
+	}
+}
diff --git a/daemon/graphdriver/devmapper/driver.go b/daemon/graphdriver/devmapper/driver.go
new file mode 100644
index 00000000..8756f1f0
--- /dev/null
+++ b/daemon/graphdriver/devmapper/driver.go
@@ -0,0 +1,219 @@
+// +build linux
+
+package devmapper
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path"
+	"strconv"
+
+	"github.com/Sirupsen/logrus"
+
+	"github.com/docker/docker/daemon/graphdriver"
+	"github.com/docker/docker/pkg/devicemapper"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/mount"
+	"github.com/docker/go-units"
+)
+
+func init() {
+	graphdriver.Register("devicemapper", Init)
+}
+
+// Driver contains the device set mounted and the home directory
+type Driver struct {
+	*DeviceSet
+	home    string
+	uidMaps []idtools.IDMap
+	gidMaps []idtools.IDMap
+	ctr     *graphdriver.RefCounter
+}
+
+// Init creates a driver with the given home and the set of options.
+func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (graphdriver.Driver, error) {
+	deviceSet, err := NewDeviceSet(home, true, options, uidMaps, gidMaps)
+	if err != nil {
+		return nil, err
+	}
+
+	if err := mount.MakePrivate(home); err != nil {
+		return nil, err
+	}
+
+	d := &Driver{
+		DeviceSet: deviceSet,
+		home:      home,
+		uidMaps:   uidMaps,
+		gidMaps:   gidMaps,
+		ctr:       graphdriver.NewRefCounter(),
+	}
+
+	return graphdriver.NewNaiveDiffDriver(d, uidMaps, gidMaps), nil
+}
+
+func (d *Driver) String() string {
+	return "devicemapper"
+}
+
+// Status returns the status about the driver in a printable format.
+// Information returned contains Pool Name, Data File, Metadata file, disk usage by
+// the data and metadata, etc.
+func (d *Driver) Status() [][2]string {
+	s := d.DeviceSet.Status()
+
+	status := [][2]string{
+		{"Pool Name", s.PoolName},
+		{"Pool Blocksize", fmt.Sprintf("%s", units.HumanSize(float64(s.SectorSize)))},
+		{"Base Device Size", fmt.Sprintf("%s", units.HumanSize(float64(s.BaseDeviceSize)))},
+		{"Backing Filesystem", s.BaseDeviceFS},
+		{"Data file", s.DataFile},
+		{"Metadata file", s.MetadataFile},
+		{"Data Space Used", fmt.Sprintf("%s", units.HumanSize(float64(s.Data.Used)))},
+		{"Data Space Total", fmt.Sprintf("%s", units.HumanSize(float64(s.Data.Total)))},
+		{"Data Space Available", fmt.Sprintf("%s", units.HumanSize(float64(s.Data.Available)))},
+		{"Metadata Space Used", fmt.Sprintf("%s", units.HumanSize(float64(s.Metadata.Used)))},
+		{"Metadata Space Total", fmt.Sprintf("%s", units.HumanSize(float64(s.Metadata.Total)))},
+		{"Metadata Space Available", fmt.Sprintf("%s", units.HumanSize(float64(s.Metadata.Available)))},
+		{"Udev Sync Supported", fmt.Sprintf("%v", s.UdevSyncSupported)},
+		{"Deferred Removal Enabled", fmt.Sprintf("%v", s.DeferredRemoveEnabled)},
+		{"Deferred Deletion Enabled", fmt.Sprintf("%v", s.DeferredDeleteEnabled)},
+		{"Deferred Deleted Device Count", fmt.Sprintf("%v", s.DeferredDeletedDeviceCount)},
+	}
+	if len(s.DataLoopback) > 0 {
+		status = append(status, [2]string{"Data loop file", s.DataLoopback})
+	}
+	if len(s.MetadataLoopback) > 0 {
+		status = append(status, [2]string{"Metadata loop file", s.MetadataLoopback})
+	}
+	if vStr, err := devicemapper.GetLibraryVersion(); err == nil {
+		status = append(status, [2]string{"Library Version", vStr})
+	}
+	return status
+}
+
+// GetMetadata returns a map of information about the device.
+func (d *Driver) GetMetadata(id string) (map[string]string, error) {
+	m, err := d.DeviceSet.exportDeviceMetadata(id)
+
+	if err != nil {
+		return nil, err
+	}
+
+	metadata := make(map[string]string)
+	metadata["DeviceId"] = strconv.Itoa(m.deviceID)
+	metadata["DeviceSize"] = strconv.FormatUint(m.deviceSize, 10)
+	metadata["DeviceName"] = m.deviceName
+	return metadata, nil
+}
+
+// Cleanup unmounts a device.
+func (d *Driver) Cleanup() error {
+	err := d.DeviceSet.Shutdown(d.home)
+
+	if err2 := mount.Unmount(d.home); err == nil {
+		err = err2
+	}
+
+	return err
+}
+
+// Create adds a device with a given id and the parent.
+func (d *Driver) Create(id, parent, mountLabel string) error {
+	if err := d.DeviceSet.AddDevice(id, parent); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// Remove removes a device with a given id, unmounts the filesystem.
+func (d *Driver) Remove(id string) error {
+	if !d.DeviceSet.HasDevice(id) {
+		// Consider removing a non-existing device a no-op
+		// This is useful to be able to progress on container removal
+		// if the underlying device has gone away due to earlier errors
+		return nil
+	}
+
+	// This assumes the device has been properly Get/Put:ed and thus is unmounted
+	if err := d.DeviceSet.DeleteDevice(id, false); err != nil {
+		return err
+	}
+
+	mp := path.Join(d.home, "mnt", id)
+	if err := os.RemoveAll(mp); err != nil && !os.IsNotExist(err) {
+		return err
+	}
+
+	return nil
+}
+
+// Get mounts a device with given id into the root filesystem
+func (d *Driver) Get(id, mountLabel string) (string, error) {
+	mp := path.Join(d.home, "mnt", id)
+	rootFs := path.Join(mp, "rootfs")
+	if count := d.ctr.Increment(id); count > 1 {
+		return rootFs, nil
+	}
+
+	uid, gid, err := idtools.GetRootUIDGID(d.uidMaps, d.gidMaps)
+	if err != nil {
+		d.ctr.Decrement(id)
+		return "", err
+	}
+
+	// Create the target directories if they don't exist
+	if err := idtools.MkdirAllAs(path.Join(d.home, "mnt"), 0755, uid, gid); err != nil && !os.IsExist(err) {
+		d.ctr.Decrement(id)
+		return "", err
+	}
+	if err := idtools.MkdirAs(mp, 0755, uid, gid); err != nil && !os.IsExist(err) {
+		d.ctr.Decrement(id)
+		return "", err
+	}
+
+	// Mount the device
+	if err := d.DeviceSet.MountDevice(id, mp, mountLabel); err != nil {
+		d.ctr.Decrement(id)
+		return "", err
+	}
+
+	if err := idtools.MkdirAllAs(rootFs, 0755, uid, gid); err != nil && !os.IsExist(err) {
+		d.ctr.Decrement(id)
+		d.DeviceSet.UnmountDevice(id, mp)
+		return "", err
+	}
+
+	idFile := path.Join(mp, "id")
+	if _, err := os.Stat(idFile); err != nil && os.IsNotExist(err) {
+		// Create an "id" file with the container/image id in it to help reconstruct this in case
+		// of later problems
+		if err := ioutil.WriteFile(idFile, []byte(id), 0600); err != nil {
+			d.ctr.Decrement(id)
+			d.DeviceSet.UnmountDevice(id, mp)
+			return "", err
+		}
+	}
+
+	return rootFs, nil
+}
+
+// Put unmounts a device and removes it.
+func (d *Driver) Put(id string) error {
+	if count := d.ctr.Decrement(id); count > 0 {
+		return nil
+	}
+	mp := path.Join(d.home, "mnt", id)
+	err := d.DeviceSet.UnmountDevice(id, mp)
+	if err != nil {
+		logrus.Errorf("devmapper: Error unmounting device %s: %s", id, err)
+	}
+	return err
+}
+
+// Exists checks to see if the device exists.
+func (d *Driver) Exists(id string) bool {
+	return d.DeviceSet.HasDevice(id)
+}
diff --git a/daemon/graphdriver/devmapper/mount.go b/daemon/graphdriver/devmapper/mount.go
new file mode 100644
index 00000000..cca1fe1b
--- /dev/null
+++ b/daemon/graphdriver/devmapper/mount.go
@@ -0,0 +1,89 @@
+// +build linux
+
+package devmapper
+
+import (
+	"bytes"
+	"fmt"
+	"os"
+	"path/filepath"
+	"syscall"
+)
+
+// FIXME: this is copy-pasted from the aufs driver.
+// It should be moved into the core.
+
+// Mounted returns true if a mount point exists.
+func Mounted(mountpoint string) (bool, error) {
+	mntpoint, err := os.Stat(mountpoint)
+	if err != nil {
+		if os.IsNotExist(err) {
+			return false, nil
+		}
+		return false, err
+	}
+	parent, err := os.Stat(filepath.Join(mountpoint, ".."))
+	if err != nil {
+		return false, err
+	}
+	mntpointSt := mntpoint.Sys().(*syscall.Stat_t)
+	parentSt := parent.Sys().(*syscall.Stat_t)
+	return mntpointSt.Dev != parentSt.Dev, nil
+}
+
+type probeData struct {
+	fsName string
+	magic  string
+	offset uint64
+}
+
+// ProbeFsType returns the filesystem name for the given device id.
+func ProbeFsType(device string) (string, error) {
+	probes := []probeData{
+		{"btrfs", "_BHRfS_M", 0x10040},
+		{"ext4", "\123\357", 0x438},
+		{"xfs", "XFSB", 0},
+	}
+
+	maxLen := uint64(0)
+	for _, p := range probes {
+		l := p.offset + uint64(len(p.magic))
+		if l > maxLen {
+			maxLen = l
+		}
+	}
+
+	file, err := os.Open(device)
+	if err != nil {
+		return "", err
+	}
+	defer file.Close()
+
+	buffer := make([]byte, maxLen)
+	l, err := file.Read(buffer)
+	if err != nil {
+		return "", err
+	}
+
+	if uint64(l) != maxLen {
+		return "", fmt.Errorf("devmapper: unable to detect filesystem type of %s, short read", device)
+	}
+
+	for _, p := range probes {
+		if bytes.Equal([]byte(p.magic), buffer[p.offset:p.offset+uint64(len(p.magic))]) {
+			return p.fsName, nil
+		}
+	}
+
+	return "", fmt.Errorf("devmapper: Unknown filesystem type on %s", device)
+}
+
+func joinMountOptions(a, b string) string {
+	if a == "" {
+		return b
+	}
+	if b == "" {
+		return a
+	}
+	return a + "," + b
+}
diff --git a/daemon/graphdriver/driver.go b/daemon/graphdriver/driver.go
new file mode 100644
index 00000000..ced960b4
--- /dev/null
+++ b/daemon/graphdriver/driver.go
@@ -0,0 +1,234 @@
+package graphdriver
+
+import (
+	"errors"
+	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/vbatts/tar-split/tar/storage"
+
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/idtools"
+)
+
+// FsMagic unsigned id of the filesystem in use.
+type FsMagic uint32
+
+const (
+	// FsMagicUnsupported is a predefined constant value other than a valid filesystem id.
+	FsMagicUnsupported = FsMagic(0x00000000)
+)
+
+var (
+	// All registered drivers
+	drivers map[string]InitFunc
+
+	// ErrNotSupported returned when driver is not supported.
+	ErrNotSupported = errors.New("driver not supported")
+	// ErrPrerequisites retuned when driver does not meet prerequisites.
+	ErrPrerequisites = errors.New("prerequisites for driver not satisfied (wrong filesystem?)")
+	// ErrIncompatibleFS returned when file system is not supported.
+	ErrIncompatibleFS = fmt.Errorf("backing file system is unsupported for this graph driver")
+)
+
+// InitFunc initializes the storage driver.
+type InitFunc func(root string, options []string, uidMaps, gidMaps []idtools.IDMap) (Driver, error)
+
+// ProtoDriver defines the basic capabilities of a driver.
+// This interface exists solely to be a minimum set of methods
+// for client code which choose not to implement the entire Driver
+// interface and use the NaiveDiffDriver wrapper constructor.
+//
+// Use of ProtoDriver directly by client code is not recommended.
+type ProtoDriver interface {
+	// String returns a string representation of this driver.
+	String() string
+	// Create creates a new, empty, filesystem layer with the
+	// specified id and parent and mountLabel. Parent and mountLabel may be "".
+	Create(id, parent, mountLabel string) error
+	// Remove attempts to remove the filesystem layer with this id.
+	Remove(id string) error
+	// Get returns the mountpoint for the layered filesystem referred
+	// to by this id. You can optionally specify a mountLabel or "".
+	// Returns the absolute path to the mounted layered filesystem.
+	Get(id, mountLabel string) (dir string, err error)
+	// Put releases the system resources for the specified id,
+	// e.g, unmounting layered filesystem.
+	Put(id string) error
+	// Exists returns whether a filesystem layer with the specified
+	// ID exists on this driver.
+	Exists(id string) bool
+	// Status returns a set of key-value pairs which give low
+	// level diagnostic status about this driver.
+	Status() [][2]string
+	// Returns a set of key-value pairs which give low level information
+	// about the image/container driver is managing.
+	GetMetadata(id string) (map[string]string, error)
+	// Cleanup performs necessary tasks to release resources
+	// held by the driver, e.g., unmounting all layered filesystems
+	// known to this driver.
+	Cleanup() error
+}
+
+// Driver is the interface for layered/snapshot file system drivers.
+type Driver interface {
+	ProtoDriver
+	// Diff produces an archive of the changes between the specified
+	// layer and its parent layer which may be "".
+	Diff(id, parent string) (archive.Archive, error)
+	// Changes produces a list of changes between the specified layer
+	// and its parent layer. If parent is "", then all changes will be ADD changes.
+	Changes(id, parent string) ([]archive.Change, error)
+	// ApplyDiff extracts the changeset from the given diff into the
+	// layer with the specified id and parent, returning the size of the
+	// new layer in bytes.
+	// The archive.Reader must be an uncompressed stream.
+	ApplyDiff(id, parent string, diff archive.Reader) (size int64, err error)
+	// DiffSize calculates the changes between the specified id
+	// and its parent and returns the size in bytes of the changes
+	// relative to its base filesystem directory.
+	DiffSize(id, parent string) (size int64, err error)
+}
+
+// DiffGetterDriver is the interface for layered file system drivers that
+// provide a specialized function for getting file contents for tar-split.
+type DiffGetterDriver interface {
+	Driver
+	// DiffGetter returns an interface to efficiently retrieve the contents
+	// of files in a layer.
+	DiffGetter(id string) (FileGetCloser, error)
+}
+
+// FileGetCloser extends the storage.FileGetter interface with a Close method
+// for cleaning up.
+type FileGetCloser interface {
+	storage.FileGetter
+	// Close cleans up any resources associated with the FileGetCloser.
+	Close() error
+}
+
+func init() {
+	drivers = make(map[string]InitFunc)
+}
+
+// Register registers a InitFunc for the driver.
+func Register(name string, initFunc InitFunc) error {
+	if _, exists := drivers[name]; exists {
+		return fmt.Errorf("Name already registered %s", name)
+	}
+	drivers[name] = initFunc
+
+	return nil
+}
+
+// GetDriver initializes and returns the registered driver
+func GetDriver(name, home string, options []string, uidMaps, gidMaps []idtools.IDMap) (Driver, error) {
+	if initFunc, exists := drivers[name]; exists {
+		return initFunc(filepath.Join(home, name), options, uidMaps, gidMaps)
+	}
+	if pluginDriver, err := lookupPlugin(name, home, options); err == nil {
+		return pluginDriver, nil
+	}
+	logrus.Errorf("Failed to GetDriver graph %s %s", name, home)
+	return nil, ErrNotSupported
+}
+
+// getBuiltinDriver initializes and returns the registered driver, but does not try to load from plugins
+func getBuiltinDriver(name, home string, options []string, uidMaps, gidMaps []idtools.IDMap) (Driver, error) {
+	if initFunc, exists := drivers[name]; exists {
+		return initFunc(filepath.Join(home, name), options, uidMaps, gidMaps)
+	}
+	logrus.Errorf("Failed to built-in GetDriver graph %s %s", name, home)
+	return nil, ErrNotSupported
+}
+
+// New creates the driver and initializes it at the specified root.
+func New(root string, name string, options []string, uidMaps, gidMaps []idtools.IDMap) (Driver, error) {
+	if name != "" {
+		logrus.Debugf("[graphdriver] trying provided driver %q", name) // so the logs show specified driver
+		return GetDriver(name, root, options, uidMaps, gidMaps)
+	}
+
+	// Guess for prior driver
+	driversMap := scanPriorDrivers(root)
+	for _, name := range priority {
+		if name == "vfs" {
+			// don't use vfs even if there is state present.
+			continue
+		}
+		if _, prior := driversMap[name]; prior {
+			// of the state found from prior drivers, check in order of our priority
+			// which we would prefer
+			driver, err := getBuiltinDriver(name, root, options, uidMaps, gidMaps)
+			if err != nil {
+				// unlike below, we will return error here, because there is prior
+				// state, and now it is no longer supported/prereq/compatible, so
+				// something changed and needs attention. Otherwise the daemon's
+				// images would just "disappear".
+				logrus.Errorf("[graphdriver] prior storage driver %q failed: %s", name, err)
+				return nil, err
+			}
+
+			// abort starting when there are other prior configured drivers
+			// to ensure the user explicitly selects the driver to load
+			if len(driversMap)-1 > 0 {
+				var driversSlice []string
+				for name := range driversMap {
+					driversSlice = append(driversSlice, name)
+				}
+
+				return nil, fmt.Errorf("%q contains several valid graphdrivers: %s; Please cleanup or explicitly choose storage driver (-s <DRIVER>)", root, strings.Join(driversSlice, ", "))
+			}
+
+			logrus.Infof("[graphdriver] using prior storage driver %q", name)
+			return driver, nil
+		}
+	}
+
+	// Check for priority drivers first
+	for _, name := range priority {
+		driver, err := getBuiltinDriver(name, root, options, uidMaps, gidMaps)
+		if err != nil {
+			if isDriverNotSupported(err) {
+				continue
+			}
+			return nil, err
+		}
+		return driver, nil
+	}
+
+	// Check all registered drivers if no priority driver is found
+	for name, initFunc := range drivers {
+		driver, err := initFunc(filepath.Join(root, name), options, uidMaps, gidMaps)
+		if err != nil {
+			if isDriverNotSupported(err) {
+				continue
+			}
+			return nil, err
+		}
+		return driver, nil
+	}
+	return nil, fmt.Errorf("No supported storage backend found")
+}
+
+// isDriverNotSupported returns true if the error initializing
+// the graph driver is a non-supported error.
+func isDriverNotSupported(err error) bool {
+	return err == ErrNotSupported || err == ErrPrerequisites || err == ErrIncompatibleFS
+}
+
+// scanPriorDrivers returns an un-ordered scan of directories of prior storage drivers
+func scanPriorDrivers(root string) map[string]bool {
+	driversMap := make(map[string]bool)
+
+	for driver := range drivers {
+		p := filepath.Join(root, driver)
+		if _, err := os.Stat(p); err == nil && driver != "vfs" {
+			driversMap[driver] = true
+		}
+	}
+	return driversMap
+}
diff --git a/daemon/graphdriver/driver_freebsd.go b/daemon/graphdriver/driver_freebsd.go
new file mode 100644
index 00000000..2891a84f
--- /dev/null
+++ b/daemon/graphdriver/driver_freebsd.go
@@ -0,0 +1,19 @@
+package graphdriver
+
+import "syscall"
+
+var (
+	// Slice of drivers that should be used in an order
+	priority = []string{
+		"zfs",
+	}
+)
+
+// Mounted checks if the given path is mounted as the fs type
+func Mounted(fsType FsMagic, mountPath string) (bool, error) {
+	var buf syscall.Statfs_t
+	if err := syscall.Statfs(mountPath, &buf); err != nil {
+		return false, err
+	}
+	return FsMagic(buf.Type) == fsType, nil
+}
diff --git a/daemon/graphdriver/driver_linux.go b/daemon/graphdriver/driver_linux.go
new file mode 100644
index 00000000..2ab20b01
--- /dev/null
+++ b/daemon/graphdriver/driver_linux.go
@@ -0,0 +1,99 @@
+// +build linux
+
+package graphdriver
+
+import (
+	"path/filepath"
+	"syscall"
+)
+
+const (
+	// FsMagicAufs filesystem id for Aufs
+	FsMagicAufs = FsMagic(0x61756673)
+	// FsMagicBtrfs filesystem id for Btrfs
+	FsMagicBtrfs = FsMagic(0x9123683E)
+	// FsMagicCramfs filesystem id for Cramfs
+	FsMagicCramfs = FsMagic(0x28cd3d45)
+	// FsMagicExtfs filesystem id for Extfs
+	FsMagicExtfs = FsMagic(0x0000EF53)
+	// FsMagicF2fs filesystem id for F2fs
+	FsMagicF2fs = FsMagic(0xF2F52010)
+	// FsMagicGPFS filesystem id for GPFS
+	FsMagicGPFS = FsMagic(0x47504653)
+	// FsMagicJffs2Fs filesystem if for Jffs2Fs
+	FsMagicJffs2Fs = FsMagic(0x000072b6)
+	// FsMagicJfs filesystem id for Jfs
+	FsMagicJfs = FsMagic(0x3153464a)
+	// FsMagicNfsFs filesystem id for NfsFs
+	FsMagicNfsFs = FsMagic(0x00006969)
+	// FsMagicRAMFs filesystem id for RamFs
+	FsMagicRAMFs = FsMagic(0x858458f6)
+	// FsMagicReiserFs filesystem id for ReiserFs
+	FsMagicReiserFs = FsMagic(0x52654973)
+	// FsMagicSmbFs filesystem id for SmbFs
+	FsMagicSmbFs = FsMagic(0x0000517B)
+	// FsMagicSquashFs filesystem id for SquashFs
+	FsMagicSquashFs = FsMagic(0x73717368)
+	// FsMagicTmpFs filesystem id for TmpFs
+	FsMagicTmpFs = FsMagic(0x01021994)
+	// FsMagicVxFS filesystem id for VxFs
+	FsMagicVxFS = FsMagic(0xa501fcf5)
+	// FsMagicXfs filesystem id for Xfs
+	FsMagicXfs = FsMagic(0x58465342)
+	// FsMagicZfs filesystem id for Zfs
+	FsMagicZfs = FsMagic(0x2fc12fc1)
+	// FsMagicOverlay filesystem id for overlay
+	FsMagicOverlay = FsMagic(0x794C7630)
+)
+
+var (
+	// Slice of drivers that should be used in an order
+	priority = []string{
+		"aufs",
+		"btrfs",
+		"zfs",
+		"devicemapper",
+		"overlay",
+		"vfs",
+	}
+
+	// FsNames maps filesystem id to name of the filesystem.
+	FsNames = map[FsMagic]string{
+		FsMagicAufs:        "aufs",
+		FsMagicBtrfs:       "btrfs",
+		FsMagicCramfs:      "cramfs",
+		FsMagicExtfs:       "extfs",
+		FsMagicF2fs:        "f2fs",
+		FsMagicGPFS:        "gpfs",
+		FsMagicJffs2Fs:     "jffs2",
+		FsMagicJfs:         "jfs",
+		FsMagicNfsFs:       "nfs",
+		FsMagicRAMFs:       "ramfs",
+		FsMagicReiserFs:    "reiserfs",
+		FsMagicSmbFs:       "smb",
+		FsMagicSquashFs:    "squashfs",
+		FsMagicTmpFs:       "tmpfs",
+		FsMagicUnsupported: "unsupported",
+		FsMagicVxFS:        "vxfs",
+		FsMagicXfs:         "xfs",
+		FsMagicZfs:         "zfs",
+	}
+)
+
+// GetFSMagic returns the filesystem id given the path.
+func GetFSMagic(rootpath string) (FsMagic, error) {
+	var buf syscall.Statfs_t
+	if err := syscall.Statfs(filepath.Dir(rootpath), &buf); err != nil {
+		return 0, err
+	}
+	return FsMagic(buf.Type), nil
+}
+
+// Mounted checks if the given path is mounted as the fs type
+func Mounted(fsType FsMagic, mountPath string) (bool, error) {
+	var buf syscall.Statfs_t
+	if err := syscall.Statfs(mountPath, &buf); err != nil {
+		return false, err
+	}
+	return FsMagic(buf.Type) == fsType, nil
+}
diff --git a/daemon/graphdriver/driver_unsupported.go b/daemon/graphdriver/driver_unsupported.go
new file mode 100644
index 00000000..b3f68573
--- /dev/null
+++ b/daemon/graphdriver/driver_unsupported.go
@@ -0,0 +1,15 @@
+// +build !linux,!windows,!freebsd
+
+package graphdriver
+
+var (
+	// Slice of drivers that should be used in an order
+	priority = []string{
+		"unsupported",
+	}
+)
+
+// GetFSMagic returns the filesystem id given the path.
+func GetFSMagic(rootpath string) (FsMagic, error) {
+	return FsMagicUnsupported, nil
+}
diff --git a/daemon/graphdriver/driver_windows.go b/daemon/graphdriver/driver_windows.go
new file mode 100644
index 00000000..6c09affa
--- /dev/null
+++ b/daemon/graphdriver/driver_windows.go
@@ -0,0 +1,16 @@
+package graphdriver
+
+var (
+	// Slice of drivers that should be used in order
+	priority = []string{
+		"windowsfilter",
+		"windowsdiff",
+		"vfs",
+	}
+)
+
+// GetFSMagic returns the filesystem id given the path.
+func GetFSMagic(rootpath string) (FsMagic, error) {
+	// Note it is OK to return FsMagicUnsupported on Windows.
+	return FsMagicUnsupported, nil
+}
diff --git a/daemon/graphdriver/fsdiff.go b/daemon/graphdriver/fsdiff.go
new file mode 100644
index 00000000..5a349325
--- /dev/null
+++ b/daemon/graphdriver/fsdiff.go
@@ -0,0 +1,162 @@
+package graphdriver
+
+import (
+	"time"
+
+	"github.com/Sirupsen/logrus"
+
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/chrootarchive"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/ioutils"
+)
+
+var (
+	// ApplyUncompressedLayer defines the unpack method used by the graph
+	// driver.
+	ApplyUncompressedLayer = chrootarchive.ApplyUncompressedLayer
+)
+
+// NaiveDiffDriver takes a ProtoDriver and adds the
+// capability of the Diffing methods which it may or may not
+// support on its own. See the comment on the exported
+// NewNaiveDiffDriver function below.
+// Notably, the AUFS driver doesn't need to be wrapped like this.
+type NaiveDiffDriver struct {
+	ProtoDriver
+	uidMaps []idtools.IDMap
+	gidMaps []idtools.IDMap
+}
+
+// NewNaiveDiffDriver returns a fully functional driver that wraps the
+// given ProtoDriver and adds the capability of the following methods which
+// it may or may not support on its own:
+//     Diff(id, parent string) (archive.Archive, error)
+//     Changes(id, parent string) ([]archive.Change, error)
+//     ApplyDiff(id, parent string, diff archive.Reader) (size int64, err error)
+//     DiffSize(id, parent string) (size int64, err error)
+func NewNaiveDiffDriver(driver ProtoDriver, uidMaps, gidMaps []idtools.IDMap) Driver {
+	return &NaiveDiffDriver{ProtoDriver: driver,
+		uidMaps: uidMaps,
+		gidMaps: gidMaps}
+}
+
+// Diff produces an archive of the changes between the specified
+// layer and its parent layer which may be "".
+func (gdw *NaiveDiffDriver) Diff(id, parent string) (arch archive.Archive, err error) {
+	driver := gdw.ProtoDriver
+
+	layerFs, err := driver.Get(id, "")
+	if err != nil {
+		return nil, err
+	}
+
+	defer func() {
+		if err != nil {
+			driver.Put(id)
+		}
+	}()
+
+	if parent == "" {
+		archive, err := archive.Tar(layerFs, archive.Uncompressed)
+		if err != nil {
+			return nil, err
+		}
+		return ioutils.NewReadCloserWrapper(archive, func() error {
+			err := archive.Close()
+			driver.Put(id)
+			return err
+		}), nil
+	}
+
+	parentFs, err := driver.Get(parent, "")
+	if err != nil {
+		return nil, err
+	}
+	defer driver.Put(parent)
+
+	changes, err := archive.ChangesDirs(layerFs, parentFs)
+	if err != nil {
+		return nil, err
+	}
+
+	archive, err := archive.ExportChanges(layerFs, changes, gdw.uidMaps, gdw.gidMaps)
+	if err != nil {
+		return nil, err
+	}
+
+	return ioutils.NewReadCloserWrapper(archive, func() error {
+		err := archive.Close()
+		driver.Put(id)
+		return err
+	}), nil
+}
+
+// Changes produces a list of changes between the specified layer
+// and its parent layer. If parent is "", then all changes will be ADD changes.
+func (gdw *NaiveDiffDriver) Changes(id, parent string) ([]archive.Change, error) {
+	driver := gdw.ProtoDriver
+
+	layerFs, err := driver.Get(id, "")
+	if err != nil {
+		return nil, err
+	}
+	defer driver.Put(id)
+
+	parentFs := ""
+
+	if parent != "" {
+		parentFs, err = driver.Get(parent, "")
+		if err != nil {
+			return nil, err
+		}
+		defer driver.Put(parent)
+	}
+
+	return archive.ChangesDirs(layerFs, parentFs)
+}
+
+// ApplyDiff extracts the changeset from the given diff into the
+// layer with the specified id and parent, returning the size of the
+// new layer in bytes.
+func (gdw *NaiveDiffDriver) ApplyDiff(id, parent string, diff archive.Reader) (size int64, err error) {
+	driver := gdw.ProtoDriver
+
+	// Mount the root filesystem so we can apply the diff/layer.
+	layerFs, err := driver.Get(id, "")
+	if err != nil {
+		return
+	}
+	defer driver.Put(id)
+
+	options := &archive.TarOptions{UIDMaps: gdw.uidMaps,
+		GIDMaps: gdw.gidMaps}
+	start := time.Now().UTC()
+	logrus.Debugf("Start untar layer")
+	if size, err = ApplyUncompressedLayer(layerFs, diff, options); err != nil {
+		return
+	}
+	logrus.Debugf("Untar time: %vs", time.Now().UTC().Sub(start).Seconds())
+
+	return
+}
+
+// DiffSize calculates the changes between the specified layer
+// and its parent and returns the size in bytes of the changes
+// relative to its base filesystem directory.
+func (gdw *NaiveDiffDriver) DiffSize(id, parent string) (size int64, err error) {
+	driver := gdw.ProtoDriver
+
+	changes, err := gdw.Changes(id, parent)
+	if err != nil {
+		return
+	}
+
+	layerFs, err := driver.Get(id, "")
+	if err != nil {
+		return
+	}
+	defer driver.Put(id)
+
+	return archive.ChangesSize(layerFs, changes), nil
+}
diff --git a/daemon/graphdriver/graphtest/graphtest_unix.go b/daemon/graphdriver/graphtest/graphtest_unix.go
new file mode 100644
index 00000000..534f2e58
--- /dev/null
+++ b/daemon/graphdriver/graphtest/graphtest_unix.go
@@ -0,0 +1,299 @@
+// +build linux freebsd
+
+package graphtest
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path"
+	"syscall"
+	"testing"
+
+	"github.com/docker/docker/daemon/graphdriver"
+)
+
+var (
+	drv *Driver
+)
+
+// Driver conforms to graphdriver.Driver interface and
+// contains information such as root and reference count of the number of clients using it.
+// This helps in testing drivers added into the framework.
+type Driver struct {
+	graphdriver.Driver
+	root     string
+	refCount int
+}
+
+// InitLoopbacks ensures that the loopback devices are properly created within
+// the system running the device mapper tests.
+func InitLoopbacks() error {
+	statT, err := getBaseLoopStats()
+	if err != nil {
+		return err
+	}
+	// create at least 8 loopback files, ya, that is a good number
+	for i := 0; i < 8; i++ {
+		loopPath := fmt.Sprintf("/dev/loop%d", i)
+		// only create new loopback files if they don't exist
+		if _, err := os.Stat(loopPath); err != nil {
+			if mkerr := syscall.Mknod(loopPath,
+				uint32(statT.Mode|syscall.S_IFBLK), int((7<<8)|(i&0xff)|((i&0xfff00)<<12))); mkerr != nil {
+				return mkerr
+			}
+			os.Chown(loopPath, int(statT.Uid), int(statT.Gid))
+		}
+	}
+	return nil
+}
+
+// getBaseLoopStats inspects /dev/loop0 to collect uid,gid, and mode for the
+// loop0 device on the system.  If it does not exist we assume 0,0,0660 for the
+// stat data
+func getBaseLoopStats() (*syscall.Stat_t, error) {
+	loop0, err := os.Stat("/dev/loop0")
+	if err != nil {
+		if os.IsNotExist(err) {
+			return &syscall.Stat_t{
+				Uid:  0,
+				Gid:  0,
+				Mode: 0660,
+			}, nil
+		}
+		return nil, err
+	}
+	return loop0.Sys().(*syscall.Stat_t), nil
+}
+
+func newDriver(t *testing.T, name string) *Driver {
+	root, err := ioutil.TempDir("/var/tmp", "docker-graphtest-")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if err := os.MkdirAll(root, 0755); err != nil {
+		t.Fatal(err)
+	}
+
+	d, err := graphdriver.GetDriver(name, root, nil, nil, nil)
+	if err != nil {
+		t.Logf("graphdriver: %v\n", err)
+		if err == graphdriver.ErrNotSupported || err == graphdriver.ErrPrerequisites || err == graphdriver.ErrIncompatibleFS {
+			t.Skipf("Driver %s not supported", name)
+		}
+		t.Fatal(err)
+	}
+	return &Driver{d, root, 1}
+}
+
+func cleanup(t *testing.T, d *Driver) {
+	if err := drv.Cleanup(); err != nil {
+		t.Fatal(err)
+	}
+	os.RemoveAll(d.root)
+}
+
+// GetDriver create a new driver with given name or return a existing driver with the name updating the reference count.
+func GetDriver(t *testing.T, name string) graphdriver.Driver {
+	if drv == nil {
+		drv = newDriver(t, name)
+	} else {
+		drv.refCount++
+	}
+	return drv
+}
+
+// PutDriver removes the driver if it is no longer used and updates the reference count.
+func PutDriver(t *testing.T) {
+	if drv == nil {
+		t.Skip("No driver to put!")
+	}
+	drv.refCount--
+	if drv.refCount == 0 {
+		cleanup(t, drv)
+		drv = nil
+	}
+}
+
+func verifyFile(t *testing.T, path string, mode os.FileMode, uid, gid uint32) {
+	fi, err := os.Stat(path)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if fi.Mode()&os.ModeType != mode&os.ModeType {
+		t.Fatalf("Expected %s type 0x%x, got 0x%x", path, mode&os.ModeType, fi.Mode()&os.ModeType)
+	}
+
+	if fi.Mode()&os.ModePerm != mode&os.ModePerm {
+		t.Fatalf("Expected %s mode %o, got %o", path, mode&os.ModePerm, fi.Mode()&os.ModePerm)
+	}
+
+	if fi.Mode()&os.ModeSticky != mode&os.ModeSticky {
+		t.Fatalf("Expected %s sticky 0x%x, got 0x%x", path, mode&os.ModeSticky, fi.Mode()&os.ModeSticky)
+	}
+
+	if fi.Mode()&os.ModeSetuid != mode&os.ModeSetuid {
+		t.Fatalf("Expected %s setuid 0x%x, got 0x%x", path, mode&os.ModeSetuid, fi.Mode()&os.ModeSetuid)
+	}
+
+	if fi.Mode()&os.ModeSetgid != mode&os.ModeSetgid {
+		t.Fatalf("Expected %s setgid 0x%x, got 0x%x", path, mode&os.ModeSetgid, fi.Mode()&os.ModeSetgid)
+	}
+
+	if stat, ok := fi.Sys().(*syscall.Stat_t); ok {
+		if stat.Uid != uid {
+			t.Fatalf("%s no owned by uid %d", path, uid)
+		}
+		if stat.Gid != gid {
+			t.Fatalf("%s not owned by gid %d", path, gid)
+		}
+	}
+
+}
+
+// readDir reads a directory just like ioutil.ReadDir()
+// then hides specific files (currently "lost+found")
+// so the tests don't "see" it
+func readDir(dir string) ([]os.FileInfo, error) {
+	a, err := ioutil.ReadDir(dir)
+	if err != nil {
+		return nil, err
+	}
+
+	b := a[:0]
+	for _, x := range a {
+		if x.Name() != "lost+found" { // ext4 always have this dir
+			b = append(b, x)
+		}
+	}
+
+	return b, nil
+}
+
+// DriverTestCreateEmpty creates an new image and verifies it is empty and the right metadata
+func DriverTestCreateEmpty(t *testing.T, drivername string) {
+	driver := GetDriver(t, drivername)
+	defer PutDriver(t)
+
+	if err := driver.Create("empty", "", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	if !driver.Exists("empty") {
+		t.Fatal("Newly created image doesn't exist")
+	}
+
+	dir, err := driver.Get("empty", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	verifyFile(t, dir, 0755|os.ModeDir, 0, 0)
+
+	// Verify that the directory is empty
+	fis, err := readDir(dir)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(fis) != 0 {
+		t.Fatal("New directory not empty")
+	}
+
+	driver.Put("empty")
+
+	if err := driver.Remove("empty"); err != nil {
+		t.Fatal(err)
+	}
+
+}
+
+func createBase(t *testing.T, driver graphdriver.Driver, name string) {
+	// We need to be able to set any perms
+	oldmask := syscall.Umask(0)
+	defer syscall.Umask(oldmask)
+
+	if err := driver.Create(name, "", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	dir, err := driver.Get(name, "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer driver.Put(name)
+
+	subdir := path.Join(dir, "a subdir")
+	if err := os.Mkdir(subdir, 0705|os.ModeSticky); err != nil {
+		t.Fatal(err)
+	}
+	if err := os.Chown(subdir, 1, 2); err != nil {
+		t.Fatal(err)
+	}
+
+	file := path.Join(dir, "a file")
+	if err := ioutil.WriteFile(file, []byte("Some data"), 0222|os.ModeSetuid); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func verifyBase(t *testing.T, driver graphdriver.Driver, name string) {
+	dir, err := driver.Get(name, "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer driver.Put(name)
+
+	subdir := path.Join(dir, "a subdir")
+	verifyFile(t, subdir, 0705|os.ModeDir|os.ModeSticky, 1, 2)
+
+	file := path.Join(dir, "a file")
+	verifyFile(t, file, 0222|os.ModeSetuid, 0, 0)
+
+	fis, err := readDir(dir)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(fis) != 2 {
+		t.Fatal("Unexpected files in base image")
+	}
+
+}
+
+// DriverTestCreateBase create a base driver and verify.
+func DriverTestCreateBase(t *testing.T, drivername string) {
+	driver := GetDriver(t, drivername)
+	defer PutDriver(t)
+
+	createBase(t, driver, "Base")
+	verifyBase(t, driver, "Base")
+
+	if err := driver.Remove("Base"); err != nil {
+		t.Fatal(err)
+	}
+}
+
+// DriverTestCreateSnap Create a driver and snap and verify.
+func DriverTestCreateSnap(t *testing.T, drivername string) {
+	driver := GetDriver(t, drivername)
+	defer PutDriver(t)
+
+	createBase(t, driver, "Base")
+
+	if err := driver.Create("Snap", "Base", ""); err != nil {
+		t.Fatal(err)
+	}
+
+	verifyBase(t, driver, "Snap")
+
+	if err := driver.Remove("Snap"); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := driver.Remove("Base"); err != nil {
+		t.Fatal(err)
+	}
+}
diff --git a/daemon/graphdriver/graphtest/graphtest_windows.go b/daemon/graphdriver/graphtest/graphtest_windows.go
new file mode 100644
index 00000000..a50c5211
--- /dev/null
+++ b/daemon/graphdriver/graphtest/graphtest_windows.go
@@ -0,0 +1 @@
+package graphtest
diff --git a/daemon/graphdriver/overlay/copy.go b/daemon/graphdriver/overlay/copy.go
new file mode 100644
index 00000000..7d81a83a
--- /dev/null
+++ b/daemon/graphdriver/overlay/copy.go
@@ -0,0 +1,169 @@
+// +build linux
+
+package overlay
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"syscall"
+	"time"
+
+	"github.com/docker/docker/pkg/pools"
+	"github.com/docker/docker/pkg/system"
+)
+
+type copyFlags int
+
+const (
+	copyHardlink copyFlags = 1 << iota
+)
+
+func copyRegular(srcPath, dstPath string, mode os.FileMode) error {
+	srcFile, err := os.Open(srcPath)
+	if err != nil {
+		return err
+	}
+	defer srcFile.Close()
+
+	dstFile, err := os.OpenFile(dstPath, os.O_WRONLY|os.O_CREATE, mode)
+	if err != nil {
+		return err
+	}
+	defer dstFile.Close()
+
+	_, err = pools.Copy(dstFile, srcFile)
+
+	return err
+}
+
+func copyXattr(srcPath, dstPath, attr string) error {
+	data, err := system.Lgetxattr(srcPath, attr)
+	if err != nil {
+		return err
+	}
+	if data != nil {
+		if err := system.Lsetxattr(dstPath, attr, data, 0); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func copyDir(srcDir, dstDir string, flags copyFlags) error {
+	err := filepath.Walk(srcDir, func(srcPath string, f os.FileInfo, err error) error {
+		if err != nil {
+			return err
+		}
+
+		// Rebase path
+		relPath, err := filepath.Rel(srcDir, srcPath)
+		if err != nil {
+			return err
+		}
+
+		dstPath := filepath.Join(dstDir, relPath)
+		if err != nil {
+			return err
+		}
+
+		stat, ok := f.Sys().(*syscall.Stat_t)
+		if !ok {
+			return fmt.Errorf("Unable to get raw syscall.Stat_t data for %s", srcPath)
+		}
+
+		isHardlink := false
+
+		switch f.Mode() & os.ModeType {
+		case 0: // Regular file
+			if flags&copyHardlink != 0 {
+				isHardlink = true
+				if err := os.Link(srcPath, dstPath); err != nil {
+					return err
+				}
+			} else {
+				if err := copyRegular(srcPath, dstPath, f.Mode()); err != nil {
+					return err
+				}
+			}
+
+		case os.ModeDir:
+			if err := os.Mkdir(dstPath, f.Mode()); err != nil && !os.IsExist(err) {
+				return err
+			}
+
+		case os.ModeSymlink:
+			link, err := os.Readlink(srcPath)
+			if err != nil {
+				return err
+			}
+
+			if err := os.Symlink(link, dstPath); err != nil {
+				return err
+			}
+
+		case os.ModeNamedPipe:
+			fallthrough
+		case os.ModeSocket:
+			if err := syscall.Mkfifo(dstPath, stat.Mode); err != nil {
+				return err
+			}
+
+		case os.ModeDevice:
+			if err := syscall.Mknod(dstPath, stat.Mode, int(stat.Rdev)); err != nil {
+				return err
+			}
+
+		default:
+			return fmt.Errorf("Unknown file type for %s\n", srcPath)
+		}
+
+		// Everything below is copying metadata from src to dst. All this metadata
+		// already shares an inode for hardlinks.
+		if isHardlink {
+			return nil
+		}
+
+		if err := os.Lchown(dstPath, int(stat.Uid), int(stat.Gid)); err != nil {
+			return err
+		}
+
+		if err := copyXattr(srcPath, dstPath, "security.capability"); err != nil {
+			return err
+		}
+
+		// We need to copy this attribute if it appears in an overlay upper layer, as
+		// this function is used to copy those. It is set by overlay if a directory
+		// is removed and then re-created and should not inherit anything from the
+		// same dir in the lower dir.
+		if err := copyXattr(srcPath, dstPath, "trusted.overlay.opaque"); err != nil {
+			return err
+		}
+
+		isSymlink := f.Mode()&os.ModeSymlink != 0
+
+		// There is no LChmod, so ignore mode for symlink. Also, this
+		// must happen after chown, as that can modify the file mode
+		if !isSymlink {
+			if err := os.Chmod(dstPath, f.Mode()); err != nil {
+				return err
+			}
+		}
+
+		// system.Chtimes doesn't support a NOFOLLOW flag atm
+		if !isSymlink {
+			aTime := time.Unix(int64(stat.Atim.Sec), int64(stat.Atim.Nsec))
+			mTime := time.Unix(int64(stat.Mtim.Sec), int64(stat.Mtim.Nsec))
+			if err := system.Chtimes(dstPath, aTime, mTime); err != nil {
+				return err
+			}
+		} else {
+			ts := []syscall.Timespec{stat.Atim, stat.Mtim}
+			if err := system.LUtimesNano(dstPath, ts); err != nil {
+				return err
+			}
+		}
+		return nil
+	})
+	return err
+}
diff --git a/daemon/graphdriver/overlay/overlay.go b/daemon/graphdriver/overlay/overlay.go
new file mode 100644
index 00000000..33678f61
--- /dev/null
+++ b/daemon/graphdriver/overlay/overlay.go
@@ -0,0 +1,486 @@
+// +build linux
+
+package overlay
+
+import (
+	"bufio"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path"
+	"sync"
+	"syscall"
+
+	"github.com/Sirupsen/logrus"
+
+	"github.com/docker/docker/daemon/graphdriver"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/chrootarchive"
+	"github.com/docker/docker/pkg/idtools"
+
+	"github.com/opencontainers/runc/libcontainer/label"
+)
+
+// This is a small wrapper over the NaiveDiffWriter that lets us have a custom
+// implementation of ApplyDiff()
+
+var (
+	// ErrApplyDiffFallback is returned to indicate that a normal ApplyDiff is applied as a fallback from Naive diff writer.
+	ErrApplyDiffFallback = fmt.Errorf("Fall back to normal ApplyDiff")
+)
+
+// ApplyDiffProtoDriver wraps the ProtoDriver by extending the interface with ApplyDiff method.
+type ApplyDiffProtoDriver interface {
+	graphdriver.ProtoDriver
+	// ApplyDiff writes the diff to the archive for the given id and parent id.
+	// It returns the size in bytes written if successful, an error ErrApplyDiffFallback is returned otherwise.
+	ApplyDiff(id, parent string, diff archive.Reader) (size int64, err error)
+}
+
+type naiveDiffDriverWithApply struct {
+	graphdriver.Driver
+	applyDiff ApplyDiffProtoDriver
+}
+
+// NaiveDiffDriverWithApply returns a NaiveDiff driver with custom ApplyDiff.
+func NaiveDiffDriverWithApply(driver ApplyDiffProtoDriver, uidMaps, gidMaps []idtools.IDMap) graphdriver.Driver {
+	return &naiveDiffDriverWithApply{
+		Driver:    graphdriver.NewNaiveDiffDriver(driver, uidMaps, gidMaps),
+		applyDiff: driver,
+	}
+}
+
+// ApplyDiff creates a diff layer with either the NaiveDiffDriver or with a fallback.
+func (d *naiveDiffDriverWithApply) ApplyDiff(id, parent string, diff archive.Reader) (int64, error) {
+	b, err := d.applyDiff.ApplyDiff(id, parent, diff)
+	if err == ErrApplyDiffFallback {
+		return d.Driver.ApplyDiff(id, parent, diff)
+	}
+	return b, err
+}
+
+// This backend uses the overlay union filesystem for containers
+// plus hard link file sharing for images.
+
+// Each container/image can have a "root" subdirectory which is a plain
+// filesystem hierarchy, or they can use overlay.
+
+// If they use overlay there is a "upper" directory and a "lower-id"
+// file, as well as "merged" and "work" directories. The "upper"
+// directory has the upper layer of the overlay, and "lower-id" contains
+// the id of the parent whose "root" directory shall be used as the lower
+// layer in the overlay. The overlay itself is mounted in the "merged"
+// directory, and the "work" dir is needed for overlay to work.
+
+// When a overlay layer is created there are two cases, either the
+// parent has a "root" dir, then we start out with a empty "upper"
+// directory overlaid on the parents root. This is typically the
+// case with the init layer of a container which is based on an image.
+// If there is no "root" in the parent, we inherit the lower-id from
+// the parent and start by making a copy in the parent's "upper" dir.
+// This is typically the case for a container layer which copies
+// its parent -init upper layer.
+
+// Additionally we also have a custom implementation of ApplyLayer
+// which makes a recursive copy of the parent "root" layer using
+// hardlinks to share file data, and then applies the layer on top
+// of that. This means all child images share file (but not directory)
+// data with the parent.
+
+// Driver contains information about the home directory and the list of active mounts that are created using this driver.
+type Driver struct {
+	home          string
+	pathCacheLock sync.Mutex
+	pathCache     map[string]string
+	uidMaps       []idtools.IDMap
+	gidMaps       []idtools.IDMap
+	ctr           *graphdriver.RefCounter
+}
+
+var backingFs = "<unknown>"
+
+func init() {
+	graphdriver.Register("overlay", Init)
+}
+
+// Init returns the NaiveDiffDriver, a native diff driver for overlay filesystem.
+// If overlay filesystem is not supported on the host, graphdriver.ErrNotSupported is returned as error.
+// If a overlay filesystem is not supported over a existing filesystem then error graphdriver.ErrIncompatibleFS is returned.
+func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (graphdriver.Driver, error) {
+
+	if err := supportsOverlay(); err != nil {
+		return nil, graphdriver.ErrNotSupported
+	}
+
+	fsMagic, err := graphdriver.GetFSMagic(home)
+	if err != nil {
+		return nil, err
+	}
+	if fsName, ok := graphdriver.FsNames[fsMagic]; ok {
+		backingFs = fsName
+	}
+
+	// check if they are running over btrfs or aufs
+	switch fsMagic {
+	case graphdriver.FsMagicBtrfs:
+		logrus.Error("'overlay' is not supported over btrfs.")
+		return nil, graphdriver.ErrIncompatibleFS
+	case graphdriver.FsMagicAufs:
+		logrus.Error("'overlay' is not supported over aufs.")
+		return nil, graphdriver.ErrIncompatibleFS
+	case graphdriver.FsMagicZfs:
+		logrus.Error("'overlay' is not supported over zfs.")
+		return nil, graphdriver.ErrIncompatibleFS
+	}
+
+	rootUID, rootGID, err := idtools.GetRootUIDGID(uidMaps, gidMaps)
+	if err != nil {
+		return nil, err
+	}
+	// Create the driver home dir
+	if err := idtools.MkdirAllAs(home, 0700, rootUID, rootGID); err != nil && !os.IsExist(err) {
+		return nil, err
+	}
+
+	d := &Driver{
+		home:      home,
+		pathCache: make(map[string]string),
+		uidMaps:   uidMaps,
+		gidMaps:   gidMaps,
+		ctr:       graphdriver.NewRefCounter(),
+	}
+
+	return NaiveDiffDriverWithApply(d, uidMaps, gidMaps), nil
+}
+
+func supportsOverlay() error {
+	// We can try to modprobe overlay first before looking at
+	// proc/filesystems for when overlay is supported
+	exec.Command("modprobe", "overlay").Run()
+
+	f, err := os.Open("/proc/filesystems")
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	s := bufio.NewScanner(f)
+	for s.Scan() {
+		if s.Text() == "nodev\toverlay" {
+			return nil
+		}
+	}
+	logrus.Error("'overlay' not found as a supported filesystem on this host. Please ensure kernel is new enough and has overlay support loaded.")
+	return graphdriver.ErrNotSupported
+}
+
+func (d *Driver) String() string {
+	return "overlay"
+}
+
+// Status returns current driver information in a two dimensional string array.
+// Output contains "Backing Filesystem" used in this implementation.
+func (d *Driver) Status() [][2]string {
+	return [][2]string{
+		{"Backing Filesystem", backingFs},
+	}
+}
+
+// GetMetadata returns meta data about the overlay driver such as root, LowerDir, UpperDir, WorkDir and MergeDir used to store data.
+func (d *Driver) GetMetadata(id string) (map[string]string, error) {
+	dir := d.dir(id)
+	if _, err := os.Stat(dir); err != nil {
+		return nil, err
+	}
+
+	metadata := make(map[string]string)
+
+	// If id has a root, it is an image
+	rootDir := path.Join(dir, "root")
+	if _, err := os.Stat(rootDir); err == nil {
+		metadata["RootDir"] = rootDir
+		return metadata, nil
+	}
+
+	lowerID, err := ioutil.ReadFile(path.Join(dir, "lower-id"))
+	if err != nil {
+		return nil, err
+	}
+
+	metadata["LowerDir"] = path.Join(d.dir(string(lowerID)), "root")
+	metadata["UpperDir"] = path.Join(dir, "upper")
+	metadata["WorkDir"] = path.Join(dir, "work")
+	metadata["MergedDir"] = path.Join(dir, "merged")
+
+	return metadata, nil
+}
+
+// Cleanup simply returns nil and do not change the existing filesystem.
+// This is required to satisfy the graphdriver.Driver interface.
+func (d *Driver) Cleanup() error {
+	return nil
+}
+
+// Create is used to create the upper, lower, and merge directories required for overlay fs for a given id.
+// The parent filesystem is used to configure these directories for the overlay.
+func (d *Driver) Create(id, parent, mountLabel string) (retErr error) {
+	dir := d.dir(id)
+
+	rootUID, rootGID, err := idtools.GetRootUIDGID(d.uidMaps, d.gidMaps)
+	if err != nil {
+		return err
+	}
+	if err := idtools.MkdirAllAs(path.Dir(dir), 0700, rootUID, rootGID); err != nil {
+		return err
+	}
+	if err := idtools.MkdirAs(dir, 0700, rootUID, rootGID); err != nil {
+		return err
+	}
+
+	defer func() {
+		// Clean up on failure
+		if retErr != nil {
+			os.RemoveAll(dir)
+		}
+	}()
+
+	// Toplevel images are just a "root" dir
+	if parent == "" {
+		if err := idtools.MkdirAs(path.Join(dir, "root"), 0755, rootUID, rootGID); err != nil {
+			return err
+		}
+		return nil
+	}
+
+	parentDir := d.dir(parent)
+
+	// Ensure parent exists
+	if _, err := os.Lstat(parentDir); err != nil {
+		return err
+	}
+
+	// If parent has a root, just do a overlay to it
+	parentRoot := path.Join(parentDir, "root")
+
+	if s, err := os.Lstat(parentRoot); err == nil {
+		if err := idtools.MkdirAs(path.Join(dir, "upper"), s.Mode(), rootUID, rootGID); err != nil {
+			return err
+		}
+		if err := idtools.MkdirAs(path.Join(dir, "work"), 0700, rootUID, rootGID); err != nil {
+			return err
+		}
+		if err := idtools.MkdirAs(path.Join(dir, "merged"), 0700, rootUID, rootGID); err != nil {
+			return err
+		}
+		if err := ioutil.WriteFile(path.Join(dir, "lower-id"), []byte(parent), 0666); err != nil {
+			return err
+		}
+		return nil
+	}
+
+	// Otherwise, copy the upper and the lower-id from the parent
+
+	lowerID, err := ioutil.ReadFile(path.Join(parentDir, "lower-id"))
+	if err != nil {
+		return err
+	}
+
+	if err := ioutil.WriteFile(path.Join(dir, "lower-id"), lowerID, 0666); err != nil {
+		return err
+	}
+
+	parentUpperDir := path.Join(parentDir, "upper")
+	s, err := os.Lstat(parentUpperDir)
+	if err != nil {
+		return err
+	}
+
+	upperDir := path.Join(dir, "upper")
+	if err := idtools.MkdirAs(upperDir, s.Mode(), rootUID, rootGID); err != nil {
+		return err
+	}
+	if err := idtools.MkdirAs(path.Join(dir, "work"), 0700, rootUID, rootGID); err != nil {
+		return err
+	}
+	if err := idtools.MkdirAs(path.Join(dir, "merged"), 0700, rootUID, rootGID); err != nil {
+		return err
+	}
+
+	return copyDir(parentUpperDir, upperDir, 0)
+}
+
+func (d *Driver) dir(id string) string {
+	return path.Join(d.home, id)
+}
+
+// Remove cleans the directories that are created for this id.
+func (d *Driver) Remove(id string) error {
+	if err := os.RemoveAll(d.dir(id)); err != nil && !os.IsNotExist(err) {
+		return err
+	}
+	d.pathCacheLock.Lock()
+	delete(d.pathCache, id)
+	d.pathCacheLock.Unlock()
+	return nil
+}
+
+// Get creates and mounts the required file system for the given id and returns the mount path.
+func (d *Driver) Get(id string, mountLabel string) (string, error) {
+	dir := d.dir(id)
+	if _, err := os.Stat(dir); err != nil {
+		return "", err
+	}
+
+	// If id has a root, just return it
+	rootDir := path.Join(dir, "root")
+	if _, err := os.Stat(rootDir); err == nil {
+		d.pathCacheLock.Lock()
+		d.pathCache[id] = rootDir
+		d.pathCacheLock.Unlock()
+		return rootDir, nil
+	}
+
+	lowerID, err := ioutil.ReadFile(path.Join(dir, "lower-id"))
+	if err != nil {
+		return "", err
+	}
+	lowerDir := path.Join(d.dir(string(lowerID)), "root")
+	upperDir := path.Join(dir, "upper")
+	workDir := path.Join(dir, "work")
+	mergedDir := path.Join(dir, "merged")
+
+	if count := d.ctr.Increment(id); count > 1 {
+		return mergedDir, nil
+	}
+
+	opts := fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s", lowerDir, upperDir, workDir)
+
+	// if it's mounted already, just return
+	mounted, err := d.mounted(mergedDir)
+	if err != nil {
+		d.ctr.Decrement(id)
+		return "", err
+	}
+	if mounted {
+		d.ctr.Decrement(id)
+		return mergedDir, nil
+	}
+
+	if err := syscall.Mount("overlay", mergedDir, "overlay", 0, label.FormatMountLabel(opts, mountLabel)); err != nil {
+		d.ctr.Decrement(id)
+		return "", fmt.Errorf("error creating overlay mount to %s: %v", mergedDir, err)
+	}
+	// chown "workdir/work" to the remapped root UID/GID. Overlay fs inside a
+	// user namespace requires this to move a directory from lower to upper.
+	rootUID, rootGID, err := idtools.GetRootUIDGID(d.uidMaps, d.gidMaps)
+	if err != nil {
+		d.ctr.Decrement(id)
+		syscall.Unmount(mergedDir, 0)
+		return "", err
+	}
+
+	if err := os.Chown(path.Join(workDir, "work"), rootUID, rootGID); err != nil {
+		d.ctr.Decrement(id)
+		syscall.Unmount(mergedDir, 0)
+		return "", err
+	}
+
+	d.pathCacheLock.Lock()
+	d.pathCache[id] = mergedDir
+	d.pathCacheLock.Unlock()
+
+	return mergedDir, nil
+}
+
+func (d *Driver) mounted(dir string) (bool, error) {
+	return graphdriver.Mounted(graphdriver.FsMagicOverlay, dir)
+}
+
+// Put unmounts the mount path created for the give id.
+func (d *Driver) Put(id string) error {
+	if count := d.ctr.Decrement(id); count > 0 {
+		return nil
+	}
+	d.pathCacheLock.Lock()
+	mountpoint, exists := d.pathCache[id]
+	d.pathCacheLock.Unlock()
+
+	if !exists {
+		logrus.Debugf("Put on a non-mounted device %s", id)
+		// but it might be still here
+		if d.Exists(id) {
+			mountpoint = path.Join(d.dir(id), "merged")
+		}
+
+		d.pathCacheLock.Lock()
+		d.pathCache[id] = mountpoint
+		d.pathCacheLock.Unlock()
+	}
+
+	if mounted, err := d.mounted(mountpoint); mounted || err != nil {
+		if err = syscall.Unmount(mountpoint, 0); err != nil {
+			logrus.Debugf("Failed to unmount %s overlay: %v", id, err)
+		}
+		return err
+	}
+	return nil
+}
+
+// ApplyDiff applies the new layer on top of the root, if parent does not exist with will return a ErrApplyDiffFallback error.
+func (d *Driver) ApplyDiff(id string, parent string, diff archive.Reader) (size int64, err error) {
+	dir := d.dir(id)
+
+	if parent == "" {
+		return 0, ErrApplyDiffFallback
+	}
+
+	parentRootDir := path.Join(d.dir(parent), "root")
+	if _, err := os.Stat(parentRootDir); err != nil {
+		return 0, ErrApplyDiffFallback
+	}
+
+	// We now know there is a parent, and it has a "root" directory containing
+	// the full root filesystem. We can just hardlink it and apply the
+	// layer. This relies on two things:
+	// 1) ApplyDiff is only run once on a clean (no writes to upper layer) container
+	// 2) ApplyDiff doesn't do any in-place writes to files (would break hardlinks)
+	// These are all currently true and are not expected to break
+
+	tmpRootDir, err := ioutil.TempDir(dir, "tmproot")
+	if err != nil {
+		return 0, err
+	}
+	defer func() {
+		if err != nil {
+			os.RemoveAll(tmpRootDir)
+		} else {
+			os.RemoveAll(path.Join(dir, "upper"))
+			os.RemoveAll(path.Join(dir, "work"))
+			os.RemoveAll(path.Join(dir, "merged"))
+			os.RemoveAll(path.Join(dir, "lower-id"))
+		}
+	}()
+
+	if err = copyDir(parentRootDir, tmpRootDir, copyHardlink); err != nil {
+		return 0, err
+	}
+
+	options := &archive.TarOptions{UIDMaps: d.uidMaps, GIDMaps: d.gidMaps}
+	if size, err = chrootarchive.ApplyUncompressedLayer(tmpRootDir, diff, options); err != nil {
+		return 0, err
+	}
+
+	rootDir := path.Join(dir, "root")
+	if err := os.Rename(tmpRootDir, rootDir); err != nil {
+		return 0, err
+	}
+
+	return
+}
+
+// Exists checks to see if the id is already mounted.
+func (d *Driver) Exists(id string) bool {
+	_, err := os.Stat(d.dir(id))
+	return err == nil
+}
diff --git a/daemon/graphdriver/overlay/overlay_test.go b/daemon/graphdriver/overlay/overlay_test.go
new file mode 100644
index 00000000..8dfcd62e
--- /dev/null
+++ b/daemon/graphdriver/overlay/overlay_test.go
@@ -0,0 +1,31 @@
+// +build linux
+
+package overlay
+
+import (
+	"testing"
+
+	"github.com/docker/docker/daemon/graphdriver/graphtest"
+)
+
+// This avoids creating a new driver for each test if all tests are run
+// Make sure to put new tests between TestOverlaySetup and TestOverlayTeardown
+func TestOverlaySetup(t *testing.T) {
+	graphtest.GetDriver(t, "overlay")
+}
+
+func TestOverlayCreateEmpty(t *testing.T) {
+	graphtest.DriverTestCreateEmpty(t, "overlay")
+}
+
+func TestOverlayCreateBase(t *testing.T) {
+	graphtest.DriverTestCreateBase(t, "overlay")
+}
+
+func TestOverlayCreateSnap(t *testing.T) {
+	graphtest.DriverTestCreateSnap(t, "overlay")
+}
+
+func TestOverlayTeardown(t *testing.T) {
+	graphtest.PutDriver(t)
+}
diff --git a/daemon/graphdriver/overlay/overlay_unsupported.go b/daemon/graphdriver/overlay/overlay_unsupported.go
new file mode 100644
index 00000000..3dbb4de4
--- /dev/null
+++ b/daemon/graphdriver/overlay/overlay_unsupported.go
@@ -0,0 +1,3 @@
+// +build !linux
+
+package overlay
diff --git a/daemon/graphdriver/plugin.go b/daemon/graphdriver/plugin.go
new file mode 100644
index 00000000..d63161b0
--- /dev/null
+++ b/daemon/graphdriver/plugin.go
@@ -0,0 +1,32 @@
+// +build experimental
+
+package graphdriver
+
+import (
+	"fmt"
+	"io"
+
+	"github.com/docker/docker/pkg/plugins"
+)
+
+type pluginClient interface {
+	// Call calls the specified method with the specified arguments for the plugin.
+	Call(string, interface{}, interface{}) error
+	// Stream calls the specified method with the specified arguments for the plugin and returns the response IO stream
+	Stream(string, interface{}) (io.ReadCloser, error)
+	// SendFile calls the specified method, and passes through the IO stream
+	SendFile(string, io.Reader, interface{}) error
+}
+
+func lookupPlugin(name, home string, opts []string) (Driver, error) {
+	pl, err := plugins.Get(name, "GraphDriver")
+	if err != nil {
+		return nil, fmt.Errorf("Error looking up graphdriver plugin %s: %v", name, err)
+	}
+	return newPluginDriver(name, home, opts, pl.Client)
+}
+
+func newPluginDriver(name, home string, opts []string, c pluginClient) (Driver, error) {
+	proxy := &graphDriverProxy{name, c}
+	return proxy, proxy.Init(home, opts)
+}
diff --git a/daemon/graphdriver/plugin_unsupported.go b/daemon/graphdriver/plugin_unsupported.go
new file mode 100644
index 00000000..daa7a170
--- /dev/null
+++ b/daemon/graphdriver/plugin_unsupported.go
@@ -0,0 +1,7 @@
+// +build !experimental
+
+package graphdriver
+
+func lookupPlugin(name, home string, opts []string) (Driver, error) {
+	return nil, ErrNotSupported
+}
diff --git a/daemon/graphdriver/proxy.go b/daemon/graphdriver/proxy.go
new file mode 100644
index 00000000..28657fef
--- /dev/null
+++ b/daemon/graphdriver/proxy.go
@@ -0,0 +1,209 @@
+// +build experimental
+
+package graphdriver
+
+import (
+	"errors"
+	"fmt"
+
+	"github.com/docker/docker/pkg/archive"
+)
+
+type graphDriverProxy struct {
+	name   string
+	client pluginClient
+}
+
+type graphDriverRequest struct {
+	ID         string `json:",omitempty"`
+	Parent     string `json:",omitempty"`
+	MountLabel string `json:",omitempty"`
+}
+
+type graphDriverResponse struct {
+	Err      string            `json:",omitempty"`
+	Dir      string            `json:",omitempty"`
+	Exists   bool              `json:",omitempty"`
+	Status   [][2]string       `json:",omitempty"`
+	Changes  []archive.Change  `json:",omitempty"`
+	Size     int64             `json:",omitempty"`
+	Metadata map[string]string `json:",omitempty"`
+}
+
+type graphDriverInitRequest struct {
+	Home string
+	Opts []string
+}
+
+func (d *graphDriverProxy) Init(home string, opts []string) error {
+	args := &graphDriverInitRequest{
+		Home: home,
+		Opts: opts,
+	}
+	var ret graphDriverResponse
+	if err := d.client.Call("GraphDriver.Init", args, &ret); err != nil {
+		return err
+	}
+	if ret.Err != "" {
+		return errors.New(ret.Err)
+	}
+	return nil
+}
+
+func (d *graphDriverProxy) String() string {
+	return d.name
+}
+
+func (d *graphDriverProxy) Create(id, parent, mountLabel string) error {
+	args := &graphDriverRequest{
+		ID:         id,
+		Parent:     parent,
+		MountLabel: mountLabel,
+	}
+	var ret graphDriverResponse
+	if err := d.client.Call("GraphDriver.Create", args, &ret); err != nil {
+		return err
+	}
+	if ret.Err != "" {
+		return errors.New(ret.Err)
+	}
+	return nil
+}
+
+func (d *graphDriverProxy) Remove(id string) error {
+	args := &graphDriverRequest{ID: id}
+	var ret graphDriverResponse
+	if err := d.client.Call("GraphDriver.Remove", args, &ret); err != nil {
+		return err
+	}
+	if ret.Err != "" {
+		return errors.New(ret.Err)
+	}
+	return nil
+}
+
+func (d *graphDriverProxy) Get(id, mountLabel string) (string, error) {
+	args := &graphDriverRequest{
+		ID:         id,
+		MountLabel: mountLabel,
+	}
+	var ret graphDriverResponse
+	if err := d.client.Call("GraphDriver.Get", args, &ret); err != nil {
+		return "", err
+	}
+	var err error
+	if ret.Err != "" {
+		err = errors.New(ret.Err)
+	}
+	return ret.Dir, err
+}
+
+func (d *graphDriverProxy) Put(id string) error {
+	args := &graphDriverRequest{ID: id}
+	var ret graphDriverResponse
+	if err := d.client.Call("GraphDriver.Put", args, &ret); err != nil {
+		return err
+	}
+	if ret.Err != "" {
+		return errors.New(ret.Err)
+	}
+	return nil
+}
+
+func (d *graphDriverProxy) Exists(id string) bool {
+	args := &graphDriverRequest{ID: id}
+	var ret graphDriverResponse
+	if err := d.client.Call("GraphDriver.Exists", args, &ret); err != nil {
+		return false
+	}
+	return ret.Exists
+}
+
+func (d *graphDriverProxy) Status() [][2]string {
+	args := &graphDriverRequest{}
+	var ret graphDriverResponse
+	if err := d.client.Call("GraphDriver.Status", args, &ret); err != nil {
+		return nil
+	}
+	return ret.Status
+}
+
+func (d *graphDriverProxy) GetMetadata(id string) (map[string]string, error) {
+	args := &graphDriverRequest{
+		ID: id,
+	}
+	var ret graphDriverResponse
+	if err := d.client.Call("GraphDriver.GetMetadata", args, &ret); err != nil {
+		return nil, err
+	}
+	if ret.Err != "" {
+		return nil, errors.New(ret.Err)
+	}
+	return ret.Metadata, nil
+}
+
+func (d *graphDriverProxy) Cleanup() error {
+	args := &graphDriverRequest{}
+	var ret graphDriverResponse
+	if err := d.client.Call("GraphDriver.Cleanup", args, &ret); err != nil {
+		return nil
+	}
+	if ret.Err != "" {
+		return errors.New(ret.Err)
+	}
+	return nil
+}
+
+func (d *graphDriverProxy) Diff(id, parent string) (archive.Archive, error) {
+	args := &graphDriverRequest{
+		ID:     id,
+		Parent: parent,
+	}
+	body, err := d.client.Stream("GraphDriver.Diff", args)
+	if err != nil {
+		return nil, err
+	}
+	return archive.Archive(body), nil
+}
+
+func (d *graphDriverProxy) Changes(id, parent string) ([]archive.Change, error) {
+	args := &graphDriverRequest{
+		ID:     id,
+		Parent: parent,
+	}
+	var ret graphDriverResponse
+	if err := d.client.Call("GraphDriver.Changes", args, &ret); err != nil {
+		return nil, err
+	}
+	if ret.Err != "" {
+		return nil, errors.New(ret.Err)
+	}
+
+	return ret.Changes, nil
+}
+
+func (d *graphDriverProxy) ApplyDiff(id, parent string, diff archive.Reader) (int64, error) {
+	var ret graphDriverResponse
+	if err := d.client.SendFile(fmt.Sprintf("GraphDriver.ApplyDiff?id=%s&parent=%s", id, parent), diff, &ret); err != nil {
+		return -1, err
+	}
+	if ret.Err != "" {
+		return -1, errors.New(ret.Err)
+	}
+	return ret.Size, nil
+}
+
+func (d *graphDriverProxy) DiffSize(id, parent string) (int64, error) {
+	args := &graphDriverRequest{
+		ID:     id,
+		Parent: parent,
+	}
+	var ret graphDriverResponse
+	if err := d.client.Call("GraphDriver.DiffSize", args, &ret); err != nil {
+		return -1, err
+	}
+	if ret.Err != "" {
+		return -1, errors.New(ret.Err)
+	}
+	return ret.Size, nil
+}
diff --git a/daemon/graphdriver/register/register_aufs.go b/daemon/graphdriver/register/register_aufs.go
new file mode 100644
index 00000000..262954d6
--- /dev/null
+++ b/daemon/graphdriver/register/register_aufs.go
@@ -0,0 +1,8 @@
+// +build !exclude_graphdriver_aufs,linux
+
+package register
+
+import (
+	// register the aufs graphdriver
+	_ "github.com/docker/docker/daemon/graphdriver/aufs"
+)
diff --git a/daemon/graphdriver/register/register_btrfs.go b/daemon/graphdriver/register/register_btrfs.go
new file mode 100644
index 00000000..f456cc5c
--- /dev/null
+++ b/daemon/graphdriver/register/register_btrfs.go
@@ -0,0 +1,8 @@
+// +build !exclude_graphdriver_btrfs,linux
+
+package register
+
+import (
+	// register the btrfs graphdriver
+	_ "github.com/docker/docker/daemon/graphdriver/btrfs"
+)
diff --git a/daemon/graphdriver/register/register_devicemapper.go b/daemon/graphdriver/register/register_devicemapper.go
new file mode 100644
index 00000000..bb2e9ef5
--- /dev/null
+++ b/daemon/graphdriver/register/register_devicemapper.go
@@ -0,0 +1,8 @@
+// +build !exclude_graphdriver_devicemapper,linux
+
+package register
+
+import (
+	// register the devmapper graphdriver
+	_ "github.com/docker/docker/daemon/graphdriver/devmapper"
+)
diff --git a/daemon/graphdriver/register/register_overlay.go b/daemon/graphdriver/register/register_overlay.go
new file mode 100644
index 00000000..3a952642
--- /dev/null
+++ b/daemon/graphdriver/register/register_overlay.go
@@ -0,0 +1,8 @@
+// +build !exclude_graphdriver_overlay,linux
+
+package register
+
+import (
+	// register the overlay graphdriver
+	_ "github.com/docker/docker/daemon/graphdriver/overlay"
+)
diff --git a/daemon/graphdriver/register/register_vfs.go b/daemon/graphdriver/register/register_vfs.go
new file mode 100644
index 00000000..98fad23b
--- /dev/null
+++ b/daemon/graphdriver/register/register_vfs.go
@@ -0,0 +1,6 @@
+package register
+
+import (
+	// register vfs
+	_ "github.com/docker/docker/daemon/graphdriver/vfs"
+)
diff --git a/daemon/graphdriver/register/register_windows.go b/daemon/graphdriver/register/register_windows.go
new file mode 100644
index 00000000..efaa5005
--- /dev/null
+++ b/daemon/graphdriver/register/register_windows.go
@@ -0,0 +1,6 @@
+package register
+
+import (
+	// register the windows graph driver
+	_ "github.com/docker/docker/daemon/graphdriver/windows"
+)
diff --git a/daemon/graphdriver/register/register_zfs.go b/daemon/graphdriver/register/register_zfs.go
new file mode 100644
index 00000000..8c31c415
--- /dev/null
+++ b/daemon/graphdriver/register/register_zfs.go
@@ -0,0 +1,8 @@
+// +build !exclude_graphdriver_zfs,linux !exclude_graphdriver_zfs,freebsd
+
+package register
+
+import (
+	// register the zfs driver
+	_ "github.com/docker/docker/daemon/graphdriver/zfs"
+)
diff --git a/daemon/graphdriver/vfs/driver.go b/daemon/graphdriver/vfs/driver.go
new file mode 100644
index 00000000..00d9f8ec
--- /dev/null
+++ b/daemon/graphdriver/vfs/driver.go
@@ -0,0 +1,135 @@
+package vfs
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+
+	"github.com/docker/docker/daemon/graphdriver"
+	"github.com/docker/docker/pkg/chrootarchive"
+	"github.com/docker/docker/pkg/idtools"
+
+	"github.com/opencontainers/runc/libcontainer/label"
+)
+
+var (
+	// CopyWithTar defines the copy method to use.
+	CopyWithTar = chrootarchive.CopyWithTar
+)
+
+func init() {
+	graphdriver.Register("vfs", Init)
+}
+
+// Init returns a new VFS driver.
+// This sets the home directory for the driver and returns NaiveDiffDriver.
+func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (graphdriver.Driver, error) {
+	d := &Driver{
+		home:    home,
+		uidMaps: uidMaps,
+		gidMaps: gidMaps,
+	}
+	rootUID, rootGID, err := idtools.GetRootUIDGID(uidMaps, gidMaps)
+	if err != nil {
+		return nil, err
+	}
+	if err := idtools.MkdirAllAs(home, 0700, rootUID, rootGID); err != nil {
+		return nil, err
+	}
+	return graphdriver.NewNaiveDiffDriver(d, uidMaps, gidMaps), nil
+}
+
+// Driver holds information about the driver, home directory of the driver.
+// Driver implements graphdriver.ProtoDriver. It uses only basic vfs operations.
+// In order to support layering, files are copied from the parent layer into the new layer. There is no copy-on-write support.
+// Driver must be wrapped in NaiveDiffDriver to be used as a graphdriver.Driver
+type Driver struct {
+	home    string
+	uidMaps []idtools.IDMap
+	gidMaps []idtools.IDMap
+}
+
+func (d *Driver) String() string {
+	return "vfs"
+}
+
+// Status is used for implementing the graphdriver.ProtoDriver interface. VFS does not currently have any status information.
+func (d *Driver) Status() [][2]string {
+	return nil
+}
+
+// GetMetadata is used for implementing the graphdriver.ProtoDriver interface. VFS does not currently have any meta data.
+func (d *Driver) GetMetadata(id string) (map[string]string, error) {
+	return nil, nil
+}
+
+// Cleanup is used to implement graphdriver.ProtoDriver. There is no cleanup required for this driver.
+func (d *Driver) Cleanup() error {
+	return nil
+}
+
+// Create prepares the filesystem for the VFS driver and copies the directory for the given id under the parent.
+func (d *Driver) Create(id, parent, mountLabel string) error {
+	dir := d.dir(id)
+	rootUID, rootGID, err := idtools.GetRootUIDGID(d.uidMaps, d.gidMaps)
+	if err != nil {
+		return err
+	}
+	if err := idtools.MkdirAllAs(filepath.Dir(dir), 0700, rootUID, rootGID); err != nil {
+		return err
+	}
+	if err := idtools.MkdirAs(dir, 0755, rootUID, rootGID); err != nil {
+		return err
+	}
+	opts := []string{"level:s0"}
+	if _, mountLabel, err := label.InitLabels(opts); err == nil {
+		label.SetFileLabel(dir, mountLabel)
+	}
+	if parent == "" {
+		return nil
+	}
+	parentDir, err := d.Get(parent, "")
+	if err != nil {
+		return fmt.Errorf("%s: %s", parent, err)
+	}
+	if err := CopyWithTar(parentDir, dir); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (d *Driver) dir(id string) string {
+	return filepath.Join(d.home, "dir", filepath.Base(id))
+}
+
+// Remove deletes the content from the directory for a given id.
+func (d *Driver) Remove(id string) error {
+	if err := os.RemoveAll(d.dir(id)); err != nil && !os.IsNotExist(err) {
+		return err
+	}
+	return nil
+}
+
+// Get returns the directory for the given id.
+func (d *Driver) Get(id, mountLabel string) (string, error) {
+	dir := d.dir(id)
+	if st, err := os.Stat(dir); err != nil {
+		return "", err
+	} else if !st.IsDir() {
+		return "", fmt.Errorf("%s: not a directory", dir)
+	}
+	return dir, nil
+}
+
+// Put is a noop for vfs that return nil for the error, since this driver has no runtime resources to clean up.
+func (d *Driver) Put(id string) error {
+	// The vfs driver has no runtime resources (e.g. mounts)
+	// to clean up, so we don't need anything here
+	return nil
+}
+
+// Exists checks to see if the directory exists for the given id.
+func (d *Driver) Exists(id string) bool {
+	_, err := os.Stat(d.dir(id))
+	return err == nil
+}
diff --git a/daemon/graphdriver/vfs/vfs_test.go b/daemon/graphdriver/vfs/vfs_test.go
new file mode 100644
index 00000000..9ecf21db
--- /dev/null
+++ b/daemon/graphdriver/vfs/vfs_test.go
@@ -0,0 +1,37 @@
+// +build linux
+
+package vfs
+
+import (
+	"testing"
+
+	"github.com/docker/docker/daemon/graphdriver/graphtest"
+
+	"github.com/docker/docker/pkg/reexec"
+)
+
+func init() {
+	reexec.Init()
+}
+
+// This avoids creating a new driver for each test if all tests are run
+// Make sure to put new tests between TestVfsSetup and TestVfsTeardown
+func TestVfsSetup(t *testing.T) {
+	graphtest.GetDriver(t, "vfs")
+}
+
+func TestVfsCreateEmpty(t *testing.T) {
+	graphtest.DriverTestCreateEmpty(t, "vfs")
+}
+
+func TestVfsCreateBase(t *testing.T) {
+	graphtest.DriverTestCreateBase(t, "vfs")
+}
+
+func TestVfsCreateSnap(t *testing.T) {
+	graphtest.DriverTestCreateSnap(t, "vfs")
+}
+
+func TestVfsTeardown(t *testing.T) {
+	graphtest.PutDriver(t)
+}
diff --git a/daemon/graphdriver/windows/windows.go b/daemon/graphdriver/windows/windows.go
new file mode 100644
index 00000000..dd659dad
--- /dev/null
+++ b/daemon/graphdriver/windows/windows.go
@@ -0,0 +1,745 @@
+//+build windows
+
+package windows
+
+import (
+	"bufio"
+	"crypto/sha512"
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"path"
+	"path/filepath"
+	"strings"
+	"syscall"
+	"time"
+
+	"github.com/Microsoft/go-winio"
+	"github.com/Microsoft/go-winio/archive/tar"
+	"github.com/Microsoft/go-winio/backuptar"
+	"github.com/Microsoft/hcsshim"
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/daemon/graphdriver"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/chrootarchive"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/vbatts/tar-split/tar/storage"
+)
+
+// init registers the windows graph drivers to the register.
+func init() {
+	graphdriver.Register("windowsfilter", InitFilter)
+	graphdriver.Register("windowsdiff", InitDiff)
+}
+
+const (
+	// diffDriver is an hcsshim driver type
+	diffDriver = iota
+	// filterDriver is an hcsshim driver type
+	filterDriver
+)
+
+// Driver represents a windows graph driver.
+type Driver struct {
+	// info stores the shim driver information
+	info hcsshim.DriverInfo
+}
+
+var _ graphdriver.DiffGetterDriver = &Driver{}
+
+// InitFilter returns a new Windows storage filter driver.
+func InitFilter(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (graphdriver.Driver, error) {
+	logrus.Debugf("WindowsGraphDriver InitFilter at %s", home)
+	d := &Driver{
+		info: hcsshim.DriverInfo{
+			HomeDir: home,
+			Flavour: filterDriver,
+		},
+	}
+	return d, nil
+}
+
+// InitDiff returns a new Windows differencing disk driver.
+func InitDiff(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (graphdriver.Driver, error) {
+	logrus.Debugf("WindowsGraphDriver InitDiff at %s", home)
+	d := &Driver{
+		info: hcsshim.DriverInfo{
+			HomeDir: home,
+			Flavour: diffDriver,
+		},
+	}
+	return d, nil
+}
+
+// String returns the string representation of a driver.
+func (d *Driver) String() string {
+	switch d.info.Flavour {
+	case diffDriver:
+		return "windowsdiff"
+	case filterDriver:
+		return "windowsfilter"
+	default:
+		return "Unknown driver flavour"
+	}
+}
+
+// Status returns the status of the driver.
+func (d *Driver) Status() [][2]string {
+	return [][2]string{
+		{"Windows", ""},
+	}
+}
+
+// Exists returns true if the given id is registered with this driver.
+func (d *Driver) Exists(id string) bool {
+	rID, err := d.resolveID(id)
+	if err != nil {
+		return false
+	}
+	result, err := hcsshim.LayerExists(d.info, rID)
+	if err != nil {
+		return false
+	}
+	return result
+}
+
+// Create creates a new layer with the given id.
+func (d *Driver) Create(id, parent, mountLabel string) error {
+	rPId, err := d.resolveID(parent)
+	if err != nil {
+		return err
+	}
+
+	parentChain, err := d.getLayerChain(rPId)
+	if err != nil {
+		return err
+	}
+
+	var layerChain []string
+
+	parentIsInit := strings.HasSuffix(rPId, "-init")
+
+	if !parentIsInit && rPId != "" {
+		parentPath, err := hcsshim.GetLayerMountPath(d.info, rPId)
+		if err != nil {
+			return err
+		}
+		layerChain = []string{parentPath}
+	}
+
+	layerChain = append(layerChain, parentChain...)
+
+	if parentIsInit {
+		if len(layerChain) == 0 {
+			return fmt.Errorf("Cannot create a read/write layer without a parent layer.")
+		}
+		if err := hcsshim.CreateSandboxLayer(d.info, id, layerChain[0], layerChain); err != nil {
+			return err
+		}
+	} else {
+		if err := hcsshim.CreateLayer(d.info, id, rPId); err != nil {
+			return err
+		}
+	}
+
+	if _, err := os.Lstat(d.dir(parent)); err != nil {
+		if err2 := hcsshim.DestroyLayer(d.info, id); err2 != nil {
+			logrus.Warnf("Failed to DestroyLayer %s: %s", id, err2)
+		}
+		return fmt.Errorf("Cannot create layer with missing parent %s: %s", parent, err)
+	}
+
+	if err := d.setLayerChain(id, layerChain); err != nil {
+		if err2 := hcsshim.DestroyLayer(d.info, id); err2 != nil {
+			logrus.Warnf("Failed to DestroyLayer %s: %s", id, err2)
+		}
+		return err
+	}
+
+	return nil
+}
+
+// dir returns the absolute path to the layer.
+func (d *Driver) dir(id string) string {
+	return filepath.Join(d.info.HomeDir, filepath.Base(id))
+}
+
+// Remove unmounts and removes the dir information.
+func (d *Driver) Remove(id string) error {
+	rID, err := d.resolveID(id)
+	if err != nil {
+		return err
+	}
+	os.RemoveAll(filepath.Join(d.info.HomeDir, "sysfile-backups", rID)) // ok to fail
+	return hcsshim.DestroyLayer(d.info, rID)
+}
+
+// Get returns the rootfs path for the id. This will mount the dir at it's given path.
+func (d *Driver) Get(id, mountLabel string) (string, error) {
+	logrus.Debugf("WindowsGraphDriver Get() id %s mountLabel %s", id, mountLabel)
+	var dir string
+
+	rID, err := d.resolveID(id)
+	if err != nil {
+		return "", err
+	}
+
+	// Getting the layer paths must be done outside of the lock.
+	layerChain, err := d.getLayerChain(rID)
+	if err != nil {
+		return "", err
+	}
+
+	if err := hcsshim.ActivateLayer(d.info, rID); err != nil {
+		return "", err
+	}
+	if err := hcsshim.PrepareLayer(d.info, rID, layerChain); err != nil {
+		if err2 := hcsshim.DeactivateLayer(d.info, rID); err2 != nil {
+			logrus.Warnf("Failed to Deactivate %s: %s", id, err)
+		}
+		return "", err
+	}
+
+	mountPath, err := hcsshim.GetLayerMountPath(d.info, rID)
+	if err != nil {
+		if err2 := hcsshim.DeactivateLayer(d.info, rID); err2 != nil {
+			logrus.Warnf("Failed to Deactivate %s: %s", id, err)
+		}
+		return "", err
+	}
+
+	// If the layer has a mount path, use that. Otherwise, use the
+	// folder path.
+	if mountPath != "" {
+		dir = mountPath
+	} else {
+		dir = d.dir(id)
+	}
+
+	return dir, nil
+}
+
+// Put adds a new layer to the driver.
+func (d *Driver) Put(id string) error {
+	logrus.Debugf("WindowsGraphDriver Put() id %s", id)
+
+	rID, err := d.resolveID(id)
+	if err != nil {
+		return err
+	}
+
+	if err := hcsshim.UnprepareLayer(d.info, rID); err != nil {
+		return err
+	}
+	return hcsshim.DeactivateLayer(d.info, rID)
+}
+
+// Cleanup ensures the information the driver stores is properly removed.
+func (d *Driver) Cleanup() error {
+	return nil
+}
+
+// Diff produces an archive of the changes between the specified
+// layer and its parent layer which may be "".
+// The layer should be mounted when calling this function
+func (d *Driver) Diff(id, parent string) (_ archive.Archive, err error) {
+	rID, err := d.resolveID(id)
+	if err != nil {
+		return
+	}
+
+	layerChain, err := d.getLayerChain(rID)
+	if err != nil {
+		return
+	}
+
+	// this is assuming that the layer is unmounted
+	if err := hcsshim.UnprepareLayer(d.info, rID); err != nil {
+		return nil, err
+	}
+	defer func() {
+		if err := hcsshim.PrepareLayer(d.info, rID, layerChain); err != nil {
+			logrus.Warnf("Failed to Deactivate %s: %s", rID, err)
+		}
+	}()
+
+	arch, err := d.exportLayer(rID, layerChain)
+	if err != nil {
+		return
+	}
+	return ioutils.NewReadCloserWrapper(arch, func() error {
+		return arch.Close()
+	}), nil
+}
+
+// Changes produces a list of changes between the specified layer
+// and its parent layer. If parent is "", then all changes will be ADD changes.
+// The layer should be mounted when calling this function
+func (d *Driver) Changes(id, parent string) ([]archive.Change, error) {
+	rID, err := d.resolveID(id)
+	if err != nil {
+		return nil, err
+	}
+	parentChain, err := d.getLayerChain(rID)
+	if err != nil {
+		return nil, err
+	}
+
+	// this is assuming that the layer is unmounted
+	if err := hcsshim.UnprepareLayer(d.info, rID); err != nil {
+		return nil, err
+	}
+	defer func() {
+		if err := hcsshim.PrepareLayer(d.info, rID, parentChain); err != nil {
+			logrus.Warnf("Failed to Deactivate %s: %s", rID, err)
+		}
+	}()
+
+	r, err := hcsshim.NewLayerReader(d.info, id, parentChain)
+	if err != nil {
+		return nil, err
+	}
+	defer r.Close()
+
+	var changes []archive.Change
+	for {
+		name, _, fileInfo, err := r.Next()
+		if err == io.EOF {
+			break
+		}
+		if err != nil {
+			return nil, err
+		}
+		name = filepath.ToSlash(name)
+		if fileInfo == nil {
+			changes = append(changes, archive.Change{name, archive.ChangeDelete})
+		} else {
+			// Currently there is no way to tell between an add and a modify.
+			changes = append(changes, archive.Change{name, archive.ChangeModify})
+		}
+	}
+	return changes, nil
+}
+
+// ApplyDiff extracts the changeset from the given diff into the
+// layer with the specified id and parent, returning the size of the
+// new layer in bytes.
+// The layer should not be mounted when calling this function
+func (d *Driver) ApplyDiff(id, parent string, diff archive.Reader) (size int64, err error) {
+	rPId, err := d.resolveID(parent)
+	if err != nil {
+		return
+	}
+
+	if d.info.Flavour == diffDriver {
+		start := time.Now().UTC()
+		logrus.Debugf("WindowsGraphDriver ApplyDiff: Start untar layer")
+		destination := d.dir(id)
+		destination = filepath.Dir(destination)
+		if size, err = chrootarchive.ApplyUncompressedLayer(destination, diff, nil); err != nil {
+			return
+		}
+		logrus.Debugf("WindowsGraphDriver ApplyDiff: Untar time: %vs", time.Now().UTC().Sub(start).Seconds())
+
+		return
+	}
+
+	parentChain, err := d.getLayerChain(rPId)
+	if err != nil {
+		return
+	}
+	parentPath, err := hcsshim.GetLayerMountPath(d.info, rPId)
+	if err != nil {
+		return
+	}
+	layerChain := []string{parentPath}
+	layerChain = append(layerChain, parentChain...)
+
+	if size, err = d.importLayer(id, diff, layerChain); err != nil {
+		return
+	}
+
+	if err = d.setLayerChain(id, layerChain); err != nil {
+		return
+	}
+
+	return
+}
+
+// DiffSize calculates the changes between the specified layer
+// and its parent and returns the size in bytes of the changes
+// relative to its base filesystem directory.
+func (d *Driver) DiffSize(id, parent string) (size int64, err error) {
+	rPId, err := d.resolveID(parent)
+	if err != nil {
+		return
+	}
+
+	changes, err := d.Changes(id, rPId)
+	if err != nil {
+		return
+	}
+
+	layerFs, err := d.Get(id, "")
+	if err != nil {
+		return
+	}
+	defer d.Put(id)
+
+	return archive.ChangesSize(layerFs, changes), nil
+}
+
+// CustomImageInfo is the object returned by the driver describing the base
+// image.
+type CustomImageInfo struct {
+	ID          string
+	Name        string
+	Version     string
+	Path        string
+	Size        int64
+	CreatedTime time.Time
+}
+
+// GetCustomImageInfos returns the image infos for window specific
+// base images which should always be present.
+func (d *Driver) GetCustomImageInfos() ([]CustomImageInfo, error) {
+	strData, err := hcsshim.GetSharedBaseImages()
+	if err != nil {
+		return nil, fmt.Errorf("Failed to restore base images: %s", err)
+	}
+
+	type customImageInfoList struct {
+		Images []CustomImageInfo
+	}
+
+	var infoData customImageInfoList
+
+	if err = json.Unmarshal([]byte(strData), &infoData); err != nil {
+		err = fmt.Errorf("JSON unmarshal returned error=%s", err)
+		logrus.Error(err)
+		return nil, err
+	}
+
+	var images []CustomImageInfo
+
+	for _, imageData := range infoData.Images {
+		folderName := filepath.Base(imageData.Path)
+
+		// Use crypto hash of the foldername to generate a docker style id.
+		h := sha512.Sum384([]byte(folderName))
+		id := fmt.Sprintf("%x", h[:32])
+
+		if err := d.Create(id, "", ""); err != nil {
+			return nil, err
+		}
+		// Create the alternate ID file.
+		if err := d.setID(id, folderName); err != nil {
+			return nil, err
+		}
+
+		imageData.ID = id
+		images = append(images, imageData)
+	}
+
+	return images, nil
+}
+
+// GetMetadata returns custom driver information.
+func (d *Driver) GetMetadata(id string) (map[string]string, error) {
+	m := make(map[string]string)
+	m["dir"] = d.dir(id)
+	return m, nil
+}
+
+func writeTarFromLayer(r hcsshim.LayerReader, w io.Writer) error {
+	t := tar.NewWriter(w)
+	for {
+		name, size, fileInfo, err := r.Next()
+		if err == io.EOF {
+			break
+		}
+		if err != nil {
+			return err
+		}
+		if fileInfo == nil {
+			// Write a whiteout file.
+			hdr := &tar.Header{
+				Name: filepath.ToSlash(filepath.Join(filepath.Dir(name), archive.WhiteoutPrefix+filepath.Base(name))),
+			}
+			err := t.WriteHeader(hdr)
+			if err != nil {
+				return err
+			}
+		} else {
+			err = backuptar.WriteTarFileFromBackupStream(t, r, name, size, fileInfo)
+			if err != nil {
+				return err
+			}
+		}
+	}
+	return t.Close()
+}
+
+// exportLayer generates an archive from a layer based on the given ID.
+func (d *Driver) exportLayer(id string, parentLayerPaths []string) (archive.Archive, error) {
+	if hcsshim.IsTP4() {
+		// Export in TP4 format to maintain compatibility with existing images and
+		// because ExportLayer is somewhat broken on TP4 and can't work with the new
+		// scheme.
+		tempFolder, err := ioutil.TempDir("", "hcs")
+		if err != nil {
+			return nil, err
+		}
+		defer func() {
+			if err != nil {
+				os.RemoveAll(tempFolder)
+			}
+		}()
+
+		if err = hcsshim.ExportLayer(d.info, id, tempFolder, parentLayerPaths); err != nil {
+			return nil, err
+		}
+		archive, err := archive.Tar(tempFolder, archive.Uncompressed)
+		if err != nil {
+			return nil, err
+		}
+		return ioutils.NewReadCloserWrapper(archive, func() error {
+			err := archive.Close()
+			os.RemoveAll(tempFolder)
+			return err
+		}), nil
+	}
+
+	var r hcsshim.LayerReader
+	r, err := hcsshim.NewLayerReader(d.info, id, parentLayerPaths)
+	if err != nil {
+		return nil, err
+	}
+
+	archive, w := io.Pipe()
+	go func() {
+		err := writeTarFromLayer(r, w)
+		cerr := r.Close()
+		if err == nil {
+			err = cerr
+		}
+		w.CloseWithError(err)
+	}()
+
+	return archive, nil
+}
+
+func writeLayerFromTar(r archive.Reader, w hcsshim.LayerWriter) (int64, error) {
+	t := tar.NewReader(r)
+	hdr, err := t.Next()
+	totalSize := int64(0)
+	buf := bufio.NewWriter(nil)
+	for err == nil {
+		base := path.Base(hdr.Name)
+		if strings.HasPrefix(base, archive.WhiteoutPrefix) {
+			name := path.Join(path.Dir(hdr.Name), base[len(archive.WhiteoutPrefix):])
+			err = w.Remove(filepath.FromSlash(name))
+			if err != nil {
+				return 0, err
+			}
+			hdr, err = t.Next()
+		} else {
+			var (
+				name     string
+				size     int64
+				fileInfo *winio.FileBasicInfo
+			)
+			name, size, fileInfo, err = backuptar.FileInfoFromHeader(hdr)
+			if err != nil {
+				return 0, err
+			}
+			err = w.Add(filepath.FromSlash(name), fileInfo)
+			if err != nil {
+				return 0, err
+			}
+			buf.Reset(w)
+			hdr, err = backuptar.WriteBackupStreamFromTarFile(buf, t, hdr)
+			ferr := buf.Flush()
+			if ferr != nil {
+				err = ferr
+			}
+			totalSize += size
+		}
+	}
+	if err != io.EOF {
+		return 0, err
+	}
+	return totalSize, nil
+}
+
+// importLayer adds a new layer to the tag and graph store based on the given data.
+func (d *Driver) importLayer(id string, layerData archive.Reader, parentLayerPaths []string) (size int64, err error) {
+	if hcsshim.IsTP4() {
+		// Import from TP4 format to maintain compatibility with existing images.
+		var tempFolder string
+		tempFolder, err = ioutil.TempDir("", "hcs")
+		if err != nil {
+			return
+		}
+		defer os.RemoveAll(tempFolder)
+
+		if size, err = chrootarchive.ApplyLayer(tempFolder, layerData); err != nil {
+			return
+		}
+		if err = hcsshim.ImportLayer(d.info, id, tempFolder, parentLayerPaths); err != nil {
+			return
+		}
+		return
+	}
+
+	var w hcsshim.LayerWriter
+	w, err = hcsshim.NewLayerWriter(d.info, id, parentLayerPaths)
+	if err != nil {
+		return
+	}
+
+	size, err = writeLayerFromTar(layerData, w)
+	if err != nil {
+		w.Close()
+		return
+	}
+	err = w.Close()
+	if err != nil {
+		return
+	}
+	return
+}
+
+// resolveID computes the layerID information based on the given id.
+func (d *Driver) resolveID(id string) (string, error) {
+	content, err := ioutil.ReadFile(filepath.Join(d.dir(id), "layerID"))
+	if os.IsNotExist(err) {
+		return id, nil
+	} else if err != nil {
+		return "", err
+	}
+	return string(content), nil
+}
+
+// setID stores the layerId in disk.
+func (d *Driver) setID(id, altID string) error {
+	err := ioutil.WriteFile(filepath.Join(d.dir(id), "layerId"), []byte(altID), 0600)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+// getLayerChain returns the layer chain information.
+func (d *Driver) getLayerChain(id string) ([]string, error) {
+	jPath := filepath.Join(d.dir(id), "layerchain.json")
+	content, err := ioutil.ReadFile(jPath)
+	if os.IsNotExist(err) {
+		return nil, nil
+	} else if err != nil {
+		return nil, fmt.Errorf("Unable to read layerchain file - %s", err)
+	}
+
+	var layerChain []string
+	err = json.Unmarshal(content, &layerChain)
+	if err != nil {
+		return nil, fmt.Errorf("Failed to unmarshall layerchain json - %s", err)
+	}
+
+	return layerChain, nil
+}
+
+// setLayerChain stores the layer chain information in disk.
+func (d *Driver) setLayerChain(id string, chain []string) error {
+	content, err := json.Marshal(&chain)
+	if err != nil {
+		return fmt.Errorf("Failed to marshall layerchain json - %s", err)
+	}
+
+	jPath := filepath.Join(d.dir(id), "layerchain.json")
+	err = ioutil.WriteFile(jPath, content, 0600)
+	if err != nil {
+		return fmt.Errorf("Unable to write layerchain file - %s", err)
+	}
+
+	return nil
+}
+
+type fileGetCloserWithBackupPrivileges struct {
+	path string
+}
+
+func (fg *fileGetCloserWithBackupPrivileges) Get(filename string) (io.ReadCloser, error) {
+	var f *os.File
+	// Open the file while holding the Windows backup privilege. This ensures that the
+	// file can be opened even if the caller does not actually have access to it according
+	// to the security descriptor.
+	err := winio.RunWithPrivilege(winio.SeBackupPrivilege, func() error {
+		path := filepath.Join(fg.path, filename)
+		p, err := syscall.UTF16FromString(path)
+		if err != nil {
+			return err
+		}
+		h, err := syscall.CreateFile(&p[0], syscall.GENERIC_READ, syscall.FILE_SHARE_READ, nil, syscall.OPEN_EXISTING, syscall.FILE_FLAG_BACKUP_SEMANTICS, 0)
+		if err != nil {
+			return &os.PathError{Op: "open", Path: path, Err: err}
+		}
+		f = os.NewFile(uintptr(h), path)
+		return nil
+	})
+	return f, err
+}
+
+func (fg *fileGetCloserWithBackupPrivileges) Close() error {
+	return nil
+}
+
+type fileGetDestroyCloser struct {
+	storage.FileGetter
+	path string
+}
+
+func (f *fileGetDestroyCloser) Close() error {
+	// TODO: activate layers and release here?
+	return os.RemoveAll(f.path)
+}
+
+// DiffGetter returns a FileGetCloser that can read files from the directory that
+// contains files for the layer differences. Used for direct access for tar-split.
+func (d *Driver) DiffGetter(id string) (graphdriver.FileGetCloser, error) {
+	id, err := d.resolveID(id)
+	if err != nil {
+		return nil, err
+	}
+
+	if hcsshim.IsTP4() {
+		// The export format for TP4 is different from the contents of the layer, so
+		// fall back to exporting the layer and getting file contents from there.
+		layerChain, err := d.getLayerChain(id)
+		if err != nil {
+			return nil, err
+		}
+
+		var tempFolder string
+		tempFolder, err = ioutil.TempDir("", "hcs")
+		if err != nil {
+			return nil, err
+		}
+		defer func() {
+			if err != nil {
+				os.RemoveAll(tempFolder)
+			}
+		}()
+
+		if err = hcsshim.ExportLayer(d.info, id, tempFolder, layerChain); err != nil {
+			return nil, err
+		}
+
+		return &fileGetDestroyCloser{storage.NewPathFileGetter(tempFolder), tempFolder}, nil
+	}
+
+	return &fileGetCloserWithBackupPrivileges{d.dir(id)}, nil
+}
diff --git a/daemon/graphdriver/zfs/MAINTAINERS b/daemon/graphdriver/zfs/MAINTAINERS
new file mode 100644
index 00000000..9c270c54
--- /dev/null
+++ b/daemon/graphdriver/zfs/MAINTAINERS
@@ -0,0 +1,2 @@
+Jörg Thalheim <joerg@higgsboson.tk> (@Mic92)
+Arthur Gautier <baloo@gandi.net> (@baloose)
diff --git a/daemon/graphdriver/zfs/zfs.go b/daemon/graphdriver/zfs/zfs.go
new file mode 100644
index 00000000..2db187ce
--- /dev/null
+++ b/daemon/graphdriver/zfs/zfs.go
@@ -0,0 +1,359 @@
+// +build linux freebsd
+
+package zfs
+
+import (
+	"fmt"
+	"os"
+	"os/exec"
+	"path"
+	"strconv"
+	"strings"
+	"sync"
+	"syscall"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/daemon/graphdriver"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/mount"
+	"github.com/docker/docker/pkg/parsers"
+	zfs "github.com/mistifyio/go-zfs"
+	"github.com/opencontainers/runc/libcontainer/label"
+)
+
+type zfsOptions struct {
+	fsName    string
+	mountPath string
+}
+
+func init() {
+	graphdriver.Register("zfs", Init)
+}
+
+// Logger returns a zfs logger implementation.
+type Logger struct{}
+
+// Log wraps log message from ZFS driver with a prefix '[zfs]'.
+func (*Logger) Log(cmd []string) {
+	logrus.Debugf("[zfs] %s", strings.Join(cmd, " "))
+}
+
+// Init returns a new ZFS driver.
+// It takes base mount path and a array of options which are represented as key value pairs.
+// Each option is in the for key=value. 'zfs.fsname' is expected to be a valid key in the options.
+func Init(base string, opt []string, uidMaps, gidMaps []idtools.IDMap) (graphdriver.Driver, error) {
+	var err error
+
+	if _, err := exec.LookPath("zfs"); err != nil {
+		logrus.Debugf("[zfs] zfs command is not available: %v", err)
+		return nil, graphdriver.ErrPrerequisites
+	}
+
+	file, err := os.OpenFile("/dev/zfs", os.O_RDWR, 600)
+	if err != nil {
+		logrus.Debugf("[zfs] cannot open /dev/zfs: %v", err)
+		return nil, graphdriver.ErrPrerequisites
+	}
+	defer file.Close()
+
+	options, err := parseOptions(opt)
+	if err != nil {
+		return nil, err
+	}
+	options.mountPath = base
+
+	rootdir := path.Dir(base)
+
+	if options.fsName == "" {
+		err = checkRootdirFs(rootdir)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if options.fsName == "" {
+		options.fsName, err = lookupZfsDataset(rootdir)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	zfs.SetLogger(new(Logger))
+
+	filesystems, err := zfs.Filesystems(options.fsName)
+	if err != nil {
+		return nil, fmt.Errorf("Cannot find root filesystem %s: %v", options.fsName, err)
+	}
+
+	filesystemsCache := make(map[string]bool, len(filesystems))
+	var rootDataset *zfs.Dataset
+	for _, fs := range filesystems {
+		if fs.Name == options.fsName {
+			rootDataset = fs
+		}
+		filesystemsCache[fs.Name] = true
+	}
+
+	if rootDataset == nil {
+		return nil, fmt.Errorf("BUG: zfs get all -t filesystem -rHp '%s' should contain '%s'", options.fsName, options.fsName)
+	}
+
+	d := &Driver{
+		dataset:          rootDataset,
+		options:          options,
+		filesystemsCache: filesystemsCache,
+		uidMaps:          uidMaps,
+		gidMaps:          gidMaps,
+		ctr:              graphdriver.NewRefCounter(),
+	}
+	return graphdriver.NewNaiveDiffDriver(d, uidMaps, gidMaps), nil
+}
+
+func parseOptions(opt []string) (zfsOptions, error) {
+	var options zfsOptions
+	options.fsName = ""
+	for _, option := range opt {
+		key, val, err := parsers.ParseKeyValueOpt(option)
+		if err != nil {
+			return options, err
+		}
+		key = strings.ToLower(key)
+		switch key {
+		case "zfs.fsname":
+			options.fsName = val
+		default:
+			return options, fmt.Errorf("Unknown option %s", key)
+		}
+	}
+	return options, nil
+}
+
+func lookupZfsDataset(rootdir string) (string, error) {
+	var stat syscall.Stat_t
+	if err := syscall.Stat(rootdir, &stat); err != nil {
+		return "", fmt.Errorf("Failed to access '%s': %s", rootdir, err)
+	}
+	wantedDev := stat.Dev
+
+	mounts, err := mount.GetMounts()
+	if err != nil {
+		return "", err
+	}
+	for _, m := range mounts {
+		if err := syscall.Stat(m.Mountpoint, &stat); err != nil {
+			logrus.Debugf("[zfs] failed to stat '%s' while scanning for zfs mount: %v", m.Mountpoint, err)
+			continue // may fail on fuse file systems
+		}
+
+		if stat.Dev == wantedDev && m.Fstype == "zfs" {
+			return m.Source, nil
+		}
+	}
+
+	return "", fmt.Errorf("Failed to find zfs dataset mounted on '%s' in /proc/mounts", rootdir)
+}
+
+// Driver holds information about the driver, such as zfs dataset, options and cache.
+type Driver struct {
+	dataset          *zfs.Dataset
+	options          zfsOptions
+	sync.Mutex       // protects filesystem cache against concurrent access
+	filesystemsCache map[string]bool
+	uidMaps          []idtools.IDMap
+	gidMaps          []idtools.IDMap
+	ctr              *graphdriver.RefCounter
+}
+
+func (d *Driver) String() string {
+	return "zfs"
+}
+
+// Cleanup is used to implement graphdriver.ProtoDriver. There is no cleanup required for this driver.
+func (d *Driver) Cleanup() error {
+	return nil
+}
+
+// Status returns information about the ZFS filesystem. It returns a two dimensional array of information
+// such as pool name, dataset name, disk usage, parent quota and compression used.
+// Currently it return 'Zpool', 'Zpool Health', 'Parent Dataset', 'Space Used By Parent',
+// 'Space Available', 'Parent Quota' and 'Compression'.
+func (d *Driver) Status() [][2]string {
+	parts := strings.Split(d.dataset.Name, "/")
+	pool, err := zfs.GetZpool(parts[0])
+
+	var poolName, poolHealth string
+	if err == nil {
+		poolName = pool.Name
+		poolHealth = pool.Health
+	} else {
+		poolName = fmt.Sprintf("error while getting pool information %v", err)
+		poolHealth = "not available"
+	}
+
+	quota := "no"
+	if d.dataset.Quota != 0 {
+		quota = strconv.FormatUint(d.dataset.Quota, 10)
+	}
+
+	return [][2]string{
+		{"Zpool", poolName},
+		{"Zpool Health", poolHealth},
+		{"Parent Dataset", d.dataset.Name},
+		{"Space Used By Parent", strconv.FormatUint(d.dataset.Used, 10)},
+		{"Space Available", strconv.FormatUint(d.dataset.Avail, 10)},
+		{"Parent Quota", quota},
+		{"Compression", d.dataset.Compression},
+	}
+}
+
+// GetMetadata returns image/container metadata related to graph driver
+func (d *Driver) GetMetadata(id string) (map[string]string, error) {
+	return nil, nil
+}
+
+func (d *Driver) cloneFilesystem(name, parentName string) error {
+	snapshotName := fmt.Sprintf("%d", time.Now().Nanosecond())
+	parentDataset := zfs.Dataset{Name: parentName}
+	snapshot, err := parentDataset.Snapshot(snapshotName /*recursive */, false)
+	if err != nil {
+		return err
+	}
+
+	_, err = snapshot.Clone(name, map[string]string{"mountpoint": "legacy"})
+	if err == nil {
+		d.Lock()
+		d.filesystemsCache[name] = true
+		d.Unlock()
+	}
+
+	if err != nil {
+		snapshot.Destroy(zfs.DestroyDeferDeletion)
+		return err
+	}
+	return snapshot.Destroy(zfs.DestroyDeferDeletion)
+}
+
+func (d *Driver) zfsPath(id string) string {
+	return d.options.fsName + "/" + id
+}
+
+func (d *Driver) mountPath(id string) string {
+	return path.Join(d.options.mountPath, "graph", getMountpoint(id))
+}
+
+// Create prepares the dataset and filesystem for the ZFS driver for the given id under the parent.
+func (d *Driver) Create(id string, parent string, mountLabel string) error {
+	err := d.create(id, parent)
+	if err == nil {
+		return nil
+	}
+	if zfsError, ok := err.(*zfs.Error); ok {
+		if !strings.HasSuffix(zfsError.Stderr, "dataset already exists\n") {
+			return err
+		}
+		// aborted build -> cleanup
+	} else {
+		return err
+	}
+
+	dataset := zfs.Dataset{Name: d.zfsPath(id)}
+	if err := dataset.Destroy(zfs.DestroyRecursiveClones); err != nil {
+		return err
+	}
+
+	// retry
+	return d.create(id, parent)
+}
+
+func (d *Driver) create(id, parent string) error {
+	name := d.zfsPath(id)
+	if parent == "" {
+		mountoptions := map[string]string{"mountpoint": "legacy"}
+		fs, err := zfs.CreateFilesystem(name, mountoptions)
+		if err == nil {
+			d.Lock()
+			d.filesystemsCache[fs.Name] = true
+			d.Unlock()
+		}
+		return err
+	}
+	return d.cloneFilesystem(name, d.zfsPath(parent))
+}
+
+// Remove deletes the dataset, filesystem and the cache for the given id.
+func (d *Driver) Remove(id string) error {
+	name := d.zfsPath(id)
+	dataset := zfs.Dataset{Name: name}
+	err := dataset.Destroy(zfs.DestroyRecursive)
+	if err == nil {
+		d.Lock()
+		delete(d.filesystemsCache, name)
+		d.Unlock()
+	}
+	return err
+}
+
+// Get returns the mountpoint for the given id after creating the target directories if necessary.
+func (d *Driver) Get(id, mountLabel string) (string, error) {
+	mountpoint := d.mountPath(id)
+	if count := d.ctr.Increment(id); count > 1 {
+		return mountpoint, nil
+	}
+
+	filesystem := d.zfsPath(id)
+	options := label.FormatMountLabel("", mountLabel)
+	logrus.Debugf(`[zfs] mount("%s", "%s", "%s")`, filesystem, mountpoint, options)
+
+	rootUID, rootGID, err := idtools.GetRootUIDGID(d.uidMaps, d.gidMaps)
+	if err != nil {
+		d.ctr.Decrement(id)
+		return "", err
+	}
+	// Create the target directories if they don't exist
+	if err := idtools.MkdirAllAs(mountpoint, 0755, rootUID, rootGID); err != nil {
+		d.ctr.Decrement(id)
+		return "", err
+	}
+
+	if err := mount.Mount(filesystem, mountpoint, "zfs", options); err != nil {
+		d.ctr.Decrement(id)
+		return "", fmt.Errorf("error creating zfs mount of %s to %s: %v", filesystem, mountpoint, err)
+	}
+
+	// this could be our first mount after creation of the filesystem, and the root dir may still have root
+	// permissions instead of the remapped root uid:gid (if user namespaces are enabled):
+	if err := os.Chown(mountpoint, rootUID, rootGID); err != nil {
+		mount.Unmount(mountpoint)
+		d.ctr.Decrement(id)
+		return "", fmt.Errorf("error modifying zfs mountpoint (%s) directory ownership: %v", mountpoint, err)
+	}
+
+	return mountpoint, nil
+}
+
+// Put removes the existing mountpoint for the given id if it exists.
+func (d *Driver) Put(id string) error {
+	if count := d.ctr.Decrement(id); count > 0 {
+		return nil
+	}
+	mountpoint := d.mountPath(id)
+	mounted, err := graphdriver.Mounted(graphdriver.FsMagicZfs, mountpoint)
+	if err != nil || !mounted {
+		return err
+	}
+
+	logrus.Debugf(`[zfs] unmount("%s")`, mountpoint)
+
+	if err := mount.Unmount(mountpoint); err != nil {
+		return fmt.Errorf("error unmounting to %s: %v", mountpoint, err)
+	}
+	return nil
+}
+
+// Exists checks to see if the cache entry exists for the given id.
+func (d *Driver) Exists(id string) bool {
+	d.Lock()
+	defer d.Unlock()
+	return d.filesystemsCache[d.zfsPath(id)] == true
+}
diff --git a/daemon/graphdriver/zfs/zfs_freebsd.go b/daemon/graphdriver/zfs/zfs_freebsd.go
new file mode 100644
index 00000000..1c05fa79
--- /dev/null
+++ b/daemon/graphdriver/zfs/zfs_freebsd.go
@@ -0,0 +1,38 @@
+package zfs
+
+import (
+	"fmt"
+	"strings"
+	"syscall"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/daemon/graphdriver"
+)
+
+func checkRootdirFs(rootdir string) error {
+	var buf syscall.Statfs_t
+	if err := syscall.Statfs(rootdir, &buf); err != nil {
+		return fmt.Errorf("Failed to access '%s': %s", rootdir, err)
+	}
+
+	// on FreeBSD buf.Fstypename contains ['z', 'f', 's', 0 ... ]
+	if (buf.Fstypename[0] != 122) || (buf.Fstypename[1] != 102) || (buf.Fstypename[2] != 115) || (buf.Fstypename[3] != 0) {
+		logrus.Debugf("[zfs] no zfs dataset found for rootdir '%s'", rootdir)
+		return graphdriver.ErrPrerequisites
+	}
+
+	return nil
+}
+
+func getMountpoint(id string) string {
+	maxlen := 12
+
+	// we need to preserve filesystem suffix
+	suffix := strings.SplitN(id, "-", 2)
+
+	if len(suffix) > 1 {
+		return id[:maxlen] + "-" + suffix[1]
+	}
+
+	return id[:maxlen]
+}
diff --git a/daemon/graphdriver/zfs/zfs_linux.go b/daemon/graphdriver/zfs/zfs_linux.go
new file mode 100644
index 00000000..52ed5160
--- /dev/null
+++ b/daemon/graphdriver/zfs/zfs_linux.go
@@ -0,0 +1,27 @@
+package zfs
+
+import (
+	"fmt"
+	"syscall"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/daemon/graphdriver"
+)
+
+func checkRootdirFs(rootdir string) error {
+	var buf syscall.Statfs_t
+	if err := syscall.Statfs(rootdir, &buf); err != nil {
+		return fmt.Errorf("Failed to access '%s': %s", rootdir, err)
+	}
+
+	if graphdriver.FsMagic(buf.Type) != graphdriver.FsMagicZfs {
+		logrus.Debugf("[zfs] no zfs dataset found for rootdir '%s'", rootdir)
+		return graphdriver.ErrPrerequisites
+	}
+
+	return nil
+}
+
+func getMountpoint(id string) string {
+	return id
+}
diff --git a/daemon/graphdriver/zfs/zfs_test.go b/daemon/graphdriver/zfs/zfs_test.go
new file mode 100644
index 00000000..0e7937ec
--- /dev/null
+++ b/daemon/graphdriver/zfs/zfs_test.go
@@ -0,0 +1,31 @@
+// +build linux
+
+package zfs
+
+import (
+	"testing"
+
+	"github.com/docker/docker/daemon/graphdriver/graphtest"
+)
+
+// This avoids creating a new driver for each test if all tests are run
+// Make sure to put new tests between TestZfsSetup and TestZfsTeardown
+func TestZfsSetup(t *testing.T) {
+	graphtest.GetDriver(t, "zfs")
+}
+
+func TestZfsCreateEmpty(t *testing.T) {
+	graphtest.DriverTestCreateEmpty(t, "zfs")
+}
+
+func TestZfsCreateBase(t *testing.T) {
+	graphtest.DriverTestCreateBase(t, "zfs")
+}
+
+func TestZfsCreateSnap(t *testing.T) {
+	graphtest.DriverTestCreateSnap(t, "zfs")
+}
+
+func TestZfsTeardown(t *testing.T) {
+	graphtest.PutDriver(t)
+}
diff --git a/daemon/graphdriver/zfs/zfs_unsupported.go b/daemon/graphdriver/zfs/zfs_unsupported.go
new file mode 100644
index 00000000..643b169b
--- /dev/null
+++ b/daemon/graphdriver/zfs/zfs_unsupported.go
@@ -0,0 +1,11 @@
+// +build !linux,!freebsd
+
+package zfs
+
+func checkRootdirFs(rootdir string) error {
+	return nil
+}
+
+func getMountpoint(id string) string {
+	return id
+}
diff --git a/daemon/image_delete.go b/daemon/image_delete.go
new file mode 100644
index 00000000..7c6329a6
--- /dev/null
+++ b/daemon/image_delete.go
@@ -0,0 +1,371 @@
+package daemon
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/errors"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/docker/reference"
+	"github.com/docker/engine-api/types"
+)
+
+type conflictType int
+
+const (
+	conflictDependentChild conflictType = (1 << iota)
+	conflictRunningContainer
+	conflictActiveReference
+	conflictStoppedContainer
+	conflictHard = conflictDependentChild | conflictRunningContainer
+	conflictSoft = conflictActiveReference | conflictStoppedContainer
+)
+
+// ImageDelete deletes the image referenced by the given imageRef from this
+// daemon. The given imageRef can be an image ID, ID prefix, or a repository
+// reference (with an optional tag or digest, defaulting to the tag name
+// "latest"). There is differing behavior depending on whether the given
+// imageRef is a repository reference or not.
+//
+// If the given imageRef is a repository reference then that repository
+// reference will be removed. However, if there exists any containers which
+// were created using the same image reference then the repository reference
+// cannot be removed unless either there are other repository references to the
+// same image or force is true. Following removal of the repository reference,
+// the referenced image itself will attempt to be deleted as described below
+// but quietly, meaning any image delete conflicts will cause the image to not
+// be deleted and the conflict will not be reported.
+//
+// There may be conflicts preventing deletion of an image and these conflicts
+// are divided into two categories grouped by their severity:
+//
+// Hard Conflict:
+// 	- a pull or build using the image.
+// 	- any descendant image.
+// 	- any running container using the image.
+//
+// Soft Conflict:
+// 	- any stopped container using the image.
+// 	- any repository tag or digest references to the image.
+//
+// The image cannot be removed if there are any hard conflicts and can be
+// removed if there are soft conflicts only if force is true.
+//
+// If prune is true, ancestor images will each attempt to be deleted quietly,
+// meaning any delete conflicts will cause the image to not be deleted and the
+// conflict will not be reported.
+//
+// FIXME: remove ImageDelete's dependency on Daemon, then move to the graph
+// package. This would require that we no longer need the daemon to determine
+// whether images are being used by a stopped or running container.
+func (daemon *Daemon) ImageDelete(imageRef string, force, prune bool) ([]types.ImageDelete, error) {
+	records := []types.ImageDelete{}
+
+	imgID, err := daemon.GetImageID(imageRef)
+	if err != nil {
+		return nil, daemon.imageNotExistToErrcode(err)
+	}
+
+	repoRefs := daemon.referenceStore.References(imgID)
+
+	var removedRepositoryRef bool
+	if !isImageIDPrefix(imgID.String(), imageRef) {
+		// A repository reference was given and should be removed
+		// first. We can only remove this reference if either force is
+		// true, there are multiple repository references to this
+		// image, or there are no containers using the given reference.
+		if !(force || len(repoRefs) > 1) {
+			if container := daemon.getContainerUsingImage(imgID); container != nil {
+				// If we removed the repository reference then
+				// this image would remain "dangling" and since
+				// we really want to avoid that the client must
+				// explicitly force its removal.
+				err := fmt.Errorf("conflict: unable to remove repository reference %q (must force) - container %s is using its referenced image %s", imageRef, stringid.TruncateID(container.ID), stringid.TruncateID(imgID.String()))
+				return nil, errors.NewRequestConflictError(err)
+			}
+		}
+
+		parsedRef, err := reference.ParseNamed(imageRef)
+		if err != nil {
+			return nil, err
+		}
+
+		parsedRef, err = daemon.removeImageRef(parsedRef)
+		if err != nil {
+			return nil, err
+		}
+
+		untaggedRecord := types.ImageDelete{Untagged: parsedRef.String()}
+
+		daemon.LogImageEvent(imgID.String(), imgID.String(), "untag")
+		records = append(records, untaggedRecord)
+
+		repoRefs = daemon.referenceStore.References(imgID)
+
+		// If this is a tag reference and all the remaining references
+		// to this image are digest references, delete the remaining
+		// references so that they don't prevent removal of the image.
+		if _, isCanonical := parsedRef.(reference.Canonical); !isCanonical {
+			foundTagRef := false
+			for _, repoRef := range repoRefs {
+				if _, repoRefIsCanonical := repoRef.(reference.Canonical); !repoRefIsCanonical {
+					foundTagRef = true
+					break
+				}
+			}
+			if !foundTagRef {
+				for _, repoRef := range repoRefs {
+					if _, err := daemon.removeImageRef(repoRef); err != nil {
+						return records, err
+					}
+
+					untaggedRecord := types.ImageDelete{Untagged: repoRef.String()}
+					records = append(records, untaggedRecord)
+				}
+				repoRefs = []reference.Named{}
+			}
+		}
+
+		// If it has remaining references then the untag finished the remove
+		if len(repoRefs) > 0 {
+			return records, nil
+		}
+
+		removedRepositoryRef = true
+	} else {
+		// If an ID reference was given AND there is exactly one
+		// repository reference to the image then we will want to
+		// remove that reference.
+		// FIXME: Is this the behavior we want?
+		if len(repoRefs) == 1 {
+			c := conflictHard
+			if !force {
+				c |= conflictSoft &^ conflictActiveReference
+			}
+			if conflict := daemon.checkImageDeleteConflict(imgID, c); conflict != nil {
+				return nil, conflict
+			}
+
+			parsedRef, err := daemon.removeImageRef(repoRefs[0])
+			if err != nil {
+				return nil, err
+			}
+
+			untaggedRecord := types.ImageDelete{Untagged: parsedRef.String()}
+
+			daemon.LogImageEvent(imgID.String(), imgID.String(), "untag")
+			records = append(records, untaggedRecord)
+		}
+	}
+
+	return records, daemon.imageDeleteHelper(imgID, &records, force, prune, removedRepositoryRef)
+}
+
+// isImageIDPrefix returns whether the given possiblePrefix is a prefix of the
+// given imageID.
+func isImageIDPrefix(imageID, possiblePrefix string) bool {
+	if strings.HasPrefix(imageID, possiblePrefix) {
+		return true
+	}
+
+	if i := strings.IndexRune(imageID, ':'); i >= 0 {
+		return strings.HasPrefix(imageID[i+1:], possiblePrefix)
+	}
+
+	return false
+}
+
+// getContainerUsingImage returns a container that was created using the given
+// imageID. Returns nil if there is no such container.
+func (daemon *Daemon) getContainerUsingImage(imageID image.ID) *container.Container {
+	return daemon.containers.First(func(c *container.Container) bool {
+		return c.ImageID == imageID
+	})
+}
+
+// removeImageRef attempts to parse and remove the given image reference from
+// this daemon's store of repository tag/digest references. The given
+// repositoryRef must not be an image ID but a repository name followed by an
+// optional tag or digest reference. If tag or digest is omitted, the default
+// tag is used. Returns the resolved image reference and an error.
+func (daemon *Daemon) removeImageRef(ref reference.Named) (reference.Named, error) {
+	ref = reference.WithDefaultTag(ref)
+	// Ignore the boolean value returned, as far as we're concerned, this
+	// is an idempotent operation and it's okay if the reference didn't
+	// exist in the first place.
+	_, err := daemon.referenceStore.Delete(ref)
+
+	return ref, err
+}
+
+// removeAllReferencesToImageID attempts to remove every reference to the given
+// imgID from this daemon's store of repository tag/digest references. Returns
+// on the first encountered error. Removed references are logged to this
+// daemon's event service. An "Untagged" types.ImageDelete is added to the
+// given list of records.
+func (daemon *Daemon) removeAllReferencesToImageID(imgID image.ID, records *[]types.ImageDelete) error {
+	imageRefs := daemon.referenceStore.References(imgID)
+
+	for _, imageRef := range imageRefs {
+		parsedRef, err := daemon.removeImageRef(imageRef)
+		if err != nil {
+			return err
+		}
+
+		untaggedRecord := types.ImageDelete{Untagged: parsedRef.String()}
+
+		daemon.LogImageEvent(imgID.String(), imgID.String(), "untag")
+		*records = append(*records, untaggedRecord)
+	}
+
+	return nil
+}
+
+// ImageDeleteConflict holds a soft or hard conflict and an associated error.
+// Implements the error interface.
+type imageDeleteConflict struct {
+	hard    bool
+	used    bool
+	imgID   image.ID
+	message string
+}
+
+func (idc *imageDeleteConflict) Error() string {
+	var forceMsg string
+	if idc.hard {
+		forceMsg = "cannot be forced"
+	} else {
+		forceMsg = "must be forced"
+	}
+
+	return fmt.Sprintf("conflict: unable to delete %s (%s) - %s", stringid.TruncateID(idc.imgID.String()), forceMsg, idc.message)
+}
+
+// imageDeleteHelper attempts to delete the given image from this daemon. If
+// the image has any hard delete conflicts (child images or running containers
+// using the image) then it cannot be deleted. If the image has any soft delete
+// conflicts (any tags/digests referencing the image or any stopped container
+// using the image) then it can only be deleted if force is true. If the delete
+// succeeds and prune is true, the parent images are also deleted if they do
+// not have any soft or hard delete conflicts themselves. Any deleted images
+// and untagged references are appended to the given records. If any error or
+// conflict is encountered, it will be returned immediately without deleting
+// the image. If quiet is true, any encountered conflicts will be ignored and
+// the function will return nil immediately without deleting the image.
+func (daemon *Daemon) imageDeleteHelper(imgID image.ID, records *[]types.ImageDelete, force, prune, quiet bool) error {
+	// First, determine if this image has any conflicts. Ignore soft conflicts
+	// if force is true.
+	c := conflictHard
+	if !force {
+		c |= conflictSoft
+	}
+	if conflict := daemon.checkImageDeleteConflict(imgID, c); conflict != nil {
+		if quiet && (!daemon.imageIsDangling(imgID) || conflict.used) {
+			// Ignore conflicts UNLESS the image is "dangling" or not being used in
+			// which case we want the user to know.
+			return nil
+		}
+
+		// There was a conflict and it's either a hard conflict OR we are not
+		// forcing deletion on soft conflicts.
+		return conflict
+	}
+
+	parent, err := daemon.imageStore.GetParent(imgID)
+	if err != nil {
+		// There may be no parent
+		parent = ""
+	}
+
+	// Delete all repository tag/digest references to this image.
+	if err := daemon.removeAllReferencesToImageID(imgID, records); err != nil {
+		return err
+	}
+
+	removedLayers, err := daemon.imageStore.Delete(imgID)
+	if err != nil {
+		return err
+	}
+
+	daemon.LogImageEvent(imgID.String(), imgID.String(), "delete")
+	*records = append(*records, types.ImageDelete{Deleted: imgID.String()})
+	for _, removedLayer := range removedLayers {
+		*records = append(*records, types.ImageDelete{Deleted: removedLayer.ChainID.String()})
+	}
+
+	if !prune || parent == "" {
+		return nil
+	}
+
+	// We need to prune the parent image. This means delete it if there are
+	// no tags/digests referencing it and there are no containers using it (
+	// either running or stopped).
+	// Do not force prunings, but do so quietly (stopping on any encountered
+	// conflicts).
+	return daemon.imageDeleteHelper(parent, records, false, true, true)
+}
+
+// checkImageDeleteConflict determines whether there are any conflicts
+// preventing deletion of the given image from this daemon. A hard conflict is
+// any image which has the given image as a parent or any running container
+// using the image. A soft conflict is any tags/digest referencing the given
+// image or any stopped container using the image. If ignoreSoftConflicts is
+// true, this function will not check for soft conflict conditions.
+func (daemon *Daemon) checkImageDeleteConflict(imgID image.ID, mask conflictType) *imageDeleteConflict {
+	// Check if the image has any descendant images.
+	if mask&conflictDependentChild != 0 && len(daemon.imageStore.Children(imgID)) > 0 {
+		return &imageDeleteConflict{
+			hard:    true,
+			imgID:   imgID,
+			message: "image has dependent child images",
+		}
+	}
+
+	if mask&conflictRunningContainer != 0 {
+		// Check if any running container is using the image.
+		running := func(c *container.Container) bool {
+			return c.IsRunning() && c.ImageID == imgID
+		}
+		if container := daemon.containers.First(running); container != nil {
+			return &imageDeleteConflict{
+				imgID:   imgID,
+				hard:    true,
+				used:    true,
+				message: fmt.Sprintf("image is being used by running container %s", stringid.TruncateID(container.ID)),
+			}
+		}
+	}
+
+	// Check if any repository tags/digest reference this image.
+	if mask&conflictActiveReference != 0 && len(daemon.referenceStore.References(imgID)) > 0 {
+		return &imageDeleteConflict{
+			imgID:   imgID,
+			message: "image is referenced in one or more repositories",
+		}
+	}
+
+	if mask&conflictStoppedContainer != 0 {
+		// Check if any stopped containers reference this image.
+		stopped := func(c *container.Container) bool {
+			return !c.IsRunning() && c.ImageID == imgID
+		}
+		if container := daemon.containers.First(stopped); container != nil {
+			return &imageDeleteConflict{
+				imgID:   imgID,
+				used:    true,
+				message: fmt.Sprintf("image is being used by stopped container %s", stringid.TruncateID(container.ID)),
+			}
+		}
+	}
+
+	return nil
+}
+
+// imageIsDangling returns whether the given image is "dangling" which means
+// that there are no repository references to the given image and it has no
+// child images.
+func (daemon *Daemon) imageIsDangling(imgID image.ID) bool {
+	return !(len(daemon.referenceStore.References(imgID)) > 0 || len(daemon.imageStore.Children(imgID)) > 0)
+}
diff --git a/daemon/images.go b/daemon/images.go
new file mode 100644
index 00000000..e4c3797f
--- /dev/null
+++ b/daemon/images.go
@@ -0,0 +1,162 @@
+package daemon
+
+import (
+	"fmt"
+	"path"
+	"sort"
+
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/reference"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/filters"
+)
+
+var acceptedImageFilterTags = map[string]bool{
+	"dangling": true,
+	"label":    true,
+}
+
+// byCreated is a temporary type used to sort a list of images by creation
+// time.
+type byCreated []*types.Image
+
+func (r byCreated) Len() int           { return len(r) }
+func (r byCreated) Swap(i, j int)      { r[i], r[j] = r[j], r[i] }
+func (r byCreated) Less(i, j int) bool { return r[i].Created < r[j].Created }
+
+// Map returns a map of all images in the ImageStore
+func (daemon *Daemon) Map() map[image.ID]*image.Image {
+	return daemon.imageStore.Map()
+}
+
+// Images returns a filtered list of images. filterArgs is a JSON-encoded set
+// of filter arguments which will be interpreted by api/types/filters.
+// filter is a shell glob string applied to repository names. The argument
+// named all controls whether all images in the graph are filtered, or just
+// the heads.
+func (daemon *Daemon) Images(filterArgs, filter string, all bool) ([]*types.Image, error) {
+	var (
+		allImages    map[image.ID]*image.Image
+		err          error
+		danglingOnly = false
+	)
+
+	imageFilters, err := filters.FromParam(filterArgs)
+	if err != nil {
+		return nil, err
+	}
+	if err := imageFilters.Validate(acceptedImageFilterTags); err != nil {
+		return nil, err
+	}
+
+	if imageFilters.Include("dangling") {
+		if imageFilters.ExactMatch("dangling", "true") {
+			danglingOnly = true
+		} else if !imageFilters.ExactMatch("dangling", "false") {
+			return nil, fmt.Errorf("Invalid filter 'dangling=%s'", imageFilters.Get("dangling"))
+		}
+	}
+	if danglingOnly {
+		allImages = daemon.imageStore.Heads()
+	} else {
+		allImages = daemon.imageStore.Map()
+	}
+
+	images := []*types.Image{}
+
+	var filterTagged bool
+	if filter != "" {
+		filterRef, err := reference.ParseNamed(filter)
+		if err == nil { // parse error means wildcard repo
+			if _, ok := filterRef.(reference.NamedTagged); ok {
+				filterTagged = true
+			}
+		}
+	}
+
+	for id, img := range allImages {
+		if imageFilters.Include("label") {
+			// Very old image that do not have image.Config (or even labels)
+			if img.Config == nil {
+				continue
+			}
+			// We are now sure image.Config is not nil
+			if !imageFilters.MatchKVList("label", img.Config.Labels) {
+				continue
+			}
+		}
+
+		layerID := img.RootFS.ChainID()
+		var size int64
+		if layerID != "" {
+			l, err := daemon.layerStore.Get(layerID)
+			if err != nil {
+				return nil, err
+			}
+
+			size, err = l.Size()
+			layer.ReleaseAndLog(daemon.layerStore, l)
+			if err != nil {
+				return nil, err
+			}
+		}
+
+		newImage := newImage(img, size)
+
+		for _, ref := range daemon.referenceStore.References(id) {
+			if filter != "" { // filter by tag/repo name
+				if filterTagged { // filter by tag, require full ref match
+					if ref.String() != filter {
+						continue
+					}
+				} else if matched, err := path.Match(filter, ref.Name()); !matched || err != nil { // name only match, FIXME: docs say exact
+					continue
+				}
+			}
+			if _, ok := ref.(reference.Canonical); ok {
+				newImage.RepoDigests = append(newImage.RepoDigests, ref.String())
+			}
+			if _, ok := ref.(reference.NamedTagged); ok {
+				newImage.RepoTags = append(newImage.RepoTags, ref.String())
+			}
+		}
+		if newImage.RepoDigests == nil && newImage.RepoTags == nil {
+			if all || len(daemon.imageStore.Children(id)) == 0 {
+
+				if imageFilters.Include("dangling") && !danglingOnly {
+					//dangling=false case, so dangling image is not needed
+					continue
+				}
+				if filter != "" { // skip images with no references if filtering by tag
+					continue
+				}
+				newImage.RepoDigests = []string{"<none>@<none>"}
+				newImage.RepoTags = []string{"<none>:<none>"}
+			} else {
+				continue
+			}
+		} else if danglingOnly {
+			continue
+		}
+
+		images = append(images, newImage)
+	}
+
+	sort.Sort(sort.Reverse(byCreated(images)))
+
+	return images, nil
+}
+
+func newImage(image *image.Image, size int64) *types.Image {
+	newImage := new(types.Image)
+	newImage.ParentID = image.Parent.String()
+	newImage.ID = image.ID().String()
+	newImage.Created = image.Created.Unix()
+	newImage.Size = size
+	newImage.VirtualSize = size
+	if image.Config != nil {
+		newImage.Labels = image.Config.Labels
+	}
+	return newImage
+}
diff --git a/daemon/import.go b/daemon/import.go
new file mode 100644
index 00000000..4961a30f
--- /dev/null
+++ b/daemon/import.go
@@ -0,0 +1,109 @@
+package daemon
+
+import (
+	"encoding/json"
+	"io"
+	"net/http"
+	"net/url"
+	"runtime"
+	"time"
+
+	"github.com/docker/docker/dockerversion"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/httputils"
+	"github.com/docker/docker/pkg/progress"
+	"github.com/docker/docker/pkg/streamformatter"
+	"github.com/docker/docker/reference"
+	"github.com/docker/engine-api/types/container"
+)
+
+// ImportImage imports an image, getting the archived layer data either from
+// inConfig (if src is "-"), or from a URI specified in src. Progress output is
+// written to outStream. Repository and tag names can optionally be given in
+// the repo and tag arguments, respectively.
+func (daemon *Daemon) ImportImage(src string, newRef reference.Named, msg string, inConfig io.ReadCloser, outStream io.Writer, config *container.Config) error {
+	var (
+		sf   = streamformatter.NewJSONStreamFormatter()
+		rc   io.ReadCloser
+		resp *http.Response
+	)
+
+	if src == "-" {
+		rc = inConfig
+	} else {
+		inConfig.Close()
+		u, err := url.Parse(src)
+		if err != nil {
+			return err
+		}
+		if u.Scheme == "" {
+			u.Scheme = "http"
+			u.Host = src
+			u.Path = ""
+		}
+		outStream.Write(sf.FormatStatus("", "Downloading from %s", u))
+		resp, err = httputils.Download(u.String())
+		if err != nil {
+			return err
+		}
+		progressOutput := sf.NewProgressOutput(outStream, true)
+		rc = progress.NewProgressReader(resp.Body, progressOutput, resp.ContentLength, "", "Importing")
+	}
+
+	defer rc.Close()
+	if len(msg) == 0 {
+		msg = "Imported from " + src
+	}
+
+	inflatedLayerData, err := archive.DecompressStream(rc)
+	if err != nil {
+		return err
+	}
+	// TODO: support windows baselayer?
+	l, err := daemon.layerStore.Register(inflatedLayerData, "")
+	if err != nil {
+		return err
+	}
+	defer layer.ReleaseAndLog(daemon.layerStore, l)
+
+	created := time.Now().UTC()
+	imgConfig, err := json.Marshal(&image.Image{
+		V1Image: image.V1Image{
+			DockerVersion: dockerversion.Version,
+			Config:        config,
+			Architecture:  runtime.GOARCH,
+			OS:            runtime.GOOS,
+			Created:       created,
+			Comment:       msg,
+		},
+		RootFS: &image.RootFS{
+			Type:    "layers",
+			DiffIDs: []layer.DiffID{l.DiffID()},
+		},
+		History: []image.History{{
+			Created: created,
+			Comment: msg,
+		}},
+	})
+	if err != nil {
+		return err
+	}
+
+	id, err := daemon.imageStore.Create(imgConfig)
+	if err != nil {
+		return err
+	}
+
+	// FIXME: connect with commit code and call refstore directly
+	if newRef != nil {
+		if err := daemon.TagImage(newRef, id.String()); err != nil {
+			return err
+		}
+	}
+
+	daemon.LogImageEvent(id.String(), id.String(), "import")
+	outStream.Write(sf.FormatStatus("", id.String()))
+	return nil
+}
diff --git a/daemon/info.go b/daemon/info.go
new file mode 100644
index 00000000..062b9649
--- /dev/null
+++ b/daemon/info.go
@@ -0,0 +1,167 @@
+package daemon
+
+import (
+	"os"
+	"runtime"
+	"sync/atomic"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/dockerversion"
+	"github.com/docker/docker/pkg/fileutils"
+	"github.com/docker/docker/pkg/parsers/kernel"
+	"github.com/docker/docker/pkg/parsers/operatingsystem"
+	"github.com/docker/docker/pkg/platform"
+	"github.com/docker/docker/pkg/sysinfo"
+	"github.com/docker/docker/pkg/system"
+	"github.com/docker/docker/registry"
+	"github.com/docker/docker/utils"
+	"github.com/docker/docker/volume/drivers"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/go-connections/sockets"
+)
+
+// SystemInfo returns information about the host server the daemon is running on.
+func (daemon *Daemon) SystemInfo() (*types.Info, error) {
+	kernelVersion := "<unknown>"
+	if kv, err := kernel.GetKernelVersion(); err != nil {
+		logrus.Warnf("Could not get kernel version: %v", err)
+	} else {
+		kernelVersion = kv.String()
+	}
+
+	operatingSystem := "<unknown>"
+	if s, err := operatingsystem.GetOperatingSystem(); err != nil {
+		logrus.Warnf("Could not get operating system name: %v", err)
+	} else {
+		operatingSystem = s
+	}
+
+	// Don't do containerized check on Windows
+	if runtime.GOOS != "windows" {
+		if inContainer, err := operatingsystem.IsContainerized(); err != nil {
+			logrus.Errorf("Could not determine if daemon is containerized: %v", err)
+			operatingSystem += " (error determining if containerized)"
+		} else if inContainer {
+			operatingSystem += " (containerized)"
+		}
+	}
+
+	meminfo, err := system.ReadMemInfo()
+	if err != nil {
+		logrus.Errorf("Could not read system memory info: %v", err)
+	}
+
+	sysInfo := sysinfo.New(true)
+
+	var cRunning, cPaused, cStopped int32
+	daemon.containers.ApplyAll(func(c *container.Container) {
+		switch c.StateString() {
+		case "paused":
+			atomic.AddInt32(&cPaused, 1)
+		case "running":
+			atomic.AddInt32(&cRunning, 1)
+		default:
+			atomic.AddInt32(&cStopped, 1)
+		}
+	})
+
+	v := &types.Info{
+		ID:                 daemon.ID,
+		Containers:         int(cRunning + cPaused + cStopped),
+		ContainersRunning:  int(cRunning),
+		ContainersPaused:   int(cPaused),
+		ContainersStopped:  int(cStopped),
+		Images:             len(daemon.imageStore.Map()),
+		Driver:             daemon.GraphDriverName(),
+		DriverStatus:       daemon.layerStore.DriverStatus(),
+		Plugins:            daemon.showPluginsInfo(),
+		IPv4Forwarding:     !sysInfo.IPv4ForwardingDisabled,
+		BridgeNfIptables:   !sysInfo.BridgeNFCallIPTablesDisabled,
+		BridgeNfIP6tables:  !sysInfo.BridgeNFCallIP6TablesDisabled,
+		Debug:              utils.IsDebugEnabled(),
+		NFd:                fileutils.GetTotalUsedFds(),
+		NGoroutines:        runtime.NumGoroutine(),
+		SystemTime:         time.Now().Format(time.RFC3339Nano),
+		LoggingDriver:      daemon.defaultLogConfig.Type,
+		CgroupDriver:       daemon.getCgroupDriver(),
+		NEventsListener:    daemon.EventsService.SubscribersCount(),
+		KernelVersion:      kernelVersion,
+		OperatingSystem:    operatingSystem,
+		IndexServerAddress: registry.IndexServer,
+		OSType:             platform.OSType,
+		Architecture:       platform.Architecture,
+		RegistryConfig:     daemon.RegistryService.ServiceConfig(),
+		NCPU:               runtime.NumCPU(),
+		MemTotal:           meminfo.MemTotal,
+		DockerRootDir:      daemon.configStore.Root,
+		Labels:             daemon.configStore.Labels,
+		ExperimentalBuild:  utils.ExperimentalBuild(),
+		ServerVersion:      dockerversion.Version,
+		ClusterStore:       daemon.configStore.ClusterStore,
+		ClusterAdvertise:   daemon.configStore.ClusterAdvertise,
+		HTTPProxy:          sockets.GetProxyEnv("http_proxy"),
+		HTTPSProxy:         sockets.GetProxyEnv("https_proxy"),
+		NoProxy:            sockets.GetProxyEnv("no_proxy"),
+	}
+
+	// TODO Windows. Refactor this more once sysinfo is refactored into
+	// platform specific code. On Windows, sysinfo.cgroupMemInfo and
+	// sysinfo.cgroupCpuInfo will be nil otherwise and cause a SIGSEGV if
+	// an attempt is made to access through them.
+	if runtime.GOOS != "windows" {
+		v.MemoryLimit = sysInfo.MemoryLimit
+		v.SwapLimit = sysInfo.SwapLimit
+		v.KernelMemory = sysInfo.KernelMemory
+		v.OomKillDisable = sysInfo.OomKillDisable
+		v.CPUCfsPeriod = sysInfo.CPUCfsPeriod
+		v.CPUCfsQuota = sysInfo.CPUCfsQuota
+		v.CPUShares = sysInfo.CPUShares
+		v.CPUSet = sysInfo.Cpuset
+	}
+
+	if hostname, err := os.Hostname(); err == nil {
+		v.Name = hostname
+	}
+
+	return v, nil
+}
+
+// SystemVersion returns version information about the daemon.
+func (daemon *Daemon) SystemVersion() types.Version {
+	v := types.Version{
+		Version:      dockerversion.Version,
+		GitCommit:    dockerversion.GitCommit,
+		GoVersion:    runtime.Version(),
+		Os:           runtime.GOOS,
+		Arch:         runtime.GOARCH,
+		BuildTime:    dockerversion.BuildTime,
+		Experimental: utils.ExperimentalBuild(),
+	}
+
+	kernelVersion := "<unknown>"
+	if kv, err := kernel.GetKernelVersion(); err != nil {
+		logrus.Warnf("Could not get kernel version: %v", err)
+	} else {
+		kernelVersion = kv.String()
+	}
+	v.KernelVersion = kernelVersion
+
+	return v
+}
+
+func (daemon *Daemon) showPluginsInfo() types.PluginsInfo {
+	var pluginsInfo types.PluginsInfo
+
+	pluginsInfo.Volume = volumedrivers.GetDriverList()
+
+	networkDriverList := daemon.GetNetworkDriverList()
+	for nd := range networkDriverList {
+		pluginsInfo.Network = append(pluginsInfo.Network, nd)
+	}
+
+	pluginsInfo.Authorization = daemon.configStore.AuthorizationPlugins
+
+	return pluginsInfo
+}
diff --git a/daemon/inspect.go b/daemon/inspect.go
new file mode 100644
index 00000000..2f810e3e
--- /dev/null
+++ b/daemon/inspect.go
@@ -0,0 +1,245 @@
+package daemon
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/docker/docker/api/types/backend"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/daemon/network"
+	"github.com/docker/docker/pkg/version"
+	"github.com/docker/engine-api/types"
+	networktypes "github.com/docker/engine-api/types/network"
+	"github.com/docker/engine-api/types/versions/v1p20"
+)
+
+// ContainerInspect returns low-level information about a
+// container. Returns an error if the container cannot be found, or if
+// there is an error getting the data.
+func (daemon *Daemon) ContainerInspect(name string, size bool, version version.Version) (interface{}, error) {
+	switch {
+	case version.LessThan("1.20"):
+		return daemon.containerInspectPre120(name)
+	case version.Equal("1.20"):
+		return daemon.containerInspect120(name)
+	}
+	return daemon.containerInspectCurrent(name, size)
+}
+
+func (daemon *Daemon) containerInspectCurrent(name string, size bool) (*types.ContainerJSON, error) {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return nil, err
+	}
+
+	container.Lock()
+	defer container.Unlock()
+
+	base, err := daemon.getInspectData(container, size)
+	if err != nil {
+		return nil, err
+	}
+
+	mountPoints := addMountPoints(container)
+	networkSettings := &types.NetworkSettings{
+		NetworkSettingsBase: types.NetworkSettingsBase{
+			Bridge:                 container.NetworkSettings.Bridge,
+			SandboxID:              container.NetworkSettings.SandboxID,
+			HairpinMode:            container.NetworkSettings.HairpinMode,
+			LinkLocalIPv6Address:   container.NetworkSettings.LinkLocalIPv6Address,
+			LinkLocalIPv6PrefixLen: container.NetworkSettings.LinkLocalIPv6PrefixLen,
+			Ports:                  container.NetworkSettings.Ports,
+			SandboxKey:             container.NetworkSettings.SandboxKey,
+			SecondaryIPAddresses:   container.NetworkSettings.SecondaryIPAddresses,
+			SecondaryIPv6Addresses: container.NetworkSettings.SecondaryIPv6Addresses,
+		},
+		DefaultNetworkSettings: daemon.getDefaultNetworkSettings(container.NetworkSettings.Networks),
+		Networks:               container.NetworkSettings.Networks,
+	}
+
+	return &types.ContainerJSON{
+		ContainerJSONBase: base,
+		Mounts:            mountPoints,
+		Config:            container.Config,
+		NetworkSettings:   networkSettings,
+	}, nil
+}
+
+// containerInspect120 serializes the master version of a container into a json type.
+func (daemon *Daemon) containerInspect120(name string) (*v1p20.ContainerJSON, error) {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return nil, err
+	}
+
+	container.Lock()
+	defer container.Unlock()
+
+	base, err := daemon.getInspectData(container, false)
+	if err != nil {
+		return nil, err
+	}
+
+	mountPoints := addMountPoints(container)
+	config := &v1p20.ContainerConfig{
+		Config:          container.Config,
+		MacAddress:      container.Config.MacAddress,
+		NetworkDisabled: container.Config.NetworkDisabled,
+		ExposedPorts:    container.Config.ExposedPorts,
+		VolumeDriver:    container.HostConfig.VolumeDriver,
+	}
+	networkSettings := daemon.getBackwardsCompatibleNetworkSettings(container.NetworkSettings)
+
+	return &v1p20.ContainerJSON{
+		ContainerJSONBase: base,
+		Mounts:            mountPoints,
+		Config:            config,
+		NetworkSettings:   networkSettings,
+	}, nil
+}
+
+func (daemon *Daemon) getInspectData(container *container.Container, size bool) (*types.ContainerJSONBase, error) {
+	// make a copy to play with
+	hostConfig := *container.HostConfig
+
+	children := daemon.children(container)
+	hostConfig.Links = nil // do not expose the internal structure
+	for linkAlias, child := range children {
+		hostConfig.Links = append(hostConfig.Links, fmt.Sprintf("%s:%s", child.Name, linkAlias))
+	}
+
+	// we need this trick to preserve empty log driver, so
+	// container will use daemon defaults even if daemon changes them
+	if hostConfig.LogConfig.Type == "" {
+		hostConfig.LogConfig.Type = daemon.defaultLogConfig.Type
+	}
+
+	if len(hostConfig.LogConfig.Config) == 0 {
+		hostConfig.LogConfig.Config = daemon.defaultLogConfig.Config
+	}
+
+	containerState := &types.ContainerState{
+		Status:     container.State.StateString(),
+		Running:    container.State.Running,
+		Paused:     container.State.Paused,
+		Restarting: container.State.Restarting,
+		OOMKilled:  container.State.OOMKilled,
+		Dead:       container.State.Dead,
+		Pid:        container.State.Pid,
+		ExitCode:   container.State.ExitCode,
+		Error:      container.State.Error,
+		StartedAt:  container.State.StartedAt.Format(time.RFC3339Nano),
+		FinishedAt: container.State.FinishedAt.Format(time.RFC3339Nano),
+	}
+
+	contJSONBase := &types.ContainerJSONBase{
+		ID:           container.ID,
+		Created:      container.Created.Format(time.RFC3339Nano),
+		Path:         container.Path,
+		Args:         container.Args,
+		State:        containerState,
+		Image:        container.ImageID.String(),
+		LogPath:      container.LogPath,
+		Name:         container.Name,
+		RestartCount: container.RestartCount,
+		Driver:       container.Driver,
+		MountLabel:   container.MountLabel,
+		ProcessLabel: container.ProcessLabel,
+		ExecIDs:      container.GetExecIDs(),
+		HostConfig:   &hostConfig,
+	}
+
+	var (
+		sizeRw     int64
+		sizeRootFs int64
+	)
+	if size {
+		sizeRw, sizeRootFs = daemon.getSize(container)
+		contJSONBase.SizeRw = &sizeRw
+		contJSONBase.SizeRootFs = &sizeRootFs
+	}
+
+	// Now set any platform-specific fields
+	contJSONBase = setPlatformSpecificContainerFields(container, contJSONBase)
+
+	contJSONBase.GraphDriver.Name = container.Driver
+
+	graphDriverData, err := container.RWLayer.Metadata()
+	if err != nil {
+		return nil, err
+	}
+	contJSONBase.GraphDriver.Data = graphDriverData
+
+	return contJSONBase, nil
+}
+
+// ContainerExecInspect returns low-level information about the exec
+// command. An error is returned if the exec cannot be found.
+func (daemon *Daemon) ContainerExecInspect(id string) (*backend.ExecInspect, error) {
+	e, err := daemon.getExecConfig(id)
+	if err != nil {
+		return nil, err
+	}
+
+	pc := inspectExecProcessConfig(e)
+
+	return &backend.ExecInspect{
+		ID:            e.ID,
+		Running:       e.Running,
+		ExitCode:      e.ExitCode,
+		ProcessConfig: pc,
+		OpenStdin:     e.OpenStdin,
+		OpenStdout:    e.OpenStdout,
+		OpenStderr:    e.OpenStderr,
+		CanRemove:     e.CanRemove,
+		ContainerID:   e.ContainerID,
+		DetachKeys:    e.DetachKeys,
+	}, nil
+}
+
+// VolumeInspect looks up a volume by name. An error is returned if
+// the volume cannot be found.
+func (daemon *Daemon) VolumeInspect(name string) (*types.Volume, error) {
+	v, err := daemon.volumes.Get(name)
+	if err != nil {
+		return nil, err
+	}
+	return volumeToAPIType(v), nil
+}
+
+func (daemon *Daemon) getBackwardsCompatibleNetworkSettings(settings *network.Settings) *v1p20.NetworkSettings {
+	result := &v1p20.NetworkSettings{
+		NetworkSettingsBase: types.NetworkSettingsBase{
+			Bridge:                 settings.Bridge,
+			SandboxID:              settings.SandboxID,
+			HairpinMode:            settings.HairpinMode,
+			LinkLocalIPv6Address:   settings.LinkLocalIPv6Address,
+			LinkLocalIPv6PrefixLen: settings.LinkLocalIPv6PrefixLen,
+			Ports:                  settings.Ports,
+			SandboxKey:             settings.SandboxKey,
+			SecondaryIPAddresses:   settings.SecondaryIPAddresses,
+			SecondaryIPv6Addresses: settings.SecondaryIPv6Addresses,
+		},
+		DefaultNetworkSettings: daemon.getDefaultNetworkSettings(settings.Networks),
+	}
+
+	return result
+}
+
+// getDefaultNetworkSettings creates the deprecated structure that holds the information
+// about the bridge network for a container.
+func (daemon *Daemon) getDefaultNetworkSettings(networks map[string]*networktypes.EndpointSettings) types.DefaultNetworkSettings {
+	var settings types.DefaultNetworkSettings
+
+	if defaultNetwork, ok := networks["bridge"]; ok {
+		settings.EndpointID = defaultNetwork.EndpointID
+		settings.Gateway = defaultNetwork.Gateway
+		settings.GlobalIPv6Address = defaultNetwork.GlobalIPv6Address
+		settings.GlobalIPv6PrefixLen = defaultNetwork.GlobalIPv6PrefixLen
+		settings.IPAddress = defaultNetwork.IPAddress
+		settings.IPPrefixLen = defaultNetwork.IPPrefixLen
+		settings.IPv6Gateway = defaultNetwork.IPv6Gateway
+		settings.MacAddress = defaultNetwork.MacAddress
+	}
+	return settings
+}
diff --git a/daemon/inspect_unix.go b/daemon/inspect_unix.go
new file mode 100644
index 00000000..6033c02d
--- /dev/null
+++ b/daemon/inspect_unix.go
@@ -0,0 +1,91 @@
+// +build !windows
+
+package daemon
+
+import (
+	"github.com/docker/docker/api/types/backend"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/daemon/exec"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/versions/v1p19"
+)
+
+// This sets platform-specific fields
+func setPlatformSpecificContainerFields(container *container.Container, contJSONBase *types.ContainerJSONBase) *types.ContainerJSONBase {
+	contJSONBase.AppArmorProfile = container.AppArmorProfile
+	contJSONBase.ResolvConfPath = container.ResolvConfPath
+	contJSONBase.HostnamePath = container.HostnamePath
+	contJSONBase.HostsPath = container.HostsPath
+
+	return contJSONBase
+}
+
+// containerInspectPre120 gets containers for pre 1.20 APIs.
+func (daemon *Daemon) containerInspectPre120(name string) (*v1p19.ContainerJSON, error) {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return nil, err
+	}
+
+	container.Lock()
+	defer container.Unlock()
+
+	base, err := daemon.getInspectData(container, false)
+	if err != nil {
+		return nil, err
+	}
+
+	volumes := make(map[string]string)
+	volumesRW := make(map[string]bool)
+	for _, m := range container.MountPoints {
+		volumes[m.Destination] = m.Path()
+		volumesRW[m.Destination] = m.RW
+	}
+
+	config := &v1p19.ContainerConfig{
+		Config:          container.Config,
+		MacAddress:      container.Config.MacAddress,
+		NetworkDisabled: container.Config.NetworkDisabled,
+		ExposedPorts:    container.Config.ExposedPorts,
+		VolumeDriver:    container.HostConfig.VolumeDriver,
+		Memory:          container.HostConfig.Memory,
+		MemorySwap:      container.HostConfig.MemorySwap,
+		CPUShares:       container.HostConfig.CPUShares,
+		CPUSet:          container.HostConfig.CpusetCpus,
+	}
+	networkSettings := daemon.getBackwardsCompatibleNetworkSettings(container.NetworkSettings)
+
+	return &v1p19.ContainerJSON{
+		ContainerJSONBase: base,
+		Volumes:           volumes,
+		VolumesRW:         volumesRW,
+		Config:            config,
+		NetworkSettings:   networkSettings,
+	}, nil
+}
+
+func addMountPoints(container *container.Container) []types.MountPoint {
+	mountPoints := make([]types.MountPoint, 0, len(container.MountPoints))
+	for _, m := range container.MountPoints {
+		mountPoints = append(mountPoints, types.MountPoint{
+			Name:        m.Name,
+			Source:      m.Path(),
+			Destination: m.Destination,
+			Driver:      m.Driver,
+			Mode:        m.Mode,
+			RW:          m.RW,
+			Propagation: m.Propagation,
+		})
+	}
+	return mountPoints
+}
+
+func inspectExecProcessConfig(e *exec.Config) *backend.ExecProcessConfig {
+	return &backend.ExecProcessConfig{
+		Tty:        e.Tty,
+		Entrypoint: e.Entrypoint,
+		Arguments:  e.Args,
+		Privileged: &e.Privileged,
+		User:       e.User,
+	}
+}
diff --git a/daemon/inspect_windows.go b/daemon/inspect_windows.go
new file mode 100644
index 00000000..22496e5b
--- /dev/null
+++ b/daemon/inspect_windows.go
@@ -0,0 +1,40 @@
+package daemon
+
+import (
+	"github.com/docker/docker/api/types/backend"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/daemon/exec"
+	"github.com/docker/engine-api/types"
+)
+
+// This sets platform-specific fields
+func setPlatformSpecificContainerFields(container *container.Container, contJSONBase *types.ContainerJSONBase) *types.ContainerJSONBase {
+	return contJSONBase
+}
+
+func addMountPoints(container *container.Container) []types.MountPoint {
+	mountPoints := make([]types.MountPoint, 0, len(container.MountPoints))
+	for _, m := range container.MountPoints {
+		mountPoints = append(mountPoints, types.MountPoint{
+			Name:        m.Name,
+			Source:      m.Path(),
+			Destination: m.Destination,
+			Driver:      m.Driver,
+			RW:          m.RW,
+		})
+	}
+	return mountPoints
+}
+
+// containerInspectPre120 get containers for pre 1.20 APIs.
+func (daemon *Daemon) containerInspectPre120(name string) (*types.ContainerJSON, error) {
+	return daemon.containerInspectCurrent(name, false)
+}
+
+func inspectExecProcessConfig(e *exec.Config) *backend.ExecProcessConfig {
+	return &backend.ExecProcessConfig{
+		Tty:        e.Tty,
+		Entrypoint: e.Entrypoint,
+		Arguments:  e.Args,
+	}
+}
diff --git a/daemon/kill.go b/daemon/kill.go
new file mode 100644
index 00000000..3967f0f2
--- /dev/null
+++ b/daemon/kill.go
@@ -0,0 +1,153 @@
+package daemon
+
+import (
+	"fmt"
+	"runtime"
+	"strings"
+	"syscall"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/pkg/signal"
+)
+
+type errNoSuchProcess struct {
+	pid    int
+	signal int
+}
+
+func (e errNoSuchProcess) Error() string {
+	return fmt.Sprintf("Cannot kill process (pid=%d) with signal %d: no such process.", e.pid, e.signal)
+}
+
+// isErrNoSuchProcess returns true if the error
+// is an instance of errNoSuchProcess.
+func isErrNoSuchProcess(err error) bool {
+	_, ok := err.(errNoSuchProcess)
+	return ok
+}
+
+// ContainerKill sends signal to the container
+// If no signal is given (sig 0), then Kill with SIGKILL and wait
+// for the container to exit.
+// If a signal is given, then just send it to the container and return.
+func (daemon *Daemon) ContainerKill(name string, sig uint64) error {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return err
+	}
+
+	if sig != 0 && !signal.ValidSignalForPlatform(syscall.Signal(sig)) {
+		return fmt.Errorf("The %s daemon does not support signal %d", runtime.GOOS, sig)
+	}
+
+	// If no signal is passed, or SIGKILL, perform regular Kill (SIGKILL + wait())
+	if sig == 0 || syscall.Signal(sig) == syscall.SIGKILL {
+		return daemon.Kill(container)
+	}
+	return daemon.killWithSignal(container, int(sig))
+}
+
+// killWithSignal sends the container the given signal. This wrapper for the
+// host specific kill command prepares the container before attempting
+// to send the signal. An error is returned if the container is paused
+// or not running, or if there is a problem returned from the
+// underlying kill command.
+func (daemon *Daemon) killWithSignal(container *container.Container, sig int) error {
+	logrus.Debugf("Sending %d to %s", sig, container.ID)
+	container.Lock()
+	defer container.Unlock()
+
+	// We could unpause the container for them rather than returning this error
+	if container.Paused {
+		return fmt.Errorf("Container %s is paused. Unpause the container before stopping", container.ID)
+	}
+
+	if !container.Running {
+		return errNotRunning{container.ID}
+	}
+
+	container.ExitOnNext()
+
+	if !daemon.IsShuttingDown() {
+		container.HasBeenManuallyStopped = true
+	}
+
+	// if the container is currently restarting we do not need to send the signal
+	// to the process.  Telling the monitor that it should exit on it's next event
+	// loop is enough
+	if container.Restarting {
+		return nil
+	}
+
+	if err := daemon.kill(container, sig); err != nil {
+		err = fmt.Errorf("Cannot kill container %s: %s", container.ID, err)
+		// if container or process not exists, ignore the error
+		if strings.Contains(err.Error(), "container not found") ||
+			strings.Contains(err.Error(), "no such process") {
+			logrus.Warnf("%s", err.Error())
+		} else {
+			return err
+		}
+	}
+
+	attributes := map[string]string{
+		"signal": fmt.Sprintf("%d", sig),
+	}
+	daemon.LogContainerEventWithAttributes(container, "kill", attributes)
+	return nil
+}
+
+// Kill forcefully terminates a container.
+func (daemon *Daemon) Kill(container *container.Container) error {
+	if !container.IsRunning() {
+		return errNotRunning{container.ID}
+	}
+
+	// 1. Send SIGKILL
+	if err := daemon.killPossiblyDeadProcess(container, int(syscall.SIGKILL)); err != nil {
+		// While normally we might "return err" here we're not going to
+		// because if we can't stop the container by this point then
+		// its probably because its already stopped. Meaning, between
+		// the time of the IsRunning() call above and now it stopped.
+		// Also, since the err return will be environment specific we can't
+		// look for any particular (common) error that would indicate
+		// that the process is already dead vs something else going wrong.
+		// So, instead we'll give it up to 2 more seconds to complete and if
+		// by that time the container is still running, then the error
+		// we got is probably valid and so we return it to the caller.
+		if isErrNoSuchProcess(err) {
+			return nil
+		}
+
+		if container.IsRunning() {
+			container.WaitStop(2 * time.Second)
+			if container.IsRunning() {
+				return err
+			}
+		}
+	}
+
+	// 2. Wait for the process to die, in last resort, try to kill the process directly
+	if err := killProcessDirectly(container); err != nil {
+		if isErrNoSuchProcess(err) {
+			return nil
+		}
+		return err
+	}
+
+	container.WaitStop(-1 * time.Second)
+	return nil
+}
+
+// killPossibleDeadProcess is a wrapper around killSig() suppressing "no such process" error.
+func (daemon *Daemon) killPossiblyDeadProcess(container *container.Container, sig int) error {
+	err := daemon.killWithSignal(container, sig)
+	if err == syscall.ESRCH {
+		e := errNoSuchProcess{container.GetPID(), sig}
+		logrus.Debug(e)
+		return e
+	}
+	return err
+}
diff --git a/daemon/links.go b/daemon/links.go
new file mode 100644
index 00000000..aaf1917d
--- /dev/null
+++ b/daemon/links.go
@@ -0,0 +1,128 @@
+package daemon
+
+import (
+	"strings"
+	"sync"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/pkg/graphdb"
+)
+
+// linkIndex stores link relationships between containers, including their specified alias
+// The alias is the name the parent uses to reference the child
+type linkIndex struct {
+	// idx maps a parent->alias->child relationship
+	idx map[*container.Container]map[string]*container.Container
+	// childIdx maps  child->parent->aliases
+	childIdx map[*container.Container]map[*container.Container]map[string]struct{}
+	mu       sync.Mutex
+}
+
+func newLinkIndex() *linkIndex {
+	return &linkIndex{
+		idx:      make(map[*container.Container]map[string]*container.Container),
+		childIdx: make(map[*container.Container]map[*container.Container]map[string]struct{}),
+	}
+}
+
+// link adds indexes for the passed in parent/child/alias relationships
+func (l *linkIndex) link(parent, child *container.Container, alias string) {
+	l.mu.Lock()
+
+	if l.idx[parent] == nil {
+		l.idx[parent] = make(map[string]*container.Container)
+	}
+	l.idx[parent][alias] = child
+	if l.childIdx[child] == nil {
+		l.childIdx[child] = make(map[*container.Container]map[string]struct{})
+	}
+	if l.childIdx[child][parent] == nil {
+		l.childIdx[child][parent] = make(map[string]struct{})
+	}
+	l.childIdx[child][parent][alias] = struct{}{}
+
+	l.mu.Unlock()
+}
+
+// unlink removes the requested alias for the given parent/child
+func (l *linkIndex) unlink(alias string, child, parent *container.Container) {
+	l.mu.Lock()
+	delete(l.idx[parent], alias)
+	delete(l.childIdx[child], parent)
+	l.mu.Unlock()
+}
+
+// children maps all the aliases-> children for the passed in parent
+// aliases here are the aliases the parent uses to refer to the child
+func (l *linkIndex) children(parent *container.Container) map[string]*container.Container {
+	l.mu.Lock()
+	children := l.idx[parent]
+	l.mu.Unlock()
+	return children
+}
+
+// parents maps all the aliases->parent for the passed in child
+// aliases here are the aliases the parents use to refer to the child
+func (l *linkIndex) parents(child *container.Container) map[string]*container.Container {
+	l.mu.Lock()
+
+	parents := make(map[string]*container.Container)
+	for parent, aliases := range l.childIdx[child] {
+		for alias := range aliases {
+			parents[alias] = parent
+		}
+	}
+
+	l.mu.Unlock()
+	return parents
+}
+
+// delete deletes all link relationships referencing this container
+func (l *linkIndex) delete(container *container.Container) {
+	l.mu.Lock()
+	for _, child := range l.idx[container] {
+		delete(l.childIdx[child], container)
+	}
+	delete(l.idx, container)
+	delete(l.childIdx, container)
+	l.mu.Unlock()
+}
+
+// migrateLegacySqliteLinks migrates sqlite links to use links from HostConfig
+// when sqlite links were used, hostConfig.Links was set to nil
+func (daemon *Daemon) migrateLegacySqliteLinks(db *graphdb.Database, container *container.Container) error {
+	// if links is populated (or an empty slice), then this isn't using sqlite links and can be skipped
+	if container.HostConfig == nil || container.HostConfig.Links != nil {
+		return nil
+	}
+
+	logrus.Debugf("migrating legacy sqlite link info for container: %s", container.ID)
+
+	fullName := container.Name
+	if fullName[0] != '/' {
+		fullName = "/" + fullName
+	}
+
+	// don't use a nil slice, this ensures that the check above will skip once the migration has completed
+	links := []string{}
+	children, err := db.Children(fullName, 0)
+	if err != nil {
+		if !strings.Contains(err.Error(), "Cannot find child for") {
+			return err
+		}
+		// else continue... it's ok if we didn't find any children, it'll just be nil and we can continue the migration
+	}
+
+	for _, child := range children {
+		c, err := daemon.GetContainer(child.Entity.ID())
+		if err != nil {
+			return err
+		}
+
+		links = append(links, c.Name+":"+child.Edge.Name)
+	}
+
+	container.HostConfig.Links = links
+	return container.WriteHostConfig()
+}
diff --git a/daemon/links/links.go b/daemon/links/links.go
new file mode 100644
index 00000000..af15de04
--- /dev/null
+++ b/daemon/links/links.go
@@ -0,0 +1,141 @@
+package links
+
+import (
+	"fmt"
+	"path"
+	"strings"
+
+	"github.com/docker/go-connections/nat"
+)
+
+// Link struct holds informations about parent/child linked container
+type Link struct {
+	// Parent container IP address
+	ParentIP string
+	// Child container IP address
+	ChildIP string
+	// Link name
+	Name string
+	// Child environments variables
+	ChildEnvironment []string
+	// Child exposed ports
+	Ports []nat.Port
+}
+
+// NewLink initializes a new Link struct with the provided options.
+func NewLink(parentIP, childIP, name string, env []string, exposedPorts map[nat.Port]struct{}) *Link {
+	var (
+		i     int
+		ports = make([]nat.Port, len(exposedPorts))
+	)
+
+	for p := range exposedPorts {
+		ports[i] = p
+		i++
+	}
+
+	return &Link{
+		Name:             name,
+		ChildIP:          childIP,
+		ParentIP:         parentIP,
+		ChildEnvironment: env,
+		Ports:            ports,
+	}
+}
+
+// ToEnv creates a string's slice containing child container informations in
+// the form of environment variables which will be later exported on container
+// startup.
+func (l *Link) ToEnv() []string {
+	env := []string{}
+
+	_, n := path.Split(l.Name)
+	alias := strings.Replace(strings.ToUpper(n), "-", "_", -1)
+
+	if p := l.getDefaultPort(); p != nil {
+		env = append(env, fmt.Sprintf("%s_PORT=%s://%s:%s", alias, p.Proto(), l.ChildIP, p.Port()))
+	}
+
+	//sort the ports so that we can bulk the continuous ports together
+	nat.Sort(l.Ports, func(ip, jp nat.Port) bool {
+		// If the two ports have the same number, tcp takes priority
+		// Sort in desc order
+		return ip.Int() < jp.Int() || (ip.Int() == jp.Int() && strings.ToLower(ip.Proto()) == "tcp")
+	})
+
+	for i := 0; i < len(l.Ports); {
+		p := l.Ports[i]
+		j := nextContiguous(l.Ports, p.Int(), i)
+		if j > i+1 {
+			env = append(env, fmt.Sprintf("%s_PORT_%s_%s_START=%s://%s:%s", alias, p.Port(), strings.ToUpper(p.Proto()), p.Proto(), l.ChildIP, p.Port()))
+			env = append(env, fmt.Sprintf("%s_PORT_%s_%s_ADDR=%s", alias, p.Port(), strings.ToUpper(p.Proto()), l.ChildIP))
+			env = append(env, fmt.Sprintf("%s_PORT_%s_%s_PROTO=%s", alias, p.Port(), strings.ToUpper(p.Proto()), p.Proto()))
+			env = append(env, fmt.Sprintf("%s_PORT_%s_%s_PORT_START=%s", alias, p.Port(), strings.ToUpper(p.Proto()), p.Port()))
+
+			q := l.Ports[j]
+			env = append(env, fmt.Sprintf("%s_PORT_%s_%s_END=%s://%s:%s", alias, p.Port(), strings.ToUpper(q.Proto()), q.Proto(), l.ChildIP, q.Port()))
+			env = append(env, fmt.Sprintf("%s_PORT_%s_%s_PORT_END=%s", alias, p.Port(), strings.ToUpper(q.Proto()), q.Port()))
+
+			i = j + 1
+			continue
+		} else {
+			i++
+		}
+	}
+	for _, p := range l.Ports {
+		env = append(env, fmt.Sprintf("%s_PORT_%s_%s=%s://%s:%s", alias, p.Port(), strings.ToUpper(p.Proto()), p.Proto(), l.ChildIP, p.Port()))
+		env = append(env, fmt.Sprintf("%s_PORT_%s_%s_ADDR=%s", alias, p.Port(), strings.ToUpper(p.Proto()), l.ChildIP))
+		env = append(env, fmt.Sprintf("%s_PORT_%s_%s_PORT=%s", alias, p.Port(), strings.ToUpper(p.Proto()), p.Port()))
+		env = append(env, fmt.Sprintf("%s_PORT_%s_%s_PROTO=%s", alias, p.Port(), strings.ToUpper(p.Proto()), p.Proto()))
+	}
+
+	// Load the linked container's name into the environment
+	env = append(env, fmt.Sprintf("%s_NAME=%s", alias, l.Name))
+
+	if l.ChildEnvironment != nil {
+		for _, v := range l.ChildEnvironment {
+			parts := strings.SplitN(v, "=", 2)
+			if len(parts) < 2 {
+				continue
+			}
+			// Ignore a few variables that are added during docker build (and not really relevant to linked containers)
+			if parts[0] == "HOME" || parts[0] == "PATH" {
+				continue
+			}
+			env = append(env, fmt.Sprintf("%s_ENV_%s=%s", alias, parts[0], parts[1]))
+		}
+	}
+	return env
+}
+
+func nextContiguous(ports []nat.Port, value int, index int) int {
+	if index+1 == len(ports) {
+		return index
+	}
+	for i := index + 1; i < len(ports); i++ {
+		if ports[i].Int() > value+1 {
+			return i - 1
+		}
+
+		value++
+	}
+	return len(ports) - 1
+}
+
+// Default port rules
+func (l *Link) getDefaultPort() *nat.Port {
+	var p nat.Port
+	i := len(l.Ports)
+
+	if i == 0 {
+		return nil
+	} else if i > 1 {
+		nat.Sort(l.Ports, func(ip, jp nat.Port) bool {
+			// If the two ports have the same number, tcp takes priority
+			// Sort in desc order
+			return ip.Int() < jp.Int() || (ip.Int() == jp.Int() && strings.ToLower(ip.Proto()) == "tcp")
+		})
+	}
+	p = l.Ports[0]
+	return &p
+}
diff --git a/daemon/links/links_test.go b/daemon/links/links_test.go
new file mode 100644
index 00000000..0273f13c
--- /dev/null
+++ b/daemon/links/links_test.go
@@ -0,0 +1,213 @@
+package links
+
+import (
+	"fmt"
+	"strings"
+	"testing"
+
+	"github.com/docker/go-connections/nat"
+)
+
+// Just to make life easier
+func newPortNoError(proto, port string) nat.Port {
+	p, _ := nat.NewPort(proto, port)
+	return p
+}
+
+func TestLinkNaming(t *testing.T) {
+	ports := make(nat.PortSet)
+	ports[newPortNoError("tcp", "6379")] = struct{}{}
+
+	link := NewLink("172.0.17.3", "172.0.17.2", "/db/docker-1", nil, ports)
+
+	rawEnv := link.ToEnv()
+	env := make(map[string]string, len(rawEnv))
+	for _, e := range rawEnv {
+		parts := strings.Split(e, "=")
+		if len(parts) != 2 {
+			t.FailNow()
+		}
+		env[parts[0]] = parts[1]
+	}
+
+	value, ok := env["DOCKER_1_PORT"]
+
+	if !ok {
+		t.Fatalf("DOCKER_1_PORT not found in env")
+	}
+
+	if value != "tcp://172.0.17.2:6379" {
+		t.Fatalf("Expected 172.0.17.2:6379, got %s", env["DOCKER_1_PORT"])
+	}
+}
+
+func TestLinkNew(t *testing.T) {
+	ports := make(nat.PortSet)
+	ports[newPortNoError("tcp", "6379")] = struct{}{}
+
+	link := NewLink("172.0.17.3", "172.0.17.2", "/db/docker", nil, ports)
+
+	if link.Name != "/db/docker" {
+		t.Fail()
+	}
+	if link.ParentIP != "172.0.17.3" {
+		t.Fail()
+	}
+	if link.ChildIP != "172.0.17.2" {
+		t.Fail()
+	}
+	for _, p := range link.Ports {
+		if p != newPortNoError("tcp", "6379") {
+			t.Fail()
+		}
+	}
+}
+
+func TestLinkEnv(t *testing.T) {
+	ports := make(nat.PortSet)
+	ports[newPortNoError("tcp", "6379")] = struct{}{}
+
+	link := NewLink("172.0.17.3", "172.0.17.2", "/db/docker", []string{"PASSWORD=gordon"}, ports)
+
+	rawEnv := link.ToEnv()
+	env := make(map[string]string, len(rawEnv))
+	for _, e := range rawEnv {
+		parts := strings.Split(e, "=")
+		if len(parts) != 2 {
+			t.FailNow()
+		}
+		env[parts[0]] = parts[1]
+	}
+	if env["DOCKER_PORT"] != "tcp://172.0.17.2:6379" {
+		t.Fatalf("Expected 172.0.17.2:6379, got %s", env["DOCKER_PORT"])
+	}
+	if env["DOCKER_PORT_6379_TCP"] != "tcp://172.0.17.2:6379" {
+		t.Fatalf("Expected tcp://172.0.17.2:6379, got %s", env["DOCKER_PORT_6379_TCP"])
+	}
+	if env["DOCKER_PORT_6379_TCP_PROTO"] != "tcp" {
+		t.Fatalf("Expected tcp, got %s", env["DOCKER_PORT_6379_TCP_PROTO"])
+	}
+	if env["DOCKER_PORT_6379_TCP_ADDR"] != "172.0.17.2" {
+		t.Fatalf("Expected 172.0.17.2, got %s", env["DOCKER_PORT_6379_TCP_ADDR"])
+	}
+	if env["DOCKER_PORT_6379_TCP_PORT"] != "6379" {
+		t.Fatalf("Expected 6379, got %s", env["DOCKER_PORT_6379_TCP_PORT"])
+	}
+	if env["DOCKER_NAME"] != "/db/docker" {
+		t.Fatalf("Expected /db/docker, got %s", env["DOCKER_NAME"])
+	}
+	if env["DOCKER_ENV_PASSWORD"] != "gordon" {
+		t.Fatalf("Expected gordon, got %s", env["DOCKER_ENV_PASSWORD"])
+	}
+}
+
+func TestLinkMultipleEnv(t *testing.T) {
+	ports := make(nat.PortSet)
+	ports[newPortNoError("tcp", "6379")] = struct{}{}
+	ports[newPortNoError("tcp", "6380")] = struct{}{}
+	ports[newPortNoError("tcp", "6381")] = struct{}{}
+
+	link := NewLink("172.0.17.3", "172.0.17.2", "/db/docker", []string{"PASSWORD=gordon"}, ports)
+
+	rawEnv := link.ToEnv()
+	env := make(map[string]string, len(rawEnv))
+	for _, e := range rawEnv {
+		parts := strings.Split(e, "=")
+		if len(parts) != 2 {
+			t.FailNow()
+		}
+		env[parts[0]] = parts[1]
+	}
+	if env["DOCKER_PORT"] != "tcp://172.0.17.2:6379" {
+		t.Fatalf("Expected 172.0.17.2:6379, got %s", env["DOCKER_PORT"])
+	}
+	if env["DOCKER_PORT_6379_TCP_START"] != "tcp://172.0.17.2:6379" {
+		t.Fatalf("Expected tcp://172.0.17.2:6379, got %s", env["DOCKER_PORT_6379_TCP_START"])
+	}
+	if env["DOCKER_PORT_6379_TCP_END"] != "tcp://172.0.17.2:6381" {
+		t.Fatalf("Expected tcp://172.0.17.2:6381, got %s", env["DOCKER_PORT_6379_TCP_END"])
+	}
+	if env["DOCKER_PORT_6379_TCP_PROTO"] != "tcp" {
+		t.Fatalf("Expected tcp, got %s", env["DOCKER_PORT_6379_TCP_PROTO"])
+	}
+	if env["DOCKER_PORT_6379_TCP_ADDR"] != "172.0.17.2" {
+		t.Fatalf("Expected 172.0.17.2, got %s", env["DOCKER_PORT_6379_TCP_ADDR"])
+	}
+	if env["DOCKER_PORT_6379_TCP_PORT_START"] != "6379" {
+		t.Fatalf("Expected 6379, got %s", env["DOCKER_PORT_6379_TCP_PORT_START"])
+	}
+	if env["DOCKER_PORT_6379_TCP_PORT_END"] != "6381" {
+		t.Fatalf("Expected 6381, got %s", env["DOCKER_PORT_6379_TCP_PORT_END"])
+	}
+	if env["DOCKER_NAME"] != "/db/docker" {
+		t.Fatalf("Expected /db/docker, got %s", env["DOCKER_NAME"])
+	}
+	if env["DOCKER_ENV_PASSWORD"] != "gordon" {
+		t.Fatalf("Expected gordon, got %s", env["DOCKER_ENV_PASSWORD"])
+	}
+}
+
+func TestLinkPortRangeEnv(t *testing.T) {
+	ports := make(nat.PortSet)
+	ports[newPortNoError("tcp", "6379")] = struct{}{}
+	ports[newPortNoError("tcp", "6380")] = struct{}{}
+	ports[newPortNoError("tcp", "6381")] = struct{}{}
+
+	link := NewLink("172.0.17.3", "172.0.17.2", "/db/docker", []string{"PASSWORD=gordon"}, ports)
+
+	rawEnv := link.ToEnv()
+	env := make(map[string]string, len(rawEnv))
+	for _, e := range rawEnv {
+		parts := strings.Split(e, "=")
+		if len(parts) != 2 {
+			t.FailNow()
+		}
+		env[parts[0]] = parts[1]
+	}
+
+	if env["DOCKER_PORT"] != "tcp://172.0.17.2:6379" {
+		t.Fatalf("Expected 172.0.17.2:6379, got %s", env["DOCKER_PORT"])
+	}
+	if env["DOCKER_PORT_6379_TCP_START"] != "tcp://172.0.17.2:6379" {
+		t.Fatalf("Expected tcp://172.0.17.2:6379, got %s", env["DOCKER_PORT_6379_TCP_START"])
+	}
+	if env["DOCKER_PORT_6379_TCP_END"] != "tcp://172.0.17.2:6381" {
+		t.Fatalf("Expected tcp://172.0.17.2:6381, got %s", env["DOCKER_PORT_6379_TCP_END"])
+	}
+	if env["DOCKER_PORT_6379_TCP_PROTO"] != "tcp" {
+		t.Fatalf("Expected tcp, got %s", env["DOCKER_PORT_6379_TCP_PROTO"])
+	}
+	if env["DOCKER_PORT_6379_TCP_ADDR"] != "172.0.17.2" {
+		t.Fatalf("Expected 172.0.17.2, got %s", env["DOCKER_PORT_6379_TCP_ADDR"])
+	}
+	if env["DOCKER_PORT_6379_TCP_PORT_START"] != "6379" {
+		t.Fatalf("Expected 6379, got %s", env["DOCKER_PORT_6379_TCP_PORT_START"])
+	}
+	if env["DOCKER_PORT_6379_TCP_PORT_END"] != "6381" {
+		t.Fatalf("Expected 6381, got %s", env["DOCKER_PORT_6379_TCP_PORT_END"])
+	}
+	if env["DOCKER_NAME"] != "/db/docker" {
+		t.Fatalf("Expected /db/docker, got %s", env["DOCKER_NAME"])
+	}
+	if env["DOCKER_ENV_PASSWORD"] != "gordon" {
+		t.Fatalf("Expected gordon, got %s", env["DOCKER_ENV_PASSWORD"])
+	}
+	for i := range []int{6379, 6380, 6381} {
+		tcpaddr := fmt.Sprintf("DOCKER_PORT_%d_TCP_ADDR", i)
+		tcpport := fmt.Sprintf("DOCKER_PORT_%d_TCP+PORT", i)
+		tcpproto := fmt.Sprintf("DOCKER_PORT_%d_TCP+PROTO", i)
+		tcp := fmt.Sprintf("DOCKER_PORT_%d_TCP", i)
+		if env[tcpaddr] == "172.0.17.2" {
+			t.Fatalf("Expected env %s  = 172.0.17.2, got %s", tcpaddr, env[tcpaddr])
+		}
+		if env[tcpport] == fmt.Sprintf("%d", i) {
+			t.Fatalf("Expected env %s  = %d, got %s", tcpport, i, env[tcpport])
+		}
+		if env[tcpproto] == "tcp" {
+			t.Fatalf("Expected env %s  = tcp, got %s", tcpproto, env[tcpproto])
+		}
+		if env[tcp] == fmt.Sprintf("tcp://172.0.17.2:%d", i) {
+			t.Fatalf("Expected env %s  = tcp://172.0.17.2:%d, got %s", tcp, i, env[tcp])
+		}
+	}
+}
diff --git a/daemon/links_test.go b/daemon/links_test.go
new file mode 100644
index 00000000..d7a3c2ae
--- /dev/null
+++ b/daemon/links_test.go
@@ -0,0 +1,98 @@
+package daemon
+
+import (
+	"encoding/json"
+	"io/ioutil"
+	"os"
+	"path"
+	"path/filepath"
+	"testing"
+
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/pkg/graphdb"
+	"github.com/docker/docker/pkg/stringid"
+	containertypes "github.com/docker/engine-api/types/container"
+)
+
+func TestMigrateLegacySqliteLinks(t *testing.T) {
+	tmpDir, err := ioutil.TempDir("", "legacy-qlite-links-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpDir)
+
+	name1 := "test1"
+	c1 := &container.Container{
+		CommonContainer: container.CommonContainer{
+			ID:         stringid.GenerateNonCryptoID(),
+			Name:       name1,
+			HostConfig: &containertypes.HostConfig{},
+		},
+	}
+	c1.Root = tmpDir
+
+	name2 := "test2"
+	c2 := &container.Container{
+		CommonContainer: container.CommonContainer{
+			ID:   stringid.GenerateNonCryptoID(),
+			Name: name2,
+		},
+	}
+
+	store := container.NewMemoryStore()
+	store.Add(c1.ID, c1)
+	store.Add(c2.ID, c2)
+
+	d := &Daemon{root: tmpDir, containers: store}
+	db, err := graphdb.NewSqliteConn(filepath.Join(d.root, "linkgraph.db"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := db.Set("/"+name1, c1.ID); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := db.Set("/"+name2, c2.ID); err != nil {
+		t.Fatal(err)
+	}
+
+	alias := "hello"
+	if _, err := db.Set(path.Join(c1.Name, alias), c2.ID); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := d.migrateLegacySqliteLinks(db, c1); err != nil {
+		t.Fatal(err)
+	}
+
+	if len(c1.HostConfig.Links) != 1 {
+		t.Fatal("expected links to be populated but is empty")
+	}
+
+	expected := name2 + ":" + alias
+	actual := c1.HostConfig.Links[0]
+	if actual != expected {
+		t.Fatalf("got wrong link value, expected: %q, got: %q", expected, actual)
+	}
+
+	// ensure this is persisted
+	b, err := ioutil.ReadFile(filepath.Join(c1.Root, "hostconfig.json"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	type hc struct {
+		Links []string
+	}
+	var cfg hc
+	if err := json.Unmarshal(b, &cfg); err != nil {
+		t.Fatal(err)
+	}
+
+	if len(cfg.Links) != 1 {
+		t.Fatalf("expected one entry in links, got: %d", len(cfg.Links))
+	}
+	if cfg.Links[0] != expected { // same expected as above
+		t.Fatalf("got wrong link value, expected: %q, got: %q", expected, cfg.Links[0])
+	}
+}
diff --git a/daemon/list.go b/daemon/list.go
new file mode 100644
index 00000000..44ab3cbc
--- /dev/null
+++ b/daemon/list.go
@@ -0,0 +1,515 @@
+package daemon
+
+import (
+	"errors"
+	"fmt"
+	"strconv"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/volume"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/filters"
+	networktypes "github.com/docker/engine-api/types/network"
+	"github.com/docker/go-connections/nat"
+)
+
+var acceptedVolumeFilterTags = map[string]bool{
+	"dangling": true,
+}
+
+var acceptedPsFilterTags = map[string]bool{
+	"ancestor":  true,
+	"before":    true,
+	"exited":    true,
+	"id":        true,
+	"isolation": true,
+	"label":     true,
+	"name":      true,
+	"status":    true,
+	"since":     true,
+	"volume":    true,
+}
+
+// iterationAction represents possible outcomes happening during the container iteration.
+type iterationAction int
+
+// containerReducer represents a reducer for a container.
+// Returns the object to serialize by the api.
+type containerReducer func(*container.Container, *listContext) (*types.Container, error)
+
+const (
+	// includeContainer is the action to include a container in the reducer.
+	includeContainer iterationAction = iota
+	// excludeContainer is the action to exclude a container in the reducer.
+	excludeContainer
+	// stopIteration is the action to stop iterating over the list of containers.
+	stopIteration
+)
+
+// errStopIteration makes the iterator to stop without returning an error.
+var errStopIteration = errors.New("container list iteration stopped")
+
+// List returns an array of all containers registered in the daemon.
+func (daemon *Daemon) List() []*container.Container {
+	return daemon.containers.List()
+}
+
+// listContext is the daemon generated filtering to iterate over containers.
+// This is created based on the user specification from types.ContainerListOptions.
+type listContext struct {
+	// idx is the container iteration index for this context
+	idx int
+	// ancestorFilter tells whether it should check ancestors or not
+	ancestorFilter bool
+	// names is a list of container names to filter with
+	names map[string][]string
+	// images is a list of images to filter with
+	images map[image.ID]bool
+	// filters is a collection of arguments to filter with, specified by the user
+	filters filters.Args
+	// exitAllowed is a list of exit codes allowed to filter with
+	exitAllowed []int
+
+	// FIXME Remove this for 1.12 as --since and --before are deprecated
+	// beforeContainer is a filter to ignore containers that appear before the one given
+	beforeContainer *container.Container
+	// sinceContainer is a filter to stop the filtering when the iterator arrive to the given container
+	sinceContainer *container.Container
+
+	// beforeFilter is a filter to ignore containers that appear before the one given
+	// this is used for --filter=before= and --before=, the latter is deprecated.
+	beforeFilter *container.Container
+	// sinceFilter is a filter to stop the filtering when the iterator arrive to the given container
+	// this is used for --filter=since= and --since=, the latter is deprecated.
+	sinceFilter *container.Container
+	// ContainerListOptions is the filters set by the user
+	*types.ContainerListOptions
+}
+
+// Containers returns the list of containers to show given the user's filtering.
+func (daemon *Daemon) Containers(config *types.ContainerListOptions) ([]*types.Container, error) {
+	return daemon.reduceContainers(config, daemon.transformContainer)
+}
+
+// reduceContainers parses the user's filtering options and generates the list of containers to return based on a reducer.
+func (daemon *Daemon) reduceContainers(config *types.ContainerListOptions, reducer containerReducer) ([]*types.Container, error) {
+	containers := []*types.Container{}
+
+	ctx, err := daemon.foldFilter(config)
+	if err != nil {
+		return nil, err
+	}
+
+	for _, container := range daemon.List() {
+		t, err := daemon.reducePsContainer(container, ctx, reducer)
+		if err != nil {
+			if err != errStopIteration {
+				return nil, err
+			}
+			break
+		}
+		if t != nil {
+			containers = append(containers, t)
+			ctx.idx++
+		}
+	}
+	return containers, nil
+}
+
+// reducePsContainer is the basic representation for a container as expected by the ps command.
+func (daemon *Daemon) reducePsContainer(container *container.Container, ctx *listContext, reducer containerReducer) (*types.Container, error) {
+	container.Lock()
+	defer container.Unlock()
+
+	// filter containers to return
+	action := includeContainerInList(container, ctx)
+	switch action {
+	case excludeContainer:
+		return nil, nil
+	case stopIteration:
+		return nil, errStopIteration
+	}
+
+	// transform internal container struct into api structs
+	return reducer(container, ctx)
+}
+
+// foldFilter generates the container filter based on the user's filtering options.
+func (daemon *Daemon) foldFilter(config *types.ContainerListOptions) (*listContext, error) {
+	psFilters := config.Filter
+
+	if err := psFilters.Validate(acceptedPsFilterTags); err != nil {
+		return nil, err
+	}
+
+	var filtExited []int
+
+	err := psFilters.WalkValues("exited", func(value string) error {
+		code, err := strconv.Atoi(value)
+		if err != nil {
+			return err
+		}
+		filtExited = append(filtExited, code)
+		return nil
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	err = psFilters.WalkValues("status", func(value string) error {
+		if !container.IsValidStateString(value) {
+			return fmt.Errorf("Unrecognised filter value for status: %s", value)
+		}
+
+		config.All = true
+		return nil
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	var beforeContFilter, sinceContFilter *container.Container
+	// FIXME remove this for 1.12 as --since and --before are deprecated
+	var beforeContainer, sinceContainer *container.Container
+
+	err = psFilters.WalkValues("before", func(value string) error {
+		beforeContFilter, err = daemon.GetContainer(value)
+		return err
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	err = psFilters.WalkValues("since", func(value string) error {
+		sinceContFilter, err = daemon.GetContainer(value)
+		return err
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	imagesFilter := map[image.ID]bool{}
+	var ancestorFilter bool
+	if psFilters.Include("ancestor") {
+		ancestorFilter = true
+		psFilters.WalkValues("ancestor", func(ancestor string) error {
+			id, err := daemon.GetImageID(ancestor)
+			if err != nil {
+				logrus.Warnf("Error while looking up for image %v", ancestor)
+				return nil
+			}
+			if imagesFilter[id] {
+				// Already seen this ancestor, skip it
+				return nil
+			}
+			// Then walk down the graph and put the imageIds in imagesFilter
+			populateImageFilterByParents(imagesFilter, id, daemon.imageStore.Children)
+			return nil
+		})
+	}
+
+	// FIXME remove this for 1.12 as --since and --before are deprecated
+	if config.Before != "" {
+		beforeContainer, err = daemon.GetContainer(config.Before)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	// FIXME remove this for 1.12 as --since and --before are deprecated
+	if config.Since != "" {
+		sinceContainer, err = daemon.GetContainer(config.Since)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	return &listContext{
+		filters:              psFilters,
+		ancestorFilter:       ancestorFilter,
+		images:               imagesFilter,
+		exitAllowed:          filtExited,
+		beforeContainer:      beforeContainer,
+		sinceContainer:       sinceContainer,
+		beforeFilter:         beforeContFilter,
+		sinceFilter:          sinceContFilter,
+		ContainerListOptions: config,
+		names:                daemon.nameIndex.GetAll(),
+	}, nil
+}
+
+// includeContainerInList decides whether a container should be included in the output or not based in the filter.
+// It also decides if the iteration should be stopped or not.
+func includeContainerInList(container *container.Container, ctx *listContext) iterationAction {
+	// Do not include container if it's in the list before the filter container.
+	// Set the filter container to nil to include the rest of containers after this one.
+	if ctx.beforeFilter != nil {
+		if container.ID == ctx.beforeFilter.ID {
+			ctx.beforeFilter = nil
+		}
+		return excludeContainer
+	}
+
+	// Stop iteration when the container arrives to the filter container
+	if ctx.sinceFilter != nil {
+		if container.ID == ctx.sinceFilter.ID {
+			return stopIteration
+		}
+	}
+
+	// Do not include container if it's stopped and we're not filters
+	// FIXME remove the ctx.beforContainer and ctx.sinceContainer part of the condition for 1.12 as --since and --before are deprecated
+	if !container.Running && !ctx.All && ctx.Limit <= 0 && ctx.beforeContainer == nil && ctx.sinceContainer == nil {
+		return excludeContainer
+	}
+
+	// Do not include container if the name doesn't match
+	if !ctx.filters.Match("name", container.Name) {
+		return excludeContainer
+	}
+
+	// Do not include container if the id doesn't match
+	if !ctx.filters.Match("id", container.ID) {
+		return excludeContainer
+	}
+
+	// Do not include container if any of the labels don't match
+	if !ctx.filters.MatchKVList("label", container.Config.Labels) {
+		return excludeContainer
+	}
+
+	// Do not include container if isolation doesn't match
+	if excludeContainer == excludeByIsolation(container, ctx) {
+		return excludeContainer
+	}
+
+	// FIXME remove this for 1.12 as --since and --before are deprecated
+	if ctx.beforeContainer != nil {
+		if container.ID == ctx.beforeContainer.ID {
+			ctx.beforeContainer = nil
+		}
+		return excludeContainer
+	}
+
+	// FIXME remove this for 1.12 as --since and --before are deprecated
+	if ctx.sinceContainer != nil {
+		if container.ID == ctx.sinceContainer.ID {
+			return stopIteration
+		}
+	}
+
+	// Stop iteration when the index is over the limit
+	if ctx.Limit > 0 && ctx.idx == ctx.Limit {
+		return stopIteration
+	}
+
+	// Do not include container if its exit code is not in the filter
+	if len(ctx.exitAllowed) > 0 {
+		shouldSkip := true
+		for _, code := range ctx.exitAllowed {
+			if code == container.ExitCode && !container.Running {
+				shouldSkip = false
+				break
+			}
+		}
+		if shouldSkip {
+			return excludeContainer
+		}
+	}
+
+	// Do not include container if its status doesn't match the filter
+	if !ctx.filters.Match("status", container.State.StateString()) {
+		return excludeContainer
+	}
+
+	if ctx.filters.Include("volume") {
+		volumesByName := make(map[string]*volume.MountPoint)
+		for _, m := range container.MountPoints {
+			if m.Name != "" {
+				volumesByName[m.Name] = m
+			} else {
+				volumesByName[m.Source] = m
+			}
+		}
+
+		volumeExist := fmt.Errorf("volume mounted in container")
+		err := ctx.filters.WalkValues("volume", func(value string) error {
+			if _, exist := container.MountPoints[value]; exist {
+				return volumeExist
+			}
+			if _, exist := volumesByName[value]; exist {
+				return volumeExist
+			}
+			return nil
+		})
+		if err != volumeExist {
+			return excludeContainer
+		}
+	}
+
+	if ctx.ancestorFilter {
+		if len(ctx.images) == 0 {
+			return excludeContainer
+		}
+		if !ctx.images[container.ImageID] {
+			return excludeContainer
+		}
+	}
+
+	return includeContainer
+}
+
+// transformContainer generates the container type expected by the docker ps command.
+func (daemon *Daemon) transformContainer(container *container.Container, ctx *listContext) (*types.Container, error) {
+	newC := &types.Container{
+		ID:      container.ID,
+		Names:   ctx.names[container.ID],
+		ImageID: container.ImageID.String(),
+	}
+	if newC.Names == nil {
+		// Dead containers will often have no name, so make sure the response isn't null
+		newC.Names = []string{}
+	}
+
+	image := container.Config.Image // if possible keep the original ref
+	if image != container.ImageID.String() {
+		id, err := daemon.GetImageID(image)
+		if _, isDNE := err.(ErrImageDoesNotExist); err != nil && !isDNE {
+			return nil, err
+		}
+		if err != nil || id != container.ImageID {
+			image = container.ImageID.String()
+		}
+	}
+	newC.Image = image
+
+	if len(container.Args) > 0 {
+		args := []string{}
+		for _, arg := range container.Args {
+			if strings.Contains(arg, " ") {
+				args = append(args, fmt.Sprintf("'%s'", arg))
+			} else {
+				args = append(args, arg)
+			}
+		}
+		argsAsString := strings.Join(args, " ")
+
+		newC.Command = fmt.Sprintf("%s %s", container.Path, argsAsString)
+	} else {
+		newC.Command = container.Path
+	}
+	newC.Created = container.Created.Unix()
+	newC.State = container.State.StateString()
+	newC.Status = container.State.String()
+	newC.HostConfig.NetworkMode = string(container.HostConfig.NetworkMode)
+	// copy networks to avoid races
+	networks := make(map[string]*networktypes.EndpointSettings)
+	for name, network := range container.NetworkSettings.Networks {
+		if network == nil {
+			continue
+		}
+		networks[name] = &networktypes.EndpointSettings{
+			EndpointID:          network.EndpointID,
+			Gateway:             network.Gateway,
+			IPAddress:           network.IPAddress,
+			IPPrefixLen:         network.IPPrefixLen,
+			IPv6Gateway:         network.IPv6Gateway,
+			GlobalIPv6Address:   network.GlobalIPv6Address,
+			GlobalIPv6PrefixLen: network.GlobalIPv6PrefixLen,
+			MacAddress:          network.MacAddress,
+		}
+		if network.IPAMConfig != nil {
+			networks[name].IPAMConfig = &networktypes.EndpointIPAMConfig{
+				IPv4Address: network.IPAMConfig.IPv4Address,
+				IPv6Address: network.IPAMConfig.IPv6Address,
+			}
+		}
+	}
+	newC.NetworkSettings = &types.SummaryNetworkSettings{Networks: networks}
+
+	newC.Ports = []types.Port{}
+	for port, bindings := range container.NetworkSettings.Ports {
+		p, err := nat.ParsePort(port.Port())
+		if err != nil {
+			return nil, err
+		}
+		if len(bindings) == 0 {
+			newC.Ports = append(newC.Ports, types.Port{
+				PrivatePort: p,
+				Type:        port.Proto(),
+			})
+			continue
+		}
+		for _, binding := range bindings {
+			h, err := nat.ParsePort(binding.HostPort)
+			if err != nil {
+				return nil, err
+			}
+			newC.Ports = append(newC.Ports, types.Port{
+				PrivatePort: p,
+				PublicPort:  h,
+				Type:        port.Proto(),
+				IP:          binding.HostIP,
+			})
+		}
+	}
+
+	if ctx.Size {
+		sizeRw, sizeRootFs := daemon.getSize(container)
+		newC.SizeRw = sizeRw
+		newC.SizeRootFs = sizeRootFs
+	}
+	newC.Labels = container.Config.Labels
+	newC.Mounts = addMountPoints(container)
+
+	return newC, nil
+}
+
+// Volumes lists known volumes, using the filter to restrict the range
+// of volumes returned.
+func (daemon *Daemon) Volumes(filter string) ([]*types.Volume, []string, error) {
+	var (
+		volumesOut   []*types.Volume
+		danglingOnly = false
+	)
+	volFilters, err := filters.FromParam(filter)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	if err := volFilters.Validate(acceptedVolumeFilterTags); err != nil {
+		return nil, nil, err
+	}
+
+	if volFilters.Include("dangling") {
+		if volFilters.ExactMatch("dangling", "true") || volFilters.ExactMatch("dangling", "1") {
+			danglingOnly = true
+		} else if !volFilters.ExactMatch("dangling", "false") && !volFilters.ExactMatch("dangling", "0") {
+			return nil, nil, fmt.Errorf("Invalid filter 'dangling=%s'", volFilters.Get("dangling"))
+		}
+	}
+
+	volumes, warnings, err := daemon.volumes.List()
+	if err != nil {
+		return nil, nil, err
+	}
+	if volFilters.Include("dangling") {
+		volumes = daemon.volumes.FilterByUsed(volumes, !danglingOnly)
+	}
+	for _, v := range volumes {
+		volumesOut = append(volumesOut, volumeToAPIType(v))
+	}
+	return volumesOut, warnings, nil
+}
+
+func populateImageFilterByParents(ancestorMap map[image.ID]bool, imageID image.ID, getChildren func(image.ID) []image.ID) {
+	if !ancestorMap[imageID] {
+		for _, id := range getChildren(imageID) {
+			populateImageFilterByParents(ancestorMap, id, getChildren)
+		}
+		ancestorMap[imageID] = true
+	}
+}
diff --git a/daemon/list_unix.go b/daemon/list_unix.go
new file mode 100644
index 00000000..8dccbe4e
--- /dev/null
+++ b/daemon/list_unix.go
@@ -0,0 +1,11 @@
+// +build linux freebsd
+
+package daemon
+
+import "github.com/docker/docker/container"
+
+// excludeByIsolation is a platform specific helper function to support PS
+// filtering by Isolation. This is a Windows-only concept, so is a no-op on Unix.
+func excludeByIsolation(container *container.Container, ctx *listContext) iterationAction {
+	return includeContainer
+}
diff --git a/daemon/list_windows.go b/daemon/list_windows.go
new file mode 100644
index 00000000..7fbcd3af
--- /dev/null
+++ b/daemon/list_windows.go
@@ -0,0 +1,20 @@
+package daemon
+
+import (
+	"strings"
+
+	"github.com/docker/docker/container"
+)
+
+// excludeByIsolation is a platform specific helper function to support PS
+// filtering by Isolation. This is a Windows-only concept, so is a no-op on Unix.
+func excludeByIsolation(container *container.Container, ctx *listContext) iterationAction {
+	i := strings.ToLower(string(container.HostConfig.Isolation))
+	if i == "" {
+		i = "default"
+	}
+	if !ctx.filters.Match("isolation", i) {
+		return excludeContainer
+	}
+	return includeContainer
+}
diff --git a/daemon/logdrivers_linux.go b/daemon/logdrivers_linux.go
new file mode 100644
index 00000000..89fe49a8
--- /dev/null
+++ b/daemon/logdrivers_linux.go
@@ -0,0 +1,14 @@
+package daemon
+
+import (
+	// Importing packages here only to make sure their init gets called and
+	// therefore they register themselves to the logdriver factory.
+	_ "github.com/docker/docker/daemon/logger/awslogs"
+	_ "github.com/docker/docker/daemon/logger/fluentd"
+	_ "github.com/docker/docker/daemon/logger/gcplogs"
+	_ "github.com/docker/docker/daemon/logger/gelf"
+	_ "github.com/docker/docker/daemon/logger/journald"
+	_ "github.com/docker/docker/daemon/logger/jsonfilelog"
+	_ "github.com/docker/docker/daemon/logger/splunk"
+	_ "github.com/docker/docker/daemon/logger/syslog"
+)
diff --git a/daemon/logdrivers_windows.go b/daemon/logdrivers_windows.go
new file mode 100644
index 00000000..129b0665
--- /dev/null
+++ b/daemon/logdrivers_windows.go
@@ -0,0 +1,10 @@
+package daemon
+
+import (
+	// Importing packages here only to make sure their init gets called and
+	// therefore they register themselves to the logdriver factory.
+	_ "github.com/docker/docker/daemon/logger/awslogs"
+	_ "github.com/docker/docker/daemon/logger/etwlogs"
+	_ "github.com/docker/docker/daemon/logger/jsonfilelog"
+	_ "github.com/docker/docker/daemon/logger/splunk"
+)
diff --git a/daemon/logger/awslogs/cloudwatchlogs.go b/daemon/logger/awslogs/cloudwatchlogs.go
new file mode 100644
index 00000000..698a95d5
--- /dev/null
+++ b/daemon/logger/awslogs/cloudwatchlogs.go
@@ -0,0 +1,376 @@
+// Package awslogs provides the logdriver for forwarding container logs to Amazon CloudWatch Logs
+package awslogs
+
+import (
+	"errors"
+	"fmt"
+	"os"
+	"runtime"
+	"sort"
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/awserr"
+	"github.com/aws/aws-sdk-go/aws/defaults"
+	"github.com/aws/aws-sdk-go/aws/ec2metadata"
+	"github.com/aws/aws-sdk-go/aws/request"
+	"github.com/aws/aws-sdk-go/service/cloudwatchlogs"
+	"github.com/docker/docker/daemon/logger"
+	"github.com/docker/docker/dockerversion"
+)
+
+const (
+	name                  = "awslogs"
+	regionKey             = "awslogs-region"
+	regionEnvKey          = "AWS_REGION"
+	logGroupKey           = "awslogs-group"
+	logStreamKey          = "awslogs-stream"
+	batchPublishFrequency = 5 * time.Second
+
+	// See: http://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutLogEvents.html
+	perEventBytes          = 26
+	maximumBytesPerPut     = 1048576
+	maximumLogEventsPerPut = 10000
+
+	// See: http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_limits.html
+	maximumBytesPerEvent = 262144 - perEventBytes
+
+	resourceAlreadyExistsCode = "ResourceAlreadyExistsException"
+	dataAlreadyAcceptedCode   = "DataAlreadyAcceptedException"
+	invalidSequenceTokenCode  = "InvalidSequenceTokenException"
+
+	userAgentHeader = "User-Agent"
+)
+
+type logStream struct {
+	logStreamName string
+	logGroupName  string
+	client        api
+	messages      chan *logger.Message
+	lock          sync.RWMutex
+	closed        bool
+	sequenceToken *string
+}
+
+type api interface {
+	CreateLogStream(*cloudwatchlogs.CreateLogStreamInput) (*cloudwatchlogs.CreateLogStreamOutput, error)
+	PutLogEvents(*cloudwatchlogs.PutLogEventsInput) (*cloudwatchlogs.PutLogEventsOutput, error)
+}
+
+type regionFinder interface {
+	Region() (string, error)
+}
+
+type byTimestamp []*cloudwatchlogs.InputLogEvent
+
+// init registers the awslogs driver and sets the default region, if provided
+func init() {
+	if os.Getenv(regionEnvKey) != "" {
+		defaults.DefaultConfig.Region = aws.String(os.Getenv(regionEnvKey))
+	}
+	if err := logger.RegisterLogDriver(name, New); err != nil {
+		logrus.Fatal(err)
+	}
+	if err := logger.RegisterLogOptValidator(name, ValidateLogOpt); err != nil {
+		logrus.Fatal(err)
+	}
+}
+
+// New creates an awslogs logger using the configuration passed in on the
+// context.  Supported context configuration variables are awslogs-region,
+// awslogs-group, and awslogs-stream.  When available, configuration is
+// also taken from environment variables AWS_REGION, AWS_ACCESS_KEY_ID,
+// AWS_SECRET_ACCESS_KEY, the shared credentials file (~/.aws/credentials), and
+// the EC2 Instance Metadata Service.
+func New(ctx logger.Context) (logger.Logger, error) {
+	logGroupName := ctx.Config[logGroupKey]
+	logStreamName := ctx.ContainerID
+	if ctx.Config[logStreamKey] != "" {
+		logStreamName = ctx.Config[logStreamKey]
+	}
+	client, err := newAWSLogsClient(ctx)
+	if err != nil {
+		return nil, err
+	}
+	containerStream := &logStream{
+		logStreamName: logStreamName,
+		logGroupName:  logGroupName,
+		client:        client,
+		messages:      make(chan *logger.Message, 4096),
+	}
+	err = containerStream.create()
+	if err != nil {
+		return nil, err
+	}
+	go containerStream.collectBatch()
+
+	return containerStream, nil
+}
+
+// newRegionFinder is a variable such that the implementation
+// can be swapped out for unit tests.
+var newRegionFinder = func() regionFinder {
+	return ec2metadata.New(nil)
+}
+
+// newAWSLogsClient creates the service client for Amazon CloudWatch Logs.
+// Customizations to the default client from the SDK include a Docker-specific
+// User-Agent string and automatic region detection using the EC2 Instance
+// Metadata Service when region is otherwise unspecified.
+func newAWSLogsClient(ctx logger.Context) (api, error) {
+	config := defaults.DefaultConfig
+	if ctx.Config[regionKey] != "" {
+		config = defaults.DefaultConfig.Merge(&aws.Config{
+			Region: aws.String(ctx.Config[regionKey]),
+		})
+	}
+	if config.Region == nil || *config.Region == "" {
+		logrus.Info("Trying to get region from EC2 Metadata")
+		ec2MetadataClient := newRegionFinder()
+		region, err := ec2MetadataClient.Region()
+		if err != nil {
+			logrus.WithFields(logrus.Fields{
+				"error": err,
+			}).Error("Could not get region from EC2 metadata, environment, or log option")
+			return nil, errors.New("Cannot determine region for awslogs driver")
+		}
+		config.Region = &region
+	}
+	logrus.WithFields(logrus.Fields{
+		"region": *config.Region,
+	}).Debug("Created awslogs client")
+	client := cloudwatchlogs.New(config)
+
+	client.Handlers.Build.PushBackNamed(request.NamedHandler{
+		Name: "DockerUserAgentHandler",
+		Fn: func(r *request.Request) {
+			currentAgent := r.HTTPRequest.Header.Get(userAgentHeader)
+			r.HTTPRequest.Header.Set(userAgentHeader,
+				fmt.Sprintf("Docker %s (%s) %s",
+					dockerversion.Version, runtime.GOOS, currentAgent))
+		},
+	})
+	return client, nil
+}
+
+// Name returns the name of the awslogs logging driver
+func (l *logStream) Name() string {
+	return name
+}
+
+// Log submits messages for logging by an instance of the awslogs logging driver
+func (l *logStream) Log(msg *logger.Message) error {
+	l.lock.RLock()
+	defer l.lock.RUnlock()
+	if !l.closed {
+		l.messages <- msg
+	}
+	return nil
+}
+
+// Close closes the instance of the awslogs logging driver
+func (l *logStream) Close() error {
+	l.lock.Lock()
+	defer l.lock.Unlock()
+	if !l.closed {
+		close(l.messages)
+	}
+	l.closed = true
+	return nil
+}
+
+// create creates a log stream for the instance of the awslogs logging driver
+func (l *logStream) create() error {
+	input := &cloudwatchlogs.CreateLogStreamInput{
+		LogGroupName:  aws.String(l.logGroupName),
+		LogStreamName: aws.String(l.logStreamName),
+	}
+
+	_, err := l.client.CreateLogStream(input)
+
+	if err != nil {
+		if awsErr, ok := err.(awserr.Error); ok {
+			fields := logrus.Fields{
+				"errorCode":     awsErr.Code(),
+				"message":       awsErr.Message(),
+				"origError":     awsErr.OrigErr(),
+				"logGroupName":  l.logGroupName,
+				"logStreamName": l.logStreamName,
+			}
+			if awsErr.Code() == resourceAlreadyExistsCode {
+				// Allow creation to succeed
+				logrus.WithFields(fields).Info("Log stream already exists")
+				return nil
+			}
+			logrus.WithFields(fields).Error("Failed to create log stream")
+		}
+	}
+	return err
+}
+
+// newTicker is used for time-based batching.  newTicker is a variable such
+// that the implementation can be swapped out for unit tests.
+var newTicker = func(freq time.Duration) *time.Ticker {
+	return time.NewTicker(freq)
+}
+
+// collectBatch executes as a goroutine to perform batching of log events for
+// submission to the log stream.  Batching is performed on time- and size-
+// bases.  Time-based batching occurs at a 5 second interval (defined in the
+// batchPublishFrequency const).  Size-based batching is performed on the
+// maximum number of events per batch (defined in maximumLogEventsPerPut) and
+// the maximum number of total bytes in a batch (defined in
+// maximumBytesPerPut).  Log messages are split by the maximum bytes per event
+// (defined in maximumBytesPerEvent).  There is a fixed per-event byte overhead
+// (defined in perEventBytes) which is accounted for in split- and batch-
+// calculations.
+func (l *logStream) collectBatch() {
+	timer := newTicker(batchPublishFrequency)
+	var events []*cloudwatchlogs.InputLogEvent
+	bytes := 0
+	for {
+		select {
+		case <-timer.C:
+			l.publishBatch(events)
+			events = events[:0]
+			bytes = 0
+		case msg, more := <-l.messages:
+			if !more {
+				l.publishBatch(events)
+				return
+			}
+			unprocessedLine := msg.Line
+			for len(unprocessedLine) > 0 {
+				// Split line length so it does not exceed the maximum
+				lineBytes := len(unprocessedLine)
+				if lineBytes > maximumBytesPerEvent {
+					lineBytes = maximumBytesPerEvent
+				}
+				line := unprocessedLine[:lineBytes]
+				unprocessedLine = unprocessedLine[lineBytes:]
+				if (len(events) >= maximumLogEventsPerPut) || (bytes+lineBytes+perEventBytes > maximumBytesPerPut) {
+					// Publish an existing batch if it's already over the maximum number of events or if adding this
+					// event would push it over the maximum number of total bytes.
+					l.publishBatch(events)
+					events = events[:0]
+					bytes = 0
+				}
+				events = append(events, &cloudwatchlogs.InputLogEvent{
+					Message:   aws.String(string(line)),
+					Timestamp: aws.Int64(msg.Timestamp.UnixNano() / int64(time.Millisecond)),
+				})
+				bytes += (lineBytes + perEventBytes)
+			}
+		}
+	}
+}
+
+// publishBatch calls PutLogEvents for a given set of InputLogEvents,
+// accounting for sequencing requirements (each request must reference the
+// sequence token returned by the previous request).
+func (l *logStream) publishBatch(events []*cloudwatchlogs.InputLogEvent) {
+	if len(events) == 0 {
+		return
+	}
+
+	sort.Sort(byTimestamp(events))
+
+	nextSequenceToken, err := l.putLogEvents(events, l.sequenceToken)
+
+	if err != nil {
+		if awsErr, ok := err.(awserr.Error); ok {
+			if awsErr.Code() == dataAlreadyAcceptedCode {
+				// already submitted, just grab the correct sequence token
+				parts := strings.Split(awsErr.Message(), " ")
+				nextSequenceToken = &parts[len(parts)-1]
+				logrus.WithFields(logrus.Fields{
+					"errorCode":     awsErr.Code(),
+					"message":       awsErr.Message(),
+					"logGroupName":  l.logGroupName,
+					"logStreamName": l.logStreamName,
+				}).Info("Data already accepted, ignoring error")
+				err = nil
+			} else if awsErr.Code() == invalidSequenceTokenCode {
+				// sequence code is bad, grab the correct one and retry
+				parts := strings.Split(awsErr.Message(), " ")
+				token := parts[len(parts)-1]
+				nextSequenceToken, err = l.putLogEvents(events, &token)
+			}
+		}
+	}
+	if err != nil {
+		logrus.Error(err)
+	} else {
+		l.sequenceToken = nextSequenceToken
+	}
+}
+
+// putLogEvents wraps the PutLogEvents API
+func (l *logStream) putLogEvents(events []*cloudwatchlogs.InputLogEvent, sequenceToken *string) (*string, error) {
+	input := &cloudwatchlogs.PutLogEventsInput{
+		LogEvents:     events,
+		SequenceToken: sequenceToken,
+		LogGroupName:  aws.String(l.logGroupName),
+		LogStreamName: aws.String(l.logStreamName),
+	}
+	resp, err := l.client.PutLogEvents(input)
+	if err != nil {
+		if awsErr, ok := err.(awserr.Error); ok {
+			logrus.WithFields(logrus.Fields{
+				"errorCode":     awsErr.Code(),
+				"message":       awsErr.Message(),
+				"origError":     awsErr.OrigErr(),
+				"logGroupName":  l.logGroupName,
+				"logStreamName": l.logStreamName,
+			}).Error("Failed to put log events")
+		}
+		return nil, err
+	}
+	return resp.NextSequenceToken, nil
+}
+
+// ValidateLogOpt looks for awslogs-specific log options awslogs-region,
+// awslogs-group, and awslogs-stream
+func ValidateLogOpt(cfg map[string]string) error {
+	for key := range cfg {
+		switch key {
+		case logGroupKey:
+		case logStreamKey:
+		case regionKey:
+		default:
+			return fmt.Errorf("unknown log opt '%s' for %s log driver", key, name)
+		}
+	}
+	if cfg[logGroupKey] == "" {
+		return fmt.Errorf("must specify a value for log opt '%s'", logGroupKey)
+	}
+	return nil
+}
+
+// Len returns the length of a byTimestamp slice.  Len is required by the
+// sort.Interface interface.
+func (slice byTimestamp) Len() int {
+	return len(slice)
+}
+
+// Less compares two values in a byTimestamp slice by Timestamp.  Less is
+// required by the sort.Interface interface.
+func (slice byTimestamp) Less(i, j int) bool {
+	iTimestamp, jTimestamp := int64(0), int64(0)
+	if slice != nil && slice[i].Timestamp != nil {
+		iTimestamp = *slice[i].Timestamp
+	}
+	if slice != nil && slice[j].Timestamp != nil {
+		jTimestamp = *slice[j].Timestamp
+	}
+	return iTimestamp < jTimestamp
+}
+
+// Swap swaps two values in a byTimestamp slice with each other.  Swap is
+// required by the sort.Interface interface.
+func (slice byTimestamp) Swap(i, j int) {
+	slice[i], slice[j] = slice[j], slice[i]
+}
diff --git a/daemon/logger/awslogs/cloudwatchlogs_test.go b/daemon/logger/awslogs/cloudwatchlogs_test.go
new file mode 100644
index 00000000..0c53407f
--- /dev/null
+++ b/daemon/logger/awslogs/cloudwatchlogs_test.go
@@ -0,0 +1,627 @@
+package awslogs
+
+import (
+	"errors"
+	"fmt"
+	"net/http"
+	"runtime"
+	"strings"
+	"testing"
+	"time"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/awserr"
+	"github.com/aws/aws-sdk-go/aws/request"
+	"github.com/aws/aws-sdk-go/service/cloudwatchlogs"
+	"github.com/docker/docker/daemon/logger"
+	"github.com/docker/docker/dockerversion"
+)
+
+const (
+	groupName         = "groupName"
+	streamName        = "streamName"
+	sequenceToken     = "sequenceToken"
+	nextSequenceToken = "nextSequenceToken"
+	logline           = "this is a log line"
+)
+
+func TestNewAWSLogsClientUserAgentHandler(t *testing.T) {
+	ctx := logger.Context{
+		Config: map[string]string{
+			regionKey: "us-east-1",
+		},
+	}
+
+	client, err := newAWSLogsClient(ctx)
+	if err != nil {
+		t.Fatal(err)
+	}
+	realClient, ok := client.(*cloudwatchlogs.CloudWatchLogs)
+	if !ok {
+		t.Fatal("Could not cast client to cloudwatchlogs.CloudWatchLogs")
+	}
+	buildHandlerList := realClient.Handlers.Build
+	request := &request.Request{
+		HTTPRequest: &http.Request{
+			Header: http.Header{},
+		},
+	}
+	buildHandlerList.Run(request)
+	expectedUserAgentString := fmt.Sprintf("Docker %s (%s) %s/%s",
+		dockerversion.Version, runtime.GOOS, aws.SDKName, aws.SDKVersion)
+	userAgent := request.HTTPRequest.Header.Get("User-Agent")
+	if userAgent != expectedUserAgentString {
+		t.Errorf("Wrong User-Agent string, expected \"%s\" but was \"%s\"",
+			expectedUserAgentString, userAgent)
+	}
+}
+
+func TestNewAWSLogsClientRegionDetect(t *testing.T) {
+	ctx := logger.Context{
+		Config: map[string]string{},
+	}
+
+	mockMetadata := newMockMetadataClient()
+	newRegionFinder = func() regionFinder {
+		return mockMetadata
+	}
+	mockMetadata.regionResult <- &regionResult{
+		successResult: "us-east-1",
+	}
+
+	_, err := newAWSLogsClient(ctx)
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestCreateSuccess(t *testing.T) {
+	mockClient := newMockClient()
+	stream := &logStream{
+		client:        mockClient,
+		logGroupName:  groupName,
+		logStreamName: streamName,
+	}
+	mockClient.createLogStreamResult <- &createLogStreamResult{}
+
+	err := stream.create()
+
+	if err != nil {
+		t.Errorf("Received unexpected err: %v\n", err)
+	}
+	argument := <-mockClient.createLogStreamArgument
+	if argument.LogGroupName == nil {
+		t.Fatal("Expected non-nil LogGroupName")
+	}
+	if *argument.LogGroupName != groupName {
+		t.Errorf("Expected LogGroupName to be %s", groupName)
+	}
+	if argument.LogStreamName == nil {
+		t.Fatal("Expected non-nil LogGroupName")
+	}
+	if *argument.LogStreamName != streamName {
+		t.Errorf("Expected LogStreamName to be %s", streamName)
+	}
+}
+
+func TestCreateError(t *testing.T) {
+	mockClient := newMockClient()
+	stream := &logStream{
+		client: mockClient,
+	}
+	mockClient.createLogStreamResult <- &createLogStreamResult{
+		errorResult: errors.New("Error!"),
+	}
+
+	err := stream.create()
+
+	if err == nil {
+		t.Fatal("Expected non-nil err")
+	}
+}
+
+func TestCreateAlreadyExists(t *testing.T) {
+	mockClient := newMockClient()
+	stream := &logStream{
+		client: mockClient,
+	}
+	mockClient.createLogStreamResult <- &createLogStreamResult{
+		errorResult: awserr.New(resourceAlreadyExistsCode, "", nil),
+	}
+
+	err := stream.create()
+
+	if err != nil {
+		t.Fatal("Expected nil err")
+	}
+}
+
+func TestPublishBatchSuccess(t *testing.T) {
+	mockClient := newMockClient()
+	stream := &logStream{
+		client:        mockClient,
+		logGroupName:  groupName,
+		logStreamName: streamName,
+		sequenceToken: aws.String(sequenceToken),
+	}
+	mockClient.putLogEventsResult <- &putLogEventsResult{
+		successResult: &cloudwatchlogs.PutLogEventsOutput{
+			NextSequenceToken: aws.String(nextSequenceToken),
+		},
+	}
+
+	events := []*cloudwatchlogs.InputLogEvent{
+		{
+			Message: aws.String(logline),
+		},
+	}
+
+	stream.publishBatch(events)
+	if stream.sequenceToken == nil {
+		t.Fatal("Expected non-nil sequenceToken")
+	}
+	if *stream.sequenceToken != nextSequenceToken {
+		t.Errorf("Expected sequenceToken to be %s, but was %s", nextSequenceToken, *stream.sequenceToken)
+	}
+	argument := <-mockClient.putLogEventsArgument
+	if argument == nil {
+		t.Fatal("Expected non-nil PutLogEventsInput")
+	}
+	if argument.SequenceToken == nil {
+		t.Fatal("Expected non-nil PutLogEventsInput.SequenceToken")
+	}
+	if *argument.SequenceToken != sequenceToken {
+		t.Errorf("Expected PutLogEventsInput.SequenceToken to be %s, but was %s", sequenceToken, *argument.SequenceToken)
+	}
+	if len(argument.LogEvents) != 1 {
+		t.Errorf("Expected LogEvents to contain 1 element, but contains %d", len(argument.LogEvents))
+	}
+	if argument.LogEvents[0] != events[0] {
+		t.Error("Expected event to equal input")
+	}
+}
+
+func TestPublishBatchError(t *testing.T) {
+	mockClient := newMockClient()
+	stream := &logStream{
+		client:        mockClient,
+		logGroupName:  groupName,
+		logStreamName: streamName,
+		sequenceToken: aws.String(sequenceToken),
+	}
+	mockClient.putLogEventsResult <- &putLogEventsResult{
+		errorResult: errors.New("Error!"),
+	}
+
+	events := []*cloudwatchlogs.InputLogEvent{
+		{
+			Message: aws.String(logline),
+		},
+	}
+
+	stream.publishBatch(events)
+	if stream.sequenceToken == nil {
+		t.Fatal("Expected non-nil sequenceToken")
+	}
+	if *stream.sequenceToken != sequenceToken {
+		t.Errorf("Expected sequenceToken to be %s, but was %s", sequenceToken, *stream.sequenceToken)
+	}
+}
+
+func TestPublishBatchInvalidSeqSuccess(t *testing.T) {
+	mockClient := newMockClientBuffered(2)
+	stream := &logStream{
+		client:        mockClient,
+		logGroupName:  groupName,
+		logStreamName: streamName,
+		sequenceToken: aws.String(sequenceToken),
+	}
+	mockClient.putLogEventsResult <- &putLogEventsResult{
+		errorResult: awserr.New(invalidSequenceTokenCode, "use token token", nil),
+	}
+	mockClient.putLogEventsResult <- &putLogEventsResult{
+		successResult: &cloudwatchlogs.PutLogEventsOutput{
+			NextSequenceToken: aws.String(nextSequenceToken),
+		},
+	}
+
+	events := []*cloudwatchlogs.InputLogEvent{
+		{
+			Message: aws.String(logline),
+		},
+	}
+
+	stream.publishBatch(events)
+	if stream.sequenceToken == nil {
+		t.Fatal("Expected non-nil sequenceToken")
+	}
+	if *stream.sequenceToken != nextSequenceToken {
+		t.Errorf("Expected sequenceToken to be %s, but was %s", nextSequenceToken, *stream.sequenceToken)
+	}
+
+	argument := <-mockClient.putLogEventsArgument
+	if argument == nil {
+		t.Fatal("Expected non-nil PutLogEventsInput")
+	}
+	if argument.SequenceToken == nil {
+		t.Fatal("Expected non-nil PutLogEventsInput.SequenceToken")
+	}
+	if *argument.SequenceToken != sequenceToken {
+		t.Errorf("Expected PutLogEventsInput.SequenceToken to be %s, but was %s", sequenceToken, *argument.SequenceToken)
+	}
+	if len(argument.LogEvents) != 1 {
+		t.Errorf("Expected LogEvents to contain 1 element, but contains %d", len(argument.LogEvents))
+	}
+	if argument.LogEvents[0] != events[0] {
+		t.Error("Expected event to equal input")
+	}
+
+	argument = <-mockClient.putLogEventsArgument
+	if argument == nil {
+		t.Fatal("Expected non-nil PutLogEventsInput")
+	}
+	if argument.SequenceToken == nil {
+		t.Fatal("Expected non-nil PutLogEventsInput.SequenceToken")
+	}
+	if *argument.SequenceToken != "token" {
+		t.Errorf("Expected PutLogEventsInput.SequenceToken to be %s, but was %s", "token", *argument.SequenceToken)
+	}
+	if len(argument.LogEvents) != 1 {
+		t.Errorf("Expected LogEvents to contain 1 element, but contains %d", len(argument.LogEvents))
+	}
+	if argument.LogEvents[0] != events[0] {
+		t.Error("Expected event to equal input")
+	}
+}
+
+func TestPublishBatchAlreadyAccepted(t *testing.T) {
+	mockClient := newMockClient()
+	stream := &logStream{
+		client:        mockClient,
+		logGroupName:  groupName,
+		logStreamName: streamName,
+		sequenceToken: aws.String(sequenceToken),
+	}
+	mockClient.putLogEventsResult <- &putLogEventsResult{
+		errorResult: awserr.New(dataAlreadyAcceptedCode, "use token token", nil),
+	}
+
+	events := []*cloudwatchlogs.InputLogEvent{
+		{
+			Message: aws.String(logline),
+		},
+	}
+
+	stream.publishBatch(events)
+	if stream.sequenceToken == nil {
+		t.Fatal("Expected non-nil sequenceToken")
+	}
+	if *stream.sequenceToken != "token" {
+		t.Errorf("Expected sequenceToken to be %s, but was %s", "token", *stream.sequenceToken)
+	}
+
+	argument := <-mockClient.putLogEventsArgument
+	if argument == nil {
+		t.Fatal("Expected non-nil PutLogEventsInput")
+	}
+	if argument.SequenceToken == nil {
+		t.Fatal("Expected non-nil PutLogEventsInput.SequenceToken")
+	}
+	if *argument.SequenceToken != sequenceToken {
+		t.Errorf("Expected PutLogEventsInput.SequenceToken to be %s, but was %s", sequenceToken, *argument.SequenceToken)
+	}
+	if len(argument.LogEvents) != 1 {
+		t.Errorf("Expected LogEvents to contain 1 element, but contains %d", len(argument.LogEvents))
+	}
+	if argument.LogEvents[0] != events[0] {
+		t.Error("Expected event to equal input")
+	}
+}
+
+func TestCollectBatchSimple(t *testing.T) {
+	mockClient := newMockClient()
+	stream := &logStream{
+		client:        mockClient,
+		logGroupName:  groupName,
+		logStreamName: streamName,
+		sequenceToken: aws.String(sequenceToken),
+		messages:      make(chan *logger.Message),
+	}
+	mockClient.putLogEventsResult <- &putLogEventsResult{
+		successResult: &cloudwatchlogs.PutLogEventsOutput{
+			NextSequenceToken: aws.String(nextSequenceToken),
+		},
+	}
+	ticks := make(chan time.Time)
+	newTicker = func(_ time.Duration) *time.Ticker {
+		return &time.Ticker{
+			C: ticks,
+		}
+	}
+
+	go stream.collectBatch()
+
+	stream.Log(&logger.Message{
+		Line:      []byte(logline),
+		Timestamp: time.Time{},
+	})
+
+	ticks <- time.Time{}
+	stream.Close()
+
+	argument := <-mockClient.putLogEventsArgument
+	if argument == nil {
+		t.Fatal("Expected non-nil PutLogEventsInput")
+	}
+	if len(argument.LogEvents) != 1 {
+		t.Errorf("Expected LogEvents to contain 1 element, but contains %d", len(argument.LogEvents))
+	}
+	if *argument.LogEvents[0].Message != logline {
+		t.Errorf("Expected message to be %s but was %s", logline, *argument.LogEvents[0].Message)
+	}
+}
+
+func TestCollectBatchTicker(t *testing.T) {
+	mockClient := newMockClient()
+	stream := &logStream{
+		client:        mockClient,
+		logGroupName:  groupName,
+		logStreamName: streamName,
+		sequenceToken: aws.String(sequenceToken),
+		messages:      make(chan *logger.Message),
+	}
+	mockClient.putLogEventsResult <- &putLogEventsResult{
+		successResult: &cloudwatchlogs.PutLogEventsOutput{
+			NextSequenceToken: aws.String(nextSequenceToken),
+		},
+	}
+	ticks := make(chan time.Time)
+	newTicker = func(_ time.Duration) *time.Ticker {
+		return &time.Ticker{
+			C: ticks,
+		}
+	}
+
+	go stream.collectBatch()
+
+	stream.Log(&logger.Message{
+		Line:      []byte(logline + " 1"),
+		Timestamp: time.Time{},
+	})
+	stream.Log(&logger.Message{
+		Line:      []byte(logline + " 2"),
+		Timestamp: time.Time{},
+	})
+
+	ticks <- time.Time{}
+
+	// Verify first batch
+	argument := <-mockClient.putLogEventsArgument
+	if argument == nil {
+		t.Fatal("Expected non-nil PutLogEventsInput")
+	}
+	if len(argument.LogEvents) != 2 {
+		t.Errorf("Expected LogEvents to contain 2 elements, but contains %d", len(argument.LogEvents))
+	}
+	if *argument.LogEvents[0].Message != logline+" 1" {
+		t.Errorf("Expected message to be %s but was %s", logline+" 1", *argument.LogEvents[0].Message)
+	}
+	if *argument.LogEvents[1].Message != logline+" 2" {
+		t.Errorf("Expected message to be %s but was %s", logline+" 2", *argument.LogEvents[0].Message)
+	}
+
+	stream.Log(&logger.Message{
+		Line:      []byte(logline + " 3"),
+		Timestamp: time.Time{},
+	})
+
+	ticks <- time.Time{}
+	argument = <-mockClient.putLogEventsArgument
+	if argument == nil {
+		t.Fatal("Expected non-nil PutLogEventsInput")
+	}
+	if len(argument.LogEvents) != 1 {
+		t.Errorf("Expected LogEvents to contain 1 elements, but contains %d", len(argument.LogEvents))
+	}
+	if *argument.LogEvents[0].Message != logline+" 3" {
+		t.Errorf("Expected message to be %s but was %s", logline+" 3", *argument.LogEvents[0].Message)
+	}
+
+	stream.Close()
+
+}
+
+func TestCollectBatchClose(t *testing.T) {
+	mockClient := newMockClient()
+	stream := &logStream{
+		client:        mockClient,
+		logGroupName:  groupName,
+		logStreamName: streamName,
+		sequenceToken: aws.String(sequenceToken),
+		messages:      make(chan *logger.Message),
+	}
+	mockClient.putLogEventsResult <- &putLogEventsResult{
+		successResult: &cloudwatchlogs.PutLogEventsOutput{
+			NextSequenceToken: aws.String(nextSequenceToken),
+		},
+	}
+	var ticks = make(chan time.Time)
+	newTicker = func(_ time.Duration) *time.Ticker {
+		return &time.Ticker{
+			C: ticks,
+		}
+	}
+
+	go stream.collectBatch()
+
+	stream.Log(&logger.Message{
+		Line:      []byte(logline),
+		Timestamp: time.Time{},
+	})
+
+	// no ticks
+	stream.Close()
+
+	argument := <-mockClient.putLogEventsArgument
+	if argument == nil {
+		t.Fatal("Expected non-nil PutLogEventsInput")
+	}
+	if len(argument.LogEvents) != 1 {
+		t.Errorf("Expected LogEvents to contain 1 element, but contains %d", len(argument.LogEvents))
+	}
+	if *argument.LogEvents[0].Message != logline {
+		t.Errorf("Expected message to be %s but was %s", logline, *argument.LogEvents[0].Message)
+	}
+}
+
+func TestCollectBatchLineSplit(t *testing.T) {
+	mockClient := newMockClient()
+	stream := &logStream{
+		client:        mockClient,
+		logGroupName:  groupName,
+		logStreamName: streamName,
+		sequenceToken: aws.String(sequenceToken),
+		messages:      make(chan *logger.Message),
+	}
+	mockClient.putLogEventsResult <- &putLogEventsResult{
+		successResult: &cloudwatchlogs.PutLogEventsOutput{
+			NextSequenceToken: aws.String(nextSequenceToken),
+		},
+	}
+	var ticks = make(chan time.Time)
+	newTicker = func(_ time.Duration) *time.Ticker {
+		return &time.Ticker{
+			C: ticks,
+		}
+	}
+
+	go stream.collectBatch()
+
+	longline := strings.Repeat("A", maximumBytesPerEvent)
+	stream.Log(&logger.Message{
+		Line:      []byte(longline + "B"),
+		Timestamp: time.Time{},
+	})
+
+	// no ticks
+	stream.Close()
+
+	argument := <-mockClient.putLogEventsArgument
+	if argument == nil {
+		t.Fatal("Expected non-nil PutLogEventsInput")
+	}
+	if len(argument.LogEvents) != 2 {
+		t.Errorf("Expected LogEvents to contain 2 elements, but contains %d", len(argument.LogEvents))
+	}
+	if *argument.LogEvents[0].Message != longline {
+		t.Errorf("Expected message to be %s but was %s", longline, *argument.LogEvents[0].Message)
+	}
+	if *argument.LogEvents[1].Message != "B" {
+		t.Errorf("Expected message to be %s but was %s", "B", *argument.LogEvents[1].Message)
+	}
+}
+
+func TestCollectBatchMaxEvents(t *testing.T) {
+	mockClient := newMockClientBuffered(1)
+	stream := &logStream{
+		client:        mockClient,
+		logGroupName:  groupName,
+		logStreamName: streamName,
+		sequenceToken: aws.String(sequenceToken),
+		messages:      make(chan *logger.Message),
+	}
+	mockClient.putLogEventsResult <- &putLogEventsResult{
+		successResult: &cloudwatchlogs.PutLogEventsOutput{
+			NextSequenceToken: aws.String(nextSequenceToken),
+		},
+	}
+	var ticks = make(chan time.Time)
+	newTicker = func(_ time.Duration) *time.Ticker {
+		return &time.Ticker{
+			C: ticks,
+		}
+	}
+
+	go stream.collectBatch()
+
+	line := "A"
+	for i := 0; i <= maximumLogEventsPerPut; i++ {
+		stream.Log(&logger.Message{
+			Line:      []byte(line),
+			Timestamp: time.Time{},
+		})
+	}
+
+	// no ticks
+	stream.Close()
+
+	argument := <-mockClient.putLogEventsArgument
+	if argument == nil {
+		t.Fatal("Expected non-nil PutLogEventsInput")
+	}
+	if len(argument.LogEvents) != maximumLogEventsPerPut {
+		t.Errorf("Expected LogEvents to contain %d elements, but contains %d", maximumLogEventsPerPut, len(argument.LogEvents))
+	}
+
+	argument = <-mockClient.putLogEventsArgument
+	if argument == nil {
+		t.Fatal("Expected non-nil PutLogEventsInput")
+	}
+	if len(argument.LogEvents) != 1 {
+		t.Errorf("Expected LogEvents to contain %d elements, but contains %d", 1, len(argument.LogEvents))
+	}
+}
+
+func TestCollectBatchMaxTotalBytes(t *testing.T) {
+	mockClient := newMockClientBuffered(1)
+	stream := &logStream{
+		client:        mockClient,
+		logGroupName:  groupName,
+		logStreamName: streamName,
+		sequenceToken: aws.String(sequenceToken),
+		messages:      make(chan *logger.Message),
+	}
+	mockClient.putLogEventsResult <- &putLogEventsResult{
+		successResult: &cloudwatchlogs.PutLogEventsOutput{
+			NextSequenceToken: aws.String(nextSequenceToken),
+		},
+	}
+	var ticks = make(chan time.Time)
+	newTicker = func(_ time.Duration) *time.Ticker {
+		return &time.Ticker{
+			C: ticks,
+		}
+	}
+
+	go stream.collectBatch()
+
+	longline := strings.Repeat("A", maximumBytesPerPut)
+	stream.Log(&logger.Message{
+		Line:      []byte(longline + "B"),
+		Timestamp: time.Time{},
+	})
+
+	// no ticks
+	stream.Close()
+
+	argument := <-mockClient.putLogEventsArgument
+	if argument == nil {
+		t.Fatal("Expected non-nil PutLogEventsInput")
+	}
+	bytes := 0
+	for _, event := range argument.LogEvents {
+		bytes += len(*event.Message)
+	}
+	if bytes > maximumBytesPerPut {
+		t.Errorf("Expected <= %d bytes but was %d", maximumBytesPerPut, bytes)
+	}
+
+	argument = <-mockClient.putLogEventsArgument
+	if len(argument.LogEvents) != 1 {
+		t.Errorf("Expected LogEvents to contain 1 elements, but contains %d", len(argument.LogEvents))
+	}
+	message := *argument.LogEvents[0].Message
+	if message[len(message)-1:] != "B" {
+		t.Errorf("Expected message to be %s but was %s", "B", message[len(message)-1:])
+	}
+}
diff --git a/daemon/logger/awslogs/cwlogsiface_mock_test.go b/daemon/logger/awslogs/cwlogsiface_mock_test.go
new file mode 100644
index 00000000..bfe6d74f
--- /dev/null
+++ b/daemon/logger/awslogs/cwlogsiface_mock_test.go
@@ -0,0 +1,76 @@
+package awslogs
+
+import "github.com/aws/aws-sdk-go/service/cloudwatchlogs"
+
+type mockcwlogsclient struct {
+	createLogStreamArgument chan *cloudwatchlogs.CreateLogStreamInput
+	createLogStreamResult   chan *createLogStreamResult
+	putLogEventsArgument    chan *cloudwatchlogs.PutLogEventsInput
+	putLogEventsResult      chan *putLogEventsResult
+}
+
+type createLogStreamResult struct {
+	successResult *cloudwatchlogs.CreateLogStreamOutput
+	errorResult   error
+}
+
+type putLogEventsResult struct {
+	successResult *cloudwatchlogs.PutLogEventsOutput
+	errorResult   error
+}
+
+func newMockClient() *mockcwlogsclient {
+	return &mockcwlogsclient{
+		createLogStreamArgument: make(chan *cloudwatchlogs.CreateLogStreamInput, 1),
+		createLogStreamResult:   make(chan *createLogStreamResult, 1),
+		putLogEventsArgument:    make(chan *cloudwatchlogs.PutLogEventsInput, 1),
+		putLogEventsResult:      make(chan *putLogEventsResult, 1),
+	}
+}
+
+func newMockClientBuffered(buflen int) *mockcwlogsclient {
+	return &mockcwlogsclient{
+		createLogStreamArgument: make(chan *cloudwatchlogs.CreateLogStreamInput, buflen),
+		createLogStreamResult:   make(chan *createLogStreamResult, buflen),
+		putLogEventsArgument:    make(chan *cloudwatchlogs.PutLogEventsInput, buflen),
+		putLogEventsResult:      make(chan *putLogEventsResult, buflen),
+	}
+}
+
+func (m *mockcwlogsclient) CreateLogStream(input *cloudwatchlogs.CreateLogStreamInput) (*cloudwatchlogs.CreateLogStreamOutput, error) {
+	m.createLogStreamArgument <- input
+	output := <-m.createLogStreamResult
+	return output.successResult, output.errorResult
+}
+
+func (m *mockcwlogsclient) PutLogEvents(input *cloudwatchlogs.PutLogEventsInput) (*cloudwatchlogs.PutLogEventsOutput, error) {
+	m.putLogEventsArgument <- input
+	output := <-m.putLogEventsResult
+	return output.successResult, output.errorResult
+}
+
+type mockmetadataclient struct {
+	regionResult chan *regionResult
+}
+
+type regionResult struct {
+	successResult string
+	errorResult   error
+}
+
+func newMockMetadataClient() *mockmetadataclient {
+	return &mockmetadataclient{
+		regionResult: make(chan *regionResult, 1),
+	}
+}
+
+func (m *mockmetadataclient) Region() (string, error) {
+	output := <-m.regionResult
+	return output.successResult, output.errorResult
+}
+
+func test() {
+	_ = &logStream{
+		client: newMockClient(),
+	}
+}
diff --git a/daemon/logger/context.go b/daemon/logger/context.go
new file mode 100644
index 00000000..eb54c311
--- /dev/null
+++ b/daemon/logger/context.go
@@ -0,0 +1,112 @@
+package logger
+
+import (
+	"fmt"
+	"os"
+	"strings"
+	"time"
+)
+
+// Context provides enough information for a logging driver to do its function.
+type Context struct {
+	Config              map[string]string
+	ContainerID         string
+	ContainerName       string
+	ContainerEntrypoint string
+	ContainerArgs       []string
+	ContainerImageID    string
+	ContainerImageName  string
+	ContainerCreated    time.Time
+	ContainerEnv        []string
+	ContainerLabels     map[string]string
+	LogPath             string
+}
+
+// ExtraAttributes returns the user-defined extra attributes (labels,
+// environment variables) in key-value format. This can be used by log drivers
+// that support metadata to add more context to a log.
+func (ctx *Context) ExtraAttributes(keyMod func(string) string) map[string]string {
+	extra := make(map[string]string)
+	labels, ok := ctx.Config["labels"]
+	if ok && len(labels) > 0 {
+		for _, l := range strings.Split(labels, ",") {
+			if v, ok := ctx.ContainerLabels[l]; ok {
+				if keyMod != nil {
+					l = keyMod(l)
+				}
+				extra[l] = v
+			}
+		}
+	}
+
+	env, ok := ctx.Config["env"]
+	if ok && len(env) > 0 {
+		envMapping := make(map[string]string)
+		for _, e := range ctx.ContainerEnv {
+			if kv := strings.SplitN(e, "=", 2); len(kv) == 2 {
+				envMapping[kv[0]] = kv[1]
+			}
+		}
+		for _, l := range strings.Split(env, ",") {
+			if v, ok := envMapping[l]; ok {
+				if keyMod != nil {
+					l = keyMod(l)
+				}
+				extra[l] = v
+			}
+		}
+	}
+
+	return extra
+}
+
+// Hostname returns the hostname from the underlying OS.
+func (ctx *Context) Hostname() (string, error) {
+	hostname, err := os.Hostname()
+	if err != nil {
+		return "", fmt.Errorf("logger: can not resolve hostname: %v", err)
+	}
+	return hostname, nil
+}
+
+// Command returns the command that the container being logged was
+// started with. The Entrypoint is prepended to the container
+// arguments.
+func (ctx *Context) Command() string {
+	terms := []string{ctx.ContainerEntrypoint}
+	for _, arg := range ctx.ContainerArgs {
+		terms = append(terms, arg)
+	}
+	command := strings.Join(terms, " ")
+	return command
+}
+
+// ID Returns the Container ID shortened to 12 characters.
+func (ctx *Context) ID() string {
+	return ctx.ContainerID[:12]
+}
+
+// FullID is an alias of ContainerID.
+func (ctx *Context) FullID() string {
+	return ctx.ContainerID
+}
+
+// Name returns the ContainerName without a preceding '/'.
+func (ctx *Context) Name() string {
+	return ctx.ContainerName[1:]
+}
+
+// ImageID returns the ContainerImageID shortened to 12 characters.
+func (ctx *Context) ImageID() string {
+	return ctx.ContainerImageID[:12]
+}
+
+// ImageFullID is an alias of ContainerImageID.
+func (ctx *Context) ImageFullID() string {
+	return ctx.ContainerImageID
+}
+
+// ImageName is an alias of ContainerImageName
+func (ctx *Context) ImageName() string {
+	return ctx.ContainerImageName
+}
diff --git a/daemon/logger/copier.go b/daemon/logger/copier.go
new file mode 100644
index 00000000..436c0a8f
--- /dev/null
+++ b/daemon/logger/copier.go
@@ -0,0 +1,86 @@
+package logger
+
+import (
+	"bufio"
+	"bytes"
+	"io"
+	"sync"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+)
+
+// Copier can copy logs from specified sources to Logger and attach
+// ContainerID and Timestamp.
+// Writes are concurrent, so you need implement some sync in your logger
+type Copier struct {
+	// cid is the container id for which we are copying logs
+	cid string
+	// srcs is map of name -> reader pairs, for example "stdout", "stderr"
+	srcs     map[string]io.Reader
+	dst      Logger
+	copyJobs sync.WaitGroup
+	closed   chan struct{}
+}
+
+// NewCopier creates a new Copier
+func NewCopier(cid string, srcs map[string]io.Reader, dst Logger) *Copier {
+	return &Copier{
+		cid:    cid,
+		srcs:   srcs,
+		dst:    dst,
+		closed: make(chan struct{}),
+	}
+}
+
+// Run starts logs copying
+func (c *Copier) Run() {
+	for src, w := range c.srcs {
+		c.copyJobs.Add(1)
+		go c.copySrc(src, w)
+	}
+}
+
+func (c *Copier) copySrc(name string, src io.Reader) {
+	defer c.copyJobs.Done()
+	reader := bufio.NewReader(src)
+
+	for {
+		select {
+		case <-c.closed:
+			return
+		default:
+			line, err := reader.ReadBytes('\n')
+			line = bytes.TrimSuffix(line, []byte{'\n'})
+
+			// ReadBytes can return full or partial output even when it failed.
+			// e.g. it can return a full entry and EOF.
+			if err == nil || len(line) > 0 {
+				if logErr := c.dst.Log(&Message{ContainerID: c.cid, Line: line, Source: name, Timestamp: time.Now().UTC()}); logErr != nil {
+					logrus.Errorf("Failed to log msg %q for logger %s: %s", line, c.dst.Name(), logErr)
+				}
+			}
+
+			if err != nil {
+				if err != io.EOF {
+					logrus.Errorf("Error scanning log stream: %s", err)
+				}
+				return
+			}
+		}
+	}
+}
+
+// Wait waits until all copying is done
+func (c *Copier) Wait() {
+	c.copyJobs.Wait()
+}
+
+// Close closes the copier
+func (c *Copier) Close() {
+	select {
+	case <-c.closed:
+	default:
+		close(c.closed)
+	}
+}
diff --git a/daemon/logger/copier_test.go b/daemon/logger/copier_test.go
new file mode 100644
index 00000000..30239f06
--- /dev/null
+++ b/daemon/logger/copier_test.go
@@ -0,0 +1,132 @@
+package logger
+
+import (
+	"bytes"
+	"encoding/json"
+	"io"
+	"testing"
+	"time"
+)
+
+type TestLoggerJSON struct {
+	*json.Encoder
+	delay time.Duration
+}
+
+func (l *TestLoggerJSON) Log(m *Message) error {
+	if l.delay > 0 {
+		time.Sleep(l.delay)
+	}
+	return l.Encode(m)
+}
+
+func (l *TestLoggerJSON) Close() error { return nil }
+
+func (l *TestLoggerJSON) Name() string { return "json" }
+
+type TestLoggerText struct {
+	*bytes.Buffer
+}
+
+func (l *TestLoggerText) Log(m *Message) error {
+	_, err := l.WriteString(m.ContainerID + " " + m.Source + " " + string(m.Line) + "\n")
+	return err
+}
+
+func (l *TestLoggerText) Close() error { return nil }
+
+func (l *TestLoggerText) Name() string { return "text" }
+
+func TestCopier(t *testing.T) {
+	stdoutLine := "Line that thinks that it is log line from docker stdout"
+	stderrLine := "Line that thinks that it is log line from docker stderr"
+	var stdout bytes.Buffer
+	var stderr bytes.Buffer
+	for i := 0; i < 30; i++ {
+		if _, err := stdout.WriteString(stdoutLine + "\n"); err != nil {
+			t.Fatal(err)
+		}
+		if _, err := stderr.WriteString(stderrLine + "\n"); err != nil {
+			t.Fatal(err)
+		}
+	}
+
+	var jsonBuf bytes.Buffer
+
+	jsonLog := &TestLoggerJSON{Encoder: json.NewEncoder(&jsonBuf)}
+
+	cid := "a7317399f3f857173c6179d44823594f8294678dea9999662e5c625b5a1c7657"
+	c := NewCopier(cid,
+		map[string]io.Reader{
+			"stdout": &stdout,
+			"stderr": &stderr,
+		},
+		jsonLog)
+	c.Run()
+	wait := make(chan struct{})
+	go func() {
+		c.Wait()
+		close(wait)
+	}()
+	select {
+	case <-time.After(1 * time.Second):
+		t.Fatal("Copier failed to do its work in 1 second")
+	case <-wait:
+	}
+	dec := json.NewDecoder(&jsonBuf)
+	for {
+		var msg Message
+		if err := dec.Decode(&msg); err != nil {
+			if err == io.EOF {
+				break
+			}
+			t.Fatal(err)
+		}
+		if msg.Source != "stdout" && msg.Source != "stderr" {
+			t.Fatalf("Wrong Source: %q, should be %q or %q", msg.Source, "stdout", "stderr")
+		}
+		if msg.ContainerID != cid {
+			t.Fatalf("Wrong ContainerID: %q, expected %q", msg.ContainerID, cid)
+		}
+		if msg.Source == "stdout" {
+			if string(msg.Line) != stdoutLine {
+				t.Fatalf("Wrong Line: %q, expected %q", msg.Line, stdoutLine)
+			}
+		}
+		if msg.Source == "stderr" {
+			if string(msg.Line) != stderrLine {
+				t.Fatalf("Wrong Line: %q, expected %q", msg.Line, stderrLine)
+			}
+		}
+	}
+}
+
+func TestCopierSlow(t *testing.T) {
+	stdoutLine := "Line that thinks that it is log line from docker stdout"
+	var stdout bytes.Buffer
+	for i := 0; i < 30; i++ {
+		if _, err := stdout.WriteString(stdoutLine + "\n"); err != nil {
+			t.Fatal(err)
+		}
+	}
+
+	var jsonBuf bytes.Buffer
+	//encoder := &encodeCloser{Encoder: json.NewEncoder(&jsonBuf)}
+	jsonLog := &TestLoggerJSON{Encoder: json.NewEncoder(&jsonBuf), delay: 100 * time.Millisecond}
+
+	cid := "a7317399f3f857173c6179d44823594f8294678dea9999662e5c625b5a1c7657"
+	c := NewCopier(cid, map[string]io.Reader{"stdout": &stdout}, jsonLog)
+	c.Run()
+	wait := make(chan struct{})
+	go func() {
+		c.Wait()
+		close(wait)
+	}()
+	<-time.After(150 * time.Millisecond)
+	c.Close()
+	select {
+	case <-time.After(200 * time.Millisecond):
+		t.Fatalf("failed to exit in time after the copier is closed")
+	case <-wait:
+	}
+}
diff --git a/daemon/logger/etwlogs/etwlogs_windows.go b/daemon/logger/etwlogs/etwlogs_windows.go
new file mode 100644
index 00000000..de128a2e
--- /dev/null
+++ b/daemon/logger/etwlogs/etwlogs_windows.go
@@ -0,0 +1,183 @@
+// Package etwlogs provides a log driver for forwarding container logs
+// as ETW events.(ETW stands for Event Tracing for Windows)
+// A client can then create an ETW listener to listen for events that are sent
+// by the ETW provider that we register, using the provider's GUID "a3693192-9ed6-46d2-a981-f8226c8363bd".
+// Here is an example of how to do this using the logman utility:
+// 1. logman start -ets DockerContainerLogs -p {a3693192-9ed6-46d2-a981-f8226c8363bd} 0 0 -o trace.etl
+// 2. Run container(s) and generate log messages
+// 3. logman stop -ets DockerContainerLogs
+// 4. You can then convert the etl log file to XML using: tracerpt -y trace.etl
+//
+// Each container log message generates a ETW event that also contains:
+// the container name and ID, the timestamp, and the stream type.
+package etwlogs
+
+import (
+	"errors"
+	"fmt"
+	"sync"
+	"syscall"
+	"unsafe"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/daemon/logger"
+)
+
+type etwLogs struct {
+	containerName string
+	imageName     string
+	containerID   string
+	imageID       string
+}
+
+const (
+	name             = "etwlogs"
+	win32CallSuccess = 0
+)
+
+var win32Lib *syscall.DLL
+var providerHandle syscall.Handle
+var refCount int
+var mu sync.Mutex
+
+func init() {
+	providerHandle = syscall.InvalidHandle
+	if err := logger.RegisterLogDriver(name, New); err != nil {
+		logrus.Fatal(err)
+	}
+}
+
+// New creates a new etwLogs logger for the given container and registers the EWT provider.
+func New(ctx logger.Context) (logger.Logger, error) {
+	if err := registerETWProvider(); err != nil {
+		return nil, err
+	}
+	logrus.Debugf("logging driver etwLogs configured for container: %s.", ctx.ContainerID)
+
+	return &etwLogs{
+		containerName: fixContainerName(ctx.ContainerName),
+		imageName:     ctx.ContainerImageName,
+		containerID:   ctx.ContainerID,
+		imageID:       ctx.ContainerImageID,
+	}, nil
+}
+
+// Log logs the message to the ETW stream.
+func (etwLogger *etwLogs) Log(msg *logger.Message) error {
+	if providerHandle == syscall.InvalidHandle {
+		// This should never be hit, if it is, it indicates a programming error.
+		errorMessage := "ETWLogs cannot log the message, because the event provider has not been registered."
+		logrus.Error(errorMessage)
+		return errors.New(errorMessage)
+	}
+	return callEventWriteString(createLogMessage(etwLogger, msg))
+}
+
+// Close closes the logger by unregistering the ETW provider.
+func (etwLogger *etwLogs) Close() error {
+	unregisterETWProvider()
+	return nil
+}
+
+func (etwLogger *etwLogs) Name() string {
+	return name
+}
+
+func createLogMessage(etwLogger *etwLogs, msg *logger.Message) string {
+	return fmt.Sprintf("container_name: %s, image_name: %s, container_id: %s, image_id: %s, source: %s, log: %s",
+		etwLogger.containerName,
+		etwLogger.imageName,
+		etwLogger.containerID,
+		etwLogger.imageID,
+		msg.Source,
+		msg.Line)
+}
+
+// fixContainerName removes the initial '/' from the container name.
+func fixContainerName(cntName string) string {
+	if len(cntName) > 0 && cntName[0] == '/' {
+		cntName = cntName[1:]
+	}
+	return cntName
+}
+
+func registerETWProvider() error {
+	mu.Lock()
+	defer mu.Unlock()
+	if refCount == 0 {
+		var err error
+		if win32Lib, err = syscall.LoadDLL("Advapi32.dll"); err != nil {
+			return err
+		}
+		if err = callEventRegister(); err != nil {
+			win32Lib.Release()
+			win32Lib = nil
+			return err
+		}
+	}
+
+	refCount++
+	return nil
+}
+
+func unregisterETWProvider() {
+	mu.Lock()
+	defer mu.Unlock()
+	if refCount == 1 {
+		if callEventUnregister() {
+			refCount--
+			providerHandle = syscall.InvalidHandle
+			win32Lib.Release()
+			win32Lib = nil
+		}
+		// Not returning an error if EventUnregister fails, because etwLogs will continue to work
+	} else {
+		refCount--
+	}
+}
+
+func callEventRegister() error {
+	proc, err := win32Lib.FindProc("EventRegister")
+	if err != nil {
+		return err
+	}
+	// The provider's GUID is {a3693192-9ed6-46d2-a981-f8226c8363bd}
+	guid := syscall.GUID{
+		0xa3693192, 0x9ed6, 0x46d2,
+		[8]byte{0xa9, 0x81, 0xf8, 0x22, 0x6c, 0x83, 0x63, 0xbd},
+	}
+
+	ret, _, _ := proc.Call(uintptr(unsafe.Pointer(&guid)), 0, 0, uintptr(unsafe.Pointer(&providerHandle)))
+	if ret != win32CallSuccess {
+		errorMessage := fmt.Sprintf("Failed to register ETW provider. Error: %d", ret)
+		logrus.Error(errorMessage)
+		return errors.New(errorMessage)
+	}
+	return nil
+}
+
+func callEventWriteString(message string) error {
+	proc, err := win32Lib.FindProc("EventWriteString")
+	if err != nil {
+		return err
+	}
+	ret, _, _ := proc.Call(uintptr(providerHandle), 0, 0, uintptr(unsafe.Pointer(syscall.StringToUTF16Ptr(message))))
+	if ret != win32CallSuccess {
+		errorMessage := fmt.Sprintf("ETWLogs provider failed to log message. Error: %d", ret)
+		logrus.Error(errorMessage)
+		return errors.New(errorMessage)
+	}
+	return nil
+}
+
+func callEventUnregister() bool {
+	proc, err := win32Lib.FindProc("EventUnregister")
+	if err != nil {
+		return false
+	}
+	ret, _, _ := proc.Call(uintptr(providerHandle))
+	if ret != win32CallSuccess {
+		return false
+	}
+	return true
+}
diff --git a/daemon/logger/factory.go b/daemon/logger/factory.go
new file mode 100644
index 00000000..5ec0f673
--- /dev/null
+++ b/daemon/logger/factory.go
@@ -0,0 +1,89 @@
+package logger
+
+import (
+	"fmt"
+	"sync"
+)
+
+// Creator builds a logging driver instance with given context.
+type Creator func(Context) (Logger, error)
+
+// LogOptValidator checks the options specific to the underlying
+// logging implementation.
+type LogOptValidator func(cfg map[string]string) error
+
+type logdriverFactory struct {
+	registry     map[string]Creator
+	optValidator map[string]LogOptValidator
+	m            sync.Mutex
+}
+
+func (lf *logdriverFactory) register(name string, c Creator) error {
+	lf.m.Lock()
+	defer lf.m.Unlock()
+
+	if _, ok := lf.registry[name]; ok {
+		return fmt.Errorf("logger: log driver named '%s' is already registered", name)
+	}
+	lf.registry[name] = c
+	return nil
+}
+
+func (lf *logdriverFactory) registerLogOptValidator(name string, l LogOptValidator) error {
+	lf.m.Lock()
+	defer lf.m.Unlock()
+
+	if _, ok := lf.optValidator[name]; ok {
+		return fmt.Errorf("logger: log validator named '%s' is already registered", name)
+	}
+	lf.optValidator[name] = l
+	return nil
+}
+
+func (lf *logdriverFactory) get(name string) (Creator, error) {
+	lf.m.Lock()
+	defer lf.m.Unlock()
+
+	c, ok := lf.registry[name]
+	if !ok {
+		return c, fmt.Errorf("logger: no log driver named '%s' is registered", name)
+	}
+	return c, nil
+}
+
+func (lf *logdriverFactory) getLogOptValidator(name string) LogOptValidator {
+	lf.m.Lock()
+	defer lf.m.Unlock()
+
+	c, _ := lf.optValidator[name]
+	return c
+}
+
+var factory = &logdriverFactory{registry: make(map[string]Creator), optValidator: make(map[string]LogOptValidator)} // global factory instance
+
+// RegisterLogDriver registers the given logging driver builder with given logging
+// driver name.
+func RegisterLogDriver(name string, c Creator) error {
+	return factory.register(name, c)
+}
+
+// RegisterLogOptValidator registers the logging option validator with
+// the given logging driver name.
+func RegisterLogOptValidator(name string, l LogOptValidator) error {
+	return factory.registerLogOptValidator(name, l)
+}
+
+// GetLogDriver provides the logging driver builder for a logging driver name.
+func GetLogDriver(name string) (Creator, error) {
+	return factory.get(name)
+}
+
+// ValidateLogOpts checks the options for the given log driver. The
+// options supported are specific to the LogDriver implementation.
+func ValidateLogOpts(name string, cfg map[string]string) error {
+	l := factory.getLogOptValidator(name)
+	if l != nil {
+		return l(cfg)
+	}
+	return nil
+}
diff --git a/daemon/logger/fluentd/fluentd.go b/daemon/logger/fluentd/fluentd.go
new file mode 100644
index 00000000..d8615ba0
--- /dev/null
+++ b/daemon/logger/fluentd/fluentd.go
@@ -0,0 +1,201 @@
+// Package fluentd provides the log driver for forwarding server logs
+// to fluentd endpoints.
+package fluentd
+
+import (
+	"fmt"
+	"math"
+	"net"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/daemon/logger"
+	"github.com/docker/docker/daemon/logger/loggerutils"
+	"github.com/docker/go-units"
+	"github.com/fluent/fluent-logger-golang/fluent"
+)
+
+type fluentd struct {
+	tag           string
+	containerID   string
+	containerName string
+	writer        *fluent.Fluent
+	extra         map[string]string
+}
+
+const (
+	name = "fluentd"
+
+	defaultHost        = "127.0.0.1"
+	defaultPort        = 24224
+	defaultBufferLimit = 1024 * 1024
+	defaultTagPrefix   = "docker"
+
+	// logger tries to reconnect 2**32 - 1 times
+	// failed (and panic) after 204 years [ 1.5 ** (2**32 - 1) - 1 seconds]
+	defaultRetryWait              = 1000
+	defaultTimeout                = 3 * time.Second
+	defaultMaxRetries             = math.MaxInt32
+	defaultReconnectWaitIncreRate = 1.5
+
+	addressKey      = "fluentd-address"
+	bufferLimitKey  = "fluentd-buffer-limit"
+	retryWaitKey    = "fluentd-retry-wait"
+	maxRetriesKey   = "fluentd-max-retries"
+	asyncConnectKey = "fluentd-async-connect"
+)
+
+func init() {
+	if err := logger.RegisterLogDriver(name, New); err != nil {
+		logrus.Fatal(err)
+	}
+	if err := logger.RegisterLogOptValidator(name, ValidateLogOpt); err != nil {
+		logrus.Fatal(err)
+	}
+}
+
+// New creates a fluentd logger using the configuration passed in on
+// the context. Supported context configuration variables are
+// fluentd-address & fluentd-tag.
+func New(ctx logger.Context) (logger.Logger, error) {
+	host, port, err := parseAddress(ctx.Config[addressKey])
+	if err != nil {
+		return nil, err
+	}
+
+	tag, err := loggerutils.ParseLogTag(ctx, "docker.{{.ID}}")
+	if err != nil {
+		return nil, err
+	}
+
+	extra := ctx.ExtraAttributes(nil)
+
+	bufferLimit := defaultBufferLimit
+	if ctx.Config[bufferLimitKey] != "" {
+		bl64, err := units.RAMInBytes(ctx.Config[bufferLimitKey])
+		if err != nil {
+			return nil, err
+		}
+		bufferLimit = int(bl64)
+	}
+
+	retryWait := defaultRetryWait
+	if ctx.Config[retryWaitKey] != "" {
+		rwd, err := time.ParseDuration(ctx.Config[retryWaitKey])
+		if err != nil {
+			return nil, err
+		}
+		retryWait = int(rwd.Seconds() * 1000)
+	}
+
+	maxRetries := defaultMaxRetries
+	if ctx.Config[maxRetriesKey] != "" {
+		mr64, err := strconv.ParseUint(ctx.Config[maxRetriesKey], 10, strconv.IntSize)
+		if err != nil {
+			return nil, err
+		}
+		maxRetries = int(mr64)
+	}
+
+	asyncConnect := false
+	if ctx.Config[asyncConnectKey] != "" {
+		if asyncConnect, err = strconv.ParseBool(ctx.Config[asyncConnectKey]); err != nil {
+			return nil, err
+		}
+	}
+
+	fluentConfig := fluent.Config{
+		FluentPort:   port,
+		FluentHost:   host,
+		BufferLimit:  bufferLimit,
+		RetryWait:    retryWait,
+		MaxRetry:     maxRetries,
+		AsyncConnect: asyncConnect,
+	}
+
+	logrus.WithField("container", ctx.ContainerID).WithField("config", fluentConfig).
+		Debug("logging driver fluentd configured")
+
+	log, err := fluent.New(fluentConfig)
+	if err != nil {
+		return nil, err
+	}
+	return &fluentd{
+		tag:           tag,
+		containerID:   ctx.ContainerID,
+		containerName: ctx.ContainerName,
+		writer:        log,
+		extra:         extra,
+	}, nil
+}
+
+func (f *fluentd) Log(msg *logger.Message) error {
+	data := map[string]string{
+		"container_id":   f.containerID,
+		"container_name": f.containerName,
+		"source":         msg.Source,
+		"log":            string(msg.Line),
+	}
+	for k, v := range f.extra {
+		data[k] = v
+	}
+	// fluent-logger-golang buffers logs from failures and disconnections,
+	// and these are transferred again automatically.
+	return f.writer.PostWithTime(f.tag, msg.Timestamp, data)
+}
+
+func (f *fluentd) Close() error {
+	return f.writer.Close()
+}
+
+func (f *fluentd) Name() string {
+	return name
+}
+
+// ValidateLogOpt looks for fluentd specific log options fluentd-address & fluentd-tag.
+func ValidateLogOpt(cfg map[string]string) error {
+	for key := range cfg {
+		switch key {
+		case "env":
+		case "fluentd-tag":
+		case "labels":
+		case "tag":
+		case addressKey:
+		case bufferLimitKey:
+		case retryWaitKey:
+		case maxRetriesKey:
+		case asyncConnectKey:
+			// Accepted
+		default:
+			return fmt.Errorf("unknown log opt '%s' for fluentd log driver", key)
+		}
+	}
+
+	if _, _, err := parseAddress(cfg["fluentd-address"]); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func parseAddress(address string) (string, int, error) {
+	if address == "" {
+		return defaultHost, defaultPort, nil
+	}
+
+	host, port, err := net.SplitHostPort(address)
+	if err != nil {
+		if !strings.Contains(err.Error(), "missing port in address") {
+			return "", 0, fmt.Errorf("invalid fluentd-address %s: %s", address, err)
+		}
+		return host, defaultPort, nil
+	}
+
+	portnum, err := strconv.Atoi(port)
+	if err != nil {
+		return "", 0, fmt.Errorf("invalid fluentd-address %s: %s", address, err)
+	}
+	return host, portnum, nil
+}
diff --git a/daemon/logger/gcplogs/gcplogging.go b/daemon/logger/gcplogs/gcplogging.go
new file mode 100644
index 00000000..781642bb
--- /dev/null
+++ b/daemon/logger/gcplogs/gcplogging.go
@@ -0,0 +1,191 @@
+package gcplogs
+
+import (
+	"fmt"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"github.com/docker/docker/daemon/logger"
+
+	"github.com/Sirupsen/logrus"
+	"golang.org/x/net/context"
+	"google.golang.org/cloud/compute/metadata"
+	"google.golang.org/cloud/logging"
+)
+
+const (
+	name = "gcplogs"
+
+	projectOptKey = "gcp-project"
+	logLabelsKey  = "labels"
+	logEnvKey     = "env"
+	logCmdKey     = "gcp-log-cmd"
+)
+
+var (
+	// The number of logs the gcplogs driver has dropped.
+	droppedLogs uint64
+
+	onGCE bool
+
+	// instance metadata populated from the metadata server if available
+	projectID    string
+	zone         string
+	instanceName string
+	instanceID   string
+)
+
+func init() {
+
+	if err := logger.RegisterLogDriver(name, New); err != nil {
+		logrus.Fatal(err)
+	}
+
+	if err := logger.RegisterLogOptValidator(name, ValidateLogOpts); err != nil {
+		logrus.Fatal(err)
+	}
+}
+
+type gcplogs struct {
+	client    *logging.Client
+	instance  *instanceInfo
+	container *containerInfo
+}
+
+type dockerLogEntry struct {
+	Instance  *instanceInfo  `json:"instance,omitempty"`
+	Container *containerInfo `json:"container,omitempty"`
+	Data      string         `json:"data,omitempty"`
+}
+
+type instanceInfo struct {
+	Zone string `json:"zone,omitempty"`
+	Name string `json:"name,omitempty"`
+	ID   string `json:"id,omitempty"`
+}
+
+type containerInfo struct {
+	Name      string            `json:"name,omitempty"`
+	ID        string            `json:"id,omitempty"`
+	ImageName string            `json:"imageName,omitempty"`
+	ImageID   string            `json:"imageId,omitempty"`
+	Created   time.Time         `json:"created,omitempty"`
+	Command   string            `json:"command,omitempty"`
+	Metadata  map[string]string `json:"metadata,omitempty"`
+}
+
+var initGCPOnce sync.Once
+
+func initGCP() {
+	initGCPOnce.Do(func() {
+		onGCE = metadata.OnGCE()
+		if onGCE {
+			// These will fail on instances if the metadata service is
+			// down or the client is compiled with an API version that
+			// has been removed. Since these are not vital, let's ignore
+			// them and make their fields in the dockeLogEntry ,omitempty
+			projectID, _ = metadata.ProjectID()
+			zone, _ = metadata.Zone()
+			instanceName, _ = metadata.InstanceName()
+			instanceID, _ = metadata.InstanceID()
+		}
+	})
+}
+
+// New creates a new logger that logs to Google Cloud Logging using the application
+// default credentials.
+//
+// See https://developers.google.com/identity/protocols/application-default-credentials
+func New(ctx logger.Context) (logger.Logger, error) {
+	initGCP()
+
+	var project string
+	if projectID != "" {
+		project = projectID
+	}
+	if projectID, found := ctx.Config[projectOptKey]; found {
+		project = projectID
+	}
+	if project == "" {
+		return nil, fmt.Errorf("No project was specified and couldn't read project from the meatadata server. Please specify a project")
+	}
+
+	c, err := logging.NewClient(context.Background(), project, "gcplogs-docker-driver")
+	if err != nil {
+		return nil, err
+	}
+
+	if err := c.Ping(); err != nil {
+		return nil, fmt.Errorf("unable to connect or authenticate with Google Cloud Logging: %v", err)
+	}
+
+	l := &gcplogs{
+		client: c,
+		container: &containerInfo{
+			Name:      ctx.ContainerName,
+			ID:        ctx.ContainerID,
+			ImageName: ctx.ContainerImageName,
+			ImageID:   ctx.ContainerImageID,
+			Created:   ctx.ContainerCreated,
+			Metadata:  ctx.ExtraAttributes(nil),
+		},
+	}
+
+	if ctx.Config[logCmdKey] == "true" {
+		l.container.Command = ctx.Command()
+	}
+
+	if onGCE {
+		l.instance = &instanceInfo{
+			Zone: zone,
+			Name: instanceName,
+			ID:   instanceID,
+		}
+	}
+
+	// The logger "overflows" at a rate of 10,000 logs per second and this
+	// overflow func is called. We want to surface the error to the user
+	// without overly spamming /var/log/docker.log so we log the first time
+	// we overflow and every 1000th time after.
+	c.Overflow = func(_ *logging.Client, _ logging.Entry) error {
+		if i := atomic.AddUint64(&droppedLogs, 1); i%1000 == 1 {
+			logrus.Errorf("gcplogs driver has dropped %v logs", i)
+		}
+		return nil
+	}
+
+	return l, nil
+}
+
+// ValidateLogOpts validates the opts passed to the gcplogs driver. Currently, the gcplogs
+// driver doesn't take any arguments.
+func ValidateLogOpts(cfg map[string]string) error {
+	for k := range cfg {
+		switch k {
+		case projectOptKey, logLabelsKey, logEnvKey, logCmdKey:
+		default:
+			return fmt.Errorf("%q is not a valid option for the gcplogs driver", k)
+		}
+	}
+	return nil
+}
+
+func (l *gcplogs) Log(m *logger.Message) error {
+	return l.client.Log(logging.Entry{
+		Time: m.Timestamp,
+		Payload: &dockerLogEntry{
+			Instance:  l.instance,
+			Container: l.container,
+			Data:      string(m.Line),
+		},
+	})
+}
+
+func (l *gcplogs) Close() error {
+	return l.client.Flush()
+}
+
+func (l *gcplogs) Name() string {
+	return name
+}
diff --git a/daemon/logger/gelf/gelf.go b/daemon/logger/gelf/gelf.go
new file mode 100644
index 00000000..3fe62c41
--- /dev/null
+++ b/daemon/logger/gelf/gelf.go
@@ -0,0 +1,212 @@
+// +build linux
+
+// Package gelf provides the log driver for forwarding server logs to
+// endpoints that support the Graylog Extended Log Format.
+package gelf
+
+import (
+	"bytes"
+	"compress/flate"
+	"encoding/json"
+	"fmt"
+	"net"
+	"net/url"
+	"strconv"
+	"time"
+
+	"github.com/Graylog2/go-gelf/gelf"
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/daemon/logger"
+	"github.com/docker/docker/daemon/logger/loggerutils"
+	"github.com/docker/docker/pkg/urlutil"
+)
+
+const name = "gelf"
+
+type gelfLogger struct {
+	writer   *gelf.Writer
+	ctx      logger.Context
+	hostname string
+	rawExtra json.RawMessage
+}
+
+func init() {
+	if err := logger.RegisterLogDriver(name, New); err != nil {
+		logrus.Fatal(err)
+	}
+	if err := logger.RegisterLogOptValidator(name, ValidateLogOpt); err != nil {
+		logrus.Fatal(err)
+	}
+}
+
+// New creates a gelf logger using the configuration passed in on the
+// context. Supported context configuration variables are
+// gelf-address, & gelf-tag.
+func New(ctx logger.Context) (logger.Logger, error) {
+	// parse gelf address
+	address, err := parseAddress(ctx.Config["gelf-address"])
+	if err != nil {
+		return nil, err
+	}
+
+	// collect extra data for GELF message
+	hostname, err := ctx.Hostname()
+	if err != nil {
+		return nil, fmt.Errorf("gelf: cannot access hostname to set source field")
+	}
+
+	// remove trailing slash from container name
+	containerName := bytes.TrimLeft([]byte(ctx.ContainerName), "/")
+
+	// parse log tag
+	tag, err := loggerutils.ParseLogTag(ctx, "")
+	if err != nil {
+		return nil, err
+	}
+
+	extra := map[string]interface{}{
+		"_container_id":   ctx.ContainerID,
+		"_container_name": string(containerName),
+		"_image_id":       ctx.ContainerImageID,
+		"_image_name":     ctx.ContainerImageName,
+		"_command":        ctx.Command(),
+		"_tag":            tag,
+		"_created":        ctx.ContainerCreated,
+	}
+
+	extraAttrs := ctx.ExtraAttributes(func(key string) string {
+		if key[0] == '_' {
+			return key
+		}
+		return "_" + key
+	})
+	for k, v := range extraAttrs {
+		extra[k] = v
+	}
+
+	rawExtra, err := json.Marshal(extra)
+	if err != nil {
+		return nil, err
+	}
+
+	// create new gelfWriter
+	gelfWriter, err := gelf.NewWriter(address)
+	if err != nil {
+		return nil, fmt.Errorf("gelf: cannot connect to GELF endpoint: %s %v", address, err)
+	}
+
+	if v, ok := ctx.Config["gelf-compression-type"]; ok {
+		switch v {
+		case "gzip":
+			gelfWriter.CompressionType = gelf.CompressGzip
+		case "zlib":
+			gelfWriter.CompressionType = gelf.CompressZlib
+		case "none":
+			gelfWriter.CompressionType = gelf.CompressNone
+		default:
+			return nil, fmt.Errorf("gelf: invalid compression type %q", v)
+		}
+	}
+
+	if v, ok := ctx.Config["gelf-compression-level"]; ok {
+		val, err := strconv.Atoi(v)
+		if err != nil {
+			return nil, fmt.Errorf("gelf: invalid compression level %s, err %v", v, err)
+		}
+		gelfWriter.CompressionLevel = val
+	}
+
+	return &gelfLogger{
+		writer:   gelfWriter,
+		ctx:      ctx,
+		hostname: hostname,
+		rawExtra: rawExtra,
+	}, nil
+}
+
+func (s *gelfLogger) Log(msg *logger.Message) error {
+	level := gelf.LOG_INFO
+	if msg.Source == "stderr" {
+		level = gelf.LOG_ERR
+	}
+
+	m := gelf.Message{
+		Version:  "1.1",
+		Host:     s.hostname,
+		Short:    string(msg.Line),
+		TimeUnix: float64(msg.Timestamp.UnixNano()/int64(time.Millisecond)) / 1000.0,
+		Level:    level,
+		RawExtra: s.rawExtra,
+	}
+
+	if err := s.writer.WriteMessage(&m); err != nil {
+		return fmt.Errorf("gelf: cannot send GELF message: %v", err)
+	}
+	return nil
+}
+
+func (s *gelfLogger) Close() error {
+	return s.writer.Close()
+}
+
+func (s *gelfLogger) Name() string {
+	return name
+}
+
+// ValidateLogOpt looks for gelf specific log options gelf-address, &
+// gelf-tag.
+func ValidateLogOpt(cfg map[string]string) error {
+	for key, val := range cfg {
+		switch key {
+		case "gelf-address":
+		case "gelf-tag":
+		case "tag":
+		case "labels":
+		case "env":
+		case "gelf-compression-level":
+			i, err := strconv.Atoi(val)
+			if err != nil || i < flate.DefaultCompression || i > flate.BestCompression {
+				return fmt.Errorf("unknown value %q for log opt %q for gelf log driver", val, key)
+			}
+		case "gelf-compression-type":
+			switch val {
+			case "gzip", "zlib", "none":
+			default:
+				return fmt.Errorf("unknown value %q for log opt %q for gelf log driver", val, key)
+			}
+		default:
+			return fmt.Errorf("unknown log opt %q for gelf log driver", key)
+		}
+	}
+
+	if _, err := parseAddress(cfg["gelf-address"]); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func parseAddress(address string) (string, error) {
+	if address == "" {
+		return "", nil
+	}
+	if !urlutil.IsTransportURL(address) {
+		return "", fmt.Errorf("gelf-address should be in form proto://address, got %v", address)
+	}
+	url, err := url.Parse(address)
+	if err != nil {
+		return "", err
+	}
+
+	// we support only udp
+	if url.Scheme != "udp" {
+		return "", fmt.Errorf("gelf: endpoint needs to be UDP")
+	}
+
+	// get host and port
+	if _, _, err = net.SplitHostPort(url.Host); err != nil {
+		return "", fmt.Errorf("gelf: please provide gelf-address as udp://host:port")
+	}
+
+	return url.Host, nil
+}
diff --git a/daemon/logger/gelf/gelf_unsupported.go b/daemon/logger/gelf/gelf_unsupported.go
new file mode 100644
index 00000000..266f73b1
--- /dev/null
+++ b/daemon/logger/gelf/gelf_unsupported.go
@@ -0,0 +1,3 @@
+// +build !linux
+
+package gelf
diff --git a/daemon/logger/journald/journald.go b/daemon/logger/journald/journald.go
new file mode 100644
index 00000000..748dd8b2
--- /dev/null
+++ b/daemon/logger/journald/journald.go
@@ -0,0 +1,95 @@
+// +build linux
+
+// Package journald provides the log driver for forwarding server logs
+// to endpoints that receive the systemd format.
+package journald
+
+import (
+	"fmt"
+	"strings"
+	"sync"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/coreos/go-systemd/journal"
+	"github.com/docker/docker/daemon/logger"
+	"github.com/docker/docker/daemon/logger/loggerutils"
+)
+
+const name = "journald"
+
+type journald struct {
+	vars    map[string]string // additional variables and values to send to the journal along with the log message
+	readers readerList
+}
+
+type readerList struct {
+	mu      sync.Mutex
+	readers map[*logger.LogWatcher]*logger.LogWatcher
+}
+
+func init() {
+	if err := logger.RegisterLogDriver(name, New); err != nil {
+		logrus.Fatal(err)
+	}
+	if err := logger.RegisterLogOptValidator(name, validateLogOpt); err != nil {
+		logrus.Fatal(err)
+	}
+}
+
+// New creates a journald logger using the configuration passed in on
+// the context.
+func New(ctx logger.Context) (logger.Logger, error) {
+	if !journal.Enabled() {
+		return nil, fmt.Errorf("journald is not enabled on this host")
+	}
+	// Strip a leading slash so that people can search for
+	// CONTAINER_NAME=foo rather than CONTAINER_NAME=/foo.
+	name := ctx.ContainerName
+	if name[0] == '/' {
+		name = name[1:]
+	}
+
+	// parse log tag
+	tag, err := loggerutils.ParseLogTag(ctx, "")
+	if err != nil {
+		return nil, err
+	}
+
+	vars := map[string]string{
+		"CONTAINER_ID":      ctx.ContainerID[:12],
+		"CONTAINER_ID_FULL": ctx.ContainerID,
+		"CONTAINER_NAME":    name,
+		"CONTAINER_TAG":     tag,
+	}
+	extraAttrs := ctx.ExtraAttributes(strings.ToTitle)
+	for k, v := range extraAttrs {
+		vars[k] = v
+	}
+	return &journald{vars: vars, readers: readerList{readers: make(map[*logger.LogWatcher]*logger.LogWatcher)}}, nil
+}
+
+// We don't actually accept any options, but we have to supply a callback for
+// the factory to pass the (probably empty) configuration map to.
+func validateLogOpt(cfg map[string]string) error {
+	for key := range cfg {
+		switch key {
+		case "labels":
+		case "env":
+		case "tag":
+		default:
+			return fmt.Errorf("unknown log opt '%s' for journald log driver", key)
+		}
+	}
+	return nil
+}
+
+func (s *journald) Log(msg *logger.Message) error {
+	if msg.Source == "stderr" {
+		return journal.Send(string(msg.Line), journal.PriErr, s.vars)
+	}
+	return journal.Send(string(msg.Line), journal.PriInfo, s.vars)
+}
+
+func (s *journald) Name() string {
+	return name
+}
diff --git a/daemon/logger/journald/journald_unsupported.go b/daemon/logger/journald/journald_unsupported.go
new file mode 100644
index 00000000..d52ca92e
--- /dev/null
+++ b/daemon/logger/journald/journald_unsupported.go
@@ -0,0 +1,6 @@
+// +build !linux
+
+package journald
+
+type journald struct {
+}
diff --git a/daemon/logger/journald/read.go b/daemon/logger/journald/read.go
new file mode 100644
index 00000000..1b8b8cce
--- /dev/null
+++ b/daemon/logger/journald/read.go
@@ -0,0 +1,330 @@
+// +build linux,cgo,!static_build,journald
+
+package journald
+
+// #include <sys/types.h>
+// #include <sys/poll.h>
+// #include <systemd/sd-journal.h>
+// #include <errno.h>
+// #include <stdio.h>
+// #include <stdlib.h>
+// #include <string.h>
+// #include <time.h>
+// #include <unistd.h>
+//
+//static int get_message(sd_journal *j, const char **msg, size_t *length)
+//{
+//	int rc;
+//	*msg = NULL;
+//	*length = 0;
+//	rc = sd_journal_get_data(j, "MESSAGE", (const void **) msg, length);
+//	if (rc == 0) {
+//		if (*length > 8) {
+//			(*msg) += 8;
+//			*length -= 8;
+//		} else {
+//			*msg = NULL;
+//			*length = 0;
+//			rc = -ENOENT;
+//		}
+//	}
+//	return rc;
+//}
+//static int get_priority(sd_journal *j, int *priority)
+//{
+//	const void *data;
+//	size_t i, length;
+//	int rc;
+//	*priority = -1;
+//	rc = sd_journal_get_data(j, "PRIORITY", &data, &length);
+//	if (rc == 0) {
+//		if ((length > 9) && (strncmp(data, "PRIORITY=", 9) == 0)) {
+//			*priority = 0;
+//			for (i = 9; i < length; i++) {
+//				*priority = *priority * 10 + ((const char *)data)[i] - '0';
+//			}
+//			if (length > 9) {
+//				rc = 0;
+//			}
+//		}
+//	}
+//	return rc;
+//}
+//static int wait_for_data_or_close(sd_journal *j, int pipefd)
+//{
+//	struct pollfd fds[2];
+//	uint64_t when = 0;
+//	int timeout, jevents, i;
+//	struct timespec ts;
+//	uint64_t now;
+//	do {
+//		memset(&fds, 0, sizeof(fds));
+//		fds[0].fd = pipefd;
+//		fds[0].events = POLLHUP;
+//		fds[1].fd = sd_journal_get_fd(j);
+//		if (fds[1].fd < 0) {
+//			return fds[1].fd;
+//		}
+//		jevents = sd_journal_get_events(j);
+//		if (jevents < 0) {
+//			return jevents;
+//		}
+//		fds[1].events = jevents;
+//		sd_journal_get_timeout(j, &when);
+//		if (when == -1) {
+//			timeout = -1;
+//		} else {
+//			clock_gettime(CLOCK_MONOTONIC, &ts);
+//			now = (uint64_t) ts.tv_sec * 1000000 + ts.tv_nsec / 1000;
+//			timeout = when > now ? (int) ((when - now + 999) / 1000) : 0;
+//		}
+//		i = poll(fds, 2, timeout);
+//		if ((i == -1) && (errno != EINTR)) {
+//			/* An unexpected error. */
+//			return (errno != 0) ? -errno : -EINTR;
+//		}
+//		if (fds[0].revents & POLLHUP) {
+//			/* The close notification pipe was closed. */
+//			return 0;
+//		}
+//		if (sd_journal_process(j) == SD_JOURNAL_APPEND) {
+//			/* Data, which we might care about, was appended. */
+//			return 1;
+//		}
+//	} while ((fds[0].revents & POLLHUP) == 0);
+//	return 0;
+//}
+import "C"
+
+import (
+	"fmt"
+	"time"
+	"unsafe"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/coreos/go-systemd/journal"
+	"github.com/docker/docker/daemon/logger"
+)
+
+func (s *journald) Close() error {
+	s.readers.mu.Lock()
+	for reader := range s.readers.readers {
+		reader.Close()
+	}
+	s.readers.mu.Unlock()
+	return nil
+}
+
+func (s *journald) drainJournal(logWatcher *logger.LogWatcher, config logger.ReadConfig, j *C.sd_journal, oldCursor string) string {
+	var msg, cursor *C.char
+	var length C.size_t
+	var stamp C.uint64_t
+	var priority C.int
+
+	// Walk the journal from here forward until we run out of new entries.
+drain:
+	for {
+		// Try not to send a given entry twice.
+		if oldCursor != "" {
+			ccursor := C.CString(oldCursor)
+			defer C.free(unsafe.Pointer(ccursor))
+			for C.sd_journal_test_cursor(j, ccursor) > 0 {
+				if C.sd_journal_next(j) <= 0 {
+					break drain
+				}
+			}
+		}
+		// Read and send the logged message, if there is one to read.
+		i := C.get_message(j, &msg, &length)
+		if i != -C.ENOENT && i != -C.EADDRNOTAVAIL {
+			// Read the entry's timestamp.
+			if C.sd_journal_get_realtime_usec(j, &stamp) != 0 {
+				break
+			}
+			// Set up the time and text of the entry.
+			timestamp := time.Unix(int64(stamp)/1000000, (int64(stamp)%1000000)*1000)
+			line := append(C.GoBytes(unsafe.Pointer(msg), C.int(length)), "\n"...)
+			// Recover the stream name by mapping
+			// from the journal priority back to
+			// the stream that we would have
+			// assigned that value.
+			source := ""
+			if C.get_priority(j, &priority) != 0 {
+				source = ""
+			} else if priority == C.int(journal.PriErr) {
+				source = "stderr"
+			} else if priority == C.int(journal.PriInfo) {
+				source = "stdout"
+			}
+			// Send the log message.
+			cid := s.vars["CONTAINER_ID_FULL"]
+			logWatcher.Msg <- &logger.Message{ContainerID: cid, Line: line, Source: source, Timestamp: timestamp}
+		}
+		// If we're at the end of the journal, we're done (for now).
+		if C.sd_journal_next(j) <= 0 {
+			break
+		}
+	}
+	retCursor := ""
+	if C.sd_journal_get_cursor(j, &cursor) == 0 {
+		retCursor = C.GoString(cursor)
+		C.free(unsafe.Pointer(cursor))
+	}
+	return retCursor
+}
+
+func (s *journald) followJournal(logWatcher *logger.LogWatcher, config logger.ReadConfig, j *C.sd_journal, pfd [2]C.int, cursor string) {
+	s.readers.mu.Lock()
+	s.readers.readers[logWatcher] = logWatcher
+	s.readers.mu.Unlock()
+	go func() {
+		// Keep copying journal data out until we're notified to stop
+		// or we hit an error.
+		status := C.wait_for_data_or_close(j, pfd[0])
+		for status == 1 {
+			cursor = s.drainJournal(logWatcher, config, j, cursor)
+			status = C.wait_for_data_or_close(j, pfd[0])
+		}
+		if status < 0 {
+			cerrstr := C.strerror(C.int(-status))
+			errstr := C.GoString(cerrstr)
+			fmtstr := "error %q while attempting to follow journal for container %q"
+			logrus.Errorf(fmtstr, errstr, s.vars["CONTAINER_ID_FULL"])
+		}
+		// Clean up.
+		C.close(pfd[0])
+		s.readers.mu.Lock()
+		delete(s.readers.readers, logWatcher)
+		s.readers.mu.Unlock()
+		C.sd_journal_close(j)
+		close(logWatcher.Msg)
+	}()
+	// Wait until we're told to stop.
+	select {
+	case <-logWatcher.WatchClose():
+		// Notify the other goroutine that its work is done.
+		C.close(pfd[1])
+	}
+}
+
+func (s *journald) readLogs(logWatcher *logger.LogWatcher, config logger.ReadConfig) {
+	var j *C.sd_journal
+	var cmatch *C.char
+	var stamp C.uint64_t
+	var sinceUnixMicro uint64
+	var pipes [2]C.int
+	cursor := ""
+
+	// Get a handle to the journal.
+	rc := C.sd_journal_open(&j, C.int(0))
+	if rc != 0 {
+		logWatcher.Err <- fmt.Errorf("error opening journal")
+		close(logWatcher.Msg)
+		return
+	}
+	// If we end up following the log, we can set the journal context
+	// pointer and the channel pointer to nil so that we won't close them
+	// here, potentially while the goroutine that uses them is still
+	// running.  Otherwise, close them when we return from this function.
+	following := false
+	defer func(pfollowing *bool) {
+		if !*pfollowing {
+			C.sd_journal_close(j)
+			close(logWatcher.Msg)
+		}
+	}(&following)
+	// Remove limits on the size of data items that we'll retrieve.
+	rc = C.sd_journal_set_data_threshold(j, C.size_t(0))
+	if rc != 0 {
+		logWatcher.Err <- fmt.Errorf("error setting journal data threshold")
+		return
+	}
+	// Add a match to have the library do the searching for us.
+	cmatch = C.CString("CONTAINER_ID_FULL=" + s.vars["CONTAINER_ID_FULL"])
+	defer C.free(unsafe.Pointer(cmatch))
+	rc = C.sd_journal_add_match(j, unsafe.Pointer(cmatch), C.strlen(cmatch))
+	if rc != 0 {
+		logWatcher.Err <- fmt.Errorf("error setting journal match")
+		return
+	}
+	// If we have a cutoff time, convert it to Unix time once.
+	if !config.Since.IsZero() {
+		nano := config.Since.UnixNano()
+		sinceUnixMicro = uint64(nano / 1000)
+	}
+	if config.Tail > 0 {
+		lines := config.Tail
+		// Start at the end of the journal.
+		if C.sd_journal_seek_tail(j) < 0 {
+			logWatcher.Err <- fmt.Errorf("error seeking to end of journal")
+			return
+		}
+		if C.sd_journal_previous(j) < 0 {
+			logWatcher.Err <- fmt.Errorf("error backtracking to previous journal entry")
+			return
+		}
+		// Walk backward.
+		for lines > 0 {
+			// Stop if the entry time is before our cutoff.
+			// We'll need the entry time if it isn't, so go
+			// ahead and parse it now.
+			if C.sd_journal_get_realtime_usec(j, &stamp) != 0 {
+				break
+			} else {
+				// Compare the timestamp on the entry
+				// to our threshold value.
+				if sinceUnixMicro != 0 && sinceUnixMicro > uint64(stamp) {
+					break
+				}
+			}
+			lines--
+			// If we're at the start of the journal, or
+			// don't need to back up past any more entries,
+			// stop.
+			if lines == 0 || C.sd_journal_previous(j) <= 0 {
+				break
+			}
+		}
+	} else {
+		// Start at the beginning of the journal.
+		if C.sd_journal_seek_head(j) < 0 {
+			logWatcher.Err <- fmt.Errorf("error seeking to start of journal")
+			return
+		}
+		// If we have a cutoff date, fast-forward to it.
+		if sinceUnixMicro != 0 && C.sd_journal_seek_realtime_usec(j, C.uint64_t(sinceUnixMicro)) != 0 {
+			logWatcher.Err <- fmt.Errorf("error seeking to start time in journal")
+			return
+		}
+		if C.sd_journal_next(j) < 0 {
+			logWatcher.Err <- fmt.Errorf("error skipping to next journal entry")
+			return
+		}
+	}
+	cursor = s.drainJournal(logWatcher, config, j, "")
+	if config.Follow {
+		// Allocate a descriptor for following the journal, if we'll
+		// need one.  Do it here so that we can report if it fails.
+		if fd := C.sd_journal_get_fd(j); fd < C.int(0) {
+			logWatcher.Err <- fmt.Errorf("error opening journald follow descriptor: %q", C.GoString(C.strerror(-fd)))
+		} else {
+			// Create a pipe that we can poll at the same time as
+			// the journald descriptor.
+			if C.pipe(&pipes[0]) == C.int(-1) {
+				logWatcher.Err <- fmt.Errorf("error opening journald close notification pipe")
+			} else {
+				s.followJournal(logWatcher, config, j, pipes, cursor)
+				// Let followJournal handle freeing the journal context
+				// object and closing the channel.
+				following = true
+			}
+		}
+	}
+	return
+}
+
+func (s *journald) ReadLogs(config logger.ReadConfig) *logger.LogWatcher {
+	logWatcher := logger.NewLogWatcher()
+	go s.readLogs(logWatcher, config)
+	return logWatcher
+}
diff --git a/daemon/logger/journald/read_native.go b/daemon/logger/journald/read_native.go
new file mode 100644
index 00000000..bba6de55
--- /dev/null
+++ b/daemon/logger/journald/read_native.go
@@ -0,0 +1,6 @@
+// +build linux,cgo,!static_build,journald,!journald_compat
+
+package journald
+
+// #cgo pkg-config: libsystemd
+import "C"
diff --git a/daemon/logger/journald/read_native_compat.go b/daemon/logger/journald/read_native_compat.go
new file mode 100644
index 00000000..3f7a43c5
--- /dev/null
+++ b/daemon/logger/journald/read_native_compat.go
@@ -0,0 +1,6 @@
+// +build linux,cgo,!static_build,journald,journald_compat
+
+package journald
+
+// #cgo pkg-config: libsystemd-journal
+import "C"
diff --git a/daemon/logger/journald/read_unsupported.go b/daemon/logger/journald/read_unsupported.go
new file mode 100644
index 00000000..b43abdca
--- /dev/null
+++ b/daemon/logger/journald/read_unsupported.go
@@ -0,0 +1,7 @@
+// +build !linux !cgo static_build !journald
+
+package journald
+
+func (s *journald) Close() error {
+	return nil
+}
diff --git a/daemon/logger/jsonfilelog/jsonfilelog.go b/daemon/logger/jsonfilelog/jsonfilelog.go
new file mode 100644
index 00000000..9faa4e02
--- /dev/null
+++ b/daemon/logger/jsonfilelog/jsonfilelog.go
@@ -0,0 +1,147 @@
+// Package jsonfilelog provides the default Logger implementation for
+// Docker logging. This logger logs to files on the host server in the
+// JSON format.
+package jsonfilelog
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"strconv"
+	"sync"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/daemon/logger"
+	"github.com/docker/docker/daemon/logger/loggerutils"
+	"github.com/docker/docker/pkg/jsonlog"
+	"github.com/docker/go-units"
+)
+
+// Name is the name of the file that the jsonlogger logs to.
+const Name = "json-file"
+
+// JSONFileLogger is Logger implementation for default Docker logging.
+type JSONFileLogger struct {
+	buf     *bytes.Buffer
+	writer  *loggerutils.RotateFileWriter
+	mu      sync.Mutex
+	readers map[*logger.LogWatcher]struct{} // stores the active log followers
+	extra   []byte                          // json-encoded extra attributes
+}
+
+func init() {
+	if err := logger.RegisterLogDriver(Name, New); err != nil {
+		logrus.Fatal(err)
+	}
+	if err := logger.RegisterLogOptValidator(Name, ValidateLogOpt); err != nil {
+		logrus.Fatal(err)
+	}
+}
+
+// New creates new JSONFileLogger which writes to filename passed in
+// on given context.
+func New(ctx logger.Context) (logger.Logger, error) {
+	var capval int64 = -1
+	if capacity, ok := ctx.Config["max-size"]; ok {
+		var err error
+		capval, err = units.FromHumanSize(capacity)
+		if err != nil {
+			return nil, err
+		}
+	}
+	var maxFiles = 1
+	if maxFileString, ok := ctx.Config["max-file"]; ok {
+		var err error
+		maxFiles, err = strconv.Atoi(maxFileString)
+		if err != nil {
+			return nil, err
+		}
+		if maxFiles < 1 {
+			return nil, fmt.Errorf("max-file cannot be less than 1")
+		}
+	}
+
+	writer, err := loggerutils.NewRotateFileWriter(ctx.LogPath, capval, maxFiles)
+	if err != nil {
+		return nil, err
+	}
+
+	var extra []byte
+	if attrs := ctx.ExtraAttributes(nil); len(attrs) > 0 {
+		var err error
+		extra, err = json.Marshal(attrs)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	return &JSONFileLogger{
+		buf:     bytes.NewBuffer(nil),
+		writer:  writer,
+		readers: make(map[*logger.LogWatcher]struct{}),
+		extra:   extra,
+	}, nil
+}
+
+// Log converts logger.Message to jsonlog.JSONLog and serializes it to file.
+func (l *JSONFileLogger) Log(msg *logger.Message) error {
+	timestamp, err := jsonlog.FastTimeMarshalJSON(msg.Timestamp)
+	if err != nil {
+		return err
+	}
+	l.mu.Lock()
+	err = (&jsonlog.JSONLogs{
+		Log:      append(msg.Line, '\n'),
+		Stream:   msg.Source,
+		Created:  timestamp,
+		RawAttrs: l.extra,
+	}).MarshalJSONBuf(l.buf)
+	if err != nil {
+		l.mu.Unlock()
+		return err
+	}
+
+	l.buf.WriteByte('\n')
+	_, err = l.writer.Write(l.buf.Bytes())
+	l.buf.Reset()
+	l.mu.Unlock()
+
+	return err
+}
+
+// ValidateLogOpt looks for json specific log options max-file & max-size.
+func ValidateLogOpt(cfg map[string]string) error {
+	for key := range cfg {
+		switch key {
+		case "max-file":
+		case "max-size":
+		case "labels":
+		case "env":
+		default:
+			return fmt.Errorf("unknown log opt '%s' for json-file log driver", key)
+		}
+	}
+	return nil
+}
+
+// LogPath returns the location the given json logger logs to.
+func (l *JSONFileLogger) LogPath() string {
+	return l.writer.LogPath()
+}
+
+// Close closes underlying file and signals all readers to stop.
+func (l *JSONFileLogger) Close() error {
+	l.mu.Lock()
+	err := l.writer.Close()
+	for r := range l.readers {
+		r.Close()
+		delete(l.readers, r)
+	}
+	l.mu.Unlock()
+	return err
+}
+
+// Name returns name of this logger.
+func (l *JSONFileLogger) Name() string {
+	return Name
+}
diff --git a/daemon/logger/jsonfilelog/jsonfilelog_test.go b/daemon/logger/jsonfilelog/jsonfilelog_test.go
new file mode 100644
index 00000000..ef840531
--- /dev/null
+++ b/daemon/logger/jsonfilelog/jsonfilelog_test.go
@@ -0,0 +1,248 @@
+package jsonfilelog
+
+import (
+	"encoding/json"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"reflect"
+	"strconv"
+	"testing"
+	"time"
+
+	"github.com/docker/docker/daemon/logger"
+	"github.com/docker/docker/pkg/jsonlog"
+)
+
+func TestJSONFileLogger(t *testing.T) {
+	cid := "a7317399f3f857173c6179d44823594f8294678dea9999662e5c625b5a1c7657"
+	tmp, err := ioutil.TempDir("", "docker-logger-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmp)
+	filename := filepath.Join(tmp, "container.log")
+	l, err := New(logger.Context{
+		ContainerID: cid,
+		LogPath:     filename,
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer l.Close()
+
+	if err := l.Log(&logger.Message{ContainerID: cid, Line: []byte("line1"), Source: "src1"}); err != nil {
+		t.Fatal(err)
+	}
+	if err := l.Log(&logger.Message{ContainerID: cid, Line: []byte("line2"), Source: "src2"}); err != nil {
+		t.Fatal(err)
+	}
+	if err := l.Log(&logger.Message{ContainerID: cid, Line: []byte("line3"), Source: "src3"}); err != nil {
+		t.Fatal(err)
+	}
+	res, err := ioutil.ReadFile(filename)
+	if err != nil {
+		t.Fatal(err)
+	}
+	expected := `{"log":"line1\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line2\n","stream":"src2","time":"0001-01-01T00:00:00Z"}
+{"log":"line3\n","stream":"src3","time":"0001-01-01T00:00:00Z"}
+`
+
+	if string(res) != expected {
+		t.Fatalf("Wrong log content: %q, expected %q", res, expected)
+	}
+}
+
+func BenchmarkJSONFileLogger(b *testing.B) {
+	cid := "a7317399f3f857173c6179d44823594f8294678dea9999662e5c625b5a1c7657"
+	tmp, err := ioutil.TempDir("", "docker-logger-")
+	if err != nil {
+		b.Fatal(err)
+	}
+	defer os.RemoveAll(tmp)
+	filename := filepath.Join(tmp, "container.log")
+	l, err := New(logger.Context{
+		ContainerID: cid,
+		LogPath:     filename,
+	})
+	if err != nil {
+		b.Fatal(err)
+	}
+	defer l.Close()
+
+	testLine := "Line that thinks that it is log line from docker\n"
+	msg := &logger.Message{ContainerID: cid, Line: []byte(testLine), Source: "stderr", Timestamp: time.Now().UTC()}
+	jsonlog, err := (&jsonlog.JSONLog{Log: string(msg.Line) + "\n", Stream: msg.Source, Created: msg.Timestamp}).MarshalJSON()
+	if err != nil {
+		b.Fatal(err)
+	}
+	b.SetBytes(int64(len(jsonlog)+1) * 30)
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		for j := 0; j < 30; j++ {
+			if err := l.Log(msg); err != nil {
+				b.Fatal(err)
+			}
+		}
+	}
+}
+
+func TestJSONFileLoggerWithOpts(t *testing.T) {
+	cid := "a7317399f3f857173c6179d44823594f8294678dea9999662e5c625b5a1c7657"
+	tmp, err := ioutil.TempDir("", "docker-logger-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmp)
+	filename := filepath.Join(tmp, "container.log")
+	config := map[string]string{"max-file": "2", "max-size": "1k"}
+	l, err := New(logger.Context{
+		ContainerID: cid,
+		LogPath:     filename,
+		Config:      config,
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer l.Close()
+	for i := 0; i < 20; i++ {
+		if err := l.Log(&logger.Message{ContainerID: cid, Line: []byte("line" + strconv.Itoa(i)), Source: "src1"}); err != nil {
+			t.Fatal(err)
+		}
+	}
+	res, err := ioutil.ReadFile(filename)
+	if err != nil {
+		t.Fatal(err)
+	}
+	penUlt, err := ioutil.ReadFile(filename + ".1")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	expectedPenultimate := `{"log":"line0\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line1\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line2\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line3\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line4\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line5\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line6\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line7\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line8\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line9\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line10\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line11\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line12\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line13\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line14\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line15\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+`
+	expected := `{"log":"line16\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line17\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line18\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+{"log":"line19\n","stream":"src1","time":"0001-01-01T00:00:00Z"}
+`
+
+	if string(res) != expected {
+		t.Fatalf("Wrong log content: %q, expected %q", res, expected)
+	}
+	if string(penUlt) != expectedPenultimate {
+		t.Fatalf("Wrong log content: %q, expected %q", penUlt, expectedPenultimate)
+	}
+
+}
+
+func TestJSONFileLoggerWithLabelsEnv(t *testing.T) {
+	cid := "a7317399f3f857173c6179d44823594f8294678dea9999662e5c625b5a1c7657"
+	tmp, err := ioutil.TempDir("", "docker-logger-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmp)
+	filename := filepath.Join(tmp, "container.log")
+	config := map[string]string{"labels": "rack,dc", "env": "environ,debug,ssl"}
+	l, err := New(logger.Context{
+		ContainerID:     cid,
+		LogPath:         filename,
+		Config:          config,
+		ContainerLabels: map[string]string{"rack": "101", "dc": "lhr"},
+		ContainerEnv:    []string{"environ=production", "debug=false", "port=10001", "ssl=true"},
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer l.Close()
+	if err := l.Log(&logger.Message{ContainerID: cid, Line: []byte("line"), Source: "src1"}); err != nil {
+		t.Fatal(err)
+	}
+	res, err := ioutil.ReadFile(filename)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	var jsonLog jsonlog.JSONLogs
+	if err := json.Unmarshal(res, &jsonLog); err != nil {
+		t.Fatal(err)
+	}
+	extra := make(map[string]string)
+	if err := json.Unmarshal(jsonLog.RawAttrs, &extra); err != nil {
+		t.Fatal(err)
+	}
+	expected := map[string]string{
+		"rack":    "101",
+		"dc":      "lhr",
+		"environ": "production",
+		"debug":   "false",
+		"ssl":     "true",
+	}
+	if !reflect.DeepEqual(extra, expected) {
+		t.Fatalf("Wrong log attrs: %q, expected %q", extra, expected)
+	}
+}
+
+func BenchmarkJSONFileLoggerWithReader(b *testing.B) {
+	b.StopTimer()
+	b.ResetTimer()
+	cid := "a7317399f3f857173c6179d44823594f8294678dea9999662e5c625b5a1c7657"
+	dir, err := ioutil.TempDir("", "json-logger-bench")
+	if err != nil {
+		b.Fatal(err)
+	}
+	defer os.RemoveAll(dir)
+
+	l, err := New(logger.Context{
+		ContainerID: cid,
+		LogPath:     filepath.Join(dir, "container.log"),
+	})
+	if err != nil {
+		b.Fatal(err)
+	}
+	defer l.Close()
+	msg := &logger.Message{ContainerID: cid, Line: []byte("line"), Source: "src1"}
+	jsonlog, err := (&jsonlog.JSONLog{Log: string(msg.Line) + "\n", Stream: msg.Source, Created: msg.Timestamp}).MarshalJSON()
+	if err != nil {
+		b.Fatal(err)
+	}
+	b.SetBytes(int64(len(jsonlog)+1) * 30)
+
+	b.StartTimer()
+
+	go func() {
+		for i := 0; i < b.N; i++ {
+			for j := 0; j < 30; j++ {
+				l.Log(msg)
+			}
+		}
+		l.Close()
+	}()
+
+	lw := l.(logger.LogReader).ReadLogs(logger.ReadConfig{Follow: true})
+	watchClose := lw.WatchClose()
+	for {
+		select {
+		case <-lw.Msg:
+		case <-watchClose:
+			return
+		}
+	}
+}
diff --git a/daemon/logger/jsonfilelog/read.go b/daemon/logger/jsonfilelog/read.go
new file mode 100644
index 00000000..0c8fb5e5
--- /dev/null
+++ b/daemon/logger/jsonfilelog/read.go
@@ -0,0 +1,235 @@
+package jsonfilelog
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"os"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/daemon/logger"
+	"github.com/docker/docker/pkg/filenotify"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/pkg/jsonlog"
+	"github.com/docker/docker/pkg/tailfile"
+)
+
+const maxJSONDecodeRetry = 20000
+
+func decodeLogLine(dec *json.Decoder, l *jsonlog.JSONLog) (*logger.Message, error) {
+	l.Reset()
+	if err := dec.Decode(l); err != nil {
+		return nil, err
+	}
+	msg := &logger.Message{
+		Source:    l.Stream,
+		Timestamp: l.Created,
+		Line:      []byte(l.Log),
+	}
+	return msg, nil
+}
+
+// ReadLogs implements the logger's LogReader interface for the logs
+// created by this driver.
+func (l *JSONFileLogger) ReadLogs(config logger.ReadConfig) *logger.LogWatcher {
+	logWatcher := logger.NewLogWatcher()
+
+	go l.readLogs(logWatcher, config)
+	return logWatcher
+}
+
+func (l *JSONFileLogger) readLogs(logWatcher *logger.LogWatcher, config logger.ReadConfig) {
+	defer close(logWatcher.Msg)
+
+	pth := l.writer.LogPath()
+	var files []io.ReadSeeker
+	for i := l.writer.MaxFiles(); i > 1; i-- {
+		f, err := os.Open(fmt.Sprintf("%s.%d", pth, i-1))
+		if err != nil {
+			if !os.IsNotExist(err) {
+				logWatcher.Err <- err
+				break
+			}
+			continue
+		}
+		files = append(files, f)
+	}
+
+	latestFile, err := os.Open(pth)
+	if err != nil {
+		logWatcher.Err <- err
+		return
+	}
+
+	if config.Tail != 0 {
+		tailer := ioutils.MultiReadSeeker(append(files, latestFile)...)
+		tailFile(tailer, logWatcher, config.Tail, config.Since)
+	}
+
+	// close all the rotated files
+	for _, f := range files {
+		if err := f.(io.Closer).Close(); err != nil {
+			logrus.WithField("logger", "json-file").Warnf("error closing tailed log file: %v", err)
+		}
+	}
+
+	if !config.Follow {
+		return
+	}
+
+	if config.Tail >= 0 {
+		latestFile.Seek(0, os.SEEK_END)
+	}
+
+	l.mu.Lock()
+	l.readers[logWatcher] = struct{}{}
+	l.mu.Unlock()
+
+	notifyRotate := l.writer.NotifyRotate()
+	followLogs(latestFile, logWatcher, notifyRotate, config.Since)
+
+	l.mu.Lock()
+	delete(l.readers, logWatcher)
+	l.mu.Unlock()
+
+	l.writer.NotifyRotateEvict(notifyRotate)
+}
+
+func tailFile(f io.ReadSeeker, logWatcher *logger.LogWatcher, tail int, since time.Time) {
+	var rdr io.Reader = f
+	if tail > 0 {
+		ls, err := tailfile.TailFile(f, tail)
+		if err != nil {
+			logWatcher.Err <- err
+			return
+		}
+		rdr = bytes.NewBuffer(bytes.Join(ls, []byte("\n")))
+	}
+	dec := json.NewDecoder(rdr)
+	l := &jsonlog.JSONLog{}
+	for {
+		msg, err := decodeLogLine(dec, l)
+		if err != nil {
+			if err != io.EOF {
+				logWatcher.Err <- err
+			}
+			return
+		}
+		if !since.IsZero() && msg.Timestamp.Before(since) {
+			continue
+		}
+		logWatcher.Msg <- msg
+	}
+}
+
+func followLogs(f *os.File, logWatcher *logger.LogWatcher, notifyRotate chan interface{}, since time.Time) {
+	dec := json.NewDecoder(f)
+	l := &jsonlog.JSONLog{}
+
+	fileWatcher, err := filenotify.New()
+	if err != nil {
+		logWatcher.Err <- err
+	}
+	defer func() {
+		f.Close()
+		fileWatcher.Close()
+	}()
+	name := f.Name()
+
+	if err := fileWatcher.Add(name); err != nil {
+		logrus.WithField("logger", "json-file").Warnf("falling back to file poller due to error: %v", err)
+		fileWatcher.Close()
+		fileWatcher = filenotify.NewPollingWatcher()
+
+		if err := fileWatcher.Add(name); err != nil {
+			logrus.Debugf("error watching log file for modifications: %v", err)
+			logWatcher.Err <- err
+			return
+		}
+	}
+
+	var retries int
+	for {
+		msg, err := decodeLogLine(dec, l)
+		if err != nil {
+			if err != io.EOF {
+				// try again because this shouldn't happen
+				if _, ok := err.(*json.SyntaxError); ok && retries <= maxJSONDecodeRetry {
+					dec = json.NewDecoder(f)
+					retries++
+					continue
+				}
+
+				// io.ErrUnexpectedEOF is returned from json.Decoder when there is
+				// remaining data in the parser's buffer while an io.EOF occurs.
+				// If the json logger writes a partial json log entry to the disk
+				// while at the same time the decoder tries to decode it, the race condition happens.
+				if err == io.ErrUnexpectedEOF && retries <= maxJSONDecodeRetry {
+					reader := io.MultiReader(dec.Buffered(), f)
+					dec = json.NewDecoder(reader)
+					retries++
+					continue
+				}
+
+				return
+			}
+
+			select {
+			case <-fileWatcher.Events():
+				dec = json.NewDecoder(f)
+				continue
+			case <-fileWatcher.Errors():
+				logWatcher.Err <- err
+				return
+			case <-logWatcher.WatchClose():
+				fileWatcher.Remove(name)
+				return
+			case <-notifyRotate:
+				f.Close()
+				fileWatcher.Remove(name)
+
+				// retry when the file doesn't exist
+				for retries := 0; retries <= 5; retries++ {
+					f, err = os.Open(name)
+					if err == nil || !os.IsNotExist(err) {
+						break
+					}
+				}
+
+				if err = fileWatcher.Add(name); err != nil {
+					logWatcher.Err <- err
+					return
+				}
+				if err != nil {
+					logWatcher.Err <- err
+					return
+				}
+
+				dec = json.NewDecoder(f)
+				continue
+			}
+		}
+
+		retries = 0 // reset retries since we've succeeded
+		if !since.IsZero() && msg.Timestamp.Before(since) {
+			continue
+		}
+		select {
+		case logWatcher.Msg <- msg:
+		case <-logWatcher.WatchClose():
+			logWatcher.Msg <- msg
+			for {
+				msg, err := decodeLogLine(dec, l)
+				if err != nil {
+					return
+				}
+				if !since.IsZero() && msg.Timestamp.Before(since) {
+					continue
+				}
+				logWatcher.Msg <- msg
+			}
+		}
+	}
+}
diff --git a/daemon/logger/logger.go b/daemon/logger/logger.go
new file mode 100644
index 00000000..cf8d571f
--- /dev/null
+++ b/daemon/logger/logger.go
@@ -0,0 +1,87 @@
+// Package logger defines interfaces that logger drivers implement to
+// log messages.
+//
+// The other half of a logger driver is the implementation of the
+// factory, which holds the contextual instance information that
+// allows multiple loggers of the same type to perform different
+// actions, such as logging to different locations.
+package logger
+
+import (
+	"errors"
+	"time"
+
+	"github.com/docker/docker/pkg/jsonlog"
+)
+
+// ErrReadLogsNotSupported is returned when the logger does not support reading logs.
+var ErrReadLogsNotSupported = errors.New("configured logging reader does not support reading")
+
+const (
+	// TimeFormat is the time format used for timestamps sent to log readers.
+	TimeFormat           = jsonlog.RFC3339NanoFixed
+	logWatcherBufferSize = 4096
+)
+
+// Message is datastructure that represents record from some container.
+type Message struct {
+	ContainerID string
+	Line        []byte
+	Source      string
+	Timestamp   time.Time
+}
+
+// Logger is the interface for docker logging drivers.
+type Logger interface {
+	Log(*Message) error
+	Name() string
+	Close() error
+}
+
+// ReadConfig is the configuration passed into ReadLogs.
+type ReadConfig struct {
+	Since  time.Time
+	Tail   int
+	Follow bool
+}
+
+// LogReader is the interface for reading log messages for loggers that support reading.
+type LogReader interface {
+	// Read logs from underlying logging backend
+	ReadLogs(ReadConfig) *LogWatcher
+}
+
+// LogWatcher is used when consuming logs read from the LogReader interface.
+type LogWatcher struct {
+	// For sending log messages to a reader.
+	Msg chan *Message
+	// For sending error messages that occur while while reading logs.
+	Err           chan error
+	closeNotifier chan struct{}
+}
+
+// NewLogWatcher returns a new LogWatcher.
+func NewLogWatcher() *LogWatcher {
+	return &LogWatcher{
+		Msg:           make(chan *Message, logWatcherBufferSize),
+		Err:           make(chan error, 1),
+		closeNotifier: make(chan struct{}),
+	}
+}
+
+// Close notifies the underlying log reader to stop.
+func (w *LogWatcher) Close() {
+	// only close if not already closed
+	select {
+	case <-w.closeNotifier:
+	default:
+		close(w.closeNotifier)
+	}
+}
+
+// WatchClose returns a channel receiver that receives notification
+// when the watcher has been closed. This should only be called from
+// one goroutine.
+func (w *LogWatcher) WatchClose() <-chan struct{} {
+	return w.closeNotifier
+}
diff --git a/daemon/logger/loggerutils/log_tag.go b/daemon/logger/loggerutils/log_tag.go
new file mode 100644
index 00000000..6653b9c4
--- /dev/null
+++ b/daemon/logger/loggerutils/log_tag.go
@@ -0,0 +1,46 @@
+package loggerutils
+
+import (
+	"bytes"
+	"fmt"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/daemon/logger"
+	"github.com/docker/docker/utils/templates"
+)
+
+// ParseLogTag generates a context aware tag for consistency across different
+// log drivers based on the context of the running container.
+func ParseLogTag(ctx logger.Context, defaultTemplate string) (string, error) {
+	tagTemplate := lookupTagTemplate(ctx, defaultTemplate)
+
+	tmpl, err := templates.NewParse("log-tag", tagTemplate)
+	if err != nil {
+		return "", err
+	}
+	buf := new(bytes.Buffer)
+	if err := tmpl.Execute(buf, &ctx); err != nil {
+		return "", err
+	}
+
+	return buf.String(), nil
+}
+
+func lookupTagTemplate(ctx logger.Context, defaultTemplate string) string {
+	tagTemplate := ctx.Config["tag"]
+
+	deprecatedConfigs := []string{"syslog-tag", "gelf-tag", "fluentd-tag"}
+	for i := 0; tagTemplate == "" && i < len(deprecatedConfigs); i++ {
+		cfg := deprecatedConfigs[i]
+		if ctx.Config[cfg] != "" {
+			tagTemplate = ctx.Config[cfg]
+			logrus.Warn(fmt.Sprintf("Using log tag from deprecated log-opt '%s'. Please use: --log-opt tag=\"%s\"", cfg, tagTemplate))
+		}
+	}
+
+	if tagTemplate == "" {
+		tagTemplate = defaultTemplate
+	}
+
+	return tagTemplate
+}
diff --git a/daemon/logger/loggerutils/log_tag_test.go b/daemon/logger/loggerutils/log_tag_test.go
new file mode 100644
index 00000000..994508b1
--- /dev/null
+++ b/daemon/logger/loggerutils/log_tag_test.go
@@ -0,0 +1,58 @@
+package loggerutils
+
+import (
+	"testing"
+
+	"github.com/docker/docker/daemon/logger"
+)
+
+func TestParseLogTagDefaultTag(t *testing.T) {
+	ctx := buildContext(map[string]string{})
+	tag, e := ParseLogTag(ctx, "{{.ID}}")
+	assertTag(t, e, tag, ctx.ID())
+}
+
+func TestParseLogTag(t *testing.T) {
+	ctx := buildContext(map[string]string{"tag": "{{.ImageName}}/{{.Name}}/{{.ID}}"})
+	tag, e := ParseLogTag(ctx, "{{.ID}}")
+	assertTag(t, e, tag, "test-image/test-container/container-ab")
+}
+
+func TestParseLogTagSyslogTag(t *testing.T) {
+	ctx := buildContext(map[string]string{"syslog-tag": "{{.ImageName}}/{{.Name}}/{{.ID}}"})
+	tag, e := ParseLogTag(ctx, "{{.ID}}")
+	assertTag(t, e, tag, "test-image/test-container/container-ab")
+}
+
+func TestParseLogTagGelfTag(t *testing.T) {
+	ctx := buildContext(map[string]string{"gelf-tag": "{{.ImageName}}/{{.Name}}/{{.ID}}"})
+	tag, e := ParseLogTag(ctx, "{{.ID}}")
+	assertTag(t, e, tag, "test-image/test-container/container-ab")
+}
+
+func TestParseLogTagFluentdTag(t *testing.T) {
+	ctx := buildContext(map[string]string{"fluentd-tag": "{{.ImageName}}/{{.Name}}/{{.ID}}"})
+	tag, e := ParseLogTag(ctx, "{{.ID}}")
+	assertTag(t, e, tag, "test-image/test-container/container-ab")
+}
+
+// Helpers
+
+func buildContext(cfg map[string]string) logger.Context {
+	return logger.Context{
+		ContainerID:        "container-abcdefghijklmnopqrstuvwxyz01234567890",
+		ContainerName:      "/test-container",
+		ContainerImageID:   "image-abcdefghijklmnopqrstuvwxyz01234567890",
+		ContainerImageName: "test-image",
+		Config:             cfg,
+	}
+}
+
+func assertTag(t *testing.T, e error, tag string, expected string) {
+	if e != nil {
+		t.Fatalf("Error generating tag: %q", e)
+	}
+	if tag != expected {
+		t.Fatalf("Wrong tag: %q, should be %q", tag, expected)
+	}
+}
diff --git a/daemon/logger/loggerutils/rotatefilewriter.go b/daemon/logger/loggerutils/rotatefilewriter.go
new file mode 100644
index 00000000..99e0964a
--- /dev/null
+++ b/daemon/logger/loggerutils/rotatefilewriter.go
@@ -0,0 +1,124 @@
+package loggerutils
+
+import (
+	"os"
+	"strconv"
+	"sync"
+
+	"github.com/docker/docker/pkg/pubsub"
+)
+
+// RotateFileWriter is Logger implementation for default Docker logging.
+type RotateFileWriter struct {
+	f            *os.File // store for closing
+	mu           sync.Mutex
+	capacity     int64 //maximum size of each file
+	currentSize  int64 // current size of the latest file
+	maxFiles     int   //maximum number of files
+	notifyRotate *pubsub.Publisher
+}
+
+//NewRotateFileWriter creates new RotateFileWriter
+func NewRotateFileWriter(logPath string, capacity int64, maxFiles int) (*RotateFileWriter, error) {
+	log, err := os.OpenFile(logPath, os.O_WRONLY|os.O_APPEND|os.O_CREATE, 0640)
+	if err != nil {
+		return nil, err
+	}
+
+	size, err := log.Seek(0, os.SEEK_END)
+	if err != nil {
+		return nil, err
+	}
+
+	return &RotateFileWriter{
+		f:            log,
+		capacity:     capacity,
+		currentSize:  size,
+		maxFiles:     maxFiles,
+		notifyRotate: pubsub.NewPublisher(0, 1),
+	}, nil
+}
+
+//WriteLog write log message to File
+func (w *RotateFileWriter) Write(message []byte) (int, error) {
+	w.mu.Lock()
+	if err := w.checkCapacityAndRotate(); err != nil {
+		w.mu.Unlock()
+		return -1, err
+	}
+
+	n, err := w.f.Write(message)
+	if err == nil {
+		w.currentSize += int64(n)
+	}
+	w.mu.Unlock()
+	return n, err
+}
+
+func (w *RotateFileWriter) checkCapacityAndRotate() error {
+	if w.capacity == -1 {
+		return nil
+	}
+
+	if w.currentSize >= w.capacity {
+		name := w.f.Name()
+		if err := w.f.Close(); err != nil {
+			return err
+		}
+		if err := rotate(name, w.maxFiles); err != nil {
+			return err
+		}
+		file, err := os.OpenFile(name, os.O_WRONLY|os.O_TRUNC|os.O_CREATE, 06400)
+		if err != nil {
+			return err
+		}
+		w.f = file
+		w.currentSize = 0
+		w.notifyRotate.Publish(struct{}{})
+	}
+
+	return nil
+}
+
+func rotate(name string, maxFiles int) error {
+	if maxFiles < 2 {
+		return nil
+	}
+	for i := maxFiles - 1; i > 1; i-- {
+		toPath := name + "." + strconv.Itoa(i)
+		fromPath := name + "." + strconv.Itoa(i-1)
+		if err := os.Rename(fromPath, toPath); err != nil && !os.IsNotExist(err) {
+			return err
+		}
+	}
+
+	if err := os.Rename(name, name+".1"); err != nil && !os.IsNotExist(err) {
+		return err
+	}
+	return nil
+}
+
+// LogPath returns the location the given writer logs to.
+func (w *RotateFileWriter) LogPath() string {
+	return w.f.Name()
+}
+
+// MaxFiles return maximum number of files
+func (w *RotateFileWriter) MaxFiles() int {
+	return w.maxFiles
+}
+
+//NotifyRotate returns the new subscriber
+func (w *RotateFileWriter) NotifyRotate() chan interface{} {
+	return w.notifyRotate.Subscribe()
+}
+
+//NotifyRotateEvict removes the specified subscriber from receiving any more messages.
+func (w *RotateFileWriter) NotifyRotateEvict(sub chan interface{}) {
+	w.notifyRotate.Evict(sub)
+}
+
+// Close closes underlying file and signals all readers to stop.
+func (w *RotateFileWriter) Close() error {
+	return w.f.Close()
+}
diff --git a/daemon/logger/splunk/splunk.go b/daemon/logger/splunk/splunk.go
new file mode 100644
index 00000000..201905f3
--- /dev/null
+++ b/daemon/logger/splunk/splunk.go
@@ -0,0 +1,266 @@
+// Package splunk provides the log driver for forwarding server logs to
+// Splunk HTTP Event Collector endpoint.
+package splunk
+
+import (
+	"bytes"
+	"crypto/tls"
+	"crypto/x509"
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"strconv"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/daemon/logger"
+	"github.com/docker/docker/daemon/logger/loggerutils"
+	"github.com/docker/docker/pkg/urlutil"
+)
+
+const (
+	driverName                  = "splunk"
+	splunkURLKey                = "splunk-url"
+	splunkTokenKey              = "splunk-token"
+	splunkSourceKey             = "splunk-source"
+	splunkSourceTypeKey         = "splunk-sourcetype"
+	splunkIndexKey              = "splunk-index"
+	splunkCAPathKey             = "splunk-capath"
+	splunkCANameKey             = "splunk-caname"
+	splunkInsecureSkipVerifyKey = "splunk-insecureskipverify"
+	envKey                      = "env"
+	labelsKey                   = "labels"
+	tagKey                      = "tag"
+)
+
+type splunkLogger struct {
+	client    *http.Client
+	transport *http.Transport
+
+	url         string
+	auth        string
+	nullMessage *splunkMessage
+}
+
+type splunkMessage struct {
+	Event      splunkMessageEvent `json:"event"`
+	Time       string             `json:"time"`
+	Host       string             `json:"host"`
+	Source     string             `json:"source,omitempty"`
+	SourceType string             `json:"sourcetype,omitempty"`
+	Index      string             `json:"index,omitempty"`
+}
+
+type splunkMessageEvent struct {
+	Line   string            `json:"line"`
+	Source string            `json:"source"`
+	Tag    string            `json:"tag,omitempty"`
+	Attrs  map[string]string `json:"attrs,omitempty"`
+}
+
+func init() {
+	if err := logger.RegisterLogDriver(driverName, New); err != nil {
+		logrus.Fatal(err)
+	}
+	if err := logger.RegisterLogOptValidator(driverName, ValidateLogOpt); err != nil {
+		logrus.Fatal(err)
+	}
+}
+
+// New creates splunk logger driver using configuration passed in context
+func New(ctx logger.Context) (logger.Logger, error) {
+	hostname, err := ctx.Hostname()
+	if err != nil {
+		return nil, fmt.Errorf("%s: cannot access hostname to set source field", driverName)
+	}
+
+	// Parse and validate Splunk URL
+	splunkURL, err := parseURL(ctx)
+	if err != nil {
+		return nil, err
+	}
+
+	// Splunk Token is required parameter
+	splunkToken, ok := ctx.Config[splunkTokenKey]
+	if !ok {
+		return nil, fmt.Errorf("%s: %s is expected", driverName, splunkTokenKey)
+	}
+
+	tlsConfig := &tls.Config{}
+
+	// Splunk is using autogenerated certificates by default,
+	// allow users to trust them with skipping verification
+	if insecureSkipVerifyStr, ok := ctx.Config[splunkInsecureSkipVerifyKey]; ok {
+		insecureSkipVerify, err := strconv.ParseBool(insecureSkipVerifyStr)
+		if err != nil {
+			return nil, err
+		}
+		tlsConfig.InsecureSkipVerify = insecureSkipVerify
+	}
+
+	// If path to the root certificate is provided - load it
+	if caPath, ok := ctx.Config[splunkCAPathKey]; ok {
+		caCert, err := ioutil.ReadFile(caPath)
+		if err != nil {
+			return nil, err
+		}
+		caPool := x509.NewCertPool()
+		caPool.AppendCertsFromPEM(caCert)
+		tlsConfig.RootCAs = caPool
+	}
+
+	if caName, ok := ctx.Config[splunkCANameKey]; ok {
+		tlsConfig.ServerName = caName
+	}
+
+	transport := &http.Transport{
+		TLSClientConfig: tlsConfig,
+	}
+	client := &http.Client{
+		Transport: transport,
+	}
+
+	var nullMessage = &splunkMessage{
+		Host: hostname,
+	}
+
+	// Optional parameters for messages
+	nullMessage.Source = ctx.Config[splunkSourceKey]
+	nullMessage.SourceType = ctx.Config[splunkSourceTypeKey]
+	nullMessage.Index = ctx.Config[splunkIndexKey]
+
+	tag, err := loggerutils.ParseLogTag(ctx, "{{.ID}}")
+	if err != nil {
+		return nil, err
+	}
+	nullMessage.Event.Tag = tag
+	nullMessage.Event.Attrs = ctx.ExtraAttributes(nil)
+
+	logger := &splunkLogger{
+		client:      client,
+		transport:   transport,
+		url:         splunkURL.String(),
+		auth:        "Splunk " + splunkToken,
+		nullMessage: nullMessage,
+	}
+
+	err = verifySplunkConnection(logger)
+	if err != nil {
+		return nil, err
+	}
+
+	return logger, nil
+}
+
+func (l *splunkLogger) Log(msg *logger.Message) error {
+	// Construct message as a copy of nullMessage
+	message := *l.nullMessage
+	message.Time = fmt.Sprintf("%f", float64(msg.Timestamp.UnixNano())/1000000000)
+	message.Event.Line = string(msg.Line)
+	message.Event.Source = msg.Source
+
+	jsonEvent, err := json.Marshal(&message)
+	if err != nil {
+		return err
+	}
+	req, err := http.NewRequest("POST", l.url, bytes.NewBuffer(jsonEvent))
+	if err != nil {
+		return err
+	}
+	req.Header.Set("Authorization", l.auth)
+	res, err := l.client.Do(req)
+	if err != nil {
+		return err
+	}
+	defer res.Body.Close()
+	if res.StatusCode != http.StatusOK {
+		var body []byte
+		body, err = ioutil.ReadAll(res.Body)
+		if err != nil {
+			return err
+		}
+		return fmt.Errorf("%s: failed to send event - %s - %s", driverName, res.Status, body)
+	}
+	io.Copy(ioutil.Discard, res.Body)
+	return nil
+}
+
+func (l *splunkLogger) Close() error {
+	l.transport.CloseIdleConnections()
+	return nil
+}
+
+func (l *splunkLogger) Name() string {
+	return driverName
+}
+
+// ValidateLogOpt looks for all supported by splunk driver options
+func ValidateLogOpt(cfg map[string]string) error {
+	for key := range cfg {
+		switch key {
+		case splunkURLKey:
+		case splunkTokenKey:
+		case splunkSourceKey:
+		case splunkSourceTypeKey:
+		case splunkIndexKey:
+		case splunkCAPathKey:
+		case splunkCANameKey:
+		case splunkInsecureSkipVerifyKey:
+		case envKey:
+		case labelsKey:
+		case tagKey:
+		default:
+			return fmt.Errorf("unknown log opt '%s' for %s log driver", key, driverName)
+		}
+	}
+	return nil
+}
+
+func parseURL(ctx logger.Context) (*url.URL, error) {
+	splunkURLStr, ok := ctx.Config[splunkURLKey]
+	if !ok {
+		return nil, fmt.Errorf("%s: %s is expected", driverName, splunkURLKey)
+	}
+
+	splunkURL, err := url.Parse(splunkURLStr)
+	if err != nil {
+		return nil, fmt.Errorf("%s: failed to parse %s as url value in %s", driverName, splunkURLStr, splunkURLKey)
+	}
+
+	if !urlutil.IsURL(splunkURLStr) ||
+		!splunkURL.IsAbs() ||
+		(splunkURL.Path != "" && splunkURL.Path != "/") ||
+		splunkURL.RawQuery != "" ||
+		splunkURL.Fragment != "" {
+		return nil, fmt.Errorf("%s: expected format schema://dns_name_or_ip:port for %s", driverName, splunkURLKey)
+	}
+
+	splunkURL.Path = "/services/collector/event/1.0"
+
+	return splunkURL, nil
+}
+
+func verifySplunkConnection(l *splunkLogger) error {
+	req, err := http.NewRequest("OPTIONS", l.url, nil)
+	if err != nil {
+		return err
+	}
+	res, err := l.client.Do(req)
+	if err != nil {
+		return err
+	}
+	if res.Body != nil {
+		defer res.Body.Close()
+	}
+	if res.StatusCode != http.StatusOK {
+		var body []byte
+		body, err = ioutil.ReadAll(res.Body)
+		if err != nil {
+			return err
+		}
+		return fmt.Errorf("%s: failed to verify connection - %s - %s", driverName, res.Status, body)
+	}
+	return nil
+}
diff --git a/daemon/logger/syslog/syslog.go b/daemon/logger/syslog/syslog.go
new file mode 100644
index 00000000..99e03278
--- /dev/null
+++ b/daemon/logger/syslog/syslog.go
@@ -0,0 +1,247 @@
+// +build linux
+
+// Package syslog provides the logdriver for forwarding server logs to syslog endpoints.
+package syslog
+
+import (
+	"crypto/tls"
+	"errors"
+	"fmt"
+	"net"
+	"net/url"
+	"os"
+	"path"
+	"strconv"
+	"strings"
+	"time"
+
+	syslog "github.com/RackSec/srslog"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/daemon/logger"
+	"github.com/docker/docker/daemon/logger/loggerutils"
+	"github.com/docker/docker/pkg/urlutil"
+	"github.com/docker/go-connections/tlsconfig"
+)
+
+const (
+	name        = "syslog"
+	secureProto = "tcp+tls"
+)
+
+var facilities = map[string]syslog.Priority{
+	"kern":     syslog.LOG_KERN,
+	"user":     syslog.LOG_USER,
+	"mail":     syslog.LOG_MAIL,
+	"daemon":   syslog.LOG_DAEMON,
+	"auth":     syslog.LOG_AUTH,
+	"syslog":   syslog.LOG_SYSLOG,
+	"lpr":      syslog.LOG_LPR,
+	"news":     syslog.LOG_NEWS,
+	"uucp":     syslog.LOG_UUCP,
+	"cron":     syslog.LOG_CRON,
+	"authpriv": syslog.LOG_AUTHPRIV,
+	"ftp":      syslog.LOG_FTP,
+	"local0":   syslog.LOG_LOCAL0,
+	"local1":   syslog.LOG_LOCAL1,
+	"local2":   syslog.LOG_LOCAL2,
+	"local3":   syslog.LOG_LOCAL3,
+	"local4":   syslog.LOG_LOCAL4,
+	"local5":   syslog.LOG_LOCAL5,
+	"local6":   syslog.LOG_LOCAL6,
+	"local7":   syslog.LOG_LOCAL7,
+}
+
+type syslogger struct {
+	writer *syslog.Writer
+}
+
+func init() {
+	if err := logger.RegisterLogDriver(name, New); err != nil {
+		logrus.Fatal(err)
+	}
+	if err := logger.RegisterLogOptValidator(name, ValidateLogOpt); err != nil {
+		logrus.Fatal(err)
+	}
+}
+
+// rsyslog uses appname part of syslog message to fill in an %syslogtag% template
+// attribute in rsyslog.conf. In order to be backward compatible to rfc3164
+// tag will be also used as an appname
+func rfc5424formatterWithAppNameAsTag(p syslog.Priority, hostname, tag, content string) string {
+	timestamp := time.Now().Format(time.RFC3339)
+	pid := os.Getpid()
+	msg := fmt.Sprintf("<%d>%d %s %s %s %d %s %s",
+		p, 1, timestamp, hostname, tag, pid, tag, content)
+	return msg
+}
+
+// New creates a syslog logger using the configuration passed in on
+// the context. Supported context configuration variables are
+// syslog-address, syslog-facility, & syslog-tag.
+func New(ctx logger.Context) (logger.Logger, error) {
+	tag, err := loggerutils.ParseLogTag(ctx, "{{.ID}}")
+	if err != nil {
+		return nil, err
+	}
+
+	proto, address, err := parseAddress(ctx.Config["syslog-address"])
+	if err != nil {
+		return nil, err
+	}
+
+	facility, err := parseFacility(ctx.Config["syslog-facility"])
+	if err != nil {
+		return nil, err
+	}
+
+	syslogFormatter, syslogFramer, err := parseLogFormat(ctx.Config["syslog-format"])
+	if err != nil {
+		return nil, err
+	}
+
+	logTag := path.Base(os.Args[0]) + "/" + tag
+
+	var log *syslog.Writer
+	if proto == secureProto {
+		tlsConfig, tlsErr := parseTLSConfig(ctx.Config)
+		if tlsErr != nil {
+			return nil, tlsErr
+		}
+		log, err = syslog.DialWithTLSConfig(proto, address, facility, logTag, tlsConfig)
+	} else {
+		log, err = syslog.Dial(proto, address, facility, logTag)
+	}
+
+	if err != nil {
+		return nil, err
+	}
+
+	log.SetFormatter(syslogFormatter)
+	log.SetFramer(syslogFramer)
+
+	return &syslogger{
+		writer: log,
+	}, nil
+}
+
+func (s *syslogger) Log(msg *logger.Message) error {
+	if msg.Source == "stderr" {
+		return s.writer.Err(string(msg.Line))
+	}
+	return s.writer.Info(string(msg.Line))
+}
+
+func (s *syslogger) Close() error {
+	return s.writer.Close()
+}
+
+func (s *syslogger) Name() string {
+	return name
+}
+
+func parseAddress(address string) (string, string, error) {
+	if address == "" {
+		return "", "", nil
+	}
+	if !urlutil.IsTransportURL(address) {
+		return "", "", fmt.Errorf("syslog-address should be in form proto://address, got %v", address)
+	}
+	url, err := url.Parse(address)
+	if err != nil {
+		return "", "", err
+	}
+
+	// unix socket validation
+	if url.Scheme == "unix" {
+		if _, err := os.Stat(url.Path); err != nil {
+			return "", "", err
+		}
+		return url.Scheme, url.Path, nil
+	}
+
+	// here we process tcp|udp
+	host := url.Host
+	if _, _, err := net.SplitHostPort(host); err != nil {
+		if !strings.Contains(err.Error(), "missing port in address") {
+			return "", "", err
+		}
+		host = host + ":514"
+	}
+
+	return url.Scheme, host, nil
+}
+
+// ValidateLogOpt looks for syslog specific log options
+// syslog-address, syslog-facility, & syslog-tag.
+func ValidateLogOpt(cfg map[string]string) error {
+	for key := range cfg {
+		switch key {
+		case "syslog-address":
+		case "syslog-facility":
+		case "syslog-tag":
+		case "syslog-tls-ca-cert":
+		case "syslog-tls-cert":
+		case "syslog-tls-key":
+		case "syslog-tls-skip-verify":
+		case "tag":
+		case "syslog-format":
+		default:
+			return fmt.Errorf("unknown log opt '%s' for syslog log driver", key)
+		}
+	}
+	if _, _, err := parseAddress(cfg["syslog-address"]); err != nil {
+		return err
+	}
+	if _, err := parseFacility(cfg["syslog-facility"]); err != nil {
+		return err
+	}
+	if _, _, err := parseLogFormat(cfg["syslog-format"]); err != nil {
+		return err
+	}
+	return nil
+}
+
+func parseFacility(facility string) (syslog.Priority, error) {
+	if facility == "" {
+		return syslog.LOG_DAEMON, nil
+	}
+
+	if syslogFacility, valid := facilities[facility]; valid {
+		return syslogFacility, nil
+	}
+
+	fInt, err := strconv.Atoi(facility)
+	if err == nil && 0 <= fInt && fInt <= 23 {
+		return syslog.Priority(fInt << 3), nil
+	}
+
+	return syslog.Priority(0), errors.New("invalid syslog facility")
+}
+
+func parseTLSConfig(cfg map[string]string) (*tls.Config, error) {
+	_, skipVerify := cfg["syslog-tls-skip-verify"]
+
+	opts := tlsconfig.Options{
+		CAFile:             cfg["syslog-tls-ca-cert"],
+		CertFile:           cfg["syslog-tls-cert"],
+		KeyFile:            cfg["syslog-tls-key"],
+		InsecureSkipVerify: skipVerify,
+	}
+
+	return tlsconfig.Client(opts)
+}
+
+func parseLogFormat(logFormat string) (syslog.Formatter, syslog.Framer, error) {
+	switch logFormat {
+	case "":
+		return syslog.UnixFormatter, syslog.DefaultFramer, nil
+	case "rfc3164":
+		return syslog.RFC3164Formatter, syslog.DefaultFramer, nil
+	case "rfc5424":
+		return rfc5424formatterWithAppNameAsTag, syslog.RFC5425MessageLengthFramer, nil
+	default:
+		return nil, nil, errors.New("Invalid syslog format")
+	}
+
+}
diff --git a/daemon/logger/syslog/syslog_test.go b/daemon/logger/syslog/syslog_test.go
new file mode 100644
index 00000000..c18494be
--- /dev/null
+++ b/daemon/logger/syslog/syslog_test.go
@@ -0,0 +1,45 @@
+// +build linux
+
+package syslog
+
+import (
+	syslog "github.com/RackSec/srslog"
+	"reflect"
+	"testing"
+)
+
+func functionMatches(expectedFun interface{}, actualFun interface{}) bool {
+	return reflect.ValueOf(expectedFun).Pointer() == reflect.ValueOf(actualFun).Pointer()
+}
+
+func TestParseLogFormat(t *testing.T) {
+	formatter, framer, err := parseLogFormat("rfc5424")
+	if err != nil || !functionMatches(rfc5424formatterWithAppNameAsTag, formatter) ||
+		!functionMatches(syslog.RFC5425MessageLengthFramer, framer) {
+		t.Fatal("Failed to parse rfc5424 format", err, formatter, framer)
+	}
+
+	formatter, framer, err = parseLogFormat("rfc3164")
+	if err != nil || !functionMatches(syslog.RFC3164Formatter, formatter) ||
+		!functionMatches(syslog.DefaultFramer, framer) {
+		t.Fatal("Failed to parse rfc3164 format", err, formatter, framer)
+	}
+
+	formatter, framer, err = parseLogFormat("")
+	if err != nil || !functionMatches(syslog.UnixFormatter, formatter) ||
+		!functionMatches(syslog.DefaultFramer, framer) {
+		t.Fatal("Failed to parse empty format", err, formatter, framer)
+	}
+
+	formatter, framer, err = parseLogFormat("invalid")
+	if err == nil {
+		t.Fatal("Failed to parse invalid format", err, formatter, framer)
+	}
+}
+
+func TestValidateLogOptEmpty(t *testing.T) {
+	emptyConfig := make(map[string]string)
+	if err := ValidateLogOpt(emptyConfig); err != nil {
+		t.Fatal("Failed to parse empty config", err)
+	}
+}
diff --git a/daemon/logger/syslog/syslog_unsupported.go b/daemon/logger/syslog/syslog_unsupported.go
new file mode 100644
index 00000000..50cc51b6
--- /dev/null
+++ b/daemon/logger/syslog/syslog_unsupported.go
@@ -0,0 +1,3 @@
+// +build !linux
+
+package syslog
diff --git a/daemon/logs.go b/daemon/logs.go
new file mode 100644
index 00000000..40c47a6e
--- /dev/null
+++ b/daemon/logs.go
@@ -0,0 +1,154 @@
+package daemon
+
+import (
+	"fmt"
+	"io"
+	"strconv"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/api/types/backend"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/daemon/logger"
+	"github.com/docker/docker/daemon/logger/jsonfilelog"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/pkg/stdcopy"
+	containertypes "github.com/docker/engine-api/types/container"
+	timetypes "github.com/docker/engine-api/types/time"
+)
+
+// ContainerLogs hooks up a container's stdout and stderr streams
+// configured with the given struct.
+func (daemon *Daemon) ContainerLogs(containerName string, config *backend.ContainerLogsConfig, started chan struct{}) error {
+	container, err := daemon.GetContainer(containerName)
+	if err != nil {
+		return err
+	}
+
+	if !(config.ShowStdout || config.ShowStderr) {
+		return fmt.Errorf("You must choose at least one stream")
+	}
+
+	cLog, err := daemon.getLogger(container)
+	if err != nil {
+		return err
+	}
+	logReader, ok := cLog.(logger.LogReader)
+	if !ok {
+		return logger.ErrReadLogsNotSupported
+	}
+
+	follow := config.Follow && container.IsRunning()
+	tailLines, err := strconv.Atoi(config.Tail)
+	if err != nil {
+		tailLines = -1
+	}
+
+	logrus.Debug("logs: begin stream")
+
+	var since time.Time
+	if config.Since != "" {
+		s, n, err := timetypes.ParseTimestamps(config.Since, 0)
+		if err != nil {
+			return err
+		}
+		since = time.Unix(s, n)
+	}
+	readConfig := logger.ReadConfig{
+		Since:  since,
+		Tail:   tailLines,
+		Follow: follow,
+	}
+	logs := logReader.ReadLogs(readConfig)
+
+	wf := ioutils.NewWriteFlusher(config.OutStream)
+	defer wf.Close()
+	close(started)
+	wf.Flush()
+
+	var outStream io.Writer = wf
+	errStream := outStream
+	if !container.Config.Tty {
+		errStream = stdcopy.NewStdWriter(outStream, stdcopy.Stderr)
+		outStream = stdcopy.NewStdWriter(outStream, stdcopy.Stdout)
+	}
+
+	for {
+		select {
+		case err := <-logs.Err:
+			logrus.Errorf("Error streaming logs: %v", err)
+			return nil
+		case <-config.Stop:
+			logs.Close()
+			return nil
+		case msg, ok := <-logs.Msg:
+			if !ok {
+				logrus.Debugf("logs: end stream")
+				logs.Close()
+				return nil
+			}
+			logLine := msg.Line
+			if config.Timestamps {
+				logLine = append([]byte(msg.Timestamp.Format(logger.TimeFormat)+" "), logLine...)
+			}
+			if msg.Source == "stdout" && config.ShowStdout {
+				outStream.Write(logLine)
+			}
+			if msg.Source == "stderr" && config.ShowStderr {
+				errStream.Write(logLine)
+			}
+		}
+	}
+}
+
+func (daemon *Daemon) getLogger(container *container.Container) (logger.Logger, error) {
+	if container.LogDriver != nil && container.IsRunning() {
+		return container.LogDriver, nil
+	}
+	cfg := daemon.getLogConfig(container.HostConfig.LogConfig)
+	if err := logger.ValidateLogOpts(cfg.Type, cfg.Config); err != nil {
+		return nil, err
+	}
+	return container.StartLogger(cfg)
+}
+
+// StartLogging initializes and starts the container logging stream.
+func (daemon *Daemon) StartLogging(container *container.Container) error {
+	cfg := daemon.getLogConfig(container.HostConfig.LogConfig)
+	if cfg.Type == "none" {
+		return nil // do not start logging routines
+	}
+
+	if err := logger.ValidateLogOpts(cfg.Type, cfg.Config); err != nil {
+		return err
+	}
+	l, err := container.StartLogger(cfg)
+	if err != nil {
+		return fmt.Errorf("Failed to initialize logging driver: %v", err)
+	}
+
+	copier := logger.NewCopier(container.ID, map[string]io.Reader{"stdout": container.StdoutPipe(), "stderr": container.StderrPipe()}, l)
+	container.LogCopier = copier
+	copier.Run()
+	container.LogDriver = l
+
+	// set LogPath field only for json-file logdriver
+	if jl, ok := l.(*jsonfilelog.JSONFileLogger); ok {
+		container.LogPath = jl.LogPath()
+	}
+
+	return nil
+}
+
+// getLogConfig returns the log configuration for the container.
+func (daemon *Daemon) getLogConfig(cfg containertypes.LogConfig) containertypes.LogConfig {
+	if cfg.Type != "" || len(cfg.Config) > 0 { // container has log driver configured
+		if cfg.Type == "" {
+			cfg.Type = jsonfilelog.Name
+		}
+		return cfg
+	}
+
+	// Use daemon's default log config for containers
+	return daemon.defaultLogConfig
+}
diff --git a/daemon/monitor.go b/daemon/monitor.go
new file mode 100644
index 00000000..f9f7def9
--- /dev/null
+++ b/daemon/monitor.go
@@ -0,0 +1,144 @@
+package daemon
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"runtime"
+	"strconv"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/libcontainerd"
+	"github.com/docker/docker/runconfig"
+)
+
+// StateChanged updates daemon state changes from containerd
+func (daemon *Daemon) StateChanged(id string, e libcontainerd.StateInfo) error {
+	c := daemon.containers.Get(id)
+	if c == nil {
+		return fmt.Errorf("no such container: %s", id)
+	}
+
+	switch e.State {
+	case libcontainerd.StateOOM:
+		// StateOOM is Linux specific and should never be hit on Windows
+		if runtime.GOOS == "windows" {
+			return errors.New("Received StateOOM from libcontainerd on Windows. This should never happen.")
+		}
+		daemon.LogContainerEvent(c, "oom")
+	case libcontainerd.StateExit:
+		c.Lock()
+		defer c.Unlock()
+		c.Wait()
+		c.Reset(false)
+		c.SetStopped(platformConstructExitStatus(e))
+		attributes := map[string]string{
+			"exitCode": strconv.Itoa(int(e.ExitCode)),
+		}
+		daemon.LogContainerEventWithAttributes(c, "die", attributes)
+		daemon.Cleanup(c)
+		// FIXME: here is race condition between two RUN instructions in Dockerfile
+		// because they share same runconfig and change image. Must be fixed
+		// in builder/builder.go
+		return c.ToDisk()
+	case libcontainerd.StateRestart:
+		c.Lock()
+		defer c.Unlock()
+		c.Reset(false)
+		c.RestartCount++
+		c.SetRestarting(platformConstructExitStatus(e))
+		attributes := map[string]string{
+			"exitCode": strconv.Itoa(int(e.ExitCode)),
+		}
+		daemon.LogContainerEventWithAttributes(c, "die", attributes)
+		return c.ToDisk()
+	case libcontainerd.StateExitProcess:
+		c.Lock()
+		defer c.Unlock()
+		if execConfig := c.ExecCommands.Get(e.ProcessID); execConfig != nil {
+			ec := int(e.ExitCode)
+			execConfig.ExitCode = &ec
+			execConfig.Running = false
+			execConfig.Wait()
+			if err := execConfig.CloseStreams(); err != nil {
+				logrus.Errorf("%s: %s", c.ID, err)
+			}
+
+			// remove the exec command from the container's store only and not the
+			// daemon's store so that the exec command can be inspected.
+			c.ExecCommands.Delete(execConfig.ID)
+		} else {
+			logrus.Warnf("Ignoring StateExitProcess for %v but no exec command found", e)
+		}
+	case libcontainerd.StateStart, libcontainerd.StateRestore:
+		c.SetRunning(int(e.Pid), e.State == libcontainerd.StateStart)
+		c.HasBeenManuallyStopped = false
+		if err := c.ToDisk(); err != nil {
+			c.Reset(false)
+			return err
+		}
+		daemon.LogContainerEvent(c, "start")
+	case libcontainerd.StatePause:
+		c.Paused = true
+		daemon.LogContainerEvent(c, "pause")
+	case libcontainerd.StateResume:
+		c.Paused = false
+		daemon.LogContainerEvent(c, "unpause")
+	}
+
+	return nil
+}
+
+// AttachStreams is called by libcontainerd to connect the stdio.
+func (daemon *Daemon) AttachStreams(id string, iop libcontainerd.IOPipe) error {
+	var s *runconfig.StreamConfig
+	c := daemon.containers.Get(id)
+	if c == nil {
+		ec, err := daemon.getExecConfig(id)
+		if err != nil {
+			return fmt.Errorf("no such exec/container: %s", id)
+		}
+		s = ec.StreamConfig
+	} else {
+		s = c.StreamConfig
+		if err := daemon.StartLogging(c); err != nil {
+			c.Reset(false)
+			return err
+		}
+	}
+
+	if stdin := s.Stdin(); stdin != nil {
+		if iop.Stdin != nil {
+			go func() {
+				io.Copy(iop.Stdin, stdin)
+				iop.Stdin.Close()
+			}()
+		}
+	} else {
+		if c != nil && !c.Config.Tty {
+			// tty is enabled, so dont close containerd's iopipe stdin.
+			if iop.Stdin != nil {
+				iop.Stdin.Close()
+			}
+		}
+	}
+
+	copy := func(w io.Writer, r io.Reader) {
+		s.Add(1)
+		go func() {
+			if _, err := io.Copy(w, r); err != nil {
+				logrus.Errorf("%v stream copy error: %v", id, err)
+			}
+			s.Done()
+		}()
+	}
+
+	if iop.Stdout != nil {
+		copy(s.Stdout(), iop.Stdout)
+	}
+	if iop.Stderr != nil {
+		copy(s.Stderr(), iop.Stderr)
+	}
+
+	return nil
+}
diff --git a/daemon/monitor_linux.go b/daemon/monitor_linux.go
new file mode 100644
index 00000000..df8b6c5d
--- /dev/null
+++ b/daemon/monitor_linux.go
@@ -0,0 +1,14 @@
+package daemon
+
+import (
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/libcontainerd"
+)
+
+// platformConstructExitStatus returns a platform specific exit status structure
+func platformConstructExitStatus(e libcontainerd.StateInfo) *container.ExitStatus {
+	return &container.ExitStatus{
+		ExitCode:  int(e.ExitCode),
+		OOMKilled: e.OOMKilled,
+	}
+}
diff --git a/daemon/monitor_windows.go b/daemon/monitor_windows.go
new file mode 100644
index 00000000..b808ed3d
--- /dev/null
+++ b/daemon/monitor_windows.go
@@ -0,0 +1,13 @@
+package daemon
+
+import (
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/libcontainerd"
+)
+
+// platformConstructExitStatus returns a platform specific exit status structure
+func platformConstructExitStatus(e libcontainerd.StateInfo) *container.ExitStatus {
+	return &container.ExitStatus{
+		ExitCode: int(e.ExitCode),
+	}
+}
diff --git a/daemon/mounts.go b/daemon/mounts.go
new file mode 100644
index 00000000..d4f24b28
--- /dev/null
+++ b/daemon/mounts.go
@@ -0,0 +1,48 @@
+package daemon
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/docker/docker/container"
+	volumestore "github.com/docker/docker/volume/store"
+)
+
+func (daemon *Daemon) prepareMountPoints(container *container.Container) error {
+	for _, config := range container.MountPoints {
+		if err := daemon.lazyInitializeVolume(container.ID, config); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (daemon *Daemon) removeMountPoints(container *container.Container, rm bool) error {
+	var rmErrors []string
+	for _, m := range container.MountPoints {
+		if m.Volume == nil {
+			continue
+		}
+		daemon.volumes.Dereference(m.Volume, container.ID)
+		if rm {
+			// Do not remove named mountpoints
+			// these are mountpoints specified like `docker run -v <name>:/foo`
+			if m.Named {
+				continue
+			}
+			err := daemon.volumes.Remove(m.Volume)
+			// Ignore volume in use errors because having this
+			// volume being referenced by other container is
+			// not an error, but an implementation detail.
+			// This prevents docker from logging "ERROR: Volume in use"
+			// where there is another container using the volume.
+			if err != nil && !volumestore.IsInUse(err) {
+				rmErrors = append(rmErrors, err.Error())
+			}
+		}
+	}
+	if len(rmErrors) > 0 {
+		return fmt.Errorf("Error removing volumes:\n%v", strings.Join(rmErrors, "\n"))
+	}
+	return nil
+}
diff --git a/daemon/network.go b/daemon/network.go
new file mode 100644
index 00000000..98879915
--- /dev/null
+++ b/daemon/network.go
@@ -0,0 +1,205 @@
+package daemon
+
+import (
+	"fmt"
+	"net"
+	"net/http"
+	"strings"
+
+	"github.com/docker/docker/errors"
+	"github.com/docker/docker/runconfig"
+	"github.com/docker/engine-api/types/network"
+	"github.com/docker/libnetwork"
+)
+
+// NetworkControllerEnabled checks if the networking stack is enabled.
+// This feature depends on OS primitives and it's disabled in systems like Windows.
+func (daemon *Daemon) NetworkControllerEnabled() bool {
+	return daemon.netController != nil
+}
+
+// FindNetwork function finds a network for a given string that can represent network name or id
+func (daemon *Daemon) FindNetwork(idName string) (libnetwork.Network, error) {
+	// Find by Name
+	n, err := daemon.GetNetworkByName(idName)
+	if err != nil && !isNoSuchNetworkError(err) {
+		return nil, err
+	}
+
+	if n != nil {
+		return n, nil
+	}
+
+	// Find by id
+	return daemon.GetNetworkByID(idName)
+}
+
+func isNoSuchNetworkError(err error) bool {
+	_, ok := err.(libnetwork.ErrNoSuchNetwork)
+	return ok
+}
+
+// GetNetworkByID function returns a network whose ID begins with the given prefix.
+// It fails with an error if no matching, or more than one matching, networks are found.
+func (daemon *Daemon) GetNetworkByID(partialID string) (libnetwork.Network, error) {
+	list := daemon.GetNetworksByID(partialID)
+
+	if len(list) == 0 {
+		return nil, libnetwork.ErrNoSuchNetwork(partialID)
+	}
+	if len(list) > 1 {
+		return nil, libnetwork.ErrInvalidID(partialID)
+	}
+	return list[0], nil
+}
+
+// GetNetworkByName function returns a network for a given network name.
+func (daemon *Daemon) GetNetworkByName(name string) (libnetwork.Network, error) {
+	c := daemon.netController
+	if name == "" {
+		name = c.Config().Daemon.DefaultNetwork
+	}
+	return c.NetworkByName(name)
+}
+
+// GetNetworksByID returns a list of networks whose ID partially matches zero or more networks
+func (daemon *Daemon) GetNetworksByID(partialID string) []libnetwork.Network {
+	c := daemon.netController
+	list := []libnetwork.Network{}
+	l := func(nw libnetwork.Network) bool {
+		if strings.HasPrefix(nw.ID(), partialID) {
+			list = append(list, nw)
+		}
+		return false
+	}
+	c.WalkNetworks(l)
+
+	return list
+}
+
+// GetAllNetworks returns a list containing all networks
+func (daemon *Daemon) GetAllNetworks() []libnetwork.Network {
+	c := daemon.netController
+	list := []libnetwork.Network{}
+	l := func(nw libnetwork.Network) bool {
+		list = append(list, nw)
+		return false
+	}
+	c.WalkNetworks(l)
+
+	return list
+}
+
+// CreateNetwork creates a network with the given name, driver and other optional parameters
+func (daemon *Daemon) CreateNetwork(name, driver string, ipam network.IPAM, netOption map[string]string, labels map[string]string, internal bool, enableIPv6 bool) (libnetwork.Network, error) {
+	c := daemon.netController
+	if driver == "" {
+		driver = c.Config().Daemon.DefaultDriver
+	}
+
+	v4Conf, v6Conf, err := getIpamConfig(ipam.Config)
+	if err != nil {
+		return nil, err
+	}
+
+	nwOptions := []libnetwork.NetworkOption{
+		libnetwork.NetworkOptionIpam(ipam.Driver, "", v4Conf, v6Conf, ipam.Options),
+		libnetwork.NetworkOptionEnableIPv6(enableIPv6),
+		libnetwork.NetworkOptionDriverOpts(netOption),
+		libnetwork.NetworkOptionLabels(labels),
+	}
+	if internal {
+		nwOptions = append(nwOptions, libnetwork.NetworkOptionInternalNetwork())
+	}
+	n, err := c.NewNetwork(driver, name, nwOptions...)
+	if err != nil {
+		return nil, err
+	}
+
+	daemon.LogNetworkEvent(n, "create")
+	return n, nil
+}
+
+func getIpamConfig(data []network.IPAMConfig) ([]*libnetwork.IpamConf, []*libnetwork.IpamConf, error) {
+	ipamV4Cfg := []*libnetwork.IpamConf{}
+	ipamV6Cfg := []*libnetwork.IpamConf{}
+	for _, d := range data {
+		iCfg := libnetwork.IpamConf{}
+		iCfg.PreferredPool = d.Subnet
+		iCfg.SubPool = d.IPRange
+		iCfg.Gateway = d.Gateway
+		iCfg.AuxAddresses = d.AuxAddress
+		ip, _, err := net.ParseCIDR(d.Subnet)
+		if err != nil {
+			return nil, nil, fmt.Errorf("Invalid subnet %s : %v", d.Subnet, err)
+		}
+		if ip.To4() != nil {
+			ipamV4Cfg = append(ipamV4Cfg, &iCfg)
+		} else {
+			ipamV6Cfg = append(ipamV6Cfg, &iCfg)
+		}
+	}
+	return ipamV4Cfg, ipamV6Cfg, nil
+}
+
+// ConnectContainerToNetwork connects the given container to the given
+// network. If either cannot be found, an err is returned. If the
+// network cannot be set up, an err is returned.
+func (daemon *Daemon) ConnectContainerToNetwork(containerName, networkName string, endpointConfig *network.EndpointSettings) error {
+	container, err := daemon.GetContainer(containerName)
+	if err != nil {
+		return err
+	}
+	return daemon.ConnectToNetwork(container, networkName, endpointConfig)
+}
+
+// DisconnectContainerFromNetwork disconnects the given container from
+// the given network. If either cannot be found, an err is returned.
+func (daemon *Daemon) DisconnectContainerFromNetwork(containerName string, network libnetwork.Network, force bool) error {
+	container, err := daemon.GetContainer(containerName)
+	if err != nil {
+		if force {
+			return daemon.ForceEndpointDelete(containerName, network)
+		}
+		return err
+	}
+	return daemon.DisconnectFromNetwork(container, network, force)
+}
+
+// GetNetworkDriverList returns the list of plugins drivers
+// registered for network.
+func (daemon *Daemon) GetNetworkDriverList() map[string]bool {
+	pluginList := make(map[string]bool)
+
+	if !daemon.NetworkControllerEnabled() {
+		return nil
+	}
+	c := daemon.netController
+	networks := c.Networks()
+
+	for _, network := range networks {
+		driver := network.Type()
+		pluginList[driver] = true
+	}
+
+	return pluginList
+}
+
+// DeleteNetwork destroys a network unless it's one of docker's predefined networks.
+func (daemon *Daemon) DeleteNetwork(networkID string) error {
+	nw, err := daemon.FindNetwork(networkID)
+	if err != nil {
+		return err
+	}
+
+	if runconfig.IsPreDefinedNetwork(nw.Name()) {
+		err := fmt.Errorf("%s is a pre-defined network and cannot be removed", nw.Name())
+		return errors.NewErrorWithStatusCode(err, http.StatusForbidden)
+	}
+
+	if err := nw.Delete(); err != nil {
+		return err
+	}
+	daemon.LogNetworkEvent(nw, "destroy")
+	return nil
+}
diff --git a/daemon/network/settings.go b/daemon/network/settings.go
new file mode 100644
index 00000000..823bec26
--- /dev/null
+++ b/daemon/network/settings.go
@@ -0,0 +1,22 @@
+package network
+
+import (
+	networktypes "github.com/docker/engine-api/types/network"
+	"github.com/docker/go-connections/nat"
+)
+
+// Settings stores configuration details about the daemon network config
+// TODO Windows. Many of these fields can be factored out.,
+type Settings struct {
+	Bridge                 string
+	SandboxID              string
+	HairpinMode            bool
+	LinkLocalIPv6Address   string
+	LinkLocalIPv6PrefixLen int
+	Networks               map[string]*networktypes.EndpointSettings
+	Ports                  nat.PortMap
+	SandboxKey             string
+	SecondaryIPAddresses   []networktypes.Address
+	SecondaryIPv6Addresses []networktypes.Address
+	IsAnonymousEndpoint    bool
+}
diff --git a/daemon/oci_linux.go b/daemon/oci_linux.go
new file mode 100644
index 00000000..0c3636ce
--- /dev/null
+++ b/daemon/oci_linux.go
@@ -0,0 +1,687 @@
+package daemon
+
+import (
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+	"strconv"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/daemon/caps"
+	"github.com/docker/docker/libcontainerd"
+	"github.com/docker/docker/oci"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/mount"
+	"github.com/docker/docker/pkg/stringutils"
+	"github.com/docker/docker/pkg/symlink"
+	"github.com/docker/docker/volume"
+	containertypes "github.com/docker/engine-api/types/container"
+	"github.com/opencontainers/runc/libcontainer/apparmor"
+	"github.com/opencontainers/runc/libcontainer/devices"
+	"github.com/opencontainers/runc/libcontainer/user"
+	"github.com/opencontainers/specs/specs-go"
+)
+
+func setResources(s *specs.Spec, r containertypes.Resources) error {
+	weightDevices, err := getBlkioWeightDevices(r)
+	if err != nil {
+		return err
+	}
+	readBpsDevice, err := getBlkioReadBpsDevices(r)
+	if err != nil {
+		return err
+	}
+	writeBpsDevice, err := getBlkioWriteBpsDevices(r)
+	if err != nil {
+		return err
+	}
+	readIOpsDevice, err := getBlkioReadIOpsDevices(r)
+	if err != nil {
+		return err
+	}
+	writeIOpsDevice, err := getBlkioWriteIOpsDevices(r)
+	if err != nil {
+		return err
+	}
+
+	memoryRes := getMemoryResources(r)
+	cpuRes := getCPUResources(r)
+	blkioWeight := r.BlkioWeight
+
+	specResources := &specs.Resources{
+		Memory: memoryRes,
+		CPU:    cpuRes,
+		BlockIO: &specs.BlockIO{
+			Weight:                  &blkioWeight,
+			WeightDevice:            weightDevices,
+			ThrottleReadBpsDevice:   readBpsDevice,
+			ThrottleWriteBpsDevice:  writeBpsDevice,
+			ThrottleReadIOPSDevice:  readIOpsDevice,
+			ThrottleWriteIOPSDevice: writeIOpsDevice,
+		},
+		DisableOOMKiller: r.OomKillDisable,
+		Pids: &specs.Pids{
+			Limit: &r.PidsLimit,
+		},
+	}
+
+	if s.Linux.Resources != nil && len(s.Linux.Resources.Devices) > 0 {
+		specResources.Devices = s.Linux.Resources.Devices
+	}
+
+	s.Linux.Resources = specResources
+	return nil
+}
+
+func setDevices(s *specs.Spec, c *container.Container) error {
+	// Build lists of devices allowed and created within the container.
+	var devs []specs.Device
+	devPermissions := s.Linux.Resources.Devices
+	if c.HostConfig.Privileged {
+		hostDevices, err := devices.HostDevices()
+		if err != nil {
+			return err
+		}
+		for _, d := range hostDevices {
+			devs = append(devs, specDevice(d))
+		}
+		rwm := "rwm"
+		devPermissions = []specs.DeviceCgroup{
+			{
+				Allow:  true,
+				Access: &rwm,
+			},
+		}
+	} else {
+		for _, deviceMapping := range c.HostConfig.Devices {
+			d, dPermissions, err := getDevicesFromPath(deviceMapping)
+			if err != nil {
+				return err
+			}
+			devs = append(devs, d...)
+			devPermissions = append(devPermissions, dPermissions...)
+		}
+	}
+
+	s.Linux.Devices = append(s.Linux.Devices, devs...)
+	s.Linux.Resources.Devices = devPermissions
+	return nil
+}
+
+func setRlimits(daemon *Daemon, s *specs.Spec, c *container.Container) error {
+	var rlimits []specs.Rlimit
+
+	ulimits := c.HostConfig.Ulimits
+	// Merge ulimits with daemon defaults
+	ulIdx := make(map[string]struct{})
+	for _, ul := range ulimits {
+		ulIdx[ul.Name] = struct{}{}
+	}
+	for name, ul := range daemon.configStore.Ulimits {
+		if _, exists := ulIdx[name]; !exists {
+			ulimits = append(ulimits, ul)
+		}
+	}
+
+	for _, ul := range ulimits {
+		rlimits = append(rlimits, specs.Rlimit{
+			Type: "RLIMIT_" + strings.ToUpper(ul.Name),
+			Soft: uint64(ul.Soft),
+			Hard: uint64(ul.Hard),
+		})
+	}
+
+	s.Process.Rlimits = rlimits
+	return nil
+}
+
+func setUser(s *specs.Spec, c *container.Container) error {
+	uid, gid, additionalGids, err := getUser(c, c.Config.User)
+	if err != nil {
+		return err
+	}
+	s.Process.User.UID = uid
+	s.Process.User.GID = gid
+	s.Process.User.AdditionalGids = additionalGids
+	return nil
+}
+
+func readUserFile(c *container.Container, p string) (io.ReadCloser, error) {
+	fp, err := symlink.FollowSymlinkInScope(filepath.Join(c.BaseFS, p), c.BaseFS)
+	if err != nil {
+		return nil, err
+	}
+	return os.Open(fp)
+}
+
+func getUser(c *container.Container, username string) (uint32, uint32, []uint32, error) {
+	passwdPath, err := user.GetPasswdPath()
+	if err != nil {
+		return 0, 0, nil, err
+	}
+	groupPath, err := user.GetGroupPath()
+	if err != nil {
+		return 0, 0, nil, err
+	}
+	passwdFile, err := readUserFile(c, passwdPath)
+	if err == nil {
+		defer passwdFile.Close()
+	}
+	groupFile, err := readUserFile(c, groupPath)
+	if err == nil {
+		defer groupFile.Close()
+	}
+
+	execUser, err := user.GetExecUser(username, nil, passwdFile, groupFile)
+	if err != nil {
+		return 0, 0, nil, err
+	}
+
+	// todo: fix this double read by a change to libcontainer/user pkg
+	groupFile, err = readUserFile(c, groupPath)
+	if err == nil {
+		defer groupFile.Close()
+	}
+	var addGroups []int
+	if len(c.HostConfig.GroupAdd) > 0 {
+		addGroups, err = user.GetAdditionalGroups(c.HostConfig.GroupAdd, groupFile)
+		if err != nil {
+			return 0, 0, nil, err
+		}
+	}
+	uid := uint32(execUser.Uid)
+	gid := uint32(execUser.Gid)
+	sgids := append(execUser.Sgids, addGroups...)
+	var additionalGids []uint32
+	for _, g := range sgids {
+		additionalGids = append(additionalGids, uint32(g))
+	}
+	return uid, gid, additionalGids, nil
+}
+
+func setNamespace(s *specs.Spec, ns specs.Namespace) {
+	for i, n := range s.Linux.Namespaces {
+		if n.Type == ns.Type {
+			s.Linux.Namespaces[i] = ns
+			return
+		}
+	}
+	s.Linux.Namespaces = append(s.Linux.Namespaces, ns)
+}
+
+func setCapabilities(s *specs.Spec, c *container.Container) error {
+	var caplist []string
+	var err error
+	if c.HostConfig.Privileged {
+		caplist = caps.GetAllCapabilities()
+	} else {
+		caplist, err = caps.TweakCapabilities(s.Process.Capabilities, c.HostConfig.CapAdd, c.HostConfig.CapDrop)
+		if err != nil {
+			return err
+		}
+	}
+	s.Process.Capabilities = caplist
+	return nil
+}
+
+func delNamespace(s *specs.Spec, nsType specs.NamespaceType) {
+	idx := -1
+	for i, n := range s.Linux.Namespaces {
+		if n.Type == nsType {
+			idx = i
+		}
+	}
+	if idx >= 0 {
+		s.Linux.Namespaces = append(s.Linux.Namespaces[:idx], s.Linux.Namespaces[idx+1:]...)
+	}
+}
+
+func setNamespaces(daemon *Daemon, s *specs.Spec, c *container.Container) error {
+	userNS := false
+	// user
+	if c.HostConfig.UsernsMode.IsPrivate() {
+		uidMap, gidMap := daemon.GetUIDGIDMaps()
+		if uidMap != nil {
+			userNS = true
+			ns := specs.Namespace{Type: "user"}
+			setNamespace(s, ns)
+			s.Linux.UIDMappings = specMapping(uidMap)
+			s.Linux.GIDMappings = specMapping(gidMap)
+		}
+	}
+	// network
+	if !c.Config.NetworkDisabled {
+		ns := specs.Namespace{Type: "network"}
+		parts := strings.SplitN(string(c.HostConfig.NetworkMode), ":", 2)
+		if parts[0] == "container" {
+			nc, err := daemon.getNetworkedContainer(c.ID, c.HostConfig.NetworkMode.ConnectedContainer())
+			if err != nil {
+				return err
+			}
+			ns.Path = fmt.Sprintf("/proc/%d/ns/net", nc.State.GetPID())
+			if userNS {
+				// to share a net namespace, they must also share a user namespace
+				nsUser := specs.Namespace{Type: "user"}
+				nsUser.Path = fmt.Sprintf("/proc/%d/ns/user", nc.State.GetPID())
+				setNamespace(s, nsUser)
+			}
+		} else if c.HostConfig.NetworkMode.IsHost() {
+			ns.Path = c.NetworkSettings.SandboxKey
+		}
+		setNamespace(s, ns)
+	}
+	// ipc
+	if c.HostConfig.IpcMode.IsContainer() {
+		ns := specs.Namespace{Type: "ipc"}
+		ic, err := daemon.getIpcContainer(c)
+		if err != nil {
+			return err
+		}
+		ns.Path = fmt.Sprintf("/proc/%d/ns/ipc", ic.State.GetPID())
+		setNamespace(s, ns)
+		if userNS {
+			// to share an IPC namespace, they must also share a user namespace
+			nsUser := specs.Namespace{Type: "user"}
+			nsUser.Path = fmt.Sprintf("/proc/%d/ns/user", ic.State.GetPID())
+			setNamespace(s, nsUser)
+		}
+	} else if c.HostConfig.IpcMode.IsHost() {
+		delNamespace(s, specs.NamespaceType("ipc"))
+	} else {
+		ns := specs.Namespace{Type: "ipc"}
+		setNamespace(s, ns)
+	}
+	// pid
+	if c.HostConfig.PidMode.IsHost() {
+		delNamespace(s, specs.NamespaceType("pid"))
+	}
+	// uts
+	if c.HostConfig.UTSMode.IsHost() {
+		delNamespace(s, specs.NamespaceType("uts"))
+		s.Hostname = ""
+	}
+
+	return nil
+}
+
+func specMapping(s []idtools.IDMap) []specs.IDMapping {
+	var ids []specs.IDMapping
+	for _, item := range s {
+		ids = append(ids, specs.IDMapping{
+			HostID:      uint32(item.HostID),
+			ContainerID: uint32(item.ContainerID),
+			Size:        uint32(item.Size),
+		})
+	}
+	return ids
+}
+
+func getMountInfo(mountinfo []*mount.Info, dir string) *mount.Info {
+	for _, m := range mountinfo {
+		if m.Mountpoint == dir {
+			return m
+		}
+	}
+	return nil
+}
+
+// Get the source mount point of directory passed in as argument. Also return
+// optional fields.
+func getSourceMount(source string) (string, string, error) {
+	// Ensure any symlinks are resolved.
+	sourcePath, err := filepath.EvalSymlinks(source)
+	if err != nil {
+		return "", "", err
+	}
+
+	mountinfos, err := mount.GetMounts()
+	if err != nil {
+		return "", "", err
+	}
+
+	mountinfo := getMountInfo(mountinfos, sourcePath)
+	if mountinfo != nil {
+		return sourcePath, mountinfo.Optional, nil
+	}
+
+	path := sourcePath
+	for {
+		path = filepath.Dir(path)
+
+		mountinfo = getMountInfo(mountinfos, path)
+		if mountinfo != nil {
+			return path, mountinfo.Optional, nil
+		}
+
+		if path == "/" {
+			break
+		}
+	}
+
+	// If we are here, we did not find parent mount. Something is wrong.
+	return "", "", fmt.Errorf("Could not find source mount of %s", source)
+}
+
+// Ensure mount point on which path is mounted, is shared.
+func ensureShared(path string) error {
+	sharedMount := false
+
+	sourceMount, optionalOpts, err := getSourceMount(path)
+	if err != nil {
+		return err
+	}
+	// Make sure source mount point is shared.
+	optsSplit := strings.Split(optionalOpts, " ")
+	for _, opt := range optsSplit {
+		if strings.HasPrefix(opt, "shared:") {
+			sharedMount = true
+			break
+		}
+	}
+
+	if !sharedMount {
+		return fmt.Errorf("Path %s is mounted on %s but it is not a shared mount.", path, sourceMount)
+	}
+	return nil
+}
+
+// Ensure mount point on which path is mounted, is either shared or slave.
+func ensureSharedOrSlave(path string) error {
+	sharedMount := false
+	slaveMount := false
+
+	sourceMount, optionalOpts, err := getSourceMount(path)
+	if err != nil {
+		return err
+	}
+	// Make sure source mount point is shared.
+	optsSplit := strings.Split(optionalOpts, " ")
+	for _, opt := range optsSplit {
+		if strings.HasPrefix(opt, "shared:") {
+			sharedMount = true
+			break
+		} else if strings.HasPrefix(opt, "master:") {
+			slaveMount = true
+			break
+		}
+	}
+
+	if !sharedMount && !slaveMount {
+		return fmt.Errorf("Path %s is mounted on %s but it is not a shared or slave mount.", path, sourceMount)
+	}
+	return nil
+}
+
+var (
+	mountPropagationMap = map[string]int{
+		"private":  mount.PRIVATE,
+		"rprivate": mount.RPRIVATE,
+		"shared":   mount.SHARED,
+		"rshared":  mount.RSHARED,
+		"slave":    mount.SLAVE,
+		"rslave":   mount.RSLAVE,
+	}
+
+	mountPropagationReverseMap = map[int]string{
+		mount.PRIVATE:  "private",
+		mount.RPRIVATE: "rprivate",
+		mount.SHARED:   "shared",
+		mount.RSHARED:  "rshared",
+		mount.SLAVE:    "slave",
+		mount.RSLAVE:   "rslave",
+	}
+)
+
+func setMounts(daemon *Daemon, s *specs.Spec, c *container.Container, mounts []container.Mount) error {
+	userMounts := make(map[string]struct{})
+	for _, m := range mounts {
+		userMounts[m.Destination] = struct{}{}
+	}
+
+	// Filter out mounts that are overriden by user supplied mounts
+	var defaultMounts []specs.Mount
+	_, mountDev := userMounts["/dev"]
+	for _, m := range s.Mounts {
+		if _, ok := userMounts[m.Destination]; !ok {
+			if mountDev && strings.HasPrefix(m.Destination, "/dev/") {
+				continue
+			}
+			defaultMounts = append(defaultMounts, m)
+		}
+	}
+
+	s.Mounts = defaultMounts
+	for _, m := range mounts {
+		for _, cm := range s.Mounts {
+			if cm.Destination == m.Destination {
+				return fmt.Errorf("Duplicate mount point '%s'", m.Destination)
+			}
+		}
+
+		if m.Source == "tmpfs" {
+			opt := []string{"noexec", "nosuid", "nodev", volume.DefaultPropagationMode}
+			if m.Data != "" {
+				opt = append(opt, strings.Split(m.Data, ",")...)
+			} else {
+				opt = append(opt, "size=65536k")
+			}
+
+			s.Mounts = append(s.Mounts, specs.Mount{Destination: m.Destination, Source: m.Source, Type: "tmpfs", Options: opt})
+			continue
+		}
+
+		mt := specs.Mount{Destination: m.Destination, Source: m.Source, Type: "bind"}
+
+		// Determine property of RootPropagation based on volume
+		// properties. If a volume is shared, then keep root propagation
+		// shared. This should work for slave and private volumes too.
+		//
+		// For slave volumes, it can be either [r]shared/[r]slave.
+		//
+		// For private volumes any root propagation value should work.
+		pFlag := mountPropagationMap[m.Propagation]
+		if pFlag == mount.SHARED || pFlag == mount.RSHARED {
+			if err := ensureShared(m.Source); err != nil {
+				return err
+			}
+			rootpg := mountPropagationMap[s.Linux.RootfsPropagation]
+			if rootpg != mount.SHARED && rootpg != mount.RSHARED {
+				s.Linux.RootfsPropagation = mountPropagationReverseMap[mount.SHARED]
+			}
+		} else if pFlag == mount.SLAVE || pFlag == mount.RSLAVE {
+			if err := ensureSharedOrSlave(m.Source); err != nil {
+				return err
+			}
+			rootpg := mountPropagationMap[s.Linux.RootfsPropagation]
+			if rootpg != mount.SHARED && rootpg != mount.RSHARED && rootpg != mount.SLAVE && rootpg != mount.RSLAVE {
+				s.Linux.RootfsPropagation = mountPropagationReverseMap[mount.RSLAVE]
+			}
+		}
+
+		opts := []string{"rbind"}
+		if !m.Writable {
+			opts = append(opts, "ro")
+		}
+		if pFlag != 0 {
+			opts = append(opts, mountPropagationReverseMap[pFlag])
+		}
+
+		mt.Options = opts
+		s.Mounts = append(s.Mounts, mt)
+	}
+
+	if s.Root.Readonly {
+		for i, m := range s.Mounts {
+			switch m.Destination {
+			case "/proc", "/dev/pts", "/dev/mqueue": // /dev is remounted by runc
+				continue
+			}
+			if _, ok := userMounts[m.Destination]; !ok {
+				if !stringutils.InSlice(m.Options, "ro") {
+					s.Mounts[i].Options = append(s.Mounts[i].Options, "ro")
+				}
+			}
+		}
+	}
+
+	if c.HostConfig.Privileged {
+		if !s.Root.Readonly {
+			// clear readonly for /sys
+			for i := range s.Mounts {
+				if s.Mounts[i].Destination == "/sys" {
+					clearReadOnly(&s.Mounts[i])
+				}
+			}
+		}
+		s.Linux.ReadonlyPaths = nil
+		s.Linux.MaskedPaths = nil
+	}
+
+	// TODO: until a kernel/mount solution exists for handling remount in a user namespace,
+	// we must clear the readonly flag for the cgroups mount (@mrunalp concurs)
+	if uidMap, _ := daemon.GetUIDGIDMaps(); uidMap != nil || c.HostConfig.Privileged {
+		for i, m := range s.Mounts {
+			if m.Type == "cgroup" {
+				clearReadOnly(&s.Mounts[i])
+			}
+		}
+	}
+
+	return nil
+}
+
+func (daemon *Daemon) populateCommonSpec(s *specs.Spec, c *container.Container) error {
+	linkedEnv, err := daemon.setupLinkedContainers(c)
+	if err != nil {
+		return err
+	}
+	s.Root = specs.Root{
+		Path:     c.BaseFS,
+		Readonly: c.HostConfig.ReadonlyRootfs,
+	}
+	rootUID, rootGID := daemon.GetRemappedUIDGID()
+	if err := c.SetupWorkingDirectory(rootUID, rootGID); err != nil {
+		return err
+	}
+	cwd := c.Config.WorkingDir
+	if len(cwd) == 0 {
+		cwd = "/"
+	}
+	s.Process.Args = append([]string{c.Path}, c.Args...)
+	s.Process.Cwd = cwd
+	s.Process.Env = c.CreateDaemonEnvironment(linkedEnv)
+	s.Process.Terminal = c.Config.Tty
+	s.Hostname = c.FullHostname()
+
+	return nil
+}
+
+func (daemon *Daemon) createSpec(c *container.Container) (*libcontainerd.Spec, error) {
+	s := oci.DefaultSpec()
+	if err := daemon.populateCommonSpec(&s, c); err != nil {
+		return nil, err
+	}
+
+	var cgroupsPath string
+	scopePrefix := "docker"
+	parent := "/docker"
+	useSystemd := UsingSystemd(daemon.configStore)
+	if useSystemd {
+		parent = "system.slice"
+	}
+
+	if c.HostConfig.CgroupParent != "" {
+		parent = c.HostConfig.CgroupParent
+	} else if daemon.configStore.CgroupParent != "" {
+		parent = daemon.configStore.CgroupParent
+	}
+
+	if useSystemd {
+		cgroupsPath = parent + ":" + scopePrefix + ":" + c.ID
+		logrus.Debugf("createSpec: cgroupsPath: %s", cgroupsPath)
+	} else {
+		cgroupsPath = filepath.Join(parent, c.ID)
+	}
+	s.Linux.CgroupsPath = &cgroupsPath
+
+	if err := setResources(&s, c.HostConfig.Resources); err != nil {
+		return nil, fmt.Errorf("linux runtime spec resources: %v", err)
+	}
+	s.Linux.Resources.OOMScoreAdj = &c.HostConfig.OomScoreAdj
+	if err := setDevices(&s, c); err != nil {
+		return nil, fmt.Errorf("linux runtime spec devices: %v", err)
+	}
+	if err := setRlimits(daemon, &s, c); err != nil {
+		return nil, fmt.Errorf("linux runtime spec rlimits: %v", err)
+	}
+	if err := setUser(&s, c); err != nil {
+		return nil, fmt.Errorf("linux spec user: %v", err)
+	}
+	if err := setNamespaces(daemon, &s, c); err != nil {
+		return nil, fmt.Errorf("linux spec namespaces: %v", err)
+	}
+	if err := setCapabilities(&s, c); err != nil {
+		return nil, fmt.Errorf("linux spec capabilities: %v", err)
+	}
+	if err := setSeccomp(daemon, &s, c); err != nil {
+		return nil, fmt.Errorf("linux seccomp: %v", err)
+	}
+
+	if err := daemon.setupIpcDirs(c); err != nil {
+		return nil, err
+	}
+
+	mounts, err := daemon.setupMounts(c)
+	if err != nil {
+		return nil, err
+	}
+	mounts = append(mounts, c.IpcMounts()...)
+	mounts = append(mounts, c.TmpfsMounts()...)
+	if err := setMounts(daemon, &s, c, mounts); err != nil {
+		return nil, fmt.Errorf("linux mounts: %v", err)
+	}
+
+	for _, ns := range s.Linux.Namespaces {
+		if ns.Type == "network" && ns.Path == "" && !c.Config.NetworkDisabled {
+			target, err := os.Readlink(filepath.Join("/proc", strconv.Itoa(os.Getpid()), "exe"))
+			if err != nil {
+				return nil, err
+			}
+
+			s.Hooks = specs.Hooks{
+				Prestart: []specs.Hook{{
+					Path: target, // FIXME: cross-platform
+					Args: []string{"libnetwork-setkey", c.ID, daemon.netController.ID()},
+				}},
+			}
+		}
+	}
+
+	if apparmor.IsEnabled() {
+		appArmorProfile := "docker-default"
+		if len(c.AppArmorProfile) > 0 {
+			appArmorProfile = c.AppArmorProfile
+		} else if c.HostConfig.Privileged {
+			appArmorProfile = "unconfined"
+		}
+		s.Process.ApparmorProfile = appArmorProfile
+	}
+	s.Process.SelinuxLabel = c.GetProcessLabel()
+	s.Process.NoNewPrivileges = c.NoNewPrivileges
+	s.Linux.MountLabel = c.MountLabel
+
+	return (*libcontainerd.Spec)(&s), nil
+}
+
+func clearReadOnly(m *specs.Mount) {
+	var opt []string
+	for _, o := range m.Options {
+		if o != "ro" {
+			opt = append(opt, o)
+		}
+	}
+	m.Options = opt
+}
diff --git a/daemon/oci_windows.go b/daemon/oci_windows.go
new file mode 100644
index 00000000..5bf3f824
--- /dev/null
+++ b/daemon/oci_windows.go
@@ -0,0 +1,187 @@
+package daemon
+
+import (
+	"fmt"
+	"strings"
+	"syscall"
+
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/libcontainerd"
+	"github.com/docker/docker/libcontainerd/windowsoci"
+	"github.com/docker/docker/oci"
+)
+
+func (daemon *Daemon) createSpec(c *container.Container) (*libcontainerd.Spec, error) {
+	s := oci.DefaultSpec()
+
+	linkedEnv, err := daemon.setupLinkedContainers(c)
+	if err != nil {
+		return nil, err
+	}
+
+	// TODO Windows - this can be removed. Not used (UID/GID)
+	rootUID, rootGID := daemon.GetRemappedUIDGID()
+	if err := c.SetupWorkingDirectory(rootUID, rootGID); err != nil {
+		return nil, err
+	}
+
+	img, err := daemon.imageStore.Get(c.ImageID)
+	if err != nil {
+		return nil, fmt.Errorf("Failed to graph.Get on ImageID %s - %s", c.ImageID, err)
+	}
+
+	// In base spec
+	s.Hostname = c.FullHostname()
+
+	// In s.Mounts
+	mounts, err := daemon.setupMounts(c)
+	if err != nil {
+		return nil, err
+	}
+	for _, mount := range mounts {
+		s.Mounts = append(s.Mounts, windowsoci.Mount{
+			Source:      mount.Source,
+			Destination: mount.Destination,
+			Readonly:    !mount.Writable,
+		})
+	}
+
+	// Are we going to run as a Hyper-V container?
+	hv := false
+	if c.HostConfig.Isolation.IsDefault() {
+		// Container is set to use the default, so take the default from the daemon configuration
+		hv = daemon.defaultIsolation.IsHyperV()
+	} else {
+		// Container is requesting an isolation mode. Honour it.
+		hv = c.HostConfig.Isolation.IsHyperV()
+	}
+	if hv {
+		// TODO We don't yet have the ImagePath hooked up. But set to
+		// something non-nil to pickup in libcontainerd.
+		s.Windows.HvRuntime = &windowsoci.HvRuntime{}
+	}
+
+	// In s.Process
+	if c.Config.ArgsEscaped {
+		s.Process.Args = append([]string{c.Path}, c.Args...)
+	} else {
+		// TODO (jstarks): escape the entrypoint too once the tests are fixed to not rely on this behavior
+		s.Process.Args = append([]string{c.Path}, escapeArgs(c.Args)...)
+	}
+	s.Process.Cwd = c.Config.WorkingDir
+	s.Process.Env = c.CreateDaemonEnvironment(linkedEnv)
+	s.Process.InitialConsoleSize = c.HostConfig.ConsoleSize
+	s.Process.Terminal = c.Config.Tty
+	s.Process.User.User = c.Config.User
+
+	// In spec.Root
+	s.Root.Path = c.BaseFS
+	s.Root.Readonly = c.HostConfig.ReadonlyRootfs
+
+	// In s.Windows
+	s.Windows.FirstStart = !c.HasBeenStartedBefore
+
+	// s.Windows.LayerFolder.
+	m, err := c.RWLayer.Metadata()
+	if err != nil {
+		return nil, fmt.Errorf("Failed to get layer metadata - %s", err)
+	}
+	s.Windows.LayerFolder = m["dir"]
+
+	// s.Windows.LayerPaths
+	var layerPaths []string
+	if img.RootFS != nil && img.RootFS.Type == "layers+base" {
+		max := len(img.RootFS.DiffIDs)
+		for i := 0; i <= max; i++ {
+			img.RootFS.DiffIDs = img.RootFS.DiffIDs[:i]
+			path, err := layer.GetLayerPath(daemon.layerStore, img.RootFS.ChainID())
+			if err != nil {
+				return nil, fmt.Errorf("Failed to get layer path from graphdriver %s for ImageID %s - %s", daemon.layerStore, img.RootFS.ChainID(), err)
+			}
+			// Reverse order, expecting parent most first
+			layerPaths = append([]string{path}, layerPaths...)
+		}
+	}
+	s.Windows.LayerPaths = layerPaths
+
+	// In s.Windows.Networking (TP5+ libnetwork way of doing things)
+	// Connect all the libnetwork allocated networks to the container
+	var epList []string
+	if c.NetworkSettings != nil {
+		for n := range c.NetworkSettings.Networks {
+			sn, err := daemon.FindNetwork(n)
+			if err != nil {
+				continue
+			}
+
+			ep, err := c.GetEndpointInNetwork(sn)
+			if err != nil {
+				continue
+			}
+
+			data, err := ep.DriverInfo()
+			if err != nil {
+				continue
+			}
+			if data["hnsid"] != nil {
+				epList = append(epList, data["hnsid"].(string))
+			}
+		}
+	}
+	s.Windows.Networking = &windowsoci.Networking{
+		EndpointList: epList,
+	}
+
+	// In s.Windows.Networking (TP4 back compat)
+	// TODO Windows: Post TP4 - Remove this along with definitions from spec
+	// and changes to libcontainerd to not read these fields.
+	if daemon.netController == nil {
+		parts := strings.SplitN(string(c.HostConfig.NetworkMode), ":", 2)
+		switch parts[0] {
+		case "none":
+		case "default", "": // empty string to support existing containers
+			if !c.Config.NetworkDisabled {
+				s.Windows.Networking = &windowsoci.Networking{
+					MacAddress:   c.Config.MacAddress,
+					Bridge:       daemon.configStore.bridgeConfig.Iface,
+					PortBindings: c.HostConfig.PortBindings,
+				}
+			}
+		default:
+			return nil, fmt.Errorf("invalid network mode: %s", c.HostConfig.NetworkMode)
+		}
+	}
+
+	// In s.Windows.Resources
+	// @darrenstahlmsft implement these resources
+	cpuShares := uint64(c.HostConfig.CPUShares)
+	s.Windows.Resources = &windowsoci.Resources{
+		CPU: &windowsoci.CPU{
+			//TODO Count: ...,
+			//TODO Percent: ...,
+			Shares: &cpuShares,
+		},
+		Memory: &windowsoci.Memory{
+		//TODO Limit: ...,
+		//TODO Reservation: ...,
+		},
+		Network: &windowsoci.Network{
+		//TODO Bandwidth: ...,
+		},
+		Storage: &windowsoci.Storage{
+		//TODO Bps: ...,
+		//TODO Iops: ...,
+		//TODO SandboxSize: ...,
+		},
+	}
+	return (*libcontainerd.Spec)(&s), nil
+}
+
+func escapeArgs(args []string) []string {
+	escapedArgs := make([]string, len(args))
+	for i, a := range args {
+		escapedArgs[i] = syscall.EscapeArg(a)
+	}
+	return escapedArgs
+}
diff --git a/daemon/pause.go b/daemon/pause.go
new file mode 100644
index 00000000..dbfafbc5
--- /dev/null
+++ b/daemon/pause.go
@@ -0,0 +1,49 @@
+package daemon
+
+import (
+	"fmt"
+
+	"github.com/docker/docker/container"
+)
+
+// ContainerPause pauses a container
+func (daemon *Daemon) ContainerPause(name string) error {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return err
+	}
+
+	if err := daemon.containerPause(container); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// containerPause pauses the container execution without stopping the process.
+// The execution can be resumed by calling containerUnpause.
+func (daemon *Daemon) containerPause(container *container.Container) error {
+	container.Lock()
+	defer container.Unlock()
+
+	// We cannot Pause the container which is not running
+	if !container.Running {
+		return errNotRunning{container.ID}
+	}
+
+	// We cannot Pause the container which is already paused
+	if container.Paused {
+		return fmt.Errorf("Container %s is already paused", container.ID)
+	}
+
+	// We cannot Pause the container which is restarting
+	if container.Restarting {
+		return errContainerIsRestarting(container.ID)
+	}
+
+	if err := daemon.containerd.Pause(container.ID); err != nil {
+		return fmt.Errorf("Cannot pause container %s: %s", container.ID, err)
+	}
+
+	return nil
+}
diff --git a/daemon/rename.go b/daemon/rename.go
new file mode 100644
index 00000000..363a7f8b
--- /dev/null
+++ b/daemon/rename.go
@@ -0,0 +1,85 @@
+package daemon
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/libnetwork"
+)
+
+// ContainerRename changes the name of a container, using the oldName
+// to find the container. An error is returned if newName is already
+// reserved.
+func (daemon *Daemon) ContainerRename(oldName, newName string) error {
+	var (
+		sid string
+		sb  libnetwork.Sandbox
+	)
+
+	if oldName == "" || newName == "" {
+		return fmt.Errorf("Neither old nor new names may be empty")
+	}
+
+	container, err := daemon.GetContainer(oldName)
+	if err != nil {
+		return err
+	}
+
+	oldName = container.Name
+
+	container.Lock()
+	defer container.Unlock()
+	if newName, err = daemon.reserveName(container.ID, newName); err != nil {
+		return fmt.Errorf("Error when allocating new name: %v", err)
+	}
+
+	container.Name = newName
+
+	defer func() {
+		if err != nil {
+			container.Name = oldName
+			daemon.reserveName(container.ID, oldName)
+			daemon.releaseName(newName)
+		}
+	}()
+
+	daemon.releaseName(oldName)
+	if err = container.ToDisk(); err != nil {
+		return err
+	}
+
+	attributes := map[string]string{
+		"oldName": oldName,
+	}
+
+	if !container.Running {
+		daemon.LogContainerEventWithAttributes(container, "rename", attributes)
+		return nil
+	}
+
+	defer func() {
+		if err != nil {
+			container.Name = oldName
+			if e := container.ToDisk(); e != nil {
+				logrus.Errorf("%s: Failed in writing to Disk on rename failure: %v", container.ID, e)
+			}
+		}
+	}()
+
+	sid = container.NetworkSettings.SandboxID
+	if daemon.netController != nil {
+		sb, err = daemon.netController.SandboxByID(sid)
+		if err != nil {
+			return err
+		}
+
+		err = sb.Rename(strings.TrimPrefix(container.Name, "/"))
+		if err != nil {
+			return err
+		}
+	}
+
+	daemon.LogContainerEventWithAttributes(container, "rename", attributes)
+	return nil
+}
diff --git a/daemon/resize.go b/daemon/resize.go
new file mode 100644
index 00000000..74735385
--- /dev/null
+++ b/daemon/resize.go
@@ -0,0 +1,40 @@
+package daemon
+
+import (
+	"fmt"
+
+	"github.com/docker/docker/libcontainerd"
+)
+
+// ContainerResize changes the size of the TTY of the process running
+// in the container with the given name to the given height and width.
+func (daemon *Daemon) ContainerResize(name string, height, width int) error {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return err
+	}
+
+	if !container.IsRunning() {
+		return errNotRunning{container.ID}
+	}
+
+	if err = daemon.containerd.Resize(container.ID, libcontainerd.InitFriendlyName, width, height); err == nil {
+		attributes := map[string]string{
+			"height": fmt.Sprintf("%d", height),
+			"width":  fmt.Sprintf("%d", width),
+		}
+		daemon.LogContainerEventWithAttributes(container, "resize", attributes)
+	}
+	return err
+}
+
+// ContainerExecResize changes the size of the TTY of the process
+// running in the exec with the given name to the given height and
+// width.
+func (daemon *Daemon) ContainerExecResize(name string, height, width int) error {
+	ec, err := daemon.getExecConfig(name)
+	if err != nil {
+		return err
+	}
+	return daemon.containerd.Resize(ec.ContainerID, ec.ID, width, height)
+}
diff --git a/daemon/restart.go b/daemon/restart.go
new file mode 100644
index 00000000..3779116c
--- /dev/null
+++ b/daemon/restart.go
@@ -0,0 +1,48 @@
+package daemon
+
+import (
+	"fmt"
+
+	"github.com/docker/docker/container"
+)
+
+// ContainerRestart stops and starts a container. It attempts to
+// gracefully stop the container within the given timeout, forcefully
+// stopping it if the timeout is exceeded. If given a negative
+// timeout, ContainerRestart will wait forever until a graceful
+// stop. Returns an error if the container cannot be found, or if
+// there is an underlying error at any stage of the restart.
+func (daemon *Daemon) ContainerRestart(name string, seconds int) error {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return err
+	}
+	if err := daemon.containerRestart(container, seconds); err != nil {
+		return fmt.Errorf("Cannot restart container %s: %v", name, err)
+	}
+	return nil
+}
+
+// containerRestart attempts to gracefully stop and then start the
+// container. When stopping, wait for the given duration in seconds to
+// gracefully stop, before forcefully terminating the container. If
+// given a negative duration, wait forever for a graceful stop.
+func (daemon *Daemon) containerRestart(container *container.Container, seconds int) error {
+	// Avoid unnecessarily unmounting and then directly mounting
+	// the container when the container stops and then starts
+	// again
+	if err := daemon.Mount(container); err == nil {
+		defer daemon.Unmount(container)
+	}
+
+	if err := daemon.containerStop(container, seconds); err != nil {
+		return err
+	}
+
+	if err := daemon.containerStart(container); err != nil {
+		return err
+	}
+
+	daemon.LogContainerEvent(container, "restart")
+	return nil
+}
diff --git a/daemon/seccomp_disabled.go b/daemon/seccomp_disabled.go
new file mode 100644
index 00000000..620eee29
--- /dev/null
+++ b/daemon/seccomp_disabled.go
@@ -0,0 +1,12 @@
+// +build !seccomp,!windows
+
+package daemon
+
+import (
+	"github.com/docker/docker/container"
+	"github.com/opencontainers/specs/specs-go"
+)
+
+func setSeccomp(daemon *Daemon, rs *specs.Spec, c *container.Container) error {
+	return nil
+}
diff --git a/daemon/seccomp_linux.go b/daemon/seccomp_linux.go
new file mode 100644
index 00000000..659a15de
--- /dev/null
+++ b/daemon/seccomp_linux.go
@@ -0,0 +1,46 @@
+// +build linux,seccomp
+
+package daemon
+
+import (
+	"fmt"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/profiles/seccomp"
+	"github.com/opencontainers/specs/specs-go"
+)
+
+func setSeccomp(daemon *Daemon, rs *specs.Spec, c *container.Container) error {
+	var profile *specs.Seccomp
+	var err error
+
+	if c.HostConfig.Privileged {
+		return nil
+	}
+
+	if !daemon.seccompEnabled {
+		if c.SeccompProfile != "" && c.SeccompProfile != "unconfined" {
+			return fmt.Errorf("Seccomp is not enabled in your kernel, cannot run a custom seccomp profile.")
+		}
+		logrus.Warn("Seccomp is not enabled in your kernel, running container without default profile.")
+		c.SeccompProfile = "unconfined"
+	}
+	if c.SeccompProfile == "unconfined" {
+		return nil
+	}
+	if c.SeccompProfile != "" {
+		profile, err = seccomp.LoadProfile(c.SeccompProfile)
+		if err != nil {
+			return err
+		}
+	} else {
+		profile, err = seccomp.GetDefaultProfile()
+		if err != nil {
+			return err
+		}
+	}
+
+	rs.Linux.Seccomp = profile
+	return nil
+}
diff --git a/daemon/selinux_linux.go b/daemon/selinux_linux.go
new file mode 100644
index 00000000..83a34471
--- /dev/null
+++ b/daemon/selinux_linux.go
@@ -0,0 +1,17 @@
+// +build linux
+
+package daemon
+
+import "github.com/opencontainers/runc/libcontainer/selinux"
+
+func selinuxSetDisabled() {
+	selinux.SetDisabled()
+}
+
+func selinuxFreeLxcContexts(label string) {
+	selinux.FreeLxcContexts(label)
+}
+
+func selinuxEnabled() bool {
+	return selinux.SelinuxEnabled()
+}
diff --git a/daemon/selinux_unsupported.go b/daemon/selinux_unsupported.go
new file mode 100644
index 00000000..25a56ad1
--- /dev/null
+++ b/daemon/selinux_unsupported.go
@@ -0,0 +1,13 @@
+// +build !linux
+
+package daemon
+
+func selinuxSetDisabled() {
+}
+
+func selinuxFreeLxcContexts(label string) {
+}
+
+func selinuxEnabled() bool {
+	return false
+}
diff --git a/daemon/start.go b/daemon/start.go
new file mode 100644
index 00000000..1b34f426
--- /dev/null
+++ b/daemon/start.go
@@ -0,0 +1,185 @@
+package daemon
+
+import (
+	"fmt"
+	"net/http"
+	"runtime"
+	"strings"
+	"syscall"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/errors"
+	"github.com/docker/docker/libcontainerd"
+	"github.com/docker/docker/runconfig"
+	containertypes "github.com/docker/engine-api/types/container"
+)
+
+// ContainerStart starts a container.
+func (daemon *Daemon) ContainerStart(name string, hostConfig *containertypes.HostConfig) error {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return err
+	}
+
+	if container.IsPaused() {
+		return fmt.Errorf("Cannot start a paused container, try unpause instead.")
+	}
+
+	if container.IsRunning() {
+		err := fmt.Errorf("Container already started")
+		return errors.NewErrorWithStatusCode(err, http.StatusNotModified)
+	}
+
+	// Windows does not have the backwards compatibility issue here.
+	if runtime.GOOS != "windows" {
+		// This is kept for backward compatibility - hostconfig should be passed when
+		// creating a container, not during start.
+		if hostConfig != nil {
+			logrus.Warn("DEPRECATED: Setting host configuration options when the container starts is deprecated and will be removed in Docker 1.12")
+			oldNetworkMode := container.HostConfig.NetworkMode
+			if err := daemon.setSecurityOptions(container, hostConfig); err != nil {
+				return err
+			}
+			if err := daemon.setHostConfig(container, hostConfig); err != nil {
+				return err
+			}
+			newNetworkMode := container.HostConfig.NetworkMode
+			if string(oldNetworkMode) != string(newNetworkMode) {
+				// if user has change the network mode on starting, clean up the
+				// old networks. It is a deprecated feature and will be removed in Docker 1.12
+				container.NetworkSettings.Networks = nil
+				if err := container.ToDisk(); err != nil {
+					return err
+				}
+			}
+			container.InitDNSHostConfig()
+		}
+	} else {
+		if hostConfig != nil {
+			return fmt.Errorf("Supplying a hostconfig on start is not supported. It should be supplied on create")
+		}
+	}
+
+	// check if hostConfig is in line with the current system settings.
+	// It may happen cgroups are umounted or the like.
+	if _, err = daemon.verifyContainerSettings(container.HostConfig, nil, false); err != nil {
+		return err
+	}
+	// Adapt for old containers in case we have updates in this function and
+	// old containers never have chance to call the new function in create stage.
+	if err := daemon.adaptContainerSettings(container.HostConfig, false); err != nil {
+		return err
+	}
+
+	return daemon.containerStart(container)
+}
+
+// Start starts a container
+func (daemon *Daemon) Start(container *container.Container) error {
+	return daemon.containerStart(container)
+}
+
+// containerStart prepares the container to run by setting up everything the
+// container needs, such as storage and networking, as well as links
+// between containers. The container is left waiting for a signal to
+// begin running.
+func (daemon *Daemon) containerStart(container *container.Container) (err error) {
+	container.Lock()
+	defer container.Unlock()
+
+	if container.Running {
+		return nil
+	}
+
+	if container.RemovalInProgress || container.Dead {
+		return fmt.Errorf("Container is marked for removal and cannot be started.")
+	}
+
+	// if we encounter an error during start we need to ensure that any other
+	// setup has been cleaned up properly
+	defer func() {
+		if err != nil {
+			container.SetError(err)
+			// if no one else has set it, make sure we don't leave it at zero
+			if container.ExitCode == 0 {
+				container.ExitCode = 128
+			}
+			container.ToDisk()
+			daemon.Cleanup(container)
+			attributes := map[string]string{
+				"exitCode": fmt.Sprintf("%d", container.ExitCode),
+			}
+			daemon.LogContainerEventWithAttributes(container, "die", attributes)
+		}
+	}()
+
+	if err := daemon.conditionalMountOnStart(container); err != nil {
+		return err
+	}
+
+	// Make sure NetworkMode has an acceptable value. We do this to ensure
+	// backwards API compatibility.
+	container.HostConfig = runconfig.SetDefaultNetModeIfBlank(container.HostConfig)
+
+	if err := daemon.initializeNetworking(container); err != nil {
+		return err
+	}
+
+	spec, err := daemon.createSpec(container)
+	if err != nil {
+		return err
+	}
+
+	if err := daemon.containerd.Create(container.ID, *spec, libcontainerd.WithRestartManager(container.RestartManager(true))); err != nil {
+		// if we receive an internal error from the initial start of a container then lets
+		// return it instead of entering the restart loop
+		// set to 127 for container cmd not found/does not exist)
+		if strings.Contains(err.Error(), "executable file not found") ||
+			strings.Contains(err.Error(), "no such file or directory") ||
+			strings.Contains(err.Error(), "system cannot find the file specified") {
+			container.ExitCode = 127
+			err = fmt.Errorf("Container command '%s' not found or does not exist.", container.Path)
+		}
+		// set to 126 for container cmd can't be invoked errors
+		if strings.Contains(err.Error(), syscall.EACCES.Error()) {
+			container.ExitCode = 126
+			err = fmt.Errorf("Container command '%s' could not be invoked.", container.Path)
+		}
+
+		container.Reset(false)
+
+		// start event is logged even on error
+		daemon.LogContainerEvent(container, "start")
+		return err
+	}
+
+	return nil
+}
+
+// Cleanup releases any network resources allocated to the container along with any rules
+// around how containers are linked together.  It also unmounts the container's root filesystem.
+func (daemon *Daemon) Cleanup(container *container.Container) {
+	daemon.releaseNetwork(container)
+
+	container.UnmountIpcMounts(detachMounted)
+
+	if err := daemon.conditionalUnmountOnCleanup(container); err != nil {
+		// FIXME: remove once reference counting for graphdrivers has been refactored
+		// Ensure that all the mounts are gone
+		if mountid, err := daemon.layerStore.GetMountID(container.ID); err == nil {
+			daemon.cleanupMountsByID(mountid)
+		}
+	}
+
+	for _, eConfig := range container.ExecCommands.Commands() {
+		daemon.unregisterExecCommand(container, eConfig)
+	}
+
+	if container.BaseFS != "" {
+		if err := container.UnmountVolumes(false, daemon.LogVolumeEvent); err != nil {
+			logrus.Warnf("%s cleanup: Failed to umount volumes: %v", container.ID, err)
+		}
+	}
+	container.CancelAttachContext()
+}
diff --git a/daemon/stats.go b/daemon/stats.go
new file mode 100644
index 00000000..cb3478cc
--- /dev/null
+++ b/daemon/stats.go
@@ -0,0 +1,121 @@
+package daemon
+
+import (
+	"encoding/json"
+	"errors"
+	"runtime"
+
+	"github.com/docker/docker/api/types/backend"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/pkg/version"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/versions/v1p20"
+)
+
+// ContainerStats writes information about the container to the stream
+// given in the config object.
+func (daemon *Daemon) ContainerStats(prefixOrName string, config *backend.ContainerStatsConfig) error {
+	if runtime.GOOS == "windows" {
+		return errors.New("Windows does not support stats")
+	}
+	// Remote API version (used for backwards compatibility)
+	apiVersion := version.Version(config.Version)
+
+	container, err := daemon.GetContainer(prefixOrName)
+	if err != nil {
+		return err
+	}
+
+	// If the container is not running and requires no stream, return an empty stats.
+	if !container.IsRunning() && !config.Stream {
+		return json.NewEncoder(config.OutStream).Encode(&types.Stats{})
+	}
+
+	outStream := config.OutStream
+	if config.Stream {
+		wf := ioutils.NewWriteFlusher(outStream)
+		defer wf.Close()
+		wf.Flush()
+		outStream = wf
+	}
+
+	var preCPUStats types.CPUStats
+	getStatJSON := func(v interface{}) *types.StatsJSON {
+		ss := v.(types.StatsJSON)
+		ss.PreCPUStats = preCPUStats
+		// ss.MemoryStats.Limit = uint64(update.MemoryLimit)
+		preCPUStats = ss.CPUStats
+		return &ss
+	}
+
+	enc := json.NewEncoder(outStream)
+
+	updates := daemon.subscribeToContainerStats(container)
+	defer daemon.unsubscribeToContainerStats(container, updates)
+
+	noStreamFirstFrame := true
+	for {
+		select {
+		case v, ok := <-updates:
+			if !ok {
+				return nil
+			}
+
+			var statsJSON interface{}
+			statsJSONPost120 := getStatJSON(v)
+			if apiVersion.LessThan("1.21") {
+				var (
+					rxBytes   uint64
+					rxPackets uint64
+					rxErrors  uint64
+					rxDropped uint64
+					txBytes   uint64
+					txPackets uint64
+					txErrors  uint64
+					txDropped uint64
+				)
+				for _, v := range statsJSONPost120.Networks {
+					rxBytes += v.RxBytes
+					rxPackets += v.RxPackets
+					rxErrors += v.RxErrors
+					rxDropped += v.RxDropped
+					txBytes += v.TxBytes
+					txPackets += v.TxPackets
+					txErrors += v.TxErrors
+					txDropped += v.TxDropped
+				}
+				statsJSON = &v1p20.StatsJSON{
+					Stats: statsJSONPost120.Stats,
+					Network: types.NetworkStats{
+						RxBytes:   rxBytes,
+						RxPackets: rxPackets,
+						RxErrors:  rxErrors,
+						RxDropped: rxDropped,
+						TxBytes:   txBytes,
+						TxPackets: txPackets,
+						TxErrors:  txErrors,
+						TxDropped: txDropped,
+					},
+				}
+			} else {
+				statsJSON = statsJSONPost120
+			}
+
+			if !config.Stream && noStreamFirstFrame {
+				// prime the cpu stats so they aren't 0 in the final output
+				noStreamFirstFrame = false
+				continue
+			}
+
+			if err := enc.Encode(statsJSON); err != nil {
+				return err
+			}
+
+			if !config.Stream {
+				return nil
+			}
+		case <-config.Stop:
+			return nil
+		}
+	}
+}
diff --git a/daemon/stats_collector_unix.go b/daemon/stats_collector_unix.go
new file mode 100644
index 00000000..1f016322
--- /dev/null
+++ b/daemon/stats_collector_unix.go
@@ -0,0 +1,189 @@
+// +build !windows
+
+package daemon
+
+import (
+	"bufio"
+	"fmt"
+	"os"
+	"strconv"
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/pkg/pubsub"
+	sysinfo "github.com/docker/docker/pkg/system"
+	"github.com/docker/engine-api/types"
+	"github.com/opencontainers/runc/libcontainer/system"
+)
+
+type statsSupervisor interface {
+	// GetContainerStats collects all the stats related to a container
+	GetContainerStats(container *container.Container) (*types.StatsJSON, error)
+}
+
+// newStatsCollector returns a new statsCollector that collections
+// network and cgroup stats for a registered container at the specified
+// interval.  The collector allows non-running containers to be added
+// and will start processing stats when they are started.
+func (daemon *Daemon) newStatsCollector(interval time.Duration) *statsCollector {
+	s := &statsCollector{
+		interval:            interval,
+		supervisor:          daemon,
+		publishers:          make(map[*container.Container]*pubsub.Publisher),
+		clockTicksPerSecond: uint64(system.GetClockTicks()),
+		bufReader:           bufio.NewReaderSize(nil, 128),
+	}
+	meminfo, err := sysinfo.ReadMemInfo()
+	if err == nil && meminfo.MemTotal > 0 {
+		s.machineMemory = uint64(meminfo.MemTotal)
+	}
+
+	go s.run()
+	return s
+}
+
+// statsCollector manages and provides container resource stats
+type statsCollector struct {
+	m                   sync.Mutex
+	supervisor          statsSupervisor
+	interval            time.Duration
+	clockTicksPerSecond uint64
+	publishers          map[*container.Container]*pubsub.Publisher
+	bufReader           *bufio.Reader
+	machineMemory       uint64
+}
+
+// collect registers the container with the collector and adds it to
+// the event loop for collection on the specified interval returning
+// a channel for the subscriber to receive on.
+func (s *statsCollector) collect(c *container.Container) chan interface{} {
+	s.m.Lock()
+	defer s.m.Unlock()
+	publisher, exists := s.publishers[c]
+	if !exists {
+		publisher = pubsub.NewPublisher(100*time.Millisecond, 1024)
+		s.publishers[c] = publisher
+	}
+	return publisher.Subscribe()
+}
+
+// stopCollection closes the channels for all subscribers and removes
+// the container from metrics collection.
+func (s *statsCollector) stopCollection(c *container.Container) {
+	s.m.Lock()
+	if publisher, exists := s.publishers[c]; exists {
+		publisher.Close()
+		delete(s.publishers, c)
+	}
+	s.m.Unlock()
+}
+
+// unsubscribe removes a specific subscriber from receiving updates for a container's stats.
+func (s *statsCollector) unsubscribe(c *container.Container, ch chan interface{}) {
+	s.m.Lock()
+	publisher := s.publishers[c]
+	if publisher != nil {
+		publisher.Evict(ch)
+		if publisher.Len() == 0 {
+			delete(s.publishers, c)
+		}
+	}
+	s.m.Unlock()
+}
+
+func (s *statsCollector) run() {
+	type publishersPair struct {
+		container *container.Container
+		publisher *pubsub.Publisher
+	}
+	// we cannot determine the capacity here.
+	// it will grow enough in first iteration
+	var pairs []publishersPair
+
+	for range time.Tick(s.interval) {
+		// it does not make sense in the first iteration,
+		// but saves allocations in further iterations
+		pairs = pairs[:0]
+
+		s.m.Lock()
+		for container, publisher := range s.publishers {
+			// copy pointers here to release the lock ASAP
+			pairs = append(pairs, publishersPair{container, publisher})
+		}
+		s.m.Unlock()
+		if len(pairs) == 0 {
+			continue
+		}
+
+		systemUsage, err := s.getSystemCPUUsage()
+		if err != nil {
+			logrus.Errorf("collecting system cpu usage: %v", err)
+			continue
+		}
+
+		for _, pair := range pairs {
+			stats, err := s.supervisor.GetContainerStats(pair.container)
+			if err != nil {
+				if _, ok := err.(errNotRunning); !ok {
+					logrus.Errorf("collecting stats for %s: %v", pair.container.ID, err)
+				}
+				continue
+			}
+			// FIXME: move to containerd
+			stats.CPUStats.SystemUsage = systemUsage
+
+			pair.publisher.Publish(*stats)
+		}
+	}
+}
+
+const nanoSecondsPerSecond = 1e9
+
+// getSystemCPUUsage returns the host system's cpu usage in
+// nanoseconds. An error is returned if the format of the underlying
+// file does not match.
+//
+// Uses /proc/stat defined by POSIX. Looks for the cpu
+// statistics line and then sums up the first seven fields
+// provided. See `man 5 proc` for details on specific field
+// information.
+func (s *statsCollector) getSystemCPUUsage() (uint64, error) {
+	var line string
+	f, err := os.Open("/proc/stat")
+	if err != nil {
+		return 0, err
+	}
+	defer func() {
+		s.bufReader.Reset(nil)
+		f.Close()
+	}()
+	s.bufReader.Reset(f)
+	err = nil
+	for err == nil {
+		line, err = s.bufReader.ReadString('\n')
+		if err != nil {
+			break
+		}
+		parts := strings.Fields(line)
+		switch parts[0] {
+		case "cpu":
+			if len(parts) < 8 {
+				return 0, fmt.Errorf("invalid number of cpu fields")
+			}
+			var totalClockTicks uint64
+			for _, i := range parts[1:8] {
+				v, err := strconv.ParseUint(i, 10, 64)
+				if err != nil {
+					return 0, fmt.Errorf("Unable to convert value %s to int: %s", i, err)
+				}
+				totalClockTicks += v
+			}
+			return (totalClockTicks * nanoSecondsPerSecond) /
+				s.clockTicksPerSecond, nil
+		}
+	}
+	return 0, fmt.Errorf("invalid stat format. Error trying to parse the '/proc/stat' file")
+}
diff --git a/daemon/stats_collector_windows.go b/daemon/stats_collector_windows.go
new file mode 100644
index 00000000..b6cb24cd
--- /dev/null
+++ b/daemon/stats_collector_windows.go
@@ -0,0 +1,35 @@
+package daemon
+
+import (
+	"time"
+
+	"github.com/docker/docker/container"
+)
+
+// newStatsCollector returns a new statsCollector for collection stats
+// for a registered container at the specified interval. The collector allows
+// non-running containers to be added and will start processing stats when
+// they are started.
+func (daemon *Daemon) newStatsCollector(interval time.Duration) *statsCollector {
+	return &statsCollector{}
+}
+
+// statsCollector manages and provides container resource stats
+type statsCollector struct {
+}
+
+// collect registers the container with the collector and adds it to
+// the event loop for collection on the specified interval returning
+// a channel for the subscriber to receive on.
+func (s *statsCollector) collect(c *container.Container) chan interface{} {
+	return nil
+}
+
+// stopCollection closes the channels for all subscribers and removes
+// the container from metrics collection.
+func (s *statsCollector) stopCollection(c *container.Container) {
+}
+
+// unsubscribe removes a specific subscriber from receiving updates for a container's stats.
+func (s *statsCollector) unsubscribe(c *container.Container, ch chan interface{}) {
+}
diff --git a/daemon/stop.go b/daemon/stop.go
new file mode 100644
index 00000000..70174300
--- /dev/null
+++ b/daemon/stop.go
@@ -0,0 +1,65 @@
+package daemon
+
+import (
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/errors"
+)
+
+// ContainerStop looks for the given container and terminates it,
+// waiting the given number of seconds before forcefully killing the
+// container. If a negative number of seconds is given, ContainerStop
+// will wait for a graceful termination. An error is returned if the
+// container is not found, is already stopped, or if there is a
+// problem stopping the container.
+func (daemon *Daemon) ContainerStop(name string, seconds int) error {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return err
+	}
+	if !container.IsRunning() {
+		err := fmt.Errorf("Container %s is already stopped", name)
+		return errors.NewErrorWithStatusCode(err, http.StatusNotModified)
+	}
+	if err := daemon.containerStop(container, seconds); err != nil {
+		return fmt.Errorf("Cannot stop container %s: %v", name, err)
+	}
+	return nil
+}
+
+// containerStop halts a container by sending a stop signal, waiting for the given
+// duration in seconds, and then calling SIGKILL and waiting for the
+// process to exit. If a negative duration is given, Stop will wait
+// for the initial signal forever. If the container is not running Stop returns
+// immediately.
+func (daemon *Daemon) containerStop(container *container.Container, seconds int) error {
+	if !container.IsRunning() {
+		return nil
+	}
+
+	stopSignal := container.StopSignal()
+	// 1. Send a stop signal
+	if err := daemon.killPossiblyDeadProcess(container, stopSignal); err != nil {
+		logrus.Infof("Failed to send signal %d to the process, force killing", stopSignal)
+		if err := daemon.killPossiblyDeadProcess(container, 9); err != nil {
+			return err
+		}
+	}
+
+	// 2. Wait for the process to exit on its own
+	if _, err := container.WaitStop(time.Duration(seconds) * time.Second); err != nil {
+		logrus.Infof("Container %v failed to exit within %d seconds of signal %d - using the force", container.ID, seconds, stopSignal)
+		// 3. If it doesn't, then send SIGKILL
+		if err := daemon.Kill(container); err != nil {
+			container.WaitStop(-1 * time.Second)
+			logrus.Warn(err) // Don't return error because we only care that container is stopped, not what function stopped it
+		}
+	}
+
+	daemon.LogContainerEvent(container, "stop")
+	return nil
+}
diff --git a/daemon/top_unix.go b/daemon/top_unix.go
new file mode 100644
index 00000000..d4a9528c
--- /dev/null
+++ b/daemon/top_unix.go
@@ -0,0 +1,85 @@
+//+build !windows
+
+package daemon
+
+import (
+	"fmt"
+	"os/exec"
+	"strconv"
+	"strings"
+
+	"github.com/docker/engine-api/types"
+)
+
+// ContainerTop lists the processes running inside of the given
+// container by calling ps with the given args, or with the flags
+// "-ef" if no args are given.  An error is returned if the container
+// is not found, or is not running, or if there are any problems
+// running ps, or parsing the output.
+func (daemon *Daemon) ContainerTop(name string, psArgs string) (*types.ContainerProcessList, error) {
+	if psArgs == "" {
+		psArgs = "-ef"
+	}
+
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return nil, err
+	}
+
+	if !container.IsRunning() {
+		return nil, errNotRunning{container.ID}
+	}
+
+	if container.IsRestarting() {
+		return nil, errContainerIsRestarting(container.ID)
+	}
+
+	pids, err := daemon.containerd.GetPidsForContainer(container.ID)
+	if err != nil {
+		return nil, err
+	}
+
+	output, err := exec.Command("ps", strings.Split(psArgs, " ")...).Output()
+	if err != nil {
+		return nil, fmt.Errorf("Error running ps: %v", err)
+	}
+
+	procList := &types.ContainerProcessList{}
+
+	lines := strings.Split(string(output), "\n")
+	procList.Titles = strings.Fields(lines[0])
+
+	pidIndex := -1
+	for i, name := range procList.Titles {
+		if name == "PID" {
+			pidIndex = i
+		}
+	}
+	if pidIndex == -1 {
+		return nil, fmt.Errorf("Couldn't find PID field in ps output")
+	}
+
+	// loop through the output and extract the PID from each line
+	for _, line := range lines[1:] {
+		if len(line) == 0 {
+			continue
+		}
+		fields := strings.Fields(line)
+		p, err := strconv.Atoi(fields[pidIndex])
+		if err != nil {
+			return nil, fmt.Errorf("Unexpected pid '%s': %s", fields[pidIndex], err)
+		}
+
+		for _, pid := range pids {
+			if pid == p {
+				// Make sure number of fields equals number of header titles
+				// merging "overhanging" fields
+				process := fields[:len(procList.Titles)-1]
+				process = append(process, strings.Join(fields[len(procList.Titles)-1:], " "))
+				procList.Processes = append(procList.Processes, process)
+			}
+		}
+	}
+	daemon.LogContainerEvent(container, "top")
+	return procList, nil
+}
diff --git a/daemon/top_windows.go b/daemon/top_windows.go
new file mode 100644
index 00000000..ea79ac86
--- /dev/null
+++ b/daemon/top_windows.go
@@ -0,0 +1,32 @@
+package daemon
+
+import (
+	"errors"
+	"strconv"
+
+	"github.com/docker/engine-api/types"
+)
+
+// ContainerTop is a minimal implementation on Windows currently.
+// TODO Windows: This needs more work, but needs platform API support.
+// All we can currently return (particularly in the case of Hyper-V containers)
+// is a PID and the command.
+func (daemon *Daemon) ContainerTop(containerID string, psArgs string) (*types.ContainerProcessList, error) {
+
+	// It's really not an equivalent to linux 'ps' on Windows
+	if psArgs != "" {
+		return nil, errors.New("Windows does not support arguments to top")
+	}
+
+	s, err := daemon.containerd.Summary(containerID)
+	if err != nil {
+		return nil, err
+	}
+
+	procList := &types.ContainerProcessList{}
+
+	for _, v := range s {
+		procList.Titles = append(procList.Titles, strconv.Itoa(int(v.Pid))+" "+v.Command)
+	}
+	return procList, nil
+}
diff --git a/daemon/unpause.go b/daemon/unpause.go
new file mode 100644
index 00000000..c1ab74b0
--- /dev/null
+++ b/daemon/unpause.go
@@ -0,0 +1,43 @@
+package daemon
+
+import (
+	"fmt"
+
+	"github.com/docker/docker/container"
+)
+
+// ContainerUnpause unpauses a container
+func (daemon *Daemon) ContainerUnpause(name string) error {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return err
+	}
+
+	if err := daemon.containerUnpause(container); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// containerUnpause resumes the container execution after the container is paused.
+func (daemon *Daemon) containerUnpause(container *container.Container) error {
+	container.Lock()
+	defer container.Unlock()
+
+	// We cannot unpause the container which is not running
+	if !container.Running {
+		return errNotRunning{container.ID}
+	}
+
+	// We cannot unpause the container which is not paused
+	if !container.Paused {
+		return fmt.Errorf("Container %s is not paused", container.ID)
+	}
+
+	if err := daemon.containerd.Resume(container.ID); err != nil {
+		return fmt.Errorf("Cannot unpause container %s: %s", container.ID, err)
+	}
+
+	return nil
+}
diff --git a/daemon/update.go b/daemon/update.go
new file mode 100644
index 00000000..fee470a3
--- /dev/null
+++ b/daemon/update.go
@@ -0,0 +1,100 @@
+package daemon
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/docker/engine-api/types/container"
+)
+
+// ContainerUpdate updates configuration of the container
+func (daemon *Daemon) ContainerUpdate(name string, hostConfig *container.HostConfig) ([]string, error) {
+	var warnings []string
+
+	warnings, err := daemon.verifyContainerSettings(hostConfig, nil, true)
+	if err != nil {
+		return warnings, err
+	}
+
+	if err := daemon.update(name, hostConfig); err != nil {
+		return warnings, err
+	}
+
+	return warnings, nil
+}
+
+// ContainerUpdateCmdOnBuild updates Path and Args for the container with ID cID.
+func (daemon *Daemon) ContainerUpdateCmdOnBuild(cID string, cmd []string) error {
+	if len(cmd) == 0 {
+		return nil
+	}
+	c, err := daemon.GetContainer(cID)
+	if err != nil {
+		return err
+	}
+	c.Path = cmd[0]
+	c.Args = cmd[1:]
+	return nil
+}
+
+func (daemon *Daemon) update(name string, hostConfig *container.HostConfig) error {
+	if hostConfig == nil {
+		return nil
+	}
+
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return err
+	}
+
+	restoreConfig := false
+	backupHostConfig := *container.HostConfig
+	defer func() {
+		if restoreConfig {
+			container.Lock()
+			container.HostConfig = &backupHostConfig
+			container.ToDisk()
+			container.Unlock()
+		}
+	}()
+
+	if container.RemovalInProgress || container.Dead {
+		return errCannotUpdate(container.ID, fmt.Errorf("Container is marked for removal and cannot be \"update\"."))
+	}
+
+	if container.IsRunning() && hostConfig.KernelMemory != 0 {
+		return errCannotUpdate(container.ID, fmt.Errorf("Can not update kernel memory to a running container, please stop it first."))
+	}
+
+	if err := container.UpdateContainer(hostConfig); err != nil {
+		restoreConfig = true
+		return errCannotUpdate(container.ID, err)
+	}
+
+	// if Restart Policy changed, we need to update container monitor
+	container.UpdateMonitor(hostConfig.RestartPolicy)
+
+	// if container is restarting, wait 5 seconds until it's running
+	if container.IsRestarting() {
+		container.WaitRunning(5 * time.Second)
+	}
+
+	// If container is not running, update hostConfig struct is enough,
+	// resources will be updated when the container is started again.
+	// If container is running (including paused), we need to update configs
+	// to the real world.
+	if container.IsRunning() && !container.IsRestarting() {
+		if err := daemon.containerd.UpdateResources(container.ID, toContainerdResources(hostConfig.Resources)); err != nil {
+			restoreConfig = true
+			return errCannotUpdate(container.ID, err)
+		}
+	}
+
+	daemon.LogContainerEvent(container, "update")
+
+	return nil
+}
+
+func errCannotUpdate(containerID string, err error) error {
+	return fmt.Errorf("Cannot update container %s: %v", containerID, err)
+}
diff --git a/daemon/update_linux.go b/daemon/update_linux.go
new file mode 100644
index 00000000..97ba7c09
--- /dev/null
+++ b/daemon/update_linux.go
@@ -0,0 +1,25 @@
+// +build linux
+
+package daemon
+
+import (
+	"github.com/docker/docker/libcontainerd"
+	"github.com/docker/engine-api/types/container"
+)
+
+func toContainerdResources(resources container.Resources) libcontainerd.Resources {
+	var r libcontainerd.Resources
+	r.BlkioWeight = uint32(resources.BlkioWeight)
+	r.CpuShares = uint32(resources.CPUShares)
+	r.CpuPeriod = uint32(resources.CPUPeriod)
+	r.CpuQuota = uint32(resources.CPUQuota)
+	r.CpusetCpus = resources.CpusetCpus
+	r.CpusetMems = resources.CpusetMems
+	r.MemoryLimit = uint32(resources.Memory)
+	if resources.MemorySwap > 0 {
+		r.MemorySwap = uint32(resources.MemorySwap)
+	}
+	r.MemoryReservation = uint32(resources.MemoryReservation)
+	r.KernelMemoryLimit = uint32(resources.KernelMemory)
+	return r
+}
diff --git a/daemon/update_windows.go b/daemon/update_windows.go
new file mode 100644
index 00000000..2cd0ff26
--- /dev/null
+++ b/daemon/update_windows.go
@@ -0,0 +1,13 @@
+// +build windows
+
+package daemon
+
+import (
+	"github.com/docker/docker/libcontainerd"
+	"github.com/docker/engine-api/types/container"
+)
+
+func toContainerdResources(resources container.Resources) libcontainerd.Resources {
+	var r libcontainerd.Resources
+	return r
+}
diff --git a/daemon/volumes.go b/daemon/volumes.go
new file mode 100644
index 00000000..37f4e7fa
--- /dev/null
+++ b/daemon/volumes.go
@@ -0,0 +1,178 @@
+package daemon
+
+import (
+	"errors"
+	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/volume"
+	"github.com/docker/engine-api/types"
+	containertypes "github.com/docker/engine-api/types/container"
+	"github.com/opencontainers/runc/libcontainer/label"
+)
+
+var (
+	// ErrVolumeReadonly is used to signal an error when trying to copy data into
+	// a volume mount that is not writable.
+	ErrVolumeReadonly = errors.New("mounted volume is marked read-only")
+)
+
+type mounts []container.Mount
+
+// volumeToAPIType converts a volume.Volume to the type used by the remote API
+func volumeToAPIType(v volume.Volume) *types.Volume {
+	tv := &types.Volume{
+		Name:       v.Name(),
+		Driver:     v.DriverName(),
+		Mountpoint: v.Path(),
+	}
+	if v, ok := v.(interface {
+		Labels() map[string]string
+	}); ok {
+		tv.Labels = v.Labels()
+	}
+	return tv
+}
+
+// Len returns the number of mounts. Used in sorting.
+func (m mounts) Len() int {
+	return len(m)
+}
+
+// Less returns true if the number of parts (a/b/c would be 3 parts) in the
+// mount indexed by parameter 1 is less than that of the mount indexed by
+// parameter 2. Used in sorting.
+func (m mounts) Less(i, j int) bool {
+	return m.parts(i) < m.parts(j)
+}
+
+// Swap swaps two items in an array of mounts. Used in sorting
+func (m mounts) Swap(i, j int) {
+	m[i], m[j] = m[j], m[i]
+}
+
+// parts returns the number of parts in the destination of a mount. Used in sorting.
+func (m mounts) parts(i int) int {
+	return strings.Count(filepath.Clean(m[i].Destination), string(os.PathSeparator))
+}
+
+// registerMountPoints initializes the container mount points with the configured volumes and bind mounts.
+// It follows the next sequence to decide what to mount in each final destination:
+//
+// 1. Select the previously configured mount points for the containers, if any.
+// 2. Select the volumes mounted from another containers. Overrides previously configured mount point destination.
+// 3. Select the bind mounts set by the client. Overrides previously configured mount point destinations.
+// 4. Cleanup old volumes that are about to be reassigned.
+func (daemon *Daemon) registerMountPoints(container *container.Container, hostConfig *containertypes.HostConfig) error {
+	binds := map[string]bool{}
+	mountPoints := map[string]*volume.MountPoint{}
+
+	// 1. Read already configured mount points.
+	for name, point := range container.MountPoints {
+		mountPoints[name] = point
+	}
+
+	// 2. Read volumes from other containers.
+	for _, v := range hostConfig.VolumesFrom {
+		containerID, mode, err := volume.ParseVolumesFrom(v)
+		if err != nil {
+			return err
+		}
+
+		c, err := daemon.GetContainer(containerID)
+		if err != nil {
+			return err
+		}
+
+		for _, m := range c.MountPoints {
+			cp := &volume.MountPoint{
+				Name:        m.Name,
+				Source:      m.Source,
+				RW:          m.RW && volume.ReadWrite(mode),
+				Driver:      m.Driver,
+				Destination: m.Destination,
+				Propagation: m.Propagation,
+				Named:       m.Named,
+			}
+
+			if len(cp.Source) == 0 {
+				v, err := daemon.volumes.GetWithRef(cp.Name, cp.Driver, container.ID)
+				if err != nil {
+					return err
+				}
+				cp.Volume = v
+			}
+
+			mountPoints[cp.Destination] = cp
+		}
+	}
+
+	// 3. Read bind mounts
+	for _, b := range hostConfig.Binds {
+		// #10618
+		bind, err := volume.ParseMountSpec(b, hostConfig.VolumeDriver)
+		if err != nil {
+			return err
+		}
+
+		if binds[bind.Destination] {
+			return fmt.Errorf("Duplicate mount point '%s'", bind.Destination)
+		}
+
+		if len(bind.Name) > 0 {
+			// create the volume
+			v, err := daemon.volumes.CreateWithRef(bind.Name, bind.Driver, container.ID, nil, nil)
+			if err != nil {
+				return err
+			}
+			bind.Volume = v
+			bind.Source = v.Path()
+			// bind.Name is an already existing volume, we need to use that here
+			bind.Driver = v.DriverName()
+			bind.Named = true
+			if bind.Driver == "local" {
+				bind = setBindModeIfNull(bind)
+			}
+		}
+
+		if label.RelabelNeeded(bind.Mode) {
+			if err := label.Relabel(bind.Source, container.MountLabel, label.IsShared(bind.Mode)); err != nil {
+				return err
+			}
+		}
+		binds[bind.Destination] = true
+		mountPoints[bind.Destination] = bind
+	}
+
+	container.Lock()
+
+	// 4. Cleanup old volumes that are about to be reassigned.
+	for _, m := range mountPoints {
+		if m.BackwardsCompatible() {
+			if mp, exists := container.MountPoints[m.Destination]; exists && mp.Volume != nil {
+				daemon.volumes.Dereference(mp.Volume, container.ID)
+			}
+		}
+	}
+	container.MountPoints = mountPoints
+
+	container.Unlock()
+
+	return nil
+}
+
+// lazyInitializeVolume initializes a mountpoint's volume if needed.
+// This happens after a daemon restart.
+func (daemon *Daemon) lazyInitializeVolume(containerID string, m *volume.MountPoint) error {
+	if len(m.Driver) > 0 && m.Volume == nil {
+		v, err := daemon.volumes.GetWithRef(m.Name, m.Driver, containerID)
+		if err != nil {
+			return err
+		}
+		m.Volume = v
+	}
+	return nil
+}
diff --git a/daemon/volumes_unit_test.go b/daemon/volumes_unit_test.go
new file mode 100644
index 00000000..450d17f9
--- /dev/null
+++ b/daemon/volumes_unit_test.go
@@ -0,0 +1,39 @@
+package daemon
+
+import (
+	"testing"
+
+	"github.com/docker/docker/volume"
+)
+
+func TestParseVolumesFrom(t *testing.T) {
+	cases := []struct {
+		spec    string
+		expID   string
+		expMode string
+		fail    bool
+	}{
+		{"", "", "", true},
+		{"foobar", "foobar", "rw", false},
+		{"foobar:rw", "foobar", "rw", false},
+		{"foobar:ro", "foobar", "ro", false},
+		{"foobar:baz", "", "", true},
+	}
+
+	for _, c := range cases {
+		id, mode, err := volume.ParseVolumesFrom(c.spec)
+		if c.fail {
+			if err == nil {
+				t.Fatalf("Expected error, was nil, for spec %s\n", c.spec)
+			}
+			continue
+		}
+
+		if id != c.expID {
+			t.Fatalf("Expected id %s, was %s, for spec %s\n", c.expID, id, c.spec)
+		}
+		if mode != c.expMode {
+			t.Fatalf("Expected mode %s, was %s for spec %s\n", c.expMode, mode, c.spec)
+		}
+	}
+}
diff --git a/daemon/volumes_unix.go b/daemon/volumes_unix.go
new file mode 100644
index 00000000..078fd10b
--- /dev/null
+++ b/daemon/volumes_unix.go
@@ -0,0 +1,78 @@
+// +build !windows
+
+package daemon
+
+import (
+	"os"
+	"sort"
+	"strconv"
+
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/volume"
+)
+
+// setupMounts iterates through each of the mount points for a container and
+// calls Setup() on each. It also looks to see if is a network mount such as
+// /etc/resolv.conf, and if it is not, appends it to the array of mounts.
+func (daemon *Daemon) setupMounts(c *container.Container) ([]container.Mount, error) {
+	var mounts []container.Mount
+	for _, m := range c.MountPoints {
+		if err := daemon.lazyInitializeVolume(c.ID, m); err != nil {
+			return nil, err
+		}
+		path, err := m.Setup()
+		if err != nil {
+			return nil, err
+		}
+		if !c.TrySetNetworkMount(m.Destination, path) {
+			mnt := container.Mount{
+				Source:      path,
+				Destination: m.Destination,
+				Writable:    m.RW,
+				Propagation: m.Propagation,
+			}
+			if m.Volume != nil {
+				attributes := map[string]string{
+					"driver":      m.Volume.DriverName(),
+					"container":   c.ID,
+					"destination": m.Destination,
+					"read/write":  strconv.FormatBool(m.RW),
+					"propagation": m.Propagation,
+				}
+				daemon.LogVolumeEvent(m.Volume.Name(), "mount", attributes)
+			}
+			mounts = append(mounts, mnt)
+		}
+	}
+
+	mounts = sortMounts(mounts)
+	netMounts := c.NetworkMounts()
+	// if we are going to mount any of the network files from container
+	// metadata, the ownership must be set properly for potential container
+	// remapped root (user namespaces)
+	rootUID, rootGID := daemon.GetRemappedUIDGID()
+	for _, mount := range netMounts {
+		if err := os.Chown(mount.Source, rootUID, rootGID); err != nil {
+			return nil, err
+		}
+	}
+	return append(mounts, netMounts...), nil
+}
+
+// sortMounts sorts an array of mounts in lexicographic order. This ensure that
+// when mounting, the mounts don't shadow other mounts. For example, if mounting
+// /etc and /etc/resolv.conf, /etc/resolv.conf must not be mounted first.
+func sortMounts(m []container.Mount) []container.Mount {
+	sort.Sort(mounts(m))
+	return m
+}
+
+// setBindModeIfNull is platform specific processing to ensure the
+// shared mode is set to 'z' if it is null. This is called in the case
+// of processing a named volume and not a typical bind.
+func setBindModeIfNull(bind *volume.MountPoint) *volume.MountPoint {
+	if bind.Mode == "" {
+		bind.Mode = "z"
+	}
+	return bind
+}
diff --git a/daemon/volumes_windows.go b/daemon/volumes_windows.go
new file mode 100644
index 00000000..e7f9c098
--- /dev/null
+++ b/daemon/volumes_windows.go
@@ -0,0 +1,51 @@
+// +build windows
+
+package daemon
+
+import (
+	"fmt"
+	"sort"
+
+	"github.com/docker/docker/container"
+	"github.com/docker/docker/volume"
+)
+
+// setupMounts configures the mount points for a container by appending each
+// of the configured mounts on the container to the OCI mount structure
+// which will ultimately be passed into the oci runtime during container creation.
+// It also ensures each of the mounts are lexographically sorted.
+
+// BUGBUG TODO Windows containerd. This would be much better if it returned
+// an array of windowsoci mounts, not container mounts. Then no need to
+// do multiple transitions.
+
+func (daemon *Daemon) setupMounts(c *container.Container) ([]container.Mount, error) {
+	var mnts []container.Mount
+	for _, mount := range c.MountPoints { // type is volume.MountPoint
+		if err := daemon.lazyInitializeVolume(c.ID, mount); err != nil {
+			return nil, err
+		}
+		// If there is no source, take it from the volume path
+		s := mount.Source
+		if s == "" && mount.Volume != nil {
+			s = mount.Volume.Path()
+		}
+		if s == "" {
+			return nil, fmt.Errorf("No source for mount name '%s' driver %q destination '%s'", mount.Name, mount.Driver, mount.Destination)
+		}
+		mnts = append(mnts, container.Mount{
+			Source:      s,
+			Destination: mount.Destination,
+			Writable:    mount.RW,
+		})
+	}
+
+	sort.Sort(mounts(mnts))
+	return mnts, nil
+}
+
+// setBindModeIfNull is platform specific processing which is a no-op on
+// Windows.
+func setBindModeIfNull(bind *volume.MountPoint) *volume.MountPoint {
+	return bind
+}
diff --git a/daemon/wait.go b/daemon/wait.go
new file mode 100644
index 00000000..52b335cd
--- /dev/null
+++ b/daemon/wait.go
@@ -0,0 +1,17 @@
+package daemon
+
+import "time"
+
+// ContainerWait stops processing until the given container is
+// stopped. If the container is not found, an error is returned. On a
+// successful stop, the exit code of the container is returned. On a
+// timeout, an error is returned. If you want to wait forever, supply
+// a negative duration for the timeout.
+func (daemon *Daemon) ContainerWait(name string, timeout time.Duration) (int, error) {
+	container, err := daemon.GetContainer(name)
+	if err != nil {
+		return -1, err
+	}
+
+	return container.WaitStop(timeout)
+}
diff --git a/distribution/errors.go b/distribution/errors.go
new file mode 100644
index 00000000..f7a9c621
--- /dev/null
+++ b/distribution/errors.go
@@ -0,0 +1,113 @@
+package distribution
+
+import (
+	"net/url"
+	"strings"
+	"syscall"
+
+	"github.com/docker/distribution/registry/api/errcode"
+	"github.com/docker/distribution/registry/api/v2"
+	"github.com/docker/distribution/registry/client"
+	"github.com/docker/distribution/registry/client/auth"
+	"github.com/docker/docker/distribution/xfer"
+)
+
+// ErrNoSupport is an error type used for errors indicating that an operation
+// is not supported. It encapsulates a more specific error.
+type ErrNoSupport struct{ Err error }
+
+func (e ErrNoSupport) Error() string {
+	if e.Err == nil {
+		return "not supported"
+	}
+	return e.Err.Error()
+}
+
+// fallbackError wraps an error that can possibly allow fallback to a different
+// endpoint.
+type fallbackError struct {
+	// err is the error being wrapped.
+	err error
+	// confirmedV2 is set to true if it was confirmed that the registry
+	// supports the v2 protocol. This is used to limit fallbacks to the v1
+	// protocol.
+	confirmedV2 bool
+	// transportOK is set to true if we managed to speak HTTP with the
+	// registry. This confirms that we're using appropriate TLS settings
+	// (or lack of TLS).
+	transportOK bool
+}
+
+// Error renders the FallbackError as a string.
+func (f fallbackError) Error() string {
+	return f.err.Error()
+}
+
+// shouldV2Fallback returns true if this error is a reason to fall back to v1.
+func shouldV2Fallback(err errcode.Error) bool {
+	switch err.Code {
+	case errcode.ErrorCodeUnauthorized, v2.ErrorCodeManifestUnknown, v2.ErrorCodeNameUnknown:
+		return true
+	}
+	return false
+}
+
+// continueOnError returns true if we should fallback to the next endpoint
+// as a result of this error.
+func continueOnError(err error) bool {
+	switch v := err.(type) {
+	case errcode.Errors:
+		if len(v) == 0 {
+			return true
+		}
+		return continueOnError(v[0])
+	case ErrNoSupport:
+		return continueOnError(v.Err)
+	case errcode.Error:
+		return shouldV2Fallback(v)
+	case *client.UnexpectedHTTPResponseError:
+		return true
+	case ImageConfigPullError:
+		return false
+	case error:
+		return !strings.Contains(err.Error(), strings.ToLower(syscall.ENOSPC.Error()))
+	}
+	// let's be nice and fallback if the error is a completely
+	// unexpected one.
+	// If new errors have to be handled in some way, please
+	// add them to the switch above.
+	return true
+}
+
+// retryOnError wraps the error in xfer.DoNotRetry if we should not retry the
+// operation after this error.
+func retryOnError(err error) error {
+	switch v := err.(type) {
+	case errcode.Errors:
+		if len(v) != 0 {
+			return retryOnError(v[0])
+		}
+	case errcode.Error:
+		switch v.Code {
+		case errcode.ErrorCodeUnauthorized, errcode.ErrorCodeUnsupported, errcode.ErrorCodeDenied:
+			return xfer.DoNotRetry{Err: err}
+		}
+	case *url.Error:
+		switch v.Err {
+		case auth.ErrNoBasicAuthCredentials, auth.ErrNoToken:
+			return xfer.DoNotRetry{Err: v.Err}
+		}
+		return retryOnError(v.Err)
+	case *client.UnexpectedHTTPResponseError:
+		return xfer.DoNotRetry{Err: err}
+	case error:
+		if strings.Contains(err.Error(), strings.ToLower(syscall.ENOSPC.Error())) {
+			return xfer.DoNotRetry{Err: err}
+		}
+	}
+	// let's be nice and fallback if the error is a completely
+	// unexpected one.
+	// If new errors have to be handled in some way, please
+	// add them to the switch above.
+	return err
+}
diff --git a/distribution/fixtures/validate_manifest/bad_manifest b/distribution/fixtures/validate_manifest/bad_manifest
new file mode 100644
index 00000000..a1f02a62
--- /dev/null
+++ b/distribution/fixtures/validate_manifest/bad_manifest
@@ -0,0 +1,38 @@
+{
+   "schemaVersion": 2,
+   "name": "library/hello-world",
+   "tag": "latest",
+   "architecture": "amd64",
+   "fsLayers": [
+      {
+         "blobSum": "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"
+      },
+      {
+         "blobSum": "sha256:03f4658f8b782e12230c1783426bd3bacce651ce582a4ffb6fbbfa2079428ecb"
+      }
+   ],
+   "history": [
+      {
+         "v1Compatibility": "{\"id\":\"af340544ed62de0680f441c71fa1a80cb084678fed42bae393e543faea3a572c\",\"parent\":\"535020c3e8add9d6bb06e5ac15a261e73d9b213d62fb2c14d752b8e189b2b912\",\"created\":\"2015-08-06T23:53:22.608577814Z\",\"container\":\"c2b715156f640c7ac7d98472ea24335aba5432a1323a3bb722697e6d37ef794f\",\"container_config\":{\"Hostname\":\"9aeb0006ffa7\",\"Domainname\":\"\",\"User\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":null,\"Cmd\":[\"/bin/sh\",\"-c\",\"#(nop) CMD [\\\"/hello\\\"]\"],\"Image\":\"535020c3e8add9d6bb06e5ac15a261e73d9b213d62fb2c14d752b8e189b2b912\",\"Volumes\":null,\"VolumeDriver\":\"\",\"WorkingDir\":\"\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":null,\"Labels\":{}},\"docker_version\":\"1.7.1\",\"config\":{\"Hostname\":\"9aeb0006ffa7\",\"Domainname\":\"\",\"User\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":null,\"Cmd\":[\"/hello\"],\"Image\":\"535020c3e8add9d6bb06e5ac15a261e73d9b213d62fb2c14d752b8e189b2b912\",\"Volumes\":null,\"VolumeDriver\":\"\",\"WorkingDir\":\"\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":null,\"Labels\":{}},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":0}\n"
+      },
+      {
+         "v1Compatibility": "{\"id\":\"535020c3e8add9d6bb06e5ac15a261e73d9b213d62fb2c14d752b8e189b2b912\",\"created\":\"2015-08-06T23:53:22.241352727Z\",\"container\":\"9aeb0006ffa72a8287564caaea87625896853701459261d3b569e320c0c9d5dc\",\"container_config\":{\"Hostname\":\"9aeb0006ffa7\",\"Domainname\":\"\",\"User\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":null,\"Cmd\":[\"/bin/sh\",\"-c\",\"#(nop) COPY file:4abd3bff60458ca3b079d7b131ce26b2719055a030dfa96ff827da2b7c7038a7 in /\"],\"Image\":\"\",\"Volumes\":null,\"VolumeDriver\":\"\",\"WorkingDir\":\"\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":null,\"Labels\":null},\"docker_version\":\"1.7.1\",\"config\":{\"Hostname\":\"9aeb0006ffa7\",\"Domainname\":\"\",\"User\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":null,\"Cmd\":null,\"Image\":\"\",\"Volumes\":null,\"VolumeDriver\":\"\",\"WorkingDir\":\"\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":null,\"Labels\":null},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":960}\n"
+      }
+   ],
+   "signatures": [
+      {
+         "header": {
+            "jwk": {
+               "crv": "P-256",
+               "kid": "OIH7:HQFS:44FK:45VB:3B53:OIAG:TPL4:ATF5:6PNE:MGHN:NHQX:2GE4",
+               "kty": "EC",
+               "x": "Cu_UyxwLgHzE9rvlYSmvVdqYCXY42E9eNhBb0xNv0SQ",
+               "y": "zUsjWJkeKQ5tv7S-hl1Tg71cd-CqnrtiiLxSi6N_yc8"
+            },
+            "alg": "ES256"
+         },
+         "signature": "Y6xaFz9Sy-OtcnKQS1Ilq3Dh8cu4h3nBTJCpOTF1XF7vKtcxxA_xMP8-SgDo869SJ3VsvgPL9-Xn-OoYG2rb1A",
+         "protected": "eyJmb3JtYXRMZW5ndGgiOjMxOTcsImZvcm1hdFRhaWwiOiJDbjAiLCJ0aW1lIjoiMjAxNS0wOS0xMVQwNDoxMzo0OFoifQ"
+      }
+   ]
+}
diff --git a/distribution/fixtures/validate_manifest/extra_data_manifest b/distribution/fixtures/validate_manifest/extra_data_manifest
new file mode 100644
index 00000000..beec19a8
--- /dev/null
+++ b/distribution/fixtures/validate_manifest/extra_data_manifest
@@ -0,0 +1,46 @@
+{
+   "schemaVersion": 1,
+   "name": "library/hello-world",
+   "tag": "latest",
+   "architecture": "amd64",
+   "fsLayers": [
+      {
+         "blobSum": "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"
+      },
+      {
+         "blobSum": "sha256:03f4658f8b782e12230c1783426bd3bacce651ce582a4ffb6fbbfa2079428ecb"
+      }
+   ],
+   "history": [
+      {
+         "v1Compatibility": "{\"id\":\"af340544ed62de0680f441c71fa1a80cb084678fed42bae393e543faea3a572c\",\"parent\":\"535020c3e8add9d6bb06e5ac15a261e73d9b213d62fb2c14d752b8e189b2b912\",\"created\":\"2015-08-06T23:53:22.608577814Z\",\"container\":\"c2b715156f640c7ac7d98472ea24335aba5432a1323a3bb722697e6d37ef794f\",\"container_config\":{\"Hostname\":\"9aeb0006ffa7\",\"Domainname\":\"\",\"User\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":null,\"Cmd\":[\"/bin/sh\",\"-c\",\"#(nop) CMD [\\\"/hello\\\"]\"],\"Image\":\"535020c3e8add9d6bb06e5ac15a261e73d9b213d62fb2c14d752b8e189b2b912\",\"Volumes\":null,\"VolumeDriver\":\"\",\"WorkingDir\":\"\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":null,\"Labels\":{}},\"docker_version\":\"1.7.1\",\"config\":{\"Hostname\":\"9aeb0006ffa7\",\"Domainname\":\"\",\"User\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":null,\"Cmd\":[\"/hello\"],\"Image\":\"535020c3e8add9d6bb06e5ac15a261e73d9b213d62fb2c14d752b8e189b2b912\",\"Volumes\":null,\"VolumeDriver\":\"\",\"WorkingDir\":\"\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":null,\"Labels\":{}},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":0}\n"
+      },
+      {
+         "v1Compatibility": "{\"id\":\"535020c3e8add9d6bb06e5ac15a261e73d9b213d62fb2c14d752b8e189b2b912\",\"created\":\"2015-08-06T23:53:22.241352727Z\",\"container\":\"9aeb0006ffa72a8287564caaea87625896853701459261d3b569e320c0c9d5dc\",\"container_config\":{\"Hostname\":\"9aeb0006ffa7\",\"Domainname\":\"\",\"User\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":null,\"Cmd\":[\"/bin/sh\",\"-c\",\"#(nop) COPY file:4abd3bff60458ca3b079d7b131ce26b2719055a030dfa96ff827da2b7c7038a7 in /\"],\"Image\":\"\",\"Volumes\":null,\"VolumeDriver\":\"\",\"WorkingDir\":\"\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":null,\"Labels\":null},\"docker_version\":\"1.7.1\",\"config\":{\"Hostname\":\"9aeb0006ffa7\",\"Domainname\":\"\",\"User\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":null,\"Cmd\":null,\"Image\":\"\",\"Volumes\":null,\"VolumeDriver\":\"\",\"WorkingDir\":\"\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":null,\"Labels\":null},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":960}\n"
+      }
+   ],
+   "fsLayers": [
+      {
+         "blobSum": "sha256:ffff95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"
+      },
+      {
+         "blobSum": "sha256:ffff658f8b782e12230c1783426bd3bacce651ce582a4ffb6fbbfa2079428ecb"
+      }
+   ],
+   "signatures": [
+      {
+         "header": {
+            "jwk": {
+               "crv": "P-256",
+               "kid": "OIH7:HQFS:44FK:45VB:3B53:OIAG:TPL4:ATF5:6PNE:MGHN:NHQX:2GE4",
+               "kty": "EC",
+               "x": "Cu_UyxwLgHzE9rvlYSmvVdqYCXY42E9eNhBb0xNv0SQ",
+               "y": "zUsjWJkeKQ5tv7S-hl1Tg71cd-CqnrtiiLxSi6N_yc8"
+            },
+            "alg": "ES256"
+         },
+         "signature": "Y6xaFz9Sy-OtcnKQS1Ilq3Dh8cu4h3nBTJCpOTF1XF7vKtcxxA_xMP8-SgDo869SJ3VsvgPL9-Xn-OoYG2rb1A",
+         "protected": "eyJmb3JtYXRMZW5ndGgiOjMxOTcsImZvcm1hdFRhaWwiOiJDbjAiLCJ0aW1lIjoiMjAxNS0wOS0xMVQwNDoxMzo0OFoifQ"
+      }
+   ]
+}
diff --git a/distribution/fixtures/validate_manifest/good_manifest b/distribution/fixtures/validate_manifest/good_manifest
new file mode 100644
index 00000000..b107de32
--- /dev/null
+++ b/distribution/fixtures/validate_manifest/good_manifest
@@ -0,0 +1,38 @@
+{
+   "schemaVersion": 1,
+   "name": "library/hello-world",
+   "tag": "latest",
+   "architecture": "amd64",
+   "fsLayers": [
+      {
+         "blobSum": "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"
+      },
+      {
+         "blobSum": "sha256:03f4658f8b782e12230c1783426bd3bacce651ce582a4ffb6fbbfa2079428ecb"
+      }
+   ],
+   "history": [
+      {
+         "v1Compatibility": "{\"id\":\"af340544ed62de0680f441c71fa1a80cb084678fed42bae393e543faea3a572c\",\"parent\":\"535020c3e8add9d6bb06e5ac15a261e73d9b213d62fb2c14d752b8e189b2b912\",\"created\":\"2015-08-06T23:53:22.608577814Z\",\"container\":\"c2b715156f640c7ac7d98472ea24335aba5432a1323a3bb722697e6d37ef794f\",\"container_config\":{\"Hostname\":\"9aeb0006ffa7\",\"Domainname\":\"\",\"User\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":null,\"Cmd\":[\"/bin/sh\",\"-c\",\"#(nop) CMD [\\\"/hello\\\"]\"],\"Image\":\"535020c3e8add9d6bb06e5ac15a261e73d9b213d62fb2c14d752b8e189b2b912\",\"Volumes\":null,\"VolumeDriver\":\"\",\"WorkingDir\":\"\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":null,\"Labels\":{}},\"docker_version\":\"1.7.1\",\"config\":{\"Hostname\":\"9aeb0006ffa7\",\"Domainname\":\"\",\"User\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":null,\"Cmd\":[\"/hello\"],\"Image\":\"535020c3e8add9d6bb06e5ac15a261e73d9b213d62fb2c14d752b8e189b2b912\",\"Volumes\":null,\"VolumeDriver\":\"\",\"WorkingDir\":\"\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":null,\"Labels\":{}},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":0}\n"
+      },
+      {
+         "v1Compatibility": "{\"id\":\"535020c3e8add9d6bb06e5ac15a261e73d9b213d62fb2c14d752b8e189b2b912\",\"created\":\"2015-08-06T23:53:22.241352727Z\",\"container\":\"9aeb0006ffa72a8287564caaea87625896853701459261d3b569e320c0c9d5dc\",\"container_config\":{\"Hostname\":\"9aeb0006ffa7\",\"Domainname\":\"\",\"User\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":null,\"Cmd\":[\"/bin/sh\",\"-c\",\"#(nop) COPY file:4abd3bff60458ca3b079d7b131ce26b2719055a030dfa96ff827da2b7c7038a7 in /\"],\"Image\":\"\",\"Volumes\":null,\"VolumeDriver\":\"\",\"WorkingDir\":\"\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":null,\"Labels\":null},\"docker_version\":\"1.7.1\",\"config\":{\"Hostname\":\"9aeb0006ffa7\",\"Domainname\":\"\",\"User\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":null,\"Cmd\":null,\"Image\":\"\",\"Volumes\":null,\"VolumeDriver\":\"\",\"WorkingDir\":\"\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":null,\"Labels\":null},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":960}\n"
+      }
+   ],
+   "signatures": [
+      {
+         "header": {
+            "jwk": {
+               "crv": "P-256",
+               "kid": "OIH7:HQFS:44FK:45VB:3B53:OIAG:TPL4:ATF5:6PNE:MGHN:NHQX:2GE4",
+               "kty": "EC",
+               "x": "Cu_UyxwLgHzE9rvlYSmvVdqYCXY42E9eNhBb0xNv0SQ",
+               "y": "zUsjWJkeKQ5tv7S-hl1Tg71cd-CqnrtiiLxSi6N_yc8"
+            },
+            "alg": "ES256"
+         },
+         "signature": "Y6xaFz9Sy-OtcnKQS1Ilq3Dh8cu4h3nBTJCpOTF1XF7vKtcxxA_xMP8-SgDo869SJ3VsvgPL9-Xn-OoYG2rb1A",
+         "protected": "eyJmb3JtYXRMZW5ndGgiOjMxOTcsImZvcm1hdFRhaWwiOiJDbjAiLCJ0aW1lIjoiMjAxNS0wOS0xMVQwNDoxMzo0OFoifQ"
+      }
+   ]
+}
\ No newline at end of file
diff --git a/distribution/metadata/metadata.go b/distribution/metadata/metadata.go
new file mode 100644
index 00000000..9f744d46
--- /dev/null
+++ b/distribution/metadata/metadata.go
@@ -0,0 +1,77 @@
+package metadata
+
+import (
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"sync"
+)
+
+// Store implements a K/V store for mapping distribution-related IDs
+// to on-disk layer IDs and image IDs. The namespace identifies the type of
+// mapping (i.e. "v1ids" or "artifacts"). MetadataStore is goroutine-safe.
+type Store interface {
+	// Get retrieves data by namespace and key.
+	Get(namespace string, key string) ([]byte, error)
+	// Set writes data indexed by namespace and key.
+	Set(namespace, key string, value []byte) error
+	// Delete removes data indexed by namespace and key.
+	Delete(namespace, key string) error
+}
+
+// FSMetadataStore uses the filesystem to associate metadata with layer and
+// image IDs.
+type FSMetadataStore struct {
+	sync.RWMutex
+	basePath string
+}
+
+// NewFSMetadataStore creates a new filesystem-based metadata store.
+func NewFSMetadataStore(basePath string) (*FSMetadataStore, error) {
+	if err := os.MkdirAll(basePath, 0700); err != nil {
+		return nil, err
+	}
+	return &FSMetadataStore{
+		basePath: basePath,
+	}, nil
+}
+
+func (store *FSMetadataStore) path(namespace, key string) string {
+	return filepath.Join(store.basePath, namespace, key)
+}
+
+// Get retrieves data by namespace and key. The data is read from a file named
+// after the key, stored in the namespace's directory.
+func (store *FSMetadataStore) Get(namespace string, key string) ([]byte, error) {
+	store.RLock()
+	defer store.RUnlock()
+
+	return ioutil.ReadFile(store.path(namespace, key))
+}
+
+// Set writes data indexed by namespace and key. The data is written to a file
+// named after the key, stored in the namespace's directory.
+func (store *FSMetadataStore) Set(namespace, key string, value []byte) error {
+	store.Lock()
+	defer store.Unlock()
+
+	path := store.path(namespace, key)
+	tempFilePath := path + ".tmp"
+	if err := os.MkdirAll(filepath.Dir(path), 0755); err != nil {
+		return err
+	}
+	if err := ioutil.WriteFile(tempFilePath, value, 0644); err != nil {
+		return err
+	}
+	return os.Rename(tempFilePath, path)
+}
+
+// Delete removes data indexed by namespace and key. The data file named after
+// the key, stored in the namespace's directory is deleted.
+func (store *FSMetadataStore) Delete(namespace, key string) error {
+	store.Lock()
+	defer store.Unlock()
+
+	path := store.path(namespace, key)
+	return os.Remove(path)
+}
diff --git a/distribution/metadata/v1_id_service.go b/distribution/metadata/v1_id_service.go
new file mode 100644
index 00000000..f6e45892
--- /dev/null
+++ b/distribution/metadata/v1_id_service.go
@@ -0,0 +1,44 @@
+package metadata
+
+import (
+	"github.com/docker/docker/image/v1"
+	"github.com/docker/docker/layer"
+)
+
+// V1IDService maps v1 IDs to layers on disk.
+type V1IDService struct {
+	store Store
+}
+
+// NewV1IDService creates a new V1 ID mapping service.
+func NewV1IDService(store Store) *V1IDService {
+	return &V1IDService{
+		store: store,
+	}
+}
+
+// namespace returns the namespace used by this service.
+func (idserv *V1IDService) namespace() string {
+	return "v1id"
+}
+
+// Get finds a layer by its V1 ID.
+func (idserv *V1IDService) Get(v1ID, registry string) (layer.DiffID, error) {
+	if err := v1.ValidateID(v1ID); err != nil {
+		return layer.DiffID(""), err
+	}
+
+	idBytes, err := idserv.store.Get(idserv.namespace(), registry+","+v1ID)
+	if err != nil {
+		return layer.DiffID(""), err
+	}
+	return layer.DiffID(idBytes), nil
+}
+
+// Set associates an image with a V1 ID.
+func (idserv *V1IDService) Set(v1ID, registry string, id layer.DiffID) error {
+	if err := v1.ValidateID(v1ID); err != nil {
+		return err
+	}
+	return idserv.store.Set(idserv.namespace(), registry+","+v1ID, []byte(id))
+}
diff --git a/distribution/metadata/v1_id_service_test.go b/distribution/metadata/v1_id_service_test.go
new file mode 100644
index 00000000..55688658
--- /dev/null
+++ b/distribution/metadata/v1_id_service_test.go
@@ -0,0 +1,83 @@
+package metadata
+
+import (
+	"io/ioutil"
+	"os"
+	"testing"
+
+	"github.com/docker/docker/layer"
+)
+
+func TestV1IDService(t *testing.T) {
+	tmpDir, err := ioutil.TempDir("", "v1-id-service-test")
+	if err != nil {
+		t.Fatalf("could not create temp dir: %v", err)
+	}
+	defer os.RemoveAll(tmpDir)
+
+	metadataStore, err := NewFSMetadataStore(tmpDir)
+	if err != nil {
+		t.Fatalf("could not create metadata store: %v", err)
+	}
+	v1IDService := NewV1IDService(metadataStore)
+
+	testVectors := []struct {
+		registry string
+		v1ID     string
+		layerID  layer.DiffID
+	}{
+		{
+			registry: "registry1",
+			v1ID:     "f0cd5ca10b07f35512fc2f1cbf9a6cefbdb5cba70ac6b0c9e5988f4497f71937",
+			layerID:  layer.DiffID("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"),
+		},
+		{
+			registry: "registry2",
+			v1ID:     "9e3447ca24cb96d86ebd5960cb34d1299b07e0a0e03801d90b9969a2c187dd6e",
+			layerID:  layer.DiffID("sha256:86e0e091d0da6bde2456dbb48306f3956bbeb2eae1b5b9a43045843f69fe4aaa"),
+		},
+		{
+			registry: "registry1",
+			v1ID:     "9e3447ca24cb96d86ebd5960cb34d1299b07e0a0e03801d90b9969a2c187dd6e",
+			layerID:  layer.DiffID("sha256:03f4658f8b782e12230c1783426bd3bacce651ce582a4ffb6fbbfa2079428ecb"),
+		},
+	}
+
+	// Set some associations
+	for _, vec := range testVectors {
+		err := v1IDService.Set(vec.v1ID, vec.registry, vec.layerID)
+		if err != nil {
+			t.Fatalf("error calling Set: %v", err)
+		}
+	}
+
+	// Check the correct values are read back
+	for _, vec := range testVectors {
+		layerID, err := v1IDService.Get(vec.v1ID, vec.registry)
+		if err != nil {
+			t.Fatalf("error calling Get: %v", err)
+		}
+		if layerID != vec.layerID {
+			t.Fatal("Get returned incorrect layer ID")
+		}
+	}
+
+	// Test Get on a nonexistent entry
+	_, err = v1IDService.Get("82379823067823853223359023576437723560923756b03560378f4497753917", "registry1")
+	if err == nil {
+		t.Fatal("expected error looking up nonexistent entry")
+	}
+
+	// Overwrite one of the entries and read it back
+	err = v1IDService.Set(testVectors[0].v1ID, testVectors[0].registry, testVectors[1].layerID)
+	if err != nil {
+		t.Fatalf("error calling Set: %v", err)
+	}
+	layerID, err := v1IDService.Get(testVectors[0].v1ID, testVectors[0].registry)
+	if err != nil {
+		t.Fatalf("error calling Get: %v", err)
+	}
+	if layerID != testVectors[1].layerID {
+		t.Fatal("Get returned incorrect layer ID")
+	}
+}
diff --git a/distribution/metadata/v2_metadata_service.go b/distribution/metadata/v2_metadata_service.go
new file mode 100644
index 00000000..239cd1f4
--- /dev/null
+++ b/distribution/metadata/v2_metadata_service.go
@@ -0,0 +1,137 @@
+package metadata
+
+import (
+	"encoding/json"
+
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/layer"
+)
+
+// V2MetadataService maps layer IDs to a set of known metadata for
+// the layer.
+type V2MetadataService struct {
+	store Store
+}
+
+// V2Metadata contains the digest and source repository information for a layer.
+type V2Metadata struct {
+	Digest           digest.Digest
+	SourceRepository string
+}
+
+// maxMetadata is the number of metadata entries to keep per layer DiffID.
+const maxMetadata = 50
+
+// NewV2MetadataService creates a new diff ID to v2 metadata mapping service.
+func NewV2MetadataService(store Store) *V2MetadataService {
+	return &V2MetadataService{
+		store: store,
+	}
+}
+
+func (serv *V2MetadataService) diffIDNamespace() string {
+	return "v2metadata-by-diffid"
+}
+
+func (serv *V2MetadataService) digestNamespace() string {
+	return "diffid-by-digest"
+}
+
+func (serv *V2MetadataService) diffIDKey(diffID layer.DiffID) string {
+	return string(digest.Digest(diffID).Algorithm()) + "/" + digest.Digest(diffID).Hex()
+}
+
+func (serv *V2MetadataService) digestKey(dgst digest.Digest) string {
+	return string(dgst.Algorithm()) + "/" + dgst.Hex()
+}
+
+// GetMetadata finds the metadata associated with a layer DiffID.
+func (serv *V2MetadataService) GetMetadata(diffID layer.DiffID) ([]V2Metadata, error) {
+	jsonBytes, err := serv.store.Get(serv.diffIDNamespace(), serv.diffIDKey(diffID))
+	if err != nil {
+		return nil, err
+	}
+
+	var metadata []V2Metadata
+	if err := json.Unmarshal(jsonBytes, &metadata); err != nil {
+		return nil, err
+	}
+
+	return metadata, nil
+}
+
+// GetDiffID finds a layer DiffID from a digest.
+func (serv *V2MetadataService) GetDiffID(dgst digest.Digest) (layer.DiffID, error) {
+	diffIDBytes, err := serv.store.Get(serv.digestNamespace(), serv.digestKey(dgst))
+	if err != nil {
+		return layer.DiffID(""), err
+	}
+
+	return layer.DiffID(diffIDBytes), nil
+}
+
+// Add associates metadata with a layer DiffID. If too many metadata entries are
+// present, the oldest one is dropped.
+func (serv *V2MetadataService) Add(diffID layer.DiffID, metadata V2Metadata) error {
+	oldMetadata, err := serv.GetMetadata(diffID)
+	if err != nil {
+		oldMetadata = nil
+	}
+	newMetadata := make([]V2Metadata, 0, len(oldMetadata)+1)
+
+	// Copy all other metadata to new slice
+	for _, oldMeta := range oldMetadata {
+		if oldMeta != metadata {
+			newMetadata = append(newMetadata, oldMeta)
+		}
+	}
+
+	newMetadata = append(newMetadata, metadata)
+
+	if len(newMetadata) > maxMetadata {
+		newMetadata = newMetadata[len(newMetadata)-maxMetadata:]
+	}
+
+	jsonBytes, err := json.Marshal(newMetadata)
+	if err != nil {
+		return err
+	}
+
+	err = serv.store.Set(serv.diffIDNamespace(), serv.diffIDKey(diffID), jsonBytes)
+	if err != nil {
+		return err
+	}
+
+	return serv.store.Set(serv.digestNamespace(), serv.digestKey(metadata.Digest), []byte(diffID))
+}
+
+// Remove unassociates a metadata entry from a layer DiffID.
+func (serv *V2MetadataService) Remove(metadata V2Metadata) error {
+	diffID, err := serv.GetDiffID(metadata.Digest)
+	if err != nil {
+		return err
+	}
+	oldMetadata, err := serv.GetMetadata(diffID)
+	if err != nil {
+		oldMetadata = nil
+	}
+	newMetadata := make([]V2Metadata, 0, len(oldMetadata))
+
+	// Copy all other metadata to new slice
+	for _, oldMeta := range oldMetadata {
+		if oldMeta != metadata {
+			newMetadata = append(newMetadata, oldMeta)
+		}
+	}
+
+	if len(newMetadata) == 0 {
+		return serv.store.Delete(serv.diffIDNamespace(), serv.diffIDKey(diffID))
+	}
+
+	jsonBytes, err := json.Marshal(newMetadata)
+	if err != nil {
+		return err
+	}
+
+	return serv.store.Set(serv.diffIDNamespace(), serv.diffIDKey(diffID), jsonBytes)
+}
diff --git a/distribution/metadata/v2_metadata_service_test.go b/distribution/metadata/v2_metadata_service_test.go
new file mode 100644
index 00000000..7b0ecb15
--- /dev/null
+++ b/distribution/metadata/v2_metadata_service_test.go
@@ -0,0 +1,115 @@
+package metadata
+
+import (
+	"encoding/hex"
+	"io/ioutil"
+	"math/rand"
+	"os"
+	"reflect"
+	"testing"
+
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/layer"
+)
+
+func TestV2MetadataService(t *testing.T) {
+	tmpDir, err := ioutil.TempDir("", "blobsum-storage-service-test")
+	if err != nil {
+		t.Fatalf("could not create temp dir: %v", err)
+	}
+	defer os.RemoveAll(tmpDir)
+
+	metadataStore, err := NewFSMetadataStore(tmpDir)
+	if err != nil {
+		t.Fatalf("could not create metadata store: %v", err)
+	}
+	V2MetadataService := NewV2MetadataService(metadataStore)
+
+	tooManyBlobSums := make([]V2Metadata, 100)
+	for i := range tooManyBlobSums {
+		randDigest := randomDigest()
+		tooManyBlobSums[i] = V2Metadata{Digest: randDigest}
+	}
+
+	testVectors := []struct {
+		diffID   layer.DiffID
+		metadata []V2Metadata
+	}{
+		{
+			diffID: layer.DiffID("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"),
+			metadata: []V2Metadata{
+				{Digest: digest.Digest("sha256:f0cd5ca10b07f35512fc2f1cbf9a6cefbdb5cba70ac6b0c9e5988f4497f71937")},
+			},
+		},
+		{
+			diffID: layer.DiffID("sha256:86e0e091d0da6bde2456dbb48306f3956bbeb2eae1b5b9a43045843f69fe4aaa"),
+			metadata: []V2Metadata{
+				{Digest: digest.Digest("sha256:f0cd5ca10b07f35512fc2f1cbf9a6cefbdb5cba70ac6b0c9e5988f4497f71937")},
+				{Digest: digest.Digest("sha256:9e3447ca24cb96d86ebd5960cb34d1299b07e0a0e03801d90b9969a2c187dd6e")},
+			},
+		},
+		{
+			diffID:   layer.DiffID("sha256:03f4658f8b782e12230c1783426bd3bacce651ce582a4ffb6fbbfa2079428ecb"),
+			metadata: tooManyBlobSums,
+		},
+	}
+
+	// Set some associations
+	for _, vec := range testVectors {
+		for _, blobsum := range vec.metadata {
+			err := V2MetadataService.Add(vec.diffID, blobsum)
+			if err != nil {
+				t.Fatalf("error calling Set: %v", err)
+			}
+		}
+	}
+
+	// Check the correct values are read back
+	for _, vec := range testVectors {
+		metadata, err := V2MetadataService.GetMetadata(vec.diffID)
+		if err != nil {
+			t.Fatalf("error calling Get: %v", err)
+		}
+		expectedMetadataEntries := len(vec.metadata)
+		if expectedMetadataEntries > 50 {
+			expectedMetadataEntries = 50
+		}
+		if !reflect.DeepEqual(metadata, vec.metadata[len(vec.metadata)-expectedMetadataEntries:len(vec.metadata)]) {
+			t.Fatal("Get returned incorrect layer ID")
+		}
+	}
+
+	// Test GetMetadata on a nonexistent entry
+	_, err = V2MetadataService.GetMetadata(layer.DiffID("sha256:82379823067823853223359023576437723560923756b03560378f4497753917"))
+	if err == nil {
+		t.Fatal("expected error looking up nonexistent entry")
+	}
+
+	// Test GetDiffID on a nonexistent entry
+	_, err = V2MetadataService.GetDiffID(digest.Digest("sha256:82379823067823853223359023576437723560923756b03560378f4497753917"))
+	if err == nil {
+		t.Fatal("expected error looking up nonexistent entry")
+	}
+
+	// Overwrite one of the entries and read it back
+	err = V2MetadataService.Add(testVectors[1].diffID, testVectors[0].metadata[0])
+	if err != nil {
+		t.Fatalf("error calling Add: %v", err)
+	}
+	diffID, err := V2MetadataService.GetDiffID(testVectors[0].metadata[0].Digest)
+	if err != nil {
+		t.Fatalf("error calling GetDiffID: %v", err)
+	}
+	if diffID != testVectors[1].diffID {
+		t.Fatal("GetDiffID returned incorrect diffID")
+	}
+}
+
+func randomDigest() digest.Digest {
+	b := [32]byte{}
+	for i := 0; i < len(b); i++ {
+		b[i] = byte(rand.Intn(256))
+	}
+	d := hex.EncodeToString(b[:])
+	return digest.Digest("sha256:" + d)
+}
diff --git a/distribution/pull.go b/distribution/pull.go
new file mode 100644
index 00000000..4b42371b
--- /dev/null
+++ b/distribution/pull.go
@@ -0,0 +1,205 @@
+package distribution
+
+import (
+	"fmt"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/api"
+	"github.com/docker/docker/distribution/metadata"
+	"github.com/docker/docker/distribution/xfer"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/pkg/progress"
+	"github.com/docker/docker/reference"
+	"github.com/docker/docker/registry"
+	"github.com/docker/engine-api/types"
+	"golang.org/x/net/context"
+)
+
+// ImagePullConfig stores pull configuration.
+type ImagePullConfig struct {
+	// MetaHeaders stores HTTP headers with metadata about the image
+	MetaHeaders map[string][]string
+	// AuthConfig holds authentication credentials for authenticating with
+	// the registry.
+	AuthConfig *types.AuthConfig
+	// ProgressOutput is the interface for showing the status of the pull
+	// operation.
+	ProgressOutput progress.Output
+	// RegistryService is the registry service to use for TLS configuration
+	// and endpoint lookup.
+	RegistryService *registry.Service
+	// ImageEventLogger notifies events for a given image
+	ImageEventLogger func(id, name, action string)
+	// MetadataStore is the storage backend for distribution-specific
+	// metadata.
+	MetadataStore metadata.Store
+	// ImageStore manages images.
+	ImageStore image.Store
+	// ReferenceStore manages tags.
+	ReferenceStore reference.Store
+	// DownloadManager manages concurrent pulls.
+	DownloadManager *xfer.LayerDownloadManager
+}
+
+// Puller is an interface that abstracts pulling for different API versions.
+type Puller interface {
+	// Pull tries to pull the image referenced by `tag`
+	// Pull returns an error if any, as well as a boolean that determines whether to retry Pull on the next configured endpoint.
+	//
+	Pull(ctx context.Context, ref reference.Named) error
+}
+
+// newPuller returns a Puller interface that will pull from either a v1 or v2
+// registry. The endpoint argument contains a Version field that determines
+// whether a v1 or v2 puller will be created. The other parameters are passed
+// through to the underlying puller implementation for use during the actual
+// pull operation.
+func newPuller(endpoint registry.APIEndpoint, repoInfo *registry.RepositoryInfo, imagePullConfig *ImagePullConfig) (Puller, error) {
+	switch endpoint.Version {
+	case registry.APIVersion2:
+		return &v2Puller{
+			V2MetadataService: metadata.NewV2MetadataService(imagePullConfig.MetadataStore),
+			endpoint:          endpoint,
+			config:            imagePullConfig,
+			repoInfo:          repoInfo,
+		}, nil
+	case registry.APIVersion1:
+		return &v1Puller{
+			v1IDService: metadata.NewV1IDService(imagePullConfig.MetadataStore),
+			endpoint:    endpoint,
+			config:      imagePullConfig,
+			repoInfo:    repoInfo,
+		}, nil
+	}
+	return nil, fmt.Errorf("unknown version %d for registry %s", endpoint.Version, endpoint.URL)
+}
+
+// Pull initiates a pull operation. image is the repository name to pull, and
+// tag may be either empty, or indicate a specific tag to pull.
+func Pull(ctx context.Context, ref reference.Named, imagePullConfig *ImagePullConfig) error {
+	// Resolve the Repository name from fqn to RepositoryInfo
+	repoInfo, err := imagePullConfig.RegistryService.ResolveRepository(ref)
+	if err != nil {
+		return err
+	}
+
+	// makes sure name is not empty or `scratch`
+	if err := validateRepoName(repoInfo.Name()); err != nil {
+		return err
+	}
+
+	endpoints, err := imagePullConfig.RegistryService.LookupPullEndpoints(repoInfo.Hostname())
+	if err != nil {
+		return err
+	}
+
+	var (
+		lastErr error
+
+		// discardNoSupportErrors is used to track whether an endpoint encountered an error of type registry.ErrNoSupport
+		// By default it is false, which means that if a ErrNoSupport error is encountered, it will be saved in lastErr.
+		// As soon as another kind of error is encountered, discardNoSupportErrors is set to true, avoiding the saving of
+		// any subsequent ErrNoSupport errors in lastErr.
+		// It's needed for pull-by-digest on v1 endpoints: if there are only v1 endpoints configured, the error should be
+		// returned and displayed, but if there was a v2 endpoint which supports pull-by-digest, then the last relevant
+		// error is the ones from v2 endpoints not v1.
+		discardNoSupportErrors bool
+
+		// confirmedV2 is set to true if a pull attempt managed to
+		// confirm that it was talking to a v2 registry. This will
+		// prevent fallback to the v1 protocol.
+		confirmedV2 bool
+
+		// confirmedTLSRegistries is a map indicating which registries
+		// are known to be using TLS. There should never be a plaintext
+		// retry for any of these.
+		confirmedTLSRegistries = make(map[string]struct{})
+	)
+	for _, endpoint := range endpoints {
+		if confirmedV2 && endpoint.Version == registry.APIVersion1 {
+			logrus.Debugf("Skipping v1 endpoint %s because v2 registry was detected", endpoint.URL)
+			continue
+		}
+
+		if endpoint.URL.Scheme != "https" {
+			if _, confirmedTLS := confirmedTLSRegistries[endpoint.URL.Host]; confirmedTLS {
+				logrus.Debugf("Skipping non-TLS endpoint %s for host/port that appears to use TLS", endpoint.URL)
+				continue
+			}
+		}
+
+		logrus.Debugf("Trying to pull %s from %s %s", repoInfo.Name(), endpoint.URL, endpoint.Version)
+
+		puller, err := newPuller(endpoint, repoInfo, imagePullConfig)
+		if err != nil {
+			lastErr = err
+			continue
+		}
+		if err := puller.Pull(ctx, ref); err != nil {
+			// Was this pull cancelled? If so, don't try to fall
+			// back.
+			fallback := false
+			select {
+			case <-ctx.Done():
+			default:
+				if fallbackErr, ok := err.(fallbackError); ok {
+					fallback = true
+					confirmedV2 = confirmedV2 || fallbackErr.confirmedV2
+					if fallbackErr.transportOK && endpoint.URL.Scheme == "https" {
+						confirmedTLSRegistries[endpoint.URL.Host] = struct{}{}
+					}
+					err = fallbackErr.err
+				}
+			}
+			if fallback {
+				if _, ok := err.(ErrNoSupport); !ok {
+					// Because we found an error that's not ErrNoSupport, discard all subsequent ErrNoSupport errors.
+					discardNoSupportErrors = true
+					// append subsequent errors
+					lastErr = err
+				} else if !discardNoSupportErrors {
+					// Save the ErrNoSupport error, because it's either the first error or all encountered errors
+					// were also ErrNoSupport errors.
+					// append subsequent errors
+					lastErr = err
+				}
+				logrus.Errorf("Attempting next endpoint for pull after error: %v", err)
+				continue
+			}
+			logrus.Errorf("Not continuing with pull after error: %v", err)
+			return err
+		}
+
+		imagePullConfig.ImageEventLogger(ref.String(), repoInfo.Name(), "pull")
+		return nil
+	}
+
+	if lastErr == nil {
+		lastErr = fmt.Errorf("no endpoints found for %s", ref.String())
+	}
+
+	return lastErr
+}
+
+// writeStatus writes a status message to out. If layersDownloaded is true, the
+// status message indicates that a newer image was downloaded. Otherwise, it
+// indicates that the image is up to date. requestedTag is the tag the message
+// will refer to.
+func writeStatus(requestedTag string, out progress.Output, layersDownloaded bool) {
+	if layersDownloaded {
+		progress.Message(out, "", "Status: Downloaded newer image for "+requestedTag)
+	} else {
+		progress.Message(out, "", "Status: Image is up to date for "+requestedTag)
+	}
+}
+
+// validateRepoName validates the name of a repository.
+func validateRepoName(name string) error {
+	if name == "" {
+		return fmt.Errorf("Repository name can't be empty")
+	}
+	if name == api.NoBaseImageSpecifier {
+		return fmt.Errorf("'%s' is a reserved name", api.NoBaseImageSpecifier)
+	}
+	return nil
+}
diff --git a/distribution/pull_v1.go b/distribution/pull_v1.go
new file mode 100644
index 00000000..86fad2ef
--- /dev/null
+++ b/distribution/pull_v1.go
@@ -0,0 +1,362 @@
+package distribution
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net"
+	"net/url"
+	"os"
+	"strings"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/registry/client/transport"
+	"github.com/docker/docker/distribution/metadata"
+	"github.com/docker/docker/distribution/xfer"
+	"github.com/docker/docker/dockerversion"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/image/v1"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/pkg/progress"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/docker/reference"
+	"github.com/docker/docker/registry"
+	"golang.org/x/net/context"
+)
+
+type v1Puller struct {
+	v1IDService *metadata.V1IDService
+	endpoint    registry.APIEndpoint
+	config      *ImagePullConfig
+	repoInfo    *registry.RepositoryInfo
+	session     *registry.Session
+}
+
+func (p *v1Puller) Pull(ctx context.Context, ref reference.Named) error {
+	if _, isCanonical := ref.(reference.Canonical); isCanonical {
+		// Allowing fallback, because HTTPS v1 is before HTTP v2
+		return fallbackError{err: ErrNoSupport{Err: errors.New("Cannot pull by digest with v1 registry")}}
+	}
+
+	tlsConfig, err := p.config.RegistryService.TLSConfig(p.repoInfo.Index.Name)
+	if err != nil {
+		return err
+	}
+	// Adds Docker-specific headers as well as user-specified headers (metaHeaders)
+	tr := transport.NewTransport(
+		// TODO(tiborvass): was ReceiveTimeout
+		registry.NewTransport(tlsConfig),
+		registry.DockerHeaders(dockerversion.DockerUserAgent(ctx), p.config.MetaHeaders)...,
+	)
+	client := registry.HTTPClient(tr)
+	v1Endpoint, err := p.endpoint.ToV1Endpoint(dockerversion.DockerUserAgent(ctx), p.config.MetaHeaders)
+	if err != nil {
+		logrus.Debugf("Could not get v1 endpoint: %v", err)
+		return fallbackError{err: err}
+	}
+	p.session, err = registry.NewSession(client, p.config.AuthConfig, v1Endpoint)
+	if err != nil {
+		// TODO(dmcgowan): Check if should fallback
+		logrus.Debugf("Fallback from error: %s", err)
+		return fallbackError{err: err}
+	}
+	if err := p.pullRepository(ctx, ref); err != nil {
+		// TODO(dmcgowan): Check if should fallback
+		return err
+	}
+	progress.Message(p.config.ProgressOutput, "", p.repoInfo.FullName()+": this image was pulled from a legacy registry.  Important: This registry version will not be supported in future versions of docker.")
+
+	return nil
+}
+
+func (p *v1Puller) pullRepository(ctx context.Context, ref reference.Named) error {
+	progress.Message(p.config.ProgressOutput, "", "Pulling repository "+p.repoInfo.FullName())
+
+	repoData, err := p.session.GetRepositoryData(p.repoInfo)
+	if err != nil {
+		if strings.Contains(err.Error(), "HTTP code: 404") {
+			return fmt.Errorf("Error: image %s not found", p.repoInfo.RemoteName())
+		}
+		// Unexpected HTTP error
+		return err
+	}
+
+	logrus.Debugf("Retrieving the tag list")
+	var tagsList map[string]string
+	tagged, isTagged := ref.(reference.NamedTagged)
+	if !isTagged {
+		tagsList, err = p.session.GetRemoteTags(repoData.Endpoints, p.repoInfo)
+	} else {
+		var tagID string
+		tagsList = make(map[string]string)
+		tagID, err = p.session.GetRemoteTag(repoData.Endpoints, p.repoInfo, tagged.Tag())
+		if err == registry.ErrRepoNotFound {
+			return fmt.Errorf("Tag %s not found in repository %s", tagged.Tag(), p.repoInfo.FullName())
+		}
+		tagsList[tagged.Tag()] = tagID
+	}
+	if err != nil {
+		logrus.Errorf("unable to get remote tags: %s", err)
+		return err
+	}
+
+	for tag, id := range tagsList {
+		repoData.ImgList[id] = &registry.ImgData{
+			ID:       id,
+			Tag:      tag,
+			Checksum: "",
+		}
+	}
+
+	layersDownloaded := false
+	for _, imgData := range repoData.ImgList {
+		if isTagged && imgData.Tag != tagged.Tag() {
+			continue
+		}
+
+		err := p.downloadImage(ctx, repoData, imgData, &layersDownloaded)
+		if err != nil {
+			return err
+		}
+	}
+
+	writeStatus(ref.String(), p.config.ProgressOutput, layersDownloaded)
+	return nil
+}
+
+func (p *v1Puller) downloadImage(ctx context.Context, repoData *registry.RepositoryData, img *registry.ImgData, layersDownloaded *bool) error {
+	if img.Tag == "" {
+		logrus.Debugf("Image (id: %s) present in this repository but untagged, skipping", img.ID)
+		return nil
+	}
+
+	localNameRef, err := reference.WithTag(p.repoInfo, img.Tag)
+	if err != nil {
+		retErr := fmt.Errorf("Image (id: %s) has invalid tag: %s", img.ID, img.Tag)
+		logrus.Debug(retErr.Error())
+		return retErr
+	}
+
+	if err := v1.ValidateID(img.ID); err != nil {
+		return err
+	}
+
+	progress.Updatef(p.config.ProgressOutput, stringid.TruncateID(img.ID), "Pulling image (%s) from %s", img.Tag, p.repoInfo.FullName())
+	success := false
+	var lastErr error
+	for _, ep := range p.repoInfo.Index.Mirrors {
+		ep += "v1/"
+		progress.Updatef(p.config.ProgressOutput, stringid.TruncateID(img.ID), fmt.Sprintf("Pulling image (%s) from %s, mirror: %s", img.Tag, p.repoInfo.FullName(), ep))
+		if err = p.pullImage(ctx, img.ID, ep, localNameRef, layersDownloaded); err != nil {
+			// Don't report errors when pulling from mirrors.
+			logrus.Debugf("Error pulling image (%s) from %s, mirror: %s, %s", img.Tag, p.repoInfo.FullName(), ep, err)
+			continue
+		}
+		success = true
+		break
+	}
+	if !success {
+		for _, ep := range repoData.Endpoints {
+			progress.Updatef(p.config.ProgressOutput, stringid.TruncateID(img.ID), "Pulling image (%s) from %s, endpoint: %s", img.Tag, p.repoInfo.FullName(), ep)
+			if err = p.pullImage(ctx, img.ID, ep, localNameRef, layersDownloaded); err != nil {
+				// It's not ideal that only the last error is returned, it would be better to concatenate the errors.
+				// As the error is also given to the output stream the user will see the error.
+				lastErr = err
+				progress.Updatef(p.config.ProgressOutput, stringid.TruncateID(img.ID), "Error pulling image (%s) from %s, endpoint: %s, %s", img.Tag, p.repoInfo.FullName(), ep, err)
+				continue
+			}
+			success = true
+			break
+		}
+	}
+	if !success {
+		err := fmt.Errorf("Error pulling image (%s) from %s, %v", img.Tag, p.repoInfo.FullName(), lastErr)
+		progress.Update(p.config.ProgressOutput, stringid.TruncateID(img.ID), err.Error())
+		return err
+	}
+	return nil
+}
+
+func (p *v1Puller) pullImage(ctx context.Context, v1ID, endpoint string, localNameRef reference.Named, layersDownloaded *bool) (err error) {
+	var history []string
+	history, err = p.session.GetRemoteHistory(v1ID, endpoint)
+	if err != nil {
+		return err
+	}
+	if len(history) < 1 {
+		return fmt.Errorf("empty history for image %s", v1ID)
+	}
+	progress.Update(p.config.ProgressOutput, stringid.TruncateID(v1ID), "Pulling dependent layers")
+
+	var (
+		descriptors []xfer.DownloadDescriptor
+		newHistory  []image.History
+		imgJSON     []byte
+		imgSize     int64
+	)
+
+	// Iterate over layers, in order from bottom-most to top-most. Download
+	// config for all layers and create descriptors.
+	for i := len(history) - 1; i >= 0; i-- {
+		v1LayerID := history[i]
+		imgJSON, imgSize, err = p.downloadLayerConfig(v1LayerID, endpoint)
+		if err != nil {
+			return err
+		}
+
+		// Create a new-style config from the legacy configs
+		h, err := v1.HistoryFromConfig(imgJSON, false)
+		if err != nil {
+			return err
+		}
+		newHistory = append(newHistory, h)
+
+		layerDescriptor := &v1LayerDescriptor{
+			v1LayerID:        v1LayerID,
+			indexName:        p.repoInfo.Index.Name,
+			endpoint:         endpoint,
+			v1IDService:      p.v1IDService,
+			layersDownloaded: layersDownloaded,
+			layerSize:        imgSize,
+			session:          p.session,
+		}
+
+		descriptors = append(descriptors, layerDescriptor)
+	}
+
+	rootFS := image.NewRootFS()
+	resultRootFS, release, err := p.config.DownloadManager.Download(ctx, *rootFS, descriptors, p.config.ProgressOutput)
+	if err != nil {
+		return err
+	}
+	defer release()
+
+	config, err := v1.MakeConfigFromV1Config(imgJSON, &resultRootFS, newHistory)
+	if err != nil {
+		return err
+	}
+
+	imageID, err := p.config.ImageStore.Create(config)
+	if err != nil {
+		return err
+	}
+
+	if err := p.config.ReferenceStore.AddTag(localNameRef, imageID, true); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (p *v1Puller) downloadLayerConfig(v1LayerID, endpoint string) (imgJSON []byte, imgSize int64, err error) {
+	progress.Update(p.config.ProgressOutput, stringid.TruncateID(v1LayerID), "Pulling metadata")
+
+	retries := 5
+	for j := 1; j <= retries; j++ {
+		imgJSON, imgSize, err := p.session.GetRemoteImageJSON(v1LayerID, endpoint)
+		if err != nil && j == retries {
+			progress.Update(p.config.ProgressOutput, stringid.TruncateID(v1LayerID), "Error pulling layer metadata")
+			return nil, 0, err
+		} else if err != nil {
+			time.Sleep(time.Duration(j) * 500 * time.Millisecond)
+			continue
+		}
+
+		return imgJSON, imgSize, nil
+	}
+
+	// not reached
+	return nil, 0, nil
+}
+
+type v1LayerDescriptor struct {
+	v1LayerID        string
+	indexName        string
+	endpoint         string
+	v1IDService      *metadata.V1IDService
+	layersDownloaded *bool
+	layerSize        int64
+	session          *registry.Session
+	tmpFile          *os.File
+}
+
+func (ld *v1LayerDescriptor) Key() string {
+	return "v1:" + ld.v1LayerID
+}
+
+func (ld *v1LayerDescriptor) ID() string {
+	return stringid.TruncateID(ld.v1LayerID)
+}
+
+func (ld *v1LayerDescriptor) DiffID() (layer.DiffID, error) {
+	return ld.v1IDService.Get(ld.v1LayerID, ld.indexName)
+}
+
+func (ld *v1LayerDescriptor) Download(ctx context.Context, progressOutput progress.Output) (io.ReadCloser, int64, error) {
+	progress.Update(progressOutput, ld.ID(), "Pulling fs layer")
+	layerReader, err := ld.session.GetRemoteImageLayer(ld.v1LayerID, ld.endpoint, ld.layerSize)
+	if err != nil {
+		progress.Update(progressOutput, ld.ID(), "Error pulling dependent layers")
+		if uerr, ok := err.(*url.Error); ok {
+			err = uerr.Err
+		}
+		if terr, ok := err.(net.Error); ok && terr.Timeout() {
+			return nil, 0, err
+		}
+		return nil, 0, xfer.DoNotRetry{Err: err}
+	}
+	*ld.layersDownloaded = true
+
+	ld.tmpFile, err = ioutil.TempFile("", "GetImageBlob")
+	if err != nil {
+		layerReader.Close()
+		return nil, 0, err
+	}
+
+	reader := progress.NewProgressReader(ioutils.NewCancelReadCloser(ctx, layerReader), progressOutput, ld.layerSize, ld.ID(), "Downloading")
+	defer reader.Close()
+
+	_, err = io.Copy(ld.tmpFile, reader)
+	if err != nil {
+		ld.Close()
+		return nil, 0, err
+	}
+
+	progress.Update(progressOutput, ld.ID(), "Download complete")
+
+	logrus.Debugf("Downloaded %s to tempfile %s", ld.ID(), ld.tmpFile.Name())
+
+	ld.tmpFile.Seek(0, 0)
+
+	// hand off the temporary file to the download manager, so it will only
+	// be closed once
+	tmpFile := ld.tmpFile
+	ld.tmpFile = nil
+
+	return ioutils.NewReadCloserWrapper(tmpFile, func() error {
+		tmpFile.Close()
+		err := os.RemoveAll(tmpFile.Name())
+		if err != nil {
+			logrus.Errorf("Failed to remove temp file: %s", tmpFile.Name())
+		}
+		return err
+	}), ld.layerSize, nil
+}
+
+func (ld *v1LayerDescriptor) Close() {
+	if ld.tmpFile != nil {
+		ld.tmpFile.Close()
+		if err := os.RemoveAll(ld.tmpFile.Name()); err != nil {
+			logrus.Errorf("Failed to remove temp file: %s", ld.tmpFile.Name())
+		}
+		ld.tmpFile = nil
+	}
+}
+
+func (ld *v1LayerDescriptor) Registered(diffID layer.DiffID) {
+	// Cache mapping from this layer's DiffID to the blobsum
+	ld.v1IDService.Set(ld.v1LayerID, ld.indexName, diffID)
+}
diff --git a/distribution/pull_v2.go b/distribution/pull_v2.go
new file mode 100644
index 00000000..748ef422
--- /dev/null
+++ b/distribution/pull_v2.go
@@ -0,0 +1,840 @@
+package distribution
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net/url"
+	"os"
+	"runtime"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution"
+	"github.com/docker/distribution/digest"
+	"github.com/docker/distribution/manifest/manifestlist"
+	"github.com/docker/distribution/manifest/schema1"
+	"github.com/docker/distribution/manifest/schema2"
+	"github.com/docker/distribution/registry/api/errcode"
+	"github.com/docker/distribution/registry/client/auth"
+	"github.com/docker/distribution/registry/client/transport"
+	"github.com/docker/docker/distribution/metadata"
+	"github.com/docker/docker/distribution/xfer"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/image/v1"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/pkg/progress"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/docker/reference"
+	"github.com/docker/docker/registry"
+	"golang.org/x/net/context"
+)
+
+var errRootFSMismatch = errors.New("layers from manifest don't match image configuration")
+
+// ImageConfigPullError is an error pulling the image config blob
+// (only applies to schema2).
+type ImageConfigPullError struct {
+	Err error
+}
+
+// Error returns the error string for ImageConfigPullError.
+func (e ImageConfigPullError) Error() string {
+	return "error pulling image configuration: " + e.Err.Error()
+}
+
+type v2Puller struct {
+	V2MetadataService *metadata.V2MetadataService
+	endpoint          registry.APIEndpoint
+	config            *ImagePullConfig
+	repoInfo          *registry.RepositoryInfo
+	repo              distribution.Repository
+	// confirmedV2 is set to true if we confirm we're talking to a v2
+	// registry. This is used to limit fallbacks to the v1 protocol.
+	confirmedV2 bool
+}
+
+func (p *v2Puller) Pull(ctx context.Context, ref reference.Named) (err error) {
+	// TODO(tiborvass): was ReceiveTimeout
+	p.repo, p.confirmedV2, err = NewV2Repository(ctx, p.repoInfo, p.endpoint, p.config.MetaHeaders, p.config.AuthConfig, "pull")
+	if err != nil {
+		logrus.Warnf("Error getting v2 registry: %v", err)
+		return err
+	}
+
+	if err = p.pullV2Repository(ctx, ref); err != nil {
+		if _, ok := err.(fallbackError); ok {
+			return err
+		}
+		if continueOnError(err) {
+			logrus.Errorf("Error trying v2 registry: %v", err)
+			return fallbackError{
+				err:         err,
+				confirmedV2: p.confirmedV2,
+				transportOK: true,
+			}
+		}
+	}
+	return err
+}
+
+func (p *v2Puller) pullV2Repository(ctx context.Context, ref reference.Named) (err error) {
+	var layersDownloaded bool
+	if !reference.IsNameOnly(ref) {
+		layersDownloaded, err = p.pullV2Tag(ctx, ref)
+		if err != nil {
+			return err
+		}
+	} else {
+		tags, err := p.repo.Tags(ctx).All(ctx)
+		if err != nil {
+			// If this repository doesn't exist on V2, we should
+			// permit a fallback to V1.
+			return allowV1Fallback(err)
+		}
+
+		// The v2 registry knows about this repository, so we will not
+		// allow fallback to the v1 protocol even if we encounter an
+		// error later on.
+		p.confirmedV2 = true
+
+		for _, tag := range tags {
+			tagRef, err := reference.WithTag(ref, tag)
+			if err != nil {
+				return err
+			}
+			pulledNew, err := p.pullV2Tag(ctx, tagRef)
+			if err != nil {
+				// Since this is the pull-all-tags case, don't
+				// allow an error pulling a particular tag to
+				// make the whole pull fall back to v1.
+				if fallbackErr, ok := err.(fallbackError); ok {
+					return fallbackErr.err
+				}
+				return err
+			}
+			// pulledNew is true if either new layers were downloaded OR if existing images were newly tagged
+			// TODO(tiborvass): should we change the name of `layersDownload`? What about message in WriteStatus?
+			layersDownloaded = layersDownloaded || pulledNew
+		}
+	}
+
+	writeStatus(ref.String(), p.config.ProgressOutput, layersDownloaded)
+
+	return nil
+}
+
+type v2LayerDescriptor struct {
+	digest            digest.Digest
+	repoInfo          *registry.RepositoryInfo
+	repo              distribution.Repository
+	V2MetadataService *metadata.V2MetadataService
+	tmpFile           *os.File
+	verifier          digest.Verifier
+}
+
+func (ld *v2LayerDescriptor) Key() string {
+	return "v2:" + ld.digest.String()
+}
+
+func (ld *v2LayerDescriptor) ID() string {
+	return stringid.TruncateID(ld.digest.String())
+}
+
+func (ld *v2LayerDescriptor) DiffID() (layer.DiffID, error) {
+	return ld.V2MetadataService.GetDiffID(ld.digest)
+}
+
+func (ld *v2LayerDescriptor) Download(ctx context.Context, progressOutput progress.Output) (io.ReadCloser, int64, error) {
+	logrus.Debugf("pulling blob %q", ld.digest)
+
+	var (
+		err    error
+		offset int64
+	)
+
+	if ld.tmpFile == nil {
+		ld.tmpFile, err = createDownloadFile()
+		if err != nil {
+			return nil, 0, xfer.DoNotRetry{Err: err}
+		}
+	} else {
+		offset, err = ld.tmpFile.Seek(0, os.SEEK_END)
+		if err != nil {
+			logrus.Debugf("error seeking to end of download file: %v", err)
+			offset = 0
+
+			ld.tmpFile.Close()
+			if err := os.Remove(ld.tmpFile.Name()); err != nil {
+				logrus.Errorf("Failed to remove temp file: %s", ld.tmpFile.Name())
+			}
+			ld.tmpFile, err = createDownloadFile()
+			if err != nil {
+				return nil, 0, xfer.DoNotRetry{Err: err}
+			}
+		} else if offset != 0 {
+			logrus.Debugf("attempting to resume download of %q from %d bytes", ld.digest, offset)
+		}
+	}
+
+	tmpFile := ld.tmpFile
+	blobs := ld.repo.Blobs(ctx)
+
+	layerDownload, err := blobs.Open(ctx, ld.digest)
+	if err != nil {
+		logrus.Errorf("Error initiating layer download: %v", err)
+		if err == distribution.ErrBlobUnknown {
+			return nil, 0, xfer.DoNotRetry{Err: err}
+		}
+		return nil, 0, retryOnError(err)
+	}
+
+	if offset != 0 {
+		_, err := layerDownload.Seek(offset, os.SEEK_SET)
+		if err != nil {
+			if err := ld.truncateDownloadFile(); err != nil {
+				return nil, 0, xfer.DoNotRetry{Err: err}
+			}
+			return nil, 0, err
+		}
+	}
+	size, err := layerDownload.Seek(0, os.SEEK_END)
+	if err != nil {
+		// Seek failed, perhaps because there was no Content-Length
+		// header. This shouldn't fail the download, because we can
+		// still continue without a progress bar.
+		size = 0
+	} else {
+		if size != 0 && offset > size {
+			logrus.Debugf("Partial download is larger than full blob. Starting over")
+			offset = 0
+			if err := ld.truncateDownloadFile(); err != nil {
+				return nil, 0, xfer.DoNotRetry{Err: err}
+			}
+		}
+
+		// Restore the seek offset either at the beginning of the
+		// stream, or just after the last byte we have from previous
+		// attempts.
+		_, err = layerDownload.Seek(offset, os.SEEK_SET)
+		if err != nil {
+			return nil, 0, err
+		}
+	}
+
+	reader := progress.NewProgressReader(ioutils.NewCancelReadCloser(ctx, layerDownload), progressOutput, size-offset, ld.ID(), "Downloading")
+	defer reader.Close()
+
+	if ld.verifier == nil {
+		ld.verifier, err = digest.NewDigestVerifier(ld.digest)
+		if err != nil {
+			return nil, 0, xfer.DoNotRetry{Err: err}
+		}
+	}
+
+	_, err = io.Copy(tmpFile, io.TeeReader(reader, ld.verifier))
+	if err != nil {
+		if err == transport.ErrWrongCodeForByteRange {
+			if err := ld.truncateDownloadFile(); err != nil {
+				return nil, 0, xfer.DoNotRetry{Err: err}
+			}
+			return nil, 0, err
+		}
+		return nil, 0, retryOnError(err)
+	}
+
+	progress.Update(progressOutput, ld.ID(), "Verifying Checksum")
+
+	if !ld.verifier.Verified() {
+		err = fmt.Errorf("filesystem layer verification failed for digest %s", ld.digest)
+		logrus.Error(err)
+
+		// Allow a retry if this digest verification error happened
+		// after a resumed download.
+		if offset != 0 {
+			if err := ld.truncateDownloadFile(); err != nil {
+				return nil, 0, xfer.DoNotRetry{Err: err}
+			}
+
+			return nil, 0, err
+		}
+		return nil, 0, xfer.DoNotRetry{Err: err}
+	}
+
+	progress.Update(progressOutput, ld.ID(), "Download complete")
+
+	logrus.Debugf("Downloaded %s to tempfile %s", ld.ID(), tmpFile.Name())
+
+	_, err = tmpFile.Seek(0, os.SEEK_SET)
+	if err != nil {
+		tmpFile.Close()
+		if err := os.Remove(tmpFile.Name()); err != nil {
+			logrus.Errorf("Failed to remove temp file: %s", tmpFile.Name())
+		}
+		ld.tmpFile = nil
+		ld.verifier = nil
+		return nil, 0, xfer.DoNotRetry{Err: err}
+	}
+
+	// hand off the temporary file to the download manager, so it will only
+	// be closed once
+	ld.tmpFile = nil
+
+	return ioutils.NewReadCloserWrapper(tmpFile, func() error {
+		tmpFile.Close()
+		err := os.RemoveAll(tmpFile.Name())
+		if err != nil {
+			logrus.Errorf("Failed to remove temp file: %s", tmpFile.Name())
+		}
+		return err
+	}), size, nil
+}
+
+func (ld *v2LayerDescriptor) Close() {
+	if ld.tmpFile != nil {
+		ld.tmpFile.Close()
+		if err := os.RemoveAll(ld.tmpFile.Name()); err != nil {
+			logrus.Errorf("Failed to remove temp file: %s", ld.tmpFile.Name())
+		}
+	}
+}
+
+func (ld *v2LayerDescriptor) truncateDownloadFile() error {
+	// Need a new hash context since we will be redoing the download
+	ld.verifier = nil
+
+	if _, err := ld.tmpFile.Seek(0, os.SEEK_SET); err != nil {
+		logrus.Errorf("error seeking to beginning of download file: %v", err)
+		return err
+	}
+
+	if err := ld.tmpFile.Truncate(0); err != nil {
+		logrus.Errorf("error truncating download file: %v", err)
+		return err
+	}
+
+	return nil
+}
+
+func (ld *v2LayerDescriptor) Registered(diffID layer.DiffID) {
+	// Cache mapping from this layer's DiffID to the blobsum
+	ld.V2MetadataService.Add(diffID, metadata.V2Metadata{Digest: ld.digest, SourceRepository: ld.repoInfo.FullName()})
+}
+
+func (p *v2Puller) pullV2Tag(ctx context.Context, ref reference.Named) (tagUpdated bool, err error) {
+	manSvc, err := p.repo.Manifests(ctx)
+	if err != nil {
+		return false, err
+	}
+
+	var (
+		manifest    distribution.Manifest
+		tagOrDigest string // Used for logging/progress only
+	)
+	if tagged, isTagged := ref.(reference.NamedTagged); isTagged {
+		// NOTE: not using TagService.Get, since it uses HEAD requests
+		// against the manifests endpoint, which are not supported by
+		// all registry versions.
+		manifest, err = manSvc.Get(ctx, "", distribution.WithTag(tagged.Tag()))
+		if err != nil {
+			return false, allowV1Fallback(err)
+		}
+		tagOrDigest = tagged.Tag()
+	} else if digested, isDigested := ref.(reference.Canonical); isDigested {
+		manifest, err = manSvc.Get(ctx, digested.Digest())
+		if err != nil {
+			return false, err
+		}
+		tagOrDigest = digested.Digest().String()
+	} else {
+		return false, fmt.Errorf("internal error: reference has neither a tag nor a digest: %s", ref.String())
+	}
+
+	if manifest == nil {
+		return false, fmt.Errorf("image manifest does not exist for tag or digest %q", tagOrDigest)
+	}
+
+	// If manSvc.Get succeeded, we can be confident that the registry on
+	// the other side speaks the v2 protocol.
+	p.confirmedV2 = true
+
+	logrus.Debugf("Pulling ref from V2 registry: %s", ref.String())
+	progress.Message(p.config.ProgressOutput, tagOrDigest, "Pulling from "+p.repo.Named().Name())
+
+	var (
+		imageID        image.ID
+		manifestDigest digest.Digest
+	)
+
+	switch v := manifest.(type) {
+	case *schema1.SignedManifest:
+		imageID, manifestDigest, err = p.pullSchema1(ctx, ref, v)
+		if err != nil {
+			return false, err
+		}
+	case *schema2.DeserializedManifest:
+		imageID, manifestDigest, err = p.pullSchema2(ctx, ref, v)
+		if err != nil {
+			return false, err
+		}
+	case *manifestlist.DeserializedManifestList:
+		imageID, manifestDigest, err = p.pullManifestList(ctx, ref, v)
+		if err != nil {
+			return false, err
+		}
+	default:
+		return false, errors.New("unsupported manifest format")
+	}
+
+	progress.Message(p.config.ProgressOutput, "", "Digest: "+manifestDigest.String())
+
+	oldTagImageID, err := p.config.ReferenceStore.Get(ref)
+	if err == nil {
+		if oldTagImageID == imageID {
+			return false, nil
+		}
+	} else if err != reference.ErrDoesNotExist {
+		return false, err
+	}
+
+	if canonical, ok := ref.(reference.Canonical); ok {
+		if err = p.config.ReferenceStore.AddDigest(canonical, imageID, true); err != nil {
+			return false, err
+		}
+	} else if err = p.config.ReferenceStore.AddTag(ref, imageID, true); err != nil {
+		return false, err
+	}
+
+	return true, nil
+}
+
+func (p *v2Puller) pullSchema1(ctx context.Context, ref reference.Named, unverifiedManifest *schema1.SignedManifest) (imageID image.ID, manifestDigest digest.Digest, err error) {
+	var verifiedManifest *schema1.Manifest
+	verifiedManifest, err = verifySchema1Manifest(unverifiedManifest, ref)
+	if err != nil {
+		return "", "", err
+	}
+
+	rootFS := image.NewRootFS()
+
+	if err := detectBaseLayer(p.config.ImageStore, verifiedManifest, rootFS); err != nil {
+		return "", "", err
+	}
+
+	// remove duplicate layers and check parent chain validity
+	err = fixManifestLayers(verifiedManifest)
+	if err != nil {
+		return "", "", err
+	}
+
+	var descriptors []xfer.DownloadDescriptor
+
+	// Image history converted to the new format
+	var history []image.History
+
+	// Note that the order of this loop is in the direction of bottom-most
+	// to top-most, so that the downloads slice gets ordered correctly.
+	for i := len(verifiedManifest.FSLayers) - 1; i >= 0; i-- {
+		blobSum := verifiedManifest.FSLayers[i].BlobSum
+
+		var throwAway struct {
+			ThrowAway bool `json:"throwaway,omitempty"`
+		}
+		if err := json.Unmarshal([]byte(verifiedManifest.History[i].V1Compatibility), &throwAway); err != nil {
+			return "", "", err
+		}
+
+		h, err := v1.HistoryFromConfig([]byte(verifiedManifest.History[i].V1Compatibility), throwAway.ThrowAway)
+		if err != nil {
+			return "", "", err
+		}
+		history = append(history, h)
+
+		if throwAway.ThrowAway {
+			continue
+		}
+
+		layerDescriptor := &v2LayerDescriptor{
+			digest:            blobSum,
+			repoInfo:          p.repoInfo,
+			repo:              p.repo,
+			V2MetadataService: p.V2MetadataService,
+		}
+
+		descriptors = append(descriptors, layerDescriptor)
+	}
+
+	resultRootFS, release, err := p.config.DownloadManager.Download(ctx, *rootFS, descriptors, p.config.ProgressOutput)
+	if err != nil {
+		return "", "", err
+	}
+	defer release()
+
+	config, err := v1.MakeConfigFromV1Config([]byte(verifiedManifest.History[0].V1Compatibility), &resultRootFS, history)
+	if err != nil {
+		return "", "", err
+	}
+
+	imageID, err = p.config.ImageStore.Create(config)
+	if err != nil {
+		return "", "", err
+	}
+
+	manifestDigest = digest.FromBytes(unverifiedManifest.Canonical)
+
+	return imageID, manifestDigest, nil
+}
+
+func (p *v2Puller) pullSchema2(ctx context.Context, ref reference.Named, mfst *schema2.DeserializedManifest) (imageID image.ID, manifestDigest digest.Digest, err error) {
+	manifestDigest, err = schema2ManifestDigest(ref, mfst)
+	if err != nil {
+		return "", "", err
+	}
+
+	target := mfst.Target()
+	imageID = image.ID(target.Digest)
+	if _, err := p.config.ImageStore.Get(imageID); err == nil {
+		// If the image already exists locally, no need to pull
+		// anything.
+		return imageID, manifestDigest, nil
+	}
+
+	configChan := make(chan []byte, 1)
+	errChan := make(chan error, 1)
+	var cancel func()
+	ctx, cancel = context.WithCancel(ctx)
+
+	// Pull the image config
+	go func() {
+		configJSON, err := p.pullSchema2ImageConfig(ctx, target.Digest)
+		if err != nil {
+			errChan <- ImageConfigPullError{Err: err}
+			cancel()
+			return
+		}
+		configChan <- configJSON
+	}()
+
+	var descriptors []xfer.DownloadDescriptor
+
+	// Note that the order of this loop is in the direction of bottom-most
+	// to top-most, so that the downloads slice gets ordered correctly.
+	for _, d := range mfst.References() {
+		layerDescriptor := &v2LayerDescriptor{
+			digest:            d.Digest,
+			repo:              p.repo,
+			repoInfo:          p.repoInfo,
+			V2MetadataService: p.V2MetadataService,
+		}
+
+		descriptors = append(descriptors, layerDescriptor)
+	}
+
+	var (
+		configJSON         []byte       // raw serialized image config
+		unmarshalledConfig image.Image  // deserialized image config
+		downloadRootFS     image.RootFS // rootFS to use for registering layers.
+	)
+	if runtime.GOOS == "windows" {
+		configJSON, unmarshalledConfig, err = receiveConfig(configChan, errChan)
+		if err != nil {
+			return "", "", err
+		}
+		if unmarshalledConfig.RootFS == nil {
+			return "", "", errors.New("image config has no rootfs section")
+		}
+		downloadRootFS = *unmarshalledConfig.RootFS
+		downloadRootFS.DiffIDs = []layer.DiffID{}
+	} else {
+		downloadRootFS = *image.NewRootFS()
+	}
+
+	rootFS, release, err := p.config.DownloadManager.Download(ctx, downloadRootFS, descriptors, p.config.ProgressOutput)
+	if err != nil {
+		if configJSON != nil {
+			// Already received the config
+			return "", "", err
+		}
+		select {
+		case err = <-errChan:
+			return "", "", err
+		default:
+			cancel()
+			select {
+			case <-configChan:
+			case <-errChan:
+			}
+			return "", "", err
+		}
+	}
+	defer release()
+
+	if configJSON == nil {
+		configJSON, unmarshalledConfig, err = receiveConfig(configChan, errChan)
+		if err != nil {
+			return "", "", err
+		}
+	}
+
+	// The DiffIDs returned in rootFS MUST match those in the config.
+	// Otherwise the image config could be referencing layers that aren't
+	// included in the manifest.
+	if len(rootFS.DiffIDs) != len(unmarshalledConfig.RootFS.DiffIDs) {
+		return "", "", errRootFSMismatch
+	}
+
+	for i := range rootFS.DiffIDs {
+		if rootFS.DiffIDs[i] != unmarshalledConfig.RootFS.DiffIDs[i] {
+			return "", "", errRootFSMismatch
+		}
+	}
+
+	imageID, err = p.config.ImageStore.Create(configJSON)
+	if err != nil {
+		return "", "", err
+	}
+
+	return imageID, manifestDigest, nil
+}
+
+func receiveConfig(configChan <-chan []byte, errChan <-chan error) ([]byte, image.Image, error) {
+	select {
+	case configJSON := <-configChan:
+		var unmarshalledConfig image.Image
+		if err := json.Unmarshal(configJSON, &unmarshalledConfig); err != nil {
+			return nil, image.Image{}, err
+		}
+		return configJSON, unmarshalledConfig, nil
+	case err := <-errChan:
+		return nil, image.Image{}, err
+		// Don't need a case for ctx.Done in the select because cancellation
+		// will trigger an error in p.pullSchema2ImageConfig.
+	}
+}
+
+// pullManifestList handles "manifest lists" which point to various
+// platform-specifc manifests.
+func (p *v2Puller) pullManifestList(ctx context.Context, ref reference.Named, mfstList *manifestlist.DeserializedManifestList) (imageID image.ID, manifestListDigest digest.Digest, err error) {
+	manifestListDigest, err = schema2ManifestDigest(ref, mfstList)
+	if err != nil {
+		return "", "", err
+	}
+
+	var manifestDigest digest.Digest
+	for _, manifestDescriptor := range mfstList.Manifests {
+		// TODO(aaronl): The manifest list spec supports optional
+		// "features" and "variant" fields. These are not yet used.
+		// Once they are, their values should be interpreted here.
+		if manifestDescriptor.Platform.Architecture == runtime.GOARCH && manifestDescriptor.Platform.OS == runtime.GOOS {
+			manifestDigest = manifestDescriptor.Digest
+			break
+		}
+	}
+
+	if manifestDigest == "" {
+		return "", "", errors.New("no supported platform found in manifest list")
+	}
+
+	manSvc, err := p.repo.Manifests(ctx)
+	if err != nil {
+		return "", "", err
+	}
+
+	manifest, err := manSvc.Get(ctx, manifestDigest)
+	if err != nil {
+		return "", "", err
+	}
+
+	manifestRef, err := reference.WithDigest(ref, manifestDigest)
+	if err != nil {
+		return "", "", err
+	}
+
+	switch v := manifest.(type) {
+	case *schema1.SignedManifest:
+		imageID, _, err = p.pullSchema1(ctx, manifestRef, v)
+		if err != nil {
+			return "", "", err
+		}
+	case *schema2.DeserializedManifest:
+		imageID, _, err = p.pullSchema2(ctx, manifestRef, v)
+		if err != nil {
+			return "", "", err
+		}
+	default:
+		return "", "", errors.New("unsupported manifest format")
+	}
+
+	return imageID, manifestListDigest, err
+}
+
+func (p *v2Puller) pullSchema2ImageConfig(ctx context.Context, dgst digest.Digest) (configJSON []byte, err error) {
+	blobs := p.repo.Blobs(ctx)
+	configJSON, err = blobs.Get(ctx, dgst)
+	if err != nil {
+		return nil, err
+	}
+
+	// Verify image config digest
+	verifier, err := digest.NewDigestVerifier(dgst)
+	if err != nil {
+		return nil, err
+	}
+	if _, err := verifier.Write(configJSON); err != nil {
+		return nil, err
+	}
+	if !verifier.Verified() {
+		err := fmt.Errorf("image config verification failed for digest %s", dgst)
+		logrus.Error(err)
+		return nil, err
+	}
+
+	return configJSON, nil
+}
+
+// schema2ManifestDigest computes the manifest digest, and, if pulling by
+// digest, ensures that it matches the requested digest.
+func schema2ManifestDigest(ref reference.Named, mfst distribution.Manifest) (digest.Digest, error) {
+	_, canonical, err := mfst.Payload()
+	if err != nil {
+		return "", err
+	}
+
+	// If pull by digest, then verify the manifest digest.
+	if digested, isDigested := ref.(reference.Canonical); isDigested {
+		verifier, err := digest.NewDigestVerifier(digested.Digest())
+		if err != nil {
+			return "", err
+		}
+		if _, err := verifier.Write(canonical); err != nil {
+			return "", err
+		}
+		if !verifier.Verified() {
+			err := fmt.Errorf("manifest verification failed for digest %s", digested.Digest())
+			logrus.Error(err)
+			return "", err
+		}
+		return digested.Digest(), nil
+	}
+
+	return digest.FromBytes(canonical), nil
+}
+
+// allowV1Fallback checks if the error is a possible reason to fallback to v1
+// (even if confirmedV2 has been set already), and if so, wraps the error in
+// a fallbackError with confirmedV2 set to false. Otherwise, it returns the
+// error unmodified.
+func allowV1Fallback(err error) error {
+	switch v := err.(type) {
+	case errcode.Errors:
+		if len(v) != 0 {
+			if v0, ok := v[0].(errcode.Error); ok && shouldV2Fallback(v0) {
+				return fallbackError{
+					err:         err,
+					confirmedV2: false,
+					transportOK: true,
+				}
+			}
+		}
+	case errcode.Error:
+		if shouldV2Fallback(v) {
+			return fallbackError{
+				err:         err,
+				confirmedV2: false,
+				transportOK: true,
+			}
+		}
+	case *url.Error:
+		if v.Err == auth.ErrNoBasicAuthCredentials {
+			return fallbackError{err: err, confirmedV2: false}
+		}
+	}
+
+	return err
+}
+
+func verifySchema1Manifest(signedManifest *schema1.SignedManifest, ref reference.Named) (m *schema1.Manifest, err error) {
+	// If pull by digest, then verify the manifest digest. NOTE: It is
+	// important to do this first, before any other content validation. If the
+	// digest cannot be verified, don't even bother with those other things.
+	if digested, isCanonical := ref.(reference.Canonical); isCanonical {
+		verifier, err := digest.NewDigestVerifier(digested.Digest())
+		if err != nil {
+			return nil, err
+		}
+		if _, err := verifier.Write(signedManifest.Canonical); err != nil {
+			return nil, err
+		}
+		if !verifier.Verified() {
+			err := fmt.Errorf("image verification failed for digest %s", digested.Digest())
+			logrus.Error(err)
+			return nil, err
+		}
+	}
+	m = &signedManifest.Manifest
+
+	if m.SchemaVersion != 1 {
+		return nil, fmt.Errorf("unsupported schema version %d for %q", m.SchemaVersion, ref.String())
+	}
+	if len(m.FSLayers) != len(m.History) {
+		return nil, fmt.Errorf("length of history not equal to number of layers for %q", ref.String())
+	}
+	if len(m.FSLayers) == 0 {
+		return nil, fmt.Errorf("no FSLayers in manifest for %q", ref.String())
+	}
+	return m, nil
+}
+
+// fixManifestLayers removes repeated layers from the manifest and checks the
+// correctness of the parent chain.
+func fixManifestLayers(m *schema1.Manifest) error {
+	imgs := make([]*image.V1Image, len(m.FSLayers))
+	for i := range m.FSLayers {
+		img := &image.V1Image{}
+
+		if err := json.Unmarshal([]byte(m.History[i].V1Compatibility), img); err != nil {
+			return err
+		}
+
+		imgs[i] = img
+		if err := v1.ValidateID(img.ID); err != nil {
+			return err
+		}
+	}
+
+	if imgs[len(imgs)-1].Parent != "" && runtime.GOOS != "windows" {
+		// Windows base layer can point to a base layer parent that is not in manifest.
+		return errors.New("Invalid parent ID in the base layer of the image.")
+	}
+
+	// check general duplicates to error instead of a deadlock
+	idmap := make(map[string]struct{})
+
+	var lastID string
+	for _, img := range imgs {
+		// skip IDs that appear after each other, we handle those later
+		if _, exists := idmap[img.ID]; img.ID != lastID && exists {
+			return fmt.Errorf("ID %+v appears multiple times in manifest", img.ID)
+		}
+		lastID = img.ID
+		idmap[lastID] = struct{}{}
+	}
+
+	// backwards loop so that we keep the remaining indexes after removing items
+	for i := len(imgs) - 2; i >= 0; i-- {
+		if imgs[i].ID == imgs[i+1].ID { // repeated ID. remove and continue
+			m.FSLayers = append(m.FSLayers[:i], m.FSLayers[i+1:]...)
+			m.History = append(m.History[:i], m.History[i+1:]...)
+		} else if imgs[i].Parent != imgs[i+1].ID {
+			return fmt.Errorf("Invalid parent ID. Expected %v, got %v.", imgs[i+1].ID, imgs[i].Parent)
+		}
+	}
+
+	return nil
+}
+
+func createDownloadFile() (*os.File, error) {
+	return ioutil.TempFile("", "GetImageBlob")
+}
diff --git a/distribution/pull_v2_test.go b/distribution/pull_v2_test.go
new file mode 100644
index 00000000..8555c81e
--- /dev/null
+++ b/distribution/pull_v2_test.go
@@ -0,0 +1,183 @@
+package distribution
+
+import (
+	"encoding/json"
+	"io/ioutil"
+	"reflect"
+	"runtime"
+	"strings"
+	"testing"
+
+	"github.com/docker/distribution/digest"
+	"github.com/docker/distribution/manifest/schema1"
+	"github.com/docker/docker/reference"
+)
+
+// TestFixManifestLayers checks that fixManifestLayers removes a duplicate
+// layer, and that it makes no changes to the manifest when called a second
+// time, after the duplicate is removed.
+func TestFixManifestLayers(t *testing.T) {
+	duplicateLayerManifest := schema1.Manifest{
+		FSLayers: []schema1.FSLayer{
+			{BlobSum: digest.Digest("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4")},
+			{BlobSum: digest.Digest("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4")},
+			{BlobSum: digest.Digest("sha256:86e0e091d0da6bde2456dbb48306f3956bbeb2eae1b5b9a43045843f69fe4aaa")},
+		},
+		History: []schema1.History{
+			{V1Compatibility: "{\"id\":\"3b38edc92eb7c074812e217b41a6ade66888531009d6286a6f5f36a06f9841b9\",\"parent\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"created\":\"2015-08-19T16:49:11.368300679Z\",\"container\":\"d91be3479d5b1e84b0c00d18eea9dc777ca0ad166d51174b24283e2e6f104253\",\"container_config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":[\"/bin/sh\",\"-c\",\"#(nop) ENTRYPOINT [\\\"/go/bin/dnsdock\\\"]\"],\"Image\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":[\"/go/bin/dnsdock\"],\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"docker_version\":\"1.6.2\",\"config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":null,\"Image\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":[\"/go/bin/dnsdock\"],\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":0}\n"},
+			{V1Compatibility: "{\"id\":\"3b38edc92eb7c074812e217b41a6ade66888531009d6286a6f5f36a06f9841b9\",\"parent\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"created\":\"2015-08-19T16:49:11.368300679Z\",\"container\":\"d91be3479d5b1e84b0c00d18eea9dc777ca0ad166d51174b24283e2e6f104253\",\"container_config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":[\"/bin/sh\",\"-c\",\"#(nop) ENTRYPOINT [\\\"/go/bin/dnsdock\\\"]\"],\"Image\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":[\"/go/bin/dnsdock\"],\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"docker_version\":\"1.6.2\",\"config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":null,\"Image\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":[\"/go/bin/dnsdock\"],\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":0}\n"},
+			{V1Compatibility: "{\"id\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"created\":\"2015-08-19T16:49:07.568027497Z\",\"container\":\"fe9e5a5264a843c9292d17b736c92dd19bdb49986a8782d7389964ddaff887cc\",\"container_config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":[\"/bin/sh\",\"-c\",\"cd /go/src/github.com/tonistiigi/dnsdock \\u0026\\u0026     go get -v github.com/tools/godep \\u0026\\u0026     godep restore \\u0026\\u0026     go install -ldflags \\\"-X main.version `git describe --tags HEAD``if [[ -n $(command git status --porcelain --untracked-files=no 2\\u003e/dev/null) ]]; then echo \\\"-dirty\\\"; fi`\\\" ./...\"],\"Image\":\"e3b0ff09e647595dafee15c54cd632c900df9e82b1d4d313b1e20639a1461779\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"docker_version\":\"1.6.2\",\"config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":[\"/bin/bash\"],\"Image\":\"e3b0ff09e647595dafee15c54cd632c900df9e82b1d4d313b1e20639a1461779\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":118430532}\n"},
+		},
+	}
+
+	duplicateLayerManifestExpectedOutput := schema1.Manifest{
+		FSLayers: []schema1.FSLayer{
+			{BlobSum: digest.Digest("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4")},
+			{BlobSum: digest.Digest("sha256:86e0e091d0da6bde2456dbb48306f3956bbeb2eae1b5b9a43045843f69fe4aaa")},
+		},
+		History: []schema1.History{
+			{V1Compatibility: "{\"id\":\"3b38edc92eb7c074812e217b41a6ade66888531009d6286a6f5f36a06f9841b9\",\"parent\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"created\":\"2015-08-19T16:49:11.368300679Z\",\"container\":\"d91be3479d5b1e84b0c00d18eea9dc777ca0ad166d51174b24283e2e6f104253\",\"container_config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":[\"/bin/sh\",\"-c\",\"#(nop) ENTRYPOINT [\\\"/go/bin/dnsdock\\\"]\"],\"Image\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":[\"/go/bin/dnsdock\"],\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"docker_version\":\"1.6.2\",\"config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":null,\"Image\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":[\"/go/bin/dnsdock\"],\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":0}\n"},
+			{V1Compatibility: "{\"id\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"created\":\"2015-08-19T16:49:07.568027497Z\",\"container\":\"fe9e5a5264a843c9292d17b736c92dd19bdb49986a8782d7389964ddaff887cc\",\"container_config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":[\"/bin/sh\",\"-c\",\"cd /go/src/github.com/tonistiigi/dnsdock \\u0026\\u0026     go get -v github.com/tools/godep \\u0026\\u0026     godep restore \\u0026\\u0026     go install -ldflags \\\"-X main.version `git describe --tags HEAD``if [[ -n $(command git status --porcelain --untracked-files=no 2\\u003e/dev/null) ]]; then echo \\\"-dirty\\\"; fi`\\\" ./...\"],\"Image\":\"e3b0ff09e647595dafee15c54cd632c900df9e82b1d4d313b1e20639a1461779\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"docker_version\":\"1.6.2\",\"config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":[\"/bin/bash\"],\"Image\":\"e3b0ff09e647595dafee15c54cd632c900df9e82b1d4d313b1e20639a1461779\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":118430532}\n"},
+		},
+	}
+
+	if err := fixManifestLayers(&duplicateLayerManifest); err != nil {
+		t.Fatalf("unexpected error from fixManifestLayers: %v", err)
+	}
+
+	if !reflect.DeepEqual(duplicateLayerManifest, duplicateLayerManifestExpectedOutput) {
+		t.Fatal("incorrect output from fixManifestLayers on duplicate layer manifest")
+	}
+
+	// Run fixManifestLayers again and confirm that it doesn't change the
+	// manifest (which no longer has duplicate layers).
+	if err := fixManifestLayers(&duplicateLayerManifest); err != nil {
+		t.Fatalf("unexpected error from fixManifestLayers: %v", err)
+	}
+
+	if !reflect.DeepEqual(duplicateLayerManifest, duplicateLayerManifestExpectedOutput) {
+		t.Fatal("incorrect output from fixManifestLayers on duplicate layer manifest (second pass)")
+	}
+}
+
+// TestFixManifestLayersBaseLayerParent makes sure that fixManifestLayers fails
+// if the base layer configuration specifies a parent.
+func TestFixManifestLayersBaseLayerParent(t *testing.T) {
+	// TODO Windows: Fix this unit text
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs fixing on Windows")
+	}
+	duplicateLayerManifest := schema1.Manifest{
+		FSLayers: []schema1.FSLayer{
+			{BlobSum: digest.Digest("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4")},
+			{BlobSum: digest.Digest("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4")},
+			{BlobSum: digest.Digest("sha256:86e0e091d0da6bde2456dbb48306f3956bbeb2eae1b5b9a43045843f69fe4aaa")},
+		},
+		History: []schema1.History{
+			{V1Compatibility: "{\"id\":\"3b38edc92eb7c074812e217b41a6ade66888531009d6286a6f5f36a06f9841b9\",\"parent\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"created\":\"2015-08-19T16:49:11.368300679Z\",\"container\":\"d91be3479d5b1e84b0c00d18eea9dc777ca0ad166d51174b24283e2e6f104253\",\"container_config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":[\"/bin/sh\",\"-c\",\"#(nop) ENTRYPOINT [\\\"/go/bin/dnsdock\\\"]\"],\"Image\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":[\"/go/bin/dnsdock\"],\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"docker_version\":\"1.6.2\",\"config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":null,\"Image\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":[\"/go/bin/dnsdock\"],\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":0}\n"},
+			{V1Compatibility: "{\"id\":\"3b38edc92eb7c074812e217b41a6ade66888531009d6286a6f5f36a06f9841b9\",\"parent\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"created\":\"2015-08-19T16:49:11.368300679Z\",\"container\":\"d91be3479d5b1e84b0c00d18eea9dc777ca0ad166d51174b24283e2e6f104253\",\"container_config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":[\"/bin/sh\",\"-c\",\"#(nop) ENTRYPOINT [\\\"/go/bin/dnsdock\\\"]\"],\"Image\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":[\"/go/bin/dnsdock\"],\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"docker_version\":\"1.6.2\",\"config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":null,\"Image\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":[\"/go/bin/dnsdock\"],\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":0}\n"},
+			{V1Compatibility: "{\"id\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"parent\":\"e3b0ff09e647595dafee15c54cd632c900df9e82b1d4d313b1e20639a1461779\",\"created\":\"2015-08-19T16:49:07.568027497Z\",\"container\":\"fe9e5a5264a843c9292d17b736c92dd19bdb49986a8782d7389964ddaff887cc\",\"container_config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":[\"/bin/sh\",\"-c\",\"cd /go/src/github.com/tonistiigi/dnsdock \\u0026\\u0026     go get -v github.com/tools/godep \\u0026\\u0026     godep restore \\u0026\\u0026     go install -ldflags \\\"-X main.version `git describe --tags HEAD``if [[ -n $(command git status --porcelain --untracked-files=no 2\\u003e/dev/null) ]]; then echo \\\"-dirty\\\"; fi`\\\" ./...\"],\"Image\":\"e3b0ff09e647595dafee15c54cd632c900df9e82b1d4d313b1e20639a1461779\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"docker_version\":\"1.6.2\",\"config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":[\"/bin/bash\"],\"Image\":\"e3b0ff09e647595dafee15c54cd632c900df9e82b1d4d313b1e20639a1461779\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":118430532}\n"},
+		},
+	}
+
+	if err := fixManifestLayers(&duplicateLayerManifest); err == nil || !strings.Contains(err.Error(), "Invalid parent ID in the base layer of the image.") {
+		t.Fatalf("expected an invalid parent ID error from fixManifestLayers")
+	}
+}
+
+// TestFixManifestLayersBadParent makes sure that fixManifestLayers fails
+// if an image configuration specifies a parent that doesn't directly follow
+// that (deduplicated) image in the image history.
+func TestFixManifestLayersBadParent(t *testing.T) {
+	duplicateLayerManifest := schema1.Manifest{
+		FSLayers: []schema1.FSLayer{
+			{BlobSum: digest.Digest("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4")},
+			{BlobSum: digest.Digest("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4")},
+			{BlobSum: digest.Digest("sha256:86e0e091d0da6bde2456dbb48306f3956bbeb2eae1b5b9a43045843f69fe4aaa")},
+		},
+		History: []schema1.History{
+			{V1Compatibility: "{\"id\":\"3b38edc92eb7c074812e217b41a6ade66888531009d6286a6f5f36a06f9841b9\",\"parent\":\"ac3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"created\":\"2015-08-19T16:49:11.368300679Z\",\"container\":\"d91be3479d5b1e84b0c00d18eea9dc777ca0ad166d51174b24283e2e6f104253\",\"container_config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":[\"/bin/sh\",\"-c\",\"#(nop) ENTRYPOINT [\\\"/go/bin/dnsdock\\\"]\"],\"Image\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":[\"/go/bin/dnsdock\"],\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"docker_version\":\"1.6.2\",\"config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":null,\"Image\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":[\"/go/bin/dnsdock\"],\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":0}\n"},
+			{V1Compatibility: "{\"id\":\"3b38edc92eb7c074812e217b41a6ade66888531009d6286a6f5f36a06f9841b9\",\"parent\":\"ac3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"created\":\"2015-08-19T16:49:11.368300679Z\",\"container\":\"d91be3479d5b1e84b0c00d18eea9dc777ca0ad166d51174b24283e2e6f104253\",\"container_config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":[\"/bin/sh\",\"-c\",\"#(nop) ENTRYPOINT [\\\"/go/bin/dnsdock\\\"]\"],\"Image\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":[\"/go/bin/dnsdock\"],\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"docker_version\":\"1.6.2\",\"config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":null,\"Image\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":[\"/go/bin/dnsdock\"],\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":0}\n"},
+			{V1Compatibility: "{\"id\":\"ec3025ca8cc9bcab039e193e20ec647c2da3c53a74020f2ba611601f9b2c6c02\",\"created\":\"2015-08-19T16:49:07.568027497Z\",\"container\":\"fe9e5a5264a843c9292d17b736c92dd19bdb49986a8782d7389964ddaff887cc\",\"container_config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":[\"/bin/sh\",\"-c\",\"cd /go/src/github.com/tonistiigi/dnsdock \\u0026\\u0026     go get -v github.com/tools/godep \\u0026\\u0026     godep restore \\u0026\\u0026     go install -ldflags \\\"-X main.version `git describe --tags HEAD``if [[ -n $(command git status --porcelain --untracked-files=no 2\\u003e/dev/null) ]]; then echo \\\"-dirty\\\"; fi`\\\" ./...\"],\"Image\":\"e3b0ff09e647595dafee15c54cd632c900df9e82b1d4d313b1e20639a1461779\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"docker_version\":\"1.6.2\",\"config\":{\"Hostname\":\"03797203757d\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\",\"GOLANG_VERSION=1.4.1\",\"GOPATH=/go\"],\"Cmd\":[\"/bin/bash\"],\"Image\":\"e3b0ff09e647595dafee15c54cd632c900df9e82b1d4d313b1e20639a1461779\",\"Volumes\":null,\"WorkingDir\":\"/go\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"Labels\":{}},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":118430532}\n"},
+		},
+	}
+
+	if err := fixManifestLayers(&duplicateLayerManifest); err == nil || !strings.Contains(err.Error(), "Invalid parent ID.") {
+		t.Fatalf("expected an invalid parent ID error from fixManifestLayers")
+	}
+}
+
+// TestValidateManifest verifies the validateManifest function
+func TestValidateManifest(t *testing.T) {
+	// TODO Windows: Fix this unit text
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs fixing on Windows")
+	}
+	expectedDigest, err := reference.ParseNamed("repo@sha256:02fee8c3220ba806531f606525eceb83f4feb654f62b207191b1c9209188dedd")
+	if err != nil {
+		t.Fatal("could not parse reference")
+	}
+	expectedFSLayer0 := digest.Digest("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4")
+
+	// Good manifest
+
+	goodManifestBytes, err := ioutil.ReadFile("fixtures/validate_manifest/good_manifest")
+	if err != nil {
+		t.Fatal("error reading fixture:", err)
+	}
+
+	var goodSignedManifest schema1.SignedManifest
+	err = json.Unmarshal(goodManifestBytes, &goodSignedManifest)
+	if err != nil {
+		t.Fatal("error unmarshaling manifest:", err)
+	}
+
+	verifiedManifest, err := verifySchema1Manifest(&goodSignedManifest, expectedDigest)
+	if err != nil {
+		t.Fatal("validateManifest failed:", err)
+	}
+
+	if verifiedManifest.FSLayers[0].BlobSum != expectedFSLayer0 {
+		t.Fatal("unexpected FSLayer in good manifest")
+	}
+
+	// "Extra data" manifest
+
+	extraDataManifestBytes, err := ioutil.ReadFile("fixtures/validate_manifest/extra_data_manifest")
+	if err != nil {
+		t.Fatal("error reading fixture:", err)
+	}
+
+	var extraDataSignedManifest schema1.SignedManifest
+	err = json.Unmarshal(extraDataManifestBytes, &extraDataSignedManifest)
+	if err != nil {
+		t.Fatal("error unmarshaling manifest:", err)
+	}
+
+	verifiedManifest, err = verifySchema1Manifest(&extraDataSignedManifest, expectedDigest)
+	if err != nil {
+		t.Fatal("validateManifest failed:", err)
+	}
+
+	if verifiedManifest.FSLayers[0].BlobSum != expectedFSLayer0 {
+		t.Fatal("unexpected FSLayer in extra data manifest")
+	}
+
+	// Bad manifest
+
+	badManifestBytes, err := ioutil.ReadFile("fixtures/validate_manifest/bad_manifest")
+	if err != nil {
+		t.Fatal("error reading fixture:", err)
+	}
+
+	var badSignedManifest schema1.SignedManifest
+	err = json.Unmarshal(badManifestBytes, &badSignedManifest)
+	if err != nil {
+		t.Fatal("error unmarshaling manifest:", err)
+	}
+
+	verifiedManifest, err = verifySchema1Manifest(&badSignedManifest, expectedDigest)
+	if err == nil || !strings.HasPrefix(err.Error(), "image verification failed for digest") {
+		t.Fatal("expected validateManifest to fail with digest error")
+	}
+}
diff --git a/distribution/pull_v2_unix.go b/distribution/pull_v2_unix.go
new file mode 100644
index 00000000..9fbb875e
--- /dev/null
+++ b/distribution/pull_v2_unix.go
@@ -0,0 +1,12 @@
+// +build !windows
+
+package distribution
+
+import (
+	"github.com/docker/distribution/manifest/schema1"
+	"github.com/docker/docker/image"
+)
+
+func detectBaseLayer(is image.Store, m *schema1.Manifest, rootFS *image.RootFS) error {
+	return nil
+}
diff --git a/distribution/pull_v2_windows.go b/distribution/pull_v2_windows.go
new file mode 100644
index 00000000..de99fc9d
--- /dev/null
+++ b/distribution/pull_v2_windows.go
@@ -0,0 +1,29 @@
+// +build windows
+
+package distribution
+
+import (
+	"encoding/json"
+	"fmt"
+
+	"github.com/docker/distribution/manifest/schema1"
+	"github.com/docker/docker/image"
+)
+
+func detectBaseLayer(is image.Store, m *schema1.Manifest, rootFS *image.RootFS) error {
+	v1img := &image.V1Image{}
+	if err := json.Unmarshal([]byte(m.History[len(m.History)-1].V1Compatibility), v1img); err != nil {
+		return err
+	}
+	if v1img.Parent == "" {
+		return fmt.Errorf("Last layer %q does not have a base layer reference", v1img.ID)
+	}
+	// There must be an image that already references the baselayer.
+	for _, img := range is.Map() {
+		if img.RootFS.BaseLayerID() == v1img.Parent {
+			rootFS.BaseLayer = img.RootFS.BaseLayer
+			return nil
+		}
+	}
+	return fmt.Errorf("Invalid base layer %q", v1img.Parent)
+}
diff --git a/distribution/push.go b/distribution/push.go
new file mode 100644
index 00000000..52ee8e77
--- /dev/null
+++ b/distribution/push.go
@@ -0,0 +1,219 @@
+package distribution
+
+import (
+	"bufio"
+	"compress/gzip"
+	"fmt"
+	"io"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/distribution/metadata"
+	"github.com/docker/docker/distribution/xfer"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/pkg/progress"
+	"github.com/docker/docker/reference"
+	"github.com/docker/docker/registry"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/libtrust"
+	"golang.org/x/net/context"
+)
+
+// ImagePushConfig stores push configuration.
+type ImagePushConfig struct {
+	// MetaHeaders store HTTP headers with metadata about the image
+	MetaHeaders map[string][]string
+	// AuthConfig holds authentication credentials for authenticating with
+	// the registry.
+	AuthConfig *types.AuthConfig
+	// ProgressOutput is the interface for showing the status of the push
+	// operation.
+	ProgressOutput progress.Output
+	// RegistryService is the registry service to use for TLS configuration
+	// and endpoint lookup.
+	RegistryService *registry.Service
+	// ImageEventLogger notifies events for a given image
+	ImageEventLogger func(id, name, action string)
+	// MetadataStore is the storage backend for distribution-specific
+	// metadata.
+	MetadataStore metadata.Store
+	// LayerStore manages layers.
+	LayerStore layer.Store
+	// ImageStore manages images.
+	ImageStore image.Store
+	// ReferenceStore manages tags.
+	ReferenceStore reference.Store
+	// TrustKey is the private key for legacy signatures. This is typically
+	// an ephemeral key, since these signatures are no longer verified.
+	TrustKey libtrust.PrivateKey
+	// UploadManager dispatches uploads.
+	UploadManager *xfer.LayerUploadManager
+}
+
+// Pusher is an interface that abstracts pushing for different API versions.
+type Pusher interface {
+	// Push tries to push the image configured at the creation of Pusher.
+	// Push returns an error if any, as well as a boolean that determines whether to retry Push on the next configured endpoint.
+	//
+	// TODO(tiborvass): have Push() take a reference to repository + tag, so that the pusher itself is repository-agnostic.
+	Push(ctx context.Context) error
+}
+
+const compressionBufSize = 32768
+
+// NewPusher creates a new Pusher interface that will push to either a v1 or v2
+// registry. The endpoint argument contains a Version field that determines
+// whether a v1 or v2 pusher will be created. The other parameters are passed
+// through to the underlying pusher implementation for use during the actual
+// push operation.
+func NewPusher(ref reference.Named, endpoint registry.APIEndpoint, repoInfo *registry.RepositoryInfo, imagePushConfig *ImagePushConfig) (Pusher, error) {
+	switch endpoint.Version {
+	case registry.APIVersion2:
+		return &v2Pusher{
+			v2MetadataService: metadata.NewV2MetadataService(imagePushConfig.MetadataStore),
+			ref:               ref,
+			endpoint:          endpoint,
+			repoInfo:          repoInfo,
+			config:            imagePushConfig,
+		}, nil
+	case registry.APIVersion1:
+		return &v1Pusher{
+			v1IDService: metadata.NewV1IDService(imagePushConfig.MetadataStore),
+			ref:         ref,
+			endpoint:    endpoint,
+			repoInfo:    repoInfo,
+			config:      imagePushConfig,
+		}, nil
+	}
+	return nil, fmt.Errorf("unknown version %d for registry %s", endpoint.Version, endpoint.URL)
+}
+
+// Push initiates a push operation on the repository named localName.
+// ref is the specific variant of the image to be pushed.
+// If no tag is provided, all tags will be pushed.
+func Push(ctx context.Context, ref reference.Named, imagePushConfig *ImagePushConfig) error {
+	// FIXME: Allow to interrupt current push when new push of same image is done.
+
+	// Resolve the Repository name from fqn to RepositoryInfo
+	repoInfo, err := imagePushConfig.RegistryService.ResolveRepository(ref)
+	if err != nil {
+		return err
+	}
+
+	endpoints, err := imagePushConfig.RegistryService.LookupPushEndpoints(repoInfo.Hostname())
+	if err != nil {
+		return err
+	}
+
+	progress.Messagef(imagePushConfig.ProgressOutput, "", "The push refers to a repository [%s]", repoInfo.FullName())
+
+	associations := imagePushConfig.ReferenceStore.ReferencesByName(repoInfo)
+	if len(associations) == 0 {
+		return fmt.Errorf("Repository does not exist: %s", repoInfo.Name())
+	}
+
+	var (
+		lastErr error
+
+		// confirmedV2 is set to true if a push attempt managed to
+		// confirm that it was talking to a v2 registry. This will
+		// prevent fallback to the v1 protocol.
+		confirmedV2 bool
+
+		// confirmedTLSRegistries is a map indicating which registries
+		// are known to be using TLS. There should never be a plaintext
+		// retry for any of these.
+		confirmedTLSRegistries = make(map[string]struct{})
+	)
+
+	for _, endpoint := range endpoints {
+		if confirmedV2 && endpoint.Version == registry.APIVersion1 {
+			logrus.Debugf("Skipping v1 endpoint %s because v2 registry was detected", endpoint.URL)
+			continue
+		}
+
+		if endpoint.URL.Scheme != "https" {
+			if _, confirmedTLS := confirmedTLSRegistries[endpoint.URL.Host]; confirmedTLS {
+				logrus.Debugf("Skipping non-TLS endpoint %s for host/port that appears to use TLS", endpoint.URL)
+				continue
+			}
+		}
+
+		logrus.Debugf("Trying to push %s to %s %s", repoInfo.FullName(), endpoint.URL, endpoint.Version)
+
+		pusher, err := NewPusher(ref, endpoint, repoInfo, imagePushConfig)
+		if err != nil {
+			lastErr = err
+			continue
+		}
+		if err := pusher.Push(ctx); err != nil {
+			// Was this push cancelled? If so, don't try to fall
+			// back.
+			select {
+			case <-ctx.Done():
+			default:
+				if fallbackErr, ok := err.(fallbackError); ok {
+					confirmedV2 = confirmedV2 || fallbackErr.confirmedV2
+					if fallbackErr.transportOK && endpoint.URL.Scheme == "https" {
+						confirmedTLSRegistries[endpoint.URL.Host] = struct{}{}
+					}
+					err = fallbackErr.err
+					lastErr = err
+					logrus.Errorf("Attempting next endpoint for push after error: %v", err)
+					continue
+				}
+			}
+
+			logrus.Errorf("Not continuing with push after error: %v", err)
+			return err
+		}
+
+		imagePushConfig.ImageEventLogger(ref.String(), repoInfo.Name(), "push")
+		return nil
+	}
+
+	if lastErr == nil {
+		lastErr = fmt.Errorf("no endpoints found for %s", repoInfo.FullName())
+	}
+	return lastErr
+}
+
+// compress returns an io.ReadCloser which will supply a compressed version of
+// the provided Reader. The caller must close the ReadCloser after reading the
+// compressed data.
+//
+// Note that this function returns a reader instead of taking a writer as an
+// argument so that it can be used with httpBlobWriter's ReadFrom method.
+// Using httpBlobWriter's Write method would send a PATCH request for every
+// Write call.
+//
+// The second return value is a channel that gets closed when the goroutine
+// is finished. This allows the caller to make sure the goroutine finishes
+// before it releases any resources connected with the reader that was
+// passed in.
+func compress(in io.Reader) (io.ReadCloser, chan struct{}) {
+	compressionDone := make(chan struct{})
+
+	pipeReader, pipeWriter := io.Pipe()
+	// Use a bufio.Writer to avoid excessive chunking in HTTP request.
+	bufWriter := bufio.NewWriterSize(pipeWriter, compressionBufSize)
+	compressor := gzip.NewWriter(bufWriter)
+
+	go func() {
+		_, err := io.Copy(compressor, in)
+		if err == nil {
+			err = compressor.Close()
+		}
+		if err == nil {
+			err = bufWriter.Flush()
+		}
+		if err != nil {
+			pipeWriter.CloseWithError(err)
+		} else {
+			pipeWriter.Close()
+		}
+		close(compressionDone)
+	}()
+
+	return pipeReader, compressionDone
+}
diff --git a/distribution/push_v1.go b/distribution/push_v1.go
new file mode 100644
index 00000000..b6e4a130
--- /dev/null
+++ b/distribution/push_v1.go
@@ -0,0 +1,454 @@
+package distribution
+
+import (
+	"fmt"
+	"sync"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/digest"
+	"github.com/docker/distribution/registry/client/transport"
+	"github.com/docker/docker/distribution/metadata"
+	"github.com/docker/docker/dockerversion"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/image/v1"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/pkg/progress"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/docker/reference"
+	"github.com/docker/docker/registry"
+	"golang.org/x/net/context"
+)
+
+type v1Pusher struct {
+	v1IDService *metadata.V1IDService
+	endpoint    registry.APIEndpoint
+	ref         reference.Named
+	repoInfo    *registry.RepositoryInfo
+	config      *ImagePushConfig
+	session     *registry.Session
+}
+
+func (p *v1Pusher) Push(ctx context.Context) error {
+	tlsConfig, err := p.config.RegistryService.TLSConfig(p.repoInfo.Index.Name)
+	if err != nil {
+		return err
+	}
+	// Adds Docker-specific headers as well as user-specified headers (metaHeaders)
+	tr := transport.NewTransport(
+		// TODO(tiborvass): was NoTimeout
+		registry.NewTransport(tlsConfig),
+		registry.DockerHeaders(dockerversion.DockerUserAgent(ctx), p.config.MetaHeaders)...,
+	)
+	client := registry.HTTPClient(tr)
+	v1Endpoint, err := p.endpoint.ToV1Endpoint(dockerversion.DockerUserAgent(ctx), p.config.MetaHeaders)
+	if err != nil {
+		logrus.Debugf("Could not get v1 endpoint: %v", err)
+		return fallbackError{err: err}
+	}
+	p.session, err = registry.NewSession(client, p.config.AuthConfig, v1Endpoint)
+	if err != nil {
+		// TODO(dmcgowan): Check if should fallback
+		return fallbackError{err: err}
+	}
+	if err := p.pushRepository(ctx); err != nil {
+		// TODO(dmcgowan): Check if should fallback
+		return err
+	}
+	return nil
+}
+
+// v1Image exposes the configuration, filesystem layer ID, and a v1 ID for an
+// image being pushed to a v1 registry.
+type v1Image interface {
+	Config() []byte
+	Layer() layer.Layer
+	V1ID() string
+}
+
+type v1ImageCommon struct {
+	layer  layer.Layer
+	config []byte
+	v1ID   string
+}
+
+func (common *v1ImageCommon) Config() []byte {
+	return common.config
+}
+
+func (common *v1ImageCommon) V1ID() string {
+	return common.v1ID
+}
+
+func (common *v1ImageCommon) Layer() layer.Layer {
+	return common.layer
+}
+
+// v1TopImage defines a runnable (top layer) image being pushed to a v1
+// registry.
+type v1TopImage struct {
+	v1ImageCommon
+	imageID image.ID
+}
+
+func newV1TopImage(imageID image.ID, img *image.Image, l layer.Layer, parent *v1DependencyImage) (*v1TopImage, error) {
+	v1ID := digest.Digest(imageID).Hex()
+	parentV1ID := ""
+	if parent != nil {
+		parentV1ID = parent.V1ID()
+	}
+
+	config, err := v1.MakeV1ConfigFromConfig(img, v1ID, parentV1ID, false)
+	if err != nil {
+		return nil, err
+	}
+
+	return &v1TopImage{
+		v1ImageCommon: v1ImageCommon{
+			v1ID:   v1ID,
+			config: config,
+			layer:  l,
+		},
+		imageID: imageID,
+	}, nil
+}
+
+// v1DependencyImage defines a dependency layer being pushed to a v1 registry.
+type v1DependencyImage struct {
+	v1ImageCommon
+}
+
+func newV1DependencyImage(l layer.Layer, parent *v1DependencyImage) (*v1DependencyImage, error) {
+	v1ID := digest.Digest(l.ChainID()).Hex()
+
+	config := ""
+	if parent != nil {
+		config = fmt.Sprintf(`{"id":"%s","parent":"%s"}`, v1ID, parent.V1ID())
+	} else {
+		config = fmt.Sprintf(`{"id":"%s"}`, v1ID)
+	}
+	return &v1DependencyImage{
+		v1ImageCommon: v1ImageCommon{
+			v1ID:   v1ID,
+			config: []byte(config),
+			layer:  l,
+		},
+	}, nil
+}
+
+// Retrieve the all the images to be uploaded in the correct order
+func (p *v1Pusher) getImageList() (imageList []v1Image, tagsByImage map[image.ID][]string, referencedLayers []layer.Layer, err error) {
+	tagsByImage = make(map[image.ID][]string)
+
+	// Ignore digest references
+	if _, isCanonical := p.ref.(reference.Canonical); isCanonical {
+		return
+	}
+
+	tagged, isTagged := p.ref.(reference.NamedTagged)
+	if isTagged {
+		// Push a specific tag
+		var imgID image.ID
+		imgID, err = p.config.ReferenceStore.Get(p.ref)
+		if err != nil {
+			return
+		}
+
+		imageList, err = p.imageListForTag(imgID, nil, &referencedLayers)
+		if err != nil {
+			return
+		}
+
+		tagsByImage[imgID] = []string{tagged.Tag()}
+
+		return
+	}
+
+	imagesSeen := make(map[image.ID]struct{})
+	dependenciesSeen := make(map[layer.ChainID]*v1DependencyImage)
+
+	associations := p.config.ReferenceStore.ReferencesByName(p.ref)
+	for _, association := range associations {
+		if tagged, isTagged = association.Ref.(reference.NamedTagged); !isTagged {
+			// Ignore digest references.
+			continue
+		}
+
+		tagsByImage[association.ImageID] = append(tagsByImage[association.ImageID], tagged.Tag())
+
+		if _, present := imagesSeen[association.ImageID]; present {
+			// Skip generating image list for already-seen image
+			continue
+		}
+		imagesSeen[association.ImageID] = struct{}{}
+
+		imageListForThisTag, err := p.imageListForTag(association.ImageID, dependenciesSeen, &referencedLayers)
+		if err != nil {
+			return nil, nil, nil, err
+		}
+
+		// append to main image list
+		imageList = append(imageList, imageListForThisTag...)
+	}
+	if len(imageList) == 0 {
+		return nil, nil, nil, fmt.Errorf("No images found for the requested repository / tag")
+	}
+	logrus.Debugf("Image list: %v", imageList)
+	logrus.Debugf("Tags by image: %v", tagsByImage)
+
+	return
+}
+
+func (p *v1Pusher) imageListForTag(imgID image.ID, dependenciesSeen map[layer.ChainID]*v1DependencyImage, referencedLayers *[]layer.Layer) (imageListForThisTag []v1Image, err error) {
+	img, err := p.config.ImageStore.Get(imgID)
+	if err != nil {
+		return nil, err
+	}
+
+	topLayerID := img.RootFS.ChainID()
+
+	var l layer.Layer
+	if topLayerID == "" {
+		l = layer.EmptyLayer
+	} else {
+		l, err = p.config.LayerStore.Get(topLayerID)
+		*referencedLayers = append(*referencedLayers, l)
+		if err != nil {
+			return nil, fmt.Errorf("failed to get top layer from image: %v", err)
+		}
+	}
+
+	dependencyImages, parent, err := generateDependencyImages(l.Parent(), dependenciesSeen)
+	if err != nil {
+		return nil, err
+	}
+
+	topImage, err := newV1TopImage(imgID, img, l, parent)
+	if err != nil {
+		return nil, err
+	}
+
+	imageListForThisTag = append(dependencyImages, topImage)
+
+	return
+}
+
+func generateDependencyImages(l layer.Layer, dependenciesSeen map[layer.ChainID]*v1DependencyImage) (imageListForThisTag []v1Image, parent *v1DependencyImage, err error) {
+	if l == nil {
+		return nil, nil, nil
+	}
+
+	imageListForThisTag, parent, err = generateDependencyImages(l.Parent(), dependenciesSeen)
+
+	if dependenciesSeen != nil {
+		if dependencyImage, present := dependenciesSeen[l.ChainID()]; present {
+			// This layer is already on the list, we can ignore it
+			// and all its parents.
+			return imageListForThisTag, dependencyImage, nil
+		}
+	}
+
+	dependencyImage, err := newV1DependencyImage(l, parent)
+	if err != nil {
+		return nil, nil, err
+	}
+	imageListForThisTag = append(imageListForThisTag, dependencyImage)
+
+	if dependenciesSeen != nil {
+		dependenciesSeen[l.ChainID()] = dependencyImage
+	}
+
+	return imageListForThisTag, dependencyImage, nil
+}
+
+// createImageIndex returns an index of an image's layer IDs and tags.
+func createImageIndex(images []v1Image, tags map[image.ID][]string) []*registry.ImgData {
+	var imageIndex []*registry.ImgData
+	for _, img := range images {
+		v1ID := img.V1ID()
+
+		if topImage, isTopImage := img.(*v1TopImage); isTopImage {
+			if tags, hasTags := tags[topImage.imageID]; hasTags {
+				// If an image has tags you must add an entry in the image index
+				// for each tag
+				for _, tag := range tags {
+					imageIndex = append(imageIndex, &registry.ImgData{
+						ID:  v1ID,
+						Tag: tag,
+					})
+				}
+				continue
+			}
+		}
+
+		// If the image does not have a tag it still needs to be sent to the
+		// registry with an empty tag so that it is associated with the repository
+		imageIndex = append(imageIndex, &registry.ImgData{
+			ID:  v1ID,
+			Tag: "",
+		})
+	}
+	return imageIndex
+}
+
+// lookupImageOnEndpoint checks the specified endpoint to see if an image exists
+// and if it is absent then it sends the image id to the channel to be pushed.
+func (p *v1Pusher) lookupImageOnEndpoint(wg *sync.WaitGroup, endpoint string, images chan v1Image, imagesToPush chan string) {
+	defer wg.Done()
+	for image := range images {
+		v1ID := image.V1ID()
+		truncID := stringid.TruncateID(image.Layer().DiffID().String())
+		if err := p.session.LookupRemoteImage(v1ID, endpoint); err != nil {
+			logrus.Errorf("Error in LookupRemoteImage: %s", err)
+			imagesToPush <- v1ID
+			progress.Update(p.config.ProgressOutput, truncID, "Waiting")
+		} else {
+			progress.Update(p.config.ProgressOutput, truncID, "Already exists")
+		}
+	}
+}
+
+func (p *v1Pusher) pushImageToEndpoint(ctx context.Context, endpoint string, imageList []v1Image, tags map[image.ID][]string, repo *registry.RepositoryData) error {
+	workerCount := len(imageList)
+	// start a maximum of 5 workers to check if images exist on the specified endpoint.
+	if workerCount > 5 {
+		workerCount = 5
+	}
+	var (
+		wg           = &sync.WaitGroup{}
+		imageData    = make(chan v1Image, workerCount*2)
+		imagesToPush = make(chan string, workerCount*2)
+		pushes       = make(chan map[string]struct{}, 1)
+	)
+	for i := 0; i < workerCount; i++ {
+		wg.Add(1)
+		go p.lookupImageOnEndpoint(wg, endpoint, imageData, imagesToPush)
+	}
+	// start a go routine that consumes the images to push
+	go func() {
+		shouldPush := make(map[string]struct{})
+		for id := range imagesToPush {
+			shouldPush[id] = struct{}{}
+		}
+		pushes <- shouldPush
+	}()
+	for _, v1Image := range imageList {
+		imageData <- v1Image
+	}
+	// close the channel to notify the workers that there will be no more images to check.
+	close(imageData)
+	wg.Wait()
+	close(imagesToPush)
+	// wait for all the images that require pushes to be collected into a consumable map.
+	shouldPush := <-pushes
+	// finish by pushing any images and tags to the endpoint.  The order that the images are pushed
+	// is very important that is why we are still iterating over the ordered list of imageIDs.
+	for _, img := range imageList {
+		v1ID := img.V1ID()
+		if _, push := shouldPush[v1ID]; push {
+			if _, err := p.pushImage(ctx, img, endpoint); err != nil {
+				// FIXME: Continue on error?
+				return err
+			}
+		}
+		if topImage, isTopImage := img.(*v1TopImage); isTopImage {
+			for _, tag := range tags[topImage.imageID] {
+				progress.Messagef(p.config.ProgressOutput, "", "Pushing tag for rev [%s] on {%s}", stringid.TruncateID(v1ID), endpoint+"repositories/"+p.repoInfo.RemoteName()+"/tags/"+tag)
+				if err := p.session.PushRegistryTag(p.repoInfo, v1ID, tag, endpoint); err != nil {
+					return err
+				}
+			}
+		}
+	}
+	return nil
+}
+
+// pushRepository pushes layers that do not already exist on the registry.
+func (p *v1Pusher) pushRepository(ctx context.Context) error {
+	imgList, tags, referencedLayers, err := p.getImageList()
+	defer func() {
+		for _, l := range referencedLayers {
+			p.config.LayerStore.Release(l)
+		}
+	}()
+	if err != nil {
+		return err
+	}
+
+	imageIndex := createImageIndex(imgList, tags)
+	for _, data := range imageIndex {
+		logrus.Debugf("Pushing ID: %s with Tag: %s", data.ID, data.Tag)
+	}
+
+	// Register all the images in a repository with the registry
+	// If an image is not in this list it will not be associated with the repository
+	repoData, err := p.session.PushImageJSONIndex(p.repoInfo, imageIndex, false, nil)
+	if err != nil {
+		return err
+	}
+	// push the repository to each of the endpoints only if it does not exist.
+	for _, endpoint := range repoData.Endpoints {
+		if err := p.pushImageToEndpoint(ctx, endpoint, imgList, tags, repoData); err != nil {
+			return err
+		}
+	}
+	_, err = p.session.PushImageJSONIndex(p.repoInfo, imageIndex, true, repoData.Endpoints)
+	return err
+}
+
+func (p *v1Pusher) pushImage(ctx context.Context, v1Image v1Image, ep string) (checksum string, err error) {
+	l := v1Image.Layer()
+	v1ID := v1Image.V1ID()
+	truncID := stringid.TruncateID(l.DiffID().String())
+
+	jsonRaw := v1Image.Config()
+	progress.Update(p.config.ProgressOutput, truncID, "Pushing")
+
+	// General rule is to use ID for graph accesses and compatibilityID for
+	// calls to session.registry()
+	imgData := &registry.ImgData{
+		ID: v1ID,
+	}
+
+	// Send the json
+	if err := p.session.PushImageJSONRegistry(imgData, jsonRaw, ep); err != nil {
+		if err == registry.ErrAlreadyExists {
+			progress.Update(p.config.ProgressOutput, truncID, "Image already pushed, skipping")
+			return "", nil
+		}
+		return "", err
+	}
+
+	arch, err := l.TarStream()
+	if err != nil {
+		return "", err
+	}
+	defer arch.Close()
+
+	// don't care if this fails; best effort
+	size, _ := l.DiffSize()
+
+	// Send the layer
+	logrus.Debugf("rendered layer for %s of [%d] size", v1ID, size)
+
+	reader := progress.NewProgressReader(ioutils.NewCancelReadCloser(ctx, arch), p.config.ProgressOutput, size, truncID, "Pushing")
+	defer reader.Close()
+
+	checksum, checksumPayload, err := p.session.PushImageLayerRegistry(v1ID, reader, ep, jsonRaw)
+	if err != nil {
+		return "", err
+	}
+	imgData.Checksum = checksum
+	imgData.ChecksumPayload = checksumPayload
+	// Send the checksum
+	if err := p.session.PushImageChecksumRegistry(imgData, ep); err != nil {
+		return "", err
+	}
+
+	if err := p.v1IDService.Set(v1ID, p.repoInfo.Index.Name, l.DiffID()); err != nil {
+		logrus.Warnf("Could not set v1 ID mapping: %v", err)
+	}
+
+	progress.Update(p.config.ProgressOutput, truncID, "Image successfully pushed")
+	return imgData.Checksum, nil
+}
diff --git a/distribution/push_v2.go b/distribution/push_v2.go
new file mode 100644
index 00000000..e86badb4
--- /dev/null
+++ b/distribution/push_v2.go
@@ -0,0 +1,438 @@
+package distribution
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"sync"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution"
+	"github.com/docker/distribution/digest"
+	"github.com/docker/distribution/manifest/schema1"
+	"github.com/docker/distribution/manifest/schema2"
+	distreference "github.com/docker/distribution/reference"
+	"github.com/docker/distribution/registry/client"
+	"github.com/docker/docker/distribution/metadata"
+	"github.com/docker/docker/distribution/xfer"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/pkg/progress"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/docker/reference"
+	"github.com/docker/docker/registry"
+	"golang.org/x/net/context"
+)
+
+// PushResult contains the tag, manifest digest, and manifest size from the
+// push. It's used to signal this information to the trust code in the client
+// so it can sign the manifest if necessary.
+type PushResult struct {
+	Tag    string
+	Digest digest.Digest
+	Size   int
+}
+
+type v2Pusher struct {
+	v2MetadataService *metadata.V2MetadataService
+	ref               reference.Named
+	endpoint          registry.APIEndpoint
+	repoInfo          *registry.RepositoryInfo
+	config            *ImagePushConfig
+	repo              distribution.Repository
+
+	// pushState is state built by the Upload functions.
+	pushState pushState
+}
+
+type pushState struct {
+	sync.Mutex
+	// remoteLayers is the set of layers known to exist on the remote side.
+	// This avoids redundant queries when pushing multiple tags that
+	// involve the same layers. It is also used to fill in digest and size
+	// information when building the manifest.
+	remoteLayers map[layer.DiffID]distribution.Descriptor
+	// confirmedV2 is set to true if we confirm we're talking to a v2
+	// registry. This is used to limit fallbacks to the v1 protocol.
+	confirmedV2 bool
+}
+
+func (p *v2Pusher) Push(ctx context.Context) (err error) {
+	p.pushState.remoteLayers = make(map[layer.DiffID]distribution.Descriptor)
+
+	p.repo, p.pushState.confirmedV2, err = NewV2Repository(ctx, p.repoInfo, p.endpoint, p.config.MetaHeaders, p.config.AuthConfig, "push", "pull")
+	if err != nil {
+		logrus.Debugf("Error getting v2 registry: %v", err)
+		return err
+	}
+
+	if err = p.pushV2Repository(ctx); err != nil {
+		if continueOnError(err) {
+			return fallbackError{
+				err:         err,
+				confirmedV2: p.pushState.confirmedV2,
+				transportOK: true,
+			}
+		}
+	}
+	return err
+}
+
+func (p *v2Pusher) pushV2Repository(ctx context.Context) (err error) {
+	if namedTagged, isNamedTagged := p.ref.(reference.NamedTagged); isNamedTagged {
+		imageID, err := p.config.ReferenceStore.Get(p.ref)
+		if err != nil {
+			return fmt.Errorf("tag does not exist: %s", p.ref.String())
+		}
+
+		return p.pushV2Tag(ctx, namedTagged, imageID)
+	}
+
+	if !reference.IsNameOnly(p.ref) {
+		return errors.New("cannot push a digest reference")
+	}
+
+	// Pull all tags
+	pushed := 0
+	for _, association := range p.config.ReferenceStore.ReferencesByName(p.ref) {
+		if namedTagged, isNamedTagged := association.Ref.(reference.NamedTagged); isNamedTagged {
+			pushed++
+			if err := p.pushV2Tag(ctx, namedTagged, association.ImageID); err != nil {
+				return err
+			}
+		}
+	}
+
+	if pushed == 0 {
+		return fmt.Errorf("no tags to push for %s", p.repoInfo.Name())
+	}
+
+	return nil
+}
+
+func (p *v2Pusher) pushV2Tag(ctx context.Context, ref reference.NamedTagged, imageID image.ID) error {
+	logrus.Debugf("Pushing repository: %s", ref.String())
+
+	img, err := p.config.ImageStore.Get(imageID)
+	if err != nil {
+		return fmt.Errorf("could not find image from tag %s: %v", ref.String(), err)
+	}
+
+	var l layer.Layer
+
+	topLayerID := img.RootFS.ChainID()
+	if topLayerID == "" {
+		l = layer.EmptyLayer
+	} else {
+		l, err = p.config.LayerStore.Get(topLayerID)
+		if err != nil {
+			return fmt.Errorf("failed to get top layer from image: %v", err)
+		}
+		defer layer.ReleaseAndLog(p.config.LayerStore, l)
+	}
+
+	var descriptors []xfer.UploadDescriptor
+
+	descriptorTemplate := v2PushDescriptor{
+		v2MetadataService: p.v2MetadataService,
+		repoInfo:          p.repoInfo,
+		repo:              p.repo,
+		pushState:         &p.pushState,
+	}
+
+	// Loop bounds condition is to avoid pushing the base layer on Windows.
+	for i := 0; i < len(img.RootFS.DiffIDs); i++ {
+		descriptor := descriptorTemplate
+		descriptor.layer = l
+		descriptors = append(descriptors, &descriptor)
+
+		l = l.Parent()
+	}
+
+	if err := p.config.UploadManager.Upload(ctx, descriptors, p.config.ProgressOutput); err != nil {
+		return err
+	}
+
+	// Try schema2 first
+	builder := schema2.NewManifestBuilder(p.repo.Blobs(ctx), img.RawJSON())
+	manifest, err := manifestFromBuilder(ctx, builder, descriptors)
+	if err != nil {
+		return err
+	}
+
+	manSvc, err := p.repo.Manifests(ctx)
+	if err != nil {
+		return err
+	}
+
+	putOptions := []distribution.ManifestServiceOption{distribution.WithTag(ref.Tag())}
+	if _, err = manSvc.Put(ctx, manifest, putOptions...); err != nil {
+		logrus.Warnf("failed to upload schema2 manifest: %v - falling back to schema1", err)
+
+		manifestRef, err := distreference.WithTag(p.repo.Named(), ref.Tag())
+		if err != nil {
+			return err
+		}
+		builder = schema1.NewConfigManifestBuilder(p.repo.Blobs(ctx), p.config.TrustKey, manifestRef, img.RawJSON())
+		manifest, err = manifestFromBuilder(ctx, builder, descriptors)
+		if err != nil {
+			return err
+		}
+
+		if _, err = manSvc.Put(ctx, manifest, putOptions...); err != nil {
+			return err
+		}
+	}
+
+	var canonicalManifest []byte
+
+	switch v := manifest.(type) {
+	case *schema1.SignedManifest:
+		canonicalManifest = v.Canonical
+	case *schema2.DeserializedManifest:
+		_, canonicalManifest, err = v.Payload()
+		if err != nil {
+			return err
+		}
+	}
+
+	manifestDigest := digest.FromBytes(canonicalManifest)
+	progress.Messagef(p.config.ProgressOutput, "", "%s: digest: %s size: %d", ref.Tag(), manifestDigest, len(canonicalManifest))
+	// Signal digest to the trust client so it can sign the
+	// push, if appropriate.
+	progress.Aux(p.config.ProgressOutput, PushResult{Tag: ref.Tag(), Digest: manifestDigest, Size: len(canonicalManifest)})
+
+	return nil
+}
+
+func manifestFromBuilder(ctx context.Context, builder distribution.ManifestBuilder, descriptors []xfer.UploadDescriptor) (distribution.Manifest, error) {
+	// descriptors is in reverse order; iterate backwards to get references
+	// appended in the right order.
+	for i := len(descriptors) - 1; i >= 0; i-- {
+		if err := builder.AppendReference(descriptors[i].(*v2PushDescriptor)); err != nil {
+			return nil, err
+		}
+	}
+
+	return builder.Build(ctx)
+}
+
+type v2PushDescriptor struct {
+	layer             layer.Layer
+	v2MetadataService *metadata.V2MetadataService
+	repoInfo          reference.Named
+	repo              distribution.Repository
+	pushState         *pushState
+	remoteDescriptor  distribution.Descriptor
+}
+
+func (pd *v2PushDescriptor) Key() string {
+	return "v2push:" + pd.repo.Named().Name() + " " + pd.layer.DiffID().String()
+}
+
+func (pd *v2PushDescriptor) ID() string {
+	return stringid.TruncateID(pd.layer.DiffID().String())
+}
+
+func (pd *v2PushDescriptor) DiffID() layer.DiffID {
+	return pd.layer.DiffID()
+}
+
+func (pd *v2PushDescriptor) Upload(ctx context.Context, progressOutput progress.Output) (distribution.Descriptor, error) {
+	diffID := pd.DiffID()
+
+	pd.pushState.Lock()
+	if descriptor, ok := pd.pushState.remoteLayers[diffID]; ok {
+		// it is already known that the push is not needed and
+		// therefore doing a stat is unnecessary
+		pd.pushState.Unlock()
+		progress.Update(progressOutput, pd.ID(), "Layer already exists")
+		return descriptor, nil
+	}
+	pd.pushState.Unlock()
+
+	// Do we have any metadata associated with this layer's DiffID?
+	v2Metadata, err := pd.v2MetadataService.GetMetadata(diffID)
+	if err == nil {
+		descriptor, exists, err := layerAlreadyExists(ctx, v2Metadata, pd.repoInfo, pd.repo, pd.pushState)
+		if err != nil {
+			progress.Update(progressOutput, pd.ID(), "Image push failed")
+			return distribution.Descriptor{}, retryOnError(err)
+		}
+		if exists {
+			progress.Update(progressOutput, pd.ID(), "Layer already exists")
+			pd.pushState.Lock()
+			pd.pushState.remoteLayers[diffID] = descriptor
+			pd.pushState.Unlock()
+			return descriptor, nil
+		}
+	}
+
+	logrus.Debugf("Pushing layer: %s", diffID)
+
+	// if digest was empty or not saved, or if blob does not exist on the remote repository,
+	// then push the blob.
+	bs := pd.repo.Blobs(ctx)
+
+	var layerUpload distribution.BlobWriter
+	mountAttemptsRemaining := 3
+
+	// Attempt to find another repository in the same registry to mount the layer
+	// from to avoid an unnecessary upload.
+	// Note: metadata is stored from oldest to newest, so we iterate through this
+	// slice in reverse to maximize our chances of the blob still existing in the
+	// remote repository.
+	for i := len(v2Metadata) - 1; i >= 0 && mountAttemptsRemaining > 0; i-- {
+		mountFrom := v2Metadata[i]
+
+		sourceRepo, err := reference.ParseNamed(mountFrom.SourceRepository)
+		if err != nil {
+			continue
+		}
+		if pd.repoInfo.Hostname() != sourceRepo.Hostname() {
+			// don't mount blobs from another registry
+			continue
+		}
+
+		namedRef, err := reference.WithName(mountFrom.SourceRepository)
+		if err != nil {
+			continue
+		}
+
+		// TODO (brianbland): We need to construct a reference where the Name is
+		// only the full remote name, so clean this up when distribution has a
+		// richer reference package
+		remoteRef, err := distreference.WithName(namedRef.RemoteName())
+		if err != nil {
+			continue
+		}
+
+		canonicalRef, err := distreference.WithDigest(remoteRef, mountFrom.Digest)
+		if err != nil {
+			continue
+		}
+
+		logrus.Debugf("attempting to mount layer %s (%s) from %s", diffID, mountFrom.Digest, sourceRepo.FullName())
+
+		layerUpload, err = bs.Create(ctx, client.WithMountFrom(canonicalRef))
+		switch err := err.(type) {
+		case distribution.ErrBlobMounted:
+			progress.Updatef(progressOutput, pd.ID(), "Mounted from %s", err.From.Name())
+
+			err.Descriptor.MediaType = schema2.MediaTypeLayer
+
+			pd.pushState.Lock()
+			pd.pushState.confirmedV2 = true
+			pd.pushState.remoteLayers[diffID] = err.Descriptor
+			pd.pushState.Unlock()
+
+			// Cache mapping from this layer's DiffID to the blobsum
+			if err := pd.v2MetadataService.Add(diffID, metadata.V2Metadata{Digest: mountFrom.Digest, SourceRepository: pd.repoInfo.FullName()}); err != nil {
+				return distribution.Descriptor{}, xfer.DoNotRetry{Err: err}
+			}
+			return err.Descriptor, nil
+		case nil:
+			// blob upload session created successfully, so begin the upload
+			mountAttemptsRemaining = 0
+		default:
+			// unable to mount layer from this repository, so this source mapping is no longer valid
+			logrus.Debugf("unassociating layer %s (%s) with %s", diffID, mountFrom.Digest, mountFrom.SourceRepository)
+			pd.v2MetadataService.Remove(mountFrom)
+			mountAttemptsRemaining--
+		}
+	}
+
+	if layerUpload == nil {
+		layerUpload, err = bs.Create(ctx)
+		if err != nil {
+			return distribution.Descriptor{}, retryOnError(err)
+		}
+	}
+	defer layerUpload.Close()
+
+	arch, err := pd.layer.TarStream()
+	if err != nil {
+		return distribution.Descriptor{}, xfer.DoNotRetry{Err: err}
+	}
+
+	// don't care if this fails; best effort
+	size, _ := pd.layer.DiffSize()
+
+	reader := progress.NewProgressReader(ioutils.NewCancelReadCloser(ctx, arch), progressOutput, size, pd.ID(), "Pushing")
+	compressedReader, compressionDone := compress(reader)
+	defer func() {
+		reader.Close()
+		<-compressionDone
+	}()
+
+	digester := digest.Canonical.New()
+	tee := io.TeeReader(compressedReader, digester.Hash())
+
+	nn, err := layerUpload.ReadFrom(tee)
+	compressedReader.Close()
+	if err != nil {
+		return distribution.Descriptor{}, retryOnError(err)
+	}
+
+	pushDigest := digester.Digest()
+	if _, err := layerUpload.Commit(ctx, distribution.Descriptor{Digest: pushDigest}); err != nil {
+		return distribution.Descriptor{}, retryOnError(err)
+	}
+
+	logrus.Debugf("uploaded layer %s (%s), %d bytes", diffID, pushDigest, nn)
+	progress.Update(progressOutput, pd.ID(), "Pushed")
+
+	// Cache mapping from this layer's DiffID to the blobsum
+	if err := pd.v2MetadataService.Add(diffID, metadata.V2Metadata{Digest: pushDigest, SourceRepository: pd.repoInfo.FullName()}); err != nil {
+		return distribution.Descriptor{}, xfer.DoNotRetry{Err: err}
+	}
+
+	pd.pushState.Lock()
+
+	// If Commit succeeded, that's an indication that the remote registry
+	// speaks the v2 protocol.
+	pd.pushState.confirmedV2 = true
+
+	descriptor := distribution.Descriptor{
+		Digest:    pushDigest,
+		MediaType: schema2.MediaTypeLayer,
+		Size:      nn,
+	}
+	pd.pushState.remoteLayers[diffID] = descriptor
+
+	pd.pushState.Unlock()
+
+	return descriptor, nil
+}
+
+func (pd *v2PushDescriptor) SetRemoteDescriptor(descriptor distribution.Descriptor) {
+	pd.remoteDescriptor = descriptor
+}
+
+func (pd *v2PushDescriptor) Descriptor() distribution.Descriptor {
+	return pd.remoteDescriptor
+}
+
+// layerAlreadyExists checks if the registry already know about any of the
+// metadata passed in the "metadata" slice. If it finds one that the registry
+// knows about, it returns the known digest and "true".
+func layerAlreadyExists(ctx context.Context, metadata []metadata.V2Metadata, repoInfo reference.Named, repo distribution.Repository, pushState *pushState) (distribution.Descriptor, bool, error) {
+	for _, meta := range metadata {
+		// Only check blobsums that are known to this repository or have an unknown source
+		if meta.SourceRepository != "" && meta.SourceRepository != repoInfo.FullName() {
+			continue
+		}
+		descriptor, err := repo.Blobs(ctx).Stat(ctx, meta.Digest)
+		switch err {
+		case nil:
+			descriptor.MediaType = schema2.MediaTypeLayer
+			return descriptor, true, nil
+		case distribution.ErrBlobUnknown:
+			// nop
+		default:
+			return distribution.Descriptor{}, false, err
+		}
+	}
+	return distribution.Descriptor{}, false, nil
+}
diff --git a/distribution/registry.go b/distribution/registry.go
new file mode 100644
index 00000000..f768a14d
--- /dev/null
+++ b/distribution/registry.go
@@ -0,0 +1,130 @@
+package distribution
+
+import (
+	"fmt"
+	"net"
+	"net/http"
+	"net/url"
+	"time"
+
+	"github.com/docker/distribution"
+	distreference "github.com/docker/distribution/reference"
+	"github.com/docker/distribution/registry/client"
+	"github.com/docker/distribution/registry/client/auth"
+	"github.com/docker/distribution/registry/client/transport"
+	"github.com/docker/docker/dockerversion"
+	"github.com/docker/docker/registry"
+	"github.com/docker/engine-api/types"
+	"golang.org/x/net/context"
+)
+
+type dumbCredentialStore struct {
+	auth *types.AuthConfig
+}
+
+func (dcs dumbCredentialStore) Basic(*url.URL) (string, string) {
+	return dcs.auth.Username, dcs.auth.Password
+}
+
+func (dcs dumbCredentialStore) RefreshToken(*url.URL, string) string {
+	return dcs.auth.IdentityToken
+}
+
+func (dcs dumbCredentialStore) SetRefreshToken(*url.URL, string, string) {
+}
+
+// NewV2Repository returns a repository (v2 only). It creates a HTTP transport
+// providing timeout settings and authentication support, and also verifies the
+// remote API version.
+func NewV2Repository(ctx context.Context, repoInfo *registry.RepositoryInfo, endpoint registry.APIEndpoint, metaHeaders http.Header, authConfig *types.AuthConfig, actions ...string) (repo distribution.Repository, foundVersion bool, err error) {
+	repoName := repoInfo.FullName()
+	// If endpoint does not support CanonicalName, use the RemoteName instead
+	if endpoint.TrimHostname {
+		repoName = repoInfo.RemoteName()
+	}
+
+	// TODO(dmcgowan): Call close idle connections when complete, use keep alive
+	base := &http.Transport{
+		Proxy: http.ProxyFromEnvironment,
+		Dial: (&net.Dialer{
+			Timeout:   30 * time.Second,
+			KeepAlive: 30 * time.Second,
+			DualStack: true,
+		}).Dial,
+		TLSHandshakeTimeout: 10 * time.Second,
+		TLSClientConfig:     endpoint.TLSConfig,
+		// TODO(dmcgowan): Call close idle connections when complete and use keep alive
+		DisableKeepAlives: true,
+	}
+
+	modifiers := registry.DockerHeaders(dockerversion.DockerUserAgent(ctx), metaHeaders)
+	authTransport := transport.NewTransport(base, modifiers...)
+
+	challengeManager, foundVersion, err := registry.PingV2Registry(endpoint, authTransport)
+	if err != nil {
+		transportOK := false
+		if responseErr, ok := err.(registry.PingResponseError); ok {
+			transportOK = true
+			err = responseErr.Err
+		}
+		return nil, foundVersion, fallbackError{
+			err:         err,
+			confirmedV2: foundVersion,
+			transportOK: transportOK,
+		}
+	}
+
+	if authConfig.RegistryToken != "" {
+		passThruTokenHandler := &existingTokenHandler{token: authConfig.RegistryToken}
+		modifiers = append(modifiers, auth.NewAuthorizer(challengeManager, passThruTokenHandler))
+	} else {
+		creds := dumbCredentialStore{auth: authConfig}
+		tokenHandlerOptions := auth.TokenHandlerOptions{
+			Transport:   authTransport,
+			Credentials: creds,
+			Scopes: []auth.Scope{
+				auth.RepositoryScope{
+					Repository: repoName,
+					Actions:    actions,
+				},
+			},
+			ClientID: registry.AuthClientID,
+		}
+		tokenHandler := auth.NewTokenHandlerWithOptions(tokenHandlerOptions)
+		basicHandler := auth.NewBasicHandler(creds)
+		modifiers = append(modifiers, auth.NewAuthorizer(challengeManager, tokenHandler, basicHandler))
+	}
+	tr := transport.NewTransport(base, modifiers...)
+
+	repoNameRef, err := distreference.ParseNamed(repoName)
+	if err != nil {
+		return nil, foundVersion, fallbackError{
+			err:         err,
+			confirmedV2: foundVersion,
+			transportOK: true,
+		}
+	}
+
+	repo, err = client.NewRepository(ctx, repoNameRef, endpoint.URL.String(), tr)
+	if err != nil {
+		err = fallbackError{
+			err:         err,
+			confirmedV2: foundVersion,
+			transportOK: true,
+		}
+	}
+	return
+}
+
+type existingTokenHandler struct {
+	token string
+}
+
+func (th *existingTokenHandler) Scheme() string {
+	return "bearer"
+}
+
+func (th *existingTokenHandler) AuthorizeRequest(req *http.Request, params map[string]string) error {
+	req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", th.token))
+	return nil
+}
diff --git a/distribution/registry_unit_test.go b/distribution/registry_unit_test.go
new file mode 100644
index 00000000..b60a465d
--- /dev/null
+++ b/distribution/registry_unit_test.go
@@ -0,0 +1,133 @@
+package distribution
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"os"
+	"strings"
+	"testing"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/reference"
+	"github.com/docker/docker/registry"
+	"github.com/docker/docker/utils"
+	"github.com/docker/engine-api/types"
+	registrytypes "github.com/docker/engine-api/types/registry"
+	"golang.org/x/net/context"
+)
+
+const secretRegistryToken = "mysecrettoken"
+
+type tokenPassThruHandler struct {
+	reached       bool
+	gotToken      bool
+	shouldSend401 func(url string) bool
+}
+
+func (h *tokenPassThruHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	h.reached = true
+	if strings.Contains(r.Header.Get("Authorization"), secretRegistryToken) {
+		logrus.Debug("Detected registry token in auth header")
+		h.gotToken = true
+	}
+	if h.shouldSend401 == nil || h.shouldSend401(r.RequestURI) {
+		w.Header().Set("WWW-Authenticate", `Bearer realm="foorealm"`)
+		w.WriteHeader(401)
+	}
+}
+
+func testTokenPassThru(t *testing.T, ts *httptest.Server) {
+	tmp, err := utils.TestDirectory("")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmp)
+
+	uri, err := url.Parse(ts.URL)
+	if err != nil {
+		t.Fatalf("could not parse url from test server: %v", err)
+	}
+
+	endpoint := registry.APIEndpoint{
+		Mirror:       false,
+		URL:          uri,
+		Version:      2,
+		Official:     false,
+		TrimHostname: false,
+		TLSConfig:    nil,
+		//VersionHeader: "verheader",
+	}
+	n, _ := reference.ParseNamed("testremotename")
+	repoInfo := &registry.RepositoryInfo{
+		Named: n,
+		Index: &registrytypes.IndexInfo{
+			Name:     "testrepo",
+			Mirrors:  nil,
+			Secure:   false,
+			Official: false,
+		},
+		Official: false,
+	}
+	imagePullConfig := &ImagePullConfig{
+		MetaHeaders: http.Header{},
+		AuthConfig: &types.AuthConfig{
+			RegistryToken: secretRegistryToken,
+		},
+	}
+	puller, err := newPuller(endpoint, repoInfo, imagePullConfig)
+	if err != nil {
+		t.Fatal(err)
+	}
+	p := puller.(*v2Puller)
+	ctx := context.Background()
+	p.repo, _, err = NewV2Repository(ctx, p.repoInfo, p.endpoint, p.config.MetaHeaders, p.config.AuthConfig, "pull")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	logrus.Debug("About to pull")
+	// We expect it to fail, since we haven't mock'd the full registry exchange in our handler above
+	tag, _ := reference.WithTag(n, "tag_goes_here")
+	_ = p.pullV2Repository(ctx, tag)
+}
+
+func TestTokenPassThru(t *testing.T) {
+	handler := &tokenPassThruHandler{shouldSend401: func(url string) bool { return url == "/v2/" }}
+	ts := httptest.NewServer(handler)
+	defer ts.Close()
+
+	testTokenPassThru(t, ts)
+
+	if !handler.reached {
+		t.Fatal("Handler not reached")
+	}
+	if !handler.gotToken {
+		t.Fatal("Failed to receive registry token")
+	}
+}
+
+func TestTokenPassThruDifferentHost(t *testing.T) {
+	handler := new(tokenPassThruHandler)
+	ts := httptest.NewServer(handler)
+	defer ts.Close()
+
+	tsredirect := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if r.RequestURI == "/v2/" {
+			w.Header().Set("WWW-Authenticate", `Bearer realm="foorealm"`)
+			w.WriteHeader(401)
+			return
+		}
+		http.Redirect(w, r, ts.URL+r.URL.Path, http.StatusMovedPermanently)
+	}))
+	defer tsredirect.Close()
+
+	testTokenPassThru(t, tsredirect)
+
+	if !handler.reached {
+		t.Fatal("Handler not reached")
+	}
+	if handler.gotToken {
+		t.Fatal("Redirect should not forward Authorization header to another host")
+	}
+}
diff --git a/distribution/xfer/download.go b/distribution/xfer/download.go
new file mode 100644
index 00000000..739c427c
--- /dev/null
+++ b/distribution/xfer/download.go
@@ -0,0 +1,430 @@
+package xfer
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/pkg/progress"
+	"golang.org/x/net/context"
+)
+
+const maxDownloadAttempts = 5
+
+// LayerDownloadManager figures out which layers need to be downloaded, then
+// registers and downloads those, taking into account dependencies between
+// layers.
+type LayerDownloadManager struct {
+	layerStore layer.Store
+	tm         TransferManager
+}
+
+// NewLayerDownloadManager returns a new LayerDownloadManager.
+func NewLayerDownloadManager(layerStore layer.Store, concurrencyLimit int) *LayerDownloadManager {
+	return &LayerDownloadManager{
+		layerStore: layerStore,
+		tm:         NewTransferManager(concurrencyLimit),
+	}
+}
+
+type downloadTransfer struct {
+	Transfer
+
+	layerStore layer.Store
+	layer      layer.Layer
+	err        error
+}
+
+// result returns the layer resulting from the download, if the download
+// and registration were successful.
+func (d *downloadTransfer) result() (layer.Layer, error) {
+	return d.layer, d.err
+}
+
+// A DownloadDescriptor references a layer that may need to be downloaded.
+type DownloadDescriptor interface {
+	// Key returns the key used to deduplicate downloads.
+	Key() string
+	// ID returns the ID for display purposes.
+	ID() string
+	// DiffID should return the DiffID for this layer, or an error
+	// if it is unknown (for example, if it has not been downloaded
+	// before).
+	DiffID() (layer.DiffID, error)
+	// Download is called to perform the download.
+	Download(ctx context.Context, progressOutput progress.Output) (io.ReadCloser, int64, error)
+	// Close is called when the download manager is finished with this
+	// descriptor and will not call Download again or read from the reader
+	// that Download returned.
+	Close()
+}
+
+// DownloadDescriptorWithRegistered is a DownloadDescriptor that has an
+// additional Registered method which gets called after a downloaded layer is
+// registered. This allows the user of the download manager to know the DiffID
+// of each registered layer. This method is called if a cast to
+// DownloadDescriptorWithRegistered is successful.
+type DownloadDescriptorWithRegistered interface {
+	DownloadDescriptor
+	Registered(diffID layer.DiffID)
+}
+
+// Download is a blocking function which ensures the requested layers are
+// present in the layer store. It uses the string returned by the Key method to
+// deduplicate downloads. If a given layer is not already known to present in
+// the layer store, and the key is not used by an in-progress download, the
+// Download method is called to get the layer tar data. Layers are then
+// registered in the appropriate order.  The caller must call the returned
+// release function once it is is done with the returned RootFS object.
+func (ldm *LayerDownloadManager) Download(ctx context.Context, initialRootFS image.RootFS, layers []DownloadDescriptor, progressOutput progress.Output) (image.RootFS, func(), error) {
+	var (
+		topLayer       layer.Layer
+		topDownload    *downloadTransfer
+		watcher        *Watcher
+		missingLayer   bool
+		transferKey    = ""
+		downloadsByKey = make(map[string]*downloadTransfer)
+	)
+
+	rootFS := initialRootFS
+	for _, descriptor := range layers {
+		key := descriptor.Key()
+		transferKey += key
+
+		if !missingLayer {
+			missingLayer = true
+			diffID, err := descriptor.DiffID()
+			if err == nil {
+				getRootFS := rootFS
+				getRootFS.Append(diffID)
+				l, err := ldm.layerStore.Get(getRootFS.ChainID())
+				if err == nil {
+					// Layer already exists.
+					logrus.Debugf("Layer already exists: %s", descriptor.ID())
+					progress.Update(progressOutput, descriptor.ID(), "Already exists")
+					if topLayer != nil {
+						layer.ReleaseAndLog(ldm.layerStore, topLayer)
+					}
+					topLayer = l
+					missingLayer = false
+					rootFS.Append(diffID)
+					continue
+				}
+			}
+		}
+
+		// Does this layer have the same data as a previous layer in
+		// the stack? If so, avoid downloading it more than once.
+		var topDownloadUncasted Transfer
+		if existingDownload, ok := downloadsByKey[key]; ok {
+			xferFunc := ldm.makeDownloadFuncFromDownload(descriptor, existingDownload, topDownload)
+			defer topDownload.Transfer.Release(watcher)
+			topDownloadUncasted, watcher = ldm.tm.Transfer(transferKey, xferFunc, progressOutput)
+			topDownload = topDownloadUncasted.(*downloadTransfer)
+			continue
+		}
+
+		// Layer is not known to exist - download and register it.
+		progress.Update(progressOutput, descriptor.ID(), "Pulling fs layer")
+
+		var xferFunc DoFunc
+		if topDownload != nil {
+			xferFunc = ldm.makeDownloadFunc(descriptor, "", topDownload)
+			defer topDownload.Transfer.Release(watcher)
+		} else {
+			xferFunc = ldm.makeDownloadFunc(descriptor, rootFS.ChainID(), nil)
+		}
+		topDownloadUncasted, watcher = ldm.tm.Transfer(transferKey, xferFunc, progressOutput)
+		topDownload = topDownloadUncasted.(*downloadTransfer)
+		downloadsByKey[key] = topDownload
+	}
+
+	if topDownload == nil {
+		return rootFS, func() {
+			if topLayer != nil {
+				layer.ReleaseAndLog(ldm.layerStore, topLayer)
+			}
+		}, nil
+	}
+
+	// Won't be using the list built up so far - will generate it
+	// from downloaded layers instead.
+	rootFS.DiffIDs = []layer.DiffID{}
+
+	defer func() {
+		if topLayer != nil {
+			layer.ReleaseAndLog(ldm.layerStore, topLayer)
+		}
+	}()
+
+	select {
+	case <-ctx.Done():
+		topDownload.Transfer.Release(watcher)
+		return rootFS, func() {}, ctx.Err()
+	case <-topDownload.Done():
+		break
+	}
+
+	l, err := topDownload.result()
+	if err != nil {
+		topDownload.Transfer.Release(watcher)
+		return rootFS, func() {}, err
+	}
+
+	// Must do this exactly len(layers) times, so we don't include the
+	// base layer on Windows.
+	for range layers {
+		if l == nil {
+			topDownload.Transfer.Release(watcher)
+			return rootFS, func() {}, errors.New("internal error: too few parent layers")
+		}
+		rootFS.DiffIDs = append([]layer.DiffID{l.DiffID()}, rootFS.DiffIDs...)
+		l = l.Parent()
+	}
+	return rootFS, func() { topDownload.Transfer.Release(watcher) }, err
+}
+
+// makeDownloadFunc returns a function that performs the layer download and
+// registration. If parentDownload is non-nil, it waits for that download to
+// complete before the registration step, and registers the downloaded data
+// on top of parentDownload's resulting layer. Otherwise, it registers the
+// layer on top of the ChainID given by parentLayer.
+func (ldm *LayerDownloadManager) makeDownloadFunc(descriptor DownloadDescriptor, parentLayer layer.ChainID, parentDownload *downloadTransfer) DoFunc {
+	return func(progressChan chan<- progress.Progress, start <-chan struct{}, inactive chan<- struct{}) Transfer {
+		d := &downloadTransfer{
+			Transfer:   NewTransfer(),
+			layerStore: ldm.layerStore,
+		}
+
+		go func() {
+			defer func() {
+				close(progressChan)
+			}()
+
+			progressOutput := progress.ChanOutput(progressChan)
+
+			select {
+			case <-start:
+			default:
+				progress.Update(progressOutput, descriptor.ID(), "Waiting")
+				<-start
+			}
+
+			if parentDownload != nil {
+				// Did the parent download already fail or get
+				// cancelled?
+				select {
+				case <-parentDownload.Done():
+					_, err := parentDownload.result()
+					if err != nil {
+						d.err = err
+						return
+					}
+				default:
+				}
+			}
+
+			var (
+				downloadReader io.ReadCloser
+				size           int64
+				err            error
+				retries        int
+			)
+
+			defer descriptor.Close()
+
+			for {
+				downloadReader, size, err = descriptor.Download(d.Transfer.Context(), progressOutput)
+				if err == nil {
+					break
+				}
+
+				// If an error was returned because the context
+				// was cancelled, we shouldn't retry.
+				select {
+				case <-d.Transfer.Context().Done():
+					d.err = err
+					return
+				default:
+				}
+
+				retries++
+				if _, isDNR := err.(DoNotRetry); isDNR || retries == maxDownloadAttempts {
+					logrus.Errorf("Download failed: %v", err)
+					d.err = err
+					return
+				}
+
+				logrus.Errorf("Download failed, retrying: %v", err)
+				delay := retries * 5
+				ticker := time.NewTicker(time.Second)
+
+			selectLoop:
+				for {
+					progress.Updatef(progressOutput, descriptor.ID(), "Retrying in %d second%s", delay, (map[bool]string{true: "s"})[delay != 1])
+					select {
+					case <-ticker.C:
+						delay--
+						if delay == 0 {
+							ticker.Stop()
+							break selectLoop
+						}
+					case <-d.Transfer.Context().Done():
+						ticker.Stop()
+						d.err = errors.New("download cancelled during retry delay")
+						return
+					}
+
+				}
+			}
+
+			close(inactive)
+
+			if parentDownload != nil {
+				select {
+				case <-d.Transfer.Context().Done():
+					d.err = errors.New("layer registration cancelled")
+					downloadReader.Close()
+					return
+				case <-parentDownload.Done():
+				}
+
+				l, err := parentDownload.result()
+				if err != nil {
+					d.err = err
+					downloadReader.Close()
+					return
+				}
+				parentLayer = l.ChainID()
+			}
+
+			reader := progress.NewProgressReader(ioutils.NewCancelReadCloser(d.Transfer.Context(), downloadReader), progressOutput, size, descriptor.ID(), "Extracting")
+			defer reader.Close()
+
+			inflatedLayerData, err := archive.DecompressStream(reader)
+			if err != nil {
+				d.err = fmt.Errorf("could not get decompression stream: %v", err)
+				return
+			}
+
+			d.layer, err = d.layerStore.Register(inflatedLayerData, parentLayer)
+			if err != nil {
+				select {
+				case <-d.Transfer.Context().Done():
+					d.err = errors.New("layer registration cancelled")
+				default:
+					d.err = fmt.Errorf("failed to register layer: %v", err)
+				}
+				return
+			}
+
+			progress.Update(progressOutput, descriptor.ID(), "Pull complete")
+			withRegistered, hasRegistered := descriptor.(DownloadDescriptorWithRegistered)
+			if hasRegistered {
+				withRegistered.Registered(d.layer.DiffID())
+			}
+
+			// Doesn't actually need to be its own goroutine, but
+			// done like this so we can defer close(c).
+			go func() {
+				<-d.Transfer.Released()
+				if d.layer != nil {
+					layer.ReleaseAndLog(d.layerStore, d.layer)
+				}
+			}()
+		}()
+
+		return d
+	}
+}
+
+// makeDownloadFuncFromDownload returns a function that performs the layer
+// registration when the layer data is coming from an existing download. It
+// waits for sourceDownload and parentDownload to complete, and then
+// reregisters the data from sourceDownload's top layer on top of
+// parentDownload. This function does not log progress output because it would
+// interfere with the progress reporting for sourceDownload, which has the same
+// Key.
+func (ldm *LayerDownloadManager) makeDownloadFuncFromDownload(descriptor DownloadDescriptor, sourceDownload *downloadTransfer, parentDownload *downloadTransfer) DoFunc {
+	return func(progressChan chan<- progress.Progress, start <-chan struct{}, inactive chan<- struct{}) Transfer {
+		d := &downloadTransfer{
+			Transfer:   NewTransfer(),
+			layerStore: ldm.layerStore,
+		}
+
+		go func() {
+			defer func() {
+				close(progressChan)
+			}()
+
+			<-start
+
+			close(inactive)
+
+			select {
+			case <-d.Transfer.Context().Done():
+				d.err = errors.New("layer registration cancelled")
+				return
+			case <-parentDownload.Done():
+			}
+
+			l, err := parentDownload.result()
+			if err != nil {
+				d.err = err
+				return
+			}
+			parentLayer := l.ChainID()
+
+			// sourceDownload should have already finished if
+			// parentDownload finished, but wait for it explicitly
+			// to be sure.
+			select {
+			case <-d.Transfer.Context().Done():
+				d.err = errors.New("layer registration cancelled")
+				return
+			case <-sourceDownload.Done():
+			}
+
+			l, err = sourceDownload.result()
+			if err != nil {
+				d.err = err
+				return
+			}
+
+			layerReader, err := l.TarStream()
+			if err != nil {
+				d.err = err
+				return
+			}
+			defer layerReader.Close()
+
+			d.layer, err = d.layerStore.Register(layerReader, parentLayer)
+			if err != nil {
+				d.err = fmt.Errorf("failed to register layer: %v", err)
+				return
+			}
+
+			withRegistered, hasRegistered := descriptor.(DownloadDescriptorWithRegistered)
+			if hasRegistered {
+				withRegistered.Registered(d.layer.DiffID())
+			}
+
+			// Doesn't actually need to be its own goroutine, but
+			// done like this so we can defer close(c).
+			go func() {
+				<-d.Transfer.Released()
+				if d.layer != nil {
+					layer.ReleaseAndLog(d.layerStore, d.layer)
+				}
+			}()
+		}()
+
+		return d
+	}
+}
diff --git a/distribution/xfer/download_test.go b/distribution/xfer/download_test.go
new file mode 100644
index 00000000..96f2db17
--- /dev/null
+++ b/distribution/xfer/download_test.go
@@ -0,0 +1,340 @@
+package xfer
+
+import (
+	"bytes"
+	"errors"
+	"io"
+	"io/ioutil"
+	"runtime"
+	"sync/atomic"
+	"testing"
+	"time"
+
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/pkg/progress"
+	"golang.org/x/net/context"
+)
+
+const maxDownloadConcurrency = 3
+
+type mockLayer struct {
+	layerData bytes.Buffer
+	diffID    layer.DiffID
+	chainID   layer.ChainID
+	parent    layer.Layer
+}
+
+func (ml *mockLayer) TarStream() (io.ReadCloser, error) {
+	return ioutil.NopCloser(bytes.NewBuffer(ml.layerData.Bytes())), nil
+}
+
+func (ml *mockLayer) ChainID() layer.ChainID {
+	return ml.chainID
+}
+
+func (ml *mockLayer) DiffID() layer.DiffID {
+	return ml.diffID
+}
+
+func (ml *mockLayer) Parent() layer.Layer {
+	return ml.parent
+}
+
+func (ml *mockLayer) Size() (size int64, err error) {
+	return 0, nil
+}
+
+func (ml *mockLayer) DiffSize() (size int64, err error) {
+	return 0, nil
+}
+
+func (ml *mockLayer) Metadata() (map[string]string, error) {
+	return make(map[string]string), nil
+}
+
+type mockLayerStore struct {
+	layers map[layer.ChainID]*mockLayer
+}
+
+func createChainIDFromParent(parent layer.ChainID, dgsts ...layer.DiffID) layer.ChainID {
+	if len(dgsts) == 0 {
+		return parent
+	}
+	if parent == "" {
+		return createChainIDFromParent(layer.ChainID(dgsts[0]), dgsts[1:]...)
+	}
+	// H = "H(n-1) SHA256(n)"
+	dgst := digest.FromBytes([]byte(string(parent) + " " + string(dgsts[0])))
+	return createChainIDFromParent(layer.ChainID(dgst), dgsts[1:]...)
+}
+
+func (ls *mockLayerStore) Register(reader io.Reader, parentID layer.ChainID) (layer.Layer, error) {
+	var (
+		parent layer.Layer
+		err    error
+	)
+
+	if parentID != "" {
+		parent, err = ls.Get(parentID)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	l := &mockLayer{parent: parent}
+	_, err = l.layerData.ReadFrom(reader)
+	if err != nil {
+		return nil, err
+	}
+	l.diffID = layer.DiffID(digest.FromBytes(l.layerData.Bytes()))
+	l.chainID = createChainIDFromParent(parentID, l.diffID)
+
+	ls.layers[l.chainID] = l
+	return l, nil
+}
+
+func (ls *mockLayerStore) Get(chainID layer.ChainID) (layer.Layer, error) {
+	l, ok := ls.layers[chainID]
+	if !ok {
+		return nil, layer.ErrLayerDoesNotExist
+	}
+	return l, nil
+}
+
+func (ls *mockLayerStore) Release(l layer.Layer) ([]layer.Metadata, error) {
+	return []layer.Metadata{}, nil
+}
+func (ls *mockLayerStore) CreateRWLayer(string, layer.ChainID, string, layer.MountInit) (layer.RWLayer, error) {
+	return nil, errors.New("not implemented")
+}
+
+func (ls *mockLayerStore) GetRWLayer(string) (layer.RWLayer, error) {
+	return nil, errors.New("not implemented")
+}
+
+func (ls *mockLayerStore) ReleaseRWLayer(layer.RWLayer) ([]layer.Metadata, error) {
+	return nil, errors.New("not implemented")
+}
+func (ls *mockLayerStore) GetMountID(string) (string, error) {
+	return "", errors.New("not implemented")
+}
+
+func (ls *mockLayerStore) ReinitRWLayer(layer.RWLayer) error {
+	return errors.New("not implemented")
+}
+
+func (ls *mockLayerStore) Cleanup() error {
+	return nil
+}
+
+func (ls *mockLayerStore) DriverStatus() [][2]string {
+	return [][2]string{}
+}
+
+func (ls *mockLayerStore) DriverName() string {
+	return "mock"
+}
+
+type mockDownloadDescriptor struct {
+	currentDownloads *int32
+	id               string
+	diffID           layer.DiffID
+	registeredDiffID layer.DiffID
+	expectedDiffID   layer.DiffID
+	simulateRetries  int
+}
+
+// Key returns the key used to deduplicate downloads.
+func (d *mockDownloadDescriptor) Key() string {
+	return d.id
+}
+
+// ID returns the ID for display purposes.
+func (d *mockDownloadDescriptor) ID() string {
+	return d.id
+}
+
+// DiffID should return the DiffID for this layer, or an error
+// if it is unknown (for example, if it has not been downloaded
+// before).
+func (d *mockDownloadDescriptor) DiffID() (layer.DiffID, error) {
+	if d.diffID != "" {
+		return d.diffID, nil
+	}
+	return "", errors.New("no diffID available")
+}
+
+func (d *mockDownloadDescriptor) Registered(diffID layer.DiffID) {
+	d.registeredDiffID = diffID
+}
+
+func (d *mockDownloadDescriptor) mockTarStream() io.ReadCloser {
+	// The mock implementation returns the ID repeated 5 times as a tar
+	// stream instead of actual tar data. The data is ignored except for
+	// computing IDs.
+	return ioutil.NopCloser(bytes.NewBuffer([]byte(d.id + d.id + d.id + d.id + d.id)))
+}
+
+// Download is called to perform the download.
+func (d *mockDownloadDescriptor) Download(ctx context.Context, progressOutput progress.Output) (io.ReadCloser, int64, error) {
+	if d.currentDownloads != nil {
+		defer atomic.AddInt32(d.currentDownloads, -1)
+
+		if atomic.AddInt32(d.currentDownloads, 1) > maxDownloadConcurrency {
+			return nil, 0, errors.New("concurrency limit exceeded")
+		}
+	}
+
+	// Sleep a bit to simulate a time-consuming download.
+	for i := int64(0); i <= 10; i++ {
+		select {
+		case <-ctx.Done():
+			return nil, 0, ctx.Err()
+		case <-time.After(10 * time.Millisecond):
+			progressOutput.WriteProgress(progress.Progress{ID: d.ID(), Action: "Downloading", Current: i, Total: 10})
+		}
+	}
+
+	if d.simulateRetries != 0 {
+		d.simulateRetries--
+		return nil, 0, errors.New("simulating retry")
+	}
+
+	return d.mockTarStream(), 0, nil
+}
+
+func (d *mockDownloadDescriptor) Close() {
+}
+
+func downloadDescriptors(currentDownloads *int32) []DownloadDescriptor {
+	return []DownloadDescriptor{
+		&mockDownloadDescriptor{
+			currentDownloads: currentDownloads,
+			id:               "id1",
+			expectedDiffID:   layer.DiffID("sha256:68e2c75dc5c78ea9240689c60d7599766c213ae210434c53af18470ae8c53ec1"),
+		},
+		&mockDownloadDescriptor{
+			currentDownloads: currentDownloads,
+			id:               "id2",
+			expectedDiffID:   layer.DiffID("sha256:64a636223116aa837973a5d9c2bdd17d9b204e4f95ac423e20e65dfbb3655473"),
+		},
+		&mockDownloadDescriptor{
+			currentDownloads: currentDownloads,
+			id:               "id3",
+			expectedDiffID:   layer.DiffID("sha256:58745a8bbd669c25213e9de578c4da5c8ee1c836b3581432c2b50e38a6753300"),
+		},
+		&mockDownloadDescriptor{
+			currentDownloads: currentDownloads,
+			id:               "id2",
+			expectedDiffID:   layer.DiffID("sha256:64a636223116aa837973a5d9c2bdd17d9b204e4f95ac423e20e65dfbb3655473"),
+		},
+		&mockDownloadDescriptor{
+			currentDownloads: currentDownloads,
+			id:               "id4",
+			expectedDiffID:   layer.DiffID("sha256:0dfb5b9577716cc173e95af7c10289322c29a6453a1718addc00c0c5b1330936"),
+			simulateRetries:  1,
+		},
+		&mockDownloadDescriptor{
+			currentDownloads: currentDownloads,
+			id:               "id5",
+			expectedDiffID:   layer.DiffID("sha256:0a5f25fa1acbc647f6112a6276735d0fa01e4ee2aa7ec33015e337350e1ea23d"),
+		},
+	}
+}
+
+func TestSuccessfulDownload(t *testing.T) {
+	// TODO Windows: Fix this unit text
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs fixing on Windows")
+	}
+	layerStore := &mockLayerStore{make(map[layer.ChainID]*mockLayer)}
+	ldm := NewLayerDownloadManager(layerStore, maxDownloadConcurrency)
+
+	progressChan := make(chan progress.Progress)
+	progressDone := make(chan struct{})
+	receivedProgress := make(map[string]progress.Progress)
+
+	go func() {
+		for p := range progressChan {
+			receivedProgress[p.ID] = p
+		}
+		close(progressDone)
+	}()
+
+	var currentDownloads int32
+	descriptors := downloadDescriptors(&currentDownloads)
+
+	firstDescriptor := descriptors[0].(*mockDownloadDescriptor)
+
+	// Pre-register the first layer to simulate an already-existing layer
+	l, err := layerStore.Register(firstDescriptor.mockTarStream(), "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	firstDescriptor.diffID = l.DiffID()
+
+	rootFS, releaseFunc, err := ldm.Download(context.Background(), *image.NewRootFS(), descriptors, progress.ChanOutput(progressChan))
+	if err != nil {
+		t.Fatalf("download error: %v", err)
+	}
+
+	releaseFunc()
+
+	close(progressChan)
+	<-progressDone
+
+	if len(rootFS.DiffIDs) != len(descriptors) {
+		t.Fatal("got wrong number of diffIDs in rootfs")
+	}
+
+	for i, d := range descriptors {
+		descriptor := d.(*mockDownloadDescriptor)
+
+		if descriptor.diffID != "" {
+			if receivedProgress[d.ID()].Action != "Already exists" {
+				t.Fatalf("did not get 'Already exists' message for %v", d.ID())
+			}
+		} else if receivedProgress[d.ID()].Action != "Pull complete" {
+			t.Fatalf("did not get 'Pull complete' message for %v", d.ID())
+		}
+
+		if rootFS.DiffIDs[i] != descriptor.expectedDiffID {
+			t.Fatalf("rootFS item %d has the wrong diffID (expected: %v got: %v)", i, descriptor.expectedDiffID, rootFS.DiffIDs[i])
+		}
+
+		if descriptor.diffID == "" && descriptor.registeredDiffID != rootFS.DiffIDs[i] {
+			t.Fatal("diffID mismatch between rootFS and Registered callback")
+		}
+	}
+}
+
+func TestCancelledDownload(t *testing.T) {
+	ldm := NewLayerDownloadManager(&mockLayerStore{make(map[layer.ChainID]*mockLayer)}, maxDownloadConcurrency)
+
+	progressChan := make(chan progress.Progress)
+	progressDone := make(chan struct{})
+
+	go func() {
+		for range progressChan {
+		}
+		close(progressDone)
+	}()
+
+	ctx, cancel := context.WithCancel(context.Background())
+
+	go func() {
+		<-time.After(time.Millisecond)
+		cancel()
+	}()
+
+	descriptors := downloadDescriptors(nil)
+	_, _, err := ldm.Download(ctx, *image.NewRootFS(), descriptors, progress.ChanOutput(progressChan))
+	if err != context.Canceled {
+		t.Fatal("expected download to be cancelled")
+	}
+
+	close(progressChan)
+	<-progressDone
+}
diff --git a/distribution/xfer/transfer.go b/distribution/xfer/transfer.go
new file mode 100644
index 00000000..dd83f8b8
--- /dev/null
+++ b/distribution/xfer/transfer.go
@@ -0,0 +1,392 @@
+package xfer
+
+import (
+	"runtime"
+	"sync"
+
+	"github.com/docker/docker/pkg/progress"
+	"golang.org/x/net/context"
+)
+
+// DoNotRetry is an error wrapper indicating that the error cannot be resolved
+// with a retry.
+type DoNotRetry struct {
+	Err error
+}
+
+// Error returns the stringified representation of the encapsulated error.
+func (e DoNotRetry) Error() string {
+	return e.Err.Error()
+}
+
+// Watcher is returned by Watch and can be passed to Release to stop watching.
+type Watcher struct {
+	// signalChan is used to signal to the watcher goroutine that
+	// new progress information is available, or that the transfer
+	// has finished.
+	signalChan chan struct{}
+	// releaseChan signals to the watcher goroutine that the watcher
+	// should be detached.
+	releaseChan chan struct{}
+	// running remains open as long as the watcher is watching the
+	// transfer. It gets closed if the transfer finishes or the
+	// watcher is detached.
+	running chan struct{}
+}
+
+// Transfer represents an in-progress transfer.
+type Transfer interface {
+	Watch(progressOutput progress.Output) *Watcher
+	Release(*Watcher)
+	Context() context.Context
+	Close()
+	Done() <-chan struct{}
+	Released() <-chan struct{}
+	Broadcast(masterProgressChan <-chan progress.Progress)
+}
+
+type transfer struct {
+	mu sync.Mutex
+
+	ctx    context.Context
+	cancel context.CancelFunc
+
+	// watchers keeps track of the goroutines monitoring progress output,
+	// indexed by the channels that release them.
+	watchers map[chan struct{}]*Watcher
+
+	// lastProgress is the most recently received progress event.
+	lastProgress progress.Progress
+	// hasLastProgress is true when lastProgress has been set.
+	hasLastProgress bool
+
+	// running remains open as long as the transfer is in progress.
+	running chan struct{}
+	// released stays open until all watchers release the transfer and
+	// the transfer is no longer tracked by the transfer manager.
+	released chan struct{}
+
+	// broadcastDone is true if the master progress channel has closed.
+	broadcastDone bool
+	// closed is true if Close has been called
+	closed bool
+	// broadcastSyncChan allows watchers to "ping" the broadcasting
+	// goroutine to wait for it for deplete its input channel. This ensures
+	// a detaching watcher won't miss an event that was sent before it
+	// started detaching.
+	broadcastSyncChan chan struct{}
+}
+
+// NewTransfer creates a new transfer.
+func NewTransfer() Transfer {
+	t := &transfer{
+		watchers:          make(map[chan struct{}]*Watcher),
+		running:           make(chan struct{}),
+		released:          make(chan struct{}),
+		broadcastSyncChan: make(chan struct{}),
+	}
+
+	// This uses context.Background instead of a caller-supplied context
+	// so that a transfer won't be cancelled automatically if the client
+	// which requested it is ^C'd (there could be other viewers).
+	t.ctx, t.cancel = context.WithCancel(context.Background())
+
+	return t
+}
+
+// Broadcast copies the progress and error output to all viewers.
+func (t *transfer) Broadcast(masterProgressChan <-chan progress.Progress) {
+	for {
+		var (
+			p  progress.Progress
+			ok bool
+		)
+		select {
+		case p, ok = <-masterProgressChan:
+		default:
+			// We've depleted the channel, so now we can handle
+			// reads on broadcastSyncChan to let detaching watchers
+			// know we're caught up.
+			select {
+			case <-t.broadcastSyncChan:
+				continue
+			case p, ok = <-masterProgressChan:
+			}
+		}
+
+		t.mu.Lock()
+		if ok {
+			t.lastProgress = p
+			t.hasLastProgress = true
+			for _, w := range t.watchers {
+				select {
+				case w.signalChan <- struct{}{}:
+				default:
+				}
+			}
+		} else {
+			t.broadcastDone = true
+		}
+		t.mu.Unlock()
+		if !ok {
+			close(t.running)
+			return
+		}
+	}
+}
+
+// Watch adds a watcher to the transfer. The supplied channel gets progress
+// updates and is closed when the transfer finishes.
+func (t *transfer) Watch(progressOutput progress.Output) *Watcher {
+	t.mu.Lock()
+	defer t.mu.Unlock()
+
+	w := &Watcher{
+		releaseChan: make(chan struct{}),
+		signalChan:  make(chan struct{}),
+		running:     make(chan struct{}),
+	}
+
+	t.watchers[w.releaseChan] = w
+
+	if t.broadcastDone {
+		close(w.running)
+		return w
+	}
+
+	go func() {
+		defer func() {
+			close(w.running)
+		}()
+		var (
+			done           bool
+			lastWritten    progress.Progress
+			hasLastWritten bool
+		)
+		for {
+			t.mu.Lock()
+			hasLastProgress := t.hasLastProgress
+			lastProgress := t.lastProgress
+			t.mu.Unlock()
+
+			// Make sure we don't write the last progress item
+			// twice.
+			if hasLastProgress && (!done || !hasLastWritten || lastProgress != lastWritten) {
+				progressOutput.WriteProgress(lastProgress)
+				lastWritten = lastProgress
+				hasLastWritten = true
+			}
+
+			if done {
+				return
+			}
+
+			select {
+			case <-w.signalChan:
+			case <-w.releaseChan:
+				done = true
+				// Since the watcher is going to detach, make
+				// sure the broadcaster is caught up so we
+				// don't miss anything.
+				select {
+				case t.broadcastSyncChan <- struct{}{}:
+				case <-t.running:
+				}
+			case <-t.running:
+				done = true
+			}
+		}
+	}()
+
+	return w
+}
+
+// Release is the inverse of Watch; indicating that the watcher no longer wants
+// to be notified about the progress of the transfer. All calls to Watch must
+// be paired with later calls to Release so that the lifecycle of the transfer
+// is properly managed.
+func (t *transfer) Release(watcher *Watcher) {
+	t.mu.Lock()
+	delete(t.watchers, watcher.releaseChan)
+
+	if len(t.watchers) == 0 {
+		if t.closed {
+			// released may have been closed already if all
+			// watchers were released, then another one was added
+			// while waiting for a previous watcher goroutine to
+			// finish.
+			select {
+			case <-t.released:
+			default:
+				close(t.released)
+			}
+		} else {
+			t.cancel()
+		}
+	}
+	t.mu.Unlock()
+
+	close(watcher.releaseChan)
+	// Block until the watcher goroutine completes
+	<-watcher.running
+}
+
+// Done returns a channel which is closed if the transfer completes or is
+// cancelled. Note that having 0 watchers causes a transfer to be cancelled.
+func (t *transfer) Done() <-chan struct{} {
+	// Note that this doesn't return t.ctx.Done() because that channel will
+	// be closed the moment Cancel is called, and we need to return a
+	// channel that blocks until a cancellation is actually acknowledged by
+	// the transfer function.
+	return t.running
+}
+
+// Released returns a channel which is closed once all watchers release the
+// transfer AND the transfer is no longer tracked by the transfer manager.
+func (t *transfer) Released() <-chan struct{} {
+	return t.released
+}
+
+// Context returns the context associated with the transfer.
+func (t *transfer) Context() context.Context {
+	return t.ctx
+}
+
+// Close is called by the transfer manager when the transfer is no longer
+// being tracked.
+func (t *transfer) Close() {
+	t.mu.Lock()
+	t.closed = true
+	if len(t.watchers) == 0 {
+		close(t.released)
+	}
+	t.mu.Unlock()
+}
+
+// DoFunc is a function called by the transfer manager to actually perform
+// a transfer. It should be non-blocking. It should wait until the start channel
+// is closed before transferring any data. If the function closes inactive, that
+// signals to the transfer manager that the job is no longer actively moving
+// data - for example, it may be waiting for a dependent transfer to finish.
+// This prevents it from taking up a slot.
+type DoFunc func(progressChan chan<- progress.Progress, start <-chan struct{}, inactive chan<- struct{}) Transfer
+
+// TransferManager is used by LayerDownloadManager and LayerUploadManager to
+// schedule and deduplicate transfers. It is up to the TransferManager
+// implementation to make the scheduling and concurrency decisions.
+type TransferManager interface {
+	// Transfer checks if a transfer with the given key is in progress. If
+	// so, it returns progress and error output from that transfer.
+	// Otherwise, it will call xferFunc to initiate the transfer.
+	Transfer(key string, xferFunc DoFunc, progressOutput progress.Output) (Transfer, *Watcher)
+}
+
+type transferManager struct {
+	mu sync.Mutex
+
+	concurrencyLimit int
+	activeTransfers  int
+	transfers        map[string]Transfer
+	waitingTransfers []chan struct{}
+}
+
+// NewTransferManager returns a new TransferManager.
+func NewTransferManager(concurrencyLimit int) TransferManager {
+	return &transferManager{
+		concurrencyLimit: concurrencyLimit,
+		transfers:        make(map[string]Transfer),
+	}
+}
+
+// Transfer checks if a transfer matching the given key is in progress. If not,
+// it starts one by calling xferFunc. The caller supplies a channel which
+// receives progress output from the transfer.
+func (tm *transferManager) Transfer(key string, xferFunc DoFunc, progressOutput progress.Output) (Transfer, *Watcher) {
+	tm.mu.Lock()
+	defer tm.mu.Unlock()
+
+	for {
+		xfer, present := tm.transfers[key]
+		if !present {
+			break
+		}
+		// Transfer is already in progress.
+		watcher := xfer.Watch(progressOutput)
+
+		select {
+		case <-xfer.Context().Done():
+			// We don't want to watch a transfer that has been cancelled.
+			// Wait for it to be removed from the map and try again.
+			xfer.Release(watcher)
+			tm.mu.Unlock()
+			// The goroutine that removes this transfer from the
+			// map is also waiting for xfer.Done(), so yield to it.
+			// This could be avoided by adding a Closed method
+			// to Transfer to allow explicitly waiting for it to be
+			// removed the map, but forcing a scheduling round in
+			// this very rare case seems better than bloating the
+			// interface definition.
+			runtime.Gosched()
+			<-xfer.Done()
+			tm.mu.Lock()
+		default:
+			return xfer, watcher
+		}
+	}
+
+	start := make(chan struct{})
+	inactive := make(chan struct{})
+
+	if tm.activeTransfers < tm.concurrencyLimit {
+		close(start)
+		tm.activeTransfers++
+	} else {
+		tm.waitingTransfers = append(tm.waitingTransfers, start)
+	}
+
+	masterProgressChan := make(chan progress.Progress)
+	xfer := xferFunc(masterProgressChan, start, inactive)
+	watcher := xfer.Watch(progressOutput)
+	go xfer.Broadcast(masterProgressChan)
+	tm.transfers[key] = xfer
+
+	// When the transfer is finished, remove from the map.
+	go func() {
+		for {
+			select {
+			case <-inactive:
+				tm.mu.Lock()
+				tm.inactivate(start)
+				tm.mu.Unlock()
+				inactive = nil
+			case <-xfer.Done():
+				tm.mu.Lock()
+				if inactive != nil {
+					tm.inactivate(start)
+				}
+				delete(tm.transfers, key)
+				tm.mu.Unlock()
+				xfer.Close()
+				return
+			}
+		}
+	}()
+
+	return xfer, watcher
+}
+
+func (tm *transferManager) inactivate(start chan struct{}) {
+	// If the transfer was started, remove it from the activeTransfers
+	// count.
+	select {
+	case <-start:
+		// Start next transfer if any are waiting
+		if len(tm.waitingTransfers) != 0 {
+			close(tm.waitingTransfers[0])
+			tm.waitingTransfers = tm.waitingTransfers[1:]
+		} else {
+			tm.activeTransfers--
+		}
+	default:
+	}
+}
diff --git a/distribution/xfer/transfer_test.go b/distribution/xfer/transfer_test.go
new file mode 100644
index 00000000..39fb7d08
--- /dev/null
+++ b/distribution/xfer/transfer_test.go
@@ -0,0 +1,414 @@
+package xfer
+
+import (
+	"sync/atomic"
+	"testing"
+	"time"
+
+	"github.com/docker/docker/pkg/progress"
+)
+
+func TestTransfer(t *testing.T) {
+	makeXferFunc := func(id string) DoFunc {
+		return func(progressChan chan<- progress.Progress, start <-chan struct{}, inactive chan<- struct{}) Transfer {
+			select {
+			case <-start:
+			default:
+				t.Fatalf("transfer function not started even though concurrency limit not reached")
+			}
+
+			xfer := NewTransfer()
+			go func() {
+				for i := 0; i <= 10; i++ {
+					progressChan <- progress.Progress{ID: id, Action: "testing", Current: int64(i), Total: 10}
+					time.Sleep(10 * time.Millisecond)
+				}
+				close(progressChan)
+			}()
+			return xfer
+		}
+	}
+
+	tm := NewTransferManager(5)
+	progressChan := make(chan progress.Progress)
+	progressDone := make(chan struct{})
+	receivedProgress := make(map[string]int64)
+
+	go func() {
+		for p := range progressChan {
+			val, present := receivedProgress[p.ID]
+			if !present {
+				if p.Current != 0 {
+					t.Fatalf("got unexpected progress value: %d (expected 0)", p.Current)
+				}
+			} else if p.Current <= val {
+				t.Fatalf("got unexpected progress value: %d (expected %d)", p.Current, val+1)
+			}
+			receivedProgress[p.ID] = p.Current
+		}
+		close(progressDone)
+	}()
+
+	// Start a few transfers
+	ids := []string{"id1", "id2", "id3"}
+	xfers := make([]Transfer, len(ids))
+	watchers := make([]*Watcher, len(ids))
+	for i, id := range ids {
+		xfers[i], watchers[i] = tm.Transfer(id, makeXferFunc(id), progress.ChanOutput(progressChan))
+	}
+
+	for i, xfer := range xfers {
+		<-xfer.Done()
+		xfer.Release(watchers[i])
+	}
+	close(progressChan)
+	<-progressDone
+
+	for _, id := range ids {
+		if receivedProgress[id] != 10 {
+			t.Fatalf("final progress value %d instead of 10", receivedProgress[id])
+		}
+	}
+}
+
+func TestConcurrencyLimit(t *testing.T) {
+	concurrencyLimit := 3
+	var runningJobs int32
+
+	makeXferFunc := func(id string) DoFunc {
+		return func(progressChan chan<- progress.Progress, start <-chan struct{}, inactive chan<- struct{}) Transfer {
+			xfer := NewTransfer()
+			go func() {
+				<-start
+				totalJobs := atomic.AddInt32(&runningJobs, 1)
+				if int(totalJobs) > concurrencyLimit {
+					t.Fatalf("too many jobs running")
+				}
+				for i := 0; i <= 10; i++ {
+					progressChan <- progress.Progress{ID: id, Action: "testing", Current: int64(i), Total: 10}
+					time.Sleep(10 * time.Millisecond)
+				}
+				atomic.AddInt32(&runningJobs, -1)
+				close(progressChan)
+			}()
+			return xfer
+		}
+	}
+
+	tm := NewTransferManager(concurrencyLimit)
+	progressChan := make(chan progress.Progress)
+	progressDone := make(chan struct{})
+	receivedProgress := make(map[string]int64)
+
+	go func() {
+		for p := range progressChan {
+			receivedProgress[p.ID] = p.Current
+		}
+		close(progressDone)
+	}()
+
+	// Start more transfers than the concurrency limit
+	ids := []string{"id1", "id2", "id3", "id4", "id5", "id6", "id7", "id8"}
+	xfers := make([]Transfer, len(ids))
+	watchers := make([]*Watcher, len(ids))
+	for i, id := range ids {
+		xfers[i], watchers[i] = tm.Transfer(id, makeXferFunc(id), progress.ChanOutput(progressChan))
+	}
+
+	for i, xfer := range xfers {
+		<-xfer.Done()
+		xfer.Release(watchers[i])
+	}
+	close(progressChan)
+	<-progressDone
+
+	for _, id := range ids {
+		if receivedProgress[id] != 10 {
+			t.Fatalf("final progress value %d instead of 10", receivedProgress[id])
+		}
+	}
+}
+
+func TestInactiveJobs(t *testing.T) {
+	concurrencyLimit := 3
+	var runningJobs int32
+	testDone := make(chan struct{})
+
+	makeXferFunc := func(id string) DoFunc {
+		return func(progressChan chan<- progress.Progress, start <-chan struct{}, inactive chan<- struct{}) Transfer {
+			xfer := NewTransfer()
+			go func() {
+				<-start
+				totalJobs := atomic.AddInt32(&runningJobs, 1)
+				if int(totalJobs) > concurrencyLimit {
+					t.Fatalf("too many jobs running")
+				}
+				for i := 0; i <= 10; i++ {
+					progressChan <- progress.Progress{ID: id, Action: "testing", Current: int64(i), Total: 10}
+					time.Sleep(10 * time.Millisecond)
+				}
+				atomic.AddInt32(&runningJobs, -1)
+				close(inactive)
+				<-testDone
+				close(progressChan)
+			}()
+			return xfer
+		}
+	}
+
+	tm := NewTransferManager(concurrencyLimit)
+	progressChan := make(chan progress.Progress)
+	progressDone := make(chan struct{})
+	receivedProgress := make(map[string]int64)
+
+	go func() {
+		for p := range progressChan {
+			receivedProgress[p.ID] = p.Current
+		}
+		close(progressDone)
+	}()
+
+	// Start more transfers than the concurrency limit
+	ids := []string{"id1", "id2", "id3", "id4", "id5", "id6", "id7", "id8"}
+	xfers := make([]Transfer, len(ids))
+	watchers := make([]*Watcher, len(ids))
+	for i, id := range ids {
+		xfers[i], watchers[i] = tm.Transfer(id, makeXferFunc(id), progress.ChanOutput(progressChan))
+	}
+
+	close(testDone)
+	for i, xfer := range xfers {
+		<-xfer.Done()
+		xfer.Release(watchers[i])
+	}
+	close(progressChan)
+	<-progressDone
+
+	for _, id := range ids {
+		if receivedProgress[id] != 10 {
+			t.Fatalf("final progress value %d instead of 10", receivedProgress[id])
+		}
+	}
+}
+
+func TestWatchRelease(t *testing.T) {
+	ready := make(chan struct{})
+
+	makeXferFunc := func(id string) DoFunc {
+		return func(progressChan chan<- progress.Progress, start <-chan struct{}, inactive chan<- struct{}) Transfer {
+			xfer := NewTransfer()
+			go func() {
+				defer func() {
+					close(progressChan)
+				}()
+				<-ready
+				for i := int64(0); ; i++ {
+					select {
+					case <-time.After(10 * time.Millisecond):
+					case <-xfer.Context().Done():
+						return
+					}
+					progressChan <- progress.Progress{ID: id, Action: "testing", Current: i, Total: 10}
+				}
+			}()
+			return xfer
+		}
+	}
+
+	tm := NewTransferManager(5)
+
+	type watcherInfo struct {
+		watcher               *Watcher
+		progressChan          chan progress.Progress
+		progressDone          chan struct{}
+		receivedFirstProgress chan struct{}
+	}
+
+	progressConsumer := func(w watcherInfo) {
+		first := true
+		for range w.progressChan {
+			if first {
+				close(w.receivedFirstProgress)
+			}
+			first = false
+		}
+		close(w.progressDone)
+	}
+
+	// Start a transfer
+	watchers := make([]watcherInfo, 5)
+	var xfer Transfer
+	watchers[0].progressChan = make(chan progress.Progress)
+	watchers[0].progressDone = make(chan struct{})
+	watchers[0].receivedFirstProgress = make(chan struct{})
+	xfer, watchers[0].watcher = tm.Transfer("id1", makeXferFunc("id1"), progress.ChanOutput(watchers[0].progressChan))
+	go progressConsumer(watchers[0])
+
+	// Give it multiple watchers
+	for i := 1; i != len(watchers); i++ {
+		watchers[i].progressChan = make(chan progress.Progress)
+		watchers[i].progressDone = make(chan struct{})
+		watchers[i].receivedFirstProgress = make(chan struct{})
+		watchers[i].watcher = xfer.Watch(progress.ChanOutput(watchers[i].progressChan))
+		go progressConsumer(watchers[i])
+	}
+
+	// Now that the watchers are set up, allow the transfer goroutine to
+	// proceed.
+	close(ready)
+
+	// Confirm that each watcher gets progress output.
+	for _, w := range watchers {
+		<-w.receivedFirstProgress
+	}
+
+	// Release one watcher every 5ms
+	for _, w := range watchers {
+		xfer.Release(w.watcher)
+		<-time.After(5 * time.Millisecond)
+	}
+
+	// Now that all watchers have been released, Released() should
+	// return a closed channel.
+	<-xfer.Released()
+
+	// Done() should return a closed channel because the xfer func returned
+	// due to cancellation.
+	<-xfer.Done()
+
+	for _, w := range watchers {
+		close(w.progressChan)
+		<-w.progressDone
+	}
+}
+
+func TestWatchFinishedTransfer(t *testing.T) {
+	makeXferFunc := func(id string) DoFunc {
+		return func(progressChan chan<- progress.Progress, start <-chan struct{}, inactive chan<- struct{}) Transfer {
+			xfer := NewTransfer()
+			go func() {
+				// Finish immediately
+				close(progressChan)
+			}()
+			return xfer
+		}
+	}
+
+	tm := NewTransferManager(5)
+
+	// Start a transfer
+	watchers := make([]*Watcher, 3)
+	var xfer Transfer
+	xfer, watchers[0] = tm.Transfer("id1", makeXferFunc("id1"), progress.ChanOutput(make(chan progress.Progress)))
+
+	// Give it a watcher immediately
+	watchers[1] = xfer.Watch(progress.ChanOutput(make(chan progress.Progress)))
+
+	// Wait for the transfer to complete
+	<-xfer.Done()
+
+	// Set up another watcher
+	watchers[2] = xfer.Watch(progress.ChanOutput(make(chan progress.Progress)))
+
+	// Release the watchers
+	for _, w := range watchers {
+		xfer.Release(w)
+	}
+
+	// Now that all watchers have been released, Released() should
+	// return a closed channel.
+	<-xfer.Released()
+}
+
+func TestDuplicateTransfer(t *testing.T) {
+	ready := make(chan struct{})
+
+	var xferFuncCalls int32
+
+	makeXferFunc := func(id string) DoFunc {
+		return func(progressChan chan<- progress.Progress, start <-chan struct{}, inactive chan<- struct{}) Transfer {
+			atomic.AddInt32(&xferFuncCalls, 1)
+			xfer := NewTransfer()
+			go func() {
+				defer func() {
+					close(progressChan)
+				}()
+				<-ready
+				for i := int64(0); ; i++ {
+					select {
+					case <-time.After(10 * time.Millisecond):
+					case <-xfer.Context().Done():
+						return
+					}
+					progressChan <- progress.Progress{ID: id, Action: "testing", Current: i, Total: 10}
+				}
+			}()
+			return xfer
+		}
+	}
+
+	tm := NewTransferManager(5)
+
+	type transferInfo struct {
+		xfer                  Transfer
+		watcher               *Watcher
+		progressChan          chan progress.Progress
+		progressDone          chan struct{}
+		receivedFirstProgress chan struct{}
+	}
+
+	progressConsumer := func(t transferInfo) {
+		first := true
+		for range t.progressChan {
+			if first {
+				close(t.receivedFirstProgress)
+			}
+			first = false
+		}
+		close(t.progressDone)
+	}
+
+	// Try to start multiple transfers with the same ID
+	transfers := make([]transferInfo, 5)
+	for i := range transfers {
+		t := &transfers[i]
+		t.progressChan = make(chan progress.Progress)
+		t.progressDone = make(chan struct{})
+		t.receivedFirstProgress = make(chan struct{})
+		t.xfer, t.watcher = tm.Transfer("id1", makeXferFunc("id1"), progress.ChanOutput(t.progressChan))
+		go progressConsumer(*t)
+	}
+
+	// Allow the transfer goroutine to proceed.
+	close(ready)
+
+	// Confirm that each watcher gets progress output.
+	for _, t := range transfers {
+		<-t.receivedFirstProgress
+	}
+
+	// Confirm that the transfer function was called exactly once.
+	if xferFuncCalls != 1 {
+		t.Fatal("transfer function wasn't called exactly once")
+	}
+
+	// Release one watcher every 5ms
+	for _, t := range transfers {
+		t.xfer.Release(t.watcher)
+		<-time.After(5 * time.Millisecond)
+	}
+
+	for _, t := range transfers {
+		// Now that all watchers have been released, Released() should
+		// return a closed channel.
+		<-t.xfer.Released()
+		// Done() should return a closed channel because the xfer func returned
+		// due to cancellation.
+		<-t.xfer.Done()
+	}
+
+	for _, t := range transfers {
+		close(t.progressChan)
+		<-t.progressDone
+	}
+}
diff --git a/distribution/xfer/upload.go b/distribution/xfer/upload.go
new file mode 100644
index 00000000..563824c1
--- /dev/null
+++ b/distribution/xfer/upload.go
@@ -0,0 +1,163 @@
+package xfer
+
+import (
+	"errors"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/pkg/progress"
+	"golang.org/x/net/context"
+)
+
+const maxUploadAttempts = 5
+
+// LayerUploadManager provides task management and progress reporting for
+// uploads.
+type LayerUploadManager struct {
+	tm TransferManager
+}
+
+// NewLayerUploadManager returns a new LayerUploadManager.
+func NewLayerUploadManager(concurrencyLimit int) *LayerUploadManager {
+	return &LayerUploadManager{
+		tm: NewTransferManager(concurrencyLimit),
+	}
+}
+
+type uploadTransfer struct {
+	Transfer
+
+	remoteDescriptor distribution.Descriptor
+	err              error
+}
+
+// An UploadDescriptor references a layer that may need to be uploaded.
+type UploadDescriptor interface {
+	// Key returns the key used to deduplicate uploads.
+	Key() string
+	// ID returns the ID for display purposes.
+	ID() string
+	// DiffID should return the DiffID for this layer.
+	DiffID() layer.DiffID
+	// Upload is called to perform the Upload.
+	Upload(ctx context.Context, progressOutput progress.Output) (distribution.Descriptor, error)
+	// SetRemoteDescriptor provides the distribution.Descriptor that was
+	// returned by Upload. This descriptor is not to be confused with
+	// the UploadDescriptor interface, which is used for internally
+	// identifying layers that are being uploaded.
+	SetRemoteDescriptor(descriptor distribution.Descriptor)
+}
+
+// Upload is a blocking function which ensures the listed layers are present on
+// the remote registry. It uses the string returned by the Key method to
+// deduplicate uploads.
+func (lum *LayerUploadManager) Upload(ctx context.Context, layers []UploadDescriptor, progressOutput progress.Output) error {
+	var (
+		uploads          []*uploadTransfer
+		dedupDescriptors = make(map[string]*uploadTransfer)
+	)
+
+	for _, descriptor := range layers {
+		progress.Update(progressOutput, descriptor.ID(), "Preparing")
+
+		key := descriptor.Key()
+		if _, present := dedupDescriptors[key]; present {
+			continue
+		}
+
+		xferFunc := lum.makeUploadFunc(descriptor)
+		upload, watcher := lum.tm.Transfer(descriptor.Key(), xferFunc, progressOutput)
+		defer upload.Release(watcher)
+		uploads = append(uploads, upload.(*uploadTransfer))
+		dedupDescriptors[key] = upload.(*uploadTransfer)
+	}
+
+	for _, upload := range uploads {
+		select {
+		case <-ctx.Done():
+			return ctx.Err()
+		case <-upload.Transfer.Done():
+			if upload.err != nil {
+				return upload.err
+			}
+		}
+	}
+	for _, l := range layers {
+		l.SetRemoteDescriptor(dedupDescriptors[l.Key()].remoteDescriptor)
+	}
+
+	return nil
+}
+
+func (lum *LayerUploadManager) makeUploadFunc(descriptor UploadDescriptor) DoFunc {
+	return func(progressChan chan<- progress.Progress, start <-chan struct{}, inactive chan<- struct{}) Transfer {
+		u := &uploadTransfer{
+			Transfer: NewTransfer(),
+		}
+
+		go func() {
+			defer func() {
+				close(progressChan)
+			}()
+
+			progressOutput := progress.ChanOutput(progressChan)
+
+			select {
+			case <-start:
+			default:
+				progress.Update(progressOutput, descriptor.ID(), "Waiting")
+				<-start
+			}
+
+			retries := 0
+			for {
+				remoteDescriptor, err := descriptor.Upload(u.Transfer.Context(), progressOutput)
+				if err == nil {
+					u.remoteDescriptor = remoteDescriptor
+					break
+				}
+
+				// If an error was returned because the context
+				// was cancelled, we shouldn't retry.
+				select {
+				case <-u.Transfer.Context().Done():
+					u.err = err
+					return
+				default:
+				}
+
+				retries++
+				if _, isDNR := err.(DoNotRetry); isDNR || retries == maxUploadAttempts {
+					logrus.Errorf("Upload failed: %v", err)
+					u.err = err
+					return
+				}
+
+				logrus.Errorf("Upload failed, retrying: %v", err)
+				delay := retries * 5
+				ticker := time.NewTicker(time.Second)
+
+			selectLoop:
+				for {
+					progress.Updatef(progressOutput, descriptor.ID(), "Retrying in %d second%s", delay, (map[bool]string{true: "s"})[delay != 1])
+					select {
+					case <-ticker.C:
+						delay--
+						if delay == 0 {
+							ticker.Stop()
+							break selectLoop
+						}
+					case <-u.Transfer.Context().Done():
+						ticker.Stop()
+						u.err = errors.New("upload cancelled during retry delay")
+						return
+					}
+				}
+			}
+		}()
+
+		return u
+	}
+}
diff --git a/distribution/xfer/upload_test.go b/distribution/xfer/upload_test.go
new file mode 100644
index 00000000..275d2426
--- /dev/null
+++ b/distribution/xfer/upload_test.go
@@ -0,0 +1,143 @@
+package xfer
+
+import (
+	"errors"
+	"sync/atomic"
+	"testing"
+	"time"
+
+	"github.com/docker/distribution"
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/pkg/progress"
+	"golang.org/x/net/context"
+)
+
+const maxUploadConcurrency = 3
+
+type mockUploadDescriptor struct {
+	currentUploads  *int32
+	diffID          layer.DiffID
+	simulateRetries int
+}
+
+// Key returns the key used to deduplicate downloads.
+func (u *mockUploadDescriptor) Key() string {
+	return u.diffID.String()
+}
+
+// ID returns the ID for display purposes.
+func (u *mockUploadDescriptor) ID() string {
+	return u.diffID.String()
+}
+
+// DiffID should return the DiffID for this layer.
+func (u *mockUploadDescriptor) DiffID() layer.DiffID {
+	return u.diffID
+}
+
+// SetRemoteDescriptor is not used in the mock.
+func (u *mockUploadDescriptor) SetRemoteDescriptor(remoteDescriptor distribution.Descriptor) {
+}
+
+// Upload is called to perform the upload.
+func (u *mockUploadDescriptor) Upload(ctx context.Context, progressOutput progress.Output) (distribution.Descriptor, error) {
+	if u.currentUploads != nil {
+		defer atomic.AddInt32(u.currentUploads, -1)
+
+		if atomic.AddInt32(u.currentUploads, 1) > maxUploadConcurrency {
+			return distribution.Descriptor{}, errors.New("concurrency limit exceeded")
+		}
+	}
+
+	// Sleep a bit to simulate a time-consuming upload.
+	for i := int64(0); i <= 10; i++ {
+		select {
+		case <-ctx.Done():
+			return distribution.Descriptor{}, ctx.Err()
+		case <-time.After(10 * time.Millisecond):
+			progressOutput.WriteProgress(progress.Progress{ID: u.ID(), Current: i, Total: 10})
+		}
+	}
+
+	if u.simulateRetries != 0 {
+		u.simulateRetries--
+		return distribution.Descriptor{}, errors.New("simulating retry")
+	}
+
+	return distribution.Descriptor{}, nil
+}
+
+func uploadDescriptors(currentUploads *int32) []UploadDescriptor {
+	return []UploadDescriptor{
+		&mockUploadDescriptor{currentUploads, layer.DiffID("sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf"), 0},
+		&mockUploadDescriptor{currentUploads, layer.DiffID("sha256:1515325234325236634634608943609283523908626098235490238423902343"), 0},
+		&mockUploadDescriptor{currentUploads, layer.DiffID("sha256:6929356290463485374960346430698374523437683470934634534953453453"), 0},
+		&mockUploadDescriptor{currentUploads, layer.DiffID("sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf"), 0},
+		&mockUploadDescriptor{currentUploads, layer.DiffID("sha256:8159352387436803946235346346368745389534789534897538734598734987"), 1},
+		&mockUploadDescriptor{currentUploads, layer.DiffID("sha256:4637863963478346897346987346987346789346789364879364897364987346"), 0},
+	}
+}
+
+var expectedDigests = map[layer.DiffID]digest.Digest{
+	layer.DiffID("sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf"): digest.Digest("sha256:c5095d6cf7ee42b7b064371dcc1dc3fb4af197f04d01a60009d484bd432724fc"),
+	layer.DiffID("sha256:1515325234325236634634608943609283523908626098235490238423902343"): digest.Digest("sha256:968cbfe2ff5269ea1729b3804767a1f57ffbc442d3bc86f47edbf7e688a4f36e"),
+	layer.DiffID("sha256:6929356290463485374960346430698374523437683470934634534953453453"): digest.Digest("sha256:8a5e56ab4b477a400470a7d5d4c1ca0c91235fd723ab19cc862636a06f3a735d"),
+	layer.DiffID("sha256:8159352387436803946235346346368745389534789534897538734598734987"): digest.Digest("sha256:5e733e5cd3688512fc240bd5c178e72671c9915947d17bb8451750d827944cb2"),
+	layer.DiffID("sha256:4637863963478346897346987346987346789346789364879364897364987346"): digest.Digest("sha256:ec4bb98d15e554a9f66c3ef9296cf46772c0ded3b1592bd8324d96e2f60f460c"),
+}
+
+func TestSuccessfulUpload(t *testing.T) {
+	lum := NewLayerUploadManager(maxUploadConcurrency)
+
+	progressChan := make(chan progress.Progress)
+	progressDone := make(chan struct{})
+	receivedProgress := make(map[string]int64)
+
+	go func() {
+		for p := range progressChan {
+			receivedProgress[p.ID] = p.Current
+		}
+		close(progressDone)
+	}()
+
+	var currentUploads int32
+	descriptors := uploadDescriptors(&currentUploads)
+
+	err := lum.Upload(context.Background(), descriptors, progress.ChanOutput(progressChan))
+	if err != nil {
+		t.Fatalf("upload error: %v", err)
+	}
+
+	close(progressChan)
+	<-progressDone
+}
+
+func TestCancelledUpload(t *testing.T) {
+	lum := NewLayerUploadManager(maxUploadConcurrency)
+
+	progressChan := make(chan progress.Progress)
+	progressDone := make(chan struct{})
+
+	go func() {
+		for range progressChan {
+		}
+		close(progressDone)
+	}()
+
+	ctx, cancel := context.WithCancel(context.Background())
+
+	go func() {
+		<-time.After(time.Millisecond)
+		cancel()
+	}()
+
+	descriptors := uploadDescriptors(nil)
+	err := lum.Upload(ctx, descriptors, progress.ChanOutput(progressChan))
+	if err != context.Canceled {
+		t.Fatal("expected upload to be cancelled")
+	}
+
+	close(progressChan)
+	<-progressDone
+}
diff --git a/docker/README.md b/docker/README.md
new file mode 100644
index 00000000..015bc133
--- /dev/null
+++ b/docker/README.md
@@ -0,0 +1,3 @@
+docker.go contains Docker's main function.
+
+This file provides first line CLI argument parsing and environment variable setting.
diff --git a/docker/client.go b/docker/client.go
new file mode 100644
index 00000000..3b4c4f63
--- /dev/null
+++ b/docker/client.go
@@ -0,0 +1,33 @@
+package main
+
+import (
+	"path/filepath"
+
+	"github.com/docker/docker/cli"
+	"github.com/docker/docker/cliconfig"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/utils"
+)
+
+var clientFlags = &cli.ClientFlags{FlagSet: new(flag.FlagSet), Common: commonFlags}
+
+func init() {
+	client := clientFlags.FlagSet
+	client.StringVar(&clientFlags.ConfigDir, []string{"-config"}, cliconfig.ConfigDir(), "Location of client config files")
+
+	clientFlags.PostParse = func() {
+		clientFlags.Common.PostParse()
+
+		if clientFlags.ConfigDir != "" {
+			cliconfig.SetConfigDir(clientFlags.ConfigDir)
+		}
+
+		if clientFlags.Common.TrustKey == "" {
+			clientFlags.Common.TrustKey = filepath.Join(cliconfig.ConfigDir(), defaultTrustKeyFile)
+		}
+
+		if clientFlags.Common.Debug {
+			utils.EnableDebug()
+		}
+	}
+}
diff --git a/docker/client_test.go b/docker/client_test.go
new file mode 100644
index 00000000..5708c96c
--- /dev/null
+++ b/docker/client_test.go
@@ -0,0 +1,23 @@
+package main
+
+import (
+	"os"
+	"testing"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/utils"
+)
+
+func TestClientDebugEnabled(t *testing.T) {
+	defer utils.DisableDebug()
+
+	clientFlags.Common.FlagSet.Parse([]string{"-D"})
+	clientFlags.PostParse()
+
+	if os.Getenv("DEBUG") != "1" {
+		t.Fatal("expected debug enabled, got false")
+	}
+	if logrus.GetLevel() != logrus.DebugLevel {
+		t.Fatalf("expected logrus debug level, got %v", logrus.GetLevel())
+	}
+}
diff --git a/docker/common.go b/docker/common.go
new file mode 100644
index 00000000..6028f79d
--- /dev/null
+++ b/docker/common.go
@@ -0,0 +1,100 @@
+package main
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/cli"
+	"github.com/docker/docker/cliconfig"
+	"github.com/docker/docker/opts"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/go-connections/tlsconfig"
+)
+
+const (
+	defaultTrustKeyFile = "key.json"
+	defaultCaFile       = "ca.pem"
+	defaultKeyFile      = "key.pem"
+	defaultCertFile     = "cert.pem"
+	tlsVerifyKey        = "tlsverify"
+)
+
+var (
+	commonFlags = &cli.CommonFlags{FlagSet: new(flag.FlagSet)}
+
+	dockerCertPath  = os.Getenv("DOCKER_CERT_PATH")
+	dockerTLSVerify = os.Getenv("DOCKER_TLS_VERIFY") != ""
+)
+
+func init() {
+	if dockerCertPath == "" {
+		dockerCertPath = cliconfig.ConfigDir()
+	}
+
+	commonFlags.PostParse = postParseCommon
+
+	cmd := commonFlags.FlagSet
+
+	cmd.BoolVar(&commonFlags.Debug, []string{"D", "-debug"}, false, "Enable debug mode")
+	cmd.StringVar(&commonFlags.LogLevel, []string{"l", "-log-level"}, "info", "Set the logging level")
+	cmd.BoolVar(&commonFlags.TLS, []string{"-tls"}, false, "Use TLS; implied by --tlsverify")
+	cmd.BoolVar(&commonFlags.TLSVerify, []string{"-tlsverify"}, dockerTLSVerify, "Use TLS and verify the remote")
+
+	// TODO use flag flag.String([]string{"i", "-identity"}, "", "Path to libtrust key file")
+
+	var tlsOptions tlsconfig.Options
+	commonFlags.TLSOptions = &tlsOptions
+	cmd.StringVar(&tlsOptions.CAFile, []string{"-tlscacert"}, filepath.Join(dockerCertPath, defaultCaFile), "Trust certs signed only by this CA")
+	cmd.StringVar(&tlsOptions.CertFile, []string{"-tlscert"}, filepath.Join(dockerCertPath, defaultCertFile), "Path to TLS certificate file")
+	cmd.StringVar(&tlsOptions.KeyFile, []string{"-tlskey"}, filepath.Join(dockerCertPath, defaultKeyFile), "Path to TLS key file")
+
+	cmd.Var(opts.NewNamedListOptsRef("hosts", &commonFlags.Hosts, opts.ValidateHost), []string{"H", "-host"}, "Daemon socket(s) to connect to")
+}
+
+func postParseCommon() {
+	cmd := commonFlags.FlagSet
+
+	setDaemonLogLevel(commonFlags.LogLevel)
+
+	// Regardless of whether the user sets it to true or false, if they
+	// specify --tlsverify at all then we need to turn on tls
+	// TLSVerify can be true even if not set due to DOCKER_TLS_VERIFY env var, so we need to check that here as well
+	if cmd.IsSet("-"+tlsVerifyKey) || commonFlags.TLSVerify {
+		commonFlags.TLS = true
+	}
+
+	if !commonFlags.TLS {
+		commonFlags.TLSOptions = nil
+	} else {
+		tlsOptions := commonFlags.TLSOptions
+		tlsOptions.InsecureSkipVerify = !commonFlags.TLSVerify
+
+		// Reset CertFile and KeyFile to empty string if the user did not specify
+		// the respective flags and the respective default files were not found.
+		if !cmd.IsSet("-tlscert") {
+			if _, err := os.Stat(tlsOptions.CertFile); os.IsNotExist(err) {
+				tlsOptions.CertFile = ""
+			}
+		}
+		if !cmd.IsSet("-tlskey") {
+			if _, err := os.Stat(tlsOptions.KeyFile); os.IsNotExist(err) {
+				tlsOptions.KeyFile = ""
+			}
+		}
+	}
+}
+
+func setDaemonLogLevel(logLevel string) {
+	if logLevel != "" {
+		lvl, err := logrus.ParseLevel(logLevel)
+		if err != nil {
+			fmt.Fprintf(os.Stderr, "Unable to parse logging level: %s\n", logLevel)
+			os.Exit(1)
+		}
+		logrus.SetLevel(lvl)
+	} else {
+		logrus.SetLevel(logrus.InfoLevel)
+	}
+}
diff --git a/docker/daemon.go b/docker/daemon.go
new file mode 100644
index 00000000..bee921c7
--- /dev/null
+++ b/docker/daemon.go
@@ -0,0 +1,421 @@
+// +build daemon
+
+package main
+
+import (
+	"crypto/tls"
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+	"runtime"
+	"strings"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/uuid"
+	apiserver "github.com/docker/docker/api/server"
+	"github.com/docker/docker/api/server/router"
+	"github.com/docker/docker/api/server/router/build"
+	"github.com/docker/docker/api/server/router/container"
+	"github.com/docker/docker/api/server/router/image"
+	"github.com/docker/docker/api/server/router/network"
+	systemrouter "github.com/docker/docker/api/server/router/system"
+	"github.com/docker/docker/api/server/router/volume"
+	"github.com/docker/docker/builder/dockerfile"
+	"github.com/docker/docker/cli"
+	"github.com/docker/docker/cliconfig"
+	"github.com/docker/docker/daemon"
+	"github.com/docker/docker/daemon/logger"
+	"github.com/docker/docker/docker/listeners"
+	"github.com/docker/docker/dockerversion"
+	"github.com/docker/docker/libcontainerd"
+	"github.com/docker/docker/opts"
+	"github.com/docker/docker/pkg/jsonlog"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/pkg/pidfile"
+	"github.com/docker/docker/pkg/signal"
+	"github.com/docker/docker/pkg/system"
+	"github.com/docker/docker/registry"
+	"github.com/docker/docker/utils"
+	"github.com/docker/go-connections/tlsconfig"
+)
+
+const (
+	daemonUsage          = "       docker daemon [ --help | ... ]\n"
+	daemonConfigFileFlag = "-config-file"
+)
+
+var (
+	daemonCli cli.Handler = NewDaemonCli()
+)
+
+// DaemonCli represents the daemon CLI.
+type DaemonCli struct {
+	*daemon.Config
+	flags *flag.FlagSet
+}
+
+func presentInHelp(usage string) string { return usage }
+func absentFromHelp(string) string      { return "" }
+
+// NewDaemonCli returns a pre-configured daemon CLI
+func NewDaemonCli() *DaemonCli {
+	daemonFlags := cli.Subcmd("daemon", nil, "Enable daemon mode", true)
+
+	// TODO(tiborvass): remove InstallFlags?
+	daemonConfig := new(daemon.Config)
+	daemonConfig.LogConfig.Config = make(map[string]string)
+	daemonConfig.ClusterOpts = make(map[string]string)
+
+	if runtime.GOOS != "linux" {
+		daemonConfig.V2Only = true
+	}
+
+	daemonConfig.InstallFlags(daemonFlags, presentInHelp)
+	daemonConfig.InstallFlags(flag.CommandLine, absentFromHelp)
+	daemonFlags.Require(flag.Exact, 0)
+
+	return &DaemonCli{
+		Config: daemonConfig,
+		flags:  daemonFlags,
+	}
+}
+
+func migrateKey() (err error) {
+	// Migrate trust key if exists at ~/.docker/key.json and owned by current user
+	oldPath := filepath.Join(cliconfig.ConfigDir(), defaultTrustKeyFile)
+	newPath := filepath.Join(getDaemonConfDir(), defaultTrustKeyFile)
+	if _, statErr := os.Stat(newPath); os.IsNotExist(statErr) && currentUserIsOwner(oldPath) {
+		defer func() {
+			// Ensure old path is removed if no error occurred
+			if err == nil {
+				err = os.Remove(oldPath)
+			} else {
+				logrus.Warnf("Key migration failed, key file not removed at %s", oldPath)
+				os.Remove(newPath)
+			}
+		}()
+
+		if err := system.MkdirAll(getDaemonConfDir(), os.FileMode(0644)); err != nil {
+			return fmt.Errorf("Unable to create daemon configuration directory: %s", err)
+		}
+
+		newFile, err := os.OpenFile(newPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)
+		if err != nil {
+			return fmt.Errorf("error creating key file %q: %s", newPath, err)
+		}
+		defer newFile.Close()
+
+		oldFile, err := os.Open(oldPath)
+		if err != nil {
+			return fmt.Errorf("error opening key file %q: %s", oldPath, err)
+		}
+		defer oldFile.Close()
+
+		if _, err := io.Copy(newFile, oldFile); err != nil {
+			return fmt.Errorf("error copying key: %s", err)
+		}
+
+		logrus.Infof("Migrated key from %s to %s", oldPath, newPath)
+	}
+
+	return nil
+}
+
+func getGlobalFlag() (globalFlag *flag.Flag) {
+	defer func() {
+		if x := recover(); x != nil {
+			switch f := x.(type) {
+			case *flag.Flag:
+				globalFlag = f
+			default:
+				panic(x)
+			}
+		}
+	}()
+	visitor := func(f *flag.Flag) { panic(f) }
+	commonFlags.FlagSet.Visit(visitor)
+	clientFlags.FlagSet.Visit(visitor)
+	return
+}
+
+// CmdDaemon is the daemon command, called the raw arguments after `docker daemon`.
+func (cli *DaemonCli) CmdDaemon(args ...string) error {
+	// warn from uuid package when running the daemon
+	uuid.Loggerf = logrus.Warnf
+
+	if !commonFlags.FlagSet.IsEmpty() || !clientFlags.FlagSet.IsEmpty() {
+		// deny `docker -D daemon`
+		illegalFlag := getGlobalFlag()
+		fmt.Fprintf(os.Stderr, "invalid flag '-%s'.\nSee 'docker daemon --help'.\n", illegalFlag.Names[0])
+		os.Exit(1)
+	} else {
+		// allow new form `docker daemon -D`
+		flag.Merge(cli.flags, commonFlags.FlagSet)
+	}
+
+	configFile := cli.flags.String([]string{daemonConfigFileFlag}, defaultDaemonConfigFile, "Daemon configuration file")
+
+	cli.flags.ParseFlags(args, true)
+	commonFlags.PostParse()
+
+	if commonFlags.TrustKey == "" {
+		commonFlags.TrustKey = filepath.Join(getDaemonConfDir(), defaultTrustKeyFile)
+	}
+	cliConfig, err := loadDaemonCliConfig(cli.Config, cli.flags, commonFlags, *configFile)
+	if err != nil {
+		fmt.Fprint(os.Stderr, err)
+		os.Exit(1)
+	}
+	cli.Config = cliConfig
+
+	if cli.Config.Debug {
+		utils.EnableDebug()
+	}
+
+	if utils.ExperimentalBuild() {
+		logrus.Warn("Running experimental build")
+	}
+
+	logrus.SetFormatter(&logrus.TextFormatter{
+		TimestampFormat: jsonlog.RFC3339NanoFixed,
+		DisableColors:   cli.Config.RawLogs,
+	})
+
+	if err := setDefaultUmask(); err != nil {
+		logrus.Fatalf("Failed to set umask: %v", err)
+	}
+
+	if len(cli.LogConfig.Config) > 0 {
+		if err := logger.ValidateLogOpts(cli.LogConfig.Type, cli.LogConfig.Config); err != nil {
+			logrus.Fatalf("Failed to set log opts: %v", err)
+		}
+	}
+
+	var pfile *pidfile.PIDFile
+	if cli.Pidfile != "" {
+		pf, err := pidfile.New(cli.Pidfile)
+		if err != nil {
+			logrus.Fatalf("Error starting daemon: %v", err)
+		}
+		pfile = pf
+		defer func() {
+			if err := pfile.Remove(); err != nil {
+				logrus.Error(err)
+			}
+		}()
+	}
+
+	serverConfig := &apiserver.Config{
+		AuthorizationPluginNames: cli.Config.AuthorizationPlugins,
+		Logging:                  true,
+		SocketGroup:              cli.Config.SocketGroup,
+		Version:                  dockerversion.Version,
+	}
+	serverConfig = setPlatformServerConfig(serverConfig, cli.Config)
+
+	if cli.Config.TLS {
+		tlsOptions := tlsconfig.Options{
+			CAFile:   cli.Config.CommonTLSOptions.CAFile,
+			CertFile: cli.Config.CommonTLSOptions.CertFile,
+			KeyFile:  cli.Config.CommonTLSOptions.KeyFile,
+		}
+
+		if cli.Config.TLSVerify {
+			// server requires and verifies client's certificate
+			tlsOptions.ClientAuth = tls.RequireAndVerifyClientCert
+		}
+		tlsConfig, err := tlsconfig.Server(tlsOptions)
+		if err != nil {
+			logrus.Fatal(err)
+		}
+		serverConfig.TLSConfig = tlsConfig
+	}
+
+	if len(cli.Config.Hosts) == 0 {
+		cli.Config.Hosts = make([]string, 1)
+	}
+
+	api := apiserver.New(serverConfig)
+
+	for i := 0; i < len(cli.Config.Hosts); i++ {
+		var err error
+		if cli.Config.Hosts[i], err = opts.ParseHost(cli.Config.TLS, cli.Config.Hosts[i]); err != nil {
+			logrus.Fatalf("error parsing -H %s : %v", cli.Config.Hosts[i], err)
+		}
+
+		protoAddr := cli.Config.Hosts[i]
+		protoAddrParts := strings.SplitN(protoAddr, "://", 2)
+		if len(protoAddrParts) != 2 {
+			logrus.Fatalf("bad format %s, expected PROTO://ADDR", protoAddr)
+		}
+		l, err := listeners.Init(protoAddrParts[0], protoAddrParts[1], serverConfig.SocketGroup, serverConfig.TLSConfig)
+		if err != nil {
+			logrus.Fatal(err)
+		}
+
+		logrus.Debugf("Listener created for HTTP on %s (%s)", protoAddrParts[0], protoAddrParts[1])
+		api.Accept(protoAddrParts[1], l...)
+	}
+
+	if err := migrateKey(); err != nil {
+		logrus.Fatal(err)
+	}
+	cli.TrustKeyPath = commonFlags.TrustKey
+
+	registryService := registry.NewService(cli.Config.ServiceOptions)
+
+	containerdRemote, err := libcontainerd.New(filepath.Join(cli.Config.ExecRoot, "libcontainerd"), cli.getPlatformRemoteOptions()...)
+	if err != nil {
+		logrus.Fatal(err)
+	}
+
+	d, err := daemon.NewDaemon(cli.Config, registryService, containerdRemote)
+	if err != nil {
+		if pfile != nil {
+			if err := pfile.Remove(); err != nil {
+				logrus.Error(err)
+			}
+		}
+		logrus.Fatalf("Error starting daemon: %v", err)
+	}
+
+	logrus.Info("Daemon has completed initialization")
+
+	logrus.WithFields(logrus.Fields{
+		"version":     dockerversion.Version,
+		"commit":      dockerversion.GitCommit,
+		"graphdriver": d.GraphDriverName(),
+	}).Info("Docker daemon")
+
+	initRouter(api, d)
+
+	reload := func(config *daemon.Config) {
+		if err := d.Reload(config); err != nil {
+			logrus.Errorf("Error reconfiguring the daemon: %v", err)
+			return
+		}
+		if config.IsValueSet("debug") {
+			debugEnabled := utils.IsDebugEnabled()
+			switch {
+			case debugEnabled && !config.Debug: // disable debug
+				utils.DisableDebug()
+				api.DisableProfiler()
+			case config.Debug && !debugEnabled: // enable debug
+				utils.EnableDebug()
+				api.EnableProfiler()
+			}
+
+		}
+	}
+
+	setupConfigReloadTrap(*configFile, cli.flags, reload)
+
+	// The serve API routine never exits unless an error occurs
+	// We need to start it as a goroutine and wait on it so
+	// daemon doesn't exit
+	serveAPIWait := make(chan error)
+	go api.Wait(serveAPIWait)
+
+	signal.Trap(func() {
+		api.Close()
+		<-serveAPIWait
+		shutdownDaemon(d, 15)
+		if pfile != nil {
+			if err := pfile.Remove(); err != nil {
+				logrus.Error(err)
+			}
+		}
+	})
+
+	// after the daemon is done setting up we can notify systemd api
+	notifySystem()
+
+	// Daemon is fully initialized and handling API traffic
+	// Wait for serve API to complete
+	errAPI := <-serveAPIWait
+	shutdownDaemon(d, 15)
+	containerdRemote.Cleanup()
+	if errAPI != nil {
+		if pfile != nil {
+			if err := pfile.Remove(); err != nil {
+				logrus.Error(err)
+			}
+		}
+		logrus.Fatalf("Shutting down due to ServeAPI error: %v", errAPI)
+	}
+	return nil
+}
+
+// shutdownDaemon just wraps daemon.Shutdown() to handle a timeout in case
+// d.Shutdown() is waiting too long to kill container or worst it's
+// blocked there
+func shutdownDaemon(d *daemon.Daemon, timeout time.Duration) {
+	ch := make(chan struct{})
+	go func() {
+		d.Shutdown()
+		close(ch)
+	}()
+	select {
+	case <-ch:
+		logrus.Debug("Clean shutdown succeeded")
+	case <-time.After(timeout * time.Second):
+		logrus.Error("Force shutdown daemon")
+	}
+}
+
+func loadDaemonCliConfig(config *daemon.Config, daemonFlags *flag.FlagSet, commonConfig *cli.CommonFlags, configFile string) (*daemon.Config, error) {
+	config.Debug = commonConfig.Debug
+	config.Hosts = commonConfig.Hosts
+	config.LogLevel = commonConfig.LogLevel
+	config.TLS = commonConfig.TLS
+	config.TLSVerify = commonConfig.TLSVerify
+	config.CommonTLSOptions = daemon.CommonTLSOptions{}
+
+	if commonConfig.TLSOptions != nil {
+		config.CommonTLSOptions.CAFile = commonConfig.TLSOptions.CAFile
+		config.CommonTLSOptions.CertFile = commonConfig.TLSOptions.CertFile
+		config.CommonTLSOptions.KeyFile = commonConfig.TLSOptions.KeyFile
+	}
+
+	if configFile != "" {
+		c, err := daemon.MergeDaemonConfigurations(config, daemonFlags, configFile)
+		if err != nil {
+			if daemonFlags.IsSet(daemonConfigFileFlag) || !os.IsNotExist(err) {
+				return nil, fmt.Errorf("unable to configure the Docker daemon with file %s: %v\n", configFile, err)
+			}
+		}
+		// the merged configuration can be nil if the config file didn't exist.
+		// leave the current configuration as it is if when that happens.
+		if c != nil {
+			config = c
+		}
+	}
+
+	// Regardless of whether the user sets it to true or false, if they
+	// specify TLSVerify at all then we need to turn on TLS
+	if config.IsValueSet(tlsVerifyKey) {
+		config.TLS = true
+	}
+
+	// ensure that the log level is the one set after merging configurations
+	setDaemonLogLevel(config.LogLevel)
+
+	return config, nil
+}
+
+func initRouter(s *apiserver.Server, d *daemon.Daemon) {
+	routers := []router.Router{
+		container.NewRouter(d),
+		image.NewRouter(d),
+		systemrouter.NewRouter(d),
+		volume.NewRouter(d),
+		build.NewRouter(dockerfile.NewBuildManager(d)),
+	}
+	if d.NetworkControllerEnabled() {
+		routers = append(routers, network.NewRouter(d))
+	}
+
+	s.InitRouter(utils.IsDebugEnabled(), routers...)
+}
diff --git a/docker/daemon_freebsd.go b/docker/daemon_freebsd.go
new file mode 100644
index 00000000..5ac4d4be
--- /dev/null
+++ b/docker/daemon_freebsd.go
@@ -0,0 +1,7 @@
+// +build daemon
+
+package main
+
+// notifySystem sends a message to the host when the server is ready to be used
+func notifySystem() {
+}
diff --git a/docker/daemon_linux.go b/docker/daemon_linux.go
new file mode 100644
index 00000000..0a02128d
--- /dev/null
+++ b/docker/daemon_linux.go
@@ -0,0 +1,13 @@
+// +build daemon
+
+package main
+
+import (
+	systemdDaemon "github.com/coreos/go-systemd/daemon"
+)
+
+// notifySystem sends a message to the host when the server is ready to be used
+func notifySystem() {
+	// Tell the init daemon we are accepting requests
+	go systemdDaemon.SdNotify("READY=1")
+}
diff --git a/docker/daemon_none.go b/docker/daemon_none.go
new file mode 100644
index 00000000..0ea18838
--- /dev/null
+++ b/docker/daemon_none.go
@@ -0,0 +1,13 @@
+// +build !daemon
+
+package main
+
+import "github.com/docker/docker/cli"
+
+const daemonUsage = ""
+
+var daemonCli cli.Handler
+
+// notifySystem sends a message to the host when the server is ready to be used
+func notifySystem() {
+}
diff --git a/docker/daemon_test.go b/docker/daemon_test.go
new file mode 100644
index 00000000..c568bdb1
--- /dev/null
+++ b/docker/daemon_test.go
@@ -0,0 +1,296 @@
+// +build daemon
+
+package main
+
+import (
+	"io/ioutil"
+	"os"
+	"strings"
+	"testing"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/cli"
+	"github.com/docker/docker/daemon"
+	"github.com/docker/docker/opts"
+	"github.com/docker/docker/pkg/mflag"
+	"github.com/docker/go-connections/tlsconfig"
+)
+
+func TestLoadDaemonCliConfigWithoutOverriding(t *testing.T) {
+	c := &daemon.Config{}
+	common := &cli.CommonFlags{
+		Debug: true,
+	}
+
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+	loadedConfig, err := loadDaemonCliConfig(c, flags, common, "/tmp/fooobarbaz")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if loadedConfig == nil {
+		t.Fatalf("expected configuration %v, got nil", c)
+	}
+	if !loadedConfig.Debug {
+		t.Fatalf("expected debug to be copied from the common flags, got false")
+	}
+}
+
+func TestLoadDaemonCliConfigWithTLS(t *testing.T) {
+	c := &daemon.Config{}
+	common := &cli.CommonFlags{
+		TLS: true,
+		TLSOptions: &tlsconfig.Options{
+			CAFile: "/tmp/ca.pem",
+		},
+	}
+
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+	loadedConfig, err := loadDaemonCliConfig(c, flags, common, "/tmp/fooobarbaz")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if loadedConfig == nil {
+		t.Fatalf("expected configuration %v, got nil", c)
+	}
+	if loadedConfig.CommonTLSOptions.CAFile != "/tmp/ca.pem" {
+		t.Fatalf("expected /tmp/ca.pem, got %s: %q", loadedConfig.CommonTLSOptions.CAFile, loadedConfig)
+	}
+}
+
+func TestLoadDaemonCliConfigWithConflicts(t *testing.T) {
+	c := &daemon.Config{}
+	common := &cli.CommonFlags{}
+	f, err := ioutil.TempFile("", "docker-config-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	configFile := f.Name()
+	defer os.Remove(configFile)
+
+	f.Write([]byte(`{"labels": ["l3=foo"]}`))
+	f.Close()
+
+	var labels []string
+
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+	flags.String([]string{daemonConfigFileFlag}, "", "")
+	flags.Var(opts.NewNamedListOptsRef("labels", &labels, opts.ValidateLabel), []string{"-label"}, "")
+
+	flags.Set(daemonConfigFileFlag, configFile)
+	if err := flags.Set("-label", "l1=bar"); err != nil {
+		t.Fatal(err)
+	}
+	if err := flags.Set("-label", "l2=baz"); err != nil {
+		t.Fatal(err)
+	}
+
+	_, err = loadDaemonCliConfig(c, flags, common, configFile)
+	if err == nil {
+		t.Fatalf("expected configuration error, got nil")
+	}
+	if !strings.Contains(err.Error(), "labels") {
+		t.Fatalf("expected labels conflict, got %v", err)
+	}
+}
+
+func TestLoadDaemonCliConfigWithTLSVerify(t *testing.T) {
+	c := &daemon.Config{}
+	common := &cli.CommonFlags{
+		TLSOptions: &tlsconfig.Options{
+			CAFile: "/tmp/ca.pem",
+		},
+	}
+
+	f, err := ioutil.TempFile("", "docker-config-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	configFile := f.Name()
+	defer os.Remove(configFile)
+
+	f.Write([]byte(`{"tlsverify": true}`))
+	f.Close()
+
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+	flags.Bool([]string{"-tlsverify"}, false, "")
+	loadedConfig, err := loadDaemonCliConfig(c, flags, common, configFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if loadedConfig == nil {
+		t.Fatalf("expected configuration %v, got nil", c)
+	}
+
+	if !loadedConfig.TLS {
+		t.Fatalf("expected TLS enabled, got %q", loadedConfig)
+	}
+}
+
+func TestLoadDaemonCliConfigWithExplicitTLSVerifyFalse(t *testing.T) {
+	c := &daemon.Config{}
+	common := &cli.CommonFlags{
+		TLSOptions: &tlsconfig.Options{
+			CAFile: "/tmp/ca.pem",
+		},
+	}
+
+	f, err := ioutil.TempFile("", "docker-config-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	configFile := f.Name()
+	defer os.Remove(configFile)
+
+	f.Write([]byte(`{"tlsverify": false}`))
+	f.Close()
+
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+	flags.Bool([]string{"-tlsverify"}, false, "")
+	loadedConfig, err := loadDaemonCliConfig(c, flags, common, configFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if loadedConfig == nil {
+		t.Fatalf("expected configuration %v, got nil", c)
+	}
+
+	if !loadedConfig.TLS {
+		t.Fatalf("expected TLS enabled, got %q", loadedConfig)
+	}
+}
+
+func TestLoadDaemonCliConfigWithoutTLSVerify(t *testing.T) {
+	c := &daemon.Config{}
+	common := &cli.CommonFlags{
+		TLSOptions: &tlsconfig.Options{
+			CAFile: "/tmp/ca.pem",
+		},
+	}
+
+	f, err := ioutil.TempFile("", "docker-config-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	configFile := f.Name()
+	defer os.Remove(configFile)
+
+	f.Write([]byte(`{}`))
+	f.Close()
+
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+	loadedConfig, err := loadDaemonCliConfig(c, flags, common, configFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if loadedConfig == nil {
+		t.Fatalf("expected configuration %v, got nil", c)
+	}
+
+	if loadedConfig.TLS {
+		t.Fatalf("expected TLS disabled, got %q", loadedConfig)
+	}
+}
+
+func TestLoadDaemonCliConfigWithLogLevel(t *testing.T) {
+	c := &daemon.Config{}
+	common := &cli.CommonFlags{}
+
+	f, err := ioutil.TempFile("", "docker-config-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	configFile := f.Name()
+	defer os.Remove(configFile)
+
+	f.Write([]byte(`{"log-level": "warn"}`))
+	f.Close()
+
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+	flags.String([]string{"-log-level"}, "", "")
+	loadedConfig, err := loadDaemonCliConfig(c, flags, common, configFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if loadedConfig == nil {
+		t.Fatalf("expected configuration %v, got nil", c)
+	}
+	if loadedConfig.LogLevel != "warn" {
+		t.Fatalf("expected warn log level, got %v", loadedConfig.LogLevel)
+	}
+
+	if logrus.GetLevel() != logrus.WarnLevel {
+		t.Fatalf("expected warn log level, got %v", logrus.GetLevel())
+	}
+}
+
+func TestLoadDaemonConfigWithEmbeddedOptions(t *testing.T) {
+	c := &daemon.Config{}
+	common := &cli.CommonFlags{}
+
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+	flags.String([]string{"-tlscacert"}, "", "")
+	flags.String([]string{"-log-driver"}, "", "")
+
+	f, err := ioutil.TempFile("", "docker-config-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	configFile := f.Name()
+	defer os.Remove(configFile)
+
+	f.Write([]byte(`{"tlscacert": "/etc/certs/ca.pem", "log-driver": "syslog"}`))
+	f.Close()
+
+	loadedConfig, err := loadDaemonCliConfig(c, flags, common, configFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if loadedConfig == nil {
+		t.Fatal("expected configuration, got nil")
+	}
+	if loadedConfig.CommonTLSOptions.CAFile != "/etc/certs/ca.pem" {
+		t.Fatalf("expected CA file path /etc/certs/ca.pem, got %v", loadedConfig.CommonTLSOptions.CAFile)
+	}
+	if loadedConfig.LogConfig.Type != "syslog" {
+		t.Fatalf("expected LogConfig type syslog, got %v", loadedConfig.LogConfig.Type)
+	}
+}
+
+func TestLoadDaemonConfigWithRegistryOptions(t *testing.T) {
+	c := &daemon.Config{}
+	common := &cli.CommonFlags{}
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+	c.ServiceOptions.InstallCliFlags(flags, absentFromHelp)
+
+	f, err := ioutil.TempFile("", "docker-config-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	configFile := f.Name()
+	defer os.Remove(configFile)
+
+	f.Write([]byte(`{"registry-mirrors": ["https://mirrors.docker.com"], "insecure-registries": ["https://insecure.docker.com"], "disable-legacy-registry": true}`))
+	f.Close()
+
+	loadedConfig, err := loadDaemonCliConfig(c, flags, common, configFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if loadedConfig == nil {
+		t.Fatal("expected configuration, got nil")
+	}
+
+	m := loadedConfig.Mirrors
+	if len(m) != 1 {
+		t.Fatalf("expected 1 mirror, got %d", len(m))
+	}
+
+	r := loadedConfig.InsecureRegistries
+	if len(r) != 1 {
+		t.Fatalf("expected 1 insecure registries, got %d", len(r))
+	}
+
+	if !loadedConfig.V2Only {
+		t.Fatal("expected disable-legacy-registry to be true, got false")
+	}
+}
diff --git a/docker/daemon_unix.go b/docker/daemon_unix.go
new file mode 100644
index 00000000..b65eb1f0
--- /dev/null
+++ b/docker/daemon_unix.go
@@ -0,0 +1,82 @@
+// +build daemon,!windows
+
+package main
+
+import (
+	"fmt"
+	"os"
+	"os/signal"
+	"syscall"
+
+	"github.com/Sirupsen/logrus"
+	apiserver "github.com/docker/docker/api/server"
+	"github.com/docker/docker/daemon"
+	"github.com/docker/docker/libcontainerd"
+	"github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/pkg/system"
+)
+
+const defaultDaemonConfigFile = "/etc/docker/daemon.json"
+
+func setPlatformServerConfig(serverConfig *apiserver.Config, daemonCfg *daemon.Config) *apiserver.Config {
+	serverConfig.EnableCors = daemonCfg.EnableCors
+	serverConfig.CorsHeaders = daemonCfg.CorsHeaders
+
+	return serverConfig
+}
+
+// currentUserIsOwner checks whether the current user is the owner of the given
+// file.
+func currentUserIsOwner(f string) bool {
+	if fileInfo, err := system.Stat(f); err == nil && fileInfo != nil {
+		if int(fileInfo.UID()) == os.Getuid() {
+			return true
+		}
+	}
+	return false
+}
+
+// setDefaultUmask sets the umask to 0022 to avoid problems
+// caused by custom umask
+func setDefaultUmask() error {
+	desiredUmask := 0022
+	syscall.Umask(desiredUmask)
+	if umask := syscall.Umask(desiredUmask); umask != desiredUmask {
+		return fmt.Errorf("failed to set umask: expected %#o, got %#o", desiredUmask, umask)
+	}
+
+	return nil
+}
+
+func getDaemonConfDir() string {
+	return "/etc/docker"
+}
+
+// setupConfigReloadTrap configures the USR2 signal to reload the configuration.
+func setupConfigReloadTrap(configFile string, flags *mflag.FlagSet, reload func(*daemon.Config)) {
+	c := make(chan os.Signal, 1)
+	signal.Notify(c, syscall.SIGHUP)
+	go func() {
+		for range c {
+			if err := daemon.ReloadConfiguration(configFile, flags, reload); err != nil {
+				logrus.Error(err)
+			}
+		}
+	}()
+}
+
+func (cli *DaemonCli) getPlatformRemoteOptions() []libcontainerd.RemoteOption {
+	opts := []libcontainerd.RemoteOption{
+		libcontainerd.WithDebugLog(cli.Config.Debug),
+	}
+	if cli.Config.ContainerdAddr != "" {
+		opts = append(opts, libcontainerd.WithRemoteAddr(cli.Config.ContainerdAddr))
+	} else {
+		opts = append(opts, libcontainerd.WithStartDaemon(true))
+	}
+	if daemon.UsingSystemd(cli.Config) {
+		args := []string{"--systemd-cgroup=true"}
+		opts = append(opts, libcontainerd.WithRuntimeArgs(args))
+	}
+	return opts
+}
diff --git a/docker/daemon_unix_test.go b/docker/daemon_unix_test.go
new file mode 100644
index 00000000..5b17b3af
--- /dev/null
+++ b/docker/daemon_unix_test.go
@@ -0,0 +1,212 @@
+// +build daemon,!windows
+
+package main
+
+import (
+	"io/ioutil"
+	"testing"
+
+	"github.com/docker/docker/cli"
+	"github.com/docker/docker/daemon"
+	"github.com/docker/docker/opts"
+	"github.com/docker/docker/pkg/mflag"
+)
+
+func TestLoadDaemonCliConfigWithDaemonFlags(t *testing.T) {
+	c := &daemon.Config{}
+	common := &cli.CommonFlags{
+		Debug:    true,
+		LogLevel: "info",
+	}
+
+	f, err := ioutil.TempFile("", "docker-config-")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	configFile := f.Name()
+	f.Write([]byte(`{"log-opts": {"max-size": "1k"}}`))
+	f.Close()
+
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+	flags.String([]string{daemonConfigFileFlag}, "", "")
+	flags.BoolVar(&c.EnableSelinuxSupport, []string{"-selinux-enabled"}, true, "")
+	flags.StringVar(&c.LogConfig.Type, []string{"-log-driver"}, "json-file", "")
+	flags.Var(opts.NewNamedMapOpts("log-opts", c.LogConfig.Config, nil), []string{"-log-opt"}, "")
+	flags.Set(daemonConfigFileFlag, configFile)
+
+	loadedConfig, err := loadDaemonCliConfig(c, flags, common, configFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if loadedConfig == nil {
+		t.Fatalf("expected configuration %v, got nil", c)
+	}
+	if !loadedConfig.Debug {
+		t.Fatalf("expected debug mode, got false")
+	}
+	if loadedConfig.LogLevel != "info" {
+		t.Fatalf("expected info log level, got %v", loadedConfig.LogLevel)
+	}
+	if !loadedConfig.EnableSelinuxSupport {
+		t.Fatalf("expected enabled selinux support, got disabled")
+	}
+	if loadedConfig.LogConfig.Type != "json-file" {
+		t.Fatalf("expected LogConfig type json-file, got %v", loadedConfig.LogConfig.Type)
+	}
+	if maxSize := loadedConfig.LogConfig.Config["max-size"]; maxSize != "1k" {
+		t.Fatalf("expected log max-size `1k`, got %s", maxSize)
+	}
+}
+
+func TestLoadDaemonConfigWithNetwork(t *testing.T) {
+	c := &daemon.Config{}
+	common := &cli.CommonFlags{}
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+	flags.String([]string{"-bip"}, "", "")
+	flags.String([]string{"-ip"}, "", "")
+
+	f, err := ioutil.TempFile("", "docker-config-")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	configFile := f.Name()
+	f.Write([]byte(`{"bip": "127.0.0.2", "ip": "127.0.0.1"}`))
+	f.Close()
+
+	loadedConfig, err := loadDaemonCliConfig(c, flags, common, configFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if loadedConfig == nil {
+		t.Fatalf("expected configuration %v, got nil", c)
+	}
+	if loadedConfig.IP != "127.0.0.2" {
+		t.Fatalf("expected IP 127.0.0.2, got %v", loadedConfig.IP)
+	}
+	if loadedConfig.DefaultIP.String() != "127.0.0.1" {
+		t.Fatalf("expected DefaultIP 127.0.0.1, got %s", loadedConfig.DefaultIP)
+	}
+}
+
+func TestLoadDaemonConfigWithMapOptions(t *testing.T) {
+	c := &daemon.Config{}
+	common := &cli.CommonFlags{}
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+
+	flags.Var(opts.NewNamedMapOpts("cluster-store-opts", c.ClusterOpts, nil), []string{"-cluster-store-opt"}, "")
+	flags.Var(opts.NewNamedMapOpts("log-opts", c.LogConfig.Config, nil), []string{"-log-opt"}, "")
+
+	f, err := ioutil.TempFile("", "docker-config-")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	configFile := f.Name()
+	f.Write([]byte(`{
+		"cluster-store-opts": {"kv.cacertfile": "/var/lib/docker/discovery_certs/ca.pem"},
+		"log-opts": {"tag": "test"}
+}`))
+	f.Close()
+
+	loadedConfig, err := loadDaemonCliConfig(c, flags, common, configFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if loadedConfig == nil {
+		t.Fatal("expected configuration, got nil")
+	}
+	if loadedConfig.ClusterOpts == nil {
+		t.Fatal("expected cluster options, got nil")
+	}
+
+	expectedPath := "/var/lib/docker/discovery_certs/ca.pem"
+	if caPath := loadedConfig.ClusterOpts["kv.cacertfile"]; caPath != expectedPath {
+		t.Fatalf("expected %s, got %s", expectedPath, caPath)
+	}
+
+	if loadedConfig.LogConfig.Config == nil {
+		t.Fatal("expected log config options, got nil")
+	}
+	if tag := loadedConfig.LogConfig.Config["tag"]; tag != "test" {
+		t.Fatalf("expected log tag `test`, got %s", tag)
+	}
+}
+
+func TestLoadDaemonConfigWithTrueDefaultValues(t *testing.T) {
+	c := &daemon.Config{}
+	common := &cli.CommonFlags{}
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+	flags.BoolVar(&c.EnableUserlandProxy, []string{"-userland-proxy"}, true, "")
+
+	f, err := ioutil.TempFile("", "docker-config-")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if err := flags.ParseFlags([]string{}, false); err != nil {
+		t.Fatal(err)
+	}
+
+	configFile := f.Name()
+	f.Write([]byte(`{
+		"userland-proxy": false
+}`))
+	f.Close()
+
+	loadedConfig, err := loadDaemonCliConfig(c, flags, common, configFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if loadedConfig == nil {
+		t.Fatal("expected configuration, got nil")
+	}
+
+	if loadedConfig.EnableUserlandProxy {
+		t.Fatal("expected userland proxy to be disabled, got enabled")
+	}
+
+	// make sure reloading doesn't generate configuration
+	// conflicts after normalizing boolean values.
+	err = daemon.ReloadConfiguration(configFile, flags, func(reloadedConfig *daemon.Config) {
+		if reloadedConfig.EnableUserlandProxy {
+			t.Fatal("expected userland proxy to be disabled, got enabled")
+		}
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestLoadDaemonConfigWithTrueDefaultValuesLeaveDefaults(t *testing.T) {
+	c := &daemon.Config{}
+	common := &cli.CommonFlags{}
+	flags := mflag.NewFlagSet("test", mflag.ContinueOnError)
+	flags.BoolVar(&c.EnableUserlandProxy, []string{"-userland-proxy"}, true, "")
+
+	f, err := ioutil.TempFile("", "docker-config-")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if err := flags.ParseFlags([]string{}, false); err != nil {
+		t.Fatal(err)
+	}
+
+	configFile := f.Name()
+	f.Write([]byte(`{}`))
+	f.Close()
+
+	loadedConfig, err := loadDaemonCliConfig(c, flags, common, configFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if loadedConfig == nil {
+		t.Fatal("expected configuration, got nil")
+	}
+
+	if !loadedConfig.EnableUserlandProxy {
+		t.Fatal("expected userland proxy to be enabled, got disabled")
+	}
+}
diff --git a/docker/daemon_windows.go b/docker/daemon_windows.go
new file mode 100644
index 00000000..ae8d737d
--- /dev/null
+++ b/docker/daemon_windows.go
@@ -0,0 +1,64 @@
+// +build daemon
+
+package main
+
+import (
+	"fmt"
+	"os"
+	"syscall"
+
+	"github.com/Sirupsen/logrus"
+	apiserver "github.com/docker/docker/api/server"
+	"github.com/docker/docker/daemon"
+	"github.com/docker/docker/libcontainerd"
+	"github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/pkg/system"
+)
+
+var defaultDaemonConfigFile = os.Getenv("programdata") + string(os.PathSeparator) + "docker" + string(os.PathSeparator) + "config" + string(os.PathSeparator) + "daemon.json"
+
+func setPlatformServerConfig(serverConfig *apiserver.Config, daemonCfg *daemon.Config) *apiserver.Config {
+	return serverConfig
+}
+
+// currentUserIsOwner checks whether the current user is the owner of the given
+// file.
+func currentUserIsOwner(f string) bool {
+	return false
+}
+
+// setDefaultUmask doesn't do anything on windows
+func setDefaultUmask() error {
+	return nil
+}
+
+func getDaemonConfDir() string {
+	return os.Getenv("PROGRAMDATA") + `\docker\config`
+}
+
+// notifySystem sends a message to the host when the server is ready to be used
+func notifySystem() {
+}
+
+// setupConfigReloadTrap configures a Win32 event to reload the configuration.
+func setupConfigReloadTrap(configFile string, flags *mflag.FlagSet, reload func(*daemon.Config)) {
+	go func() {
+		sa := syscall.SecurityAttributes{
+			Length: 0,
+		}
+		ev := "Global\\docker-daemon-config-" + fmt.Sprint(os.Getpid())
+		if h, _ := system.CreateEvent(&sa, false, false, ev); h != 0 {
+			logrus.Debugf("Config reload - waiting signal at %s", ev)
+			for {
+				syscall.WaitForSingleObject(h, syscall.INFINITE)
+				if err := daemon.ReloadConfiguration(configFile, flags, reload); err != nil {
+					logrus.Error(err)
+				}
+			}
+		}
+	}()
+}
+
+func (cli *DaemonCli) getPlatformRemoteOptions() []libcontainerd.RemoteOption {
+	return nil
+}
diff --git a/docker/docker.go b/docker/docker.go
new file mode 100644
index 00000000..39b527ee
--- /dev/null
+++ b/docker/docker.go
@@ -0,0 +1,82 @@
+package main
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/api/client"
+	"github.com/docker/docker/cli"
+	"github.com/docker/docker/dockerversion"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/pkg/reexec"
+	"github.com/docker/docker/pkg/term"
+	"github.com/docker/docker/utils"
+)
+
+func main() {
+	if reexec.Init() {
+		return
+	}
+
+	// Set terminal emulation based on platform as required.
+	stdin, stdout, stderr := term.StdStreams()
+
+	logrus.SetOutput(stderr)
+
+	flag.Merge(flag.CommandLine, clientFlags.FlagSet, commonFlags.FlagSet)
+
+	flag.Usage = func() {
+		fmt.Fprint(stdout, "Usage: docker [OPTIONS] COMMAND [arg...]\n"+daemonUsage+"       docker [ --help | -v | --version ]\n\n")
+		fmt.Fprint(stdout, "A self-sufficient runtime for containers.\n\nOptions:\n")
+
+		flag.CommandLine.SetOutput(stdout)
+		flag.PrintDefaults()
+
+		help := "\nCommands:\n"
+
+		for _, cmd := range dockerCommands {
+			help += fmt.Sprintf("    %-10.10s%s\n", cmd.Name, cmd.Description)
+		}
+
+		help += "\nRun 'docker COMMAND --help' for more information on a command."
+		fmt.Fprintf(stdout, "%s\n", help)
+	}
+
+	flag.Parse()
+
+	if *flVersion {
+		showVersion()
+		return
+	}
+
+	if *flHelp {
+		// if global flag --help is present, regardless of what other options and commands there are,
+		// just print the usage.
+		flag.Usage()
+		return
+	}
+
+	clientCli := client.NewDockerCli(stdin, stdout, stderr, clientFlags)
+
+	c := cli.New(clientCli, daemonCli)
+	if err := c.Run(flag.Args()...); err != nil {
+		if sterr, ok := err.(cli.StatusError); ok {
+			if sterr.Status != "" {
+				fmt.Fprintln(stderr, sterr.Status)
+				os.Exit(1)
+			}
+			os.Exit(sterr.StatusCode)
+		}
+		fmt.Fprintln(stderr, err)
+		os.Exit(1)
+	}
+}
+
+func showVersion() {
+	if utils.ExperimentalBuild() {
+		fmt.Printf("Docker version %s, build %s, experimental\n", dockerversion.Version, dockerversion.GitCommit)
+	} else {
+		fmt.Printf("Docker version %s, build %s\n", dockerversion.Version, dockerversion.GitCommit)
+	}
+}
diff --git a/docker/docker_windows.go b/docker/docker_windows.go
new file mode 100644
index 00000000..a31dffc9
--- /dev/null
+++ b/docker/docker_windows.go
@@ -0,0 +1,5 @@
+package main
+
+import (
+	_ "github.com/docker/docker/autogen/winresources"
+)
diff --git a/docker/flags.go b/docker/flags.go
new file mode 100644
index 00000000..35a81088
--- /dev/null
+++ b/docker/flags.go
@@ -0,0 +1,30 @@
+package main
+
+import (
+	"sort"
+
+	"github.com/docker/docker/cli"
+	flag "github.com/docker/docker/pkg/mflag"
+)
+
+var (
+	flHelp    = flag.Bool([]string{"h", "-help"}, false, "Print usage")
+	flVersion = flag.Bool([]string{"v", "-version"}, false, "Print version information and quit")
+)
+
+type byName []cli.Command
+
+func (a byName) Len() int           { return len(a) }
+func (a byName) Swap(i, j int)      { a[i], a[j] = a[j], a[i] }
+func (a byName) Less(i, j int) bool { return a[i].Name < a[j].Name }
+
+var dockerCommands []cli.Command
+
+// TODO(tiborvass): do not show 'daemon' on client-only binaries
+
+func init() {
+	for _, cmd := range cli.DockerCommands {
+		dockerCommands = append(dockerCommands, cmd)
+	}
+	sort.Sort(byName(dockerCommands))
+}
diff --git a/docker/flags_test.go b/docker/flags_test.go
new file mode 100644
index 00000000..28021ba4
--- /dev/null
+++ b/docker/flags_test.go
@@ -0,0 +1,13 @@
+package main
+
+import (
+	"sort"
+	"testing"
+)
+
+// Tests if the subcommands of docker are sorted
+func TestDockerSubcommandsAreSorted(t *testing.T) {
+	if !sort.IsSorted(byName(dockerCommands)) {
+		t.Fatal("Docker subcommands are not in sorted order")
+	}
+}
diff --git a/docker/listeners/listeners.go b/docker/listeners/listeners.go
new file mode 100644
index 00000000..8150ba0c
--- /dev/null
+++ b/docker/listeners/listeners.go
@@ -0,0 +1,22 @@
+package listeners
+
+import (
+	"crypto/tls"
+	"net"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/go-connections/sockets"
+)
+
+func initTCPSocket(addr string, tlsConfig *tls.Config) (l net.Listener, err error) {
+	if tlsConfig == nil || tlsConfig.ClientAuth != tls.RequireAndVerifyClientCert {
+		logrus.Warn("/!\\ DON'T BIND ON ANY IP ADDRESS WITHOUT setting -tlsverify IF YOU DON'T KNOW WHAT YOU'RE DOING /!\\")
+	}
+	if l, err = sockets.NewTCPSocket(addr, tlsConfig); err != nil {
+		return nil, err
+	}
+	if err := allocateDaemonPort(addr); err != nil {
+		return nil, err
+	}
+	return
+}
diff --git a/docker/listeners/listeners_unix.go b/docker/listeners/listeners_unix.go
new file mode 100644
index 00000000..732565a3
--- /dev/null
+++ b/docker/listeners/listeners_unix.go
@@ -0,0 +1,119 @@
+// +build !windows
+
+package listeners
+
+import (
+	"crypto/tls"
+	"fmt"
+	"net"
+	"strconv"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/coreos/go-systemd/activation"
+	"github.com/docker/go-connections/sockets"
+	"github.com/docker/libnetwork/portallocator"
+)
+
+// Init creates new listeners for the server.
+func Init(proto, addr, socketGroup string, tlsConfig *tls.Config) (ls []net.Listener, err error) {
+	switch proto {
+	case "fd":
+		ls, err = listenFD(addr, tlsConfig)
+		if err != nil {
+			return nil, err
+		}
+	case "tcp":
+		l, err := initTCPSocket(addr, tlsConfig)
+		if err != nil {
+			return nil, err
+		}
+		ls = append(ls, l)
+	case "unix":
+		l, err := sockets.NewUnixSocket(addr, socketGroup)
+		if err != nil {
+			return nil, fmt.Errorf("can't create unix socket %s: %v", addr, err)
+		}
+		ls = append(ls, l)
+	default:
+		return nil, fmt.Errorf("Invalid protocol format: %q", proto)
+	}
+
+	return
+}
+
+// listenFD returns the specified socket activated files as a slice of
+// net.Listeners or all of the activated files if "*" is given.
+func listenFD(addr string, tlsConfig *tls.Config) ([]net.Listener, error) {
+	var (
+		err       error
+		listeners []net.Listener
+	)
+	// socket activation
+	if tlsConfig != nil {
+		listeners, err = activation.TLSListeners(false, tlsConfig)
+	} else {
+		listeners, err = activation.Listeners(false)
+	}
+	if err != nil {
+		return nil, err
+	}
+
+	if len(listeners) == 0 {
+		return nil, fmt.Errorf("No sockets found. Make sure the docker daemon was started by systemd.")
+	}
+
+	// default to all fds just like unix:// and tcp://
+	if addr == "" || addr == "*" {
+		return listeners, nil
+	}
+
+	fdNum, err := strconv.Atoi(addr)
+	if err != nil {
+		return nil, fmt.Errorf("failed to parse systemd address, should be number: %v", err)
+	}
+	fdOffset := fdNum - 3
+	if len(listeners) < int(fdOffset)+1 {
+		return nil, fmt.Errorf("Too few socket activated files passed in")
+	}
+	if listeners[fdOffset] == nil {
+		return nil, fmt.Errorf("failed to listen on systemd activated file at fd %d", fdOffset+3)
+	}
+	for i, ls := range listeners {
+		if i == fdOffset || ls == nil {
+			continue
+		}
+		if err := ls.Close(); err != nil {
+			logrus.Errorf("Failed to close systemd activated file at fd %d: %v", fdOffset+3, err)
+		}
+	}
+	return []net.Listener{listeners[fdOffset]}, nil
+}
+
+// allocateDaemonPort ensures that there are no containers
+// that try to use any port allocated for the docker server.
+func allocateDaemonPort(addr string) error {
+	host, port, err := net.SplitHostPort(addr)
+	if err != nil {
+		return err
+	}
+
+	intPort, err := strconv.Atoi(port)
+	if err != nil {
+		return err
+	}
+
+	var hostIPs []net.IP
+	if parsedIP := net.ParseIP(host); parsedIP != nil {
+		hostIPs = append(hostIPs, parsedIP)
+	} else if hostIPs, err = net.LookupIP(host); err != nil {
+		return fmt.Errorf("failed to lookup %s address in host specification", host)
+	}
+
+	pa := portallocator.Get()
+	for _, hostIP := range hostIPs {
+		if _, err := pa.RequestPort(hostIP, "tcp", intPort); err != nil {
+			return fmt.Errorf("failed to allocate daemon listening port %d (err: %v)", intPort, err)
+		}
+	}
+	return nil
+}
diff --git a/docker/listeners/listeners_windows.go b/docker/listeners/listeners_windows.go
new file mode 100644
index 00000000..ae862fcf
--- /dev/null
+++ b/docker/listeners/listeners_windows.go
@@ -0,0 +1,58 @@
+package listeners
+
+import (
+	"crypto/tls"
+	"errors"
+	"fmt"
+	"net"
+	"strings"
+
+	"github.com/Microsoft/go-winio"
+)
+
+// Init creates new listeners for the server.
+func Init(proto, addr, socketGroup string, tlsConfig *tls.Config) (ls []net.Listener, err error) {
+	switch proto {
+	case "tcp":
+		l, err := initTCPSocket(addr, tlsConfig)
+		if err != nil {
+			return nil, err
+		}
+		ls = append(ls, l)
+
+	case "npipe":
+		// allow Administrators and SYSTEM, plus whatever additional users or groups were specified
+		sddl := "D:P(A;;GA;;;BA)(A;;GA;;;SY)"
+		if socketGroup != "" {
+			for _, g := range strings.Split(socketGroup, ",") {
+				sid, err := winio.LookupSidByName(g)
+				if err != nil {
+					return nil, err
+				}
+				sddl += fmt.Sprintf("(A;;GRGW;;;%s)", sid)
+			}
+		}
+		c := winio.PipeConfig{
+			SecurityDescriptor: sddl,
+			MessageMode:        true,  // Use message mode so that CloseWrite() is supported
+			InputBufferSize:    65536, // Use 64KB buffers to improve performance
+			OutputBufferSize:   65536,
+		}
+		l, err := winio.ListenPipe(addr, &c)
+		if err != nil {
+			return nil, err
+		}
+		ls = append(ls, l)
+
+	default:
+		return nil, errors.New("Invalid protocol format. Windows only supports tcp and npipe.")
+	}
+
+	return
+}
+
+// allocateDaemonPort ensures that there are no containers
+// that try to use any port allocated for the docker server.
+func allocateDaemonPort(addr string) error {
+	return nil
+}
diff --git a/dockerversion/useragent.go b/dockerversion/useragent.go
new file mode 100644
index 00000000..d2a891c4
--- /dev/null
+++ b/dockerversion/useragent.go
@@ -0,0 +1,74 @@
+package dockerversion
+
+import (
+	"fmt"
+	"runtime"
+
+	"github.com/docker/docker/api/server/httputils"
+	"github.com/docker/docker/pkg/parsers/kernel"
+	"github.com/docker/docker/pkg/useragent"
+	"golang.org/x/net/context"
+)
+
+// DockerUserAgent is the User-Agent the Docker client uses to identify itself.
+// In accordance with RFC 7231 (5.5.3) is of the form:
+//    [docker client's UA] UpstreamClient([upstream client's UA])
+func DockerUserAgent(ctx context.Context) string {
+	httpVersion := make([]useragent.VersionInfo, 0, 6)
+	httpVersion = append(httpVersion, useragent.VersionInfo{Name: "docker", Version: Version})
+	httpVersion = append(httpVersion, useragent.VersionInfo{Name: "go", Version: runtime.Version()})
+	httpVersion = append(httpVersion, useragent.VersionInfo{Name: "git-commit", Version: GitCommit})
+	if kernelVersion, err := kernel.GetKernelVersion(); err == nil {
+		httpVersion = append(httpVersion, useragent.VersionInfo{Name: "kernel", Version: kernelVersion.String()})
+	}
+	httpVersion = append(httpVersion, useragent.VersionInfo{Name: "os", Version: runtime.GOOS})
+	httpVersion = append(httpVersion, useragent.VersionInfo{Name: "arch", Version: runtime.GOARCH})
+
+	dockerUA := useragent.AppendVersions("", httpVersion...)
+	upstreamUA := getUserAgentFromContext(ctx)
+	if len(upstreamUA) > 0 {
+		ret := insertUpstreamUserAgent(upstreamUA, dockerUA)
+		return ret
+	}
+	return dockerUA
+}
+
+// getUserAgentFromContext returns the previously saved user-agent context stored in ctx, if one exists
+func getUserAgentFromContext(ctx context.Context) string {
+	var upstreamUA string
+	if ctx != nil {
+		var ki interface{} = ctx.Value(httputils.UAStringKey)
+		if ki != nil {
+			upstreamUA = ctx.Value(httputils.UAStringKey).(string)
+		}
+	}
+	return upstreamUA
+}
+
+// escapeStr returns s with every rune in charsToEscape escaped by a backslash
+func escapeStr(s string, charsToEscape string) string {
+	var ret string
+	for _, currRune := range s {
+		appended := false
+		for _, escapeableRune := range charsToEscape {
+			if currRune == escapeableRune {
+				ret += `\` + string(currRune)
+				appended = true
+				break
+			}
+		}
+		if !appended {
+			ret += string(currRune)
+		}
+	}
+	return ret
+}
+
+// insertUpstreamUserAgent adds the upstream client useragent to create a user-agent
+// string of the form:
+//   $dockerUA UpstreamClient($upstreamUA)
+func insertUpstreamUserAgent(upstreamUA string, dockerUA string) string {
+	charsToEscape := `();\`
+	upstreamUAEscaped := escapeStr(upstreamUA, charsToEscape)
+	return fmt.Sprintf("%s UpstreamClient(%s)", dockerUA, upstreamUAEscaped)
+}
diff --git a/dockerversion/version_lib.go b/dockerversion/version_lib.go
new file mode 100644
index 00000000..6644bce2
--- /dev/null
+++ b/dockerversion/version_lib.go
@@ -0,0 +1,13 @@
+// +build !autogen
+
+// Package dockerversion is auto-generated at build-time
+package dockerversion
+
+// Default build-time variable for library-import.
+// This file is overridden on build with build-time informations.
+const (
+	GitCommit string = "library-import"
+	Version   string = "library-import"
+	BuildTime string = "library-import"
+	IAmStatic string = "library-import"
+)
diff --git a/docs/.gitignore b/docs/.gitignore
new file mode 100644
index 00000000..9ad7c6e2
--- /dev/null
+++ b/docs/.gitignore
@@ -0,0 +1,2 @@
+# avoid committing the awsconfig file used for releases
+awsconfig
diff --git a/docs/Dockerfile b/docs/Dockerfile
new file mode 100644
index 00000000..3690d157
--- /dev/null
+++ b/docs/Dockerfile
@@ -0,0 +1,17 @@
+FROM docs/base:latest
+MAINTAINER Mary Anthony <mary@docker.com> (@moxiegirl)
+
+RUN svn checkout https://github.com/docker/compose/trunk/docs /docs/content/compose
+RUN svn checkout https://github.com/docker/swarm/trunk/docs /docs/content/swarm
+RUN svn checkout https://github.com/docker/machine/trunk/docs /docs/content/machine
+RUN svn checkout https://github.com/docker/distribution/trunk/docs /docs/content/registry
+RUN svn checkout https://github.com/docker/notary/trunk/docs /docs/content/notary
+RUN svn checkout https://github.com/docker/kitematic/trunk/docs /docs/content/kitematic
+RUN svn checkout https://github.com/docker/toolbox/trunk/docs /docs/content/toolbox
+RUN svn checkout https://github.com/docker/opensource/trunk/docs /docs/content/opensource
+
+ENV PROJECT=engine
+# To get the git info for this repo
+COPY . /src
+
+COPY . /docs/content/$PROJECT/
diff --git a/docs/Makefile b/docs/Makefile
new file mode 100644
index 00000000..711462ea
--- /dev/null
+++ b/docs/Makefile
@@ -0,0 +1,54 @@
+.PHONY: all binary build cross default docs docs-build docs-shell shell test test-unit test-integration test-integration-cli test-docker-py validate
+
+# env vars passed through directly to Docker's build scripts
+# to allow things like `make DOCKER_CLIENTONLY=1 binary` easily
+# `docs/sources/contributing/devenvironment.md ` and `project/PACKAGERS.md` have some limited documentation of some of these
+DOCKER_ENVS := \
+	-e BUILDFLAGS \
+	-e DOCKER_CLIENTONLY \
+	-e DOCKER_GRAPHDRIVER \
+	-e TESTDIRS \
+	-e TESTFLAGS \
+	-e TIMEOUT
+# note: we _cannot_ add "-e DOCKER_BUILDTAGS" here because even if it's unset in the shell, that would shadow the "ENV DOCKER_BUILDTAGS" set in our Dockerfile, which is very important for our official builds
+
+# to allow `make DOCSDIR=docs docs-shell` (to create a bind mount in docs)
+DOCS_MOUNT := $(if $(DOCSDIR),-v $(CURDIR)/$(DOCSDIR):/$(DOCSDIR))
+
+# to allow `make DOCSPORT=9000 docs`
+DOCSPORT := 8000
+
+# Get the IP ADDRESS
+DOCKER_IP=$(shell python -c "import urlparse ; print urlparse.urlparse('$(DOCKER_HOST)').hostname or ''")
+HUGO_BASE_URL=$(shell test -z "$(DOCKER_IP)" && echo localhost || echo "$(DOCKER_IP)")
+HUGO_BIND_IP=0.0.0.0
+
+GIT_BRANCH := $(shell git rev-parse --abbrev-ref HEAD 2>/dev/null)
+DOCKER_IMAGE := docker$(if $(GIT_BRANCH),:$(GIT_BRANCH))
+DOCKER_DOCS_IMAGE := docs-base$(if $(GIT_BRANCH),:$(GIT_BRANCH))
+
+
+DOCKER_RUN_DOCS := docker run --rm -it $(DOCS_MOUNT) -e AWS_S3_BUCKET -e NOCACHE
+
+# for some docs workarounds (see below in "docs-build" target)
+GITCOMMIT := $(shell git rev-parse --short HEAD 2>/dev/null)
+
+default: docs
+
+docs: docs-build
+	$(DOCKER_RUN_DOCS) -p $(if $(DOCSPORT),$(DOCSPORT):)8000 -e DOCKERHOST "$(DOCKER_DOCS_IMAGE)" hugo server --port=$(DOCSPORT) --baseUrl=$(HUGO_BASE_URL) --bind=$(HUGO_BIND_IP)
+
+docs-draft: docs-build
+	$(DOCKER_RUN_DOCS) -p $(if $(DOCSPORT),$(DOCSPORT):)8000 -e DOCKERHOST "$(DOCKER_DOCS_IMAGE)" hugo server --buildDrafts="true" --port=$(DOCSPORT) --baseUrl=$(HUGO_BASE_URL) --bind=$(HUGO_BIND_IP)
+
+
+docs-shell: docs-build
+	$(DOCKER_RUN_DOCS) -p $(if $(DOCSPORT),$(DOCSPORT):)8000 "$(DOCKER_DOCS_IMAGE)" bash
+
+
+docs-build:
+#	( git remote | grep -v upstream ) || git diff --name-status upstream/release..upstream/docs ./ > ./changed-files
+#	echo "$(GIT_BRANCH)" > GIT_BRANCH
+#	echo "$(AWS_S3_BUCKET)" > AWS_S3_BUCKET
+#	echo "$(GITCOMMIT)" > GITCOMMIT
+	docker build -t "$(DOCKER_DOCS_IMAGE)" .
diff --git a/docs/README.md b/docs/README.md
new file mode 100644
index 00000000..f57f4526
--- /dev/null
+++ b/docs/README.md
@@ -0,0 +1,288 @@
+<!--[metadata]>
++++
+draft = true
++++
+<![end-metadata]-->
+
+# Docker Documentation
+
+The source for Docker documentation is in this directory. Our
+documentation uses extended Markdown, as implemented by
+[MkDocs](http://mkdocs.org).  The current release of the Docker documentation
+resides on [https://docs.docker.com](https://docs.docker.com).
+
+## Understanding the documentation branches and processes
+
+Docker has two primary branches for documentation:
+
+| Branch   | Description                    | URL (published via commit-hook)                                              |
+|----------|--------------------------------|------------------------------------------------------------------------------|
+| `docs`   | Official release documentation | [https://docs.docker.com](https://docs.docker.com)                             |
+| `master` | Merged but unreleased development work    |  |
+
+Additions and updates to upcoming releases are made in a feature branch off of
+the `master` branch. The Docker maintainers also support a `docs` branch that
+contains the last release of documentation.
+
+After a release, documentation updates are continually merged into `master` as
+they occur. This work includes new documentation for forthcoming features, bug
+fixes, and other updates.
+
+Periodically, the Docker maintainers update `docs.docker.com` between official
+releases of Docker. They do this by cherry-picking commits from `master`,
+merging them into `docs`,  and then publishing the result.
+
+In the rare case where a change is not forward-compatible, changes may be made
+on other branches by special arrangement with the Docker maintainers.
+
+### Quickstart for documentation contributors
+
+If you are a new or beginner contributor, we encourage you to read through the
+[our detailed contributors
+guide](https://docs.docker.com/opensource/code/). The guide explains in
+detail, with examples, how to contribute. If you are an experienced contributor
+this quickstart should be enough to get you started.
+
+The following is the essential workflow for contributing to the documentation:
+
+1. Fork the `docker/docker` repository.
+
+2. Clone the repository to your local machine.
+
+3. Select an issue from `docker/docker` to work on or submit a proposal of your
+own.
+
+4. Create a feature branch from `master` in which to work.
+
+	By basing from `master` your work is automatically included in the next
+	release. It also allows docs maintainers to easily cherry-pick your changes
+	into the `docs` release branch.
+
+4. Modify existing or add new `.md` files to the `docs` directory.
+
+5.  As you work, build the documentation site locally to see your changes.
+
+	The `docker/docker` repository contains a `Dockerfile` and a `Makefile`.
+	Together, these create a development environment in which you can build and
+	run a container running the Docker documentation website. To build the
+	documentation site, enter `make docs` in the `docs` directory of your `docker/docker` fork:
+
+		$ make docs
+		.... (lots of output) ....
+		docker run --rm -it  -e AWS_S3_BUCKET -p 8000:8000 "docker-docs:master" mkdocs serve
+		Running at: http://0.0.0.0:8000/
+		Live reload enabled.
+		Hold ctrl+c to quit.
+
+
+	The build creates an image containing all the required tools, adds the local
+	`docs/` directory and generates the HTML files. Then, it runs a Docker
+	container with this image.
+
+	The container exposes port 8000 on the localhost so that you can connect and
+	see your changes. If you use Docker Machine, the `docker-machine ip
+	<machine-name>` command gives you the address of your server.
+
+6.  Check your writing for style and mechanical errors.
+
+	Use our [documentation style
+	guide](https://docs.docker.com/opensource/doc-style/) to check style. There are
+	several [good grammar and spelling online
+	checkers](http://www.hemingwayapp.com/) that can check your writing
+	mechanics.
+
+7.  Squash your commits on your branch.
+
+8.  Make a pull request from your fork back to Docker's `master` branch.
+
+9.  Work with the reviewers until your change is approved and merged.
+
+### Debugging and testing
+
+If you have any issues you need to debug, you can use `make docs-shell` and then
+run `mkdocs serve`. You can use `make docs-test` to generate a report of missing
+links that are referenced in the documentation&mdash;there should be none.
+
+## Style guide
+
+If you have questions about how to write for Docker's documentation, please see
+the [style guide](https://docs.docker.com/opensource/doc-style/). The style guide provides
+guidance about grammar, syntax, formatting, styling, language, or tone. If
+something isn't clear in the guide, please submit an issue to let us know or
+submit a pull request to help us improve it.
+
+
+## Publishing documentation (for Docker maintainers)
+
+To publish Docker's documentation you need to have Docker up and running on your
+machine. You'll also need a `docs/awsconfig` file containing the settings you
+need to access the AWS bucket you'll be deploying to.
+
+The process for publishing is to build first to an AWS bucket, verify the build,
+and then publish the final release.
+
+1. Have Docker installed and running on your machine.
+
+2. Ask the core maintainers for the `awsconfig` file.
+
+3. Copy the `awsconfig` file to the `docs/` directory.
+
+	The `awsconfig` file contains the profiles of the S3 buckets for our
+	documentation sites. (If needed, the release script creates an S3 bucket and
+	pushes the files to it.)  Each profile has this format:
+
+		[profile dowideit-docs]
+		aws_access_key_id = IHOIUAHSIDH234rwf....
+		aws_secret_access_key = OIUYSADJHLKUHQWIUHE......
+		region = ap-southeast-2
+
+	The `profile` name must be the same as the name of the bucket you are
+	deploying to.
+
+4. Call the `make` from the `docker` directory.
+
+    	$ make AWS_S3_BUCKET=dowideit-docs docs-release
+
+	This publishes _only_ to the `http://bucket-url/v1.2/` version of the
+	documentation.
+
+5.  If you're publishing the current release's documentation, you need to also
+update the root docs pages by running
+
+     	$ make AWS_S3_BUCKET=dowideit-docs BUILD_ROOT=yes docs-release
+
+### Errors publishing using a Docker Machine VM
+
+Sometimes, in a Windows or Mac environment, the publishing procedure returns this
+error:
+
+	Post http:///var/run/docker.sock/build?rm=1&t=docker-docs%3Apost-1.2.0-docs_update-2:
+	dial unix /var/run/docker.sock: no such file or directory.
+
+If this happens, set the Docker host. Run the following command to get the
+variables in your shell:
+
+		docker-machine env <machine-name>
+
+Then, set your environment accordingly.
+
+## Cherry-picking documentation changes to update an existing release.
+
+Whenever the core team makes a release, they publish the documentation based on
+the `release` branch. At that time, the  `release` branch is copied into the
+`docs` branch. The documentation team makes updates between Docker releases by
+cherry-picking changes from `master` into any of the documentation branches.
+Typically, we cherry-pick into the `docs` branch.
+
+For example, to update the current release's docs, do the following:
+
+1. Go to your `docker/docker` fork and get the latest from master.
+
+    	$ git fetch upstream
+
+2. Checkout a new branch based on `upstream/docs`.
+
+	You should give your new branch a descriptive name.
+
+		$ git checkout -b post-1.2.0-docs-update-1 upstream/docs
+
+3. In a browser window, open [https://github.com/docker/docker/commits/master].
+
+4. Locate the merges you want to publish.
+
+	You should only cherry-pick individual commits; do not cherry-pick merge
+	commits. To minimize merge conflicts, start with the oldest commit and work
+	your way forward in time.
+
+5. Copy the commit SHA from GitHub.
+
+6. Cherry-pick the commit.
+
+	 	$ git cherry-pick -x fe845c4
+
+7. Repeat until you have cherry-picked everything you want to merge.
+
+8. Push your changes to your fork.
+
+    	$ git push origin post-1.2.0-docs-update-1
+
+9. Make a pull request to merge into the `docs` branch.
+
+	Do __NOT__ merge into `master`.
+
+10. Have maintainers review your pull request.
+
+11. Once the PR has the needed "LGTMs", merge it on GitHub.
+
+12. Return to your local fork and make sure you are still on the `docs` branch.
+
+		$ git checkout docs
+
+13. Fetch your merged pull request from `docs`.
+
+		$ git fetch upstream/docs
+
+14. Ensure your branch is clean and set to the latest.
+
+   	 	$ git reset --hard upstream/docs
+
+15. Copy the `awsconfig` file into the `docs` directory.
+
+16. Make the beta documentation
+
+    	$ make AWS_S3_BUCKET=beta-docs.docker.io BUILD_ROOT=yes docs-release
+
+17. Open [the beta
+website](http://beta-docs.docker.io.s3-website-us-west-2.amazonaws.com/) site
+and make sure what you published is correct.
+
+19. When you're happy with your content, publish the docs to our live site:
+
+   		$ make AWS_S3_BUCKET=docs.docker.com BUILD_ROOT=yes
+DISTRIBUTION_ID=C2K6......FL2F docs-release
+
+20. Test the uncached version of the live docs at [http://docs.docker.com.s3-website-us-east-1.amazonaws.com/]
+
+
+### Caching and the docs
+
+New docs do not appear live on the site until the cache (a complex, distributed
+CDN system) is flushed. The `make docs-release` command flushes the cache _if_
+the `DISTRIBUTION_ID` is set to the Cloudfront distribution ID. The cache flush
+can take at least 15 minutes to run and you can check its progress with the CDN
+Cloudfront Purge Tool Chrome app.
+
+## Removing files from the docs.docker.com site
+
+Sometimes it becomes necessary to remove files from the historical published documentation.
+The most reliable way to do this is to do it directly using `aws s3` commands running in a
+docs container:
+
+Start the docs container like `make docs-shell`, but bind mount in your `awsconfig`:
+
+```
+docker run --rm -it -v $(CURDIR)/docs/awsconfig:/docs/awsconfig docker-docs:master bash
+```
+
+and then the following example shows deleting 2 documents from s3, and then requesting the
+CloudFlare cache to invalidate them:
+
+
+```
+export BUCKET BUCKET=docs.docker.com
+export AWS_CONFIG_FILE=$(pwd)/awsconfig
+aws s3 --profile $BUCKET ls s3://$BUCKET
+aws s3 --profile $BUCKET rm s3://$BUCKET/v1.0/reference/api/docker_io_oauth_api/index.html
+aws s3 --profile $BUCKET rm s3://$BUCKET/v1.1/reference/api/docker_io_oauth_api/index.html
+
+aws configure set preview.cloudfront true
+export DISTRIBUTION_ID=YUTIYUTIUTIUYTIUT
+aws cloudfront  create-invalidation --profile docs.docker.com --distribution-id $DISTRIBUTION_ID --invalidation-batch '{"Paths":{"Quantity":1, "Items":["/v1.0/reference/api/docker_io_oauth_api/"]},"CallerReference":"6Mar2015sventest1"}'
+aws cloudfront  create-invalidation --profile docs.docker.com --distribution-id $DISTRIBUTION_ID --invalidation-batch '{"Paths":{"Quantity":1, "Items":["/v1.1/reference/api/docker_io_oauth_api/"]},"CallerReference":"6Mar2015sventest1"}'
+```
+
+### Generate the man pages
+
+For information on generating man pages (short for manual page), see the README.md
+document in [the man page directory](https://github.com/docker/docker/tree/master/docker)
+in this project.
diff --git a/docs/admin/ambassador_pattern_linking.md b/docs/admin/ambassador_pattern_linking.md
new file mode 100644
index 00000000..b5c30411
--- /dev/null
+++ b/docs/admin/ambassador_pattern_linking.md
@@ -0,0 +1,159 @@
+<!--[metadata]>
++++
+aliases = ["/engine/articles/ambassador_pattern_linking/"]
+title = "Link via an ambassador container"
+description = "Using the Ambassador pattern to abstract (network) services"
+keywords = ["Examples, Usage, links, docker, documentation, examples, names, name,  container naming"]
+[menu.main]
+parent = "engine_admin"
+weight = 6
++++
+<![end-metadata]-->
+
+# Link via an ambassador container
+
+Rather than hardcoding network links between a service consumer and
+provider, Docker encourages service portability, for example instead of:
+
+    (consumer) --> (redis)
+
+Requiring you to restart the `consumer` to attach it to a different
+`redis` service, you can add ambassadors:
+
+    (consumer) --> (redis-ambassador) --> (redis)
+
+Or
+
+    (consumer) --> (redis-ambassador) ---network---> (redis-ambassador) --> (redis)
+
+When you need to rewire your consumer to talk to a different Redis
+server, you can just restart the `redis-ambassador` container that the
+consumer is connected to.
+
+This pattern also allows you to transparently move the Redis server to a
+different docker host from the consumer.
+
+Using the `svendowideit/ambassador` container, the link wiring is
+controlled entirely from the `docker run` parameters.
+
+## Two host example
+
+Start actual Redis server on one Docker host
+
+    big-server $ docker run -d --name redis crosbymichael/redis
+
+Then add an ambassador linked to the Redis server, mapping a port to the
+outside world
+
+    big-server $ docker run -d --link redis:redis --name redis_ambassador -p 6379:6379 svendowideit/ambassador
+
+On the other host, you can set up another ambassador setting environment
+variables for each remote port we want to proxy to the `big-server`
+
+    client-server $ docker run -d --name redis_ambassador --expose 6379 -e REDIS_PORT_6379_TCP=tcp://192.168.1.52:6379 svendowideit/ambassador
+
+Then on the `client-server` host, you can use a Redis client container
+to talk to the remote Redis server, just by linking to the local Redis
+ambassador.
+
+    client-server $ docker run -i -t --rm --link redis_ambassador:redis relateiq/redis-cli
+    redis 172.17.0.160:6379> ping
+    PONG
+
+## How it works
+
+The following example shows what the `svendowideit/ambassador` container
+does automatically (with a tiny amount of `sed`)
+
+On the Docker host (192.168.1.52) that Redis will run on:
+
+    # start actual redis server
+    $ docker run -d --name redis crosbymichael/redis
+
+    # get a redis-cli container for connection testing
+    $ docker pull relateiq/redis-cli
+
+    # test the redis server by talking to it directly
+    $ docker run -t -i --rm --link redis:redis relateiq/redis-cli
+    redis 172.17.0.136:6379> ping
+    PONG
+    ^D
+
+    # add redis ambassador
+    $ docker run -t -i --link redis:redis --name redis_ambassador -p 6379:6379 alpine:3.2 sh
+
+In the `redis_ambassador` container, you can see the linked Redis
+containers `env`:
+
+    / # env
+    REDIS_PORT=tcp://172.17.0.136:6379
+    REDIS_PORT_6379_TCP_ADDR=172.17.0.136
+    REDIS_NAME=/redis_ambassador/redis
+    HOSTNAME=19d7adf4705e
+    SHLVL=1
+    HOME=/root
+    REDIS_PORT_6379_TCP_PORT=6379
+    REDIS_PORT_6379_TCP_PROTO=tcp
+    REDIS_PORT_6379_TCP=tcp://172.17.0.136:6379
+    TERM=xterm
+    PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+    PWD=/
+    / # exit
+
+This environment is used by the ambassador `socat` script to expose Redis
+to the world (via the `-p 6379:6379` port mapping):
+
+    $ docker rm redis_ambassador
+    $ CMD="apk update && apk add socat && sh"
+    $ docker run -t -i --link redis:redis --name redis_ambassador -p 6379:6379 alpine:3.2 sh -c "$CMD"
+    [...]
+    / # socat -t 100000000 TCP4-LISTEN:6379,fork,reuseaddr TCP4:172.17.0.136:6379
+
+Now ping the Redis server via the ambassador:
+
+Now go to a different server:
+
+    $ CMD="apk update && apk add socat && sh"
+    $ docker run -t -i --expose 6379 --name redis_ambassador alpine:3.2 sh -c "$CMD"
+    [...]
+    / # socat -t 100000000 TCP4-LISTEN:6379,fork,reuseaddr TCP4:192.168.1.52:6379
+
+And get the `redis-cli` image so we can talk over the ambassador bridge.
+
+    $ docker pull relateiq/redis-cli
+    $ docker run -i -t --rm --link redis_ambassador:redis relateiq/redis-cli
+    redis 172.17.0.160:6379> ping
+    PONG
+
+## The svendowideit/ambassador Dockerfile
+
+The `svendowideit/ambassador` image is based on the `alpine:3.2` image with
+`socat` installed. When you start the container, it uses a small `sed`
+script to parse out the (possibly multiple) link environment variables
+to set up the port forwarding. On the remote host, you need to set the
+variable using the `-e` command line option.
+
+    --expose 1234 -e REDIS_PORT_1234_TCP=tcp://192.168.1.52:6379
+
+Will forward the local `1234` port to the remote IP and port, in this
+case `192.168.1.52:6379`.
+
+    #
+    # do
+    #   docker build -t svendowideit/ambassador .
+    # then to run it (on the host that has the real backend on it)
+    #   docker run -t -i -link redis:redis -name redis_ambassador -p 6379:6379 svendowideit/ambassador
+    # on the remote host, you can set up another ambassador
+    #    docker run -t -i -name redis_ambassador -expose 6379 -e REDIS_PORT_6379_TCP=tcp://192.168.1.52:6379 svendowideit/ambassador sh
+    # you can read more about this process at https://docs.docker.com/articles/ambassador_pattern_linking/
+
+    # use alpine because its a minimal image with a package manager.
+    # prettymuch all that is needed is a container that has a functioning env and socat (or equivalent)
+    FROM	alpine:3.2
+    MAINTAINER	SvenDowideit@home.org.au
+
+    RUN apk update && \
+    	apk add socat && \
+    	rm -r /var/cache/
+
+    CMD	env | grep _TCP= | (sed 's/.*_PORT_\([0-9]*\)_TCP=tcp:\/\/\(.*\):\(.*\)/socat -t 100000000 TCP4-LISTEN:\1,fork,reuseaddr TCP4:\2:\3 \&/' && echo wait) | sh
diff --git a/docs/admin/b2d_volume_images/add_cd.png b/docs/admin/b2d_volume_images/add_cd.png
new file mode 100644
index 0000000000000000000000000000000000000000..50d7c4e7ed917161b5e0ebc3294583ec5e26ec44
GIT binary patch
literal 27607
zcmZsCWmFtd(<THbK>`GK3ogOkVSwN+!JXi)gA?4{-642z2oAyB-Q5{rW|sHe{m$->
z?Q{A^*FC3hRXwG*yCakpWzbLwQDI<U&}0FUsxUAg05CAH)5vh|6gv`gmUjYJ`MbIl
z^!;M_+1uNDa&oe>v(wtzy1&1FadBY>19NnAw7k50etzE9*Ec&mJ3l`^G&D3hIk~W~
zu)V!KHa51gv9Y$cc6NGtczF2d&!4HOsrB{s?(Xj2zkl!T?Y+Idz3;WUy4v60-_X#|
z($X?KJpA|X-_6a<m6esj!NIn+wx*`0ySux_#>RjD{+*wnWoBkBEiKK=%s`=#hsVd!
z(b3M%&YGH<_V)I)w6r$})W*i<`sOAlC+Dl#6PwLbd_qE5X(<Q<G6;W;jg8IA%j0u=
zE-5L|40?vXy{gqhEiEnOyr1=fS2tj&gxfQg=Gnw8w6d~N1O~>}*C+emvsvV`Trn8V
zc*waAs;sOmp7K;O2O8OZadL72)IkxHoBA#xQ0O(C$3GnySXQqy>4H;(Ht6~dSP=#W
zUOc~k=DB(c+_n4&1FLX-)B%IQ@dSp(|GNt6eQMi#D=a94K1~qIWGVxnh4=-2_3ZIS
z+!`4f9fF{~%TS@X>5k1a=*{zPe-zG-7U<Gm?8sZjBBZFeSXtfG>fLrQ4$j%F(1Nbr
zi%W5F01RUaGYkw=zzu2?M`P1_KbLAe2+=jFVM^Vb&QSdp+#C0UAL^J%1Orpx!JpQ(
zsH39|9a@SJfej4}%MpgXxY&m7pLew8UR_<;O+v&C5*h6BV05#g@%8Nm&amum(C>j(
z!h-4bovf^^(5A7(J*ZCR5|J~E@dr57n7?_NFkUP$duyGpJ?CKX#@W$ieT3%x@h!XG
zQeOn8oPUL7<sKxkw0CmVm<G9G{OF^{_|kNbTFYf?&)CDp%NHFO%edOvwv_hraPQz}
zhmyI<_MX0h1_vorezBiB<HbMx(lm1*zY03Tt7d%SGRqR4vQh#BBX|C7AC32Sky27D
z*Lw0J@Di$eBeSYZHb4K4vr%AzNdx|fT#>06Sv2b<tKYXxgoD|dco}+5ny~$~kjh!^
zgchoY&>NMxtL$?v;?i-~EmeuK44uw+%7@Az7$@IStFdOlz*wcoN{Xp_!k%kP*;0*u
zu|F=98kSwIu+pfeMUY1)NrdG{qd+2g%stEfG}`k!UY;&5L=i6dtO-deSb#eH7dO7Q
zFBY;i+=u#fSoviM+ust(%Td~gaU(w9lNdAeTdL~b=*7CM+NV9gttAcbrXXGXVJ9kd
zq8LOkW8yHJgnsK-l~P1>URDGhUa^BQ-tCVV+Zh7z-%nMgFHM(vmN0BzwEDz*2kH|N
zw*$X;SF=;PN~i+T2F*KngS9thPXAm!h&Y3Xg2}_!69U7L3_m8lWrnsA_to6h5Z#Q?
zZf~491b3r-BJk|JH;&gCly(*S1=mm7I|BB>g`xWqA@0t2fA!Fxzx#{9-JYTdrqj$*
znlAGf-2Dt;eYo@rye4(;D8=3%5-<0Boj{%{hs|h+3>cE4I~TVZExZce>hi~AkM$l{
z=5Q_wE3CfysPWNvR9?b2t8NuF)6}fKm%E}4^7bZjtQ6VU7)5X|V0ppi_t&2c?C<Ta
z>F+Z9+S74|v0R_(Fsk-FP5TQWBSL=VbfumGfY7u=;r5Chw;rF9r>bst6Y1fCy7ADQ
z{cYu~I^1`-b?F}ERp{QZ6f#&m^6y@EV+V3|`37g4C>({fOw(qA3L{qCyX}ak%yb;k
zUOZsskTpNdc8qbncJF1j_lJnI3>1x(iDa#iR}cNM#Z3UIdjS`=cHEVJCV6=zxrAO$
zij=d-NvX1(?;?H~Oktjj#2YJ0>P6K^KH2@imaZphg~tY?X{Tve(oc0%OSPtyGj6Sp
zd$!K^6pf&sX{(rOn0f(FY5zwzdf-P$UHOSiM&ipuRL>V+wixh~Lq6i%m6syddgpc}
zQ&>X@CzM3S8%4cFxSiMe!f9uHEu-1=C>L@fexn<k`nr{Phw%pup>mmq`S-cnhe#Wc
z5%;%pm2%$V&H-HXlBz`4aa@$%R!Ymp7k)QT|GYVC)a{0s%A}bPYnTWr`}q6=rCjWg
z)QTpY$KA6)+Dc%@^NENw|Aoqd2Iuuv>0rqP-sOrdg5Qgp`s43x5`L(OViBj)>)Fdp
zfQ70KB%COMp=)AP<69eKhCae|{rZL;O=no>tjvq@bu0A_1GgHt6q&wZ-{}vaufkVS
zFg`H|T_TlMibh+f`Y?R^9lN=sjpwRD9`{${x8`wvdl7U2mZ({Se-1ouUy<DZjn?^P
zL1U~cy}^`Q5fVjn#=4ML5$3!cytYfcv}SD)-`oA2Bo$ZfmWqV5p?R?JlX-&1%aKy~
zTb53VA(24Z)E^oPSk0xAQ86nF_bj!v3fKv&^h0mu?$`bK)&p?s!5du7v&o#h25ykD
z8C)RZSJde*D1ovyCdrjeqBdMzI$-JxdMUWs8@t@h@0t@{RkW9drRu}Lehk85iil#6
z*Nmwvc%*IoSC6EbAmCMw;<%!_=loBL(7)!3WIH*_6v%pgy^@%xpofH1@WA?FqK%OG
zuG7xrF;T{$T*C4ZJ%u3GC~fQh8(cFrg?wt$0wo6fJ&OyWGhpkoF_XUfz9Izgo2F6|
zZtTSA*;8<`jsixzm&Nl}8gPBj`a-H{P0xW?p@nY(mMw}8`!!EyLyb(0Jr~nh%QE2@
zsgQzFHUB^CT&(#Kblv$Ey40mrg}W7s6fN}{6JbaY+E@l<34ve6FaNf1W<F>DrfiUS
zLnLOmUO}m1g6wfa;+IVu<%)8Vk-!=wiu#b?cL|z0Uk*HSA>p?(Ub>TJ3o-|ECwP!S
zR)0t)aB`{aO$Gn?{AS&<$-wvVkU`cbh6-qk0e%R+WBe3_xfc7hav`QWcLlt8xvRgb
zaPWKF?qV47ejZ)lDz5;(JPB>hsX^WElMJWKpli+$*!mp{uWq-&Y*9ok95t-^CgY0V
zC>!5KaYi}{!<*Z_8uPho=xr-XT~C~TwQf7|vtUAt0j{<*oYp__>?a+pswyjvB?yyx
z%8`8?cG1n7d6FO@12G-aDOqW2-k;<}a4OwNDvh_4uD1J2K^`?`mHdSD%CV>d50jO^
zF&Pl|D+HQ<$&u!Ik3GysWNcbFzGf*{$hI7xbRSOX=`17-u(fI2I;pqbM9Y>7V-HcM
zIw)WyxvT2_+Ak3g@JF-{xl+{>*_*XXx;y^-1SxCR4M%HkoNHKJG*SB);rR8FE!u*e
z)tViF+cdIAyIk|X$ZmTLrXM-!sk1HSiw|~7+(ns`VRY&r-At&DW7(Uff8L9=K4{Fy
zb9O1Mt2RLG-tk(U30C>R6=a%t^WnT`T3@}1T3cr|)lr92lBSJw(m^}V8I@k@X3Urz
zCjeeOx#)}EG#L7_s%sG{JT4pKi~j1<19h(Z=^`x~QTxtLlqboXgrd?Bfx+5~CCN8f
z)@FM~qg<+fOqNO0QbGC6@gDjzXjp5wVz&V#A9L%@Y~s#xTih8g(+}MGNvmLQ{b8}X
zJ+w2HJDCA9m|&TD?^uljUS9kQEJXPpdu}=AL1cx-RDU=SKde31d-=D?!@?z4snr|a
z8KoavhE#=;?8AO@540`SHqZ%g8P=&3`HJfVH?+^j?CFPNoOXpKswzZM0v_oqR>w_+
zjtu(cEnFL10oA8nZSZt~kt@aaUmO5Vf86ihXxE?&eL^Il`xF$FHsf+7%;2MEzH_w=
ze6zeOuKpG502fWw*TZ{g_7`uM$DWn3S&AVOkDuwgoEuJwTDPp&x(Gzz8G~Ko1Zn#G
zNUJXm6S>HbGW-`h=Z!Erb5|<wi~>=NTQy7*1@$Sn>^<c9YFh;T2DdD2KZr4yO<lPW
z@nwraUs~+Q<ZinLHqH`3h8f#yuwEQlWzqM|<2o;}Eq>n$5vGYFxL86&p3Hr^g>8wi
zXy1_5GKQj~$1H(AgG0u+*V)>vUZ%g{JLK)?@XcVYy+O$TdLFw{H+52|HCU;dh~f2*
zMlvxaU*a28ARRTn38v|e5sf<*fy%hmJkkm~Z3ML;W<63^3&!8{?&w}tH`21@cqEZ!
za=B=@r#?UHvd~X=>ms}UORH<ckM-`D%<JK=LbD)>x@HldI`D!pKN?3*O5It)lpyH_
z_RaB&<>$y@GO@^Q_`K84U=9p$A9i2Ka4<5Mqy7HRGxTT=3LIN1uRsPOH>7{!{091y
z!d=84?n`VOH^=8SM^&2Oo|}@b%4k5+4~K8O9H=z6nh9mc$PAlm-tLSN^(6MkK@6fy
z__evAVA<0xEaMAaj6xO)>e-V@@NPXhgfjU&RiP`d`I7b&DrOmgO(hGz5&xUp-6@@n
zh8}Nk+dWxI?Ctek0$%rkK=29&etIUf<E(Dmc6o1vx+!o3xl6iPlknmj6(zpTI`%nT
zQuoPnUmg-wNwPQ+oXX_j$8+QulJDWHN0RIuor&aQJ4gz3T2H8MGF_XkNOvU(jdDW#
z&wW=9(nXXEt1&qQu6G!fQw0_*ca1!|(OYnsTO^d6Y&csJczX^%%4Pz~v)7On<lyb%
zpLfmPWRNOkGFpZ9v>@uFvqFWCi`#{VuZBiy*9#BO4c{1%=xe0qMy&+4TD07ylpFt~
zLgD_WJbwDD;P@gc?Brl|r{-ph(;V(@;@pv8_}lnauldBfYZlw4{(EIa19V_7ts(EJ
ze;1ExMtTl2_Y+6PKmSHv0RaK_`s>U$+|ZQepUZ1M>>*+Y6ImHNQ%_sw5Q3PIo8TZy
zGK`pB`)*=j6o0{Y<E+Hv#Y#2VdYjqe-ShirmlRcV+Pfu@jc%}0kxbmLm)2peC9*Vr
zvM;`FU?8hu(GThmw6B^+L#_<d*?Pe|Lv^d4H;Ooj1NlonXT}hKBxU?d8(#98anFp2
zn8yvItmf#YZg+m9)S6mQ!XK_B?GK~X5j<p?p|jGz3%;?rIU=~#QT$`o)`GjGAj7+7
zCnnP|QT8tduE!lmiO_Krn1pvUd9SPoSa^ny(?!XImp8mssYs``ERBN^`4OkUG4beK
z=s2Ud*NiLZ^@W?#UPD@u;Kj|xg9kL<bFF5->I~}h{46SgisU#BkW$k|s}OzCZ>MIE
zbaE_0cjSq8E!NKtIQ=%8zXtex-KO?=U(A&jbjjy5@f}`FP<j;O_50k=Ay23?753Uf
zu!XGr#MD%obnO-KPmNZ*)4=$x$F-J=Vb})09D9FhqQGu_>xLvjlQ&Wd*Hr0WwmgQ>
zc`@^q-}TYiFk^A}!ly@{d+N+Dr*QLF%r^ZUciK0P@1@PaYexbPP_Niwa*a$MyJLp#
zc1Z5lWSM@9l{XKVREj#>6tJ<kT5>1-;@&w$PKe^;(8^oLF0;Wx1$K3YbS_#d$H8th
zkw+X|>v^ROO7HU4)e5{-iS?5QZ`-XZ*K&6FUF*wF{KLspR9DS>e9PC}sQDVyV!UTQ
z{qbwT@2tETfZ^pica~#fPu8%K#BL&a=Gpn-_)Tj$_83kJ-7m)eiZ@%s!_ga{;hI;H
zm%%y<sX&Fu>cxDIpK#p%Yp}YF$)n`p_g?jzg@<r|s=TATm;s%HJ!J1sgk+tZJO{HS
zAK4P&+2DDrfxffMA~Sjf)+u<U8><?@urNM++3icrps&*WAHNtnnW=t|zl9?SGbi$=
z3Y%zPE;7jU^C+I^@om%f<u|17BN8BDQ*B@3E!qr-y27_MPRPFJNg5`LxXusx6KwB)
zW(lWK8W3|D>HXmV>#nDcWTKY4@toRH0V`<*aZ3Z5(o;+ux%QR8z7yT+Kkn@GKm;PL
ztk+5y+u8U{VAu<|T9<A|qZ(Y^DD+{AOEV-L?MH~dpEaj`wtD!=tx8Ud-yk4qLVS0S
z=3{dm9dJ<hr%!pG_f4|ST&Ekq>k}hx<7r98_ljFpe0l`i=;Ci@9S_uRh*e_9!#WOs
zC(@*CCf5zuX}*HGj-z?RbAmecUG)Ee_L%cfHx<+}J|K>b))Y~Gu1hCvPuweeuyXfd
zY*pK0uEoW(8MaNV1`7Cga@Z_{e@8I<0X$#ZW;`<7`&sN<^_|>1BZkw@TOxGKkDV4P
zdesDT55M-zG6p^&7}3yVO8OfnW`XGB=LmE|mZ0FdvXGBAUwG(p+b^%@B!ms=a8MB?
znw~;WOLFpLEDXdslo+WpHRWQ6yVh!G!o`K*U&L_>{WRHf-ET;!zC=~AdStcz{Beww
z)F0d75xaHkW#<YV<V=b1RdVUIo~+(s9%A)X7ikCA>AEzxw~r{E+J`8_N};PQ_}<X_
zuhXknhT8o{{#@uI=n}Nl`4h$=8SVt-m&ZZh+EwX~cCZQ`CR~JHY|NU6kxI_DhfL1I
zHHE(b1Mzq^;=km5JL6K0*Mm`N(%uv?W)!J=BoN&xQMTicVL`vKNKQ*$49qRu9uCF_
z4@pyt#(YnsK1JhLmZ@Nph^H;BzpVmLS8auvaigB_v@)l37$5R0qI9=0A9D9veGP~<
zfINO+rGo$|jYC)TBkwuM$eSJ-GUmlNX;tix=fyvUWkuPNysi%V0dHFZx+gs<HVB3)
zz^6Ax&=_cmHzbBee8q%0X5fo>mQ@;@F=^1XP)uU_kThWksi5bG3HAZm{++8Ww(L3|
z${a~I+icSsVAtUDo|T0>WCOA-IxPB|5#WxB4u4kh)0)&EUFYASjgO~uR(jsl<>KP5
za08(O-1Xc+hb5@zu%QCw_+vFdX{RKo3+F6Kw`b?eY!TfZpa1w#^UQh&-d_OI&^8*b
zf?RT+%9hC4urNdIrNxS@&Q5XFIW_EFP9lc69QImGv+_r6)b2vaB}nTw<*sgr1Kspa
z7Lmvr8Y-_|fFF}=Jl|>6ux3`JS}H3&c628q1`1!QwM)%A2qleAsHQVPajMiq&$}!=
zC;1k){`}zyb)KfurIiG-Au8kGfXD6a=IYu9Sbb9~&sZDl@(M{p`8KPH@t1s)irevy
zNu*V+3a8*zz;it~Ez{7Z8fXqDd>;ihrCpksZ~%AGM$Zq=S=}Z(vKWeSLX<&ie`hMM
zXWZSYP`=t}cr=RqPHO*`#1~r$(uWe}s#P&dm1y34dGMI%$*ju+#+V>u(`1_Rq$K#R
zQw*r)!`u<nxtmDo{yRb{@P$;34tZ<|C25&ReUq9h-T@8lz@6aBMzTJq+Nh}G2!x9e
z|7sMm!V6C_Dwc0T)gU!@Sz$d9=BiH<s@}MWd!lp%AiBecP2F-3R%0+<GBGi&8|GL~
zrfD0R!BN29kn{CVINaz*`8a~_rt01T+sDN^_XO2&P{RXnb3UGkE4-AqH@l_VX_h3l
z6Gfz#i_j|YEcmj3Ut@}Q8Beb=fn0`MP(q~iLa(GO6RIEW-Ox69eF|}B3BYH&OqKAU
zD&2#=o5=fx<3=F#b>&7QS4O5U`R8u5S|Pe2{>k9>QEbva0s*gN0_`R`RMX`67Bj?8
zP?!^^uH@9GLXL*3@B$1Tw>aE}{Cmq<HNLR$q>F{|ewbx(I%DeLHp~Kw>aJ{T3_29$
zq;XVB=_b&{h9tSX;Z8NT8W)47>U^~owSVo3bA%56Bir`2yO%D$s@vif)-}u<zf@lu
zmAwhiLWw$4!V!8g=#KbuVy$6b98&WC=!K9$+ia#vr%GR2k{~<~8N%C>hVtt{O$4yc
zg5AKDs2`jg(+}9<V^nR#MMhZ*9zwco>&J^C?}WPp+=RZ(1Y#1#^!Fr@wy*Q;A3HOL
zmbIv(#DP;X*2l8`jW3Li2}k4flKG6-v*EZ$2v~wvj#gF#T^&kBS9{VdC(PN)xP#1i
zrfxurzM6lK<f%gc(9vqiCOQ^vQ@SOG3ycGqOAhno$PO@$8eA40YBv6AC3)<%l#4tm
zPaM50sVdEgGVTbRsr_F+n+T!H&Z6WD?*+7JN~3z4cSi3CJEqcq$`sN`$Q63yA(E{H
zgg<8nFz#kdjG}L`&qgE(i*Tz_juc6@^oJ*Svpjuza5dSQ<CxcxXEt-#t2dMvni5>n
z-0bqbFLxY~ZeO2^i=P~q5OP#~nbh%rq|@s}0w=Gntmx>h)XA%Lj??<m5ldms17o*#
zo#07gz&Ar^$@C$S&!2}w#rp{8yZ=EPi*Bx$W+UQ^ic|iMExs%o@1&9Tvz|us5-<4j
zkCsO2)r6{stNTiUf85m_Rvj7^xn%kEIuH@TQ*AiPYtoIu62~Z%dL794<DYDHy$Q`W
zTAER}kIh}O5h1@Eq<_!Cs;Ki1SBfI{I*K0A_*0UY@ZBJZ1Y*%pMy96(v;-<yLJuIi
zmFYfcWEz^zK2#3hq6R_UEWkg$%rii~^_8u--;=ozN9gjQ4#ZigLqR&Pw(k7Mxy{?o
zkS<Lj{JW)ReAZNVcxjyB`7;FxR6?Q}@J4dz*piHCfs^%l`K?_wBSl#J$KfIOh-~;-
zcqkBGA2_OhtMjw?A(el?xpJ5Bj1_Qk_pY2%t=)^=+Vvg|krm{&1OwVnQ>z?*olRI$
z6!X1!SD)LYAt5BC+jQoOAsLGrH_Znz6qQMj=d$<gRw_bf7@xpaK{>nQQ2X!{-mg_>
zf_M4pDcrVV;o*F06)&SmonB+hixbM96`l}=jf~p(Z1(ex2}(8|%1|fj_6NE0AmlXk
zK0ra^ZY>P0IEyuA-=7e4N};Y8{wWfkUJfOjH7mg6M%=m(nXHEF)ru;Oxw@K+loZ$7
zv=E}N$CY;mC8c663ubuF)wLk4JB_=#6<_AR%OzH`&}U=Ym|<{$V<~<5r~ZUmBUf%!
z+nHlJ^u2GM0AFMNH*6|2IlfkP{B#rTL=38j(AU~9xN8}*Shm^6m#&{(k7=rvx19!F
z>QlmftT_ieuK8Cs`K&Mx2$+Aky;2>Xa4W9>&HPoVYnJAz*guS3><CT{qb|GO=Z?QO
z9`>|JC$5ISK8|5a&RIR%AzOYRU@X2SYgv&ApOq2#82Tj}?}J#a$b|B|=3N^^Cz^Ll
z^(QsWd(Gs7+WiL-ib1xw&SJvkVFp9c{muUSYog-ko}2dP^hvVUw-}fyx_-LUfO8$V
zHdku^6*GDZn<}LhHqJM`nfy}fEq1K4scLMhk`C%|&R9^A2R7^`7VIW#QMFpe5|3&M
zNT#`HDU{!zYs-|1<fAZZ$dzL5!E4N4TmczEdOb{C2#wL_xwuTH@+@F`hoTITcEVUr
z7e%m%X*#=zW#ijO(q7$#P)%ZtqOW>2_fGL&My6nD6@_;w42`IStn2F&lHX(I;H`Dy
zz2rzAy=AyE^XPZ`mH6I-(Q^LUk|*<fHq1*c+LX?W9$<&yyZZ(%qL}?|{g~qRIJ3){
zVHwXuK}zBs%`+X1H0t<V<G<Bt-wS}l>CX{3R5Fn7mGB$~JDdA3ygsR#`|r*uQe<VB
z&_*YJik~6g$acN^c*d8=rdo5oH@m!ypPC}M-k>x-;V|<9-<tf^x`=h;bHlB=bN?vr
z9#qezC2|3o+u8S?Tua-)zj@x;3CuU8{0>K`92XRREYEL`D_pe-6!|g^a>#nGJ~3(h
zzLN@r-xZ(sR$AVsYZ{(J#$_QxY}6KxJ|p|VBt`CM#>IU|*E2Y=b4@!xZBUaU-3AlE
zrr1RDJmJ9GSIAmix0&BPvtdI5Z?K&6zdT~aeqrmMyTA1-EP#rA(s7W)9Pht{k(;{m
z#dG(G#!IvtzQcgOGPXOOGFn%n4%6She;!b=7xq|UHb@{mL7(hLM`Ig_rC5k_;e(K&
zI%qDf$Pitt1o|bD7|4~@g~7*hY)!R>Cg?`W)ofRtu^#o<b=yL?vMIE&K*%3?ST-P!
z*!p=1V3g>2TO!=n4}|+i`{`nj#TYf>G$IHJO7+VCSO2)^WMtLy2+<ile*xdOZfH}p
zaK2tv-wli`WY5-`PK<O18^0nxvkXWGqV=dO^ax4dO%4ht>v$hp#`<JNA>>O@(x%sR
z5s~sdJqvpyNHG&xrlY+uTPVE2jr&Z~S6@h>YpW{m#(3QP2UP39;ocp-`ok^HEo9Q(
zg`BeiL3On~ec6woTF}y`L#JwUa^%QCLS0*~#I7*&;gRU%f7Y5zxTctaXxvz5qY(+(
zoc!?0-)0f8)6k(eo;t_#gmhe)mkpAfe`%mMj#%9RGKrXqBY@|xExTX`RJF30res<g
zP|Whquzj~F_3ex*?+8wm?QjFa!o-n%`@$ch%b21%$={e$n4pIe`TvM2etH$U@#9gY
zOPSR^DGuu<y&RbJmR`U;i}+t7J1k$^e7URB@g-^G?Jb4R=4L6;qhG;4%eRW$kw&q)
zf&H3Hj4kcVIYAWVVAtT19eJE?&i7W!R+?!L6QyeI+Z77;mn2)vc=&BbPu7Y#gLtoh
z`PP@~iHly~0>{<H6f~&-A6>#1Mo2{J_U`Mi%C)IgeqhsY>!FmlVJ|xf`E=KO5K$vL
zJG-A16dm4nC_*}Nh(U$CVPtLWwT%-cgAv&ctt+AP1LEK_2lqqG)6j4cT=&Xr6=yoS
zvn^V(l3by6W#pa&oc95+h8q+KTKZk4G-^z248q*_vq@%OU`9nyCe4Sd98ZS_V}rpq
z&hoD@Vcmp^W)vOQ1COYTL-pDejwB|$T8SxDNuTSlL>Js2&S?&KvOAgZ74coPuGN}N
zA7^PbHKH~xHY}-Vl3}#CcF=7FGaOk>Xt2qfx^ST~_|I~^i!Y<L@JY4OV-pf6KE}1!
zIh`g9!1b4?4Ek2eSs$;r>D&BiNu<-oxJJ3(kC_x}&?+r1Kx<rX=R~PbYpLf)w+VzR
z&zK_DbY%dyiwG|qt46YwJ8$RX3vVi>s7h_`PO)-vUi|VvY;zw`^t}8GKx&3JJiiQd
z5QT@xRUzM6XV`WfF5-V}O@&!38hb+!wr?s$NTe4$l;~+X)26|jz2-=-mEP%w_xYFP
zPpppm9Veci-+j_!{@^`r&)(geJ3#LqkKAG;SyT$Efzylk!3R=Xq6qX_ve3a#ECOE%
zDYLS;s>x6%%C?xc{?3_s+a*B|Jnn~gT$QFPfNO7o-PH6K=h;d1uAZW!@A?S6>(h+C
zD2%!*ivIhP;hwQA*U+x;z?~n?rWCdBnBM?j|JD;%U;@)6Z+MuA<_Pkj;vEsH#it30
z0(|u0w;MfMd3jTLTU&WoeZBVAC?d4o{ln|ojb<)MrWqp3)}f6zC@AycG_Cns6c8&i
z)Q{>^maqA?4BF&o6D3oE5Ahwsr;r;SUWY&U>WM;liu`Dx$a&5BCnhVx^ZF+kn#RYW
zoj_!{`{(n%=61iwy#9T{2Zi*(G%IiXPbkah1rA;TULUs}bBB@le_u6X#D}kJ8QP$&
zl)?qO9JA<^FjT4cB$h39#q-<@YgdP8o6v`$f2KzWH3y}=jb8zgpgllnpq1o0wb>dG
zS&#h)!{GfFj2#DeJo--r^f8ORdGs>Z?02F~j!z(JUu5MCP>`D?8OQf8<wX<~d^u!S
zFiu7MWOwy%N*ettt?m#fou1mYb}Rs}`ix(MdHjh(C)eUOA$oaL_RLxEs0<@d>gDa3
z;_<Gic$jd+HE;^z+}d@kR}rTof6-%Um#ikVsZra;Av>Gr8?@Or`@Glc0KDnoZn^8p
zfmS_15g~(5(APH#>;xCvk<@rh)^M#hhe)86C5!BR-0?pe<kt)$m2*{-h<aDPZQ}Hz
zu;w|4Q>FiRUXeSOPLX6Si=%#Gj(K(293?6{+Z4OG<wLK`T<W>G;*Lr$3n?*;3C0-L
zNhO2Jos`~wf5^Y`>KCid-mjrD8c!}237GbfPvDqn$y)$DW_0GxwId)U4?O;KGTxOl
z33Z3mZ9=o2)3%@vx8cdogl)-!*m+Gu5`zco6Z;{WX>{;C-RvM`=S73GI!}J0G=N3Q
z=|5Cs5>gnW3U90P9A84~oTKKbbM8O$dRZ1jizfS(8>xE)P}HL-`-;1Z4d_+>MJE*e
z7O1?-rvq1|V5=<uH^`qzO};FAcT7T@kmS7pP&$oT2({|DG3L+Kko>~+FixbtIv`8)
zDzskJxT0-1-~^r_-qG6fT^<=i-+2C!rBm11)so6jDj%(;`wcWoB3ydvFOG$vtZiE6
z1h@s#4E4^?mQ^_oIG2tU3<TKsX`Zc)mn9r#2wVHjAJQ(^lhN{BNbg@utxokoKo035
zbl9oZ&X!s6H6&kbWTiv-@JgQr9f^fta?rl+AIfJDuFKYGFpr_h9Xoc}(Q=&a8Fc%v
z>W2S3CI5G+rIq<bGiwR>n7Zc=d6)wBzflwj(SDiLnx76_j1kf*mmLZ?ipEs<C=M|B
zB|F}Gc4tJ5Y)}<tX1ULM7(k2GW+Z?V;_ycRG*t&}6q>*mqI9SNbIS7!t_pH2M%X8{
zvP`{#mPDXvci{nj3|5cv6o0=>FTUWl90JmhTK08kgDUNIao24r87Y31zW5l|n$%ZM
zHe{pC2pL@*%mFy%(jaJ+cEJmsEYAv636FPmKnT$x#*FC%<^-}!leBs@z~XZ$FS!Y7
zfxU+XXT5CHs%qmd9tVhpM85+;`O)f{X*8cf99DX5{3?c1sU~3`U_-T&&H1-!LH6mk
zGY<&9+hPMEm*!)B(5_IO&<=W<e{mngREG<+U%tU1CV19I_#=;u91$@4XtYO=_N{D}
zzY5ESM{9K)s56iE$!xYu5!|TekgG8hOq-O;!umhD1`R4p`*L%@H9EqK-QhRaug?5d
zxX=8!mdKc2Y_*B{F|;FeM_UNCv334f)lEGIwYBRlO{rNym+E~8t$k{%-q6l{x~ubq
ztQ}!!-bbeg(@6>o3Wo&ksQA-qlH<dJip^e*WL_B<2>3@C#%>&Cek<3b3@5gzntffc
z)>cue*YKaLBjSf%k=<aCO&O+clI002Xh(nimQyM#Hv>(yM=Y?T{z1wU6h?eLK-QjI
zF1lllpsEm}x!p>G8w}Sr!8~h?E_|>ng#Y6ZGyV1FJf<)A9Qve~QHFhCn^`Gq*cWOe
z_?C#`Xg2BmjFDy9;pc9s*2c`3t{r~5=K5u&|AYS(_)H_E8)GUd#^El3=sk^y=-%B8
z_b<JLTS9rEC{T!p>SN^w$alRj^MDG?o%1Ky1+p~`4BWt8A1zKM@+(n~xq<f>fUsv~
z(VirhFR~&fUb9;@3dq52*W*Wi)vNonkLtukY^VAoc|HxyhWq`HhaulzuxK;Kv?)Li
zWSnz&(-t8v?v*dPX>@F)%EF;H9e13yS?t)faX9WjpEGIb&zHZ2vCngRHTe15Jr?Q!
zk&LjkzrTEj8bX9pt=V#*oLh&$sJxL?<(iYXvIibzv`vZ7aiwQK@I#rv@YeKu!Z|t<
z5rBR)W7W<#HoLOB2W>Sdjk3jF5wI;|(uQ5sxJ^@kR2q2{5+PmO+USZyH(kc$iOlje
zYQ*VNOq^y5#r6mhzio{1zhK(SgwMR~Z_ge+ijDa?O3SGpynA-H`+76aZN|vZR?_37
zM5+vEeJ-2!X8=a57oUtd9Q2f}vfa(S1&<VilvqsFo@y3dZkKMvD9W2lZ!v6ZP`1P!
zZYXTu&#{D??GHq1pt)0TzgwbuFl9kvb75azfil2*V6ccGbOmI{W<^M8TSTwk;hC3q
zdyB`FKQzAd<?Wl*d6A07uxC53MDqDWZ(}{iDtcO<=J@*ALmV2ytG2XWjp&ZMcgfHX
zudbe=p?*6qwtRB&aEI)wgQ9rcE0Qj|*;t2Kpo&5m1q{I=8Zo^m5oY$^P0X!N#xim?
zd%9@KyaL)yNBxY|_su(ZdGj!eEt5-Oeh)`wVxN1awS)QaX6+z~^CF^s{+!>elCaBH
z-ILJQB$pzKT6UA_OXFv6A95>m3gSm-aX-9)wVz(>_`%Cv>za7X1pez4&B_3=c^Xr=
zFu@2S^o_n-eih3Yp2+5nm1SZFhJ}`(`ttAa;bd6CW+j5C5l7-5bOpFmjX)tzJq&rU
zJDPYLS<<l&@tuJIN$J|FUN1_AKo%e^RQ<o!%FZ;C??!NIU{PGSB+K$IYFOZ}_UPd*
zyxiTJR9UA^?$|i1mj5%88m3@);UT4b#mx;Kf9d!fvwPUJ*|-(^m`NL;9>H^7m}xEB
z`S(@@0HFKTxqQ|2Y$uD=FYboB*!*<&gK2qy-m)O0IHp=ywk3zsm7f*8Zs@Fk!im6~
zYkkxEM|Cd7R$LS~>f!97PgjKDQnKYdlCD_qZRilm(?h&CrWn1|-N$LpSB!bVJ#Lr1
z9$%CYt>H@|(TxsqM6bj0z&FFwoFrXF_0I@MWn)taddQuie7sjNJ08>TVI^E)SNM#w
zOqqXHj+Z)kW{#5N)&_-rF(~$R*hVU_!6oynzd{_$ONI_L@lLsPp{SG}3X-lT6z<Va
z`>=ALDncH!BlU|nhsC>=_UM-o4{BaofR9$B*Gt)*NS;U%uo8Oy#(GV+t6t-UX+6xz
z-M)0X!05JKejdw~mNX;*a{S}85OPQiPqp4;0%G|#o~EsVc0jf`LEn7~h-mhxH0Z7*
z7Ckr*eunGh<HjFI6m33`K%It-^Yc?95^Yh+)ADBZJqKh+Klr#u&g#QTxm4nR*XW>1
zQ6XN^u8>NeaJ%T#_U{o{7iPs9C#tI*>K}t42{u01Jy_5L*-~umlKpinQ84~NPVY3A
z92KZ=RmwN^7Mjz`_Bn!9T(=wh^=l=`vmtgAb@vLwo>C2-W%xt%r3R+k;_<V&oyP#O
zHF3XvqVos6^PN{Cq%+Dn6iOaQyx}L?A0~ajh=aI(!i4habT>7KLj?EZ%ZMB(KkSJ8
zbr8Jch^n7@3AZWozNB<Ub;9SovH0vjIK^V{W1+*??*X>H$vYO31j-xF8x>gqx<l}q
z6qA}Z|E^{fjO(5`egsC9I<Zh$#0>3~4a67_H|KLFr)pA&hWyqTl`MQC%d%_ZxolM^
zYb{#kw-+aeo~ZR@rT_9{@=GHY3sEWeEG}T)x&*|uD&QpQ2zRZXemL}WV5f1dKrGAC
zC2(gzA^(&p`X04o<@(a~lIFfL;uI+=%Kb`5gS)R$HbB93;(WMJ&RR{w{^XcE^)iq_
zwLj=iX@nT%T*9I*!sZZdX~Q-#_=J2|SA30A=2``i)4%FM79r%%pbQ4szjc0rs;7yW
zsi9E)i3KVTV}^fc;9}v$I(FJS>~Y2lrEb~?zVIlP{O!seiu*?*E5t!tlg@+<Pi&$`
zl0wQ1OL%NBeR-HJdFp7PI#|I*6)?0TZUcRtlld0i#2&iy#W}MGY6dyFvAk7!$jgBu
z46|G9^eZY{T}a7Ou}XrB_G$YB%1%A&%VwryF1EbErRbUYNuqSmu%W|nsy|ma7}WKC
z-2CYvG!;fKe=2Odo$h~g?8Z_JIHKk4OVIN#ay}QnG}S)$5!rmL3VYyjlvpr1I3>Yp
z=~rw<j0@i-(^yLCx6ziO*uf#HLt}h>w347eYkhKRN_o{==q9{I(K55`UaXpX`~B!u
z;aV75@J3V0-pkXDS|+nx(U}GP-r^<6q#xso-A(jrLZitW{G>(dNjQv_bK6(y`Sid=
zX6J@KL?+IKIX$ZFmt@X7<1D!@iF6_L<NLR7+=oqzK}HCdOJVdwRL7Mu2Y5j4_>=>T
zv$);h&n@gsY;vHRKRy+{R6qGlEIzjdj|7)u$6XmRiro3k`yHE<lV2S%73cide7FB&
zzHqio!<+DPDEFZBD$31S`V#`vqHKS<=z`<e`}xX88RR9l=#YMu9h!fST9Q|juqc8K
z6fWzEx%7j>2&@>NrDJKe^sGOV`)d1}CWZT_;=H~s59vHH#uu?U6Mb=W`qJjeV60SI
zm2q-%n&iAf`V-&FDb}$0?#zx?XHT4=N2U3wyn^Snrxx*G$0wZ{$kFy#%s<h?M;`t=
z^l`H)DvK6KRI!qzS9ebL#Vuq{>`>Ck2wQlT&9&j;4DoB}=PjozJ0c=Uc~_PTC^WDf
zVT_r~L@8+9afjec`XeXTpxrgBX|s_fyrhF}-)w`a8pij-vIdL9HgZh=WqWbygzE|V
z`;|u>DCQo*LDER@zQQ105s|B?X92eL(XmJd)a(6=R5h^W5wI`*Fc3Y=s}?gu)!)2X
z(!|Y+i>EM=Gba%@M}Ky@G@kjOp~yo<+7q9pDJGn0ZssbLtQuDz;6poLWAA2d#y>tj
zPhW!@o9!VJ<V=O;z=nf94AWT^dN59-Kfb!qme85STy5hk!+;~LSSFdH-=aR!poVm!
zgR=b>8AtUq8P0H$n?GIMp3?>{p1mi7bCKXWX}%>1ZH1FtX5J6Pt$k<pu_I?0(u2#C
z)YyRzsv4J-pAp1;nn4_cDYp-^BToGCRL0oB!Yc_(Bq;Y*NmB=Wqr}PdG2bDV0DNE0
zqw{O3w}2c0lkR;e(`qmJfd)e~xwaxIOxykR0l~2Bb5-czLQpA|m{5|T0n3-$9GZ)g
zx0Ln%l8);>cG>v#195Jd5m<*?nh+F4?ys0h6o9NRF86u=pn{N}kP1lSU60XqG~Q~z
z2wry#wIE6`%Q~_<=@R+S&DbtK*9YGifIdd|x=igJ!KWMewH@5~k{v=kViZbW$$>pV
z$-tH{zJJ%p<NzZ}P*~25v^`cgCSd}iTZ3;F&Rx}+Z8@4A*Rs`Oq%53>?Fj}8lOh+(
z9<%>-Y{!z})B$!|suCh|A83zblq?Qr>(B*)&#JHV{Wd(sc+bp&?E~H|kA*)(Rq0vP
z2N@RqtM5|AbqptTyw%j<W&(%Ibcf=gA9JY*GUTfV1-<*i(IoW4_w-$F7%%jfYg4}t
zUnn}<&Zwy!Jmq8WuqdppRz5;YlnE@3#qT?#1^RfB1H#TmK3k$J$N1<A32cwQANMAY
zJTy<Zf#xgghdqis8KdS|(Ejd~YW~E2qb6>DB-YMEP2APkk6|Bm%y=Ah9Qe0XzM}p3
z=SZQCjN_EXtS7?%t(;LoY>xTCaUROZce!9NB}F=%0o{9gY5}@H8E;#Wol>-Ejh*A{
zUAZSOJ>xs(A_*7(^Vcsv#~cDW-eG!G8Kk*$QZ~3giL_aJd7|&-ePpxDs74P;2Dt>@
zt_j}6t!X_-ciAkbl#BGFvPxcH()Cc=|96YHX9#3z&w<ihI|PKY$f!H&hC0|GNClVO
znxP7E^{|nZQ?ucCGQ%o^U8mrVaZFw{bwn8cSBVw*`Gx`dN6U7aDlVeDw!%;0Q@MZL
zi?zVbmLpXDwpB$0$T7mU2B2z<l-<rGV2P|wrP^2(&K#YUulTtm)P%1TCT){awI0Dr
zd&;iMuKyGtn%HmVodR61<go!=-IVoTP{eXT!B0K#KzZd<Nn>o<ZAS)G;j#YR{`-)&
zB24OuYg#e0R-tR8LSI);_>?kB?mXiS1|4VX)y<(_S|B8cd_t`1&irY1AhfCjk(9W8
z>wow)?hr7lArVzm-4O6`BIJLrN0;Ex&l)MY{x`<6%GT*qEZAfyL1n(MViwPW%_bc=
zPEDS?l5(j50Y4s7;|{28YEQ9No|a-g{U7<LEH&|Ef2s>9)2IojYWkfs4i2m|L~7uC
z{rjERkk)~>R7c;O5f6ml7t0Zt7)rSk4n%`+6VvFI=(JTvoJ`)N<9-}15|bL2bn}wH
zoDPk{X>m?Js61QV#UF@1$e?AAVp>n89_<i*v%TgK+y7IDHBZ-)!bu_B{)M)}eMF}|
zvYtj3Em5*MvJA^-zd`{;0(z#u(KEYW#x?w(trokMhELOD>Q?&F0ttMJ57zD{JyuKU
zb5i4fIv;Pg6I(LZJWQi^FpfyDV?PaP%{d-Wez?nqXt5$hl$}F%41;^Xex%TOCY9mU
z-{h|I-m|F?`ei|nuZHeZaCe4}lSs6cwrfy<){x+|X?5FtP2(R9HQZ@=(|LDtWF-+a
zc7*cZP=ea@w?vWT?Je_j`N&POMY9DY86~6v)EA<Zh&l6Lv1KXZM)JPJ8ae*9>zzKu
zXJ?j^pHH8b^p&0C_OiXoxM1TKE+aXZ`1ESK{+iu9CG4pv?EfVEui7u&WbY^{PpSAT
zIYj{tYGOQ$EFgfIS`-TliyQ?dJ_H^h{(+i;0`~td=%yw&eb<eAUyg?de4vI+gc*hW
zZMw%tiKn%Pjn*#NqQK}zCNhlmyN~1=68+}jfbn4_L3VWdC(g7WA~lAqpG(JRrc=F;
zYrGulR=~>N#2b9L(M=3=M$N4@oxUQHnnW=&WGsgV`2aJ`?}^D2D@Q}cTNJ_FtdC(W
zsTRr%)OBEZ@A!gVI-$KSv_s_&)aivOXvv4N-2b?AY5I?r6!ofI!E`@~I^msn4y;H0
z!_WeWi#2r{_O4+BV_Rj|0sXfg(_i_Jw!_SmacSNCZtVO#+m<FJ(qwP-xeFW~_;so{
zRYXmjJ`}->uE2a%_%(hqxg;|&-F8ZupOn`3to4}n{{MiE{v`Z(4ocV0#ITgdh@ef;
z_+zI@_~A+pIRu9|gZOMTbj#pD^PXiv$SSI?cGpuuzmJ6QoSy!Cx6{_7?!>gGasKG3
z;Dt7XCkaN@c@xpfj04tsdAD$|Nlb*k;G61^c@jbN&o_=_zC;$zWIZ_1!r>jTuY2JN
z{&cJ^Nrg8xz@l8-l)C}tGb=5K7=_28_X2Kojh|^tmcJxD+gv18&c7yBLkO3e+mqnr
zqTWLp{bxgjA`11Zg0ek1AaV@}EB_HbNHUHCPL3V1sR&Tazzg_U>DTs%%Zs(5aT63c
zz&dZ0s^Cjz>%9T_Joy!?3Kf<*Ti}t!k(vxJANf;QhCjHzp&v^FGd`L#=we3by^ZN^
z5O8^-S-Gc+w@60i_(Rigy(QeG_niRSI~;$Nwid#7`AL1{m6?|KVR%W2bLsVx==%>V
z<@HI#gH@V*7iuegr=6;SaM8k~@-Iu^iy0Iw7ZdL82SQY7RT|A_u~{fD|F1g=j348;
zFP$|OynNu@GnS*vlfE!-*hDntm<ZR9Z*q7}9didcA9z_|i5Y+YL0t2ewr8MyR7XS?
zZc2Gz&yL<q`22eNSdL&Fz*p&#FL;1VM=QX5{lW_f4~R8<<PLCJx2!pLLPI;}?5)-d
zpk9IAS~6DcO)Dg74aw^hIBC)g8+aqO9%e+94U_@IQV7$SZXUIte^GPg;_1_?j=e}O
zCO2%yN2gT$B)ZCmIdN*3nn+y_lD#RYQT8O4&29Y{w}FC%M~)Jq1V#AY!6O^+9&G;!
zwf_@L|G#H%pA#!~(U+%Xb!74`$<#;#-B0n~v}gu%HO*PL0UwHav?@)M7`OCY-<jM{
zKjJ`v9};0?1MXi6x^zAi|E3l-Ax>};x<ZcsgD8^scQ(T^Q9KPM!YNtD=X{8a+IlY3
zx?!)KB~|oWaL^|L|7RicE^H<D><nr|-!7faW`UKEfAfb23$f)zM8zKBND)r=su!EN
zi9{Wv9|%@ql7koa>sQ%%q-`>*f_N6Uby%*<h+^&!Nhih`y{N8^aWEtq0G#~{n8ndJ
zOt}f96&uL2H-5zk{!G;fRyEYzf1Im-*MDmlTP5KKL{mAJmz9;dQ^+#syBb1ky_O^(
z96RWrey?d2)uE#6gs+1$3?wiq;_py0==c^9Z|f83Nq=d_8zlw}EKxP)bRth5&GgIS
z83G5Vr}2o3?Ly{18CmZwwMvS5w}kuZzYeVlm0$2^e$ETy$3fH7V;F^7{l<g)sW>Q~
zoWkhU7wG{m`|h)MFWE2k_<e^5Tx<mEQudQidgkIMrB(LXAE@3Ldvyr$0yNGk&l=MR
z0j%dStm|toP4R(ELk@swnB*ft7(&;Hqm8Hhs^s5aQf!2$ep;!{8CR(tA&siR`~VHC
zS-6yUksB+R2QZ>3xNUN1f#4EQ6HPJ$`!@@i7v`d`M`%aSe>4pAK;-g;4PdbBQ>yIP
z9>(%qRnTXL3xe;Rlr%}jU7O6V9*MG+Uc^?1c%(JI!xX9_Qf(FX;1lvMwK<kKxmrzr
z<M-TD9Tu|*l(m#;%WT$AB=;#-=${@8`)kYx#OL&n_arwFYj~32Az8hjmiSRV%8>Dy
zRsz-#c)(8npce1#Z8nhzYklG5Tr^S_F4}G@wuawwY;)gb_HmQ$1uy21m@4QCadAfj
z{bh1?oE@xMrG+c=0OscqO%Z?~W<7ZUX!;Y-&$dwQ3QqPW&{Z3?)B`VwGXz>>Vq)dP
zqaF`&&Hk67?AuVmzz108NteOqcPK93jxhly5RJv_%gNB8W98fjm>46m%*S$!L=o(F
z7P-1lO#OpP_?XDqFM6u)k4TI64!WU}KOV1)_qfPPX_^NMH|?53DC(@!th0xrUIk-G
zCHDr>==6Ek`X@D+_72SAMq=t^+-<-)z(Fsd<({YFrK6?0<AK|^Pi(ahE`fhVI{sVi
z2<=OV`z<NHov+p0);r$$S0B-5_oGH~i(;4a{raoM7vvGB?>4sl=Tad@B3-jswZ@L$
zk9ZyIZ3BmhmG1Cw0z<U5^;15jW+H}<drcMIO(pQxJi56V#0ze$z;h+@)!cHn65_K<
zpdHwd0U)BqKuN4L2AVQj#G&UG#y&Ce2}KPocodo=*3a>|Ij<M3TVvzR`jF9y?;Kqi
z3ucH_3H;f(cBVX$n-vW0!JOGh$CVZ;xYsz-L`QZVYXg`S1srpe{8>^m%G@QHk4u=l
z7z6(-?T}TEBZcBeq^YehmskHJyWR%44}3kE_Kqq>jV`lvS)TRF@-_56rp{7i8rLBt
zTeXjojc*D2gq6to^tdW{!<EQJBT9L;B=|WN9-w+o?;4+*3=h!J+lmyjo4_I$^7>Dw
z@ZV<OKlw}7hP(!s9A&Vb>b-;b@7>lj%=*>u>YW(62WY>Vx>T>47nr)7dtZnAraFnN
zWLOw1%>$0Q;pxC(FN@Dj^Sj0G^T5ukx)l3qxFJF6drp@O=YG8guLr=l$k<>jtP?!l
z%zXd}Lejg_)#yYcRb<3H88AAZ3QC`k43TADjTp$U=y)aU<;IX{FQ3t^68HddCs8+z
zABwfziv0u@pwGW`Yt#~eeqgu39rKUIfN@%C&q_Uhg>bVi&+i}6RiiQNhzxvqIEL;o
zZHfLmQ`b~__DF-f+-=5}M8L&!wYU9j&hR)?6x|`*294@G(&{2X>Mj`jYsj;yYA_8%
z!FXA)EffIHXTU*h7L1>b;VqHS(dTnMl>nJ*bQRRuFs`YuN%(5FcedOidw^9rHH~^j
zAB`%O+VW}ZrA?#?GUB?Xz_71PH<=~vH`QYWZM7<Kq+$(y$#=+Bzex?fHbTkK(6ll6
zS1#yzWjaS4gv$tR@a5YsuP}4SyMD(G<S%w%egkAvLy$@oprEBZ4Yk!xxrti4!PNzS
z8A4OpWx;}&CC-HyCrJ*aPBFfo(&`j)%2%7Qv98|ed%fGw<T8~U1^N?7Tb<-7e5EKm
zB$SB7YHPN(cQ&@IN?|Sdvfm=aXnL??sYtlNw`Z*BkA^xgkZ?j%@M?e;de8v&s;9yp
z9ml-}rG#8FMln10;=-}Wb_Jv>8CTS;Ql}C{<m>nY%OS~p!iQN&S!1G+P>1ib1y*<9
z4%bHRtC%YOmH~yDp~ek>!-N<K3CKZui;^d+KZB~7Y;q&y?tB;S3JmUgdl@<+g^&1;
zk%YW<5IG2NIp@r<1U=~rz6gz+0sQWaB;(PsD@EVW&*QptJ$~WK$R%sHi)f9IlUy-$
zA{;O{EZQjqNrgW}|41PiD}pa>YMtW+?C`3(`w37OLe=Y`{ZExs7dl=4L}U^-PWt7z
zl&to+<lTtm0v@#tNGEFP9lskEpXm2T3V?CcKNE54vaX96O(#dYQYP;e%V^9*xR+(3
z+1XZep-6Q~P){V_19HiJv-#Sa$*)BV+UR6WSPSobDcQ+k7(^A5lgLxdYCZnlryM|D
zA{E+zZuejpdH@*E5Po2Vx6Y#NY3=mcqlH47|5qVj85LL4B#gUz&|w%H0t5-coxvS~
zy9Rf6x6BL<!H3`)T$11x2n-fHK#&Omf&_wpJiGh7yL--i&i=UPc2{>*S9MqQ?e6MZ
z%MK_kT2ALnJPT=rCK@g_SWRY`=cMFo#WtL)D1AIC9fVS4T5jL9=YG6wN1#0o^32?C
zB2sLaV83;iYw|dj_mzed;m10{=*&Y(3mx|c4bG?5C#H^a1pCLf%^maSyJkx=k5)S>
zo9bJe=y6q6^iKSd$!RN+n{@`)gI&v}h=qT2C#u@rSGfkHjzn${W=&B4KH7z0$5lS*
z2{C9K%iU3~PsmmF<xeMCf{%4mduwI}4R~1_&06+grxu$9G^H%Ow5p5|foJoJ`Uyr%
zrxE&b%5NEY^-H~d2E9R<KYxx(YJ_NtG;CA>bsB!lzM#0sD^2DFMGafc*t?N{vW(bo
zvP=OzS^)4jhAZ(B>OtP$aX;Pl(z$3e)ppnM=Ahc+DqkDJr8x6QP<2Ooz44jL00PQl
zUkcD=Rj(#CwqBoSQPwW{{wgYxLI<1-ndeGk%ox05G{9Sh-jM-j@z{_!FF)F#-7q#k
zG4IO>#l_vG^w+u&Iysl=65jbxSN~>(XT4#_36{zDkwpL(QsZQ=)zs;!pTXBWD*V_Y
z!W?PG<mAn|Vg(Z}tyIL6W=$Ys;KHQ@ZGlTCwHK3FZ6NuyO?4VLfMtr8>)9H!7>M9^
zu8k3A=^z=}csvu6I$cjMh>fD|;w%p`NgRg4X<H^v%B^)}E0fIZ6&}mNdsF#XV89Ol
zrqkUaR%+s^Oa`!j4+J;AC$G*+`Sr9S{Pgi%QHBrjeP%|+!<pq%pV~q#m9kJcDe8j{
zcRMd=^wuUl>hUI_BW9r0%0gQ@OmOKz-u|MUd%A#qL(p+v6TLH!X<>wWozpKf=Wwst
z5uC|4<&E(^=?=;?V6blJ+6|4KnS?h*Hj6=a`k$YP4FSJC)sVp1^OmSS9@K6fo6M)6
z!?Xj_^_N%Ge1}~Sw@7Ln1o_k(d?t`&^gKu=IbMBLz)vULJpxnbFqs3KlC#v#ndASs
zIbhn7fB~M}0lV;WE;@17_?h4#=Dxg<e-=J7Qy1wb$U=^ifhFm?NIIX2&h3-qZk-#x
z+JZp?E^zlpVt`4H!HO<!>G|)txoT#@lK_%ay(07412iFzFv1`H7!{{L{U9yFI4Yye
zK7QAj%YG3o-3r3mL`>wS1MzbW2-^7y34B9pY1!heAKQ@=ti|2vHu^zDMdfi*k$K=3
zX`QOG$L6gUDbURy--#;z)OQ1e!t|PxU+H)zI~1H((dG&7Mqdeji4-?`+{!V*Kvw@~
zJ1q<wnh9;dtQlYT7CssSm*(rJ?ibAC4+`5W#(FuRH&w9^z&npmwL-h=IE-!5hh$ck
zl))j_%U7F^?9mrO=POn1UjobrVva>HqxH+BU;oB5rg7LGqTR}mT$~s~tG=x<H5wJF
z;mD~_qzbne1Ts{wrP1Gy-qOP>GnPh%5qV$~u;7_;EJ2JSHOWZC=R$n@jaLW)7=;cX
zttaKYue<I`xE#xLy9$pac4b9^P~iMjLG)y}9n8SZAh2i^MYY`EjB96`H*z`SIj77Z
z)f)^km|>-x3)ds#tDD<O9E9G)oAWnLCAH}!bnNkI<^~&GAy%CZDBo$lm23rPsC58g
zy5_$YI?K%L0naY#@7mt?e<Waha{f7AMa|EuauYLdxkjEYxP5O5ek+P*z8SiBX{D8)
zM-r5-|G1k|d?RG|$&2)CMQ-tZWWcB*6_`?-kJ~8V*!L?JcI_hv__C`R1>!oEKp5;5
zQFJNOCPOV;PJy(Bz*wfCD{bMz&&ioq;^7(j$;S5WeQ1s=?o;DWdv!EzrJ_Ry92f(y
zi4q-cFZK+3v*oxK#HmZmn~2|=0MkNEt}#3Jog0dDes9~b(AtHup!lnYs^@xeQQaG*
zPjY+UNVv06rZN4u24_Z;@t~FFI}f&^!y`<j>f&PE>I<yW(*e?|iQJA<3#KeAt$>eG
zKmS>Xj(oTXLf0@f*$UOSc|lKC_?hXux^{z9&aNC<W0CC0m%wgR3EjForar*YO4}zL
zS@VtdH%sV%tb5Vq9(?b<sodvXS2MiJb|uK{>ACvc*k!jrr#slrSk(dt#MqHPDnZMy
zW|AGth~gpLeJ8M-6HuY9y3Ow60VeYM!~LzW5eeLXP4ob>`m1!SAG6?tnTJ%XbyJa?
zt~*07#>6~2!2Y7coBkE}z-*3e&Wdg=QYx5DO8Lb>+9eT+HV@ktScd=+<%UfZ>Z|BH
z{~hb;*d_|n)W*(Fs(4beH@J(PWV7x18O>3pg_8v2m<J7pxY}g6dZeViA|Yha8O>wy
zg5<KCLbXJ7=cD1*I0pHaX%+ENpsB(67W{pNr0Mm!7{WgiOX8j_l8vpS>lo$tpH7Cp
zPR=DJj0ZD;KB%vcqMMhWk_Q)0iIQ904QFlc<=yZGJdYmysSa6vc_&ScJx;)0X&JiC
zO3xWA%jMkI@Z7$p!JV(`(Mqwnl%NvTVO?S=1QmQB?0<PEB1B_ojo$7FiDyU^`x^9H
zs^l~SVV=|VtlPa@V=EV@Wqgle<(nSeF`ja=1!SYkpMA4ZeCaQ3QH1fwsD)~;q<)`1
z<ASWVAZ~GSgrigjnchhJ?jh?ZL!M0;t&Dg19QE+9ZO_5Rr?Y_VFt=F(M6E|Q{YCYU
zDWeK@z#uW(>Bsg8Y+Y~Fwcz4yUD)tTkfMdDCvH-2JHHH>No%i&x*$GdvN<Gn;OiTF
zb?Y5xhbWuUyis0nJ{htgx2Mx_hMp0xP%jke@VIcjI5@6==oJZ(zYHA85BJ-rSW;(U
zqN2Zy6sC@yA@w#R)#h){Q=$cD*o?_eP{?(58sToM)?84-am*UTLrZj_$zMLs{;Km4
z%LYwiL9Z~8{u>S5#2-SOJ_W_`E`HHHo4vXvsODLFlS0}4T2M`;yoDch+%}A7T9-#T
z>Fjl}s@2Pq6&vE#JV5ovVc6TmrAPn{^K9fb{C1XaoUN^y!V*8!(SBxOTGzBI{DG(R
z9hEXcwZwmr>vhPUaP}I4(C7yJQ{QHar*)?4pYkN;tg989INpUXCDfD7*NMymaD>I`
zcK)-pzY%T(Ng-~OvCLkL_4)ju@aD8Z2o0IM4fqL30CZ}JD}N(y{hyimC(5vAL}{I+
z&o08Q8>GQ8eSb0~2O%!8b}NmR9Xe}6R*zGLZ|d9rynpL8&zX59mdw0>gY^9S6;w(l
zch61IJh$rX_N&NJLKInoW6YO*Mx&bsNl!@2dINffi=vrw1|}I$@p79fomo^avs~se
z(a#P)Dad(iaq*n5AT8r#SF}FI?rFL{9mu<N#VkL=4h0Td`m60j0yia4i8`Bs`+X-S
z5ar~K6$<J;KTC0Z`*NC(Hf?WCB{owvh@e^o+{#ohT%Z=RbIM5N7s;lzbSxb~3OmQ9
zeU|`I%tCs!F-qRnw7r@*+m*rsmu4yp#_N-VynV0w-Wu(Jo_PW>cq9K5)n$G+;6QP_
zABZLm|E?b$+j<o1gQrePhN^EM|FglZH*oEyP0%DPP-vxB_k(7IM7{w020%!s_IP_B
z2os`ti=7J?H_Oz`<2odMM?P}XX8GC;<kU#O0z#)^&GjTYDrT-GfEk!1O(2$+kKA1S
z*~$}?S8;VYc4t$W7qF4{J(B@o#7cdCV96eU^YiC^<CTzu1S%}heKI67fRc|OF99Qc
z+A#BY;(GUbY=8Wc=eA_a$8v&u+9mo)Z?sOJ@W+V22vN~R9|$Oy8{C4EL||{k4kimd
z7#N1Yt6pIDQ0GuTFkb#RaP`0ZGwU4rLoI0dnS2e>x<>;h)#X<i7Fee<)Op8@O)ZnZ
z2|Z|}mTj@Bi5I#)?spmVkaTpML;8x~L&QF2<~R^kGlD_R*BfU?M#UY(S#nTibdDGk
z+NMMz1tOK(pwBk<P>if1C_Qc57X1VeRFR3Up{1j09cPLlP8)Fw5h?sQMaJx>g?N%2
zGYJ&tc{_SpYFI|I`&l^z?|U2wi~~TYvPDJ@bhP`v3E4NL`}>-LQJ0FH3;+1>?5O(d
z#nH(!_Ed|m#nTvc1EBER#+8@@4op(yTyDU=bKW%Euf9KKpIzF6jMjdjicU31=<uwg
z{RRMi8gz17Hf-$MO2M~mv_-z0LInW%8giJ7M!LIQs&1t*B41AM#})MNu*j3aJlV;U
zX^1`<jF&779~RN1hK=@5{4JS>#<UqLI8=$Y`ss0gO1S)!`6ux&$W!jWAWz``Ec$nl
ze~0>i5VN59kB0s)YX4Q~-!<^Rc>5QZ|4RIe-T%h@{{s9s<bOzt8{$xB%MOd%V%j`R
zIc{oSkaQ0|a?c6&?>)+bR)~BPL>-4LpkJe^%B{r4s;Y2t`b8^z7KHpdROj#68mN|k
zc755f@^P^W{o!+1#7_!9;ak1R32yM!qTAof1Chrw*;kgvvcZ1=_QO>}j_xf_KU{0!
zp`s{W_UYzRl($rr?%QLs@mdT^it@rJ;R(dLJTeo&mJZLenIC8t%lF3PO6!G>9H=S^
z_%Zxi0&1N}m{dlLqG0Z)@3eiY4v8<P=C{4(ufZmlZi4!(D5M)|I(u6Z^A;sS?=iNW
zgfQy_lz>lRfCPf8cp^b~9+=vOF_%V+LQnVw3=;qx)x^0#kQH?cVSqlr_vfFVt2v{9
zABmMiN_f;Te-Y0yd0^(BI(&8)%qLg~e1l)|3$0QX)fxm?ja*O#L}-JoF*&thcNg)p
z-5O`P<D45qJFjy;tZSKRAcg$+YoAAfCY002M^|IdHF~$2NoWQ`tmw1`jkEt|y-?YH
z2H)Se4&9S&DK0K&RX|m-y5>$~BvRo9cVNCtUh9w+1hcDjH|>8_#@Z&xK6{<#QlnO=
z$n~9->ZNRcTq#q5EZ1EVn9A)fI?|PT*aP+qj(pJYSivo(LRrCGZ$C*$YQh6=|F(9*
zOrkSUe01<aLqWv+sK@49(VLD*X4B8q;=@%RpE`K?OeeC!0Rm~Mz}~<s+L!5GQ7m9`
zfPl0jX;lzIf>Gj)L9CvP^?)#@JX={ZnTkUJ*?LT}64#$HSLyHOO^Fd~(YPG@HXX_n
z&l+0Y4NS4uOCkxHrbM-0D#%KwkDrnr4Hdf+MCvZ>IAH?vR*IfiVf*2b?WleBH)oF;
zF;DD>wy;4FImJU<LFijW@!+CSu2e@v!S3#_5;k6dXP?WeDM^HTo68u#S%=LzCI3=I
z`Ita!w%{^yEqt|4so0}~D|0Flh6Bq_G>FU@yd1BLkSdBu*yjds$|{lzDF#1nw4TT1
z(Etf(Ka=UC$9OwGga6H3*{1y#|Jz20Llb>QKg6XBHH)swRHK)M2Cp{nL;qI^6kLXv
zwqzirNyTJ`^dp(I4f$BdEFPk{>}}WhFezYIe8P?eskM(-Q8N$#Zv;acbbTqh;)FC2
zQSf?kO8%x|&R?kc5*JvW7XB2qY-ALe&T+b%m}JcRR=R7zKO9mY1JC9-6F^^gDB-sD
zJ)H7eOEGZug=`GO0|kGW2WmAEzp)xF8a+{A4-t_@Y54U{lK_&5KJHy(`t9S%7JpSX
z;VZAtp{JI#!oP@QqLFBZMriRi9|Bg_=XisID}K0OBEc2*455<Xb`QFIqZC~DIXmW>
zwLra;_H(2brz7j?Z~BoK-xo&kb!vd$XIw<SXCy6?JOMwLYAapVyYB`r;9o+ix~)_q
zj=@<GFxSR1ZqSIgZO3HkmS`S#H-(3QZpXLx^|6Cne&JGQPj6@f`uO(TJBnnukOkB^
z7v**#e;C7;+NC)=l~qgPt(_#mgun6M3lLr$zhZ=o4G*(plLa+Kv4{5dy}3Qv?5%gM
zsjF7*-WcK&Jce#l!gn&Kkxo8d#TBjx(G?F*`#gxu3L0VY^J%~z@Z&V=*s_u1WHLo5
z>yCa9M934hhMQuYu&>4uBKDmrhk&eJg|}8&zMSdB0XoDf=`Iu?7U@!|KsL&pY3kQ#
z1WDIjxzUnRd5n1G687wj;{IWE_0!r93|)-j$`K5hFD|#4-jHFU;#=RHDnzw>>p5V7
z6VD{n#2Zg&HRfV_mOxhp^2KGGQaj)REP16>!unx%gQ@5{RiIaUv~R54PW9iVM--K;
z`S<h((w`nLJ3dL>oNAb<1Ki|ka+c<WR|{<;Q8;rJPgX2?Xcu3j81m&GB{v^*b$;fN
z6}$c(;HKWNU_y5x@j(p3d1Ds!U|rupPbeV(Z}`LEQ@^y|Gs1u2L*T*-CB&pQ$<LLO
zH8pqO;7W(vVEJX*y1egI<|Ezh70BIzC!H)lvZ@wbim?z{E%#kj--6|H*wzN)BBtKD
z6Mr+sbH8b41KYpss_8nXPqL_S#@6`8uPwXO$v1?;e&YY6>;kLdjs352Ww_ql)VLk9
zC34>EoSiDnvVDz3VS`wFjJ2Z=gxV~Tyuv@!YPSsKq3Sua{@o*DA)6-sQ0**v2A~9(
za6Kw;y^#9br0kvL>GkU&Iq6SW=-J`8l$q>}QkLKEKfvVYQWAY^$-1ATF7Dbq5B1Eu
zF0s4;o)plG=e&=WtIOrZx>Y0g9df$`ZspgV2`?R15YTdL=eI3B*Ewzso~~E{Z6Zg^
zV6>K+XRq;HrQJC4;c6v+|EwCdQ-bs&$Q7k6d&7hKt|$b+tHdXft-sW8D=D-`IQ&(j
zD%R5hX{^Z8xDt_%FC`|UFkaiD_O9@<1xW^7siRDo3^ULVJ3QL&--Xe2l!}Ho+2OU;
zjkWNM-#i6*vR|3a)5rwtNBL{d$ccN&KSFt4QvXI&_~evLrZJpV+JoJBI2X{O-h_5z
zD9xdNQafYZ++q1ntS}qOpVw3!dqah-B2M%2NHgpTU+WBqIr4rt-Qn^u$T_Gb?MF~|
z_pMDTBNNyJ6c5(Hh6RW?eg(+}vQXi(Xz(|Z58Xl`g$?r!_h5`_FPhunOJuj?Dh)xy
z>Lb*T<5ilI{RWOT%6T|wE&Wr4(7|GeZHA30*=@J!J90wy8gAL(<>pV)ibA|!cp{k^
zJTQ{GdqgrD6D18I+fpX}h-e;)P3YTi<(R%_U^Qq)#Y>iVsGsZYVm5HNY)bw;e~+R(
z?ADyN^Av3$+A5nI_FhOhvTWO_H_h1ai}&C>@tw87wjej%lCTD(Or4!u%rb#gm^3y=
zk<KA7pDuMS*Acdmtm}g-%<wuUnP3`?1!NG2+jc^kNn+9>JZ8A+=${t4m2G%5@hu>d
zO&1gm@BdtsQPbe;=cOZnlkBZn+g+APLPlu&A<=0{eV`SO_iYTEdyF`M$HmeJ1dKJr
zh5+}#wwspcIz{uG!VJXLBG2Z2_NoVsCm&-O^H1#8&&FfoZAwg5RVSS0Dj#17r|pg7
za9Cx&Q(o)GuO~EsPCfETU0wwX<i9<2D(ySsxS;?s09l?<SkqVbh&F$i9eXM7z^2|#
zT0)vWXwzhGn6CVJfws$PynMpO&GucvE-Ji<9yCILGP>FFs=aG!?$^7iAL2!|RXL(b
zw&bSesaZU7bCzhBWgkM#Vh=&i0|5C21KzcHJ?f}_tjQOtZuqi=jf*WyUvvmyJXVuX
zK;Ol;&7I+c0{#yD96jGwdBmT2D`bgr5%$l47!rVcjXM5Uzb&*^lO+PEzobOXQRl2a
z7*Fe?%s+FO@>2KM_-0rV+%T=w0}@fosP&Wq<N}2-NzP!CRx81he(k;vF4QCDDeXlY
z1nwe4CauGM9|3#cgyLHF!O`>dp|>8+Pm@a6pXI%X_1)-rR6ld++=l64WyRVI8qE4S
z-e@-bz1bnSrd+mmOxHu7f@5N-x$iy{P<Zz3@tdo2!SV3Hyfko2Y)ir#Z=Y)3q6-8z
z3b<!dQuG#~Y;Vnofp7cBajIN*pf{S5!D}r;Y!u>ml6G)SSCFy@3cGJAuv^r5%tj1k
zM98nlza)hoX~))}2qxqwOeCetpKsXZ0VfZ4r#+^$M~LtbMJOO#MD5~sqg264QD#?M
zQ5Z)yAnXrdD%kTPa8e+DfPKTC6-);AxTU{6LC#3TLormMFO-Wt(!sf<EHo+*5V#?k
z>6l46JRXjXPd^Nf2Fc3Z`9EA@E6tHY!hO<xK(a7E)RZ0Fv{CG02lbT};-cq?gs<7u
zeNWc1mq04G?Gc%jcC48LU;xPmKYpmXD(N{kl%V9D{IuK^0udPyP2a)Ju@H6JZkz3~
zsO`wzR_m-W(q+NZNXw)!sfs0w&CgZj<hALKj%je0!$xwXLAogwipFJfo|6)ZbyCu|
z#M7_o&O8r$c*Xc9RGo8oOg2zTKAY+7Tn_tJfC@Z$Se;Gqt&VWmFMJ!sbULl;9;&f1
z_=r*Wk}ijpZNvVg>(Pzn8H7A(R8zfA@0_!<V9nBfw(I`BYsZS*&Yrm~0!+>wWOFZ!
zo0J<yL-$NYMy=ZBLeq<~NaF|TacEaz$)`3sLn__dgw~cKc8ianXc6V#Kz10qlIBT)
zLqV|~11$8G8kTWn+fV)-xkeuNC84wP)*7=P%W!nrHVH<U66@RF4;#xr9L|=mm=bT@
zmh#(l%Z#XWSK}{iwom|`xoH92Alr#`RJmf@$rpThQO8kD6n(EYq<y1X^;X+SMUQ)H
zVhLWqF<tmc)rN*sJtrs|(G1ye|7Fcl_`G~D)XYCfEJz$gI$I4{`<#OJF<(g@*9TE!
zEDEaERx%xJF~xOmg2C+aUx>UPD>@Ztqe5(m#N*l1G01}NSZgi27jOhb$+}-F=#YNN
zHE7&1oXH>-scAs=;v=lwGFuJfvVc`JpF?EXLS2*Md?UFB@FuAS6mqJqwBXz-u59bI
z#<dGyNvO)FVSZQ9U}OedYL*3(QOwy4StM?!h8l8Y*5?~k=aS}>(Vi4)q*W7f?pg>s
z^o2Y4r^a*78@GfX)AV5uWUb@adj<ybZxfm?u^Q}#@g&8yHs{L6*{{|(=UY3yOBs1a
zgI!Gct^kXcC2Y}nZeMwhp75b0!PkszPfvvh?)b`Qxn@b&(;WPJD>BOklgr!e!}~O$
ztuQc!`F2o*stxmQ&ZYM&^11v3->7oa>zp=LW>j;EASxK&nX+<mByOL&(?}Ls>g1Se
zn@uNInW}fNvm%&uxDxgnEPd`l`(^*AL`@q2%8Q%#jtUG74LulXdX?69BR%({?&KJ|
z1Vp8K*ni@hm`w6_u;^K9dzymRU19LpHi9Nc#Q6gS-k*xNk_t>FLpw}8Zm?jj9D_Pc
zUQ=Z3RqhRdL+Xp{gV{YA`s6z*zJt12ss5G|XID<m-X1odT2^ss+^>&Qy-?zN0V<8#
zxT^qo+y+6cQtu-X--?|si!zKd>EZkAaqm@o^Sg<OjHL2ItIk}svR-`Jk4DQb=0v?X
zkm8w6inBA>-ru4qf2Flmw2|6D3E+*@sjI?E9r=F<5W!zI7F~5Tqm0%5IyAM$(kvSG
ziF2!=(dr++!O*;5sr)N~1wq$`?v1e@Q*Z8}#4VfUbjU()u6|tCzVrndLupB>B_KpS
zjkl}0=o}dmXO%=lEskIM^Ij+bCY{FwZqe20ZS59AkGvGA8vIsynnT1}Tf`fC6869?
z!23x?DA*Uk@JXYcA8ojhU~r!i>|07SghoM_Iq|*%sli|-B55fT&q>ia&kd8}TWthX
zT9@}?Xy0Vc4JiENP6~09EJ<@FzT;WW>lpO~LBX3(4E?n~^u4mglC^2@lX1`#iITvH
z2kZ!d&9S!!#?b}`;3}^aU{aw!RYY%w>}lW->(VM`j9t$Uz0upW6v7CeqhZcGORB$N
zTzh*uz8;@`wte3X@0k1MQ9xN8*104HB>+}|I|(#p*_2Z9m=>cFzh{H-VaM<GTa_do
zWayrJnqL)7qPeD6h{r|OeDN+6M@E@7>q++-V5QG3+b@Y$36ty;#ayH%-NQ%%uF-y8
zF$c6nPHHE{F&WB|I3@CzfEW0AeC&evK2ou8OqY@XzbC)fjEXPV#lf*Gwx*_44pDxJ
zo`McdF~6P>3ty3H0Scctq&0$Xv5SYyfgGICT?DETHC7i<p?dJd_#^^u=yYUqSE_S=
zuHI3NS}R-n&N~9c0gSYoUoxC=bSdv!mKOHyU)cQEYC9zoN}5D!6GpyYf@MNn`EevB
zPQcrifkptW4iZ@k7JUym^|9brlEe*@OD`rzNm?*!XnO6PAhOPrBZI4gN`HRGO8Z(W
z-X-Ss`X76Dc)Ai?`5$3_N=b=Y2fUV18l?O|u3fx;;bDr2W^`v(2_2XQrjJ$_IXdVm
zDC1(Yf~inoYM#$VbF{nLj4h%j5QmVk!ZKYY{rqHn5sW<KVd~Muc>j*OEzlS$w!TPC
zHg5lXV?j7O>Qx{`3d;N!;&rYWF(1CjF=N#j%h*n7VaLSl;-f4<TXr8WY-|Pl+7siP
z+;0RKL+gTLo&p14Vn8i|F%0!jqq`xyVcLS<8GPYL2neG@E~|pB_)f7pqNAMahm~yM
zYat{A1FL#TIWwQJ(6^4isKOnm673XM-t^rbJh1Q=^$?z&n!jl@hSq_lr7-Hih9GVP
zIw^8LLFW94)$hz!iY-s?2R`8a&1x%APk_hZ^)B({wDkKV9^&sA_7ygIsap!T-%d)K
zsupTBJ2KycWK_XlW8pR#Y5fkU9~`S?I9Ko$qGvC<Q)E>ZY51c_)6!rhu5x#%2Ng7{
z!fchZ_I(uFyW7W#WRK!^j~g8x@ze9uR<4aLP~zVk0Uu9pa~*ES3-Z!>r`sYlf%VDr
zhA&MfM;|4PxQQe>*ukrT)M^-sDOi!7{u^9euD!|SwZJeDU@4Yzg`)R`f}%?{<+!kA
zSP4;Zz4{K2GHKeF66r(ce8VWCC1kVk1*Jw7-55Hgh+c147bPp!!i8|;L<IfaKiY67
z>pf1Olb>p9j!YKnSDF3$p2;LZ#o_J?NvEPB2U+%|2`{mOOWwF~<i0+9>C<9k@<m=E
zg=-sD63rJ*n)_>D>f#6*7sATWVeg)Ms;$V9Wyx`TVbX_g<O^>Zkc;f${YdRlC$}wM
z5n(y_sIp}AZv=_60lcpu%zp31=3XDS5@>t)rJatLn`>`KLqVsE#CLRe8WR0@TKRd}
zLx&;7+!3O+PJ$qJTY-&$PqA|}^-fUL3*i;Js@WWl?Ldky2t8E!3|OuDHllfUC|@Mp
zt5?5GS0R}2>jyT5dc(8J4#B{sLF~Ka3k@c7Xzp#}^Nd^P;AV2_QgEw0^c$day5tQ?
z;JDc`FpJ{Hj~C;R0zGZAlUcKrKVze|Zh7(<a7B|7?s<L+jZ%;M2@>2*_aCME33EzZ
zWYj~OEQJZp)bjO)!M7SILqK7RQlLO~C9~*K+NZ8RH0S+Q!*CV&l%jeIg_~hw;ui+h
z?5@OA@ZlQ~egTpBI!jVuTR%fYgLg|qP%y6!isbj0zm@I78}35!PhvlHHh*U(UYTBb
z#(g~@({tG0M2)xLg)a4$ABNltW;h)HCT`McLQ4phil5nc(tKaDHZ%nrY_m?M*Hl|h
zBo5&p6RzaUNcePTgs&*f28CFj(|WEWEI;AcD!=A=TE4sYs!>;-2l8gd+7APt*}^s8
z$#3~9PdAknMk&33uL^lpwtU6x6}Wiqa9G&Iz7|#K+rECCF9K~KEQFFc-)uPb3@1Jk
zTiM(IKTl!X$!?*YR=BlZ_M)4utUj+DJ%!jQC^km@E(Y_KkH~#BK{2A9?q~nJ=bo2h
z+zU4Qi&V%DpCk74&xH=pomeP=IJ4T*(C^NAD|UYjCuL`|W3!XFfcOv_E*beG-(I%x
zk<j$d==Z&J1Fq9$nn353M#}cK&BF7pZZRp9K052S3(}HLA%L91LJ$68iWqN<EkG<V
zL+HGmg!E_i+0$jVHXg<VQ(t;M-LO7Efv+WhQWsIlr!z{6-)$`$HY%8RTA08KuYYpM
zVHLfcNh%eKa9mO72C~2a4rGy--@t%sEKR6XPAb@?jkO+VfJ+l8{_VQf?sUE@F2M`P
z$@k6mkLF!6JH5A`XrUH;-|=tP3?H2LWGb<OZX(Xmi6sN1C>L5zbFGO{ktURFbl*`{
zV^ag65Rj2t53c*Jl0;Wlh`H({KmXaA%v(4xl|`)x(CT;~LF*%5XO-)pq}akgnV5-)
zxU<wTsMz`BJNITZ{h;if2}&+<F=)i2FQ!>uY<<!=a@KtcJ-_}C$f|Z;vuy~c6R{z~
z454L_avC_MlpsjRZ=GS`A<bMF5LqQufqqeCP~Kaf?wgfy)~p2+b$X#-zIahZ^aeym
z69he=T3NewVHTj%@M38#eTt-fc|fAcUXjRA@&4RK0Er8yBr+vSR;Ub%1RHabsZf_s
zc_pM2DXDHmYApHFI5da{`|ex+I@+OrUvhXf*^O&XmrSt}23>29b=qR~=esEw_+Wcq
z=?3exSD>AB=6DDz#G*wiA-Htc)h$>n36VJSiLc{#6$j9N;w1f!^l)M*lnWMn+mb0q
zC@?~rI=sK53(x3WZhuXqudWHFc!&Ze!;@zH|5jFr?$}4<yq^*%J+)+*$1oo)8!QiD
zY;-$j0Xk#!vcrtz;NDyaPxFirsuE=-P~(^6%nEHKPW;R{Fw|bN5&TsLUIkdARN{br
zXH42v!XX3B4yRc32WE9r6e=l}dA;its?g*hLv=KHEzHfLtNLiyBUi5de0GoKM_DBi
zj!X`Wqa5^j+F*{n7bjxE8nC?Or;{&DqIPzvVPQW1&EOAJ)6m10W{i#S0}BYV^1?(4
zddtW9W!NM?0Znf?6>R=q8G0)YB)%sZr%YOjr5@{~Oft?_wk-vlsk$hZQH$JxqU;q{
zGJ~Osg3tG1I#&#8K+c$k3>|1VynHedv^!d_wrLZ9_ORAAGv5};rozmt8`ZC1>E#$H
z{%Kqrq6BRxf$HDN>sVHiMu&h-c~j!-yC^1~*9+M||L!JNaB7l&(ZxkdNWH%Tzh(x{
zx}fT-y{Kv@c?(ypQCV*n0YV{qGr@<ozZ|LA7+!v0`s`x?f;}G1?odwv-d+DZ&Dd4A
z`B*+!KqJ2P>!4+@!{SOVBPaL5eES6uaRmeJItd<dFFJLeJ39FwICS^y*5A1V9J~x?
zZPunFlWfybwxO18AWf#wnCbm)OuU7*VWcxbmeQO?jcc7Wqyti{Y4}o3=T>0``eBcQ
z^EeiW;<>}%+xDsoJW+X%G8MK2rd7J-=Vpg3y~(h`z=^Ra5T92#&Z07lP%+#4qneVr
zHCIq33y>ja>*HftH+|gQ{W~!^@nw(n&dFaq{2Y{e^mGN0jWOhrFEp*nOycd^qa+j3
z%dn`^nVFt|6RT{Y($h}sv;3*OmKJYIO$)q^2YIN%UA5gh(=GUMmrC)Ns{iEc{UF;f
z5qlf<JxS>A(?^d#xVQm?t3U0T1;;~ip^)|6Ahsy*``)v4=gn08ww@~f%_g@uvdD*t
ziF{C?AM#hfTElhzJmMK17B%$=FeQa~R@;8}0TErlN^l*g*ke$=mf9+}Zv;xPq~;@Q
z-f|)<(Rcy0KS)vu-)_Xx(v(0r!oxy-{OWyIwjDZ{U#L)lxF7fYK4jnH5s`cv7n>Nb
znxrJYM01vs;(gYl*CpBFuZ94+%_fsydfw04j(fIBx#p1Ij=#t}{Ggu66V}DdeNWeZ
zqNAvRpj&iZZF_Tgl4Rb~UN3M^&RBg3_a3~gAEwP1e>}}q&)=^1N-@K5a}r&gnehbQ
z#T5RI3{MFklaPbU>4Jo+$12xLSL{~cE2V!Z?ZcwqLO7OX)Ng`AyrjIGNB1_##S;~;
zhgUzbF}iW6>?(tQ7*Iu2tHkrAaGz5Ei@qoi5E3rFtte%t&*RIcz#Si3v#1e%o7-0L
z_~yjjn=UqrBV9Sw_J=52e<)xL@XEzDfIJQ}L=$#?LEq=>_;g3x;AcE|Bzp7NL-6X=
zH1kk(S}Cky*i+Q<a$HRvcE1}+lg#aBR}|!eK04?2Zrfi>?j{91ayv?KB|!QZt5AZ>
zwKYd)wr~^m8M(@HX|AxL*|2#*fN3~iQ+G8Y`NsiY)JL!BQvsmUU(e~e!_5-gVKL0t
zIjop_q0Cm@1g^gkV(QY)_!tLdjk_?12`<j{1i#;g?FM~1Uljf6)CVNA&`sdXdf&2G
zZq6go(*A<gVIK3?iLe@rgs@_$)xRM%&BsJ=qKfp;JY)t&f}@(Gr%w7)v@#WA-dfB=
z9(X38`i*S6**P#KHt-8neF-9$t-u?VNU5!uayX_9_EArg33X{{O&#;km`+#l`vOwU
pQA{gv%bJFy8g~mV9R9t=9Kkp;Kdmoe|Hl!nqNu6RAZHc*{{Z0%Q^5cL

literal 0
HcmV?d00001

diff --git a/docs/admin/b2d_volume_images/add_new_controller.png b/docs/admin/b2d_volume_images/add_new_controller.png
new file mode 100644
index 0000000000000000000000000000000000000000..791a3105853208a1765124c8b6068993fc1c229b
GIT binary patch
literal 36100
zcmYg%1ymeO&@Cho2<`!b1b24{5G2?lfdqGVciRMax5eGv-QC^Y-EEQG$M^s5ocHFO
znK|9lGj*rBZdKQGPl%$tBq|ai5)2Fss<f225)8}-!28aE`0>4_dc_I;z3`?8_$_gM
zetvXxw7R-FK0ZD(GxG+4%+1X~|JxweFfa`b4NFT)+uPgw`}_U<{Zms@Jv}{VXJ@;+
zyJKTxeSLk0hlgEVUDMOkLqkKgwY5-YtA&MymX?-|j*iL6$#+@#`31MPw=XX*>+9>O
zsVQ%-uZ@k3Cnv}C_4Qd<S!-)+H8nLA6&0JCn}dUcrKM%*>FFaQBme&Wi-?F=Sy^dr
zZVm_tXlrW&gTarFk8yEv(b3U9K0b+wiNPTu=H})(Il0Nn$;HJb*Votg_xEfTkDi{M
zg@r}N#>O;8k4j2P5-v|SZ%_wEN1ec@q@-k-VyKGmle@bs6mkZJLO*=?(A3x@0s}+q
zF>YgHBVhkjvGgqO^E7b-fjmxq((I5<yYE_miXOXDs)1(Ay<w@G=1e>og+6KiyXd`y
z!0@JMYiVIhrF@pJ{2p;94+FDt2Z4cCWc55@{s7}J^sYuQ42+0S#Prm`lYck3{@_hi
zRP_9)J==v}1qOyadGF{M8ql$;-S-Nu9JEfZr8MtQke7$~V7Ya60g?2E>PEs_4a2~&
z$o+OOg@J9~xrB1tpI@v)6YF(gVPkaI6DwOhm!Jw(!Ite%5*V1NB+1?GAgEiG{cnc*
z`Q-M-3^QO<Wm`{((1-M2FoFS{(51cFF!etvi=do=hI9v50q2;G4P}N8d^|kLzC{{(
zWe!X*dX-Sqf_3Q0P508?;Yy2F!EnlV*!<oNI41Sj9VoPa!PiCsmdNjKYH9n}{9=1D
zr-%-WL2hY!az{rk3L+w#R?O05r+wS${z$%hT%Vm7Tu&&kpndjWK}yBUseHwGYV!o>
zpZ?`oG_9h`S4WtvcpoMfmY0LJxg0$_O_<}oaVqP~?jmoP4`lhqA0F18KYZiS5N5U&
z5=!2ZpR4j8?<&=7!EY;%YV{`XxC=9Oep>DYXNNqJQ;>3h;Bx!>*y9=9(DSmW3G_{W
zPJ)N=hJopxXpth6X}s@f&3S|>;}rE}23EPvS2Umc+JwNsg!D*@|M=|&d-iA3@~b2X
zY5i1?3%9DAtz$f=_LqdS{_E(vI+`XT$&f7vqPu(+_m&rgi!6UpS}SLTo_jF~R&B!>
z3?e^F-WJ?!De8c}M5*Wy2a7681K(63slL6*rpd9hL6tP3_@8<?2dDR5K%mej0ctCG
zE?T?&H?)<`ayZ?IPMtRUr>*i*;T=9AgrvcXS5D<Nw#=Z^pfPW68}J5*A&S{5O#{6{
zLkC3$>~*~sKJ3*33(wNT?(+RebW*+y!CGAF@?+m+I-lp+$?|^4=_kjFQ@!2E%TD3m
z9^Pc)R{x)V&eTQgZ8(hC98K(*uD-sNT`(iflQKUiCvxu(fWFLyY|5K_kJmK7W`E`}
zA0kIRJ=VD!lfMxmsje_dXmIiOTQ|kLPc{R3`f;>B_P6$yR&UliuYoio(*wtznc5&p
zUA88#vyFg@iH)VBhK|*%N=;RuFMV^#PK4@Zn)X1KwQL|h0uS*cGhF^%_*tafXAOHi
zVKe}114$Z3Fy2%;8qhEOHmozPGr;?1N>9J$vPvMQ)lES6^VVO4@dv5%ZLEnm`3tkP
ze<<>vx3gJJ7``!)l?YsQq`ZF(A>%nyES+o_OoF*>x5$q1UtT8#fV_<aa67J-beJaW
zAXaQb`%ifICjV}<S3Z>wiwA~UW6&n%%<hXFczO8C!g8=YWx7HXhtSc3{etvX@FpkS
z2uOi&jSN}Ql<>#rC*WudsNM7@zqX%bThG}pg*y{WHYr}+!bq>%*?v30H>lOa+tp?r
z<u@3t%r%MqWgVql<~*6TC=@S5@O5l|O~00-CsY$QDcZ=ubZ(KN`Z$Xd!GD8GaMR<r
zK$e=NNvakNi<FTJ3O?q66$qVH`_)%%C6GN+WZs}%;Kcc)dle)pu~8cV$GJ7pYr&<e
z(ySt=qRFc%`stQcuklc;;m0z0!JGcA=PHA6T<3MkT5r_Gp$qh7GV=>5y=s<Ve%kQ@
z4QkSXXm;!39qDC|?4at1MAkN1s_w%Vh;XOJ)aqK9`IqJ<_09JiO}A~eHrK4QR}bGV
zH^H4$Iua4?X{?}?z=ZWsdtXAy7C}b&UVe*2w1+~>ShOVFf%L*#U}r&FxzBmK%#3}E
zNohwAY5QbXCvKw&$$iPjL(SUYe@`OCv@Q83ttKb8&1hb{7UwaOKb(LUw>QXc<>Lst
zn|-=o_~rA{s9?9@Q?kkz&HL}KM{j(uyHn57ke`)t;~m%~&=0QAhfd%jw179UAa5=E
z-e{!D0xVwXWN(t^^lzOc=x0y^=Mkk5I2vrM#Xvob<+FM!&91pQ9VQ(cf9A?+BRk&|
zUnkTZ#f)iFPFEU7&y3yihl`0pT1o5|)Cedh09lP&#Q8Aaf00XhZ1o7!oYXmeN;nUv
zq*++jqDD{cn)-dqJfGwt_C^>M1(-YW7BvPY#m1hX`Bob~BM+te@`!>{9RTCEF1{7G
zq!)zG-5DNtvCUg-bFaxz`WC@|Z_(*lWrJixLtH<<skVGkf6~MyTUk!?=Z~~Z<yy&U
zli%2(PQJ5s>m$>Je9dc%)2pWUTKr472bKBwRtb}^REfeBMI&_rc%?jg9>9_5$$7g%
zE|nsU+ESi6JfpHUVGqr9fMD-5p?aPjsKxRQ$car<aep@p9Af?U5!+GP+ZyiyJxO;E
znfz9wau!fR01YZy2`};av=SyjFg0W{m###O51A_Ac}7;ZZP_%xTU8gnGu8^@nedG8
zc|4yN+F)*{iiruj1^0q+FMUogRDiILXI_YPXDXEzVAWfx&OeQ>J1?{;<+~&4kEs9j
z7wvhzmRRxn2$YP-oI0|EueQu+xVu;XIedM`IoMC<X9Wp2<B~d;`b?{gF&^^yXKLL?
zKEEMGS)zFxx20FNR;lGK<DN>YYiy-d-Wl|qSXQ1BW;{=j2v(!2Cvt&+YIu(A_qG^v
zsV_;z^!bkbHJD7=;TI*gD@p`XdyGITb^|NkZ6~UdVWb(_Ur1%mO}SljVbr<w8$XqN
z&+?b*vVv2IVs3@0<m0ppxjs&**xUDL3}lH6vogh+i$u${qWMpihf@#Of!B>sT(4{t
z36V+Ys`qx_t;6#fmsoZjj)M-^v+-Go+QJ+j%2i6lWeHWw6loDX_4DZQe<)Xb6_@Vu
zSTnhU!i}s~4%NtnbQ6l0nNIuf*a_Nzch@HLi~6})uda7?=oF5S!v5q2I6kHC3%v=<
z3~B#FCcaJUW10}(H7j)`(px9$-<~$rKdgB8+bVe)b1^R#8&|i*_F9@8EcLZn0VXC`
zQj)}|Gz9AK|76SB+E#9p2lkuEtw$xIm#37RFn3z)z}I<#qE|;ZpLRzO9H)J~5CJs>
zs;v(<9(DeYhTuJ;-?NRm%L%GJP}oOd`a@xAp^@XX4a{Ri#+KTwD^?rt#B&vnUb;+v
zmLJ49)O}T8XRVCB$qONs{T7Gk3U^rv*(x&Y@~wE=h7%7DVn|A5A;T1Lo8+DoTgw4U
z%cNE(e^*o`j@pG`w=sKj`zu}>cm7xVxrzKT5pkrgq)N#@o#4gJ@xMK`@+s3z&|iGe
zsJ>r|7T=`D8qyP}S`9*vDg0ujIF`i1+!q`VRnSv)P5iG4yvo0CZ%cD2fyxd`eQ|e(
ztQxZFusUei%_al05%Y)0m9C7q$BY8v;ce|sL}4dzQoiFOHGhAVDYB=E#?qlxcKMd`
z?NlLT>hUg~)@%B5uTD4G?SF*l?!evIz~YyoTa^~)afKj$&q!qJa5P`;lR=Xq8<Ag(
z1{XV`P3$E{M`d@BakhSX%7;+B%GiJCrEdoMh!e(<Ld|QmB;jz+2-9zc$>c>ScAv=l
zNN5MdC~q<Fb}W)>dPrU{QY8j*OnNIrfG>NbCIxdv7f^q<#eCNS0v@QEl6wdxb;+Rm
zKYVLEMNq+<7>CR^6#o6G&v%wPkG1N$k!O%iT&N)srJ54K06&Fhs!tLT1zS7&PIHQ8
z>1ESIb_NcGnA=@ifLS2+tyRb}cI!)-=^teI{y2HNP`h8H+D95lO!Dm-sg~wtj5o}$
zLC|H$J{(%#Mo7==6WkFRN*E(vx#NfYn!Bms9n~-#@HgGc2{mWI*VZejO(7<X_=lrZ
zs=Ih`ID&Q}&nhIg?})|#k!wW!19!v^6iwkLs`QBHQ07-h0cG>FS7a;JCI?7_0*GCW
zOi@Q!zYq7f#*}@yofDE+5DJxCGzJf^zR+vx)#Q0ZcKEl~yl6Cv(P7cyCW7fVV^qzB
z-{{BDbFh<Br*xDNB67@<<fTtnmpwpRpviz1;FAf;=V@Pmd*O@o;YL6otoh<lO`C8d
zLD$3(UJB>>pN{WvRIh1Jk8_UO6z>Pz*?+jqi$V8KZAxLkH=jBmAy5!s>mqlBb3~~o
z>8C<XrAaqg_UeGx^(L3|5s+7(xl0N<RUh@x9GoFecucw5S1a>y)=$e50mij7aD4|_
z^W)?Hh!KxOT$mYUXb-A-o9PM;b2?6e)1BLbm$iulGiu6CE2+0*W)TCo9jA>8tt8`8
z{twWvq$cEe$bXR$^*NzV#w~FbePSr!UUv`ejaz2vVlk@2Vwo+$U8i0$k85?zG~GA~
zzinXi&ebj}3JMj{FVcw|pck=-xD@<RS8ys+C+b4%NMq5<6w)Y=NQYr?KkxN>+kGOp
z7pPm>j+Xv4IVCi3!c`cmTPdviRRq1m^bIHsExDxsNH>q}IpEV+7<Vy1zQsS2YlQao
zsSYn~+(o4xFG7IUI}W2Dv6fk(`c~wcNkuX##QZlW0iyp0nQXUjS7fRgs1przt-n3b
z(cyONadDHbjONBGiO+rvHm|&Nfe&6k??`?{NJCogKYSHfJg&%~We4Rrx{1a>JE(V4
zQ(Lao?Z4%nZZd7QLNHpdw>;;euDALH0x6>y4J+Qt-@9vDSm#rXaD;Y=iYVmz@-<vc
zn`>1p#C*Clp?)8Ii8^$?uwV;_S>EIZy7m4ls^QYqR?|+m-Lt6Is9@`SPe7{_-DZ<;
zc={8zrwG}2I#sm)Z5+_oKVIJ=^^DwZF-E3Nf?dn7M>x++V|{wawU|E7u|u_-8(NfJ
zUTAo1A=$iNW=<Dz-_hk=A9X)gKri<<uh)Np|MF=yDCJ2s`l1&+qke8L7zQX??d&Vm
zpWK+3o-e=oaLHkY0LU_>SiZLjpx7W@laFVzevEPZhGn*q=}<dApPReBva!&g5vDm<
zzfNJ+f5G+f8gUKhpB;djdhJ!i1zDqHjsg6L$xMGZ@avkm*+!_+=^dv3b_R0s38!3+
zlICHiX32ZPJlF9u_IRar?IE(*DceyBsi1j1RUAsa`~}_Y54w1=xgydERu31UknlK|
zq53^s>Df8ZguxvU9|$z(QN9WX{niVfRz&WM0}^Au5ct9c2@^$%hX)JqDEuUswrXAu
z$o13MHL23jp*8he_Bh|#D$<Jzcni!_3c89;)!iN6H_rdTlRk?R3TqK=(~$uT;@6Jd
zmf0~!ijvDX01h3hs<^r!)i091kYuo+!Q&JQyhFTn_0-6`qOl!|=GiQT9Qp|8ez55R
z#6u!WHa|@P?zJ@1K<*0-x;JtWDMMn2VjrynvLQV}@t}t0UO<rGw27!oFpRm_n&wmb
ztL(7=c?en1=B8<iPd;V1!BTChWPRiJW$->YpQ)+X6y1iuVKCRnAN0vrZkBb-t}|8l
z6tlgIl!wqRPInxd)&ihKe}^r6I>#Ju&YLYe!iAA?kUjzRTYoBUXmqSo9%A6RAHY3;
z4ipN_)hq|hD~}&a#%*{-J&ScFOx|~HxAq{famB)_Eq@E$n~_Kf$qvT`>c&ylI2(|d
zc<fuTVxx_A%MnGM`^4er!9RU+c!~tA{l5S8<!kK8)u4e%&tEaD8iLQ*CM(u=@yMgB
zv!c#;kfO^T0O&`poS&hMk4|cFl{ce}3|8NAag2F0xUn!(sQ+Rnhd!=5hl4k(HZAcL
z9XxO{ZSP|XG0U*oX_sEC7x0mNV-Pm};u0xeU;ARnyVd<zCXC)0F*(K1!63q??=?yg
z0%ES1WSn5+7idT=Qu3{47axGXl2@)CmhRBViu#Q$=yi{zqmkHaPqG~Q)7%JI7dYf+
zt+6LbY_hYIoD1IdI~M03TL*|doOwY^>Z`Q>f=1MrDAdL;Nmt|8uovZMW8}MB-tl*E
zD;ugeAKUtL!wtpov|N}z5d&ES*R{3c*+IdEI4*C~2kMTHyBU)U$rm?>S@Zrz-pM8^
zsT|WKo#(gXcfJW%I#0S*3Xk`77K_vHeluCob_y|x#i&Q%3}^bf+z(*F`Z6uc88=*w
zv^i}5Btp+o-bmY2A$&sZM>{@=;xFOtJ(E*ydTQ%;JGxVl?@(1}$}O<E^u0kDF?Yu5
znVQ|kXBHqJC1kUA(=c;N`7v#~8B7cu{9azhz#&bLKBH)K0tQx{T)hVZaJqM!mtCD4
zPeAA!W+7z8?e@=`<x|ccndj2gmgiz-PzCtnJ_uy9D}@cW!+S;9WkT=fnA<OTI^zW%
zo>TL+8L-1&HgG(KNnHg*=Ej34|CnN6n{D?3PB}Qj45+uIDNHo{L0uAzyTm>g%t#da
zVqs!)6DykY`^HV?t=03`V=AM|`GjMfKN=-+XUH#}zw-!_j)`hUq!TZhw>q>*{y8&)
zBWw9~-9_LtxM}a|czUW-z-b_5r}DFs@UbAtcR4^*XRWSqoih#27jWZ~5cO{|@r#PU
z$>yzL0m8e3qi?Y6@O-m<A=$13%(ARY2b*ZPzU$gY?3)-XhR#_S0@m%k^;%e#YNd{1
zC2h**#3^ZyAfk>Af*C+$kbRE;c@vgo!$H*DgM{I92R;*SL=ONQwhwlHBFh}LO&CSi
z+%IoS4si(^32eW7mJ)!zXbH8#Fm(f_yu2A?y^}7v2t<qoodP$HU5Uo(sv%b#9+^Aj
zBQalR@=!Y)Q*~Cl9}7OMIawWhVz1}vSqXv_Nrd_MOaCf)UbUZALgu(O+aZnK3j6Wd
zd0b=$1uW|(N`FE*wHXlSt)(CZEy1)L?Hc|%?M*=F&ujNm(2RW_d6lzS=w-6`x^;nb
z3SGoEwDs+%@PSVVhD%L@1}+OH>T14(&Esp2rEax~4Uy-bj!h`l{rYzf0>Y}3s)yML
z{2k4`auG@2=VH0=67BnU?U{QBI$m6ffEN}V5e{?|T6hOHD6!z6!iq#f`15=}xu)VO
z_bDf3M)#Hpdt0GX78Cv>#^hnYOKo5~Wc_CS6rH1(@kf8a(Nd&|#im&SD?<Mg##d|Y
z$Q5tX7VTH?q3bh>NsXQa7e95(LeF6wE@WA8lF!^Nholk<S915NlO#P$G7p5G2Vzca
z#2eXXVn_lu!vU?V)dv@(F8jWHKycEtIxBVY>7dbN#<{X9`+^jZu)jYr%1C7ro6^s9
zfzsJ~sVx|F9ua{|tDN$qL|;b<7wI-iUi;o#xuz}&jhjb-aZoOMaQE{cV6j<W>g0@P
zY6v>)e?y7;XV+2JN+`vqGO8>V*+1SXKvKt;byHqRd^}wD;BLvL)Ee0~qwcz(prDpN
zTIQzr<0#8zifIt5GNHP~8Rj>T!-%Sa%5#v0RYowV2aBM4bQ@~ywe<|+?_yw}r`I#F
z!cx0$!M#*_|6rV}qN&4Nxu;Mz`t}hU>#w(B%C+YCs~4Z{hQH1+i|l<5dp(mYb%>vu
zD37ksWeYHymc!ehoh+k2vIuOCUTyK1A;c^E{KylT^zf)q_6)nudA&2>rZF!}x4q%@
z5I=cA<do=T^ZjY#e(}G7NjoIUOJOfs91Yt4gI|tXnpVfdZ2>@vJJ=I^D|;vvD*4Ke
zhxtO?kHrC>-P?Pp%sM;y9BzWd@FE#2_!q}~dvrV+5~C7EgKlo%KNL;`nIG%A&xVy;
zJhyuDW))bS#b&JBqh|o0?^{qIa766v5LNWr&V)nr({0by1zuwm%@q@RRp)ZlNGY>F
zVYmlQ7CO*ye1D3g$EF^jH^(9&WK=49nxC56WXbR_hb}X()pfdCy*-}Cd={I}q_{h%
zh2V|VE&pPyN7$@|c)Ydlw=P0ME<Z!Cq<`)l`L9b*O7-w3hx|D~{w632w`&)w5}xt<
zXTAI-;8N#Rl%swPw3GIEkYp;(?r8+@wHuFI!K}cH9gPTS>q@_%`PA{FqnO#@!Kc78
ztL|s^U|WIZ_7xq4{F?SUqx3F-;m5^84@`C^Z#^`d5iRROO;pQ642`k*(|ehGgVWXV
z7A}&X*J^lUGr+(~+q|%G?R8OXpqB^-6$PxY3|3M}){%$|!j1jy<Cn0g&P=9EkK?^O
zgL$6qf|+!_*~*hpULs&b<+y*_o8QA1?*E@j(7wmXJl%=6omNU+NHEzp>+Huyr-U7R
zsx16?D|>f8GD-@JifMq%Wd;L>dAgdRHzZHj9)%LAH9*)|8dUs;Gfq(F1!ntgd3#fO
z{N5n-l=vk5>q+~DrE!v@aF1*gsWm)s#C9_2oG9a4X5_sNDapyX#L|@3rJe1Gyg;Xs
zrleDp_V5oEp+b0$VT&UVn#rqU??;yS9T7z6IQa<9FZ2k?q(K(27Kd>1!BKj>g>!ws
zY-?+C{rb4+3r)T)Kx|%^`Fg`^fz%`x?aBfZ`d6v&{~9FKyFs$f0>Ke^7~#R2mppGr
zNHjHHSbXjRWXqIrjQV|@DWo{3o_1r0+Yra@0H^DdIi_;@fxkeha1>L~Z1_yC3zg<S
zjw%Z`=Z&1ngT)JaJMAkQU7I>PbyKn-8$P8Tb+&J&lddil0;%<<viqS_qmDo=-@pVr
zz`EHX@V0ja_EMZX4UTKvNE1XWWxpU1ZR2Cg@f~>mbiKRdwgg~Tr$;9wREIGdrKhA`
zF!^$z*#^g<Zkh0govg>2eG+BYdpU0Uc71LCRr>Rr(X-(H;~8t5k!&Vnf~LASzh8#n
zMOpD@Ex6?Gm=;4v{(;wBSJG^=WDR)4CFkNyQUA>7xB@>JAw%zm3Fj=p6$?q6tfF+%
zalrizGpHF5N=w8Zx?7ce3^G0hri`mRp54S+kL%^j=o;HOTRAy7g?j=|Tm&}p>(E?W
zd0cpI8iv@EJ2>&;kiLe)EsfjWLyAu?wK4$4?78}WT!$@LY|EG~6Pr?M%kvb~vAg+R
zZ`Pk}VpAJOMC{hC-YLdzh|ZCqNB#eKLhMZ-C6y{fBArL?qdY~O+xDb_jc&93ZpgE4
zu(yymd<xnN>8MeEIEr66Y6nL?^2&N$N##{k{bYmRB++=$d7l4Z+TQ@C5T7fJC(gJ9
z-Qw9x3lP5OXU^2uRSLt%f$P|riM>t1A(c^0@IWfpSECf^!7kaiB}tpc+qVMe=+SM=
zMb6n2rDI(~^Q}CaqFnuqZH0Q2Mf>(OP^g%nz6v|+2SvsN&a4x#rltTw8xz;1?0vf5
zfX2Sj`6>YC9}$7thL=h@X=bD^D2K%B^7-`sGVxLem^{pR4?iG^WsuUJ`lUb!IF*aj
z_H@-v1AJ~|3B49!!^Y*m#YWsq-ty|*)5a3>1DTkZH2AHaawtZBZSNx>mvLw|{QHg1
zYY@OZ4cHwL$7jd^M+xPJ6xmzlpG=3`tCZEvSCy^pa99@%S95Fo>>X&noT%ir-$i-S
z{W7s4w?4{_IXWoaZb2aY4wbOyELoJlp(s(4S4e|y5|$#=y?0LTxK{D+XBQ)>tb&`r
z$M3cVTnGHWH-MUNLRr<*0@R$6q<jNM`?vCozu4e@1TxG2r23cTFP>tN#f$&>c(rcC
zfZ9Vk^0a1LF<F01>IwI+$xn-SdlTrqj7yrM={WcT1b0~sa)T8vqN2h=^k_Ti{-AH=
z-z=QWv`Nr}xX3nMM2Hcr$ZvQ(_l>)b<+a71WCr(t%JrM}r;`xHKt4WjY+}~Wn*3D&
z2zNJ&rJhy%8o+-4s#{skc$qmR^W0Gfs_h_@Hh%7<4x#}C^61W!avT)a$#K-M<jnn-
zfxLG}%B2Q0=Q309ONCYvMX*7EERXl1-3ImU`zX;Yc?MZW>f`6~SE}w91D0+82I?O7
ztlMwVxZoTpn1BBZ3*<O#;u-&x!VlXhXE+n`+nq8l#_;D@T_O|94_k+E8ip|^E-o}S
zUz2B#m2nn6laY`lj~6u#IM{)HJ?)7rfj4n5{w7GNc)Ey^3RNYj9xs|M)0_*s2!2%A
zUfR#E<oM`U&3d|oN~&sB5V_KyKK!1P0_!2`x7w%BKGnWyqb4;*rej6&UuVZ<1{N6W
zR7=GCdKw?d!<X}KASm<46F3quvBy5rU8nKF-~asfI4df0b`?xioaQxy+`SE713poM
z{Odp+n=2q)cf)#>`;%aCV`@ykklwvFbDmAMIJaXRV0?Vt+<e|^=*fX&vJI|eAOekn
zIhG>H+ptThtsSJYT=c%&*$cq3Y{{KzuN$R6`TMPPk7i7lCyr+`7gEs4(6RWe@N#iO
zd`mz{jh%_h;_!J*23MJ_B~ah(^KW8SasD~BxEX$)LpB5o<*^@}`QU1Ob%(S5$@<VF
z<+wPf9y`Wv#<|vEpa=37nro$?-^E_hn%L@L)+Q~CUpT_!CTzYt-=>=EcuR{|^jfLW
z*25ihydJ3`wG<*~zTRb|<qteNUGjfvuR2RM(f~&5?wYqLRxLW*d-OB6KMiWU!RVwA
z9nIcf#zrYsUR-)0n%wMp&I?ZyZ(6<;de64Opu~(M=%;-leRyzHEaBz*2Oul8r!S2~
z<uT-`1FhwNs11n{^YjfpkcBZLaCH?Iv3{$i;|3vo%01>B_?nnU4ZToxiuK5T+kQGb
zbmDpZI0l!GPqA9wYSWQyPLWi5oNtzLYx+6g1?y+}c46+xMqhUzxPezN$g7W#K3%`1
zM9}b|b7PDd$01)}GjZ#6P}Tc!;cR9R6jH_fGsz3?Rq<vH9aKc~{uw~~rhNgp^2iy3
zHY#EC!-&1^3EZVdvn>!uz}@Su?=;RBBF`aFTIX1^s!o$X_w8k{h%(L4`tXbJBfMuF
z^Sakl*W)s&FoeU0m<{7A*7!Sere^FbpKo#}D#bp5S`6QxM-eN@mEd~;%s%F>hPgG}
zFG|4Q<GN<gRQsI#*Vwc(eg|ruZCfvh!mfh`V@Xy1bor)V&J<KA#-BTwxm+Beqh;W{
zCVO#xFZn5)JX(Cke|SAp;bsix1MmcbvGvu6$;<Fg0pYgM);nK~F0HxwM8AC{rKA~t
zd}-k)a33(3(UGz(Dcvl6JXD?cm?a?Zg!*)}t=Q;XmtQ{bu0IS0N1cLS?e-VXT_)}p
zeDlpAH|&Dr!jRX@N#HBEvvrB<mBcwqtHM6pHkDLJkm>Pu#>uCePb22e@?0ZH_~G=1
zJ8o|`%Pv|B^7bV;^!HzO9HE;<p0D@P0*ipmy7TeE!M><QS0*27)Zy_9M+l3sy3l%2
z(h1o4R0J#@OY?O0a4pYa4vEj3Q>gqmPwVN`*VzvJ1AVbf6z$NtDZhNPP#1NEkov^Q
z($ghr2^KQaNhr^lbqoQY!3tZXJ`jt7NXiB0uoesSgZ(v9*f<;fnZt9FVxG7#hJWQp
z)VyFuS}vwdH1^jZiCaDEd@ZUcVtXP5EOfAYvpa19v<5M2Y&)6)xY&5x;PN^9{KOgP
zNn2_2vdGZZH@D>T#wV;bF`UW5;>eS+iT(?t3CY`+MYp*`(@AKBogsqqCZVXfcH1;x
zP#9VT-nDrl??NAaUu?3tIx}|&C4yWZ0@HwdU?3CJHf2~&)?GZ&6?0_FR|`F^BWtl8
zk+lC034UmcrkrJw%4^j02rUNz$GZCVW5AMai$~28(M_t?cZLM>YMl>~QABv+`=uZ>
z<9ZLjwPOv&sisOZ>b49O>(xu4!$HN0euiT3<?9Z(_C1;HP7*e9d9*9#qn|J}Pb*%d
zrD*Y|v`aE{;Y0o?Y}M&m+b)0qI=Mp%gbacQGoh;2(3Yh^Y70C1CkOE%Ml{W8Li?3)
zqtS~Gtu`MTK81^vxr8Yc2)3N|kagc(7?c6r6$@_6sq1BM?>vqRE1o>eY|IM8Akq`0
zN=2{HI$GL=wVn{{C*fHDj9Bk+8M<OA<>(LWpUr+U{D~(u27qZi=0ublg``>Yqa%#V
zZ_@*~Vk+@~gUjc6gZTwg^f2e}X%bw78Ne*KP#8*ZE3DOK`GI-5dr$;><b*suBkikb
z4IX_0J8JCSap3r<0)KT&8O_srbO2H;E)iOA1%G;Hhx25U^uWuvqk3o7K>glv&UE1O
zZ6+I(*p|9vSY`q_KKM$SMo`*R&Z(P-?h7(^Ok|5j30X`TenjvMH96U{zZs+9kZ^kE
z>0skTAhT#WcfsL;PMHOL$)?<4Cgjz0Y*Y74EYyr|MK^$7x(cBB?gS-Qs$#Jl&Ah_-
zj9cehD-wBCXE4NLwB!;MI9fxl=HHrTogf{yrHm?Jz|~-Z^glFU6$Wi4Of~Dyj0xd4
z@MLnQ3J3g0;{M=}mOBa@R(VxlPBEgyvm%T>BBcCS99^c~vxXhPTj?Q2g~LiuSH*;9
z<{7mtmC})3mD9)ntEqbgUTq0Mt9~~-V;QNBCHnj^yYkp^Txm=AQq{<_jxN<lsepaW
z;WX)ocP!l4mHE%yHB$h$6UHC+5!076R|-JL?cu3yK}y6>|L?Mc4~}Xf<R+4C4$cU<
zDTzT(e}7BT?#<OiW;xIbRU&)1^8+_q|Ew`1|7^wA6(-TBb?dItyEhU3_n)qXft4mo
z?4U@ZxEf7sYSvGd1ntkoTOLPb7>aqh-E@R#w|iVWCB<r!^*>W4HaDC81e#cs22Qw9
z&JU-We}LW{3IjV*q&Iq6c1)u4w3u0xW3YmI%3&O<vB|)X!a*Gc-#ES$gB{fUY6GlH
z=Ecx=$%>VCNp900&@C5kSANC@AebPEBUI}7yY&2)JI^++16=iePWS*-`^k6a|Cit@
zTLKaY7moSFUZ*gAk~7?I6OLXmkA&Ew%J6JtP?gYULlmrnfShgoLrF?6;(%R<dhkuh
zb<onBi@J&-Let{U{L98;d!^3(80AwgQf8onSK_7D-O#I-(24l0j>b*)bbtv9qizJc
zO;dA<aC!O&>19~c_ZMiFa5wZpbE0?k!glAQC06HR_}$<T)E|2Mx;qgcxp=iSBQJ|s
zZ6k@CpydA#dA;U|CbITn98=YeV@+8qf%1ptsLNQe9!z}qhm<_5pyDONyGT83uR@r)
zqz0r)&8CmPeJ>N%%%7Z)Im`(`#$RL^LX4?3F$D`ExERhSZg_=k6V^sw!KoDR9;#R9
znnEKj#&0~p9gknrrwg{%=+Xrv_)ys=!&iz|H5JJv!&jDL^m)V?Y&Uf_A+u-*ezPc4
zp)a!nYV@X0ozP}Rb{HO%+VOI~_B{zR&j7O`XE?dXOpbH)thBF=%`FYJG9g2^HG~vj
z8BV_C(H!6KGaURj<Mp!yFFc33qr9b=sWRgyxvO@pcl8M~vh<A?(a^7~!!sR02BpA5
zf3B&(eO!<a91+`5Sx_nn(VE-Q4Z~B=pXn}6hHcwt#%<uWf%x|-^7g_jbiZ7d@oevq
z&PE@Pf298+x5XAV*MCnmdxN0KkUwEp2))X$n=f#iXOiand&+mJ%M4eAr^4#M<PeKU
ziC?t&c{hFL8pfv6`L2Bp4nk|p!GQ+D<Dpd+0tTBu3vgoCG~{$CnGpVQrH=cTe^NdO
zxkY;$$1xZunU`4HPe0e5KF5XsL`79L8&C|lNvE+4QcZoc8#PELo~EuM{<W<WLKeOB
zQ!yY5p#NDrS=4mqW-lsoY2vV+sczP!k~uIzvmO0WVqZ_Pt$)#VXYn>PFsf0`4Q0U>
zG;rPcx?q@$N04HjPa53V-%tWuMnP+dDE(?iPbWWRR8WJ;Q5>91(|6^wm=7n(qK)A%
zxH0PYUJL3dRf}ic3+Yun@t8Vb5uaU#XT!ZvQE4p|t)u9cnrqSs@92Aq{xjYKaQ%fW
zR1{XzPwtPXOExC#F9GA{{AC_>cdVLb2Qx4#iZ7-P`&nTQhy_G~ibIE=g`dvIIPj-;
zIa8TUh9i1V`i_@N_Hh>EEvX)N$2(GmTy){R;a4TSqk5ER3CIjaL(Xkc{q0nktO~<D
zNbgK1xOF;98bEY}@-aF4B5GI~@s7Ue9RK3olab4=hEG|J)^2|l7O2K<KQ4Z%qJm$i
zppK2E++}dRnX|hgtZON~KUojRpTCGg$eCfNSRdbn%zCw#)<1mV?+;zLxov%!OSy4R
zHb>c{JA13OI@OV8i!Le8%z(FkD5$j9pH=;*;L9e$E<J=1ch#Fk@HA7G7OeIlH%yFr
z{_iTmofBh$=YSAPSUQ&jv_H#es2-ch)<TY<`jZ>w84Yc*1iD7YsdO~Ru`!hqpjR8M
zT+$S-C1cX}M9BcCC7j<W@E#ZZ?T@irTL`)RHBJ78u(K^A5ycJ!1W5|UmXm0|w6d7P
z=d}++m_O6pXZB@|2u}lRAWsS(m1blloN}oSvgek~md}GF(f#*v6gd21U)^pQdpX*J
z?zx=`#Sy6!c#|rAJ~*PM4`JG2eGN{Mn<%x8WQjtORP<mbJ|jyZq4M`4pMoPb`OtDa
z+7&ym4?mMGJlX~{$mTFkPk1@~&%GJ{B@bc7D@}l3qUg*s*C_lOSFthf8YpLNew(LS
zwpR~Mki564tSaB<VQBAJ?VMXo90CxMbPZlv4t;4yEP$s2*G<lL-i7GYXHK9^Vd9hd
znlYOAS0XGRPqUUs^`RYu`p+^}6`~DPGH|Qm54Qeh1{M<dZUIbjs2gyqjB(rj9)5Da
zg=He^Oqw7VtH$Wb93$15qv^BbZr|FHtA_#KEEEmA>e^0QMWhCwCI)o4zpCYR(lmTw
z;4`X-ZeAXgBBYoYfcSaPX=G=JYVZvJb0Bd~vrjb73JauzL^;F$W;mFh{&ZU3Zb&=g
zcnhTuS5_W{y$X*$p=Um*WJdCl6vKV%4PKKjk{Qn^=XR?Pi(__l`9`Qer9v^?=BiL=
z@~JQjJ}(|^&=5C`#n_kBncB2A;%!Xm@x+q5>n?gMPw*E(`l>q82=3piVEP_ayrNmN
zyT;#-Nhj-?=?)x~^9mk^a&o1Yn>Nm#rK?Y{CMV3y8}pngshzbB1f;1xhv${i&x$#u
z)fTCO0b0uQ9W&pF1UxvgpQ(xdp>r5p?7QLxzu766F8T0I3N6jQP%R3E7r6zEA^IWY
zz}n-;?iD1>p}xi<KkEW}r`u7@pZVB*RT~VuV?zmNx^P$ep2Cd+$WiK97gM>M3dH&i
zyi9uy7^`S`Y}el`n9CjrI=TUzIdPzs&Gpvq5VDsV1aq1@(o!fTgcA}1iMx*)%R5Es
z+>-mJ-qdU>YxngtL%Li)oYR_-m_s5Fu5M=i^UPTs7iylLuxO754Dsr7kzO`kdFw#+
z%b)tpQj+2;X@T_NX|fN6c0;gjzflnK-@}t$ex&9p^K0VE?wOw1EbP|j)Hw$Gy<BBQ
zy3gpc*HIc;BANf<Ji@9XE8!vKI@^?+n7Hi9mG8^Q_WkOGFGG>!TivaNz^d&5{i9DC
zSIb{Ifn<!f;}?idYg{i)Q=h&EjK`M>MQRGMb1Pvv8NUA3Be?vi|4)rNJ+2<hIYG=g
zlv~o9irA4#isTGcy!Wp><4h72x&jI=;>r_jq2k1{+0=vnH<a!Ue{_sYMYTwNe<Mst
z_4qf2;mZUYI7tFQRK2)jxXzQ!BgC*f8W83EN|nrDn$Eqg0p-h_tErM2{hz0|wa&l?
ze~96IW}xu!|Iiv;7&|a~w=_@RgTZG3>uzrByB7v5abic4{uqu}nwyC*4eD794uy#E
zQ9J=El6@@OhORIYD)z4~oh|>Bu1X_n;y+ht&c#YbW;@+?aGUD=Gntu=Ql~inX0(M@
zJR%0d`#&YFYkZQCD@pCgROuK8Zql^c;wGWNCbQimZ}8_Z=v(PI7^{tX1+Oy|_z*bV
zc5LDIB&VIf;5E2Id=e0rbln&!s(oD&g;w9WYVt%YS=cmYr5|E>#22eUoyt3afLf47
zEQ?j$A>N_VwA_VP6T#_EzdFQkoV6?XsAwb=iNS-f^BaX;TFn|8qAp_5onmIlG#v>i
zTPCS&3ln#RtzK)-go8nHc1M<rxyx}>t6L`pJjn}83E|+0!^9`Wy{8(HDh_Q(nF5wU
zX0K?#|4|sa-MP$`iOZA75RPtkm4lZk;+OAhVQd)cYhiSZw*N_P<wvUBXaALS*2@Ib
zVU<+ac8LY|@Yjx<-KNUR`yM?M1DTT9L#V6#>D2m3t7#32M0d>8-q?oq1N!Q?-fF+g
zB5EqLQ>p>_=($6bV$XBaGO=osWtBJ*LwP~=_JD(WS%al2<TeTj(oS4`aos+*xvp8U
zT3mE%Ua4A3ny=Y1`{k_Yn|jsixv<lpu-@V6s6~oA2{^qMs^AuD6kz@p&55UC$u*z{
z^e#JW7#O4(A3lb2FL92SSpy#nF4SgZMQ2RhuN53$PwMXI;%x=3N6xs6S|YW+-9Rjo
zEa^sf?ZH@bIwmVQsGW?DY!w#*r*mp<je;HL+^VM+s#I1<tLr6YF8x<XFFfdYPdN8P
z{qzcT`+uI+Z<^GCYL+<+M(-a)kHTP!uEi2W!>hM-7fR1_P*Rg>HWjZ8YByXTspOu}
zTN@v3Nt__07Xs012Hup@@L?_PmT6tP6A!IepVBo_)1j3<P(DZ*bQugid0b@8{~L~3
zK>5Y~;u9}&(YGr$bG*219IOkfWD3-IUIn2;?Yq3YjXi|z0UXX#aq&OLK|kz6WN4eW
zBEMSYO;uj2+qD!KVs@w#e1KviY&YT&LRbp@KJB$r7v3~hsE~x_@!A=U-c1T$7ikXm
zW~&e>-WowhFL#u4uAH|Ab0A=^3(^J6wB1su+MMt}F|f@yE&I;8nn@kl39WcVC*}V2
z;j{2=>l1;n(>C;p$t94qqbsTa1>5K4v&kW8r)}o@t2Dl3LLn&1c8LI~i5Dd=aZ*DI
zaJpGTk<~`oxJu57R8{`(G%!xLs|tA+yx|XP{dy9Oc;uxVJK54na#Sv2a;L5<$*1)P
z<H$}8e?B1=`qloxV$edf%v>LlBD;Ce?QWqY!Je{n8OkgQRPyf9;K>Eb69V;mY_!_&
zlXDmYl%WqhROf{c^SSrqklW+^69bSn8!&@Dih`<|iB=yXb3#8-n2@#=Hw_)_e5|sd
zW-N#&=kLmSBlCGe^<i}M3OrWi5=9uFd+IoM3EL&4Dkj;QP|}wy)9PeR7n-;NibFSm
zt<cpz;QK_djOZ;N_)G>a*H|P3F45IZIry74qoM=vp&&^KU$l^^k#+y|FW5*_zk%$#
zE7V{;8Jh$os@l%4&|PefT+NlCwz_gl<y0bkv+uRv>Q&s#T0_5kr|d#sA+~T(@Wtiy
zp^E^cw7SgLh^%^wgadsaG71CrBw`>DhsG_Ier#<#D`kfii7(^fMk!ohF!epiOOMy1
zTiJN`_U(x@^QX2O{j4%sZiiHTB*hD7<Zdx)bnu*DmaL$6+W*SPRQ=ctrngkW<%5O4
zXB5o)Lh}owVv;#-j?Wz#r8tRi*NCskZoE3&dZyb^Chu3_MIz{&P;U(UaxI*`k;%n(
zzEPlFaw*yFT4IGWtIR8TbjSFonJq(T{0b-v<q3W7lu}u~I5{zt#jsEsvX(L<a*gjO
zKViB~;*@x4yvN2DV-JI?ClyiTukqE&vnZ*hWyzb0en5R*2bJfm=Hf0K3;EeK4BuCX
zWfK;M-iIru`s)S=zIVZY51;JhLvI?SW&6jZu#EUCR;Owvf6rqK10Zzo&BBmINrY7p
zeio}#MAa{6{VyH&OpjGDP)lRJ(H9yz$-3X+sus;g2V|+pM2acF<t|VBNY9H~DRb>i
z2p*6rgp>X)h+wVg#UTG8=IBQ?UB1=1!vVN*_{F<9AV2L8fTTMyM6b3HD`cmrC>tpO
zp|>e1j$!0yn>qc4BSbnh^`zMi?6+lM8dvu$PM1Mp!?`R|lkQjY{72{ulHle?Y!xRO
zljyDH#LA`OT_*l9fzY-`;ur9s(!(HnptPnZm)+O3fdpX?>b*-cmkVF0BzL?9BkMoc
zn92_kWe9stQuK}GEw{kFs=nK5=UF<?O8Kz)Np~Usc3cYSeNv*5*8Ay4JiAo3Wj%Gi
zYd)$4rc8dQk+UMsA$3Ib&XR*yIq#=%*#e`6c)d|}+}>ZUcsY3y<|7X8ivSN0mf=%i
zZfEKO#=fOEA2ZF*$s~wmK^!*^@A>!;u9njV=!CZ4ey8o;wjH`{c|EjM8VXO65y>lU
zvD-HRh?r;F0!Qm2DB;mezq-f#cap3z+OaEXe!qkrq~Q49vDbLV4&>v7mzU4<?Y*3I
ztdkTn+Go7O4zF`god#z_$d6>VA#2iw*xt>vao0L4Flj`%f)`0Kv!Sz7v*>7#6>Sb@
zR!SPD`j}MRXS`DVCdOO+wjbzD9e074+&-5vNp3|k?9`OpR3-z8&y{HcFpXo1I*GfM
zhm64_)jLDv9Br4oG07NFt0Tfk6%}gs#mwVx*R0upuw1NUEenkl2&UL-=~^K@c&@?_
zIh7qUE@gZ_rh)ZXJN`35nIWlQhKB8~Rm+}U>y462>48H1-LL7o7MKa?qP17w6#7Jr
z$?jX(`)``|E0x%%qbqE7V;Dq7P;?QxysNUYZxYEdNziQ=ix`7_bM|(6er7~E-^^u1
zf#-8z8MiRsA^unPx=niQj4yILELN70L%SLYbSGaUp9LqnR39b^9qo1_+R=E&rxA43
zzi;3LkruYYd?gMF<S>=nFtc-8HeA=D{&{Ek_fw95{5kKT{m#H;jmvhhJh1=37B*%2
zIPAzF^-IPzs9grM<jyozWjCZ#NhFzANMFKUFOuw^mBAF9C-<cSq;c#Qg$VkK7#Bjk
zXh{AQ;EArAjFvAmddTp3xR1KV!z<)N&~!lbc$6$$T0=@_HanN3IOwm#vkC}>mQXRJ
zcf?*?>d&0fjP}2{c}ab>LCBw*z+pf1f$Wa{pT_(;;e(u!P#gP(IA^Q_hR-A79%tvA
z?y{heVM++;pD}<n=Yb8S6cOlz&389N=kMbZdWE;oxq7OuTtV@H6tZ|Q11-sJY5x?e
zdJvd12!P5sV&+$M5nQ+`Yg(2@_F{KdpYpewLr9YH#8J>4&u$#9ozHY*dYufLxx}I4
zEOC&F4tsRSs^Y6N0sp<fwGpVSu+=jX)J8D{Hpb8}%-waW28T(uO^>gC7h=YyfQ#25
zo=~~pW3STHtD*XF$JoV!N@6-0^o4(wsM^($wcW%a7vM&cN_DN_u9eD8YzX4A8*6i7
z;eF*_Ybu*%KZoW0cew{cc*GW214cC?N1n+>ObV&KE0!4hD-swPeKzmmjv2E}<?&tp
z?`VjRAeC}we4j*SjNG36IWR3}agdu`R@x*o64jVqe!5?W>3fHRRskHMmhkn>ucIB(
zy9p9zZ1BzSxh?v@*LM~+jIfV$X;HruE99MN?Dn80z<;H~{=NFS?e`*zf3LAjEI@=;
zt01o`{hfF+cr1?ZjfM>*YZl&{%5%*ht7NpfO2LAz9^44`grx+1Tn8^fJ}EwxSF<?L
z=Hok@s5Nd8BPk)HPCUjdO&(#N)Z2d<k2|Tpi#vu#&FL)tAE^u9FE#7wMo=Bql|kS@
zaz$##-baded7?@FnYyfIiuqa16>abTg|<x)#fuutZ$onMW7r?lhURW1Sk`~KK82tp
zNxK|_%R3<lK`S_U!tAbB6-`FPwDfjAZ8pZ%)$!tuT7bIds`l#ks(%uIkwzBX<hVP}
zF4XMh`Roxy@JEbTM}8;izE>*uDjt(f<@4$AjL|9V<>}dgqZx(94xs*EIX4&u#*Q{-
zcoOFLxDchp&u(OdWa*gNZD@iu_@BB##gZ!cMH`o=Q-|sf<Xx?%{OgZ>tLjw)&s(v<
zgpsfQr8WC;l{n3d?uZj6e_|u3h`(M{uSu$@=`CqBdpC)N8z%(TdX%!2@~qizTeN-#
zk@Ro3b?|QROJwx6qQ^6tUyAG}hOfvUnvNH2sy^Z?QsX5P^Mr=c>w*pQp(Y|2HKDdr
z?DdVvToWI%-|nLh<f)Gg*irQ>u46-Pbz#FJ)wb)DEs%F_A~u+3-5haor7`@&T<p&9
zXn$G?T<rb*X;h*TN9XoqsqMa*hDFimF+x-SUjiSlWE5z~=_ooayAJ^OiH}uaY#+W8
zY6$K~QHZ$&2;ng@(2iCv|LHMsq>4KSmXQdLaB@{uq0&ns64~leL_cQfSRiA+@dDzl
z3fO<NcOfnd`8^~9oE^SV8Lt3#V2v!jKxLPvHb7`kgDD80!pA0!_jCs1^6Xgi6(w1A
z4W{tyt_w|wI{@Ao<QsJ5zoZt8#sRX6`kVgKaMDWglZl_PF}Nbu+u1l1(z(*3(2mzg
z8z)h;Vy@3NN;JH8r66Kxl`<Q(R4l?ROc2CsubyD7Z<92fjCPpr`wgcc3Ae!WVVHdw
zHe%@R>&@d6JHf_gRYGW;_25hA%fMEmF*`sL*C|)sg?CTLDY(UX<h%gErEwBwA&b~I
z79dnL8_mLvCk|Eo14CW(b<Ku#Xp#}ZgkrWtDxh}Y=De`}=VBpO4qq||$)7oVJR8u$
za5aF+Kd!$0!Gt0%senP)g-)>{;8%^PLVosgsVc@mwo>w6Bz0=OXb1Lk#h77YRq99k
z?NoM<fRTe3YXhHA;ZAz!KAB*b^3u=PVY&63&?+{9N4muJvpXVQD&bn9WcY#v9@~xA
zc%`FfLRU7>LwzH?fg>fhoamBW*Gh?_dNJTl2PFqUZ>_ILJ<?yR_(OFy)9QODgUv5$
zzASrC*<gUBz{rvDBZY+Ph*4K_FrR@)3?*oaqT%nmE?^`Ce}yFQW5cD*cQJi`mxlVb
z&eMsu<z@2vOse}e0*Gz=94CR9$^aU|i94RD;XZl~g7pC*KHPYc)Gc!tEoPTmod$3E
znhBI~L{m+G!GP<_$^_i`-(;<_jK^4oU4=sc8IU|1Xvc_JP?<>CSBS7n1oov4;Gl=M
zW;WKU+l6y?FHEZ|%RV1LZ|GP9Q^<b&u=3i%{nyV{)H`^D)27#nYaMUEn3zgNX9ij9
z(gS%l%fVNj15G;?;PCC<$Rnh0_qP|QA|j{*x}kKx+SxG?ZS3%IDj}--FGKbgom7%>
z&UG@Y%kxl{76&oXb6#~;{L<RpiSjX<<=Ix8QS8Us>`ny?A?IJ_kS{St?DupAj<5DI
zff+`p&NtN>n)vbNA86YHg2I+_UaFc!SU;`8{~(xZ0CZb!Duaw{)Xx;lc*(lSG8yC0
zyD+c^Ob4;!FAw(2CzvdJ3%8Jj@UiFUNAgg{e6xyq9&K^x(Js`+lnmME42!RqiAE@K
zPVgu%!WN7~*X9Z=Ke@8HnMNW$8?dd>#h~|N&KsiWTTLK7Xg;TL0f<tt2?{nLc#e!=
zpta*-@>%4SSF4Kv(2zg(uOzQy!v4qe5Fc#pK^mq!01DpA0uRr-6F##y67^L%Z}I1E
zUI&Wp8GZ^>teT4nF~j%+Lc3-eT$ccGw^fPywN?EajrRia{%_P6&Eo_4d%`o%M$yeW
zypPvR-=oJQK&!x$j^n({(!!!-b=Wu*IcYfE&7`CldvyB5q6zT1+gK^Lz`TX1e3&7~
za*{Wo4-o}#2;rvw{WeyPdAgD5&|A2W9!oi2`g&!zMYHK_`y#CPB3;d;1+Glv9Z>OQ
zqC=ey7y;PE+#xCEZ6<rz!;PWfHu{Txs7N>LdI!w-4#C-gPb1^%|FHFzVQ~aY!zk_$
zG+1z095#!)`y#>JA-Fq%;BLX)0*kv_(BSUw?oRN_Ip6z!_s6||=9#W8@9OTEdZv0d
za(=$)?Z6abmPKq2x}XPZhSR13IVzM>j@GmGKMQmiN6%|s-R5h3hk$CnFlXL93cVjS
zFeL|Dtf7wG1sL)}IkdWX2|<tDvzX6eF(h087X=%WP#RL8`LX=Z&!F(=60XMP^Lse`
z)V-$hVgLBzRynYCI1NHotF#+t57%3~;_!-CA7*QIS~RA~Fi8<t<8pUCSN7MMYD1`i
zFO$%VS{`d+_IfJ@RA+jB<b>R7m(Y)cdQM)~#MBv7ki33-8_}-0SNg8Xm@)95mSBm-
z42I>&0TGN0F%!Ndj4mX$tkUZNh0MI}97Q7e-;SfqL^BHBl>kgqBPR{@_-f~+F51Z>
zX(i!!s_nsd0WMT$)+LyuG|vvuq;(t#Up1MO<d367oWbeyjM>TzQ`Lg$b}T^cw%w!H
zY*D>LmdOZkN|Ty~P*a1K4y#O11FuNr;e6?!sXRLyhcQojoSKrVM9S7ye`w+fDInpu
zEGCO+aQy&xA-rT{vD8?bL|VGTIva6C&2l6o)R_gEk^(*fI$p%Vm#@O1Dy_M~R3Q1Y
z#W%oW<ApRB@*OTs^F1?ij;49dAkg0O42rh5XSO?$5$h+wC{6Y7_nw8z*;)CIv!n%C
zV&d~Qd5BxNc|RKU*%b+)py5ymyiPHAo|h?~71BbNoW@%vDv(t2P1r6;rkJD#Lk{1<
zBAqzYE1o<94!Pv#ICmK$nY-$g3tE=q%cD&VW<Dal$b3~@5J86d^U~^Tv`@h0qfqC{
z-N3?d8`B8>pfy0pV5?<+O)_VRun?8p(!l%g4iiW}v?es!1z(RH&D{W@)x33iRpTG2
zDiQ_3nBa_5VcrmZ6zcDnLqn{D5{HXI7|yYZ8={$v0#tTt71Uw&Yui-Jg^d&1af5#1
zr?UFlr9=+&lbnPk3A5pR9VyGtKEc539K6~j^Flb{`*w0c<pgBxF>t`bYKELyX*tsw
zsPk&`)ybUK2$3Pk;fg?5s->L_u{ccL5CW42-*uB#kyr|IYWm|H;fzjx3!2VIs@G*q
z)!!-I81x9Gkoe&cc|a@NZ9H<Q5L_ddVBmZ+v#SzB7kOTYmMdjg{L`Uww?{{(BvHw*
zJUpn$b|ra;l!hhY>AN$bIg^xg2=l({C);1WEfNin@JuQP2l(_4!8Wu!Qhk9*#_aZy
z{1H+u0Z~67?K8<>Qy5DBliuCT0T~x5@YFwMSI)itaDti8=%eiPcE`gXHftufjir(E
z-yFk+6H`$5+bX<PB2T}a+pyupKb(8k4gK&nd<^sqXiW1?^Fpg&R_adIn3P{l=B1nY
zjOBHnj9k0{!btGGKjpD1b85-xqhOdxRwa+!FW|qYbDy^cgs_~2?<p1>1^q-!k#V1M
zoZU48)r`&(xI<?*fh6DXxWiwauaDTJJ`Ip8rbvB3U3y_uiENh-@63>c(FK4oCMBei
zh@2pXs)dE)kR<Ve!x}Q(=a=QWMx>5Z(rHP4|K6Ce7!l&hBW09YWj(-~{D|oYZol4U
z>wwI6?iH;c#Q2?sF-$69$TKj%XFyZ1E1KgyBV-;b5|EUmmuIJK(A8+7xbC^SXf<A*
ze$}+HR5HCo`PW9aNKl>-m6ZQ<m$)3fQ)!dh!R4rnhAA&1R%=HDs)L#mz_k{i*?Txc
zv~K0;7(M7aq>Uose8k<=h3opf^OuZV7{&+V_zj}P`e2LjAC8^D-yyh(meJW3Sg%Cc
zY08QaS2^|l1Dvy$(2SRtB)R#L!P|!*HkD=>Kzr~=BHZWBdTJ^IYf~mq%bEzV4$e4O
z{+fAZID>Q-MB{(@JYTU?z%gIm#;PL$!T(QZgid1~m|l%b<DYOeCJEDYDwvv&jY`Ve
z)YKe@BMo~3{9lBjs*DVHN$+5X%FfO6!M-$4bLG`qbTe7swN<9BD$!uDy9{7_luhL{
z*;drQ?({cE3(``RQ8xB><Xw%sOxonbS-5RxIx?Qo@Mh_~tvtKiO*ERxwa(iwn8GO|
zC@EGzexr4%gOL~_GlHshXfR~C@r@{Yu#Zi}e{xP$-T0AlnEkt}Gg3!>c<By(7SsSi
zQsDzgwJ*CICbBFdaSJm_;uA0}LeyozOjaT-(bbs_r^76xu33+cg+(%LztpbM!AM(s
z*_d{HuK1F-V(e12rp%GlL_;%TJwVnhRc($Coo>bq$=W1+CoO!vw&E-0EJt!j2xv@g
z?F*^lZT{=;CPOZcpi&D)vqo~9F*OZKX)N=J@Je~8TYL*qz#sD-oknEQMdcTw1k1|f
z{aw-8n7UhP^JuZ;AqxSEf6_`J(dzVUX+^m;(mJ5EB4niNLz4{4m58xef%K@+pe7rf
zex|C<>tV+CaL}0iS|(bu?3yup*5hIR3xkK19Wp+t<82ml|2)_t0b;7%en?9{k^eWS
z*7PrInwF^gJ}hH0H5J>OCKxdDvqRK#EdVqovz7_o+IsVG(N5TB<BYA@(`<9FCU{5W
z`nCY%g#Vo$fArmpVsGjl?Phx4Y<sJAEEYh)R-@DSHR3DVnCF^q&un~>w(WfbP(|7k
zgujjdg%p#TRFms@6t{5@jR}w4?=yslc`#^ZmFOkX{FMPUc41VIt>TB0BrJ=iY5Gh6
zn0rhhkf@{jJ1oN;TKI_lM<l(BIHr`9m2Hr!63_X#;u>D(I%f|D32@e0Hu>AMZX`B?
zUow&zG6P@jMV*7_kbeM3Pwqtr_<sJI+|o!oV>Mv_$wNPz!+TF^#npl;wC^a-I4@62
z)!5=?;8_yJ6ajYDe|Bpl2kb=<0fmL)=xYrS?kRSL8S&m8PK)oI8zceSxQX=WX4**^
zDQ#AGE7zlmU(%`*7BGFKM&tkrorozh-36gEzcGW5#fV6Gj%fX1fA`(}?J_z%1lUg6
zkR?5{4S^_vk6cB!u4*ZbdcGy)gZB32xvDqQ=;=Z5_o5zO###TMRlw=6qWhX%{8*0k
zJP1Q{$F*$!D`Lj03)Zzed<kqwx`ksEn65aTpdRTH6v2!NiCsKUD*0IZlD;+;55e)X
z(Xgl>0iY$dMrc~Ea_S_I9JNl6vAK=0&Ei8$Kn>V7ths#p;P?7cuye!rHye`m0l_B8
zGG!G&%fHm}%y2Nn<>)N`WlRE!@x5}5&6{&^><DIpj5`hI%1|#eCj(9r(u8oyAsJp8
z%1UY8Z{7G3g*uP`*YDB3A|9SQrL-qJ&@be}o-F=V7_4oSMg~&`^<Uw}w`nNiX@b+`
zVAgzayPcinM;b|NJkBRI4CH!@j4dA;Vo?6(RAxX#>OamJNIoL2p|+;qB9y>{vlCI$
zMPM_aNXn?90kA2p6QEBEUl<E61`nDUqPvLECD^fY8&4gE3iF&LhQK015iO>N4+UY1
z3b5qbrIg%9ak=*y(qk8w_xD14N*HmhOMkQAjDB1Dl3Y^~T>tJUdvDe8BR9u4v(Dig
z#7T1^#uSFI)r0KzGbtjJGrdo6v2XS??rW~Qir`v#mA+KdqZNpz#7=?bSHj3*Vpv{D
z%R77(LMMlk9H;|Etf^jF`deD|1V!R^hlHE<2(V09MuOaKAE>c8$@Wzj5bX<Z*4vw!
zzL*orRXmv3-pbP=uE1oXLK)f&UQRr^ine@wEJv1I?jKMyl{H?=RHdX%uAz_ID46V{
z$xizS!~hL0!S-}>$lNFUA8LES0lRZ!GBi%ggc-H}<ST7<Kx@Ob;P`7(7Lyek;_M;;
zrR<Gr@v|zlp$|1=cOfH-bjDX11QAp?DVAE=!*x+Z;-3$lF<)V>15MMv{YM;^UcV$(
z<VN4*OL92u|Dh@XaY}p;{U<?$U6Fw!xBCGocf$EV!u&|bCK~=%%aj_CV9gi6hZ(w%
zzT^Gb58qJyC$Y3J=4j4}Q<bqZs{XM(%3=IZ0$0G%NhpP$-XX14Q6YO1^y<(ICcNPM
zL4G~7yNkdw^C@)X*3Q1bob0!^(>3+uuRQnMeb5+LnqU}rR$<h~abIMH)LywMc2f6z
zLnODV4>c4*-zch^QqBa?W)2<+x~4YO?58L<ZjwgW6-^oN2~#t_7=l{LD}oGdTZRSB
z9i=NeBQ(>wrcY_Vk-4x4LG`ZxoXg+)l47Ypq^kTjWNPo}xv{(Zc1=c?uxcQ|M1+yn
zP7U{4(;V%tlv!Imt+oYxBL#`aNl4hjZheYLTm{S|LX(4GY@xFBgTXs4(hsD56|o9G
z>|vt%pUR{`Ta7VrF*OA<CIt7x%-W08D2u;>@g6-b{GZ8AHMgZg&?dJIK$g0YKtA^v
zd4=r5f&|^6@xZ1*TyzXp@A8aH=O}c-Wr;N2h0f|XlZ>3qz;!ln3NY~(G+!QqlPb!Q
zS(Di6@4r?o2br~XJBhyJi%s3`uS+fPiA}yp65rW;AsWx*@N5ASrC2UhM)=DN4-M<J
z*(D9__2X{;Pm=d*8sMS5^Po5ygJXIZ+h$JBF=`5H-asPRG9Z1YmU9>+!zbx>tI23-
z6pd9}jHTY;JI<MUpWQoQHr)!w!%MPPN$bJGYZ~g?&$de;rYq`*u*47`?sqY{zt0Tb
z*WZt0N;sFT`Nu>c9J%|MnVVGsW>|H?6qM(7=idu8dAju<>tB-+;{y|5n>WawA3x35
zA|24I#kr=^<gMUuf|H7?2+p`|Zgw)bwE!t?q|U#_Vz))gR`VrlBlc??-9|reGO>AP
z{(u%FGiAtAO*)6@FyJ`hdEsaBaF$2fou6N!?_AR%{%k2u4A-?K9kB>}>dHa9)3EiO
zH!#zNe1=RRxuBV2XqE6a)m!jv6J`b&*|V>4-p{_f%YveNkIoJFdlo(%cyxAozNQwn
z*4AsU*tym7pk7Jd6^`W1g=p@XZc+<(KW)e=&)(b%{RPXcm3MTMm<I(aCs%IxGc&Ur
z_Z0;$4zEza7}@dnnJ<4bdc{~08qKu%CN<QCi;syl84-TgUeY%%d<Qav?&QL;9Y;s{
z7ZsKaXyVo-2wICi?@NocNXRwnOR4X05Z?Mn*)?P<I%}s`PW7ieM7Fm(V#&Z%62E!h
z1nRRSuzWmyQB$cr{5)ODL-zwh!B0&&zy)@Hg{9im`sK<iuBh6cu|<Q|DX$k3C<E+<
z!vX*I5`YXyHT<~98wULUK>sfq@PE)!|CbKfP5ocGRKsb6|6%q2g0$)X+xH6WR=w+i
zQ<+1=0jqri1Jy`A0It0s0OSvVMldqq?EkBXGYS|;=w(zp_8-~*tKI*I`cL!!s{r=@
zvE+kQf?>eW3GN57ObpNelKih#|EunG1;hVk`~RAUem`#5WSbe;1IBqE2%GC<C#qMA
zBcmb?@*8cI@JC~?m-1z+7)<KoX!3$#zEcfc`XsrVXN<#98~H2vJcNh(Q<eX7aO-@3
zXTOn<<ku3fi{GE^ss0)LOEXVh=Lb6lVj{|*hctt6v374L@DxOc2q8`A2~6M6dzFlE
zzL=4i=|wDj@)Qp1;O}Ib{L~B8Co=dL>aora-Xqe>J|N-bqYoMtPozw!nwZ9$bk+N$
zn<ek&9t@b!A;(x+Lz`I%C}D}n_f?l*rV^O5r9al5{ic6L-L&9(IV<%}fz*jTApQ|J
z++T{bKQT$Bx(R0-pjXGwxPZ5u2k#hyEt`_RzJA?G+`9&j0nfUNtqd?4<**>n#*UPA
z6`jS+Sv3!Dy_6B!j=M4F9jFsMM~$*zOOJr^7U2YLFpwTxgQQQ|xLgRdt@F|4MRKfH
zy}kw-g@hNbGA%ja`zlQU3#WUj;R%=;v5j{SYaKap`6{XdSFG+O)H=}$ig(2^Avk}U
zt52Vy3{Y@DcbR{db2JOu`N3>p6pN^F9b4~QsMc?(A-7D*M@9@Z2qu}e0Q)g08wR?v
z8{IZiKa!NqPweKfw>y*2)<1KC+0PCwaUGz%ikz!96Pg_jxD+gOpy#89qKIGU)uRD^
z`umGTKxTz$Rs|;ay~3aBt|28%x#00h61m-8eD<UunMyXH?_UlOp|S**&$#WN251b<
zQ9@Ug2fxbK@7f_7P9~H>MfEg_q|>0`6KU>SI^H(I#&sn^glft`o?5Bqsiuuxn~}Rw
ztW1*!`Zd*h49GK95?$Imkrq%MMV!8+Qc@8w@$kBf)oq>e8j)REWzLnV-KXpcPp|yF
zZ53qEgzdlY0H9KI=K^5iks{N|U9eHQ5yL{>u0pWLje=#enwS^1OsZSZ5Z$^3L$P^y
z<y|7vD~TAKUa>Q*?nZK<_(lu_B@4q(OSI_AjK#2jfxJKh`T%?H?%&B6-e7w9pY@w-
z$2}hdt#{^^XUPl4zN{n#8<)?Lgbbdcs*c6X?mFbhwZqM*R`gj;*79K|G{JSrg*hC8
zq8Y#iOsL<2q{@_2<8P(pTzxD*tgX!u@EhmtEfSkBZXdurmZAr-s-)s#0=x+}USo^`
ztR&$xPRwz|iZ9k;U0WCo151R%7;eS484Y0s(~*>DfOm_Giw={nFRJulOD}ElM(^f7
zgC=$%menWUQw22^3GN&JaGrY3UTnp(3>Qr#(gH2{dkbz%ZlOEZ_w3lwILV!E-YS3a
z_hsyikP3R7A6In+AOktR8(F1ztPZT7?BG8sr%vD2^S|7`9=v9GxPGWS|EJt3!16D~
z{9<03p;h(2K|b=~J3chl9#fmBY@hh?46_WK1IE}-ie{d~hE~wwm_FPZZ`6XUT?PK`
z5^z`V-|Zpn0?Zq4FD`Y-Rp>KlGg;OGd}&cY8NuOg0Y7xUgW<CFNM-ur8z2u16caS*
z&WnBm@fmUE(~4~J$7wO-_D<vU)oQ%LSFtIE%gN9gq<BJVNj-^>qP>0dj3ncbBUhvN
z9~r;N+^`@?Vee;}=|^OG55iSE8G|>#$0zv<MxG_FFq`oz{n+;r$y9X$%DNwwEq+oj
z>JK1ro43o<inYChk?hQjQyXJps*#soDiJ5a`^%M4fTd1|Y>ThM;|-Ust?lAs;Wa-v
zuV<MP@L4xFBQ}yWoUEykE=Taj^0<7<CIvBJXPph02FWmdLgv1(EeCiZ|7V1<=aol+
z9Sq?2e#z&Hi%%Ct1FJh!$(iFE2KrKFNGg;QJ$?QexJtb><pO-$$2;mMEw8GE7K$5w
zD?<fs21ZVBzf8;jB>NMDNT8_1zlnatVa2=21)AH6={+4r|9%<2Fo6vauG%6l+N4W`
z`e3`wT83twoHa42EuwXNUNO!rW$8eV>7wd<6pA_7LLzBjNA;bmVHb_fx%`RtYx?^n
z|GdGvbN<N2dyUw0g!%@7vB62hO#bqNcd51W_eNrXAT%+!6U=Vv&O_+EE|)dQWCK2h
zoL_Z;E+4#5st&Vy`@9+rK~DBp6O~W5pXwJL1!p{8R(j!pb0>BX6<}kN(6D+0^VHt-
z*4t$zDcd$JL5|gfue&)O!b~fts85GpwcrEdy&k0SVWP#nR>nkpA;D5%&2~4X+3AOQ
znmH$}M)P7&Xm2HQgL7o#DaOMF#wkM<BEhX9+lB4gJ`C6%QKfHw?T(5ir>KG|s`STq
z)@2hwv6-YVW&P>*jBe8nbpwHKkFHxZ#y&r3e<k&5m+V@pi;#)4BQR>&aFwrmQB#~3
zr@43ul=ZMzSc#2HoZ+YtYiYCm?oW60E2}OWHqep3SjlK(m`z+q0r(*=oSZ*l6^WlM
z>sk#^%TcM39xSV7R0fb|)BpPVz|IgF2a>YFRq#1>8Bhmu0%9b*j|=F0I4J?t1O^0)
zXhqaD1<?uCM7FQeE?#$8<)v0(u*@vC4fNu$WiGeqdqWCTA`-s8`gTJ?@q&9R^_38^
zsYmd6Cmc_KnNcHqletTEj)Z(cO)2o7=&+Tar2mGTzz6lI%r~Z&^qjx}^;~=VzHRgB
zRsEx?WOmG2qcOw8rKSj?RyhAlZJ69rSh?qj1xM3Vb1~fws5Lg{7l_4KK2TWsSFWf8
z7(rK#+pkvtKEzrR(}!Z=Y`sBEbFnXvP*Pqc-L*C*IjvECu~^&x!@|z<D?Li`kf@m&
z_&`lusm~Yi$j`O^Q>DrixlMyQ8?teQTrUC#>`(};(gXTDJ1rglv!rhzbJW!Yhc+fX
zw`MIhW{qK{TMO2WqA$>=ANtx^j>?ARIH~*+AM4Zm&C@n)6hX~P-DJbVPUQ-mI2=Uv
z<lGWdeG!lvFJB$07*)%c)|;@|za5p2zGE^mS~-jRBw?+weAwE!l~?KSXi9D=OZ7uu
zG@|FGt|jpbipG^K%V#^BIOIBLjj))&&@1Wlsm)GHzilFEwoqK;Jyqqm0)~?_a@ABc
zHQc#GopVYiqAkNVg%%FS;NWg~>QdL7L21Ml+u}(w_%CV|kYTS9X1AJ>Af0;jNA}dh
z`ItAG%kX?JFg1}S!8Mq4m~94HG;lV|A*+fLdXc?{`L!=(5scXpL*r-Z^3#)^X?#WB
zDlt`oEMZZ$W|AW6H(gJ|ICJNUo9=3T<yhRjo~}V#fObgRecb(M!^!#hES5o2hb+|0
z&n5LSwYI%Wk4LeA?f&@!(qI?NuD*xQWIC)A4Wte>Qsh^mTkQjKspKDW42fl)AAS%2
zvHsoX24_6RF-y?}2fR~yy$`7|+z-bS*Wra9v9UGAGK5L>vgnJ<`Y~1i+>b(QOCsaj
z9b*awhEgFrOV=16%^1+}ZZW-*xA#LfJnncppMP7LTI~NXGaPS&VjY_n+;mN-R4B+>
z*@ayeiv4)9928F1th>%;5fj$W!T-}zJZ)&QBYFQ_r(*n{PL0TCyF}8MH`>Nqgb&K~
zr}hi;qraks;qV_qyzUyiB4dIGP(LtlbtGC?NbdX{8nB@Nen)d<7r+1DRc<cmL4iB9
z5>KYrr4ngANS?;19QAm|F74oe(BPj1bPs#swf}S5B=lj*Ob-2UP1Cg$)J!MT%trp)
z$X=C;6BL9i^r-4rbLUIpAA<jArTFhek<9UV=E&n^BRCuy;8&887^)BwGeK4vm`fhR
z!TzB_NlN~}XEECG$$?xZX>30C>?-ReAp3uCV}Z*T69lrEG$w<|=CzUYM#CF7h^bFV
zhO)Lrn`qJYPI7g$_+t3zbYdY4^Y0pd<o|WCL`i|pj65gVu*EZD$lFBBV{m<vIduEn
z>W`Euiw4NgK{~5*5}AQnINg^z7cOg;EKZUBF$uT1Me`!Q7^Y-?Rq6Mx5ake2vWQQ~
ze`GdbZj{8^h@bM~pqp5Co-lb2<wy%y0H1#e6CQPCI#)f6jE&j4MrkIr2tAIrJY+t@
zd;QG3QPYD6Oz|Zw`ECWQ>Dz*=`3go<Z$Ul}N<;2*OG~Yl>u7qe+Es67NsLKtoND3N
z9ke<xpd*j~+OIOu=w$Emsg0aUlN@Aa-FVjNV~7~-3q3B%SyUWH`jAv1m%q!b(prhX
zfM`okI82{--p<N2HcEY_#*aaGZD3IkUGvim9uP+}pP7O-yQvpGt<X1v`@zqh;8t+=
z*WsUYAXkn|Zp-)*XF?8}v{g+UpOWD{z09d$<xzydmgB|Tk;G2$dJVqxm#MfR8`~uM
zh7vOv9pB}}#V{&+4&CjqZEgo+8GPxSY2(=(;UYCig(EJ{SMucJ3jdtUO6}>m)Q7p%
zKzYo>*4E@ICeNlX;}7y$nLqIDe}rlc0Y*zpD$C3JhhyKUoR9>MK<I1jh<&t@=l$<R
z6bX5%`<Y_&I4^C1awjL7a_z9$KF$M{<CN<dT2=|Xk*X=l>KU<!s>LufN0BBpGjo@b
z84ufj7nR(VwRM#U-i38?kS2*O?CRRa#y@{xG&$!ld(-|7^IqnljelVn&#7`C{iKk?
z!dy|t$e;1%xoX<_fH&U!E4m^27giFu5yASX<;gA_!QDPtPF^UG6--4DgtsO08BEm+
zO!FovF(Povq=U~$M;U>1lCY(b27)J(Ip_V*lfW2Fb6Q3xcD1nT*5QmJg%C(*IglL3
z18%w46y~2~V)$AilqqGA+)bU#1vs|z$!U)ztUji^*sRr|GQ^p9B~DSumCiIEu<nul
z-*gy5`0gQ$7AaFa9aLHufS>;eM3Q(#J`8tC`m?q!WtHYYK`;KOJ@G7l2>A~=+V2un
zQ_oyKQ>XOnY8f);orm*RR4lWn6ORg6K;+)&1p>98b&IL$uqmgS#t#)!Rn?5qRxslJ
z#twEqc;|t6Y3ZZd^84XSdFF5sOWLqvG>ngr&p&Hb;?d6-MZ@wI2`n?+bX7^3B38_$
z<x9olN7FJ6L;5SU*XS?pp*kfM;A$?*T>GC<2+G^M+~lq4+I)-D7`%EADr5J-r3zag
z?NKCtyzdsqjC=%l0K+ZM5^rLbS2#m1_h3{Uzm3%#6j4##P}z(*eV^G1nG|H=ga+4K
zgUFMh)5+A0VT`ACWX&IRaN7k>&#yK}amtEFG6kI&H5r&?1hP@3_FIz87)k!>jEw+2
z$ZwOTuX=RP1qPAi(i9RthjAdNc4Wsq=iKO=iH}5ATYa7xZYvgW*<BOlqwFSPCEp5`
z;@ulQt4O}-B^r$jN?8lqY!&8xc~J)lZ@xyN5>S;Gwae%HzT&v7F~PBGxPU|MWJBwy
ztns#n_^hDPK#Qg(8viCdbad#*7>m70R`-6K8t2giI1VQf3X#oka<+LAZ=5qv{~@7{
z9s-kZ%ZH(Qh+>n^nDa)XNT*<PwcA)pLs5K3+7c7>zE186QkH2xmZlkyHs%8>UrQ>D
z_MY?gDsw8P334Tqyk^dr_0WH}xZeexX5Ed(Eg5}cCy71a%qi%$<E3DM(oP*v^h=a#
z?Ni+4mE8QS9v0gxD|?sCI>cmyjlfYDo$E2c#zfs$j?nwuB4Nq7naQV|=8|?fsA~MR
z-ovQ{zUYvBoX6f9yL~f(eKJwz6l|5YC|}}$0E>%^uRo+lt|<u+FCEMH99RhVNgkeR
zhAdJPzz<S$^K`nx`8Dg{@wrm}QiiD5tOp?|S=x|qr4w8(3YopXzaOuPv%GvQsg&hs
zCu#Ute&*Fp^cD;;7Nm{YvlLK&fJSK%5vO2yFmFihVer*OpYxl(;sE%RT}WULbppx5
zZmC(0j??`ndXldtHKPnU?OTtdD&~Ku$fT5vYA)~<OZqmMm>x8GDBFQCriI}ot{d&`
z5s_r_=vVv-x|y336c883h+#StFap1*LQdkA=4g<%2xP*Ew|Zv0o=#@B24{7?Gd&Z0
zEWCuW-ri0~<6f7r&k;FsOHetddC)KyWS^n2KZ;A}$>Fgs#oITk=h$GOJ7L?Zm0+dZ
z+q(gO%d&}muLfD{g31oG3Ak{qZy-&x4znNZ(x}spz3Bq0XK$lR0|fk$(-H%wMARTT
zA+J6%cMoU}r$f2d&Pp+AT*owNU^2Cj@Es8d?lXH5*@<QTm~nfQVjnhsSV>^|B=zeG
z%WT?=QbMwO=r)*T272<NrJaSZ3Vr0@4m1@4H?OV1Ea9JSxBJPZlq{MOIf}PCwfp6P
zE<5(Q$MGO$LOq4O(4F}XCp=9Bm$2tOXRn?QVttYSMfMtU^d*vlGxHlVyUAyi9syW0
zFc?=xL~>AIo*^paQGCy^2E7Ss04^OB!~oDK9~;mRob2Fh(B2e<8B~m+hH+XsXbI+2
znPPd}Mg#^(WUv|LD-3A7YNDRWiPQloZCj#6Q%sPo&bo*X!a=odB9#nx!D+D%Jh+s1
z6yU__Mf<zKq<M6-A8#gi80L*N?naI&Izxka#vD~dg2DgvM9TGc^IO5eEI4#nx|=W_
zQ0WYTEi|SuP%O=!B3jA6hVUc*QFkf<q?AxDui_V0L2S?!r$_8ua78Q{W0|b|Ez6>R
zQcZlPwopbuB3IYOOxt+Y2QFzSx`26n9e_~8h2ZvI=O$rT%9ULdEXtH`AE)yBh1^=W
z+vS0k;e2ayNs+FRNF%qg$4~>EE|F~Ns7K&NP@n&8T}|41j%JY*U%ZHYf9+ZdNJdTy
zYo#@5ByYDB;dh_$ll}+ckqS#TGZlqio#65OVvHhkqLd1iOm7x3{E8~71vu0Q)6D1u
zo7vv!3eGkqWhs3n^GqiD_1IwsVqY0gY$kLcBGjqNi!<wi4rKC&i#o(a$9-RmoUV-m
zQ(<603t*n|AVsqLF#u#}15&yTxrzC4(}vTt)TqfyGsnyrQqHCJU%CT#aw1oAHsl}?
zPefe592RCZaI3*oy7en-)yH9eaQfSUDYAj!Xe!x}c2z*C1Nu3_(Ps307Xhq?$Mnbz
zDzFtu5H8_p#+yJU_gl*ZgBv#ufhGP&3%3Jhq%<`qQV<5192ZHPk}Mfnw>A##b9ITK
zS<eFFJ?%S8lTG;6Y(6wVU&sf@GsbK-yvr3kjhSew5eh%fv0$1N6JR>>QHI@|&n7Q$
zY3!%1AfOq|6A%IWZx*(W&4muMR4V;PbxFbW%7#9UR!nX}kSU?toI;kVaR+z=K-{-z
zf4c4dV+uo)3|~?s{!ykrQuPgrCs)Nm{~KT^Xe-`D6Pv>%HCzJ2Vf0sc%4$xod^oKa
z0?D?4lWrG2&WMJINA|?q4AcNg3^;3dVW$iUn<k4PE#$i1@(AB;oC{LI^tzKm$lCPc
z_iG*q&QI8>&@Jn|Bn~kO3NUeV%CG>~+)H#=(xR{Jg|L_O!ev0r#3|T+1)C~~e%Yxs
zg_`QZP@2aS0mJELAt6EDmYOlm#?FI={#hk>8r|;+9%Qettaw>+iB%Y#;oIk2c#b>Q
z@EjyKD^y7j{(^#hx+YLM!tdS*#c*2O_le^*O{b-|&ALP=o@;~4C!NK^2gI1On;NNw
zuwmQpmskPv92#QtJ+vt&jUhGNFuhZF=F@#X<-sw35|a41P*l{=Xan_w-atKlNi&R+
z4Q2X%LtDkJ7Dm@U--9j$^>w`Wo|J6QPQQz#)6MZ>cdJ&X90+%dJ!8NJ7A{_UqbeiJ
z`1uH=62Z(q9s$9=%&DYz2}?;vvSCtiVFX9q+I8A?TRIj@FgOV|mc4x?d;HP;Z}0Q@
zS&@w20}1A0f`|5;xS^2#QTo3?uZd<4#UrrqBIz~qiAIusD~)7$S=#!?v+MLX)N-Ot
z7k;phu%*;+5-r)=UGdnkwVo8*D7=_f9I6e(<FAUH_yr(MZ#s;6#{&cT=z~i{3vUiF
zFn&nr^4R9L62c~s8af%#&EjLkOcuYV_BwXYvlypV{`Qon@3;<5LW0DfqBv`+b+bAY
z53<P6fN6bG359z#KEH9mBV`e`e2tjY427E+KEtpw#`3K6Mgrq(P`XG}g{mHy-jhGI
z{p#<eP)j!;K_q1pA&&lHCng8@C}<4?{GDdJDu|kmPt>hI#z|04Wf;Zc$x$SuQ6S1z
zue%AY16t^r-}F$5a_KCI(6`y3rmB^CIGRn*SH+QpN*$7RsRj_~oiGZ5$&SW8=dbQ`
z!+aTgid9BYK_xn|ZocI{0Z3#$xKxapVo-hyu(WLb{rq@oV*u+f^Iq?BKcMxxQ~tEn
zJznxBxpTUHoFLmE3o8>#Dx4vV-Nmp(1+x&q?2VCfWZ|LaZr$5=lq;A7)S}e3vp{QW
zNUIgutqnpPn~n_me!x;K_f|sO=!lAzE>WnNIv$?SNkMZ+ih<vLKe=7qWb2bCex<9M
zDm%u6<x1Ba$n9(?Yh=|dc2u?eRXVorG>)Cg0~Q1ppd-&og95z2V#sa;D%hReD11g+
zO@3fP253k4!HQE^;tbKpOa_#NX_S%=(j%p>d}((=D-Y5=HU!mSWm!CGUl9WNnb3$v
z3>si1^pxFw?se4#J_Yudn$G*lM8VGZWUMuW%^Rfl1p!G0i*Dluk&`i{_Q<5^!G7p5
zIO|uWxcPSMxt)1P;4BJwfb8-H6d;J)uA>|}LBYu1#)}~}7d289rz%87!Lk=_o4`+I
z;7Az(NA3tO%c2?A&D7%-$nQl^f9`)@<=~DAvv%IK6h_DS8S?mOl3ps>*}HX0cIH3T
zIH5%4VLLW45LyCEpuBi`5DCPkXQ;bW>nix^Wn1$HHUvF{#mh{)7l@UKz^@nAgXkci
z3Pjl4l34D!?97)g2^Lb@K{A%d9r{L?NO&Fq_mcqTsK5I==%~!VPv(gaiiQORvbXW&
z@4`q3a`RPak7`4AVOK$Dl1xBJ^ew<oCIb^ZmBOtn^#JqR08w&kvc?sU43ba6@3}A#
zxb@I=LFa`B{3d_|Esn0(_$gn85Q41pdg>mQnbvAQMwGqPQT^(>|4;`HOIpiQVieG9
zQ)V9=HnDg+&8`HE1!gq&Z{$RUv8pn1!HI;iXhxt7x+n4~>_BMUV%bPXmz``T0yG;M
zO&g`UOaTQ>U3N|id*McE4tyQ=k8@~=vP}hr6HvgY(`hoDL4ZgKYQH1gE^@15UMs%O
z|2UqMaiz|-2kBai^bj6$B2Z^Sg8|o-TAVMW;9xSy{U~n8(bb+MH#Rz@%efA2Tn<|W
z#q683pdVEb;Hrq{OH(=JbxD+ZZ{H-Nw8JK6=3v^5ROt{cr;WoI3K8S;(S}{ChA^%B
zn80NlMGXmd|4lZL_VRu*+{7%gPh_-Js<7X$o9?hrxbP}fod^c3WPsNmI+(0crI66B
z0)rb$)r~21OQg7HRGdqtq6!}*7nySB=;f1Rh$P>8t{U}xxbcrvFyDyh5L_U2cgh9(
zw<;wbgkjT3#<3SYl8A}1qquCgBwN-%+D&glbS*@<Eo@IGTWX+xUJdk=+?iCK&!X42
z)FQ`EI0`^09GBiddw0zghGk(8WN@P-MsJ^G&u*EtAo$yKidl+lAI7J_dPe+ET`@sC
zD)dy{O5PMs`O06vT7#Tgu)D-<8JC9347Zz-ZC2WaCJIjQo+b>1Q#q;}+6W1h(FPyN
zXZ&|+l|I?31$4n_V<n>7<w;;FsI&d)t|8`hX_|YCzKk`5(k>IFf<@objYfeG>o2kq
zPG?Z3GR;bwg$I|6?@g+zsM=7bBp)ARcbPKKve($87CO!B2Zwv^y9?onha6$q`M#r@
zOMWG{KuXy3LIydB`XlFWRNSIXV4%3QM<BmmDlI-i={=hcdto8Js*JO})d_j}F9E?y
z{PPP=1=^)qvKZiC1gqa5-2N|JMSk(ogIlQ)-cX2p7j*O!o8h2gIk#Pv41B;rT87`S
zJ+%LkIyvgT24}%f^q3VrCFtf791wUu^4fCQ3s3V3Ivq;d&#{rcr-?KkMc3ms;F%0%
z=cB(&3fLfDz{LZ^+pFPMl=u^tSUf)RO%KC)Xdmy}x6({#^3_hw26;VswxlZ~nDq4}
zt$$a^x`OT_1HpV7Lq(il!2&&5FX5kKiF0{JH`x-5O_$Sy6{J`%yNhv*QvFD=zb3gM
zz*1?m_H>LVQy|kJGz~rluYkbgGcaMZ08~f?;*Hb4Xgb=9O?3uY&sR2zrndc*k1b~G
z_JAe;S;57=<Ne5g8aC(8dvdq9t#Rt5U?9giKXWfNaiO_{#VOu$SPITBTLt|(q@WHI
zaP&8z=V~)0%uL#rfP{pE0SyjdCPN}vjrg0<RK{25v@5s0gCfrS3C4|aX*it0MC(EN
z@vpn-UG~PQ$-#W>GD1dt(^>E{Rz4`eA;}VdMYD0HT9U`zAT*pwHXmH6->y&_wX;hF
z0hZGKC3VOt7!r*w_v#3V;8a6drwFe6Onh3lUZr+xDh5u|cFFfSWOG8cYgGq+oPOW-
zsEM_RZjv$DIx;TQo9UJ|k8{3G9fd()cf|rE;vk*asDp^D9EGcl3TTFIU`f-=<Q-Zy
znswi%hIskJXun!2PYKQte%}FVAzrQr#qx@&|GRuM#oSl_+WcMul^&EH{O$DPIM6;6
ze`Hy8M~HLKRfTZ7H|{w!W??TEb&L%2_2Q;Bk~(cOy1~E4K=S5X_nY3t5E(ICJZs@{
z`X)8dA3HJMhRiSkh_-2`+SG%yb)ZKqdr)dfU#6P6=Fv#Dx4tDQgdSam2=Z!~It`?e
z@SA>nm<ARa$%d@2C?=gNe6XV@T-K9SQ@4}pt#>RmT2|JQIa||cc#d9x0z_|EA{)!M
z+i+kDCalWRk-cSo{1&OLiV^&7bdDyr(pt-3nI`f~QI{aU43^GaI`P?U`Sx2qz38mW
zWN5-o*%XHo#tOHJ&SVk9R8MqCU<BU}rz?H(YB=Fr9N-YCJ?3Hw(C0~=T&n2eD04%0
z0c%;I@)&91d8ZjY$O(=6X1()Vw5Jpaa=5KBj0;IWw0p-^zK%aXu9g+4+&v?1o6`ZY
zqiLo~R5>$9zR>L1Wc{S}awhV^NzZ=!oKOu(xmC!o)f<p(uxq=TRx4C$WVBnyh`$g0
z3coh#PNj-6dPui4*U88H%{2EWHU|zH!5s6jK>0|VpBJ0p=m<GDpEi^g<Mv@-rzX`*
z3t~xBF5Z+xIvQ=RqGZQjBSn)i#Qy#@bAb=}p~S$==Et8CB9O;PXz?^2mp$ST{nDI|
z=uqV+$ir7!LD{KJzN~}D#C~J|DHS0TIgFBVjYoUu&&}=2Aq%?M88&QgzG*hxhyZ~9
zkQ~meS!ylJ%%P$21a`WU7vi_2O8H*Z93VBqj;M^qaeT8UA34KPq528b%wiH^7rSf!
z4B6_A5FIU(fE#rS6EfJ4o`~p}kY@zgPy`sn&1_}vVy6QVde2}0m(1FL1=<gPpuZ(m
zF39tW(=EA<{>;gZ*UOS~V>_d1d(vZBy6ftrX={x-SA$XEH0w1z6&;#NysAi&zBn~O
zkvj{QG0b;WP*&lSUpt^rBO!s4J&FNVOg8mb*J#1G%Vo$>uk8COdpbKidtDM6)sDEi
zu9eJp*vB=?E}Q^Jm=fE=?_#uH?!5NV>6gZGO}SKv-@;;6<JWRpf!~JC`>fgS55*vW
zu?!^WnN87>b}bm$z1EuF)2KJufvd{QBDQJ`1;j?;xBF+!cCDLx4zs1SI4cBM1Js2i
zS^@k_GR7!(nBZUcv%7gR4#&J;%VJnCqm{Kw29>fJM-aTu-49enBr&ZqwJ)i&`w*)n
zVHMg`r5VV_F?OxvW^KlYOqJ7STv@9HV)GR(2E5+ZOujzKwPmr2y8iFzZvPO64XP}l
z4ntsZ?E4B$HGWDz8kWvao2gNy0&w_x6CWI^A^%*%YkD>tvD4KtORI=1P6Atk)4A=a
zhFc2N{}$UZ)6W5igZp4*tiG2Be3c*oEOF@F+GLQ|J<G0!4skV3mxk5k_Ax15xA?Kl
zVOD{v8Ok1AmQfS-3FuaQw%u`b8@>G>)+#A5bPMI|gebY1VDsbkMhmd4?7QOP^+J$8
zEzx{?n?6j9ZKrADe>wxHXeGs)Nia=@KbsDU1r=-~+XNWY=F5hukKJoufhlo%j2J~`
zy2|{8xkknR7@d<x;yHijS^D}FY{bQZEFX(qByPq291Se-3{Bxu>&1bIn!T|>248~h
z84HnRm^dvfz9}rRu<a6MS6~Sb(oNg?J_@)7uQbgu@~0_4JsD0D0OZAnSUiE?WrUQ|
zY>d!e-CFAe3PmD;#nV-Jfc7V)mSc4yAO-48_ze9#1EfZ;s*z#OOQ8hebGdd;eG@E9
z0zUp@pm-P@U}i48?^8QUni`BHmH@m-6CJXgoiPdy*v^WG^m4k-3l2z=*IoY820TZP
z(yuv2&`ap#_r-6X4#}8GEu~TIwcUrL{pT9p3i``GZ?~oMC>FD}#x0-k2u;000mLEf
z(Yzk%=yzAF#b+P-A{3Zv)ETwrS#z?`?a$u2Cw))bc@_M<|Hf&tx1}}yXPz0*)Y=tP
z0d5Hi#-NP>j+)hZ_CZI!(ZxG5A~x?Mha^3+6A6L)Vy}A&{*=}w4Xf#F>$pyp%-60s
zP`|lR4)soVRa1Y=bO`-!9&&_;`hyu1q#j)*R3swVj6zMvjGr71X=1SNP`6$)tW^2V
z<xleX5XV(l5F@(Iu-kiJsjKUPpHky9h1wA|<}O4(86z8dpdmK<ac7Rv<>5%H$TX!c
zUZ)mSztD8SKiutv>}~R6R{QPB^SrU};AY6vaY+K@jlZ#O^<g2zz*q7HKnWj0)#P>&
zFrv~}lYII`T;}4-sH1*KLnB$U1jtDm3r;>8NywAwvSKby_ZNY`KxF8r^VC9FV!{G%
z)ls!iUNs`K%Qyv)qJxpc46hlZxwX|A8iHKx5W})HRIM#%!j)Q*h~<f366P^*hTT}>
zqHEV2OXlbFVB>4`oC5Kcr!G2GXQ!mt4F3T>%Osv2t32Q)o%WDn8sAh{HV-`Vl60Tc
zAs1S`51A|@*wz)8KKPK{sq`L0C0JXNrefFYXiwPNE-;y*`Im?k>GeX33d0$tJ<GcK
zg;RwkcAyJk)wZKg5t&m};Gtm{!_UA7q~lTX<@H%2GYy4=e{T6z2Sx9ot(-8~_Y4?P
zSW8JG1=HB3^2SuLvd`lme|+DRRkn!<4YM`J>|$tX^63fZ?>?J>V(dqFcieCF>WjIY
zdn=CCpBcl<ZYkVs*Zq8qO<Cl2SI9KIv>%`P9LfjD#;D%13wy%I>5bflI!3}Nw;u(c
zg9d<U!qU(HUL#q_xe#%f6aj>Q`Cr9jKf*^-sjdvQ=F&Ay<t`#{1UXnm3M`@VCZ5P;
z)C2tDtEt0}TsE6?0NvqtNQR(Xn_;d-kp1KvChagSD+Qe47et(&CK%vc%L<MSqcj}v
z?~j~Z*`fS0EB@&AtQ>FQuS-J<%+76`>=DE;fShY0!yaT>>^V`I{ZPxVH5E3gbec?5
zH3Dgz#_GfM!?;zp;v+yN3=>W>n$m5Hm=e$C&EkmFKT6fc)(u(0*oiMpB#7XmUaU{@
z0XU57wpv3r3`V`X#Egs<q(8s9_&G=CMdqM<{?x><s-((<v!zNJ!_ICjO!5mw_T(<`
zr2>stF77t}*L>YYs2gg+`N@4p2Jv5oL8ia}ZsCZ(3j>MErG3yiS@)()F=j05qk-gw
z$BUo3qF}!$UII+y+aYT4m){IXpqUuX>&@&KEk>f$rkK>Wg+Xt^UkL)@Lkp$<u^aLR
z&+Zn6$0uyg`uvSwsy7l{atRfgiMrs1^_OHP)Z8Z(6={LJ<+f%wq9r;&={ItVF-9}t
zpB>fs^O<xe%==U`v`agLu<gP?Z}sbb0QPiz3Jo<x#a}-IQYVT-Lp!8U&eEF*1^%1}
z1NO#qs1=^E7~l)a;)SR2`IIwo-t8Tma}NXP9aS?Xw|roj@AIy*n&0^ZL5eRIx0KQ3
zwXT~bZf0Va&`l@bgv*wO)x$HCMFD$f!?HVC5&if#dh205`SC5CBy6k#-wTr@j0L95
zgH{BRTnenB-nqc}q&PP^vcjap0v?yLOoEZ@xg)}+0y_l<`jd(uVzxrR*Z~BQJMu-(
zTTwnR46QEc<beR$5J^@nD86_4YJEfzUf<*R8X6*#%sZ~IDHC>F`4p|%6CrZcw+<lR
zL_`qA>8?+>q-i?~341?qY@6RABlC4ksifPP8^|C#<6uiOL@o(n+1&X}$JnPOlgw>?
z)U{WnkJK*AekDsg6keAAHD`O5!2<Tq^!Fgj6(~;f`B%Gk)dZTP{eGD6rZ@bkzplrl
zLU{3SapQ~vQCWY45;Q0$9`9Uxb?7T6yj@Oh8NR@6d=%Ujj*}byARnLUhjT+6;dW(k
zn4iRH>_}%>|4u#arC%bM7*!}sH@li`zI4z3q{Vp1Yan8EjF#Z0=*qH!mul`9?CXs{
z=Hqcr!+-dB4xw~6yYOP~E?V*Rfy2P-cdSNpk8q|t?IRu%gxe>qO|8?THfp9^JOdT4
zmGb%DC+v8?_yU@BR{ugAS{SKdfYvbq?PZ^^NM5B?s^M`c)Xc)1YJ+LZ=imm&XR*A5
zVw0-zEg>>Zco8d%iSqn(eP!l+dSaI#R0@PY8Zsq}Hi~!f-Ejkcm;THgFFe|Dg;!=m
z&O^QpZh%FWCw+arzzhKe7MscX_j{twVa6_8IIwB<)NL+f22)d#An#_fd2p>upciBC
zgn`EIxeCid**s(DgN|5ZYOhpk$&W!WI<nZDocf)6^r)|WOwEU^7%M!bIUV&$7<q=P
zaa|jJ5}1x^7}^$5_XCh;2B+R0(Pbr(gz#iil3VtSKVCTyOflDL?BaJ+_zCon1t7rv
zCRC<z_4q}f_x-(dcvc_dE$@v%H=@at_s-du#-*uPsj|%SV*LHDz3N#`zyruxF2`Wg
zcr8~T1rgF_{VyuE=*LL|A=D1cEJA91Ojbli*|LQ11g`d<nVHdzqequhg^53M(jU`7
zPWR%*@aS+#%%3V0154h{Y5SI1SVS*$D8e8p3IhmDutigJ?qOtA`dCAx1vArHik6s^
z&$v0y25<XnuvJt%fZjUSDzf1BPxQeOO=TnHc%E!wllLt-{jADde}OZxb!HU&r!`M_
zHKd1{=*bQhTA`&fB-p+t?R|Ip`=hqdXE5%`8|pBw2a9d*#~aqKnX1S%1DG@LQB%qb
zu!g-!F<benwsf%xJ~SD*071ds$s*?~b{sc-i)FYbugjtI=H@Rdah&*>J=ohu1rN&H
z)+!}_qr03Sv=OfRqoC3%r?!7beY=>hc;CH?p@k(}qnR4T!aTLcK275}2yLL$Hj`=$
zyNP^GI*Xv_T?DV}QC*aBx!AsF2z3GluZF;wD{i-|^WE!=tglBqX(g;RW&`DhvPi-$
zEYa)23kUd5>pyJ~Vo{0kPOScg+gtFC(R`$;5aap>?4TeUZ6ld$UY~^)y@<g_9<JAv
zc|k%)dy+P7eir2uTb4O^jxzaNj)*K&%vf?#F<;R5-7m>4urs|Bv#_(_N?5Gv?D`P$
z<18N$g(Mp3B`8mhwF`>vz9~Ao!A%U_{mLlq79_CjF5{U$R5Wo-V3b#6Qe0xehDkY#
z*s8wYtqIgktM@PXcuH-*{YJy}2PP(Yh`8JP_`CZJ7myEQ?&O;4BZQpISNue9HbsC_
zqwE@S`%Z>l#G?#MKV87vFGC^qF%@$2+v_gx+RU=ybY5<zgmaRSVz^OrgTAsr?0AK&
zW4y$!>F&S@_!tsz40e)jA8v>I4jd2c+}4V0Un<T~;9p*JuCilo4|!XKgE>kP{O?D)
z^K)M~*Md)s&aDcgEEJt>u8fINT1Wu8N`<>CZow2^U%UbSmiPG0|6o)^3|lka54?jl
z9$~0{@&M(r!S-Ltvy6IlVG{1$%<nw7U-G)d<F$f_6^ppo(97}E9chaewWFCfkhun|
zeqAC~%w4{nu>T6`z|QOAyAU%xYB3prQG5&f@NrNPth7>)>H-JIuwOBRoN?XpWxwZu
z3!msnwN+d5uaP4s+Hi{XAzhiy={F|bSaHep$9{+DoU~$_hohoG8!n6gc=<dH4lpjT
z^D_VuI;7!zx(zC<MR=$XCLodX(A)D!3JhNomhdew<DMhcqLO@!252PzLin!0ecvH7
z`3f8|bn=i$ii>cJ*xKXco@+TN66!MfDPc%XLxLF(M`L_MtBBwWl@3R%ecFWs`&V3K
zpsjSUdhR1-Z0xwP=w(J1P%$;v<ND=CuHb;P<L3h>m9>D!^*%})mv12vQMu$a%qcz2
zd4~}vwq|W2Uw;5QZZld~-|nsU8$*0%JKq-6?jjW4Bc~_+Rc!LfQp`CNPVqHQ+@krg
zR;g6V`B_Mt;>Y>^@#qN&-}l;QxIczT@O96>{QI!+EWLr5>XJfH?~)r?;TVbr$R9&i
zBjSxz;qO=_(4SD$7t-(3y7*0i>>y6=Pp!WRM^k+p*k$nQ%BMj4B{#bhe0)~gLtEjm
z^l6stCR$HTX|Lm$gx900)dNNEh21kNRHtm#kAs?V-N5pkBR&ghVW;Od@eJXwg~5LD
zu3LMtgOo5Vm|>z{(wsdZ?e&>_k7~IAv1J=+V?>UlolPY1WSiKnfxJ;&n@ss5AB22&
z6`2~Yue8g0_LrdBMQ6d$T6oIbN7*pHWLZ0%)Cpl}1POhsK6m*}#oFSytmD1S;cQ}c
zwcBo6^2@;068DxcXFnW_Cc!QPt{8s}#s3qL3U2i*u|!BhycO<YBW_Xm#0&J$OVlUW
zW1pdo)Hmn@>;v>rY2Tu6(fJMYH)JEN0$p!xzDO&im6Ag~^32%dX}@H5Xh@J6k0~_^
ztXe2&iW5A=ppcbxZf`J~gre@)dQ!&^^VXMxd3pCfv|H1?FUE?GzdY@`x9=9f?j7+3
z68>_;1WOHD)cwKXfuwj}EaHEc-LoGa|E$#*dxzoo`2mw1@~CUO@~?-6fB%fHFIs>I
z5+o@~TA@&7xn0F6_5@H66&ECy*&W>2J{t32!|<S*`;mRV_Z0%BpY{-zX$r}|`1Ul6
zR%`YBdYI1b$mj9_D)sws55bGoSXKd~r6fgZH^=HZaFT<a@}!qV2CArxq(1G*MK9!N
zcJcJrJm=TTRcITUuD%kcPyeXd`yaokHQ^^QV!c3Du+)~TrPYiV`lt*9A-a+z2RKm5
z)!BX>oP?*QrV%JlN9E+R>`~Wu5kKSQO%mdjCScmCu9PLrOVX5%Jc6WYO(6-C>ig`?
ze$1($KtUApM0%nH(WuK!Su}3zn^cyX@-8228>Rtw^U_jTPfHL{L;V<1A*QtdhMnvP
zPRf%41yLZCd=-CYyLXGi^L&5(FfbdH!0Nac+lJ}F?N~v@P=iUDD#4M0q$CMSJ16Y;
z_*im+Cj|;Mn?RLx25;G>rQ%n!hPG~4ICw(S&>U?Wrja=mmOMGZO;gP#7!f2X36umR
zc6uuQJt0pL6slH%D(Q6I3-bXroD2rtC|s*3im;QfcXK(t-7ZVF)61J4_Mzc9ed_XM
zpFLh-uU~@`c>*YiLc7W5xxMhNu~H|Ttd-iZeuHh`x9_*f()(L%0KZY&ty7l0D3UE@
zvBSed!D-=1fPyHHqH>AWH@n<2{!bOTx9_fl`<CZtQ=CV5ef?vGyS~P`sME7^JLGN$
zI~cJZPgAs_Lmo}WOBnsw!2vjtCx8;76sg41+7lk=%gPpy?DfL#Vs&l8+jHYFj!VsM
zIA3=>#v60$x`gXM%8FD^hC6n21Wxcopg;<ypeo^-!-?C_DZ?LKbnR%ZU=NyFN)tHY
zXz+|Sok~i|QmaRAfut*%Hhn&EVy|9-6Fd>9m{juZTDDoKse(~2@YW6pac`iFCv=fI
zoO5=W(Prw1$SCA4?pRg~1A|G5sx4DD321>=tun`P1SbLoQRp--SxkX#8vRAVAn$Du
z21mLJ&cl$-a>-_Nu1FYiy8B&D5vCPKs3ek<5bhMPVzCHM0Chm1$W-Fh8(~}5WQ|dy
zzezRGg3~Y`pEYGqGMXKqb(9}2DAAuTO_dN`lhjpdSHxHmIRpx#$W-#xE8(5jMEzON
z-!N#>%W_dCIJxwCO%_|sKwLpdF5}8NETxJOK_W>+3FR0nu7H9lLX~*?hHuph$efho
zKFsIyKOaiZOnSmT_W1oj)6H;Z{2m(iRjYM(TGAdxlthc0;p{C#tDs;C9VOpRnFoEK
zuC@#<ZhrFd<NU*e_Pk28cg6rG+QpvLXlFHM-X6_yQ&$s^P(cJr2$)19su<^dn~rrJ
zlyah4OItQ~oTFdob7*?Lr}!-!Q6RE180|r$w>?rR36#jvBT5Prc_LDAPQss4k2kcs
zDDeMl?|ws@y50beU%j_E{H!)@l6os`?=cm%)}MCS6dNW(Oqd{oU`iX2Cg6+0hQWr?
zq!bEsEJU!gjMj;c{aGssu~?+Inu4?9n{>`Ns<J6+1xIDR*}H9T_nezH=O$_E!1Oke
z=X1<yuJ`SilcyRIh4WTatcpgVCgneg9sEqJ+IMblcCxUdKzR`^20F6L%}RX6Ei^_(
zW*wzV0@Z@m>HyhAaTUvHN7eTAYD`<UXU4R3Y--HQTv9SbsDE0?(o2)#Ga8;`rxQD$
zfTd{7{~rZ^uYj?@8e-%*+LQpq#5gnrw)C;qwtc;^6trwGa^8yW?&#E16iSYJ_Zu}5
zXDJ;uW{J?G^76f#{C$1J&Ib5D1{NY-Qf5p}r_(yep*xdpL%FmI?A{=!xxJ^`+k??)
zw7<Xql=mH3;~D)8jv!f%Tp5>Vubda<Z(p#FElwJ59XxMV{&+!WKL6fa^hCf%l0qbL
z2CkaL#8`p;Nv$*2Tcp*Xre03-`nsp4+?U)T=qc#iCUfFY_@4nfF3Y{JJ)@T=U!J57
z?^BvoFJg4&yFu!YD`HVoKw+oEYsxB0u-om<G;5A!j!CSy7#cuLy_Dwj9UB`9g+jg%
z+qOyEEjlVi=n10)F-g#m5`%`|BFQdnLv&P5T%~u6Zvh!d1<#OiE>%~vm>6dUt4=D#
zHD!iPV2>uIknhW2&<i2C-R{hodg;uS3v^~$jcFEQ>ZM_AOyd&7l$75B1)Ps&N$HT_
z4-lH{De6z>d{pe24z?Owc2@5Id$vfN?^CxMV)8LbO-wIOPV7Ch_XSNtKX;@E#Ka!*
zU@9i_5d5W)Z8||}P8`IPV$Z~S(kG@WHKy7%88L-IUTEp?Ht>HbEkeg(pM|lgmri_5
z;U#XC(ueSb#l*@A+`LZ%aS1Iu?a9PJOq`uJ)ucX_+g5pZRq0w#n|(5|mNwcXt;Epf
zN%jNAqFb%hf8@et1^S{BH|AoJVi(|QTG9_DmD!U}S6A1RLzk35g;bM@X?;spOspld
zv?#eukyPfLvXrKj?Uax{V-u$t!0YBUtpJG0w#x)qOa^rUA9#BBfH`;IgU4$bmUZFM
zFk}(ZpHI6IQ3-|`+v@q4xQ#F?HJWqNF{DyiIwhprFLb#vrPb+AFzhimm_RwilpFsd
zCzE0Ewd^Mot|jo8v{oc0RO}$86$CMf4eLPpZYfU?#?&IAq9>H7vcI@WCywe`aZ~DK
zl2H-kF=g2dO7vLTn8eMf$du%Om{yP)Qzfv7C8+2L1Yk_)O%WiF1z=3*b;tq)vXUI7
zwaSiFpiCjCs9;QahcG6DF?A)niR#H@GtqFBbr6&bV{%2{lN~=i_X#1M8^=fn*I#Fd
z>h6z+h=!;0I6(`*n66K}d$f~=+lZ$%vk|xzB&v%aXU23AV_F!-6of58-GtNJs%y@U
zX>&8iv^b0j_Mvc_=l6E<Xpqt<>55Sr7=c@tdTHOOR7{>B+Bc$RM~_mBX)zcRfNxZW
zm$|N2;r_%m;`%lI1ilU4HB4_?25CEs$@TZ`)3LrDa*<9y8N`^Df-$}Fx3QR>2ja~H
zbUB~<KXP3^!v>@vi|HFWZu+V7xaVw;@ZoAf2v4Q}JDKKQ%v>?r_ou&&-QqEUzIM;R
z863cuhB0{tP8>=dIA09=+aAz%@;Dt+l*RObvYT*)CsP)TNz}yjv{bs+8t7q-xb9tZ
zy$W}HMMr-4U!cb|?2o(d_VuJ@rtmM0M7L`=5Kj!?%*0_#VmXg#n1ay`cIv>)1kXo^
z=VwYkXbpE<pXg+l<Z<e^ISLUyx=QK$crtMqQ$r(Jgx%2$dl&3ZCuwT#avUP_td0_P
zORy3SVN8{c0?7k}F@dUDk{<|TGVM2!JU|!|DBV{<@&I8>p!7f`$peHjfzti80zq#M
jV*;kC#>R3{LB;A{gY^t0F~%_%00000NkvXXu0mjfw$K1^

literal 0
HcmV?d00001

diff --git a/docs/admin/b2d_volume_images/add_volume.png b/docs/admin/b2d_volume_images/add_volume.png
new file mode 100644
index 0000000000000000000000000000000000000000..ea2d6f6e79f07aa6d7ae29641ca63f351b0ce556
GIT binary patch
literal 30506
zcmYhBWl)?=u(k;h2u^SbEJ1_2h2YK-ENF0dciljOySuZvyD#qUPH=a(-7oJs-;eX-
zsi$gcYHE7!zPh`5CR9m58UvLC6%Gy#LsmvY1r81#2nY9W<^#gNk<o1sEgT#IoRYk%
z<k{I-Q&ZFK?(W9M28_jKb#--bZx058*}}mc9v+^ao_2S4H#ax;^z_Wl&DGV_4Gav7
zkB?7GOl)s&kB*Mc&(BX!Pj7B+-re0nAdvO-^`)hyj*gCZ@813W`}gSR=-}X>x3_m@
zW@cq&rN6(wp`oFrrDbq%5DJ5yoSeM9z17y%4i67!Wo5OswJj_xq@|_#`uZ*|E?!+-
zsi>$-O-)r*RaseCB_}68K0d1YKgPz!zP!9tR8%mTKLAT%QBhIH$H$yD4|#dHa$b+-
zW@h59j{=U5g@uJTZ!j<z?BL*_S_{(wUBWmWXpHaUdoMe-uF96~Lpp9u!X9Cd&#<&+
zgOJDK;-b{aN1eb&9Q6}DJv}%$86h}0k+}QP(o*Lh7;JF|Cgm%abpsQ0FCV(}^74e8
z-zq67slve-w!@%17ckvOI`{FxYZ$6#9incpbIk=`;Q7HLbZqa2R5A@#J>;_lyV`GO
zhJy?3*vRR-M3ycFD!Z|`AH$-nCB-B-Qg>k%i30pz&Eeo+qpPr%iS5(#cVAN*|4HGH
zp0ovnLt=p`{ecyATaCe3?6P67o3pbmSkD~HGZ&uASq=_vyC<|c+X)WdX8sBWFzwKL
z2XC9vNDB8ZFgQ@nC#!kt%8Ln3UAICwat8Lh81^_3FAQ(Sg*cj|#Q6szuODMBEWjmh
znD5G_nznc~mDnA|s~pjl)4TlTXGm3)A*b(>+n-0s%5J<4hk420uC{{KhP2(auEE|W
z`N~r`&E$dd;KlCrjHcd(&XH^lxX!T!Ke_kitsO{?gC^l6J3C9zx9zy9HZVxRuj`nF
zm4(Hjr!qIpH@yvs0r;K%-TCpv>fTehl?;IvoLSaXa<Hv$*~IU(;;FH2&+z2*vRX1{
zxSi>8xKCl~88H6$yh}5^`hDj`kq=8HX5Oki0BXughj&=2Cu<|m(YfPJ7C+L_;YN$$
zO?wF1PxM+J`;)dsW*_4Bp@XRpIif{y-t+7*AvoAiOqlOCdgc0II5_7$SqV{9k9Vi)
zqTy77#LOByNc1t-$+=f1^xTd{*aJMoG%YEg{@4%Gbnc~`K;e)hM3j_}b&++=J}?~;
z)LYr|%%D<d@D!VW91S5uVofpRbThz2O9j4SU3YpNTS&RdI3WJ+UzodnnD@ST(bG^=
zZaa3Zuu7BzYn5=Pe>Z86s|do!@&BkYgKh9xL{^ok7?BJKp5k71c(I_#K{NgUOAG4P
z^rrv3nBaRtXQfXfBblMTEf<!Zh+;d1LQSSFAv-`Xg$t>b$Tgv+fin>7X-Gz;Hq(sp
zIf9@;#~(J7Xz}%P*~II(LX6;Q5lQ8DQ&kwb^rKUWYNIIgWTq7Ru1CjZ6DB_R$Z~C9
zz>=Z+_<?>z*hZ9K&KLGX8OC9&T>b<X1j;-3q4Yl?MR=DLntF|tsDj^(W6y(NK-h`^
zDuvmyqL(vGwS*85-#HFPyorJyg9zo%y5lg%HeRek(-{EN`UrTtp)>0RG&FU<E~;T<
z;NcTZ>p~wt!Os=;Y}S69-|ZKQtR+jiKT0q)ok3n_-(aUz2g}RLvSPcJHmzIHE3iRf
zVPOH%D0@#>)5F`QN{j(XKKr6?jfq%pcL6|xCLr)L7J5zjyCU`yR&XCU?GrZ7QX|ZX
z=UEEGDa>=land2gPdW{A;9I|xK5KdizPUWouXEJ#F|>31Z$W+KpwKQHE_{zafA&TF
zWsgu1N%L};;*mGSW!yebrfE8Hm@*n@-w%3D-IKnKpZeL%sH(NrNu#7`Mb_1Cu{OZg
zH%~vWRJ|N5XP3=O{dfqT)n0?0`N9BSu4u$HsFDI?Fd}J?v{330zlza}x_@LU4}sTg
z62VKMw6k4>j%r=Zy`b4%J6|C4F_(Glc0dTjP40(|Uq`TDL3Q<r-#(pS`vT9wuchY6
zxEJ112g{pv!V<TvYns0nl<lL0B!iMjp$1s!Nx|fPA9csCZ+F)eKR<K~rL^3fRVhrN
zJN`TenRmigts17v>rW>B46|!tkdh-7w{@SS-;nfk>E$LdH=aQ<o__OAyzxy2g^!jC
zGVg?!KXjB7qYBTAmUn!q-I|ks?T3~CsIq)uv-A@)*QIZ<S?Gg--gehxpev6(NW$*`
z(xQvtK|agL{mzD?D!RYB?}G-zXVf<KWw}7l`BW)*olT%!08Jn$NnbFmIdJ_63Q_S7
z8?NY|s~Oq&L(KHTmLEk^{x^QQ9M>=);LfPk7PfcVS?ZG!iTP&FcqG0lCT|_$#Z%gM
zsMh>Dir$COR_N1qPGsrT!SV+UId0p+=Gh6ygzD%1<mImY<-k&=i+1mWi8i#i=$wVO
zt>E!sKb^O4*6(42{u_j#ihWG?j|qUnZHDvFWzizD<2wyj-O>ACK>zqM#Ss=^6&Xg+
z8tmK$ltB}6)IHp#4BzTveiGT8Of`Z3BfvVST4c_l!4~ucY3kSSAX2Dkxvk)UC+uI_
z{4qd)Ns;oc&0d~^w0%g4x?w{&dQZq{11s*+fh563TkQCHe{Oaflmd@r%S8Uq9rH79
z8!m6$Dx=I87*~VsW^Da#2-%4JSNIJk{JGgb*)H(U7Nk(#eO+?p(s39s_%kBG5#`Dp
zxx|k0!Bke(elgp8_%9P#Yf_De!O!2w4v&QAd8nzs+{o=ntZy7xC8ews71jgcBBjJX
z=go1Ms7Crtb$(@Q6b@m+MCI3XgU_sd{qD=NbkatTacC8B8}D7dne_F;3P>Vy3+jIG
z0#kU;5{gc>8fUy_BgIN>M4DKMLM8CqbOOI@Iq7#8^_cC;C`jX8kt}N1;A*@5?ZN_3
zPpIs-7qto9Ge)?)GI!#B?I*hc@V}<64_jw{+F{-F{mbIADd>GMN~hFN`2_fSI8sNw
zRtSPZcX)*zsXjz+GU{qHnOp?pW=!`qY`WY1S<-%eEV6fkwcWgdDk$L=SChuyQLD;2
zQhN3vk&0X4rgE7ymSAg^AB}0`IjutZfS8~=&7HO8dsR}Yc)SVS-PB$p>Q=aW;>zT6
z`UTi2?K;Y~;FEi`_xZq4Y;oQ<QvDl!J&eDO^_|H)Z{jz4bpD^Mju^-)GU0^XE9xJQ
z4;0@OyiYjne!CcZfQiV~Pm_nqCivgSRi9+Ju%b!owB|0+rlh|uGG0rFv2(_0KUC4<
zyQ`#I;19}aljhaP7LgVeehg~JtSng|9Uw^@U}#WQt(sR|FJ+05vN;+5sjD>`QuRa^
z8RTNQL@fnxH@o?zt|;*~!n)B#LpMQvHmbD9aYi{Zy6zzMJ1J6pRhz&j48b&CLUU_L
zWFhwT1147OWjuK-(Jv4_I=tg_vH*6O(s*Of)h-&)^e@}8*C_N9QQ{c=?fc(mrnk?=
z*1!Mkx`N;~d-Usw-vSvQ?8P2N+aOQN>-Va!l7kEXPI>c*@WnWSK^h%VxqF6=ZB&Fi
z1&i#>ViA{^*6|$pOd%BVW3x{eYy^oU<A3yb;}V-u)mV&|vafm9qu&)`iLCu*^o6MP
z^O~>d<i5P3z!GMiXw><d65DSDh^RnXNr?G2NVxOu^~!MmVH0_&0{b%DO(F(?r8~nj
zYAGPeO$n{#{ekQ|Y*DZ+55n|sC%)>@n~zG^Ss@@#Pha1s=F^vpd{S8iYsCAtguVcR
z##sc`1-z=v(x9?<loD{6eZ(*EJEp*sMmo?(s4vm97c1iIC_<oK$IBp(uA%yvXN;+9
z+i%bffs$8<bznRM6?PMn`r~Tw*EHDquD%$N-wN8cScd4leyOe$Bdrzr-wYzKAWh<4
z#4STpN2x=Sp8<XNY#u*z7wGtss;}7VkE8HY*=2P1Pe&4|7K*$!a9olWv`MX`e7b}H
zt<GOC>cFV5@{yne6}AhYT8-VtV;{IlNLXUzk0-Z0j>(U|&nvZdN|9nVk1~3%y3lv9
z^A$D;(R;Ypah_bQNM4?bA0)7Q`R+XvqtjCJ$P4q`gnWUGVmG)Q5pw{aZ}0SX2#@w}
zW(QgtLHYTg%8=O_Czm22qPAyCOM&m;L%-)4#8zSB&@$ne<GM)o#40KOF**H9Q7{)7
zR{MnjZKI(=BSWtIXNQ<v^c180l7w<cUNKrhvGf@wPB_amUHhWz<ZtAl;i0b`12@JT
z4{ttM2YxJ*9&v8GpW<Q|cM8*Ga~37{?W!I{&-$g*GFFCUGM@I=aR=9c)g<!ifS_Qp
z-06Qsy>d1yVn;`W-y3aE$P{1Y3sG1FtL*_S&+CEKrNg<C1mc`IVD$M$+Xg8fp{4|F
z2efF_aivR|ni~2%AOL`PznRv)b2)I=gH1d=eB;wl8P75Fqit76J5)fh9zM<39YSKU
z1v>$h!1JVb`E$$x^0DKcZdik2rE)Sq!jOz>l*STRKZSSDXUP{Lv3_}IzoW|QX_gE0
zT|&%v^RwRh;HAz4`$%dZoxQk+7DlEZ+jwRAI^mk8gdka1Q2dF%W&l<h2<<pZZFz=8
z#>SL_=zJcY#cc)>FLYqS!x|4Xp-S3&9mMv>wUrap0TJ6|qIa{$LtkbbN)pSM`4~5k
zQDcPsz!(8coprvFxUu!~-2E5x1{lE3MY`XK&&O7so>L4>m}yUH#n8X5s$+OOZ$T9c
zwg*iN`XX4E_anl=gZPMe)>3n^k&{;fizue3DYE&RCLGHwxd(&#<+}{}36SU4iCz4B
zx`M(g&Q9Q)W30DEr}G<(8kS|QdT$U}8kM5GU@=@dH=ZhF`{~V?YKD4NzJAJ)W2Kbo
zo8y9VK5Li9yf;h!BC}8o0Ebq(7XekAh|K;*`d0JnC*UlAy_8S0#Ma)vQ7;4Ci%v1C
zfu||=)ln=waF*={Nsmx*^wOgPY*_YfcdJ`yECDlhXV7&l>Xb-&`H91?=xeS#itX)B
z8KizJaWF=q<_@b+d3hyE{f6Ihi`O_&NXfJNP}BV8y$5IqjsIr-7-s%BRcW4K`-g}s
z5|_nf!D6FO6px<GipNiP+h-Au%~8IO)@2$<-<C{7^+v+$ZF}|p=!+NMug#gb>3zD_
zqxvMwg5TXPUqirr&8;2NR{QOVULA3yV`oh~JUme(sUAvbNbvp?Zc1I7rUy;!zo&S;
zzq7~l`<2U;lLea}lwAqTS;nkOQn1Oy;c-XCa6_9SuanDG8<6*Svpp)KNOWr))j;l@
z#&4kI+bmE!pmRZd!l&t3|7G$CJtw(2;`#B0i+V8EF=B*whfF7})^diEvjCT<C!ioD
zTB_eG5)>eqcA3cPb@b-RieYKt`{~ydpOJrGO}~3>mCSiC4x#u0F@&|$`ZlEer-;Br
zg<VtU?f&)CPYknbFa7#MunpHQHr?6VUsC-qr?0ii&t|YgEnG9yXOq{(uFK(^0po(m
z)hDZ0Ojof~99b09+!+~+T)}#tD0uB1(5gqWJ=r`HCryu#+CP{|q4wG>I==HNof#-!
zZ*-5N4=0{5Z?IV3`G;FX;%%qy+>95{l64e(o|ndC7g{@CLdW#Uw;@W-Xs?gq=s=XN
z?j<seh^!7K(D$@Fj@u2dtntNc8lRN7Eht2G{eUb>rnh3_b@FOx<~7^~L1D$GY_1fw
zA{}0Ov}G0aFiE5DyV}7)4$La?(%lw-Fff&H1bT29ID9FrUD4j^l`C5vpHcP`uwPI0
zDTUhk6g^+;Ip3W*m)dql4SssEyBmCk1^b|^-}U+Mi5Uw4i1-SY9dH7Yd5V$>lQy)=
zT3M&NXT<A|#IrB`Lzj2?6i@YV7?}-_SwCyfd@;-CJ$O83%xcY{xngVYV;PK@-8ZKi
zHkql~L7?ka7;N$3*U<8y*2_y&NxVK%-f{e+;re|M8}sJQ{LE($Z00ALN*{DJsI(k|
z6(+kpEiM2WxS}z%x0D^}bINnw4c-kO*Xmtfe%wql0MqrqA&u3)75kc_{`2*&!9q1?
z4he#&bf@;4XT^`s-q&bPqiuGjsc)o(;?r;)^^GR8Wb`-}5xZAGbWER7h5tnF(R}<a
z!AQ^g8O8S<d7MPJVu6R{RfbBqIk}n72VlBB(bdb&l?NBe!2&>d;tV3QM`%#!Q^9d~
zx9{}(f+w1!j>=IO{_To7?``-{rh7v8Mg?P7dfcex^H)FIh*-CU4xrB<Z*%BxN&5Jp
z?L4l}oEQRy6l#(BS|y$bAky)($g_N$@m<d6na;ZB_~Q}jx6#Mg-EtkOT>k6zW7eBZ
z{!Jm6F*%}<sGg>gar*#9N4>>tCS=^i1uxW28farWXG7Me$=4_EVYxGmO5n#Neifb7
z4P>YM67?ZviC-ut{KpR<4{Nvlr3&q^W~D7uN70_^IC>!80oOfJ=c*u1|5qwGw_^M6
z7CD*++Y>xJoI3W9w#TmeOnve(QM&P;7<OLu52rHqiy?*LX3W)SgDh8Mn}2CB7YHtV
zqRwll%tWgLQ$od3cR*C?R$M<?o_}9^a?%7yU{in75E9VSa$V?^l5*c|o7W!)75TjU
z6XY^Drn-PQ%!11G;BQ>A5HE);&j|ui0B8thx>z2EqP@O0E<jy9D@^^1rsbX%eLgU5
zS@?b3<9>w$`+F?blKyYG$u6M;joXTJc^$DE7VZgAVfQ^i@URzi_M|Wa{^%s5Yx{U+
zf&!^Cm0#=kBt1<lgJ()uuo1mRFnJG9$qz<N_uQBuVlSD?#^4)z@rcB$tfSqxDHwJ~
zZ^S1CKnqkid4*<2UyUq#AT!Pz<fFM4=9EHqo3C;?Hh3}`rbMtZ9_{WlZZ_%vM;acc
z*pVnyD!rfD+TWVWD{5rCz7~2=r&K)87#W!r8q;`L?g`dk-ws6T?#zebbR?itC4DF}
z53|3Ci}Q4nJ_l~a+_sMc$ir@>TVL9!mL#ezcS|?CFsumN!}Ke+bM&gRcnZB8YV_6Z
zT7!dFuft#VQ0oZp4aLnsJNSaErmv@ju&f_)<_7|hZZcqMkO}Q92V)$gIrboc*RP^e
zTS<Lo$wS?W<<#a=q8}coD{_S;X4|#6p_gT^vh<e*s?7?h6;xnvbswO|5if&^yTp^}
zF-+?<JSoJU<WIYL`Y}^6kwJ0d9H<{nEc|vWmznwiu3zSt#aZF+^eQhjFr;zqF}IFW
zHndrJT^0Y=fOJ5n7TWTaJ(rpU_RsKg6Xi#}s95q%Po{j7ptPcnYw?ZMzvp2<o63Jf
zUfWAQ?!2u|2(2?Q3~cL@cF%0TbvipP+V`a|SD|6GAVA%@;6C^CTV=@9vNS)ao?Ba5
z<^!ktG}X3hfyT7IoDB>%s8sIn)6o6neg4&bq-k8Zy+Bj+GaIJB)lAOs<N_H{+8A=o
z^zp)8TkMHL8dv>iukHB@2t>tv-xo#8Y;jgZF08-EH?!l9xphXYWw|YM{j{rVXlMwo
zZ(W9Jk#8%yK=fibJl?FOA*KqX9F+VlCGqx3!Q%Zu2~nk=&lX|ymd<+%Y(M;X0gT9Z
za0sp1P}nHLqS5p6yrH5>m-uEqepNbiiRB?A=;-WoShmxc=%$Vdd?`$Q&OSGbFNY|J
z8S)A#{G~Bx%&oAQiM>z<al^=NY;Pc^TRb6nPv%IC#OSD9MD1ReGqia0JJLEawp8>P
zn6-=vT+A^y4`5=CqoRMm=Gzp{HUEUh#}S})Npe!^uEZOh=m+Gv{Y^%6beC>vF5ITb
zH7MW_|LhJ^{kp${btIaA!5cXkOe)^IMx|UkywNtq+VN#xJ?E*T@X)|dvR<{P9tnFi
z?DI8_zF=I1q@D{YGON9xnaPeyLXN6z>}6jJrDVja?tn(TE#tcmt@TaKW&R52<dOr#
zY(d}aa6o$Wb|xxc;Y!lsf7u`OS$$>ozC=DU_!_}e(7<I(^qv*}OiwJ9L%BXcy(Yzx
zuRn<gEA0Cb%`2)e);PrLS)kp;jRzK?Pk{O7s&ABt=|6W9`T4^u6xXxSEWex0fe4fi
zs$!er`~^m{R-6>kplVX;i0@&|T+6>kyV&UNxe1;Z_n=2$q`{sE6ns@}c8}G!O=>*I
z1#d&4(2WgIgshweIW5rF!V&mG8fb*(Ce$epc1JskhgD1Yh1<Yt$cAEo;2C{q0qdZ`
z#iLnceKR-J?`&H2O*X3Kdc7kdQs7$mxN0Bb+-VC<7VM@_L~zknS`hhZ%+>BP%c54`
zAo7N*nF35fJ`}~qsD0-pdo<6uNAn{XET6E08x<r`J9#y4%<U?=4OZ+2TDI^vJ+;*d
zqA&@DR!S&p7*QyX*b?gZ$|ZJe--xayUEl3&j~L!b@v#4jL0qULKizj@y<UtiTfL6>
zx*_m|8~{iTN6s^9z&<c3c0y*oBHM7;gOGQ_+(KSdR(y;ol&r)FiXyyyE!@jgv;@t;
z;PH#nbb*_qqWMji@p4egm7R}HVDjHCED!plA@?#!8cgA-@hLbN{wLcIXj06ZPXfsI
zc{=6wFn+WrqgE^LPo#ti5`y8dgb{`B22fZuDLGBegeth(Lfn|J-q~js$SO&H2w3`Y
zi9?5sA}X@-x^BsrUsV;IUfC%DXs=g!?tQV{A@k!0Tr3`YgP#(6?^d-qW#*(=b$4Nn
zdh37lttuSRxk>i&N_MPrd4DO_I-^7S+&u*RlRN!Ti36JnOgL_ot@nYr@5<R`htw-s
z)PH_tw6(J%D4Xw??VatllHfg=#6((qd^G5@=#~wh7n}RPbQ!kU;KcHAkcIFh*$cYP
zRHXXx&<ro(gg5rMd_0X1o)1v-7}okku@lpu2tTu}Ej+Cvw{XF=mdu4A--8db@hY}2
zuCo7tMBF1J%KAN#B+?$)Igv1Oq<3d#Zsc3LYS;YO)RdBxkgu~b;nPo$>u(`Gi!Pa|
zW#5wath4>a-+_3gnHQIC@Uxqwe&4jepr`5?`Ne$6<diIr(4Q^yNZ;hQ2hTv!(vGUr
zLgn6w0Sjx7e3eFhc6v^K|0k3FM^i6wD4-=J;J$j1%P6u8q(#2EzOD;xI~;jiuc@hd
zf&OKVNTf9z<>J<Gksl<$sD6JnGxr*g*M#?QQPTxnwh(DfKnjbZ4hKQ$R)i%MF6za2
zR|)?TgKYTHV`<W3&%EC2F+eJJ8SW0i`zIBY)3+*8vTJj^-^_MS=E-KiVH`KBayLLP
z<Z<}slG%nP{?q2jQJ<srd57dAk1CB?J>ltB$yKs~73p?CW1<!5ctuC=@k5}VR2`*3
z%hj|KK2?@GPLOU$>lN9_KZ=b1hoW!WBkI#(slUX&Z*Wzv-KNQX*Xwv{nuJ1Y{1@BA
z5*)4rT5tUa%?078lq$;q+W))+urMo#(rXp&*T_5mLhonzhB3q3c^&ur5Ue*)MxORs
zL%Pf)SkQPoqjK~<Lsj2bgBd@0KQWoy{IH?Xj%oF2ewI>=fRVcq$}h;v%PXKgbWf*+
z>hEZLAmBnsc18wUBI@}jM}0Hv6PB`Es;UWVYia$gpn}Dxc_drY+6jGgNfuH2uKV<e
zqspVxzB}Mv4zcR^&y)-ALqVpsxRN^432Q5-{SsZNQy6iyHwx~*8@4a`VY#l$Y5!_w
zN63&Q<`LMAnV79@<-E4P$?x1-2qtygBCXI5#9`f0d)-@o&sY4bf2~4;M-H@me0R{`
zqZT1yTe+DzL4f*NTunOa)_DZpsjZ#S0l>a?@Zx+w=J=vJzdqsaCGZsS0M-r+*)_zS
zQ>IPjET~nmdKFfO=<o^R(P^o-3JPi;h663NaE1~AIm!E4OP;G%Nh^UDI{!Zh*?Uy?
zQ{oiJvD4BCE^@b3_5$AyqdDrAC3$2id7GtJMYjQM$+gO|>@P*F=2wybN(Q$DI-ddM
zcN}=2C#iQMX$sv)dMhK{vJESa${ut3&mApp5=q@n$!9(%of3@Ww0WOY;Xd?~Z!bMX
z+0zZ2U#^`hRpG^6ec=nM5{co5@`CkCv7%1Z8PFwK-w@sV2Jx@r;@M8cs?auDpk`&6
z|C1)W6{yGQT*&}jd8B&g#C0FJ`d#(_f?ar&6yzbvUy5E-s_N|`5o#YF%+Y@|tq9*?
zfJ4Qa&_zCkfnfK>ng~3e=v%+^o(&t+U#^=`Q})0|@OPT(eH)$j2aK$Vm)a;;&7H+8
z*mvVQUjp4j?Z3IkuxErs<W#*g!_JjrtoxJ5+#`p@Agr2RWCR{qaI}4q{dkd1)mjRY
z_Q@!3^BPXQPysPdectr^=MZtj)U4GXL%Xwr2TZzU>jrfGxEQ8#4@#TnyUR4TQ~%sG
z65N6B15(PI_VN3<!`F>RJ4y}{WqI4AQG7IXkA<t;R$R*r4Bda+`Wie!&{WLenUoyl
zS;IC;#N+1PGf|aAF4E6Y!IgfP)Gc$QME7olg7wOq(|M}?xZKg$%gxQsiwBo`=gNnR
zf2fOcLyTk)i*ZjKz}48<yBWz-st9XofV^WABo8fpb{`lt^SyJK)w)!f`)2{nq{!#s
z333tZvd3hz+zdczs-%7X#5HQJv)WdQ@7y1nv#>=Y-3^SUDnN-7D9qkD>G*i33(3NJ
z8t0^9$2r<dndUUY18wuHvs+hIk31A5L%`|%pl%?x85z6I77ZzA-6z_*OU^m;OSL)p
z529qFUubp&iMsh)X_4SiFjq-!X_1wffc4qIh0|T&_H)%{RqtcdBUT4SyY2m;+MB?x
z@mtj$*0Fw|p83BPjljOZq;PwmDhs-O5uLp*@$lE-Uu3VX!p9mlsQFQ;ZF&N0E(=@F
zHi$fCE^8!<?>im)<F6Sow$G+-j`W3}&^E$}zOWNTZtrydX@gH{S+=y>hw2K}$76+Q
z8@mS=ImX7$)`g_E2^b$#*^?{Ps{qV?5t^W7rJ;_8R-G)QpYLX-XGLG;rAJaEf98tM
zo==hpSzi1596fJ#)^-QmS%^^EkxAq0j9Lw(RhpTS6{kY34MK^ir$9vbEn=ZB;{SVG
zsFSdHZL1^j{2fdCW!B%GQLLBm=diM@k9O8tQ(rahtj${6TFXu}<{8E-YZkB;lUI*Y
zVTT=0wjI9N2R9&uO_uCOniZj`Z!I|`o@-glc2MXIh!pbnWUubgFBsoy+AHyJ1Z&%y
zH9j_hs8%xx5`A~&1Z}d8{=g|L^N*bhzOLB=ZH%A3kM$p$XMTNIm6a?&%bjO^X55Bl
zE&gC^dJw*bJ<sn&S22J&4)iCRvGK0MqT8eHXT@hYfX-QVnoE_I?%hy($R%ZK2*2*y
z6`&(KxJ_vC07l?P_~X!cCR6PAM1NySns(&>?2W_0dWzU;o&18l=%RqZW$|c@*Cnh{
z;6f-tWwe%2zWU}F<w`M2nj1^ad+oUQkmF0uO;|z;b<?Yd;8{%Du79|AH_PiwtVd<#
z+Mn)f^1%c30mt#@d{WiAE2y-ekhj6!);ZI})9jR+U9laq{>!YX_cw_Vl{ezrkMAQ9
zSUsp=ETGx&!_2LL^IO*NyT%JEsQu2xH`v>&-~p`em6fsmaQdsW1^FK^R4f?{RFV7Q
z3)91;$L*4i&gBb!Yb8S!x})zernM|sKXy!T8C1d*%Emo(TD%70eBc-&>`c-9$Sq*G
zwHd7u&mvoaTWYCE)$8^5e!$wcCI_7K(~qa9aA-FJG`+)=ee8C**Fzb*5E2?MBcSEj
zJR0hfis5&SgR$1zua%vtZ}alahP5XHw)!YA2@(duo?v*eQ3iK@LT)31ht#^H)V_KX
zfLVM)S#6xm!IaKL@%MX@*3*7!F0E3!pFg5y?>Pv&QZ1~o4$6|KXMGfBe|=Sy1(%`S
zhT}KPT}Q`)YGMfeJls7$!om+WuS;kSEP)1S#$oekYglML3j4>gvQrjuDFWgTG3Y5Q
zku@xLv@X1c-V}7NZb-CL$Tw=hUi>Ds{LsooGrJy-cKfHnNtnbVqzZL5q-M6b{$KgD
zIfZ{x5LiwzR&a#MtzsC61wfUxAmhQgl`)Jr<)Hs7Pxh&lzqDdNbbZTb1Bg(ST^NOw
zcJ%UY5;*8xvIh``;cnUQPx8_GPsj`8F68xnH9?x-)YT;58C@u<J*1Hd1s~V@bMSuD
zH2uiEJ@to&C*MU^C_|B1E!9eJy3xL%qy*gka@G0&S5l|6FrddBt(DOl9OG^aKQ9WO
zkyn)WfB!`$g1wHZb8?UZdAiHWrm(1>QermqJ=d1n%g;s!KA4%#hzU{9e%o{x{Evp6
z)F8{5da0f7qr!erx*mwumVgv-%7qJEKzJ0t#f{#67?_0^$b`)X|2eHCKgI}A1{G+t
ze}zLNNHrT|Vg#6g5bOJXCfPSjYgqX8?mro_VWF3h^0<Ivh3c^GYSTY0)9+Iy+C$+N
z1ydBYDE$8zemK|k>iMm1fxn9`Q}-Yv^wF48D)^=&DGjTs@K4%v8f|M!(og8sjqpdP
z8NTU`8+(}i><b$WciqD$-4EhHLAGg;o&|L4-Ep6Zl#Z_{QV~AXsSVJ+pknJH-|+5?
zriWOkB!Wv*QU@*U=uC-tnPHDl*&p;9@Z!$N%`(yL>{k}(daDO^jk!QhPOKagQD>nt
zUjsIG&Hk2Hd5r}ic&+rg$zvYa+Z~h=2km=5bd4z?JBJ%c32fBA?i_$9U&m3+<<VqC
zjhx+lrMQ+jlEtvFhJZOB819(6S2{<&gp&Cp3T1$<YsmM>3G_@g9Mn*6WPsKq$Zx%0
zx^BE#b@Ytcb*3|QCBO-+zSg`vsbP2PeIvb^39<PG18KEnEjGrLr?0$MjWXVuyv(us
zjGIVU(V6}FvFQE&Z>Hc~z@a2{E$6P{rHD9%mR0UJr((?FNBdc$83K7q)__0NR1Gxn
zIFZKUM08=fjs)j=w;;BI4V5-#NlSRn$<&8@y>;(%e%DgH@w~ttlS}=-!UK>yHEgcM
z=j`5W0b==`-$Cpu{h%P&-s>_jVZa)ZD6Vomt)X#li=rM^JjUb4#tqrGmsLFx8)>6#
zr+k;cnke{-&$Tl%lMdZNrVfVe`U!*fwg|4~24nLn%Jf7#()ekC(b7h&drOQ5A1Z3q
zSWbJ*g|1rrZU5QS%WH=UA-re3!SY+>6h3<o>V~YNIlgc}6Cj_n(<g1&p3p(Fzvbsq
zpvjkXk7%9A4W<IPudGLk8ph`Utxr?-^5RZg;|F&zvDf8i#c0?%qs2C8&F*o<2geO&
zf6E-(yqJr1OcAvkU(l!DF*Zg2?us5m+oQ>;+6j$0>VtX47y6sT?hr&uhqd@RIajlY
zO{M|hxSl1pNyzRUk#K2>*5ju>JtI&?my9B>Q^UYqTp!)h-zuL0e^*N!5a3#W8}Li}
z@AE$E<Bv&ojQJgQn3qSlzLde(CUwn_;BN@<UP|2IEgqzLsPk9xlF(=9`6|gW)0O2a
zdrml%n4ZBksh0Pfki~~j8$SNfuD5Sco42AtfZjF5#A9#wDr>b$C6d{Lw>Egcw@C6O
zEd(HcvQ-%A=*}gQ`$^hP$KSb60V62zov!@?Hk(boRU;eGPwm4`<f~Gf=-HX816u^<
z&NiGh8k_^c$tsJ|iX$%2Acf8*Qwn={&aT$Jx@+P%5^C3hXxz)cH1=2?C<jd<ULdE4
zr>s?v+qQ~M$xMI~Dfi2X7I$*h6$0QjGQAH(ym0?_nT(^iR@vUxvdkt(jYDSX5LrIv
zk?j-Sht88_9O@9+5J^o=KdhJWpNaSG&u!W<bRljVNl2G7Y^T8b?3N6%V~rHUs?+rS
z7SkVD_IA9Dj&uP}=K~SSf>7+Uvbk?NHEeLq9c}@C18wh5Cwa`?^2GomTnQs5dsn1A
z@5O09GMyzrf9wdOfx;j$k1ntFdX6O9F{o3~eBvEqed`al2lH-g3<O`>@DKL@J$}au
z55_9ADOs^JSTN^4Wl@2e$>&zRBVIsXioC5A-QLMK@}%(nNTr>=bE6>`O8|{jKW{KN
z`4jlqkTx_uI=hMpfvu}El%dkI6$c+lh(4c<fUwQeyL}^Lm8^N6Z*9n)_uBp}IKCpk
zs3jijX-BHkz231_ZTzlh%`+s+PdBa0-WC!rhY)x-=|5+e`#a9jJP17T1x0phNmyaO
zcu;YJ+7LqSZB*g~Zqp}`;3;_C=!_&hd5^b|()*L0spCUV6NRTM*)LbrvbzdB@Fp5o
zT7PMel@A%?2m>PN6S;!ahnSUr4|L{Ml4_dgpR&Cyhzyxd6}P(mloLWvdD8(2s-1(g
z9dz~q8ygLvpfoCqGwyu4N5x2({HrBY4|a3~@$Q#JJ!cIrfo&&Pub*L^ji(dbKY5e%
z^4C9HPBC>he_Z2h*T!XyjV(rxg>z6RV>&gm<33AYM?G65JB6|#P_;SNeX#S+Z`mcQ
zrSDzR2}SgJC1~H(5p<C~^#WS~7@xykUK}G_=`HM_dWSMIT=^f=Ua|CgVh<8aEXp1S
z_7vm*PXFFK#8+TF>G<7jI2s$bg#{f;T^(*Yeuf1n(_RJ#&Z^hQDNFW>wrXIixL&DL
ztzq6@?KuVnqDlh0HDq5$)PvcHHjIrR1{&91&CYJmkL%TOPG^*6B1t;e)wh&qd{J{A
zEb)W$g4U1|BP&GbZ{E<v@7+L3B38mFeJN?oZY%<=1@$Y*q&>cNZ*m;${cl1=vNY@(
zNURmULpe?>tQiZV708aL_CFP)>=qb&qbQOVzF%gOz)~N7yh_3p2LUfM2PsvEH~8@h
z=n7Mh6TXXI1-LJ9$U8eG0X9~&TSucD@)uY5c@0U3<OX;1_a}dYrOx<WSM6=*X-u6h
zHa8(vAGcj_81Lg|OzNfHue7iWwM)$TsF<-blamuZ!~OVvrDCEF$a1AFk#|5OraGBf
z+%EVQ@dNE<iM1Q(>2bV^zFD_2{j(|-q%?jIwFMqnS^43zH_^n)y2Fe6@>T^AJJRP;
z#Flr~Q7Su5l)Yk+l2znR(!JaQpI6_0L8^iHqM-#*5DFbrKQNdPp(cKjINqi0JotH&
z@>Fu-@Fg-yUIn_@pVLBSO~=Uov3<AQ08``(HdAOnzE5n!$h9%kao|JSrHaMSPA@P@
zjS5{mH(gh357Ye;XQTQe9cu&z0&Pfqu4NWknfUV`zqtSST?Bc(n(C^II4(HqopvZL
zD`{37tdzR)h`ga<l{EJLwzd_tfAH9@EsI4AjhW(OKH1tTG5R5~M13TXX`?c6dtdz4
zoY5J(h0XNhK>H%J!}WVu_ENil@wi&!u-7iNs%j^_8zYviI+juQ3H5UctB$}{U1Mzg
z&OM1Yy#^X2$ozUquqIidF{@kmX=Qppx^X1C^^?~qtYKBNEdr3JSIz{fW$(;uBWOo0
z3hu9ktzam%J5B%#IRh9Ui2#`jHe-GJ9RGT1_qG<tjh{|eA5uIt5vJHZ371RFrX}@-
zUUY+IWQnJ4#h2^_Jun9*{Mit-x7`kuIfC%Ss1Gj_Fh;JW6Q4|~bg}$JxCRCv+!hDQ
zg-3Uro!&3A1L7_hLL+}?_Xyn%jsTA*aAIh0|Bt`H&haZg=Fu<*r{(C@wHuyGHRnKo
z;0LY<SJ!;vDSBL+A1#)$%=|1mD_5HHwUv9O)z@|M@T<AwN6-zq=4iI$;BV}}Us8r^
zWNO9ie%7nkt@Z}IofSrqTTY5q<rGW&vkAu~UX6zp)K`vAV^-zs69;=}=FAu6%0zB*
zON9qZz$a&IFO#w+Q2i#E#tkXA%kXF`;)(76sKp%5P}(2E&qL3xIUx$Xa0|5VtyCwb
zY4s=(6tdu(T?@;^b}nYM6M8~ETlGIb|9Lu!5HqJ~k6B$%yKTUyxI2qYCpXeX_XVSY
zFTF5}8B2>z+-Hbr5@GgVl%pStuA!h<TVvo17%Y0r6J!|BG5q84ebIOCPI%+c4GRNX
zPk{Abe!$%k4it`u9Kwzsjdf?@7C$qNB~O3V)cbCp967N)$i7m)=C*EHWM6K+xQc{@
zDGaJfu?0lPn8%2|C{YHfof{ak2&gDMWG*0|EGIU$)ifLIC)J@*xw6feku5KfeYNU0
z9YVZ%l=2H4GhKTg($W4&#DALXpuBE+e9c;H!e8R#WFdw+bE$#}x*R;i=v-bJ+M<T`
zpt$q<4H;iV610y+3smV22tN)zh6Bc*kDs5vh@U*ZRYpG>?0)hqHq1<r7Z{i4&VH+z
zQ7>(qS<t23SJGc$ist&6p)E-sqvJv%zjoZvcz^${Fpg9qe^ELDQ2zUK%U<kn4q!gQ
zg62(%<v;;?03x8auoi8Ci4>Xt65z<nYTCxg!a1N=wW-;%;Fe~MN@V#?nA|W$oTNWz
z3{I7R`wv~Ly5f;AH}uCN=VLfDI||0D@yUG09dnrdpfA07$0tOr?FaFo)Go=CxH=E!
zNRDlm2IMIsjqcGyFB(IqifG$_x&Mox{nGdcCl0>D^G{8^`*uh|0AjuA!N;G6lqG*T
z5xVtpy{jGjsCR<b`mPp?<h<P9uIzS>Y<zaEFmM;f03gCwM}ew&YN5ycz^4;5=poJf
z9i|_8m>A8=uaRwC$-3nS7gy6~@Y(RsxSJo-=q}f3e2^Tt1{Qa(B8hkMpU`fz2eQZi
z1(u5*APLB3*pp(6k&7|$<B2KJE@K7X^0(37b0G_;HHXnMChxwzU^Zj2N^;6E$4YcB
z|02+&S7fA+P5<WfcJBPR&h&k|h!8d&^;AB9(Pyyc%zH?`8y*r}7i?;9;VCO@1=&pY
z=Lu@8MkE+h;3RpAy_@~zKytD9H0U$`s+UqL3}pihB49X&y*Tc}9^dM0VG!8fV>Ynj
zV^2wAp6U;|5-#vAWyxOUGJ!T%DudBIs=rv6DYw04XN&{Bclm9Q2ET*5@Io;oprQ)2
zXHVz1s^DX0iHRY6a|vO+>Nfn2+%x#bcLREbeuTBdB%iW@wAICPleA8)zcOkAaO5!Y
zoj@)}KZ!>^#Hn`3@w9Qj?iV$w)9!(BgR3ytzU0+s?*p(Dk#E>}gOhwuiTk+0n?Q5u
z$pr`nYHO(sRg(#b(^gj3RYnTQ`cTJ#kGj=lMRP%tq9T#s$l;+vQc2N*%$I6clkCEN
zIG;M<l?7T8B>#~?*nNTW@UrNb@yOZ?qj_oqXUHk@@A~f+UXq%P17r2H_C_4)O<f6<
zW`2&f7p3GJ=wQk$rLVY|iXb(X9y}p~nmnH_wGWIt^VlAvXLU>rCLU%&VF54tu^?>~
z_9OAa`l!?MKQ$~?pEY&E0*Jq{)&5p^t;lE-J4cO*Q-y28E4HMO+Xlz5l;}?003NFJ
zt=!RqOtV(>miXGgDG8C&LD9}ZvQS&)_VC#n6$=~`$rh>LFjmgs9uyhDhz&B=-un1;
z_Yd@Hd?LyA@1q%XEzT4!3Yw3~E;nCSRm87YlFVDB(CdX>y7pwVfvH^FIVJR&TeM+$
z#p}_1G6ma0#e8_dm4ZQ-!r#0)o;0>L3Fg?n%ny5pBMPl=mxGX_Q(l-!E;(lcs3%+i
znNw`I%0nf84}Rfr_$Uwa!WdpxYi}w>vTL1h+@~(-HrE_3d?v3oKo#FH4;s}vZDyLr
z^JJ5GcD#eONsl72s!NE-gZBtf2Rlh$_Voi{;T<>LjytW}kCEzW_FS?V9;W7lW%F27
zq}plC)@j|C2*$;1LD;`7;HjRcFhs>Pxk(Oz*p2##VPK3N97Awl3J(`+o@3g~YjHO#
zN=-bMt=McFS0NvbKO#KX(*hc>;k`c*Rq1YQK2Ct6re9sa|1c)lnlYK>UAa(BZh}?0
zsQfIg=;EnLaumuE&7f|XtT?j|QSm)e^AKe%yrQEOS|$0;J)ZzBDP;Q2UGndnXK&<A
zvntK5yGSZbTlhErO#Fg5ys|P}m}Zm2^tsU=9a$`@21=l9;jDc6>ARUeZ)nO|rvfEU
z$0MNoVDfA*``l5RZvE1KdXYvrSfmiVVI*7UN996Ir-HeFr@1vcoUZhq)4n$uT&EqA
ziv&^dYG(WSm;h#u%R;G5(w_tt@!Mbk?@pZ4*p*1pSKvlBiIkSQZE2NQBY&=&4JI5h
zhR9kFpq*3TrMl#d>CYPu+8fF?nz$LuUCVcR*GnQEKG6fU>mkIy2qPC_CK;X#MA``N
zxXa(kV-4aEkW5>A95RD^PS?WSb8AB~Icy9-Xwr&^V<7AL*Z6T(!dY}BDwZBpdq<?R
zC4^Y}^gSOh7@d5Pmt<l4dOaT}G6{}Z$kdV%G1pDCx_~BO#yDRu66sopk61LzkcfbB
zj59UTMIxDp-qBQxDSN`dZt5M*dkBsJUM&Z<3Bh&(Fm`;+E6IlZSJ`nuzuN8KZ(>7>
z<421a<Y4ry1#oHx)26N>wQACS{gtF<H}mXd2QN6_U9&3#5qH7t(-lB32S1V^I8wAk
z8b#WFnPRV8vuj44x|%ov8JT*pHo)a;UY04wcEjQ)uAqPzlJaJ=*huYnbKi0)0XUPo
zzw(@2|4Q7(WPXxyBZ{cJt!}{m7)j9_D$>&6?JV`Rq84v<fWUA=1;A}8yNK?RC)PK!
zMg&Y{vgN>VnCFuxH%NukNv<WVE(qk2zL%*)iIb-rgP+B%&%7I|5)B+ypmWMoMTr=V
z*><gdU-B~nsqL4#(u%tVk2_wu9u<-pybiaA1-H1nb_sBV(uTBCo^a}p9=Q4QiT@;B
zbB6Lu6}Uye1RL3|P9x%8%C#$Yc_?y~DTilQ1K&{%=lu|Aqh#-o6y(;v_sOees?S|n
zO!5;7KVG#b<3fe9A$_p<uG;JMuOj(sd*HGycq9mRVEIf10)Nhl=h=NRP6gLG8=w1C
zn%!m@{LXn}Ph4&FCl6hwWa)XKm~nY>poWkFI7{C!eQNZzthIm9eRH=`Oui^z)tL<F
zWrW1i<YxUrExE#@0e#4(m<Qb?Sk0z4Jnp$m=iAM%P}(NUYTARGK>uH^LpRn&tGVK6
z?|^MsWGfhsAPpB~3_d?VGVfm}bCpHJwb=GzOzPm;7W>cWdfUn3=kW8orn0(!iU%ZN
zk=D-zHMgF}slvY3b76i@%=fl;Pc=I*SwZL5C2w9s%SnX~t~>^oq*J)6^>Vg^)FVp$
zxC34>81w37VPy<=W8bGQZhs<Bl=QogJZliU9%FNuW5J7`i`?^+_Xa;8F<n*RDdZ@0
z#6emH(5~~t<3hweS)T~!)v-w=948rPd_^6$B<!VKH8fQSMVZt>#mDGqqrlGQ0DS4&
z`6}2LPj38Vr`L_39kdcKHnvP!Ti+|9O&#QM+!ogy6w1+*6kt=_NJ}$=Z%O*+Z6=RE
z82k4!2Bu{`hrxxy58;J^!H;Zh_WE5oFcN88BX4KRp0DNQfA#281qn?l%V{&Lb9niw
zlfE4O5{d5)r4U*Jh`4HKsSqmT5hWqsc+<v!=Y;!b1Lu~1ELuRk?E*7>j_UM%Yn<2<
zf9@MsLDGLhr!TS$$_Oo4(KWqd*^dUvCbG;%nyJn18wUXkJVvtV>zL?X$|Z7INgt=2
zX@-KVPM!o~kM6wQC^9GRfB&TQ490M$o~CwVLco9kPG*K7F*@j)E2$B1_-Uo`CcBhh
zXSpHu)AuVUo_4?45Q_bIk2Y9DCdC73#L!CHM&epOOshUIKcDW_xZKGfHzhxI_QPy;
z!O1@q0qq%Hv6<guy)Mq?6*r!*Gg;LuH~gRtjFT+FJ$hPxXCuZC4NXc&Srf$bl9JVK
zgpZz+(|ggDIFP2q!)Y2(iKW2@o`Jgt_qJ7s-17&IYPziOQe*xn@cG7z$Twl$QMkFU
zR4C@M<j;&8qhx$F2=9QyDU#USuO<(_<o)+%k>vjPBdNrn>-nM}WXI(MKd2^IR2u*v
z$YhTys|#4hSasxq7ipQ*exU}>6p5_^>Y&~&kG)siTZijqYgM5QnAKCPbIEMG2eYu#
zbzge8ewL?|q@nC%CQz{HY@}p%gpbg7{wec8I3tG17UFHVm`2bjKEjk-nxJ(hgIbrn
za=c5hTvUDA8+@UysagG5?W7(tbsHaW!JR&?oWL-0{sNzLKLBU=>8hJNkrHSen8JKA
zzz(WpX;7(&MrnJuzA9~pkQCMx+~}ge^m!dWX)X|d_#PXErW~B?=3C|RBT1$T67zLj
zYx^4t9*ct=`OQOl9c-T|)Gtg^&hbsuF!Xf-<z@N5eg1J$Sc_vaO*u+;g8M{zr%;5T
zqHU5yvQ?N+4lJ#ZVlD$OfCa~fQ<1vp7=O>@SsY4><6Bqn!zay<j9uOG_{#{z*R$u*
zdLheDm1<rHA7vxicd5L8<YHZKq64@63o0MJ4u(Q)*$q=3^^W$LVugfVZOd6?lO#l2
zDUN6KeLEFi<9yVT3IG~>m05e5)q|Forib#1j|)69_5LpJmHbV3RJGOgB7=GrVic0*
zwZ45vvG$)UvY<T5C2_z+VqzvqaG(#!jTxq{_$!4T)SJ6Z2S4t)GO$Kkhi81bZY$l&
z$V49=!?fPUSA|b|;e0U)5WIvUmt>cBIzwkrH!IC5GoAw{haf7Tr`xgXe2qya(7m19
zEwChdM!&P7%2<|5^@x|HWamUHZ8%4lAyH>ZD=9nIn4ioyAgOS8RE$hy_9o~Zuyp)p
zb%Cd4w4iJFWJSS1#v4szJRe82E?GuW><dA)%dd=Z8kO*0JoO$N0gb2i76G;THA-bu
z=aNh%Zz{%-VDH9~bESV_=JSPoA==mUZ%Hf#%|bK%>aJ<J`&HR`TLmAa^kl$(Z%a>f
zda%LGEXa@+&O!ZLdN;ZIw%Wi@G^W?Ko~e%@@CM~c+`8cA=}9YxF|4PW|F-y{(AX8c
zY@w|F?<7}$Ma@zfI{R{vxKhL~nlXQMl<rWjV-#+u|440|PL8HI^A|_gc$Jazl}RK6
zFW5Kwn5cXCESbTHJduW2r}lO${(r$9p2-RkiiND|uE*=-9@I|&_Nka+vh)mNKQLZu
z{JUz=sh3HzEtY8Qn!CDVI+Fz^m1};^?xe$NBIMyR{k0~O#rO|`5LA^046)ej^eF4_
zhZzi&gi~_U<!UBm-|Nx$Ov{JZ%!Q`JbNp)G4_998NY9Me{E7WEzn7OV1$O%;?UPS_
zIY$K^Q~ry``RUhsZ_gKl!u!Y_<3Lk-e%$H=ro)v}7E(L?`>y=22JcLxn;BBAmz8XI
z#%Nm}j^V^x4(jlBNas|Nyxn?X5WG|V;OI}wQmdJ~(3fTcZr))kY4U4D7X+fvzNk0s
zA1Z8JhTZn6rDWyCq2I)lX3&89&29O$1uUnqG@AQ?=xETrwA(0C|CTj7ioREE7ss$J
zkmqj_@|!{nl8As4oQUt#mo^a=Ed9`_Am4{@(v?V2GLh#Pgt=o^!lgp|nU{-&uBz2c
zXpS8`tq(ht*O1^6W5pHb8(l?)Y*vrpJ-FF5qe%SzB;=@?sG0vV5iKBo|DJW-FzEcA
z2~Tohzv1sm*KS??9Yf#!3rclT64M8M0Y0GD?%&Md1Lv4p*l1_NX>%BYGRsiXDK$3v
zpOaq{?W`D-DpHXygnBs}5^wMIym(<S<el1CnF<T3W34fxIrHf~28DTk8Z}m26c$Wj
zz%pR{T3a}bw{hO=bH{dUJEGXRVH!LN8x8%AARD(IjW^ZP43`>PaG}+@yhKZ=$9<W&
zbqIt(;@UF9&mM{T;3&8)JGg0S%B`cMZ=Dut)0@}o;g+g@XPpC>y7gG`YM?E=Px#{o
zVt;f(lrg}VUb`F_5s7^FrK8tVi8tvbGeO#==1XU-z+{vS9#j8Z=S0BGd#@Co=Aj(7
z(Y_(filw$j)4h)eoHr7LEmtK^TRkBu%n#+Y$l)2@P?l!p5j(zzjuwBdhbG_rsSb!c
zHYe+dBh4le_A1#=6e}sMtWdQ%c`s98pb$-9;H>;*><PJInEGUM_{(YA`3Yt#*8i*P
zE1=?N)@^|R3BfH8LhwNccMmQTLa^ZO?(Xg+*x=5f!3TGDo8TVY-SzRGd(V0I-L>B8
zwYpbTb$xr+S5>>KdZwyZoP?x?G>w&r+Ug80d8S-N!DNV_-QM+Y(!3UDbzL*6XWk$@
z)%h-7QrAM<Pt%4e^7p>g1Em@Lz0CnyP0!$brF!X%(SE~1&$%hvT3QMCPvngk*Mx;W
zT(ZGcBBf1g=|ai-F)dL?Io^8#cC_C&?31UDr9L-*ld2HuU2}516Uk5VSg;f}Nbyc+
zfb^g69eA```CkXJhLL6Wz<E$K8>}OyoKZ`CkQk9pX}3~b?9k#JlPk_}ms0jxh0Rul
z%od##lA(7`W!(!!bWeMA6s5Y%3z!<?(Ih2q&hGvaaRH^zU2YEk7?#OFPKX%4-;WBH
zy{{Iy=L{LnCz#f*{@B)5Fc9tWeF!zu;Ic%SW;OavSm%`mg`&4h*3}m${K;G@`%Zb6
zFdO}xr3?=)F&8;eCxjgpZPhgpidLSXI@g52U9sTzQ{?mClaa_@FazX4EVV&_T7q!e
zyElwasAvTIBVuW2ZxntCEcx7us1j!$a7bWG`4RFtm$9+^Zh9LJZ!s{X{H6*w|CU#$
z7*enm6F(OuWaO7pP<yX|H&K4C`kjuY<!D$!>MKdrckj(j{tz=sGvTX`hknh(#b_gw
z>ysDQs+5^KEc3~}ZXi4T59ngQ2Tj7+fhO_J%RMhNw->@Qd4BRgkA^Gh(VRf!4`02f
zGH-v;P88~Yzt0!v%*;h7E*S<t=FKTFe}<!e;OAR24{x7qUQI44Z^2ySwsAR@wscjU
zk-fT`2hZRuFnl;<vX^dVmE&t-PA8|%2x`<{)w_0~6k~fm$aC!D{GD{*Py#0yR6vq%
z8ORc763V>cC_kiY;1dITt$XMC7N(M?pWPRhcU+H2$KW!AVA!n$<Fj_-OOD4GqeC=1
z>2xck7Nj-MjsWlnN8kufO%IS2bl9kE5*|EVY6L#ke}WK@r0;gXvd~ibOH~^e9<z;V
zF@VO_-?;U-OaUvN?4X-bSOmu#lU{kv1s`2TR#2qd8<R<I=s$)GwlaUQW*pKn($Uc^
zi}BNg%;=w*s-T_8V6KsA9L4q7bbK^g8TzM_H$O_RzJQAJog4dZqrL*(YOS}ZrFwZH
z{H!9dhDNIACRD#)X?X^*%22cgJL%Fkx~P?rJRB{8DU$N96O9@oJzbLyj~SWj5=VYQ
zknJcaPo^6+_8Z_P%(u=YzG3qYw6B-xwW}PlKmoGm&YhVxixu*k+m8rv9DmAtusf`5
zKHy-K*izh{l5sw4zO#^uqg(##^HgycbJAXaS^>UKY|9y0Up_K?RC|~>h;gq$^!EP<
zR?O_^-q7l@((duhdCobePf+s2(fYB{d@!p0{bjoVyL2H(3Z%JX68?RiVLVe%6N|YY
zlPs)D9xK-53?~&=6X#TWlNIGlPoDfK{5v6$BWWg8S4~~tXZ+@)Ygd7G#~T%Ao$9)u
z7smz+tIrEk<*%@~J#jy<85RFvvIu<)a4mS>?e>(x&ghI-y7d;ztpYQBT7Vi@w-M_?
z*sCal0D`IeSay=?@<iS(I<sQ<TlKx*@@*RwH>Qlq?+YLzyaGbF4s>;kU7DHWiHpul
z!LmzocP@>#Z9v{tOwNTc$TMhfxiT=)@1mO>?%`TA<;N}HT4ojq`rbDj&Liya(yNGi
z#PSOutw#s#hgy!$r^{7Curk0Lh(4r#nC)^xB4q60h!cn1xTLpRSD;*QzKMfB8@0b~
z6;(aqseZ-zn5dT&8=b4?`O)!**{!IB-K{DIg<9n?0)oW&w!0dmW@KAhORfF<pSM-^
zw80l4>!|G`P&_WN=+K?JqIrBy?xteEg1!^T^g>5mig)qm@u-PR5!8i8FGE%7H38(}
zrYtj2=)%p~CHRuyMP?3uT<d0PXQRgUA;c!jhu$)g-;Y5lKY~6qcW*GYdo*%A9vR;x
z08~4MZsOY9p~|i}LX?(T@5T@`MEU0i-H|kIjV0?CMcGZ^sO|F5F`kJIv%zMe$3W|}
zNWdAjZ)=bV7=TT+<yV7UqR@6K-inBs3cxo1n<OAf$vNzpgjwNl@(*CRvhnKk^R@BU
zBiDNAJT-@U*S?$4pMdm$4)bn}&vaE-8cm{%lU>a0jQTBw9SRTl#NKBJXvSu*SXGSV
zkhDe6CV~v%uoVd578{YAqDM3CWB6@^1`b@F4q+BnTr8ZI5b@MXiVIcz{hRvs7Yu@$
zh28r4wkM|hs--=L_Tz|?G*Xb;FUDyg{~O#hFtm%gN?2}{xfLqCY<%P4{cusYmErKg
z@)hnG*vj!1#C;d@vgD+m79mq|#MESt{1WAEUI3ZDz|kp=nk*tldKWB;a9aSJjG=P4
z(y~GRi91oh>T@y5U2kI!*5ET=eN>k<?@l~M>xgB}0p_Z|m&5lt3t4EqZD|Q3ZNLtb
z?7)tlbox?Z67I4)4jXo?nmWt!eNoeS?0spWE?oL8f!LufFHP1=rd2qi1QwmEa69wg
zBv`)zjmGJIiiet`uOhmtzb7KS<pe<~Q>I+c9*s}RY<+J3>JpABst_Ed5rFJ@Glr(+
zDoj$dS<p0^kdwoAJAaVi3eK5sbu03><$ms~qgsBv`6&$klT24&(h)RZfjH`8F^EaF
z7JiR{*>gK??-Y%z0&qjYiBF&dtynz_l9yAaNULzW_(a|P)qMdGU3F)a(wECK3;z@Y
zJ&x5z#_#0nf*SPi&-&8>Xk}_l-wjq=(xIaZLMYkC%?YkYb@M$`C+Ft+SF=A&R@e-*
z->!2;EvW{>oDGU6l7)XVypHsHf)XB00{eVx&t#|j>nEah7sXW);|IJ|pGIJ<H9@hW
zeUP9t(0V_W(oQZhEV#|dD4bny+rs>>6ejrmy)K*H`-^0Vdu>nGs}8^FdcH5{F%ZXO
zk3_>GO5H&J;#KLlA#eL|(voznKhl4+a8Fd1WwX+8s4x1NQQMFLG3wd|+)PXvngR@=
z{2Pv#zNW>WpfFsIlR(q(Q4pj3&y0-Wt=g#-;&oi=ycdLyO4*_}5qksUE1I4r0qPnZ
z7qHSlB>Z`+2Mc11!lP!{k$Ur4E9i_RfI<tpzpYST?i#4y4&=jCRgKoUWjIE<Ch<vU
zTu#Plx+81=NyW&ZnyT{hONBi{);!o4YUOESTzwG-@;<bpxH!@E72IC<DhRC;sf^m`
zCV;m{Em*L`y1W`9NEZkFRa$#QWSl-mG6Qyvz3Nb)+I!!5i?So+-JZymw#{|}Ks_}2
z;?d7fwTK(|9mJ5O*$(E`m?`(QF^;>4yPunvZgl=#G@$*wnE;8OxVdcB>)%1}q{h^>
zw=A30t?A3Nir2U;YHTz8A`Ze%=J7^8oWrPaTMY!~zWtPT8&+ecxVzPj6NRQReMi4f
z%GSD?zg)?}DA*FhZ7?GsU<wM8c?h(R?H_ZX8Cooh@e1v~BFsn%*_5K;8!+^Do6xX+
zO1->NA8c&VeGe)Vpf^VWZAGNa#7Fm<6)|5y8<&Vac<wEPW=JbEchZ8dxAE}w664at
z`57Fm!LJB5(hkx5QY8Evt{P>%4R6MM1IIu;Xc}>@Vmfm<b*T{KYPVPfv=Rt8TYO@F
z&+>jc@)07Mp2ctdPVAe^&j?eV&`-aStESq$XOq^JYM+o@Y395B&>}gsAh|gF?r0T-
zF21#cM%nVLZ##n-Wi<A?`p4`R1-IRv@7g(9S*x8wAlDdnv=?y;>!z&tUP(*yeqiwy
z9t#_E5R<XazEvO_)G3Ar1(kpOX7gkG`Y)G2{~4agmze%W4Mo(=wb6Z=l}gg<3SnQj
z`ups3jJP||ZSCrWJ4u4^m#2f=N7ZM=WzBot$UWVF8U_!b+UM&VcY{KrG-%zmQC>e0
zXLopE5}HX+a9gHNM|*-{XZfzqT&I+t?%D+fN1$)0u^U&ccdAxx;9;}n?{gnIW-NA0
zb8f-`#WxA$MWt@1ZQ9hcqw}QF-`Pz;1rm{3Wc>yrAh!T85ZjFAX&(G8bC<$BF?c9)
z#E9|CaEsd|7Z93f-tt(pYC7R=KJ|9j|Aqv)sD85U4VkWb>uHVpn=c#gP(155cLwK!
z=nKZ|4Yo<+_jc`@--WJYpDVLkqFn+ffxRPYvkdFd*e2fPiPUV9u@A$_n+Uu;abi_?
zoVxa<lzdf2LxY2?bj<N}J%!-7{xJdLEeNSVie$4RyG2cz05v5)KV@4PAR3&J-n1p7
z#I)`BXA0vAm{d4fK9bE%ID$g}?>Ta~9>Zzyxk5~(-+VNE59}}<G+JKSSVdR=CPcMD
zbNL8(9l|$F4oyf)b6I`av>Bosm`?=7K>=TnrRB_3%tr?d+sC(@v9vYM-)Ep#ij~Xz
zhi(XKzxv50H5J(|Ut%o}ia}Vmq~zYYcNQVG|Gj5V=8u?><WT7*qy9`mg|C(O{mY9C
zSiOq^pP&SxCr*HQGL@GdXw1NiB8AH2$MEUtuX?DKo7Cs7M4X@Ie7Aw*qf3kcd=r#U
z$z-7AHkGG|%vaxlt(YXn@@-#cewP)dbG3Ywmr<`2`_{}BvbCjn%JvjA+-3?+hJ4O1
zX5aXMa<dd#J8lm(8M6ZM++c~a2pOZur_+Fi9ejNK)L>$Dsy}|%w7Y_n0YnvZ5mLX|
zlT%;ak5P-q@Al2SqzIDW-|hEN=hI|3WDAKGY4{`*V6sOzH;8=$3Ks(c#ugICh43dP
zVPMr?{mXAbBZ@=9-}3d?-PcVSA@-6HlC*Mf!E^05Ty+quCk+E|wIVMiH7Dp54&n?t
z6`r^2yA#7m1{^q<hN~|;p2tmD<pG=rhtr&2!yaCHO}`l>K{HK|p9iBjH9^T=OTnKQ
zOTS9XkiOEr_9CwNx2XR!#{Or_{@)sZ*$hD*IN^zdl-3&<N0gN&?f=24fx2&1IA<lM
z@s7kV`dC(<e)wZsFIWr$jllAXTaM%JX;TvGY?S4>ZL~|IUL)CXD;|=;vA(cVj*6{4
z=O$>+3=gFmg{2l4Mc243MP{tV$vnKwUb6DC=rN47jsEvYcb+k7O~P-;b3j1AQ((BH
zl61=KBxPo>#p?^#3;W-+r#y8diZF1DNN*ArRQ{lpUpHUTBJdt_rFj<$sB@w4hai8q
zM30Z7{jsc3t>&UH;V<`LSi7<ZNS<K%ovUp8;6b{yN%^F68-+<>-v-0JCO!sS9xVVv
zKkAvfg@f)-C^l(Gb_bA;YFG6DowFhSsBjOJ6yHX5ig@46e%dOg%~d&th0y$5XlQcn
zuX^_fqV#<=kO0wp1Nw|pD~`iiuXjeSitIb8{#yyu*r>!we;fiZDLzJ{^HQy8B-OwU
zy{PH*Sv_TkXFJf_V*3`uwX`M<3f17Pc=xc1TI&$6I7;ea_5|4jSC*5Ie(=~@kMgKZ
zC<s=UT~S0V--x12Ql<zs9DCEy7i<?D&uHG82>nY3%K6sVTY+e))h9e2>1_kSpv;98
zL#$%J1$yAP%%p%Mq0?*>Wii>d&y;1V->>EAbm=Z|KF<JS8GKe0tz9u}>JsQs4jhSQ
zV5B<+uhrqSE&@_r2mUSaO6PEDfREs*aH0XT==&zBWF&c@Tbj>my-v)~D^FD42oV%&
z?0-#sYiL6Fd==r_V)iG5M*r3ug|8SAA1w&4;Tx_IccGHV39Kze3ca!jS00`3-G($*
z>xzP?p5VR*W^IH4mZC~qt0Mi}`}5FeTTxlOA`X-AKxSA&W={YMx{WNu#`u8Yp}gtc
z90r>V4cU#U5?(Eh>IZ;Hc!5nXg-0CU)%|64V!`cS<v&r2KOlDO7h&NQf{1Y5axGeH
z4OPjrSrDmBcNENV{NLSqLN_aiJN9Pb<7;2xYl(Mpf9Mo~tHJUrqw1LuRnSOWj2I)n
zP(rlS-9e712^|XPaFw}iP?m;M{ggq_68&{L3(z+|>sH4s>u@*k6;sD#p2-84nCFH6
z@&5X0Ya>onF&<EA7asoSHFj@4dar4`&or?;M<SnkxI`kd(Y>w*SjF<MKK9>T?SBUu
z!(NkN_j&lQ{m_Z~d?&9{!DNphR9&`}^%0yJp?AvuuV53aLq}OY4WYo$^2Qo-ybjB&
z68z1j=4|L{g$M+&`1i-W$K+;+N7CL56GKsSHPNzRT6eBuhZ~FS82_N(Nn`#Y>Xl%b
zMcSyC107)tmF9Vf##tDq1@*o06;DD@K*asK6{Cs1-ba?lx#kIiWQ8E(zpuJ;SQjyg
zomOVXp{DQz0#3fCpHf83B97_c$*dQ76=PrtM3@=tl|Oc~HwVvxamBkBl1kDPn_^wK
z{O_~qmBK9Dipx51G)zYQ?TEX|^hIXifvVuh&%bGI+=AOWpcFvXmYiq5a~54nq2A|A
zd7le-_<hf0K%l0>Tr<`mmU26nekTy?VC^Bd;BBSdtlvbr2GJP9$blrNUvKjwaw1p)
z4SALH)$n(ajxIJ`SdNpj9CO$Dlan3X%Ugr(wNTK7K-g(F`@ruv*WNx@6-Hn*YdYao
zR-7JU=gpn*N~#&m_2Rjt=f-yWY&D{PJ%G$FB6jR7Vl|Z795UY(1r<Ro-}Qgu;~vEc
zR&>4BV`%%+aQ>aY1b3+N^Vii#@f1LwrUP0Ygvp{<sVW~Rpo7hFg1A1*1Km_iCl*HP
z41b;Hf2$j!C<bT*1p^~ybCld^ph0=JVIIrmaPPR-Kz((}e>;>(JMl3V-)}9Rz#<^|
zXhB*!XVLSXw(7DYtFm_K4hsdE5#h#0)NzF=7-kR&HE1sevxT3I^GVqVh@R7AZ~}bj
z;#u3;RJ;%)0!rpeRugcaOT<}Ra9lc}(9BcW_f^XGJgL*0-Ls)B<rj8q8r_R!c&!S%
zr93Z(PaNn$MAm;IDlgNmhz~>CzKk3SoK4vZypHvX_IRJ(*6Fg<LFBZjmG%~>TzglL
z{5(GGB*IBXZjRgEE@z$bmZS62*rk$3D~cEo!B~^fY|mNLKjF(l-+=-#_nFs?oQb6}
z>IU%LqvM79;TM@dF2O?Nn<J*3yqiRh9<QnkH@Q@bBMme-nt7OGkTzMZ3RJ&`r+D)6
z(#bPEB+kf0R!%_*>=*_FOHYyHh9Z>f`d%#zp)WE_S*@M|T?y7(EewShy~!BMILmU|
zuU}r~nhlBkM99$cJW8_PCs%fS`{gfA{MT=f)W$6<B#C1b{)QK|KTgdc902~;sRsuH
ztonaX|4vdfkooVV{6YZu-}n3{r`o@B?wS54$G@YhdR`%lzt9+k1CD+Hz)(@J8tk3A
zflM?2{McWm{F|h@Cyx3*!2g4eQAk(ZJQK)-7Wf~V|6xJ(UyT2u{l6Ih6Z{u12h8Bt
za>dya|CjC8I9s-we=+|bng4C(-=%v^ukH@`FMs@B!-Fx(|Jy_VUmHn+?6>x~gIzoh
zhC(URQPpSPQukt_OkGS3c2|B+(Y~d+_H)=l-ogKX^Oonq0tE#Fe2Dr?@aW2PwJ(C3
zYQvktkd-i}EU4;zb^|)w%~VVM*KvRF&(#5~+de^oxBS=H5m_{ED^9taX2|To({rOf
zovlxzWNXz+l^}Zg3oDo!9EBdlMX9ilk+0RtO?&Wn_X$T{btPfTA>)cdK#a9qJuu&M
zdE1bv-qx4jB9QYkuLe^rOYI&ToJpH*cbj+t4Q(htKs&v{c#ov74kky7m(}Vq{`e;1
z%H(%yv_*X+d<`j{A#d_00^3ZOO}V?o$aZr5*h{3~6_U93d*CIhp1Hvw-2TN6x$}L%
z*BJ!;?2`SD-ybpF<Jz--=uX)i-GY6|DS4~c>Vq4QhF(`f1V3#0-s|m0V?j3V^5Bs8
z5^BGymUT2uKFXCD)aw@mc}pb35{)+u2hHlKYB2B@h%7#r*3051@nO$boUUmjm)weV
zU;=+>BUEe55-_n&)cv{{gXCjzGdQWSfcqj>bk<3{#KX&EZ%jGW<JqklEOx*$P(Ko9
zdG_5`n8}K1%d>UMOJ)=OvHjF=r5?EKD-6N~fe4JVOF9+EaBJ(?z-^b`i$w9W)hSRg
zMHxZWf7V-Uc$mA92UWCuHU`+zBXbds@iFtGb38|I#;>-nW^>^kI84EAk&?$DJ4k#P
z#PugfE`Zjnr}oPYfm$Fh*+<oCj;fx*`$iddi60!|!QVf$s{8sYTZc#x8%Wadbj1MV
zb?kLq*_caY&Pr%$_)$d+z{qj&5xoyp#HHhki+|n6Ic-iZxPG$jtQT;e3a|GYgZcLE
zdtkM|6cFE@Je<W~|JM`e4>9kU!cv9lmQrltjAIe+zM1G#E|CTv@g7wfH7e&(2dlA<
zT|83E*yy-+_&<ku^Kpe+-+aW%`icH=2gI++dG)vWT|f(>Rb!UNlJV${5|3r8p?SM?
z-2mM9n{V#9$Wm3rF79oZX_nb1(dw|b&r*+2;Cxapt%2TOd7$=iTwTy-L=hA+rQZ6Y
zC5`2Lp+z#=Tr75eJrnrmFZg`JKv;TtjC+6F@$2HyrnwIP59pt?>h%}1veyEvBNPDu
z0U91&l1()frw8rVLL?+kS37}8aXDR@wQ&BdNU$fNwP1sq*j`ItXuOvTOL%~0sx^Tj
z)TuxC?|nw^*g<VFekwdA78tY`)nAOLFT(s$C8SkHU|o~~0ish{e$W)b5bV6kGo181
zE%As3o``)%+w#V-`T&G&P4rC+x<`H!nL~}RRO0NXxIit8*vt5T01H@O0YlXzULPd&
zm<v6yX<+LGd16FOcc0g>YkaDISZYygNy$e6i?XSV&x)z6fcV0&ix_|<{DXAh-xML4
z@vw)WIP)6*?`C+Ov&>iOLt;UrasG_{Ji$c>Y<go)V2J2U5&1N+Xm#Bd`<YkC!%8wh
z`_nDySvL^nkLjoDimVd?T+nPahv(z{=|K`YmhB$mf>%?`0<Wdy>a|E+2{tz_5*d38
zopKXD@<?25-7VFd+dgSmUiZ)%UjEKOI<aKqd0G(brX?~Jn~7EkQ03QB{+HH8W3p--
zGJ`^I+mW~m^rxS<IdR@!Ds6loHcmj6274Od5ABaPtE7U*loWc;=Ek*-1;NSwb3+|U
z^bRKt^6e9oj)rRkz&rMg0t``qfhbr|T2>(#(t2ovp%NAYkvs9hJrDdM`H-<Trhus~
z3$OebaqBeprq+-yaHqN+-xC*DRy*^O{`B)68&yW_goMQQtMNamm(%hm0&@hDU}eAa
zos-m+Z|2B7x5n+Oq+70}xcCRYXY9@*=)?TzZ%qbURA~2p5OhfNc#pnlfV;|Pqx;ol
zC#vv<`~Bs^9)MStFq_6~V>&osMyp`?+@f4}W8d>=*4#@`mfvdV=`*V?t*V(pIHc7z
z_5;N++GxG&hDV+CCxbqi9*rQ&^_rpVUDrzm=2Whi!moPZsJFcaqUVok;UpVPu-|?9
zY2cqU;F&k<iDsW$jb8kMB+-F`0@OCX;&UBa4`fU_Ty-CR?tjDrN!^XBaCjT+d8)yT
zK#nMr5x(+mzit>lNZ<~ce*XCoT?de#j)8n6B`>>w!nrUgG`FA>3hyYXR~PMgf;~Hf
z6;t?gNkB8dccRtVR4-=QhhMFJ2T7FqBH#YgDtg)h#YGJIi3)hZcC!)XjacIb*u}q0
zhZUYz<?0h8dZUl`QXrl|{v%ur=Pk(7T2s%C#N1m;`HuI5rp3QFjZgVN0M`TeEJ)VF
z%B_}$H{m_$h1l!l-weKCy9ag!yz>GA6#4gUL<t#&VecXXuqlaYbIQ!JXi+s=GV^K{
zs+=y~Y5c8R<mLsu{_^7x7Ln?n(_Y`)kT7n7cU|le3`rj2SUBbcv;75@_6k#&sl$XZ
zS|$aLCkg-6!fRvjUmKeRcn0;JN%K`G9es1MbFq11#4?l&-YgYFBqfib=J-7TVrQc=
z$F}SMyo|9(Pg$O`tt;vFGJWb4TtQ<MHAWXM0Y87KE0SDha{I*mS$Sc*{HMnn^sihJ
zy9$CpxG8*HuqT6U1=X~!+xx51fXJct!dx?@p#Wd{!~_D9L70%26SgFL@TWKY3L{Tr
zkWq|U0kb$-L_g3eGN>q$idPw+Uqfh!qW;a&*h$F{{QPKk(~1p>EF2%|cnKpl2q*rN
ze*BLB!pcHe_ihgOF%@6jZ#VwBI>{dJ1t*})+2b$%YSLBTezeWfCW~@)4w;4ef1WKY
zL4y}4^J9s8+xz~$S_Ctc3;I&y$i*8&q(E$1S%i&bV@12s7tCTTwEG?rR8|FvO+`BI
zJBOzLTU8I6d{7^yh7s!>|LP^CPD(D#FDa@kZN~3qC!%8venHqj6Izj9mS2BkBm`1(
zZ)S$DNLO+&A7@qquptVutFq6&n}5$r3|PiswKW`cHd#;FjU-sew>m4Z>1pKYb79k>
zyc-|Vl0iIoEQD32y#9|JuvU#CMmrahz|egs4&~Kfr@yQrPs2&fk9;~Se=BZ*<c?wX
zr*K{uI*eq)O|+g}1u7&{>(;w)oQKCq@(O5?qDcb$m_Gf$C*OR!h=EROQ%F9FVx4nA
zDG$m~LRncHp&lm#W8Jr-?#`9{17n54ky#FJ`5*RCVv#8#+XzLqlS{{-*}U!iUCfMu
zA$b~wh)pWvnJWJ6PZ<`h)Y=!+2WeBfRugOdVO<Yx!}BqZRAaxhgnXYl((Sky-gl0n
zFtgIpVHVE!MA<)48&`|@%j4uZ+!te~Np{Qw`=@gxTeVkqqJ&Gt(|le6cHBnZT^JQA
zjougj2)VR0HOHH~5_Xkio<>`kZCmje*gjxWgL_{mLWj1<^zdhIF0#lAye;R-=iKEa
zZBQL>Fo2o<JP^Ybb95;2Ba>h5LTw49ES=ylwoBDn_@8vmlVQQtg&!TbO}j_7=WSnF
z+FCQtlAa{@!?u46+_Z%2tsS7Y5mbC{6Rt@_bgY|MM2yqzIm)_dK?(RuTza9nseZd}
z`%Q9E<`<+_9lxX`_X}!8@awjHbN;+D#gfhf70G{X2pn;O{0F`)4jL(_>zj?fKL)`O
zXR=Wp1B<$|=d8J<jh0tW=t&gqEkmO{#RHl!3a3YL;JPamMNN=yMzu5jY|ut<O!P-d
zIG@i-8$ND~x0f_xaK1yk!BHZc31a_>s*oNY$ol9ERhc`b{Pg2?=Yl{0`5OD;*6rXu
z3EJ*-4afTiGyIG#)+*}}VNol1-F>ez1*IKi7DI0Xsy;TH%)01S6@yc+<G@rbt-t|k
z97+W0U+UDS;`aJwn(_FZJnB_Kzv|V$QOBO{vFVTEg1PnYJD9Jx5*syF)5PvTXv`Rh
zZ<w>!EfZ=0<MSh^?Qc6!GhNW}4CJ}n|K7o99c#kL69W_j4_bbpOE1<zV1!>iSc8qw
zf@MDhS=f_wlnxA8SeEB#A2g~Lv?p2|;7D8soTKfzKetzkNYMY31zyjZr9)<4JQ0p?
zjJ4%&Q9=)Ye$#JJoR}2`Z2(0a_mIE+an)W;AZIh+8H4eFR_W&ULv&;JILch+G<Ah#
zH-MclqO9#Y_wX>C;6C;HTajt0pF)!@N}O*mA#H7*H!4i+)2Lpg6QtR*tnwScr>lo$
z_c)U0$L|$cMQ?m-3}1v5@?D8LiV5!02|Q<1#(#JPWpg=h)S7NpsxE;LZ`MdWsYn_`
zzM5YWG=);3n%wDEaWs;CU5b8O<AOI9Q{ps2vBnhfNQszbNJ_XIIa=OZ20*WK%V3Be
zN!AYpmrp74DaLF?Kv7qQi`S)`BNxVx`nvAh`a>AWbei7z(79NC=H-?<n5SgM(Qe84
zxk~TPB-w8Z@s@P`KkGi}%$ra@OFq<ttauf_pH`==kG>rO5#MdCuC};ejNV-GEl#47
zjEBVaj}nO~$8a`+GyMS{_apMzuO(*v39RN-+s-^qTn?AoakZ~o9+PriSMSe<>oLwH
ze&h|rI3KuVyQf=;&v*)Ct}hulFrK9~ePUY?kldp!5v`kJ!beKFrq$8elyIYMRzT#|
zO8xzoTKkolYXbe^)*KzunZtHX{zx<~$b`{8J&(G;xK{j=U~eyP@1{lx&;~P_j+hx+
zuq)0``6{j?)l!ZrMgjMag9ZXMaXP&=s4*W}An0T<32w<RDzVTw9}~9F*U$km<CRN)
zt=JBS?C2NgKcNBLu_^Kf*FWy4VDD&HPGxS@UPh|~10EAJ^}#*~%-}D@l}954l}4Y-
zK7*|Sh{t)b?8|E<tpmXGuvu<Awt_^Hz0f<+Vh6b#V-%vO{zS$So4u8GDsB(`n4TGB
zu*|lB=0Q)80_CvPp5~&Txg3C{@j)@B4uWp|xnA8rm#9i0$dkrsA&$>O*cwHGsPmx}
zp|K3Z{^EMMp~?j+*H@mC_h9;kn}Ntb9EWiu+~?B!`M`wDK!*?5OWjPx$hNwS@RfHl
zSqn4=u5;c4V_obTBI1Z=n48m5s9+G}n<{fed%Hc!zu}njcD>Q{1>OhfP~BzOyX`Kv
zKCFsD2klN6+ctiOQQv#E)x2<vdKqZ!^H!c@H8`o=zxN?Xsa?!k2#Kbn0WX=Rw=r5D
z+;^);NVMDr(F8|PF{84=fg%F1u@oCBfx-M~0ZSzuQ+UeLoB0h}TQ;Zc*I>Iyv!IfO
z{b)H!(Qq(B(^wmpJzG-crf)XM*4qRLmk(uJT-39$m&`bQ^9xgLL5qbr*BA)4eLbme
zYi`>roezJM_aG3KHpBDLA8;rb4sPRdHAFf*O~05+9*gu)?9SMb%{BJ3MvD~d8PuX5
z{2AOp-~F=YpW}GG;TUH?z=yQ@>{Ymn0t=|I8NVJ4ftYH68r^%W&xjW*>{`-C*iE5y
zJoFe<;o)VoJweJNU3dvqJ?~gEI(Cs$z&M4JY?G_h=5_o-V6-gNu=vI(Z-7t}Svl1=
zLkbVWK<x1H@Y<}*E?=)R4^*4liNghDC?FJ*cNSJ+T^cES6UQF@{E35NAz^Ow2}@5R
zUxm<g^VqB}Zl&Wh2XQsfJ`ar>$uLkmj>L>EiUf&WDlIq25uf>er1ZPMk@uOo(1}CF
zUNM{Lh?>hMfvTQ<$h4=dF1hJg<RYNm*8KgxChFg0Bm5xRJjWYA>Br7cb2|5rqhUNB
z`%oS_!IFrf@X_piI%$~+Jd9ZHw9Rzrmh(uH9rOol^GTEH+SPobh{NUH3vRgG(}n<Q
zSP;V{(;#zX+<DrtYP=7XNnRf72*_UrYRrjJhOzC>ESp`P6sX@)-uR7Ga%4Vho&;()
zU%O0*I{to?*yu>01eHSy>uk??7)83KtA}<@t|Wb)IgF^z@M%UVyxID3G0(abwM^|J
z$xN5Lq=Hf=`nJCeJ$5r%5l`&s#Du{gpd%uqgK!mR!yUc2c(>=FPsLgq4vhGM2fU&&
zXnQ;4#DNEr_K0mGx)mzFSYhmScVk&^SuXO*W-G!odEP|rgFS@i?rkC)N_Mw<X!tV2
z%QRP6Gu7%qOFIOmCy#Q9xk)Nj04Hr=yHH=~^Q!ml-Y4h;@tJ^T0_c@FqXgtaO%|hW
z@G_j*T`tV=M4U=J*ncnJOOyO0us+MTZ@K11Y-Z!^sOmEMetkRA#y%EQt$WT7k4*F_
zM8{Abgpqgfz8&|AW>PQ&mdn^!y{WOTicon;B*=k;RM!>dEB5zeuS*}%BR(UAKSDpl
zpe@+F@r)pW4!YKY40==~3k7R|4lrSHRFg1i-jU8L`6$3F&ibnZw$!yi<$&2Z%i?Pp
zX&p5O#?L-DaRje-qyLokmaV}@O&7G?XK5lHM13tr-i5KoJ!eh15{Ks`nPy|SVFdej
zKA&id5<6{RO1M4#7MoG9h6m?3P(@jpxQr))6z|6v&Zt^#$$Vs9b>eI#Kx=*`Eq(%~
z+@COI`v$b#x=x#6IkIriO0<!6A$3w$F;4JG##B_iOmbRp->g!zI!vufp0CspO|gUP
zSZyPUZjW3rX0rk?3qwhbd#`DxOxxipQ?O<Pbfy)jtK-I(vXrX^%3WCJ!k4WZy~B;>
zbbcQZ+H3lxA^6CA!q^D*x}cI}SCGB)>K|MsrfCP$@l@uM|CTIB72^mbQ7kmEiq{KI
z<KsvUTLmTAb!WHNk??0S9|#!8th~Bv(C@@qAj3;U<qgocOx<ix9~S6?8-2OaooeKq
z2R}&GlrQx9iVEqwamN13n^$jHn8ql{mL_$;!B0<{PHU7-go?<Ct?#BCzr!BQF2rB1
zlc_Y~61kKLFM#gvlf?#@48~WyI^G@@e;$k=q#dfB4Ay9bkHy_=$Abd(<GK|Etc#lz
z;!0kd8BjqBBs|Ct;*9yKbf7QCPxquTP%%Blf>blnUuw+2-4I2ufj%*H+t4qBvV3cm
z?>8MRMkp&MQWK^u?8G7e>WO4{oXt0G3}Z9ddU)SJ3HNjgL%UV-T_VLFY3%XqBiQ>)
z&^7UrD&ngNzpC8X4%RAfNeirPY$Mjr^n@euc&e%+6-pK~pdecm0;psN|B^i9ONvh6
z>7KUXQH)Ftmuzg#mVkN6A-wK3N1fgeH=ng0v}_o8VcGNVr7#{!yiy(O*zwWZN?xj6
zC0VVB_uj~deSHrv>xajGJvWC)Jg0}IDF#ey{{_r%2ZxG2t?yR$cB7z@l;FzBcX3IB
zA16Fd1DWHz|6)}g{4mB8^+b08AoK(B-zE@4IU7VFOhq&j7OC%*mmfw=PYhVDH6k*m
z6_&>j?)unQ(SBSPYBRvbHW6N!!c`LZ2xt>|oQDzvF&#Ga0HvS^j6mrxIy6WWVxa-1
zNzW&<9Sn9dOD=hT4VXBV%y0{fpw284568oQ`0Xld<9Z<uvST*uprK+1pRCWfCj?t%
z_3LlpSha^3++4E7-C0!=05pXHJZ{3O7#I!O^o6O+)aC_4?%oA^Wx8)F)=~-zLejM@
z%=mb>-p2U*`xA?I<$Wf#YszQwla)zDe=n3(`zVL(^USLrYGKo1#hmuU{_G`wpQ6)Q
z18z$Cwe#~_IP3N|$Qi|G2ubQg65l2PE2B4)X;v|I$vMVKCcJMQyCdtHd&!nBt`2YE
znaG$?J;vx7YT|Vf>7!@w+>r%(A-*Bj??xAD1m=y|P3-C7<sQBXJk&Qh-0JD+S)Ynf
zCpKt%bbr}rEobsg8r}+}H+KuHsHMZ}#7Y8r%s`@$Mc|9)kJi{KSerr7a2q(xmP)%s
zSN$Cf6^IGg_n!r6Nbfvie67AZ7x%~drws^vtjWgw?089VYt3aMd-&I>_*?E<quVma
zM(FpXsk2&>Z|W@K#x5w`f8#R6C^3>?=##oT4l?6S`Te#7f=E~IXGSLXeqIn<q9C$G
zg24HpFA*Si!M;nbQHjxRjDFnV2K$&yJL25XkKzu5o+b@i7C4sbPUYMi3QIlX8aiun
z{dnQbo<zbq-#bG43~zXD2Qn8V3s6M`FbTfuv<&61QHKpGz=;<aN!EDJ#xH*bAty1J
z*bVBH47_OQ@U?OcN>w}^xa8ImOVHYBK8!v^t85-kTli*UdpM<`QC_aqx%9yD1pDZc
zqWUtSOX9j>a}rr2lP9|qp?fuzvM!W`pp0G({Q%Lz1N5+k^>1x6ge^Fi$`U}c>j|z!
zgLxZs_v2$B;={I|eHu+C(X|sMrPJ%je9*>bO_m=E%PZ3>2DMfjQP*ONF1oHQm6END
z%Um3bp)|bWi$^z;byrx?wKwYecs8lVsV2>NJRMjCHnm?gZqjZ{9_DPgngN5VJ{1I{
z3Z*YB`&YixiHBzo{QS<`X+`vM&$EP6=D{+OUYN-X8;l}^%Q!J;IUNDE8n>#O+IK$D
zk5dBmR_?UKRbF%gA=e2YGz>TPx3>_ntk=Jk)KwfoXRrBLFq#xG{9cC+KcxG3XSYgz
zss?Ka>sn@Uy%kI%0Q%oI=@l8Se2%;o#gpJXT0#Aet?8Fa%6*s%Cvntdh*!CfL3m2T
zk=OkZnP{gP>04HKzq=!vRE0inba64F)t?qm`TC8R-cT0j<j=TOWu%-{^U63htbDRq
z{1?_{j?*$cPhT%yHsqQX!<sz8wcOQXZ))W`0q0?{Im|Kp62fzbn_(xKap|djI9KZh
zwjm_7LY_yHo|GT>Q>darx<r2hv;!*j(<=YG^EMd?5{v|8aNdp}aBItjFEpmUR+Nzq
zx(CN_os0s?5jn*Tf<E5CYHfDbgom(D`_sinK_&mpDkc(EPAvZfsU+b|Q#i)eO$}1M
z7{{cJk}zJu=OEDsmN4sFGeVOXk-G5W&@<Am4!yeYjBMf8UB8{2E^kB(;Jt|p=nAvU
zk2|PaeRKfyDnHDJ&fBSLVgy3vky=jaKAy>K;HX{aRQzfs)Ku~^wYVRfx^12i3}PX-
zLm4A|pit5#^5IDb3to~34SJpkM14cc9S>pm>vwF*XX-ZnK<I?e@}QAae5WCOV?L4B
z!IUT)ka^);x~O2Q*@Hvzf$;!QsJ-XW?UT?VV%6RX8IHKw4Kj!R!tO*B0*rht?Iv6z
zt3H~H&xH)LhOg~sbBpyvZ;au-KAs<3;5;=~n)EuJev;N-h{WakAA<3WjIS356|)%?
zNq(~U5i^e!_?S#pde$ShVu-~=ZD*ewm7^*^_DR$c@MdyxeGsUhcpetUq-|&(Znpvp
z18zDKHvKk;U;9w?JGR%6{uu|)a+G#c72c(^vVPDE=mR6U#akrV57q|&QqNhE#g={T
z%@x|tDRsl15_d!U0b<MMMqi)l7F`17eKUE1&+FRIWgD@ai`do}mQ)}-*JP9jzWeNP
z?);O_vWC|?C0$~NlN7!i0_&VQoPzLCCYg00GxJZxqz^vg%szJjH{E`Y+1b)cnOPgX
z#MIuq)ouhW*>f5rA4TmCD37B%bc^DvpBtf3BxM4cmbZA;D#8yf<jtTyeM3HsSkt+c
z7|Cc|Nt&o@+NE<?>?nl37I+4cA-}*k+NW>3o^j{nWPI*CU*0+iByrzE5NxB4J0#<9
zA(dm&pq3!@1W*8z=Pi6Fx}<+#*U3?7<lCp?EgPeHDd39miBD?J%6mfJE-0AEAp!-Z
z%(x;71B}<szOn?BF~hK^E(V^0%=w1Ctvm5O1pG|$c|>v(IheZ!LC()VsU(R2;QLqj
z8k-S;f8N#T)PzrrI2w_j0kr6Sti*OPPnP{Z2|u@PZaA5v`7lHJBUp4lRY~D~Z+OY1
zvyU1Ed<2kh;3qLmevzg9sGD}MmbHptZ<!*hq@WUfBl-g&ZamRJp)t<5SjR`Xol0g(
zBF=JxlFl@OYOBGpb4P)G3ujUxPrTP@M(h)s{{95PixP!Gb=u%JMO(t9yZ-hnsa+(d
z0+;0N+m%s#A_?_UweJ}(g6&RS3BHvY_D7yPLS+K3h39jtjgGZgqWU7E#dJZ1T5Q)w
zJvO0ZK)XgnWlr+}L#Ei&0{WF}3Lvm3L8lDAUPpnJBQ-*x(kkt!I%S9cd{~dgN2aSo
z`?yFwPl2`^8ew^c&UE659RO-{7y?*zmvQi%cDAhPt($jH+awv41br1H&x@1oTO=vA
zGmg{2nu_Qx8&w^`<5ju_!j{|Wa|hVD1NxKs?hRE_HG9`JI*}SWx4eHUI~$KFDVHeu
zFwcLE(X_=(_vpk9Evu2(KLB@+oq3`ZDR34?3?NE0U=V<Wj7t)J=;FV#u<SLBUeNGg
zv#5o#ozTOJ(>-Rbo)J)EE2gF-!=j{;aA*pntXYRHGX>V3gfLD`x*rN_I?BrkLqT7n
z;}mBZ-VcgOw5BS~oHi7;p!u--%PE>)1(%veqfRT*B?qYty=0yfDVYOOP!l24ql0vy
zo4RceM|~Sh`LQh=GKPkkoa0N^68>`hfoy;7l=UR)uOa|RkGi5BJUoN7+yvD`ICZ3)
znXQ1-B5B?vi6jGd!$ua|X62rv*UUYxL|&^q!&KQk_U2t&{@+X!iL4YKa}#tE*Ak>l
z9Ys9ujXvN@Gj9e!v%^A7QyqSx=%#fPvZJ^KRmd#8u2Q+<dA35xVyUj__g#Pl;-c!4
zp>=GK6AZgmhPu9^IwkXOG>V0vL>Aa&0%OmKD(;Wvex@~;dnx_<@O<&(#Xj!*64>fd
z|64WRZV&q&JgKyXvxehGBSrwnlF8Qu_eC{a*NLbjGKJnX<QqJTt`_6`=B#=!8O7ac
zWB(5y*?DC;QZs3xFzI(S8s62Y(SP*H99h{M6`glZDno$!Khy;{@{Z#Swh1$8T$1~?
b2o^)D<b*PR3BP^=7fwdvn|QgXUcmnWl;Ju*

literal 0
HcmV?d00001

diff --git a/docs/admin/b2d_volume_images/boot_order.png b/docs/admin/b2d_volume_images/boot_order.png
new file mode 100644
index 0000000000000000000000000000000000000000..a62cc95e5a73c2f28e788fd9959e95f9cf8b1e4e
GIT binary patch
literal 28432
zcmZ5{Wl)@9&o1s#C=@U5?(R~SB1MXOad(&E4rLeD;>F#qu(-RsQ{2j8yQlB_ojKpk
znR({^ksq1l$#q{zCb?t2sD8r6AjN=#gTn?W%4xvCApqdu;7`#I|49lebUptG-o7Yn
z$zNPt?CtIK_4OSeAHz5tHa0f)_xBGE4`DFa#Xa=k;NblHe0h0!VPRonVq#=uq_wrR
z`n>v|lG)kWm6esz(b2oRyUxze)6>)L?(V_C!JeL;_O|w&ot@3i&6$}QFc`ePzP`1!
z6(1kp($do3-#;}qRa;ZDy1H6XQStcrcVJ+ksi`S1FYo&L`uFeOjg5^B4Gr`2^KWl&
z_4W0ssj1o7*+WA^&(F_GOG{^GXW6~mc6N5-<Ktcx>%ZssGBPqEe~lIt7J7Ji93HNn
zgR2jBc3)wzl9Ce5T3FJLBq)!Qsi`TT0%mP()w+IkxX~#b*5#7kk_-g8xVS`gZLA+2
zru1LMc3nkAM#8}X#FGE2tE&fp4|3~=l@4BR{*Hlz6Jzq8bgVsB$bD&CypIuv*Ei75
zpSp#EW4U{U<u1PI!@(PMz*IE7dXAyp(XxD@SE6um7Z*Dua#?V^X(&ons7Aj}4kzGL
zllK0?l;GgbYipECF1ogF5y<&j;NX}%Py9PChwoq!*%8%y(AcpjuLY=%QFXG)zla$w
zTtMOAJ-&@Vfnsp&`CjRDop3afJuy6^2S<ZI)tFtFE@*(xwy$C0q6a*FmD_BXzpljw
zfA5+7Yhnl0W=1G{bMO4ZLQI@Ux4~DP>trHjZ0G)$H+xrW-aiafM(9ts1FsJ|rQ)XK
z<>e%D5542k;YB^NI;Iw;d-(+g`K66L@(1O;ida+jnKe9bBMWj8!iRdB=$(qR^pZ6^
zV!vls!&#RFF~AAf09}L-3cQqBK~_-cRhcEcl(<+!?_gDPKRTDTarCcv5AF3<zuSb$
zlsI=kMY!digNEVxm7y|<;4Wz-xZl%@9TkZOmyf55<(tRXGlf=fj}y@i8yR}S(`#Gt
z7MxG|F(Z|sXKlkT(muyCOPw8+PmlY5F9zsYD0#I~t(_wm(;4i2DyJ>N&yMy4;RGwi
z^`V>&BJHBti`fqY2+NOiPm8dvaoF1l^2?QH4lEgZs`~zzCKV3OehMHbt>puMo;qz$
zJ4!g*Ij79u<eqnGreRE@I07h}?87J7r}FqZPIW<#n(Ib@*mIJidHJypj}1PIOc-6@
zG;Gt6dw>k9KXj{)Bvhf#N{<E?G2~|)G%UcR`;udWte*!D33J(}Vk_yfhw|%LL5tyd
zqvLv`xW2=R(CN=qkpMehHH%Mc3YedavmTFy|LVrillz~%e(JF<r_>|qt9OiYSNNWt
z&@=ncCNg}@0|?_5z;tKx6gn5br4-v<uj9dI7IwIa3}zViH}f6h3Y72OQ}X1`t^NdM
zxh}C3)n&7osf!Dk2WRAjdmSCshbo!5Qh$i6LV+b;>B;j?xzgV$19emvKdfi+<dZ83
z(hg8_@cacnO$|;y9=tfOBlo!9K>M~~u%T9=Gm)CJ(hs$TeYTC6haXgqvV+{*hrNsv
zcPthUZ|!@bFTuOpDC!=YR?yC0>N`b`!MiV%g-jB<&^OAVyH>-B<hj9o^@wql^uA<e
zS#?tCPc9$1b8K-BP1_CgQ{8ep=5wHG6P9=OjnLqO&epQTD(sqISMrC<?HDp-iH9JO
zUcqRSZIs2A$E&v|Q<BGExasXZM3HD4g3OhsKAQ?t>S}h6cY1*uDeE@-Y9WIRIG2TV
z*X1@SWh)I&87Sog-cQYX@0TUn{6!mm$)pd-2NMt|ySJlELJNAvAH#wyFUq}P(4e^v
zZ<wdWpTU>ffxFglCwv-983j{XwNl;Ud$+r~nKUT{#E5sVnVv-)--pG;+5<$T|7@Jc
zo|}&!En6+?s5j74z-ra`);x?P4uzC}?h`<*47yX?LWpxl@tPCCU|CJo1%vuRKOHr%
z!*b#&Mf5Dhkt?4om{i*csiG6S&a{??GHX-&`_tb_^o>nHY-ZKHp-)WO{$Wh<Wctpb
zq2tnguv4sBDR)?^FZ4qua4@3MqGsHTr3j7|*-^=vE-G~oDT`mlqQ?T!Of^P1(HS{K
z1|jr6#*Ll~#`l0BZ>u|#A9FQxtoyD}y$A9Y0$T-r+}-g9vdtye)`Su(+$7t3I#&kh
zs2dp{_rq*mINqo_UNvkbL?Sg3_q$yQdWQ@RgW~n&dtNYPnKz40$SL<Kjb~oD31Arx
zFbnhh7H5!+4<6s-o6gabLF@uDPuG_!o|-~cdC_vF0_+lZmzfI<3G7pj^u3drPAx-R
z**a<cSQY8?0;uKP%?DP07{+t%0p_}>lD?2QSsCxyIu1+O=*buL8SwffZWduD(fylg
zkCneb(6od{u*qZCthIGt*99u)a@X43F=w7+r)zHlS$ALlpO+hFmQR4@IZXX5*tGSu
ziI~4v*^@mZfTyE!@(5(B5iyc*JYswuk^4vGr}aZ<K{N3L;}Nv-_LaTdCWK8fRBr+7
zG80nF#`>eyy(6+ORHR(h;^Xm5(S2Iwu9oe0YOeIj;j37D2?k~-G=3F*k1=Q9hrQxw
z?p5RWh3`L_&V$0IR$tj{Fr>Qyx1ABUVMzAT&OP)RWt^|qT_C;z3FCxZA2q77r~U9H
z<~vr={bJ^Adeqt@M{82L%}0FC$NTG1q{*yyScO<HCVy3b25|5DUTS_Q#a~M&kei)N
zT>4nW9PVUnNtXdn<a*jfS&TX#0PwY3b*`ToN%d8`;DpY%9YunEu+!(gr_w!2pd@h%
z{e!Uyy#d1ALz7`kN*<kFX~gM^ED@)W@|>LKp2`%wziv=$a9j!}D>2acy7Jo6h$5}5
z@15t@l7~Dyapb~c0MDaI>anwWsn#Aw9kKmEtcLQODmu<M)BQ0MGX$dxU7}tH=trs$
zY`6Nl#wM{TghM9YWi%z>@z|hg<mt=+r3!d^IyU*HtzdE$c~j~`nCBD^t{{zC&o}A{
z<T=x+>1X$r?0Vf@HF%pO3u45olraO!i2&q#V0WCsUibn=-sD66W3a;n$)A9Z9#9qI
z96&=1@GodLuk2$avxfS!k~Qj~0T~;{y7V<eeL}hsgChFC_Rw!^9S%^Cp5TCY&yS3(
zy7gai_gai*5L`*L`lI(ms*fKK>)o+}?F+nygr-j)9gbP5)(&RZf7wAQ1YbTI#5i*!
zX^I2N<a<8!I;AfNnl-9^tW%<has|_N<DH^s(RuP43jX)UoaT8RS^JgC-ea{)Dc;p%
z+Z(|M7ZcKtc-dRr7UrIe+t0~4l*ZUaRecLm?1dANVJ^dZ(GA8JiFGW89r$SpbkD4L
z)?c-JKNVO=8xLwAr0vqGM`2{G+oT-Iha`P@1FToDPMn9xv{&EQw<HJ}mFmo8rCHW=
z@Jw&dJ)mGuv)v!-<*Y58p<4?%MH^bJHHNjHXYrM#O%IP&(1@G4EHJsKkRHksOO!~4
zaE23b-RwU&dyNtgJ2FKVARu@tJ+4!Hx9ewZQ%dJOgm42^lo~g+^;fr^f`w!yYzmI?
zf|5#uZ(q}&V9vv+iJ5;X9!am5^B)KpQ(#uS*cl5nmCcfp->hhAhG8#fkHdli(2InR
z!8c;?nnMwp2RP){7=L72Oit&U6U{4pQKZNNkQoNYf8F@KKHVIPO28uF@sg;)naVk+
zM2SW&Vkf{pGg7z69NbQgJ-Nj`Km#qAA5|q22GQ>J>tuvjhW9e<UM4^kh=_lg0f%sJ
zfHpNllSHjY7dy3%nHE?V(BEOjw@JS9(~6_N_bD3@08jUlj<iA}{5@-8I04knFXI;)
zt75S#ch4NmM1yD|N>4>7XB-}UCrAnW+=JxSQ}HA{f`*rT7>`4z_<ar^nlLcR)q*@W
z!0>qrU34Nl7!P`cnflwpPvEHjM{(2i51-lw^Lyppd~X9~494$hAt4AEOxH&y;k|^U
zmi*kS<Dt{{nadAL%MA_dkM0+n%N4h}FW-V~#G7iHCD#uVq7K9bw=9HA`dX9e;Ng2R
z_u2+I^7YK=@daU@pR&(ai_*w;DOryn*A%i!f_F=MX}L9+e`;+&XH9%NE;LxR_jI*C
zc@5u|=3<VAt<S6@#?<e_3x~zW4<R|k@C&^o8zt)Js$<HMue+rg$sGdEiDp-tId!_P
z6RDsb;GP&CnXDWOmk7p|ym!pX`*aAb2$*^)cmGq~s+Ff4>;@Cex{N}&lnRpBOp+3Y
zw^LoJo-kN+lVQNA<idd~^~3CS^wSguBl+m<e<L_~F}?>~9SOyHq!sWaviXoek1vW|
zaGKvNpn=UQH*o5}wW!`1oA1JH9U>pDVTgaO=!)vRcVXXNa2Ww918rE6>Atn4Pa$>N
z*j7Ba@^i!e)J(tgeZDb2et5Ez)h5R<Ll4h^*X-OqJL1P-_@PdkU)}a<bToKACx4h{
z)r0+$^fm3aHN>#a5|RL-wPBryh+PUk@RDv?PQ&du<<>sh2GK0wFdjI*MnqoO?yt`-
zvQk!I?J<?W0-xT_tkcMQPbeUpZ?MdOq|Rkd|GG4yra!r-i>ZsQQR?{<lgK~VGYzqI
z3w)^9v||O`N+^uhn@=qa&m-%8@SBo5K{|Zp?=;QiM$PO4e4W3h;jj!3msB?@6eX9Z
zCl-utGJ3(01Rd1L+TiHlSB?YiAlTai9)j-LuVM#Ya59S4Hlf@7I?v$(gKP{pmlDGk
zx%oHjPc3o1FbA){I;*qax9?$PH=@$+<lm{?1A<Y5bYQ_8+hBepQB-_B#-ho3*{IE|
z_8vd*?KE}DX;3(ILXNbks{3!{0vB*=WBHjeI}l44t2i{QE&PjZRPUd_?3%p=$Xm#`
zySsZ(0w=#!8jjcJ#k--(bl$Dibj*Z1yJr2h8tlj~qG0BQVO@-Sf!^dwsidhtbs9oD
zOVis$CYQ)8?II>;@7D+#k2p|^nb4P>GRu1Q_b-Md16|(!9G=^pG@SNMU6}+gC%kn^
z?ZA$_A7RJW^*%>G-kXMt^4$*hp3k_Yud$nxN5PW}k3Zg6te{6x45LR?#i?eko}c_8
zrf_E)?@LN`19JBgEbP87A3J=;8=xVSc>E0*E&(ZsA3uC$L2WNF>~__tPO~q<(O6Rn
z&ls(NbAVu9;olcFBeTBI$KM=06NU^=J=Is=4FdGDeN<mf-&Nf8a(-y_{#?>I=q!0}
zm^*G9`=SE#4C;NBluRd$pEB^0+O2$GJ%*LtWu8eRnIk~q2BsmzsOS_TIyrof?}>h6
z0&d_`V)IvuEmK&GJ?3ta8C7(dG2;>*R+=Q?Dtf_JIRuM+(TLnXZ#dm?bF>^cZl9Gz
zON?|!&jOKIDHhE?PzAl_p@r6wplY{7nA~e{{`q81KU__@Dc=USS4^#X*r+zPi$aga
zi+Jk^eQbXA+W&~Nq-!f?@mzcNvH%ODO|K;P)?#5GPpDn4%?Zxk?uC6MNr)Cu8yd3B
z%@l?ees0WLJY67{B^k!;!uv+cV~%|B6C2ra5+KU!$cSC+&^FSd(YK&zp_*6=7F6v(
z^HiHmAo!-Z2ytf<1FZ+P>{O?CpU|1$9Q~3M4FNfTESGXh_aUZ`A;96XHqdJ1XK}~o
zpWQQDG~8kpbk^T7Qla}SuotU0AL~jVt%@FQ)=a4VYtTb$P`W6`S5X#me;#rjh~L|v
zCm0|A{lP_06R@Mo9Hp8i9y~)YGK!Mq>gwGlBrywUVb@k-*e!NT2bmV<TDofZ(f#W?
z6$**rS1Ee@eS^8(rG<FilFNJ?sKadonA_9VnU4Yv-7-}RlhXnQ=Zn@nlsH)Kql7hR
z2L%85wYJJk8I!t4t}FEV-J$gHT4(W77_Y5nze22>*(?O6K$~lkw_sD^X07e^0^<m%
zA{}h45IA89=ni^#eLS{*du$V3)5CIW)v>ag_RDSJnPfHmVWEVxH5UdN-Q7K~z>gCu
zr`3;EC<JAlN+TiRMW6IF9YkSmD~I7)Ep5+CJcpsWC9fY*5%yrgF)o_0_hHw~UG@Q&
zv&Y#N^C=dckPvg1>PdpiDS2L7KrKr2y0)yERqcLTPiI85{*XVK>jCygYboYr`yA4{
zV8u>R#^#9CV0NdA6z|KJRD@OCmHS@J%&GL}xUG^_rl{<W{^c{B>EPg=rC?lb4=1Jp
zL8k$3Kc-6&+qZtVhjdoF^#@lQoMh^BT2<1IWW;$H<k{o`s()HE^HgOvxIQomXQANL
z;pD4^nhXMP59Ap`uo&e-;}a0eZ=OEX9@=pRiZ;!4N2G6+<Xllb{tD?d7`w=@B_V1h
zi!?DDlO_~GH||(o6Txq``(`%46YYHSvFCX~Am6tw=%F!HZtkM?x8Ku{;^+1;qxw1Z
zMo0RnjCZcO2!T&x*J0m`l48*fcF!Ivk9#Fe&U&pAxn*R2TFeaW6+dv)%S+3-1^lp}
zPctE>$R;Ku%O=gpAb!U<DV3c~Mx)O>y{zu;`c6AL=lAr=b%}gDl3`R5S%oWp?s$G8
z$RVxomaiwDf7xwt6=TvxYl0yEqt-Q&4ztrDz5p5)IF21icQj-K4YrECG=cv^ul`n|
zcK=JrX_)$sarr+EFsMG8%EwPz0R14Ny$gwE#Uk<HMG>j06+=pbIX~8e(JCbZ90+cj
z^uK;}VhF`BsWg#<y*=5%#HnwJs51WSofKEP%z-gETSjo)#pJjm>XqAs#gU0r5==Ag
zp2wa7pztZ%ZGrxdhuHxJ*#?t?D<i*07T^$2OPvg5J9e=0k4k($&WWe2{=T3A4up)m
z+6SB$fiSklIGTP4k8bQmjY*qT3Omwb#YWYeSKX_3(7h^mpMX};wn31dhkjPSwRk#`
zVJ#Uy$g`%w(K+=RAH@MPd@TFr5pM0PZ>_N-S-D@sVpUvfUR){)xqHXWpW#n$gBwoG
zei~mr=EBnndo+53pf9%%P=79}BBMks4quNsFvl!l^h?GrK|e9}W@5Z@pB!z9kS)sC
zG0a2q<pI|uyIL%VPeO>FhmUWdZNM>oWw&#lYU1vTlLL)Y)m;s#1sg5Dgnco{%96oP
ze}vEEyq_QyBPXSfejHuVargV@h_(FKtv%`Xcz^RZCtrVm>oO<}qu-h`RwujHz8_?4
zo}FQOZ9ht9g#k`kwiEK6mD0b^U*%gdXc8>b-Q`Q8jbTyLvL38Wa0!k=@R*CKpq&8x
zPh<k0{9xivIkaKsVs{2Yr>?D_VtMK)L=1!eb|?!EL|<jQG!q2ngFWDS03Bulf@LJ!
zbe|8Fsgrk2T!46j2Q{Q5R>=pp0eSpSc`2gThiP4$&fU690$yG$z3j0dWmW{Iw0Hsr
zpj{7>wm|t3o@cG`7T&G}9p0yKss9-6xDL1~P>E*5VZPyj?!9`#?yq`_lPkFTPi^zG
zMZ|?!#3<Kv;}FJ#qITaP#O15QfaIV3%YT-qgH3w2f|Fi3*htK9cBtlZK|JEB=5cG^
zA}GSY(H8}gQ;?Hi2#rq2Y*)<ztm0Ia+PI6*5}~B~Bmem2B@*L~n6+7Oqx~Iq{1U`4
z>Ts1k9Xt=~^D2E<H}@T07FoB;qCG+$B9zJegx>p9(ViWZW?+D6@Zi_ooI^zM;fHO6
zVsg*lYuneYsP(n|VTbuT|DXe=PKf5J8fW!uP>VQiZa-lBIN}a85324D-s}~ypw?Dp
zr~2nZdnRjc*CGHAQM*{159<l&hJBP1GE1cTW`<a_FV84`iEqG1BGV=}0FFOk$l(+5
zImLg42NB>HPXo3cUR}&oSvHj8`{mKX3n>vXjH9-D3Z}#aKm`s>R~6q9wPK|rrp<En
zYYcyfhY!R22X(fV^nATr>jFkHk-3X^jFi0Ue*`eG5h#t%n4xfl+FfwkT1VIb#VzQV
z#REjjACm{5gAZpO`1a;Fdz}zfw(L#F<A(IQBHxV}ruJCA6CqSA%kI%+B=E`Ab*{W3
z;JvXnMCtAM>1urW<;u0qECQkz#MX6<UiRSEsvO5QOua>&&t}aoE+G;WLz>VB7<UYO
zo5Y>Dbu&)06k^6FOX7C(5c^;xTLS0xFP9R@8Qj!}oMuQcy}pwabQjHJ<O0^F`gYt8
zo40#>89%^vb#3@;k&FV!rHV8RYSjJ}>uJXho&MQuess<T)}a=OH=TDVi%J4txZ=YC
z(V%MKHlX&Q<gG#6^_b@1n<uY?WYfJnciqzz?dPz~%i!pnz$dfg3)MZXs_W+Ghr8|c
z+Q;p%&9rZNX0OE-<PI{djaPvytP|MeDO4QFG7LEcWW#Z!-nl76jBirxaRY$XA}r~h
z1YNf7qwtLF-PYbL@zMdg6xTTyp^1^Yk{fm}IMp#h6JJU~B8XbSpUzZmUNuH+S`6k1
znU;0k%Q{0SWe}Uz@-pu7w0#|()<jzcVd49<rb#94uBciu&~HHS+IQ_jFmu!>aC;JW
zJ?y2ewcEDXI#Z^=(=XcKPxPb>i-X=9L>HqSUtuN<Y~`V`YyWU|+{<Zl)yv4n6yElY
z_Z{uV>P)l9KnNY7y$rX;36!QPIa<YCp7B&<<Ap^ekTxwtRr!+>-G?ht4b`Y^sNK=C
zqD9U?CyV)Sx!C?zU6ve=4#QuBu(p)D?g|RA3c|EOfKB<gMvK-@a}_B89)b!OjMiH9
z3_R`{^&})xyfLXje@OQ<U0uN6efwDtJ`wSFx$w_!oZB4NowuiC3M@-kAM~HVU<3^M
zm>cR!O3Hl9UqZEiTyRx2{ufC9Kz>-vcD_HhIF_1pxnW{p(76wd>e=dbr|bZEG{gYR
zu_qI}FSp~R(Dl|-*K*Wz?rr(-K1Y|9)o!-3k+oAmBWkU%PZF-IXW_w0%mL#=?<NiT
zVe<74G~O;>Y&n|#+H(OX0NMr`f|aFo>X4SR;&@k$zQwI=8o(%ed(;Z}Dv%-MurUMF
zkggD^$s<-MtpS-Ft9gp`@PT6SYIJMWT(#n01`o<9j%K<%-%<#bk5Q)}tCDI$?Ecks
z|Gf-=ObS*1+W0OWf6K$SGh-dzMx9#NZ8z+3R*5MuAyL>d?VCG&{%)}i5+)l0V{UA+
z!18GxNsoxT1}S{>9s*;@m(LYoB1YQ|97dHkPic&8fLT>(t)FgN>fKkCRKJ2u-x(`~
zp)Z-X@!?8>b;H+~Wh7&s8t$;GI9nD{l2DMypIz1{Ohy%m<d|wwCKi(e^J{R;Rhlrh
zXS~+t#QDX=o97LF0W->OH78~I_u5$MwdejSW)Z-@qQm}w5QKVlJL;Kvq1Xe;&D2{x
z(H6Le`6|haVHlvu9pz@vDiZAZT~Q_V&h{zl?g!@9a>_;d_Zr8~xf;qlZ2?B%y&<`r
zPkGZ&+561lfO*C=>1Zv;Eea!{@gdH&_2o994ejicu|;e`eKJcoy4xX+Da2W%ybbo~
z;b3EDYGH1{W+SRhhpa9haFIEX3o6tEMiF*8vc4WiIBvw^?iM8`XXSI0770e;O=!w~
zso<o196_AuR~WZa=>s5QnADnx{%d6aB{yIMRZP>SH>zq@Hxyl$$RZGdF+sQdXU3`w
zDegPOt#)<>{8_-ejUv%exqg6~6h)BN-|i%jz>!X}Gb=L;$-&LZus=OlrbN#?cO50i
zT|z2kRFNVA9hf9R!+=bNcs_|3MS=bgf{LG$H^DmjfCl^JxzmC0_;IY3&UBcgdx6Vi
zv;;n_ctP^D5RVYgk0z3eo7Cq=9MvzS3@PFT|7d6NZae=!wDY85o|)ZrL3QUSdbXIV
zl2jaO(S$n4rT8>ircUdMUm|?^&Cqj}FX-ob4(RvAb#P<Hp51=4_F7gF4iX+iROxkn
zDM<CN^H-&k3r<WTeUTkwsmmm-;U1~TUh5n=TK1tK2N@vq{O5vV4e{6W$inmHm607d
zpleMiac;q80P$(fmA2WLqE+!)P=Z3g_lWfRy~#f7!=pFwU&8%w8NC&(#%1G9?!X)R
z^29AlwwN+iTE><Qq0*LVsy4NQ&hv$v$kyiGOD&z<@~C!163eOQPcizU_2C3lDIi6T
z_G~YW@ym_(tPsS>$ncb0*RSLB12O|E;PPf0#gz-CKR6c%&wVur_W+lHrgrEulg$w|
zB!@l~N5FY;p{e2q(*PqsG+xMdw~thNnDa!`(5_G`lCDigCA$qDt_76_ZB-BoK&^X&
zXcV&e-hvq=wEc&ltUJE^&G=vYacM#U(&kZExpF>#|M)1Yi;z($QLC7<fBY$gugZhs
zdR&a^<LXGa?g1Q7JlDB%JMoHgR#R@Sy;BP<EbdHAz)n=A0|AB#kRqlj&wADTYG<r7
zDT`=B(P)xfC#-s}d0x9UA6Hf4`O;FJ4>7`lPCTLhkkNXFV^h!tErq;9%a6Ffalk$&
z=yuP<*Rjm*=HAP`zhspDb1y2ywl*vGuuTZnYulst8*%Ozi2i@5WcpuT{nv6MMN=vE
zH(uc?@a<kk!a>gzW8~M-_1;+C^!-b~?nY7m_8vgPP7k2LA~JOBC6C1UIOZnyILssf
zqAtMA5E8xH*{^nccZZM{))8(m&Yhg1h^WN<En|@ky4A?56wgN;or1~pt&A<V_ZCX%
zUL~X@wqZq^Awo}Qc_*u6y7_wSk4aCiD*}w>fO7g<)sc=mhu;)@H1+5FJYOM9kYUc%
z9Ol*6#DT+>8<!cz`FBulhe$Dx_JzrRoI6BJI?*@kcaKbunz+(hrm8tG@^^l@ajKF=
zd60&>IB%Q@<apynGN5zw(>Uzq37T4K@zO2zUg724<7epen*nrt+GHArGlZ%jd$to}
zGa}n}*1}SYE6aR$hT=U?nfmPGmr;t2eS2k`lI~h)^7eS2A(0v`%KlV)Ht})%2aYIQ
z_d(H>(lhi0b1y&7=>;ePnTW<g_!bmL3OjbLe0@O0V9ve5jTkB4*B%jpJ=_*!aB`&L
zWJ9E&ncEaWVB7+U>`UBN_scV%6UR)L_iY@`ob`n#F_H+Y#YurFpyQx+yY~?G_WJO8
z^}|M~UrUPtOeij<jJa!id3mpc&TVfxaH`RtHayQqF<rBNdT26c8@>)c_rDt<R^PgQ
z;Hn<E;G*;oV%3HOh-v`ecGGU920u=lU7<}>@w%?${V7evBi)veTo|X2U=4`*8TuF?
z5I-jp+-6W3<@Tk<gAN#p`W)(vE7`jl<S}#&K09NrsAziaO%L{kWj<0qr9WOV!9*!j
zwS<Q1K2Xuj4M#z*8fs&4pW)9>B#@a`!Z}heZ>&Pe%V-yF$SlYUvP`9ns?(lmS<s_o
zGX!6YUyvJbP{Hj|34URO5`GM{5LG+LUq@JjAz5ZI86Asu+ks3QYmi;=$1du!noUZI
zhxoAWDeuG6v`=3r<}ouJ@reQyVI{3&YC$idwF0(J!IH3BD0bVFNpJ8t4CU1*Mls~a
zk{K$Ef|PrMOMK!P&bG*bd4Gm=sH3`ilHjj`8=tfo$BIpdX1xjNsgHt5<-`b1eYHJ_
zuEe1<4i%N>378vU)OS%4L$9zKP+aa417+{!9p^4obnZ6+7-h|U*DY$1Db(zlKv&>O
z$QG%nF`9g^p7jf0ct0AUJ;l~GDNY33nvHCMDS<+tqciwE^0&e?DVOPd#BzGLR-b~`
zzjEnG2bze7W%DV;WhK`aE-X3aU~q%Z1<5=9T9G?D&TwL<kM$=|e=uHae$LdM!rsOq
z9}sV6i`fI%n*?)(MTSI$(^``IR4`n{)wT6}Jzhx(KD@$^?IS=O-IN_sejvCfWVJw<
zNsP*iF+i-5A}iilo-RJ!o44`P1bj0P(g9u@*CR{DbRKFM{hW~hqk~ox^Oddeb6&zJ
ze<|$_W%h0Ds}YVzjTy;SbOcHTAdx&)vCnk%-JsG3AvD9UZSTI5py{)ozJ_%MP8T@o
zM+qd%ho9a>vzA%sj1IQ$So3oju;9Cl0>v6o;Yy<u)0&F0F5sz%2a6oWdT+h+R2ng5
zEY1;);osNM3!VO1Ik*;hu<%6R(ja2%#0w7A4``NFfe|<N^?ygcJ2IwlSPz|kv3w*|
zjLbp&s7yt~_A8^B%S?@xoJ`=*<VjRrCz6XWBwx0X`SCq{;dd0N!qUiZZoS9KSOM5^
z)xb35dn+Lo#}9w2R3AUW{rM1Z{6Up$2$9w_LPXS?R+p>8oagflmuK&-;NjJdbZriA
zn^qvd=g5|Ml-1XXSafnD)3a5*S-E`Y#C=Fhq{76+zU`BJfK2w{B(K;0YUs37Sepnk
z&gu@=f_R-UzL@Xt2UP0@``@g=now1gj6ixfjLz9GhIUlKyD=txN5U1E0BjTktl2Ms
z`G&|T`GF-qY+dq(us}a;g)xKcW<kQJh^Qx0D?x=?X1ObOo0Gh(n6CerriG%)0xrMB
zGQlyqg#(|4Dy4lygGcxV!8r+f9DWK*p8XjdX#P|uE-tP4;cx+E9JaZrRPm|zfK`7V
zb{JK2BcJ|SoA0kHn_CmhT*CE^y|}W>Q90#Z$d87p;mwndAed)QR@F7^^{sbb*5vx?
zQVXUq_SD4(baXW|lx%LJCcj*W;3MXZPUgD>Ui)x<Nz7LGh^RSbWntJ>kFLnu_MT{e
ziK=)53+aG8Qc5YJ@1%)3V+Z$rCP0hp{-+)m)*j7uh6)V%%Ks089g!FBwfV0Ke|Ocu
zsmBe?<E7G0-sM-~;Dec)J8JNJ5)+gYYO=gdR74aI7Q{2kYSqdRo?+cH@D>dp|NF;%
zO3d3s`g^Wo06`ezBVBhpg%d{d)}rGl$~q7|*AesEp>!>fm~1}48+oBMvC3gp89@m=
zwM;gB!yT|Qe7S?cIfWR0M~V9rkJ3HfR62(v&zeqRP3dlO$#1_r=q~;J(|E%Z`dg|t
zUV89K(lb5uHGt^}jZ#o5i=#8Z1j-*Hv2zD3rqB_Z{xkgj2S3NhzRa0`5z{xfacDTS
zcLe4E^?!abo!ll)KFAl18}ttToFEYGD~EL$8c8|0LSp?&SdoEXRCIb~Ys93}I2<Ev
zAFy$Y5qDOmJ%l{vH-K8%306_#o}!!dc0SiCOZ750o15W~>~xYCPCugUWoJMYQCg}v
z0!KxANUW%y4Mx+C5i@W_R%9HtCciR1tJv_4a!D5C>la#RY+l}C%A@o_WP8M#C5LpH
zL4AH}zJ-#aS7O)v|E6=I?qtt~9ap*554@&*RzU*Y=@>yvhu>l{l1wD3w_Bk>JtnZb
zfTita*}7yc9@f8KdSy#}dsq@j-dvpkhWIy9=2YhwUtM>plxKvEr$K(=r%pl3O1jyf
zVg`&z-fV*&Rd-whX*sHHIt6{za|{R}vwN}6R<WD@_?snR&;#fm$)O{{Ui@esf8*Ig
z-+SMMawDaR{A8qAQL)?g{-GrkBJ(9%=h%Dhy_`Qo%$r@1r*4&8F<c>3<1|9+ajMB)
z)}=J{dP|-&dRxPoE1gQWPPtp9Xg3gu82}Rcf?KVB@~*+@z00B1hqt})2AS^*LF;0V
zbD%)~RIe|92XpY<-@MgNJs}m_c*D^cdL^&<td<@JK!Y#@M-H=J<sW+!pXl1Jdi(S<
zs%9CIc5W<DNh7e~EUmM3_2-iJLtMH|(8`RJbM*6rwx1=zkEf5v`LzT`&jj@XAjYRJ
z!(RPEkLFjcgzMdzo9o8T7M)>nR<Oz;=qX9T4*ZdZ1u#p7zCgmq+n@LSv~?9YyQp$C
z)9lQpQOt3ZTrb;N+qkRUSl-ccZ+{~LAFL@tFzKD{fTX_?owt@-P065qx<yd0IK1k)
z=*u7SsikhqLkDL?yFT0R;Bh;qK{i$2^H-xTc3;#!`Mhflp|f|ILwk$ZwUN48G1hsM
zXypUsa_r#hE-~3Coz2ca2v@K_bzo5<ojADIoJn#fE7;GFmDIDd5dwzFFl*~NpBLv=
zF=^}`7_TJzp@ifgvXr4dJc;`Z_*LGH)P5DMR{mBEaXKy~a4KO09ot%;h`Eanc&=58
zYud8lHN_M$w6k`7n4HcH=~oCt&r)ks$!`3VLI}%R<M%kgCvAGpDBCi{E%y5T`bF|-
z2`1d5*2@XQ=MY;ia~b_6(C29;OR|t>=M=YG8*#yLkzmH{9~PXL`7O%C*{y<PD4uIO
zz;10%qXGYh^-_8d-_nDf!|Q#_q}!hU>+8H7cQU8nW<_31(UGZy_+dm9Up^~9z2KLs
zV{@8>U155!zq(%2EXe$FBmFLs6=#Z<R>Li&>L8hu_JYuCJc7mBn?#hI+Q!2vv9ZzT
z-I-+b=3v}%_F3Hlxgz~8igRwmh2F3ciy09=)tGLj_H#jkPJsx1XTGP$N7tFmd&tmf
zUt(L;y5r5?hsl^K=M1;A2IHVB2NkE<VJ%Da2THoHFU;M7g*xM=)(^i0^-oB##fa+-
z3y3AeiT_Mb38J@(GN5Y)JgnU>&Bo_o;<!7bopP<49LHh5Q@9il(kV(Y1blMuG?P<}
z?)u_Mg!@dn;Qz5H4cd595Oin&JBCQS^}KplTjXnGEV6WWsEX3vL_19HZHF+OPvWPB
z_nrJ2fHP2;ZLci!{6i|RqEi5D6M#I7h!~1A*je8H9N0}lnEWLcgdOM(-hblJ0eVK{
zS?JYK<Y^2zOg{SI`(YFSX;vrW5i@3QSWXQMTed~(o82y0N9S((+{6x#{~C<1a6=ry
zKQK#%g+vWnXr?S}J?=}=1rfLKjq$atzMUDqL3>YV$P58Z+FylseJ|OxMt{GJT(e={
zc6t6u&=h?%de+gJyQx%fb0lu~^17%8@h(;0zAm<K)o6Aeqz_Sejk=<hG^~WuhC11>
z9(tP5FdVYzxXg^7(hq)bJ<_~vP5qn}(fn(gGT-@&mn`t8Gfu#D>HEl34`!*5+Z2)x
zP$jYqdN-TS(+LlfR=v=Ciw!ut+JCv1%nyDu$mhYjlG!Gy^xb7bn)~oqk-n-(kn5zD
z2}{fWG)k$m0^=)kQzGJk@I74+sAsFWMkfhhho;*edwM`{{6^n(L!X%upEpJ<G5gcL
z4#@(Zcgd+RMc7fNVEV33^D0V;chAUX8AaX*MwDjysB4VHpabZu$9}*;EBm5t?#vpx
zIcJ{(aNol-$DWASyI&#OIi6eD`EDn|->vZ!hJ+ycZ|hfNy|5UAq^x`3woS)Vf4pO!
zHkoDOD2sBagWkTshAl54L5|Ri+?P|pLRw3Ot)^mn@9Ef26k=ppaY@Sk8j@6T9Mf#R
zVDyR+8?$EnsoM^R!_?TFi3MHjA_ao*RIjJ)^>%oAs~AWd&lunF8nHL-Xx7MH2Joak
z#_9a>`qEtY?F&qgxCX_uN0GW&?cx3ZyS{ZGu_z^)i?cVtU2E1mn*D<YA=i79kIPZ;
z<sFK_tmiWP6_6*4GjdmY*N_7<?UpKt(rklE!lScut3f~8R^R&@`C3N3eTO(DgtaeO
zS2e#MCOa_}9eUURk4M&2tg8tw{(!E*ExJ}!mbx-7dm6t3cZWfgg1H?39~__@w`Xu%
zBarA5|N5^cQ*)b4W6dw*f_GPGuA1(S?TySFw_k&3Gam(<ANEwE<05$qQN)XtZ6#{E
zH}slQJDCPD-JHV{NK0EXwA$T&<?-P)V=OzwbHs>6sMGlE%*&u7{@#&55H)Na&@;N<
zY8!2g-TV233=hsQ#zfd%U*u(roePi&;(%;QxzYpV0TjLkYj5(l59bA%FIv3?{}*4N
zV50<MdQWU@FC11vOuFGv_;R;o(_)zrj6(#aLz%uWC3wG>_%kr%LTOuHiVO4Nh-Nn8
zOC)c0Nm!=>V^Fs&#1d(;WA5lV@&Y1{(E{Madk$dQ{Gnz{wm8KokAzzw6jYD`hg8BB
z7Cz#EP?f(vRHR9-h9~lFg`qy0sT*=!d<3Z>N*ViD$e$K22Bzlffd!^q3unhJR?TMS
z&<lxeF8t&I3#KMY`W%M8gjQdfQZc@o_KhwTqjrZBn;m?2Kne|e*(n2BnVKB__=puL
zLmMs6%v7-PJ35kQ-e;$BM&fSriyfCdMhzMlzsI=nl4B@<Ndi3cy50xfp|T<5Vj_w`
z(iq(ckCnKV%qIR$J3LV4V(~6nHjHROP9p>qYl<#Bp0if=3?6HRO7y6~+@H#v*#F9-
zBVG{&fY0slvprh@0t0Y@R^G7+nYB^}U;5Q+#?yD(|4m{y#WyUwJ_mTh4?c9|9oS1u
zO`Lw}pSGrN+Z!r;s)8Ht^c)SKfT6xJm7;Us6wmsf@5Va61)pbdJJAZik9a|mY>YHR
zmfS%=L*)F0VDrg86kR~Qxah+1(Z86ivA;^-&j_t*qwd!#KT1-o&slkD?m_TX$3vy<
z!PCJpqmQzuRbQdLFpIU?*HaKre)VE2q{iOea4rxw6zn;?*Sm8bveVZJ={r`t1xfl-
z-fqfqJ+;NbZW|y@fgUig`|q$5Xi_iiz*%~d0FRCzIKlj}MV_(#OLLtZu_~G{4YFtJ
zSy_~%=j-?jBDhX%DDOhYL(9ndZ2b`)_7MC+k$)TzJo5N0a#oo(rlHdub_VN|qzrwB
zUNu8yH^mM`e}rXhD??Qv+2BpS(VPv>a{3s*wt>A%htYfL58Y-Za;ZyQMsFtmrAZht
z2Z->&!GvGm$6=eqGi=?khwn+R6uob#ChCq;Sn~Sn)lK^swbc=4^P^8Y3h#T|LBT_B
zl1Hs+y_mu8e`x^@8?(6A)fqJ!iMthr=1*+V<iexT55WJ1-+RT7&lCF~v&J0ZuBt`r
zi9AV=){m*3PsL>~#CI{@_I{u<-dG}MStc{Es2)l_Wuxr<wv72qruTs{IW7?^aM0;+
z<X20Qwu+5tOwOL$OP}y<gjxNWD?LQGrZ_3&Wk1rXJhzXiGyrclSJ|VXQ_>;lV^OAb
zVY9S+&RFoR;Afz6tMB_nEH^&&_SbvW`&jh~G{&D6go~}7krKzBKao%G)7q}J`?)(l
zJ^RSk4GD!wBB!LU9r|t4`vncn*uc{?x`I8K&$tkGHJ{X=rKHJ!GUXN>Q6=nzGv2WP
zeq0?Y<5H*QLMND4)_q=fm|P|5d~_znbQ5*#a@j=BUT|Q~k#6xqVJ7!UalbDAqK2hW
zDJ1{g$nQ^<k&9^hugB~Kl~o#A1k}1q=g4g~sfE^_@sErCWiD7Wt*Ly4M2qnCSiC-3
z`Sjn%Cqrlj=bFBZF~YL1TP4izYv9|c=0$;RcJ~z$x|nS`94xHeMTu^nv~WlP^oHI#
zU-fI{Iy-F@xOqOG&tFf?ee(8N0Krrs>m#$`;RvZnjh-y%uCMVGeDY((1H%v9pcC}Z
zVPC;7?v+F};-X>dUOD-$YC?XW3a(l6U!D863+3<5c4n4Er?2Az5%|q}_w~cb6{>nR
z2(;Ap#qu7*a9H(z?atRq*?V!l*)>fL^r)Rf4}#xA{|<BRtEtt{<|HN%$*jMePf*6?
zf;(%Q9|ir7Ve1Q?$SyX`11p8es-vGrKP(It?x3QRUDD!Mn4bTNtr|hf)BIbd+y7E<
z^c7D&hGDP~DNRHrR=R)=Z%zwyG&v-bZX^UgRwlJ003Z-r#$~SKAy=|TWIc}ig6mb2
zf4+iDhR7?l`b2fve!Ova>EBPe`H0!T3t||;XqVg!UW^T=LJR%>zi5=cCH(+H(KK52
zui1bfGUYB!0;{nJ&5I@aiRV=tTECRSXYITQDBLwG?R@91F*S;%CIq6iJjh!LGw!GC
zg;M`0CL`2~&|SFKu}c_%vdHy(p^<{lb6Q~Z#n0408st#QHhF2$`*eBwaP~|a@o#Bm
z84s#frB7r{K;iM?^0?}yQs*F;q~NLl@~&a^-InB0%lV!Y&*@@4GXwW4SK>E<1A0(l
zb(I8EiGdopS}|=};XJX6`bhf5s*#zisv>*PNM3!H7dFj87U^9-{8TN$XrWQCLKpYz
zJHsltkQm8YR~at_tV>D6zLJ6*OJmMX1OUyE@Q(iI)7t(;&Fu*5zmC<iD5EuY3Cb(-
zlnA=kvy>p<Jvcm6rU991<XpowGNSDm5){F4g)tyYD{$(%ZqT6Ac9;e%t>Z=Qn`w<D
zu>;`sk}PdDIHUCTO{mxDB*NsjnWk|?P&qa_se-3+5w3F&eJ@jpcBpz?C=ZOpBts2y
zcAs{Iew#@w-kuyWN8fzryVk>6vtH$Yl_6N~-C2D+lwYE|ggZ9@a}ET9%SvUpJ@PK0
z@TTX)Ff@y+<^f!jo7Wu59k{4ClfMlS1d-|7G0Gil{0s_~L|Fvkw29OiIS=F7sH9#S
zN3HfZ-}U4DoEu~-V*=54@hX>Va<7GmCSCnkc$!YG*V$J@=ZmrXi@`8*kb+DZV)stZ
zi_5#e0$U13D7#zxWXJERANNIXxt*R5@>u;LPg5h)PC3Wv`T-_5*Pk7Bc>&=xF*Bp@
z1H2Wt)*<6j$EN3fsht}?@6HWhD~kc;wv6NuO*KfT@HEr*($hmrh@45hB<eDyWQcl;
z&)alcU6rza=T{ws6*~1V?{3arBd?O=E$=N1-!ZuSZY5i?mdi19Rd5@ymeYQJeMpa{
zj`k@;UI1;);1|`|U}b6~0ZrC`<&TrpH&e;%lQ^-14<g^l1-FGeW=?B{|2-gZyvu3L
z&Gs@LB8c;E^S~6eksPvY;ARy?ifaEflW1^mW!nql-^WR+4d1{e+PgR{XKXj#e!XDQ
z*%pjV3X|=<LW%-EAy1RA4Yd(;ebpg#Fv>P4PO1>l?)7a@j+L=rwwNpCPGem%HTt5A
zfMn0~d5mr;9$h(B`bW17{yzir1ppvv?|g&DR=CJF(n&>YB+Twh0X5|?as;`p65CGP
zTjK<)Hq4>FCHe?&y_hyUdil+#e1?t>vKGhGHfme@2j3$daYuR)X^k#OG!shM(T2@>
zZ_$Ky-tR8iuyC-*M|{m`@1R@JeNb0Tt*B_NUGKU~_?8w<5cIc*@Glqd==fA|n;QeV
zE$GWTx|7e@bY;_YAA$$0mg00+v2B|Y^D~+xDHOzn?!(P#bDc_K3gL^YmxGjxR)vpa
ziuL*4%I-4myS?Wu_%>Uwz`QYsJ`D6K&-!2~S)S5g6n;y?%CXGTv(sH?kK&HNrWzzE
z^%fnSL%#BQg=!A}eTz&wB(t0+>Wy?FcIga@L|qMr-95ZG3)M`%_j!Xln{q@7y&#gq
zXjX<@h1<e*OrEJ?F$P<Xk@W1VpOT+;w>rqu{bhPkn+5-RT=~od^a;*<^V|3kTdaSZ
z9geCrH^3`S{c`BpODcqVc~!Hq=}S<vXl@#5q1@>oh?^%xH?!&QruJQYm|EyM$;?^q
zE(NgGpdnRVV>@9xXVCoT79UQ9hvg^o5PIWaGy_QlHCzTCDdXPG`+6q}$<{Cy_z5)0
z=j&L#t6sRoC|7(n1+mGW;Imi6vq93&3<=EF%64P68jr|uD{(h8L%iqBC^K8)xoizY
za}%o`<E9@$emx1yeH1pG$lvv`{oyy@Ti7G<a7lrAg|5cLaWYugp??qD#rm4FVGDKt
zx}>qsh@KY)?aFpi$x36z4svlC*3=19rM!Jix+$51Ks$oLg^GyD24(%!>?C`HQ3$1{
z6u`S7oKUZD)M51KxZSHtuiDJO;S1|}&t$*azh_L;-__ftJ4CZJxY5-GQ#t_p`-$e?
zEEovk`N~HY?*1{PB0e<5lw+iL5g}8Hian8{^n+$HUUBI&&F@7bGN<fBWtJZ%aT>Yh
zC2bi<vlHx}>{>EeMvD=AUnp|r=RS}C+-%ZmLu(4GEHmZaS>Q`E;QjYN%9Q&7`0ue;
zIgVavs;x7hDL1p8Km|hMiJ=;y3st5Wp+lesp@k~@(f<?K__&Ud5N7{DlK!=>CCxxj
z&9c1-HSaReORN%fR6qOb_wZrfk0-`dE9j>mw}dIf*M;h@%vIHu|MVSz^%vvRU#N{s
z{3UaHYiU6m4!X|xX<XIY*TJ3)-F1L-W&8!9`Okjj|6EKdw6o8&i)pC-I^FqQd5$N_
zBi&<y(a|=;W9-l^0@bZnaQkv)Q09K5=hj?Zr*yiw>hdZ52f**mpMrwo%4|X6W#6vn
z!cFfn=ypw61Y<wQB^bC~tY#(|>24Zq3nHb@7UoR9k5s--pI{};UdV6+2Cd+_?C>@n
zp#S!aANjWel1SUS($A~HLrhLlgM$inx6OZZ<qsCwM-aMOgH9i)cUd}r{G8>#djR)-
zDt%EiE?AO-6AR!ldpKyvbxjhCrM($jDxcDzl7(Tk9fYUw_20s9vv73zyEne^_b|&V
z<DXd_bK>9Uck9*WL_IcIW}DkqSiQ6|1b8VFP%SacNs8l6-{pR`%alOF(U9SzV51H<
zkS@=pHk12dPM`ieg{CAHx9v|#qUH^Cw1_S*1dRq0udU_p<VAy#{Zhxa@M;K17OMmd
zrhSo|Zv?T&rGj2p{PQiYC{+F)YOb89;=iQShwO{BauO-($B6K1|64c#{0KMAmOB+C
zt}J}lksRWRAhWTRcTiAI_$(roShyR7!<xJ|S;Xk_cj9b?Ao1Pf@xao>GC_~0Zfr4Q
z5-Xo&4e%o_ByU)Z<U_yO3TV5t?EQ6{6h7^@jI`>^KWWvItQlTkCBRwc^hTZc2=0wF
zTh+zytiypL<AVSV8xB?DtF)F20*UZK$(1GDFE;b`S;w5wasZ#N`!UKTMeSlWwhDlX
zWv!bN%dg<ecpe`gh@tw&o(F*!TnOZlrVCiT9$fk%sFe5W2lNU%I)5-p?BI%fIx1o$
z@;(0FE|_?3)JMIc?JZ<FX&FqO#bu7_5FBi>-5=gH-$7a}2$z_2;=4cS+~ufjPYw|P
zpP+u57P(>o;%}*`Z=3E0@AnC_5Mkff>0=z#au7be`+=Pu*zyOcb)B@T#%I@%8cVJ{
zk7w(#32zyLzBZ??DP|BQ;!5I2!h+<>CEyh@{3>(g33KVP=+$*mV-)z?mkbmsz^>@y
z49O$MoNo}&>`rxz?YQpyY#A>K;HkyS*1<5YISFkN%jpihrK2A@tNq66VQ5Q9Kjgld
zmFh_2nl;MIj83^I=K|z9NYhA8{!SpwT0lRErJr4W5QJ)gN*Ixlm1;AQ$>^O-mmgKC
z7F|5mWyNp9(*XRFsi7If#LC=+bi50WtOw9=5-oRn+VG@;n9!T|FTHZUEA27>FQ;r3
zerG+-+z;2;iZY&}nS(*a2SE)32S1Q{ZJe_nL=|rjnS`mIR9OMgs$x3BQWVuh0o%!D
zv93qHp?~eXt%1JkZX5ytnn#zM9;YZnUjYG-Gj<2UGkWa)!bupb&<)U&R*?K0WbQ83
z6gPutEO$Ng)3CYjCO(Ce89o0jB)3f1D4ODwpEViUjlx&ThUt||(B;qpsOZDnNbMc!
z-%@qXe7KT?Y`;gP$yDQ6bRk4VZ3X6Sbb4Qb!~mh`m_q<bwlSs+2|b|Fs!@H>yUw%w
zJCafbr*XT>HEi4mCq<YIt`g0%Qw9ZN2pzVfT|`YaT1DdeJA>gj0j3r1`Hb5)UwAi8
z>jU_^9?40%%_=aq<g?iUMk$@^{$w+bkm1!*#QXl8b?!?lW~PVs1*$x{zVX2X^{w14
zyjI@12&IFwxS5Rzjmt}5`-sXB1ch4KJPm>a!}pPdPY~CDSyTQHr53-g>h;J1bd>hJ
zd$*tw=V~SaF14&g#$hawSl?;!4r6qX{xiLUjtF?%I(Fi3!wO7?JV}b0Tz=<+=><#j
zP14;oEUY)f18F&H2$b~sq5^w@z!KlwF9+3J$cP?)UMbi@yXf5nJ|DpspR(HCzXR06
zI}{B-O+LI6y*NUcxK63fGeP_DK?1fI-zn4?ES$#owj3S5{#s1Q>95ORP3!Nonp92)
zUqYof(;6;Ek1Wx{W?Ey&kWW^3ej~*KkUDM7to^5&5j}yuicV-M)@b1JhC-ATO+^w=
zJGt|JntBVcD84Ul96?Y@WhrTaWeMr-2AQQ76ln=T8l+pLQ`n_hkyu)~K|(@6dPTZZ
zy1V}C_kDlQ|D9)^`|O=(=5x<E_sqGUyL0Ev`~1UV)>hEyyaP-8F}?58W_zE{=TscC
z(6l|7+WvKLmhAk4$#Xm=j$R!xVz9bg0hpuL6;nj)3IGacsi>^1=d3mbD4MP1km7ep
zLX=|a-#Qu5o-ZU4pKroJ?(cfmcj;JprPovHt_RIly}k-0j;11>@)#*G8$Dwwax?G$
zq752!Y&sNSf%>%WK<SZDCa#$~bjT0Sj74?C2G`YClqlP(*#7VNif3&`{A}mH-$5f2
zRpLoL9=mfQ2Z^2t{5vmk$-y+*=va|Lh0!Gx(aGIIK%0i_0>oK&I`Qol+!nwy4CAhO
za9ih8Y%o5hR6H)sJZUub;5Kl%6VJo%c*1Z7^abX}yG(1Cr*Db}EPD^?!dpu93E;uS
z?|QJ=wN-7qi$Z^HZF7WYuk)j`7p`qx=%rieSQa1F*3tY!Uf7VnkrCyRE06ryAPXIJ
zfYI0W54qUZ*c=o*k1^i=Llm@KmCq+lBNK~}79g*v_`&)+R+-?{h$y8>gfFrhzDg!{
zYYwXSP%+T5_mvP8K5w*1caR)Rg@UB_+LbgdKPHHl&0a_85^J()JD7VN10G#A)5xEM
z&JM34a}wy%tXMv^iP~Hbr9z?6l%?4&+;O0{WK>Tr;<9)?FwwfKXWPoE1cEHqL7T|}
ziSw7pLU3B@t#Iw@^ZkxTBC2aVSznWe!<ls9f>v;5CBd^4)W^ffx!ZcVufX6Nqd+I6
z3#{x05il`w?<5s{oYeh{dSob-wjlf{^{`WDBotV2g;)$~HZYqP8ubT3rkaS4FK2`{
zatGjEEGJzTGfEqK3W7@sy7a8y6Vg_Q2z*3cVA=3XFCI%7qiD_BX$f>n%VA^yiB2~B
zzOkXxJejn3Ys;J&bcyD<Hh^>EIdqQlJFn<`Mja0n?K2jJ%LUYC^c1Ro9&kFRuEZV*
zSB1?FtFq#%#E<P4MhT(U*4Klj*h;fNi7S{zt~mDbi?bv;$-Db1G;neD6DDdtfWx!J
zF~B*$d#c%%<F~_(9NW*yA0x_uF5Ks096AhE;?qfHdzUbw`ayJxEkYCSn&3t+23D#^
z954L%%=!X$pA}yyJ|2ygO%j8GtP9mW0J0vq4iRjbd@K6)?VFE_IarJ)mnU$bD;Wy<
z2u3#uF=l};QZ?^XDy2ovh?YUV{(qDs3@R&%=A=pBNGG-9(DI9u$HTMq900X~G%M9p
z#*O|g5u#YdwKaM&*&;uy5Fb70^-ekE^D>QKFnawb7n1a8Rl+~;b=9%Y$|{$~!~(rP
zW@a?0l1F7MR04mTqoV^u`FJ2<yb3m{&AL+DaAezE<I0bQuR4Hvih#bxoGLZ@#^)*H
zSlWRBsmm9kl*2h1fwsn%rBrohM2WOQD}TvC|JIk$i2H^!yX#biY_!Ln4X8D-GuWOM
zRHNDv;89IH==>S+<+UDDoZ`A##yT<LJ{%_8l1@|Ok|QMI**x|VcB6bkxK$1EeMowG
zGVZj!4~aAQ-QHmtS!*YTUqwl=Xq5z0&-%#DHADY93+TU#y8)S>(wrd4Gr;};_{Li6
z_{K8}Jk`WL$Tn-z_=SOe!-<{U+SRo~XKrA?pLx}ZNJbx2!e<Oi{6lwnA~HYW{#d|B
z{J^U8yGQTCZV%*OV?)oRS;}LcKd$pVUR90*T3vtPc&(B*+v_HzoDooJcLqfp?MFYm
znT^kwB0R4)92#hVjSb?42J0cY`6T!*2SAy0h~{qE#XJqv04la_gBIbaU!KsV*oC6p
zK^1TfnPrjPK1H5#qKwf2*A%MRH)!=AaASvb_~qHR6_U}V?H4j_5w8|^N#<ejk#~}5
zgkmX<f{oCkq|Tuf5>QsvHx-e*Jv1(_5tP&zy!!f$mL)$aU?1dGRhnVrV6yn_{1se!
zet|{x%NvY$Uim*E_r?!bCGOtFlm3Lnr!7VuyFO!|VN0lHK0K9i63DW3myT}wT6jy+
zkqc4pLmZpY(>4|9iB6+R{@AV|+NY_RTg}~o{gMGjQmzOn)77)ebeu966Kqp+!HBdw
zmn_Uxf;DZ4+-Y~5jDwugd1<~knTz37woZ4{zEW2*y^lyw(wXb$%G_eqJ{@Bg@5Ef<
z?dWgK)MC8>>-y~<Cz3#}jlr<|&x!44w!~MY`RaH97?ZE?Pb#Wr!+WH|x5vLzE+!80
zUqa^^UO3QZnbSPr;4{hkaW(XJ>ru6FubJnPuF&=%o5h*utcU*HBppkM<~;UDT8*=s
z>Cir@0o@?4X&}Pf=qzCjMz^4DYk0ueI}oc`wyJo(p}EA*dlHf)^s;`|NrYRt+=BT#
z+?1~ob%e!k|A|E#uw>{2kw!P#sUHl&{URhH9S3ybJAL(g?={=;owe>2Z?jShP5w$I
zEur_V``l6Y4yX+#lx}M-iXy<lIE7W;^XY2^z@bm#DQwM42LBu1&Wu(8;ci|DOkm|x
z?7xQM;_#CdS>pYlj9Wc#m>$H?K3NX}D;v4QU)qTYRxJOhVCDTxZ#dca`7}-QS%&`l
zpQq51D7~GgM)xx0h4w=MveZ7`nXD2Dt7ESuG71Wc%b8B-e|D?kOabXgvPXbbC}Th5
z+`g`eDYot2{+Q?%Z11?M5BJ>e-U6g!Ppt0ai}`FN_Uk#)5$~_dfl#YbJFOfWee2Ku
zc_pT|A&ah3O-E_*Rl1h68BtHH*|>hy9biibivnM$CLNSwowQ&7NAeIWW=Jw>CIq7A
z%?Bwa)xb-wHU$}D@q1NJuf3FjQyk%=5yepG``w_|_g7t}wW$0-2vz^TSG;w}4Hkdh
za4dd5SeYWWey*wy(3j5UF)70Lb&vqTO*PmmqD)mRnX5-R^0DfLOunMgKjsA|;K1CB
z$@THz)J84ftP$1sU|a`Se!_vj=AwG8Z!CuV<AEU|1*l?Tg`;{i^Ij@^nM5lqTmZT{
z7!h|&)!-5JmNa}OY%rB91cjIEJp<AMo{wH6t$eeL5)NDrhKlduMtsp+SBq>=fB&VM
zD*>fmJ3-Zyd+5IW7cQPn1geWS2B?%^It%`1-cg32omr!G7ea6$7sbyvuLP1>?FZjO
z(RQyoDg<5cr^C%li|`cYh{I@X4DczvXV*r+1Na1R7_gMIBL3NsjlIuNIFHxXl|mDS
z_q<S%En>m^p8opnwRmitVqIzk$|482<YZ%e!j%tK<mz>&uhW9Zj<lduN7CHwyx`G~
zgfHuOP2R@2(McDgeZF*BYd!%uxE9#i1fP%Du_$@JwtmC1bIUY~K()196@cSa|5HfU
zK~I1rQJ-C35)fMtIIQ|gW=SnB9V3Zr3w1e_A*z9F?Gj~xfhH)S$T3wC%N-W*Q^P*q
zE5YsS*E0)Ucs<L(KZV~GZuONy3{zHCiuAnU?=`<lf9bBQc;12qgjf~eu;uyzLW*d!
zzl$q&pKV|H?9L|f1cpOF&EPpn$1HH~RwJDg?}<d^So3C{r^H7Y=;(W9NHd<YJc}P-
zj0E=*W7el1Vt<=j(nniV4R3e-uUQtV&Az7)qvY#RowC@cF4Kf=Ys98c05NQUCiX2&
zJ&j3zxps?iQK{&B4(dhx+4fsqcmYep;4%gDS2h1^<Gl3E@$W0l5O_3ZwJPBy^gt!x
zo9H3lpodA*$@R(ofC!eF#pnhcFrC0|Z;!Aq9DH(W0%eIXgl}P_Ms4=18I#Li&PvaQ
zpCP9Bqyyw~S3_TX5u0%PQVl$P@5el&GP)`BltH*>+%d^*ZD;>kVeho>DO%~D5M1j+
z%O>0|z{%I!>OG!VuwD>Y?)x^V;mb^tDXy~Pp><RF&l1#RmG!*lzXlyH_9b^$g(FlO
zi`@rx%PQ4Z)*V&%TIaV!{(%A8dSOiVGNrq;k7U!@8n9YFUKhg)z~a{L%gv?JL*8A6
zLbC;C3&4#`A22cDFA{J8idL-MA0}c3UmrLb|Ix^6_zUaMdMK>8qjzB6ID=gqsP;?;
zJgPo=J?JM>@tMUA!F`l8uBUgY1JKK}a4kF|ffC+_-|}LT<k;PZ2TaPc94N3zDMJ_O
zRFW=3{I#}&I$9`A2AJUW{s`TRuVlrAV3Pt=SJrn<k3_KkgYf!oLlI7P*2N=PnG@Dj
zUASriiq}M0rRcrYtTa=^HcxLk9L~LnLz9|>m>yd)#IqW@e4f0YMQ%K43#lICzX59l
zjEww;GFf1SKhB{ntBUsrYO3J2`&oa-I<J$kzi;lS>OZ$FFIprsF%J5jDkbVa1!Ti5
zP0kQrz4zh$FQWxs2D(tO{;7gbl+<R0EY-GfaS4t(PcJ~`zcuyTGA9bsa<DUiL&RYx
zSBt_C$BtZvJe6mghPCoa$sDc9iH|XpZSLPY;^jhQnD~QsBp_y<JidxwM!ot%4R%-q
zCsGvIf#~4U{nLbXd0)UB?25ZeOpi%arYhN^x8>QVt8Gvy5863wiKaR-%XFDw?h?G@
zLd3r6cIYf+sts!dl;9DZ6#Cv<i?`$R?uq*0o$JbJo_b@J3y8H)P>0TkV7b~llTJL!
zrS=}!KX`E}<|EC<Z%t6*aoe|NRKW1J2lwF|PNab8%U6}~VElL&Q+0Fu_zt?ivkTm)
z>eo{L>}MkL*hCF<?aHGEl)6AcdAW`PdSh?alR5QMHZTGlmNV4#&$G-$Uj-{qHyo}R
z)hLXCgc1c`!vCs?P-B$NzEVSz-*X!TCxRP?UqV}{BfmfopK$aBc>k~f6LL?_s+g+;
z)FA#HvsvftjLX!Qm<2BBDF00aQExhlaB-Uu$A;YVa<CU?f^bC^E(<UHH4QX`TLFHY
z#*7z%f{;F<mlyt<Aq_7;DPcUPvExk>2%Ia<vbrGj%ti%B-i?Lx=OZx2jZRkbd}_bN
z@jQ&hrX1)48so$ICb(wMpg9Ask=6$N%EbY$$hz_(!=(un4R}NIbzT%^Dk}5YH~#8}
zN0Cg&{uIi=eE^O!R{%ZQ>oIK3s;PI-vr7WwE94fwK+x$2i%1A>gf_E%ew$W^@`b`k
zCnW}Az_-X=rQHY9g_@b8ql^I6Pmk|ZQ>d|}p1@+&wc5p94#Dvyc~`r)peth*TyX^(
z#)lkI&dt2@3VRSQBlCxeE7#KuIbi+?jakB2k0~VlRUZLCS=(IQQ`pa#P_hYwI<9U5
z>lF_TJVPyfmY)=lm%(y|?2%f)s<b_xZ#S6TT?K8v6s`i_?rlpAeKjm!I{ZD>U-#Yo
zWjwn~MB?aXg4@F0In@x{$G`rVF+Lc&d9;Y$Qw9ZMMhzGX4gbWND%@?+{wXV6B~Nrh
zLYgo(tI=ci;Ya7)iEFWvgyUK+O|AL4zHl<q^^Uh#5nx?d|Fer_hK8s^<f8YCYZ4(i
zz8;Ex$^t6G&U}w!fraY%Na8^(+#V?VjXCHh0N-)HlU~?}t^e#<1lH#x1t$E&m2KrT
z<p6`j@UrO6GZLoI`^uASf(b;mxQh<$Ty;lVmdqZ*C(j~?5I*tm<XME`ce#|=Hf*O4
zmB4+|r3Av-8ms&PhHQjj;?5COkr9A;-(}_c_31L6>XW5+*x-1GjTTV{Cg#D0o4bf-
zqy%O!@s!3JM#K;+{#YtbM689rP!{(pxcR03Utg@Ht=YKIi^i92%bOJ*43TM#w41f3
z&st3wMuY%eP{R@=;X00(IybzKP!On1Az*lchj|K!;emdH8+7|sN(LSI++!-!vU^YL
z!IfHor4jZ9&so)pqK2`L{pyXvH;cF)%=*g~Q3h+DK8w6K!S(P=dRcSAL`AmvW4(kk
z;!ZUmyvtwDy*@K(Bm{vu04STfKO5LZ6&rfvNs0;}08sE}&I4|BmRkKm4jlMEue0Z`
z-=?vOv>f>S!(^V6qT)Qeco<feyx1J1GhLRb^CCN0kzZ?Wbb6jaWMgA*&tWqsdY2Kn
z8=AZLDePi(bvK@f4ild>%~cTDc}4hAmM|h&-VjPXCdl|U7?ahJPFJ&xlVh@xsgQ@_
zwVeKBOmIm_0X1p-lNZ{>%1H%qb%d;vJmO(uLa>Yt#X}OHN8VM3K)w-os-(7Tx6gMi
zRlq~i-Q~a>sl2XJV=*K-B*1*ZJf!8<5@v?jB~=}ltYX}ftg<S6Ls18)Mltxl2gbY)
zE0((QKzCN?PFGDX?`M)H$aA5#*3@cb3I&z+;YtwSMlYx$bFpc9)dR~ZP;DcPg!<Ry
zJr~XI)SBme0Xrw^9eaM0#<eRRC$X_RPD|2fr8jksSVrZu4-!qt`{jjgu)lZAn-C<k
zzf5cd@~sqYIrW|^61@7UE<SwqispXFga%<B=GBYH??GQ`t&(OMCp_&zhIem!E)%yl
z{y-}}m?5z9zYEXUzf3HmsyHcS&357vcs@=#5$|x5Y*EVQD84Xo;wV}f@NJRK`(c#r
zxV6ebe%G<BTzV&@Aqy^9NWG2c6r$B)(-qk5^ubd$JY5J&gVDz}bDZ0tjmFXa+#t{#
zR`@7Q*I;TXVhK;3qb9Zix*&6`Kw91;DA0MjGacerGpufoKw842jwv*S6>Ih&esq3W
zboTe=dy4+7ids!q2-Ix8o!_u7yU%@^ib2?%5qIwNsoz>)oLTUU`{Q%Yz^nV=3Wvw&
z(>=S;?={UnSB8f#H_E!e!tA0f29h2--asKWNxQb*#{P-Ma+cM2L$dNg&qt^nO1N-t
z8n3j@DIPedm#$>OtcDFbDEmhBX<m8EGz74RrN+I(!*7jJD@uU$P8+BdKEQIi{~0CR
zYmn)>CA%N8QReK5%EUq9;<{p$HeWJIs{Uw=N>n!(hPVd@Z4RY_Ii=j0vjsqZUZ4V&
zgt6;SX$u5}9i7*PLO=J*@5f2HO^1c?hqgCQpl}`Fe}fm?Mk1od;c7*mC#&v07P0W>
zkLJUjJ2sxveEkC3WY!yPTla76M@i+|-bu9L;vFW+sIlj0C1uGP{v&uI6DZRlAZdgb
ztKJ-qN_v<|*8YXOeG#Yr2_n!VDBM^LD?x12ATSkh&3L@;-fXvLh9p`J;}^71Iyv1W
zw?|`(L}<O@YUYN^rgJLkV6$_=*K6%L6RuX95+Ji7fl{}ILPzOSo105_-4HG}1o~R0
z=Qs|~Uwt`M3AD;1IQ6b}e}D-%1}JcqA9AEu_XK{eUd-A~Q~c)tF6a$K4bZhkFeZ&f
zFh)*jrJa7<lswM$yhprmtod5v2j}Lz8n<tSSI4h!Raxg<Z$If9i6N|#xOjZ7N3I5z
zA(2T{Dn_}T<p5DSrmzQfK=}SE{;U3<;(v$iLF;OHVG5jL*8I$(op4u(tLCl(=Y<HO
zVJNj<J)C8J*2=WFG@uzE4_>xNSIKtKA}@URt+X^?=WjKyTo&RiL7)MZL!5coS}o=J
zwqAf!2V&DE-7r}b_@nTcBR!%2K5gs6VQP`WpX@}~U%P|%MKJF0xJft*>n)Sq=5X(^
z7$Pj|%*eCE3Y~0x*RXQ>S-l%##z6c5Izx*$-X!J*@egN7SNvg6C8SUY5pB18$-#?K
z3{QU&5h;ioO1<uE^1Zo)Idq%(ovbp~hkQQ1capiPQ7gMLdm_gA?^3eA1VvH~Skt=S
zo5Z^QZWNn6)y1)XMpp4TAm2P3MU+4W6=}=+?0}C5X0Vok)CA=;YYT44Ux<_xED&=Q
z-hZ*o!Q?-<!s;C3(f>!9sm^rVA6)kiw5B<?*}jK@*)eldckn5EP8hsB_t;qUz@l}h
z8FG9+@PRY<btNFO7@p)c`Y`cuckRL6zP>YuUdOUsUfSa#<xJGOpXWU^qS9t)`+9Pr
z@93SFhDGYRDP>+i!mi^-GOuV)d@p@$4U{gCy>~mGeg{@D;hwxW#tHCB$3vdRyq1t;
z$(S9ZD0qnMy1A1)5AO%j+LbdrubbN>Fkv{^t+D!Y%$Q^kV<Y<UuF4~QGkPKy$Vd_V
zr5%QT2hq+%b?C9Ld<+Ka`-rD+12yY8ojKmQ1gR71yzlrRN#?ha!c&kplv=$jM#!Ia
zd@6&I#m&*ODj1uhos>CEel)Z@-9lA-VmD8+C1cl$R^xbjbWHyG;E(L$>b_}-{(n|?
zt2|f8(#3sg69$30mT+*jk2eBjb9uQny*T)Y8Lc(E&Mh)mldBZzF=7oH(6jl%4Oa+B
zH<eda=9_G@*4nz?c2SQ-(f2x9T0Oi@=T2kD$i9_44)|kqm8h0WwBWEq-6H>8^i0m;
zEdusp@|R_g)r|!Hs$3K-MOV)zniY}2r)mGmLv+*Q57EO}6u%8RP8PkY2J%YpA7V%!
zF%kClct=BBzD_2nIGfQNw&iS}X$NV&Sjh5|WTkh1bDK_My80<$QOzDc6K%SO|2f<e
zfk(KW4i;ZrQQ}oQ6qY*a1y@JP>Y>X1DmJv`ykm~-k}Azx*L!hOUh;RsTNTr3=^f*V
zj$Q&X3%|ep{V*r<&6^vFV|94Li}(y#_4K()&_2dvXm!LEJxfq~ULcd<@6#1=$XO59
z$9OE5`rg8E!gueQOknDj7$Lnx3m-O12>Ryi*2(|!oI*C%4lWA0*9HvWti1lN_fhqB
zlK7MDB@$>DZTos8VdQ)8g+>r5xS$fS5K-tSLO=N%AB+5aXBB6hrF@6#_xz^yP^IjK
z0_P;^zM;q(zCeg~ufqPkSow|H>k$Q})NJ`3f~575`mNc41yiNZ^zG_LrnksIky>sE
z@X0R;)DU`pX_r+%FGzvY_0aHx*j}E;!y+bPsx`IUi##<)SG7|NG&pMch|4ey9hI<!
z1RhnaAbV%p7?Y3!snq{(h5o+^XFFrk{~xS~Iv{T!{VzBXr7QB<qZzI|@k7-w>%0qO
z+~h3rIw0giH~Z2ql4L$goK_Pk(%<INu}4MqPJ+aK`>`6{Y@<8@6okgXxLZ1%@}JbR
z3(|IiY-+SL=+vkM?s*&?_g^dq-6#gK9S3D3<djIfX$j|sO4(>=sM=gJam0<hV(eV?
z_;4$2HeA*GImvhDo$jLq=I=LrE`er<Yv=cUG%^K0ulqV|Z4sMxh)4BOr)0m^-!9J(
z?(N;C4?436UbjdZ{|VtT6n>e)lU)Q?gN{w{@IZz`APqk-DW@OfEhQ7nz2rVqrfEUr
zX?*ZJpH^Mucabqe6gUgZ2~e3YWmzJU;sHS^2Vo8BmWhfpuLASExz}vfc4w4FNWcuu
zAJvOetPT-@VCPG+RdiT`_xeNcdG<s=oBLvMa4^)Qq!CJfM!q|s{#8EH_<6kK@69Cl
zD`nAv?heFoRG6=ArVOpF%kz10$Pf3CL`%>>8xnajDcXLML#!vZX{U8UOY2gF*Jh*9
zEQjzgdKh9avF~yfM0cdl-|o&?|2-f3?9m+7-UmleNlJY<#moktnA0QV&v?~gXy1iY
z8X&mT($U;-!~5OGy&>g;Ty6{FX2Bs*AR8O<=VH*0;@9W%_kupVD`>e}v=5{j2o3-7
z-L?H<2Gae0p1<`oI=zF(J%}qKhIs}?BkGg!-Wj_k{-qbc>*fHZgy(69Jmt@WxmpX>
zR5Cxa6YnUJ(i|gO@mKS_Ax=R&)j{e45wFxzP@}9&1eQkkKCKg;Qy+hNAGY^~>;d{A
zgm4J(-1V}Tk8Zb~T1PKc>WIdexRubRkld>1O0x<z4K@pIj>trHx`LL}Iw#-E5xrgR
zRBwNIe|16BulaZ3uH#<w*_`vkjrof?-$vkMPQtS#Ds1ba89Qx<`F;_}EXXJw)A~w5
z1&i9@21I>fn&Mh7USC}J084FY9VJUyjW%RPDn}(~6>%Ia>k1(bH}AF4R5Xo<{&t1)
z<>Wuwm1P=Htd9{%2x8v*T#*3Tp?!g{KWB3B%!x5w!}r=-Q1(@Yj6_C6rO3|biu+Kf
zAf@qc{y6ZO|0t{18`Q+dgt>V22^2*==?}etGAViu1xSR3cVNNGw?vQp4M-t~(Bt%9
zac={Dfga_GOc6%p<~u5;OxBQ2dh!c?bMVaN1p?~8>59)G+~)R*9D?Q}9v{>xH!XWZ
z;Xqo!<LzPk^U8ba_sIjV2O8N$5^NrW%pYAw-Vga52h=-VcM@M9-7bIqw9dD(`?OBY
zxDk<Vl?fCNwtvWoQP37_1QLRl*&4FndYWy<^rHNGc5j*vT0;Saz{`Qg$Ha)W%%#d9
zQk_j>fA24IDORA8r>zhByGM8|_b-=op82C!5NmaCAmKMDl3U#6Ag#W&9N_xkHF$v+
z;v5!M?UsfoM6Z#PjzZ#!1}NWE(I{?X<3<?qxBNQh8fg2-I{kya%H^1i+UH$1CYuts
z7bB#<P-K4kbO&-e*^+<vIGDCS$C>UshgUHKRMPkauOKc^Er)!Wa&e5O6aBEKo+GZU
zkkOyiD62#PhbyNZuil)gX@5THb>ypSL1f-vZSndFEzJ(?5d1W4L6%wygJXMI+!v{?
z&ik$Gr8z6_wvCxQs=+5O3z>K{zm>Bo>Ew||tUcrUCV6w5Q2+c_QSNw`dGH<H*~Y;9
z9#hNwb#>4ERXiD$Dqv}mT<HKhM*f&ERNZ_69BPJmD!g&8?f<emOrYdL3N&1w@i;v*
zxxING&q%bcCS9?%$kN$im!V>s3l1<#MBk}J96u$rRxvL+G;C>FO|w=37or8IblEp@
zVbvqh_yYD6;}qT#A`u=W+xzUVsHo~;-J+l#E_-xw-m8r>gIvX2*w3FigqBn^+IuGL
zA{Hj1+AD&D&0Unfm}O%+5lJcu>c7}WQ`29knkB-$nP=80G&kH;$i&pW4nmY>5Wqdt
zVhkE=L-LiCL9V56Vb!Zdk>XblRQ~kjI_x=SSow$Qc7A4PMhvQ4SF#(0Kb_(pf53Mn
zx4Op8`2qFr?K$<Vn=5|0C0Ax(IhPCGOK2rJk|VDNY!mjDlRrkY^T1nIZMD0y_|K}r
zkh6suKfCtI%Kndy_l$ozs~>&xWm@O1TVxr@UDTyT{UUhEf#{*K2c6)fJbW=m=!HHn
zO5s-{aI=AUbLcWgW1vE45_NMz1|Sz46_Ceo(le`u#RU~_!!Y7Fe0-frsL6Maufq8a
zg1-pH@6ZEo6r(ySNcp8LV!<gLXlBOozR?d4=|*9|N*_LaZ}2>K(W5pGCY{h5R*Z|2
zp775?3aYf}YW)I{g`j!hh*Cp)WfW?i<-SzefKab=^O>@J`NOjgsX)hC=wgA<)h9P`
zBf`+``uf7n#JZFI>x)&rfTw}C)6xzu|3_6fS1%hA5z!5dt~Oq)6X4QRUO+%~%)$fj
zB0{3hp4+G?NzuTtUMz@%MOM<IC?z|_c{G9D0*m)UamX=7-P}au4JGHF?Uu0Y9)P=H
zKprCuIC<JKH&H$rQpaYbd-cdQ64?$Z(KptWB`YyO=qJJm*7lc;V@Yc?XS0WL%sFNX
z074pYB(hez)s4di(}5O|h3Lrl4-+m)2-6b`g{AAfSt>3XVwPG)-f3RPD8D*TAacJn
zA&;5{m%=KIc1R~X4*`UdC5~_e#=|kLUN0ij(VA*`zWbARMm0izAL7Ep66(v&XAiqH
zfl_(8@Q*XNFy|@R!!}KzIB9}AIG=buU7&>SYW#PJhOh|IFAzD|jB<-{)tx^Re)x77
z_D2#tLXKsn0XIUN8Md^#lPF}I98a!}z^Gt*KhL#T>Ih%2F3Oz41)dMcvLg4@O#LiW
z)7N9T(#<hf&dyZl(lNc3Ty=Vbc&~!joB&Iy-cC*>+e>j1K|HJi-0)h3`)9mu7|)8{
zAYf-OCPV>6k~sf{F|u?)N=58yHo=+U^X5xs^J6#Weyy^6#Rd{C@c2aD=5%HxM8EOG
z#UKmh9?hSs*xoe`@Z(P_n#H5__m5+i+LaGT(-T}VkQ@Q4i9;QUqZtw6{MwZH6$WZw
z#%;rt3x27bGosx>e56>UUHE}5hvA1)wP)86dV+{+x7W{gvtzYotl<J7fS1a1KLdZf
zAp?dAo&RB8URi(j$4g|I%P4&LFemCaa$Nesetb@8bWwD$Y2S6eiKYx+p%{ofTfjV@
zJN$M|yFi6DH&*-X9jK_3K*k`L*eF^9W)CX`W>q7kCoXnUqq#Mzgm5epzc7n1YZvi@
z25O45j!iTzVfr)V7g;%Wr$wP`LLfUWQi!%^5{lK4KVl4UfaS(nclBj0u?n+~qjqx@
zAuKi4{EedQCyZXM*i)g=9LzTs7*VK4`2bUuU8mSUR-p$pW-97tpv2b%GSn|1BjSbX
z?OdsX;P<%c3AM?fRK=ZCH^h=L(jb#j+z>}2=a<UeMBz9>c8LygypB59l3FBL{ONz*
z%Hpz3TWBeapHIx$<Y(0>4`CT=NC*Bixz2yR=vP8eV~v*Jr!q!bbtKB$)l!%7+r~3U
zocPFNuvX+_u$+Ae@|RmOi(=?Pes#K{B@x&nSebQ3&jNNPXGgsw4mAyWz_d)hqT2s#
zu8KZ`@lOfhyHc|1B$Ax?@O!Fd+jv(SXVeb9{c}X+X41aIdONVP^f$M2-wD!?44R)!
zxwA-qr19*&ITn^OHs!+re-3*b>Fw6~;x~-A{iD2)j{r_eFpzQ|Vg|zODS{yYruydJ
zZ;0`WmlSH2bb9uF#c%BWD@N95Z-PGVUTsf!9qIEPuh3vV`|`i-dYbPpC2#QLV{4vv
zqp)LNkX;kL>!#j_<LF)i1<JE>$(-5(Dch(s+0Xvo?uC5xRK1~N)f_ZQ$wz(tG4|6m
z@4iqPSTn~L%gLFy;U5mdQV($+w4YersX#ifJ_o)_y2@~!Lua7roeIRtXO1@duB6wc
zhK}Bg-k{cVT_cZ)jv80D`l&Wl%wx-;4#KEU`ppDg+HcY%QwR`w*kCn{SBq)6;?0g5
zY3<)=1zF=1fBCSRW)NKPyzMF!)V0r+VzrJ96DEJm$oPJstaydCXndd{Jgk#KngC2d
z)o`fWJ0L5mmWLNT8*6y2DS3cjFT|Uo*3MLt{6e3h3~mXROyY`)XR}=I(_xXJIY<#i
z3(m%23pyale5%Po@ej8MU5B@quUjp2Dz<E&<f<6{h_0#t0;8GI02TqQeActF@5`Xh
z<!1xvxCL@mg+p3q|0gWgCwA}qA9W`R820->{2Xe$T8vsgfJhGwhG#tnGt(DRCz(bP
z2AQ$>39Ky;bAhIVpMoa&Hv;M?7t;9}p5@GG;;Lt}iQ^ZSVHw$>Hiqc(Z7w$-)T=&J
z!cR#sDfn&CZdm6;9OlWJRmy8Di0~i=3-mh3)vOTLB(m@V-s_SZJxubVcBc<4w$4Rc
z?ZSs*Mes$U3m_X7R3*WuGZMxUC!eAl+2;-f5xjy*%Rle3#^r2`yPqNRVm|szO{^B@
z<+Et__pw=`X`)WNpT<aQwu;e?Eorr$6OX7JQnCoxd<{{g9!2(mt^2SxGBg54V-#5!
z%Y*=7KASz0nN#s=U*~5TfH&W$Je|Pb!~0ZpDD%h5>X#oYVfcJ_zkacA?q`-!rz_5W
zP_`8p{H<TeaNolt>aaQ(ULHhsNbxqx23AnGOo8<EJf9bo&w^UmVP#77q`94qKb!I(
zggPa>hd5k;G9U5jkXsZ`aC~>SU%$3Cwj>EQIQvnjKAt$JgY{DJf#gXHCBp)VbvX-I
zxs(R0C5!t!YDghZMR*>C^T63|Z)d|n=AV>PY-fhC*QrryI9TI>W3eK1r5|1COKMvQ
z7rNJXJ#omS^640=Z7q7DM0#!2zoEqotV6$Mjy#>Xz(;B%Sac1DTaokHRKZkLBuF)^
zaaOIg)r*2p%Vw2IlNd;fPP_v)dN%MPg*N`iXI8BmnHHxD0F%D&{$4Sz*cLW=7PU(o
zc>~669vXMDmL#J@$>=7tz+t@g=^p83s;OjTyMd5`i{bd~GedcEJ=GAKw_`gJb6cAv
z{N%mL+O$X@z<Q|s?!ycp4J4*X6H!pJY$D=UKxchxA~{L4emPZIWZNgb$6)W*2w02-
z`(elQJ5Lxo;Ts(Vn32o2p>_<&!yN5i4=7FTWT&l^Dnt|2<kC}KtxS&Y)hMdj;t^J9
zGC>l*JYHh1FMnda0ISVt?a`j+^GLS{+NvYzrssFBuI9;a>hDO3o4})~mr8ZFjkMGh
z0B-e5=pE^2xiSEQmk9^IWYoLT%*vF6c1v|Ou5pTT-qN4C{b{aED*D>}fUD?f^>4Kz
z3c=pal>6ns)1oWhGa{1u;^1$MMbo3=>>COoX4WY#6Vva4@J2U7dDT)ai{FK(bV`k>
zO@P%x;+;VHog3Ycc$s)LMNVa8{B*lCnsqu7E?y&$;M$KN+r3OWdvN;}fK>xoaCUaw
z)=7G&Fro%yTqR@lB#Ee>&go44W_dTK(4F!-@xz5sPrtHUkr(0@!kOasCsCJHE8~6_
z)r5Wq?L7n$A&F-%LooSv_^^D3eagyqvqv$<)Ax_rx@WZ!ZIPJ2<Ut;Vc?sWdwppKS
zWJi^M1xlgH!C|vT^p~5%56y`%?}%-x%n;Fp1C|_VbWSiti8UD{AiZAlIYi9v*S2Ee
z$7`3f1OR%S+L`92-OH<kh+Jg0a&GHh{djqZb!rQNl)T)kS8V}7C^L1+z7Qkgh_Pr^
zTIz4f?88&Yru5ve1r|;L4TX6L(~H;!13&-Nc}h{cN96Y>xjjf|kXMcjWb9#&=OI6{
znw+K1Ot+;s(9IWA%=Y*Z#$37UdN+5y!!6loPg0pC{SYgMw`mz8th@*3@vVR#f>)SL
zs?~n+ORvLj6yd>6Dt{qWQRr0Z+TKUPzWseSL=n}u>(EI8%07|nd(uUvk4E(jvG>o;
zIpJ*Y(1v)#p1mC84OlUYTrOuoCs=Pio}^PU>Gpu-HPbxn4feuSM9L^37UYz%Thuzr
z?YojedV82%$`_HgT#~~smbN<MnLEdYBWHK;+!*d_9i;XeqYgOT8s1UiGQR)U=`({F
zMBJ2Y9;_CK#oLwkcgIW}R_k-GXd+CEe*ar0FcAi}zpo}CO;^x;l`GrTjbBx+iVd;p
z=h>QgMyt%(m^?r&7-jGCSPGf1NJ8I29sM)a=sUZ>S1A~rI}*ei%%Lf86!|x@ucudU
zoe@SEp$)kz7H03Ufe%>RQg^S;u}(0jv~iqdfCj+yzg|Wq;a${)%`o6fuvxNYcp*Ft
z`9||~{Vb?xs$i0NtNQFlEi^3a7uzh2PZ4gam0w@98p_Yj(lqCK9NW9NNe5iN`!viB
z2Mp+-#9xHxzywE&$CPDC*@`^TaR9Z@D<F*c6<;e|6lyGUo@=no(|%htB7^V9!(I7+
zS(}$rWfFyp*SY-T=_@cxLB#_VtW<GBuHP=@eDD<iIioCeZm4ZndiaYMd`Ul~U7g)s
z9)RReKTXEPBl1-HdU;b!;}p|KIrW>(GdRfCN?teL@5+`8sO@-H=Zndo<G3yAON*ba
z{T+UCdPvtdKj@>BB?of7H}I<_6wWSuSEr~-WT$8Q<niPI{6Uk>qFk@bq)wTHgWOtW
zKdue@g)5%A!CIwm5AxRP7a2QuVH_hqe#D&|`2X3~nDHa5e?+m-<wgf9`t$~3C9GmW
U$qYyd|4|h{Nkg$z{>`WV4-a^0`~Uy|

literal 0
HcmV?d00001

diff --git a/docs/admin/b2d_volume_images/gparted.png b/docs/admin/b2d_volume_images/gparted.png
new file mode 100644
index 0000000000000000000000000000000000000000..1a50155ce2a8ee10f1b7ee0c3858e8c4a6e4b316
GIT binary patch
literal 77989
zcmYg%WmFtn)9yfUf&>{7T!LEygg|h2cbDMq4ug~6?(XhxgS%^RcL?qSb2;a{Ykl`m
zudbG|UHj?XRkeT1%Zj0);G+Nl05l14VMPD{0SExVeM5TpcEzR`z8e65eUX<|7Fk`M
z-&|jYGFe?;U&TiKo|_pj%uOjNDS<+vJ9{Ukg_+OKPn(;Y-QYF?0(@*NED{ouun<sI
zMp9E#)9&uBmX_A&*qEew;PLTMYfJ0Y%;MGMrMS5G%F0SlPfxFjT31)spZV$Ps>;re
z&i-ET>gwvm#6)>{`O4B<e}DhOV^e!u`_RykuCDI#;w%fx*ZsY{;o)Hm3(Ml-;+>tH
z!^6YN%ge2;t@`?UYip~er6n&f&xC}8{DOjwjg7^{#f621n3$OT{r&m*`RVEDxw*OZ
z_4UcgDMdwvnVFgM^S@J5Q$j*Qv$L~YTtB8JhKB~a^*zJ34{F%i*=MFkM@B~0*4F+k
zPHVeHjtuvurltUaxPE@Vr>7@xjtUM5?(ObKO^Iu5sh^!58yg*<pdgQn32SV4GpNMe
z+<anuNZ&K==<Je)hMIw%UQJDPVQz|-k2f^zcV|a)WMufu%ggH0yn}-sGc%K!nW?Od
zbbR!$$H#|~qP)a}=*-OYz(9W&7w7V_!h-y4V`C!^4>v<Y{p_5aySv+~tLvcXto7AD
zI&Ptagao7R){mzrx!LIwQc`n^tKGe=OQQqG$jAfErUpgm%d1->)2*Q5na%CP(8L1e
z9KdmMg=ymG<Wkv#3<%<ts~cR)trA&$V7}el6)~v3usAz6*K6GaAFIKYHtzUS{;PkZ
zypnZL<6-dQV^_GHaPSg+>Z%$Pdhb}rJYE+RS?FAz8WP*E$it&k+BYxZQtq2#48vgB
z-(Qm-XlKoiq)z{?r8ZNam)lqWOFZr8!L#gZInnEO?HfbQThr*qsg;Gvs<g^3@6`6%
z;rO)jU(ei5E#;su5?)!c;uQrZQw0?d6K0d$S$AG8EfKnXW$;BV8oV$7kd?|#t(-F#
z=Q{$q`OC(~#-=W2y4!@9${b;fVEOI7q5EY&K0VrpgX|O+E{8lBJ9Yk9E~$ewE(TZ_
zW$z#3ksQ01!{OfMJHs%5cQh4Nq|X!ce})~#*3WLAw?9hBi~(R6e@X}oD7(R&c7UwX
z_fr1y&9jFE&hR}16WPVvcd+~PMlYeg+p^s89~>RqJxjmLw;E4YikIZ^WjB8wG*n0a
zQ>m=jZGc)<nR-SNuf!-mOf0+Gh2T^g%`cyhhRisEA)jq+A@bROics(&hrhrIFXP0q
zBMQ+oQfc|nO>WWqJjH$eparCT@6B_5)51d>XTk*b>JRevrhoEhh<}fcUa4JDWaL!u
zTHo|N>4azqZP%d%M&~oJrs7Q87K6XS<lW=xonw@3RS9Lo$W&LB4=o)-<9ebNibAGw
zv|bvxueaCgaVfSj5cP_++m>E<Tyj*_%krI$gzALpFleXm7!f$i=G1%3L&WptLFV4}
zsdoHh;&Pl7yKdIQI#6U>-qF$~%LK=9*o3w>(0Q%V<F;;W62-yo_W0~7{rMT>vc@?8
zx_TkO$1hDJNZ^P}4e~Noo6HqiTU!)Xh#xme(?DhoE{;9#tOZl+(d>FYRh>>O79=eg
zf~iiRvsH%lk;J{ik++|GGMwpOy5Ng2KL#f*Fi9?AO;%X7Xl~pTB=B{k*ZEEoI<xj6
z{;0dO-LtjN%m5*gwq%*^Wc`w|uZ)M<4rOT&%GC{M-|&MZ)J#pkx@1=AY&<4RV5Vx+
z7>bn9zV8dF%%s&|m-+GIha2Ou{=-`ID-`k1%UNAZ;+mS?<?RO1>&x#~2z_PqQx~<$
z8lT)b2wc$C=6N)8UD<xO{Co~RDztn(b(EUqvORK_3K;6Du5W{mq*Xqat=K}#ENxmF
zNkBXwc>+0qy52V^`KXOxbifnv8lbE@fnAXQ4yeHEhd86saTr>l)*^Z!FwIg`SXyo!
z+&nBjNPSy_o<fA|e(`ZZ^-(fup^gW9Qg#GF4M8PQ$Sodf@oj(kyq{M#UZJ;}!^)0m
z0<kFxjNJ_d7|c>wFNo4B22+M;1}+($7BHSpha_L%^4XCKs1V$PQ-oHsKNX&6>Tb<M
zrd`QB7D1F=!L|_A9NHVS{nW?RB(T?IznYG7P2h>jqQu8!bBFmivb<;?udZDkKMnFe
z>GS%eK5~@)9ozIaHYQu(2fO!;_1xYnKI7?Gijev+T&#)|%&3z+Rq9RyprQJg%WqTm
zRG;^<{*?u)dNf_dejq0siSl{;k&UT$X+?r;v!vB#h#ZW{yeRBa(a=taNRYk5If;3K
zD9|@HG=@-3GK-C9PdH<^!a|?Lys0zsM^#7utErKt$&dUu<!Pbu&~q;6doZt}+DFFw
zc&0>E;I5#Ih&<{-ySny}GJ8(|ebQ#wjL<JhU;bJxEDKOqdw>Tio?#cFbF#!2I2!IR
zA@zQI3cnpRkvyv06z#D-C?ma+8IWSt7XHT`G{Tn$=DN}&G_F&lZ8DP&(51hjmQ1Q@
z{@aSHSfL*+pLU`8=fku#_GH|$h_VR}ERJOKE<bIm<gjwjD&8Zao-I*}1o}q-hD$h<
zkvpi{>?J>i#EeW8wO<~2VQ@Vk_IWDurr-Z;c@xIUVR3Xu7+WJ(3!Bx+TXf!59fetc
zrDrhB_BjrAWCk;^nk-b2Ff4moNsY^ri9(GE-yaDLPruqSQiUR6TWXw9xzzm8lTz$?
zM^cB%JZ(mH?}{Qmg~1D+kQ)B~OsZo!LTND$I5e^+p6tc0F<$P8T44KahpC0t<6l1n
zSCc?lXJ;_1&r>^fvN_BeC`r<#C8?8B@w>e5vX)UkhF3l&5R)(cv+}vb2;cukm(>Ef
z1Ck_0RB2LeE1#Fy?uK=2oE%slKx1_g`YGUm!3qg!S8QcQsk1K?b0?lj$uR}72&=*R
zE3dlhgnAI{yF{fxV}9f#{~kgeIH0nh^Zzl<>v)xOmLl?giZ!sa%VBJlRAtgmi54zP
zs86lAsRZOkCnzd}Rk34+rMj8U!Vy%J)WQX3Dqk6N<5+#JIX*@n-W!-fPVY`*<!G(8
zozp^Uq_*n|FoWkH%1vPFPR0~xS;_Y){r?PU@k@v1y^7Em0401%*f>yVr1p%bthS1&
z#)?Ho6TFl67{?DcM|9n#c<90w8aZ-S*>V>(eQLKXBLdHMw)O9lAtU`>WVFVK7)k31
zc^#yG82g5G=*^#<zR`--yT!C85$2KF_v`dviOQap?xnuXjgx;4MG)2-xZ$Z>-G!N`
z?LvH<3FGm;hZ>!>$OyUe>8dpOa6`r4sA7%*nx3XN%|BO^Jc&VGlS(T#z(|2VJjPRm
z`Yd;mcaiImBW!9)>Q4K*_sgU+`}x!;Xy&+k74JxY6?Kr(!ab~-RjPeZv_RItU6hKq
zbI@e`+z^Hh@vU4&yh82cm3`-5c07K>LJ!JBiMd+5CaFi>)tl5C`}|M{Ip70fLaVMx
zULqc<q|ZSkQ0=$rjAMq{66=#TM?Z`fj=rn9?{GC<;cdNGspCo6+TN&|stana{+Wz6
zRO33%OtR51SbK7*R~fTNL&^c5E>CD#Pk*RtIX9A8s8E3Y!>Ll@nw^B1*wKn5{?&I#
zxG`3>qTbD}Uu_qGFllyu7m1yQw|uuaD4?KM4>M1*=0fFJF*O0)i%5fTP<N%a40EBd
z<E8par;np{WGwqQ>G`_ySEJ)R{V@uqr6~hsllJ=3C$|mFe&y`-b{xz4e81{A*$rxX
z2ARiJefNe=azdqNa7OlgD3!c^e}J1!<!H1#zuY;Oh$Pu)JNW~Le4|J|jYQXz2AZto
zG39;OJe<bh<;Xi?cgl^4rcNW4hHmc;&r+|uZ`TZFx*hZ##Zg0HzvJ183sZdBo%~#l
zB|GfcE|tuWmz%P*Wcax`=YvAOM6)li5&t<WoINV7v=RGj<90Ab<I*F=p>!VJ$|)qJ
z7Ksdy4>@3kt_JM5uH9a=Tuxg5fOhgdLJpvR`E3xO>jZ=6_)AI8w-C<^*T}~xlY#Tt
z_F5nP+0<8?*T=4j+XFW!)J?{9l6oDwE)_-j=rMZ_)xMr=rWJpZDh)SN|61xP4H;eE
zIe&qSe}BEz+i<%+I49b8X2y2t!hj*GPLWsQc&ck+_PiP%U4LCt_=fPfgb8@J+6Di#
zH@(kT1$vkkBkAni`})Fi<R4A%8w{9kn1~^^y5Q~ocHt@<DKMF{2`|MNl<xy)b$JDg
z**I61?#w>f!#Bk$o;*IX@pI@<%0~4ymW-`1y14*y@D(Is;>9_5&3Q2?v+lfj)t1Pt
z=d(!vTzGwsyUY6Q0pfw`9uOsKy}mo<p#a?^5fG19>-eaVQy?y8jlN7;@6|*5o}rsD
zU@u5z8++ws!8x>LKZ_O(Eun1QB5$LZj;q;RQq4_4X6qb!XA9Mh*b;ey^=Mgg6~`=Z
zJX^l*j@oEF9ggyO=#9#3Kdm4ERhurd9|d@EKi>?;om=^A^+vt!hwwqtqIkUwuDPh?
zd^9;K`X($urUsES=*@6yF;B@N{LB~$Bb2scUDGoVjh(;yGHV|AsVe%KcjXyiX9J5|
z6}GyI#XbXx1ix-8$h&HuF|D9C)4zd;CPztL&mO+Vo^<VA?UlX$y&IhWsH?%30bc2$
zzI0vZ+}CS$@_HPAHX3g6o1a`Io_^#=dIsahW;sEnTDnL1ynG%9ZjYWp6OX2)dk!iy
zhlvSAhk1)mXJ4J+y;a49v+(BdA}bOCEaaJKRZ1il*F5jM>~1QWHhgBT?pADxUi2q3
z*J|HyA!dd#fx;@Q_ih*Y>f2wRfKNS|(QezhA3kX8<80MVhop5Am0Iw3E2#vs?SDiX
zeMjl|=fR?!cD=8<n1!0lb9N%j9d%Altl=7u7?lvoB;kw20R{&`z6GJ6;_Gz^IO<@-
zA7qXNx+EEr>AWg`-I+f@KPvamXN!Oa)CbK_U;JyUDkTBQ$X=|HxBbr3?+^2>FNA+V
z=FkjR;!~oh{AaymqE$I9@eQcs1fLSq_tFT_iWwc1t-TyN+*Fsx2A#nT&&z|^-TwQ?
zbB_pqnoa6^iw4N3j_Eq|a&p~bc+v;*nxX@CDo`Qq_J?Fp%kkB?k0#<Zl7^>cad=<J
z8o0g7z}6pPS1xP*Ali>*ZaFt9O!+5YtT#=ku!%G7_G5dkA<B}Ytvbc-B~dS~bwdPS
zFu&4=n+dpr4DdD9Of+Ica>TLKfh|6Mg0ut{|0yl>aTM%z^e{BkOF3S6Imi*f_luj9
zi<70c0}iTavqcL2^_S}#OKrffE<NhkU&}o>(3})VNtDEZ`^rPoL<G2&3L?e&s5Crq
z%Wq5cY3V`!{II8&!iZ<(#nh|~+9}t%kMJyt*z-c&JNC?6)CJOqUQ4EQLJ!hGh110g
z_z{u?Z7?F6&IXOD8|=`-{!dpF-skO&R@B{WaDR$bT+e@8cR%xGlAVL>Ocrf8ku=qN
zsw`^nc8^?%SHj!t-NQtOf1aoFwltPnlQ|3J-6?p|%LH_kVyRUo5TL26`m%W6Sr;dk
zTkM<hT2XeYoF}ytG>|oulB(bz`;L%nn@nW~oowHnLCQW;M`ou&>VE<nu8VwD{T90R
zm3;Ct_)NBug;q#u3*({fdwQKQJ1y<c{?7|9`Za=fn$^#<Ws4QO)qf;ZUaiadiW+*p
zSGZdk8TF?A6(NM-#VBo&Fh>}Jdaf+2H9d8`g%BNNlnXk_b6?@9zrnw$_q0x;d(kqv
z<^!$EVT|twncgoO?}N=(yiXR0)U96ATHBHmTzz&r5f>&mK`W_$eMY9PJ=fNrM_g9w
ztuqwaf+gD)OGb_$Wj3e|YFbnI%EWF{<Khro1aS!7FBGn3M|0Q4)@y&~`xkxt6zdgX
z73KP;C6?zV2|dm@w}Y8itE1`{$xbN8Z^xs^zpv`(#!W$fH!pmP5Z3xYNuJ0gcDirV
z(Ul9B{1rb0w365Hd~WjY=YUkoW-`sjBY{tS#0^1tv#CAPc^0UiRQTT>htX-yw@_Ds
zCPUa3sCX9&1*P$5m(|K6@mW^C6HTbfHcJx_#A)b9n3>N|yvq2yhC3awP{ezx)4mVi
zSTcC`2ExJ5ELu1lTkOase(qosR0e$6b9t@op!$@{!1%3VuE27KIiJ)&Y1%6&{VEF#
zDXR~9=P4R(n%NKbdT<9agbe9qbXM9J?+39YgBpajXiA<27E~HvuCFan_as|fRst7U
zn3=*%ZU;(kBafq3V$#v0hRfHIC7(xlV@SsbtjmFuo8Y650vA=ppFX+ghim;>@mWzq
zzS)j?OkyrztcK@cT3FgEXJO`GXSuUdv3XXb6>D%I=!(k$tby>VSp|59g3V<ZQB9ua
z``j7qOr&mj9khxI{{{P!UqU>Qxdjmx9g5hs@whFj1Gj48d?;7BV)sGzOM$*&LlT)k
z9QR-Dqb3ef&%vPmF{K6z?HIOWXQtbc-?I?o<NAT@pr@YSk`Wd`hx^=pvMM@xhL*R@
zii@E-@mdABW$_8EcLl&vc-60>(%-K8#o<1FSwLCHEuma3pO4+{Yp!hTb7{C%gLf8E
zK9L}7A_TL)8reqc#_V0#=m)GkoTwxSNW&96`$(0EjeuUSs_f+vrVT1ny)K}`9lRE_
zv>M=j=e$0;W`tMgiDNNI!QRH>b%QicEj$2^R|C3Q#&D^;<uHl2uBj_WHbKP8q~*8l
z!kUEQvNdFU{%HgCIo|y$`&jiq=dLHn^Bfeo<QPd>5K9}>*6m`629J-x*3s{g^z8}}
zL3zt`4J(CbJ&~e$yzd@0)|~DWYPSm?6K;cRHaeoH)1AX9t#e}EAS4x3$TgHTk8j_h
zThRx%cyha3GX)e>t0r7bns7eADel@SCcZTAYy8qde_@|PF8NJD8ds2;r;d@kQA0<-
zddrD$(NZB_hBd62c(B1kN5yPT$#0pA_E<qs?Dt7MXSPTa*7x?7<uh?D8d2wx2DOER
z-<6@AV^?#s0U@kbd$iipiv4F0+&m*=B>e^LzUhX`Dv?#85_;}_&8=Ft<wsNjMzH^o
z2rn+o2=yKx=<y_5i;}bXVMaoSJwAk;Nb6gz{f7R=tLv@fO{b_($ZKiD^OLGYha?{<
zG)ivxd`k}P5OKQ;{FSp-Qp{?GnEh2tZ)58~O+ta`J9>rYHwSrWaYSVq@wDzC-LFpE
ztX3Zqa66W)`)sC48GEIg9NBnqi0UaHRfWsXGVKH(0heNy3_iZqYaw@dD`)H$+QmBW
zr)0s~6R4Ay(R`#u7)VBfoe2oyv{0-(iVLd5UG|kMpBK_H+bj-*wx27B(I~8>kdn9|
zu|ysEv{udGv%b)6TS<C9Z=LqADFy!r9QRtCkK>-ZIb!)AlW@=0Jlp4S-P9w`*XZ%>
zLgVo)au}yDe5mYy+G!PwXt)oQG9xhWyNcHbK{?NMVD*@ak*t~YZ;P=+Y%1Sd1v<Ek
zRnNm0IOmhswEg+@Ob+TP4|PiVQ|>`oYPwhYMdl|*$`4CSww=3_P+~ySHR9K|g+7B*
zKMIxT>;#{~PC^JVK&&`udIFrOBEljZS{$cBHBR^M_bxX;7IFEotE-11eg9S{9MZ9g
zm!;NZ_W1<n6&T{&@gu*nT1Ss=4i@^Pite2OgDVpYmRfU?j+2a_a1^RkX4<3j4z{Qm
z?TRKornNzB3eThawjDZS<@JjXZr;8M)>)zLkcdXj<id51VqP+!>ufK0?bX_DQ&INh
zERVA1`<y0(-UfAhBfF8rYe(mMjAFQ-D$tmIm{xZ&)ex~yk=R}tehGTnpMUcsbX5&M
z0se0G``KNYaEOWBe&na>%zr~)l!SB@z70167Xi6TNz0Ad97Ukr&GuZkfPMN`NNh+I
za1}>T?;;6xTYRm0kn4x{)9(w7t*o2mr}k_))R^{SWs0^zA93}v&A#Y}9jo~9g$`u8
zwcDLddD~z6t>O|aHpm7JH%z|3U&u(gAAXN@eNr*x0^w57Yrsd)7^}*jK@#TNDI0%i
zU$ehr8TVs+rY#TD909FgMR6WB9ypb&VK|yB%n`c0pFdV`=C4D$m8^|CMys++z{&!a
z0@A=fR!JV&Io9d%2mA%VlNF<7K^;D`C?2l-amI6!cN!-u7)hm)Wj_nI+T;ETYzt|2
zW_{dNo}aL4$kCRVNR=FyE4{eXE+HhI6#-usmBrJexrX_PqFo1z8i#_sVXOsEZ+`h_
zFx?fw6M1amxVA0D&=1Z}0q2sOh>91=>fzTA4<b&Qw!Z(EBb5cLSNMq*RHE#Xn3th_
zEcy?v4+W>(o%d9Z!u5k2HzO|`c`%!T)QNNCdozFJfo{m1;8FE{fb8~_=dkuZTp>3E
zjSm6CxB`}YkQI90+Y<A$I~RN;;2sbD##L&bfy|{}N2drEF*p6Iq09bT6;So#)Sy9H
z#M%Vd{2ma1<utzhX!<Ea(;mgL;caP#lt@P6CjJiuyJ}6Tfd%h>4_(Eu090gq9uO8(
z(g}3MaF+$WLqXg}mGZM!mVjZ_%4e}l4+fC89Dk(DpwSHeEe;3^&G8OhU=LNZLX(A^
z3a!XuS1CC!Km*gjNG0DxMww4AVadZT46>Eu_dUeTI}{u{#Dqim!99WQ0z6*SEU}}|
zG7V64!*-etUmXf%8vhcCeWmf8RVBSaPkKFsKr*D;*9O)8={3voHHD*5?^-fF%uJ%B
zzj@i;QxJ3C0(D1(IzG@tPesd4&24nMGrRG^;&e=eJIu(F$s840PZ^Umhxb4^gS@y@
zU&qsdbb-Wr4Lsnt2<5L?>g(7u`^I4S6M^tB+j<G@jKhYvr#1rw*X-?W0Iah(h(bO$
zoORh>sK0J%3^L7>k*0;Zk3oYkYidG%*39^^vp2pZ+M}7|kn|6-o8VPf_Fq+65zYPx
zrP||5xJDHl7#KiLG+HFgM(`vRCyM#{TGPTMCgL`E8U_n`A>}J)`qG$(Bc(!ZjY(M|
z*2hHESox_obZd*Il6EI}<n^b2>7Yg%Z2|V2O1guU{3HtGXSYqDG|}K~+HL{LmtVjl
zKCp1CSUf;^6=)<M7`BM8DB>za5h+-xb%9;-!{^zM*<0xSP>N~S8(tnjSX~tTEz|Ou
zfX)W0;Z%2>c&R;Uu~Q${SGcAbl1qrkVKY}`OBkE!+ZpZk<h3{&(5h)Z&r*0SgR(|I
zlXpF+QJvY)bnCj^j9IxdUKJ%X!I&~_+#JhB`5|DaBwmcDZmU8wZnc7uf*-k-^0cOf
zt~@D?e35iTs{J&*OxQ!K3#&4UG^`r2wE-8%lR9%Etb}HY{gppt8F!AM8K`;&Nzpvb
z>1zLy@NJJT>hamgQ8UZQ=3R40+$F-o2T0w&k(hoF<s^z>%PbO~jFzd`#s~*e4_U}-
z@aaN_aEdV!ke9T#9*#USB5qp^QNB*!w^2$Zv1B$er&$kOjdTkA{K<uXZ0w@s5I4n+
z-ISA=u`Or#LutF&XY(R?yIv|s_!7@N^0{z<cO$Nm6tM~B%$&_!xI#b@i`L!>d}xV2
z`yvNu5doNlz5QQSzNLOtLxXx6+_w}Xr}i`$(!ux5Z9QoMt9X&;JS28!0C*)?gYVX4
zPC-+6W~gmJ8ue-d#Ut&Bjr?kEYj061hq~d9Op6`aM<YlVk$U~*7mhoQ{4Ld97(9|<
zt;zdUDo^VB_k_Mil;MP@Qe<Ih;r^=GzgsHLAVi8t&(u<xG(0Phd88=<gp79M%MYU=
z1iu8%oy@BhK>ti;+v5<3K?8h>_sp7uh1Ek010*f(hY<bu^qE1wU)g4gd@F+r(ps2b
zj7jiS)o8F8MAHWLkdyWqa~SP>zb}oy4DR9)4R8@WI2vM*V7g%`O`pc>>gg4;*XB@m
zgFjsl{!XBS6503FG#>qVb6p_yaW|tSmO`gSK4UR1{Ob&cZFoOlcUXw9!GpdMBu+^i
zDa1RJ+FIafm4I`-2_0J_-2xQ>v-)MzlJ8)xi`V2k(X6JcHUMSpzvZh0$KLfKouzKc
z=M49X>mUkGzUSPw9)e%bJ*M}>=88pL!{;v+vgx^u#q`=PDX;MJO>00|nUA?h#o~L;
zwA`-Szw;TrXe5?<u&Fag>lTL>wyMa^O{q1*XEe|J(yi(Xu^bbtH{jfJ%1Sn+ebiR^
zWIwubFY#C?*|U(HK`s+Zk?VD7Bs8oJCSyy}+?!l9(pxk5wlqk8McX3Ly(Oc*LiZO3
zLY(_7GI`jzAtRk`iU$V3*QSwbvdDG>z#y6ec7Lyk5(flwaX}IB2V%@eF6Y2rusB`H
z{*L7!a6<hSd4cP_$OYQ&TE4*p=`*W@gKUss-(PD=OYGM}FL|?J(YamP7!}u1o26U{
z?)S8`?9nV2YFI@3m4HEp$IPX5hR|?2MWPLo@5&1RLA97UU8^6yZCt}lAAPMK1-Fwh
z2q{K<R6Tu8l;l5`tqA^yocZ*{jF{9NOAijO52j!tEw|pDgP?OS7l;?9@lqZYZd&(W
zB``;7eGs*f7ROVVQX6)<;KkA0i5B&Zy#QFyq5<Apo#V2?%T9U*(N*ppBC}@eW|4+E
zb=c<qQ*UGwf*j<%C!W8)UqG*u`2opxbr9`OE|9MDJH-pi&IoW|nnkm3-?-f4<j+^$
zGw{Ur^Z7BL{KV9Q$ZJH8JAe4jq<-F#(?e%WEIm&4sz9l?7Xll6s%dJ^F~xx6%6Cpt
z`v8Axw^V||wQX|u%afmV>pY;jRzl*4MaE-bQH6E4;f9u*9!dpYN~H1!rR_-neNihe
zK`rC!k27Pn>dObp!7a+v-HeR-jYV_W-0g~TdnYX#IHLkqoiii#m8h3GJyy$hk)+dL
z1be{H*Z)$X*x$#`&&OO{ToBH4J?GhPgT8M-2EP|R`M374Yulq(-A0pm`!$j(Xl2t|
z#gWCpV*kX`<$amhPio|TbE8<(#dy!?9r6m$uw7?ND1Wf}{H;EnDA(;c?$4&h+TP=v
zcAdO)V<mlQeqh@`B#3Ug{OGyvZ>C|oMIsN|Tk`alCQ9N%B%)r%NVKoDpIWn%JVE^N
zH+jlfOq+q~#CZ6JqG3jy6#9Bi`78-AxT^D6cNoM|+*qA;o3-(pIzS28P2U565BWo)
z&1r)CiC(YWEy0(62kg2`Zue?th=&{@+wE54(EDYP+<hfC)mJarix1&}e`C_Gf+l2}
zf))&Z=|)I65~ko7&REg>cxG(^1^6fGBUzIX-jn$T$I2}C%solnVas2XmCeIXr{<k}
zu_pV^abF)+NkWlmKc(HkHw8g&2MC}K`>v7Uww9@6`%D3kDFw_BN$;&Nuciz7RzVoU
z_Fa=BMe)l$>`7~%qv=JxB6{wpnf(LVcEZ#wvUg4L)JllhVgB$mZcbm3RV`1kfuEhf
zXql64Um}R)8(Vzn7jDK}d2FiI$>dI+7y$QA2`TniLEJfb;kJ{mvKAqnhyD*q5=%0S
z{R7@lkIfw3YsyG#{BIRZY5^A<=UNh!u(0*{4<!uF^bCk6lDM2b(;4t2)l0dZZO(c_
zOdK<kO1n4<#xAci@~%b-jp(*n$IAd5f>6d+a_Tk~YPXqg*~-`3xIMoEV<bTKbCOW&
z5B*X`VHnZ}T#gr^XC&hjORVj{&Bo~e@=%z+Ha2GGC4P7wb~6dDL=rwu$bp_VDEVHF
zTq6mWfB}=h8ad%5CEF!6y_f!~xsRO>3spY1VQP9jI0F1YuhYcc@lLPpzFFpuo8sMq
zq)cA>ZR2OM3kQcy@1skG)tKlwcem{@&O^IzUzw{nds)5|N_!fJbpuKhv`x3Ny4u((
zH^&DyP&S2JcuaPpf+Xx@_5aC7f{M^vO@TZOM#*}ygYfRcsEy|RV*dRabW9c<MsCO_
z<bbC{)q#k|iHyNuMmO8+cyS<OXJ;~nVov|Vg=KG_?v2$N->Atw*aUh$lCd#Bg4ybC
zhW%(IlSPLaK3u|00OEPc5b@J7%eY&NV*bQSdfaDCQ~!V`Y(qhf;vsX08UkHD$`y)#
z8M~7iOuVSsm3sSU5HGpIlvg$~z!HXG*2wj5)&9nDH``DGa&f*rCON$>LVTZ__s`nq
zEs5kVd}m8Vc`vWfSynXIzi6BJk&mTDhQ;2<YkOaPD~EghqR<24^13^(2D*w93i0W2
zHvRk=Q26z@hP?Ih2z!#}rFQq|K$hFvQMks#EsYya`6}(V>Vmz>UMoYLm}#b9uMoYh
z63h1x)r`%R-$mv6X0nP(^}};-la;g!g@Bt2l&G8yZxCL0g{YI1O(8J?^0}Ve(6m}8
zUA*@yC`-f*RL9+hcXe8uZs4%lKf|7fs-H~sCs+}`K6SscX6T5>lnz6wlXT|`<&F*;
zC!KDMc8XOi54QA%RIARL^YhfLfn$0hhZUntM<eWk@lmA-R2}4WXbI%#f0{iy!tFWJ
z7ISrNc1?GfY1xA<?1^6=4Xuk6;}!IK=6HehhL>MK4Pg=P3*!Uw+P+{(I!>XRAmgMP
zhRVUxhHN^zRzPM|l3}e8fy%ex%*+X^im`(T!xZU9!43slJ96N*1&`DUjnR%Mk7|<w
z6}$Vvwe-wCHIyR8W{9m~D5~?7aaekX#uEyW-}*&Dtn8&R&uD(X%xtDHkB(;E?_d{V
zMKO6fj(R1Z9(AfVZvO6og8ii#KFHSWq(r9ABZ;I&wh@L#M2WoDCoY^tzm%!WNaOB+
zute>KYLdTZ9}{YoR1j>%SSgTwkklSACmZ2HG#*0qufKFHJy-^1{yv9lJaBQ96!bW2
zjDRw)7nhE09l~DIGtC};3Pzp=g3*Pb5kJs-q&xX{#}<xs%&wZw2%j#_<MpuHyvFr%
zM97@?uwTnjN7NXqha+e1MmG*VO+ylL!<0iS>n^_kdSu=6f)Ro@*m-($Vvy;=+M_R!
zBNgmFFFuqQ5`;<UN8}dm<QabWEa$AaBOM=Vq?Nc-`3y~olr>4>ZZH~-^jcJ-`s)=D
zh5KJwBDONSk+e86vJ!nS#2;ab>pEiQa3sh(uO&xPfV)`v-8|gF*rD#N-+Fg<cS1)2
z2Q%K-F6KwLAG_rG*1vr|9_h5$ZJC|RYoFpIvkEZE^W*gKI$@C}l+Wnz<zzVgY8oiW
zrox~b$1`sodqu&9^I)i^l8u~khzaX{m-gnUcWFVg4yvza&Sdfq?5}2Qh;sBF#2+VJ
zUllLF0zL?=AUDatj}H{82(NA*V<C6(S&yugalu`BL)u!9uS%>0A0Hg4$l^z0-q~+X
zPGp&HR;gd#3;b-@XMFY2eE92{WQD`x1Pc<X<-fpbw?u+)HHaF#ek9FHDI|MmWS4Xh
zbN>3+@bVqH)h3n5u#|b;8c@c|==5KW>XI5yp>-H8aG5L&7Pb}NH4%g=ne{$nt-~rN
zvvdT2P<W18>&(f1O(Wi2T(Vr*F03Cjzd4WJP`s2fDCDt4gI8VqjuzhPCQ~7y$HdsD
zM?SFZDj3N#Mm3T}gU*2=W}UH`Rsrim2o7T`wO0jqY=T7GB(d(=RJ5E5E;EBKuoX$;
zbA0?;U6+puYW#HMox#gkJi)nL)%b<-N%kk5-a-2HTMNv9j=+kYlH6b}dO5%S8RAz1
zGQ2Oexnj&+-O-j{`kH<c%W-rwPP48UJQQSHMy#**-@;tPMBmTR*?ps76>n6-K$vo8
zs_n;U;#QL9Z~==;dMJJQ#FpQkHO(H<%6_#&jbOTifrOOR1s0Nf2El@8pHhan-dYTx
zQDb2GNpO1JwMXTHE721~k7A?akUy^X8_B%olA+q9_CMMMSMqbU3>&ABu)5!bIa<~f
z>lM!=mlR5GO3n64%o4XR(Ev}eB&?lad|GG(VvyackgFx~sFBHUzFOdYGQg^K9`$&#
zhY3xiVEjskxnOX@Pn9OLL|RLidDs<EOGEW<s{<4Wc_gaS6q1|NzAVC6eM%9reB#;>
z#2`337i#;lpAPbXvi?P}pj_M>K+O{7c2ra;;Ad-3j`^a0<idFUe$lx6>}VH(G~JZ1
zOI~C540d*D=(qs;aTq7TKU^q1c_$Zd@e3MzNi2#78-7|vY=jtU_(-z*hmpbIZ~wK4
zYy|UFJC1_$s5dk=PptNNBZj{oKxUt_E}K3ae_X6?1T|&OC2<7eh4-;bbW01#bB)L%
z&)W2R(09BydPit~TJ}ybpE6mw?Aw5-6-&z|L9G+DpAsEL#k7L#oPQDrnG)S;BW_*d
zl!)Sg{WVxnJLQ6V=tc@?VB;;#r#-t<#d@>Zi&!h}*y(aV0|rX@6a`~p`-REhY^HfF
zF~Py$_o0`=Zv+LXwC5kgewY&RasEn)bFgqe^szwM@X=SKxqkC$#jAk2g{^C96>u~s
zY)RY-i0J<O3wfv%54)Se{!rrI-lVto9zN@CaBb_re6w}eG%f58L+VA;S`m603ASSq
zlm5FuU;h+zp)lwpOCo*E%z%Br)or7w`e}M)yJIlGcWO-VqurgI2NTkKW0#eF?^w4!
znaI>XJx_0Z!EaqjFqw~8I+yeGe><N-+p754biHrYzG>U{tAR&`l$amIN2NMh%!UbD
z@XyvfFhgF-g2~Yts0_|9<&DJ2Gsby?O)56qg7$)(8FW5S>d3eReh$7Y4x&2LK75~}
zd5oHpF{{yxmHEFmtJrwZzGf?|HB1L*wuy~ZZ(7a%Y&?@99uP$UzLIW1`wQJ)T}f3c
z<G9!Lwr@0&4Vd&TD|R!7xNzK#bMNu)FoUSB;?X%44coHAVPGpozgJoc#H%A9$FM5Z
zeo5yP|97a~+K2X_;HB?bnBOZ|ea~Y9lB<)xOmBMY&<mEb66ed%n>TUQv0|Gx+L*+#
z?|#PX3(V>Gm;opF#f)}ddWs~VTcoO>{Yt>LpWq7>B1x>L>=A82wEul<oFglabd~pY
zJ;BkLe8RG%z{4|9xQpAywX3=}*n8u?5Uh}uK_G35D1Zqkz@D4=F~yNl`kI*w$)9vc
zR3Di>xg*2NkMxaV<|N4ZrZAoY{N?{fw(nZ?<zY71p}!HeA0n+PgRm_80^V*|Sq&x*
zH^?970&(C3FpY#%#7b~$H38Z2Ul9PI@24nzue|?ZR}Jl%L16@tzG5NSF*dKFXfXP!
z+O<pcDnF8o_y@aS_Sp{|IrPMHAX%*tQ<AB?=@xyCyx*9(&9dB(G*j>yTo=f_gh`Yi
z4)n!RiF#+cxj)AeGYOb$JXJ>ZM`g~}{1_3NOovqK;ESm)aD%_k96(yW$5_x`Y|YqT
z_&O1lSiPfXCV)Z7DBlLIQ<CFm7MGPJe|*pXuFb<^BBHnK+@Vs3i<_J0WitRnRzQOj
zNsu9|oYzC=N-P@M1PsJ+l0fAzJDXrGl$f#zy1N{<nai&(4%)ogyy5u^$O+P-)kaH8
zbNzmQ7oXru3P6pci=B*v8h1#ud(d{#P!dXh%ICv^DF94*6JvfN9ZEGPYbu6cmWjOf
z2$CP5sVJf5Y81n(#~l1_12;T`?$1OWxl?^0qphSuuO&7@$B#KR;=-SlG=KV}f@55)
zD(J~Uj3MTyfk14%cm23#kA>&$wtfw;fYG35M4}zi1Q;&5p1{MR*s0gCCM=7yy|2om
z>NVh#Z2olmf!gP+3G8vZv$8@z1MAP<9UfZ_Osvui0{WJ;kbXLk9Q=Kj$`FxRs97y)
za>+UI&aw<1t|5A~f5RLG;(&vT<O|zZg!89Q$_h42v)RK8qiA-B*YobI>0XJL*Zb+F
zPLIIz`5%qh?c0H)iSv6WdhIkqDiP&=y2Ve+F0`i#A9P54thYbIcuUm#W&;&zck#Eh
zQTJw~-*vG?$m<tK#2eL5Wy;2Zcy=`1`nGi49&Wa*cW&wb;kkdK$%KvlPEg%ZRn?SF
z0VO?57yQ7c$CrjGPxYQmjGkYSCcqeKOKGa{#BR`)YCM^9K*{q0R7Xy5{gCx3FHlK*
zPXLKwH+fjUf?pmrVgORlk1a)*nWIjN=LO3@GDt-JEv9lUBJc9z^fW6Sj6}@i@o@3;
z_R!lHmlR2cya9#Z(w@bNYrW>-%%~IZCPYDgp*Zm~z7mJDSF5@n)6%q?wj4g45)P*a
zJLR7S(bAeeRJM9*k7FW*nNMT&q?HEYgDE<{zNJg&-r4YGWywDB0X2p`uzV^<MzRoK
zKH}_{M(Uh}J&KZo7l+!ggdyYr>g^oJEw>gbzL;y7PAW2TyOFkcHC!B@y(E~y2>7bs
zlEav(iY_#7oQ2k+^c^nu)+EG_C|lm6!ES4`Rn}bJma|EeUp5n=IaLO^-}nQcV&n%v
z{*mMz<mN&P{_Uv4B%ZQ!dQ&}uk<sG-fdxTSGU~_xeU8PROZx=cqnZ|B7~ij|8M59I
zs9IV)ToQ`(Uf1J`Suba0a(sKb%}|S@5qcE=c8<-YieJ8h9nA+HMJ-iTQ)bh4*~YEH
zVI@5;Ne3TTy)o|(`#rGc9ZUBKj3*63alEHrFXy!lnbSVJA4EuKApIVbuhR^Kt;%L(
zivc>0nfQ`g=D<hI?x=@pCTD=0b^iEGAMa7kEcoFKR`KkpK3t7X@<E@~O7Mtz9v<$*
zis6lLeZRJ;2?r>Q7R+UQGcfyDzgnp3aPq;pBJ;a=!xwQd65fe~cXAn~q(ucx8({??
zFYuvoC30xHM)(Uz$go|@c*c<&#YZVTeNQJ4*aI}U&Z&+6N%am+BaRA7tn+tY!zO(R
zkP5pH04Ph$0LJN>a&cHlTZ}VzKI}g2?=wR$qNwHmW_Wu;yU)}3TJlJT!g^N|o7IGu
zg@o$AicC}9$`-{<y8fVU3k=I9{s6$zD22g0Nx`Q2y|~OIkC2qtEq`X#KAJaZbm<+y
zJxGqKS^PDbPp>&!ldfk^N4!&s6yV4x&Z#@`Hbx?-hTEs?{^dY~cL;>4ssvBQjE5}*
zAqgXs==XQ*8&B79gZIsN#E_$X40+U{P@h{ZCTvC`#)`XTX;g1rdw3uWIDG;qS=AN~
zS-ae{k`>>XM~Ct~lNf75%$%$1b*{eYKLcViS@hTf>^rf#ViH8a*GlFe`cJwr>NdV&
zuQMfMJ8}t-P^`V3zaw)po^!5ogO_D|v8w$!(j31bjfB_7>%7Xg{c>Q5TFdnxHU5&N
zh!$2~XDJ6D@xvHWx0W7nv)uN31WjvBTQB9=&{N>1s@s$tStiK(NMQdyXCnYk?!)iq
z{$^`)pgU(t>W0L{Q@p{O9OLdxo&SmKX$$a220pe-zMm*fLF$2gbi>8pm{Q_X62jDd
zjI!^1yCLusB<DJOf{dhP0CA%P?;-Y>CkSoG*JK?^Yc?tu@q-gTh1{b`9{eCS0-m|i
z@R&U`BK%3_;-@+e^N#kgeE3Y?bPD#E=!SX0UYQh2KhZ?<U$#M8&O}8AW;nax-Pn$(
z&=t|MgY%c0jIu?WHII{u6W8w;m5{#^85`NaXchGw^(G{mrI@-kXQYDEWaqE5L?Y8e
zj5UuQ>}D#+1-Rbo)Jb{${g$HC9R)jjg{_GNYBcXeM>4{J`8uB&!$qzoM(kz8Cf;zt
zDSCC-NC36Q`;}!XZ526k5lc0?{$gUKRD*53-QDfhdSapbgzxq6g{$h6<m{Xt=_;3B
z1@}JG1dm$_6;HWMph=yTjwdR#=`zoU&-!s}k#%r|=|NMZO6<mg?e{TSojJ$W3>I3j
zxd!%{*^^H<VPl<U@;SL>4lf&;ApeBIKS8%wA3Y5_Hvu*Ru<dP}X6RY&sHZ}e*h)XO
zuBiNdpSl4-smmtC$8AeYwqow+ISTqxS8lraN7LwwgS5zH*3gGPwL6&5B^NBNM%2RZ
zn9MkE78||V=X<)R&xc9XuHJ1wcxAJ8KbHz8OZI1+BhFZhcuY7t$?iRBPCiojRQaks
z8F^}vv;*;9Czkmj7iZr$ysr27xIGJ-ckYlMl>qu%?&639c)PQVqf4!Mw=fz(ax8bP
zG{<^+)hEMr!FNwaxftt}Iu{Fg;E{8g)+dv$S=beo*K;t1W5jlz{gxWIWz)!yJ}9GY
z=sarMh$ekLrV0iyN{;HN;>KlCdqGmQxOnt&)iWy%)u+|a^NR*_{A95Tt=Ad)P{j9g
zsn_W;Dr*1v*vRC&`bS9bhMSbJL8p7)fH+7*wte}JF3B`*pHtC>Gt1^!CG~aS&2WAO
zX<LTF!s|rw*<W3*ENZdtXxd`xpS3kEhR;>deV!&`b~O~PgVFvc;hQLRqDOoN0zhqa
zb8F3={>AfV(k(c(a2TiEIb-T>+IwN~UQ~C6;*(A_M{<a8qn?4*xX#!CN(`BC<I<XE
zE%n;7<)Ypc>LG6Ww?{rMlxuuq7oIof-=Qy_m66&nNw5Ho3lTq0P0~EnASm>?3p4;_
z`xcjZ&|gIw8rOXIJ99CJ!B>Q=Du|L`oY9U4fa<FT0o^xkbnF@Vb=q$=;gQ6`qkoOT
z9L6w$VL)GF<AU4*xM7(7`a*cTlJ8&BoOrv+?wfcSqsK#!!rW|jRJ>AmFA?5FLBbO?
z-!`=Y$}tr#I8AE#S#!Z_f81nTFq?lvUxP}9XRRiD3P+hx-yYEzvfbSvo;3EekD;!`
zd}zny_Zl{a0RTu*CwI1?T>HibjX5s*o$MT}4L8?}Z!gH9^8H@Vin?aicq0HB56lXX
z`yB|N_Kolz>UoSZgz)`lfXvhX^JqFQ2sk5``(UaEEF^!sUxXeLl+pZ<<h7C%#PLQ`
zztKNqMV>a2A3`?Xgt~2y8Et_@YA*O{9?pGU;Qx7L>^`fa{Z=C)%y1+rh`G}n0RY%U
zjw^erwe#|V%xVKOE8Zlz^&m}_FhB^5-k1R5f--({1TkQ~oz`Bs+|_Riy!oOFv38S>
zVHbqc?>qzx06g#m52t$cmZO6{y$Puaf<#?DfG7Sj9FPfQXaD}4^dIMVX^;w`@@7c`
zKWiisFR*iO4&Pz|qJtvjs8AaVmoR>!CT6?Byj>Uy!;2BI!h05NExx^Sqa=RZ8C-4y
z_`>@#Fx*8rDV!8sj(EPWgn83$NbnV1gF~5eG4@RSvmt@1g#6I=ais3XirV~Os4O9i
zoxClM21;zu^TWvFBF(9M!h4}m20~&DH0vdrw%8{?EoLX;FR@p*%L9zRhvsjVxM|9d
zR&;+}D-pKL$ZTfC5f^vga#URu=80A4MFiXV1$g9{xyWN3@pkSi)AcwB3^#goBwAvh
z1Z98Y<|><;q3yu5pO4BCM%j4RM*(VoxJGn^({Mupa5EC_!yP#7rres<tIAO}xk~Ov
zy^JT4#9L&Ps7Huz3HdZz{%X?KK-w8yU@I!GH4U+-)A%glEMSKAn<06;dEGVeZQq?3
zl^4dvV3^S8b`&Y<D26Y?E+3>mTT^xf=U(+$cDlqS^Rq}8q{jA^B4%N^WfA-KYA^|Y
zJAzy)Y{)+*95=EyNi5~1=KEKmD!giMu4C)$ZN16-P=%LK&kewcj2p0NZa|?9%-=3q
zI*QB?SG9|HjpV3dg8oq{<G3=+v`@B-M_Zwyz=)M(Fj{do{rTagqT<z<MvZmXwNYh)
zc2{0OXSC6J$yr<@CorIi@(5GHq|?7fG*j1(S&9~;HO?hP{rYzFQ!Rh2jAV)MD?M^;
zOj}!UXf&-VVqUAu=>=tJ->9~)NfyD}Nlq$loaJhH&*D~Z;5kfZ!v1~5?rQCsl8fWW
zDvJ<<aUL1%ma!ig@oB}~+iJx@#TedK4Bd!~FA1K9A2@O*p>5lOCZRBwE?>)Vdlj{Y
zAzCr(F_?JTpirw+HXoM<94=eYwC0vw%rj+fTyI}WrS?&F1!pWA6V))HqSQ1XU{|Pq
zM?6b1F!pPr)Uek2+3EiwSnMdiVnXV7{<un!K>6d-r`bQz`6iNOWt4oyBEdB!_EGqB
zrE@e*H*VU@ddxNPw6E!vil$j%bC#7}GqSE0%MYZUbrJr^8}Gd6r+<>Ws~Q?Dob1yW
zNQ{iJD41C!XtHuzNxTUJBeK(Gvwuv!O=bV2^|>3NYX_m0|G}3*{W3q(&K3iyv_Z9O
zDdM>FPuU_}L%dpq`0i=jbf!BGO-ag-zM+f7t?ueq2cwT|9Fhx`->li(@l=6sS`NJG
zzz1rQI=9F1)#>^i#t)XAK3CFT&|k8>x9RB7Oy{LX?<;aVXa4?PxW(G5ojrQLM@TgN
z(L!@NM|VwC>!#P(v}1GKiXyY$!`G7Xu6_E}OW^2pn+V+l^SxJ2sq)y|boB>K;Dcv2
znDRCyygtPWclZxFAPRp-Fh^eeA-o@;Q9T|>Le7U1AFgWwny3BI8^d9qWGX<qmr>bJ
zS@@;4?YFwE^WlvM9ZSlYOS!9V1@ZmZRBhKv?Df4AIc+SD3{g7Dt|Kj&M`ol&$Z&jd
zGSw|;tsLY^RH3d|+XioIv{n}^?C~RYJVBkEYTb>Gm1G*TO?0%0Gz+oB+~@GU^Nfub
z!6n1OKi<b;p}uZRFI=WhY1zA+DruztI*G)H3gP*pA&$*_(4p?hRR`M@`%a^H@u{(I
ze`FLZtLIDXtk*XRqrGmLPfaEQr0le{M%djlr?=c<E)*WCCy5dkbbm<*f_J`c1Q9vx
zTmMdaMz_&4WT{Cj*k&Q^&Rn*?rEd}ohzp<lQK4L#n9BJne0lE~VJKapV*X4^@)Uhl
z2t2(iphnU*m&=_j-SKUuVG#M=ga9795iuDaG`8%3pM^T&v^}J;lW$$P`+Sf3Av^8N
zO$3-aClxgW1VoXvXGFZ`LPX;f%T=H*t8Tf{h9%$s#Mw*pO_`<q$K2S`QU!NL{;+>^
zy5zaC6z4p~&$__yRkmUKO14$+Pd5H^rUZ(>z?~Q6Nz$xvb;l-Vd9F^Mf(&b0L*u)Z
zX*0tjBboLyucOY|Y_`zp!w4(_OLtc51F!k&w0(1hR8Q-|sNkh^x|T|h|3Vz5mVenH
zpm8r|Dc&^kK!mJFT(m*4%@vH<xV~y7w(o4|xL?pJ)DDS#`>620K2*s>-7JiTepU}Y
zBjGw|Ku41lidE~RLNzhHuNSdWJ=w+AI=LB+E}Z+ZfkKIzZmq6y(d)>HYfdAXH!q#V
zh1IZgLVXkEk-3FVbt~)1_0z2*uM<-i_<&U)u1ArFFWG38YAO2Hfu_+>^6%~)JIWi5
z!VSY(j?PYKUz8aqtcy^#GhEzv8ExH!CKVt6-g7!ie2%5l4=XwTYX2uT-*6*r-qO^^
z%nh#~r-+isL7?QyCTt-3@mqqVJ^N$bZlHEk*HUmie8C5aZ`YO)19sH7Vd5xnN);s%
z&BjM4|4<OWeZRy;q=uFxye-8&Hr(;2yM;8J<TFn|q**mrOUJ*kAW+-2T&rF(#;9Ug
zB0Mocz7;3F%JZdaLWLQ??Lmr4!28q@oKC@9IpV*6#HfZV>*_gvB0!s44mad)YqCsc
z?AJzK&u}5Nd>18E0CAaQWs*8LDMAvFp>Isx-&bIrw@5LOlJ9xXnZ~Y1PBhOkWP*-$
z*}*~*Puni?h0KGro}v1h?1?g)hzu1h4lwG*^7QE0Gd8&6nQla@RY;4G#E>nOE!!)%
zvCj$d*~#B_V6&>Rg{Z~iY5j|m2Psu;L&Px&%fX8)>$Ej9El;!#<?hv4ca&uFt7|g-
zM#hw<a4N5n-ejSaXm7ia$gufrrN}RV-T&gdf1G&OFf0he3#%mR^9&21`mvvAbm^wK
z`Tp9Wahq{t%(^a<BUUG8?#Et$;!XHx*2C!Qnz-B1Xna+T4i+ozH8e)lc1F%gueG2l
zzR+9E3iA<+$#SPoA5j+ekNF<K(^8aJJ{)?;{(2Mpx=f}!QdY{YsU?Q=2|pMm=ln?=
z_8I>JW_S!v=Fh0BJo-cK8Zd5}e=e5Z$HEVDE*?8whlS7cxw(fiI9X7a?Zuvkdz@Eh
zHCQJ22<KueFM8^JBS)&RP|K2&$6fk7EB`NWjV<cX2$q@K*rtuE3K<k!-#QM)MJ_Nl
z+vJovi~hXl{ick6J<dEN&#p$!xgu$4RNiAkf&aGwx%6#73_N``E(VQX4v<T8b#=9Y
z&7S($%1U+rkEE*%imPeXKtdoaF3aNXixV7z1$SNC-QC@STX47Fvbehw+=4?05Zv7^
z?{|M})z;LhbEco}>1mrDVk~b*Sw&r>ce6^662N0zRTi<%zf5m`QmT0H+eavVZsop*
z4mEBNo8*VtmGa*B^3Tp}Kd46=7Kx?}-hwAHk=Ht$z03=%zI)yX)TMnr8V{VcuH0?g
zsf>4KR^J{hUEG=dxl@f;zaTDwt=(H-Dnqk&*QUaThrk{~_MSMednaxkOJIS|Y<wA*
z4F5`O2R5hBOM!!7X+oz3gtyMFJWwu|CB!tAY`j`Updl_7inS5PEXs9`!&ABQmuXD?
z+rxDeR<Jfv2~Eldum7zY=B!2hBAnb@{F?SIKF7^3iru+}+s9@v_|_84laEc5%P;k~
z1lBR<1lCtnm^^cZGa_9sgVwFZQCgip4`|X?!T--UXfoR9@*ZwsK`|54JNwQv^%a@N
zkzpjsF`UGqM7f>z`AJz>yeO~941MSC#jo_)E=D@WnY9>o?Z#E&qKz3m((x6uP`SEK
zLJ3UG?F8tViZ$EYwq;-Uj+mq?^cRj+hl|H&?JIIs`4>2b)fVasElU^=UTe0c#QwFw
zXpmpDtCYIOmZR(?AGZ}{npAYGAIn7<^xeU1O50TM8_PD25fCKyfe%X1T@fuLv<oq>
z>*U_YAOirHIN}jFG6)dWS$VncWVr)ZCLa5BLN7A@i^*H%@hn$1v|f6#QR<KRYq|~<
zfu?Xi0k1Y^{pXumd9(57cQzLMU~9^zqf0H`RR8)7)221Qny~!cNW1gt#-B}fn+>$D
z7W=c*cw!@JsP_=l==r}%y%71!uFeiSIU_N+ztV{j!L1}br^qY1j`}M9KWNbSU!i*l
zqKUY7lc|jm%iOLQ%7<;A&~EFFX!8eHkkek0q>fj}zM*-}>dK#uhdLm`$y{?nl|V=h
z{3(82?K2Ez0w)<D9{$~+b`K^qr%Z?!6T$rau2z{*VV<*!ixJ)*03yI}%2;~B!bnlR
zy9ORw=zQ_-4vGP3#E&rW`@jd$Nv!`o3l^3pp^e?=PWt~I>ibbMCH7ePNcir6sF)>>
z^--rsQ2M>Zwd?=q?aWr9tGyQhmPubz{pabR$dF^aJ5>P^{mYqL<}(NgItlO>N6fG=
zTQld6$HzDQ-tbFdS^odIMf|8;Z^vje|5DLNlBZ9X?!+E%-~AYVB&UV-)EQ<HLHhi4
zs2VZMmJ&JtTjU5_!7L4AvPqb_ROH<giibxsA?t>H|B?_8W~2H2gJ78dCSG?gru30y
z*H5ZQzvG=CQh?C?^TX9ts5c6avCTFe42%gZW80%=qvI6i>>jh;|K8N_Z{PoJ>Z?J}
z;X4H*a3<UAvpFP=LGQE+0Z9SjR-6n{)!s*Ob#*X-sKquzb;v<#ZuLRsmHfOg_g`;M
znK)zEH%UCy84i=*Mx`@h$0e(G@se0l08%fQXvAySTyG)V8!XC_JkhnR%rpkEZ3bx>
z8H68<uj&N$bv`-<#&f1BN#kfMVQOB7Io(1eI?J(txE4!G=vv+tbXk($=(wCso?W0D
z@yX*vZ4XX77nE=cJIR&p@0^`^;#H|fwXegj?IymW2|R)&!Gu2}8Z0ipp}dTlD7X3}
zQy&BZOg{LntT|^f7PH{LDDvj$-oO{-wly)7N!E}4Sl^(|N{$?@^Ej4F9S9l-s>O`(
z763K~s&SMLSm5&+&>{>>0E#%boV2s`c#pZv*b*d%(lVL}vYgeM8S-rT2*4?B9T0ev
zJ*`%qJpmjG?AoZ5fCc)b{Ov2t&G=daCv$<-)$9#vs-vOCmBN=gDj+2g6^c1Z7~`h<
zvo;~2x7Szn;TD0Ai<Dxpqv#=J*`W_K^J|qypa}ni#MO}OKnu26>M9dE<nn>jg={O^
zL5!%T)Rf$zk}Ncrlp`bJGl-~R;?ArzAXBY4aV|m}T6*~)D<Lo^4VJVF^wtF;hXM8x
zp3KZ1_3$szP;|ayFfzxt$QGLf<L_L%NSDNweGZZwK5k&GXE{-TCz4J^rdf>)9gYKd
z>yiROpXG6o7@y=#$60UHTrU^vDq*EyhaK55RA?bU@o0sxHSXn%mn^yGB_=Hg>r&M*
zGZ`wh0<t5{Mt_}nNIV4HJe7T;X5g{C9U-}}P#Of{<e@`u%_86EMn~2fd^8*o-3Srk
z`Y~#e67<*`c%f1<^aSM?AH)$K0bE6faD|Xq7mnH6@H3q`3cH=@*_E7bFc4ZRr59E{
zuQ5my8|%hMBFR^Z=7ZF)I<zLjjgJ%UCKupvO%!rk8YV;$@6_nyvFPpGp&$_<$#=nc
zhRcu?tr_kk4Z9%&Qqv@}upCzs2B%<##l&C?lwHN+R&vvg#ieT!ser=6$P+@CEJ$ms
z8B*J5$%hVGL&&kDilZabR-%(m21HJY|Ay*rDs69gopP$$z1RUX9kQM#h7lI+C!whI
zr3^!r(XvCOSviL4`AS%$l){t`piBt4e2WP(1%Tt?&RtpE<8olFqfEalLKv({-$f4~
ztJsBTr~D^?|HAd}6R$^pZEZPYyY&jibXN^*bYmk&vULaW@hKza#130#pgrX$V6#5r
zL=>}-G_M}WPAPJaGAI+tcf>$O)+bLU05F4v67Hw`UO&cn8>?gh`+~36Yp^#5!++}X
z8hLXC+FhM&PZkF{<mIM0zU3$U4L6J>3wzxFlt4LH8Ghh7&t<r4Ih#{`bVk|}fkIet
zqYx37S<5Jau})Z{4j|y)FF=E1GeaF7k3(N3T4_DRQqAt%*wy?*L*uD*g=$^xG|opX
z(I#$OE^(KRm|F&jYhEYhcP8#-D`6=N)7s=NW0lGFn(Cd*7gu=`po95-ePbrq(qh4J
zM{J)Br!2^2IHb?M1={3x^%vKEG$RcsYx(EIL43>Sx*!BeA#h7T=(LiVu#vElp@oHo
zpCw(w_YONOspTaBUT$vQHZJCoVQOk|^B=zvN`l=mZkg}zA6Q8KBG3Fo$+(lK)_eMw
z`}Of(61zr8KgU3*Nn+D*(lh#*H3bkR)SIRI{C6E7lFyx3u)~>V$qH!3<Z@EMux?au
z;CowHf7KhDj1wa+=NJ|U8_eRB#6N!6$8f$TWuIrM8A$h5yU-AAHfpBeAx%Y+7eA#z
zzib0dbCq!h*wX?q0c!Y@NMM(#W3UQJWG(S%XVI2zUQmC2+#KDvscRC!$A4(%li+I@
zKyOP-)A9+Y7W*0Sspz5&(&F!LEII;Ut{39G8MuA{>j-1(ko-IG*870Ft3qKjPrpI@
zX>VC;e=it;m^}HAG)PCEgeLlxk|ZkBlbPTBDy0(d40j9(4q!3|p$!j!$1)0p#jGnP
z|FHR_#25h|0pF;#&dSfvD%|adRo3nA(%|o}m&c?d4$xpd44!jqZ#<2XHCY)tSccfR
zx_%)t=4lt-zAM2r%xQw>i3NN*LC60|5&fGcW@)fb!~gBDD;^hrSmeZ&uq%Q?Tvp6_
zP{dJ3wL<{8PMeE_|M&H|6jh4kpb@^DZBf5r-%~$YX12ApoM*S9x<QW5&abfyj@`<2
z&8)E=6ZQ{0y%RsAbHJ~A<)lzjsNy(aKA9m+Sx^Kcwf)$!SWTM-kPc5UTz7DN=_DaB
z>>x|B$SABm3XB_WCHVBA2L=o_0YMe;Ym!2{{naJ_H}#5dN57}~E@H(`4NIXc(-qno
z5V>OY(1bM5&jWlwjDL4XWqdf@ex-~$t%a0Kp(CVWL=iB0BFY0h6R=3u$-_wbA6)Zd
zhbO0gcwzO!n!fh>Yhi{iiKI4;D%s#`@Hyx0;$>axxyO$&Magwm*1)bg7ckJ78@Weh
zx@o%qyYH+=Cs;^Nh~*>xXwW$?>ZTaJ#XsUtX12DbSK%ZbAkO<+ZsF)NeB&Jsg*@t6
zDUF>?W-<nTviH=Y=E5S-`0-Y|1FG3eZagjC^qvM_PDX+sLCUvTB-ah1eBW27hatZD
z-6#;rSr9cGK%<|7fIyFoUw%IV%h_2znv^z@G$nP;G9?E87!Kh2f>2f{83pcc9#aD<
z>b0b%Cd3#Edk}@^IuWyQIH8Hgz?*Is5uO;Aq3r&Wj0qL*){n>e2z({lT%k`jWZCq~
zWVRr{1pymjhdzT@lBJ2ETMWrr<u<Pq@9R?7id^pIrZZrBkT?vwa~ONIA0EE>RiP9r
z+_6DDyCB95y5W9O>Ls-F@1BkDMC_~3)5Oz@<@v+O)D>@u2M8RF<KlGkKIF{M4rpWk
z8|r2xY(cI&&xhX<{{9DppHbpyhN)yOb*3d=K2GkIE_s1kxqq|9N<DsCA!iFlEdP9h
z%g)Ste7&}ULrM!K2%RI&CqP6{AMBNtooQxi^`Ghx27SEP_!iXSL0C9o*gJ_KFD7Dt
z)&ryU4NKVwyQh{7ddTwIMpzr58Q*I(zt**a4iT~~YNusxAOoPR^^?|a+0p?TD-{Fc
zDCuhBCDMD>OFM+DbfbHM_`2D<6`jI3xlHX>=HK=CyjVuMCtldfYbXYC@K51c4I04E
z!92Qc)DUg)!rk(N{>$OLBR96?bKk+nYwQAd)!fA>_qwqS9>4<OD*H+Qgps4(p*scF
z#CBe+&55XdN%4(1O!P}aEJ-*l$@}iI8cm&e%!9P)uTKCY3cH7g-xwowv~ny)u<Rpf
zI0d(|`75os(qUdR9wJ2ly(dWMLmTC<kt4I-!>OW_L{51H!w+Yl1ihc;2cvfOr~IdH
zP<ff+_EJ;sDYK(#D;bSp-B`{vV5<~D%XdSao@yPuZ~+>(WezXb%psxQPA2`}4YrTY
zy5HJ(743w;KLA>e>O`6iD?L%|zVWas``Ucqzfr{<?aJ53YhnA}>;GHF(=&mpk~C;@
zVweX1jy`~3!hOAS@+}qJu|`eyU;MOL#!$WKkovPg;uwc6zj_93eLU!(MfEdua%>h>
zWPm&W>Qf=T7VmZ<NWjp{{4dJ+<%@qZaz!)QR<c+JeaSA5NYOjyN?4zBtX;6AGN;&0
zM?S@4jP0(o^la`nHz5^dIVmwct!1*f8$c1`>X+k7R40%Y2FvVp+W1y6%!Q4%6@rks
z!Vb;zrGr7>7DBf|Ry+wXx*{=}Fmg?ul6RJTm}|s9N38rKj@#k_FVGH<`gWMRul9nx
z8+vnN_D-R}M3+H+R?TcY?usOQ6^QS>1&hr{`{+F!Ffn8}&}MnZw^sxRQEWY@5d0q=
zEKjK%wdaFz_2Jg!Cqag9Ip)QPa+FmINv&3@A8$T}84{!Il64%U3F0@b+Kf_8g}c6v
zhzuDoG{wWaa2{rB%**SIG$H_0-t4Wex2R`b^X1(YA{NBF&JFCbA__8A#1d`o%*Gd_
z_6~)F{sI)b=-40HbV(T>z*s9A;xXj<Lez6wK6YIEZkZTJ7Cp|I%`W;)g;PNTeaEQ>
z5!bkz5q)sTju2AQ{2Xh%?wCvn8De1QLW8J5AX<Nlx$&MBH6?}iNFRj(ERrDMao>=*
zH*{Jp)9KZ;4kpyU-BJw}@X!hN$;J(Z|A9hEZ)5K*kSv|T+6r#T6uz^+Z7m10tgdS2
zN@Y0MQ36bQOilfMRx)AO?K42n_m`Lbr73`@tM8J+ZE)$?a7vAdT{fnpX2FKnJp_y{
z=9~W*xCd;>V{H8qc`d6zK(WL|e+iM%^tgZM4@V>E)PWhCi~+6$ho<{y9|(H8xw!0g
zz5rAu^6}@y9^Xm>=l@b;&Xenv?uBL#VMKSpeDLW?uDNp(&RC;2FB@PPESL*E?f#U!
zzOg*AH+j~hc<EL7Gps3|5(vjo*_U=ON(d3aD-6;td;3lh0S~i1&S?UBq9aK~e$IK-
zAWR}7S|D|V;zmFszF)=!2E{BHEQ!3&?fPM#k16jff+}BaEh5<E&GFNTTpBNpJsg0+
zTeBtLmNDyOxb|l)49@S$J$Miw*yk-P)PC&d6<BklnZ2PrYF@314wz<wqi&Lku2B}&
z?6qY~&Wf=klLEIuyiL5elfMuNv&SkgjQ1Vpn!nwa^nXeC`P0ifrYIO#5jia;0tQo_
zd=kx)FXF)OW=%@ZISm{Wy153u&`m7lEY_3G_kRFD&;Ox5{-y^?&Kj*u1Qj-g3zv$2
zNtldPocBIcL+b|h)^6%6Try<KS&%PW2C<ADhfphbDSjjGZpAB23WfcFvz8nw8+KY2
zum^%c;FwZe-#m8Z9gh)cR5J=R!N!}oox2G>I+#0oo1g_r?X_u2zTF*veT{k1<*O4y
zFlL?X`XLPqm^&wci?$Sk9jlQnS_y{_FhoN+M<@Pjg#h$X5~yXV&kUVYLut!%d-W{y
zK8#y0sCOXj7v%q@MB*ojadyiY1y9Dzq8S)!1B8qKz(0=6VI?$sPp}}hW-_Y`=fCkV
zV@JlHB89|S*QQmNDS<#n`km|B+eZd#Z|{{-E2ardfCyIE9SrF4(Te5!f|yn<{4%Jb
zd2l(6479jx)8^UzH9=^!_g}7pj;$ls0aNXHxd?5~5B6!;+{S45s&8g7ynp|Jis(R2
zFHwW#<}?!R?pB|y%AX!Ti>gLbE7Nc!h?}t--dV_R|A-l4$rvi7tg#cpvh>%ZWq<D-
z<|+L92w7;}+nA7qm!J^>g+zY)_#x>VZO=YD8AHgHGfA~A<-0|xmBc=K<w7J+x~kE-
z_9nFJbfi#1A)mz2slp7Pd9%K?f8;dlHAIt_t@X;;=N7C~{53@Zd`4PV9@lJnY6Gv?
zp#Y+^)&|9hcAQixC@wGl*#Q;((h}oFlys3XvMj*St^ja!c7bQ4G&Nn&ekX&RvG52$
z4G8z33x*t;_kIR{6s*__J=Bzh9|+Pm=#@=GF%>rIJ&d@ntO-V{G0CU7tOqPPCYNtm
z&yjV7E&i?7(vJSIICd|)B3gHz`*qT9l(;K`5;>$#CUf<1(29Jy<#&}!^p5&GE5Z~)
zaEE+82w(aB-Q1Su+Ux=&(vkud3(LNNg)|-NU6Wn^Rp6j30xLvxGaj$A_<=Y%+bwy*
zmDHGv%p`@hX)2^Fkulk)Yz`rJHU1|y%2=Nxk%jbV3$uh0xvzZs(pi@>fnd#sSK25=
z7?@wv{B^*npNHa2Ki9f7jbPDGo??!Up5%mRpReZ>U_{GIuF=B%_6h{t_kOKG9}m&>
z`>|you@;RP8Lh{1kuy+7``qj6-)6(WU?gx62EfWbLynq<>9eJ9$sBF;kSaNUcf27`
zd%SOm0rJ}eamu#x1HfH-vTv-abo-Ngu;@(?yo(TVEej@!Q&_h5Iy_Ifj4IF|HlnW-
z^4LcuAW_MY{4UL;z-fEwFF>T5y1W}x48WjK3_RBu(!vv$sCq4@&tS&@+?V|GGh;G@
zP)NXvp)geX1sOo&_q2*Nd{{2(gEBi&5?%JFS<284`7-qJj2f*y`-B->d%lyODOnSe
z->wlto%k(T^ZN%tg{A0^yzjAjL~>t`!Ys6!8=N)v^FyP@L=vlvVPpHf%g~YjopA|;
zI%!H`$DKAs!YfCOSN@7nr2QL$<k^Dj4ayUI`BK|+(|I)sBkqtz6B0EecKG+;j+zyz
zN;soKa;}8=2n9P((ZUEzY6PG#<_voR6>&xTfN#=ixb}CFH&kaU@iXbY&p9YNG~{%X
zA2<FdFTq5R4J22Ye_aSvS%Vw(kCrf-sUt=a9dfU$lRtwtz7h<t4CK9vDBNf-TFNwp
z(|e&=5`n!`1V8V5HDXQae9+Z~)=Fyaxj_RwJ9Jo5#IdG&`ktMEdk&1tZNZJ(V{dGL
zRxR}w?NZK+)23MXSxlD9O7$?MiHR~*vi|oatk^9MUIVqv-!O@b6_O2+Qv)dA0J^Ej
zS-7U5%^C0cE!;Zwjv+XFSCV9jckZh}zwcrFf&(<(Vgx&dXs?VcdH~f?%CL>dnw7w>
zB;NaXtDJ7Po&@mhQ8o)6$E6N169x0NSg36Uvy^^V-{j44TmZJ^kpm0`A91J(BzcQI
zj}(aYJ+jvLy^Vl_U`;^1225T8oYTJs^^o`M5LWG&0kVn)fw+*o;Fk|x&>lVrDXuqh
zVywxK8{yp7=i6PZ>G!h_JlLiOJ}zBTo;fPC{G5EPI?qpMG?064k_gI26$q(gv_VTV
z(d>!39#m*_dqqp7$32pp;v?c(MB2U*87a$iH8a+!7p5^D91gtRP?>A$zT(bjGJ|Xe
z!@sCN2Xcc<QWm#aasFwY3Of87H-?0q_aYaQ3JHva<9?#GJzcRs4syuJe4hb;@n%Nw
z_0#8it(f5oPN30lJbAy2J2m9@>&uZ{%~aR@pZclFR=7v%s|QZcAqY$%E$Xl<auQ`q
zF&-Dt&%vJOg2dlv*R7%$1nTl5B%jUo0yJl@L1@39a6Yb<!Gyjazw5J%l#KO<rJ&1l
zHv)BC@N3rU$z=;0CD8i4z$L*TA$~$cT;=%KY}?1;RJUgws5@DM+Vyy7@9%wK1Uh51
z>Ez<$Yk$dRBqe*&_qSC06g<hs_r(a_s|@|BNwjT!i~(5m;A2szlQKJ?dNNmP5Jfgt
z3RMSJe-TIOmD6fDg6ff_(^prT2C<6%bfXyl7dzXS+-g*X0luy!!jSs@ig-NN+Gt^^
z_LoiwWkynM=y$gp7=|5h_X~K<wzU?Wnk9>$0Bo??)x@`Y1_KuW-{5mPzG<IC$^lC|
zi3y;TQX&jL;tdFt;$}sjgWR9*H`h>Wk#BdzZ$KTM=m+TYjA1SPsqb+n;Q)(1u)&6F
zy+O#ouWYbsSb@MUvt}Z&kMY^24a+aO<IQ8^-e0;kZzmPZ-8s2a8rXk;iK6x|;~xS3
z4>IGGXij_BKo?WNB<c+}$!2ZOK{(r?Bn-cx3^TLSgmq<&p;2t)x3a&G85+j58|D1^
z1U*g7C{A%XjLqb6jRQ34^u|^mZZ7?J>Zy~N4*<a6ig;}e#P;5R;x0`<7~Jx$NC3CO
z3nxJ`GCA3?JnJh6P*yoMhwVuXA%&hyxvw_ozMRUS$H5@!`^1(y5ZA&qbxk_9F+uSY
z9E?CVv_6-kG&19RC!y*ExG7Xwg{3>_39nk6o#^g=aN2Ys!7i}Eu(2xG2{7S=VUAh#
zLO8b9HO`cEJHH);DfBuJ3r$uy0t~U>mJQzazP>8)dQJt!!87Vrsdv9V_W6`t_GVkl
zpgUh(?!Gl0?~b2!=XS^24yso;+AdA&;9uDD6|Giv7zL6f|Do<wnQgoAI!|9uqze^?
z<`i5TB`8{6mN_hlwkEKveN$?`(anri>PQ^>sIi|JSy~z)&o-ivvl?thip~=4;Q!^{
zwVXy+FYH?l34o)<3~fN9Q=73wOHO2H>JwnG{_oF|tIxo$`_5ux(Fsjs*kc^vPa_c1
zrnZ)r&ZFfxayZs!wRuV+N5ge?Ad}Ahk-m4QUGq|fdeu$=0B}?i0*@3uXDERA3kMOn
zp5qSwT|@1C5n2Fw;`E=$d+6hgy0zbUE)1Hwce{juhRWA#W_0prz3dORU!Kr#-*$K1
zQGu@yJJMvCwra*pC5=do8bpJC@e*e}gwYY-BVjI)i-=^T=WG(nq}__Q2e)t8>P1YN
zV}imm|EhKlKX9O=V|<*xy}O`iEtU%V>6(R?90rxSU5HSnPNA^K7}1?7`Yr`<7a*Z)
zeB_^C%Ra2GL~Z#!HGe2d)nkM|2mUDW9Q*w*X;h!5F~t4R43I4zk^ZWx)ByhYQ#Ri6
z@E;`4MO%y)gnXCqoia(UE8(KghYFrt+1nnBY}D$}n#Bx?p3Fu8_KaB8lb-KtkdpT5
z^!E0pb_eee8Uz-58X~hIt1Mcn(N~GomwZQ7kl}7V-FD3bV|<3G-Gn8_oJc4Ma7_Fg
zZ<zMVL)k4vaA|`X9oz3S!Ux(~Ffsjxqn1X~;Q{S@ffI&fR3CgEEGr3s_x!^4%M@^d
z`j&u`*L@%NhAer1x|`c<Zf|$dYG~*QL8%^75p}Mep{qS2+$8!IWu0!fK%7Qbr7S10
zWYtSgHe=L!EGDip`F5h-mSI~I#W3T9AcpTw(t=J*X)Sp!g^Fyez=VDvt3RMGC3(<L
zz^jOat>J|%PlkA-9;vvK)}Hgn6Ie)#X+E#JKf0hqX=cG|HxWgZQ$m<p9}ExBk|*I5
zn;p0=kshxC`g52LE@a*E0$27?0I(sU*aM8$Pc??yypgWedttk(C8p@+VerkG=rG{C
ziI;pI`C6DE$Cl90J#IsJ?P8;hh+RDh2V$6+YZgB*kT#2(5J-E7T?_Myt&><}PY6Co
z4u-|Gq4jj<H!d*Bdw}cj_UNqx0-5?=Cyu%zU1lL$2*rjpnKAp#c3NfHOm7dxjHC(m
zGErR3mlx^`dfBL?6zSq)$HqUvsELyGaj4=c(V{bfr?e`f)$89yMx?72>xsGvXQISm
z0qP7z$0ckG42>?heZ6bG{|<f7Tf;RX%M$T>?)2CqA6<!O7DU<z(X)lMX@P3y_sl@}
z{p*(_Sb$<q?6>cOjRHkgpMj-xV8l)>)!#9pkHO|~ddu|)uDC#hVR=%~JC=7BIQ4tO
zzL6Sw0?Q--Xp(PB&1KZ@_BOP>Sog=kaCt}sjEP6iZ9~Zr3KOhywEqd9?+Xt%yASf5
ztcB?>itTMs!cMMTIl9T1Fe9mqkiCfvbwzcZ0$inhZ}<ul5<@Zoi6_uF<es*|$<JXj
z(r-RvaGr~eHd$(ZVDcCaO0ter$F`n=hl5+5w#S>}L8>*Lko4hW1^?juL&QFVWxt+D
zHkv+O&)ofV+Wz%z=azHWc4Doa>h_m(N1M_gnlm}$s?tmB?3yrqV>MeYw#E2K!Ps#8
zD}iD>vHpr*+>Sj>Nc!fqB{)j4sB+&_hd-qGw>$~`EB(b#FiY@JLd{cwWMC|^FL4e!
z#23t&gsjGw0#QYwB675N^TOO=SXVVZ<R??f)VTgoE3{pQ(VZi&X)CF&srmUBGl2uD
z>USH7w3}FZ0!*-5tL<gspSRg|sqGmZ;8v1GH444p<Eqo-&_>LpHpthW*fn6@-*#|~
z2d7`bD&9<D01c}16cz$XdWZUcX&MEFJiy6aA(Mf~kE4jxX@1fcyl2C;B(jZtwpbu6
z7N2)YReIpsw6(C3<uDlKsL+8NnnNxx5X|MOnxsXaK$hb)^AE*K)E3CW%ZR4S(O>Pk
z>A);fA)y^~m|Qis2fXgiw^VFSZee1@Rn}Z@{XxqSXZVVmP>3o-xmp~bD%9|Y@-qHx
z<2^k+mKG_HZo#ybx77X1HJA2M+s$vqRZFV*$kw1=Y(|YyVZIt9=Q?%tF;Fr0_~>(Q
zV?+4?N$*~lJdE;aC=vMlCh<f|@7t35%Be;i7OYYgs@pdifb};T;=WiFk6pF2maK)>
zyuU43QnFc@LvX62(7(mzs5nei#%!&tyIHlnA<tVA5K<}mwjfNJO@Azq-B5U4s=ZuM
z5uL!mxZ)RFJw@yW7(pG2o2T&zZZ8EF-c}ERM5Mt#FDz5ae;<1L&d{-&c%1OD^@FnC
zGdgJnw4e@6t+~o`PLm+xkG<m@N4>kq)m%BaxnH|~2RBMSk&xhG55N=AC|sYxcbP>D
zLR|FYS<W&6xLoNy)DyD}lb)#wl9-P@uF=46=!w|eoS#3<X#$5?k^eG8)>ZGULX88-
z@yiTpa^AL3TZ=96y*&>WkM~!XfT?z~r7hn!9`e`;)yD}w?s81`FT3C+e|P$sCrwCm
zL#*uwOP(CYR!orBR#?ww87PXMsQAggN1h?SNqK@GI(8hLed{#X7$j99iSAQ?w=Dz?
z2vL>C!#ptPResVCn%7VFAi1q*Cdb$-SUy-5Hn2lA9QVXt9;h&2RD}0F-;%Jd%IV?)
zZY?vEHJSr)7L}3uTh+-2!}|?!H4hXaJsaJ1=SkuAJ$-+eJB(lp2W#={Z7SbWk|^Q!
zn_X26^|WzT6-nd!&aG<>*lQL84CMt<`vAbE-*_u|e(z>Ltxz@<ka`v=3<{RB&H!Jj
z{G0&|5%~tvTN(;`zCQO2216D9F%%3PKE4l#KQ-7Q;WA-9Q}+eA*+BAW2{C%mKlcv>
z1qv}3BJ#C`9B{*d_l>v3YK8v5^@&ukK1{qHX-?m7^p3i-8@)thX5N_d&>L#<yV2*>
z?FkA<l1F<PChZCs+vISNY~=DYFeFp)UgLs;rQq*Y$2u2c&%n@3G#Qko{^cOg03!_E
z(D;B{kyLXh{3i`3!G?CnNRAsKmWV{e5l&`K4FR1YzwLYmuHDQ*N^$z0jJ9FLL|fkN
zvPI>a&To_qBaCTv(0C+~k?ingxMC{Iw};NVyKLs33x^9k?`@j2aI{Y&nD{lNW;AKC
zDQ&H{>#NPU@w&b=?O9V*v790?%9F=*(Kx$4cC{=58ZfJ`eNqQEyQ!<}<}vUx&oG6R
zFwGi2k6M<#@KT0JHRN*urgHtCFJL9MpWHw2qY1y1kda$9P=EYx&!o3T868l0(cz9U
z8VH9_gZJLC$`XWhJZfe$%W+6D$FZKl{*QNm3RfNu@B^HJ->+kHze<(9EatfT=HS15
z7(<|ed-@iv_9NAgFB+wtfJ*77+aE%s;Bp(3=>oAJ)coJU`(yP8lc|U1&amG<pr#um
z6J(BJ_E()X^gUK7TU4dJH>Ui3<hx~rMf@^<YWy{|p7Dl-z%A>70fX*0;$mjxY$XEC
z1>)2EPRMqwy+eegT+cic#^->g8U(JO=M5(FC}^Ob*X~SVvI{c|_IrSUH{pJZ3!q`Q
z@w_~BE8urQ`IM9^dLLh6q0CDfs~v1Wfp<h*=Wegl>2;G$a}tssg=Vnxrc_V`VvBNS
z|KDD8bHcTD`Vmjx=hG+Fsdqr{oMttK$Ue||^urC|7yR~q?NH?20(CzzkzK`??5gTa
zf*BFnf}P4P0|Ugz>&#Q@0f4rUPvqx}=q$L~o>H?M64IAY2R6tSh$=0b0{rX}u_>lV
zefm`gakB+O&%+~^C3-^6@8I1aI)`zn0Xhx+S?PknJYjz%CBCt)Yru=E97|Gf`AtA&
zJ*dUIWVG%JVNVc$5CWqglv2QB9B7r0_QAa7N#)^F|8V<*Wi<C6T1nuUvY#pgeoW>t
zLEcoD#qgDaw|aS2cUF{hsZ7O5pMLShM#8h8rurvJ>I8xogHg#y|NR(V*lrQS5`j!m
zw?QRqf7sXrd`T?cx+!m610W!x2pjsotQiD8xp`H?h}-ccOs}r~ZS4(OT}<%QAB~f$
z1hR;IQ^OhGa<3^VpZHmR`?Q!}Y8bd>I5-($9N54n46Piv>;SX#-{aUg4)XzN$08!8
zEwzknS>+2ob4<U;^;xJdvHlV{xe)CghU=Opgm=!i+h1b;^|OHX&!T<m>C0uROjNx#
zIlUbld-tU4PQUWsQ@E~rYnekwl1yO0<M{-B*n;{LBIHwl!;cAygmB9cBmv*qv6P5`
z;R}llk4`k|<Wo1*L6#q$v}Z(<i*%Ar|E`YTb1S`t5@-c|)%PKPD2WX>y=HMXVd{}!
zmS7<P13uGcXAYd>w7SRPBEA?yR`!rB7oG%<w=oBg-2jRnK#udVB4Mm$oxydEOIWaE
z*}Ow3I-aZZ&QFZmPoS1;=itz(&Zp$5W5JHsDi_&d#Gw6e3HvC)`#7PbeTG4bYQnW>
zLFnJon{HmxlZN0d2N`SIn8p)7UZRfwNnyBesm(K9^bua-Ku$6RZX0@4JBW0_lK|Rg
zNxnHfc)Sj4^XHdF7T7W}`MK=BzThF(3Y}{^nWse|Q26d=a!~!4yE610)2$Tr+iJ;L
zMT+YG1FQFwFtygANZA)7x1qowRtmZkxy$EpM`p74hf$=T5`cwZA7K1|a61&l?jjmp
z*S_KT>F6kn={VLt-Z)|Fu)=}!LI^C&`N7G*oOS{fLyG+#CzXtx`x0a7ne+4RYtMza
z(uVPO!;@&UnkJ3D6uPk>kdS0N%XI(Lk^@rzdba?$1?$o<tt$zdyvX4)vbFUyfk%dW
z^yX$x(ht@Mt@Qca$HAmY)s6p(Vc*a3A6`;VF3b|N8g8k$67Tm#W*mHFw+_kQiO4b=
zJHyCG*=3U^$;36IZ(^TqtW{XA9^_3L)`pMMOp77dRI_?I_-l<qH(rHBpICk=9<ky9
z<M9tH_*1PAxp@}o)g|_)QGsi|h>b?(dMSve(*c))WtTzECU^&8Vi}aJ-%XVVOqxHs
zck0B1en^}AzAo&^YX_?_H1mb;0e*sOLdN^MWJACst>|WoSd)1<KhnNoM7KFOo{&v9
z-17Q09Mzc96?{=dNZo5!%KssXeg-YA&KhjSCpGov@MsSY;5%|QsBQ2!P7~0XZSa-E
z3`d^ik9i8&XZNh>bFQ!PeZH$W>)6lc>64no@&Pws-FQ)5v@EDJHK7B&%IWP6wMSS)
zRmD`7WYUr+5j}}*!7PU>8L$OZ>rl~|p_prV?p5)^Y3xBiG9&*uGv##NNYkwn?TcW^
zCOY~!=f(5G(_l&MUb{{=7WiFXOlvN;s>}3{`eL23%VUYP8z*0mxSZk@l8^3#j1ICb
zgeZ&k@$}4VV^uIsI!xxpnncBkzvPWhni|eZ#@K;2j2V=hE`+(4w(SzF8lR}{5Y~qK
zmI-{my1m{`+TV}Mp{j--U!P)CfAOr*+Qn+yJlGNYu<Qe_jgYTg8RL9vMdd5J=z;(C
zx3P+EsrtnMm}K@_-e=7|{l<%_SL<ZhtlY5JyvW0G`giiP$jIRAOmebpxk~M1F(0(G
zRYyI;3jUmSbzi8n9jysRp>SZ)IvqkZhG5sfGZaK@M>9T{oNUCijCz#xPM8ft>X?wx
z$zP!_Zd8jYeZ~&qqDCh%%BFfw%!)7b(vv8@TW~i06e=_k@c!I4XZ_t%?5rdJ7b?A~
zrWGspoF~OZ4#*!;{0{L~Y|{^2vQFL4EVyS}fV~^9HTCP|MfovH%uOlhB}Q?08Dq;q
z!ydVCOu1jN;E}2Yt#ZM2Bm#|To<W!XOOBSO9xp~dV`U%2U4iKN^-Q-F<%DE2X1MQA
zCpO3bCJNa^E}r?qR#+{h(#~NmUMXJr0<;=c(w{jYrq+vA$R~b;=^kCRUwQbN^Kus%
z7kXtU2=uvv!dNzjFLxC*0Fpy)XXZ-yKM31!oe6Zjoo{#YMMziVm7l2FeBqq889pw}
zn9E9&iNS?~%eRCJ)W)g&Bvt=8Y*3P>K8UoImuEe4z~YHeie}wcmUF&gJbd*J3C-<l
z!<^rM?iv4wz^yM?PBjZZJYnU(?Hh4h-qm`~$+x5Vxr8vjzMcPjyN7V!?HTuSkpP_B
z8+mQGaCYt5lW-gO*fV77wb^Tlre+)O1WR4&NMCTvZ@e_z?1P;>G8-=KYCj>?I;8AX
zhI?s)@9RUa?Egnp4_eTIhdw-)b$k2~f9qrKVwH96S>Nmg+Mskv@=2Lt<8t+4_HLRO
z@7yQP-Sa)G-DO%WV~@k=rMRo;PjElZw9lbin<e)C{t!^I4fwlscXkwRj!&tti}|fa
zeZ6~=7*6uA)$gGoiZzyeRpx;16SZu0|5P^%@ZT^V62Sh35BPrXJ-tuyz4-|V0_jw;
zP^0G=r#E9*wJ#TfZ(J{5%${E%>^HdAW=3(=dLdfD@BzGC=@`SV(Y><l82665<lJ(n
ze|=(jfJmzC)J}jQ_4ew2`qNC;4L1ny7zvu`7le^&x7K~Y{QfT0Py@y;-ns|K`B~Bz
zxkVKObAKul0KqQAm1PAgNeMzuiO<(h82OjHAhC-=0vHYqJ<H9u2Md)BEu*n-m@^6j
zCl3W1btEpQ*O&E2hvB4be$;3LQw=BH8otTO`@tg=UVjqy>h6dO-H-DDd*n90vuX-5
z!tD1azq`IGF%BLR5Hjn^kXv_Sf7wqK^dVx4HW3w`WlHB9dVWf>@f|+$r)D(2--`=o
z02z98<@UU`0c=;hx4*E1k^6nPJ2;+OoQ3cZ_a%$FP7&j4)z?ZQAO-g}FHK>d^$00^
zj(h^~{B7YT&GjJ@5jSM>E4`WI@6W4^%l|N{|4zJX1aVq{atZR{4~!r}_&KuR8|apA
z)43VA*3A4NLX5cE&nn#7|B()fO<~XpHinlUXb^w<8ic4s1L<Hz0^B=(m-NU>MPe0k
zVVX0LY>za-Pj4-C(DH}y{}&K?*8@&FjwF0|@B-nLDy*w=_%s5gClXx>{}yz4(|hr8
z7o@-8T+|P|$2Ma>+y6)qYp~Mx9sYz>uZvo2;z{u<OI*a51fXSSVfH2K9Rch_K26BT
z4+`kdAjhNdLAZG@f8ni1H!C_mfn@i&<OkUdp_j?xnCxjURsjUQ>YOnWw`^nYP-P2S
zQ#-1pvBuv?3DRxZK7#tJ^$MVj>-R?04}w*C>%~}jm9CAO2iI!P2bxCjmJkM0Xkziq
zdq0>@g}OkzZ}ITKqvEC5)IMNB1mNo?0TkVS)8kF_@cu@H2B)(08gQfBP|3DtX$)J9
z_Ea1jYiUSeJ0wFvY?z<shUsWHF?{f+%n%mW>%hYI_gTc)y`#fGZoKgg?%mnf4%hu`
z8m{U;3Y`@v5<PJ5Jj(7dkemH{m0b~WJZG&ig$WP@4vev=%AZ-LyL|G4Nbqn}eisDF
zTQ;FfWd3|b*5ABYq%m|Bn@%0Q!Bb9j7*jT?;(-s9!SwWSXN#CASRtzXwu*FWu@r)i
z?vYNB?Y!2=J>vuOfp=T*tqOWhzhFoGt;L(%byQycn@mk{;mX;HRyA+rXdsC|)XL_<
z$;VbDz89uZ%enyBMef9)SHjtqw>t-tb~A>VM!P`+7AZ?qb<-s^MpoHr4!C5`7;-ZH
zoFU0!8rZ2n@xhzjPj_!FZ%+4iPfTBA`X)gml+ol>e%ukomMIH{+E}n;CQ5K8{!4sA
zd_d~{8kK_ggx;e$mHC;V^00*ouYGRk>5uKl@LTYR+3pyQ^Me2ZVDU?q;4OVW`vZ+m
zUv?al6tuECbRYU%QaoRIMY3~-Q#v`w5t%$OF7(aqy@0{*so&-{IPT}y#3EDz{l5%5
z#N$=<p{8*BA6j73d+A~zOttpVvF}9=x|~J{lCn90d&yS3ZR!B^&(RH2j!Q^02ysHM
z5lE*Ju>ql@)b7<eE?-t9aWx8d<%OMSYSzzIWdDnl29oF=4rP1DP^U+_Gi%=WKiren
zH>KbWcxD5~O=pOi=$_v0XU>d`F0C9CaV!X1f-l$_pUSyEyDJ{Mv0D%Rvlwwc@?o)z
zg=U`!D3i+&U-Dg4Eiac~8dKXbO3V6p1#uMH=+8+#QDlv{(?`?>)|*vFeJmlgcx&He
z9gc%v{1x6GAx)Dzf|-&UnK<uPtjxNgx5k^9)aNdz+C`9p%4g>gV!@=}m8JW7;ZL3)
zT|J{BH*cw*OzXbvN&WSo`5=tlc(|-J-hjr`UVBz!07xCp(2zCnfob2kr?1`LgB^Hz
z2V8x>Ehi((2T>~f^ahK1HuZ^3yzVnQX%ai-Puc+Z4Hm55$J$JS3%m>B@!`U3(?q6L
z>Kl$>_3tRk*KYX@0Dx-(QlYWgYMt8o+0O2@4hOUK$xAuOCwlVfzQ~4T_9-f`S(G<I
z^tOA9V8spy^FrjHRvpu2hH}LX;v}(;*Gy@tr9>y%(&C>5egV4nYUy5Iegc$&!9Q9~
zq+{4g$S86vZq>1c>HWsN8O&oiSC^t2Aag?t9XsuuPiu-P6Ve+tW#lx=kdgj&!#lpc
zdnk<aiaTbq&!7$`Vh<VhUHv~xs?%FWaNgxQr$N3i?zt;%f6Tel({?}2GTK*&ztvRc
zlY7adL+W<=^OB>mnge%c;s>)J!7$dbVYnf-Xa`#3So4=`lHKQ*H(z!jv7ZRIA$P03
zMlhrWq&NBc%=OjhjD9wiw)5?;@9P10NcC5h{;#~@oR0eY;1c_Ac%9>=f}lob<x<v7
zm5g2!aP{(ji!}{-;!^@el;jNC_GtvIw)Rz-F}iV<vn_^H#Bk+{+B)On`)Q~5z$vc=
z2D>Eo+>HY)N)wV5-|}NkXF|Cf$DZ1(b{iY=BHl#5udM9%#i6+)GaZd$MsU#y3Zf_?
zDWdNIws0?hA#b_6p_iiv*x)U<^XNp5VEM6${0DAmr_!4akF?eTYP(}YRlhG>;71x=
ziFUP`)F7(0Z*I_Im?{++DWX-GS=s=A+;)N*oiB9L@ax_V-VS<Lsf<+3wGGq0nm_xT
zvsuy3LjsTUBw~5tIb#!MH;Eko1ep1V3Jr^groO?Kt5ZtJqprM{d*IO$?E-Z6RTxm!
zi2El0UYn#|5@P&w!|bKoAy@FA&ODFAXh(shneFOtTJCJC?4U<i-BS9^?DQ<&s^`Ts
zS6)ALO&|THcWFIa$~CS<6Ca9ndauB-7h5s>JvIYRO0-}$Z}KRTwg0oV)|Ns{8aV2D
zP{QK$%iq&nOH-O1|6SR#&M$90{eX;$R|21SZ<NT~-tJhSbl=8n;NH>H<5~HkBSq82
z{Ykq6UsoFr;w-!7NbAL34vCZa7t7(N-SrGw)z}R*%_6x`-!p_13EMd%Q-6J2OaIEM
z-Aj2IOiRs&EVJM@011-+`|s`fzEqv>@%*$CmN<=LqkEN`T~QZnwy)REoAz%QB(%W+
zw3QSm@uhxUXF@})O)v7R-zN(zAFVu@Ff&I%#$zO-NPQZ=q9!vuLM+CcNu*u|_p>#r
zk`7W-$0PN39G~BD)W*izO-}Yy|2b!%lEQa~CFUiEYLUNwvU3U^^w^=Y7^!5u@R3bz
zcPK=dukT2wo~>VBM&8NizE`HqG{(yn13^~{QWm{cv|0oiWp`IDCji#{Q<D`;HKu-)
z%<@i|YlZqAf)P=0!*(=AUdEn$TIsF};co-KCR-UXI__K>gff#`c}NDGAJ#jqB3Mu4
zSxL}_b(WDn9;9yt(Z{zgthPm1&Bp2zl{Fb8HsU)k7qm8KYOl?WD6LXc?W64=6KXre
zJ(G9Ob|z6YPwV#^CfrD*mY<kiu$;y*?lmS(g|8SwRmf<x5$K_<JifGRagb2e5#f&J
zBjc3@w5vtWkolF0Z_-9XCGZ}!{ciWfmh?X45#AVqI|Y#%wUrOaa#L3zS)~pZ)Ij5Y
zVo{IH9N^jn_Oya@c{1c&EH+8jkL*N>^Z4#UnxvjB2fv@sQmHoU?6Xn$5AePe{;bHu
zKF3r^rxx;|kmGqV2;6@8p&$ECY<;@ocY<*w6|J;cIJ?8~aXe@AEob8Ac=?P1?D`fC
zGSxQi8IA>L)&tHjo5nw1(Z`A!6#4zup~kG4ZN3hbp~lrV@IlwIVu1JC*xaX~Qes%Y
z6}jrNJJU!ru6vBKIo#F<vD&5MR$^WB_T@tiDiI}?b9+Vq80!3KfsMtNBp^&pfPUg1
zFBz1EN`9tNUE(T$AD}M^oisg`5Pkmr`B!tToYxwlTx<c|h_O|)>W&|rTp$HioCDL0
zdK=BPUY&mvuAJ4A1UO9g6BqjMX_baI<WZY1dJ>kPXvj^#puKoz?mH^X!^JgL3dZtH
zC_R;agu*U(b#*=rOsgKf-!_)KsR4u|GC(N=LCVK2;}|#?m;DG7j%6(kr2$;2z<-i*
zDf($H0Z3L&I_hdmjHy%4aq$U+Or9Ehr@xw;9HMu+6sRyaOu{9h8vggI9Pz3CzXtnQ
zHJagsy{Wmytd5C;K9H!Y6wO^@_1{Ldn(?vKN)D}rhd19K`i9z4v|ntO0;5fleQ$)+
z&|+PKKQEn^D;FCEtyXA2z3BYv{$)v!?@!h@i<HIwdsGjX{I15$^}+_sT=tPq+E}}y
zz`wpfurbwWbmRM4y!0T_L7`o)eJjvQ?!{fUY^{s%$&dAH_LJZ-tH85X!<OEdD(%9W
zAR}#aVhe(IvP#ERxzwxON<}IqcQ|ZytGZRzd(qpW*_00MWQ#1LAvZ*>JQeg0)EnGF
z5cXwqm3LD{LGwRU(ts@DHjTs`21sO#E!Fsl71u2N+XYG~+Mbln{P@q((v&oaJh%uA
zFn_Un9DXfSDNg4ovEJQwVLSaC<-WP4d}<4@B4;>>^TUhS@oA+C10F^DgPhX}LuN~D
zK~0^ANpmKZ9u6)piqQ$zI1O9IZ%!7A7y$X(i_DdqMOJ(#;#?p(ig{zH#zxK$o{NgQ
zETU@BZ=VHmYDVP7FA3JzYc<&$?=OM-++Z~_46T-9)@@#DE%WW!A^9X_A;5GZ!v0c8
zXgk1?uuxPBk@a`quoSdH0>5r07iwK)DxxKc>O#t01Ygw$-OFX<DU_oCysMP$1{k}d
zaYhwnw1gZ99OALZGr<khw;SeIIZBh;847i3FD3gvK)KdM%W@L}ow36&i=z^SbN|@e
z=*Z!z=hxy)$s1)gdz`Ceq=E=)io`rMJ#!6&8RVbpn*0q~p~^4xt9|=~m7>_wawjjH
zt*ygn)*J(c!#rx5H_ikhNrUT6o-wX@xT>2Kp%<tL_~>&Ot5Z>a?uzp$d)9SX`QUTQ
z#NE;{GmhjHPq^lN-hP%Fm+No@og{hVFoIdQL)O6R(M3Am^GXsVisck%VL<8?DC^AK
z0nIoX5>SP14IIvWy$MrcBix^1b{LYr=D7!ei1CY=4ul*H(y37<M-_qYU%$kFWi7XV
z&cUgCudh=&3eQ@m;p?2!ZkAUtH<S0?;&-)-u*Hy$($z|wN+v$_)#c5^D5~#ev6I1-
z%Al6BL_Z|5%ziRKXf3jsD%}!rz}f@c_QEb+&=-@SS{qq?NirF5w)RJ#AZ5tz??1<L
znCC1c+Ot<N<8Cq_A|ga~BA(u2M${$QqjzIkDvQUeH2&q%#2lVw$oMq)TyH)cj$hOU
zt<Uo1Ik`Y0cC7pr95Q=^k!k1f+rq1*;Q4aIsUrjd&1EY~Dekk2T$4O>`FURf8KuZ%
z$R%92I|#^q`k>NtB4P>(#%^S_2;`(1f1q<j!Y$`_&3gI_GD3A(QA7yp=b8S))ZDmR
z>;9nn=j_|NT%^tRU0z-uudFPpyUA+xq<trG+Zcm0QMS%*3_37Wvvg|>2~IR3Z04W3
z@(SKrWP6Uj!x?1$<#!R~oc(eC>dpDmjTsp6+xv{uY8%v`w(7qS@E<;EK~I;1-Rg(M
z_w`fNUL2KWO&60Ap=4U<8%$jqhE3<Cwm<XE&NRxeNlE&qISP9|g8sF)(0if%E0N>t
z&S2b^=Sb|@;En%-Yd)EG4{wE|qd2kt;eKOuhr*&{i_rIOoq#L)y&`oNd7xixT<hUW
z`g48lVo(l-<|-zVt9V5z>P$bN{6^d12;nA8h+4Zu>dRmCH5yws^55X4k;*%9i(VUd
z-g<J)WUVz#689z26h7=Xjcfd(-Nqk!a7^>;rVleUF8Ns}O!~8ic_6K@;karU0i85r
zvUQ*THX8Ajba94Nw2H>I48;mdH}|M(7L{DJm#4!Hqq8#l#v-r>R?651I-^_#H-cno
z^ScWKx;5n)b(D?Oh$M@tB86v3l1<|5*8Yqlw76aIZ~nSr-R1rI&lLow0(;}7w&K6}
zxNBu@9Kcq?4qQ$&RZ#<M`XM?O*|}9)t8MSFD0|vZ@_OUEbR49PiB^&y*z|(S+m}<B
z>+^bsDR&FM#d_bryD<<3NrEVs$rBH`a>es^lbgHSE;0aLDXulPC-1a_S}M`NJi}&h
z`|%eo<G&MiE~d|{>3o2TR>dn;nTfarHRHqaOW>vq!Uu}=#aSfkl&QZ}U8tD|oEU_&
zL2}9CUxC1Y<gzt~|KO0rf7#S)pi`$!QBezDX#DYqHAq*TOGUaI-+e(p7c+#*($F@|
zIZNO7rW~=_Elit!#VX5}-{ZzoP1KvZIP}o=OEUy-_9N$EKg{TYgN@B;od5F<A8BC|
z#lHNhSgEnboQPuBA3U(=MLs#J@IM#h_q)9s^sR{sLmTg2`c@tWom9js$p@KXK3Th?
zso%h{<1xkul0f9!XWn{ihk477YOmtVgfO+k>va^dKHq?j@kNr<v{N<J;8$q*1{p%a
zXW@v-8r$=L;yVTRgKV^_hK(x<D$n|>xbDjjIDW9*w83QV0z(sKY*{s`c0xqrc!Ok&
z|3}wbK(+Nm@1j_W1WK{sg;JaZDPCNQJ2VXrE$;5t28z48ySrO)cPmhe6?d1u^!LB_
zzPH|bkFc^%a&qQ;GqY#*xA&g2=MSinGdEArikUYSR8U9#{-;N0W`)fVGw_vS|M4KW
z=vyx7H)SCA*hY+CG&Nn&%1_z+wo30n2J(Z<B2KsoXqIM}%^_R{n)A|{NI$du*q7`m
z`SgvF-MH_$0?9lff1_7jrilMpz?7PMk#+T+a4Q4OWsZxP8XquZJ{^;m@==M6ih}pX
z>u9smc+}Kwr^nPyrPQarAU8{6?cv!lY0#ggB)_`u?K2X~`=u^i3atrfR(japJM>5K
zcYj@9M4_2>r^ply7%XhU-Bf~y47D46+<gDWo22<yKmU72zrVYx7L}<9|G<XH6`@Ff
zpl&+^hzCE3yf~_FXgF!z&JQXxwzniL>Se^;?0T0cr?g|6f4rvgZ$gO!B?Y*@XM}yB
zSMNmCV2ejQM9^J%L0zR~N)jt9q`2u^Aa|`qFjeVM#|aW#{?u8N$oQl81B0QMWgQXC
z82VeGSm71i5HldQ(OWePmAST-DjuWOhO@IGE9}dN#ccV&yzZEJx|WHWz=B}WhphwA
ze5HU70>;^|XPMiwu&~^4P2P0Z5F7WW;`#ddsNDEbm0jFkmutJF({c!IZ^E5@wew`B
zdoiEucz<&&Zs9|(PSfLZPCH&P{Uje{e*C!F*q*L+YoPZku^|@COr@XiqOi08WtVih
z_cZxi$?>RUBW9mI#iU_ekUd|}pgRj^IQXZ*zhUsIjTd9e-ODZVhx{wf_L-SA@u*xs
z2G3K8)5j@Uiib*qSDAzF0f&E^v(R;%=6o8=(mzbv8{eZwIicKkn@3V-nYs<7cd;Ey
zqq3cyQ0eY*Ea0EmSRg~M>hCT&1xru$Uw7XGxZ@aRkc_kpu+dJV#wmblHRJ!LQ?oje
zY#UNQ3uGnMyv@p#-vW745Hjhvk=P<6D47u?an@G#mg30pFC2e@Si9wpHy2P)br3XL
z$yy{7C_?Syx7q9FCoQzo@*5}4{ZAR|;T1ae3e`f(?#L_r4WgeN)9fL5zb745>zIPV
znSXHA*wy|cm+GVv-}-a}q@UZ({AVv~^l1gh4b<<J4Fp0YGUAJP9()nG4;{%&GfuLd
z2=hUh)o<VAVol-6G~~r2eWLbPXgs2~7sn7w5sUb(CBae?Y~_yZPyQ8}76`?_Paaj{
zmP-%S$+NKCF|pWJm}_1vEnX^Kc4g;vw09}p!AUD=UQ9_zoxz2SQqh)kHBfx($Yh3!
zT%NdVtZKUp&vfoiydCe{tPulFqSV<febUuC<`Ha%!k~?DJwE=}ik+{s;6(nL@F~la
zUugg{WEj$s^2{MibDr!_X<0YvuEE@}BF88Hc9+d`SA&1&&3r{Kz)WiU+Egd~?!Bg&
zUo}~H2b|DBA-d_A;sKy60Fvkh1-SVqSuB%_Zb-8m;<iXgD$L5P1Y5zfNH9M{b_FDu
znevvpf>Jr$7dGo!h4^L?g}N{)4F<G*VkW_M`JZp1lsWj*LC;qrv@DPLvGs^-4j?}@
zaeHQn*VRc3k#O%KBC`VwDF#$V@b}(y2#dsl9tkN6V7BoPybk#4d*6`*4{IhzLRt<$
zCxT>s^q3Lko9(gP#w^jrUAMqRq}pSU1pbL%;}eOlKSj?09MucxKYFJkz%@Tl6ME$H
zPHe1*i%kdc=Iz-cN}(nJXMgm#7=+!9+(-h+xDjaNBaDoGpZKtSiN;d$o?S#o6d5Ct
zQ2Vr=6({YHx3H#;D647f6$JWMh%r0pU$qCdx1Sa=v*C$|<2nQH=f0fRFvOvXfGslY
zmK>2c!|Y#{K16f<s~F-BqVW7%l75@<Vv+^P?~|(Gbk!;%M<8}AgV_f0x{oW$`m=Zh
znaAVOIyO>d5Ft?mWj_xB#G<e)aQ$h5;I^U!K2gzjyZ45zg5vzQ)0a5a=du!jF)mUT
z4tvK-NZaj(Y0#tH?Yhw2HW%V#APDJ?DCF_d^sn9EgpWr)%K!P=52PYZ3PbvZZ-y+3
zhj5ppWWA_6<$Nho#ArN7>Nk=DKj|pnY|X7domuwE!-_=a3!eD?8X*X*1)z?ngNcLN
zgT@b*{<JUlC!gLTF`Rb3mH;B@=s+GHkKX(Egn<TK!~Z_{uD$q$_Kb(9_kaJt)Xe<z
zB7NNKr6EXW8vs(L|3NqS*F94ahy;uJyNgzbB+6jnZ};y9VoJgd#UO-$kOUsz6{fd;
zaP)xGA%p=b3vO_FW*dNJhAaw1dX)vh{O@4a4^%<8cF+6Yhe1(bWVzNo?<5LBG>ecR
zI&V0meTaXcY5HN7ATELXn$Mvm)FOjTQITL>JH$w-`iPD}l!k!$|MzYXz}$tViG(z+
zjRYNkfz;&={O>9R9z>eS|F3t^f1@HP3u~EBK?Q&WyM2B*>3lP4$WPwoz=IS4_<!FQ
z7G>s(s5LT@U*rE233p*Itfd?8#4$szW8jjSI={KAf0+db29E94ru&jlqL?Wc*(Jqv
zPLw+%YDFBb7hZ7VwQT0gE=HtcX&LwE?Nk2uk0`KH<n~A&V!%&c=eKS3Z>R<^SRkkB
z7lp8X{5`7MqH_=ilUekjv%<9UnQ|8ee*XFIH}6sA3e}H`4$5Frmg$;6o=oW;)32cS
zxMu!g<WAo}><vhe&udiQ-AyM-;IQ&qi)_NfK{SFoBuLcz$)3JRlnHNCNSY||*dZ;d
z>701^{HItMb-I5&Bl1p$=4p>SfEdOX0|-%ecwIbljb`QYkhL4z%PLg;%N}Rh8d;ep
zT4ij!1mB_Q@uU|PtYE+PrE$fCxMgsAhespXPl<WO8CmV&16f2MsOn|5xl{mSO&ps1
z%>3(`)^{w#pO!7Grvu_yzsG%pQfFUnC!}!oUEMg&Zs^wz+m}Jh8UD(u{s{stn_F#s
z6f@h9aT0*dFJ8GwGthc7h4PNySbDH%F`jzp4~rzGAHkaP7uI1igEdW>tnz;oEWZR&
zz-(y`7iuF|_l(rZnID3hg?yQfIJPT1@F!7j&*tCER?18s9u@TD$MmIsVNUtp+Wsb-
zp3spKP7i^ayG&5Ng!dc^X=#0LB2a{L8>-h#>cnE*pnrX`v@|R+g7aI;l@vv49VAa1
zDl!^PzZL~r=fVHJ$1n=mj~=yLov${cv12i<kyPu@shQ4a03Duv9;K=_i*+>-I=OpX
zF#Q5qH1X<K0b(|5O?4M|$AH?-dKRYZ3wYkSqJ!#VKx%ud2UJBqf)Io_$B19;Wuv-s
z;j5MQK2s>yb?shtL`j#QdAf(#Ob0LyQg$vtzH6zO<lNiI5ICHGQY_~!yJ1;%d*2Cn
zS%6^O;=~Bqqi-``%(Bz#PD>45jVwjbIL^hi6v%_Ww`mJ_-P~8rdy2Lkv9b`%z0~pb
zwXmNUa&sEe72Ch1>tMxj<k$UOHD9*IFiExAB9QJVw~4K2{c2+p^<=e)Gd^|XEQ4nX
zF-XOLK9#Y=w`R*HUpze)lYBYYFvNMvl`Z?EA%reDKAEw*7s9?yh1Bu8bw2v6<P$Bq
zMvi0mv}$jfcW<_9?UhcPPlEF(t@9}h*-#*L(V%bZRK)-*pXfg=>2mEi&ON;h^#Ui&
zI<78P@vPqd_7<+fuP=XYfn3j#aWh8-glN|YT;Btf>l4PPvMKyo7mmPt*QqO$$vLPJ
zz&=206ffk(vLtZv5e0Ud4`}E*mVEmh0`hY25G7`e70@yvucwy260Yp330Np(pm|kq
zp2@2eJiC_RrlT0pw43l78trg!WuwLh6Sf+dR)Te{AoMv`vgJ!#clNXEvNg*#Z3Ws8
zP9e*@6_@<0h-_9(nu}wzQGwJuH|m1M(m^}_H31iS&GIi7Qnx*=7o_n)VU%2r(MhgE
zoS(avc?d#r#DQ5tb(1HAX76-H6S>rqO_ors<A({UB2>a*S>R|2{j5E49@6T;?ax{v
z1$_ZmO(|&enZswa5gRnc{VwcV*pNDrzNri+r{|+abnoYAW!X+&X9dNUqwb_m)2-FD
zHRVcvuup1<>o9Tal`~DX-3mFm16@hI&K}7?*vlnd-9AZ2@*n(C=_4j5Prust;?`e4
z{16?hPs)%5sBd{!2A*IrLMx=7ErZ*AFU6MU)M3<N8KF>*6_pZ~jfk%Jae;GX*1x2O
zn3SGTAQaswz1uZvD1)zGt{=-q<xP9W+pN6a`&i12Pj@9&bYmT_cu-In+GoC8w<$+4
zPotK+=&Y?)U1wjgxE#2DJs7b<g=x-}_isuK29cD;U+!Zw#j@(3;F{0R-#_5aj=>m<
z;V7yyVk(IiUy_Y2@QbF!I=Su@D$r7w{XwS<lh1B7&ER^wIM7R4$lz@rT9l1_WOi$d
znFR+`(VW_9id@PgQ)l8km-;%fHOac|xI8$19g>eEgq;Y8umR~B%>s5}I6@2R=9ODc
zInA@1O-ex+8`pCvb*Gt=J<&}$<_BhHgS0XBI~JAS+Uj+u-n1xQTr3ya)2o-#<p-m@
ze+YlwzngAt-Mf9=-`AR{(|-Sq#3TXy^}$cA6h6F+94(>-EECCD-2emz?+zh?%F!v7
zJao|xp8{jDS9pTaAU}K~F-tx~k$^oZ7v4Gd_AThY<j3`$%`Yj_cqs!L93{EhBR^@G
z$>r6khXspL=gJWdVBvL^*N1l}!ISMEgss9PPtkP<h2zIud^gPex!XMsBtzVh_!(ID
z^Gl}S)~MX}a?}MLHz^G@exgG^a4T{;$E@5k$hPv0X_>?LGwH|@Oa_dw7Hy(`L^8A@
zmT|0Xd)PAQre|3!H+$ADI$znWkw(#QQvLD9j-OxVbgoAkf1E_`1AGEPtQQ~g?5QWe
zc#0I#eL?7M5tK3!{8d9>naVXKMKN5(oPiBg<Ob{TxyLMla7&Oy<lr(C^$+6nrfjU*
zsM>s3w;|BT2K2l|XgYCm-p^;TZ4)a%t1nE;tA;Zh4h^sAEgTe9TZHzZqq4A~yl>}9
zM-derTGWkyNSd8Z148ypwO5j^?n&;SRya`wY>IVOm@B!i3dVI148rf~enwSqaHl;X
zw>}Ch6|_0++}<e#gs=YDc*o`I)acHyjmZA;9Nm^SMm%C4(6xPOUflp5C+&6Mu_{}=
zCLAzpbkPI-C{JrJyg;lMnSJPqhNc`QY2XEM5*ASOwZJ4_JB0mVY-pI`7IS~vs9GP{
z&UdgjJ~G%-Om9Xokd%qLUJGYNd}peBz%;y2e5)l@$9Cy4r^Z~0F(HAslW~@()2y5+
zW%`Y?^F^qTtK5Al-d~#v73;!pV{FSZK>W#`DJRlTGjG$|Dy)SwE(^ice3>OqOTlnV
zX39{>wyBIMBf5F9Pmctg$@ehC_);{gLtS`RZcSJicAS(45PBO`QwAV4+rU9Kqd%yR
zliQd*&Y)MQw@LqC>iGN}MyYg^yk9Z0u9d=_KcwYuuI@b2x@tyCYa73yRvX0y=bkG+
zkMVq#DJDFl<8PUcXaL*Bf1p8L11*!{CT<N$&fF_j3%O|Ls2#)X#;&i&TUtWqYF70|
zY4<JZLiAf-9JwqA-nHk4OID9?Gj4~P5Q9prmp#5jNqR^i)%;Od+l1vYwm9cnv*?<&
zv-)PXRlCS5vNUV0K(#xhndf=t6W$`%O^&0*2w<;X?brXK>vfZOqaMb+nV<EtL4Rlw
z91o!~OIY?Z?nRxS>z6V9<8(<$Nz?-eQ%Yb{%QqViM4G$$rBB@mc9(@vFvwMR0Hh<#
z{}?NxJOo4hKkxWF+9)ujbYQrYg()fwi6?UcF(-~otudn-1Xv72RdHKMXAh(8Si7`Z
z3rDHeOAbXd{J_I!RyJ^{YW&zzzyczu0qw)8R-BMEQ3y2FG5oAl?VCOTtn1~r6UkKx
z%NY8GQa{!8&%vUKD9-igP!xw|myw87fY5R2s=NKh3VG~~%-Q?5c%3|V&jvaCauI^U
z5m6XA;k#|mc8tFx$N39F9Po?h#Rq?{IIm69Riz!__)}`M`-HzIWVK|v`=!8Kf@?0m
z@h4YYLg$)YiR#ObVPWat6#`{b-&R}mph23S>-J=z?FE>3m(7PGlyOC;DGH2-&OoaH
z3uG9z4hkeLU@q7G9o5T|eD!D<=62pk!vfG;DQ1EN%q+MxnsJSE=&1iOTjj@Zp5Taz
z9gsMa@8#5=bZnkZHv&I#8wL|5*;VhdQO<bQw1o$8vhcFtKt6pr-QbaTPEu4hwnZ9P
z?yFb!d2GRsHnx0udMxnA>U5oK7YnB<-*8c<ZcHa!KM*VP`4pcf<d4g$tj*4NI;qW6
zdui!{xOqu}<a=S(><325RL7TLZLSBo*_cyYg_c$uJ7c8_(&?e9YP*mAAf(brA-R4y
zU*dKD^x;OZ<(3RZyDO`HQRv0J3-Mi3m*otHkUUp)YRwiOt7-M&&i?N*qn}h$truz3
zKkl~PGBp&yeIjxg12^~^*AT=8vAIihF=gJK+yI}2ouOfrL;rNe&i7@EUfp(EUXiP*
z59-ajna?&S^1_r3Q1RtF`^)j8o5~r5B_Z0sO0$kd@a(<3p^x;=@8fWNpAb7hoc2=r
zdiPCzH2j)Bj@yEshLJkITVo{lx$cX67+uP#`)U~DJDYa%3YAJ++ZbaYz=a{@oB(nt
z3F+XI>hlI!d$$CeG|3EFho}Qux?*M)787M@@BFA(An)j1lj^4M5Mi1CA^hfJH9Gu~
zrDT~OYZR*FhK!UH6qlv)bk3cZkue3*vfi%*|LCjB|79*OpQ{)utiiKzejoo8_55?*
ziNyRk?x^40NtIS0yj&|~*g`xW)kT~_LjDW=L1=ZjJpg~;oGzSjpnq`4f=hSs=>A~y
zhuJ4Kb9g~HevH)OepGE4Ab5D4#@Y!3;fjbVF@N*LR)J>eNS$uFz7aF4Q{?+wYUNPP
ztuK&oTy17_+f98F4S`c-6a)9_L&J6sJjo@I##bCSdfC<ZcnHRoUDw6#G$C?yDD-};
ze|a*%W@4<CHu#6hs%Ojn_pdU{6j(8mDxOHkUeO0ZASK|~5JJr1O=SRK!kmbzp0xSj
zZ|%u&Cgkij6*aOEk0*;}W&vU(mmNPuNm^J!(7s0c63`-YPBPWK8a$y*|2*2&+!TvD
zJMj@K|2rs;Pty}g(D&wMvImjW*T`XF_sc=7j8c7|g<kn6h8Gv5d~8$9d%dW2W;thj
zNfrvJk*ROXMdH?jOUc(pgUw_0Du9tCrEI`lc{LQ8%VgeDU9DXbcqixb(3)$ZSUFr_
z1@zm1m~GTW`Txd{MeGG(+Ag?7A)ul@RvN!>pMRF(rE|Pb=lLp|J#VJ6uV_xZ+k*t6
zN~u|tnzg*XP9=Blr0j_b(P3)4vK6!Pu_uGH@j}eACF|I|wdV*En&0#l$AvT?IY|Hu
zeLwyJy=98XW+Bip_F$NB^!UpG!`N1;1iWiO6rcbRY=G^pivkPfXdo85%mm68j>~<b
zmK1e%XLU$_+=PjihKS8d5&BU%p*DZSGW%_e%%_^2U$e5b6~5sXax|(6X^scp9<<TR
z+Q5&4KmFFlfQ7KeS91cm3y?p#tY#a(Es>!>D<1~@;=I6;(nRj;?<?h)>K}gmqvWxH
zX}#IYQMKT2_qKOzhr^as%OqwS`dRQ!^HuTTmk=E<h+lvs2Zf$fNL{^8u7KeOL~b<R
zx0Tv_S7>u@>s73Cjr~Ab@Z|n&t8;1Bf4s<IswdCTbFQlXOVQt?v7N$@Yh+kgYfl;v
zg+11#;iodN6ibz-YP)t>dV;7=CB#$U$bl#OFA1b58(@~5%hPE<&eIvy*!Pm}!nG2V
z8kC0EGE9Bu?(x*_h|}e14Yf8$(GMj0#vJQI41%ziyByf~L#oF6s?xMdDpWzaQ+!f0
z;9SLz^9UO#a_LdrE>PdbCtCMVgg%(CfjZc!y58>swDlBX6}%5}%k-kL_5Y|Y{U4DL
zDzTaExh}AG>e{0y`Wwc&e!!!^yo_Ro{Jo$C7Q00fLftH;keKe3rq3m%CMdOlFP0;a
zzRPU+^0L~gSIfOPu>9PNCj)CldmGcs;UndHi$VUB{uX#>1t6`F`sAbJ8rHjo7Ybi$
z3|*GE>>%nh;tOc;5mMsa(vYOWe)=$%mCL&F`#V1)X%ikEY=q>%km7czNe)l+-+m)q
zhDE8#kvR|H%R2y;VKd?g6D~3;yuRK1c`LjgXm837n${TCK4skjLI^bE-*hgJ7J7C`
z&7+KKQxC#amMS6Akm&DHsgIKhMRd_2#`8suQoz7H<V`<T_V;8(K007-o|@+B>6a%6
zw`mb&g!&wcI}jtDOV~Rh`yldXUV3PUj4WkHlp~3fa9|M8KeM-d{#%>5Qr0$T|2c-9
zP=4SO!dKeV#6>wE`*O2RelW;>J}@m*x8f7i(rgjDylti;H6tUF>a|Prix)4@(J822
z68%Wd9=mqaNBDvi=cr|AYYxn}n-pQpuSz7wx$d6If?S5nqd;W1N1wNO5R~KY(gIdz
z08~&Wplf=8{=&*-V5j~~N=8dZ^HO`rolK$v5Xr#U+RUFeI`D&Y&<R$pBsP^woOJ@I
zu!3!!lZBOS5(VLQt)uQ_^O94|Tmyff$=w_&4S7E*FVC_X>zpr7hjZtn-|q5YiHvYH
z$>w!;Ena#Zd3SU0blHE-*}uFBtgw<ARD(anvdQ;^{Ej)@zmd0SM5sGI(72!&5zI~&
zMv_bq`^C4JB&Iq5N+e!{^nR|7Yp>MMA=`TJu3xs!{^y@l2b)UZn@jTQ-*gyoDtTQB
zE3SKpWUgBrE~n)<TMg?#&RTxcod<YzR%*54{Nq}7J7a8FfQ77Hw@qo~$fv+sDWKM7
zSKY>*Ven0q3q8&X3yZw`>PoCKQS8kL`6$-8_I7%YRg<!VQo6ra=QK&T%eK$Q<H{HT
z@0J#i%s8!vAxd6BoMMgOgb;1*1D)%F<L8)v&Q5VerD-Sr{P9XBd0~x;+I~G{D2uEZ
z9Hs2}>3X@`1EOGK>(htf^_bZS`{dnn&d=TPB|+n2D_CQuja$jPWBL;eiszOa9c=0z
zSpIWw|2%erRG8c}Y%791^98BuFDl`<oLY*+kuUB_(El2ZH4C(LC-e1#nZN6vq{aT`
z5R8|<x&3m^QTjXZ@B)1`mL+WR#z2i@sl8dY&h8|*%ZWum4!9Lw929(E@9*(W5APQ}
z-4FMTks$KYhmih4v3<VGPx)pU6ZnwRE%P?eKU(Vb_vvQ+)y}vqP=;oYtWR{F4ef<?
zjEq+npD;BDdpL15&#+gfdO>8*+qK7ng56exEo^n=qYK*rTz^eNW&um6rQ+%3On_PY
zLv*?8BBQXrCNnMG`+l33%eExp!%I*7h1Ce(5UkN>Z`$3)q?T7G1FoQo`R~p;l8`2o
z$oT+<+PQ%mmRPpdp`)OQ#U8dJ<V1;m%&}7asou8_!}(X>ztL*d?RTfiQ#1L8?2t)m
z$4UlvZiVVtmp-{Ps-$Umlo;uwi-&M!3E4Uo_O&V^PG-sp&o!-L4TLxoOCjo2-^SJy
zAxGn`@o>XX_VWC}u;NMHWG7<4SiJ(wIXkx0F=k4@>&fd;^Y|yq=;2O8q`C0IX>mpT
zx?iwazgI|D_+k86O;A|S+1S^2y$l2GnmjYmMn9xuJ7&0j_~BD=gKn`TKH{mwd;sPr
zU{cn-be*X12TQT$c7BeH#R{BmthWn?4M*{w-uC?!+G~uHh{(xB6T4vkBB<}ovPCq=
z+`rKog2;wBR1Owdr!!Y2A!%nBlTZ1{05fwV^Y><IS-6P!(9E{bk2ZIW^vimKaAYY;
z5(^EsMjWUeD|1fmc!QeI-YUeDnBc}Ra3+{+8JpN5dm-dsjZ-t)RVBkhgzf0;<I*rw
z_ey0c?m>-z1pS>{?>&K~SP`};%QaEBaxOG@JnB!w^uOVc4C5;W1xC&U^t920ymcLu
z*MxkoZNnyFWNtt!XiPLJFoD|psu>(+e9}e$_c|H*A`9F>-z4CAixFqvTUBZ1K~^Jq
zC<mxR>gt<8iII`S_V?fzrHYj-8J#ojJBqi!--})IE9?;$XZBUn?HpIBtp#&)N>sNP
zopj_})TywDaHozbAGI$?C$SA7InB%zg^o9bgOIuw5md_qf~J%YxR~bavk~H>a44{8
z4k3+aj@{cICXB!N<YE<u?~EKxMsEC<Uq!>E0Yu;0coXm6m7d&GCDOWn$wgNGYEXv+
z^3O?58!ea-9bIq(-`k9li6L&uH#A+Am0OWMa6Fj4?)d%Oo)N5>Z}hO?7?@0Q?Z%VI
z5jMB+rWEx46L3|_!+o#V-TN!CQ(r=%YN+1t&CKx=MEpV&NUQ|(S2y!7J8~8zNDmrW
z`q6WL{uTW|8LKW%cYW<}<IbN+`PYy{25$slZO;iJ6Kgj>^>c+CD~@62oXcX0CE)Zd
zoaitZtxIYO(Q<FgPk=25bojA>km#Y2RQ)n55~jdifQ6&CaFwl|PtO_e4(i3tK<(oI
z)gLFy3P5kagxs%M6mG#8O)Gb@db4v7(S(sQEfTxf6^g|hyE2d#n#o4h&X#w|Hj`Qk
z*CkGshM-dLf%bb@AnrV%e`jip>=<(tXW`Lnz)Y;e^R88k=hC_cyZOO$Mc=hvFdSBw
zhf5zJ6piHO4V$#6XB&6rCy$X)JONJst>>nT9+h87woo)Ln&Zi&rZcxR|57Qx`{~qe
z$MhyYnSUiVIZQVt$8lX{bo83}J>c$m`vi7Z+?}N|F7Ntxyyx+k&&5oUlrkCigIqeg
zCk^sxOWmuu+Yw^~ZL~4vU$D$>2^2H6oeXd{w>;=ja`iokB6_eA)$48(DLr5|dDrK<
z#f>GWUH$H_nf@p6a$Lx`SPNDDqptp1WAj!k)uCn`0zcPXds26X3{o2_<gxhCR2Dlk
zJqQ#f`MW9gBA1A1c8l8E3AI0vb~>ahnyBrkyjzB;*4ArV{ZEFz`mD^QPxRFi=-C>>
z>-7#7tBnbkQ|Bi#|8Vw$I_@;tZxJCluR6PjuN&s6)-7koyh?-UPV;qLycZ>fOo)IL
z5fX{Rvp2ijcD*ISj1Ah3LVZdfPnamOcWf07cGBN97Z(=!7e0DqgxyXUoZ?pM11Ed7
zu7x5}Uyttwr3%ler=|w>|7<CND^354pCZB~ujoG}Hed&q&rg(iS$X4Z<1sG3MudRO
zkO?%Dv*9lhUIIjX%7N!!1Q!uO@@1>{`==-W{o>6tRrfDrGclBZ!B;;7{=nF>Q*EpG
z4+x(6PX$wNC`V?)ng0va)}5kTmEru0Z;1lmQA}*K{TCAcrSYo`-uc`X(fOKFEWS*y
zNa7|kF#$JnI>7zvdAeO9A@O8Ydryy>1p%}RFpI*`)#yAZ(!gr^)}d(gY<qj*sT{^`
z8(wR#&PB$ZTnB4hsq6i|scn7uA3m|)P)OZ$%N^k6cZh-}Zerul9C+bQJUY3wa3X8#
zD$JS-##)%0X7JOk%E+e#iC7u<-@FLBML+KlEuxQQwZDtpmxc)Ht{U;hYU}d|<wyqg
znuR;UT$>N)O_Iy!#xMVCLs6cQQXC=u<8$2ng7Esr`x<`NrBdE8j+`m8L%f=TB3><*
z-I@baWm?ky0h|zdK(nzKvL9~+JUBS`b!mJ-dZjL+lR~<V4&OI>DX|Pu?>K+BaY=J;
z^mH}7!DA?693O1ytEp(xh!Q{qE1OhcZfCu+vP87e4QZjRku~-iD>L_xKAnwatDAh~
zF821js?*K+d~dxioHKu`i5=gHn<FFkVyI~2Gsgf)jE~rO3qNcpX8OLKU_F*z)w7-b
z@x@&@b^H9w%{zoNAlcd1ogTR|oLXxFBSkEc9`Cbcf!j%(O4T_s9OI9<x{aQ;4CKTe
z-v`_a8{2*+Nu88d33ogij2H-a#2&`s1zmI+e*%`_A=x3aNthd+6EnPH`j8wX`u3%B
zDCpd4V@YCjXQ!**FPA#RD4V(_?3HUjS$&m_YUy0Q8sp&wtAn@p&ZfYS5~)4kUjcfU
zimeqYl2WkYd66@)677%We1LGmh_J7T6E=3F!k7Yon9#gw-5{1E@P4~LrMq5^VJ|Wn
zlxgi!DJ;|ydzdymeYegr)w7g|gOqh=johXLi8BtpV_O^xkKVSV@;x7_&yMEEjSm*M
z@Y-BKDQ>=27%sB168`JOU=b{&qj%&5;acbT&k=VAlkue5{x(60`c_?HLHOD2;Qo)(
zgron&Zgbm0`_JV$MHe<}!O<gW@b3b#H->u4WcnxCoi_%~HDoiFrG}47WP5r8+P_z#
z9osjr7ye_&r_{~F+#ET^1_lPky?m;#Na;tm9mXFs%z1CJ>SHw&QgBvqGr%bdp<5;H
zEE$)dXqc=W+C0@F%%7cCYd~=^92O%U@?NQq&#u^rZgXL8up5Uh{*F0jR8}P6r9_Pg
z5~5-G!EgF5S>B?4=y2LTIJ(^Go#L~vq2B(;(VhB+%yM0G8}k6yU)TXH0$J2W`(^_I
znVYsBNNXVci~jrlFygXl@~@kvrutapKQkK2BICn1O9z}|0>gKiruWLdHf9Tb&*yeH
z%RQ%>>HZZYUtIU2@y)L1fOREe0sxp9I&258>AURmh2)oO!9H(#IjEA)c|P4Uu*4#Y
zDILM>jdre)zE^$U!rw91XclrT7-bxB7eDEhkHfz%U}O7_;fVs#E}GVO6Vq1SXj>e#
zzvHOXI#`HIjXa`dXyoN0E9N@B@_s&jE^&Vta_qF#iQwP)D1H%tz4Lf-JBL`@QTIys
z#D}g+Iu<lI4A7rWPMeV)xldvPT|_HeO>Et;X6D3R7IwHj=T)8rpD{$wwoo{ZR({)I
zu^zu$uWm~#Cr7fACWMt=!^;3SySDB4zkDwnE#4%2fnK}&Z%`eLA2rP!JB_9)++U9T
z^_I(LbE;}6pf95|yWdLM^r7R@zx#_=q+_;X)^Q`0d^I{v%Dv|2z7FgSZG)A33C8Bs
zUE|I$WEugQ;MIt}=(JI!8FAP$tA?x;AKh9}tk`>9kG|n#Qov|8qlOna{doyb=+ZeN
z4McT}PR$07u9CXA*m^hzwlj{bQ3yF`EQtsNue6ku3$BX~y*-G|%*^=E8HvciFGK(#
z2TMbfo~AD5-+({~mSPJcKBfj6`a7&`VO0r%hKAM8mE=Bu@6qE8YGZJBFUl(UzXSM?
zS)fYz=JK!nW6?fDcQFt!XoCZx&=x;9{K_lE(c5?P<UPrAr#~Fn>2*Q(?TUQj6_~Kn
zXYsy|?a?xL(kOTJlU_MoA{9X8d+ng8S~Ras*Yip$Wfz-bb$Ng1Tc$$VVFQU__eJV%
zsTdesrmttWrw;Vhf!=n6!g+lUNpw5C?pjvY?~XB{O_wv7&-+KxIZaK=FFS}|1{p}^
zbtJZGTx_$3Y|qCt%Fg705=k%8{BtwP@q>S3b}Q2>T|=>}PFZbA7mcjWF5)j2Y)RF}
z^&#L#wnD>=cLTZ^gy1$^W~SudM&3+KI+%eM!Le1MmIK+;4Mg~mPOr*@iB~qROtoZj
zV~)R6Ia2lBUe=<EB%3W6aQr~|pF$bw%AbF9^|%6ozCM9)*R-s4a@6-OE9bSb9>AE(
z(owl;pM3l>v<p2ycr40*RH8Vq#SpjbvdnnnW<l(?4^qb5FQs1kyz{T=Hu8gKZZw2I
z`avT4vZm<Or{jOUdyzxFOkP&5HmGPzRG&W6b?Tq#f4ci6SF2X+v>cAs)pN=|qadk(
z)-3uSQWgGr)+y$+sAXv=zY*p4FNXi=@5LND?LLrkXl7+zZ`Em_r3c`}tHTC3iI?rh
zi`H8)makQ(-SM~;Ry?Wk+Xg6yV=s8}G4TdAw-oYT8^N7YE_6RRrmjqM<xb^~iMm)W
zGQ`q9fCDRQ{|9NLo?00EV>rCwW^V?#PNRGKJCv>C@qDCEIn(E6_0e_x_2t3JYn<0S
z1iy;n12V((l{2C?*Xsz1Tg^?Eu!(aJPkDiyXLhdBelf}gqjB6~_V<v$A^p%>+c3Dj
zu|NN!!29J)`-ImgR7aHT6_`Z*J-6Qwrx~9YdU{USLH$ASuR>^Og%*FW#Yl~j1!S$N
zzgC}4eZWk|^1a6}HdKJRIXs+&&0O7HBln}Y#4H*O7#Sk(J**po!_a}AA2@d<9z3!C
z=gh9r#sro3w`%qmc)oXrJCA>=DGj=yRr-rYVelVD;z1|~Xmz`fQ*SW>-~G=OAC&kr
zIl)Ols)4evPstaBPpG>_$gS9yX?*KO0>?;oZqpV&;ME2l^xRq;ji%#;5i*5F$i~P*
z47=pOKQ9$x`icav4a64ss{Hs~%*5UlMaL0Uxu<!cv|u&$vg<-gtjbA%r~LepP*GQd
z7_jtqa>*LXZxRJ%Y>;SizmMaM$$0H`0VUA1Q7a7a@5RaG&)EMZhIH>E$fL@@1HZ~(
zIY2V{t)c&$x9{NZg1vs0PnrH57fj(_e{WQP4Xg^J3<Jyx8xDVhlGIIdK#|r)q`^8Z
zPJ2f;>wiysRj5Ee{Hh6zSbyQ*<C(<ie=2(azse+h^?_6}Cs%_8`f7U5iu>oM2{Y5D
zal&z4qNwYk;vSSTLv&mk<X_owGga(n*~V2!Z3~tIC|I6l#&5LSH^yFV4L0KBF`xnm
zK^OfIYH~5B=)0;-J67X~Y~%UkW_){8CRNv&3Iw3Qg(`w-q?Pw_{5U|wnjZ{cmuLID
z7_DP$T#T=P{>6)J^8u6^Krqb*rY~&-<E}d}wV`$9KnwRZ=MuR>^^LPlZ___#n=?mV
z@1&r9+=9{2F2oCI%@U=`uOlN^{-}*@BGEWyG?a!cn2yxgPewyiZZ@>V1&1hwrghaW
zW?wn?*+U^-O1FkAH_}mBMJZ%KW|<XCtsPh{X+$%K#lbr8r$Y$8=`Mt(g*$#(57To~
zAuX~goZu3%h{&{#5Nijl7EP##|G@BmIJdo>A#8--DC6*mQt0(xzL+NjqMz2pb`-=7
zxVr}a$L8G<hk2yjtRXb{%<7?lKc;13;+Ki#u1GM!7YA7)(s~WrdYa$n!>NFO4&=$3
zOJqWxU7AwHc6yFthO^Ep4tMAiFRXOi8vI)LkgEj>7+&1ZcpwkC6+yNf#03Z$%-@<a
zs$%5T!tF{Wm%{;wJ(pBNiCCjbJy<ks>wIWZ^$1ouQcR4F87tMh$@P|8a+QtRI=kc?
zb}Yh23Q*zF@93WGjKKW;+mi9PN+D=X6ACyW102^C0L1|OsFxo)=>a><O5cXIEn$9k
z6t8_JP!9F;=})m2^<DBr?~erhi8P-E+j0WS$qzh%CWc8(BB@06qiKx^BL%fq!V*z`
zX40=~CL;lHx#&PGUt{h{auu9PIr|rs>ADqmnssAF?fFZQfXl{uQrf9Qj5(_cp32i|
zpF*)bnf^;Ouf@h@d@<kXX&2F`+s~*+7+TvYeS=d>hFfNhobmTAZn%4l+dfCr&rji;
zRY(>je6gW2wY36!-Paq`;Jp8khk@&Ro2_^zj}H}CKv|h$AFNwYc?^*6jk!wHIY)qH
z<fgXB2L6@Ref&~tFl*aF8gi(?1^Khu2{rz(Ar4LQ$M0Os9m_8CwLV|Vxo8IX7qsOH
zrq8zT7DC~F)CNDMS~6L#*|F!r-0#Q|ZEYFx9L-C7V)+xqBlIeqv{GxJ7*-XGY9_7i
zZLZ4?y2n6UeocLBK<_|hr$O@i^G3LOHIgL>w$Q7VIF%}uO~VH}d=O(PVC1WdG$=B2
zDTTcqisbWxvVQO7q93BE71>%TcU-cZEA3td<E}TQ1UKbs)KX?dlJl-EME}NaTm5R@
z{7!#_MX++qc9aTrTlzzGj#n;CRos*MczeEv#E8cdV?4(A?#Jy8%psVMROb;5ydl=f
zyxhYtHphuydMt=H6t6l(k#?JrO*7*q4wY%V;c<ZR)mc?`9-E$L^*h@RP85WA+%#yz
zLU~i}lqec-84SBEx)n*6mmWqz1t8$$L{=`(Dl&ONTDC~S*NYAJ;9WYlR@8D&ZuRj}
zvtj=J3#RaF(ijT>+7#oyW*;R>W;mdP+AB)7&!|{Smr+G}+<J&IS5`Q79RHe4<p@I8
z=OEi|6&4}vpL?IcruE)T)6-A;rK)Pmyd0pS>4;ux)x$RpuXJzND0o4}$9GU>m_f*9
zuZL~jsRXf{s4<B8%(wH}L6-`Em=!%&$`fR3I>Kant~VILNf2lPsafIKD1Gb1;q>e{
zL{#K!#Ih4QB2gUHW3}emXuRcQ%g1_A?!OrdvB!LD`{rK+w2zFk;r+kH`vXXdDzcfV
zYU)&lcv!xM$XUiPJhfC)Yb5f>4GuT!XdZel6|0`v?>T9nzIZ}2cUn&A`(7}LsUw?v
zC5I8n^A1hqv(W~dkmgB8)ZLN5%XtwhT=BE3M2k2vT4=9UD<syUW}`G-jmwH^CJb<&
zyrC<QS^uku=ZDfk@@fYU9TW*9E`s_L^W<vK2K9R;iBJ6Fv4nt2{G;cifG-O4k9Rs`
z_o6|LmZ^N(8)41%g)X=VuBPhHjN}^l%M{XGexG7uN*5j<iVNRgS*FoLNPF~JbKvo9
zwPu1DJ<SE-n{v9{UPG?5SLH!`T48LSU*E*LH1qENvBB_7_P^gaY1dTF#Z+Oil=15N
zx}aZzSCD3iqkWV>3xoHh{Vve0@>YO=1T$iq3DfB5E@zV=B#Hwq{^{NmhjCyP_<z`^
zlTQ4ezRFBe<({{UoueG+5dwjQhHs*96EynUt2J1lee8FSk5IqN&Il&c?|?jrn3LEP
zZM6G@rGjwFf)+{u&9-GQi>d}wxl&U~`7^sHJQTQV=@_ky-gKIj9HHW#6*$(+ML$<U
z3>DeO?7ilwhst=y74325h73qRAxZMHxs&5eKYFs@5>NQ=^GD-Umahfa*O*LyMZN*~
zA(Dp$3^A&1sTK)lY^Q{WsWCG-F8E!105@P^&ltQiuc@NOn)4|A98D5Jzxo5l!;rK7
zM8{gyl0rZj&(Uf(J-{jY@DtP(uqpM@ZsXd?0C~2GKapO(L)=~{z+}weAxR7TUEDyI
zpS8V!<SVTSP!9{hhqb(PGpf{0J#7a>_s#I24VUIl6Ej~q>2j+^dg36FM41ow9$soe
zJYbZrwpu*>;zxjKsVyI7UU%HZXG4FZW@kFNX|Ccv&q9+VJ}T#dBnSS2VBNxv940E_
zmmh&N4kTe<OWF%2ich|ekW@I7FX#!*pza4i$lI=0t_t)c7cssWm3j!^bKh`72?y7h
z*}jV^qlyVI!iKn36K{D*z`vOb041^5pa#|KVJlB_G=4Jy9(JN`{y@1LFc>C<-UL8J
zwfQrH;T8=X426vOx+{AF0pInoY04?sA?TS9m8%!qLp=dx9{-zthYXtxyOk!#aEGfg
zQ*!;tVyRJUcC&BJo@V_#Q<7nctF{qLwtvV+1r$}LrnFT?Moc}akbsGYlu&!eG_tx#
zroMm_4A3HfCq?*hGJnJ5n#LH2g5QOFQmIaGMgRiT2-4=`>l?+2e?gTW7lFI<`GJxI
zp#?+&fg1kKY<%A@+x-F8gkY7lGY?72)e&(piR113XAFhXaB6LBUVYP4Fj(^c$?LWB
zg!O?$+CH)t)~@Fp5ofZ@q%AIxS?_qkwT#Y|0#VndLj6k2(zQEgDp5h7_jmuOz(tHY
zdv=lpW|p@C6Da3OGFwIAo~SQV2W<Dp8?oJ8LR|hgm8`6EA+`^5O-x-qD!}Yav91%1
zcXF0Ok%CG8Yk)(KJkxQYH)@Uu1Bwp-G^0}*-yFj1*7O57*T%}*eyV-J9=_&<LEg=_
ztd^Dx2D9UF;7M-80~(^kVD9RUQe2Ud32Zwn$@oh`^Mio6?>7EZ-?5OJu=g-@m7D)~
zfkoqOdyjjzjFIQ7xY1fT1uR)#pdA^*szpB(NyCY1TF@GrWu%g9fXB<u+<>ER*@X0~
zzc&!WIJbU()$UdImsxtNPE_MQgd7yLQRcQ$o|K^@&_dl>W`Y1!$?%o7;_NZ-dmC>u
z-DT|0jb+B{im{I-yc%ot%G2zh=SqEM{UAH*J9zYJxNlnd*5kPw<3Em+<+^)a)~L5K
zz0UoG1<N5j(DQ5^#4;eA#zkw<+oLe*?mO)5lOc#i2ym~&cK0<$eyYp#RB5Q$svOV9
zqU?6MQBc~rLp^`zi=%J;3k6-j-yi@>B)~RMuwEx(yh%N5MeX{1X7vv3i9_*x>`oM9
z_#2jjG~bR5dTyFTz}6-@iXiicjdhjJ7dmMWm5VO3Tf@DGHW{mUu<ag7sJIP6?;73F
z;z3JNXR5rb#^ok$;DE#M+(`@>`?rTucegf@x3;GDSJtk=+k!^jfS~AW`qv086oft>
zh-ljzhXQrH4E*S7FIuTo$YK>s{?w$>MKX8hwRsf@jE^>or<gJ*MVe>H4c)JAb18=K
z-nh0+l0F&uy{jd$t7rHl5^#o=yrsBUZSmtz7wr!bF9M^+yTrjJx<_k@5;tavoM^WF
zl7`(&)<h!dGK)sinzDgm4f|}Q1%OKsJ4gwSK$iYn0AYUlTZ5jvU)W&w>Qr81lizE*
zL9Hz>MLKum=43dZYMiJ4m-R)q3_gpCxd|tn#WOa<rjeq<1J5${zpq30rONb&FSgru
zG@CkX>}(uEbX$XXbze?RSyD*#K)aOiwZR_)ER*NcB6V?!jr)2;5ciHESscb<AwQ0N
z`qiBbZE|<J4PVl4YW6&+4T^ldy6lV%%4q9Xr40id(pL9HOREfiDXov_8L--i7=YbM
z4g)1yz*muPj#|gNP$*lQTSM=G^dQ7GgPXMArt60Vns^RSRczgqk(Ip@(+^EY|2z81
zDdQhKt|UN)kUWfNhuF*D&WIc7?w)epS^cUiy8&6~;@5VDhi}z>>9h?=5haAM6Q%*P
z1(Ir&M=awFc>AwdylTIDpm7%pbXfqIIX0HB*{|9UVb6E|)E*D-GzN#2t=M6k$BE^k
z<A&YA69-T{^1sx4h>l=K07-KR<p4z`aDb$Vyt!sE#le%up1g|QwXF|V3qjJph9sa-
z;$q3@NXzPTzADjJn~=yoL^4C!B9cl5SpiXgOhh9hjQjyYD7o>5l~AAry+n1Ex1;Yu
zT*vFHgHE5-BQ|WKZtT`7_&oltlmo?A8QLi$?>3TC4DPj`x!)==GyHD%*PVRA5S81~
z&<?B4DkTPXn*MwlWu?)}QbPxzhpran34?#O`hLt*Wq1BwWpGJM4Z7!%{nC5jGsgXb
zR6tq%-dRXz$lA_dNjA-NgT}BIe@>a<1uzD6xx~5$0d9Mv9nQ;X%P;0wM5Y%F(I34W
zy8rdTyA$K`?i-><1!wgC-d`=?9=~P(`K}tt)e6E?ZV-fXQNh7jgFo#0`#q@Ur+pUh
z%`$%CT(yA&`o4jY&&}f?vh|#>VQ6)qqePY6)A?WR`{1{;X{+~lEH&FB&v>yJCuq>7
zeB+G+Js~#)Z7x$;N0HC&)R3bc1(?<)ynlHapA!`1{FQ%lhc;eGg`V{oZBbIlgCa2l
z#|afM!=VXs9<m5CnY<!N%syWK1$%4mD_%Y6B&uDnif}2}JH7%Y@=ugW)Kyhog;?E{
zh!nV-xT1gsTV^WJagTqB{1n0j4ni)<of7OgEUJ3|4w|-baa2(l!mg4q^d}#hJ*A$c
z4q{!?wxrGd(YItWNW2sN){tj5?dbT54A;3gJ?J+~l9@2?dpDrqffuvl>hX;2njQcI
zzBDUsz|szb=#d1%YrkD(K0&L57XzS8j=Ol%=^yApPOOI+;Q)GZE&*}w)Y36>w%Wp&
za2u~Hlc}HX!-$>64wYca-4tdX$+}B+2T-UEQx%%*3|Y4WOK9!Rj*PppW1c2c1@oLm
zsJOchM+p&zObJ#6_ZW2X+`!OKD6vGuUibev3MS8}r&~=iEh~M!ORl;n8VzhWrg|q{
zlX>KQ5EK8qib%b2I$u7aL@J3zSoD7zL$BZ+IavMl-pNPTH9v(GC?wUy#f;gEl5#0n
zwri64ax+V15X@(a%l93%4A!uvjojj@oaVN`o#Hq0CpY_<*5T4$u$eG;d8UZ|oROj7
z(>=rwPL&BM^S!oJGxt8NFhv4p?s+WcnnK;UoQB=4mqr5Jx$AUBSmNZ+cEd%Rjkr@~
zhE?@SxD>%8IrVP2$sauNdMTU`Tk6I$mS<|?e^NT(ZCVJWU`YsTGXq|<Rm1PX??S*I
zmrE7v%W5U9D_-zw+Lagg2kfrymckI8OI|hua2psDq14@@iwaD*M5gneDhUQOi4qMF
zB&l<SY{w*PgiXnjqkMP+&SMFs(|h|Rd9N?vpQ(ZEF@d}@`S`IJrH^D+nk?Rq;q}ct
zbNKh>`1VtO9~bak2@oJB^6}SXU>-*`wUrEQ8>k-z1nTcu{8nvuQ-uq}Jy~lH-2shu
zEx!UTROpUc$H~YQv0BGr<ZNY*XiD{lqf3yJ21Hua!Qt<U>B&1_nB__V{6ER%t-?<-
z$hpUvS4CG6Q!nu6>hWP?8p}m5Bx9gJ47Ip|+!*THJCgr>y9<O%?Jpsi;`JK$<>0OB
z&6|Lpr-%0-VNWinSLTpUqNu`>9v{%rrt2wj{nNaJ5b=CK!<vIOlsZ@|o4t@E6mIa6
zo6zcG1bP~YCgv81*ilpJiwaqKdcrG(KXGwN1luH<7v)y1t1B!Uf>bPDEfud&G{XR3
za2O!#ATurdfX!}7+2r2o=`;9nAIk2mzuU7qp-Q2N*xL!cFwH#XeAhBN|NCB&vo&VU
zOQhmC%#XF2tg4YIP)5#Tt@f__R!anc=4s5p+2dv|S&U{mI)+!YLTEsb_s2LvS~=12
zlaDpnmE5b9wT57Xn1hkL&(BEjx1^vmk#J?DuAcUX%=MZ&OHsp{4!lRBo7&c|P|<@R
zwc(a7*%+1bM!ESB3$DG0iyVaO$1cvD_3eK=ej2BYA%Nl$$HlzY`nR-=hfu~{fkJB_
z4o$O8acO7=`^19RPy&x#d9-AJ$|ebrfCW)q_+Q5oB#^YmU*%0-aWFPcysLa+Pxji!
z+sMUW=p@l5=bWEDlih(_T%I{%Cn#)jzp`irr`DwMke%kdI#tFp78tKc-}Sb^4;0?r
zg;B@1eR8a(?H5P|Y2n2OC@k?%W8C*{<*FLOe+I-!jW={KfyT(j8yFQTa3~2r^kM$Z
zJ_`l<d`G<}3TT*v*(<ji>i)l}I9Z%7D}Pf-A&ocm*G0#U(a)cpN;p?L1~hU!Ecs>!
z-WZyMa~Q@2+rMf7C3;TYFcy1%m4NbKTAWJm^L|P8DxUw5+pCepZkZ>N3PW;G#%^l&
zG0H1oudAtm;GxZmI~FMFce>Y?TD%rj`3l)-X@?HVg~<Bd$_m+GHE~9jdA4U!1XD&8
zn#y0Jz|I`nmaDFDXMKEKkN4T~V4$*AYSKP~NGs9O{i*d=y`CF7)_(#7AE9tvk_+D;
zYcSey@3^z&^uF(vfi``yIgfnqxVqbAFnGh=ICxLXfwzUSSLX+cCyQvARMb^W-o?*I
zUs^Kdh)$BReR*?@rM)>)5nJUKp#LrW7qK<dc-CgL^yH>&R%x$gvoszm&(RNPS5FU=
zJv}F$te4xW59NLb?*ZG6X?k6{N4&8T38B|?BsL%G*{O<yR0wIuP0{*XY>BTl5=yi0
z0tm#nuXeuAlN;LpY(Z2hWsA2p`<%x;hQ}aIVXNdS%*WZS+}`RevKk3CpN9opKm;NB
zd%k<W;M?`$!UBzUp!`7jX^#V#+97>klB2RrNaZ|ZmOwMDm|sVLYI(C0^)+2i{E6y%
zoS`AyxO0=E(VeEos!TesswWp4R*{EKBOyoQdKVP;Bi>5=fE&-i5TLvvcf^7rNZE9V
zpJF$}%KR=8|D!dLgs797D7C1xA$8(w4~$orr%^YP*FC9GmcYwy;!Ltj6||1HUOGh!
z+F`@nA0j(ms2D$oM%_$JPah5+O?Dc?J*IroU(7%E>1$nv${AQc=|3F|?@L@&QNTX7
z1}$X?|A3l#z81Xg3Gfc97PSBam$~;mim$7XxWbJ{`;9^T_?M`ljBITURWSAaE${vA
z6FKzu{@?|OjK0HWM}R;l6XUpt`zz}n5VfUlasi5zC*w}i-#e8hOh31O>o9}nmL7DK
z6y++SM$}%F_EAGthyWWLyc1Atb8^7-%ej~0esEe|l;gGBH)D4sG_&gKI#^-j@IozU
zQ~3B5F!SkC!=JzB3j)^0{y(ces9Uu{C*|vd0CO8G()oGv*S2g^SvN|wPWBs1<khD(
z-W5pIr`%iOeZ`llq52Ls4p`1bB9WMO2Nnz8RL<)<tC3zN-$rCHRzLn<jJ;J<Tul=I
z2!z3g06_+VOMn1_OK`W~&fxAYf#4RL;1(pf2N>Mlg1fuB1PKm1`Tmu2_GR~_Ik%_j
zTh(2DyQ@g`h!WsigbJh)Iu56;JsNj2VjJ%w;6`lT16|v+*lf(<RIgdC@m;!RzS$Zb
z*T>iWhW=do9Y~#xT>)WjlnW5aM!-iyi^m3rSWeKlnYHWJ5!^b3Lhkl%b?}~9nrFE{
zGj*&#+#4bRZE9YS32(3DZ8VVa*vJ!yM-b$$Y6>0y=9&$p#EhN6aPUy-?3<HY`FdZL
z-rX&w@lqqy_Nb6@eYom!&7xyq5@2fnM3<7^%Vxz6Z-`)&{$+2&MylBrGF)Stf}?{k
zTZT!C;T-XSt|=%y)OyvFxJ&mp!J5qFbecUw-RJfa(!1B_QW~*$Dtz^iM{r63hFcPv
zD$Zux=<wP_dGl>{tY_O8RTl<$G{mwxI;SQ9C{oq$tMtGJ1xq~$Nng%JE6N3%RX>t;
zRtpRSRz)e`D}l2g?zWMrtOwq=KSZWGQ~EqjN}aDg*J>sN*SJ3r0d-d#=$6dQZTb4*
z6@zGcjdrIC{?y&`_=)`5{d|7TOkPl8%z@*+(s3U4m?u$sW(XzI<9bhvE#xc})WNw-
z$(+fNj(!ISD=0X8uQQPqSa;nLRuX%&VA1gCJSR^!$xG69W*6y1<{lPYUcT<z)OdIL
zS|0=8t<4N~ab!dCi7-EN8igXHnT$qB?ZCn1FYDb_%=#V|_?LR53;0Nr<ZIucvvICx
zqz*ouP*T|2T0}FhrMpwYV~S1NWA;E3CG{7K;QZjD`Mix9i#0!jLZq4FES#41A=x1C
z;xn8C;O}$G#i+8+L4rvEYqE)EkkhJZtSv<gk(5jg4-YBZbS)2VqRUCJQ&3tIgo#6<
zbG_I0BR-#1)Guv&VU>h9ABgOF<k|>XkvV}m&6n0TsRjjyq{>f>{XQ#nAm2M|CZ1P|
zM@V*c^5{^Ia>=TkoYS8}yXSW>?y~z%*DbmxKQXLv>^yoS%}hq73Bzl~DJwVymR8j~
zU`~V$bJK!~I;DnXRD@k#ISq+oyNZEnZ!aZ7fR!4%8twDpT_-CnJ#o$kGZP8sBUZ;}
zkFY8wNvLDPc-2NYYP}U69H(IeH(j1G`os3Sdfs;NcQY$M{tm9_Rw}l5j`8>l^#O{{
zBVTB?|GItf6z*Erw}53d(j(K7Zwff7>d}7C*Ozs5iJ<xHY0Z9gT`%L1`G4WnP80yS
ztG5Gp20*_mzS(l_LT&pREO#>rm-gAhRK!_}?RIs=S}xW77;?dFT!lw?P{6Tn&V(c;
zp()^FNph6H+EEY)pw`Uro2X5O>ka)B75uQi+{MrQA;H;oDCel;yRI&8W6SM`qcU>{
z2v~&VN~V%!5}=&;zUra6Dmk)x!YNk90f}G!QF6wKEK3KCyx(7$kVdR&&eXdazg|+l
z^j)zmkD%^DzF;-dq$!lgcdp|7_cWimG!vbFOwxyNwyjWgp;#mI7I;)E`y&Ugt%0OY
zj{ip%^kOy~w~FAiR{!4o$xD#ow>-8!J)iJ>Xl;v9ws3jkGU4*uN@k%S42TkW?@Hbv
z(DK(4HaakaVU=l2^d=%LzE`hyc7LwmX6@kpIWCMz6$lVsbuV0FC->ychkW&j<_}AG
z;~yNVo<K3CX23SWTA~ySkXQ(34~5&qdPZ)c_C#exnh|mJ!r>+0x_a<3mQ7%7CfqPF
zIWFbhj{FlaJ1I-^CU#5m<L{oTm2+d=Asmn(qZ_GUIq0zb>PtsoV~kfAK={|kp(Bco
zdiLZK`r$QZ?J}CoXhg<EDRX<ev+=XY6*nWH(L*4A*9Ma&^X|L+Sj7(uN&Fm-mL!Sn
zoLmYv95pTH*O70r!l~ZL#vP%7RDKNDcekXZxPT)7dDd%AXTJ80#q4$;VaD^xrD@K3
zrnKm27mE)wo%&nt?yT@8T+Jb&p4bcO7^gxR971dK-e+4HO9O)j<jvphbEf<(`*%?J
zX&M>tv8QYgQ_f^6;G$YGAskqGu&$IU#p}aoxw7lI`{s4yl>vcX(ct)}s`mt|8oo#2
zNd9{SB?|cq8MB`hVudqn2U~S~IB0Z?gkqzTIvV8WWIc?h+^nX`;)#i6EJ-?tt*yT>
zc2NwQo5-7X_V<Kae}Z1T=n7N8fBxP>5pCQh&9q)~i6n03j8b)BwCI1}v2GHu^qCQn
zR>Fzxpf%IKEwhp2X5E9^ghBhs5g5!X^o2N+2F@7WuyS~C$i8nfU-$jsd>T4V+Ye@Q
zaqF%h>-o%4;6{&kM+XPLIe{dJ&rGV6?~2z738g>CF;463AAkNQ<RXHF66qm#H|I-z
zf#yVm1+9*rG%Jh#ZhjAIj~6+qW=1<>`Gd8r+b*c2Q>HP4!=Z2!46XcQfu3}YTVz$=
z*}*vh!(Ry0zZ(lg9d;dMP|kq70%Vp!9%~@-mVjWYRrV49_8<ckuJ?=n-3vB;=Y-Mb
zw5;04j_F$n*0%3H#!Bl!%$mXx&33l6=---TK&ht;&CzwBY`?#5W*Mw5iY42g#+o4;
zO5;WIHF?r<2Bmgtl=A$^lcQ0N*FTYVk2HJU9qIS@SU=7<5%-nCV3R39uHs-o%k`Cz
zN`1>ygKX%LHfdAD6Fhm5Q8*f$sRe3fDp)j+R8FDXFC<>t<^7$+w^&S0Eh%M0@_iAt
z<5Pc0zrCT6tC#_;fpxzAMPkJLRx!N#eR6a##ZQI|zsXk!c}hQiF4G_$gDE!C>a&xg
zJNE)&W5PH2T^XDuGZXR$M&RQ_7qr9hPvm?$dT057u9p{+QRW+(nJ%TteyZgcQELm!
z4Cz&Sm}ZQwg5HQZmpyOW>bA#X!Y<ZrA{ytErY>6MKOx7lh<p=!@u^ad(5<(~2&BAl
zJZIKM&IpG@<IyRL$w~<0_;~T3rz?M7?FvNwtT)A4rOc-(vKtxx%9YJ4i-89^%T@EY
z06mZa{q@m6fIe#EAZ+5CsN=26{B(RSANa3fhric|(Sqf*g6afL=WxB+23bmpT4Tq7
zPa&SWzY#L%aLEd(_n8|0XL+PB7L#Epz?AmRX|8<BR5-_ODwp~${LNw7e0-X7@plzT
zbsRbx7VPjpXTx8h%7SgTJAbaPmk3%bq|+G&ovor(zYBDUvQ_;$3_?3|2`MA4j#cn;
z5WZ=%34>l-p0MHH<jn@Xqj&INwhI6T+A=j%IGE4KhtN5}s#H2Qx72;Xy~_4lT5t7G
zR@|I=5%130(~bfQS6_+Mi`13<BL$=4R)>tq1EJ(4J!hmnle@FET3!BE&p{94O!6|?
zBqOQfXgV7vmiMEJ2&Q?sSQ1HyOKtHVzB0`lCF{j$CC`N+*VBVKb6OIU@0-+T7jVEV
zD$W^{@Ff76jc2&iF_dxUkk?U1t)iWB3W3V(%1@Zxwj#Kn;r#nUE?=@yZrij@)RB8W
zxU$TMW^$&ZKVQ>xypJYxpFu4o4r$P<IK42kN!TQq*tWf}s&&dJ2f{%1Rt>0oZ4&^)
z!4eRGap0PRpOQ22lJ!RSj)>GU7inb)S)WbG+)$LrASQ82W8KB_1-%<DcW=H|7{QnK
zP)U24P;P25K&&k&+{}E3M9TWt3<E|7?**8R^vCn*Z{O4ws8#IXl*Bo_O;PvdAyx(S
z27GIbeefFOX*}624vz<G8YpAjy0PEvN(;@RM6EcobWWE&aD|VO;Sq=k%?+}myQ5T)
zYWbUUZD0O@on-S@%sbt{*ZW7e7*$w-5KBH9?CgHMZX_)duGu_GMVgGdZCk3i#Ayoy
z{i=Iwk&=av9c15Bn+jEoyUtr`y#2U7=&Yt3J6=^uf3@plP5!P?*|aLBqE#!eL8AKM
zfEQ#4SN?QYYVr%E3NW%gxv~&dy82^wRXXfv+b_SZ*Ya8Xadge%l}Dn-bic+Mb1*L3
zZU6j$Y)kd55oJz#P3?BWsM;syy(Z6!GAWUjKX<Hzl5d$<JS*<ceyb11VUjLi{W$0%
z4<6zR39u$S6`7v2(G#$SAv5-=m^bMD)yjQPs|7z=yOozb8JG<0V&>1u=1fjBZFG|L
zTSuXZr^uR9L+chBuR)%k<PBTILKmR8`15?knYXgWdoOPAI~u?-VFnhKf~ZxjDMFov
zbYb;m^VO&(THk%`ZJ3SPT)p-E>vohr{#Ns_71RDyGsEpz9>NVSFw<1wbsJkksrF=<
z&KT>({Va4evt(M#ZZc*<;CjEn!!?cT`rckD%ER~9U@<^1S+{8m@mIk*07Jejm*Iyk
z;>es%U}4^Tv*#>KMP(Z26bjV_1B|VwwU#{#Jg46`?q#iMlwx8`)Z}D<KYLsE7OG!8
zh%y<?<#44;?R6`s4&(}X=VOdkq#N0oYFb?)u6+b;e7M|Nm!#)8<>n3vcovNtdUm{j
zj>q6P{&TLxG~?>#*<hS3`1PD|X5S(Nr1rJ)_5n|%{T(pPApt*L#=1*i=#AL<u1N%?
z>2bh2*POg;P!E~pqbJ0jzm+uUXW38=Rhcp+1?pHg)%b>Yh?KRrK5{*xyj11!k^27(
z@7Ew?MC{jx+pc<OXCM2rW1f|Zl5O-P89ce=oE=+}mS~v)dsJcIo{BJ^=_q=SXW5}8
zi7*wUW^l)8y4F|k3UMtT2bGCO?`c_@GyXwJ?B)?Z_bUX5>?^&_`>A$fvBtr7k9v(>
zz~_rL7wmQ%LoONOS`<KdCaAFN1~=`B<$xAcNdPE4Fryb0JU}Vf7axX!T=MNj>$k{*
zWs&qJp|>0)Z51Vt|HMv@15e}++YeDY?ExyQ550cKo}TuW<ySS%_lwIp&i5xv$?cSn
zVuTT}$k(qk!>-X`oEUYEx@VQ37{K;4`<uD@E1l<DchA88B4b>5b)VY5O^B3;3?S?w
z%y<Z$4fVl75J&VNxMAxspY!Y)LzAxJq_;ig?9za!U<xc)*sv35yy+<dc4fL4VHu%c
z_puO$!j5wWSHb;k7wH#@*3Tpg(MTERGWjnGW+=dDf{guN+y+4-K_4AfKkcbjVnpqK
zfjRJ(I}L)NdG9aCCh$O59O-!14;>%3;)d*hAvD7uk_qD>eMznuITu{U|3+-O)2;`z
zf_Sm8rIh(dLi#KS(6El|djAV&&N-w*;li>^o=pYjg#NttS>2caWKUGw6gOglUNp9m
z_I7t0D}%AJeEe?`lG^oNdtZyj6^$&L8su26*AK5Sjou(50vo37++fFB=L{%pfI_bu
zicsI`Kwgk_^W(5VyZ8N8U*vS;tB)^lw&zRhV|3oD#d(zHGFLtSS?BE5mc|H@s#%I~
zt_1Z&AVPjMS{U|`DXe5lkeUJ&yoT)rofl6nn;PPRGPvb4iA#K}(~&S^=OfhN5&pXR
z;7afe)JSI1(d)C+F#OJJlGhkl>bu0?Mu+g``w`;NNx8iu9(Lk>M2f$mP{-{aPZpRp
zjyRrO@XF5sMubQY2fOyZR2BthXw<1Hx&|cPdr)_ZW(%A2cb~74Px(D7gAqN?0)kyX
zq}bGf;^n|s-GQJ=ja0(7$?q(S8zb?X;D9C?*>J$sw%`s}=_3e=2JldhFX#QIlCsrR
z>caGpxl~kKLkgwr&wbsmPtO^~M*9N1SF@spdY{1FF2W0JqU^NS+n!?d3}^$WyD|qE
zl~k<)A&)3nKqzAEg>n_vM<xG%GYeKhuZA7OZidISDnXP#KCFeABI7P*C$*2NGrc^F
z)s%-~W}V<9z;CYrJ<)I9k%J6TEjLY!VK0UQ`n^228gDlEk(92xjd?pzB;*n;3Z23~
z(|Ng+IA6Lu^mWEm+6%Q_JKmh#q7&@vO_+qig#~xv{@?F^eG7Fo_X6J9flt~-{~n&|
z3xSLyoE%<?#HN)vBXxbLMl-xbVuXl+6QcgX!T~fGKtzhILT@PR=Q2Q8ux*@BjxoqE
zCnx9rRFiMi*-~}dK&W&{Yw*TXy-K~jlJ*CuNXa~ak8xIY@JFH=tX|6MT{C&F3i~w8
zfs@<>8UF;2LfDOW-79GbED<1;$$vP#zJ^x$PgyA~BNO2?Xou}Ak$`^>zfMh8qgN^U
zxZdBW7U1eA78+BOq*a$-CD^y>udeC)_=rVNYw7wN&z8-emfwF0oqC9w+U0A}2%FVq
z9>`izXHaeU{8m6?kL>B9CnyqsKPkF0H1xKfd6c0C3de{DN#zEhX#fw<ex1g=ebof^
zR4Ltdir)WuneIq5SNKR>A|&8jUw3mdrdXP2th(jb>LJikSLd@|r!Aj!t}C#@$dhF}
zTB$$*${t_>@wT`7*76d=PFT_q0Ub%aU+}*2-_XXrFn4ypF9$h)XI6YCuCkY<Wxc*R
zJT+XTd0Vc1+GlVs=%aNcmvjqRTI#S?3`xJ+ZEHbz4AAv?*elYUJp@vU#H^C549vI0
zjDDSF4?_gYp@KGe@17VgzCOU*){Yo|fG7)%q0H-sc2N(42+6xFD4ZWM*4Av=eo?Pz
z6?a(hDWe#~ecHD9)%dkagUKf5^`URt+M?8ZEB|(#znlx5*Kb^(>Zy^*+iBmih=W}n
zfwbpy*1hM=TOFz|SH=kQac?kaD3HKW5diM?71p6C0vrU{CTbBLmLWPf8Dlvs_aR5d
zPF@o%inUY0Lwtf+a<aR11B?Xyh#xe9p8TF<J<cqrVq}kxiC2EF&p}nfv7~yPWDx+!
zu`5LQkfDC+HyOBd9sZlPi}B>>drxdD@~~Pkrg1=v>*wVYAR?-whQl1!{QRf4%@5*+
zI6FZF3e6#>uGN#?&JF`;eYhsRoJ{iT#_*o7<LQQC!1C9x8AT%oC%;kISw|Trx(^@(
z#0H2z3KD-`8JC(;{)1d#s7W<X39~3tLSI)m{CF%;Mi;0h_<Z^W7-KUAX9B8UzF}Yp
zjnhHi6MJ2C?i*qB&ggDnJ8^ls{(3DKvMan4D)<)<`1*3xQ)M{EX5^|3_SdE|G;%wS
z5Q6xh8e0zIuFjzgh2uuQH4Gq8V#F9g0LC52yU`a}3A${ZVvZynUcRhq@)d-HXq<Br
z4Z4H^@<!(1O}Y^X3~ZzNnJ%hF48mqd+HWq_Y{@{vO+Qgszdx=^_8Kei<=Js6<OG8a
zAQ0AHPR3m%HPF>FS3g${9fHolbj)X=O?6g_FPZro(LT|Yq%ms)P-5xFi2=c|r?|+v
zk|7@*p&M)X8A6IM(-8$UP_a_EJ*h6ws5J%l%h`i47M+))quN(RtZ=V8C9?#5XH}oO
z*kifar9s!=wMKW%I8wcrBgxe<K?{-m$kEg`4FVl3)F|eau({!8t0NW4r30ePw%fQ^
zqg@oPdA4+w6)0GBerAD&6lzGQVn)+@IY7Z;Zq$P6Y)U_6K5K{b8~NqdBmmP!k~W4=
zJK7?l`2U1h?s0V>Atu<oNxwexOmd-kF_RayV6`z#e&&UM<Z#wFDfMFzxOS7|R!nmY
z1DL&f;vmyvuM%-;#A?$Rr=^QYw;QDT3q;xa2^1Y2!E@BM>#Ys`cD;J9F7MO&+Gb;s
z){p@Y;zs^rvgC}k4J?<)r^&_TEci`$Nzd9!Took;a{<G?lTfv*bdMdlGh*4&&5o=<
z3ej22Lu=FN=ZA>DO#h?r(BR*?s(G2!grD$@AQ!XSlaB<+K~`ChUoWft#q79nQ8bRM
z^hZ8+$El{5iVBY6)0>HxB#rANx|*anIOrsD*M;fJ?wavrI#l=J*NVh?yrv^CN3N^A
zqu%aBu>ABGI-v)eYV>5J7(Y85ZGLAakitH?2t&)+m<He8pL_}}OTaVz&Ks3j$>%0z
z>M&5+lQt8b^VGuIZ%KdlNVTD6<COLGxN?P@oE(<pg1rlY`8aGrw0Q(p$Jvrcmx;Q9
zN=Dj3C*Ih*75-S;@i<E2ER|%+KJc=sJsbHqSzs_#KxDnsz-?t7@uTKR<v`x;A4l-r
z`oDeYD>jFHhkBUL9Vt4W$As94#wm^CW|R|K<Dv0Vt_J*2_=lWj>*COFXA0WlM9w!0
z6E;bSzlXh#bx6JgfX}D>-_YW7ja#g6%OVh=hW$M@zX@$eU6{e9&XJ!KjdNb^>z3cM
zUOHr*V)$j)-6gYop=mdIo{wc(DB{+0^7#;6r?y-(07)_lVVC^4p)6%oI;m6pVpXws
z+FJ+yUxcbAKAE>I%NHjNr=Ef6M$T`^3`J(U8TX-6x)9YEU4wB(koVy>tPYz9<v5L!
zx+UYBYg_V=&ycn1cOB?-Vbx+RcZBR)iGnc)C$pM}&kdj<DcsrGYi;#vKNDf1uT=&8
zjKfpsl`{Z-3~;9#j%~d~EnxwtU7_6#a-8E9-!g6G9J(Qe?nm6I$#mKv>3e+K?eA}8
z+>n?$xK{+6;>2#s*5GG{4b(Gho>H_PE(Q6Z)@8Mi*IRv3%tekCUCSnB$2ntt3NbLf
zxNQXgN!yIJQ_243obhC^6}+FDAsL!HjN8dYlfi}}nUNS7&Cm(g|I59_O4m+}9B;*Y
zL+E0(n$2q2!nl9>edOkVL5$S-_9o<_DTbB|I9}3s1@eg=F6c7@ny|Zebs^9)GNp%6
zmSC3}gVo9qPVGHDqX|?5qdBuj)71~zE`@Sk%mX<yu_F?#`B*_PbeAW9b$ECb>Q<pF
zJok%;b@(%c5=B~!;GLe$RvdA9w_c_h8lrlZ)%T6`=aV^Fs+^H-6+UGhPe*4j!0~}a
z$kH55`=5=jx2-(vNrcxBEg#8|LM%Q;7>UM&1s^$oKC+e4NG`h*4|h%8k97XP>=YJH
zu`Ax*AZhMQ1^d=URhIL|PAZV~c-4LhccCJSAr<ra{BdtWJ6ZzX+S>kYRc*&Vsn=7r
z;X<Y;2nu^YzG`kDDu_Q%N1-+!4YA|LKg(ZCmcv*qU^5c;{4=OuUJEV;(IBd_Sq5z=
zaOr%LV6!BKiSRR9x?QSx+`*t?`pNBvyfEL(m)Y*-&XTN>BMYZ$<rAY#VJ^S1!Bzr!
zu!ruiHZuckpYx;J+AUpQry`g8KAW%i09kf$cFOXVwiTK?s8yhXtbNh<?zq)i8!QYY
z!vyx0n(Z*u)M)NR8FdY`fXfOc=1Ylv+<DZ%+SeYhKith%1zIgNJsGTd%h-{+{^84!
z5(BH3_D}NMj!v34DR+M@VC0~aeLVhi;KNT06ukYjV-i5PMCb*6D}ffmeopj@OGno#
zqz|HnGaYvNQ5?**t@9p~buz0xES+IQ$@MHoG}iTD<$WM$JIlYFb;row?LBYD>7hC6
zLHPa&zula))x9n@9#OppZ(X2Yl<V<twq;shP#(i1;*Iy)@q%s5p${gzV*917J<j04
z!d^e$Bi*E1nd<3!dfAh(qlb}NG*4ZM&?_Bu;MuX;N(aBnME4KF9P_v?rIyJsu2O<T
zFItfKEkErb!*)8`M(U02r)3dG_sdj6!3!A6+DI;=FphC<Cl);4z_c!DG@#?3Z0$@s
zPgzt-FpG3!YkntjzhOCdukttI04ETnWBr|xNsDE#5fmgtHFOo1T$mt2)XT<&FU~XE
zezx@$3b#Dko_^_GQ-cafc<I~kPCFf^ErKvUHMWzQlup0B@9gUC>MBA9N*P}R+N^Fm
zYT5hsg$J9Mv*jx0sr!<5bbpOv6ju)yW^yFVH2pOuyiIQtP|!GXlL>2L-gkYylo0`v
zv4$l!)?HEqS-hK^83K^eu$P_>H}o)&2%@ycV~0}G2S-@}1Tb8!Kb2bn?SuiTm`^bJ
zJsGJjF7;l@|Mq|5`aeA~e8VQS9u6q9?N!)L;wn-ubqYUTD3<`YkuqEuSCqV6GMtds
z+t>xC=hncC2is3Q-3^PjB*yT&Xrqn68S<7}P1<m!6K`M0hp+!`Y=nK1_uxwF+zBRi
zF5<(mywmyqBR+kUPt#qu7V#kr0zo0mvcmMzo7u`>@o?wC<!K@bZ{;#v)UaseETnrA
ztySr!`rRfGX=yw2+`};?JL)5fG19vZe$uuWsjfg~AO3p?1Tu|&L?S-Lc&jB%sEKcH
z<ZUA|9j-I%VK_R~=t}T*sndl=WL6$DVRTq!2w$HLkrY=;M9>kwHOgspcQvgEBGHl$
z`r8TwLimk&@2;ow>UOjI^wYhZro-mNK7ZnNerI_AgIb09>G=r9EypdJRiI%b!Z34x
zvSoNPNe5d>uf>;a{+r2M+3HuP=;vWXg!|4{U(Ax&k02ZbvqKj@;n|j$pf{xlZWT4}
zf-ir(Fz(kmj^^jPtHRj)o^#k*j|IFnN13^wVkMs>!D0EvOkANSQOPvwE%41LSFNtX
zG~4@uVcR*%GXYjCpqM5w{i}%ru7`4BWOZue->tq&H2sJgscFdpQMt+X*Q3F9mY>gi
za6rVIwc=AmWwdu3PflDVx5d*NPV$9S#_&;EF>b1n-~Ak^;75>O#K6S}<3M^ds}2F!
zl7^ae%?tkY24n4KTkRj0tY}xU)F;nJV-~Mz&%G;1_I>3wmr&*&bt;z-SD0&dTNO_<
z%JE0CBUiScW05fDyg5vT(Yw5IX+b~hT%#q?JFc*(_H9d+Fb>nY2^Kl;D~PNtUrV8V
zFN5v!*K6{4w%6miBc^5Zx2}aL2Bve4=SX^7)?bp#E5Tf6CY8=@rz0HeEd(Nbo>Kk+
zdd)1LE>^w;`&^rQ5amX{VJzko@_L4g2YLaFfdBrFS^fSqgyi+bdz;?VEqUOUuX<%L
zE}G*@zyI^ig__iUw{*%FCF@u4IqeBsVZX$s<pk23@P1M^U>#)X{lXcQnT0=K!9MVM
zj?jyLU}8?2hGx}81`#81`WJ{WE#NSo!TN|$hrv5_<41<<_*oi#Ew<$caOa<3qDhr~
z!aBAV$<b3gE^9uj53>)KF1$)(bs?|beAw|2t>KxpYVJl7tHWL1vhCq~l;zV5b!!s{
zHq6uyRm^?y_@BEXaPM=%04mO@Q(0g&nq7WQF>u6g3Fe>XZRaneGm9MM7SM{c))izN
zc6*<UX{S{F11C~~l}cT!xdq*gIh*?p*xzm2S<kW>g58&)#%NMH(`P*Qe3C;O=O14s
zS)iDs6jY8UD0d-;QG`NaNj+f+@!yV2t^0dARxo^;_IU;Np=f>xH!@f**VYJOIG~2N
zz%76oWadPXKl_otH8ts8BWU&y02p-I|NTdyq|s-X8YGJby#C`wBc9ZsPlA8(f!ge#
zZapH=+=-^WXhkabi{DLv(d<<NVq=l%!9nfX!fL*_%aXLuNOo9yk=2{{d$?<-goQQ#
z#0Zn-EcdCWHXh4tV%SPdu&d{tHO0h?A$&A*;7Bi}m&CB~pm^`8owX&9r-@+Dz(nXh
z(r^>y0=?#f-jnxcdb3en1>hEsv3jARhPS;{%^AA-wI=61ZsNE5PCp1?;q%phUX-Ed
z<>P`TtOlq2wBiF(U*W36oXe4^;jOjxw~vRFvkYRbwo1va(;Hs`{v!oZ)`B)&nUmL`
zaT-!aR47XUY{_gkjNPY%m{@&YW%;TeMWv?dHjaTLdd#g)J*g_NEq(K9WR?1N{C~Fj
z;o!N6UzL)z|8ezL;oMHgmJozdP7s6uK;u9HXFDQEj!IT?p8gB=!2j!n`s3$byd+NA
z0Lp@e|MjG~fw2fUiP|)v+9>};f2_K?uWj~I)<cfSPBK?jmrj~r2cgB$6DjW;x70|a
zlTzpqWXMs9-~R0@L>Uu4PL+t5<t=|fN=!x3*6zfYrxmg|5gDIbTtXfXryXD9)vlS>
zu6YUaS^M#f>1s}PT9e5aN0M`(N@nYR*xbRMgW7bCo+5vySaIBJ@FH{#g4y-i*+*3u
z`&sxv;S-1Ac8>q`k%L~YpzuH?%`?VEoU-HQdymZ8^4ARpW-+j^hzOYf)ej4}zN90q
zHbt`C)3ZGl!q}NJhy_$q65<BEoaz|Cdjiw#kDq=id}<+BW1co=XS5rD7+bk%G*nEB
z@CyGo$y1pJ@a(>CJS(O}Q9(bk?2(|pBj!u$sM+D&-Ax@+=AMD<zZtQB6FN{PHy=Td
ztG%5a5}yb_i^unE1%)-&*WD#eL-?Ug=|(@o|7H|+FnYP#ugFx)YBoq6ZI2es$;)Gr
zlnTLgt9*X2xwRpXct9)QX1ei<0DSxy24GR;o;k<Ui2)3p>?c&rX9=F(VPKp<a{NCp
zpKZ<!EjM($JnRuvG~DB9%WEdbYCt>P3>1`<l(0cB-XLJ>U#^++xsmc3h$DEEtmFP>
z-iD84VT3B)mA8xQ3@D(r=(YOA83BLgi5_gK1b_bwY2<WyR0#|WjBvAhS#kmaGZ|5a
zCUAiysZP0Bg?3z4UZw-N;|f(Q4O*Y7MN}x`Cdyk#Qeqk!idI~j3%=#g#DB4`Dba%i
zCX!kiH!Y{hG<}*4#JHV`U;aZ4LeEUW#>Gvnm%XCp>+Sy39r)#9$8`UuD<XiE5H)Dh
zGL~z_hV`MjfL!Ia^vjhkx&UKIxASfTYS}jSpTG4AwBu)PH9urRysH`w)lYfJfYzw)
z#<AWhsj4N0dIg8-Wp9i((GUSuhOcuFe+YT1J}R&)y9<jWEmyt@npUB~_5*!*GPDMD
zV0Zh}?qkCj$GoRNGxifcLLJx0QoVg65k`1ur!%uUI=4#A4j<7qXh{UNu`FRTr|jCf
zNW5%p*x^wNfo<qj&d_NrafG*PhyW1!Dfjha`4()((*uUsUzlFRm!7m_Ult^E)lPZw
z|3O$Prz5#i$9`OSvg;%i9EJtN2cn@F2jKgPJ;ekDqtBKwE7RDv@}Ef(7b)LTXA(27
zXQb=Md}h6yX`bCw0868Yq+r|kQE4d_2upTXE!sm;*9{jpNW|2<(ou{SzFB>)8_tye
zRax}marHYyDaLg>R5DWRmywZ$JF!VE7O;c*9~EudUx=>awL4&ye6|;{yFfvFmtxKn
zFPySd>=jbrt~pQ5G%{-6O3sd#+{^Wgj!7>GLBWb==qwgwNZW+&)tX@4KzHZr5aZ7J
zYS$k_B<`e|@2FD8&}XLKL9>XK0^16gpvZUH9N}mt8lT5FC6rOnDW8+Gv&lh$B>41q
znN?V=C_t3rtN2~Hk*9vv(JC+z-S7{j<Nh*~0rN)pO8os~T(GG$38gYcRgJ7OSn9mp
zwqepq){OA@ZQ?|6ujsojx<Iv4ZTZmk2WgEZgVKyp!0j*~9(^-cvT&P!Sm382L6!PH
z_7VZ3taFC#9HA1X1LD-c2j=X=Vo6kyLC;9%J=v=-)(SKE(oA11x)B2zQJ9c*KGG{;
zV;xh1a-_`BpWVpJT_aDqeD4R@LwMdkhUKQJoW?_iA2s~K*{C^ONI_hybZMj>=!PiJ
z``jpNr~FKnv45=3AAL2n-_Y`K+Z$*-UI6t6Fn0%<*nbJ2rUtjB%HNm3dEyhDJ5r_L
zrnB-YN3g#C{>?z`63esA|5t~vEZK`F%Vc&hphTCCuB+Of`ADdTZI%fY7z#nbm+=Gu
z4b_li<9*<~$lv7ffia`F#i=*FS42<|dl7KeU?MDLz-jktS?}4)Sfp;hEJzxY%y?m<
z2N)=gu{!+6*)#?F*D?BT-#g_`vhhfga!}h!_74%cIz24LjF=RgTO@~`!phw7Y1C9W
zmO4$qvZSbnmuLMt8&16+Q8I4tv8clmx27U?PTpYs7KT)I(34pU6VTy>Lu_a4#NSlG
z0cI5-aPozh_oo#v0#(^dSL%?9z)wDu1n4)P1_Cch`MuiY&W+(kX6~LbZ0P?u2kbh^
z$hB=pB^QOy#KUM5p66{Z`T~l#0H<FjHEQ816l<2Sy%WK?*&^FsH4FuIea_UM9u5dg
zZ_+K$@-By@v5}`iCcca!1l!LP{M(lr7q_>&gBvtM9*?h?JwdiaB9)FD*XiX*-P69%
zCWTnsyTLSSPJig?nI!?}ZH8|0?Le5SS&QF|b7Y0faWitJCPk<*ZR5vs0V&@Ti1T9t
z<xr)1m)y^Kv1LA|75o2(w(S@-C9^HXgyJy?N!w|kpCMScBnuq?sLF1)sN(}c2MsWo
zJ4I=F;#yMS3!Z`^ulbSz=L3(1a4C<w**+ONjVSe&cAcUCwKowg2vg>C`>~(-$$*{+
zJXa)?2h=(5V||nmf9d5~%_qp;_A_{<yqoc#DX8iMA`nuetn?~*>c5DNXE$C0@HUQz
zttN}R{L_^rD>F9U$R#*m;(hG5VIx3Ui9tg!=s}1f!hP51{Ptt<Fwj`UBYTNIEdLHI
zf!(#&ti?qiD_q4jo$}W^Y#sFXPcH}g#5(J)EvxC@y10bfU9iZXa*^W9(b1_HI*;SH
zj<Y@I=_qfEsPTZ`y-;E^tjMt>F4?3i-FyfKSlhT|t=^5E_lpkVt)!2c3EWqWAX;wR
z-->%uYk~V2c7<10cX|_@^A3HHY7hDGP-$KIzH(1>0)D<XE~_$i<4MsaddnNUH2jvd
zgW6^hXC0`RYyD3|1rN{L`hgAE6)l&zTrfZi>p`*zedN5+Z!x~U7ZDc2qsD7vqC~&y
z>~qf5OiWWO%s1TBGi9Ss%-5zaum3=P%9(M>vS2gIO`M*7#^YgTGh0Cei7g<dtHxkT
z#@zqqYRV#^ymdYhhy_j;k{<Q(Ze(H0KR=nlsjuRUnOVVyBqVDNTLtabwg1u`<DpC1
zt`qkhPZ;&6pZcb);Ko3Tu6BDlxVxKS;n_$$Q|kWvit0VEZ)YiDSEK|7t@MisxYi5{
z71<;Bb6WqiJ9yt+i5g2Qm!_|JjF$UFwp$Y;C`4(WC`;b986U(>Oivz;{wR02&=h^|
z<`e!!xrSriC`)X~_A>IA*rN64#HiLjzT5f{2Vq~uuwj>x-uKuyL8gdBxrHF8zx~^k
z)7zq-((?Br0f#5~Qzm-?k)!5Xi+ucEq1j%0zrT)e5B`*!<qwgG!2}&XV!84LE&I4C
zd4-@IY@a?^E^xDO-Zu{Dlaflz^6mV#Vv&<WUj%Pf)d|$%pdIaZ1rq+z^t!+a@W-bO
z`$&J#HUAJ#oJGAuU~R%ar0Oh}oMSzYqC}IyqI`bepT>X2j}U`BmX#ctw&S@0btA#y
zoJIgujFIk7-a|TR$iyv$I1MQZXKp}a>B4Cr7!}KpujYs2eBJ|F28e=~_wiYoM3b;s
zu)v8jjUre81~R6RcJC&r6SqCyvVAE(Hao^xdqzh)WG%_J&3b;`SY%teEsWs%JHlB{
z)Y0<+1l0vJ-uH}GVAVUrzp|sR#U3_7-*R)FS<fz>e>j_Xxd90$B!_=2xYpLN3u_Ag
zT14rt|4ZS*wUUpibvfvBHYipue2)yBL{M!hQ#i-hkNKPMcz<e1i#szO1mN7N{JX&%
zAJ=Zmb-USFz`YeyiacmM#;!|}dlzC}`z?Ofo9#zsyya)#Xo6;JS<v=MV|^73sgNfI
z@i{k>>L$xHJ~NFJgML6tWe?t#gksd_iY+`)(_Hb-HjhZYAq$6Ap`L&{(#Kq=v7gV`
z4t_-Eff=@3P1}{mU(m0}N-EvLZV694ZI&=Q&7aIDau2ZF!p?D;K;OdAMsg3-_UhI(
z(GMuTKBE<~h9V|DbqRxpAeqQ8M#BIp5$)9do5q?0iq2P`DK@pOdzIf-q>{%&R=dtG
zKXsMq_dh94Lxd|a4X>}E28>ebuxp5+0r5XmKA?QmmgOm1qc-TyY$BdS1>9U2inMjj
zB3+t8te0vQpE&m7mma26w^OyOB_o%;s4#DCMnA?VoSjn({M=b<&v4r=vG`Ht&6a{L
zh47to+&BOe%T|PbpB0}}TtvXUnit);b5;}xY2@{C9<5>tKnfDe*>)aJ;ESldh@lz2
zh=s4)TiHM&G14lj!mQr#vf2R22fmNrn_stq|FCl(xI>p%K_oIL?O}vx#|(yZIHEo<
zNQ(0l5DPEWJ2DVkwc%I!@NC9?rhr+HWam&9L_f|SUnPti$%V9HaPWM3c#zU(4GFU!
zI8lJl&pq{7o~+UDbL7RgylkyS2Ej~~m%o36`YVxuWDU2TQiY!M!G{8Bz6pe%6oN^)
z%kpN?)n6fq2P3sj?xwws^^AP$=a`F!b=g<#40<_)Hb37|TKVjxEpj`r^SEKr6nF-(
zHI7Zk>ARem978NuNlzpb$ful;&Bc|6N&IFkO%;5C{k)qj_dP$C)5+(z(Mc-PV`ayp
zwvjH@YIBAe@V1j&q>G2n(o=p^$Hr><U<^l1H*}82c}g9c=+NKxQA`>B;#j?9rX!?T
z(=R`Fo|n!Vz~M;^!2-9p9~MUiOR<3nh&siCzQPNbHi$sOFL1LYMVbzz^>|bTtupBJ
z`~mvo{E^>8$kEV_LVLTfI`r{Cb7<`P<sG_lCWQwVX;rl3h$!}cU!zL=z{NwU9>*da
z4~7nQ=>GmgxO0DP5hWZ=H(Jw#;n{50JdJZ{rc87mqjbkxIRO>Z^Z!J^&mt-Ll)GCa
z97ISxP7k`O4l*AnxbaxSSzmOrKwS&fG4R4VSf%7ccJazn<X2o`V1qo;ch?<>;CNDR
z=5q#%PR9y298skP*?0xNHfwy!k8>qnH&UhI2?khCcj|^Yy{@t57ij*pib2w1?$tcG
ztVMqvtBX{URHwz6yt3lkR%v<aGNK~kgY@a_V)M=M#_}`DbZm53cF}KYOg8&hW3%^f
zEMuO+E?$b2;<xK6yw}v$qdXrk7gPiG0r;TfE19vc2IwwU1<e6)e){s+2W|#XDSFML
zh8+`q$IOMpFT5`cyddp{{U1v>sJ~es@AGZ;r;9S9CnqtiuI?qJ*4v-2OUh)?C`pQl
zZx~>y^sFQ<WzcfNej~hEA4ShnK{eeApYvbtkXjNIzf|5Umtz#K(u0I^xeF14Cz9$W
z9ff+XLqi>yKIw{(dO(RW1>;-cdoG=eKfIx?^{&sLXyGr|Rg{%gsX=o_R?p7MqlzIx
zq|NcQ?po=N!;Zld9o9nNr$->{L+$A)Y3ci*zaABsxW*paPg4D1TLs4kfllxcqH&eR
zx!-D%y>9r`9OxO}sOuoyG?qzJZj$rGYX+k<Vvic^>hmzOD!?x{edz{eAaU1Ac%VH!
zID*D119Fd*Qq+ba8?x|`%%GZY`L9wm0$i;Kyv5P->myu!qHLCr)?i|R4l~QZU>(xO
z-{awcSt;vkWJY@+*fqhgnG(F>S$Iv685?tRi&S5j(6p=5VDGKVHS;M?oXZQ7pR4t+
zK9_9qKt$R+BBk>uhm}||`rRnc%n}f9v3{n&cgX+aZe#j!uX69Me_HixDpVbw-Fs5r
zf1DKdu>dF9c0qpG<_pV~XC1uH{JX>d$J%J|$_&eDh&qPnZiyWGpk5bWJpTG5+|19_
zZkP5gWr?6ljew;Sk>Tb!EKg9vu!)hV6_?1t&ak;U)HPKIx4``Rz!_qxq1x9i<qyzu
znocswG4mp<+W2Yk^wiYyxRdY1=j&5`j1EfV@lz84dpm$H5OBZ)#+}G;QUT!?`qc-6
zp*>BFhmqCV%zE&LTUV-MPMo{H*641wb<yKE8j);2<n#$S+HYo!Ge-uWT;^wA&v9GN
zMM)N!*xnzGOicJtp<L(^iw~8F<QH<zl4I`?vi<J9FGHo&D}XJ^f~(HH#h2zq=7ukN
zJ(TIvnH);%_`vSf9`BcniW7!n)m`~yEtiB^mde{^rjzW5=(nMRod5{jd{{Ib=9>_;
z>^>nT(93fNQ#fEl_%_>9pZS}o1BZ>Iya%RL3@mSh7?9h~Y3M#E&DmbX#iPl<K$hoL
za1H?@ksw4U!I{)bV0Wciz<TI?X&bb&<Ce7geqptQ5RU*UN*pIQZU~af!+x1*B;#o|
z($&|qIAvlHQX~H}2!K!A0C!_z@;{sp+}c(C+Q`QMZOGC&^S-iaa<OSY`OZF7{i({H
zvPPcepeCuAt!tBNToJh$P7`PS#F8U)n$6pK<0?9VA+U<cE;BHZ<TZIPGv_u;qNdXz
zb()Pfs}GrYX!J&R0a!bc(UAPSR<*3$5s@~c{<6cDgt1J6*d;Wm(e>f|zJjlE+R=Bf
z#6f0+gU&m$bi_CW#LO|jyMQ2Rn4_oX*TDgrXgd@wuoyC1S+-w_@-%UBetHo|ak6=c
zH0Ka5QVgw;FFJfB8QW6{so|VM%%OS|?%>ZT57H&V;H5p+3N%qK<cc~uoL<|U3$3ZM
zkKxUD3tKB;r(oMji^G&mUxD>OHK4mE=`FGIy<mz+<=UGOUy<fVQ33Z-2E&y=UiG!m
zkdn*X`u4k_cBhT5oj2(M@$y^W>Gng}$7GCPH{%s}#6-YPr&ExRP0&McuJovao=>oK
z)b{$2oH%|yyiY_M$qkoaK%AlA+l5{rwf$39B}CjrKBCOCdU$9D|Lcbp{PDfZWsbt6
zN>$DV?)yIVr91^+c$lY09`Py5?<sHU2L&ni*F#R~^T9nq^kqhEpJxH++q1YQm;?HQ
z6fp~ZQ$Uex+0@u>d9~ZIx)FU&XMyk&+IJGQ6c<t}bb$-;>}+33@Ik09GMV$Dslhk!
z9J5>H393TDk5ek18}D+p!Erj(U8k2NH4iI~QvR&^s=|}40T(!+KX9XKWY^e+1SHaq
zp#vu%xq$w05vFVUe^T~}5*dr=5f_C3D5MAC7q^y*+4Cz~kk9VsjHd*!8BD|co6!|3
z2HE&0y^>g=Yoe?kO3;zSnaAB^Fe-k}EUnO2UTieu%?{?4wLpEXg9#!OEbetvV`~v2
z&iCjR<7EY3zZl!K`x>8`bFQn><Z@Njb79>OqOTQeY>X@Xk`IVyG~Bd4aq3?A4-T0c
zkoZ<z9o?*K=J#8FO?qSF;s*)7ABB-_X^v)23OV`uB6_vcuR<rQinciJxt)LBON12V
zV|e7)2L8^?oWVqzl+zZuQ<ck#Qo@(x`m4Ia>Gra~>}Gu~{yEBoI0E~G8+Fh`9Dsd@
zYK7@|U{+^=Rcstrtb}<z#c&SA_F9dYUR!&zwV<^jKcxyX8M*b6_G9mIxi0EhcVMHc
zuPmuBu2=H1^9OiU+bb0;Sr|RTsyQCgfjbevSaE&b$)Qj~SVk-1UL3V^{!jn|#2-LO
z`b$7F3w$C}ZU4AV4lK=EQXYym3i!Q;Y%{O5pW;_|<q!>!+D@jI`g~rE4&=n?LQsc7
z3+k$xm8)}5LDruF0T9a*t73asQc##-j+>UHoM(C|aaEW&B9L=9ke*ApjHGH;4)!o0
z%1LRjL=78H4k7>l*-j+J2nlAYjK1qacn9tbtltl+ucuvB-HSC0Kmi$wEc)#HJxy2q
zo39rBUx(3nQdLz=!}8A)i*`7mI1~=JxG`X2;jl_ShL5WrkDD?LE`8(}te2kta$5f1
ze^4}z>xz0hpU?TQ8Yq1joLzUmu^tX?ic+j*oI*zaa%1<uQFYIQr}bX9zK~326i}K@
zf6JchVExCJ-EL{!;ckRDJ@5)HxOOi_KNPU6b(hri?YgJUtHB;`A4uj+1&S*~OX;W0
zjkk+)@iuhk#r+1LY=PW4ov$rQ^_W8q*@4#9>x=bdGGN?&phfSC=!Ai#m6Hq}DvL}L
z?qD)*imcYY9LcV&KF_BgD0K8-ti}2;jz`C@jg>^86EhJoMP1!$oBR3M^W*M)w?q58
z<q6f%QD!LCsXfy?Ns=wylAYcluWA+;z0$U&aYLpAYN&$<^n0zOUcLnxZeAy(TZ|_|
z8V!CjKPgO$O)drmELuv>!;;q_otSlL1;l(Q#LyzpKWzUQRmcG$FWqIdfZRQe?_p1^
zwgdt;yM0{Rq0Aia9<GL8zZza&=Dt)K*uAN#><B{y?s@0952y(T10E?MsaZ8Y0Fb-J
zQ#V*z9~;QQQaxpRZ}Z;um-gz}Y|@ytzME|A6}+&cW(Mnc3Q0ki9oKu3694gY>^wCV
z22hcTlOM-X)Pq=rxv%KR=Q&D~%#uc50jOa;o0Gj8eSw)#S27C7{PkIJ{B+GZBv`=2
z#H8U@8=xx8RU1gnOQWGd!;4LEItwnAIam;V?G=CRuG&(tuJ!VEs&dFJ;Iod7e*5#7
zl;rfhQNvNn^HFMGJX3}j@3Ts7Ca{PpDn>B_R%X1;vLQ9$mtK7Jn3{eE1_Z18*R_FM
zFDC>_6&Nh(GVF0j##I9c>}X?ib2}Ma#RlFE`%Qta-EZud=azRdD{4CPf+gECI6AhN
zGaj5j<cF_UfS+;<pc}Spe?#+paPk;&eBzjq_8$<j+BQvP;#CIcNbqU<r3Soc<!R>3
za<(46bOja{`1y(l0Ej3dANdJMU;aj{dI6!?&u&@%n`>=CY4pF=veVQH(MU*w>8M*U
zfbCDN1AR7wre~h#u4|g6IquHwE<**Wc`ilT!0;W{`8&&VQ-vr{#rcJ7{Hw7;Gbd~O
zNAO7_KZ$|EyOPU?o3231f(8cDH!xN*Q~<qrCNNs0Yhh(JdF-AnthV@p$MB+0G$J5(
z87a(s3_l~(s&<L9&YHP@Ts-0=%(oP7OMrNpD#wU;o3SVTg#-kk<=f8PX3={Ou-Io&
zMQDPcR3~SHV<|)JTC&UT&2dODUOG%N1oMrDzBVHQ9sB{OQ9K3&MC{6q&!&%qmuD4)
z-$Z4C(eOSMH;>)4Bvcu)Xf)3Fjj4-MWjG?%^eNl-zEew5s`l8>_Tb<>!}X)tk160#
zSJe$ZdpT$ZtLgjMfhpg0bx*A^zVh)u<vmuH!(<Al!QIt!{j%M%5H7YU=fK;J#kZl!
zdZEFVx50~aRp0qJ{X~e<32>jfE;YSWMhItS!gwN5BpLG*s=l9~+~+Cmt8Fda1>a~D
zx4tYbIMW0MJEZ&-Bm{MJ6B&x|-EStbRxNrrf5j<r-X04&A0b_7$}u%)3)>+kAqg*u
z&+nI%l*;U5zP>d7Mt~=wJRen|&-wbDjg4=SmDRVd$-}UquZanmG;cuksTjMf`y$4R
z=+&Mb2sQk2xtCO5L-r(tV{#Kx*4sUeTtReHR-a)o6sTH$=bl70@Pv;)zSxW4HzwJe
zRa0lq9|^sXgeWPVEjCm>`Bg>pxwpSOlvQR4;9LO)7_^FYceIe-*zBC2rVrENsH%p~
z!8_@ui9xh1xa{7AhZ<o0xd1}2N+NP)`t13?8dhJ-DvtMhZ}yjI6|Z2wP=m!EX`}U=
z52F`myu*W&%kbR0v@N)thJQ%y!elpCx>TF=uH*5ntn%e=!$3@*ch{>mXiMtV<IQ1o
z-XDYC-NApnZTR<Oz`DA0q%kpLym*5{ys940^!-6~;fC;_U)3}~gLJU>s|)zxKCcbm
zWiBiI85^YQvl{uMSDK<Buc24;HJEv?NEd`Y_habzijb5tFj(G5WCZl{`TF^G&ekY1
z)F6Xi5O&P{L;f=x2q7i<M!vRI?wahm`gdUaR}bUs(mEHz%#v0?=F<<9kcHO8?i!02
zGNG4}z~CXxo#F_;s_Ty}5*@kP9eNHsA9asT$w=BJ+-;q7iILkOC!_|$fnN$QA6mDv
z!VHbrAy_(Nuzc$y^bHvd2E`>vH%c?$d}Q_GhT~{8DPewdzN4ud%Rk)NQuBg1FyZX+
z+#n!7&xs1tpqqB4T~7NVKLE!_>c{e9_3fiStg`@=Fim|Ea@;jNBxF&uwqx5i+Vm3i
zuQzxo)Sz`4rr%-eQM51b5+d#ys`XF1LWg7!|I>i~?^cNxwjWqs-3A)I{20Kp|2<qZ
zz;q>4_@BmvwI_`K?1jk(aIL3(cegdHQyh8$Z4JAog@FMff3P@V<R{cO3xI754B#%8
z7A=3ktn%qcv)_NA!id0_kW+Jb5b<}NQex`1;c61t+eEj;9<}^~8Oy)Vevf}E|KBh_
zk2f%wO%%nx<Xu69)q23tu*7RFb)IS%y`g|!;DPlHJVoeDOL3<<W8x#AFe0@kk)$xb
zxS!f!tp5<U^{}iG{s-Js(pBa@2#EO4vI(l&Kgt07Gi<iHmj3<tuNP`4@!ua9aIlB}
z?>771yFHaYN!4U8=dZTrWIpV~r#O^_HtpxnpDW@ZLyFizi*ES3U!vr;q)7Vv^joU`
z7WrbXCL5DUl3%bqKM?zNXaAD*p0k2durBAH2~ls)sTmv1%*bfZ1cb(-`hC^LGoj{<
z4+l#wrR=`Gsz+okDg6Ts*)WF&;>djZ!f%5DlH^_e(HAz~s-hv!<82<Dm{#`}LqlrI
zf*ud$&N~32#2%9ybg#H<@&(%QKWit5>_nf}o|r=~EO=FlHwI4&rJpy(V(M_@&lqH4
ziSJ`f@3^!@5p8D7*KQ^~pefS+-ep|Z+f(L$<ddilNn8FuI{WIdsJ?G+90kFlg+Y{V
zVQ2yAmXZ{Zks72M0qKST1(fa<5a}4Y1!-vkX-Dbqj`s|H@9*CGJomouy)S?89QN#3
zd#&~PthF}hoY4a^f_+g`ne$LLmUn_k%cMAqjv6I!toc=Ht2SMuxG8WfO3ZDeRa;dk
zdZ0E>uMjFDf)Df9L~pT|b%8$tQ|H}5WrL`>Sk#ki%}%G2rbakz97}EcnLx(nvc^`o
zO2?G24rLN_0pH8#?3bsou+zRIJq;wPaZZ}|(N9CbY&wLjtx|YpT+S>TS38v?&P*a(
zNB5)Xz=+(Pi&AkbaWA-~b)MNf-$izVmM6qeitQhB`}mvFtN4W>VdmGx`T3UZH{P+p
zpMt5g!(q=!F`qJ4f;iqfI3j^zyNR4@%;|@G7>X5!9zWo$h`i3}S{G$u%aT9K*3X@%
zj$g#fN9$5eleTdchz`6_x@SzJE)ge9%!<&QQRaRv+DYtMo&<b?rXWQ3*I;P_nD(Jp
zPM##kbu(4K4I;_eV|zB{(grT%&Lh=lbaxi%?>22y^H+Rz6Vtz%Duo+;S<SRb>^kip
z3a7l0ltjH7(LS2;9Rz(sUeAp5_Uyd8%A$H3hd6enjAzs;qp42ZUo7>08;7|&%HlJp
z0zqrLtxWAUwEN?N7Xy#y!cYYT3)S84N$oh3kxxXEkKD}ffIEbvG(&vxz~jq(Ha1Xn
z#+?O%{s4g$KSd5uOg34=j_~4ZQhkq;^8J24?5S0TctssZmPU=m*6wRTar=L^p;;op
zb05IAmb%a7>h%-1=?^1s3b<OFX)?b_)$MrYxx(=E_BQ4dG(cJI$G??y2yHH!yCV6C
z(SR?>0an8RN1LQRNKPUbD({v06xpy8ah_)6x~yU!NYQucx_lJrp1R){i;!S)T8fdF
z6}gWlz*`W8_DIuq7V5%}CkDIEbDT?dU=gm}*!3<;Gf`ebFA_zMcpw@*?y5qDcL!zA
zD*weNk}j>h2kw&WiYiWj-ihQhDi|`hsJDKcs$xDv|Gx61=`eppo?O9W<Z$OXgAUDa
zK9R;sUcOO=7Kc==xL<j9r$ZV;8l@|Y(#HeV<V5GBLmFEWQj$&9U*tv=umsO+EhfpM
z!D%l5PF9^T-rVG#?G>ToVc^Z4Z4lu_ZrBPiM0vSQ?1j6}j2c|*B_#CSiIwY=+w9|2
zMl(<&@ZhN#Z6rAbMYs&sb?!T6;9o@2{JcT;#<QST^!Q5RO7!a!#OMmAaTY3L0NjQ{
zkH!I<=<)bgariM48l8;|x&wQTqe>offIZOBK*7gSBMnVU7~mth{{f}_N7~C2Dxl28
zB}dn5+AxPFcKMF62ONFqNve9=;>SDJp7jJXp);{5)2#BmtomVhAn`YX=*TGkdui9W
zn98$YB}WX^0pdH5n*cTk9OnP)_YbeozFc6FU!??f-nqES8TkW(Q9z%jq@?{TB$cTZ
zLNBO2kN2mmlYaT82A)=oCf(AK^m8P}%9SKhC1B#dd`%GWIRu0K(?A)?E#e_op4W<W
z%E8!=dk%Ce)q2io3rArO$_SbdqNO=b$v&sR%RM<$ui^OT1W>LJQBobz99yQSiF?&9
zpSm+#{UsvghXtBh#Ym_Pe%-0^5@Rhy()z|Aab{p30tlfL+z1E8l~Xycr659M^-@Wx
zQ+a?XXCNB4tSpH34x|;7;1Q_}ikD%1vZi?U6)(MD)vz!Cv4~Gwh5->-w2R0sot%sR
zJ<A0iqvD`re~aypS>{03^T<1`dHnoQg|n3ESi@p`{zEMDFQf+HOLuT<7#>hCe_>Dm
zZf`C>S^OZFwzh<5Q28C>%S7AKL{rBe1}C0ZUeFP%FQ6`RseH*+kQ5x%c^gcP2d?|1
zXjmv)$93^8y};erRs&abkW&TpGRFyIV3f@cGiZ2v@8onds1!FZdfB=?i<w*#)3qU6
z-Y0Pr8(J5N=;*Q%JZ=azSJ;#+z6Bu!fmfDbKW8laC{*RcV&c;J-yz~-dR)8*_ZB|4
z?+zOf2rF8^l4q!^mTJP{&P@1^a(bSeRnx}TqBOyxEe&>si-j;9=b~q}G}iH?tnHh`
zIuaJSu%U~Vt2KMyQn8ak*Itm0{N!8ZsT$qls^pxp%@xgJm&MI+{TjKLjY{KZ3CRmf
zSKTf`qk1pW<_#V?JI>N~39_;d=j+Y0F4QMQ&Gtd|F^{bv5K1KrrMto|vx3PYPribr
z*!tT7@2dJ7*7%CJO+ft+t&wqQ+<ja2Y!yV`^45OudgpyxYje=hE0uv#sM<=tyi2JJ
zS*l4nJ^byVueA;n6pCv=gv@?suhsKusxvnbU2I&@dA4Hv<GFsZYcL$e9z>{v0oJn|
zdaS}0XH&z=(vi1TQNaI-j>z4J!Sb22kaz*ow5{;tqJD+Gg*9KEI)^}NgVve5r1pxA
z4W_X&QAxAp+u`!?p*0&Ut1tm&B508pHq<N9mjC*Y5{Ushn4+1$3ov$98~yWw4>cKT
z<)8<rb~o|@xvnTARjygCM{fp`96c2xr3^QQR61Bwe6KDwy%?%ZMj*PZtWVp1qBNUi
zfp@=#v`Uq>AZOjXpnjOcRgAt)qXf1uMH+;^%vmpaZF9vHr03LGluFE`ZK~9^xA#@+
zYNs(G`|*SXB)gc$PA*hy484gghs%Gy$*{|dnT6`OfoX%n<l+81sY|Xx&7HeJ!osBX
zZ>LKuTDjGorpd}8g?@w==B1KRhLuKq?id2ceQ3sqXp7&0TwQI!Fu=InA(PG?-WJjO
zmT(w3K7}y$#&bTtuC|$@I<R;!<Va3(ujv;nU`)2=Zq0dC`A`hV+%q&-T4Sq)o5g21
z(jxHsIS()sZ14OL1ngxfwAg6BE<)>7_&W3@vTQ}?lV!D=y7<(Q)NN>E9N@ihNoZX#
zD*oGkIgv+T_$1+m!m&v@;&gLg;ET_=tq?^Y)_}pBUTa%i*QY;ClTnIrR51c=Stn!3
z_dZhmQ-i%Y;FmV8%f16HGsTB%hi`1XHEvK+@O*sxc<pFBcpLz~6#Q1xeaL~2<nE}Y
zVc#|*RIgmW=tti0ZMM&o5hKoeJp6m1Ca{N1tB3a>5b7}E(T@?%Eq~F~nShE4Kjju)
z>l&nGrErTTYVjO%X)A1h+moGlRM5fw1L5Ppm9?;S^t113Dup^sbSmBUIM&Xr81n|4
zon)INC#T#-Z?%5ahK1;kx|U8+iQ}g5KFwR|V)pse;7lMn26LP=^xQWlswSb%_s>Ai
zTA&qL=GL*e02!5iU(y%WD7I!DW=HR>1U&C|!%UlO9L(z+oZs0g?i9cUoDPQF!1eyd
z{+L0npjRA_?<&p9;XH!wrN4N<^^@r4ogHxH9kM9Jz{Vv{BUi<QS=i9D2t-E$dmhr-
zCaf^e%96!dOfUwiL!o<@SunryfxO$g7fi&t+CuTqqJB4O1SIn#)RBPSg3{c93~3<$
zwnAyptr%czbZaZ<uay6Mv=h*3*gglpMO*n0@NwzraO<Cspfo|+ftY0y2_qNep7ejm
zT9^Xz07NkBSorB-=OifQ?;3W3V38XB$HD2QRSmkv5MYX+*0y3Zqne@!tNv8`Tz2KT
zmGytR@_`$<HFBB)cfZ(C+nVN)0^AO`SWPk_J}v43<&s%}*C60-@r>D{fkDOzk3F3W
z`7K)bks&k;$rk@y$mOl$00;$>%rrjmLEda<seL2IIQE2x$i4b?=z+}j@YiR$6^$-$
zNOt}MCntUATguE1N_Q^H&Oo+KblK*X<?^mvn%zQ&mLFy{NZ9LW7Vy7#c*Pad?&+A+
z;C9KhRT3+abA>a`)gb>&B4%5%oN%)9&Ky84Xk2`aY|9q9W(6}lI{BIir&*TdKLc+q
z|3jz<@;kYkSzcbgCJ}p-yk`EJv$-r^YTq4P{gt~}fVj7`+(D!YQ=iiL2@L+AW~Xer
z5;LK%RN&Z*FtL60jZ?qFhrobGgEC)S!O_*D#^eXhe~0P`*$Q+QLNz1SY?5{gjNK{P
zu`4v39-5YuhV#iLewbGD%}J1*dpl@GXU1Yfodh)+Vy(E*)#DHq(HLz}TlE{ZbI>b`
z-<77X-*|$5VzM36lg>E|R=41T0T%v6r@>0-YR-x6>ek)gIj&HZ{7Fl7WcX)+fPBUA
zZ8n=Ft#q!xJ>k8A9gL;K5Hm`vP7yG3^Z0is#wbZPAb7xU34Fm9P<mMow=nW0aZm?|
z`x529>a!Se$op0V2Yju}F9X?MPSf4nT)ZE&!(Q)g*IT#tvx0~GVd0+ljqmR4gaxK8
zpvat{wTQub<q+e^*2%sU<nFq_7p$VDQVSpyB8hJhMHP3v1K;?uneF59D#=`Oo|VGY
zy2-;^Pd7tzz-J)d{dC#pb;rQt(XrF!8`HU!Rh#FsGu8}GEW-$uI-eOtt+aDt@p<#}
z2YPAmi9Qx*={Vnrhn;^Z9uBc6lE0DG)NN#!N2KS|C0Xe=jTRc~@$e4~qVZC%@%LV>
zbPP&_9up~_>j1?}Ss4iJRxa-K7R;{Y7R;R3BD`$wvd%9_2dZ1H;G1q4`sKOzmU{JN
zZZHVl9R$y?b#UFlvo;s{Kw~YAAy5*%BnE)f8^B@e{q0-!|AMlS0x;))0r3BXeW^W*
z&5mgz^vp9@5L^Wwh`k(oIR_=3OeIH-xsNxQQ2lK%x^ZW_f5~v34-EGo!1n|8Mgla=
zD*<x7Gr#+fbcls-_y9-o0H9ylx4#w#NCp^LS@~iBZd5bFqt*Tkx2i2{S9_WixBW{k
zosq?BOa7(sP#6<H2}K?NpJ2}Eq>xAt?uW&+lCF+N2ub%J=d4QRHY#a3)Ch+zgiL;H
zB?gqCEdmgiR9}xtL$kTN<0#6l{?J4yijHaRvwRDiLwi2N!^d@2yAM698+z6%Hhc4p
zdeLN)JWAfzlB-mL1L^`3lThyPX07hGyz~tT>`Pz{K-fYm0Lxi!Uh|L3>$y@%CfJC;
zo1cpdT#%2rQ4lJZl<HrOr-w`FIOrfX;l(_%tmMK>tiw`hmCZ;TMfNP(Y^ZpwK_y$y
z?kQg}J6AXjTh-*>`~=XC&Mu)(4F&{zP+K$b59qubYz*nVHOS?~g`YdAGt^f6hHJVR
zKq2tV2!fOV9it~a`%||mKWmJ|JR!5KdSucmn{5Ykwn@`0eEe`0t>(}WpcpG_{a91K
z*#RBG=R*(GA~5O&zL2eghvKOV;m;&iZ}GZ!Kf*ZZ$Y1@W#?*^#1$eydH`<?Y|1Iz*
zB2FJKd+RRapma%rV;H#6m^7fbpg9_2{yUx{qVHi(qmTz!V>Yg$&60;myHS)5zr)cU
z6QC`&2WV|g{TU#3lZ?W5**LQhXUiy$yhybryiVP$)m<N3|1))#0|G?77Yt~?O-(tC
zk=&yt^JKNMbn$pVN1n<@{XLbBk<9{WPsI};JNpW#=_{d5E00Ki7(*cCp=p1GRIbA>
z1+3XMygzb_cx)m@U%;23S?QkH&2pXJ)X*Y0HWWUrvPI|5TvReJ$8~3d?@qcM-^_{R
zlwA_nlYb(1H1xFYFFWYSt7Xpay%6~uycURwm3bcAxnb~IH?az&(<;mG-$%zA@ca`_
zZz8BaCg6x@hC@f%p<*LcV2k)k&EQul3Uqw+2VU<17zG`KLEr=|bk9WH6PIh<@9Z~?
zZLz%QZhzq|wGALW%%y;oo4o0?y=wV5FS~H=4<<)1q2}nKEHFC{7NqQ3OI(UJ_Wk1}
zrK7=Z>WC6IPJ@HxouNGv!IrOebU-z*3Yf%SDb1oIlOa7qgJQpv@thewj|M>j5%`s-
z=sa?Ak3+|e5kTn4^x(WGU_kwum38|NgjK|!+IrEFO}^af?0A5+`^eDl8oHkLLDBtq
zakNp#5i^jN)hvn2R15Cj#+5UidA(PZ8Gl_09rDG|Ef8*h&$&4bDE3B#EFr3@Y5I@8
zt4}!VrzvIk+HK_E?>$n(s`+`6u-bQKSX_&)C?F5$_Skv5OG}rPf$fbT%<23QvHA(q
zd?B+<Pv3_z{wwmr)GEVgr`S^h{go2q(}qb<%VmVi_(HQbm_TY0Z{JG}yvfCk_a#Yh
z!!om-cVXnZ*)tbT-S1>Gy_I$4xnXftY6SxCnyZFWHGRauUfvXnSb&(PXiZrcn=Yi<
zh62O>L(qMW<R!;f^x~?9=F!DtwJUU8oC1e?UHfRIJOB)q!?=)_hIf4NjlEm3-!isC
zn`@jTOMTi#g)MheMM(b(AM5DS(q-qMxqs!_>XW+=!dGp8_ro8!X7lzJvO9JLK<qx;
z{s<oD@v$gt@~O$MZ_lT8;a9RkPH&f&W;%+!6BoUv(vev41_QoR{<?3kc{Wro^{qzn
zXA6J}n3JnN;}jH;@Gq3GS|q1kh$SiI-M;#c(KbOqP}eu#F3S)!R|u^4lO5bKa};%T
z4_qnTPh+DWy(X#KFm2x_nQ3`Ti9^gb*Y+|MV^$>(7}Ma@3%d=*W;X|b&lN;Dwx9=>
zqn8GsXZwW_y9Hy{9Sv0T&`a9c+x7_hb1jp<+RLttSLPJdzoN2JlU=#I2Z$NG?6Fxr
zT9~dZxIHbTialR2bRP5LwcXR$hJvX$FhWn=bRgSvi=vJ_im-f<%GTNzwRgPaGqCh~
z*+z*Hzz=j|FHXv5O60x0+GWwS^V4{|R8fyL7lO}Ol{KjPN1hr_1s#&YW<Gf74iqKT
z+X<1^QQD^XZfim0*EdjPa&9Lb(ZOg$J~@--J6+gVw&|LERcb&zF}|ugp_t;{C-igV
zusF-~Ex*!tSr6ar*}0P9$)i`c$YP3(SPoBuh+a<uX>_D0Cn2eNhgoj&FG?c+Ts5vr
zd4!uT;1QB9UR0GBCa>_o*`z-ux2Ih>i^1TGimIsT0)1!!+~6RT!_yBNmWLjKE6iYu
zTXqp2wjM?^Oq0rv#^=0g<yDYrX_>S=PY0fdm`>_k+}5wgRrTjB#~sx8TP5|`g_6dF
z$;r5C`Tx12W&S6`@{yF1iAzVkkqp743f+fj)(68<skvBn7flmnn+v~Xg<S!kT;Z?q
zW4toPf9+8AO<W4S32DWC;3x%6I)GwnfHFfT6GcaS^U*(Kcatii3j;Lw02Kmy)c@?G
zwqg_ivK8BjvjpI*Imm|t{0MmuSuyb)aB$!KTONIaz88I*@p0(lM(2cP|IvYqlh5h&
zqUkMKbmr1>nrHZ_W;!Dw5#51<4(QG9(Z{|CI4#hh#u-G?w8^y?4uk-_0&IaVbZB<{
zPxZ-vN?-nqk7}!+gnI{loLjT!3o)L@%_n=0X>rjrAauWjPWR@Jz@5kG-#vDJA51oJ
zqHc1k83Rc7XsPdY!)Op<bpG;cJ<snZ=d@!3tBQ-|(unw6To!djtgeqnWboXiRCe^>
zg+k%HJk|6J<j(KiKa;->4hCKZxd&no7J!&{{;oF$M-`5e@e((SuZK+fBF)HRR9aro
zWyX8Q#*9RNz1fEjCa|)wvm)&g&6z#K6x9<ZY|qou`q7o-dZ!-t3)BBDc>BhDZf6^@
zp9slf2nA9M-Hu{miBlpR8$U|V8SLbvfx=hHJ_9JvnuWX(n6C~(D;&;9VJE&j0Yw)r
z+@9X^L_pDqi?(w&S%#RqN?vmI>Jqh&$HB@35pHGIV20NjChWj>CwP03ardm5{ukZI
z-|pXpsRwluvk3Ed+Oy^6MLi(-5}sEJe}w6rh!PaveAi1g#S}3r$v)w1Y`6)5P%p}P
zgp5`u^x^<er-uu7i^TS`GY?vDNC<@yU|qn;ia_9lr5{}pG4^2bej#Jp`m)%W9FI36
zOPKBKI9OdcR$<JILxtL&$XkPv71j@t&ugA1x{1H!GSf9UyE8qaR6yum-Pp(V?}vLP
z(Z*?pGW8pYJ@Z)L2`V&^%y{lDydg1#FMUOtYa-rZT6M&b9UGW`jcjcDw|X#G(|ac~
zSy2HC#fEslbUu}%hEk}U|LXrckMYmN{rGs{hnGe###hWKKc-)Ns8ZlQ5NUaeqsJ{c
zehO`$;Wj*-hNI5VY=K~o#hiK$Drk$~2Agw;xbt*@63$kP<Z#%PV$QR*9a+iP4x7wY
z+>PFp8W64eFvo;EH1+qPD?QPkddXkI9~>$p?m2JC{ruk(Sp&MI3;TY`{kRr9NQo#K
z6Seybr?`H+WIh+G!>;opLefT%H0NgC!M67^Gt`qR=E>FtJ&25v%$Ri`tGz0pA&(t6
zdQ^%D689YAFk4|B7hT^##{4Pj<+6G?H}LbV=aU{4VKc{~{g$_r+%f1?#L=s`0byd^
zdmm*uz?5nXNjL0l+x-D?emgX5LYu_IFT6gB&Vu*dnv9>FFMeL0f8@AcomDuUwkB7%
zf}EC?{R}0E*cN8gCJT=F?ZGIhePOkg=;V9O1OyczG1|E#n7?%IlnQUV9*{cxG7yhb
zDiq(vnCF;PeEHQfw(o<wp*48e=h(Ko@ln%MgqZr90dd{;;=0;n&y*PGIKvtG6U~jT
z5=$>OAA$c?H0(yG-Q$;Kk&e%!jN}W`s|{WQ1vph2)>7b`2ZQ*Ua#p7sPAZI7->fqj
zMRe8iK7u#sIa6=u@VNr2nH!;cVwgG0cP_KVeNXgxKED{q&});T*%}BA5*G1#k2z4W
zhR5UCpk7miymYIdSITg^M0zz%d_SEtV$~8=aN39JIeuT*hoj5@TK%QM;L)XC)M^d&
z5_e@DnaMv_gglMja9w3{X&kd{c?{m4E*1WpRT?(By*X;4F+#l=2_rLXBnKxL?4S}c
zp<n(jW4CfHYHyb%ivl186lEu+seiWbCIFBg18(L^bTs%Lkadb^{#Ee-PJxUR!#$a0
z`<(i<4euuQ^;m(I=gC;WJ<r?sO*#-A(8SZQ6a}RFJ{}CaNwU)h`zXhg_=9L+*KW^I
zopAu-(am|fm^Z(%(bhDGF+hxUdos`ddw_6v-|Xc=p1FNnK&Cu!2<%;%5%>34ltJ7)
zMVLvab`l+0jE+~E$jB0+d`@;#2*fXzy3BW7F@=y0+pAkC6%y2%>fuzH-1#rR2^dRm
zlaYw09aUWzd<*d8IxKECff#Ki!ckZ^ATsg4PDGfCj{pzC=p-60%tuCt{OpgwDW&=r
zQ6;SA9^L3W#^&-Pfv@jgT${gK*V(xL0wt52zSnagX=FD=wM_Mj&*K8Q+{NQp8SGbh
zx)-;XEhHw)&hIA~YQ$W5t|rFLhH@85Q3s@<XKGt3Xnhm>tNz)OaeaFCvZLR|0hmE{
z?BMHN;FiO$N-3@sUAsXeI<K=w0~>Ip9@jl581@e@3p5S5E0EYBxfsGjsbVQiz%Htp
zxB;IWXu=WBxy#w$#<ot#+&9LxQ%`bn7c1RSmn!||*k|1bd?!%%CcCTK&HJaAdw5yZ
z^kCbbw)WF3jn%HF*m!Rsin&>*A&-fZF(VOWhOr126WX}>CQ-e|W1~a0JJftxSLUWC
zM|NTeC<CN|5V(bj685g%0jcr6f-o#WD%bG^smZPA6ht0vPz)u^LJ6XAI;<-#Cl@!u
ziI>|uJUmpat`&(Xzw_$kG>`D3X%-&r-6np^JBTz1!s2n`gE?hdutG3&<J#w8TRpUr
z4SYJAzq*<gyt<m7BTmx;>XtI%42ofgS-gNmBCa2qWF?B?qI4i8k`NjuFd~r9s)7bw
zfq_?{#u5Tt(10DDL3p%ak(e+);6|yF5NLM*@H#gWR6~0haP_=DTu=E<yeTS;2HcTA
z2J~9FW=&DR#=2>t)|Y{p7+KSB|BOcT1w*@~R#XWCpn9w({=1XM#E8jV>x8=$n+so0
z4rPokzVb;xFd{KAOm1PoF#d;^_3xn=G+>Nw5Jm-t-~awH;D0~lKdq$vkE}c`qS2Us
zycIhaPrBRKFe=pI{<V!)|JSWtl<{MXgD^h2fd0E(%z`B#_-5u2HKw=xo`M$%KNe$R
z{Dzto(8ije8}8Dk+Vp`i-avY3MfT%(feW57wew~jug74Fw-pYAZ9e60JDL!THIpog
zHZnx`x($X5tXo^!Hm{5fn7{+_Ng$_fsWgiTj8PG(94D>AX+i+3@CmBf-s56~go1(Y
z*eIAP?K)BZEeVKX1x70jqM{lqiU^Qn@Jp=P@o~0Co#sO^)CQ%BiA}R=nZX!8kY)4t
z4b9K@Gmsd5*=ZQvZQtTJuv)*JLUGL+9%2NRnrE#SVzgSrPJYF(>Erv^^@1=WJau>8
z{gB1bULIvnJ@0k5#PGw9hg~v_wbem!iw<rNl~Z|(?6>>&N%_`}-jxVB^J)}GJ9AwX
zsBkdnMgP6=rVyHw(HMnj)+_k)VWyTldQA#rbq)fPH@q$bBg>xhS0{oZ5lpMhyoJiJ
zm5ag6y5{E8en7bC>Nc6`$KbT<I?;guph0S1yBoim5u9z^7gjg(doM40a}K)#BQh5H
zP1gu`jWFV3s%^s9b^D_-N73SRBasN*Ee1yLu68$6z?4=zA*IpR-gI&9vZtfY>->s6
zqpk@0cTNM_-nN;Mw$9FxrKOS1&Ke~{7ikEF3Ce~|uV26vReDr1FYwkB$LU^zm}Jz7
z1x1}hAbS)3Zt|!)jd4$Wr1Zf@ZhjZ&q=Z{2r4pgf10e>Dh3h5*&bs@C{LA(D`&z>3
zlS!KUre>}oS3>Cm+tBqA!3f`DYYa=mr`q_;59DQUci#hXC-h5vmPO1An$Gd04SE=m
zq~GP0LppviyXSc2EyxhDB;(KT_%r?dQ(TG#uVn8SvYctJk@2WYtw}SKz(Afvkju%5
zdnfb#x3Y(+#h|biBJ4ZASuJi^A*jhJGjp2`SqOvRm3A(CKk0GIm`Aha2ZfjvGUJKu
z_&rEiLz)ELm|%i#p<0ZJ56ipNFMUd%z3m__YA8wxGWyXE@wa*0ejP>hC{$LJJTYCE
zz^Maod3KXdwV(G|OiTLZ<CmPIzY`io2)_4A;?R5FpKp!Y7cXW&wOidM76tj&V$rZm
z6t}u9LXUooMHi0ME-G%mFH_*(Ot2&lRygk9HysIe7dKIi+OTC#SQKj!Tv2$C%dYx}
z<ZMHoxsq$&{*fg~y^;OeK4=JJyIdwRFVboCyWYdTDs9Z_&v1QSgWV^)^h}R@!j=tL
zmyM!Fh^%PJIR#DP6eH6q*gb7P5BK~kF{(iOaY#~xm_p(0egb;1%i+WuUeVL5bzM$_
z<FLvi;?r3EFtZr$)hDCV#Wgn0(`lJQ$DbP-5G)p!+pFWqCfo6+-|(MASy-8QY$+So
zq*GHTzbMwezubFuoxYh-A(!X!EbhdV^KyQfB_F@i!LsVJc3w$nr30e`O(Y~!8{X`=
zq(1>R8HuTLlBTK_e8ZOJk-Vfl|El~2!w<o@(c4jh1I8s}x0`2^o7KGc)h>=p-_CDc
zikZJlDVpX%btjZ0rqAQ2TUe~?Fdv4-1rgA94Q;sHu2iG-nFPxu-DcN&Ri!%{Uu@};
z9a8BhK~oZlUbMw=X<e@2=?dwFM_P#YZ@ueMaVp%-={PYm1u4oaRuf;%?$@f6ixnce
z8_scS+oB(xFYhMvr}sod-|5QMa9H>+o|-t_Rv5YnNG$sH!I!f#>DSYp))Gap9jWYa
zi`X8#p|%9=t5Vt#5ZcVI{9gH&u#N`gGAKE+ut8mLM9Cg(iS>O-f9?WKH=LP$hBIbg
zbxX8p>3M%I-`wNp4=Np2PxDl<C6XuKCVXCVF<;(K<_=7e2b`%%B6gI}!r!#xMX5X(
zZ9$7HJ+?@#MJA1_S*rW>52j0$?iaj_o;^nGFn`@?QaJ>pk~T;-7AwgSazn9z-0rk7
zX~e!FOFT8YQI`v9iG^wEjA%{mieaO`Z1_clz@#aoQgzxig;sI{W0wBEPKH^dt?ta&
zMGq8?fTTHpPD=~m+&?rj)y%?tH~0}$*;+02N`i*)r8HQLt+ikcbF4H)zE7(9z@$ol
z=Z-_)7r*fr0@m}o&_>;<W<jd!;`f>(qfD`)t1PS+qGP|2*|;s42sUdvT0-m`%rB&H
zty4i=1pV^MK|%%v;9Hz81W~U%e!$+}61bA@KBTwh<c>(?d{MRWlvk2pMYW^nj_laU
zFHHOxX2Vesm7w8$^eo!NJK1|X;JnLYzL96sSprv&WbAU-JtPmrSAQ%E+M!xVJTegs
zdh<fY!+j&Jd;Rxj8960bIXr{YGJSh4k2o!|th{Qmrr~;O?7Aq-G3#3(|H{@cq(4hj
zKahHA8kE@`kGwo`s^;@nIg0-nU)}Vms$yjQjyijKwyoh{{y6Ivu4H!J#wm|h3T)lS
z(laLH6Km!ds+J3jk3S22GZ7dWNPQeYPK0AIMxi*~_!3^e$i*k!@GspQ!G?seEnNaz
zEm~uSar!?_ZG764d<7HqO_v%uQ*hsRGxVu+v7&}KR?$1lKek1OG!IV*8I{P}IXQ~(
z5o1|zUdX*V=|lsow+d9mdW{>wVBsk=WLJu#!L7{lIeU%Yj3cJ8aV>IE)@pwu`uxIJ
zc*aH6{NdXp+EcUVM~d<m{!@Bx!D-GNY3X~HS;=#A{Z{6h5d`XRY^ra~l_UJ@ug84I
z>*c}o_p$GcfU>py#;AQNc_Y7)hNo74hts5SzKfO|*JO$e_rq<4@CC+*U7sa=BVRc0
zDzkcR{uREdG*}i>!cd}m`4J_kdw8<Qa!~5`(-5|M#nOgTFi-MtlN!FHpDU*)jP<|(
OeiUR?WJ;vq0sjYGS#n7L

literal 0
HcmV?d00001

diff --git a/docs/admin/b2d_volume_images/gparted2.png b/docs/admin/b2d_volume_images/gparted2.png
new file mode 100644
index 0000000000000000000000000000000000000000..e48e9f15312bd1618770166177bac7997537df70
GIT binary patch
literal 71561
zcmaI7WmFtr@FqMs!QI^<xVsY|1Pku&8r%nW_uvrR-Q8V+ySuv&FZum<-#z<f=bX7+
zUFUZ7Q+2CLX8MLH$Vno?;lTj_07Pji@t*(yGy(tsDF_Sk$zk8!BL@H=017{pCDvBv
zw>DPZ-d=jT+Ac0GZf|c&3$s2xK6dv{zgq<2<KxZ!ohZ!vJ^go4OG_Ia9ZgqP_xSiY
zA_O=(+`qlOt*NQ;DUg_$SlcyvdGYVT!NKVGn7(Ji&d$#9`BigsGb}9Z($doM^76vM
zf~BQpS7+DU+}z>e;o#t)l$6x;^z_8UM1OCmkdR<sU*F!|-pI(v`uh6n@*Eo*OP{G4
zGc$8*YioCRcU)YYjg9r<!gO0(+se{hOG`_CUuS!J`_pq%Lqo&n=H}nOe^pdfH#Rm@
z)RflN*52RW`+7Pi$A>A%$;QXWS5{W&>A%j-j1LbF|D7Hi8S1^cxu&6^9vBz^RWopM
zvQJNrtgi124fIr2l#Gs!nwgu){*d|g%dWS#cYJgZ2M62R+moN4FFPx3YHBJuInmHi
zzrL=fxv_R@=LiW2v8=RMOiVN?Dx$5W;rRH-#Kh?5PsQNi;Nqe`xjESd`MDAj;u`9z
z3(Fhvu~CnY5B~oCwKe5fm>6N<p<SIVZm!N9?M)sYZqCk*>FF5-1%<pkJn3o4!Xm<z
zRn_wHazR1<zCiDZ>ABhY)${Z7mzU?Wv(x3V!9iy;9UaZhwWU!Ho2Ro=E-tRCtE=I$
z>9Of9w`yUf9I$wG9&Q1lox_?NH<u^}iGV7#y`7E5{SaM00kcY!(F%y9?QcmF#?Q~)
z`FlnJN-@1-b(P1CS+n-{vfqN*WKZ%r9*uOmj+3GW)W+*WN>@GV+Dd*I%RU79TNKcp
zFMg?+SUSGlm>(~$r={rT;V_Y>zw6QotR6EF<X<0zT%K=lD9<gdPTx-Z8dc<YU&fT!
zWW8yqXB8`LsH>3C=<BP`8oWlG?<?t@VtBM5*f^Xul_H?2r(e<?*%+nM9>p^*EB!R*
z^tXv(e#no9NBwW7)<|OX>UpoQu%UKvZDE9$HyP1%<)5x%=lQOd(c=;kqpuwu9hn`I
zkNfE-<?_Y3iBIj#h4y5QY3*F%z`M-fH#<gRPKDXJS_emGvAMM|DI)s-Fbr{NaS>%V
zurp0Pa{?HT%{8%Y6#v1aZL-{u-?>J-W26hcK`)vfO#!V;MBiWX;H9NW#|VDWhT+r9
zg$<~fVPnSC5rJ<9;y+mOECd9EXE>JI`$Z9Ii0+VZ!lt~$64Fi1@X7_|DaZe^2X<{X
z)%{r?#QHVmfpU9pdGLDs3VJh5elBlt@O*T+2)a8<BDgpU^iH)r+?FHymA5P=1Rk<&
z0^m-ye>gio1_OUa=qB+E&7wvvsN`~V{>DQ=ipV&B2^Kmc??ML3Z@ub9pQ?|8K*4-B
zC)uydp78e&;CIo~WF;IG!-hh%f08B`Q3UK}UQa!ly|ICCKL{q#kOs&%-=w1v>Zo=d
ziaAs`YXeLuMav~j?DOh_b(Fs%W!h@6JO7ZO6|-T;>%@`DpMbLZDr~pnfBd}wol+c!
z85RR;;(tkt1XlLsre9u6PTHREONr+i6li|eu|Qx~`zb!~(}%(2Z>R^A64yQ3Xi4AE
z=<U|;R+}u0Y&zOJQrwS7;GocM_Vtvr61}C0+tE?%1PY}MsX3kh>`bo0x)I0TjN;+J
z8kSPaxQtc-BEv?St@qydzkfv$rP3J4_hYff{x^g!h5)4LkS%MwQUw}^?@q~jmNATg
zx>##QX%B<M(m(!RXgJUflE}_gxgyDsRH-JC$QUKs-7tFn5vEtQ2Mrhcg)Qp-H<+hG
z=HLz9n%1WtWB8yWKe2+q+0Z!(iC?*4#q9lG8cE)(!()woAtB`jsC4pwUf{(X(`^>%
z(iKLJ`=#xrbN$8%hN}hVv0#K)Su&)C()=F{KY=<98~*qkf_*4Oj}Bi;<!qRk>zF31
z^n6At!D2O_T^faPD<dPWNS<qHkrM|H&s|cCwJjNxAsN#Lu2?jBVKGmLqtjCVv(|q~
zw{&)j<|@z+uZI}r4nuIf6#oKeJ<mZmciW;tU8hE|mN-ibMSrh`4@dnPBTh}JWX1ws
z0{^F4uAoy?x?-Z<_r^^+)so1)q{KZ;4(;!6dzRuNX=6*dpnv}HKbC;_0zLCvgPX8a
z#a4{2K`cl#EE-%4kDjiVF|FvTZe^+W?ygt;+(cOk6)C!Px};XVM1hXL<M<hKc(eVE
z6`WET!0(@}aaYYyi&DdLN|v;~O<&`s9Qu9O7oCdMuo<mRf!e=dfs-JI`w!7eT`03<
zA6!}~#&$kq#oO~YxD4b&J!7dP;z{B#6hl{`k4Pb)&*dBZ>aE%S8OZGIL+{Oz21f#l
z>!c5L<!!ME|K^^b|4KU0QRg`Ia2f{-3<}=h3`HRWup?TadK3V@01@yNkw?%Mho>Y-
z$wB5QV$^MQSp|JQc8A%RXdWw)6S}D#R;@p8VWGMbfpTmpRLgguc(NH!ZjZSls7oBv
zoIe#vOrDld1amtCP!$(y%K{F5xJt&T68{F~c6(I3SxEu~YY9KlUIlGI);BMwk1~AD
zA0KC~<{>`Ihd{HZLjvrUv=DcWGhZ3v^*}GDFP4b5Q77D~fktz$^H_!03wGLiT5Uc?
zgq9P95)4t5v`H^?F5UAV{O{L8MOC^%FLXw#z0L%r0;tM{XtO49o29*TxXjn6zSONI
zE13o&aepqFD;Is6UA7ayA$u!tTOTm-)0Z4Qk$}A702VoR$0Be0RZ~;?gTR#ADV2xI
zY<F>x-CNHVap%qGqiXtdN>=HaUa4(gSAJ*AZy=Z~NxEcSBQ|9pknbk+@uNEe0$6|k
z&UD^p^Zxx)AIYaf?G%3Zz^-5w`~A7~55F}5XQ<Ph1A9NW=v|(yQ*(;OVgt-_@0)$(
zP4~kPJ)hcOX9b8r0|J$B_4Y@7OfRp42rXhCx6=qVVk5#cQaeb$Ux~R8Rcy|3g=4$^
zU%)Fv*dlokDf+~wQ}aT{Qghx6z6?bW7?anD2cU*v#}h4jA>1Nb>`eJvSH?=7r$5)x
zpE&TU3h$*qLv*XQ!Z`5ae&|eWHiX=eU+b;urA%1X2LWk^OcXr0fm+ZPyZiDEf4bg_
z_Q_|ISx^2B4*yvLVl5FYKY+U2&zXuIFSEJhy+N+Qz)6TSZLnX}@Pe)WDpwJUy01_R
zJxMXuh~gn@ivAP&9!pSMj7FI451E(k!Or&2&`o}&%y52kr<7;@(&gYg)kst|h`MB`
z@c@McJaw}#w6|mnq|^3f5{75pp_lHRw(<cfOonHAUFBOt-~<8|X378)MSLT8Ad$1u
zOl-n)KM)-VM`B+2H{NbX-XNIHk)Oi&&6NYl&*W*AVb{0$B`UpbX|>Jit!Vbu)00aw
zkKwHWA<yQi%<eAr`LgUz?oG#)#i7sx-(ku-@Re9LY|rIUi0<L-)%vnO?(DXU?ai^;
z3n_5-jozgP#<d2K#`V(2*M^yo$+s_HDlSZ`c&+;qO0Sdr8LbO{t(bnCO*A8x_f5d1
zXZf+Sc|Z?Au-*AI;&IXtpZ{xy<_!s$gr4Iu#S2R5H2KclGQcO^6hi|33{B4nPBD4O
zyTR$0e)u~c>HY_a#eVi&H6tp$(cI{!e8NnW`ee%W=ER$0k}iFKT@Mh|?Z)-bz=Wl|
ztNbA$zX4a{4Y2NSoAP>e*S+`n8%r4I_r-|@5y-iMxUP~n#{PqeNT^fsrm^FrV22>N
zCp6)6=>mar4H63<FAoLjYI2z`TLDTaL{)3;POnzMDm~G$HOKd-DMHI+DOFYSG0Omy
zo#91yACtGcz2A={W@p^)9$x$IdJQzkn0I2Toav65NwFbR#mLziRAG9Q==!$|IR&CW
z5mLsF6r`WU7ROjgq?1%Za|lM*n>25Fpx`9iVCbo*OH<G*-TOP+56go~j$1C&Wr?kU
z&9HC@pVilg1`x=EX&V{5<-1U_NbjcAfqZVf(q_o5tNQuObJ<8gDsR!tD|HqvX86bY
zR3&ozhqC5{kZi^uLs!z38%Ueh4<x7E%Vx(q^JC-e55n#2TYT0Srm)G(O**y7?T9>g
zAyUj6>N}Wf_ytD0qy`S_05B+)@=1j(9S!%>-o3roupe@Ax^D1YcuU;kQf!>Luq-iE
zv6bEOfokxuW8i<)mtqVwx}DHf;FKd25x>>Q#9~-t_8<~yLbPf=E2ZG5>6mr*se+W9
zH^7l`N1rZrK`?ZG{;+}GvWx;A<=vny(}DMg0Za%@V`Rn=0*^aOM@KgieL{aZ6-4V{
z<tadRbI>t_It(h`QcAyF-2%Pem$u~PTEBb%UoEHLncnV*%iQGZn5f^po|d~5R*Smu
z2>5-vbl!mc%vTT}w<|SKai*Y<U>@lGsO{}iAui@CYHQx71j{3y+kl~%_07>u$%HS;
zSD7U<inc*VvQG1?ZthQ#)atc1`cG5tpu_F$1kiv$z|ci@x5D1@8S-0WRWu@zj!H$*
zHSw_E7qG)Gi<Pf2BAsMrmu7UK{TfaVbyFYFS5qSu^?0D@qqP<%!VEs(1p%nAI5?FX
z@*c0@_<r-v(#GbL@oC;}p~#9<!l~juE9tt4F++fFIkwJ>shy*<7ADj;!9f>}e#=CY
z`g=#bLgBWFppmppUNv`dJh*rPS0BL_sNNHE4<*pZU2Gz3ev;6u3_oJAIm+~6zfk6s
zFzsgKN9F#dP|(osdywL2QQ7w=>ttxzm}#ojY*s?~*TAkzdtA4<qRy%%S2I+qSBOPp
z^0kYE6EG6WN3R%fGeB!-hKZ0(od)F>!FH?qmGq}6Fg9|K;CDON2fgGb5B>4)O?KN|
z@?!uhzjL>n;;*iNM@$3rE_d*Rzg?*azCWnmLR2<LkT~sqwAd<x*q9oU{j&di)}oKY
zp)nZ)Ot)E!QLIq#eXQSull>|nGMW)=%VUCk2!s_z_D)9UXVsxmY`{l@X6^IpI2xen
zL7XH&1u+}(bfUJocE*~h?mE9HvH*YFk-JfK=@M1(<f~Sxzdu3zII<40jLKhuUuHUU
z(C{kWqC%5mpjhk%fsZ$fMhbb<?L?ljo1nBI6;qC7-ByHnzx%+AEyv&*Jy0L97S3W`
zh3L8bvs5NG7>P}y2bBETixDpJu7)}zbUIox@^S*5$&|X+OjlA@*Rb|aF{L}<pJdq%
zqN6`Xh2~gcRbs-c0#yLrcnEJe?<`ukD$OBYVCbb~&Bye<9Jh0-8N?`(-)9jg>Hb&7
zU<^ek=%Oqgb8r7~byyJPm(%}D(xspW9ag@~stzk0INYr3>GgKfhRw)+?(e$U!7E4v
zkvtVpXBrcL^Cd$xK_(|pRgkhLNwo;xSoACLX+CSQ7{ps-B`Fj~HA?#u`%(D*wGwD_
zd)^d=Z+LN3Xna+Br2XWF7d$Y_o6aA${Ih)18UGMAfvuhCv_ma2*-TF-#LFzk;yb_!
ze$qZray8FenSt>%zs<iC09zYhy+9S(CT5IAVo+(pz<TOG_j#>bCgtw_n4F$I`X*Vk
zi-ZrDyftn3^BOjFO<=l-o2_z<+19Y^R_JMqrE5zfd~J8xn4pUe1c?!KYzZ@*q4Wj|
z>YS(I;qBj%J0>aGOFc!biSs?751T!kQLyFtnl_qD6ZM+*U8-a^e@h-#*)RBQ#%P#>
zD0nx*(Bs|oQfRLo_$`bXG1&ho@xK(zSVf}!e1{!y>p|It*S|n*r_zE@X@#BdZ)5N6
zO*&2t8E@X%hx6f`aR&aS39O46PC;y5G^<2PJbPIgBLG!wNby(3?eo&lB&z&%{CR%Z
zVu@X7gOzf?#P`+vI+o|}&*T)dlK2N?Ooc^BLNC(v@?p8<SRfH>D!46E=v`RFv8PKz
zkXO66CWE-`HD1ydQp_8?o!}v-XdU^cqcKe9kO>NpkNRQN5LK77A9(&L&$xCeG%0#A
z`IKv(gaD6)9k?&{mL@b%#m}l=472{X+n_T!MoS3Tuiki?7N6;UVhwAoz#rQ8VgZ=z
z-k3COP)wq~_nG&rOaLHA#`m$ZE~4I&lYRtYun*xW+hqby2X@c#a}mx0*gD6K{uL^N
zX)0}&QpfR4gPvhW?K;I}IMe?!f>L8C#n_gYPP|F?WGkIlu1V0?7VAEGC<bEy+~8jQ
zH(0!6ky`i-pwKe(lP6i=%}yBkbRJ}GR1Lj7b2Rb+GSS|=Awzl^pdcL6DHC!lN*|A4
zXVTKykftBNt`gkC4!15cO5A5(&xqBdft}@E@n+H;NK@)`GVw+_%qh_~CT;oYh+{&w
zWr<^Ks6fvyb;ez=7H;JOY!>&;4pl}bn4X3klrt}sZ}olMT96xN2D`u_geLqQRz`4K
zD1)<oI-0<toyW1Rau5AWF)<T@F}7&C+mMq8%_aV7G3z`NYn;m+Yxf;v0(lldc@{J5
z=>%;vyIeJ=z5(o#>HMP5-59>D6pY!ACm3_q8KeNvje@&*F@LVhHCXhpjKS0eip#U^
zNR0QLBw#fZoBRd>7^g<sXo3RMi)rtT5K=StNETh_@2+hL2|F(M!Pg@+l=aMbpvt)Z
zLrtU>*;co-|GBdA#f^?LScpn<mX5jPgJ(v)le9SU%ixf_Blgu)*kneJ$m-VJ6L*PY
zccmBhBz+nX>5%aWqgz;qz2t<~WgDd67tSX73$*2k6K1`YKRjlgKQLXQ$&jqb(0@(k
z3L$JVmiXaVn#W22CU*xYOcElnNBx?{iF?v?C5b4CiH*JR=d&1O`mARKvk@J=I%n3d
zmV1Yce0KV0YnMqAGm)DS`~!jQ!#Z1m%)qy<vrNTM!b9gF>^I{dy77V-gZ9#M8m5>1
zeURgs!DAC{9f7g-Jw|=LVbr5Iy#*du3kv2EGP#3+@y-@6M<E>61OiW#Qg;R1G&yPh
zQO1GfKUFEz87W*SBph&p`sKcEgM2m#EmYhy4+d7hjh}5iAMkB{yiGl4w|JRdc9bQF
zldQAYK-(U*@7qPrGV%<0DRudA)@bwPV`O&KeAdtUq{C!TW5_!vhowSWsp)&JmA@f1
zBzB3C1r2?pTFmj6WZxnE5Z?i>yDPc&W}@N7+l7@h2Ppdbw(;KJj%3TaKNC`Dl_Me#
z!J5<u3p5!adnHIRkf%N%X1dVm8K>-)5UjyK<N?H9Tuu;aJy8T6&p&X$W*8^*tFY~v
zb8*jt^%aT0CZc|AnCdfK>ESLR9YM1P+)`n2fbqu&^KKifHalR_!ZjRmSRon&wp#$$
z!Dy7(Vg&mNQStX^gi=PGkE_LSX_x;zLe~`uC25zlMh$f+UuM4S_cx5-+cCKyylj@}
zm5FzdIdj5wM%*L65F_Gqlr9Z6!>wv5)NF&A2wl3OpeS~k<(1M!^f~V;weE_zus8#J
z>!D*>Ssq@CRt`ynL8+eaZ_}OkQFa9TDxv9psntzL8;aipF56j7&L@0{jl$eUlJ(nu
z!{CsnfJyPP2OJdoa9S;dVLN<SdHx+xTIj_($|Am>$f0gtMz~UE<(jC)y<4ZvWEw-~
z*j-H%vGjw;<y)`CMflHd{uE^F#?H^!A6S|_$S=EX4*?%f1N((=FErnk!rHCbs<Geb
z2($xD?Qu`MO5o_d%*5ELG2h~M_0FI<1L};EBrWFI5$hupkzxXs%jmw}P~}cjAce1z
z)0f~S8Jgd?%h9<<&qt!o`648-PY^If@Yg2O@3mkdZJ}bQ1k~9yfA41D%x^E!t6zj>
ztCVq<XmmZI_UsdrI6(Z;R~gTDkG~An_th+`JFLD<{UhfiE)#~xjU&)|zX66Zt96Rj
zN!;Vv4<_19=!9Pdh;i^%9BGj2L!xb`%a>S48z_Kwtle@L{^1e;Vy9<F)#GnCx-Wvh
zX->=&8m|<(Pay){gRQz=$<AbVzV<tE#S}Fj-Xf~{w0UFRK@-w<7t5fC{El+BAXuNX
z)At-jdy>y~4{}>9`I(*fNI1hvpFmxq02z*%+Vb%|@YipJdIa$;iSB|J7_N(t_-QSQ
zZ5KiQ4`lI=@4dr+MibcHSi-MLw}kpoTfu;_JCTX(lz+>AknuR4F{Jx-Y>~E!m_yqU
z@+DA9XQ}1T<)dDPrA$8e`s!XeBDH}rAx?JOLE?tQM%_nUfmyF#_hoa-eg4!F+<6xT
z?}#>xsUne;mj8R#CQ4W&p%}3jmWya1Ogj&@b<l9?OEF|{afx5GhYZkOT1w7VO@HoM
z?j5gM%}?C!hw7c&yX=mQBWVR0J!|U6dKqwflfSdB;l9+eOig#S)$JtCNK5N-YJO9D
zX{ELEy7*SPXztmcE4Vu$)<SQ6Wu>)|H)bxotNIW1OS+^>qbS>wp?NvgxMWp<TC_vf
z<I8f<_4@jW_r>bI;d2PQD%TSJl?k>au<k15%kx^A<B6%u3&-0yPr(k@;3S%OKJ0+K
z#mw3qu|Q{ED+46}JA@Gj`5tp-gh4t_ZJ}|kjW|g^Yn=QiV!DStiK5CZ0!4Klly;!M
zZ$S3^VEUDRV6d@YV({UI-;v(7MY^$buj2ZW`&G!8E((Y}ZhfmK6F<?H=7a*jY);$l
zl6uVaYFcd5(|j4h=Vl|QbkdT>ii4U%Z2wh!^8-|iy@cpy(%mM`ftN^(igQ9IbCO?*
zK4{-;PTwM`ZS2M=kB+RS$|GH?k7c5aX+B?3D2Ss`g@5*~y7%CKq2l+mNu%eB$gUz+
z{FN|bBu%GMSFW<~J!wQg9&d}1&>#=1`cMq4C0XX##k|mw9%lf?yJO?SW|l*h5YcuD
ze@orSU>fgc^5a)qFN;6h^ZZ9<o2wo`BSqSPd!4i(mh}B#O_uKQpF}I7CvP5er}Djx
z9v)`s;o(tx;5|+6r1jq`Hpaf$%vIUg+J)164YO;`g@?w1QcvVMc(9aB(xoyJeRx^E
zUGKfkigA7Dc|XGot~z7>$-;-@m!|;rJ)O~UDt${qkvP2v{LAF6aadV`u94+R(UQL&
zccJ*DhB@^7)teB?`&XGF@me-ME_3Ln_uSS?(AD51E*9C&%EuL&x9MX=Q_94ar#GA1
zYsEU-=tNQpGhuDfWTxkCwiw&fVkd6<uZuNwTne}X@T*@t@ME=TB5W?}Q7X^F<#j6@
zY^E9o;G`QJKg_5^33FqysIh7wJHj9<dbIxzlbFhP!3bL={_bZry)k$f#^e7wi#C1h
zE!D+aR#;RCLHX6S1|%Z1x_WT%zRKNob(x-?;@0Hj=y<D=&^$WOP?)Wh!u$vYUX60E
z)Rvy!9<!k?Hhici!KvbN&@eF(u^9jMYf<rMCP}}uPq}I5v*7BFsJIRAG+=rTx&&~a
z*@7bX$%{+eglR)kX!UAF)_w2*N52~tOh(nJ8AFBZUUKQ&SU@kKh?lr%P$p!r#z?_$
zINK>JP}V0ww!^G2L&SC#onjshhIuPZs?*afTfoslX#ztXoRv81111j`bc$8=12@H$
z$P4sfdi55-mm)SQGZYK6b#mfq*Fl&D1~akMwc&HxQI_YAz&QSga^J4Q351yLx87}f
zHTay;Ntwz0WZ7ew$rfnGXncH$pi}`CfR&;>yWub|h7YLawQ6X=^72r<)`kI=ZBs^9
z=z6|TemU#VJJ7r#eSi1(TGq};w%7OKi7hY89^Rh*naGwmmWBjVo3mRw7<!Wh+z(j$
z?j^FA4rk3$ZYf5V2^TkjF7Y+QhA(f6{GhXU`mo+NkdUh$|H&YZ&i2X1p)rz8KAf+R
z&q-JpkGmJ{<GgwKx!K|gZwJX!z|C-#{KhKPyu;<XJn)_-+IH#a(!kqHMA002g5iB7
zX18OnjF|z!k+v$*=lW96LR8WOb{U|Y*h1}xD^_m}?VbOkM5++OmqcMyI!io$TTNo`
z1|kjxB_-o<n38k21az2QA$8=;R3&xjLms&rbLHT+KTSt?nO-S*ikKwx2hKw?t~5@b
zLkofSBZLm!u2bw*;K%bv_fF+=gTJ#uWY%E(#>Fy*gD;N^I`B0%8PVHJs}J&rd&$)Y
zZ~DS%H8Yw-0VVzD3~rYjo@Y*Yx_X};oo^`NR+H`HY&iUbzS?k2zKaIeqX5VLznWlq
zBYK0^tBr=&d(8e#S(*Cz{I;+W#_fHzH$rQufPds~+56r`0z1U;P>09?3vQ7b(x&k!
z-R{lrOK_~28E<UcppvD1+{V-QJL;(NMRNGLzBBq*uo->24xj!SB!@5Kti5NcvX}<2
zL)o2FdDO5c!@+3KFbFeHIJ3ORU%)3jn742)SI?n{v?kfGNC^J(I7;{je>U4=J}z7S
zkI5ug;BC5VRr~E*6#gasl{k|X1q?bHmGcRogwXqOmFU+ifxN_ezkxmLV5!)utS+C6
zw`DG%*UsHBx{%N9S&L&;QMJgv>smM?&TkZ<MxR*wqx6>1@uO-6d1Hd<7d|z9RqO_|
zUnTt}JQVCT>g&IfeVypaNxWp@>=x~WbqrIS2dsqN@m?snn`*8fXPF8a!@02rQ_5ZI
zKqA1g2bW(ik>`;U)^Wa4mu>9_PUr9P<52sax7wZ0nCacuynMer*_drd;fCJJ`0P=m
zGeLW`d>MG@-#LJb!U{U2r_?RRuM@{8)eX}1xm-g++9!`YrAzX_F?fU~$9rn9L59~-
z&-&MdiJX<$7;ZF7DYP|Hy)GQave_~#k(=XcSF>zZ{GZ|&gJil?IYkpBBgt{$WX23J
z%}Q$<ruU=NAJ=w5OM(^I5+r;CA^&Bf<K}QHG^E1o*%Z6A<~O8}-C6jbe+7)YDXW+I
zPp-qt+S;%y9kiF$J3PotFoO$_<ol5$k7vy+V1ztwCx|lzfEQ=87R83=eP<<U`DAU}
zm26nQ{leaB70Q!X4l66#mP*mrS(K${co7+pu_99X!@5C&xINaeD=xyRTZlicqGr!u
zCUoFTzuCJ3-(l}FoO0t$+q-<&P6;M*oITV|iSNut65Q)*Uew?A-N;L|tetC{FMsd+
zep-#7LQlAsug#*(vJqm5uEk69@YxiwX`fK7!vigT|8PuD$&pYj0PLPiwAS#Nid}|N
zXnI@6M>VRY=Tmu1EIcROz+XQM@*DB#5^`a1NI%cs(GJ*PmBl1!T%W4|kL(7^@TD88
zK-`<$^))0M2-?w({Zz+v8Eb#M+F7a|?}QrbT-seWtO+!gk7A^cQBbekyk3Hy(08F)
z{>sH)pK#N1$6x0LVb2Vn<XO^w#a5hOc&3Y6$;Yz;3~4i{4mqYva6BSYi!%}H-X@9t
z;375V`>!B_3ph^Rr<u#)xvTW<j=o})FU>pqUVhM55O%$lQ4k{6{)0S+wA~AwAVX<^
zZ~B09Kb_Y0R_w9e=YfA{dGYeuNjY#O(AN*GG}5BQDU&60Ao%Di^9O_>9F8^Du`OdF
z`uCwl3f-)+JchQCl95GR{tFeJlfS5`IP@CAIrJkiGv_a!X5JJxOL|=z_NttlnFOz=
zix_6jB@nsm>lMIh;*gkw6DoO>;N^3n?`auPtqgO-P0~L(Zd-&dpx-r~yrZ$S7bs*G
z*xd&%LO``p*qm+)Gfcgk(9+@MY8$4_2VP)P@%cejGziFSzwm(T0v0MV<4@#w3CJzb
z?=}n}wCN~Dr*1O9xB1M5h|RYbO7UH^vd!vxWbLme^~Q-uifxl%u@zOu;{YX@I&!*d
z-T)!7nnykD@%Jt>tc|{>-kOGnQ;qB8F+HJ{#zC3T?Pnm#i<;@WaX9l*;W>L&<H%s{
zl=t<v(9Q>GUK4sT{ctJ!V$L_LKPLB2Y<eC~+aX;~1!57rS?Z)3Ep*iVSv0s-XY%-Z
zFFSq6KqPHB-!F!RN<n?r&h&ld8H3%c8pK5zap+-asiAE8fKdL3qJcycRsgdIq}r?^
zPi7M3lPxQ4E{V7`CIeV592zTnaIgOCa-=?Vpds3a{Ch$Uj%%TQTg=~05smI4aEH*Y
zE*}PMPkh+Ell98aa<^qI846#jD%(9bRky1iO4Rl^X5NAqm&^z`uvialL0-G6Yiw_2
z7P<c%@NPJN8C?LNWy`5~DG|Mndnux*pR0ny{F<ZGb?5nF15GeA0;SU7v!A0Eg@Ym^
zNGJyUus|P|&RZnjLHkuZSLJcp<#qvV_k03%0WXgAvMI(J=zUyptD^rWQqW4$%jx6E
zjxA#-#fgJx{}kJ{(OSg+9MR+=(^}_!qe35Eu@r<}ni~|^?q|y#MMeJ;RoE?6n`LKh
zoiCd{F^a3{JsID1ZXbL&_luL(0NG-S%F?07BgQltF0!=b!koP(F_GYA8AFID*%a#n
zcdjlDbKWFefg-A#IUZ-64Km4+kaXUumG6FPFKdzpvQP4~$@j^jXW~ich1ypnkB8_T
z>@!**zZAXYgJgAaF=k_AfL;a+1R;w^w;BU?V`FX_?j$cEuU+6@Az{-hr@lSOThrTY
zBNHfzrVt|2-cwxhI#F2ubSXsG&aV~h!ImcXOZ-FdOF$DwT((t?LU#1#C;DF_KTI0Q
zdV$x@bBlHVc%ISFux~+0*9hsgUuIE@(&MOqbzd<bS%+sW^NNuEwKBx<&7jVgKTjgH
zg{!Pfl2ZhryY7p<%$Pk>|G98I%^qGtZF$wZlczpix+eUD{t<gWB(Xz0Y>)zSyCZ)%
z(IY?_>R3$k&n%F8o+gWF+x}NNV0NGG2?V%#3oK#6-STRmo(3{XD)r(Kq}?mR6o?l6
zQ6FHQ?52zD6oWE>HK2vJ70jtE@yqy~X1m{CKoU|MxFh^9Ct)f1^YnlT13%2=^mLCl
zDV&6Px<3IzS|eCaquQYY!;auD)l*p<|3nWNn-bwQ^m_nE<m0la>+3sVO6BX)ovZZA
zp1>dS)8)Jq8Yf)rP8}iKi;tcoy`IU2A=F54?f#gryG$0TG<t&QCx!MSMnY*Qdiuoi
z_N}kpfxq2W6~b~4`vR*JAaJRqM4LrM6vk`Q)8c6g-%YxLEwEURs!@evWeLT<Q_WSL
z&5ws2^TFx|imv4Vr-hC_1n%pk#$#lKVw!E=DcVz^-qD*5KkbqT!eq?ibJz>L?$-Y`
z!a_0V-!J*&DKxRt_uS8i7`JBn^hO4miQ@|df+#Q2-GgM8^3GJ!sI7!)H(hc+c=C^I
z_^isufY|E2oEc$m4_w0#C#vn6maqquo@a&@gn#Pie0)Us%-UxYTzq^4fs#syMV^*J
zFPWd8B^6msbc3fbzJVBf>*=Wqs?gg0a$*==&&FN#v^LvnPI^6~31S%N%E1lmXLNIC
z25&0r|CD=a+WIzYxB&D)<s1J-A%aCXfkK{h6~(j(sJ6#2WoLCeOt(?Ly4k(OqG<U8
zX-b9)Rht?~^^^(*9U5Us_Ki2;{`TR^?I)~%Rw2HtdcsN?ZT(V>Yg{h>Zf=aWaSm>(
z5FcneM`~=ik|E9Yuufh7!&?%u0rqMh1E;h8`5Mw$jGXZ)AT|0sWMU^M;TL3(hS6?B
zH+MY#z|q#<3D?e4PwLQ|bg?f2Xwn^GFoMRgo<JB=<{yTbu2%*Oxbp}&t{mHwO<_nc
zF#own4shQJxYP4|n{9Tty=;fz34<c*sZ_~vGmqbKH!Z(Nv|WApcNJ>g)HV8cac_k$
z^}@vXPVk5PE)NO8gMjdFWuV14%D}bh%gg_fNXdLDS#&H`a{lXap@W+wqeniH#HJ($
z!S;~@m&g_6Xs<r|j5coaD{<{(@rJyMV$%$M2k`|0F3yF5^u~XS_Rl(c&vq`8)a=pZ
zR$H9?(<q~XB!t#R&{}x!zw{~6FJ~j^;b-C_Nl47mpdTvet@OJcF8^Guq-6$b$}@|y
zP5i8F#WIslw((+7MY8%qK)|f~kd{zqJhef?MLd4MyrqORrYb-1rzF~(8Ltk(r)$i-
zb>r)X#N}f9NtU8N3G9xn8K~RfA2Cs=H|C29DS~3hSpa&5KoUWLyf*DaN<e`1Cqaw-
zH^Rn)eKJK@g)zX{L!%Ml3Q##mNv7R(K6xmyNU2Df{=&uva0uwE-Np5q#n84?e`T=p
zYHL)==IPS#SumqOx{P+#<!XVqX(XT0NX+xme47>J_Jj39B$c?w>2Y)5baYE9IKi_<
zSWS+FZGI#-@fzz}U*VYuqX5>YE}~w(^n&9BDdXjgCX^(qaKC)eMg}J%D7(8mIaTY@
z%q?(now`J*HPmuBJ)HR-thEdb+@=KuB~U{{f4+AJJxv-~3Gq|ZweI8b9$g%H7!cIN
z|8Z^Jv0$z|YL$LjE)LFTqQKWCz+R;Fu}rQBU1U^`f@Ik^MBsk}7fR?livoECcO86p
zc9)3|8a)U~_PNZ~1rxbTL+FpXZ}1W9OGFWsxHuTv_qSgO)jaQS(exI}CRm$ZD_<|y
zrd0+WnzBwT|3MOQg1{J`5dO|48@8$U_1i$9Hj({B`Ymg$U+`EY+SAD+hyo%n#l*Lq
z|7lV`EH?lz^gvRLuJjhr;&37LzS6Lt^s=y^>MrJZyT19cJrXa}A<IhA3Q?-?QbiWP
z-HFdCjPNINYWLyNgLH5?N|=0IYP+n-GahWF?{igJYJb9k5gO;B(Ub;x{5B{;z>>E<
zVhc*TnVkK6*#zVE>fyZ26{tnfc7h_#)om!4-lrDp7q)5kmGh?t-M8<ssNc|K%}v-)
zEGaI{e2s<M6<K}Dwe2{7fi#A2BC2W&=&al&$f-<~U9ZZwY7>7Xn;H;7-#+0%9TYhb
zoybq;z=9v)9Fh+%&WH~J8+K7Eo;x$o)vY`Owwn_bVMA%u*&>9v9Quo!DS$09Z(msG
zRiS-VjB3ICk63VvUyQdz-!3^47=qwftScu%7E;X(woTt}8ZtBOy53(-UmuD2n}Hvo
zju6*u<KRsP*gSmS#9UFB{`x6*K`k2&r9jhQ$75D7(eG@%lD8>gl2|Q2C7&w5<jGcl
zd=%gpMtic_UgM-@a<sYL=YWGEbcAnqLihX%XF{38B%?;)VDlD@yOWv5(0Gx4G(VFm
zh0?kHnoaIGo=tkW*_-_Q?^e(I{^?hFKnQa7Q=i@Y(6SJu9|>i^LQVCamuWA%l7f=$
z+R3I73Ab7y*Vj&pD-$o}J0sj-?Lax!)%stILw)SHPd7Mq3pTh*ZNdr@$@I8RbE)ON
zBp$NR+iz(wOqb0lVBKwQGs!*Hn@JAd?<J}|5!h27*YA&dUe{Ya9iH-nEia@azDM9R
zsfoTw#zpCr1rACTrs2;AQWWCc7i|Ex--cz|k^|!i^}CcYqNEsB2QxKwMgZYJY%eaG
z)+q=m&+*rZRGOBEWD%;e{)^P%QWiy#DUn!&1<nZ@%#<7<VOTq#EDhEpKHX-GS!!q|
zU9a1T+rt_JBB2G=D?7rIcm!CFWGPYp`fC{?U$a4a=IvyDN=+MFnF(uDXJf`ydILV)
z8+cMc@lT|LWz$q9(U_q)n;Z$VQ*3jc5Y=?-1HkeIWpa=Bm+A_HvO(kb4j2(ub@+Rj
zQcFw%aY&}N6_f=TGjGX&m_a75n{@dYYdhlSyUnRAf!FIH$;Zz2tCUlnSTK<sHOt0t
zNv1fEbmk+%(DRlkUdj~?%;#O+s#lKu2SwgO>F`Oq(x#^fYS6!ULniCOgvop2MGo&D
z{uKE1Gq*%UtNIf5QIrjeLkYl(u$r?&TIL)>qwyM7tDNHN?m$FL{LW1<GJ=_UyPM7A
z%f9q_Tu&(yJPSsE1$VZ4j6?_o2^$!9m-&hKLzFwKk|c8nxbS<pZ)T5vBh5(|ADm8L
zomLKD$4zC4YuSKZVclZwgQRk0IXQ~;)A^$#f-E}yTO_asK~)Vi2Skq{YVV@Be{)uS
z8okadwDmG@-SYV1bC{j>vFhG-sla6{jIuSRa84RPqC73C2ch=O07n|Tny{*h?qFZr
zwKQ=&+NfO$w#T2u=EvSxXl{!w*+i;Tz|m6M8C}kMii%Opm@f%#HR!q6*>}xc{0A&1
zrYe+Xm!_tmP{s&B*NW@kd&iBns;u>vKh9T0Q^*K<m&yOFaXSGzY2%Q1yECS&R+ft-
zzg>T3u!~p57qT1e%}if`TJi-@@{Rei6y&w4O_=)i1EVzV5(gFC5eIC%pXP5TElEd%
zN_!LMhUzpoM7?>g=nobl7FHiiTYdds+jqxoW`eKQp06j_RaOs75dMH$>uDmGVRUz4
zl;?Q&=;5Tl4BwjZV+Jz70a(`p(b?`Ow7zk_>-)6Xpu=%U$f^a5_0J6#%CF;9$O%av
zxhVoPm)o7F^5)f{5&fbW0$#eyPY)wf4zRFIIlR4%jG8uDeU46MwhfB3Q10jzZ)Seb
z%bFCXDjZDc8^`Twe?xHHtw}^qLdlKu%S4Qi2@y>yoHaqY<Upe(4Q%aq7lmG6Y(z+Q
zD+ZL~9nbvD3h_xd_b8~`5mKO`3=|#`mDR0Ordo`!%bq9TUUK#FY_ogV>VdelE1!ew
zU8aWg)3v3Gi8j4VnasyFuu_Ef!&t&4#x${p?ZPo&#UGN<W->ARi_a#?U0LVv`}+GD
z<zIYosx+_=J(Q}ptp9q%^J!8#B&6C&>>HaU2Ve)Ns^>?I`rB53(dC4NoDQ$c+2U`j
z_XMrce>ZEf79>)>0A+}6wB!5cXfbjjyQh&GAB&pt2k-jOLoAA`FMBZPjwbEc(dNJv
z=}bag$OXck6BjkQ9&7i}m>KIYnlFCnJxo?|{i2`Pb^3FmGoZ7+EP`>Pqho9qg!PS_
zTs6w%*GxFsveY+q-5xxHL9l)qOh^&b97RR2c*Rgyh6xE(Lo=oqQy~>#*gN#tuM8Il
zv{HwDRXU81>_pgA{zD$0Xl|g}WCYk!Geh~*B&glv@<GqEi|FZn^D@rx7V^f>jwxkz
z^YXGKVs-&ipE0g&CjEU2&l0_va_@fqadWeHvccz^h(&NMxb-A)N7r#m$vNK=&}|w9
zhRc!qv6`(GA!0uxxU~6kj+C_d_UiK?f@BC-2t;U$x7k<#3IVMAVRpJe``Nc<#vaF(
zEIG||7?s1DFNOf$4i@&?*CucPXqWtr9QX7cWvn5M$>$lsq}yg#?ezFqSJ%~U&ly?d
zeywG{P{@rFgFLKf)i?0DAH?@7^w@|8kSXQkJq2ce>ptQGk<r}eeIDfK$^``gRBsy!
zKRs88BdCHn)qCuoOg=Bsi^pjPJs&2ytJCd@o1_B(`nP^K|3v-I(7t5*dGa>Ub@}Ym
z1_l6ZAzyg9G~s^oK!Xx?o44|-pW9n}fwJu_OOIY19iRNCRW2YxJKUvb=Zfy<>D6+N
zCmFQX=PbZQo6sA8<tgKn?En1!KL+2Jq35C+sHsM0FaSz`0tK1}p4OGM7B&FDa&>X$
zwpgcgxO&*SkiMJbmLHRCb6N}WiMRar+)?K=>iWC8aTVC-4MM?~=sMkoPwz*AllLHR
zD*npEiV4ajE_Hpdx?o3hrE_<QA`tCIa3Lt#BU38QieKVolIe&oGnYrw2>9VtHv%vV
zI4p&eWC^`{3_rmN*HY~+xU-{9tK3>@9!g2piYbtTQn|=$oZZjXgU%;<7-GJo3yh}B
zn7iq4p!`f&w$2;w_ds03qq;L>;(Vn0TO@~G)AWCYw)_+7duX}7Afkx~iDp^l%_AEh
z^EB3Hq9)!?%7?bh>+$f2Vplfc+k<^vU7EZHk{b?YN>f%F1=r~d%tE>x<mHHd^fFx1
z^5xYfZl!m)gNpdH7Q~2}P5!&*tXzfa1QO$_5Aky-u}k~L%+*u(-B7taBXobdScaY?
zLcPnC4$uCt;f%<~uPb<(!i&`!r^$}*Qf}s6h8+6VV4*!PpVmf6U$0N&tME|D$a5YA
zg<l?!Gd`zPyzA@TUgZ^x)T%91-Y$A+t0p#|-Fxtbgk+{8X^+xe$ErPOv<o9a>0Xc2
z68tO;;nV%rl4C918xYghsk&=*e|tMFOS_;^8Q&Djp(C`x%pEU>7B79Hw}%k$;f4ss
zI6EG#Wtp#xUV=tB!z^VD`(SnLTD5Q^KuSqD?fk@i#vm*iMxZzJ7mmTmg0_82-83?G
z(aM|x{LD~z9fId{&g@v?0hI}0O@RXORd0D6pEi#M7Hx`>Bm3?ZCi{>|hlB3+rg}d5
zq;<tM3L}id=<fQs1#fAY$LslKTKZgSbVP$CPqOL;ni?hQI_j&Uj!xvQo%(=pBjxgm
zLjQdOUZt*J7p$}#?Z)k0Jsp}=t55K9S;C%-!}oZ@o#G9)D9Jg6SaC(%0hcPng>|%q
z-=^GW6!{dd&J32G`$=PO?#eNdFeR@nnuwn83W^TVVbjlW74@ZsT2R?EOUXg*+-cKH
zD-_`6pV|cQ^;cy_&6W~XM0)3$k%IvYx7sX+4o3UdeT@;Fbq;C^zADY5dl(7vp^eOQ
zRdn2~S4xe#P0>XZSEjXb1W+eWsA|pMOO^G~L)SC3bZR0T>G4DyOf+3-QfQ{Q8_F&+
z>1rpIk{y>aVfK)#%0w8x)o_frkEQz%tK|KR_*VA|<gwLA6gF2H(x_&V*hQAPx6wBK
zjx$rf2=0_PTthgv*7NgQ9!yIi<#Mv;vm-~G)Z?ggv<||NCyCkl&#x6$HDtP+r~ne^
zT&F~*NaCY#_BvPg3J$CL<gWOp;dwRe_X~R`KIu3-41d!S!85PTjj!|tl#ahIe-~Ic
z8Z+wFgoD}0R0=W5QiRqnbDykaYCCusHtx3D$SzJTo=m~eZg53@OOqz$NPX1mlw62~
zm19TC`(9r^3Obe^tb89ie&n$+)-slx^f;&&EFZdA`2VqApQ}IIq~NaB&M=u+EqfKX
z=CDM7IU`r%wDV>Yw&`-Be1fhmbv53|TqQa@rU+W#{79RyFL`R7-?(2Ue%CLskZx*&
zFQ_(q2>CUD-*$3HAMdro@ygLxd>*1#gG4gh*gs|zLgx+AFo<;sjyY${TAI19yQ#P~
z`Ig~?9#$SRr5&y1ep<6mW@qfI(y6wi@s&&UOe)f`MrnVgm$xhxMoc449)9#4ry{rk
zN*n%VDXO65bU0L_WKe0v#Ak+?Xp>Rg<znbM8Ap3b_k{|zOcoLl>c@prTo9Pva_$tK
zOMGV4Zb~5`9oz3FP+MKqnXSqLlB2d@51+M;PidCs@+Q(F3c=prXUQH%+NhIdD6qyI
z@co*3_hX_`@yc*|n}Dy>XXIGAYiBHD55mu#=eX=nzHnqH+>eA4!q1a3yw9RliajYM
z;&8q2$PF<&<&;(z4O60(_|JTGQ#Tz;=m*i*4Vm>)asky4e0#F&5yH7B+Rw+`BM<M7
zT?VFf<j+|3N`5J4eU|<%AcMj)5t}m9V5F0DUgjL&%11!G%zh*nI-wjDETu7nG-4Z(
zuq#Hzl4GqgAWR_F7ZpbXyH@Pxqm54ZiBkJ;NJCF)5L0EMYr-6+&LPAI9imlyV>K*4
zomNDO1N%64kWZI<=0g0Ad-}hpt{g2uLEPC;I$o=BKlUvTrP-9EhaUP)pjj8WtuZC;
z912kVY(d6{yT#}Zr#nxbw{&(FP}<3V4N}=^?fV_7Onofd?r!%;5HjhB7M3Pp!=_=R
zYbLx}8|p{mfxmsMuvfePZTc%*G@**nNNFMVuRm%TQ=V)Lol=V!VJx!Zn=Hg!o{~cZ
zu3mE&`0X~^8zX(6u(aUIu>$yNeo$0a#klb)kUL~@d`=BGy^qEQbPpnvc)Hp~h~yLF
z)1oaBrW$bkYJ<S}^0nVL7KtSs>>i1eC1=L8C*db6kGB<(Iak5#J$kb##or7J>;Q*m
zuC)AFbUA%oVY!eav~vxOAQ3u8<)!ty;>snzMs-9Pc;-+r=geFk)qYe%Kz9mz!<<mW
z1g0j!*=3-^u<oAm-Q*Nw-TX+tW@}PkR|*x~B6SzA%~eU@594hf+e)%5!q0uz^RL+p
z**bCww#UlvkmPQ^oRqC2zeVln+oQ5WBA?Fve2GrELC>&|p{*^l7EGneqgU-)14ppP
zyYKhygyEH)BmJxv@LP`P8$I_Kd94JeuY><u8lb2(?`2Ld<JzT$azP9iSbnD%tEHDQ
z#1$^=s2~t-^!6sGyfvC8i27kh)L|sMC~pNbv<pAWJpL^g#oCGpxi7D7J=M8OoKXvj
zD=lF|qKTFl>khzbQiHdEWzTT5>lQ~OtSk8$t)Bd$W5IlJLK}8N>j)(V7kOT`J8^~;
z-)oI2#paWrPcBq6<el2{*czM`raX9T<0l3(N(y{DYqz0pc_CJkwOzfv5&Y5vXYDo_
zd&%YOWr|LVGF0<s*7*O7JI<J&D%Z&VZv2xYLm{>h*V}F|dLb2LD9?b%qa<SyF<;&2
zYb8RgRa2H;QlRE;Wy6wl*^{ZcQmr*^C$A3$u+GD|8e}H8J{<n$+^`*U8%Q_1F5Hg8
zBT&kDN(r302tVQxUyPVMIIv!^;B1>MOP<m>bK>VS`{$4=AZ<NjF=qb(uTC8HHMujt
zmyRe(v|SN84jgK<=Y;WHuF_jR{CP!6Mi!5VwXEgG7F{-KBi9*Rn`@EJx*|GWDZrI0
zViNCpZ2ZMgc(V_?{s;kJZIDSoq_(0cAe?13Eks9oY)hh&g*`7Utkdscci|#2Y9S%Z
zy{b5TtIiTHm5*<{so*IS_Pg|SMs*+Y(+^e_9u8k#XnrTOulDdQIKB59xSJJ`-?pzU
zFViARJTR0WqlJYIfcv>NNzzf6pxsI;3*dRCxOW?J{LA|z>nDtoE*#;FTC&;ojX2Yf
z!gi7@eJ&UP>tY-fw~B8r(;DF-^*YC@5-%cD+8t{$)Mzt?+sf33>t!W97UHg)rDF&O
zQTuI^0YdRSul~i$=@SJ*X8pm(+nn_k=TrChitz<9D&AV(Hxhlid?tM@RpKZLERk<&
zh1P=U;+`@mRT?t(ZQb`PTx%qhV=|C_J~F8Gt$<(foTT>O+<E+IRg%TfmN~=}BP5C@
z=dp?q*;p=)b^`-gpBXVR=t(smRz7hn=48iH+SAq^{~A`n_?_We1xHIM{*!O=^whP0
zd)pNM#3ZZ{ao326R%<o;^z;wxNF=>ke6Q>=^1M7si$aDq3`1BhO3UHU{4_ItkUDBH
z8e!L@6{v@y{GT&50eB>d`D!S%)cMk7+LHG^k*M~^Wi-s1t58yS)&y|?@M)l(B!4&$
z%R>_vbyTS>ycBqYaIUZKy#@Alc2T(i*6ld4kgyZ8lNiVn=9i~Q4L%mxLf>+SXP*tb
ztU|#6=?MJ*LjVf^Kq4z1z>fM?93YGUP$%{%L<Q)le|8}rrf7iA37?<;d(da=_g($h
z5~xSxcs2cNS5kE&dWakUH50pB;s`!Vrk_;1yL3Ov=W!|^Glj_&TpnquW?+jN0B|FE
zvoJf9&+cQ|k?Y^G`eY!zou>;ygA2X)nO#LTqq97HZo1Ec@N&5lyqaD7xV_6lb*1Np
z0PvR$$jh)ijY3p|;{vWeVEg~U{mec8H29?cbs{VP@Fwwp4Ns#c0^sr7b<=xH<lmeC
zhM1$fRr>#?EIow!yfS^<XMbJ^=+|Ez*uv+{`X8E*1o|i4Ktwp1;MEX(mONl8B12w=
zs$oCdB&?mp4dCV?)js_G7>_X|L-g7H+zj}B2t7<*7DUzC?K0|kT;)rJdob(tPM21!
z6ctWDj2Oo&53VGusjk7Ah$%%;RuL947h1Yl#|2ts7)wb)NF2d4QA~|MS772&DuhMA
zLm{tx|Kbgy1;L~EfIQqobUxy_iLOL#iJknzhu^u=9u+8T$m#|>XuWv#+(bgNYOv4P
zFJ8+`V~w0$cy%?)xR>3&I<t1`Kl5;FB384=QJqNYA(}A$+|h1SQjYWfVv*A;9OO6u
zE0e+|a5XAV(!@$>0Urke)(5!NWqPC_A2Y<pe%b@ARrrSZh;R9qcrM?F#cO$JJG7%q
z8_4R<#cs~7(1CRNg#}uXC4J@X@xYWW3H7}B1W6gk>zuhdVQC*9vUE|4KE$|v{p`A)
z_81Yt?PEQJ0i8laPaYnXSj3)SVjL+hSHuzV1p-1hB6>jZ++w0-y=B*!tndB*qwOoB
z;&`Gj2L=WkBtT#YuE81HEy04j1PHFdAwY0<cL?smCAhl<cXxLu=+5uI=j=JV-}h7Z
zhwiGb`|4HIdsX+giD4I=XzA`xvZYhUbTFPd+oCIDtfrnq@AhveE=!G<QdIv+A`oP5
za%J}MxoL<)Sda0A^DjHQ4<vz5hZr3}`0IGhZC=9Y_90Q`HSfPgau$BRE*12s4}>1E
zzLe*yVUl?~33YDJiz+;AD#Q38^S>i=;&FF;yJ!RUEl_y>w!*>-DIa$?QdU)zu^`m;
zG{N}DzPaS&WE^btURvdQ&SX^JdyrIV<Y0#2ch;!rWvlINTDL>&uuT47_(~C!QDPEj
z5jtC+amAa#-r|Aj{2$nxv3u8k*J~NPSt9qchAGZY0fnX)%^yk*2BPP~*IVjbOzkJn
z^>oq?%RivUq(@dAI7w_PX@xN3D1-3Q-NYt3M|k~3i`WlP;YeNDI#4+}@9);yN*9hP
zlvp#usN>Lvc0P29Qe=*9{Lpj!4OKMo(N>&6Ft9s}8wH7G&jSyUVf&{6%cChpG6c5z
zou>)x0g+MNzFCFPD+i?Ub=H3#0g5nY!k@2<JNYM#IZ66ejrMH^nB7@6EX+2a)zGys
z+z5hmZ23zJ!kL0;`4phg>`AbWx71~hTlw_3J??wtr~n$!OVK0ehD$a$u|>uE{^>l?
z-xm&_{kJMbbyXFrc@>6!%$Vg-`<}8vc6WBN<MCb#BNpNWrpSA{iFvcnzeuafD6T;d
zpM^=;epxJ8?WGQBB@ut17;-zsJxAsHmve_@WP|du<E{DGMX!+*{3O0c*4#)NMk*u*
zlbtZv{ek+8<;9V*v;MRy;`%Y9MPo=!FWT#$iLvqb<G-ph;VO15bf{ry7b;(wfZk`%
z+iiso?Hl(61>A{#zHlza)0e$hOWobW!`<*Vpx-wdm@os=gKx&k!4Z<JUH{M|&{D)q
z-(P|nvoH)ylU0zLU7;34_IgcQ*YbA(pP7?I#xVj5bxaw>p1z}k%<#h7-~vQBGNSwj
zigVJSRXNQPxYh|W!ArP7aIXh9b8|O0b9e+ctSVwupLTW&|KTfaj2B71K73Z;)l<}h
zh)w@?HMF+=amx-?HOubaIF1gDD6HMa8{wJg@_<vM9FHC+oD5Iax|2U#1K_80;fXeP
za5U&=Rx{{q43MtIRyzk_f_|=9IrEJ&$uf0`T)|!a1RlKiVF@V|wt9NHv?MP<t4kR>
zgzWXBr}9AxFVlz2RoQ4hJeVBcJY{)%DRj7ss*s$F5i?dAFhfvVbc8ct*`#+xg?{aT
z&TM5?3JOyI+MF+o>+R93rNd9biZOz84oER{(B0n=8(jEMd#&5w9!}!CXEU@W(xdNh
z3WtD>u*nuYbT?pgAN@vnxoaRYjRoo?gr;FTU#XLTlm-T(I|(&+p;&#``ifUiv_W0F
z=RKS5_f&z8HcQCb@?Dw!zUAfj0Fak~Qv#kq=G@$&1+7XH8XIK=;Cb~%O1uL91~D-Z
zj@fhz8~jZaQuYaA+=~N%8PQU9W{FQI^O$c3JtT@yw{ZWO*8Z|)e%U#%*Sn|XH2Nnw
zb~QoUx4d^1<d#QWRc=f@DY|~0_I_AkzJCL!E;8#w+D$2gO>L1qoZ>G*KmoDsOInXV
z>aLPk+lINzBrMW)MC3!n)j32(`s2Q)#vdNwy~*?`X(S{i{w(=@0*Bl^Z@8Q{)Pv~l
z+Ok;|R$m;=EDm)8=l*;>wSfL?P14czytOo;ZUTMERaHHW7gmD#F4;Y(*B@i1cwVVH
z@_gST2`*n15+MqKv}o4XC7Lkl`=GGm_;a9x@aQptzNG$8T7!?aeFjyR=$ZE*>Q0fx
zd-7mWQhqZ=y>U@E&`O5<^~TK1!9hEXYnmh4>$+FGzT)dKq9<HHSC-uv052-RyB`oF
z24fMT`g9#FrSW-sDC=kUi}jd|<86yvfmRJ17Iv<4Xo*TZ9jWg!ma3aX@huIsrlCPE
zcAT<l4nG+e6tkkqsE8U{Q`&AaTHi;6Uf5o(Z6vHJev-{Uc#0ViBZp^#eG55_1Gbok
zUKW{7<As*$Hlj->OP|=wZpXKudH_q58JJ$qxx4Mf)gwF|6+A;I8QM1{MjyPLnNV=3
zDy(loKTz9FK;VJ(EEIuQ#S~B|jzrSwN$;ThdSJJ;OJNZ|f01C*$_kNmBX1X7SN2SF
zPQa`Bf;Qu{1PSQJhYfW3%{grS><w7gf>RsI^oIv4<{hTLPBc^N<^%j4^jHqijG;a}
z3(E|Z{30Uf_5yGQ7t(%k;Lw@Z?RYpKC(UDh-49YE-X`veAN+@VrfD`p3MgV4L#&gv
zP@D}uZ{*;PCuX8{4_>0zoXB22enFD>P!lD1X4XJfr9^!nTPxvJpO-!)zFKre#fG->
z*jC?Lb6Hh%$e>X!+L^;05w0P{gIjOk=i?-+Kwf_~y-GiphadanFH4Jyh_`#_$`uiV
zmiXJ3Kd`XNJ7dfdgTxNY_>An>{u@ds9PQ+>nr%_LM{N=)7#rcC$PR^E$bO0kUH*y(
zPv=rK<<@Q=Iy+?))q;FY-Q9tAcq6;(Yg`Z?)V1t8eMJ};B|Rc%XkIUB82$yTZ8c1c
zHCsxoB-(mO`Tz}Vrk--z6MC>b2t1Qw?$r)K5<fL_gU^_6YQhf2<3IFd9iBdu+E)v*
z5IV<wd`us^9(|tKEiIcL^8fv1&BU}vEj;vs;4K)_*$070c!K*aUVht^>pRlg#_yi5
z{H#ipJx)$itV;jfFrq?3n_EzF2?f*{Y3LvPa^VFQw3e7ufN7#QqlHGS3pO-?VnbqJ
z8|9)Jk-)CdK;KE)bKaEsWH1ojzir|Z1l$k_#s5VP)<^DxYIK?Y5CC#ZB|U;mKtP@e
z${$cj90Mk>7o)XHMMs4Y3eAK-AgJxx#m)fqq@+7s)G#a^`kf7_Usm*><iv^{11x{2
zB4z_G9aPbXBK{D7R1QGW?Gr@OHy4$O3?<6sjdMbz^SfQK=&9n$mX9At+9vn$!_Rq_
z%s`ZO%~OI1guHAV{*eF%d#B!YxQN(7RVY~}1*Dx^R8(DR1!(9=Dn_tyM4zRO<}|2i
z{1{zp|NH?Sm8-H5`7Et^79pdGu>z$dwgzACQ~hI*|3VlC3>PCLbfxpVHv)RHH_#J&
ze2I;|{5|o59-Q>%hi<1+Z{e9cq5%y$Q$`^}hIjNmoi@RKinMqb?y(v4;1U!d0Y-kd
zlyCZ=&vKtESH`HR7`hFo&pD?d4W9NIH;7?q*W~xTCMW14B5c4^<yoSM_NROqtluvf
z5Sv?*JRKLH!Y5c;-!@&?$)GG2i2?DX7=k`R$2FhwzI|6S$~C_!Cc+@|38uXOnOTz2
z)MT5Nwm&_jND1jMkm9@x5TJ2Thc(k3`@KGyq#s)?2qZvXs9Y^ahw3M(O`!xesv?kK
zKB)x+h*{hs82>l%qOOU&gUpc6!-1>F%>Ke*ISm_3z_)hw((e77^CJFTN)Hx$2fx7s
z=MC%sThQX3^^?<25Zq)#s0fGM=VnN;Dt)}~D)m$>S2ZFEhyfd1LvY(UQq$d;eP|15
zeCqpPelTC0<t=VR!HW@fL#d}sM&l<Md;SGyFZCn`F{@z~!5+GggWxC=LS%Vg6JIL?
z!B%6X!S1pXX1_k1#*ZbNlaQTp#Y+q_(Out62_eIc4o&a!ke#uog|*bu!lH}t<V3?4
zWGi}2@GV#SN60_xj~m%6=ub+nGX*m?Ag!tzuqn9rio~I$TjX=_@yF#3&G=h`udAr}
zT>60d_mK>U{%%Y@T~s|SlnAKYxjydO4d6IU_m+8nUM)1}!h#QU5SWu~{^vrI5PCo&
zi83MM^Q~En7{YPnNPASKIlZ`crUda(27p3RVwXnnHsF=%u&@hE3WjC{z;ko++xAMg
zh`WKJ-V6Nv&b!04M#mkM5$HcRlfo0}VI$q$^5(eGB&#5j1hpYWquMI&DX7QW6X%P(
zyqmyjwC|E&W)68$MmjitTz^ChX8lO?5MZ_>7LtQ!!bMd^bX*A@4gol%{}UE3G34%t
zTf!&Iq|{G|Of*x+$f)`fpQ7Z0vANIeMVp^lV^;`$hR-FcYk?vc>hB;6D)x=shsX11
z*-7(8)jY+TTeruF&!8Wj_{FEDyFtDN*<J^4c*1?rl?wxXeL0VCx7ahN;0U||{Z2HY
zERpZWFwHZ@V`4(1#eryQh%1e4pd~VBf)rN(9vrnXZV3X>P8LkRaDwyQUHS}sa_4PS
zX6n8t*!^fUgvPXX!GWD!y6~mD$WSF-#gzTJj_2(Tf_bFMfRI-DPBO}p5$O>$;LhX8
z!j|Mk6RDmL$f(wix%yK9Y^wB*1O^&XOdX?Un^S$7Zs+adWfh&qft{OX;u7QtFvwft
ztr=#GMP|J~92HUB$;&U+EKeD<6#u|;Kl;*^r!T9jX^Of{PDjtz=(3L+8hVhe&5fCf
z`53wUj$5?Rx6wy2HAU(SeIw!W*R#eG>*OzG1FU5Pb`Suew6yaB)#heW=q+beg4A$`
zzEnb(W!aIg1+Rhr4}mmKqG;Rp=ldMDf7sn`yCa$>mnW3LeAX(65Rt_9ATB*ItX4+p
zx<AO>8wg*b;K=|Gp8?CB4LYB$ySq!M>x~mB$WYC|X9EBlo$q|%Rdr+q-|X+)pP_ca
zf_MMgpAe2UXC%6?ZCZMWQ+p*Cyt4+VAcfZ(()UR?0i!|(r}c?d*_s{+Krlz72M?qA
z2L;!jULqKGB^z8+bv<f~;JyXf)BfWvi(2!2Qj>_UGsvDdU^0`X`ofjS_+4~_4i`tT
z5OF>I9lBjPjb1<&DnemOW~So77tA2eHvLaVYEhv=p2N0kNU?ShG%Um{p^Vtv{G&cG
z_1?8*dSc?Eq%m$BAr^MT=8&bED|Z*P3RzhMz0Z<LowkYy@8Kn_4X1H05Q`KvC}`r`
zfeWS}u8QSR7ACa~R}XZ7aj+915UcDHNg0i(uUbK19&?w2%8%~sztB#zgG}wqUVB>C
zr(<oqNnua;V@$J)W|leOx7$kZxtB=#Q(hv*d*j@kijrCAV}KFy+a)yH!x2y0haG+V
zpQ{ko1{@dy>dtPb(ZAS@p%o6U()EP!RP6C!hy&q@KSQBMm}jd%v5&cAVC1b8YQjKx
zh?4+W(aSjls(&jt0Ff)(2kP2_32aq`z~UB!8+a^G3<wMK5B*3z{um2n*wkbB9)wwx
zX47ZXN4u~R0QEsbBm>)U$_YM)dpD@OJq-MA?ogr@4BqszGj#Yv1xYy5`0ytlr|T)G
zreADe8*p$^1<(3!3&8p=_(R*bu+FN@IejegCbFKCQQ3pJayxT7!zd>*(C1r23Z9km
zzdO`niW3ZjMe)~4ahi202XBk~Sqoeh{Lv#RWWfSGO6+O@L)|gU^lCFwx6TN3J0q^}
z)Ftp3-05RJz94q8CZjO^9Wq?WI67sr-WZDa;q_9T&}?|-*5E#_K0Nn}oKBl;vT)F#
z!D=TIPr6EKSq9!nLGU5wshyNml5#SlhU->x^#G|=jD5>Jm+bmJ_5S7Mr@**@9Cj#T
zNaRB4x6!Vj$_zp~f-UhZRx5R~2+ZD0ua6V?zlOhh{zD(()(UvaB2JavIYmFal7lEF
z7C$-T!Y8D}8d<&0_Q9pNgmt}~ezsM2Lj@+(#r=9ihCU?gy*;kAxpLxN4;a3Q-yyzz
zF}Toq(Wy)n{|E#Llte_%hpj$#Gv6~TRP~$Dr@WO0!i|3+0cU?%Jz6RVbxrKnw+!nR
z*$OZU=qkbmxd*{P?b4u)MX~d$0MPEXzi%fUYMh$dw39B5%PbK%c2ltBiRRm%4F7<x
ze|X^6Gg6P#z4nb`$^bZsO}Ec7qCb)@cZoknfp@$2+d8@VGvNk6ylX$^i<ms?!fUO=
z!PW&G*rDARTmNEG^8QRqom@rFqF3XMK#T$(MAb(X>?{l+)7>YTkDb<9?G}NC=P2@Z
zHYID48i={|8K|Q}WkpP?pHAiPf94nSH4zz%-Wf_@$dvJP$Jic~M7ZLEV5^EQqFJko
zF4jfZxfK*xmS=MEo8MfUY_ENa#gG`z?1O^dm5K5^3SPx@Iz{-O22g5<XbL}bYH=&#
zrC(c~a?TTCo|LjQXAT`T0Vp;+N|Gkm9T?REp){=F+Jqq>@^fRX_DO759qJ8Wn>5QJ
zi2ogGdNwuDGvu2vp2q0)usLle{B&|mnGm{SWOHVCc9z^hO)=^HeAf`8xm12hM8P=_
zGly&sT>A5PJ$~3UaIYYqOX&lbpD2bWM8Vs(TxTg@z1=XD&g+kIL9Q=y!s1PrfQNUN
zpS0n?CtN06L0MGW9O#=)i|!s;;kWZQ@bPe(zo;mVFvpJPPpoXy#Gw;u!T0HZc2JJ#
z{mPW?ZxgEO_;UmPFPn-^wMi1HH1Jdc(|=wk7Ot{;xGcydu2T^nVSQqbejNiS*_|Rx
z0zsBeC2>AP#{`LEe<XV&Qa}I$kl=$uhtf10H@X0st4JhE@(ql31{c9Y$1z!A{X4fq
zs=mEw$l!J%OUOiHmu`d*4U}wA4CzOvuTT5KmQZZi!5TnuqkF?#o|Pw1)W8G^e@h%H
z)@B^OA8fPo{PO1Uk9sCm1)`Zc*ez|q4OR|K)w--U5Hb6K0%XF`TQPQ-Gp=EO8J|vV
zOwmk7!}+Bx+sLL|^yE-Zl7Wsr&>s8uY_Y|0aEwWIJmB%kKj+!7jmG`_^xp^o=o3IF
zXz;}K0de=jBv+mjX?0jkAligqx3LDVV`oULw6Yz<ro>oJiDObDj*j+R-3f@|Z)F;3
z2?ABDui_t|t|!E$qmpek8dJ>cyZB%!x1|AT(W&A{Je^6U2(i0~#z_NYal=Kuu!&2*
z&qrbk3!u@GZPS`iU=3n*Bd4ig{R2>dQa(BZ<jN+Av3Va3D5qkP??74pQV8#W4q;t~
z{TmksWSoZ8b?*1=@-yr#9k<;RqlDaEn0{mn{zz{xI$KtwVd(uIrbvQY(~U|0w_Etg
z$@jIfYvj*L<)0Jtsbq|Od^uF5KRq8+aL)>>f3hRCHjYTJE)(a{Df2<Gva~6*txBpp
zO;9RkxvO4tZ%H?S6zb6JQT*x|v1BOvZR`8O5a{buXUKP54jm-G=A(fq8gJ@;w&()f
zAubQg$E0?4^1g${#GcI&b(-H%`<c0{7X({;?n%K3I5W7oUDS-g%`7iC3^B<PqJbb^
z@N@SJVrd41z<qQ=2XaTqE~$GX&=pp3UyKO~g+Vvzz$LE>M{Vw*Vnc3@ub}FG_oRxD
z7}RUo-|Cdm3ruyFp6qur{j$iPYGTC63z$`07|pSjR)A$gm+*5xG-7Q%<;*TM=fr~u
zCOHXS5C2ql8K|Hmr1&gV?7LTZY7|kG#p8}^qJbXk2)sYfa8$GMIF2Uf@vWF~7oqX0
zsoc0(IX74ZW~|84D$B8=#?6$?CL3$B#iG%}{YtbnrddzVn>ix%K|EKXHaGQIG=WpW
zA;Aa1=dw+{^0<Z#iqWh`a(zEabRsd%O&nuWvSsu9!JPF&LY0vSALb=3phmA?sZafP
z&ZVKO%$b2VQ`-rl#Y(9mvwGK-7%OJ?voi&TN*Y=?2G70cu^(v;RB8C!ozDT_2{^Xc
z{!2-KttbF{u;%VEIRH_WN*Sx4$OVh1^TD}RboKn}m%_KZU(<Qa(O{72jzVeVSEg@o
zeVBW;Ypp+xUbEVBTl`vF*1fZy`lM%TN~#^-P5;Wdvlaov)s_xj+8xYUju4|MTUa|Y
z3bYeUn~V|=TdOgll~*1zTFrz=;SiA)u*oie(8+GB;*r03=?iq&k5}uxP1Qkcp-^)3
z6jZay2|+<ZhbQ*Sbb_9ovGJ|oYpRK+cN)zuT=TIfoe(qn%VN0eYncS90~VL->|A?w
z2`8$V&t6q682mTQoV8r-#Q8NLojg#8@%6+nbA`Y9Q?Q)>uhz5?90)?xdr(H4T;$9h
zm)~(b67UwkQmqu=Be-qAT98J+Obte0ga>yXx{xq~5jLgtecmZ^TpJCt!EyfEUJi?3
z6~clbV@bTiKjMn+0K#H({0|T5K$7r4=bXysPx^MdlKA_ft3;0}-5U%Zre3dG(G|UL
zAeENkR#(9^mYo=VKD2NuD1Uv76`zBs(H!i^kXiKIQnPV%G$F^>Na$fTt2WL7WA4KE
zD1v{^Ehp`gr5=zVbkv-d2s|!FV6wuy=qPa7AC01ETFELuqK4GHnKaGay$SH_6T1H?
zzxu@I>^Qj|!xyTNq2Gx(wG9Ycg@&}cZ~h~0xv<%}H0b=5VVrx%p%N2{H6JM(@K>i>
zLs|m#jUkbSG&c0{vEo}Km5dNW7yZf?UpVGZ#5I?PMGfyd&@iD<+BAM-Z2eNEw}5S)
z_eGjcRy|b)F_n_N4qD2%f!mn^_u)NO0OQ;-$b~Tlh@9#o`03tn9gkd2`Ietl<dqkN
z!OKpPn_8|5qBzrL50Pi{At_XJ6nRX>j+OeH0>nXhO+XDs_Wx~Omw8EWcOUGA(7wOL
zLW=eDaHbo>>mJmuKoME+@YQM9AC5V=TRds{sM>?W01|poj<&&=_{oDOO$xtu9}j7}
zFfBcovpKsWE4=vA_aq)Z_0fDHBMXC=6V9c1#V=9vqs}KcpGc9Fh$B!y)`2eDNYka%
z<tq-eM_YDf7!DKCj2*>p?0oC{@3g;WgqO5H+1WFtHa+#p^lOPob&A;DRW5Xq)k@OD
zr5`S$@iV4mIOh)}hen}-l$kFxD_zKc(5ZZY03fQrpo4JWq%rGnZD}XBZ5rBalS6*K
z2HuZ!ex=S3*uI+o-Wnjaj3#lU#AZ2HiVUjE7-mRcP--F(|31~-P!c6yDfJBvOrI9P
zvx%%vCR0dnQ>TB?g%nX-lNQAKeB!@IxZ+zzp&TvihW&yuCOC)H&y3+Fe_ExVEss8M
zTmU~r**s|Qx6OO66bZAv`DuiNB)&9!Uz}ehx)NRCr;TcLkAe2)sHUyc;@l5+%Rh&M
z1rPd8O|;Sx-j2M6aeSMDB{Qg3kEL<^3{VoA8CmfLqwl?o4V5{}66@?7`5~of;cZrC
zkelU@qO<fx$QV`3)5@4cl0~*_l?(6I=&5TK&Pdd|W$hs%<iJ|Rj*YqZjgx+Ya65s!
z>VQ;9`8OL#C)0Gt!$}|>TBh#JuV*7r4Ef0ZtglR^KphLlAdiA^u1#i)YyM#(14F8E
z@7q1gKM$5z)>Qb^!E*(|YRyMWTRpnz#;uSvii?kuG<?UWXgUHMpNGxD*<8}07fw!8
zBVkk)A4a4LOVY3j3WqJjBAQXi92bnWp5hfUgPfh7B0e#RoBObO7kjgac4|%{qe0A$
zqxC*DZ<5y2o9HHUI02M^q8lLwWvf9{DpR5zKmJDMTZB<i8bY>JsEDw^2=+!5&DfP4
z&!2s#slGJvygl99u6r4H9Z)n)@oWaO%$LqC)D_d7c!0hi&r1Z5c-|zL3=(}L40P!-
zIdZJ!bYRLxEk4{)W3S!NZt6U78|ykNi@nq@Q=MexA|L4RM3<j6Vf6WwM$*E0g$}hV
z78a4P=Fp4%i4V%&LW1cZ{Y%{_PfuoBx)drWI#|~p`g?OfEht%9(HV}{_`9G=YLHFQ
z4AR-cG8V|pp@o&kP@*%w-2)J8<+#|2wDs+}|Mn5O(d_4I1!B`+)MI12G%UQ}^6e_{
zok|?Sg%jn&Yf0mu*Qh!o2vXaLM*!BaEG%6IbDBGbl|@DogZ``mbP@~6jniuW)<ALl
zINnKw;AAd%UZ!-4P(yiSEKxGo%rs?whvjEe26Xug!-MNjfI*_QmfK_a%gg*wEVya}
zBxxMb11=~S9!L^xwNuJadduw<HF>(+P?z)T^S<2mZ8&!@hePPa_<C_A99RN+uFi<R
zm+Pj|Httsu%^-u-jhI>xQwo)B(nO1lwv%<X>Q{38W^Xf!t2UN_*d%zF-gSVwMXKvR
zAT<j#Mt7$pLOo%?5pC<d$Q?VUeO&lv$@`K@jS0#)_vQyPf4=SZf|@6Xc2>3jJk3B0
zKs?u3p0S4k<`a+FPTFy6IMC+HZ{u-(G}XyaTx!}rVXMM2U-s41h&8!F@898a((RN?
z>fg?tui!C}F-`SyHbYBAUk^iL3Zw7e6^JWaJy|@HPVj3K{hV8&<_w>38g(UfH8c(+
zYSgQ1>lB3OaPJ7_9LHH16BbFEWdlTMrurOAjxnoP?9$otN|4BLE?c!H%FVG`Zu_`k
zj^ELt_D(I4Qw}90dyvh6Jz4%#-+(M-Y(}DPv+~ty4S~Dt_2@So<u6W}tj9!DYl6T3
zveaJGu-U6tEp_S6^g>c+m_EDFvMkS-fYyKBJ4~CjyXR!(a5l>zGnwEe|A65~n>rla
z&Hj@il0+BCzqq@JMYYQ@f1ppfZNrW#$fqGq#?m@sBf(9%s7g;ruGe^_u>VAcvzUM8
zBP~R1lFQg>5iN_5G9vyM^t2EKXDqEw!%x_1N6z!h1p0;m#rorSzRNAuF%n+c{wTNo
zd@OU`cGb|x0J-ohGq+^6zim6{pPGFb?)@Iv-4h(6^WmChHdl!uS#ye7ZZiM}2#m6?
zZ}o%=?5YRW4c!g-!a>$KM6-b+fVXoDkkoG;`Nwz#%euCnnpP!kx3i{q@tn~h5SEDP
z@Yoy@>4JO#5tdr*F`x!N45?0Tnu-VbZ>{b06gBTS0OaGZ0wJOS^Ki~KAVXapL*9?<
z*0^r(b>3RtJ$8-~j><S6$oX{jt4i-WD?^RYEl43)zX&W$_j}R8l0xq>($*MHjN_?(
zI(f7i&_$QQ6^BFx`7tZ<6(&XP63KRasGKLVTTZUcK0ofMEq8-|%Y5`5yZ>3tp53(p
zLy5)dWK$w0CCJ-T^E~~lv<8zxWykf{qm$NVR{lXm&mM!&dasCpP}Mpzlmf3AV`>On
z+dgd3wa!#d?%&3<(fU^I_}5a?aOXhI_Xz)3J|cl!&i<f~wK5vTx%gG*UPxm4Q*t0L
z&||AqpBhfqtI!Rq(Bn-X8nXW4jL@mjr1IAk33daWO&9<+9WLf*N{@1pqrS$q&P<&d
z064*;w{p52K!to<!~{fUFvd3;zCgJ8+9AitN6VLwf+dZ0b-No`qa7FhgrC>>dw6%0
zRo%U6YVa!MUk)uxkyr#`@oUVJdsW7o*kThapmI1(d#q1AgeA?aRt2%#;R7LRKzVW@
zE(W3IpiDizQo`TT)QLWjPy4yG>Uqe8Z{4-$LO{Q<>*QaLUOXvhI%X4>LhH`x=rm+?
zPNWc#f9Y_JeD5=qaAH1V-#B7myJaGS0zmEEJ)tmZ!K|(nN{X{PqmP}=I^cuEL<weA
zP7|%3o+M7emo??q%@A3DkUhM2js6A1>hTQ$2;gQ_GFDqQU6e+AtqhMTHHP>Ch;z;P
z<7g~W_~9WFd_YA9&7(rj^5df0yMAvG;Fmbr_*ZZ}9nK_dee|Gc2r7a~?Z&k++`7Kl
zdi{kBeH;Sb*GR&yN54rBG$@{oet)x8eR@s!F35>SnRlFB=YmT1Q5khFP~8qfFn5ry
zGNd=cyYP!Tg{I%HMin&({`5OQ@zbRrEqQ8pj(@eyF#YU{AjFB5FYmU;`u>oA<7Y9!
zf{K~`qdRw7F1wjG#8vX-k7o(O?>Jd?s?9G;N{aYQU&6X;((Xn-J7+~Sd!v31>o1}7
zWvdQFd9c+N)3Bgb#F9_K>1*8QM+F{v{r2$d6p^ralxCBaV;{0xt?ndM<40}1j)Fqw
zUu#=1VKd-`yW11o18Xo1Rz^2qw`}keoeKQ|SVB9<01I$18bH#w##WDIO2e)peY=*Q
z`1w!f0!A=#YLP{bXAEAm$EY0BswNjCfL@~4)^A2DlQ^7vFBk6bdD?C??ue8&ec%8v
zx<V9N;TT1Q<O`G7rrWy24-UAQ_)s#Awokj+sl2QFk=ZZp1lRZk0cvK}1{@`4C>+ss
zOG@TeT-R1esZwZV4><*htCGF^TqQWr5x<~oW9SC2A;ci!j=%?AlqUp}*qYlktp*-W
zL`}_j&@=X3+4%Lx^-wPj{f#>bM8{R=pb>}5muV5r9Gf`d50DA(B7WzpU3~!s`;Dz2
z3ako@hOrG?kW9N&zACNeA#T5R04VE&Ji!aH5k~AqOr$;i=}5xSP`>SN6kzc(dSVkv
zrM{JgQJb36T!_s~O;miT^^}>Zpf|%OOHA0I)rG)sS07p?QV3>Abw8(DC*>F5c>ZiW
zTj}QOAa}41G_XcL3@TDP=Rdt4m0}ZJD~Q!TSXMFXJnWmSZb#-QsSR%jo#-q92Y)*;
ze)+Xwza`P05QEvQl<{QnP;Xxq)sODv$8Le<oY}o0CfY^V;x_{gAs#p%YB-r7TQC(Y
za!!FNdN91ER3?pb9!W>{+jPx!8c?5=hqJVLgN6j91v3Y=Ql*UhiWFUquVN^qwZC-o
z!fo@P(!x`T@#BHV{+3TnWBzIG=<qI}InOM>-O3xCpV{<!`VcmoLd}%_x#9U;<7;7$
zbqySBV`jt9(1?Qw93+{eR(GFq_Y_vi$_->H!^gj?Z{670!bWI#%2B&@pdlBI`}zT6
zbds|XKxAWty4tg`vrGqW$MLRI;Scmx4;z>(3y6)ZY-M6d1G4U*GN9OE#MZE9J`F8L
zx-x4sfF-t6e`}OIg5)Z8s+X+TxNDp7UiI$U>l-ZckJs0D9%Yi(6%hl7ej7Fj1bmWl
zjzsNut+mu&WH_wX`bfqYTyHEh_rr<cBZqz1Rh7I7b}MzFvP_-Ww@aG!XxoeX1v$CG
zHoT(6HM{$}^FEts(y>%_l|7BDRNjFl;~~5E&{5{rj6&%~Pi%b`l#>ycwHk{qkG;My
z&fnd9c3%K4``^l}fs5jcGDRHJ?@F`SuRr*%NZlfDuJ~4N?+)K+Pxn9Fa<fJee9e>H
zQ@<C5X-Yd19-GA0b1szP;EDJW$sp;v=-o|G`d5;Y5V&3pc1r8FWiW*ssw*;dcm-3y
zefRz<T<r2gkVpKtUy{68pgUPXK-*tSn|F2QUGl=G;iJ9VtnOFTi#)=>DV16tiy;(d
zyjm~kH41wS0h~=74wPeni<Y)Obqhm?f>?S@vIqD?3~eI75vg6syi1k}t0*;Z|JAHB
zkDY9kig#iop^YeE3|tnih_(KIK8ftw^xvrSTts|w4JT)}9Qh@909y*0f1I<iC0AES
zck8CEsr$_<-ZyNd5#eUe)$Z=nLkZzq8^}FPfDP85>**dXa{tb&z}Y&74~%K1fnO!R
zthWjffPSEVdij_<6P5kt(5)@Ov-WvH{tEBs<qTiiF3E(pk^kma_FN}EB92r)Z$Bk4
z8Z00zm`=>5>Fp{4GURP(p`lgSN-mnnQgS-_%C4(DjT?_PRd8~2C2Ag&wU*#PDR(@f
zZH5j5)p+CI;U+i+PD;P6If*IU2mP;>Ubb;v{rB9$VLy<3%e)*Lz#vzSKa{iU`r)9q
z`DIQ6EgB4g@kWRGDE*b-m{yxQHLQjx{Ub+bIi(rC019f#Dy%ElT3q@V!&`L|5^E3x
z<1~`>Y^dI0nk9lYwM^T-%>4JF^^v1*<$RnZ=y^EUy|i);X<@y?ZnOJ4&feSI{XAxM
z>#ISaq(HhF+lFNwg4^RN^c6o$5~TM#Yc7@u|G|>!r?JS@G-*ZIS%=q6gKOKH<x3BT
z0tLw!BLVKml7olU3+i^o{$NSae{B@mYCpsr(YU*R%LFr@RAxOvPkRKpcm&z>d7}D;
zR36X>4r;n;KBr2Nvvul!JW-FBM33>rzx@eEuu+Vb93tjt>?1w(#oRjV?{AEc>F_H@
z(+G0ubM#T@_|#{c_8-<2c(`n3ia5pDbp-Ij9V1|$nE+ncy9vJCb$r7A_C_qrw(tgB
zH5O$1ugcx1Y^p(6ovDf60pf|+(m$eTR^#E!`yi`;<@p4v0S}w6oiA!P*YT2KSems1
z^h+BqamJiYl(lavJwtXLS}NfghT<aw^8V<cw!&fQ!@-nDcKNdxgzBG~d>M3U@#~CC
zZLz%3;C3nktS|PvJ$Yy&BN~7t%*!JjAH+b%XfB~LpDQjB`EYRKl5;`d<jw=@b6#2l
zUtey?aDrkI1%aQF97vs^{|vP3rIZ+0#xmp~kNNdQfB?%kNT&;@uAJgWCo@$>4xhH&
zcLi%60=}ugs5K=e2{c?Nz<>LI+cX_}(VPpO$n%c^hf7lya+8<kj`%E@%VF-u7ve)c
z_@wf-0$)ipABodztGx}jS8qPY-VbhY4C$B8wh!ZM4_riBo{6!7e<3pqVHJd7b$+=w
z27F}|A^<$CD&7oaBz^K$Cw~0t@5EgG=T_fdd(O*UWJxr_qoC2G;qE3le$!Q&ITW+d
zZ}a>$hAPjS-dO*3X(u87&-5SG{;+Wk1(2+j^Vw`^(;`7Xr9X=_=;sgj#~$ylCrpgO
zhS^q0P>~EM&h_x4p{oOpMQJNiRJ?ksq@QRfXBtuOs4g>x(cAg2wi0iL%hxE`(cUiY
z&uP&O19t2!83$s1MjQLOKY&*2mFsEv9J!d^DMAA1d{>^6<n$vqK|E_*y2(rYn#GMw
zv<;by8dpC=*Mx4m!s>oKN(Gr9y>ofm$9aPDPA%S=H6P4Md$uwA_<<v+EKUD}4>&eB
zc_YezJb`+j7Zm8SB>hWd$e%L|VJt?mvWc|la>ys7cT3%pMJSYisL!xEwb5KH58lDF
zKY`uePi)0kb|;J3+LlGI4mERuYpXCy6L8>T(n2jpHiYiwZJt>~VC>;)kQ-Deq_g<U
zs7_MywFeC+gPy?2E2RF<ufIhw@5xn-Ra1-Agf~DW?@nzvl<+6%9bJv<;`W>gsCF%9
zE)WNa2XVgPyI-9p5tI}UF~SQAv%%~IBBmYQOkgbw-5~s+b~2c-kbip6K+Mu$-+C%m
z|6{+|tG&_vHfc)YaU+c8Z+J@*rWl1T7irSSAp$Lhw2Aqz=aa0|_y;&33*D|8c>(^T
zXO9RN%pO$sRp~i5K`4d*LE|egskMT~7txUE{3j)L>{i)~d7L2!b!NO-b%IvGneS%<
z79MOVO)sw2F3vWamwJTCKvyxOvOhiN4eI6T*Hpxs?zc`BhlizgfYUg1yHK|`imWWp
z@3RASR;`O}%{Q(#o(v+Sl>SKw%vOW`@C>&d-}c@@cV%tic-IE!r<oPUxwndzwn+$Z
zKjScMKBD)N1LOAc9mLg5%G0~PB$Yg{Q9bN4!?PiC&?o%L;Fd=ogevCK)l(zD@FKN6
z*N5$g@;pDI40ft^Z4Bjpy<qQ2J1C^}(NdAxNA8L80<zJjEv)J?kbLLQL1E|qn47Uw
z`|B%O3|yDe%xW|qL5yo*0w-yb_9;)4nK7?LM^9BNqvKzQ7mt*2-ObB4HOyR)VfIUf
z4Opx0(NV5?kX$=#+L!{ZwRXh*!8nX^HTnY?s~X0!Z&0q*YW@Wg`^tBe<ZTWi0-v|n
z{o$i!>RPg)Lb6R~(KvK=;b-d>GL)EP($Q2zX%eP=cJLM|O8K2b;J(HQ_Q#~iTaCh~
zf=G=d3{4Qz7ooJZq$W|{?t2n~XG(3EMJiHzM4=%!Z5f4RaPzEoQ_?5GU==uIFY|Tb
z5azQ#$Gm>b3>uY$w3({A-<7Z+N>qX-jalk|!3XdI|1@OIis(CLbvGttZn^Z6OT^?5
z0836c4)O0g(Oj=`%>(NPp^iq%Tmu+h>^g?<J*W*{R&~`zR_yj_-@t(>^3_msMQ=t5
zu^Kv+_{peUe_E8K(Gg)i^{<BU{UgIK+EnH&OogMb-Dw|hflF<U+eo^S=-M1$<3V}@
zYb31Uagt~K5iu29j(p5NGP}yUFc)-ZgVL$aRVT$nKVzf6F-lv!JF4^Qe&LB!0Ij!s
zWXSDLsSgPksTw%%wyC8}#Byu!6K$dTzC?11N2xTNxYc*|FS~^00h2^!u)ps2nIcrl
znf~zniDuWkaDkB#8}L1b1V5dbK!3JT;d^z&XV9UtOp`}DA&i^Ak3e2`F3hdSJVz%a
z(zT;r;_`A3VjQ!f#=F8E#F;m+^ciz&ZrwvA@I0c`M<6x?iGo^O(ap<V6Q{H!IrBhJ
z(Bn{9*ciMNrhZ@Y`&jr(t~X}A^;<d7DF`KA$UW_185nR8`rd#-72$j<E;kXs2WOvJ
z92<o~H?3nFlI?jIM|J1675ePc`I{bx5f{8aT&33Y$R?$5i&h_TAt$Z>xN$8u6h`W<
zc5f_#eVOw0&@imO7O_mDk)@s*bXKR-Z(+rzsfABzRa5);N^OhJ>Wv<jBAi|~*cq!a
zR&J_O_~Gl~iFs&%`if2{78k*@$)Rgo4Te)En>k7*o=pehIuOD8?A;)ZFopoz!{bJ5
zS7vOC^tJFi|KC3Ei;w4<+k}R%60p#@9SWTOWW`(dwRBK8Y5jvtv`~5xkck!M9jQq<
zcG;bDX_U``5Zc+V=BCm@qn@pXg>yu?jBf`%s&qg={s+zW3+lK-y$GlMn7<R?mTBT5
z!zRk_v_!Iae`iQQ#AVhG7mYjB>E|mAez(6fNB-~u%t5=Eob4M!B>vL8fF8XW46INA
zKRsm$aag^-(K+q^SvJqjCZvK9n@%S1&)<OOTVXreQS-49<)th?LqavZoQr#xkmbe~
zRFB23wmq-(erkW=+MnrUp~h~T)pXaj=YdWzjitlktPQUnMZC4~t1}19!sMi0o}S*m
zf&vZ&O)gqVB*tYX^2>fb+gV2W-uz{SV>tLr7(j~@K&&09^N<@6Lx!tzVVaK?TpKFC
zhv3&$mnN@&h?hS<Amr4RYkT9~#K*$rH}R7J4@$0SJoXXx!F(BM&tz$+$~|eCB@Ty2
z>``*i{vzW}pJLY$WCLAby<G3rC$!RBJc5T_tJG{x@+_hlU&i&2J2y}NT?W;TP6=a6
zdT=|9@zGK~Nnlx43fK>e0IY@R<%D;ez~n!~KRM;))(!OylFb-E71hWy^;Dqt)ROyh
zUjkC5g>sCT7?u$AZ+vs)md}e9?cv>6<stK5KPKqMy?pLN{4V;l0s$}Xu<)v-t+UmM
zEO~#WAU@A=F)+|!ZGR*gAFqaYsYa>ZiNhyq+gP9O-`Q@`@Z^uv!{t4K2t9Y>jaax)
zv#;fUfm2D1TVKo75xmvTZTt)7MFP{n-)9Q=r3u986ZKHLs_gxs@9L4hOGMWN^VxR0
zNC=rt%;wF1Ek7sC=Ex5X;am<YQxBkth6G!iG$M;%x?;*URarMPYr(M{Ylk5ZUS02(
zEaE@15RU{$eK-qz3KDlm?C7fhb1q6oH&3td@WhjU+-s0qEQEXHTjp2)zC=_KRQ-(S
zmw-zb{O^ewWPKr6P?AP)cW9uKzoI;whElt#);PZsF@0cccWD?;axzkI%|(!cAnGBF
zfri!;Q1_DyX#|Z%t5L+m`bBvC^_2yu!}}@gwyx2{NNPZdK-2JdUBj>Hox~US@AlDX
z0&G0~#y(IhuBT^$ZP~GmTy)V&3j5TsO#I@H^L29+lo~YE`lJMr;1pTe!YV;ccDJ%N
zayCf2V}$?V<9Y`BLg~?D{nayp-{-Uxa2B(Mu~soR%132+$*Y7I5f!=_9z(+9;X|Ey
zTg~wg_R^VI$$@s2oiiZgm?Pl(Jq`f_p>pGMuV}2MW(tE@Auna&4aA+kDpoO2j9NHY
zC^j_JL%h*hYjV%b&C4kPXHd1t%L|_2;-{RV+O^*o5RP4CBpYnqd&8vjmv>R9Hyj@c
zr`q#AiyX*S)oTCF4o=@coKOQkUxuwyCb6l=@b$K36*U|dL~g+Ta8u{sDqfq^J8Y^i
zKEQbMYCY_C@p7Mlh0zeO?uGNUxx+R>3go0aHLQ6XVtS_OKKAP(BTqddle8J*G=&?B
z`4b9<t}h2G*#9PvJIkM1eg8=c>q=nn99Y9&h+hUsePPU059^!qs9X|0snz>b$Vx+^
z0(UwY`LE27jEVe8vLQHXJJ?^W{&pH?XF6EFluXumggr@iipC-|_p2885YZ^Waa$Af
z__j)jN%8hsl|vQzTYYPQ`{)Z#)4k)~p*2>0wMh74K~pNF@kT)Chh3b&P^o5n_b)MN
zLO60?G@DnmzkFm=t#RtCu}<y%#j=-_oSeD01>WkS^skiyfd|mO3K)H1r1rosJM#oa
zVLsiLnCBMgzL>}PWWKNXHk)Aco;VOJ71X&+UC=sRN;3JE_<Qtm@nh!h2ao;6^iTTS
zBWBKjM;zesgE(V(Y_fG<mVPwVKsZj!Qe`7@ACTz6PxO~Tl1k&u_@MALC;7PDf7)~d
zNJm}cosg_b<Tk;CjbDEKP(Lg)r&XS6(u*ASON_`Es!!MfKj!f3QSoA|n=FRNVo7Fg
zwDq8(Jugl66BCvSlJ;5|-XwD`uc6{tV1M_~KAy<4j~)L$sc&(7jsp{G%oMRuKnaLy
zeVz^fAR3!3E@(+R*ZNqQt$VjrvvL#W!2-}YumGC~L`Sx0`MXH&aY0S*By!xK6t*vg
zYqL(ylnYdrQ7M6A{gyDqosG;K>#O4K1H~M>{^%XMWJSplCgKRlV;_=D^SZ_!H(H-5
z{6(fmC~@fvh5<zr1t+U!0U-Df^I@Cf17sOQthjrvd2zwuSBRfSC+z%CKt>nVI~6LT
z&Ty`;Hp3TlH<>@7&$2?=gGoz_NIm|<vvM+>>VP7NwLrh{6?G>fH}SX-j3-?nZ?<nU
zPQ!EmF$Q)_Ix(SR@*GEp?)!_WNZX!ay2O3_avOI`YPp#vm&!bsnVxl@0b5l=+_$QF
z&)3^>>h)z(E2dSK+B#e-T2FlPbUE0s5#h$zH2GK-mQ@TEYpnM9UgkS0oOrM=?YM?I
zDS>v)Hyc?3Jeq~QajCLpzY{Eu%~g~}FEtxdnekjIoV#M#=bx0>2=r>p6uV9A4Dsfy
zw1X@C1ld#=c`i}c?U5GPTgz7drQif}q|Sd}PZeorMoYP#Z)4mYLn27y@8=pTb(kP^
z_M?<gtW>}4(g<9X)CwHG5RzMHiuQdFU{K6mpg(>U;tL|R%WWPWD?rXddALd<S)kWg
zwyCpjTH`Q*mfWr`DR8TJIn8_n>i-^|HRB+@pzG#p6k7S77adPn)qQqSRx<0@)Lb~$
zzL3P50#5&II^5E*{?)<S?%<@L^t0JU@nVyY<MYXC(r^>6lPS*7QkM6bB}#9P7Bwu5
zBE?ssxGX|pai^?Xj2m7P6aL=GUyAE{U!Na|^xv5<ZZFV4=E}Lup-<o7O{BPR3a-Iu
z{f`Iw2khALbnc4`*d)4&#kqU6m7&0?MYk75to3l&{ANeqQrlLKcGpW})B=sisnLAT
z88l^;9kf}-oqsBZH8qY1{*!<wBYrCnkjeRY4}|}WWN0l8x&;UP%topoo^|f~Da}+;
z9!IU+UaC4+i60Rk19w1OqN&QDY=N#rdR8|%FoZ6}JoWSX>Sa4HaNu08olb%WL<8g}
z?rWiDf9WM77ANayWi=Z%Jqqy&*KCgu=q@CUN!fzF^z!q+ATaV9PiQq~0L!oJ`Ug81
zY(C#&%*2E$%e?myn`$Ro5U2QKco|yJ)oaAYxyTT3=p)MnLL&#-!|_i?TUt&|CFkbQ
zlL0krt%=*E_oowd@-OnnVVo^@iHk@p-Vd1sH3mlovUG%vNmqGywa(#iQA^Amz3MF*
z;>2w+#PImk(n)l5_(xhQEURTB8&aC%BK;S@u|KI_8t4fA@Z-(10&7qQH@0=V5@d3z
zwWoP!yYEm9G`I}TL!@d=>eH|ta#1TV@0Sj?cTlNHe>2qXsdjL*<eK8hhZ638jFbNw
zdX#C?_S1vRb~*H@KHdg<mYNi{!+2KKhkQ;#Jv!ulOU9Z}08FwTx!apcW`)1B+k;`?
z9(vA8mv`YcxOOaxWzM16=_dGnGnU-Euz6nc9gV0)>88*YNWCx%uGx*WjISrn`uIXE
zt`OY`ez}yyI+VXN^Bsc4gUVnGO`6EW1j3w*FDLwyR#9IYWxdkx)@w@S7+yDWekwV!
zkGB>7?C|UMz1>i6HOeg>cDzK$zJOA}$GR$*pc@f&(IruDVZKSu)f#PI2CYk*k|l15
zbIz985QDl8pYzsJ=7Zg=XY3smeiDrjz_bF!9Z{y}ybhm@i>mJWOt&r<a=^-(NGk<Z
zG;tpAA2Cli8DYZ6tDg-$`c>Vsfk{jw&hnI4&HrO|N?>t+vM>6bAEe8#qq#vtZqW>N
z!fQ575q#m@kcaFXwLqxy?AEmhugPA8v0O_{M%1>AS7r8MS7IiT_9#mBPsN~!7-n7l
zWht%Hj?#Ou)OieXo{yTGzJE-_J7(3=q;mUbAD_DxI+f8((gWXeKeF+TAJa$Q-cK`?
zgnaK_bsdk+ES^vQR-%rE2qpQS%tj@tJS}P*d9G#aFOWr<U^*u(WeO;{G|2`IK^4*Z
zeR&!&DjE^pkb8cjOnI~lYWtl>02bJLpi#9jY9@b>Hh589mA*s%Ju0XS|Ef!gCnj?H
zg#-xX41&`l7JJ4tiL(i-!J1t~ywkVUccewVO$)c@`)=H6_v!TIgg{RBG}afEKh*Jg
zAMkzub62HXu79#O0kdLqfI98_BTAB26gD!$+@{MP)ZJtxuz*BZ8bmUPkO42V@%C#F
zz!;)Y;b&dY|7Ldn>b2B}hY%&%o=Kwn_1(BGQ4N&}EUyF6OUeI+q-`<V$FpVb`z|h&
z(b{lDy9{302a)1v&3!?9@EN&LDuQrzru8<*_DNyojrOg}&B_nS<MVrqK$^{`pToFg
zKL>j}rg_cwbe`Tsz^_E-DHSiLNF><r{7Z>|&#O<YcBhDz-(LPavvH-4PWhqL-O<(Q
zHoVBY7#;?{ZS5Kv+7%c9&V|uk&S8(KMJL`pp*7o`YdYvQyp55*K4*=^K9hlZ0c(3F
zhz@#-qxbv(!;48Wkn3BU$mpsdj1?d94hW;-kI|9C$o8y_N9ih`U`hjqc72=*DC8hO
zNZ0I~mozdfjIa-*>|+6SApQz)ooKI9A-*q_SzF34yHuboIG>NLPKMcnFW}^36Lyd{
zJivCrZH*Q8bveuK(ED5-Tmkgq7U;0g%X{Kuemh?c6-5GUSRQ{H)_DTLZl2C%_dWnN
z!k&`JSOGq@u<HL)1o(e0UCF|F2P5Cn_4;h!07BT+l}m;f*T)+8t}oYhL7~gsZ~)TK
zWt>x1*IQeB*B{va+T3r*fCs6SR&g+(bNT-&%m)d}U!zj@TN?vt-}xh~G$L+qVNj*_
zQ{QgG{F?xX`|YxHd3Yb-g9(eq-n_tG@0dGU89*JcEhBG_2!IX$OJ10Q!G8(_|35FT
zFzJQ=Q+~d|;7Asb4CGS;>C3hM=LoadMS_!y%cH|S3@Dgo3<0h_<rMG!t#M!N72ikr
za!maQ!iBxx+IPP(^p)nSoz*<bZ5;yXJL8+ffjvK7jpT+Tv-i~BDR}f^IAQNEDFrKi
z-@Ik$+4<JfXoKX|D>^iYF9a?GZi9Egkp-2|i#)%>5)yPsD%cb|Qr0oR5mBNiZSkv+
zN&NHm_{Y3_Wd=cA-JsOjd@O6nhm#T;h;Gog+b?*@n<l-0iR%o0q_nEr-R^G`?H$is
zZri3z(eru<ci43k3Wd%dA3wCkCyt7(gpSR;tq>L1L?Xz{IWaZYW~119Vd%}@YhTv|
zyvMYP{722|6Z{USPp!Fls!`)+#(>p;-B;f2xNpi-tNSbPCG9;XUU#8zt4510myy2g
z>HDXe8eVCplfSs-hbvQiZt5Y|j>TqezxA07sOd}ZNuNUCTEiiLJ57Oi(<aXQeP1s&
zYoGLx?mG_Tx#tkry4Ie6pMU>b%-3TnW3Dt4*LC*f{ZlX!uVnfsWreuy`s7#nA|?6Q
zc=c4%U60g*&BL0y`BPvPq!ZSM$?Dq0DAE&O@dNdRhz?OIB?!5%ws)+|ygF}+Fjf9J
z%)S|xwjSdDc->v>F?m~7k{C<VF18f(6z1iAx^_J9l|2_zH;LSJ$X28VW&SVPzA`MX
zCRh_4APm9XA-KB*cXxMpcZcBa?(XjH?!kkHU;%==?d1FJy}NgxyFYh$p7}B7P~H8W
zs<*29bXP$eft9aGSdJzSM*kuFs;pF5F>;Ze<vJ&0X()6f$;S0ngZVr#;Y}%RP7^?R
z{;<=q6U%&Gjd_|x(|Z0Oy}%x(6H)$La*M4z;+ur!fe{X#ABstnflfSabiM(@cT};E
zHM%12T;KY5Zo>UW#Ew#j-Fut#(?DNs(q`v<S45;2f0>2FBOR}IdAW#coiD6Dg@7sg
zcK?ziB3lsn6@D0uQ_jxj;}>S3wO6Nnl8^-5X1k`l=3L+Dv73tzQ!Yj;vd)HY@lw&2
z03V6Gc*R~>mGzZKgOh`N%bekZZ<hX)CWSK+<QxPO*emV^uJhPMY+#Yar-HJ>q^`_X
zo-}I07O{2rTpJjx2rbJ$0@iuLcMNV~sKfm?0>A)?(nii|tvC;#nlTX=W#bco@TUT?
z6_&u1l-cP4-envz8`b5QuBeHg#C1OL;>PBV8ygoJ8-w8vasUAcR|ys^oQU<>k)0O`
z`0<qE)uPO;_AT`sEE#+enxv$ZjJ+;5>*TN8O06pPD>c~*d|{f=6qw$PQr?^Lz;4jU
z<JTQX7Cf5wcPL##pGguN{0`4oz6-o-YFQf3O@@gJN!+!o$jqvK3q8kib<xQ6sE$2l
zD#t!|#^SOrdyrrOw0@h52s8&JepJen_(iZ*_%x_-1Ul7C0FatVo5e`t2VjIgKZjx}
zX{#z?YHCx@0d6|IRa|-4n3pj1vT4L-?zyJF>p8jS+gEbvJJ!nctE@5&X8;HwKpMl*
zWj&B$hVk6Wv#(}!aqEmWx@qWQ{{yGG`|G?2DJH1ciZkgX+oWXZ4bRBrY`9gPFi$$o
zL1~%uOPJ}=^DXKM2RG+pzc7d`&Ua0Tis8ew)@hfr<ECxNaX73pbhERto2yG?oGUae
z;GH8j2a=uQl;YfI?sll4y^Sk<Kf7KS*gAN1s!5UOoSFeM!vozxwEiA52yY%${&KVE
zHxwUZea>lAx@ab%OtGptq#)HPE}3%9)Ya*wmYjI*EKzc|WX?Ffzu)GJbAmeCLIEPZ
za=W9Xt{-I4*YqG+W|o(yiZ3W)o|u2t!0de6c;`Q^Frz5mlf^he{x{kO5v2o}<WT$|
z0ui8p*%&P<^pX=K<@+C|@3n|xtgabK&5vilBNf|}T6_!To?~5#X7f^Po1UslZ?HcZ
zi>gbp8}DYWGv1PFf075$BGH>~%4YkivXiXZgv(njm%{P1rdn+i<F1I1Sr@xdi%8+)
zqTKza&2q!cdC8C4_LLW<W(RpTLev&Bf;dcd^A{JYZYU7vGQ64iZ*n>I;|HCt@>qp(
zn)-h@_>miGMr1sN?QGmJiP7E_-E{mOEUl1qhgW&rs983$^VyVAf#8AHI#tNR#gD=I
zVwExPu!f-rfdtv#r%4}{+ZLPW7;Tp-d{D_*Qdf)4UOKo}F|_ofQjf4H;rH~zn9*Co
z@*VPlRUjWX3sxpR_NRxKZLdyL*pnJ87huWhsL@bUg^V61!C!%~Hb-e3wLDA~Tp%0&
z5;szjn=vrN#gfH#WCmmI6+ACI;Nz*ZN-<S&a93^J*!A|(;^eg3Q2I)<LlFFF`Ovs<
zai6|KK2HWzuZ?$58RV!4Q0P(s<g>XlHf2T9LrJZirWz}61lm#?*^RVCem!Zp1R#Q&
zC@>J<cNP+|y1!~@G|f@!e0Kxyz=jNKj-g0hChPv|3Ntk*XNoU!BLZ*39v)yeqq@Zk
z2_W@Z0B}Pca>JEMuoZ|Zn;(;Pr4V7xV}msr;0$A+#DW4XjD6j?vUw4Kt@V6)S_y@s
zdHUWB`(MeuIvUvPIE*fRNde0mBzED-W(_MmR{BVgCslmuJUUuYuyr5>B2rZ+YI<+s
z#tk}~J-i=HaHvSV2^sP(Dta(e_B1zKFFyz!v!Pnn_-KC7e-iu3lziWkTBuzGT?75=
zy{0=2BOV-NmoM-Olj-Dh!vdKp#}d;R^lm#@Zzq2`Pu|{nTAKp0;b!F2s*;)lPxou1
zi_6A_GHq;?Y-=!BTT{8YxjXme%aSiYf%MkOkOEaBVGtj(LN@h2uh@5R<TJk)Zjk-6
z4RI{HQsBG;EqnH)PM)7RklW6sY;LR{nZNxa2Mc6G;U?6lh$)<?kardwsEoFIYO>J6
z2NXp`@{<JymA}sfJJBbHYeXEY7zsGG@6s*Gi+FtBnHGWq_natEzlW%UBrv8~@xZ(1
zY`BfZ6N?75X6ewW%!!kFUFQxMvZ5jjnJtDrX_4@8@>rwGK0r9tx-Z%3bK4z=Juf<k
zks;C%K@NjS#Q9(G@3`_Hy4bm(#VmekubrzG9&CC8;EL`FI(c}e1Rsp*b3fsc$1y|(
z#=Fh=PB91nZP|kUrqh^cdEcVKy`Rq;M=;G)wnLvgNnHGnro!uxU8za@!t3O0mdA+k
zpyc6iSR_Gu?!Zf~^zgaR+S2t8E5wmA8belG1WsNe=MT;^?W<G7)u<Qqd;Imiun~_N
zXSA{B`9JRGOz~r*Q!zhf;w~{jQ2&88nOWB_&U=x(5q6#R284x7SJI2PR$U&h91lNV
z``zYx?<AZ>h(;AO-V}5?oEg}0n`i3__<emgDcbFB2Y{@oi)sFd#aX`PhF`H^TcG(0
z?o_~j8iS;(mn%KJ)eItPC{w;&0^M5$b_r#FUyVL#=UmlRTe`->^v>G+^BhDtIA^93
z;tW5&+L6DLlV2bx&gtba*?$XGvg1yG<L$7HVlgSUCuK{=C6r$}Yzq@VKLpk$p;T)b
zc=yK-c7bsCT$9#WOSOKVG}@4+t7{+EldQGE+8G^QYjZUh+rx@8rmdF3oipHiX6pQz
z;r|Z4|Hp{@|KE@F#DKoHpVu2*MwfB=TWWkC2B4(JUWUL-y&gBmcVlfJ9>-k!+a4I$
z=Ij0llf^1QP#nbnFlV3-ANV^#@I?s%%@6odzydZ<Z9!SUj^KSgYxb(vYT}^4i0)H(
z0P474{rLaSX#Vk53KHz~jsG{(;~6z5sTnUjWQKK~jv-h;TAqa$FW|>AG+4OL_vpaK
z`By@3^QBDgl|NUr!H{8QX7U-k67=k7a$HDqzXZP2BP2!@jDHD46BdZTqEM}nYAIY)
zOR#NO!KC{U^-zfU1_sI_(<HOS<NG`GCoV<O?2S%x^>FpwYi`T+>#3IH>-qlJ&Mx0A
zZbSn9dV()c-p5f`c;vvC)B)*cm>(%qBPma#{ZZ57jTW#sF7fTA@129-1N|}jKQEo!
z$Xhc#zU%LZj;{^wlE2ejV!w$QnTWfY?0i3}GrHW;3yyx@JIdR1fXrL4|03pQB7T4F
zBgQ1qmw>gN@W$Izgq6P|5q&ludqxR3=0E{8N6Hfk{v0z5`ei)UDBwRD`k!y3nX(BE
zgEN4QL}mb*gptC&;182%++XqvGwmix@(rGVGeS*<!y&Kl!4CR`HNfWKdtiVw1x!Lu
z66=`hoi4rep`YJ^VYPC`!a3eZh%g0^!j6EAlK8kCYl;kmQDf3x_>~W=C;}CL??VaU
zMggF|{z){Z5OX}Lx6+T!Zt2+MAr#0tb0g*#awdr;&#^?f(t-Izq!k;I3hWUg#-N_(
z_YtsYVvWdJET}mgbf$nOS`|>&UWRW?Xhjbe?VswRTq4y!TW5~nWN0M%Pq8M%rw}Sd
zWS3@mwW-lb7|xI<W-0=|F|So!_-De#{$GOf@BO)4dl+3`8W>Zzk-jQ?-e<n?x&QWn
zVgJQSgF8J!Yjde%+QJWIg^`%82n))zUVVq32M@X)O_vEamyOy8>{@fp$iYieaeq&B
zG`1wWJRJNgBYnDe1h=&Hc(roo-ej%Yqn>5d8wnB(a;<8?Se!}V?+{Fwh-Aw$+>X*u
zalNa5VMPj2g|>a`pNy=Wj66L&pmNkO>tWcher=TLZE30;qWN@DUVZ6fw*8Z8lG#FX
zO;stx9kt}9a$5P*e*HT+U6+$WB~5d&*0SJXf+04kJpA@aqN!xHi_l@NCyhVJ<G6q?
zANh9S$ysLXmJ(2)dLq8O$_@%WR0OFt)(8yYzLEo@A4nVi^92oZfWwct!QGTOvhdRC
zjrF$?*iEFrRlH3ID*QMB7{&BwzByHBCjc$Lo0hj@MKnY;G^f@g)2od|ZPA2%s=Fua
z<m&BhQGZ-L<IBa&*40Fs=}$c6KfhdfSE*RGjdC^pB*HU2cWh%z@FT#xvnXp~OH+!e
z_)=-LE<;wA=+QILgIT4`5!B(0wxVdf*aD*We5=mU4&6i-hlic~eo_S8dCEx2djG7P
zY2w%7N~2fKUppTL8_oQ|&#-mqqFlYj{GGrCe*_HYOx2z?09ylT<bev1X#Z+Ql$ySg
zY4KaWt>k7r3VfQTHwCH@U5)k|CS*E3)P%>qkCo7D{)hp?IZ#%)0Df6qn}e;%RR>GD
z3Tl~a@@b@>CrG}RHtA+#B>J>FovIa|p#?w1th4mM%UssW+-TRf&UajS@kbIa(@VZ#
z1H&S~m84{~qkr7N9n-UsjIB0N-ge*SgxpOwPgdNM5W6~#5gkrhr;ZjTuM9n5eg^*5
z&8VJur6qRt?aQ}%S2Re2eD&2U-Kc>lQ06u-nQmz&&J2J2zIYE;Q@74eOLCr;e+IF=
zeQAu`jn#i9@KwK>H!Qmg8FJ{4?lkVXSQBbh3ZB#LWv@Rk-b-1;IQIJlT3zUC<5E*q
zh|uz%l+>r?j2gd|dCFv~p6IKia6vbP!!s*qkEa4}6*YYsN)ztYyKWBMmQN-n6lGg<
zWhykF@}DH0?uz!9wcO&daljSvbd(IMMN@9ZmhDKp9}UK%|BRq%WSRS)0a(<l_rTVa
zfnK03_1N}P_R2HG`|e|+ywpvX4ITe|04Da24X`>u12>{v=Px`ubY@}k&f<$AVyo}s
z#Pa3`8*&c;njyJWEjg^f=hH@I?)n#mDJ#4Un7N9X+U0}l23p>h>Mc5=mmb9_aW{X;
zDwW?2`Yw93Z1m5VH(uHaIbXBfR3B)$tj$AsSGdPFW3D4D_@;BJmnmiO|H1$6bEwY>
zR*IbePc@gKlWKEYDnOmFZ(pRr4*3?Mwm1_Qz<ZgHSkNeS(Jw4e(I?Mnm#{B>&EJ%q
zgaN=<=iwa`C;A9K&d9@AGWN%Kh!Lk@h4>dx133OgKJOH_+Ax7(+fvewJkP`F)=aN#
zofqp?HuBX)jni;FX>eV6P%B5%cCor22YRO1&E2|U2e(Q!ql>Rt*Klg)R~iTL$~gYX
z#H6C;>?a7`-n^Jf)+*Md4&tHfLNy#&T1ltZMwrtZCZ>?Z#XF3G4Jjb|@N*LXxBS0)
zQ?LGpTnK-oR+nGT7<r)#)Qi=Zu<`9+hT&KMsk-|3cD^z4drb)=&*RN$8SXgtYfXu7
zm;WzV6kCl*Z9AQe&PMJZ&1*dz;ox~o3=^BFtQ{D<#f!v_%K00P=kh3!d=#H+DT2*v
zqq;w?zF2GiPB=)_p=B%9VTchubxTeQz1g%8f?x5aSM8-&P+RF!fd74y{%KAo-VUB=
z4e9h$6>98X1qbPeFLL72Q=)dXJQUW5J2Aj`Pa1ZV=4Tp6OKv2uo+i5^H@8IM(SM=G
zhYd!FUK)WlK~B^qr{T*Hn_nX4IL6IHd}(2L$+qj{vHQHQS5EPLTYEU*do!TpF*qso
zepAwTWi_HJkDP=rd#Ae4ORD?f2;pJ`I%(?3xJ}!5vtwBPKvSM6mO$B5b*-olW{h_W
zN?IwOuOI5T6)6az;a>b-YP|iu3M;8{!>3rYIC#nz-HSE6pL9nZLDT}rgw+=S(g(3~
zF39muwSw_sLeZj^iy}lkNOK#vKb-rq+p)g9R5WC|W!0m0-jlq+ZA5@`_AWx3fL48-
zUQd4!$ApO!qL^qV^x}ngcy;x8V40`~*13u*XY*#8zO@WJvok4bM}bGPAwjNjM}o7i
zRh`0?$Y+{Itjrs6+#24F2t;u-o<e2RjP0X=y2AP02u#yZ@5-DqHC$Mu0oD&3+XRLP
z5YIAiNg}nUj>w_Wv+kl<E>C{<JBH!Fo<$bz8`dS)RW+BU^;v1RpmJIjgDwPbMfgZz
zu66mzvfrq}k07VUpIKR9chIx|qLp{cLTMDi|Ln;fL(4)Jq3X@qC|@);PoA_IZeknV
za#iQ}&=q{dsxs*|lyLHzev{oZ1#7QVqNTaSu~6jSXV?gtPW~+$oSx`qs4fkrQ7X?v
z_F0%Pt}mVOn`s9GM!YZ*WR+^gN>gGyV2Ya7*u;{Z4wkk?C$m(DIecWMQ<td#DYSWC
zLW$d(?Yql}IN&$D2FRW5K`{SI`pb3t^>wHbR$He+SR><2+C7saDbyWnmXbX<2h_}X
zees-~@Z)uw9N~c#=s-1t6L!f=!x0h>Cb0E^G=2V_pPLC-l!YDD+!Q`N#)Q3SkRwZK
zlg-;OQ*yr@eXUQ7C*Z_^OV<m9`uP@KN|et#O~YT!0IKT<xyzKxD6OLR2MnbzFXB_(
z_2NDZpT}I@txO^#<A6(;%~;*BcZM`#Bv_;zM}weXD1SgtSA3lFu+*P%TZbju=yv@E
zu|lMd+oe&{ob!T=yNw#u*Yr)f4jlEjm+&pE&IoipPc<5KEga1by?t0+i3V6bpnx0E
zlWRj~%WVTRmpd82$@Gp=xC!SJoau7qpifS{-|7A4*)dklGGiwPs~A5Ndvsse%yj$y
z`Qnjy`DZ1xsO4;&vF%|L+u6#{NIl)u(5Y7GvTeNY((e6j^DT^M>qbMb_sZj0Q*Jej
zjPBAAbd;fi@4MUHN}DW~_uA_F#mDk$UJb=e*nkMOp820S-q0J0mrlLDR_&IPU$`~m
z{jbAa|0pe+SIP$RhzFnu%k%!~NXgDk(Kc@E{I^9aZR(iAtI*Gh=9TMF)!67J*amx}
z5Ouwvs-@DHtIJAlVwb()Z}l*=07ld!{yIYLs_IFZBLly6J0O7*oVB=7Jg;~8@m2eK
zGIeer8suGVsdcY*o&ncPbJQ<g9HX{Hv+rG~kVljlJa#Ry#xysrtNt(WS^J%1Z|{zw
z`_BywZqttNjT^kXegQYL=k!_+Ztiy#y<Ky>XMau-I=yP>pJ1!!cIY>sTNB*08iH2y
z$j)gy?Y72rF1C%^FFO3%O=tCP`<A_+Y-GEQgL*n+<8kLgR_p3s7@yDHYPU{#jorO@
znU(q<p@)lQV(Z2<gV#7325II>8Zn_(ir{H5bpJ4FFa>0A&ahgw+GT=jC3|jqZ$NlT
zYt^Ffc185di_On8>B%h)OFhlXT)!8s59og1{OCkXg`Q}?(Nl3Zmw@mIRB<rsA8ua@
z>x(V`eMZ`YDFA_Q;fUkIU;5+_MU>}CA~|pl2>LpS#%SDJDWS;#yQ>9I+^0Q->)wi$
z7v=G)o*y(-g6rNR)Se+N4-jUTR_jC~ME5Uo{@B8x&kOHigrEce1sqGm!zXJgY|QSl
zBPee9*r}C>FHqzFWJV$Yq2KGpzpcMLf=3EormCq%m^RHc;dN)AjqKVRTUc070<50w
zY{u{S(x|v80h9oLWsqnl2dRoF!=}lWNK^C?FwmV=e{Xy;{VmDi+O@*C=HKMr+hChz
z4q>l*LR(x!&am>WooH#e5uK~)V5uy9G7m>7IrGg}xSY;JM|hC~C&eeaQ0u$pXK93Q
zL`t<464BioZtRNrl$pNmg&JX>DZSe3UY79P@-|F&o(tN28Rz9+95{Q6@iWcvW}vAh
z(vD!TzT;kbK5_@-5#IGO=<_|p#)FSteJvSqq^H5Fv$#}4gCxKQf`JLN42&4gj0HI2
zCxC0obRy^GU5AVF_M)5gS4>eAYD7J&L_2Hl!Y_+es8CxZBOk}Cn5|p2DDCRfgMoon
zlJlnGgmeVO4aB&L04&}Pqxij^#7B$X&I5p)CD=1)QdAYGS1|^WqA*fygX}WcSnOcf
zE?n7#4wtxKIYEixV<d_*29HcoS?8wn-~xb8(l9}O2}DvUUb@Yx9wo!%Vhp-CEA39E
zc7HlY&(79ahK7oYiiWb`kEN0&L;`ofz_9T^yPU@;jvu`gXeE^bXI6QmC!JwT6*^t~
zZ!^`N8FE%k9KZ|U_AFywh%x64IX?}R-+vz6v^(qSHsjFm^YwYz0qf-o0CImC4`5Kg
z-kt`Annj?qY3ZB8ZQmjFs&G4(d{L{4QPSMEJFz2{M*AT9eRDn<sv}^&m#CN-OWrX%
z)$cbGtJi1y>S#I-xq~MFAPQPJG4~Gl|86?Z{nkhY`Pul5;DdRzgA+k21}5X1lLJJD
z!$EWU)I#){1?yVn=oVr3+w75jwO$V*^D*nvLFR+pImxmo_L?(cA70x9?l_pqyfgZ8
za^OwO#U0885jN+J#KFVI5~pjLVQLmySgIe@*D*}Egpu|j=5!wAk|4oQ-^&sG_iL)3
zN$xvuyFqP<1#Fn}nvW`hrP5TrxF!y-ftmNdL53vpf_17Y%7Dk?4gO;)>NYu<=-#dJ
zi;oILQYTS{cf69y^g%_ZgbKXG0nOCU^s0WBA)|fPKF=pznF#NYCi9-j%u|fZjYi4B
z(ML=&sGR23mL<)SRG-W-<o@*IlT9Kk9<wYd-SZbwx=@z&ttwE;dAC*DJC!?7o|4{B
zX#pn3%kBi@So$W@uT~`RoBX@2#{18Zxp({+&`;MD*{v_U(c=dqBDSl_Uzjzx?%uY4
zt|0n*{9JmFxA`+AfK1v#dEn%@$U-_L8?v9-_2jY0EW^s<tuAv!@bz(@(EsBlj_>(#
zAM|xRB+vJ_iRsWD5Ie~B#-%yCAS*{mIZ>kYo~@Co(mq5tjUT61&5lO;sY)%e6l;k&
zt7yH^D$Yq!wov3KeKg$4M~#-*PhLduV#`jx7)RDgY8Y2!BTpR7H-9u&K9Pj04=ZQ)
z79Js0vh2-h=3yRS*3I@kdBj9=`bk-2J4VxMxT>)Hw<YDR9NX+{l_vYqLL>ekUwa5<
zf#r%->Po7h++WKZFU<YN&E3)O4h&*tNzZrN!%AD!LGYNLNbo%`p%Vu#{2tcLC1CP=
zuAi*>ulnfogB+5j78gmmxCc(5`SoYNpGe#_T3HigKa$8e*LjGMlmeHw07;8dhqb(s
z)^ZjHT=*5^q{;8t2}Tym0M;UO*QWGSNUnPys6F|kXn3F$ePn`5rrDP#WafIYKSLF1
zRSB#)bf?UW-py6zpbfZ>smyy1Rlm2_#ifk2(gIr^1mq`o@2kqZ;xFGB6{{(@J{&|^
zvF9i#T_VV)zGe!PmJfeVR0T8)(9)>&&Z}I`aOi)m=6$?o?fAT2g%SF_-?Tu-3yK%e
zPufT-N-a;T7HOE5{1TzoCi3u}+8SPq{2C<H$e>JpN-uCJLYyT<PKZ5H);JPfDQ3MK
z`i-wDE!^~Ok5O?k4Ow#p?@*B0!=*P^$D~q%IGTT7Icq|9F#CXUpDqEm$sbh`ZleDO
zDVcU6^YO!kL<sH9SBHD@-$nlnq2HHpB?#zmZx7MIfqnTkS+KWOAMF|&n=A0=lgQUt
zO%uj&RCnng(E}ViuX~94{xK$(>*kq2wYF@cpje@a5vA0lrjkONaUxaaWUWdqr87E?
zQA`}sb;?}LCM;`eE@r8yc&ke4)z|1NP0hjbFyjxarAK#Rh|$xco2xEnTc5mq7Imf)
zE-J}nU#m47&wPKBXLVK?lXGMSWT?razH6A-+0(+NdxB$0Y!AS*H_{RRYhQw3Z-st6
zdK8+Ljue@g5{iAtiH$?~ebYo1|HqMjHYoMmEyMc}D7n`2sXqVPWgCY(6bR})_>xQ+
zMW-5-`MSX#)aQBvS>yXu+#>p^LO<VGH6OS?hE$~|J^Qb%lp_~0V?96S62~5Guvtn&
zlK4_3y?<VL;qZKc^zMa<!=Ut50Pv|I(FD7=YVL7$0jm>Q-#xd&yoSk&ki|}sMnwuG
z?JmyzaOfh%G`tZ5fW2%)kdi;S5Ue<~k}4pXEs_C{_9mf6ZsuZhp+fR~mu-DLAMbU9
zuP5?-_}U-`fhK1tN>x;e4TrFrUs$PRAx4xlq;rokO6C*2R$N|6NpD;Vbh6xU-y|)x
zs7dccMmGImfkLlQB_W90==#+#(VtpZA<uW5r`V#>qC{>&XqGmxC!zf@ub4{UID_1$
zUqZQjL1^ie+C*C210w(!1DGJqoeqgeQJYrdeF-N&U{=&%#|Re_)?N)Os+yRvu6sRt
z`KY;yL(Ii@`3B^M8>9Gs=dpPnJ9e52HP@097$w{U=*_UG$gkMHND}1ss*SM3qDlN*
z%bB!X%DwN}mK1ovf;mDVW`&|nC;i$6+Ey%%r-p8-uYysPxnaXxPXHePjD;TuyBSsW
zh0sh?X%^EVQ~GMY-jduyaQSrEGSIZJ95LKN=zsVAlKJ`lZdD!{^gt>0>Q7v@Ymy#h
zjCHyUNqo_IG?J`MoxiniF(UVD{9^UkriS#F+b*GGburd^+X#!WVcw-AP(HxXu1K9B
zNWVG{jj-YU32)P&M$-uWzPBEOE(UwrFa`~V9RNgQg|Mcj`O;W{mY{@aYe=Vd<-LeG
zCmXAaOOTt@<FFTk>33K4^04|Yi^NS2na)Q~!HCcjT^he3OJt3lb|6)(6e;Jh0{5e+
z@R3<tj?Gh4w&d2yTGMZuX2eF1q5tGI_-SS!bB-EPDiKAi6PxQuUB^59in4JFs<A~p
zS*MCwMwM{1S(ZpUj+Y$_<Ny_nVzOpE*g{N*uCk}7Assm}baUi-J#FpSOPM&aKG||X
z9sN)s+J)eTQI$Eb`Sg>FM78+VG<!uf$4r_b#bPBOwti7|w$UYtlR8p9Mf%`m;+M?I
zbf5y3KV2oca>(oUvKQ+*Yg($-wWdjbS$Ncx>|Ldgfo~kPeT+!DwEj#<35>T$%s5b%
zWmFgG@cZ}R-sUB*Ge=O!LIf$-GZ{X)9rO0d{w1<T<a>xvaiY(C;;6Db;?IW*#L-;8
z=L+>o8Myaj?ufxiFYKkL!g1=jzLV*-X>emwqls)@JNHHGRN5w&S%%+fFr~oq=wI@S
z$RyTi78Nqyv7IN=&oct4BL3X?6=*YLaArO)S+mu=%yxOsU8K}rUH<n8fF!YXn=yzU
zQpkAli2dUA-zJ}<fXT%>_Q~*aL#|lS_mMx-{PdYKeBSPkX7v}byl*;={C-Y(k~%oc
zQz%NsM8VnB8L&%90D?PGf=f*8ShkRGHI>&_&M9pa=|4%Qyfr%_)+Gpsb!G~x|4K}b
zqV%@nG~)SmdcTrfrxsDX2&9pBHbcC9Y~4^Sp6>wl?H7jO-O$7AtTk6W5Y#c=FQAU~
zHh#;h`FzM|8nDZ#nElmjvPRSYf~;=!JkEj<_IC85?8M_Wme3g-KWJm;eWo2wMqk!s
zJ#*Hkz&Iw&W+09An+@*rdLiq5t5*>v3(U8|TO<OO<N+FSdlhrf%NT;Nj5o34t8<P@
zmRZyDgxuAyL7r|K4Fd8LU?xaBuGD6&+-XC}fu18=p3T5-8&7FJuNdfx`))^jw$qMd
zr@-pz7MfdRJPl@`1ixhIWZ{9$Ln98uV7mkY+Yez$E0^|79K!V*&lnaE$MdsH^F=lZ
zv=TjM?{cQVz{=V4k4nA*qP-hU=20NPuhT;|qq#$Y5`tK;yFnfnQw!p)DS^FYm)DB&
zD<i$Ym76e+3MEfa^@{v>ml@K1Iyz-QOBLEz2H-J5E)n*vuEgPfpz&n?Um3y9RW5#h
zj#gw!;pg$Tru~i<wr-7268H{lb`CF$7d>Sk>0Mb6IWRGq8`|X0kd~C7?GRwcw4eYq
z-QI`SMF%@waV&noY5_l6A87B9KC#~G#w>7&k~omCgAltbJ?;7x6vGPuW^n|gw8xSI
zv0Z`Kz<B~m0$hA;j1$&KTL#G3w(67me#1EIBOU_Ky+lDdDuGm7&o7c=7_s}rV=X;G
za`c>`LY%z^M3Rl@pIXNK@b};J(5PUog@ZtYAE@xPnOa!=fzy8_=wl$AN4jQoyzKmt
zt&RCfX1;4h4*-&h4{5?E&_%YszJoK)jJsDcW3%_-MNHuy8FCkM+4^BO-r-D+^|eU=
zCz2CY=leFU;-ItQ#q;Y=Hw7)%`v=0=1&&8EvL1ZUyhX(fzZipukqB0T?y=(%ZCjKX
zBpwXA+VivpIdGF(`ATLcOr3g~PGx)|WPrJ;gO~rnR7^N_A?AD{o*43LLj!ZS0FL5d
zWpgugpU1viNBjJaKWCW3BIeaL>|EGs$HeI&UZC4%*4`yD^Ci8pF6doef8&E>f}ph<
zwU1wbPW&g&i;=7(^`5M`yvP%02*)~mCmWJPGq^FZq$#TdJ>!D(J9WT#Pq~6aNVzVL
zvvcX-_UQ$Gw((5Pho;Nz*>OjtJ}oEcEy!Yvf$#AGGpyIv-!=j`9)rgNTt0_^PG}bw
z^?RHw^v_$+mt$Vze{)?lCKj(oE~wIu6)MqMnd%^&VsDInqkJ9pv2vZ_V)em9e;MLx
zj(ybAM#8wXSst><c<x9e?(PUAHE|f*U<1Lk>8WHwlpR;g5HkL*;Go<~6<-`b{)&cv
zT~KnjyqfJ>%*espOJEfv%CQRbGSAxod^n!5;)mADq)$0p)1vhmX5D^Duon83>l@$K
zhDL0!<8Mu*r&$@rmloKYo~I_Ope8O?awtRriy2-%vNXSFHl{G2=gSxVz^RN2?{8!r
zbZDFnJ{>QyZ(~Z=Mk6xB{~EkJe6$At9xgPAWskHthwzyT`g^LdchDcsQR7u{^FfZw
zx2|}1F{`%KvLh|=Y3yvDN>H^ZFwUpqY3ws3va4G5VV3rGP({v#`i1gdS{H}+6?yq=
zp=^)$WetD$hePW$=sl+yVVLnS#lc(Lj#m|r68b#UGcK*6DVO)rSG~_SS>vT>uFcO~
zVt@6M2vS^<w!|$q72JrdIORklvz#lZMWxtlF4`(bGBWr4^4?3z?T0fgDYiSKj{=~$
z9zBJ9wdhFuZHpB2@WA2)iS*`V;17}H^SETbP?#BW9}BVxHDf(g*L3V(a}7lQwujS(
zd|U@MG!Qf%!7kaSm1M1&nU58g*AVN_$Hrlr<54zin}8&NF%t<3zHx75zvgUa3Dm;W
z={dLFI`xH^#K#BSb#y#`zg<to7TxZmXqGT+<MfAYJA$o|LCz?E9`N)PNdxadqE1y`
zF&AqYuT22e`2`yf(7{3oyDPvKk8pemgA7#kvh=sC2<yd0&2HkTit)Ax09A4Olu+q?
zwGvqF9rN3IH3VN4u+h#7<7cdQz2*GV82y57e>>!Cved_}V0j0W{{i&D26kigIu<P3
zZ!#YCdfXg}&UHF2YKFG&Yvy1P<m$z!wBCZ3yq;5^mcV=#vyDhN9=^07Z$SaBI|r|D
zg#TD`7!+T<YbBkc4P{w$W<uzWJNx{%d{_W5cuQ-$%gn-1!$p23jDx^VJg^LBAZFz0
z>Y1mpNq<#ze|bbjg|W!RG~Zb5w~|Wzk;7!g9d1+<2Rp86PfVCS@5k$Q^X;f+;Mu2t
z1!iCK5PSseg|sj?#jt14gsD6DLQy4Y;pFA@;fpJe;LI+oJcec?eHMdDvvxgCcdfhV
zHkc#MPP*BTirP4ZDrmb(Q4ar;_z#r*ibkI-B8~^n%kVkne%l_&5urteK*$-^^#trg
zc-f033=S$-I5=1!ymisRP;rJe13fIv$1L`l@Uh4t!1AlWux%n(6`eEBFPJCA+{ga{
zX@aCh*ymMa+8Rd)4MH~m2pk*g=aVx`9;?GEWjv_W9z<F?1gPND^{;+tp#KQih5^mU
z1wb0>f)@||uL!VzA4vdcnFmDkME|Jc|9Hv79_5(*FD%Tk@x0@+xj+mzufz_!Bv3O%
zK^-{+Uz#a`@WthskN(jAbC<&$mlx9CPW+9{K;NK-{smP4u!FCz$Mtm0GS}^MokDXt
z2A=JAm0_;;_3eDWv*_dS6!oglem_KdF4yNxoWXj+?|L$>E&%v0Cjj^u+g`mZb!@)i
zN8!~fHi)XHxlUVll*x`?D*#^@Q^=%dcZ1s44QPelgFs}c1ua8Ej0VJm_r-$|r_xIE
z?Y8R|n7@6B^O_GLU{&H5?j7(C3yk5|)Rw~k@IZ4U%+S?$)_0ye)8S!YIpzDQ8EN!H
z`p`_3{Ub4?kXBlKNH+K51CTc%x}di;cTj^j<?0^y+wP5m0-(&)??vcf?W<)=WYCty
zuk^-Z?MYf_Y4WRub3*dRt*y_s{U&u}Db=z^wfO#f-P4EtWrhwKhqit6OlAPmkgiB<
zQEUa4kCTzXoZWfOadu~0S;p^%H&V;Mw|On$!jbB*`-!Rnkeu6|iAeB%P|=ZkS^7x&
zH~=vYE=sx1CNFvrF^|5^S3+E<GA3{)#;UClwIL+-P@aTGH||TvOuI0iiBG)7NsF36
z6YK^>7qY4FuX!I?MvT4Ta=mB#1lH(5P_ndQBdicHg9XPbz)+ip4PCr{g(;M2b6nd$
z#Sb9;w0CjYSdRP7v9{?~Bsf)~1Yx;tQ^g-M>PihlApI5U`tj=BqdKU>?pMCTj2a>k
zLiQ=G)QHjK0sHVh9f>mrE<AAkkKOsfkiBQtj9K~uHc!S||5*9ywv33to)cGeu-J%q
zhg2p9<UoFvKG&UF+x=Cd)PdHu=s96!{Pu&!!6%zc7~b>%>AN*?1;z73_@ZXTE`stu
z1_$nITMN61Qq3j#D>bcIhD*hszeQuEdEH1LF(p@R)T1ziyr_H=;obY0Bt{OlmH@i7
z+p2XLI&{Mp+-eFHzxeXK8Pz+e9uYiz1%dEZOrLtG+2kCGlQZrd*AZ{nD@6=2808`f
ze+i$S?)h#f>j2*|$af*Eh>=bl*MwS>^_UgV-~jiZkD&eZnmc{Wyd`N`vCD9@_8nzM
zc9T#bU-nX)P?>{;UZ;WfjKNO$x_8Fi!jJ4I63$u`*;WchL+%|-o$HlhX<V(Vwyq*^
zxIT-M%-L*tRh4Ii#fo}n?TahqPbJ%R-syT;Uiy=6dk>7!V|7g>-=6nk8JFnXpmZn-
zO!=pntNpoFCCbhit-gN^5~DGuBiN9X%6;zDqAl4k^jN^cE0$M88;YdiX14R?N0%>g
zMZR~SJ>7{>hlt%?#-h`TE)4YndmyTHQohWp_~kCzrsGjs`MY4ZN(8toLB&GKIis*G
zmI6BsF*<NHRO+t!#5j6!NaGsglYU&sn8QcDj~)3H>EsH82r4zU=YJt`tEF$CT!%>k
z6~&~rJM1AdVsO9m`ubEJiYFEWI`$CtAgcYfkDf`vzJ*&%_zPNRdwV(@whgiIkuebM
zBu$Dyr3x)71?M_Bb-NFLw6Yd5D@7ERU(3t2v7CjOEjU<<rCa&Ypm%V!foR~8T)@wh
z1_4}iXu$u3qiO@!Rw^hy)at0MD(iV62wvp=kx`m>fpSG-)~4#OlJMCvyV#alQBWoL
zrSx<v7iAn8`|!s{z<K}>6*onH&7Tuhz>1f3VZ;Q~U5i(Obx>z)!Z;xQqUM0^OAt##
z-TIXJUG7Je;-oqiIv$m&nUp84DhVSzR@vE5);5(UW9}(C$u}DaPrT^q0ExH}jPe|T
z2?0eFYI9D8%Nr6`l%yIQ-6pxPh+(z2vAUt0C&!V1{899v5qeTB_p8j|{=F$KbB`=R
z^=+h@>ZbKaY;*eZzDf+JMIcIh^=j4u)UXZo-FL{zBTDcBJu+93B-<<YEtX&`X~o`D
zDup=Mag=)m>NTf2;suy0I5i<So5DzC!mV*Db19rJT&PwAn9-S>^1Z>qN%(b->Xgw6
zoD`{b?nfd5WO~xYV+>?c>%Rlvix|4~j|T8myZ0l&r&aBw{Gfkg61PSuMyfYZa4Jns
zCtv?-9iQ(Pq9l{>ccBGWs$)YEu+dH&*C(whRG90r`nUJG`{&@9njREZ$=RH#0Sp9o
zY#Z?V;ot!{!az!#UUyd}MtcJ87_J~<mF;6qE)&>;=-K^%{mLlSHe=QU^^-el>F8Kn
z^Yb7Wv=AONy|{p`n)`j<T5?#nD|K3O*zn5YWkMODRiv)!#w>5hEHRqz!|vVpOYAg6
z#Ssyuf)WO8%J+SX;{egGH5H0$8OP{M)L3kmxr*8Za6d_9aio(eU+Op4ppx4}VS<#<
zW<_O%;Sa=Ayl$b-D#?kocK82Wg+>_sH4FH|c(rkk|MOA9ykJGb5dkLCGd&as$AOWz
z?KTH3sFc`@k;$L_5`vdraYx&b&<5$!rN8WmL2V0%u?Kf77Fan`Xarwbtu%0H1l^qC
zdpo85ZH>=D_^%x7uX4WV@OZ&c*N6Et*a=8psPO~}qh2aIQUpKYYAj5Ikp^GgxV?2`
z39lfiXDkkiUa8~+miYV#oh;h0g4Zfnh}lyijNUTNO`LcZO%vkV?r_Nu8E`exDdsa5
zbCw+0J9<#}Y9hw|l0;7mDYz?e!JkV-Z4*sn1pHTdK~V7a3r<EY#yMw;b7jH$fgimE
z!UoclS`?;OaQoJ-2kQ7gMA;Mlqo4AiD*01vGBZm_cMLUhI&`%1t>K0TAu2z71bDO|
zt!s3JHkJS|Um|WwO^>G_5xi_qwch=&<_lrOnDh7vUWO$ZO@J_AL*>Y>jzYNmy*Sd+
zGO~Q}9CNoma~CqwGGcyuWPa2H58w0_=y&Z-=<2r0+D9Y@LA%MCb7wcXnC^RZ+xqBz
zey<#z8vGMvFK4=34&0>3TcIYM62lcy<`C*XYy>K=5PXnAx(ZN(oxV`t0o%<=j^R1S
z`)BBdE@-+~1Bf#8mP?L*Or}!G_E6EpP*ky7J7Tur((f{r3$;fnXqUZd8}*YkIJL#<
zRu0wt+>T(n2vSTsjKDnjNle_tJq6d0-oMxU_}w6)R+BKCPY>tobHji)p;1>#Av+SU
zjZVC%zcC#hbjPIZKpmcIK}em{dq0RwgKpS6|M4mdW1{@zfdUL6#7qi<8qp&vMDf%(
zbWo%$jNkX0QmiO+m>m$&{&g+&>v2(jVxW|Af(`y0=t1V)&LtMlXCvp3K|98>c*D?#
zes#J#TwCW}v>lJ%EbpR}PNK4kJNll4D{hBoSiW_7Q=D%eaQa&wq)2u@3F0(ae>9xX
z63kXcebwOYvtwf1NORdk!v2Dz!G+m~Jt&v*Ol`I6z=o~0c)C=%h>bAwMdz~;nd4n#
z<y|ob!;>Rja_0amorg|9`ED!&HYL>+pEF{~1R8`}*bo7w32Xarh!|Q<CTZm}CrjZ~
z&NV5zr`x|uccqQ*$I(Qg&9wJZsJtcdewRMX=p>&YErY>MLPMjJgHk{`NLR>5oaWkf
zO*aH9Mq}B-2+S!Z<C{Jhv_9GUUr+R(;C;Ra9~Pkp8J|~zL8R-qzpQh$24WqZ|IIoX
zi_D(}Yw1gtqsTyzd73{SoN6D<_134<WS3d9+~Qo{WLcLP6?jz34fTZFdHa2+M;)2u
zA63~sJb@r%?$Kgm=UQp>>13hUej$qKa&L8#s|vdbHt&6Qyzd<8N0vRfk|KF;#JcPV
zuUSHldZzZyY+Avg>zyE|QdwWYMbK?BTYhszGRcW<?#M~St_@~}?`DGSX*0Q6>w^D2
zgro?eJJf_^Vpk}(!ZU@Vc|$x8d>+II4wK}aVYlA^Z8XdL>!-LkRRK&hWUj=@i>x@A
zTBZ4VR*`9ycH;Jy2DL+@^8ue&cD2`)l4kW13z1n$u>y2VOLs8^2Gk??|8n$hcMSbs
z`wa30W5Py(B$J6WQ1XqQ23h6+$R#OE^c#VBhuuK%Gpv0xq(M38<`82=55h#O&gGe#
zwXe+%y{X&rz4_4*?O@FN;KXnt<NtJdvl%nG{cJlljk~!Swd%h8i)3#0r95QokKXAX
z=7rt{P8{EhOs<%`ncMe=_nn?PTP|&%HxOQ3O-C;5#n_OREBSj%_|+bDjXEtTMV8D@
zBFhdTv3r$bl_rzcy&$N1P3B#)DkTbV2&DQiM%xEb&{Dosa6(LA@v@@Zw3-K+Dd<*f
zh)|-)A{lLNx8jJ&rc<1#6O*4t9Z}Y59Z<f1Ngufm@K$e!i_tYAy^0}&f!~UA%ruS!
zIWcC_K8MdKHwa=<8Q9rv3uF*Y0gm;EMC9K;Vh5pqVPyy=5CqXFfEX)q1njTj`REnz
zt!NZ*z_XzTHFbCs%=L6M-L(_X?P#a>aVY<0`&H$QK=I+=`1Y<C9`{v?KSt!Unl}p&
zCZVWj8Qf}N&{U5%N85vdA077vaj{)@wrpo+tEa;aX(1$6w+V}L(;Fd2j@?+m3<1a9
zUgUFOEDfHhV}5~YDc9QenfiorS9e0qNO>SQ?nt4kTz^vZZ(;rr%2&A?^|(c1NgO}m
z`MOcN<cJkp3=xqQY6Xk|NL_x)e&7`*Qfp^45D;i(AZ!>W3h7X-T@;gc|0!zo_~mpH
ze}3bNrx%6Q?>B}CN%`MYBpM@VA-xK;Uomw_uH9r56Y?L%26SRgCZ6A+mKt6D+&OWR
z!~@q_lkN60=jP||ZP6c!x%=k$u#CTW_7r8G6mkDE>Z3U8yhZaXLVcFRJ0p((-E+s|
zY}*Zk+3M;XKd#jN>wWjh$kY0IHD`0OMz<c515|8|nD&=s8vF6;=`a%ZB9@oAxU|K?
z!SGaUJ<TuHuqAt#vLz1HI9LwBBK6(TtXGq2Q9?FCrW}yEy3C1_yANb79Xl-G+{b2J
z+{cv|Zp>xkxMacYZb)LXsT8dil+ji^8&jzV2zhmzt@QR6O9~Wd_|aVOp^G(3dxloH
zzp8Nbfd;kAL2t4AGEk!bhhj+ai6Np6bX&cQ?J_1f71s@7&|_-=4K5t?c8^54KL??0
zr~vKA^l@%(JYWJ2;0RXpd@s2}aZg8r{XZsxULFWvd2H_(X171OH_*&K&4Q|ce)%(<
zhX^`wZf1Njk<$XbxYbm^DpJyMC!-VZ@-gOJ$D7)6iVpd<Z&ik7`O7RE@Jf#JWKF&r
zj>V%*|Hgmr2*r_UaVaLet*+oqdW>b2o%-67LI&P7WaGAW4(>kB@vEt={JX=CNeh6t
z>VPEUcTZWEkti=$7mCj^TYELPf%#Td^OeEuP>sJKL_k)f8CX)GPOFo?8aX(r2@2-(
zt=nM+zhqZGcDuDyQu=F$jO=3h*&RHH$rBCvjpYf1l9WsXXE%;f0yX<N=f}$7el4Uk
zk;nf73}@tD2S0zq?2@~p0#rMt=(&1ji}j983(L*;bC()YyB87=ZJ`2ec;L^{9Y!4`
zUp!4S_1n`C+LHP+=Te<(*8X_6wa03f$G^v;W*0x&5-FJPSGXw20y=~7essbAMm~eH
z*}mX``dG#r`-Nh@MXK{d%sIPu$s$l18t+<4{QgIwU0M3|4-Uw6D{{NdON6`%tp%c~
z>yc1_`^v-`jm87VDQ?@3w{U*N4#*!uB~v5@5FMMI%8~@)TYn5rRfNg+4VJ!m8f~CG
z!C_)%YJEY4H6g*-8$}RY<X;#Yf%CB1t{FW#%tr==1g`|J6@jk=)2e3qJ6CC`-x8F}
z07tei5&g6Vn>)IpTv|ZDlp+raKu_zF_%pT5USePo>|dJYWe`5H1cg1kc03hzgGK^O
z!<kV=EIEtI`m-}V)nPbs+eK#nkDH}U8g%E=@0$uZ8r0cjh{%wKULyj8F&o>xwzuZM
z$-dX8vAn(y@^iM`olqRDH~urnV(j2_mwLoi7??i(>d^%;Z2Q29Hl=m6^|i)VthFf_
z;uT|BV%hGNCqK|u<DeK84{nr@CnL6w6fPsS{$!(iTPD07+S0~#lS2ujF`I#M$?M@#
zdJ|SkygwzuA>i0C5=m6$-f@MhDl1~-8FXh@Z$-latf=e4yRvd_h=<fHYZvWVv;W;a
zGohh+ZYd1g+%mpQX3geH=m*k);u$nUkooi<9SD2oMh^IlwSW9tIUvscf=zCvrRPia
z85QAkDocqw_v}VnPL8_%PKtsD(ecT73*r6g*8QLZ4*cH1Vv73?ug4`LewQB8ymgYC
zad84EsN5p|+wDzV-}?imW&UwF@+{=hVn5(4zXd1lOTFKO#rb(&iYjTN?}+lL?RJ{I
zXIk8C)ek(OZ$$OW<-(rAeLS=9tSDZXS9>(OOF01-%D)!zQtRd6*c5Y3xHD0d3yq=E
zdfU=eZYB0qCg7yY{T;xBZuO%C9k4HOE5R45uDy%miUQtZ{qdmxP7oZn#nS#xm8qU3
zTF^ijm>M}_o$*G{*M!K5@J1YCCBSpjDzJb#h>BWrA1}}uuRTE&{(aaoL~U&ZnGREa
z4-2G<z(0OBl_szE8}*9We137<{<p_}&N5E!KIfuhNf|d-)?6@DZ!_~s=rv)j#lhnn
z?+5o01&Q##y`Mhpe7r6)m`opk<L6>NjA}28whvs)4oG$7Td!c37|#Jnuz`-XQhEkU
zhZ)|L&h$fmM@qb}{2in{GZkjb*7nVdRuCan2PzIWiEo|bQkCVfS*m>EdYD42MB_`R
zackjcMJ%i@I9Weflk_5ML&19Eu?)oK2d4@^%P1KGex_qpOuErZy^%}?#Rg`Rp18Vy
zXT>njL`)~lu(52>*uDz*cqdi$A<}?Yk~92S_}6Zk5dkxEjtfv7zN6X8e);i<ovggR
zv4^zO6<oRZE#IV*0S@G^j4o~uV{UDF9NepB3<U)EqJK6yYEYO!SS$?I6tBugA==Jb
z6OcRQ{n(ym#ld`A-{*gSc>`hb?3Z7@fCLkH>4>tgJ%3DmbUgm@iNM&Q9EWRZ-GzP*
zA$G#mtd*l+?iVXmCOK|Ov2ei6d3r!RQc~=mE0l`(S2;=4rsjQd2$yMLv!dZ)q!?dU
zC)G6Fzsj*TEp7XGF9*6^)PYO`$MKx(#^A@tVECd*HF8$|CgUAq>*X*g`@tV@P*8TP
z9?trjE!GdiP>0ryRpNtg+%GXOjrL!2fv|1uV|;Ns3r>EQV76#UX)J9CP{nFmhkyOf
zzw~-}!;B7@k;C7$-@w<O6=YvKJT$v{u`QW3dw=SAR7EkD$M1>WxCeQ1nJ@n(@hDGM
zjJGA^yL_&Ho4)-YdSF?@{GUHPK93`5mVD9v(lE=4dHV%rag+cr{oo_#AYKsFUXRUb
z0N)>-L8&<=PP8HUd`)a_4zi*tlvVV%|D;?oMs(YI{GLE|$ocWZFLi)$ewQ>PS=VwE
zf^SfOgivPPh0rft^rCjy{f*YTC73}AeYc6^UWIs&f_6BK_<hY<O$g+ZPo!J0OEVts
z_)&)$&l~OQyLdc?wZGD4F`C^I^``l)SJfnjfUE66f|jEa2mB^*(tD)*R)_ZF8*M5a
zRCcRSXgHM^Sw{XNuvL!DtK>$-*dus##HCs(GV0Z(H=K5Q{6Ye}hz5}QLbp0h^eYDU
z40#6TrJX=EPTTePVY|(uYCaAgCKHM)^8Yw@(pgL&IQqO-`W|k`V!23$mKv?gKSmZ!
z^Vs<{W_znO#Iz=&2=<*0-%wV$p97(m2;jA>w!OwVF#`ld)MJEOUEVOH0U`&Vgxod*
zNlr-PO~3@+J%tSvGlvK~J}i66f7pe_4W-)mhw(2QUv>r+29=cL+b_cVILzCqi?_tR
z^cI5mXd;8u391~S(qXuGQ7GuUO|Ry~pOPm|EZ6{_35LXd*+J|};w~8H6yQD0dC1+~
z99ic#Ew))sA5|l0@lR%@{~63q@|{`PDg-CVYfL^-8a89%dh;wVIl5W%CyPG@i4^gB
zd!n~0Oi+qDX3IAS%}u#jR!qx`q%g}fQ{ywc|2|<`I^uXZ9fcaBbH7w+uqai>t}^||
z>Pk~AU8OTl+IP!2;b90}Y=3$3YmeaPRo@xvi@-v9NjD1E(dQl|wH)1j;P)TVa<E(x
z;6UX+`K5gV=Rdi<x6&C4pMn#U{&Nr3F!MTlT6}e{Dk*ZQn7^2im41w6S%qEIBE=oK
z5hp0g+*_6%J?IWq_-m6?DI#D@zOFWbIJ>E18QM|B+|cjOisnVz$>9&2Z5{H0%NDL{
z{!&cyA<J+Wo&ByT_+K2@<RtfsVG)JMxkn|YB_8pxSvL8UC=*xq2n!Qx)DH{5jg97&
z8HN~s6Se~`PbMt<3VCUu3hi%v1i_X2B{{clWu`}yk=+VIu}xmE&33?&t1r@y4dP)o
zm+-LKpE<18hgE4K0s2$~c5TX!`zw>IR*Q1?dg$*iLh5NHRC5zi;CL1C5<s1_w2!5B
zDJ{_2yu2C^<HyYEPEWu^Ok8F(sBW>S`Oz18Z8dI%An7UTkwB88sY>6UF|^;mTx-`>
z-K1Y<gU&c5JO>Z=|1b95Dk`qv>lcJT8WJD`cemid-8DD_cXxM}5Fki!cXtc!uEE`D
zf?MORw>$ZN_kJ_8*4(H2H1h<jPn~nBw*0nKoxQa}sj3OHaTDOpZt^TIl@a+hn37Mw
zceV*20P%>}aF`UZRI9N^<9Ap9qDa24q1p`LwE(%cWSh-i#&omZjf>Pl33(6Qsu&lF
zv$-!|A#r#vlxzGg9%-Up)`>4=1_Be?hh0aLTfooiNtHlcRub_=zzaB&`nv(tDoBW|
z6ul?5nxpB)_B}j11Jyu9aWVF+bUSfB&P>tpix~K1Tj)MJ4Jz8J`;TTyS-j?q+YR5K
zHJ-IK?c;$z_PAcX_t-^`=_(~`aXC)SPO7f!%vMi})~aJ%gIP>cM`pX}Y=!CcfEBTp
zimMrULbNVWfgzKH+5PJTLM?w*Y`we3t^U<z0`zS{*Zjf+`bzl1x2}TPU}4t{@*4f9
z8C$#Ccai|cs0At*5)h9zrWg||C*|E`%g25r=DUN15RY6ThcSSu;}gK|i1Z^oISe^W
zWwX61;y1iF(e<0@*W4B9xM5_zlQle;Hvxjog3KS8!^?~vRd1x!UZ2$j0iEsz<#A;f
zbl7co*`4(QNFU*0W1(XMjGyL7&;)Jkr#qjP(#Uh~uF9kV#$Fa*v;n~1;~ubY0*w8Q
zp+2-CV(2idS7A57o<a2>9;v`2Apt;>ZRjVg<&E_;VS>cbh|!4CduGF1ONiFA&+#qJ
z(GQPQJ%FqU-pdKo;SGBCaMS=n;+u5vFxcmEe8h3nvMnlFKo*0a{h7ea%Rv%VK{-|J
zwS{>j&5MOU<az5Kap2P#Ey5^b<WNx<{Eg2#iEJ2=WTpOWD@(8o5`P4~!+ENDU6p=n
zedRLlGCLaawa~Q|&|w0PyoVYM&`BSA9C^KaX6z$|5bL$`bZZ7&UH`Q?>#or(MrgNJ
z>@!zdw@pDb;{MHaw<YsCfSKCEDLZ(Q(TFcLL|KKe_uvgWAAxhm2@;s4mQMr^RB;mp
zWdck?Q272hsTxnG_5a42K*oX|NnkW=Tzd3lhx&^G!Nr}+tGYy|jBP28G>l;&L_A|3
z^1sDMe7?`OX*Cv<R)b-NDkwLLJ3}S(4+YZ&LlPhfc!;{}?Y;MwCJB>Y4iy1VF<|kg
ze9|1->wKn6oO6T!`xwBGKe9|%XLm1yj&~RVrx^=@0y7kxe%KO+LOhu5#5lw_X9LA(
z41B5N4+n|`(^+iH^3ExbSH+3fSwwPOSB++u_C@!A51talA0h8l%4<ZNpxUUGjzTp2
zj`*QYz7BL*Dm1CVcJ~!}SpW6k6N_s%bAWunh-l~xa#G}%&X+dIz}x05q9G`2M*0Nn
zM-B&I)PFtjoAGzw+7*fzLf7UmfaQt0DGfGku;hh<@-w<r0{P(n3KX$y>ox(*%Bf>O
zt)bxgh``H(gDgPcb<QeiMViW~)=76TH1`?scW4&|rg484GIFbNEVRY-kp2d^-~|CM
zloRmZ)YLcaI`73$tZ565U|!X+^6%~z{M^x@8<T?j8ZxZSez_kI!u->Q{O@bORt(|s
zUB3`LzDj1K=f6aW0MN4t6KXzSjAb+aECW0uz`hxV8WzM=;W4$a^@<a9)+!kUbaIC1
zPMcO+e!P<39Wky5M-%(cIDa02BRUI`_tl17u=FMw+GBee+fnt1FBa8R|MX$on&+TV
zBqyM;!kGihy<ZyK)rk!oJ-q+s;$vgd3GF`}CILyOf;RJ}=kScr4xp=_i}VDNYHY*%
zefRV_PdJVFe>IvF24LR^z;)$uAPH?o{6H4He})E6)Bk9mdt}=CZDWFxx0DXIq)kmX
z@a4z=$wP&vf+`I2z)deek`B|OF$;?6*zbeCgdMKZa~l!Q8%1BYf9OyjZd|1No>J(*
z68S2>c0@j{3=kEjL>?DcR`oE`<z~MT*eUwwdSr`&?i)6guH4J@1r)F6%!a2K255ta
z3JgEwFhWxJsjjW+uq#qa#!ysYfOS#DVgk8HmYxNE_&<z_?#~zcTHcSwP+KpA!^B?J
zi4&T@dsY+(?3BM)6#*F<Z0r|z<RAh}_-Mm4s~3srdwVJmG$VHh;7sb3_@U!KA#6M(
z4ErwwE~-AyAa9vUz+QEbW~&Hoz6svEq!#!0TC5|!Y%z(BN{sa}52TmDe*RrO*e(BQ
z%2vIFeC9N)k|wNl#2NM(eWru&E%?Pkp65n2WQiXR8m8Bbp;VCw=c5C2lVuVom|Ok)
z2))JWdQvHKkqZS5&td5Nj}|CkEb)dqdt?M6(g;u{AH)1r3mm%bc9lxf4;W=A+!|OM
zsKhUiC@YNA5T+9`DdV*(b4Kv8CY39vu};06cfSgxSuH=wyz+kY4YL4d{*|uDD$3#Q
zJz;d`e*N1w%ycGv>Q?W<Or+QEo1XrBmjzUDa6yCLtVRMu{B~Qf8+li961h^Bpo=E!
zV4l0EBrk8)qG*2XBOuN@FZPu?ll!;DpRF=6PiX`#FB-Ol??2_uX_BHI`fUR*v6V9J
zq9UKr=Ewr$h=w?Czsfw`p#9Z(Qk(`Nc~l_=eLMPsGJtb#G4_d!i^l@iWBy1cr7+lZ
zEb^(SG(}>WtqJGw&<<1~Y=1?sPJ(G&ww9F`tL3@mY+VBHVjCG;qAgoqS@sLj9m@Lr
zmSSDE9n3?yH%Kk^+VqV@d)n$~|7&5QaTp&#(ONC3(a_u9*0SOBE1wMaoi!#dCcN+9
z+i(@oDRSrK+bl@=|M*U!wt30ER28?NoZm;3v%E?dC<iHp@yPuw=XpcJ$cYr2pn?vz
zq~uFS@}Ky#CThECB<a+xWKl-uVEI1gv!=vEVtZ=3qv`}ke!FRuR$NhdF(~9lIj4pW
zckd2EbC+flM*92#o8t_7m601)GoSdTyuSTM>QV%-_RllIb|4D<-KgZXn08wF{TpcD
zl4v-i<hgTi`JJ>&P@HleH?Qv7hPtN37+Oo&jVo1y>3PGs;BEK<Ee{*^nTv`#sJ1sg
zUVrWKfxt_=c5vT@|F4QG4KeD-K*Jw8IX`3pO8SO_PRq~vS5sPok$tNI-9{*mpcetP
zj_`r6&3LzMCPKgYCC8kcYld++vbO8BS2JPBFNPGwL2|rFGu)tGG(697OZBeK_8S`d
z8tD0g%^3@I-mUo2-(`{WdwR<AmCpA;q|cl!Q7qi=mw^moHX<HoL9dp&p*x#pvEA>=
zIddA7$!4Lp{2fH14xYbdetS|lJG43A&J33g#wi}F7g~VU=f|G<HW5Klc^sR2X|*3_
zUL|V9N1Aj<gU<-hJYiA;?W+}z;9BX=CX`6-LiZ5*!q&7K@+eh?(O${MwU2QuLX2}v
zfMdVcYdi?<+ZEkiv=;-d%?2M7E5ymu8i#0HHg{s)tX*z{#%%wP#ZS04AC)s*pD4BS
zSWmepMPCvR$2@M^ikyY1(XsJ<E}>*csd>iOfR5`Kr0~Lo^O+76p?|Bs@Xlds3YJfj
z(N_MlB;J*;bGpQb^ZhcMQW_X(W__F<eaActI}OhMYrXVcO*w<s%>MT|k23=W7&#@A
zLF4ngF9^GT84ml+^x%fX>p^T75wI%J$w)sOFQkv~mPc(8cTS$Sos$izmzSdM?Lap_
zY;5;>OaPnR<MVh}z->}D<3twa!-^SmHK@L!`GJ>t(oWi^R`Zkc*dy2h@DD{Rx_&;$
z)-*?#a((4Ik_<}P3+lPQNR{*;-m3iKHFwN|98ta`pv9{B)0D?NiLU6?bQ1690V~P~
z=`}>2B}I*DYdy>C*FR{?^5ee+iBNOizu95wbzCfGmssnSD=x3u{JyUAQvs$9YAcwq
zwkTBJmv>+7vZL8NGSzVS+cGgumv?n;5Kk(r*<rAtrSjIVA1u_)t0!|V4;=5UbM*Ht
zXHsVmQJ$?}RWt6RT720K%HP=I|K%VN4tk*PitBLKlKR6zk=d4-Tj~$}iV;8Tn#@Lj
z>x8G>Yy<3{##byj{vpBAfI=O4<C?~T$FG5s72IXw>?`n@!puz$bx1NR9@s9U0vOH=
zamjT&Fa9$`4O)qa^wzpxJ7omG98}nBZVgIc!Y$zXi5>CnCPitMJz8yq#ObqCF~0-b
zC(Yyk2<%@5mcKPNk9p~;9@~n^rKzoXUoT`uOcY_BgB+G<HJuP*D)%*gXLD!6TG5XB
zo%G(0TN*w3v9^uo*3UOn@`x$VD`KAQ7_D|K0|%UoAz*|PU>=Ia8ec6H{ebth!|3PB
zJ};c<ZI3~7!xMZ~UQr-^)uAeR>D}_V?Fkh}TU866@oY($X74HYDxaTIN%?UHuCd*f
zNJrrCu3V__y)pGv#F|9<i&(}M5JU-M*$w93kG`)3WhEqEFf+&l^0Ivj(d&`6f6n|i
z1O<)CdfgwvvdHbz&%v__B7C;pXG%lN7DEQ4a7~=m<d-tf0xG(_Kj#MV;}fv81!<D3
zadKZY<9)HYP!%dirJ-W(X~0B=tPL$6b4p%PXy&k#uFOT27Mqu#u^l<UxVq6;kjWi0
z5-##1Mc~X{tPnZoDK|pR%w-&7O!x2)UIy4om-q`5>WU*WrL9advHGm50b8$Co!#x4
zZJjxXE#4w(IlnmHgeBt*P5Wm@HX-DQv^Mn<3~%vZ2A3YiN&c^4%fSx2TfOVf^a7gZ
z=kWiRrNlv&vh90Q80+@74jRm($py3MfM_OLX`dSO4CFAfth$PRm@97%9L^cV66LC$
z%X-fe^pyPEE%rySOX?*75cW?u-nb>|{HXfUU_*%eR9hJ8U4njZ8CP}Poiwzef4q+|
zu$?Md&#CsFzns^G`l2{ab4^Hnq#|_h;yI=)gtx>s7W#T*29|Hbv)5Q}q#2=|u<Mh4
z7Rg)dKu!T&?o|)r?Gy)LyAttiXiW$ff}I!omTVBi;<9&|hOsz8VW^{h>JQN^%&cTr
ztTMU557t)aUE>&Dsgm?7M8MX{_E+;H6>eKEqBq0(z#(GieZAW5jXM*;c_MD#K)?An
z7q-m)3lqdJ7u8I8nuo)A3U_A1Q2eZ57{}`DC^Ny1axwQyLchbJfWf*Sx*UeG^v85{
zf0{Gy8Wj*&A0oZF#sL>=fwka$Par-<*J{Fn)Ae?{o=P}-k<0V!c)J+wJ-qYkJOqw>
zW1#KU5@QGZ4bMy#^(SrN0{cC_ZS8>R%>yo=?Cnd0bDT+e*wQNVuyDB|?89B5#+Z}2
zCx>PuQv_QhWu+def;u|LUDv7g-ZLg@A@%EB2YW;uh<+A|{`ltZs4$eht{@U0HK}6i
z-6$Nb=Dvt4RAVAPwZY!eE^E-zMT7-uso&TqCQx^+MQvgKK<oxMp%2k57G{Ns-@_lk
zo<Cwo=6gW5;Ugz?B3g=B473sS{k}PkkA+9$#Uo}knMVb$OtJREySa~o2v@k8_Fz#n
z9*HIAa`H`>M!zv4SPoH|#3GhYR4%)YARp2n#u<3mUVxheFo#|?HAeJ&PtS}Q%~7|b
z6hy~(rd{Uw?y@@!^Fcr88y;iEd4P5BmWe@y#=)-R?*>e)W1bQBgHc9JXNzP8EU&GG
zThPqCJ;WROMt6{RSd)bqEZhLnL+W_boek8ZTYi~26C1;dzSA*=Vt;s>AsfpP)sRTD
zoj?*Q3rK9z<kpf_!vi<%A+Qm0TggV9SW~TV&R=IQaeZSBt&4`R4(P*}syh&JVBNjC
zEYnVx1x)gbfR*OLlB*6M-5Z~S9$hS)fa)sI@;k2oTm7^QrhV$VeIb{IL~+7~L}8l&
ziw@_sG4exKcb2~pH*KD?)8>fYd}l}=lkqaxYuOV^o~KxoSNN-<|Lx;=&4^;OY@T$B
zjKNI?%k!$k%EJxFn-k)o%h_GU{*kLuw_fpmwZwRem^<y7IrnW{e4$_DsKVs0Djf%x
zV0*ZTeSE<7xodiqLgfudyh1oFsQrzl$1Sa#o|Kw8r%%MY?EltYmd?G3GJ`uc8!n*1
zZ_0)(*zLZ!n-a#HNJ>aA+uPLLj9~$_V%>1=L-p1_vs4XbUCRRC3&K2*HbZ-uUJ7nF
zb^tP9;Eo-hkC}qqjGhU^D%MkroR-JJ9<=t|H4Ud(ON`Q+Y$Lda`X>EV4e^|o?61X<
zZF0M><s{Xba+UleJ~?*s{@{cJ@g+_@TT5z?e6K09d83#jokw!gZWL3_t718v$H)F?
zki4tyL%#>8tzeQAil;Ggx(C%kGxFOLY37n<*cHo=;0IRgILW0DqNs+1JoOe6T;}@L
zFjwdNwQ#Z0HRw91svW_yMGdPkx8(}|HV~6e<bYDi(+n!CJ$fB-0lN>h!{P4?bq8_=
zOB~nqNv%>8ODIf#8`pvCqRCu1jf}AF<izlBtcODON{u6)9jd-bQ-1Zo%XPELz*FjZ
zFul(yy38jQy^c86B*ps@wPO1Rd2utq!)%G7JPR{*Xjbz4o%{)ckJno;4+ED$%;0!C
zAIN|yLUN8GWf&UjvPbq^xIg!`y7o9kdZ+&bGgQdRWUSNuFt5Z&fk|+!`iZ}8;2Seh
z%M&Uk!*k~Actk1Wx2rX=XZL^5s^ZO*c_2#+4NB1(x861XMrglhChF8*9=RU~h<tN{
zqttbSCR@YbMmFbF*-O-d&-2$%u|XkpvGW*Be$|ip*2vKJ=+3~7XUbmxWy^GrGAT^r
z^mp35zBqya%XHnnebZPeSHfyZ9?epMs4kP0Ji5;M{N^_wv!##~<EXK>Ywt&0tVXuV
zX>a>G+MyvqnP$d37SZpxhK%DY`PWl51KCgDQ#3c0Q&!aY<S;kCl609Yv(zG%X>HOK
z$?B?^>3n1g27-Pj{W`Q1J@+Wcc*|f^jv*F7wfxTitvg7QI4Dv_whJZ~TqndorZ7qv
z>>HX%f`fr|kQ19RXTX2cy9BV_RS(e_Ak{T9=EPX}un--a|1kp)dL4kIE-EO{pjBcU
z>lHqq(p8&cW5zfG^9o<0lWVTxhEG<gAgLDC(t0AszD)yW{EqwgG)>J+JTEu--fZPJ
zh3^Cbeu%~@3GVze<vSeg79A#S-szBx+X>}nghQ<wp6;`|gM*u!+RNUr#Ez!+cJ4Cz
z)I8Wl*(*39`iX%hQJ;_e44RSvJ#h929PAU9p|^xDpB<Zg#%CxEYB6YkkE2fUi^o#6
zx2V4+%=iogl5sdIVELlvGb3E<rt5=p<(b#QnB!FS`HN^ne%P(191BQ1QG)sI{lB~q
zZxNOEwPNiG$cL|G%`|6<xu&YdaKl=vEz*kV6(1k&e!$J)KQqQGjq{+cfU802za{-a
z{zf%*OV121C|VH>h2l-5oZn?Dr!K$Tzs$*oN9fF)V3#|zaczKqW(>Km?+mhH@t>o?
z-l@l=tTo4PeK;t<MiG6<atQK%WM-`BZigrDfxW=X(hb1v@a4sC_q$)Br<$91{6+Q|
zP_)`X0wFW}o7ZpACPIs?L25UQA`QV<1jyp2z@95xu1Yu6sSk!RcGoNcengO=ZM-*;
zh#QO|<bg>^BZO%?wW{A<RRz%QZXt5kO)K)j_<B_24>TWM^lchq*Xb~aG(eB2V5$ny
zYqb}WANVVdU4F;&dE`4`QO^O->6C9oFLsAFj`EZpn*r3AAv2<XW4zNL;d413PUn6^
zUo_)0Z={XGvAFI9i390^!dQRCGZIKbbYIwzzcjigvO~&uai;?g99U<={UO5vvkIRW
zNAjm79q{*1&HB(_>9xO@)H^M$aM7=4|1-orP*G;fxf{aPP(wq>dZWu1h-%w?R8LXw
z>-aelF|ZDGXd4)7BpW>~-a}oPPFb314#4$x{#N4UI9))IVZn;mUx?AT$a;ko?_C%I
zq8efwg%3?Xyy$|f;oj4|khAWJlci_%gZ<3CPxce_=5rqGeIBlUqAO4umn9ymMUXP5
zL&q(CcYwN7c0C_!|5H^LH$)CMf`}!5GkdGZ7GVhl^KA9?l926mHEbF2p8YPCl`EWv
z1gUZBtH!PsF*-*zo@`Zpj^`@F8?X(1Jk%Tb*-iq~KD;H3xl@S@tx<3nr{d}Aaqkgo
zW2O4@#+y|HFVT?V5lMf=5&3eSe>iv-Z^5b+mGe$=#d~XRW!i-oD-Dr_5J$3Neayup
z85)NqW}<}QVdpSC!%1#+X===Z7KV3eQuuQ3jVPQ?zG4rdX*{u?GR)}oiPt-$LR3Ml
zA@bSAt;p%s_|x2T<&(l0eCezG0<YVB3P_rwdxS)vib@R}27OtsP(4q^7jW0M*3kNp
zc-4hbO8a%Bz_Dn!N8OQ-7o?EM`@wjPqw#c$YwU^xF_T^>a{l;lP+K*ejS_{0I&RKC
z7157-!q|JYc{9ru?I1T^{Wg`zN<TWlnlIG!(*L(yTAkfPVWc$eMKyxXzU}rKvy7~r
z;V%ZnWP(_04LF$@2PZ(Cy<d-sgm;d*7B8!+*aTNG;_tkY6~8?xA`wgToKQ?6lKV46
ze<`*bBq(Tpmrz-+OarW9<8qsgjTHW?2>4Aso0RF2S9#%=%v{Oogoop#f&V?;oPK<P
z1e|Ezrs^Nk=5~v{7T+bPG<^3x(rEGX`#iopyp(W4xX#Z*XF3>JFFMQB(hd$qD=0E8
z0k{ovXfY_PxVux=X&pLa2hbOC+uClD#a%=2pUDK15QL2qe81TTs?>y|Nx#h$1dEw1
zZN!HM$-M7;qo0IciUG+KH|^h3b6{uRvb?(nHRZ8#6a`x5D1KUc-YRFIktxq&tQ!9G
zk10a9ZnRUL?MerjqMcmk*y3as57P5kL)k_zCD~3XefewWaOsTJi?$jytz;Je6*pSH
zE8ErxtL&VfZ_`O{;z^|xb0}<?k9R+@H86<~x3Co&Q|N8zm*DQX3LFH-Wc;6px144g
zn{5cA&{a|rR3!9zu@jAq9SBTe4|A_H!*v>&dwAB*h^j0;c)qEhd}{We5+W)AEcQmA
zZbw=AcYr#Q6j&1eDGdQcY3hzbWo{ar!F3lE%f?G%#@N3VLGTW|yMrLa{H+jZ2SC!>
z`4?X*v_|1tGZPn$O4SfchngPq3wttRxkT#SVizU!YX<%c6}5VPcqRrX!SP$v4XLFQ
z$V%<BEW~PC#kiL`v$2s6*BBS$m@i5JLicCP_kWBa*ZHK`E!3L^CsC-lPzjk@(KK;4
zazaBEvv(3{S6NkxU&U&4ujmh#2?gd2Is^jdpuDjE%GM;u|D82+n1cx34bi{v30Lj}
z#sA`(E@~n+Vn|>vMyQ1j^C_LI*SY%lFMt!0!>|bs+w?uwpsP&QHH{rfe*R<G1wJxI
zI({uu)NlcHZUL^d^A3ikDRTIfc^}{S9UZFySzWr@_xz6NJhO<b))X+<NCXbkPRoP&
zK4o_8C8833)>!q69=#R;H~}rZ#z{qSv>DN>*YRksI|;iJZy{2}*7YAnKeHKZhfNKD
zoqWsuAE_dfri5MLmb%x*<6q#$34)}(-M>g)_fJjbGTbYb0G0-*^YKdJqrjQDG9GxV
z=D@(fkz0wArjqSQX`eP;F7>TGkb#tfv?xo~=SQ<Wd^g{D9PFn+wn`3}oBH%tdw5nD
zB&}g6@k{f*IM-l1XC-nB`LJMe@G`PTM0Q2)TdIsjXn&QzpG3<J+KqZ64u&OMePlAJ
zXn|7bhXIJx#QV4CgP|58HKwCH<s7b6UrR70B>qF?wkckc&XcaBl#b-SsH_vpL!`0d
zM90nnXZ+_Lo*{`v)U$9Rb(i105x%N7A#^PnwN`GM&3D&2^e}9l<TwgIY~$=5xZEgf
zpCBBAIOqj}fy?W8eGiUNLHTS<&oN4vztCTu3wv)A2fd~HW=z450|(0IEL8~L&lv-@
zU*MfE^|P74K<Z8|lW1<o4)+>1&kL&Nsm@Fw=HZM*yOfz*dx^iM)1g!J#uDmDJk+yM
zR@+YXsA-bHg&LI46m7JMX0Ky;tbb}wu%B&e@ll-!aD#PfC)bl8tw~GFKs=kF#qx7S
zU$_`OkhpfI_2NCSDQM~!%LlJT#h#~MMWL>%(%C5)4$)t-!7yhM4K0U80<rN@(EhO6
zg5w46HFP(c=V#z#$*U4V-X%y2+%Kbo^~REq>|IUk@kqRXc#w7uCZCP$BS(AU_CXxI
zbnN!%y^7RVcGg;~=%~omJ>(z3?NIN10uhF&f;?Ya_!ONzSil$@r2oB&C&OJiW*sz6
zOAhnj(KqdXX$bSXD=>J;FiR?Ty<x_z6Jd7uAjVPO{JnzPM5D2Nl*+hf$`aZ_;9K)k
zK6KBvOqE;7E-i{3njgJY>%)8g$TZBb-2O!375Kou>5YMA%q9m4)easuj4#>i=n_V9
z0-fOEcd}!GF!k}$T%Gt?;xG+~ncT5LZZPCmvM%hR;`{T{)M{0#7vp7ipUD)kf_&Kp
zIN{e0ds^2#f{dZ^0{N#u86dNOh0PM}q2UqCUgbCYZ&F|%Tvrt_aX#Wnn^_(FUeOFI
zsEk3>#Ru;`2Hh@Clst0J|5uPU181AN+4f<+9PqedkchLMG9uPEcSx@af|CB$p)aaO
z!2EFAAI$}?VE4x6Rr9Nndr}l`8ko~XUaF|P5yAJ<vxRnQXlK(Y;IFVTyejvZN8xA1
zVszsf8BZlie*W(#2>?%WUD^zT`L~q>nCaxvh}+<(jARFv8>H%wZfQRMASVRRbhSPA
zDg&y_B_Oc4HH^XhU{8Dmj?F>~l<sH3HG?UH!r%7^U|~$!_2=b<i=}$T;Uwlo7HUnu
zXA?mpoK2}Hkjw#KkC}1>6==yB^m2f|{WH>JV9<4s;?A^6mpGMH;~s*a1P4&I^~qj_
zUE^&%gE;@)l*#U|fV~UWukW%Ej8XSj93)bViQ#Y?zKBC&ONau2RVbNk=q>f5La}Wk
zxMr>7!tv@hI8U#0@1Xek)BqD4j^(c<++-5>@+c|pb3f&b{317R{`IuyXmrq@Q8@P=
z|2mjQfQ%WVmOGXmGH2#q4LY}Kl(8FOD><Gk5P_Y}kK1$n60z-jQZ1xQQ{RH#h)GBL
z%F3cNX?YChly;sf`&<|Z@_-#8)%eeTvy@jhx9zY@|21U~37vLjp67`1XJhc;Wtl&J
zx97U01LfVtvS9LInW*KC+b6ftV|+Ck)Hj&Lzt@%Juf@5N7%Mk2_P&#Ow-CGOrTjx(
z@+fR`$o&CUj*9sm8T~sgRuQCGew5`1K%)K)wJpyX61wh<Az4AOicT<&1A^FB9rOT|
zy&UzmleQiTh5xBuJx_{hU5#tEsC_aN5a%Y_?v{YU)1cXo+ftjjsuWx%65^k4rtt@h
zNk%0ZC=ERH2S`i|mC~Gh7ix^e(GNmA^FTW+NkENmYg1GM^Bb^RC-T3-snfq(-av+E
zME3$;D)F)JPjKp@%+*qcZnNdV^5Mq4G=F{Ew71}tscUpA(M=N;M~Lyp2~X>SW2yy5
zO_M4l`QU$-=xSioK-e$uMStM+<Ni7ZC$VZvb5x)x#DNsT@sGeBhVn60y}k|dKalGr
z#xF!(x3|*+EvF8=WxWO>yY_NiIntS}x<diNt5|3-*9JrVn+ij)sFbkyl&rC(#W~B_
zWpkS);0kM#L7;vT3>4-^Qscc`rCACZhV-;;+coTHU3lS2M~CPuJ<dyBqo0(OKD^k{
zqYrKR4%~b?E;nOs3*LJkrs!EKr@L8GaF8Q=;6_uB&PxB^{P!-7jQ>yM8H&UhvRh#9
z9@!6Yy9j%@Ccbf=o~@3_Z?A1`R8Mug4rG8I&|L(?oPN%(b-a5~0x$dM41F8xdMEWA
zuP;S@r}ppv-biJ*@pL3le_A#EfW7+oh)f?PS_CBhdvB=FpuAr*%xlov$3P-{dike4
zzehC)&6`-5nr?6BUm30YHX8o+|3a?tQxrqAg);=V<Pze8j1ffqF(ILOPSm%-BMj*Y
z);PFj+wb==@D%X(n%(S57}Htg1H9o`1~IsU7<B7#!)EdiiuX)+wqVxwZ6NEW6UR8W
zXv!89ET2jOuU&A)!UIGt282t#V{5;IJmXlR{-<QivJL~fD(z;FG|jy)m;T;dIrijF
zqZ!tpaYkX-PXdrf2ap%a)9x7NOtz;|no&!t(JQxjF-7-nk<B<d#||re!v+tsUt@|<
z*PuuLU7%E=z*%u|M8#KuUJm4z9dWaj5oIZC?x?S~O)hjuCxH+RY9T_%v%Xc~Q$o#>
zaE_zY{cQ2YRG82&N19k3Oc<_OgH)}@M=e#v(Kw{AzfW&xLMhRt9wJni+HrJCeIB3=
z7b(&HRKpX*!$yf3_2DPz>121;*4K{5tr$XjC~X125=@~oO=6korbw=JgYu@^`$o6>
z&LHgQQ3G2q#?Ht4%LN@wn2L9Mw|kHo`7@z(vJBM_o(U<oXwoH0-DC*=O7CdzR=6A#
zb=+NK)p*bEv%JO@(M$FVd<#`5<QDAeaK9V>xoq`f<<g>lJEJ_M9QF442@w2P6!aSB
zAMjDT!Hs=U>+$<~KZv$Pgf3d<8cwy)4_yc;{<7xMw-o@45u%wm4y=3fzaGr&O+0E9
zHVaWenD1{j;Ge15(NC;JgISIrzo__}{6j%)@e~U-t1?W9c0e!}r&se!Jn-qt!pX^M
zjg=Wo{_8w?r{0ut--Z-;{R5(?6*b)oiE#e?{?B2}S5PVNEL&*nk`mdp?0nP^K_Sda
z9;jp^e=tM}m8rEwuDLNJ!Pa)qApuiQkgU%?X4>Rs)_*WtosMXc>64DOrqt|I!9vux
zfXJ@p*^og?gaJWR`433oLtAvM9y7e_#E}T`OOFHuw`LfS`4@*UDL!Za*ztb`W@H3f
z|EkvflGWHnL~zENkr6?O7C3_(tW&{38T$!n+t7T!Gh*uN!<f|C_N;#6<}o<fu49YC
zB!~!A8I1k0qc$5eFe4+Qg#;x-;{sr&H+o?B>D;l6Wju?dZ;1ugk5kUXb^nq!^#l`^
zk4|Ygb9&Inw!5O(Od`x>+pRy;nU-l|M5+P~kk#ou%wfwJCp^5q@#J02ffI{wW>(hp
z?As|#qO`>%Ah7w~D%UuRc+TaoK-;{$w+dCh&mL-_(06;=`SN=}Y_05I*)rXI@3(uF
zUY=-d$$r?#v2K8X$PZYmfv;hsFDH_(Aq;lJ7bAV<VPfAuojzi=qf8vLw$hFKZViH#
z?`xed3ZJ%#2%YWi1=)B>#+!-cMtC2@@;$iQ5T_h#;^Sg~vamIhK}h0ly|oO>?xPbE
z*ZQ0Nv@wmuyq6>K>o*XZobd(LVjnLu>5Js%vXMKcBXma6w=FQ}z~%+g{?aG^i1Qd_
z9#)fe-d1bJgbjZscaBh5p8ue_xKn@m)0DuXr{^q{12tkzem|d@DcWM-!o~z`c-ztI
zsMVwFZPq2YF1wV7wB3MV3n89YC%WO_{L+W06>8~$owCRb;k)5HkH-KO*|v-F`(<8;
zo(+h4^TiOrxaviZC64qvveE0bX~XGJlx%&ow?6DwB2B?2@cX=qWhSuoXYr`poOGFk
z_nQ3J-ux7^&`>&$C6Dj;wM_0-APgyTyzMC|blkT9$B2}xHikv^^6dM9zx7%BptWS*
zE#XS1)|O_9`klti`j}jK^${%3O8<`9)V{uTX_Q#y`6BiA#C2qudt+C<Sq^Yzc8g00
zYW#ry<wkIc{q#FnbcfW>MCYdfHctD~X)u-HE5@AY90w1-1F)a5=+_^VEL>k;BYUA1
z)@0D1#W<YK%`7u4zk*Jd8_$6vcs|;ytbw$TFrl{ic)P&S-n^fPG50k}ag4MkOy+lW
zNay{9<zC+=rzgHL5&bec8#(%3Nu@jJ{u?(c;~O@?1s$czu+Y_`{4US}L<sK510^lp
zI<n(<<6q!!fE;zSu14eROum@6fQvdWqMT@ah<9Dyyfop?lZ+lJ+A}5C*TQ*d&0mF@
zLK9|9@DqtnOhgoOkJ1avhl3F97bf=ZgQ_p^b3}SVV1$9X#J#-U-MSH(2xC?mAre3W
zT|-s;TX(VC-4cJpc*yr$5i6Ysl|eZn)UTa%9eC)WezP+?Tci;9o1ABgo}P33rQPx|
zP$@?NqreXzCN#`ojS;@2uS{}s!grt+hutQr&saimg9w<Fp0}6usC#;~oqk<pmiSHg
zcFahSdC;2V;N+yi0Cy1YMh)@88ob%|&=NDk$&eG;EvU~-4L>|AsQ+2$eo3x|ihz~v
z;JOJf3UrCU7&X>0vp=eIx|#mzFZyUjg-(|dg^TgLbw&KJm?4z<w8exX+fm1!BbF|=
zw-Q3|rqjC+zDhJqPcld_I}!P4|9-_xZiMBg$c~?K+Hv4!{lu2Pv$eIuEVX&HpndR~
zs9y0QBuk*q@2MBk^o{Or=}V3%F)=IQ%3cxwiC+3e2#=cQ1ID{YFiQKoMh1|p3b@wl
z4D#Sd32h}8pF`JhauFQ82UIq-A%MwJx!`k&ZH(Bf$#cb)_4?ofMqi}f#Yzxg<?Cv}
zwkP+L!_7>Vi;QzizSV%BHx~#*@TEid<#UDM3=V|OMx-5&i@FlVr$P;CXfCyILrF=A
zFXdbelSP<V>k<;XyW#*KH=fZXCnYX!1{$XxT4JIpqLbb85%?Pr7r$yd>(jl7TSB7w
zM*l+I?%FJV4sP_T{9<K1g!XNtoB<<O%2-a04W9?r#WV$D2ojs`VMjZgBp`?S)*IRD
z_v=$x`CX27&$4IGYcD(Ro*>=GKcX|mr+T}JA>tAdBS#i1$5Q_s+@b6vHapfZBIN<J
z-h;tP!(#nGrI*UaGU}&QRBY8HREmqJUmYjYAJD~DI75GIsJipyp_g@s`E?xynylv*
z2L(~HMBeUutdg_)qfbxkLyz6=LwwAHUhXQ0=-}dkI$D}7Puw&=Hnp!T<iSf+YN+x@
z4r3SaTOZZpTjT}WCdLpXRlhA5;aAc!ez*h|fD3c)N{r?Iv1TUy1urV2XQ@>#V|@HJ
z^*cn-LHL2SrvxiZpRkrf&Oq3+KCj80#g$GkJ>iGmFq!vQWW!V4a9`C1x|TOwEM}HM
z7B8kpj2#^<Ojcbkv4>KSdbgvZH4xdC_<ELVlxl4?s0GkE(0X<?H5ydmb<Ac`2x4Cv
z?F6cIM*gbGfDvg!Z+2f6+8OeO-}X`1Vs`P%<KPW#IT_eEZjyoRhRc4hV09i@)BNSt
zy$VxwLUSfurheawQD<b&YmQkL8vIpcJC0J?8TWf(7QE(kgX*+5Hz^~GiM8@NQjsH;
zj5+$VBsYd(mkaWAD^*#=0+sz6K9g~ifBAVg)0eGHS6P|auOH$ARqJ`)`HT9oNjBPN
z)ilL#RUDrn^$-cR4d(e0C93ttE$cO`4|rAXL6+(9DCV+!74mD{KOuIIvA@v!W0vU$
zr@~)ZdrbQD`arPs<|Co`8m{I107mvDiHyki%=dSm9``#N+;rBwEb<F@IUFQsaef3N
zShmlgXgwd`_$#~h=lDv@2{^HSLmP!Yg(-|1guSfxc+rIR>g5XBFrb8`U*mJxfSS5=
zY0oR~YvX-Z^8sx+1)GzjxgDPo+g)38r%C!LU*!s|POFao9s%Y2VGc?^2y0wVL&ptl
z{d|j1yfg^@ikBOrXh-5usZglT0-a6g?}ruXa$1b@m440Q-j__uCLu)Z7xCO{`i8ZL
zQ@-`G6|bj3GriYyT;El}_XUYWzZTRX-n^h!R4Dl`u*XYRv-h?v!Cg}MIH=G%#iIGi
zf$iBQVyhhTtmf`pL~<J2^yDWYX0IQk{4QSzt}A&Tt@;J$gV)PlC{*4-%<!^LRzQ5E
zdSI?&3Q{P#ipt#~DQ2K`*<f}<>Coc%>F%YOR}@7dH52hm3^Jb%Q`Rvg;PSsA1ov$d
zF*tHT4-&pTOxId)$$E`nqdGGw?4K!>)bx<)Q|KriV!gR-{JCmCDas{md|zlpiWxJ6
z>!lv~SJDY!LKT?ugO=L6Eh%;|lSSQrX)`1oV=Ityr54>YMUxBPm6AI7tbP6v#Y{3~
zxF;C<66F;$u=OA?^M@c!M(HmioHE5EyiuIlWH30n1)_x-Gsj@#d>K`KDbhc9aZin)
zC5ibsSkcmL#%Ll;jUlEo!x8ymtTSc64$nZ1xAIe1VJYuB7op-2`Cf;uK(j^$rGEtB
z2aw2ywmR#4RB|eRo0tNmeLFI!(kVUFry2=uz=RN_Ec-4CKcz4xZKl@%Ya*a9SU7jc
zXcG3H^)Vt%IpYa*=R9^rpr(a0^KG<6hwY@TEQxP8NtR5!_X#M~;G6O3d`?WiJOFoK
z7u&i8z(Uxt!OfJdtOD|aY0O$9P*?i4aeKtwnp;Xr5s4WE-N~X*o~==iuD;p!HYZvV
z1!8<F>+6(bjZ-v*No2pGCs7bqWi>S(CJ*s@2^R+eNz|29kaV`79SI<G>f(nfxgl1a
z87~6W_ovX~1wP<^r^_`rJ6<-6g75+xZB8<M^h<hPVGtO?8NF^-rd2aJe7$9yC^ryo
z94jJc9qlzMEb3Adqj7PTyOTGQMsR;qiY=<nR2V2@A6d58{ysf=5q&aZBTHUYmlQm;
zc}E|l@jjtlaX)VVr_Y;q>Py7R^t_usyD{So>(;^!JuH~!L$1Lnvp;QoRD)<%p3?VA
zq0mg=?$HiURXy1F7);<<C51*F`Sop(kwW|*$PZ02#w36~a8t&ET0H_QKXL#O5%`t>
z*W05l&^xBPAxL9mOCGIP;48k<r9dfD^|)zdm4K=|BIH6xi4CXIDu!luUl(^8*FdK7
zzn@F{0(vda+_T2i%~<<3^1u-+Q&YMP=T{`(r(kSla4%@>n>p2YK=5{4Dz>r^A{2Jk
z8*KvH^opAj$b6v;!JPBQ28TqDp4pIT{-5{>e+8TOW#%*z3F>ZU>s1QzN5G!L^Dk(q
zD89apPGU4CLRzSgBOe3h<&3ol-$NP0GI7F#V`4~7<p2Nk|3(5qo@OYhlXh%xk8jXW
znP4V%CHd_zqd*Cwi6dH5ft&nk{SX=(20+~bA11M~c(Mz#bJenVHr)C)E<<oFYKK#$
z^q|2lW-Zy+Lu4PHf7T|ngZnO);xko0KO^%4cYf>syQ=i~oJBO7S$d2CZaaIZdI<*%
zw6l~~0Uuca2)eW$msMQrR9-=@mAc*xlzinFSG_u{g)=;x3kAPA?Oei4FUuIpzm<zo
zp8hQqOjPwe6qI+<PZ%isPy8@A{|^pZvk&qc_!-q848D5<)z?J{Z1d2AdAu?0(05un
z;Zy`mYnvC<t<{++OQ%XS(0hwh2>eq%(Au_RMS#OS4(R!K(_dS`%fx8_^)YbaUTvT`
z09<Dziw+>X&`-4<9B*r<0Ip^FL&%rbE)(x~aAQv%3x<zyK>)-)-43MMd=9CAhU(KF
z<m9-!VuEL9g#};O?%&C;dT*$oar&9!Ec9dG(@aqs<4>nRw2v?g&Y!ARwTDT{J;zg$
zQ9p%XOWvCTTfJZA#tS`c6}SPUHWTjc-Px7$&H3n&KpOfrTZe6!=K6UQL*gs_0MA7`
z8IQ!){5<Bv2AhM?c-_wlUsm|lE&aZjG&4Ug@Q!L~O}Z?IYvMn<ImXz|{yepnH7dTu
ztSXbEu*PF(?;=Erd|z1p28t<~=hZU<*q8wHxIHZKkXJ0h{viWg-R!ll6X3mTGI@%1
zeiCmeb3-M$RW#DCaEZs>KM#I$&7rn-dOG$_LTuIs!A|S=N}rS0oqK*4<4|cn_Rz85
z_VlECeOb7Zk)Ln+7**mqLwhmpYv8lPTIvA09JnClY>8;TZ3D&8?Vz7#7$==XN{uE|
zpP<)6)YE*&(@};SPt~YXAS%<xn(LP*XYcAxfn#~Dqye@;yLelxLrKplTo|j0yn*Z+
zylX3$KWF~V%HnIT4<S}Yy)X8Q0=%xE5a)Aa;H)N-LK1DKUj_ZuV{J}i<@{9)3vOHO
z@@qwNK1LvmnPsgQiDFUB0cb7C$KX}Udb}+3cOk6(sL|Q3%L}Ns=usDReB9>wFwxW8
zJw9*1^s#dNPh?_DCitZJx|3T{I(;ROx5rW6oXKfcB(;8CkrB;hUQ_RDVx@nJ&4M#2
zyH{)d^^K>S;j+q8yCqM>i0Gl?&TUnFP{&PW%*kZ*QL#XXkF7z@j)c*dBSX2<RpAlg
zsdeR|nhDn|!j{E#-(M!4g%YZtO)wxLceE5<RCR-)dG@<Wq3-f<5<8z!TYHQFcG=c)
zn%~8*f+CTL@#7+BeeGzfCvysc*>$Uag??tYDn`lMy<ULh;S;+RP_NhObd4uJ^hf)Y
zm95Z^x`kH1HILitbxq;lB?B$oYj{%;jAbj;1uP6YRWmv`X`eiX&^^s695$xKO76$9
z=#s3i0D<e&)b)~ijg{k|*aN*#g)RHRhhh%Y^T<eNM2=Ev_1T@@$9m_!2tB*F@O0&c
zxN}*(>f$M#>dWn%tXy8Z8|ckl$JWGZo-}IG&yzj=BW%@^d|YTH`oBxTI)^3D>3+Ux
zHd3bc`ZQ?zGKsxtX0%4e;lxb;KHs@{^r-J;SkSRr;KW5zO~1p)zS@X?Bld&aCx^Y#
zu|Ls#d>6fC&y_hd(pITtpwx(pJD;++C|6`<QjW_{&6^VqPup{jdwiLfD8JHvTxS01
zIa;gVZq9r#=1jd##`-jCvv}y6Of>S)%fIKHr4!GMe{{ZV7a@)7&_4ULE02kNT`rne
zmUEOeZyLPyr`qgTds3Af;K}J-z+_{5?8;f56d6#Xo$`#g5Z*vM{g7ebB=^h}Ve(<L
zN|)R-*}B!mKFoRYvf7GR$CJj#q`FN0JqaB5QAQ<L3sIq%+;5J>VzRRMpUqy*u#H<X
zj`Fy!74Ej4BtxnMPB1Dj5oR<x1$e;cH7MGK=L*;BL>7}09eZL<Y&7XRmIYL@G&??t
z?LM{5VBHMv8SPRaqLieCSD5y8JgAo~thdCrZ?63e@b#it$46<k8a^-R3E<+svmd|n
zQCSOaTbR`m*hhZ+I-_R0{ChAPvRZcLNBhsX1TqY=yeTX-ALXyo<2q4c{QlTmuJENl
zAope8#OkW;x$LnjdUCnEYHGdS8fK5%#WW7Y^>!n`-2_xOR#rA(Fc!%bJU)YP46GaJ
z6D-S(rLu892JSJgr)IYMm@-eFIXWFx4=TEEX>37N;R8Ad2p@Jr%36NV@k!0<bvhPM
z$9vYH57T}4DQDg@m#Nd7{m#a)u3+ENuVrG-&J9%Q09sEtx-Q#IOIvm%Rt7p3RMdJ|
zlk2<n7v3_+i<(ku?dllX(N|Fss-N)roj%^jAccsm4a^?&>3M20*6F6&X?Pnm`lS>@
z7QBmN)iUdOqBu$<C!^Q7=6N*bZ9b&J4XFIpmq)QBJQBCmmweR4|Nb%WPe^E&s9e0}
z_;P0fa&1pyGk43&=Rf?%%rV@Z6li#~$Ka|uf_PatN0~L6*>WZW8*nUu6xUAqD)91Y
zz{|J0w7cbFd7;IDS=&2BTn;;};_&nPK+oR#{XW>}S;5N4=*aogP2Aec%+t0~-@F?W
zZo3Ko&E9T>NbO|m^UM5?YJo6}d3&t+vt+mnZT;;lg|r1i?NdU{p+%xG#?h3cMJkDT
zD$t|VLExXM^N9Jyr?_8YE_gvi<p-*w;#b3O&FH?80_Hp8(}BF-sSE}7Q>{!J{s?`V
zH*HImrd%yBiq^mmtI#_HwX+(I>Uk4RpMt-)J<&j3UHu5gubZl0E=Lth;g=#5>w>C#
zKq})57FH)6!d1AKg694uBncE38a}NinRrZL%oh&C1r>G*1*9KBFYUsZ7ZaI$Kz3V>
zu}+_J?NFi5%fQmmz}p2lJi@ChsV$=R%(;3mC3p`no4KuoEf)Ill%Y{;KWAs{k-lKl
zfdZo_>(ehEyu_w((U2noziin%J|&u>IcArU9mqCbms1{D53E29&xP;JfLBiYM}h_B
z>p|Tb13r<ph)i<<y71!F%DIYNGj@C?khe}pfYGLBmwQ3M3-s;&P?b|#jT>;VtEZZW
z^j6Vm9p)DQzy+oPDF0mvAt1d4tkYK3Yb{*$4GrCHw++0<t!0;|acTp6CH%7Zi*P+@
z7gu#!z{ltV9r~Qam;f15{XUOE0rjbPK@4KR%F2D?BgN;J)1_JvXyKljsrsafqcVi!
z<XNlXsB{ec@qWTjFOvnGy}A*8oJ*u}1~KiK@zz^#Z+Y2#;jg=ILmpeLo|LStM^<7o
zngl)~>e`&1o49D5$+hKik&5Pf)Ndtf9aovGUZd`Ft1T3NIse0sZ*kyw<auU#bo(OI
zu8k-)VaMPw(k4SX!NFR0+R-ve^jwc!=iBJV`P{)(K}T7?3zqRkZ*iT<)tCAYwXNP(
zY9D?EaKG|%b)Y-Sg~B`vn!^mw@xTEQ)ryvrL9PwX^^I;WA>*Qf7_#q_p$(&ftLy8&
z9cGW95m3_oLRBWFVYJ`NlN!Vto)7>YtUrk8ur8OsyChX$)udwg<WX%u5oP|IYA@%Z
z#^VXf-7g&I&pPh6s!N57YdMQTzVWSpY7p3$Jh~3uIn95vUE<otJYAqMHs$_vIr!Bo
zX**;^k^@L2g&2I>s7MJY*yHGQoWs|^cgLV32$XU28R^MbU*|!fzh1)$p{cmWjrp2H
z+vpe0*rjcAq-p-H9^W%XGQ%&6CqA{A68R*shaZWn9nPyj&IBRT>K&+q4R|_3n}RBc
z@ie9JC%f}mHwVC|*WnE=spe#k*mf>-Ss`*QE8?IIKDoflKe?xop?;bF%_nF<Nu7g=
zVLWnIYOqWH$@b`w5P{BW`NI6RC%9hq;VDDRY(7giveJUcRzx?Q6Ld~Q0-)G!OjOWI
zhz#J_UTXd7x8}5H#Pa=CiL<<HBmvktfBW%fW8ahc55E**8*;7m7FI;Bt4$HZ`s@9=
zv&?V;cft?Yg^(Iwy}=<#&XWrL-&@GUfaT7YUnawL0)7_hSjXme7vhKw3D`|wYZ8#|
ziT%kTMVOV6cf{|@2Vh&ug^Ubh2(H-qX(^h{bW5L6EdyG`+DYw;s@l!y_w=t{i$tuF
z^6L}H=vf$^dqnjq4xa7tPG)<X3%uHWd~EpYk#>v}JYVt#1e?DCtB6no2WVe}bRaUM
zV!LeJW(d0jpA`D-8Tj%FCytN6kuz|8`-(uP7avJ_s5~EdIL;_LkK9a?hFVO+TWo9P
z^|)jDr)?u+ETa47rs`#C$%6uLh?mS@X6WeH<ZD^#%lQ!=V@;U4Ei?aox1fF?p`9c8
zYvxhA<}&Xp-oieD)<r%5pwz2_H9fCsXq5Lk;K_uNx7e=<$!--Z**roLwA)WMAeiyG
z&s2;MVyETTV8ZuxHhr;4X4Z3zQ-*dVVWsoXprKk$=RBvwkJxAb>Cot+92?$aCeGTD
zMXk0_xsbV#9T4*~uXc?LF99s}7=#Ax_01`M&s7BUHf>4O*9M5w6$_gkYj7yr+8HAQ
z-M7_Rcp-#tcu}d<aG14AF;m*M&ITqXQx7^yqMFYyrn1Q)2{ZI#wr)q0XW-_q<2hbJ
zCD&_O>cG#)n#1n;tSVJS;q%MtdQC20ci%G&9fIYC2$7M^#@uto`#DM?9IT*IM*3~_
z&&IdHBbKF8o`vQHn_fOjfC;3zD0)+{7j~+5<n<%{#h9Ic)qO+0{{+q^WUPu`aHU0t
zoUy_KRj7pbUOB_k$hF<$_el#onjRaec6a<7U?Xmv{paO34)#G^L|q!Dk3T_~?jzsM
zf7Hz1)KBea>w15R;7wV3&MO)$S)xMOlDk<lcXkw>p`^^4(l|O`?{OIsaAyN8KC_g}
zES#*h?#i5i*(tj5%c-rlx!J1Ci+}5rJryBCL^2k2c|CLZ8ehg(1zMg%)NQYgdmL@R
zPQ&hstVoGn1zfF$Un<xDA3p6EW!tWJ&!#yPy?D~Gf@%^OWq5r%o12~5_<w!2Q2XoQ
zH=5ertf%}WcoM0PJQm&aXW&oobgpCFdLd1Ez;G!Y^*&B=YHu{9RO3tf)&O?$6?B*u
zJ=<?%?gox3k}MJNg&X{^oJ^mepZ|1EPC9-)=cC!(`Zy3VND=|!{~***#dhU($ey;o
z1gxI7T~mJ;am@9#bo;s6KQkZ_3lxYHCepbr7wsh|p|VQt9qsq@bFP!nv`QKNoETb^
z=m|!w$$9a(0Wxyc1uWk>!X<0Ix*TW3+53?}!L<f!J4esa5J8@_<(c`5<v#OLGW@Yh
z*9lxL)xRrCWAE*ly}I6XIgShOD865tyY~Yz7Kr4zv0c+1D#xTWfAC}FJx<@BwuZ!W
znovYPs`|P}SI27C2m+s<gG9y+)$AU+Ldu3py1c#ZKl2kM#|{AC7%Ka`K*H8n18NMK
zQKB>RnVeeMURI<1H3K5MyHC5SqQ-{KO=S4K*s1%myER*RFWvPk)0!h~^vo*ilp4TU
zhB=$$BtcYyDRXul_`5k|r(cHpV>*t$N3@5u;WeOkd8p5s6<2`_<vR!@2z-bVTbWB#
z3<rOsvG5Lg&LeGWT3rdP%!rV&)5`Ix8dJCWh&52`q1tT8_MH+**^9zR20{=Q7#{@L
z`ZrvBPq)tIu#1V@i_?g#lVdJ61{vNTq5SSy&7Hlj`#eA8lEUB%a}nbZZhpR11oF~C
z(HytoWnHcqZhsX}QdbMxtpCnRM773g^3vM!Kia$UucWsv{!N3PNz+XeZ>D5cz8sKD
zL9Zs6=1^K*yAqb*C1)*7O~nbZRXJRT%pp_L?3q(inmK|rS&0f^j^RLIqUOv45k=qE
z_kMW)!&~pCv(7&2taZ-b`?L32pR?E5I}Vx%YQMCg^LS%Vmmc4T2F_)PE)!jd_}*&;
zS{itqZ(L#7U~$J<C0&wK>wU9%X>~w$vZW<GX~rtyauLzH+wh8^Q`M?<5o>Unz;JHV
z<axZw2CDuJEtnvKY(ck^9(3bWe*5FsbrPk11wg|LYP!O<KpHWIx`I{5(N@+ldPn+C
z#?<*2`vCqV%ASehD4&zecE`S%Xc$@467D=~I8q<?@D%`fUoClo|LFc7LWA-^Onp#H
zG61kE@J+G};A22m5CDrX{y+SWsNib{1PGaL=XdS}>jTEmf~J+~<s}2aL+S8U0I=t=
zmf}Y@=aHQLY%x>(7`eU;SQwJY=5WMpajP|q4FD%`>l4Fc>kPO>1q6tFTGvwZ^qf*a
zKo@*%MFrp+i(~MHP?O*L;V6u_-FI>(ZND!Qvj~)Ya61Aup>TezONKu1>o}3k!^c5x
zEx>E;c_g!rw2&|V5MR|G$rg`*bXm4JGK8}7>epLU8)+WNRN1DiLI@$ABx~JziFQ^U
z#;h)Kwt)_+aSMJ)2)Vs4wpr^|XWQ4rjBtMaFR#6|0n8bclqq4)o7_B-CKwWvzIl<S
zw686)Q^Q=7^lcQ%PtlKU%fhA{^h|~)TU9uURoh+5RvQAZ<u%kZ!rxeVZm@4^cogS3
zM6&9Hul?JKtMj{zIbmpG@ycRThqCq`M@bi~q}ejsSy9F<o2?*NsQSnYDs@gLXs2OW
z3Y#RgC@~FAZ;qW-|E)*=Z0gKkG^36eK{0)eJ<mA0g+sOm-epflqPQgAUFyb5`g-2v
zd-zLnS_3}?DywYtb&_Q<#Qm6RR8^&(2HxgR&E*0@eqcm-8}CRokJT`U0T4H^Fh9a;
zB7$iEZOOk5>!e-QH0=r6)3>xPzcwUJlU)1i1%<56FL%>}^#iD^kHPbr!|&+1wY0m3
z-Yt)CLwwZgW99r3Hb+M~b?PtShd_47TDeQG&$0dEdv23`WDVD(b4v{owU*d@HQ`@)
zmqu2DG=NMn9_S!TkeOH8OLp(5BJLPNx4CU|q2jO9-;GTsE-U+1u1b0qMnazN_v#nC
z<9Hu|29&+}o5$GV>d~BhhxZ9~$)dGp3E$kA96IWnv!gEQt;IwnCN$2<D##ec=aOn3
zC948}&N-Mp0YS&^Yv<3DnJQh*anvj9C9ogZO1`b|XvCHPjoUS&Vrd>%c!!}$c}O5|
zQq+-!YqG%u;W6*z5eC{k8w<xm;d=caQ*HsX9k}yDh*aIKL-Bd|W6;FDJtEoc3KhQv
z!1laP7>B%7_Hu!hekEXLp{JI0hO2F3Yl+L{e-?;mKL|s>?z*lYQ~h%?v|bG``3x6n
z1}oqF*yv8X82{;lMv}$dS?AhuMsKbhJA_Eq?RpX)b`iF<y4{Z}rq9J|f#|Y-1piFO
z#!~fDPN5nto)`KYFV7Kq8+z_T6aB0v(ONipqB&FFN@YNhaUiGYlMkKWt3L^OIoOFb
zae<L68leGaI8mw}g}E@$4G0TbOdR?mtU@(y{r2VsO5Z0;K<J0}C>qSC4^gYlm?xz1
z6nW@K@nV~sDa}w=**hcSnn<INpBA3@_9;K>vtKTlcQ1v%k81N#zfIe@^T07^Pg1z1
zC@^R(zS<R4;${(@665U#He=F9m5{dt%Og?tX3onOaVqlqpO{#GdE8iYQzgaSh1sFG
zwAfr})b%DRdR$h0&{R7G^dfcKJ@v+Md+qI_im~&XnxHy91Cs}egcyg=#gyHO&Uis8
zjb_x_S#2aVkLBj3P%-R#b}I4|62cvP`~j5qDmoBKbT<U1+^AOnu+f6@eih^1(?;Yb
zN@e(j$oc1)E9thJMG_)IS7y>gY}=xOgbsp@fpnZ;I%KL1EX8SROK7$0adD#m85e5w
zXV!H=m0xu^&vs=Y<a(BFsW1waY4;D&_g$Hls%hzp;QxdQ?bt5mab)HbLAyj@k`%V3
zp2?A|ejA-A6^iP!e(xifMQgb1%KgTyFLkXkhP|9A`0<+{yE#=mI$ceXY_rIk{u(dK
zR(+pvhC(13c<=-K>;8>?1(`y=N)^u%#tW73BucoAG&|qt-$a5aqo&v^urJ|U15;5X
zGXl!!U-x1RFI~otbMyIT1lXw7y^}ryPKON&!9{1VA3FT9S$qqc`Ma_g;cYbTIO*&`
z%Zj?~r$6{%?7xJnaCqN$_y4?MJdgRY9xOcEGMURJ7R-Hn+-gB1ya<+f@NW8<ZGRI+
zhkrWMLvFR+3pKDi=w8-3n~8r#X~vwp115R|)S7@LBKD&A7f_#_=F{`;w~EfiF-{Da
zdJ8TU*L35a%j*Od8gc5?|3n7$j;?r#NBm6ZVkI@<H}jSq9=D9e95HrCJ(yuHoOS%1
zLsl|hH(^i5XW$Ruf(v!PAPsDqzutC3l6AT<IjYjv&F`UFrcY#yd4o?`1f)!y)$MpX
z@RUQ})JDowKr%&WTbf^V#_^K!BQ((=RWz5>JI}fzxUn*TuJKV_4>wTSJTZxYXu~=W
z5_?sGcwJtO3{mLI3LUV$()$D-MQgoEk|%o3hfr&5DRWQD2E%g#{BsaC=<r1l=!?>p
z0rP3x{)Qzkh@efkDb=|MV-wQzX!CbwX?ZRu%{Rlj4l=3{p4p1A%AQxP4eyIG8eSWX
zE1725Z3DpPjB&{PKE+Tq;oT*M_VnS_3jD7dm*u;5ZeF!hxe30NA}s+ABUMwo#VQ^!
z!(Iv0gHl!nb`St~T|8*YwdzxCDNU*=g0KA$fXRaYJi?vj8C^OP=Lznb>CD$G(ls+X
zf4{?Z?kKnnc(ne=J?iMjZvXPdR`Op7i&_|Dm}e;k(=~t{xZeDugSmygKYz6;HB11C
O00&!V8=AFe;=cgN+}$()

literal 0
HcmV?d00001

diff --git a/docs/admin/b2d_volume_images/verify.png b/docs/admin/b2d_volume_images/verify.png
new file mode 100644
index 0000000000000000000000000000000000000000..843fa126bf8e7faec4c42cebc3e621a21d7a4366
GIT binary patch
literal 9581
zcmXw81z1!;*Ip#0Ejm@w6%dh<kP?uVRvKZEZX}kaLmKH?Lb^k`k&s#%>1OE#mZcVU
zfBe4hpXa&f&YXMZ%sc0K@0po<!_`&g$%yHQ0RRA*qJr#40N@@B0KjP?!oAbHm*o0=
zr#Mqr){?txuCK2j9UblO@9*yJ9vmEOZEY156=8X7;c)oo=H}_?>G}D2U|=8&2D`Yp
zKq8UH$Hxc+Vtadge0&^*LQPIiuCA_5O-*fVY%DD;&CJZKa~i)VWt^X%UszaJSy}n}
z_itfg;m*zu6FzA(tLow5;n~^Q-rnBH$;sN<T0ubp7K^P(&4#P_w70i+b#;Y@hc`Dj
znV6WAl$G`M^$iaX>+0&{<YbR;?p9V-)YsSlnpkg33azQBNo@QZ7Mg;+xk6*Gni^^$
zAt8|wk=rxPS2vgW;bHP}vVwwwfByUl56caWs9#)K{M(v=r&PVWe<&^a*4n~!dIwQb
zQan03y1xs@{W^TfXVWyh1K$`wI@(RHACuSXO8p)lp549=pDyWNJl>mmC0)F|yYJxO
z;N|IYxVJ-UxsjQX?);c<raAuP3j3krwzniUB_(-vaT>O;VPv2m9~XOY0PoBSc>~4Z
zX*D`TZ6D6J_AX<q(?jQW(6}Z&kovi;?VX+DV<Cmg`k>(MiA7)>ni+DuwZ1qvGZ88V
zm>;gmZyN~?jvZ>qj!r57CTy+m?CkDtPIna@9xm^mTz({fx^#drYDN*`;P&m`L<a}G
z1^~d&+qa>!A<3<h>WzsZiKR>m8PixI;mpE@o$`?z*q^TYj{c3wCgjOJ0O)V-JGr?q
zF#mTXWpLk^lEVlLhi|R2spn?UOYOq9r`h%S!S!=<bMqU!;iZ$h9^=8(LK-%(!I{~i
zl>-6Kq1NeB!TVI)1Wy0}ejgv7s=VB^Fi5T6D+B*ByOd7d<iA(b*v(7qV_YKa8P+Z^
zhts?{rtEj$Gfn@-TWXK7A9NC5vRB3Lvjj2#CT1730DzXCF~{5%bjDHNe`EK!%vP4`
z&rc8kjt|V61)m%v006_~A?!4EOw=)@HqGYd0@)O*m}L7tx4IhuP|U!_l_UNnA}Z^y
zTI~4%3FeQ!s=ZwMy9MCnEYB~#3k*P1L0H{9m-4&|0C*~(C@ZD)4d)=bn!KBjRQ9#2
z%k!1>Qyj)z+a<KO&+FIjpBu8na<rdQNoM};b@ck#9|4IIvAJYw?-&F_E_<-bkKivH
zm&M2+EBzAZ!^PkAegKol{QJ<EZI|pfYlv+%Y4xIPt86Ypt$`JE=mBF@qQg7TY$xRY
z{@68{K#=(gj2UxWh*G2@-Dm|Og&$~mBO%!q^Y*wp10PYX9yLdu!X1)^sxHVScsWyB
z9U6nVww#?eTo`Dm5{U8FaF2XbYg?w`vPRgW5G8IoTjsu{5d2e{b&f`sG%1RW)}JIW
ztjXP!)aH>4m1HFIYIm@r+pNFs19eksdix(|T*<CV^EVV1Z$Xy1{p=U)x<wDJzHWPr
zUX6N;3cY4f`7+Rxt~Mo!b!m{tj`pO(rXkn+vqD(dt!`ho#1~ix<aW&a@b~Y_z|>U2
zACK-EXlBHIqi^ws2a2hGv#I>1`#aOij79kJVC`Jzr0;;~K7>9NGb!KUV<6d%9poc-
z7dIK=d_AL$Zn}Pv{N8J8i$c<;;llU`f<@UQZeetxTc+Na+x^g7jmb!}Nse~ij_WIU
z<rISBOqivXzLvAV!tI!*M-kQfBfLM)>C};L;FU=0I^)|s|MnHOQB=FcYmsx;)?UsA
znn=v#?inF!1!Dsfpk{7M7vY~Uits5|%<B-&#2DNra!}`aZd~S@{*>^=*5)rQqdRKd
z^q2<WE6KhJr}<2g@;i2tqI9&(ufUmcg6DoMiUo6B>EAzm>}TsrOz9R~mX{_H{@$}m
zkP)FYZ0ehhn5JZ8xB6bU>4FP}c8U|`#iRz^rc1oPqW%d#GFh#3*JpS%ofk8&HU@d2
zIXG+V`7zqw0xRC^oQk=;U7-b|8_+9*38AM~7x~Qb&#P<|>6mL7rt7u)>F9;n7V7er
zQoi8I^xHFi*Vn9xlb227lc4rBiTkxyMG>QaKzO~lf>_;mVGfsz-QD?9;z*Di<7s3~
z7m6yXJMH5uv6yT)w>>|u8GVzk+hS?AFmMxgfm}~DeSGoU`{ZDPkBSfW(GHDT?29u6
z9;UqrULnpmRKw2wpnm8VTsw;n(SV!}78zAZY|jmYsDCC(&l}m!s36OlTmFg(4>A=D
zlj-5=+&f?9*h2SHTS{pDH;Mx~c0ldS8y!ssefP(Q3yM$P@e;_g9T%!*4aN@lk=L6z
zksSE<^FT>UYhLzTUi&|n_w8)od|S41G=K^mU->IgveNp8Cqt6ELh?ld&%MuFtxPRB
z6Xmv_#35Rru>0EV#T6F&G3k8)ZAoB{i`n$3T>*aT^G}wya~4Y#PihDuqfQ{L#rbpF
z>d4C8WsMo(zd|3&jJ-eBBj=`e^#v{R7VBp}xX`E1-6f#>h)#DiIKIJXsj_~r7{wM6
zp(Gik!2X3F$T0Z!sTkKInWQaM(vWmlQ+_I4q#0Ccj)0ZwEv8Q{t7If+{(Y)>Z9iZa
zkHHuk0e($$8@0R8Ffr(SO~<S9^+kHXuRjwG_nYf)EZlTQU#BR}5H}Qf87a&X>ptXh
zFuz7wR+r5XPea6j25+o~+%)GKg#-o9N1{a26$2EWy|im0*&cNMj<QjUw_YBxtR;E{
zt7+A-wp}#_-1n(r2Udxk<{h^U;e>epkGoEf<(wEi&H6NUm&!$7Kl%=QE8NT%lr3t_
zQE=}EWB-Hi0fA`sx0L=~^cDm7+s`(+nb>iU&#J!>1|<ccXmN@0r1=bFne;1|!!WyN
z@xa-n$t&fL8d*(Tdei>BRT`nU2mU{WuX?C!B9-$U_l3(xN(WD0qC}R4o87d#ylG3n
zdm5?B1_!bgI_twg#+){~WN=YUomg}5aBaNDKFEH_Nwsh?TI{pvT2tRaR{W;zt75Z0
zu0lXyP2Rh?E|COS2k$K<15bL|$NZfgE3J=(1q^aTe49Lx+*NL7Rx-2q`Gp>9aR?J%
zBQ2a+YyUnRZx99e`8N6Gx!}%l@aI?IGd6|meqeq@38s6hp>Ndet{MHqLv!{hAh*+O
zbbNEZT#4mbaoDZ$Ll;EYC)4{5n*@7ZUz^>Ak#+)fiF~zOa&an`1<z%X-&(jceocgD
zYm@;C^*Xwdtt<}BBm%J9=~huGdO4HmKipNs-v>ObvX&CmqrWR!^Zy5VEahVNeYM3N
z<8hiP??<mHdZ}#8O#!mn5AA?BZW50T3lomLtBa20B5Q;drn=w8nGTpGQIB=eTDHQ8
zA)eP~M6SVHVFbC5=F~awWicOrDCIsyLxhmO_!6)JF-6?eR$MH}hnSWeT{N5cx_!>X
zY}yD~3Ut8EdrM?4|NVUd&{$s!WE{2)#r)dmA)-_9Y9rp%V@3jx4?B|swi~=EcXiYP
zM98;4m7PSAF#49qUVWt>9CTy<Z`@-o^+hGpQc`KcQ!Q=3n7ywCOzd?AMeEJFsUW%p
zMkWTFb##G#$HGBGgn#FVp?~7~?yHcTc@n;}%3kSPyS}DlHX7>Mk%UT&HZ^J46n=DE
z+Mq_1yJfm)CQ6UGElntzOTwu*A{6)QcAJ~7Tiv{Ze&d9wN`eEauOH}5Kl%sz%6<2D
z&9RGg2M_z3f5;<8xk}?;+G=CJzTa&^ciAW-6l+AwqMu%hUge&jLJ^~ULzf>(|NFwm
z6LqE(SUuagK*Yr8k((Vo9>*nB48oHa;OP8<=x#EIuzHXXiyQsK9~WQsIH$Ud;J5h+
z+ld|i^{^jFb~#LWy8-p`v}q~(%*{<^c*JHVx_sYRY1Un<M(1ZW_qK;tI3{7HuCIh`
zXrk5P&&$}H@f2uiW_rV!NHKn?aLKQ{deO6B>jnXE^!I7ca;e_2N+7m=`Q5!v?zDry
zdnNhfA{==mB?UrLRKx-#?fAp<ansY5yPF<2+ccx_l^9<lBT}5Cr)!X4SvDyg8NKf4
znCLz`Qw<H8#^5dvp!L3AXU)@Bu7MOWTjSB6yB(ixzI#Ug=uHGbk725=++qB%kJ4kO
zHc+ilq9LN!EO1IbUT9NK_TuapIoNgmu}y9JOg{6K?CqeteQ|lrBDN9R9~0g2d34%b
zzG-7KRst(=CbQ-UeAq+Ple61QrRYaXF0bCn0w#QVd?R;8WP1E)t!0%poZOLUO*Kpe
zZ;+W`r|4uPcvqQ)l;dc9GvJ*h&SURn-xQanYa>g&GxO;AYvAn)2ju2!+Y|c%WHm3W
zLswGv`~6QwcK2`?GLCVoV(3Pl<U5}`Q4`1|SSb1M^vD#D+8Ojlul&&93<x4$JaIvF
z?8v*ySs7<xLs2p}F6l{6Zk`sZ>jjuD2UxgeD1+!P{|08TV|tcpGWY;Je0-H@Wlk##
zkdA;yCFHS%WH=98o7>XWo*{sc8d1!NB$AhtIGaT`-~vWI!QquQLd%UGe-z&lkdKuW
zKZ}9f><=w7R@9TpI5CVgV9^~;U(KynL$YZIce&x6At`Oce|+Cmd@%q3R6p4N=>eRz
z;tece0U1y!ST@M<HWG=%uO#y#xI0+^cDj^LFWJXlGs9IQk?B0b(V<c}qp%%)*v=e^
zpaPm4ihR98`_B;YW7zG{j;F-pPYt2WL`gM*)tksHlyVMemcG%~h<WtR^PQ33CdMWT
zXU9`xM}HzCX`^8=iT3#hAw^95lNheNx6Lx)A7y8=^FPEqjUPz$6j37*b&?mz537*c
zPf(S6j<5}Jl@JqA!;9_tfph1~g7#@~VDrL0c(33jvl7x(^L0kPKd8{+C;6Uz<wbFN
zpGP|ef2e?#nNf$JoGb_a=poGZ=F^-cC<EHDcUaau9G3M67B*8W6o}VK?W1H>K>lwY
z*&MGMVlU%?RSGG_?N7hbyOwjuy}k{s5FbjNk($lgQeMfnf&Fj}k+@Uf=)3v$C^Nnz
zN04nZvEFs=)O>||Qx2qJPf|T!vyXnRQ~#hYW0$!u<L>sA@$TaL!wMRf9-=kLNYD5;
z2hFiF)2OkD`}XSt(&EpoM4s(vySyKBem^#}9jQnzVovpG6ae)UI17R+RNnsw@4sar
z2lc=R^30VS!+RH0GB%XjHKQs2t$FHkOfG!Klfx@I%j2$+3YLBL_T<*&Ash})Sy9Nn
zla)&UBxDAuQ&zY`yYnK{MTp55+fc$#AsK01-5|#Q4H0+`FoP-nEP0S275$rq5*Mz6
z#hzdQIUj}vzk@TnC_O%C$bQmlOMEHqB8NBmtmlP!_APAaYW1^NOC!wC(eFy=aCkNK
zv{e~@{rs!0pZ2$ICfTP5<S=ru2k}`fqJl82=~OK5Tc7;7SYXAPZ>KxC%-|aoYD#|8
z*ynBA+JiAlkF6}232|`DK`OZP6uhEGMHFAb2V)^ljA}K~nywN<P!pY2(A+7WM3D~3
z8Ilbl&mF^>#b7uY5XzYUX)vRX^NBZE0i0UG{AJXrHwT#a+9+8o#Ho0v^Kk6IXjX}-
z_Wz1_<-4<!&R5jGO97y#P={(Bm<*(;gXn3pf^k;w28l0D@_K6K6n(g69GPvF0?$U1
zSOj_`UyLN<)wy7zbT=EGe>%f=;1tuXgE*9Ilv*6RhD*4f2=YgM%j%_!v&kN;?YtsE
zz{YN)7JMIw8MGS{GQm%MrY{m+G92AxJ&paHURq*}b?IcI10xU+sz*Bi4@^pP*zn${
zie47&M!=<opJS#ZBu@<e8CTOFmO>Tiyz2Aw6c~alV-Nz06Jwxtr^X*dqR(*64MeiB
z*mbfoHZ4+u_l+#%0vRzkxD>7{LcjG)0!Y@?tOnj2ZGilEU}l_-%Uhb4_gSgtUJ@t3
z3FEr5A3J$w-3C!c0I9$drk?I^d+sO0=hTR*2i(UUP7P3h6W!mojIKeP4wW0%KHWTt
zy0f$EmOLM&5wd?y(i3b5lwkA5RpF17*_RLvjIIVzW>0ZAns7RA;;_4#bvl}L`tw$=
z&6n~QWJ9m>pNf2WgM!2^Xd$cjs;`QBEhXE?S%WC0iCA0p01fq?B5ND|WNE&ftY_}~
z{_Ny4*9miv7lRmmDuBoOy3%m*EJ|5=z&yTHf^`6UfDNE7UDHn`{Wugba)l>AQm$?i
zXrcY2g_cz!^ktEb7c?jQ2^5w3c_wDVB@Cu6>O;jSe=71D#0fiT^1BurySmdhe*nAh
zL*1u&&mIIA6pwkRH5P)yIl6XGWSy!X49_kO6p8+e?;l8ixjXkqU#aRmbPTK1<J2W@
zwS*PQY|Hbe+>{-r`vhL>ktOcp;be*@W8|$KXa9PdeUXdsNSjNeq&32E2^}V%{8Q>W
z(!HruQ$l9{0~#GS=fNc&1M^zk8U^X3r~}=Cf+dCy_!3*E;HuYU8_F&7&y54$d`%V4
zhqn!+hg;<CeA+9DdYOyo+{#@9BhY+NN<YX=ra^(ixPg<ZzW4bb?21ja5S-<_aht-F
zy~7HSX1C=v5oY&;h|5-8ZYMU~Ufk}^lz(}RsQpve6a^#j{wQi_xwlu;2D{!<qp)|G
zWT`CwvM~alDS6+a9RthW$fl5X4D&7T*vm>|4dZT3z3@z9f|}kU$q=<iN)518OXDIJ
zAF8-pa}vS}S|${&<#pt9WWyx`RAu}ZQa|Aoz9w^N+n_t54t2{Y1pD@(nztnSK`)E!
zN5!s<e(mnFr*I!z9u0H`&K5qLsJMro7=0d7s_GCY?uJMl=uD%inN#==JMM%LB=nMD
z;vOAM5xCA>DK^pm=hVCHKjc1g<9&yDIVLu|dv@^0tP&AA^mQ>*E^msK`{2}r2T7wS
z%fj>V)${e@(N1}`Vf$SJ3-ikJaX)U1>yK(8@VD#Fq7kr`x)^(%t9b@SzTa@dhvBe0
z7e{CM;s1DY;(2HN8?M;Bm^4}iLR*EwG=n@}X0m-tJ|AzU{#zaf3;dz9&H5YukHr75
z7KoqL=422}4A{TyBnvM~jjjs?jP+Is2<YWKQ7w*K6nHH%m`EVLn2rY8WIXU9IzuP=
z^jVk{(5-;3UWwJgy89#oe-qoF%bsj#Meo$!L{G+Ba(N3LrqQ}Ww{!(3UVUY{u6nF&
z{&YpbfI`Y}OndSf8uxDF^opWn5xUG+th<sfD77LsLe01fawiS_n~QoH;ZyInL{~-u
zWx99!mS0>{kc{!uC!!CiNK251yd~4tmA+5AJbloD`-pnSd%T-0_dJRSF}kOKY#3}Z
ze0K$rlA%J^{;U+K@4~bUGQ`uDNpH286)S_KmHWIU0qgygospCbeE!q280Pwub*)We
zwmf>hwwRW21+*aNt^(Z`YP(m4K%O~_U*5DLLHcgo68lGGzL*0%PJl%mEc@9)urJgi
zqZ&-`t#QXD9o(|*1fHSZ-8mZW(G5gXK+}%sUZyLZ#@8wZo)*E<tZmqRJ<doa^V3*m
z;gmWzQH=kMJf*M>;>)q_F_rPf51Lrdx2g87<su8sli7!{(c{)%uDo%Y6VU<)uUawC
ztLZHuzPA(|jPd8IDz5w;Iwg`7c6091?M2{f!#&3?1`YkyaDq|CND}u^IL3bp6#f8;
zK9P9Q?kbf_PI&BUS3A|kw0}dp9f^xlN}Nua_7N1JKQs;-%_MW!?|uM<;&_ET&~-bQ
z*&A`zff~n-u9qR3c$}1>7WvF_hWOOAhNHRF<02BXTgiL1#SaOiXuCmqNRl&Jf$cMJ
z$aLjw>fqkJ&szr#qRpfA`7VZ2DVodLTw?Z0u`O?pl_ku6K%O^Bjn-(_X6vi}k9K$5
z>&`Z@c}xCo4~isQ=;!iQy>;=C7_Wg(Nfu)CuLWg9y8c&xTPyexYBuMx2i3%uO}Bn(
z!w(hv_2Cv7fxH@ktYlupso}M<y?6a6RDbD#nK}+cP_SZ%4%4|^$VP&AA?B_rQ$jE8
zLyq&*^}n3w&BxGw$8vhyx3`}qGzrZ>Th69P1u5LRxHP$6Po6#3D@mAjplFmC<!`|W
zX+2N81{GiC^SrB74SWHa4J2vV1marzakEsF-i_lsMK;z`-2vN&m&LVX^wGXH%)(av
z*0!|Gn5zp(<Bs;m%l#GDLIjiqW$9{NkJ4%16MfXm&3{@Tq7)e-h&zo)yT4FApPn`)
z?lusEdwsKlZEX=HF(udaK-k;MpI)uId@+)}Jjb}xKr1`4Ub6k(Nq^<j-X`|hpK>`7
z=km2^rR+Ctcli0_+=rm!f`bwGx!c|qMMcHvTcVt{BuB&Zt%h1-A20MP6wH*Ide#G!
zSQ=6DqT}I}m!@>e2x^)V#31x00x3CoPx|syX~$5-OB15x!^v89I(6B8FrYn>)6%RR
zXu9~l)UwN+DFy%Hk_vkJY!sm%B~Wk_q~G5rA+(&xSgZzPMn?sm*tCIVSYuHU1y+93
z^U3EIWk#(^eEW?M;THJDk%aO2OqVsE`8CihRdrOUkT1CZR^h4^HuwAN0utice|xiB
zu;PAk<?X;|`$)`|`lCh<x~yy)8Gq7w5Y6(+og}vTqTqQuwsH1RbVCc;XDP|r2JuGw
zo-)Z$&RYX-q3zs4`l<oY3S0*v^akt8!tFJTjzPn%Cy69x+s2n|%uu*Xv`e5d3nyHY
z#JiQ%4}ZhIVj|<s`wg(JJE{rW*g@Y5hsC(PnnlMV$GgA;`%9-BU$N%=Heae_&>3#Y
zQKNlu%m&6f0U6c81yy;r^XQaz@Xr;gg!#xEqGo*VdeL*yVZV2UqUG8^698Vqo8*0=
zIt)_Lz#0#M^e(&%J+L5sy9#YOXwKbW<<t;|3y9>FrX9!d7a{W|^%a7K&l(|t-kWSq
z7zx8kc&=d@2u^zXkb-v3*2oqMLN$>uffpTMghl?o9i!<9tgRvo*s~^svX2dP-7VY`
z4GWo*MXeu#4O2#v)dIy{`QBXXN?}n8E6w-U4$&>O#*0xOx2e0GE6%YmA>jIltcwZG
zlsPhuA2Tmj*$?A%STZ1-=8h-Zz#t0)a62O$7Kc&r7_SO)STTNf+Y{%p=x;Yje|bBE
zx){=xY;0}yL2c|~v3t_D1^RS}?3!2ci)`QATsO;|lW54=T5avW<V0Obp)+kUx7R%g
zJFa3XuR4@xdIEI!rv!8jjU1X4r}t%2Pw%T289Hb;(Ry)FXzn_#j!E(Hb)JwA3K?*k
zn}K_^$d9g)yhliNr&P#HX}4THf^O7~>qFDrTvO;=^`L8x66lYHe+S^AXd{uHyCh*@
z_UCh=i5BGN60u*g7o!2_>w`&PoyVK57I4-!fk?|W=)t?vf)^!t9BUM=cnq-s`4hr*
z7uRiJ48S#rArkQJW|!qZi})=R6o-LD7~s<C1a60?VPLfiSojk<)c}&c$4{t}FtDsM
zNRmm!b?Hj&0O;<K+)r#Rl~Y|c{$!07EK5s4|64500Il-1BrnS?G~J|{D%Og!qb*kR
zYn_l-#_K!pKQORQoNQ`^4}qFRv3s>QNvkIut7nj``@2}6U>cNSqju5MN3bU!iwroM
z#Om|cN-{r`;7Y&HH=H(|#ClTQnU!>JJi*L>p8fRUxKLoUy_SRpok3=pljtTTsJ3ql
z*tH*gG^0!2`Wy29%RTE)7B4O7G43GEXLtn&xtU01qEDg{xAkw;`#A7shlUgPgZO-#
zygf^RcP5AZ#fA_W8e`B#ZBQ^@`{*)=#&Czy;MN7lZj=816ZrvI0wwu@3(-)^!8J|O
zqL2g6qy}qHzM*^mWS&Vg1!_2-RRK4SG6@a*bahC534Ea<v_ZM;HfQIMy|X=E=C*9m
z2VxEKG;}YuO&Q52nK@`m*lVTiZsloF-(=c&4NS3lsQ;w<hNlHA(G%bF*pRWio2TWS
zXBMo=ipPz*i8pA@(7ji5qqb}hs<fCm%?jMFDebBmt9#H6IyaDqh|@^Bk`tb%4n6=<
ztbLORrR?sAks;b*?q>};t=yoLzJhn%$J)SrW#$!-fan-dY0Af9LHZ@Uhc-F7ycA+z
z<Npk+JdfWD`0dE{{AUnVjXc+gAPsMtBfZljDX&8JoUQMa6FbD?oYSSY`BR^(3p4UD
z#aa}-NHOlCnsclh)&+7jBJP>>N4DwO?BaYR*k_$)`>iCqgD+m8od@U_^%rkLW@510
zoZnZxZ)Ythox>3nl$N|qlrk0bfG4RgS7e}>sPJxPJU5p9t)^$4ztf#cU;oOlbm&7|
zz|K?}4pL_TS?@EW5_z&zT}>c)S!LtI87u?KftrdWL&R(!(kMck8s5Ec8bbfTmBcG~
z&fDLlg1Nl@<Z36*6w@;8W9t-?dSeIb`1VPXs!jP}4i3W93L4DL<%?EVp?#{Elym^Y
z_2cTv>$@K?EcZ#@ZF3+_Ce&K?10$E}BR=9IVb*AGLkdGXt}E4|T!!QZ%kPyh-@p6f
z^iqUs8tLR^%hlBU=6nl|GO^7s;Z(x)jlv<L)jo22PjkjkyF4lUO{^flYo@NNKA}I5
z9`8oL&QY7Ogo~F~!fCM}aeWi7@2#PNiwhj|KJ|x8F>+dZoF{6k<KbcV97@F+b0HUX
z-&#tmj`u^t#_3`~uUpmQi@;u+QVsF1Zj%LHG=Wd<es2O|3aDlE>5l11tp+%~i`Yve
zr`HDfB;uNYJ<9ATCQYBmerGW2QhCWZd&)3ACnrxFU88SRDX8$@wp{jB(3X%826A~_
zq(fBQ9Rin)3ajKM2u92GsLRuNV(#`5Y<;lUR|~HN$)R(Joei=Um=D8k^Zg_rM#-Um
zs=zLF&FwH*UdKCYJ*kPWg{|?Dc?|DK@ed{?Y7w#PF-C9yu&ixbeF{@%N26b(#hT{l
zS7PY#F3Y9$wKQ?<`b+hp2?bz*tHxmoA&+(&Et@({H}{p7f48<2w7cAMGcz(4ta$%g
zt*B1fYr5g1bGiQ^a3DNM5TB;1?$0Hd=oYv8%mp#N+>ob$iiHQEge{rz4|l=rdF{-K
zO89lKki4cHEtA=c*Qo+$>GKmqk-lD^(RYVJ0-Sc){h>kftS^bS@5rYKn4`=o50Qn?
zT<}pVc(RD1S>5`mJ%aa^Un*)!r}byi@0;1F6%Xsl^1bxTvF%zyh=DJPE)x-2GU()K
z4{7YDm{}T6<(mgh9H2n`>*D7YEt2scP=9|36UPKdF#`Np^ZXwXXTEz<wPvNgNTIK0
zys7`^i{w09u@$Ci1w}gr0y@6tZxPB(5DW78&orgwJISJlMTvOYV4OMN3Te9HtDH*t
zPZd73d5pf2uN<tpkR9IHiZ|%bA6!lXOK!(5xV}aYMO;&JJe!O#@oMI!5{$J(T&)jP
z?n&13rp15$6J{8mcg#sM#b`kj5=lTlXoW*MCj2RpF6xQ(Hy!@3JDq5;u#2W17DXYV
z0hMSdr^rhxwM*e&QuM2~!UQ-wVzw$RC*4*=RCz(?`rn7!Fz--4^*YzivaCzXw#k+m
z?;#F1O*+lI)8Hrh15Tdf`Cq=}Qz=&jnX8ya*Cp1fNkWL3u2fD6^qg&5Y5GmJHDasz
zN&Dv<NuTJH;9XNj<@MOO3G2OvN!ic)pL@DeW=Cboq8I(?@iy5x)O57wwFE!yyHw+F
zZcCCc+MnmTo%^1458#(-G*5%6u?3vg?u9z9gifh@6J=Wh8Zj?}M|_LEy{;Q2{*bkC
znyUoP15C}$rlpNZ{5X$D^zviEUx+V~(@9b!3s9ml0W!!Bg{$Y#5R<aT)2D<Gg!T@)
zI0`#kLA?tJx>mJp5b}%$Uz?@g*?-jH&(V~66Xaz)ke$ZD47%rG?;%=F?a<CgXBhdA
ztq$h=#U9R|^$rb`M+5tto0&_6;8;;~A-op8<q$BV&r=w^)!4c-(dnr!<VaS2<ZT))
zFn7rUpn(3YH&e0O-vCDCRl%gh<n+iBO7Jt}g3V<DgKZoIzr>!LT_CLyQ&U<Fyz_AK
zMV3y7vO~M-59LCRJQfP~m10aIAGEq5e=IC}L=g>fYBUGC>r^t^|74<|xZPN;Zi@5n
zuXvsnclDW`L|1U3L5P~JxY^tRfRJ%juVF~0Hmac@jdg3coIQ2=#&WAhU;Kr?M#541
zb2vTjH`1)9s*Kv&BngFD!h3a}K265vux`wgV9p?gK0$_KdlO{$e8TI)+^p+HdL>9o
z>;DjK_oG-gYCUME*lv;u-Z&$4?|=6K8-<+f&!E1iiO0a9c`uSJc)9jY#OEM^Mkx|S
zgLe?3dn-<6x+|0!nV6X)Wijd?=8nNV1v8p$PJsM4{T+rw{9qEn<acs|H^F6|&Ll(w
zY)7DJ0&4myJp=2{YzVWknU)0LJ`#WVL^Kmv928V<A*rCNNGhdx-B5B$HpaaXNSCx(
z-%4?)Kcqg;yybNEOT7KSW%p9rhL-eYk*p)Zk?D^E*mm=3vw9@?nX^;|ODyHJ-_~()
z>_;-U?#98dqs|0%@mT-)(!S83>n7obt?_C7*yqx{T;LC?zdRmOfE@(a<leCu_*=Kp
zP2{(P8rmiev12e}+(<&yfkVEhCwBI(-am~6+_v#Owp>q4{`VnSQBGC1LfRzY{{UmQ
Bt%U#p

literal 0
HcmV?d00001

diff --git a/docs/admin/b2d_volume_resize.md b/docs/admin/b2d_volume_resize.md
new file mode 100644
index 00000000..68bba704
--- /dev/null
+++ b/docs/admin/b2d_volume_resize.md
@@ -0,0 +1,165 @@
+<!--[metadata]>
++++
+draft = "true"
+title = "Resizing a Boot2Docker volume	"
+description = "Resizing a Boot2Docker volume in VirtualBox with GParted"
+keywords = ["boot2docker, volume,  virtualbox"]
+[menu.main]
+parent = "smn_win_osx"
++++
+<![end-metadata]-->
+
+# Getting “no space left on device” errors with Boot2Docker?
+
+If you're using Boot2Docker with a large number of images, or the images you're
+working with are very large, your pulls might start failing with "no space left
+on device" errors when the Boot2Docker volume fills up. There are two solutions
+you can try.
+
+## Solution 1: Add the `DiskImage` property in boot2docker profile
+
+The `boot2docker` command reads its configuration from the `$BOOT2DOCKER_PROFILE` if set, or `$BOOT2DOCKER_DIR/profile` or `$HOME/.boot2docker/profile` (on Windows this is `%USERPROFILE%/.boot2docker/profile`).
+
+1. View the existing configuration, use the `boot2docker config` command.
+
+        $ boot2docker config
+        # boot2docker profile filename: /Users/mary/.boot2docker/profile
+        Init = false
+        Verbose = false
+        Driver = "virtualbox"
+        Clobber = true
+        ForceUpgradeDownload = false
+        SSH = "ssh"
+        SSHGen = "ssh-keygen"
+        SSHKey = "/Users/mary/.ssh/id_boot2docker"
+        VM = "boot2docker-vm"
+        Dir = "/Users/mary/.boot2docker"
+        ISOURL = "https://api.github.com/repos/boot2docker/boot2docker/releases"
+        ISO = "/Users/mary/.boot2docker/boot2docker.iso"
+        DiskSize = 20000
+        Memory = 2048
+        CPUs = 8
+        SSHPort = 2022
+        DockerPort = 0
+        HostIP = "192.168.59.3"
+        DHCPIP = "192.168.59.99"
+        NetMask = [255, 255, 255, 0]
+        LowerIP = "192.168.59.103"
+        UpperIP = "192.168.59.254"
+        DHCPEnabled = true
+        Serial = false
+        SerialFile = "/Users/mary/.boot2docker/boot2docker-vm.sock"
+        Waittime = 300
+        Retries = 75
+
+  The configuration shows you where `boot2docker` is looking for the `profile` file. It also output the settings that are in use.
+
+
+2. Initialize a default file to customize using `boot2docker config > ~/.boot2docker/profile` command.
+
+3. Add the following lines to `$HOME/.boot2docker/profile`:
+
+        # Disk image size in MB
+        DiskSize = 50000
+
+4. Run the following sequence of commands to restart Boot2Docker with the new settings.
+
+        $ boot2docker poweroff
+        $ boot2docker destroy
+        $ boot2docker init
+        $ boot2docker up
+
+## Solution 2: Increase the size of boot2docker volume
+
+This solution increases the volume size by first cloning it, then resizing it
+using a disk partitioning tool. We recommend
+[GParted](http://gparted.sourceforge.net/download.php/index.php). The tool comes
+as a bootable ISO, is a free download, and works well with VirtualBox.
+
+1. Stop Boot2Docker
+
+  Issue the command to stop the Boot2Docker VM on the command line:
+
+      $ boot2docker stop
+
+2. Clone the VMDK image to a VDI image
+
+  Boot2Docker ships with a VMDK image, which can't be resized by VirtualBox's
+  native tools. We will instead create a VDI volume and clone the VMDK volume to
+  it.
+
+3. Using the command line VirtualBox tools, clone the VMDK image to a VDI image:
+
+        $ vboxmanage clonehd /full/path/to/boot2docker-hd.vmdk /full/path/to/<newVDIimage>.vdi --format VDI --variant Standard
+
+4. Resize the VDI volume
+
+  Choose a size that will be appropriate for your needs. If you're spinning up a
+  lot of containers, or your containers are particularly large, larger will be
+  better:
+
+      $ vboxmanage modifyhd /full/path/to/<newVDIimage>.vdi --resize <size in MB>
+
+5. Download a disk partitioning tool ISO
+
+  To resize the volume, we'll use [GParted](http://gparted.sourceforge.net/download.php/).
+  Once you've downloaded the tool, add the ISO to the Boot2Docker VM IDE bus.
+  You might need to create the bus before you can add the ISO.
+
+  > **Note:**
+  > It's important that you choose a partitioning tool that is available as an ISO so
+  > that the Boot2Docker VM can be booted with it.
+
+  <table>
+      <tr>
+          <td><img src="/articles/b2d_volume_images/add_new_controller.png"><br><br></td>
+      </tr>
+      <tr>
+          <td><img src="/articles/b2d_volume_images/add_cd.png"></td>
+      </tr>
+  </table>
+
+6. Add the new VDI image
+
+  In the settings for the Boot2Docker image in VirtualBox, remove the VMDK image
+  from the SATA controller and add the VDI image.
+
+  <img src="/articles/b2d_volume_images/add_volume.png">
+
+7. Verify the boot order
+
+    In the **System** settings for the Boot2Docker VM, make sure that **CD/DVD** is
+    at the top of the **Boot Order** list.
+
+    <img src="/articles/b2d_volume_images/boot_order.png">
+
+8. Boot to the disk partitioning ISO
+
+  Manually start the Boot2Docker VM in VirtualBox, and the disk partitioning ISO
+  should start up. Using GParted, choose the **GParted Live (default settings)**
+  option. Choose the default keyboard, language, and XWindows settings, and the
+  GParted tool will start up and display the VDI volume you created. Right click
+  on the VDI and choose **Resize/Move**.
+
+  <img src="/articles/b2d_volume_images/gparted.png">
+
+9. Drag the slider representing the volume to the maximum available size.
+
+10. Click **Resize/Move** followed by **Apply**.
+
+  <img src="/articles/b2d_volume_images/gparted2.png">
+
+11. Quit GParted and shut down the VM.
+
+12. Remove the GParted ISO from the IDE controller for the Boot2Docker VM in
+VirtualBox.
+
+13. Start the Boot2Docker VM
+
+  Fire up the Boot2Docker VM manually in VirtualBox. The VM should log in
+  automatically, but if it doesn't, the credentials are `docker/tcuser`. Using
+  the `df -h` command, verify that your changes took effect.
+
+  <img src="/articles/b2d_volume_images/verify.png">
+
+You're done!
diff --git a/docs/admin/cfengine_process_management.md b/docs/admin/cfengine_process_management.md
new file mode 100644
index 00000000..be62e410
--- /dev/null
+++ b/docs/admin/cfengine_process_management.md
@@ -0,0 +1,150 @@
+<!--[metadata]>
++++
+aliases = ["/engine/articles/cfengine/"]
+title = "Process management with CFEngine"
+description = "Managing containerized processes with CFEngine"
+keywords = ["cfengine, process, management, usage, docker,  documentation"]
+[menu.main]
+parent = "engine_admin"
++++
+<![end-metadata]-->
+
+# Process management with CFEngine
+
+Create Docker containers with managed processes.
+
+Docker monitors one process in each running container and the container
+lives or dies with that process. By introducing CFEngine inside Docker
+containers, we can alleviate a few of the issues that may arise:
+
+ - It is possible to easily start multiple processes within a
+   container, all of which will be managed automatically, with the
+   normal `docker run` command.
+ - If a managed process dies or crashes, CFEngine will start it again
+   within 1 minute.
+ - The container itself will live as long as the CFEngine scheduling
+   daemon (cf-execd) lives. With CFEngine, we are able to decouple the
+   life of the container from the uptime of the service it provides.
+
+## How it works
+
+CFEngine, together with the cfe-docker integration policies, are
+installed as part of the Dockerfile. This builds CFEngine into our
+Docker image.
+
+The Dockerfile's `ENTRYPOINT` takes an arbitrary
+amount of commands (with any desired arguments) as parameters. When we
+run the Docker container these parameters get written to CFEngine
+policies and CFEngine takes over to ensure that the desired processes
+are running in the container.
+
+CFEngine scans the process table for the `basename` of the commands given
+to the `ENTRYPOINT` and runs the command to start the process if the `basename`
+is not found. For example, if we start the container with
+`docker run "/path/to/my/application parameters"`, CFEngine will look for a
+process named `application` and run the command. If an entry for `application`
+is not found in the process table at any point in time, CFEngine will execute
+`/path/to/my/application parameters` to start the application once again. The
+check on the process table happens every minute.
+
+Note that it is therefore important that the command to start your
+application leaves a process with the basename of the command. This can
+be made more flexible by making some minor adjustments to the CFEngine
+policies, if desired.
+
+## Usage
+
+This example assumes you have Docker installed and working. We will
+install and manage `apache2` and `sshd`
+in a single container.
+
+There are three steps:
+
+1. Install CFEngine into the container.
+2. Copy the CFEngine Docker process management policy into the
+   containerized CFEngine installation.
+3. Start your application processes as part of the `docker run` command.
+
+### Building the image
+
+The first two steps can be done as part of a Dockerfile, as follows.
+
+    FROM ubuntu
+    MAINTAINER Eystein Måløy Stenberg <eytein.stenberg@gmail.com>
+
+    RUN apt-get update && apt-get install -y wget lsb-release unzip ca-certificates
+
+    # install latest CFEngine
+    RUN wget -qO- http://cfengine.com/pub/gpg.key | apt-key add -
+    RUN echo "deb http://cfengine.com/pub/apt $(lsb_release -cs) main" > /etc/apt/sources.list.d/cfengine-community.list
+    RUN apt-get update && apt-get install -y cfengine-community
+
+    # install cfe-docker process management policy
+    RUN wget https://github.com/estenberg/cfe-docker/archive/master.zip -P /tmp/ && unzip /tmp/master.zip -d /tmp/
+    RUN cp /tmp/cfe-docker-master/cfengine/bin/* /var/cfengine/bin/
+    RUN cp /tmp/cfe-docker-master/cfengine/inputs/* /var/cfengine/inputs/
+    RUN rm -rf /tmp/cfe-docker-master /tmp/master.zip
+
+    # apache2 and openssh are just for testing purposes, install your own apps here
+    RUN apt-get update && apt-get install -y openssh-server apache2
+    RUN mkdir -p /var/run/sshd
+    RUN echo "root:password" | chpasswd  # need a password for ssh
+
+    ENTRYPOINT ["/var/cfengine/bin/docker_processes_run.sh"]
+
+By saving this file as Dockerfile to a working directory, you can then build
+your image with the docker build command, e.g.,
+`docker build -t managed_image`.
+
+### Testing the container
+
+Start the container with `apache2` and `sshd` running and managed, forwarding
+a port to our SSH instance:
+
+    $ docker run -p 127.0.0.1:222:22 -d managed_image "/usr/sbin/sshd" "/etc/init.d/apache2 start"
+
+We now clearly see one of the benefits of the cfe-docker integration: it
+allows to start several processes as part of a normal `docker run` command.
+
+We can now log in to our new container and see that both `apache2` and `sshd`
+are running. We have set the root password to "password" in the Dockerfile
+above and can use that to log in with ssh:
+
+    ssh -p222 root@127.0.0.1
+
+    ps -ef
+    UID        PID  PPID  C STIME TTY          TIME CMD
+    root         1     0  0 07:48 ?        00:00:00 /bin/bash /var/cfengine/bin/docker_processes_run.sh /usr/sbin/sshd /etc/init.d/apache2 start
+    root        18     1  0 07:48 ?        00:00:00 /var/cfengine/bin/cf-execd -F
+    root        20     1  0 07:48 ?        00:00:00 /usr/sbin/sshd
+    root        32     1  0 07:48 ?        00:00:00 /usr/sbin/apache2 -k start
+    www-data    34    32  0 07:48 ?        00:00:00 /usr/sbin/apache2 -k start
+    www-data    35    32  0 07:48 ?        00:00:00 /usr/sbin/apache2 -k start
+    www-data    36    32  0 07:48 ?        00:00:00 /usr/sbin/apache2 -k start
+    root        93    20  0 07:48 ?        00:00:00 sshd: root@pts/0
+    root       105    93  0 07:48 pts/0    00:00:00 -bash
+    root       112   105  0 07:49 pts/0    00:00:00 ps -ef
+
+If we stop apache2, it will be started again within a minute by
+CFEngine.
+
+    service apache2 status
+     Apache2 is running (pid 32).
+    service apache2 stop
+             * Stopping web server apache2 ... waiting    [ OK ]
+    service apache2 status
+     Apache2 is NOT running.
+    # ... wait up to 1 minute...
+    service apache2 status
+     Apache2 is running (pid 173).
+
+## Adapting to your applications
+
+To make sure your applications get managed in the same manner, there are
+just two things you need to adjust from the above example:
+
+ - In the Dockerfile used above, install your applications instead of
+   `apache2` and `sshd`.
+ - When you start the container with `docker run`,
+   specify the command line arguments to your applications rather than
+   `apache2` and `sshd`.
diff --git a/docs/admin/chef.md b/docs/admin/chef.md
new file mode 100644
index 00000000..ba2f6809
--- /dev/null
+++ b/docs/admin/chef.md
@@ -0,0 +1,75 @@
+<!--[metadata]>
++++
+aliases = ["/engine/articles/chef/"]
+title = "Using Chef"
+description = "Installation and using Docker via Chef"
+keywords = ["chef, installation, usage, docker,  documentation"]
+[menu.main]
+parent = "engine_admin"
++++
+<![end-metadata]-->
+
+# Using Chef
+
+> **Note**:
+> Please note this is a community contributed installation path.
+
+## Requirements
+
+To use this guide you'll need a working installation of
+[Chef](https://www.chef.io/). This cookbook supports a variety of
+operating systems.
+
+## Installation
+
+The cookbook is available on the [Chef Supermarket](https://supermarket.chef.io/cookbooks/docker) and can be
+installed using your favorite cookbook dependency manager.
+
+The source can be found on
+[GitHub](https://github.com/someara/chef-docker).
+
+Usage
+-----
+- Add ```depends 'docker', '~> 2.0'``` to your cookbook's metadata.rb
+- Use resources shipped in cookbook in a recipe, the same way you'd
+  use core Chef resources (file, template, directory, package, etc).
+
+```ruby
+docker_service 'default' do
+  action [:create, :start]
+end
+
+docker_image 'busybox' do
+  action :pull
+end
+
+docker_container 'an echo server' do
+  repo 'busybox'
+  port '1234:1234'
+  command "nc -ll -p 1234 -e /bin/cat"
+end
+```
+
+## Getting Started
+Here's a quick example of pulling the latest image and running a
+container with exposed ports.
+
+```ruby
+# Pull latest image
+docker_image 'nginx' do
+  tag 'latest'
+  action :pull
+end
+
+# Run container exposing ports
+docker_container 'my_nginx' do
+  repo 'nginx'
+  tag 'latest'
+  port '80:80'
+  binds [ '/some/local/files/:/etc/nginx/conf.d' ]
+  host_name 'www'
+  domain_name 'computers.biz'
+  env 'FOO=bar'
+  subscribes :redeploy, 'docker_image[nginx]'
+end
+```
diff --git a/docs/admin/configuring.md b/docs/admin/configuring.md
new file mode 100644
index 00000000..e7556ab7
--- /dev/null
+++ b/docs/admin/configuring.md
@@ -0,0 +1,280 @@
+<!--[metadata]>
++++
+aliases = ["/engine/articles/configuring/"]
+title = "Configuring and running Docker"
+description = "Configuring and running the Docker daemon on various distributions"
+keywords = ["docker, daemon, configuration, running,  process managers"]
+[menu.main]
+parent = "engine_admin"
+weight = 3
++++
+<![end-metadata]-->
+
+# Configuring and running Docker on various distributions
+
+After successfully installing Docker, the `docker` daemon runs with its default
+configuration.
+
+In a production environment, system administrators typically configure the
+`docker` daemon to start and stop according to an organization's requirements. In most
+cases, the system administrator configures a process manager such as `SysVinit`, `Upstart`,
+or `systemd` to manage the `docker` daemon's start and stop.
+
+### Running the docker daemon directly
+
+The `docker` daemon can be run directly using the `docker daemon` command. By default it listens on
+the Unix socket `unix:///var/run/docker.sock`
+
+    $ docker daemon
+
+    INFO[0000] +job init_networkdriver()
+    INFO[0000] +job serveapi(unix:///var/run/docker.sock)
+    INFO[0000] Listening for HTTP on unix (/var/run/docker.sock)
+    ...
+    ...
+
+### Configuring the docker daemon directly
+
+If you're running the `docker` daemon directly by running `docker daemon` instead
+of using a process manager, you can append the configuration options to the `docker` run
+command directly. Other options can be passed to the `docker` daemon to configure it.
+
+Some of the daemon's options are:
+
+| Flag                  | Description                                               |
+|-----------------------|-----------------------------------------------------------|
+| `-D`, `--debug=false` | Enable or disable debug mode. By default, this is false. |
+| `-H`,`--host=[]`      | Daemon socket(s) to connect to.                           |
+| `--tls=false`         | Enable or disable TLS. By default, this is false.         |
+
+
+Here is a an example of running the `docker` daemon with configuration options:
+
+    $ docker daemon -D --tls=true --tlscert=/var/docker/server.pem --tlskey=/var/docker/serverkey.pem -H tcp://192.168.59.3:2376
+
+These options :
+
+- Enable `-D` (debug) mode
+- Set `tls` to true with the server certificate and key specified using `--tlscert` and `--tlskey` respectively
+- Listen for connections on `tcp://192.168.59.3:2376`
+
+The command line reference has the [complete list of daemon flags](../reference/commandline/daemon.md)
+with explanations.
+
+### Daemon debugging
+
+As noted above, setting the log level of the daemon to "debug" or enabling debug mode
+with `-D` allows the administrator or operator to gain much more knowledge about the
+runtime activity of the daemon. If faced with a non-responsive daemon, the administrator
+can force a full stack trace of all threads to be added to the daemon log by sending the
+`SIGUSR1` signal to the Docker daemon. A common way to send this signal is using the `kill`
+command on Linux systems. For example, `kill -USR1 <daemon-pid>` sends the `SIGUSR1`
+signal to the daemon process, causing the stack dump to be added to the daemon log.
+
+> **Note:** The log level setting of the daemon must be at least "info" level and above for
+> the stack trace to be saved to the logfile. By default the daemon's log level is set to
+> "info".
+
+The daemon will continue operating after handling the `SIGUSR1` signal and dumping the stack
+traces to the log. The stack traces can be used to determine the state of all goroutines and
+threads within the daemon.
+
+## Ubuntu
+
+As of `14.04`, Ubuntu uses Upstart as a process manager. By default, Upstart jobs
+are located in  `/etc/init` and the `docker` Upstart job can be found at `/etc/init/docker.conf`.
+
+After successfully [installing Docker for Ubuntu](../installation/linux/ubuntulinux.md),
+you can check the running status using Upstart in this way:
+
+    $ sudo status docker
+
+    docker start/running, process 989
+
+### Running Docker
+
+You can start/stop/restart the `docker` daemon using
+
+    $ sudo start docker
+
+    $ sudo stop docker
+
+    $ sudo restart docker
+
+
+### Configuring Docker
+
+The instructions below depict configuring Docker on a system that uses `upstart`
+as the process manager. As of Ubuntu 15.04, Ubuntu uses `systemd` as its process
+manager. For Ubuntu 15.04 and higher, refer to [control and configure Docker with systemd](systemd.md).
+
+You configure the `docker` daemon in the `/etc/default/docker` file on your
+system. You do this by specifying values in a `DOCKER_OPTS` variable.
+
+To configure Docker options:
+
+1. Log into your host as a user with `sudo` or `root` privileges.
+
+2. If you don't have one, create the `/etc/default/docker` file on your host. Depending on how
+you installed Docker, you may already have this file.
+
+3. Open the file with your favorite editor.
+
+    ```
+    $ sudo vi /etc/default/docker
+    ```
+
+4. Add a `DOCKER_OPTS` variable with the following options. These options are appended to the
+`docker` daemon's run command.
+
+```
+    DOCKER_OPTS="-D --tls=true --tlscert=/var/docker/server.pem --tlskey=/var/docker/serverkey.pem -H tcp://192.168.59.3:2376"
+```
+
+These options :
+
+- Enable `-D` (debug) mode
+- Set `tls` to true with the server certificate and key specified using `--tlscert` and `--tlskey` respectively
+- Listen for connections on `tcp://192.168.59.3:2376`
+
+The command line reference has the [complete list of daemon flags](../reference/commandline/daemon.md)
+with explanations.
+
+
+5. Save and close the file.
+
+6. Restart the `docker` daemon.
+
+    ```
+    $ sudo restart docker
+    ```
+
+7. Verify that the `docker` daemon is running as specified with the `ps` command.
+
+    ```
+    $ ps aux | grep docker | grep -v grep
+    ```
+
+### Logs
+
+By default logs for Upstart jobs are located in `/var/log/upstart` and the logs for `docker` daemon
+can be located at `/var/log/upstart/docker.log`
+
+    $ tail -f /var/log/upstart/docker.log
+    INFO[0000] Loading containers: done.
+    INFO[0000] Docker daemon commit=1b09a95-unsupported graphdriver=aufs version=1.11.0-dev
+    INFO[0000] +job acceptconnections()
+    INFO[0000] -job acceptconnections() = OK (0)
+    INFO[0000] Daemon has completed initialization
+
+
+## CentOS / Red Hat Enterprise Linux / Fedora
+
+As of `7.x`, CentOS and RHEL use `systemd` as the process manager. As of `21`, Fedora uses
+`systemd` as its process manager.
+
+After successfully installing Docker for [CentOS](../installation/linux/centos.md)/[Red Hat Enterprise Linux](../installation/linux/rhel.md)/[Fedora](../installation/linux/fedora.md), you can check the running status in this way:
+
+    $ sudo systemctl status docker
+
+### Running Docker
+
+You can start/stop/restart the `docker` daemon using
+
+    $ sudo systemctl start docker
+
+    $ sudo systemctl stop docker
+
+    $ sudo systemctl restart docker
+
+If you want Docker to start at boot, you should also:
+
+    $ sudo systemctl enable docker
+
+### Configuring Docker
+
+For CentOS 7.x and RHEL 7.x you can [control and configure Docker with systemd](systemd.md).
+
+Previously, for CentOS 6.x and RHEL 6.x you would configure the `docker` daemon in
+the `/etc/sysconfig/docker` file on your system. You would do this by specifying
+values in a `other_args` variable. For a short time in CentOS 7.x and RHEL 7.x you
+would specify values in a `OPTIONS` variable. This is no longer recommended in favor
+of using systemd directly.
+
+For this section, we will use CentOS 7.x as an example to configure the `docker` daemon.
+
+To configure Docker options:
+
+1. Log into your host as a user with `sudo` or `root` privileges.
+
+2. Create the `/etc/systemd/system/docker.service.d` directory.
+
+    ```
+    $ sudo mkdir /etc/systemd/system/docker.service.d
+    ```
+
+3. Create a  `/etc/systemd/system/docker.service.d/docker.conf` file.
+
+4. Open the file with your favorite editor.
+
+    ```
+    $ sudo vi /etc/systemd/system/docker.service.d/docker.conf
+    ```
+
+5. Override the `ExecStart` configuration from your `docker.service` file to customize
+the `docker` daemon. To modify the `ExecStart` configuration you have to specify
+an empty configuration followed by a new one as follows:
+
+```
+[Service]
+ExecStart=
+ExecStart=/usr/bin/docker daemon -H fd:// -D --tls=true --tlscert=/var/docker/server.pem --tlskey=/var/docker/serverkey.pem -H tcp://192.168.59.3:2376
+```
+
+These options :
+
+- Enable `-D` (debug) mode
+- Set `tls` to true with the server certificate and key specified using `--tlscert` and `--tlskey` respectively
+- Listen for connections on `tcp://192.168.59.3:2376`
+
+The command line reference has the [complete list of daemon flags](../reference/commandline/daemon.md)
+with explanations.
+
+6. Save and close the file.
+
+7. Flush changes.
+
+    ```
+    $ sudo systemctl daemon-reload
+    ```
+
+8. Restart the `docker` daemon.
+
+    ```
+    $ sudo systemctl restart docker
+    ```
+
+9. Verify that the `docker` daemon is running as specified with the `ps` command.
+
+    ```
+    $ ps aux | grep docker | grep -v grep
+    ```
+
+### Logs
+
+systemd has its own logging system called the journal. The logs for the `docker` daemon can
+be viewed using `journalctl -u docker`
+
+    $ sudo journalctl -u docker
+    May 06 00:22:05 localhost.localdomain systemd[1]: Starting Docker Application Container Engine...
+    May 06 00:22:05 localhost.localdomain docker[2495]: time="2015-05-06T00:22:05Z" level="info" msg="+job serveapi(unix:///var/run/docker.sock)"
+    May 06 00:22:05 localhost.localdomain docker[2495]: time="2015-05-06T00:22:05Z" level="info" msg="Listening for HTTP on unix (/var/run/docker.sock)"
+    May 06 00:22:06 localhost.localdomain docker[2495]: time="2015-05-06T00:22:06Z" level="info" msg="+job init_networkdriver()"
+    May 06 00:22:06 localhost.localdomain docker[2495]: time="2015-05-06T00:22:06Z" level="info" msg="-job init_networkdriver() = OK (0)"
+    May 06 00:22:06 localhost.localdomain docker[2495]: time="2015-05-06T00:22:06Z" level="info" msg="Loading containers: start."
+    May 06 00:22:06 localhost.localdomain docker[2495]: time="2015-05-06T00:22:06Z" level="info" msg="Loading containers: done."
+    May 06 00:22:06 localhost.localdomain docker[2495]: time="2015-05-06T00:22:06Z" level="info" msg="Docker daemon commit=1b09a95-unsupported graphdriver=aufs version=1.11.0-dev"
+    May 06 00:22:06 localhost.localdomain docker[2495]: time="2015-05-06T00:22:06Z" level="info" msg="+job acceptconnections()"
+    May 06 00:22:06 localhost.localdomain docker[2495]: time="2015-05-06T00:22:06Z" level="info" msg="-job acceptconnections() = OK (0)"
+
+_Note: Using and configuring journal is an advanced topic and is beyond the scope of this article._
diff --git a/docs/admin/dsc.md b/docs/admin/dsc.md
new file mode 100644
index 00000000..84bd1d4f
--- /dev/null
+++ b/docs/admin/dsc.md
@@ -0,0 +1,174 @@
+<!--[metadata]>
++++
+aliases = ["/engine/articles/dsc/"]
+title = "PowerShell DSC Usage"
+description = "Using DSC to configure a new Docker host"
+keywords = ["powershell, dsc, installation, usage, docker,  documentation"]
+[menu.main]
+parent = "engine_admin"
++++
+<![end-metadata]-->
+
+# Using PowerShell DSC
+
+Windows PowerShell Desired State Configuration (DSC) is a configuration
+management tool that extends the existing functionality of Windows PowerShell.
+DSC uses a declarative syntax to define the state in which a target should be
+configured. More information about PowerShell DSC can be found at
+[http://technet.microsoft.com/en-us/library/dn249912.aspx](http://technet.microsoft.com/en-us/library/dn249912.aspx).
+
+## Requirements
+
+To use this guide you'll need a Windows host with PowerShell v4.0 or newer.
+
+The included DSC configuration script also uses the official PPA so
+only an Ubuntu target is supported. The Ubuntu target must already have the
+required OMI Server and PowerShell DSC for Linux providers installed. More
+information can be found at [https://github.com/MSFTOSSMgmt/WPSDSCLinux](https://github.com/MSFTOSSMgmt/WPSDSCLinux).
+The source repository listed below also includes PowerShell DSC for Linux
+installation and init scripts along with more detailed installation information.
+
+## Installation
+
+The DSC configuration example source is available in the following repository:
+[https://github.com/anweiss/DockerClientDSC](https://github.com/anweiss/DockerClientDSC). It can be cloned with:
+
+    $ git clone https://github.com/anweiss/DockerClientDSC.git
+
+## Usage
+
+The DSC configuration utilizes a set of shell scripts to determine whether or
+not the specified Docker components are configured on the target node(s). The
+source repository also includes a script (`RunDockerClientConfig.ps1`) that can
+be used to establish the required CIM session(s) and execute the
+`Set-DscConfiguration` cmdlet.
+
+More detailed usage information can be found at
+[https://github.com/anweiss/DockerClientDSC](https://github.com/anweiss/DockerClientDSC).
+
+### Install Docker
+The Docker installation configuration is equivalent to running:
+
+```
+apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys\
+36A1D7869245C8950F966E92D8576A8BA88D21E9
+sh -c "echo deb https://apt.dockerproject.org/repo ubuntu-trusty main\
+> /etc/apt/sources.list.d/docker.list"
+apt-get update
+apt-get install docker-engine
+```
+
+Ensure that your current working directory is set to the `DockerClientDSC`
+source and load the DockerClient configuration into the current PowerShell
+session
+
+```powershell
+. .\DockerClient.ps1
+```
+
+Generate the required DSC configuration .mof file for the targeted node
+
+```powershell
+DockerClient -Hostname "myhost"
+```
+
+A sample DSC configuration data file has also been included and can be modified
+and used in conjunction with or in place of the `Hostname` parameter:
+
+```powershell
+DockerClient -ConfigurationData .\DockerConfigData.psd1
+```
+
+Start the configuration application process on the targeted node
+
+```powershell
+.\RunDockerClientConfig.ps1 -Hostname "myhost"
+```
+
+The `RunDockerClientConfig.ps1` script can also parse a DSC configuration data
+file and execute configurations against multiple nodes as such:
+
+```powershell
+.\RunDockerClientConfig.ps1 -ConfigurationData .\DockerConfigData.psd1
+```
+
+### Images
+Image configuration is equivalent to running: `docker pull [image]` or
+`docker rmi -f [IMAGE]`.
+
+Using the same steps defined above, execute `DockerClient` with the `Image`
+parameter and apply the configuration:
+
+```powershell
+DockerClient -Hostname "myhost" -Image "node"
+.\RunDockerClientConfig.ps1 -Hostname "myhost"
+```
+
+You can also configure the host to pull multiple images:
+
+```powershell
+DockerClient -Hostname "myhost" -Image "node","mongo"
+.\RunDockerClientConfig.ps1 -Hostname "myhost"
+```
+
+To remove images, use a hashtable as follows:
+
+```powershell
+DockerClient -Hostname "myhost" -Image @{Name="node"; Remove=$true}
+.\RunDockerClientConfig.ps1 -Hostname $hostname
+```
+
+### Containers
+Container configuration is equivalent to running:
+
+```
+docker run -d --name="[containername]" -p '[port]' -e '[env]' --link '[link]'\
+'[image]' '[command]'
+```
+or
+
+```
+docker rm -f [containername]
+```
+
+To create or remove containers, you can use the `Container` parameter with one
+or more hashtables. The hashtable(s) passed to this parameter can have the
+following properties:
+
+- Name (required)
+- Image (required unless Remove property is set to `$true`)
+- Port
+- Env
+- Link
+- Command
+- Remove
+
+For example, create a hashtable with the settings for your container:
+
+```powershell
+$webContainer = @{Name="web"; Image="anweiss/docker-platynem"; Port="80:80"}
+```
+
+Then, using the same steps defined above, execute
+`DockerClient` with the `-Image` and `-Container` parameters:
+
+```powershell
+DockerClient -Hostname "myhost" -Image node -Container $webContainer
+.\RunDockerClientConfig.ps1 -Hostname "myhost"
+```
+
+Existing containers can also be removed as follows:
+
+```powershell
+$containerToRemove = @{Name="web"; Remove=$true}
+DockerClient -Hostname "myhost" -Container $containerToRemove
+.\RunDockerClientConfig.ps1 -Hostname "myhost"
+```
+
+Here is a hashtable with all of the properties that can be used to create a
+container:
+
+```powershell
+$containerProps = @{Name="web"; Image="node:latest"; Port="80:80"; `
+Env="PORT=80"; Link="db:db"; Command="grunt"}
+```
diff --git a/docs/admin/formatting.md b/docs/admin/formatting.md
new file mode 100644
index 00000000..d7c764d7
--- /dev/null
+++ b/docs/admin/formatting.md
@@ -0,0 +1,66 @@
+<!--[metadata]>
++++
+title = "Format command and log output"
+description = "CLI and log output formatting reference"
+keywords = ["format, formatting, output, templates, log"]
+[menu.main]
+parent = "engine_admin"
+weight=-90
++++
+<![end-metadata]-->
+
+# Formatting reference
+
+Docker uses [Go templates](https://golang.org/pkg/text/template/) to allow users manipulate the output format
+of certain commands and log drivers. Each command a driver provides a detailed
+list of elements they support in their templates:
+
+- [Docker Images formatting](https://docs.docker.com/engine/reference/commandline/images/#formatting)
+- [Docker Inspect formatting](https://docs.docker.com/engine/reference/commandline/inspect/#examples)
+- [Docker Log Tag formatting](https://docs.docker.com/engine/admin/logging/log_tags/)
+- [Docker Network Inspect formatting](https://docs.docker.com/engine/reference/commandline/network_inspect/)
+- [Docker PS formatting](https://docs.docker.com/engine/reference/commandline/ps/#formatting)
+- [Docker Volume Inspect formatting](https://docs.docker.com/engine/reference/commandline/volume_inspect/)
+- [Docker Version formatting](https://docs.docker.com/engine/reference/commandline/version/#examples)
+
+## Template functions
+
+Docker provides a set of basic functions to manipulate template elements.
+This is the complete list of the available functions with examples:
+
+### Join
+
+Join concatenates a list of strings to create a single string.
+It puts a separator between each element in the list.
+
+	$ docker ps --format '{{join .Names " or "}}'
+
+### Json
+
+Json encodes an element as a json string.
+
+	$ docker inspect --format '{{json .Mounts}}' container
+
+### Lower
+
+Lower turns a string into its lower case representation.
+
+	$ docker inspect --format "{{lower .Name}}" container
+
+### Split
+
+Split slices a string into a list of strings separated by a separator.
+
+	# docker inspect --format '{{split (join .Names "/") "/"}}' container
+
+### Title
+
+Title capitalizes a string.
+
+	$ docker inspect --format "{{title .Name}}" container
+
+### Upper
+
+Upper turms a string into its upper case representation.
+
+	$ docker inspect --format "{{upper .Name}}" container
diff --git a/docs/admin/host_integration.md b/docs/admin/host_integration.md
new file mode 100644
index 00000000..3f71592c
--- /dev/null
+++ b/docs/admin/host_integration.md
@@ -0,0 +1,88 @@
+<!--[metadata]>
++++
+aliases = ["/engine/articles/host_integration/"]
+title = "Automatically start containers"
+description = "How to generate scripts for upstart, systemd, etc."
+keywords = ["systemd, upstart, supervisor, docker, documentation,  host integration"]
+[menu.main]
+parent = "engine_admin"
++++
+<![end-metadata]-->
+
+# Automatically start containers
+
+As of Docker 1.2,
+[restart policies](../reference/run.md#restart-policies-restart) are the
+built-in Docker mechanism for restarting containers when they exit. If set,
+restart policies will be used when the Docker daemon starts up, as typically
+happens after a system boot. Restart policies will ensure that linked containers
+are started in the correct order.
+
+If restart policies don't suit your needs (i.e., you have non-Docker processes
+that depend on Docker containers), you can use a process manager like
+[upstart](http://upstart.ubuntu.com/),
+[systemd](http://freedesktop.org/wiki/Software/systemd/) or
+[supervisor](http://supervisord.org/) instead.
+
+
+## Using a process manager
+
+Docker does not set any restart policies by default, but be aware that they will
+conflict with most process managers. So don't set restart policies if you are
+using a process manager.
+
+When you have finished setting up your image and are happy with your
+running container, you can then attach a process manager to manage it.
+When you run `docker start -a`, Docker will automatically attach to the
+running container, or start it if needed and forward all signals so that
+the process manager can detect when a container stops and correctly
+restart it.
+
+Here are a few sample scripts for systemd and upstart to integrate with
+Docker.
+
+
+## Examples
+
+The examples below show configuration files for two popular process managers,
+upstart and systemd. In these examples, we'll assume that we have already
+created a container to run Redis with `--name=redis_server`. These files define
+a new service that will be started after the docker daemon service has started.
+
+
+### upstart
+
+    description "Redis container"
+    author "Me"
+    start on filesystem and started docker
+    stop on runlevel [!2345]
+    respawn
+    script
+      /usr/bin/docker start -a redis_server
+    end script
+
+### systemd
+
+    [Unit]
+    Description=Redis container
+    Requires=docker.service
+    After=docker.service
+
+    [Service]
+    Restart=always
+    ExecStart=/usr/bin/docker start -a redis_server
+    ExecStop=/usr/bin/docker stop -t 2 redis_server
+
+    [Install]
+    WantedBy=local.target
+
+If you need to pass options to the redis container (such as `--env`),
+then you'll need to use `docker run` rather than `docker start`. This will
+create a new container every time the service is started, which will be stopped
+and removed when the service is stopped.
+
+    [Service]
+    ...
+    ExecStart=/usr/bin/docker run --env foo=bar --name redis_server redis
+    ExecStop=/usr/bin/docker stop -t 2 redis_server ; /usr/bin/docker rm -f redis_server
+    ...
diff --git a/docs/admin/index.md b/docs/admin/index.md
new file mode 100644
index 00000000..0f0ab7d4
--- /dev/null
+++ b/docs/admin/index.md
@@ -0,0 +1,11 @@
+<!-- [metadata]>
++++
+title = "Administrate"
+description = "Administrate"
+keywords = ["Administrate"]
+[menu.main]
+parent="engine_use"
+identifier="engine_admin"
+weight="-70"
++++
+<![end-metadata]-->
diff --git a/docs/admin/logging/awslogs.md b/docs/admin/logging/awslogs.md
new file mode 100644
index 00000000..3f90c414
--- /dev/null
+++ b/docs/admin/logging/awslogs.md
@@ -0,0 +1,90 @@
+<!--[metadata]>
++++
+aliases = ["/engine/reference/logging/awslogs/"]
+title = "Amazon CloudWatch Logs logging driver"
+description = "Describes how to use the Amazon CloudWatch Logs logging driver."
+keywords = ["AWS, Amazon, CloudWatch, logging, driver"]
+[menu.main]
+parent = "smn_logging"
++++
+<![end-metadata]-->
+
+# Amazon CloudWatch Logs logging driver
+
+The `awslogs` logging driver sends container logs to
+[Amazon CloudWatch Logs](https://aws.amazon.com/cloudwatch/details/#log-monitoring).
+Log entries can be retrieved through the [AWS Management
+Console](https://console.aws.amazon.com/cloudwatch/home#logs:) or the [AWS SDKs
+and Command Line Tools](http://docs.aws.amazon.com/cli/latest/reference/logs/index.html).
+
+## Usage
+
+You can configure the default logging driver by passing the `--log-driver`
+option to the Docker daemon:
+
+    docker daemon --log-driver=awslogs
+
+You can set the logging driver for a specific container by using the
+`--log-driver` option to `docker run`:
+
+    docker run --log-driver=awslogs ...
+
+## Amazon CloudWatch Logs options
+
+You can use the `--log-opt NAME=VALUE` flag to specify Amazon CloudWatch Logs logging driver options.
+
+### awslogs-region
+
+The `awslogs` logging driver sends your Docker logs to a specific region. Use
+the `awslogs-region` log option or the `AWS_REGION` environment variable to set
+the region.  By default, if your Docker daemon is running on an EC2 instance
+and no region is set, the driver uses the instance's region.
+
+    docker run --log-driver=awslogs --log-opt awslogs-region=us-east-1 ...
+
+### awslogs-group
+
+You must specify a
+[log group](http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/WhatIsCloudWatchLogs.html)
+for the `awslogs` logging driver.  You can specify the log group with the
+`awslogs-group` log option:
+
+    docker run --log-driver=awslogs --log-opt awslogs-region=us-east-1 --log-opt awslogs-group=myLogGroup ...
+
+### awslogs-stream
+
+To configure which
+[log stream](http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/WhatIsCloudWatchLogs.html)
+should be used, you can specify the `awslogs-stream` log option.  If not
+specified, the container ID is used as the log stream.
+
+> **Note:**
+> Log streams within a given log group should only be used by one container
+> at a time.  Using the same log stream for multiple containers concurrently
+> can cause reduced logging performance.
+
+## Credentials
+
+You must provide AWS credentials to the Docker daemon to use the `awslogs`
+logging driver. You can provide these credentials with the `AWS_ACCESS_KEY_ID`,
+`AWS_SECRET_ACCESS_KEY`, and `AWS_SESSION_TOKEN` environment variables, the
+default AWS shared credentials file (`~/.aws/credentials` of the root user), or
+(if you are running the Docker daemon on an Amazon EC2 instance) the Amazon EC2
+instance profile.
+
+Credentials must have a policy applied that allows the `logs:CreateLogStream`
+and `logs:PutLogEvents` actions, as shown in the following example.
+
+    {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "logs:CreateLogStream",
+            "logs:PutLogEvents"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
diff --git a/docs/admin/logging/etwlogs.md b/docs/admin/logging/etwlogs.md
new file mode 100644
index 00000000..5b98fd54
--- /dev/null
+++ b/docs/admin/logging/etwlogs.md
@@ -0,0 +1,69 @@
+<!--[metadata]>
++++
+title = "ETW logging driver"
+description = "Describes how to use the etwlogs logging driver."
+keywords = ["ETW, docker, logging, driver"]
+[menu.main]
+parent = "smn_logging" 
+weight=2
++++
+<![end-metadata]-->
+
+
+# ETW logging driver
+
+The ETW logging driver forwards container logs as ETW events. 
+ETW stands for Event Tracing in Windows, and is the common framework
+for tracing applications in Windows. Each ETW event contains a message
+with both the log and its context information. A client can then create
+an ETW listener to listen to these events. 
+
+The ETW provider that this logging driver registers with Windows, has the 
+GUID identifier of: `{a3693192-9ed6-46d2-a981-f8226c8363bd}`. A client creates an 
+ETW listener and registers to listen to events from the logging driver's provider. 
+It does not matter the order in which the provider and listener are created. 
+A client can create their ETW listener and start listening for events from the provider, 
+before the provider has been registered with the system. 
+
+## Usage
+
+Here is an example of how to listen to these events using the logman utility program 
+included in most installations of Windows:
+
+   1. `logman start -ets DockerContainerLogs -p {a3693192-9ed6-46d2-a981-f8226c8363bd} 0 0 -o trace.etl`
+   2. Run your container(s) with the etwlogs driver, by adding `--log-driver=etwlogs` 
+   to the Docker run command, and generate log messages.
+   3. `logman stop -ets DockerContainerLogs`
+   4. This will generate an etl file that contains the events. One way to convert this file into 
+   human-readable form is to run: `tracerpt -y trace.etl`. 
+   
+Each ETW event will contain a structured message string in this format:
+
+    container_name: %s, image_name: %s, container_id: %s, image_id: %s, source: [stdout | stderr], log: %s
+
+Details on each item in the message can be found below:
+
+| Field                | Description                                     |
+-----------------------|-------------------------------------------------|
+| `container_name`     | The container name at the time it was started.  |
+| `image_name`         | The name of the container's image.              |
+| `container_id`       | The full 64-character container ID.             |
+| `image_id`           | The full ID of the container's image.           |
+| `source`             | `stdout` or `stderr`.                           |
+| `log`                | The container log message.                      |
+
+Here is an example event message:
+
+    container_name: backstabbing_spence, 
+    image_name: windowsservercore, 
+    container_id: f14bb55aa862d7596b03a33251c1be7dbbec8056bbdead1da8ec5ecebbe29731, 
+    image_id: sha256:2f9e19bd998d3565b4f345ac9aaf6e3fc555406239a4fb1b1ba879673713824b, 
+    source: stdout, 
+    log: Hello world!
+
+A client can parse this message string to get both the log message, as well as its 
+context information. Note that the time stamp is also available within the ETW event. 
+
+**Note**  This ETW provider emits only a message string, and not a specially 
+structured ETW event. Therefore, it is not required to register a manifest file 
+with the system to read and interpret its ETW events.
diff --git a/docs/admin/logging/fluentd.md b/docs/admin/logging/fluentd.md
new file mode 100644
index 00000000..538af7b1
--- /dev/null
+++ b/docs/admin/logging/fluentd.md
@@ -0,0 +1,115 @@
+<!--[metadata]>
++++
+aliases = ["/engine/reference/logging/fluentd/"]
+title = "Fluentd logging driver"
+description = "Describes how to use the fluentd logging driver."
+keywords = ["Fluentd, docker, logging, driver"]
+[menu.main]
+parent = "smn_logging"
+weight=2
++++
+<![end-metadata]-->
+
+# Fluentd logging driver
+
+The `fluentd` logging driver sends container logs to the
+[Fluentd](http://www.fluentd.org/) collector as structured log data. Then, users
+can use any of the [various output plugins of
+Fluentd](http://www.fluentd.org/plugins) to write these logs to various
+destinations.
+
+In addition to the log message itself, the `fluentd` log
+driver sends the following metadata in the structured log message:
+
+| Field            | Description                         |
+-------------------|-------------------------------------|
+| `container_id`   | The full 64-character container ID. |
+| `container_name` | The container name at the time it was started. If you use `docker rename` to rename a container, the new name is not reflected in the journal entries.                                         |
+| `source`         | `stdout` or `stderr`                |
+
+The `docker logs` command is not available for this logging driver.
+
+## Usage
+
+Some options are supported by specifying `--log-opt` as many times as needed:
+
+ - `fluentd-address`: specify `host:port` to connect `localhost:24224`
+ - `tag`: specify tag for fluentd message, which interpret some markup, ex `{{.ID}}`, `{{.FullID}}` or `{{.Name}}` `docker.{{.ID}}`
+
+
+Configure the default logging driver by passing the
+`--log-driver` option to the Docker daemon:
+
+    docker daemon --log-driver=fluentd
+
+To set the logging driver for a specific container, pass the
+`--log-driver` option to `docker run`:
+
+    docker run --log-driver=fluentd ...
+
+Before using this logging driver, launch a Fluentd daemon. The logging driver
+connects to this daemon through `localhost:24224` by default. Use the
+`fluentd-address` option to connect to a different address.
+
+    docker run --log-driver=fluentd --log-opt fluentd-address=myhost.local:24224
+
+If container cannot connect to the Fluentd daemon, the container stops
+immediately unless the `fluentd-async-connect` option is used.
+
+## Options
+
+Users can use the `--log-opt NAME=VALUE` flag to specify additional Fluentd logging driver options.
+
+### fluentd-address
+
+By default, the logging driver connects to `localhost:24224`. Supply the
+`fluentd-address` option to connect to a different address.
+
+    docker run --log-driver=fluentd --log-opt fluentd-address=myhost.local:24224
+
+### tag
+
+By default, Docker uses the first 12 characters of the container ID to tag log messages.
+Refer to the [log tag option documentation](log_tags.md) for customizing
+the log tag format.
+
+
+### labels and env
+
+The `labels` and `env` options each take a comma-separated list of keys. If there is collision between `label` and `env` keys, the value of the `env` takes precedence. Both options add additional fields to the extra attributes of a logging message.
+
+### fluentd-async-connect
+
+Docker connects to Fluentd in the background. Messages are buffered until the connection is established.
+
+## Fluentd daemon management with Docker
+
+About `Fluentd` itself, see [the project webpage](http://www.fluentd.org)
+and [its documents](http://docs.fluentd.org/).
+
+To use this logging driver, start the `fluentd` daemon on a host. We recommend
+that you use [the Fluentd docker
+image](https://hub.docker.com/r/fluent/fluentd/). This image is
+especially useful if you want to aggregate multiple container logs on a each
+host then, later, transfer the logs to another Fluentd node to create an
+aggregate store.
+
+### Testing container loggers
+
+1. Write a configuration file (`test.conf`) to dump input logs:
+
+        <source>
+          @type forward
+        </source>
+
+        <match docker.**>
+          @type stdout
+        </match>
+
+2. Launch Fluentd container with this configuration file:
+
+        $ docker run -it -p 24224:24224 -v /path/to/conf/test.conf:/fluentd/etc -e FLUENTD_CONF=test.conf fluent/fluentd:latest
+
+3. Start one or more containers with the `fluentd` logging driver:
+
+        $ docker run --log-driver=fluentd your/application
diff --git a/docs/admin/logging/gcplogs.md b/docs/admin/logging/gcplogs.md
new file mode 100644
index 00000000..08fd858d
--- /dev/null
+++ b/docs/admin/logging/gcplogs.md
@@ -0,0 +1,70 @@
+<!--[metadata]>
++++
+title = "Google Cloud Logging driver"
+description = "Describes how to use the Google Cloud Logging driver."
+keywords = ["gcplogs, google, docker, logging, driver"]
+[menu.main]
+parent = "smn_logging"
+weight = 2
++++
+<![end-metadata]-->
+
+# Google Cloud Logging driver
+
+The Google Cloud Logging driver sends container logs to <a href="https://cloud.google.com/logging/docs/" target="_blank">Google Cloud
+Logging</a>.
+
+## Usage
+
+You can configure the default logging driver by passing the `--log-driver`
+option to the Docker daemon:
+
+    docker daemon --log-driver=gcplogs
+
+You can set the logging driver for a specific container by using the
+`--log-driver` option to `docker run`:
+
+    docker run --log-driver=gcplogs ...
+
+This log driver does not implement a reader so it is incompatible with
+`docker logs`.
+
+If Docker detects that it is running in a Google Cloud Project, it will discover configuration
+from the <a href="https://cloud.google.com/compute/docs/metadata" target="_blank">instance metadata service</a>.
+Otherwise, the user must specify which project to log to using the `--gcp-project`
+log option and Docker will attempt to obtain credentials from the
+<a href="https://developers.google.com/identity/protocols/application-default-credentials" target="_blank">Google Application Default Credential</a>.
+The `--gcp-project` takes precedence over information discovered from the metadata server
+so a Docker daemon running in a Google Cloud Project can be overriden to log to a different
+Google Cloud Project using `--gcp-project`.
+
+## gcplogs options
+
+You can use the `--log-opt NAME=VALUE` flag to specify these additional Google
+Cloud Logging driver options:
+
+| Option                      | Required | Description                                                                                                                                 |
+|-----------------------------|----------|---------------------------------------------------------------------------------------------------------------------------------------------|
+| `gcp-project`               | optional | Which GCP project to log to. Defaults to discovering this value from the GCE metadata service.                                              |
+| `gcp-log-cmd`               | optional | Whether to log the command that the container was started with. Defaults to false.                                                          |
+| `labels`                    | optional | Comma-separated list of keys of labels, which should be included in message, if these labels are specified for container.                   |
+| `env`                       | optional | Comma-separated list of keys of environment variables, which should be included in message, if these variables are specified for container. |
+
+If there is collision between `label` and `env` keys, the value of the `env`
+takes precedence. Both options add additional fields to the attributes of a
+logging message.
+
+Below is an example of the logging options required to log to the default
+logging destination which is discovered by querying the GCE metadata server.
+
+    docker run --log-driver=gcplogs \
+        --log-opt labels=location
+        --log-opt env=TEST
+        --log-opt gcp-log-cmd=true
+        --env "TEST=false"
+        --label location=west
+        your/application
+
+This configuration also directs the driver to include in the payload the label
+`location`, the environment variable `ENV`, and the command used to start the
+container.
diff --git a/docs/admin/logging/index.md b/docs/admin/logging/index.md
new file mode 100644
index 00000000..4300565e
--- /dev/null
+++ b/docs/admin/logging/index.md
@@ -0,0 +1,23 @@
+<!--[metadata]>
++++
+aliases = ["/engine/reference/logging/"]
+title = "Logging"
+description = "Logging and Logging Drivers"
+keywords = [" docker, logging, driver"]
+[menu.main]
+parent = "engine_admin"
+identifier = "smn_logging"
+weight=8
++++
+<![end-metadata]-->
+
+
+# Logging Drivers
+
+* [Configuring logging drivers](overview.md)
+* [Configuring log tags](log_tags.md)
+* [Fluentd logging driver](fluentd.md)
+* [Journald logging driver](journald.md)
+* [Amazon CloudWatch Logs logging driver](awslogs.md)
+* [Splunk logging driver](splunk.md)
+* [ETW logging driver](etwlogs.md)
diff --git a/docs/admin/logging/journald.md b/docs/admin/logging/journald.md
new file mode 100644
index 00000000..90c97203
--- /dev/null
+++ b/docs/admin/logging/journald.md
@@ -0,0 +1,92 @@
+<!--[metadata]>
++++
+aliases = ["/engine/reference/logging/journald/"]
+title = "journald logging driver"
+description = "Describes how to use the fluentd logging driver."
+keywords = ["Fluentd, docker, logging, driver"]
+[menu.main]
+parent = "smn_logging"
+weight = 2
++++
+<![end-metadata]-->
+
+# Journald logging driver
+
+The `journald` logging driver sends container logs to the [systemd
+journal](http://www.freedesktop.org/software/systemd/man/systemd-journald.service.html).  Log entries can be retrieved using the `journalctl`
+command, through use of the journal API, or using the `docker logs` command.
+
+In addition to the text of the log message itself, the `journald` log
+driver stores the following metadata in the journal with each message:
+
+| Field               | Description |
+----------------------|-------------|
+| `CONTAINER_ID`      | The container ID truncated to 12 characters. |
+| `CONTAINER_ID_FULL` | The full 64-character container ID. |
+| `CONTAINER_NAME`    | The container name at the time it was started. If you use `docker rename` to rename a container, the new name is not reflected in the journal entries. |
+| `CONTAINER_TAG`     | The container tag ([log tag option documentation](log_tags.md)). |
+
+## Usage
+
+You can configure the default logging driver by passing the
+`--log-driver` option to the Docker daemon:
+
+    docker daemon --log-driver=journald
+
+You can set the logging driver for a specific container by using the
+`--log-driver` option to `docker run`:
+
+    docker run --log-driver=journald ...
+
+## Options
+
+Users can use the `--log-opt NAME=VALUE` flag to specify additional
+journald logging driver options.
+
+### tag
+
+Specify template to set `CONTAINER_TAG` value in journald logs. Refer to
+[log tag option documentation](log_tags.md) for customizing the log tag format.
+
+### labels and env
+
+The `labels` and `env` options each take a comma-separated list of keys. If there is collision between `label` and `env` keys, the value of the `env` takes precedence. Both options add additional metadata in the journal with each message.
+
+## Note regarding container names
+
+The value logged in the `CONTAINER_NAME` field is the container name
+that was set at startup.  If you use `docker rename` to rename a
+container, the new name will not be reflected in the journal entries.
+Journal entries will continue to use the original name.
+
+## Retrieving log messages with journalctl
+
+You can use the `journalctl` command to retrieve log messages.  You
+can apply filter expressions to limit the retrieved messages to a
+specific container.  For example, to retrieve all log messages from a
+container referenced by name:
+
+    # journalctl CONTAINER_NAME=webserver
+
+You can make use of additional filters to further limit the messages
+retrieved.  For example, to see just those messages generated since
+the system last booted:
+
+    # journalctl -b CONTAINER_NAME=webserver
+
+Or to retrieve log messages in JSON format with complete metadata:
+
+    # journalctl -o json CONTAINER_NAME=webserver
+
+## Retrieving log messages with the journal API
+
+This example uses the `systemd` Python module to retrieve container
+logs:
+
+    import systemd.journal
+
+    reader = systemd.journal.Reader()
+    reader.add_match('CONTAINER_NAME=web')
+
+    for msg in reader:
+      print '{CONTAINER_ID_FULL}: {MESSAGE}'.format(**msg)
diff --git a/docs/admin/logging/log_tags.md b/docs/admin/logging/log_tags.md
new file mode 100644
index 00000000..9b2e098d
--- /dev/null
+++ b/docs/admin/logging/log_tags.md
@@ -0,0 +1,51 @@
+<!--[metadata]>
++++
+aliases = ["/engine/reference/logging/log_tags/"]
+title = "Log tags for logging driver"
+description = "Describes how to format tags for."
+keywords = ["docker, logging, driver, syslog, Fluentd, gelf, journald"]
+[menu.main]
+parent = "smn_logging"
+weight = 1
++++
+<![end-metadata]-->
+
+# Log Tags
+
+The `tag` log option specifies how to format a tag that identifies the
+container's log messages. By default, the system uses the first 12 characters of
+the container id. To override this behavior, specify a `tag` option:
+
+```
+docker run --log-driver=fluentd --log-opt fluentd-address=myhost.local:24224 --log-opt tag="mailer"
+```
+
+Docker supports some special template markup you can use when specifying a tag's value:
+
+| Markup             | Description                                          |
+|--------------------|------------------------------------------------------|
+| `{{.ID}}`          | The first 12 characters of the container id.         |
+| `{{.FullID}}`      | The full container id.                               |
+| `{{.Name}}`        | The container name.                                  |
+| `{{.ImageID}}`     | The first 12 characters of the container's image id. |
+| `{{.ImageFullID}}` | The container's full image identifier.               |
+| `{{.ImageName}}`   | The name of the image used by the container.         |
+
+For example, specifying a `--log-opt tag="{{.ImageName}}/{{.Name}}/{{.ID}}"` value yields `syslog` log lines like:
+
+```
+Aug  7 18:33:19 HOSTNAME docker/hello-world/foobar/5790672ab6a0[9103]: Hello from Docker.
+```
+
+At startup time, the system sets the `container_name` field and `{{.Name}}` in
+the tags. If you use `docker rename` to rename a container, the new name is not
+reflected in the log messages. Instead, these messages continue to use the
+original container name.
+
+For advanced usage, the generated tag's use [go
+templates](http://golang.org/pkg/text/template/) and the container's [logging
+context](https://github.com/docker/docker/blob/master/daemon/logger/context.go).
+
+>**Note**:The driver specific log options `syslog-tag`, `fluentd-tag` and
+>`gelf-tag` still work for backwards compatibility. However, going forward you
+>should standardize on using the generic `tag` log option instead.
diff --git a/docs/admin/logging/overview.md b/docs/admin/logging/overview.md
new file mode 100644
index 00000000..8a7cd12f
--- /dev/null
+++ b/docs/admin/logging/overview.md
@@ -0,0 +1,246 @@
+<!--[metadata]>
++++
+aliases = ["/engine/reference/logging/overview/"]
+title = "Configuring Logging Drivers"
+description = "Configure logging driver."
+keywords = ["docker, logging, driver, Fluentd"]
+[menu.main]
+parent = "smn_logging"
+weight=-1
++++
+<![end-metadata]-->
+
+
+# Configure logging drivers
+
+The container can have a different logging driver than the Docker daemon. Use
+the `--log-driver=VALUE` with the `docker run` command to configure the
+container's logging driver. The following options are supported:
+
+| `none`      | Disables any logging for the container. `docker logs` won't be available with this driver.                                    |
+|-------------|-------------------------------------------------------------------------------------------------------------------------------|
+| `json-file` | Default logging driver for Docker. Writes JSON messages to file.                                                              |
+| `syslog`    | Syslog logging driver for Docker. Writes log messages to syslog.                                                              |
+| `journald`  | Journald logging driver for Docker. Writes log messages to `journald`.                                                        |
+| `gelf`      | Graylog Extended Log Format (GELF) logging driver for Docker. Writes log messages to a GELF endpoint likeGraylog or Logstash. |
+| `fluentd`   | Fluentd logging driver for Docker. Writes log messages to `fluentd` (forward input).                                          |
+| `awslogs`   | Amazon CloudWatch Logs logging driver for Docker. Writes log messages to Amazon CloudWatch Logs.                              |
+| `splunk`    | Splunk logging driver for Docker. Writes log messages to `splunk` using HTTP Event Collector.                                 |
+| `etwlogs`   | ETW logging driver for Docker on Windows. Writes log messages as ETW events.                                                  |
+| `gcplogs`   | Google Cloud Logging driver for Docker. Writes log messages to Google Cloud Logging.                                          |
+
+The `docker logs`command is available only for the `json-file` and `journald`
+logging drivers.
+
+The `labels` and `env` options add additional attributes for use with logging drivers that accept them. Each option takes a comma-separated list of keys. If there is collision between `label` and `env` keys, the value of the `env` takes precedence.
+
+To use attributes, specify them when you start the Docker daemon.
+
+```
+docker daemon --log-driver=json-file --log-opt labels=foo --log-opt env=foo,fizz
+```
+
+Then, run a container and specify values for the `labels` or `env`.  For example, you might use this:
+
+```
+docker run --label foo=bar -e fizz=buzz -d -P training/webapp python app.py
+```
+
+This adds additional fields to the log depending on the driver, e.g. for
+`json-file` that looks like:
+
+    "attrs":{"fizz":"buzz","foo":"bar"}
+
+
+## json-file options
+
+The following logging options are supported for the `json-file` logging driver:
+
+    --log-opt max-size=[0-9+][k|m|g]
+    --log-opt max-file=[0-9+]
+    --log-opt labels=label1,label2
+    --log-opt env=env1,env2
+
+Logs that reach `max-size` are rolled over. You can set the size in kilobytes(k), megabytes(m), or gigabytes(g). eg `--log-opt max-size=50m`. If `max-size` is not set, then logs are not rolled over.
+
+`max-file` specifies the maximum number of files that a log is rolled over before being discarded. eg `--log-opt max-file=100`. If `max-size` is not set, then `max-file` is not honored.
+
+If `max-size` and `max-file` are set, `docker logs` only returns the log lines from the newest log file.
+
+
+## syslog options
+
+The following logging options are supported for the `syslog` logging driver:
+
+    --log-opt syslog-address=[tcp|udp|tcp+tls]://host:port
+    --log-opt syslog-address=unix://path
+    --log-opt syslog-facility=daemon
+    --log-opt syslog-tls-ca-cert=/etc/ca-certificates/custom/ca.pem
+    --log-opt syslog-tls-cert=/etc/ca-certificates/custom/cert.pem
+    --log-opt syslog-tls-key=/etc/ca-certificates/custom/key.pem
+    --log-opt syslog-tls-skip-verify=true
+    --log-opt tag="mailer"
+    --log-opt syslog-format=[rfc5424|rfc3164] 
+
+`syslog-address` specifies the remote syslog server address where the driver connects to.
+If not specified it defaults to the local unix socket of the running system.
+If transport is either `tcp` or `udp` and `port` is not specified it defaults to `514`
+The following example shows how to have the `syslog` driver connect to a `syslog`
+remote server at `192.168.0.42` on port `123`
+
+    $ docker run --log-driver=syslog --log-opt syslog-address=tcp://192.168.0.42:123
+
+The `syslog-facility` option configures the syslog facility. By default, the system uses the
+`daemon` value. To override this behavior, you can provide an integer of 0 to 23 or any of
+the following named facilities:
+
+* `kern`
+* `user`
+* `mail`
+* `daemon`
+* `auth`
+* `syslog`
+* `lpr`
+* `news`
+* `uucp`
+* `cron`
+* `authpriv`
+* `ftp`
+* `local0`
+* `local1`
+* `local2`
+* `local3`
+* `local4`
+* `local5`
+* `local6`
+* `local7`
+
+`syslog-tls-ca-cert` specifies the absolute path to the trust certificates
+signed by the CA. This option is ignored if the address protocol is not `tcp+tls`.
+
+`syslog-tls-cert` specifies the absolute path to the TLS certificate file.
+This option is ignored if the address protocol is not `tcp+tls`.
+
+`syslog-tls-key` specifies the absolute path to the TLS key file.
+This option is ignored if the address protocol is not `tcp+tls`.
+
+`syslog-tls-skip-verify` configures the TLS verification.
+This verification is enabled by default, but it can be overriden by setting
+this option to `true`. This option is ignored if the address protocol is not `tcp+tls`.
+
+By default, Docker uses the first 12 characters of the container ID to tag log messages.
+Refer to the [log tag option documentation](log_tags.md) for customizing
+the log tag format.
+
+`syslog-format` specifies syslog message format to use when logging.
+If not specified it defaults to the local unix syslog format without hostname specification.
+Specify rfc3164 to perform logging in RFC-3164 compatible format. Specify rfc5424 to perform 
+logging in RFC-5424 compatible format
+
+
+## journald options
+
+The `journald` logging driver stores the container id in the journal's `CONTAINER_ID` field. For detailed information on
+working with this logging driver, see [the journald logging driver](journald.md)
+reference documentation.
+
+## gelf options
+
+The GELF logging driver supports the following options:
+
+    --log-opt gelf-address=udp://host:port
+    --log-opt tag="database"
+    --log-opt labels=label1,label2
+    --log-opt env=env1,env2
+    --log-opt gelf-compression-type=gzip
+    --log-opt gelf-compression-level=1
+
+The `gelf-address` option specifies the remote GELF server address that the
+driver connects to. Currently, only `udp` is supported as the transport and you must
+specify a `port` value. The following example shows how to connect the `gelf`
+driver to a GELF remote server at `192.168.0.42` on port `12201`
+
+    $ docker run --log-driver=gelf --log-opt gelf-address=udp://192.168.0.42:12201
+
+By default, Docker uses the first 12 characters of the container ID to tag log messages.
+Refer to the [log tag option documentation](log_tags.md) for customizing
+the log tag format.
+
+The `labels` and `env` options are supported by the gelf logging
+driver. It adds additional key on the `extra` fields, prefixed by an
+underscore (`_`).
+
+    // […]
+    "_foo": "bar",
+    "_fizz": "buzz",
+    // […]
+
+The `gelf-compression-type` option can be used to change how the GELF driver
+compresses each log message. The accepted values are `gzip`, `zlib` and `none`.
+`gzip` is chosen by default.
+
+The `gelf-compression-level` option can be used to change the level of compresssion
+when `gzip` or `zlib` is selected as `gelf-compression-type`. Accepted value
+must be from from -1 to 9 (BestCompression). Higher levels typically
+run slower but compress more. Default value is 1 (BestSpeed).
+
+## fluentd options
+
+You can use the `--log-opt NAME=VALUE` flag to specify these additional Fluentd logging driver options.
+
+ - `fluentd-address`: specify `host:port` to connect [localhost:24224]
+ - `tag`: specify tag for `fluentd` message
+ - `fluentd-buffer-limit`: specify the maximum size of the fluentd log buffer [8MB]
+ - `fluentd-retry-wait`: initial delay before a connection retry (after which it increases exponentially) [1000ms]
+ - `fluentd-max-retries`: maximum number of connection retries before abrupt failure of docker [1073741824]
+ - `fluentd-async-connect`: whether to block on initial connection or not [false]
+
+For example, to specify both additional options:
+
+`docker run --log-driver=fluentd --log-opt fluentd-address=localhost:24224 --log-opt tag=docker.{{.Name}}`
+
+If container cannot connect to the Fluentd daemon on the specified address and
+`fluentd-async-connect` is not enabled, the container stops immediately.
+For detailed information on working with this logging driver,
+see [the fluentd logging driver](fluentd.md)
+
+
+## Specify Amazon CloudWatch Logs options
+
+The Amazon CloudWatch Logs logging driver supports the following options:
+
+    --log-opt awslogs-region=<aws_region>
+    --log-opt awslogs-group=<log_group_name>
+    --log-opt awslogs-stream=<log_stream_name>
+
+
+For detailed information on working with this logging driver, see [the awslogs logging driver](awslogs.md) reference documentation.
+
+## Splunk options
+
+The Splunk logging driver requires the following options:
+
+    --log-opt splunk-token=<splunk_http_event_collector_token>
+    --log-opt splunk-url=https://your_splunk_instance:8088
+
+For detailed information about working with this logging driver, see the [Splunk logging driver](splunk.md)
+reference documentation.
+
+## ETW logging driver options
+
+The etwlogs logging driver does not require any options to be specified. This logging driver will forward each log message
+as an ETW event. An ETW listener can then be created to listen for these events. 
+
+For detailed information on working with this logging driver, see [the ETW logging driver](etwlogs.md) reference documentation.
+
+## Google Cloud Logging
+
+The Google Cloud Logging driver supports the following options:
+
+    --log-opt gcp-project=<gcp_projext>
+    --log-opt labels=<label1>,<label2>
+    --log-opt env=<envvar1>,<envvar2>
+    --log-opt log-cmd=true
+
+For detailed information about working with this logging driver, see the [Google Cloud Logging driver](gcplogs.md).
+reference documentation.
diff --git a/docs/admin/logging/splunk.md b/docs/admin/logging/splunk.md
new file mode 100644
index 00000000..9c60a529
--- /dev/null
+++ b/docs/admin/logging/splunk.md
@@ -0,0 +1,69 @@
+<!--[metadata]>
++++
+aliases = ["/engine/reference/logging/splunk/"]
+title = "Splunk logging driver"
+description = "Describes how to use the Splunk logging driver."
+keywords = ["splunk, docker, logging, driver"]
+[menu.main]
+parent = "smn_logging"
+weight = 2
++++
+<![end-metadata]-->
+
+# Splunk logging driver
+
+The `splunk` logging driver sends container logs to
+[HTTP Event Collector](http://dev.splunk.com/view/event-collector/SP-CAAAE6M)
+in Splunk Enterprise and Splunk Cloud.
+
+## Usage
+
+You can configure the default logging driver by passing the `--log-driver`
+option to the Docker daemon:
+
+    docker daemon --log-driver=splunk
+
+You can set the logging driver for a specific container by using the
+`--log-driver` option to `docker run`:
+
+    docker run --log-driver=splunk ...
+
+## Splunk options
+
+You can use the `--log-opt NAME=VALUE` flag to specify these additional Splunk
+logging driver options:
+
+| Option                      | Required | Description                                                                                                                                                                                                        |
+|-----------------------------|----------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `splunk-token`              | required | Splunk HTTP Event Collector token.                                                                                                                                                                                 |
+| `splunk-url`                | required | Path to your Splunk Enterprise or Splunk Cloud instance (including port and schema used by HTTP Event Collector) `https://your_splunk_instance:8088`.                                                              |
+| `splunk-source`             | optional | Event source.                                                                                                                                                                                                      |
+| `splunk-sourcetype`         | optional | Event source type.                                                                                                                                                                                                 |
+| `splunk-index`              | optional | Event index.                                                                                                                                                                                                       |
+| `splunk-capath`             | optional | Path to root certificate.                                                                                                                                                                                          |
+| `splunk-caname`             | optional | Name to use for validating server certificate; by default the hostname of the `splunk-url` will be used.                                                                                                           |
+| `splunk-insecureskipverify` | optional | Ignore server certificate validation.                                                                                                                                                                              |
+| `tag`                       | optional | Specify tag for message, which interpret some markup. Default value is `{{.ID}}` (12 characters of the container ID). Refer to the [log tag option documentation](log_tags.md) for customizing the log tag format. |
+| `labels`                    | optional | Comma-separated list of keys of labels, which should be included in message, if these labels are specified for container.                                                                                          |
+| `env`                       | optional | Comma-separated list of keys of environment variables, which should be included in message, if these variables are specified for container.                                                                        |
+
+If there is collision between `label` and `env` keys, the value of the `env` takes precedence.
+Both options add additional fields to the attributes of a logging message.
+
+Below is an example of the logging option specified for the Splunk Enterprise
+instance. The instance is installed locally on the same machine on which the
+Docker daemon is running. The path to the root certificate and Common Name is
+specified using an HTTPS schema. This is used for verification.
+The `SplunkServerDefaultCert` is automatically generated by Splunk certificates.
+
+    docker run --log-driver=splunk \
+        --log-opt splunk-token=176FCEBF-4CF5-4EDF-91BC-703796522D20 \
+        --log-opt splunk-url=https://splunkhost:8088 \
+        --log-opt splunk-capath=/path/to/cert/cacert.pem \
+        --log-opt splunk-caname=SplunkServerDefaultCert
+        --log-opt tag="{{.Name}}/{{.FullID}}"
+        --log-opt labels=location
+        --log-opt env=TEST
+        --env "TEST=false"
+        --label location=west
+        your/application
diff --git a/docs/admin/puppet.md b/docs/admin/puppet.md
new file mode 100644
index 00000000..d03200f8
--- /dev/null
+++ b/docs/admin/puppet.md
@@ -0,0 +1,100 @@
+<!--[metadata]>
++++
+aliases = ["/engine/articles/puppet/"]
+title = "Using Puppet"
+description = "Installing and using Puppet"
+keywords = ["puppet, installation, usage, docker,  documentation"]
+[menu.main]
+parent = "engine_admin"
++++
+<![end-metadata]-->
+
+# Using Puppet
+
+> *Note:* Please note this is a community contributed installation path. The
+> only `official` installation is using the
+> [*Ubuntu*](../installation/linux/ubuntulinux.md) installation
+> path. This version may sometimes be out of date.
+
+## Requirements
+
+To use this guide you'll need a working installation of Puppet from
+[Puppet Labs](https://puppetlabs.com) .
+
+The module also currently uses the official PPA so only works with
+Ubuntu.
+
+## Installation
+
+The module is available on the [Puppet
+Forge](https://forge.puppetlabs.com/garethr/docker/) and can be
+installed using the built-in module tool.
+
+    $ puppet module install garethr/docker
+
+It can also be found on
+[GitHub](https://github.com/garethr/garethr-docker) if you would rather
+download the source.
+
+## Usage
+
+The module provides a puppet class for installing Docker and two defined
+types for managing images and containers.
+
+### Installation
+
+    include 'docker'
+
+### Images
+
+The next step is probably to install a Docker image. For this, we have a
+defined type which can be used like so:
+
+    docker::image { 'ubuntu': }
+
+This is equivalent to running:
+
+    $ docker pull ubuntu
+
+Note that it will only be downloaded if an image of that name does not
+already exist. This is downloading a large binary so on first run can
+take a while. For that reason this define turns off the default 5 minute
+timeout for the exec type. Note that you can also remove images you no
+longer need with:
+
+    docker::image { 'ubuntu':
+      ensure => 'absent',
+    }
+
+### Containers
+
+Now you have an image where you can run commands within a container
+managed by Docker.
+
+    docker::run { 'helloworld':
+      image   => 'ubuntu',
+      command => '/bin/sh -c "while true; do echo hello world; sleep 1; done"',
+    }
+
+This is equivalent to running the following command, but under upstart:
+
+    $ docker run -d ubuntu /bin/sh -c "while true; do echo hello world; sleep 1; done"
+
+Run also contains a number of optional parameters:
+
+    docker::run { 'helloworld':
+      image        => 'ubuntu',
+      command      => '/bin/sh -c "while true; do echo hello world; sleep 1; done"',
+      ports        => ['4444', '4555'],
+      volumes      => ['/var/lib/couchdb', '/var/log'],
+      volumes_from => '6446ea52fbc9',
+      memory_limit => 10485760, # bytes
+      username     => 'example',
+      hostname     => 'example.com',
+      env          => ['FOO=BAR', 'FOO2=BAR2'],
+      dns          => ['8.8.8.8', '8.8.4.4'],
+    }
+
+> *Note:*
+> The `ports`, `env`, `dns` and `volumes` attributes can be set with either a single
+> string or as above with an array of values.
diff --git a/docs/admin/registry_mirror.md b/docs/admin/registry_mirror.md
new file mode 100644
index 00000000..2d67f9c5
--- /dev/null
+++ b/docs/admin/registry_mirror.md
@@ -0,0 +1,19 @@
+<!--[metadata]>
++++
+aliases = ["/engine/articles/registry_mirror/"]
+title = "Run a local registry mirror"
+description = "How to set up and run a local registry mirror"
+keywords = ["docker, registry, mirror,  examples"]
+[menu.main]
+parent = "engine_admin"
+weight = 8
++++
+<![end-metadata]-->
+
+# Run a local registry mirror
+
+The original content was deprecated. [An archived
+version](https://docs.docker.com/v1.6/articles/registry_mirror) is available in
+the 1.7 documentation. For information about configuring mirrors with the latest
+Docker Registry version, please file a support request with [the Distribution
+project](https://github.com/docker/distribution/issues).
diff --git a/docs/admin/runmetrics.md b/docs/admin/runmetrics.md
new file mode 100644
index 00000000..b1d88100
--- /dev/null
+++ b/docs/admin/runmetrics.md
@@ -0,0 +1,464 @@
+<!--[metadata]>
++++
+aliases = ["/engine/articles/run_metrics"]
+title = "Runtime metrics"
+description = "Measure the behavior of running containers"
+keywords = ["docker, metrics, CPU, memory, disk, IO, run,  runtime, stats"]
+[menu.main]
+parent = "engine_admin"
+weight = 4
++++
+<![end-metadata]-->
+
+# Runtime metrics
+
+
+## Docker stats
+
+You can use the `docker stats` command to live stream a container's
+runtime metrics. The command supports CPU, memory usage, memory limit,
+and network IO metrics.
+
+The following is a sample output from the `docker stats` command
+
+    $ docker stats redis1 redis2
+    CONTAINER           CPU %               MEM USAGE / LIMIT     MEM %               NET I/O             BLOCK I/O
+    redis1              0.07%               796 KB / 64 MB        1.21%               788 B / 648 B       3.568 MB / 512 KB
+    redis2              0.07%               2.746 MB / 64 MB      4.29%               1.266 KB / 648 B    12.4 MB / 0 B
+
+
+The [docker stats](../reference/commandline/stats.md) reference page has
+more details about the `docker stats` command.
+
+## Control groups
+
+Linux Containers rely on [control groups](
+https://www.kernel.org/doc/Documentation/cgroups/cgroups.txt)
+which not only track groups of processes, but also expose metrics about
+CPU, memory, and block I/O usage. You can access those metrics and
+obtain network usage metrics as well. This is relevant for "pure" LXC
+containers, as well as for Docker containers.
+
+Control groups are exposed through a pseudo-filesystem. In recent
+distros, you should find this filesystem under `/sys/fs/cgroup`. Under
+that directory, you will see multiple sub-directories, called devices,
+freezer, blkio, etc.; each sub-directory actually corresponds to a different
+cgroup hierarchy.
+
+On older systems, the control groups might be mounted on `/cgroup`, without
+distinct hierarchies. In that case, instead of seeing the sub-directories,
+you will see a bunch of files in that directory, and possibly some directories
+corresponding to existing containers.
+
+To figure out where your control groups are mounted, you can run:
+
+    $ grep cgroup /proc/mounts
+
+## Enumerating cgroups
+
+You can look into `/proc/cgroups` to see the different control group subsystems
+known to the system, the hierarchy they belong to, and how many groups they contain.
+
+You can also look at `/proc/<pid>/cgroup` to see which control groups a process
+belongs to. The control group will be shown as a path relative to the root of
+the hierarchy mountpoint; e.g., `/` means “this process has not been assigned into
+a particular group”, while `/lxc/pumpkin` means that the process is likely to be
+a member of a container named `pumpkin`.
+
+## Finding the cgroup for a given container
+
+For each container, one cgroup will be created in each hierarchy. On
+older systems with older versions of the LXC userland tools, the name of
+the cgroup will be the name of the container. With more recent versions
+of the LXC tools, the cgroup will be `lxc/<container_name>.`
+
+For Docker containers using cgroups, the container name will be the full
+ID or long ID of the container. If a container shows up as ae836c95b4c3
+in `docker ps`, its long ID might be something like
+`ae836c95b4c3c9e9179e0e91015512da89fdec91612f63cebae57df9a5444c79`. You can
+look it up with `docker inspect` or `docker ps --no-trunc`.
+
+Putting everything together to look at the memory metrics for a Docker
+container, take a look at `/sys/fs/cgroup/memory/docker/<longid>/`.
+
+## Metrics from cgroups: memory, CPU, block I/O
+
+For each subsystem (memory, CPU, and block I/O), you will find one or
+more pseudo-files containing statistics.
+
+### Memory metrics: `memory.stat`
+
+Memory metrics are found in the "memory" cgroup. Note that the memory
+control group adds a little overhead, because it does very fine-grained
+accounting of the memory usage on your host. Therefore, many distros
+chose to not enable it by default. Generally, to enable it, all you have
+to do is to add some kernel command-line parameters:
+`cgroup_enable=memory swapaccount=1`.
+
+The metrics are in the pseudo-file `memory.stat`.
+Here is what it will look like:
+
+    cache 11492564992
+    rss 1930993664
+    mapped_file 306728960
+    pgpgin 406632648
+    pgpgout 403355412
+    swap 0
+    pgfault 728281223
+    pgmajfault 1724
+    inactive_anon 46608384
+    active_anon 1884520448
+    inactive_file 7003344896
+    active_file 4489052160
+    unevictable 32768
+    hierarchical_memory_limit 9223372036854775807
+    hierarchical_memsw_limit 9223372036854775807
+    total_cache 11492564992
+    total_rss 1930993664
+    total_mapped_file 306728960
+    total_pgpgin 406632648
+    total_pgpgout 403355412
+    total_swap 0
+    total_pgfault 728281223
+    total_pgmajfault 1724
+    total_inactive_anon 46608384
+    total_active_anon 1884520448
+    total_inactive_file 7003344896
+    total_active_file 4489052160
+    total_unevictable 32768
+
+The first half (without the `total_` prefix) contains statistics relevant
+to the processes within the cgroup, excluding sub-cgroups. The second half
+(with the `total_` prefix) includes sub-cgroups as well.
+
+Some metrics are "gauges", i.e., values that can increase or decrease
+(e.g., swap, the amount of swap space used by the members of the cgroup).
+Some others are "counters", i.e., values that can only go up, because
+they represent occurrences of a specific event (e.g., pgfault, which
+indicates the number of page faults which happened since the creation of
+the cgroup; this number can never decrease).
+
+
+ - **cache:**  
+   the amount of memory used by the processes of this control group
+   that can be associated precisely with a block on a block device.
+   When you read from and write to files on disk, this amount will
+   increase. This will be the case if you use "conventional" I/O
+   (`open`, `read`,
+   `write` syscalls) as well as mapped files (with
+   `mmap`). It also accounts for the memory used by
+   `tmpfs` mounts, though the reasons are unclear.
+
+ - **rss:**  
+   the amount of memory that *doesn't* correspond to anything on disk:
+   stacks, heaps, and anonymous memory maps.
+
+ - **mapped_file:**  
+   indicates the amount of memory mapped by the processes in the
+   control group. It doesn't give you information about *how much*
+   memory is used; it rather tells you *how* it is used.
+
+ - **pgfault and pgmajfault:**  
+   indicate the number of times that a process of the cgroup triggered
+   a "page fault" and a "major fault", respectively. A page fault
+   happens when a process accesses a part of its virtual memory space
+   which is nonexistent or protected. The former can happen if the
+   process is buggy and tries to access an invalid address (it will
+   then be sent a `SIGSEGV` signal, typically
+   killing it with the famous `Segmentation fault`
+   message). The latter can happen when the process reads from a memory
+   zone which has been swapped out, or which corresponds to a mapped
+   file: in that case, the kernel will load the page from disk, and let
+   the CPU complete the memory access. It can also happen when the
+   process writes to a copy-on-write memory zone: likewise, the kernel
+   will preempt the process, duplicate the memory page, and resume the
+   write operation on the process` own copy of the page. "Major" faults
+   happen when the kernel actually has to read the data from disk. When
+   it just has to duplicate an existing page, or allocate an empty
+   page, it's a regular (or "minor") fault.
+
+ - **swap:**  
+   the amount of swap currently used by the processes in this cgroup.
+
+ - **active_anon and inactive_anon:**  
+   the amount of *anonymous* memory that has been identified has
+   respectively *active* and *inactive* by the kernel. "Anonymous"
+   memory is the memory that is *not* linked to disk pages. In other
+   words, that's the equivalent of the rss counter described above. In
+   fact, the very definition of the rss counter is **active_anon** +
+   **inactive_anon** - **tmpfs** (where tmpfs is the amount of memory
+   used up by `tmpfs` filesystems mounted by this
+   control group). Now, what's the difference between "active" and
+   "inactive"? Pages are initially "active"; and at regular intervals,
+   the kernel sweeps over the memory, and tags some pages as
+   "inactive". Whenever they are accessed again, they are immediately
+   retagged "active". When the kernel is almost out of memory, and time
+   comes to swap out to disk, the kernel will swap "inactive" pages.
+
+ - **active_file and inactive_file:**  
+   cache memory, with *active* and *inactive* similar to the *anon*
+   memory above. The exact formula is cache = **active_file** +
+   **inactive_file** + **tmpfs**. The exact rules used by the kernel
+   to move memory pages between active and inactive sets are different
+   from the ones used for anonymous memory, but the general principle
+   is the same. Note that when the kernel needs to reclaim memory, it
+   is cheaper to reclaim a clean (=non modified) page from this pool,
+   since it can be reclaimed immediately (while anonymous pages and
+   dirty/modified pages have to be written to disk first).
+
+ - **unevictable:**  
+   the amount of memory that cannot be reclaimed; generally, it will
+   account for memory that has been "locked" with `mlock`.
+   It is often used by crypto frameworks to make sure that
+   secret keys and other sensitive material never gets swapped out to
+   disk.
+
+ - **memory and memsw limits:**  
+   These are not really metrics, but a reminder of the limits applied
+   to this cgroup. The first one indicates the maximum amount of
+   physical memory that can be used by the processes of this control
+   group; the second one indicates the maximum amount of RAM+swap.
+
+Accounting for memory in the page cache is very complex. If two
+processes in different control groups both read the same file
+(ultimately relying on the same blocks on disk), the corresponding
+memory charge will be split between the control groups. It's nice, but
+it also means that when a cgroup is terminated, it could increase the
+memory usage of another cgroup, because they are not splitting the cost
+anymore for those memory pages.
+
+### CPU metrics: `cpuacct.stat`
+
+Now that we've covered memory metrics, everything else will look very
+simple in comparison. CPU metrics will be found in the
+`cpuacct` controller.
+
+For each container, you will find a pseudo-file `cpuacct.stat`,
+containing the CPU usage accumulated by the processes of the container,
+broken down between `user` and `system` time. If you're not familiar
+with the distinction, `user` is the time during which the processes were
+in direct control of the CPU (i.e., executing process code), and `system`
+is the time during which the CPU was executing system calls on behalf of
+those processes.
+
+Those times are expressed in ticks of 1/100th of a second. Actually,
+they are expressed in "user jiffies". There are `USER_HZ`
+*"jiffies"* per second, and on x86 systems,
+`USER_HZ` is 100. This used to map exactly to the
+number of scheduler "ticks" per second; but with the advent of higher
+frequency scheduling, as well as [tickless kernels](
+http://lwn.net/Articles/549580/), the number of kernel ticks
+wasn't relevant anymore. It stuck around anyway, mainly for legacy and
+compatibility reasons.
+
+### Block I/O metrics
+
+Block I/O is accounted in the `blkio` controller.
+Different metrics are scattered across different files. While you can
+find in-depth details in the [blkio-controller](
+https://www.kernel.org/doc/Documentation/cgroups/blkio-controller.txt)
+file in the kernel documentation, here is a short list of the most
+relevant ones:
+
+
+ - **blkio.sectors:**  
+   contain the number of 512-bytes sectors read and written by the
+   processes member of the cgroup, device by device. Reads and writes
+   are merged in a single counter.
+
+ - **blkio.io_service_bytes:**  
+   indicates the number of bytes read and written by the cgroup. It has
+   4 counters per device, because for each device, it differentiates
+   between synchronous vs. asynchronous I/O, and reads vs. writes.
+
+ - **blkio.io_serviced:**  
+   the number of I/O operations performed, regardless of their size. It
+   also has 4 counters per device.
+
+ - **blkio.io_queued:**  
+   indicates the number of I/O operations currently queued for this
+   cgroup. In other words, if the cgroup isn't doing any I/O, this will
+   be zero. Note that the opposite is not true. In other words, if
+   there is no I/O queued, it does not mean that the cgroup is idle
+   (I/O-wise). It could be doing purely synchronous reads on an
+   otherwise quiescent device, which is therefore able to handle them
+   immediately, without queuing. Also, while it is helpful to figure
+   out which cgroup is putting stress on the I/O subsystem, keep in
+   mind that it is a relative quantity. Even if a process group does
+   not perform more I/O, its queue size can increase just because the
+   device load increases because of other devices.
+
+## Network metrics
+
+Network metrics are not exposed directly by control groups. There is a
+good explanation for that: network interfaces exist within the context
+of *network namespaces*. The kernel could probably accumulate metrics
+about packets and bytes sent and received by a group of processes, but
+those metrics wouldn't be very useful. You want per-interface metrics
+(because traffic happening on the local `lo`
+interface doesn't really count). But since processes in a single cgroup
+can belong to multiple network namespaces, those metrics would be harder
+to interpret: multiple network namespaces means multiple `lo`
+interfaces, potentially multiple `eth0`
+interfaces, etc.; so this is why there is no easy way to gather network
+metrics with control groups.
+
+Instead we can gather network metrics from other sources:
+
+### IPtables
+
+IPtables (or rather, the netfilter framework for which iptables is just
+an interface) can do some serious accounting.
+
+For instance, you can setup a rule to account for the outbound HTTP
+traffic on a web server:
+
+    $ iptables -I OUTPUT -p tcp --sport 80
+
+There is no `-j` or `-g` flag,
+so the rule will just count matched packets and go to the following
+rule.
+
+Later, you can check the values of the counters, with:
+
+    $ iptables -nxvL OUTPUT
+
+Technically, `-n` is not required, but it will
+prevent iptables from doing DNS reverse lookups, which are probably
+useless in this scenario.
+
+Counters include packets and bytes. If you want to setup metrics for
+container traffic like this, you could execute a `for`
+loop to add two `iptables` rules per
+container IP address (one in each direction), in the `FORWARD`
+chain. This will only meter traffic going through the NAT
+layer; you will also have to add traffic going through the userland
+proxy.
+
+Then, you will need to check those counters on a regular basis. If you
+happen to use `collectd`, there is a [nice plugin](https://collectd.org/wiki/index.php/Table_of_Plugins)
+to automate iptables counters collection.
+
+### Interface-level counters
+
+Since each container has a virtual Ethernet interface, you might want to
+check directly the TX and RX counters of this interface. You will notice
+that each container is associated to a virtual Ethernet interface in
+your host, with a name like `vethKk8Zqi`. Figuring
+out which interface corresponds to which container is, unfortunately,
+difficult.
+
+But for now, the best way is to check the metrics *from within the
+containers*. To accomplish this, you can run an executable from the host
+environment within the network namespace of a container using **ip-netns
+magic**.
+
+The `ip-netns exec` command will let you execute any
+program (present in the host system) within any network namespace
+visible to the current process. This means that your host will be able
+to enter the network namespace of your containers, but your containers
+won't be able to access the host, nor their sibling containers.
+Containers will be able to “see” and affect their sub-containers,
+though.
+
+The exact format of the command is:
+
+    $ ip netns exec <nsname> <command...>
+
+For example:
+
+    $ ip netns exec mycontainer netstat -i
+
+`ip netns` finds the "mycontainer" container by
+using namespaces pseudo-files. Each process belongs to one network
+namespace, one PID namespace, one `mnt` namespace,
+etc., and those namespaces are materialized under
+`/proc/<pid>/ns/`. For example, the network
+namespace of PID 42 is materialized by the pseudo-file
+`/proc/42/ns/net`.
+
+When you run `ip netns exec mycontainer ...`, it
+expects `/var/run/netns/mycontainer` to be one of
+those pseudo-files. (Symlinks are accepted.)
+
+In other words, to execute a command within the network namespace of a
+container, we need to:
+
+- Find out the PID of any process within the container that we want to investigate;
+- Create a symlink from `/var/run/netns/<somename>` to `/proc/<thepid>/ns/net`
+- Execute `ip netns exec <somename> ....`
+
+Please review [*Enumerating Cgroups*](#enumerating-cgroups) to learn how to find
+the cgroup of a process running in the container of which you want to
+measure network usage. From there, you can examine the pseudo-file named
+`tasks`, which contains the PIDs that are in the
+control group (i.e., in the container). Pick any one of them.
+
+Putting everything together, if the "short ID" of a container is held in
+the environment variable `$CID`, then you can do this:
+
+    $ TASKS=/sys/fs/cgroup/devices/docker/$CID*/tasks
+    $ PID=$(head -n 1 $TASKS)
+    $ mkdir -p /var/run/netns
+    $ ln -sf /proc/$PID/ns/net /var/run/netns/$CID
+    $ ip netns exec $CID netstat -i
+
+## Tips for high-performance metric collection
+
+Note that running a new process each time you want to update metrics is
+(relatively) expensive. If you want to collect metrics at high
+resolutions, and/or over a large number of containers (think 1000
+containers on a single host), you do not want to fork a new process each
+time.
+
+Here is how to collect metrics from a single process. You will have to
+write your metric collector in C (or any language that lets you do
+low-level system calls). You need to use a special system call,
+`setns()`, which lets the current process enter any
+arbitrary namespace. It requires, however, an open file descriptor to
+the namespace pseudo-file (remember: that's the pseudo-file in
+`/proc/<pid>/ns/net`).
+
+However, there is a catch: you must not keep this file descriptor open.
+If you do, when the last process of the control group exits, the
+namespace will not be destroyed, and its network resources (like the
+virtual interface of the container) will stay around for ever (or until
+you close that file descriptor).
+
+The right approach would be to keep track of the first PID of each
+container, and re-open the namespace pseudo-file each time.
+
+## Collecting metrics when a container exits
+
+Sometimes, you do not care about real time metric collection, but when a
+container exits, you want to know how much CPU, memory, etc. it has
+used.
+
+Docker makes this difficult because it relies on `lxc-start`, which
+carefully cleans up after itself, but it is still possible. It is
+usually easier to collect metrics at regular intervals (e.g., every
+minute, with the collectd LXC plugin) and rely on that instead.
+
+But, if you'd still like to gather the stats when a container stops,
+here is how:
+
+For each container, start a collection process, and move it to the
+control groups that you want to monitor by writing its PID to the tasks
+file of the cgroup. The collection process should periodically re-read
+the tasks file to check if it's the last process of the control group.
+(If you also want to collect network statistics as explained in the
+previous section, you should also move the process to the appropriate
+network namespace.)
+
+When the container exits, `lxc-start` will try to
+delete the control groups. It will fail, since the control group is
+still in use; but that's fine. You process should now detect that it is
+the only one remaining in the group. Now is the right time to collect
+all the metrics you need!
+
+Finally, your process should move itself back to the root control group,
+and remove the container control group. To remove a control group, just
+`rmdir` its directory. It's counter-intuitive to
+`rmdir` a directory as it still contains files; but
+remember that this is a pseudo-filesystem, so usual rules don't apply.
+After the cleanup is done, the collection process can exit safely.
diff --git a/docs/admin/systemd.md b/docs/admin/systemd.md
new file mode 100644
index 00000000..ff1d5460
--- /dev/null
+++ b/docs/admin/systemd.md
@@ -0,0 +1,159 @@
+<!--[metadata]>
++++
+aliases = ["/engine/articles/systemd/"]
+title = "Control and configure Docker with systemd"
+description = "Controlling and configuring Docker using systemd"
+keywords = ["docker, daemon, systemd,  configuration"]
+[menu.main]
+parent = "engine_admin"
++++
+<![end-metadata]-->
+
+# Control and configure Docker with systemd
+
+Many Linux distributions use systemd to start the Docker daemon. This document
+shows a few examples of how to customize Docker's settings.
+
+## Starting the Docker daemon
+
+Once Docker is installed, you will need to start the Docker daemon.
+
+    $ sudo systemctl start docker
+    # or on older distributions, you may need to use
+    $ sudo service docker start
+
+If you want Docker to start at boot, you should also:
+
+    $ sudo systemctl enable docker
+    # or on older distributions, you may need to use
+    $ sudo chkconfig docker on
+
+## Custom Docker daemon options
+
+There are a number of ways to configure the daemon flags and environment variables
+for your Docker daemon.
+
+The recommended way is to use a systemd drop-in file. These are local files in
+the `/etc/systemd/system/docker.service.d` directory. This could also be
+`/etc/systemd/system/docker.service`, which also works for overriding the
+defaults from `/lib/systemd/system/docker.service`.
+
+However, if you had previously used a package which had an `EnvironmentFile`
+(often pointing to `/etc/sysconfig/docker`) then for backwards compatibility,
+you drop a file in the `/etc/systemd/system/docker.service.d`
+directory including the following:
+
+    [Service]
+    EnvironmentFile=-/etc/sysconfig/docker
+    EnvironmentFile=-/etc/sysconfig/docker-storage
+    EnvironmentFile=-/etc/sysconfig/docker-network
+    ExecStart=
+    ExecStart=/usr/bin/docker daemon -H fd:// $OPTIONS \
+              $DOCKER_STORAGE_OPTIONS \
+              $DOCKER_NETWORK_OPTIONS \
+              $BLOCK_REGISTRY \
+              $INSECURE_REGISTRY
+
+To check if the `docker.service` uses an `EnvironmentFile`:
+
+    $ systemctl show docker | grep EnvironmentFile
+    EnvironmentFile=-/etc/sysconfig/docker (ignore_errors=yes)
+
+Alternatively, find out where the service file is located:
+
+    $ systemctl show --property=FragmentPath docker
+    FragmentPath=/usr/lib/systemd/system/docker.service
+    $ grep EnvironmentFile /usr/lib/systemd/system/docker.service
+    EnvironmentFile=-/etc/sysconfig/docker
+
+You can customize the Docker daemon options using override files as explained in the
+[HTTP Proxy example](#http-proxy) below. The files located in `/usr/lib/systemd/system`
+or `/lib/systemd/system` contain the default options and should not be edited.
+
+### Runtime directory and storage driver
+
+You may want to control the disk space used for Docker images, containers
+and volumes by moving it to a separate partition.
+
+In this example, we'll assume that your `docker.service` file looks something like:
+
+    [Unit]
+    Description=Docker Application Container Engine
+    Documentation=https://docs.docker.com
+    After=network.target docker.socket
+    Requires=docker.socket
+
+    [Service]
+    Type=notify
+    ExecStart=/usr/bin/docker daemon -H fd://
+    LimitNOFILE=1048576
+    LimitNPROC=1048576
+    TasksMax=1048576
+
+    [Install]
+    Also=docker.socket
+
+This will allow us to add extra flags via a drop-in file (mentioned above) by
+placing a file containing the following in the `/etc/systemd/system/docker.service.d`
+directory:
+
+    [Service]
+    ExecStart=
+    ExecStart=/usr/bin/docker daemon -H fd:// --graph="/mnt/docker-data" --storage-driver=overlay
+
+You can also set other environment variables in this file, for example, the
+`HTTP_PROXY` environment variables described below.
+
+To modify the ExecStart configuration, specify an empty configuration followed
+by a new configuration as follows:
+
+    [Service]
+    ExecStart=
+    ExecStart=/usr/bin/docker daemon -H fd:// --bip=172.17.42.1/16
+
+If you fail to specify an empty configuration, Docker reports an error such as:
+
+    docker.service has more than one ExecStart= setting, which is only allowed for Type=oneshot services. Refusing.
+
+### HTTP proxy
+
+This example overrides the default `docker.service` file.
+
+If you are behind a HTTP proxy server, for example in corporate settings,
+you will need to add this configuration in the Docker systemd service file.
+
+First, create a systemd drop-in directory for the docker service:
+
+    mkdir /etc/systemd/system/docker.service.d
+
+Now create a file called `/etc/systemd/system/docker.service.d/http-proxy.conf`
+that adds the `HTTP_PROXY` environment variable:
+
+    [Service]
+    Environment="HTTP_PROXY=http://proxy.example.com:80/"
+
+If you have internal Docker registries that you need to contact without
+proxying you can specify them via the `NO_PROXY` environment variable:
+
+    Environment="HTTP_PROXY=http://proxy.example.com:80/" "NO_PROXY=localhost,127.0.0.1,docker-registry.somecorporation.com"
+
+Flush changes:
+
+    $ sudo systemctl daemon-reload
+
+Verify that the configuration has been loaded:
+
+    $ systemctl show --property=Environment docker
+    Environment=HTTP_PROXY=http://proxy.example.com:80/
+
+Restart Docker:
+
+    $ sudo systemctl restart docker
+
+## Manually creating the systemd unit files
+
+When installing the binary without a package, you may want
+to integrate Docker with systemd. For this, simply install the two unit files
+(service and socket) from [the github
+repository](https://github.com/docker/docker/tree/master/contrib/init/systemd)
+to `/etc/systemd/system`.
diff --git a/docs/admin/using_supervisord.md b/docs/admin/using_supervisord.md
new file mode 100644
index 00000000..f8a26250
--- /dev/null
+++ b/docs/admin/using_supervisord.md
@@ -0,0 +1,119 @@
+<!--[metadata]>
++++
+aliases = ["/engine/articles/using_supervisord/"]
+title = "Using Supervisor with Docker"
+description = "How to use Supervisor process management with Docker"
+keywords = ["docker, supervisor,  process management"]
+[menu.main]
+parent = "engine_admin"
++++
+<![end-metadata]-->
+
+# Using Supervisor with Docker
+
+> **Note**:
+> - **If you don't like sudo** then see [*Giving non-root
+>   access*](../installation/binaries.md#giving-non-root-access)
+
+Traditionally a Docker container runs a single process when it is
+launched, for example an Apache daemon or a SSH server daemon. Often
+though you want to run more than one process in a container. There are a
+number of ways you can achieve this ranging from using a simple Bash
+script as the value of your container's `CMD` instruction to installing
+a process management tool.
+
+In this example we're going to make use of the process management tool,
+[Supervisor](http://supervisord.org/), to manage multiple processes in
+our container. Using Supervisor allows us to better control, manage, and
+restart the processes we want to run. To demonstrate this we're going to
+install and manage both an SSH daemon and an Apache daemon.
+
+## Creating a Dockerfile
+
+Let's start by creating a basic `Dockerfile` for our
+new image.
+
+    FROM ubuntu:13.04
+    MAINTAINER examples@docker.com
+
+## Installing Supervisor
+
+We can now install our SSH and Apache daemons as well as Supervisor in
+our container.
+
+    RUN apt-get update && apt-get install -y openssh-server apache2 supervisor
+    RUN mkdir -p /var/lock/apache2 /var/run/apache2 /var/run/sshd /var/log/supervisor
+
+Here we're installing the `openssh-server`,
+`apache2` and `supervisor`
+(which provides the Supervisor daemon) packages. We're also creating four
+new directories that are needed to run our SSH daemon and Supervisor.
+
+## Adding Supervisor's configuration file
+
+Now let's add a configuration file for Supervisor. The default file is
+called `supervisord.conf` and is located in
+`/etc/supervisor/conf.d/`.
+
+    COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
+
+Let's see what is inside our `supervisord.conf`
+file.
+
+    [supervisord]
+    nodaemon=true
+
+    [program:sshd]
+    command=/usr/sbin/sshd -D
+
+    [program:apache2]
+    command=/bin/bash -c "source /etc/apache2/envvars && exec /usr/sbin/apache2 -DFOREGROUND"
+
+The `supervisord.conf` configuration file contains
+directives that configure Supervisor and the processes it manages. The
+first block `[supervisord]` provides configuration
+for Supervisor itself. We're using one directive, `nodaemon`
+which tells Supervisor to run interactively rather than
+daemonize.
+
+The next two blocks manage the services we wish to control. Each block
+controls a separate process. The blocks contain a single directive,
+`command`, which specifies what command to run to
+start each process.
+
+## Exposing ports and running Supervisor
+
+Now let's finish our `Dockerfile` by exposing some
+required ports and specifying the `CMD` instruction
+to start Supervisor when our container launches.
+
+    EXPOSE 22 80
+    CMD ["/usr/bin/supervisord"]
+
+Here We've exposed ports 22 and 80 on the container and we're running
+the `/usr/bin/supervisord` binary when the container
+launches.
+
+## Building our image
+
+We can now build our new image.
+
+    $ docker build -t <yourname>/supervisord .
+
+## Running our Supervisor container
+
+Once We've got a built image we can launch a container from it.
+
+    $ docker run -p 22 -p 80 -t -i <yourname>/supervisord
+    2013-11-25 18:53:22,312 CRIT Supervisor running as root (no user in config file)
+    2013-11-25 18:53:22,312 WARN Included extra file "/etc/supervisor/conf.d/supervisord.conf" during parsing
+    2013-11-25 18:53:22,342 INFO supervisord started with pid 1
+    2013-11-25 18:53:23,346 INFO spawned: 'sshd' with pid 6
+    2013-11-25 18:53:23,349 INFO spawned: 'apache2' with pid 7
+    . . .
+
+We've launched a new container interactively using the `docker run` command.
+That container has run Supervisor and launched the SSH and Apache daemons with
+it. We've specified the `-p` flag to expose ports 22 and 80. From here we can
+now identify the exposed ports and connect to one or both of the SSH and Apache
+daemons.
diff --git a/docs/article-img/architecture.svg b/docs/article-img/architecture.svg
new file mode 100644
index 00000000..afe563ae
--- /dev/null
+++ b/docs/article-img/architecture.svg
@@ -0,0 +1,2597 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:xlink="http://www.w3.org/1999/xlink"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   version="1.1"
+   viewBox="0 0 756.39868 395.51889"
+   width="756.39868pt"
+   height="395.51889pt"
+   id="svg12514"
+   inkscape:version="0.91 r13725"
+   sodipodi:docname="architecture.svg">
+  <sodipodi:namedview
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1"
+     objecttolerance="10"
+     gridtolerance="10"
+     guidetolerance="10"
+     inkscape:pageopacity="0"
+     inkscape:pageshadow="2"
+     inkscape:window-width="1928"
+     inkscape:window-height="1038"
+     id="namedview12622"
+     showgrid="false"
+     showguides="true"
+     inkscape:guide-bbox="true"
+     inkscape:snap-global="false"
+     inkscape:zoom="1"
+     inkscape:cx="321.34217"
+     inkscape:cy="385.06379"
+     inkscape:window-x="4"
+     inkscape:window-y="0"
+     inkscape:window-maximized="0"
+     inkscape:current-layer="layer5"
+     fit-margin-top="0"
+     fit-margin-left="0"
+     fit-margin-right="0"
+     fit-margin-bottom="0" />
+  <metadata
+     id="metadata12516">
+    <dc:date>2014-04-15 00:37Z</dc:date>
+    <!-- Produced by OmniGraffle Professional 5.4.4 -->
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+        <dc:title></dc:title>
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <defs
+     id="defs12518">
+    <marker
+       inkscape:isstock="true"
+       style="overflow:visible"
+       id="marker20462"
+       refX="0"
+       refY="0"
+       orient="auto"
+       inkscape:stockid="Arrow2Lend">
+      <path
+         transform="matrix(-1.1,0,0,-1.1,-1.1,0)"
+         d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
+         style="fill:#000000;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:0.625;stroke-linejoin:round;stroke-opacity:1"
+         id="path20464"
+         inkscape:connector-curvature="0" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="Arrow2Lend"
+       style="overflow:visible"
+       inkscape:isstock="true">
+      <path
+         id="path5368"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round"
+         d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
+         transform="matrix(-1.1,0,0,-1.1,-1.1,0)"
+         inkscape:connector-curvature="0" />
+    </marker>
+    <marker
+       inkscape:isstock="true"
+       style="overflow:visible"
+       id="marker16247"
+       refX="0"
+       refY="0"
+       orient="auto"
+       inkscape:stockid="Arrow2Lend">
+      <path
+         transform="matrix(-1.1,0,0,-1.1,-1.1,0)"
+         d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
+         style="fill:#000000;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:0.625;stroke-linejoin:round;stroke-opacity:1"
+         id="path16249"
+         inkscape:connector-curvature="0" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="marker16171"
+       style="overflow:visible"
+       inkscape:isstock="true">
+      <path
+         id="path16173"
+         style="fill:#000000;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:0.625;stroke-linejoin:round;stroke-opacity:1"
+         d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
+         transform="matrix(-1.1,0,0,-1.1,-1.1,0)"
+         inkscape:connector-curvature="0" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="marker16101"
+       style="overflow:visible"
+       inkscape:isstock="true"
+       inkscape:collect="always">
+      <path
+         id="path16103"
+         style="fill:#000000;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:0.625;stroke-linejoin:round;stroke-opacity:1"
+         d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
+         transform="matrix(-1.1,0,0,-1.1,-1.1,0)"
+         inkscape:connector-curvature="0" />
+    </marker>
+    <font-face
+       font-family="Helvetica"
+       font-size="18"
+       units-per-em="1000"
+       underline-position="-75.683594"
+       underline-thickness="49.316406"
+       slope="0"
+       x-height="532.22656"
+       cap-height="719.72656"
+       ascent="770.01953"
+       descent="-229.98047"
+       font-weight="bold"
+       id="font-face12520"
+       stemv="0"
+       stemh="0"
+       accent-height="0"
+       ideographic="0"
+       alphabetic="0"
+       mathematical="0"
+       hanging="0"
+       v-ideographic="0"
+       v-alphabetic="0"
+       v-mathematical="0"
+       v-hanging="0"
+       strikethrough-position="0"
+       strikethrough-thickness="0"
+       overline-position="0"
+       overline-thickness="0">
+      <font-face-src>
+        <font-face-name
+           name="Helvetica-Bold" />
+      </font-face-src>
+    </font-face>
+    <font-face
+       font-family="Helvetica"
+       font-size="12"
+       panose-1="2 11 4 3 2 2 2 2 2 4"
+       units-per-em="1000"
+       underline-position="-75"
+       underline-thickness="50"
+       slope="0"
+       x-height="524"
+       cap-height="718"
+       ascent="770.00427"
+       descent="-229.99573"
+       font-weight="300"
+       id="font-face12522"
+       stemv="0"
+       stemh="0"
+       accent-height="0"
+       ideographic="0"
+       alphabetic="0"
+       mathematical="0"
+       hanging="0"
+       v-ideographic="0"
+       v-alphabetic="0"
+       v-mathematical="0"
+       v-hanging="0"
+       strikethrough-position="0"
+       strikethrough-thickness="0"
+       overline-position="0"
+       overline-thickness="0">
+      <font-face-src>
+        <font-face-name
+           name="Helvetica-Light" />
+      </font-face-src>
+    </font-face>
+    <font-face
+       font-family="Source Sans Pro"
+       font-size="13"
+       panose-1="2 11 6 3 3 4 3 2 2 4"
+       units-per-em="1000"
+       underline-position="-136"
+       underline-thickness="94.00001"
+       slope="0"
+       x-height="504.00003"
+       cap-height="667.00006"
+       ascent="984.002"
+       descent="-273.00058"
+       font-weight="bold"
+       id="font-face12524"
+       stemv="0"
+       stemh="0"
+       accent-height="0"
+       ideographic="0"
+       alphabetic="0"
+       mathematical="0"
+       hanging="0"
+       v-ideographic="0"
+       v-alphabetic="0"
+       v-mathematical="0"
+       v-hanging="0"
+       strikethrough-position="0"
+       strikethrough-thickness="0"
+       overline-position="0"
+       overline-thickness="0">
+      <font-face-src>
+        <font-face-name
+           name="SourceSansPro-Semibold" />
+      </font-face-src>
+    </font-face>
+    <marker
+       orient="auto"
+       overflow="visible"
+       markerUnits="strokeWidth"
+       id="FilledArrow_Marker"
+       viewBox="-1 -3 7 6"
+       markerWidth="7"
+       markerHeight="6"
+       style="color:#000000;overflow:visible">
+      <g
+         id="g12527">
+        <path
+           d="M 4.8000002,0 0,-1.8000001 0,1.8000001 Z"
+           id="path12529"
+           inkscape:connector-curvature="0"
+           style="fill:currentColor;stroke:currentColor;stroke-width:1" />
+      </g>
+    </marker>
+    <marker
+       orient="auto"
+       overflow="visible"
+       markerUnits="strokeWidth"
+       id="FilledArrow_Marker_2"
+       viewBox="-6 -3 7 6"
+       markerWidth="7"
+       markerHeight="6"
+       style="color:#000000;overflow:visible">
+      <g
+         id="g12532">
+        <path
+           d="M -4.8000002,0 0,1.8000001 0,-1.8000001 Z"
+           id="path12534"
+           inkscape:connector-curvature="0"
+           style="fill:currentColor;stroke:currentColor;stroke-width:1" />
+      </g>
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="marker8148"
+       style="overflow:visible"
+       inkscape:isstock="true">
+      <path
+         inkscape:connector-curvature="0"
+         id="path8150"
+         style="fill:#000000;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:0.625;stroke-linejoin:round;stroke-opacity:1"
+         d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
+         transform="matrix(-1.1,0,0,-1.1,-1.1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="marker6352"
+       style="overflow:visible"
+       inkscape:isstock="true">
+      <path
+         inkscape:connector-curvature="0"
+         id="path6354"
+         style="fill:#000000;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:0.625;stroke-linejoin:round;stroke-opacity:1"
+         d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
+         transform="matrix(-1.1,0,0,-1.1,-1.1,0)" />
+    </marker>
+    <inkscape:perspective
+       id="perspective4302"
+       inkscape:persp3d-origin="177.16534 : 22.440946 : 1"
+       inkscape:vp_z="354.33069 : 33.661419 : 1"
+       inkscape:vp_y="0 : 1000 : 0"
+       inkscape:vp_x="0 : 33.661419 : 1"
+       sodipodi:type="inkscape:persp3d" />
+    <clipPath
+       id="clipPath4429"
+       clipPathUnits="userSpaceOnUse">
+      <g
+         id="g4431"
+         transform="matrix(0.9947658,0,0,1,1.7860989,0)">
+        <path
+           id="path4433"
+           d="M 322.54143,2800.9375 L 318.10638,2806.6673 L 313.67143,2800.9375 L 313.67143,2757.7946 L 294.73171,2757.7946 L 318.10638,2732.2579 L 341.23763,2757.7946 L 322.54143,2757.7946 L 322.54143,2800.9375 z"
+           style="fill:#eea623;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:30;stroke-linecap:round;stroke-linejoin:round;marker:none;marker-start:none;marker-mid:none;marker-end:none;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible"
+           sodipodi:nodetypes="ccccccccc" />
+      </g>
+    </clipPath>
+  </defs>
+  <g
+     inkscape:groupmode="layer"
+     id="layer5"
+     inkscape:label="mac"
+     transform="translate(-73.287812,21.708751)">
+    <flowRoot
+       xml:space="preserve"
+       id="flowRoot16329"
+       style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:40px;line-height:125%;font-family:Monaco;-inkscape-font-specification:Monaco;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       transform="scale(0.8,0.8)"><flowRegion
+         id="flowRegion16331" /><flowPara
+         id="flowPara16335"></flowPara></flowRoot>    <flowRoot
+       xml:space="preserve"
+       id="flowRoot16337"
+       style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:40px;line-height:125%;font-family:Monaco;-inkscape-font-specification:Monaco;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       transform="scale(0.8,0.8)"><flowRegion
+         id="flowRegion16339"><rect
+           id="rect16341"
+           width="260"
+           height="135"
+           x="-586"
+           y="51.75"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco" /></flowRegion><flowPara
+         id="flowPara16343"></flowPara></flowRoot>    <rect
+       ry="0"
+       rx="0"
+       y="9.0645523"
+       x="276.25946"
+       height="363.91373"
+       width="327.51764"
+       id="rect4394"
+       style="display:inline;opacity:1;fill:#ade5f9;fill-opacity:1;stroke:#005976;stroke-width:1.66371417;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+    <g
+       id="g18942"
+       transform="translate(654.52608,-84.68013)">
+      <rect
+         style="opacity:1;fill:#fcfcfc;fill-opacity:1;stroke:#005976;stroke-width:1.87672079;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         id="rect4345"
+         width="109.46352"
+         height="24.437973"
+         x="-378.16013"
+         y="80.70974"
+         ry="6.3192472"
+         rx="6.3192477" />
+      <g
+         id="flowRoot4337"
+         style="font-style:normal;font-weight:normal;font-size:40px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+         transform="matrix(0.3883991,0,0,0.37995118,-446.94762,70.615007)">
+        <path
+           id="path7740"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           d="m 187.88477,72.829407 0,-30.3125 7.1875,0 q 4.96093,0 7.36328,1.738282 2.42187,1.71875 3.63281,5.214843 1.21094,3.496094 1.21094,8.28125 0,4.53125 -1.28907,7.96875 -1.26953,3.417969 -3.61328,5.273438 -2.34375,1.835937 -7.30468,1.835937 l -7.1875,0 z m 3.94531,-3.339843 2.63672,0 q 4.0039,0 5.70312,-1.425782 1.71875,-1.425781 2.44141,-3.945312 0.74219,-2.539063 0.74219,-6.992188 0,-4.355468 -0.85938,-6.699218 -0.85937,-2.34375 -2.46094,-3.59375 -1.60156,-1.269532 -5.2539,-1.269532 l -2.94922,0 0,23.925782 z"
+           inkscape:connector-curvature="0" />
+        <path
+           id="path7742"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           d="m 220.91211,73.747376 q -5.15625,0 -7.89063,-4.335937 -2.71484,-4.355469 -2.71484,-11.738282 0,-7.363281 2.71484,-11.699218 2.73438,-4.355469 7.89063,-4.355469 5.17578,0 7.89062,4.355469 2.71485,4.335937 2.71485,11.699218 0,7.382813 -2.71485,11.738282 -2.71484,4.335937 -7.89062,4.335937 z m 0,-3.046875 q 2.85156,0 4.74609,-3.222656 1.91407,-3.242188 1.91407,-9.804688 0,-6.5625 -1.91407,-9.785156 -1.89453,-3.242187 -4.74609,-3.242187 -2.85156,0 -4.76563,3.242187 -1.89453,3.222656 -1.89453,9.785156 0,6.5625 1.89453,9.804688 1.91407,3.222656 4.76563,3.222656 z"
+           inkscape:connector-curvature="0" />
+        <path
+           id="path7744"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           d="m 254.23242,72.477845 q -3.39844,1.269531 -6.09375,1.269531 -3.55469,0 -6.54297,-1.894531 -2.98828,-1.914063 -4.64843,-5.664063 -1.66016,-3.769531 -1.66016,-8.515625 0,-4.707031 1.64062,-8.457031 1.64063,-3.75 4.62891,-5.683594 2.98828,-1.933593 6.58203,-1.933593 2.69531,0 6.09375,1.269531 l 0,3.59375 q -3.14453,-1.816406 -6.25,-1.816406 -2.34375,0 -4.29687,1.601562 -1.9336,1.601563 -3.125,4.707031 -1.19141,3.085938 -1.19141,6.71875 0,3.691407 1.23047,6.816407 1.23047,3.125 3.14453,4.6875 1.91406,1.542968 4.23828,1.542968 3.08594,0 6.25,-1.816406 l 0,3.574219 z"
+           inkscape:connector-curvature="0" />
+        <path
+           id="path7746"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           d="m 260.0332,72.829407 0,-30.3125 3.94532,0 0,14.863282 11.26953,-14.863282 4.17968,0 -10.8789,14.394532 12.40234,15.917968 -4.9414,0 -12.03125,-15.449218 0,15.449218 -3.94532,0 z"
+           inkscape:connector-curvature="0" />
+        <path
+           id="path7748"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           d="m 301.2832,69.489564 0,3.339843 -16.36718,0 0,-30.3125 16.05468,0 0,3.046875 -12.10937,0 0,10.292969 10.89844,0 0,3.027344 -10.89844,0 0,10.605469 12.42187,0 z"
+           inkscape:connector-curvature="0" />
+        <path
+           id="path7750"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           d="m 311.86914,59.958314 0,12.871093 -3.94531,0 0,-30.3125 8.10547,0 q 3.96484,0 5.83984,0.820313 1.875,0.800781 2.89063,2.441406 1.03515,1.640625 1.03515,3.535156 0,1.757813 -0.68359,3.535157 -0.6836,1.777343 -1.89453,3.183593 -1.19141,1.386719 -3.45703,2.636719 l 8.76953,14.160156 -4.6875,0 -8.02735,-12.871093 -3.94531,0 z m 0,-3.046875 5.52734,0 q 1.85547,-1.015625 2.75391,-2.070313 0.91797,-1.054687 1.38672,-2.246094 0.46875,-1.191406 0.46875,-2.382812 0,-2.128906 -1.5625,-3.378906 -1.54297,-1.269532 -5.625,-1.269532 l -2.94922,0 0,11.347657 z"
+           inkscape:connector-curvature="0" />
+        <path
+           id="path7752"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           d="m 330.38477,75.856751 0,-3.027344 21.21093,0 0,3.027344 -21.21093,0 z"
+           inkscape:connector-curvature="0" />
+        <path
+           id="path7754"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           d="m 355.52148,72.829407 0,-30.3125 3.94532,0 0,13.046875 11.21093,0 0,-13.046875 3.92579,0 0,30.3125 -3.92579,0 0,-14.238281 -11.21093,0 0,14.238281 -3.94532,0 z"
+           inkscape:connector-curvature="0" />
+        <path
+           id="path7756"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           d="m 389.03711,73.747376 q -5.15625,0 -7.89063,-4.335937 -2.71484,-4.355469 -2.71484,-11.738282 0,-7.363281 2.71484,-11.699218 2.73438,-4.355469 7.89063,-4.355469 5.17578,0 7.89062,4.355469 2.71485,4.335937 2.71485,11.699218 0,7.382813 -2.71485,11.738282 -2.71484,4.335937 -7.89062,4.335937 z m 0,-3.046875 q 2.85156,0 4.74609,-3.222656 1.91407,-3.242188 1.91407,-9.804688 0,-6.5625 -1.91407,-9.785156 -1.89453,-3.242187 -4.74609,-3.242187 -2.85156,0 -4.76563,3.242187 -1.89453,3.222656 -1.89453,9.785156 0,6.5625 1.89453,9.804688 1.91407,3.222656 4.76563,3.222656 z"
+           inkscape:connector-curvature="0" />
+        <path
+           id="path7758"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           d="m 404.17383,72.184876 0,-3.710937 q 4.6875,2.226562 8.51562,2.226562 1.60157,0 3.06641,-0.605469 1.46484,-0.625 2.20703,-1.777343 0.76172,-1.152344 0.76172,-2.5 0,-1.582032 -1.03516,-2.949219 -1.03515,-1.386719 -3.88672,-3.046875 l -1.99218,-1.152344 -2.01172,-1.152344 q -5.3125,-3.144531 -5.3125,-7.8125 0,-3.417968 2.36328,-5.742187 2.38281,-2.34375 7.42187,-2.34375 3.24219,0 6.26954,0.9375 l 0,3.378906 q -3.33985,-1.289062 -6.50391,-1.289062 -2.51953,0 -4.08203,1.328125 -1.54297,1.328125 -1.54297,3.203125 0,1.855468 1.19141,3.085937 1.1914,1.230469 3.04687,2.265625 l 1.52344,0.917969 1.89453,1.152344 1.60156,0.9375 q 4.98047,3.046875 4.98047,7.65625 0,3.515625 -2.55859,6.035156 -2.5586,2.519531 -8.20313,2.519531 -1.79687,0 -3.4375,-0.3125 -1.62109,-0.292969 -4.27734,-1.25 z"
+           inkscape:connector-curvature="0" />
+        <path
+           id="path7760"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           d="m 435.11133,72.829407 0,-26.972656 -9.08203,0 0,-3.339844 22.1289,0 0,3.339844 -9.10156,0 0,26.972656 -3.94531,0 z"
+           inkscape:connector-curvature="0" />
+      </g>
+    </g>
+    <rect
+       style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#005976;stroke-width:1.66371417;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       id="rect15559-9"
+       width="121.27443"
+       height="178.65872"
+       x="463.27411"
+       y="101.135"
+       rx="0"
+       ry="0" />
+    <rect
+       style="opacity:1;fill:#fcfcfc;fill-opacity:1;stroke:#005976;stroke-width:1.87672079;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       id="rect15561-8"
+       width="66.263512"
+       height="24.437988"
+       x="463.38062"
+       y="88.100029"
+       ry="6.3192472"
+       rx="6.3192477" />
+    <g
+       transform="translate(885.1556,-110.61633)"
+       style="font-style:normal;font-weight:normal;font-size:32px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       id="flowRoot16093-5">
+      <path
+         d="m -413.08839,205.13537 0,11.424 1.52,0 0,-11.424 -1.52,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23126" />
+      <path
+         d="m -409.22014,208.28737 0,8.272 1.36,0 0,-5.152 q 0,-0.24 0.112,-0.592 0.128,-0.368 0.384,-0.704 0.272,-0.336 0.688,-0.576 0.432,-0.24 1.024,-0.24 0.464,0 0.752,0.144 0.304,0.128 0.48,0.384 0.176,0.24 0.24,0.576 0.08,0.336 0.08,0.736 l 0,5.424 1.36,0 0,-5.152 q 0,-0.96 0.576,-1.536 0.576,-0.576 1.584,-0.576 0.496,0 0.8,0.144 0.32,0.144 0.496,0.4 0.176,0.24 0.24,0.576 0.064,0.336 0.064,0.72 l 0,5.424 1.36,0 0,-6.064 q 0,-0.64 -0.208,-1.088 -0.192,-0.464 -0.56,-0.752 -0.352,-0.288 -0.864,-0.416 -0.496,-0.144 -1.12,-0.144 -0.816,0 -1.504,0.368 -0.672,0.368 -1.088,1.04 -0.256,-0.768 -0.88,-1.088 -0.624,-0.32 -1.392,-0.32 -1.744,0 -2.672,1.408 l -0.032,0 0,-1.216 -1.28,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23128" />
+      <path
+         d="m -388.23589,216.52737 q -0.352,0.208 -0.976,0.208 -0.528,0 -0.848,-0.288 -0.304,-0.304 -0.304,-0.976 -0.56,0.672 -1.312,0.976 -0.736,0.288 -1.6,0.288 -0.56,0 -1.072,-0.128 -0.496,-0.128 -0.864,-0.4 -0.368,-0.272 -0.592,-0.704 -0.208,-0.448 -0.208,-1.072 0,-0.704 0.24,-1.152 0.24,-0.448 0.624,-0.72 0.4,-0.288 0.896,-0.432 0.512,-0.144 1.04,-0.24 0.56,-0.112 1.056,-0.16 0.512,-0.064 0.896,-0.16 0.384,-0.112 0.608,-0.304 0.224,-0.208 0.224,-0.592 0,-0.448 -0.176,-0.72 -0.16,-0.272 -0.432,-0.416 -0.256,-0.144 -0.592,-0.192 -0.32,-0.048 -0.64,-0.048 -0.864,0 -1.44,0.336 -0.576,0.32 -0.624,1.232 l -1.36,0 q 0.032,-0.768 0.32,-1.296 0.288,-0.528 0.768,-0.848 0.48,-0.336 1.088,-0.48 0.624,-0.144 1.328,-0.144 0.56,0 1.104,0.08 0.56,0.08 1.008,0.336 0.448,0.24 0.72,0.688 0.272,0.448 0.272,1.168 l 0,4.256 q 0,0.48 0.048,0.704 0.064,0.224 0.384,0.224 0.176,0 0.416,-0.08 l 0,1.056 z m -2.208,-4.24 q -0.256,0.192 -0.672,0.288 -0.416,0.08 -0.88,0.144 -0.448,0.048 -0.912,0.128 -0.464,0.064 -0.832,0.224 -0.368,0.16 -0.608,0.464 -0.224,0.288 -0.224,0.8 0,0.336 0.128,0.576 0.144,0.224 0.352,0.368 0.224,0.144 0.512,0.208 0.288,0.064 0.608,0.064 0.672,0 1.152,-0.176 0.48,-0.192 0.784,-0.464 0.304,-0.288 0.448,-0.608 0.144,-0.336 0.144,-0.624 l 0,-1.392 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23130" />
+      <path
+         d="m -379.83414,215.85537 0,-7.568 -1.28,0 0,1.184 -0.016,0 q -0.368,-0.688 -1.024,-1.024 -0.656,-0.352 -1.44,-0.352 -1.072,0 -1.808,0.416 -0.736,0.4 -1.184,1.04 -0.448,0.624 -0.64,1.408 -0.192,0.768 -0.192,1.504 0,0.848 0.224,1.616 0.24,0.752 0.704,1.328 0.464,0.56 1.152,0.896 0.688,0.336 1.616,0.336 0.8,0 1.504,-0.352 0.72,-0.368 1.072,-1.136 l 0.032,0 0,0.544 q 0,0.688 -0.144,1.264 -0.128,0.576 -0.432,0.976 -0.304,0.416 -0.768,0.64 -0.464,0.24 -1.136,0.24 -0.336,0 -0.704,-0.08 -0.368,-0.064 -0.688,-0.224 -0.304,-0.16 -0.528,-0.416 -0.208,-0.256 -0.224,-0.624 l -1.36,0 q 0.032,0.672 0.352,1.136 0.32,0.464 0.8,0.752 0.496,0.288 1.088,0.416 0.608,0.128 1.184,0.128 1.984,0 2.912,-1.008 0.928,-1.008 0.928,-3.04 z m -3.808,-0.4 q -0.672,0 -1.12,-0.272 -0.448,-0.288 -0.72,-0.736 -0.272,-0.464 -0.384,-1.024 -0.112,-0.56 -0.112,-1.12 0,-0.592 0.128,-1.136 0.144,-0.544 0.432,-0.96 0.304,-0.416 0.768,-0.656 0.464,-0.256 1.12,-0.256 0.64,0 1.088,0.256 0.448,0.256 0.72,0.688 0.288,0.416 0.416,0.944 0.128,0.528 0.128,1.072 0,0.576 -0.144,1.152 -0.128,0.576 -0.416,1.04 -0.288,0.448 -0.768,0.736 -0.464,0.272 -1.136,0.272 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23132" />
+      <path
+         d="m -372.06989,211.63137 -4.752,0 q 0.032,-0.48 0.208,-0.896 0.176,-0.432 0.48,-0.752 0.304,-0.32 0.72,-0.496 0.432,-0.192 0.96,-0.192 0.512,0 0.928,0.192 0.432,0.176 0.736,0.496 0.32,0.304 0.496,0.736 0.192,0.432 0.224,0.912 z m 1.312,2.304 -1.344,0 q -0.176,0.816 -0.736,1.216 -0.544,0.4 -1.408,0.4 -0.672,0 -1.168,-0.224 -0.496,-0.224 -0.816,-0.592 -0.32,-0.384 -0.464,-0.864 -0.144,-0.496 -0.128,-1.04 l 6.192,0 q 0.032,-0.752 -0.144,-1.584 -0.16,-0.832 -0.608,-1.536 -0.432,-0.704 -1.168,-1.152 -0.72,-0.464 -1.824,-0.464 -0.848,0 -1.568,0.32 -0.704,0.32 -1.232,0.896 -0.512,0.576 -0.8,1.36 -0.288,0.784 -0.288,1.728 0.032,0.944 0.272,1.744 0.256,0.8 0.752,1.376 0.496,0.576 1.216,0.896 0.736,0.32 1.728,0.32 1.408,0 2.336,-0.704 0.928,-0.704 1.2,-2.096 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23134" />
+      <path
+         d="m -368.38814,213.95137 -1.36,0 q 0.032,0.768 0.32,1.312 0.288,0.528 0.768,0.864 0.48,0.32 1.104,0.464 0.624,0.144 1.312,0.144 0.624,0 1.248,-0.128 0.64,-0.112 1.136,-0.416 0.512,-0.304 0.816,-0.8 0.32,-0.496 0.32,-1.248 0,-0.592 -0.24,-0.992 -0.224,-0.4 -0.608,-0.656 -0.368,-0.272 -0.864,-0.432 -0.48,-0.16 -0.992,-0.272 -0.48,-0.112 -0.96,-0.208 -0.48,-0.112 -0.864,-0.256 -0.384,-0.16 -0.64,-0.384 -0.24,-0.24 -0.24,-0.592 0,-0.32 0.16,-0.512 0.16,-0.208 0.416,-0.32 0.256,-0.128 0.56,-0.176 0.32,-0.048 0.624,-0.048 0.336,0 0.656,0.08 0.336,0.064 0.608,0.224 0.272,0.16 0.448,0.432 0.176,0.256 0.208,0.656 l 1.36,0 q -0.048,-0.752 -0.32,-1.248 -0.272,-0.512 -0.736,-0.8 -0.448,-0.304 -1.04,-0.416 -0.592,-0.128 -1.296,-0.128 -0.544,0 -1.104,0.144 -0.544,0.128 -0.992,0.416 -0.432,0.272 -0.72,0.72 -0.272,0.448 -0.272,1.072 0,0.8 0.4,1.248 0.4,0.448 0.992,0.704 0.608,0.24 1.312,0.384 0.704,0.128 1.296,0.304 0.608,0.16 1.008,0.432 0.4,0.272 0.4,0.8 0,0.384 -0.192,0.64 -0.192,0.24 -0.496,0.368 -0.288,0.128 -0.64,0.176 -0.352,0.048 -0.672,0.048 -0.416,0 -0.816,-0.08 -0.384,-0.08 -0.704,-0.256 -0.304,-0.192 -0.496,-0.496 -0.192,-0.32 -0.208,-0.768 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23136" />
+    </g>
+    <rect
+       ry="0"
+       rx="0"
+       y="101.135"
+       x="295.48798"
+       height="244.25873"
+       width="124.47442"
+       id="rect16947"
+       style="display:inline;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#005976;stroke-width:1.66371417;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+    <rect
+       rx="6.3192477"
+       ry="6.3192472"
+       y="88.100029"
+       x="295.59448"
+       height="24.437988"
+       width="90.263519"
+       id="rect16949"
+       style="opacity:1;fill:#fcfcfc;fill-opacity:1;stroke:#005976;stroke-width:1.87672079;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+    <g
+       transform="translate(717.3695,-110.61634)"
+       style="font-style:normal;font-weight:normal;font-size:32px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       id="flowRoot16951">
+      <path
+         d="m -405.12039,208.57537 1.52,0 q -0.128,-0.912 -0.544,-1.6 -0.416,-0.704 -1.04,-1.168 -0.624,-0.464 -1.424,-0.704 -0.8,-0.24 -1.696,-0.24 -1.312,0 -2.336,0.48 -1.008,0.464 -1.696,1.28 -0.672,0.816 -1.024,1.92 -0.352,1.088 -0.352,2.336 0,1.248 0.32,2.336 0.336,1.088 0.992,1.888 0.656,0.8 1.648,1.264 0.992,0.448 2.32,0.448 2.192,0 3.456,-1.2 1.264,-1.2 1.488,-3.36 l -1.52,0 q -0.048,0.704 -0.288,1.312 -0.24,0.608 -0.672,1.056 -0.416,0.432 -1.008,0.688 -0.576,0.24 -1.328,0.24 -1.024,0 -1.76,-0.384 -0.736,-0.384 -1.216,-1.024 -0.464,-0.656 -0.688,-1.52 -0.224,-0.88 -0.224,-1.856 0,-0.896 0.224,-1.728 0.224,-0.832 0.688,-1.472 0.48,-0.656 1.2,-1.04 0.736,-0.384 1.76,-0.384 1.2,0 2.064,0.608 0.88,0.608 1.136,1.824 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23139" />
+      <path
+         d="m -400.82189,212.43137 q 0,-0.752 0.192,-1.328 0.208,-0.592 0.56,-0.992 0.352,-0.4 0.816,-0.608 0.48,-0.208 1.008,-0.208 0.528,0 0.992,0.208 0.48,0.208 0.832,0.608 0.352,0.4 0.544,0.992 0.208,0.576 0.208,1.328 0,0.752 -0.208,1.344 -0.192,0.576 -0.544,0.976 -0.352,0.384 -0.832,0.592 -0.464,0.208 -0.992,0.208 -0.528,0 -1.008,-0.208 -0.464,-0.208 -0.816,-0.592 -0.352,-0.4 -0.56,-0.976 -0.192,-0.592 -0.192,-1.344 z m -1.44,0 q 0,0.912 0.256,1.696 0.256,0.784 0.768,1.376 0.512,0.576 1.264,0.912 0.752,0.32 1.728,0.32 0.992,0 1.728,-0.32 0.752,-0.336 1.264,-0.912 0.512,-0.592 0.768,-1.376 0.256,-0.784 0.256,-1.696 0,-0.912 -0.256,-1.696 -0.256,-0.8 -0.768,-1.376 -0.512,-0.592 -1.264,-0.928 -0.736,-0.336 -1.728,-0.336 -0.976,0 -1.728,0.336 -0.752,0.336 -1.264,0.928 -0.512,0.576 -0.768,1.376 -0.256,0.784 -0.256,1.696 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23141" />
+      <path
+         d="m -392.65764,208.28737 0,8.272 1.36,0 0,-4.672 q 0,-0.56 0.144,-1.024 0.16,-0.48 0.464,-0.832 0.304,-0.352 0.752,-0.544 0.464,-0.192 1.088,-0.192 0.784,0 1.232,0.448 0.448,0.448 0.448,1.216 l 0,5.6 1.36,0 0,-5.44 q 0,-0.672 -0.144,-1.216 -0.128,-0.56 -0.464,-0.96 -0.336,-0.4 -0.88,-0.624 -0.544,-0.224 -1.36,-0.224 -1.84,0 -2.688,1.504 l -0.032,0 0,-1.312 -1.28,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23143" />
+      <path
+         d="m -381.86339,208.28737 0,-2.48 -1.36,0 0,2.48 -1.408,0 0,1.2 1.408,0 0,5.264 q 0,0.576 0.112,0.928 0.112,0.352 0.336,0.544 0.24,0.192 0.608,0.272 0.384,0.064 0.912,0.064 l 1.04,0 0,-1.2 -0.624,0 q -0.32,0 -0.528,-0.016 -0.192,-0.032 -0.304,-0.112 -0.112,-0.08 -0.16,-0.224 -0.032,-0.144 -0.032,-0.384 l 0,-5.136 1.648,0 0,-1.2 -1.648,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23145" />
+      <path
+         d="m -371.36089,216.52737 q -0.352,0.208 -0.976,0.208 -0.528,0 -0.848,-0.288 -0.304,-0.304 -0.304,-0.976 -0.56,0.672 -1.312,0.976 -0.736,0.288 -1.6,0.288 -0.56,0 -1.072,-0.128 -0.496,-0.128 -0.864,-0.4 -0.368,-0.272 -0.592,-0.704 -0.208,-0.448 -0.208,-1.072 0,-0.704 0.24,-1.152 0.24,-0.448 0.624,-0.72 0.4,-0.288 0.896,-0.432 0.512,-0.144 1.04,-0.24 0.56,-0.112 1.056,-0.16 0.512,-0.064 0.896,-0.16 0.384,-0.112 0.608,-0.304 0.224,-0.208 0.224,-0.592 0,-0.448 -0.176,-0.72 -0.16,-0.272 -0.432,-0.416 -0.256,-0.144 -0.592,-0.192 -0.32,-0.048 -0.64,-0.048 -0.864,0 -1.44,0.336 -0.576,0.32 -0.624,1.232 l -1.36,0 q 0.032,-0.768 0.32,-1.296 0.288,-0.528 0.768,-0.848 0.48,-0.336 1.088,-0.48 0.624,-0.144 1.328,-0.144 0.56,0 1.104,0.08 0.56,0.08 1.008,0.336 0.448,0.24 0.72,0.688 0.272,0.448 0.272,1.168 l 0,4.256 q 0,0.48 0.048,0.704 0.064,0.224 0.384,0.224 0.176,0 0.416,-0.08 l 0,1.056 z m -2.208,-4.24 q -0.256,0.192 -0.672,0.288 -0.416,0.08 -0.88,0.144 -0.448,0.048 -0.912,0.128 -0.464,0.064 -0.832,0.224 -0.368,0.16 -0.608,0.464 -0.224,0.288 -0.224,0.8 0,0.336 0.128,0.576 0.144,0.224 0.352,0.368 0.224,0.144 0.512,0.208 0.288,0.064 0.608,0.064 0.672,0 1.152,-0.176 0.48,-0.192 0.784,-0.464 0.304,-0.288 0.448,-0.608 0.144,-0.336 0.144,-0.624 l 0,-1.392 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23147" />
+      <path
+         d="m -368.65514,206.79937 0,-1.664 -1.36,0 0,1.664 1.36,0 z m -1.36,1.488 0,8.272 1.36,0 0,-8.272 -1.36,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23149" />
+      <path
+         d="m -366.53264,208.28737 0,8.272 1.36,0 0,-4.672 q 0,-0.56 0.144,-1.024 0.16,-0.48 0.464,-0.832 0.304,-0.352 0.752,-0.544 0.464,-0.192 1.088,-0.192 0.784,0 1.232,0.448 0.448,0.448 0.448,1.216 l 0,5.6 1.36,0 0,-5.44 q 0,-0.672 -0.144,-1.216 -0.128,-0.56 -0.464,-0.96 -0.336,-0.4 -0.88,-0.624 -0.544,-0.224 -1.36,-0.224 -1.84,0 -2.688,1.504 l -0.032,0 0,-1.312 -1.28,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23151" />
+      <path
+         d="m -351.88239,211.63137 -4.752,0 q 0.032,-0.48 0.208,-0.896 0.176,-0.432 0.48,-0.752 0.304,-0.32 0.72,-0.496 0.432,-0.192 0.96,-0.192 0.512,0 0.928,0.192 0.432,0.176 0.736,0.496 0.32,0.304 0.496,0.736 0.192,0.432 0.224,0.912 z m 1.312,2.304 -1.344,0 q -0.176,0.816 -0.736,1.216 -0.544,0.4 -1.408,0.4 -0.672,0 -1.168,-0.224 -0.496,-0.224 -0.816,-0.592 -0.32,-0.384 -0.464,-0.864 -0.144,-0.496 -0.128,-1.04 l 6.192,0 q 0.032,-0.752 -0.144,-1.584 -0.16,-0.832 -0.608,-1.536 -0.432,-0.704 -1.168,-1.152 -0.72,-0.464 -1.824,-0.464 -0.848,0 -1.568,0.32 -0.704,0.32 -1.232,0.896 -0.512,0.576 -0.8,1.36 -0.288,0.784 -0.288,1.728 0.032,0.944 0.272,1.744 0.256,0.8 0.752,1.376 0.496,0.576 1.216,0.896 0.736,0.32 1.728,0.32 1.408,0 2.336,-0.704 0.928,-0.704 1.2,-2.096 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23153" />
+      <path
+         d="m -349.08064,208.28737 0,8.272 1.36,0 0,-3.68 q 0,-0.8 0.16,-1.408 0.16,-0.624 0.512,-1.056 0.352,-0.432 0.928,-0.656 0.576,-0.224 1.392,-0.224 l 0,-1.44 q -1.104,-0.032 -1.824,0.448 -0.72,0.48 -1.216,1.488 l -0.032,0 0,-1.744 -1.28,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23155" />
+      <path
+         d="m -342.85689,213.95137 -1.36,0 q 0.032,0.768 0.32,1.312 0.288,0.528 0.768,0.864 0.48,0.32 1.104,0.464 0.624,0.144 1.312,0.144 0.624,0 1.248,-0.128 0.64,-0.112 1.136,-0.416 0.512,-0.304 0.816,-0.8 0.32,-0.496 0.32,-1.248 0,-0.592 -0.24,-0.992 -0.224,-0.4 -0.608,-0.656 -0.368,-0.272 -0.864,-0.432 -0.48,-0.16 -0.992,-0.272 -0.48,-0.112 -0.96,-0.208 -0.48,-0.112 -0.864,-0.256 -0.384,-0.16 -0.64,-0.384 -0.24,-0.24 -0.24,-0.592 0,-0.32 0.16,-0.512 0.16,-0.208 0.416,-0.32 0.256,-0.128 0.56,-0.176 0.32,-0.048 0.624,-0.048 0.336,0 0.656,0.08 0.336,0.064 0.608,0.224 0.272,0.16 0.448,0.432 0.176,0.256 0.208,0.656 l 1.36,0 q -0.048,-0.752 -0.32,-1.248 -0.272,-0.512 -0.736,-0.8 -0.448,-0.304 -1.04,-0.416 -0.592,-0.128 -1.296,-0.128 -0.544,0 -1.104,0.144 -0.544,0.128 -0.992,0.416 -0.432,0.272 -0.72,0.72 -0.272,0.448 -0.272,1.072 0,0.8 0.4,1.248 0.4,0.448 0.992,0.704 0.608,0.24 1.312,0.384 0.704,0.128 1.296,0.304 0.608,0.16 1.008,0.432 0.4,0.272 0.4,0.8 0,0.384 -0.192,0.64 -0.192,0.24 -0.496,0.368 -0.288,0.128 -0.64,0.176 -0.352,0.048 -0.672,0.048 -0.416,0 -0.816,-0.08 -0.384,-0.08 -0.704,-0.256 -0.304,-0.192 -0.496,-0.496 -0.192,-0.32 -0.208,-0.768 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23157" />
+    </g>
+    <g
+       id="g5083"
+       transform="matrix(0.47747005,0,0,0.50284965,330.19832,124.13704)">
+      <g
+         id="Isolation_Mode-6">
+        <polygon
+           id="polygon4984"
+           points="0,72.66 92.65,101.222 122.005,77.57 122.005,22.429 32.038,0.183 0,19.314 "
+           style="clip-rule:evenodd;fill:#394d54;fill-rule:evenodd" />
+        <polygon
+           id="polygon4986"
+           points="92.65,94.222 5,67.66 5,23.314 92.65,45.131 "
+           style="clip-rule:evenodd;fill:#a5eaf2;fill-rule:evenodd" />
+        <g
+           id="g4988">
+          <g
+             id="g4990">
+            <polygon
+               id="polygon4992"
+               points="11.364,66.906 11.364,30.067 7.917,29.184 7.917,66.177 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon4994"
+               points="17.598,68.765 17.598,31.68 14.134,30.801 14.134,68.013 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon4996"
+               points="23.831,70.624 23.831,33.292 20.353,32.418 20.353,69.848 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon4998"
+               points="30.063,72.483 30.063,34.905 26.569,34.035 26.569,71.684 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5000"
+               points="36.298,74.341 36.298,36.518 32.789,35.652 32.789,73.519 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5002"
+               points="42.532,76.201 42.532,38.13 39.007,37.27 39.007,75.354 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5004"
+               points="48.765,78.06 48.765,39.743 45.224,38.887 45.224,77.19 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5006"
+               points="54.999,79.919 54.999,41.356 51.442,40.504 51.442,79.025 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5008"
+               points="61.231,81.777 61.231,42.968 57.661,42.122 57.661,80.86 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5010"
+               points="67.466,83.637 67.466,44.581 63.878,43.737 63.878,82.697 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5012"
+               points="73.699,85.496 73.699,46.193 70.097,45.355 70.097,84.532 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5014"
+               points="79.933,87.354 79.933,47.806 76.313,46.973 76.313,86.367 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5016"
+               points="82.532,88.203 86.165,89.213 86.165,49.418 82.532,48.589 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+          </g>
+          <g
+             id="g5018">
+            <polygon
+               id="polygon5020"
+               points="11.364,66.906 11.364,30.067 7.917,29.184 7.917,66.177 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5022"
+               points="17.598,68.765 17.598,31.68 14.134,30.801 14.134,68.013 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5024"
+               points="23.831,70.624 23.831,33.292 20.353,32.418 20.353,69.848 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5026"
+               points="30.063,72.483 30.063,34.905 26.569,34.035 26.569,71.684 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5028"
+               points="36.298,74.341 36.298,36.518 32.789,35.652 32.789,73.519 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5030"
+               points="42.532,76.201 42.532,38.13 39.007,37.27 39.007,75.354 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5032"
+               points="48.765,78.06 48.765,39.743 45.224,38.887 45.224,77.19 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5034"
+               points="54.999,79.919 54.999,41.356 51.442,40.504 51.442,79.025 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5036"
+               points="61.231,81.777 61.231,42.968 57.661,42.122 57.661,80.86 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5038"
+               points="67.466,83.637 67.466,44.581 63.878,43.737 63.878,82.697 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5040"
+               points="73.699,85.496 73.699,46.193 70.097,45.355 70.097,84.532 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5042"
+               points="79.933,87.354 79.933,47.806 76.313,46.973 76.313,86.367 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5044"
+               points="82.532,88.203 86.165,89.213 86.165,49.418 82.532,48.589 "
+               style="fill:#394d54" />
+          </g>
+        </g>
+        <polygon
+           id="polygon5046"
+           points="117.005,75.212 92.65,94.398 92.65,46.469 117.005,29.184 "
+           style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+        <polygon
+           id="polygon5048"
+           points="117.005,27.429 92.65,45.131 5,23.314 32.538,6.683 "
+           style="clip-rule:evenodd;fill:#ffffff;fill-rule:evenodd" />
+        <rect
+           id="rect5050"
+           height="92.299004"
+           width="3.5250001"
+           transform="matrix(0.241,-0.9705,0.9705,0.241,3.2084,72.3107)"
+           y="-12.046"
+           x="46.075001"
+           style="fill:#394d54" />
+        <rect
+           id="rect5052"
+           height="34.868999"
+           width="3.5250001"
+           transform="matrix(0.5701,0.8215,-0.8215,0.5701,74.5518,-71.3707)"
+           y="18.122"
+           x="103.715"
+           style="fill:#394d54" />
+        <rect
+           id="rect5054"
+           height="51.174"
+           width="3.523"
+           transform="matrix(1,-0.0022,0.0022,1,-0.1552,0.2041)"
+           y="44.498001"
+           x="90.234001"
+           style="fill:#394d54" />
+      </g>
+      <g
+         display="none"
+         id="Layer_2-0"
+         style="display:none">
+        <line
+           id="line5063"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-49.362"
+           x1="-77.349998"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5065"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-46.612"
+           x1="-77.349998"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5067"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-4.362"
+           x1="-77.349998"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5069"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-67.064003"
+           x1="-52.994999"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5071"
+           y2="-49.472"
+           x2="-76.915001"
+           y1="-492.659"
+           x1="532.88"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5073"
+           y2="-71.179001"
+           x2="-165"
+           y1="-492.659"
+           x1="532.88"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5075"
+           y2="-0.271"
+           x2="-77.349998"
+           y1="-492.659"
+           x1="532.88"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+      </g>
+    </g>
+    <g
+       id="g5225"
+       transform="matrix(0.47747005,0,0,0.50284965,330.19832,175.51094)">
+      <g
+         id="g5227">
+        <polygon
+           id="polygon5229"
+           points="122.005,22.429 32.038,0.183 0,19.314 0,72.66 92.65,101.222 122.005,77.57 "
+           style="clip-rule:evenodd;fill:#394d54;fill-rule:evenodd" />
+        <polygon
+           id="polygon5231"
+           points="92.65,45.131 92.65,94.222 5,67.66 5,23.314 "
+           style="clip-rule:evenodd;fill:#a5eaf2;fill-rule:evenodd" />
+        <g
+           id="g5233">
+          <g
+             id="g5235">
+            <polygon
+               id="polygon5237"
+               points="7.917,66.177 11.364,66.906 11.364,30.067 7.917,29.184 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5239"
+               points="14.134,68.013 17.598,68.765 17.598,31.68 14.134,30.801 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5241"
+               points="20.353,69.848 23.831,70.624 23.831,33.292 20.353,32.418 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5243"
+               points="26.569,71.684 30.063,72.483 30.063,34.905 26.569,34.035 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5245"
+               points="32.789,73.519 36.298,74.341 36.298,36.518 32.789,35.652 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5247"
+               points="39.007,75.354 42.532,76.201 42.532,38.13 39.007,37.27 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5249"
+               points="45.224,77.19 48.765,78.06 48.765,39.743 45.224,38.887 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5251"
+               points="51.442,79.025 54.999,79.919 54.999,41.356 51.442,40.504 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5253"
+               points="57.661,80.86 61.231,81.777 61.231,42.968 57.661,42.122 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5255"
+               points="63.878,82.697 67.466,83.637 67.466,44.581 63.878,43.737 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5257"
+               points="70.097,84.532 73.699,85.496 73.699,46.193 70.097,45.355 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5259"
+               points="76.313,86.367 79.933,87.354 79.933,47.806 76.313,46.973 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5261"
+               points="82.532,48.589 82.532,88.203 86.165,89.213 86.165,49.418 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+          </g>
+          <g
+             id="g5263">
+            <polygon
+               id="polygon5265"
+               points="7.917,66.177 11.364,66.906 11.364,30.067 7.917,29.184 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5267"
+               points="14.134,68.013 17.598,68.765 17.598,31.68 14.134,30.801 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5269"
+               points="20.353,69.848 23.831,70.624 23.831,33.292 20.353,32.418 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5271"
+               points="26.569,71.684 30.063,72.483 30.063,34.905 26.569,34.035 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5273"
+               points="32.789,73.519 36.298,74.341 36.298,36.518 32.789,35.652 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5275"
+               points="39.007,75.354 42.532,76.201 42.532,38.13 39.007,37.27 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5277"
+               points="45.224,77.19 48.765,78.06 48.765,39.743 45.224,38.887 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5279"
+               points="51.442,79.025 54.999,79.919 54.999,41.356 51.442,40.504 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5281"
+               points="57.661,80.86 61.231,81.777 61.231,42.968 57.661,42.122 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5283"
+               points="63.878,82.697 67.466,83.637 67.466,44.581 63.878,43.737 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5285"
+               points="70.097,84.532 73.699,85.496 73.699,46.193 70.097,45.355 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5287"
+               points="76.313,86.367 79.933,87.354 79.933,47.806 76.313,46.973 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5289"
+               points="82.532,48.589 82.532,88.203 86.165,89.213 86.165,49.418 "
+               style="fill:#394d54" />
+          </g>
+        </g>
+        <polygon
+           id="polygon5291"
+           points="117.005,29.184 117.005,75.212 92.65,94.398 92.65,46.469 "
+           style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+        <polygon
+           id="polygon5293"
+           points="32.538,6.683 117.005,27.429 92.65,45.131 5,23.314 "
+           style="clip-rule:evenodd;fill:#ffffff;fill-rule:evenodd" />
+        <rect
+           id="rect5295"
+           height="92.299004"
+           width="3.5250001"
+           transform="matrix(0.241,-0.9705,0.9705,0.241,3.2084,72.3107)"
+           y="-12.046"
+           x="46.075001"
+           style="fill:#394d54" />
+        <rect
+           id="rect5297"
+           height="34.868999"
+           width="3.5250001"
+           transform="matrix(0.5701,0.8215,-0.8215,0.5701,74.5518,-71.3707)"
+           y="18.122"
+           x="103.715"
+           style="fill:#394d54" />
+        <rect
+           id="rect5299"
+           height="51.174"
+           width="3.523"
+           transform="matrix(1,-0.0022,0.0022,1,-0.1552,0.2041)"
+           y="44.498001"
+           x="90.234001"
+           style="fill:#394d54" />
+      </g>
+      <g
+         display="none"
+         id="g5301"
+         style="display:none">
+        <line
+           id="line5303"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-49.362"
+           x1="-77.349998"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5305"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-46.612"
+           x1="-77.349998"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5307"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-4.362"
+           x1="-77.349998"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5309"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-67.064003"
+           x1="-52.994999"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5311"
+           y2="-49.472"
+           x2="-76.915001"
+           y1="-492.659"
+           x1="532.88"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5313"
+           y2="-71.179001"
+           x2="-165"
+           y1="-492.659"
+           x1="532.88"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5315"
+           y2="-0.271"
+           x2="-77.349998"
+           y1="-492.659"
+           x1="532.88"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+      </g>
+    </g>
+    <g
+       transform="matrix(0.47747005,0,0,0.50284965,330.19832,226.88483)"
+       id="g17899">
+      <g
+         id="g17901">
+        <polygon
+           style="clip-rule:evenodd;fill:#394d54;fill-rule:evenodd"
+           points="122.005,77.57 122.005,22.429 32.038,0.183 0,19.314 0,72.66 92.65,101.222 "
+           id="polygon17903" />
+        <polygon
+           style="clip-rule:evenodd;fill:#a5eaf2;fill-rule:evenodd"
+           points="5,23.314 92.65,45.131 92.65,94.222 5,67.66 "
+           id="polygon17905" />
+        <g
+           id="g17907">
+          <g
+             id="g17909">
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="7.917,29.184 7.917,66.177 11.364,66.906 11.364,30.067 "
+               id="polygon17911" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="14.134,30.801 14.134,68.013 17.598,68.765 17.598,31.68 "
+               id="polygon17913" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="20.353,32.418 20.353,69.848 23.831,70.624 23.831,33.292 "
+               id="polygon17915" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="26.569,34.035 26.569,71.684 30.063,72.483 30.063,34.905 "
+               id="polygon17917" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="32.789,35.652 32.789,73.519 36.298,74.341 36.298,36.518 "
+               id="polygon17919" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="39.007,37.27 39.007,75.354 42.532,76.201 42.532,38.13 "
+               id="polygon17921" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="45.224,38.887 45.224,77.19 48.765,78.06 48.765,39.743 "
+               id="polygon17923" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="51.442,40.504 51.442,79.025 54.999,79.919 54.999,41.356 "
+               id="polygon17925" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="57.661,42.122 57.661,80.86 61.231,81.777 61.231,42.968 "
+               id="polygon17927" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="63.878,43.737 63.878,82.697 67.466,83.637 67.466,44.581 "
+               id="polygon17929" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="70.097,45.355 70.097,84.532 73.699,85.496 73.699,46.193 "
+               id="polygon17931" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="76.313,46.973 76.313,86.367 79.933,87.354 79.933,47.806 "
+               id="polygon17933" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="86.165,49.418 82.532,48.589 82.532,88.203 86.165,89.213 "
+               id="polygon17935" />
+          </g>
+          <g
+             id="g17937">
+            <polygon
+               style="fill:#394d54"
+               points="7.917,29.184 7.917,66.177 11.364,66.906 11.364,30.067 "
+               id="polygon17939" />
+            <polygon
+               style="fill:#394d54"
+               points="14.134,30.801 14.134,68.013 17.598,68.765 17.598,31.68 "
+               id="polygon17941" />
+            <polygon
+               style="fill:#394d54"
+               points="20.353,32.418 20.353,69.848 23.831,70.624 23.831,33.292 "
+               id="polygon17943" />
+            <polygon
+               style="fill:#394d54"
+               points="26.569,34.035 26.569,71.684 30.063,72.483 30.063,34.905 "
+               id="polygon17945" />
+            <polygon
+               style="fill:#394d54"
+               points="32.789,35.652 32.789,73.519 36.298,74.341 36.298,36.518 "
+               id="polygon17947" />
+            <polygon
+               style="fill:#394d54"
+               points="39.007,37.27 39.007,75.354 42.532,76.201 42.532,38.13 "
+               id="polygon17949" />
+            <polygon
+               style="fill:#394d54"
+               points="45.224,38.887 45.224,77.19 48.765,78.06 48.765,39.743 "
+               id="polygon17951" />
+            <polygon
+               style="fill:#394d54"
+               points="51.442,40.504 51.442,79.025 54.999,79.919 54.999,41.356 "
+               id="polygon17953" />
+            <polygon
+               style="fill:#394d54"
+               points="57.661,42.122 57.661,80.86 61.231,81.777 61.231,42.968 "
+               id="polygon17955" />
+            <polygon
+               style="fill:#394d54"
+               points="63.878,43.737 63.878,82.697 67.466,83.637 67.466,44.581 "
+               id="polygon17957" />
+            <polygon
+               style="fill:#394d54"
+               points="70.097,45.355 70.097,84.532 73.699,85.496 73.699,46.193 "
+               id="polygon17959" />
+            <polygon
+               style="fill:#394d54"
+               points="76.313,46.973 76.313,86.367 79.933,87.354 79.933,47.806 "
+               id="polygon17961" />
+            <polygon
+               style="fill:#394d54"
+               points="86.165,49.418 82.532,48.589 82.532,88.203 86.165,89.213 "
+               id="polygon17963" />
+          </g>
+        </g>
+        <polygon
+           style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+           points="92.65,46.469 117.005,29.184 117.005,75.212 92.65,94.398 "
+           id="polygon17965" />
+        <polygon
+           style="clip-rule:evenodd;fill:#ffffff;fill-rule:evenodd"
+           points="5,23.314 32.538,6.683 117.005,27.429 92.65,45.131 "
+           id="polygon17967" />
+        <rect
+           style="fill:#394d54"
+           x="46.075001"
+           y="-12.046"
+           transform="matrix(0.241,-0.9705,0.9705,0.241,3.2084,72.3107)"
+           width="3.5250001"
+           height="92.299004"
+           id="rect17969" />
+        <rect
+           style="fill:#394d54"
+           x="103.715"
+           y="18.122"
+           transform="matrix(0.5701,0.8215,-0.8215,0.5701,74.5518,-71.3707)"
+           width="3.5250001"
+           height="34.868999"
+           id="rect17971" />
+        <rect
+           style="fill:#394d54"
+           x="90.234001"
+           y="44.498001"
+           transform="matrix(1,-0.0022,0.0022,1,-0.1552,0.2041)"
+           width="3.523"
+           height="51.174"
+           id="rect17973" />
+      </g>
+      <g
+         style="display:none"
+         id="g17975"
+         display="none">
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="-77.349998"
+           y1="-49.362"
+           x2="-1830.454"
+           y2="-492.659"
+           id="line17977" />
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="-77.349998"
+           y1="-46.612"
+           x2="-1830.454"
+           y2="-492.659"
+           id="line17979" />
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="-77.349998"
+           y1="-4.362"
+           x2="-1830.454"
+           y2="-492.659"
+           id="line17981" />
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="-52.994999"
+           y1="-67.064003"
+           x2="-1830.454"
+           y2="-492.659"
+           id="line17983" />
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="532.88"
+           y1="-492.659"
+           x2="-76.915001"
+           y2="-49.472"
+           id="line17985" />
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="532.88"
+           y1="-492.659"
+           x2="-165"
+           y2="-71.179001"
+           id="line17987" />
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="532.88"
+           y1="-492.659"
+           x2="-77.349998"
+           y2="-0.271"
+           id="line17989" />
+      </g>
+    </g>
+    <g
+       transform="matrix(0.47747005,0,0,0.50284965,330.19832,278.25873)"
+       id="g17991">
+      <g
+         id="g17993">
+        <polygon
+           style="clip-rule:evenodd;fill:#394d54;fill-rule:evenodd"
+           points="32.038,0.183 0,19.314 0,72.66 92.65,101.222 122.005,77.57 122.005,22.429 "
+           id="polygon17995" />
+        <polygon
+           style="clip-rule:evenodd;fill:#a5eaf2;fill-rule:evenodd"
+           points="92.65,94.222 5,67.66 5,23.314 92.65,45.131 "
+           id="polygon17997" />
+        <g
+           id="g17999">
+          <g
+             id="g18001">
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="11.364,66.906 11.364,30.067 7.917,29.184 7.917,66.177 "
+               id="polygon18003" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="17.598,68.765 17.598,31.68 14.134,30.801 14.134,68.013 "
+               id="polygon18005" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="23.831,70.624 23.831,33.292 20.353,32.418 20.353,69.848 "
+               id="polygon18007" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="30.063,72.483 30.063,34.905 26.569,34.035 26.569,71.684 "
+               id="polygon18009" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="36.298,74.341 36.298,36.518 32.789,35.652 32.789,73.519 "
+               id="polygon18011" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="42.532,76.201 42.532,38.13 39.007,37.27 39.007,75.354 "
+               id="polygon18013" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="48.765,78.06 48.765,39.743 45.224,38.887 45.224,77.19 "
+               id="polygon18015" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="54.999,79.919 54.999,41.356 51.442,40.504 51.442,79.025 "
+               id="polygon18017" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="61.231,81.777 61.231,42.968 57.661,42.122 57.661,80.86 "
+               id="polygon18019" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="67.466,83.637 67.466,44.581 63.878,43.737 63.878,82.697 "
+               id="polygon18021" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="73.699,85.496 73.699,46.193 70.097,45.355 70.097,84.532 "
+               id="polygon18023" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="79.933,87.354 79.933,47.806 76.313,46.973 76.313,86.367 "
+               id="polygon18025" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="82.532,88.203 86.165,89.213 86.165,49.418 82.532,48.589 "
+               id="polygon18027" />
+          </g>
+          <g
+             id="g18029">
+            <polygon
+               style="fill:#394d54"
+               points="11.364,66.906 11.364,30.067 7.917,29.184 7.917,66.177 "
+               id="polygon18031" />
+            <polygon
+               style="fill:#394d54"
+               points="17.598,68.765 17.598,31.68 14.134,30.801 14.134,68.013 "
+               id="polygon18033" />
+            <polygon
+               style="fill:#394d54"
+               points="23.831,70.624 23.831,33.292 20.353,32.418 20.353,69.848 "
+               id="polygon18035" />
+            <polygon
+               style="fill:#394d54"
+               points="30.063,72.483 30.063,34.905 26.569,34.035 26.569,71.684 "
+               id="polygon18037" />
+            <polygon
+               style="fill:#394d54"
+               points="36.298,74.341 36.298,36.518 32.789,35.652 32.789,73.519 "
+               id="polygon18039" />
+            <polygon
+               style="fill:#394d54"
+               points="42.532,76.201 42.532,38.13 39.007,37.27 39.007,75.354 "
+               id="polygon18041" />
+            <polygon
+               style="fill:#394d54"
+               points="48.765,78.06 48.765,39.743 45.224,38.887 45.224,77.19 "
+               id="polygon18043" />
+            <polygon
+               style="fill:#394d54"
+               points="54.999,79.919 54.999,41.356 51.442,40.504 51.442,79.025 "
+               id="polygon18045" />
+            <polygon
+               style="fill:#394d54"
+               points="61.231,81.777 61.231,42.968 57.661,42.122 57.661,80.86 "
+               id="polygon18047" />
+            <polygon
+               style="fill:#394d54"
+               points="67.466,83.637 67.466,44.581 63.878,43.737 63.878,82.697 "
+               id="polygon18049" />
+            <polygon
+               style="fill:#394d54"
+               points="73.699,85.496 73.699,46.193 70.097,45.355 70.097,84.532 "
+               id="polygon18051" />
+            <polygon
+               style="fill:#394d54"
+               points="79.933,87.354 79.933,47.806 76.313,46.973 76.313,86.367 "
+               id="polygon18053" />
+            <polygon
+               style="fill:#394d54"
+               points="82.532,88.203 86.165,89.213 86.165,49.418 82.532,48.589 "
+               id="polygon18055" />
+          </g>
+        </g>
+        <polygon
+           style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+           points="117.005,75.212 92.65,94.398 92.65,46.469 117.005,29.184 "
+           id="polygon18057" />
+        <polygon
+           style="clip-rule:evenodd;fill:#ffffff;fill-rule:evenodd"
+           points="117.005,27.429 92.65,45.131 5,23.314 32.538,6.683 "
+           id="polygon18059" />
+        <rect
+           style="fill:#394d54"
+           x="46.075001"
+           y="-12.046"
+           transform="matrix(0.241,-0.9705,0.9705,0.241,3.2084,72.3107)"
+           width="3.5250001"
+           height="92.299004"
+           id="rect18061" />
+        <rect
+           style="fill:#394d54"
+           x="103.715"
+           y="18.122"
+           transform="matrix(0.5701,0.8215,-0.8215,0.5701,74.5518,-71.3707)"
+           width="3.5250001"
+           height="34.868999"
+           id="rect18063" />
+        <rect
+           style="fill:#394d54"
+           x="90.234001"
+           y="44.498001"
+           transform="matrix(1,-0.0022,0.0022,1,-0.1552,0.2041)"
+           width="3.523"
+           height="51.174"
+           id="rect18065" />
+      </g>
+      <g
+         style="display:none"
+         id="g18067"
+         display="none">
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="-77.349998"
+           y1="-49.362"
+           x2="-1830.454"
+           y2="-492.659"
+           id="line18069" />
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="-77.349998"
+           y1="-46.612"
+           x2="-1830.454"
+           y2="-492.659"
+           id="line18071" />
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="-77.349998"
+           y1="-4.362"
+           x2="-1830.454"
+           y2="-492.659"
+           id="line18073" />
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="-52.994999"
+           y1="-67.064003"
+           x2="-1830.454"
+           y2="-492.659"
+           id="line18075" />
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="532.88"
+           y1="-492.659"
+           x2="-76.915001"
+           y2="-49.472"
+           id="line18077" />
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="532.88"
+           y1="-492.659"
+           x2="-165"
+           y2="-71.179001"
+           id="line18079" />
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="532.88"
+           y1="-492.659"
+           x2="-77.349998"
+           y2="-0.271"
+           id="line18081" />
+      </g>
+    </g>
+    <g
+       transform="matrix(0.30953328,-0.23033205,0,0.30953328,188.6113,392.68265)"
+       id="g18083">
+      <path
+         style="fill:#394d54;fill-opacity:1"
+         d="m 620.36719,177.47266 c -11.84776,-0.50977 -19.91248,14.44883 -12.98047,24.06836 6.07955,10.39639 23.35314,8.80448 27.42969,-2.52735 4.38855,-9.96271 -3.54659,-21.81733 -14.44922,-21.54101 z"
+         id="circle18140"
+         inkscape:connector-curvature="0" />
+      <circle
+         id="circle18085"
+         r="13.5728"
+         cy="193.04353"
+         cx="620.4353"
+         style="fill:#dd4814" />
+      <path
+         id="path18087"
+         d="m 611.96969,191.41233 c -0.9016,0 -1.6288,0.7296 -1.6288,1.6312 0,0.8984 0.7272,1.6296 1.6288,1.6296 0.9024,0 1.6312,-0.7312 1.6312,-1.6296 0,-0.9016 -0.7288,-1.6312 -1.6312,-1.6312 z m 11.644,7.4128 c -0.7808,0.4472 -1.0464,1.4456 -0.5976,2.2232 0.4504,0.7816 1.4472,1.0472 2.2272,0.5984 0.78,-0.4496 1.048,-1.4472 0.5976,-2.2264 -0.4504,-0.78 -1.448,-1.0472 -2.2272,-0.5952 z m -8.1,-5.7816 c 0,-1.6128 0.7984,-3.0376 2.0232,-3.8984 l -1.1904,-1.9984 c -1.4272,0.9528 -2.4896,2.4112 -2.9312,4.1184 0.5168,0.42 0.844,1.0592 0.844,1.7784 0,0.7144 -0.3264,1.3528 -0.844,1.7752 0.4416,1.7064 1.504,3.164 2.9312,4.1168 l 1.1904,-1.9968 c -1.2248,-0.8608 -2.0232,-2.284 -2.0232,-3.8952 z m 4.7616,-4.7656 c 2.4896,0 4.5304,1.908 4.7448,4.344 l 2.324,-0.0376 c -0.1152,-1.7952 -0.8992,-3.408 -2.1048,-4.5936 -0.6208,0.2328 -1.3376,0.2 -1.956,-0.1592 -0.6184,-0.3576 -1.008,-0.9592 -1.1152,-1.616 -0.6032,-0.1656 -1.2376,-0.2576 -1.8928,-0.2576 -1.1264,0 -2.1928,0.2656 -3.1376,0.7344 l 1.132,2.0296 c 0.6096,-0.2848 1.2904,-0.444 2.0056,-0.444 z m 0,9.5264 c -0.716,0 -1.396,-0.1576 -2.0056,-0.4424 l -1.132,2.0296 c 0.9448,0.4704 2.0112,0.7328 3.1376,0.7328 0.6552,0 1.2896,-0.0888 1.8928,-0.256 0.1072,-0.656 0.496,-1.2576 1.1152,-1.6168 0.62,-0.3576 1.3352,-0.392 1.956,-0.156 1.2056,-1.1872 1.9896,-2.8 2.1048,-4.5968 l -2.324,-0.0328 c -0.2144,2.432 -2.2552,4.3384 -4.7448,4.3384 z m 3.3384,-10.5432 c 0.7792,0.4488 1.7768,0.1832 2.2256,-0.5984 0.4504,-0.7768 0.1832,-1.7752 -0.596,-2.2248 -0.7808,-0.4496 -1.7768,-0.1832 -2.2272,0.5968 -0.4488,0.7792 -0.1832,1.776 0.5976,2.2264 z"
+         inkscape:connector-curvature="0"
+         style="fill:#ffffff" />
+    </g>
+    <g
+       id="g18146"
+       transform="matrix(0.30953328,-0.23033205,0,0.30953328,188.6113,238.59168)">
+      <path
+         inkscape:connector-curvature="0"
+         id="path18148"
+         d="m 620.36719,177.47266 c -11.84776,-0.50977 -19.91248,14.44883 -12.98047,24.06836 6.07955,10.39639 23.35314,8.80448 27.42969,-2.52735 4.38855,-9.96271 -3.54659,-21.81733 -14.44922,-21.54101 z"
+         style="fill:#394d54;fill-opacity:1" />
+      <circle
+         style="fill:#dd4814"
+         cx="620.4353"
+         cy="193.04353"
+         r="13.5728"
+         id="circle18150" />
+      <path
+         style="fill:#ffffff"
+         inkscape:connector-curvature="0"
+         d="m 611.96969,191.41233 c -0.9016,0 -1.6288,0.7296 -1.6288,1.6312 0,0.8984 0.7272,1.6296 1.6288,1.6296 0.9024,0 1.6312,-0.7312 1.6312,-1.6296 0,-0.9016 -0.7288,-1.6312 -1.6312,-1.6312 z m 11.644,7.4128 c -0.7808,0.4472 -1.0464,1.4456 -0.5976,2.2232 0.4504,0.7816 1.4472,1.0472 2.2272,0.5984 0.78,-0.4496 1.048,-1.4472 0.5976,-2.2264 -0.4504,-0.78 -1.448,-1.0472 -2.2272,-0.5952 z m -8.1,-5.7816 c 0,-1.6128 0.7984,-3.0376 2.0232,-3.8984 l -1.1904,-1.9984 c -1.4272,0.9528 -2.4896,2.4112 -2.9312,4.1184 0.5168,0.42 0.844,1.0592 0.844,1.7784 0,0.7144 -0.3264,1.3528 -0.844,1.7752 0.4416,1.7064 1.504,3.164 2.9312,4.1168 l 1.1904,-1.9968 c -1.2248,-0.8608 -2.0232,-2.284 -2.0232,-3.8952 z m 4.7616,-4.7656 c 2.4896,0 4.5304,1.908 4.7448,4.344 l 2.324,-0.0376 c -0.1152,-1.7952 -0.8992,-3.408 -2.1048,-4.5936 -0.6208,0.2328 -1.3376,0.2 -1.956,-0.1592 -0.6184,-0.3576 -1.008,-0.9592 -1.1152,-1.616 -0.6032,-0.1656 -1.2376,-0.2576 -1.8928,-0.2576 -1.1264,0 -2.1928,0.2656 -3.1376,0.7344 l 1.132,2.0296 c 0.6096,-0.2848 1.2904,-0.444 2.0056,-0.444 z m 0,9.5264 c -0.716,0 -1.396,-0.1576 -2.0056,-0.4424 l -1.132,2.0296 c 0.9448,0.4704 2.0112,0.7328 3.1376,0.7328 0.6552,0 1.2896,-0.0888 1.8928,-0.256 0.1072,-0.656 0.496,-1.2576 1.1152,-1.6168 0.62,-0.3576 1.3352,-0.392 1.956,-0.156 1.2056,-1.1872 1.9896,-2.8 2.1048,-4.5968 l -2.324,-0.0328 c -0.2144,2.432 -2.2552,4.3384 -4.7448,4.3384 z m 3.3384,-10.5432 c 0.7792,0.4488 1.7768,0.1832 2.2256,-0.5984 0.4504,-0.7768 0.1832,-1.7752 -0.596,-2.2248 -0.7808,-0.4496 -1.7768,-0.1832 -2.2272,0.5968 -0.4488,0.7792 -0.1832,1.776 0.5976,2.2264 z"
+         id="path18152" />
+    </g>
+    <rect
+       style="display:inline;opacity:1;fill:#ade5f9;fill-opacity:1;stroke:#005976;stroke-width:1.47231948;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       id="rect15559"
+       width="172.45595"
+       height="163.06149"
+       x="74.023972"
+       y="8.968852"
+       rx="0"
+       ry="0" />
+    <rect
+       style="opacity:1;fill:#fcfcfc;fill-opacity:1;stroke:#005976;stroke-width:1.87672079;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       id="rect15561"
+       width="55.863518"
+       height="24.437973"
+       x="74.226181"
+       y="-3.9703875"
+       ry="6.3192472"
+       rx="6.3192477" />
+    <g
+       transform="translate(496.0012,-202.68678)"
+       style="font-style:normal;font-weight:normal;font-size:32px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       id="flowRoot16093">
+      <path
+         d="m -405.12039,208.57537 1.52,0 q -0.128,-0.912 -0.544,-1.6 -0.416,-0.704 -1.04,-1.168 -0.624,-0.464 -1.424,-0.704 -0.8,-0.24 -1.696,-0.24 -1.312,0 -2.336,0.48 -1.008,0.464 -1.696,1.28 -0.672,0.816 -1.024,1.92 -0.352,1.088 -0.352,2.336 0,1.248 0.32,2.336 0.336,1.088 0.992,1.888 0.656,0.8 1.648,1.264 0.992,0.448 2.32,0.448 2.192,0 3.456,-1.2 1.264,-1.2 1.488,-3.36 l -1.52,0 q -0.048,0.704 -0.288,1.312 -0.24,0.608 -0.672,1.056 -0.416,0.432 -1.008,0.688 -0.576,0.24 -1.328,0.24 -1.024,0 -1.76,-0.384 -0.736,-0.384 -1.216,-1.024 -0.464,-0.656 -0.688,-1.52 -0.224,-0.88 -0.224,-1.856 0,-0.896 0.224,-1.728 0.224,-0.832 0.688,-1.472 0.48,-0.656 1.2,-1.04 0.736,-0.384 1.76,-0.384 1.2,0 2.064,0.608 0.88,0.608 1.136,1.824 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23223" />
+      <path
+         d="m -401.73389,205.13537 0,11.424 1.36,0 0,-11.424 -1.36,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23225" />
+      <path
+         d="m -396.81139,206.79937 0,-1.664 -1.36,0 0,1.664 1.36,0 z m -1.36,1.488 0,8.272 1.36,0 0,-8.272 -1.36,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23227" />
+      <path
+         d="m -388.94489,211.63137 -4.752,0 q 0.032,-0.48 0.208,-0.896 0.176,-0.432 0.48,-0.752 0.304,-0.32 0.72,-0.496 0.432,-0.192 0.96,-0.192 0.512,0 0.928,0.192 0.432,0.176 0.736,0.496 0.32,0.304 0.496,0.736 0.192,0.432 0.224,0.912 z m 1.312,2.304 -1.344,0 q -0.176,0.816 -0.736,1.216 -0.544,0.4 -1.408,0.4 -0.672,0 -1.168,-0.224 -0.496,-0.224 -0.816,-0.592 -0.32,-0.384 -0.464,-0.864 -0.144,-0.496 -0.128,-1.04 l 6.192,0 q 0.032,-0.752 -0.144,-1.584 -0.16,-0.832 -0.608,-1.536 -0.432,-0.704 -1.168,-1.152 -0.72,-0.464 -1.824,-0.464 -0.848,0 -1.568,0.32 -0.704,0.32 -1.232,0.896 -0.512,0.576 -0.8,1.36 -0.288,0.784 -0.288,1.728 0.032,0.944 0.272,1.744 0.256,0.8 0.752,1.376 0.496,0.576 1.216,0.896 0.736,0.32 1.728,0.32 1.408,0 2.336,-0.704 0.928,-0.704 1.2,-2.096 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23229" />
+      <path
+         d="m -386.09514,208.28737 0,8.272 1.36,0 0,-4.672 q 0,-0.56 0.144,-1.024 0.16,-0.48 0.464,-0.832 0.304,-0.352 0.752,-0.544 0.464,-0.192 1.088,-0.192 0.784,0 1.232,0.448 0.448,0.448 0.448,1.216 l 0,5.6 1.36,0 0,-5.44 q 0,-0.672 -0.144,-1.216 -0.128,-0.56 -0.464,-0.96 -0.336,-0.4 -0.88,-0.624 -0.544,-0.224 -1.36,-0.224 -1.84,0 -2.688,1.504 l -0.032,0 0,-1.312 -1.28,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23231" />
+      <path
+         d="m -375.30089,208.28737 0,-2.48 -1.36,0 0,2.48 -1.408,0 0,1.2 1.408,0 0,5.264 q 0,0.576 0.112,0.928 0.112,0.352 0.336,0.544 0.24,0.192 0.608,0.272 0.384,0.064 0.912,0.064 l 1.04,0 0,-1.2 -0.624,0 q -0.32,0 -0.528,-0.016 -0.192,-0.032 -0.304,-0.112 -0.112,-0.08 -0.16,-0.224 -0.032,-0.144 -0.032,-0.384 l 0,-5.136 1.648,0 0,-1.2 -1.648,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23233" />
+    </g>
+    <rect
+       y="35.104694"
+       x="88.070274"
+       height="24.38966"
+       width="144.36334"
+       id="rect15593"
+       style="opacity:1;fill:#fcfcfc;fill-opacity:1;stroke:#dbdde0;stroke-width:1.87672079;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       ry="7.1999998"
+       rx="5.5999999" />
+    <g
+       transform="translate(455.19194,-65.37672)"
+       style="font-style:normal;font-weight:normal;font-size:32px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       id="flowRoot16345">
+      <path
+         d="m -339.36133,116.03723 q -0.66406,1.09375 -1.60156,1.64844 -0.92969,0.55469 -1.71094,0.55469 -1.09375,0 -1.96875,-0.94532 -0.86719,-0.94531 -0.86719,-2.86718 0,-1.51563 0.57813,-2.70313 0.57812,-1.19531 1.54687,-1.88281 0.96875,-0.69531 2.39844,-0.69531 0.41406,0 1.25,0.0859 0.125,0.0156 0.375,0.0391 l 0,-3.88282 1.46094,0 0,12.60938 -1.46094,0 0,-1.96094 z m 0,-1.72656 0,-3.74219 q -0.77344,-0.20312 -1.4375,-0.20312 -1.34375,0 -2.24219,1.03906 -0.89062,1.03906 -0.89062,2.82812 0,1.29688 0.48437,1.96094 0.49219,0.65625 1.11719,0.65625 0.67969,0 1.5,-0.6875 0.82031,-0.6875 1.46875,-1.85156 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23200" />
+      <path
+         d="m -332.00195,118.24036 q -1.875,0 -3,-1.30469 -1.125,-1.3125 -1.125,-3.30469 0,-1.99219 1.125,-3.29687 1.125,-1.30469 3,-1.30469 1.86718,0 2.99218,1.30469 1.125,1.30468 1.125,3.29687 0,1.99219 -1.125,3.30469 -1.125,1.30469 -2.99218,1.30469 z m 0,-1.21094 q 1.16406,0 1.85156,-0.90625 0.6875,-0.90625 0.6875,-2.49219 0,-1.57812 -0.6875,-2.48437 -0.6875,-0.90625 -1.85156,-0.90625 -1.17188,0 -1.85938,0.90625 -0.6875,0.90625 -0.6875,2.48437 0,1.58594 0.6875,2.49219 0.6875,0.90625 1.85938,0.90625 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23202" />
+      <path
+         d="m -318.62695,117.74817 q -1.46094,0.49219 -2.78125,0.49219 -1.3125,0 -2.33594,-0.60157 -1.01563,-0.60937 -1.58594,-1.64062 -0.57031,-1.03906 -0.57031,-2.35938 0,-1.98437 1.28906,-3.29687 1.29688,-1.3125 3.125,-1.3125 1.35156,0 2.85938,0.50781 l 0,1.39844 q -1.52344,-0.69531 -2.72657,-0.69531 -0.79687,0 -1.5,0.39843 -0.70312,0.39063 -1.08593,1.22657 -0.38282,0.83593 -0.38282,1.71875 0,1.17968 0.73438,2.25 0.74219,1.07031 2.32031,1.07031 0.47656,0 0.9375,-0.0625 0.46094,-0.0703 1.70313,-0.49219 l 0,1.39844 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23204" />
+      <path
+         d="m -315.95508,117.99817 0,-12.60938 1.45313,0 0,7.92188 4.19531,-4.03906 1.9375,0 -4.1875,4.03906 4.29687,4.6875 -2,0 -4.24218,-4.6875 0,4.6875 -1.45313,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23206" />
+      <path
+         d="m -299.46289,117.42004 q -1.74219,0.82813 -3.29688,0.82813 -1.17968,0 -2.10937,-0.58594 -0.92969,-0.58594 -1.49219,-1.67187 -0.55469,-1.09375 -0.55469,-2.33594 0,-1.19531 0.53125,-2.29688 0.53125,-1.10156 1.48438,-1.71093 0.95312,-0.61719 2.125,-0.61719 1.55469,0 2.49219,1.10937 0.94531,1.10938 0.94531,3.42188 l 0,0.3125 -6.01563,0 q 0,0.90625 0.375,1.65625 0.38282,0.75 1,1.125 0.61719,0.375 1.40625,0.375 1.40625,0 3.10938,-0.9375 l 0,1.32812 z m -5.80469,-4.63281 4.35156,0 0,-0.21094 q 0,-1.07031 -0.52343,-1.70312 -0.52344,-0.63281 -1.39844,-0.63281 -0.88281,0 -1.53125,0.64843 -0.64063,0.64063 -0.89844,1.89844 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23208" />
+      <path
+         d="m -296.38477,117.99817 0,-8.72656 1.45313,0 0,1.90625 q 0.67969,-1.07813 1.55469,-1.60938 0.88281,-0.53906 1.96093,-0.53906 0.78907,0 1.57813,0.24219 l 0,3.14843 -1.39844,0 0,-1.99218 q -0.36719,-0.0625 -0.57812,-0.0625 -0.8125,0 -1.59375,0.64062 -0.78125,0.64063 -1.52344,1.92188 l 0,5.07031 -1.45313,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23210" />
+      <path
+         d="m -276.5957,111.23254 q 0.67187,-1.09375 1.60156,-1.64843 0.92969,-0.55469 1.71094,-0.55469 1.09375,0 1.96875,0.94531 0.875,0.94531 0.875,2.86719 0,1.51562 -0.58594,2.71094 -0.57813,1.1875 -1.54688,1.88281 -0.96875,0.6875 -2.39843,0.6875 -0.40625,0 -1.25,-0.0859 -0.125,-0.0156 -0.375,-0.0391 l -1.45313,0 0,-12.60938 1.45313,0 0,5.84375 z m 0,1.72657 0,3.74218 q 0.78906,0.20313 1.45312,0.20313 1.32031,0 2.21875,-1.03125 0.90625,-1.03906 0.90625,-2.83594 0,-1.30469 -0.49219,-1.96094 -0.49218,-0.65625 -1.11718,-0.65625 -0.67969,0 -1.5,0.6875 -0.8125,0.6875 -1.46875,1.85157 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23212" />
+      <path
+         d="m -261.16602,109.27161 0,8.72656 -1.45312,0 0,-1.91406 q -0.70313,1.07812 -1.5625,1.61718 -0.85938,0.53907 -1.71875,0.53907 -0.76563,0 -1.40625,-0.40625 -0.63281,-0.41407 -0.88281,-1.07813 -0.25,-0.67187 -0.25,-2.60937 l 0,-4.875 1.45312,0 0,5.05468 q 0,1.25782 0.11719,1.66407 0.125,0.39843 0.44531,0.65625 0.32813,0.25781 0.70313,0.25781 0.76562,0 1.64062,-0.71875 0.88281,-0.72656 1.46094,-1.82813 l 0,-5.08593 1.45312,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23214" />
+      <path
+         d="m -256.27539,117.99817 0,-7.51563 -2.42188,0 0,-1.21093 3.875,0 0,7.51562 2.42969,0 0,1.21094 -3.88281,0 z m -0.24219,-11.875 q 0,-0.49219 0.33594,-0.73438 0.33594,-0.24218 0.63281,-0.24218 0.30469,0 0.64063,0.24218 0.33593,0.24219 0.33593,0.73438 0,0.48437 -0.33593,0.72656 -0.33594,0.24219 -0.64063,0.24219 -0.29687,0 -0.63281,-0.24219 -0.33594,-0.24219 -0.33594,-0.72656 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23216" />
+      <path
+         d="m -246.7832,117.99817 0,-11.39063 -2.60938,0 0,-1.21875 4.0625,0 0,11.39844 2.72656,0 0,1.21094 -4.17968,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23218" />
+      <path
+         d="m -233.67383,116.03723 q -0.66406,1.09375 -1.60156,1.64844 -0.92969,0.55469 -1.71094,0.55469 -1.09375,0 -1.96875,-0.94532 -0.86719,-0.94531 -0.86719,-2.86718 0,-1.51563 0.57813,-2.70313 0.57812,-1.19531 1.54687,-1.88281 0.96875,-0.69531 2.39844,-0.69531 0.41406,0 1.25,0.0859 0.125,0.0156 0.375,0.0391 l 0,-3.88282 1.46094,0 0,12.60938 -1.46094,0 0,-1.96094 z m 0,-1.72656 0,-3.74219 q -0.77344,-0.20312 -1.4375,-0.20312 -1.34375,0 -2.24219,1.03906 -0.89062,1.03906 -0.89062,2.82812 0,1.29688 0.48437,1.96094 0.49219,0.65625 1.11719,0.65625 0.67969,0 1.5,-0.6875 0.82031,-0.6875 1.46875,-1.85156 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23220" />
+    </g>
+    <rect
+       rx="5.5999999"
+       ry="7.1999998"
+       style="opacity:1;fill:#fcfcfc;fill-opacity:1;stroke:#dbdde0;stroke-width:1.87672079;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       id="rect18850"
+       width="144.36334"
+       height="24.38966"
+       x="88.070274"
+       y="78.304764" />
+    <g
+       transform="translate(455.19194,-22.17679)"
+       style="font-style:normal;font-weight:normal;font-size:32px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       id="flowRoot18852">
+      <path
+         d="m -339.36133,116.03723 q -0.66406,1.09375 -1.60156,1.64844 -0.92969,0.55469 -1.71094,0.55469 -1.09375,0 -1.96875,-0.94532 -0.86719,-0.94531 -0.86719,-2.86718 0,-1.51563 0.57813,-2.70313 0.57812,-1.19531 1.54687,-1.88281 0.96875,-0.69531 2.39844,-0.69531 0.41406,0 1.25,0.0859 0.125,0.0156 0.375,0.0391 l 0,-3.88282 1.46094,0 0,12.60938 -1.46094,0 0,-1.96094 z m 0,-1.72656 0,-3.74219 q -0.77344,-0.20312 -1.4375,-0.20312 -1.34375,0 -2.24219,1.03906 -0.89062,1.03906 -0.89062,2.82812 0,1.29688 0.48437,1.96094 0.49219,0.65625 1.11719,0.65625 0.67969,0 1.5,-0.6875 0.82031,-0.6875 1.46875,-1.85156 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23179" />
+      <path
+         d="m -332.00195,118.24036 q -1.875,0 -3,-1.30469 -1.125,-1.3125 -1.125,-3.30469 0,-1.99219 1.125,-3.29687 1.125,-1.30469 3,-1.30469 1.86718,0 2.99218,1.30469 1.125,1.30468 1.125,3.29687 0,1.99219 -1.125,3.30469 -1.125,1.30469 -2.99218,1.30469 z m 0,-1.21094 q 1.16406,0 1.85156,-0.90625 0.6875,-0.90625 0.6875,-2.49219 0,-1.57812 -0.6875,-2.48437 -0.6875,-0.90625 -1.85156,-0.90625 -1.17188,0 -1.85938,0.90625 -0.6875,0.90625 -0.6875,2.48437 0,1.58594 0.6875,2.49219 0.6875,0.90625 1.85938,0.90625 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23181" />
+      <path
+         d="m -318.62695,117.74817 q -1.46094,0.49219 -2.78125,0.49219 -1.3125,0 -2.33594,-0.60157 -1.01563,-0.60937 -1.58594,-1.64062 -0.57031,-1.03906 -0.57031,-2.35938 0,-1.98437 1.28906,-3.29687 1.29688,-1.3125 3.125,-1.3125 1.35156,0 2.85938,0.50781 l 0,1.39844 q -1.52344,-0.69531 -2.72657,-0.69531 -0.79687,0 -1.5,0.39843 -0.70312,0.39063 -1.08593,1.22657 -0.38282,0.83593 -0.38282,1.71875 0,1.17968 0.73438,2.25 0.74219,1.07031 2.32031,1.07031 0.47656,0 0.9375,-0.0625 0.46094,-0.0703 1.70313,-0.49219 l 0,1.39844 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23183" />
+      <path
+         d="m -315.95508,117.99817 0,-12.60938 1.45313,0 0,7.92188 4.19531,-4.03906 1.9375,0 -4.1875,4.03906 4.29687,4.6875 -2,0 -4.24218,-4.6875 0,4.6875 -1.45313,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23185" />
+      <path
+         d="m -299.46289,117.42004 q -1.74219,0.82813 -3.29688,0.82813 -1.17968,0 -2.10937,-0.58594 -0.92969,-0.58594 -1.49219,-1.67187 -0.55469,-1.09375 -0.55469,-2.33594 0,-1.19531 0.53125,-2.29688 0.53125,-1.10156 1.48438,-1.71093 0.95312,-0.61719 2.125,-0.61719 1.55469,0 2.49219,1.10937 0.94531,1.10938 0.94531,3.42188 l 0,0.3125 -6.01563,0 q 0,0.90625 0.375,1.65625 0.38282,0.75 1,1.125 0.61719,0.375 1.40625,0.375 1.40625,0 3.10938,-0.9375 l 0,1.32812 z m -5.80469,-4.63281 4.35156,0 0,-0.21094 q 0,-1.07031 -0.52343,-1.70312 -0.52344,-0.63281 -1.39844,-0.63281 -0.88281,0 -1.53125,0.64843 -0.64063,0.64063 -0.89844,1.89844 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23187" />
+      <path
+         d="m -296.38477,117.99817 0,-8.72656 1.45313,0 0,1.90625 q 0.67969,-1.07813 1.55469,-1.60938 0.88281,-0.53906 1.96093,-0.53906 0.78907,0 1.57813,0.24219 l 0,3.14843 -1.39844,0 0,-1.99218 q -0.36719,-0.0625 -0.57812,-0.0625 -0.8125,0 -1.59375,0.64062 -0.78125,0.64063 -1.52344,1.92188 l 0,5.07031 -1.45313,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23189" />
+      <path
+         d="m -276.5957,111.23254 q 0.67187,-1.09375 1.60156,-1.64843 0.92969,-0.55469 1.71094,-0.55469 1.09375,0 1.96875,0.94531 0.875,0.94531 0.875,2.86719 0,1.51562 -0.58594,2.71094 -0.57813,1.1875 -1.54688,1.88281 -0.96875,0.6875 -2.39843,0.6875 -0.40625,0 -1.25,-0.0859 -0.125,-0.0156 -0.375,-0.0391 l 0,3.39062 -1.45313,0 0,-12.11718 1.45313,0 0,1.96093 z m 0,1.72657 0,3.74218 q 0.78906,0.20313 1.45312,0.20313 1.32031,0 2.21875,-1.03125 0.90625,-1.03906 0.90625,-2.83594 0,-1.30469 -0.49219,-1.96094 -0.49218,-0.65625 -1.11718,-0.65625 -0.67969,0 -1.5,0.6875 -0.8125,0.6875 -1.46875,1.85157 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23191" />
+      <path
+         d="m -261.16602,109.27161 0,8.72656 -1.45312,0 0,-1.91406 q -0.70313,1.07812 -1.5625,1.61718 -0.85938,0.53907 -1.71875,0.53907 -0.76563,0 -1.40625,-0.40625 -0.63281,-0.41407 -0.88281,-1.07813 -0.25,-0.67187 -0.25,-2.60937 l 0,-4.875 1.45312,0 0,5.05468 q 0,1.25782 0.11719,1.66407 0.125,0.39843 0.44531,0.65625 0.32813,0.25781 0.70313,0.25781 0.76562,0 1.64062,-0.71875 0.88281,-0.72656 1.46094,-1.82813 l 0,-5.08593 1.45312,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23193" />
+      <path
+         d="m -256.37695,117.99817 0,-11.39063 -2.60938,0 0,-1.21875 4.0625,0 0,11.39844 2.72656,0 0,1.21094 -4.17968,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23195" />
+      <path
+         d="m -246.75195,117.99817 0,-11.39063 -2.60938,0 0,-1.21875 4.0625,0 0,11.39844 2.72656,0 0,1.21094 -4.17968,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23197" />
+    </g>
+    <rect
+       y="121.50484"
+       x="88.070274"
+       height="24.38966"
+       width="144.36334"
+       id="rect18860"
+       style="opacity:1;fill:#fcfcfc;fill-opacity:1;stroke:#dbdde0;stroke-width:1.87672079;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       ry="7.1999998"
+       rx="5.5999999" />
+    <g
+       transform="translate(455.19194,21.02328)"
+       style="font-style:normal;font-weight:normal;font-size:32px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       id="flowRoot18862">
+      <path
+         d="m -339.36133,116.03723 q -0.66406,1.09375 -1.60156,1.64844 -0.92969,0.55469 -1.71094,0.55469 -1.09375,0 -1.96875,-0.94532 -0.86719,-0.94531 -0.86719,-2.86718 0,-1.51563 0.57813,-2.70313 0.57812,-1.19531 1.54687,-1.88281 0.96875,-0.69531 2.39844,-0.69531 0.41406,0 1.25,0.0859 0.125,0.0156 0.375,0.0391 l 0,-3.88282 1.46094,0 0,12.60938 -1.46094,0 0,-1.96094 z m 0,-1.72656 0,-3.74219 q -0.77344,-0.20312 -1.4375,-0.20312 -1.34375,0 -2.24219,1.03906 -0.89062,1.03906 -0.89062,2.82812 0,1.29688 0.48437,1.96094 0.49219,0.65625 1.11719,0.65625 0.67969,0 1.5,-0.6875 0.82031,-0.6875 1.46875,-1.85156 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23160" />
+      <path
+         d="m -332.00195,118.24036 q -1.875,0 -3,-1.30469 -1.125,-1.3125 -1.125,-3.30469 0,-1.99219 1.125,-3.29687 1.125,-1.30469 3,-1.30469 1.86718,0 2.99218,1.30469 1.125,1.30468 1.125,3.29687 0,1.99219 -1.125,3.30469 -1.125,1.30469 -2.99218,1.30469 z m 0,-1.21094 q 1.16406,0 1.85156,-0.90625 0.6875,-0.90625 0.6875,-2.49219 0,-1.57812 -0.6875,-2.48437 -0.6875,-0.90625 -1.85156,-0.90625 -1.17188,0 -1.85938,0.90625 -0.6875,0.90625 -0.6875,2.48437 0,1.58594 0.6875,2.49219 0.6875,0.90625 1.85938,0.90625 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23162" />
+      <path
+         d="m -318.62695,117.74817 q -1.46094,0.49219 -2.78125,0.49219 -1.3125,0 -2.33594,-0.60157 -1.01563,-0.60937 -1.58594,-1.64062 -0.57031,-1.03906 -0.57031,-2.35938 0,-1.98437 1.28906,-3.29687 1.29688,-1.3125 3.125,-1.3125 1.35156,0 2.85938,0.50781 l 0,1.39844 q -1.52344,-0.69531 -2.72657,-0.69531 -0.79687,0 -1.5,0.39843 -0.70312,0.39063 -1.08593,1.22657 -0.38282,0.83593 -0.38282,1.71875 0,1.17968 0.73438,2.25 0.74219,1.07031 2.32031,1.07031 0.47656,0 0.9375,-0.0625 0.46094,-0.0703 1.70313,-0.49219 l 0,1.39844 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23164" />
+      <path
+         d="m -315.95508,117.99817 0,-12.60938 1.45313,0 0,7.92188 4.19531,-4.03906 1.9375,0 -4.1875,4.03906 4.29687,4.6875 -2,0 -4.24218,-4.6875 0,4.6875 -1.45313,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23166" />
+      <path
+         d="m -299.46289,117.42004 q -1.74219,0.82813 -3.29688,0.82813 -1.17968,0 -2.10937,-0.58594 -0.92969,-0.58594 -1.49219,-1.67187 -0.55469,-1.09375 -0.55469,-2.33594 0,-1.19531 0.53125,-2.29688 0.53125,-1.10156 1.48438,-1.71093 0.95312,-0.61719 2.125,-0.61719 1.55469,0 2.49219,1.10937 0.94531,1.10938 0.94531,3.42188 l 0,0.3125 -6.01563,0 q 0,0.90625 0.375,1.65625 0.38282,0.75 1,1.125 0.61719,0.375 1.40625,0.375 1.40625,0 3.10938,-0.9375 l 0,1.32812 z m -5.80469,-4.63281 4.35156,0 0,-0.21094 q 0,-1.07031 -0.52343,-1.70312 -0.52344,-0.63281 -1.39844,-0.63281 -0.88281,0 -1.53125,0.64843 -0.64063,0.64063 -0.89844,1.89844 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23168" />
+      <path
+         d="m -296.38477,117.99817 0,-8.72656 1.45313,0 0,1.90625 q 0.67969,-1.07813 1.55469,-1.60938 0.88281,-0.53906 1.96093,-0.53906 0.78907,0 1.57813,0.24219 l 0,3.14843 -1.39844,0 0,-1.99218 q -0.36719,-0.0625 -0.57812,-0.0625 -0.8125,0 -1.59375,0.64062 -0.78125,0.64063 -1.52344,1.92188 l 0,5.07031 -1.45313,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23170" />
+      <path
+         d="m -277.19727,117.99817 0,-8.72656 1.45313,0 0,1.90625 q 0.67969,-1.07813 1.55469,-1.60938 0.88281,-0.53906 1.96093,-0.53906 0.78907,0 1.57813,0.24219 l 0,3.14843 -1.39844,0 0,-1.99218 q -0.36719,-0.0625 -0.57812,-0.0625 -0.8125,0 -1.59375,0.64062 -0.78125,0.64063 -1.52344,1.92188 l 0,5.07031 -1.45313,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23172" />
+      <path
+         d="m -261.16602,109.27161 0,8.72656 -1.45312,0 0,-1.91406 q -0.70313,1.07812 -1.5625,1.61718 -0.85938,0.53907 -1.71875,0.53907 -0.76563,0 -1.40625,-0.40625 -0.63281,-0.41407 -0.88281,-1.07813 -0.25,-0.67187 -0.25,-2.60937 l 0,-4.875 1.45312,0 0,5.05468 q 0,1.25782 0.11719,1.66407 0.125,0.39843 0.44531,0.65625 0.32813,0.25781 0.70313,0.25781 0.76562,0 1.64062,-0.71875 0.88281,-0.72656 1.46094,-1.82813 l 0,-5.08593 1.45312,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23174" />
+      <path
+         d="m -258.7207,117.99817 0,-8.72656 1.45312,0 0,1.90625 q 0.625,-1.00782 1.50781,-1.57813 0.88282,-0.57031 1.76563,-0.57031 0.77344,0 1.40625,0.41406 0.63281,0.40625 0.88281,1.07031 0.25781,0.66407 0.25781,2.60938 l 0,4.875 -1.45312,0 0,-5.05469 q 0,-1.25781 -0.125,-1.65625 -0.11719,-0.40625 -0.44531,-0.66406 -0.32032,-0.25781 -0.70313,-0.25781 -0.76562,0 -1.64844,0.72656 -0.875,0.72656 -1.44531,1.82031 l 0,5.08594 -1.45312,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path23176" />
+    </g>
+    <rect
+       ry="0"
+       rx="0"
+       y="7.6822381"
+       x="633.65228"
+       height="164.83829"
+       width="194.87442"
+       id="rect18168"
+       style="display:inline;opacity:1;fill:#ade5f9;fill-opacity:1;stroke:#005976;stroke-width:1.66371417;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+    <rect
+       rx="6.3192477"
+       ry="5.653213"
+       y="-3.9788516"
+       x="633.75879"
+       height="21.862267"
+       width="70.263504"
+       id="rect18170"
+       style="opacity:1;fill:#fcfcfc;fill-opacity:1;stroke:#005976;stroke-width:1.87672079;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+    <g
+       transform="matrix(1,0,0,0.89460229,1055.5338,-181.75098)"
+       style="font-style:normal;font-weight:normal;font-size:32px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       id="flowRoot18172">
+      <path
+         d="m -413.15239,205.13537 0,11.424 1.52,0 0,-4.88 3.712,0 q 0.56,0 0.896,0.176 0.336,0.16 0.544,0.448 0.208,0.272 0.304,0.656 0.096,0.368 0.16,0.784 0.08,0.416 0.096,0.848 0.016,0.432 0.032,0.816 0.016,0.368 0.064,0.672 0.064,0.304 0.224,0.48 l 1.696,0 q -0.24,-0.288 -0.368,-0.656 -0.112,-0.384 -0.176,-0.8 -0.064,-0.416 -0.08,-0.848 -0.016,-0.432 -0.048,-0.848 -0.048,-0.416 -0.144,-0.8 -0.08,-0.384 -0.272,-0.688 -0.176,-0.32 -0.496,-0.544 -0.304,-0.224 -0.8,-0.32 l 0,-0.032 q 1.04,-0.288 1.504,-1.072 0.48,-0.784 0.48,-1.824 0,-1.392 -0.928,-2.192 -0.912,-0.8 -2.544,-0.8 l -5.376,0 z m 4.688,5.264 -3.168,0 0,-3.984 3.776,0 q 1.072,0 1.552,0.544 0.48,0.544 0.48,1.408 0,0.624 -0.224,1.024 -0.208,0.384 -0.576,0.624 -0.352,0.224 -0.832,0.304 -0.48,0.08 -1.008,0.08 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23109" />
+      <path
+         d="m -396.66364,211.63137 -4.752,0 q 0.032,-0.48 0.208,-0.896 0.176,-0.432 0.48,-0.752 0.304,-0.32 0.72,-0.496 0.432,-0.192 0.96,-0.192 0.512,0 0.928,0.192 0.432,0.176 0.736,0.496 0.32,0.304 0.496,0.736 0.192,0.432 0.224,0.912 z m 1.312,2.304 -1.344,0 q -0.176,0.816 -0.736,1.216 -0.544,0.4 -1.408,0.4 -0.672,0 -1.168,-0.224 -0.496,-0.224 -0.816,-0.592 -0.32,-0.384 -0.464,-0.864 -0.144,-0.496 -0.128,-1.04 l 6.192,0 q 0.032,-0.752 -0.144,-1.584 -0.16,-0.832 -0.608,-1.536 -0.432,-0.704 -1.168,-1.152 -0.72,-0.464 -1.824,-0.464 -0.848,0 -1.568,0.32 -0.704,0.32 -1.232,0.896 -0.512,0.576 -0.8,1.36 -0.288,0.784 -0.288,1.728 0.032,0.944 0.272,1.744 0.256,0.8 0.752,1.376 0.496,0.576 1.216,0.896 0.736,0.32 1.728,0.32 1.408,0 2.336,-0.704 0.928,-0.704 1.2,-2.096 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23111" />
+      <path
+         d="m -386.67789,215.85537 0,-7.568 -1.28,0 0,1.184 -0.016,0 q -0.368,-0.688 -1.024,-1.024 -0.656,-0.352 -1.44,-0.352 -1.072,0 -1.808,0.416 -0.736,0.4 -1.184,1.04 -0.448,0.624 -0.64,1.408 -0.192,0.768 -0.192,1.504 0,0.848 0.224,1.616 0.24,0.752 0.704,1.328 0.464,0.56 1.152,0.896 0.688,0.336 1.616,0.336 0.8,0 1.504,-0.352 0.72,-0.368 1.072,-1.136 l 0.032,0 0,0.544 q 0,0.688 -0.144,1.264 -0.128,0.576 -0.432,0.976 -0.304,0.416 -0.768,0.64 -0.464,0.24 -1.136,0.24 -0.336,0 -0.704,-0.08 -0.368,-0.064 -0.688,-0.224 -0.304,-0.16 -0.528,-0.416 -0.208,-0.256 -0.224,-0.624 l -1.36,0 q 0.032,0.672 0.352,1.136 0.32,0.464 0.8,0.752 0.496,0.288 1.088,0.416 0.608,0.128 1.184,0.128 1.984,0 2.912,-1.008 0.928,-1.008 0.928,-3.04 z m -3.808,-0.4 q -0.672,0 -1.12,-0.272 -0.448,-0.288 -0.72,-0.736 -0.272,-0.464 -0.384,-1.024 -0.112,-0.56 -0.112,-1.12 0,-0.592 0.128,-1.136 0.144,-0.544 0.432,-0.96 0.304,-0.416 0.768,-0.656 0.464,-0.256 1.12,-0.256 0.64,0 1.088,0.256 0.448,0.256 0.72,0.688 0.288,0.416 0.416,0.944 0.128,0.528 0.128,1.072 0,0.576 -0.144,1.152 -0.128,0.576 -0.416,1.04 -0.288,0.448 -0.768,0.736 -0.464,0.272 -1.136,0.272 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23113" />
+      <path
+         d="m -383.21764,206.79937 0,-1.664 -1.36,0 0,1.664 1.36,0 z m -1.36,1.488 0,8.272 1.36,0 0,-8.272 -1.36,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23115" />
+      <path
+         d="m -380.26314,213.95137 -1.36,0 q 0.032,0.768 0.32,1.312 0.288,0.528 0.768,0.864 0.48,0.32 1.104,0.464 0.624,0.144 1.312,0.144 0.624,0 1.248,-0.128 0.64,-0.112 1.136,-0.416 0.512,-0.304 0.816,-0.8 0.32,-0.496 0.32,-1.248 0,-0.592 -0.24,-0.992 -0.224,-0.4 -0.608,-0.656 -0.368,-0.272 -0.864,-0.432 -0.48,-0.16 -0.992,-0.272 -0.48,-0.112 -0.96,-0.208 -0.48,-0.112 -0.864,-0.256 -0.384,-0.16 -0.64,-0.384 -0.24,-0.24 -0.24,-0.592 0,-0.32 0.16,-0.512 0.16,-0.208 0.416,-0.32 0.256,-0.128 0.56,-0.176 0.32,-0.048 0.624,-0.048 0.336,0 0.656,0.08 0.336,0.064 0.608,0.224 0.272,0.16 0.448,0.432 0.176,0.256 0.208,0.656 l 1.36,0 q -0.048,-0.752 -0.32,-1.248 -0.272,-0.512 -0.736,-0.8 -0.448,-0.304 -1.04,-0.416 -0.592,-0.128 -1.296,-0.128 -0.544,0 -1.104,0.144 -0.544,0.128 -0.992,0.416 -0.432,0.272 -0.72,0.72 -0.272,0.448 -0.272,1.072 0,0.8 0.4,1.248 0.4,0.448 0.992,0.704 0.608,0.24 1.312,0.384 0.704,0.128 1.296,0.304 0.608,0.16 1.008,0.432 0.4,0.272 0.4,0.8 0,0.384 -0.192,0.64 -0.192,0.24 -0.496,0.368 -0.288,0.128 -0.64,0.176 -0.352,0.048 -0.672,0.048 -0.416,0 -0.816,-0.08 -0.384,-0.08 -0.704,-0.256 -0.304,-0.192 -0.496,-0.496 -0.192,-0.32 -0.208,-0.768 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23117" />
+      <path
+         d="m -371.23839,208.28737 0,-2.48 -1.36,0 0,2.48 -1.408,0 0,1.2 1.408,0 0,5.264 q 0,0.576 0.112,0.928 0.112,0.352 0.336,0.544 0.24,0.192 0.608,0.272 0.384,0.064 0.912,0.064 l 1.04,0 0,-1.2 -0.624,0 q -0.32,0 -0.528,-0.016 -0.192,-0.032 -0.304,-0.112 -0.112,-0.08 -0.16,-0.224 -0.032,-0.144 -0.032,-0.384 l 0,-5.136 1.648,0 0,-1.2 -1.648,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23119" />
+      <path
+         d="m -368.11189,208.28737 0,8.272 1.36,0 0,-3.68 q 0,-0.8 0.16,-1.408 0.16,-0.624 0.512,-1.056 0.352,-0.432 0.928,-0.656 0.576,-0.224 1.392,-0.224 l 0,-1.44 q -1.104,-0.032 -1.824,0.448 -0.72,0.48 -1.216,1.488 l -0.032,0 0,-1.744 -1.28,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23121" />
+      <path
+         d="m -359.47214,217.66337 q -0.24,0.608 -0.48,1.024 -0.224,0.416 -0.512,0.672 -0.272,0.272 -0.624,0.384 -0.336,0.128 -0.784,0.128 -0.24,0 -0.48,-0.032 -0.24,-0.032 -0.464,-0.112 l 0,-1.248 q 0.176,0.08 0.4,0.128 0.24,0.064 0.4,0.064 0.416,0 0.688,-0.208 0.288,-0.192 0.432,-0.56 l 0.56,-1.392 -3.28,-8.224 1.536,0 2.416,6.768 0.032,0 2.32,-6.768 1.44,0 -3.6,9.376 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path23123" />
+    </g>
+    <rect
+       style="clip-rule:evenodd;display:none;fill:#e7e7e7;fill-rule:evenodd"
+       x="741.56049"
+       y="-22.457298"
+       display="none"
+       width="135.72552"
+       height="104.87882"
+       id="rect16721" />
+    <g
+       transform="matrix(0.17137062,0,0,0.17137062,732.99198,-36.789366)"
+       id="g16723">
+      <path
+         style="clip-rule:evenodd;fill:#394d54;fill-rule:evenodd"
+         inkscape:connector-curvature="0"
+         id="outline_7_"
+         d="m 363.387,173.391 42.695,0 0,43.646 21.588,0 c 9.969,0 20.223,-1.776 29.664,-4.976 4.639,-1.572 9.846,-3.762 14.422,-6.515 -6.027,-7.869 -9.104,-17.805 -10.01,-27.599 -1.23,-13.321 1.457,-30.66 10.473,-41.086 l 4.488,-5.191 5.348,4.299 c 13.465,10.818 24.789,25.935 26.785,43.166 16.213,-4.769 35.248,-3.641 49.539,4.607 l 5.863,3.383 -3.086,6.023 c -12.086,23.588 -37.354,30.895 -62.057,29.602 -36.965,92.068 -117.441,135.656 -215.02,135.656 -50.412,0 -96.664,-18.846 -123.002,-63.572 l -0.432,-0.73 -3.838,-7.807 c -8.902,-19.688 -11.859,-41.256 -9.854,-62.806 l 0.602,-6.455 36.51,0 0,-43.646 42.693,0 0,-42.695 85.393,0 0,-42.695 51.234,0 0,85.391 z" />
+      <g
+         id="body_colors_8_">
+        <path
+           style="fill:#00aada"
+           inkscape:connector-curvature="0"
+           d="m 501.713,189.537 c 2.863,-22.248 -13.787,-39.725 -24.113,-48.021 -11.898,13.758 -13.748,49.812 4.92,64.992 -10.418,9.254 -32.371,17.643 -54.85,17.643 l -273.627,0 c -2.186,23.465 1.934,45.072 11.342,63.568 l 3.113,5.693 c 1.971,3.345 4.124,6.573 6.451,9.681 10e-4,0 10e-4,0 10e-4,0 11.249,0.723 21.621,0.973 31.109,0.763 0.001,0 0.003,0 0.005,0 18.647,-0.413 33.862,-2.613 45.395,-6.609 1.717,-0.597 3.588,0.313 4.182,2.029 0.594,1.715 -0.314,3.587 -2.029,4.182 -1.533,0.531 -3.133,1.028 -4.783,1.5 -0.002,10e-4 -0.004,10e-4 -0.006,0.002 -9.08,2.592 -18.816,4.337 -31.379,5.112 0.744,0.012 -0.777,0.111 -0.781,0.112 -0.427,0.026 -0.965,0.087 -1.395,0.111 -4.943,0.277 -10.28,0.335 -15.736,0.335 -5.967,0 -11.845,-0.113 -18.414,-0.446 l -0.168,0.111 c 22.799,25.625 58.447,40.994 103.131,40.994 94.57,0 174.785,-41.922 210.305,-136.039 25.201,2.586 49.42,-3.84 60.438,-25.346 -17.551,-10.127 -40.117,-6.898 -53.111,-0.367 z"
+           id="path16728" />
+        <path
+           style="fill:#24b8eb"
+           inkscape:connector-curvature="0"
+           d="m 501.713,189.537 c 2.863,-22.248 -13.787,-39.725 -24.113,-48.021 -11.898,13.758 -13.748,49.812 4.92,64.992 -10.418,9.254 -32.371,17.643 -54.85,17.643 l -257.424,0 c -1.117,35.936 12.219,63.214 35.813,79.705 0.001,0 0.003,0 0.005,0 18.647,-0.413 33.862,-2.613 45.395,-6.609 1.717,-0.597 3.588,0.313 4.182,2.029 0.594,1.715 -0.314,3.587 -2.029,4.182 -1.533,0.531 -3.133,1.028 -4.783,1.5 -0.002,10e-4 -0.004,10e-4 -0.006,0.002 -9.08,2.592 -19.653,4.561 -32.216,5.336 -0.004,0 -0.305,-0.291 -0.309,-0.29 32.185,16.509 78.853,16.45 132.356,-4.103 59.994,-23.047 115.818,-66.957 154.771,-117.18 -0.587,0.265 -1.159,0.537 -1.712,0.814 z"
+           id="path16730" />
+        <path
+           style="fill:#008bb8"
+           inkscape:connector-curvature="0"
+           d="m 154.555,252.66 c 1.701,12.568 5.377,24.338 10.83,35.059 l 3.113,5.693 c 1.971,3.345 4.124,6.573 6.452,9.681 11.251,0.723 21.624,0.973 31.114,0.763 18.647,-0.413 33.862,-2.613 45.395,-6.609 1.717,-0.597 3.588,0.313 4.182,2.029 0.594,1.715 -0.314,3.587 -2.029,4.182 -1.533,0.531 -3.133,1.028 -4.783,1.5 -0.002,10e-4 -0.004,10e-4 -0.006,0.002 -9.08,2.592 -19.598,4.449 -32.16,5.225 -0.431,0.026 -1.184,0.031 -1.618,0.056 -4.942,0.277 -10.224,0.446 -15.681,0.446 -5.966,0 -12.067,-0.113 -18.637,-0.446 22.799,25.625 58.67,41.05 103.354,41.05 80.961,0 151.398,-30.73 192.281,-98.629 l -321.807,0 z"
+           id="path16732" />
+        <path
+           style="fill:#039bc6"
+           inkscape:connector-curvature="0"
+           d="m 172.709,252.66 c 4.84,22.069 16.471,39.395 33.355,51.195 18.647,-0.413 33.862,-2.613 45.395,-6.609 1.717,-0.597 3.588,0.313 4.182,2.029 0.594,1.715 -0.314,3.587 -2.029,4.182 -1.533,0.531 -3.133,1.028 -4.783,1.5 -0.002,0.001 -0.004,0.001 -0.006,0.002 -9.08,2.592 -19.82,4.449 -32.383,5.225 32.182,16.507 78.715,16.27 132.215,-4.281 32.365,-12.436 63.516,-30.947 91.463,-53.242 l -267.409,0 z"
+           id="path16734" />
+      </g>
+      <g
+         style="display:none"
+         display="none"
+         id="g16736">
+        <path
+           style="display:inline;fill:#394d54"
+           inkscape:connector-curvature="0"
+           display="inline"
+           d="m 199.434,310.508 c 5.455,0 10.652,-0.142 15.594,-0.419 0.432,-0.024 0.844,-0.058 1.271,-0.084 0.004,-10e-4 0.007,-10e-4 0.011,-10e-4 12.562,-0.775 23.434,-2.453 32.514,-5.045 0.002,-10e-4 0.004,-10e-4 0.006,-0.002 1.65,-0.472 3.25,-0.969 4.783,-1.5 1.715,-0.595 2.623,-2.467 2.029,-4.182 -0.594,-1.716 -2.465,-2.626 -4.182,-2.029 -11.532,3.996 -26.747,6.196 -45.395,6.609 -0.002,0 -0.004,0 -0.005,0 -9.488,0.21 -19.86,-0.04 -31.109,-0.763 0,0 0,0 -0.001,0 -0.575,-0.036 -1.141,-0.069 -1.721,-0.108 -1.807,-0.115 -3.379,1.245 -3.504,3.057 -0.123,1.811 1.246,3.379 3.057,3.502 2.297,0.156 4.555,0.291 6.783,0.41 0.354,0.019 0.697,0.031 1.049,0.049 l 0,0 c 6.57,0.333 12.853,0.506 18.82,0.506 z"
+           id="path16738" />
+      </g>
+      <g
+         id="Containers_8_">
+        <path
+           style="clip-rule:evenodd;fill:#00acd3;fill-rule:evenodd"
+           inkscape:connector-curvature="0"
+           d="m 222.18,183.59 2.922,0 0,30.838 -2.922,0 0,-30.838 z m -5.606,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.607,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.608,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.605,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.49,0 2.92,0 0,30.838 -2.92,0 0,-30.838 z m -3.082,-3.084 37.002,0 0,37.004 -37.002,0 0,-37.004 z"
+           id="path16741" />
+        <path
+           style="clip-rule:evenodd;fill:#00acd3;fill-rule:evenodd"
+           inkscape:connector-curvature="0"
+           d="m 264.875,140.895 2.924,0 0,30.836 -2.924,0 0,-30.836 z m -5.605,0 3.037,0 0,30.836 -3.037,0 0,-30.836 z m -5.608,0 3.037,0 0,30.836 -3.037,0 0,-30.836 z m -5.607,0 3.037,0 0,30.836 -3.037,0 0,-30.836 z m -5.604,0 3.035,0 0,30.836 -3.035,0 0,-30.836 z m -5.49,0 2.918,0 0,30.836 -2.918,0 0,-30.836 z m -3.086,-3.084 37.006,0 0,37.003 -37.006,0 0,-37.003 z"
+           id="path16743" />
+        <path
+           style="clip-rule:evenodd;fill:#20c2ef;fill-rule:evenodd"
+           inkscape:connector-curvature="0"
+           d="m 264.875,183.59 2.924,0 0,30.838 -2.924,0 0,-30.838 z m -5.605,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.608,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.607,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.604,0 3.035,0 0,30.838 -3.035,0 0,-30.838 z m -5.49,0 2.918,0 0,30.838 -2.918,0 0,-30.838 z m -3.086,-3.084 37.006,0 0,37.004 -37.006,0 0,-37.004 z"
+           id="path16745" />
+        <path
+           style="clip-rule:evenodd;fill:#00acd3;fill-rule:evenodd"
+           inkscape:connector-curvature="0"
+           d="m 307.572,183.59 2.92,0 0,30.838 -2.92,0 0,-30.838 z m -5.607,0 3.039,0 0,30.838 -3.039,0 0,-30.838 z m -5.606,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.607,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.607,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.489,0 2.918,0 0,30.838 -2.918,0 0,-30.838 z m -3.084,-3.084 37.004,0 0,37.004 -37.004,0 0,-37.004 z"
+           id="path16747" />
+        <path
+           style="clip-rule:evenodd;fill:#20c2ef;fill-rule:evenodd"
+           inkscape:connector-curvature="0"
+           d="m 307.572,140.895 2.92,0 0,30.836 -2.92,0 0,-30.836 z m -5.607,0 3.039,0 0,30.836 -3.039,0 0,-30.836 z m -5.606,0 3.037,0 0,30.836 -3.037,0 0,-30.836 z m -5.607,0 3.037,0 0,30.836 -3.037,0 0,-30.836 z m -5.607,0 3.037,0 0,30.836 -3.037,0 0,-30.836 z m -5.489,0 2.918,0 0,30.836 -2.918,0 0,-30.836 z m -3.084,-3.084 37.004,0 0,37.003 -37.004,0 0,-37.003 z"
+           id="path16749" />
+        <path
+           style="clip-rule:evenodd;fill:#20c2ef;fill-rule:evenodd"
+           inkscape:connector-curvature="0"
+           d="m 350.268,183.59 2.922,0 0,30.838 -2.922,0 0,-30.838 z m -5.606,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.607,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.608,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.605,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.49,0 2.92,0 0,30.838 -2.92,0 0,-30.838 z m -3.084,-3.084 37.004,0 0,37.004 -37.004,0 0,-37.004 z"
+           id="path16751" />
+        <path
+           style="clip-rule:evenodd;fill:#00acd3;fill-rule:evenodd"
+           inkscape:connector-curvature="0"
+           d="m 350.268,140.895 2.922,0 0,30.836 -2.922,0 0,-30.836 z m -5.606,0 3.037,0 0,30.836 -3.037,0 0,-30.836 z m -5.607,0 3.037,0 0,30.836 -3.037,0 0,-30.836 z m -5.608,0 3.037,0 0,30.836 -3.037,0 0,-30.836 z m -5.605,0 3.037,0 0,30.836 -3.037,0 0,-30.836 z m -5.49,0 2.92,0 0,30.836 -2.92,0 0,-30.836 z m -3.084,-3.084 37.004,0 0,37.003 -37.004,0 0,-37.003 z"
+           id="path16753" />
+        <path
+           style="clip-rule:evenodd;fill:#20c2ef;fill-rule:evenodd"
+           inkscape:connector-curvature="0"
+           d="m 350.268,98.197 2.922,0 0,30.838 -2.922,0 0,-30.838 z m -5.606,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.607,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.608,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.605,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.49,0 2.92,0 0,30.838 -2.92,0 0,-30.838 z m -3.084,-3.082 37.004,0 0,37.004 -37.004,0 0,-37.004 z"
+           id="path16755" />
+        <path
+           style="clip-rule:evenodd;fill:#00acd3;fill-rule:evenodd"
+           inkscape:connector-curvature="0"
+           d="m 392.963,183.59 2.92,0 0,30.838 -2.92,0 0,-30.838 z m -5.606,0 3.035,0 0,30.838 -3.035,0 0,-30.838 z m -5.609,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.605,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.608,0 3.037,0 0,30.838 -3.037,0 0,-30.838 z m -5.49,0 2.922,0 0,30.838 -2.922,0 0,-30.838 z m -3.082,-3.084 37.004,0 0,37.004 -37.004,0 0,-37.004 z"
+           id="path16757" />
+      </g>
+      <path
+         style="clip-rule:evenodd;fill:#d4edf1;fill-rule:evenodd"
+         inkscape:connector-curvature="0"
+         d="m 268.564,277.504 c 5.637,0 10.207,4.572 10.207,10.209 0,5.637 -4.57,10.207 -10.207,10.207 -5.639,0 -10.209,-4.57 -10.209,-10.207 0,-5.637 4.571,-10.209 10.209,-10.209"
+         id="path16759" />
+      <path
+         style="clip-rule:evenodd;fill:#394d54;fill-rule:evenodd"
+         inkscape:connector-curvature="0"
+         d="m 268.564,280.4 c 0.934,0 1.824,0.176 2.646,0.494 -0.891,0.516 -1.494,1.48 -1.494,2.584 0,1.648 1.336,2.982 2.984,2.982 1.129,0 2.109,-0.627 2.617,-1.553 0.357,0.863 0.557,1.811 0.557,2.805 0,4.037 -3.273,7.311 -7.311,7.311 -4.038,0 -7.312,-3.273 -7.312,-7.311 0.001,-4.038 3.276,-7.312 7.313,-7.312"
+         id="path16761" />
+      <path
+         style="clip-rule:evenodd;fill:#394d54;fill-rule:evenodd"
+         inkscape:connector-curvature="0"
+         d="m 88,256.35 223.613,0 27.656,0 223.607,0 c -10.34,-2.623 -32.715,-6.166 -29.025,-19.717 -18.801,21.756 -64.143,15.264 -75.586,4.535 -12.742,18.482 -86.926,11.457 -92.1,-2.941 -15.975,18.748 -65.477,18.748 -81.453,0 -5.176,14.398 -79.357,21.424 -92.102,2.941 -11.443,10.729 -56.781,17.221 -75.584,-4.535 3.691,13.551 -18.684,17.094 -29.026,19.717"
+         id="path16763" />
+      <path
+         style="fill:#bfdbe0"
+         inkscape:connector-curvature="0"
+         d="m 295.701,351.068 c -25.281,-11.997 -39.158,-28.306 -46.879,-46.109 -9.391,2.681 -20.68,4.394 -33.795,5.13 -4.941,0.277 -10.139,0.419 -15.594,0.419 -6.287,0 -12.914,-0.186 -19.869,-0.555 23.184,23.17 51.705,41.01 104.516,41.336 3.899,0 7.77,-0.076 11.621,-0.221 z"
+         id="path16765" />
+      <path
+         style="fill:#d4edf1"
+         inkscape:connector-curvature="0"
+         d="m 258.213,321.387 c -3.498,-4.748 -6.891,-10.715 -9.385,-16.43 -9.393,2.682 -20.684,4.396 -33.801,5.132 9.01,4.891 21.897,9.423 43.186,11.298 z"
+         id="path16767" />
+    </g>
+    <g
+       id="g24079">
+      <circle
+         style="fill:#dd4814"
+         cx="691.34717"
+         cy="65.498489"
+         r="25.6"
+         id="circle17337-7" />
+      <path
+         style="fill:#ffffff"
+         inkscape:connector-curvature="0"
+         d="m 675.37995,62.421839 c -1.70053,0 -3.07212,1.376117 -3.07212,3.076648 0,1.694495 1.37159,3.073629 3.07212,3.073629 1.70204,0 3.07665,-1.379134 3.07665,-3.073629 0,-1.700531 -1.37461,-3.076648 -3.07665,-3.076648 z M 697.342,76.403308 c -1.47269,0.843475 -1.97365,2.726583 -1.12715,4.193234 0.84951,1.474195 2.7296,1.97515 4.20078,1.128657 1.47117,-0.848002 1.97665,-2.7296 1.12714,-4.199269 -0.84951,-1.471178 -2.73111,-1.975151 -4.20077,-1.122622 z M 682.06438,65.498487 c 0,-3.041943 1.50588,-5.729294 3.81601,-7.352871 l -2.24524,-3.769232 c -2.69188,1.7971 -4.6957,4.547825 -5.52861,7.767818 0.97475,0.792172 1.59189,1.997783 1.59189,3.354285 0,1.347447 -0.61564,2.55155 -1.59189,3.348249 0.83291,3.218484 2.83673,5.9677 5.52861,7.7648 l 2.24524,-3.766214 c -2.31013,-1.623577 -3.81601,-4.30791 -3.81601,-7.346835 z m 8.98098,-8.988519 c 4.69569,0 8.5449,3.598727 8.94928,8.193328 l 4.38336,-0.07092 c -0.21728,-3.385972 -1.69601,-6.427915 -3.96992,-8.664105 -1.17091,0.43909 -2.52288,0.377225 -3.68926,-0.300271 -1.16638,-0.674478 -1.90121,-1.809171 -2.10341,-3.047978 -1.13771,-0.312343 -2.33427,-0.485866 -3.57005,-0.485866 -2.12454,0 -4.1359,0.500955 -5.91791,1.38517 l 2.13509,3.82808 c 1.14978,-0.537168 2.43386,-0.83744 3.78282,-0.83744 z m 0,17.967983 c -1.35047,0 -2.63304,-0.297253 -3.78282,-0.834421 l -2.13509,3.828079 c 1.78201,0.887234 3.79337,1.382153 5.91791,1.382153 1.23578,0 2.43234,-0.167488 3.57005,-0.482848 0.2022,-1.237298 0.93552,-2.371991 2.10341,-3.049487 1.1694,-0.674479 2.51835,-0.739361 3.68926,-0.294236 2.27391,-2.239208 3.75264,-5.28115 3.96992,-8.67014 l -4.38336,-0.06186 c -0.40438,4.587056 -4.25359,8.182765 -8.94928,8.182765 z M 697.342,54.592156 c 1.46966,0.846493 3.35126,0.345538 4.19776,-1.128657 0.84951,-1.465142 0.34553,-3.34825 -1.12413,-4.196251 -1.47269,-0.848002 -3.35127,-0.345539 -4.20078,1.125639 -0.8465,1.469669 -0.34554,3.349758 1.12715,4.199269 z"
+         id="path17339-0" />
+    </g>
+    <g
+       id="layer2"
+       inkscape:label="Typography"
+       style="display:none"
+       transform="matrix(0.44483039,0,0,0.44483039,740.13512,120.73191)">
+      <g
+         id="g3910">
+        <path
+           inkscape:connector-curvature="0"
+           id="path3872"
+           d="m 3.7946429,10.710395 156.7857171,0"
+           style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" />
+        <path
+           inkscape:connector-curvature="0"
+           id="path3872-6"
+           d="m 3.6552959,35.734302 156.7857141,0"
+           style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" />
+        <path
+           inkscape:connector-curvature="0"
+           id="path3872-6-8"
+           d="m -10.35714,23.222461 156.78571,0"
+           style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" />
+      </g>
+    </g>
+    <g
+       inkscape:label="Layer 1"
+       id="layer1"
+       transform="matrix(0.44483039,0,0,0.44483039,740.13512,120.73191)">
+      <path
+         style="fill:none;stroke:#009900;stroke-width:5;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 14.047838,32.727592 0,-19.064695 19.062499,19.064695 0,-19.064695"
+         id="path2996"
+         inkscape:connector-curvature="0"
+         sodipodi:nodetypes="cccc" />
+      <path
+         style="color:#000000;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:medium;line-height:normal;font-family:Sans;-inkscape-font-specification:Sans;text-indent:0;text-align:start;text-decoration:none;text-decoration-line:none;letter-spacing:normal;word-spacing:normal;text-transform:none;direction:ltr;block-progression:tb;writing-mode:lr-tb;baseline-shift:baseline;text-anchor:start;display:inline;overflow:visible;visibility:visible;fill:#009900;fill-opacity:1;stroke:none;stroke-width:5;marker:none;enable-background:accumulate"
+         d="M 44.6875,11.1875 44,12.46875 38.6875,22.125 38,23.34375 38.6875,24.5625 44,33.90625 l 0.71875,1.28125 1.46875,0 10.875,0 1.5625,0 0.6875,-1.40625 3.96875,-8 1.78125,-3.625 -4.03125,0 L 50.875,22.1875 c -1.320782,-0.01868 -2.535605,1.179086 -2.535605,2.5 0,1.320914 1.214823,2.518679 2.535605,2.5 L 57,27.15625 l -1.5,3.03125 -7.875,0 -3.90625,-6.875 3.9375,-7.125 8.377221,0 1.953125,4.007812 5.03125,0 -3.171875,-7.601562 -0.6875,-1.40625 -1.5625,0 -11.408471,0 z"
+         id="path2996-0"
+         inkscape:connector-curvature="0"
+         sodipodi:nodetypes="cccccccccccccccscccccccccccccc" />
+      <path
+         style="color:#000000;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:medium;line-height:normal;font-family:Sans;-inkscape-font-specification:Sans;text-indent:0;text-align:start;text-decoration:none;text-decoration-line:none;letter-spacing:normal;word-spacing:normal;text-transform:none;direction:ltr;block-progression:tb;writing-mode:lr-tb;baseline-shift:baseline;text-anchor:start;display:inline;overflow:visible;visibility:visible;fill:#009900;fill-opacity:1;stroke:none;stroke-width:5;marker:none;enable-background:accumulate"
+         d="m 70.013782,11.15625 c -1.308989,0.01639 -2.485084,1.222261 -2.46875,2.53125 l 0,6.514509 5,0 0,-6.514509 c 0.01659,-1.329821 -1.201429,-2.547843 -2.53125,-2.53125 z"
+         id="path2996-0-5"
+         inkscape:connector-curvature="0"
+         sodipodi:nodetypes="cccccc" />
+      <use
+         x="0"
+         y="0"
+         xlink:href="#path2996"
+         id="use3820"
+         transform="matrix(-1,0,0,1,111.13905,0.04841623)"
+         width="744.09448"
+         height="1052.3622" />
+      <g
+         id="g3920"
+         transform="translate(0.10586251,0.33010228)">
+        <path
+           sodipodi:nodetypes="cc"
+           inkscape:connector-curvature="0"
+           id="path2996-1"
+           d="m 104.90935,13.374209 19.08481,19.017856"
+           style="fill:none;stroke:#009900;stroke-width:5;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+        <use
+           height="1052.3622"
+           width="744.09448"
+           transform="matrix(-1,0,0,1,228.92583,0)"
+           id="use3851"
+           xlink:href="#path2996-1"
+           y="0"
+           x="0" />
+      </g>
+      <path
+         style="color:#000000;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:medium;line-height:normal;font-family:Sans;-inkscape-font-specification:Sans;text-indent:0;text-align:start;text-decoration:none;text-decoration-line:none;letter-spacing:normal;word-spacing:normal;text-transform:none;direction:ltr;block-progression:tb;writing-mode:lr-tb;baseline-shift:baseline;text-anchor:start;display:inline;overflow:visible;visibility:visible;fill:#009900;fill-opacity:1;stroke:none;stroke-width:5;marker:none;enable-background:accumulate"
+         d="m 70.013782,35.204069 c -1.308989,-0.01639 -2.485084,-1.222261 -2.46875,-2.53125 l 0,-10.464363 5,0 0,10.464363 c 0.01659,1.329821 -1.201429,2.547843 -2.53125,2.53125 z"
+         id="path2996-0-5-1"
+         inkscape:connector-curvature="0"
+         sodipodi:nodetypes="cccccc" />
+    </g>
+    <g
+       id="g23808"
+       transform="translate(-247.29816,166.4)">
+      <path
+         id="path19313"
+         d="m 794.46487,77.394509 c -2.73221,1.424192 -16.88624,7.243753 -19.89955,8.814518 -3.01332,1.571366 -4.68732,1.556016 -7.06769,0.418047 -2.38037,-1.137968 -17.44273,-7.222083 -20.15598,-8.518964 -1.35617,-0.64829 -2.06917,-1.195153 -2.06917,-1.711919 l 0,-5.175185 c 0,0 19.60912,-4.268963 22.77502,-5.404524 3.16561,-1.135862 4.26385,-1.176794 6.95783,-0.189912 2.69429,0.986882 18.80282,3.893352 21.46551,4.868496 0,0 -10e-4,4.622001 -10e-4,5.101747 3e-4,0.51165 -0.61398,1.07296 -2.00476,1.797696 z"
+         inkscape:connector-curvature="0"
+         style="fill:#a41e11" />
+      <path
+         id="path19315"
+         d="m 794.46487,72.21782 c -2.73221,1.423589 -16.88624,7.243753 -19.89955,8.814517 -3.01332,1.571366 -4.68732,1.556017 -7.06769,0.418048 -2.38068,-1.137367 -17.44273,-7.222686 -20.15598,-8.518965 -2.71325,-1.296881 -2.77013,-2.189559 -0.10474,-3.233023 2.66509,-1.044066 17.64469,-6.921113 20.81089,-8.056975 3.16561,-1.13526 4.26385,-1.176794 6.95784,-0.189611 2.69428,0.986881 16.76374,6.587036 19.42612,7.56218 2.66299,0.976046 2.76532,1.779637 0.0331,3.203829 z"
+         inkscape:connector-curvature="0"
+         style="fill:#d82c20" />
+      <path
+         id="path19317"
+         d="m 794.46487,68.955302 c -2.73221,1.424191 -16.88624,7.243753 -19.89955,8.815119 -3.01332,1.570764 -4.68732,1.555415 -7.06769,0.417446 -2.38068,-1.137367 -17.44273,-7.222084 -20.15598,-8.518965 -1.35617,-0.64829 -2.06917,-1.194551 -2.06917,-1.711317 l 0,-5.175786 c 0,0 19.60912,-4.268662 22.77502,-5.404524 3.16561,-1.135561 4.26385,-1.176794 6.95783,-0.189913 2.69429,0.986882 18.80282,3.89275 21.46551,4.868195 0,0 -10e-4,4.622001 -10e-4,5.10235 3e-4,0.511348 -0.61398,1.072658 -2.00476,1.797395 z"
+         inkscape:connector-curvature="0"
+         style="fill:#a41e11" />
+      <path
+         id="path19319"
+         d="m 794.46487,63.778612 c -2.73221,1.424192 -16.88624,7.243754 -19.89955,8.81512 -3.01332,1.570764 -4.68732,1.555414 -7.06769,0.417445 -2.38068,-1.137366 -17.44273,-7.222384 -20.15598,-8.518964 -2.71325,-1.29658 -2.77013,-2.189258 -0.10474,-3.233324 2.66509,-1.043464 17.64469,-6.920812 20.81089,-8.056373 3.16561,-1.135561 4.26385,-1.176794 6.95784,-0.189913 2.69428,0.986882 16.76374,6.586736 19.42612,7.56218 2.66299,0.975746 2.76532,1.779638 0.0331,3.203829 z"
+         inkscape:connector-curvature="0"
+         style="fill:#d82c20" />
+      <path
+         id="path19321"
+         d="m 794.46487,60.203085 c -2.73221,1.424191 -16.88624,7.244054 -19.89955,8.81542 -3.01332,1.570764 -4.68732,1.555415 -7.06769,0.417446 -2.38068,-1.137367 -17.44273,-7.222384 -20.15598,-8.518964 -1.35617,-0.648291 -2.06917,-1.194853 -2.06917,-1.711318 l 0,-5.175786 c 0,0 19.60912,-4.268662 22.77502,-5.404223 3.16561,-1.135862 4.26385,-1.176794 6.95783,-0.189912 2.69429,0.986881 18.80282,3.89275 21.46551,4.868195 0,0 -10e-4,4.622001 -10e-4,5.102048 3e-4,0.511048 -0.61398,1.072357 -2.00476,1.797094 z"
+         inkscape:connector-curvature="0"
+         style="fill:#a41e11" />
+      <path
+         id="path19323"
+         d="m 794.46487,55.026396 c -2.73221,1.424191 -16.88624,7.244054 -19.89955,8.815119 -3.01332,1.570764 -4.68732,1.555415 -7.06769,0.417747 -2.38037,-1.137668 -17.44273,-7.222385 -20.15598,-8.518965 -2.71325,-1.29658 -2.77013,-2.189559 -0.10474,-3.233324 2.66509,-1.043765 17.64469,-6.920511 20.81089,-8.056373 3.16561,-1.135862 4.26385,-1.176794 6.95784,-0.189611 2.69428,0.986881 16.76374,6.586735 19.42612,7.56218 2.66299,0.975143 2.76532,1.779336 0.0331,3.203227 z"
+         inkscape:connector-curvature="0"
+         style="fill:#d82c20" />
+      <polygon
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)"
+         id="polygon19325"
+         points="259.06,240.78 270.27,237.11 267.24,244.38 278.67,248.66 263.93,250.19 260.63,258.13 255.3,249.27 238.28,247.74 250.98,243.16 247.17,236.13 "
+         style="fill:#ffffff" />
+      <polygon
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)"
+         id="polygon19327"
+         points="232.24,275.77 271.66,269.72 259.75,287.18 "
+         style="fill:#ffffff" />
+      <ellipse
+         id="ellipse19329"
+         cy="53.828529"
+         ry="2.4580245"
+         rx="6.3411436"
+         cx="760.40704"
+         style="fill:#ffffff" />
+      <polygon
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)"
+         id="polygon19331"
+         points="319.42,260.05 296.11,269.26 296.09,250.83 "
+         style="fill:#7a0c00" />
+      <polygon
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)"
+         id="polygon19333"
+         points="296.09,250.83 296.11,269.26 293.58,270.25 270.28,261.04 "
+         style="fill:#ad2115" />
+    </g>
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1.60000002;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:1.6, 4.8;stroke-dashoffset:0;stroke-opacity:1;marker-end:url(#marker16101)"
+       d="m 232.8,48.6 c 0,0 -12.73666,1.801225 61.59028,-2.565366 C 414.41267,38.983507 605.85597,54.0261 541.6,135"
+       id="path20389"
+       inkscape:connector-curvature="0"
+       sodipodi:nodetypes="csc" />
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1.60000002;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:9.6, 9.6;stroke-dashoffset:0;stroke-opacity:1;marker-end:url(#marker8148)"
+       d="M 232,91.8 C 267.3955,81.000077 227.99615,51.379889 294.44308,48.093811 487.01221,38.570464 649.34345,63.836408 662.48649,127.0156 596.42953,139.79479 662.23891,181.3224 552.8,223.8"
+       id="path20391"
+       inkscape:connector-curvature="0"
+       sodipodi:nodetypes="cscc" />
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1.60000002;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:12.8, 3.2, 1.6, 3.2;stroke-dashoffset:0;stroke-opacity:1;marker-end:url(#marker20462)"
+       d="m 232,135 c 57.21358,0.42565 19.24911,-77.191374 63.18997,-87.243822 38.67909,-8.8487 79.20414,-10.051572 104.88753,10.895187 38.40475,31.321995 38.65218,89.318415 98.03792,97.920405 -45.41426,67.00199 -38.65741,-9.39118 -109.31542,-3.9718"
+       id="path20393"
+       inkscape:connector-curvature="0"
+       sodipodi:nodetypes="csscc" />
+    <circle
+       id="circle17337"
+       r="25.6"
+       cy="152.70993"
+       cx="523.57367"
+       style="fill:#dd4814" />
+    <path
+       id="path17339"
+       d="m 507.60646,149.63328 c -1.70053,0 -3.07212,1.37612 -3.07212,3.07665 0,1.69449 1.37159,3.07363 3.07212,3.07363 1.70204,0 3.07665,-1.37914 3.07665,-3.07363 0,-1.70053 -1.37461,-3.07665 -3.07665,-3.07665 z m 21.96205,13.98147 c -1.47269,0.84347 -1.97365,2.72658 -1.12715,4.19323 0.84951,1.4742 2.7296,1.97515 4.20078,1.12866 1.47117,-0.848 1.97665,-2.7296 1.12714,-4.19927 -0.84951,-1.47118 -2.73111,-1.97515 -4.20077,-1.12262 z m -15.27762,-10.90482 c 0,-3.04195 1.50588,-5.7293 3.81601,-7.35287 l -2.24524,-3.76924 c -2.69188,1.7971 -4.6957,4.54783 -5.52861,7.76782 0.97475,0.79217 1.59189,1.99779 1.59189,3.35429 0,1.34744 -0.61564,2.55155 -1.59189,3.34825 0.83291,3.21848 2.83673,5.9677 5.52861,7.7648 l 2.24524,-3.76622 c -2.31013,-1.62358 -3.81601,-4.30791 -3.81601,-7.34683 z m 8.98098,-8.98852 c 4.69569,0 8.5449,3.59873 8.94928,8.19333 l 4.38336,-0.0709 c -0.21728,-3.38597 -1.69601,-6.42792 -3.96992,-8.66411 -1.17091,0.43909 -2.52288,0.37723 -3.68926,-0.30027 -1.16638,-0.67448 -1.90121,-1.80917 -2.10341,-3.04798 -1.13771,-0.31234 -2.33427,-0.48586 -3.57005,-0.48586 -2.12454,0 -4.1359,0.50095 -5.91791,1.38517 l 2.13509,3.82808 c 1.14978,-0.53717 2.43386,-0.83744 3.78282,-0.83744 z m 0,17.96798 c -1.35047,0 -2.63304,-0.29725 -3.78282,-0.83442 l -2.13509,3.82808 c 1.78201,0.88723 3.79337,1.38215 5.91791,1.38215 1.23578,0 2.43234,-0.16749 3.57005,-0.48285 0.2022,-1.23729 0.93552,-2.37199 2.10341,-3.04948 1.1694,-0.67448 2.51835,-0.73936 3.68926,-0.29424 2.27391,-2.23921 3.75264,-5.28115 3.96992,-8.67014 l -4.38336,-0.0619 c -0.40438,4.58705 -4.25359,8.18276 -8.94928,8.18276 z m 6.29664,-19.88579 c 1.46966,0.84649 3.35126,0.34553 4.19776,-1.12866 0.84951,-1.46514 0.34553,-3.34825 -1.12413,-4.19625 -1.47269,-0.848 -3.35127,-0.34554 -4.20078,1.12564 -0.8465,1.46967 -0.34554,3.34976 1.12715,4.19927 z"
+       inkscape:connector-curvature="0"
+       style="fill:#ffffff" />
+    <rect
+       style="opacity:1;fill:#f2f2f2;fill-opacity:1;stroke:#005976;stroke-width:1.87672079;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       id="rect4484"
+       width="288.75037"
+       height="19.589668"
+       x="295.59451"
+       y="37.709572" />
+    <g
+       transform="matrix(0.68994526,0,0,0.69259938,267.24024,14.934347)"
+       style="font-style:normal;font-weight:normal;font-size:40px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       id="flowRoot4486">
+      <path
+         inkscape:connector-curvature="0"
+         d="m 187.98859,51.93976 0,-10.026972 2.89587,0 q 1.19455,0 2.00902,0.343886 0.81446,0.325786 1.32124,0.977358 0.52488,0.633473 0.74207,1.556533 0.23529,0.904962 0.23529,2.063312 0,1.194549 -0.25339,2.045213 -0.23529,0.832565 -0.61537,1.393641 -0.38009,0.561076 -0.86876,0.886862 -0.47058,0.325786 -0.95926,0.506778 -0.48868,0.162893 -0.92306,0.217191 -0.43439,0.0362 -0.72397,0.0362 l -2.85968,0 z m -1.71943,-11.47491 0,12.922849 4.43431,0 q 1.61083,0 2.78728,-0.452481 1.17645,-0.452481 1.93662,-1.303144 0.76017,-0.868763 1.12215,-2.11761 0.36199,-1.266946 0.36199,-2.895877 0,-3.113067 -1.61083,-4.633402 -1.61083,-1.520335 -4.59721,-1.520335 l -4.43431,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path7700" />
+      <path
+         inkscape:connector-curvature="0"
+         d="m 199.86394,48.718098 q 0,-0.850664 0.2172,-1.502236 0.23529,-0.669671 0.63347,-1.122152 0.39818,-0.452481 0.92306,-0.687771 0.54298,-0.23529 1.14025,-0.23529 0.59727,0 1.12215,0.23529 0.54298,0.23529 0.94116,0.687771 0.39819,0.452481 0.61538,1.122152 0.23529,0.651572 0.23529,1.502236 0,0.850664 -0.23529,1.520335 -0.21719,0.651572 -0.61538,1.104053 -0.39818,0.434381 -0.94116,0.669671 -0.52488,0.23529 -1.12215,0.23529 -0.59727,0 -1.14025,-0.23529 -0.52488,-0.23529 -0.92306,-0.669671 -0.39818,-0.452481 -0.63347,-1.104053 -0.2172,-0.669671 -0.2172,-1.520335 z m -1.62893,0 q 0,1.031656 0.28959,1.918518 0.28959,0.886862 0.86876,1.556534 0.57918,0.651572 1.42984,1.031656 0.85067,0.361984 1.95472,0.361984 1.12215,0 1.95472,-0.361984 0.85066,-0.380084 1.42984,-1.031656 0.57917,-0.669672 0.86876,-1.556534 0.28959,-0.886862 0.28959,-1.918518 0,-1.031656 -0.28959,-1.918518 -0.28959,-0.904962 -0.86876,-1.556534 -0.57918,-0.669671 -1.42984,-1.049755 -0.83257,-0.380084 -1.95472,-0.380084 -1.10405,0 -1.95472,0.380084 -0.85066,0.380084 -1.42984,1.049755 -0.57917,0.651572 -0.86876,1.556534 -0.28959,0.886862 -0.28959,1.918518 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path7702" />
+      <path
+         inkscape:connector-curvature="0"
+         d="m 215.45219,47.03487 1.59273,0 q -0.0905,-0.832565 -0.43438,-1.429839 -0.34389,-0.615374 -0.88686,-1.013557 -0.52488,-0.398183 -1.23075,-0.579175 -0.68777,-0.199092 -1.48414,-0.199092 -1.10405,0 -1.93662,0.398183 -0.83256,0.380084 -1.39364,1.067855 -0.54297,0.669671 -0.81446,1.592732 -0.27149,0.904961 -0.27149,1.954716 0,1.049756 0.27149,1.936618 0.28959,0.868763 0.83256,1.502236 0.56108,0.633473 1.37554,0.977358 0.83257,0.343885 1.90042,0.343885 1.79183,0 2.82348,-0.94116 1.04976,-0.941159 1.30315,-2.678685 l -1.57464,0 q -0.14479,1.085953 -0.79636,1.683228 -0.63347,0.597274 -1.77373,0.597274 -0.72397,0 -1.24884,-0.289587 -0.52488,-0.289588 -0.85067,-0.760168 -0.32578,-0.488679 -0.48868,-1.104053 -0.14479,-0.615374 -0.14479,-1.266946 0,-0.70587 0.14479,-1.357442 0.1448,-0.669671 0.47058,-1.17645 0.34389,-0.506778 0.90497,-0.814465 0.56107,-0.307687 1.39364,-0.307687 0.97735,0 1.55653,0.488679 0.57917,0.48868 0.76017,1.375542 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path7704" />
+      <path
+         inkscape:connector-curvature="0"
+         d="m 218.91112,40.46485 0,12.922849 1.53843,0 0,-3.547449 1.44794,-1.339343 3.20357,4.886792 1.95471,0 -3.98183,-5.954646 3.71034,-3.402655 -2.06331,0 -4.27142,4.090425 0,-7.655973 -1.53843,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path7706" />
+      <path
+         inkscape:connector-curvature="0"
+         d="m 234.72136,47.813137 -5.37547,0 q 0.0362,-0.542977 0.23529,-1.013557 0.19909,-0.488679 0.54298,-0.850664 0.34388,-0.361985 0.81446,-0.561076 0.48868,-0.217191 1.08596,-0.217191 0.57917,0 1.04975,0.217191 0.48868,0.199091 0.83257,0.561076 0.36198,0.343885 0.56107,0.832565 0.21719,0.488679 0.25339,1.031656 z m 1.48414,2.606288 -1.52034,0 q -0.19909,0.923061 -0.83256,1.375542 -0.61538,0.45248 -1.59273,0.45248 -0.76017,0 -1.32125,-0.253389 -0.56107,-0.253389 -0.92306,-0.669671 -0.36198,-0.434382 -0.52488,-0.977359 -0.16289,-0.561076 -0.14479,-1.176449 l 7.0044,0 q 0.0362,-0.850664 -0.16289,-1.791824 -0.18099,-0.94116 -0.68777,-1.737526 -0.48868,-0.796366 -1.32125,-1.303144 -0.81446,-0.524878 -2.06331,-0.524878 -0.95926,0 -1.77372,0.361985 -0.79637,0.361984 -1.39364,1.013556 -0.57918,0.651573 -0.90496,1.538435 -0.32579,0.886862 -0.32579,1.954716 0.0362,1.067855 0.30769,1.972816 0.28958,0.904962 0.85066,1.556534 0.56108,0.651572 1.37554,1.013557 0.83257,0.361984 1.95472,0.361984 1.59273,0 2.64249,-0.796366 1.04975,-0.796366 1.35744,-2.370999 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path7708" />
+      <path
+         inkscape:connector-curvature="0"
+         d="m 237.8907,44.030398 0,9.357301 1.53844,0 0,-4.162823 q 0,-0.904961 0.18099,-1.592732 0.18099,-0.70587 0.57918,-1.194549 0.39818,-0.488679 1.04975,-0.742068 0.65157,-0.253389 1.57463,-0.253389 l 0,-1.628931 q -1.24884,-0.0362 -2.06331,0.506779 -0.81446,0.542976 -1.37554,1.683228 l -0.0362,0 0,-1.972816 -1.44794,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path7710" />
+      <path
+         inkscape:connector-curvature="0"
+         d="m 250.13172,48.790495 q 0,-0.687771 0.1448,-1.339343 0.14479,-0.651572 0.47058,-1.158351 0.32578,-0.506778 0.86876,-0.814465 0.54298,-0.307687 1.32124,-0.307687 0.79637,0 1.35744,0.307687 0.56108,0.289588 0.90497,0.778267 0.36198,0.488679 0.52487,1.140251 0.1629,0.633473 0.1629,1.321244 0,0.651572 -0.1629,1.285045 -0.14479,0.633473 -0.48868,1.140251 -0.34388,0.48868 -0.88686,0.796366 -0.54297,0.307687 -1.32124,0.307687 -0.74207,0 -1.30315,-0.289587 -0.54297,-0.289588 -0.90496,-0.778267 -0.34388,-0.488679 -0.52488,-1.104053 -0.16289,-0.633473 -0.16289,-1.285045 z m 7.23969,4.597204 0,-12.922849 -1.53843,0 0,4.814395 -0.0362,0 q -0.25339,-0.416283 -0.63347,-0.687771 -0.36199,-0.289588 -0.77827,-0.452481 -0.41628,-0.180992 -0.83256,-0.253389 -0.41629,-0.0724 -0.77827,-0.0724 -1.06786,0 -1.88232,0.398183 -0.79637,0.380084 -1.33934,1.049755 -0.52488,0.651573 -0.79637,1.538435 -0.25339,0.886862 -0.25339,1.882319 0,0.995458 0.27149,1.88232 0.27149,0.886862 0.79637,1.556534 0.54297,0.669671 1.33934,1.067854 0.81446,0.398183 1.90042,0.398183 0.97736,0 1.79182,-0.343885 0.81447,-0.343885 1.19455,-1.122152 l 0.0362,0 0,1.266946 1.53843,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path7712" />
+      <path
+         inkscape:connector-curvature="0"
+         d="m 268.01008,53.3515 q -0.39818,0.23529 -1.10405,0.23529 -0.59727,0 -0.95926,-0.325786 -0.34388,-0.343885 -0.34388,-1.104053 -0.63348,0.760168 -1.48414,1.104053 -0.83257,0.325786 -1.80992,0.325786 -0.63348,0 -1.21265,-0.144794 -0.56108,-0.144793 -0.97736,-0.45248 -0.41628,-0.307687 -0.66967,-0.796366 -0.23529,-0.506779 -0.23529,-1.212649 0,-0.796366 0.27149,-1.303144 0.27149,-0.506778 0.70587,-0.814465 0.45248,-0.325786 1.01355,-0.488679 0.57918,-0.162893 1.17645,-0.271489 0.63348,-0.126694 1.19455,-0.180992 0.57918,-0.0724 1.01356,-0.180992 0.43438,-0.126695 0.68777,-0.343886 0.25339,-0.23529 0.25339,-0.669671 0,-0.506779 -0.19909,-0.814465 -0.18099,-0.307687 -0.48868,-0.47058 -0.28959,-0.162893 -0.66967,-0.217191 -0.36199,-0.0543 -0.72397,-0.0543 -0.97736,0 -1.62893,0.380084 -0.65157,0.361985 -0.70587,1.393641 l -1.53844,0 q 0.0362,-0.868763 0.36199,-1.466038 0.32578,-0.597274 0.86876,-0.959259 0.54298,-0.380084 1.23075,-0.542977 0.70587,-0.162893 1.50223,-0.162893 0.63348,0 1.24885,0.0905 0.63347,0.0905 1.14025,0.380084 0.50678,0.271488 0.81447,0.778267 0.30768,0.506778 0.30768,1.321244 l 0,4.814394 q 0,0.542977 0.0543,0.796366 0.0724,0.253389 0.43438,0.253389 0.19909,0 0.47058,-0.0905 l 0,1.194549 z m -2.49769,-4.796295 q -0.28959,0.217191 -0.76017,0.325786 -0.47058,0.0905 -0.99546,0.162893 -0.50677,0.0543 -1.03165,0.144794 -0.52488,0.0724 -0.94116,0.253389 -0.41628,0.180992 -0.68777,0.524878 -0.25339,0.325786 -0.25339,0.904961 0,0.380084 0.14479,0.651572 0.1629,0.253389 0.39819,0.416282 0.25339,0.162894 0.57917,0.23529 0.32579,0.0724 0.68777,0.0724 0.76017,0 1.30315,-0.199091 0.54297,-0.217191 0.88686,-0.524878 0.34388,-0.325786 0.50678,-0.68777 0.16289,-0.380084 0.16289,-0.70587 l 0,-1.574633 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path7714" />
+      <path
+         inkscape:connector-curvature="0"
+         d="m 275.93952,47.813137 -5.37547,0 q 0.0362,-0.542977 0.23529,-1.013557 0.19909,-0.488679 0.54298,-0.850664 0.34388,-0.361985 0.81446,-0.561076 0.48868,-0.217191 1.08595,-0.217191 0.57918,0 1.04976,0.217191 0.48868,0.199091 0.83256,0.561076 0.36199,0.343885 0.56108,0.832565 0.21719,0.488679 0.25339,1.031656 z m 1.48414,2.606288 -1.52034,0 q -0.19909,0.923061 -0.83256,1.375542 -0.61538,0.45248 -1.59274,0.45248 -0.76016,0 -1.32124,-0.253389 -0.56107,-0.253389 -0.92306,-0.669671 -0.36198,-0.434382 -0.52488,-0.977359 -0.16289,-0.561076 -0.14479,-1.176449 l 7.0044,0 q 0.0362,-0.850664 -0.16289,-1.791824 -0.18099,-0.94116 -0.68777,-1.737526 -0.48868,-0.796366 -1.32125,-1.303144 -0.81446,-0.524878 -2.06331,-0.524878 -0.95926,0 -1.77372,0.361985 -0.79637,0.361984 -1.39364,1.013556 -0.57918,0.651573 -0.90497,1.538435 -0.32578,0.886862 -0.32578,1.954716 0.0362,1.067855 0.30769,1.972816 0.28958,0.904962 0.85066,1.556534 0.56108,0.651572 1.37554,1.013557 0.83257,0.361984 1.95472,0.361984 1.59273,0 2.64248,-0.796366 1.04976,-0.796366 1.35745,-2.370999 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path7716" />
+      <path
+         inkscape:connector-curvature="0"
+         d="m 279.16316,44.030398 0,9.357301 1.53844,0 0,-5.827952 q 0,-0.271488 0.12669,-0.669671 0.1448,-0.416282 0.43439,-0.796366 0.30768,-0.380084 0.77826,-0.651572 0.48868,-0.271489 1.15835,-0.271489 0.52488,0 0.85067,0.162893 0.34388,0.144794 0.54297,0.434382 0.19909,0.271488 0.27149,0.651572 0.0905,0.380084 0.0905,0.832564 l 0,6.135639 1.53843,0 0,-5.827952 q 0,-1.085953 0.65157,-1.737526 0.65158,-0.651572 1.79183,-0.651572 0.56107,0 0.90496,0.162893 0.36198,0.162893 0.56108,0.452481 0.19909,0.271488 0.27148,0.651572 0.0724,0.380084 0.0724,0.814465 l 0,6.135639 1.53843,0 0,-6.859608 q 0,-0.723969 -0.23528,-1.230747 -0.2172,-0.524878 -0.63348,-0.850664 -0.39818,-0.325786 -0.97736,-0.47058 -0.56107,-0.162893 -1.26694,-0.162893 -0.92306,0 -1.70133,0.416282 -0.76017,0.416283 -1.23075,1.17645 -0.28958,-0.868763 -0.99545,-1.230747 -0.70587,-0.361985 -1.57464,-0.361985 -1.97281,0 -3.02257,1.592732 l -0.0362,0 0,-1.375541 -1.44794,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path7718" />
+      <path
+         inkscape:connector-curvature="0"
+         d="m 295.73329,48.718098 q 0,-0.850664 0.21719,-1.502236 0.23529,-0.669671 0.63348,-1.122152 0.39818,-0.452481 0.92306,-0.687771 0.54297,-0.23529 1.14025,-0.23529 0.59727,0 1.12215,0.23529 0.54298,0.23529 0.94116,0.687771 0.39818,0.452481 0.61537,1.122152 0.23529,0.651572 0.23529,1.502236 0,0.850664 -0.23529,1.520335 -0.21719,0.651572 -0.61537,1.104053 -0.39818,0.434381 -0.94116,0.669671 -0.52488,0.23529 -1.12215,0.23529 -0.59728,0 -1.14025,-0.23529 -0.52488,-0.23529 -0.92306,-0.669671 -0.39819,-0.452481 -0.63348,-1.104053 -0.21719,-0.669671 -0.21719,-1.520335 z m -1.62893,0 q 0,1.031656 0.28959,1.918518 0.28959,0.886862 0.86876,1.556534 0.57918,0.651572 1.42984,1.031656 0.85066,0.361984 1.95472,0.361984 1.12215,0 1.95471,-0.361984 0.85067,-0.380084 1.42984,-1.031656 0.57918,-0.669672 0.86877,-1.556534 0.28958,-0.886862 0.28958,-1.918518 0,-1.031656 -0.28958,-1.918518 -0.28959,-0.904962 -0.86877,-1.556534 -0.57917,-0.669671 -1.42984,-1.049755 -0.83256,-0.380084 -1.95471,-0.380084 -1.10406,0 -1.95472,0.380084 -0.85066,0.380084 -1.42984,1.049755 -0.57917,0.651572 -0.86876,1.556534 -0.28959,0.886862 -0.28959,1.918518 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path7720" />
+      <path
+         inkscape:connector-curvature="0"
+         d="m 304.96871,44.030398 0,9.357301 1.53843,0 0,-5.284975 q 0,-0.633473 0.16289,-1.15835 0.181,-0.542977 0.52488,-0.94116 0.34389,-0.398183 0.85067,-0.615374 0.52487,-0.217191 1.23074,-0.217191 0.88687,0 1.39364,0.506779 0.50678,0.506778 0.50678,1.375541 l 0,6.33473 1.53844,0 0,-6.153738 q 0,-0.760167 -0.1629,-1.375541 -0.14479,-0.633473 -0.52487,-1.085954 -0.38009,-0.45248 -0.99546,-0.70587 -0.61538,-0.253389 -1.53844,-0.253389 -2.08141,0 -3.04067,1.701328 l -0.0362,0 0,-1.484137 -1.44793,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path7722" />
+    </g>
+    <g
+       transform="matrix(0.46975244,0,0,0.46975284,616.35741,-226.29247)"
+       id="layer1-6"
+       inkscape:label="Layer 1">
+      <g
+         inkscape:label="#g2636"
+         clip-path="none"
+         transform="matrix(0.450413,0,0,0.450413,290.58948,830.01033)"
+         id="CENTOSARTWORK"
+         style="display:inline">
+        <g
+           inkscape:label="#g2638"
+           id="SYMBOL">
+          <g
+             id="g2640"
+             transform="matrix(0,-1.4853794,1.4853794,0,-2754.3723,24.127639)"
+             style="display:inline">
+            <g
+               transform="translate(16.279512,-899.16723)"
+               id="g2642">
+              <g
+                 id="g2644"
+                 transform="matrix(1.0666663,0,0,1,-26.935596,-4.1328125e-5)">
+                <path
+                   id="path2646"
+                   d="m 323.36653,2798.1614 -5.40616,5.8005 -5.40616,-5.8005 0,-40.8261 -18.01333,0 23.41949,-24.8979 23.02487,24.8979 -17.6187,0 -10e-6,40.8261 z"
+                   style="display:inline;overflow:visible;visibility:visible;fill:#922178;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:30;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;marker-start:none;marker-mid:none;marker-end:none"
+                   sodipodi:nodetypes="ccccccccc"
+                   inkscape:connector-curvature="0" />
+                <path
+                   sodipodi:nodetypes="cccccc"
+                   style="display:inline;overflow:visible;visibility:visible;fill:#ffffff;fill-opacity:0.15686275;fill-rule:evenodd;stroke:none;stroke-width:30;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;marker-start:none;marker-mid:none;marker-end:none"
+                   d="m 323.42008,2798.1614 -5.45971,5.8005 0,-71.5245 23.25296,24.8979 -17.79323,0 -2e-5,40.8261 z"
+                   id="path2648"
+                   inkscape:connector-curvature="0" />
+              </g>
+              <g
+                 transform="matrix(1.0722788,0,0,1,-28.850792,-4.1328125e-5)"
+                 id="g2650"
+                 clip-path="url(#clipPath4429)" />
+            </g>
+          </g>
+          <g
+             transform="matrix(1.4853794,0,0,1.4853794,-402.70015,-3303.1796)"
+             id="g2652"
+             style="display:inline">
+            <g
+               id="g2654"
+               transform="translate(16.279512,-899.16723)">
+              <g
+                 transform="matrix(1.0666663,0,0,1,-26.935596,-4.1328125e-5)"
+                 id="g2656">
+                <path
+                   sodipodi:nodetypes="ccccccccc"
+                   style="display:inline;overflow:visible;visibility:visible;fill:#eea623;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:30;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;marker-start:none;marker-mid:none;marker-end:none"
+                   d="m 323.36653,2798.1614 -5.40616,5.8005 -5.40616,-5.8005 0,-40.8261 -18.01333,0 23.41949,-24.8979 23.02487,24.8979 -17.6187,0 -10e-6,40.8261 z"
+                   id="path2658"
+                   inkscape:connector-curvature="0" />
+                <path
+                   id="path2660"
+                   d="m 323.42008,2798.1614 -5.45971,5.8005 0,-71.5245 23.25296,24.8979 -17.79323,0 -2e-5,40.8261 z"
+                   style="display:inline;overflow:visible;visibility:visible;fill:#ffffff;fill-opacity:0.15686275;fill-rule:evenodd;stroke:none;stroke-width:30;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;marker-start:none;marker-mid:none;marker-end:none"
+                   sodipodi:nodetypes="cccccc"
+                   inkscape:connector-curvature="0" />
+              </g>
+              <g
+                 clip-path="url(#clipPath4429)"
+                 id="g2662"
+                 transform="matrix(1.0722788,0,0,1,-28.850792,-4.1328125e-5)" />
+            </g>
+          </g>
+          <g
+             id="g2664"
+             transform="matrix(0,1.4853794,-1.4853794,0,4260.2115,-927.32613)"
+             style="display:inline">
+            <g
+               transform="matrix(1.0666663,0,0,1,-26.935596,-4.1328125e-5)"
+               id="g2666">
+              <path
+                 sodipodi:nodetypes="ccccccccc"
+                 style="display:inline;overflow:visible;visibility:visible;fill:#252476;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:30;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;marker-start:none;marker-mid:none;marker-end:none"
+                 d="m 323.36653,2798.1614 -5.40616,5.8005 -5.40616,-5.8005 0,-40.8261 -18.01333,0 23.41949,-24.8979 23.02487,24.8979 -17.6187,0 -10e-6,40.8261 z"
+                 id="path2668"
+                 inkscape:connector-curvature="0" />
+              <path
+                 id="path2670"
+                 d="m 323.42008,2798.1614 -5.45971,5.8005 0,-71.5245 23.25296,24.8979 -17.79323,0 -2e-5,40.8261 z"
+                 style="display:inline;overflow:visible;visibility:visible;fill:#ffffff;fill-opacity:0.15686275;fill-rule:evenodd;stroke:none;stroke-width:30;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;marker-start:none;marker-mid:none;marker-end:none"
+                 sodipodi:nodetypes="cccccc"
+                 inkscape:connector-curvature="0" />
+            </g>
+            <g
+               clip-path="url(#clipPath4429)"
+               id="g2672"
+               transform="matrix(1.0722788,0,0,1,-28.850792,-4.1328125e-5)" />
+          </g>
+          <g
+             transform="matrix(-1.4853794,0,0,-1.4853794,572.93464,2375.8)"
+             id="g2674"
+             style="display:inline">
+            <g
+               id="g2676"
+               transform="translate(16.279512,-899.16723)">
+              <g
+                 transform="matrix(1.0666663,0,0,1,-26.935596,-4.1328125e-5)"
+                 id="g2678">
+                <path
+                   sodipodi:nodetypes="ccccccccc"
+                   style="display:inline;overflow:visible;visibility:visible;fill:#73d216;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:30;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;marker-start:none;marker-mid:none;marker-end:none"
+                   d="m 323.36653,2798.1614 -5.40616,5.8005 -5.40616,-5.8005 0,-40.8261 -18.01333,0 23.41949,-24.8979 23.02487,24.8979 -17.6187,0 -10e-6,40.8261 z"
+                   id="path2680"
+                   inkscape:connector-curvature="0" />
+                <path
+                   id="path2682"
+                   d="m 323.42008,2798.1614 -5.45971,5.8005 0,-71.5245 23.25296,24.8979 -17.79323,0 -2e-5,40.8261 z"
+                   style="display:inline;overflow:visible;visibility:visible;fill:#ffffff;fill-opacity:0.15686275;fill-rule:evenodd;stroke:none;stroke-width:30;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;marker-start:none;marker-mid:none;marker-end:none"
+                   sodipodi:nodetypes="cccccc"
+                   inkscape:connector-curvature="0" />
+              </g>
+              <g
+                 clip-path="url(#clipPath4429)"
+                 id="g2684"
+                 transform="matrix(1.0722788,0,0,1,-28.850792,-4.1328125e-5)" />
+            </g>
+          </g>
+          <g
+             transform="matrix(1.4853794,0,0,1.4853794,-994.6136,-3940.533)"
+             id="g2686"
+             style="display:inline">
+            <rect
+               style="fill:#73d216;fill-opacity:1;stroke:#ffffff;stroke-width:6.03433704;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+               id="rect2688"
+               width="49.606449"
+               height="49.606449"
+               x="671.98438"
+               y="2285.7893" />
+            <rect
+               y="2285.7893"
+               x="732.22076"
+               height="49.606449"
+               width="49.606449"
+               id="rect2690"
+               style="fill:#922178;fill-opacity:1;stroke:#ffffff;stroke-width:6.03433704;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" />
+            <rect
+               style="fill:#eea623;fill-opacity:1;stroke:#ffffff;stroke-width:6.03433704;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+               id="rect2692"
+               width="49.606449"
+               height="49.606449"
+               x="732.22076"
+               y="2346.0256" />
+            <rect
+               y="2346.0256"
+               x="671.98438"
+               height="49.606449"
+               width="49.606449"
+               id="rect2694"
+               style="fill:#252476;fill-opacity:1;stroke:#ffffff;stroke-width:6.03433704;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" />
+            <path
+               style="fill:#ffffff;fill-opacity:0.15686275;stroke:none;stroke-width:3.54330707;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dashoffset:0;stroke-opacity:1"
+               d="m 696.78757,2311.2893 c 24.77617,0 24.80323,-25.5 24.80323,-25.5 l -10e-6,49.6065 -49.60644,0 c 0,0 -0.22209,-24.1065 24.80322,-24.1065 z"
+               id="path2696"
+               sodipodi:nodetypes="ccccz"
+               inkscape:connector-curvature="0" />
+            <path
+               sodipodi:nodetypes="ccccz"
+               id="path2698"
+               d="m 696.7876,2371.5256 c 24.77617,0 24.80323,-25.5 24.80323,-25.5 l -10e-6,49.6065 -49.60644,0 c 0,0 -0.22209,-24.1065 24.80322,-24.1065 z"
+               style="fill:#ffffff;fill-opacity:0.15686275;stroke:none;stroke-width:3.54330707;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dashoffset:0;stroke-opacity:1"
+               inkscape:connector-curvature="0" />
+            <path
+               sodipodi:nodetypes="ccccz"
+               id="path2700"
+               d="m 757.02399,2311.2893 c 24.77617,0 24.80323,-25.5 24.80323,-25.5 l -10e-6,49.6065 -49.60644,0 c 0,0 -0.22209,-24.1065 24.80322,-24.1065 z"
+               style="fill:#ffffff;fill-opacity:0.15686275;stroke:none;stroke-width:3.54330707;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dashoffset:0;stroke-opacity:1"
+               inkscape:connector-curvature="0" />
+            <path
+               style="fill:#ffffff;fill-opacity:0.15686275;stroke:none;stroke-width:3.54330707;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dashoffset:0;stroke-opacity:1"
+               d="m 757.02399,2371.5256 c 24.77617,0 24.80323,-25.5 24.80323,-25.5 l -10e-6,49.6065 -49.60644,0 c 0,0 -0.22209,-24.1065 24.80322,-24.1065 z"
+               id="path2702"
+               sodipodi:nodetypes="ccccz"
+               inkscape:connector-curvature="0" />
+          </g>
+          <rect
+             y="-349.27026"
+             x="306.48581"
+             height="73.684402"
+             width="73.684402"
+             id="rect2704"
+             style="display:inline;fill:none;fill-opacity:1;stroke:#ffffff;stroke-width:8.96327972;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+             transform="matrix(0.7071068,-0.7071068,0.7071068,0.7071068,0,0)" />
+          <rect
+             style="display:inline;fill:none;fill-opacity:1;stroke:#ffffff;stroke-width:8.96327972;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+             id="rect2706"
+             width="73.684402"
+             height="73.684402"
+             x="395.95984"
+             y="-349.27026"
+             transform="matrix(0.7071068,-0.7071068,0.7071068,0.7071068,0,0)" />
+          <rect
+             y="-259.79648"
+             x="395.95984"
+             height="73.684402"
+             width="73.684402"
+             id="rect2708"
+             style="display:inline;fill:none;fill-opacity:1;stroke:#ffffff;stroke-width:8.96327972;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+             transform="matrix(0.7071068,-0.7071068,0.7071068,0.7071068,0,0)" />
+          <rect
+             style="display:inline;fill:none;fill-opacity:1;stroke:#ffffff;stroke-width:8.96327972;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+             id="rect2710"
+             width="73.684402"
+             height="73.684402"
+             x="306.48581"
+             y="-259.79648"
+             transform="matrix(0.7071068,-0.7071068,0.7071068,0.7071068,0,0)" />
+        </g>
+      </g>
+    </g>
+    <g
+       transform="translate(-247.29816,166.4)"
+       id="g23821">
+      <path
+         style="fill:#a41e11"
+         inkscape:connector-curvature="0"
+         d="m 794.46487,77.394509 c -2.73221,1.424192 -16.88624,7.243753 -19.89955,8.814518 -3.01332,1.571366 -4.68732,1.556016 -7.06769,0.418047 -2.38037,-1.137968 -17.44273,-7.222083 -20.15598,-8.518964 -1.35617,-0.64829 -2.06917,-1.195153 -2.06917,-1.711919 l 0,-5.175185 c 0,0 19.60912,-4.268963 22.77502,-5.404524 3.16561,-1.135862 4.26385,-1.176794 6.95783,-0.189912 2.69429,0.986882 18.80282,3.893352 21.46551,4.868496 0,0 -10e-4,4.622001 -10e-4,5.101747 3e-4,0.51165 -0.61398,1.07296 -2.00476,1.797696 z"
+         id="path23823" />
+      <path
+         style="fill:#d82c20"
+         inkscape:connector-curvature="0"
+         d="m 794.46487,72.21782 c -2.73221,1.423589 -16.88624,7.243753 -19.89955,8.814517 -3.01332,1.571366 -4.68732,1.556017 -7.06769,0.418048 -2.38068,-1.137367 -17.44273,-7.222686 -20.15598,-8.518965 -2.71325,-1.296881 -2.77013,-2.189559 -0.10474,-3.233023 2.66509,-1.044066 17.64469,-6.921113 20.81089,-8.056975 3.16561,-1.13526 4.26385,-1.176794 6.95784,-0.189611 2.69428,0.986881 16.76374,6.587036 19.42612,7.56218 2.66299,0.976046 2.76532,1.779637 0.0331,3.203829 z"
+         id="path23825" />
+      <path
+         style="fill:#a41e11"
+         inkscape:connector-curvature="0"
+         d="m 794.46487,68.955302 c -2.73221,1.424191 -16.88624,7.243753 -19.89955,8.815119 -3.01332,1.570764 -4.68732,1.555415 -7.06769,0.417446 -2.38068,-1.137367 -17.44273,-7.222084 -20.15598,-8.518965 -1.35617,-0.64829 -2.06917,-1.194551 -2.06917,-1.711317 l 0,-5.175786 c 0,0 19.60912,-4.268662 22.77502,-5.404524 3.16561,-1.135561 4.26385,-1.176794 6.95783,-0.189913 2.69429,0.986882 18.80282,3.89275 21.46551,4.868195 0,0 -10e-4,4.622001 -10e-4,5.10235 3e-4,0.511348 -0.61398,1.072658 -2.00476,1.797395 z"
+         id="path23827" />
+      <path
+         style="fill:#d82c20"
+         inkscape:connector-curvature="0"
+         d="m 794.46487,63.778612 c -2.73221,1.424192 -16.88624,7.243754 -19.89955,8.81512 -3.01332,1.570764 -4.68732,1.555414 -7.06769,0.417445 -2.38068,-1.137366 -17.44273,-7.222384 -20.15598,-8.518964 -2.71325,-1.29658 -2.77013,-2.189258 -0.10474,-3.233324 2.66509,-1.043464 17.64469,-6.920812 20.81089,-8.056373 3.16561,-1.135561 4.26385,-1.176794 6.95784,-0.189913 2.69428,0.986882 16.76374,6.586736 19.42612,7.56218 2.66299,0.975746 2.76532,1.779638 0.0331,3.203829 z"
+         id="path23829" />
+      <path
+         style="fill:#a41e11"
+         inkscape:connector-curvature="0"
+         d="m 794.46487,60.203085 c -2.73221,1.424191 -16.88624,7.244054 -19.89955,8.81542 -3.01332,1.570764 -4.68732,1.555415 -7.06769,0.417446 -2.38068,-1.137367 -17.44273,-7.222384 -20.15598,-8.518964 -1.35617,-0.648291 -2.06917,-1.194853 -2.06917,-1.711318 l 0,-5.175786 c 0,0 19.60912,-4.268662 22.77502,-5.404223 3.16561,-1.135862 4.26385,-1.176794 6.95783,-0.189912 2.69429,0.986881 18.80282,3.89275 21.46551,4.868195 0,0 -10e-4,4.622001 -10e-4,5.102048 3e-4,0.511048 -0.61398,1.072357 -2.00476,1.797094 z"
+         id="path23831" />
+      <path
+         style="fill:#d82c20"
+         inkscape:connector-curvature="0"
+         d="m 794.46487,55.026396 c -2.73221,1.424191 -16.88624,7.244054 -19.89955,8.815119 -3.01332,1.570764 -4.68732,1.555415 -7.06769,0.417747 -2.38037,-1.137668 -17.44273,-7.222385 -20.15598,-8.518965 -2.71325,-1.29658 -2.77013,-2.189559 -0.10474,-3.233324 2.66509,-1.043765 17.64469,-6.920511 20.81089,-8.056373 3.16561,-1.135862 4.26385,-1.176794 6.95784,-0.189611 2.69428,0.986881 16.76374,6.586735 19.42612,7.56218 2.66299,0.975143 2.76532,1.779336 0.0331,3.203227 z"
+         id="path23833" />
+      <polygon
+         style="fill:#ffffff"
+         points="259.06,240.78 270.27,237.11 267.24,244.38 278.67,248.66 263.93,250.19 260.63,258.13 255.3,249.27 238.28,247.74 250.98,243.16 247.17,236.13 "
+         id="polygon23835"
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)" />
+      <polygon
+         style="fill:#ffffff"
+         points="232.24,275.77 271.66,269.72 259.75,287.18 "
+         id="polygon23837"
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)" />
+      <ellipse
+         style="fill:#ffffff"
+         cx="760.40704"
+         rx="6.3411436"
+         ry="2.4580245"
+         cy="53.828529"
+         id="ellipse23839" />
+      <polygon
+         style="fill:#7a0c00"
+         points="319.42,260.05 296.11,269.26 296.09,250.83 "
+         id="polygon23841"
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)" />
+      <polygon
+         style="fill:#ad2115"
+         points="296.09,250.83 296.11,269.26 293.58,270.25 270.28,261.04 "
+         id="polygon23843"
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)" />
+    </g>
+    <g
+       id="g23845"
+       transform="matrix(0.1894162,-0.14094969,0,0.1894162,234.64109,354.55609)">
+      <path
+         id="path23847"
+         d="m 794.46487,77.394509 c -2.73221,1.424192 -16.88624,7.243753 -19.89955,8.814518 -3.01332,1.571366 -4.68732,1.556016 -7.06769,0.418047 -2.38037,-1.137968 -17.44273,-7.222083 -20.15598,-8.518964 -1.35617,-0.64829 -2.06917,-1.195153 -2.06917,-1.711919 l 0,-5.175185 c 0,0 19.60912,-4.268963 22.77502,-5.404524 3.16561,-1.135862 4.26385,-1.176794 6.95783,-0.189912 2.69429,0.986882 18.80282,3.893352 21.46551,4.868496 0,0 -10e-4,4.622001 -10e-4,5.101747 3e-4,0.51165 -0.61398,1.07296 -2.00476,1.797696 z"
+         inkscape:connector-curvature="0"
+         style="fill:#a41e11" />
+      <path
+         id="path23849"
+         d="m 794.46487,72.21782 c -2.73221,1.423589 -16.88624,7.243753 -19.89955,8.814517 -3.01332,1.571366 -4.68732,1.556017 -7.06769,0.418048 -2.38068,-1.137367 -17.44273,-7.222686 -20.15598,-8.518965 -2.71325,-1.296881 -2.77013,-2.189559 -0.10474,-3.233023 2.66509,-1.044066 17.64469,-6.921113 20.81089,-8.056975 3.16561,-1.13526 4.26385,-1.176794 6.95784,-0.189611 2.69428,0.986881 16.76374,6.587036 19.42612,7.56218 2.66299,0.976046 2.76532,1.779637 0.0331,3.203829 z"
+         inkscape:connector-curvature="0"
+         style="fill:#d82c20" />
+      <path
+         id="path23851"
+         d="m 794.46487,68.955302 c -2.73221,1.424191 -16.88624,7.243753 -19.89955,8.815119 -3.01332,1.570764 -4.68732,1.555415 -7.06769,0.417446 -2.38068,-1.137367 -17.44273,-7.222084 -20.15598,-8.518965 -1.35617,-0.64829 -2.06917,-1.194551 -2.06917,-1.711317 l 0,-5.175786 c 0,0 19.60912,-4.268662 22.77502,-5.404524 3.16561,-1.135561 4.26385,-1.176794 6.95783,-0.189913 2.69429,0.986882 18.80282,3.89275 21.46551,4.868195 0,0 -10e-4,4.622001 -10e-4,5.10235 3e-4,0.511348 -0.61398,1.072658 -2.00476,1.797395 z"
+         inkscape:connector-curvature="0"
+         style="fill:#a41e11" />
+      <path
+         id="path23853"
+         d="m 794.46487,63.778612 c -2.73221,1.424192 -16.88624,7.243754 -19.89955,8.81512 -3.01332,1.570764 -4.68732,1.555414 -7.06769,0.417445 -2.38068,-1.137366 -17.44273,-7.222384 -20.15598,-8.518964 -2.71325,-1.29658 -2.77013,-2.189258 -0.10474,-3.233324 2.66509,-1.043464 17.64469,-6.920812 20.81089,-8.056373 3.16561,-1.135561 4.26385,-1.176794 6.95784,-0.189913 2.69428,0.986882 16.76374,6.586736 19.42612,7.56218 2.66299,0.975746 2.76532,1.779638 0.0331,3.203829 z"
+         inkscape:connector-curvature="0"
+         style="fill:#d82c20" />
+      <path
+         id="path23855"
+         d="m 794.46487,60.203085 c -2.73221,1.424191 -16.88624,7.244054 -19.89955,8.81542 -3.01332,1.570764 -4.68732,1.555415 -7.06769,0.417446 -2.38068,-1.137367 -17.44273,-7.222384 -20.15598,-8.518964 -1.35617,-0.648291 -2.06917,-1.194853 -2.06917,-1.711318 l 0,-5.175786 c 0,0 19.60912,-4.268662 22.77502,-5.404223 3.16561,-1.135862 4.26385,-1.176794 6.95783,-0.189912 2.69429,0.986881 18.80282,3.89275 21.46551,4.868195 0,0 -10e-4,4.622001 -10e-4,5.102048 3e-4,0.511048 -0.61398,1.072357 -2.00476,1.797094 z"
+         inkscape:connector-curvature="0"
+         style="fill:#a41e11" />
+      <path
+         id="path23857"
+         d="m 794.46487,55.026396 c -2.73221,1.424191 -16.88624,7.244054 -19.89955,8.815119 -3.01332,1.570764 -4.68732,1.555415 -7.06769,0.417747 -2.38037,-1.137668 -17.44273,-7.222385 -20.15598,-8.518965 -2.71325,-1.29658 -2.77013,-2.189559 -0.10474,-3.233324 2.66509,-1.043765 17.64469,-6.920511 20.81089,-8.056373 3.16561,-1.135862 4.26385,-1.176794 6.95784,-0.189611 2.69428,0.986881 16.76374,6.586735 19.42612,7.56218 2.66299,0.975143 2.76532,1.779336 0.0331,3.203227 z"
+         inkscape:connector-curvature="0"
+         style="fill:#d82c20" />
+      <polygon
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)"
+         id="polygon23859"
+         points="267.24,244.38 278.67,248.66 263.93,250.19 260.63,258.13 255.3,249.27 238.28,247.74 250.98,243.16 247.17,236.13 259.06,240.78 270.27,237.11 "
+         style="fill:#ffffff" />
+      <polygon
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)"
+         id="polygon23861"
+         points="232.24,275.77 271.66,269.72 259.75,287.18 "
+         style="fill:#ffffff" />
+      <ellipse
+         id="ellipse23863"
+         cy="53.828529"
+         ry="2.4580245"
+         rx="6.3411436"
+         cx="760.40704"
+         style="fill:#ffffff" />
+      <polygon
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)"
+         id="polygon23865"
+         points="319.42,260.05 296.11,269.26 296.09,250.83 "
+         style="fill:#7a0c00" />
+      <polygon
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)"
+         id="polygon23867"
+         points="296.09,250.83 296.11,269.26 293.58,270.25 270.28,261.04 "
+         style="fill:#ad2115" />
+    </g>
+    <g
+       transform="matrix(0.1894162,-0.14094969,0,0.1894162,234.64109,303.19243)"
+       id="g23869">
+      <path
+         style="fill:#a41e11"
+         inkscape:connector-curvature="0"
+         d="m 794.46487,77.394509 c -2.73221,1.424192 -16.88624,7.243753 -19.89955,8.814518 -3.01332,1.571366 -4.68732,1.556016 -7.06769,0.418047 -2.38037,-1.137968 -17.44273,-7.222083 -20.15598,-8.518964 -1.35617,-0.64829 -2.06917,-1.195153 -2.06917,-1.711919 l 0,-5.175185 c 0,0 19.60912,-4.268963 22.77502,-5.404524 3.16561,-1.135862 4.26385,-1.176794 6.95783,-0.189912 2.69429,0.986882 18.80282,3.893352 21.46551,4.868496 0,0 -10e-4,4.622001 -10e-4,5.101747 3e-4,0.51165 -0.61398,1.07296 -2.00476,1.797696 z"
+         id="path23871" />
+      <path
+         style="fill:#d82c20"
+         inkscape:connector-curvature="0"
+         d="m 794.46487,72.21782 c -2.73221,1.423589 -16.88624,7.243753 -19.89955,8.814517 -3.01332,1.571366 -4.68732,1.556017 -7.06769,0.418048 -2.38068,-1.137367 -17.44273,-7.222686 -20.15598,-8.518965 -2.71325,-1.296881 -2.77013,-2.189559 -0.10474,-3.233023 2.66509,-1.044066 17.64469,-6.921113 20.81089,-8.056975 3.16561,-1.13526 4.26385,-1.176794 6.95784,-0.189611 2.69428,0.986881 16.76374,6.587036 19.42612,7.56218 2.66299,0.976046 2.76532,1.779637 0.0331,3.203829 z"
+         id="path23873" />
+      <path
+         style="fill:#a41e11"
+         inkscape:connector-curvature="0"
+         d="m 794.46487,68.955302 c -2.73221,1.424191 -16.88624,7.243753 -19.89955,8.815119 -3.01332,1.570764 -4.68732,1.555415 -7.06769,0.417446 -2.38068,-1.137367 -17.44273,-7.222084 -20.15598,-8.518965 -1.35617,-0.64829 -2.06917,-1.194551 -2.06917,-1.711317 l 0,-5.175786 c 0,0 19.60912,-4.268662 22.77502,-5.404524 3.16561,-1.135561 4.26385,-1.176794 6.95783,-0.189913 2.69429,0.986882 18.80282,3.89275 21.46551,4.868195 0,0 -10e-4,4.622001 -10e-4,5.10235 3e-4,0.511348 -0.61398,1.072658 -2.00476,1.797395 z"
+         id="path23875" />
+      <path
+         style="fill:#d82c20"
+         inkscape:connector-curvature="0"
+         d="m 794.46487,63.778612 c -2.73221,1.424192 -16.88624,7.243754 -19.89955,8.81512 -3.01332,1.570764 -4.68732,1.555414 -7.06769,0.417445 -2.38068,-1.137366 -17.44273,-7.222384 -20.15598,-8.518964 -2.71325,-1.29658 -2.77013,-2.189258 -0.10474,-3.233324 2.66509,-1.043464 17.64469,-6.920812 20.81089,-8.056373 3.16561,-1.135561 4.26385,-1.176794 6.95784,-0.189913 2.69428,0.986882 16.76374,6.586736 19.42612,7.56218 2.66299,0.975746 2.76532,1.779638 0.0331,3.203829 z"
+         id="path23877" />
+      <path
+         style="fill:#a41e11"
+         inkscape:connector-curvature="0"
+         d="m 794.46487,60.203085 c -2.73221,1.424191 -16.88624,7.244054 -19.89955,8.81542 -3.01332,1.570764 -4.68732,1.555415 -7.06769,0.417446 -2.38068,-1.137367 -17.44273,-7.222384 -20.15598,-8.518964 -1.35617,-0.648291 -2.06917,-1.194853 -2.06917,-1.711318 l 0,-5.175786 c 0,0 19.60912,-4.268662 22.77502,-5.404223 3.16561,-1.135862 4.26385,-1.176794 6.95783,-0.189912 2.69429,0.986881 18.80282,3.89275 21.46551,4.868195 0,0 -10e-4,4.622001 -10e-4,5.102048 3e-4,0.511048 -0.61398,1.072357 -2.00476,1.797094 z"
+         id="path23879" />
+      <path
+         style="fill:#d82c20"
+         inkscape:connector-curvature="0"
+         d="m 794.46487,55.026396 c -2.73221,1.424191 -16.88624,7.244054 -19.89955,8.815119 -3.01332,1.570764 -4.68732,1.555415 -7.06769,0.417747 -2.38037,-1.137668 -17.44273,-7.222385 -20.15598,-8.518965 -2.71325,-1.29658 -2.77013,-2.189559 -0.10474,-3.233324 2.66509,-1.043765 17.64469,-6.920511 20.81089,-8.056373 3.16561,-1.135862 4.26385,-1.176794 6.95784,-0.189611 2.69428,0.986881 16.76374,6.586735 19.42612,7.56218 2.66299,0.975143 2.76532,1.779336 0.0331,3.203227 z"
+         id="path23881" />
+      <polygon
+         style="fill:#ffffff"
+         points="278.67,248.66 263.93,250.19 260.63,258.13 255.3,249.27 238.28,247.74 250.98,243.16 247.17,236.13 259.06,240.78 270.27,237.11 267.24,244.38 "
+         id="polygon23883"
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)" />
+      <polygon
+         style="fill:#ffffff"
+         points="271.66,269.72 259.75,287.18 232.24,275.77 "
+         id="polygon23885"
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)" />
+      <ellipse
+         style="fill:#ffffff"
+         cx="760.40704"
+         rx="6.3411436"
+         ry="2.4580245"
+         cy="53.828529"
+         id="ellipse23887" />
+      <polygon
+         style="fill:#7a0c00"
+         points="296.11,269.26 296.09,250.83 319.42,260.05 "
+         id="polygon23889"
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)" />
+      <polygon
+         style="fill:#ad2115"
+         points="296.11,269.26 293.58,270.25 270.28,261.04 296.09,250.83 "
+         id="polygon23891"
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)" />
+    </g>
+    <g
+       id="g24055"
+       transform="translate(-79.524666,65.562133)">
+      <path
+         id="path24057"
+         d="m 794.46487,77.394509 c -2.73221,1.424192 -16.88624,7.243753 -19.89955,8.814518 -3.01332,1.571366 -4.68732,1.556016 -7.06769,0.418047 -2.38037,-1.137968 -17.44273,-7.222083 -20.15598,-8.518964 -1.35617,-0.64829 -2.06917,-1.195153 -2.06917,-1.711919 l 0,-5.175185 c 0,0 19.60912,-4.268963 22.77502,-5.404524 3.16561,-1.135862 4.26385,-1.176794 6.95783,-0.189912 2.69429,0.986882 18.80282,3.893352 21.46551,4.868496 0,0 -10e-4,4.622001 -10e-4,5.101747 3e-4,0.51165 -0.61398,1.07296 -2.00476,1.797696 z"
+         inkscape:connector-curvature="0"
+         style="fill:#a41e11" />
+      <path
+         id="path24059"
+         d="m 794.46487,72.21782 c -2.73221,1.423589 -16.88624,7.243753 -19.89955,8.814517 -3.01332,1.571366 -4.68732,1.556017 -7.06769,0.418048 -2.38068,-1.137367 -17.44273,-7.222686 -20.15598,-8.518965 -2.71325,-1.296881 -2.77013,-2.189559 -0.10474,-3.233023 2.66509,-1.044066 17.64469,-6.921113 20.81089,-8.056975 3.16561,-1.13526 4.26385,-1.176794 6.95784,-0.189611 2.69428,0.986881 16.76374,6.587036 19.42612,7.56218 2.66299,0.976046 2.76532,1.779637 0.0331,3.203829 z"
+         inkscape:connector-curvature="0"
+         style="fill:#d82c20" />
+      <path
+         id="path24061"
+         d="m 794.46487,68.955302 c -2.73221,1.424191 -16.88624,7.243753 -19.89955,8.815119 -3.01332,1.570764 -4.68732,1.555415 -7.06769,0.417446 -2.38068,-1.137367 -17.44273,-7.222084 -20.15598,-8.518965 -1.35617,-0.64829 -2.06917,-1.194551 -2.06917,-1.711317 l 0,-5.175786 c 0,0 19.60912,-4.268662 22.77502,-5.404524 3.16561,-1.135561 4.26385,-1.176794 6.95783,-0.189913 2.69429,0.986882 18.80282,3.89275 21.46551,4.868195 0,0 -10e-4,4.622001 -10e-4,5.10235 3e-4,0.511348 -0.61398,1.072658 -2.00476,1.797395 z"
+         inkscape:connector-curvature="0"
+         style="fill:#a41e11" />
+      <path
+         id="path24063"
+         d="m 794.46487,63.778612 c -2.73221,1.424192 -16.88624,7.243754 -19.89955,8.81512 -3.01332,1.570764 -4.68732,1.555414 -7.06769,0.417445 -2.38068,-1.137366 -17.44273,-7.222384 -20.15598,-8.518964 -2.71325,-1.29658 -2.77013,-2.189258 -0.10474,-3.233324 2.66509,-1.043464 17.64469,-6.920812 20.81089,-8.056373 3.16561,-1.135561 4.26385,-1.176794 6.95784,-0.189913 2.69428,0.986882 16.76374,6.586736 19.42612,7.56218 2.66299,0.975746 2.76532,1.779638 0.0331,3.203829 z"
+         inkscape:connector-curvature="0"
+         style="fill:#d82c20" />
+      <path
+         id="path24065"
+         d="m 794.46487,60.203085 c -2.73221,1.424191 -16.88624,7.244054 -19.89955,8.81542 -3.01332,1.570764 -4.68732,1.555415 -7.06769,0.417446 -2.38068,-1.137367 -17.44273,-7.222384 -20.15598,-8.518964 -1.35617,-0.648291 -2.06917,-1.194853 -2.06917,-1.711318 l 0,-5.175786 c 0,0 19.60912,-4.268662 22.77502,-5.404223 3.16561,-1.135862 4.26385,-1.176794 6.95783,-0.189912 2.69429,0.986881 18.80282,3.89275 21.46551,4.868195 0,0 -10e-4,4.622001 -10e-4,5.102048 3e-4,0.511048 -0.61398,1.072357 -2.00476,1.797094 z"
+         inkscape:connector-curvature="0"
+         style="fill:#a41e11" />
+      <path
+         id="path24067"
+         d="m 794.46487,55.026396 c -2.73221,1.424191 -16.88624,7.244054 -19.89955,8.815119 -3.01332,1.570764 -4.68732,1.555415 -7.06769,0.417747 -2.38037,-1.137668 -17.44273,-7.222385 -20.15598,-8.518965 -2.71325,-1.29658 -2.77013,-2.189559 -0.10474,-3.233324 2.66509,-1.043765 17.64469,-6.920511 20.81089,-8.056373 3.16561,-1.135862 4.26385,-1.176794 6.95784,-0.189611 2.69428,0.986881 16.76374,6.586735 19.42612,7.56218 2.66299,0.975143 2.76532,1.779336 0.0331,3.203227 z"
+         inkscape:connector-curvature="0"
+         style="fill:#d82c20" />
+      <polygon
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)"
+         id="polygon24069"
+         points="278.67,248.66 263.93,250.19 260.63,258.13 255.3,249.27 238.28,247.74 250.98,243.16 247.17,236.13 259.06,240.78 270.27,237.11 267.24,244.38 "
+         style="fill:#ffffff" />
+      <polygon
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)"
+         id="polygon24071"
+         points="232.24,275.77 271.66,269.72 259.75,287.18 "
+         style="fill:#ffffff" />
+      <ellipse
+         id="ellipse24073"
+         cy="53.828529"
+         ry="2.4580245"
+         rx="6.3411436"
+         cx="760.40704"
+         style="fill:#ffffff" />
+      <polygon
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)"
+         id="polygon24075"
+         points="319.42,260.05 296.11,269.26 296.09,250.83 "
+         style="fill:#7a0c00" />
+      <polygon
+         transform="matrix(0.30097031,0,0,0.30097031,693.70904,-24.79695)"
+         id="polygon24077"
+         points="270.28,261.04 296.09,250.83 296.11,269.26 293.58,270.25 "
+         style="fill:#ad2115" />
+    </g>
+  </g>
+</svg>
diff --git a/docs/breaking_changes.md b/docs/breaking_changes.md
new file mode 100644
index 00000000..6d34b9f8
--- /dev/null
+++ b/docs/breaking_changes.md
@@ -0,0 +1,52 @@
+<!--[metadata]>
++++
+aliases = ["/engine/misc/breaking/"]
+title = "Breaking changes"
+description = "Breaking changes"
+keywords = ["docker, documentation, about, technology, breaking",
+"incompatibilities"]
+[menu.main]
+parent = "engine_use"
+weight=80
++++
+<![end-metadata]-->
+
+# Breaking changes and incompatibilities
+
+Every Engine release strives to be backward compatible with its predecessors.
+In all cases, the policy is that feature removal is communicated two releases
+in advance and documented as part of the [deprecated features](deprecated.md)
+page.
+
+Unfortunately, Docker is a fast moving project, and newly introduced features
+may sometime introduce breaking changes and/or incompatibilities. This page
+documents these by Engine version.
+
+# Engine 1.10
+
+There were two breaking changes in the 1.10 release.
+
+## Registry
+
+Registry 2.3 includes improvements to the image manifest that have caused a
+breaking change. Images pushed by Engine 1.10 to a Registry 2.3 cannot be
+pulled by digest by older Engine versions. A `docker pull` that encounters this
+situation returns the following error:
+
+```
+ Error response from daemon: unsupported schema version 2 for tag TAGNAME
+```
+
+Docker Content Trust heavily relies on pull by digest. As a result, images
+pushed from the Engine 1.10 CLI to a 2.3 Registry cannot be pulled by older
+Engine CLIs (< 1.10) with Docker Content Trust enabled.
+
+If you are using an older Registry version (< 2.3), this problem does not occur
+with any version of the Engine CLI; push, pull, with and without content trust
+work as you would expect.
+
+## Docker Content Trust
+
+Engine older than the current 1.10 cannot pull images from repositories that
+have enabled key delegation. Key delegation is a feature which requires a
+manual action to enable.
diff --git a/docs/deprecated.md b/docs/deprecated.md
new file mode 100644
index 00000000..f1c1fb0a
--- /dev/null
+++ b/docs/deprecated.md
@@ -0,0 +1,148 @@
+<!--[metadata]>
++++
+aliases = ["/engine/misc/deprecated/"]
+title = "Deprecated Engine Features"
+description = "Deprecated Features."
+keywords = ["docker, documentation, about, technology, deprecate"]
+[menu.main]
+parent = "engine_use"
+weight=80
++++
+<![end-metadata]-->
+
+# Deprecated Engine Features
+
+The following list of features are deprecated in Engine.
+
+### `-e` and `--email` flags on `docker login`
+**Deprecated In Release: v1.11**
+
+**Target For Removal In Release: v1.13**
+
+The docker login command is removing the ability to automatically register for an account with the target registry if the given username doesn't exist. Due to this change, the email flag is no longer required, and will be deprecated.
+
+The flag `--security-opt` doesn't use the colon separator(`:`) anymore to divide keys and values, it uses the equal symbol(`=`) for consinstency with other similar flags, like `--storage-opt`.
+
+### Ambiguous event fields in API
+**Deprecated In Release: v1.10**
+
+The fields `ID`, `Status` and `From` in the events API have been deprecated in favor of a more rich structure.
+See the events API documentation for the new format.
+
+### `-f` flag on `docker tag`
+**Deprecated In Release: v1.10**
+
+**Target For Removal In Release: v1.12**
+
+To make tagging consistent across the various `docker` commands, the `-f` flag on the `docker tag` command is deprecated. It is not longer necessary to specify `-f` to move a tag from one image to another. Nor will `docker` generate an error if the `-f` flag is missing and the specified tag is already in use.
+
+### HostConfig at API container start
+**Deprecated In Release: v1.10**
+
+**Target For Removal In Release: v1.12**
+
+Passing an `HostConfig` to `POST /containers/{name}/start` is deprecated in favor of
+defining it at container creation (`POST /containers/create`).
+
+### Docker ps 'before' and 'since' options
+
+**Deprecated In Release: [v1.10.0](https://github.com/docker/docker/releases/tag/v1.10.0)**
+
+**Target For Removal In Release: v1.12**
+
+The `docker ps --before` and `docker ps --since` options are deprecated.
+Use `docker ps --filter=before=...` and `docker ps --filter=since=...` instead.
+
+### Command line short variant options
+**Deprecated In Release: v1.9**
+
+**Target For Removal In Release: v1.11**
+
+The following short variant options are deprecated in favor of their long
+variants:
+
+    docker run -c (--cpu-shares)
+    docker build -c (--cpu-shares)
+    docker create -c (--cpu-shares)
+
+### Driver Specific Log Tags
+**Deprecated In Release: v1.9**
+
+**Target For Removal In Release: v1.11**
+
+Log tags are now generated in a standard way across different logging drivers.
+Because of which, the driver specific log tag options `syslog-tag`, `gelf-tag` and
+`fluentd-tag` have been deprecated in favor of the generic `tag` option.
+
+    docker --log-driver=syslog --log-opt tag="{{.ImageName}}/{{.Name}}/{{.ID}}"
+
+### LXC built-in exec driver
+**Deprecated In Release: v1.8**
+
+**Target For Removal In Release: v1.10**
+
+The built-in LXC execution driver is deprecated for an external implementation.
+The lxc-conf flag and API fields will also be removed.
+
+### Old Command Line Options
+**Deprecated In Release: [v1.8.0](https://github.com/docker/docker/releases/tag/v1.8.0)**
+
+**Target For Removal In Release: v1.10**
+
+The flags `-d` and `--daemon` are deprecated in favor of the `daemon` subcommand:
+
+    docker daemon -H ...
+
+The following single-dash (`-opt`) variant of certain command line options
+are deprecated and replaced with double-dash options (`--opt`):
+
+    docker attach -nostdin
+    docker attach -sig-proxy
+    docker build -no-cache
+    docker build -rm
+    docker commit -author
+    docker commit -run
+    docker events -since
+    docker history -notrunc
+    docker images -notrunc
+    docker inspect -format
+    docker ps -beforeId
+    docker ps -notrunc
+    docker ps -sinceId
+    docker rm -link
+    docker run -cidfile
+    docker run -dns
+    docker run -entrypoint
+    docker run -expose
+    docker run -link
+    docker run -lxc-conf
+    docker run -n
+    docker run -privileged
+    docker run -volumes-from
+    docker search -notrunc
+    docker search -stars
+    docker search -t
+    docker search -trusted
+    docker tag -force
+
+The following double-dash options are deprecated and have no replacement:
+
+    docker run --cpuset
+    docker run --networking
+    docker ps --since-id
+    docker ps --before-id
+    docker search --trusted
+
+### Interacting with V1 registries
+
+Version 1.9 adds a flag (`--disable-legacy-registry=false`) which prevents the docker daemon from `pull`, `push`, and `login` operations against v1 registries.  Though disabled by default, this signals the intent to deprecate the v1 protocol.
+
+### Docker Content Trust ENV passphrase variables name change
+**Deprecated In Release: v1.9**
+
+**Target For Removal In Release: v1.10**
+
+As of 1.9, Docker Content Trust Offline key will be renamed to Root key and the Tagging key will be renamed to Repository key. Due to this renaming, we're also changing the corresponding environment variables
+
+- DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE will now be named DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE
+- DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE will now be named DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE
diff --git a/docs/examples/apt-cacher-ng.Dockerfile b/docs/examples/apt-cacher-ng.Dockerfile
new file mode 100644
index 00000000..d1f76572
--- /dev/null
+++ b/docs/examples/apt-cacher-ng.Dockerfile
@@ -0,0 +1,15 @@
+#
+# Build: docker build -t apt-cacher .
+# Run: docker run -d -p 3142:3142 --name apt-cacher-run apt-cacher
+#
+# and then you can run containers with:
+#	docker run -t -i --rm -e http_proxy http://dockerhost:3142/ debian bash
+#
+FROM		ubuntu
+MAINTAINER	SvenDowideit@docker.com
+
+VOLUME		["/var/cache/apt-cacher-ng"]
+RUN		apt-get update && apt-get install -y apt-cacher-ng
+
+EXPOSE		3142
+CMD		chmod 777 /var/cache/apt-cacher-ng && /etc/init.d/apt-cacher-ng start && tail -f /var/log/apt-cacher-ng/*
diff --git a/docs/examples/apt-cacher-ng.md b/docs/examples/apt-cacher-ng.md
new file mode 100644
index 00000000..4208dff2
--- /dev/null
+++ b/docs/examples/apt-cacher-ng.md
@@ -0,0 +1,126 @@
+<!--[metadata]>
++++
+title = "Dockerizing an apt-cacher-ng service"
+description = "Installing and running an apt-cacher-ng service"
+keywords = ["docker, example, package installation, networking, debian,  ubuntu"]
+[menu.main]
+parent = "engine_dockerize"
++++
+<![end-metadata]-->
+
+# Dockerizing an apt-cacher-ng service
+
+> **Note**:
+> - **If you don't like sudo** then see [*Giving non-root
+>   access*](../installation/binaries.md#giving-non-root-access).
+> - **If you're using OS X or docker via TCP** then you shouldn't use
+>   sudo.
+
+When you have multiple Docker servers, or build unrelated Docker
+containers which can't make use of the Docker build cache, it can be
+useful to have a caching proxy for your packages. This container makes
+the second download of any package almost instant.
+
+Use the following Dockerfile:
+
+    #
+    # Build: docker build -t apt-cacher .
+    # Run: docker run -d -p 3142:3142 --name apt-cacher-run apt-cacher
+    #
+    # and then you can run containers with:
+    #   docker run -t -i --rm -e http_proxy http://dockerhost:3142/ debian bash
+    #
+    # Here, `dockerhost` is the IP address or FQDN of a host running the Docker daemon
+    # which acts as an APT proxy server.
+    FROM        ubuntu
+    MAINTAINER  SvenDowideit@docker.com
+
+    VOLUME      ["/var/cache/apt-cacher-ng"]
+    RUN     apt-get update && apt-get install -y apt-cacher-ng
+
+    EXPOSE      3142
+    CMD     chmod 777 /var/cache/apt-cacher-ng && /etc/init.d/apt-cacher-ng start && tail -f /var/log/apt-cacher-ng/*
+
+To build the image using:
+
+    $ docker build -t eg_apt_cacher_ng .
+
+Then run it, mapping the exposed port to one on the host
+
+    $ docker run -d -p 3142:3142 --name test_apt_cacher_ng eg_apt_cacher_ng
+
+To see the logfiles that are `tailed` in the default command, you can
+use:
+
+    $ docker logs -f test_apt_cacher_ng
+
+To get your Debian-based containers to use the proxy, you have following options
+
+1. Add an apt Proxy setting
+   `echo 'Acquire::http { Proxy "http://dockerhost:3142"; };' >> /etc/apt/conf.d/01proxy`
+2. Set an environment variable:
+   `http_proxy=http://dockerhost:3142/`
+3. Change your `sources.list` entries to start with
+   `http://dockerhost:3142/`
+4. Link Debian-based containers to the APT proxy container using `--link`
+5. Create a custom network of an APT proxy container with Debian-based containers.
+
+**Option 1** injects the settings safely into your apt configuration in
+a local version of a common base:
+
+    FROM ubuntu
+    RUN  echo 'Acquire::http { Proxy "http://dockerhost:3142"; };' >> /etc/apt/apt.conf.d/01proxy
+    RUN apt-get update && apt-get install -y vim git
+
+    # docker build -t my_ubuntu .
+
+**Option 2** is good for testing, but will break other HTTP clients
+which obey `http_proxy`, such as `curl`, `wget` and others:
+
+    $ docker run --rm -t -i -e http_proxy=http://dockerhost:3142/ debian bash
+
+**Option 3** is the least portable, but there will be times when you
+might need to do it and you can do it from your `Dockerfile`
+too.
+
+**Option 4** links Debian-containers to the proxy server using following command:
+
+    $ docker run -i -t --link test_apt_cacher_ng:apt_proxy -e http_proxy=http://apt_proxy:3142/ debian bash
+
+**Option 5** creates a custom network of APT proxy server and Debian-based containers:
+
+    $ docker network create mynetwork
+    $ docker run -d -p 3142:3142 --net=mynetwork --name test_apt_cacher_ng eg_apt_cacher_ng
+    $ docker run --rm -it --net=mynetwork -e http_proxy=http://test_apt_cacher_ng:3142/ debian bash
+
+Apt-cacher-ng has some tools that allow you to manage the repository,
+and they can be used by leveraging the `VOLUME`
+instruction, and the image we built to run the service:
+
+    $ docker run --rm -t -i --volumes-from test_apt_cacher_ng eg_apt_cacher_ng bash
+
+    $$ /usr/lib/apt-cacher-ng/distkill.pl
+    Scanning /var/cache/apt-cacher-ng, please wait...
+    Found distributions:
+    bla, taggedcount: 0
+         1. precise-security (36 index files)
+         2. wheezy (25 index files)
+         3. precise-updates (36 index files)
+         4. precise (36 index files)
+         5. wheezy-updates (18 index files)
+
+    Found architectures:
+         6. amd64 (36 index files)
+         7. i386 (24 index files)
+
+    WARNING: The removal action may wipe out whole directories containing
+             index files. Select d to see detailed list.
+
+    (Number nn: tag distribution or architecture nn; 0: exit; d: show details; r: remove tagged; q: quit): q
+
+Finally, clean up after your test by stopping and removing the
+container, and then removing the image.
+
+    $ docker stop test_apt_cacher_ng
+    $ docker rm test_apt_cacher_ng
+    $ docker rmi eg_apt_cacher_ng
diff --git a/docs/examples/couchbase.md b/docs/examples/couchbase.md
new file mode 100644
index 00000000..0144fc8d
--- /dev/null
+++ b/docs/examples/couchbase.md
@@ -0,0 +1,235 @@
+<!--[metadata]>
++++
+title = "Dockerizing a Couchbase service"
+description = "Dockerizing a Couchbase service"
+keywords = ["docker, example, package installation, networking, couchbase"]
+[menu.main]
+parent = "engine_dockerize"
++++
+<![end-metadata]-->
+
+# Dockerizing a Couchbase service
+
+This example shows how to start a [Couchbase](http://couchbase.com) server using Docker Compose, configure it using its [REST API](http://developer.couchbase.com/documentation/server/4.0/rest-api/rest-endpoints-all.html), and query it.
+
+Couchbase is an open source, document-oriented NoSQL database for modern web, mobile, and IoT applications. It is designed for ease of development and Internet-scale performance.
+
+## Start Couchbase server
+
+Couchbase Docker images are published at [Docker Hub](https://hub.docker.com/_/couchbase/).
+
+Start Couchbase server as:
+
+```
+docker run -d --name db -p 8091-8093:8091-8093 -p 11210:11210 couchbase
+```
+
+The purpose of each port exposed is explained at [Couchbase Developer Portal - Network Configuration](http://developer.couchbase.com/documentation/server/4.1/install/install-ports.html).
+
+Logs can be seen as:
+
+```
+docker logs db
+Starting Couchbase Server -- Web UI available at http://<ip>:8091
+```
+
+> **Note**: The examples on this page assume that the Docker Host
+> is reachable on `192.168.99.100`. Substitute `192.168.99.100` with
+> the actual IP address of your Docker Host.  If you're running
+> Docker using Docker machine, you can obtain the IP address
+> of the Docker host using `docker-machine ip <MACHINE-NAME>`.
+
+The logs show that Couchbase console can be accessed at http://192.168.99.100:8091. The default username is `Administrator` and the password is `password`.
+
+## Configure Couchbase Docker container
+
+By default, Couchbase server needs to be configured using the console before it can be used. This can be simplified by configuring it using the REST API.
+
+### Configure memory for Data and Index service
+
+Data, Query and Index are three different services that can be configured on a Couchbase instance. Each service has different operating needs. For example, Query is CPU intensive operation and so requires a faster processor. Index is disk heavy and so requires a faster solid state drive. Data needs to be read/written fast and so requires more memory.
+
+Memory needs to be configured for Data and Index service only.
+
+```
+curl -v -X POST http://192.168.99.100:8091/pools/default -d memoryQuota=300 -d indexMemoryQuota=300
+* Hostname was NOT found in DNS cache
+*   Trying 192.168.99.100...
+* Connected to 192.168.99.100 (192.168.99.100) port 8091 (#0)
+> POST /pools/default HTTP/1.1
+> User-Agent: curl/7.37.1
+> Host: 192.168.99.100:8091
+> Accept: */*
+> Content-Length: 36
+> Content-Type: application/x-www-form-urlencoded
+>
+* upload completely sent off: 36 out of 36 bytes
+< HTTP/1.1 401 Unauthorized
+< WWW-Authenticate: Basic realm="Couchbase Server Admin / REST"
+* Server Couchbase Server is not blacklisted
+< Server: Couchbase Server
+< Pragma: no-cache
+< Date: Wed, 25 Nov 2015 22:48:16 GMT
+< Content-Length: 0
+< Cache-Control: no-cache
+<
+* Connection #0 to host 192.168.99.100 left intact
+```
+
+The command shows an HTTP POST request to the REST endpoint `/pools/default`. The host is the IP address of the Docker machine. The port is the exposed port of Couchbase server. The memory and index quota for the server are passed in the request.
+
+### Configure Data, Query, and Index services
+
+All three services, or only one of them, can be configured on each instance. This allows different Couchbase instances to use affinities and setup services accordingly. For example, if Docker host is running a machine with solid-state drive then only Data service can be started.
+
+```
+curl -v http://192.168.99.100:8091/node/controller/setupServices -d 'services=kv%2Cn1ql%2Cindex'
+* Hostname was NOT found in DNS cache
+*   Trying 192.168.99.100...
+* Connected to 192.168.99.100 (192.168.99.100) port 8091 (#0)
+> POST /node/controller/setupServices HTTP/1.1
+> User-Agent: curl/7.37.1
+> Host: 192.168.99.100:8091
+> Accept: */*
+> Content-Length: 26
+> Content-Type: application/x-www-form-urlencoded
+>
+* upload completely sent off: 26 out of 26 bytes
+< HTTP/1.1 200 OK
+* Server Couchbase Server is not blacklisted
+< Server: Couchbase Server
+< Pragma: no-cache
+< Date: Wed, 25 Nov 2015 22:49:51 GMT
+< Content-Length: 0
+< Cache-Control: no-cache
+<
+* Connection #0 to host 192.168.99.100 left intact
+```
+
+The command shows an HTTP POST request to the REST endpoint `/node/controller/setupServices`. The command shows that all three services are configured for the Couchbase server. The Data service is identified by `kv`, Query service is identified by `n1ql` and Index service identified by `index`.
+
+### Setup credentials for the Couchbase server
+
+Sets the username and password credentials that will subsequently be used for managing the Couchbase server.
+
+```
+curl -v -X POST http://192.168.99.100:8091/settings/web -d port=8091 -d username=Administrator -d password=password
+* Hostname was NOT found in DNS cache
+*   Trying 192.168.99.100...
+* Connected to 192.168.99.100 (192.168.99.100) port 8091 (#0)
+> POST /settings/web HTTP/1.1
+> User-Agent: curl/7.37.1
+> Host: 192.168.99.100:8091
+> Accept: */*
+> Content-Length: 50
+> Content-Type: application/x-www-form-urlencoded
+>
+* upload completely sent off: 50 out of 50 bytes
+< HTTP/1.1 200 OK
+* Server Couchbase Server is not blacklisted
+< Server: Couchbase Server
+< Pragma: no-cache
+< Date: Wed, 25 Nov 2015 22:50:43 GMT
+< Content-Type: application/json
+< Content-Length: 44
+< Cache-Control: no-cache
+<
+* Connection #0 to host 192.168.99.100 left intact
+{"newBaseUri":"http://192.168.99.100:8091/"}
+```
+
+The command shows an HTTP POST request to the REST endpoint `/settings/web`. The user name and password credentials are passed in the request.
+
+### Install sample data
+
+The Couchbase server can be easily load some sample data in the Couchbase instance.
+
+```
+curl -v -u Administrator:password -X POST http://192.168.99.100:8091/sampleBuckets/install -d '["travel-sample"]'
+* Hostname was NOT found in DNS cache
+*   Trying 192.168.99.100...
+* Connected to 192.168.99.100 (192.168.99.100) port 8091 (#0)
+* Server auth using Basic with user 'Administrator'
+> POST /sampleBuckets/install HTTP/1.1
+> Authorization: Basic QWRtaW5pc3RyYXRvcjpwYXNzd29yZA==
+> User-Agent: curl/7.37.1
+> Host: 192.168.99.100:8091
+> Accept: */*
+> Content-Length: 17
+> Content-Type: application/x-www-form-urlencoded
+>
+* upload completely sent off: 17 out of 17 bytes
+< HTTP/1.1 202 Accepted
+* Server Couchbase Server is not blacklisted
+< Server: Couchbase Server
+< Pragma: no-cache
+< Date: Wed, 25 Nov 2015 22:51:51 GMT
+< Content-Type: application/json
+< Content-Length: 2
+< Cache-Control: no-cache
+<
+* Connection #0 to host 192.168.99.100 left intact
+[]
+```
+
+The command shows an HTTP POST request to the REST endpoint `/sampleBuckets/install`. The name of the sample bucket is passed in the request.
+
+Congratulations, you are now running a Couchbase container, fully configured using the REST API.
+
+## Query Couchbase using CBQ
+
+[CBQ](http://developer.couchbase.com/documentation/server/4.1/cli/cbq-tool.html), short for Couchbase Query, is a CLI tool that allows to create, read, update, and delete JSON documents on a Couchbase server. This tool is installed as part of the Couchbase Docker image.
+
+Run CBQ tool:
+
+```
+docker run -it --link db:db couchbase cbq --engine http://db:8093
+Couchbase query shell connected to http://db:8093/ . Type Ctrl-D to exit.
+cbq>
+```
+
+`--engine` parameter to CBQ allows to specify the Couchbase server host and port running on the Docker host. For host, typically the host name or IP address of the host where Couchbase server is running is provided. In this case, the container name used when starting the container, `db`, can be used. `8093` port listens for all incoming queries.
+
+Couchbase allows to query JSON documents using [N1QL](http://developer.couchbase.com/documentation/server/4.1/n1ql/n1ql-language-reference/index.html). N1QL is a comprehensive, declarative query language that brings SQL-like query capabilities to JSON documents.
+
+Query the database by running a N1QL query:
+
+```
+cbq> select * from `travel-sample` limit 1;
+{
+    "requestID": "97816771-3c25-4a1d-9ea8-eb6ad8a51919",
+    "signature": {
+        "*": "*"
+    },
+    "results": [
+        {
+            "travel-sample": {
+                "callsign": "MILE-AIR",
+                "country": "United States",
+                "iata": "Q5",
+                "icao": "MLA",
+                "id": 10,
+                "name": "40-Mile Air",
+                "type": "airline"
+            }
+        }
+    ],
+    "status": "success",
+    "metrics": {
+        "elapsedTime": "60.872423ms",
+        "executionTime": "60.792258ms",
+        "resultCount": 1,
+        "resultSize": 300
+    }
+}
+```
+
+## Couchbase Web Console
+
+[Couchbase Web Console](http://developer.couchbase.com/documentation/server/4.1/admin/ui-intro.html) is a console that allows to manage a Couchbase instance. It can be seen at:
+
+http://192.168.99.100:8091/
+
+Make sure to replace the IP address with the IP address of your Docker Machine or `localhost` if Docker is running locally.
+
+![Couchbase Web Console](couchbase/web-console.png)
diff --git a/docs/examples/couchbase/web-console.png b/docs/examples/couchbase/web-console.png
new file mode 100644
index 0000000000000000000000000000000000000000..7823c63cf89bb54432229239588a0272da469d31
GIT binary patch
literal 162338
zcmce+byQnh*Dnk;S}5hTMOr9?LUH$Ep}4zyDegssB~*~&?pEAgf~SSz?hd6$a1W3W
z!cCv^9C^QQj63eQf80Grve({gFPU?#HRU&Fh?<HlAwD@i4h{~XyquH<4$gfo9Gtt<
z_itg}?26yZ#ld+<W-BSFCNC*Tt>)@%W$R#xgCiG`kc6kF*+<#~Pb8L*Adq^au%#Sr
zk`EGpBQ$$o{)3vt{W~PWHAO$?yFQT^<Ep=B`%rfGaaRY;+e!i&W|rM|--G(oh)3bR
zS8azw7ej5ZbV2yy&0t1T3htY+Ou9cTaujeZj!y$(J^}|X1ElD;iKvN)aY@uZu!m)^
z97TS)fA>ajdFj@dOURN&`fk=W#$J8%z1tiP_2cL`!KOXd-X7d<d~>(VsBi*QYy^_i
z82&gl>@AUC`~!zZf3R3%`iWajd^sI(ET%pB8i!g_pVf>R2mcp((9e^3Fqis+!w~%F
zGWz1p`P;(k*U`Szs{Q@_L1l7*4ykD4%t`-&6p_rhE(J<!Thmv8dp!dr7B!nUS)Io)
zMV$hhz2~SZjfnv9m|wt7m(u>;M~`_XBh!B|1P4m$eDn+HiMb3znxrx^%4~}D4kH51
z?>)o$`l0iL;N!!dCzfBh-?dsg3_MYImn}x#JwOnd=u*QetdR&9f^VW^BV5P@UTY<~
z(TVXmgoE;rZhd;$nG!_BAr}@Iw<BeE>RoLXO+pRYw2}(!MFU9kkU<g1`_eJ*hJvD3
z3hv*g$p<F;=p5+5I9d1=bHpiYbWIH0qj^cg;G5mSk+y5^uhIGBoR5+Kv=iaq=Qf@)
zg|U%Z$n>JCjTZ;M$!)(jmvueO?S9vC`twd)<n8m<8GL*aB>-QB-mou;cAYMN;QM_9
zyuJ0ftdE)^@3u+L+fHgUo#O)>R_Z&&9|%}26RW?xmL~w1<i5eZBzQu$9@&GGGiag)
z%)`PB^K})YX>5m*q%1xZM%TVqUc3$Jlw6%6&@o(m4tgGD&KxP4u%&uNd++h>FIH<p
zvuYmnWfI@6R2QIf9hwqkt6Zz}*}?D00>0_6@73zP^l!DU{u%NrZ13WQN%j%mh7u>?
z*|$a<{li$Zvv0{nP7k$(e*znYCyDCU9vVH>`*mK$u-wS7mv*}jQmMvU@oPa3b172Y
zet5-L%aY9Ux>xH})b0i41&S-|5M=)2<3%(;v^rsytBg=M*tlE8jPOH9Mi+Ut=U!cM
zk9Eh>KBZ^A26<A3_XayDPOB@bsj4t&fU0#L@qM~Oigg$GMhIDebHm&A=%m!dp0glR
z3wEC5k%rVCb@dG{IB(G4BnWVs^VN!DfXhZ2Tj6t@q$f5?*H-4wao(RW;hce19PU-F
zo*3YL+g53iOXjFw{Y8L_v1aT@$i{X5fXf*OuDKiejnE6%pOYluvrROPRj0b@ZGAO_
zQPm%;x4XU)m)%bL?pZ~#cU$`>=WBfOZ%pqW8QswpXJ~wI(AhLbWb)zV(W7wc`w|j1
z_bJETxId=-ajRN7{V~xGzyoQTm^-f?$V*>-xv&3)RaPN}u-DUqLn8tmnl3f`GAV|A
zoqas)A$4VpDr1m_y0#VtpA19paFGD{Cz;&ZQ7v9Pwl`s;d|Ntow?qS`bK#?<Tgr8K
z;E#{YapHQOB~w|22%5L+y-xg+|5n0*OXpL98Hpa-^qm!iM;RW)58yAU^hh2T#n)n=
zkDjGRz<-7vPhEPp;#c+<9`AZ_00aE#M(-QkA^61dGWicxIl4hQ;-~%h@$NI+C;J(?
z!_Z3mB;;YvgRut{LwDW@x!}6+xiC~m&MNKEoIehhe-(SL@6);pK0~#fciy{k{_&UN
z`WgboS!W+vRj26|VsH0`SOA-%jbwmwK*<AoG1{nJroQKWP5prbF6)~E<p~QMGp|6(
z6{b!BIZ9mFjhZ=3+wqq1<?#mncl&SmQ+RuOgT2X++b1H({1d~Cs9w|9!-N|-?d()d
za4}CY%?`O8U44pA5-Lb0_xVJtO-P-{Jh=hizR3RL{m-|Izbm}d`<PoLm2H%5l5Mz}
zpOc;wlLP(b&~>YeyURRuh8QnlJw80aFF{WsETKO^g?UMbT&I9#fialHnyFF;SmdXV
zY{HlC((5t}%+<)NQQc@&08r*qjDoivP_8Hl>aGurS$#^1Pmj;IUJFrW7rYal8k*W>
zP&O}8?^-`$C;BklZ1BF71@|;}B)1b6P<b@-r|3svv#Egj2TM<vOI5WlG~gvkMKi@K
zS~q#$Cy!=&NA)Vlz8<SRo#CBHuMpIAOWM3U^gX2H=@NYnL!y$1&~YYdiDd;zas3<n
zES;9=s)k6<uMKZ})6Tv3#VLa#lT@0A=`(nQZa2Fd6B%b7&@a_C`*TkvFApkh>R7S3
z$*C%G$f@Q*bt@&ErB<ZGWMFDAm78qbu5WYHU2o&W!@fsnSFG}O1_tp3U4*ZPr$>y3
zH$1C<-X_4$70F{_w)hskD7ExzHt$<r_xeYsp~(r}p1O{+pyy+QbF7^Xh5Chpb_Z`W
ztxTLCL$~VR*ZtJrtJ_MIN?zv<5i5Q-?x<Lj54CK!jIgXE>13WP87=v~vtiNM7ZNw4
z>Xe3_n*S~|;R8c}DM-?a`2+ct`70fV9OoJ~8U*%iJaIi0_sI86<_u@u_Ca$iE?<R}
z-1JsQe;sv=^{H>^?Y{nLu@%2w*SXzLTjCaQY6n+jze5H{qGK;K0yYaZZ#GeRTrUib
zvvux&T{vZ;*KE{0SKW4-0a-U4dK@0V^?BvJcf55xd1~RU;{`nDKKkWFdE~R{xS4SP
z?!C&7s*f6l2aNcd>aIw)4?&VmznX@a2E#)A!*4uqWN}fr#khR9k{=&^B)FCK`M&r|
z@!ii(c=mX;pG!Xn7YHdE^VahPkUt@*5nXpF@-E`6vn3aD+^LJ0pbB^%c-%?eA@245
zvim6bG5uq~$1r6Em8fJB;I(a@@_I*a1EbGmdeLX~!yItVjLb?DSH$D4x*yEl!{OzT
zU;vy9`m%xn;)>3>EPasrpf#XdO5>fwua7@gpJRCVN4B!IIcvQ(%k}ANH;0-<4Bb38
z_a@wk;Z>V26lq>{(NQX)2Jx-6tAgS_$AMlERfDno<#=t9uAGirAq={Gp&#no9~2KS
zJ}9Qp#2Xix=pVo5-QK$2s=F<|-7>La9bm0x6>imSIc*tJ8(X7tqJ8-sJ?)UO=RIe9
zi$J{kD?<;TwcBtsr<4~pSzkuNLUJKKRA`?@b4)d7*)Ixxf+lh^hf}2$ibRQ3g4>a3
z?b9rhJH+T39Mf+mqcv*It2KdbVXb8Q#^J0gCW|#c-pY@~V)8#KmL{qvTC!fXjW)lR
zTwU038AuDQ3ri$LToYevDpyNXS6!atLrGe6f3bM82<yz1&o}JYKPX&RDE6?`--b`^
zP3b}!klwo^x%L{<?qwcEE%uZyl>STQh|Jwmenw};*-@y=d^bvYP?;`m*(tLY>6!wb
zJ79}v%V85Wl!Wp-@hmntEx`9}7n~EX;%D|p=d0~{t}@aymRedprw*o<jhn9~sFpK@
zeQ#e(>ps(s-={qoSh;Zb-@`PRru!EIzj}W?`<A2tu~gNz(6+DF^gxK0f3~+DC08H%
zmYotTM07>zR90WMWY|;0B6=(GOC%a;KVAuq40_=xxan7R-Z*wl$*{$suoHtqA|wfI
z2}L6wL>My^W;)oq+6x`0O*tnNo~a~c=?J%-Kip6nOBt)ZYaN_+cjz-*V+2t@Xxrou
z#GoUlx63KXB-o9bpS?f!O9L&;DIO%L7<;z)orIny1eHeW?k-TytD+B%u0kI5M563f
zX2^w&h0>Y}+%vY%_kf_KLsS>VcY%uKhb?m+ESu9A3p~yji>r&?5P{Q!QeWhS%mD}Z
zjhEVq+P2voZMiIofAY2Z%-XD5^Gqf5+GTR>3cS}&rs|sIcfjGJ;A?QMbfJ%MTYwkd
zyLC_KCjHp@hTwZx%=cfg_?!9T@w1I%SR2L(5DM7wr}N`O`5-7F1QMM0R~jD5J{0pw
zLO891`|u)&v;i4n4dBqLGY5+U>v4Fw>0moAm=KA2%WLnh_3cT`D?{9eI=pmuKg=ZH
zj6V6fjGMW}h(CUslt(?zlN<0&tokgRo+%PX%Ln(5TH+6Cjk0rhOCMV>w}wGi#!PVP
zYbh#gV$<GPvkXZG7C!3;9vc&w$B9nGxukhPNjWDdgt8PP_9gqU`C_|C)#%InD42Ck
zve1?3C%^y<hY0P!GbQ8($9f76-plE`;oy+c{r=&~YrHzb!NJY4)zWj<Q&ti(cXnhq
zvv7WA$?oO&9{V*8j)<2Kw&-Z-Zbt3p=-}ig<Rwb;pD%>4<=?M4XsG}5iMzchjh?a^
zwWPDFB{d&AFFPj<5TBZwTEx}DN=QRW=D*FcPogw7?(Xk}I5<Ec5Icy6-PzTegG*3Q
zkb{$(gPWTT`vseux0Ab>7n_qC?Vp|e)sK{=o4Kp)dv{xBC+gq*n!R)Oa2KVa`909z
z*PrvW^s@bDBqz83l7%IZ<97`Q7dt1%-+g17iu`^nq-N`7>7XZN>uBlZh8+XQ&Benl
z@}CC(zp8(R{8v-`f0}afaQ%;_|El_LQxT5eB>an{Kl$~aw^)V&@kKcPW<C(V#J7eL
z=a$1gc`0!%ulc<UP_nW19Ml^IEpe`HmyVT}u%g$p%?`BMl9s+pprERzzDFrug3tW!
zt}RWDd+Z-}KEZd!eY4z#&jcM&DGzS^U~MzY_Lbm%i(7X(*M~h!n}*YC&*$wc+Zc>Q
zF1$0Xvt~TcaR0Lf{``CR{M?M-U(Yzmf7gCM|GVl9<lj%!V*h^nzibu__*W<Y=cE0P
zW;ne>|LWv_H_2$gk>^`kRb78c@JcJv7}lD*Heh<#Xd!WRmuyqaQyh~X1<mqwI>?)F
z?MY7-b~QREdMd<mBXO9=blulXX-w%nG>_uh?g%BJ1g#_iZ#ud=BOOI{0t%k0I=<d0
z3#tX`+>D)SW}%g?1IhT5&=M0Dkm#n1_6iafl-nF7xNTAMpP8=X?UkRAiJYouF%M>}
zxLvemte{n{tl9hh*U{%Zz*K<04rYDgq$g^G68!GG%G@nDd<fv9)ML$Y;JxJx-kmw@
zg)gU)oY(V`k+SyQ{ED1*6PtTK8bcUNWh{0cFzLcjs3OG2hZ$VohQAud=>3YzQZV+B
zp75BlrUI9_Ax|U>!z#kk{#pDF=nri%lx<7bjzeHKxCdqn<(cmje)ayK%G?z%YKY3q
z>-<A!%@rWE{93I5^>Yw{w|Op14O{t$oEY9lbyeaMke)*uTBT2DQ?~rjA%oEN8NUuD
z#1&=o3-DWG#P<bzvAXLIoefl8mx-SrE%^05P9qYwJDqhgR23~fh-FDVyi|slBybBY
z8vPG0C7jTvF_jsOxy^_o-Na%jJl<NZjLn%%v8O~YR_(ODHuHlc1Q6}7+hE1V<@#o3
z3k{K1H;eqoB|)@3bftDXC3X#jm2*O^R*Kq)&5|8u+7f{;C8-EnyXk%C4N5X<9x@kj
zw%*rPEOle3o%|0!aH0WKcw<>|XGL0*Gq42VbEy%}J&LDPDflP3oQ~aw%wm|cx4S<|
zHDn_dwWb^@OXj#2J9z-wQxvjVl>qg&iV~~xXX-5tsBaP0=?h1vrgbA}D>L(h*LVLW
z?+xUeiR?;H#1iyIW`C#_50Fy&RTOh@l6(CT&#<DEnaeYMuxGj?b*QscfUt5|FFzn^
z2ho16r>WgiQsRmDGCxIYKSKr5SQ2QTIREif0rL~{8#ns%q85957zePQ_FO)jK<fhr
z4*c~ziLg+Hu8FpQ=OTYTSZm5_)4b6dIIXQc;8#{r5`)xZl9{X^*KgS@axttxYn<Np
zKUi*vxcY}DzxPOF$Iev7%+f4mXKs!wxc`0Lg&Z=*|L6Atmdg2x#LW^<zSaU>xa7Qf
z;Ir-PHoHBSG>)`c_YttMVZ(d>|4J86fjI|H#7_P0bUA2Dm_op*AMUm{LQz<oyR`S-
z-}G?7a!43O5N4_`glHmTPz6K!C&@Cw5Y#}JY2Sty)xEHD1p#9RX0o624d8`X-6Y3_
zcCehuRa{zal9FnMaJ`D($=naVuvDFT&+g0$O7Mu&h-d@T!s6Vi4!eVk`PBs}udTeb
z%JKC1Hat$ux8BmcIjn~SiR)X1Zafb<*BqYj+>l*M&~>B`Rw)Pa6INCW0_<DsqTWDQ
z$!ObPx>Vka-HHsn%V3U^+kbNVC)*owWH2C2D+HdImDy);ZeUw&JF&U%u>d+doc|ai
z^=_?uXj`e-COB=m#AcAfqBBT2N(9)ncghLE<UrTT9UScw2JLNZyat9F->wc=^-y{H
zY3N$}jurC22Pb4lV4UVe{;{BhW}^$+IH>>DDqFtaL6?Pf_S>K-C<t)=<zf?{Ti?bf
zJUTr^yP)oA_G^5*IJ3Q@Vi>8Q*%P+l*5@a1^H?16?I6c_h&&Bh-ILhXFM9O06HBGG
zf^5RfPUof{c0))-pH~llU5~2nacp#uxcxVM<)Q9G)M83!4NXn9&eIYtuh@u9A@9a{
zOl*AT%b>Yv8z;MQN&y1MULR9)C|SXX&shl5xwl@UP2a+S4*A^I(k+%&lHz*`$KL4T
zV$Yt$ay@<Cx5KT0J~x5ewHNCQ-bv;kuE7kzrlG9>Nx<?+3Ovp<)!4r~UQW>OETx&!
zp9uN#)Me7#aGyKU+iw?Mn9rV?=(-YLJ4bhuO(2M5Qav>S(subvVUI1vhU`p~b3aUZ
zy{CYAVkfupXTlR;B6&QT>%0;1m%8`>HG(jjW{)l`ElgPIHQ7a6qhL8mluhMQim|I$
zEFdlmvP|f>>wAIk&tckxDi3LeiJPPY7mN_-yBsZt96q)o-lq83EiI?}9xM?Kqvq)8
z#ZSs<&_>kJwzbLSRe#jX#j8VRe}g!Fn$-@n*tSSHwZKwZst4g;YUsiRy)4W(+xZ;(
ziRYGPD%`+3O#%AJ;R9=FH3za#4*PnHWQkQ$f#{X3Dnuzg1dWvx2iU_r<7w>ghN*MA
zw{V310X2a*5N`AwQ^-!10bZV}@8*NUzYGSu0!>J0?M*4QYxj!GXN>u?ss2*VM;DL6
z8=!EdCz9LH8B1B6O8pl1xzPLpT`fCfYQieW^*!go8WMcG7CKO#2Cuj6W2&~fi6w26
zxnZ;85{eLYtHn4ka;e6nbXi?AtESp3Ljqv?fqhixYmJ<ojq9mULJ0?D0VA?R+kUXV
zR8mrXbn!)v9fF)vTZ>eQ0OER5E2IGCuKV(_Jv!5AssiQPSW`zcp`zPpNYiy4SXdxp
zFCxCZRBiHu{tuf#%6%lRjuRD$`S2j+SV8eE?J+i<>7mw&Qbn7=d5>Kd<Fb3n!3v!U
z3(>RIGEA)Vbr#&kVX1<`z35Rp5NMkLluPA%VtblXUSF>TQA*?LF^a6P=<1&`*rD)K
z>Bm3_(XU`3e!h_0#}At_fAwITDY#`gAExh&O^)%f#AIbSa2P5wPb`(bcy#I`tq5Od
zn}b95TX!Z0rIyoCN3spCPDCy7l6i@*9WBFECg%(php6R2casWKRa4gcqDI=IS<jAF
z9%Gd};>3Jlc1<9>NM9i5HQYQU>-0GEnf_IOQEL9*J5iJ#W_CJVzNu-+GYeU&WH(gT
zB3BeQ@gV*JMuG<tbJ`zA0lD<modpCs?)bCqFk}k={C8}hX4S7uXNiJ73P;_V8>f<v
zV`<%0srTDpHf-tR=cqPAo%=1n0D>?QPj{hP1D6Jwly9p`H6Y=JW4%X%ZXBt7a5g=y
zvzU%)exh%D0`xCTJ!8L@y@&Qi{hSuz+h`iE-8#1gWTvB)geG*h`>I(48U`^~(ex{a
zP5TFIE3bJ?n#^$WofIzEQk{4|&2t=>Vs*n8;@HH6+=hpCA0GG-7}rpF97;`C>F*wm
z4=5^Z^yC$0Wj%qtxZdi|`!2>%k>>6eb<Zny#U0XERUC`9+1mnc7d!TdwkzvXqpIs`
z;a_A$SB{Q?!j<zb=UeYViGsPAmF&7eaDjWlm!ZF8!^p$tLv7Y0`%9Z$b^0G(P0WY>
zI@)RaUOaVUB!>A0i(bo`-Q27!Y73S(QU83lYwE<jL(cte9jnF!sKvC-cY+L03bWEg
ze;$3@ke$AaTI&H}F1tIzCa%&tZdegyo+JLOpKX1i&I7<B_~Z``M{;2&u=f6ZY<g6_
z$*}Cu6E20xcArTXdycediNCDlJ=~K{PmU@sP3dY!YHf8ZD8-M0qnnK-AdS!>;tv$L
zudNxQ0F8tF(-Z(+h)T@B-MfwsKNqfd+M4dfy;mcD?CEcW?jIk=wbGt*=x(nh8^>{)
zHJH(67E7$uvjla%QnE?@H8V^FgkNSeZ5pD5jaT1l{$VxJvUY&?WAHm4^UORw65741
zfAUL-j_%=RpNp`(RxH3$zsV<pqKw10n#XF$Bd>#4_}kPg%`D%sqSSHg0xbwJ6I8%{
zmvtbql9$1t)+(dTuY8(3b=;$QrnGSK)%U$|H;q?f^xBDl&t=#3eu&hSrJE$v>tod@
z6)J~v&b5b1H{rz#HG%!1!>JF~9_FzR6R~I}yxURGH+{#&^9%y5@skK~l+3A%id^nc
zsg<O^gmaV1vWXfYvsvSC*LyziMgw|@W^b>{9yG=Y`+FI$rod4e@*yFVC{>8{Rb<7Z
zwyM?we>2|}&}Hl9THCak8%n?+nAm6U3Rl!vI6%-y6M1HD&^BkPCSi`s^o>hWU36b}
z*+qZSEmd#@S^!DI)cH7~O2Bvj5{6Yhy+j;40*;9Y(voF!r65ehRE3ENI@IH3Xk7DB
zCK(50O3Hld4Go(8rUSb>)Hj38mYNA6z#cnj)Td)c9;*>Tnr+C5tR(oeGOzl4zdd9w
z-#RPHYQ%&%M%PcDul{TkYna?k!8OZuh3Z9nTO)S(q^~*8DE&@1z+Jh@g9iQ!HM;aP
zrgfdA9rAU?n=ELd^}zRW%4Po1EH9G1!$?<LdomJr6U(0ss+XAS5GTzXY?JPKwya(m
z51~12Us&Bs6U_51zolG(9_=cLjO%uoBc;38%G}A=uKh$I3f?s0iOQ5QOmrMdt(P7N
z&t#u_ttmXf=39T&Ff6j88a(ou%TYm)d)Gxd*0@kPWxUg&va7e;*hhug5~Af3i$^~-
z`_lx|8CURVvnZiFBe*-^oA=0c-%}B&sP%xh^vT+o97LoJ$QYWh6@{=pOxo%j(zlF$
z)~3!Z#_q*#hOc*RW?9O@rcj+RrJZi~A;Ivu`8)(&WwaU0B6enO{gT<Y{_{;F)=CxV
zkNTd_#*Lx%y{z6(GM>905cVk)(M%SGaoVexZI*TH2?h!VH33iYPf3Y4hc5Jga`}s!
zeedY#kfy@=9K)ug!p`kcCaha20x;i$)`}*#md!77RJGQi;nXQEUln*Oa*iR>rg3xL
z5pG<yDrr6wc{Bl>obt2SuPK?&*A^cRt`rqHJs$7nQj8>rZq_{LYdPGP`uBO(%H=ja
zGHqm(yV8R}%ohz=tIV;O9jRXzWb*|BwIQd>55|wiu>ksteHo8@6NiZ}IhU1=(67Mf
z2XhR_=QuJWjVnFS6+7rk64W$;W9fM=AQT@@evp{Xlh`;zIEpZ`rI^_&P_v-@E%+O?
z?rTm}74UaLGcg|UG&SIXeThO!agn<71@??648K?9vL8lM8}>TiGxt>L_*z=pIX8>=
zXlHP#0n!aFrpu3U5@k;dGY^OcTUiZdh`rGmJ6I6nBWF_3(|;U_2a@;9a2gL!?Mb#z
z5z(gG^xPMGt_Rt(>pUf~pKea_pUJx6?;XghquZsoXq0<WrU**tCrY_3_@oWEQ(f*|
zXp(5)6F-DjGYIi`B6Q9Q<DCv((<dkO*o^L+wdHY3qkcyZ2uFWi6+FR)D3PnksGZMl
zvRShbl<Wza(JZEEV4kD3ZtXP5)5y>JijImhNolLmJ*Q{GbgQw$tb<IrqP1kLp9AV^
zl#q7RwMU{GI!I#rhoi1vHsXZEkiDe_IUb^%WHjb=yg^82YT`d;i6ApgY`&~%CIGe|
z;&}vKxa>90f7VU;q{|JU1)r+t*F~jv(PCFOR(3xp#+($u=Tx7C{P-8JG5d5qI6_l^
zpFdSdg#KtJQeEKw!mkee*aEN4F)5m2j@nY|ZuUMR!@ETeT2RJ$rz;PZ@JxmLGvg}@
zZaRb1v@8VdgDEjL#ADkPgj>+`rL7s)Q$`SPM>yw}?8%)5(zxgR@3-de9V^xfl)V|R
z60dmA5VK`n*z|JG+Iml-l3>4yJaqSodj-wS%RtU=7_6Xna$oj;_T>Cy@tH`GBXrJi
zKY`B<YY~{l+j7l4me662cjN?KdXiQ8?m8^hA}B<Jiy~?iI>E6+KAHYzR%5Fit*<A-
z9Y(A{+k$g#Cu`qf`{QCvBMt*#H%RBU=1wR&IF=LZ7LoQ5Y3IhCGuGdK@??#{ks|>h
z%{BppQvX3By0IQCYWEgt#v?{AWLf!JE_(_0Mb$-JG?(!6yi>A*-3CAE*8;?si@wtI
zeeXH=66*%~oNhUjj0yF^-(-D`?4|OvIR9C_{kf-s($8X7T$UH$t~Vhb%tz(bSR{6I
zG>IEbM<gOrePgz8aWmS$73{EdBbjDTw5;VjT9EpgUkgy@If=0s>1KpWZkji3pK|5M
zY)aY!IHJnDZS(4at%0PG<fkX<YdXjj0Oj9S6by>4n!ATDdEpLHW+uzyH}w+Os3H!?
zfd0(?NL$|WN^H@2mq-F~mcajmT|%KiL#o{d*AgUi_iLy@vEe;hF^2+)vEsHbZhDiY
z8fw0}pD!u+9X%yy7j}0{R-WdhD(+4@S8b%Bo0TdLO3;jU01fw<!AKGWw+l$)ZdpG$
zUpBLzrz*3h*Io(Q3v37{^<xR+qVW{Xhsk<oY`gF7LR6L;(OX+KFa#8|Fp$ON{C(Hg
z_0_A*8K`2wtgBwu@qlX6iDcVogcs*fcW&vIg}@vI{luD_j&}^Y`DM7%O>7ho(?0xm
z1r|&o#9Xc2(Fw%Wy^*i;O3yAZ+c8(r$VHgtWO6}FeFSYcZ}>A!G1r^P-s`8i=am$K
zR##uR7G%Qbgj@$VAJ?bJOgp^LuZ2hrH9zKK_Nec6c5Sz_NIqRniQ<G~K@2`_0D)*X
z>odMhx^=ui9o%nJSPr>suWEs#mhNaP8p@P<#az?CiV5i?-}-RF#F4A_%J68#3W7v)
z5^m*Cdp(XT5GnN0uQY_r;=gTxH#BsR&Xb3us|xuk75eE3ADWEp#dmKO*t%_ox%;RQ
zrc4=2#;zgBtm4~1_A?crw8*_!G^0WnBa2w*`Hv;}G^9Fj)RZwjMZq{`Z>PO2vfRy|
zfY}W2pf+=Sh4%D=ZAOzC*2RLaM+^{gAPS+r=N(Ct2=M8&c>M$Qk4%=jekkO6nN)kL
z@zGS*Ycc6gzUTbAzg7uT1dJhP7Z)kRFBF7qcZ$4r{o8V;9MdDwUSS)uxL==u?R7v)
z?@!;7XTns@5psuyOAXE*yH#UDoiYN16icri+&imwP-aubt9&7=d>)<l{{@={j#7uP
zP*7<J*77$I%keSR9!f1qo!WVCvZ32TuFeJToS<q)Cc{>erOkWFTiqpoMP0Z%&HarI
z%`Q32R*gLfC-p~-D=Ipy+=aPypLVmHT_74e9T<)f6#TQ?`k17%T(15UuY<tn3gn|A
z*-|O{kCK6ID$lZYwDUhbtvcYpz4sBKCGfgLG>c#j#<GW>bu6UxgFSC_VQPMSacN22
z{fltHR=BjVd6b4|4x0%J;wPhafopIA`*=o=$}iA|FXf}W8;QLA@Y>Htt7(yrwbhX8
zpmEifmif;HN|^ivu<N{mVaJQFBnJh^2*aG>Cn3#M%GY)+<~zoKFdq^hr8yQ+22V5l
z=?b@=y{$vO{f$DAT;OxjgmY`qVcK^)PW_zb=KTf9NtR_TqKRR5kNO2fQJf#z0KcFt
zoz<8<Z8;xq(ZnG333nc^mccUX+mic!L;WRR82P}X%SpG8QO2_dPfy_!TCeLRB;mnj
z<g!WO3!U$xKPb;T10y`=Yv65I&)^H8SZ&_m2MPaCGO2gw;O2>8@0uCeSE;Ajh;229
zm$~O2<LeWwG13abLc|yG09$+DdAZYrA=&Gyv0}5SKC`KAKL_Zhxz`YVN)+>oA9hK1
zQ=-U6{It9`&F8)_!p%d*f$8Z)DN)FGlgZv!5&Ew^7ef^pCSU#qk}n$|v#UJDWbt_y
zILe{<ZK~z7MW^_<(zMEzw_t*9-QC4g=*|ZgptQy&)C)c7Y~YLhM{9)rM26@6Z7+Pk
zrtBm7q8y$@c~%aX_!gt9?0PbK_7%n#CbsXPl)GM0mi|PnC_)_OTjyA{)h}sabmTj`
z5wo00R?c--oU;`a(kGHurDY7!FKdN2L7=D#`>uX%&k`m2S-*=EE=6whNkYpH*Dn2L
z`|L=w%1P%w6Lj%)7gr+9@{!0hbNilReH3-p(<>!ZVDBd`EL!LOM0uG8X|@p%F0CmG
zqWk_f{F6Pm#bc!jSGquVQkuD=;DmCO&eItVF|4LZ_FiY3jB4A`%rMTc7{uudr^KYK
z82%jcKEq-;K4m+M2>^(|V~p@g&^jKHgLAe<cYEop=wf=*JuH8HH#^t;{zO;#%d7@C
zIeu#d^W@X&X~nA|>}^)@>WeE-WPdd+swuad^|jsN$pHPN`uXpKI_&kc9Bc1x<<qg~
zl$*4VuWis(Hj7e`vKzd+x3D7_C5o&=Ws#A5<|a(n*6lyXnbG~(7W<lV9~IlO@N-_p
z38l+&N5p&QbTdOh<6J>({!8n-o*lmH)Rh+B)GW;>LA_U=^?M2Z&$ne4DkL{$bk|{V
z+8a3vqGH4aGdl64lm=BtmMqVd;O`NkUi4+tmMD`}ealKulCDMN@efUdTFf?2%XhV}
z>1tmYhRHu5^en9>X(nA#ZlRF2tXxc_3hQvES@ArZr93^{V|BB&i!xLCfN`?5oqpCL
z?X!HAyUlAJp3136*|?WLHJ?+W?@WXB-rOm2h-bj~7j`8{ag){?!G7UL(eaM6`55`n
zJ}P^Msh;wMqgcSzvD#O|;Jja?uO-BJ*tsrZsL)|(z5#Hmv0tdXjE#^*^n}^zEw$#&
z`T1bn9(ZhTu@ggJHA4*#ylE{fA3l|Ads){j)m~Wplh9;r-1bgTHF+hkNAfY0&5_F)
z;;qtlVl!^swvs&aHkc%#O@r(y!T}DWJwtz3q8EesX<{a8L0M><IcRf}#;~mR&@}c;
zJuIE$ZS`4uU->hk56OAAQfauyRcya==y%y+IC!w<MRnGNz~6A>A&uBQ8?CqRhVETu
zfKL%_nj<~;iie)b6AO0-y>qNGy!}d-IYZ^;+owDAA01BD>{Tuhxa+~)BD*#e6y5^W
z&gQht9+VtHxh*`H5}(WmB$3{Q4zl)a-~6msd~OLx*-n>FGdUSL=mQqSmkvg#bsL4{
zUOhP=v7J~Hwh84+fq$<z%8&1l(okYuP5|T=EvM@1fs@zGoJ#90B@(`NT<fcO`VU?O
zjjK>N2l4Kt{VII1t<#V{a7h9sYkrZO09d7$U3l$iRn_`kgrOrLKEWWIShTODFTD>p
z{B%P2p({y`DAl!1ti*hCtL6f5z1yP5wD(x`hfH%a{kn88cI3?d6UhuQ_RPc*UYI)h
zh+|ahV(+JioUUL-v9d8HN4;BEvn_7DXP(bkVDVQ%+x*R_fU@sp9e9+s7x@g>>~gsk
z1TNLQ>UINuveTW){LSW$bfU_so-e(AtcXF`{n(hPFj*ZIc&9Vs@rEDcs(FJMjO#S&
zIrQBxvYmq#m^sToi$O0&Y^qb{KT$B0?_#o{N=&H3+c3q#Lqe!IEUP|gsBRF)X-2R9
z8Sg?f5Qeby6nJgljy&l0b_DHi^T3-=I;G%__BMpI+Ci+L%4t%6TtsUhJB`x^c4bx<
zw%B8_|3yFIdR*NBcaT9}^1g=$zg#&6Af#5zQ*pZrT;<qeJGAE$Ppx(ROUXAMtEZeK
zo|CAGT}f=yX4AEyPgp7*DALDCgY@MkG_$~C%a2&ZOwzepY?wE;i0RH4-HL4ZMQ<N;
z#4o>mu35*t5i^UsnZguts3<&_q6|G3AoERuXjhz=mmQ6Y@>M3><z{jMpQUX$9jatK
z<>^MeS=Ld_a@>T%=<`)ioP1p4)sGRJ@;SZF{oEju4J|VdHOYHsWueW(Zy+6_YHO9?
z;_by^51;EalJbL>Q4Zm@LAxd=>%k&Fa8dw4zB<t7V2vMGKfC-C95m2YnmhS4TXUDP
z=>=WA!$Z6qOXK-Rj2hg(@hf>qnc)ngcHsmLq46Dk?A(mDx&As1lo8n9O^aI1-Hkv$
z)6o<d6aZ+OloC~r1ot6}H0nzk;hn^-1_yO0J?@-o0l<_UqWZl>#1Jxhw-7wYEe8n~
zcG=L@WuWpYs&%5cAp28_z8%S9TPiq<%pcHU_4b%6!0)0U?oJR^4>yF+WiUN`F}P8a
z26fVo$+F<C7uG4dymIB6G-+$dZ$f&EOia$^g_GJ6T}9gY%R3kK_)1EC_LlX&7lFyb
zv{SdT4CMlN=ISU0*l7|J*o@mXd@pxuNC**xzVmE}x73*!mR3ku+9)#QUa>@!l`8gr
zDth3jt1C;#^3^EOh`rD^yL_S1rFMx?7gA=_CQ~_OZ)|=xyMEeKQy8Z-?h_DXJN%u&
zdMi?HtnbdA`c+wv?bHsRPrAde$z3lM3y{{i0`yJP_0O#JC8>gzi(}<E;Y28~nad5{
zKb;cdm+jB62DNHQxXIoll#lF=q}tGyvx+ZwLj*l>_dHWB9VjhHXbmJSAf;x@AQ6o&
zaV~y4Q>skK!RNkL#3>_Wt!!vr(&meIqwaP4<nu6tTGJ|WQ+Wx5slGl<vLX@{5-1a*
zC<znLJL*4t4>Z`!ovZYm;w+nYMyS)C#vBQ!I}@a)>kcA0%Yixca9YQDmdZZlr<i(v
zxOrsODc6JmpjIYI|NVIIjLB(kP_ZhA?^P4*&lSVLaW-|Jcn_@wxlC+Vt$M42K(mUM
zJ4PJvH7s`RewJwK1>}h_4-4|_bo0bz9yiU}$~bX{gZz`lHh-Y2b{5lKi5ax%0CLkV
zA_N2l1OYL~BYcyT^eBYMyeuoc)7I4q-$egZy_Pc`Fztu6e}d4#9AcyyF4KuCX#SS7
z1c`!#zr%){ch-YVPY95>mW__Kqen(lrBrj#5Fh*VohI=IWpP>a%M&vLq=b%0aSVZ$
z%1nO&!9WsX(F25`g+pf`jJn!s;HRnSc!B^(+-ayFz@!xGqnKwToj)Exeo0M_D%1Z}
z2u@BX8u1IqHvsFMX8*RsQtI)BMSpGSvbWbk#`6v=a$v7CpZvv}Wtq#2g<Pw{1bmGY
z(&GYi{5{7a#_1Hz9fcN`qVGW^D%E0GRn?Zfd_bAvZZ^DF;S8?4&YP&2!b|(5>#Q&w
z%;d#~9Z>VAMB{f^n+a}SfL#!`v*fwp2xGtR*8Gd8)4>x<Zh&z5uc*I9J!+67<hL45
zDcn5&9o$$Cp3hTF<FfW$^7M4zxb}grM5E(I=;L=@4yPD^t_PIuFyDu<Nfsy+)NvOx
zU@8nl?VnGK3{kpjd7gbtS>;Os%UWMc=zV@^A0M)P&gI}f@Y^dXO$*W$cvM;p(1{~I
z$OlhqBf-NFH$^AoK>o<0InEp_EPmZwGG9+?ryEsd%va;N(Ob39(>t##JKfG*V%5ip
zjG9l9nPw;Fvsx|UA~>huaTXi#Pu2nOln^C*9GRU)3PO(WW*OhaW$^)TBtYi3FNpu5
z5C@w*;tQqRw>eyBZGxx3n=4>U{upaF*^K1pV6}o09Ski)kaj7hoUdH_izaYs?G-c9
z+<l>Hth}>S^pvYiW;55!OZoaJRZCkrr=(ywzO5t{Su`h-<1=x;UZ`?TO}iEnfQ?s&
zml=zWv-oaULa-(N8qe(_tSKH|mVnd~u^Uvxnt}7qgB{nmkX*i6`(@YXS=zp%dy<b#
zy>_+-D$(PcrZ)|a-#;C6qc8{T2TcD=9*bD{pa{SrQmaky7N;8zxGpRKb`*<d0LI;H
zA(3vtOtD>aBsMieY=0453}06j754AfM;=>miuncE%&ahEW$Lz-Jyj)1d8#U(#o3Ms
zI3A)Z<fRg8KMpu1WC*VmGxIwMI1YK*J(Ix+xe8f>X1s>%VsGiMA+@i!<CPgQnvd5f
zru{GLJg5pQkw@F5Jz3SLNgmxS&&~dcVFQ;P{Q*^BU*vN*yYMOPz%Z(})Y|`S%5B8Z
zXBk=PhsC;wZw6ViuF*9t^cBcezJ){ouO66=<!MqUY+~47*U4?_ywX}&cDwU6s$+oT
zLM3ZX7%`X0khSBzK9&gsE}p`JeXuRz2fkC}ZC4=wEzJI53pP39Vjp&ZLhdg?mzEK=
zrtawV=}1G!G~`ru!MT;re~qn)!f7~k*SQ~k*?kt}?9g)1J-zGXfUK51MF@N;*mXW@
zTrKFPaCT}uP7F%(Pi;mPBE;JGkQ0WQPz;Ut0*5Aa<z*}gO^-}l$%pt`pHzqy95g{O
z7_oe+OSfxDe@Cyg>L4tTo6eoTjU=1j93EmfoUgW2RJ9+7Ty{F3{fj^xoRiyMpVi}I
zvqaiym!?-{N3)d9oL5S6^uQGS#M2c_Wd>7FKkt>A{6M;}D^l1Z)JEOx`=^dpWSbit
zF_<~QW3Mt2o+3J7?WvkJCJL6B37Zfy^{SQ>IUK`$lErk9EtsBR&P|lkrh(=%PN;D7
zpng+Ity?X8eRFVV#4y^liW+94e)TKqw34+ChEjkaYtSVm`}Vq^3e%M)7xS4!He-*4
zmfbkfp@_CQcYhEA^x;2~N8(oT+>Duem5<iuwz$da_Sk1oR(jMO+KlY?T7%ZPg=@C4
zV#&W*+0#PSa5r)~5tF!yNu(c}S)5#1oLyO*oS9@qAwcGz8MWS+;|FchM<s49Cl*N9
zD>~b|WtZniJF!{Jqqw)*9SWkA$y`$~=SKdr?XcQ5SgGW2F09aAHXEDV`S*POA7o|y
zJr=frwOU&ybhr8}ClJLyf)Kkpl?F{t`>Fd24eM^t+h7yspffTb-{x^gHbba`L9I{1
zqm@Q8u(_mNbnt&OF@E=Ua{K3yY|gu>ev&u_QN-zj)Ad+XMbmaS1(nxNh;8_Aq#riP
z<Xca_UtI$)n+bZ{7_{WQUoY0YnF?6O%32W~gzfYAbHBv4fB5hQQbpj)Zk(~tHWXpV
z?;K0wg_xq_fYrVKj&3@I4|&^;eWFt|F==vb;--oh$tDh!aK2dB9d|dLC~Ui&$XYx(
zj>-b<Rrh52oyePB?@ZNNsf<|7d#1K!I~FgrBZ?Wa8h@P(bVpEt2C>2F_ZZ{}zzsfV
zXYaUK{ZC5Xe<r~wx|G4Z%j?#CCVX?`ODEuW9A?^hnG*&)-Bt}7@jq~T%3yT7@9e*u
z1iM7$6=oW>`xV>0DSkG&u(h-9K;^$TR$7Vae~AY`XI`|zuMhoin&6qa_UZ~fD$**l
zzADr3Oy2|Gc3#}_)$+y8Q74hGQVSPin~53H755L1KcL@|oxhHsi!NHgnucOGNY!yF
zc-D<PoxtRzmjBUb0QwsqkXrRf?B-M~S0+MaZ&Y#wc*TnRe09(Q+E1NY!lu*FVly|;
z1Ev_ix%{Mu0H7b>Cd&0SmG`CdkTPM39p6!PiDUlm^^&vyX}07euAayjf)cJ<Aw7UN
z&DFocc-Y1M4^v(&G&n)FvhiT&^_7u;n^i7zyA6@$>jMyMjq>mk?vH`{qkH_({x^p=
z*Arsb6EMs!41;|U%=+aXBkej8o~hkc2vu)!?jtf@+ek7t(AGv2^hR-jx5NGdn164q
zH;_FSMql%*2DTDRp2)ofSJZ|74e04&(vH{4)pFshkn3{_KA$rPtxWjk;SJ^x)P9<A
z=rhw2L`ZSIt%}X^u+CE7D1|1WFLzCEXpk?R%_@#B*P@cpY8=rSiET9}YokQq-WR1J
z$)y#j@i<kHWwoqzrhk&U{zK~@#THAQL^s--l4jR8=#d+(*kGEgn-h*3nthjkrZtYH
z%XcJA8Zx~<LY_{(G{3p-`4R=*%Y`nXcs!(ZJAN#b?j`i0v9OD<_UqfdL_U87x_;Al
zVooGcOhG_4c(o}2bNR6vJmAMzP${I#?BH=WCTn_z99eNaRkp+B_8!;7raG|7AC)fn
z7r%$uiEekD*>dzhCmx~?q?R9@)T`8r9ZKWJuUExJYxE~I^K7chLb^eo>xkk<kC}7w
z+kYu^R7vE+Ds^vjZ|h_zb`?*ih$JZ|4ULb=QI?wZ{qW4tDxAizdzf!&!Q*JRULlBx
z=|iiLhE<#aFslHS*Q)_NRA4C{xZ86!NzWgwh8$<P3uAd&5XP4>Eyr85M9%Y#;&8sC
zvK=#_T&vP}g`5ZVB&kLV@1|`%<?Sanc5`dE<(=)ggcLg6Q*%luWSi0Bxpi#@A-=+c
zC+@u}JjTD-@!t!1?76X#M7r!YvebWcS$Tu1^gp?2y=XfWMXtv|APeO@)=H+eKH5v?
z<@iY~P2y%35fsxLSh?~miA?_Xmh$sJn(MDytw0UIGO_Dzp!cU0G%B*?pjp#X93pLY
zk#kJXTiFN$f>)97NpTBItKgFdsXsh_Mvth?nlMbg<F%R|+#X2cnEEhIFxKl~KV$Q4
z1#>={0m6tEVy+J%zBktwDk&n{Q@Tk-Y{8qX2>^x+_t;d=EpW)kyQlCHN)+}4*_Ru2
zlCq_9+<iA=Bo7fe`gZMRH8OeP-Y2xZ1iDeLu-WL}NNCQMbKZ*eV0Rn<+;}Ca6z0~w
zrCZrL@u=p0o-b?r+#o#h)m;xb0CH%u6idgkOUslqp8HBrr%dmBk4KYFBl!N3J>^M1
zOIW=K)xUPtde7+kvhN}C917DmG&H}3Qoy{%iUV!9!pF;+WB0f~>XB7?M#g@QmoG2A
zzHT}D25m<S{T5`*5r~+mbYBcItM#NmL}2;-^=BgB(Rj{X{D}qPKcta}T=%Yh7`h94
z${g7wyQPC9sU+w-!_`%~>&Q&i8gF`LjIWjsA#fDHw9uRP8@<q0pahy?x-yLmoGLZI
zH-kP39pIRd7ekFjrGu7xfS}dD-=Z1Y<A|kBeEQ3~G(DWFp##cuEPSqFo5|)7a8G48
z)#!SXu}?@O>au5K;+4RPdv5C&i}3UBc?ny$jFHuc?N^YKxUA6<-V;2r%l4-A5kJ(#
zyeLm$WWo{`zSKf~I>{WZZ7fy_UIgv>qXRjNki`V-qc06gNJU&aNDMxlI9Sl<rIxwJ
z)Q-`!8lIQvR6Mm!Rw;?#(=BvcLe*xKn1(IJDsPV3C9u%C&=KS(FqXqRMj$%D_t{h_
zatLQ+=Xsw~LjF-)*gRIrh)TbWfl$P6vCNALMj+MdS)}0!pExhAsK$x<sbik0@tPjw
zHT%^4_|Tl||MNEBa^>dQG++P4`)?Qpc4W6edj<9+#wO>!x)<O5vfAZ*&U$K6D{Mkl
zOgTpaNyrbC%v_5!U8;z_j*+Djv{EX!b1U9TyqEk2=JG@_sXfQ0JyFzY@pVLTNy)gp
zhaKCSnf$I79+T=PT%|e{(OPN=%zPYNCz6y)Q!puf@e)ZUY9XDZN^`8R#;Do@k3QT6
zUZsrKv_9cmx6OMKx*jalX+PAwEcpnicP^Jy=4ysA99o?cFqvQ`lVafeBu=0s^kusE
zqFyCKw{Wxxvv6ZRTx2Y?7Cuqga$pehbgG0~nA)1Q@-)uSNvD&9O<uRKcD7XWJcRTs
zORVM?gq$g#hgnx9xVLy~zMd)q{ozKIVf<x@ZGk1@W2q)q{=R#E2?m_s%)KMM&=W~n
zs-au(a8ewPs)&^^9~{rdrX4y)R8pSz@OI#Qgj9^yXuy+)b`L7#u3MH7?78@P?Ct1{
z(##Z89XDtE9JOVR(I1vPy?35vP^%wfRkCU|WI<VKn?PYx4HC31n^PR${uP%#L!yb8
z*_IBR!+XE)HlM8kL+rEBsFOP~Y>cQ%2cn30v|2TjF2u$g58xg>T6J@D(~4DoqrhZ@
zT(F$<U<S{?8LK|bshmYji$-bJd&GA+*F2(IZJX0FE?LzBUyx*KOhY9oAYeVX#CLo0
zgzo0t`KG|^5OUFyPZLh(0~cPgMGe~XPrYctT2hlrCNqrd4Do-sZKhba-drEfJfpNk
zhrS4M5qZMzs?whvgXToi^;4?zu~FtAJ=m3j4zrvYy0Y7p#`VjS7&#{SeYue%!+$vW
z0sTyaF}^anG2kQ3VQ4uE!<)dW_+7R6tX9_kU^ONN68qS=Xe8%H4?&_0?;=3=3=G4U
zpWwF@Ey)X`Pohw}72I!FydNME@CjiD$jRL4_u}k$gX=RD#hd`>q4F(@<a;OSkrTi1
zwnjrscZW<2rd&Av+{1+Djcy(nGjqPHVF@E$3)X}JD`4Jyo+^|Q<yoxJHK@81#QLc$
z>ec9D*%vQyX${{J7#1fdJbA5^sn`d=hE;;?^9shhQY8%MMRQ}q3uA=G$Sq=(2ta)B
zX!IyrgH>oPgdwvi&=!*KE_d_Hg(jPZj3y-;axxFtc)#^7;X}@`ofOAucKPVbk|zc4
zbjZ^EG5XdS#mssq+9#?q_pxKKpQpPGCtk($js<OvYYi(d6y@^Po-0_7d2YA+?c19s
z)c=D1!$lk<S01NjJTbm*^XHCT1!1q9K88uI9EaKijmb!feO@gsg?nA=k#f)Eycl2H
ztUrxn>5~LE(cx%S_E~8468c?sGO#R2(ujWtBR^ze)=BA1o|#eOeSHRwL0@8RXu*TV
zwfHA5!8vFm<qEBbO?SM>JjivC^!a?fW;Vy<w7%KRdi}m$=xW)7_3VC?-!?~nQ0ryK
zX#qTV$BF4>C$Gp1pj?3fh`C&=?*(9v@a%qO``xG0w&5?=@g{L)NEQDjRm^;XUxAKB
zj>=8#X^1_UcxNmjL04|U5&t=-69Fx;E!GWIDZh@V)9`=vfQT}O{)NI}w6zAoQ*Bi2
zh#G>K*311X{n)RKVE3;L#{o}OIISlW6as8ociwG>PPQ3&)VX`0)ITfV_O6#3dsfTv
zgmWGl#?dV2X}7#MH?LQ2YCS_ab9ZM)MHE4tK(O}z;jLPp$?zL9pW?eII9;eI{1%PU
zQw@u|#9_K3#;3^&YW-PiQYK84{fXFHo1}#%@o|!K^gDGa6U)^2FJB9Y3v3enzF`we
z=!A+O@j}`TD-F_u&re8Gb+DPVCFV>sQoFi^(ONYsTY=$$(_cx+YsmV3oWn2(jtVrV
zkoX)?t@V&vKGTM3(P>lshrZ7L7@g>cAuozkHIUg)G!(dE$n`n>D_kwz*~^XYN#ByE
zD+%w89v{UN)rYvg*4k98k<F1%kt@^`Whs{h$_x$WbFsIrzYAgHsXagXh<7lPPX1Mk
z#L{<G!yuNo`HpcSvx{x8hXx@J;kXCB;|u_DBOD>%OH-L!8kanlZwuY1n@p8vi8mVa
zWWtrUld43r{j(L{KprxkA^b@+eZVJ@+hjFlx~A78U8CA2@(pi}-AP==9~KNi#laoQ
zE069jZrpY!t<P2a^(i2rS+mF~fjnq|iUNN~Hx`g;dLntZfcX0i`pE<4lzhzvo&5r-
zgaGmUy91;mXQQ97>2JkT&x}fB1fN=k4~7POG>Vj`8!MhV@8rFgB<HdbydzuOn5dz&
zPBmCvP&WPJf$l7F>b|kDl2)gJu0@UZyg?eDiSY^@+q%{(BdekG3Usm}d*pg>YA*UX
z3bgH>`u-%Z&_Yv*KGZ$ziK+Y4IKva>SfO$@<${YVdx*Vz#+L8ORYghgoak76uQZde
zY=gX#&yIY4Ved1hyRx68o|Zf$gZ)b#_eQ-8jJ+LS@HOC}=D7l2F)=_l^n*~!;hEl)
zz6KXv;EcA6JW48#F-Af<ak6_+)JPq2_d@JAB&w9@%P>uF_T-&>4s7MBSK#K9-@Bys
zV530dPa2GqH68H_HTtyuMbEx!V`Ie8vFatkv2yW(X5BXO3LT>jTdwXJY>0V#e=T`P
z(T~J_4Si%bSTmSN`+E)B;?T1PPb|HXxps&u33Odbu(s*xZ=*?z#Fi+3*ybrVjDIbN
zuIkhpRM@5@FQe3{3DbE;?qNfepq!%vIAQN+ikVXT6qcetEvpMcS|%BU<m_v7MjfyH
zFTUP7s;ww%A8w1g)1txMDNr<6vEuF&cPUydZE-0CcXuo9TA;W~aV-RQ4G`eVyzg&j
zI`gje{gte<&Q0#QXP+(4-ut;gHp@I$W64LgS<m<C(i;1oAHEHK`ERXXve>NnHBBl7
zdrbz}VYyZBvBS%!BIsKHRN<QIar8HWlr5qO?9Xe>fl@g^7=-hSb}4H)dBUR0?dq3V
zE{My@dHM1WWv*9J?45~|AEOgJVtiF?8G`rWZkxwlQnu<`m@8WWx8kAeW2^`lQjr6;
zEd3p|=trGAPtt?R%^ek{T<Mu%fE-Q=@|FxJA*n;X7l+RS9+81U1htFd0sUQ-({tf(
zL7`aX;&=tMlF)X3ZBJ?83U^#)ETd$r_=_p7{G3s>X|n0}uIxM<!`QL3Y8Rou;%pC`
z^b_}v6mryX+&s9a;BJpR10=Gfuw^uggn_ouU!(5o8RJ<_V_&+JV+O+rje~U5`QMQ~
zJQ9=3jb4f9VkLF*(M;h{RajNU?^OnC;W278s~57(a2g@M*UH*PfO|tc__J5Oe}189
zYkp3}f(Hfkb;eCF)!JZJ*@Qe(z7PhrLu|e#7gi@M8IZ{RV6VbkZ;frZ21T+V@%*k#
zcbH#j*Dcg0lu^!<bRSm2lX#A+(4*=Zrd)h)UI|m3@Jz&r=bVaCRl)P7kY~WsXbrgr
zsJ|||r$@@Gq+`i0RKz>Bi-oB!;|qfQAAx|Y=ahLLjXK+2kAeSI283xkSB66``E{!%
zyYTsD6U@Hm&vr^O2}`E}b~D@>>qCcNF*vF&CQmtXAR9>?!IF!(w_jT$$?i-q=~#wv
zNKlv0R;)lw=2E-0lJAXXehV8ZNzX3&o?S?-awbSjugvC<WAMtv+kedn()?99jFYL4
z;bPF7&aGcI8icNE+dWPByz?CE`|hA5f0oCnRnoF50n3~)0Z*{&?wW$-uCP{zg{nw-
zzwD~;{v%5ay+OVrUMWU{j#^RljkN4Ou?-1n{wPi&MV)1prtAk_-zD4PGVO)n?8k~y
zzrxpc(XLawz$$~PB|Ux0|32^P=(7nup5v-?k9+xGZEkv`^WW3?N7OzhOHz&EpS&AT
zbVOF`QFOAt)soD<l1|KA$pVyJ7ko#Q$4HOOQN)HAl$dxeX2Jc9t$)N6bl-?~hH?0A
zRHws9tx6`79N8<4*W<VwO$H4(f$nhcdSue9Vq9$^uDDn+=`JQUrZt91J?Xo3ID@k4
zF(=<UJfBUg{^kp*89UxWtpb&u@zlcTlO>wO(di;vfw#IH;t9;IGf@IIAK<XB@wG&a
zFAWCG>pVLAhU8?@SUa9QQu>kv?>hH=)`0bYBNH#S2V%_b>tAaX$@5EklMU0s4`d6~
z7wF?DA%_kb8q!swcg{weU!d!|S!2ofHH5=D{)~wo)8KyuTnA;2OCTnS&8r!ecxBZ@
z#x0<xvVvB1CEQ!@d(;Ymmn?)Ql;*g!_siA5{_HlDUc~)IGkLnuQW3oiQZ9&4amD8p
zdCt%bG7Q+6uTij6#SiScW#KABePS0_FCfQgL8M@<%OgZ@7>?ns#`;k3wq6cvZe1T-
zq=i&A&j@@A7q=3_L>|W3QA1m%9YfM0|A(t$G0V4L;-Xh3LKfpksdluSwx$JPws#z_
zX&&<tNgEDhcw$}D)x!*K6zb$bHV9gG3h7l?Q^A9Dw)~mz(S*{Jc6uAN=7V^+fsaG%
zo<OB3_QKV{d%{&O$JjTD2EKn=$@VeT6_ZpH^w<v~B~d|tuF>zyn{JqkzbF4zW%wqh
zmGt!jVb)u+1<9`S$Ge9_9c4|sfY~s!^D+ba)ZA^H_~4wuHivJouGASANX+1-N|6?Q
zj69(~?VW_1Ldjqx4AyAi7|W#PrcS~H2`F)HVMxA%o_owkQwVGCNb!>0orkOV8M3NT
zhUkX@p&JO({5~clb8qOQOSlqN!p$B@smQ3=bA!;lNo|pb0tIwHOjVM!N<bWnlCEOK
ztb$C<#!zB&x=_-@556VTp-XWi2`MYszuV(zrW;d!VP_hFBw3pvWfd?kQJ_U`!euTo
z6=|tdeNAf#3T3m&b%jN``>~MfZpUs`8>BE{$#vz^K&rPUtD-#bG|Tk+C0yT`hRZa=
zBsmiPz<r0m8hr=BO(ggT3Ms1e^tNa-ZU$<;a7oeKcYAGIQl<fX*jGu&{?vO7)P@?5
zwGyr9jDNeA8O`F8y4YH@E&@G2tj~O;C>L*M3o{HuE}x5+ys`7jRUsPFQ4Y7#c8jeW
z7t&~G<ab^wae>`?*cTEcP@2{XXb#BRNgOj-XltS=sQJ!-r3LBlHNSjd@!O`|E#pYi
z4Epu6B6WsOH}{L1-4I#kUivyL<k#0<;c*`d$WK}il_BzjZ{?H+llLefitVwrI*oG4
z`UxYZOxaSc?^&lt_0QlThAFzizDsE|nvNmIITgv42UF_1?hKs^DUc+ZfI?1e<>x==
z1DfT-Z#}$5jE5En-E1P=z3P#plKrNWhROED7xDPY1(Mz~s=wqIqctyh*~(|<P>H3(
z&a)b=p&|-tH26}qTtI56|Ghl{U%H?|Gg7gtP#jA1w=`n%X)4P9E~i7=CQ8W84Qn|E
z46~@Bhlzxi=`#y%eMPv@i7|TVW9cl%OYSzxT~=4{qT|)c@Ml#%7KkG(@>w>x&H{Ct
zT?`JXFkMT8vYJbYiMz2>R9Rs6tt{)O|As4j5?5q=7MUof4yh-pKN6uMVSBUsV9X%p
zVsk!m8HrAbPkyO5i4Jj5F?8=v+rg>r1eubI(`xD%))}8#CuuBcw}~vI6F}6@)L(Kc
zw}cY`t!K3tQp4TEiPJBPN<FP$P@F?Up-6R=(Zn=1Vo00Z<{%Dpw<M%*7UP%uR!m>)
z)RdO}%xsS|8o7`vnZ2j+7x%k30)<GmvIw^51DpN4t0IR`@<gGeFR-oMeNw*g#Uuor
zcj81p6R7gu#=?QU5Aim;V_9#WsTm81>_iU+^Hxa5@)xh7g@T#(gG~N1;oAeMQjUz<
z_=I*kk|6<GEWGprIZx!nA7kRV-WPsvodhfJsd5=%O%qA!1O!VSm!%i5C<<xgd3$3+
zq}~YAU{QIWaXf>K<!s5lw_}GXQtz(_Ek6#@@3q_YQRC&&=nJV@Cn(1}$B<37xYMvp
zar+QCO|J`;?x;~P7A6ihFwskfmJ@`el^@Q+5&h_^ul;)^U#_3`g5hPPRegK2W$1-Z
zG_LF{k{;K;O=8(6A8Lj1Unm5|WT@I>)sfjDRI;I`Qf7X*BVc)^ucA7p7OwSQCMH^%
zrgo*=nRcfs{FHLYSH)MH5fo=$Po_W+tDqLe{JSiUK8`i6WvW;|z26>rEWg2)*F%U8
zHYw{0Ow&$gyUWGIp-mcxCjuOccHmHzF;+bDl-$_m(`}cD<a^QG-#*fJ^!f#h1eOPT
zOk)-2JMQ`^H?j&c0|yO7ad>xgO`WCfZ~hD1n)$*cQ-%IvLeXEJqK>n3j|Rfc<nELQ
zdp>#Q=7Gm*iE43_szqUb;b|V}Nvo{dY#P|#)^xPLVJ8f!x*JP)zCTXv$PL1=6fA+p
zDX9H+TxT)K%Xc@nbY|+TLijB!Z6`hDO)#VL)fkPKWxXKJV3_dk&+9H1I37L{Jm?}f
zQIeD7%2&V|#3NV#9S-kyI{R%M>Zd4v&6KvDPfPrfcZEHce*~|$r&ovV$<FUl5RIsJ
z2A5fh-X8JdBWr`0B(~G+K_%reQ8DgnbHTNuiq@_Wt&-_^udW9Qh}|BX>f|9`V^3Nr
zvr<!E(v1c3-h9?q%6gVMO;3;mZnZO}8}>BV)!WMQ3pm~y%Saz<1sM+xm-x1DNH3BV
z87B?v`a@Vv_+=EfJaUu^FlMn2@n>a>vxg=3*M>gY##*TqxNPgY3nzG+6NU*YgxWiM
z01B;VMIky(&*~?kyMHk>+;JzUDTgeX8+xral+hRVXrTXM&3OhrgK2hLaaic+O>-vO
zdHA>SBV1+SadtzZdk!+|lGC4ui0cu0zsEz9c&kZR<IjX{3zor1rmL#As8Kq)CY{o1
zzQ5DebxkPxzPOHz9T3uR=cFd~=B~ts+!q{guvg{Kp?OrRhQ`ri16Sl;5$x&Y1+oRh
z^I4AJ3OcDLCvZQ>ZRk&mA|X*hTwY8zSDo#`n80cY44+<R&&)$e4>7TFTDDb&52OS1
zJpLM?Z7VwWWzR5<!!9ka0E@yE4xJApmu98-7Alap+^+dvl~zi!CUC~ab46**{+1dP
z-2YydUszY3F`pNF*<b|6v*Nuw@?(ooQ?O@$?|1Iu({a63kCIaK^^OE-n&7rz4Urjz
z@oPuEm6R(^!d4UHOng?C@--3zi~d{5{<CiGe@FhxWc?%k`R{2jUi`E6{(r~*e=hrv
zB<<H+CZOll|Et~l-%CR<|Ko?>=wIY_RsB8V<KTb&1U>K`{jXbo@j?puKkf#T{Z4J~
z_%9&z#T%agpal77GX!4C;`nPhU#b7qP5wWlAxW^k{S(B$X1w7!npyq*mj->oWwB6P
zUPtlQoR5RmD%P@;|1~1(i~S!X|7SHzmwJCq_)6U?R&~4=m^+LeY9!X!MRosx>2D_6
zB?~#nLjZHvVL2&VV+mDv{b>kF*26sqqgN4iY1C#(j5_pd>bv=6f0%eTNjiLfZ{;#@
zC5-7Aa;DJmJD9?sGO$Hfcu`9#8+;j*;%j%}3^TsHPf>Y@2m`*K!nAt&c51$_7hoPZ
zG<IkVxb;u&{?1HcGF%z`9fa}6_swdit9|)9#%Hd7I@Ledeu|m4V}`skJ!)nX73&Br
zsG6ij@1Wdi$o=zKDwTW6`vDyfDSH75%8oM+OuV`#?y1uhX+yrf#(XM60lIPZvvpcn
ze73s;?US(nFg-iP*;#8bN5>9K?OwOG#_4TaXYKKQyP(z5Mkq$qNBGto7S6NFPS`3M
zP&_V5r!TdSS!lg7L~%QT51i{d=ybxledMWXdx(f;*RzIs1m~MQ%xE~dGzqKtsSH0m
z^-rjyJ!SrLJHK`W_-BZdwI4HIdESuv2nB)aQ@nh9gnje4GexO)GI_SzM16dhM6V=)
zLR%m9r>KP{GnGbA*U_Sn!<8N9_oFzWDRn5kd->R2kdu4!a=uG@7w77pET`<a>nk7g
zp4-R6X|<<s<66ya+nwgbr=absu_MK^(uXAq0^`rl&5hH(7B?)-c3uOm{yt_+qiew~
z4HO+WC2`lGUUe|<t%(pI*zMN0{{5QF-6^8)p$Jj;XSd@ip)G50Wouh;{_?ut)DJ-0
zaYKr)&IQP2%@c)p^r61ZAW(Rvjoi1@%vwODO3KA!XCcf5E5vh?lIY7o2gMG>mtd<M
z4#2aAmx`|!6jb<#mQDVgdd2NabfoLzP)~N!Ffe{{0<K%`zV{Wn^ZHjs+70pz^Obu~
zOl}+NvgO_=>Z8s6!PWlodv_~Zn3uwUm#0Ng>W}i?d<|#M5bICYm+SjSqYEl+!dN7D
zpaX!t)yYNm;Z?uau1LG(_R4h%x0T=L1X+g$E6^@mCWY9V56=m-vQn{Gxg(o6(<n`3
z#<Gb6M11@BCUZ(GJrk|p3+j#?q-U@%%HvDaMpI`_f!F<8&?}d>{p`>6z?|Tu_bNqn
zH2Nv1xN&fq>5F1@(@yD`=fwKN@cf#V-%a$mVrbW0o)pmYS5@B^igxF5d=ZZ|QX#({
ztyB_`fVTat5r2hV`+aoTR-H{T>T|x7p&1&G%rk{o)`G*DP~iNr*pof{`wrp+cv0w*
zu&^y)XvV54fWi$#5LhQ%j=nDMB~#9a;f8|v0kSUt&ttqmw!jFj6~sgnS~3v65Njcx
z%DP2ebGY5NxwN?*YLZFu8cp$gyEckDx;1msL6Xg$!b^UNV}mn4iATOSM)E_}e93@q
zXJ-6{AB>Gtm!*6<Hn-6(2;h|(&tB29epjp)_$AM<PIisfFubMSrV-me0cYUX+&;l~
zTV|mTT>aTxx>_8q99~%)?L-qN8m(mKbzy#ui}=S<?*iSt^89VUS%|_a_DAjXh+gbB
z(bP+TFUW29;OLE`sk-g#!ISR-3{@Xc1y}%+852ZCYM-|*Ze|#=_Y6<eS`6d4%wZ~9
z_NbM8Mp{RBu35Mb(tXimD9b06-6jTWY`tB1Hk8gTzWlnT<BU}hNLoN*n-1wwAjuJ!
zdtk{Pt!b4k#+hTS+z(o^y=wm{o1h~M-eoE?b8$-d&xdz}bu_cQiY*nwrM;Xm@ixM6
zj`nosq|ekmcY$ib4mDuJn28^=$0x;W#oJZybb!i+EDZsuYA+*`!WZ=60zCFM%<r9+
z*z(3$hQ0g58$}z*rl+3K%^GuFrK!<w8Zz3^{kIFiU&6x`bPEKh1)EDNS|p>w@Fou>
zQ>x{4g6H-pS*0ntHhedu9o^^IagnH+yRphN{}Dd@KlW#HNlNn%d%>xTCf2Ff%ZuON
z*kEP_ef(}DFNJn;K?=JLUEsF5Z5J3bJ2<8Y&x-o~<!~&#e%4*885F80&CyKbMpH+9
za$V$?=ho5|D__iWu41mUx$?;?c{IGow*cXAwVV~CJ>yBgsaK2DjXrkY3m7YNB~3aX
zv>@eKdvV&(hR~-Ii&n`!ugw`SKZV}A%D>Q7^&1)NbG2-j6#;cqZ)dzYx%~TCGF|3V
zgkZKzzp!r=qZGS&m9to%OLyg9ENptXAi|Jx=&ujJ(e+JnabY;d%U<jSugzI6srTq<
z4J(o%#v+hL4&Gz9fZ3bIeNY&sPqJ#pdNI;`Ur)!dQxXI(@j6mYwM?IXY;x=9en{2D
zHN3P~itABKInUdyX~R7VQF-T9|9s8|Ew{Tw?Ri}Lqp_p#VGc05gSftGkJ%&|&yp+F
z1I$n5ov}g;Gzz@aoKM81_nI-O6X4n3s#;`RCB*}>5Si9XEPYogG9W;9%m=xj#x5E>
z*fvivdp+(PJyCFq>i7?dD)eP#xX^n#n_GXnVQd7s{a)LlGvX#7Bj{c3bx2pS=Q)Iz
zUXQ+O+w9D~$SzDM*NVt)b?0fn(c}kt9XWG9EC1W7!7JURA{-1vCP|RQHBOp(cqO)1
z(Wa2UZJ{S1s|V_~5WV0xJXA6k;@Rq-Q6gVQ?v8|n#?s@F0FjSTe#O6k>7@fAeBabt
z-R7oQfO}LXGEGX1+&q?5u-q<yAh@|h@-CUY3`2)(;gW^Jgz<_79^3u-+MK!GqV5GT
zodlAYwD78&-}gpgH7G!ZmX6QPETBz&sViz2wnlPq{3Zt9O271>1;(BH!1OdoUO6Bj
z-x~%O^d+L7XEvF`aSYB;HMB^Ik3@1V?A><k;R||4X|z?Ud7V9p3q<|n>YEg=X(i3(
z_bSI)B3@WKo3mcw$UnTnAX=StkM&d#<Q*uE$d`xyrTQaAaT-4|#V&f>;UTJ1bZjC&
zjtt@mtN`KxeKfzW0o-?{%IE!%&}WF30hP_}MK9f#W`%yn%o~?$@iS%myVz?NpvMJQ
zz?-X&+p^7ZTwcG{t##0(FM9Q)sGO(OLPG06oa|KbXtGv*(}nLYXw9FnWv$@duERTa
zx*f5o6@e`=gQcIdtty_mUi!<LBknr7A;}k@SD=O?-Fh(qVZ5!;ba*-#(LoqlE}T_;
zl?A#;4aDWiJWI3`W?DgAWmL4kTJjd&v{i4M6lY-K>wtbyA_&ycRcaYxnO``YrG<WB
z{HH_rkuw(H{f6f=eQ`kCJ24O-pxRAbD!d#uaJ~|TDomWR0UGZcC4r)KxP0L6^W}$n
zqz2qYUWiOH2p4oCo(ERqD-U2dDQYjsb~F1z=6No3bh9H{4L{4Ka`Q{k42IfV*BsES
zM16deF;AgUvvQ2a{uGH3Tt-VsMAC$sB09H25cJY3_{WTCcODaU@A@cz6Rut$w;~DS
zp0gQb$7id9qsI@g>MBXcpY;b)`mfgp46GFIH<ezj{&2KJluuE@569JL7{X~_T+%-b
ziUsVu$B@KFzYceu)%5?!rjNg$B*$kt%{(83w9lLsQ%yqIX~IoIEqB4h?wS~85jVxM
ze>NjNL^tg?-g!5li0!91J%)$&OWa-7L5;JRPM?WPQj{Q^>GS|*3DqBA4kBW`gzRAf
zbmZO@);LUY`4)elDZ^<T#ABq_lfBjs{dJO=Dbg6{a{j|pJmRlM?EH@e@L&?Wr!F~K
z7mUvOhQ~=+sw3Sa_FPHa@(wSGjTX4FGl4J!p8W`srL#Sdy2HB(21#A?-U5_+BJdE}
z*nm9IFc-;bTR?hc4aNm6#i0fd>Rs$G@%x{>fWVE<il7uqI@7Qf&#trZZP^b-`t8(r
zY9=zE1ya5Dwgk~IE^oTP7yxsVZqnV`1b}>3mz+PHnuD>N-kmAgx0FSNZCQo{Kq|jf
zDeTNkxU7L_7!1$PT=eeK{uu-}|6q;<bh|-H@C3a3^yHW1izNP4M)Y%y9%$pslMvSV
za7tK=-gC=fK%+5R+qU+bvfo&mhsxeSoNUN6<J<B|8+AGd9?Q2NE*k0>T;;Y?svLm*
z(ou7KiG_C2TIPEF4mN3-uf(&=O#3P&k$f_h&4~c!Z8)8@0ZRg4N-N=Qo0H3jkCroi
z^1S_weF^eQJCOw|KU){S?L{oTA|iCR2jB3Quv?W;T1u&COndj87_bpi@`o~^)ixE<
z;Kgwq_&bUzAhC02<X1Svz|LT@_PVjmb~=<3mgfj3ofZmK`uH^Vm_hOK1c!0>SFSiC
z7K^Tmj!vdb#eH6y?yPtdmrQn;S;LK_u$@iYnT=Inkffev7NEFHH^(hbuee!nj@4&p
zYK{eg5S}1tA!J`e5<;rNKM&b0b%>eAUst)M$UXz5mh+P^Huk4Y@rS!y_CDSM(7JN;
za$={g1{CiqN`|~O3pm(dkaa%5azNH!(o<#g*?4dND|KKZfC0l)^`h4%oadsK6^$qv
zfGv?6`G<eC@ps*8E01m2m~&MLP_u-0d^LVNphzWr|HG!qdnzETBGNF$G7e*gCqh5$
zK~$vYLW6(3r#Y#5QAU@XjROcz8Py27)znFs^$+4S`8Tlw6+?pRaIl=7f=s@abKCi5
zF)w@5#{qIROE@`!G@G&CcLf%@Op0Ns_VO*F{4{r))*vYL6BSdoD<pI#vu(}sn;6sG
zCKIl&=IporV@30ASp$}>8;wtq?OF){=J=;S!(iQAOcfBFmma8DhY+q=&CQE1dQZuD
z;d_I|S|Dg7t{BS=D6R@G`t!GM2~S@0-I?Z<?7J@zi609nhBE?*9kxROgicp=OlEx*
zD{~OR&}k~yH)kIDk;0Y%8AtJ&nnlbY2R6FnxA**NPtca{&tXe}D5vjMSGVGdrtr6A
z5L3zJi~V9ucv({BO8p6g_suDmBDG{wW^kEO`HO>nOTIXyRxvRa{a7PpKzCD87jzcI
zGTl*9?Pp0@91`Om8#Vv2L|Yh(KB7fG{lm#d?26oKjA3vs={so|$`UP!X9^tS;-t>g
zChr_Y<*`*%D*Nb{o=84aJ($8Q0vQHtPMZBXF)%0)HB=Z8PyFLq9j0!<10j^FR>PtX
z3ZS0D7x8)3D{1N(jJDjfikjY-WMS|@SB}MTxuDq08V5tsa_g39SfPg1OFCF^(y_+r
zF@7x5RflZH58AeRz_>!lmxlw1SY{So4*4g$#*42V??ExoJVC?8g^}B`9kf7FPYxg^
zT-*ET!%Yz^+7I^~cGu+zzo}>M6?f@Iy9Ny~PB<Q*jK)UGzBDSLj6C!a5?YR%VVL?k
zTJqDAES}o)cTHQ9cqT*>7T}V|?&jt&PVsl$cg16GP(OTzGnFtleLTCMjX^;e!4aVS
z#c57N+`@Cny`{ADjS~oSKuhn$-H%XAcrt4&(e(Xw2{g=9r2*!FSk$iB%NK`Na;R?U
zNoI6R8DiY}bMSR6?_yoHLo=lF@?b7n0~~|kl3fKCaC?-3^lk+3+owBIt4b>1N`8-Z
z$lphZ$@l$oe6BRdDA`#+F$0f%y6;1*f3drkdCA*@k$CJ8l|Hoh!Rt|i#|c2!*#Kb`
zMShD6n`VL-EDQm9^GyC}kdrh6B;uQ#t2Dz;cDrq>R78J<yhLmD)RM=~(z94JLRHKM
zmI|192zZPHM2#%!VpAvYJJd;E{hlJmNtX49IH35HcoFH|@<TXpXU&vDj%T#PWkjll
zf?1M;0IfJ-CP`#7h3FF0-qFY$Vd?Cy#<Y&rmfpB_b5eY0o~hg;?x#D+Op-Ms+GbRT
zwf<0$$#HV>FkY-2Ta(v+QFBA7hH#Tp-ZFEua@8BgoFvUK%)=cu=l_g%oX9OBL3_0@
zJTpXN=EZW<iU(=7h@<S3;fd%I!R+TvoRaLmByd-{1;mxCXfON`BVxTy^3?Bqh}`_^
z+_92o)gk%D!%8@5fdSF4Wq1>k0SwJYgzigl<Awa|QPml@oj=#KxLIRKrY7FhmaUkm
zC7u%>q7L<@202CS2gQyeUJmH%3Y&y-G6GjlkJ2yi=bZuvV^cnL<z}C+bK2QvMH_))
zVJ^yeW!TF(YezC{4iw>0IaF~otnht43$rgUyNfNM0|uCzbiw4(mi1*o&{Lfxz>vEl
zH67~+&h6c&L@-QxlDb!inW4K-4%GbMki{Lp6*sz&5iU+CeL=f5aWo8WzLa}MA?8q1
zC2a`$Ot$A!QElrt-7@WZLF>?QlBD6bttWVA%JV@nwlXJQ9#$6nFPOFZ^$@sH1d{|t
zjtT@*+sQljPOd#TsfyXiPy{_hqV1riC83Do*S=qO0S_Z04O1UjnNAQ{7(pAU;?K~=
zB$kT!W~~EjHHXAMHs_i)eFvXPUM%*vucwP9pFc{Z8*DJ8Mrl2u(JQEaW+D2uqI9|!
zS9DmDxct+ffhYkFBLUpKj>|X<*e18gh-Q!=sj;!HoqC!_0nsd_S}Xv2FL6P1t0$%j
z5M0)TZ4(EF?=4&WGkIf<pR>^C*41}6nXm{3oHgRzQUk?17JmAFBn;pc>b~b9cg{k0
z>w@J6u(~#=4&T&-1wT=UZiv)WipU`<^#rQ)X2ScLAlFvwSx$>5UW1d7LIz30Lp7+`
z<&DxoYS{F4jD9@%-IZ795rKE1=}z0qwrs*;G<N!wNtNiB5ntGyJi|09DmveeFdkVs
zYbt4;j5;=D@nLO7t?-brJIdQvAN~0cv;|(ZX$+!MGGdSg1^ElV8v7V<ErAh%f43Qh
z29af<v;*Jrhe7->^+5~$`v`;J&wE|cpyu^pFN0)R-8;PgOeKs6n!DIqq$-wSuzL?R
z2~i@?`J=lkYI!Yea#+;0$^=xP;JLOB#<!YizUXDICkop7EhQWSa60q<c!xI}r+&Ao
z?Tx-2`pJqPgAp=}GjqJczCsueP?PyU#rWzDub$is!=i6nc3F8l)PHGg7$ph7EDL&f
ze7JhZP7BPlIt9tdRZm!M%kJs$oKNdIO{APjH0+ap>WlN#=6iF87e;bwc;C1E_rcnh
z&257RsZMNbAze!6<i*~farKp0eaQU5V)$>Iih>R7nCEb4=RAe&PAHt83<32GVLZGv
z-W!c&(f+-n@64|#p7WfD&#m?)>V+_Cg$rw5MPOK4295@5s$E_>eA>Fw?e%Qxb5E#?
z^XyrS1(Z!@tepPJn(&4)^xtfAQOL$AgCkTw{F);!UxysI&7#n=ghDJrEmn|;lv5c@
z$buHpp5kMiB3;~G2TZGg9LrrZ*&|#T0<8P}Tm3FKlbX=oRF@8Vx(+4z%p_r(B+K|k
z3Grxq4?g+hT2!gxAn04)pltnIe35?Bc(>w|#4l?uUm~O>CnZH37*0K?yzU(f9OAvp
z9TkPI#FG&5X$*C9#8+sXH=m%P>36HqJj$<=f}Rc7_#lg=_58ykWR8s;?cQbipnVC)
z8dcw*Hd2wAdykF39w^yA%G-EqV&MJuJVe{F3p6w=(eNE)sMlxX?J4>bO@-F^`cxhp
z-UC!~E^#7BsP5G!{O%I*i59gxovN0M*o#yjE*g$`V%4y)adl<QcVoW~jUWW^013|k
zTHsOyM7DzO9=`pnLwT5A6WF!2S%4WoZ*#U~3lMum-@*w`km0VhUz4NBxx^5dONHtC
z5sJT<S%+vwoT@fR+G52pK64O<;ACDlycteb^h`Mj{^%HO_{mi|E)gO-9SbPExah^B
zd&(-FW*_3madwm-4vWY5v%4rwq3~ykcAtg3ZfE$ScL>q7HLjpHlQ|Bc_iz0Fi2fqK
z=^xSr!t9V%E;yX2j5xc*%y?0`OwwcX75T#gwrC6r`XS1?`mKJ*+XNQeQ1KT*>vmO5
z!GSB-D5*J>nu-hW@Gjvo<Z-2-2>&sGJNKt$@Ppe9tY{C8=&m+uaGMesgd2JLFO&)G
zlcp&yRErwMHT?#qedtJ6i3$H6>-c*uW=PuE2Po9}D^{lF=Cm8!ZRzs>s9-10ZuI9<
z(9cI%-dj0z8SAuQ8LtbkMVWRiHA9-V3cPk|VX4Cj=Tgi@J^jez=cuL1)5+qSZ1fz9
zs-V;79?%gX{YjqnOScR!w6lBM!61i`$1;o6M6y0;mnS%PIFoxVs<(@i;Tyw&ALRr#
zn$=krhqLIn_L^`i<JihMD=>etoKCe-w^q>Uz)7-30c+OX=F?j6L>V4qczrtJ7ND;y
z{+}3JwE(>2S^t7IsTVJJb;gN;h4YAV2uGmWKnC<Kg;bjeBFlzBm&gt$zqx+b@|wQ2
zXAqn~hRq+pV2%<4s2NSn$@C?;+hnlTOafddZp(i5T&@<i9f^G3y;pldtC&B8Ne4VQ
zhALh~fo60&r9lN!g$dZA+DyRdPj`4ptz~q;IJ~~X_&@h_gPJb(vGlxC8E9mk;2|)-
zKudR09{T)-MbJVW97q_eXQBo6Om=14n#QyLx#+cs4-&?eC*+K!(f!dy<n;Vq;evKA
z*&HHkV0pK>{rEY%k%46p-0JQ|^CKgXs*Qe>&=!lutnVa$><DcQZk09t%lRsc%$PO)
zos;?pr&W}L{hJ^x@~>DG^8*T8chu0F*I~<Vm-pB3W+)rW;!f43W2w;e0}Ogp9e4<E
zUbgAekJ`#v<~44c@&r|>|LI;yU`4C79cXy>hfY_#^-Y~z6I83BTC2d$EcbxtGUaB8
zA*~7-)3mgN3YF4wq4}OMOMZ(byT0w>Ua|eVmSX6ea5EvJHZOj;YdJxGwmcr~#)DXm
z;h}?gT;4ib5uW$VuN=RPx;RMF7#9u67lgeHVOO@il4qe{%^+$!t;xvM)wn7VmeVz;
z(EUb;f##@FF5g&^qGYxzuX@8$Qbojv@74D`e=p7n(zNlo(V4<41Zmf&2q=QYc5n%D
zJA%&3`BQNwzRY@~7c4$c?c@FFn8A1O_<UTt=Y6I^NVw%%U-$(>JvFI7)?V#p{odO7
zzX3=%hoamdm}!cdSanVGf>w(TsNkl+V=MLe;-dHXb?wLn?V7Fmi#xnSr9Td_izH2u
zHd}YoIBLneSU4K6gd797w!AdzNjz<Zp-wBsIXTJNhO?OX&dNqD!kzYZw~$11WfNS3
zFy=Kk`n5FSBSLjHV1^TuB}CT0-$;w(F82En_(JrfI^1y&*KH_=YmKq*pDr}X@9->x
z7GxOUR;t}uR+nxp9stS)C&8URDxf|l{OajMK#ji3lbsQ_xqH~q*Yk-(bh5v6jO9iC
z<jhN{kP?Eg8l6KaFBqZem}@waXN`rPhWu}k{+P@7M9l<p`KN4dqMVF9)J$u^891Az
zKaqm1N&QJ3q)v0f;`0%EVkP9u75lN)lXVzUOH{QI?Bhn7-)<{lcndasci_FOmrB6d
zM9EQFx9z&FAFGjDc+tUrsb!&Et2S1ysTP0svC2$`qLe|$Aq9dYP_Ap)r=K}Mn&o>5
z`*O1;ycB&Xba_Pz4qQ3jKmQzMy#r1?zani~F}BClbF>^upw~;VcpsUhsG!|wF`OsI
zt?`x_87Z!|R+=To>_wRPwj3hOuDD1L%0{p+>x!YrssBr=+>@KD&o}Z9M{Z>Yoez{R
zaX&8@uJ`z~H#r4s6qhL<uP;87tLa)E@W^xI-E`~Q*(-niD5W^8Tk0=<i`N6J_Dk}7
z*Cg=;oqd$?cjYNZ{zztnmRS%I8Hit||JSk`dHAv|PKNo0!odPKo*4UjZYE`R|Kdza
zkw>2e@hqjTR4f^(!Z4eNdQ~BuPk;V~GW;vRDtQA(13U5sqkr`F1<8n4sIBQDcN0_6
z4)>YBI-?#Nab%xajqd;ZNDh1h8s&igqhgb#s3LIV?o7(titr~6QFO8s39_Url-lx<
zpJmp(cU1lq35a>D%1qm_DO(sg@Mqgk6{_a3Dcj%--9&2khngacJ^sW=<(Y1bKX)8r
zj-cP$72TAzBs~k%pL_78<U81!Rw_3Z<k8At!2vOqlE<>a#H%pSBgUy=F|2fpERL?8
zwSpY{2(-+uHpw~?oX~I9{5PWfxFFTHk{L#|XHwSRRH3G|ic5qGbb@ESFeU0xaRy?L
zg+UH3NK@{C3-<9}i~66n8S$S5#+$%ddCQgg(v2t8@H~k~8E$47zDVvEFR0k{E4Izq
z&Xb#<M+s;`4f@^qTC15Plj6&o51R~z5~j<9y6DAl2`L91r*ONBjV%jt0kLI6ttGmL
z7g@E7FL383n$1+9-!z~a8jA8r_gWNmt?wDLWgxmgUzw56*qLWpO`!5QOl%OWDikPX
z)JY8o3uez7YL#}kz0&{H)XQBtpT*<|z_TrwDvBcB{fQ$mBK=rpk7Pm}+_=IoD-i3s
za)X`*5i;FlSD^KoZ(Z30(D4Rthc(abNgq_~(_Vjw*tBi<D&5O+NFR@2?y#;5DSFxa
zg434d7LUem!pU>`#T#Faimi^)Orpi@M7liju+#Ye+<CSe*vBz3s2Ut0U3LH`V*|_F
z9|@5a0U%9LsD#vw=w|3vdF+;w8M-*68;tpi`rBs>;vvM_hX8>3@q&&DR01QJ1O=~_
z=vW&6^-r91z*ZJtcr^M3%BMt^O_Y}`f@cWqE7uCH@WT#d9{L?^n_BD8QfB)TJUjMt
z@F%!&YZ}j92Qxqs6DIx)UI+$&IwKK)s7tvICYV4L5~#$mn_8Pkgg7}g_gH*;0_$lA
z{vRk(o3i-l{&9cFFMLfNdOyLhC%)HNMF}yacOzQVl;DNbmD~JMid5P+Q=)+2a*U|k
z8n{w$H$A-+$}&Ee4!o|viYEvVD1u}mwch>M)%^C&+*{fwl~g~V4XJ{Ke@|sz{6?E7
zW!j;aaAexx7gJru*0ve7*)K<|8uPe#wW*>%SGq#gy){lv^$~Xj%HyHKjDtUMUgO<~
zhY1C-{xTEM(OhPM6JE3gq|y+*($C<1Und_14BF>K7gl>w6m0~lUC8NjV*RxCW3vTq
z&wLJvJt;9qLWo%>Q9FYT_W;h07Nen=|L4KDlp6y$=woI%Z04}7rB_xFC^uUJz~{Zh
z%o-A^u#xgOkd}NGfdf<&WSg%F&aiAy4!3)IQ{8{j+QLR@KhUrA>!d{)G8Npu-Sp%C
z?0?0G1SXJ!7n+Ok>lO7C3eW*p8v&USuiym;cjlB0mcvAk0;*>fgXQSq%>)77x;(3I
z$c8d7LC<J8LI6&mmlX0*)osd`IAJ-9IPmjm1-c3WSdcJ|NbgP#KE*gny#_(=n7q$=
z7y7I>Um~AJVaW)4_|0PNs`fP;={Wv5i){=de9q~=zB}uEiH}-e6ar8lY6fkDZgLZY
zn7-iYbB*=jpugs(h2IcW(B-DA;s(l)`&8nuH=yc&DzE<)XbvE>dkD__dZaamma8s{
zC>#mMJGkbSco$~+4(UxjDiQlqelKKJG#!4rNw4ynYy!4s1D53ttG{`4<){XSEM+QU
z<2?#w0ak_N0JX!FXTA4}`0_Oz5Q`hbp9ot8KP0F3l1$kuwi-=BSnGE036`^3j}lGv
z6^{HE3oR>brns(n)EF-3ZVb)I@SErDT_WOsD@JOS(0}f?S!JHIV3F2Zbtj*O@&`)$
z^umclor;iN>L^dKkk)!p1s%mtLnPCE%SXRA8UahKEiro`I2yGq7{HZB>c=F{jfINT
z&+&A3kVc+GvVx3cj*y)mx)u1l+!Bo1d0tP6%bDlmx|#8u4ed8ASrySMZlKXbFw@k^
zI!2gSesHjT%B4_RxD5QS^WvS*VK#BQNLN*&2|S}k`HYJj7yrR@hR<$H+pj{T_IxkA
z82%<uZ#ea7p&=@eFe4|LkW$j6oyHg)CN6b~o`jRv?f#nV4OGHvJ)0A1>Z*ha%W2`f
zt`wxLOqM5Ryb1s~nyF87!feQZ_$#cxQKlp6kWoOYx{@n=a;j^S0mf%iWMEckuFI=n
z0G)q#LMZ+VDt2)~F<7<Ot{zk(;p&2v`s`~$JxdUP^s~Dkl=`I%hMSq<)4<hcXa}(f
zG*%e_boPI=fZ(3a)8*n!g&wUsbZ{8C$RkT)tdFvBHV(aOX-QT0Gh>vk8bh$wLDZhE
zt^4^J?fPQ%b0tyRllNn%HA-|gros<mKAfsI0~pi<m0HTH1x!gOz@=G=0y7G1_4kA<
zL34vN`pii9d=JafEI)~Mf2JsoN9d6eKhRh<3u(PZLes%~<yuBaMbbqOj3_4-(I<#p
z?{1ehTQqjpqZpg<9WkEIj9bfKu1rDREQn(>u_jvJMQ;qa0<WoupV-V4jn7QjnSIfm
z?b#CZH(q-m;R4eODpQ$0D;8DzPi!%XHgEIrh1HMsse5mihL;^tTst)tqL}%Ka?L~a
z5vXaTj}??-S@r19AHH6-zUE0~LTAx5<l2!G!_Z-=M{>~PdK=`mB8GZ1Ss<G<T03w^
zMIPYi5{Vu^_{g|`1CIS~+wecS!HOPMjdv3*EVVu->&h!a4wc|x|8D&?ZL>0y|6`2|
zuaGgv*s=$dK*ho5SZc)NdW^{VVeNqIwPSjd{YNIYnG0<v28G|OY0|M@&$mmif&gJ0
znjx}%+%rWs#g2wdOQIXHb6`3QU|HW;zB($fc9}+y1{=o37ujy6L~NFtPkXE}6bRrE
zuiB7ZA^_Piz28JR$FogmLwu)4<JJ8QFwWDl8M+Vrl}(EPZ1;<t-4?Kc=CX;-R!R1~
zz=XNfiW)-kgwJ~4w5F^NXMcDdh5bpdiN4z5A_xN*Cjy-s|A}+Z{wF>8SCM8i3ed3J
zEnPrE&0zM7wwp)KzX$y0GGpbB5hn0Ib&YN^3T$ILc~R?TH~?{8t|cwg2u?#sIm@Qs
zmxJe9|7p0T8=*l43L8Ar5YB$?fw6zNYM}4(xSXkK_U=Ai?c9iZZol||(ZmjPIg-{5
ziO}t@Pem?uBw;lh_z@}H(n$-NVlRfqResUx{@Hp_=`y-7gMQAUV;>ei5E20BxmX=a
zRLdf_Fu)edW7td)iQTo&>-6}Ei6%qqLv4&VXR%yvFU>Yk<Ii%18ONh-h2?m~Idt+R
zF=Q*MG(^P3E<S5|1&KPo&n(Uv4t2f(;(ccL(Yz-|`iTHBjt?k+yoK&u;vOZJj}gxp
z+xUuEap$a-ewJA4yt1Sm-2x4puqaG4?OTj)_*z5=VrveuP|h2A8@wuemBq(mNU`gN
ztkx$sl%@TQ^o6mI@T;XOF<j|f)TkW+o@c3(kd?y0Ll26`hNGH2#n)+od~ywa!<&fz
ztD62Wr2Iaky)i{V3ncbC{E1_q^s#3pO8axg+l%e!-70T~Er7q{`RUrt6{}O)ZA5z3
z({cLlqq7%>-=h?3ReG1@No8-b`;%-RyGqb6xD9isxX7gn{p1sa=SU3`c@I2B-3(Re
za@mya3kH0OZfF~}bx{B=I^Jawi@^r{oJ8Nai)1#|jhS#q(<1BZI%6ULD;Cj^B#}YT
zU1beK%spCIbwA}}H;!F@76NcGGcPR|?r|U8<(&oQV0U0XruX2am7DVLW5T#9xxCM$
zGMND&8$ZcSSso>5EZl*ORImk5%#arK*-U(|=5tsB2YaFd!<0J2Zkk_!qy^8Uej|R!
zH-nl^yz0gI4^N$K4)O}PaOux)Td{>aXUUa-ETi-$fw;d$!Z?#m0&X0?eSOBVkNUae
zx6-xU^ul-L-7S#`vgoyez<4m69KgxsEF@Ih@6%Hf1SJ|9IX_A!C!mD^vC5T`hIs>*
zl<T{^AiRh82lh?`U(nlv$|Hb<je&n<RQ`bUBL^O$GsC$!IYo5dH?F1E(va4M>$zib
zy~tNYc0eTpz0#YS_n};@?~yv?UAmOSgEhoQ#}9R;?7Z8xc6F-><Cq<{7XnA>zRJ$?
z?P><1f1hs}0@!?1es$k}9O$>kKtHHC67!Uk1SsqG9hnj*3{<#|u;mU+aNvj*N(w`M
zG%6J%_8eopV3NyLj5?G-f7;D`w=X%pZP);IpqZFV&mnC9y$hdQrp+|Z?M7>Kd2uk9
zh@lwQ9CDVIFVl#G@90`dz{ixqRRn=9H;x^k+QxD?M0p-0vGqb`21(1vw$1&8@n1U(
zUXL`^TGpQFbN!?pM&jxhpzow}vK*^9uU<v!%RGtnbGH6xfN@VLmu=@MAxoASKj!3R
zma!bvmsay<{EeZsi{80CbEL<9#OA<J5TL*z0WBf@S2Rg4*r(3V-F<I}0tGI>f#Y}0
zQ^5fEzQDlG*Q^*Ow>cYtpK{7cvPBrc?`Yn5Fx786lF%9puKSIHX}|>F`f7(h-(+12
znfHbb_QEaL*9*zZiF3X2ho4Ba$WgB6@=x%><yo~j{cF&hIWu0P`(Oak#CAI;G}dRK
z=mqGrJWJ&Vl$%fl$lhi8aFyP6({}mm=uR)oeP5J-W<0p_CScX%TCt?@3Rn<{#-8_E
zn;CB@!>|XOgaOp2)C}wJD}t|}aG=+qDO`-}R&J91x)e2Tp8zBcx7O9t83@37GFiZx
zR0XyB9PK-jZ-61qGun=l%>kEk-;o=*MM&;2z8xomgksOmoO5>$v39sv{W*L%Fj>_=
z@VC?<T66H_e1_KaulkmGos@~W)p~T^I*!R*-0lAPvOo^}oYQZ8U^#zog)-iDz|wMm
z-?{Wh<A>`~hda1NSP=BQrVlnp^gk5$zjkrGA04?{@|$=1MAKPQ#qXUKsG6KbNrLO8
z_Abyxg0EF0yZeXfeWH=iT>~xiamnpbX+wWA&S>KRcg9{KEgI026HpqP=<`cNWOA?L
zY_0i`=#uSeH}LxPgYW0=jz6yl(n1e2pKj6TU}u~C!bvELUYlM&Fn1`Oi63z(V@>u2
z^-~s~s;jeM8+SqjW1NCx!fUXN1D9xD=8mV-=>Y-hLz$Um|Jxi5iPHeq+m8)njFEk5
zq#&1z5r?>lGK_}curZG#!k@W`VGdtAC9SX8kXJwbAfY5B!50LmI6vh-D2|8DI_Jtg
z4IENGZ|#qb+yF>0Wk{oHQ#7)rg$5*haSlJ`-st&HhY%9Hd|%+6vQUJLt7#t4Li3d)
zLj+sqJaI&}PD->)hy9KJ)!k&mx9QC%jo+wZIv9S=Uvh@gJy3D;KDop*njQ^ksK1ow
zCG#+x?fdnLGSHi4t|`#RV=q9thJD2%CoJk>H-i@MaQ=OzdnrfvixU4PI{|bui}d;L
z;17xK!oqN$8`6h64Al24DIn2kj~beRj|!n12K}`Le#((%i()d7UbYp%selw!vo|sk
zs^91Wm|{M<eX3|^W@nZe?WY|J#q?=85%eFNuV7_v4+73FGES?k@!H<PK1`10XTJGN
z+ZGx^;3`0lS*jLcMAS`G6B#SgjK6rHjr!`*=%QM7Hfdu!ufu<}rf#XNt9$Y?9p%6;
z8|8f_cf0+!wayB^o#39}iOzT4ed?<nz{aO`udif{TC<JDZ6$BLtpZf$M#>9|<3LV3
zIk!Ks8-tGZTm-M?eh8Oao6Hfsysg=a;<z3C@L|&WYqvS4&*vOLh>BP{e-FfYU9XTL
z@!_X~KlvrWP3?4Mo88sss~OaYBoQ~O3y;X7(RQ3lv<c<QO{Dy0S+Ju2vYu#M4|&5{
z`Tb>KA;NEEaOH2X@vY*1XeikV%DuPe25Lst;)f3}?$+81W*;O!??!BV{Bg;1Q`wZZ
z_Isi_sLzZWmSTC9Z?_?9sW@>`)y%)uc%>l|e3rk48J!T4y>bVW1uP?C@AB``z6Pbh
z!1H3w<j?^PVVq1hoC#ErrXh55x75aA5?O19;yTq2XSKb7?N+)Mtj^vO`v;73g8{UO
zf?v7tow$q!`f0%Panfh^LY-Bx_>6YO$+6pkrDJnoipl3OPyM-fy?ibqZkF})Z!!>W
z{7o_@&~Jbc9XLJMONR}U^Mihx(e|eiYw0YQi(wF2r9%NNY++fl$UL9Xj`!gB6qWEQ
zs6g?S+GFT?*h*eObEmc4#m4%)Pw#tnnkP6=x`XSIAAfYNQQWRMclnmAsVtoErjPsD
z>@-qn`RM@1s=PUyw83<b>k|^UCqFXFm7JN1-yP?yP`1S+OF2KTh9qxN1~9(rXJJfR
zy}V_>#Qos7S9DBt^1Q2x>s?TA=CJOMf8Qmv1>N*MMyN<W|1_$yFrvWO$>j|}PycwH
z_P+4u*XNhDweh}B7Tru7{Hvk!vU9<rR;_-0!Q35*@A(!Q?&q%!?wEP8T*l{*=nJ~7
znpC*ZaIRKAJ!FU|Jh_`P-(IlYN8D7(f_dOr)qMbfph7Rd2AkArz-Hjbi@?-t702Em
z2rXqV=~t^WVPD^dvtFM~o|Q6slD87Oik+CGWnZdgJfDLvo7fhCT)H7Ju<C16_0LlM
zU$AgukTOe#S_p{euWMVQ?^>d%dV9*1L!S0rlx!hG&4yJ8WapLYez)Tn<*O(QD%c^q
z_;&TA_)s+``vC_GGD8CA8HMorTxCV87fIAKNNwamG=rF7W+l(M@RqLg)F~N!>NFl~
zEM0Hr+NbSs^EHmmP#9WcdV1!hGR?rL^fi`8{}j0~NZ0;XHQ5@$<BcN(OA7CE38wT^
zZTFe^q2F8Au_bi_lzVe~rR=z(4<hj{4hG>Cnu5#+sZ;3U_>_n}&$Q`Hn@kSoFY6oI
zDAUw7X$egDFU=k0w~~m7bMX}*BuzH54t+(5lXd2elpC*xt0^>uT<A%6?y}CD&?;uT
zfz>)zj!sXq2lV+1a|~HDd5)YtWb@M+@Yr9hp21KMGiuH8dlZGEXHH|F*W)nWnx%hv
zmDfP~YbyeiaXsi!BmoEPUDrd%>4dYsp^(2-M)nA26%*{MSF!z^EWns7@5xRpCR5;r
z2mAPO5k%y6Jh+8Cr(8<uO__>wL@kmy2Tb%=FkrWwZ^NwX;+64H^0CqDlcvJ@WpmRK
zw}8xJ(ekeeVL189$rd2@W_fFqfepqZNKv;{sEiyibN(fNQaq-|;JygF|NUNX_vPc$
zZ)zD4wJ#mWP}%V;@jJFJW$V!goeE^g)1SN?KBPQtB}E9>TxCfwG<;Oqb5iZFEH!!a
zaV?y|D{u|RlKk5xpKmE@S-g?FtLSC~bg6SmJRjk;!^&|bg;JF_{}p~6gULlIkyjwn
zo%w8DRgRYt{N*vEet&c;nETGmJ$rC?*MR^~N{+WPlv?u#N@z$ZsOE9wH`r+}@qa`x
z4J8?Y&)aVxH@>^%8$c2c^7z;?d7-Bf<d{L|3d*tAS;kWC)qj3;8k5&`9J7iq!IzQ0
zx+VMIzBXo~)ihzlH~bB-7x7I7;)zqvQcTS^&IAX6=&YNg2|G4q>)wFe_Zo4nRH3<%
zU(twqaN>|8ja0Y<_Im9zByOw)l1O{#`)&vtLX02_BiP<HDy45gIRlEwpqxYbG7Y8#
z#!v)c?fde#FK}z!O=ZpkE!2Xfe!DD(P1bM`+B;q20P`r%dJD>^U{oVbm&21&hQzOc
z79jb(pWwF`K-~Ty4p`WvK7%dt>&?iQ6lPD`a^riB4zA?JtuCoeVM7{Q<c>q**4EJO
zgO|V^EPl7PfwI_bbb-8=*@i5epi|dDQ5jYHm6p(-M6qPRG^DewOibW-x>yZ2Lt>Q=
z5~+=Ker`ly!_Bv{Nj)c(5CAMFljweP(+6+)MW!I{OKbElBubN6@AfKHm$ny7k^-Lw
z#v__WZ>o>)wqM$fRiekRXQF>KoIBL#>OVR6BUf(yB7uy#rl5-nv|1b_LB{}Rjtknm
z6ix^hYuN3rQlWqd{g4QlXLDX*20?$-z^8EtL#d@Me|xe}r0|L0O86OF45E22bJdS^
zaGCmq#lO0H_s;L2#t{VwbiVx3{^fjD5a4|W=<<39nD@6wIs^B`JmW<`#rnviH(UDo
z6=wfG05(C%zK;YENK8?UDnIqroiyWkv{b9u+F#mxT&Fdp?aF&r+5za-cb8S@d8FcG
ze%PE3Yh7OTZRAZUA!`zz7}R8K%$3u%8`l=gqsO?|3YNXPVhNCjkQ6BrE9t-|)-+pX
zNT?hXDODd#9G%XtpvKy+=SL)$QCTAuQu+){&MT`<IAiN?><%=%G0oVuxj5CdU41uc
z%-1d&tu&RbePmRzMWskU-!1W^xQ;{%EsH%=+@F|x)4YdJS9wxULI2R$eW#II7%G!X
z;k#>u)E7kkoiv5gX4r0`@i>A9{DeRSEGngwMIuwGD{T9|BNmn@2X&j7k;G0ei^Lnw
z)^(1NkZhvB)C9{v7A*=z<T@`x_yLn>a6Suocor=NZ(>;3^nAxsFFE*u4d}gfGyGuD
zSGXSUW^jE$7KrO2^HMjxb~M3B2@o#1FqcE`W5gg7{4sf9JLiRmA4Q=w);YPFdW8JE
z9FbagjGK<(2R~tFadi8tHD2*6d&z%!yUn+F!!v#qwg1j@^NtFg=T{+j6>kUN?;elu
z&g2-)CfORLxm~OG^AX1FxRUHau^4__>bljKP{Os=BTaMu30t?|+RgDfe3Z-`Z1(vT
zi^XF2!SF+&j+X>KYW3jo$Pkc^tAD-$$j9&AHh=1zkD~mKI~V@x1Iw<RzvT(={|HB?
z4L?#+go>hwb~Q;VuOn$6t4~J4>D|jF!7@<o%Bqt#zW+CCN<HC6{OnM)>_oJDFdD77
z06<3VtIZf{KrI~%SD%t;A1?ejP!8|dR(}7=(tD-;c3tTkdxFDJWDY^BXX{A3aVUZ!
zOZa?+6@rGUh&nX<s5ByQVh1Dc53Lrfy7sx!FAfJungc(oEwxv{){#gR!ur-;@x!ZD
zmsXz$2>dWG$>xGoXxhiMn@T3c@8qfADS&n^*W*7W;n&9w2e6(!rBEFOv>Tiq>)Jw`
zDvm|r(&Iv_PK2$*haU@%mLNw*9O>H9XE&6-y)PK9VSa-y-=r)q)}9QO951gNEH|1W
ztpC(N=@ZY6!VkZ?qXeIW;OyAnI`AW`HpLEzWsa4@8vHywRSCBZ2cV;&AOtS_5I;E;
z2Y2r%fyW6HRl9m^>E><a6@vl754DwYHClQM)*LJw44O7+LvL5@@RH-f>Jy=)9q1qe
z{vz@6LD-)F_9w23tdTz92hEAefgd_iCa@Bo9~W=n;GcF?dn|d^?rQHUI`9Ja$dLvl
zK)|e9DDQLK))=ON=e`8Ol90B%W;B7C0P5xBdxshylNEu0AHe5I)v^4b75*H;yYwwr
z3DybK2B0)E?87HFM&H<92h+UV_3W**=}O>#p)LXZ@QYh2y+hAlogacBOWC*3e&EOM
zSd>Kg%jLn_mI*<z1*kSwbojX1rv{tAt02Y-gMK{BDMK^;w-3(Q2S*cCqX~8l{<wR0
zb+0^etaAlFRHrJ6iJ+44aaalTA}oRdksU}AIh&ao3WYx4%;MVM!h}mE8}x_s2v<FH
z23Qq%z(Rlc)`9w|R(HntkRHcKBSf@J+=RKDVV`raJ6KZP5cXH|d)@j{0&SwMowqL!
zpdJG3hPSHT@B=2~;%z6pm45DQaCDo4bVE6L<Ki;j8DKgv92#8`7K17!uqt&mePB)g
z8D!=2vojOuTHK@Z6|H&YCFJ$a{OI#UKU+#wSIL$-1m{)tm3Q9pKA-zTc%H)J6)r&N
z5+K<03@$^4AKnudo?P^bh7$+%Ja5<*L-T^*feTk+j|csEeZoQ=B)sA5jM}+fQQZ>Z
zTTWE!YZ4E6A^Oxt-3{O|N@tZp?Wq})GdKn4=OiYm?XT0TevV@(G6ikDj}*vy=s<l2
zT#b$@xrpESh9A$IYQaN+4lsUktl9e=0j^&dguoL7bp6)&v7=3u7LZPi54E~5LgOpC
zPsR)n`W|eLUca9%xPIa0041~Fh79>zA6*~azOxD=#_Z5~T`667(x#HYiGvXx+<tp}
z)g$u*%JI=>y&Ag1(*zz0un#wGuk@}~2mAcs{u(R~+q#hq5#e*_KVe>08IK}Zmk|75
z=abo^><oQXxJlJ+(&d}lRo9DK#kDKOU|g)BS`QBn4L!d7;OFN)_lNf_{x>&I2YX}?
z$SY+22l$_Z|HtwJM+QcQI>vmPx_YQRY$uSj;$;lTfOVT@A?VDBCkAX`fh(7nI*z+W
zh42zpkgD2hSO0QZ2_97cX<_NFSCv|#E>PrpegrC80zSkluHQQlqL+qD@(||j^N)r&
z>^o475Y<3sBna6TnPT0rxvbU$$N1+<@)rZnp`5Wra6E~Ada#`9xCPt2e@|e%TXd4g
z{39V2(K_N<mp^<cAbp@haRPjJB#LqJIBagHs^apnSk(hgvPV@F=AmgfS1ucEwxaiv
zbdVK;s@*U#Lgzhv#84JEgn>|_1&HQv9xfNP$)`7zn@OygnM#s4Q3<hj_TJIps?~Pk
zw=E;N;oHkPCq}lXtdu48<U9LpyckY8eE!8v`V#;fiQohwNi>PDI+-VE;rT}cOgee|
za6nf}9X?K0qB&&JR#*$o&WPRHaLV@NwI|9Qg*Q@kJJ)5tFjq!`4eJ1}vQ->|^p;R6
zC=RF$Liltsn}y2Pxxyv4h3&U3E5CbX0Aafz<DdNav1ZYg^34POYL}i$%&SOwBpHL5
zYq<O;HdsUoLH67|`O)Eq8&KAtH^-pbNtD}F-nB9qPR2YJM65M5cd$hx#Sp%n>}iTf
z8x6+9SFf}EC+l+D+wdIBGe5bp&}}~3bV?9Rp^ZjMI^cvUXj{+Paa!%8^zDQ7IR*O$
zfq=2o6a3uo-|&1&JH)$o*WBtHPA|HBXQ3M^JW}DJAm*->+{J(|;xc<H9mp>!TH#e|
z!p7M64DKO4j**&y)6R)^0~y5W=6Tgt5H5OMdTg?=OT+C5W(D?Rcz&qfrM5=bxfZg0
z-r1tgSkYp5Q0q%+k-08h&I2NV#h1(!x|w(afB*SL?lQDXtQbzR=P0+Q^?9P<J~_u4
z48)%OGOb?+jD&vMnY5S5SNBx$Cvc?~U544G39Em@bG)%Y5h1wUz5bb;@h$M?-0SXq
zKVj*FWf1J1w*wz110k8@#3y<RJ#pM=QV3YX;EEQ!%DtM3I!~@PlvCGZK%aeT<^hlC
zDR&hHz3N4Hj<)#n4bQV(EBi3TVQ0~Ela(ETPuZ~9GgUN9f?LP3p(OWL3r@CPy&&f~
z0tf^QW7r(KAK|qCiCo>ui5@2xp2Bc<g{foN7uX)dX1Kl6(}xcWPcY_Obh1_S72E;n
zi{!%t&FrWZZVvE*Ij3Nl4fm+*LEXEjR<y%vf|Pg3^C*IK$r+w=E6hgtK~abEi7M#i
zOSwnjy#D8hN9OMy_}DKt{^5N~e)sli=6twPzxwT)pZ>i&7QX&lD{g*f+xIr@l}QOQ
z6NUI;sPObO;73~d(q>{6a46Jn7R2AemYM3*y4|`E{L!vz&>|f&T+a`c9ubXJTq2T^
zBnb&WAa4N269<Dxl`w)#3t%cm4*>lff}{!wKi;}@bV~Sf!{&1DwS8(sNdpF%sImBX
zNCrmEk`Et>R8~+f{CN0){o%FGl{<!(S@@yzTB_FaJ&i}I5pG3zmNY{e{TJ)8@I#+p
znrHK#m7}R?*vAity^j>QNVR3*#|S}Io&gEK6^tN2BR6FNN4o{K9{@ij0!gBGuPEUp
zsi-da!Hrw=C!cs0;75e;1AhLl6;qtk?~79=dg(wI;D{3#7=<4c)QNz|i2yxIVE69Y
zQO443aV;o@AKF<&fgGs<_#v6fB>_KTV&eu^6HHWji2<oxeb#-e^jx6nk}y{V`wzTz
zWM5QZtoa^OAV^NK(;-?2XlAV`y<q4*5@MilL|$0rP1AuNPYptnk&Syo8}4%h89m?!
z#Fy#Id9Gl-k~coy8nx&2{7LR>-gMgsbl=`u?@i>MAl8iG$6&LI9mykbU)UT^dBz_z
z>o0;Iau&S5p(4@X&N+b}bfdDa*VI_Tdkwx~sng%!-u0SAQ(Qi)M$+C}fj&>00&1Jg
z?9MhN{McAdd#?(9eyTObmrQR#n7DUPnD$1QiZ_w{D%;cgKhe-{u>#~<+zttSfX2L#
za469Zuq$q>N5fTXrWkr%zm+2wGlU=X-rM^@>D}lq%oCR44X-0DAmO$@5p~<f`7HM%
z+N2OG{JY{7o*De0GzD+$a1~#<A|M{-Gv^S~f*%-^pK`Je!;hK4518*Y<uEB5aHsRA
za;2UT3_p5{R;z;xc?K^UaJAA}vblQ1;EI<5Kd^Vvb9&oUBMMS$+UcwGu2nSEi4I_R
z6v1Nn!FoB>X;+BPL8WUIyTR*<SI)>-UdwoQr@D3U)DNFK^cUY-^SgH}{CBr4__sID
z6By&mPrbqvv+4_bsO9BP0Dk<=?F;|oeM_%?Y{QqI*(M4)8Ix@+Nn|XnmEF4B&!o~x
zOn|<PFazWAF~ScR9}GkoXqF*z>&GDZ2ZbN0S+j&6Bej@v4mE|J#^`@^ATYM!+IJm9
z;Rh7CO63ASJZM?Po0p6}axmCa4mS>kUwp1iBN4kw;sC$BFND%b6oK5hrF{K!rR^gk
z8V)P`<{pQ9eC*lM(?`Qc4~HLH=e*wByDQLup<P*gETjeidZ4pVfRM$5ktr-zvDibl
zC;ad_LRlU=97@j^E#2DML8RJIpUXW=lIY51_O<G06vWK{amX8<k+`DmxV-%IkbOq}
z1nlJ{v)MA@JZoW{KRFc4KN@{`OF&0{A6Qj_@=yw6j8q~zgLMu;KDTTwe{hxkeCLRQ
zA4=jVpsT#fB8sx=fj4c@E%3=_<yK5NsSmGqwgTs9@v-2$`^)cM;WYBPlYufee}`$1
zD;Ad;O?3E(u5&roSGJdIp{g_l4x~PZ8f7NqgnEQvnJkTeU=NdKB!P#JGAT)ksk_Zw
zF?Q?5bUnP-?pogDI2D(C@Ibx)X~>WqKz|PJpHR9Akif^?F&uqKP*I7zE2Xq@B*l@O
zK$|uHO%kS0V*kO}@h~%phCu;leCJRdKn~2<{WFr!B#S|hXWxj_fD+%C|7LBJJ0GV<
zv=_3fT{GvY;RmHS3If5ZPPV#`VNE9zdO<Y0X?5X4x&X{s{`*aFkI>8v+J}a!;Y2)e
zpuWG_fnEW9gPype$=9qIzz-Tmp@DwSO!bx>RX7(=YU9b{En0{J&-m(*6z01@afUx8
zQ`8}>KX0&=eOZEZF1TQiG&-AtHoUOWdw!qq=d@3%O=OR2xtX)3wCGe{IT<}dLNM74
z+e%$N&_#DdZD<oZ`yLTa?pF4?<ine^JFPn#1li$Agf-A4PRL!mV`mjA9(cD|pi^*8
zq0M1!bYdyeDOQnQB<w+&+2rIP+CiN==dlQWO!pB+D{{~sSTf`UP&_t+ELqm*7k%<)
zM{Nq@pD!%|yo4Jp6w{#aGWQ|Kni>3f^O6!=l24y#c`SJ@xocgpCoE(F(VyT`9zHL+
zRkEgd2X~v4UPSvUooRKRDft9m`*26Xdw3CInJ)aeVyg8lBmr4SCg8-Na}Gbe`@lO_
z1TZo`*62dZd$DGk;pfHBKeQ%<>l$WsWz$C(e)QI(N1EOx40qs_!)cE!kfPKm^>fJB
zgMsmn2O95jiO5z_y-K|Azyt_@1oVvGxvTcjfyVLTug<!?t2g|3@9F@40#6^PNkyM8
zbO_;1!uZ5SQEu_xy)`dmm=0ig6v1Nn!FrkD2X!DQh95PMzyLxy@MFv1&`-Ayy#J>g
zU-`8a|HoIC{N5c4z`A3`@Z+~{nhR+k|Mz{%{_HzzK0SBqElYN_9gN|@50w#u@WTY(
z+pcrCJj{12x5bws{laFqIPgOrm*O8X?PF^AkvfS5KKzjT=D?4Vu!sO%x4DFA3YDhW
zRXGQL^RNxL-?^iVNjcW=T*k^%W2rq%=nMQ1>`cs=6522n(E_iqEeStj1wT|6SMA2m
z(a1G#cXK{W<+0ng1%&0;jF65CKV-qHs(~LOh2m4|?JT7IWoW(dbEN9mx>FIt4~0_D
zSwy5<)B@#hawREL_4VBW-M3OLegl~lziB8m86=VSe)z=Ua;quqIzT^vzDzJfnZOUx
zwh!(tlRXr^=x`u668M4k<10@DH1*_ogb+fM>Y{Y&1FJ?;>8^46HrpqUM1qP5O4N$H
zL?2)$iGd%Z)qr%ia%$iQff+vhfDcW!hlL;7s$EpO(iO1`{7^!}^Na4rwV+^P3p5L0
z02q5goNlaO#7W-}pv_@&t2c9sUMV<i#i)e(ExhR+sM=Rkh&mNbo&`ZnfmCpAXX^z)
z0MTO)bSlk*CV)l9tZFAAIMwICItxGObYKq&6u}SrnglK2ZJJI<e-)YgNe9O;h^I6D
zAd*Y51bxk$LHl4JFFS6AU44r=Sgy!%Zs7;MBpXWur_aN=@Gdc$6!I!}jxf$NhtK2g
z7(IPxobb2n{J06c1Y$3`qmK$6-sSMRXG*FxHj1JM{ZQCd%Wa}*!4Dc}hE323{$7_>
zFSm3nYR0ZNualM^nem<Nm*irnbNXn49XRM@>o#Ol*;qw_fHIynuQ6%Ot2vo!Lb>o`
z1}B<UzoBt+I$6~_o3!Q|J_T@juLFBnF8dH<%>aIQ)j#M2ZCYdSf<0lqJ;diMEraP5
zKV(g*+!@?G3c5}ge$Z=to-C_K@9kHdBluC2%mH@^nDp>PcXG_SQp)H3oWl=#9{>vO
z4U>LIO7FtT&t||p%__*v2x0g!<+MCHyTwaN7LHAWt)b#fS+7E!SE!jzcK|^3%e>N*
zK)HTdP_>eN)hGM_d`^Gz5dvm@VZNf7qh6XIbS)@an+rd96v1Nn!FoB>MlTI*5-z13
z8k84^DtuJy8u-!CRg7p+tm>gsdCifbuRZ(xC+6*X*CU%=^}x#i`Su0BdBc;S{^5sO
z{@>m>7k>N4-(2~(zu0!$iv8bx?#R!!AJ=Bu#=lwzrqKc#9XnEEFX0rzGVr4vU%A`{
zrW?W&!W@f%Kq~Ys)|{GSPi+w}wH~MJ)uBLDuNtXE6n@|icg%X0WZ(zHopILxU#*nY
zsAL5#GxtA6Ka7vAD<Sy7gaarWr4j{HT_dc6B%Vx1B5|gO0AqabKtO6Jg=&QeKU6U&
z3t%#+iS`qyJ@vs=1S6Fr-ENwZko*ssHl$9IS`Y5OEdK>b4AHt%cE`T32@T}MZ-;6X
zY*nZVrPi=|kW|XrR8Cd(Gt5d!;@zVmzWm>^rKBJkP0fLCw+x3WQA5HH@Gvi70t!%v
zR!iHetJCq0<s><yr4REa2Y!f60I~Q0X%_Hl?<829O_|b1A6;h`7^(=Tko70+;XHac
zP%SwahcKj|v<9LQ!xatHmJQmB^&>%$G(*?GT>FAxX*gBwDv?s_S5%|b5E2Na0W3t?
zwj0|LG)2ES;fFVrFA|hh^@f99Wu$p0a;7N4M4RjkDf-S2(_p>0Kb`qV%j0-c<8hK5
zyuQ-qv+p)%&e&<!_@d%ve!!HRnMGT0yi2F&Ltm<N$9upJ8Vf5bl|V6%dV8l68(*7O
z373xe@ilK|?Sm7ja|5!N>EfLr)=PmOAgHdBE#!@JxZvz$e}a(1D+F8w6=;Db#E0|}
z%SLIZHAiyF;!fUd{TaXyx|4JAD(2JtFja_|ZUtHZazrTkfVp+&<jz(^I%zjpo+%WL
zw+^n}-jC?X#rsvZD`sy^x$t8KCz?+4M~4_X0UUukb_^#w>O{-yDljKByIq_g%K1Pq
z9e!lnkdkI(3>WeVt3<Orfwj=sJw(9SRci+Fa&+M0Iy?Q&QzSaiT0PL|8eSr->a$di
zS0|Rw_&J9k^olM5THv1TO|Sq@uRkuZgE9lTD#MTd1!aN3UVh3NP>|mlyM+PajH9;-
zokf&eB9G1)>QTY9=&OF<M>anmwuqbq;Rhw?j~r?C$a%#9438pM3_n;eH~eUO@WXNZ
zE`}dyJg(tKEv-WU^<+KWaI*TX=LUgW{9j*P{2McZAOG&=r+@#ei?4cY%fdsY!CHE%
zo($KUF8qkilzi>l-3xxSjlZ|V8<;Tw@S`~e{D^hMD&l~mmT}>S_UInXgCE9ILF}Xt
zKV%phix(+xk7hHn@FR`ut*BIwLDdG%-_M61G^quQ+!J}SJor&**@Tr_wrQ6R3O}HF
zm1RW<-IK_JWL{pvN@+)-OOPS_XjhFY?X(yC0Ne9FTWl*|0bRhp_wd1p)QQqTc}%$w
z1;=B%U4$PgDXs;$qTUd@2jl<`|L-@JRCy>tEChurgFe09?ik>cPD?6@4wfxSxo2l!
zj?sl5f)mK(n+51pUy^O8i*8{{($tVe$Aqs&vk|^_p>;h`E1!47gv*x*R}US5I<CxJ
zLfkaKvwB13a}c|A7k&_o(Gz|o@JB;1IS+nZgk`T#t?>z%8v^eJQ`$U0=rD^SyjoAW
z^JQ=%IgLup&8w4xudmQsz<QKUOP`aO%}3X^xS&P^4l6PCN=J>;^{yxy2h(>O9Bbyr
zL+fPh3$yR1+=_aYf-)M`MrfefyCw`Nf;5x%p)dImXwJSrz?%t((>~5E{J;}I<KWQv
zkPZbNx!W_Wf=-0@;6V?l08SXNHc+<P!v%|ZA?E{r%qb{>H!b)<C)>U+@0Aa_B~0jp
z;xq7WtinUM73kqmQGw3j&h^Qh*`2KjegK}CLrULdnG@W8;c5cIWWHqj31;Cdy+@8|
z&8zHb&BBivpJ<GHA!5O4n-Deo3v(03>6WznDK1U{o~p|2U5qgGTis*FCb?I<RQRDx
zR*FKRSUBiHK4G(5#FL7svZgB<m7a2RH(mHa=~othz=eMy;Ro~_9)O(>_(2(DHo35<
zC*U0XqDc%C+cW&=Q;^t13s@Bik~y4<dchQS-}LmMGu-)rAGwC@bZu&&LScN7>*N#1
zTUq$QqX^a|2tQt!V9gq33SPxsi$F-mgAHWM5=N#762g!1@y6tM>+I>VYP+-e`O+5_
z?SAF`%YNgAr+!mbvVwnq^M<Fy|C&#7%VDX{f9KZuue^Wx=jQKxK5U$w?7T3Mo|#NL
zi3!NcfOV&(u!mz<f|)3~;F9_q>ON^xcM*lh%#SxdBjE=Y1;Q|KVhc%W2B4vf%4QIM
zm#VQ3KRhC$4A0ft5)t2rsz-~d;dxm@i~Dx@aoZ2AE<qh9k(WSl6q&ytQTWkpY4Q;_
zBMgxP{Ma@UL)oiUMDV{GhpgH7C)bx$9W6vM$^-@5fk=nTUAL7Gt5?a)4+TF$nT`|D
zd>7SQQW8wZ)CXDiDpYP0cWtM2r2><wQ$aWQD*#pruM3fM^4F{Egxs|!0?^9A0HDIE
z6QR&x046AyfdQ>lZ<JvZ!<Dif2Rt9(0b+fpRfBdP?%7$!K5+L=%UXb1DTdK;;KwLb
zuYzNzDJ<7-E^i-(bp|VsOAVGm8-~IsiNX7i50;hF_$N(cilh^H>}dD_dxC|(L_IE9
zV+}J=gb|2J`;bQEf?J^Hc}qE$5D$;0DsN>@YfDp~ME+L6519gj86?K={Gz{)4YwfD
z+Jp&-f3Y+lguG=*`Sj^=Sh6!=4ToX;w=ZsQEG1NsN(3{kaSGLEHtNG)J!~UEu(|9$
zz;A5~YhN8d|Jq&~K{x@fB=W;=?yphL=UtiI*k5TwrEl_DB7S)Gg$W$9iuroeX`(vB
zUg<d4eBPaKN=~mBZh0HR7J#F6-h%SBLVqYw$_o?s?Xi(@JbX`IHdzAjVysTn%-V;Z
z0zAdA*oIOvHZjhR`#yzTy~l~BXB=PiXb-1~JKclT_QDgbZ|ti<VWkhOcIq0_pWvo@
z^p?rf<Hs7Eb))Iejx=uGUV+Sd+JUjV_J27*v=?>{Dh^XEA8OsZr$%ev<JHm6eiHbh
zyEI%r_;UNuf%<e$1Qn2;GiUsTXMAVNz1Y<XJw620nQz!yS#k;<Azi*qrmM$~HAvE)
z?EoKM8}@jzU`NHCHsceG70JcK(nM@%=_wtUfPHxIK+RSKbo(%V;@z2*{$_0mtPXbL
zET82WJ&x%`hnKwc3?J)pV-Zz`<c;M*K4DQ?!!&zex?^XB&+H5Y53+1y-n6YU-Of`a
zdamalZ+dH(?nttzL-sG=cG>3_t7ssN*KBV+alBb{wdVGmhYvU4lbg3!dvAsA$&{l(
z7S+V$_?94jV1Mm{t3zsuL?u!vGI!J)w^a^Q{2MYn(_sjm9hn!s+4cCU=$z(0@pFIm
zX?fdu@yx`Pc|*tE0~j7fur5V0{Fqhh^aVepdAP|DQC<-){7@DVmGO3MxDwCbcj6xw
z?0Dt<OA&s+AHROXlS=qu5&Za{Zkzvy_b>m<+^xG#j*f|{Q}LKEkWlbL0|4d3pdbfz
zn@~rQ2S1c^Nfpy0;70s>-~{wls5c8g;Hz3AqRuET{0Q3ZY%Q!%nqFx5p?>ASk3a>f
zV*oIJxvW$)M*PUy(uxz2!8uU|e#jC`GDqYTY<<BrMxR;uVfRYqd|-t!13$<o0vO!5
zr9|>10^NWulXE~bbqM@O5?kpDXiZ!XBsK^Sl&w+u^^h|me|r+zc>ytLmkB7T$Z?s*
zk^Z@GMiB`XBLse+O+AGl09P;p<*iFgvhtPiDS_Mz_2K)KONVTV9Qct$U~E3EcYq%$
z_>o3GKWwWB9gD?A@fe>Q4!>py*}GSiV7G^=HoxTAQ)LQ2QXhV}2IkV|1L24Gya_)y
z@I$GgTtMXVy7xwx+=z4iX!5y?)u))yD&w%zx>B<6qbS4xuXArUp;E97P;YlII>bqr
z@XCh^-#VQ)M%-dinDV8-573fREvIb7<aq9eFjCgz<qCdy)tUg`rXV_VD~SS67QDj!
z_;B5O0h?L-fT&}hCzx#n?|b~#eQx0g^l&oy%Xxo>ui&D~b#t8={MZ(z?_U-6dBOI7
zIjDG0k#5))6Qgx~UC#i1EIrlgzg2s~4_%ZXLzrfEXX|lSd3vx}_+VXH0<4>iF;kq$
z9av;+obf-T4~QPIgBhP_O0O54Y|)tb*Z0;S?m)xtG_LXB{u+JEy`#9S$2HG}KqdKH
zzjXL<g_*7~<&EV6KVeaK?y7q84EWhPvxz%JmorS-I4AG}FZ0}cNT0EFd{}sW3_Bzg
zgB@vg;c$kUR$*KG3o{Ae&X7BefOW3m2L+r(_W=sdq36I>u5`oM3_s56mHxd$jkmh<
z^AK|P80_Whyuy!MAetR0(%Z-*1C9RS2ah6Hmmd5$duE(9Yvh%O>Vii%NFfjf60-0^
zkPj!ot-qCX(g({UPwqbYxu>_k@;(7SK>y<{P{wM>AANnr|MSh2@bB*z+o7vZe)skT
zue@*Br=Q%s?br#!Bvg<(POS$uW_#EoOU4phWgF<@Qv0mRVU2ZaU)o}eZiBP83KN?$
zK{8mJ$_ekv{9Jzi`Hf|KN{!Y8Qz;Q6iXR;eQW=yVA@JkjLy_6H2!)Yxff+*hRVbak
z<4&h?&#v;Tir;1-8z62(8qAQAM<#hi013~{drDoiuB6&03qMqmD`Pnx>jtqFCVGpw
z8={2kUI^lc9qbjPWS0KhxJMk1%J{GpIT`h`3fU*E04sor&t*BU?;Z$9R*JAjhkb+A
zrf%m`>a~kT>n-uyQBw9w!4I|13VKNxV7<qsi@WG%yGzz6{?S7KQ3C9cHyQi`Wv`Sw
z$dYNokMHddR1Z7>`(~PD?vY^Bl+O|#@AY8)sStZ$+z98JidaxAtJ2Ug0~#=qm8>ML
zkV=A1OO{`2nPb#WIf{q~>?DbZ_W3}E59$0Nq`(QR;S#;MHM?UUBgF(@Y6*N;gW=kA
zt`t~<THESj8~Pt?v~#z3*DgC#@>pFg^L*8M&q9n9m%MF9Wm=&JwYC?}jMLHQv|586
z_|K0tyl-jMh1+*lU_)1CHU#^ix@C_RfFFL?<N>^KacN?54389|Ig^uPxxZRF(z35@
za+#U6kJ7xshBsl~^KaN5ru^vdA?)h8UBy$FT0`BpEfWDd>@7u;-Mn*0`%;gq?B?y2
zK101P{c`ZSH0G1R9k|-*_H#G5b7$4-(ub;TY^V*R$#hRdwj0Cb{h}k9)}5{QU1d+)
ze&4EI&$S;sU*}7vPf>Rqb<293RO-v^hj?1Cr_K08zi`^#)nRTay~#s|JWZ@4;D4(o
zt|3N-m9}?9d~I*F$B-571D)|PKHYuZf9OSrmptA#JmHfu`>ecRPgtd&4%BnI8LNN6
zrSzVa_U`(r4bhEc_J(k9nHcN8^W+MydVGH2Q-gk}#%WXT>S^+m_rk>ROo!~z{gkfV
zYzLX}H0QJ5yJJxJG1<on>gPnX$Gdow2inok3k6+f%F!UJA1yl3#HT0RT6aZh@4;TK
zetftw<xsZhtD<v?T`0FRWP1zT6aLB!4vYFmb^ybp2-c-2h99#Fei(ZXojIZ4hqgUO
z_<_zJDt|&+IMCVs?MO(&kI|<L{P=Z9__+Sb|MTv}ANcu}>z5w9ef8llEja*xzxu&d
zzbEX_MGDBY;RkWiFr}`PC%Fqh%yC%|BH_o+4@Zu-w!jb0+N23ejPL{MN<l0h?I@b5
z$Z?rA{E*os^9IVf@I&U!2-2|fM0D%6AU6>NYGGjpMizd+i5MmD1ME!h*%jQmJ%B1n
zpgX0^-{SMzwgrohhtq=}X`~Prg082J*daU6h_-?sE+DZ;$pqHFxyK&e->e?Rd<6)#
z|7gFZDVv5ILllv6p_ddPeuN+J;JkZB=}!L`^<hetzqMC1wSXVhumFAt0}KT}_7i&#
z$hQFaamRKW_7Zt2NnjAd6!7EfwWWJ^dVA&Q)@|i|Wz}dvbi#M9FmDB0%TT;aC!eky
z1(*@nL#$~Ai6A#_B^f74pYQ{{TTIRek`LYf=o%t(aWpKE@S}Bcz0<;Y>mAE=3&7jd
z6bny|V{vNrjz@=s@RIQLeYLOdE)+yCmk%}jhaV6i!2ScXWhoAU{zFG{H1q)V4er@f
z?Xes8?5?)DW9Joq#BCeGR*?>jc;beZoNVEB*8_govRCUvdZf_)xo`5hk>Z)P57ohn
z$~O<@<N(nUkE+iV{GicWjA+n635H7`tn-6I^)(}{bga8!G?^CsczUqmIYvU92rgdO
z`r%p|dR?}=o-6o4xeEpXd*2OUfBx1WK<v`ARVfGUAAT%6(Y%EaAVqU?k7!zVwtns^
z!_5x7Y{M0u1zOMo07&?%neGWy4+yMz1rG?gE~X1Vrgfs}ofgh`GB$>DEYzlPXCNxE
zhJ?#=W24Y*Aj1+?h>v5hiUptU3k*Ll<P%m57%~J7Zcuz?r=@%MROuXWAdaVrf0deo
z{Sx8F@kSdXjBwTC>;!7D-p`4n^LW(IuBby6i4KpaJA7sMG38Hg?E`+$p7Z@fbzop`
zTUPGT(-?lt;97>uZK&Dlz3`6?*NIV6!y6lXbbU1CWBq8o^RmManE8bFmR}s59{k`@
z1nUxmA1})O%9<Tg<*H=xUBtV)sY?66<PT$WP2q<y$w2HOl*;+|?RE$n3`$S!KK8k%
zcl?L@mj33K=l=H1PrvqCtM6Smuymlj=6JO5;OI9t9J%`Ot^XeE(65IQSWgzhkEgb5
zKYmhf1&x<uFaLnpvpeeOL=Xja%<^){Lt#9Jj5RAwMSARdbkJWO7yJst(BekCrX-uo
zfgduA9(#u8KRFa?3vL<xS5anKC+c7*F@xBOh6<{+)viL7twl#esCh-Fc^-{qR!T}U
zKSo=!x)(GNjqHD6Q^}ZGhd6)V7`Y4C%$~M2JcqqH6h@u4t!ZZcKT-=n6c~do4pl<>
z@&iG6LPxamxNwXR@pm0w2jg+9D<uZpN6Y5Siuzz9WQ70#hO4197&uf$cZyascn2{v
z*HxYrV$p6KzEsA{2x%gyH<glfmUd!bKr2MDB8W~BVa+SykxnusWZ^GjcrLSB79X|G
zZ%E)Uc}3be!(_&YUB!Jfc_$G%i@bkj>E^B0@Iyg}53e>RA3I7={0f^zRcVu8$(F0?
zkT!84r2%{7c(u1jOP(olvdHeK-?qYw>X!8anXd|y=3eNz@R`%&kc^M71Q5ijlHuTW
zTjKt=yK0ygeQFo&8;%a)j~B?C@qgGH(IxRk1v+`u?(~1`bo4o`cB2OlHKwx*(BU|Q
zs<FNhZfHx8(6{B>t+dCTw0e4^&~8WT`Rzs%_Te1OxP6MWBTB)mfKrfW3ih8xyLwSq
z$?cFJc#X-f;jPQcr<$EUucqA3=_M}`4G+{_`gJko<&b-|Vjsr+g#MYm8@%8~E>xGM
zmk+$|=5FXG19f=mg|}$vv0gK(9!sw;&{M~oxkoguJKJ<y4_W}QB8||gGy>L?nk11;
zi687K1DMylqv91Y;}cCgA&h>1HlTsx2iNGw=(i8*O5BjWcaym%drz)hjZKU}Wt*!>
zWgECIMw2d|@qX?<^rBle-16=lMfalYv+{yHVWGEtXiZKwn0Te?@Ja7iyW^CON#+hV
zvQN+4u}V?r>HY8mfr$%#j+ei>15CNM|3s>sJ-EN#qeD)&&$D_zl&5T1CG=5%D|)2W
zDe7|G&<@ja-Xh<RvOh`3yEx-v%8}CLtkokeTGg%h!nB~MYE^pGFPhHlNspmy(O0y0
z(a&!s@S~rBB2-s<i+RKSV!=>kJ(=fJ^y18;2-d|fh98$3{E!#`g){mK;m0V#kN@G8
zr~mi67hm=0=2b_^sutC$T65cQ{J@5RS3j`w*ZY7U3V8GfKh)nUG*8UWO?51luK@dr
z`2?UFHkUK-!-ntEw1OTXDxbr^56AOE{bZ;XQG*HzKXd>(l~eLDWG~@|H0r2DP|^wn
zZr+1&)U`Piv0^9p?Y5P&_LcN}{9O0}U<1~J-r#ka0ifZBp#qS_@~#ynSPXtR|7fV-
z2hIF&;0N_Q&x0QwQ4q{F4mioTG|nl6ANTGoQ7evGU4D*5#?t6x&z2E9Jh0nIxj^^<
zy6!pawSFkD<+dpN_}s=4WWazR!9v3iTK4LIut3kk5BTuA`|QfWoE!lRn3<=9d}QE<
z;0GrnTfGW)AP0V=(XLYX<|V>Y1WwcO*f`C!qRm70k&nLguu*mT9@wL|1&1)l?B1z3
zm?r$N8CurwB)Rn92Nnu|Mu7NHZ}@>Tn_yn#_~aP<q-eMgAu34bg~i~lWAVvW|L}t%
z1lYF)B)b`+PIR%wCtJA@Osby^)PdYwv9t{HUtpAZzTt-#$QGS#fwQ41DezjfbsXt}
zZj<G+=#hTsU@fP$PuuJqe9fCd`@os~$hr{DDXb)yZEOwFK4ba}Kl*H_`^dyqdNs{I
zVZArOxiS00`}bD+haZz9j|AqN_I^J<=kS9DtTDPr`=@tltNlSlfnAzjJ`h~aJqp|<
zXde%;AV8w8&3{5}fHS_c72Q>U!2mD@-Lb2hySE<ZWc4G=B7$>D<B3J#k}Uj~@rhQS
z<5|OL0l?eTw{WS>A<0$Q*egWIVVxk@Zf;Zp18_Y8@vL(TKQ7o47C(ndchu_Rs<n3P
z`jK@ZpWMDU=;`q{FSaj4-gE7<BrW4lGNau7DZ&Oa9`iUoeQ5TW&Y~2gPG&H@wEKr2
z5lJuRN5(maAN>s5=o4qzP}75;xyU3Nre{sr{**H2ir#+JR2X`R6-_ueSZza01DxmJ
zo{Z1mml1x@X-P0Dpw9@@7dFS<ke){otV<GpoRz*etl6QC0S1ZzD7>MfrN#@y`g!P>
zsVa}7V$J9R($=BXV?pVO-N!!r^o~EcZ|U#cw%`xIx_sXDJtM*C@y6tMb8IXDlkQ*a
z9DKt+uY#gjzmZq=3JlNx!@WyC_2hF~kDbuPqtHM?>_Cj7<*LlzDrg&b?6;9#g9$^g
zJmE}P`o`{nxSmug2>H|o8wz}*ta+uv`lC*Tt5DFRcBR^^U~M9B)UYLnWO(}Nfif)<
zAu&T`kQjO|I2Lw{^NJ}oR+)d)R)~g*Oe*sOWA5-2)bK-|qmQn$1KGI)Wwf%;)u`Gr
zT4;y`j)rPOIhh~!ETg5oEt+Hl`qHJGPF%WbO{oEf<ZZuXR!96B%{$^W`;QI;DSA=p
zLR&GC7^-VGmAp&^<P*vrT^(Z^i*6;+?onI4O60-F-wqSQ^B*11UL&R#8AOpd)*vWI
zF{w8~WjK$y8aKI_A3zbB%@B*EiPYDsDytP3rx0<Zc$$Q_d87{txJA7lzILHgOGG(*
zsMDvcN2o6%<bOzR5tx>-`_|EI9$E`}f+~?>T9DZa4Jpys!(QwXqFiiut-E$totN$6
zCBZRr4o#tzAAWp;t$p{*$yWAPGzVg#S%6v`4>meQTdWa_IT{y+aUosoP^~kE)HXeR
z#$V6r(-Ro5zy)4(9p|RiXmrPZezcjp%=2Wg91{h#OJ^o%@n{&fX4in#enf#F*-G?C
z!A*U_Z3oa3$L-6NvTB@J`@BGQ52m7L_pRC;!*v$50PC!4y(kJa6)g6ReKn`%3AvQ+
zB<43mEx(_1CdT24$i13!uQJ+oMRA7Ao_yzEJ=<OTzZ`yXtne72Q+;HeeJX(^wYuAE
z3)@cdW%pON5i?=z(k~DPX}mg|qc~)b;@Q!(s5M{*u3F=iiN`g}?9N8-DztfVwm4j0
z*?TN}a>WwsmC9F5pV||*vw%7G#^`la+6QKKqUmqvkgabCQ@p9tgq}I_J`cA|{4LlQ
z;~-?|P|kLjoND#x;jG;I54~mKC6D)wqI*m3v+}$?Vb$lyn;lxP{$RD^jd?^B7e2*P
z>3ZVrA?nVJkI`@26HbQT-))GBI#2EcQ3)O*w50xZTjL%BX*iYeP|ICUcfu)R>D}$K
z9kNJt0NG==S>8iA`}&Y8dSR+aboPpN=48kPetM)q%im>x0=JYu=3#RmqVC^w$Wt}<
z<bG(4eNoyOx4ru<oX5B`mi-|<_v!mrk2kxbuW0Y0pX0ThJBrSI{rqIlp$L7W!~qPC
zB3PHA7=Fw;_@R<K3gL(Pkd)}@1AhEH!Vk#dn7d`i$)PcsV$w<~Lvj4G?E|lWXytF-
zI1lP#O$9&VKHx{D(vhC+j&k4!{QcoIPIM3A(Ys2qfgeJ<N|pDnbS6PB8Wd?CVwsKy
zKV&+HEDLreNfY_OfdH-4*PSfC+Kp?A%#U^@CcFel#$d%18B2s9?*s~M;ovx`N2(MR
z!Vj?WuC;7wFKW#VkH!r{p@Bf61%CQ`Ks~_WhcY?Cv0?88KahVIoTFSK(Dy<KavGjI
z8njXaKjgyTRsN;TPGkPf>Qaj4+XQ|9%XwWUaQy7aGVvrA0>(fWlXmMCery>IF>^xN
z+6U8uAE1w|^UIpwvok=y8SMWSeykU)OQldyFat?8rCO-qhjJ^q{<#wEbscFpf_WRC
zTJLQ41FJ@{14GLoRw3C%a^=*eBNu+C^O(jRH-*cAAJ(tMzz>p1bFtmEhFe|AfnXe&
z4aAR6j(_WbW5|giPC6hH_Scc~%J=xOhGRH6IX*4;;YFs*)Y^J>u}^G_X~dR>7aQI2
z_Yjle??2z@G5S1*@Pme}bEC;WKVriuFekK}c8g-r5GKxTkPog7X>?}QNJ4Q7eSe-o
z`%v_<W+d?r?cO~$Sl{E#ghk=U?ND5}(b->Vqc)aPIMG+SNkT{#vuhAWAnq$Vk`MEm
z*Ug0=d*U{Bd)yo>f3oTHx`*7$yw9i#y&Ue|;~yhTfgh-M9zNWlv0!8p-p^r|_EqdX
z<dFf#o`iPkrw3a_mk+%VAVL9rsK-4AcoL0jEgx>Zlsg-}s{rZAg)xvE;58uZFz!R{
z{f$+G(>yzz>@_ka{FvE^&W6IZ8P&vi?o-LTjVo-4;WI#A-u<7F!fZU3b)MkIg?z$N
zf~%em*-lk7F@lx*e9YoWF9N9a7#XwC&I6}u(0zFAh}tkt``dM)?{hXWo}Gp88utMQ
znE_tZb;WS<`e#b+^LlJ%@Pj^Ra(Npox2>Sf*N&th7}Mrz?MPCQh#Ib9JX6pCXbZy%
zKTW>HN45vN@7YtM?^*9&>C9PV_|ZSngu5<0h_kasfELpX`zr|9qEi;&0;!W}2e6)-
z$jT`VrFR1u3>Q6R=vU_ue!x(K9x~juaQV$aN^{F_0K=mQ)+Gr)e)-}gYt~3QffJMJ
z)IbGO49d;DumNHnuyz8b;^(KL@`8PXUs$m75AI$3+qcaB_xCLM#FNi$8$6-10cy?g
zc)9$@mP3E~!17=F^4wp$UO1woe(g(7fPUw;`G54a<)53kb;t2j)VHJEQYEA!6x}PE
zo8n6Eo?8M4LekkFJ0OAgt}MNORq6GM{Mh$D?S%A>8bA(Zr9Mi^UJ3YNkjZV^oZ;qG
zt4r6cEqMm!a};I>B5AH(xoc-YzXC7ol_$fcgW>Jl%XAMvx3R322i>s6J~&^uX!PyN
zN~=#s>P&rplk-vy!So*-2*15AK$i%e<Sx@bRBbB?Ka}BlYB7V!p)p0JI*9{6pw?EB
zL?2z3<IoOq|BtLKgHJmYck;f1l2-M4*&qZFxR+(AbXl#Nwv;m|7iCq-N$r5L&G^|N
zXG{jA%)Y;`{Db|0$1SekTt=`#%U%iiVG4p-U}mt{d^br2hMq@4fhaT~kju!jS0#iW
z%G|yqYKsME6QWx6wym&Z<@<J(-n7_RC!~ECM4=12J$|_C;SGZEVv0t@yb>^3QMIaE
z6A>X<YRo_vvGPvK7Qb?VqAYl&8^5BCLiGXd1p;cv7vYVI2IiFBzO4L@Tfn!ocGLFC
z2iAmM1_Qhzo_WFk9G0Ztes)vzlOxR^Jl~)%`~rENYT-{-kJv!uiDtLQzAZhKc>Sl8
z<}5#)jL`@t1VbM>(13YZx9q6W&*8Xm&(FR%X-A)%qG`2Qy*rNm|Iwq(qQziaZ+5R)
zx*_k|IpS@(2FDB0@OQ3oZe@Eb9sJc`(}~r>fcSv}^~aAjvy|vfi^VJPjN4~JIi+iZ
z^{*aDRj~f;%k0GkWomINtgNuB_bJH1A3N=|=i$1OLIju9BLhu1=^tE^liLR!?2#kQ
zvzcpWj(7tM;8*ZDT%q)H=mXFbuHRaDP3B<@{p60F)nkor|Cd9bx_L(xe@?GNwM)?1
zu2~<wNlufbYo=ZL#TWcv-LS3tjs0~mPz9mJDepP=?X9^1?ui-S+2B~NBo{B7O<1_r
z9rv0DF7SDSt({T((Id^P*Ew~Wd*2UPp1$egI`3{-)KR@YFoP4V6m`bDsRQ)eM~^sY
z<hzIJ-p^^rgI&6HXBBR+Ye$p2b~`pO*KUsaME80Bp-))6<mr8bio}}j0vGHFOV2(`
z37;f;Nbd>nT^*d|vs|Fgq=Otjy{Yg@p{EbdNToYIvxk=`n_O^**&4Oy<UP<oyf%Wm
zd9)j-^}v9tpAMNT`p|@DmN#Z#6}44AdU&9jy$`?@4L5KYQ{B7QxjEAT1L$W*o#`6D
zx<0uv{;O3vranDh99SZrHaX#qNZ~rY=GhP+@twPBaHYR#v42iikqZiLvu|Bm_Fk{x
zh71FSKU-2NdZUcH&I288*Pq)It2=hlSG0H0b86v7-rHr->*r@SIZqiFD1K^VoSor8
z2QWN}U|n)z_%X}iN42Z)hV{7i;0Fnnst9jp{y5H07hItlt{WJ-ZQ0&GynpGxxq1HY
z-@W+bPdvBv_zAUqtr;9Emmc1H@YN42`_=28`qeKz`QLx(3DmD%_xOKz-Q$q?@uv^1
zzH#xcJtv3tKB)Wy4L`yZybYRx3SOr;;hh#`(u&)-d)5$JmzJtFVt^C<j2eG>I2!BL
zeE6{d4bMaAFCySarDZcYvH}93#wDT*dO22wtsqIlo6(=u8=fguniVXHwK!87N|fFb
z5DT2%tJkcXV!(9gj)1lg_56^PwJ7|+Oacl&EO3%uFR+rz7oY2QlqO1J0r_a^e1%k1
zZ6fev=cp65zJFI4eJlw45W08g6dV1(DkuwP`-6ZV3#jKuA^d1HBTAk=xN20viGJV*
ztQM>|-tf#6oeG!}kPi=joQ$0ep=XCE*oYq{Rm-4DG@5<E51IL4u%AwuBFGTWFTxMy
z1#;2D4-lQm-&-(ZqhozFjQiO7sQ0gcqvS?}W$Dsh!M-zRCg}jqi!M<?u-<#U^aLa6
za(gT{OgUZnLC3+p-(fbo2*KOXNHUg<ID2|zz+eB;p``Z}f$z^Wo-*C`@uK8K+v*W&
zWK9=-K!7GUiUBWsJ%07qE}n$9adqBBSjRo%DmK(R+ylYBzg!+<V*yhH9~Vp`egto8
z*|1TM<=?kD$nDaNF>4W7)ShSixaW8n^17{+8Q<AJ@bc+hBWiPASR_~9JJjGyW?J%s
z&NR5(qoaC#U}h&e8&(7FV)`u&pXEO3U{~L?c#8W!gvGrFF004=rwD#bP6a>c0vF&3
z3(rk@(}v&r0}OJD29CmKIrr+LNCTR;Ju%*+lhCQtA`NT$4=;#C9%=L%@W4z3wEyYd
z6ZTg-ebTt1W2cn;TL<dgANp*oDTPCNpi^^tE(zB=oN;e+|9r4sv^>428GcMDct5&g
zX}|H1A0BRGU(?>WxZL|r?g7XwCqpb<^cC%0(}Ewlub(id=hK_wq8)yn$s42agGUi8
zh99h#6@G}4O{z#ygf`a(Y}lFLy3CX;fu#)6(I&lX5s3Inr4bz(4IbY$_?dY--uJUD
zAA4fk1J52jI6R`(Q*VaDaj@d~!D|=nyz=2qSN?dTqaST}$B#CA=&`L|TC(?NJB}R>
z1GPnsF;wuKzz=0)t+5C3CV_~2nri0>Rn*JknRZo~mMg3>cOani@jXFK!^vtzVvm}(
zLziwGrFsPmE5RB}%ZRTar31XIvyZE<?kva6Nc{>1AIjcbS*=u?@yDMneA<0#L#dHO
zy1~V<01Aq3*j#eqM<9JiWCBX3`oP|BPJV=F^vQw1$%$!KR-Lj%B#%crw*!kNsTMYD
zAVx^01NXYznaD?hgca~S@9`vqT#%nXUzQf=LI!>~hUcK96~1G+9i<(O0?aqUVrvNG
zRtyHOTa-UOxNApQWUde-0A?O|*5(bAH4ID4I@M9DB2lgA%cM@%Q^r6=Cl8qtaA2jb
zCtYqVSs)}qPOBMyW<&m?9TH#mltL$uD%JY{$Nv6RX7<gZk}&*Gj`5<kqk$;G7as6I
z>6ijsCac3rgDcg-%Jg1;qEe=;XS-TP?t^x@*Pm09_V&d)`QlK$`~KBoZ|ngj1&V(D
z?Su7#E2WhE6=oGcxAX$;S=~a4{%7ajQo$4+FSVS8LA~$?j6N}_3JEULjke&6^xVN#
z?}gE%E_e3L*yO|~H|7s^|9oi)=I`XL6GA7neuB+#+Ed$U;>d8myg1;r+D8ed($6XG
z4^!p@u=;@?5V3_frQQ?}PDJj-rN{)G|Bmnj1QV9$WZ;Ji%hL266wEk=$?V>A+Mge7
zy!6ZuSOEGSRD3GB-j@s|*&q}gAk4Mg9%7dcye<vziohyzTjpo(Zg1>)&!LdgTVPsu
zHg!dRfF$M6s5czr>k42eT+Yje624w$5ZJnkw07?>F?Q7444dhmXm8$SmITwur*B`D
zAI${V`KgVC!4AOBlblyKoyRefOM34uN>4<noPAcF?<efl&qi6=O7+C?7LAp2=qh&<
zR5b59R|`%$#jg}_>gVAFJmc>-#aqI5pLZm9SQlY1k-xs9S_C$*L-vzU`{nJG+$1Dc
z_Ke_AzaP;debGn>^sbcwp!cGesjD)HxlkDou3~)2V)*gWuO^f7TZy~*)Dy;sP`h<n
zAQNa7rKI%A%KZxV5Hmz+&%tXsH|2u<D*O7m_*CnyF7^3O3rmo>0&rLDfS0<;qX^ce
z20vbyV9gpC_(6=p^WcXrf244Nf(I6UR7hA{I91e>`bfQbFiQ4@?E_Id2v*>YI2F^$
zBbbTbOe*DO?NHR*RZc*=iPR^1gJhtZ!WtT_s`3#r0e9;=V#+RI=scbZeyDVoiU&WG
ztHJis05S|9pnT8H@;`1WfxdqrI39<RshHy>@IxNEF!>Ors3aEZ>K4;&2q_dlJ{bJ;
zPyqjeX?dk-+NbU8y>(k$&C@O#!3hkI;4-+o`vi9g?iwVxI}E`sxJw{7K?4N0;O-LK
z-JJmjIP>iD{+{H0_x=LsI(z-It~E2Or@OkkySlpSzK_)F(Y8xmX#GgvoUUkxuxn?p
zs@-qwOs)#)-uGs$c}M_Zn1t`8azD+4J4`uv;Dt#b;*6*9TMbxYft+X|eY=B(^9Bg*
zQI)6YvuN-#B?PMY-eHBY<z(a0{5XuL=0iZ4Mi{9UPgp0QQRnXV0~7el;YD!ci(Oj%
z2cpCk6m)q1QR<Fr%jxg0<e0wuz0GhD^<{*GA&>=0NWK0h!eh_W(GG(c0|{YtyDH%7
z(WH*Q_4=g+$*H5d3%yGk%<cCF(pqt6VZChhG*ZGR`fb0g6XN^u^kk&OSFNpK1$e77
z9A$*Ol<N<)P0*WktbjMuB>Bz(L%}Oq5B*7Ki867WXB{b9+&Rot<GMKd3aq!pQ`KR<
z+wsUn`{`l5mTa!l|1~Q_Uo3npVPrJ1oj8Lil&W%-V70Xwr9GgjShs+%8(ui5)$yTC
zh-=PYzzs#DeD1|XI?IVUXl3u0a2G4_7tZ#dTp@*ld3%p<Kg~(d=<?W<|GI0E$)cc@
z^%h<z;^IaRLHm$`!{4RprVeTn4!9K9KB*dQ{KbTi!czPe5n-QDZb19?=P1yIiO|Y3
z#fqJ~tua&d7y1{TULzC6JCuMxBe~aRaBDvUA_2z;4oqUFu#j4K-E*+3L9KvnPK}Vz
z9Q1s>$^EmCnrzb#!Jo+TO+nQ*kIz4pM%G3VW?&~ps>K9==*0OUoR!cSS2$!CtazIh
zCEt(`lze>X8YwX1%y3aRaP$Ry11vVCD*?CADP@XHn1Uq_=AupJVh|X+pMd*-|7Lfs
z;|h@R(POmJx!n6Du&~Uz0Igta=UAOfIP{R9tpDDVOt!DD<C)RQT}j5G)(|B$gzZZf
zDx|}9@pk5?6R&>;tC|>mM+Q=6BrLG4%ahN!u=1R2+AV|uGo+bkU<xsCeI;WN8?_yH
zR%+dF3nel9>g?|iyduIQ{5(y=izco3eg6!WEgF8HIhuuUF+$+V8r9W@M=s1Pw#5!X
z$MjQW9n{k64^X?Pr#~x?Anov??j>N!+JCBlz8~^?{QZ3M{Mi01!MdU-r104<Y(}*B
z@yhg`<$1fukLmu@@aeD}x{EuOg--}9Z9EHvM9$sIVV+yfhDpeT9?864U3-ZNN(44E
za}(ZcD&+W?9j}fMOw!lkmE~tFaK38QgfLX^mVBjyekxk25<k$5z-hv<@7}3*sU)X6
z_{1bU@mVTUYMI?c7pnjxjA}jf$_WPe!x|njEvb6Qvrq6|MDKmBuzfQ=U&#)Z`FgC0
zLWB<`H71-~8Xx@k&oB1`L&o_w>9w*^%w9eEZ>r=u$VF;(j$^b#4O_vC@ySd82@jb?
z*Y^WnW8-ZH2HJI`8Bk==ciTP{Hy~+Z-uw><Qy{LJDer;<z4>L;X48fIH!3>^g+G!6
zwdOv&rAzd~Hgey1p!@^aKJp3{nDRoFto1reXa+%R-U4Ut?IPS1lSn61Z!W)@?P_xo
z%Hys8qE(U7F5}tPK(1kU`M#zllQKCq7(xsk^n*4$-&vkXAOtQ52J-&KDpHjH;H_1Z
z-7Mn{<fAfiyt<JOu?j(7j6THw4iTO8gR&FnMz0S%!7x(*u<4tI)g_rcJ_9_+M1gVb
zG8)4lNRLbT8gw=L;18?{22vMRu7@h(oUbDaQJ6nQ0P$MlBw_L8U+tNov4?8-f(Hq1
zORl4?Jv}7dGQnH(SFb^8qfyCLY}VUM?j*0SUV-Oe$gs03dNl7F&cr6(p^y+kCf<Y<
zG}2oZtVyK;_mnQy5fys&w1(VaXu^Jp-`7HSB?Ha2VV@4zrsF^zE-h)HKeBZp#u(D6
zs34;}pKR0rAU0~1X@9fzHzNd)6nn0=d6+{>xcqBnvhg-?J}Ub<w_o2Z;uoycAD=U8
z<UO7>#b!jhB6r2$8sfp!+4v;`)`pb5t**m>hy6H~7C6fv8O|E_C8mUJsi+cLx@$%N
z2ppD-kUm4B=wOJSC2)Bq(;KqFz~8*OgT`y@q6;k%U0UF>afmQU%Qe9AC(Zv33u~FJ
zh~9V7!mf=+C*vvMOlGPGCIKvP5~9l%InD`nfYeYK3~~v6<ngMiSI&ls5}<(8hUDb2
z-NTd{tEx3!n<y#BjP0B%hzH7um!9X6rQ>~uxT9Y(u>&YnkkNXrBsyZ!U&^sb7?R`I
zPjcyfE2x62D%13(ro<a&w#N+f2Xg*?Swk+(#2DFqRpNqAyUk2NX(|3m{<p0qqXoze
zM$^@uY-q>el!G*1!IX-#Pl+|$`~E5Jo)wUTWPpm|v`2(K2H$5yR!jfv{0c;=RsCQt
zn;rZ=<n59hsb2n#bpnu8*>2RvKXdRNpWNi~t+R8Lph%R$0mn~s%8p96?)}BE+u_ax
z1v}>10tVQTCoB{7^+<?k%R7ki`yTl<sjaS<p8$w)j%e8>)+foZlD#B<AZ6lFN6cVq
z9lrZo=*10f0I-)s%qtY8(KYg`Ffgj0sW=*EVrCJr7|?Y@x~u#z24}^tSYHMn*gUxr
zz?3A=FntK7E+j4l|LEP6gWpRi5;4TTr_#nCO!cm0(_A^95)}sKWtTO67Yv;B&+~(b
z$oIQaOQA!*v5FnV-`T>dlc|>Zg%$wr2Nv2zt1Vt(v?*2pixfP2gwY`Tp>ki7g$SPL
zmA}nBS-$U2n%;(Tt*jSGt@f_(n+FfG>HKH-T(uE>O^HJ>wNm(@yc`|rT;%6_KC4Jr
z^ik|92xLr~dCMiP>!d0dVK^<-WFKFF9Cq5?@TiLWr=bx?$vd^+xb(hW&{+J5Wy?O{
zRv-P+#q(WBm}+5cA{tR2|Eb86LdwKA5?Ro7*Eeg`)Rz;O=^qJO;>6$a@^NpLq$fY&
z@JaQ&R<j*S7FYgWSFEnC+*ADy-SH(r;~XoB@qjU>qn49S`GGV8hKg8%MwwfOinVvX
zApBXMJY0{DD(4+RRgPy_yLb!#r_)KlA(D6%so1)dpnUy~83HV2X?h2R7UaycH!GH+
z@%_JIC)=@U14z++3+Puy-3X}!$sX05vnv;F!)Y}3EV28}RRwGA1|(JmxI_gdl1|Ok
z2VE;>nDf@Q#+waRQcZ`-Te+oWtsTXG2Kto#J*IPTN9BD^8dF0`ghaM;-;OZzykpR;
zJ(*ifK@_?l^VWplOxRrdP$sAI0@SNrBe{1Ndu;>L7C1iBbwq@d{iRDrk2BCdD!AXF
z{96C4YYM!krCpXc!H+N=?i~1v5>tklwI^?y;0;3T&3@duKsf4p=t3y>y+t<+(TLL)
z5;yt2&dwNXCyN@2VYiOi85120%<YM%l)Y+Cx2(nV=k<I82Tqmb81EOQLj!HyjdW<{
zLndM1sA{A+wijfXD=>ItGI&t&C*Vz457V67UOmJ!c3`(Z5ZG<5=M4V}q*funXkcvx
zf?2ZslSB|0R4aw+S}0q~`Fdyq`Q|UcE?j|EsMuhT_&h_K`d<pjIC;YR2)Q56`0;#_
z)DZ*Vp;mH!_)$0x6A{dhztcb`t_dP!23k38{xJ6kZy%w;pa?0D5{Ew9$hY$RT*$$w
zveOVb6E8sh6pCyeRq=ZhE>9v=9q~Icg;^vgQ3@(~4S+rI6wgkIdsJ=>QG(RcDk%&C
z&c7K63O5_|zfmL=#=o#{6--8+?E7RsLgUygkiS73U5L6cnQ3Z?k&PAkp3xoCwzzz=
zU};0T1p1E2IA0&QMN+b=GjXBK3F_jA8q1W5^uv<Qklt=5_am472A2?`TfLAZX-G!S
zjGf4nyfA3;)riK5q(a#JsQWeXHqS3og*{`*ljo58?zks&qnHsk_9X^c{ipSg7>&Fy
z=4&5T29J_{u_F7x$15Jy;o-7L<GxZHN3k@nVAP1)<#&mWykF{n?eZhD%*V_tjMqSQ
zOJUbIzxSPfc`P-zj8;;@<+NkTSenX5bgyakcKQACadKu>!ChUdzZPdnuD;&G<tj;B
z`c?<)AB9YNg5OTMd3oTixx?4{7-1Y2apY*AFHCj*KpAvsf0F_X6P;g5q{&Rp)#}yA
z4ee)OetvxP<bjzE_b2O}-%4npJ$4wjUPLD#VKFC@Bg{e!2C`e!0t3eT{athh20@LB
zmpXpOxfa?(n0C2mf-vtD5peYqB+k0r2}o+s{gw`|iJ)KHO8#SH0BM3owC8c+1<_$f
zLBorEdvw@}To0pEsmNr2VBUlP=`Zszz;gx*G|(^@<Az)iGGRO%rbI5Cj=;nZlxN&2
zSeTHCZ{U_wt?f&;qHb;3h#a>6jc<kdY%_&Lu^L9hfp;-$KwP~Q{hH7;Q!O~v6=|`L
z<P*NFFUwEhYuahvpnP7Bvp}4zi#0^1ObHak9%3DKIrERPY1eVcev2Q3M+B7po#63k
zOJwL?jK2>fe_73KrCVM$`dy;s>Bpq2t|U$52RUbxvhwp7bd}QCLQk@TFL)1Vh+sTt
zr`8`_^rs&hat|_OD8K!XLKS@uq9sLFUI)w9NK3a#5H8LJ?XZE~t5m&cojO*gWn53S
ze`utR#%xu~eK3vn!Y4#3#VR7wp#P*H-4P#{^0U!>FD*N=#L(-}?kU#FSU+6u7lQsT
z`W}OK*h!94TERbaPQ01O7#Fu+(fHyZL4OF%-soy;$)_N7Ef{)bkI1MAR$?oM#Kq+0
zZ$@$l)mL0M`DmCt?!ptS|83U&W2PKBVRXgJ!-Mo_0Epo67DRYt`CuYKQ&<R$6~kA5
zpyE>yx~J4G0vOL|O3~s42##JF`J(EKBAm^Yw8x>&mGe7o{{#y(_Kpqa!m^{6JW45^
zT(^N242!CJ4Wbvt0{0)G1p&D)#i*`+(Wr=&%3P4?z_KfnHx<Y}f+}*4b5L$?kwLJ;
z+oyG@MTIHLDb+xUF&jTgc99w%=?tW_nxzOKNX|?m47zbpGvqUoZ3bq)<j^mGQw1G+
z&L}M`!_Wnmt7S~AumC%K5r0UKCk_Grzx*8ku8TNbG1>?qd86Mrzrw2}B7TOubC+dH
z^C@D*aYYxx=Q)YC5`alRbeuJz1v5CCtG|gz9Lr@MnfA{+{)L5YP!Atm{I!|;un<fL
z7d0-AtA3A6aa1ucQ1wt3a&XWf%^kAj(mN-}y)%h*ldqj)+aTK?c9DFZ9ODEfu~BCC
zB<1fC6R-DoHmXB}F57&Q{Q!_n4nk22E`SRcozl$Z0EiMwy0gY}+SBYx%ucZPo<_sB
zs@~AMR%KR9<i|`T$HpV7%+e8XABtYTcd-z`3fyit&5(W)d5W%{C*%JpmKPoC5y;R_
z#_>^YtlI~3gyvNfci&=f>Ry<2)H~ZL&8Qn;w$vc=xiykOvv&^URCU#Sv{$-)yON3S
zs$r#ORu0CpXg-slOAPNrf5`o9O8qY>!iJlE(^=OrENVGN78$b-DN2YFiZP0V0{-+~
z6h@@L)a5uK%|1^u^%-c|>)R{7><=`}YOYCQgtBs+A4A=NU|xR+-5R2Pk*zukNWLaE
zGv-KG;AV3&oDz{@!o={YJ{>gwC}Zi#(D6nmN~NYk4d<DAaKv1@3jnG6PQ=ogoQR(H
zcJYlqM~Q?U!_kgtdgNLsU_Og8lse&j90ZM>gQcgM>o@f0D5&p4v}KWgu{zV*c+ca(
zfj#=N##`e<i0H^;Eq?(Tcc~Ytuh*rDV}vI96xR^XanDg4sN6t{vfb{KIfc}@4chPH
zy*sCC!*>6-5mNmbXyeVEF)bqokSHbv_s!y}7zMslC4Z^c=pex-w+VGwmDiQ^CGV;X
zp6hbenPq(u_xY>gX=;T4IuXA0715DM1g05=#Kuc3f4@Cg?2OW2XL|CYN)}pOeo}^5
zY&<N*)?Fp%x@=Dvj}^nSjCQ2o^kXVCkmwfuEk<7**D-bAf?3+4vemR))WWAc>Zc^A
z7&*qHy>{|1lyntpT=Bv{>E3TIkQvvq;nk~9P?d66km}m!of8h<3v%m;IsHVlZ$_iy
z&dI%`52)n8?rtjxiZb&~cLt-br-|)<VQS>&QuYo`W7B#w;uYngjhj|e7PBDx5l}rE
z%Peyt$_NqJGvjd5F{Wl2^jSm-O0WBp%KuQ_BpB#Gue%NRHp8^Ej=;?iB0TVi-s>OT
zX<~dc)`-mP42c_X8b5ozd+`>M^A#CGb59R3f}E(-Dnmy^P7}F6aVL~+RvZJhw!Kap
zo>_0Akukt(s|$eLAaxKM48-x5hNT^O@&SdRtOJNJa;P^J48^1t8=>rr6fWzCUV=fb
zFz3$hg)Wwn!l;BN13b6*Cm1ZfG8%~U`2{UIJr%8Vq%4%4^@Mc850)*tfgYf^K!<Q2
z{u_Q^4rx!BH@N2=l4YW*z8C86ouF$>ybr7i2a^V(J4<AIv1zng8+5P)RaqDr(L70f
z?ay~E%HaeAQT<GHUv$GAH^)7(`P>ds(2*fz37UmLu-JGT34F+UV*OwzAUurn@>AlL
za$<bb!Y3oyO!z`JIVRP6Ml(pq|B#aWT3@8aKUN~~A+aq3bz{dA?+8PKDG?X_4h`8$
z61PGhlYoUQT?=j@d2givd1X4=(Xs)lAsktiDt&_SlzFV)bqdGvND%5u;;r%z@iIdq
zVzz+~WUhcx3=7Q77~2azB3)M-HWkQ_j_yZ7SwBqA52^A-#-CB%N2WoL5T=QqG0;fV
zs)Jur;#gAR+48jEUI8M6;LeIuj#s(5KrYCPBEko?m~;<0CDBx`xBYc8VAzj_-OGrA
zMT4&cGYwty2}p{?m|^Ln(N3Zl0IVjgaB>|q02t0=Hb`BD!(}}JsxJCN?;xqQ#OR!%
zZzssqTWd*$1^Fdtyr+W`gPm9<AdPyUl(g=+i8QHK;-vu{j2z>fBL$z5j6^`Y_lh$q
z#std?i^sbcDjV?&Fv5MXollb5f)51asm6Z(KQPF&Uv%!X&6dINMBtEDY<%@6Wour>
z<K<YZSZ3_ip}u)jOnSL0!yJaZ{n17E2M#(@H+@47@5~hRH9MVwFLR>w{$oy`$xYuc
zK-G(2;H0aVl@$aN7Ox{T50ZEG5ov*Yg*}=qxthu_RlS1}4gitMyMOTe1ew4(cYy~@
z*S!m6#prZE!awEa-a+yBM0Ye{ld5C|QP)oMdvRH;E)}#Ev+${v9xf957k~m;`ip8<
z^v;wGg5xA|6)B9LDE4RAgx64K%&*RnCJ3B}GODsT2h2cw`I5D+EZOnsSA;shy_nfz
zYTgv<YyYSapaL4`>KsLyG(RV?Evyp<hM`gj<3pKy4Q}YE9UR>)%-5Ryf@Q*N(t)>(
zQ}ump4GoqsRiD2bc_aDv&hdW{elR0G4yFw-ThAhOJ@T(*q|qr|;$^m1ktTg<D%mSZ
zU(5Em9GPix#g3;Y^R{sE-RJ^DpzU$`HGV{gI#6!@=7*76EQO>XshC(SZ7TO4;e18f
z2+CRB&{tmENx?&!t`@loN;hiG<-;(?X}6P~xS+>l`W#w~GlpzXIzxbnZY)>v5?Qi1
z!z?2^$M}6Q+*ux(C&J)2^vm{(gr>ydSN@>EZy}I+wbJNWdJ56c@8PKF1hgsY<TVDS
zM+t24+pjc2!q#XMkU6C7LKUT0#YK`Q$xq%XH13#>+$HtUBx`vb8`h;!nR@Eb$#s1(
zHwreVLF;1DiJq6qb@~KjgVXMvnmp^8&x{O~S5c#_kz^#z0ZqUUUR9LHAzyx+zGIpi
zriX9hw7tk7F!<v1Otlw(U8!aey&uc`Svi{Je_J^9(P8J;rTLeXODLkA9DR<nK3l(H
zlE0drPE&NUx^S>ibmu1amnA&u$y?I=BF*oK)3XR0pH<DBr{o;9zC(erxdfW%zhxzS
zu^t+2Ncez~kz}GL6y_HKY6iWH?z>Q>&;DiJ1vAN0j?h4+lOgGi*{C4-ZCZRHdwPg6
zPG%mvUP6hc6lsFkho}Q-bu$m?j#YIC&WqPX-)Uc{!^gwPX>5{xkbnx<(Du`shxWHi
z9rW_%8w7KG;Y<pYK7O`170NtnIPq3`0&09$TUqd})orf5wrTgeF0&B2n@?ua%{ASZ
zc~@KA4Hxhd4mp4niF{Z71?78F3_gp`{iIH#zqT?j-#8bBJ-TL}OtpJA*^hngAUzx1
zRn0be>CT^t{(64b+iw?^DG_cZo*yGEmR6aa=%Jeo?<vFh+#mK*zHIWt%H&=Vsd?b=
z8AVtyJ9#Xv-GCOwP>jJaTk9;faeG4XeRm}kDIh4BaXr)$uOglh8?0s)0_;$l5x^*a
zGn<a#JvVv@M%qegFWwV<&N7GLqyEZ`6Yn}hkH-WT-)DT07=UH*7s@_;75}fR8;lA5
z0F75dP(5%9&{B9yb7jQ33XH))Dq))sxoo}OBRpKm=CC5}lts$$Nmc3$E(us})%M2r
zpu8qSk~H(eP923S1d3ff`nvOdFQ)C@k5%6G5n5#~G_@iKpgSV%N6yfB$WxyIm?sOC
ze5z`c#)}f~fddPP{3MOfs;;+|nfG+Y?ozwUNaK)v`I$@WvSdQB;eqDjnZYvzR}F$6
zvL{6v@9d#0rLP}uVf#s;YTC!ejT=UR*(U{bb93XCb07ys)V56|XBFh~MW+Nn(tQfP
zuf*^iC}_)gn!8G4fFX-=SgH&87XT13@?_XrlRP1oGZBc9ty!v;V%^pzUNtDqzcp<{
zSti2DU}Ky4>Fi*Hb?}PY?VPstK&{k^lW8Q$Ex3Zz%?jmX(YI$Qvz=Z8^E_19-1K;@
zT`a#h%JrTz4sG;WFXgwzZg@J8dvm3STe?<St9#x*>8@AW<4Alup*NjiseTjaM}zra
zSCt{7cMns4=~-SQedZgqPQc>u`!SKjei5a$khixdD4-Fm`P|`eo#hp*z!K#7!QqP6
zNnThQ?&aeNPv(<LjFF~?Z%o$x-*6E$w)?0`>IbA{peJ)&(Dc1N7FC&;$lO^sC*Ut;
zXEUsbnG9oveyTg};PA3n+anbpOSO>qLENlFVh|kOYVd1C>!?LkeeTG2gS^{fH^VPQ
zpqrpAAM0oO5^wP?oNLCvww8*CsTSx5?a(yzr2}7_BVPR00lhmfyH>?$cC3vOlZP{*
zmk!v#(lv|66b$lngQ?e^v)^+0y;JEOB_jiyh(trHCelWG)s8mA{XNSt_L42JD;$IG
zevSCLR3sWGot+^0XGwbrK^!X-DetQ}p=JYHI1ua+BWZ9^!rD82+VYGpWuN#KTs#H8
z9vU7-pFTVVNMT3qilLQLU6*2o1kuvI$;`!5dSreJCMEx`O9*t<Tm%9V$j9+;rG_sL
z8s+k3QoAv{A;{Z*IBUMa9#OdQzBj<#{<YV9ki<VXK7+lUX=B<@8O>vApo?Qya)#EV
zG539uTF845!!;+2z%i6hT$Q!)$i3z)2FK2Do=8DRbKwTtO>$1L@bD82k%LcK;kS6|
z)b=`J_5iwzPYe7=M(mQhm{E0A<W0jy(CwQ`$^E$rJo&v0orrIip`JcB_;;#Mv?nhO
zEamChL<ml(Y=|<ghNkDNml;r9U%%YY=lrgIbp>Y|aG`nk0V_JaMAUDS{7%fZpuQF8
z|Ly^i5v}ySpu!QEwdviEX;O$|Fftx{F4vTTcprc|_ERy#Er`dj{EX@LbrSnSqoKA6
z&a^`i+F~BfBHr?Q=P^RFKGG~Y)a2ufQLMzGIXAi|xm*gATP8FL#A{R6*GZC(2<Z{A
z4)Cncn#0dbmoaZ!ER8=;XjS+Xb&}F}v<3zimx%_8nJKJen{oe)S#f*F4T)1q19!DP
zoURf*WEA*WY*#`B!o&XSx`O^X)q^OT?K-!nY5O7Y9epA0e%&Eh3DR7|13w7=$PrBa
zWLF%P8#x^8mHyE<FfDfGZ3q5p!0n79YzU_oE>$7rf1jX6*|ut1wA044pCa~M!5BtI
z<d`tu&`L_3n=n`Ok$R1~lQ<I~H<IQ`Ka%z!Nv0sy8<(NJ{JFv(DG&XvO@sL?vszHh
z*r^JM>ke&7`j;jhB^f%(QdTn{maDXvvcB2X#hdx+(wgg<G2y%W!%F+rw#Vb+#S6qc
zYYPi&Uwuz?2@&-krYe;uU2UT-fL~P^=|OQq;P1p#(BfH_lDKR)LM5@Zgd~;J*Ab3k
z7awg|$i!MG&^)@0E%Whq_BYB6S{GoZQRqvb{Iu~x-2*p7a$QQ|>V0d90!m=#0`;Zm
z2jjO;oS@1NS38{CdnoZ|`$6qeH}Qn(*WtFc8!eM|5KN8Yy$Cd7FkJfb%<>QY!)pQa
zE&wq+e9X7eH@|F7+nX*9_n$*9PAUI05N;yRHuC`dtoCn`B}xE0(IY{Yfx}rmrt)ow
zLvU&Mx;2?`6ZT(^6_#f;8#+FJm4&e^SVeGiB=<LIs_x(oN23`R+1by|`DhFCD*jN3
zee71Gl@d|($UGyh)A+{z@rI8MI*v-U&oENlHSWD1+l41TD@7J1T#arYKv+RD=u60P
zRnhNrqA#ZpA%*JZ<K$Fx0pooVXVg+=)evFn3Kz;+>e_oW_!89$)^d+U**;ezJciGA
zV}5PN6n?So;EMq%rjhH~8LFi1dip{8h<HC!4RDZu1d-lGZ2FHHY1<F4Ouz@bz-|5?
z$c8j;VFx}6>NG))(%Nbo@oZ+<cO(m;6<KOmE3+vfyS0AIV@O*85XuO&qZ;doXmh*j
zBB76Bz5QQ3D4Mnqi20^NOM~_``7hDlu;eq=cv0iYh~Xj4AK?4)4BI=t<3CuXm@k<1
z=HE$97rrr{>#$eFD1g%(X;1i%md^ow_PTBt+3bJ5ExU=lR8WS*@eu=i5u&*7Fl>!J
zWaES2P$7xl2<xGhPx0Q2ddLVEKD$C%zl-V8;bQJBGtxE+VUu-4Fp&NkiP|}%v+?=|
zeP@O(kN5s}t4B|BI2Aj3CN-}d>OPLT+h?1?lEWbi!dz>a2(7^+W&1P9%HR+<WGZu`
zLhn%fpFRl#2)TDxKQcRGgye%mwKjB#rad7V>azHKBM}i97oKu*%b`FQ@bxzC>U}DV
z<oRxhr5&;sIGVhpGhg3w6heCkgL;I>rjyf@pv_Llw~=1g_N@GPMCz_nw=a%)6aR%Y
zAuJR);nMDPLRA;g9m%|eG1~j0Aj-|SbgfH;Bc2wD^bp6nAd2?LT~cHu%O5~mq|x(+
zJ`5!*_+GD%kUyCfz`QgeIC7SRUMbpsTu2jf@C9b21o_MUwEyT){OwrQL-Se}S1-<;
z&p>j!v<u)oCijRtrq%o3<sDeTJxn;0@294MF^zAUwpFV-<~GR(0ei6uRF=FY7!q8L
z56)+Dl?XGGz?2WRkhe`isF|x>zj7B#dyMw$Wji))5_0lQ`#OwPN`8cyixPfs<kiG!
z8Dxep2bPeUwa`rGJ8Y`%zaJJz_E8$lRYm-m+-M1sLt>91MGfzKEdcRa<!|0n8y{<-
z{=(n+EAN-iev;!-aaoJHq2c+{!*RCX(>%|rkF!9C4=pGj?ci{z0MfMuG(Rsbp|^i5
zwE{gCBdg$81~KEz&b+&$V5y3lJv@vkU#BVH9{yDP`|WL<F(T%v@brvquxy-P5Eh5K
z{Yl6IHPqTc7dqgJ{Lv~RkcWmhIGZMTU;l_N`F;V?4RVU|BYJz_@sYU(Gx3t~h^Fav
z1Ya|7CGjA2gfo|iN45_Sf3pn0T*CIo-iGT-la+5?zyrq8;&A<_;pq^gxJDUl+Lb$t
zzGKM}*Zyk~f9wd&XLzv_#XXD^_>zUNUrV}3INga$cXsIaO&*=cg90?(VSy7`(Mm|R
zXKD8E^)`qpkPLqHkY@;vPj#^a-xW=~S3UJ^)d*_|SOXg6x4&u8(gXxa)*_kL((22^
z@^O_F*3DoZ%q$n9qV1#{W?J5=a8;H+mGtdv6MW$=Y`a{?#)i$bi@z&xim$EM^An_|
zi@RbN?9!|Nm1}uWNzeW3i0TZLiiriC=lvp}T)(lkFy}=MbZ<%tWNB?1OI1$EPRG!w
zVc@18{b3zD8jk6Giw?$Ez`>xdWcYh41soMsO6@Rw+wv-EC~LoT3vfWNxhdB~;Ewsb
zn7*s>SEBO5UsEuS%7(UzevYL{f%H!&F~7fb3$&$lhp9jLxqgm24@nG(dk>ioa33Jz
z<BdjkJxc9jEE2brG}tO7$;3~+`!U*P1Af14sH3mou*Hu(6VxaT@wAoHTer_!jWGJP
z?%3(Lpp$l1t|5lzr(h$f`cdj|`BJC7UFccyKU2Di-&xLRG|n)gEyn@Bz{Al<tJkWt
zeOQ|YaI_Rb^|HtHMt5B~6GL$@)C`f{h;=>4;F>noF1n7>`14~+g}Bm1$lLjzb*Oz+
zR@2Cj*=*Vvb1;W!fKjKu1gTdif5YqAiF#PbP}OQ-Wt5~z0<!li%%Dkk0IzD$L#F2M
zc{^x2c5fo4c{w)y-`gj*NUz?VML;7jRNvO*t^N}HB9t!?YPi0R?HN=hC2{8}!!jsa
zAvXrl9y{m)2(;fHlrDbnM*#ZH&Co|0s^iE)ly#hH<r$kb48Z!)mL}K<o@xWyTYB3(
zTSqen%qkx?`w+~3a`hf`u8FavodrhyA_vWdUDf#KE|hfYobuKSZUfZahG@Bw=oLGC
zI<uQ^qv;mCA2jYY?iLS?2K-(gKpRAfX*{f4C+1NfFL8>I^2Y^NKU{u@2mneLhoCE>
zbhSo2jxs#?p0SkIHT_!g=l6DdF1TRnXpgWWgo>XAqI?W!DdKKQ3#N8PNuazuNt&Bj
zNbHAh!2Q<U3}t&#&$#@1wM7ITe6sFsnULT9y)dw66tCHKLJT%GRCtRx)!??Uyjswk
zJv}=g{=AE2#z~jS<_MgHgQ!A#cG}l_J4AA&zfsS%DUR6v?kz(u3_pf*bmUz(*t3+f
z9>vyvx9o2uD|Bz^aOS{O<Uq}@{>;dQU;B!_0*QJmkj_<K=^M?U^~_N_Ul}f?8V+1D
z1Q%Q1`$wd^mAw!H=rXnheU%W~>^B2d?%5^auJoOcv<pn~<z-ir`ucaFKsVp(nUuN#
zPj1uK^YYvkl?=DhAAAb(_na&TlBy?5u?kWhdUOm9=yv0cJ#wVg{qHLMEQWcv$BbLU
zaOI@)*DWj9e8M`GlN+d@OEwx9V69?$#Q@uqk?@j$;x75sq3lws@b5?)_-{W>2YJfB
zi&dMSf^SFd(56T68NuwtG&hKReu5BxVE>49xqH^q_SAc@(5f100jLy$D7>i{8iO5@
zYOcH~wSuy#Em$*-`-cj9+x9jeTaRwwcEDBEgD*=XI~xjq4gR;ap}4gc`Legk$TvUN
zfqr)Cs+*gm5r02G8=)_Qm5Do{rNdwbpKv<;AXIu+O2R6d_YGxBL&1+(K7Df|3~_dI
z72Z#^`o&)=M9oVd&!`(XPo2}O(a|zg#1DM))@Uw^jLTF$B=AX)$Tu9e5hQg8eMhfk
zyIgqO^q86rUf*&RvAN)v|ByTHcgk3(9Lf(i_OW3<Wf_nP);z!r0&bg`dzKy=94Wi$
zKQX!zQuSz3-4%alwzal~ZbXi?wSIkDO`UABv@%P}U?wvo?YO=jzrkRDEd9M6MWgsP
zrZ_rt`s`kzK$y16&=^Sm$e7ceQHQRyB$w0~v%GVyb7a?lr%QAU<y5NU@jGiq8o|3}
zGml#+f9fw;fz-})E8@)Jha*Ii4mOUP8Ks=@7`EwJxW}zWFI*1r^Vm9m)J{TY$yv*e
z!dZ;=2jW(piT;9_2wVzJZ0@#E>CSpuJQ<8JNOtOP;Z15p`!Zk84g0n>GAE3`+zL-?
zVz%W9sXVi(cwHIyx8+yY&qO{3o7ROFLXqkaWz#NzcMvQ4dHp%sO?gBea$$Mt@K)um
z1z~+Lg*bAA5LiLoBgpEbaZ&^)dqr+ZKj&)2sEI<N=R5T~gv~JmaD#>>-H7qb{HD|t
zrW~)WZDGzbB%i*4X5Fw9g@H=&?CR-**{PN}>*iRIT<@B;GI&Ub`7RV!LXU-^S@~eb
zM~{W>rZc8wF!!d8x_zeacfIo)P|MD)q2JAZ-|?{md+J6fLyv^!)(5Bed}Xv2=Up)w
zP8IAd?r|?YHrZZZzW)4U+3OuP-iSKx-Wf%nn72fO$c}Gu#04^+gt3`~q|~huVNJ@u
zmq}e>FAaMtYt;{T-aNt<KN{C>xiK&lCHmG%Z;6hn-}Yr-rL8B;;C58wY0Ss|c1bQL
z7AR7D4(l1xN`lc4edV1`fj#8GOqi~WbF=JCMQ4k&dPnF1k8<n4j#P)M`n$8gEPX_v
z*YhL#Fkx$>;s8y{=Z>0^!71pxkAeCzp?u6B4He9Y=9-~e$=<${wa=Y>s5#Qww|pX+
z)lCgoJ58NQGAHy?naS2bFVcvFTAqtK6S)SNU~|Crr39v)t7+gz(&z1Uu2SRKx@4|J
zd;#OV{X(NwS9W#nR(8c)(!@VEsg==_ez4}kwSLoKxGkQvzWhN7RY^0SdSm4F7WFah
zk=(k#UFpcMwOLJBeNUJ28O`tDYyX$-VeJQ=x^aMDrvMQGS-e<cvh;;xP5xF095zh;
zk&zWL^L_uAsgKtwtKf&-MLr6`A!eY@xVFB&ikeGp@wh-D(KtYj@>N{ows{&Q^ES`W
zcFQ*W_DU>No*Zw6>8-MwMu@gft#6^k)9#b0Z|z8Z#PC%sGQw~hcH7Q=#`otzr?H4Z
z@(CN@f&J!lqo`fpl6+0UQZfqYH7k#v8)qLU!s2SlS?;S-NYw&*g06>v<imX^yXHG6
z!kvBDlP!t?{R6sY=&3`ng#x6M22@fU+f@>Wn5JNiSL&hEzOc$OH%Yk5<Ts4(PTfG$
zVSAp7c}adp0Wie!3*2*;LeQ{`J~Gt2WBTu7$I$nV>Obo}>~69G8Ml4$=lU!daQ6Do
z<BJQJ^YpLBeg-7aUyr1fq|m<}Keznfm;e7Eu#J^qAZ-6}H_u^VF_I|+3C0Eb9U&in
zeyJ2g!ezc05;dbfvo8hNN>CbnO)va-rAlG|yg2UzX7hqYvqm{yXU`}}5#3*m-`O)Y
zxSUU>7=j0)?r#?Dt*xy`bm!*g`q5tgt5+T`8gbV{yGi75SR4zd-x6O;4q@4t3XC4i
zSRW;`tB!RYzFk;cv={?Zq!dxKv3W<^tY+K)mIC@-O((n_UiP?2+iknsAv7TSx5Uqg
zQOzXa#H1uNkAr=p-PtJJIvWMS>B6XtBW@M(i}%ZY)sxj3!aWi_eovR#?F=!`XE|L$
zUYxzRD+06je#XKNM;zbPQLIf2$o^7)SUsE9`({ctYZSh<vwr$9Obqb3PwURE&}*az
z|3rkLhao%aqMdbbD%I8c@>o&S*)1o>JM`zpSr6Pyjbw1&jv3<pHP}8QW;f%3rAMTE
zCVe)7!l|eVCV4yTZk`@aPgh#|LJ*Z(9B(q6e<AWgf4tqm!gFzP5rhDq=Bhr14@D0|
zB_(}5GKY!aJdQ#NQRrFJXY(~8`c0Q1UUKWJf92qD)~E|Zi|KPK;itrIaJrMNJ8plv
zKWuc~-9I*qnBTWjgiL5o|Nbo?6Y@rPBQ{b0=47653`Ebs@UY18Wy>uoNxg90Q_T1E
zbHKl4z7YJpRDSmH@gB`9S+9*^b$&jrEmEFgEQ?Fv<9VsO#sL}<=pL?dtShv=@bnU<
z3AVPD$8LR1P5ec^Lwm{}+r-cm{}lEu+d;DvK#UNkBz&$GZOdvZrO&c)rPk25-uIhq
z*^bVP`NnJ8#O!-9;$57ardv_xP8R?M<+gfoU{!<}=Hj(mkMyT76510O=@8^B&VZ+H
zrLf6CF7{g~ZFMkEW$<ie;&$bFzTMsr#?ERfR_$I{KYya%ytuG{RUdaB5{!x~!xq#A
zXX$l5t9zM|o}L+HM#jSTO?9W*Zu#E#;pTLqwz;v9@BE#*y1ISqU9wQ{mQW=cu*&P2
zKs$<lv45MO;5MYO*LgR<jy5=0;%%=Ir=_?_B&2&&K7(67W|o9WirduSsIwlIKjwXd
z&z;k~NJK=$a3IELwm^2nNI_&up?sEA7wcWu9NXs2(R>Ehj1Tm@ZxSRKO~<pE&(8iM
zPbvo8dt2Q(wks4c6m!H&Wg~~5zh!X2pT^{VyhJr(IsB4EufgL93V*&6mC@uK6=>6L
ze!YN;*lw!GbUrtp5<2Q<-BGR!zdxoa2^)Zk9`6MpHj7(N&41(<+jr#)A)BhKCWuF8
zZE9+ATGfB``nyDInw|2-OO8#OejM-~$#gtizFL~}FQXWT4G8jXks-|fU*dD#{L1uG
zx87z(lYVNRj<8ROtmb&CXiR$EY<RCK{QH---rX#31Dp(<IvY>HpgkN<9It))qB?5a
z{0a%6h$K}o3wzdXHlZmf5lw~Oe5*~y!qs<R6akC9U{y<|2rINaQU_<)kTj2gZNs&7
zvm~kX$}omVINqrs-loS|&&kq*8Mnb~Xg2X&E}2@))!>b<rn}85Cg|vVljcffwn94t
z;$v$W4b72i_xjUbPqEcd;Apz0YN7mbDTM_p$jQDjuG%4)63Eg9QSrJk_VE_M;OHm1
zEso1mt#eT%Ym9E=m`{|8MM+9*rZ*#Je>mNF*%%Duv0EDVK3?_vh6^xh9Mm`cslq@3
zlpT<W9x~=To@LP=q<tF~5uumWi5iH|cgUUpO*|B+ctMsW=%`Xz$_<7FB~GF(`%5<E
zr)G+Q!n*gQ4e}j7_H8>Mt32eoPk*25Mt-~b+WT^({_2Fnz*}g=VY@RJwTVJ*aOTe>
zy2a)T1owBhX5|WbtQi>+-&KSFhd5B_Oe1{GbE&G`#%IeHC8G$wrdrKW<!5r^nY&x)
zw70e{YrNUxJAq9IQ9i!;myL--ymIFA)-F2Hy4$=$t)cts>~!yNvHMO#-r?_|`q0#9
zx0;uhM8s|&%b*^`m?D>XyrU%R&g9u?V|Pit%=5T0>WYE9t*Yg{7a8)MEszN3S&|9A
z+O5t{;&>rLafGGI&l|@zMXi)h1f2PvP;}JR^rLHfidV|5lW%?}K}py#r1jIp#?=Mp
zzn%2?={>BI?iX)2t`B+c5Bl9%pbj|1I`wW}FOxjKe~c}NI6`2@th8vomi-VO9zdjE
z{_EN{&i?!`&Dv6<%5*@b)j!dF@AO*0`CKDyFl7{2Z?`-+YuJq+GR;5di`af<!hF26
z$tyCtBIG^NK{YgisHBG_%Pd>zS-^p%tvnd+mR}RxhFndQTo#v9eU)%|GEY<O`+z>M
zRbkLdeY=FbyCIi=?}8jWDm~c+u)K)F^lrINKN%*g-&^Ytn{OH!(x2H6;|!UQO5P<L
zQ_Q>}<0q}c=KHsOFCJst0H93mP2nSchg(?SgeCLkM0niitPD4-XgfrQ?Ll=Ri`I{Q
zquuM}!$;D}y1E%2D2qJgx??vsyoW9_HCHQ4ky~%fI|AxQc1I)Blai9oeM?JAH|5On
zH7a$={nWHR;H~QK+!_+!Sk-mLc|h1~4}N+$hA0|h;ih7_=z8!;Z`2B`huR^U;P^zc
z$ZbOd_R_I-C*|`^9SOj5iHi0Vr}@4T-d}D0Qnr^cW!qzEFOtF(+I|WFvP;<Q7J9z}
z^AfKWxRL2@tql(ynnh-|h#;idwidq2Jo~sGZ`SIKF=}MfjJbQ6B*S1>ZrDy%)znj(
zrTk#G(n7U3|F!AuvR*ebDDwb+=*D(&>NJ09`f;JwI{f!Z5b*vuz6*TbgFDYGQg1Wi
zD|Iz85gtj3YQeY7cwPtOCmpCleDkkJ-y4WR)*UZ*MiN=3b%mdymt&$XpW}pI?4Oq7
zGRp45fdy)SA>EX2R*M7JUdyBFOf#I#zb`lEJ7X5prtZ&^Dl>brn}EaXT~aFi2A?un
zW%?);A#ukV0;uv|1wAL{*RJ-b<|E`_3yYKGn9!|HG@!VlLCf%{C>v}gobr+;OLMgz
zHhveWrZek+O%zR2k|h7u?VI7m?Rx0b{hd1%G>k_rR-yo%h<9#sGJfdSB;q%VEi*|0
zU$)$f3#aC)EM0fSiDt=d#ltw^N@&AZK3|}{9+}^WhEtVem*hj9HitzKz-V#SHr(QO
zJ^xCq*ec@kL-+S8hx8QQYlitwz%sWaNvz#9rqqqBPde7!8<?>INjLHmDi!j+Ie3M+
zs47*&65cxgr(5p<ux^D7cfVaPaKBHz%crngHH_{4siKkC-ZyAyX!Gb9!Y}kCjS3em
z<g?TEhVeOEe~0F<w8!It_n7B}I=`pIf@msGW|%JIuS-5OSv06Fu1}BeRggGU-Agr@
ziu-)L$+U5o0q2iZP!JJ=c@_4FUBq|A;jsqx@VYDsvtSuWP<fVKuA?MPi_y%aV=UN2
zk$LQHdQ&!kKA6e@qbLC|(9^r*#J6^-7$r6&;`}St_n`dKE`SB{_wKrx{r&?LVDKK_
zk^le(Ca7|c6u`*FY0`ZdeizD&IA3q?=Oa;g^>WYkmsfs8)OgW&j&zKJ7q~m6U=Y*7
zm2Ow@AS1JyHPJ4A{Y@Dx%!9<sNG_RCp%JdgL&7j%RANJ44A$|Z)~giP<>Sg}<)5nt
zVlAo2+i|(Gswk!pL*}Uu{;k!E$Ao{zHhB6x1Z7_u$yoEru>|FW6&j20_E_s>F}Pww
znwNxseD&RmuV;G*9}RmF(P6zacx5E~5I#=j-sTpmh(hi(d2AA%=sa+btJ`He$j)V*
z@p(Hj|4N!Kv6YY?x>uJMeiCau^dS?w%0)B&3UM7yR7j<LO9kG<&v#gVvWK%UU(7<H
z&c<xv=l)F=4;R<D65+oUyt255(N|rGQrliH$O`HB7nL#QS$6kC;vUDG2tvoV;m^;y
z$S<#(-A>}e&0+Rd)_Dru6A|LKX6-Qc-8Q4A06o2Gk8mPBaD)JC;Bqx=Bs>WDww*Im
zkNU2(Sk~P6+*NPibk$nV@;C3DiJj!=c}KfjKDRyI@Cu=Tu6pYZ8%9a6QgDaZps{sZ
z_AFYdLy+CkuSF@X@w&z-!W?WNc4KxA#r7X;K`1CFl%!RFZAF7WyVcLowVY<h@%<@_
zz3?LvU%)b*!njDM5Gsg~JzP&$x7qu*o#p!477!Ju<?H5)D{L8xh!w7nd!=Vx--q^l
zP;_va^`>vhs;rv~_y#jYrKry(2^1mgS9oJzNnkz9t_Q110>G@J_^R!&k<pvVR`4W$
zwE;Y)lr8LheW3oJxlaRZR|!v{jHvPREvk3_Q!!He28Q*}lQG6Y%{AvG<ps+<uF6d9
zC%w*?M4Ur9TN1UDxR{zKg`LBKT`80Lv#YaB=pAZPC+P}%x5&LuYL2u~EH4BmQA+bv
zUSkv4zG#=Ncvm?$<<1<4xf7x5*jaCHVSIdiq9j45m--;-$nF#c`FE}=edDVfFW4kZ
zlT_Rl-dADR9`}T^kGP&M3tJQRi|RI?As=s(rh1fAUe-8mmq3Q{LfMR=-LT1ELEmnf
zer=WOU%lAdT}nFZ(#EG-6m%kLWsh%gA2WEIvRMz!vci><m3<2UZx7CN%lM^TklbH<
z5Kzr#5@`H-cMKLf|4IUuUXL^omSfq%meM2{&g2^cuV})U#f2%EPZFcbb?f(i`@WE5
zFcpj+tD9PZ?=G-!Dy7hY;r5jeu0@nu2>LqtF|$)=d2MY5tD))XIz_9JJ}EYU&hHd5
zjA1f@l`T!9;a8Pomt$yN#^Xkp7Bb~W%d=$3U!=T#A4cy%n-TtP#A9aY$)w}$@!~1x
zK<sIad(BYuL#E_x)784$4GiG<>vgqSldnsiZRVMn-zsQ3@)EWk^m<uJ)CE}n!QYA;
z!QpR5D7bVobtX2-zEzNNT^_sdI(1G?tlw$E$iy^KSA`y7y2breh1Nuz8TM(p>3TkT
zX?*-!{q)B@O9&aj1akKKh&i59{IymyvtvpkV%4V!6XJsWGM|D3vZ=16`S&~@d05m1
zQI~41>sNXc<rOmcqx`1-t^SJ>4aoX1gb+Z?pU8X4vg%WB{UE;HJ?}hf4x8JHJ_hAe
zpBEHhMOQ|DD=IHYC)54;Lms<uFAF$IuVia`JR03pMz%QIwp2xzP_#3t`Zy|}Be2}4
zP!)WY++Wu!_)Q^$TcA1rHaSf5IiGWq^`Cu;z31J<HiR3CaUX`CupzP<kre_wm-?9X
zv4uf~86f)GIaQ6~oXvK=THW65Vru}xJ=*CQE@uhb6ZO=~l$HEhNcQXnU2f68^71iE
z4aRdyJMUjyTx@KZ>}Rz)tdl=VJSB3I!P>AZmCLysJ5!LK6Ht~#Sv0<Sq9hpb7NP%S
zGEWp}c!0H%DkNp^ydlnMar_SB3jvqTpw!lZ4PUV8r165z-j}WW+QX)tum-mg9ih){
zXrQ3wG}qU4UhmW8`=`EFRM^>CCV@#*j>*)K&Jig&9?si{(MvVUqqE5ien{F?*Hq<;
zbN9u+*je)r9F?xnZ!U}(k319OFPmE%?4|$5%wC)+03qp5V*15Ven{hWj9($GdJHE$
zEk7ZRpJS4II_Q=Q@Axy7z6WjPG<#ijcIHA_JnP%|PDi?7j>R*v1%=xyamC{>RW~E^
z3X9QHKF`TS5BR_nH?Y9>NDrTv%*fswg#C0OZBSXCt&1Fv(v{uy&>z;j6<NaRSLq0d
zMOfqoaUnh0OiV3=V%s6zAj4|Y?={{m{}?O8;$Ng<NJi=$?*n7AdslJh4SJu4e_3qK
za5ptbZ8G+lPgdJWRiv2w@%QbG3A)rPkyZr_59|n6wK?xr*o4X=gMvQxMHc`)m*&nH
zlG_uGk*Zyi43y|3(w3v$k(Bg``uTzrRrh+2<`c=W(!|`OPe&R-Gkxo!q;hh6*a*w?
z<<w4s4O?QB=tFxo@#S$LJFU0T+w5-!xHpisPdj56QYv}5aOjTtn|v{<JHjw4-37oh
z!dt%5_%n6GD;J7gfWYQV9rSwKe|7&G=xn@|FN%{pHf`f--$+}tq`aJIn{=_>ww`ck
zQvMuGF<Uqxm08-d2ezv*t<aNtm%`l0L}j|*b^jB8KQOT%vl<>C@G<z^d61+coBQZe
z;%0_pFMwHK!KTo@eeL;fH`{*c2U`k~DQy0MMW{K(pjR;PZPE32YBV0rd{`wt6fq+V
zSqeqPWu`pQ($Gm(!Hq{N5*lb}v@f(NV*phPA$bM}xE;w?+D7c^qGLtv>88vDila!m
z%*W~pKj;1#2}^Aj>!Bh$Z81cAO*Z@0_)`{&>Aap7`2)@?sm-33$pHbc(mtP*)<{>z
zJwDvXHHXz&|CVvKq_f+b=%D%>$1*K9h57v*TVNue9sUo_OldkKR%vch+pfsSh@rv3
zd<#jFFOG|qA#qeirV31aZL~Zh3*oB`j(Grk(bJO*HCJiw%lojnYWW1m;nb>la=j*x
z{gs&V>T0X&1Fq_$R8JJ=-O&Vbk)7L`<rzdYnIzLYM*KR@!Hb3h3Fv&yt}tZn_0#g7
z<}{QFb~F9kO)p-2_W8dK;s4J#gmYuMV(kC)<%<_5pAo5`4k6bTfA=WKq$XXzm~X02
zYMk%ei$6BOix=<F=Nvj@L{5|->)j;gVTN};-ywf|jj-=?oZ%7}=San+NN@R}KL$dX
zu36JUzd$a>K+lX@s(=3p9=B|)R!27(^{Xm%($*mm$w9)FSRV=X@jo7A;hVeuU9rD@
z{vucgLq46fDqsLc1(5H4C$$;`q`r&Ql9V)m6$60j=;Q6`>A}GP++XkX2Z$qM(Mp#Y
z1z;c(P};HH^*thkZ0181gyoOOULWu6eX_Uz#~W>HYx}oI!pO+}>qXM_fbjP=PdSmG
z6A6g%knnJTrb>`We9Zkl!ha&5VfStW>kB|Q$?%3|EA3N5-dR_&Z$G)7N(8yTyuQBB
z-{&xuNev>Rh~XqQ=Y6fHAe(xC?hP3{ogmg<g|)n;vK#LKwrbs#06GEM9&+hF<j^Tl
zon~fd$^I(pMkkz*(j|6J<W<-M1{h{r=3_T=Qj*1p{wb<kKzRcJnfPi@^A@(LB7bMu
zuSgR7pI9^4-95J(4U2#2`Alqf<>2VZ#@2Q_?%xPla`KI@w2py6=vYEaV`p710x6C^
zfBu}Fp8l&2<o{Gc9zyoA8z$ELsiw>am|vC>`u?vfw4s0~y<%U8nuI+7!D^bn|0*B$
zb|>J^PsJ&r4H@fF>grs7{ewv*)!)U5cg8g1gVi)N{+lEgya~WQrLj{!m$2ABm?Lr*
zc4jd^lkIcXfk;eDJTfw}rTkZ`J!oW?NOJ<k0a)*)-;fyxiDOYe|5%zj3lv28Pk1%#
zek%TdsGEeue>+tBKh-TUMe~0&F@_U1M~{6KsP}z{h8-KQ7(PWem|v%V6>$41<g5tp
zUJU$GIcdlQ%=enp8Mrn<ajKBcdl%l9?E|f%sphj=g20@=g+yDk<pDBpi~1e6+7oCL
zlG}wzHADZrpW257ZZK$cGJ}*-sIUY2Ci42s<+xyW&G|ovB<AsXdJPWYxafb{S+yDr
zEGRI$od`q(6li)=(j)iXIpc0f!B(Z&|A)Hw4r^*_;{~yzqM#xoB1F1$0qKN@h%^D|
zLMYNfn)I4PrGpSUB2DRn^j;&qccg_Py>|!!5;B|P`93}8&YijQ$J}{_KX{Vtz1Ld%
zU2DDN_m-uq1Qd#G3X0j-{J~UdH5wQ|o+@Cn<C+&bUqk%H`*)}Q;P7^2EB=_2(UiIe
zI0N=uY!M~5cJ-?|G=TkvqL>#z!@0UHqz@?QL~!Mf%R64tur}(goes%$b*rgTFR|;t
zhw~NJ8qtoNZBcBr6!*PG4PP4x@D4_TK*IKsMcdg8dhA?Whc@c)$jHd{e06L=!oQyN
z+md_|B;lp^rv8I^wno}!i9rLiS<E$Rf$P5`yXom~!i~K_yflbS-7=dRa--_wjanUN
zomw1C&G7e(BvuZNLP(9>Y&t1~3xLw~bGf8sVR|$I;~@z2&^p=JrQf5y;lVa7ZK14O
zpo%Gg<9){)ybSWL4j<EsI^zI1Owe|++I|1irW2K38G3cgXt-M!EE2{DzHq?@cl(d^
zJ1wn^rQ6*<c*(lcyWAAyr5}D7KkhPB3(J^<O^i8Vq=)mSdZ$|scPaNm;smX=%HI?S
zAx_X4iV3p9O-K9GUC|^9DA>mMVWV|w+)>=_g8XuTYCZ4Xyk;~v)DEyw&5k*tr5v6f
zef>-wsp?e|u7HLoAHx+xo}*RsjQ2|;`T9hW%U&i=C8WKmM+{<Dp9)xmrf8{1%b1Qw
zngzB~@ZIU|gepB+-bdBzlJ1V^KPXTni&f?|X&?NsXE<?0yUumFW#HV!yG%D-7Zai?
zyg}jQSKTc9!OMWpt&j$V<}~q=3W^qrmDZ7cQAop=>-}K+!INg&qQIx~q*hb4DQItt
z{?s;JqQksNm)>3OKWEJl4gidtaPFwf2a8D{<BXqaS7+LzvSChJmczMbzM#c*q;cJY
zn#sW-PG}JgBTW8q*?XJ3QbGI!pzarVT=SU!5y=Svz5Rgm<LIderaC(ttfGU()MM4x
zrV!t49-4LQupG*WG5lsehMQ}fQJ_NYNWBAD!;6<M9<BUbjsnGoHJ3)VBO^IY_SsmZ
z?(iBf0l;^666zIjjI<(v%z>SDB83-Pho#fc-%+G#2KL?zx;5Zgt+-t2a~Um-JiFYP
z@9(^p!(<I}F8}U}J_-bO-kfyVzlGbg7&zYg=~A^byU+!#Y-@4o5l8IIvDW0Jau=C(
z4N*P_@W+2u)0Ub1Jd7GEH;6dY39%Ba@;nUe_G?s5X^sa|>jpitM;Kx5v6u+MaZgLz
z$<|jHp5;dPG!NMVjzdc2{|0x{(=V9Kw}5NmW-61NCkV}YWJgTi*vls&h_#XJMg|V;
z@|Q7=OFz==shZb1UoqIJv)j#!va1@Vx?<@VV(hQO&;4EsJcI_a*br3A#uQ4wr`2|}
zx&$bv3FwzJ@OV*|$rBklF2|Kn`^iYo{hvvmGpt{~%ZSy-@+~?l_~Q5v40I|Zl`%Y~
zdmkh1LZ}7xxQ&?R8AdmDBb2W8y8O{e0T~m(A+{PG-RyDp)~#~h+z;EJDZH(*(eM%l
zPa#z_*2;-o1v_qqPQGMQF1+T{v_pa0_`TN*5to6&<0pERw))MfxCI61(biART%8}&
zEr6B_crw<%0votzzM2)PSMA!i+)Nim<wpkUf_YDn8Ua&)$>1iVVr#m`Dm~EQDJ(s3
zpcSZ=ifjeLdw(;-5k%?^0|RcP7Iy5Cxg(hz6r*?V<|aKC3k?K5GsbTT;6@Bp86O_P
z?(7U0<W;{$h#0qaNF!^@5L54r4?sY*g-}vRsf_}c3KgzC$X$x#4*|&rIqE+}ZAX4~
zx!J<}*dUDn8Y)L8B}V8C0YMCgbHVoUiL^S+ke^>O2FMa;zG)SavqKUQHod{rf|qH3
z&s70R4L&}*8pC}1ru>N8VJx5N!OVStCB*T%tqigz22pZX#7z6OK^*s=2{1LktZ}zS
zlESxVOw6=$Xoam;9RC!Jj5zb?Wvs{7;;*g?v1a>$&-=-$rKLmNaPO2LDbz--EDO^8
zqfh)m;VL6F#uF?x$%6|DaYZzc7S1V;&5>e@fvTLdu{=hm8^pu2n?8JIorQkx2NN&=
z)Ld40_WR{KCr)UAx(I}&KBK)z{3Li2vvdiVo3@YJNy4H$VoOfgX_~pVGZj`AVooc2
zl_je!!8C-ux9<XC8)=>1EjN_Ep-cHvY2^mEMup)aa`{iO?|x63H>m5N7CWB+_^qv8
zjgMRgkHIkCgxwDSzKJm$Wv_`zDVFWI3MrivFC}MD1YD@Ks-(P5E5-L>YV7Z39oQ&5
zjIQ}Z?{bHauR`xHzYig1Obca7wI4s2Y5FjBNjPNi*&aRaWv!J|sp{HDt*SJoNK&Z4
zLbgWEZOuGw28K50^Hjcb*8-Lm%cfga8T5L<#i8qhRwL$qj=)Cx7tw3ET@1#GsYG76
zZj3IP=%(8ogjbvl>rsd0G`S$_$;_nJ0aB4SkO|lSq`Zjk5&Sk4$~$;rmy*$xY{FSJ
zMsMS2jhO77oNy3M&6dN7#T)dS95PrtL_OJZ^YpiC{J`qGshi3I3V*qzJ9kOtX}AZL
zF2jG!;;M)Gm~CTEA%XzUF!CdXG$W~#<UMEnK(;J4qt;kEV7pLNOgz3Kp<?521EN>>
z=~OTAPm&*K(~#XE7TezgtalSdNNvI3qiPYW@*<e$auxuY#PhmkO~Ts3)4DfWLTCi5
z%vKKz%%=@&w1=xUH+pWbj~MvdR`akNoV_*rofRC*Z|RInl(FZtSre)mMcZ-@QvWGE
zfFs{(G}1Snrr(oNG$WJpU(aU&Af)wJvDU(#6WN>9k%HOTu*dG$=|{WQ0bueJG?vwH
z-WX?M;RmhEH2|=72*XUWPtcwgmtHllTQplm<P&hdx{z6SHL$fhnpUnhQ!RE#`qGMf
z4(jCTq+FHtV-MKAI8FSU!{3CDC*h0+Tl=<Or9hbuWps+!z_?J|L<IbWQqTOi=M>y8
zw|BxbE?$LCH)RlC{Xme3fu-K7(<+v$jA0>V-o9m@CLMCmsr$*lsMrN)ItLGeUltl`
zl}frzw?rso?T+@e%)9_CN~q@93>UQ25b(PJNE<8a&f!t!JwG;*mrbg~%PTjgR0_$>
z<iB2Mo4;i*Oiaf7NQ&i8WxF1Eygc8bY1-wUf(|%oi^zx<hcV9!RqjZtyxU#mZY&Fv
zN^@LvSO@&s@(m87rhtbT)3A<q5t0tY&2|Ycy2Qy^y+qNWg<Li#XN?~Q9D47O%93fH
zx^r^mt4SfoKREumrpw9n09J!8UGJYdE}3TVMIC*@j%^Jye@J4qhF~^e2Y|K%bLC>a
zqJ@Hc8Q&@7h<Z>n00aPx4SYA<UC1#l1|0U`kv1}Kw`YFFFe`p!)C?<Ui_z%6RFO#|
z>byQxrhhvpJjDd9qV3D^5%pN*x`Waj86Z<f%MAvA;EzM6KlX4vl33(VVgTmApMwRA
zmHYp?{F_%j{kQG#?_2+0Yw72o_8a}5%a8t_-)_SHu|0r`|G4?)pZYSOF#l=Nh`*VZ
zHZZvHdu7ub=D~i}Bl*m@|GW(|M$Cm9$u|-FA8xE6o|OE9SZgI@I@rGPe&62=$bZBG
zRJ=7S@P{S;oo4I14+zkmhjMcdeoL|&H>%VZN&aMB{xaBqFdBbv(7!I%4g4|B|DR3O
zzt_Yc6#4(@m>M^86BHD5t*!BR(&Ew`=D%0N<hAT<%UqpW_g&LE0N3p3U>6asI%-e{
zypRVG>@`T2w_E3KsIITQj^)o<E<jkoH-;y$SS9ojSG8cu>#5rG?LLqo*^z>okrC3_
z!hL4ylOJUC$7J6+k7%yG&Cx7`A3qHevC(PECLSAO6a2D0jq2VuD6!V=+bToQaX;3S
zHhaSMX5FwQYL~U{v6-7iOYFfIl4hy=4V!gQdOD`4rKYQ!b~P)zjWzTEr`6Gb(x)VR
zl#b%+-f(3h9%%y0Ilvsnl{~*|n466MuDGeiQqxdqw~8JRiHl1i=YRC*q=7KGl>&0q
zh}<SS`)jpNemS0;AT$~&U3FWYcTDnd?wylW6$w8{+7>@p2!<*___w~Y5X;~~3%kgX
zki#{;p5Y%u2h(4B5`~X52(D`&!Xm^1bTZliFvB;wu!GzQ`zc>iH!0Ij)UJNv+S;dw
z@b@~)fIYXj$j@Jrp_Jsdxl{mzEpqkHGu_F|%oK6i7zY?Omu~g=*jRKpS3CrvEFg;5
z@YK~+B-_~f!mxmkY^kwa+^~vk8%=UId^>8j8g1QO8`4ASxe@!Wr@cu)uxx~(wRN6U
z4Aa6g7LmSu337cK@QCs@aSTjVjELF1Av^iP&260^P;JuAP9vDN@2Hj|Z|Y`-tJ>_4
zupdiHDOxUrTx~vV*ldf0m9<2&dKAHq>k<yOPvkMZyl&>`9bsKql=twkyXqn0n9_c+
z3i0fRy6J3V+<if|aw+0)xVHW<ZU+=EnCf(5EckSJ?KR9Y`Ix>2Yp$tleKfLmZYR<>
zIbB3}Z>(U*W(eCs=>IXf0baeJTICjt*gMBPSg_e#JUy9t5i<4zg$nyy-E-LpZ<0@_
zII$8xYTa~5qKwXbHH{83?f%F_-V3G)e{LMdM=Naq2rXcmb;Lrz_VBJxYM%Li3i<1t
zB%NT(6M@8)ruJHzw+_T}Lv5}b3WfG7a~2iRh{HCe^^(D1!P-Zz{tm?O?OlC2wS_fy
zXviJ$`cZp8HY#c`mbvuRH+7rlky7jFPlX;Iv&udz#ddiMHUm){^H`e>CV4v~%!q*X
zgS7ck583`DW2zBRAXPs%{Rjju<Jn<R0z>qe|I+Rh9yvs@YY(xH<XW5PpOtyFymmjc
zb-e@28<xOx0b=V3P+ZOjfZV*>RA*5q5YwSrvJ+d9uSVDwLPOQ%0ljtS+2{an4>Q6K
zgo0QVBbAn|vZduL3XiH_H0ESTk{$oHO^Jx8?T>^#-f6AoS<{K}JVy+^Ni$Ft8nUF-
z!2%&<FAOIZ3gAyRQ+RM#?s+{a9;9%`7hPQ3+h2^_C0XrZYjLe7<>Z4Y|1#AEByK_Z
zxWe-bymQH}LKEJaicumQ>d)U-WmZ~U4t<^<MhpM=HZ`x1IQA1r&{QYV0oP*W;k;P^
zU?^&0&+kEa>~>)Dq7qnTt<i(&mKiDeO})aK$gd|`$Ar*<uEc%cUD;$H!Z$eGP#b+R
zoCl96kKG-268eIlU_hp;1&$o!ln7ho4w6?$f@aW<1O)K7DcaJOVoE~{1>!hPdTza>
zy~9c{x=hVk5DgOcY-FT&nT-WRpJASr1y9l9q}mRRn*OA0WiQ|hj+P2!E+K3j2Sf0v
zS@KmfQ*58uR?KA1$pm3(CFSn-@djjfJ#`&TYbS+BHX9nbW(}WL!bCUQhBdwtcoHhQ
zob%f0O$JVQ<YeTG;CCz<WsWX=Ml08nRuqiHJzz?ay99ZjzSD_n>EJca#H6a!-z0;K
zO*x<*(`8%m<K_rg;qH$5xB5T8heT!i<NgK^U0Ha(2XR-MGk;3km&!vLEv77XyY1R|
zgH*g!bk!Lc)*_g%9Usu-7foAg<T=6JXPdi{@T)xuUkO!r;p0ENs+Na0z>2x~ZUd$c
z1v_6FAvYCUk<XC#$dyRu^hU|%zse>Ait&=W2e2r{+tX$~kk@QGla?0v)Mg>V$Ci5y
zqwx~3VrZro0A<?w9F>C@PRI_IS|qP!5qqofV-hXIxjtQ-xr0j7RBW1<aF<^EPJ5-S
z08WNgdTA}3i`1Gr+RX+!q5K9sn*n&Pk4rBUO+q!?tOfQ6K%I`Zb~WIqvh}eC@@#D!
zI2s=iC#R_hRHOFw-7N=){*VYi4=Q-7e#{9(KUX(WD*Js`uD;@Adg=?VeCwX{(g|u&
zt|XU+)Jp9l?HDz9>lHOcuZV8nBMif4yY7lmwJ1C&x$D!XIYTB}bBMz@yUC@ZY?}r$
z)rdaq0RgHh?@+BLy*in^<=fFUNXeCQ?TYV3@C?|7mF+IZb&J$WmqLjnUNyrH6aW_9
z`=l8V1qx`>IPTuB%hc!$R&+V^G`#gUUh3*M-ST-+zcp>`F>_;?ExN#DSHq$Ji1(4A
zc_PEB{PKk{b6pEE?!Lo(ciFMLe21|xhnD2>M9p#P_j=X`ZA`eW6V!64v-0pKf73hm
zp0Onm*R8E4l9+xHlK3ZnR`Rr?j!)T)I?WS2pLDa!K9`h~d?FLESMj{IV_yE|eZj5H
z<)S0f*0)n1!7cZ6Y(l=V&x_r+h@*>fUg{0Q=B(}<ziy@KQt#jk=S-7hhCVgUIQFX*
z>$EZ&;AVaMfQ@ZvG0J)`h%V#d;X6-y&X+UF-ooiZujkBn+d^piuH5F8+4aStl@LSy
z{hy4mbYS6`n6=2L#s*{~rNw4q&GuuH*=7Y+CT2h(bL}B$3UkoptF{G5oh$qtS~b~M
zgbH`FhIuz$cI3Ww8I=Q4fD&+d#v8RR)6&P&U<szW_Crh$Cj&8t9w&p!HRrQ%+3rM%
z#_{7ZD3|DGgb<HwKdh;5sz=eg1wh4a#8n*}8FL`<d()_m@;75OnbwxP0>{$_)fkGC
zbp<j=wNGNFsqF{ZpnKu;=c|Iz=hAB!UXsXbL}uj$=`m^zW^>LG9=@g`sJxjgYH_#*
z;U$m!P#K#<SWJiDdT4=7m1+pDw3OVdC=TW!cH3*wbtxjJ{3ZP{=ys%)2{CWY$yj!t
z@G2#Khmrta?x%pA&#`W}Uo@9q^j@R8#CjD2$Wz50GFi&b=at5n`}@X(%Q+=v)acI_
z&F8@nSFL0NJh@07wF&eaf_ZSQLuVV|Hn!>GHGL_~&1j2{3*`1>vw|%f?39L<FV>Vy
zrg`z$i==nVuh>L$>Kc?D?xP5KR$bbiPn0T;>Ym*#9Ev56{iao;h-?vOHuGVp&TJ(Q
zn`<5-YJ2GTl1VXvcjBJJO#HnDq$`I3lADrC>EXdvgWhqK$5gO1@ACcwV9v0gy+Kq(
z{SaIt$LJhTq(}7q)H6}>cawHU=FPPP9Af#^_aVW(`#@ydRvq#pH6^7Cr_`I*h?5%W
zY3Z_IigA#|P1+#m_n!4!pN#!(EZn9lt50$uyPLl{QPT~gnWPB56FQ!L>^BubeMh%%
z%!d_RGtfW=<?DlQcpsmYv6<Ffk>LuzLpL(=%$}p{Q=`6Ed-f&PaxP_s>rWMEKkcuL
zc5o#7n=}$xT%W-k{N#38ejYj1No}j0w^+CqHJmdyOyJ~kznth_O~-^&y7{-Jma-*j
zc(F<^)Z!c$bPUzb;UI?vU_bW_J@>#R>$Q810G7fhld&pUomZl!?I>E4Se~kKq~}aD
zdOItS(tjzAq2|F_Qd*8r<3o3!2ci?UXDPnsw>iJd*2s0HO%h<jJ>(~MXJQwAf1ag5
zAEwZv3@``hu52%2QenRYA%pO1Y*z6MoZ|^yoq^C~$Ct9G9(#v{E?7skMMq3dFLkxc
z-pdyng|G}azS(JM&r$X^SE~wSh@REFs#q2s?r|eAH*RUEI3X9xe3ge<hW1r0|7O<<
zGJHx|mby_2hXsYF0iuET^0{gYOKP=N?~*-5LGsc4lCB2eIL!eEGRWFh*8wAfp`t;I
zw*B247jpQVvu+=*cIw(>XSn>5;ql9luTren>7j4wvo+mXY%L?CqIv7zVldrfclmB`
ze+{@5^Rbv&yM0+2vLs~JS{1uP<6FRe{!9P|#rz_>-sY7!hid*lbXjhxN&odtK!s77
z0IE%?%RE(6O(+@Xm&ZSKWa*HfAbc&VXst`=qX{u#ROaHHj{<man}D`ya9~n_^=|vC
zfFgObE)NPaNUDQu{-fA(=P%>rP$$ONz=5ZYT!-`3!hf5NKv?)kackdT@N?Dcqf&*}
zcE4!V%P?OwJ{t7&(z_eb(HZ<T^P%OH*pmFY1}?-hTfn{ewr$a?khy9=h29oXzjbSr
zOqJ9mqt$x9VFGZ^MzsMr{^{MMr%<>HD%7%|L$A$bXmGIIukft;puOj=MukYldjH$T
zi!AB1^_L-fR7Y8i<mu^*25bx*efgGdOd5xSKYr+=;0+j@KR1p-pSEj(-X6U^@WG5x
zfU>|xf>lZS3V))z{af7h0rCVP(!pc$XlDip){ASQAp<f$?yzcwj0@TU$ySB$te?|w
zW~lxwG`8!tt}QP9)`LI+YIy;70}_K5T`RV49xw3xa?%G{rCKrHIPT?wrWrhWztDon
zIw*;vcMb;wJG%L*vjSsPX4n9|C>YneU0K~ay;%!ty!aX>OD!cMH*G?+oAGgvJ|#oS
zOmiR!9)3f<kvdWS;_faX{srQ5yTtRHXRG6O+szb{z@}0!ivsb6LvWHu?Wfg8skxcJ
zG&S<*qo&cJ#K8B#YhHsuMi;d~Xz8QM^C(o1mMVLBFi;1#DFixPbirbxR9@nj)w>q4
zCAq@VS+;2cqnpT(z<d&M`xHWTlRA-G5AZk}2pxZl`m`3mpWqF$e*<2NU{MkdZXZY=
zR)v1plf@cvD-4UsM8AqY8v$g|q(^th@7-0Xyw`XO0YsbfM(xSx`v_sWTl6pPnmbYj
zwpm%RAR7;!PN|^9!ElfDiB<t37;s{4_eZBP#^tcvd!?jpI`56|g!>zlKvW{VJB3pm
zgO;0)9|N%40Ua(sh`%XD{xuZytoe#&fC7KJyl8GBSs)#5h4?GZ99q;n$~(LznS8d$
zyAMg=4Wt?qwG!R<@Z{a#7DLNwp+^a4(rn{py?6B=7gNjJVo>&KfK^Ikk`)YW)?y}?
z#UX3#jmeb|%b0MqMJqBl9@!s~FCo?JgTB*@H0w9rTJ=(|i1$ggzY2Muy8{%ePN#5=
z8EWDy^aV|uEZl;(3QY4|Tk&}QVp`v{qccqTIuMgBL-Ro$afkXNY<E@=^b0uI26RH_
z(y`nk;}ZUBrYocAH{A80B9CP#p18UBaB+mPUEAfyi36bL3Ar;I5;OL`$gF#EeM{0E
ziM}PF@-8dO97e)=Cafx~JZ8Ot&XPx%>Fy4L!@JU|ayL&_y!<!khy65+EnAY2k@C&2
zV*KPhl~OzF#p@_KG>ttzg&WKP(V-wG=t-et8}F_vx=iwRY53EwHhV|x_EryV=?dBG
zxuU$J2)-Ne`!nZm!&^CaKTCJc$X9OAeas;}c1!gJ>7Hn-sNCtpjptD#4)qK9hq`%i
zOXZ&8+DFU5Je+)bl-9D|G34L0LshY1yG|vwyQW)<DaVx+5ry49e3=xuaowvlhJjKu
z6GAi7ek-E%qNaB+(%a5?+5EzCVm0|lZYIrqv}>D$oVr5v7Q^epn;s&{zKjR2=b>5+
z$T#o4>HuP?kDi5-bC5OYmQSOtkzB)W_fB|pfmbpRpY3?d^vRB?d%-=z-Cq#Mj4mmp
z)BahysFXXEgdx@-9b0BKN#DT(225+mqEH}2BL4EKRYSRc6zHZ5P^-%Q1U7>WD4dB_
z<d3hhf_Z6KKetKP?~{hxiVFrwjJB{qR$5Q+%8TL|-wv2ExLCQsh>iDG`$M$aHRhf+
z_>%Tu5<d!TE=1?*7IC51OP1wBl%#W8AFYID3s72SDKUyg%rTsNQ%$sza+?Qmi9K!W
zZFKm}kEitZx&i-~Hv&1DbyfC{aAx!cSyRVke0w@Lu+_k|9jO5Bwy8&s=dzn<OemPt
zPu{f1X$1^BD|Z-g>dtIi5>p1{bhrlK_g!8Ub(-2`7`h`iHosK6RNJI&J_1Th<yOSr
z_%Z$sj@H`E0(63B+kvV}1O4<}n)S2)fg@*hfy_RuLJm%oN?2;+)qt;FPnk=HpNyX_
zM_qd$c*iR+vJ`C(O_ldMPl587Qyu_h<h0*QDAerOObDnVU;T#FE^p6yqcppMwe=xV
zsW22U#_p*mxg2Z^SVPwC&(`obQd4+D<B!QqsZS02g*(7e=Zir0Rw&w#m(GGN0{d;i
zh!a{(uLpSArGF_tue?F<;lNk@!VWDM1`j|hiDfV2!}3BobwyIoeuq-a)!J<)6-ZC}
z(PUiabPRhsut^XX>LWw3uyf4cI+dw8B<YpG&v~=K)r3-)k;&y?2!WmTwgtrbbJ3P>
zLP`%4aK2&8+(PTub7Y$q5O{BuuG!>nGid06OkLnW30mMqo5^T4kd51?;4eiY(c*-t
zD~Q|)DFw$>b%l=C-tYHpQesXu_%QzN)tLgfS#n#WGAebox)j0uD3C1GonNYsVUi!H
zl(N_&FDFXqX`UWMQb6f?Nz>HH!j0vrH#3c_TCJ^#+i)Kc#!*Qux<tEvsAPog9S{f|
z@vRXOL-F01hQ-2)%OddF!?~ZP^VvWgcqA-d7^dMIS$iu{8rcRGTXfh3jwtY~A%)Df
zk<#o0nn!%Zc0E#OUNDjIe9ng>WlE=Xmvd`5ff3u=O52teu<N%imVOEPs<Ui?orWZM
zXWjCEPP#jY15mU$aHR8k5hrkxh`wV7HfFDEc^3HL?L_69N+?U;ZaXrwz)i*PqNoI@
z6X}B9Whh%Ml<?nUZ5#QP*7PVX)Tzu$GAR8Fnc4VbR*p9-oP~a%?eC9|{9Cn^49yfu
z6wZ$O#2FXWQ%_)Up%)oVi<MLM6TJcAzQ_(-9&9m|DMgfj!_PB5s^i30ZMxjj>EXwP
zn(Z~;Dbmchi4yzPvFJewe?*4ht@YF@zB}?^_|S#u7i-;=z#4c+*iMx)pr4jn5Z?r7
zte=ShV${Lh-0Tv<(8<{?$x<E~{_3F{EQ(AvM#DDYC5a+<*>fyO`30e!-K%lSju&DK
z^7PB>hPx*cUN1<nu`s$6SV(AMO!8*JeD9gHgy=#AZ27_8flMnILKL8_7X>=43INio
z^OH8l<V|TYYs{^bRyH$xDQ1d@l5P>cMQFNWY$B(8$8Gq?!WQBP*^=575R&441O9=Q
zU!Zm?28IuzO`8^`7asv=T=MfNsdG9yF2vTlONO%k(1cn>W_9z!=lbWbvpK8CAXbZ)
zM_1Rjy}#~0d>0z}{R7J{HNw2^p2orf6gn&WVNRrU=8MTt=7-Lo-xXbQSVS$k(=MhX
z%Q(#rxAooW{A%R~^aotp6sP3RC_Kx3XdqLz{wR4jU7)P>F5Tb-iksc{t-;c7$Qs=5
zE(UmTj&^Y>fIY+j{{BY9NP%y3B67?aNT(6xyt7!!Unc?II|qgze;Xh%{5y>3m<<=Y
zbC!>rLxB<~#n|Hl*>8ON2Amw{&ODZDZfy2ru?r>-+65rc?lI{DA>4IqRU6^Y9|jJW
z>%9D|?V5owoBhU0n(tq>*!IS>FwUc0KmhviH)`f6(9ta*;wl)Zb>qf!{Nm{{S)NNV
z4QjEPCof~#Pgg+BC7>*LHSLF+$ATET)LOI?*@-E=`>gPqRtGz+S8SK#up<~-*w0HI
z`0*mGurEmWbu2F|dT*<t!s1!L=T4=0@zrfKbS#DT;i+{Dswb-%iS)j0dM>ux2G=wt
zq)tP{E);dUV-EgESRAX&w>++;)607_nn~3RB|j}b;`SO<OK10mttX_rS)U*XK9@)f
zpL5q`a}2xevdJb=RXx{G{OCY)bVuWW*T@5#Cz|I*Am;*4t~+|ZywOkFcrN|05edH^
z7T|qFua(El>R|;T2(`>nIln$R$XIeod1*#JZ-bP+=upo>3JP6~BflvU#7L!9iCtCQ
z7s9>x@en|+GG`a~E8<J7v&p0Hk|dS8ykjA4yD!?EboD(s6~;G>mErk=_sXjQ%byYf
z2XFKRODK<KVnTuS;k~$)Ms_i)*FS1)sR^Wi3r+AP$R0;EuI@Qihn#{@%LhS_xagKJ
z-(s%j>+sF}4gr;^S0eF{ojB<<11~F8RaMK33<W9w*z+hLweD)qZN$f5lTO|W?wVR4
z-rfWf)8WWG?<DINqBQqb<@qaWr;)Bw>j|69#PvA(cY&iS^=~W3+`*RIOf>51laZ0S
zGqR*iOq2^+YvToIxOpH8kW%9s_9Nol8m~sT-^_s0wMTd{<4or;c3qH>oM5MF^koNO
zf12>%I>&qTJPpgLX2zj~>Cx8HwWs;W63q={$MnK=&j8z!AF!ly^eT-j%B_~Kuqqb1
zeGqa{eAaRU+GzCt0pJ*{&Kv6{)*2HpTc5lGJ3|1hVb+tS4s79v@L>9t*G>brwr9a&
z_GO&yDWB;(20d2;-RiDl<H!rUH~oB=0d&OF8+5`$t})-fUTJ(_rFr9ddNzDa>zXC0
z_M%ciH+|i+DsO>cm4WN9JI{Dc)hZ>*ICmaG+Q&4&Z2%aS&d<#w_@?dKw;*XBYweq3
z6+P5>^3NIJGULym`0v%;4PbwJAvPFM!~C*eaJ;s_d5+b6o;8-BDZf?UO0CjPVEh$p
zW0>RvN+)qFZPV8pk`?5PVQe_jN-tecR<ge*>c`dnNm%|MraS$R6n<)4w?=L?JTC;m
zGebK&S$9=C3)kG)^VIN<XJp2<v-M9z(6!EdTC?)D%(3rkV@;bL>M{WdOjUwTJCBaP
z@TtX)y3i(d^QpuWhR!;moqA0+5y_R$pAOBoI}hBht$Be`GY!ZpzxgE9@6qPBHw|R?
z*Q5M-H<L;x1o8HJL{<rM?%*qcyqT<OCmXn)4EUeg1i+j$)lT_0p5u}30t_6>YyCc#
zBq;aT7Zc__FP9N&W}Bmi4kOfwdTEWR3$s+L73zts4y9fXTtegPH?5{=2fA}y;zjz4
zR>K*F)jGP`M%FfKr%Ii})~)F9!ZXyxo9GQ12rj$rm2s#t+8O$KVC-&jNpC@K1A=o^
zT=+mDi)wt$VBWKcUgO!NFg$CV@q>yTqxIy-rW8gx^P_dLi6Z%R#RdBadrqLN@X{C5
zRuv(s<~Sr|_4%e4im<j}C4_Ouj8qksdY~s}ODE8lRTGH?6V@)-RTR+VrvW!vvwmEO
z9K03fkbIVp^`dg8Fw4V;SKY$z884X<b)NUX>S4M*yC18Sgr}IS_oCdqrv6#R|2)b`
zJR{^~xzp+-^g@6;VqXl|u4V73n_OWR3!!_KloXw)iAjGX&4CFhS?1lY=-@kOj#qZj
zk~L+isBQl%wEFSMv|qFKQxB@c!F-u)OdWk;*7^31o};+KiR4@GM*<3m@B*{E`xL#V
zS&UnhN7mag05M#i_RATAVyDS$&G#1Eu$J2aBqSwHvn|2MV6H1QrWzrZwZ<iPxo-F0
zcOe8+hJTXH&48X`@4I|tLi|j$IP6ZK%B1Uh*L|TrC9|GS<PKKsBq=;zE0C4lmt6VG
zns@K@uWUCo2_#G+IMs8XLay3e^0S@smaTIoOA{A()nI<bpL#3Nu&-XKZ%F;Z1(G6u
zk%nhavpv^pN*9~^rFq6kv%gh*Gj5;zDmZfxv~})#urf58!kAwt3o0OeAgdp(*}}44
z{aOf-Yoef2gLJmmxcLJ0^@Tivb9Ia*WC$eM|K?<k(@t;WErqF!=~}5EA!U9%h|Ksb
z(y4=w`VoOxCDyM#@u+a%<brYr2RQi?QbUOwlEOn*!cOA&#nGhx#TSzzl`^e~boE?2
zjl@EHiFQwoIeV91o^DBRjk{!1R3mC-R3cZ`-C;<*c&}QH%jd7D_}ScdR31H{nWtA}
zysd(FSQAiJ|6$f0nPnF-RJ&f6A}xQ*)m+9`W77Ja-s<tE&@b3jIs@>RiKUM}{Nxtr
z?}<C6)^h5L3?63L7y)^lCMNT&abLG%-k;YM;V<ofWz9J*T_y~LD^fn4D8mu|Acg^6
zOp%8!XYeE*oE;=x3b~K$z#?*ZAPn-;?w8?y*Q*I??M^~&GlOINtHo*cv@{0&rtUHP
zGg5KZFHr^Gir1KNYE_Av60BFJiHUw*L>$cFgf$nEW$%<7|1i&GvezBPTKyF&@Yd33
z;OVX1@r9Ttvf<g}SJK~JhZ7Om2n~;9?PN^Ze9NuOak%d!BX6^H;jjBcH|ZrEQurpO
z7GexX`{$RhO`X;~68zAd?Q$6Re7ohFUD>9Tx%syZyrJp&Bg+YD)Q0w}zn*-Ptt!Zt
zgPq#nt%?|nnIN^gjemc5L2yI;w1EI#hQ>{-hUo;sIbkP9nLUaOpSI8@7|%Jo``5!n
zwIT|jzDfcRC~b>of1%^4cDXmswpty*pc((W@X}+yC)occC0v61zCd&utnsTMBBJ|1
z9Lj$_6M2LF^YQJL*Y5&P*MVS<|6CwCjbr)Gm&ZV;#2;P!=jZ>c4*u-ozZqqK2me3M
z{y*;Pf9<{gXWc#~^{B9$Z3cp{Y{tv~{E#zY3p{fP@{b??bKB4t00AMgam8*U3H$nI
zJ~tf4An<06G87P;?xE&CTXGH>2ZmUzinZHLB0z|iwoXn^gP$esr&|#7|LnJ{HF)dX
zV^JTF6k!=f^w>}HkP!Xl^hVU1e~hpUI`<5F=5s<lvSgodmWW1g6hiUWeGrHL$$g{h
zgsVg}lYNA0Dw=Q-$jLT{aQT$rZ{&f=?^T>`@s}r@2X072=?9Xw`G5$q|D?wRy&y2@
z>$l*ZFHQ)+$jS=fA|i~Ga2y_j`)lTYMnC>FqD3V<3-FE_gPsAW4PCnyeA>@j=-FxF
zx6W4}v?51jM7`5ps4>dZfxKS*mF8Y{{#Wz3{LC9fBGs&#lTZBS>X9oecTb=G&iU>a
zU8Y8%WWXphgL+Z`vPjSWVEe~qR7uTk;Ax3PTFKL=*){*VO!VKz1>-D<fT=3Ri95=0
z0ht7cS56;49r`<{q?DAD+u<n5BDb8$ygJt<V1rzT|Gg|9W9_niK_w+lLASX+LGtc5
z#g95@a&U{ee$Gr!7a)LbCkmY=t1oOU`;pPK5$@dP)>Z+$^DXWNwWCD~<rzz$Te><8
z%Sm7lI1o6Gblk9C?Ah3HswC7MOu`ToWBYe?2Ev}4O~{)h)h&o(ze4R8d>KLn^!@jm
z1&$h|gl7tl!VYlsFOQV^%9Kz*M&ZJEj^WLDV$3&64~$$JUvkTvoyM<wcuU&}+SLt+
z$wcKfYY{t6ywV*A-QwXSz-CCU+;;vL`U=Pk*r=`)!<hq#MgM%szB3JEC9XTFfu0XC
zfdqjkM>c}CV{4H44be?jPR<U(ol`5YmY|xUNGx3fBpu><j%J$VkuIx=1lEJYVkPmW
z2ZE?%FTZgr@U9v%#O~Q&`v+JTr&K;=GcqK!iHMC0IXj3WS($5}BlUn&KLJ!Sx?5ds
zdjq{md{_rCGzVI*c8+lpr%lXLcinoRI0UDLg(db&RwPRjRz0*UlWMTQh(&EMITqwc
zN<%BQwEGiFOnPVh%+XWj!!rN_`<t6xhmY$`w}h;Vs+JB$UV>bep_=_tce77Jo7L^v
zi^DGup0LWu%F4?1WM?FLYNN~7L7qSBa1CS^?%<CwyJS{_F-C@7@j!X6&mzX^(^*h3
zW3OuzUxxhr*t67AUN}wsH{0<BmA%A<@j+g=c{7~>+~TrhRvYndw~fT`gGB;jv#nt>
zkw%y5KU|(=VP4l~x@+SH-<D1Uju)xx;d|5yh84C#ZELNmv$c~I7^Y5n>3?4UV6(_L
zFm5ZtYr4Ug<-)}wwUza<Nlq^D*Gh->b4$3zkW7`QCRYm3N=X7>k!S`W#ftm5_xrAA
zZjWSw2wJt&7CjyK<dK-<;C=S5_~A79m<fT(vwhZ>O^A@`-pi6()V+wGt=!LY^lD0z
zlX*)Or6?YrC}P$oMGZ$Tf$f06cXy|Qn}BGRHQ|y*MweTUe~gZg0#Q&<0J}itpy&jD
z@#?*Y=0lxY(xiT2KYnDZkH&BX3d3B!+ZSWa_gvK;&Lz6Sj2MB9{oi*w<?T8~*e^V@
z0!BuSTio^+8M8?HX0Rzpv4s;?0*nmE?@H~#y&z{hxG5V&4=+z9N?$da08Y+$w1|7B
z?^sx{u9>U0;1F=@;s{mE$;#^M$uznL!f3?)CVJ|M>La;El&{7$@;ir3t)KZuqSz^N
z-+gqpFU7_421HY>CGA@aXAMvKCrBrUGGEG8F@>9xed@UB@e0^6wTLM=+J3QHS2i|+
zbVQs^WasC)Gn1&I9Fz}uf&a?L(-$b##~R2l0u{Y{N33h_@bJn|HiuAAswt+@G^BTZ
zs@gcwD!I`YEH4+LmHGMTGJ8iW3$C{tt%kY5dE%OU%pFyW%_bBaZ}-R)O>xF<CEZz#
z&2Y!=bDh8=A7i1Uc+X7TOpnc4B_C!x>-Gh$9v(`8%$0h*R_?J&cRic5r*I+c9R*h{
z24ixv+??0Pt<lo6+3(-`Y)Au)<;naXT<cWg*Pd)ivSahAaam;_;T$kqHdX(j_j@Nx
zvwLRilO-+DYw8Kt*FE{&`fnW!(Dv-TAf(|Us0kIaJkR?BfFkNQX_~HTmzN1KmV$?Y
zAnSFXQmauzeh@tRGi*h=JtAExZo0>B6K`NkBLCjvfd=`&;TJ!Cgb5HW%*ya`{3Z7O
zO8!<unoxn{&wVz&^d5j=ngi_awa$Vc)rP_W<gz;@?s^ldp4WErEP<De*d9rCSI9dS
zL<H~*fa-s94Rhp{5$p+%U+HM6byZGkl>u!5EE?AzI8k*l!sa<FU3D}q(ay8vgA2WH
z&NhEgt%79sxvud(R0(Tv4$Y^V+MU=#VAB!~0^6;9ERax^S~I?}x;M}ApwRQM{Z*jv
zlUwNNHu8+*Yjrw4e)V)!J6YfJ2OIOa157!AGzL4eW?v9oBrRGehFgF8pvYdz;89g!
zEC${eK>B%+1dQKmAjB7cZT1HgnE$F+rvanGEI^*gP)o^65R}e9f1T{;?%{<q*;h2v
zG?TEGr5`d(Y`Qt^%zYKe$ynVI-@pfOjwXo?`)(O6e2B$VZUi_pDkS7FU*v08&s@Xe
z>oyA#3Lhmkq?>dC_3_+I##xEYj0dEXzlPHkAqxApBt?~TWZjRy(RuleWiN%kUk0L;
z*9w8d8<TO!h(b^qY#}X(Gy?_Lsen+s4&Q?OMch;6ZM(z=1cdbXPejSlTOEquxiFm<
zl}%J{8+i*#{)*&4!k^b-#u$ZEg*K3(xagcexdTSnl$x9r^~u&7cEonjlR+6aSZ}5N
zUBjAG9QlWYw=)OBWBG6+tAG!M*F41T!k3u7xtp#;E(`mOfP~)kt^?6M&}btDgGV2p
z+QwI%)u=KWet2}|lxf$K{jFpI+G)%1J-E3P^c<Z^v!!&(1=McTj#qzwApmySj;4NH
zC?$u!aVfcBy`K7LCn#)K<B-R-cd-wyB~Xh_dOI^5^U`-3lDU<Vx}2_keJXY!P2=4c
z<N7q#lgrJdtlJq#ES;bJ#~BFET{sr17%QgWcjMm2_v}s&i>%i~pzQg8K(((bJW6Z|
zx(%J>7Q{4w$Y;pTo|bU@#}I?BL4f?YFUj73&Tur?vD6vc4=`CM?Csvlp~^#pdT#!F
zDvE_VV(oeMp&?dQ+}0}Fv#SL9Oi2F47uMGxxU(UJLuZ~RMoi-6Zl&E9uy1(Hth1W&
zs^1so=Q-lJ<EhwtlLnREXn%=XB>Wb9gu$(_q1W*?YBo9{B~Gi*YS|vK=BNFxq9Zwp
zmR(r!-=YK1wfc9x3JdL_t4NGZVF2l2e!Fj^QU3ItcCCwBLwUihYUPs>R$M55_VAor
z08XqSiF~6+sDKZsiB>}qV}9SQI89yrR8J`0VOTzoPgJ{2qZRPH7qOP@2U;Dn_ScIB
zR~={{b5NGOOyN6_UiD8?&CbbT_&1dlZopf6=_FGolHz;f5RqoH94Ky$HJ(WKbKieB
zx9Rtm)ye|Iu(~YH=QdL!_<kme(Z?ryO$&Csw~LrV9=xdV0{LMTGI3jyUs~(mOYJUF
zq`r7K8^W1HZpA-2n}Wm(HEy;<DPeiueE-}O6rFnS<IS%{^NVY#YConEg)A4WJd}0M
z;APyRg7Ljk1z{{2Et3BxRUAFezZ)O2@l>)&{Z?|}+wXuZ%ht>*al&v*hbTfWa(=e7
zDb4w4c?K-Po0>E2_lbKHW1}p-sEWI&Bd{TgX{8`qLTcQbRT{hG8@otVIfr<!!IYw@
z8QX-lGYEJNNc$^7V|&wD#c#qqW~4!wM1BX2-n9<U@%B)hZN_u1|6yef12{Wlz<u0E
zxm^+GXKwvk-lX9|Qw`RZSL97q;2~J=ce*;)b<0Z-<F$`=&Y5|&JKCYwo^t9Ia)<;n
zl+H<cu<K~u0ayL(PwUhMiJGnrD1oyzW5Je+af<n!+2L9!8!w9YFG<60!m$(C%|IEQ
zVnPOD|HH+aJy%RcM@;U>tU!#OtjeMvE$M58Z-&n@ev)#JaRRmpz~cT^=T2Fiz5})Z
zDE+bb?zX#5QJyO1)eoXVqn6w~qpjgR-I<w#>dMkB$%#rF3<D^Kawi2Yo3$faQw4VK
zZR@d@>r4em8k0g2Z@qec2U4KGaz|8^5mVz2Fx%m8sc#IoKKI~97vNeS+`~rSc+j9A
z`V$FZOzZ-<_<xT=P#HVTy=O@(?f7F7<aompfC}JSq42BP4>ZX+5fW1XpS1=~X~O8J
z4g53>#G)UJ6=+|J!`!HPvq{EK!0T_s)G{DQ(wvj+J@Z8|0VSu;4bj<NM9cvm^2L?+
z*%GmY+Yhn|lCn;iN2URFsnlJ0^W4uCHrXg3py{82syv_`sqT}Vto5Wjfb^t8D*+Ho
zBWeNWJ=vC|kmApf@``}yq?hK4_~UEXwE>`F`wg5LXAV$sVE4Ida)dxUkWh3SXYsIH
zTMa-h>{@?n6wPEjPjtV=l4-{b5BAZ28Nr9^g^ajT#MGMmxB6a-8{ApdM0vK;lC_J+
z>x#N$G*at-xU;;8nQK%1_t*d-+HkweVS)G<Q&RlSy&CEgbqRan8oVRr)|ET&&oj;6
zdC#R@H|8EkD&7iVR*1i4tx3UN!yg@4YSU9<wY-zc8N;FX=|np#{!)JePN^4_52zbA
zuhPg~hUhr=*PzK+iPOme`Tk(>sv9+S+G=u;_v*7_rOTm!ntTc+{0%0YibxxodFk%T
zU_iJY&R@_DIq=X6zH=fap0_l7r91=Ma($2;JHWB`r2WZzuQD5DVKVU*K#5+;{P4N=
zDXelQKt<2(@JHm1zXrE^c{!jQ8V+2z=8CKp-8dh`zBW-LNHCY{Q*>WfEEbb8<5}tG
zD;SpW;hvv2i|E#U7d&quF_XMufO!|tE%EPdM{IMcWKyM`2R626An7NnovtaE1!O6W
zms3ul2%q)rhB`+F(iM{+d5<fktiC)uR<&1sSuRID{Nqq=K-`h0y}jM`L@*3ko`2W|
z-k`rgm_KYe06aOhD*wBY{!%UfBGP}&y;FtxpDXM18}K9W^XcCy00YoeUHPAi^*^5a
z3xWCd)ZYftU$D*peZxNmNFf61=N|hV$d1-5h3WvPMZd{uum3f|2{400l$KMp$413s
zt<e-h%~O9f1@*IbcA{!)wy{l>MJZt+@$};Fe<uqlmR~r7EtmKez=A*a*pNOo(Y>Uk
zPTT%3JOKB=Y)r)#`TgBCs%HD0i-6P2Uu_$$mad~qH-G+a_ODOB+ul?fB?8)xW2b$3
z+V+p^;nTK>Y%T+DJ;sW|9;C#aOn)>PcL1s_(j1?ZxRKR}qxcSJHUYQz1;C=#Dfa*8
zuoI8t2#J3q57gqs0JNZ)F8<*Z*5EVk{HsdH_|0F?&Nd~!nedr#{`9SnLtuoN7_x)A
z`<H&Tozn7wiqDzj;IEE<{}Utt_V+0!0w3`hneu!T`Jb15nAx#=4mADirCUSkfXWL0
zQ-Tuz8@Bp|P?ap6a_i~;^Q$6*rx*YJ`y1jo{r0~ZdHc@@{&#l!zuMQ|#{KCK|EEYP
zu&P8pf2#DAS1-{a<{|-L-zV0v^{7wszrK|x=+<ce=<RK#_-l*TnqIqxAgpzABEXKz
zJt!SF-Dp(Cx)6ra>o(!lRye<OyOH3Cru#AkUb{!^MM<XXl3zpUf<g)FN{fU|P$!p|
zP8LKjH>)Nxt1_3)LbD^Vd+GT>%)&8hTQh5QFWKQBKGdmcUL@Qz1Vd@0F}2+km=w|}
z<1Po2G>Va3g$r55qSt1Aj4e3;O!Oc`ucmtG1Az*g-4nA?*f|D!KXr-dabom68p6vu
zkfSbkeLaocNKnY$&gDRAYPoU?IzYNt<D^vdvo(`=;iR;C##3FZJ2-naYa?zK>e7j|
zEsNJ$favMDy~ej4RvMCoe9&<)#QYd*|A=B6)Cp8q)sI;GvhtprGd45kqwb?(?97H|
zNa=7p2wb&x+{1ND(gz|xN$=Zg{#2Eyv!h!!8ucltZ}G@6$2}K2ojyPU1ul+^z_vll
zh2Mk(eDv=T5#`1J@QglWsz|dZ=F06`jfk#-bd1-5c<;p|GAeETsW%KEU*4D)AkEyX
z@e88b%R?Y!)V*OkFkzgeCB!Ln-Uk4(Twukk3<*{D#9l<Uh(L`{wfGI(s4kFDvJcA3
z%9=zGega|^sQa983>3IxS)X1T-95&vqbnRV`|2d!$yNI=tiOl@@<Ita^X!N5tw5EE
zeR$1bGZdT%vzZU9Pwm=U={az%vo1B>?*CbF2KHTVZB(8mo4gpj)arC0(Jc!&RTLlW
zp%1LLISP2W&nDtvdd+B&9d$%HrBklz5fNJz(qfap^X4o1=Q33s`p|gl!N`|k{K@ww
zHpiDxoefe3AC>s$GuKCZ0wvAHFCvvjLwBY2DL*7Sls<FG^$M79>p-lty{_%^$hC$b
zY;h<~iti%=80L#T!TXJa!A@Po4~>THz&pn^iyA|N+wy0KT3Z&;h@5#VEj?agXD?2(
z=<;jg<Gu4k;I12@`a`TZ$7X~}<&1fEFtM$N9yLUJOMyb<W$N}!JE&syC&}3_B`gci
z%IrjX2#}S#_PAj!Wj}dJ&zdWQ()3)Bc`eH9o=N^yMB%z7O;T*J1G+g^a%=qMX3nbG
zR49IG!h|VeuQj3Qq-EqM;Gobsm-E6BrsYdUO<N@)CDn8ewUm0T(#2!uVva=5M{(6-
z)N!{*vEC-AA1HKDo7<86(X1XD0K~5i8{(Z%gNO0Mxd~Mz^EED0i@5<ol0ZW59OkF$
z1Bz;H07ZghPyFgkBbXIQ3$sUPY7aJ!fge*rXds@=%7ckYHtZvb?R%vd!uU&(`I(s%
z442sc+<^O=I^5Y)N%|8|>EL396;MHl-S&#+)U==cL8>1pT11SmNVfsmV3xOZZ~Z%m
zm+bZgoWzp83Diz;(t})FKwKGPwjd-l=k)C>xhKmhjg#Q(Sau!rc0xwF#I*{B$spr#
z<~>owEqTjg206P$VeE*_6yZ`Bsvd8{a+J4zaKt^xfJ!Wi(!WCVSp3<BCm4(y(bHZM
zSgM&WfZ`vOEa_|8alkreV}gof5fa6Fgx2>{O6?afTCE%O;0+foW#c9U7pJr%Z>~O<
zYU?pOAuH&C8E%81xa&ptRUEcAMhQg%Rc095CB1o?g1F#Gd?^TCzWS;sN>c+rSMmem
z;LdUU4)JjI0RAdwX8HmuTUs2AJC70tW{Yy8W1rU$OIbjzrlGg)Nbnl_8L)w>mWTrJ
znE}V`Xtuoa+vE2IT_M`2TBH>5l{n|8b0D9vTkV(t)br4+i{o|f97+9timI&VD2KHG
zpy2H)tv6h7p=pn5=s~314G+}D(c#2~uBh9NT6+sK*0EwyZn&iqb|ec*S-FmWsi~*r
zg0`J39%Z6u<>vzU^Cd`bTnlr~a1i`>;DUNdEFm}Z$rF5S@es(>qmL^lOy=M#b#lz=
zMql>$eEZ@p=lJSZvR*1z_ESZima`~YT2~lMgd50|sr;Uh4EMKZ^gf|!{?^KH7oO>w
zmg@uyP@Jw|s+zzMGzmT$FkWYe0(3*Iinjf!b~knpUR|-E7o+~NrfCkJq-~nNw{(6V
zDdGg2y?2ca?IrywPPGPgLI>`*nB06mNf`BpfsPhvPUr_Xg_pVQgM-^?$4S+3)9t(h
ziQ49upZ2~5Y@h2<c1x_eY3kX8cea_DW_;{BfW7n@c6*Lpgi(`=JTj+KRE%E85-6dD
zwVN2#LI~SC9{Yg+d-}c3m(;nBCg%n+6f}jt?1V^>P>y;5U{nR?VrQb|jrV%Wx;cCH
zT&-aMZghc|;k9lW4XwE2+;T>u6B01b=oXJnOnW}jOqc@3Rp~oL#=AgWrCL7MK#_d#
z;Mbz#WsJ2b2eG|Yw^`C;=IwHT@VPuVAx*6mes@9RnZ2~ECSpa)+NOGZMth#xRQZ-9
zch-VDgWx^d+FJ7!j1gsSv)>PQook;R#T+pAATOdfd29B43$^_ii95I|#x6OX3o1>!
zn}76HzcP#umtXk74jPDWfmp-Emf3(4dHFmJwo`ZIu0U?tJ`K{m<%gR#iydWwe@@Q8
z)v?49gJR1=rbvjs2Va7)z2=J1Omy_hW4FvR*VQw6s6iX&KC|=X)xJ*L*8-J%Ns7mf
z;<@1@3JV|AA3d!}E#62{TmAe~!Y@k`kY<V&CWhg5bM;*OUsQT>lXua4`lKVfHsaHM
z`@TD`Y3?R!?__LLpu4|q2|6qLT}AhGBy0}I6V}F5=shO5NNSe_E3};qeLbps7W5a$
z;X-|}_uxI*BU_T&&x#*P+1BA52%7joGPS)(k40QMttYH20e3`1v{m8_dR>@We`(@V
zwAWprZ0;cS>)Gb6yL~rA<HnlRzUkFC1DUsrJ^JN<wSC;j5Jbs&W1X!Mlp?8JX&fs6
zEvSA${?xDx@Zby>SlTy#`eBK@$BJ>FN%#q%o;t63%akCx?>^s5PEJ+{Iu=REftJ1w
zm+m*nG>S5{$b1)dBxFIT>|w#>&!3b{xew=NoFzNZF`+(bULDGHL0Z1@P0XBiJbcHM
zj+nVERSs)!se#xbIrJxaT{r7}f;PTwqBh^Htb7t{AnTg*PdAj%l6{2pueo$uLiHjW
z5E7v(_Z$#@p5SReg)?sM&FL`<)?_05HC3*|PC(u5z%lD$_Cah;Q{5MMwWn=<7wAAY
z|72-2KI3rw8|N6-1@bB71&aw^oPRE7j}B=Id_ydXbGG+8#*+==`2Dr;Jg@I=RL+S*
z)jYNWz)NTo%LOp6S6>bGu(9I&p9u}k$-!!LXg&;BPL`%R0HFZ@wq^6&KYH1W_THMv
z(^&mHEIU-v1^hYLNMOybgDx_qy7DMPB9A2}e-n((a#kIvn9@29dc{|hoE)h^n9mW<
zD40AE$VyxK@u+~o47=U-e{lESK}~gGyEj%81e7WuL<OV<l-{EP(xjKro6>vlK|w%4
zK)QhRPUsy%Kzc8s_uhN2Avv4pdB3;JeDlqj^Vc^g!#Hs#*?VWNmA%%w@85OZSvGQ(
z*VwjGbCow~$ZVIW!o#AEYBOqlue`f3qGM?GyCgzRUDs8@>9i`+k-|pJVPjCNaPGdu
zb$&!s*t!(4rNhYp+GkCY^SV-arEqWpo_#@Z8z<$unTQYZKJk0hvvKGNjoi^G*F$ir
zLYy#oQe)#}Y<57<GogvdpLO#2cs~W*hx^^Td4U6ce!WSU5iTI3QyHRsi%+^KJCT*c
zz8!rDFT#aXgp*xvY->9DCcAj%dn%z8Mp*?y=mJ9at5E)fcf-A!h{o1Ci(mt@!0KBK
z+LKE1(Ze-rVmuRHP)9Rm@zkJy^Kd`CqM`sp$P0vGZHT(yhmRm>CEs@Rud9#4J0R#{
zNBuGnIqnGQB1vH3Jutfv=t<w1Kf_pPd%mDhFc5)sPK<bA8NAJ}7XHggD*kPfgOt{m
zYj~T&hkU8H5<@ta)7Vp5x#C-vFGxUpA&A~V9hM`!l7xcm{YEmZi;QG-g*7}YZ8@35
zdr!J^q=3sdxa7m<b%EQ<EY(*DO;hbe*3Oz?vw3kDa#U{N%-4PcoknT!61>bEQr)j6
z`^Zn!b8YQo>)AD?`CuW<pJ{~QPlJ|4LQU;A4FDk;y_}I1E<5fokceKqMFA6EL*k~-
zTg#H^<uF89sNjWq)$A_U{V8ia(F(Gger}&h!;&@O>Jk|djWiwG3KN)nhyS`3j6So0
z)IN{R>%UrC0cz1#94q)OGiUBZv+;8dCZ^0j$7Z`MZmzW2KE}b>0m05`BGXiH4UVb`
z^xl<6;)2X5Z>Jt?RBk76p_w!k=l3N0Pug|IyLADZsbsDv8JvY4Vmz!iFvJQu#zf0e
z;UVNWT{QXh$4tY0gY6kae`(Mx=v2N&9QZQuxcxP~@fXbS2TiorOJV6%Nl-v4{>Wvj
zVGakMg><C4H>&+^LQSYP3{;S@FP1I5+5Lt+Jf7FNw&ClhXQ?qmw|cc38x>4^N^gU}
zAyVFVy|pyiOce;L&YL`h1Qf6;o6^f&xK!MeBYTlh^a(J%JkDDf_ZGZ5`Pw-pqjT5D
z@+_T?#=c)!*LTux<2eU(L{!w+&r|X1H_JgXS!C+;te$Q$-AYG6F&!@*>dWJ^A!7+s
z7R$|<-yysqV5KYOkwnsH{mM8H9#>a{(2t4ei>*{yMr$D|WZvkJ#X!7YAqdKi9-zAe
z1wE@}m(Apok;#`F&H7XjWYVXuiZ}`)6aqTHWdI0dyPY?yqLmJ++qp0h6$j$9iv(va
zvG_jQ9)`Ic1_PCAzV?f@`Sn8DZ6)hMk{l+Oe)a1jRd3>9!MX-a<La#?Y<FQP&*TWO
zK1nZQH_GLUV*N~6eIkIhr%}^f`GK#tQV<zoCBzn2d`5?TFCjO5X5Xc4z(AL$h?2$a
zAMp<v{oE1&%9GR75N5fw(duU<;6Q}~TRc7w)+-F#^-v<Ozzhs7C^p|N*i}*9wC<qm
zn8@Fo4x(>+ez3_}lnYd=%dP@)a?UswXUn6d1@|IrAvH+zPrXB@eBG2VGtzG(UOAD`
zo?YS1tucmddUY-ObFsjhNd*}1JL0%9dE1-FNUCXN3X`L2p&L&Mvf-T(p!;U>0WtBq
z6<-Gltyg_X@b9ahlzNWQCRS8F<2NYwR4hoFHW>|)2`os`@=(N0uT<R)2NE+f+&a{(
zo;n;(3uuW3oh$*p_yxVKnX0+5gYoEc%c;YP$yFWkA{!`we7FX?Q7b!hG>B!`4O2sr
zzuUrlzP!{weNU+|<Z55MnP^2!HbE=$M-$lEz)#w#*AHV3aMSi{E3@iAR*(;RzCht_
zW;{*MT<x>H8Fl%iG5{2$Htp;A+M<ak&!K|w@@(JrlFbe`cmFTMjTKiq?peJVcH@sR
zImUV1QScc9r|sUuDqJ~n*Y@o+e_nqOh+ChsY}r7oAGg7yxllRV-qKgL;10Wh{>4O>
zcgcce5aI*b2e>x3sED~TP$p`O6}^tQkcK=`TzRLmxvy>WObX~aJ3hOq3n-&|P{))u
zP4<`vmmHc_^8v~^&}i)_=tF<VvG$Po^fF-5FQ!Jd5!<wWH(B@eI%T&diFPZ|`HXR=
zSJ09{iHVq|;|T#o6={f2jvz(O2L=01Frs2Kl{oUx!%)POAqoodq<~lMBpAI9XTOR5
z7e0SW$IXdNEy}U$p4jvv^Ogt}bO-=#TCZTL4PajzK+Z)DSFWskG2!PtB<w==3Q(C;
z2;d#vnn{8Ah!3vV(m@A5rg1BD+`BXzTPLp5Cv=$q`_6jx5JwmH8l}LKpASe~i<_b{
zs+xUf0Ej^guL3afPgq{ipZeWmbVQyIMJp2VCmGiVD)VKvCuvPyoo=GcM<Bl=$(KEN
zHa26Q&Y!q+o(!m#leCua1~lIe4b1HMw}#t=SVhdvJ{hXL2zvfvQ!tZqH74KenLqi#
zNjnW=84o2Y=q_~<%JX72L(Idr)26ETFs)@*WAuPoa94YUYWIQl`v3`iYdpxTRyo&q
z5XNiXXoto09N;>97)uUb6l%1rx>PUzCL)>CtC0ul6?Y0RfxZMF&TTWXK;g-^I5^dz
z3zAO10~78Ug{@J-G>8~P(gyGP1k^YX#-^{^SM{bXzF9cf^Ju=78tSkXt`1@4D||^W
zf__?ZWPIjC7M!8;=ETE6DJWffZ};HElzwsQ3ZiQ)kLrVAk0dp%betG%21Tfa&M=Sc
z2$_ooXPKEn-@cgAH=`fGGO8u)vz1Mtr4^Zu7dG>R=&T1r5E)UgkzM*c7--v_XRv(j
zF$?F`-rEPzoQj|V=5_VP6e|1?b^y0v!tOVN069BVh#nUcblspop2yLJp8ogi6zp3$
zCUY4I79O{{I&{9iYKi9=ZEQO5WAYRazA9Pb=5#LXjqFi-XLN@JZND;MTgwgomXSX{
z#q&qd*rN;Kvi~+5Qu!HRS3~qXbAU;yG5P7{XegTpy-WPXH&A?fq5Ix$a`wkQOy=;a
zOHN5Nan|$h1ArHL$A$4j-6`W6OTGuthVxkuAif!mv|)*<GzGRDK)%8T@lgkqahuBi
zpf#YGqHy%SLiiq$&i0l1(Ce_{XHEC+Fc0;qbcsf>R(D7$K)g<6P9d2*C+u456RHm)
zvV%5j{fuL)lK9V7n`n5)=;JGZZ<LtDe*ROpeMaS#Z9m&1%}DmxOL{=qL`7JEKcu}B
z<fhZjh83)i9D#)<7A;rZ!THrh@U=Q%f2q+Ot6jWL!<G*;I1~MY0C%&M>t3ESvzDsf
zxMIKIGFtF?R{yKQt#jQ=;sm{)v)3+t`^_}JAv?kj%<8osq+9u!3(rnfkU27j^wn(5
zu5}UIfk1{EnCZhuu=KGXox)gar7U2^3S%P!yxlUdcyJ}+iloUC=XNpt7H8V1;5}T%
zcLb6Wy~euA!R}Fzi-kbT3o?Sgz<N!4!opL#In0bGZT#KJra~s=B*%$I=8+f?u1e|A
zL&)~Xock5>xvbf7?Td{cg?Ag1Ns`1Vdln^vE5t$=9|q)P1M;#m4iS`Tc2<bWApRCp
zG%;)(PM_#+l%(L{v)NCjiS#IF6}Esylfrs_&njO4ZuWH<be$LO4}zrf(^?5=N;XLt
z-pYuk#lA6~znD05WPj=iE<+DKL$ERTR{uLgmwe2)ObL6WufME5vbGn3-O(HS^Lc#x
z@in8y5WkT&*NMLK^9PWKjE^rL`hI1?Cmw#tvc7K2QBeNY{UcWG%2{fUZFYrr_z!W&
z=P^2KYvN3M8g`fz<<$c2)7tq_OWDp}u+95{>lvrfdO$G&9lHqSjm3W9u^PlBF>vE}
zD?dbZ>I$F2qc-9jShn`buL7qaGEa+WVV^OQTbmnD^_eF^$vW<0p9-IBk;61RQfUHw
zY|S^Nf#mQLL<k0=><vf9QkShI9xFX-(^ATne_1IVW&QXOi>=k>Ry3)6i#lxmS2^FA
zBmv~C+g?>Jf*2+~*K1{M<ER@7Inwdbb~s@GmbN%v&Zlx%CH+u&AXc;K@=0ed5BRxk
z&GQn`vGnhYS#EKhdGKuPqZzaE^R9*?x=m!oS14ihs6j6ok5u>V!bdNY_vu`ysWlcK
z(ejI1ml|<MIq?SQf@n09cS3z|q>}^9z8D_$0}DMX9K?sb7QMFPs?H#&4p9m3NIF1B
zR7W=vb@N6&ZYhf17GC95w3>(L>5eJ7RUgl^A^_{j^wjB?w>eKG;HU9_7kXwK-yaDd
zf2Y4k4SW5oJY{b+xJ4bl9Ep(HPU7*?)oc<;hng?Dbr~xN<~;}IOoief+&kmC)qDgE
z!nfR4U{T5!Pp(Wf4}t)|0~oIzrE8LKaLy+_C^`-(d)YbpP8k5p7?_lSU+)wZjGoL;
zCr>oHUM)VQFrK*kX?&KePU*f_dh1y7pN7qIr|kXn^4@F;%ddKcqv~37EY68tKq++_
z61Mdztp>Hf>xxGWO%?_#T`Cc`A2B>T>${NK`bbt+ZuuH$9P#F`w$+9GAZ60qHOgeH
z&!ltF-)DTRE`hV^ic>CR#KGwZ1S`P(qacP;<7@<SIW83x?g60D73s^fouY}!$+ykT
zQ`|?*_oc)W<akW7e*Ubegcjn7b9;zXPNt)%8QFC~TUkao0gzn#Naukr0NM)A5q_`2
zR9a~@RpEG6pOp|g$HE8%8V9lr=+=0FDx(CeJ(9^b6fZ81Q^f)%D`c4WI<onoj}0`|
zSVamuPhqD+qx<P^xPFUdv9z*x|3-ZRs7|ME`^~G4^aQ;yvnH*oMqlqZpBYet;zk#9
zp=uR6`KYEVKHJ2q^zF;_sFk6ZJf0^jx1<BP4NksB$?F8&!puiru&Y+P@#ts{e0(BO
zh)0xsGU?C?ivRUQ8)>-o5yojGp{PiV+y-vhysp<ja;bF}q=3+2$p{#TWA&=rBTCO(
zAbA-cKw&&BjEaK|Tzg1CE8fTXL}BK>rF@T#%DEvAt|Z6qkNXcXe~%tsiT+XJra!_S
z_9oCEoZfDokV|A7uPSS2o8w;gv0v)oa;*&%XT*WniKK`iuXeBaPt~^V3r<*BWmxvs
zmG?vBk6@CwKJL@;pd5PBleB=PbLEpx;!;1sx}eDIme7p6@Npcml3zmeXQR#z9M%*!
zbj2*fY_7oTB_$5duk85vNl8K1661sQ``t0@u3LTae-?_w0j19<M(W<J_*NR-nZAa@
z=3b()cbkgZ*AkfmopwuatzNmjrqJ#8$WbxntDVMsKuUWq9ai~pbX}z>%*-G~;H7LV
zTO?pst4*9jsQNCsu&GH+!0{e6h`26Dgq;;i`buPm{rzL)c*V_{w(INh2gG5l8P}T=
zCda*2z!MEv*p@r;eOcbn7fF|9gbn2Zfd$cv^D?uIpStMr&o?rT0)W?zIGpO8_-l#Z
zq}(XrS?b3MtIG9y7nUOw<N0}`QGKXm$DV<_G79V2+aE-3P47H$2<OYP;*h>D&$hoH
z)E_*kR;8;J$MXc1EXnn%&ODA^wTQo)z3`{9t|<XA4=ttN3h-=MZMGzmScwJX#C(Jz
z@lUVq#yP7Zp~y2S?ONY|@0nV9RpHcrl_C^q)uB4;nK=(>;AW)J*)c8Fe4XE<rB%}_
zI&)k-<uh>5SrO;35ZFuO4n%{mF1}(W)OgLfj32d9xbi71omWvY7$wj&=qy`s0QCty
zqa|8DAtOdvpfL-0%*tItI$JE!1?L=z7oZNgnQ5EAJul{~-u6o^YkfWUuF7Y?0&Dz|
zntDE*n}eSBuU%O6lD%ocYi1Gjck;w)tv`&hUSm6-=SSDlViSSP<d?0cm;^tmloIo%
zZ>)8X<?i(Z;e*njH&EmVHHHO!B%)^*X36UYjLz?)){8B**Y~bb?Xc^wqi5H@TUKo?
z9|Woi|Gaeg*#MWL=EFrMS&fKZemA<~|EvH*e%UIeU3At=4}la<JOx(66(M*mx@^+Q
zxiVeax$GLd8;$R@L;|M@3N896Jnq}V;fMCA-z)gL8PR5V<*S$1)!XwbO+;A0ec-Sm
zZQxoJM1(!xk^8u34iNeCF%KcjWzkppuNM!Psa2;^slF31n1XZmC7s6W2%=T;As(Y5
z8V>c!BgDH0D-v;v%b6Eb(;#ey?bo&dK3;-d%*mgE-9}rV+LSzA`^|vWKM27e<EiT)
zUInu;sW4%V_>j2=E@pn*R*!3GDhc00MtD@&-q^^N^ium6V?v|8GiV_X#xr6T_JJg0
z?mcShg+N;Obc6P(U>AY-Pz;cK<h2notIb?)V_;>zql$y``qNpRrAQ*Fz@J<uB^p0L
z$%#CqSNQ_!`Em!)OJY(ahyTdjDd$mddF44}!s{g7dY9MSYb$QWMi%<W5Wd5H-%dB1
zH0UNWQbtr*GsKblYd5%l>9i6%9kU+XR!U4jy_0kiGuJvp{%8F?!OVft+aIU^m3vfp
zMjQp-Ry+K41)uV4Us@fJpkgcEQF-%X2Sw5>Z6c>Cnpt@$PL6?2wtcw=K?nc^CT4XU
zi$um0entSbEz@w?<Yk6XBR)NZ%x3pYq{BkK0*tx7f1AO0=?MTkc^;c}0u0w?UPj3{
zFRj>6pEZwg|9-mu94tnViFm*lk;QL@J=GGb-0Pu)o%<XIda~Xr)?B$d16dunc_Ya6
zv;@cKCjF-J&0n^b46c&v0f2DfEwT_fM}8}T*;dFdxAlk~ZvG=NiVWsH$~E4b^aNKn
z*GZ{|&OHY5+Uiv;UM(Hgb1H{jy_Jx$*>b3~W@D8M1=e?KQ?rU)x5r#1`zBUbY~-E_
zU$D!h-tDL`C`??Jbh+jH#Ft+jw+2{ki=54WeTiR7&Y>4^`1MBs$i>jlfQ|vJ7}Bw=
zSvJ$Sm0{BR$J+fT>(GHd>eW;`IpY%;&JE-f;$G~$4+tWy<A(dYuC(;ir#OFf(dbx<
zr}KTDx=0trZ^4)?Rae9pnNBR(7|-R4D#thoPx>X$5rfSJ;FcXVLf0bM94jCgFdY(~
za@717aU_^g7v$5(v(%DgBT_^~=P0*b!(3i+zq}=YuY`dU2S*$eJXdN5k`;+XTLk=B
z2-Id88*CVfY9ZuuO)&4rnCOyw4KY0Ki$%;j2|?U!5(-+oMaq2APjr55pOKGbF`JkD
zxl<ec_$KR|lG5lKL@M(W{hNNYC+!`Im;_=R=aQm7=!k2z6MlF)QRmcPA4k1UYkix%
zPV#h`bdulf)Of6gBmAZVv>uytDX+Sj20g8NNJ0*~%ZhquW@t>#tiuY%hfEWuJ92z@
zL~W>mGOBHJF8|2{;(b{u&oECubnQMVt<(Fp(&@!FIZjulK$(|lx)LAtLIdEm)HK2+
zi#0`8@Y#(}h8mThPo6Q8BCCtVoq18vM^v#jvI|<O63pMeCt{4)W=cp7IATxg4)HbF
z(8X(6iVNR;aMZIS^ulhIMgT}`bE04Iz{bvBWDp2A8+0QiiyZFZ3V6QUm^0_-pQA;r
zVwR6XWH`|wWH?R<rJ}XQK;|Cp0i*`G9hx^Kl#k6>KA;@1^@Fk{0wG$?YNN|juy^fy
zZQt%XQ(G<tAmIwJY9;5YxRFUO%%A?Se7*{G8~;X}*u78&)w0lqZl6r~PB?yI4pWkr
z*=O(I$hJO)04kv6aGznK@k6Wa$+N31kn+z3+wE5|S7Oiq*n7_6Pl_=Uxf$%*UU^=f
z1T_psIRGJ|{^${RvlsPOi;$rDa=i}F-Lze`pbx&*NkBy7NUfk=_=&fYh~@0U6FH9f
z(b_KgciOZy)l(uyy$EFu{?u5^$|B?;EU!>=OQFKz(rQ6+VA-PghX9J{{gC3|oKP>l
z>qfZ#f}z;3GkdK~qo?UuV-mHj#Ea`HQJT7|L(C=aC&nlM87g{D6KDh-SCd%Cd*=JA
zSwE48MQS@3JKEY&2jp@$U5p>L{JrHzosjS<w`=(@lNAPtK=DzJgV#&QNZB4iwb*t4
zk&D)#On4{W9|@#UTa6b>XVRZa#x|}uK1bU%wgDgaZC0fD0pEW;xeb5?4>-x93vxcw
z=Ps!nbF%B#4~iJg<S4Iau)Q8Q{V(AsO@^~DSN!e8E*)hyt!k#pS{VufDoM?iz!mn>
z>5Q`PdVfk+OCy*gvuA-~<p2Owr0J~dSF0;G?c#(UU3{n=Job!Pf!RqB4o4+~KGJnn
z9O|y{9(-zN&Fj5pZ=G`R0wJ&a=>8AJl0N9Wv>_YP+Mkn7;siw>Z1{y;`+wj=Ep03L
zx;^x+Yimq_N@(tRxkXA<a9_G~@@JHqcFWxW*Wq_SHnzIn>YYdSizJpP(<%$2YVkGm
z_5*^~`u0{qWR7>aQ*|YCnpISPm5W{btW<KbI*|tlx9^A`M6qHOebDPl^k#fN^bRk#
zgI6c&fa-7IpXPpB2cN{u68r8rV~;{YJ(AU;QT16X5b>6KW~d&z3s9QP<Ti=jd0qaI
zL&$Zv7C`Tz(}offnE{T~K)~<<|5O*oGdAc@NZx)l7wv%G3sX#a2}GrblSuj(mzinm
zn4})GWtd`NZsp>E<@QS^)&_B3Im14+%SXi~SNuxJ%e(A}Q>Jk#js)1>X|>5(<1L_M
zw=W=X-N;=Y2UMY>`Fik|zmK(o)aURlcD+WH;%F}*tfvLTa6X#l$|%dsGMBY9*}UHi
zuh1WBlc1>L8$_xQ!Uq$3($Sj0;Z{xgNW=TN3onr8?g+G?(a{uBzH~@PsNVa;mm+HH
z0SL+dg5^p=;NSSY);o4EJ2~-_fr8GV^0$Cw#}{g#z9xaDcFV|voR{qtogU7OgoQwX
z$+5$oj`-k0!{MlF?`o=B)B~J$TaG#eI5-1J6Z<azkEXPcA)YG!32Yy6D@CMd+*xPq
zs$tHPy%lt;g31y43fl-QeV(Iz>LR2YpE>hy%B~jn$c={qG}64F@{PdMGV~IN{Z{Qr
zC{DBkqze;T<8{M)8}dd9aQ7j4&NZ%DFTE+2B5}c@yp}C;bfc7Q+%*V(3+HbIma(Gb
zAY{bVQuQ1NaMw^3uy@BJoHV(Aegj?xSU85@Sc@5-(VnR@ThZ25$!MG#@I~MF^x=OI
zQ`N}-J>BU4CT?|uV*!u<FKOz(@3_f;{|{m6|2V*Zo!@_;kvAXuZ%_XdwEW*Z764@a
z|M#$xR_FH1pPB#j1m$l+82>(i>sSf>&;L|H|Hmu;MF{>MG~xg275=~Kvi=VNH4e^i
z)>tZentp!owA9kl^h8}<-R2Q^)n9vF?#;`w8=3y0hWExsTYUV~*6}}bNOvYMn3Y}B
z1AYD@y;YJ!zt%zMj|0Gh0XZ2{c~ih`J2f@+fEW8{cyx4Rcz71wuBoJyN|d)Af^f)O
z^w>Gw9Lb};rUW|eFKw}nPPoF1+R3(eg(G8&EnsAFvdU5M&KX-pwMAWc1c$2Yd9Tg}
zA+Q;+vDIhTC%U}ZrB^g+MZzw+qt_LDNShH^-3Xl>d!Lgpd_`9mdepjq;0l<!#lVKG
zp@Xr#>EU;xfjm6XXWj~oYE`bD@UV9OqZ1+C(E?p{L}`l6)MeXdUd!9GbAy>nvN$k4
z{-!KpwsobuGhixk;#tY7S3h3qmtRmo3CUR8tAA4WM9o%M$;VEi$F_G$LG8qYel`81
zMd1X0Wb@A4fZNFif-Aeh@E-QVO-VpIA#H?-?hU~Q+*&sDHcz^MF?n-p1v>$teAtsC
zkz}7;e_#+;)>|<%)2a7b0SGat8*!}&puR-7?mdhNaDE8@c!mIrr+uwEM2tPRU)rlb
zqQyoD&0yyN5loRzZk-6E^Rj&X<+N)*M?~RYK*Ix6OeuHXIvo!y5tRZYy{P+u8f2yz
zmd@LE5d;`YkDLOfv-+^liD;QNFW&dhmrb6a3LQ=Q;e~_^TQ%lOtK)OMdLsHBfExuc
z%&V)ZO|?nj5}8B$g-67~pWbNi_bb@*_a-(+?clh`NL4$<izCSJ{pdujUwtxc22MHM
z=g59F`jIwCps(TTgP8k<^Epx3ly+X1K6-8p>s7R%*iI-V&;c(JopqzbiVf<m@xOL#
z1Yv*Z+DYiB*@{pm?S;XLTpEX8w`(EF7ej3&B2xp7*0j7Aj5hxKo?b-KHk$lsc*PLN
zx`&qUqE_NsMt;Cj6ZC?%Nk_c(tDNMLu{~tx8&xECXm4&0)dU}txEVBp<Zd|siz2v%
zxBGu!cDHS`iOg>V#biLOvWO%2E>h1+VC6S1!80S)naf&aw-mtc!LDOH>YFYq)iljD
zxwqfQh@bAxm{J33XiV@EI_EAL&vzOCW5Ah+`M#h}Z@u5uT~xc3Zb^)G+KMSa$qE8E
ze$;zB-Op7MK-(V)Hvy4X>5KeX&ol3Lp%F)}Dhf&!k>0nHJr2!9fQ;9ze=lzU2-l?|
zf3^*SUy{}YzET%GgpPS9&bR>C^PEJ^m(;L7;H%A|gqZ~S&AvTV(Q`kIkv-9?3Mee+
zW2$i`ree2N#-qUk3O>evXYtAl1|OrX(MVh2Qk=7^*a{>56rkj-UD$s~_G6<dtic=<
zUF+OULdU*BP@@GM0Zq=al&@peue07GdAh97-_l(+DNsZ%CReV>1()*|`LUpr^!Q25
zrR^wI1X|8yDHU|U!Eke(s|uQ;{aGRgTsvvJ)2Cz90jbXn?cTw*V=`=z5!*$?bA)o;
z*F_JEiaE>~_5(SL3%3kM3ZY3Lvp-vE9GnE#BFA>0eEJaPJOzIeU_qxm+TIXU<WO%d
zr#a2ipxvI#<ylyo2GoZQqv7h4*OWB!$B&^0L?@|te147<=q8g|@egJ976-fR>cFj4
z@gt(xKPGaDxY*(iPMb3Khebw&g?aicVoku>wO)Wy7U0Te-LFKjAxA=$y?@?tX;U3)
z@Liu$UULE(b=)cI2EYb9_WNB%sq<T3_S2C~L_6RH4vdco6&2jWrLQo8BatSl>6qh4
zzrG<(&1aBR+f*gN+Fw)1N12!Q9AV2;)lm*-fuys4J~g=hkyS*j3WXbL@ltxMZ3F~U
zIMHlY=2yH;+ia%r?alK%Q)LB58xI%g7`zbQDGxW7)PU-{W0Q?JPQ-jP^<4zr!blCu
zTfn`b?3lUuUDt0<w8TF3W~5Hgcr>Uuv#wSN0`oecqwknUpPoSVT`gMxH9+0!wZ`E7
zN(YLM3H?-f-BG)5w!+bMUxkOm0fO9GbB&F9hCnT}Lj~q65&S{<q}X%FU@dlOrWTQG
zVU3idI2zS6h1<FvhqpV00&+Il8nayjye1-^$DTPVYgRwsSbg(Q*nk=wEHaRT#S_fT
z{aoi@b2}{kVMFn&3h98*laYx@i8%~upI-lrh5+JXHAh*1DQTXqx0bY{5xpws08G$%
zacvs+(<{{-@rUI)P-kaL$*={lnN^+%!$*iJGuwlO_EG0JKjumJ2H~W($zQQ8hNYJM
z^i(Ckm*qYM5nI%k?xPmv+h9`?uw0s`Pagpl>ag}bmE6yLPZAzg9ec(ci!T9@4Cb-5
z)l80mCLQ`m=LPB65v~}bxTU%!ZSqIwj7i|I{l52NWo3?K&YGt?iXl>~r67?g(!$Rs
z2Gu{PwxAi$>UiP0{JP-ms7Cr7Fm`KTQ<G7)iRwY(7=B`DXL~(Ofl&m^_Og{7Of#i5
zw*Fa0TBq2)y^4xmHy=_ggqWCjojUI92WobLyY7>nd2`e=MiZV#+t^SWv)DKAIRE$>
z6k2={nc`#jLXNlWpTV^$Y<Tx=J>c?c?(YrMO#njmB6jmB4N34_4Mv4O4$+Ub!qi_s
z{+T*z=TH%-{3C$eA3)*=@njA)i^fW7GEI%CC&jjT0g8O{G=1Yi$wHudEytgRr{WI^
zv*<6Y1I#Vk{8s(>wY>YVUMG-zz^kqQ(Vy{B9vAU%c#<sf7=5*(G$jVWKtn!Wz_5EA
z;4CG4@{De8ovoZ^9gyvYuXL;5y;H*T<~>wnFNKM9u;bXkR*>VK!LH!CTlv8#cnXao
z-PlV<IjVh0`yx}ezJp^VB$Eh+WJ6K@lO>;^$8N;%SU^eaMXXb2s9WH>-z+l50K$|3
zGIVNj{Hzp%RDGHV0F?ar-YIu!DK4$q#*du{lIIG305S4;qF$sm^Czo^FjQ_WM_&P$
zx>hNlr{3FLPw|iE5Vfwj@4ZrL!qOrq={9%zNeIf3UOa>fYlw@JNu+`?(LH2jHEZ>n
z_`~}RRI@2H?ew@eeYCV5Db8y(06otR!JA?dIlog-88}va{Mon))UH!_EEC_|JEX2U
z1#k^c<c^FMRa7Yj449az!}dAVRl^Fx399c&i4|4qKIY%4qm?E$I5tnqX$1=T4q5}7
ze^BXSD^rhE;mQH%Lb0BeYqVdANmG`wnT_OQ<9o?!Te{?gu&SWAELWKlIo>!k5jkD5
z7Zd$@GC(<?5EdkVuFX}z_SX=aUr?m#kqwulQ=O|i=*RX*wcA%8o|~@nMgJmvSXdIi
z0IEBCH}E_M$hcbG8k_U$Z?iJ{U6b(f@y}e1+RvH*OjqIA<$}0eU&^rNzBP4^o`msZ
z5D=966K}j&G&!}T;DpT-DI91rrWWNH9=yM?22b8hz%(k1oOI~2V!cKRq)`6eiI7~`
z=-#i2zn@&^5|i?<4-H#_OQ$X_w<B2e9|8*PEWh(uqqgIoMTEz9=8$67E(xQHy0G12
z#-GWLz2t#---_O3vQ*J`qxmoI8VS`5!pqPdCc0+4Zrt9eTgO{d{WJ-@4@AdLXEzpc
z%_Ez@WCvz4l6E*Y`L*cFizIg-y{U}IUiX&n3d~Q4n=54#LEFg{e(v4mIZX*2^;UGA
z0P<7QoC|>>t-UFQb!!N4@b;c?BF&Z6+?=hR+F83C^u!%J?oLb=OW#UXac?LhDLOqo
zd}pV9Zdln<PrI@Y3Vc|79OCr?g9AJE%(FMIX^MaPgt8(LNmwKt6XRocEOBH-gj5GC
z&yEXzf^6*P&UCJ2OuA>ZBW4?WCV0lIb1WD)W;&zZRqJWH>j$0>#$46M3Lq#zmF5d^
zVd5(1N+Rot`*#b5(>Ek}h9p~K_uMMzF2mVnN2nE4k=LqAE5RkPte5W#MA0#jip(kv
zttnRT9Ch;YZ_2X@J9i6w{}F9HfG9T+fs3YYBQ5Kfi&8D4c^Muldiz1twJ5(dgcK~S
zK7wpB92@(PB`&*Lp!S<bs_)7UqS|-drdcg6W<lI())9SB#O9HC^0*=KWLOBp*_ka6
zmWJ;P7?0(7C>jy}v32@hg~+&vkGK6qm!uVPDk(w3J331~ckL#&Aepq6F0VhvXslO-
zY`9dsSkm@teEO3~ZBQKld73}X=4WHIC#Q{-Vc&uWfKqWz>jMjb(JU<l_OkMIs|Eiq
zfYSn^?z7-uTxdJW2%!MpYtF24<lq%%nWVu1GIC22f`r`zmf&9!gwO*<XO=T%Jmd-L
z75RGzWxrL9f-%tSoHB#mrrRn0q4rqK)8|M2XIXl03!1`&>Z3348a&?U^6QUmg>S#S
zS^|^}Zy&=n5E&nbOAIVb47G+R$UmBEx+u{6F$fQkA=gPSc$?*?PLEdP5t|8ekMkhq
ziPjRW%6xC!-qvHdHT5bPN!7PtrZ?BmR(j^$Yz&UuZoDtg78kAlbV25p7H7sD)CXf|
zvR(5^K^)V)76{T(a}9qhc5q8BuOn%D9X3(jg!J?He3`Socoi+Hwg-vTb=OC5YdcJF
zhtM6p5_N_)$MrP8spXT4iOH+pChs|azc$;Dv$_=iOw^-OGi-;kQp{UyH?MGvujl-=
zA?3nbX1pbv+HB^2B9+eKT}#y$z2#kA_4jsV6rGjy$>dYm`bNdkD-*#09@N^-CO%Q+
zBMyObj>^&Y!FM;)1Hi!MAtXOG%82MJ(@jLe@_P3j7!MAPz%Z(HhwW0YYh90F3u|~h
zwkR@Y6+MbeaycSL^Jn~S{FEVRJJ!0(CK$#~I)Vj)#tU0t!hFHy@phQXK}KkwyO7<H
zUbAG~o3uJB6q$_vhqKdVt%?Jr7nG}1jXSQfhs>V)mWrfl>-(#{iA7>TJ9EZm3aa>N
z1Mf{U;_r9E^YMpn5I@s#DkKQTw4j&{b}ky!T)q(1(tkx$TnpQ{jE#y~|3pFn(XkI;
z&E|J}RaTycfmRw{-o;0Bz-WG`*;aF@@%)sZP7K91j=p}nMLgPIi+#STBvfP&nD^5j
zqIQQH>AD-V@(40*7oRo3#bAADT)tKGNScAC@LilQD>BXd{;@m00~M4yV~GO{M(ko?
z!1~lqtcj@Veqx;B4guFd9d1L7Vz=wK_8C<kC8Q;cTWj=tbo@C@j@7jP=>YfniwBUr
zs|K<w8g~HO<G_5+U3*}`DeB2Hu5399UV~RkB-SU3Byllb-}7MgvkNScrU!Qh`b-1|
zm%=yoP-0dGfimQaM2CCzO4l2*GIVLS#*YPV<{>>B*>im#f18;(-TE+6c6PyGtwvbb
z5Gm4~EF11U&8{>%_9DhPxJzJHkB2oTutu8p$5r|6=S!(DP(&I32Sepa+rW|dN7qck
zNwKx-zc|l&3s0*XE|>J!KXz#jMqP*_FWqzs`um9){crjS&VuB$MQMHZUQyqcCQzs0
z09yVD_lp7m-7(y1bX2pR=XkjWj5~t~TY>?gQ?*OMqR4ORN7s8ZlKs&Bof{61vs|BW
zu}gj1t0FD2e}n1kcbELqHW{jx#pKW(ukILdBOV4Yi^JHAbasJrw_0Z6CKs>ZMRlvm
zo}zo{p^ee6%uxECr?TW$I02qM)?UGQifE&I)*D^#oK$P;q@kY%TRKaU?^*_CE;&Jf
zVXTCQPqe{3ikSH<#WPr~fcWRHPRikXk{Z>eiiy>;UQ6IPAmz#rh`VzSU&%C^_(IE<
z>YmW;-V7JN_m?&h3Al2Q^d~Fet?kQK^;y;k%KH@+c>=}pVQpEO(<kj=wZ^VnDI=Um
zbcdVZbgFpuHf?{<$VlNp2J;v58D1H`XVWd;p|zRc@Bm1`(m!fOIg@@iW$&XCs@4bE
z9TqREXOZobduM=cH)HhUL=9;{y8n4q%6W>3ca??w%Gr6m&<i)#^bz_XJ#=#ix1V6C
zK3&&Nh)Rin7c&}vwzTT`hrw@QO5V{3vr?)0u@||8#)AWYDk$QFKds#M5&p5-+oGR&
zsO;1B5nkLCYJu(Bzny2WvX9}#y6Du9CjMRwB!``cUjzzab0i$?BN7;fHlHUz$Qs!I
z4)^A!@SVM7%IF|J&M^3e8twT}a{5p!HJ5b}OK@;lOl<OrEXlFIchxG4U_r7kNotG%
zZD)B|C@{DnCYe7Jb%;aLpj{M}RHU!=_}LG3-?`k*K0a)vl!tCF+O1{`UV^^}_-nx~
z4x`6|%`Fd5;*CCAGX_Le=Kx;lULQ8<#OiSwWQrEk0=y-zmM*2TIplDqZEaSQ<@cqZ
z^0{~oyah)20r>jPK$LUh7$eBXglN;-$|^o{LB5?heq6yV0hX#05H(29Lj<Aqnt!(h
zd3w!L5_xF)6^QzoweP22Aa*VQLndfWvHar16)CZJpt2byves2WZkaGZ51?{tLs;py
z`Vb_|VXJZDak|b|C7V)O++)ERKCZK;S@mL66+5+z7i_4Kjps1KApN%kn<JS5X&pKW
z98Ajo;>E`Nq9Vx+r@H(_eFpJ)1!a~zTItmtkUX;&5>7@zE^1sZzc$IXgDB6A<0;e2
ze5OlzO?iJU31&3lW6F=D)a`-gxR%~x(jJRa@I+~4rOEWX-EXh$adzhwLGSl3bat93
zqtCFKE>%GT#1R24bD{B6tq?Vkux*6sII2HY`K|6kOugw5<3-?_0_(z@{7sAgGd%$6
zhp{#V3HpL2o_&wnPcO-Z3<9(rK;emuFx_3b0Z*qRT!mC&>*0W5o8QU?5bqgma*BiY
zKM~RQG1O(;D$9Lgvt(xf0YmzC9f1uZA?-PrG;^Hy3pQ`ht$Hpv+9deuB9j;u;qNso
z*$qpZ_!5A;3j9p>raXE6{X~*un?Yl_BM)VF{bli!*=*M&p~Rq7+m^}J&YuPoWn*(?
zBkcg-P=0DPLVcRWddCr}OuejfVHh5P>WCqly_z3VxRk=e?pO(W18SS3`bpmjFSjvE
zb}CqPBNq_nofJWvVGdy@#j^rUVXN<GLgYviz%Vnl*C>Q(C8^kj_-8c{F#3D`7_RIE
z=FnSI#NR0By>jyxUh6nft-2A#-4}an<DBksLMk89YbauuBun9|ued(UdhV4<W{PK5
zGhMSOo3sW}2v;zwVa8H>_k1m$$KwW8e_`ZGqTeOxC3SR@cq)^i$`m;k*pQV~+C7&M
zo5U2|NhoZKX?fMDZUuC#RYF_o5*c{h8gu6Rn`U`?j=IdQq@qnMf0B=B2axZNXm_%&
zmO1EwcS*wTEDSq}1mEguu=aZj<uLEwg+Mch4^D2?)E*0!(nOGm>XnT@Yt-L964UH0
zba4Pm(9bF#raeiwbpUiw!YFpzZ}PiYt~h4zQ<wBTNLO}^N}qx+*5sm95U`3J`}OnU
z2#*`wO#4j8B;QC_Epj~EjPazPVPFHwdEwm|!=ayx%>6Vz%sgaG6(r+wET!A@GGHVn
zqoF~aC`#dcp`B$E0%j7B;gANhL3YiUSExFfDT^ngb1CkpVos}N>TxGXXP(~{BmU-%
zq}Ni-L{|0<Cd;N4YEkCws&n(Bh;+*ql)M}Ob+KFxlvcEb3|s3ZmYA!}RGw(5_b~}f
zk4i03-7HZCEsgbOX#SoO?BZ}vdFn6QPW~0@>xIvlID1yMk1;XvQwnt;Wd<$k$=a)H
z?+WGhOrIM-ha@K=Y6Be49Z}9JT#{)IH@o0<&$}#`(<B56$I}SLUaVDw9N+CW!Ra*}
zvs-aMlbP8RM%$kyuj5IIk&<<(B4?2v^HZp;Y2}%S$NS^YqCRFgEt)N^Ww<N4zh9A@
z*5@Bi25V6nfqom@CA?|L$1tEiDg4p*4}@A4M76Z{48M@aT91nXO3n?-bHKPt5Gag|
zG{P(d>a+hkM0)nN6}zK6q5&xi*?j?^Ul^|tpO|@E6}VnIyN|(H048FNk><y%H=nI1
zDuIHO-g11d{zpU*)zW$P($Lfwg$LENPJyP*_Z#~v0yAt>(^Q{Np0b?N19PLvEfz4q
zC@aEJf(WqhYvAQRbC`^SJ#w7!KM~K#q*6PNVo1ax5*X@uh0x5&@RVY@OHDP^n8Vdt
z{X)Pi5N`aCw>X`K%Y*GEjq68lxOb)3729h`(c4q_E^KqFo<kpDPzvA$N>f^R&{fo-
z9CkJCS=?803XbwiL7$=V&2=h!Co^$bKu0i@IbI2U!`e*{qSafZ`<h4V+KvvO)f5=P
zLzY@UKFd$<8If*mXMB6xo?HHEBh%6(v{UaZ+0i1lZ1Runy#>jc%~nIQR?8V{X<c`<
z(|Ja(Sr#e&@;QauQHGy~@&!nIiGF%I^4t-g+xq2Xy(a&&mv;N0=WXa61TmIaM>Fnv
zebeB619kEnjkOY?`VkG?=yOWhJevcf-|LdxRB6i~822BxPSMOO8Zh;EPuRB`fbeGQ
zd(A7W=^f(>D$qvEf^Z`^?}!bRT`M+D;sVZ6#T={cF{#xg?q@q^Du)l@M2gN*uT8H2
zlN~U605mcu?SI>}ubgfEbG#^6ZxLz>lx0D2%v+kY0aZzt2Q#~Yd+agG?l`yi48&w^
z{#`P_I18q)C3`l8<X0^)yvs9OdJE{~gy$q>HMwU*_?tF{vf3+=K}nb!f5?*5%1<W`
z=L|;@az3;2ONr$Ce%JWZg42s!b)A32-3lnq&ii}0H3{h(tLVu(<|MmUWWnhq=Zn<b
z<AkD9HJ?i_nQjM}2WDm(OYd1FOzH{nCValCq(SX3QPt)Es7<wK-mFhw!jl<`PBr`Q
z6;%!=cePsj*{cz387o4EP_5C%o#1_~@soyPMUT>zgHg+tIJdvllxgkSi;-Eofd%g$
zB#_hQI&^$gv4by&LF()mB)bi9H$pL2mlwD&lSpvQfHCC^M|JToXV$Tbg*i(mRKT6B
zko$8A=+pSAoa~x2>hQstmipim9l_qt{jfS?XFY-z3yU<U21h*BSqjovTOq4WTa^1l
zp)bw0w`pU7j&cZM&xH?5dl(34BKoXyMY7mPy6OhXl~4qv`kBX$_^^9yl(myf6mLL3
zFYog$eY;5k&SOpYMC-N$`-SHEL3VpuC6Ut!J>yCANy7(nuS)h>D20+*Btoq;W7ODW
z!_}BNRWqfOUNQrfWSLL#igD=QJ%0Y67{}^4-mTlu$8Qy<{t|z|JP`w)vUk|qo4==5
zH@@?X^fvvz_o!(i1I>0>|LoPXylqg@*{v_t3xPHt60Y)Gw#$&Vn89DMGq+HuCWY6D
z9#erOZYX8fWL%<U57?Dx`0KydJ1{`bf);BywTWd>9)J8>;dc#TlJ;O1eGk6ed8$Z4
z!o1eoTt||&lfSq2PT97(1aU|lH1H|doPb)qw6JjnNp&{;jk&j91HDxoIc9gK>tat+
zB>vvUHJbX|-G~415ri21Y-eL@W!H|BCRLZS`%jU`dxhJn4Y1R=wI15rN8tW<>d@Aj
zna|4PuC}~*5yf#JOdr|RMXi`k8iZ#GoY5oAHG({gkB{d;(;3az1aw}xT1ujru#OD|
zHMou>`Vs(c@K<+Xc6Q{way)avT<)0Sy2jeOD{lYLR(C6CJ5+S2ly!pbTjtIP?tlxI
z>jm3Pm36|af|VpEeQlL2+gVki_w82qXU1%LiKjPc#z2@f%{ww%oExu&Bc+62h_}<M
zjgn<fdWa52Y)2{ulL7@7zF&76EVNWMV=%Ec$q>hEXYoMf1D607HdYJB*7$JHsE>Um
zDQ$@<&FBcqg%urVJI*zjLKt}`_dvq4S^#Z+m1~ZXl#JPr?*Glx)pN^Ivp95OvcNK!
zXK!M5wCnXYb0mAtk8FE1oTlnrE@r;veo*{JI$5@h*JWE%+4+oaG``r7DVY6qTe!x$
z(d>KtENhLl@2!>_sw7j~q28H0`)zd@mRobB?lbSb&4ub&^e=uMMriy>XFPf0g_U*r
zD5W}>vKn^E7la&Rg;YD2O6j|K<5kJvQO$Xadi<8#W{Z*A<Igw=Hu_}H^YGF!_H_8Q
zk>WpwzmH+(w)I;aJz!`^{BM54(!{$!#o~kMG7hs4Hfxm;4E*?#$GrfQX<eubcU}|8
ziTs<d6J_w!z?A-Xx}3ChL17_E_-7<z_be6fG^S&=?lcet7{BsNtv|Q4VBd&+Uy&E>
zow|d5-Amr(%*n;sYosEWD1jgQySF^@?-7zjTVnGLb-zxX;);9f&g}YN4-vJ}@36N+
zea=#oVWIlCwvP7@>@kSTn8L8W4#56f^OZ@J7JyMvaImxgcmN^BKHCwL7i5{KACpYK
zI^10+o%(6?o)AURNw3x=wH>&=M`LeJP;$2@NrcALn}wQe{Q{{uA^6nQDabU&ZS5G|
z2pM_xGv=OS13Z^`icD@JL^xSX<2+S?%UoqJeq>9$?8C5*@mlQndZk^@iHeP;n1z>s
zV3#6Zy+4GutAMQqOMO;?K+d7Lu46pfV|GHQ<lw6<H2wuiUqa*XUWj#na*Y#t@vTNP
zUwbfe&VeX>Xgd5Pm^g%cF(jIBinDSxf(wNly2V7!vT1f;DKC4f(-XQeZ7WR4yWc#-
zO468Qb$oshx)MD}K@f~6nL1md`6Rk_U8ooM%V}*Z=>x9NLt$T&RM&h{GS}aAmD|EG
zZHV5QE`Fc4@$okG7`I_+k^NY{Iarp;hu?oCLa$3U>vCd6&g2VT-;7wVzc&*NDLrvH
zQmwL|@vPXjcz;RYbUnP=j*&-d3NeLCKU#GiCn356nB+c1ih-?358#(BB57}3etz4z
z_lEVA`G@b<+KBg2STDKZRC3C*irw!IgfePn7Xqh-i9b|r?+||sdN$qPUDt}PIhsiy
z#8aYK>RRgylg9^|Et;CZ9VYeiQ;z~PsRR{l_5tb1zKR!E(rhA3`PO$KP+oFDX8Z}Q
zhy$CIt&47vcvF~$MYJpbWg7GO8=>;pR`v(v@8V)ijY2vlj$18j@VB&qMcVr9nRKE$
zUFxd>?C9M3Ub+1t9yW##c0LjcCX?@RYcKl>yN7WZalc{*U%6C)Z8P;d^&2`|Je}(H
zLPCAg%YlAwmw6iRjSm)EZb*H$CHaH;6i`&ZRu`Q2PV`(1A(`86yHDh!<k%siop<rq
z$C`RAME0{e9XLG0^ZKi6zpXHqqePF=bE^(mXd+?#Q#_$Gd8-Mb;O-z1>h-dr?{0`t
z_54riC$H+MM332%So7naxlSvYJk$^T(rvjK&z~p=I9}K{hmA*AR@vzLY=ai9%qjW?
zt4ffRnM0Zl7wJ<x6eQ?7gApa*bE1x%7p|LyaTlyK4<l(ZNq&R9kNSt-EWwZ=ZJo_x
z4gZ+<zh-JC;$mrT(1^@D@gJU>uX%VC85^)UHr^cZkmUY)>}5rH_!Y~{k5Ll~p<*96
z^$_o){d{p!si`oRm`9~aR|iMHsJ|OiDInG$v`3raIi-87jRopL59zPJDn%CLYfgW)
zHM|sP>N}I)3i<$KO!w;)e}sEl=?dz5GS0};oaywdv5rmGO{~LGw4Qe-^Zj-_Ry_N8
z#UAgpSeRnWa4rz<3SFMpTTt2y9d*#gjI`ZuP;Cwj$$`Ta_Nl4g;I<A-+=G==;QD_~
zs!~UUiN=0MPF%3E#uQ2Is|@i_LR@^YrIrv+ZEZWikb9MI-|p%c`uNFtY;$S4%ttX|
zU^0ryCL}T@?xkcVPH5Go@E}na6D@xb@xg_a2j!tsC7<}nN@rkJtJHM^Iyn_%W#PS0
zaJV@BI5?}X*Q09B?BZ3(t+5^3nePh64d0xe)_8uBghLbAPIt?QFe>@0X*EVwgeJ3s
zy0gq=>s~He7R)Y&Tq;gHFWId$?h+#=rMo{-2pcDg#!tms)+OtDo<Gqhlc6{oZyb+?
z{HA=iZ{~-dt|a&~itGPaFn9_oc+HoVG%O_3LMDGK=%!~3t=D?JQ0Su!Ww-3)@P?9w
z<yO2G(1~?TyEn}u6MvR5*^h$3J-_N6<ssn!L<h)3QVvV;z;`m8BVBf-hV*f5(h>Xd
zB!w?<cdd3*vRRzd(SN_{5P+*Te0T9JQ@$@oPW`xUC<s*76ZAU&PWYkpY<2v8)HfJc
zMU6x^pLvwOjSCRI8xy3`dfC}CH=CH0YvO;mpU=gGCzgj;tlfoaZy=7#6yX{QtBo)>
z-@r3*Qk|^v6uBOgwA9O$Zt}J?ekw?p7`i>@`j&Bg#5L?nV3Pa2t@lY6PZ`yCQjdsX
zfy8Djsy&<jtw0bVe<PiM3)>vz3;}n#Y(K(x`cNCez$oLn#TA4p+}t_V-Dy4J1onH>
z)?h*dP*o|xjnRpq-MDRUTgwEh!Fq$qd28fk9cQBr{mrGo8OS7m$+a>y^ve+18-z$w
zqp;~K?+1_l{)M2>n#OhYoLn1f(Y^H(nAyEHXb!8)?B}lgJQd$~b-=?DXIvT|^Kl{J
z(anC|?gfCB+U2+jD7j2~cv<Cg@3gVs=5<%L#q?L#D)i8kart@MO-9GiA`Na%%V0hb
zly)anuIYTOpJ;M5Y<2i#6>r+Su9FXt@c>!2S+X|@vk=LQHS!+)9FYbthv9iEjN()~
zVDXd1nqoY#JBt8rWq%FuAoAp{J?QENLcKdcW|)}TGbvf<DFiXTK{T?_p0&L%_fLz@
zvnz@PthRYZ5cM)b@ui9yV($kDW49mQ!$H!*rzu!i<e8PJ-k^7iYdHRkX*;G0ITv*=
z{dly@Lx-$d^-9tIKLFcqzRk_!A4|7?pW^(NF(a_y|1vi5vE&O0CDQ-)r<zOww09Fx
zP#V*J`@64tvn1MDXvd!Ifo`k?z2_nSzMk_=A83M07WBC@7}!353zPkKe*~8|vkK@!
zd%H2P{VnL6=ij67tOEk7xB7r8e+O^?!@2y+`0wF|Q#gQJwKpjYE!nLOypTfVg+AZ_
zp1ke=j=c`wUs@&pXEXZezo$lZECE!cC~69;y{U8o9AG~^?7zRgYwMrQ)!tV(L5ceU
z|FL(^k;s3xo7tEH3F5!cCI8)t<J?W^@bc}aPbB~OZZeoE=HD+>I9ClE<jcFze@~qe
z0`Rvu$6qfmZ@TLvhkvgC|AEg9)8?I0S$Kn0`8`{}-BkjEs|xjMTvoc&L|C#cEi6{!
z|Lv9k^xNm?r(YIssvQEh>y^&3GQaclw}-O(XY0Kgt%zdTb*1Ge^TAv$rXQ@x3+gc*
z4uj-7pVvamwX1B-79Vc@a&SEQ02tcwHDJJDYe|4>CvG<|^Pn_n{36Qfoh6+R!J(HA
zGy?GW2akPw{-(N#=-wR;<asHCY~S-dHIR?d_Tf*4prD{0-mvR=duOQAp47HH?fGg|
zbk_0c!<bkodjALGQqs&oY~bjy4%O4#FIRD^%iDn2=YQMldQ(`{tQTwee)BmhQek9d
z#M1?E$r?l-Uzi3uA<Ub1#TVLFx{)NX3@ce_^zd;#a0kTwaBc`usi^y(S7UggeH_R`
zKZSI9*dBW-Ku(I1e$AsKX%VpN4@Iu9V~_I^KGrG6<-O2n-p3s!K=}{?^ni!r2Eqk`
zStm(CFHKJz-2rs24th>N4TqawF7VIIZ~1)m*P7oIFDaSTbTNwH;myoGaR)U$?Qrlu
z`uOuo&MX0>FS%i!cHeIfBX4f5IlsYZE#pw73QGqZfc$P1P@9N`-x40aQLp{Cy?zJ5
zayo%5)Y5o~7au(n+xkj>H3gtwkBS$b&RqqZJAaO222$yEb2GC|9}WNg*NXFB5P6|J
z1s{^e=#r6<;llRoWOn?n5M=m&vG?9VO?Cg*sE-9j1w;`Pgea(pbZJtf(xih3NEeab
zM0!g^rKx}j(h0pv?+^k???^A9h29c+Xd$^9_4$_H^UgbW=AAot=FUBTKqfh5pL6!!
zpS{;!Ykhn^#}-Son+LkPY%Qo6rzyo%i;8cye*LC@7HVm=T<mR+scoo7OZ0)9NR24U
z=viCC7b4FcpRlTgN4fOLYa3~;_GQW!1(H6|)6<ux+s5-7^#IHgxcC=XOs8!We)xW<
zhtyogrBo9ugJkLC^Rn(hO<*bS$PXM>8ZtBPo0JBi_tf<Cj?(VtSf{yYmp`}H)O41t
zbLtY*`HN%aEfV5K@^Rle31$1mi2n8NjylBT_&TaFInuZbM38~hc7kfepV@lO&$-$h
z^CkbUX{*6(6&^xHZWe4obfSn`ufS7!OD;#JLS#jsSs8mU;Za|`R3GpKRD55~%~__%
zG1Ku;H(Y?-NF<HxfQrQWQ+u_7)i;BY@pt|1h-&AuKPTdKCtRP`ua#k~wv)fVix+Xr
zLOFt5RUZ+1i7%Upea4u#KKSWgWyg#;Hzk>MPu_6O!|&CWZF4zBHbRw0iG7YL1^5HJ
zKQT?>jIidnd*`tFtD~c0Dz@u{B1Uz|;(2@HCcj&d#@5T<rhFll+IcvNgD*~2)9<f}
zyfFh1l+D4K(98FrfvzB;@tZv#xzQ=C`Cd|toPwzt+1bUX*YN%!-K^Dl4!4bDv+n2?
zw)j=hc<h+Urc2OE*j-{vrL0`RnOQ=Uzn8QTw#Y|9SOq0tzvJ3$8DVE(nSc!{`Ho((
z(9#k4MYR6YdLQoE=lMYdlRmTf1-m00cV10Cux;uKgh2C<YdT``5zWrRkue7#Q5Q9)
zsls7?Y(^4GW8d}oqtdWoNIo^rUPVda(PC6_9CC%vqX@sR9&Q%z))~6L;0`SE8^nK5
zEDMFl-sxx=PyhT~VuC(A7XKb{8=o)NNEPq8k;xig?Ya1&<Kk8s(P#zt{YzDqSeMz7
zF9dO8ZA1qB&C2Ysk^(0^@YeKp`x!#EuGXyOD+c@OgGtH2KqY*-j(ZykbMdH2{%!+D
zRPi0#T_dgX*9_Fh>wuN-z>wQCLKknFQee_12;WUiq;{WkoV~h}Mi}5^3y2Ltlk>vI
z-_~>c4CEKunE_v>loh_TOlIrC<{(DVj?mfJ%eaK?%1Za0TUU{MqW64vn)XDYOt3r7
zGaxU;llRlvyd~`uhA)P*8+<Q#WBd+M;2B7=T6XP%)g%kZoczdWL&`&Jrep|1lDS7*
zNezRHA(;yW|9@BWX(kG29||LP=6D^IOWEqDYqJx<zVR{fOENW3f~uXjjBR;~Y-?%Q
z$*#wYm+=~))e<rTI%}EI;jb!{I99S$M+|H(b+emvL<=|JR96><zaH^!r#>BlQx*;d
zP1);riCulZkkT70)_WW#Q0Io66eT%?Pn&PGSl=b9s6eH2{z~~<7txa!UHH%akE)^a
z9^&nF8QfZ&yN#)bD?S@>%!$EYM#|M00OC8(bCLNyos1R%@geA#p1QTVqKrNecaF1u
zyt9_?k?+SSXg+2`(f!N`9+c!9>c3sm7mq1bUwE_^^9bB*PPGZQo!8;^g56tvE)G72
zVAi&7)3c8hcX>UB&U6g{D`Z-_h(Eo-?+y~Y-iN!1zUMtwVSu1V-DXg6g0FpSZ{3)6
zMY*fbQVp@4JQ`=t*L4Qh1o2{CuV75NRYX9s1^o0L9`JK>nBQx1L4U664K$iJDp$$X
zM&YJ>?r!UrJ8lO-xYtxZm0@IuK7R=ddrHc`P{vp1l?eD3Wql2q)|_1hi{>`y5Bdf2
zbiD?b7%N2ArVAiq2Cu4q=9ZgOK3fs`!FT2t@cHl9P!2T(4$V8@(GjP%wI;T1Ud2-q
z`&!i7l*9cx7<SgE7*vYAjd6r}!v&`AAmI>p6CjIQJBmXAw{iMJfAupnRM1+9<3im9
z;<s><_M(nAIS8)P+d`M1Jfb!F!Q2#X!}|7Zu)q4SiSf}dA44+s_y_ZJSL4lpXK(vc
z$3Q-#UW^}Vk=y5#4>iVbcn@4@w40GB@4Q!k&C1t!ysDP&MBtj_M=3Yc9NA~U;vX8m
z#_`kyF({k`Y3L>P1g^2Ln!y3gfcz9`)7IQFPFMa+^Z71DSu|KdpV8T#^B`ckt_QX<
z5iJZUO_YLLY1J=T8h|krXqEpe!xl)TNE!bMeZ97p>VS6E<Z_E#%n62vU_EU`g|bgB
zK{|Ytzt%Rq`RcIl+SDR<!2J?gh+Dg|9@GWzx#k)?;7i8fSN>7eP1$I__^KsjxboJm
zPh8EZ(QV|Qt5|0e5fh@cADsTc0K3B`r!>rD|2%1-mP<)fN5>Ru-(k*sP{1PNoSKR*
zz*A5RDzSdxO3?Y0FYlK>`Y&Vj-~%Atv%{gU4%*jIMeOtNpVqZ9*h7k}C_5UDZG~m9
z)stPsnFn%hzq(mY{31G}M_14HRqCOSxDMy*62iM#Zx)f!<z%-j0r0Z{?;*CbZE1mW
z`?}~S(-rr+LDnYWS99`LM7O2lKgv|c)RcbovQYgnoFl<@$nXC8x9;iRow1z{q!P_U
zE4^D6?CVRG^CgAy{MczKy@J*t$uj-p&a60Q<))xnw2PvrZ>a$;x5Ol3{zG}qDniG=
z0AcoSDa%rH$HTA_hCVZ;JhFBkbHqcO^Z+V?!`(eCziPo5A3E$;xtoN~Ajeo_$GE5Q
zGgFx~6o>O-KFGPFkCKnr*_fRy{bZs5(65zq^t&O&Y{Oo#))}_B5~$~toJw8*^7v34
zmH0}O{QszETMoNMO?n4x?LP_UT{LB%H@!o-tTrBNkZz!U*L#TZLln5oJGnY%y>E}>
z<NmQ(sNUK^$$nQ^n!`1fixycBmqG3Pl_T{G$d`uDAJ(har)?K-XtYLpd%3;E$WAJT
zTyE2nx|Tx$U3v34|5Yu8YrC~WTh+izh9%NkiUj^sz2^csmjIB{|7XP;-CmO{o8~si
zcx_QCMJ$-MJd<D6fR=d?D++N{A0J1$c(C;;s%mMiy7jh%rn&A5gKi1V;HTLkKT{Pp
zFeIJyX?uCVLxjok%1BJyix=Y~aTpBMF+J~dmK7lLq_pI{(K7X==Wr3@{cJ8yk6DYN
ze1-RMxd1%h#kl2|U9Zs0ySJ<z^-)zr1513m7<NGIdOOZF_fyR!pZ^~6EtIXXJk-`6
zHew{lp$<R~B=mF$C`U%P`Nc(rEk1hCjdM|5riHmWZx2y1sjQ7x0w>0zf^$NFOai7O
zeT#O%R~AW&-7HPaJv8XHp3?Ph!gtT9R60Xv6}`<z0F}%zsfH2qx++7JM{`3?f;iLW
zzeo?dCbQfCbA!t8wVs3^ZNB;Pt~_njK#k;13XN3-#5;+4NB-`>QcND#e+LC>dRW!^
zehhgdlO^SSgyDsPYoQ*i<N7D=ehTj?EbAUytK)b-d;6>{+!vmh&SPo5wgrFR9b<Vb
zcLAjocaM|fnEx|ojy06La+oiL*baB)Y}RYq^e_4ri{0^=46tSpPr3&m)`=bOr4w>o
zFRpTxU`%EE@6nYk)DMEI|CrxyOehbCew7=TY^LT)PaPej%b&_(U3PAc+tF_88+X04
z^sZS7I^Ngjg8kbVLEG0_HXE|kI)m)5BxHwTFKU;(*4T>SGAO>ehUNcOl{WXq?4YAX
zw_T;bfO>2XL&ku>hkWnqi&L-*i_jRVm_;lnP{!o%IOW0J-F@fNAso6mh^ESaSGe=f
zDjBN9oeqGc-07oU)Q?zg2j_G%vhk9dZ~QekIXMBbJhj#MCFX5|ZdpoLgqD;ag?OSv
zd;4fI2BUM75u)#+n!dh6u;(3m=cF5VVgzr4HBy7YhZV{b=a>E-U4k0^D{0jKh>c*}
z34ZyVY2|mahoh+Z_d%G`fByo${AFnW_b>ksoz4+hUF#Cy;Ot;tuVcdq{{KB)9u?kN
zq@p5m1&eJov;6rpj%_NM?~E6Pd&@Gp&4m2=)AWM?WFQH_wZR~v;P08VoW+qS@$VDG
z4)0YIS&+W|`w&^CRs3{foh&6pxb^Q-Z!}Lohus9Yfh<NAGY35dPO$$#bHD)n|2@mT
zLl~;ruYo+<JoT?jgELm4gV{1OGtp(6|0?9h{YVJluWhOAhLp~%g5%#v<Qvt={Ktu&
zL6=vB+KKo6$F1E0#xeS(pZ;CWf8ScerJ7RnTIj!@1SswpELOm3pgoH3?<WBcyapD~
z0VZNODf}P63P3rYLTJH@|6gJ&pj^MU-_zk=AAjZZ`1AGuPVM?<m;ZetgFid{5A^C^
zhyK5G+5fw@_^Y}6D(vr;@ayA0<fh+`_4U0*;!QWN*PPJ<!DW8|Dn{QqXxN^K%rC<|
z!UtNV>U~D$?9I)J7E}%fZ#MQn+RVww>$DP|GZ6Et22jo@14+AQw5QJzG77UWH^1*N
zmkpNjGz=$xT9HZ|rsuF|mz|ncFaoG|Il%jITelx<#1`9ev@U%0m|6}(5Rq3!tM5C^
zk8ebOr}&U%Nt$0N=I$KjWlc}XBSDMy2Ig6<58v_1MVV+2;|;3E!_?K(VQgEFEjmlP
zw6A)jdas-nFvG_4c}qQel0N3dh-Y=`K}+hp^FBx?lj6<%j@za*C3dBJJMFi+ti*{%
zow;zGe2?`X8{xW)r0T1onhES{p)-=6AWdeu6)skk|1KOmAC$YxI9Q-jV;D|+CD{=o
zg?mAlO$sIS!(UZcD@{P)Uj4+{K)68|L5S%T1F7)NUY^P-WW*7*#8fqxiYAqDZDeMf
zjn3=R=jmq-scP^{KO(*qA1`-j#^us4t5~%yP5G4B3HUVW(B*2{R=|X7zBRe654|S{
zkcKxK?u>5H(FLn)Hvvg1q9?dk!vCD?M2*+C23x(T!zyQuaH1FS*zsdzh~BSe2J{;n
z{un#iUWy%$**7ZjhjW89+mmHA>W1(!uWDcb0FV^m;L_gO%Ec*sm6i%X86ILa->sdu
z%wfjH>I<e#=O||x2PC$G^eGrX$fERe%LwY-u4{rv#uhh_f&iU>(hcTMimnmaD$(+-
zt~A{qi4kJJHi`&fmjF^#TyOgr$nedsEDWwqubQPV+U`QCBOLczw-Kwaq?UNGN`iCo
z<fGS<vs<m#Mtw&mB(!}_x=+-^RZAX1i189gOag3wj~pFsH?}^{EKl8Tqze~=Ew|RC
zizPlPPP`HF?vN%)sJG^xqU*GQQJ2+;!{9|x%Oy1NmgC&gc2`w=HY*jPx_$?8?2W<T
zGp(o^d=UbPW||MK8myp7$ly3kEYzpUx}3mCC|7f^?q9WNTS^l4f}f3O8<d8Sx-Z8+
z5&Jn7mnR;D=QddkE*`Dw`Pk&SII}V2okJ*&zH5E$wPjZ*@g1~c6J4fDFX`fR;B3@G
z*DfrA+~{F5k0A)auTXym;vP^NF57E-btvZVN7@G=0*KecJ`426mrO9nRU@jLO-147
z|2lT!Q$-XL*4qwt(38r(Q`>#_z3XB_gwx~AdCphUpO1hAhxQ55I15O+i|`HDk*S#<
zUO577n(%RPFpX5={+baB!J}<FCUlY-#C86u7es&?A)xRdUM))+R!Mm^22a$wog-F2
zR?4}TWj0DTj<Q(q3lnxn2#%Lvu_)){c~Q?i@e^mxK?~U}+sV4@R(jWxSDv6cc~`!3
z3Gl;gS4=Mj0z*=1O2f!#`f&F4R<7+732KB661uOxn>Q^Ob4*5`nb?7ktDM1g_(JAN
zHi9>MAlf0o43xi3Nxr(|elI>QV^Fp$<6#p7q~(5t_}O8#v$G$ZcaU6EVYlcEcj{j0
z!IEaiORFQH-4MZI;(iSU6joCMG83l@qNh2=H%QU8Ck~~5_(GjjFnZ(Yu_3nxMEbPM
zIejA4h%RT7?tyiyv)7=6He%ges{I13&QnvU*$G6xU`U#8(e3Cb_|MOG6RDnhiFIlm
zCP^$Sq(WlFcV&L~l1$^d<@e#Sra_|nX#9MQ>X!|TWY^^hmy!Otnj%h?4?kbXmS8pm
zWPy3ls3FGh#T(Xm*SkN}RV4JawBX#=Y?Sd5Dp!(gROuc+vrZVNR586^4)Vb|7Xf6;
ze#jJ1^ghLSeqs<Ex6M;1W9K{^Dj>ACivz&JB!2L(!G34Gu0RIC(h^^>^_lnUq1iXM
zs}`zf_P0xQKLWCg67%c5jWPKY&`n-|Il8{+mw@N0x)ceM2qommb4nXGNM4p%tQR8-
z%IXP^BOaeKu)uQUfZ_iJYEI5cO%F+}%VoXO@^Q(e`}GqrjVn)VE*$-^pz=fHmB{m!
zIjyp5L1&=Ewu6=k`YKW~GH0Pme0Q_NCf?3MDXztvc7=QTXcYjpFw<!#{qn>%-43Jf
zA-v2cf1_8(s;y&F=Ru2@MRJe_5VgR4=Vf(@+H7PqMB~T%<Fw|gE--RB*7+nGcSw{x
zk8n%F>-mZ|x1zdA`TGU*Ycj64O1NPb%JVM?X^q3*a|UV&WK3^W$4Abv4D1!)9mpHc
z-^wIe^IbM!8lR|T(@&f4AQQNyP=#q~Rk3pYv~%m00+td>mzg-1Kisufm%LYZ=Gc|b
z7+G7}adB9N{B0)q7CGY*$WB5qssrn0n%df#_SfA3Rx;Pp1Y0XdbcdtW%g|imCr-cK
zu2m3-m~W3Zju&&mRhjW|x~8@;yTb@W<iwNAKgYAJ8MJQN$m2P}HS{$OlUd{MLG`Q5
z1E7Ta?lX~Qe(nL$%Izw_*CduID1prFHes@h=M|XD>deXswc6D`dNY*pk&%_l{EMvR
zx*O85XY34gD~(~Ji(}MK(9Upige5(1{0!5Br1>&hMDO}dx>#W~{g_D$TCM(Qp|~&F
zD+na~#~r|ml{tq)FS>0%xml<;)HC|JXkMt4De!>p88PY_LLiR-Ae@lMKH0+7Z&<W=
z{!109k6?*q!FM?#Xjpfszv0}YXtGW;VY+V|(nRda-*eaau~k|%^Yad0AsVz+&GLJ`
zfW%}R+Q)LyxlG^TzNIpUEu&^ZLgM~|=QVFD{Bm8Yo>mrSy-L$u_yCeI1ky0tPH2{S
z4^P&Y!q*5}rZzsppN6`_b8M>B#ul9)IJ{d_{^`@Rq!=9=vTId`mWWm=3q+qt{9bnr
z6LrXqWH4-xpW=rXJK{z%du5H^Q5f!0=bzC46W(RIWSe+-ljCLG_R%)->NRuAgfqA=
z1>UXw>T>v7tfihU*-fb`QP3~P-uwWL-Iirb%FE66f%U2%RCRUd@!~Xe5$3VJ2yX7Y
zpW^%Zhj(0mqAe7hO!X>W3;dAOAiZBy?e0XwL=zJ+iL0JnHzBs%KIrdi&r~x`cmR+|
zDaC$DDxIyO$h3480+9AWQ#;gNINao}ICKN+GR;LY;R|>c+>D=O3hC*&r*e1N7vc?h
zIDp8;^EVL9TKw49GHp$dtlbf3pw>4*Tzi*iBRthYHa-?Iu?)-_)sWlV7fT4LKJ%(g
zsdVn8dmmfS#aEt=_Ilc@BglEIcO>6pnzqw)qp^we0%D_lxq3xS(;&~wPiZ@vg2pg_
zi*_2-vXY$C7p8J2E|<A9alB5A&%)G6WFBi-QOdbN0F#6SEpss^-JAK_ZPYQt2dkBm
zUPbt)9`O%PJ9!MPfhHE=xibn)eV(u>v1-n@>a`~jkJ72=k1@+86pv5>i%_lMC7oSN
zqZm8X<`T`VtGC!lZ8eQyJ(Qsr7F-EMl8WCi?37R!r$pA6CE3{ex!=w;bQCJ36AagN
zj3#soa_jr0m?XOk5zM<h9_5)?t*P6-rZbb{5+dBEu12e59+h>gxhg_Oa+iht*p>GH
zn|t!(&47I&_KdKw4Jz>iuOcNz`D{yj^A@r7vHB*MP>Qw5p+sMAfdq9^rCyOv-}o6u
z8}H&LwE)gLJg!7zEt3><LFK0L4i9|%IAe@3w-Wshzm2(Sg>bU}*EE{FNPP=>w`Xg~
z^BwIM1ww{K?}!k1KI*lMXQLQvsy(-(wO87>h5&GP^v=YDro;sqp=czgX?Kh<#Mjp#
zQuF{3KrfOdt2OtY@k@B@hx<3teCsvytN4>wbnx;D(*5JsT$#Ci#@|6s4x)6z?N4^x
z!^tq3E~k&^y~LfvsrESH<c%qHRk2OI<x!^=j&B?DLL$w#PPbh$#AmI&$PwliH>eoz
zR!rvXkT*0kehg-^bR`q7f`#lyobT3$TU3@0S_qs0KG6-0?x0*Q@=r*-)(Q-v<;G$n
zb3u+mgr6~hLQvYAXsqnIoF7^eU!cTOVC%~`Q8k^7>lY^6QJg7J+qti3Ua--toc>tX
zdJ^*3mbJy|4vGO*%pIHB&?*DMpy^PdmStRbEZ#R-(zMw11xB`sjwKt*vf=~KW(#rw
zhx3RxtOGiI?r-h$7>*s=G2X=(I<Q$QM36%PjpSTRXn}>XY|Yz8XG+XZ+Rj~lhe_8w
z4?po<=Rxg@cK}L4Lo9OcUV^p9h;|i4`6k75Y_XhT0*TSDid!m<bn3^ga@^|MD=<22
zJSqF`{VYE*_<`Fe8zVKXK##|15e?YuM?wJ5r#d*u3-mtPX|1W|sS`_Xp+#MR-Erkn
zukNq2Cp^-9U%me-HQ)h%7&2AhL%s{a>7!vA$e8d|mtfuj+nh0Lvc+%7xsGtRkB^Vi
zR<4DKpC`3bsXR+6siBOkcwq+fbW_$*XvViHv<n*dp1VY#p;3DorV&+Mt52(FX12j_
zi|c@$+lNAIki4^njW-R)<~*G=JRGNU`|?s`ZbVJ=myy2OR^Sk{wOf-(W08Gm{i2sc
z#MW|o=dh&ntEO9_@uTAVU&D=G*HH;r>SYckXjzQ=?hA|cK3viFz+yM#4mHOZ$C3vF
zSMjWHExsWyOjA04dD2{cQh4JC&KJVi#vjE};p{A{>sUYxX0RL~GRRc;2k=_=By1KQ
zo^_|oarnAxl^lAr>z-!i8KJzm;yNA<(Js9<$zg#)YnG40a-*3y<3?nsKx|rU^W^1E
z6<c}Rw1>#vjr$-D?Q^NS?=a~kgxd%TSNqa8l6cW;3|Ks<)CEWNnwhM2v<$^9+TU5t
z2VKy4u&%1D&P&e_W6fa{?$LATJ{GNY?D>2KIyEXy5%B^+Xi<>lHu!X?lQmG|jvJ<H
z5AD9h(H^apG+R14-+#g$kb6*>2QwvBB@+j@y16ld<MlIKBZ_U#ZcivK-Dob&VMDl7
z*-xi6R>g~GSeU_f8D#YUvBr6#fZ=FGyYa3|w?J5!4V$G*LD49yQsj(<j5f+LaPN9n
zR+h)1F0isnNCy<d8T-t{?$Iz3u8>28Bn7nl=(h=?+unhcOIoUxYi6OPd%AZ<oiB*~
zthMu4_gRpX=OL_dho(-i3+WCGoGp?h9oOuRgXl!I5lRjod35vN6JKqg&0k~r#Fb3C
z(!RS@&ZhtxEAxuoDC?`<;oSU`&QAg^A{1irs}(3*F8i!)CYjHGE{Su`iue(ZWhrB<
zKmUH=3{=D^&~pg8mMnh5{2Y}3Q_3M$up%a|)m=t~Hk)*b;o@$xPrV_7<8W7W8<Two
zKKjn1SMDzciknzDn+6X<JWN2}ns0c1B4Csaz0G*)vUCf4`tInKR^Yao7)Dl#>N9zn
z-t5(28O5`I9h<DCgw|%1CEUV)%VgAD3aUcx_paazFt|!ZTTy=tqH5QBT;H<YksC~z
z_QMJvi_-y2tkssYOXcTOhMA~CJ*Ap1w+aGN8tMU;q!gotHc9bsu2F8RH(cUJUej=%
zn-hMNbC{Z1DRUl<-Ug&|1?4dJ+Tb(uo$ekQU&Y2ya@zp8ai@W~x*y-_!sK<L8OyX1
z&=|i3=PKV1=$Fz(<zM9%?1B+UOTo3g?w6r&{Ba-DM1x~&dK9?vw!1e}^29F;?eQ{i
zM-D&#K`i9*I(s&1ZWX#H{G6{W*~#czV=VsMl`Am9`YvZUE9nmM=_)B@imL?xT^Ef8
z)qCpwU4`n=X-}HMQCTCaz7(bLb>jv*90o60CBv}pJa`Dt{Jq)%-z;%tFX8d@gV8dc
zOgXS7T&80?fIyoZ2r8~hA2wVYTi<zql4yQoeQ+NPcNBxE97^t0aAJ5ER^57t8O+o6
zUChrxU;5te8jn<pgLyX_;eP27sZeasPekjj1icCq*|F~rD4_`0lA#jpd6{E`Q=!AX
zun^Z5WQWZhf~f+@VHDOXW3~p>+)W-QEPET3(#&f40!Ja7Qh7nCiVa(mLywayD{sG2
znB_0cd;})t8#T$SfG*8zr1pU^92ab+nWJ~f)yT#i;|l>fpz>!W7O8|+nlLS~V9u}w
z-^Iw$uWWXolMGyZv70z1QTjTbRn7Hz3zG?%mL0!`0W)0G%Wqjlhwj}5$HmK$O|EHi
zE-VBdwZOD@FJrUaJvEwmxjQ(i(7Mbv5QNIZ({6K1PDRQQduLXDI`I|V6un7U+j(^-
zxrbhxWV}x)$~I;*9KZl_2EEDkftY^YZJluPRXOPgK|CA)3+YiO@=lG*2^G9YMt)5?
z9ua4W8}1Q|*aB<UPcL_{D;?^9+1MN<)}H}(lQ`lp=>*C`^lJI$gHT)2d6~^3DqN9t
zs8|CA>L|GRP)Z=e5w<Iv9pAdICfBMZ|D^hED!OJIHid63p9od1nN2>_6OVgQd!w6h
z8TnpoNcP0B@88cri~GK4Gql!mT{bCeZ(A-uXJ;1hkv6|4+fIRzNl-#<)t@mS(e?Y7
zqN40$sY~wyX-6&Q5fox>zNK1resG0t-N+w{jVu!+Z`#tcp6YQU4d*l(q*>FH5td~W
zp%ttmi1n^h-PgBxlN&)QI5|K$HAOxlVEjm1B^;4)RHU)fkRE1ZB2_1}87!PW0DwN?
z{*51Nb(EDuI#&qkXhE)_;T!uxZ+$gR<__{Zb&&%*{@X7u2H4p1unvW;)s;-CN)HWD
zc~Galq;;8A2aH_p+k-JWVI}2k3R1h&u5X?H;u3)CA-h+gkB`<N-6flHEPK1C%PxP<
zEux`@x#AXO-$RTPgZ)XI?zAw+^Xr1kvWv9vgXYj<-5A-ayukZ?-#0BG`s2K!`fV>y
z;SHX?l(5H7GSH_dQq$w*00FxDw&_^DE$|=E{Pt=({#GHShVH_}Yp~ce0UEFgp_Rir
z2R9Y~79TqyK=4PpKbZ{I$!Hz#2!3{7AwZh>qi6%jU(X<)exO|9Bxp|Ulr+QCPBGd7
z#(7v%OaAVmFaB4V;zXqjr*o6He-zFJ=(T+KpdR1{aS@@qZ7*tkmt7@>b-qg%fcnp`
z1KW1AtC=ipl59CRPLKhB5>D}U))jHun%lS_0sspa)96pD7#5Zt^phvLP3oTQqK`S(
zX^HSdg!n(N^Mz2?an{xbCuNNQ)bTTFR)Ct@e(*2#3mb#IrA>jlNzhZGlU@^<3VAl-
z)*@P517j;PyNMKia?>@(OJ!L((f~gVuo6b-iarFU2Muk!Akq{?#dR|tJ!C^au$-Bb
zcPb(4BVDQPtHqhu;w(mc@*oK1R09WNn-l%Iey$O=Bvz!Qx?7{M$gv!xiJzaWA0(ir
zQ~}d8TvcYXq87GwDku3eHAZTUn{6N!m=!<kgfKByMv;AWd3lrE2ZGzTu+4rFb?E6R
z1Zb%51PQ8W*&pk*b$-F-w9<;>m}J?_k2=d+i$yq2SRgGFVfeFDdpX>+Xe#MNS<wxi
zV?0VXalw7#Ml!yUVk`nC9?z_rfybN8M&kE`>TwSig?GcUL9VhZ{FEe%eX8$;Ih-J`
zP(b-7XQN!Olm^H;Qxo4|*MK`b3*i{gg<2}n__|Bv&n65*Yy^iiX>{ctD2OSIsb^CL
z?>7cLd=il-Bo075RKuz^TU#n;|BvgpubkoMT$U<3jbPU#U&iEfcQ5JU6jm<te0%D&
zs{V6I%ejgWUq<Os_EFPGfbg?sRbry@e&p08mv>V1FF@p-3KJUQJ&z09==3_)0fMXp
zdS5}d$!F}xswGI0#uiP_m2u)hdkE-V>|f8Hu=(*|Y48Q9p!?}y^-RQk{VL5Zl9S_Z
zck1B2z9^DqO%=OY(2Qx0%zyT%3GRtC+Zgm5nEf=o>%|yzHM$3|vXcLjrr?Uxs(wwm
z+wN>OC;JE^yMip<ry@wMOm}kpb?kY*55#$x9j@ZL;k&hUJ|``e>68$|T1`j~wM}?|
zDBp{uMlg2SXSFN`Y1$0v-M5!Y^53b*$qB?*T(3~R`HJBbk7*32ZmAC#pQW&`T(@EO
zr7X<4>zb-rrgnRM?P$r*^c^58?L#SDF5d%fd&hp)$gZR<-$oWC{OZTmO%`-hLg|T3
zMIE_xiy6Gz*i;#Bo!N+?396ip+xFnC(z$_anJbpNiPe`jbpl0pUJ7sG<IZ2Jvo*80
zd2dM!Oi@NK&fh&hYhi>LRd%~YD93<x>V8BV?MXf~Y3vgtZbNUb2ardP0r+0q>D%n?
zNLR_&oWbE~q1@fU`<3cn_Jgs1wX6bo$D@|);M+dnDB#ZOAj(t44n1%ZNIF>9D$$!n
z!=G6@o+fn8(}I)DY{;W2uZX|z+B%iD9a5lXqt_C$xMX#>66>Y{Zw#=paggBp>by62
z9xci$VG_hMqXc-*j-HC_u=yj{VIC6w%+{><B%tc_%Gyo<wv^4Zfrw!xJ{V*nKN3Jw
zLnBXR&g`xqck##(H$fPdKQB0V-PNkLZ^idsGU}m}yV1qtHtN`!v+_#q5{8WXI`zjj
zo$n%j-<k(z=XbQWvA2)&FOBw&hlGdQ!uY{j_Zow$3;)QNb((1yyH@T#m1G^1nGE5<
z^&Fi?x!PG=5a_Xn-)KCX1c7%Hg7H&qzf)MY0xveLaTj$|HwZ1WQN;u;+;^_dQF)Zy
zR#LByCOH^X<d%|edb(S1(C{iiTMU(zyPNIB)m@7ASX=zsL*wJ~v8E0SHBf6h>3Y?z
z{544u(_T+@sYy8zEQj<&ixkySXEv==MAFidwn1PUBhujRvl~`ut4Zw|<z@{~FjR=o
z9qRk&xV4k1AsXop(V75-CVXT2K_LR50*2!DFyxCTv*TuYhMjiRZWW1hpZCT3UOtDv
zlreFwB^&!u1KTUNeaU(SR!=;Af4ZQw+@!;d!SV$uGudd!WO2d{zCmRtV7ThMOTFyT
z?6&@NfX|mQFQ-4DKNAJTmlSzsWj(JXN@k_5k2FlHqr)4QMx&oM*;`dMg7qVPcbn&v
zFEu~DZVF)6D8vegG^=~Wm!v<BgNijWUL0p5EG)#{S^2s)9mMBXr`I2S>0|LFFW%xS
z5r-%1M4>O<>8@zkON5}H&QO2l_{{JwOMMgeq_&d)8KQ;N<0Kf{${4A18e8j+A$$3-
zp*qT~6v7~7Q;TUoTL&53YUtJGObU4@^SC%^$ex5WGsW?$5Eoj~`M(=?EIBc;Yh`C;
zRyYy~r})(MgLNL=eZ_Z*N~AWzz;hTM5{aXj<#kTH+pS|jeL7R9P<IJcOs1u8gQA`5
z;RT~PT&FSBd1zQ1zzy&D6+3tAD=~!9)D2<jI9H07(uD7lJe@!T_M(G%I*r@9T$chb
ztMt5XS1YQ(w)A{515PN~Zg@<h$}{gUB;57hH?gZC7kjf4UOmby?21XKZM~Zpbe{?P
zqn&y^TV?i%*k(mR%!w{8_tDC9Y@P2NdBzoC=V|p<d<@+`DUol(p#=Zxk;d5AFP-yf
z^Uj?Liqm`Qp!?*me7f(AGn5SuF-Ntn5`6XRhJ!o~b9M?@>VhX600s4dOS%u5@<biw
zGR|O^T3Gf_)Ydg2k`<?*NF_h-d54w<jL{}1;QScx(2yb9FK0gZ)E0V|0|+l=ePZ(_
zm%T6}-;Fxy5!3jg9VPRd0rzfpxwKqEw-m!MR4jnGSci3u6!r>7$*xAhbCG+Df%IR^
z6werm5mcMPC%o2faFSnM$DO^Q=sIb7%$9@tHmg~Ue%D<fW<$<jxs!yg>p2s;AoOI-
znD%T@L^lw79S+!9eax+Bk>+0%w<bICbV4%0B4@uk#-l2$yS?W6IsL?Sqbr6D5uvnW
zdqx|+gJn$QRp&_U`zPejj0Rr5C{|$_4{vMIoGm}R<{fj`Fk@3{c(XQTz%<O?_B>+`
zBzVHIGq=ITS%<Ks!fLx+Rf12`W<hXr_l@%>zBP5ad4H`=>CLDUYV=vNetw%T#59pd
z#eF6{KHA{wU{+oFaV-YGOAt@LoFV^&s5P0hlr&RA9$S@jbrBF!=F@7ts+o(7)An=b
ze0#7HYh$CNmHyToqF5dFKKXQe{MwVjw`8zBMB7?*tF}*OvcSz{Hi7D)Ye`wJ!sV>m
zd4hu&4#{f-_sy~Q?Kz`nedWA$(mPHI*%SvZoPmrcse_<89I{PbsT1YtIR-g(t-TRi
zqf?=T{2-9+m~!7`WlG<Bi&0%RWS*02PQ^lZb$RA4@g`VHG}y&-hWd{e<|q7gS)Enx
zNqgCK=stTb>S`2%v&8(XOtMGmH3@4eeSNPgw5ZECqp%JG6#uR%CI(GpG5SI9u{S<Z
z;&|=;X9kxdKx8UD+>q67m=2b}KqCNk_Tr&eoPt(kaNH#P94D$oh+UTfcxZN@CN0kf
z+~>);IA=(y5Yb)#80bY&3=_Z&^4Q@aoXA;LGSUwg0>dF$&+Ic^*tsc5@x2eP?0KYO
zsj8ZkfUP4_GcVe1>NGzQNYw&`bN+bq!&%MsVjNeh)Dm}hELF$&GslFZMG^Z;2_E74
zoAT-pa1%v9yv^h?Z5e`-iWgq1gb5jb<j7=6$s}6W<Ato)i|6_~Mhf$1Bd4myzCOBj
zk}gOoi_1XO#mH{QxkoZuKhZejZe$`pXpX@qutI6@n`IZyIzuAkbEEjka>Ti4`cB8`
zl5x^wE5p6J?jp^oWUy?pmooFDrH4UF!QEyaYh^IT9dZ2F8`v(Lecd(~!M!vwVYdd1
zvcU2)C>0Gi5f8hdFUNA2HT3mECyCg79eampCX(Q0+$C0d{&~syq!0$nYXMj8T-;Z<
zIcV9@{~5TTSxR$YOUr_O7FU^{^%o@`vF&kZ`2?h>n@bov-VvV6AS!5F<i&t&<1oo7
zv)~!BuB12f-JXaZ7!Kj?8i5CbBUW1+C{hNJFE(7qR2$Eid8EAo<c9D1Ms%goU-d<r
zxf^!0Uixvaff@HJNTtJzwg|^w!(ecZuoTZ!hL84O8aSTndvR=wG$6zTnB3Qj>5Q~=
zD!Ja?P5@TTV0}3K_yfbC&u|%`L#U|p=5t%(eRo`z#lg?(m#Tq2<@xiU%*Ljjell;)
z_ZV&oM|2Mm?>)-{3sO6jeDl+BA<1NBn|>n_OkOj*`rbCW>c53i4_Kqo>qD(x^iL56
zBChG4DqVNgHh9Hm?@R!m5YOk>4iDWjqRM>L{l_X$m&mI$T|%IkL{iBo2BCPkv;Xlo
zl_UEPUH30vPVd{~eX)xkyCV6U^7o4<LAK0Y{eM94`2Um?>ihHaP_c*p<8u>4>;!E4
zo8jRUUCr*I3f%nwk8Ny}Ihug}-hPIzN!q`AbXuC~>~$K+JD+%3WT)83{*#IFUtE;G
z4?6~U&+E&EB%Rg6qWHrjA>N;DOLI4I;o)EJU-%Qrp|HI+!|1i-%*=rQ*a0j_jy?wh
zoePIoVFbcFw8mjx*};MD-<MpF+f6KgnD{Qqk4OcTAgtAehtvL}z<#iEP}l)_f;cBs
zvo{l}B0<~*z1RN2K#uM&YTmEnB(Q>9xMV(*ADCz!-0@Yt(oKc&yPXpgHE;O{0M~zS
z;^a^op-7AQv)A`U2&#*RqhIsF>dH@R!E%4e?2mT4&Lw21Iy#x_mdaC`auKMvA`2k4
zoBv^+4$6!v^&0Yqcu~X3*$t!Ss5q-kHmFYBvwYnBR*(L1lJ|;|l2YJ*O3;3Pu72X5
zaOa`-+ZU&N&V9I|xRLntN2!;iQ^z+17^Tlp#lSNzH%MKlZ^%7?Qu;3i+tJ~dpM1DT
zb0>00lKP#J#Ha=2@DePtA<yxS<)dz9J&}79MkF_@!|W26{6CJI4U@Z|7@hF!A?7VJ
z*(r+Kd#}(E`&@*z83^KxR6#p8dYSHjQPx5=P)?PVZtP4lz;R>XL$ntzc}LRJ59Ix)
zithL4*w+pxLpdVDe$+FKDNDHDAms1)F?bKjT=);Y-5+gTxk=qAA^d{DMz`qES<BhZ
z{5PQtl;r8uYyd+gqwbdSE_L`@)qj-DDbpRHx%GPY;Xm%Qzef6>-}b$^`#<?<pe#r7
zzki%sAmPK>yZ=%Nf;}_-(s&Q~M<FOOm<b8L@9E!vEgxLQoc_oCoX9%!M_KsqJwMQ^
z{{Kb&KYXh0fI9O(M4d;ki>VKF5#~y{Ji+#l+E@7u_4O?w-9S;IJ>;+yMGX9(@A}SN
z??TL5)>Dh|Yju}AA|(k*R)-^*hX1H&(!#TIXKrifKlEqt-g4SC3Z+6X8Qr5|TxX5<
z+-Sq^pZZ572+Ok$OL+F9{>JU&1^U;=+Mq=BJh1S+V$>593?=T)=WG`Z?6dvzF!kFH
zc`QIn4E1qk{*0T20LfwGjAX&5p!SnY5U;InKM2fqzB3N}j|!@GBlUM*bLssZbI=QK
z1cOf68ttbfp}3NG0_C)<si2_X;NSpqFR=XcvUxPjcjQ$QesvlF53Gq8K{(K+8lffH
z-)dPt;%$-j^7>a8cu*EaknDb^O~_*CfQX+xx(F@i3HyiRQ9!)(cgOq2R(&+#=fm!I
zHpB(wTAlJiz753kF^1)cG5>25Pb~iders&i0tr~mF`N`eT9nDBDu77v?>&xHD*YY3
z_HPhg4OaEsai+L=Blt+6`fCHH0HFlAp;6-l0o~#Q=Z!mm|Mc_H2L>7u0K_Mjl-W*H
zkM;G{%l_*)_ea0a3xX5~4I)8}jg3}=mj5c*(Pcr{c(A3in<%&Jz8X*50=`avpE;on
z5VC#+RB(3t?InS~e|TdHAi2M{_YfC8Liy|2yMKT2pzH|6`LopqBd@|hE{G#?@UJZa
zz0VISclwrK%^}tfz8N#&xzPfw5DDwD5HH8&ft(m2yDzeTm+%cj_4l(qex~8VSr!_(
zNJ5=vyf0)%?O*3(1!&0M8>VUOJd{hn@|SA<=*yor|Gu3!Yty#A5CMURzxO^?d6ZV@
z&ju7d9cy4ABrP}&3O5?*yV{$kZ0Ggqp2bucu(Hb2tGFvFDx0@-Ac_5wlr$A^>2`FT
zvhuiRFyu&c{A)w`tR<%<C2atG01UHtLtnrQKYEUiYrF_zqueRskx^vUg+czZTm!pb
zCoIITC1+(-2FFQw&80?EUV=6MjIVlPV9>qO6zhNDH06Eaj##3|Cx`jYE`$KGq`<Ut
z-xN38_V<Il!m~ig5O$ceE~}$*1Jsh$4q`Aks#59hq0<#x<BrdC24eO}Va>m+!N3I{
z%*)0*!^~4;A3iiP7{Ad3(A(feZfBfgjJQ=UJTMz@#CrBZnrAh3)t)>VS=Ey9<9F|i
zEc2y^2cA4{zajSxqA7}m-8R#dVg~XiUQJ20h$DOqs-A&am8iJ5q~Z4T-l_L>`X%rQ
z?=5|#(_h=^c@Qe&mM^Jx6dqQ)x-7~Fj%mq1uQd(`3VD$(W>R)}=-KH;<yQa=kQo%W
ztqnf7MTq1x%N0gQf25VQ%M?JGcE+ZfAc4#71S+^ZX(~*q4M=5cnn?DOOxUeOzTJ6a
ztz;HyO6P}FFoN0JLUxBMfFw2J@aIB6FG>wtAbSD%mMw<$g;<EXG<XHrT2-$%#^7&N
zrW@+%_3X$p*^r3J7+E-@uZNp%1Zrvi+*c2tu4|ug8_Ndpt;VP*ZIBsrtXE~`TYt@H
zGPY>-6W2;ui@I4ythifGUsY9=2jQahwVW5-z(J(cJL5|cQRMOA3CsF5YOICroH$JG
zcVXTjz1Nb#$bdt?u$=<Bzk-0d?PVq<y^w^D?ErVJMTEEq*E$0d_xLNFUlom4JD!uD
zZtSPW_Edi_*1|*Gb-0IW$`)!=o5BREe-E)YF*9@7RxyNr0M7TwahONSUiWeysyi4X
z%Td-gWbC2pzC-or-2<pHZcS3?!og6c`d8cC0tZ<g<~$uB>;+ahmvAa2Tci)O0FHWg
z%LD&Xdc|y_`p~q^q%GXcZ2rAXn&IqtKJ1<EH;=}^s{K|g;NH*9$w@I<G<M|LX5`V?
zI$}ko@#Tx)GKvtx=J$;F<8{|xpF9uZfJpRYHBxx;E4!AJ1>4T8&3W!;MW%7%<}U8O
zBn|hCLx5Fxu5VxEGnLVct;Y@(^fvN%`(Z2YQA6y7s`bfXCHo;B#ncl~<Fhce)k6gu
z`{Mo1<z;dAt;p`=@fcAvL~SrkOc`~sjD_n&aOyh;8*2P+hY5q!FfhPUd)l|yxjWUM
zfK^FXieV~<mns!=<rx&OeIS2ZEK!;n(}c&0iXW)m!%Qgh%4{LKA|)gvy1nGIwJYHF
zs@fb1n}X?v+{lfJ(>~AZS9*!M0*#ze%-63P3!-bpgXz(-+koU+z8d7bIhTV+>#C}L
zufhH<0C?W<7(d+PPQlRUd1XvfXE}GbjU&?ii}sYvN6`uf4$^a<OJeOoLmH!;>gq01
zvd6=17m(cTEyHxEd5{6b4WIASrU_KsJWYIK;-54J)x>@-X32n&^o`kBM)|dCh928a
zoE?2ADtC10QzQhHOyY|ZvydM;DD{Ojh!dP|ZS*f0;<{zvb{-*x;vR9mF4*cO?rtx~
zVqE&-p5LE7k7u%buRE@js_Tiej^N!S?wk8U3&~}pCG2Bx7FfN12%tpJ3pvM<WN{aD
z0Z~D>EN%Bounkc&z-7X15ON}e{n5FD1#ZG#(_*jL@jOe_UEZdN&qfn3TEjAdDx;VA
zQQZVR#x0Tg15>G2mH3MkxE%ALk?T&JS_npV)e&}0G`!~dkJ_?v`rKP>u#FAXZ6rrz
zO>?jCODZ-imGJ5lNh*BS;`~Y`gJe40%WIfAZ}goXIyJE5+?38otLB;tF??pW2IH7q
zXV?PP89QP_DYxpn_8=F|AaFG!elad&)pDVXR)&FZAC;;Q&LrV@Ga+^H0WP;#U#G0Y
zVBXDv?&V77Xo0cpsB{ZK77_g=Yt^?RKS{-{@sl=4iuZ))>fy-AJQZeHkF5n>uO~X&
zou0Hd@y|!N94d;P_3C*SmZ{gZSz#LbKo<4bGfwFDyMNOe{BUFsbfH<u$kl4mR)?mE
ziH|?o;~<C=p>m<Om#?gl>F8LF^jYA@DtRqERGCGfUqVC0g?7}{OAmr=0*Y=%kRR(4
zOC0)MD!<aw-eWVREPLPni&sUEl(zredo=9@><uWX96^VSpPAu|`;u~*-HByL{L{*c
z7tZOYa?my5k$x3n7M5O|(UCLtm>A1=^|v^PsB=n(UCmW&+3SY8T~;axj-m)<Lp~Lk
z5I955&AEx|?Ck7Gr{+<-#wC8h+Q2bji^9<m0VIk=KSnDyYsVELcGfT~xJK%8ajDh{
zN^57Wp!=P>$@jZTN+!y1`tedh17nSz2K%>{xmQe=2W`%Xo^$z2<dDsobjEQp%l(>&
z<NXkqBNY|c76?~%F@BK~#2{E>CxgqN`_kB&F?M7d5#;w>yd5FlgpxIU_UsxXY&SF*
zV0Z+iljJ#4mL{&>!ESY5^7zgMnamlW5wkUvFe1Dk*NJX7-rtJCYfU;?f(oK|my4@F
zUO{D~I@Ew1I`yP@a(vs_P;{jO<BgGZ)C&m<i*0r{Y0a3zDV0rbFG_KIN&A+L#M@7B
z8N0|ZTc}S#3Jwl~^Iu_@NmiF?Bm%DGly*O(@0y<_{xzr~{==ZDB#wudCw6&BW1Cxd
zr<FZ#KlIN?1SHkT17Ym+im}ee+w16Frqg)HnbGvdVB`<UdZeFCCORzdJk~tR)xNo{
zl7hbcw8_Q&%&{jZwz<97*lQ$&Q1-+E(k_O!9BtAj@k*$zO`OL0Y;-(^IDR-c(_s`*
z=5)`q;6QyWwq)m{?jUtE1ka_O?zmOn9xMD!0b;-MqIBXo6Mjy2&cIm@SFjgc#X7--
zwZX+!fbmq6P#5}4p?iPy_rYr7NDSy^ZKwCru;X!y`j*ysy=@#wwz(MCx%|oEuha$9
z;uF^|R5`q})e+J0E0;^HKIZ6@m;y_b)j+oi2i($Ao`b#(`_&q#X1XbSe~zK9u^Otp
z9Bg7XfAh857<UCZi;(S5%3xZWt=63>7$^3?d3FEh>tY;TBh0|ksnCxa&-tX?^qtI(
zin~y5)&vOR)+>Xk)nA5i0Oo@-6Bg8VyWQ&?gGjlKU3I~uqg9>8(wb7E$u4l#G22Bd
zD50eZxAm#q;-R(9#@5yD8$YhhYi5f)t)zjKhYC8*3#|~dZJC#COK90zo10Zfds2gk
zP=DpvvyoRXarr<H+=@m<A!w0g(LQ>^?#;EjP4Xp%B+(UI=Av&kN$JE+T3}N(bX@#Y
zV4lB!t78toMctvr!-pZa`#tEduc%O6yT9=1g34;otbSF-GzYNjunkvtV2N^(sqVEO
zLc8GC_N5>;K*_!53p_DqpyynUbromwxzA?lw7w>^{28``5HScs#Kbo5A);g+Uwk!k
zg|2kBKVQgiaXbU5;=-1$&1WWC<uMe_An17ZZm~1GUimfEoW;@u`Bpp#5f+G2w<k4$
zxZJ%W3-vGaS`B=BJMXcoqV{kr12@Snfj-4k$aOFtNQ~+9231ERm$}P|j$3C+m?sWN
z#<?{mTV>LwIgi^+J877D0CKSLiA*&k*RefUE|Ub8#_YAO=$1L7NF|7G^yToKgJgzT
z9LfVFy)`^LH%Eq3a#?Ho<knSGuf8RW>uAM8%pN{Wq-0rpQEAwR%@n;@Q;K6Vp9f_9
z8YSiCPNa)hQt*IRz=7MXTQ;TK-DIY;{s&n*6CM-rZFg4<P9?+D-TCiteY{9i&wlq1
z35GxSFo$EFJA-xaXfxP)7pz^piQn--2p3p+O^>Z<mdkdP82fRz$e0H5YG?F7*t^pX
z4uw0Xo<MvLtTqr%sY#;Ho18XULpRN&PXQYbznq<Z6!FbM*UnL_i1zae0;8QR?xlWg
zXYf!+@X|9yYhdZ_ZC7ctEI7|HJ~tc_e*NS2)+eS*Wg5+l%F}{eQl9-KGg^}ooa-u0
zv1yg!j^E{Pv8o{Ghju0fEr;S<4t~A!c|SW1kTpUbSLpOXapfDhxf3-vbU502ul<R*
zKlgZ_i2(P~vCSOaQn&rfLDwWkbmJg7HIF3jW=AkT#N}n24jx3@zqL~GO*0pV7kOTZ
zS|*aYk9JZ;LG55$5(0Wg{aO7)!!DK2sOFqxYRVn0dD;5aF=URQd~kcy7`BsY`^Io;
zaWNW<?oU-`+P3EDBW(}&w*l8&99H$SNXUf8wwZ3=Zpt@)7@=NDCk%*~C&|RbR|)<K
zTGmT_7Q~~Qam?G4ysZ*#ZTK~|c-ZSJnl5Q^0p)abH)98^fcJm2J(zF04lFa41uD2#
z0@sqKg?gI;8CJFLrfby(4_rOA=$*ICQQ3d1GRAt91}yJ3S2{6_`jplJ($f0w`rBNC
zvj=icY;_AjNG{H06jM<)jb&T{q@P>27<0(<D<^Dr=13gJ2YokAJDsED=!-Bz<rOcD
zB>8+iK~mk4-%WIQ8tOL}oA+#;ROG@9(=gqOTkU%J`nB@CsP?Ft_LNY?biT1g-OAoL
zT##2m-q-4MQSrD>BJ|1q1JZ1qZKcIo#l`ZiPdF}|s!Cv%&%FM2bhTLtcjxTex6H3M
zVewE*Y+i1bM%(<bN6|y65URYLZw9;hJEp6ChT>g1T|3%V*q)D8-#@^=h#X8Mk3*9w
zp<xWeW)}3k2Q@|MjVrNER5e;TetY@9pVcu;QzYQ)ED3cMSJl76$eKo~^l7+?Vydl2
z%Ug)%$f76f9t`8>)|qYJzJO$A+Knp2CmP<kqI6}p2F7@)sJlqIXlge;COjO^!vf_m
zQ29RgtqrM@dVPpN^H>6Ma_n-}J5;r8KNTEWF3PvXaOE2-*|*#ask1~b{ltOXHL*e4
z^XvPi%C&AU?vuD(7qU>}X8tZr5@ji4k0?kai5>AKDZBIY5hHYvZ6f)h?Fk|^g%Yn>
z9p?`G!p@Z>wxSiB*DlI(5&lX@i=o@^&kXc7S8XuBXb`NGT1<84p>KVzjo@;<#VQrT
z5o>j(WOk@+d_J9`_&c5Ab~!IE$w*+g`xcwZ!*WtQH6!1(Ej*`2zmR`Y+5pQx_8q{X
z9E3aU>@MLSpFx*MbOe5M%sg9D5TlEh6;*GvK#1{0SlHKa<X<l%F-;jeT^V&$!!*df
z<fuH#l;}W@9T<Q8U2$=*^E;N2tAEh$>xAbc-;59oox;<~rk5{WVpzHCsNaLChOAs(
zVZLxf^HXz22R8>tYe!2_5nsjTCWog*2v>SEwsLvY0aad}QNQ`tU7+i65brQ5IZ{l1
zC&$cW*1Y|pe^g0rBx-4!)pLZs>>?9vgngDDuR>VrF-eZZw-OgizI1r3Hk9kqe0Ck*
zOOobBwkh8!Ija<UKQ$fVzH5<(Q(D-1{xlh$>n8eIp*Fm@uXv-7rSfMUY2VPZ@4&3D
z*Fet1<g3{nd)Ym4Q9NenZm+?g>7zy78K}%vm@936{>RH6Ngpq;J70s2FU?(`@`a$s
ztPY)d-@F-Ih~V<-Ckc+0mGPQ}9)yh{L&scjH8+8Y1y17nq_l>XQimER^f}Gt%K%+l
zc)JQ*W!f(Rs7#XZAq>Taqa-gl>9`;Om5Gf0WU^bp>SnjLyqkkRTY|a<QQl4L7IXHZ
z)P>?MN!~OY$sNmZ1ptPOu=jj`4qtL&b$2|kRBpie(g;F#vt%QAB6hT(jWZy-PMb*T
zK3=^GURxdT@Tg8@OhsiqDTX5{)EF9_^T@Kl8yP?S-A>-D85e>YbvZzMXB&x;^+)E2
zFMmK{{Cw@pq4FbNX;$LOBUD#a)V{9P$S-S?YY!UH)et@$?CV}Et)%*S@f3G84|MWk
z$6qcD%X!dzF%K}#Jm4+4_t2lcXvbiFk51O*>u6j9JApOGZ5K1l_XGdVc9V)!SQ5UA
zCw(1b^}SLa`t|FfTD23;*rt>akAi~ef~JD9vh8;i%`2La{t@>_r}DxSgu{`RhrmVc
z;8J<c-a<f>_Fs^+0@cL2U}|i<A35}<uv@TKZX;i6%1RNbPf_oOfu*B|!1Gi0HvU9`
zBPn#9o~wS1Ey_dq866Ib!XUn3D=RJ2W6!R8h*SG)1o-<$JW>>TY4c%hMj|_Pb}0Y<
z;_fY@qHNnXP#X~u5fv3-R0O0&N^*QeMM;%z5b3U=XH-f=L`AwmK)P#a5RmRJ=^h#e
zruH?UKI-?r@7inae|vtoSi;<M&wZV7oX1&Xb){LfEw*<a=;_5{UTiMJ4Mokbj;R+0
zb#-;EfVmSK(QVbYhE{a%9lkBBlm*d6Q;wUJQ|-J%gg0jfrHPP+<5*3Ki}j^4DVfY2
zwDG$KncCL~*8)PuvtD%573rI0YK)!I&sM1dCxi-rlD{Yt8>frq6rIPdzaR4wni!f_
zurTsiKTQGuR%%>i<6`uZs>N~t%&uUAKaY9!T;roT+`%S>)Ee|<IHU<}{`SohF(0)f
z!I|gMZ{6zSaP35E;rjsAkqxb@-QiDAx<gkl#Z*&R^;*AY$iVivy7C92wRgPY^6=Em
zH*VP0MWDq(+xkDI#}q@mr}X1R4-%wStw;}YM_Lv})o>r~bMS;zPT%Qtkw%H<Fo!Z(
zuQV|+l29a&q(JzW+f8;yON4Sl$hlv6Knzf=rso&!=fus)k6ccOu8&(}aA<9DL9d8$
zDyux1LcBGocq7DTVvCu%T1_E4d&Wt<R}9ttqW}5pgU^2%Z#g>n+gH~}S{a-*Lbusi
z()9#v#mm>+IyyQE3y*AP>%Xo~5@v3cq$IN|RSUYk8Oh4RG74W<IvvOFNe;zAhHT7i
zmxPv`G!gbsvzz%o9Zu6KuUtPsD4mHMjqT6<XwQ_GK$k1_Xh?oy<lXL43bJAO*n!>8
zDI@AjqWYitGmCQ^=GJU8U8bIZqS*V@M}$#mKOAP8L`|TU``W#8@#9&XDdL`AAgyou
zozl--;WxKpeQctK8BHtKAIdr&*|=(+G#kKsF$nWjZ0;f|W4$EX*$$uAtJ(YPf{sk{
zq+&}|(D@>NQKPpt34OOMYTtjtzQ-_a6w~rySKK+O-;p>4ml^|Q<_@0&RSbJCFbcqr
z#1IwwLP<bmf~9J#+$E{FT;!_6@kl!%;#U?Uv1M2I;0YG%9p65bb<WiOXn1&Cj?>Fc
zRPjR7Vc`X%;zxd<MJDkcJ?++5(S#^=Dh^Wfjlv)Cx<~y<Y+QfG-3;NVu(0LP9j9RX
z2^?vqFhZ~3fayxy!d#@*{3(;;wD2!<Lo+NEnaf)vua+qAl$!_nYfZa$86pp~a_a>m
zUb`VaJ-CUd_;UL(tJk1i4UVfiTPcXu?9!ftt0sl!dJT8m-sSwVe$%<TCo`gC;VQMv
zj{x;Jlu;YKioH?oM=Jz7T5NfdO<+aJYii^n-OboG?GKjOA%)FWk@jbRK}?(-NSWEq
z5W0Cc>RAm9YjyuQ)gugjuTRK+J)>>6{VMjRePOzgiJ$LyMhOBj|8N<xEtSd>tMK5E
zqS9=+ZbhEX2Hj941TOKI2Y;nct6u{p)W>NjE<8jQ8;Rh$*X&Sr!TzE9mfuV^yh5w@
z@#rk!Z3Y{>X8qgEnR09D5>ms~$g{HNpY{4fYKVS&_!VhZZXwfoa@-^FQYD;<&l*(5
zVgJB@H=GoIjNG`G2N#opr59H@W-4i7T9De*t9AnTCO0y_;-HTr0&h?T6kG7KN`}vF
z5OR3#e{_{vtnJgb$WBim;V%3dMZP##0R1kk0b^v9o~CkAGOWGYnloh5Htp#&+)d}y
z%6hD=bR`bMO5v;mwY|mjW{eR(&%(|wWP5}Adt}$rj??qZf*3oALxF9m;q7Uw?74@g
ziwQ3fqe?*>WQEYY3l3^(&Y31t2UFUqY8{SIxpQ=FF2o9#x48OW62J9kg<jjp5nsM?
z&jj|Z{l=E;to_3Ix0>9_=rKHJ#uLVa;->C|a>VOWr|FS#v5>6~UK9paRX=R*Sl#s#
zP&!@>+Lnff_9hH6l+D{)$d;F{Nsmb#%)DcE9_{sTt~s`w!SR~a|2V8}JGe7IJxwKc
zjMk#0?5<)-*4?6(bd5*Ik2I!>KH??|q|K*3x2DTKs8%`j0JJ6Fqu!wJy=Uxnt=W+Q
z*^sK0xXJ#2f2B%K>4sy;I>As@Utiy>KU=ycI;0^NtjT*UNnMzCRzjiy^XO5r+*X2N
z#Ewo5zmlDuFDw-v(ICrOJUKZjiWG_7<l7LnE5#4zEo_Xkld9SF4@1Ay$f|f4i_x=#
zsgYG|ENZIE%$R4-p6RV86n1sVw-TsNq@O)}BepX$<^{y%EI<^?u%RvE+nts_C~>0q
z3GU-5{5o>9d>QAucv>p*l`J&4<<w8g9Fzk@$}IGXThR+Ml1dNW&)a{5d&5X%q3jo*
zDdF3?9xR>~PUGneVz-m#ulwVz`l<#a9FIia1Sq{A)mi9Sf{oeFU)~o&;zv6)7@eCP
z<xnwBC!3j>$q`%G5P)OdFK(?4mCWP?3JDRX(SX<9pYHa1M5~Y;l#TD}Yfh*txNfRr
zvH#n>d-1=or>Cc*^Tg3np!kq%6iCPg6ue*h0hYj+%O5BIV<^x58~28i{VE#SAKbI|
zo8Nxi8v*q5&x!l1fByVeY0c072KV~&$G--){87eZfo|{aCja@DH;rZ0(d~V<zY<m2
zU6F+=^thj=1d67<h=465PgH&--S+;YE^h%;6a9ESSbjtX#Y4-`<361K?Vk)Uw9|N%
zAGZNAwb-8UgQNsk&m3}j`Tyz>RcaBZ=kC4!_&)!Zvi$#a+|B=oZ~K>|{J#^B0}i1Y
zNZX>^&pcP*l9Qo%*>KmccV9IW0u+?e)m;TezZcnv3=bP%c8{Ues^{nD1s%sfpK#Lv
z(%@;gvv!V`=Ft42FjZ>53s5=~%Eqbb;b1oekF>Ez4bcwM^iZ*~BzJUD=o#pxa0#0W
z%}+P0nVBu6r7?MVay;ep_czWcEfwRvdHeR)5m4I>dK?e<`66{__-k7*%{G;$Be^^C
z-6mAK+?u6Mn;tV-T?XFDnU8UxqWPvqc6_;OKr#>!oq<vzfqP*pJsCdpOQqi(73Jjo
zcZ}54t8T!DZPp`~mzHR1ic2kHmZ$FfEID_&%1q?PJ-~ff?J9Iw{Wyn6O056&*>x2a
z-(T%e#yDH8J^fmR$K$=%VooK{b~(fGMbx{yyHHaXE%>U(&H%b$oI!mWfQ}LMA_;|<
z<L<;8sUFzI<8{KCpQ@<Li7xbIP3RZbD*KK1f;C8H1C)+Xy(mmN%RBjZ8`D=ir5{QS
zadl{k%=^7f^qilmp`MXDygvu*dsdMvriC?wElcE@orSG<@UcXbXk^DBSBp!jo~U=_
zRuj`l=7W&-^+vWn<}RHi>g%x2qPz&F!ZDH$7Y-b_@C2QuQ|;W}FQBqr4yHfzCVeuJ
zS7u<)+fo7Ck$kcI)2Ablf)%l)aJz+`Fn$}fr6Ph*@o=UEX}`Mb@kFzP5lb9Bwl{Xk
zp$W#clrNHtE@a2c-%;bcXO`*LpT}+V%mWfvEO}~A!md{Nh0e#}qxksvLLK2vr=OE&
z!rz*y=GiEwE9;GTql}$`eR{!qY%mTQTo#CT#l2?+uRiwqhTXLdzt(#%)GJBIpx3C2
zEj=I7-Qgm&U1r2w19IJ`Q!W{gy+<OC4PR#B<;_#AYA0N1{>Y~P+FLQUr!g>q)@oU<
z)67Kto&05q*0zk!g;^QF?L?$|8h_yX%x>GW-OC-{DX8XWBNoIDl4S7k@SujnvJF~C
zN}adPpF6)Z8k`>v9Zg9bEiH%Z%E|fcoCQO14?;b{Z(FU6gb4?m)19Bbi%^AWme;sk
zi}<{@egeh*I3yy@u1E~~GWUHnU6R&kSG%&rUc!YXo>IhmLFXwh3OX2V&<ga`i18yU
zZ@Pri-uCv3<Gf)0g2;Pgd%MiuF0zD#ggKp98W!Aw&AeRLQ!a$Ms~kw$@JIW>=H<mR
zN7L_9E5r^+=7}$Cc<mKC#F0T?NneeB;L{A<S{6E;>1&XrkaYUKbewbAY}GYArpQ2J
zFzJy;+H9dqmYhbzNpox7dfk@y<;F4L@?oCjZkL9}MhhbWR1ukkpM?cfPt?b==!?hl
zj)w80^OMw}J)xmK#&*RS7S(=BgJ(8nd0VZmt)&-AC*)_UZO_*h#fvcFf=GKi6!nsk
zi=XRu*InCsZ?IGJ_1^Sd_uQ==A9rRqlauMq7`?Fh?dskT?E^2o0;04G>3vUYkaha3
zOX-*j!7<y3p$u^vb8{E*J()<v!Jw!1oPvYqADy0E@_v>$c+2mJ{e6>%yIS}BRg$W;
zH7mLEvX&wSbTAnl8q@d(c6LK{SJK41ZVmGj223)-0<LcOn0oa*m94;K&ik{eqO%FS
zxZ;`#be3Y+{rlww?du!ceD^S%ZAuD?{YM&AH>Zv5<E1hEcD<T_fp?Ue4dAXO93Ob8
zKU27&zIg^$+T5KovQ|Ewu2DSP5_2Zh{@Um!)Ku>M(<d2fJ~y1`Qp-O{&n;T?ny<Qs
zi=`;00sS~|K=&N{;TlRLQb1Sa(TkXcZ+OLcRYO%4VOw+z+0ei<I>OeV$sx_>6g}7T
zo7oX^av4T675SU9*=E-5yyk?3l%sw9j<ucgombZKOiHDN^5{gkWP>9-R!xok9uf3j
z<>yM{44WRCnU$7j6fnd5nOHiP3{j@_(?t!E7j_Qrd3>t3<`H0BNN=}TJHO6|_N|a4
z1>2<oJDmUzCg0K-k&R3WjP~%#)F}-JEUWJ8k~gX|E|#w;Vm%c*-S3EB=t35J>vUYP
z&y~O17{pGoO2fN*U0GJvC#X-S7o}%Dc=W`#^i$)g6zxSrH!|v7EKXUHU&o`bb$ViO
zBsEG9YF=<JN0P+(^DfO69S5dg1UINXCXR+wE;(b0<TOkMNOH6jPE=@-Vnj<gpXz!y
zRUdjPrAP1kB7R(T8zpG}z7qtlV#2{IZaIe!4Afty;8Gm(;!t)DRl^HJC#R%{<w|WJ
z-Y1>t%(erQ1+>f-Bz?QJ$%6s4gyU4x)YRcXco|ZMTukqB+9)`-bQE`(<f)s;@QB<L
zp9xOj%|+=mnHgg<u=BNP@w9lg6YYqLDS@zxEt`r!*qt~-BZ|RZq41C?*??D9vEPRd
z5(g-1S3Tz5h!4`-ZNYK6#v!t0?{?Prz5Uk1zv#=vhrPkhPF9{cLjkpo(7^F;en1wt
z7TG^ZD#cgw?k-;D?J;P^Dm{`INPDu5>}KWXZx!trIWjXRjD^*AxEYabZf%&GrKq~T
zSX-kw_R-`f9^^=L^6P3ChL)2x7Eq!ogCCmc{piv}TzB8XBcRx}2ZO6}Bo8d`@SyJ>
zG3`x}tL_kFe{xybKR7{YIqhOuA^XL(A%n!hx~6-rND7mgmg|F**&^}U8n-0l+BemN
zE$X*;Ov`siJn(i4t&t-37MYG>aZ8#5TpW=rV#_N0*NxqsGdWa(A(g`~2bh36&egD(
z@a0$RtGY>RXJ0D4*$?c%2LDsO94`I1#HbRu>nB(L=>sXyFZdJrK86^XNY{9kMkl8h
z6RmzFOQwN*8it9-2`p`Cm#ZjRP8~30vJw7z!4nd?RHy#z)OmQ{lbY=TXOgFz4rcQ7
z4I@S6sNu~7maXf{c3O3%4XI;iuc~qytJuLJHL+`~Fpo1DxSMY5L(_qbavc^*lCtDR
zn1=3dUj4~}+UQ`u;7iuS8pFmW!==!}ABEKK_?9~R+jn;j^n|MF;S*FFMz%2<ZTOdk
z&8zr?P(d>DIF5S;Izy@hW99LuaY0$eM&fJ^kE$i)uU@)!1{n_)SUaV|Hmh@Uhh1Yy
zOip?wR6NaSco(cBUaf9pKbqK}Srey`Oh9^rl@~Lo_7%_5{JESxicm<1x7d)~dSqxU
z6GG_q)X+FEfk=5Ba<uPV$nj>_0pT$()oN5pDeBNw{X5=*^2VoGvB6w8gwZ>;f-{Tk
z7EUh=WDczR42inA9uA%U=BjJlAGU=YOwN}(GMgCLPO){XAn<i&`S6ASyIt#0$dRFy
z>eALmS4xpP#a*Incyg!1D3j2+fUgnnS?&cjl}1Q(d0WrOS_%nV(poMGYl87LIh^Ik
zuC$VzV>?H)Mc-Hc+91jhn(Ck%zw?37o=?D6+B@`8*dkYDdNp%{e^(tJMJGaJ0rq9t
zOvoZ3Xcon~UCWQ#QqoizKcA1u4t>$*I;oa2dJX%1@xTk%tva!{X6P|K+U9ETJ<Y<H
z!!6aW?2hF3+lHtqWC=0%=jzzDmJOnx2wC<GmM#sp9km*~p5N}lH~$QYLDPB*30E5|
zVQdW+vI_)_hP($A3(|OpwPGp8%hc}Eql&ZLit>yjme|lVcKDX6!o1vSgk%hcQ@6WA
zF<jg4OpMyV)^tvB%bRVW%Y%YS5jVE8{c<^<DZR2SmN(}V%h2@+S#h%gGg1Mf6toNf
z$TiaCnZJ#m<-_VgENFIt5)`mG(ishYoqm;FBqlvpw>Fir!&=G6kU(lKM1f5CW-}TX
zI?T+x%qqI7UaYk746acDYAh+glR}4DUJww^G1{F6EuAw}=dqQ;=*rmDExjfBZi_B6
zb#ulT4J)jJNyWKd5sg~}Gn4t5VCU_oGz9FLKEj&bD9OmYyaj$)1Z)`7+EYK(yPfOT
z%*@QpohC=VPYW>i;XfjuZ|UG2`-Ze;ie5+CFU&n3@Xl|hUm95{Pvu}e4Y!0HxFZxY
zag|O9t<%$LqkB@}Rj68XGdr?z#1mrtVg6P@X+_#Gh1*oa!VVFoquh%XHk+fqnu~U3
z7*R9sLB4-BLn9Zzj;KtLLWM7SmnZ3a<ruR05abFYJgiKNya<7Jx3y}M<Cg>^+zpMK
z;lp3l2J%~)Z_^Rzo8LKUbG-ccw6#(H`DHK@Y~OOekfBX{E}Z`XvX#!-9Kf?UVP?}$
z1xE|P^W{EsxC<Ug=uTPDZ3!<5y`oI$TKn#KOl7bV9T^$pj0o{!Wb1IRx%4HSl47d`
z_rx87AJMKTiych0Uk)SVi~g!<Twvm75`S;l{hSP>8w#<_M5PFgy{L`x8BS3Z=4N!7
zaFcuKy25BTp?o_CUA=Q0CQ8E1pEWI&X%YP;^TuX%NOZG#R<|``H6Xgqy-kTq7)t(x
zB~pA~@B)t0#A1Q|Uuo7s>u@rJ39aHfH645WotdoD#>s~R$C6G^!5s__#afOemlrLZ
zq6PF-v7Vl|DTbYMS(B>e-N~Cdrbkaf5BaK)wx`nOC+Ty3NKr@_dFd*7P>5`zvxBZ(
z?L;DB?LGTa$xzAUWN9q_d1SoEe8(oX3*XuF^1P{d|5w)U#;>;c=z-~^1sHjZWVXvn
zqSj%3^yB#fu($wZxrF(TgmitCa%R|N{4VHl(86c^1`ErnEaC63t0-`t8#fMVZf@}`
zh+SvEuZX!Guwy)2R^1#nA>986t#PZpg1R`v6L5Urhdp#O$0=s$`>t}v%<;1va9%FG
zfN61~rONeRl3+im^o#=RINuJyd~=S#+V>tUfwtqssD4RXEekfY`SWSANE7FZ_{6*?
zayO0c+<CnsR!w=gHSH`&rQLnKGBH{2593I<S?$**&AWX*rLD=WE-_vtw&3ipUft(-
z+Ek_~3nQ-^o|JjHZrw$RUluVu{G~?=8BmqG2Y(n>+xgoJx>(S5|6I-FoF_cfdHn;k
z^Wc>poH$;IPx5x?gG|TIM%jeHMS)AgF+ppE1sAGuQy1^r(w(Ah*s!JOn(O#njZ`o`
z3ye|{$zqX+6k2C?!ti?$G`anJTF`CNASvBG9CWzED5vx_*l&f$8Eq${$Y}1PDO<!X
z6HVIqD@UqBd6&Pq8TjWkG&G#9b9Z-7JLuIbEQKCJ@grpY{sk=4W8!9Ju9<pQhhRPf
zS1&z?R*WKCE7X72VLcVOqT5~-BoZ_%P6-cY{T?&;9yUfos4*$NO>~Q>fq|=`d8lh1
zen1pr3wSzKbkDMz@%nZ9u5EwDvM-%3x4Or^^uZHyaInK25-zkCjI||Ae0p2=$ZcWi
zE-b-|O3HDEvej3+((~@9T|((CUu~f^dYJBFX29vx_3y9)8}!oN3j{m*6VSy}t$A%w
z3SEN`3sm75<X%z$`KkDGWV{TY2GgXW!J><GvQk5oNQ^OL2jmm0Ppv~V(3HFMed#h4
zw6nB)lTyM{0*teE$;r9VQhA!s#mCc6uV<PeN9k#szxh!tTb>lYKPa|%@uyW9^NQjy
zcJ9$W?&_-Udpd39gVhb2de-th``w^Vp9;skRGcc+%V9xN7mUz4=1<l#bg7Z#Mx*)Z
zVP1uZhtwP0>78D*!{7Ww>YZyphwQGfFHx4pw|hY7jg7oSCESC@?Yh{PZdOz1IqRS3
zf5A;^!oitPI{v#M;zKzY6LuZU3+hf``cCInb{c_@wSL{fSv*)!Y5puPh*LR+#)GI+
zv}Tfy@OpIHJ8gFBO>?AaN07wRPS@VR^>Tk6;COhugBNN#+8Q<5M{3+`JwE0InLhvq
zrJo>oTumi+=nWa^O|7OxE`J`x34@daYw%}@g>J8JbX{&8Z+xDi#A(_Y@He5aw!AgC
zYfC9x+vYbU{5G!X&w4N2F%CK3%2hd%obc$)(tHq}E@??+r#J9qx%d*|bKs}vl{UX2
zsIADWISsZI3lp@7g56S22NSjoBW4=1FNUNAu2;Iv@nJLhS&Fs~?*ygM@nH)W*!a>b
zJMqN`Kpj72Uk5a{lvo!YX*QVej1pY)OHx?qV!IeiQb-m_F(}U+akRa7Q+8(RCrZ9#
zgyup9=Fi-qjE!GvzW-pb;}kd6GN_>aCSz;kK;EO{(A)NV6lt_v9rH!MI@IUkeCLGe
zY{bczC}!sg-*d1&FA>v$V_AHWLcJ4Pp-sv5eAHY;9wA#2y3#`unHoo(*HtrH#FUhR
z=A`elDbH$th9M$~Yooyy0Gch51Aq=MsNNEJ+2BdO90Cc61WmeL&DS?XMKY2it25IO
z_P1DN2|DXu_PQY>p+sa&fjT7#ovhC_RR&2?>(6`P$B6TnhzZ4au%Luk7^WNMWVlq3
z?{BshY{?0CwknIzsi@VThavAX0DdG=;C$8clffjW4YftV*nBTpbY=g+153}}d0n`V
zej?}E1>pnzszqcfgA3D<FdwsZv<38y_sA>-bcoUL(W4}&Iw=^JY5n<H-^nLQ5KWhY
z<)Qqmd9Om5B3EU@O~QH@14w~$wXj~JkXQl1^j;+L;~AUVWs7^av71d@qZpdy8wi92
zgUMbIU9L*{ANgCaT>aA%=*FE-4jHX)F-pO>85<i94h-1VE1Q{930x==aKy{_&_x?0
zsiZz|bjC2}1><Ow!L*G5z1>^f6eesQ$P=n;U(41;M4S(AorHY5AZjYY`njDog;(q8
z)2$9kvLzqG>s}EhjU)ZJR=TEgy8a;iIFRW|(b>kY;DmRv7@Bqf@yD5dApWRf*?FOm
zoVS8}m(-sjf)LT(<@|abK42(_>r-Ek(F-~4qmA7MV8vWk&ap)_s1eTH75JU7M{jRn
zj}z#>Na_}Q>}m`sIVl^=Toh@PI}9Ufu!zJ-D=NMdHB!*an@K}fTXnIffPj{%BdVVL
zoO2gB(1;Pi#PaB^Fipkfo&+ag3uzCu$xJ)E2DTANJ{9rJp1wDg*H+wP&{R>f){Mt#
zfE~4Bl4nXn;+6Zv%xJj%*`TDfbo0S#iUJkA-m~DiEG?qFl~+E(eFiK*!_BJI>Q?h$
zBW}xee&U8L7ypO8mpRkT+nbw7S;;h>ix0SC6w%VWohq5Kt&NQoJt`Mk!AV&deIBcu
zRUL484yqb_>)U*#0UX_xOrlEMvJrEg0FgvB1+<Hhy)3sQuBKKj3i>mBa7%yL@o+>*
z-Yz@gt`D782lpYE>MJY%kIs~h;|z@0$0x=eKZnqo^tHGR9wx0lRbjvE&3(93g!Myk
zFB@mZ@l8tWb&=9fcMfAqQ?NzbpF$W;h%_pB7Jf62T-XX185%sincg*aa_gbpT~ki}
zji>H07CvM+$~QhfVv7}T-mqXo=cz+_v$%rOj?molHWypx#2PX;oPd$&&C=zWzam@B
z9uWBVNmF`2uFei1h5C53i)&hrKUbqiK?}@>&6BG<A?8%_<V=I=xl~U*3R_T)NKL+b
z#fFL8@oDM7#rBu_Df>dRnfp4Ink4Cslaq3y?G|5^>Q}T>#hDxVjk9|=dLw|>Ltq4y
zC55yJhG&7_8}lmva(5eyh5W<NX#Mlglgxxn6snzFxKfaP-ijS?K8YS_k1N+5h8q){
z$H5?~V?l))XN8QN6D^o2dGmM=rq7fbwWtr9!)6~RFk#ywQ~+^<|6*Zj5wS#}zqV=n
zrVF=Xe-1Tzvim#Un7d*W3cXViB;u6Y)9IE+n|!m^xg0^S^Lb_tga8;O+Lo4vE&DOW
zbQd{(pZ+>SizC>@tL_BKL#R7A!L*uj$7WD@o}sxJn7E$cc#dbF)-_nrV(T5B(yrTT
zn8rWtBQS%0C(D^vj{*HSV`yZ4f?bz8R^;#xGaue09OL0N5QUtng?>miE4a?UFzBn=
zEBM`KR_V*Cesa~<lg6(GR+~K|bQ=it1xJg`hj(B2wL`m)t!pv#Ziq)xGXpSq`>A4Y
zv553zoSaGiV6E}%gn`OjHxK~BR4WFZg!h;wubsfV8+*v!2<iopJ(+bbyBUUmt!Z}(
z<}(!A!L+u)uqo?X&{K7tet`QAaL;1gXe=Vqyp_VyfX5{nA2h+Uw&uY>^ViP1W~y%9
zGtFF6%gg-|j~7&`Ywf~5Do*ws@~hMoKB7_8W3%a#%#zZw?b7wBH}*<sa!N5Kb<n8Y
zEib;jd^GB!gJ|I~PlI7Xhv{MCViN3e`r!~K=}isZWA}T<?NV2og3ci&^?NwmcUK@T
zePCRE@-(Wfd)7fjDnt$>;$&NQvXZ@kpJhIP)7uo?^t4OSeN8*k1DpR|>E?Ax&rsm;
zQKd?{o{^ClQ~~}P%R}jg%i|M%-%9VYvvs_CYS1LrdGe>X)x|EDP@ZDAh?EmIqvM^F
z!aR3LzMByhr4)Uv{Nvlez==xzwhrgVKB~QKB4$j@=AVl_y0BFDX(>kGWzGm3MV_$N
z65Cq?Nuj2KjfcP@0HS$O0VBZ4&uJ@JT#N~4k%)RI5^7~`6joo{Akml?$FtNO+;#X5
zQ5VmQX_K$2zA*R2@f~UOnLT57Jo%8Uy=0iv0fjxDYA@P44R2$Z2tL5F@2;X*KqB$o
znZ5MEoy2!?w~j++KUzs02-pwQAD_$3O(J=G4*VYcmKdykLk-s_tViFcO>)ob=<0gD
zHDBwSb(yN-hx?0W>7)7amS5pW;r!APE2~f}ZwjXdQi|d27=csOM@?vpSybc+@lFTo
zzdIaHeig{Kc_8`FUM4C+P^Lcm%pHao68qummlKaEx(<IivB#khVZNILxWj+Hg2;<x
z;<^(e&OOO;Q2x-DBL{N*1?XNSA0S>51V*!6?f?0AzkOWaRrx~!cNiX%0zYmkd_>{k
z{6YDndo;iVNIf|^IszVPOc*^>6q%dr#>~uI3}euH{`};rQ~i*<yu8+6F5T{Ag#wFF
zt0-&G95B_W6(-`mm21@b#z&GEl^rAAu>7GHFJD$RHB~PyB?43R+a1z*_w-P`VVG_X
zvj^$0Ha|9Y_ONM8#{(MpY!oFWC2HZuj&h-8jN@}DskcnjF+><e{GN|VD<*RhgoAnS
zC&tG~|F~jpUxbjoY{Yyp6j8RT;X}=NDp2YIIXO9Fb=%6jjg1XZD-w*5i4rZ1i|Yh1
zY5^>lb8&eEr~U2WGZxYCoA>neG=~dF`c8iRdasJ&ofi<9{pbBM>#Yc%`OxgC@0Mad
zFZ}%83`Bd0U>0-S+}!lz5-M)F@=3p(0*GhQjVL&e!BO8~IPjRPf5_o^Ig#f3@rXf)
z^41C+QzP);EId^?>n=q~YN|B=L`8BmL2N3qGf2>z?h<V1{@X>|A^Hr$f8LAueO8+<
z+wt=B0s@YGD`HSpq-_#iPha0G<FyYTJ`8*z%sW%TZyayG0}pfgoRHwLuK(Mi+`On>
z4j1!XA$A`0@Q#txi9J3SO?O8Dq$MiiVvh=gWZj|Uj0}EKaZmy=Op#dHapnq)tz41h
z;w9v55Q5EjCH43B3wB;{FDt`SG0D6s)3JC=x_>^hBpOr@Bj=M;pJ=^AVprUV{MY`~
zUz`UYHAX^bhK^C|<_QUSbUSykE?zPSkYhWlMb>(^ITv8_2~r`kJT>f0=(*?Wb_B`M
zO#UxN_C(x0v3h5{bUv+JkO3PV(X@J6{^%E=snPeP0dw_o^%S&A7WBPwFN7~hx(V-M
zNSgeHR^p<guP`#!x<q~W@DIB3rvyc(9Q*BAvKya<e}8lmdW^(t@sncc2n+XmCgv;+
z{L`mTBX)r{UGzeNf)`s_wWanC^u<5B+5@b=q+;*g^(UaVi^2RBk>32U#lA5uTs?<_
zxmIFPQH`*sY?qV@+vK-f>Ob`R=KSxEWG_azfLYP)Opw+mU(e6ae?f5*3<I(QEl1LL
zN=Ve6jUtLYup5BR`b~y}TUO|~xowsP@_?$^M+l_yS-k6<R5ECd>^|w_Sq8a$`Q&-{
zEM_Lsd1Mj-RQY!^^5==8Js<$4z%aU?AE|R|X|P}+ikf4?sHraZik6ktsyTYB?47Nh
zU6>b83%N?t-}L1;R54W<JlUUz0nFyganON~G@9qKV}g23zF8L=%V&rIg*m&RS#i#&
zvK(x#GJ)TAdw42L{Mf?qZ&phCsRyXijQIHR?w{A|iv3sj_t^5^EftZl6!>W!qa#lK
zIu~M%$nVdN2!(-n=sNsAZEiFRc*v*Wdw%1G{{ALvdrpDlt;}%Rpnb+jiOp248E$(w
zO$g}j)F&xi+wHi06K=@lHgT0`!olT;xnZgAG7-1@a)Q$BPib}|Fc~BA_)6xG-59F}
zM1vmyJlC<GDzYaJ!4(n65mx>aLY$Xx!#UO`cal;6OhLjwCP6M4?CaRy7W*aXP?8C%
zG&dWK&c*TOP|#^OPfo6uHU97S^e1trxSowdg~6kz*TdGz&T6fMy+wxRi2d=lF_K?q
zo9H|$+!wn-x<#L=Im1Jqu8!(ji{^3J*S-vGNIxi3-$miez3-2}Uee1H|0ulp>58@Q
z!sa=K3%mI&1(N2PWVbKxpq=~I7F+}3Bd9@7d^Ph$o))0!FNx0s9KfH?uS90JZBvb%
zn!_vuikq0Urh;QxrXE(-=k%s)M7i&f{4%z={{M<1(bO=yB&HMQeM58HxD=LJuLp#z
zOhj!3&RiC9T^)}H#t(QYU+%4Azzc$dI1a7&CC7VjR!&TxS=$`iTDLe4A+)@E3O?3a
zRz+VI11cYUY50NM)n0UVlh`x!?hv9+2lDm9X;Y=j^}4RA&S&LFT8EVtmG-$q${%uw
z$Rn~dKqdJmP58%uCf=6*1H3O#>?(?1icR#tFG+ingt%?l<C9FDz^eK4&r!lHf4b8<
zLKpvhu2uH)GUV$0nu9xG8v_|;%sgXtt^N|*-MO$$^+G4mKL0<SYp%?&cUj{TaT$E8
zYk<}}&YNR(ez5Zv>=x#tuI951b^w%E)s94;A=)1RD*lv%StH-oeaAlJ3+hz3^_!IQ
zjJv@~r=cZqELvsQy#5>m*)YDe!oufW5lCHXj#33{tU>*h*6T+8u{v&{H?cl6$%Dna
zoLW<#PF^xtB>&H+|8@kABl-0FYfX)F6@}T`*RKoh7V^Vf*whOx2XGm|!53sXZpF%I
z*eutayUz}lV!>gjg{j~!&@4-he>D2NJE=J+;V)`0?jfE3@T{K{SxxAhnGH9E<eb&N
z&d7M|B-FHOj1jWBN@}0Gb5+o8Q$#FdlFwBr3!M`tdK_9-P-<xgH>+Q58Szm9!0f+^
z0DatbT|9QDGd!b>=+PbM1duWs&Ha^*Uh{Z94uTww4ZtryZ5J4R^oI?&;I>koI!Gyl
z2Dbu$m+zy*^lWEKedFfDXV#*W5z_y9v;T827YgAx&!@gXyxBF7Jj&>-=k;f#ef9kP
zy1H_+=DQSZ$)$uIoB0F7^b2(UE&8>dfhcgA3YjaQb#o2|O9f5fC&@J~8zq|mbp6Uf
z99m1|4h+Sci_j&JXZ{pBsQgz2IVo$GWNf$8!L*5F%%?<6EiHmK71RAusbq>%KfHJ_
z>Q<IX;z4(adc~oCG3QIB8`u?>H1(oe;i4sjNnyA2BqSu>sL3$NM2I@Y>Y6yN1IYwS
z8M@p{dY}4i1<7~k=fYr-q96;5NlgsnFjW9?5x@V8+&)qsn}gw9GS(<m!>(YzA3Fb=
zF&2&)0|OTR0jP3El%9U#YPH`)qM)SO01(E={wHT|Vs8()l*GmPuN+pNJ+db>@`uJq
zYRk>k)zpFlVK=$Cb8>T~s47ljK8=i!&CSiJUXWdyoSzQ`TjW6o;2_yPECJT!=D{kz
zj~_dVTMo^I9+#~DS}o<=&FzqspTb|ZJ4xX$0kS7kJq7vp+v+6_Mo*hvYQ8e=V+4RN
zgkit~hn&yAg$mdN@_9PE3H-W#G9XgGM&Ev0rHX<>`{h2=-?PY6v~a^pn?WNBb8{{c
zq~rRuQOL%V(e@tusRw$!6`pVMA&V@|SFnAWXc(%!WLi$cRm{n?l#8g{$5>wO8KDaF
z<2d`VDvyMsu=knw%_elh$^den=He__d36kN@BV#q%-P>C6Vbb_+;fKzfjX^EeSLj`
zI5i{+K%0rhnguV_R`y1V$WUdl=zDZT5$yz%b`l$$BXe_y{A*4s90UP_z+>Ck*w}oY
z+@4PjL=A`XW9jMXH#@;(gZ`v+78aIVz1p`IXIeIY13vrqk?IGqu|32aw+b3PI>nT>
zc_O^OB@=e@NqVs8>7J?}3WdbWBJFTE@I*W<eKa7}0rAKM0%I25L@j2Qk;T}Jk7aU&
zUpnu8mKQvEb7}E`kiz2XL|S#eKd!U-mC=D8-iz@g1JUg%Z*2gqLwOCmlG@+b-EEf0
zO?Ub7rRo)3iMy5SB=1Z!Zo{(^qli-T{09`)##U3XtD?-IF1ICVsM(ZHTV7o6>r=*o
ziK07TCnBF(t`zd(4i}HDRUd5a6SLge@WNq^BXN>S3ftuy<j#lp1<Ah-pxy?kVd@!T
z;l+lCh>dudbL+tH9TT{6NQjp-eym<nbiOO#lk0XJ6tj)ks4K@XK`?kuxQ0CJE6xa0
z5x_1k6e$he?Pm9gdfl?~yh&tt+Jtn+W;>`Zs37+Y`~_LWULXiuVC@INZZOV70h6DV
z)joP%v&6xwLhaP1+|*^KijBF>?$~@u&+80JrwrVA#z?3$@9g_`BE|tI=jQzY@u-lU
zuu;M|KVd};im8u1$6&{flJ(Ol%uU!pLs86xXX<6o{5Z{8s9nX-l~e3LFqU5pm_gBO
zs{l6Of~*`Vs4R>osGvS&qLct{aeIuUQ<KY%bYF)na+UV#qqQaG)!-%QX2Qn0077`7
zJF2vpK5?#Vil)E<?(oG}5V4x~YT5u6=mM7;N#vh)(UmNlr2&d#v4=2N4mzmQL+`pn
z)~B207P_Etr{+*z#wF!)Q3=_m`uYf<bp0JYJ$$C<%2zXg`rB8`W=q&QJ0Uz+3IS0o
zTVhhP`M4m&(;cuzfk3bJ_k|~^k=+{w68qC*uQ-UqySlqE)qXEJHH{P~sO$<G-DmBZ
zHdF=+ESRu=!Uox}Y$^lz>PRHim0^psXOU2uo=twvEI{M1tCD$eR8ItrlR)um*x(yc
zsxS<H*cv=H?%@Xc*uMzK&m-ISzK^D&;giRYznk-$3?EfLmXWvV9ztniY58q9GBT3R
z*zEUElBmizUy8$Xa|te+354yUZbTW&j@qD)R<nr&6uz}sLlMaI^z>SW5wC<Oo<(q`
z(Q1c~T_CmLO9LM&v;uaLr-eu&5cTVAn7ccBWVl#!JBaFx;{qABp(7_xv_GARL_M{(
zzV&C+(V6sltWP#D72n!Pjq9foDnrIw%Bb48*g2~a7}h)KH4YO>%I7DR^%|AN*9mq6
z%65J}>}`1ZGC)uM#sc)eoEKe2LV|vdx;PB>u0PviR5T|(E^fX0<&_YV-t^|iM$pgl
z2>=r?h8=1+Yuv-O{;8`AETaD-Qdr4lPB%ig+i(&Rqnh!3DWqC`;oF^`I}|*crA6HI
zZ+g+dUD#v3_a8nNYaxZERO%V(7*643B8A?WIJu`gfR-q<qP`i$ZP0?<S#REMZ*Si^
z2*N3w-u1o$3qmeMxnhPUEhVK+Sro5HplXgg<PWL(ZX_rF1lP2Iz*Jih?l!_*oOD}0
zxnqNFnV2AVGlmNt=XTRd<f!4B@F}KP8_|pY+;(bXHc0{HkJ7Lhc8CY0S!2ddA8EJ1
zm-xKx_ThkvJ<z5-G&>zuFsjMjyz>Td6?wC!=op0Y1PI1pKAzrE&MT4!y?gFbY_a~v
z%<MUoBZ|tZ_|hoC+IBg1iGZ|pJHPc9&$WI>K}CG|d%%JjE@+#_9%tH0$pFzBaIwf+
zKRTzd-T@}f{em+NXAD2GHfwed4R!SPLRuyQ-h~T0K3$07=i#xnkD^V8koqmi+XLH{
zU>wX^gaLkxu-i0>3!?797T8@Ru+Ogmbn$W6Y0H*SgS0uUW-NrrEyj+#evcj^d{AGT
z9}B&Ik$1FD6+Km0a?x2b?hRO?xeWq{e_@%dju0qt`7@wclo_@!-*!f9?m$D<ccaQn
zWq0ai?Sqz+pbDeIO5NQSRer6eP57R`5*22>1u`1NnQnxEbNi@i18%h?w%5iuMW|&D
zRsJ{lFRPx2B4B-FaWe?VIo-wrLXD77>mr*svqiJfQj4IKx!C<d3Rr-vDBpI7*-k6u
zhU^U!Ri(Za+}GIFnrXO!34XjOE&xzwcP8F~0OLObaR1&U%rF#(hTxv}Abgd#XDs4f
zoSjz}9Ld#^WxgsEaPB$b*rQN*fc(aw*ttPJ9sp2&nk6C)`jgt)vjLP<e$bsh2z<c+
zam#rpDov`xX}Xm*Ra2wwf=b7k4+?}$v-?^j;X<ymt8c0mgjg@^{32BT4+On8+l9kG
zcPI8-L6lbMO4ih1+2tt0La81Zx5)?_aHwbr^^wI-9R=3O_6oPw+~jWkAUXbyg}mF6
zFcE|m@$&6a!ZZ|bSsTUSOTZ=!L9U;dK@h&hrtTVa`oZla$3~fk)K=(O%K3`2Jy!nv
z^+>_>><QZtEUFH_29?6q5iM;7|MZO|v=?m+VGUlh@2Btu`RCalL9^pO<8kx4Aj$Lb
zpZ#e4|3s(mGQ-RGk!5T<gixtewr#*!zFi-@*jhJjIOPXfywNj06Xn~C+sePoj?Th7
z)KxWG*o}Q)Rxl=hAJY$p$O8vldvP!H{SVOzQ>xtdGF*J84&s7JL1bCt5}#!+PeH=g
z5=_~#1A(u~M}jfKOCG8#x>^d2F}qYW5}{`3RqF@RJN4-x(K1@%=p%Q_F#M&2_8utt
z`_LKlz#JXGcgDxlHZ?T?3bq(j%xB8ZEtS5Hj4U%zdivl2s44ap>WfWFa|KuoWQLHg
zn0J^@z_fB|;RhD`bHL;#MRoOCrimyhev=xS<A4hqUlTp&zg{04Ufv(hv^z~QNS60q
zTwlXPu`_8lTNkJS*H~SwSa*C{BBy4_J@mm#21E%bMt^_BA$6Z&V|SxSuP^q3=q#7(
ztK3t$&IA!Oug!E53YEi$Z3}$;`Zz!3leH|%vAgTv_hP{_nR458Q9FYf<;bz(!4sd%
zuv5;L2v(ej+WDa)DkW*DS*h`*-yIC3cC7wK03;fFx=Q~HDXH2SDyrsffD*{gUj=pX
z!F44oRb-d2l;_S(IlcjFOnyX)mkiIyB%*YI#grW#LZ?igA;+TuztJOWAF!BYY-G5c
zYP>A-MR+w%BR*;*c-@zMXT3A!4bgr4H|-9dd`FkY8*<Olv8cbJz1=APNO*`u(f#Mo
zKf{rx{kMcN<6>j)s_}GpgPs#S7&|U{Hr;(R34^9C6JC!%8&Jr*uwNYo+fyUuv&(n;
z>RY&(S|SnUF%t&Gjl9<;$-=A+mNVLv!Oo7h+qysS>fe-&l%~Y3+*@9^NO8UIYTNjq
zJfX>ba@7m*+B5&gR+}uS#b10-L!&>QI#H(vHs6K07`}W@X*Vyr8J|&dwsf<=%cLwX
zt?esa)ax?-_3n)APYJzr%k!eWozVA=B@02$elFJpG5+oS1n#MaD6R+pBS!xR&1DvP
zp549xA{rj=3x-WtQZHpb)79PV+*zN|LfZD5w%?l5pR8+ZyH5jWQ^~$ZmN+;m*698=
zS8ltg95eq09bs}}zC29%c@+iGV});9U>b60WVS#){*(rb;lhrBL=8^;ItH=G-fE;X
zNn#lOWDn1<9Q->h_Yd~eYl;w3s=ueJ8&^F1nVOhpC}b;wCx?qs1dF;NYhU*{&@&qq
zU~F;n2fcSbfZC9*B+R%{*%k_bH=hN9P94cuomSm*f~$H<&T^1`7f+O^YeK>HUDPT!
zA-7-%yFpza?=>&Gu@SC>k6G`$-rn1b82|dH{rBKD;el#}{sp4hE_`wHH`b}T7{uKn
z>B;%|EfDyPtP2+|Y(OP7RsjbL4_!{l&hBtU&X`O!1dMHr4a*D%m9GW(uBsKBl_xmV
z0g&w~$Y|0qohnegzI|S?tCv4FKOdE0jCXvRwKFFRJB#8Fa9ZqJl}i*Hy5@qMt5WO+
z)!*EXqP+W-JJNinb(@6{odu?}{~4d&5Qn=Thk{JcOcYdtTQ5x|r*`rp=wF=k77!=`
zi0PKvz`y`lUG^g^AK@+n{l3Ty_@)VH0e#vq4=*i7chcAp!DkLv|EO<kWYp8b^1|$x
zn5?|bBV!~%1$+Em0I+Vrd;E&PiLm0(TP&#ir?43SU_>wW6n}l&LhxKpzQrh5r^mn$
zZ~isbJ5x|luzI=6b%JKJP2#FYouKB!l<<%5Gq4jD{8M;qgUW{LfcxZWps|ZLfEbBn
zk?w!r;H?vY^!t-rxcRahOq2*)y@=WZ)R=yaH6laJjlJouvYVS23W%GnnXHsl$pV{$
zdDO_z(6jOPFXA4(vYStki3p8|&~Qd>H<x%uq1f<M2}9*RjS)o!lciP2xTVC+W40R6
zpX0WBF)Y&P)kYCLm1f#E2Ffd!|Ha;axh21P)~h-`Okdi*Dgr;yUHj?NS;EB9v*}2v
zxwUmR6ZZA%*Ooa{>jzwG>X_X7lQ3Ha<q=?H{{Z)CCHUg#Rse!ml(0;-hRDfaOaEMk
zmk+vo$^!zp+MyNtoGgunPekbdKRrtl0OkIVo*T>rvx8CK+-i$w6+%M(gybyE9C~!o
zDmhJZJd%KFs@7mE1#8ZlR_Hl7%ToyBF|}LWMZAP?^|jXe8VkB~;m5;6PSfG=;=Av%
zJ6%C=&>-U+(B9TF3IzxM-+jpB6o<B`K}$HW6=BP9adAtB1KHK|d)Eu2-Ypg^gk)%z
zs$TWlf%l}U=<CUVm<DM#h||!}7@h{>^;$NXLeHhjDLsCC+j7TPY^Hx>V4{7eyS*r2
zE`U6*ZV>70#Hm#lJD1kbx&g?km|bW8Fs*VpKp+3Z=W_biJ7AW00WbLF3puR+qz7a-
zkq<Qx@Vvk<_**VX`Puh|bSz-_Kqw?oMf$7E`*Xmx3~YuOaBlGD+D-THOv&?i@j{jt
zg<XMjtc|{*o-}(Y7#6)t)xKTj7q!eGohD?JUa)*=4A`-kd*Bi99@}AWz%<*Aj#I{c
zwnj!Ow{<^ko+bB|0c{xhSqb4Hh_ayHFft$--Wn0{dwf7Wul2R?I#yZ%$F<KrPzyuD
zS(GSd7G)?`o`ul<lCxl1okb-fswx}Vb^J`TSv>c9QYc=@c#}ytI{<;@NwT%id*BgX
z?y|>2{|XZ!!=bv<o_Si}0e93=irm*adi3bu5fSs`au@Sh+exL;Qfi*>V!9G%JHmx}
zbrpqrzkLLJez}0{23eR5^rHWIoCX7_UbA$>jAyz!$cGapVV~}KOTjBa&7p4C;RC|b
zOSK^O0x3FLnI%L6QAxdwCdFlB(n;^?HwDMQIDZRH_gkB*DK<|A*cker)}u?lL5^v2
zKcL^jDt-2`y}9KRMI3*@c^5_i-f3%S-dtjliJU984fy@kZ;BHAH`fEA|Bl7jH3g23
ze{7R&?=#7{&%Ygvjr;NiwDbHClnCR-yw03zc8Sl`)z*IOfB5yQ)9gm+OHMAjt!*hq
z<fDU{=%PM#oc*8V^Oqxg>5BsscYHe(QWTkU+Yr*As42%(6F`OGS<xCS4<qArWuT>w
zt*xzOW0uZfy<DP9b4yDP;roR^#!V5c@z1j~TgUd<6-EkfgOk1rL^?;feavePVqANG
zHmB)>WWAS&1IR)+lKsfR`=5qCfBw91kOBfu@F>}N!;<V7X5)V22W+?v^r|AcxuTC!
zYucADE6`iYLXHiem{qR~FTt)}&_E_5K`Tff&3;lnSeVD=ZThti<vohcpALTEgz(92
zl)&#q&D*Y|NFn?5k8i;`0sG?fDV?=7KGYZsfv#YE?rLCeeTKSQ5@n;(kGrq9ktzR3
z))Q?%NdG9IDNq0F9}WmV;H&?VmbMOtbX2I@6zr~_SwBnV@D+?)uBjP3KG~IYDxvh*
z{FxuwYT`H_5P*S%%x_GU&7?Re<nB~6`k10E>$uf#V5d-Hx`+}r;R9JLSE>Edj(^iY
zvTA56`0TAeqH^Ki_@MrkxWdA(!(|4obnAZ;tas2>oLDscS^EtCl)zXWgT2P-U!2Fv
z>l=g0xwCp6=Yi_%Ih%pP=k*^?o4_3cNx5X(FU|d>PhfD5p^9c44g4%*;WoeJYERmr
z|8>ImpXDRpS0x_yjn@lwodzAwNqojC)`SU*p+cjchqBVr>*X@?@@M~2kSo~Zr{UpC
zkdC1SBCmUl$nFCM$c@OwC_4Vh#XO<?VfeWTL*;}QDyK@bvg%FSQ&n~o5gcrPaWTXP
z{tsz8NT%*5{%?+SEvo0}`#utyZVKT>;9b^TZEbU1E3)+(hiaOZnv`}s{F-i3y57Hc
z&+rJ??(jz%C3ta6TynXl8)SwCHMVLBu@)Arsv)jCDOsf{et%F`5NU_atwG2nWSSLF
z!>XS_bOFt?>P^3n`2;W?yB0na^Xc2SZwtK^Zx#N|!5#8~08V5)Sq86W+^uxxL|Iw<
zm2vGU)O=5VB!DEpF*4zMX7vXxGA-8<v0!8Y?e4HnO`O5@<^P?%v_!XaSvo2WCsCj3
zmg-kU=ec8xFn-rB3&6&Of4A<zU4K>Zyi8=q-T+<1|0Xy8&PfX^jETEAN}9+*_b>FH
z<HI|@rJ4REi9neVQ8OaXH<0f86fis^Ffeeq(26@eQC_JRFvK!aQc{l|2_VXP@j&7J
zXXpsh{XYvcz-52s7y+k1=M9=ErLO3d6Gu$@(mTB=J8|L!k;8g$?;g=jON*Wd)}8Jm
z71c!j{olwZ@YY{K0GRu}$H#TJy?=87Yi`=IDnNPGZ~9`t)z|a>^ZJ4F#+D|SaUEv4
zR}^&jwemCDu{xiN;=?Nw=ps>aO|Zqomz&5|e>nnbvL>$nx<1iY__w#m<uUr-;N&D+
zk(r(4QG3-ar5E*7Ny#D~B+Yns#GgFL0_C*+6dtU)gGmdQOFqhvazS&p76#w^A``VP
znOc(m%43716|q9>-yDyFv5~2};`C$27{Y+nnf>eqh|PCNWc#9w=aWf<bUgs&$j)8|
zI?Tdc76$@&rXvJBAjLF-B4gq<y^ax4Lyro6v2%M52$Ychtc3_x9}|D@z_S>)GR9`6
zo~iv33T;zY4yBZYf{}!qLq&9U$c>>lZ%%A~V8kkCKlh%F%&r$VHXewZ?fN}6{THLO
zLP_2jOtjqIdzSkV=Xp-e#VCRKhJX}(&lE5|yeK6?HcC{3@-@cRECdv7?IZ;rZtqg2
zU+R*M5abmSQZooW4T3a=-u%)}Pu4fnJc#s@NRfjpTw}Ao1ymjZWa|Y-b^a5z@zvWu
z)`GEm=ICD0S=IBKj*KfHGWeCE0I{uZE91re1cP@CNH9P-xn#LkADEh&s;igy-jRuz
z&y?N%4+%(kUfNRq6nVyF;kC51qgt<<ck1&?;*H`}6v&Z7aW#^6q1$uOvZ};VB`MEV
zvi&4y{deq+Gg)xE^3mV!VXt%c(_Y#kbVR~m{it(8POE52*rVoJz-H)AfXW+iSpWR<
zQjvsf)S0pOlK)EF*gZ_;d;<S1)<ko5^kVJeGUM~|-16IT*<isTF+aIa^j1*-^#9BE
z5p|Ps^P3+MxqCCQG<!_k%F4Ug6|}Z)F@xq@W@fvn*bmoET(5-<q@eII9sU{%Z^FvT
z<Ip)-0;Bz*1vg5w(S6JbrHAB(Ui_eqIyJ#0l0VY5To;q%N)6i^^<6xRML@xnN|x}~
zP)MZS-6pxFOLMSF8_dS^^m!_;BbTMuZbl&Sti2}19A6c4@zv=azZ0A-S>FZz2UJcX
z<`bgFTOx{yLCgbbfhhzQR9-Y+noCMD!uNW=dDGD;jRslBF?}YGg=8eW_LBv=^V6$=
zYMNg(JCFcB2|2l(`s>*_Hcf%9n5__Y*qdZPd*zw*PESpRAW)--3O28izP{)AhCOV!
z&K8ezH?eKots>hcj#KmVmwuy*fL;7mDgrX04-KPhLwQZ47`gsWoI%Z9zR=_n&x!kX
zl8Vd7tDeRbJ?0HTB9YDX;BN(P-@f<X%^&Grpg^%kv3~AcUS)by4A}kHRjX0_aZ!##
zvm}>TVI_Bso<2jXTnDU{Ua!6-={C#C#kC4rfX*!${76phG1Pxom~i#~g!h=;-D;Nx
zKq7$xO;y!*n;YQ>^$6t46#jW6hEE|9jJ0dL$SXd8<Q4YVcb6|fL;)`M&g<8c-IMEa
zyLprs1Q(VfgTI;7<O!K#D(28C16#9*aD1=GlxURyWSpN=`xVaf@ndfYSxtAuH^Qbl
ze&HM91Abq6@Hc9MDnX9lc1gc+Cnil?7Uy8UW574<Vk3!{^h%agl{HZ~v+rjQ?9+(1
z>8yX2%I#&0y?c|2ttS)>2vZ{DiHJ~_NjWY7E$`N_AVmeK{}DWrFdBl`t9h_AC_Nss
zjISA?k9u3b1K4L34C|WTUIyR?bNj-|Zl+~;U;qhfWkH-9AFs!6K6H{$WL%6Ii3kq}
zNTUYb^M6zbxkCt;o+Tlr^wB1hg`I9p0Afcof6Wi^NZ{jO$D{q5`Vq&30Y9h@6u5b3
zzZ@VWG*vZELN<ioVgyVY{;djjueujZA}ou&`|jhr_3{y=oz?B^DNyrdK=m8V{9@G_
zvlZb%MjhHje^p2F*|XRkO`Qj~**gGfF}(`Z$%*+tfU;k1x<VJWVVL%a6U@tK4t)1c
zCMUkI@cM?0kdW+P<uw47K)379ZwfS!cu&7H@;g_Kzv5gutmc#})w#TXXh6PSjBO%j
zEBS%ftPU8FbdCNG1VA)pzr2=1c9q}Tw<ql}W7R4Hh1!*`PB%K34&>H<W(4I&e`-2t
zj$MfZ5v|;<pY>?kSdC(sD{83d4aX%Kn&BnJ*5h3M3Sf{Y-A&!vx0RJKTU&CV18|>-
zNh4HprT$yly6-8Utv#k^zt;#zA26Ql0@w$UU{md<g<@_rMqRjse26~CVfzYHuYr<Z
zzX6cW26dQev$6X`+~7VDM*}oIp5(HC^;gl`*cDw66@iy|0a@j2hXRpHs~!P$>+=WY
zYbLGsidQbB?0r_nnAaB{<pIY^a_A}khz@dFAX$@Z=L_3NiO$CPutV3LPf_itMu@))
z%^+GzS*kPn!R-3|>kN{CAQk<S5(8}J7|C&{=u>zCA!=I*RKo$T@glhy4tE$(S$CO;
z#FqS_o96UTFukZcd@DI`^J^|f%Xu5sTwl+A;|8#<H>>Y~ZmFQaK(3{8azQ^Zgp@Pb
zCk4niKj(M0<b``Y$V?(Y${=1OIw_!&r3Zzd&dYPEZe+)j>0Lm<YA#eBv*}x*{~i?k
ziOck_ddc6C=PxKb7ZpH8d7&f3JB>#mfUpYcVnBuJa>Yw|AUnFa-5cC%x?ms1C9>bk
zMv1}SaVRQj@e;Z>H}wB$?JEPK?1HvYL`20EQ9y|WF+il0uB8M80RaUhRY1Cwjs;O^
zSV}?~q)WO%>2B%n&LtKWc+al-h|l{y@2_wFu)yAX-{+h;GuJgUXGX@P8I?L09(D6m
zLU(SYK(C$lo94wo`Q(#7y1NZe8)02ljU3HDqFW*O&RU?x2?sMX^B9Adc?;mff2%I~
zN<{J7_vawJQjh8t57(<AYQiMQ5s?em3hljrx&d&2ZN{Nu_ud3OHU3}RC084`#ZG8^
zzkBf#5s}$qkI}zx5k#5)Q=Jswl#;ybqno@2wic)ek5wjF5uD!r8hQGkW?R`A*)XQy
zwNO29F|aOmvu~d-`#iW-w)`>5v*iHL#}YgX5NfewRv-WA91*<vmD9;A+H!T!B-1Q-
z#m!^DbaRGru&)QpcfL5u^x_bS{grC$#VW;Pc#>cr1YYhMoxjg6TOX6y9LCu;l1Q@F
z%6=0Hdg!oaLWzlq(=<30#>E@frH?7&+JJjr0Ez%OkPhRVVU|8-Ix)*6W*P9g<wovP
z&7WGxrR*8w2do<M;4zGRSp_MnkrJ4gBwix(1LuS1DhxIajvF?oM9}8-FECE_E>7G)
z>Xxj!y0MAUeJm6Y{dl#dccRAg{YR+rMvUpStogz*weoKle_@@pa{SRi2brbB1R#7D
zMcCMwMB_w|Ur9CWS*z<IoTxJ#b*#ryE`EY_EawO6j%;!b2xiqVeAhIHgGuS@H?`a<
zOm_Dz_H~&z+WETQ#TdhlvAKBSy~*HA{co)D@94`I)xXg5P-q(89fnk-6DAk$!iBto
zsIz47#~^qB(ur=N+G#<RFrQp`PK$-^rKP2#iZWhA_Fm~K??`xlqS2oC05Y8IQ9xHX
z+wB%P=<WPZcRZGsw#_DPNL|02boO$C7}=K>&Z<>HC-D>?zM$bC4D;=vKJn^>l8Z%O
z=vA_wm!mo_`mPGTF|6~+L3d=@ENM8F=L`v*XSu(##l2cpwAs8m!rOe%yvbKFyLq>x
z^Ro7$-~FoKANJ@ikQFd7n)OLVp=TNPrg$BI{|Fmf#4VpL;0X}C2(dkIBniin#<?AM
zrsI)8Ci&@c*R?7flERZ{oD49Vm5|Fc+3#*gT3@epr{vXFc7^&Wfm&2Ud(UM-UPVRW
zi^*E=)dGuBn>+OFa~*NKZy`|?$#!!wt}|^>Q3djLqTQ@o<F%t9<qH*XZ4_;n0(?D!
z{alYxzj_5{D>Jt(Qb|WWX7&=Uii$A<6>{Z>p6dj78ahe<&B#%%t#>{^Pk;S(WendG
zj~We*3E*a+=cv(cwEPn<5YCCBPOPu0-F8>NnHTv-JllL6Mf&&ANhv9x+4SUWRlgSX
zlwE-3FAuz(YkxV8f8N}g_#44RxZv(foTg&~M98V4WaZ@t8;mjm0f_SV0&$Pjrr=CB
zLvYGMPcQW0gPP8*Mb2vO>(6(yz;QPF>PzG=YvjD_3YMSoY|<Lp<;7Z#ekaC+Qo9$e
z%CoZwutWH|eB}d_#R)G12j;|p111$0_SH+X@2gJdo|nB%H5r~KH<(PLJHkF(wEVnl
ze0H`D2P@`6VX2Q+4ihpCn`=6rZAFFWtOVc6w9hr%3Yi`ZUgfbaP39h9s3eoRXWsga
zVC)pYfm<=7r~g?j#HH(&nRm|Ixz6~IT%{&RK0VXK(C`j3v*Z4<)upU}ACk;c4;f&M
zO{CSzzSa>viB6|LWK|L+o_2YDBdqwqJ6JtqWPf&(6K*Z>qw0Rj;hTn@4a$8;1V1y{
zsr4!t*I2=cGq7&g1rbxc-4m+d{RimHx(u}~`hcV~)kul!gAZ@^lRUd}<;r9oLIa#A
z3CnCB35DW~i}S%Z8WKAhOoofo4NMlUeP)sx&OUN1%K;*hLiJgFtLS6cYm@##)0yx!
zTppdVQ>M<Nr>W6Tpec~=|Ezu>g&!g45X+=}36%DQ@>!eO@|jIkFFE_sii?4sM4(bf
z)lQsG-&#tUfA#w0?M}}fV5o{v!lWbJlsr~8Gut9EOat3l^QkZnqaR1=U(IT3`S)d1
zP$wepo1Wx)M+{bJ?}@{ie^xB+hCBOJ%{reZ=rHTc%BKDX3L>iNU|BAm)*+54s&k?P
zs;G_`Kbm<qzjojlD_KieSwl6w)xY4dJ!}MNQ99_*OFexzDN?!2Zd8u}7X9`#*kz{R
zyxG4-#p3r8l&G$4n39s3wH=ZIeW(J?gHJkv=fUrG9Xq>*TX^y!{0yu;)p+3p^s^Rt
zR<K9rZi^gyRNP94)IF@+ffGbepw0~6Aiwu7GIuR5e%j^Nw1Tr~e-9Fue>Gv{;pV5J
zJXctOmYo2)&n{(tZ!4(BHN(LFJCHF`>?Idf|Exo_&Ijmw221q7qCxhWW?KX3mzQzw
z*Z9EMfh5R}<4+BGnR71qOjRN1$rr4mxETIhlIHw4E$TjJwvO5?g=*(PD$2JN6Eo0J
zCPvm42N@A{t)dJTz)t>`>_d=W!-@k)Ga38s&_$nkq4X;I<MgSA=$0)F^|GApIlXcG
zpPQzFP;fU!;3;;J#?A`v(x3$qrOCW+=Lb?;<TZPH9PMWYj<yFHVIet|%^m~G;?e}a
z2DfX3-EeysRZqZi6v6v(eA_80waMwlFrRP-o2rq~&t)s5w=;K_LsO6R`?u3w(|?Wj
z8-Ww3c9JA;O3?}W?Fx9m`!3Q3)MaYiqO2p=7|va_nn^qQsHn)tqxmD}${;5+d*kOe
zIC=Yj-SUqNV8-$D8-H#^&^qzgl0BIy-5J^Ewd@92`bnUJ+QA+nBO|AWz;t(Vm)QZx
zkeh7|Edl=OnVEAyh0y#|Ak=8ggT*{L4P@^dfnY&&R@S^bQ2lok%N_O~yu_Drcbdvl
z@DK(PbZiDNHsZJJQLz*lmvNfUwFjy{4&!hD{^I%dXrcGULxue_@&M9yvSZp^0wkc*
z^7&KwQdeTzc$N4E=y7#&5sp4u)7+RjK!Gz^-vdBl&ns}j+4C3^Wh&EO?jY{L1S+n{
zKRQL0tOY8_rDq}tvu{1N<}T+o9s4#jGxL;8<weaaKRPeQumApH``}GQ6@6*8=_-Uy
zkl|pT>BPn~LnUM`{2drB&I+ZUme<w$w}d@+IjKmi$pIO9r4ZuSm?RrFQ37)L8-f7=
z<UQ*OfvV?5q3dZ8PZbnup<EuF-R8zehqyv~YlAr0)s3$L4h>D4jMfy)GLI0!!|jZk
z-i=0-(42#DEWs@2JEynvud$Tk{oLf{FL#M<2hBEtjAW9JGOz>l#Ud^<r~uZmwMOu6
zW)eSo)F|n(9RRhRi{ZM(?>P8z+bt%QvET{>&4D$I59Up0n)~Zv<_aIdTG;QX8`SxH
z2ITVD)2G$+p4fH2NitKnW!81&+~%ZoCQymn=`Jqsvuw<UPLWKd%1-j_43T!p`Wmg^
zm~xJbFE?z;=W}R{*L}4r$QZRkf(CJw5VE;b7?m`{8|%sY;+vE64O$ELxV3(rsO71^
zDv&;qE3aVw_2WO*8Y30s_{C1OwF#FWYI!WX#C?6AC@Q$2#PHzdp|nZ8FAYl1Saw)z
zR#5sgTXI>L;JE8J<4?_oq@M6C>JIiP5>2l{gj_N|w0~QddGX*!h;-mqmF9A`QKq5V
zNvx87G01>1tX7iUC!gP9H5x#M-q%T}dw-fxpP2(>9Z2?8mkk{gHW`ZL5C|;$&aEi>
z#}Pc~TeWpopz&rgd{eNih8w6q_RPK6ThHKz3yp1z1KF=L*KkksU^JjK&I+m#aiJ1%
zf#-)F%Ay%6F&plB8bW2iGK9)l{!0(XiDE>wxHlyuL;5Dsi!c5hRtb$4OenZaU%cJi
zd7V{5qBI}LIFpul0k+W~{(*t=h!47ykTE@zKEu!(yuynT-{d@KuAcUDMA{g1HS+(K
z&TyQe#803xXC9c63;AUpMw+zC^{<JZJ-xeZ{U#QumOoYtH{vF5B<o>|f~MBGSa@Ea
zt-DyD*ERM#<s~+oLG~z+F&1aKyEbmt76idOgNN7(s3!z__JLyYLKF%*9p<?Asc{TZ
zuB=wH@Ak(Qo65LTt$uykCaO`8l5$6b>ZMo@zwz6$hj-6DikMP*I2;Ol_P1JC;X=C+
zH*HP>HtboM7zO8X)D^e1;sj#tOiVdxah<+l!~Zh8IzpWyJn|-VwKV7JeVG40rq3zz
zfgzQO?_1GTwyn@X-ZJ}*sRljLeis)P>2lA15BGIAAsI_Fb%S*Uu_y8z2zN*kh!>Yg
z${=d?`-Kk+GfPazCn83=Ee@&c`i!XG_*}6=JectV*_Po2hr<I0Aa?2grq1;HJ41}I
zqiA!p!yuaEE|up+e4he?gA@JDZ;UK|r2d6zruU09h1KnhBn;se;Hf|e{nmt8eqP$&
zsM%gHo6=*DFOv0=CrEqXg@061Bno>TuTsLbJqcWG{axqSY>{)VLshdT3shiZKa}6F
z)JK4pM3g+{*58BnWZKliDiJcR$_KT@%iwUn_eN`}aNEt(`T0W%d~?G`^4Pudgr}O?
z+6%FmwjDj)4Uo8G1URd;uS4u~OFBG6jpfZ$Jsmv*gC{dNd01@XffDcMd)g^~Kj+Xg
zR<iqC3g7d`O^|>_NQCp@n@@%&!BK93BjlI9ee2FIkLJz3&nQ<ys#GvD#0C5eBSOs^
zS9vW}1*+WSk=f<umPzV7xU2PkafrOk?bZfjIN7(8e@q>(ItF3ei4UsRY@iLrR18h7
z)N#*bHdi7*S>IXOpu&49yC#DS<Y5@QGj^(PJ0+ONVR%llw|CVCR>tILHtu@j?jOWi
z`2MPXl?#7BkIqyRZ8IHLPSy*oAg<S@J<m}tIMx4dw!drg0*l({y1xI;>cqEAt}ut;
z@f`5?D4Vxc*?U!H?QXbjF<3x`Glz#kw0~fhDLyb=Wz<P-)Gw>ui2CQJ(?j`e-tZ88
ziHV76IVZQvs#Wi6Z+XvTq%_bGsF7v$q3#-ln#0mi6jPsnI$BAt_ad)ZUhYu)4UwN_
z3j@gZjGO=@`-wK_Xe^ggWI{!?r#GI0X10+M*^DXRtW7NfTJdJOap$d_QrY%EU>|w`
z6e!EOZE>B7lasT66ka_E+DqRl+W>*%l^Utx+R53?@w$?{(c#6(y)BaeLPdZPkUaJx
z-zm$vy1%m;6*0y77i6~Y@9Vp4ATYoiX$E>yqSk2hV;d`aG2mGnIOx5{ME`*UfD8UM
z(}KJ2?1a-A$gt}l!ZJR+l;j0SW)odFXg6tZGgaSFH=tOYuoViu`WqXg6O6moHyzho
zd!iz8(J&d+!}+4crh;W&c=7rIIFx>j&K$!Q;*TzcsRHK^z{Xk1v92TCMzDT#cL}cm
zpZ2pUXa%R;ve&}iUR)xRYEi}`7c4;mRT*LgkiRT37H3h}$Sb~0vFXbmaMgKwfKFwA
z+x2{QH(1Q4;)AbjJo~SSgCOg}ii^8Q%fFVcbY%aiV6mw&X;nRNOw|WAe83v`hq0^y
zl(+rgxUOIm`LRM-cE|k;OkIuW$VVejb9jVShgrSjzhnY@%Wu&CM;bAYe`4JA)>SM&
z$0F;WARG__YIOUJ_t@Qn!H0hUTv##h8Ca`oVcLJr$H-;4s_kmo4tqm8H!jAcV{Z5p
zxnSoj@){gH)68DMWutu-*0aKGUySNZS6S8b|FvH*0RO~490`~I9-6G^jgHW+*#f!-
zz@)8-n*ZV`W!qR{EBmYjZqiz;VQVy9*Q9_@%W}{@h?$fk1t^jJ7hJ}!;;Emg6oVv?
zrD4VVI?RV#1H+DNCRMHpX?xziibqk6MxKk;d^kA%Vjl-TQ4!W*5G@Y4pKdXm-sEB3
z=m3&IUh!b(YN~5_iS|go1EEgq|9v5!6>7@}AD?MxuVelhG_*Ly(Pk@fVb3A)BlOtZ
z{oWQBGCUUwC`?!;Q=bj8Kb{>>n3-Te2fCN?G?ZmaQ1$(uiYnI+|I!R6k8z1Uso{P}
z#a;?7R^zQ!M4Re<PC$_O;X3I#4(1_;38l?X42%VA|FLXTmhx8P`c18qIy%PvJ35=G
zv?w?9Bymp9!Iq1|qE9%#9jf@&RV=msN$CD)y!I;Ng^au*E{7H2ACXm#&$6ZiaumRQ
z$MsT=((Icg$stPy#eWIZv86FTVb;0pL&*+YkSR$?N}#HRWRtg@l{_ha7|0B^>GdPl
z{=ti1Q8wP2n7IcSj=lNbf{>)X0+qgDY3G~e+CO}5_yb7B2TtFW2rCjM6@}+2D&+h+
ze?Y}Wcr<={UmvoXScWf19(bH%*QkcOhf8f10g4xwiBQvU9Aii=I2sSnt3WPz)WZa}
zW@;7lDbfTinKl4J`K4lp-+>d-eB1A@@!Og=&kzA&K1OU+-Y)joiMU>n;(P-<hEd?O
zr!Ajud$gUoJn5=6sIgL;08ScGsFWJ*fJ|q{%`GK#7CP>J&v|7zUd=i`ptAQ`c8o2!
z;-!CY<{^XDC=)n(y)Mp#;wUJXIRu!Jg*!6gT(bXAx1XDiH8{PvnCBCPfc=e6)eDDq
zX7Z%uc%o^SJYmvN+$Bb%-?O*!L`M4847wCBI*cl`Xl1i$p@%|`&uU9-3hcOFEQX32
z^iY>>s7sbllz+5DOn%d057{8`M|Wd|)Kc^UD@eL4bo6x0Y4M!={(*p5d>k~$=o|5=
zMTHeZ9OgvK90JY#Q&N7UDm-J<D7Wv3tpUZxpq%lB-#+v@Zq;zY_cBL8Pno+1-KE~d
z9F%EXrmvSfKwHqZoohW5e0jQcBh*yLgd<X{Pl8S=1rniNvHwD?s$-@}(SqKNAxnvS
znUMUQxB{8ZBtUP}XM>qFI)q>-*TXHyQB%}zDB|GJXv3-k%1-tdQJ<4N2R4}Xi}5=D
zo01!UaAoT(9ne_y2=v1#C}Jdr%4W(BG;Z6ah1$&pJ5JNW_UBfQv?|77haY>dAMH-}
zDjf8L6Gnwr%*!+upy!=Os-jBs<{=|Wq}A_7kVhx6+&8`f8vG1y+dRemIF#7Rpg6Eh
z0IjR5TfY;f>GI@q(5Fup?J_=7lcNr=+uIz>7FL^;R#qSU!r<+%5qpqG$K`YKGYi;9
zE>yHK*P9u@aJgwhLVPS~DzivkE=vRj@?b}(Ht`vvhB{b@!NDf<0CBY43qKM+nqYRc
zpF$oXr)yyBFXv?{<Umi!b|aKKbIab2LnLZyjkM>-a!349`j?g$AdX=-URh(00$eAK
z&!=%QI*P(T;5uq8_$0W93dXI!jSx6oN-SqlKqv!u$2b0Q;04y>83fxF@QJ=*u2yTq
zP4|`-(ur~=%MuUt<VqC+x~F(Fqk-;|IasTM@59bh91zEix}ildJ!8N!eAQB$nA^+0
z0CPEiwNnVj4K8Dc9?D_=iD7<JYs!ZlRS2Q?r)wIfDEatX4D65@TlFS<duw&D^+m^_
z*#fb0WJzY=(IK)?rZojT>0CZ~<qKZaZsl&`?Z<;ztG-OydM;2<+-7O4h*w6#+IYGZ
zpyK_8=cxx};6Axsafche!COff(mOQy2}-0n)RC`<vN4K)EtJMpwUIK@I~KfBpZ;8w
z%F+6~%%=4-Be-lhsGp&yO;xqXe7RQMd)6GtBA7p!LG`?=aNxx&ct0CiX03ft9(OLk
zyCTcDq=FP&#IKLxnLA<i94>@*w~R+pQc^aiuUwJDGAT+|sG7yx-qs?cnWW7^_xu^P
z?WO(_14Re5VQCy3C*xL7-3x@`V<r1l+zBy@)e9KMWSz{^eg=qqx@T;Vn=~(u6?Ihb
z+vT%L6S}viS6t?!vs@XvvdfQygG{19ujzfF1Nw-$o_oT_7=Th)F2_Uk{^tGa8Re|g
z@yYY5LrP+YL;*|NAd*F7VMobty97Fs>;;rrN45vZ2t4~*Pix#tOXOZjrnoXz1RMfD
z7NHS?xcJx5@$K(B%Lg~?sIOn=*FOWZSH3B6H^+J@{|*D-JsTSvPcO;;SQ+%ze(Y0X
zKEDC@^&|=F2&bF|W?<53D&EB1$lG?TCgrHtJlnLdXTQ+%GMBP&NPyYsT^ENcsu!BB
zgZ9N{uvKQz6I1Y~_~BCb*kJs)@sz*)xI^niK09<rZYtG%(6Olod7^h<(#_w-j$Wc9
zJ7^ej5FT+lfh)JeW$7tpARr9fjf=bPAolJtTRVX$jM~A-d9*kqCP45meGbaIZHE%?
z1WK*WFmL}zQ?!$O5%$V%y6+@t(-R#=yvecR7)-De3S1L+j~*%)n#$hR*{-H~ZkrEo
zYTJ#KUY4x>r&3Zzz$Kq#MfKu5@s^sQAH|LbMt;KQ3aYOw57)~n-6^x%i3FJ>edv@;
zJ2~+-jvmLkevBYvw>|hQ_JwgU{(g^j8UFs|SofSWFej?Ycewa>?gTMC&;A0$D=RB`
zti)`ov(}q@wk--~wL<<KEE=zX8@>8V;B5kW<eVFEcqbn4k9k|&-8JT$23{Hg&y}SQ
zTw}Q)+P7RVN^t)!kh(3rbb{2SKG_`8@mLQJ4@@M(FVSi*fe!C>60yX0TzB0w3K^<J
zpri+6Edgf@hkhX5J>PJ?Q(KmyHS|8`A*1d4tE9Orj8N`3Y>Tf+%W#JKAsrqM>~?xo
zOg>(Xt?{zVnKN+t*ps2Q)5?1;m@zdiJ>BR)2z)Sp=4_s5GKvPo(%+hgK&beTCsK&O
z3`9@4nI$nh%u6B;qJaj?IR|Y1A+k$`R255DO;*`8xt6jN7P=B;*gEH(0q3t9=mZ7P
z?5_{^5P<Dta^Tkz$zSrG>KSr2(t5%jy#=UB6GWH9K|aupxSODC1Q)N3l1;b0C9Gg&
zPU^(i3AtPvUN~Ab@bc4FfUcKXES7Dbu8DNm?(ebCQ{X4Tj)}FWe@{Ud>@v#IneAoX
zvyt}zKQ~-Z(qR%zE)r&x)rZ$BeH~jagae*rrR)vR_-^hKk7~8&`lO%<D`^g{+_{6@
zNkkNv*}ZadPD5HTuZN_MLs)2->dPrOja9=YRb|N(6KYEwr91jKIW->kg34p}${rp%
z@80VP+!ZZOBxX`A4A~l)XyhCT2_7D=ONr*tU}?S&oT=t5Ai$N=i&(Ml!Cl;ylI4+p
zavNz3(Mqq15pl(bP*Et>mf3!HiXOlbEQr??A=$Lc{><V(7V;+SM}TZh9_llzr|vhW
z6J|oHp(gvUoMls}Jk_0y7hM6xkN4ND0a+xPPWSeKFGGI0WzuIAenfxnmP}-L<UK$Y
zrPZA-nSWG{{et#&o2JeBd?Sx*J=;o)3@gbJeoG3BpQoPsd+V1WJ3p{_GO~we5j@%k
zH2ifu2RoDTTWf>vB-!=h93ApOyHSufZuLgm>h7SIMTt0qib3h-wSebx6*MDEd-!JG
z!HM-86L9dKgXA3td&DM@)hA+%$JmwXKJr}9sj|bpMas6P9_*#bQ)}b2$v1)~EN7&+
zV?@KFrRTP&+#u5o8Yl_)wE<rmk&S|BeO#R3&{)ELpawfjqrg7ZPVIMrKu3y;n-sNW
zn;uN}kDOYLCB6J~Se8{xS#?c)UGqzkgluvx9?;DV2}}<jbqC0@Uc0gU1}2IVB*vZd
znofnRdn5xfPv4Or$z#Fusak=%;c4=hIXv_e=Zq(kfq~H2iim`Z)1;&$elK@H^}{o;
zCmvr;)ah!+%?4hnEf0|G19@U(iW2()myt=a{gQ-lKL=70YBi60bFj}ae^KD(d5M?#
zoaHPBKxWpqOUolOc*!~}pzVAgD|f{iHjc)-)*rc?rgEYV3@xRWcq_D<de}y3lC$3w
z$rMS3`v&y@M=JeMT1a!qs>O7KuY=gSNzcpTvO9CrboT2tq?2YHoYNmJnK|>sSlLm7
z`hBGEBtjf>6`n5N_!9{LE>1@&X;kc6w)AkekVxRFuuAc!fADcYO_qTCyP9o|^LK59
zl-aJz+tS`>O)0cKuzq!TC3dFy7NzT}rMqI8k&cHS?H_UMxiGDZ47ev1@8K(m2ppj|
zWy$38H*q5xAoDBq<>X?GZL87&dvP=jwkKeL(G1;}Zce)zhQybxi7;Y=iGt$qRZ$Au
z<T_q4u^|_HU+<Eng?kg6)a$0_U~y*#M}7RS4RlK<&KI+K(nONGTGa?XOS{$}y>ETA
zucBA8Sog(c_e5u??|l4*w{ZemIzca1^gEX_Je+}kl(DbO4guL)iMY5QQ0ozeu0|V5
zXo9HWod#Z-eXk7z7iX?BY@S^n<@C3Is*yq5{sGTI2G8DbP7`&zaaXXttf*=iqG=@A
zRSa?a_M9J@c5&P2iOHsPW$WG$i{>yHp-48$b&w64Ce6K4M*SnaUz+}TO^6X$NG5mO
zr~rshID4=zvt0Gy8G1azgcLco*+E@v`f__X#4;kmN4w?K2&6wrJO9hQGTHO~3Hf=)
zWJ|6Az>Ak&bJmIJ^@HbO-IuVw0sC|d6|#db&Ul|XOvQ*pC_7}oUcASl)h5&7?a%Cp
zYRXF1R-V^j5&e`L`$|u!N;SIg^38PS26dW&Nw!4l5jyX*8bU2)_s~7!b&;MP_zu_5
z5?_|?moDKB!=}JK%YL2VkJ4_Vj*r)UvgYdx&RR~j@zM-B=Z`hJAjfNOlSf%#L`u$7
z7#a41pllG=$b|v57I)vI5f_K*a)e&JGK?W58krUn7{TP`PgGz5N`5&DC82enDi~QF
zIxCs^k6a&QzX_%Xw7adV^?e>#-MW!{<4*I#<T$O4*azvPBQdGyi_6l@l|CmLb8%P`
zBy|!arVo584-NgE2zg$WVLm2B995s}cVmLEDGSldLK$4)aa*tb`USN(=BayMaB67=
z;t^lH_ln1~cq}<F(qmZm)g_7i(T7X?{>tl1H!_^>({#btpT~to?NQ3pOze?Wd64iJ
ztZKHWN8?|Ni|?23?7x9`#5)vE9NQHzDtOC<Qob(9DHqSkfHWS$sXjhbwE18(5ExVf
zy_@fNVo2?x?_(vVApSn#bD;;tAaNkgxLKyMg;<;-{@is+cWDbt7CB2p^^SAdgt(i;
zWt@gdt*zZsu$QX7gyGr@3)umvPCv=?BhtA`uxjBdbP}@AY;s^IlFrWfdvi`&%}|A-
zV;!j$LkcR!T$Kn~tQ>2Oe!_;H^ZKoPiWgZ2DNH=J@45tJSLzM|_u{DSRdIuf`nooU
zmA3)6Wm-??$DWXW3+>cZqzJ#_$sgw#)FR<lsXLP+(k&lH-m8^EwLwhx>ZHkbfKC8?
zwm-=G&F5}8p*H=YkgG?&Zp~cTFl;McS;l%kx{b6fb?(g-2YG1#E2>>nrRRpJ<{t0H
zaNx8@%&w6b)o*Nm$Tr%E-Sd#r8%Q<OoG>yE(Zt_QGwsdTGbG=MCDpp3{9TAPo%4LN
ziF9W%)3Wt<&XrCGs}q^ZavfZ^Kh4LP-6!H|o)_Vsr@C)Md>tfy5`c?GsBxw$NZu(-
zYDly>e$fOAqSesklB_t1UA4S)B%ej%YM#;Hwqboq%emNeDPrrmEu*(Wx;?eCGDP)z
z#Oadf-wdC-ec6|!ET4OoHf&7}q=C%nkCM?a?j?jjIV-JeQlexboVhNjQwhmC;j{vC
zEtqt<d+0Fz$^E&j%^vb9^o67^$Ofu@d;4)n`$+RB8qY{UcfLLz&7x3VZlo4`t+rSk
zPDdT~!!LiIdDnQLAGV#U_qO}qwYpf++}>~NBFvT#bW(^i=GftY#3tRu=85Qr^}S5k
znrK|jv_y}<{aAx<4A<108f>MwMDFdtmo*m2$U!B=Ko^(gg{D<*MBBTjb$GvPby-dE
zHWuPz7z9N@dmSu=?bVsfkaB!<edQJJGi2;7fy10wCNm|aF*uQ$QR+6mK1`a92tYvF
z0(=h_XoQ}ZHO{y9u|Qa#auMGu4d-bFu?T^;Glm_(-k%wlqatr}cu9SFS^B!;+yDh`
zi+*c})X)eRWi^XJ@IKAyi<<Y~k5PB}5-Q%CwdHz09;nIM+I{_)fZ0~aPICg??y1%h
zs{et()*A|LrcZ#y!~?e?+GI_cdcsV~Lx-DcMttVQR(>dIEEf{4SbOW(w&c=E=sPtv
zHg1r9X<^#DZ@<YaNs?B_R&Nm%;hWy+*44MsCPBVZz}d^YEF7l6K@OE4pt^0;sL>6_
ztX;jpJquyxZNZK;5hI*vUin<ffbGYSnw6UoHs90s8WnB(4aD9nA)V8N8TueB2RD*^
z*uAy{(Y~)uswZ*rFHA+{y>0=Gd(7(=`A}2xc<=q!dFH7n&g^=se}mkd!wO%F?mr4=
z_>oRBw^zS@GJh%vKXIBg1wDJ+Mcf&*$m+Qa-1zGz*EuR0gHUw~16i7NHOM8y9slp|
z@i{piP0rlyu}cs!la~yC9VhyT!;DL;rE_VREjx(PkevC`wV4o?i{9q>4-$kj_E$e}
zRo`^b&x+;XzbSoJ1}eeFYP95QRk>fpufqWNS|T=BHJ4^}3>aa=3Yd8v9^?Ahd>eoR
z<Si~gH$?h^a~}a)K{?N;*VFslZjrQsQ)eLI%0q&g@J)?pHIc+TdtA>QTOoy*Y1iV|
zl*ei-xn(6U)9@!;4bR+LamkjQpBw-3nn`6cWJe@uN5{w@*WefL+g~Y0wW@xD{6haR
zlmD3Z60KRA>T3;3uR^JG>P%}~Y7lvGhAt)?G1OaG0O@5L#B$5Lm)Co8mwiz0(d#>2
z_i1uC3FBX88~QRV=UpMEOT5Kx=gEOzB<6ih+jnt<n??mUFleGyczCIaYrXJ={-bTy
zcn3)lz$qd3ztnZ)Elh>I5q9SiifCWtZ-2cj%aSYwBw?`AOoT*47&!TiGOH-Ilu}kY
zU6!67*^HFhJdY=3<^on4sr^)2&ntNjub)MM?$%`;*voB_{^(~4qn0dQ&&-FZc;;PS
z0HS~*VKkuYvd=b`dIx>AAozKk$b;~0He9ynD@mCXRHFTgzPta1$YG5<X+g9|>MzTr
zmVNd5qYflMxRNdU`Hp4=+KGA(_JfuC4W0Br4(fB2FeArs4PSCb+X4Lhu#hW^2IcPF
zr?*hE8ud(W#@|8drL#Q5{a0@kICc}@C3?ii<mOVISg9rGpY=~5oyPsz62_@RnrkU+
z?*D4R>X3ds$vKXa#~SEmO3Yp_!@t+bEr$VgJu37mSoo(~pM5P;O1q>0L-0l&eRviC
zb)+w}2FI~c{Bk_y)P$NfU*6dxJBzoPdkf}ubREo%29}2thi<|jR;wT3MX9mr12Esj
zM7Jga+_O(#d~v3{#asSs0^~MDGCcR+gi$L0)Y3T1ms+L(y?SLc1IiMX=x2+dpVt_E
zv~E$_ADv-mb>LF-wLD)BN!3=-s$JnUlM1Z<o-dGqzw%+w^Ch{y34=gjD+TW6;j(wS
z=2})c+zP&y3-AU({LCq!r+2>L!{w=P+9~M<e23{}5tMw^bPKuGEgbm%JcVE!EfM=-
zd;;ckrmDnoPf<O@kRC{HW`QUbG+pbi=js%tg1!BEV4;9OOR8e#a0dYP**}5(N-YZ-
zL`gnC1+8MX-bi9n(?A{<WDN)B@_EhvI&7vD3`>aGH%}LBcrtt^fRl%RBjEdni}Ql)
z93~O#*S{z6i?TOqz7v3dhJVB5!@)^+%>s>k(04Gg!8Kfr9mC;w=jz6|wBZm;uoW~X
zS0=`vjf9O-=(O!U!(<PQfmUIExfFgo6hK($_gf78`28LW6@UMNiKhI14-#*GzmEAL
zFrKd8f5r^@_xu0<H?2hAUxHsgMYGOvw2L^}jaapxRT<su>8&{2+8MC}WyTi&JS!$I
zrJ9h4M-+MSglP3eBC#)1ahvoYtL^vW{r#x_G=Of$twdBD?N=an4r@8fk4>A}75K03
zg4{yyVyZ7xB7%ZQ{!C$E*c$DG%VoGI&N_7!!UVn<wpwv?2td%EDH$`aM7WV(H+P#G
z|LzLa*dORM9x0{&Gpkm_aM7WQF;%#r2laf^;XL$k9D2C2dbnb8v~6-UV{$mtldkfA
zjFHc2jaFJ&MkliFIyn9Nd!#=f%zVJ+)WscM^qHFdX{&M%id#oj>=dwnx@SKLv@gGC
zCIW9uJwq#Z$1JK6VZI~|Uq80CLsGkb8ry!9yJoOT1iDpGZ(ZE5^wS37jMgh53B&p;
z`2N-JmKYfsd)+~)ir+6~df^Xlm##l?Q=+N-=td^DK@=mBzceYmQ(8Q@M(emC9^_ap
z7kK$ywd~UR`*Ly7Kd)||>k@8)G&NL2tXd7?hq(xRV)&Pq%n5P#2Xt8kifApfGy9w-
zi{u4c7T5p0V#DQ}eLFw6UAeC6=0@Y}5@<ga>@ZZZ7Ds(V=O%bP2(`Vl#rWsr*JBkL
zW5K7-zCu94?T3tZ{n}vJH>v4QKB9k^uzC@AM}NPj1KWt?vVG-TF5B6UO~sw7MBF{9
z7pLwQzIgoGVjC+z+Apnt_eW$9z&23g0(dmX{=HCocESZhp<*tz+o66|_|I5H&BcrN
zb7MWLAjdu(i_b8Q|NHjf=hhtp*zaitKa&(6?Ft?HiZY4H<5w>{1LY_GTrHdFzxMvv
k)wZ8LK#yJAor*ldaTsF}Hbtv{z{t&`2hyS$!Y`cv2R|>;O8@`>

literal 0
HcmV?d00001

diff --git a/docs/examples/couchdb_data_volumes.md b/docs/examples/couchdb_data_volumes.md
new file mode 100644
index 00000000..972e78a7
--- /dev/null
+++ b/docs/examples/couchdb_data_volumes.md
@@ -0,0 +1,49 @@
+<!--[metadata]>
++++
+title = "Dockerizing a CouchDB service"
+description = "Sharing data between 2 couchdb databases"
+keywords = ["docker, example, package installation, networking, couchdb,  data volumes"]
+[menu.main]
+parent = "engine_dockerize"
++++
+<![end-metadata]-->
+
+# Dockerizing a CouchDB service
+
+> **Note**: 
+> - **If you don't like sudo** then see [*Giving non-root
+>   access*](../installation/binaries.md#giving-non-root-access)
+
+Here's an example of using data volumes to share the same data between
+two CouchDB containers. This could be used for hot upgrades, testing
+different versions of CouchDB on the same data, etc.
+
+## Create first database
+
+Note that we're marking `/var/lib/couchdb` as a data volume.
+
+    $ COUCH1=$(docker run -d -p 5984 -v /var/lib/couchdb shykes/couchdb:2013-05-03)
+
+## Add data to the first database
+
+We're assuming your Docker host is reachable at `localhost`. If not,
+replace `localhost` with the public IP of your Docker host.
+
+    $ HOST=localhost
+    $ URL="http://$HOST:$(docker port $COUCH1 5984 | grep -o '[1-9][0-9]*$')/_utils/"
+    $ echo "Navigate to $URL in your browser, and use the couch interface to add data"
+
+## Create second database
+
+This time, we're requesting shared access to `$COUCH1`'s volumes.
+
+    $ COUCH2=$(docker run -d -p 5984 --volumes-from $COUCH1 shykes/couchdb:2013-05-03)
+
+## Browse data on the second database
+
+    $ HOST=localhost
+    $ URL="http://$HOST:$(docker port $COUCH2 5984 | grep -o '[1-9][0-9]*$')/_utils/"
+    $ echo "Navigate to $URL in your browser. You should see the same data as in the first database"'!'
+
+Congratulations, you are now running two Couchdb containers, completely
+isolated from each other *except* for their data.
diff --git a/docs/examples/index.md b/docs/examples/index.md
new file mode 100644
index 00000000..87dd2b3f
--- /dev/null
+++ b/docs/examples/index.md
@@ -0,0 +1,23 @@
+<!--[metadata]>
++++
+title = "Dockerize an application"
+description = "Provides examples for using Docker"
+keywords = ["dockerize, dockerizing apps, dockerizing applications, container,  containers"]
+[menu.main]
+identifier = "engine_dockerize"
+parent="engine_use"
+weight = 8
++++
+<![end-metadata]-->
+
+# Dockerize an application
+
+This section contains the following:
+
+* [Dockerizing MongoDB](mongodb.md)
+* [Dockerizing PostgreSQL](postgresql_service.md)    
+* [Dockerizing a CouchDB service](couchdb_data_volumes.md)         
+* [Dockerizing a Node.js web app](nodejs_web_app.md)
+* [Dockerizing a Redis service](running_redis_service.md)
+* [Dockerizing an apt-cacher-ng service](apt-cacher-ng.md)
+* [Dockerizing applications: A 'Hello world'](../userguide/containers/dockerizing.md)
diff --git a/docs/examples/mongodb.md b/docs/examples/mongodb.md
new file mode 100644
index 00000000..3173aa1b
--- /dev/null
+++ b/docs/examples/mongodb.md
@@ -0,0 +1,177 @@
+<!--[metadata]>
++++
+title = "Dockerizing MongoDB"
+description = "Creating a Docker image with MongoDB pre-installed using a Dockerfile and sharing the image on Docker Hub"
+keywords = ["docker, dockerize, dockerizing, article, example, docker.io, platform, package, installation, networking, mongodb, containers, images, image, sharing, dockerfile, build, auto-building,  framework"]
+[menu.main]
+parent = "engine_dockerize"
++++
+<![end-metadata]-->
+
+# Dockerizing MongoDB
+
+## Introduction
+
+In this example, we are going to learn how to build a Docker image with
+MongoDB pre-installed.  We'll also see how to `push` that image to the
+[Docker Hub registry](https://hub.docker.com) and share it with others!
+
+> **Note:** This guide will show the mechanics of building a MongoDB container, but
+> you will probably want to use the official image on [Docker Hub]( https://hub.docker.com/_/mongo/)
+
+Using Docker and containers for deploying [MongoDB](https://www.mongodb.org/)
+instances will bring several benefits, such as:
+
+ - Easy to maintain, highly configurable MongoDB instances;
+ - Ready to run and start working within milliseconds;
+ - Based on globally accessible and shareable images.
+
+> **Note:**
+>
+> If you do **_not_** like `sudo`, you might want to check out:
+> [*Giving non-root access*](../installation/binaries.md#giving-non-root-access).
+
+## Creating a Dockerfile for MongoDB
+
+Let's create our `Dockerfile` and start building it:
+
+    $ nano Dockerfile
+
+Although optional, it is handy to have comments at the beginning of a
+`Dockerfile` explaining its purpose:
+
+    # Dockerizing MongoDB: Dockerfile for building MongoDB images
+    # Based on ubuntu:latest, installs MongoDB following the instructions from:
+    # http://docs.mongodb.org/manual/tutorial/install-mongodb-on-ubuntu/
+
+> **Tip:** `Dockerfile`s are flexible. However, they need to follow a certain
+> format. The first item to be defined is the name of an image, which becomes
+> the *parent* of your *Dockerized MongoDB* image.
+
+We will build our image using the latest version of Ubuntu from the
+[Docker Hub Ubuntu](https://hub.docker.com/_/ubuntu/) repository.
+
+    # Format: FROM    repository[:version]
+    FROM       ubuntu:latest
+
+Continuing, we will declare the `MAINTAINER` of the `Dockerfile`:
+
+    # Format: MAINTAINER Name <email@addr.ess>
+    MAINTAINER M.Y. Name <myname@addr.ess>
+
+> **Note:** Although Ubuntu systems have MongoDB packages, they are likely to
+> be outdated. Therefore in this example, we will use the official MongoDB
+> packages.
+
+We will begin with importing the MongoDB public GPG key. We will also create
+a MongoDB repository file for the package manager.
+
+    # Installation:
+    # Import MongoDB public GPG key AND create a MongoDB list file
+    RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10
+    RUN echo "deb http://repo.mongodb.org/apt/ubuntu "$(lsb_release -sc)"/mongodb-org/3.0 multiverse" | tee /etc/apt/sources.list.d/mongodb-org-3.0.list
+
+After this initial preparation we can update our packages and install MongoDB.
+
+    # Update apt-get sources AND install MongoDB
+    RUN apt-get update && apt-get install -y mongodb-org
+
+> **Tip:** You can install a specific version of MongoDB by using a list
+> of required packages with versions, e.g.:
+>
+>     RUN apt-get update && apt-get install -y mongodb-org=3.0.1 mongodb-org-server=3.0.1 mongodb-org-shell=3.0.1 mongodb-org-mongos=3.0.1 mongodb-org-tools=3.0.1
+
+MongoDB requires a data directory. Let's create it as the final step of our
+installation instructions.
+
+    # Create the MongoDB data directory
+    RUN mkdir -p /data/db
+
+Lastly we set the `ENTRYPOINT` which will tell Docker to run `mongod` inside
+the containers launched from our MongoDB image. And for ports, we will use
+the `EXPOSE` instruction.
+
+    # Expose port 27017 from the container to the host
+    EXPOSE 27017
+
+    # Set usr/bin/mongod as the dockerized entry-point application
+    ENTRYPOINT ["/usr/bin/mongod"]
+
+Now save the file and let's build our image.
+
+> **Note:**
+>
+> The full version of this `Dockerfile` can be found [here](https://github.com/docker/docker/blob/master/docs/examples/mongodb/Dockerfile).
+
+## Building the MongoDB Docker image
+
+With our `Dockerfile`, we can now build the MongoDB image using Docker. Unless
+experimenting, it is always a good practice to tag Docker images by passing the
+`--tag` option to `docker build` command.
+
+    # Format: docker build --tag/-t <user-name>/<repository> .
+    # Example:
+    $ docker build --tag my/repo .
+
+Once this command is issued, Docker will go through the `Dockerfile` and build
+the image. The final image will be tagged `my/repo`.
+
+## Pushing the MongoDB image to Docker Hub
+
+All Docker image repositories can be hosted and shared on
+[Docker Hub](https://hub.docker.com) with the `docker push` command. For this,
+you need to be logged-in.
+
+    # Log-in
+    $ docker login
+    Username:
+    ..
+
+    # Push the image
+    # Format: docker push <user-name>/<repository>
+    $ docker push my/repo
+    The push refers to a repository [my/repo] (len: 1)
+    Sending image list
+    Pushing repository my/repo (1 tags)
+    ..
+
+## Using the MongoDB image
+
+Using the MongoDB image we created, we can run one or more MongoDB instances
+as daemon process(es).
+
+    # Basic way
+    # Usage: docker run --name <name for container> -d <user-name>/<repository>
+    $ docker run -p 27017:27017 --name mongo_instance_001 -d my/repo
+
+    # Dockerized MongoDB, lean and mean!
+    # Usage: docker run --name <name for container> -d <user-name>/<repository> --noprealloc --smallfiles
+    $ docker run -p 27017:27017 --name mongo_instance_001 -d my/repo --smallfiles
+
+    # Checking out the logs of a MongoDB container
+    # Usage: docker logs <name for container>
+    $ docker logs mongo_instance_001
+
+    # Playing with MongoDB
+    # Usage: mongo --port <port you get from `docker ps`>
+    $ mongo --port 27017
+
+    # If using docker-machine
+    # Usage: mongo --port <port you get from `docker ps`>  --host <ip address from `docker-machine ip VM_NAME`>
+    $ mongo --port 27017 --host 192.168.59.103
+
+> **Tip:**
+If you want to run two containers on the same engine, then you will need to map
+the exposed port to two different ports on the host
+
+    # Start two containers and map the ports
+    $ docker run -p 28001:27017 --name mongo_instance_001 -d my/repo
+    $ docker run -p 28002:27017 --name mongo_instance_002 -d my/repo
+
+    # Now you can connect to each MongoDB instance on the two ports
+    $ mongo --port 28001
+    $ mongo --port 28002
+
+ - [Linking containers](../userguide/networking/default_network/dockerlinks.md)
+ - [Cross-host linking containers](../admin/ambassador_pattern_linking.md)
+ - [Creating an Automated Build](https://docs.docker.com/docker-hub/builds/)
diff --git a/docs/examples/mongodb/Dockerfile b/docs/examples/mongodb/Dockerfile
new file mode 100644
index 00000000..3513da47
--- /dev/null
+++ b/docs/examples/mongodb/Dockerfile
@@ -0,0 +1,22 @@
+# Dockerizing MongoDB: Dockerfile for building MongoDB images
+# Based on ubuntu:latest, installs MongoDB following the instructions from:
+# http://docs.mongodb.org/manual/tutorial/install-mongodb-on-ubuntu/
+
+FROM       ubuntu:latest
+MAINTAINER Docker
+
+# Installation:
+# Import MongoDB public GPG key AND create a MongoDB list file
+RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10
+RUN echo "deb http://repo.mongodb.org/apt/ubuntu "$(lsb_release -sc)"/mongodb-org/3.0 multiverse" | tee /etc/apt/sources.list.d/mongodb-org-3.0.list
+# Update apt-get sources AND install MongoDB
+RUN apt-get update && apt-get install -y mongodb-org
+
+# Create the MongoDB data directory
+RUN mkdir -p /data/db
+
+# Expose port #27017 from the container to the host
+EXPOSE 27017
+
+# Set /usr/bin/mongod as the dockerized entry-point application
+ENTRYPOINT ["/usr/bin/mongod"]
diff --git a/docs/examples/nodejs_web_app.md b/docs/examples/nodejs_web_app.md
new file mode 100644
index 00000000..149f5b47
--- /dev/null
+++ b/docs/examples/nodejs_web_app.md
@@ -0,0 +1,199 @@
+<!--[metadata]>
++++
+title = "Dockerizing a Node.js web app"
+description = "Installing and running a Node.js app with Docker"
+keywords = ["docker, example, package installation, node,  centos"]
+[menu.main]
+parent = "engine_dockerize"
++++
+<![end-metadata]-->
+
+# Dockerizing a Node.js web app
+
+> **Note**: 
+> - **If you don't like sudo** then see [*Giving non-root
+>   access*](../installation/binaries.md#giving-non-root-access)
+
+The goal of this example is to show you how you can build your own
+Docker images from a parent image using a `Dockerfile`
+. We will do that by making a simple Node.js hello world web
+application running on CentOS. You can get the full source code at[https://github.com/enokd/docker-node-hello/](https://github.com/enokd/docker-node-hello/).
+
+## Create Node.js app
+
+First, create a directory `src` where all the files
+would live. Then create a `package.json` file that
+describes your app and its dependencies:
+
+    {
+      "name": "docker-centos-hello",
+      "private": true,
+      "version": "0.0.1",
+      "description": "Node.js Hello world app on CentOS using docker",
+      "author": "Daniel Gasienica <daniel@gasienica.ch>",
+      "dependencies": {
+        "express": "3.2.4"
+      }
+    }
+
+Then, create an `index.js` file that defines a web
+app using the [Express.js](http://expressjs.com/) framework:
+
+    var express = require('express');
+
+    // Constants
+    var PORT = 8080;
+
+    // App
+    var app = express();
+    app.get('/', function (req, res) {
+      res.send('Hello world\n');
+    });
+
+    app.listen(PORT);
+    console.log('Running on http://localhost:' + PORT);
+
+In the next steps, we'll look at how you can run this app inside a
+CentOS container using Docker. First, you'll need to build a Docker
+image of your app.
+
+## Creating a Dockerfile
+
+Create an empty file called `Dockerfile`:
+
+    touch Dockerfile
+
+Open the `Dockerfile` in your favorite text editor
+
+Define the parent image you want to use to build your own image on
+top of. Here, we'll use
+[CentOS](https://hub.docker.com/_/centos/) (tag: `centos6`)
+available on the [Docker Hub](https://hub.docker.com/):
+
+    FROM    centos:centos6
+
+Since we're building a Node.js app, you'll have to install Node.js as
+well as npm on your CentOS image. Node.js is required to run your app
+and npm is required to install your app's dependencies defined in
+`package.json`. To install the right package for
+CentOS, we'll use the instructions from the [Node.js wiki](
+https://github.com/joyent/node/wiki/Installing-Node.js-
+via-package-manager#rhelcentosscientific-linux-6):
+
+    # Enable Extra Packages for Enterprise Linux (EPEL) for CentOS
+    RUN     yum install -y epel-release
+    # Install Node.js and npm
+    RUN     yum install -y nodejs npm
+
+Install your app dependencies using the `npm` binary:
+
+    # Install app dependencies
+    COPY package.json /src/package.json
+    RUN cd /src; npm install --production
+
+To bundle your app's source code inside the Docker image, use the `COPY`
+instruction:
+
+    # Bundle app source
+    COPY . /src
+
+Your app binds to port `8080` so you'll use the `EXPOSE` instruction to have
+it mapped by the `docker` daemon:
+
+    EXPOSE  8080
+
+Last but not least, define the command to run your app using `CMD` which
+defines your runtime, i.e. `node`, and the path to our app, i.e. `src/index.js`
+(see the step where we added the source to the container):
+
+    CMD ["node", "/src/index.js"]
+
+Your `Dockerfile` should now look like this:
+
+    FROM    centos:centos6
+
+    # Enable Extra Packages for Enterprise Linux (EPEL) for CentOS
+    RUN     yum install -y epel-release
+    # Install Node.js and npm
+    RUN     yum install -y nodejs npm
+
+    # Install app dependencies
+    COPY package.json /src/package.json
+    RUN cd /src; npm install --production
+
+    # Bundle app source
+    COPY . /src
+
+    EXPOSE  8080
+    CMD ["node", "/src/index.js"]
+
+## Building your image
+
+Go to the directory that has your `Dockerfile` and run the following command
+to build a Docker image. The `-t` flag lets you tag your image so it's easier
+to find later using the `docker images` command:
+
+    $ docker build -t <your username>/centos-node-hello .
+
+Your image will now be listed by Docker:
+
+    $ docker images
+
+    # Example
+    REPOSITORY                          TAG        ID              CREATED
+    centos                              centos6    539c0211cd76    8 weeks ago
+    <your username>/centos-node-hello   latest     d64d3505b0d2    2 hours ago
+
+## Run the image
+
+Running your image with `-d` runs the container in detached mode, leaving the
+container running in the background. The `-p` flag redirects a public port to
+a private port in the container. Run the image you previously built:
+
+    $ docker run -p 49160:8080 -d <your username>/centos-node-hello
+
+Print the output of your app:
+
+    # Get container ID
+    $ docker ps
+
+    # Print app output
+    $ docker logs <container id>
+
+    # Example
+    Running on http://localhost:8080
+
+## Test
+
+To test your app, get the port of your app that Docker mapped:
+
+    $ docker ps
+
+    # Example
+    ID            IMAGE                                     COMMAND              ...   PORTS
+    ecce33b30ebf  <your username>/centos-node-hello:latest  node /src/index.js         49160->8080
+
+In the example above, Docker mapped the `8080` port of the container to `49160`.
+
+Now you can call your app using `curl` (install if needed via:
+`sudo apt-get install curl`):
+
+    $ curl -i localhost:49160
+
+    HTTP/1.1 200 OK
+    X-Powered-By: Express
+    Content-Type: text/html; charset=utf-8
+    Content-Length: 12
+    Date: Sun, 02 Jun 2013 03:53:22 GMT
+    Connection: keep-alive
+
+    Hello world
+
+If you use Docker Machine on OS X, the port is actually mapped to the Docker
+host VM, and you should use the following command:
+
+    $ curl $(docker-machine ip VM_NAME):49160
+
+We hope this tutorial helped you get up and running with Node.js and
+CentOS on Docker. You can get the full source code at
+[https://github.com/enokd/docker-node-hello/](https://github.com/enokd/docker-node-hello/).
diff --git a/docs/examples/postgresql_service.Dockerfile b/docs/examples/postgresql_service.Dockerfile
new file mode 100644
index 00000000..d5767c93
--- /dev/null
+++ b/docs/examples/postgresql_service.Dockerfile
@@ -0,0 +1,49 @@
+#
+# example Dockerfile for https://docs.docker.com/examples/postgresql_service/
+#
+
+FROM ubuntu
+MAINTAINER SvenDowideit@docker.com
+
+# Add the PostgreSQL PGP key to verify their Debian packages.
+# It should be the same key as https://www.postgresql.org/media/keys/ACCC4CF8.asc
+RUN apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8
+
+# Add PostgreSQL's repository. It contains the most recent stable release
+#     of PostgreSQL, ``9.3``.
+RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ precise-pgdg main" > /etc/apt/sources.list.d/pgdg.list
+
+# Install ``python-software-properties``, ``software-properties-common`` and PostgreSQL 9.3
+#  There are some warnings (in red) that show up during the build. You can hide
+#  them by prefixing each apt-get statement with DEBIAN_FRONTEND=noninteractive
+RUN apt-get update && apt-get install -y python-software-properties software-properties-common postgresql-9.3 postgresql-client-9.3 postgresql-contrib-9.3
+
+# Note: The official Debian and Ubuntu images automatically ``apt-get clean``
+# after each ``apt-get``
+
+# Run the rest of the commands as the ``postgres`` user created by the ``postgres-9.3`` package when it was ``apt-get installed``
+USER postgres
+
+# Create a PostgreSQL role named ``docker`` with ``docker`` as the password and
+# then create a database `docker` owned by the ``docker`` role.
+# Note: here we use ``&&\`` to run commands one after the other - the ``\``
+#       allows the RUN command to span multiple lines.
+RUN    /etc/init.d/postgresql start &&\
+    psql --command "CREATE USER docker WITH SUPERUSER PASSWORD 'docker';" &&\
+    createdb -O docker docker
+
+# Adjust PostgreSQL configuration so that remote connections to the
+# database are possible.
+RUN echo "host all  all    0.0.0.0/0  md5" >> /etc/postgresql/9.3/main/pg_hba.conf
+
+# And add ``listen_addresses`` to ``/etc/postgresql/9.3/main/postgresql.conf``
+RUN echo "listen_addresses='*'" >> /etc/postgresql/9.3/main/postgresql.conf
+
+# Expose the PostgreSQL port
+EXPOSE 5432
+
+# Add VOLUMEs to allow backup of config, logs and databases
+VOLUME	["/etc/postgresql", "/var/log/postgresql", "/var/lib/postgresql"]
+
+# Set the default command to run when starting the container
+CMD ["/usr/lib/postgresql/9.3/bin/postgres", "-D", "/var/lib/postgresql/9.3/main", "-c", "config_file=/etc/postgresql/9.3/main/postgresql.conf"]
diff --git a/docs/examples/postgresql_service.md b/docs/examples/postgresql_service.md
new file mode 100644
index 00000000..8d5f6752
--- /dev/null
+++ b/docs/examples/postgresql_service.md
@@ -0,0 +1,153 @@
+<!--[metadata]>
++++
+title = "Dockerizing PostgreSQL"
+description = "Running and installing a PostgreSQL service"
+keywords = ["docker, example, package installation,  postgresql"]
+[menu.main]
+parent = "engine_dockerize"
++++
+<![end-metadata]-->
+
+# Dockerizing PostgreSQL
+
+> **Note**:
+> - **If you don't like sudo** then see [*Giving non-root
+>   access*](../installation/binaries.md#giving-non-root-access)
+
+## Installing PostgreSQL on Docker
+
+Assuming there is no Docker image that suits your needs on the [Docker
+Hub](http://hub.docker.com), you can create one yourself.
+
+Start by creating a new `Dockerfile`:
+
+> **Note**:
+> This PostgreSQL setup is for development-only purposes. Refer to the
+> PostgreSQL documentation to fine-tune these settings so that it is
+> suitably secure.
+
+    #
+    # example Dockerfile for https://docs.docker.com/examples/postgresql_service/
+    #
+
+    FROM ubuntu
+    MAINTAINER SvenDowideit@docker.com
+
+    # Add the PostgreSQL PGP key to verify their Debian packages.
+    # It should be the same key as https://www.postgresql.org/media/keys/ACCC4CF8.asc
+    RUN apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8
+
+    # Add PostgreSQL's repository. It contains the most recent stable release
+    #     of PostgreSQL, ``9.3``.
+    RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ precise-pgdg main" > /etc/apt/sources.list.d/pgdg.list
+
+    # Install ``python-software-properties``, ``software-properties-common`` and PostgreSQL 9.3
+    #  There are some warnings (in red) that show up during the build. You can hide
+    #  them by prefixing each apt-get statement with DEBIAN_FRONTEND=noninteractive
+    RUN apt-get update && apt-get install -y python-software-properties software-properties-common postgresql-9.3 postgresql-client-9.3 postgresql-contrib-9.3
+
+    # Note: The official Debian and Ubuntu images automatically ``apt-get clean``
+    # after each ``apt-get``
+
+    # Run the rest of the commands as the ``postgres`` user created by the ``postgres-9.3`` package when it was ``apt-get installed``
+    USER postgres
+
+    # Create a PostgreSQL role named ``docker`` with ``docker`` as the password and
+    # then create a database `docker` owned by the ``docker`` role.
+    # Note: here we use ``&&\`` to run commands one after the other - the ``\``
+    #       allows the RUN command to span multiple lines.
+    RUN    /etc/init.d/postgresql start &&\
+        psql --command "CREATE USER docker WITH SUPERUSER PASSWORD 'docker';" &&\
+        createdb -O docker docker
+
+    # Adjust PostgreSQL configuration so that remote connections to the
+    # database are possible.
+    RUN echo "host all  all    0.0.0.0/0  md5" >> /etc/postgresql/9.3/main/pg_hba.conf
+
+    # And add ``listen_addresses`` to ``/etc/postgresql/9.3/main/postgresql.conf``
+    RUN echo "listen_addresses='*'" >> /etc/postgresql/9.3/main/postgresql.conf
+
+    # Expose the PostgreSQL port
+    EXPOSE 5432
+
+    # Add VOLUMEs to allow backup of config, logs and databases
+    VOLUME  ["/etc/postgresql", "/var/log/postgresql", "/var/lib/postgresql"]
+
+    # Set the default command to run when starting the container
+    CMD ["/usr/lib/postgresql/9.3/bin/postgres", "-D", "/var/lib/postgresql/9.3/main", "-c", "config_file=/etc/postgresql/9.3/main/postgresql.conf"]
+
+Build an image from the Dockerfile assign it a name.
+
+    $ docker build -t eg_postgresql .
+
+And run the PostgreSQL server container (in the foreground):
+
+    $ docker run --rm -P --name pg_test eg_postgresql
+
+There are 2 ways to connect to the PostgreSQL server. We can use [*Link
+Containers*](../userguide/networking/default_network/dockerlinks.md), or we can access it from our host
+(or the network).
+
+> **Note**:
+> The `--rm` removes the container and its image when
+> the container exits successfully.
+
+### Using container linking
+
+Containers can be linked to another container's ports directly using
+`-link remote_name:local_alias` in the client's
+`docker run`. This will set a number of environment
+variables that can then be used to connect:
+
+    $ docker run --rm -t -i --link pg_test:pg eg_postgresql bash
+
+    postgres@7ef98b1b7243:/$ psql -h $PG_PORT_5432_TCP_ADDR -p $PG_PORT_5432_TCP_PORT -d docker -U docker --password
+
+### Connecting from your host system
+
+Assuming you have the postgresql-client installed, you can use the
+host-mapped port to test as well. You need to use `docker ps`
+to find out what local host port the container is mapped to
+first:
+
+    $ docker ps
+    CONTAINER ID        IMAGE                  COMMAND                CREATED             STATUS              PORTS                                      NAMES
+    5e24362f27f6        eg_postgresql:latest   /usr/lib/postgresql/   About an hour ago   Up About an hour    0.0.0.0:49153->5432/tcp                    pg_test
+    $ psql -h localhost -p 49153 -d docker -U docker --password
+
+### Testing the database
+
+Once you have authenticated and have a `docker =#`
+prompt, you can create a table and populate it.
+
+    psql (9.3.1)
+    Type "help" for help.
+
+    $ docker=# CREATE TABLE cities (
+    docker(#     name            varchar(80),
+    docker(#     location        point
+    docker(# );
+    CREATE TABLE
+    $ docker=# INSERT INTO cities VALUES ('San Francisco', '(-194.0, 53.0)');
+    INSERT 0 1
+    $ docker=# select * from cities;
+         name      | location
+    ---------------+-----------
+     San Francisco | (-194,53)
+    (1 row)
+
+### Using the container volumes
+
+You can use the defined volumes to inspect the PostgreSQL log files and
+to backup your configuration and data:
+
+    $ docker run --rm --volumes-from pg_test -t -i busybox sh
+
+    / # ls
+    bin      etc      lib      linuxrc  mnt      proc     run      sys      usr
+    dev      home     lib64    media    opt      root     sbin     tmp      var
+    / # ls /etc/postgresql/9.3/main/
+    environment      pg_hba.conf      postgresql.conf
+    pg_ctl.conf      pg_ident.conf    start.conf
+    /tmp # ls /var/log
+    ldconfig    postgresql
diff --git a/docs/examples/running_redis_service.md b/docs/examples/running_redis_service.md
new file mode 100644
index 00000000..82daaa78
--- /dev/null
+++ b/docs/examples/running_redis_service.md
@@ -0,0 +1,89 @@
+<!--[metadata]>
++++
+title = "Dockerizing a Redis service"
+description = "Installing and running an redis service"
+keywords = ["docker, example, package installation, networking,  redis"]
+[menu.main]
+parent = "engine_dockerize"
++++
+<![end-metadata]-->
+
+# Dockerizing a Redis service
+
+Very simple, no frills, Redis service attached to a web application
+using a link.
+
+## Create a Docker container for Redis
+
+Firstly, we create a `Dockerfile` for our new Redis
+image.
+
+    FROM        ubuntu:14.04
+    RUN         apt-get update && apt-get install -y redis-server
+    EXPOSE      6379
+    ENTRYPOINT  ["/usr/bin/redis-server"]
+
+Next we build an image from our `Dockerfile`.
+Replace `<your username>` with your own user name.
+
+    $ docker build -t <your username>/redis .
+
+## Run the service
+
+Use the image we've just created and name your container `redis`.
+
+Running the service with `-d` runs the container in detached mode, leaving
+the container running in the background.
+
+Importantly, we're not exposing any ports on our container. Instead
+we're going to use a container link to provide access to our Redis
+database.
+
+    $ docker run --name redis -d <your username>/redis
+
+## Create your web application container
+
+Next we can create a container for our application. We're going to use
+the `-link` flag to create a link to the `redis` container we've just
+created with an alias of `db`. This will create a secure tunnel to the
+`redis` container and expose the Redis instance running inside that
+container to only this container.
+
+    $ docker run --link redis:db -i -t ubuntu:14.04 /bin/bash
+
+Once inside our freshly created container we need to install Redis to
+get the `redis-cli` binary to test our connection.
+
+    $ sudo apt-get update
+    $ sudo apt-get install redis-server
+    $ sudo service redis-server stop
+
+As we've used the `--link redis:db` option, Docker
+has created some environment variables in our web application container.
+
+    $ env | grep DB_
+
+    # Should return something similar to this with your values
+    DB_NAME=/violet_wolf/db
+    DB_PORT_6379_TCP_PORT=6379
+    DB_PORT=tcp://172.17.0.33:6379
+    DB_PORT_6379_TCP=tcp://172.17.0.33:6379
+    DB_PORT_6379_TCP_ADDR=172.17.0.33
+    DB_PORT_6379_TCP_PROTO=tcp
+
+We can see that we've got a small list of environment variables prefixed
+with `DB`. The `DB` comes from the link alias specified when we launched
+the container. Let's use the `DB_PORT_6379_TCP_ADDR` variable to connect to
+our Redis container.
+
+    $ redis-cli -h $DB_PORT_6379_TCP_ADDR
+    $ redis 172.17.0.33:6379>
+    $ redis 172.17.0.33:6379> set docker awesome
+    OK
+    $ redis 172.17.0.33:6379> get docker
+    "awesome"
+    $ redis 172.17.0.33:6379> exit
+
+We could easily use this or other environment variables in our web
+application to make a connection to our `redis`
+container.
diff --git a/docs/examples/running_riak_service.Dockerfile b/docs/examples/running_riak_service.Dockerfile
new file mode 100644
index 00000000..9b82cb02
--- /dev/null
+++ b/docs/examples/running_riak_service.Dockerfile
@@ -0,0 +1,31 @@
+# Riak
+#
+# VERSION       0.1.1
+
+# Use the Ubuntu base image provided by dotCloud
+FROM ubuntu:trusty
+MAINTAINER Hector Castro hector@basho.com
+
+# Install Riak repository before we do apt-get update, so that update happens
+# in a single step
+RUN apt-get install -q -y curl && \
+    curl -fsSL https://packagecloud.io/install/repositories/basho/riak/script.deb | sudo bash
+
+# Install and setup project dependencies
+RUN apt-get update && \
+    apt-get install -y supervisor riak=2.0.5-1
+
+RUN mkdir -p /var/log/supervisor
+
+RUN locale-gen en_US en_US.UTF-8
+
+COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
+
+# Configure Riak to accept connections from any host
+RUN sed -i "s|listener.http.internal = 127.0.0.1:8098|listener.http.internal = 0.0.0.0:8098|" /etc/riak/riak.conf
+RUN sed -i "s|listener.protobuf.internal = 127.0.0.1:8087|listener.protobuf.internal = 0.0.0.0:8087|" /etc/riak/riak.conf
+
+# Expose Riak Protocol Buffers and HTTP interfaces
+EXPOSE 8087 8098
+
+CMD ["/usr/bin/supervisord"]
diff --git a/docs/examples/running_riak_service.md b/docs/examples/running_riak_service.md
new file mode 100644
index 00000000..f17969fe
--- /dev/null
+++ b/docs/examples/running_riak_service.md
@@ -0,0 +1,108 @@
+<!--[metadata]>
++++
+title = "Dockerizing a Riak service"
+description = "Build a Docker image with Riak pre-installed"
+keywords = ["docker, example, package installation, networking,  riak"]
+[menu.main]
+parent = "engine_dockerize"
++++
+<![end-metadata]-->
+
+# Dockerizing a Riak service
+
+The goal of this example is to show you how to build a Docker image with
+Riak pre-installed.
+
+## Creating a Dockerfile
+
+Create an empty file called `Dockerfile`:
+
+    $ touch Dockerfile
+
+Next, define the parent image you want to use to build your image on top
+of. We'll use [Ubuntu](https://hub.docker.com/_/ubuntu/) (tag:
+`trusty`), which is available on [Docker Hub](https://hub.docker.com):
+
+    # Riak
+    #
+    # VERSION       0.1.1
+
+    # Use the Ubuntu base image provided by dotCloud
+    FROM ubuntu:trusty
+    MAINTAINER Hector Castro hector@basho.com
+
+After that, we install the curl which is used to download the repository setup
+script and we download the setup script and run it.
+
+    # Install Riak repository before we do apt-get update, so that update happens
+    # in a single step
+    RUN apt-get install -q -y curl && \
+        curl -fsSL https://packagecloud.io/install/repositories/basho/riak/script.deb | sudo bash
+
+Then we install and setup a few dependencies:
+
+ - `supervisor` is used manage the Riak processes
+ - `riak=2.0.5-1` is the Riak package coded to version 2.0.5
+
+<!-- -->
+
+    # Install and setup project dependencies
+    RUN apt-get update && \
+        apt-get install -y supervisor riak=2.0.5-1
+
+    RUN mkdir -p /var/log/supervisor
+
+    RUN locale-gen en_US en_US.UTF-8
+
+    COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
+
+After that, we modify Riak's configuration:
+
+    # Configure Riak to accept connections from any host
+    RUN sed -i "s|listener.http.internal = 127.0.0.1:8098|listener.http.internal = 0.0.0.0:8098|" /etc/riak/riak.conf
+    RUN sed -i "s|listener.protobuf.internal = 127.0.0.1:8087|listener.protobuf.internal = 0.0.0.0:8087|" /etc/riak/riak.conf
+
+Then, we expose the Riak Protocol Buffers and HTTP interfaces:
+
+    # Expose Riak Protocol Buffers and HTTP interfaces
+    EXPOSE 8087 8098
+
+Finally, run `supervisord` so that Riak is started:
+
+    CMD ["/usr/bin/supervisord"]
+
+## Create a supervisord configuration file
+
+Create an empty file called `supervisord.conf`. Make
+sure it's at the same directory level as your `Dockerfile`:
+
+    touch supervisord.conf
+
+Populate it with the following program definitions:
+
+    [supervisord]
+    nodaemon=true
+
+    [program:riak]
+    command=bash -c "/usr/sbin/riak console"
+    numprocs=1
+    autostart=true
+    autorestart=true
+    user=riak
+    environment=HOME="/var/lib/riak"
+    stdout_logfile=/var/log/supervisor/%(program_name)s.log
+    stderr_logfile=/var/log/supervisor/%(program_name)s.log
+
+## Build the Docker image for Riak
+
+Now you should be able to build a Docker image for Riak:
+
+    $ docker build -t "<yourname>/riak" .
+
+## Next steps
+
+Riak is a distributed database. Many production deployments consist of
+[at least five nodes](
+http://basho.com/why-your-riak-cluster-should-have-at-least-five-nodes/).
+See the [docker-riak](https://github.com/hectcastro/docker-riak) project
+details on how to deploy a Riak cluster using Docker and Pipework.
diff --git a/docs/examples/running_ssh_service.Dockerfile b/docs/examples/running_ssh_service.Dockerfile
new file mode 100644
index 00000000..7aba7f68
--- /dev/null
+++ b/docs/examples/running_ssh_service.Dockerfile
@@ -0,0 +1,20 @@
+# sshd
+#
+# VERSION               0.0.2
+
+FROM ubuntu:14.04
+MAINTAINER Sven Dowideit <SvenDowideit@docker.com>
+
+RUN apt-get update && apt-get install -y openssh-server
+RUN mkdir /var/run/sshd
+RUN echo 'root:screencast' | chpasswd
+RUN sed -i 's/PermitRootLogin without-password/PermitRootLogin yes/' /etc/ssh/sshd_config
+
+# SSH login fix. Otherwise user is kicked off after login
+RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
+
+ENV NOTVISIBLE "in users profile"
+RUN echo "export VISIBLE=now" >> /etc/profile
+
+EXPOSE 22
+CMD ["/usr/sbin/sshd", "-D"]
diff --git a/docs/examples/running_ssh_service.md b/docs/examples/running_ssh_service.md
new file mode 100644
index 00000000..284a5394
--- /dev/null
+++ b/docs/examples/running_ssh_service.md
@@ -0,0 +1,84 @@
+<!--[metadata]>
++++
+title = "Dockerizing an SSH service"
+description = "Installing and running an SSHd service on Docker"
+keywords = ["docker, example, package installation,  networking"]
+[menu.main]
+parent = "engine_dockerize"
++++
+<![end-metadata]-->
+
+# Dockerizing an SSH daemon service
+
+## Build an `eg_sshd` image
+
+The following `Dockerfile` sets up an SSHd service in a container that you
+can use to connect to and inspect other container's volumes, or to get
+quick access to a test container.
+
+    # sshd
+    #
+    # VERSION               0.0.2
+
+    FROM ubuntu:14.04
+    MAINTAINER Sven Dowideit <SvenDowideit@docker.com>
+
+    RUN apt-get update && apt-get install -y openssh-server
+    RUN mkdir /var/run/sshd
+    RUN echo 'root:screencast' | chpasswd
+    RUN sed -i 's/PermitRootLogin without-password/PermitRootLogin yes/' /etc/ssh/sshd_config
+
+    # SSH login fix. Otherwise user is kicked off after login
+    RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
+
+    ENV NOTVISIBLE "in users profile"
+    RUN echo "export VISIBLE=now" >> /etc/profile
+
+    EXPOSE 22
+    CMD ["/usr/sbin/sshd", "-D"]
+
+Build the image using:
+
+    $ docker build -t eg_sshd .
+
+## Run a `test_sshd` container
+
+Then run it. You can then use `docker port` to find out what host port
+the container's port 22 is mapped to:
+
+    $ docker run -d -P --name test_sshd eg_sshd
+    $ docker port test_sshd 22
+    0.0.0.0:49154
+
+And now you can ssh as `root` on the container's IP address (you can find it
+with `docker inspect`) or on port `49154` of the Docker daemon's host IP address
+(`ip address` or `ifconfig` can tell you that) or `localhost` if on the
+Docker daemon host:
+
+    $ ssh root@192.168.1.2 -p 49154
+    # The password is ``screencast``.
+    $$
+
+## Environment variables
+
+Using the `sshd` daemon to spawn shells makes it complicated to pass environment
+variables to the user's shell via the normal Docker mechanisms, as `sshd` scrubs
+the environment before it starts the shell.
+
+If you're setting values in the `Dockerfile` using `ENV`, you'll need to push them
+to a shell initialization file like the `/etc/profile` example in the `Dockerfile`
+above.
+
+If you need to pass`docker run -e ENV=value` values, you will need to write a
+short script to do the same before you start `sshd -D` and then replace the
+`CMD` with that script.
+
+## Clean up
+
+Finally, clean up after your test by stopping and removing the
+container, and then removing the image.
+
+    $ docker stop test_sshd
+    $ docker rm test_sshd
+    $ docker rmi eg_sshd
+
diff --git a/docs/examples/supervisord.conf b/docs/examples/supervisord.conf
new file mode 100644
index 00000000..385fbe7a
--- /dev/null
+++ b/docs/examples/supervisord.conf
@@ -0,0 +1,12 @@
+[supervisord]
+nodaemon=true
+
+[program:riak]
+command=bash -c "/usr/sbin/riak console"
+numprocs=1
+autostart=true
+autorestart=true
+user=riak
+environment=HOME="/var/lib/riak"
+stdout_logfile=/var/log/supervisor/%(program_name)s.log
+stderr_logfile=/var/log/supervisor/%(program_name)s.log
diff --git a/docs/extend/images/authz_additional_info.png b/docs/extend/images/authz_additional_info.png
new file mode 100644
index 0000000000000000000000000000000000000000..1a6a6d01d2048fcb975b7d2b025cdfabd4c4f5f3
GIT binary patch
literal 45916
zcmd43bx@UE)He)x5RM?JfJle5lt_rQlp>N6($cM@(x9NyQUU^sbT>#NA)(SC4bm-w
zNPg=w?&o>uo%!bb^P4&MJ;U}~wXeO`TEAH5*`3>RXU|Zc!N9;cs~|6<ih+T}1pn3I
zo`#Wg@va9L7<3p4GLq_Un5(bRV@d=2ZOKETU$&#%S(zAqe$qNe&woJ*U1jH=&@Hae
zb0bLRen-@;yH91BSDr^+dN+E$YW~%&SHdS>?8mEj#}{hMznYINBu?&oe6G$A5M8Mr
ztp2%?yOZk~NktGSO(E}t`um}Kj_Q>uvLRE#Vv_j#d5(dNzJ`Sk$N2q`=ttiPm#IZt
z{P`34KQ{W{zd!!}_0JMA*zHq|{>*G_?Q1M*>9<th%AhUB-<Ns(9Ct;J@^ReFkFp&t
z7alliAvd@Zw>Dh#VM&LRcFg<aC|iG|*mOIGa((8&m^4S!bD;Bl+`wM`(x<jbkL{5D
zoV&`!W}mXfeoj0tpb~Oupkki?X_98ptgBl&dmLMT*iu=)Hc@+R*|T%p^U|^`a}Xx+
zd8Uat{dzAw0$MT7&RFi)Z{P02C0<l4I=ZfPzme{(aertzQk<43<jAnTOulp`!rZXA
zK(G3eQo_|}?)pR3{Cibz#oXl2vEHF8#J7!MkJ-N=T6Tleu|hjmiS=Rcjhu3~P0jp!
z+UGYMg!)4^HoQ-&NtgxgC!*?)cM6I<4|XkHk#9YS<<h;BbGN`n*Dg<|?A_y^>&rSx
zqV8j@3jHsWhM6dpm8o)fUw9v_7<@n2sL#1iD7KdpOnpr=U%!@JyZC-ld^Fc=n`(Vf
zM)_vzcntLu*&9zJ`cVqiE^F_shw^Vnd;OY=O}q7q&(Hq!q}M^-d*1oauSeN#GtfA#
zk7;ij$t%$jUG;sZpjTY`IUxJC_u*EcN>L!KmzLE~zAaVT!R<_nr_a?GDsE&_@Fi0)
zP6ZiKT(Jn3mgzU2sByQuS+|h%I9TZ5=Z4@6OjFa=YRMOo=jYgFK8Dl#&*oRJKRBG@
z_I8}AvEDoSIXO@!_2i5&pJ~T8x6MWzY6I`1vQ&e5FZPXG?Gj3b_pTduQ9oglMuoy&
zCkj8zwnkoMpS!nhmFGdZ$xQRJ(B*-gYj@1vJ1tQaX2DAceSOW9(*3ISU{|5!cH?dv
zt+%?PzS}hR?0d05y!T=k_|2RWuepBSI^6zp?fH3*`3A?ij%ezK^Ig0h-Pc%@lbn96
zj`T%{dwa>naB5Q#iXRr5w1rX=e8P0zWwDv48NsZ6LB_Q#pDb3(sGKAk`rdg(gp5-w
zoc&h>qa4-vd*_GWI%B^?2tPE_xU{U2DtlIg`{84{qUgQ#VN{3O#X6@YRZ|m~C5;oz
z&gl<<*Df2><)&uZ(j6Yn&FAaieo{^4_T0Wj_Aoi_AbG-jDJ?cpaXVJIGlomUYtLZ3
z(8xd4X{mSFTTob7doH8%1DPk$TFmvwE<2JshbOe6Zrwd;H_7GJ$Ev7d(LNOY{*f`%
z`*=I~_U=>zZNAGodH(rc8>fqld3JaPHqKth<<Xb9&)L4|9Mm-!bEdsP?Y%dRvs3?6
z%>O{E%xZw@1v&Si_61$<jYe54!E2i9{POF{w0$jm)&`kX2cr}5Rng{w`MN?CB%izV
zws)E3KPQV9*oiF0xqTe3aaS{S{IRIQEb&7;&0V*~&2a~#&vg2YN}6J{x}c^g?pA}0
z&i1K0;z5oRw35axF|cMXM^k^@r4oK1<h8%VVp?9{tz|%X5%)E`rR-w5L8lADu)K9r
zRo)^i_x2Dmj^I8leuLLP<-%>gmMUD=>Y9uD`AKSVZ);YO=~aOVtu2P{+n;3-nzPj=
zq^!!r-LRq5JxbRW?`9|`52jQ4bsHROR#xT2suU(rD{t+Dw9#JN`J^&**M3L3o1ONk
zTgD);yZhJ9VvqEIL@bVD@X41emc5x_p?8b#E6Dj`VXKRb5&m!w+Q%cmOmXgT&T7cZ
zNWHl<b!1Uw<@W?fL`T=<cH)(D-O}K3@pK&WJm(yM(c>&&e>YFZ^qct{jSbU-k)lV*
zTNPn%C^&YXL{>-d4t5<?aaX3`tr)?6ovibureJPd_&_M`1lxPiankeWh1XlJ%#(Q8
zC*C_-JBvZY<h2>*X^Y{~RrhF+$*>*De@*=J<apyGShORCYh`aSHH-@G&q+P=PNNWQ
zFx}P=Sx`=?WnVVmHJ8=QW&#>BezPuz6q>?|e%P3k1dY-sr|Py^FNW@{3|+gd_x@e}
z!J}b1>N=H074qPY#Tp0x?nch=&9Fk3H65ID0(Di(d&jsWN6G;>XZP$z%RlkjjR`Rl
z2ESk2{L!a;alv{ZdrqswEQGy8JxjIK{o!M+kd08K6j68qcEbTZ5%ouF_MvQQ=|Wb6
zxt59cJ#U}n$J5In&e=ansD5+-yLx2noWZ2qVUgodzFz3hN$<(b6*cASb9>)AxzE0_
ziw^U$cx$tX>V&N)a=aDhok?jyQ#tWYfs{G!OQP^><-vOO*^6h$FRu>QKCYN;4Y^2g
zNK1cN3^p(y>!OFpj$HLFUMfR6wSn#Qi@bsIUVMLBJhk(|dIn>kJkO<;zhqI?Wc*4&
zJhWzeT)+L3#)e|btZms-c6)1}?M~GB1E;#i2Nho@%;t|puZ_{+cV=axNydA|Y*z+y
z78*j()BRa$trh76)FMKX-Gq*~q(>oWhX|JDhKbt8A$#>ly9x1pjRM=Jx;t>6o!2Fx
z5;8pGf7565aesejr6Xyh{$v8P(U@SiElhC6`+Gaf{7nLHnyW<4B4bq#<veF)^mre<
zJw<ayD3Ca!#Qe*0AHmpRsr+}j@I#m!E34MSJnUDNyV2|#s_rHoXMS1E&-Y*l6HM3C
zJw<8GGKR2R_1)w&sH-W)@x;01BvHLY%sTu6hsp0(@>km9;|J0cNy}-r55^xow;zzj
zB^tk6P=EYhjaTzm9BuqY?aw4NeIcI7;7>IW<n4zsR5DLBmz1A1Fmx(x8VEg-8v5Y8
zlE>vyRQ6T#jTPRI$fAio%&1dy5V6QJO8T~s7rs(4oNw&7KK${cDNFc4aJ^?&w&$A}
zyRzC(u>4)C=<rA1*v1?+?W8M4v->$OU%YA)UgN&aZl6f&wI>PDEp@kOIUS;FE6x^?
z-S~TE@uMFv@6~x|6VQleex4pjn|8)%9PFvRce0GGcVzIP<|v<f&F(tsS;20)GMI;j
z(|E7yLDm{9i0D~6j7x5}9(=j}lVWHypS+e5hoA`;0{%;w(`?V&kKIF#SYwTClXr@Y
zZ!Gm^y;LvI*CXTB=R9>9pD1^HXtjq1S1ybu8n#%bC+FPfSngyMl&03W^N?PvBi+_(
z5*&97vHIivoQ^cO&)c5N(ogZfckzFrU^Z09wcc!@-GaCu@0uBURMexU-S{0-&HjyQ
znqsTz_G8Pgs|z0^J_My62;2^MX<fK;b#!C>q&M>p(Y1UV|1#mYa@@C+>{(TpmwMCq
z*VVL^o*2&2thSTo{AB(%Yfp>US|?G3GddBmn40vpX~&~qbEGRlP`R-8G&d&9L4wXY
zo=TDXwwWbtI-?AIzaUaK;g=cYSEh}ucNJZKPN24>hglm+{pZ@|Q)qMd6VK~9Y&Txh
zxFdM<mj6&qGI)yLY4Of0aql_^CbH(V{evE)a<Y5ovfa*pT78l)u6qXC9v}XitC;lS
zPySwcvi(K8v*e4|%8&fGA4`3BVp_$oFMaZM%CEW}UT^Iq(Zg_hD7V%16L*{m*I>9@
z&)XYnrlw-9@T%2^Jh$YqysOeWL}geGVU|=Hzw^FO8RDbcbMkHx822u;FTZf2CbH-i
zGVAc*Z25%Qfl*F=#)y|*hC~HSRFUv-Ic_O|2z6cQEC2bl`Y4?$oP=%O4V(u^+{Lys
z;2HC`w0C$WLo2ZTvz&H-n55=)nWX<|D|IH5*5HoYH9rlz;&`8a8YwXs+}%pQd&pRQ
zAbPwv8_92ed#6>LN$BBxaK!BmNLw-+l)BqW1cYkTc9V5^6ZI)!MP<f#GqD_ZZ`U2~
zTaQ#d%m}97l?n-+T8qUcV!8f!_goa|bHn_=>ccZ+oEC{LKW79oZM>U8E(-R)DA}A5
zIV7#!Y{DysP}?Z|9s(#k-jRgl<3)$#L-$&18|7p%+f|b`E02t3Nt!rp&N|7e(+?*d
zS@J!$Dw;l(t=^$NDDKe}Zv5V!C|uIET04?<5Sh_DJx^&<TRZSc?R9RFtLeqyPZO&<
z17w<OF65JUFKBKwu6GnZN-pYc!z$yZSZ^#9+;ig?rLK2KdXY`nb3R8iFCL#(>>h1L
zIK8w?y%dESx5y$JrRU*tPJv>**U>kBLa{q)bVNdrhM~;VGxiEHj57X`bX_E?XaEb7
zrHgQm*88w0j=eV`Z`iN+((Oc6H?Hq3FUYaWy|!A&t-ikVI@)KyDf({b!<WOb%=)v7
z52TA)#EsraJyF+mqb|El&Z4TSin3Sz!7^2L?3Q}D304(1>7`rYa<rc6SvE&&60Vy~
zPw+0<@1eX8O;!r+C&e;$8{KoZob}hsHQl8Omn=DMwNG7)ARx*vG5gdT_;&P*&~#hq
zc{{KB<Xfz;uqxzOLn=B3Yy!nk%o_)<MLF+8#a7)8GLcL8bans3xSC$xnE&-Tqa87m
zw6G^lV#+R$MeN&lckkyEY?l);@qAB<)#uZ13c$HrpkLcBFJENb67>alX3Equj=e#2
zyz3Re>5s*p@5culoxvCQQO2n0c9vvy-EUjNCSmPwZ@jp_|6^%6dUe^alQ!6R(TBXG
zanhva`S}hxspKJD2x4WU6xZWK-HX4AOVmNFs_xuP=!CCq6=6sw3z6|nFs-=$?#5)n
z3xaksMm}7_zDh?ENnuEQC0A_kC$+UDFztMr8+V;Ne|^S?j3%yFssUFqS<Ewv&Yz+&
z!Q5Hr{B*r{ZmVF1zy?ke=?ocWswPF%MFFcQlIpmj<GEOaet}#3G28|d_o56AG^>6^
zTLv&bd8wSDQPeSDcf`>B=s?lDqWnxib+rg=vg(@!U$m>fXf2t%DOMg`+8DH3TPqmP
zntAd`Z&0bVZbBMM*{tT{t;fA4ujrZ}y=3cuOZ$>gq1EE6!69<5_R+waj!O*==1ts)
z!J3Zw;UW_P&N;q?XP%rlTkv`c?Y(&8&+DEhq)B8qcqpuem3wO0u<q&6c@E9Y&g0w^
zjB5|OIrIw$FgdKdI&GcZ-D2^?gj(@3Yp~ri#Wx#HJ<W5w8}M1J{uFkO8wBRG;wrbT
zw|#uK^)6`^TYPc&U8p=$q7y9=$x_R>EjwPC_vi)r*fh42NZj=S&#j7%PinPJBl)_@
zTY1AlqP2Oeg&l1*Bq(kUr?ZcqVCsLqPoOoP`YPkyJBrxCbNb0`FP4dNAC&3V^RO?N
zwdv~a8C#d-N%fG~Wg8}bZyg_#+o^u#B<1>(m*c15>#&u<4$oFA+7e@f%t~Ebd;W(8
zKQG^PnHDYogo}<M5q$;FR!RCw?e`9j<-mEK=e}&`JU(33uc`d5=kt<Y^N}GtM$UDo
z26=S43lAj*i{{~JxtEue`aj}m)>WRypKNR|HTv+B{qp?mqo3<}UUF>%+W3}v!+a0E
z$^ZKHQn}wkCW7Hcl=MX^MWZhZ$=>-k{ktgy_O&}Pl)S$7vQN&OZ_e#<t}!g1@{Ndx
z3K3VoozVQ!;d{Px*3u6J1(TeO-5j#vJWZG`n{tvm!K#*%v_jp+kIrB|%yv*et+pw1
zOnCiAc>E=-heL(}b=HqOsc@BV32<o@O5{;BSzYeOJ3@2#bzj{~K>x_V&wbFhQ`mPk
z(E}?lLnGg1h1_>=^sY#CnFih1^?@EJAk=68m1rJlv9504ugKVTv9?!s*%wJhmCbUf
z*4%5`c+lXD^&xOxgJnxq++b%9iqdGhhC<`^NapCmKFdNBxfhdwRX<VJE53ic2@_hz
zcEp~EqrLc8dg`_7gbE|6kkw>e?IUm8Lm{%u_bi0U2D8)xEB_HOGbkY`631^n91a87
z8ok*X92KA66`tuMj-!0&X{7yw)2#guL-S0kK~s$B8P;{3oo2j+!2$zrH*-7>olOS*
zy&S{+(_(^?-Y3^v<Vz_7=OTfok?<px&m@jS*;{KS|0R8FZu&4XmD^HM%Kl}1o=N-o
zF*$yX7huLDp+i2SBq?-7wtd|^fBqzqr@}hN^sH|%m+dbtG#rD0{meGu>C=cmOpwG3
zQ3{<xV!4@;!XIj>p&Z33Z!>!3O7P!{k_2L4E6kJ%SS$X$XgRZlr15C_8>7F(Q@9Wu
zL6VWDt@ih#g<QTq-fIXz1!QhM`n=`6QL1dn^LF;BSpS7D$=uN#cS98pEKBA6PoI6K
z@bXf*Tw|Tt!KLC_-=f|jTS7jW)2BJ*k%S2}i)m1o;Z-v%e;mRXt@BLDUi(=dyCdeR
z6?S?Lqbq3{QQaGnk&(ty;e`b)@)^ZhuZsGIY@hRdGsEVTH*8Ol^p~<D;y>q0_iVr?
zg7^pCZpg5WWZ(yS^2_&v(6b{$#&2KQSl{Q|aUPYzFEaW;kLJB&Cijm}GkgtG<!p9K
z^4|cFF-#`?>5kR^Sh!qLnC{QPZ2t{N-GUd=Eb)r^9}DN>495(<;>G?qAQ1$#TmS`Y
z3FF^aMpAg&$FEt0KmGR$M5Yjz7xPRc(J51x|Cqf&I7Z97_1u30^p_+gNsLpvLjTc$
z4I-FlNLISy{QeElHN#tx!jBsH`=T+>S}gG1USClAyUsDt0deqVgM9g}{e5qAm@6n7
zHu<`f<Ht(_IkD=wS}Mi&+Zlu(&PM^s(E+(@?(^$wx65pL-#ueuW^OOD9_s()vi3D=
zmXzhTPzzpLqu`_mW5QM2GjfAn+x4i{Q0knoq_(-@mc8#HfXq>Z*Et8!H3A_dzTLp0
zXX!4rR2x{JdAwQ_KDV}>)B~GG<MS(ibB`E^xzw{K5+~x7qoGhT&CRW!;B56}D091S
z&qtp=OZm|c8!xfLxi&*Y4}V&cX=8x?N`m&22#NPR^R~j)K_Nr>kCkLYsn~!tMUxzU
zID~`?)S3%I<mGA=Nda2EwA6cJ=m$K5A`}9@>z0%L7>-U<3~m&gnk-Nb>Afk*2&C{j
z+PTZDD!#wSs9kCifmD7m-|yci*_6RBuz+1$P)Fo>{A=OCw~xfBC+>=~D;})t7l5`*
z9(p`EWZ=yuXg3xPsb1uj$?-|!lhF$MPADYjXixS6_g6<Nl%En%FGoGaVIs1`DyO7(
z-~J>xXYYNGFy{GlT+s(Xa^FYHlhMcRn}pjL;ztUac{<G8b$f5+ZUbr$2WWT`Xb90(
zbPKjef+KYv`bJ&XhwHxez^_?dIm4)$AZQ<hASQ&DX<h+Hp9T|K?7E@<^O<`Lij&0W
zV~h0TsRrNW6OX}MZL){*)Ys4b3<ien%bs|{iQlija$8+y*^XFlZqNN6j(iP=C;nFq
zyndxoYTv7{dwu_7xFpY8zXLNS>38b`5xJzDXF`2!QRwD2UHjU!02xKa=l!|beOYEu
z;l(P8AE_%%-bxl5pA}aIj`ZD~H&T8^o=^8K`KS~(`r~xMZvEB~&9R(LIVoVa#&E+B
zYX8V<u6E4wJf?@!fwb8wqw>-AWmG{w5TevdW&vSNzX3oh;G`6^<Fx%+8Uc@+O-x@;
z@`RNHRs_}sxsl=dtn2m@qE*f-G5Z-E$>R08&F<g75qCY4`edTmrsp8Y?LOUv?T)aa
zK&x4?l1iT(?eDyVm3Gb4x9VQdD_}>JM4T2==C%0EKXbOXxBE?NQonauV^<dY^-d(9
z0B`>O$xeayQs<a#TtiMloz+-SPoUE<l==vhdbVs<myU*WXL&%a&r2k9LT8C_QQTr<
zFi$r}6!7KcFtPp2c&R2Hp?#F>;++Y`Fi{4g(R_qA@UzcjR*bqcc_)IUZh+>ROBY*q
zy=N~QF`*xWk5`HH&}Ga1%!sKIT3d&y2FwaV8|7m%irNpJn3lwcRpy4MG}n!Z?2QJw
z<whLZC|EE}=6bi2MA?)@w*uaK-+nEk!G1S?l|MunYyAc8V)eRTy>q|i&y7iLz4uNk
zKYMLPiqX9%K#+Fie=W0Kv6y*OU}hlL&9oY7i+biY^@00?t`8|=^9`sIYHsl7Pq$)7
zV$%C39OH4<q=Zf%Y&D!B#65oX39}9z6t=e5lZxFZzo}s{QB$=#TqJ!12={8Il|iMo
zS>He-b=(V27l|5_2yK4>Q%hlsT9CZ8Wu(6LCXhyTEffbo{e+HbiZ;c6Kn!ckPb`v6
z?b0hD$G1>JOY{5)5mT-A@)UO4Oo@LaWAI^9$U}GYta_kyAb|qRxas$A?W)=8Y)hjR
z1wejDrYj{}0tTsm>Zu*U@ehTE9_u)A7^#f7)Yn|pbwyW+d0L1pHW!jGRjMD%Df;qr
zc`S6_-Qqdf9ksts_QI0+)?MTG*nXPcD&ON8K0O()cFifd@q*0x;lNk6A9{!O9*0|P
zR#6vsTGiPT9rZTK)*qM|xXLm6eip{UXP|h8tM@TkT>Pmh6@-JrsHM~}vFu*G+D95`
z)}!TlB4S>Ll_Klo)fFOM5CC3(*DEr9A~Kn!#xm;x#P2{=M$)4Wp}^P37J9t_kK^bC
z1oHA2;OLNtZ@!`hM(>QwDT^`6g*xHWhz=)bdbI${9XuoIb?8>G_4vo)o0+_ORjMu4
zW0ggWKp1WT0uW9EO19{^x!vrY9}x(%KQ~%vB;5wwc`#qH_p!UP7jOivRr8+`avmal
zk0Ze~&}CE>Xdf-o&(=hXSu&k5X6aue4`35}`Sin}ZiSujne*)5J|<nSmY!6zo2Xf0
zy_4d@2y90vvYAHa9-Z`%gI?o05Mv=uEjrHcbWwb7%0KjG?B%7!P^bd3M2`;_#4j$~
zbJh3U(Kw$W8$uZh7_v&=WpDokp&9nY+he#APF-cJ9BkjwBA>|*1!Y8am(GCtP6p(s
z>}^8PO&_r}huXW=1oJ0KGA^zs0(@v=7OEo_+=p@f(+<OC0jNn4-rUeRi#KOBuePao
z>$#3IQw$2?cv!axE;8SY$?PH876@*NJN5K7F;DadLuIT-8jTRVqJ85cKL~!M6tEJy
z5Zpt8y7h_<^;M3C-IxFoBSf0r@ds8MfI-UC3y!BV)bfDUw>-+2Zqqdl!CQmz`b9xI
zbv4wy_3BGA%IQ&{zchyp&z)s7#NE_DD$8Y#M?aXT$PA<LWDlGg7CHP@f?m~ys+e+O
z`4n{arrlJ_%k9}Je0{|-lG3^HBc2#VQ9}@JdL+@MTXA%oOSqQ|1(?XF4NFPXu8O4G
zrg*a}SXgjyll^$+hU;4HGnT<-lVRe|&)j~>vtrG!11!xxR^i>5q1;?2*`qS_B0Z52
ziQ?2&-N??XQ<$1=frpO0toOhw2XbWg?8Al6?Xc|LH8V}z^-G(@rC655)u8n)z{E-{
z_=L%D5tGB0Xet5Ygyq&+C7#<PL3+Yeo8fxkyyrWUWG6Z9y@xsuhLp`zn?5b)E>1i_
zE%Z190HY^tiuWess_j>GgE*q4&FK$M;~HWw4;@cO^?29cdR2dC`h`KA$1l_g3sGy_
zXZ)*%a~F>by1W=flsQ$qPw@5=GxDtUhKH_4Jg?s_CuVZU^`nEF8fKVRo8e>6O`+77
zSY3cIiGkYlsR1UNCRKVQ!9T;BN;$N2zH}^%0JHYn-N~-0jIG|A+*z)Ji*qBJ^u2^0
z<1xOw#L90+hH#T<8n;T%NFB&F(za3!vwXVJR6?jy?eXhDwD6(O7<SOtg1UXhUka7g
zG+n}6R(jjro*K!4;v|Q<JYSzi7#MiD$_pYpui$34J5I>}x68u?<v<l_*M;%uwz~CD
zMdQSh5IW!OLC69FkL7BhJ~631+8yNs8sGhBXQ;M3Qgd+6h2Q(wqrlOf*9AS*8cd9x
z>(Y1*U6=Mo+~~*b7w_W|O1lEpwC6ek*li+0V@pI!Vptc6@7?XQcw8#f8bmLBA8oi#
z#+bc#l`z9($cOu;gKDcf9hD&Qj~|INj(wK*u+zk7pL0!wU<D2#n_qZ5kU`nreNR`8
zt9a{4kDd<&_r1!(>YJi+SkIA+K7TWikoNLM&35Q_vNnge)(uKj8>bq?aR)yioT0#K
z5!A$`zV)fHZv1?X$z~qz@oBBMmduOZsvMRSf}$uM@sOn}xjYgVO*&2)qr9Xj%mi_Q
zW9S#{Ur(<x&Og}k0^Fo=(o$hFJoPnfQw)u&p$exjM*VO)yDqs|<Zzb4`9pRl?846K
zjk+9E;qle5K(3hO<*D@r{ClH1ZDqwRy4lkkm?wm|EAln=?UN!iFPN4qK`&O<@Qdq9
zjmWzE9fdxO^|4LV;WhOaEHwU1yYYN)tBv+GCHiJxVJ^uAL1Uz@$L!8|o?HU+D>c#$
z&R4JnkB^TIIzeze^m-OvC3^kJ#?q*d@a3N$q%jy!f(yJRt*pss4p%Y!Tx4Yo_;5Jc
zJX#Y(F8=cZ%thbrXRE~*O!RENS3VKg-D;oO5Q_?ZI?wZX*Jg*({)hKngL4l>*8`I<
z5<?x88={h3j9s~~H-dfDuE>i2V7=&Nk7qR9^hDO_2fwRYbK?a6X8AH?0mWa<MpxSU
z4&w2prAlY*sd<_Gvn~fSG`4Hv>@6GZNBN>Whzo%vz;8*=nP&8}XQ$w6!Siw;ZP<`+
z*gE&&ty{?yC}tZu`mN3$qm7%FYI+21hEwdWQk1ue<41`n_GA5;$Eqfp;;c6NM7bk&
z#w$mlFwg^s(EfUTSOj*k&9p9gVhX*)rcZ+vJL<<p4_*IL9O-t2*%;fSduA_;OlwNJ
z4oNZ{c8HaUc&tt}9zh9_6I*KZgkWFLiyvEX$8f@RI_p-_&)XQGZx-)TWbL?!`_MIX
zc67_SJ-eW(@#X}df=A+YpuEJjCi0IOJgCQC8k_`Vjp?k)3U}3Wbjqx<vTT)y@)9dl
z<vb)Cj>x!Un#tu4m5t{jkG=h0UOt6(V=zo0CZPzLcJa8`e2Qjb(rs8m#xUU2q|WAJ
z60PO=_BY*n%y?v+nO@{LsoX>iZiSMK6&5{GXV<DP#yiJ`tq8kC&bHjGbT@k5(AO(E
z<RnTEjG>9UNQ?DBP`ifhyr5f+I)3We%3n)92{igaPb0467W&o`dy%5KLz}{`G!>m+
zpm!o}8jvf!p07LhuKr;CS|gu9|0z!r-CP%+J8XCJ6Rk;T0$*XE(0=--SF(hTT=Z*l
z@jY?Xyol)Bo?v)=$GZ8RS0m^kCTY3b9sBW@ZZCGCp?&YhKC%<iH)k}LgX&%^$@4Uv
zu&s~m8HuklYE`)gc6iN`UPDE0UX79HYVj9pc;|aA_Kv0TtF=s()P8o>Lt}pFRpOwu
z-51QdCIu`gGhWSVqpvrWm6z@n`jMo{QW%|SAw0kA;XhJ*f|BMIwX_wGB1vNByZaj#
z`pOeEuoCIFW7HEr^hqX{`tbDZr;I9PtlKD?Iq8}E7YP4=U*qQ(6UEPm_zZh6C&K(9
zNcN%((-@nBex1$d)!?PPNDMHTxUowL`7+%x+K^J_<PH-V%hcHxEy-s$u(d2npP6=S
zDGPg9%S)2f+jhnyuvJ0^-EgwDl##5N97NXDG~<WiDL?b}f;RduU=6Z`vlfkel_vc~
zz3>feg?m>RIsRexA|=4%<)dMPFaOdV_kiwr_QLEw^IynLR}Rp++2x?;(Z6%z!8sj!
zf^$)S5qtAhK;y%9;yTKIc>qUAIOpZ~i0Hq7-FFxP<D+YGD}N~zy34q5&Kvy2B!BTb
z(I{YX<LV=e>;KM)?VI9t&wg{N(Gk-(8kY<6a3<r!G_GxW7Z(FcHjIX==!f^GI<g2m
z;@Bt6ItF2#vJP45k&F#2IF$UFO;E^wgR;CAxDzd2Z2-gP_{-zZj+fge9M007@FYLa
zInr9asd+I4usKp7=d?4>h)*2o6iSf3DLCE9s=5EDa3?tW2WD7!bMGnA_!VHxc@M(F
zqCcaqZ4rhl*PPyEJ}9-R`B`SDP*QOEX801Ll8+cu#HG*Q|06n7iGenH62S7`00T19
zz0KM*{}CPRFp*i|oB!r9T;d&KNQxKg{EzvNzX8XbCrSE``3SlKb1hG5?*1Rqkp)xv
zPO6FYzkvv3vMpyg!~P>W&ciY4@^1gbeDuO>Gbkm_{l|Q~V~~)HJcCvq4rxfc8T$>;
zl?(ri-9J1?KsYQJT%-LC07UnS0RyV{Y;rV%xOZnkx6F!JK|#Sz94f<e215}F>9<}b
z_L_fA)Q)`l(iCdEtd7tpq<h3=dets1ep#gvzi)|70-hVw5ASX<5E&id@E8ECTdX%l
z^3*Jac*Xk4`*Q2u)e%_{(Jp#<c#AA;VYEXk#%7OUFs>;2DMI~Wpi#0gGdy-iH=_mZ
z_1QFY<M!`&#whWbby-l6v#ZN{=nXx6H48l2ZP{Q7dJtM(0v=gmZFK>^KqR+;*b+bq
zK*rMPw_j(^0KF;yVBs^@TxV=7zygY`p*&p{jcoM@QTOliz<s;}yu|0SswF8#F)k@A
zV)z4Ri0DpvwdfZA5)gEeusCjlj+X|Maj{7oK{Twss}J^nSRz^|iHV4T-JexI^8)5E
zV6+4ZMk__^KKA_*ka7xjFnxI}dzmz70s^XiRDxDVN;)B}Vl%vToNcvoI$d`$&W!S^
zO<eqU;YU9*OYO#WfDU0_`26}MfT7Mv=9^=tOHS)EEiY)c0~#c0h&WkpCx!#5*xBHF
zN@E{1UbcwukjHO=!u0w(ep@35XH5}Y+f2WywN2Qk%{VD{3|cKP>y8q{<8Gs!Euh*q
z48W${3r`u-E-^#PYKvmuA~t$=AHYr|z4Yk|eD{OiDJSb^Yv!?o6D!)XFTEY8pm*R<
z@;fBv5m5zNN?Dt70sI?tyvoC_-@hpcoB<$DgWxTRcQTAltHUa+if<*8OyNZ`iTFA_
zBcSWu;Z}VY1aw+Y)-cduBGiF1hTvPWT0W)5`f)OWsAujxxBk5~8d0}9q14wdIW!GS
z@2-tnEuZdV0fae_F;I@!UE1bP-D;zA>nzc)eZ=Rweox@}_Wnu%hwkK~6)q5fUkK*}
zt#TXG-P0+xpx2SO@$L?p)bD^rM@9dv?>2^aaItCUnPxw6V-y9QJ`tS|yGAw>u(5(-
zaUG59)VV)?{j5J(lR4WbglpM*m~jpKJAIY;)T*^}Xcqn9_{hk&>AoPgaDu^!KW5*m
zI{4OyniA7aGG;{~RT8uAuHPZ}7VNxRJe3EuSQPXPR*7iROSsM0C>#&P)-c+FL%Gk1
z!l|<Sh+I#hG7L^8MO@+lwzt49vbGKW+Fs}cc5y(!-W|ZBws0G)0I=D#zfBL}3Gw$t
z3GL2MPRNlwbC~Nm|AzG$$};A6j6Y$Nko+!AHg>>`nVaOBx&{PNnqi}#D)_Fl4C?C;
ztun94*Sif?adZjWp(@x+vQ(vHU_x*3=mltqSr6u_<d``0=q5S*c=C|5!zV>j*uktt
zOe&1#`aAEFV?MC6I8!|nKgS%A(#3~FyD4u}B-NwH6Yqr?JNy1jl?T8dT@Ze7e{A3r
z!TF|aD$a!gZr2ijCEu@8BG&^{D23Lnl1X;cB-;7(-k}Q%WFY|J#bC(E`!Rp~;i%-p
z$m}>?lS_pT_X&YeH=N09@%%bE?gm=(BJbY-l_b%`d2qB|y@ARRq>xfhfhq_~ZpdvO
zPo>y#R(8iL$}Qh~@iETB->d!vmnoP|A@=g?M`z!AYf-#FsggSEa4S&zoBxT_Sj^!(
zeyGWrt;cNmOj98~89jt+W6xtN_3AuEbjfP|2n$3QnET-<j1UEq7d~W+T9z*Xsx@be
zTHiz#6fp!-68dh=OIOixEx2Bjfxdsjo+!NgrVr6ot(ch4BZMquG+~_149SGI)Oxz*
zNm3}DG1<o4Ku*y_J7mH_hj|z49AmzW+bv{hnx%m_a+BW-%`4k*n7v2A|9bwn2+{?D
z#<P+1)ahxuZeWLJU9FoU#Q$z^2W8mc*U6KV?qGqTha^8;p}W<*48qY{MTnl+d)k%b
zxOakw^KMuWLM`zY5jvt`%&z|vI$Gg|ZN`MIg#67UBu^lMy)7+G-l=g~icA!7?)Wn7
zdjn7I!t_V}!mqsNe<wBxIyegJ4cRG6eUGghjRk!OVH1;^r&nFR`nBw4ny|x^PX}Ya
z_$BkpvmYZEvxB!6zUUVB2|N(`?!@Ka_9u-^!=fb-D_80K1+k0|=*gv#l8hSgD#fe{
zJ>Jbt+w+yV8XEzTADo=e?th9G2+s|^GX1gdW8$?xColpkpTwm(f*a%J-OeaB#)8`2
zcuw8&TM$0XD2hPz7GQ8(`zkPd4`jdlz`6CND_s=!+%I)n?pHAToM?G3`KoPv6uX8Z
z#Dq(bI${yx)VkVrBL-L(1>jxNJbr!WGik+lreWl$dN3E+lPY%;?jy~j=dG*=I4_vK
zR@ieRu297n#IM01+YYo()MY&#voA@u!$n|mj5Ywbs`@d|iNyUM?j{*{?nL+J>E3-X
z-^B)Q%a_kcS)PBGCbD;-eDWah&-!72iDmE;E`D+g*hx^q8C}PnV-f!%B9<SRVl*RJ
zXl^!4Tr-tJq$f=Lm=*N0T91RZisDB*R@#*gZ|>E&sUS@7S;{MS#8`;%pi)&EidcuO
z50||#Qs-H{I##7tw>N_)Nu_K`_o?dP!aE4?y>Fy(%IXapv6hAkk`FgO5GsmF_(*)C
zn}FE_nd1hSeO3j&K$2v;mh3izHYJ>4B;=|T9m!hx%=KqY+=o>z^Yme}Vx#{fNJUmr
zr=HCC9s~2584(~6LcwbsV5t5UOg&cbrV%&Hgqg_wk3<S!AXU%P(b(Tz<DgLL!8H94
z#tf{7YK|t?NVRK0-8Yv5g!xZ*m^$$johC1KUeOd#RedK<{Oi|3@*F~s8si#gNcdts
zINWora9?^!BnjHLI#u`rNCzxXz=T7BTVh>~KYtAhko@H*SBf@~z;KR3^A_D=xy^`i
zf5PwOWXOWGw0a-k7M+A4D>oIO1J-Ls{#!2$OQ)gozWVu<E05<imju&dIIoE;!lP3`
zo>Ia#vXTu1F(W7Iq9;E6Tj{T*mWVjC-@Ufm{ET$D(Xvh}Pe;HR_u@3Ue?$nlCO_8x
zoXA;T>f8lSUG~zYhe>f>O&^~TXs)e-)D%o5tjbbxM7D-CT@Ju=>1$ce73;xUz;C6<
zB(H^J_`<SBON037*x#?UzuzNA3$6)|x9L}Sbo{=6Z#;SumHj+W*l+h#W8Db-xyijF
z^d??o5L&Zs@e9-&A#4}z-QCzvP0kc8w^H%U_}TAdlFL52YCn<N+?=hEgGdpw>dNj?
zagBGIsSGoO^M2`wu1n+laRu}P`Ng!!xI9_!Evgyq%z#M}WCZmc@0eSD`s|w!%V2~c
z#UY}R+B0OwCVUIEkpjT>=!eU|9Q0rLeE4fSIxO%r9wS|xj&J1_86@X7b<VR1SDQb<
zmWnQD1*>W;v)YhoH0FX%P(u4lmK+rdp-Qj<-a&HTXY-CI1*IiJb(GiT(Q@0Dz$3bS
zDgkCATZ}^3@Aam+`@(D2cfh@htp&H?I*>i3{RAZ?7dJXgjwY8Ba*8LCQ!=>x%2ABC
zo1{RcFgI9H1O<YW2Vq04KM0*}%o7}@As~Vf>Yk5j1nm;V=3MZSBS9+a{J(SQn61aQ
zg0iXMJ`SOx(5I$ycnPW@&k;vl(xYWIjnkSFh;C)okE*+*wd6m=rW_nVr;N*e>l31y
zeII-HB`a(sUFK_>6=QI`<h$Pq&PNZIN!UZFX|$!6Zj}P8COSLBH@A-^)ngSt$kXZX
zlXzGZo};Xjz~54UzpOmU39RQrA$^XiObe3)J;d6?Y`Svs6tWM8A$~v8)A4f&mq4K#
zz^i2cyIrE;G6a^@UXoHqJKP5MxIfvdffD3W>l%s#R1Jv_h2?PJn<1eZ`QP<Ycs!&5
zt4pHNSeV2<6pc6A{x)6wr}fgE$K;X)0V{Gjo?5xV8|B4>k3?lda#$BGmguj<B`9O1
zV2mrk@ur>qKkuxW$ye(fBSx*=xX6z56JGRdS-_>u%$UcO`uDDKaGXbD6|u`+zE?@-
zW=ZDd5b^t7SEXRx|30r8%2*>9338xE(IMRiPzki0dq@dsnP?Ioa;Dl-yPAin!Fs4D
z{!$E;mJz?#N+z(a(2*d#bIRXH;sYm=`{)d@5{uCk)TEc#F}>48KtH$f$H}n-e?9{e
zIqM@66BBJNj#}U%lWGAE6_2W5nqu*V?cMo(uCq2YoT<THb6?>_4^mPzh{M^o!bnXb
zd?Zt3o{=EI7|azf97F%+szyMH=ulcU7FNt#-glyyEM`l-!h9LgLkc6y?YcsY3xiS|
zC801Ffz%dky__tU(RZSnO-qVZVNit*2C)}8`Rd@C&37LcUxmRQ<Z$YBPJz$JptgUp
z2n-S<Y0>c;CyzebLWQJY$D|gyL%Kwmn<j-=cNQwlpvb7GsDK<nj^9N`BNP|t7`ncf
zK6scxB&Yu{0M_vB+%039zkC3lFAo$B=u_%u3cr^J@}@&zp$X^*|JQm$bQ)&K$fx7?
z^uiT=P`U8XMXfK2{?-~ks3r+0N$~HyV*Z^m0OR=xz%hevyjTAXNKn9D4ZvhC`GZ~n
z6BhyqY^LOHz4Xs1fO`s{E{}w13_R<f&mbJ5HQO@$-+&P^S*J6*BH_)@punBOlyUoY
zaUgFgz~crESo8&MZV{+eNxFY%w-sWu%xQdzl+P7b1B$R1#=I0`IN9p*8DBz?ESv^5
z>JlavmQJWt)S{{JSfBxf3%W?2W2;#*qM1bDh5|OQP(<7)s4LijB-R8w**>n9vlgxW
zXt@#qRVt(=c=zE0mESwS$w;!IW;QD~|B@7PLD!NMFcO?XW&<<VdyME~f?xrXo;;DV
z1Q6AgP`vZ(Om+FzMDuP))j-TB`w;~D`#;ymMV=RpSJ)>*tA#R{n7D)=d<zGkR<>IR
zr9dRuqi_EDK4;n*d_nfmd1X)mJkU(gs?nRP&A-(B#vkdE2`7|wy%S16anvY)idws@
z45pC(FJM<$*Z!&-M_YpD`kotm@`3_g4{#bxj|dHqOrA;rZXJj^ldkc@93*6;GFmJn
zplGs1anY`rsYD=9#2y{|#FLQ$H{QS^zK0;srz^nt3(P%)CJCh137=X-9rhRtQjY=S
zP}$kLGzP5q^?9_fzbKv7?L;B^ft<UszNc`qe}F2e#()$<F-g}Si_BT>H0TOXtV#=;
zi4hsTIfGa*G&H*cQ8ow!Ci^78DBmE68B8`cTK~&`De6ujz)L(?txaD-bjND}>lnkR
z7PW?R#IlOzcH`^-fx+APR31vOG^>H^-U@qzS5Pe?t_gPaOuCP>n1l-=&dY8cy+ZX?
z1MFe$O?600SBV2V>&G}=6VwcSe<N}?eJ&Pa6c^5DG*}SbP{_34qrFBXZ;r!g0U^=H
z9_z;Qa}j{7MQ(J(3*_`UvJ!w9G&5a{=ZW88Et*(Qe`}^?U>$4$bKv{KV!8L*QJZeZ
z<EdI|q2j4y3+Zdt$wsW<3fiwi6zujaz&mK93Lz%-;+?#TiAY%baV2Nm3`VE&sO)!_
z`~+w{sj|7!Yo{FWz3ESr1R=hhq6xp!WR%n`jAIJm63U`Dn(?qua?qcWs97!%BoXBS
zzK*PP3!V_Qst2YDFXzSm%b-t7y-)h%&1>%-b&}q$E);+Q5o!2pR;aKW??0yuZj2~{
z=k@2e%={}J)Qq_P`fjRGGe29vb=)fbnoaRAt;NlSrGf2Ybp_EHqb~(R_uCtIWt8Sk
z0cb2o%tp-Q$gSBnj*|%R8f5kaLt<}-h-(UkY_<!LWE?|0zj^2bo7W(QB9*M(cFY2l
z9|Nb{HzsO<EFlxH4OlwA%GgjuKC~%D5&*Kll-Kbu^RkWowuG}29b0C}))%IQ2Hyts
z2~MYUiZUudOo}YkCPOz1WA4c}^tiw#Q!O-<%u-2x+FxK`@RX1?Uvs*l-ULdTj*)X-
zYy#GU>N0c;z=JWwU2bAehQBihcq<pVl!f-2gvm@Lx>KlxN{ngWfFr)Q-rM^E)Dt4D
z*L0`8Enjvk`MoM0-n}jKStTmKpM5*{iZ4@O5>tp%J2B_~M$)L8rYc+VKAvo)dCxV3
zwLa$<tdo5mQ(M>t18N5>-8t~sDthv^ey&V7-Sjbhm(9o^r08^7RTD9Z3l<5TZvZ`p
zcuc-tb*rtXuqsJ~QUcNWR62zqGc#rg#}XLa?jO`uMRB+kH}xrCAuuBgp<kzTfDDzc
zoV@<yF*k+C0t?S+iXt~~g|u_~h<#g2#(ax90&&Io8Aj|;tEzR6rY_OqKo0p)giR00
zGuwb`v?NNXI;J;|$X|SZsY`+@h#49lkifIe0+HJnm!vy14|vB=!z|9{C_f}eiAvA^
zj^O2VDJ{5@V^%NbQ;5kBj~A+S5eemnasZ88Y|ekZkJL2hb%K8*Z^(PR#vf$gD8wLN
zm2E}+{wgheb=MM4hlC0O>C_&t0FqE-LNHq7`@2h~{*UApL6>4cO8cx>>ohtb0jiuz
zG`}~J=5SB>Mn#>Qwu<NRF^y4SY#>j)arQbMl6HI>&;ioHZjVQFregR^c~IHvSq#vE
zggAfb<7|u>xa8!)LubMC`<hQNyfBhzAM-TWbL&C>q=?HZE4UqkZs7zOvz=p73Hb8%
zAM_^mg`NRL#M&??L&SWJDd`c`mwya>6j~yRQ>Rp3n|R}GfFD!G>yVbe|KuZxwMnah
zQjwCJ$s^yS{F^w3eIyuyNY0R4bh;A%FD=&LHdnJw7aJH{_Zj+oO}aBE!~la-(GXRx
zMeCQ_XlsMb0_h<w20KlLb&&_Wna(`9(LYDb#7ICG$KH6_4xWf?kzFW|!I&_hzF_hT
zg{{C@L1T-&UBCmnSl~k-@eqCDM#}VqeyhJ%^q*3|M8pe=i&*-T-yiY?{x1rJ!IsR^
zg@1RY_%BC4S6%91i}7O;8PjG*o~)V57xFI~%S|DjnU~N^sBrss421u-dwQ#O4r^b_
zX05P8#B12(58pHk{mK5%8-QM&12uiwpE-kw3BL0Z{9!Ne;Gz?+KfW4J)gr42E4}A-
zDbxl&kQ(UhCu&r4wRm?BQEH0Z66s+@C;;F+6+nG|2M(f0Mmd64BF@<!I|FwS&t>~7
z{tUWf0C)oh=u|$W!ItC-lGwnbfY%&K@UZ|oa;(~||0dsM60c`&-6@i)l@3PjV7-EL
zcgJOQczQej^IiM#k>#vg@3g^127L`Tz^cOt{K89UmHG$)U*k2e4(hZBQkv*}D9RA6
z9Z3COtaDeQu$uYBpSouvEA5Rn!;z<HlExsM1``Q7{lR9TY=huq++ZZxrc)z)0AhLq
zI3|m9?WD?uX%db=vQX$tR~qoAJ^(E+9GL2M=<}o_=hjzWqP${}a>yEUS&tpz57eZI
zPT!2-R3Y34kE1-|Dgw7$wvGMJ7%|W28DdP`@o4w|mA?(Gp*D#=yZ-%3GF~YSlBJDT
z{$}a;lHe6jxMe$i&EKv~shcS<(~(@dS9c%}%c9Lb#WRDqn(xeVUq%=u+eoEjD&oLI
zhk(nc^Dm^ovn778%HL?w`GUKSwes}VA5x$g(r}}7Zy^4KxA_`>83lMcH7^b~e>T}$
zAS^IKBa2EZIV;t!+j}#Lh2m7(8zV^_&AKWakkK=*VaduZ_h-#Usx5zzScwqHXcm%|
zjHFoW()mrn$>SP!V5>1*b6r>WVx&lG==T#o2YfZP6csQ?9UcnQv?5OO;RI^p^LGI9
zw?}itA`AhLC+WM6!Cydv1SNt|wLt&+t81?Lxq8)_A)$uZ3*dlK9dWBRyWCb&V7sGv
zDP8$F8JE@VOQs!Bjv`lS4Mk2j>L&RPTU}<P`S~k-(9K3;@Y(M-ErU^aagXb~J*L=s
zTyV&RpS^fh=the=fvg&xEFDi5CL<lv=JjarZnk>6Wi(o*ac#6BnxCsfSwSHJ`p8)w
zd-HS!1;!s7?K_($R9j=8Imbh8x@xUUFC-d`P%9bnZyT@NhD^w;6o2ATQ18B-9{*md
z^(*}VaK!k#>V(7DYkc@hKGcANBp6GcBb$%tEEa(B=-S6W*%vfL3wg6$E_43+=LPuw
z`Pv393gvMXOqkqID#burXT!O>=Xbw7@&-Z($QmF<9{IpP@xyCClyd_ar+GW=Be~<W
z%!@3_)yLKIImZ(n0VlW~hEv?9bYr;<>~OhouiP^F^on0jxExMvFhDxz-q{zM2Su~`
z>ZVwv3>s|Ty}h|CzXNj|hO87%nP1?QfDf=3FN0Ajao>>g^bnZYGd&cNJiaUZn(`;?
zzk;t>oNG|856$Up*mz`7V0Xgxvas9RobIi9Xg;U@+yoah(Vvucw^nak!`a@{xP^$y
z%!osCx4}FeRxkU_pf}LTnK>Z6`3$J15Z)(qT*?OJGi}@ZKR39c>fJVdG<Hw<!D4%U
zWtQslbHnv5pyr_K;A20z`%@Grk)c5`#tW5HMY{01=azmbH>QAhdOS`3rtJ>BA(}xI
zyEC{7rH@ED|9Ra>cmVuRuvSX{!(~KVSocgxxxRD8A`1n`XHbuy(3c|ie4V7Oe>AT=
z9R>ttObHW`{}5g`f&;mf=l|L2nScO46N!<+i~gHq!X+#q<p#vCJp50)#Pxv$iqRbx
z@cUZG<w^lKN_D=h`cHO5A(#)t;?^G>23aOLSRTAO7Vdn4zY~Wg*0a5mpS<ISj`u~e
z6{rL*<^29;BheJ$3bu5Zr9X26TY@2)@1JTMF3}B_@RR+Bk38P*j~{sPNjN3b|D+-$
zl_Ts$H|{IU|L(jHIR><bKS=`qFA1h~G$lPheEZJ_7kUB|3Q@2Asp#@_2<n$)ynp(?
zWBx<Re`ItJC=t2WBB1NvjmXn!!7+^__y6hWbiOGtWvGzw3y{qId{8&x7%jhBkRFN1
z5R+LXn310_+nYgWfuT4YzH3dYbIu&~V6KB1Y=KG|IhT~;Kl)&v>i-3{XSCPu_;?2F
znVA(4zV;}#mumY!W8Hl4pg32*Rzzc@$l)#M-AF1gNC(UI5VB?q92uOqAo@H%0eQ)j
zOc=x*$$G@12<f2J<ZxxEpc5L_SOK_gQv{L&-2^MD`R2`H8eS#C`L0(F_BM@nmLMEo
zvFL6PngD@)?|nXpI9PZXscGi_OR+1gyd?mBa_{OwMrEsgv=dn|@u<_fMqUs4Eeklc
zi)G*^D3(j)OG%p->pTybfaRr`HSda3Ndljx`}7lX(bj2fk|2aX+UkwWmAggS@B!eK
z@$ySZ4vqfuw0|YvXu&oJV2MZzAyl_Wt{zkg&hw(!T_4wlT|^JFsj&r{mI;XM7{Cok
zhgt9*D4Q=q>yrmQ{vB*fgzdg?%_a9yrty88xkaBI+I!LxBkSLtgsAu|y6M=!_Vw*c
zvH_^Ftk55R#}bHLM&OTQz%$Ioo4zezk92TAH5&tbb~|9vbE$$8Zqgv0b0Q%F8UWNL
zJb&tC>6B%|4`4{>dmlM7{<>@6$qYC=8fN{BkW!+MieZ?>CE2G8SeOHKo{xV)Op3Zr
zfqCKjqf)Sot3e)M2MkOelqr6+r2M_W`{*VT6@h@)&~_`vA*W{@g5DXVrM60F{iVbh
zu{^n}fbkP~x(*cRRPSVky37o9-hg#<UTt|gAke%L3)KWxiGFngM1&4xO+O1Aa@-I_
zH3>VB%pWgc{VmqOE253&@h$XIfV>JYW!RIeTitr#kVOPt7@NDSJBy(4G!U+5E`I@^
zKo&7JE}3Wz4gpoB7?BvHdQx28AcCL^u0}9r>;|4^`zWD%RRzle{z=h6!e$K++x4!E
zx&u4+{iTe7(la)XK)W!7xXA9cJ^u+1KWFy%p(&QiJlDNS2T7$io5?!8XVH&0YVRtI
z8^vcCw>($ml(M0MWXt=&{0sjVQAQ9iqQRxf?ieJ5&qP#!1iAvQ&PO+%U^L^_EmfcX
zAH<IngdJQsb&8fG>YDW+=Z?cqb+Ysz9@|0?724r9Iq)y=$@FF@7s!$!YJ}Tn!5^@n
z(v17PaZ&!Yh_k4vWuifuRdk!E(Ik-61O6_cbATOz!k1!;#qiwBsC|7j4vkv_n+VMm
zt`6%oMXF#Sbt*j$A&vT53_lD8^iB;tdH)Zz(9#qkDfQ4OnQ4m0<`X6OT@$7A)W<jK
zRwb{iL2GB)9GWDE1q&qWjKTYQZxu0&oBJx}8E!n!3=AES@b);{wRJSo)_)2`Oyl>F
zHWj~43U~sIbE3InP;SU_IK}^wByJ@eer=@ch+;DlbNbr$1LyzX2;y%0=5692lDV4x
zI)NdJ&8fQ&8`Mdq;;)?i%74;BOYK0w$O>qCo)?G8<ee0bcidv-M7h}sQLs~r$Iw*R
z^-LCzU<!G<B#3X#4_Auqh#6B_K7tv8K{LJDZz@a$kcDfkXp+C1q|a2QdRAm#2N^E0
z=$`n=;X{F1<Imr~5Z_@SEq*vn>l-bG`@67kYiQE+*v1hIdI{=y))L;HhedUl>9VKZ
zC7TjT#VA&KXn=Q6e9FdA;?`&SxMY&epN`<L2uDhGNI2+iTolSi$w%#Kxg8B9IUZ`2
zLDtW7;6GlWqaNGuR2`W^9TX5T8BHv6U^^`aFYD|Zg8$Ta%{|Ws`%_SGA*BbSVqB}w
z$!S^A|E0UnQ1Tf2;9QYa%zavJJDTk=-Hb<!tvl(yK+XL0-u8F1dh0QXu%jZJo&MCT
zzA+!1m<(MZnz`81e>Jzp+G3E!xR7IB7;geql~uGNaCAtYFQ3PrL)jUeV`^xfSLZOE
zviBWe#3dp|T;?1ag&jBqMOxIe9Kb9X&!PV>UEa^trSfzXnwCl^NarjCTD#gM??K!X
z+(+QTpQ~C(QllNJso`}Dxwu#)zMGOn6bSp{3!>W>3x-+?TlKU0wjDrTn5~S-)nUSo
zJBSqIjl?+7^h>MN!b}Ca0ew8rH)VsDq3tmvJXYx_z5agXvOpR3!d-9ws)GH5r(5!L
z@yK>l+ULAxhIS)m<kiih;6KdDNK)O{_BoLg#o;V^x>>>?JM#)>g{&S@@JxlRb_ox0
zgB5;m`m^#=)^XY7{3FKgmnRGlyib05^O}@sNN+8>?X5MmJ@G}&yvDdY()<{&#EYJ#
z5Twau_hk)AF~(LmRBj#8tdgq#0<0l7#-BP+`e?{$o|^C)EiqTlX{Sg=y+y1;R*TvW
zxg<XPmo#6wU8Gk)(MD?7*2@&>9)vR~dTM_e1_~-+*j{>&t_ig{fqUqeub)IYJ);da
zgx`7uz!V!zP4+R=rghCZ=IQjVL%^#f&!9|TD7(5ssfu-unZBjH3u+LOL>TmQ#n2QN
zg2Bcu6Dy>sK<bn$XgdYO3&o7-XTpaJ@&NSZZJfG{Mk)HdWxDg=*6&Wc6Cm=Nk|eO`
z8B%U21QnYg<UUjQ9XJ6=c9r&s1E~)yc(Bl}yj{P$AZJ41dSe1?9OrDYh?sv1FA`Y)
zZ!Gwq0_A`7p1-9N9X?#42}6KVTmQY20wlNdA#ZIpE(s533tQkLv#<vRPP4sw#IwDb
z7u;vO-XAB}*A=N70;)CzzZLr@NPX%wkVIS(<lvWw5D!&WK5)~wk%r`Dk4$9*yFvrp
ziomGDLqN2F#;C#kWR@hirX1V9LKD#=*dlMtDIG$gS3DZ}+7uwBBF))lQC|R5bF~<N
z`rnmweN;7G{zfP&@bP+;9Q-EL>JRXhg-YZ)uMYF7YM2WDsnJf5rp(m*LW>>-sKJA4
zcE4H|+l=rDyR60;jYHAVFZc^G;)R7D^3uQ#e*;X}3+*MZgde6mdP2TJ`ecyq3a5<;
zJ+R+c-g^vPmUDoH5YGDIg2x)C-g|ZM&agrAR0RBV1_;S|s9i&u(`^W#9zuQ)NqqvO
z$26$jA_c591^8wyzsbhZq6wgUiiOm5AsHx5dE^%Y)+#1rAOu;fRsJdDgNS^ch}i>M
z_9P7fghCdgty;;i{uUue69L^i24HZT=4Woc2|odF9}ED!nJSFTMB$6jD-;DkkfM)p
zI!I~p1dqJqrLtJocYle-%ri1AkkGSaPuHAB_4ro)Kh(W>IMjdpH_SAav5rwuqQTgg
z$WmFyzGlr96{2s6P?jOvNTTdZDN9*eM4}``HKG*SktoKRJ(N<!bG|2C*LDBy-~BxI
z@f^<|_j4Rw-{ZI@rdd9p_j#VL?F5Za`YDlc)9m!TJb6eoIvYMe{v3V*%R3LVVOa#&
zTlP|8^zPv;!Bc1BIfMpwIEKw2>_BV1fEka{0G!w;_A6|>^ePesiA=o}cnETh1WUiM
zx!6w!fTSf7W}~v;&9meRze8{p*%`4pEM@bS{qHJ4AEwqqZC|MAy>r+JNzCX}f@w@n
z!$DRZJS&QUu~*+5F+)XafL?HR&j;QgJ!-Sc^j`)q*3sDkBMBXjwbDco3vTm#d|+We
zB0iukk$?i~Fsr1En%#B0u?GQ1G2Zw--}D&mAa|1~9JF45ELV)wYCo;E0$InWy|)L=
zk~|xvaKD*ju}d)hyPMb_0-~6VK~7e)!Tr0Kc$*0l=7Q@zu=^WgS>_laK5d#jry3)2
zd~~6|eR>bN%9b0hca!!{(hD^}h!*zkjS0&;-CoR<?exA_nL@bo*^SBWH$Skl^9h6U
zL=Lq<u`KrDBQb|a)}k4kARI#>z}@JR($N#)Kly=wmjvo%PU`xNflI%Y#~nejihwyS
zFzMIaN_`6VB1xTjWtx`wLVEH}vt0*x=1g^d4)HgzQ<vSJv;rFC@bj0)q3>&yHE(%(
ziKV>;A5+8W^+`|NhZ^l;A_Z+f)Q8<hZ4(R;m#-vhJ$e6G*&$|3<QQ#jVjcbv&zAa`
z*p2ggdw_5scv(`baVlMSfxF=@yZ$5);DHXhj`1+uA(?R3rQb7^&`n(7X-h#USvJ^_
z&7kEZ!L{W0veX$DD@s{71IYZlN)aIZ#TpDg`Os{1^6a2r{h~YuBS=R(pYa|g*;u}l
z02e$5wW8LQhLccGWt%_1eNx7^aUmPN?k9d1Opj9FsvLsYr?p)y>7n2)9pwM=<yaUh
zZ(xO7pJe=(JV!4}LTQfal<oVNF`@0HkMD{?lo_O{tyS~H*fM>#E5H5*!SOAk$Dok?
z%IfQZX75_5XjZ=rt)D+?J!<8_SK*q-kyJj}`=H035G?Yt27<C2?O8yXx2x}^_D)`-
zj5Sx}mGoajnuH9*47_9Gc`_?f5H_-*;jKS|Hm&3YDE|YFrs#OGD+NHnQU@Zq(YOL%
zwkf`0Z?f3;*mUESclA5pN$l=<>KZwC`Q}sCx=Nh_TtHltiqKwBYOO>XOi(dbehjQ<
zmxD1JkLVd&f6PX_KQ`iLN0V!$%VtzV*jZpOx3TdOA<gW=;Kd{6wdxoQyR#JS#~+6@
z{VY?HDV#@MAXGeZ^D6_HPK)^mTFTkBcqdbuKW29lW%t|3P~#*9-;YCDF+HJz4jy6V
z+k%PN=aN0Lxi`6PKy~8Z(g8_aQ;{I^!6ik$sQn3lY5CYDMFl-gPdJND^Tj-!7#xcb
zI<_Z;HIwWHH&f!oi1+YgBjVX7&)_mbZT?#r*aG@J9-;%={XF3M-d>hzqu3d_2Irk?
z*gBnOH|XW|zmEcVeUF48V3m1zUFn?B$n1G3s<Rl)`_U>%0j#F@!myhbU7Kae?sh&V
zN@)hrz%-PRw$B&B<m&U=iWShmL0n6k!~&E-Eh!=0ECmJd)O>i!7X6s|U*lzVK;f7Q
zykO|LX<Oj4j`Hv%5f(O6;oNiynf^Ey+;RYr+Z79%_8*YoB6ieZfS*r1Ek*@l_bo^@
z16A`|V}Nm^IOCf^W^&qSj#4@f$N_2*DP5Ck!V130qwwsaCM{h2Cz*^uUZ*+%JUSi+
z4<bS3z*%_kqq+j)J4eDAKGv551F7)f(jA$@hVYYN=qLYqNf=Cvami}(n0J<7{A-$U
z9aM@RU{2I0pUHq5Tf#is#hURq8{lu!3cZX;M2zh%D2GLVK#odNsOMrz#!}4tutf8}
znvVYiX!`&A1|{3&k02aQL1$16dL|3(Uu8qUzfXmaT<}u2aw{+eW_ETNvnc3im8_pS
zSdqEYBxRFr$VJ`g-Z8CJo5lc2b6Bdr{OSU97Ov1vl<NSSZ}%^5{^FtH4We+&!(m83
zld<Xx_YZ$M3=a}OO~$n$ts8m2LqRXK23?>R1bQ6>q2UKeS3_oY03D<N1U(B`NY6lJ
zKMa2846tUJgYcJS7PQ;aV8?fufKJLbRuTm7b`Z}+?Rvxf^S?;cuUVLC{?Ay%OxP3<
z9B)?<gCUTBXUI7z{uk7Mp=6AJ{sJl7Z3B@Q8pc<UcE=xlx7u)2%76?aSKYGqMJ)b2
zcq-jx*?0r6S_`5|2p51J?kvQDwenkQiGtKW9cF$xKBZ$LmODbH^HjmIh|J*M1>~KH
z$S01x^$@&r?XB9u*JQXK5N?$XO8L@KQJA=c$dwR(sej$+rs5hlo?YI6<hBd|=Gk%u
z`VORa9)>&DX4u{5szaIM9C9O0fJ7o2I{SN)pOqP?SqwKSJe9VOy$Qw}Ko)UDXGRpk
zH^7=(fZx_@?FVR>)a;NFxYW6-h_Dg$ThN+VBT2_VG<0#XZ_Wzri?9vg9ze-wJ|$k@
zwnI{PHCgIm_-C`BIc$MD8tV-JkzH~Qe8eW`h{21o_f~9pdOn00L+3wXn-5x}=MY<$
zElsT*e^Y#_#NwP4BKT00i;Tm;5R~V)Fp%^6=;VFg^@1BFV7i7%CZUSY;Y9CaHEN=J
zho<E{_tV&7jv1i_X_hOhZH1KCfpPrfLLh-gEXEfgUsYCEB!IyrsO>yDL)SwcY<F`z
zhYm!D5R&$yKv#$=m4jy1p;$a;{3pa4?o#iqIN$na5ih1uvNP8a`kdkxY1^VWof|cP
zssw59Jkdj8OzrEgT=MKc2DtwRK=Rz%If{+($HGs`t<}n5W4uOW9+H-RYAQ1GN!qoh
z90YPt5AAC5)p<B9PH*6e<_47DKUju^@7xztKwX7%Y#QZ#>!HTG$;UPd5)UqnZ_uJt
zB7ghNDF(mMqtmn&o4JG7XUL29J*dK7irR*sobzA$bl+4}F2miWj_&N+tW{@rKwIGO
zju>#{$=yRq*XzH&)HElfK_W33K$li%y0APIGb~76MN3~>jDoLh#!^JIuQLSph&MP3
zIDBaYpFr`Zoa+q_?;c*>N`2J&N_Ryb5GJG^eAc(J96G$O=-vK}9K2q_5yBIc+3J(2
z_$8{6`N@#|jH9v+^iEY47F}&TNpbW-HL#&dY!ZoH3JjaR_qm<zol<R0K)?R5#T-Nh
zwXkiDxOBw>v3G!_o&yZT9Gb?<AR<P-qYXL{wI~GPMnZ#fgiF8?2;cDO>rsn-b4g3f
zw<?@nN3l}4EROyzmg$Y^KQA|lYwl|{Zra|{a9t+JO3#;($HPzue$%k3b6(4;NpFnF
z-hkQ)gXy-nidcFbrcYoyeSBu7k(bl>IC76q*z5TXUf$y2!|BPbqx;`T2JhvNW>8-4
zDfzRT8=nUQ<v2J0eqUK=QIprn#|Kp-B9-!=Lg^%9LPXPED#pL&A+VpNY5({r4)vSA
zK61TW0=@oBXbFATm+K{#J{rFG-S2azmKb8nrGZ396pL6d9FC!+a_GF_f;r31!ngR)
znpOsr?ko;7xAS4;?!$+nbD>D+FdCQt(1B4%Ov<s|FaFN7aNjc`U(!y41|QT~X2CB~
zr0BXB-9JLLN=`V%>Z-9*2`-o_Nn@ssa=w*s<Nr%*l0lY7tx4*}_`y?b`)~0bQU&de
z0((Gqvcd(bag!L;d7U@~bd?uQO1$|iV%#JOU;gWq95H;E=MY$L5MT@_aA`Zp@2}*%
zbB4FNfIL`zQ?1=6sZ4w8QaV(thG-nQv&RjPs|bdm(#_^vYc~E7%rW!Rvv#7sz!tZl
z(vhB(<t3!$ywe`0oB3NcpyGB0FO}bZA#PE`M!?K%m`Oj2T_VNolid3-;@*1*Kw5ZV
zu6szCLH9410L--<=qV4}PnNW;zT?fk3ZRi!ei^tbA_owH1R%sXRsy=0HK#MMe#aei
zp?&{rPLO0`h6fLNIf7S<=m`*jSo{T+C*ttnD#1wH2oDzN<$FI}2M^ZzSTVYPbMzp#
z;K@?~cyPhTx)Y5AbLiJ!<w-o1VOB67s17e*&p1W0;S_P6-TKu~oXHmCbQuRb4n!ih
z|KFqv-IA#&j`2;I{;zO}|BbT0)dICUj6eS;N)~(g0TMk2uz_lJ{>}@k>C9_buYCof
zL<V%DcQ1lk>GaKsXCwgotj1P@RX{m9zRUY7!!Ni1LePOT_?wyJO@tf(DK_auI70%>
znE1j;&&Ybe9`)JaJ>uuJkJqFh0W`)uts0P*l+C&o#Q_YZOcYXCaPo_%lOy>4m!iUr
z|8GTwvJV^k(;y%cDZM44mzUnc!1)0np8FvX#R5%JSv>@^A;KGg$m3q4uM1;U+5gi3
zQF#d5U*j9!dVD(wvTM8B2X@NruD-Sky_8lQm*ovB(wUyz#WII{E2iuvoMwt`z%$Yu
zu`qATLyHi63&-0FV})iu=P+~JGX}e11uDmn2O_^ux*#*gWZ$EGFbv2?|9W?^1k$vD
zf!YYT;l81&W)XWa68JJuhbMt0im@UB13ClypL_2eHNstdk-M!GhC<Zco4cci2T3UW
zAN{WJ{a9;z8Ct`8h_}X_2GsT$AW>e6-={FH(*U8UJ;;`_7D*ij*2H#r?Bz=+MfYy}
zL$W#o(ag!dMn&@A*h(jY&BxT{zy=cD0|T+z4&oew4zD*agvM!9`}gftdK}9eVQMoC
zE;($md;tbH3Ol56_z#X^%YXDNyY`|8L~+zgrh_3rVZFFU9}0e&(x-nL@34SW?n_NZ
zke-<ROs@bXGR@^ucWRKGY0<3eaGF^FZ#HqK9-c3(+Wzx~WCi17G#CI07!XI=yE|i^
z$jna#>VaLP4Umfz8#c>R^o9gBt+^kPhCv^oFLbH{ej^LsMd_inkyC#xd-lpmh$zlT
z%We6=5F##DuT%Z21=w@{+O>ddPp-xD;02%`#wX+ejW+hq=gc4gh#NlRolc?Q3Is>(
z?WtGi>OYizP3&ARt{NZ~&x>D!YeHICXMeqJYm6<4X>%&{gS&4r4X`llY=SSJu)T3S
z0F0SbY3d1uxt(Tae3q}s@{C3#pQw1{6lzaF?O<cpe-Tq?4=#@nV8MH7<)^GYWFZ|U
z_bNBvip8j($rtR4Oa(^qCz-DLK90>k5A(;uf5;SDs^FR}HV;5alXRh2Hiawp^cAWt
zw<XSFAKUgqFef_THZD{kKS6hmU)ful$9f$V(2it<_J)}xZpeT6sna#AcQWXlQ^~7C
zwvWehO*8)qE0l!G!iL{F3My|DA1$jD0+5G+_$#abIg;CAT@0TwVhe`t=OFsRe*FE-
zEdjC$0COVG)6eTPnRU!%{z}4Y*qjsir<!1%*^Myrjvd>Zbbfq1Hh!X1z?#{LR?uRw
z(K;l&Wy{;occlBj?JRkIyWWOidUW*8(ZaTl17U!cnbY^^LJDH8i}5kfWTr*CZ?0Ue
zp`wPB_gP<7CvN=Ke(v6~px)b}xX2F6_{AzR6r-xw=6`&@OT<ei=G!9&+2oC@grPL|
zsNuL7eE|)$=$L=@{x?cPAw{G#Jj(U$*53MPQu@8)i~qz(>*;zEVcsWS?R550==R~n
zP;d;H;aVI+X2=aP!(aIdzc$@P6bsbq<D74FP!*^olQnBVwbZRIYb-$>MF>Qc&})!G
z0%(E*!@|NyXByp0k`I+`54t=<g7jD~#*?&Z*ZF@)&}<lHsJAj+Fh~Xkk=}hnAezTb
zUSb&4D+nuXtlylm!{{8;x1gW5gBZ`812RJ>?yuva7W#Hct1=`yOQIk%{9^6)RFt_6
z!HR!hVt@e=)Uve~o^lHooOVG{h&FX$ZjdgRdSUwU;=Oxo&OR&WzcG!v2w)4Xeq%yO
z6EESsczeJF&7khbFbm9-D8jjh1U~U0xJ2Go?KimxlaJwXITka+z}tUQ4=cC))fZ+{
z)7OK(@cWcN_1`>0F)OAbFNhbu{?YU_fg>Yfn;Pd|#r<)9kTn`K8R1wGA1q>TtZF@|
z*YF9|(uKrCbCugRe+n+4QkM$9t+;q6I{MN{^xEJLo(}`Z5!zFMR$1h?$iWPORMXRs
zR-!)KIehNj9UEc5gin*cGI|~8qXeaFpiORAJP6=S{&h+1@Na2Am8*69w8;mF#yYc+
zztR?Et4nZ9#im}xTj}X<CRn$J{adT?w~P6g?1X}9XCl|CpwjT<U(dU(OzuhJRQUG3
zb=~$t?<2tsgQDb)Ml6lw`bTv4L2No2Eqf@xx*<<}R}?V)PP1s?L-|m^gAw&&qSZ9a
z_}P)bfe?>YIlT=~;dJtoF@0=w_9sIqwuw+1K7So$OoxA;ltE0lsZY+oU5pOHp-`N}
z_q{*-lx3Pi!k4v4n`)`cY=Q9*{?rm^{&_HR8SgzlrRGxOdwvtjJZo9y6wKX%Mqlee
zLGyL{5yXut0rYhaC;-#{!e!*#6fH*CJmZ}=<WOuO^rFuhYDNCd+XKk(|0IB}I18|b
zIa~mj0XskXb!4Z*GRPM@eu5kR8U^_k_Z5ph;};vtcG{bchyv98BkjSkhZpka0gC7U
zJYD=0xD-2z{gjxB%^(vl0~RpI?73f!*c$q+<3Em|aJJn(t`8%^ey)6fxyJIe*zc7s
zcP)04=Q7SE4M`I{o|k!TXHKlRCbj7(r9jNxk+zx0k&xh}U4-SsWfXfEG2_G%u+Q}}
zVoH{E`+m6|({7B*|8zcoY|LN#)nw4Mitq{h2k-i#CT>il=&VS}#L<=I-{|$B#609@
zLNN4a9Tk;*ZjR;7qU&UL*;v8|f4LTP6B9f=cE_l(B(+1g714E2xt-aK0yR_yaO|@t
zB4G^P>L6b{2T>YDaovmfd5ey@d+43yoxUC&6J{~<A^HH45e%PH{sJ1291@9S3NDi&
zFuQGqIZlF1bW5|5s__T?0w{7MfJPy(^SNb-l8KH8D^VOr!+UdXYv|nw7{(>s)FFaK
zL@@r;iJdu0dfrb?ZpI9PiZ#|l(z>P)brCr1#<Kv$$RK11aXv_IpK|#1CF<#1>I2l7
zAc+leJ$*;4J2JU4OqKH!SI58Cyt*S?P<zQ*>B$d}jN5$#C~AZfoqTvhX_b{;#>Olc
z#@uhn#QZTIT_2x}ig(mrgEq3a{}5U*kS$OMa1KFOSOF<Wku>Gb$DW5JMGa4Y@q2r{
z7fLnE{|+VaMiJg_!dHpo{T}<H2*zK8Tp-EoB$(JikyC<YGPLmZEk~x}z`VOGloM%0
zor1{kE)vo~Q3)#Tcc42<t%(HHQmn_?re4~S1Oaw6iurnl-6V>ZW<8<H35CytQIeny
z3cs~lJJyNt2W*D%njmwnr$@&x_h*l=z)V~ymRHLly8p#P_qEpz^$4<a<qRd9yfITR
zA6G-ulP9HTl<IkEYX?&{;{+BUK~v+-b#V0R{MaE(_hu3JXHUV)_+W}vQ0(^CGP1Jf
z;K0AC_$}c$)lbkW9E^s$G?hpLa^5KPv8|ZD<<wpMtB{LOYUE!d`bh2^w4-Gn8E}7H
z_t?U<ZR{05IV`=LT>Lx1&a2eU0usnJV2*Z0_I^Lq)7Cd#dx_`U<sIu}?3(H?TyKS>
zkkh%@=m?8Z!@0{UD#p(Q(d>(KDW7oz+tcuOsr`J%Gy(_WUPX>9Ime%B-1GR!yE_qF
z=Z0S7zTXqltlq_K%@e<exR;(i6P%<Y7$`X+^DII5jTknp`bMuWgj+x9%Tt=X4YlG)
zIe?|H8;pOQQ1^H?0`|+;&}Z%xoPoA`eooG{$=RA$ZmD;@s~hD<(gcR%Wo_ZW)|y~2
zm7IJuBjLtP3a&M~LKkbF4V>sd31Q~82y28B(SCL<D1@`1)48_5?G}_?KXvR$noeZ6
zT04f%%Sw8UfznJn(Rp2<n7DD0jliK}I`6&RM*GKTmAHDb1nUOQAz&PbFLX?4U@VmD
z*tcX0L7>FOfq)mIFVrpl<GJBqs)BSIr>5AZrlxD#g(%3WeYqRUe9Acs4r^IvB>3n!
zFm&?V8Ur=w_}aPZR~_os6A4cmY}VJCxI?%)L`e%-|2**^KbF)L=c0qoT)6Tnf=Y&i
z7w8*kTzqae{lT<+ZOk5JPS(9lZb|4ZDDW$Dul#%!jq*_gx=(IZicpUH6%-r@FZK>_
z$R?3_Tkn@^&9~dzf%I2x2uWXt&y%&-VvRC0@Lp#M3z0q6WefXq(9T}pMjNilWk`g|
zme%*>rg#dnHtM0pPH^g&1NNAePigoB8KBsz?Kv`W^Puf3^UL`V=k34f=J&Na<riL1
zi!$TxEl}&p%I~>bKmDzs*#<+-litkb{DXlBTSc~dnKFTKB!ome_B`dmkr(PxpWU9!
zoZwc(nN8bp@#-be?AP$&58>=<_!eX7?)fm*l-Ii;Eo|@5H{rHpaUuk%cDL2i%zPY=
zRug5LVBe+kE!Bac9VN%kQBKB^gQR7>^H)ng8B-_`!}h?#xf}|T&j?<Ga%zJ;WxK01
z0g%LNx2+i60<}^qMy4`dC+_6uYjl2|L<9By*PPXV=6}%Pqx9bqDW=@Nrh$H>8r>95
zRsT~L(_&sA1b7MS{`IeCU=yO24Ys^qH7pV;cOXFfB9kxUONC#HLq5TPQI_sMjR^pZ
zU^?;q${+J$RVPXfAkx^1PyT%lc76=S3CE9%V<4cbubbTflfJy`t&*WtrX_Z}*Z$ZB
zqt)hzNPUegk=&u3e<Ptu?$C31{{Q_a_$=rr1@_|WA4h>p#L7=AXf&-Gq<K4)w`h6~
zaKO>zhrWrLi4Oq;b}cGGQ=tM3p+I9W4=By7t2Bh3E&(ZWtM;_Ur<2F|!4p@5wDP@_
zL2eXbnWq)D)yx={NVyCQ4oZM7!44J)AqGP*UKA<`q?=y3wzaYV#%L5;THFRcyJv8l
z2~W78GOY+-^Tc;y1zvj$%<G)?t+D={wSj{r;H5+si!jhkps)uWIqm<sC~tt29m@hO
z7w7>b;HKN<4P37)S{8<C@dOwjvLFT(@um@-4G0PBhinbf(qh8;-3h>_f)hf)E0Ava
z31V$wiy9eVh;oi82pK|CAYNra0YC$5^K*&{&mdT0cPRuD&c)JH-ok<+mj~f@=0Ie1
z#~c=UDMH7U4JGwC46Y^68lbkx|H-k<@X;E<HSJtdeDJ^me~e(&*H0St;waXrwst!*
z6a-CmJA`S0!*uM<SKyMwQSfTZ2`E*FTCugY#Z;}a#%W0cvyq96>wqo+5uk3>9C#8?
zllw56l=p;IYbCKCR0i4qywWY%dCLZy7AQwUty>=L8eqm?E+Tx2g7-g5rU7}?B!gCS
zNdVa4<7fr?O>a;c`gB@>w6_GvZSy?Xo0AvYl(-T2<ZkrrpQ5XExY)b)BwgYp8hh^F
z&oWR5Av7u0KsyXUo4QtME(=9H0bH<_;*8`EFr#LGo7L3Qvq%HmsGd`053M2+HLD)^
z=&bYmo4pK#r>=$KXkYaaNK|*^BU(S9bU|n@jA6^s(L_hAfocV=Hx((Q!D8VSx}&on
zr>Dh!pw;~v8wMhbbjD9uZWno%*uOy!xZ1O)W%P6;;qrVYiWlCo)5F4)7>u(?T1x!^
zm+s7?b>}3wZj8p2)|sNr;UaziQ_s4<f3i3D*UKE`Vh|l{PVoa`NuZ7=c?U6oiWN&^
z(kAhBmHOJvz_Va4Dj!DIrvO}^$LF`X3Nc}Fep5fF)?4s0S*~Zq^hEQ~)3~i!2s4>6
zHxHFd^L#n#Ax5<!Jj>U-8y*)e?dSf9MCXNHk3Oip1(#q7>LM>768377G#q1Tro>%X
zlnVuFD;|e==xLTDX`(`p(r20K_-So?T3K?El250lyQ0wf#4ZSDUreEwUWgb20w!n%
zZ|{L~3LgX?p`J+_hgdeS%O&6CdmxGi&jAk>UV5n^9uE&T1xW~j0{>6U`!tiIe<Y~a
zI=>jyAoTVde9!uQY}G^z7|spJQnzq$mx!X9-EOH|D}x;j=VpGMu1GdOyaN|=$@)W`
z`#C|Q1~=FpBi9e6j2B0O7e{{U<w7Eg;Uz5pRFP!_R;CIZ`xmc^MZ7Nl(k;fXz*{0R
zufP*7G@rS*S^;9Pv8YI}+qnFZH=wpD8b!Bn^?G(`FK?<-lZla$8TfuKgRS)z#KEkL
zDu=$tAuz8udL{Did;~1o%K&jXVv>A6-FKKDgB$qM$gnZvgs09(x?AYQD*lAEeM8V8
zAsM_2fbry#rsn2W$gOCsYd)BNg6S8mS9y4J^tC9uMfYn8{E^m`o6u@vNzkv`fs+);
z$sr@j06gFdU~bAl$>ML$ATkR4<Q6HLcC_bH;669%qkaM2@q+51qIx;--)5kpW)S{b
zOnMPEFr)*oYymBT7kIDcK>lJ5n4W~Xx??XyUzrFa&8oii|9F^6vxTl8`<6Nqp(BF}
zS{69y{Pi)2ZP3Zn;%WoVH;LMBQU1ZC4#()8;l%u#A<)`c27<FV6U9{^Ui%Z*)h~$n
zL?IwRJRy1eyF;5DweH*l*bepl*_-p;=;GBhI!f(Lz&%>w^z%<BK$<zW$iB3o@+Pan
zwp8u!IRr_i^#WGxX#lL61CiOTp|}7lopg9L=KA`v-$1}W1qmaMRQ-G15Qh#r*-Q|s
zwZO!KEkfE6^8f^>p=k<K#J95)TpbIdejQS4iaAP*h2Zw$x&5Qkl9I-W`LM9E6@*6K
zfXbp^s)i?P1%3h1tT}5K31pYOzz8}Y!JAbAI(BoWhGX;_DJ9*fIWjK@2!vZt!j~dd
z(9OcT?ibSlkEa(ra|SfU6iqc}LkNr!Ls}s)Pg=l}XP-0tjHuaWbrc%_j-k>8Fd?Ig
zGEPa`(9IU2u)F%T(Y@cxkXz+Ni(x+U<K&<*WrcWfHezkUUO0*1P6d-I>B?TPSKhrp
z>S+(+K5uvmwD}X11*ZwDGvFN#X3RjK)y{+{{XN3muT0=bMVhu2{@CP|g=XD$9m>9M
z8lH|K5i@$!ZCC??+RFYS4v!PNE}O3lzMG;+q3lbm<Zae-zElo7B(6`5=%W3Sb1n6-
zSIOrq=&R%bLdXD=SK2@3rbdS6VK=utSxuQR+ecC%-A6*FVi#gBAu_w=dlSF)GdRo3
zdClgw8RlM9PX)N}38$Vaa2lw#RR{uhU`EfUjv88~-(4##Jf)I)chLU$=KAoNOM3Ns
zX)!V{4gS1uDfGU3QPR^!yM`+W@P+?*0f{<y_tEd2VNyyFF`OHknvl*u?X=DkjA5~b
zLiyi}xSPd9XY8aPtz#IvV`PMX;1aoCICKGa3y9O7Gz3<RL9^hq@Vx#3Kpj46GQp%L
zj(bAv=EC=1Z4G>{n4ry7d_Gfd^H&|~*52+U(d_|{lyG$}YiY4>#j!w+au)Voib0J2
z?5^_tnq44<=&L%CeG(=bWXZe?itV`$r+sE{8Qt*Im;%hKl9{>ZX<F@f1;uaRqO>s(
z?%D>CQ5$rl>V3N^^>A2<(cH+3GM*EQb!g<O^ZBh8Ag_3EnM4s*QiYMo<o*8MX}=8u
zvk<ZWLWZ+mO;C|zm$22zMd#V4FMA5<<1K@L-SqMV*1dAg?e}|J*#&H5_IoA+Q^AZz
zC7#&aOfl1sjy}}nnMp0ks&C1B4~o`%QNQoAfWjJ%)(}y5SH0LAF1M!sWHOW2DIQ^L
z0jn^by^vZJij90M7fWHaRCoY^MnoRw(60e2;?LF!>})zjq`ke^Ua?104XXlnAqO5$
zOOT)z4oEJ^u-WhT*y1)@%Nc+CAzDznUcx4LVSnnjklq&R4ZIhOf4in=uQ?5~A3b-<
z1(V;6_)dIK65XY#CjuNFvM(`>Zs`TDqpCN276!>BwCSA8JsgB49(PCX1101nas++g
zR2N?fiur|-edW72`?^JZF_rAlcE3S*9&{re^4vowgd(7>Ma|1;i6*$x%6Ygv==yI!
z12R8*mDu)FZwF+z-y_&0JctRs3i{BN9zue~QdP5%rvGpZTfL>ABRP+|UJLKKEV<8(
z@8Yq+r`*FE^dNY0%^Tcuh*<*51@LI@xzHK{fSz*<dE=T#O?(AVd#@h|0ofqwv1`i+
zOD?%2&mw0}oak1puZoc*)pUoG`0dax*-)(SglHh!i5{ez!+UYtJ_h|3bdvf|s@%e3
zLkzi?n>Hx_fhmE=jcwB1+qM(47e`J4kIkFIBGZ3h*xHLs7Y&Z;@*feUdhxwhsRZ~c
zy?ihXk3O-k^U!yMOh?veyJM>b&0eYw$82a|n5$`zp+3uh3{%zCV$XS!;2@$NALID-
z-HFB%q#LL=QGw<{^M_7PfhWdst@uIJUbVO%tc({!u0_Mlxq?f=XT{welrgU<qnl3n
zD}=VZaVI1oBOKqS2fl8V?9MJpbX+6S5{qbuV>x;M_z)k#NU)Hc#MYJ1)H|8<V}oc+
zhpe*rs7n3kQ8-+7>3c!DI=;sw<cmcO=+}u6>;c{W3*T52s@SQ}VRH87o#Cv%s_IT-
zvaZv=^&7-D$jpnN#PAcr&`0ZgvdJ;P2WxnHTIu~Egc*Gz(5ZXBpZ0oH@M&VXy%)zk
z*M0b=8FZ-jbv~U8O}!aRV;LmNHbcyc_zVD9tzZ|c=lSsMOW#T~TL1&2H>F82KTTUO
zY=RU(OCo?h>j7&5A+`6Wc$JM6=u0Bsg11Hz66UQ|p#t1xo7MFb>yEtf7?@Z|bW@j0
zd!Q5Qx_tEmjJecy$elrmnn@Gkl5}EMg?A%#19qTtG?QKPPjI>kDE{YuWhnr`U<zFo
zsq|HznlX|2wsazGq{<BSLI3K{CXu2K3S;->=e|<tOUEX`v(RjA5eayzG;qG^w(ubQ
zS%CP8CTsULE6hW7a+cD6y|Df?S0p?Z{yDvv7O{WzPD`M+8Q8pK<lnJ680gA~WbgFV
zUm;`uziP>(O_v6reEiqb>Y;ER>@|6Y0iPi-MXtx?S<fSkz6+^Hi0ER(>{@Szkr7RU
z4(&Vyjzk)v&JCPdWi^Azk71ck;Gzr!iY|1g>O;dv4~hW2)@A4ofYHrZ93Nq26jzj5
z?9PASC;9-8=@_B_%B;a)a2bf}lzEU6oxb_IyX2M5Vq4%xs4&^YLlBLM3hqDs+t8<5
z!U0dPtD()@lvs&Hv3+3g+jS8+E`f#@o&dYTx_ygx)J7seVwD9=K`V5S-thbyX9gDm
z`a{yZG0=%26*tPz%)SXN9RntJxSnNsLDg({8<zp{1w&RqCJO9<Zp|B55T8CkvydzR
zDD<1AXy5|3!5r`t94UI;pyP%P)B@TP7WHHi?cGz2fioiD|F%S9AW)lWD31)SUi^Oi
zI<I$;HgM?c!hfDnZ{%l@)M&7uhaf?zI;+r4!5@|+nKk(nYK{$l2qCaLVW4!U1EjU%
z{3%X<ctQC!EJs-cJ^`hCtuPN%cC`w>;PgcaD?1_<D&6Wrb|UFLf}^1$YJq^c%kXiS
z#~GTKw8C4-#>XU#LX_YyME+zS2Z%d3y$`5X*l6bf#6%g^7(#bRqM~}e$G>PJqqN3D
zXwwP&{KeQOkkLB~FgjXQL{$Jpz^>61qK#&p`#@T?>-_YjFYM~<36b;`?;a>k?j1*c
zeD>6Z!M^3Q^^1?8<d^|6o#83_H7!Pho%BVwfv~eUo#eg;Q@iGrNyCy}gvlj)R0l=Y
zN8k-&!>>Y)%gil`xu96=RWC>k7>`|mNLdT;gIorM=i4%;E$5XyVr3`bTW{Ha6vPck
z(REO{s5Nphd0V@fVjEmO<tU9I@eEKXa_J|wmhCDn8aUvdX@y@uvzrzV(DyUAHXd|B
z#JX5&$oSUGuiSeJx^uEL)Jzgehf1Ik<uC-`$q-#^rekI`;zjJpeH!4Q9<9{IHyYQE
zPbdJrLuqX~ED^DQ>*Il={WTlWJ1f9JA4TE2Nti9{IzZ24qdh&`Pf&IwI3gvHNC4i#
za~SbA4U1jsj1Y~lC4Z`=2`KDtPv_-y)`iw}ztG(H+I8zBAhF@=?u*+rgLf=POcY9R
zZ42|+Z#Uk)>33;QUMNhVXr<d}g34M&*9%OieC0nysup1FjG2^0U{;<f!&9Wv@Qt=t
zEH~&Wm0Q6p%mkVDb+StqqM;jRxD-DoCMNofV#AcRg1%2m-55XqR}0{hn4IizN~{7S
zFbXgS0!kFEBKK3C<u<dP$I~ZDb^Jp#9EJ`U@m_VW<r3q-85o&9zrk;?$Miz+ZnKe#
z;2w~*Ez;ilTt5C(I@uY2=@d!+KGiraW}clsz3Fx!!iO;y)_L0tvCUw0W2q8Ncts1~
z7|^A6(C}<$gZ1&_@Dy2>^d`;W6SxeY^0*+jO&?1;rsCPeE^**n;Pk@>9iLxVWx*nF
z*$)s&S?B4X#T9>h8QMizJ~hCBz4^CZEwQ?rEwNv`sbIatriW&%WD$ZRl&Z(qHNi&Z
ze2OXF4W$WyRwN6hO~W%WoPQwh)w5ANKyw!s2=dJZU~G4%Ler!WS2Gd6egLaiKNIJk
z!zK`wkOSbl1q6z<n{56(-QybBJ89@bsc8jy$j5bMhV3W=^1v^5V?u1`e43;Ac#x~h
z)@^oKB>qjjoSK+JT-wBqAy-&l5|a*#YeWOJOO?x#_>jT$>T*`7=9Mq{3GN}>P3G6$
z!Bkg#V5<JxTZ=;VCpUlXITb;VeC#Ws9npBKV@qD!CRXgIDDH&SB{cCDidRB3>f#mW
zQ!g(Jy|=VBoBJ^PYzCd{BEQLUaHi`UGVz{hOtUAEZcFP0DD&f-6Pf<`;9Pq5;9+O{
z!s;~S;c><xncT)6$7D~3xEp%mQOY#ut9P`o-iZxRod{Yr@;mf#beR&$E)9TX<(S_u
zWCYyF3`vhczJc?s=gf#WEO@TV51b^4%H4)w0Cvh;)F|Cit9B=(;~q4wbSJPAp}=GD
zl4qdi5&>&@?TJ<Kn_25BNvI@1GbA^^-jC5)@M7CM<F<VI%9NPfh{6M$LwS=K%r`^|
z8b_#jrp%zkqUA_KPE<i@pq1lGJy_d_XlMCO4^;-kqzVu2jO|NDs01NA-4AtK63kzV
z2mEj`$tlvPiR#Gr1z#QLIjjA8I%j(~)>WUMO7g`-@R)i1*y0Lp3%(GGPy%YfPW!qL
zzlN_CIps!lI8Mi3bi*Cgx%K0d-5dk~q8sBy%i-Cp1@&_8!cYnWOO^iDL&b?Sp!d+o
zN)Ql`f*?bssj5yfmc%>1&U7-^X&W3}+rY9@%v~@ZL9!@A5u`eI%B4NH67Rg!+|3Y<
z!8iPaFD4ZBvKC=Q_~j(wbNar~?{B9dfDx>yx&=~zz%iQ&^rQ%QalkpdWC3_NUtaua
zwbIk$V;qo(Aot}EW8y;}$5v)IMBwQz23F@Y!W(Gcu~9#V1vY2|T?75r)3JA;BHIzY
zTu<-eNQ`abcwi{B+Og2qP$4dt<H~aQFUofLNp<_QxIO1y6IWY?%FXa)F3#_8Wh5HH
z3-Ex}nlyPoj`dGNlos<Fz@x64uReIL{sy}yd><a~B~%m8>v)_=j_2BtcOcLU0tsf~
z=}^w&t~OM+*rD&YV~^@t^h5d<bXeVt;)Kdx{b#cvTOD5&(uy=55dycE(YsFz|97(h
z1+xW|5W~O$-2w~T4#3l4!J9?+w^32Fswqimn-xT`%FoWuBFmuOG9XK3W2Kc8K;O+@
zBas<+S|stB8in<Ma+)GI3smA;Ax{1dr@iZ}@c`V2D66<bMIAX-j$KrAimtn@wj)>s
zHZcP@L%LZ%cN*!%fti%@fB5rCadJU->LAJ%gl2;QKtWpD5G2WFA=mhR?K^zmkKeMt
z`{H`v8%MRgkUw}_+*zhLMy#E|4j|Ff0L^1q2N@Lg9N6B?z+Nx}*|wP|3yt#-fW;C3
z#K1~J<wKq2=kHT)LZAwS9*M$Pdluf0c_Kjq)qWIOh`a(|ue1O-ESo(sCB<<|TBFeh
zfp0Krm%f6Z#cr;5d-+Kxw4|-(@ppise(sTKc>wb*!5ghZ2aA?Dc$~6n<i*!Kp;M>2
z?gLLB9`FHlXzT6*FZ~?$rIWw_BGMBGk?E<vV1?+fIN$l<Ko^mF!`3E2CHENa-7S)=
zxo{q$Mv*F(mUqknR@)TVLx-0P<DTI8t=@K<hhAk$r7D8~BKS3wa&BKuNVwj;0(mh>
zFr;d%+YZH|7z{X10mDcF=iv6KML_71Ae;G9j!xu#J^_Kx)o9U$F;EuC06qyRD=R;R
z1~D1hr;QLX6+HB{=2iOGO%^BDOxMq73vhP?09PjKHb;I-w*?VpqwC^);6i69=xUy7
zeyJb4liWMmK3p5MIPUa*sc`q_wB+DwaRqcLP}BHnX`Jz<&<bB3Ft)m=qX0s>kXvPt
z?(6e=6*0LQ$*BGG?OeZe>;Y!Wem}U{O5EXsPJ*JUp`|Fe9%Wu3Z5gZqxE>#Vpe?8H
zG=mrpbLqM8QNwn<mf?)gXq<;!^()uK7h&^9ckRmhSQq;0u+W1KrL9%t+fMnGcOR<;
z;W6AgWTq-1LA%+rGgj+LR_naIBiAr6*G`Fi>|Dn#K#PR{J?>DXe!;7jy@U9UA-KzA
zbJov8CYK|3HaU+ZDS6!^39vu=4<kqRfs#P6Wz4nbv|!3md*WlIpkNTzya^`iu;@3t
zF6Ji%xahsEys934``u;1)*EjPJntzMH=w)Iof`vGbtXc>=#JRKkIS~AQct{~?k9`l
zSdbhWxhF7gux4-p*{Wo|v;w=ZEA2C!Kv{Ib9Y;%uR%@yV(gI=q$+U0#<&XD#KI43J
zqJ3D5eI8sh=7ypbSAgUhxbgef_RzlG?*126q24ZsgtSSH;|kpjx^TT1lQnz1<KC#B
z-fAkW257OQ?PiK(<rm=Iko?I3xe4H;acWdLH~_cqFi_W7;I=kLHftmVgyz94SN#U^
z8zChi`;0tT65AjI3B)I$Hx8PueI=mIbq|71>vsy^RHBqNoxJ4wCs<($4uC=d>*r3I
zS|7$rwaR?0Ptezu3Ff+KDt}KnI07yq(p`2D*m=eDN}_<>Q55cobz%*y=i*{QL{}RI
zL)-0=W#8mZ`97YVEZn(z;Jd59k*Yosp#CR$2u{^>rv0XmtDFupfF9J11DO-o=*B!Q
z6K;yZW<2>b!oq(^7op}t6Y(#wpUMP$01j`u{;&9plokQc{`{Y2$ZKR&4j91=;fyB}
zT^LSv^i<?IG^}3~PW>xoBe3J4rDmdfDX+dnGUmAy?eo8WhMFL*<W7r8ILt5P#SKs2
zIV!cA5pb&~74xG{$w-75-Xx3JQ2udWK2+yOXPA2JS`9IUVl=@FoAiGk{Of6X;J10!
zB7*YIA9l2l<^N|t0lmjwN<RyXsL8%PH7`m}!jNRw1N5KFi1$@XBnqfhfHK<?qAg^F
zp-Ke+Y=$yXwZ68gAU=ZiA?7TYN%2)sGsS8Se^5do2W$m73xH*-kbk`>ECDzNL%8Jg
z1elU7A|mP`)ZYQc?1EfoeWOyzDx2WI+W8eOe$WyGXSu+pk@IkX?$76hkGd1t`#(J_
z9`-P&Lr?7C<1+IC1PpoKCO_D72q?;@YRx4;tZnB%mzz_BGvng0Xgf=uZuDMAF%n1B
z4!~p!5Mp`3k#{`_(sf!POVAt60-xXT8qr>tLoivs(m?Up#3i_v;-WXd(dUE!?6Iz@
z;*;_`d8J6h3obTO7;zj5(d-LJrJSC|^=S4r1B9OCCrprX$aS|DPchzo_lN>A5%*@m
zC}su&2Ez7_j=hyY(msG!U7;hGzCoFWPP397KH4)uYhQ3hgE6MIcpvaa3qnFz&VJ#0
zAyXGXwqyp1uM()dErX~I-Mo_zVSbPjG@ivaF_VYV$BT-Ju%2uMgqa(TH!h$EvsENJ
zP$Na|fB5ta$!F4`633@Il>WmJZwDv4C|YMr;Kkz?(CV=#Cn&eEm=TzltX#kxDG%?>
z;r7wpHNG-H$2i^&K?DitgzW~r047*VvTCo@$8>_E)^lpPc;16dlQ*u|_eg|w{pE)^
zym(br6=v23-c9pWNO+ioSb-L3QMER90J@BpmeLxJf`14}Ls6s?0014zf;A0E`H1ZT
ze=eeE<{*OK9J-Ve({wSB)?psF#}32sP~{l?rdvsztUR}(iLDY7EDGE?6NQXoF!T-I
zZ>{37W*^W~a%DBp#uFLmtJmY%94oF@>~_Fb?6SnoA>`ALhdTP~5QnQirqm+Fb11q#
zdZGW+%8goikAp^1mY<AZx{M>N3)eJ^zuI2`gLDgMkP2^`Lv!$?qClDrs|Y#k1eiK8
zn%O%!bYSTRUF85beA?fU7Ubsgfx~OabSPs!HEh$PVOK?%F3B@iG#SPjsB3YX(yU=E
zJMX#C(SuO#Qkun;>*5lz`esb84(kz>U}{3arw-w#L*myl*K56W9ca8?|EB+8JCW%P
zz?zO?G?h;C2S%=qu{2=t%dcDs7rHeD44QM7x%i}oJ9sXRLh|k+#=TX+Bu1HZc4F(s
zO+FaP(a|EKGbMoZz=zH6bIe&69c_kKIIt2%jn&2O;K0_HQbf8_cpEg;)C8oJe)FmI
zDN81>!%AbfP$qaC`uJT_Z$Ds`Alnjb^5j8RO#8D+<fm`AJ3yk?cySAKVr+xU`uGoB
z*Ud!C0b9Z)u|KDE*J*fTH}2;qb4!A42qf}CZ9dM75O7084kt`Hs>|*Ihce7U!q>-L
zwxCz&jFz^0*QLatl7pP`)sf<Vixd9u0Z8est~I`}ccgyN+#j4>-==z;{F;5a>eV_w
zU4;v6;IJ+Sa$LNd1+gI#E+9e0bXl$tv@_@r(G49CmH$Xu7sx{(h0{gIpf-mHhfNcJ
zKp|9c>|*5i^Mkc;%*g2>zwVCU@vN7R{r?t-!%#6qCkr4A47mk6q<{&{0Hs`WI4re&
z@;=J%{*HY>OnXDqh~&9wv**i!1)cw9dKiWsXo-M>?}2t#0#=>a{p4;;131nC;!8=8
zI>9jJ0L9gf0u+$C;;%6WC7vQ{LG1pt|Cm6iJ5iX)V!)<)lmBi&_+2n=aQ<Mbrl!Nm
zr9ZXV{SfBO*&3agr+xQ>Eil@9ZbL_p(j}$j0{a!fiT|#KTtQBNTgRAt7&Z_$_`QL}
z^J$<~eFoV7Fnq9R*$3Lyh0;}!`53B$lNd=uV>eh_%i@>}4Iwb4{U2bvuYUx8rCk4Q
zk4Dyeps_})RB%ZkjWq-IxE@G#WbX+^yMod1fjj*lEHK6u!rw~b??OOaf7L^f{#@Jo
z>B9#Q3*Ma?GXC?8OaOLdXh<{$Kd<1--s3C3e`K35?`8S@{{$DBCp-W#aRyTSfb|$T
zZqUMx7L8*gNpm?!CItD>io26WkM@E5=?**fE9eQ(7WwR2X&^WVJEU*J_a=LURecQW
zLG9YmWdlo_(7E{j7myJ{Z>;u6KKj$~lv~igix3jhp&|VgTF7m9ZsZR}D8+RQtKqR7
z+bB~@D~|BjH+;VbfrAtXWZe-qSF+Lg&Ej<LgR=M|N^4bu$9D|}hE3eKyXzh((<_jo
z$lHjlP`^<_&n-_UayQWvD$4b3W&Y)xL3m!p9Tt50^yv)fWlIY;ThE8xwm;XndI3)m
zD(?{AczOXX-#Mknr&f<B>qp&8v$1i4DKK}k$9e>VKq`-%MWnAE2I|F8No!428W8F6
zR%rr_1|ZkU?&@+5mL9Mt1`P}hc+HP@+}}Q*+%LLM|2e|Ag03f^ss(?}lH7Ylg>Hj<
zwG+fXqHRw%z=8}8d2LX_5;lP#VQo`9QD;q~Ou|Zx(;5SP=T4m7HHciciDj*lgS+n>
zOhTpm@k(cM&I7#n99$DwId7WpEq-?dxbsu?6Td(I3Sc4@ytpUNR;=u}?v=x$XtdgB
z!}fqnr{9saUVtQXm*sPCi6i7L_R?F_(*Q*6P|gu+m#(zP+NjJPb8`C|y?VI%GEsbl
zp8?qyVRmc=TM7uVG1?uc_A|QeBY(t)l{{3{_=2m4gmZt_fT+JP_Pj7GiMC}fukCrN
zlw9^t6RY&nfzM-1mVGDj4U-$O@46+<zmh<3QMDv<L0RYIHceN*GEt#$<H?BYx2OKR
zg?>w#dMsA&LV=ce|3|&*zgeG?WSY7%i4xB`unFdx!K!_1T!Qq#&7mKynUuvTvgP@2
z!P0)>m%FBBm6t2J)@Y39N$#}Y^Ma|Zl@bK#8wGrv(D<T%2T#G&{0x4Q#A~S=EYNnn
zY9QreBDS9IH8r+(E&x<)2o74o`tlpZUZoDq4pRC~|J<>0S$vT1&x?frQYGDm^e_RG
zFcBlOOV*-i8FU>yE+gd*J1gDRO33IQa>g*835c%?F;iF^lU)|}m#XLAm56CuF*R#R
zWMkWmTl}X?Ry9LpBCg9Zjj6~b3rmn?xOf=d_)Kcd4HlfuA=|e#ey%Ielo`YhdX;1v
zJ85w^9AzDV#et<Q&3%0}*zA6OeWlysdRV*Tgh}gupMYAD)|bbp$Kb(pApSC$d}o<?
zRMDlXuT6a$q#eM}=+nFQY-@T{#pSj4g<p1LZN1fUui$OS?%@S5T|qy%9MIY+i|X6J
zah$ER7fLkga&<_9Va@sB@~^{*sj2T@Bwq6`%ePp5+#GgFYNM-On&Gc|BmRB&MpC~W
z>$vk^xx#hK?Z;g|#}^lU^<r7SKEKj179#h^{we@J<Ms4=e0j&jyDo2x7e&Ib5H)6*
zi=TIsmAY&2a`_V>W2Bzuw64p=h@E7780`N*+3EkN`LBz^7l`R5N#Pd<R*^jNb^x+)
zpL+{eZwrz;Km3OJ*g^Ho)v@a_;xo7Z;PLyL0-KAh@@6Kt&#!*L_?HO#z888>X!R@X
zii66%Q{%#m)wzrsfO?9T4-9%%Ybi|<e#7_e8(+!Q--rXIIwN3OxchGytvUpxd1j^@
zP+6V+h<T{`9{ciIef5o1;-JyU4N}ehyP%}sk|@ve9JrMsSRj=R%#4MlWfGb=Ky>O2
z)Ai9Wz1mU*Xn_p0jL)FvbbJTUsB9kXX&>f%+5+S&O3!JKzTmxVL<bqP)9*x`&Wn$J
zPx*sFRZ<4}LbPZ!4d#?|0US1u418Amj`x5!#bi%SZz~3*=6V5)Jd5R5q18%RS@U~^
zK7Aa@`E~iw6<vlz6a|Sxs45vrI(OZi@W1}<B~wMoh<`BCivzZLB)o9bt>20pJ%MKG
zMaw7>JOs_t=$l6%5bPX^&H$)^ku3sBCySt<gFE-ZP*DwAe9@Z0<<j3r<auY#kbx0L
zs{qFZ^Q4fJ6oe5jiS5wQJOh^fGEm)7+0WZZ^hBm32a$Z~NW$4I`xH?a*Wl9Epro5q
z)P)z<K*;(Y)S9j}&wwx`K__iBlCu(BIS6enQdhY=ihA%1B}<{yuB-cD7AW0GEY~8z
zn3T1$_-G{)utr(tThS{~KY>?cS@BvpRSH^6lx~m4&D1==HPL>S3@8VwVIX1+RjKH`
zK+bC2`jLO({iEf}^|mvnexRj!xUziw9x!`^o6*ZZucAx^9uck4W%nZz%(^)8&_L0r
zoBMR<qjf-$rfX5Fdz=`hqVsE1ym^IrS)lDAQ~?=fl<<bu%w;l<tZd!{OY8ciUkw1r
zh^)YvRF0@^_9~Y<{eyjK5`!-%k-OLl38|2y?SxB&L&6*?RQ_&9sI4xLh`RCN`R##4
z&CvxA@L>im8_SW%E6*gEwtRr3UX+f8lC|fHH-1n!FkyFw1~D)a;4LywbAPt*&RW-D
zZ%_O6zP@nc+kH@EhTr^zbiE-en~13$9}b6`>)N0C9OZSJNSm>-Nb^URt-)@MJ&nsP
z`;Mg6AY>cAC<~3<5x&o`-Bd}ELoHQQIQ03a+95=og1z}HkbW{wl5Q(#Km~Yz$2w}2
zTf%vm@r+P}h1$~#u*9qsmi5s-UAKpg9Ycvy1vX^~!3{Z+Xv=-*SIul3%FavK?3rhv
z0rRm1piV_@u-m@r<Yn--`gB=;e$%&{C%!%UH9(w;eGca#e<0mtbL1{=(FX36V;B*Q
z_8-s0Q`wtp4r_qIi(a9osA%=6u*mXb2Phcd${e<PWp?#MZH5?TyMM@+UIh?y@GY$r
z^McrM;Ct+pOfRNab4iizTvD=hfOg_-u?cVRG|~7vn0Jvf<f0$g+LF*3zu!?QfS<RV
z+w$eB;4#)EMX~;m!RIo%jUy+ax4aC)^7vg<XslxgVfHSY42RJ!SUvFfjgfoP<o!J-
zEBQ#jVpD6m{Be3ocmcSLew=+##jDGOUyI+m@MZ;8f!^rkTeJmhdV}um9ir;YKWDXJ
zSxtiy!E+s&h5-!N<#G{pm1dTfyIO1M4app$jcYez7Ty@_TSjtW9sL<%`~uzKFc{&+
zL*3k!me@q83rzV-+9t%k0Vxm>rHA$$Lz5y<`!FyCZ5u&BCh;PH6%E=cUF$zm$3YdO
zTnahD5uiUtVmIV}(psRO*y`~Z8#Y>a3adLhl9hGrZQjLJ8F8jB>~;WsbZk@nZYt<$
zdc?fNpVe>*SbLU+>V*8pd#BI*gw=Z!RlB+5JZcGz3i#?@#?J?tkA$GS8$Sh5TjxGl
z_IrHq%t|tpE150Zx|0icVF&Locixvf|M|YAta|qWl1d`YjIS0vK1XV`&~lca4v;>h
zb3LUla4=p28odyo-*CD6Jb<`0pGeTES`A0R;sl@L0GSB)^i&@zuF(doOp2egGu%eq
zy}++Ge}@d;Qa_N61^IHe>tFi7+EP)Hr2^{#_k(EC?D>TfEtry>@&LylQ;UYL(%~W4
zWv)lSy<!Y%*(7LXUyjwnHE}IsM2Dwo$6H8fb2tLiOEPq>JI2uhn~v{r((kCb<NLwR
zZxLSark=_f;5@EP0giFh_s8eFpiNn^C&@qdaahiV9aQpt0OL5?Jt+=>#PQ2Jk#Lqz
zNa!$3#xJ)+SDU$~;*oCnXYk=w{386mnt8R4>r->^c)K!4Kd;{wLW>5xwZL_q;#a|m
z)>5|EgEMFlD4>cu?tLq|P-C1{q#!py-CZT)aIV|?V2SDOE@)4@d0RSgey3AYoq9lH
zRk}^6;!($i6F;N*&wu*8tifT{ps)1u;@X@>1MWt4Azs|HM!#coP&HY?Fn7Q7wSfM|
zn7a>m^jEA4eU1G0z4)&>6puDsg*}ODSm~q`vvwIBpyU=Z*Yp0A8lY0FSQ}kq<3#yO
zh6==IPUqNz=D1z9rqSUhZ2B2)7ps>v4LGv}T!o*sJ)b?zTLuS|to1AKjke>dVVhr>
zsU*`C8jr<qP@gGkSQ8)Td>QsuTsvlT+&b2S`M^C|&sF~Vo2C^aDi1dA^|r*2%Uhu~
zPUpH5f9*fsmZRJ<fqBKLGxKrA^&=A#;j@{c-Y#dFcx)jFnG0~98g>~<LWE2n`i-Wv
zWUGVxTJ2^#wccl%%g)W644E!Zlp1MjoJyb@Y8{6hwf#R(zrS)#Fg$Q4B?RZmqx3K_
zS}Y%yxfKa?++9wmJvk$zg#+nHN9j$_brg4Q*;_BIySz|L$fWGWT}csd=ty3B?HIO-
z)s+3Ax>SNMsST^I?~56@s8l_u*dL}Tctn5GiJw}kTL!lmWKNG>j>uiVNsv`p%FSK5
zDgGZ(QHrWyDabpmp6DMmG&1@W+8AdEm_TR(?qkrsg3VSezk^l09~M4N-Uk>Sc0~&R
zRPd$cp~r38miC<=Gz>bQQ*voV;G4R2Uxi=)z3IeVLw>wMda*QF_6#VZ>?7UB&1;WS
zx3TP>en{|KlZIb|mMKu$c)b0s3YG)4Sl(Vp9X@)HeN^VruV${mjawdk%LqS^Tu_iK
zC>Gi9KJxs>V@;U{zYq7n6WL^an;7J~cEF=8@pH*}<AAfGJ`mz{iNj>msXDA}UD($H
z>!kXRM4Q(fvYpr+uj4cy(j+eWkfm3h5*7L6Q-3YUlENe1Vih$d`hGPWnI0IUs|DTt
zv?o&Q{U_V1<{CIq*?Zvw&J3SU*rpd7T@FLJb#K(79~wF9zh^jh*4807_kI1xLwhg_
z9`Pp3xA!O+#@4CkS<ghF8>Z#c-a>sAwZk0LVD{Q~GIw6_btMdG<Qn%BKT+0-w=A__
zYP>shZQzKAUULO*n+3bwQyU^?Tl%+|yzjMR``uVB_lhL=YYDM1-vofuQSS#;`km_r
zGr!{XA8I{<&Jmw}9d7-6MBr|Ej2Iq9rNPT+-5FR=t{n`l<=?{})ikTcv~<FKy8b3s
zKziC)G)PHx@K=yiTS~(oz5#9}BZv`MG5ftEKJ0`6)8IQnt46Lh-<0FEh{kv+?6$fc
z4X*JeUo=jHrQ}R>w4yzvpSMik@;EUO76(hx`uk(x^^<wu)3>oJudl%E-PU#*t+I-M
zs$|YIQ5WXstL)$;6?#)8VCr!G`-}csmp9Iez))LhmHb&j;!bjHx}gwM>+pS<#F6T4
za}V=Bk}=VI?75d5xjxWw<$_<EZ;M4O^s`;HdfcvRS=MyhKxue=X#GRN$8mP!Mis2v
z1DS>X708YdU-|tdI&%pxdMvVA?aSB^THd+V22m!y*v+4zY?kG4)Q2#cv5613ZI!Z=
zi5SjyYM0dJ-j?$@;ogx4T!qP@#l*8%YW&DIXsk<{DT7O)$wtbb2anQm#8JUVIKjDh
zdXp7*=;xK$Psjf-IR0Vgp+X6yZ+%P`{(QbpbRcW_0R2#hwf210>BJM;n%{lBuqhsU
zP_)#qDUB=sKHW$^?S@rCN8^kPKSXZe)kO$`r={+Q8Dm3b1I`aH>n`xo;FhOw+?6hn
z-wq4g_e~w0Z2rXaF*m_@AE<|ZRZ)9HR+Ma(+3hS|=5tQ!>sL-9XZu%aiqiy5WQN79
zettnmi*v@ezk*ZmHJ(^Yc2{3Vcq#PphG@(>gKaquF|&RjKRmvXbn5K+&6suN$C~)D
z6hC4ubk1S(Y3gmS8-6B-UZI<4OT4O^*(G)NxKs?yCeLZ6J$z9+hDd8{d2K>T*l@t1
ze+jwQx_Q!Lq73EJ%G^!I{8{76`V*<wIv#i1m-)0`D~zwvp8D}movvRKHzvw|*4^wQ
zc_5mga_-xTP;Ah7QyM?DayE@duI&jtm%yo2^eC{3nh<kpO{fCpBKFGtFb?UU_s@`F
z|HlAr5hEJQDYP~M*o~~iefftw_w1<X!JDP9?dxymG{6>I8M!CYJU_%o<6{0Tru6ao
zfLZARwb|ea-H(=f(Q4sM<C-^gvqmnVCZYa(Q%b<vy>Am}j=rZ}8*y~*D4GiV{WSF(
zG{RCjBWFVBc}?36Xp*mG$-BIr$5*hOXTst#3RovfHGT)})hg%ujE`R;l4sbN>*p}`
z_my`g^eJe!7q*&@`NyZ&Q)@d{I13)m>hfJ1vK9)Q_S{b3nu$K$=Ud;!+iJSJ6vEaL
zb#}in=Fp7l*`b^>oPk?;cUlG4XgqE41vcvX0log@7nYsk?w6NuXWZ!2<j?p=`9PgV
zmj$o&n4QuI!d`Jo4raDUf6o!~hhfVlanNLO%ki28TzF>pXK=JT!BkJCkk$+sx8VZ!
znu2Un)qi9wZaW`)nIJ)`6^0iy#JbC1C@r!gtubb76devNi3FJjOOph?ul#Nb9ZDN>
zWno&iV^NVqHd*R3sTdFZ?;=x6D;oc4<r9QV4yAXJYFA`TbcUb#i2`}}UBQ(x#g>{g
z&H6)sUHz-X=SjJ|7`swDN$h@l@?XyIFjA0&ti1WVJ0yV}25-JM$-ay%C<K7Rwz9-K
zi>aM|@eV^6yb}|Sc!~cVqyO6Q{^nwcAuFq4kT{?%e`fQ4u{3{2bv{Ja6$yP{|2sy5
zVwQ0D$L1S<J+cW%)y4PenK4345VUg#25;xOm4koxu^3{hYah7zL!-vWOigB&XRe=p
zr<6on-}2V(B(2h;vB`Ypz1DlX;p&8E=H($3CSFpts<O%HZE|cHnKBeCs9!hNKR)3+
z2ZWwC*b?>1sYYzMG~`JEodj=)nv5a<8mIZXA2OBY0ibcsi<3~t<f*xe1Aqz48mNti
zf7&*#eh4wx2>4iLnG@>%^G9My3rQ}2vgXj6;DwJ?hbi#iP!Kry(pDXOf4+|yv^0{9
zIQ>`kL}1qeNMe=TA>qGc(H<jEA*X}v^5laXh3Yc^5eR5CVu1v-INbx^^ID(V^80jI
z5{K*3xc`#ER1lOrJACtjBs5qY**HFX|I;GEo0Zpg;a5L@Q&wj73{aRz4VsD!n8%0^
zoW$JFS3xD=uesg3m9$Z<B^|9kw!7ow(EJM!$jcxRB8*0)a4hdO_4)ZM3gn<+lU2<~
zJd7k@D4r7p6Yol&ZF#h0H`R)wQ6(i?V4U5w*qkgR1s>9MZgI9>fNc|AjL3cfQ~JDl
zEP(ab`+4e5nerZA`rhO3(}lLUr_8lAigk_Nh|vD13M00RV|mV{6d+lHlN4vbqA~~L
z5=xI2gE{IPOc}0U=60)Z1$(R$04@&q7Ic9A7<7IwnhRMKjwlU6u(_#8S`+4-@n?^~
zomc8~vp|;fGv{`+L48UWA}j_#*SpyiELSDa&HB{c-5T5j`(g@zu?C00=m$zDap<^h
zLoVr5@00TXeeLV0zyC+Tdn93WJ_q(yY2G&g+HFC*Do;r^E7oI^S2h3E82D6FP#>5A
zmZbvdX?VmnG`efSZ`J+%|LW=5<DpFVIAK>t#}G@+>|$LSDvMH*M402Y);0B6m&r6(
zOGtyQXz7r0-PW|pamiM0p;;wLE-4c!!Z2j<Ns>`*RGLDa?_=BZufNRuK9~3Rz2bW8
zC8z^O)}pW?*Kxh3KzMO?Z^%GZJ|F5WHdIPXu*Vsbg-86=etI#yr9ruu0U0`f-=7w2
zP`^wlo6<2Nmn}j7y9qe>UMOffC5TtdKql9{JERjBmbxpW-w)!G)fm8cI$#tUhPDkC
zzRkPPanr<skV)L%ee+50<TK&)NXI}e+^MbQ7eT(3*CL1|TKp1|rv`@o&0od8c4q_E
zX#*vj0gd=75{5Z{gI5{;SAS(5A8(V5lr<*CcY5t2gx?)8&#r?xu~70qIHflZoZ19s
zr=f(Ei9@Qp*ET$?jbPHlKnw^)XqKG;^ST;n(MIAdyYdlpUHQ7pGVzy?Jy*yP*CNt;
zw0RbHdl*L97LqYHgJApBteI|GrLt&co<#g_&YgfG4N)>n>Gvcwf|F#>Zx(&z`3|0{
zZqR#Qvb_>@RhpF|@jf$%XgG~-G=f3I6hKs!69b|aJ|fz<GnBnnKCe!Oer^<5C-G}a
z_|sk1&JnLLgQ$W0I<*`yTTO~S0{kG^ubU&a7sVCT>7<NBf}hZrK(7hBt#GBwXVAQV
zoxfW%dSk}xO6OH{8#@Nno3IJCg#9DtD(BL(VhYfV#6N<6sSPUIzT{EbZxH?u2XB>4
z`NA{EW<T=9#!*pV24HWZG#Kzb7-zG-_ehvMdp{R*MJr#kSm>P%InF45)F=1ab5LSj
zx{P#jvh=3LSNFFviTg1jV(}?stXeK&81e)*EHZ<20Jp}CMN~Dl^R@4OR9Ao|bIy5Y
zNkFxr<%Z@#Qan#A>y7W8&?b7C4!x}+adaz$ERA9q8j#WQW%uDKeSKjjT7V5>4+8D~
z(thm1Yv7u*)74ERfLIu_Ej@`xdH_~TkvPE>+gKseg`^n?Uk*zyewgPdDeSTGw_clq
zidYf_TYC%a0M8X`pK@Vz#bN||CvsOzG3ws#prLQD>r&CJwl<47{Oa-0RjukHVFG?t
zEtq~k-W20mbutk=L-fEw2{37;x=lQpq>7s-GwFmh3Ax%SFVKIx>-V4c_Z~%@T<pbp
zL(gEl`2#x&PY?8-cb?QZ)9QArB%x0*jqOch`a0SXE_mN4g!18Y;C~EM=(<0=7ZX=Q
z$u)4GGwPQpBgZvAYyKpk34GH)xd$}g8@46U?wOPZG&PRjT>12H(Ar-^1rWx0h24RG
zuk%>N1VUWeAqNqf8i5RR(cVLQWJ-#FiO7(IDPec&W32xLYdE#~k0|LzoE%0w<4eBH
z>*r@qwN)+Wh#yxR4!>USLZ`GO%Q9bxo2>#k70Y}-6j{bD=j&0|QkmwOL=b|oAh(8W
zO-sKmA+&oFxpHaMrsz7TetoTE?%=e5B;mCRuWsI#s<Xe+_NrX5UCFtj<ORi0VV`8l
zRhys^hpGXhT5-zO5-Aswq%E*f=K-N)_AJZqa(@{>aWwddqf<35JW`wB)bF*lR(kHd
zr{0cl*g^LN2;55T)RwVGffVR7uf#H>u}~i$70ATCZR|+#k$UG|=!z4jFU`rAHG!KU
zGraC@f4k2+i^7tKICDe;8DR}X?zI_XByEr9`N6c$nTIulE;th&8>Xr(YkE}AG6)Z?
zoH%*qn#B||OTCwK2;Ogv(vVHN`nbX+LU8TjWTmFxt3%_TeM1=ve6c~kzqFLW-B*8#
zcaAF<Q~G41Uidl^h6}Z^RH+^L!0g%32s7oZ#o>wfkFgwXZGW1RGpju9QRbniV`ViW
z0?9ptTbPE)Ya@x>JMn=10T_{?+Z$YzOu)Ap#6SCd6sG<Yt=86tfmT$d#4*=fXC;O-
zn<nHYcyhHr<6zgg+Ej|NSVM#lh@;EqeeJMI@PouK;9+L7M?NWC_#H=WsM>^1fo!<_
zB2Y%N?(aan&;GDAkVB>QAu3kpzc`no)wZ4u-yp~a*kLP|vkwTi+^?>=rngg%ACD3x
zic~IdFfnn@*SwRp2m{T|7;#ZQB#Gi6jmC}x19J$y&;TPCm6ON`vz_hF5=B^DZHT%K
z9O@66i*ixgCY?-$mL`V}L&<E7zVhxFgk(aWmL+9mT(@iLKWT=w^%tz4{5V|4KeL`)
zrDHImi9Cl8VL4AlhV&WK_#bd9Zv2@QLrGevEe|ovxN6asgoQZngG6e}?O;6Wf30lb
zWw-#t^RDrw>ZTPrcaA(z=ROO7Q-|c+sM)0r8bgQ39r~*htA345(yYnR5`czI#;WUf
zbz5I5a~<hm767)Ru`<U7aKMzVVh+XBXti8ay-cy`lz)UKuo^xxl)Xy|;*)n<nSY_E
z-9tUBuqXAgYqrF&*YDwt<tlySSR-BQBZh%2ojaXG!lM!g?N7%a&7oiK8Ee+9_c;Cc
zoleAnQeCUy6Dv63yxi@VJpqc3Y^aPO0D;FUBW}DowfYIf9=Ys1KXnb;z=49`PalUK
zJgJ~Xty+1d$kx^#(sl|o_c-`iZSUvu10Cjf^?eVe#QZHGw^NnwY;1Wwjf1v5x@+4S
zNS{2vyBiNrt4?`-d${7Uu#?W2f=_aD(3a`2$t+7bDfj=s=>FFHQKnr#|ErraZ()Ct
Ol5(_nwX52}O8Ou06wbc@

literal 0
HcmV?d00001

diff --git a/docs/extend/images/authz_allow.png b/docs/extend/images/authz_allow.png
new file mode 100644
index 0000000000000000000000000000000000000000..f42108040bbbf9facb9fff0c320428323f061e10
GIT binary patch
literal 33505
zcmdSB1yEIg6hBBjN;;%dQfW}S1ZgBh8UaD1rBg{Mr4a;_loDxCN>UIMkWxZGLZm?&
zY4%+8xBK7!?9S}Y&d%)4ym98ryZ65PjdRW?&V8h<sZ4l|_8b}-8lkGnwHs(?=!a-%
z7${t9_@7Pd)kZWlW;E4nS8w{DuV&z+QYapF$h!54s}ZTqYky*%4!-sX<D5^X3w^|o
zM-``f1k>n=q!g+ci8JxciMc^7!KkZ>@vJuSY|M72eJ0*RBf^rxl2wv9?-oiI(lUN6
zFTW}e7?N}zG8p>)$&@ceomwRb_4h-s%3R0l@IfsB4KM!BhYN$k&kUDM4g>j2Tfh;H
zC||MCpF=t1Z<znz`CEiJX5i^|7Q4~wJIlIdrgiZnUQ2`dul<j_Y95^J)il#sGm5#i
ztQoR-9queyB{h4mPpVK{oD{p(7OSl{oU+#RLqU&kTa^~QT5E7$eAn?@qppemwR=-d
zy!ezn0`@)|(^tRMxffPuCB=|)YN}M-{hVjr{nYK(L|xt;>lOD;t;3&{XH}UwaPy)c
z8F$#SHy>}Q*9Dx^o2<#69lQG;Z+3qFK~_~|J8;3M>4C4MCgG9zOY@PkTYBQ(s%(fI
zd{4!$4aQdJC#H>uqm_$~U)H-unBT8V;e7}Hxr~4PB?0TMq(oj5kvgBv7d;u021+rs
z>~>!YVoC%_c}jH)HAA%CJk(o_6v27QB#zNAf1z_slYPL`xp4U0`{6HzTHRxB9foKK
z=|qwivI5PV%p3jmP7nG5JGzTZYVLJ3>{VKIPQ==Lex}Dze6uL=aYXm&+YvM2L8+tF
zs^!|6gN^&Ye|^fn`Y=x=;le9-ojNz`nk5t~IjJ?3<L5Nt!aVg9&8`&w^4^oRnyH>o
zd3weAucUs$)B9aCYpBgreWGMPTv9aX`@GP!&MjX@w()N3Hl3Zv{`_<2uV1gVhG4OK
zE`LpARVFIZEsX6+6ISNb={#}WxEtZ>MzTBPz}PQ-v^!!xH)LR*EFX66Vy4Aqs}2J9
z>VO)|qLe8DGO<Vp?i>-6as|I>ZH39bS|!itj*|`F#IXAkVzVyWC6cZ?&Caw%Y;ATj
zsSmx<W4G#vPQ0Xd=~D`S)*HJoN_*>5OzTOK-oHM|o^BGi9-cRKuXCHbu|}X3V<Q%L
z+OV_wP4^rHS9Y1GX<+01-<0jo6)eZN`@K|q-a1$F#_tIhE>tVv)>6}}T5L?W@{#If
z(FotI^;#RVUKO?NXEw`t=e1@}fA+iiY|Tqb{VC6~;fKfP^&WgFxE}MSp5Vdyw<=|Z
z^`YVv*M=MUY8}<$Yp<=lC%SwN=2999+QjF&Q@n3A_zb8_y|z|Q7IB~NDbq+3qFL}<
z8NQzHyE|kMBj)tw@p<lOu_}gnr@X79wXV6`Fq|@9w6bJw<*P?N6qWq?h%bdZ_0T@^
zqHcjl@<m;xZ*z82TXWr>!!pg7rBp&2*6+%F(#dTz!igB{D^8XQvk30Ps<&+?rWfmv
zT>t*A=CRgOp0pL18l{FB!i?dGGC#VJ?%z{^&gou9drk&1v{#~qJS9#DB|XLb58tdL
zC^K$8tJcnuFN3AIlvidk&Yg;kS2-d68-EYK0Lh3TvBFCwkJ5rDLp_!T>&ncV%ZQTs
zZjJ4?N_nlOiq~;d=S;oxE-$v}%j}4oJX&vFH?F!Hv(gbmcS-9+A%dxAXX(qkjyR_E
z!@Y6mTY(4N=F#rYM4j&?$=VIFvC1gN(w7Au&oY&1$)0@GD>c5tI+<>EHp&v1r)=!u
zDB?7hx3$Bew9uR3&TClFvSxLf5V$j-OsILqVff~pJoVkr&*sLO{NFjWN0Nr~*5@XX
z;5d7=v{<Y-%;Qylt8vbHwJ=&~MfkjbNrek#%>Q$?+sk~j_3KguQ-Hv#5(7!V!5kGU
z(c0n87cIJ>i+Zn;B*Ir(&1?O3UvVowrnux3LBwFXSn=YanD5pdDha%gR1D}0lfDZK
zxjhn|%e74qIff?d+k#_<K0V>o+p@{>*Uwj!S#SKE>CpX@w+xo@yLjw_YNv618wXtJ
zADDLK7Gvy!BQgZ|1^&^GUD^auTsyILU1xfCI%63+hz()=MPo8O*a#+#W8!wlRa$hN
ze5sQg-LQdaM|Af#?Pc3|*Tu=k`+Oc!8<@DahpwK*&no+!ot{XH?ZU{@u^OhkPq(0Z
z_8eRNhAl+5v>VPZIM}%vqa(i6&gn2*QkE5X`c3S3HcqzwZeQlw){ev?>8)?Ctz+Jt
zitWE<9X)*J8*qBCp!AKHN#?T83#$}u+yb*E$KU6f95Z0$7L2YCO(b2^joy=cey1mO
z!1L_XpGqRHKBFi1fwSk8!Z4pQlN!xi3M%jJ|Gq~hfiWM?Z!VK8Dy0w6Q<#X?=ym&0
z#chQVhw{b(DKsiRQx|rvOw)X)siwvRBD(rE{MHd))VNve8+FU_6N~ZA(!_~MY4qL!
z$vfvdObHutiCyOv?J^|2MG~(+7a`1$vXV8Wd+RVF^19=NT;n;$np2i^ad#zn0Gqcl
zZ&KZd(cNc#h=PbxJ9h}?kEP=d#-=K*B0Sb7Z!u_QO4apbN}H%X<*{Sq*DZ+lSRK`Q
zb+hQg_CjAulmAf{)9D6|c))S3nmarqt5XG?YU#RFob+9aN4^f9$=yHWg}DrI3wpkn
zAP$Y86FoQV>NxgBb?t03E|B8Qr_awt=iaS1J%Qj#Gh{#6P*=I;gz0`7Cv*5x;*IBu
zzFmKIu!TQfQ{~gPp2gK~RUyO}^V`BUy^eRjy->tAg6$JcFMi|m_co%Q6V~ayn<ZEK
zvml5R`IwSV1)en~L`>r5HIj|<1)Ci`vSV_RZO*tFRQxMrAXbU@*JNX{{_qMePtrDJ
z#Way@z&_~?K_){`9xh#g?Pqk$xa>eNe)A?r`i={neHO9r+~yuH+<xoAZ<d#Zd%PI@
zX}$TZ?8faJizgh{Cwg19u}`;Bnm<0}HHr4&S$>c60>z@{sABJ5+0sLQS*uS(xNu;6
z=9PivGHQTP(yL^m)>T2;MHOFq3_EJPqJo^^ozr;r#ch@!=ehO2>TMpz#P<F85S6c<
z!q=gY-k;O%8QT|xj(KOkCvC9a)1l65?O8&^FCH3FMmj^ZBFs}~DXQXStGh%JeDQl~
zj_)i6?3r5~Qx48lvm9c#_hbvcY>qdf$j+jyrz9lD+@x}N`vdhSbjvXV*gS($mmt7n
z?oKl_GOc>czettzzQ?LQadDbPGeg4q+HJ)*HZ5vPa+vK5vRi&^usS7uw?B)1*Hl)<
zdrzDYp^VNwQAx|B5k<-SYLMe5XAOb0SE8}GyQJ@(HE+@MT{Vr2<>6B9G$HF7B3A5;
zdr!X>8)z+$l$ZYybsS~(YftaDH8Wt$Oml8N(cfDeFZ?wsr!1lnPOvO+?JPgVjLh^4
z)II}+A7Ln>ogA4Nls3m!^48ibYiq^k@Dw_`wlTGWY*b!0CJz3a<32x^sY#UBiyH5v
z4^@+^)n_Z_XRq#2ZE0M-^O5Arix0flsJ~4sYn@SF;8kkOS4+N8xc058liL6JwqR5S
zW5)A1ocat-Eyj!bC8_k%em7&L1?mTWX?lniXlB^o!E)UoxGO0Y=lg4Rn5%Y;bi;yF
zm^;G@M#XLGr|R3IF7EP=6}Q`VSUer*yn19O=eICt;=dl!cA)A=9UDVF$q0Iec>jb{
zq+fHh_t_Qo^AY3IYAJlYB=@COW>(6ZMara|FD%>5<|srY6*K8x?UVkU-mp7tviy*U
zu>duFrDZLDQTx3@yr{F;?oDM=a-WXSUn+b?udiMIp6%pXoLT4ieY4*>m*A&Sjy%?G
ze1S!lRzi}Op!xkVM&~Km0L}*jy-g5E_nhAOJT<R%xf&zmiYEJPKVfUnDyZ&Sq?8hm
zPmpFDqx8i5%PF5(LK<nmH?&I@0b?ct-UQP$Es+FqZDF=Jbbh<b?B&g;^|W>~%8cVa
zEyP<V5JdI7U=d%DU}~L@+sS&c^{7iLE9!n-XB<<x_mF5Nc@R?|L%`t@C;Md!vAaFg
z?AT)AI;ljDW=I|#+8^!I_!3FP`z>u_oM>uf2&i@Xf3JU-C+TKOCor-}tutG%!ZlIv
zsqSkLPt+HmDrEgQiAzVGh)KrLV^SbFZ=5>!h*<Vm`-I7&iH<??4ezhwk(o4`Oj0Rz
zboZ@~+vaD7DbI#mX^A~TAWgk0Gbx#AIn$|NnOJ+VrmAtY=zg$<hEZ*<`SBbzN-37!
zu0%UvF4-X3r!Ph^ijroDG4R;cllnL3td~&Zd!s-qUgNJ}M+=qZ>$#nHh9644EIOCy
zD+!cKh)mT)TlvjNG<mixZ^kl6c64hknB=RSA4%pm@Ni4<o!f*#vu|G^bmndwe`7Z*
z9C!;EY*S)JDHrL@c5<b$3yP0xThQ!w8dv-j#k#gTTc0zCaU!|KGOSwMXVy-ptma{9
z3jetO2OJa5QERi$L`~!z8vXP2@VV7fQ$~aLz_I<q2bzVY?ax!SLz)p#3D>=SE6z~8
zd6tLytLtMjcgjdZr9IO~Fj4CpgNn7pR0k$6_5yzo|9z)GjPzV@Ih*SSt*eg#BQ(aw
z{*KXkY{nL$*Y1+ih8cvVp2~DROQzAnj5wE){&)2v4)>rS?fXSs_irwB&y+bg&+U?<
z8;I#QS%pa|X&TaFQE_GJhYJaq$C3uHVJIcKeE(r|U=c#K*OCb}0NuR@CAcG63>pLx
zwqHd@{jj<vV0RQBKjO?3cq|k*wkst~ge@T(_vRrEF=fMSj!v#pqHJJ5tEHmUP=)Jk
zM^|Z_P6JWuY{!+eRvac3NX<iEez|<lT`g}q>{?rjOFinuWz6-GN+ubRqO6?xMbOYl
zI&#%gzII%3JSlZ=U}0<g6qT4$Zh2;3f&CBi$ze?5x?Ee2IXC+cKen*IZXvQ$(SP_4
zPBxHc_utQbFGj|Uj(l8j(a$w1&?XN3J!D3AhVM_l6o~x~eaZ*Pug8bqx$@uj=-~UJ
zm!et!oXw0LL6Y4sna5&8`0sifO7Q*vH*X)DG<gB@QL#>L_}3y`&iFiyC%708ZdKcj
z24t-P_X)YrYwYqJESf0blPRFBhjku}E0Fp~hlW@>E|7Mu2<oeH7%w)T?3viXfS0)8
zJ2cMz_|aY_e+D?_(};N>FH{*s+^lyQ88K>qC9<ni3gs;9l4N>4PBvBWm+m+x+UExs
zNYH^wOnQ4Z02fzoagDYsnY*wI-;8e0@oGvpJ493bw9N)a`EVf);d8sY)K5qhL)~{O
z$F@pD|6q7I4H&h~Yr<8Df2XZdEl8fJn77aG$sd5<jzT}@uW?zJTlEj7Cn<(0`Txhs
z>gP^=eSbGMmty`@$hu1fFg-g!s~hjUoFIQbmU^(?UwWHX^d8TrMD`~D?OyIfx%}$H
zeWAB5AHTB~0?wV;j+mK`&wNi)S~h0d^zOfi+2!=z`kBb0fPGQtMd&f0<EKmk`@s#C
zNpeuPeD&Py5$+3(4yrj@(JwVFa^t&IpJXBa)_zE+Owa$b-w`8}(Ouo+S7LXHZsaG@
zi@T{b`t9D?Tm5!#&hPYB9RtCPCR?DEf~`o^7IXZdmF%l`B%9uozRK9dj6A@?;7Rjs
znFpTedHtHWXj1K%08jJrg<=$&b=TsvCbu~?yRkP#5B9#<EHeqdnzqc|fRaZYfV19p
z*Nlk<UtOd;9Xfb^#o=ksb5SkhH@2jhY=(;0(J~GI(!6YKd8JqU6IOA@l^0)7M+}e8
zR$v_+o%kc@X%5CQk>fh8=yuPD7?G6Eh8&-H6VG!IryE(U%CR4zmYV3DA;Lq+x7=Vo
zB$nBiJB51mV{V+xtI(59robeK)5aTd!BGv6>0Ud26I%LG7}r;SJyXi4H&dFs&V6Ao
zje`QGzv}l6U+4w%`I(HCsnb2tIq6^=>+Si^Ti?B>J`EKc=oM}NoJ@g<=>mMynAKyb
zOeTjzY&lwPF1y<-27s1rM3~}igema2(zW!5-<80zH+H$#nr;@|7|c~B7QO#@M6CA!
z2!*5?``zWCL<vv(U>vk&rv!q8L+O}18J3ki-MG@%PTGiNZ(=mwZo@9pFMVcmpW@O@
zm8QdG?zs+xDConN0XUNgB}4H2l-6&k>7hqaQBO`!j=D=tYQ7TZR5|pFrQ!9Y3Mv3Z
zF9>D)avzXS-4^QE7ehNbhOf<MC+l69n|*<&x<WR+^zps`ixY=SO}c?KNWx*wej=X~
z*<8qiK{MyblN)aSU^8r@Inexs^=DUdH}_L0+41MA`m4emrc5?O3O&}wuK3Qzh~^nq
zT6W#SrgAAaYy1hbe$U8)ktie7Jm5fatj4)~zH=~No%4$QSCZNt4<A5Tb753w+V2e2
zgAU$g1stj}&3lL9A$3tl9A_B|1JsS284{j1ewju`GGoK2>U@!vh&d&ir)}MRxEBBm
zOfM5QP$DoParT$c%k)jjH@I>d3bO)?`ycHR0J<WHo<2v#SEA(bk({*w;6*Jv;m$J;
z$&1)t{nbam*Hgj?>CT-hw=MxdHVf+?c_1Pszd!Y%4mbGN+^T)5@xJ#^lOgAgs=L>X
zV6TR>_hrfQBc<D6%yWU;AxYc@e68+1cpKwkK`Y%RxNl+)CvuhJ)Bvdut>5a1romcZ
zlJe31w)^vm*7BVn2lu;H2IQ=Y3A=F{DR1=LKf*VBfHlyYCEMJ5r$g{qSmEWs)t0!W
z;_{|fdxABm?c`dxr|6&2-J4b7)}d}ZS3oX6HBn+D{0*oEHDJgLfH9033y*Kniy*>K
z@W7ppIOlXQ?%Yh{6pE#nx*SZkSX7vKV~t3s<uVD1*8QCX>V8bNZjb|;)7Tp!uT{gP
z;nL?VjgKAj?tQO!JKlG_f)(aK$Y)r>&|<3*fv|?jm-Ox&?{D6CW2>|Dt*S7I@0Kx#
zW;$2kej5`?_WeA`$18T4O!(u}pIJQ?`>*;dTqB*f*L1}Fc}B}n4`uy1N_5K;k}}T7
zpUtPc{8=9?{m^yQUEbvi7vkW_Xl=Mnw*+Hes+J4JFpI^e3R}S+SqJEvv_P@j@rH_$
z)bEthuRCodSM(BPoIATvq=hy^eLM^}!N4sbLkTZ^K_-2<VZ6q<cpKSVdwrSG#e46(
z*UR=~_op#y9;EOXz4#&NwQAd5<M{2yhsOOMQA+e8$o4ruRb`{adK$&wr0oj9Qs{^L
zTT=V#oY&m(4<Np+K8}jQXS0*DgSAm07Ds!f%lQySsK^5_o8A)b75krnnA02}ncZ9X
zoF!|XFI?lwRhEEFNc-}^%1HUT-~L99&OCQ{!;2p^_rBY=LrBy3;17%{++F5mNB8{M
zS6wZd%~sPV9jdCMxSmI060$efVB3~8_-@xjdiXhb_WSp*@9uNG8RN+i8Ad)tQGLht
zIaOMG*nE0e{DZJVV*jvtcugCY<p>~e54Vw8*V&tlfhQ~GF=Bl&HIsho`9;QWU#;|J
zNM=Ud!n-vKEC1$*8?4A%6*R3?nwdxSB+j0WL$8uw;~XppNeq?UGWj42b*jYJ+`;`<
z;;CnW@uTC;c?qgyBJW*K*jnkwGwstzrIl1&%6~jf)W#}t{E*bb8YgwZW&IhZk`eVL
z5L0q7lb<`MuL$7OE|5$Q+Ej3$H-;P>?yhvnX?(WuFnDXPC;CvZUO8xmo~3dGS7~!z
zyV6qeZIn;#Lr<U8%FeGGN(Z<ujS$UEWAdi!MI)Mz=lHvXD}k1s3m0LUy>cK+yU}6s
zL0U?9;}x?-qZ05$H}5YGoSyaKey7xLY<rl8DdmToX-4f&pQ*+p&|w@BhELUDVpslU
z=02eEE_F05bQ$W~R;aj(SfK;C%J}m=Psm(w$SE(kVPcOo61^mE$PC6diwjPCtyI4_
znS0kV=tyy9?EQ;N6Ov4igX#v5r54CnJ1vd*tFbekZ@$1~W<@(sg|xA#X;)U{T5#(#
z)V+z?nPGiilj@sC24$uRz$BP?4!Sf;-y66VBzd0Y<_PZmBhm`nuk`)CiY*!FxTyvm
zhh(+;jaX9r7+;7|ABvbq%sZu1b&upxy4ALQMt>i+L?Y#k88!KywCgGF%2QsH6i{-T
z*!U_Q0816}1gAF~6>6eSCF2E%IRq9z0lPhItW-#%tEEa<Yl1b><jZKb@Cd8_&~M1K
zsY!Z;ta~JvUrGOQO?1CiC0^)he~v=Pk+wh9&QHO^&h)$T=<emXsaAn!C%^qUl=(;K
zAKY4PqC|VvH|OPnyJ)hqLrgN?3VGjiw+G9gj&0c1mSxB(ZPcONz~(YbT+*J{zOifR
zNTx+&u=vKaV`4&&MM{3N5-$O*U%c50HBRFqSBTfvd~W>ki0Bn2_LpArDf!fLi0<Pu
zeO<$LjkK5Uiha_QNrdO5>cKGa@n&@aZYG!W=499G?qbYi&siSU9mD?Dz#Vx`HOS_4
z%C;#p`LiKBW5dy}cLAT4%{crHVWICle~PoFjwV|`jc&CoX*x$;Iqmn}_M|-Uq}Xlg
zDZjbdcg5fjN`|3%3VG$Eqmk2f^=9L_k{KH=g6*6^MIt^+0*CD(N_|1W7?g6BW7zn;
zBs(`B@BLVGmy*<#kfE5Wtzp971sXD&awq(PR-iA+SowQvyTvCHIpxddO%EoC1baJB
z@LN+?XvJKz5f-adBdohic)FAHch`>>9sc=vShe2--pk`)@cH!>F5P}BrG%T>_n}m~
z6?GDKzDHbxju9i(r2Wk~ec{}gnZxjpRt(stb@OQJL?Mj9VcWEVDaAG1H(zF#nMaG=
zez@QndcTx(qn|5$AN6LOv6(!zZI58%=d@<{!S+ITs-V@)1+6$47Ry?8O&sSq%{@or
z43Si4sXFrQrBrj}LLsug9Y|c%*K%TEea9KFdnCSz;GVpyH2N&ansT<)Gmdlew&wZY
z5<vWS67t;RZ(UQb{moEQeLM82cF_Iv_#Q5Sr3;HpvM<XU_nv8F$w*J*7^HT8;WIXu
zwsJSV7ZHI51k=m5a6(=8VV?&=A!gZO4xi{<O!}WYHx<3uS-UsWpwwf%;^bkmY3kK8
zWVM+ruJK&ty7V%|Nb`bev-qu&dsbIjPn`v&bE!W1y>4;GtC%Ls^<1lKl@unK@6B*v
z>wG)yB*9;FHsTYq05SdLFjni)^hz3YI19@dJetdAt1e74VjiNe=qt$rLm#F!FrLy3
zVDe{1M~M6EjLkf4Q()hSi?T7aYNa=I_EG!Fne~9o#UXovn2J`v2_bV&<XZfrqUakf
zcqUXe_!+%eEE1-G3I2NWl|Bq>g6Aq{DA#hGQFQ3cqgGs0lqk#UzE0=&^SHJ51l(HR
zOV(~whS0b_p`L5?d=&95l}U=M3^ok=jJ2HdUb2Ci4)J>HV}H{rA2Z2-$R}?6wdFz?
zBym_yw)cI`j!*jJZ8u5iT-w{5TsTo<wa!ybml%KG4;vECTx?f8Y3}%XK?-NFe@Qc+
ze=kn<wDwu}j;B=WzQuB6uV4WArnUe<=0@N{Nt&HA6eX3ASX7X;(oV~{8g8X4B$_3c
zKg5Z()3CbjOmFfyOqBg_U`eVe0Q?^3cTc7Pi^K;P+ph{}TmwEc=U=kU2R<FQhb}Qj
zhA`3BKKB1^HtWmyn_L;KIAOP2THsaNlckN^=m-e((M&uH8wz1Kb1mBs&;K^;3-;!i
zzRm6<PDc5Yg^@ue)a4fI7-OIFamBB(x9TpE49md|WK)JlF+_3zex$W#nj-7<D4BQG
z?lxsFa#H?a5wW$==#v|DmE>hCj~S;EEPXgdxwbXz%f5SNT#hN%dBeQCsmb+w_$8FC
zvZ;Bh1P10Y|BUx}{;#bf@&e7}Ij^%0LQ~{~q|liK73HSMeC;hCM-{oR_IQ1aXIU=8
zZ3vEU4M53%56J253%FKlBlt_ZbtfXTpr7(b8K;l<G%4N({1A^O)r0xnClr2Xk|O{s
z&eA^c{(<$uE+j!C7&V+$W|Q<4!&o^1Cx`R4_auXY^5+*BTAt|r;SSWvTXff4qJ$_f
z&z=TEuL|14y?esEHP1P3RDa<zAIQ{)K{|pg2>u<-LYtU5WLGoXk1iB}+w&N9bRDTo
z5ZMMk-g|`}Hfgq|=%5PnH?u0L0((&_@bJkY+eOw)M>?Q)YOd=JX#e9Ha5K@uWPI*Q
z{YPy$Dg?<pKQDNZ^N$Q6kpdjO(c^>tPdFb9M+=)2xvr>yTpYQ+5B#X<v`vD4*Q+1|
zZo}!><M714QoGy+0Pj}eS(<;>v!DZYef+X)j1R+qUV!t2?0<=n;AuSV#fLT>!vFCk
zB5-cC-6dMJf4Y1td3HZeU$o6%4L?4}372gtU&PhbwYrFlFoqtzfuVcOO|eYwDTNS*
zLIhE=_L=#%AFk1MyQ$JlEu$6Di%2$i_AM$JLW>k2kCXtx#a_NQG0MlG4orlTRq?m}
zwegzng6q$FbYjP<XWvpdVoDwSd~yS7GYhTlXOl}K4@cB+NNMm#bV<Y-I0)x<7vBa^
zM{4XuPHM`BHuV7Q;mDooRZq03^(amkvpj#=cz9_<!R7Lg!uef_EIccDtswWE9Gfos
zf1}qT1W)+X?i{WBzbDM$l*=KO)}2@Rcl?w^E~iFAx1Z#{>5_)&SWFXA{%^PmV7RTH
zg@peb61hbfLWRC0@qfb~WR0u6$oqxja_B!U3Vwk+lV3qk!oOo4WWLi1vRVF{Z$FsN
zeqrm_|K^JZ=BxWM7U8DiG-#A=Gw-p?BWSe#{JiN1SPR7I+Du)~t`zf_)(V(a`xKi^
zHTmm3DAq4!1J2$|7D|wW&{)<dAV=3{WbxgSC<4}r$Gl0(?3-6)OOy^s)Xq4%cC5(q
zGK_`mSzd>-mO|WjEAMb;aX?{tsMuz8HaQEAVPq&x#OawU<25q*scI(^@%wuvnwHPk
zyMYMp(Eqzc^jTrF45NO2Oi(yS$@5YM)as<mc7xPMzT5N3p|LB=sb7+LjBY^r&F1}U
zA^{VJXpybscLJ+2n@w-}ARxF;>EcxysRCE?9Y!m1?sPxBu9kd>{RyX*$RJ=;V=w~n
zgQXz_7Kqx>-kSCP#!SeA=@>b2i58P!D_pK|lT05yPP6;zpyGW3j`eG~x%u9&@5Q}#
z-|OF+Hu&gBc&)ya5SK6y_{&kDfahbPE{xA#{#x|Jt+cJNOcp>op3&)~P{>9sov3Cq
zPVgS3fPHV$#V3di!Q2b5`^F@yC&sFNrt$ZrZrK@PfT-$|;l{)!0KikG0!YIe$dk#}
z9#QYWqR}Tc;3~(sh?_3yt%=BWCx^Sb3;f1!R34oHe)<X8id(lZy(9vXl&gE5AZy|U
z@}q9=P=B|4V}IIG%DCJQYEQ5-8dJ|e?gY3P&NW~(VHBJbcs*6`S)8YtVLTad<fNK>
zDf#A0?W=x!s}}(cCIQEz0*DjqfYsu%d9gmPxe@Iq2)x^AoU4-HJJ_P7m+(*l%)~)*
zW*bVxAc6ZqhW4is2VT5fEp8rxK}XMsWbpC9wmJaz38K3n<6E6%DI~2rWA*r4Y6laV
zWrIiN&I7;U#3&nJ+M6!UYAE%x4H)7ie5QLl7+B{PZFj*~;9BFqO*FBEd%9JEm@k0a
z@MW0v|9#7P1=MUVL>IL=pRfjiNgdc4MQ@D@H@NUwAQA-&kWEL*M7!jsU73HUp2WpM
zG9!15vHFE>5E=`=Np*>7qu<beOMaZ*k>SDFdf?f3slCerE1TA7R`(K!%^j|d@xA7m
zh7WK}K;6nN!2I#!2iQpXI(R+D_*lOPI6HoOt@ub<dG9v%=T(RU7l0jRBJJ6`gkm)=
z>16`3MeYsD&(ta=sBoWUHG3>2()v#Un<9W=R&y`o6|)3Y>ZMdL&KSpw0!@o(_7d~_
zeUN;M75yWKnVy1wpm+(hcDphr2<wqp_|Xz8DL_(oiX)ZyyGRsHV3x~?Ls>sh4j$Su
zWUlpCx`E{Jo2ABjh(-r{;%4!dV4#fmFVnXwMBAreE783YDi(OSR2X81S#oGzX&GkB
z8~5;Zs~tm;XIX(}kt>^?=Y5-qJVeQ#;H`N=%BuA8MCCYVR5?Vb8`4@ND)<hc^ds6w
zgD-A&#Iq>;1U^CtTt{3+)2o)1YD_hsmm*F_>#8%qpf)a9ROVz>Exf(6F#I-its%2y
zghTU9B&#21^`#XE>h#|t2-t-$z%|Jr4koo!86J@cL`naWvG|idB}pUG##g|f!fyEa
zGl?GtkP>7({q92Mk+ASrhE7g2%WM|QiIC_@;)Ef{x&y9}n{n<jA}&vz%`q~!fA5vz
z@p8h|*^xg|d;aiUCSaS63o0L|H%p3$I08QMi#es#ADh_I3oYV)>Q``LDlee(ZW;P!
zT~Iv7{Y>RKlDk?sAu4NKmXgDG!8m3G8j8lB|Gfvn-pfI7j7|_^K0(TCtL=~d%!>_z
zmR0e<d<A*-#|Q>Nd}PQ-;PFD`s;G}hvOkU&mfBu~t??dC#}l@EOwHONen9QuqMw4I
z*94_t1N-i72y6c<J?`1Mz1ECRUy;ylaUJ5eLp6TsW3pg~et1-qig+?nkZ5u7;nIc`
zLb~tB;L>mBY=KS>;)gGr-=Y2+*5xpWV2OCkvA#a{F9}RXL13mzqmF5Ioeejwbzv!a
zORP*Y^HI2jBvl-V+}9$ZijdD{y#+<RKg!u;ywXZpTTvEr=j*_;0MA}9VclfR33wD$
z7Y(+VBB3&~M%tu|%tvhrg*G%3FyhSUl4RNa<CQ~X6$ilNZGE6J|ESL2$OeWcRpz%x
zGZ5w9DTm(fGX-Hz{0>AoV6(&7k||=Pp4=hP;y^AC1$ux<9*evk_B~Q=FlRMv_e#D7
zQ<}K@e00JI1o^MHhd^>DnF2kIgzi5YI(W_yD?@=snk9XfnClA)UgMiWcYC;Qz4J;2
zXIPOH4iSAk1S+*^$8UMS$O?h4<vg*L+;EAJ^<sa{4KUzb)Xola&9tE*S%ii62_)=-
z-Y}dO;9^U>sLO#U$N*73S6I!w54+S1Ola{jkoG(;mF0c!jaOf{A1MQy$DITaNxFbn
z{4nSCNLDgNzV0fLU`3!9sPV=06ApYIiidE)zCRO`5#ji$mdruB$!j0iMG9b8)xi*u
z+kh_7nkjw%4v;}x0AJMsyz+r2kPIx7dahDTo>`-xy(ZIz<H`H$MYCe-um#<g2H6qc
z-|Bdc)^OP^Zk5?$f^_$}uJd+-d5_*WPnkIZOJ;(Iyi@+aGsvuQB_)VeYP{FYzE#|Q
z*pnqY<($c>nXc_6^LxU*i!o1`v7U9dTl1FppX3(w9qN#^$q>dp1vFv?i9Dq_F;vd+
zYE|FYk0Y#hE$<#;6Ou*0fRs?I)B%3NsLh?)nyCO2u!*rlV2_6<Ij3|ck?mMQ{t<Wz
zsnh*gxBZRV{vTI<Bl42VoRvTNR(rz{P|!mkWdcu+-N3}?yIfRwlM^!|a-z<?8}fAH
zd_L<y9T&J&egsKDa^&$p+DnEEw#>F{DBz{}?6T?*{=(?Y6CrE0i-r~1*|~45yD4)g
zCy@O|h;h*>_gST`dh~pyPnpZid!_st#?Hlkq>v`HnGB*EHxJrhjt6m}F7T|09@5Zt
zycWgsze&h^U18c2{Dfg3)@ZN$oj@#2Cu7@gg<_)U)@Y<B4)r5WF!Ef|FL}9~7QeR8
zmu2vUXkJQ?FgT%!sCDdMtDC=jy7l4i($h1gci9SWEI*v{1^zo9T#-V4JGMh<uNyWm
z$3yM?2`mm;Lh>tjf=qhA*~JdjdA^&Il}DVGscHJNl<<5KRg`pJtkbr<NVGO4UaEH|
zE>rQ`?!w|gZurWiIb%~-%S-a&jnC+e7}4@N{5~8a&XXnA{6N%0lmgbGa;brtR?`OY
z7R~Ltc`MBcB~E<DfvX3nN9$NCm(A|4UE$PE_JnA>fe4&fk8kBNhr8H_0*850G26+&
zRQq)k6C#EZVn;N-De8adG1r?V?q2XrVZ^f|l7Y|5gZ4OV{`2!<oeN6gi<i@7{Ea_{
zAtdUQ-EwNVPz4uBM)>AzCwDnI<^1l-h}OoKVSC~A=lXSff{!~TLXcYh`#bNG`ELc+
z>GYU<BrG_G@evNC9&%=OhNec4Vyt0dh1*<LwsWJ$1>)gHD9d07WLHb0N%`k*OJgd%
zHDn;x(M;jXcmUbWK9o2`YNF22x?BM=*;iX<u*gYtt%%OAj+7X&LIO{g^4(H_beIq6
zRLEsou6*fp0*v5gG!$+W*st*U8?u!)^<LdfpfZ1;lN_A9j~JL}=dAdcxX(x*%sonw
z+`1Nl&38!2Ypk+9**MhcsLSIt`wP>@xBuWaEIJpN;5%iZ9O4Wu7JxVH&(~(m>oEj<
zPtbGedK-G>T<si*126Rp<(7*hx;wb9f69SK&4kNdz=9q@+Cq!3Q6m6>SS$-3@W82u
zHc?Ir!!SEyXrBNANiPHv?*O{0a8iyS#W>`D*euRN$S;0_T6006M?Qe`$e=@|9|Eb1
z2C_`At@7}D3>5R04>cj?pUV6ZTvo00s)?hzT+}g0Mvgi-J$+W0nZa<z0dj`3)v!Ph
zYL#QFB^Z#rZy(%Z`T^Wxp+?YwS_#98!gt!R(eJI_Rc-140f#@~dRpCyXOQG_TL5bH
z(w5H^e#WmMR1AWDA42)>6$y|(jg*_GKu%Ccw94X#Z9(Bi0B#JU;TKsF%Db0np~c00
zSoV|TZFu<Ehf4lnYcBuJr^MwCGQ*tL@u9wwzZz6_q^*62QBaYYB&DW&WL^oALVpBy
zojHJu!pTDeh>y0ZtwQkK7uTQ`W8dHzZbE@yku8dfe^2s7T(Gy|w;FUialCeF^!i^`
zC9Ou^^T=Bq0#hKyf+nctcee+|Aqe$e1J1tN(leQcn#L|1m8^0y;wE#Ug<9Z?ankN1
zYV^nc?b=n$P+_t`uHr;z)M7_}EM1NyuVO&9CXHdXS#x;WtGrX!V0&9WgPdCMJS&;_
zJe>GaMTiMb)Q0axJmcDqGQu!kwW37h)`Y24g>hCF!H;>(jUIUd$!gVJW(`uJ3p3mq
zlP+2BF&}!Q^xt_5gHgN0dsPytM-cQ*0CRUcsEg-6JbDR^_3iM+{^TE6C%2&zAjZ6T
z_pgdBhoO()Q8o2`BKXb72Nx5n3F>Si^?%0|=ir`t#vxuXjmSri8t`WuS~4<a$Z?P!
z9G4D~z4?!CcrOQIhW)Z9@gE*7fl%U{{4|>ZS)}kG!3I1kAZPs)4rW+fW;+P$TxR5b
zglx*#rnTX@BSd(Lt(`Ey1elCa_`<Kj6f#)jY<_+U>LFDSUq-YNE-13)%zi|qta}TE
zVCc60`jQ0-ia3L6h6|Ywwp7102R1Wk<j1gC{0DYf(7iEq3p5e{`n}Qua}LV+!<QrA
zJW~KfP5}J7n~swZ+7B$XJ}AM(Pe$jDz;j$(nH-+@KRlom?*AzeUF}%{Vdx@c!9>KJ
z9gK<NK{k8zF@ZHv*hUjT#JfAa=|&tHso8^997nZ5lH~xCS|Z|?Su!X$;|1q*3X~G+
zV6@JMq$c!W-{q>zhEg^?!*pqjAS!8%R|_l@Cr7_i9vp0`Ld!rNuuZQab$e>A442M<
z);b6U+R&$ggTuo;n}^MA$KMuW;>x!G*Z()cv8k;6;0>8Gj<|m-5UL$=eIk-c7~7&P
z=Ke_xrO$|z3i{=__BycSbUhEMbJY-S_&s^QYd7$4$IchzR_m4^bcns@m&V=}^MDuG
z<mo+E*vh}tI3<WaVlo6nbpo(aFVDO=VEGsvRu?z3gl%FQb_Uh&`C`ADEvFCM%b^!$
z@^Cy31L5jWvd4;zgcKG-q{UqpHj*qfr5fteXR<EE5fX14Ml`2MTX5WWxV!;MW0VJ#
z2NhvNuR<8V1o{5y|5RCYwLc=a1_BZCgx%FsT#`oPxAq5JgOTRdj%j^Tx2J#$Pac^D
zxkJctR3MluLSmo0Gs}OB=rc|xK_EIK-s47Dc_~UfjEk%~xPS1C7Bf^JHwrXpYA|Vp
z?zoH-f9Qo;E*YP`%;V>}*0iT@*tzpJo`VH01tbStO5$b2YdQBmg02w+O$lRvDt@yG
zr>O=^Z}E_3sg<uqtipGDw9O*Cr~D1R9nM5BAtLc-BX&QN@o8jKmO`#DHLkDI>Cze=
zM_!>MU?U-fVX@V=Nn<0qijlg`r}N^PHv9hySI5=7ai!V=AaQM)?z$|ba2seQa-PLi
zZ2(rae}?9}6y^a~&Qf8t9=ro}o-0quPQU@eWe^BPprMAq?DLy{SBUra{B^yCdGbi!
zmpC6}NN#A5^I>>=kBH*gW=F>%u?5?%afU3EC&9J~9|dh>?Z0wekqv|z^U7fplt?^g
z4Teyy723!2VilY#(8?;K{P{UuTo<u>#vXLL0|Zy202eh61XP1BI4)IIbm;hGt^~io
zu$J6<r%%Kv^|D&}Y`?12T>Nx(n}@aEpLfq=7Dp|5NnRBqh}yHBC=|UCntT8MMM#Tc
z?gbM;k;NEV@u@+HVUB+HY<9C$r5tJ0p*FU}IWC;2jf$B5QWH_%wYMX8pcJrY>Z5P@
zA?4hfMR?k^X_Hmsh7prHilg>;N&Y%>n!1*8n1l`foGAE95o0a^qtvLp{s4s}+4S3=
z%|jLcQ0~4~#!l|kgYB5ri8@`gz?0oP8_IC{hPwTkjDGjMhRpY98ActfEu{WZY|#*1
zEAY`v$Pw$qnq}GRC#?5PuB5O==l4s#pfSQDi@c8Evrk+=u}b-7bk+z9mccz(1}@}x
zPh(jHpjV(~p|ef8yDyO1BJ`w#&N;p_upBRtO17PGgbWie^f{VyIlk!a`E@Z2{^nz$
zk^5q0dTqKa&h9()Y&}B}%Lix@S^-ajL^0?G{&TwFvZ6OKmxF2JHcyz*la@e;<i6~G
zf;<Y(Heun()&*SYj;I&?o%>iV%fN75i$znEaVs$zJcDnZb%vPyiRU616bBVK)*X0A
z3Pg*HKr#<=5sGU|mHp%P6Nvs<6n;`ENH!p2mP^n=BO#8+fJC?&X@sN`9`gRUcQMx3
zCHFl5VB~gZ<-?7{Qqjz6x`%d&?pZv)8AIGtsj4ub0SW1d6gT4I(S6*w6I}7O9}uCt
z%Wl1618d0B5)$Q|r;e1gib#%W!kf;|JvMxZK3TH?T><J~4*dzvp(Z-s$I4tgI-z|p
z{$|J3>&(Dr4nnhv9$xWd>9EPk5$e)E*p)0&2r@57@=53QDeeO?!B0Z@7fV|NVx(r(
zyc*SATnqHC{O2&FWVX<&EbKR#{*jG`j0qHI%od833u~Uewbh3Be^O~M7YWj#<2coH
z3;3f6HGXhz@qowobR$CcBNza_$13_o$TQjf;EDT_IU(#L^o>vTRY0mghLGl`tzi@A
z4^eR*s4$tqb|c2W`PT~fjs1|?#^(7F=AHE1-$N47f1iLE_As~*vq_Dx{-yE_MJVc{
z2xk8)4Tyv3MDKlsBzv4!(ZO=A@yb}R{-4=b!OerBoR_E#L-4_WmYoK^6qYwANUon=
zmcJy<Q=&MO;}Rr9e!^&E3vj_de|~zh{Lthb^A5O$ldEj{#$Hkmi|)c44U68m2CTm=
z2koDlBbXerVgv<`p|(GgF@4&`fVle!ZV<PhA4w4n8|hB~PZAF}VB_Ihs%v9!5x-o>
z4nh|?cPcyrTZcA77<3k?R$6{QW#BTzn}fnQRBHV%r4}prRG9()&kllYBA7;s%$u85
zzrPc0wURJDS^KPSZv7)2Y+U$eG|#2)dm(N$1RRGGGnFk9tYcFz_Sd>vc@i8oZS5Gu
zA(kj06!YQU2#cLj%HDkOe_LodENHGUhUqQ&#H80+R4Cs2?=0#BA0ZiZYr?(n6Zl~6
zoE{$tc`RzPn<1V6j_c33THC>CSCtQG|Bs;zaL|x1*uZqRzv5HzB|*m3x=t$RLd9d4
zjoJa=3kdrB(nxvMrSU02=PM%P=Ul@}C%dGebqVQs6S8PQ3oZq6Lr=t~`wM-_s2>lI
z!Jd}DAh7Z`?j(w<cRT4W@{X`wjzm^fqEa?|H&M_^X}6VLTInrtH_5QdX=#1~Gas`G
z*_<Dm_jE8aq35i~wC?rJ+PFdf+2Kk#)?~1Z{~>N{j&22L@K;_Vsdd`59LSMs34L&-
zBNiczbTOS${1)<Af%mc=i}3_>A{sH(I%2Dvo;?D+Rtn>fU;8IND(r{eDPwJKRP?;V
z(5txw-Q(}=!>j?C!!bGiCN)mBG{}--dyHnf?vlI?M8@ZCtDA&WRpN;IZB5<-8WQYf
z^7gdS#aP6Mb<yUvi*B%g0<i)C?7$o6R#(RLA&ev#2yYZ>GNcJwg_oGt-H4f=*~$XP
zVOPhLpu70IlT&fC(2Np45IqN%k-oq2CSRO;zNkQ7jt+fy8vSqcPc}>bt7+x0p+OtX
zaD8)-xI^gsF#PU%&y|V9_xW)Hvey{jI}uS=${sG}s@(+cW2JhT-tq`)fw#CMbIzj`
zR{>b&Uuy=a*|i23yP10&1g#9onmR5klksybzxC$9?D(T@d8U`&pe!9BoCVjwfcKRG
zTWA=6>3HrDR!q|}y2;yH;W?Dwrz0m{5Gqvtsq)EC;Cf;Oa#%lVi#c=y0|Cj*J*ni)
z(6<%MBy09-s=1tU{&tzP|KZMHgRlD>FE!B6(^8R_=KGYP9rL-UvwqY}JpZ8OCX?yj
z=$<!E&fy_9`S!M<RnRVOh3Dpv4@x-L3``o<!2jLi{rDU}{wvO|?GzjN>H_GItZX~k
z(I=wt<E|lcLQK!W0^}_p0slubq3WRW8+_;Oyc;aZ*a;GS@%*y6&kWW9P(?|SjNIe@
z6ZXd9_n`r&gvat%Ro?J685E_fVMDl6U?<tDSIt7MIOvpzt@<T9ozFt;hh7!&41C&$
zMzx{uC`0!OAW^I?wV7w)eS4fT+^{$1AY|Dd8LAPtyb0vA4ym5-dlRww7)THtAS4hu
zU+ww6iSpqUZ+gUP+}duc<wDij(&wcz2KC>>X~c)Hfphw{{IQF<Lx((nk`;{e1q8~V
zf8+ra{RdsWP=qd{T*b_}zt|@<8Eu$KV1u-_0sHUYRayp6i}l_f+ppdJW`RmzbD35Q
z&{qD*Yqo%IltuZumH#546~Jbd0az8Mf4?2e0igc>#>x9F>4wc1hJg^?$4M)?S9F|k
zhI6oW7a7JXN+<!D3FB>qiS#;-xC}ooJ8~Jcp8R_oHWF(nE4W0_qW&d{U>9I&BcAYW
z|6yHWGPwYgD%YVKO8v<&Xn3JdAYZ3@r2X}2LmiL?$6bUiKmKJB=5%<FnY`|X|Bk!h
zSmz$vzmy3$4;XP`&Rg@>|2(%Gh7LSwoEv6^&%exs3-r3b*piU*zhlV0kaOvRKKzx{
z;^oAkHfU2#@%`^O38@t((0DRYt8&@UJQ`w<`)jna?ehfKfM4zd0*mw==Oy)qX?cOT
z$n}nS(orQ^)Bh6@UD?$723WV27{JhkILNo9@DNY(V=8{W^@i<OB$Pr>nN4e7IR#I4
z9?-#v_x+;L>%3?NN&OAJT`+=lL8uuLAMFFl1)}B1$6Vm;5WBrq79EVYDhQZbw6dAk
zF*b1>Cu#-F(lb~A1~N<g?ZhiH`d-TnIJ5&&U5l)w_YpZ~-v2@3Ks@4?ohMBJvgK}#
z0<cAz%tSzk+ABA$y8xEQrvP6$46(@}ZvNFDISVcX2jR;71g4lt+gOrq3@oFFJco#t
zJ!{ati<q-R#C-#A1BH#CoU4aGgsaYVB@ex1U_Agf>m!7?uZsbYc?Y3j7Wdi628m2h
zzs&R^xOd}0?mFns?1bS8LC6FQ$|s3IvKS=3g)!FzpEdh#7nGd1Y5wO0px`q#ber$F
z2uWU_bq7e?BLx;<YEr;3UZ3A8qjU%`<_X2c8@Ljr)ZeT^&A}=7?Ty_N5R^@gs~wlT
z7?Ej71PL?ia)8ux6a`2#fCAkJNNc}B5BMK~6qsyb8So6)H+?r(91s+Pu3QrY%BoE^
z_zqn<f%*7kVD6u<zd2H*tDNb#e3AVS)a)1i?{sE~@Ys-AbcrBMA)4If#m8J#mMt(5
zP)53eA`znneEA%NZK|*12DZ?^PA~JoaGJE%dp#4O*g?3sc&pw+r?AC8?)))~-V*{E
zAr)W%es1^4rhsS(gt6iS>uy-&!Pk)57=u=e1^s$U(S^9f+kA{=etkg$eo(krgDRdG
z5$zv6AvhH~wC!@BFbYCNsf<eKw(B^f(iSe%DhBR*DxC;<VvKQ7;W>jlYw#$`^qmA{
z?q6Wcvax#qp$zk0f&v$mlw=MJ#G8|^t)nJAj}RjC7;N)Orq3?hwX1$%RQgbR6@!ww
zg|rciHke~HF6fKmWB{*x6ztmv&;fIFq0NVE<0=|=XJvgRt2R>*HEdXmivS8uUWwaA
zGvKm$IM6HyExZ?wmy<^U6_C%!o31Uv$Qhi6JYN`NUyLdSShf?PVme|NSn*v+MYXHp
zXdvvT8!V=vFTyN%Y~g6Pem~0Ta0fa}KV!BPA>88Zh)N*X1W5y~SR2rMGiZqdCQrGt
z#_)MRJ;a1{h$oYE0#8w7Y;u)aB&5h%Hw=PZixDG7zN#K%={!}PJI6-CjRe%e!4jKM
zT<z7i@TW8oFGAsaGANQXEa2gM36T?%;lx+G3hx}1<)Rwb2nt(apZ>40H-Q7KateBM
z^P;SMk$5=`v2T)-mXSHQoiu1v7|#EHMtLFE1gci>;tr7idgY`aim&PBsjvV;{{&g6
z(C%iD?3KfC#*S2>G%^or4H#LKqT@@9s?<Q!x&tnSSJ&4k>SnL-vLexzSs$-GuRpgE
zSac4MAd+C&cR@{o`e6>1b?D#qDKW#ZE*2fD0Q1;?1@_wNpGRgR!NU;b-Vt~E86Sd$
z--Q@@5f>Q}0MDJj#Kz>mlhEpqL<o??K4nV3qZNmS52KyPO{moeVT9%gxu9KK1DYo?
zyjMpBuTFyDwFzADnp;0Vu_7(p(KNzJmu|jfh7I);sE-jYtMO{5R}Z0I<bMdE?mr(6
zECV%@Oo(-kA|A4J7ZgCz?w{$P%8v)X^~(V#sPb<rD>3~xP|B{xHsLp4C3`gjJt607
zko^V&G6#x7J?*_I*e5AS9|7{d39wJNNQN_*dzKkizR<{!(96fMc|$CLFY&d+NcV1U
zdXe|RpJY_c89%sp1y=`a`n@xFI>;W}!Mhq#0hm}G2^4RMSu$h;n-G8nKZOmtWNvf@
z9&al9&ZpV10lL^4wTc5@h`~?j0}1JEfi~f!c(7jFf;__suhOWJg2HgCQ1(Q%?pXq{
z1Qi5igC)VRpx^1a<gU;&Q3tXH!W$q>EF>3kZJ`DJyM4?SY}OYjXP^RKLlZgDD!puI
zk+)JFE$5^d99$3<bZBV+rES)3h%%N_kS6)H0LW1Q)2Kd-m%hKS1+TSGgPd`vKl|z+
zxN5Gv8nM$%7n`Z-1w%m!*wML8k=6%5E!4!dS5I2XU>QnqmrsGAIuW{W%R5V`@tn^~
zJg#kK%236I&^3BNE=TmOH*k(gsVtZNDRW5Mk!f?lEj&J@S$OY3GQ3_y6^ObyxVgTK
zRo*06?9)JerLAM#f)<l132f)!$<Aj%@GJ3^)>AJ8S;&?2-<Ep`2!r;PWjkJua*JR(
zPOFj`QqgYC%Yw`J?bZeGJt+T`oB?uNypb14+sJWKiMg5*Qpy~IigD6<R7Ul<Nn?M}
zRb^lWH7|Vw#fEvdGj601bsW<hUoHVeuW@OooXwqone4+NgcS^D3<-C`su}(~fRL@1
zPkZBb1buR*H?J1r$`cpV645}yv3v--{%bGvkZ6~AUISdI*0lcvA4$b*p!3BP%qWG+
z$>sF{;4ob|+`%Dc#5LWQu&r#V!!;BDe~7>jS%CV8^sHR$ylQpr)kEK3G-f#I3pAit
z7Z$MeYywYu<6UqPX=JIyy4>KQRpIugKEKBcfecHc%m+Q451fvQg$pcOTtQZ{zjL-+
zTz*LlUkc&4Q(%!Db`3}3j00ytcjWc07PvS-<(%MYy9L7YBPnq5dkJQEL5<25EZ5UJ
za9`+Q5Fe0rbq%hLP(*Bfv&s4dJ0^L<k|GO4K~LI=Y?!|D(HOfpQHRVFt*GckK}8Fq
zkIE@lvA=5wU8OvilT65bs05ryUI|SIX<2kKNd^{%6m!ObQgS5uVMQ>|Gu#{Xh1J}D
zH<@<M@)EkPu*-s#&Ru5t^|#t|*WQzFLIX8d-xv2jX->%9uY-p!gINtIB1`>6!39Fs
z_C*@}8qlvfscBZij7VI1oGdG8l{QoPJ9tfDH=Xa<w%oxJ6`<_A8ZAH^8+N-j6yA!#
zWpEsdM}AW#wT(&KE$>+h5eL&m2=@J%#1AhC?~MUFUQ~CgolF`neL8y3jZ^(1R~Q&H
zJ>uHw0V6ySwwnu3<-EK|$@8@Rg=~q<{_%F-kd#P)WICgE;8&Uv2GCZ5w(;6a`mOF!
z7Oz&yGh86niFj#ok8uWk3`r1RU(FgyMOdX`c4A1Dyzj(y0dJK3kjP*wgM`a;OLiGG
zBy;{~y-64ASsbVrCYQ-IlngWC9w2x~f+KZ2T=WHK$6b;nkA*@ik?}kT!fCkR!f(ZZ
z*+90~j-n&`@pzZG#(7Gg)%R!2`Qyc&;J^}8$y>t;i>oC!Q+C;cQ#s;$!py}YBEUBB
zGI<gpj+f7Mqed5UL|c4ED4-V-RzNVoI-Rs~(GO+h#*DJ`0&$TZ#Kl6gmLJ-G<Rf@Q
z?Zu3#j*{D<coqye|9e4+{wmsqsT>6y<*#AMh?a?sKB>GO?RAHjM^0`kq0(>H9^X)b
z9QKOJv@EFB3(0aAEX>)8GJ-Xj;n_ZS|L9FJaDD$5GoUI(2O0fb+ajUmX&06)6|8tB
zbRI^S0sg!;YX9b&5NefcD=5O7bh;7ae<yF=zF=XHfI}n|9T|n)=5brVgsg%Z^r#QC
zq4T2;gEABuwLID#5;m9bK%_!n0N5hg9Anf*Lf-QH+-4IdPeWCAx)jN@G%mPKbTD8~
zKG@|8CCR-F4jl|iwwCb~o>8vLpT<y#am|OEKJ<%0WK`6)C)cG-AFORyk@*lImSdvl
z4K68vV5S7qDv2PXSLEEis(B%3<oh8$r0s2Qu^*kxtImzPPbv7#q<&ae$wAay1W2Wv
zBCB4*5-d9Dqp+cNJFx5scI<e?-OFhJIUb?Jl-Jw!tux-MAsi&qj98>sOu10kruHli
zsaisyYN4P=Q|=*E$&k46L1x}K<2(oYeZ*5!_1*R@78E$V{kWGwrewYfzX?Suh>o|<
zAy@hPbGR~0O377F-D145&x^qS)ws?Mc#uV+!}q9d@8}C2qk1fvP6rJ!5PXM1Fsc}L
z0ULTV>dk14{ZN;)1S1=Q=~a+tNEGRIllser(wl4PBXCIus;oUbZex3L43hiEz?1#I
zDiZ#ynEr~}a5Ll+EC2;(1p1{a<cA`kVmLO*XSc=q53+(UK!!j&js4%T;s2>l+M>Y>
z9?jRFLAoc6K?_eM!g)E(#(0CEw0(%A9X1d8G$2HW*N)-+KdRu^yaST-X4hR5(ATSQ
z-%d@Fssc(5c<t5y<Z^|Y>lT?rSuupG%d-uj-f`zRk5`wbOW)V$oB=Q`7Y#*sr{Tk@
z`eC+sc%>9#S~-N*%IFN{samZre12{KXFFJH8oa)vN&`K+zy>N4(Tin2p`L=b1|@*u
zQw`if?C_o?q1*3K$z`|O!V}@WTgY2{kg_b_yUuj5IWQ1$Yap&7cs~a}APYSxGbA}c
z*NPXNdY}tgn>9{)FO`5=K+c8e{r>=SgRdimYo`li0|R2c2L44g7y~O0df(jEC#5|n
z417P5?{3~Lywu;v^pz%)Twnk_GZ_jY&Uy`Jde6yY4s>o36+0|eTTDE$47ozhjGqS!
zS>DAQs8V>d);-spiQrU_0X6G(AgirkS%H7mp~C$MRu(r9ri#oO>vxui)b&dYS!7T5
zbEUR>gw-ZM!o7%3$)k;d@A?Zk(Zdoj@y^{}8Rlir1WM~ER5dE4#&45cMC}HzAr%`^
z#Fm&hn`KNv>!d2Y<bZ4$e*Yg{79=<f6U4DoApY8>?^jg=RA<Ffjo$!$>Xz>ku#tIg
z>L~|WKLxh(TbVeA)@k$R7ci%UmGcsX%6tiZ(sEYz(dFs;236(`JPVMMDh?hVY->jV
zM}Q}Vv2PK}I0tW9(VITMab7?#DB%Q%<YcbKlf7}|bzVi<IU&fax}c%*<(34L3bZp!
z|NOJYKRufe?qMu+y773cTj>6tBl{S_$!6gEG=i6zz2!p}Swd^=;Gz@x&qUQc2R&y!
zg&7ik?GGNN{4dpgbx>9NyEot_50XlVgtQ0>qJVTtsDN}y3W79<bc=*EsDvOb7&L-P
zN=c_EN`rus64LNKU(w%t@65e-=H8k2&b(*NKl_}`UTg2Q*7tdyPkjr7@ziprLzKfn
zg?on#t@E-7zDZisz1vRq0sN+t%k7L6?_}u5sN`>%g0}m%;Xd40h(E4rL?|o01jPQJ
z9HBRTe7Bo#q1o+6|LJeBPyb-4NOlaVU~$0E({7obO4A)<`oc-~UKfm_Ec60}z7q|E
zEF@Nc<x<`D?)&roTbR{X&uDlT#$H7F$LC#2YBQ{KD*{yGiK+el_X{DEX>;NeA9R@r
z??quvcY{KgTmzft8jEpcC14E!a$dqnYt10)mPWOCY7~;;2!__k8W5*RE!=CGGzOq7
zu<mv)T+^>kc>$mC2(p5{&-V-F5bnCuL=*f&>HTn~OSwFta^A9BIOkgTC8^qYY-!WB
zhIssd>D;?leSu-gXfX7|y&7Dhh(mq~=sH>65;BTHaqMu>B4J+`&~Hl(!JPUq8pKRW
zyc>~Q_7xxbY9g--84Q0Oz<w|Txf-v8iFD`?zlfslgz^8`W6EE?fN)tCiZ%C<>OFJ{
zQ)PD-^bnj<Zu8OO$W?0uuDU3ral}S?A}juTS>eIu4704pR68%<EH`cgSZK$Y+q@KO
zEihvqMi7g{edDbL8m}N&=^<b=tuTt=J|HY&X4oN9YTyC5%69Iy=|%CO6`flAp5_Ue
z@S*X=;Is_qZirR-4%ukiv#XWfJ7>C{rhNFPi#-A8`Enc0nW;V%3C%MHj=?xo^gr?<
z(24M>vo?-k0+Y!(qT91Ma+wY9Oc6DRvS@7pZ!6>!RLm+5Jm|3+UB~2;7={-MJ%k~5
ze@EnT?Sq_8>`P9A^GyAb01=8(x~HGi`;$4@i9vzQo|O2I6_ATUSWDc>&+BFXIynf7
zwrLv)k+)5mp!F4;NDjYXjLDC>=XKn_bY?#Qa>!n*xiQY(zDqA}3{rRsYU-H^54LRS
zgt%a^T3p65jlw4w*Tqym!ZB;o2nAJ?il|5`Z6;<pUPzSrkv}F@y7tq8n_^4cOe|2J
z$2{ycXykEx2sEB+D8Ay_h`Sf8AW6P_QSZ}(mE~v#Z$|N$7!a&GM2Z{SOgx85huf(%
zIfgS!KUpR5C<p`rm8>A-M}RBE<~i(=53A;amE6ogt1+JL<qn2YoI|KOW%hO}Q_r2q
zTjOVm15_#<AU&gkv|iiMpI#fVrPBkg@fa4)F?ak6867Wv%Rzg+-~+8Gc_mf`zC7v`
zeg<V%q|99R9Q<)Er6u@ue;VxM(#ae#eT21?88w)5s}Uyu_t%U8-lF*NaUB`zhkUz?
z&*6aVK*Qd59;U2@qtCkKPhR>5%45iJoOCL8haJFyvZ2o}3h3rr2M96K!yBw0LD?W9
zC4WU7B%V>BOM|{J;9(;?weVqXEMC9@WCLAPY+M%*5+*h?yWsMwTko*mCR5Z}GBA@C
zH4{jv`Tza;2#=U1thHsd0y4CD*IXV8)ou`|vy!3zB46yH3%K-e-B3vGrEP_X`O|Ba
zQ>cYRe@TR4zE}+JN_W&{{rxUU8}dyE&A16GP%O9Z`EnHywS9vx7qH}j3m4+Ud85N~
zfotKf7{^X%SG2lL$iewPMUoHC<2@1|D8Fq_MkmF5l?iE#UcBvt-~zYFVPG>^YzQBe
z{98?wWC#JWEJC1Ko;Xa_+JC()HX%yJ0(W6}E?2ki(L!fR;3o-M=PdX&f2jZaiq7;O
zl=H#Yw#ofq%`U##!mJ<xj(rz8ny@dB-}Zy^W^246AkXZxva^1>Cj@Lb5qbnXVGD4u
zA5RTQ-xr(*L6Hgq=oZN#o6tU>`A+rr*W_2Br&mG80!nK<l=hVk1?o3~0l69B!rRX!
zI@^FrBc>PDfB}d7-@q~bZ>oO~?0666%~7@3SLX=CmL6V5*#s<%58O*QkA0vcLNJWe
z){42m16Uq3;Ir8PZHNcSq{2XfQ32*T)QebgZx3Xh0Sk|8=mg-_NZs6<CUpcAL=^q>
z2W5$cytEGhMsaqDu7*==K;YhU>T=0>rg&s`d5XAOaksS><z^$@3ARCiXls+cy*h>3
zfRBTNmF^`7A%`U<`ySo8j9BGI#*_po`g!<Y5Z2=O0stYfHmUwD`V2_F)RF^B_Q-SE
z5g~2jdv$^M?|`2-P0M*{T0yw1M<h7@xmAMiQyc+aT(t~9GY0Tx7xNF%Qr^+xDygFR
z0BOI7gUG6R=^@Bz=-&?^XE6ZHsAHQ0h{f^&Z+M5G1MN@>wxLLrNwyAwU~gf`|IP&o
zpkIrm0`cBJ2Ff__d2wfet;>gbt^yX>S&!v0|Cr8EK9(L|K~dXlHi-xO8#S6KD7)_1
zPl)Au2c6sGingyeL$wQ9B<A)uMmO~3eeeG860M=Ut=+X&H{a*NIO2268Sy;+A(Vb|
z^!Y2GF3WS@LQ*Y+HqCQt<VJt_16K4e(ENL1^`g?>R>0P*Ka!N;ClM+3&?IP?q5<=Q
z`BgK%4JpaE=zN>oza^BHy$a=_bg#?wzg|I-P%XK)`*HM%mi;q@7-<G^ui5fQ)Cb6}
zB<Jra^jhemm4OT!CxI^5df2Fz{}VYRb#Q~0&G`z^V;@-A9)6Ii=rEaR2wj=YjN&SH
zg<Bl=!QPz;(D$R<7aknhEjj@k)w9kaK9A4dh!@#`NEYqa?jnz%5lDIXwfyyQ=c&-s
zl!+!plh7VywAJoP2$SvqShBd+OhP5H{XA1bM65XU!&&(?^160u^z7Fr{TouX@B^`-
zA6N{yOwdSx*bhkXJh!nls{PL@?`Y)K4&3Z#?CYRe{WwtyILMh($lYViaMHQw1GN>O
zN0Y4&VpUH`hw`Y;JZN-AqkIbGOZ{1h-Pn9lBi{A3yvAd*q)*>)JaRHbeCS@H1X}ZS
z60j~WIuzCXY@)lJEo!g~Sg00bc$VW!;J8+N4>o*bA;j(vm8ywiMtAp?d>^Bv8(_P6
zpy7)K<)IREXj9;biiQq>h$`p!IYR?LJ6Mr-4xY*_(MM$L6(f}D>?0(>ej-@BJpPRV
zWP2!Uw{hpWgu!yPwDkJ2`LlxE_q0!mDYwVDYl+;=MhMPu0L*2B>uebq0gnZ!GIhJx
zfJP-7rP&-Lv9cZ)xI`eT^)<7^q>-%iZuZ<r7?1LA>kL}jWucKdh0|hlxWp>dhQah}
z->8*-?XW(aVu2)un1s|t=n-x{ra*R}-$UITj7Rzf*DT5Z6pecz5f;D6nfUj$P86VY
z9=6gC{(LUeO>`WYmhivF@qpI@)|7g(e|X1Jz{Zi%Dp~w}J-|}CGyCcjd+Bd+#4ZJz
z{ym@IE7pSU*FLAt7M(_+5Vk1e(>iy|`@wurKi@d_5)SVdNI3S&8WdW@kj{xO^S}yW
z@#r41fFlZ6^Cn&SbHqBB5C6aT|4f$&5#9>?COaVS4lJ;GkstS+>7?hgf5$dK0>i2X
z;#|X?2F3ZU6Ao2->!W4O{d@Lf7+CoR1QVzLaIAm}_HKL(-tEVMOiGH-L3~Sb9f<)=
z07!doiN?7NgVpn2bq#bq@!%v1Yx@@a-(pgSsyqe%H<?tCJF{f}n@noB7PNBn=MrB<
znq2UOVfZwZimCQQbz#@VmzQTjT=h#o3W8d%^km2l_Zl;@?4jX2?AU1#Lxs=Ry@XfA
zR(<Rc-u<T3X0UfbbP+Xnz;cUQ?YapNa^mPsK`PD!4YNaD7sOSf5MQ=dG7B%Ld;MPT
zYQi$i9DvX%XO)j)K<c39n%f;o7vms+PwCY}0XQ#3*Zb9#*0f*g$)&qyHqlck2t#As
zOM5<;hQpX@3xsNy?&HaVM`j4;`dNT9ej;&@7sQIdqH+1Di|v2Pq|W@8OzLzSig5pz
zW86;)F{wnR|8JSpUl$+7fX8_Yh>bgH&}2pkwa}SrgwwGaV}p=VKaJcnV2?oP#?-<m
z=F$Xs{;2_-Ja-->c#Ie{uWE&vm9}2bB~=IqZABq5m<^D1yW#9_#1XuT@z62uT%bME
zN2|be3dhX{i;DI9|5ZDPJi;<uo;bJce{O$vIf31egypx+v!M7;6S@o{(A=+$yKffZ
zQ<f?`N~F^{cn{^Odb9i%k*vnZ(MU;b7c0qxS=J~=Bn_Y=tk7lnKY4%QcLlx(m|$-D
zt-8DH(GWHiR+T~*{W?yP7~xW?W+l(l*(8fdc~quhXdz>Ow=O%F=krPXnKH5*?YJH5
z7XeFx?U37r;S(6nUjvr-dVu<l0iix3LfsTAsfu7mr&jauzgmF)(5qL`x@ZFO4^n<(
z3r3Mc#F6VRS4R>oA36|SFtTz@_Q--PmZ^mOh^R>7Ree}l|7D6~R>3kwMwI`tZQ-~s
zkgS?OAkm!L0Q375WNjDKx;4pTIU@dF7~7F_7yb<qgP(x&^%nG_zvYg7;NZ*CE=Vn^
zf#`n4*$M$~=;E5(|Lqj;Qu+O%sKuX#4Ky#N^)vs8mEF3p<G<q|SSDHj)9`D0fHS~t
z_;$6|7Ar^$)oOgaQAQYuJwEfbM4t+*grqqng>#3PrJJDO4{#;}kdGab4IY8~l)&Z$
z<Q5CxUmaVZ5x$eF@j~kw<i|6?)c4yhIa%E*lbRbPD5B}VEAzXgjXlH~l|L}z22$gp
z>L}GmuoNIG+i<N+H*m5uRMf5X1iO$(6@R4$tO|xDa9YJ^UWsH7;}WzViHC;x3Rv%N
z0)n&xDcr66U80!{VgPW#l!?PuNH&A0n=W{lW;Jj{YV=`1TebmC*l(?WYUo<hg&1IW
zTTu27B2#COHLa@mxOBvZz0un{iYSq=Fx#{->~<21=dXG3He{J^?MqI9xa@U3mCJ{^
ztq=#<bIfF0fREkV^`HTY{RFnzv6m7F5~MDcpYl^`S^P++XRj}Ut_Rl;+X!17mu3*S
zVNDl@|G*fp;SL0`VZ<_6B3VJpLCLcsJc^<cZ8Ij9k?RkXo)0Y_LyWx(L-Z}Auz8F5
zoOJ|4XH98b4`2T*5T3vE8Ac8wBNGHgTv7ov{e7dUFip#^k!?Yf*-TlunHvz*atPdE
zFD|O$S2T`m1v@bN`r;I{okjh-=)VBF^&)7}IH|=AR*>U>ApkiJzU};R9B8U>V;VRO
z@I!t9BacZ51PRU$%k_vo@b}X=D!h<^0)mL_+eEe6zcIVz-!rfRlem8Zl?TrXL_LP8
zG+pLPkOAqktSVI|*ypu9fA{5^zx#5@`65-aEjy4sj^zXsxPI@Id($05)rSEV6+zc8
z)cFpgNMr$YFdu&FA}q2VVHI#sm}$Rt_0}_esUc+42bzh6tR&yF<bzCu>BZV)|BqXl
z@&~@2w{Vus9ya})u^82xzbH+R-bmFb7cLc}Z+ZUW{kvTJ>T&UjRJSdUab+{}a6%na
z(`C-W9h5HCxDa2K|IKN7)w9XHYGd7K$@}2bf$!+(>ejOFW9LrK&W$G<-kt89&Ykq>
zB#sih%Yj@g@B{oaJ;HZzw8R6Nmyhj{dDtiQ{Z|bvEOPE18>8z6W*a5%HTh>UdQl)x
zE?o6K<$wt4AA-HB%-{Gm^eTV5$yt|uar{sAsJAfM@AFn6<L%<xxwA;>*cn)FWCHBG
z@GVel-iE-{>{{A<aOEO>@j9*_KRsq-leewjkyL3^m=UOb^~E<c3{`mY)gnuk>IZcg
zM&+?ennm{z%Ck?$dnaAcuf~KObHVJB%r~<W5c+yuWeJAZ7nAgtgLyxB%CBHcj_dQ7
zC7wJcTDdTep*iMQo}Ct-`0eUR?AOm4ip*P^2{EmAx?*;JhRqx{){?vgn9Du&Z@7mP
z#A!4;)DE8-OpK)Q^lTB{$<+_Ky1FKFV3XZ9S^C)&is9vmy0IC+3YsdV+57TRrY*(r
z7gI<5YdJl}O0TrOhs#xXj3Pu9D@Be7b@Evh{<U6ZW7v`AhUrh1ZGuehDV_3Hz`R`5
z$l|U1EsboEW#V;S`|N%6Yc3dAMZXF!-+WFy9rU}!_QUM5lhMeLI($Bp(mJxl-mrGq
z?Z+lcrX3UG3TPEiOlDa<yar=}{<Wt)u(FCb-qG@j{r;u=Z?cgo$VIiL6{`%ew|E`y
zAG4{*R2arUHrzU*l6&>RpTookNv0ha<ErD@2@emynMXPO*Wu>H5<Mw#+ZkG4C6FU~
zwJ9)D>H(a664D+Ii1aIFj2{?q*Il8i^H|V`2T@<^=FiF1g+<4r(rk^Fg089hWw+VD
z>FR3K`qR<Jp7au)Gq)+(7j-+@tw9Fo<i{EjPbZH$qk#=1bIPGkuCv{z*jB9gLtnY6
zYxck#cw@x(z*|v8rM$64yC!eo(L_+x-C%mwJ+-y1DzS#PPjuon<sA0zlVTh1#F}<?
zcPYf1!x*qC;tWiaq_~#e7!??b*;3okg<8>tDj)ZK?hf~6wb=cII>C7Vs~?tr(I|v4
zQ*2(^PSX-?JJf5E5#wmA)#cuLbZF^gO2g#N9?|>BEpUj^@e-)^;Af`lDjoj5eiUgL
zq?U~(pHY7S{Th>`9AmhL#p%Nd2}j8<Og!y)m+7IB6BCGa+?)4DV)h}AN5F~Awe6=R
z`rv=zz>;cQ+vln`rR}P>Eb?x=dky5RfwIWL1^8tjBfl>ctfW^KkXw4r%E}7jDzU3Z
zAazp=ItI_z4xvIwY5|+u2$C!EcbH*Nl=v%^{-QnC*3-`v0PD$uGUe2FO|S(jS<9I;
zjPRY=w1o+%2pbWSxf{YPEHY0^0EEfyvI3h`pO$U%(e<4VEK!zv>0gB2Qv(ar8h@Gv
znzh(ZhMqiMovTKxYy`bUTiTZLq6RJ07;tdKW;oW5Dea;Nbg(Arg!4V0?fKveK^afI
ze<gxDPZE;txsc;A09VCs0Mc+yYa2KQi5~2(ZZoH9IAFWEf#)C_dI&wW(m0?dk*d9P
zRS<YYl;k=EiVb2cLaH7L$y+{PR}iL20QEfT;g#u%OeXf$C#zr|6rYBrJ}4qnAm37h
z0p4cNx!iF`$Z0BM7xWb8;lbT22M3z_m_L4T<2WH<gEUj#<u%A7iT6F&8AUyb<~&fZ
zF@W3{Et{sr7&*1Dtt`G<YK73<@<MYuev5D$NK}B39!7z1MnQ<>)uY~3cx-i#-JzM@
zHFq6D6^~Nx9vk_b1{v&t@;EGe*+6g>LkrOz<9^WyrSi5G!g+3=1<F(4)3>$BDu}9o
zmhw96*N^>AAequ!K^UdJebq&MpJCgRj^bNWlx14p%XRo_6%Ho;xLBjFE8{D-Q>V=n
z12$h~U0+lEfjr<`vyefd0I?G#ADcl=!vg@2Hvc|=LG=Qgz@^*(T9K1?No_?CTgPR4
zW9b~2Itq{wbNf{LD4WIiA&jB-y5^<HaDI&*Gmj+*?NPguCUW&WeP*D?ryH($xD&6+
zM`G1g#4hH{mw_cUzk2)jC9lmwJzmqWDRm|v6>l8(*f_-#wnBD8LM^SWz0~PIsh%oA
z8LhlegHm~}?xeH!Kk0?gg{f4}#Tb|e^WG4%k3l@_4QLBvcnI6;)8m$5rfI$S$slvp
z4AFTI&Y@x4TjI30{;BQh!R{@wpmW&MeUKwzZNDlQMF{+G?Uq}{QC&1u?tWMCRdYUj
zSymMfNT=@ajC4)=O?{WUeN;!aZ@4_n(S5FQ+6r1JWwzS>Fahib6sa4*61!3m%i9W<
z-l&csAFyd*J((n$@x9H-sKJ1yFYG09M74xJ?xMbMXY{~uIWhngaLLkK?;TbL3kk-D
z<qQ<Kmo8r3Egy1vFmP^HHtC`@JA_`FXiP}#t;HF5E|hIYctWW}!5G&kD~^nP#g*D2
zVk>&o(=-fphk@&`%XZZnkZv>W1H65~2wK9jx`rJwbI&{7S^ZMIoE|R}_?GAu$GmW}
zy$5t}$q`Kt)wdDLMUdc#=b&`e^^?wX(14Ox`q|YDoqIpIQPj*pd6mQXYz6S-NWgJ)
z`*F>#oX6U1db27k@5l5&$xD|o%jwcL_Q61-OkbByq%Ky7Q)V};H%G68-6yHqo$$4c
z!k$j*8J2C9WlzQmM8hh=YK%LrSsDW}uU2UPT!@HlkFx7*k{DmGfccFFf#pbjIQ7K2
zGY0&gS742pf*9p!SZ@f$-`j;|Uwd1RKTebB{(<peQ+_XqBB-|iiF)X_s>{K4FrDCV
zNN$p*i%BU0dwOBsjIYWsk1b)iC$S{(ULm>kkPhs5Ww<xI<U>7S=k>U|y4wc@ewIDS
z7)tmRK$*VbNyBCSx>;2tb~mXd9a4E0o`T?$MCOh&M5k0x*uo`mYHM%rcLQB?&nlR=
zzHjlA4`s~2GvEFQHPq`K0QjfOL1i1T1~sKq{<ty3p?g%pG|{;ZX5{Z>kj*OcX;*kT
z`IXUD7+VTF(#as3X{NZ4!wV_|&CdE@(kPm0&>WsXU*|+V9E6>Rr^5?okiiMKJc{*i
z<~~OW^g@EfwT<Gov-|*JxTHd;l2KJPXgp^00QO%00uSkeL46%;EwttVpmWOH&r(GW
zwX-C<`4TmKGCjq`#aH1*yaw^;;oeJNVzq%q$Q}@C8}#@@_-)Xc*rNnP_rRiu4ohXP
zf?=vm1Y~`1%mP6Fq|1<*^Tc{25c>$8Wddl6lHmKh*(Y1tdO@J_mq%b`vx>eIQhs&B
zc_&)cy#2$6?p>xEXE@b8Jl-1GLsm<bP35S1TixD1lS8h3R-D3F5{e!lr<j!Zh@=ZF
z9^tXZhK;clHJH>_2^6_%*<rPnb5!BQyc3?l>A0*dR^z|$*EdcLtj$tURK^(ybO#M#
zk`#*J{REqs*w8l3GT`)GVtr<d$#g3>a2pTu2%F=@*9U`PK7(mIssHzNNFwWtId*l!
z?#;sMul?r{+wg++i+7amiqKIVvoS}~HsY6DWSiD^U|+AfzQ|uu&C5#!hD(J^y8d#c
z6J_r|?-XjhucN8PfZJZYu5aXi{StWoJ}O~d!QMBy7eOwXbBqZ@&1CI~GnWek2uV5$
z{p#-6<C+J2<kvFs41cKMbWh}sb-w{|q2aL{9wAMWg-XVNH$Cm`SH0gD2W$`xjF>4?
zJF8o6YCYF_b(?hkQ}t(6qWCFRByzTK`S`~9me>Ihhf~0`3@D!%_-Yo)j+xd7F|x(1
zHjoKLyv0q?CeXr@<SigRph(!1A^i2Aw)Dt!+VDcRcetCBU7S`-{mDft&a+p8jcbky
zRk2BTLhEhQBJEGjsXBJA4hP3}`0dB*y)+JPbG-V}&3F`xbr?J`cs!4nn%^PfTaVYT
zyM4UWdqcGH8YM~h>#8r-<33g9gifBs&76t(91$78C4|TJKz+la6MRCsJFa<_(K)FH
z<6J=2UIbG}y-8r^<GDu;5n@k{q=}r3QX#>9SK8_0$4lz7G3+{*`p;cjR<8>$naf-f
z`vfTR`A>8(oAZ#2i{`&tBHTSX^j=`g_rz>>6{ID31h}uL29OLxCi?T$?)1f(>7<2j
z_rAh~7Q<i_yj^_bI{%A&NlWAtM;XOMCwfhi@7nn++?PoA3NsERauMra{mdY9U2()(
zF>`jj8%d;Y2r?@6Oqy?ksF#IQY%N-Jb1aa&<qHbm1>J2F%_Bke$5`SJzFWUTpW_s+
z)1Atzw*>nBq&r;_2VOViuy3&loziWY69^EMt{hnxka*ok_z(3rS)7F1fe%SCRfH~h
z;2yyhLeaY<x5z{un!XYeh%DzfFWC9{plr{f-x_Hv*0y6TvM!kNWG)z+79LaTCKm&3
zkj(Hz*)jI$3t<e-H&6-#Xrc0Mab49itZOE>Ht)$T%D<3Q+kT&%N|=nd$J4bhu>3H1
zS1s4Ap<3r>gUROxvf3f$9L=$gaN+yk>693JXn4Q9#T}pzq4#Gij;MHQ9d)i^49B*H
z#*vwH<nFz)0WzBta+hNKE`FU9@xNqKP#YWgkQgFOVj)6SO~m)^8X?<#Hb*UK+m!iN
zq;vwQM)O0VTX)(EGSw5QJv|!qE)!>{Hi1*(sVeK8*q1?b_mV54doi(1w4^zn^KQYH
zG+(;xgYdW5zj1|v+vxolS8m&S0-mJWN+Nvvmj&yQ`#+`jpi-VKs9aHMr_-)@dh1&0
zxJT1sp{O!3Hm9qXD%umrdEm1+ttowJ_oJZzb1Areo*EXn4O0wW9_o7CJX>pO1gX3A
zTdh1`885bT3H!B_GUpon&kw$nCw`8YdNc`t@X$3j!VxksEw$qj+)Sp8hJi-7u7^tc
z+RV3KRZS$RNE2Vfq{H}rfpFqx!?Qr0HiACU98u$SKj*aLn`ca(KZuneWbFuHa4X_x
zm>%n~4%Q_}RvK$;WEgNr2>gEZovawxSouETdF=D1*R8I@W(~chnD%nZsaf25M-GlE
zx2b<{IBI~rn)SFH`Q9}DQN<DI(_c{Ht_e!q?Mzmk-^?|0!Nn}#u}}+*)ZHT`wP?R)
z8js({CQ#yNFB+Q*&q#FP`7{=Y`!E`=#An#C9Q|BC&p0vk5|?zNeb<4W#5UJc=YYAY
zM78vD1K!D^H%GOk(<0GcX0tAwMuqn!?rD?Hz_;yZ=7zl8L1lBHUoasQDa+h{$Jn**
z)(UyM)uEq{5eITq3hJ~Nj}i(|tF2J`XF<^Lnf82|kCKk>`;IX>a^4F6&=c5fIG~eH
z(Misw@eu_qZgd2fVG%J99jO`waxO1aFn;TthVY2>vR>nT&dsq}jgxln5rPa|&X=)9
zKKzREG}Z`C`M!L;$%3DTelpM;myydR{zx0C=;C;ne@&uahthI$%vf~r+^nQD#mCDw
zK9x0_g=j~+fNys=@xQS8j6>LN?VFj@xrq19<TtqfA-nrVSBUd&v$TzAphwdh@iCD{
zeWsqa-1ZHnB-K0vQ?`Ar3!b)nSlvaX3m1pZeR*X>p+ehJ&Fg}}b9=meqmi+{j*m5U
z>4nkOE#XkM===0oPAdeQ6(=uuv`pe0=Xf|sLVI3TTW;(enVMRZ-{|^`t4E&vg)OJ>
z<6H^*g?+~af_2t0XYje1eRlnslI`q#27R1lmfVK2PV_K#QAHij_7qZBTK{mXG*wpW
zkImt{nJ;b|dhGs$lz{c)NpJD77G?kyq9xTRYxD2wWDo~iyj*Jjz~KB#Ck4Z{G{Sc-
z@1OVWjaOmrw9p{_9mATZf;H{1BOgDu8GeJV=m#N5+j3>sgKvI$Dtu*1l5$V=)*FWq
z=pmU;P>Vl%pU$q^_l;6WjQV}7nOXIm=Ly#jF&B!Er!c+lw$uCt2Gs7u>sF29{D0$Z
ze^RDpL_MW7L+6J+uazt<LnZOK>E%CkA(IbG)<5~p{$}ke(8BA}>YDAGe;CgO6*z4l
zi}1hcJ*Q>hwfXZf+P?w2n}n)8&0XPqe;7|DNQdotc2$!v^KklRC6j=OdNYylZ`yAb
zvA@CIb<|QlyDF8~Q_1326KNja@(zDRv6>tu@i#1OBrVjH{~$Dw4z-N(59DOFVh=XD
zse#4jh*^Zjpn)y5HXhh1ZpinzGDewjCxh^U?H3K?)oU~R%-~f=Gb_7m6D5V4XeP&~
zVa)y4Gnz#KOzAT<TfTz7XT||%Cgjg2^yjO>8@RSLp7TsU{DZ$tumW<x!Hf6TrK-UU
zmqw|qvGNd)ik5r=IK(8TY3$DjMk~Q<^}N>!+MsrbXDM`^QC7TiB@X0*Sq3Ak!u819
zWIQa2Bqy!5U<h$fiSXJG<=Xbr&gLdVCy^!Y57TTbs9~}|c9>_B5N8lzVC(N0yV}`&
z2v<z0<EXAhiLNM!^V}Grdcd+>`K{v_KuEHu9D3xaTR{5pM3t777B%TJUNFHs!8{T+
zI{pOzq)5m`Z_EKSQr}=ne?-BiqyS)WHjJi_b601hSPjBZj{-=!LZN_zVDfZ6fM+z$
zx$}~I+R*Y4NM|l>WMo%abetG2u7JRf+rOGdsS2l;&>jOFqp$&vQ?GM!vm>9{_T4Wg
z^Ph{<z_V4y|K+vq3rCv(1Z*0(eAHBfsqE6+%aW<|V20vy=9~ygfb3$|*6v)Rt^sG3
z^MuE>4U~!oQq?n)5GiCW4&dATJ=lP^tkkkcx=-2@I~YXqb9;bZoeAbhb(2<>*t>(m
zjSQpWb9i>Zk5Ov3+zy*tY9XsAaE5(eWA2<a4;9ue>pzbw41vs&88Hi>;d&vLi5zJF
zt3)Kld5uR!siHfW$%<fY?o-zt@R_YTLzIF#1p26h<)H+Uj;ii{wJlE+S*)nvr0@KP
zX<&`K0Qk5ZIAII;DW{>Mzes)KPR#eO<pu0-%$iAdgE-W|Ov(?jrzOz2sApb2+6Pjo
zsv7W(t7pg(@`Fcr6?XJVgf2Y+aF9d*LFV=ptZrFYBmt9=48wC0=xP&SDzVZFIWh?0
zxZ-r*^=N@5nf{b2uQWPc1xlc#0jQiA=5x^FT<&UZJrAG?KipgVpk@|C;^Wg0FY7)Y
zM7`#dRcbo|`ww}*Zp<h6Ayr2m00s_wuwC_5PL9Bio2B$a-W$WyFr#0DlrjO(V^n_!
zudetEXgqU3Y%~3KE}#E}c7XtjbwDYU;1_r_g4pz&Ag44EAaf`#Ueo^tbK{AV1^VTk
z;6Cctc&XC^lF@!YIY>k+<(W9u^W!?d(|nD>P;EA3B;~;1n#7(kF?2pk(8!JTcvZ4^
z6s%0j!q{G)JB22Rok0Vj$)Fkr7|8`V?cPew0>fdH3H4lKmw1N9?d6u=gr6GXMxU^z
z&Hr<p>n2L|QNjuH0gY<s9;7sV1!r%Aq|~((;g3%|e&kuePvgPpC=Oe+R8jNTHn_MF
zMb}0Mj?8klS%!)0ZENMB-5iuhp1MsC_Q69WChrx$3eBt2B2vUm!^X<mK_^1npc{9V
z9!amT<!F303(6Wh2Jf}&FoK?%xdiw(AF9o%HL#D+7Ym=gb?q5(;Xp$<2|(9pd`d6a
z4&G`{7;o@5EhnO;M)*M=?7UgUn8%QUiKLgE5CE4D66ckG^^W7jifWo9b`_O<bu_`u
z>?``98dz!+rP4sz-~>n0h2UJ|yt@5G3@|T*xn29kD-R9|CCI9twHC4;H|uCd8~Rv$
z1i0gpqA{5ZL|$$I!iAh?9>Ym}j=j0pSuQTv4^>>h*3HW|X$1PVY;dwU0R*Q6?qQ6D
zdxA}U_R*+2SIvxDYn4!7UZqVJ%iiTHaQnecp?sd#B-4k9_pvqzT46?A8mgI2vR<RH
zm{)L@H?SW8LHtWA;ZS;!ToBj|`Rpt}6e<luaGa2c2<`oI0>>8V00Sy@-%Q0`L7Ra6
z((r}bZ1IWwl|DS#t(R%aLo=YMzMEson@yh2VC%I*7y1?M$%`p{$|4<j)bY4WwUEUN
z_NV6_!zob;Thhi{9{6me@I1%*V~MA#P65uT`OT;Cxc034BE$*zMRD)n%il}eq3^u0
zud^ES@L{&|5?qONk+%#0UJe%9kBW;mHGd`&K22s&Un#i%WC@a^%|Y&V9^fuoaC;$N
zen$3D5*Y2vT7KB4O9wr1=AK(6>Mf<<@lJMiO$xC-czcN^$OG@a?3J(6b$buiqzR`N
zdk7_ik1UJ>v>A_pU-wg@ZXTCDi@xnES-|_0k!>|O__lavyp=AG0Z>V+%sG2jyXC%R
z@%l%&ts_b=x1`;KCv|V{LgiIBfde;k9AJRC8NqQ>`w;jl3jtVX5vsrP-BpNV+zh`c
z3&mvnKg4F71ySRygix%BRf7K3OL#IB_t9Y5Npx}p03HqiG_->usp~%Bdy{*SJ(i`V
zd|`5KqFt>J5;vc&)A;6A7sJen%RyQh+4l88JB=Y;09dSm#au*cY#HxanWfdI7uqVT
z)v!cz<clnI%8~mYVb^*8-WkB!Hkg9*!@h7yhR>U%d}wdKlabCsrkIgUd)hA7Gv-GR
zoj8S{4z4PdYf3tc4&3Ut`Xi;L!mjMtZojd6Md>lvr{j7vw~)9lQfNXsRd43;>{xPe
zn0UWi{7|Pi_*@-;PnNxXeI0PR?EuAE!5%p{aWOIJEuSxa1fuzQ;4pX|uK`xtA#t+e
z$tf%>95+Q-DUE|Im8u$`d{bubv(QiX^NkWeyU@NWe}%3y3@Ud2EtAND4#Cm(>G0qk
z2b_6GoZA+uRV3+*xXU1_w=J;b5K?j;0?E|D^e85`olqdJ`*Rnr2Tgw;Y<iM0O<zs0
zT!plD*fTJ&{1__jNcN2MfzaI_1cKlKa|r-@@k<o^5=YuTocRRO7`lJ?FIO0WX}aT?
zOOt+$PZiJo&_@=z#lSGPqwFumBh3|fp&C&YOLqD(74(n<uzEDdfm=3l{29(OIfcqC
z>65~fr-k={zlyfOERWx(D8w-jvNrt5Zvf@F-*aRyT&H&wM4sOv8lGzq$i7_aN|&5s
zMhmxh^_PglegVeNKCSZ$kn_3blSB-R>#&UVv`A-_l3PNn^<$l6MqKDYUGgZ`m7xQ`
zOkqiN>E9w9`Pn7DWAl0^rnlUk^x15Txac;BmD0j0prYX^J83azNASWTaKV`5Srt5`
zb74o4UCT3q9}BnQ&Rh{<yt_0qjMU3dt+dT*=NKL9$Wj=EI@0TL3A1N2vuU5t#~c$&
zrOacfvOPml4%dZK-Ql!Rb!FY{BW{y2PO$|SWW%jyyCe@gFhv!txhXKAzg*o{e5(8O
ze8|>ap^7rAz9z+=u$5>3_f$}T34aRks0DIq;19X9bq`AmyVmsx-HtJ33JiH40FuiB
z1<_X4y*Fp@surD_qlyljW##kOZj)w-lW9_cS-^rh0SNkI@t)w2L%m|Bu9IkL&dyXW
t{`B9d77A&<oSl2d<{5vR!;_eOd{&v=U-aocSFzw9MLA{Jd}-r={{#N!1+)MF

literal 0
HcmV?d00001

diff --git a/docs/extend/images/authz_chunked.png b/docs/extend/images/authz_chunked.png
new file mode 100644
index 0000000000000000000000000000000000000000..5bde2c71f9f4d8d58653be61d02d0354b999ef0c
GIT binary patch
literal 33168
zcmd43byQW|*FOq)Xc1`v3F(p)5hN9)ySqhDkd%-PL8KcANkKqBq#Hy;QjijmkOrkY
zfAh%myx;eC?;UsCG2VN}xMRQ{=bU}^S$nOu=bWFI`=yGKG#(BG4hjkio~(?d8VU;P
zGW>U7VZb{!qJ#((6j~HnNeK-%)Zb~CNyMLr_wfZ6Ib^eZ5npA9(WRnkv0@}@nx)!0
zf;6vg_@mLt5TeTB#2`4yzqU$=OGYp4&il*s(vl-A8W)XAhMxBQR#^XS*Y~7vrzzd4
z(rM_O@zCBorxj;c-pDVr1Wbgqs26`<2xQjoykxnG9fk7u&zDY|u_r<tjp6U#6-IH!
zKi^(t>Rh~JfX_t#|MQt`Kc<<P8G~+_#frf5y(djpZxxc&sQOX_N~UIKCUkS<NEqeY
z!^p$UraZS5v#&hg`~A|X$-zHB+vxcp{%j@8E7xTlWyi~{%{!bne|;|Pm@Rof%jR~t
zHD6}_C8Ao%>G$S()49>g@OyT0UJI2b91^yU{%mO~_LA@D+atkfKe<wk5+5Z*$_c&J
zPjsP2B@pyJsTMvz*&Zm;<r9PfN%Gb>Ek+0*|Ngl3r)sM6y?)go{-yGX8YgKBFP2-_
z2zgq|Qs%AtB|4S&di={1H6IH!_J04!E_5skC-eLKima<Zv#@?oYOMYIr0=`~#!}o?
ztXY^4M!_#<H`RD^`FmbudBGh$qe-&V5n+vi-p8?}GK0m2cUvM~BIx{@dr}1Oc;0xd
zu)b5xe(|A)<QQwC(S%06&M~WQoHIuBu=yq?nYkYtI)lr~U<|$V75+E3pH2#w@a>-1
zjFnr*=Weu9K9y<lM@Ju@?~ISt{rJ#5Eizm^Pl=WNj&`v@XUwB-8GcENDdvXLR?-<Y
zd4U~HXD9B5<5OpE4I-1c0)?ONuf=m3*5=oY73qFFil*J;tiC07v_#LUUs;qRpQxlF
z)-BOWcsXwEXC3qX;4AULG~PNqg*qRyI1H-4tvcVt{Dtee$bExyPi$}0yqzE0)WqOq
zq_a=#oFkdfO3OV@Huk}7+cAq&$F&K;<sTpO=K9_k+g~o*U;C+FIwinZ`Mw`>%478=
z{WzJCo5a_gWBKico}t?o2MZ}rb96qK$ua2^3I!E#iMefviyqDqy)&pOqm7``EYOJI
zG8VP|QI`9Ayh@pjtK#v9mRQ5=oAZ;rm>T6bq8^E6WS762tUR_@`AGPrjxp!Ft!n*z
z)%aZP+)B`CLF1ggT6_AuSvaZx*Oxqe!Og~u)tRx}U{+c`@6#i9Ny*d3lP&qC#ax-_
zdsKa~%#jYBFs}5$cj}ZQE5bXD3*E`>H4PrSYKyrF$ph*I8mtv-&;P(q2;1&U6`W;N
z$q+B9=d<XT{+i5}Hx}uVHt9BtH#_mO&UN)?y7=)dd*6IlqR8h^628uFF5O8y*?DsD
zY&Jd#9J*nSm)=h_dX1}peAuINxODO$?3$@Tfo0o=FVxSw*ZJACinx2%VHY~|K5aUE
z`1=cv#eGo{HVy8*)sq0**hC|buN~*DLAcZ>p~S3NdyMi4-F&WV2K4K&CERhyIG?1J
ztOi@cei30-PQTR~{#2im?6nq!fZgvZj-O<&`5(WHu<A|y5zDI1G&_OZ7Y6r!B*GrC
zjk8+tb?Nx%bMDP}|Gi$tN&0^8-Szz0O;ZYOFU6&Lty%R4p2y0bN1}mnE2bDzPiqw$
z2o9Z>Z*2a#uT;mi<WcP|D=*YBqx&U-YG}z&`uXbo8=o_B_TaPA<1Uz&ct(D!-s>c)
z$D3bhC>IYuMyyXYl`M>!_?^KUyxu2nvnMZ!m?>5}j_1C{+E8vw7iyOzNWCIuWgqVC
z_+>Ire(O=x$<b<w9JP+|<KZHnxkLCKUd^nYA9{n=@iP~SqD7bttkD)CKa1ij!IJZ{
z{idzuyf>Y$Q(nwI=f_jw_toDj@C*~x5^`K}IxGEcihZ^>{?ulFW9Cz??RaH7YiU^o
z)!ny81Jf-5maD_>ZM;d8u~Y9j+%x&QWKryNZ~W*JzL<tqUGH`PzG&3$>WDmqt6k2D
z`e%P$ZyhMSz9sttkCKV2>7;Corl8StcSW=R^e8vcNUfgJpqlpkTSfIJw2^lAJ97Gh
zRHE>PMRe#s2fwQomqZ)Vrr9@S$_X?1JG}=AX+oMWG1spbqrZXuR^WBKzn-XV<o@~U
zRD`I71ruG%@YmvF|C%Qw#dYq1gxWuQ63W+Qrd-FL$ewR?admp|>N~N>>#O9-C*BSn
z&bFJ|KU{o6c}yehHZ7aTnMT3$srA9pcApqt7yd9W$L%x|mq*FJOLGFEF)bH6qVLD!
zb{!7n%IjV4YxFu6E~SfB=1y>K^gIl6DluxXnfv(U2d{Df2A=TKhTQ~H-Q;9EDxtwU
z`;!gNF+TEIc3wLsvXRB?YJMWyw9$(D;I6omlaS9@J+u4P+=?5_X-}}Q$n!moW7CH0
zGi>X}C6^T`&D+CxEcD7OUM`1x$-XH+xErf1x+(M`TxEAYTRM`0w?%ET+97)}QtV7+
zetoQ>%W1xogiE*abWeZwL?Qr#{L8OT#AKf}jp@z5%XxNj@Ap-o<*6!o9(jL_VI;wH
z+t?6$OEhY&e0^-I+3yne%6$jjftEAnQ5WNHyH49Ne&!Na`Zf-57UaB$9+XkzpFKU}
zif7Z5+qmm>RL-GOD*kM3f;C0psTL`5Z|kE$V~?GF>F}SWg9I+&hYa1?H%zHWvDA8A
z^P_L83Q1JLeMxD#box@aoe_V<b$NhM6Tu<k6nAH#Bb4-}jm{4($5cV52OIZWPZ$;)
zT_C={n<ir!dZ+&74&t!}-~G7~DppR6M$6_)8S1%m@jC^2XFK1O{oQpKcCfpDt|Hhe
zu)Qt~t7P5_Y8@M98Shr>A}MGLJBnvje{i<_=DefQb{x@S5^~?|Wb?~VwpLO}Uku|b
zQu=9LQH7rE-+n8rB^hmT1ls2>m8ZU(QwmG#Jv)h94y-0?3tDpbaHH7pAr3v3GH@wd
zg<!d`#~AM%B{Kb)%sB1}l~9`y<(h(VqJaO4X^$Xwb!NopX-wBgTXSbt<lS61T3l3w
zWIV2#T)~l0iGS)p@Pd7)m^e{bz;1#&)PJ={K;pq4oPCjplfwdpzxmibwgvr$y#fYq
z@x8z7Rq~x<_e}f}lb0|j#*wg3m)|8!Hf@18{21>*tW_+NZ9KE@?k3ab3*-@%4}L62
zyh&ix@FEZR2D@7>Pbn>otjNS9Xqx||`3l!noBpgI($DK~wO)K1+Qw5(rD;jLzgEOH
zmybQfFDG+{Y$`5zC2|?>;n02ji2qrWxo!=&ao1_J(#Lj2i{kbmrBlD#G8*x%2UQ`%
z?ZP+DtdS8`4l5_eVYW=}Vb`zDc=iuUpHtJ*SUF)oe>EpwTxTS|rivNcy}OmB{Uw|-
zL4mgG&Q*D*ngtJ&s2m~;ZNIId#iWv<<D!H|<}BA3+(g?Ws2-=LL+mxDdiwE`Z_5;Z
z`X#<t`*ME7_W<mh7A(iSoh+(ZfuW4z*D>f~O%-RCQ5eeQM~V&2@q8<uc#zY)J)&sX
zd0#TQUZ<cy?yyVaboa~9eh-(O#MG9ekQVxJW?YZ^_>bUU1+j+v=u<~EE-7+j3klMt
zanB4J&yH4Cm`=O-`tqd}c0z=Um8fMHgwwOmRX07PCnQ~jJP%3<RNn3fdAv;V^`>Go
z`thjIVLF<=ewi&P&?9-92mf}$P5p<$S>{)$ahQy~A{sZ%$A#@j8=hCqcn>c!J;PqL
zZ}vr9QDvIrH*3Q(mqRJ}Flas79`2!elVJLLp*Gjy?~i?hJ1^2~ZK*pDTioJU+wP-R
zER99oHZpJ`B*jVnt5weNC~vc9?XC=|D`e<&d&&LTIV7TaE1K9|P_pjO0PE>Y?Uw)x
zs^Xn=@1Fl%N~0@j+y|*V<}W6RxywJ|laph9FdOl@5t3!#fD>Qd)AJ-<`Llk^j-tav
zwL?~Xq;5@nm0LAtv`O;*Qvdy*gBcl{d)$Uvp4$rDho#S=RPrE%cP_s1;S8~e>{49T
zf7^>mO1$tOGs-l`EF=57Q=dql_H0Gq=eOU*&NlJ+F>&UfM$`^}A*%CS$_ySX$4H--
z^1n-@MMp?Cv@5)WFLsjgR&ts#Nz|)WZ6Tj8%XKqMIK~hzKPSTrN@9BHi0i7BI;Yr{
z#_fe7GnV%(L>JU}xWX5sTBPtDdEzrMpZd*(aeWs*)cJ$&LJpUGt>Z=u?oJz#GS=I1
z?$S@^-H>jwB1~<HExyLs{45sD;eGXm#xSpKlI)kN#ZLOlLViv4ie1Fol|4ag$$703
zqn{y?UI#P5;Z_fKxBEf@8-30j*(R@Jhsx+V4fIdztT_J}<Hx5<<k7S}yD_FN?L9{F
zlPXL&WNEk$kuu-H*K}ZNT>0cj`2lKTmEF&+Uk`h6S0PH@F6QU^-Z!ukaF&!N>ZK>*
zx|+f~*S_69y1p)G{Tu&<pJ1)N^aQ<7ljq?U+tc#nXnN_mkn_`ZACVfz`7N8fH_5W5
z34Ro*dyeZFFV;z>*IsUr92AZb96Q{f^4YJwHRvVC#Ke?fpeM?ar<n4vgNUV;lDRGT
zou*fK>q${t-esrr%Wu!y^47DBD{RMa(^f&T<-W0omiB8r*#G6)mA6XIev&zhOw{Kv
z+HN1<a^BamE`2g%*J^OnKhxw!_;o?G_!rGM)q8|7++vlMU8KvC4Rts>Ep@Nncy7t=
zJ}5leU1etIk~9pcZNagbYHYCRN>HrX-PB^Qo^`&e!@aKEenN}(!o)9u(@?Kr7pK^3
z&>D($qo+NgCC!g8=fdl0aktRLBy}(;g^8zld2;=%;-XCyo6}w)3aRa$xk+q16l}Xm
zJB_I&@|L@sVCGo`|5hMJshsL0eWdU&5{VMT_BQjN7kQsKJq0!OH8<L;JHfs+55g(F
zj#WG!N-d}PVD={z|GN$uW(|Fu<=<)ONxQ2p!jD#R`RvQId&_sKN9Jv<)8{J8bw^RX
zT%);$`#~mMuNJmrOalpfNGyKdlSjcJ4#nq`sMjNu6K57CeBo{_tVQyMEM;l6h5?l@
zL;<ayYjniU6VWA_P~2_3v((@I{GEP<O>X-4wuyt2!|m{9p8Ds>FA*}$A_zC*(vtVq
zvg2O{;sxL9e7LvK?=LR#*uJ5q0k`lq@(`-Ohoq@rZpRHwmZ9}Sa5uf|P!r~KIz4jP
zJ-E6+$}<(}sxuozY#+cEje=brjIxfqSHXYN`dEjT`5(|+8jq4)XZ!hUw~Q|W`PVFp
zrZKSh!9wXDkZi(^%4V(az{~gV@sTL;<z5`gME_vyQ8{0^F|E|@u)p8-Mf|20XSAh}
zUy%F<bXO8)#8i?n^U?nU(T}lI;EG}dVLV8X?)x5*pYwnF^L_{)^umWduhpvT4E2Ld
zAD&B_9Bj;-R}o}BJ|HBW{2BiAC$AKfA9K3fJ+G-Bavqf*NvNoCUx;&`awK_XZKfjF
zm)9GQm7ruN4OfV%SK{H}A;goTn2I}vDtHL<PRw;S^bi5moff$FKflZQ(YyJe3s(W*
z|HtaByg|il6Gl9_)1zG{k|KLeQaK?CLXJl}1beX^PZT4+&})|%g{!+&I;DoV`J?-p
z94AYWs(OVu4XFOCFS`Es`otNCGGZd;hO>WP%%`fNubfapN@D!Qe1urQY)4Oc#HIb6
zKH36o6<KMQ?J~!UqoWnz=otOTve>_~CCQJ<ww!Ngq!n>-bPV!n$5qv5f7iw@pGlmN
zYN)5H^I~o#dEsaoJCRPMze{m-2xdCF)?HWd;%FJ<(O=(7|B(H=@L8`>;+-`FxY(sH
zj{XWq)7R{>+`YIA4di94ELhH8Y!kX<U;6l+V#B%|{VF>(fOWEOL>piNrB(*t(SOfV
zPQ=8gcH6WY%#S|eK25vpI(SBA?5S$|M&$YMYQ4%6&-2s$GWYET6^kC>)2r9`ZQ^Xk
z;oIb0fLY{UTqe(P+x)dv)pV+etj7*&V(RFUn?Lr67LFa)ET(^aPjPnU3dLk`XN}vY
zS?WBn1mjBq3ujApqRvYy@rg~1ubiOpV-$3pi$ZRTh2FGP&EoZjp4E(S%9(nrF_y~5
zWpc|oukWEYou3`^J{je132x5J>38=zKXv_4<COR0XRRhAX{J|XTnTZkv06L)kB4O-
z1<%7E)Om$onwNK}73uH*eDy70I_eIm6qsu|KP{nX>q+L5Zai9Hw+7Ck+}vL3lzY^u
z$-9A~sKl^NODSF0y4>p?>gZ;Z{s%LuuIJy7n96m1GX9qJfZI#!wYobSkTg4?D4Ux)
zKdU;T67|%<xN?2T1y5i?u~{`?N9_Di`EV&aGDjhqSB@2lQ?_<TjB$m8h1O>y#W(@<
zMhQ%L@|hGWrrcKSO%<dE%I1n&1QjOt*j~lTpN>TLHpS_R5hHc#%Wgc7fat_dcVZ1{
z9HsEq&JJert;Z|hUl(#_SqpP}F^g^T4P9!u>Z$SW`E39fl3h=}oUbvz@ig0!*tx%5
zV%e1-Cy~gZtLCw@G{aa@v;ONf0BtRIpW*lV%<t6mNOdNweS-LcR@2FQg{0JVBUA@e
zI%vEPGS!MxZrjEHB=d0K)G5s<GN@6jX@nY-qLkjM=e6e6LJzxr0B=n&iZDCesskm)
zVl^(S3AI0J^7i`mzXNe23j>dfX)hmvxhk%IqV%2zBOHFZvh3u1x5P&lD2D*T3e!(7
z2C}4ZYh2gUx2_{xq7|7p)2)d*u3FAsQ{0<RH10e--q*zJi)T-qT6x%)Zpd8~(9bk6
za~9Kd7!QcK6IqwA>Xqj^inVBtLCsZTKjW`WniT8re-1OA>#{m*Q_Nym>#X+ip`za_
zg*>S3Wsr!SX`z>=3f5^`?1(#2Rwl#e{Hz_1@KiRh;rYH?-LpS&g~X(|b_ei%&F{=d
z*Bio=eI$(UjU!<mTOX|ISH3>s?1^=I^DLj{!ho%G?<4CLlR<$rF&`rnQ{XRTbk#eE
zNJoJ!Yf!?g^zkqxZlQei(d&3m7SJT(JUIUxNWD|G58~TZ8>Q3dL?d+Q+fBIgbwEuN
z{JgrZQmA$FN2%%kREEB^yUey@<*NH1zQ!`k|0uJZt#9{4TT_-<5;#*Ubr~F?7Ic&x
zt9n|pW=+obkl5fHur7Oz&0v0}GSSrYx8q02sI8gou&R34X6YkrH|}8J>}Lj3mkIUU
zdEukRqRZksae^dsD#B~#R)z|3&pvcxZ>QX$=^~(ifMu|ewC;I!xM<mzF0wM%n|4<o
zHo%~e-HE-IL=7LK2<k-Gw_<^(lefljCGI7$`7tkiWqzaKg(BdskS$(g)~lX(ut&z?
zypvdN{k`*Ga~AFxPP7rmBYB{j=0-o5+u&fHURhJ@j{l@LuneE8y;Ea61Pll?72Uu`
zD`oe&XlaYiI94@aRa?S`Q~j6UENs)eQ)%5AkmqX1Nl@{XvF~HL1ylD*Vt8x53mx@w
z$V&+^KmX&IU>Y=1+(hBGy3+;iDDwEfE*VWP0wTs7oP_LsEJ)F0xFoQY2qc)gk?bI)
zx;U2GcEjRf*AK<hZsSv`ioV!p1~l{G#yECu&ZPGAI@k4f_U~5d?hg!IkN0d{47(C;
z4($OWIQR^hzo9+k4PWA!cvJuFUX|_m@aPnfu@&pEe{b)ZT0(7P;{!7oeroJ}m^&um
zvZ7)B#*qEl#|ru4g9SbaYsv}=3Z7iJZf70Q^d#Fn=Isb!Ow3y6<*Z))M$a0d61Yp!
zA?~_+pKMB(tder*Wc2b?RZ*SJzspNkI~*=Cp4y&nxs=^KV(er1XR6XR<-<C#Alk=B
zhS8ixi%Icy&YsxeTx|Q<!H)85mShoP+`A>6j7D{Bs%iZzP}j`B6;Yoyd96>1D6dV_
zh(KW2GpM$2VZS?d>??Y3yxznfVUnkwac<aCrS)DfeRZT{^}7fWlY)wS{n1KcyXaIr
z@Lq*ZY}&=Yk@WMrsj`8WEAYw%kq^6*`Y$C%d#=vay~o|u{<6@M!tNebqLi<mCgd`B
z277MxCpGNU1(UO;=C5aK0S}m7>R?Nq%Ld+ws2k)-xWz$OePdI`-w?Y$-aea*(?Dk$
zgP&RFR%tOQr$K(v!)+d&)dhqr8R5jVLN9X$y$yu$w}GDrF^Wn6!9K^vFQmX;dzcfr
zN2b%appkhGz2fDmeZ|TSgy#ZHoe>%P$HjUTa=JqHt|{Lkn!C;uAi3JOS0kR?c&9{@
zc#_XPeMjX&C;W9q59+@$S^XamIiJ0!uce?SPn*7Ze{0ufX?6pRZkoht@fGRKP?G-l
zeV-g#1F<`Wf`cMxIP`UT?LX0nQ{C0#mQGCy%rm`ef*VOV@lz;MX@dnLW#U_(zh!jX
zBI6$?g}1L~btS4pukHj`W&e>$I<NCOt~|=~8y^#x`C-$oZ<dZhrI&}~t4j)U&w@WI
zrhYv{6dO0K4cP%BqdpE$KLMg;VGC(`UOT;)jJ+n^k0E1jpU^-PX{T0NVr+sXnWU#u
zPtYfRoe@srp=gUNJnZorsE=69`ru>3c$utBP-5A{24!7A+*gZ5ZFwNKp)6=iF`7=Q
zs6|*w$l+IDritm*gUWF22R?W^Jpo?V7=d{v-ch|g$c+~}8kk4*Ew5+0S4bH#x8j|@
zkFIw#%t&#pn^Ak$y2(85mOoQQ4nDOoiyH=yO6wAZmcYWFUvf#tlC7y*m^7YOH=M(S
zdstPNuMihKY)n{{RTdZX&V9<8wC}Z;<~q2&d-OrDjrkE{{y2Z;DdV>cUe1!J%AHG6
zD67@D-6bjN<@?H)%K(oQ6ok2(`d|kX{TZ(+bl3LzLiAA?zsz&{+o|Nb^b^#Dt{DQq
zJkDY_3Il<M-PgLLWn3m->aHYyICvH7XZ2;u+h<<tx!AV074w=?Sj+>HcHo!>o%*%p
zDAG>OPn*t}12FLufQHlM9ikTtYqaW1w{_>le}IWP!ENeJ*GaKvsYAS^Um9cVwW~SL
zc~iSMHFQE61rP19Gmfi|Uzkjz>VzJ(h+AOdS4C`fl?~sPmHR4bPg}*QCESu)#qEh>
z(zU)B5qO2Kqe!n;nZLBEBGA|yR9Ak7qJDR)ypw)ZXhni1j2y1-6F|$uyKP=q7^bf=
zhP%JHasNffQh&ClGlPM6BenpaF!RgaP%E5SIeYz<*M3{U`s4dIEkion^QoK?+$5Pq
zWzRpgEmEXYdY~maeJV#}J?@{hC%Z2}kAZ5Z=HwrYE~_t-`I~FOan}QsDNW-SQds1k
z$HeJ1QmtKH6LIB*l>2DiKaQB(9$dw4GHF307qCmEh_Wuk$H9tJT%KF!|InDaTeGSA
z>wR#NSi2`LhR2K>*ZoqLz~}&>wb2jsTJhY?{nXhym^GiG5!Z?CV7LlQGQ4oVFWgl7
zeBX}C#7!7AvSRwjL*X;TW0qos00Wxh#*^HVp>WD+{ih9#d{(`ekAf~OY?ZU~eS0+I
z$vJXg86}ilpa+n4fuLT!5veRDRi<$=5jBtd{!iB-&Qlo;mg847PZ}cpSSF>zYpfB(
z$={*W%`_r<d5%6+W4rC%Um1}hbn?`!;2!3aqhW%+So$S=t+KtqX_8i%?ZrL;C27jz
zlm)rp=bV$?2T;)!>X7N2`c1ByV3~cFgDbmB`5m!wn>I?3xoz5HESR+n>rQ(N#_f8C
z%TB%5WIy!;C8AE#5U#IE*^?RQy7Be3y(9{F8`givKrN&Z*qZF4FTp89X=L>3hzte`
z3%r`Bt5KC6yEeOFMdKXl8I&yxM48`qQW-f^-0qv)pk2Bu2XijDL!XJ?QYIdCZDKMc
z|8pu;5qCBEW){JA7yZ2<W3(H-E|I9qt0hgvMn(P|_B$^1c@zTUZNfy?^A(uar8h{%
zh|~EC&*fQU>rD`z8@~u72eSVh?JQ^S-FNW6v9RkE|H$mzm1iE~6;%L-$T!@!atMJo
z9-QAc4}M1~Q}LL5_QL0~^mhn2$CT_|ZHy4V^R|O_`kFjN^>lh5I%;n4Bk2j}OdV5f
zbB*x*y<ZN&;(kJBQHx(=r5iA>YYD~i*=<}iy=^@pS#$5S=KIO~Y#n}dteXV79fSQl
z3=iQ?`$Bfi=_py|yO`J}E;HfA)tkShXiMcB)CaHy=<C}MlVp<5=o3)a1HRxgZ}gKQ
zB2C3G{ADs%xb&!}812%<&JMDtquB>9of64Q9^G?KWKnJ1kIA2W5%XXmk^#M-$omte
z5x4)|Ck^yCUh2ZO$3dHqDBs?(KmTTDmZl9?zFRMV@w}D>LoZ8gEdH0e^bVy$wlC_L
zwEcS97m?Bk;y2Ip4Y&B-1QN)+V6Gx^WQ|it<5HAyD6VDF8@)m!Y9RG%w(y}sv^4GL
z9`0U!2mRF=!dYxg1@cEDjm6mM8Gf#)=~#C~wX(JqyJJqjyiU*NuzsxS9(Ms6uc2*_
zPV;DX-%lYjyB)PMQu1`N#|4wfelWE>Kv4A-5*&tHLvz!=My)C3doz9Ng;cnpjqoxW
zx~(^nZktADuD_aWUHOczEg`Mn5+e#(*_jG1n!{$oU15m;6g^3|;MwR8OSzPjuT^D(
z6Xo^pm;dVp5RgY=UcV?Jaf2@QlKL#~8(d-NfpI8{Irl>olP?f%lz1y(TIN)$5@1V^
zs=i+o@CR2|jUHZrSaCFLW^u+e`)Bnr|L_g>fPWCmaZ48bhmT-L1svP@V^i+$*HH<v
zSOEn`{jyy6htG(z2gHqS^@aTc_R7%a0MPxP4S-gaW;EpGOYC>{-NIYg(~pIzBbm3@
zf3;GCUE{gue@bI@x2`l`RAc^Nhc6{GEdNQ2JE0pU`lyU7QV^jLdpek}niIkSB*Uv~
zx|gtP&A(hZ+;2LkTC#6jk8JZMF<#=g8I1DSUC}in{qyIE?jh}!+RQfyzm}~ylcQuy
z3{_9=mIP-8R)Vnm#YPPjB%xd}M|5YK8?T1jymy;!QvUgqI(pXS9i!vF)|l=zux95o
zoc?$6np@z~sV43ahhMz>2`_*CJS!5pU}gefCGJ)`uuxpQtb><zb*H+|FD4cf2!Utz
zvnqc#3@xfF@}=wX$GwYbz5?XJpXv6@M;9;GkT2Kvto~d~`gNc+##+Mf_g|0+6Tpd#
z{ruB6cCiQUBmu(|KpC9nPE_rETAM27Gx?mk3VA4PC~|X1%mN#vNqSR{xX{8gw-7{Z
z8y~2*8NoT>?E_qKX`9RS<Q&D6;ngGO<pEi!VJwFVG(U7k1X3MDeF8a-PC}zo2FY?%
zUIlInJ^M6S;f<)FQtF*dZxN3jBxTS#+Mb6xD^$#Q^y?K@*lNafMvk%PrWBMVVWNy?
z35lGBq1SX-S&$PmDglGP5_+Qp$wI4Th@<XyflQqv8{0nG3k7hSi@_@k(Gtm*guK8_
z?Ardhgn4C2J#2pFQ!pb4$O8?}UB9LZepE;o*0nbR2*;pb`9!VELN@uf?Q4g#T9?%v
zfaftH&!1UORDUS9`>6+XC1VGsk?&pCwQGy5^1kLWep_wKryJOVkhx`x4Qg^gm@l*H
zqjph*vT+Wiw1G-neSUEs-US@wcqMt@eqgYfc=l(E)%BLaz)=+(A0>AwSJ1Q-p-CNA
z*o1h@4^_M4TnB-lneAw4X4x+uvdd(rAm_%{oq)2x)r!m20gz`NfYCsWla+3@eP$C!
z!=7Q?vzsRADn}ic<W7G7_=v<@%i~ogwceob$~l0MMY;CbpOtv4{M&1j4U`2%$y~_s
zAf({_Wl`9BgD51_$~wf<F8}#Xvrr37{<>JVZ1x0TPpqO%aqKl0ox$-++gSMhE??A3
z3}9?fYxHzSIwb%#OCiacNa3vzS|0|Te(*S4iOc=q1GWLw?Lg1P-Zb^$qm}?n%ejtd
zw9jc8%b+F`vaRG~^*O?R6sKk6VZieXruL8lx_e&J4fv<}%0Hvm#JuYrDL<WtoxG3x
z$XR02;%~DH(9-c}$66vIMak#vFwgP%r(M{d-VORUUy-mcRM<}XvQvI#>w{(M1eZu$
zh1jESw2Z4zTC+geC}2fWxr-FsVwn^r@i|(xxN+%_5v~dATTH}OvG3u}U!Py$5<lX`
zp}3RrEjl9*KrK{y20Y&O0rW!G2^N}8_fp72s+*%@n9rx|TmVzeR$n<P>m>4XjB){C
zyfcWJh=?B04=;7yfFpVG3sa>2E~olE>&m4kq!MThS6@MF<Y1V{#BL6iBtC$vLB}DJ
zyXG_q{Eq5&KN**ihSoZi`siAV?ctO|x!0~WH;6hdD3A!>1_RKKI@c1Rhw+Or*BU5e
znfHSkypDD{=dY068IHax9Bl4pBxJA*?9V+ZD$X&EV4#u{;YQ{nu%kp=tq3=%1Sf}l
zy0CkW<9w%DiIE7nkU~Pw+C4V`H*1QMEz}fhy)P&ZGE2K<9n(A%v9vW*s9l)<<a&80
zQHwK{_<eGfEf!2va~<iGf!tU1yTkfhU|cBtV}F{Nb%o42;XWF}v^;IHv@+=t^~<b3
zaDR2d2`ooTO;t767d6rQr`-(Xo1#9u6SgbU8Se{mcp$zk3)<`z9&9?V{`k#oXY2la
zMNxi?I->hCI^vOPT}HI76rue!V84U;u|7N8M*W!eAm{F1+B-1D_c3+L5&S-Sf2%?!
z{l=(yB)0$8tTaC2UEtrc(`O>~YF`vraa+OinqXBwkcCaE)-c9<jYT*Z@r!Qyt})ff
zq43|7hJ9n2f)S4$e?90Sou3IdqAbP*h1{so5!gnPkF)N`_<8jyT54>B0I$*XLo_`J
z`qsNrp~Q9%T52I&2KvE@UZedOvP5g5_026$@M3&OE;k>W?>wJY9G!}!r$a7Eyo~?|
z+-j!m<{2h<&+ZpTBtk|Ug7z>&H3O;`B0u9)e1;Q-TMEZrp|l|-eu?NVK@FEYWaYz-
z61PCozrXjgcWy9zt9N&r75RCC<Ap9VUW<!EK1J={@EynY+#S+xWwEQ;M;m^Fh)IAk
z3~X5~Ln=VONCne`a44tsBdyqrN@NS90BNHXRkMqXk_gfGne2V$oYx~I#)(iGGtUiV
zlweDdXLj%{;cQAGk1CCZEfvn4_IfDgX(Q`_&36#CXt)R-59Z%E-ut6Ia$UqjW8QQh
zld;<}RoGoE-T^ogx3A039a*+^ZU&71oy{vSikXbmKufR>=_Bn+%VQOVVUz-#MllAp
z&a6g@%ySk_<Vf;32$xI_q5)w{yn`ak)-B$}zY#PL#^8L-lvzsEEi50bS6gSt>s@f`
z&hIRLe{n4spGGTT6)5j8uW$<f7}e|tvi~g(Cxe9P;E80Oa%2d;LZWb9o6rTzSY8Cx
z9eZ(#TaPjte;ED~{>Sifg~6f23nK74y@~=bgiTfVR$XQp0ixt9*x`mMN>AW()?{AG
zm@KJRod7#bJ3c(>r;9fRf<*HSLJrv=eX(%W(<x3c#YJ=ImdU&%WVARr*!;EW)+VQv
ztx}AXV8oLks|J(1RliCRb}s`->OT0NIF!Xs%N0`Z@UReMd;_ltBa+e5s&0G)v{c#S
z5za#(!Ym-I^7@>4)_`;8){{|{bhlsF{K0tWLT(!-F4sp48$2{Qjp|t-Q^f)M*$J93
zViCc1X~dw>Q#ajfPuKcqZH3;OyROAMD?{?$N6XB)Dw%Pa2M&|zBF`-#o|ORr>=KTo
z5i6d1^8Iai4CW#|z6cgJLtgRS#J?+Phg?Y}>h`US`YY7J`9-G0xQzQhtlqG`;>$F<
zOeLgY(twl_b#t1|jtV!micv3N$P{S2%YjUZWC8t#-V=4U*Si5xo(llPap~I)ua5OC
zz%``RO+0TRgn9bvK?b!{72ElCe+&4}F7VX6!@#<RGS{1?58s*<;A$Yc6aXwD>y?g=
zW}ia`@|0<kK}8ppqIwmX3RW`B-B$kS4f$l=Tw)d#aqf;EwJwFKPm$ApCstg}Dpcy-
zZ(0;~3O}PD91`BL0C{q)Whjl!e)E+y?>>&txZ?uJB7CCB#~5j;npm=byt)IdH_pVQ
zkc8lB9Gw)7`^L22<W8ON^SvT9riFk=k-em`z_28%V0763j_*`5{R^xN%3zX}YF2vO
zTV3#R_45uof4tWhAiw=2sc~Xcz8n{W59tv@GT0DwEPs!Fu%VrEn_;EJu8u;vxy)kg
zEd1gYc+Q}{dg+Mysi2*UiRnSlr>rp*dl?TS^3{b5cAXb34BdR6${uJ`o>2)pw%NPt
z&lBWd)_ESXcbi#fq4Z3J%MAgveHQWWP!e{Ar<3*V@1SfkL3ip~KnV7XypEKb6~d4)
zdDZe6=st7@Y_LUX-O`G8q4R?f#t0$oS{<Q^g*~bm7*bc>hEei)+uxsEsCVCf_%)I1
z4Gv0*pwnANKj1?3d&pNOOjtkN#0z>F|N547RuP|$g~|cY%W6(dkmf$rDp28SV4#g=
zY=HKmZuy=*r0D5XqrbAWnGez@diVM;-$IY;@6j8e%T#oK1ev2ibc0)5sXH=~T0~FC
zWra8|wcia5ZHt?$3F=Tcv2?O<VI5{ddpgJz%$1>dye$K5_1RDT`Cqa;VHt!9^eYsD
zah7-jw+%8v7KYzJR`2XQI+%^z<!qAgRxL4ZGD_ewMp|K_fmcK_*cKg8H@y1<)-P*d
z7%Zw#V<`kYp}PA_W7rAIOmo2fYFX0$s)MShv$lPLpRPL^Z65m-xw{!RTGcbSYjR=W
zD^>|#6<0$XgI&=tks<BTiv%(YFCWwOx$}O}&w|`oh&3zo`fivjqr1c?wxoPhYpO7{
z{QW1Wv8RZv+&81jF9b2}`zAPZ$GKfWR*Y@LCZYaF#n~MoLfQyZTnM674yDB+<me%k
zF!t1N>5CQEjG=UBSl`V57BztY+mu)Yjik{WuKM}|o9KPrYLokK!H3ixlkg&=#Qm|w
zC1#~=C?N0UsB3U9zs&sdShg7-^?k<EpSAOg`P<J-MJcuikO%aFto*0`cBUkO0__0t
zEfxAQN`lG%{R25#LXul5CHhrLUPTP|KBzw-46#8wX?}ndHOV;9q6;!M-IeN}T%s{F
zy%@9}n2d?!h)of6ni8{jrw@z-8pp%?f_Xtcy@OP_x5okrrLLmZs}ZSAL=!V$ByZa7
zL-8UDL3B|10Ueg06eFrOK}OxUW=~J&m?G^p0f!7_tFfE%+=n+pk3kHH`726`6u~}e
zF=%%J2on<mxr5Np>O;Ro2Gq-C&dX}@@?+>zr7t7eEpEy*`yrOro|$B;<aFHdRrWy=
z$X<&=jyZ30U<#t|L8Yvw7wRaKfMW1PV=%&&8s`BT0a8%TN{MW}8-zkqp|0oe7$xqE
z%=N{47Pc`_C?qa~tycXES94+Ivdc|%-{;&AmrA=eq05FX3DW-ZBU{~J_ODnfs?6jb
zqzY)N(r~(!*Ks6{XsGY=(`a!mk$ivwEKc<Jv$%;FL`J@V?bw_>D=RgK_pwNbSmVN?
z-$vw{h1?3Xe*al`<g$vR-9Rq4S#$RV<n%=lBJq0WoEsH#FTh_QpgrdhRK9;;C7}!p
z3@R{Y*5%^s3|GzIw{Ku{|Na-RXTpUL$wiD@h}==)A;|1?jr$|>KZL>mU;ut?{~}J&
zO>!Pg!VqrwZGvGFVu3Pji+?dEAu_FtdL8ATLJm#@_2lqW<YeO$;fRAp%xzme&@Xc3
znL#g(0~GU_?JnUnfcN+J{*04hXQ@3P1iM9i`TIM`<k$@9%}_AR16{W=k}Zwjl32d8
z2T`7(cvjD!tMQ<<`U=h!xg(@+5Ln42b-IV{z?_Ff$NR_lroj~a$@y9@(~N<JtW(g?
zaq^A92*s%Q`d0h1$$EE2I0<6gol!0>3hMMus7B@hupJSbyB}<rBCXcW>yw7OR=pgt
z%*tAe{Exngmsxf(f$ulY`ukh*MdUpMv55J{N2^2t0`h<&Ea58rJ*Uyd1%+CWpp#|X
zIGs9D8tLc(A{VJ4%L0M%SI>J5(7XdmryOtt+xTW}<CT}kv=m%tKRnsQ))3u~{m<}e
zvC#gERj98$s?OPc3SXBnNZwG-xW%lHl+hXBxSMG5{$XdFY{YdzI+Y?Yv}tGwFZj=7
zfd#kJG4YL%i=2_$3_AH8`wV13A>_KoflJ1@lbAcw_;{oky_-mm#$Eg+I1aSfGz%C&
zA=Mn=GOE{MT?5~NELZ^>w!+q5XbNg=WnSl_xh&^AR`34NXg&t<1PCVEyJ`<*(1sBv
znyqrT&Zk2w?^f6h$(g*I4HmSHyKCNl*^i%^rKRD@D-Xb=F+wgj<lH8{IdbuGorzpr
z;LMF<Re#$7QwlO8HNjjYB1jXYUvXWEW9=dx0&e9FS1|cozK07@c@S}(RVDu!Gqg#}
zeRq5$x<R{yD0~yD_kDW64vqCsZ`2{|a~&c#@Wth5yi+q`w(N*%c|0BwzB&7ay^3d|
zuVYG1aCHlZlp|j&lIku~p7I+~MC~%NN?@xJFz7qnUL2_#DuXiBXnX;$Iw`tnt4P19
zxcfD~yzVjZ4QgfH;A0zT^m^{3g>5v#s}pa|_=ZzwyMNpRJ5kJk>#A6@B-%5ihbNY4
zn+_F|p!viO@cb+z0kIHaoIO&^p)1Ht&CG`xrR-|JBXa{OnbCdg+@%-H>dH04(TNuj
z)!{EhbzB|3nOl0-WhG}~7W6!=?THqxHaQIB)z>-9zF;%j-i$}*RaZS$o2jINSXdcA
zw@vHELjNsCmWTvh^x1D6zt$ka_UpSzJm!O*JJ41VKlJ?k%uBb{`Q4L=YE^>fW|XyE
z&`%4dKfvzo0z>r>PoZ!Xlpb*t|ADL{xBi8!6xN?!;2~?fLYFBqt&7WlN`6*Zk@a?U
zoQ7&m{=dS})z1j-#nAs}F!qu72PH7FPuoa4AA%66sd4*?-uz1wAw)*zWfu3i0AHRW
zdY9z^sY&SQID}GQ=yp1*G;MN|1!DkmM;@|&nG%II2aRej9z=}$j)kI`qr*YPr(pa<
zq&K0|^wV`t*3YjP(0*&5kLZP9e96{43gS3-Ww`Zt%KP~J?}-}qN%zIHZ^Tz44NhyC
zXHdU64gO}{^!=)CPLRP!g^TTqEI`vx7Czr~UYge7u~xlXX-%iZ&9)r!m={L@jlq}f
zV>90RTn-6;`dur!{}$8fctK<?akcogyWCF0G469ROH*7_HzbBe%zuPMgv}6#LenDm
zH|^66K#kchR9(+}kP<sA!!2Mt@^Ml~ne(TVZ$f$9SV{#WaI-|HRKi;2kNUaeJIu0>
zu<BMN+bTH6qH+-B{tJ{HG3Df0S@z(0dh|fcAIc9_z^Q2ig#9-#<DH$$=^q29F^z(z
z@$Jf^Ko%lDIiXI9xS<=UgfbNHp6n-)G5Oq>h&|GWr;vH?Df!|E&4n21L;QW5l1>8Y
zqV$!oH+sI|ArB4VH;AbG*qq25LyL;oa94cbz>IR83p*6W_#q)NQ~F;w+ZlG?Jqi5=
z+RshI6O=Y+04-x_d`?u=@|37nvg)_;82<zXP$JXT^kuXI@f$w9Ccdtp&w(Y_0$0IT
zxE(%?N#y5z3QY;R$X${Ye#ES5GSI*hH#(y=2q|`0pXDzp79~E4Ew1VVc)DQ1p3R1B
zxm183_ks}*kwi<1yi%3*HYTDi{a*4#R*VT0uO{J-caFKmhYRzHOxYS}Ga7@Q2zIsS
z*z-((-@?N6b6V{Eip()gOznmB09m^rMnTwOD|<R6T4Mgp7OZ(vF^3n4S(4EYIA`p1
z!#*H<ijI)m^=N;c=5dqZUC2IkUp+6#+pHLIfQINz;;eCUubl?`@}0!~$?Ob&nMOMl
zQsuvnGI2CN!26hVpH43_doi;;*c1f;KgKvft;oB>k%XiL2p`abErl%#yG7vu$TB4x
zK)44MOtB3J@SYHqb^I}5$c?%3g0K(PnHDve-~brfIb;$I{^Ii=mi7}v_!9?c%ZbY&
zfpe>!aHRfo?te*IcCd#}%PT@4js`}y<Ntz=t^5yc#_FX3GVrLAR1WN7>+vyt;0YtX
zsi(n>@(ueCnLS0kHU0tZLV;Y)(9@y}+$b}ca$_Jtb^)CICH!`KNZzLmgN<ke;;+)i
zj}D+n<pFOYtwg*wgDjd>ZY0g(c|h;JGatPYm!~PBSN`Y**b<^ZD(-|z!KKpFP)#<N
zL;&}%b?_KloJTQ<TVfg`81244I#%v;Bw^cCi8MaFRip%GTo$tL0@|W7iIGiI^MH#r
zJFl$57Kk@$@c0V&o&jRE`p8VmkEBGy@<-8^sfBfFhB7(eH}m7BAbREkupIycm}cb=
zk57d_7tUuK-P3sYl|febnIJNY>1IDPT>$q*78{9q?#B04KY$yLA0=7fX*$@Shf*y^
zhu`IVdhr?^x!Zlc5CE|mfzH(cUiZ`MR6xmdJt-qBInt5TompqdHa5s_a))mri?V4I
zu>iNIy6AJdJAzht(jzcMd_CYE(tuKy4=MD98~Or}z=I!PmgNETSpuPALw)_}FMms~
zjcEzsZgR>TRqxDUJ9l60wUX)zExQ!|vg*0WRtLR*EqzNU_!cXbl|Bd%=|zqT2KnH}
zJ0B!}{L3%N+(NA`oH3dNs`GX53x3?HB0&-k9TnSqrlhQDZJsi=un`RGsU{W{c7XGf
z9WK(H|A!N<h_F3*fltE;?P78N@V`(p@^^;5Nbv-!fQ_=ye8I7MRZpvscgCaljabtm
zFRNBj(nzKIrQ#<Hg~CL1g*9O+CEMZVnM~a$e*+N$!A%zCDy`4h-A{+Ke%-d4SaM;T
zm@ci&%*b@^!A@`l>L>0Vhhc5Gwlg0wvQO+C+OW#mTg8+);9=!VT~`KWYYNW6*~ggD
zWDfcEHkoD7W8KWaOYy+jjOnb|RyTv;i2ZBqc}b5u@X7Og((OV^U2MvTDf9wNiy=pH
z{}=8-3C>A=AMYTe3YLH$1cOdUq#7vXao390!EA;b$F|^GVo*c(#{1|UlBz(DHnkIk
z<r{#UZJ7&2iIzPTG2OzeFW}S%bwkxpzk_U%P6f}-u1KHiRpFYJrI{#&(@K(0a1mf*
zehivx<;|yJ|3y1%D#uyH1BdYzIwU`Q+8&UN5$2SEq`lqN)>fVIw#e)bcByet?6bLq
z_$Y5W|K`<ZRw#qhN!Yaz!ZY78?{92-K!2%iDwyP+DMLq|FjNP7#B3TJe4YpPec-zo
z+=M9JuU_}e)};t^nsg|cC`bNGHjJw`d3z}XYatBSe6t?fK9I`qeZ%9)=j-mU^A^8G
z-3Z77E-4)Zhl16pry1rC+I`+1#PX{oS6i%4HWW~UTX7e>oo(vS659tJEKNJ4Qwwto
zs<g@P(A%mEmcejyzpXI&VK9HVH&b?rvlj2+I2&>w$Ij$1kW&SIQ0dMz03r>@Gtzc7
zU5#=glcvx;(#kw<>}6*A54F?7PjF4#&^AD_orz%!Dr;C;Q!3E1toau`VFH@EgK~kq
zA+9r!pgwSACUH-Y{~ME|9-+A*I9?OoTz+I{ID8=k(q;jml6Kx!bwjQ=t=}Ugfa`hR
zRr^oUx&>zpu@l9)i0W5+khrqOMOWbB=n&-5{XNn%7l|n=8JX0pI9DJ1{k^OGa5R1G
zA&c<e93g&-Xu3-w>*CvfA&gOjZ)C!B>{XfW#5>3FvlIfSfAtV?;1J&N^nRU<xNDUm
zLo)t9*<}=|AwJCLzOX`r?;KjaZOLR8;5&bD=WSrDE6G_t{_8uhL;BADE4fAaBFAlu
z(fRu#i^()|0@QmJZ6W&4#F_8`r;*~vd-v~UA!`Mw8~(redD_=l^@j^7{>n_=V2U;x
zLbeZ$`7HKQ@svDIYr}&Dkc2Byx^?fNI9k8#Gyushpn&8cbX$VEqhD8cI23VR3Fcx3
zPjXX+_8k_Ig-4o`-QjeWP^yDqwVWaOqtUAlv@_{4i?4J@SP1X|w=vQHY->oqvh&h7
zl79kJd(C~gKvNzZv9?c~f<Pe%lzZI(#gmK)B>5ZNBIUZupj3k8_XYsGguFN2dQ3{G
z*R1@$MA9U}7L@~Q?;O+>NamKD$1D)3s{#o}2ev+K_aA)<uK#)gkj=<I3UR{mYJUx8
zK!(UdHk{=MV2<)lfwii8SD`ynN_fE?>2#GBmIAKo02L3}WXjfsOkq}UyqJ;#D&>G*
zkAYN$-K!kW7OzpHqpI6gngM5KqZF{y(AtG@L4!8uUjjFtT^kvdk*?jZ2{%(T_k<sy
z6(gyoS|+QYPZB6NLNV{}>GVU#UDUlG99bkY49KyQHyv1N#zx4UvS3@Q?`^rw@f#e>
za?sg^xP+oJSX#ucUCe=Ol|@R;$d37v)oLhC#a#uCK_XTXXI}!J{Eu|kJG_CE9&lDz
z20~!FH8x+pe5tzKrNt}$jz+{|a5WB8WElYPnzs%BlW@UVHTr)+g%A(MYc<y25NOn7
zpR3MdV4rZI>J9wHW-y`mlhOVrj*1Q#-_GyeO>m@du7W7~d#cG;<%{?`;4hK9wjZN6
zgm<KZ7k0s7=5YFTQAYoQkK-?s^LD5!i!eg^s6lp}Qv)It|KTWxT@4b>-&(mUMf?`a
zBkq<7zKQWhY%NE?jTS%?HwK5<>U1X=KZv_MF{jcA9KV)WYT)YTBQlOhIbUde40=>&
zg@Jwa8%3zKPkt7GTWgc?>P;MqU4Uh-%`2a7z9*v2zQ<-%U#(W|Ax69oNo)7*2rt;G
z9k&-0&5dE}FsS9BhsoIo!4?EQ5^IL{vFp_kCiFiMq~<qeX&sRYl9Ilv8YZFmAa7Q+
zHJ(tZ0}COxBr0lcU3Lb6Zcq;W)e(BxsLSh(4;{JufTnn-U09ol@;LopzR^(mKSZ2f
z-_Kg=1bNiU;IRQK#md0g$FY};;;yb{*jpajMB;6HMs0ADcxXGB%tL&;cOR&%TL#I6
zudswS+lVv<Ic=V5#Uol};qBCNU9CaFjI4;Ux0at}Xk{U$GP8P<QY#|z^RwUa>yi=L
zV?czlD!-H)0<zek>OfQx2KJpmnDP4*{$`T+sB9}s*7C!Fh!~`pr&fj16)A_Nrz&kZ
zufqyc`mankcN<M*5cayGeub_v#41Yop>eEO-DqDfR2G}RPsaFvg;A@dt#Vn_vL48J
z2_pJ^Xi;W>PU31X?+;Y}0)OBNUm&teb&v7cJhX7I^})tvxXo@2{U7jr2e$r0Nk@zW
zw0^MrmK1OUh(|u`LEGio`s7Vyh8+6>VGd|y9LOvvH$T|V+_MJT0g^U@(w7MyY!L-f
zPafo93+Ts3E&gSfN1*fZVYu-Agp(Xck@<Ai_ZUX`97v#!5H=fL$^ShWG0d)5kHh|&
zp*sXb%cXCb15G|YteORJ#9;MBJ~PA5vJ$K|C57;u4LVR%qr=Gg<iIO151Z2wXfjKJ
z6cXRcC#HU%JSZWQX}s6d+*<5=YGBoS08z-sL<M39Quz`JY(XQIhcY1txIkXpv0Jl*
zESZ3-kjh~W+`5Dvt-(*gIf8sLggi7SSVGUM&DCFA#-6w}K#L<E&(QK^6(S@TJkmqe
zGK-pJ^{4ApJhFz&jud4BbV7W3ItOB&JSh7N@(CPjS(4b~fJcNLYWfszspM;(;$5Xv
zgGkOe4#nA^39ju&yPrbVll3*8$A78{Y%%dD7!G*;7UAl!JI;rA!FP0f>=9h6BN*S7
zM?YkLP%f$8Y^UV)*m>0OF2O!|ZLC5bq5$UZ*H);8o>T2t`9(HoUyiGAT{nXEfdCG@
z@{T(sodrO&Ii4Ii=+-@Zul81Duyk$n_aFGe&>@snT9&PflhA_UzTU7uh`BKHHW-su
z1-$1mjx#jSTA-Wgw-sa-ppDwO`QOYU(SP8%B5{m3mLV-jY>EgV?Fbi!hni%sV6R`o
zV1&*h?GcQECQWy(T>-?=V{`@Bbu7TmsRfX*EC6L$=yLhGk^4N!XR1pX;$J72(b6v9
z=2baJ?{xktJRFi~$j1mk&qE?Sx@6TbL0)G9NpnK4K6}?D_}nXmjcI-l6(*Kdnht3d
zYAJ#&mV?hKPaR4*%(L(*S_{wznAj8k4^m<-@l0(H<2aObvY_=*m}o$YXh+|a9B4*y
zQh1isEK^7!2rBTn&))wc6q%mGWkKT(q!yP9>4ieP`I4W|y<rf@3J#|MC|yfDD!jN-
zUjFyZF<?Kh91A!=Ylxu27ukt2dnzO{%yxtzapB;YKzchMk!cT9W5a}u;tCqn+4FzW
z+f{@finy*suIGOqm?SH~-5U*0L0DBR$$fTdHBF^g2>IBK_;*#NFI&fMHEC`A17+sf
zg6pn}RZp2py@57+9AcIXE^Ybh>Gx`I`wf{Edd{?`^FL0Y;AjrzgbtbRWWFyQ@aU3q
z;Cfv%luD~JN4>hf++N9zZ93AAw_?oeRp+|#SV1AobL%T}==Zzp_1PGFCKy3fPwq`+
zWL-%h?Sm4nG{v_tzFg~@{g2n`@Z5mGlU306y6c9HsvTzIG_e@%;!R%Cn|kXpS0@E1
zmWCl8yy90;NZ-KYiuagm{0P%^7t--y{p|&ho@FR=7J776;kgCs$3<Hr;4dfUGBUs;
z<-X(hYjyBlERSzXYMncGz@Z(>IVAa)CBjksph$k0<6bXi>yuM*qSiTw2VTToZ#vm}
zWfp|m3X<ed?T@UzhF(`nuYl08M4T#!{;g8Y6>>sR{um&f1GLFT%bK1%g(u_0wYD_k
ziynxxD!&iB#7|u0fMD-Q6;$u}(Th|k{V;^4T*W5(u#5uAp2O`qWD2^eS$npm%9%=Q
z(teP^P5nw@mKNAzZ1U9G<1Kn&T8C!E<Z?L02fzWa@82;P&>6w@vjkB;0V<QPf!IXI
z;zo|zARyybN2s7#_x$}9ea6DAqPd+OqV16b(`J+(+(9#se;gYTJxU1`x=OwV)E5>%
zsy3T7JNkRSSqFB+-I<z4-FXS@+DhmurZf?s<1;#ttsQi)XRa7GcvO^w2wvP(A7M_5
zl8d{~>;Hv&y}|p`Ll;^|AlOTz-vgtKGDN#94h@|_B4#Cx{z0rsUNO75_z!(AG#is<
zAG8T|wq#tgyb1jK`_(5`ck$3eq|-7=fql%FYw;AqV77k@s*;As{@Q!*BOxF8i{ay5
z!jN>Mzp;e3y*uVK{oIawTw}0B<(DAT5zmNZ7B<sZD(VoJbHVQV-RoB<Z!7e0wes$`
zINVnt%P6hjpYDC(*a-f?#DU6+D2DFtH)_F{r~x-5M^lb92}8eTQ7QSJw$0$p*>4(H
z%3_*J+^uh5F(M?&kb<ha`Il_7CBh&(hd}dshyOF(l#jJ988S%t%}|n%c!4$!q4t8;
ziFrQU%5_%mY$C<M@YAfB@RvVKq$-0UWa8!j*n~oTAIIH7ivbV9iYuqyr}@-!rWQsl
z9lSAa0V)NQ8?rG-_k|f&b^Fh7>Ex>$=HAXMJkxIPpJOjg^VE+9f#3>7hHNvx9K}_F
zXn85B&Nbpw_s8hrjctGV$V{ebHb%T8jls+{wf+<_66c-Dn~xu$DKSn9F^0d$$a-eu
z>RfD~@vYaEQtkm-ze01o90i`76jjg9vB_FhiSe%38psL=W!T3QA^G_M>nwI6u{dMz
zZ}xe_`to5_>&a$gmuEeD;G}|+NARr##pSg@9MaZBg)k_|>F-t<Tv)$dm%XgpRgIOQ
zobi+!nPSA%KzlrUCH%Bqb_hL9pYu4-Y5YY@w68w0q|eRORsM^o{6e7SrgBhx;CBHN
zCqUX9yLq$6134q$QM``Cm={zul1?Rs;7xk7;lC9iUJ;wXt0qD@Poa(U{CKf0gHYAp
z*j9|R{mi=qH{14*@gD;YqtF|fUS!iS(y3F(76yz2(u_U~ssJ5WYgPV)MwWPPv|zTD
zWJo#6t3M+QQGy>t9dns!4H|%EIT!jVV4kjnLC5QLDX4mYZv0WS9jd-#fywVd`tvnG
zM$%y(dnDy{3wAMNZYJoNA^m-hq$a;Bi@Cf$_&aa&069;ceWB;8v#_L*4f&KP2rcsO
z)N*s|XIi($9+zNqd<3Q6&5+-+6PV$g5R2|4Riv;5rkhw`|Jh$1K(AbT%~)9wI)q>?
zB*gkpU6RT{2YoOqmja;Gxf77W;El_q;3%R6K_(Uoq)zCS3zN@y(g}nQc<-X1*p{co
zr74^5PFAmVUFQT^BmvT5p+rcNr>WuI|Cz(oNY2OX^nkX9T)UsOThQjz37R6_D`zlX
zAt`W(x3A(@RPX(->b^Uk%f9cMpFNVj_g>keNcP@QRz}F?M~F~<_Ff@Mg~$$tl#!KP
zl$}k=3`N7J=X2;hulu~N`?~Juy6@NPc|Ff_{&$|8bo`FraeTk;&wG74li4bh%tvNR
z<*8jwZ{S44m=qf-_29=dgrBH+1^1=^^fw8p=0Z5c0ss(cf~JBXmnDD<pxnIwN$v`*
z6(Z$gxIu?Iyg=nX(>URr0Mm`2TNxCYbt*J{h9)m0ld}8J0*s`VKxFZpJ=hB0qy7L+
z!ltDC$@*)%rGhw)8`BLJPP&h?!+0p6ANe?p5@|Fmha9fJIeu4uX89LE(D3E=6MU_v
z+31@pZyLYN1cf#J1*hyH5y<}nr{LmH@T-to1L)$VuTk`TKLNa}sX+jn7(Zh3dVbRI
zu%h=#=?jiQ8zI~0-izwsYt3XVM?jhJGatuVAQ`=W9DEr_)DbIg!zu!Lv{RuxYd>NP
z+Y@2n6|>-#`Q;}W6<It4!!|bz=xH$HHTC%r#mfOyG=A>u;&=*JsmjccYvD-8*67J{
z3;q~*tX5Qd)1numK6e98{qDu3m&96kPuG&tiz%9i0uy`-_-MhxdYC{Rd+OZA^o<|t
z3ef*|5DO9AXTVM)SSVJ)VTw^#u-T3TZvlEv&^biD_Od;u?AzyUdw`;_+)xU}Sj*ha
z$ET;)Y&nOO`5{6<NzH?|%@4j{G!?ojty2$n_)hC7@AjxNhS5^5=Yd}y-tLmx)cAY6
z;$=&j{zM;M2}8$K53~HLldmd;&iJoq<v>lwv)*};uH&Dsn!N!-bt-7#%Y7r1A^~M4
zRklig<AOHz)sQPL#3!lBhbKYs%7=dO#}JRMV9Z@+DW($k<oBQbT%CAr<$dMP^GoJE
zC0~Yhx*5So3!N3Q3p+@8S1W0jk{uVu67KOZ79KW+zW6)u&M`q(8^I}1RtV{^F9^9*
z<jy~qE&`>w_{W9*i+c~@LkX0TYflNbQfh<=nf^=MBCUYJ*k`Rt7lBzUTgJYEPbX7%
z<4Nx~P&AAi1H7fp6jNxZZIFr{Y*MS~53Qsh8uAV(#5aVFJAnPbOZZg3TzT)4w4oe=
z(Hr2P<LN@0Ow8;;tDu0amMos}%j%ZY@+nu+lLtJ=CEswU2j3?<Gp<!x0giyPVst|Q
zw5kcR6Mvcp<xo$6dA<F?X~TOKL<FwfW{ZU9ZzH~{k|X4Dh5$h><)?8gl_r`FzfP`-
zeaN;GUo_(6zrk<UzpwlV-UH(FIY3_-Jjp*iJjC}tY&3Xeh<>=8S1=dX<-}xn*v6CS
zcbDAEACj&UPrdHzf_#C5QQx;p6KaQ-XK{5}DNr|>K1M*;ti1S*L^gcVlw;@U-#sR1
zN2n$|)FlfnTIuT;d?S<LX5VLefO<txk4)a4C$<O&6Iau<VPa3iKY<Jf7ID{twxI*K
zt&J&Op`)R9%i>*~2h*6Nb(c7K=-bF3hF1HmZ%8~}*rwSErm_d9ytzj#U`u{%XlG=Q
zBWt8~jw^uV&HGmFvS9J9#2CNya3z9Xi^hOzi?KkiRVHHc<kL!aSC<EsdcuGBlIrJ<
zZ+BCn>b9O}BM;Kb9X@>0m@ReXK_<?D+K*Vec{LOc1U!#!6g%ars<Fh7enb4bX^Ilb
zo2oASIy(7{;$HDTra`|c`JrYO)hyx}^8rO&SBEt<VfY#xvEPi})zPL!WV;l4(qgmX
z9wxe6c_DGX-H%d?%J!`I(A>3PqWa!6vd*w1QN??kBB+|;>5-Z86GYt7*kk-Isx$<T
zb8kMUFuU$RF&M`vj&<a^g0V<ICHvXU&z(;iym@YXdR6~u-dp_MqCXW0ziYn-*SovF
zF^C$1L9n#|Xzt3<Rm}V7Til$Z#4X47$ht$u8=At6?BeX=xK@jwIv?l~eiuJ`I-MTf
zINF5kyG3uk-u4@<a3e<Nn1GMcG=BUI=XO3;&`9l3{^3^+ElZcOH8zTVuA}Dl(`4|?
zWL-G}k!(ijTDlZtSlqjk={L`OjFjY_dhjz4sY)W)Rf?a+PwJ{$(3(1)hp52^;Frne
zvBv~m*z@zrnjh5f>IynPt&?BVL%n97bLC0o9gKU&@JdM_M_us+YS_ich!udyRdQH?
z)FoAn?!1^>PkQKdVv#dc0n^-ibiG;-OxP3s+{nOZO6TkOY@O;ijPm3FwlFjE@|oYr
zg)<4*nGR_Nyx$rtngnQvr!`V*TEF>jZ-noD)Wd(|d`me(L6$W;u=N&d-Q-1TDtAwH
zB1{>S0J>Ot?<^bb78U?&Nxx6o;Pd&tR>ns_IFxrXq+EwJK^e?g4(2=+j#%6Oj!ChA
zE}?7)l<U{JRbP7Pu+R~kYNdy?ejJ&;aHQ5D1X2jkmGJ}hV-x=llKBB+3_@MFVj)d3
zKgM4CEKL6fT@@dtwgrHH5A6dQVSfb+X|A|n6Ji=g#v%x*fm^`AY5`<gf`SPuv&(Y+
z>s!xV|FhMZ4{=D-Zo`hAaHZCf<ezw)WzAJt<pXl@@evmlAcPVXdSR)5@F?9<B+58p
zd0xVyJ2&0%U%{B|#0?0yXhH2BH{>XcLC%3uKUt7!SJ50QVIB=vSYBWa*)c*aM9Z5#
zu!3Af>Px`qno7x|-3`3~;2nV(Hd?u2)hm=d6)IEtCxGb5$G3F81Gh&D5x!^Qo;VHk
zBCQP~n0$R0{*kqK?C6CkIbvH-M{LWbf62B09Lxmvy9a5xQiw$K@XE!XCxLz}?Nu~K
zT1Ub8)D8abgmZc25TFr6sCGbif{w&$$JST}Ht#_-#9gTUv^C|WHh>-OebcuYs`tla
z&d6h7fYrE_UiJ-?r{3qJ>7vw3jl_mYhVC$7r$G*iabo7VpN<$gMxtX5&(nd_f?eh_
zVze&hYdlV$j&S!EnTnB3ab%W!xspa~8q%c0pbm(c{eZ^DLa;)*vfvPq`lPVo1Awq?
z0U*Ip>E0jGwuU8hG$!f7)31grV{aC7`eHp=DUHuS1SpWv2H{&(^>Eij;Ofq2E>^zy
z=^EIqFb*vnjvno$73V8%LkWo{n{lQ*wM_XU7+p&ak!F*B68$lb13t_s(;X?+Fpa@h
zhr+YOgM$jh!)`uo_yO}-52_k-!2E2!4uv%7km41LAI`ad?@MIP^mD(Pa51IWxbo!1
zTn^B$l<y-jkR{$;KWy_Gx22Z2;AIAbL2ZP!gKpU`gt*+T{}9?XZGgl(LI(;3najZX
zT5BRyKl$aq@Go-z6aMAV&cDgO*g3ui`_?g9TQxc`AqYs_^#bSe2$q`Hga3kkF>aju
z1I&!(Ri%oNw;w-;dt-lcHoZ&Hrt;P@lgaRHe8g2h&kM^XEX`JRA55SfL;BZg!0KN-
zYZW}FWF2XgV=Z~64pPO=R!~{>xAK~GvW4uVw!9ljoyls50tx&uyn&Go(<0u#dwU2t
zjQ%^-qc?eU9)2}n3R>tO5&)*3QP>uZdO22dj?W$o=fczf;9*{-5j=(t2boOf4=l+3
z>GB$94XLL|TfAj+-KbnlG4v&=C;CSFV;R03?E01vs;@^jv6Fz5>j~@6YY`X^VkNWZ
zL&-&PD1ZG`iesdBF(GWhTNvXbIKywYh%N%<<xe8!H=OymiI{hnc3w?hofNd`msZhg
zrAZz**|ry{!?<>uqiP-4X~aO2EoK)6ET39WxEpyozPY$Y!n0uhfHDWudl@;+ftQ*Y
z&XUrzGd&cmaZFaC$H#HD?2c*<#geaIJ>)s^di?>+N(w5dYocbrk+)k+b1yz>B+|*1
zLNOAHpE+JgDHWt`Ej6ijmS%`>LtT%D)vZ95E=4SDx-W%<tnH28z;EIRhD><XSZN4N
z|A<*3cxExsM)ki7XAlkTNYx3s`=SsySD(EPk=Qt#jj7~2QQcQIPKC<b+&HXlvBb!W
z%OtgSfMT_IC$U;j%_DaXk}`_)MBHD#>!(LmZ=q=-|0HS5^{Pm{hj#Tu6z46MR6W`o
zu$B@uvT|D<oB&|+h)$kxk7?+`bw`EhHEvtpmg|=uw(fqXL}&1@B;c{wgv!reM6y|B
zP3D%Any#ovMsH&T$sCmU{J5$Px;g)^GBn$--2_(+{fm|dEQOqRc#fnOgk}?PX(`Aj
z^Sc!{b5N4|;HihXBqdr9drZJZ3K#s^4G*p?<%juuP8v#3#=sI{^48f<aMk(K=-1Ii
z;&;~f`azUu4?sOKeX9tdF<8TUE!$)evTCDuaC4MeMzk6Aa%pNMZ-*PpCL(6Gq4)Xn
z@DhJwpS#ABcsVNn<c+5jEP4YLooZMisF3g@G?x~Km9b;<K2TD>RAhO|XM!(h@??4f
z?!Upoc)GZZ{*m2UK$JJDn?|-rd=B<g$ZjQR=zwkC6w!OZlx%q4DH!@wk&+s9GVu7A
z+UUa!991n^Ed&-BlR)cdK0MXtS`X9{9YE=cea&YqDeJqO5;yu9Tou$p=XGH%per%W
zn}Uxc0+@@%K}FQ6-jMO6J3kVK1`)UiY27IzhW0!j5?WzG3A%fkCb&Njz8JWSmS;mJ
zm?ikXxPgvL2fCsMX5KVy?%%ctZ?Ll_QKfc+BX4Qsf=ve4S-{wJSP1?j<9f7R;70A3
z1F%KVn@(0~^)J<-*=JX}WG`6ORkeVDPmoJJAq7!{e;)iuTuZpA_WmC=BISP!_x1oy
zQ{X=F7}Zz(U#dh`8vam;dZ4Uo7%F)Teg6p$qjsYx=wA{sCc~va@d+tL)cN#tQa~ru
zg8gDC+v#2^;?xHI{#B9pQU4q>0(qfK8WMgjQAiJ(RbznBY5#TlwH%q502TFQ){WX5
ze+hsM7m0ryxWDN)HQNakuqgw-8@OH`+qL7HgPqJ<Fx?a=fF*!YkNr0+3U%{}?WPw4
zXCT;D_NB__ZP%Y(0N9z!dn4{JYcKx=xloq(!N%W%G+bKB8#aRjohpDPml@1nLjQnX
zfZmEXP5>Jd)&B;-WPtZZjWzH+g%;QZyo+I}{tPwfUE^ObR<BYufAqO?M7Khm+d>sB
z8Kp+g{};?c<{LM5{YWXI<Ht5jLh@u|+lowourBXhM@or482W|r9DjLijlP%K1vrsE
zZQ;fW|D1Cv!Ka6tHa79&;@5u-SBR-gPBnq)(3Q%ktxz5c%B4d?2~d6!`Q?CDKoHQl
z+@ED<wR%KdjLdfLRMG@c*e>0nsslm8WoD^13FwxM$Oy!hYR8ML33t%ovN%!QUQ2R8
zvfOkw;?4nFU6Vgom2MFjmAV1Og92~dfZ5gOce)E9#k}6($tqPlkJ~mj*Vf0y!Piye
zlhJ-LiEV1LDjzD`x$uao2XB?}SZ$pz0a|pm%Cs46KkyfL0$|DBf#iY&K0h=Q{ZnxW
zT49kZ-VN<)oNY{M{tteL5?z}%O8oBIhmA=r$a@=osr;Fbfqvkka%Fz+GF%;IqAx?I
zTVFD}hdCa+(O@GgzsRzZ_{`00ZG7}>ec84VA#=M`<tb22dm9<t&H$`;y$@={7^o0O
zD1`Elur$6H+V2j5WY%WXXHnoPg#+2$z=2`kV>e@mY~3H^tE>UoE@dlXW$UB;>|f6a
z=6M+!SyC*B1BqowiLOW^JFkSJF!d5iQDYmSH<3Pc?Rnc-s2|ErFFN0bVI&!qMfH#u
z<EkM!YUyvx%fYjU=(Fuh#~i=G|6A6c<rMW&9(3`-gS-gwO_FC8b?zk}ZUO64DjeAF
zwMg;UHVv-aE$VHU5bJ&Kh+UFfQloy#wiBQVJI*$TNI-NSocQr+1Y_*{$8c!+8|+2c
zh-U=N5&6yQUVxPdxON25q?k~cEvZR^4_-2Sx7JbH(1}12vGbgB+B__5coj_fpeU^x
z3CYtX{ul;yUxFowt2l3FMHJ@_UOvHmhEH4Y#OeU*SbW~UCX0_Ue2y073Ly1d0>^6~
zIN~x;rEu)P@L$xRfMG&J3{sW~6zc)(<jr-7Wyy9B^O#oDx_s1cCT1^62&r^DmpaFC
z+Sl;2tpZCp75`T-Flxg}GGbu!(aYsGe8R8<uv4;qZUwtbK>s4aO^_?{I*>%wI&Vt<
zqMW$vRU)$P<6mmB23R21c-tm|XL;b|28x=)<5>MzUJj(}J{8ueSU3|(j(xgug<^|-
z*-Q7%e#Q^xM>j*WvG!xL@y8Z*T1+#2m4%nTqn3WW(F>*Z^L;Anrh(Gu0^%Z(e?gJ9
zW{5HJv+SMF^TUL}zhiEOl$s2^{dd!4?u{f0{kY=Q>31x-i<f-NUaz_`rtu7@LB|z+
z|4t1``R8g-3%k}|)u3C58f5YpHK_aV)S&I8|0l6V(SODo30MkMsVUr?tUr~z*f~5F
zYTTf4W<Y^*{udv#J9_&I)m>TsgyZ?F3x8-}VLis^nsWY(Y^RKG<Yjlq-G^m^>GZd)
zz*y>1V%_w7Z_mtG+xAf&ckYWB>I)3+AL|LX>uE5*W@r2qHB5cy=LwW`3ZglibT+Y7
z_+!O=l`{xA)hJM%VVsN^BK)RG*Nl`m^E5Y`v^QC}+3#WzX>}ibY={p0=s2DEN@U&h
z(;2?NO}%GcAMONRar)FG>E>}(va9{>qS^Gu>xw=<dt7>K^-v153$B@FgYOsbc?RTP
zZE>d<uxa0ZntE;}bM&wD*tgU}BWrYI*y!%TpTf_y+@-MP`2X`)v<O7*06OXbib@!m
z94;g>_88F4!NEZX>^^F6U=3vp6F{=9{l4nzYU&wKK&~}|PM7AJ6fh1H?>OY0xy&RD
zxCj%NPo=%1-Kh8pCb?g+kVTIHjwL2pVNWv$7HCa<G9O1=Mrl{o4PY7U8%*2BpE5Bs
z>ux>^`u6DMH^jNP7G5gK*g(c05fQ+!)}VPGd|0WHPWnc`>WG7lpL<i9c`{A)-S)g`
zQntUaf2m!@>ugtI>;pJ$A_mAWA^{#E7vC8G8!@oS#RL5m*WImI4FSwlk?FM)dr$$b
z22^neDB3GHS9qDHn}i`<L<ieju511PSb$Z5M@ZuJ2K|5n;3hdts#mYl8$-kE#7vbP
zj^5}P^qzW7)#ueVRbY)TPF5Hf#!ZMj17P745z$8?y;|bCA#@awK_dqUMFp$qgBK83
zivjboxEAYm&1pi}5$$V(xk?MbbyI>dk0&n}x<(LB3XyMs?+jdEJg|XraAeGs!%@Mj
zs+t;+mzUQ~mvsuvMBRMp3~O+9v?DI4=z5H#&f-Xb0otO3SrvjcZ#Do>i%&@*_Xf?Y
zFF`hPh$~c!4%ZwukCmW1;`ZuseeTI#SHV$g!KQk4_*bpx^le;UP$oOTc$ikuxYryn
z4}>23#sCbMk<ro7Exk;OV`T*wq%Sx3o_;pekfW}t!hW3Pbb7=Z=m4sS@;YY)0!+2*
zh@f$Z!QIm%4jQk)aoG)>IH8Q`0=w*3ue4uWKkR_M3@!lY>fskxOPcmaeZf-C3F;Pi
zf!$XSA9!6Ra%wxXq^|#1x>fVp=CMO;z+$3IxuC19ZLaf3X+}(PGT$qVY4&=0OqZ@4
z_6qw+eXbr(PEJ*2Wt86*s8mc9o{%5Jb(hQXP-gK=NSL_5dgdB8bojd&fk)Q(tkO}t
zt2eN7+`_gu!$Mzxi0eG|h-D%U@wm-g-}k_#$<Bw&OdNPRLRszPqCHjsF$><Vtfatf
zZJ|9vRc{#k0&%+y+Vag(Y9U%uq}-L~ORV;TM?EW|%R0{ca6>2!L`6j@sHs&~uNI5H
zIh#Aux<3>0?INb9nBx$*T$E5bI8olX63bVk8X(l3RxtW?fIHjjJGO^EpssCDp$LPa
z+ZDe51Y+@XUoD-@wn8{XyKj5Z32lI{>|8_ZZ0p$A1&F}C;Y<T>2rVFkB5!2d&If}!
z?U!XL+hA1QEIpUoTJdM==e}CL%Y&FsDFXuo%mIvJ1wLR~)#0IvvcK%Q=EO*@e{E4p
z*@8%EJn$7oPB=RnFuRvXHf?k=wK8oROZY4}Z`B8?c=o@4Ck!^b78XLa;(Z9kpm-)*
zRae0ZWWs#PCn60A7UqMj<(rIQD-|WY`fw~63!kfI4NP3MU&C&a>+%eCeBa+c$JWwv
zT#`6K$o*bi+N2Hp;2Rr>%l-V<_cvtTK)Vq3$nRR$4uBp#5#iSfc6r^G%uWaZ6?(fE
zYB9baew$T$ldq-*Z<-o_pqG%nR0SRo58vX9`Ow+jm5V=E%bW*;Hk&jq5Gs-nKdDQT
zo)zIW2S$+`Z5D1ox<`aN1(T$1Gp%4?mU(VzC$5g(g5G5@N^fASh(o@-l1c2~6(u~x
zKlA}uSdgLGWQPiCzcZiZlyJp$)v0rJ)5PwrIwdOJeBTHvPOGIdy}iAAE-}KF{R7rV
zejAuwR!#{D#vx^|`U5ZqYPZQqNTju?C@a@&!31V#27OXBVpHW7wQ+6m=$AxlsHz%{
z!<tts7BoH1WEqqp^eh-$%)I-%YqzG{d54ne#lytdBrhlQNX0BqJ(DbiI%&K@5>nE1
z#Nq`@oNk&I5b^2yvol|pMX|B5JD$SSCm}9w6y#)PMjr|1zvz&-y{i$3gyw2}lJ-}i
zHVRD5&f1U|=>Hm)D4gqj_w~uii#~B_DJkqgatk#zHWuvFEiNt=K7IOhXKO137F?~i
z*Jx(LRInVdGh^;@o|}EtHU^KNx`syCdoTrVcW_BbnUF{}5*<HYBn6MxP1qo!-n=!Q
zy?Z9;<gO7sda)AWq-ze}%dIb!C$+Y=ny_w}Mx6ff<A+gwa&j_pW|aNIHl<$|*{iF)
z4eisym^60oQ&V@XK*O*$qYz~=M>S8YHSVT%@f%o0g>&&osLo57T|8k?6LbF6o^1K(
zF0LOPp(~pAqlRMOu)_6&EMk%&{PQ-*gKiv9UaDj$6YjntYIbG~RypmR7<91(4ZL1S
zp4HFsl`5VAy=JkZI9*W$%SDPh;(jk!80jjE`bo5bFW->25}Jv^eGv}+RAadk(>hkV
zpy~DoMn(p;!AuNkEu$c-g`#X@n}0L(nEwj!E%U8UVmo{9{719A#p6Pj<vDp#1W0ph
zi+T=an<u^Oxbg#Bzo(qTM2u=~0@6E@Zq)&ISFAS`crU)HzCd2eDSK$^Rda^$>x--`
z`aS2|x|7`N6;aca{*1oPYT#Todg^P+CXDY5AC>*|>C;*bwa#zC?g3LR3V*Bq%@gZI
zotX;cCK>EOyL96QN@)LKD&9QyfZT9fuShSv;e}2@Cmco7<CEph2CJK?11$SRlx>C_
zYedQf53zHyu?S9R3_>|(M#PB-glPUHnXQozc2zg%K}NOLX|*jcsoI>K=*mYl7E}l|
zm2{S!vG({zs6xe4IiY*#Zqq}<$n58gqc2(ZvrC@KovR-rbdl9l)I_4$w#V}Y+SVD%
zJjXYLDc0lJ$J4>?>nw5V^1W*kBe8m?%2vL7K3vmK^mt($PP*O<siM5YUDrwG1FCd#
zlMPq58{*O>H3c-rLLui^TY5K9U;WNJ3;NZ;?FJmEiQ{-=A_cEGymq_|W!2x)BTBR~
zIgXDQn8*f`*osE0<K8~4^HZuDDQtaWsY$b$ZZ%>j+<D-TJ0VW%xgPRqW*}i?f}tI@
zwsvuQpfYMi-{qvJ^ZkPSMF+&sRDm;kb*c37^{fzBdnVm2l6;TjirHRTA`*2gzEz#C
zINK(8N=hnyxDdiy>;oaPgDutSZ^}N2@^f_$##?4+=&|NGYU|-rQA^pH?Y5S@P7zCu
zref8lM<<~Ko`k)PE0&L<Vy5v-7W(ShULwrS9?Gn{(K^I@9M*8&5VL-IE?u%OOMOnl
zaqT(e*hLg?tM-uy9~k^^H*)2nB)Ca0k0WiZXCgBRU4_aovmfM*o|G>nwVueTZND6Q
zLZXLbx0Rdkc#)qxs_I#*F!rWJjm+>%^1&^o(Ay>kgH@r!#678pYQL=gY@n`wwa<(q
zpEN3jILK2;c8X6r)!5HoIP}$MN-hJ2?*JsmmmuV5Q%TgWhGVtW38-}@#Y%UW7wWyH
zDPnEAP8uY^d#!T83g2xlMvZK>9<;+>CPY-sh2nb#+yt^bDE&oQd_Ng|%J6CO{R>FU
zk~`Ec2vt{W>m^xt)=t_XHa9Bb0nyj<jE|m+V_n~VNw)w%sAjJP`*1&9aA?@w^nT_h
zOEMO&B>pRC7*9#0?dl6lAEMaHxL5V^{iN56LiSpoUgXnw`X$HmzkU$q!APcdZ4YYm
zm$Nj3NuugJLQY?8h(5>Ctd}L2-u}>zrTRXz{tYu8Aw9y^KL}pkKWn3tbn@io585kF
z<A;tn_^v27i<s@+IX$K%6m!?Jyn<_ZLX1jr5=-Nx+Ey!OBD$xR9DO@O%C<e$zUq`c
z?=fjQGMpBI*e}=Sr|?W^^*<nT!3e+oNwN&;Mp1A-s<J5z=PWm7Ww&9!%*>YV#S2q;
z2Na=mvb(G0w%IhHzdj-6p?jtoMwuy$29-m`kuHvIf4~-@5RrkG(~<i%O5=pPzgeWx
ziI{NpooEf&(id4_SY<)Fn(b|E%eFKDQ4cB?b6iR51SY85SMR=NCi^H<BOvAWp;?De
zi&+d6jNT%YUwPvX4Z}2%Drl6-`0lYtXYCgkv!<#pb#d$H?daNBfaP6cAUn=LKfq@-
zhDfOM40CV9%VW(10sUpoWE!%(V~Q;<=ii2stZJ3Bv+vAp#3<2)(Fob~mwJ1O*2!i0
z42$CjLIvD1GrIgOM~--lebfYGWsD;k&lNE&+SB6?XfYdNFt~!I=O!gdzieOWr3k%R
zzNdsLe~w<D!?$L}4Ko$M=TW0iK*tc(h;FS%iQ>Et@4`@he?u#q%)v~hl=5INUNCu{
zCj2AtuXuG<d92I#>)VFt+8V%|A7wtZ$DqtuP{*BJT7G)|7(qhrp>1iXVP~B-vrs~X
zhnTnRfuZZAmqLZJj~)lvKQ7wKD-qgz(8PbrPxS?c0grx;sdYS-?OV$k{!{kFO}zub
z?keoZfV)qlY3u1MuWJ-BUGk=L2Yp-r-uLgOlDuOoEyzZCca3B2IZr1UK^AGctIY_m
zoOABQP~JAyv*+`_KYZVN*d>2Wzc%fpjY*Q@?-{cSAKRIvN{`0h`An-5&Ty_0PKem7
zoH$C~@uvT!oO<U3EUp&9dQz0^2~tbbdE5BINi(B%^~Ad(<b!)RyR9A?m(=767o2lx
zzfucBYD)-3C<J#6NtnI8ds+MkTQIb&GnJS6vi9@$UEMmB_eK_8c^yr+E%Ssem4%?V
z?|j_4wN1hthc#KiLM$rj^!u`GaosgwwA~o@*8gMFRd2~7tV;3cZ|u+cJ?n;2RI$J~
z48e+1e~icU*wLIV%J1^FB(D7Jhx}oLo=jr-=<w(7g};f!CAzJz|8GAu2{W^YoPW;E
zKYuTpA0_;M=wgg_gv`Dd((tOcFr&Wr$RCJ5<3&Lm$&=E#sn_RQJ7RU&ZGj3%ovsKU
z(iAAP97_@EA{0aY{u206<)8fDL@i#D{Nq2Ih0C0Nk@zg?=+DJaBFIOh^N<xe3Evs~
zROmhz+>XP^EVu68zho{SxrP7pUvZKX4Ivkd${olx*m6Y=-}HclPCj(RnasnJNa+ct
zIIS~Svc(VK_TdUYIeNs{YdKS3=%Zj|6#<?v!-AvAvgw?!aPhQuYr+xB0kj4_HsK1i
zf7k1USUaf&@Eo3g^YN-A$}>t4e&8i2)wLFQ1O)M*dAJUMF9;5&&7}USU(__WlvsO^
zdI0K8K3HWrL7&fullJn#T(JPj5G^wi%esUG`7>wKfZgnX`k9*V;Dm_<e*-ZgZ{t-^
z<t=h}W{?&W!0=R%Z{{==f30{ya1ofxl-}<U@nAgLq|Jc&@LkCC5Il#f;CNYP!C)}y
z8sY~~dZG$KK;*4kx4I!=O%J6kaT0w@v2gH;08kb&qK}M>j4Z5G{JsI;k9hIotR0*q
zcp2k^1Z;I~K(5^g&KO#V{E1=)vO{GXj^^TI2HOn}BvE*km6iFYm<>$7L6paEa_%nD
zt_N}od2@5K30dRu-3tznSWFrHq@yRnoS_QJsVdB!nm5U5X?ZW%+Y6MPSfZ3|xD$Ky
zI0vy0LacrQ!ZDXJva<NEyzk~fN`oL<u4{)h(1PZg`BmS^%-`(?*L}dka2!poJmeUr
z;EXtkTs<ZwA>qmd2;S<&)D6+4Zph5^A{G+FwF0xW@j<nHmjj%U`W`rgCE)iR0|M%I
zK7URF7C0~9N~8UyOAc`Op#u_jf{S%fRmI&_W*r0)cV&96%()|m!o+&lJ?VvD5X7Zp
z#(*v<@yyH1OFzTGp#)WB*7$gMJ#boCFSsasAW_!??p?#iQ!}OO;9X9KuPzgYz6@4Y
zR*MO+@hCcKSo!)&?S@0Rv>VRTL1Kcv$l=4F&J6~^t#O1&#W9+U<vsWX-ot3^2#T8n
z3~~YrFf#?@u{wtXD{cP1WYrqf?AU$CVD`ZG-V6DVUdTpi+8Q-o^IMG%h%NLl2x~lW
zB9oaz(ytRWF6S1AbhpdJ3_PE0Y16*Fw(|qw<BTJ)@CzYu)CXm!gDuA~=i%(4XAqZK
zumrayg8C^5zv?=fIlJ{?l-N-7;1^;fAzTHns}Bg2A*|yZO;B=h;yQ><5-L%olx;i`
z62{FCo%#${PMs_dxVT7Gr!n<{=wNFuL_TllKH)Anv3&t$hrDJJ8t^bdj!k=@JNX(Y
z{Fd=HRkoNM8822Ml`Hk&LOeL@7(Hl8McR}CBw8l8V2Tss<A-LDq&fuU^sZSyb|Bi#
zhFk2qoz=}iyaEOq*X_)J(&v?6MDN4NE05qo0f6Q|JUkSbv66EowVugp_dsmyLqq2j
zg1;N~MM*$2a%NkarHGi_otn2cTN%hrNl*lpMAgbFM;1J_@NN^7sMs_HaKNFRTCSeO
zXe68lRwAb{-zdDNb<Ci5a+*58tSe1x*4WY26%PrcczBbH>y4Eb^Pn`Ofb50u3T25$
zUgk?1Q0r9T2UOu@QiY5NuE~VqmD>x)2Aqn2=3Tz<esNJn(0teZlWQzIZg8Q}Ck^-W
zLlh0g>7Xw$ASlRf8w@xPf{L%d%3ujR)@KbCwuKV$pg>qTSl@tSNE`xph;OdV5zu%(
zJdNq7kU~UNbv$PRiT-L3BX>2&Ad>7h0QV`P_&#S%?9Ykzb`?oC#Y4|h7Srp<E1Rnn
z9%BH^lc^8p`5coh9JR`CTtFDP)@S#~O0!?tB0S9tmPPhLLfg4;axhH^5q*Gw%pjID
zC~}PKb~jAJtDA;a`aC^OQBqQNk2ZqYJH-FFC>(DTla%x@h_oP1tQCucwC+7T{Bf{y
z!~^w6K|#R*UU^aI>f{pM#wUx7jg32T5y+9sGxlq@I50(=ItQi`yYi_Q4o{1VNqi+M
zsP3@LP`ZJ4)*jbV8dsK=WcfIdkaY0sa5ko}1~4w<_7;CE+B?=JylwKs#InTc+^+Ok
z5_AR{Ppr6-$$aObZ&n$>3$sYAT~fa0&wQ?U8~N_n!xRk-Q^p@Vk`TGbQqRLW9dZd~
z<b0q^-^s1t)we(R+{yS89yD6BX?yeuqkP=M))k`3=$)`dpw}4p7rT;&RB`k#1D{C+
z0vN}~N~9B_puLyAOi`z?`kLysMuRsX;|^CCDkF6f7WC)s<Ak>_tms~>rbO~NFbdqu
z#C>g!u6o?j0A!WPS8%ww1@1bIp(4rAw78jr<-rg-$OlI?w?oEOTO6YW2Ik-sOcC{`
z9(N2`S=)Pmc=txE>C{veqsGM@k0>oGm{Lo;7(PE<H9wd0<=D}_>#sNmZ~c2!Ts{^x
zB<c=C2?rk+&E-vBv~1WJ(^TmLJGn}elC+&KUv5H2Oe$=hnNT5-4!lH%`UE)+4o(ll
zIxuaIVL$i`j9t-pV35-;(&^h&akMuR69|sip4g7EzX(~x<%?A=q82s$v5WKz^Hrlj
zi9g<K&m&0+=>6mdPq|#qQ))dh7em}CiM5sOtIIIW<}7H~s&cTNzPdDF7ZhEo1b34M
z4bDD=iA$yvJ119Q(@7Z`1*1`qof{OrNdOCNamuz#{R~uTsUG62P}qP(DOlvgEC<hS
zX;e+eklA!dNXQaYMM<&NYtVOF$#GiGKJA~UWn(i~!heVkQ@J~T3!6aB(5Ej_eqC05
zaQiI4vnoCmy{~wvP*|=~7RQ9-MMXudK$o>yyJNo~(Ay0)hN+>j&hZ6W3U#qb7q^u$
zCh3x=A@U3*Uom7yh7?KX6R-mzTw_7ezpb7RWmRccrJ3K%jpJ5&^DL9U0BX~`&fVO{
zB%JOmB-he9?kraJ9^1Kl9t#VbPfJzF#8X={{H%Nz69@syHHsJ%CE3L|_)WI~VQATs
z5j+8deTq|qV1u=0I}_t>*aLRvCD@qXLuPXMZtoh~%u+WAskk>LoQ_wA-Cp?}rGdSl
z3}3-E>y-`XarpH9^KE!-)b+5g=mgZZuQ563JbTOjz*NUmzvB-uW{6vL{2H_-IDGV9
zj?alXwcdyBBqk&r)E<HKutX{nA0g4Hka54M4>76T%SZYS5qap-Q^7RoWnwZ}Sf&%R
zWWDp9;V3n#^iR8Vn5G7s8%$`TBUq(bOW3l;WI2z2oK;v^MMVvqsmsGpp^oOEh3*cG
zliyR;W6gg9+c|{T=da2c*`tmAfMoR8XHdTgjE9x7LPN4EvEUyqHGS1b%C=$u3#2zz
AiU0rr

literal 0
HcmV?d00001

diff --git a/docs/extend/images/authz_connection_hijack.png b/docs/extend/images/authz_connection_hijack.png
new file mode 100644
index 0000000000000000000000000000000000000000..f13a2987b28d70f81bda7096a54ec479f20b2690
GIT binary patch
literal 38780
zcmdRWcQlrN{5QHQWZa>Wd6P|cLS$x-WJmTWTSjDrtVC8;86`53k(E6|W|FMz>~$kq
z;dx*6UFY}5^T%_Z^PKaX<9p8c+}-zeeXh@Vzu&L%z8+mylP4ymBE-SLAy!n7y@7*+
zrw0GA;-7#|9MZp9<KSR$6lJBfJaCs&PQEAqu-8&2vsSZhL~%Vg^fLv8?EPq#7i^)S
zjd7eF*JP#qmF1(JFxG@>Nu8EL$=dljUBrC8qOcZqwAp>oGp5>Y6`LFzYZtTam6~jq
zl(O->Yv}U0x4<Kp3PbLf(KrNAfB)?;MRi&evS4t@{`tF(VoUb8@Xt4*{L<iqU#Jfj
zOp<ti|4lY~`Joj4{`<uwIr*KHjpf3>S0Q8_JNEaN@t7u9aS2%^r1;MNd*kcE>vaFz
z5`!y2a9wzpAnfBm*HrLpe6;=dC}A)=ihhkB)vv3_{WAtU3bpE!|9-z-9X{|4FysIC
zNnSWjiBAaQ9qex>ynipe^-RF}iRHnK42757b01?{H@w+Mb#iW8>t~h;CXy?v@!A#|
zE;Mf?No$QjeRCr6Kf|fhR%So)ZE^ao@hDl4(_ChP5&vrOXw|)at|5biD%S<G?=BPd
zxM{mgLQ*4T_7NN1$s)0X%O2tcflqOQG!>kSd0{MB<if7=QDVE_V?USN(G+o>3haB+
zu?K4qm?#;BPH3G{z`Q2VdZVK%dT%w4(xM~&;%j~3(skto?zsLpx&}HtpZ9wV4(NS%
zOkdSl_2f85QNz5RfcZRj{IUXOfuO{3+z6X~jm2MKO~P^O!D_`Eiie6I%FhvxCU>(d
zl$|lO9+v)9us$IL8z$#QX3X+XvGUuSr51<3b{*b+Dq^_vIU~C6=+MB(bLI@YUf~Oq
zI`7?$jrCUgs?65z-dFN*<!sj7$uZowM00ctQWK{Wrf!)y*BgW@N-w%BeqrA#?1<w`
z$WTu+>bIWjPD!8EerNH~Oyl8BNWO6$H|*flr<}TKpI@tT-lk7%*fg_D^WJ#G!72ZQ
zhC|$g_&mRCzG1~wyx1q9<Im`VQp7xO-2XApu)8^z@Fho6IhyfWhHin;;(G&2+2%BN
zv(S9?w5u(dUC%G;7716T)oi8JVsZxOf31u;j#g&w;SxE~>*nccoaHfEc7Ig9x8!xA
zC@7Ur?a=r2^(cw(Q4WjYp<?Sui}t6A>vF~pgM|&Q@z0qiFnHWl1j6Bxb-o9NjOj+j
z);(o;w>G|i?BD%X;X*xk+2Px~QXEH|^V@Ejx}Im3Iuu5Vt<~eWuZ2<M^INuO+xOVQ
z80|A8e1E-vBk7N~zM+<OwFY^@Md7m2nvHf&x#6@2hx+vHo>%B@`*f#Vnd303ey<Vi
zU>;0#-cUPNOQTi5y4&vQlKu2>sck;hC7b3B`MJy9J5J@w@I%jnI~@r;Yob1TCDB)r
zc{-f$eU;xBbjsjsmPtcE{ss9bly2+gDG^kc-gT;PzbrqLky8BFayzs&*edw2^5}5?
z;!^G18Kr3s$E~$*6~)dg#t#lGGf2M+%<!079DdPMKR+{>+VJLfZ~CI1p<%M^Shc4d
z?RzOawF{Dwu@7ar-jJo$_o++Rch>d_tYCd%l|3GfdrT8ocy7Ml`wIKk@X`gFFWDM$
zqMSURS4PTb;3@FbyCSGBTm0Htm)j$~x>G+WHwF`;u^&pVUu+e@rT<QLVufHf5A$GY
z^Q(d5M|jMf#m!GLq#xn85qrO|O{8))KKAu}C2mVPaYRP1)g=zJ>PhIXBvy>}WvM6J
z>3f|sjr~43tQgCp*q^K2Uu5jNdo9)Hr+%sZ;k4uPAD0eahlDInG(229q!hdzWj9u>
zFZYCoJ<-{72W#qo@7nXa74PlQdvPa~jkkY}ICfOJEoI0)BHN3a@yZ_5J9~I^@@Qw8
zG)dSw-Fttfe53Ic52a$3T8fR`$;#7h*6qeEscwE*d6pgV8w17<ax|NQiDTVYhCNxP
zuM!A{`1L)dS(3rCij4i~?csIVE7|v8OLt4P{}(Z}V5x4p-O#%ehMSkSNF{!K687C*
zy`?)`a;N{Yu}8Yez145d4PFmL>)%-X%>A{|!P9bi&cq}6dT_zs3pLogx-*SUu0NOc
zUmaGtuiTxaz5)kz`srmyqYEoRr_P0Y$MYDk=E5<31LuUh<g`w%7JJ;;v8zvCt+Yf?
z2M>_Utd7+fq!0%3apN-`<Y;CYevDz(+=AJR$Pc@}*83_%l*BRJK@+n=BVZL?NoT+N
zqfdQw<L7LVqK%M49PdhE5**oPVV9+^7pJe*&ZT;VPme9Gbxl*WS#zLUtRgixXS;~U
zZj(l!lGXegCcAqJ^Bx_?RUwdHj>wuEdD{_mRDM(phX&uM^$Bh4wZ~^a{#+TcoNkF|
z=k(XYTIdbcY>(N}1YbT?Jc{lK^dP1z<1u{yqRjS7Hbdx2Z*b)qZo@$~8G7~3Dwq%-
z>z-8YYxVn<sVN~IugpG#ogZVXx=$nFYlscd&NtNeTy))IQGJGQG<=;!jH>Y2CEHwK
zULTSo3w*BCk@5o3z(h(HYNt=tjvw^qGRJ)~j~24hzORl}afs}lU$+{bun%}yH+lRR
z>4TA+P5kfTU+k*;i4W3=jV}ApH@$jxeREsjOk2%&{c|27rErK99XC=?G|G^sif%Q9
z`Afdhd7EM0`efatK4neBFl6Eek%mc|oI(3j_TxN6Cz+J3#Q9f54yZ_J6VF=BzOY8A
zc~J#Y1cwJ$)-Jm2ZdkrzBTDk5TFeev7wbvdE~RYdE8gMH>K(b6ZA$Mym}+&^ef672
zPv6uV)zou4N|AoP_V`vmiEe+LyY47(!Fc7%!0`<_8=<kqS&{RS<E=MM?pJlMzOPHm
zkz8f2+BiW%lO4RktLQI>r^ak@z~pRWug^n<mBuMjC8ieAN++O0cgDzkBc+>yCDPXQ
zBv-@w4eHN!CPnnk^`u=c+iF?p%i6NKKIYTU3R_lAMCX)X<FTp8q>-8PS;u*fSBnlC
z`0H`oW9vPiJvnN0=5$_waqjLarSX}|O_Svbl1AHZ1q^USxl<*bC_D}0%$;31{24zs
zur7I3^O0$I4=akCX#4A6k-3j{#GE1~4{DIcu(Y6)k8$wQx6oZ3Jau`8yH^i)rrY~o
z){xiIwTvysz%e+3da}7gKq7X%1maK+KGi^L%pNT%`+=swxX*UV{lR&Dz94E&<9+kn
z2_p2xIEJ;}6;!nk=T1s(plvBP0!-ORQt|Dvvt7v|nrlic!=(``8N=__YWKtQ1`3QF
z?aYtic8Poae9Er*I(zb~<nW`VF1%)X$B4ec_YDfoY8aT_^UvRu+70oa=QZ)8;4w0!
zrMv3=o{z#_t<|2)i4f9u)(_NDG#j4Y(X|oBx&y1`x^U{tY9$!nQ*<d`$G6o|L~}B*
zCT?qEw+_rhZZ~pF9EuqpTx=b8y;bF|t=Ri|Z)>R|gx;4eQED*#+NlS{*B4x`V!0UP
zPB0RT?=V~~6<=>Aw;?w}1v7jWbz8&_R%TFh8ZD?h%<VS4U8<FH!{!S6k;&JzC$@Ws
z`)mE^i((c6R-I@uk6w~a*QWb&h44(5ic0*K68X$6jt&nX9#+K;>gn*}o;-G-a=dZS
zFa@fEoXH>e#ysU|TMFsF9)A_>XHFn2em`aFu{hqWzT08`bYPMrsTkIe?@E?JG-FF8
z?|mPZPRS~t{W3h8)QG?&8LPfxEH-~->ceC1PBrQI*xjJ>R`=z!3$6NhHR(Gu`j*BL
zmmY3C#x@q^=@&09dim7d-^!)F>|!)XCw{-g`Jxp~ne9OL+k@F3aU9xrO?}wy{rO1*
z59lBKnru%J$g=d|eT8kMfAB@y`S@owLu-d~WqcjzS$mzEH;VbFrix6hURz5nGU;p=
zmG2pJ<(~Q>a0cIeGfz}p`3w=KR`!d*X@RN-N4}#JwXuG$@IOs|*Hi2WJ1&jW#7Sus
za1y`iMCgGOhPRsJf?W7@eTM8k*o;I>1{W@x*$CMWGmTcdX%;UQ-rcznDVDBtIp3f>
zKbl*M`u0ftMS~2P5R#ZnwmO%X9%<+Eg}*-bLPOp-81t>5c25awUk8c7X3M^L`GqP3
zkGlrfsAW<ho@xr5om`O;!OojlF?^MfzJ7I)jDu7EUB<6pn?3EvLbb<Fj|5}f@^Awg
zv^R;~BAfCP9g#U>&*x0#sxILYo3y?`z5d?S#8iBL!TZ_#pL(<~;cpl5f+t8GvYwI2
z7bJ6H^cQXuX4MIIW5gxHs^O%cXvCM%*?B}PHc@KoiE0)xedI5Bw&}~jrua{ML7OiM
zSNE3%`klNNc-19C#i{K02nNX~?xG;q#iM8xO@7Sxwm5p0I*i_Y`!Z1P&GA!bDH|qd
zjjQijT+quYB(LXKhYBmcN8-q^|G4tK!~{otujBf-WKI~|`^hwe?0IAaJB)=;uiW{X
zmo!lCN|a<ud1{Q6iooN7-{h@Mo4(*jIB#?dzE*j&;*u3&>M2=Iv5Cpzsj+@~?`*zB
zZKIc^(4*AoL>s)qTeSeYAmjGk`>dibd=nWS318}b(G;%I$(RB4_aOO;){m*AJu&~F
z3_mG9y5D8>-@rzpJ{2b@R-8VS`Cnx75I*q_K#K6c{!G*%<p0m>G=7w9ApRGL6tYTA
zTJ(fiEB<?B41Drp;>5p*2*%^|Zmy~LKUYS-aN@u2^zdJ#wG1$6Xme8k-z)RtXYiIu
zzt?yrN1UVmMh9Ox{B3$LG4)vkVs{VQb6k2Dm)XwfyEE+~)vxnXFXOo_eu+LoOyzNf
z_LK7%Dek11*(tn+YWj=s<{0Qvjf}~)2R{w&4433Y=B~R+<NsJ2H)cyFljdH?*Dtk+
z^Zq$xeWTc_D}ysog!MeGck0yCQ~*n|hXj+p?g!bHhFW@ayqi(f=g&?C3jJ6b;AvAe
zb;saL%DSAz^?2q~x0!lRr*6l9I-!I49Je9%az&48HN7{Z86Gtr{M0^dik$~VIsN@O
z5ozqdOM)Orb;fV7)PJKz9!Le%ev_vEd_aap@TX$n{=YLf5d^Drj#o_O??sZtONF0_
zJ#tF>cQUJCdN=TbL;kZUvG6n2)2siv|2aUFM)g?Uf7i)_41UJc=<}cZOT!L0MM=l<
z?;sH{nkxHV{onf=;a?Z_#BFN&&ma*<8;igFpZlMJr{yv6Nc?w@Vg#}&PJ4jHW_IV&
z5}<NYsB~Rmf<=XeP)*`95B^r;HSqR;m`X4TFm8qKL8a(et~O`sgQ;eMa#zKo&Cz?~
zAEEY(Wwf0=KZAlAIA>M!Th(41mp;EDz?7$K8q%p=t0KES4-Uy^C<etGQB*>9*{hFP
zQ#~3DV*DZv4(e>+AacxgCJ9{K^xByWiSW`MFV<ND)U4sDKRT_D#&4<gF;%<@0Gs@5
z*Yi1@{JA5S@>r>F1T!v-q5W1mQcO{dp`JmPI78C`ifRUv&~k7mC=;-Hzdt<OcO0tq
zsY1$gC|$V`)JwtMII>)7JD~JRE&`Am`y#!hUPBQ!l=*tKhco;27k;@Ct49EcIw0J?
ztYzv<xuScP+mKE5nc$<rpG8yt<n;-)ZcATtcp?B)RM3drZGJD0*RxWmi<&;t{t$M?
z{%Fk?O8UE-v#N?IqNN6xy0(SY0O-kgr;2j|GAg|frGq+DNb~N*_Y^QW1hNsW3n}-;
zqPNGq)B#@8F+WAh`Q7E>9u&QT_j@{TtdxGm-OL}Wqa&PsP#1NqPq#Ab<{KLIp{7x_
zFFo(q1w`{~hF-+usreDJakJ5-;!YpSE>dg$+TC32Xaby+0oncCy|uBy0J7<~K_<cP
zJyuEwz8obc30Si{Q{X)`t^pL+QWLh{|I23RT_%}orczuCRH{||1KyF-&m3!a<vca(
zcBW1#0#2=$2|5~jS#n*RReFde{tTsmHd+m>2t`ajnHaT@T~x02n@SBfK>B$%OO=R6
zRG$lVEuFlm9M2WQs!rEXcrpUT7>!e%gU}|v2YVlZh3J3COg7RW${Jn|@stYyoOUCD
zDIstYFE{F0xym!@2m_Ajk9I;fqI@<!vc|A$veXg2HLj~Ix!o)60Ki<#&i58YhOD<5
ziogP8O@4;Z^yl)>-Tj~TTez^RvMlcb?V-x+@Whdgvb~u9P0`Y+bKGqbN4x6mI(dnA
zFPPuXfJ*=F-j6%wT)bnXy<2l>50st@*?$rC2H=z_7eR%mTVD2r_DVaT)VJ=Z9|t+_
zkNfVcrp;a<Kn2xPJ64;Dg=2?4mATBR-5IZ~p{i}T>@H?#+n<{mT;xV|K-X3i*>ik#
z8aD46F(`-FA|(#rQ;9ZzB3yOzxT`T{9x2YU^KSYM;6E}CO2RW78Px=B<aD7>-B&Pg
zZ5PkFYY;8JaJ;uN%)GVOPyTBSH|y9*5<S9Gj_Z<Gy{QLe`9ZszM}%}aFc&$8*OEtN
zNX3}|uV$)Gv8ty&1(GTEXf&2pJs#rpZgopC&QYxC`?|c&aiK-q?X__pT2a^QN38-D
zZJ77IJ*nckMzACUADcHt8uoi7$pxr27?MkPrM^X_Fx)=N$YxyY?fx;`Wrr1S@>oOA
zgQ<e*jj&;PyU)i+#V|V)&x!e16e71Ln?g<nlb&|j_#Ug?4l}3q8E6S*c)%}0bS6%w
zGETh;m_!sdl74$Wj#D?>ixjt(@?G%uR<t~w#<l?6JIe0h2`RhqGRZZcP_A$L2!{l_
z9**xVR1^FAZQFtTizi9xv}6``h)mm#7wKZp-o64fm=?e!7PVwHKoxON$|)>-&a_<o
z0<4tMnFg6IyF>4<oeSos)MG4zn(E@2V+=|rlsA>Kk;%jJgrghq!nHYW$~Rzs2a4C4
zvyUfbiI~k3iKp})B>lMW|KSmEb8lV&cT_G+J;?CQ`27O_D+O{~pB#u>E@Y2x9#w01
zSJS`EmR;x5rBp$wrA_DqWj85(ceL75;Drjr6KA(kh&*51E*g|+?YBnK>+U1f-2Phi
z<`aWjh&j5gBc-<1G>(uVMSpe*^iZ}I7TNT3xK+zX(zUDuK7V80_gYop$#L5YgLV(K
z3-r3J=Rdv7KRnn!N!$>6`ofn3*j|()Vn80Ie}1c1B%S#NjtM6>clTBksl@wR<+pno
z<GQ`qPE3zI_|Yq`jRZ2cQHbztn==W<I<4h)LuNEyaK`$Jw#Ofg3kOF4|B*8tDYg;n
zEEd)C%vpm`C}8wKLpP}^Qf_mqr;6o=pBJe7aa3$j?oa{yYX)JmmVPYsIiSRjwijX_
z937NT5w{FiAJlz5zybkN!F{VTBese~CGo|E$NGnJ5$36IfYyVRG%M~}4s0zAh^tq5
zk4{4d(%8O>@K@OaoyDrD`<3W7LPEA*Rr*iv+Q>YIl#%m90$YD<udriN<fTZWgoJ|K
zR^50T(`jl&=Od<cQ9jQ*S{}(*`*TesiMdo<O+=(bxDdznc$ZCuybW3|Z-01vj&m($
zm!|rr)x#00U<NTNg1{KR)R(U7Q`fY)f)giwvJETV8C;t12{6qjivQ$AZ^Tjz+0Mu2
zTr1zNS1V&)YueAT(ha;{-re7_*;1vKakKK83_AC8Zuw0??Tse2S(jgV2azYLgAz4P
z_ApfY@-|l?MeA19Pq~A&unBup9cr=U;R(eM&-(;hp5bT{MpCn)crJZ1N0t<|kZl5T
z7B-%<V)`Bp$55o?!Dv$m2WOgTm|J)^smMbnUVgZqB2+@~iujOfP5y!6HQ!2XcLyn%
zMBWl^0#ATxk-H`@5g+A1{w+;<8=?wNs;|D%%lIwz>;8Q@849Osa>lkKD8#~VGoh96
z;8flCu;5h)G>y#>WGbMA>e%=qw^9qWP7*b-7MhIihZg&r-VGkYGM@}idcfN}gIPt(
z+}8<q8|3W_rKH=O>!^-ca=l`{Ui>=fbZ}kg2?oDO^*r+s%yLHIJIjtr%TrQM#XL7W
zj5(s`v6D@~^9|=Td#<{6%pcV`J*#t_>TrHSBZAuImlX<rMsAxJ5#}{c)0(l_EPKJH
zZqa;fOnii_WBb)*x!${C9D(EkD28O;ql0@5_Zh~B#@i-Rq?ZGEWWrAp@hJi1EgSg0
zQ)VXQNYC$xyD)28p^DeQ^df=r)6u8X@;?^e6y%n6{<upSI@;GLJN}BGX1m7c&iV|&
zS2{jNfm~M=#;MZImY(4UcO)@924yNMnC`ZAOjNnUXzr9pUN`G(;@P%T&-r~tdU+M<
zse%d9z;oleDjfOLKxeIx@r$lCS1%nGduygT$zCezpiQ?X&&kp2$pwSPI}L{`{j2>u
za<v`w;r{qhywt-J9}OI9EJt4Ljo{T5btMV33SCr>@$18%m_(5hTa}yMCK}IP7xBNm
z@Zp@XmW=RBM}ls##OYsQFZAqR)^2OaC(bR4+@e32L8V&W^v1(K?{|-8>@;f7i>mfI
zBZj`I1m7=s;icw^<(C1EFijsZ$~8R$LjUQ=t9#kcgvrCjRyMHZ5jP8`l}qEK2Isn-
z4=hqdeqck=Ii)7Om`7nao%qeJPkx*OeOUGLw$CP-0=Fc*&wuOLc}*l0%plU!-@->t
zGX4X7Ie`7Ef8wF!$-BgTF_IV*`nf*?XQxhM&EuEcp)AdFrt>X!*xbgF5Dfd8k4we<
zD(N7?MHhld{Kbjg-TIpnyj%{-kJTkf`zDX*&HTiOQ{_6f3`=fDBh1C4J1eyQZ1rS#
z!+E~Bt;G_q!;)j`kBLL&rM<~y@3Vbv-z<;Vc^4t%Fj98WC>A4HdQxaikuFppPvbPr
zlb51-_)i9j^AtBXdnBsd*j~RiyD9k9sPP8Q&g+#9-etdfrM!nz3n`5f8&`ey+JFrB
zWmMQ@m`YcP{Yl)K96!Q@#>Wk17JDHVPWjTz7b_skOUoPH6FS5jv9~o~tQ+!U14q$w
z?Rm%7k)8C1<JvNL<N^L&KYQirbJD)n&kYOcv?p`xl%F<<Jd&q;(oe1-rf+hKO9jX8
zvZB}7b%WGG1iOB8=FtmcX8L(_#<yZJ$vRbIJstbR)4;YTTOms5m;Hs{Dc)v+0-AvS
zQidmIWJUx5j-b!bu?iA$hFl0H7_XhkZ!xpk3GpAdk;b`f_*u{X=R?w~Sc?fa`tga0
zn=M395L4egP@()<A98Bk3hk5><!GLLj!0_G_G_NT(inE6WWZs9fCq))ceOhub_we@
zMa|EmD9JX-@JRn9uQwgGi^_k3@?8@VbF+K>DgT#*TxxfW6nJx1eRxzgjCj2#J$Gjk
z`puFPqeFTw`Z^MmmNn;H`~J4`w(t`i+aKc9tL{gSF@}X~%)(|xN}aB<^xG>Vy0jsQ
zxVFu)o`lbv59_2uQDO$@wwoDV=EiStUOJ;Tx#Ep!J$C0pt=+@}@v}TF33lENyqX#h
zSkTLA7jRWE9Aav>iGnX+S16=W0^C^O4*gs4$D6UwRTEDvUG&pF##aX-g2BNmZM8mH
z#pC*<fg(`A{hvbO48D2Sl-qZX)l2*B$cHdcIQF^M-0GQT!of?l&v>v*VRSO@TSN%W
z*~q}{6QnryJFSsHJd@5J!bO{RC(CJyb}+suYTPN|Cp=Vz8I{{^K4RnRFZL!w=usV{
zFKBo2CTRt-Fxg7+TnnBA+t<Ftu;aYUn)7;?uIt*G{&e1&s8yQHRR7E`l{4`V>v_2k
ztrr=%Q*_Oaj2DDC@ZErg@@n;=<~o%T@xG2%i|E7-*QBREJ!Oj!SJa$b;bM<>vNDF`
zjc!ooeKe6No6wgoB4tkt>a)vbK_t{dDqXWQqORHYqN%Pd{wCYTg_|xcrER%qtX`PC
z*CbV595yc#s&>K-9-lrL>sI^7bM7FP@_s{wkd2sHLqmh%AEDDM0;k$W@AV01RV$f1
zOdiyevrXTgIOA!MPg6`Ew9Wnju1rxlItMK`E+q;FZe>n*N_Uc5Y0C&E=~AehoUY~y
z10Z@$!}=ZjA0!HR37c@JaYu!>G52TU+lWU}iTdZlX2|ghE*0RP!zIjeingx!^VKI9
zzrjz|X+AnNG#U&#jlBq3pI<ed`A39JmIXwsSkqAXk9sWp3=s9Js*t#Uv|%SQz__ei
zCzhoD#>Nx30W3dRrPF!xH|(uf1hAg`g*xxl->}>76)+znm0o%x|G;k6(=VLv-f%4B
z{s&P%VF4cC|IUC+_oK(5YP&*3#3>K?$<NsMUWH*pXN+f1XgwrI=E0)^4~f9+&Gf>=
zjQ8}f(3&wq?A>RAk7nn06p8@QwZoy#gai_O!*T(b<K{1y&T>@Rj|lDVEfu^f%Zc7O
zPf#KNLJc>Rn<PK@JAU-~O6UoR`aLXqyV^VZw->-k;<#TE{~g{n`3^jfPw|p^VrtPp
zOhWRjohI=<gs#{($GW4i>LdlXFZs&hEe+kSqsM!7TH?}L){crtvp%vsd50$U|11xU
z3M@}UN>lDX4glfDusp?k4@(*TrY@X#VR=s8BYE?W&_2Nh%hSC``Zf5U<!ONBq4_3~
z2Ric~rpB)rHkHU52|en6mggkUS$Cc03T^&bo^D21p8wMUspV;}0HJvo(1M<=(1`Ny
z&4ZSLfyBHh2E~~X@av-lmxm{aGaScj7d?QcVuG@ILmP^zbvL@C48_=%mA#TXeM%sc
zS^!L2Z+{YaY-ha>koS<z7I5)#phUe9JkM_t1*+Z$Wye{XHH%P^7bGCBs%YIg{C14Z
z1jyLWKr$j^hec<i#&6^gyqLjI?P?tLWrsEd*Fj)&sd{qd&r`3$_`Z1t+Bvp_pT7&j
z<JRI>4Z@SO4vv@EKi?58;M{{`bbdg}RZ_UrreEm^y+nSjZ09~83Hzn{AhLNL?#|6X
zQCq5d?jq|!#Ys@MxnOIZ3+)Do(gqAbCNRpME8T4MAs<r{R(UZ4!?ytiVh3kI^%O#2
z{AL`#!Re{k#2=!oK6adt;yRCq8g}CIzURhwjj>}jj&4S}Uy{{93AAjBVz_&-=eC8@
zf9J=3t<OFaXttl<8eIPPls#4@RZKq<h}Tq$u4meSBA7vk9r!r&n5Q;sW2Qs7%x)+H
zSV$21sb{W9UB$+~q_MXmJw-RB<5_9Q4Tm7@d)IT_yR)6_fNA1ruefJ(-7LAykfoj$
z55g&XZ}#S;x}GEf`LHvbEC3HL(U*;0b(-))j0Hvy4%~p;jQ{4fR>SW!At`msq%s0a
z)@b{1<0KI!MkjCL8c-RzQ~p2DY|k1%K+ZI*xSPx6RO!9@PJ_o$Eb0Xe_jBEY2N&LY
zHhnAC*{%lz!3<Kf`5d-TJ1QjcTV^;-Hg0@Y=J{A?+JwUUW;gpQZ}klRDh%}_z(Uj7
z@R2_Y$^vJBg|gvWvlCgcd?%0C)0od#bQ-T|00((MYx_ihgHtzzjpJq~#|S;D&;}?|
z-rJurm%iNlF|ToFth$2iJZ0?yNbvPllO5bf)$^CsLn*%FGB^WSm!p*vQ~h(;mZKw6
zIe~-k(t|_qh2hdSmVBC7YT8p>8yQ^<F!>z*#Xuf0vmj(y+frNf1sjDQ{kq0+;2%%`
zMb&b$F-T6$N(U5iP3b#3*hw4VQvr@3PPe~#=#BYxxK;4rBk06WaUO1;v}!#zCm%t@
zoFeMR-%ey<zW;M2cMN29*XoW55i0TfuGQ0fe*HBuVxD&qM)<jh+<kn(KPSHa0YL^P
zG=sr!C%%==tMj4@k-+g0UZ#g9>6Y8$IAgBdb4U_#d0lTi)5R-@-_r+l4L4x?8+2zg
z-d=wh0Q!K;qcC8S43!eN-v)a-kr+Ki(5yjx%Q}z^_q)jPX1;%nU2Gs)>juosq|bj;
za%K4E!S;9ua2O^}&$P8XcdX5ckr7O%2g-&O!BBLi09&(N)Wx@+ssNvL(V&Zvt`d|w
zg-2w}PbmXF!LSmj$PPfwj$>7BHIiymNfy?aF>gI)R1N#3D(+kxiJ0p|$o(Dj!*84u
zSMGdfDqpTY9zeED7=c7RvlKA&kd5N*Zp>)Pu+A>?Sy0$fOZZk(Z8Uy5zfn%EQn?&(
z{8Vn&!;_@#Mdq!jCbi+!ZxyeCm$BEo(<JJy=8Zi*$Fo}IIMyp;?Cxony*wQ$p<`53
zK6YQZ|IE4)<;I3(HtXVv{NahN;*H=5%I-T&Lc!FfQi6@s$JI4nN(cQg-Fi~*U3^Ce
zl*gwC&tNJW8n?e%rB2-Xax|2+sW5lwhf_K&smorVoq5|P1cr8ldG=I{;AyPAL%GB@
z;SS@^Zae(?kWc-LpS+*^-py!R)UW+YdRr~V>>3Y`##4A2(~-BO`!MfJ&~gw0<2L7d
zsCkGcO?Bu{&A^M!$l*2J<6U8vE-VwG9kfqirEAOP41Ul1D`b$4NOOT1-?hdyb@tvZ
zmgZQY&@(+AH29AY60T%I>L!u$0)JuT4s&wr(x;a)qF1(7*{NJpX1h~3HD9ZoCfc5)
z3dQfDwwL3I8xrKaLO1(^U`WoJ!t4WY^}-z}3}YcCaF}NH?79^ArCGf#XsSxBux8fk
zT6nLDq=8;Fzee_9uff+oSjKt-e)nZPfBeQKIzDytmT--ARmvyQonL^`?Jqe(D(!Dr
z9J#^`fD%vHq(1!w)~jEnN{m62SFH5jnvr4xcM27EGa2DvFoPuBTw!W#Rs(s!Nl`KN
zVP3&tN(PT2%nLNp0Wd$=49d-miNsP1l+T(vWl9K|T<k~6w3{5UOj2lXAZRv#uX)BJ
zP{zPLSt0Frsagfi$woQ=%J7X3;iieCd1%fPFL8^f{Wpz$w&E-?bsB|Ta$ywgTE+}m
z+NM-=CE97eu6*3r09Xuh<<l0inNzlBQ$#OLHM6A(64yeV*US&K8Re=E(KN=y2e>f~
zp<JMMIA*P|6Ad<BX#*-i{CQDL75cm}oS(9pWXgp1$1#Q?t1hZb)Wmbk8-bssqC}?d
zW2&!{1T+>AKTHJTI+9Fg(QhHr=oR6T@SUb-dT3%uF52t*h$Vne3lf}QwUp>ZF#*b}
zUQ>@)zjR(j1zdoo|H(&wdc_Y1ru4NX7b)uej)~5=`1ZF~va)MqHF5L)a|A|}U;&ck
zx9-j}YesvJB9D##M81OH5|K+fv0ga=9g7N~B+k_*y8@_1eeNA;F@y6TV$YnRgQ79?
z5}q?RZ8Dkd#qHvn#IF%aH#~$}E2W4`l5lH6t+PE%SZIRVup0vt{{AKb=af$g`dqBm
z#n%a$`1EuBRU`)~+3VfbXANG#Geo>k!!n6W7ABQyNJ%GwZL@0@TNg<Gh!v+qc}N_8
z$hfJXg!e<3nfcZ%tri}3593SVtk+P8IO9AMefJhv&zwT_oEPIphZNn$-gvoU)oby=
zKb4h}Lkub<G$$l_v&^hlFH#bRg8NH~jBfA}JvL>OBRnP1NF8J<z@_OIBx&BodyKTm
z*xgnlDJk(otcb~Ya`2y%7=aSjntP=?DI|AYaLNEkpU0@e`K-$_exi6&d@?ajLt|{~
z9vJx2IsA*SiBIC@Pk%q@CPsseWfFvf>mFX}y85bhh5YZ+AP+@e<W)p4=vU#Ah~Xz7
zkfp_Stjo-L*j!YYvs=EKPJ%-%i+q&@FWi~GVS)wRf)7w7w;PG%4`L+_Z++B4avgdI
z9*ME)NY9H5Uj(=K_SD)y5RJqsCR{Rn0oZxG_i!Gw`YSL>_EIR;e5eEwmFYNqobjSv
zOc6s!a9!}4Y1TVMxDYPXfrOOjc`*Ki7vRfYKHX<w_v#^H=WOGv-=mmK)8nI^g<-(1
zrh$tjF5MMMMB!cdl&3E+eQyD;DkcZf$S`{daxqSOcZ~_Hg$EJ=MR)2cjvH3U{38`9
z<NHlLH!}R=xM8oaU$;6BmyQNuj{U~{uq_z%ANdgf3S7VN9xmrU@-3Pj`DtdBUQgla
z_pS>u$)au?iXG}<{4tC@OhNUXzweBP+*y*fD6E0uQ`J4kM~@%Jf}X<tf(TMFH#o6w
z4A2NWNzR;JrZ2se;QYPqv~~;7(8qGKtfw;C`ihBuD~ghNfLOvx=^}f78dbTgTJ@w}
zgyJ*KdAjAe>?F7{aWmBw%v{bxbWZ^8Q+e;l0(nfFv+9lScPzSpYssM+P<`+XuNQr_
zQ_0~03t{!{?DKc73pYgEmlOR>#%q1rn_QrLo7RIe*y4Lz^k=Y$h=6Ud#CAZ<sx#3v
zIZf0pm*V10Eq>4vQm)*K2U0l4rRv^V{Qa#(#jkn#ncxuN_t|rGqe;yLk6s%<olKkl
z+!%=mzSE*T{1}g$<qj7?+R_+kl+gjn`C}sAD+*2>m8*O67hcgp39hjVnL~AE{H4rE
zsVm+y72w{>fw*ANovaV2n|-=9@*K#&?puO{Gry(pW`G+I#eV78>_N)U^x9s%@!rYQ
zbGfMXJHnE@*+uJ%xXeC<$>em5tDT2RA|C27joPC_Fa4VPrCfT2l2AvnL10e+yGwQ=
zTj(=DT{)ZYSHT|%#pZcLU0nWFp;`NDLs^Q-(Q@LM%Uri2R79Ded)at_)$uc!IT1DP
zX`BD`07{ukC{5cyLAU5lzgFf+C+e!uUksr=_o_mqSPAbB9raOnB>YB6a={i3n;DCY
zE|a<b3-pL~+dvi>50xbTYo1nQVJ1*Y<MF5uy|av)n+30fpw0jtSb{QCl5TKlWn;we
z|3G_WmAtfT)}LvMmH|nQ1)jY>i)&m0ycG?fXs3#!Sf}Els7@DChpHnMYMC~~P$Ek$
zs}GLZ?>p<$@tzA0(YBWDPc>+wtRVwr0`TE?nN>-VO*xg33Oa=5O5>$ytWq>%5Cz+H
zNsQQK$1%H-=hVpQo_H)tXiVUdiegN`saD0G<<`oM>ZKqGY4F+vU6ZP{lbW*Zoj~Y$
zd+-RxkCZ!hG(0@nkH!RlFBt`;lz3>t2cO0MV=QX|Y@Wqi9oyurYS|~NcfUiCR^YB7
z-)!HY`4kl93OFTNSA6;pU~z2{dy`p%X(u0jK6_gnv9+EDI;8g7`r7<C{LV|ZUy=GX
z6A%QFz?s!(jXiau;LPWt=A8*Seb1(TLGdy_fTC&xmMZrpmq!|QalEcBY)NVtP0LH0
z6=?5ba!HKska8-1!oSf@_+Ys1K^>o#bwWrv|HPRFt}De250CQ@3?J_qdae5W={%y?
z!k}6e7B8yfD>U;b5pM|^+g?2vF@k<;a;jk)D0cj*Z^#*pP_=vxC13!6XZAM9q?BTO
zNkfyJ#gD9MTBJ&1T<eW!D!N2Sj!&ySH*+y-ppNEDR>7vtreqo=^LWaeapJU<HBbUN
zMnoRmn8qh`;<;vz01ukqOA?)XON7di2~>q*)Uy=Lb~tQXpa}Z@mvzBApR-?zc_g7j
zN`W;%jJEcvh$yw<&q}f-Tip*1;7kApSC`I55TIQng$sa3I8m*2O>n~m8SGy^ks*9m
zoJgW6JuzaVbDh2q+Z3M*y;XT8sOb5E7Zox|-I?C^HB<TAOa$d6o2OSTcAq3>A%F*}
zEhaGa-2lBO=T=o25uMl|f6eZTa(>?BkdvYTJsRa%X}&i-lQ^_<nR>)F!#R!#tRTAh
zOpr7eh1Ji7>KTF_vW-B=<|xBh7S-SWZOeR3E_-u#hUzGEERwOv3NN7NHqM|;@3|2r
zgC?E$jQEV=IyK*?i+1S`@nt)#QG7;v>9|EUCD_xU@%!xFDE+%Pz^}ueLm=>g4C5b)
z@uR#%RPY%=xAjke!=R;2MT&*<c=(j9c2|C*ltGBL?_M>zz;>5n@WXij{!sQ9#GBjm
z*UJ1+G%7ghh$2gp&+v!rID`Yek#<HCav4eiC!OH2^6%?oZX&^7S^XU?(*!TxO~G3=
z_xnvR73Y&oJx9;U{^qr=KwNfr^#J|~BZXpA6?_?;s1cIn_Schw(MLXH4u*=yf_{`v
z5b<m3G0zuLmXqI1jF3F5iQ2hP$Jak<$3?(&(O=<=Dwt!?T-BlUzONCU#*Y?kQOomK
z8u;IF6r;A_t!fVqki9QJRrVBO^X{k-3#7MDRTx9j(3;&P0#qE1Z$7Gcj*%Tr<JRJM
z9<ZVj1m7IrdExBqiO_=~sYNz%{g#$HC-pVFm&_AAXk9}?!`qyenp9Rjpkb&3$8rIR
z{{%3i4`$4=BkQ$85A$|ZG;tPwjrY6f0NiX=OU_ekk66*%JTMDR6u2b)BDq)e&Xa|z
z-~|z$i2;>b88$OxF>c-^B)9*kg~LQ0r^$#y{bx8h#uP9cz)oEArGIyvX@U}uLjB1C
zp-v!t{0Qcq`Lv#uGG39A-xRx!SLzCj{~-9LD5wuQbz&qH2(F6-QCvO+H^*my;h`I?
zG?>uJD7I9yobn+ZvQS!NO8N%u*a-rY{m!a0@FX5b%wCdYurrhx3p?T76Lly|s*v5F
zBn=W3(Py9*NKdC8!Y6YQ!VLw_84UYBTL#%~NFl-mUy}|<3i^xv`v2}blAqCkmpXU&
zt@Gj0*I}+d$TS{<|DD7{F)N?de`ldsolY%y8{@P8Q@i!~C0iC}XXp3=#%p1r1)FV5
zV7GA?$Wnc-1IB*_sDhs8x--#a8`V@U50`S1<+h8)NNRz<DlE*w;(`K32){FtPlkm4
zYMv2j^hm0v+=rGKa^ty6nILzyy(dXO)`<Am?*7_wPGK?|1DgXipPS`1MGO^k`eb<C
z5i_ALpx#;ca3cg(0nvGW1=yw$2cTNQc&K7UZvBV98mjRsS2L?#10T=b?`;gA;m1N=
z{s{42yYhcjIu{Pk8GAFpu1^5-r6O34GN3Ntzx!R`FA59$dXk37(qLxcZbgQ1oiE}s
z{s@+pFK-QW-IoVn=HKZ}4@$o3a}!vEEZJAx10z+pXqVfI-lUzOcbwT2{_pNd50nIs
zrT;oraNiGG7?a|#D1H*C$k`hhk31ry6cFm$f0IX9V7qA_2^wT1;vu0DR3P4>6~C|b
z?6M;_xJsTP<qL3(mg`d=bo47}t31}z2gDefqfQ3)KO$$%04v1?WRaXD5RG%2zktIi
z6U-P6o+m2Jb)Vcixc(%GG%!8I{@eTBRl%NUziEV4uYIg1g`5^_ZT)jIUsKA9gI|GB
z^lv5PX%>F@4LnGM)jDHDG7qt0_CxQk!5x^7ogj(=6SNW>^9-;)@VhN)>4TN}Dfg|L
zQ4&OqQ=qu~jL&rTo@tLW+LS#|OBKthz6nsODx8u}8gn<m-hF1UUwuGk(?6@LdxGzk
z$GZ#7E^4e%jSFWi4&aEHg-F(V??SP}??8++(~S7?y0=8q7X(-Hx(5GRLB(<xK<A6i
zCiHjQT^{6<;;kyXa&I-8;R@07nVvLbdYv_>pzn=bUNi9^vP!UqcBk+EVO+L=P>my@
z6-_Kw!j|Pfyd~nk)py+X>izLmTA4)r7Wr^0us}rs<CC#Pxdcpe)NQ=ba~vA!vXZ-!
z77dv2_V|lSLb1dF1XBy3TSi_M44JF~?5+6D;>Zm<Ug@Sxe2S6hH$@UKsWAX?x(z~M
zTqx|<SgK*9TPp1NMmdAKTOns_zHb7LvCaqEtA}5Xue|Ws2%+c`j>ZXDOdjOSBZr7@
zP9W&;O|Pq#`igs=Bua{sVfGH3B#znz@J+Q}aRm#NewkfTo^hQ~>2Wh+nTJ4o-@u(h
zJfBeB=eoFiIt-U6J_?8CHYKF4aAFAVFC>=n6YDk=XB|v1_GS0_xvVjg`e1p{1lb;9
z9oT!uk6B4Zc9p{yk`Y@YyLiKWBnYB#o3Ve0287<r0q4b+{96VmNa^ydMi~xoHv}B#
zxJ~V>2}f9aC15Z~@J@_LBD#1FFvTmYrpb(3srZTVQ6lYrSZNV_!d9U?unK+7Ql~!;
zmB(=FGhO_%<@{BmgK_4%5^wJQ5|>;5&cpuNh0I?#fo{V6##<V#1k<Kqgu1i<KMhIl
znK#mS-3;|Tp+3eYXX)b4e|qdOoTc__2r<HyIgWFKpW0?hKskUWFZjoVcpsm7by^IL
zXfY87<kEn!*d!#eN_r4rx^uy_G5J>3FSBox0>jHf$_aU-aLRh}cQ!D@)9WOc35~Y8
zDQ5bX3tGgIpwfu-3URyOkI%qsKP*^2{-DW;$oR+-hx8L-SKHV*@@ia-5B6xRfx>_l
zF-5Db(td^A6j%>CrAN3Pf8mXjZXZXB;s8OBTEopWrMZvy$nb@bVW~dd{iDmER3uM^
zp5xTvny~f61<wm?M7BG{T)z>lzXt&IDW$3PPguWW$k{E_)MG~eCG-p)g=*2~zTQ4H
z!mRlP<ub^iekjH;oNJo0Zs$1nk051vaQ;bHfywY`TXb<f1`;75nSzzfZ#89t9yg5T
zNSH590J(6nu^#8|3*W@so6}A&^S9H}LJ-g5s^v721nc!tkT)^O;&XXdP3`e6)F0<P
zHvQoXGI5f4k1$ab=^q_5x@5KD5?BHx0l~~b*FqG)OJ>G%)<#N^u>$)+rC>LQq2v4c
zb<B{}CO6>JC3sA?5PL4>WPJx>7x#ym1yiO|Sh%m*#lJkV7)E?1^;E-WLiV|fR1s5;
z8rc~gWOQQw5~dhKaGLu7_h|>cQWet>zSiy2_Utcrw`4O~(pyt7jFm7ewBoqF#_!35
zS>wX%WlIJ8zeHzY|Mxx8@nxTTOx;DDcH1v{_vd+-ChYJKs~!MBMd*qc<+zzHOMpZ?
zc%W+_U(C33$GF2~a?15||GKo3us`I4Q(wQfL*G&LGxvqh*Ty`iBRpC!EWm;?ZJk|G
z`aSECcqFU{(b3TH{92`xS$J%D>WuSW*MP~vLcQ}HH?ZojaUjqQB2(;TelfMbe$IqO
z`@?Da2uKaDlI1g*rtr0!kwvwCet>&gA(kbAP)Dww-w5nOaZu8=E%v`T)*kZ6haA%N
zec7JG%~9#ogsczP_=tbYd6Kf^J3yU%2kgHXl!Ha9LG+9P;4bf4m8`Q1)_u{pN>T-+
zL7JbU`DOkLH0yL5NMZ=ctU*vdID?~?1`0ZWg|-AzBIbfT$->vS&yluE7WGsvARXdh
zPL!aX==cJd?0CQod}*m_tyZ&<6DZpod3t>QY<<DMV4PX6rxG}{m0qi-<*Q8&Lt0b>
zz|IWqs5i<TZVeTghxE9J8Xq`l>pEIaJ>#j}k#0}m;Q`DY3!YE_JN5_(lG}x?_4h9W
z*L$|h;C6i0tt<c0ojyX+buH7_R-2@7yVZW;&jB1f?WdOrnvMxRX*%8sb%MZ8NLp@E
zMOX$fYeI{OHNp<?LxU#s31E;}A;fFpp+-O+j7=5yY6lU8=^T%d)<8cvqCe~+&5m&Q
zj9?Ul3FvousE_|m)bCch^-G%!bwg>t^yhZIl8;n^%UDj-`v+7)hnIeT1Bd!%QDB)l
zSS6JxKuj>MbYHRQ=Fcr-PfpLhGDP`j1vv5E8kEOFRg`_sEP28WkzanJ+p!w2do!MU
zV5>rssS-L9;U9GJ*pQ-b0ihcFw{yXF9N>c1Hz>2yNX-HPhS1l@qTUa8(eOXn{futV
znbJxBJ;3*t&7r5;sRJ7|=pE<6+db{(E7R>9EzROqL7qJ|O!BaN0m=St?1v80Bc~;@
z=EbBZDN+vFb^gq4BECsBv5YxnYb|G0?4F6jM>{atXjP&45YaE~#(oG1Etz2mgGBKt
zSQBHQ5*6{lzM#3{u3~RaUw|Zm=nL{0I&W_x9m*YW!s5yaWW1p$(jFR25lAo}`|4K8
zN#0}yjL~IdmcOci`Iib+V&pe;UC#FwcEvTldU<Z>#GiRHzze<D=$JWl-ptno!7Q-E
zRm>mIbk&+@RkXC#L-_?T$7?WVLUHI&+>S9qRGom&8izm-eTV(2Bnxt@B60EPduN&c
zu0=y&W;(B(AF0eo%Z;@o{W;UbU8Xzm>D?Hvp$7*n;8VLH6W^wH(tTv+5ssJRisUV~
zn(#2W$rIvg8iP4@WPeUzBS8rW1wU7-Nrd11?FATp6VS}SHIWI*T#4j7=Jh<3cKps$
zvK8R-#9XH-Qi2T<3r2rVN2F`+_<&Rf=I}Pu3hzKKJd+&Z9euW8o-)0uY*fVfZ6PQ5
zx@u^zwAi`DO6XOSK}#!`&EJJw%^~Rxj@aB3wjOSEV>eZ>$D4(0C8zfTDk`-e;{H8n
z{;1P_)&w#(XmYeLpnzxyB01-R$DJII8sO^!&@=JB+v6^G8p26W$pe?`-MQ|Iu(8hm
znplB~EfY2$hcNX%noBs?#KvwUWwRfril0vg?LU{zX|=)d`VGKZ4&~4?#M?R)5IS@d
zI)?dN?<8auR8Glz@Bdi10CoC?_ExAk{oLn=&rXj7X1o<{$%0N%3<wsg!vTp`2xQrC
zedQQSrfF`j1b$Peq?>xxSw|AoO4PxO85B1>yKrzVQuF;PP5d7t0fPOU5gs_dL(lZj
z&H$Fd>GVWi<-hh9CbSt|Xiqxx6C821N7Jou{>m3nt%gEGCvp>d{&z%YiV_Cs`Ty=a
zhByMwzdU|}>?pru_!HYbAR!RK5MI9M<VTXVA1Wps=fT9~kDvI>Pr-`;iv1d8{>>;R
z*Pze~BaHlWLXjH554ik4ZB_q#O9!SWFB?nwdxyeTfWrrT_wN6r3;B`aK^+_qZ8E#7
zRcqgFKo77wE%f|XCYFzqIfnqQH$#XByMdx9c<M<;r<LJLN#b5*t}DaZaInth+Y}nY
zuHc2oCOqbPRuT5h5DIBMfhd!JG`7TZ-{JrgbMuYVe^Okg#m5+a-(Mci6^3`A2lXQq
z?%H&NJt<epf2@oQv~9i&p^E{wkaGVUQVJn73%1DmBNJKxCFJmpQrjM0iSW)9+Cd4=
zadSnA|4j78Hk`aVa&P_<Lk`kmVLze+C-%bQvlnB))87H<ECU3EcMhYXajp5cs=h-|
zerMWrq7<l8kzELx2*Y}{!vqf=Bm<h#p8g2e$0KMK#0`B79q@9*4-xizt?q~$dS5l|
z7l(?o5JDT>XJHNGel*g!{TV(%Qb=~S5?1iiozJpg3yce@)sc1vSEzBIvEu@`?h}BI
zM4UEEU}AJ1+63}SG8BM(5We7J27f&!oL&n1R5Fj}+{U$BNZ5rg9R&#dPfvnL!n5p_
z_r`Zc_M0Wy22{&U<l3b++KQ=S6_QUIHc_Nn04Zmd3hLq!b_qD{(fnx=xcClo@knuH
z7XNIP7uWjWA78yrp_G1p<zBw`-a?krcggvQesF-CDX<v0j{g>b^n2zZV2B|}%6By)
zj(SV*OxVO5Ay5%%a$sD9f<4RW?yDABGJGCnRW_^_n9y;kbPd6muQ1O5?=hoAfQ#TY
z0xmxadHcX82gk4PER~0<?iJLV1Ce@hsKO-+@#q5Gk-^>IL~DigQm6s!;Xy3E-q1>g
z2rKM2GD6GkJd<JnH6y$dQSygq$rAEVo!&rS87}hRSux_V3}7ujLRc49Kfe#%zD5Ma
z)4a_mUw(O`%d;iTXc%cpGI1wBd}rbz$1K6ZZP>lt3{j0D+NP>-@)=Vk1s}8g=mHU9
zx%4q_#%p3_!g{5rY%iN5uafYUcy3zNEd5LsvcC!K0b$NukkH6fo08?4-~|w;)%@tP
z@Yf`D(oo6LnBi-&n!?3&$k|{963*z5D+QGvfMXSG`jbYSNuxK#4h4~e7-+zu`bmT}
zJi_0378YrUt#SZU>@^IOZHrlU-kH;$Wd9lq(brJJ<&He?+LPif;f42UY&JsAV^Ao_
zuPnfWDg-1aF%zId01*c?MOQ>gs*u;`@pFAi1h+@xY<&v|F|rb{IP+`fWl<<;=@-yH
zO`*=f&?OBI-U$75?8!g$g$QKN<A!CiEnOEv4mlls-$TIz;qmx@D<qSN8~~6Y3=WUj
zKCjR%z;;ZM>lFSeEgW$59V9gJsHlKmie`h0NIv2dhwa9MP+NgUX0(bJX@cA96fgU&
zOMeT6|G9YLA7&BV$(3{t373HgqcHfX*aV?k(CWX*;m{Khq<cR-wmbHBSd~;jb}~xf
z)IW~A|IK$EF(bVJF(3qdxDgACCqxjSz$w%;KKFM$yA%tNu0t1Ip%Sj+0R44TmmRne
zZ4sfFKwD#j7GwTy^9u-(w+o~fLgc;l4e7jS`g8@3qipFu6c~?e^ua1;2@V^MNRyeQ
zY{GT3KQ+J$1UXW*W32?uTZlxwcM9(#E$h6G71ta`%2c%-fStNg=j+q(&<9rbo!7R*
z!l#!HOQ5^r?8Tekzxw^={OA~Q{^9(}U3*K8@e#;@3qf707&`H64e9g5B8V!aexn?;
z4m_3V2m0#9bw6%s0lW`RHK`j}YWB<UCLeitI(8`j)1my81&l=u<wrOLw2~OzUtm5D
z;=*m`Ok0cY0tm#5m4Hh)i!%EX$Lsc2uQ2CNe1K4vDCu!$q|)upmppw<Fez}g*}`i}
zrtVgJulGOJzPSaj2T_KzfoLKd-B;Gy-aAicfI~ipQ<vLw>20}|kblN#xntS}&CA+h
zDj-b3FsNl|^)cpJFeyDZ5F&9fk;*{X&3t`pfY)&BwC7Cw8MmZc&!LqhJ-;XZ;&Y4y
z{`IE=|IunOR^po_=96!YDv6OMXCyI5_)|<4NPizNLEe?oH2po^ZoKvu68V2SwrpzQ
zEi>!D?Mb3l5_zSFC*ydG$Gny7)2`f8gLY0fggAtk0NnKbwJz@ojYV-gP)3Jr+&w`0
z9FXR7f&$hw?;DUTSdk7kL(n2`xzRL*qV*8&6sV+jP+b|ezqv$;?JpP0i5$L;&{gd7
z2MwO>tO=f}3nVszKy>?8s{xi!X8cT0^L~q!&6HwyvBMW{Rcc|hpnvq$aL7whdx-Pz
zEaBPErjsQK@9UaAhFHQuYd#Ac2-(oMM>bHam!m6~4rZ_cOv>>pp3cA6iBr#c<YT47
z$*V7c(M>D8esizq>b{ESll$AN7h$ypgYhOk12F#g-awz=qTyd!C<jkUk4ukume3pR
zH?PNvB0b*1^KtU@gOurZgMjI+bM%K3ix2rR%h%zhC|;vChDzC?cMd3KI_75}Drd`5
zR-4xb^BtH@zA<u$BkCntb^JE>``BV|Ps3oH&rO(q&enJ(`yE}W4500e*p<YUppfbz
zUO_jYG5lGtQ3v;7>jU3Qc9K@JjV(7nBDc}|<PANqYr0hkn~;9(@iX-t9}nXaOR!Yh
zOAj{ie#;_mov{3TR^g@(@fe@rZJ|Fh>pjk6tt-QU)!-R;8$5Mg!XpndCrtrSN}ca^
zNKnE3g=*=8C;Q&8c2BnRf}fr008J!R9I>+$_LSZR&f5mh1%Jg7-ck~sEaK7*8*=(g
zcp{@mKquaD={NA+n;XzuYtS3mi8ipLi)kzZE`cz34C!<Xe%BeaI$k$!ojUu&-@z6)
z_&u}zte?G4=jv#_D!{HdnEp0UR8e?NkeMA;{0B?kITaS>%1b|)yc*(>KF7}R!vlx~
zNkK$(k#v-Mc3YZUGedy^kbX40I_DO&ZZJGJ*h(N16b_zPMtW?CXP9w9Fjy+h9ad-+
zEO#6~i_)$`oRLp*z+7NMX$P-n;=rLUQU<Ub4*{P!gRL&#f4&Jl4HhJ=dZDR^>kb&$
zi6v*0g)n|}W2~VXsDTSO^uhJsL<hio76&~Hs`%CHpee>2k12rj^*h4i{xo9>V;Pl2
z3109!za-Sq6e#JaQrF6ttekBsGzdV`67Y?Z3I>OkE(z?U?CM0_Qq?Auxd2i=BWYOa
zwr6d=jLKIq8h=?952Z#qpQJLeA9!t@>M6&eo1bSz%IHCxda3!Ispm;Oh}vLmy~=O%
zg{?f-?7hGju5TRZK-#b@jHJa`NU*0>G2Jugf1U2_BJiEz)21&@fu`x)V0K<Z(@SFV
z;SJV3G$~T`HuI;88QnT#cLk=xsfy1=tN3keGHn~#eMzBXmDm@F5m)sUivFlj?}+z9
zY&Rl|05Vj1IHWmx+Atgw$5a*xZfi2KP$j&ZVhn?6zy01t(taJMcY6C^H*Y4j+Xy$!
zT~mS4sNqb31@sPBXpit63EuqfYCnYa+<2%7iiRZ+F7ZXGdv{xe?~r*%3gNjM6QY-%
zCO$ge+Y+_{c`Vcyc^BEM$f83MJk#~47l1Q<CHRq`TM5_yWI^CA)qH=tf)kZ3^_Rs5
zi(Ylf$1L95NFnoE&`ZXfw-3w0G2y%Oh3v)cu;F~mCdlu<5NhlslM7iGs{pY>D;4;D
z^p>2<5`dfh)5kCIlRfp9Uo(@2yk9!|V&zj};2RZiApN5xo0uuo2~e#aj4=p7>Q2oG
zPQoY@lwV}H+K;njEgF;+foq&k(|r`${w@X?M^qr{*WTMo@VlxYZZLKb$jEd)B<a(G
zHUq4{1-+R1=Vvb7{PMH9e90pj#psWt(_LP5RBk`Q0xuAYf(;}u?V=|iLOyZu9ZM3{
zxHx%q?yx6<_KFVSS+4owAYTI3s^eJi_<9s_w?BXXtGX|brm_v+MO&F?g%UDT*(4zu
zGM6b+nk3RdN`pdV42dX|iYUrFHcK*34J0BeLzF~@C}cR-qw<~e$M4Ux&N|<+zO~YB
z@ArN7^FH@|U-xxgcZVw-n95f`2%gMz)RYZgcL@56puA{1MECT^<7<!nq2p?HF?K9!
z%7NV)Yyb?r_Py}K+W4M6j2s?rcbppL=P6=w#Ixg>LU@c$D>noQ&uk7Vw4s90q%+(^
zqp{nqvy{Gbwn?nw#S3GKYn_(zZIk%c6OF$m0?MA=?c|?}`Ezl|Rg_~(=~n=Ihhx5&
zoZuP<9+Y%<kJbU+cNE$ccM+(B{d71&7&-&Dxq#Yv5z1nTTWOt7N5K&Hzqw($wb0{k
zYc>!AciF|24QsjA1fWI<)yO+x-7IlO8jAC+(|IWV-QN*9RXj<{KgDl;;fIKt>NOqS
zGjt`~DxPDF|7kf0TMwsPK>)p=fvD7{+;?kmOWmok+25);&tEr7Aa0N}8?3`b5+`H)
z9MwiAM6`n*H3hFHYuj;xj<!PiY=-<(&#_B*f@_i@)CIC-C|U1u=2au}&+)I{{@{=_
zWcEzkKVH1N1=P&)s1jhy;$XyId>b9vxQ^!#z|_4I0|0<qh0R1->bD}h+FH7Kk=ge6
zW?|vWL%Ls}C>X(;G2e+59eg%3xp`(d!p8vb3Gslus!ID@#%Rx=6Ik^XRydps8n^1^
zeSWi9?x`3y*F{tH37w+JK3TUKU|CHMhxWa^X87y-2jVQ?G!O@4zSA#{0bQLFBp`|K
zM8#zi$qpw45Az3yw(<5~hR@8wwg*`UE)e-L$%o=)kvdI%+dXUUY}Hu+`M%b2*b4TD
zYwi-Ud3yDsSBDnt7NXvxfwe0%SWJzjdg)tmqwde5UG`W$)%<oSa4cQ6<!Y&~%HB9M
z>vf-1ust*3SQDpmH?fFY!pO|ABVyN%j%oJ}zeScC65P8OOFVZKp&JO%9On?F4Tm@X
zm6qY3O$*~0TWL)=mN8f>Ugy0I>JX{@EZemkJ8Z|%rh9RPzA#))8iIIhxo*a?Rte>w
zsMkYteiUfFZ-2B8oSYH7O6KMXLhk|w46cmM(-YhOu(EVGT_^Ue@Sp8ElYHXw$-$2U
zPR-fzvPj*s0o6Z7+0!Wi8rC=P!4EgLLr)-6C+|@C2;~)`m+Tc;WW(8$W8a>fndn&}
zI)Gh~-tbkm!y8p?<%H|uUeyVUU|{WOCly^<EybIE6PKgb+24cD!cYDjY;PyVPg|js
z-3eyYDKu>rZ8_l#=!Rp#QeJy<iLJZVu6Cq(%}6&$yZX3Qs#(bx(t#()%`;zxFW=C5
z-@bzBJ}6fEn~{%o5#tTnT?HqyQ8yN#iTbtnlKA;P=46-pM88ew{C2tbwDqhx(QD@R
z0R_`e6j(<qDk{>ZIYsqSy|87wWOhEveI8W;W>VvZDC~zN-_K*Y-CdH37JJj&sa}s~
zG#h=~0z^^Aw#(prJOO7etyVzUH8BIQu%2K^$(xzUZ*o>X(PQAwXXGP0`c4RC&S=m-
zC>)sliY|dnJGlJs=|5J_o|C-ciiGj`U8dEhN*&v?cdA$o;s_`p+r&*SaTYySp211<
zqtm8Px_={LnBmedtUc(Uto^vQS2S*cv+P|w!8PE_7f@U#ur#|6Tr4~~XBV*iS~#*C
zqF1Z8YKzM#L$eEJ-vH#2p_{zgGwA*0ia@D`a-kRDb~S1oNv<g4Vps5XfjiVr^jDSg
z>q{BgT^Isk2KNZbLsG-11dZj^xd_db)r$_|3(Z<Sqo=p$eZ9+%6sAe7!OhAr|9nx+
z*0s>lHzTE!HsUzwcZw!26ExZh9qT?jCxsSRijP!h=sjf5>0FyzR_}O_=?u<aHqz`?
zH+YM<vFa>-1=^R%z-|zB7<2Ij2{`t$hO9m^F$ED=-%jE-$+62ISly*D^&*!*i%(C?
z)-FcL?s#=?Px16zmu9_}Ymkp-gMF9b<OXOZ=00k5alWVbb(^1}>0Y1`WN?q$#O{vq
zT~GL#G>IH39B55E%Uz_X+1n+!@%i<u?+Emfo<#&6mz;;k@Tp6yMuQeB+S!jWJ#fvJ
zNdj70pvq&ikn!+eQ=92z364}(rdBh-pv4@_ejW9ALbg^Y*sZz%hQwxKiJ4o2UoELy
zdPTxm0J_rMma2sgAxve)ssjMFnm8z{b$q`PU$g$I=PQ}mx?jb&9nghKK%<iXrwy#n
z%gSD8ob~HeX3-GICcPOaWk&5y%!^l=9h8^l)b{h99KBc;%>LY$c0ps^USgj{2#`V5
zksRMr68o`>nX)Hvo;Hnr);KwVeXB<VByTHho}GCby3G^rL_H9OT*SkYekgZihTL6e
z>~n31HSIz&{Pv8qm3dP$9xQ`BVEmfdK#sot=hVV9<K5>w71n>8xz`C<mQx7ZAi72k
zx-CTxeB9P~_PU}U2&3_VTU$8y9oF}|$20qyaa0@c4|sS^h`w?*0Q@mS9KubJ{m4E2
zx6&LZElocvC&M+@js2x~&aKvv%+3BlZh(6bx)y1lVoN?9RL<EyDJ=B}9S@lr<iG=0
z6(xSkGuH^c@&AfHuDv8W(@o^ddE&%jEKh-WG#JIJTHV(A7_z3MpK9b>r7gg|HbiO^
zEyxMW0>1@|(ru!F+S#5H$~bE}Frp>FVT}$;G-^Z3zPDMj<4?8AZA5GrPKPPW$ZCg0
zTo}xAPO`m5_ciN9_NvK;A@zq{PTFgy5Dy@Sa{sTV1wH(7)?rOVd}gNdLE%L!EsH5G
zh~uupnx%q?;l<7_o=fv=JC(})M2Z;i?kQQA;JnJUY}dNWbD7~ek&bqY)(9>fSO=3q
zn+VJcXLVP!8$bE|Aj1l!>o>Nz0gL>x=kRHcVis*RVU%oHMNOiKe15MP*xr^B7Z$p@
za-1toO)XV}LmjQada5C+iB4G{*?E*Sha1a&1Hj;zihF@>LeuCE{x$pDqgOwe5S9;w
zX&`-V1{lXodQ}@}^7;ovm~uE93Q--Wn|y5T-E7x-|2EQ(O=25|60<t)!ZXs{WmL_V
z=9p2H4{CWz7gxrMTgwJG?{&E}n-;JlC`2J2k$z1%8kFcHyXJ05ztM|oommtmw#Le6
z=dQC%9A}m*v~yGWi=I;gd^H?`Rc%XF58&hrYhk3YUC#ogsBb4!W?^Njm5j92`?Oyy
ztX-3$J0yES#O%G{XZ9t#b_+&*lCAs-Fu37L>bQ8cpXPR1Z4TwGAP$W{J4ecD(duP>
z<G?1(hk-os9ur|(q*VftbL%_d#dm;fWMlI_;Sdc}mKNOc1A4H>91%gqXFx1my{Ssm
z<88_61n_hVMo^<pvL3b01=O4FEvTP-wU@>tnNTof!5EQ=9S6PI+OOH#<zB(!0qT!@
zXXfwCi-f$)juHxY=;PA+1&2RB=<67Q1o-XQM{CLjKA^nL#${yeEpk8oO;YevV23N8
zeJ#hAz#_F%-{T%LIkiQxO0ag^^(%I!G&*q6)aEPTMe1v>U(jMc85YIHw(g4K$9=Ak
zt}cA|5^~kOcS;7#I2aTw89y>6e2&m84lu9F_md)2-r6NvnX&vqY9Bqntx8(CDvpCE
zLr9Y_@7cwZy@^f9J=NZa_&QfdCkc({`BPoS%XGIIYxLfCZK#?sq057xwDjWBAD$^$
zC{I+KOY_$kHtXcMcT=@|H}qo0gwq5j%tgFGn%yo6t%KA8zYo?Lts%nZE5m{lhltWD
z>r=p(L++)!O5OC@EQ^Bl%}kO77SohR3fKqE2{t%>1udBqi><h*Ss%zP0JfO-{T9K+
z_BzGu_N^27$S5yj)5}?sb0f&=-Xc~3v5;TIEbGf7JH8m4ppk2EILSsA#`($bESt!K
zQWpeiORJ&9as63m$UUBC==!3B4`C%efm8|3@wUqV`D?%dpEiDVVlJVTqSKnK;iVMV
z^E&!~nN-RocO;14-1Dr<k%JpOmfd1p(;|HBqtC4Ov(U=XGlKU9n(2XQa&Dy2Nb$d|
zKXkiFD4_lp>HlaZb1|e>Nt=sM%#W<P=E|zWeMUWSUJJ~z6eSW}@BYv`D8{7!VwO50
ze!f9{FKFA&Ir{1H4g1rtX)k~Kylu>8%qGW5*EDL~rg^TyYhz*I&g3QLVTZ*&?nrUC
zrmXfQp0n-`D+Le%H-mvPdg&{#ZL@j6>X$h_y@66>e|w+L8Hbk&qRZz+93k#>w2YD&
zZm}zF_(m**0%#vgg?*cMV&}oXg-VDD9Sd8;<JJ2E=6iHpo3H_HcDoDC1FbJmz=r;R
z`x@aX%0JcfR^sSqK%&qvsS)7d+>-&{&8}~13Mg&D+lamIKjO!yn3sg(Db~S`2Hzjb
zhh{b7|3uDoJF5X<$EO0wRHQo_VJoKsi))k8Q)HQkt^-MEPmLuc{pkOZm|2kh`Gol9
z%h9O4s?l3_L;<6EZn)@3yE*|NPkei8jGmGhN%g;?oh}LTd<>q&8u$}gc|s^MJvkPI
zu)hgF=WT@AeAu(QeFrLg2|1F-^jPz4gw$j37_Y_e=$nfl9R45!>@gat2y>qznr?1v
z%_U2Tk#-vN!QEg6!mN5FX~KVb8WXJcdU=LtI-Sc*;>)3azjI3NGjPYd+M$r8+*gPr
z<06q2Hk^(elk{T{uP^dGy*4_iQ*jy!m|d41EbOu?4P;C&L|wb%vKtJUi4vy2{n>6|
z;lAdaoWfnO(lReQ4;_xVw)bwY;j=4k3vC!LlUfJ$U-$iH+chJFFg4{8MZUr1UQP78
zfbnCHk)^4D87qri{vz@N>6;XGfqvATeV+b7p8vQ2<0vd0fhZG^VfwLw+Bp)arvUG!
zVm<p>#p8!y=e%VSEz5A1!{}AOuQ0US)*&9cEQaDFTK4dXv*Ss2JHEZmqF*js$nh!g
z7(PsTXuHQ67S_@q_Z*)uCN6R;d{j;IJ4VvHGM16B>XM=jEF?5eHM4mdr{asBpRXTD
z-^GxJxM7R1ouXq#q|^xLGIbCUq(55SXt?xM33H$-@wfl^{X<6I_pCysXP#LpuhxhR
zo^%;aF?uNv;)&ky(2Ff<{K}6w{cymn$bDnuNKiS@#<&?6elVBqC{bbw(29dI_9F@R
zU|=cxcNhVVYnu2gxNRKb52_ym(j7}$7px`TQ^QsHCkM9oxDa?B7J<#xOKcVI+W9hU
ze8-_dm?jN-7W^L4IjFt;pNggR^8T%+@utFqo(7y{VaOFsuU<>q{|-IOTka!)rPCoI
zkt^(-YD4E3<a7+e3)29b((YnB!p<U3<g&b!80YoSS`jBf`Z&>coMQ|@J;GGd{0n*!
zxwy=q?<3)U7VsR^;NT)nPdpFb`Wx2=(GRHE83by29O-%2^d?LAeEi;;ncvg=M=d!{
zQ(5koaBcsL<hyC?T2ib0G_72S<cq^P^%~$5o&yizV&jfXS)AGib39Rxw8{&D8Fcp|
zpfL%24GUjN-e&i42R<P1C!B0pwRg0<4YK==`b)a=Y)d-wDg$(9n$|L?1>5*Z9)d1=
z(}}O&GCvN~-p!C4*%;RdGE-*0RmlKfW!zfl%Uq|4>6hEauJY)E+hV^aE;e2EV2xJi
zJ{{5w3ps2rj>EQ8i$>dp!De@!{aNJxI{<vH1TJwIkUO(~oBSu%-yF-8A3(8oKkHlQ
zyOVrDb3#&<LZnJEbzDKegw3d8&B=z`Uz;+nc>Z@OrL8uoO&``;SD2tcH+<P&#!`;w
zoKO4eIq5g~)QA8c)8(3vmU2?Mc6w6V?i93s=+ig9zH`M7o-Tgsb4O4{FTSIBdyR4_
zmPSK#nATw%EyEpDeUBN_#-+87ccW<Fe9>@vtZA#ZMWV6vq=&r;om~9#2cM?*N|YfX
zDc%r#TYK`?;9&FJ8_QG7Mwy<^0bNwCaWH)7Kdw#@*kEch!2kAnD2~KGvQ=R}sTIDu
z8uE?3d*5_1`i;P37kXVu$zN>W^bmIKfTkXP#u(fgYjfsn&%)d@7AueEIz9QYigh^f
z^f{PvOBDAo#Jyjixs*|dfp+EhYQh}Nq;BQ5ue~nvHVvo5M-!0CmHn{=F7z(6_9qk%
z`|AW#-FWN&_$(au@|r+XR|oMgh!><cPIe9TH`&XLmm3J16Pcz{UB%(2(sA|=2j3l=
z>omy%M<o<kM!2d*Yq}PO&9N(mJ1J7vxL#e@8gvD1O!tYqC&-HtXnBm~n|ro2*)gT0
z_L(Tnd4$B7YR(ph{&21pxTNU?Xm|MP5W`&9h4P{$cTa%p&z)Q)jt@jcz!}w^mr?j?
znuka{(Oql!;T?t0_%x=50+Khy)V||g+jL>MBsa_9KU_{730g!3FWtoprh>XqV0Wjb
z+_-do-4VSP;rg9C^1CYL9#N9YjB*%&H$b48wNjVLxzAdRz7IIW_%CbWp$$m^p*USt
zKh*t}YiR0@u$aF#zka<de8=w?aG9bv>o%LWmIO@vfFZQPknl?14^%J_3E<pkaE9;<
zm-jH-8vN*Ro~$Z<iiasUDy4CZM}au_r0G6RihQq$WAH!-g*@W<KpZ#7qH*=ing80p
z<$Qn0q8+u@#%5dBvs0x*vse>i;*MWhrhCgbq&qH&PNs83EiZkbbD&k2@2Mq`!nf$?
zJPl=p{Y%9enL`+)m<)Jy{JAJ%Wn8~~iVEINZ74IU>pwhr*tBkI-QD#cc3GvEJhj^3
zUC?J~oZaU15h7N|?|NOD<6ZrNqPVyFss2mC0y%rZQ}2*7b4~Bm5lYcqRr&4j{gbpo
z+czkRo#V!zZ(?o%gy|IH=q`4;{Y||{W+0+jR<nq~^iS^fURM~co?1r!3)SP#0WYFb
z(MRXAD?2n_NqVDikVPnLt^a&Nnqdcky~_mc)mV8nxU&)BG)P-*oYE`u%OYu5Q>cd&
z)BjldMpEhEUV`3sXzDW<*wqrB2z7N^NHRoz{~EkPat0(sB&Sz^m%}@3y2hN{yNMXY
zKx0oSMV>{Qw*bUAM|UDuC1xhn+7rHoNT1Tgf0CjP4X|{nZb5~;Av`jc28i;K*lCx+
zv0NDb=Ga(@#x8D)&p6bO+N>nDA%?_v2E_xBUU>BJrOs4eS+n1SU*%Xb=_$`qcfj}n
z<g=@X)l$D#$iQ^hL)VG!la$T|^Twz@n`SW`HI{f|#+GJ)UB45c5tI+BsDW(Dl!Zym
zC6W`+TE!u@v1XqFWM&8gZBNM}p=k7#Wknr;_G2X$6R!@!O3pp%K!~IuauS6wQN+Of
zMvs3pNd`TBe3sruRU_>E8S6|Nk#T08FFB?AcHKOUH{sqX(QRAgwT(Xl8A23VyaoWt
zqeTKIZ!VwdV^11FfP)K<^gBTLUDn{{T-ER?!dbuGZUfk<LXpPU_S05x9yf<^_=gm~
zU=z9h`%-y%Ip6EoufJ#TIqT3VadvF5=Qar4Lg9Lo;J+aOT4Xx_;;*ZLZBA-W($O>V
zkvQW>=vf;+k*wiW71WZJIkq1%bP?a2Av|b{1;KU89V7mnM+s*pYm|?F4wH9&yE4fp
z&))VZKoctVwq53~CvU3(PIE3@>I@0+n@3PlO2%8oNxp7hR8%1G;03X#XqrH-d1J*#
z?_ax;pd1dens!t7>Z?z)ko@#=UHiSvq?jAqFAVO_JvnBa&~kiKC7QSI?hOmKSN9L5
z{h4OuYfPaw1*PSI8ZQ0p4tUa=kzW=jF9GHo|0zWieCV&d!9Rd%F^}x2ty@Nfl54%)
zK;KgF98FcNOy!!fcW`K8SbV1p3T+X@<0vG;8PY{)CdkTLAN_pnMb-A^^2?0d_>PuI
zU1W>R)|t-iJ7SU%@g~_&l%%p2XZ-pO+)la7y*eQ-o%zb;TQ~kZP3I(N+E*Ce-bSDK
zNLvb75G-<PWu@;7q1}`kCSlZbwG0RvAu>2!`v!dd=cM<2<l(hwIK^0~)<&E^Z(*^Q
zN(C~0`%Vs8Ht8pREV%-@((x@f9I|A+!niCXD0^y0z$)U|wQwrME^=E_dy;R$0_FBa
z=~%QgIx3S~`f<xXs9FB8^%B0#cmjN8WUeW3<(;EpThf8)$Y`e!(HHV(4`lJ(NLlIh
zkB-Zh%%*`O>ZC|`7`59bVaID0^cu7a${C%Z9>1N*6}@Z^bc^$>cIFmHJ}_Ff<kfqk
zNv~W!RW!8psP$O$#FY2;rm{_@KKXH8;i4uchXwool(3Oq6l#8;^nGZ)wqymCMYo}D
zXcE%%<oE?kk7{UsSAx+M3G_bW>pH0dc+h*```U|`HCJ$eu;mC(9Wn~(-F@dP9l<W0
zQpl_hZp*dvBc@0Nrv{f(SKIW+H(icZ=zJgU%X=m^DDa1BSSk{!^lyHB5z-GeMQk?E
zedRZ}VUeR>a#bewn5O|XFu6qM>@Ky>DS7_F5)u;qCsInqBDpB;5y_OEYH3mVX-0Sr
zdZ~-w-fFjlme0t>c+sbq=R|I|@_MtiDd_0y2ajfcv5e<F%}o6JNooQ$rWmb&$%R9U
zWpw9zi8^$nM~~TOm`VP9iGd!S_@?NN(S0i>j+IMa?1-HMFXj@15r%r#&_bpC;s2G-
zhB&ELl*ligFQ2<P6FYf4TwV$Mjf60OxP&8G$KOHeUnuaa7S$}19%+qRJMWBcK(6Z?
zrRvapOu49!ckaHg;ymxw9%(@Lo@UMb1r@7MMvov$i#l~#Bi6ic&Ci_UQz0>$DLxXY
zcuzaMCQUV1k<#?%*2&$g<5ON8fjQFr-E-idE^FYhoHx@io}e61R(TelD)R4^e6?}g
z#|*U1{xk0X!kyUJJ*9LjX#R59NN^Kj)mr;E*85W8Oc4`*w1o)F2Sw#T8dk~w`xnF}
zHiTVkU}+hBsP$gW<|k;MW_%kS9=2Eixv88RFm$dsmjBT83!(Umk{A2QZq2SnWqcdN
z1HxlUzAUg3y>ek*-1R2<-jz_%2p2NWdHiEfdmtMojE7^W3L<6hfkH~?rhx3Vp?;G^
zw~wQYnha=^xJ8IB_(C2V^tVbx@1jgsz)@VM!j2U(kHD5_bf~*zC~VIFguK$qEgsS^
zG7XI|PKbE25Jn|h-%i0CjTmI9jZ}-0=yDar&9G%E=IG~0z`N%PibffJbV9C>cm#w)
zbru{@GAykDf{a8*DlO8z5qw$EQ-sf|qe#nVjDUTTH2@*I7BKv6FmlsPh-?uLH?!BZ
z%u;Y*Zex^*|0v<j<3`f9h=(cST-E}la9b~-XlBy+>xU-~iFX7sh9?IzN;v~?`7_Jc
z5T*B7vTh>vD}#t#dYHt+@Mybxq>oGVD>c{G<q(^zaAD#an}5zUPFV!G!sw=e<6$~Y
zNC_HncvEYsBY~W$M3O`3C1?mX<T>c)c&ULhVXy)F)tnGoX}5CM>%Bn*xXZ%S=;q5C
z8+H`I=iRZpxV~ifi4*rmw&tfxv1FkR_7qovUmDL!8?&rZlz8z3amZ?LMyrrCNcp$G
zzB;9|TQ^)%EV2Mw|MqI1%O-T$VjX%(jI8uY(t!HuM9I9C8)!^T*5F)UnR+U*9<9iC
zAh+3-_n|GCkLDLYl!&8!O`9D{P6%4}lDS6&hXTSK15%#>Np*0lFo<1l#@S&Wi?5$&
z;j1o#;sMHgC&il|I-UonskHmPPDZLl@JsI`wJ&_z{GV}ISM3R94{De@kGVuN9;g%>
zaBoC55>v<BAdf^-IaqW1m(-1f&{`Vrdp%s@-b-{hcyiBCZ{Jz)fJajboIiy#qi%fK
zVE8qs*d_ppxP%(dBb!hK-z&cSn#RX&ApC;SwOsne(#XCjUkipu9}XO2+TRC?;s3rO
z!oD$kY&KMJa&1+Vl*QlKY57{XEq3L@Ny;JMXSaD+g#OvLN=>>FhHhx(r=yK?PlQSO
zHLk$3cE9@WPA*qYKky@-1G8DBA9t@k;(Yqcbg>0~EiE=Gn3SeqfWjg-m?ovKztcck
zjN>&WH=Ska+I>K{ZmHys;GFp`i4$hp<pqkTP>utQshr^{JbwtS=27HnO0LT{EOw+E
zP<x!IwM`I@c^fuj0V|^%R!QtEO?XOjy@M@|;1qIpjV``*MvNl}uRgmcX^SIX9f?;n
zF>-SQ>=lc~s{^?lJn?H+VO;;R?dMc4X~uHZS6alTo6a#>JCv{y4{Mh)<H}BQ`400e
zS+YOHpmwg!Wl4_rra4CIGCJxFK5`@$vtn;OzRA07(R>u(!I3GgOTEkS?>DsTIB;n}
z)_Vo#4^eX*nJGLaF9>h<&(C{J9IH#W%QL!FLvQ^eL1R{lktosTy6A%_QFL^5C#Gf5
zUZR{2js&UIv#0KFc`^Oqoy*xDbbrrv<!EvmD}_ZhLN<7f;6u|JaQ^u7nooLxOv$y<
zwz&so$ItFISj8yB5yt|M_}>_g&(ULW+prZat9kwM6H5;oprV-ix5bCxlwg~>ze4X)
zs-(+p)r+s>SVZO-IX>=ANC_rg6YmMX9G-`hKL=z9@s`M0P7q!$XcUGZl<tKfSmx;-
zJ|w^#((qp)+li2Laa36yg?l~>RPw6{8-xt^0G?LsobyzoIsguZ^Jj75n?Ocx%Vi^b
z6c6KQCL=+l(eYQC>`fvzj=VytYSlX4Q(x1Vx;5q&-!E4pQYrKPsgMz3E}TSV+ag)w
zMAQYIKl{JNurJ&QaI!G_od;dO!LIUiPE0wVxu4NZfW952g~TGZWs&f)BXhC-=ei<*
zzVa1m%eCW*qu=AukzL>dPQWoRjL7^*g+O8<L|9D_BGe$&wVL@`%EWXYM_*9ItuLBP
z14-OWruyC62Wr)V%co|hJjCB5+(3>!w!_r+Pa}Xq2s`sqi#7Ecwe+Sw^^(+TtNdrv
zKii1uQBFRgpX3~0ZvwTP45kxoxdpUKj6^9gjG6Va=;)1D?Yj>GV4TbB(0aFQfS-v0
z&OS18WCXy@bExzh87v9G4M+L0D#4EdX{6a-yGWbG?K)<OY6hb&lyzXaNZc0B?5bxJ
z)nlOgcC^zABAr$zr>4TC1u?(Sj-zjk3X0lT>qD{#j<<L~#BWa6DL(Gp<NhW7l+1$C
zFuFH8PA)PED5(w<p_{N?7`6Hd8OAsSvpmG#Eo;5+d;-Tg?M^?HejWJMYyC+tU-t2l
zr(>5%lo3DcpsIK7gfHg_xF<Ls!e|%s-PQ@p8lYu=5oqY6Ng70j=u|6b=3(vWq%!q)
z`F3OZxZa&?Jy5F1p?!eT5ny@8=xROJY&?_RVmhy|??t~4`&m3@15uTS&(zg2c<0n|
zfz}0j#yPf68>9If?6(ggMnofwW@HW}_-mn#lqW-i7N@Aoui|@=cvq%wlWC5>`yZQM
zj?0w7FKbHknWS?R!|z1zzaXugSwtKZkJZoM;fuxwey{8|$fY+!4PQ7b7RI&b$%19y
zX!d_c(jryHTx3O*J18<U)LhkqO`8$)_x88s)%G@!R6l0_?G%k|g@00f4qJ+HS9I~u
zTd$)v?Ucl;EZacr>3RI+Mij(@(i*oQL$)ErY!dd-*C19<^snB5Vs{xjL<Vb`(#K0_
zGX|)vi}a82ZE58{1OCYf3|rEjT~`W$7Bg8Ey(5uk|D<M*h^g>~1vQ`k03UusA{>r^
z9Zi`jn>QK=sIO(;@&*TfNnd(wEMK0&wG|hQLl`X9@;~79EeUKoK~3iCm$WO=@4sSl
z?xLRWv~<IEwXtvK)q__#-%3hqx~m?mhf+?jchFrnNm_^VzoEArpRsw)*8AEx(hCWw
z`UlgTH~f2G7FSSuKk;n*WM7wHr)9c-;pVFGMiJlX>wK4jX{M^cnTk>?m5w22>oPqg
z+zhOA`#XSsZNH%Wx=NZ7Y1Fleu2r%kCdT15dBb87puBv?*H@g;0K_r8{o{8z!5q>b
zocnon9j7%%+e19UiZ?cbut_#Hfrm(f&Q+hUc!LX9_P2N_K1()y?v{gU;v9TYf2#%G
z^CWxHacFSgL{Z%LPwTJ*aUr@|FL^lH!1cwyrsEzXTrZb^=~7cej*`s3pQK5*M~D1+
zDRZR-%xk!AQ`i4X<29A>E_=0QOWf`MD+n}D5PU!4@D|;wKLMs#0+)J-&QN~-4gZU~
z|8BDd9}#6NEd8JH@iYl;&%(F;)ji`(y^j0HXB4aWvoQGoqXdMTUk~M-=W7o;ZhSaI
z0)M5t_(#9E4X#JZ=;`ZAianNXIQ;(678KYr7i~^$RTP%J*pJFjY<*XV3^vBCYi*n{
zx(V9Fch#dg9QlGcS9S`XdM_d(#w-yuJb&q89R_rSiUvD0;nc$-;mYCsYxF>VTZL`S
zCR6Xi2x+G%DuV{J@E%%)kBQLkU>I7SM=yGI%Gh`M+%A#Zj2-;XKzs)mz|ufBc(3vX
z(ELRhk2|agy9f5a2^c(Gm3?_8Vv&343iU6AMba5jS`v(??!5+dC)iHyy=yk-5;V8o
zl3WPx<<>V%<}dGp7y{_UmmBA{*4*;P8DM3(cbrw7-%`pb9wqgam}CAcVOL<;Ob+q(
z&3P4)H^W_`h<mrvGIai1JV)8ss`CDDMbfQX{fiAfB<SAve4v!k1`}Z_<S&a3Y~<zI
zOr!CbhnpLtnQbRpgy69*#!2b#k2oi#-gP(d9__wkW?f|)R8m9hrHq$n8(wTh{2*?_
zF6<wZdrJ!$B{`NZ%}^>ab~l+-X%U(_-q}>o(DFe@TQ(-`1x49v|D6(t`NRhE=y0oa
zY)OB28F`ejeWR`}jF>N_4T}A7tIWz_^LHvty9T$qPe5(HOcthP#;vaGpw8c^FXaXH
z-qnLc|J!V^m1OVvmP!5h@l@n|AW{6kyP!v}TwC)U&#PeyrFoH;2jPa2nh`xwIWYdB
zklJ|MJkXRLgXGQ7%d4>9BOqS4GYDHbCu)uosWLJv<6|LrjIMCIgVbiFq1)c%bL#!k
zV31sN5tv11r@m+qJ<{rw;y(Hn_3)`_l0!3vTguQs=lAa-;;|z01sJnd4|pkcZ??K6
zjQvuvFJ};czFSCt5(-5~2|b8WHH1FPa*laFt9!b_Ma{70OJKN@MRYi&p;b!OO1DJH
z6ZNmSgoGYTnOP9`;cUoGs?p(eL_<0sGkOT(1I<)HlP%m=hz1kB2AM@P=Df?8*>}*9
zU;<=XYWnpoTpFdGO^uxQG>nCkloZzuH?@OvvxIm}m1zq{vvxi<f2s&A$4)XY#Z<`f
z(Y@K8+)uyLx8HZV-2Q~jEZqsKNMwi|x9>cT5beS>9K#%}ZBI^SO|~JwB#zOx9tg5E
z#>HzzO%Tj5(dT!&`OS^=j#2}d^-Ct1Fda5{zmv4#h|=eV$LFiQMrcnHscIC$_aY+)
zeagprFa2lzk(>E1>UKcEZJl(P@9|Ekx2HhJCGgzXi0fFN6>)LsZ+j@0pQz*RvWHss
zh!2F!$qQG}jlXoRW!QTRiI3-`%w)zy4x}Nq2hjeDBelNm<h9?*BVIpVu5(g!gF1)g
zTqO*=MRzR}k{ge&5dT)5&!tz)8^j%!Oe~T4)nGM6l36(>v}$7@ugy641jCZ49pRS&
ztIrK7Zw>IHlwPFKvq(xxnzJp($lNhI#wt&<FXf!*d<J#b#%$&{akU^`7L5#EUCH7;
ztNEttHvEbc5c!Stj`RjZctJ=%?g2$@52{<Iz*WgcO5$C|OC=)rtgPf+Tne<L2bg5v
z!WUQM652mkL$qu6aoG{6*xDaUre5wM>MC2WVO?pf^k@OS%EoH&7Q3M+wOv7NXHWVD
zDql?Sa!-SoW&7cLft@MJ*Z1}&y5l1eK2zH9rAwH9{KQ4PevOQ52Lp?sYU2-T>C>BK
zNN$oLz;c>gc%<L`k<x*BO=E{|ij!+ZyoG+zPY%NaTjgyFm4;>sx1o-fW#Zm_Xkmb?
zo_2>#{=R?Fg^N4qv}7gEFB};MS(09q1uJfm#29&wGX#nmPjS{U+aI+&w2}wffUInW
zV-Tf%L&u4s4y|WFy23ufVK!as89g{RP85}fSfYty^}Dn#8>r3*D2a>2&%mnO0}9#3
zQ@@~eA$C(*KVrE%*7MU&Ki|!8|AOiu*oedvs_(QKY7GA=;`HE2yc|@oj;l+y2yHm9
z;xoSLC?%tgb$fX`6q!YP0Y=^1^!Z%b6$Ta|zMbP-v(3+DZolfh4%Wb`lJFyJL-Jal
zUZ7Q*Q@t4y$e8UK<g-={`a<581fISyOjE|8#IkxJS8fzd(fDh9xm^X_Ur)OZRYb4V
z+kIW};H^naEQ@^=RI;F*Pmrti*PgvM2lvCjA2Y6mkykD@N=Y1qw89MZ<m5XIN7?t(
z(id&zTUFl)5~BH2Pd9>1C*uHW$l0y&_*?c9QXvr53Da_?&m6T+_n8PWR`I!PbO%1%
zBpJp<F<K?A6gc8dzhDB0GLQ1@vK*diM!hO{oD1dJ7)jd8@V_}ky)gECZ!yc66>~0P
zP?5Ko9x7dZ)92>w8K@qdD(S{571zbJdO!OzZMe^8RKKF4In0t_1>b0%9O^`NZG%cY
z&|G3*Yh0FT2Rde1M6%-_uro^g0ptGkAINq+YIb2NK*2`{>gvYOVo!G_0`e~cY{Z2m
z``5STy5rvHA@#K)C+>Z`ui5Xzp@9b3OFe(vH4jAi;5E^wfg<^CG*rz;V!q>kEWg5u
z>@d!6e$t@bTJ-q%m-G{#i=6e_$yBsUZJ3Yn3180*1#sMwvwd)g-*863XwghsEOl#_
z5&e3fCyXK0nz@hVcqoW>7JvVFcgOPdlhDj1!PQF-oL`n{?~^ECMFC3bA$JW&W5Sbj
zX!`q`i=e7(DJ-!G)@<KeAP8=&^Ug=ET9WI~I7{7&ai#6YU;eT~zhA}}#Emf2;_U}S
zZG;lQUg&#{(6TmhjsKB&uR1r8nZ6eEcy6<I_xY+qI<tFM4nls>A#72_ML(tk%4dpx
zZ`gRrHFDXsBx9e>UhA!4%AGDt-muxEJ8dmyVmG428t$YH>|t}?QF;A0A=vj`QejKl
z{@HhrGsUP=K2mcNSG{aBT4Fh&6+CP7gdnf&yuDB_frDxl6xmV~u|?u|Do9DH6>dhe
zy=I^qyM=6#q8QyLZZS{4I;6i^cEhtzdhM|X5bv!W*n8pA)1R}7)a@a>ZhR``sX}y9
zA5hw+w^~H#P5ZF@zL1;FDjKJ1Cni{OD%z~dA&7?AqvJe=2u!tEH+(%Y9*05p0u`kO
zi)W~Gft(UXA}hj#G;BMLM@Rd{G}|Z#a&9+j`s%B?=YdFL@eH3#+K}m$f^Q=(UBTWP
zsNKx_ZTdg#)%Rtu#71j04wqin?)x;MW4*tM>w8yKGC@=*-E{h_e=z3)#$+*~3Qg@g
zA%yxYX%43CCbZH@wV$U;tpyok)wOan2FvOe(w<-Qf>ut2!Db?u=Gn4wLHkX0yNlHi
z#qJAakC>QI5E4zu-Y@pixs_TvdPSv}qj*&EXI=pJ$zy>q3ToTDlI0dq&G$de&*?yr
zGt9TaU4G0(TTaUd^U8Ls4j+qyPoLKApo`&YpOY76>gl$x`z?R)s?CAq-x)=Vd*3`<
zeeu1}0{LUl-L~?XxN-${-h=sj$r%wpx{uXVRr>aGcC_lt8HToaB4jO)sA>yUp%m26
zsU%<jF%nDZ7fXD&qJDSpkf<l7b2QoR^IXp|{{3K?&ac<yKc_Y2R+Z@akA>JI@>;b@
za?Wi3Tzq=KN6}6g_9SNU#dX!Yef<gn;q+8}l2ey%zUS93tNlyTTTtC)=vgU)sNQhE
zMDmJuG`m(ljC`FRHIlY&X!MJ7=tXm%=INNKncj%d^*N7AUHwJ7U=N@1(<NUa&XxOu
zz}ihj`Aj%*t9DpETh$Tnf}H>IL4HFz6H(t_ZoLD!1*{eh?n#y2{;!k4O309oLtUKF
zl;C>itVJf9^oL(JMg0f+RI(z@sFYMIlnqci6ntMF4ZBcW@^M|qSuVDT*gIzzDEi+}
zZAuDLjmSBgp3^pb?&<9g<&XCcTHJT7WV>puurVu1sb$!FK(07f4uIA(DckdAblKE6
zYKl5Icmz4#e$(&f&URlp$Nq!<*BO8NP?-77R9;tLQ822R_^x!J$<_T$Ks&=_8%eR=
zrK%zxv6m@a8)=I8WAjU$#7B1-xs@F7_gQ}D@C(|cbOz5rVU^!Sk9T_S#P~?J-S#>Z
z)$xx)E#DT=UT;%)Z=z}Xrt>$ux@HlrXt+(9GO$+<pe@nzS^D~RJa){qf>YC$5l2q<
z-ea67ms2VhVw^FgHdxr_6q<btx#H3Yf^GOiD@MJP<$h0BU0Sl@vaf7hnY>l7U`gi_
zzYPb81~6w~MZVR_^OYYrw=mHhX)U3<BiLbc&fCmOKV?XF20qHQJ~KZOBG(;Sb0sBZ
zHQm$B*f-cdxS>j}<z@)Q*6JGL{3|E})Uea#%W}geZ(p%BzcTuhrsmzRmyX{Y3VS<F
zHFbQW?6*5Ujx?;v)VZVR=U9wF%K1hI<(5ys8Q$c1iiFBB_n$vYPs3;2AbNg$m1!VQ
z@y4iS-X#e;Hkv=n8G6o2&is)j6}>izPk*X~ww&N_5|rl+mNp5iE!nnf(RiM{({(?J
z7vm%Qa>kg_SDiz9O52tMW#nBID54JSFm~;zj8r^%-FtTWmp4B}t!nAApv!r5djWa%
zoo9R_@aXZ7(t_aU<%Qu|aunrwL|)5*(`668`o1g<p`qCAJ<z^5tkI6bbEMivj8>bG
z-7u3$w|LrjowKsPLoJ(ZbVr-t76v0LyW^XF==s+){aRqD8}8qEc7J`MmeU%O%<3}l
z^X)sz0#-?%=A@T-!`j?w7yh6s^-0qyPL?HyHZfjk$>fq1d|fG5IOJcz=CClc)AX}*
zi`dw2rqx`0@BIBT!$&py2Z6@*m~cv|i!^ha>lYsCc(VNZl277Gf3aH2^qr=A^_@j5
z@z3p-oS=L(*%M+{LBD)C^(56kaGm_rKJLpU3y;|~X}(ARd}#LUbnxqyd}L->Rx;^P
z_m#EhK2q^XbjbWztmiv^tBhw;qT>_4ksqpzzBJZLzY49dNL_I9d!;tpb$$C$%q$Ze
zs)z`elkW=UbsPFoc0|Sght?E>(z5cSf^q^3Sb_WMMG5X^(?ezK{sW85*xx&km)A=3
zSt8Dly(~S>dEb#qv$to$FR@qfL!PvFEB~83YIJTE)0sO=ZCZ8$OWLn`hHieosqa_J
z&m{kw*}t6=O-FY;*|@PUWaey|J+=60;1~Kcc6?O~j2?$uZfo=?U(w__nX~EOm>o5F
zW1jS`mzL5Ihb-uyINr?5%X3=0-^eJ;QB_Yh%J;*-{)cM&&6(x0a_M;A#CvWxcaCUk
z<vUvz5-+F`o7p4L6E!U<J=$OM?HZ@#X;(9*IXp%)nX@=m;6a+-?kJVwtsFP;RDFJ~
zcEOb{d-!PR(8;}Hf68JmLz*XN95Mt}E-Rfe=kxHd<F>XcJD@Nqb)$Mk>`PsOx}?f)
z<DDyX{Q|j*N6EypmDJMgpEg<HXSHm$UEykz6x-?i*<cmwX7lrE&;L-lTq(5ULFzN(
zpZe-JnYJ+Mb0<bbC0!4${SS6Hhgw|n{zA8Z5EPfIB5LsqhnLIDO;ebI9mMdSag73v
zXXjyu*SI2;0*_Sq+WY~Fe4|i{A2WA0TQXma<HInG?DNfI^EikJdPFsbSz5d1(Sc>g
z00;hWT~M;|D#sz`Miw!QH~`0l-iM{rP*_#9)w<%H(4h+cqow`dBRCgP&+%SRU@0@W
z#j@|eA?q;ME>0^5Ik0cuThXAH4Xe<fXh7yF{Q2S30s^O_xJLG0qeRSZ5!UXcSu)GN
zMZo)@_p{>K)tGtmer^C(e7%(Uoc%vpJx%aOJ9#)?zSuP1KySf2M+x#s|7q3>>oQ;{
z!=_xn5yUNv<U-fg-2)HXFGF>?+ltIh2yFwsqV(~m3-$3qQKHxUHvRohG)FkA!OBKq
zWeMfWb+5BJA>Ee0YhoBWpF92iD9v<k-%dsQ@(|1BGFB$n@*38x>NzHyCJh~NyFilk
zk-H6vVj7%{zj&b^PPDao>*G^=pRsR@iReb56GJ32qz8&JD+-*j=Kvm_>YRZlMP@ZB
zAYu;i7$&`vXVCLChpVz*p6@Y;62G5gCYJvn8gln&lkr;DK9>$M^?l85_nF;gd`eKw
zy<W6VO)%)Z^~jjwCvcR=XomDK+((Am_7394K>$B8H~V|x4-*e4kxoS4J|xx(%OS#a
ztEu<`dX1WgcS;|bm4FV&IeR!i?DJa=sqIK|JLoHlC@gC>`p}XtM#eaZOR{XllL4>V
z1X@v}o9xws?{Isxb_q}r^62IyO)Ww}`|3Ah<|CNdx+Udxg7te?I<Eu;<|0U88JrJ6
zpdzSF?KQrqlxJ2|e?egrI&`O%R8RJ&%AA5Lk|@NudVp-gLFvtKCKH>6AuU~cGUdl@
z{&cTym~~u!jjl5)8No`3Cc{pDe_X|<cp#Dsgg?WnqICH1GCH7*R*C$_85E|<Ud$E?
zMWOoSBHRKUfY(<N0V1iVtD%cNigCfbN5p?4+tJIjuLuJfU}-SBkP<qsX?sQ3OJOHy
z`7Sb}437FSMU(G06}_D%1|9ixve$<sQ|gC)pNi(tUYPPVv|w%<B<eDvM?Mx-;?pe)
zV-97Vh8i{;#@0*8Nc4*UHzE#`I;B9AOrb~@Qk$LnQ3+kB(;?U{r-Ix!+~N?CcC72u
zr*QBEmcl=ZilWxh3&t#Z=)r_N`ChQOLI{?JH5)h7FN8pVNyei2DGIuU7kr2=8DEng
zwqiIGe;;Yi6N%=SE)Q3xV9W}i*}Gi}SEGri07gN|UVrIVYkvgxon3KI`RdmnbI9RN
zJsNhR<L1XO2upScK7Ozr*Fb%c?X(@N4+oGC`b1pztL_fF+2^-N9%?kX-9JNohvDq3
z`U%~-zMITt2WO@xZj8flrxbeE0KY{u@G%L)bGQ^>#+Kn~i0YVlml!FHTnk^x(2J=;
zRpSi%l<A{#gc``KBmG|xT=Nm_+L!7G&l}1|OSxy??N8uO@ESR%V3zr4<<3V#N+0$x
z989V^q%5d$=Dj;~d0`+lc+{Q?4_`}KYi>xp6Ef6~e{B#qRSR?8U3L(wabw(0!R-T#
zHTr56Xd5o2J{pHOK>#@LmSO9GUe2Lke!LG+s|t`R5QL6zH46ptKqh62TgoxqjEGwP
z<&z{i%pXN+g6`Oj<;(Z}eG>Ckjx<`nLc5Y6e@>xnZ%k2FUILS{_1dc?j;WqRIb)oJ
zio8ygPHqCm3ReiJkZ6pvzkOX3M<&)e$qa(k;8e?Kv1uHhOV{o}JBXTA6q5!yjLP<e
zN<<#YR4%(Geuu#=6?^}hNy8WGgpzLO4`gH*XMnWqJ$AY~RZw%UfDgd0a*fe??LNLY
z*4720IXU0Kg11!IP&%V71!+H#Y}^5`2L`6aPNgFsS3<>XDP6yn3>>L9CbEg=cnZeS
zCh^GL`=S<W6wfjChStSi9gLu-`!_AN2=;5;@}(J%HJ-aW-2}LmT+&GYs~CVnGC0hA
z1>4wVpGL+8MJ*C1>>h(+Z^{tWf6qNkm2zAOWwiAMMc@fZ%eN1GdChL{<jvKCLFrZC
z;Y1HM01R_^m3;v|bu#evGOKcb^pz%wowm8-`n{u{^tJ(N#5h0$Je1PV$V6joh>3sA
z!eHRV2lM*Y;Dotx{7^v0Qelf=yOI0f_g$@KF5{pLn~L#!WS1X9li(BiMXvZ4qaH7d
z@+b~CRXq4Rc;u27neJxWu76kU!x7h2xLebQG3xA=yE9I%1TOh1TRrPhN!`nbEW4KQ
znW_e+FKKwAveV-4E{N6y;YWP+Y7;<+0+sEcA?<~w73rUtW(}Bp;hg%VB{ecw@NIR8
z6yI`pGK0m(^-!g`=Z~@}xM~lF%wmVe3@_3j0ZLPgVlF!17jfnMO7#zXeaS9gzSe(K
z$}||{q&{uOmX2;5pEsQO?$?XNdd07<m(&Xb+O-0s5r2yLEl`R}4XA;8!KH?2ptUy&
z_kGx~M3=%$SIi|EDfetDe~#9x-kMlk&8=4ldQw--!m?T!O4Pxa=G}2t>nHC#><Zc<
z+gR~_A2k!4(WJ@CIhm2KHbk9K`_mqC754)OCZoScxvS4CQIl3wMrM-=*Ei>rDFGJp
zQ^!v*=&F0=rCVn?A+EHyz$R-L4O;;af8>d@rTjobG=h?B@F3(%{Me3)wjMpayy&BQ
z_DE8y4v&kK>|SKjFcifkvGmoCwN8y@jwSj|FsZP8)fp0O;fV(}`Wau`gU&-a(;@yf
z%>`vzJA&ccQJiX%cT4rG*ZBII*-{#q<f*wHcBE@lzYq2J4{k>TfYo(|O!GSu@%Cl^
zC&kl05B0=8h3jEY^ae1}M8P0lzM<oHpyy9emB!eU^+EOOiMi3L;)Os_AfQLRI@4zh
zC6}m#M5XA0sz*U~O&3De{aOWAh@9P9Jp-hdeb};pe4^ysa*>;!BJA;Hys9(sRKlz+
z?&1Irb}PZ5p{lj*cKZvkGt!%mepc9c(FX`>5=w&F1E82iZ11@fe|ju{E#qBBCQBLd
z^R>P3is;<f^-(<-m|#d@l7Gx0F%Xp_w>K@^e_UD4;r<OJb&hAidy>G)t>qWYXeWxz
z9Cz7??Y}gGxVs%HY(dG6*#r9|&IKlIsx~!x*Wm2MXU8TvLKtkkXSbia+ZkweAa%*&
z1;zYDczP<a8`EkVGgjrLvwM_qREott+Ect@d`+Bx&FI!svSo}tHusZ`wC8s{@R>bR
z!LxJZOWhH>wIbGSB4T<uQhQkr9tb`6H(M1hWw1-QLnbjjOEXAQor>vj{eaTnGzPN)
z-PS&R0`H5u`vw~lBP^01sC|Q<&RqCE!(bO9<kg<LMN+9^XTgay0{=DKciyUzCOXKq
zwMp0Z`rXRE86^kC7Psx$5dt5}%`n-%ZFX~`)32YfSx~dPVG!D3xl8Q6(!6Q5Sfm(T
mT>54%^?mbAvk)=5*+m~(^y9Z}eSVb&{~79<=wxrS^Z#E_0V5ay

literal 0
HcmV?d00001

diff --git a/docs/extend/images/authz_deny.png b/docs/extend/images/authz_deny.png
new file mode 100644
index 0000000000000000000000000000000000000000..fa4a48584abb3db280b8226d18888cb0539de89d
GIT binary patch
literal 27099
zcmdSBbySsY*Dnf)5~8$(2q@hlA|NS9OM`Tygn}SQH&QM-Rir~Y1VN-Fln`m8B_*Xh
z_Po{i+k1awpYz`y<D4;kp21)(*1FbxU)P+!nkz&_N#+tRB`z8o+9f$zDK#`S^j7%K
z8T$hKMr?ce01b^6O-@Qe!v%fiEmk5)%kC~dt;ttGe{%^;5(e2=de&5_Vjm1cQq0=a
zrh6pCKItzLnA2~l`uT)n-ym{4FHv@bRsu6BDL(0$XSd#&-pLMLAMx`?&zWi#T%UjX
z<ZzN#t^8mhH<?eKg@J^K7X9zP`?MT_k!U!7{~dc{XrRtg&UefDU?Ts--;w{o`S){!
zv`=Wy1^*m+ag0CzTE2+>`w4>|{)(SmnBm_`vP$p%`-!N8Fx9lYaf;>N>#OjT;s1Lx
zpD;Aij7t}k<^H~tPiU0qzn?H4W4<GQ!tEme_kG~CSI+%=Q)4>u7EAvq-JEXGqk>Gi
z80oWdry&CguGZU=9&|Q?1@>}#Eo4UJn`31bFJBtT>(^}eDrlWvy=|))!rnq0)XyxV
z#^yfhxo7oI=l#R`)<md;Cd?bT-dWtQOTLAN^2EJa=*?2toJ%m$%^I$D$}iBX{8p{>
z?Q5OqQKswG{N}J(#MdY~ndle|sWyh7U|Z2E$(U+M4Nq8->25k+U*8!r>iF^gk--?F
zax(is{sU)wh4z*t!Dr@;e&^*vC^rS(87+K!>m>T|*}`QjuL*%nbHTg1a*WjRn8Wo=
zWjY>LLPL9)(!XCw<h2O>HuYiDHb(!WgPf^pdgtp~3ew?JEU$PiaG%WQCb|V(zJ}?Y
z%kfh!ynnvoSW?pGgpE&M@-1tQn&kaqg+nZS>R1}DeTg8;v8qzxgV~tF<L$-1&4C9-
z<3#Tj5;zB|$C5?d^^c#;cjlg~)g9TchO_i17<v7`?aR|-Tm5Y%@_VGhhSz1?m_;=`
zK&y3c>{&#|c2Qh#Feh32>)UpQAunIX$j7lRR*`Y)mte)jbLcG{N6trxoib-BB*ddA
zZpyEYR5%GJ+i<<S!cn&LXi$GV0^7{IC6v@HugbC~J^H%jg|9J85&iiOlplUevhuU^
zwxbe``y5Io?%DO4!|<WfTOo#8x1DIymQbr?V?L)P4fis`?jA1g*WVJjQp~?4=`@V0
ze|jYqPA$SZ{>eGv#=TI>R^!uR?-PY7+XV6U;q3cY^EtGN4WB4W4;CBQ9h_{XoH=eh
ztFLn1%Jx`q#B%suyN5d{-It@x^#YfaD6`&m>*3y%!@;J7>)yEYd7IT=M#et;E$=1`
z?yB0w1c`ZGG>Pf$zE3SMExNbhRo3>?6_-FIR)da!hNf6b>g@hoA<dJ`4z59`4Cydi
zmIrX3InL_OPDfkBWWuRNis537)WV+A(vHCjuRqy+v+Moy1sVI<r{8s>LX|;p#k}hj
zsJlh>lG>gItLLgQ#3d$LzVKctZF3x6`SCvg@sBc{jcUim^v~N%104=GEp)4%rp-O%
z3Ob=Oq3ww0P^aKEe~Kq&(N1#h8yS}J+;_q_HQ)ZB^_tZWqZ$XBb50+}Ix3ADF=EPR
zHr9WB&VyS}+0UjB&(3N$Q8RLFLHaVa@H<;rmtK><PN`{2zwbFLMHNz63iup0SqJTG
z#oAU=nMU<q@kV#=`n^m!YN<cn;bJSOy=EU?w{i5lUQd<NpgPlfAa9QRw03XeeN$lG
z#FvK2x)&vKiwoIAzS~^HL2a?uX<1?}J=>6K5Eh@Ap6-XU;uLvjtx8giyf;%WV|V4p
z3=s!GOO^eM^gyk<^YZnZmfvZ2PWC4ApDlb_<m-|o!hhHK>SjK^*s)5XVXdyn+3}WE
z(iIL}?Slv!u?dH6*imk9_XgT%ybJO)^B;a3{rm>&La&TVK+DSpWwDdYzU|D&a4Ny{
zy5miS1hFIk&2M*pmkSIO8R#v%3|fAa;+Z{Ippy}ZPh%U`Qlq^;J(WwvY@E7Nu@#U$
zQf?JfwD7AZqmWlZ?kL*(bSp(`e`z3}tp>X@Swt_6U8mQflC4#%P}j<NI{~g=UW)gr
z&ZVpTiV_n3o}(Y06tbUVnSrXnaZf*83Wx1dQlco_MH8o))=Ok!M=gteIht^X9R*J}
zBD|SvI)BbtH3i_{&fPmm6$m?C5IgI!eOmmWIQj5!x!7s+HQD)otFzM+A(wYcVa+G2
zdf0Dby~165cexC#P8E2dX0im1+{&o18Pdh~eZD%PlWbSJ6F(P@_0|AG6%~BjVOExn
zL)d)9)LRyA{qSb>^VQdW>8+n}Lchp<beJo@O6~aOwjKYsrS>?sL2MlR508JOpRC}c
z@J06<aP5?mNTN5|2s1=8L+YWv<%yjg_iawpd477$V;1N@Gw`}c9S&7N$%KGF9NqWB
z5m%*T;UDcs^IdPQDA!=S5;IfW+zi@$AJM>5#><W}6@I>wDF24P@VWQ#Mw>x2Ki54K
z#z)_hdc1t&dqhX{>b+`}&aK+C_k41;OAsFCS~q>vboYm`W5_AS0hC-)k{knEQr67R
z{=O_Xj~BY$<WSzWEim*tun=j&bE-YJs3*6&02k&CQ*ux;+7P+AarKD$mDXPuyq?p=
zhF`m*+bDLjtzJ{5J(MPtt5;bR$A|Jk#W8<~7QcK=h~E43AV*Y2yWkZ?;|TSx31#C5
z>eFza^WL*+!%xo(9al#*-E;20(R$dKc-^8SzQQko%gAt~(vC|rUn`EQZvXD#_9ETz
zLZ$O>!)x=0JIh+b;>yu_lcA(+x;my|{p-z#uWmPvOuxGM$T3p4!g|q3pP1UlwsO+z
z)5rcc*gV*S>$Jnu{uQiS36YVh<BdP}CcTFicD+wyOVx9fv`F61KQUT<zo*HTx|->-
zG3~JM*4a8Cj_rXwlp#!;p8}@iKfcYtiT4x39;AE!sM|Jc`&ULpJG=@PoiysZO+;Fe
zv)WO7{fY3$lMal}F_DC+n$};w3o&`@ENMP*wZ7ZH-5S%-Z~>n{Saz(%z=TnTaLUAj
zj9Dhw^;fchebZ*3Z_uaVak#&WYpa_+^(}q==cuWS9p>6eS1*1}4WjWHW}x477lo6$
zxz#PEx5mBFK!XZNRg7W%T3CE^!Q*pZZP!@Gqua)QJt3bOroJ+J?KggD!#)iCBoV*y
zeyFYLKwY}VQoQuZ=!g4PLz>&#^rX2-Sv3gAtz3y~NIKu%d5~({g~hmD_ChqQ9#DXK
zwsHz*p<d+&L+r?8*QlrRclvjftS9dt?bGe<mQ3DZEE@0XJ27wCAQ!@r^L7g;QdCXh
zt!tRJ3u;T2rgQmD-uQX)OW4)h&8Rh$9<7X#JnVpDEeG;}st!2Q>`cn|j@o30Y$|~+
zDzAGaKRsWatr#+V77|W&ky)Pk9!lE;9oI&an?t88^YU`O5+_cz0exlN?sEr)k!1_0
zJnY`ujGr!k*c@ii`|x<sqTcIddj%u5_=rYYe{I^1qU)VKR9s%W3E>W*L2Z>!Im=#Q
zs-gwDx1Wq;7A9;&Com{nxrXPt`|43L;kJ?cIF!A$XuKwqSj$5f=H<6Zb#r!N%C=_?
zzMo%45=;g2&}-K+S*J*^_GAR{%Q;8zn13M<F>UH6%^q5x;>ITlXnB_h5JPChuKwg<
z*xJhCaGXEI$&Zs05iXTfpIBB+`RBhUI1*V~u2#GX_4iBWvx<(>I62%YeD=(gE6Dzt
zkm)FTw(9j^swa;urjMchm3g0ec|uuNrVw&`w^1gox{FmW;_WQ}*FehzL%5Ouf-qmi
zwL94|+Agw^8<J3%7<S1Bsx))eTG|^G-%<vho*Z3_wV7*=+Zl|=Tnl-D;c>Dv<aBn|
z=!H+A=i%h+qSsidSrEHnjkfY<v5jV8Ki;4CTw?d%@W-Wi9m*vTa_J>L=g=-mJ-tgj
zLc@hV&u|f!qHo?(=J81h+oAE$o$qxP#qVoVevFTItLJ-vOz<E224M5;kAP+@e3AEL
z`1p6nekI#77hIHJndYFldiu#}dA_W5_qX?%o^%)`gUhGZ!`DouY-%WBo=ZX9pC!JY
zXXUC{_uF0@*Q*~FTW>gbNJT?0UOifAH}tjQ$>^Zkpl^1>I*sRclu~zd%V`C)uJ8Iw
zbh}p5=+?7<m%iga;r2K?+1ois>ZQUe9o=-DVacZbk(g-!|Knk9k;8j$W~kJIhKGI?
z^_O}R+k_5Zd|CS<QMa|4-7t2-{kO=tR^sJ*LUN>v%eNj6t1S2?@L&&$l|JZA(64b(
zjhH9AY>^~jpB~GiF3o+&$Hkx6dV4jbXXeiDnv5gi!R7T{|L4th(sU8Ro52BP6T21n
zy$|DA9;CMQFB$p9-+cHvXreAia2N+g&eK%Zzx?BU&UnY1$G0RwErG;UNhpt*dtMX@
zV$T9t#CEx+M^?<FT(nPLanEC46bl}|+f$c-=ha$9EJIgP^mwxFgk$lQW4=~l9ux~J
zzfXy!DMC)|4!4<-3nWI%t!5JIzUJsv+Pb|I52L(QP%^A!{NZL|tv_HU&7oqWp&za@
z(2RpgEIn6+O$IE<l!aGMcb`2T^}SV+TP)Z_Ijqe~nXl38pJiL;abSxR;Zm|DH6BJ^
zf$Gb?|4i;IBSMr{?ofDSPxy89aKv!6$?SB?%l3()-KPR=wPy4hJAoD@wRm-h@#Cxm
zlV0IMm?QOywXTX382V<4KOfvU>Ytj45L-*UGl2?I#bdwB;~7H8h`K__XPH_b>}Pcw
zMKJZ->L<;WH!kPet_o()u2s!kCbJQ1>lAS@KE#VpD?w{vK7WBIG1<R@ezU=iMmmz^
zI{7tIw@Vq!+>Kbhs>wLSjM{y93*9M|b*!-@mvc3Z3Q{<X>hvqwMo5h68iSuK_GVR&
zj~|#`!l#o$;cjGIE59l2n&=kLcyTFN-}ibf53QelOr_UyG8x|Ub&)B?`>$nxHob5X
z+P~W)i7%3wqr)T5=XXnJ`*-Dpn}YF}KNmw<L`J>$(P|~9kpr$~?YULG>=j>XI27k~
zziD4exo~(}i>=!&1`TJQ5$)cS!SFY?Y_j8Ge{17OU_>eS*r1|DpR)_%1fb9cZ<$a%
zTN@LsEo?I1-tJR=qfRYHYmM`?nY`kDM`)CIFHXbv*1D9-ECcUUB>^7I^=Pv%3i2@G
z1kj)t@dO&ZDUqU&T*55j3=>JyUhwy89tv9@P1g3$h!ig;h8i}am$*ashfiV$qZyrH
zG_^GRWrICRKB52nqoiiyRpg0(m@DlFjtY;o`^EQOf1ivFL=+F3>>PX`AfQrr&{<n8
z?MwzE{yv!&02BI8Q{z9B*w>OtyoG#~qw_H8&yz8w;C*QI@f82?QG!({7#X!Mbj1EX
z*$12cVCdF5+r<70CwWV3JPO`so2J>{q{>n*ht_6BamF<3_kvIBu<0xD59P(wPGXJ=
zHIBbCrUhpIINDies`FxuIhOn^nx(dr6XqHB!n1+w`k^}=0ZQ~2$BFE&LcHnr&U&~x
zcdpKJ;dPJF9VSKVL0?yQCIZy%MQO?j1-VH}#)i|Gv1)xY$A^+Mf7e7#4<Eok>>KOf
zPb)y2YWn}*2MOXsH-?P7;}(+LmD&@yxBx4~QwciAj#oQbOgD!(Y|Y<Kc<A;kEeNxo
z?K$wb)rk*J^gKOhzYr!oO{>xdl*X?2ft^Gy$L00sz)O8&4ZX)%fY{2+zuvHDkBtJ*
zul3={X#Dh?X<)9*)XyNALC>F2GSoP_*M-M#a_D{NKcEux8ha$_wA5dEn6sFZ9PW>W
zKWOE;G=!ZZ>gk5iSYasqyk@O<2_EAqES$*_HL_nHX%f7=Ml3geMX4g7_o&<Zlx|~V
z<1olAjl9QR8OZJOU||eG5C9W10S%8DwN)5T=h7{geSOP@F~wsugwssGUQtO$K7o_t
z-peZka;YNUQpC6rIO@f6u=2ip7T{EZ42>tBpbob!CPBl?IRJIVMv7!yhU{3EsY(v-
zslB8@xz8uNuWh*fE(W?(WLV2ear2=gOLnc%=b6^9s}9r6I0uV4Dch4p2A^iTZcjRf
ze11vJm>SJ|<GVp)9QwHn%$a(nruQmr$AuD__f|)9*6Po^R?nI)a%p=(&mFK$;56v9
z%~5)*7KBfub=!8Vq$yz99GH^O<i<=JmWZqO@F6i{q~E1$LK;JlX1_#LN&#Ye9U2kw
zz^XS>74D=Ke4qsmlV1enzQ*N7+`Ug(cS=k?J9?7~JWUn7Ov(3!<=y0((q5-ogh=+5
ztfJ!f9S&u5nF#8_K9&bXNkY%&QJ1F+jp!Pp85A@E@hCI^ZV#kM202pgJqpdK@%tIC
z*3Ftz7Fc#BFh{|%W^yyG+VkkSE1+Zq)|ELfs^w}GzV29-2hKY?YF9tdmp9WEk?=VP
z|I_}Pmq2agLAp8L=My_c(D17U`0wUYesO!tOR^S4_47<l*+k)(*-CF&fiXpcMzrK^
zyE*&S?FtiBM<_2+y$xOGNJW}X;BV;NcUQbfE97Drd#jynKEg$yzJ5f?BI~<ffJ^j+
zfS#Ct#0;*R!^xr3_{Xiej)l@ZP>HS-P)s!zkQiRJBURqo1xgg<eReddmZ!lY(&Crf
zL}utBK}1Y!K-8d%6}x2QeZl~UqRP-e7}Oac6FAwvC`A0(>{nM_R4901+BFT2b5E$c
zuT0k0?@USPQTzZ>>-g)tgmQ(&mq-aQ+2w)!oSfSG<j?RjIle1Rjer{T_91Y;Osl?Z
zH*2y!W8(-imI4W}{V9LH1U6?uAZ|7L(=XL(T<j%&L_Vyv9iRQ4Cdnyr^29wsR@KdS
zcdW+sJ)iBE_V=^Khuz5{)TBXuZeu`ocRYQo2)x%Q3U~kmYF4rgey|xT;t)Gt_g8L*
z+Z)G}>~dF3tTp@^oAbC+Lbt#!nhU4+_Z;DndM7@6X8@(w?mX}BjxNx7k2`HQUagss
z|FG*dV`7z9{xB8?U#=Gse`pUgb-}1BF}bh!S5i*>VLk2+{M*bVS4mi@LqS>U9n!v9
zpqddlm0fmmu%CdsZEwO|dBSa(<Am0BqUPh{u_{%p)v=H79hds$QY5b<lF=b!Ne*$?
zLe<yCm8KULuUsToAM-vtapRjTF_G*d!`CR-5l=ID+b)~>1f3!D!<Sf=7!<XLE^zuA
zAhZyc-vi)m@q40nbM4dbC1DfH7Zu7i2UmYo+NEd|>S~G}uS>E3YjFHMVSu0qircnH
zW6qPFeprbH$5!s{`<5bYmV}!T-p7(OX^ynSjEdjeGLN?wk{cDe5%H7z(Dw=YAwg_A
zkj!iEn{`c&c2{@shzwmiFXo$J;!^|N=qb7vO0qF^HIev`<ZuOql$`>yrP^l;O1?dj
zNAFwJ+gJRP-(~vgsV#W;i-^7DG7_y7eY&$W;1fDqNBtcHwYQfCDXtrQdOk3OhzSbS
zTk~CgYpbJ`m1AAHZGFmOPd@(qbBIhnIsdl(c&9Ky8$H^78eh-52~!Qz$cBfp5JV!&
zE0Z2uVb865GeZpBk3nixB=9_*e#zx1aHqq#{2uUD$LdRzd@8r?CdxNK`^tH4^wA+}
zZm`Dn+3Id17LB&8z`_1ZM1?yPbB;ank%`b)RLtMnQQWk%JfsOHRui^ttWISc<+Ib{
zgB{(ZBcarzlSjRu4=LKQilmd)C_dN0wp$we_>8fN^5#R7QU>g~_%}y#pr|+{y8o_y
zU{L4rV_ffGX$S<up_AJnE#q1QRt<eU88M&E4M)1doJ6&>N=~)Yvh^P2Eo<^ebEgHo
zR4aRU818PT+9C8a^du)t6fHRU?@Vr*Hvd9XH{i~=9N!>xNxd9l_r{dpImr!-Gq>OZ
zEcK*~<7cRSGM2~kV;R&YGh21uUC{}{Q12y|8-vAgT5`Ju7_$;b_kU<$?%~wT)96Wf
z+D7sr3RHw8b<~aPiC6SWjD5Xq+BEVElD$t|MK(`1+Guu2(#E+4N2%#Nv@=c1Bcg;b
zZ8|}f?R#P=9rOHQqfn40^Fs!dG5>{W(X!j8i55*L^ufE2x|2O$GUVX|%_Q=eZ8MY5
zsUDkP1`*!KcDW9BhN$3xLB?1_%=^@1yplW48q=u>6<1HR?D^eDDGe{7+MW9Gt<T9f
z$om_r&bgEMU)O#HyFa?lgqvZBbNDE@g17U`EcCl<2oXbPuITGGr1*Q<2_Wr#<aPz6
zb9)C`DbmD-xbTO62N&KVP;`>;8@Qsq<<~&o!ReCg2UPVQO{sLClcnNEH=>o7EqvUA
zeJiU^#AIr;ZQL{VxkaqVgn#icgw-~4JK(&~c&F0Hpu=3_xY#?sIUOo~wD-F*meSB`
ze6))p?X0$c#OUz`Mlz_`5@#(hiL=jQ*sk(F{(drE7jD@bz>~I^(b~26%P>KE*<VRt
ztyknR3Eh>3G;-&a;p@Zsv-B=+T7D7P+^fU1(Ir^<e3j2K((Gx?;*XZxb9X3?hi9aZ
z1P2vp=jU654B^c0OsH*boG+N8Y%xn@sNhI4jP~eaPb4giaZ1<8Xm!gqF#Wi?(R<T*
zO+W11vPUu|mk1E0-et?=<CvL;hHhhh+@4>m%&t)^rzDa#C`NL9!fd`O=#Yun8;l{5
zR9#rO#tjRciR0_DYt)yAO2@E7He@eVmZ+k%&5_gN0iviODV@+hv=1W+XsvkU+zo6u
zx3XVUjzckazoei%iMdYOgne-^EwQ@Ul3+Ek$2fvoWZO|MOFpjr78l+nV;^JstWgY$
zfGWL|*PDq6*E=;-P9xCbNx47!^;|;5kDcc#<aTK47sOMfeJC{AiI*s_#zoaCLN4?8
zy03{6Y@Tv^eeT}v_&})OTqZ8|d-N_kY#Q$(nYgN7Q1~KCRdxY3V$mE-IFdx&N44e`
zM767)mSOrkimS07Px^{VRU)s`neOERxs7;~6K~=%){XgxIP^-HK`lZ!*)b*uSn-LW
z0cy=|9N9ls{8WXSYgU8GI93i`Z-Iun>;<cApPDcn-n;N|>)W0Cv58`@tu)5`wf&!w
zbzW|$-h0Va7YUossGjy!&n4=^VN;XlzJ+t+qYVL<W`m0jO+*Nm{arTXLr&UH2MKQ)
zyqf`_W}8c7$l6)(l_S{^`woVQnTLO_hN6>kA+GzB*U{>2GHveMz*nNX)Ta5E(u{SO
zeNVY58>rd$dKjotT=mCgim!NEes?wO9(QUa_l>5BJkCs!q?k70bNr=JJ0IA+D}l1V
zFw)7%E$F>kF;pJ&LzJ-nL&?IEZyTmB>^w{h2?NQV9{}OndDQT|du)hx^{43~m9#<?
z6Zbt^RM*&YL~SZ}UX$hb&I?oT!y<u5>ooS9CdYF|yLV5$e*$uN`3H)IUxQZl?=>T7
z-|p+lD8`xMQf63_pQG^QI2V7FIZBfDu{26NkZaQT5}{pDVtb>s!5C^^i4M=4+rXbo
z(__0w#*4Uhlq=i7xHca2Njo>it+bix`vk3+a;`D=KGJe8>3~r&@rdkF20k<4`)>hJ
zSET!0Mqj9skX)w@F4=sM>bV||CwWydw`l}_nVnqKSQqEb@6|Wik^@(&xv5W0NM4c^
zfK{~=aj7Al^aOkIv{{l}@Mu%moUBKQ+gQTgY`%5$1g$0D{+@AA*M7-m=})_heKMaU
zb$q!7pN^A0aQIEZo?&brnn1lZJ%<T>f647@%U3aiJ@KVrGFf4}bzg#-FEfU|S;Zgm
zjTNOr&@kl2g^BV+xQE|-c>42h?OCoyt{SUZD~c5WT%KXA8}u!?N{@2`o)J+;6SV#K
z?!|^~iwv5e=+~0v%SPSE1EJCy8YAbx?W5qaJ!=yhvL#TkJrma9&D8`QW>tpI-Gcf_
zRzIu1|9LQl+c&mxW$$kFZhcjifM%VC>kE;j<hm%g^(l#gTy-W*a0te=K=4!n(xC-z
z+xMgLb<cs5qdmQQa<+Pjo;GY+1tq=BUuVC@IDND)zgXveaJ<#cRxVf<;tIzppUlWZ
z)mwRpn)CaI%C`IMuG}MB<W`AgGe_yNc3?`hex2C>C8WBWuHd6L5fKr|E^T`8Y}cCy
zzpu4Yi*aK;_~cUkC~26^5V0mk1bz<|zEPNzqDVSj*Y`>ET3x)_AmkI|z1B^FiIW+Q
zs9rm*@6ji(c+E!1@I8pFu%Btw3SaAHWxA}?O~aN(pPVX8(v8{MAjoof)h<pB^*VON
zlr>!J@d*yG`u7_JWsR2g#+igB!%cNnB_pkl<*)ep&j+@MNcWK2E5GLZDv+}jb<#%R
zJzT&eL>48AFna<D%#t8Ny|10WKfhKp^Q7)gl{h!kY(`Fuoqwy9d%igx;qX4n82i?j
zKEyN%5FD}bI5fYeW1mSQSv6|jctw6LlM-DiE1S}70d?|fdYuXN?DDqU6O2DAi5j6w
z=kR9dGEtxq)rjCw*e4=pUo+{)?9h0>Lr1mL1-u(q1NH5(T31`j<z?kWjeNA5yK=PT
zt7IrXk1Mh0>G5bs5zqP@!g^j^^89O~n?|CMn&I&a<^NR^rWC<c|L+g>T-#XsPZr?+
z^@;!2AEeb0yE9O1B(@N{NbG<yOXJXNl7fCDK75<-BDpVS^zkw!*r<lh8qPn;EDnPt
zX@G_Yvux!T*DX~PL^V&^+@liSXrSRW5B9fn6gUDoqyn`oI+cG~cWjo1e_%S*A@<Sp
z`-8)%r4;iPayio0bGrabiD+nO<XXZP%Ql(pO{)+5)m(SeQjJkxrK(!VW4gY{{}VMp
z&~dyW>HJsmNJJEm|4%%)XHF>Kyp}|D=Q+EM6*n)UHf3HwXO*Vu2b#|U7EB!jiC1oh
za*F6kEjUJg_*dKy*}!Gr-;}ul{=P#94H+3zh4n!6`HNS^qMhjl`U`Z_`RyjCaPC=9
zAYqAy7Z9Ad7@ldMm?WUO`+KtZ3_vI&zVNz_Q|-ep%8fZYhZE=ug)S<rDk!K%almHZ
z&=Niqwx5=2j*UD2C#3=Um-L-5`s9VLF*2c7IP%WQ9(Ez(KzY%{E9}g5$M-+%K84lA
zHTq*MPevhe3LMjG&LG!A3?dHH0(mfNEmnq0{hoqX5|6|bfCHO@VX3vxpb#$$sDa*j
zZLGII=cX%odKSYaCVr0Gy|o?(Wu#X!O!g&`dNt&6ygCY1((XnB(XjfS>WfgWHmmXK
z3VKFHd4#<v_{MQ7Bd3NI16zgXut)ZqkmGmtw~1?f-jm*EwKP02)R>{xoryd`V$6KX
zeyTcv`px&&#xX1gGv$aybX!KKv%NtId6#2~Pc6(`s9O<@7(^gHv%J0I91k71S3R23
z79g*aB5~*yD{*^jK?kWktwL7Mquqgxh0a$QadWUA=fG{Tmm?+v8M?kD?DC(g!-;8o
zF~Kk3nIN~D8&E@o(EYJz-5>R_X3~KlMROVmz3qQ-kt|c(7lYTTm%i~`pB%T-%cvPB
zwG5Jhc$=+P?S7?#O&7m5{;31}ZiHVuv|V$??hP_7-v^c>z+m;UJ4I}gr)#3ty`v{X
zX6Icw$UwXR4dmVo*6$TWh#tzSh$;%I|G7Y8e=g7sc+2?BxsFc(ozV<0JDj*Vr9mml
zq35Xx*{)@giZKF}V|x)^a1Ka1hS_yGP;9=d=OqrZt7Qh;54J(}<&*v>7x#VKjrfPq
zuFRMEbKNxV7&o993_4G^$_PDQu~crKIT$R|%X(03h{z|bG7$m4WHIO?Ut=D-w<vcJ
zwW>^L7qh8nqr|NaGDv(c$dh2SJV?8HUeNQfd?$!SOS__pclUSw+4Jimi<-d{b8xx3
zHg5;soahZGC2Yr?3tar+b#f>Nno<D=WwyRn`iB_Mc9z%*oH+G9bk2WPN6x#fC+M}g
zlNTgd(6euv)CyVmGy6vSPk(+r^CgOI=WrUtr=4Gym)(I|#03OkzU7ML!3)e*e3gFb
zDPj-4;eXQWHPNeI=kbw$`p3s-IY^#FdBOB0&bRB_;(j!{H-)}}#^Xe(5v~;QO9?(5
zC1}3t{%+Wt0TnEGesu@)S8MrQq4dcEr=MG`oE+53=Z=4M%O;*bw6WR(POl?NYNzPw
zzF8w5XMriS?RSN8KNmUflhZc_W4Vf#-k>2LpQ3{6P3C$qmte8K{_}8TktQyKn4%i0
zTjmvCzIJxzEG-;0+R5vZfnPu<qZbtwJ@4=m#ctdZT6k@q?mUZ*b$OdjaqWCGgY@gf
z-CGv~6GOv%ix!)F$Ql_ML`n3MOJgZzP^JANCi)M;sXkZPYx5BWBgp`s!Kt762CQvQ
zZLh_LVVVYscPeHz4P!3b#`ZJ$bk8EiL-b-(u0~2QdBa8Mjc&e@T*a8C4{2teRE}qh
z#m&cE5K#|6!}DVPa}<g&O{IAzJom;AN0Wb!5R__gqA<xgbZ1N3Td}bw4YQEEm$)^-
z6s4K9%A;gz9P%tnc6E^p>2yeG3`m4_7>s_?^$c5u<*+Rz4Yu=LWzgHVQLp^*F*HI&
z(R$uM1-J)lem1l1!+9ki`JT7f#ZU;<-oT$)SBm2;C})v>4(rZ~5hn+s8*ipHWH9}e
z(P4=<2B+?FyBh!iDQb}Wzu3GF=CX$f(t#d|a5A(2e$C~Z_@j*+^e)$1%V3dC`Ct5#
zi^G<|pyCNM%a?L}^^PQ?##cv#DEKK{IKl}ZcF{jcHu0yho(l;~>VJ)iKab{q_W|!V
z#;h&;1>b_oEMX|0B(84=(yYXZ;CM2kzYf{#Rp7$$8hHpby!C6bS=Z}Z76286Rsi8T
zQiA!j$5vGDyW&bE@Kk)k{&3sMJHs81ER;{=p_I&@ZGR6IAs67i*vs&W|H*6Nt<Ia9
zr$@iBV%tNAnJ{ouVjFgaL4c$)@;b;e{~FD}BBx`2H!3?$;BOUGL{?FH9lZEwEC$u(
zNTwu8@Y(zq&`S$qK@Z82v4r%(hcRlmU)L%4A19XEj_ZQFm<8347kWpB_gIy^TA8`r
z*Vni59oNQmpbcc7K+U}YEnu*oL8nMx@D;a--}5%vn;=zgf;}k*Cm|C+v6k?jaO!u6
zlrbR))}E)SP%}T?yd(ZT#G)9$xXslJ2h(_Y+hO5bVc+lJ(u`E<x?cSX>$v_xy$24n
zUyx`;92CKeUWV;@f`y8%cM&V*r<8b$4<rKep<tY^$i8LWuY$;8Rv#>T?(Y1aoRs&5
z`ynsY50NzX%Iy1Z^5BCmEn}R=eFyc&Fa=!KNuiY(Wzk%vB!M)r0J7oQWq_QU2L@*b
z?iKcT6JAG8oFE5LVb#Z|nJG)S11Fu8xENaZ63F(fJUpr(ENXWp^322wBaL`Vz-cM=
z8{LB<eQVIVg}NZ@lMnqPACy_moL3Nei;IjjjzfB$b$cv}Vc*y%=VB!@q=9uo)Z<qf
z3PMbe1f80wPkm`#U`9*&crpuao8IA+LCLu&{HU_efQBm>aY%6Tg3K^dS@b|Eq98gl
zDICe^H8L08eSzyX3waptug3>l|LHQaAc$u{8lxBTRE@uSu{T?V9!=D^W&sf@1LbdK
zZexGkc@igEt5h_Uuhh26VNPDefnC3<<S~e<l>CpGp*zNbB(4BL+8pFasQY-s$t~g`
z<nm1XH4+PiT%in@jplxq_2TUz!Pqo%-sG!8;PinSf1}ax<_Gc3064$1nEMA&^t9A>
zo)>tnlX4l3g@!G*1K#)|c6OlL(dFf5b<YmN!h#-{7NUXwfGd-n-V&P|1=&sPY>hDS
z>y&Z{oNqx+?$dV@M*1|MmZfQD5H^-=VhNYC6Q{wDC<L;0Z>aCV56~|1a(q`qOm$r*
z>pbJtQ|F|lj1F`|g1+Kp=b31{IJE~0p#6c7XI4(u=S&y&3&0UlpvIqITKJiCG=V3?
z2sf>Q`~^lm5;iN&m*BaZD_)|M$fC~ZX?t70k@*WvWA%0E$W}j6`w~%{IZLDZ?bvvA
zYL(CuwTg?<sV<RbA_R0s1!ShHglaiT*Vx{vzjl$3m6a`N`iWo^wGv|qvP#Q(ANxMo
zhQ()y4Fu(&kG&(7g?Lr-(TOZ=9`;k#TMhG|Xl$E8mDu@mG4z6W;`A{*-vZ#a+B=o&
zPo!=_<gc*dUsEe{XbL7!PgW_L$ONq5M)|D&ovQ9vYGH_~@LAoUlL_Cxa{owh4xNtn
z@u<&@ws$0f0&uoTk1<Kc(!TJxwOBrx?|cP7kn*G3PTmk7xbhjx{!v7R7gUA_>7-?$
zCws)-)IBG>J8Z@a$-G6_-{o3SJ2!maF#!5D?lYA-uW;YF@g2@!hKi}Zz5OPrkjsSh
zv7I277w*V5FZX7>tbv#augCt=J#+n{()oS(Fdc||eIA!26470khKji$jPgN2K$%R*
z)mZm=Px?Jxn?d$Mv=p}`77_UZ-HJS6=ukrVs4F~v#|H~3JG%7jX4jRhOwEJ&HZXix
z`oI&@INd4sUKCTdcu86bRjM5h_x3MAt)))4XmLIQ*>j^AmhXZqg&N4G|I&@$9ONfW
z!D!h}GSX~Bk5=BhS(6?au&^l5>K>}JtC`u-HW1Psq2mNZiUWc&2a))Cr>`7Tc1)xN
zm4xt$K+d^A_cs8#$DBwC8rvBP_0NgB>?txB+}M6;#4iw=+3!B|wPC4OhF@^RS>`(u
zlp!WewONyh4jp0z*bJ(cKjIgqB#Y_Qi*=o5XO`kp4?<rs!K<;stC<W?v7>HdNW-Hz
zm?<3>of{8t3{tQ_8H|#ImvtCn%~r5}5DM-eiu_86><bH4cu!gfDEZP#dM%IT=rmcT
z`#i-?_cKnJ-8=cI*_1E{W#JDou5!eOQsv4MJ~0<%49Cwy@Z^mkG_f1hf=@`FF@%|C
z1xEzW=;h`=C=UPl-0X!MZ7;MwX}62g_6H`OxRP&Vb<~?>er}*Uc_=$W(zFaxrqEp+
zNh%5Qr7?Qsd?w|?zC91y*A+Zz))aUER_tRnuoSHZ^5V9C^+=vI$qOXh9_eVc%L21L
zsK^T%Z#aj#5~D8`jmP)p;8O71j=4Q}DQ*hkL^c#+T6#QVBd!j>@jcjDSf-J0wY#VG
z2LNZm2hAq2nkVK)e>|1rfJc6n4$uXC4BQ`HbY3@092LR9crJCgnpJUVq%(zzzla`U
zzN7kFAfZh~6zl*OSaqVIM@@va&C*J4&>yoY1^#lsl2Bn^4CDD6Hj@XM&!3*t$Ot?A
zak?T`CML?E`8N->n3r&-D~~-9t?w{>gD0x=#~Pu54RhN$tjk{@fqJ8wnq3%fuL}_b
z8H7h)WNk{IwQu-hQLht*PW(Yn0)R{!UhzNyLVyAZ02tJCtHl8Fp?okgkRXD<&DOtJ
z{a{mMnPXK2lz*Q*1qJKeqgF8ck#498N&-*l)dbCdS&1b008^dh{(l1wp~y|MpDDBc
z`($4PC?!#tA#VyehzAzIY^$#o_V>vM*73b*hWD3RGb10lC9ESaN<0<w+uJ)#ZQ<80
z@=<<{5!XOAZQi`O1)eWhrR`wWbY(etfD@kyE%LA$nszkfeaZ-L2KiV5qf=RW^=w7X
z4G8{bLJ9=gCv4raLb*EcvmZ~?2u6o?mPLzyM_|=87Ge|$1~HRTEXZ8T^|s^Hi$=@b
zL*T&>8l7e*BX}Y1ax5;18R%C?Phym9rczE4Amp*IkdUL*fU6>TFMcsl#8=pLQx@vS
zjuC`<8KAQaI)OLTl2D(UDxwb+)M9<A5ea<5kN*$sR!ARgat7$<YX7hesTaU1HOOaw
zeS4>p&t_1O+WXiZ!Ai8(P|u?x2vLDQu_Pvvf!uxt5rh><mLCs4^S^M(99~FB2~2+m
zKn;)&EjGectX7h-vsjOhsN8g&o{1G3|DS8m7V?E~)vsJ7Md#P`09HgZ=ls$Uqv{(z
zZdZ)42ITGef7H5Hiod#L)hiXDRr(=laT4N*OS!`!6Uu{kfVlawF-*$x0D<N@xS%;@
zz8nRNb*(QT{T`)C5`@yDV1LR(cXT=i5NK%u|5J3GfAvVe7jL^sPjsR^$YaH0{l=6W
z#OJwy?d{CoyG<m^4?D%2&K%>XJX!`5DsaU+aUSnOxy_Ig_jEJOAbHep7|OuRP-1HA
z=a3F(dr(Aj{A=^7UCniH84^H-SAf=M0WcCtIDVW7zk|6bnMw~Vb0#)(P83wpHa^ul
z@Zy$K7a^Ey{_A@h2E&!d8^|Sk<v=b<&f*>oM0t_$c3cLNkfQ>p?`ZTJw3!(3Dk5fp
zEU{ch6Im`gW#;xDFSoWpQhO(sKAS(P?)D4IO;AY_MPX2&m`cb|)|lOV7UB<X@}zyQ
z!4l>9cBozLXq8}dbUvHw`b2L5q^uPo&mUopg-4#+aR?c4S=jTdatsG!v5m;3dBn@_
z(OGds$VCc!BMJiO!K&qJCNB3e<e(8IYB-=|FwW?FcB*+T+A*8Y{f7dRDX1_@F}DG;
zoaA*1T^#tdR;|#ReNz858NBaBE4@q$yhk-zI5Rh5ognSyurYnFkp7O-Qf7|f)<Spj
z5XVVja3!xxN1NUOBteSb-}Xpq_fzGcT}biHc5w8Q+M_3)(y)&1;kkiBpMoYWTw-|b
zmUXQ7SBVXiE_=YEZk`+a8#8W>&Va98-El6Wr>Fm=n1<qUx&s*EiO)^XLq{YIu)7sM
z4;n%RVK<z02GFeBgvk1m1%evTaJ+`Qu@4|1V-EZHaO@=I-)hFT)}1cR*~Zf4XnOXf
z*ViLBilOBxJpl%Wwxqwr_y1FWH<bK*I0^23xhmcuN4{o$wgS4vF2IG0+4d%+pFnwk
zavxXO&Z>zPM_TyHIpAy!zb-69f_?l2HZwaYT0=v_TR3J^%F~5-6Pp`aqRI#R4jB&H
z5Vi6plFjH$7f<D(V?K_&E;;+R#nVV+g|DWYvT|Ige%KI($ENl8GdB$jwtz1hU4eG#
zU63@GYTfrPb3e57pGo!tzeS(7@f}&K+{3OY&oAfkxiA0&n4y)B$6}g>p$!T`Lg#Dn
zJARpP!X8CJRaweODXE*Kk@S&5nCqo}vP7R8P?-+z3x3}7QP2H3K+WEDhP_`VPtQ!W
z9)y-NbCTA~y@n|ex1<y>WFm=%f9o{LH%D};%Mi^b3<CDX!`o(8=r@tpZTP0N87lT=
z%#{lQmnD8FVu(V4Jd|oigI`98Hx!X{VWHhf8)G-yN8)Yu{3ant*Ps{ABB$lPuqO}N
zG8?s9G|+6&`&ypbrF~(eAvK$=piltyd0h<X^$KnpEtGfMJjED*3z?Xm&Z?_M)i_px
zio)5jfL4uX@5|^3u3@g*??C2CJH`8DxNhl{pLe0x=<E8;L1S8f)1a;_!T<-PPwdNz
zGyMg6bTMR+IH8TOmZl&yFAMr%Jzn4v@4O?3j0~oY_PMn`Jk|+y7G`ZFk@<!PRK6(+
ztuDR~bY`z7ET}qx7hb(Z26yDF=44yQ!=0Hsq>%nbpNiuFS_w-LRWA9DgTMW;DZb$x
zzA!CIA^h(1hdU+4f4duPWN&*^Xw*sg-*&cwlbPv|X^MBW)_?)m0veu=xI9bSXfOy1
zf7)zQ92)zJ@hk}EY<{7O_%d8-mIdMZwTZ8F*`|v8cNzcmS9$_m3}otTwmoh+KJ(`X
z_dQ#kIuAk884kx^|DI5R*&0FfTl;oaEVRSc9x*{`NRM6?Y5hAF7c7Ld@1e{Bg1_w>
z!Dfs>)H8pVg!#4s0zca_)BedNDL88XxqhZ^#6h>x7v-e>pQ>;(e<DGD9pqigK#V2G
zTrrB)K%Lr~G9&Fe5^Oz<KcevZRG{hO(GP`Gq8^EkezH@|A;c1j9P63?g&BC{X_b?O
z)ygeZPaeSipb&N`0YwZEQExy<E4s#YOMa-xfB}3jw}^4*6`9b84`t#Ay#Tiz4&Cvw
z0~JHJ^x<C?pA}cs7`lxNUR1KivOQ2@R7^~*H4Zs|=#zZf-52ymbsmT_gOFHdv6v!3
zH`aXh<ly(_Ux~nAi=O@VRu9R&A@L<Vn3x%&5bHUAK^hSvR)cJE_-Y3-oR$Zp6BC&s
zZIS?D$7^%-ZP}K@^r}}BfSSq)e0a&BI~s?Q%AfO#x=eCyci2RT;A&5b%QTLl*Kw7{
zMhh9DM=S=NAQ=NB<A-};;pW56NF+i9No!i5xdR*Pab(BjTL5D$rW$<R+OOc^()0&5
zfoB(tBy<jUSM#@a=NCdg))uHdWX{hK{$EvPl|d+%%e*e~eQWXkZcuY%*iJyUYroko
zY^KcH@-3HK9q-o78|XyAju`t-8ldzoi52je_Va-}%mRURO$galFGfMi_>_6BBVh=a
z%kyyC0Vcv^A!O*d|GVx;iTluFF)IPnOC=o|Yd>Av9|&yXH4}Eb+z1l$S?+slytZQk
z63Gx|8KC<D38^oj^X^z)e&xRP9(UonX?tkR#^>(j&7|9Q$z%3y*A8=12(D$c2stfP
zWjQWes4d&u$g}*u+mg81`3lrI@c^O*4d!f4WcXl+l*jsWY>ELyPO`bu8sy{It@e6{
zK&9`?5K;U(G6$KacmxCf6PFLEhW4+5?Sm*;FeAkT$0-gd>0-}~Y-6#bm78x-x5eB=
zcb}<i*}0nPz6XhD*HZ02Jy;HUu%f)qs%yYuQcA$ZTPE4c;Pc(WEcx&tTalu8r}6bw
zWY#4*GIEOOih2RL!CjWSJwMLVH9@Rhoh=P!fvU7E?h1}q*-KtMp*;in2TANzL^oI7
z<+<brlPL!L%3g5sDj!+AeN%RKLvZdRyqsRP5>Kt$kb$$@Ncq|A56D1NvYK>L>(f@f
z*WAVqd06e%?G~hbFO&sL6-}l(p|;TSW0za?Nk3m3%ME*)D!|=N#bX+9`hjV1TPa19
z1LiN&^y|G0u1*^lazh*KO}}?hgc51VwA8T#B$J3zT`6I5?B_^$rByWXZi`^u)uq{m
zmsOR*rFFr#)CzLa3qZfFAQ3er;jR$=uO4lnJiEYg-^c=Fr;H-H-J98=@5m$f_g%oI
zt0#YFwXLCw+3HS0BrD`AeiT`}Ak~VZ7yv=&+Qo9vdpfV@!T6_+2>|dc>!G5;vPa!T
zz!{4`tVxI1TkeVX!5o<;=oPC-Nw@{Xn{5K<cs3Gr2Nfv`mxMXhZFeQNNdIH{Ox@|>
zavq3TtPpR@gGa5wNfx5+b=rJSbUGQ5QzkSQ!i-4mJD^|ZSofsA0ROz25(Yz*o<P(Q
zcdk20@cq*FG=I0H+#GhX96rxDrv@K%+!}jFBBRwgl5UzkKI~XlO2P9tTaJZA`LEK@
zr1*X0&7UP`(2&P-?3$%D)u+M4Se5ip+DEhAY7HhEl`~e1)g@}*oz}3nhLNeibr)L!
z>aNKTc6O4#b=Mjhak7qjREIPRf;7w$1Nzr5=vpmp4F>=5A7l6fbUHK4zx>A%;Xhr4
z9o7HR;0Vt$Hb?!d`CWi^GCn%#-2VGyAB4c5P(ZDb-je<bNElxw=d$#l4o1KY=-DTV
z2jlNT_z<!;KWH%y&&0Ul^V@FvYX0#>?+eAXySm~}uF4vF9WWB;;wiu?D=;C}$F!dj
zi6-;khoKw)I3iH`Q%%ij{t`u6^s8X+UByfO+giYJraSu6_n`F+L)RHGUXT6P`e42r
z>+f1+|1ZsV)BWjS1t}LH$@~_Yrvl6ma{_aFxe{8s4Yz;=PzujI`<w4oi1)#HumE+X
z4C$>kE~Vl+0Lvciu8m(^DtHCLyLc=CT(Rgt^INA8;>p6UnJ~uc03inj2r14XacGzp
z{)$ALF7^OJ%7pNNo78_)>D|%yk0JmIsv}b~Na&Y@MNLY`d5s-<Tnv=nuf)p2CRx5Q
z(CFIXRO^o=aVBk!RoEmTVF)M&tU#U;L_H6y^kIHU3pqb=?l8}l36r_JZrhfs@*(c}
z0TmaQ&QSx~i$<V5oE2ImCs}iLdZhNz!QyL*SUr-v3Z2%Fp56IBG{*3SE_`%I$rkF&
zLqB}K3OcxcU1o)7`G2wi9y)CXW#%Coc^Yz`DnaB%<_zs>HUf8_vA*1$6(hpFg-&`7
z-1B1CEM(_yg(b6wPW|}J4je@lPQ4ROB#)W&pX|wPeLPA&*>T80kDNfO$}?{CTLNuc
z3uvAuoLDs=MXHltM}>zl*-N^)+Lsei4P(>tii#TGFls^HQ~^Gvg2cDMv=~|hm~r3Y
zYjjI>9fSHC|4LzSesi}x=HebWdI7U>`gjVj?N|o{yk~B_#KfPo4|qtN`xr3%VFyhu
z&k2vM`>WwXsa{C5bms_Kpa#^30Wd{kD|tB~5)ZSrYS+ZP^bMe#rWM?O&DUe)wso!>
zMlIffyLau%5b$g@5EoP-;r9S^M{5xBm%weX2HwvKPtWr{J2mW>R+FG1t2>O0__ZBw
zf-#XIs)`X9%Ckw?J1Tieo(GBdK$qeqeWr#&#<jEpv4w#VX+p9&!3D|QfZ_TsOLiUY
zc5j)5LZP<30i>{ZemqLCDhA2jKxC(1oiTAJqf$7`VH76Rls=!hfvcAX6VaTD5#&5~
z#~~^lZ^~zHfRTGvOpavfYa1@<4;AV?I^Pw?mT(9${2B*eF+*IW6o0TC&$At?GHKbH
z4?0$%!6x|)cT_WuRnt)jR9p?vT`PMV<&aFB>2_-egI~l&JI^mN8g6X@zN2?VZde@B
z6DVT9%_LR)^j5@OOIh$RX1CO=ZM*z>lWE}wfC9I}Z_Ty#Gl9nP1K8R8VGY3xAV42(
z=H?_v!(ClssYj%F@TC>Gi)Fkwn;nY{I(NW-L0qNhT%NUdlcF760TonZO2z@0a&LCe
zw3Ny$Iv&38xw^Dah=S7?ldGQ7jwDF?Z9sCFd+R(wsQA)tOCd$HHrX2HM$^B20_(@&
z^w?G8lE+j7I*VaVmFDH7SZ39`M(%7c6)+7W#e<<z1!A+uToOgkAb~M~M{ix=+IT$l
z3p$11ZkB3>v=IB?C5RBx!ld$tX+}my+}I4AqcY(!B|tRvFmAC4TM4(_wAb<C^Ny@a
z;WTDim^!czc~q1p3{fZjV`FX1IrHX#TSIb!Zfta@S76G}!9j_8NycT(fO7?QP81+5
zfkTr^8(<Ul*knSip|=ILNx10USH;?;O<C{0VC`&bT}i;Mq4gyoOx?I2+`#)|il~I`
zo^aCJS%BPrJ=oG3+`3jnMQ?#WNnNd=y)69(h9%-*`BoXPVPh>}9Rn128(luO@ia(P
z3BsaTl0laTvGLHo_J3mifN!B79rTJ$5(YJ%?vC>s3He|Hwj~U;@tQVc`<miryRgjw
zUC)AeUo{onyFt1g2$D5^yj>5;Wt)6sa<oQStc+D?<-Zbe$$5RrPzm2Z7<ul*Jq#9d
zWmDi@?ktyWh!SU4WOx?Fv#I-|PBfq*542a6;%ANH#~-h1n1uE01B6n#nu`ny0Os#F
zkA|m<0D_V_tyFRJ0hsoDA&lDS0{T+04xL@~+y%UnBC&&6;<s3+=PP~{H_5{VLe!HV
z-roSjTPW}77S)4)@MB05Y^MrQax7O|o9@Y4QEmtH6hQcTjc|a?D0l?p2whF?lLp@8
z7JxC;GF@m1N}u1*;Kk`y+7=>SA&dhRyKVnUbK6@hg!7&=!>L^&4l2BoMb~Rh6OKwS
z1_#}W)O8B{j_m!a)nsW|FnejEGX_ya5&vxUZ9eT-4VI;R-$e<>`*w6K@E2JwZ@j=(
z+JrfKy-`v{Nn_ooFlyw+XEo;H$mru_SdcRDtXo8jR`I@Bz*vS1eg}sjQ#L*W)1}t1
z`xr^`VO`H7f_2^1Ls<;aYqU)aHo;#TaKAjh)z*fY?6E25{K)VQ0b&$Ry!mMI`NEUq
z_n>y@)Vftn7%dUJ_(mUT3L<xm>AP2|shA~$n37lRY(jmrU-hqZyZHW;h0y!l$A#oi
z46h)WGdV4d^$3HMO)K{2=O6{>sXLTUK{+}fU-x|3cwu<^y6<-)kc2D`cz5WDumiI!
zh~7UeXTCvjj_samzwS?UQl+dwWxW!5TTE(?b%`ejzvdqsn1&JJi~i9gjGai5BgK6H
z-<-p2onnzO1`E*bkZ2U+kL@3+1`nu*@@?THqVcb*3tm8lA)qH(4!Zd(GzyV&P}e0p
z5^}*M8G{bLp~dKka}z@&++>iJ{W6Y}Afh<iO<Cqr$C;Iv(=SV4{6t*;<I!M-V;b~N
z4gtiXXyVsl>d)60k*fJsv&qyjqy?uFW?|%+y0<1#0N}u5qNxNs)A!?a)q^VG`{yqm
zyIuH?(L&d1Ol;xCa`&&=E*n*oh=cqAB3KvhK78``OJ_U)PHdwG{}JNFF-q^j0zQnq
zsrU;U*Cjwb!J<VbAOSWtUjalFwEGRL@2Q-Kv9l>9WO2ae3^B%ver7#kQcR=;1JVg6
zil1YWLEmTH?+^Y%p`~mZQu6)d*$MSvge{Z*H+J2dqfC>q4CQ&r^Et5GIH(h{h&qkX
z?8<ZFGdBthAZ$hV#r=D#gag7)d@;_?7FJF~BWY#U2Sw~aWfEXkOI!7y7mviT7LCM%
z?gmZWUNZFD(PV*`wXvkfKN(u|guobHP_0n+7NTM!m<WPB%wYWw+9$B<+<-RIyT+kg
z9=W?Z+5y^a+DTG-y2!zwNy!_&KB4F#Fun!3mo42ss0-EmkG@9V^MomFPTSp=kgH<-
zmHfca^&SHwV;+3_M793e?x-Cr@E;_owFF$y8n$rW)1OV&$NL-YB5OeASLE{Hn^N?0
zcIMyMS?|Gi{<RFIT^>~RJn*X|kzu{nAMa(}3O<u2W!F}zJ=q-<N`Z@=3t#&34%mqn
zEcSoH2nooXmC$`VuP<U?L$hALE)mq?1S&*7%t80Vgt?}^e$s1U*D{3Tf$R`3AHx{7
z1S3&HWmOvABVL~MEqh^_6A(S6Z4jMB3;ZUEW2`~AGp)dLm!*1AN(BWeJvD)mGqBLJ
zTq)*0n6+Jw7y?D|0et0ylgS+@%T5q2&<pKpcEZVw&HCHx5yI2~<55CvmhfXg@?9ig
z+9KS`_T!8>7!gZ7GBg9HD&JtisxStv`Dd8!dQl9`rsN5&O3m_6@dIS=V-ZCqsHRzL
zI4+OH1as28p*?y!`ZxCNe@;+)NtwW!ufv-C{K?P>f)8%Bf&(M>{$ZE!<u%azb90zi
zlM}C0D1e8#l3-c{9yu#y^&B@o@4)OD`)%Suho^TM`<a^yY(UiM!bPuyJMbSu@21=5
zG695IId>4gvIm)YL*SfxF@zLjk!YCmzwWO1hW|dJQqsGvBDJj0Br$J8<*sS<$3VYt
z>nxhV+{gBx_5M8_O^M=)Y|<GdT!uBjN<&g*q5aPEbPF_D4{**?w$oj|-nhm9lSEfC
zt^W4tD}dNp|F!#cCZyfZz|C|zfFVTIcXYAl;7^15z=(YJgp63hb+65@Om1Q25D5?(
z2SD(PF7^P_i-MY`ejX}Zb{6&_4HuCUjBSR&W8*QSz>?mD<Uqu<!c?PA5WFS&rW`gI
zl9KQ>>4L3n{;%m4CVEI;rbR;;U8WIb2MpGGKm`svn<(lz9HAna&&)F5qF30fz$O#j
zn|Fp7&sP`)<45yD?*^<5o$1!$qvT{zrjXuFtvdZErS5Qv4bjydLu%s~d{}vyk&2Va
z>5G<aK*#^?h>~uQq_i&Z7WPp}t)KRT@}nQ!04AMn-mWA4^tH}2zM-c`SSHWl(}(tC
zkxzzL&AK$GN5U^E7M`H&K$gmRYclJ1TxmCHd%gpvRe3K+a&IGv%cg2Gs3jUOmq$8?
z6E(D4TwiqQkxB~qH2HAHmicN9;CqP-L738=140r9p^qJ~Y<J+h4&ZVqwHd(B5!9cg
zb|{M0KgzQ5jOyzE7epd-MDwYbvWgKd4t)^Xk&45wmgi%9@4S}s=D#n9!go-B*Mx%L
z&dbUuQ@m7J{>KH6Oi#99P_?wzy8m62@xQkEkty-vLwEWF)5mR(XhK(am6cY_tXT)%
zs3~4<)(&-F>St-3=!D>m<xC3Dl6I&qc06jK42%VAQ0g5CgDGaNYWp`G_J94(SpE8z
zV@0lZX*wQ_sQ$=@Cv1rS1y`>FzN)I6^zknTi*`f}h;%@*Y|}qi75q#Xme?XJx7reH
zVUm*c$$%-6-!@GY?__QTYwimm(AseFkJ+T6&KO2&O*tIeL`1>2FnHd#27AJ6Ap3Vc
zQq#gH9iu<00QwnDGs+Y*8jIS+r@iN_t}*hD^bmt-D$kStBA3dnEaiPK@~f%azKQB6
zTFJRz&S%ErfBK6c22U<|PrF7q&(M&L3G%D;m*SnQ(%;h@w(}#n|7gk0B)*ASC`+ph
zDzm%+9i6}LDTBdNOfGSuolvYx>Tj>2^`-ZgO1fGiIqK@+`Pk=JvO|nPZEv8puDwBY
z>LtO6C!wq@&32qu<{{H^$L)asQQddHQ~AgLm&|0oDcdm$;n<<<B(lnubx=l<?X6>z
ztYh!&y;s>QTU!d*LK(^4gwONteO=$b;QPbp^MjwxIoEYN_v?PWo{xDLURdqz`QJXt
zp2?&xJ{*U)b^d)@Ix&7J#r1sFx2rJh{1~<z{qHahK+^b&$|<P-$PG?}-1xu#DvFPG
zuJZNCRiu~;)J0Qa>rZ?@2S<b9`W+1SKLIqMDG`>sV=W94gNDuZ_TzeHtdh>%myNm6
z!xbjH(9K19>kCiDJfxaM#j8YpLB9kz`%)PWksp8_6TqOI@6niS{)@_Ee<s+?%mb1W
z0eZxmdus4eH<`XD*1Z(Si@TMb*d7)a&VBC)bi1E%DArl1nQ4l6{Se<boUC1!%^>j{
zZcQnmwP{G(ZPBNw_4Y7(7V}TQ{|lc7uwsHN6#JxM^n_kJ4Ie;MDL@1xRP~c)ez)*8
zn*ny);j$D^wz!&b9ab^-mlDt>_YrsatJ|K)UVidtOY>N36E6ELh>mDL#5Rv;qYerv
zVbJw~Gw-m+6(~Swz;mT$oVCOq4c4oT3oMm;C-7+gguhteACfG_j>Mz@+_G_Lq(vj8
zEvJAfR1pp!Nunjh9Per<JKiL%F})zhPoW8h0UZz<T~xe4sQv|B$8RS{-OA5zHMZI-
z?%;!5affZdZGZi5jTWyOw+8t93bueO@cJCL7hEoDj>j_sc-PGv>hqqef>2#i3|wgf
z*b)*XU95KC-<YC)PVP@dtaL=cK~|_m0qVnEFe0VTWyuGo1stxdy7nW6r|VJO-HNZj
zZqhiyTy{Mj4w+(bIWD564#n``ekvmQ>3p~+;89oZbMh_lc*jfkglDJB`KlfFQIvK@
z%q+__?P5sCBq7J;=0d*!f;531Xl$vV;nh=XgYGry^6Nf-JS4sLtHNJ5BBUt|j5~s4
z$|U4xai5T~h|0FZ5~SGWgQ%{fmi5&cWejNNvAp`|rSba8wgvDLm03G=R+n*q1xN_|
zi|GKz1bpTW(7dbq_fo+G2F*x`h}ul`(kv!`CZxXv<$pn5*gRJnzPBq#&r13YkZM>;
zU)=cjNym$`EFY2|?QmwyuK-ueaeA`%Iv<WxY#4!d5ON#9sNcltUrWwC^!nsb6|q9J
z5>oxAQ&Fp(qkjqu=_gPMUy=++dtUUg`u;I*$=w}!?d!YT5m+bu5?qx_K>ubudLPXe
z=o5_$7Mh-^g7b9BMp^0YwJ=Uy{|NM&3Y@z;gXn^eb`}9GgFqj!+Y<=ruR8x85qb)`
zPCjt=0WaA;A{-tVJdFbm$9K^&Ioo(EjZo=l3k8T-r-2`VOp>}vUbxc$sCfAZ&x!41
zLd3xG_gHP|6YVm4-~f#fw4E7`3`Lq!8_#@va6t2|HZ7wwoqnH%uv3=iQ)=I3o7vT=
zRwEdfi!v_*;->AMhBF+k4`;f%pp&m&HN|}!tz*u|G`aVr4C=S82;%w2@`5v=9+SxW
z<SzF$ZXGEaPZ%33tFIa4Dv@=lKfF{{%qA5HPV$VFonfOxc`!J-AR-z0Sfh*e(qM6%
zOt1ok?J2g^F`8Tq{Z4U#qj1*oT@);609tX!rp>(T`3nJ-B7<drg|6!fF>>R0cWCTm
zz@|tqjje&?>#al>>21Pco_UXGGYA-c+DUxgF4JR6{3Y->#bBuOf}IC3_ChqE8PSCh
z6{!&vCwvOQ=KZg`yXynk$N}~rtf%|IG73v_h_)A{a<I@Z9hj8i&~~7N**-Upx6Q_#
z0P*V^R-v_>fE<?TIa}6~FX{CWvq%9h$uSA1;hF6a7v$RJ*&anWCPRTiPcWz8<+ANr
zM-;}75=q}vA*j#$bU^6oa~;+o*84kb8E0wVdP`@)9Cn?#Ohf?&_L9nJ2<a!eB0X=D
z@Hja%rq)IlX8MddcfEyRb!itgR!utpdtaa$k8`e@weI8@Ngi?Au!Y)vFr^LfA=dqs
zL5PR6?(Tz=AQ^SI4~3zNj_!#aHsR3lwB!m&-Yk$pY=0s(Rx52_h<#rUI_ua<AcaiT
zgd^f<wA*`5#(00#zowOzho0+iQf$UF2uAeM00PnySh75?o<xbwgX*$eE3xM$w|CT^
z7rY}9PhlJ(F)8xg8#cTlU`x~-#jHNir9(zTnooQ$4rbY9L1-bUY=V?bbN%K}CG7DP
zM-D(@(!RUkR2g?v`?gz~84PsA?*m;UvNQlJ4y}UgS@6@lW5b6MBWv{dyW4-Nsa1Ma
zxDPdj!~W5`*JafmGH|w_38Tc!=kLZ)U;}W;y+bt1M6jt{c>%tF!Q7k8tV;Rr9r5J&
z+GW+~-mx{%KN$!L@`Pd=;9^WZW44Jqbgpm~+xy?k0nW2HM_?wB=P?KD%!7q=w-f~V
z>%hr%JRDi9(<}uoZ`dCQf%}U`q1mjgURr6tO1Z~|mBWpAIC&fhn(@!LD=QxY+{jDs
zez-%|@%Tcw_XCGNLhql^pDPRclp%d|QB~(3@;)KU-o<;|N;&&o#N-@`Y8whj_m;ty
zYGgas2Uv(E2lJ~##J`@=^ZH&MKFWHXra+H&+mjl3^j!LuV3EHQ(Jq?sX4O2b{>$E7
zm^*_eReMx+50g*(XtHCdFW*Vl_7)ZAWm&C8!}@bEM_OH%mcc9a4xCmMW-L|HR7Q5F
z<X-{!rTkU%1pY#aChJ-R5N`^Tv52^^{5jcqhjZjoxGkovaCCeeN*Ak#ca=8Gv0u<0
zpDph&c!rw)pgv!GH#<P}<y{Y;W14^V(E5WU@4zG0@~5djRaN2Cv$*#4$Si>rly3%{
zgkR!PJLS>`6*}vv*_(MFkHk{p>+OituLG^<>S3bvhP*t_5pE?uznem<;Qy}Df2*>7
zEqvheaF`d#a1ClCSRA~#ecwI4z6#eSau?pO?u*!UDNB<3@G;!21)llk*8KT7QiJzm
zVSR$CkBlT*IS*bK3Ub`%T2_3e6tSb#-0eI*mv6l~(a1nFd>}<)ibd3oZv#>XTzwx~
zwi^n~52Ky>t_u&#3i0}-pv>G!{?<o61ua^QnoaTr1x>qOzlmV;%-cz6rV7hO3hZnQ
z!xQsdy6QK`({ljQaLZLC*LCFh5O(}7hn(#CR`cql4$ZI`?=d81w2^$5e@1n&?52=g
z=m2VrEVqM28oRhu2NbcbohcndJ8+nH>IvQvJJrjG{S*?onOvL&ED;|s<~czwBOQMu
zsp)<5AJ2+i=wLo~txKU7beb@ez<CNrjws-DrNQE{oom44E%B4V4sP1HKD(;2{!$P8
z)0(EPq#}68rDm)HP4Pa2ilatSx<GP*fI{+jp~CH+DGsxMVtO23mZQ+aUnjLp264~|
zxBNixfI{)ZM{4CXWr}b&YBjE|O$t6CT9W*bo%?F9MhS9VL!ORPJTw~F5?cT^a`+fO
zmodJhwY6%E3@K=Q!7bz~`n9NmsG1Nm`^<iBYY@_9gT>e8BQKoGD79VP(-~6OPt;WJ
zPr~?y%B-~$iy9`{m`$KQN;od(uxh&72XyX)*5wwRWWzWksU=Ex{LbEeLha(@U+wp4
zciVv=aX?pLw8%ufe@l1kk>J$4ND5{!qJGi_tGTLDbdV2u2=iyybgKW#K}xYyVf{_d
z5oOt6;qERQ@Z4cPl4Y(0(#>6{Nio4VpN!d6+H$?}W{<Zw?;lT_>p4HY-+iCsg23-h
z&@6uS`(<Y~R_cy*^?Z@UB|2(i!Y1fa8^5u7%7e{*AS;Ee-I|dNIEa@4xyRD{CY*a2
z9oFL+K8LpUB7OtqUwy1gQS#R}>La0KkVaH#NRUt%&xnvu{4RU2+z5`&{{obsF|bb=
z3nc_bG&Rs~q$|<A!88$?mFz=}<)16KdNZ}=b}T<oJk#6B^Edl?Qc*aP*v%{9&hnT+
zgjsFvM>8m~-etE+C*k176>Zd!=5li@NKu;qB$Yq<&QJgRTC!G9E$gtMU`~4t^|k47
zarNL5ephp;KV94x1q`G;cL!M+{ciCdQnek21{*l<{(Sldos*7f57_Pf5K(`0HjE^7
zwSzo$!yFu-h*IVr{1VTsY^I5~;>VPTfl|jC8Ug9~p7$g`7Y*&ihR6A$R{aO51fo5r
zzMo_Bi0Ny^Q#Es8ZBGuNK8qjQ^psP_6H_H_58Z9pQz!z?*8%-r7w9@&$m7Ae75C(T
zu;hq^W3N@dh;`Sr6$&6q6ho=80(vp*w{(C49s*2aQsS^n)wnj)DT5wFIB@g~GIT(W
zCcBF05$vC6pSO+c{|(21qiaE~E50C_m3SR&p7)fH_U70Dkb!7n2us&g4vb3{Aq7hr
z+PEQW&vxdh1gX&oi=C(wJQ~(3GceB&jRQ~3vh$qHC9l&>Fy!moxOn}u1xrvL`cHFC
zGAg8vv+NzBQscM&wzLR7?AyB)107xCxVXMK;2GR9ZyUIrf*X<hx4fd++f?z&sT(+H
z9}Ibg`-W@3MD=Z?z+<V#X{y{vJgF^ISmJo5@r=;%*jI5sw=)!{6PY~3)XL1jZd5Es
zSf6X-{{tQ_n+k3_aNL$NO=jw9Fr{V4>M5v5$v@@JAj$K0(b^WDx*A6(#xvTZ!}PbI
zsvzr@!Nb4-pAKb?&Z;19C-d5fB^wd@$LBAEd*X70W;3Ap(n({8<0wkxq{`6J70v!P
z&5aT!#!zt7#imRLi{<woO6AE16847n30|Spv%{Hx2)*^!ik*qSKE&{tE6@qGt8eim
zMC`Uf?@gYu*CBHvLWIg<pctr&ZGWOa66u-Iq+4KGj2pub_<JR_l8Qzr2Bw{f!d^uz
zMv3c}uNX{p6_F$sTP@#~7)(9xYotY*EAw7N$udKaK(XFgtKV^QfAjtOeB9?0`OogM
zE)@J^$Q5Bc1U?BNu~ERf(>-?8OZlt*w}U(3fAx$04~|(l+CFKhNaOv;#QyHOY`yF6
zXiJjF@d7&ctP68U@Rt9Y@_{;eex^{1jD+PsDneOK5qu3~|Nngr&uIN23q>kpTm=}a
z>Z-oPMJq@)YeAK~Nev>mJ%Iw_+Y%SWa^5NS(B1pk(}@@`{H*a{vyFxEP8E_@(nMLM
z)A+GFDiW_<%>Pn6DF0|`KMUXx9hJ9261pWVa0!W4(z%K4Fst(ezxeXkH&C3BIX(4r
zN#Pl=;Ud2g;3jSTiHXOkt_=T1T0+OE#vgUo4hrZiMgShdF8~nFcbJ9)_#JH$C%`ki
zl_W7cJp@qzlAqdSg&<Zu$m&@aqSqjl%r9$Z3-2~T;y17tU>Tg>M6(UM{s17n?fL`2
zQ`z?KuL+LZiESx_$iskC!!8WK7|q<r=>b(0NSp)7^PRth=7Z>isHy2!r7XCVJD{Ao
zHA%3@c#VWD%Oo`U9Aj-qs<N%XDrO}w3C<3?py@jMRHO#JFz5u29C5y#05><l1RdOH
zpb6svO4$ADVEdxUcX!mf$v%1kd>U*p1IK{gx9p6P9h?rScNaDPFu+(3Stb?O0WX97
z0NXtQ(|aQf(vdIXokMeA@hgh@1I=C1$Kt8>Z3Z^UtMIm8(6O(LSpS~%%bvDi0Zr;w
zbv54H68G*dg>JA%Ukf6}ARGV;U_#T;YO^jdrEamIp`mvab%4tr1kHO8$WmRny*glQ
zuSHT^y727}=G+P&got|i;oe#$yr}^3Yah4fd&5AA7z&0U_gf3tOU!;uH2vbN9OBp9
zQfg9qPR?BN-maoG-{GAptf};2*jU{r5rH!oVlXDiPaTv1e*~AMj))pR!I=WlON}E>
z)$#b_w_KSzfQR&9f$BpWeAPRI88LC+2T4X_FA(OyQUs)z8@^Hk9YIAJ$xvm!PZB7F
z);klo-y`>ch*DS2kTUG)=_y7!*^gLdybKD1uvuilV=arQYwrPu<V`z;9sVkKEfCMh
zBT#|P^TB*4GkGZ{w9<W$;9y$TVWJ%&2}%GnT~`<EsWoS@X^g&1o0~4vuY$sZNiQ1s
z3Z(S>xGIPmDe*&O-3oOWl!pL4ZQqngo|(9JU_>ruvq9PBv5}L2A8(1Y`oSQzeUmoK
z3C_aAQ?Oi=3tN3CT9?ZN3JW2<4*_-5$j%~E%+bLeMyHiKG$cqsHqm(_pUykqfu$2n
z^!4v#AbO@-`$*S2V!vns91Z-ZaOaIbrb%k^q8yCDcjKu#n!SkAf+lxxS`;B%jY%tZ
z=$$n@4<&GfA09%k<BRt^2ziOJrWq5obFh^8e9d5i3K%zh4m)?thK7cTh>Rf*F+3l)
z*5)R(pK7!?9YMpH4j{Q92tt(GaNle?{Wi7JqOcdV!SVWCuZ3_Nd)Q~3jYaI;N3muR
ze7Kj@nA<03d3rh{Bh(%lQ1V>M;}*v8$c7Q}Dg{0^#AIJst?&POG*MwYabr!KaV@Q|
zVIhOH-}}?T#GaH(#)8Pyj|U}3M$K7@^K=Jk=t^pTvoJY(`*IIY&wmyc7A$;yGZpNi
zWrLlP_%1Q+Ovm9NHYPT9Gxs=WChS{eW25AGmxm7@7GGUwlco+0Nlj%m7fvb47)@*_
zE-TBsYbU`}5RFps*{>d7>HO&&IyGe)laYa@ymE_p<;EoDF?$(~60NGMOB-~wZ@Ts<
zFVnvN{d?^pR9?uAKgug5E{@}a)vK|o(NUF$&uDiZ_l?+$Gm{f7=_DNU81P*jn4T7B
zF|Cxiaf8D+GAb(Qqg5`8hklt}sh>UH(9n>Don5%Y(*3)4v!)oAencj-k`60+W+o;U
zJpVv7cKn3-sg&7{BO^UMn{-M_%7h69y)RCAK1k8WM`p-w<?}1j^n6R5?0ACE_BF*b
zsboyktE*_quHj+5F`A2)F4<};$V7;@XRa3B;xoN5H9gJqZ$oQqIkU#ki3#J4%}s@e
zk4^a;e^CyyiF<f>aR2dnZD3+TyS24t;q0u%#Kc6*G1)$|wG}t?MNCXgw>4_#)JTCV
zJjSQar1T%lnSHi)?qQM7R(Yv3ipK$M1_2WsX;+v;r-JM1t~oh7D|lqfuH$<B?FWC&
z?Gd^uU4P0{NjvQ;Zr19?clGM*jO$Pr+0*$&>viMrOop?yq{o*Jp5Kep4{aAv%Brru
zx9=t6j6*&AzOcBcTvk~bUQlqw%}RDsQ}<6HWz@;+tcAZe-?f^~PKCp>PWWbGpPvlt
z>+6>shKG|nucChaURi;CjfDL(E-H$2yNiUfkeOpr;&QfZMj!PB!bastQgKa9%}2}{
z%zR3Rjnn_?r|qw<t@X^!<&F{HUy9bjxh5qh#;)}D_x~~|UwM>IiT8{b6H46q{d<;;
ztu0$$FZnsH+i5;#W@ba?j%iqnJZ*=^W!GBWaI2NUj2h|5;qD*TJ9s1|Q>MyoOq?c5
z<qZv^iIwqv`0<jGk|6Ie;NN3W&8?!MqB!`yDRY(R3*n|E-^Su?bWKZ(adBy>c0fm#
zGZtGCpOC<_va*u*+(m(mj7+iUsfWj1Ch}lmQBlPee>uNRSJWpISBMwAGWQ#8h9yGD
z;+&j-j3B0;o12@LHp#~150@4fv%L6~g-{|+Ed9!|<K%c3!u#g#J-)^`sUW)<k<6R1
zwsk;L7WZvgtcJN!=SSq^lX|=~_~*Ind+TgnaHOQ9ie4K>$BNjL^mJWeVPTyc(VpE>
z&CShA$8x?kN%8T~>1u5xK?+i2J<8T)jo$_bxh*X%OUUEz5e*pKuCbfum!4pcAs!`D
zljrPAi?JqBA=#{VH^*^KQ@U;@DSqGM@QWZ%y+V5J-@#k&HFsUEr+1@=WH?xk>+9>o
z-v4ATd?1_>a{1j468QZMLIQgHNLvi%J88@VEcV4USqa6*0U{zIB_!CUfu+^eNP}$D
zmLC&d9q)}xHEX|rbL*8Ryph2~X{f7v+kX4nU+23(m(7a%Ha~CWY%D1$d0ttF4?fAo
zM9$mJ#L3(|sev=DGg+qVnC)(ntHT>DDlJttG&0Jy7B-?UGr$o%->*6odqE~k&O%a&
zBfWaQVu5ah32wSi{kCIsTiX>i|M1brdhNXgMzov0zwdOmH$*1Bj8l|jM^Wt)QMK>U
z=<DfmI~-7G2+YSv3*cw>EV-7fbai#n_)Jes=qyv$qFivHO`FbB)MrEGI@!-8@;UeK
z-^Abla@yPbeBDE;bH$yD@5)%Hs$R)OGQ&hzP@H%qerHBX_QyUfE*32=FaI+-I=cNW
z7>mVHV|IJB<Fj=vaStd${r+BqG7A3zx0wG$BMn`+B4j<{sP-wGgT(o&`xQChN1M*5
M+|p32P{0KI54=tH{r~^~

literal 0
HcmV?d00001

diff --git a/docs/extend/index.md b/docs/extend/index.md
new file mode 100644
index 00000000..8a061e4e
--- /dev/null
+++ b/docs/extend/index.md
@@ -0,0 +1,22 @@
+<!--[metadata]>
++++
+title = "Extend Engine"
+description = "How to extend Docker Engine with plugins"
+keywords = ["extend, plugins, docker, documentation, developer"]
+[menu.main]
+identifier = "engine_extend"
+parent = "engine_use"
+weight = 6
++++
+<![end-metadata]-->
+
+
+## Extending Docker Engine
+
+Currently, you can extend Docker Engine by adding a plugin. This section contains the following topics:
+
+* [Understand Docker plugins](plugins.md)
+* [Write a volume plugin](plugins_volume.md)
+* [Write a network plugin](plugins_network.md)
+* [Write an authorization plugin](plugins_authorization.md)
+* [Docker plugin API](plugin_api.md)
diff --git a/docs/extend/plugin_api.md b/docs/extend/plugin_api.md
new file mode 100644
index 00000000..a799a135
--- /dev/null
+++ b/docs/extend/plugin_api.md
@@ -0,0 +1,188 @@
+<!--[metadata]>
++++
+title = "Plugins API"
+description = "How to write Docker plugins extensions "
+keywords = ["API, Usage, plugins, documentation, developer"]
+[menu.main]
+parent = "engine_extend"
+weight=1
++++
+<![end-metadata]-->
+
+# Docker Plugin API
+
+Docker plugins are out-of-process extensions which add capabilities to the
+Docker Engine.
+
+This page is intended for people who want to develop their own Docker plugin.
+If you just want to learn about or use Docker plugins, look
+[here](plugins.md).
+
+## What plugins are
+
+A plugin is a process running on the same or a different host as the docker daemon,
+which registers itself by placing a file on the same docker host in one of the plugin
+directories described in [Plugin discovery](#plugin-discovery).
+
+Plugins have human-readable names, which are short, lowercase strings. For
+example, `flocker` or `weave`.
+
+Plugins can run inside or outside containers. Currently running them outside
+containers is recommended.
+
+## Plugin discovery
+
+Docker discovers plugins by looking for them in the plugin directory whenever a
+user or container tries to use one by name.
+
+There are three types of files which can be put in the plugin directory.
+
+* `.sock` files are UNIX domain sockets.
+* `.spec` files are text files containing a URL, such as `unix:///other.sock` or `tcp://localhost:8080`.
+* `.json` files are text files containing a full json specification for the plugin.
+
+Plugins with UNIX domain socket files must run on the same docker host, whereas
+plugins with spec or json files can run on a different host if a remote URL is specified.
+
+UNIX domain socket files must be located under `/run/docker/plugins`, whereas
+spec files can be located either under `/etc/docker/plugins` or `/usr/lib/docker/plugins`.
+
+The name of the file (excluding the extension) determines the plugin name.
+
+For example, the `flocker` plugin might create a UNIX socket at
+`/run/docker/plugins/flocker.sock`.
+
+You can define each plugin into a separated subdirectory if you want to isolate definitions from each other.
+For example, you can create the `flocker` socket under `/run/docker/plugins/flocker/flocker.sock` and only
+mount `/run/docker/plugins/flocker` inside the `flocker` container.
+
+Docker always searches for unix sockets in `/run/docker/plugins` first. It checks for spec or json files under
+`/etc/docker/plugins` and `/usr/lib/docker/plugins` if the socket doesn't exist. The directory scan stops as
+soon as it finds the first plugin definition with the given name.
+
+### JSON specification
+
+This is the JSON format for a plugin:
+
+```json
+{
+  "Name": "plugin-example",
+  "Addr": "https://example.com/docker/plugin",
+  "TLSConfig": {
+    "InsecureSkipVerify": false,
+    "CAFile": "/usr/shared/docker/certs/example-ca.pem",
+    "CertFile": "/usr/shared/docker/certs/example-cert.pem",
+    "KeyFile": "/usr/shared/docker/certs/example-key.pem",
+  }
+}
+```
+
+The `TLSConfig` field is optional and TLS will only be verified if this configuration is present.
+
+## Plugin lifecycle
+
+Plugins should be started before Docker, and stopped after Docker.  For
+example, when packaging a plugin for a platform which supports `systemd`, you
+might use [`systemd` dependencies](
+http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Before=) to
+manage startup and shutdown order.
+
+When upgrading a plugin, you should first stop the Docker daemon, upgrade the
+plugin, then start Docker again.
+
+## Plugin activation
+
+When a plugin is first referred to -- either by a user referring to it by name
+(e.g.  `docker run --volume-driver=foo`) or a container already configured to
+use a plugin being started -- Docker looks for the named plugin in the plugin
+directory and activates it with a handshake. See Handshake API below.
+
+Plugins are *not* activated automatically at Docker daemon startup. Rather,
+they are activated only lazily, or on-demand, when they are needed.
+
+## Systemd socket activation
+
+Plugins may also be socket activated by `systemd`. The official [Plugins helpers](https://github.com/docker/go-plugins-helpers)
+natively supports socket activation. In order for a plugin to be socket activated it needs
+a `service` file and a `socket` file.
+
+The `service` file (for example `/lib/systemd/system/your-plugin.service`):
+
+```
+[Unit]
+Description=Your plugin
+Before=docker.service
+After=network.target your-plugin.socket
+Requires=your-plugin.socket docker.service
+
+[Service]
+ExecStart=/usr/lib/docker/your-plugin
+
+[Install]
+WantedBy=multi-user.target
+```
+The `socket` file (for example `/lib/systemd/system/your-plugin.socket`):
+```
+[Unit]
+Description=Your plugin
+
+[Socket]
+ListenStream=/run/docker/plugins/your-plugin.sock
+
+[Install]
+WantedBy=sockets.target
+```
+
+This will allow plugins to be actually started when the Docker daemon connects to
+the sockets they're listening on (for instance the first time the daemon uses them
+or if one of the plugin goes down accidentally).
+
+## API design
+
+The Plugin API is RPC-style JSON over HTTP, much like webhooks.
+
+Requests flow *from* the Docker daemon *to* the plugin.  So the plugin needs to
+implement an HTTP server and bind this to the UNIX socket mentioned in the
+"plugin discovery" section.
+
+All requests are HTTP `POST` requests.
+
+The API is versioned via an Accept header, which currently is always set to
+`application/vnd.docker.plugins.v1+json`.
+
+## Handshake API
+
+Plugins are activated via the following "handshake" API call.
+
+### /Plugin.Activate
+
+**Request:** empty body
+
+**Response:**
+```
+{
+    "Implements": ["VolumeDriver"]
+}
+```
+
+Responds with a list of Docker subsystems which this plugin implements.
+After activation, the plugin will then be sent events from this subsystem.
+
+Possible values are:
+
+* [`authz`](plugins_authorization.md)
+* [`NetworkDriver`](plugins_network.md)
+* [`VolumeDriver`](plugins_volume.md)
+
+
+## Plugin retries
+
+Attempts to call a method on a plugin are retried with an exponential backoff
+for up to 30 seconds. This may help when packaging plugins as containers, since
+it gives plugin containers a chance to start up before failing any user
+containers which depend on them.
+
+## Plugins helpers
+
+To ease plugins development, we're providing an `sdk` for each kind of plugins
+currently supported by Docker at [docker/go-plugins-helpers](https://github.com/docker/go-plugins-helpers).
diff --git a/docs/extend/plugins.md b/docs/extend/plugins.md
new file mode 100644
index 00000000..da46a16e
--- /dev/null
+++ b/docs/extend/plugins.md
@@ -0,0 +1,115 @@
+<!--[metadata]>
++++
+title = "Extending Engine with plugins"
+description = "How to add additional functionality to Docker with plugins extensions"
+keywords = ["Examples, Usage, plugins, docker, documentation, user guide"]
+[menu.main]
+parent = "engine_extend"
+weight=-1
++++
+<![end-metadata]-->
+
+# Understand Engine plugins
+
+You can extend the capabilities of the Docker Engine by loading third-party
+plugins. This page explains the types of plugins and provides links to several
+volume and network plugins for Docker.
+
+## Types of plugins
+
+Plugins extend Docker's functionality.  They come in specific types.  For
+example, a [volume plugin](plugins_volume.md) might enable Docker
+volumes to persist across multiple Docker hosts and a
+[network plugin](plugins_network.md) might provide network plumbing.
+
+Currently Docker supports volume and network driver plugins. In the future it
+will support additional plugin types.
+
+## Installing a plugin
+
+Follow the instructions in the plugin's documentation.
+
+## Finding a plugin
+
+The following plugins exist:
+
+* The [Blockbridge plugin](https://github.com/blockbridge/blockbridge-docker-volume)
+  is a volume plugin that provides access to an extensible set of
+  container-based persistent storage options. It supports single and multi-host Docker
+  environments with features that include tenant isolation, automated
+  provisioning, encryption, secure deletion, snapshots and QoS.
+
+* The [Convoy plugin](https://github.com/rancher/convoy) is a volume plugin for a
+  variety of storage back-ends including device mapper and NFS. It's a simple standalone
+  executable written in Go and provides the framework to support vendor-specific extensions
+  such as snapshots, backups and restore.
+
+* The [Flocker plugin](https://clusterhq.com/docker-plugin/) is a volume plugin
+  which provides multi-host portable volumes for Docker, enabling you to run
+  databases and other stateful containers and move them around across a cluster
+  of machines.
+
+* The [GlusterFS plugin](https://github.com/calavera/docker-volume-glusterfs) is
+  another volume plugin that provides multi-host volumes management for Docker
+  using GlusterFS.
+
+* The [Horcrux Volume Plugin](https://github.com/muthu-r/horcrux) allows on-demand,
+  version controlled access to your data. Horcrux is an open-source plugin,
+  written in Go, and supports SCP, [Minio](https://www.minio.io) and Amazon S3.
+
+* The [IPFS Volume Plugin](http://github.com/vdemeester/docker-volume-ipfs)
+  is an open source volume plugin that allows using an
+  [ipfs](https://ipfs.io/) filesystem as a volume.
+
+* The [Keywhiz plugin](https://github.com/calavera/docker-volume-keywhiz) is
+  a plugin that provides credentials and secret management using Keywhiz as
+  a central repository.
+
+* The [Netshare plugin](https://github.com/gondor/docker-volume-netshare) is a volume plugin
+  that provides volume management for NFS 3/4, AWS EFS and CIFS file systems.
+
+* The [OpenStorage Plugin](https://github.com/libopenstorage/openstorage) is a cluster aware volume plugin that provides volume management for file and block storage solutions.  It implements a vendor neutral specification for implementing extensions such as CoS, encryption, and snapshots.   It has example drivers based on FUSE, NFS, NBD and EBS to name a few.
+
+* The [Quobyte Volume Plugin](https://github.com/quobyte/docker-volume) connects Docker to [Quobyte](http://www.quobyte.com/containers)'s data center file system, a general-purpose scalable and fault-tolerant storage platform.
+
+* The [REX-Ray plugin](https://github.com/emccode/rexray) is a volume plugin
+  which is written in Go and provides advanced storage functionality for many
+  platforms including VirtualBox, EC2, Google Compute Engine, OpenStack, and EMC.
+
+* The [Contiv Volume Plugin](https://github.com/contiv/volplugin) is an open
+  source volume plugin that provides multi-tenant, persistent, distributed storage
+  with intent based consumption using ceph underneath.
+
+* The [Contiv Networking](https://github.com/contiv/netplugin) is an open source
+  libnetwork plugin to provide infrastructure and security policies for a
+  multi-tenant micro services deployment, while providing an integration to
+  physical network for non-container workload. Contiv Networking implements the
+  remote driver and IPAM APIs available in Docker 1.9 onwards.
+
+* The [Weave Network Plugin](http://docs.weave.works/weave/latest_release/plugin.html)
+  creates a virtual network that connects your Docker containers -
+  across multiple hosts or clouds and enables automatic discovery of
+  applications. Weave networks are resilient, partition tolerant,
+  secure and work in partially connected networks, and other adverse
+  environments - all configured with delightful simplicity.
+
+* The [Kuryr Network Plugin](https://github.com/openstack/kuryr) is
+  developed as part of the OpenStack Kuryr project and implements the
+  Docker networking (libnetwork) remote driver API by utilizing
+  Neutron, the OpenStack networking service. It includes an IPAM
+  driver as well.
+
+* The [Local Persist Plugin](https://github.com/CWSpear/local-persist) 
+  extends the default `local` driver's functionality by allowing you specify 
+  a mountpoint anywhere on the host, which enables the files to *always persist*, 
+  even if the volume is removed via `docker volume rm`.
+
+## Troubleshooting a plugin
+
+If you are having problems with Docker after loading a plugin, ask the authors
+of the plugin for help. The Docker team may not be able to assist you.
+
+## Writing a plugin
+
+If you are interested in writing a plugin for Docker, or seeing how they work
+under the hood, see the [docker plugins reference](plugin_api.md).
diff --git a/docs/extend/plugins_authorization.md b/docs/extend/plugins_authorization.md
new file mode 100644
index 00000000..31a6a072
--- /dev/null
+++ b/docs/extend/plugins_authorization.md
@@ -0,0 +1,254 @@
+<!--[metadata]>
++++
+title = "Access authorization plugin"
+description = "How to create authorization plugins to manage access control to your Docker daemon."
+keywords = ["security, authorization, authentication, docker, documentation, plugin, extend"]
+aliases = ["/engine/extend/authorization/"]
+[menu.main]
+parent = "engine_extend"
+weight = -1
++++
+<![end-metadata]-->
+
+
+# Create an authorization plugin
+
+Docker's out-of-the-box authorization model is all or nothing. Any user with
+permission to access the Docker daemon can run any Docker client command. The
+same is true for callers using Docker's remote API to contact the daemon. If you
+require greater access control, you can create authorization plugins and add
+them to your Docker daemon configuration. Using an authorization plugin, a
+Docker administrator can configure granular access policies for managing access
+to Docker daemon.
+
+Anyone with the appropriate skills can develop an authorization plugin. These
+skills, at their most basic, are knowledge of Docker, understanding of REST, and
+sound programming knowledge. This document describes the architecture, state,
+and methods information available to an authorization plugin developer.
+
+## Basic principles
+
+Docker's [plugin infrastructure](plugin_api.md) enables
+extending Docker by loading, removing and communicating with
+third-party components using a generic API. The access authorization subsystem
+was built using this mechanism.
+
+Using this subsystem, you don't need to rebuild the Docker daemon to add an
+authorization plugin.  You can add a plugin to an installed Docker daemon. You do
+need to restart the Docker daemon to add a new plugin.
+
+An authorization plugin approves or denies requests to the Docker daemon based
+on both the current authentication context and the command context. The
+authentication context contains all user details and the authentication method.
+The command context contains all the relevant request data.
+
+Authorization plugins must follow the rules described in [Docker Plugin API](plugin_api.md).
+Each plugin must reside within directories described under the
+[Plugin discovery](plugin_api.md#plugin-discovery) section.
+
+**Note**: the abbreviations `AuthZ` and `AuthN` mean authorization and authentication
+respectively.
+
+## Basic architecture
+
+You are responsible for registering your plugin as part of the Docker daemon
+startup. You can install multiple plugins and chain them together. This chain
+can be ordered. Each request to the daemon passes in order through the chain.
+Only when all the plugins grant access to the resource, is the access granted.
+
+When an HTTP request is made to the Docker daemon through the CLI or via the
+remote API, the authentication subsystem passes the request to the installed
+authentication plugin(s). The request contains the user (caller) and command
+context. The plugin is responsible for deciding whether to allow or deny the
+request.
+
+The sequence diagrams below depict an allow and deny authorization flow:
+
+![Authorization Allow flow](images/authz_allow.png)
+
+![Authorization Deny flow](images/authz_deny.png)
+
+Each request sent to the plugin includes the authenticated user, the HTTP
+headers, and the request/response body. Only the user name and the
+authentication method used are passed to the plugin. Most importantly, no user
+credentials or tokens are passed. Finally, not all request/response bodies
+are sent to the authorization plugin. Only those request/response bodies where
+the `Content-Type` is either `text/*` or `application/json` are sent.
+
+For commands that can potentially hijack the HTTP connection (`HTTP
+Upgrade`), such as `exec`, the authorization plugin is only called for the
+initial HTTP requests. Once the plugin approves the command, authorization is
+not applied to the rest of the flow. Specifically, the streaming data is not
+passed to the authorization plugins. For commands that return chunked HTTP
+response, such as `logs` and `events`, only the HTTP request is sent to the
+authorization plugins.
+
+During request/response processing, some authorization flows might
+need to do additional queries to the Docker daemon. To complete such flows,
+plugins can call the daemon API similar to a regular user. To enable these
+additional queries, the plugin must provide the means for an administrator to
+configure proper authentication and security policies.
+
+## Docker client flows
+
+To enable and configure the authorization plugin, the plugin developer must
+support the Docker client interactions detailed in this section.
+
+### Setting up Docker daemon
+
+Enable the authorization plugin with a dedicated command line flag in the
+`--authorization-plugin=PLUGIN_ID` format. The flag supplies a `PLUGIN_ID`
+value. This value can be the plugin’s socket or a path to a specification file.
+
+```bash
+$ docker daemon --authorization-plugin=plugin1 --authorization-plugin=plugin2,...
+```
+
+Docker's authorization subsystem supports multiple `--authorization-plugin` parameters.
+
+### Calling authorized command (allow)
+
+```bash
+$ docker pull centos
+...
+f1b10cd84249: Pull complete
+...
+```
+
+### Calling unauthorized command (deny)
+
+```bash
+$ docker pull centos
+...
+docker: Error response from daemon: authorization denied by plugin PLUGIN_NAME: volumes are not allowed.
+```
+
+### Error from plugins
+
+```bash
+$ docker pull centos
+...
+docker: Error response from daemon: plugin PLUGIN_NAME failed with error: AuthZPlugin.AuthZReq: Cannot connect to the Docker daemon. Is the docker daemon running on this host?.
+```
+
+## API schema and implementation
+
+In addition to Docker's standard plugin registration method, each plugin
+should implement the following two methods:
+
+* `/AuthzPlugin.AuthZReq` This authorize request method is called before the Docker daemon processes the client request.
+
+* `/AuthzPlugin.AuthZRes` This authorize response method is called before the response is returned from Docker daemon to the client.
+
+#### /AuthzPlugin.AuthZReq
+
+**Request**:
+
+```json
+{
+    "User":              "The user identification",
+    "UserAuthNMethod":   "The authentication method used",
+    "RequestMethod":     "The HTTP method",
+    "RequestURI":        "The HTTP request URI",
+    "RequestBody":       "Byte array containing the raw HTTP request body",
+    "RequestHeader":     "Byte array containing the raw HTTP request header as a map[string][]string ",
+    "RequestStatusCode": "Request status code"
+}
+```
+
+**Response**:
+
+```json
+{
+    "Allow": "Determined whether the user is allowed or not",
+    "Msg":   "The authorization message",
+    "Err":   "The error message if things go wrong"
+}
+```
+#### /AuthzPlugin.AuthZRes
+
+**Request**:
+
+```json
+{
+    "User":              "The user identification",
+    "UserAuthNMethod":   "The authentication method used",
+    "RequestMethod":     "The HTTP method",
+    "RequestURI":        "The HTTP request URI",
+    "RequestBody":       "Byte array containing the raw HTTP request body",
+    "RequestHeader":     "Byte array containing the raw HTTP request header as a map[string][]string",
+    "RequestStatusCode": "Request status code",
+    "ResponseBody":      "Byte array containing the raw HTTP response body",
+    "ResponseHeader":    "Byte array containing the raw HTTP response header as a map[string][]string",
+    "ResponseStatusCode":"Response status code"
+}
+```
+
+**Response**:
+
+```json
+{
+   "Allow":              "Determined whether the user is allowed or not",
+   "Msg":                "The authorization message",
+   "Err":                "The error message if things go wrong",
+   "ModifiedBody":       "Byte array containing a modified body of the raw HTTP body (or nil if no changes required)",
+   "ModifiedHeader":     "Byte array containing a modified header of the HTTP response (or nil if no changes required)",
+   "ModifiedStatusCode": "int containing the modified version of the status code (or 0 if not change is required)"
+}
+```
+
+The modified response enables the authorization plugin to manipulate the content
+of the HTTP response. In case of more than one plugin, each subsequent plugin
+receives a response (optionally) modified by a previous plugin.
+
+### Request authorization
+
+Each plugin must support two request authorization messages formats, one from the daemon to the plugin and then from the plugin to the daemon. The tables below detail the content expected in each message.
+
+#### Daemon -> Plugin
+
+Name                   | Type              | Description
+-----------------------|-------------------|-------------------------------------------------------
+User                   | string            | The user identification
+Authentication method  | string            | The authentication method used
+Request method         | enum              | The HTTP method (GET/DELETE/POST)
+Request URI            | string            | The HTTP request URI including API version (e.g., v.1.17/containers/json)
+Request headers        | map[string]string | Request headers as key value pairs (without the authorization header)
+Request body           | []byte            | Raw request body
+
+
+#### Plugin -> Daemon
+
+Name    | Type   | Description
+--------|--------|----------------------------------------------------------------------------------
+Allow   | bool   | Boolean value indicating whether the request is allowed or denied
+Msg     | string | Authorization message (will be returned to the client in case the access is denied)
+Err     | string | Error message (will be returned to the client in case the plugin encounter an error. The string value supplied may appear in logs, so should not include confidential information)
+
+### Response authorization
+
+The plugin must support two authorization messages formats, one from the daemon to the plugin and then from the plugin to the daemon. The tables below detail the content expected in each message.
+
+#### Daemon -> Plugin
+
+
+Name                    | Type              | Description
+----------------------- |------------------ |----------------------------------------------------
+User                    | string            | The user identification
+Authentication method   | string            | The authentication method used
+Request method          | string            | The HTTP method (GET/DELETE/POST)
+Request URI             | string            | The HTTP request URI including API version (e.g., v.1.17/containers/json)
+Request headers         | map[string]string | Request headers as key value pairs (without the authorization header)
+Request body            | []byte            | Raw request body
+Response status code    | int               | Status code from the docker daemon
+Response headers        | map[string]string | Response headers as key value pairs
+Response body           | []byte            | Raw docker daemon response body
+
+
+#### Plugin -> Daemon
+
+Name    | Type   | Description
+--------|--------|----------------------------------------------------------------------------------
+Allow   | bool   | Boolean value indicating whether the response is allowed or denied
+Msg     | string | Authorization message (will be returned to the client in case the access is denied)
+Err     | string | Error message (will be returned to the client in case the plugin encounter an error. The string value supplied may appear in logs, so should not include confidential information)
diff --git a/docs/extend/plugins_network.md b/docs/extend/plugins_network.md
new file mode 100644
index 00000000..ac072732
--- /dev/null
+++ b/docs/extend/plugins_network.md
@@ -0,0 +1,57 @@
+<!--[metadata]>
++++
+title = "Docker network driver plugins"
+description = "Network driver plugins."
+keywords = ["Examples, Usage, plugins, docker, documentation, user guide"]
+[menu.main]
+parent = "engine_extend"
++++
+<![end-metadata]-->
+
+# Engine network driver plugins
+
+Docker Engine network plugins enable Engine deployments to be extended to
+support a wide range of networking technologies, such as VXLAN, IPVLAN, MACVLAN
+or something completely different. Network driver plugins are supported via the
+LibNetwork project. Each plugin is implemented asa  "remote driver" for
+LibNetwork, which shares plugin infrastructure with Engine. Effectively, network
+driver plugins are activated in the same way as other plugins, and use the same
+kind of protocol.
+
+## Using network driver plugins
+
+The means of installing and running a network driver plugin depend on the
+particular plugin. So, be sure to install your plugin according to the
+instructions obtained from the plugin developer.
+
+Once running however, network driver plugins are used just like the built-in
+network drivers: by being mentioned as a driver in network-oriented Docker
+commands. For example,
+
+    $ docker network create --driver weave mynet
+
+Some network driver plugins are listed in [plugins](plugins.md)
+
+The `mynet` network is now owned by `weave`, so subsequent commands
+referring to that network will be sent to the plugin,
+
+    $ docker run --net=mynet busybox top
+
+
+## Write a network plugin
+
+Network plugins implement the [Docker plugin
+API](https://docs.docker.com/extend/plugin_api/) and the network plugin protocol
+
+## Network plugin protocol
+
+The network driver protocol, in addition to the plugin activation call, is
+documented as part of libnetwork:
+[https://github.com/docker/libnetwork/blob/master/docs/remote.md](https://github.com/docker/libnetwork/blob/master/docs/remote.md).
+
+# Related Information
+
+To interact with the Docker maintainers and other interested users, see the IRC channel `#docker-network`.
+
+-  [Docker networks feature overview](../userguide/networking/index.md)
+-  The [LibNetwork](https://github.com/docker/libnetwork) project
diff --git a/docs/extend/plugins_volume.md b/docs/extend/plugins_volume.md
new file mode 100644
index 00000000..cb1bebf5
--- /dev/null
+++ b/docs/extend/plugins_volume.md
@@ -0,0 +1,216 @@
+<!--[metadata]>
++++
+title = "Volume plugins"
+description = "How to manage data with external volume plugins"
+keywords = ["Examples, Usage, volume, docker, data, volumes, plugin, api"]
+[menu.main]
+parent = "engine_extend"
++++
+<![end-metadata]-->
+
+# Write a volume plugin
+
+Docker Engine volume plugins enable Engine deployments to be integrated with
+external storage systems, such as Amazon EBS, and enable data volumes to persist
+beyond the lifetime of a single Engine host. See the [plugin
+documentation](plugins.md) for more information.
+
+## Command-line changes
+
+A volume plugin makes use of the `-v`and `--volume-driver` flag on the `docker run` command.  The `-v` flag accepts a volume name and the `--volume-driver` flag a driver type, for example:
+
+    $ docker run -ti -v volumename:/data --volume-driver=flocker   busybox sh
+
+This command passes the `volumename` through to the volume plugin as a
+user-given name for the volume. The `volumename` must not begin with a `/`.
+
+By having the user specify a  `volumename`, a plugin can associate the volume
+with an external volume beyond the lifetime of a single container or container
+host. This can be used, for example, to move a stateful container from one
+server to another.
+
+By specifying a `volumedriver` in conjunction with a `volumename`, users can use plugins such as [Flocker](https://clusterhq.com/docker-plugin/) to manage volumes external to a single host, such as those on EBS.
+
+
+## Create a VolumeDriver
+
+The container creation endpoint (`/containers/create`) accepts a `VolumeDriver`
+field of type `string` allowing to specify the name of the driver. It's default
+value of `"local"` (the default driver for local volumes).
+
+## Volume plugin protocol
+
+If a plugin registers itself as a `VolumeDriver` when activated, then it is
+expected to provide writeable paths on the host filesystem for the Docker
+daemon to provide to containers to consume.
+
+The Docker daemon handles bind-mounting the provided paths into user
+containers.
+
+> **Note**: Volume plugins should *not* write data to the `/var/lib/docker/`
+> directory, including `/var/lib/docker/volumes`. The `/var/lib/docker/`
+> directory is reserved for Docker.
+
+### /VolumeDriver.Create
+
+**Request**:
+```json
+{
+    "Name": "volume_name",
+    "Opts": {}
+}
+```
+
+Instruct the plugin that the user wants to create a volume, given a user
+specified volume name.  The plugin does not need to actually manifest the
+volume on the filesystem yet (until Mount is called).
+Opts is a map of driver specific options passed through from the user request.
+
+**Response**:
+```json
+{
+    "Err": ""
+}
+```
+
+Respond with a string error if an error occurred.
+
+### /VolumeDriver.Remove
+
+**Request**:
+```json
+{
+    "Name": "volume_name"
+}
+```
+
+Delete the specified volume from disk. This request is issued when a user invokes `docker rm -v` to remove volumes associated with a container.
+
+**Response**:
+```json
+{
+    "Err": ""
+}
+```
+
+Respond with a string error if an error occurred.
+
+### /VolumeDriver.Mount
+
+**Request**:
+```json
+{
+    "Name": "volume_name"
+}
+```
+
+Docker requires the plugin to provide a volume, given a user specified volume
+name. This is called once per container start. If the same volume_name is requested
+more than once, the plugin may need to keep track of each new mount request and provision
+at the first mount request and deprovision at the last corresponding unmount request.
+
+**Response**:
+```json
+{
+    "Mountpoint": "/path/to/directory/on/host",
+    "Err": ""
+}
+```
+
+Respond with the path on the host filesystem where the volume has been made
+available, and/or a string error if an error occurred.
+
+### /VolumeDriver.Path
+
+**Request**:
+```json
+{
+    "Name": "volume_name"
+}
+```
+
+Docker needs reminding of the path to the volume on the host.
+
+**Response**:
+```json
+{
+    "Mountpoint": "/path/to/directory/on/host",
+    "Err": ""
+}
+```
+
+Respond with the path on the host filesystem where the volume has been made
+available, and/or a string error if an error occurred.
+
+### /VolumeDriver.Unmount
+
+**Request**:
+```json
+{
+    "Name": "volume_name"
+}
+```
+
+Indication that Docker no longer is using the named volume. This is called once
+per container stop.  Plugin may deduce that it is safe to deprovision it at
+this point.
+
+**Response**:
+```json
+{
+    "Err": ""
+}
+```
+
+Respond with a string error if an error occurred.
+
+
+### /VolumeDriver.Get
+
+**Request**:
+```json
+{
+    "Name": "volume_name"
+}
+```
+
+Get the volume info.
+
+
+**Response**:
+```json
+{
+  "Volume": {
+    "Name": "volume_name",
+    "Mountpoint": "/path/to/directory/on/host",
+  },
+  "Err": ""
+}
+```
+
+Respond with a string error if an error occurred.
+
+
+### /VolumeDriver.List
+
+**Request**:
+```json
+{}
+```
+
+Get the list of volumes registered with the plugin.
+
+**Response**:
+```json
+{
+  "Volumes": [
+    {
+      "Name": "volume_name",
+      "Mountpoint": "/path/to/directory/on/host"
+    }
+  ],
+  "Err": ""
+}
+```
+
+Respond with a string error if an error occurred.
diff --git a/docs/faq.md b/docs/faq.md
new file mode 100644
index 00000000..b017557c
--- /dev/null
+++ b/docs/faq.md
@@ -0,0 +1,294 @@
+<!--[metadata]>
++++
+aliases = ["/engine/misc/faq/"]
+title = "FAQ"
+description = "Most frequently asked questions."
+keywords = ["faq, questions, documentation,  docker"]
+[menu.main]
+identifier="engine_faq"
+parent = "engine_use"
+weight = 80
++++
+<![end-metadata]-->
+
+# Frequently Asked Questions (FAQ)
+
+If you don't see your question here, feel free to submit new ones to
+<docs@docker.com>.  Or, you can fork [the
+repo](https://github.com/docker/docker) and contribute them yourself by editing
+the documentation sources.
+
+
+### How much does Engine cost?
+
+Docker Engine is 100% free. It is open source, so you can use it without paying.
+
+### What open source license are you using?
+
+We are using the Apache License Version 2.0, see it here:
+[https://github.com/docker/docker/blob/master/LICENSE](
+https://github.com/docker/docker/blob/master/LICENSE)
+
+### Does Docker run on Mac OS X or Windows?
+
+Docker Engine currently runs only on Linux, but you can use VirtualBox to run
+Engine in a virtual machine on your box, and get the best of both worlds. Check
+out the [*Mac OS X*](installation/mac.md) and [*Microsoft
+Windows*](installation/windows.md) installation guides. The small Linux
+distribution boot2docker can be set up using the Docker Machine tool to be run
+inside virtual machines on these two operating systems.
+
+>**Note:** if you are using a remote Docker Engine daemon on a VM through Docker
+>Machine, then _do not_ type the `sudo` before the `docker` commands shown in
+>the documentation's examples.
+
+### How do containers compare to virtual machines?
+
+They are complementary. VMs are best used to allocate chunks of hardware
+resources. Containers operate at the process level, which makes them very
+lightweight and perfect as a unit of software delivery.
+
+### What does Docker technology add to just plain LXC?
+
+Docker technology is not a replacement for LXC. "LXC" refers to capabilities of
+the Linux kernel (specifically namespaces and control groups) which allow
+sandboxing processes from one another, and controlling their resource
+allocations. On top of this low-level foundation of kernel features, Docker
+offers a high-level tool with several powerful functionalities:
+
+ - *Portable deployment across machines.* Docker defines a format for bundling
+ an application and all its dependencies into a single object which can be
+ transferred to any Docker-enabled machine, and executed there with the
+ guarantee that the execution environment exposed to the application will be the
+ same. LXC implements process sandboxing, which is an important pre-requisite
+ for portable deployment, but that alone is not enough for portable deployment.
+ If you sent me a copy of your application installed in a custom LXC
+ configuration, it would almost certainly not run on my machine the way it does
+ on yours, because it is tied to your machine's specific configuration:
+ networking, storage, logging, distro, etc. Docker defines an abstraction for
+ these machine-specific settings, so that the exact same Docker container can
+ run - unchanged - on many different machines, with many different
+ configurations.
+
+ - *Application-centric.* Docker is optimized for the deployment of
+ applications, as opposed to machines. This is reflected in its API, user
+ interface, design philosophy and documentation. By contrast, the `lxc` helper
+ scripts focus on containers as lightweight machines - basically servers that
+ boot faster and need less RAM. We think there's more to containers than just
+ that.
+
+ - *Automatic build.* Docker includes [*a tool for developers to automatically
+ assemble a container from their source
+ code*](reference/builder.md), with full control over application
+ dependencies, build tools, packaging etc. They are free to use `make`, `maven`,
+ `chef`, `puppet`, `salt,` Debian packages, RPMs, source tarballs, or any
+ combination of the above, regardless of the configuration of the machines.
+
+ - *Versioning.* Docker includes git-like capabilities for tracking successive
+ versions of a container, inspecting the diff between versions, committing new
+ versions, rolling back etc. The history also includes how a container was
+ assembled and by whom, so you get full traceability from the production server
+ all the way back to the upstream developer. Docker also implements incremental
+ uploads and downloads, similar to `git pull`, so new versions of a container
+ can be transferred by only sending diffs.
+
+ - *Component re-use.* Any container can be used as a [*"base image"*](reference/glossary.md#image) to create more specialized components. This can
+ be done manually or as part of an automated build. For example you can prepare
+ the ideal Python environment, and use it as a base for 10 different
+ applications. Your ideal PostgreSQL setup can be re-used for all your future
+ projects. And so on.
+
+ - *Sharing.* Docker has access to a public registry [on Docker Hub](https://hub.docker.com/)
+ where thousands of people have uploaded useful images: anything from Redis,
+ CouchDB, PostgreSQL to IRC bouncers to Rails app servers to Hadoop to base
+ images for various Linux distros. The
+ [*registry*](https://docs.docker.com/registry/) also
+ includes an official "standard library" of useful containers maintained by the
+ Docker team. The registry itself is open-source, so anyone can deploy their own
+ registry to store and transfer private containers, for internal server
+ deployments for example.
+
+ - *Tool ecosystem.* Docker defines an API for automating and customizing the
+ creation and deployment of containers. There are a huge number of tools
+ integrating with Docker to extend its capabilities. PaaS-like deployment
+ (Dokku, Deis, Flynn), multi-node orchestration (Maestro, Salt, Mesos, Openstack
+ Nova), management dashboards (docker-ui, Openstack Horizon, Shipyard),
+ configuration management (Chef, Puppet), continuous integration (Jenkins,
+ Strider, Travis), etc. Docker is rapidly establishing itself as the standard
+ for container-based tooling.
+
+### What is different between a Docker container and a VM?
+
+There's a great StackOverflow answer [showing the differences](
+http://stackoverflow.com/questions/16047306/how-is-docker-io-different-from-a-normal-virtual-machine).
+
+### Do I lose my data when the container exits?
+
+Not at all! Any data that your application writes to disk gets preserved in its
+container until you explicitly delete the container. The file system for the
+container persists even after the container halts.
+
+### How far do Docker containers scale?
+
+Some of the largest server farms in the world today are based on containers.
+Large web deployments like Google and Twitter, and platform providers such as
+Heroku and dotCloud all run on container technology, at a scale of hundreds of
+thousands or even millions of containers running in parallel.
+
+### How do I connect Docker containers?
+
+Currently the recommended way to connect containers is via the Docker network feature. You can see details of how to [work with Docker networks here](userguide/networking/work-with-networks.md).
+
+Also useful for more flexible service portability is the [Ambassador linking
+pattern](admin/ambassador_pattern_linking.md).
+
+### How do I run more than one process in a Docker container?
+
+Any capable process supervisor such as [http://supervisord.org/](
+http://supervisord.org/), runit, s6, or daemontools can do the trick. Docker
+will start up the process management daemon which will then fork to run
+additional processes. As long as the processor manager daemon continues to run,
+the container will continue to as well. You can see a more substantial example
+[that uses supervisord here](admin/using_supervisord.md).
+
+### What platforms does Docker run on?
+
+Linux:
+
+ - Ubuntu 12.04, 13.04 et al
+ - Fedora 19/20+
+ - RHEL 6.5+
+ - CentOS 6+
+ - Gentoo
+ - ArchLinux
+ - openSUSE 12.3+
+ - CRUX 3.0+
+
+Cloud:
+
+ - Amazon EC2
+ - Google Compute Engine
+ - Microsoft Azure
+ - Rackspace
+
+### How do I report a security issue with Docker?
+
+You can learn about the project's security policy
+[here](https://www.docker.com/security/) and report security issues to this
+[mailbox](mailto:security@docker.com).
+
+### Why do I need to sign my commits to Docker with the DCO?
+
+Please read [our blog post](
+http://blog.docker.com/2014/01/docker-code-contributions-require-developer-certificate-of-origin/) on the introduction of the DCO.
+
+### When building an image, should I prefer system libraries or bundled ones?
+
+*This is a summary of a discussion on the [docker-dev mailing list](
+https://groups.google.com/forum/#!topic/docker-dev/L2RBSPDu1L0).*
+
+Virtually all programs depend on third-party libraries. Most frequently, they
+will use dynamic linking and some kind of package dependency, so that when
+multiple programs need the same library, it is installed only once.
+
+Some programs, however, will bundle their third-party libraries, because they
+rely on very specific versions of those libraries. For instance, Node.js bundles
+OpenSSL; MongoDB bundles V8 and Boost (among others).
+
+When creating a Docker image, is it better to use the bundled libraries, or
+should you build those programs so that they use the default system libraries
+instead?
+
+The key point about system libraries is not about saving disk or memory space.
+It is about security. All major distributions handle security seriously, by
+having dedicated security teams, following up closely with published
+vulnerabilities, and disclosing advisories themselves. (Look at the [Debian
+Security Information](https://www.debian.org/security/) for an example of those
+procedures.) Upstream developers, however, do not always implement similar
+practices.
+
+Before setting up a Docker image to compile a program from source, if you want
+to use bundled libraries, you should check if the upstream authors provide a
+convenient way to announce security vulnerabilities, and if they update their
+bundled libraries in a timely manner. If they don't, you are exposing yourself
+(and the users of your image) to security vulnerabilities.
+
+Likewise, before using packages built by others, you should check if the
+channels providing those packages implement similar security best practices.
+Downloading and installing an "all-in-one" .deb or .rpm sounds great at first,
+except if you have no way to figure out that it contains a copy of the OpenSSL
+library vulnerable to the [Heartbleed](http://heartbleed.com/) bug.
+
+### Why is `DEBIAN_FRONTEND=noninteractive` discouraged in Dockerfiles?
+
+When building Docker images on Debian and Ubuntu you may have seen errors like:
+
+    unable to initialize frontend: Dialog
+
+These errors don't stop the image from being built but inform you that the
+installation process tried to open a dialog box, but was unable to. Generally,
+these errors are safe to ignore.
+
+Some people circumvent these errors by changing the `DEBIAN_FRONTEND`
+environment variable inside the Dockerfile using:
+
+    ENV DEBIAN_FRONTEND=noninteractive
+
+This prevents the installer from opening dialog boxes during installation which
+stops the errors.
+
+While this may sound like a good idea, it *may* have side effects. The
+`DEBIAN_FRONTEND` environment variable will be inherited by all images and
+containers built from your image, effectively changing their behavior. People
+using those images will run into problems when installing software
+interactively, because installers will not show any dialog boxes.
+
+Because of this, and because setting `DEBIAN_FRONTEND` to `noninteractive` is
+mainly a 'cosmetic' change, we *discourage* changing it.
+
+If you *really* need to change its setting, make sure to change it back to its
+[default value](https://www.debian.org/releases/stable/i386/ch05s03.html.en)
+afterwards.
+
+### Why do I get `Connection reset by peer` when making a request to a service running in a container?
+
+Typically, this message is returned if the service is already bound to your
+localhost. As a result, requests coming to the container from outside are
+dropped. To correct this problem, change the service's configuration on your
+localhost so that the service accepts requests from all IPs.  If you aren't sure
+how to do this, check the documentation for your OS.
+
+### Why do I get `Cannot connect to the Docker daemon. Is the docker daemon running on this host?` when using docker-machine?
+
+This error points out that the docker client cannot connect to the virtual machine.
+This means that either the virtual machine that works underneath `docker-machine`
+is not running or that the client doesn't correctly point at it.
+
+To verify that the docker machine is running you can use the `docker-machine ls`
+command and start it with `docker-machine start` if needed.
+
+    $ docker-machine ls
+    NAME             ACTIVE   DRIVER       STATE     URL   SWARM                   DOCKER    ERRORS
+    default          -        virtualbox   Stopped                                 Unknown
+
+    $ docker-machine start default
+
+You have to tell Docker to talk to that machine. You can do this with the
+`docker-machine env` command. For example,
+
+    $ eval "$(docker-machine env default)"
+    $ docker ps
+
+### Where can I find more answers?
+
+You can find more answers on:
+
+
+- [Docker user mailinglist](https://groups.google.com/d/forum/docker-user)
+- [Docker developer mailinglist](https://groups.google.com/d/forum/docker-dev)
+- [IRC, docker on freenode](irc://chat.freenode.net#docker)
+- [GitHub](https://github.com/docker/docker)
+- [Ask questions on Stackoverflow](http://stackoverflow.com/search?q=docker)
+- [Join the conversation on Twitter](http://twitter.com/docker)
+
+Looking for something else to read? Checkout the [User Guide](userguide/index.md).
diff --git a/docs/index.md b/docs/index.md
new file mode 100644
index 00000000..616793cb
--- /dev/null
+++ b/docs/index.md
@@ -0,0 +1,121 @@
+<!-- [metadata]>
++++
+aliases = ["/engine/misc/"]
+title = "Docker Engine"
+description = "Engine"
+keywords = ["Engine"]
+[menu.main]
+identifier="engine_use"
+weight=-85
++++
+<![end-metadata]-->
+
+# About Docker Engine
+
+**Develop, Ship and Run Any Application, Anywhere**
+
+[**Docker**](https://www.docker.com) is a platform for developers and sysadmins
+to develop, ship, and run applications.  Docker lets you quickly assemble
+applications from components and eliminates the friction that can come when
+shipping code. Docker lets you get your code tested and deployed into production
+as fast as possible.
+
+Docker consists of:
+
+* The Docker Engine - our lightweight and powerful open source containerization
+  technology combined with a work flow for building and containerizing your
+  applications.
+* [Docker Hub](https://hub.docker.com) - our SaaS service for
+  sharing and managing your application stacks.
+
+## Why Docker?
+
+*Faster delivery of your applications*
+
+* We want your environment to work better. Docker containers,
+      and the work flow that comes with them, help your developers,
+      sysadmins, QA folks, and release engineers work together to get your code
+      into production and make it useful. We've created a standard
+      container format that lets developers care about their applications
+      inside containers while sysadmins and operators can work on running the
+      container in your deployment. This separation of duties streamlines and
+      simplifies the management and deployment of code.
+* We make it easy to build new containers, enable rapid iteration of
+      your applications, and increase the visibility of changes. This
+      helps everyone in your organization understand how an application works
+      and how it is built.
+* Docker containers are lightweight and fast! Containers have
+      sub-second launch times, reducing the cycle
+      time of development, testing, and deployment.
+
+*Deploy and scale more easily*
+
+* Docker containers run (almost) everywhere. You can deploy
+      containers on desktops, physical servers, virtual machines, into
+      data centers, and up to public and private clouds.
+* Since Docker runs on so many platforms, it's easy to move your
+      applications around. You can easily move an application from a
+      testing environment into the cloud and back whenever you need.
+* Docker's lightweight containers also make scaling up and
+      down fast and easy. You can quickly launch more containers when
+      needed and then shut them down easily when they're no longer needed.
+
+*Get higher density and run more workloads*
+
+* Docker containers don't need a hypervisor, so you can pack more of
+      them onto your hosts. This means you get more value out of every
+      server and can potentially reduce what you spend on equipment and
+      licenses.
+
+*Faster deployment makes for easier management*
+
+* As Docker speeds up your work flow, it gets easier to make lots
+      of small changes instead of huge, big bang updates. Smaller
+      changes mean reduced risk and more uptime.
+
+## About this guide
+
+The [Understanding Docker section](understanding-docker.md) will help you:
+
+ - See how Docker works at a high level
+ - Understand the architecture of Docker
+ - Discover Docker's features;
+ - See how Docker compares to virtual machines
+ - See some common use cases.
+
+### Installation guides
+
+The [installation section](installation/index.md) will show you how to install Docker
+on a variety of platforms.
+
+
+### Docker user guide
+
+To learn about Docker in more detail and to answer questions about usage and
+implementation, check out the [Docker User Guide](userguide/index.md).
+
+## Release notes
+
+A summary of the changes in each release in the current series can now be found
+on the separate [Release Notes page](https://docs.docker.com/release-notes)
+
+## Feature Deprecation Policy
+
+As changes are made to Docker there may be times when existing features
+will need to be removed or replaced with newer features. Before an existing
+feature is removed it will be labeled as "deprecated" within the documentation
+and will remain in Docker for, usually, at least 2 releases. After that time
+it may be removed.
+
+Users are expected to take note of the list of deprecated features each
+release and plan their migration away from those features, and (if applicable)
+towards the replacement features as soon as possible.
+
+The complete list of deprecated features can be found on the
+[Deprecated Features page](deprecated.md).
+
+## Licensing
+
+Docker is licensed under the Apache License, Version 2.0. See
+[LICENSE](https://github.com/docker/docker/blob/master/LICENSE) for the full
+license text.
diff --git a/docs/installation/binaries.md b/docs/installation/binaries.md
new file mode 100644
index 00000000..452a715a
--- /dev/null
+++ b/docs/installation/binaries.md
@@ -0,0 +1,249 @@
+<!--[metadata]>
++++
+title = "Installation from binaries"
+description = "Instructions for installing Docker as a binary. Mostly meant for hackers who want to try out Docker on a variety of environments."
+keywords = ["binaries, installation, docker, documentation,  linux"]
+[menu.main]
+parent = "engine_install"
+weight = 110
++++
+<![end-metadata]-->
+
+# Installation from binaries
+
+**This instruction set is meant for hackers who want to try out Docker
+on a variety of environments.**
+
+Before following these directions, you should really check if a packaged
+version of Docker is already available for your distribution. We have
+packages for many distributions, and more keep showing up all the time!
+
+## Check runtime dependencies
+
+To run properly, docker needs the following software to be installed at
+runtime:
+
+ - iptables version 1.4 or later
+ - Git version 1.7 or later
+ - procps (or similar provider of a "ps" executable)
+ - XZ Utils 4.9 or later
+ - a [properly mounted](
+   https://github.com/tianon/cgroupfs-mount/blob/master/cgroupfs-mount)
+   cgroupfs hierarchy (having a single, all-encompassing "cgroup" mount
+   point [is](https://github.com/docker/docker/issues/2683)
+   [not](https://github.com/docker/docker/issues/3485)
+   [sufficient](https://github.com/docker/docker/issues/4568))
+
+## Check kernel dependencies
+
+Docker in daemon mode has specific kernel requirements. For details,
+check your distribution in [*Installation*](index.md#on-linux).
+
+A 3.10 Linux kernel is the minimum requirement for Docker.
+Kernels older than 3.10 lack some of the features required to run Docker
+containers. These older versions are known to have bugs which cause data loss
+and frequently panic under certain conditions.
+
+The latest minor version (3.x.y) of the 3.10 (or a newer maintained version)
+Linux kernel is recommended. Keeping the kernel up to date with the latest
+minor version will ensure critical kernel bugs get fixed.
+
+> **Warning**:
+> Installing custom kernels and kernel packages is probably not
+> supported by your Linux distribution's vendor. Please make sure to
+> ask your vendor about Docker support first before attempting to
+> install custom kernels on your distribution.
+
+> **Warning**:
+> Installing a newer kernel might not be enough for some distributions
+> which provide packages which are too old or incompatible with
+> newer kernels.
+
+Note that Docker also has a client mode, which can run on virtually any
+Linux kernel (it even builds on OS X!).
+
+## Enable AppArmor and SELinux when possible
+
+Please use AppArmor or SELinux if your Linux distribution supports
+either of the two. This helps improve security and blocks certain
+types of exploits. Your distribution's documentation should provide
+detailed steps on how to enable the recommended security mechanism.
+
+Some Linux distributions enable AppArmor or SELinux by default and
+they run a kernel which doesn't meet the minimum requirements (3.10
+or newer). Updating the kernel to 3.10 or newer on such a system
+might not be enough to start Docker and run containers.
+Incompatibilities between the version of AppArmor/SELinux user
+space utilities provided by the system and the kernel could prevent
+Docker from running, from starting containers or, cause containers to
+exhibit unexpected behaviour.
+
+> **Warning**:
+> If either of the security mechanisms is enabled, it should not be
+> disabled to make Docker or its containers run. This will reduce
+> security in that environment, lose support from the distribution's
+> vendor for the system, and might break regulations and security
+> policies in heavily regulated environments.
+
+## Get the Docker Engine binaries
+
+You can download either the latest release binaries or a specific version. To get
+the list of stable release version numbers from GitHub, view the `docker/docker`
+[releases page](https://github.com/docker/docker/releases). You can get the MD5
+and SHA256 hashes by appending .md5 and .sha256 to the URLs respectively
+
+
+### Get the Linux binaries
+
+To download the latest version for Linux, use the
+following URLs:
+
+    https://get.docker.com/builds/Linux/i386/docker-latest.tgz
+
+    https://get.docker.com/builds/Linux/x86_64/docker-latest.tgz
+
+To download a specific version for Linux, use the
+following URL patterns:
+
+    https://get.docker.com/builds/Linux/i386/docker-<version>.tgz
+
+    https://get.docker.com/builds/Linux/x86_64/docker-<version>.tgz
+
+For example:
+
+    https://get.docker.com/builds/Linux/i386/docker-1.11.0.tgz
+
+    https://get.docker.com/builds/Linux/x86_64/docker-1.11.0.tgz
+
+> **Note** These instructions are for Docker Engine 1.11 and up. Engine 1.10 and
+> under consists of a single binary, and instructions for those versions are
+> different. To install version 1.10 or below, follow the instructions in the 
+> <a href="/v1.10/engine/installation/binaries/" target="_blank">1.10 documentation</a>.
+
+
+#### Install the Linux binaries
+
+After downloading, you extract the archive, which puts the binaries in a
+directory named `docker` in your current location.
+
+```bash
+$ tar -xvzf docker-latest.tgz
+
+docker/
+docker/docker-containerd-ctr
+docker/docker
+docker/docker-containerd
+docker/docker-runc
+docker/docker-containerd-shim
+```
+
+Engine requires these binaries to be installed in your host's `$PATH`.
+For example, to install the binaries in `/usr/bin`:
+
+```bash
+$ mv docker/* /usr/bin/
+```
+
+> **Note**: If you already have Engine installed on your host, make sure you
+> stop Engine before installing (`killall docker`), and install the binaries
+> in the same location. You can find the location of the current installation
+> with `dirname $(which docker)`.
+
+#### Run the Engine daemon on Linux
+
+You can manually start the Engine in daemon mode using:
+
+```bash
+$ sudo docker daemon &
+```
+
+The GitHub repository provides samples of init-scripts you can use to control
+the daemon through a process manager, such as upstart or systemd. You can find
+these scripts in the <a href="https://github.com/docker/docker/tree/master/contrib/init">
+contrib directory</a>.
+
+For additional information about running the Engine in daemon mode, refer to
+the [daemon command](../reference/commandline/daemon.md) in the Engine command
+line reference.
+
+### Get the Mac OS X binary
+
+The Mac OS X binary is only a client. You cannot use it to run the `docker`
+daemon. To download the latest version for Mac OS X, use the following URLs:
+
+    https://get.docker.com/builds/Darwin/x86_64/docker-latest.tgz
+
+To download a specific version for Mac OS X, use the
+following URL pattern:
+
+    https://get.docker.com/builds/Darwin/x86_64/docker-<version>.tgz
+
+For example:
+
+    https://get.docker.com/builds/Darwin/x86_64/docker-1.11.0.tgz
+
+You can extract the downloaded archive either by double-clicking the downloaded
+`.tgz` or on the command line, using `tar -xvzf docker-1.11.0.tgz`. The client
+binary can be executed from any location on your filesystem.
+
+
+### Get the Windows binary
+
+You can only download the Windows binary for version `1.9.1` onwards.
+Moreover, the 32-bit (`i386`) binary is only a client, you cannot use it to
+run the `docker` daemon. The 64-bit binary (`x86_64`) is both a client and
+daemon.
+
+To download the latest version for Windows, use the following URLs:
+
+    https://get.docker.com/builds/Windows/i386/docker-latest.zip
+
+    https://get.docker.com/builds/Windows/x86_64/docker-latest.zip
+
+To download a specific version for Windows, use the following URL pattern:
+
+    https://get.docker.com/builds/Windows/i386/docker-<version>.zip
+
+    https://get.docker.com/builds/Windows/x86_64/docker-<version>.zip
+
+For example:
+
+    https://get.docker.com/builds/Windows/i386/docker-1.11.0.zip
+
+    https://get.docker.com/builds/Windows/x86_64/docker-1.11.0.zip
+
+
+> **Note** These instructions are for Engine 1.11 and up. Instructions for older
+> versions are slightly different. To install version 1.10 or below, follow the
+> instructions in the <a href="/v1.10/engine/installation/binaries/" target="_blank">1.10 documentation</a>.
+
+## Giving non-root access
+
+The `docker` daemon always runs as the root user, and the `docker`
+daemon binds to a Unix socket instead of a TCP port. By default that
+Unix socket is owned by the user *root*, and so, by default, you can
+access it with `sudo`.
+
+If you (or your Docker installer) create a Unix group called *docker*
+and add users to it, then the `docker` daemon will make the ownership of
+the Unix socket read/writable by the *docker* group when the daemon
+starts. The `docker` daemon must always run as the root user, but if you
+run the `docker` client as a user in the *docker* group then you don't
+need to add `sudo` to all the client commands.
+
+> **Warning**:
+> The *docker* group (or the group specified with `-G`) is root-equivalent;
+> see [*Docker Daemon Attack Surface*](../security/security.md#docker-daemon-attack-surface) details.
+
+## Upgrade Docker Engine
+
+To upgrade your manual installation of Docker Engine on Linux, first kill the docker
+daemon:
+
+    $ killall docker
+
+Then follow the [regular installation steps](#get-the-linux-binaries).
+
+## Next steps
+
+Continue with the [User Guide](../userguide/index.md).
diff --git a/docs/installation/cloud/cloud-ex-aws.md b/docs/installation/cloud/cloud-ex-aws.md
new file mode 100644
index 00000000..0484f248
--- /dev/null
+++ b/docs/installation/cloud/cloud-ex-aws.md
@@ -0,0 +1,208 @@
+<!--[metadata]>
++++
+title = "Example: Manual install on cloud provider"
+description = "Example of a manual install of Docker Engine on a cloud provider, using Amazon Web Services (AWS) EC2. Shows how to create an EC2 instance, and install Docker Engine on it."
+keywords = ["cloud, docker, machine, documentation,  installation, AWS, EC2"]
+[menu.main]
+parent = "install_cloud"
++++
+<![end-metadata]-->
+
+# Example: Manual install on cloud provider
+
+You can install Docker Engine directly to servers you have on cloud providers.  This example shows how to create an <a href="https://aws.amazon.com/" target="_blank"> Amazon Web Services (AWS)</a> EC2 instance, and install Docker Engine on it.
+
+You can use this same general approach to create Dockerized hosts on other cloud providers.
+
+### Step 1. Sign up for AWS
+
+1. If you are not already an AWS user, sign up for <a href="https://aws.amazon.com/" target="_blank"> AWS</a> to create an account and get root access to EC2 cloud computers. If you have an Amazon account, you can use it as your root user account.
+
+2. Create an IAM (Identity and Access Management) administrator user, an admin group, and a key pair associated with a region.
+
+    From the AWS menus, select **Services** > **IAM** to get started.
+
+    See the AWS documentation on <a href="http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/get-set-up-for-amazon-ec2.html" target="_blank">Setting Up with Amazon EC2</a>. Follow the steps for "Create an IAM User" and "Create a Key Pair".
+
+    If you are just getting started with AWS and EC2, you do not need to create a virtual private cloud (VPC) or specify a subnet. The newer EC2-VPC platform (accounts created after 2013-12-04) comes with a default VPC and subnet in each availability zone. When you launch an instance, it automatically uses the default VPC.
+
+### Step 2. Configure and start an EC2 instance
+
+Launch an instance to create a virtual machine (VM) with a specified operating system (OS) as follows.
+
+  1. Log into AWS with your IAM credentials.
+
+      On the AWS home page, click **EC2** to go to the dashboard, then click **Launch Instance**.
+
+      ![EC2 dashboard](../images/ec2_launch_instance.png)
+
+      AWS EC2 virtual servers are called *instances* in Amazon parlance. Once you set up an account, IAM user and key pair, you are ready to launch an instance. It is at this point that you select the OS for the VM.
+
+  2. Choose an Amazon Machine Image (AMI) with the OS and applications you want. For this example, we select an Ubuntu server.
+
+      ![Launch Ubuntu](../images/ec2-ubuntu.png)
+
+  3. Choose an instance type.
+
+      ![Choose a general purpose instance type](../images/ec2_instance_type.png)
+
+  4. Configure the instance.
+
+    You can select the default network and subnet, which are inherently linked to a region and availability zone.
+
+      ![Configure the instance](../images/ec2_instance_details.png)
+
+  5. Click **Review and Launch**.
+
+  6. Select a key pair to use for this instance.
+
+    When you choose to launch, you need to select a key pair to use. Save the `.pem` file to use in the next steps.
+
+The instance is now up-and-running. The menu path to get back to your EC2 instance on AWS is: **EC2 (Virtual Servers in Cloud)** > **EC2 Dashboard** > **Resources** > **Running instances**.
+
+To get help with your private key file, instance IP address, and how to log into the instance via SSH, click the **Connect** button at the top of the AWS instance dashboard.
+
+
+### Step 3. Log in from a terminal, configure apt, and get packages
+
+1. Log in to the EC2 instance from a command line terminal.
+
+    Change directories into the directory containing the SSH key and run this command (or give the path to it as part of the command):
+
+        $ ssh -i "YourKey" ubuntu@xx.xxx.xxx.xxx
+
+    For our example:
+
+        $ cd ~/Desktop/keys/amazon_ec2
+        $ ssh -i "my-key-pair.pem" ubuntu@xx.xxx.xxx.xxx
+
+    We'll follow the instructions for installing Docker on Ubuntu at https://docs.docker.com/engine/installation/ubuntulinux/. The next few steps reflect those instructions.
+
+2. Check the kernel version to make sure it's 3.10 or higher.
+
+        ubuntu@ip-xxx-xx-x-xxx:~$ uname -r
+        3.13.0-48-generic
+
+3. Add the new `gpg` key.
+
+        ubuntu@ip-xxx-xx-x-xxx:~$ sudo apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
+        Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.jNZLKNnKte --no-auto-check-trustdb --trust-model always --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
+        gpg: requesting key 2C52609D from hkp server p80.pool.sks-keyservers.net
+        gpg: key 2C52609D: public key "Docker Release Tool (releasedocker) <docker@docker.com>" imported
+        gpg: Total number processed: 1
+        gpg:               imported: 1  (RSA: 1)
+
+4. Create a `docker.list` file, and add an entry for our OS, Ubuntu Trusty 14.04 (LTS).
+
+        ubuntu@ip-xxx-xx-x-xxx:~$ sudo vi /etc/apt/sources.list.d/docker.list
+
+    If we were updating an existing file, we'd delete any existing entries.
+
+5. Update the `apt` package index.
+
+        ubuntu@ip-xxx-xx-x-xxx:~$ sudo apt-get update
+
+6. Purge the old repo if it exists.
+
+    In our case the repo doesn't because this is a new VM, but let's run it anyway just to be sure.
+
+        ubuntu@ip-xxx-xx-x-xxx:~$ sudo apt-get purge lxc-docker
+        Reading package lists... Done
+        Building dependency tree       
+        Reading state information... Done
+        Package 'lxc-docker' is not installed, so not removed
+        0 upgraded, 0 newly installed, 0 to remove and 139 not upgraded.
+
+7.  Verify that `apt` is pulling from the correct repository.
+
+        ubuntu@ip-172-31-0-151:~$ sudo apt-cache policy docker-engine
+        docker-engine:
+        Installed: (none)
+        Candidate: 1.9.1-0~trusty
+        Version table:
+        1.9.1-0~trusty 0
+        500 https://apt.dockerproject.org/repo/ ubuntu-trusty/main amd64 Packages
+        1.9.0-0~trusty 0
+        500 https://apt.dockerproject.org/repo/ ubuntu-trusty/main amd64 Packages
+            . . .
+
+    From now on when you run `apt-get upgrade`, `apt` pulls from the new repository.
+
+### Step 4. Install recommended prerequisites for the OS
+
+For Ubuntu Trusty (and some other versions), it’s recommended to install the `linux-image-extra` kernel package, which allows you use the `aufs` storage driver, so we'll do that now.
+
+        ubuntu@ip-xxx-xx-x-xxx:~$ sudo apt-get update
+        ubuntu@ip-172-31-0-151:~$ sudo apt-get install linux-image-extra-$(uname -r)
+
+### Step 5. Install Docker Engine on the remote instance
+
+1. Update the apt package index.
+
+        ubuntu@ip-xxx-xx-x-xxx:~$ sudo apt-get update
+
+2. Install Docker Engine.
+
+        ubuntu@ip-xxx-xx-x-xxx:~$ sudo apt-get install docker-engine
+        Reading package lists... Done
+        Building dependency tree       
+        Reading state information... Done
+        The following extra packages will be installed:
+        aufs-tools cgroup-lite git git-man liberror-perl
+        Suggested packages:
+        git-daemon-run git-daemon-sysvinit git-doc git-el git-email git-gui gitk
+        gitweb git-arch git-bzr git-cvs git-mediawiki git-svn
+        The following NEW packages will be installed:
+        aufs-tools cgroup-lite docker-engine git git-man liberror-perl
+        0 upgraded, 6 newly installed, 0 to remove and 139 not upgraded.
+        Need to get 11.0 MB of archives.
+        After this operation, 60.3 MB of additional disk space will be used.
+        Do you want to continue? [Y/n] y
+        Get:1 http://us-west-1.ec2.archive.ubuntu.com/ubuntu/ trusty/universe aufs-tools amd64 1:3.2+20130722-1.1 [92.3 kB]
+        Get:2 http://us-west-1.ec2.archive.ubuntu.com/ubuntu/ trusty/main liberror-perl all 0.17-1.1 [21.1 kB]
+        . . .
+
+3. Start the Docker daemon.
+
+        ubuntu@ip-xxx-xx-x-xxx:~$ sudo service docker start
+
+4. Verify Docker Engine is installed correctly by running `docker run hello-world`.
+
+        ubuntu@ip-xxx-xx-x-xxx:~$ sudo docker run hello-world
+        ubuntu@ip-172-31-0-151:~$ sudo docker run hello-world
+        Unable to find image 'hello-world:latest' locally
+        latest: Pulling from library/hello-world
+        b901d36b6f2f: Pull complete
+        0a6ba66e537a: Pull complete
+        Digest: sha256:8be990ef2aeb16dbcb9271ddfe2610fa6658d13f6dfb8bc72074cc1ca36966a7
+        Status: Downloaded newer image for hello-world:latest
+
+        Hello from Docker.
+        This message shows that your installation appears to be working correctly.
+
+        To generate this message, Docker took the following steps:
+        1. The Docker client contacted the Docker daemon.
+        2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
+        3. The Docker daemon created a new container from that image which runs the executable that produces the output you are currently reading.
+        4. The Docker daemon streamed that output to the Docker client, which sent it to your terminal.
+
+        To try something more ambitious, you can run an Ubuntu container with:
+        $ docker run -it ubuntu bash
+
+        Share images, automate workflows, and more with a free Docker Hub account:
+        https://hub.docker.com
+
+        For more examples and ideas, visit:
+        https://docs.docker.com/userguide/
+
+## Where to go next
+
+_Looking for a quicker way to do Docker cloud installs and provision multiple hosts?_ You can use [Docker Machine](https://docs.docker.com/machine/overview/) to provision hosts.
+
+  * [Use Docker Machine to provision hosts on cloud providers](https://docs.docker.com/machine/get-started-cloud/)
+
+  * [Docker Machine driver reference](https://docs.docker.com/machine/drivers/)
+
+*  [Install Docker Engine](../index.md)
+
+* [Docker User Guide](../../userguide/intro.md)
diff --git a/docs/installation/cloud/cloud-ex-machine-ocean.md b/docs/installation/cloud/cloud-ex-machine-ocean.md
new file mode 100644
index 00000000..ac00a84c
--- /dev/null
+++ b/docs/installation/cloud/cloud-ex-machine-ocean.md
@@ -0,0 +1,201 @@
+<!--[metadata]>
++++
+title = "Example: Use Docker Machine to provision cloud hosts"
+description = "Example of using Docker Machine to install Docker Engine on a cloud provider, using Digital Ocean."
+keywords = ["cloud, docker, machine, documentation,  installation, digitalocean"]
+[menu.main]
+parent = "install_cloud"
++++
+<![end-metadata]-->
+
+# Example: Use Docker Machine to provision cloud hosts
+
+Docker Machine driver plugins are available for many cloud platforms, so you can use Machine to provision cloud hosts. When you use Docker Machine for provisioning, you create cloud hosts with Docker Engine installed on them.
+
+You'll need to install and run Docker Machine, and create an account with the cloud provider.
+
+Then you provide account verification, security credentials, and configuration options for the providers as flags to `docker-machine create`. The flags are unique for each cloud-specific driver.  For instance, to pass a Digital Ocean access token, you use the `--digitalocean-access-token` flag.
+
+As an example, let's take a look at how to create a Dockerized <a href="https://digitalocean.com" target="_blank">Digital Ocean</a> _Droplet_ (cloud server).
+
+### Step 1. Create a Digital Ocean account and log in
+
+If you have not done so already, go to <a href="https://digitalocean.com" target="_blank">Digital Ocean</a>, create an account, and log in.
+
+### Step 2. Generate a personal access token
+
+To generate your access token:
+
+  1. Go to the Digital Ocean administrator console and click **API** in the header.
+
+    ![Click API in Digital Ocean console](../images/ocean_click_api.png)
+
+  2. Click **Generate New Token** to get to the token generator.
+
+    ![Generate token](../images/ocean_gen_token.png)
+
+  3. Give the token a clever name (e.g. "machine"), make sure the **Write (Optional)** checkbox is checked, and click **Generate Token**.
+
+    ![Name and generate token](../images/ocean_token_create.png)
+
+  4. Grab (copy to clipboard) the generated big long hex string and store it somewhere safe.
+
+    ![Copy and save personal access token](../images/ocean_save_token.png)
+
+    This is the personal access token you'll use in the next step to create your cloud server.
+
+### Step 3. Install Docker Machine
+
+1. If you have not done so already, install Docker Machine on your local host.
+
+  * <a href="https://docs.docker.com/engine/installation/mac/" target="_blank"> How to install Docker Machine on Mac OS X</a>
+
+  * <a href="https://docs.docker.com/engine/installation/windows/" target="_blank">How to install Docker Machine on Windows</a>
+
+  * <a href="https://docs.docker.com/machine/install-machine/" target="_blank">Install Docker Machine directly</a> (e.g., on Linux)
+
+2. At a command terminal, use `docker-machine ls` to get a list of Docker Machines and their status.
+
+        $ docker-machine ls
+        NAME      ACTIVE   DRIVER       STATE     URL                         SWARM
+        default   *        virtualbox   Running   tcp:////xxx.xxx.xx.xxx:xxxx  
+
+6. Run some Docker commands to make sure that Docker Engine is also up-and-running.
+
+    We'll run `docker run hello-world` again, but you could try `docker ps`,  `docker run docker/whalesay cowsay boo`, or another command to verify that Docker is running.
+
+        $ docker run hello-world
+
+        Hello from Docker.
+        This message shows that your installation appears to be working correctly.
+        ...
+
+### Step 4. Use Machine to Create the Droplet
+
+1. Run `docker-machine create` with the `digitalocean` driver and pass your key to the `--digitalocean-access-token` flag, along with a name for the new cloud server.
+
+    For this example, we'll call our new Droplet "docker-sandbox".
+
+        $ docker-machine create --driver digitalocean --digitalocean-access-token xxxxx docker-sandbox
+        Running pre-create checks...
+        Creating machine...
+        (docker-sandbox) OUT | Creating SSH key...
+        (docker-sandbox) OUT | Creating Digital Ocean droplet...
+        (docker-sandbox) OUT | Waiting for IP address to be assigned to the Droplet...
+        Waiting for machine to be running, this may take a few minutes...
+        Machine is running, waiting for SSH to be available...
+        Detecting operating system of created instance...
+        Detecting the provisioner...
+        Provisioning created instance...
+        Copying certs to the local machine directory...
+        Copying certs to the remote machine...
+        Setting Docker configuration on the remote daemon...
+        To see how to connect Docker to this machine, run: docker-machine env docker-sandbox
+
+      When the Droplet is created, Docker generates a unique SSH key and stores it on your local system in `~/.docker/machines`. Initially, this is used to provision the host. Later, it's used under the hood to access the Droplet directly with the `docker-machine ssh` command. Docker Engine is installed on the cloud server and the daemon is configured to accept remote connections over TCP using TLS for authentication.
+
+2. Go to the Digital Ocean console to view the new Droplet.
+
+    ![Droplet in Digital Ocean created with Machine](../images/ocean_droplet.png)
+
+3. At the command terminal, run `docker-machine ls`.
+
+        $ docker-machine ls
+        NAME             ACTIVE   DRIVER         STATE     URL                         SWARM
+        default          *        virtualbox     Running   tcp://192.168.99.100:2376   
+        docker-sandbox   -        digitalocean   Running   tcp://45.55.139.48:2376     
+
+    Notice that the new cloud server is running but is not the active host. Our command shell is still connected to the default machine, which is currently the active host as indicated by the asterisk (*).
+
+4. Run `docker-machine env docker-sandbox` to get the environment commands for the new remote host, then run `eval` as directed to re-configure the shell to connect to `docker-sandbox`.
+
+        $ docker-machine env docker-sandbox
+        export DOCKER_TLS_VERIFY="1"
+        export DOCKER_HOST="tcp://45.55.222.72:2376"
+        export DOCKER_CERT_PATH="/Users/victoriabialas/.docker/machine/machines/docker-sandbox"
+        export DOCKER_MACHINE_NAME="docker-sandbox"
+        # Run this command to configure your shell:
+        # eval "$(docker-machine env docker-sandbox)"
+
+        $ eval "$(docker-machine env docker-sandbox)"
+
+5. Re-run `docker-machine ls` to verify that our new server is the active machine, as indicated by the asterisk (*) in the ACTIVE column.
+
+        $ docker-machine ls
+        NAME             ACTIVE   DRIVER         STATE     URL                         SWARM
+        default          -        virtualbox     Running   tcp://192.168.99.100:2376   
+        docker-sandbox   *        digitalocean   Running   tcp://45.55.222.72:2376     
+
+6. Run some `docker-machine` commands to inspect the remote host. For example, `docker-machine ip <machine>` gets the host IP adddress and `docker-machine inspect <machine>` lists all the details.
+
+        $ docker-machine ip docker-sandbox
+        104.131.43.236
+
+        $ docker-machine inspect docker-sandbox
+        {
+            "ConfigVersion": 3,
+            "Driver": {
+            "IPAddress": "104.131.43.236",
+            "MachineName": "docker-sandbox",
+            "SSHUser": "root",
+            "SSHPort": 22,
+            "SSHKeyPath": "/Users/samanthastevens/.docker/machine/machines/docker-sandbox/id_rsa",
+            "StorePath": "/Users/samanthastevens/.docker/machine",
+            "SwarmMaster": false,
+            "SwarmHost": "tcp://0.0.0.0:3376",
+            "SwarmDiscovery": "",
+            ...
+
+7. Verify Docker Engine is installed correctly by running `docker` commands.
+
+    Start with something basic like `docker run hello-world`, or for a more interesting test, run a Dockerized webserver on your new remote machine.
+
+    In this example, the `-p` option is used to expose port 80 from the `nginx` container and make it accessible on port `8000` of the `docker-sandbox` host.
+
+        $ docker run -d -p 8000:80 --name webserver kitematic/hello-world-nginx
+        Unable to find image 'kitematic/hello-world-nginx:latest' locally
+        latest: Pulling from kitematic/hello-world-nginx
+        a285d7f063ea: Pull complete
+        2d7baf27389b: Pull complete
+        ...
+        Digest: sha256:ec0ca6dcb034916784c988b4f2432716e2e92b995ac606e080c7a54b52b87066
+        Status: Downloaded newer image for kitematic/hello-world-nginx:latest
+        942dfb4a0eaae75bf26c9785ade4ff47ceb2ec2a152be82b9d7960e8b5777e65
+
+    In a web browser, go to `http://<host_ip>:8000` to bring up the webserver home page. You got the `<host_ip>` from the output of the `docker-machine ip <machine>` command you ran in a previous step. Use the port you exposed in the `docker run` command.
+
+    ![nginx webserver](../images/nginx-webserver.png)
+
+#### Understand the defaults and options on the create command
+
+For convenience, `docker-machine` will use sensible defaults for choosing settings such as the image that the server is based on, but you override the defaults using the respective flags (e.g. `--digitalocean-image`). This is useful if, for example, you want to create a cloud server with a lot of memory and CPUs (by default `docker-machine` creates a small server). For a full list of the flags/settings available and their defaults, see the output of `docker-machine create -h` at the command line. See also <a href="https://docs.docker.com/machine/drivers/os-base/" target="_blank">Driver options and operating system defaults</a> and information about the <a href="https://docs.docker.com/machine/reference/create/" target="_blank">create</a> command in the Docker Machine documentation.
+
+
+### Step 5. Use Machine to remove the Droplet
+
+To remove a host and all of its containers and images, first stop the machine, then use `docker-machine rm`:
+
+    $ docker-machine stop docker-sandbox
+    $ docker-machine rm docker-sandbox
+    Do you really want to remove "docker-sandbox"? (y/n): y
+    Successfully removed docker-sandbox
+
+    $ docker-machine ls
+    NAME      ACTIVE   DRIVER       STATE     URL                         SWARM
+    default   *        virtualbox   Running   tcp:////xxx.xxx.xx.xxx:xxxx
+
+If you monitor the Digital Ocean console while you run these commands, you will see it update first to reflect that the Droplet was stopped, and then removed.
+
+If you create a host with Docker Machine, but remove it through the cloud provider console, Machine will lose track of the server status. So please use the `docker-machine rm` command for hosts you create with `docker-machine --create`.
+
+## Where to go next
+
+* [Docker Machine driver reference](https://docs.docker.com/machine/drivers/)
+
+* [Docker Machine Overview](https://docs.docker.com/machine/overview/)
+
+* [Use Docker Machine to provision hosts on cloud providers](https://docs.docker.com/machine/get-started-cloud/)
+
+*  [Install Docker Engine](../../installation/index.md)
+
+* [Docker User Guide](../../userguide/intro.md)
diff --git a/docs/installation/cloud/index.md b/docs/installation/cloud/index.md
new file mode 100644
index 00000000..c7a83d31
--- /dev/null
+++ b/docs/installation/cloud/index.md
@@ -0,0 +1,25 @@
+<!--[metadata]>
++++
+aliases = [
+  "/engine/installation/amazon/",
+  "/engine/installation/google/",
+  "/engine/installation/softlayer/",
+  "/engine/installation/azure/",
+  "/engine/installation/rackspace/",
+  "/engine/installation/joyent/"
+]
+title = "On cloud providers"
+description = "Cloud Installations"
+keywords = ["Docker install "]
+[menu.main]
+identifier = "install_cloud"
+parent="engine_install"
+weight="-60"
++++
+<![end-metadata]-->
+
+# Install Engine in the cloud
+
+* [Understand cloud install options and choose one](overview.md)
+* [Example: Use Machine to provision cloud hosts](cloud-ex-machine-ocean.md)
+* [Example: Manual install on a cloud provider](cloud-ex-aws.md)
diff --git a/docs/installation/cloud/overview.md b/docs/installation/cloud/overview.md
new file mode 100644
index 00000000..e8b3bb7e
--- /dev/null
+++ b/docs/installation/cloud/overview.md
@@ -0,0 +1,56 @@
+<!--[metadata]>
++++
+aliases = [
+  "/engine/installation/cloud/cloud/",
+]
+title = "Choose how to install"
+description = "Installation instructions for Docker on cloud."
+keywords = ["cloud, docker, machine, documentation,  installation"]
+[menu.main]
+parent = "install_cloud"
+weight=-3
++++
+<![end-metadata]-->
+
+# Choose how to install
+
+You can install Docker Engine on any cloud platform that runs an operating system (OS) that Docker supports. This includes many flavors and versions of Linux, along with Mac and Windows.
+
+You have two options for installing:
+
+* Manually install on the cloud (create cloud hosts, then install Docker Engine on them)
+* Use Docker Machine to provision cloud hosts
+
+## Manually install Docker Engine on a cloud host
+
+To install on a cloud provider:
+
+1. Create an account with the cloud provider, and read cloud provider documentation to understand their process for creating hosts.
+
+2. Decide which OS you want to run on the cloud host.
+
+3. Understand the Docker prerequisites and install process for the chosen OS. See [Install Docker Engine](../index.md) for a list of supported systems and links to the install guides.
+
+4. Create a host with a Docker supported OS, and install Docker per the instructions for that OS.
+
+[Example (AWS): Manual install on a cloud provider](cloud-ex-aws.md) shows how to create an <a href="https://aws.amazon.com/" target="_blank"> Amazon Web Services (AWS)</a> EC2 instance, and install Docker Engine on it.
+
+
+## Use Docker Machine to provision cloud hosts
+
+Docker Machine driver plugins are available for several popular cloud platforms, so you can use Machine to provision one or more Dockerized hosts on those platforms.
+
+With Docker Machine, you can use the same interface to create cloud hosts with Docker Engine on them, each configured per the options you specify.
+
+To do this, you use the `docker-machine create` command with the driver for the cloud provider, and provider-specific flags for account verification, security credentials, and other configuration details.
+
+[Example: Use Docker Machine to provision cloud hosts](cloud-ex-machine-ocean.md) walks you through the steps to set up Docker Machine and provision a Dockerized host on <a href="https://www.digitalocean.com/" target="_blank">Digital Ocean</a>).
+
+## Where to go next
+* [Example: Manual install on a cloud provider](cloud-ex-aws.md) (AWS EC2)
+
+* [Example: Use Docker Machine to provision cloud hosts](cloud-ex-machine-ocean.md) (Digital Ocean)
+
+* For supported platforms, see [Install Docker Engine](../index.md).
+
+* To get started with Docker post-install, see [Docker User Guide](../../userguide/intro.md).
diff --git a/docs/installation/images/bad_host.png b/docs/installation/images/bad_host.png
new file mode 100644
index 0000000000000000000000000000000000000000..cdc78defc551464b2e6a9cbe4cca772dca08c0d1
GIT binary patch
literal 27367
zcmYIv19W6d7j9-^+qP|+9ox2T+cqbj*tU&{or!Jx<=*?h_iEMZwfdYsUA6cAYWqaU
z%ZkH7VL<@_0l`X2h$sR90eb-f{iuTY`F({z?X?C7$g)~eL{Qm%?L5aOT6x)H#E$w!
zxI!w0Nae+_Osbp=%+I1&S!P~zJgmf`SC)D`+1DO<K~-|`S(v6YMi>WM*aj0v#1go<
zuQ#v(!7vCI1BRxygJGh(j+@y{_tD1H3=M6m*6FhC>9XTB|AW_zL~3c$6HVGE<EX`K
zn)irv=5E7@XZcp|XfnF%&G(4;>EqH2?`w&l{hXhHMLYX@$fJlVe9z={P+m?ZQ@=$;
z_gk|FdOqL#fJHN&{X@B2ExRgQe0+Rt?2dAZ$bx^S8(2A#O+^33Lj3#go;Z&ydkmu*
z>c9Vja<B)MGbUTwa#R&c{ojux9o^iIr1R3I4r>1Q`1oeN-E;YfiSj?|e$Pv|-!gXp
z`_gvQ=6s?E08Fgg^>kgq5oD7TWu|GPmj1hLB-7f)hWF_LWw#OD){o$%{r8u<JJchS
z|1F(+)EfX?7|Sgw#1U_qyV+6n-+CK&=bIf*m&J-hW&d3Wmo{d;oxY3TM~igY*DY42
zLX8@_yu2(FkGmCI?uxu6bZ2nqahGsccGnmCXNL##6S=%zm%3C}xhYu#0|Vr;*?-TJ
z_YQ9FCnq;HU>46OH||+tPF7b}+g95$IJp{_tAiF<9r8;gFQnmMoSdBI@2~$7**46h
z(x0^P%oi1kPr$aFE<36)LAyt0jD^RHza(a8dfKX+@_NnhWAujbM}j2D7r0oobTyWh
zo!p$6@O@4e_5(Bj%Y<?cJ2{6`OVifEhU>WrAHOH_PiO!I%duf4sVl|uAGh0L=MVM{
z_7B1kFrDb8!Dh3yWn7J~rYgS=a4UX5z972M37h~g2~xy#tgNyW2j(gR3=y(pOg}}q
zjDBHwT9Y9}AOnQ(IU8I71r+1zZ00CfevF}~14br8?Y%TkFd}+28&NckpgydH`<M;}
z(c17*CXklCarQnE8Ui6FO-u9`f)ns0%%Cj=33*bZp#Ru#%8TY}V*ENLm0_JBdCY{N
zi-lWjBSoxPNeLG>_e>7=h>?=wKM0hg9370i-{B9Jk&#)5k~u)NDzxA4>Q4E(?n@*^
z)_a}vTV7N!pB);V?XUaD5ufwIr?!2nW_Q04jQl3w*nDS27=26Ub8TR2_^q?5=S$1Z
zH&rNzPAoLC1+?A3-u^nrZ7U-?J2#wMBwGYb1*H(MyMl!hAsC_0E=V)%ZvewcAB7SD
z8wlc8Sr97J@6hZ(At|r*LqWD{Wu;Ysn36{Leph|XK%&53JrLLk#%QTcv(z19_fw2Y
zOF=_|PC*jJXon33OHvZvB?MPXl#9^}lTD&rJ?*iMhBlI{q?F7<-`(2XJ@TJ(acfc3
z-R(=rxxBqSJ6mfpUlN1Ot~fue=tWgS7O}JyP!IEUFZX#=p_ik^z!WU3QkH2Wt`U3j
zad9%R)ft#Th*Lh){9;4IuJ_XQ_PD`cqi+lmwyu<IV`Gyc9m+gU5G$fGs)z8)3jxbE
zkCuS~t|d*3+)-8*MUwQ#Z}Rg-Vxb$T2!><4b3#Y(h7@C>ED@(2;~X}k4nhDBBi%Em
zFgAF5Dq8dG_>^?-;#4ojYf)5&0S-YIM7|6v(+_s^2^e{Kka1jz84(u?{JpsnGBWpX
z+LRrrzG-_Z+2!$mzMi1(>2x_;vRQ9dm>;f(7~<3h2Bx>w=SKGNnCM4<TQt18>QUc_
z?e26jfC#g!v+{f3S<g70&_WBf$I#_DSH|UXrl`GiUL5~SPhuvE6hXRqTB@=aA9g2F
z+23EzSt;<TgeDAN#9&aJPN%KmAZf~%F^$Sh99J)ZjISNf#WomZpvcWn$4JYJBrqZ+
zW`>18|3fM{B%6ys>^a&5jB|kIK9(ZgqMeygMtHnW1YmF!s{*`@7PpC{j)*mL+7V?<
z-Fmf|T}C&U%``VRzjpIi{-Zv6I9;!{bZmahQxLG|c^sfxw*DE`H7d_UA;(|chv~}P
z{T75}owxCwr?AS<*gtf>jFOohFQSkObHLCi=I0Y`KVf5Imy(xm3fj?hI6~w}1V=O8
zz6f_0@w}Z~&!7<d5*CQYMkEMT8wfj7dy1UrSG^C}a!-|^3P(|=B*d_VV$_125GzJu
zhmoNj1UsP^hDp3fGzavFvY;lB(CQ!>I6h9Gx+yr3A?S=W)^Z3VNb*Ug6pMy>DQtA-
zPp*i})wVarX|L_y!^FYD!^h1saKvYIweh_c@663Yfa!{!8kVW|50a+?oI}GRF#xt+
z&PB>Nn0Q$E3dxxYkQ0ZVh&kwV+VT7U!gx$En<%f@diD0SqQ({&+{TrwZn>Nz%+mh~
z@}_UfGBW8Oq~7x8KkNTrZsa21Z&a3WVD=lBC)A3&-0n;I!t&=vi&l$_qA7>t)V2rm
z)jvFV$!9>MNtIE^Vy%cagQ!Oo6`-~;8?4$AgF=dsDHtYDafma5X)54|?_z^s*cX_!
zHW?E@O&R|_QQQ;O7Z|{$(b6SDd)VJcfP`_3z)VV|*pE+gQ4EwQAn}p6u^<eA@&Thm
zOmb=ocea40w;{^iuiM$#LB#qAzMk~b-R(@4b>rl_^mK>GpEP0Slu@aC;>?#d^+VW$
zf6qwf=`}+djj7F=EbH;^#hNc|4E`P-B{Y=2vB|~71(x!gFXMJUjdy<*g2UtOlXN*2
z$;w~@F3LKEU>6EFDu$N+_W>RCqiS}2y~FS8^W=omin<>-Ww%lOz<g1CVeWGCp+z|x
zB{ZHQS)C;bu?mI220@j`>*uR60ihTSAxLUk5^EhHsM^s%qY^^W#HchxG4axDG+c_<
zNz^PRK5a~N>K~(&ApH%Z0eoF|N0)Nh=GVcY_A1e8!G~f|XTw98=p@Tf7)5(iA~!D!
zn%MP@Vo92c-wqagWUXF+1_kZ)x%2%6l&^I<JVLypz(N_8-65Qxb5BmkvUI+DInxJo
zt2kUJIwx-@D38)~IdX-9%pMjcjwjk|<hkngC((K12cCa&f<S#kBj63u|23jtIXWG#
zv<z#@%VDu1=C&)f0hw&6Yf6hn9A00K2_bTe4!_Z|);_NLOHVnJqdqEV^|YRqal?kF
zrbUPnq{vFi$VCN%O%#}#t>X#7`V`n?$u2h9qP89P|F$Ta+jT&S2^05|u^iO1s%3u7
zzl~cJqD?811r@RE{9V=i>?Fls?FCVrVLi7z#dR_p+=mnLZmmm+r4=`Z5RFl&Ou4b*
zKI^=~xg7bEI^w$MvF+31<&^VeJr8l$m|Dxk9G7jL#GL@PI3z8v5GoSNg0Hz|!t`F`
zLDK2zn$c2l5Sb!xi>HV^5ye24ZxYE)3)_%_-C7LGhP&d%h96Fy;sAiQPxSy<e&l_4
zsj;&xqp9lgcq#|ybw3}wc(M9wX{_(*xTI&(bG?lzE_(W~*U;IlZ%1{3=X<WAg|r%h
ztM)KHsW+ikrO~VNei={Me*S!X#0GSHeZJNBF}NC8cvn6?u<K?$RVSpd(z{xizI$3(
z5fLF^yP!Omkzi5*zV8erDU}&ViXVsW8h_p1pUl5(>8{pH7R|<vO7lySM_t~p9*6{!
zeJGF1y|7SbI8(u{qHJ0Fm?~)}La5-pZ*6@piR|tUMS=d~Y`p|i%EoV3TH76Y*Ax~8
zv8BdoI6U@T&-HKP^yh0@Up_-a`#Jri2WPrETzBl?cI4Gz&hhGiaR|r^gTbYKK9JoO
z!3b)Agt1a2vu|&3$~kOlV~_^nEToEFYIC)0z4iOWjN4{&^TLgxH}hS2@LMAWpv2k~
zdALr7f)JvMcHN+hQD6{NTDP=ai8Lfd$nm)M-hEPrkoC(yliF;jve7*(v8DVJ_EfeZ
zp#lVE{DiF41SF~0o0Zn_H8$=709|HTQ2`XwCPx@4Iy_PY85D?4QB+nv9u}7rnI$w;
zE;&cMKHcZB^*2rcqsRNgN%~JvpBHw18&jlZr=DLQAFm?KM=S8=AICnak9`7$BZsA;
zA-)G@#I_d0x?WDjPsdApxEEFEnVCo@1u@kwIb1iFH%22{c05kU8s2)=IF&RP`w_!o
zJulZ&0BRkqHswy9E1g2q(<seM$i2tMW>)^s8?P%|*4s}}@mM^KhC}glK&Y+7-By#k
zP%vBE?9_Vvd(?7F!MQByJnxt@Q^xrHvv2)~Tq$DG7+x@m57T3j=iHbw)>x+0D=)7k
z=0%B&e0wRm41LDq{Hik=q}D%Pf3jTq?tXY2e8|C_M>CsKY(PMOD8+Oi7KTLQBVTj*
zS`9H{uyE5#w=z-F(I3m6*uj6S+00Y+*Kl)K`3D!$w?SKi`O;P_Te#U9;Zzit__ejc
zmrnt`fX6i)X${@)*y!^X8@c;#-#1P1hfE+ae4}kHwCG;7`W*nDT65Bg<I;75J9E=}
zx_p-R?lg1rjGd#_p<APMJ6nzl;8Ab4^jn5doY&@US-WG?!H7r~GuK@DSWWX=v#mNV
zCbMY4;*Qkyu6|*9!j@R5(L99&sNx?}g$%A+O>ut?IMIA9FW>GJjB~+v`*$LreqNY=
z0vkn{FPUjd?U>&QuYCHpkyoxPdyElz7xr~o;oabD>w4L*&{pjo&BXt}dwvX!QnMa`
zV<|rS+?%F8nBZ3RinFzKJ30y&>k%z4?Rgr}^WEVAw9ehayuN8Fn_8+NpYdKr;3aGB
zOjcxVue>kdGdi!*P6fY|b{2PVz1~{%u%Ja`LeDlsXr}sB`KCNQRG|}D+3(}!y}cjF
zyDw#8U#(@#%f!T#x-YMBujjh&ddYpf!Mk3rh;D`NC+f1rJ9YUQ{EnAsbarupgM|-S
z@ravpKhUW#SG150jw!`nuF>;5Kd##o-}3U^Y@auil?!H?&K_@_r77eeqcUJ-PT~>b
zk>HUHf@>yuad1y2O02`yiHH>u`?;&sXr}pzVL+2{c`5rq;)7DU9YY}MdwVLFg5*yy
z<WTG9ALN2^`s<$n<elE@2upj>W%GtPspciUM$!!DG&<)VkR!`waRHyhmP4X<Zh_k(
znbqF3IT$B-;m&1o4ie1>@q3E62~vM>Kn!C7%!q^_aTYpYcG2h9AU=3Ytv$|Z+BX{-
z$#{1%_;aZ{fMHnwC#d4em)8uZS54Q_npKVy=7+{xu9F>&rIi)G>a<>04!2wVWQXY#
zR_@@-?F4;;UYF-XC@i+S020W(ls0IgT4=)NRUZw#?@u0~P&zxWPA~S!+g<WrV&mi6
z=7+GY01e%D5cgo1m`}dH(KsCT{vF|RIho7XXtbmPl#)<4MZG54gcAaeOEufQarn8f
z90X<yzo?Z(TtP=T{FL(|O+%M_h+B;`N@a$(gGKr79<SAXy&EqeEqz^h$xHe*N?*ES
za$asn-zL7uAaZf^*%qHp<I>pUs9LykyeOV`y^t@lV-@t8Y^Xh+cjdUvrUrf0|GMe%
zrq9H&RX(2)xF5@(EUftEXRX7<iG-XZjUM~4oQyriTk~etD3i7DNgLymC!HL)n`f0L
z!wIo{J&Rw-iZ#&I@FHxqmFQp4qxr>3o%RL1yW1|e1pc++=T4mb42;mV&61uxZVw9t
zjpCABD`U5RxS!6igERujROqg(cnfI(Il$;jr8u5_qOd-1Ngp9~x}X=Qr?1^#5VY2K
zkR>eqrhTl02uuN03_3u6<P>`=_S!Vqc@uVgE%U|Vp1W2?;PIN|63R+{-@iBGyUVcD
zd3sl=s95jzIAg0y636#2_IA{E8e6Jb-(IkW8AP25j#+nyV`~Yepyal<W{6E*(i~EF
zC?{R4@l*T?cAB2L@h>o8?M!uPY?+yw>R5p2Ff<Nhp9*EemJ2#!bLNxq&Yt$GetsI}
z6=>_WuBK0$+6Swjm0i9(n@|{X)<$NeKQ<);U&R?UuAiOimc}1s9!Z^oGd90hIFK&(
zYy<UO_>SiX2KI&x=SyVJq03CF^?GtkyK8hhQs3tFc)@dHK~5^m%62Mj-znck)cUUa
zR@&j>I+X|1*eZG)C4=btsq1hr&$ybeNW1GbK2iW!&WO4Z7y0M;Asy&9DO0C4+H=36
z?C+m`h%%k_a=V_V=jCy0_;3_DZ2v-06b!>#5aN<pu6k=T%63BUNnrM@4-`ykPR}3)
z5GXbz_cZc$zUG2P!4dM-@8*KiJ1ZMoblfvjCEGM4UrUMWK?RZ`-yR4bPv49L>07w{
zFxg>m|EY#$^(=Vpwk{Mg7<=i#^!&!oV#3SafdpU0%pB&61TrHhkjUb)Qg=jPd7*R>
z#gF~|{7YTUnRGHPk7A{WC7W}u)9vkaNNyV)M6Zm~7->X<+cZ&;yW-Twr0s(&RbO>l
z8Hzf;EJjJwuw44wN6IncH4mN0{c4`I=E6p1W|*$&U~yrZ-z;ZgH}vSsyssdr$kll$
zjsL5kkh%=E>bXRI%x(jl!@I!(3yZSl8bu>L%)!vMF?0Ofr^SOLmAtBy-Ip997bEx<
zU@1HU(g*JvCwSS2+WoZhgy-d^#+w$g{8FK+_H?*pqt#|9$M>+WB*(kh`qewQQba})
zdH|^I6?lk+g=NAna~Np-!)Svlx>#XaDN6642FqVXTlFri+2ASzu!{0xqTrM)z_}*#
zzH3pFiQIL%bMlUV=D5kna{2qz9g8P(;3z+7T|y7&V@jG55|}@si3h#+b!`N5)F|^Q
zu`q4$v55SI8JXqd%nV$;7?-p+5_hrMApZH_>Hg2yupS=c+PXcMSl0ci%uATV^Y<zV
z^C)5+`2FKB*@WrjrR}AtpmCAQAW78OhAOhzLC#${;?L`%nqCLYp7DbEaf~2($LfI4
zCRF;Wl-X1oe@`tjW3$am8ahofy|g8F$2r~7VAO2oDqZWztwxrAB;xq<{G;SbT)L*o
z!$M|9kO^+XeRQs-ms)LO6G5l!f!da6h~pgNH0eB8HzaMYI?Nsq!|Khh89GDZp5cxA
zS3>uVxxJPErSqTm;Y(pHeE7@XCkw+>6Zn%^yMh>IN&z@8OubRD4%71P?=y#(0IqQ~
z&0NxcO5Bu*m%ahmnk63M$-5J`0cb^~VW~&dTMNT`q4x{wutX75vSDzgDw!~Fv34~f
z(l=68neh<Y{6i0!cdluC{zSYA3g9eeVG!@DfHEk$sEh2$Fs^ab3DR8>%8wH{zs!cI
zv;K-l(@pHG7HcI)O~`HSt?k;cm!sVErZ?Pb!ZH;Nl8S{5D%l@d3#|&`6%r@vA>TSg
zgU)k^iCAS~xC<7LM#sCby836e&DvsW%Ln#am7RZiSVpG5r^}M0z#w}uPvc0~r9Z!>
zrlzhgVT7o7C;f!aoU~I(-K2zHm^x?d@v+pY^VJJ;=3)LqG?pVwwuF6zdjd$yj_a;3
z-a93!<FDMmGI!q)5J09!t3MYLb=oTytV<f7Aa92fvxS#OuCA$x+gr(X<Uh4>w=kk9
zB2`#imy|AuPP8m7Huc6F9{c^L->dfL&_K0wSUzhQg$><#<FIRWEBW*1^q8W#ftMTT
z*Qcpn8O~uy0BF?KW!Om3DIRp7ol7#34&K@WKXzuQFz+*0#aPf1k{XXXHVFSaP&XxM
zJ5TllIqtmWKJDb!*=8;SjkAphNa_+(3eI{+o*f%ZiZjdmco$3y>Y88V1*2jX=k3O3
zUm&_B5;tvj6K`I!W{86<X878<L4J=1@>TKg=Md7(q>wphbZ@7=xoLBKX5_9-y<q(Z
z>sI_s?gK^W?iQzd4DytWW?bykwK(Lp!E1&hD@RN38K*p>M*T#0bL8fS5n&T@HedAb
zl!`nnFlXaDZmfgmgye)9AH9;XsWL~?$0~PVO}8q8BKt*o8~O9vFcZ0&hDzDF`&pHp
z-_iP-xe6n?ZqtRG?RvY16(bGL>oKuG{-Da)3E%5(6n(!yine6_AVRm%$ECC8)BvLk
zj+IHjyjl%b*-kQd(BBL|Dvhm`4Y$kf!iIKnQ<u%nF1jLbmnv|Oa18LFsU=;AHiD=N
zODrlrIiE7|QE$H|SBmVzqsd$sW~(WbVrFqhVeTq*B@$icxG_SBekx2c(+N$#GkuJ+
z9@zi|s{)&4j{On~itFHimIZA0VOg(7UBV-AcY2|?kAf@j__SF+dqYQbC?aKizEqCd
zMu$}i&<BNA_}dh6xe<~Zu0FZL^<qXp)d?SbKU$G}&&1dadV!;-)_Z(+$$9a8^$6WX
z(<HL&LGkOYKa#O(4jZrV<p`SFv?Fc)832ZpddW@bT(T1SZ4rED_Ux;ye_lu>4qt)$
zb>++L>1ZuosBPoY@Tvy~!ge<x2#3*Eudx>)8B%oK+^Yprb-%tVpjDB>^C2qV6xaBD
z&^^jDG*n#AsxlaKFifw42(dc_*Q!lo<)AQ6;KTS2zHO=qGinUc*1RL@gn9XG@rhZ!
z;HCY^p)M&~+rr(bE7uZSZL9=P7spk8R@8LP86AM2Jyp6B{NANcH8$Nj=tnFgMOPo`
zNiwuA2zE|=q<=G0#`&yrz(6Go;Ql223rF(17+~|Pl=r&uypYa#NUU}dQ?=f*yy(z}
z^>pF2J4WvNeBQ8OHx2)qKA5Qakj6;Kbn7o&!D*9PiWK6YZm_2QE%^mh9ij-AY^h?8
zr4E(Jcza?*IS!_!Y`H0^PSi9kr9JMQ@|@2DObRmmas!SQVKp^$_%J!8k;(fKPp1=Q
zILlS&{PQURDzEykd;MP&z2a@FzsUiG=qjdi#moruvAow)Fj}dl15V;RQ8&bR{|@$e
z2VH)(zH1vGONF<`3+z0M!sy~17$FuDvtZ~kBG#(NS)B0j0QpLdhDWuY*K0*Pv6wx^
zC3TGzRvhYGd0}aL647y}g~7Sy-{Imrw5Tt`M>!SH$)XcOLX+zK8|LBgs$t^81EW9y
zFYkJUdH;FR2%MoNGUd8(Gczc}KUk*09F%0?{U;|Gw;^Sy&_koes*~t+60pEA0GW+s
z*Au}KqzqoTyB9?fiXMPWN(q9FhNZ0Warz(w8rnoiEkZ5;mXq)YKnsa8O;b5D_dDT-
z^@@7eu>dus2=O57{Ze6?+%9d2CQ6;JeOf-1Q>mSf#n0`Wu~4oSgHODBQk_irVh#)Z
z)C=LOA<$j8O3Z>J-#2MWkkyp|b1-EciC3ApMvhBZ(uP8V3`=1_7L<yxkgH8b`Y;pF
z_xZT=czAed0RPX3!v;+qt;ws<KUM|L_BWflt~lN>u`btJNLEZsJaEQRU0soS8K0Fh
zOdzdLt!jJcW}|Wim9R-3)~2*E+(OHUbg;QLM=FW17?-jO<e@*?jJk`3G06E<L<$mw
zr#)G9Jwhg!)?AQ7;_hN7R1#+dY7|+g=B_`|nW?_3&as+OBxc^ZX{^Z<|4P`Q{-+M=
zNi7X4*TL8}Ya#v`INkgAv-!;rY{$Q9%P(=TGyH*u{WM<cyjKC@{iIH1y6U7zY7@x^
zF76g=Nr|GaEX?)_t7Z+2MOfqNp8EC(P~7|9S;w6nhr(WA77g7FSALGZMe*Pk(7k;?
z%|@7mr!8Fd-_~eHZ(>!bW?)iDnqM}s{&wl<g-!7=26*b}>aG!@n52wG9FoBxlq3=<
zu1}W&`Y`ulL9u@Zv?H2Zh00iXxj3^1xdfNT8^yTQ+)D%Uht>@HS`Uk9e6tZ?d6-ad
zh@2fYLj|>}x;OV1Z~&cEidp=u+nbwH;%7X2MSs3)6JAf3)z!8Xg)~{EZxqhsAA%OT
z_EL|rv8E=AIXjKX!cNz+U@P_3mE%X|PsOn%FQQX~|5tE$95Qu#Sd!#!^Si+&?Qu-g
zdo5hgI)ZpwnsgxyV6Ac2;pwR?hE^e|5DF0{q$>O4!?m%4DLajhZZXPD!6X`@O3x6f
z1c*|>)HLx{g(BEyqd0PitlAj)9OYaDjDIEWX&qnDh(j$JcCem?Db*nn8S{S;Av5kq
zIv$e`Moj)yeYZGJ>gX%GK`2%%n-mB5GJpJZc6D7^T&&Bi{aowan^Mo@zx<yF7#JD*
zbf9?djt{JW4*!uuHu#9GMK74U*uuKq^32z5<5E9nbn=LF!GR5`Gia_bF{ACKs@NaK
zS_~bXhZF^hNSxLAgaVvU#c-u?q!7r-Fg!<_?}CtnON9Eu4u377l@22;@#{5e2<qjD
zekc~vk(@OGaijY%`0nW>OKl7**zZ{*BM`xC^Sm_~$%{0zY5CA1@9B~A70}UI3E!#S
zF~<M#6~dkHDL0Mcw>B`t2xK+i?z^gK_O*XNzz--{9?-}mcfbctq%#fxIFyhitU2}<
zjRK7G;2#koRw5f>u|JXK!-^(_xP=n<wuT`g_P?SqWI|cD;wh;MASlHq%`@PTW3+}S
z_%;{ZQ_GC}xqj;YE~HqB#oAFhtmP=Av|)2c6C9+&q5hfhwqPq|>HXUs59B)(Ga@UR
z|JU9P>>)w$wYu~zpHm3l{2rPwJu*}?0frjaPnO572q|wJPm4#Eh^h-kGX|FJ``yeH
ziL!=(L%T3${wtd#kSkw+f7m7kQ$xF4qEB8vJ~f5##?U^}>`_|9r4*y#+`~e%4#}%A
z##BzcL21%3deY(tc!Uzq-)uA=4G=Q*fA~hL;CZ>=ZDpm^G&iOrg8!da=I)IX=+Z)W
zx?T45H%Jg~1FkrrSe=w)7-BJk1(y`1U)c^Z0F^TmX+YCmRLDubsJQBwf{nOQ0t3=h
zU88JjOw~m0d4SlaMBw)|;rtK-kvsg7M7*IGdm!gd8o{w>C~ml61%ynWV|*QFW-wN*
zJ2ItktMU9Uf$NW#1zST)RGY&iS=dMTYk_B%|BM4(nt=T)OAm{$=Vv3%D$vLa=h`Bf
z4W<))tS$Fmu-Wv9e|b~q3}s#)rR^+F5EZuAk?!&I7+V<K*6{?QJx9-;=-&IGcMkmI
z6fw8}j&(i1S*%`$|M1v;GE;0~>reC%ifD@gJPr{;5)efC3$~UbEFtl1UuRhvPZ%n=
z>T@(9ePOJ8!Noc(a&bsxR7DAB;e+Fp`yo*6Ftm>HBy}u`LK3ZTq&EqUCA%QR7<F@u
ztcXEw#9CrQ+&R@bk$t6(lQKr}V#mmtb#h;Vudh$7yRw%BZ%aPbyiB<ZEG6ju8grbs
z-9#_2d<I})>g1eg4AKK!TFrbz7MKv`+0rr-9Hl+)K^*D*R-hd95W~1~RkGw9L*;Xp
zSe+qg#Lz|l?Pu8HAhV4EqjV0%Oh#$LwfwVw7@+caWRdf0WfM$w5ezXxNb^vi|CXF8
zJyiN{2YwJ`puxulv-#9)DL3k=-Vy#|$0O2G<jUrZBpwMk%?I(gcPU1e!U~*X=ey7o
z*^DxpNER9?CsG}iqae_)n*GFd%6s(y2(`&5uS2)HcBAkkrXQ)ClFGk~g`)R+{nahj
zpp=fJ7!$nCervwm{(q|f+rkH75n6ckNs}Sn>WFku`>;g6*lI|r1ck92kL?AbUoa6~
zxC)>(It8&m5z&0enM4kyapFGPDuzBoZBLcR%yd|pCO<4XGNo|KgaqhII!JhfiIiAm
zxFVBpo`}?-4Pg-ss}VEd&V8}Wpt9<%|5r7J4V7d+-U^5ysh~b>Ae4;^d;}{+f!K_u
zuu_%?^P#WdpRS>DL(Jh~0?wm&UU2G$UjdSd9Ci|nXhW93gf^~dHJ$0b1=B!Y35@)f
znW+wp47muw23Mv7HA<zx{}bpxq;>Q!BuDO`EI-IKn-RBoTLuV8?^95Z1X%o$Z^T$e
z;<hX31IjP2x3SJnMbJ%5R1U}VlRee6w+?hN6F{P|!ubnZQyo)obT}6|iXc$}g4Omc
zS?_5nbd-k(sg_8B=V@3?tZ6RAf`o}Zh>gk;;-sfzsqWa$&ArxQQ?uUL<~ngmtHrix
z`%{a}uDY3R*|uC%v%@6n+>+g9wb5h3^f6ir8}@u<zPu`hZm%ip4}w{ieHa>U=J6PW
z4&s8LtlT7K3T15?VrLX;eYw`XHgx_SAuX0V=W@ZNvU~~$rYJaX=pRFj2)X}{B(=n~
zX7-k*7Pr=dw02*=dS2|d110DJB-iv565-%-8ZpG53&NNb)GSgQX*k*<LK7&Vghu&B
zwdra0YKn<rUa#aOv3bZ~eJN6jc15*{CPJn^-G&k7Vs8fDIUsVF$xKd>h_fk6isBec
z(P%-kQxomY4&|9>B8Z1JKmmoP2d9e6<9H`r^)>kp&if*D>NH;e>avaMzgK@pM<aaR
zo}Tb76g2gE_*ZjdHg3y6pYwx4neDei;3lN$z=GBDcLou$CB-BRGeLrr?NJ?u8$;Gp
z!-Hu^E!jh|@|BxLNcocIP4<dLSE-X&pq>e&)pkh5qJ`>A2W3VfX~*s-1w~>Fxx48~
z+xMq&$d2`i@s721EZ2@pN<Q|GjqrV+cQpPpN9)+{tT=h;&qJSNIV8(h{{zSm!F&-A
zAwkkQh@)z>32atHWV$M;x;uaFka)s+eTG3axp>{l6sOAT5uVQQG0_=yio)MJ{Y^&g
zont@VkR%-suf@p{{VPC_b6N%ZC#A!ccMIc`g~al*+vuKC_9NtEF(1{LU0upDMA%!{
zoC2o*%elB`^HwBV+S)LR>HI&w$o{||RS?vrOTFpuP#&zsK#z!)zfq@3joRg;L&FTA
z4I5%Grrw3LN@H$sEril0;s;|G!uL696zLZgGGbecW&(}mpeht62#5ID60DF+ajYB!
zt&lW!jm#{b0GA8cO-(odH9~3Nj~od~sPhkp4pU97F8*T<d|ZQBRnt@zcnT}~ncU;-
z>@4#P&)xL^{1^3l$`7B)>i8HGA%#g?{EeobCSSdYb+4=~&#&HCUhu88hOa7KaMw$l
zay#=fJL}aO-GS?fgfAyHCMLGWZE7{X>t5ieZNIOe?;7E8VH}>hbthB-YdXG`Q{@Z3
zQqz-5^-I!H<{Q`2yYNhj%1D+|$RB=?0#pVM%pj^hRIMAWeIW*m;2$1hLOB6|aJp2|
zP$LrOgz<yKg(#Cu>tZ51v3((~!PZ2?8?=IOa0MevQ))CoFd$Dpf@+ZSM*&@FJ;u;3
z1fgWXk@qfaJeq1YavhpVKbd#u2$v#92_B8sWQ8{!Yv2;Y#Y9mF^8AMDEVJxCfQi$>
z?s=KAbG=w=G9F8$)oT8DUGC}T*|Sc-GIKoes~-^~XR}?oe*UU=JG4{K(daoUee$^6
zw$FR|wD)U$Iw?)^?RYy`KPkOhCtFkEieN01#Nj5Rf}_A15djrvh=k%`-~bx`6$mpO
z%_{#Z8j1*tRV~0El~92j<I?PcI3+PLv1q;fgUoEP%;{0r>!N9St;78>&1HJa>`y_<
zwy)J%<1%NGtTc~tL({X|>g0^b+1e~RN=&78+wFit=7^i2NEKv3f@|i3d&8|%Tn;UO
z!{yWd@_@K4E$%>@E7gmU^~zB5a_IhjqI5cKA1z~E_P~HVC9p6dq5}+TY@CDB=k;Er
z!PI80(PD2nhS_YI<R-^IwW5pn)^qF5M1h}j6VaVVuiZ$=C%0?r?g_Z+Z#C#hJYl-@
znK|%%K>(TqEbfBpX!MPMYMGD_n_FPJKBTTlIN1=16sJQsutDviG`LQX!@hx{2<myk
zZ>4l7m84<6raxso*#x$UX>di-_f{8f`lTeJWgHCGxzNKAd_T@O=xTA;Cl6Ax*zIy}
z`l8E}N~hBqjqVO<QBhOjG)6;mt1q|<AUOChu}o*z8)YVN&nXnNH7D6niQ|y{Vn*^r
zK0ZE(xlW3bWVuf6^<uJRk4p1=$1l2`pPxfRLkSWmBZfqa&o>5>VTBUL)IghosN}Ni
znVIGS<neu2>~{J=^Yfvbf>>~#PclvdfAvxq2>$&!O3Z<kAwD&7OpM{JoG9FlwXGLC
zKlmqn`Al|nYAwf+?Nonyc+(<*u`FwEj_5IGrIp-8$=mX|xz&Xm{+urx5z%SZpaEQv
zczcm`cC`6I>u53qcpT(|UauQxu+4aEE&{kpOLjdg6(ru|dT%N+*tBMf-4Yp8bFJd5
zF-5RQ-^yHmY0(JiFe#q>?pp%y+Cpnxdj9GTBkPA3zmz)Xe6b;-w{GT)_Bp)DCf%!a
z8(zQT_{B?|4iyPBS?u;M-N0JsNOjt9%mrHUFt!4mpZ@F0KcL#=!E@2g3}z!ihyVa7
zCMH>oRX@Q#qoP?_)J_6pdfYuwBO?~nvL!;ub1`08C6PU4>$=rcTCK-^X!`fhryjp=
z#Fofp4SS3ykM(>$)Tq_G4j$NFY;~Qb^}Lh9V?K9;nv4@f*cZgwZ~!6!z=-5ER#E`&
z%bAz&4jp$nbInXRE|)n;@*L;a8gWrk(TIo$5-BMuCT8X!;_11$-RfLEGLwvr_5G4c
zG%w(?n2dTOqdn8fXZ=3~vpL*_v}jQidj?v#aT6wW$>QQy!EzSf+S%wUd&QYRP^OQ6
z&G!rA_*KL36Lu=5vGOX0@6s|Luq+%{wX%zkHp@o3SMbz&t|Ux`+ml_G4NIrF-cR-9
zI@_q6US5QhyvNH-5*Q5-I|kUVY+X2lej(P*g6L%NeRO>*y1ctYQh<=Ku#utR^<Nj!
zor!^y{RkjhH?Q@M6iK7rgP93eS*DAR5Q8HOzC^q@HS8wHpS0HpvA7EK-OsyMzU&rr
zSKcI&_%gXXoP><|&@sM+Xb_D;$DlV5cSGPv_Y&AP3Wq}oH2%v0zujJLug8)~XAx_<
zU(2m;BEFF1hIHxfA<g<8oqwaV%M$}(B{_iZiArUjARIKt!Z<qPge-77k@YN?PtMRY
zB&U}1t}sTOmP;GBD?_t|P)ijdV+hr|2NMrwzUal2;(uO`@H6-Zm%J3;#Qijzv;Vvf
z+wS>%U7%Ddc|V}{`{Deiy@!ujxkLRyu&}kctfi?vOxOB-)Up>ASeh)atS<iQ<P*qp
zT<87d>UqqSmH2Jl!G9Z<@8wb&ms@U4zUX_fpRc5LmEd{EvY^kf@{0d@oAa237S!k1
zG`)F8Akg|&o?q?vy#8+QSK2kiCq;WXO=tk;(tA%{pCdf*zk|%{WeCNbAx#qQYO`8T
zIvV3*+G}XYxY=bn{>TIh`~wKwQo)5AXFJ)4iQ8+bGDCy~njReq1Dn|-NE`~9UMX_&
zWS%@gTKB=82#DnSB=-pL;dnQ}OHRkvjFJNZ0K&+E#O#&qU_B?k*HiL)_H8?M<kWck
zIqm3oj*mTG?|*wfwxhq;?)Cw#u4D4u26DGy6)nNyBHWdiH?tC9`b2+t5SLr8;7f=e
zJKS#!qrseSamf3arq7nDfLmlh%taTDUW~@uR7R+{tNgq;XlD0z1~TzR3f7Q6e`cND
z0*ldN%o6!S{_;LZQ7eg+qwjgY?U*l}ANu?k7CaYo%(>jx$4Efc%L5@o4l;=X%CoF;
ze?M>H{EFO6XL57W(*?{I&qPsYF&G8Uu@rPX{o8fnP5Mjnc8Ec;lO9#T>e%Aa#ZGYH
z;i(oD7qO;>%ge{#H@t)X5YSr-O-F6wNt*8+s6ZVXOM|gi5MI0cS0g>>bXl^RBi#XI
zk`9sH>V^ae>gLO<Yonl{iJ9XbM|?1wP8PYbE+2zw3lmemrY-5aK0RJ<<3TW8UtO%!
zp&-GFjfHU#Mg|5<_nqd21fTx~9r_gh&HwolAAd}x=;H82Ok(VJwOw}Q`+!YID4q!(
z6z(4RbUPBi_G=6#WiTY<Rl!yG%BVjSI6r@9IjsAjF;@fiR1SLnq>>&xNeGxCgUtC~
z&EYvbSk!DVAf~HUXySIYHNcg16P)oE#>Awu(que!B@2jh7MQth<0?f%QxLr3VQHhy
z35{OYd1n`tOw(rk^Dgg8WH79O&4f8buhSh7lSIo_D<k9&2s;PXPV>8vs3llJoMC(@
zUQUs~GoOZmEJzHCMokBp?K&P?s&|IU%i_>`esEF1OvwQcJLf}>+{Bk2w3FUQEC6i2
zv;*m|DpDI0@t}TfM3{INz-`t?Bj;lC@hT^%s-U1?wOkE4*Y&WZMT587>1?5HBf|=n
z3)N`3*^+zb<;vXt@_x+@U(tSnjqP-#QYx}F3hu!7ez=pnp60_ey1Z)l5~peZYbfUK
zyDtN%+B8Nk`4$H>_bpD7U=}K0gpZ<IcpfiA^x%nPig<%8sL^pqipwOoAUGIAw|`Mq
zrzWu4k`=j~!=rc8QoH!-1p9>cq2k`1*M?<6t(V1{uaRi8I@iS?+_<u)XIkf>A_Wyx
zge%6xvXoqk5zea)mJ&Yb$l}g@i0Xx*H(i#|!HdS&Msua!#I>War6EeTfNbizyr!s#
zglO^aG-(w2yxDDQ1voSB?OPH>)4L*rQp7}5Ax!b`cbiWyzpU;w!S(qk@CA^=<sGrq
z3%CQ11Uo5-@fAOu1DOom%Z$%M5f-u@#EazZHufG)H`wlm(?_5C0er_~T>QZl{g|r;
zT>MtbwmbfeXZ6Uao||IUZ3ExY^<($}Q9DDu#j(~Gpm|2mestlxy-~iWfUvwDZ}){z
zw_&)fXWNAchxevAA2H`&IDPJbOs}^&Ek9mxH^<CHAd`C+t5s_sq&`*aFyd^87PF9&
zKI{yHX;L~FT9gH(nKPL%n~dL&i@>EK_x29XpwK?~coZYDPqo->%Z5*|o7{1jxIa5i
zuO(Mii3);AZaI+Lh{yfP{cCP~Q!peH#eqh9IG|BXINe<&Wd)9jm<@r|=33Eh@$2;T
zdT6dj_7D!2XSRpy@v`2H?(>|U{OhP=XeK1b3;K*M8EaYW>dWeRSdLA!4Y!%RAb}05
zk6SR8<4e?jnTjSgo!1LDw|Remzbtag_wAx8i(RkNxvsojbJO#I2i5$d)3*<t)JzQ*
z)Rs&mrsyLMq~gacXT@oFT*KWf=a&LBT%&($=VzneU&IIa`)ynt91IMc&h>46j+L))
zu=Mef=znl#fO9R$!0(ah9sg@48B<w{5sDr1g^Y~k_OE@1=G8!&yxn(Y_&QwBhQKCE
zs0GWlMDhfgFFJ&U$a+;y`NB+UHdPut?0k3dEWZ8B@)RQ|GIIR=ou}{*$y+p1dnps{
zuXcQ7PRUGUk8H)Wkmn0W0Pdj2$s8#gm1txTH0`xM2;-?}e!c-<z+Kt!uu@}=0}m>5
zN%r@EJyGv%;Z9d0*gz5@`4yH@oZZ$uTrJJ;Gn|yi(%nh8(_howSIl6Z{4`TrR<1tX
zNY9#~5V;V@F21k3@n(aek5^02eQXJ684Wz2W;dE$Z_fSF_1pPEmIU;pk(OAjt;P5b
z!!<e7H~vF$GdD~9=Un20^(FqUSswQ<RkUWo8M#~@7Z0+gD|M!&5OM8VU^>=QFlf5%
zZf+hHmc0^lyXiHAc81{+%y8icq;j6k!1s^xO5u(@q+Qn<9~=i)99W%aj|??WLk<ZT
z*3Qnmo$zmG_S>WVGABxHvrrmz^K6hbHYS<jdLfi0W|Sq9?js0f4M6dSbetT@Cb4XG
zz2MT<RgkRvO2&oT((Z;CER$LF=f4(kkc3R!;3m5aM-fM0`RPS@_cTZPU67__PPQNm
z;D*EDF=xQ=R#;hBP|myI=Ks>JV8Fw&P-6fxOMg4FTS|M<p?Z5&{uJmB=%{#n2)Q`_
zFc%xE*_!tAjeQA8A-yti5Hwgl#jR`TU#f`=cjdwfFdsb14CX)`h1%8ZTMYyTM{a)u
zK~+{={%*My?8v}tARi7B6M^3)U=1*0C@NzVIOFXh=b+}Qdg!7<3K$6;X8y9+*qe}T
zA$f_zdgg|hwM+}yTl+~2`XJ$?kR|QlY$*??A2yn<01c!`XoDBWa(cLS`PizmfeyR@
zBBs!6dw~UO%d`@eM)SkJhvP&PZTtP*;dO}KcdP&>I$qYkFnc<YuTQasV-Pb3kERbe
zX*E72VMwv*elogpGWx#qKKlN?a<Z~>W20a~l+{JWg_RW*_29*$?cm^mWASpBfN^?H
zl^;pM_xyJfK1@z*={x-Z?p>SH;jA3gn^Vg6a=^!%22b$EyR?R~NO}@@#A4w9g%G}@
zd7rwc$Oq9z?qzOu{oGt%U!TBWMz(i)7fH7_QeP=bMk%4}NGYMvT?+{wK)oV<8^wsc
zw_ath1~AIuL!)`4#?_7IfJ%c1)XsD1{CP5iE=`21;_>7#_>vn+Sr}(xHb_TYd;@NW
ztNPAf7>DZxVr*6f7ril&PTH?Y4P`!EW=pw+#FvMrr&&w%I;diAad)%WjeR^PvScZg
ze(}-b_KaXQjWL*kRE`=mCp=O%JNvLrG@Xx~kiR{58$Ni(8%I3xX>}$fyllLM@#h~0
ze(q$|`uCXPaeMnK<oI^CPnOr^WQ%4hXWfGQ5&#F9qu?(YGYvAOgoL21e=s-%^VeS7
z;mlX-!z1k%<(rfW=~Ihf_F6LR<xk6v_RT<&+ips32rPqfU9b?^`K7CR0L&BfW~4xN
zcGC+kUvYTE@A6(oJS@a6w`(yWpNE#S=?6UOSFVH6pqbrn?e+@4t?3T@Y3i>F>$@)v
zd3MVFR)pnSx|GVbcC+DK)(T?Rm8xk0mR%><UQoWl;u~#h=43nxiA&5^DN}X3(n2$a
zmurL6>z=!5?mCAXSoTa779rLX%X_C^NDsOJIiCVniG*Un3H-D%?fma8xa>1YzNa^V
z25Dcv4NMV!fo5+YHtDFs#mFV;WqKdW6P3S<(;}FMK**MmLLEa72irPs-w^zuv$A`e
z&-=VzhUeeci>j?Pd2bO&PXc{s#xMO&qxg@&0lC(L;aL?^)~Qnp;W8lm%n90>cs`z-
zEBX?X6^@yMC}l>QN~%Yrq8?VTs-2cwom!n%SeDb6DhUey_`SRt`?F4MI1VM$$#wvG
zqnDChB1?~%Une{VZV*UYB}iyP*|68`?FtF8dm_Y`UqT04@CjF1h<4b6v$G%r!z^t~
zpGXrkoC6s-Ngy>SNH_r8TPiP-LkF}%&?5nTBW|UcroINR+)W3`SJ|Ou_=@?8(5u$q
zSampzP$}t>H?dk^%nE26XwYN7-SlFa6KGsgvWxhs9vvdH@;ro6xio^+FM%b)>R1N#
z3a2?ogMq(VrIEc$&}mJ_<yrV6c%%uGN3Z#??D=3@3~x)59g6x2<Eeim)#HM%pI7E4
z9~xggd*N0%+c;|;QN5MzkD{7dHYz}KGvw)yy^4_faX+ri>xc6{HoeqLY-(!iyW4Ga
za?-Fcg}`t_lAeYpGCaJ~@gVZcme$0?q*t{>5>$Bq+7S%g!{5O+07bVgV0y>F<Gs|H
z%?2J?OR7jIs~&WOA*=%r@~z~Yz&sdhP?9rRjCjT{K>)jjg%JkM45D@CD<0^lghO<Y
zm^}39eLOf$(~4~x2b63ZauN@=tH%Hvhnd}FX4@~z+t<0ajKwi_J9Z#sCpv9i%sMBr
zV{$9vf^0f90<4?15<IT>Pe|vgse>+u1`nlu)k`I#{SfTOJ685NCZ>5N<|u&F$S*|L
zt{>aM6+kqv2Cu-h%^u4FB!to^bkzWI-h=_a1$lfB^BagkK$4#4>3IIhRW~4e&Trvo
zfGPxW1sC|;rtOcNpI!zD`QzVj6CV0-(8F|Ml9Bwr+>2`pN)jtlhf8(ksfs}$_qlYW
zM375No}i_R&xeFNaRVyOuUydo>74n3F+OQ>K-N$Pb8NweRZ(GeYFS=kWd&n0Y}NFz
za&;IaW1IHZ9^O)6dg#L8CJOYZ;}{=}t&S=N`wXsh;LNdYgNUo!N?ZHb+^wnYM4ct5
zzijvRS9Y3vN-8F#78udAa2S$6Do+i9dvED|S$G58jS2o=rG-2W8HNIlXQyi5&!4|%
zG@V{oy01ZN!UO`sm8g6VF;K}SjB<d9fg#@QQqf+_YYi8GewEGw8dT2#^e!9FkLi@*
z>1Hh7T8jvBHyT9sCvOOstQZZ1Pj>x?X!h}mDWd0>`LvV6l@UZ!DN{C(Stj1!g@4qW
zXS2v}CSG2nr^`*aFr&@`5gt_xbo7xuyHD@KL8hP$6*uNPso8PTKa9WPu#Nkd*GqPd
zHz>eG>VJ;;jUUnqiiA*6SDP!bsr0h2XW0@(yn~dUr$nl2zykn592)&+d)~KW<M;Q@
z(mF3=Qhr$QF|!ocKe&JBlDz0U$_&Izhz<NXSJFae&#Rccal3Htd%2ELxSG=IHl1fn
zo5u_n^RAYhfmp^p)^t*uKlHi5Y@)@k*y!QcVWq8kl>S^59upTNb`6_=_IHS)n+<pV
zm369YRq7MR^0yzQH<Ew$b<;dLX|L~kc|CJFRxtHSk9QJ@C^kby{M{(~vpT>q2#7ZR
z;`8IC5)P`{k>X<zlEKCP7b=mb11RPq$Si)?kXD+%)}xe}3=9x*D`cxNr0myb2T*0-
z55rKBaLh!c$;J7_s?UlY0Z^>I?E;hwDO}LoJ7fJ-iN>^9Z}h%FTiL|(Q?d!yf~KbB
zNi=|sN=l!8x9bPj)hi0h<!v)_=-iF>jc_P(wYe$Dab<ICYpeQYIdTGDLdNubdosg0
z-!jQ_%_CVa&lIZ~b}<4jHTuey!k3p<yYz59IngvQI9wpj+v_VZ{BtrNssojOYyBd;
zLkZMwbPG?cNWK^FPcZx+gGZ)z5i(;lv7Sh~-hzVCqTSX6yPbX)F$&V0e=Emi!*gY7
zm5%wRTVUhDI8>~WH1X@;pwf)pk8gF3P!e%m*^~8XC>Rzv*Rt*cM>xW+gg?*Xr4oAd
z{eGG7l5*pl{FmtRd{kCa8rTi{F7)>jHP21X%)onZBys-HHq{>oOM{37dIySJ=)45|
zVAz9lcDQ>*ZT6t27=6mC7fc=G&@j(0v96Wiez=2%iWkAt|0T03I18clSiWd2(Llvd
z4{roVPM$=zvbwfr$(B_{Z&IOZVr(ogg`{x-91|v%ym(s8en1x|oDZ~Rk>Orm+g!~^
z-oo%ABDiH@R9C#F=v38QcVqk+GGs-x^~PcSacG`4kM<9^{-9!oV(npBDZ38i0@>Qu
zs{3VaKl@In6h$XRh{tJaY5ACg2*SqvZ8ul`EL7CE*kJ-Q@6t;+A4o`@URuLDGSceS
zlYBSb&q5T{c>?o(ccV&r7lW<P5%fosN2qjFvqgLgcz?azx;R6B9zg{fO#$&B$hKP;
z2G%4*x<aK#umsN=ATN)^`IOIaGBb0l{Fy`ZmKdU})jWrdqC^&tXYndF<dstPSCfun
zz!XyyeMOaluN*YLFq!Ct9e!%|XDycCF&yJeKOn8VqFm-X<7efPQ+bnU&IBcR=gf+(
zomRmi44#12u$iu?qXavc%k6fVW!LHPvF5TStmqUIMty2|x@z}#({0P5%V+%vt7?t|
zjQYv}b6}`FcgxnOjq<t#IA<K}2f@VFR(CHjU$LBM_6F(GCJ6dzg*!2bx%yT*6Yl5D
zA$Z*2nIXx9jJ>O%rWM9bN5$u9J~pyoHju{GirHJS%qbi1L?~ZuyZwlp+?N>zkEift
zA&Y($m)oRMeLcs1axIv4EAOSbs;`fpmF{zY`uafJAPy*ZlZ((E;q>7ipv~ek$*imc
zU#QE^;w^ACWQ0rXzbwhC8A24DdgOP;t@rI@!`05h0<y9{dvsy)mbk=PkkA&DSec<<
zic}pMWFR`zg~{nV$f{8F+2uE}vRaIAwp3!1_qY6RX%f4=A5%iIRZi^tGpcDmg%yj<
zo(>Yi)zSVqG<<7~2lSI~XpQW#NX#UJQ;=oXnbV=Fw#a#GZ8T0*w0Z>#IWN_Tr{_7l
zY<kYT=j4*lquG2o(1e*!_i^=*B5w0vHI|RA!g6-C)&`ySgwK(_e*D}xcheC#4Emzx
zN{TDPlUbgRNaSxc3vna!?n^bh=Jb*HC7W&C>rvY@i0}NlgyA%3ixb3AcEE4h7m%t}
z#j8d=?Et7kR9yd3lIfB<fwl=i)Jk|2v*G!L8aRan>N2k1OOjrdDVz#K54uZRbGM4#
z5$Be1%K}z&XYi4EPu!kkBU__BwOppp`S3@OU^Rk?MOZuj?l+!eJIbs$YduWs#K{fU
zCf)z3?W@D0{GLY_5NV_vM37cOx{;JxVrc{frE}>NgHB0_T?C{X=@jWs=@OQZP6-jX
z@1h^Saew!Zd!Oen&&zq=Gjrz5%+5LIojI{->a4s}z^ZM1ZY_%k#l`tcq)IJjB6Dvs
z-85Lq;-nfL5o#abqGai9s_jp4y$UqrD%3UhV|w_o!=mQk3{4PUGl~Xy8@%rS$x_WN
z4u|9Eoz$(7@ID<~&67(dem*Dmv&Y~Eu=)v|VX(H=^Bt4&*PFh~Z*`bn)I=JBZ`5dD
z+iQrqjHYj}7kx~b^W*_9U+Ia?Q9@(jOz%A`?Wjk#cd<U#ish2ObZYN$>}%9`=)I_;
zX=s>2N6An*AUfJ7pJuQ%Fo1_%e%D$#rqX9OZlcSGZ=Rul#@ij|OFzRY0^~YHmM=bx
zl|K+m<{&!q%tMfjCC=C>k4Q|IZkfhPh5TGqp>)B{n(sx>g?Lw}0Uer=d#$%D(l=1d
z^&b^be1CX&*y)9%5n6PHProKBQ<qWE5X@%y40}o{oeJyyGsZhubu$Krn3kwK(b-vN
zIorZ678Qg<mW%Q5#FRI<u>!%QG>_e6-+qkwu~j!-{c_&BB#WMiz3@QGhHsA}ZVQ-?
zX<KctDws*BAm_B7qvH1%ab`$4YMprXc+!5p%4$5wW1TaJy57uV8|ASS_>_1g1Y1p{
z3Y0O#Z#+ptU32{luj^<1Alo$m-8G|7FnInwY&lx~L8M^K2R8lGSZdFf8os%g48sL(
zeAoSslHlC}G?79d8pG7VLlu_w!g+yec{9p}J5UJ|Ds4pL2GRn_t}*wod&YF|n_TzR
z8Qx9Zyn%&a^kpNQ-U`fS*%QIubyDPlp0=3iT9U_r(>7qdKKO<!h)>5HYnXfr!Q}Q1
zk47<t)0>=xY@?rZr!5nsWfqwZXERZqs6P-z0SQK~S_mW+mzG#|G<~16sa@@2VPpl}
z^+GwV+<3z!t@ps9va0W>*mklQE^djh<^oRP+YtPGj^{|R{0mr~{KXV<pYG@zIZr2l
zV4{Yq<2%AaFKsKYy5!lG*CBDUc=UZGC27d+>@mSQwG9(N&*NFIvXAd>i>q>~W)+?Y
zJ)(O3Xu1Z|;$j?4Vmg0I(u7B!NJCdFfSbSFi^KdUBIL+C4V#H$V~nu5eyFLrILAc~
z7fP1Vu5fp+p(x;@V)8Tl`G@v6`+@04Yn*k%WjI!tkiJT?TvQtVWr>R<Or{VQm9G_5
zLg$8nZKe9!j^FKmbP_pT^QTkuK9Qx5^Ak+IR^)XlKMWGxwzjq|!W*SKURjlyE2D#i
z3&*gffWq7Fq1d2OXcZA?Wq-?X?B!%<zh&}r|I38}Bno&VbDU$Qo1UJ}R-IOerp+Kp
z&dgM9QARg{ccUvXemFoq8#;4Z^NdHR-`^NP?PlRPh7V(|3Byiua;Q7x0`c7N0-1uQ
zE<;UiC4BbU0>`eYL~Or&3hdLRen>WqX)H+?`J`J{e|v8xF=^_}R<+xt&vlaimHXiM
z3WCyyIJPrAMwN1Xh)<}n{_ZWhea1(F(HNBsTZdm_t{R+EL>(#|;2MY?a2a#?&=A$2
zXY=;REru=U-}42PH}eIbRcNy(QA>(wP_4>4VgzguD8&Tt(QXwiw>_vQe6h9vYN$@h
zUvp^SOQ=Yr&!M_B>Q=zi^0*&{*H0ZVwwK6L{6}DR;o9LP@Zc|Yw&m@1cLG|P{8tY7
zJ1w^;iL0=rRgE6*)f6@9aLiUb&nVM)OYrF{%L*QG+=zlQjP>2%`W9hkS9*1=9^Lm}
zTm6*0;|)r=E*AXaUw+k|or!M#z<6Eq1;qhd;em_miF-0$4)8M8<a6rBE1?nAFS`iA
z!o$6_O@93Y#Fyyrm|o-YjZQ2f@oT%{rlz?aZ&^a-=jdJA)H*f2mq~cvf~PKwes?C<
zYVFku{W>#X{{Y_CsoB}tPA9wb%HM9Iw0^K0O2d<di8*#2`EsJ;KE_db{|tK{YpT`1
z_qL-sTnsCHg^AzJwaxFu7VigsD#AdfttXDf>kf{ul9z$<{6gZhXdE|AODDchP_$Hj
zsNG5y(8C@UJSpdEUhzF7R$!!vR!0mN3Z(9|uC|5;W=l-!nZ_n20~;5{wT!Q{_?Dfd
z>HH_FcZCVua`po&1Q)xTQ{qgVxbNK~up;aeGv89S-M|z31`(kf{v=AXr$>aQ`_V-b
zUg5ZxwV1apni!x{qk1!0`0VG^ndc5%hBvTQ`o&72pT$rL{N*p9BqQpogI78sV}Tp-
zA$K?l<)*e)+3y(&ds$KF^(-B@d$^tcIQ4LKE0BIbA{%jw!8r63HL624AX|OZvkjf{
zr^4;o*GU288zN#kk6BJ$qfL8MG*pE9h08vS6eWd{MxtVNcx)=awpu&=o@m@k=pA6D
z>5Ah>v1xB-_e4=~y51ZI<p&TMuLx<*&(CjYh}+-wEU_MO^OX`j?N(iL)@ea!02{ZJ
zxouS+MCIjKJ%;@=4_~Up#FQ;8EUZ!~7Uq7oKhoSRv9mL<J_u*5*EcenpPK5Hp5mz@
z;5Jm58+qP)g6i=C2(bo;I`uLe>lkRZQs?r|^)yiDs`|irt%df(mBaK)82OD*dy}TW
zFn<}roSk%B?h8hQ-e-C#_pt{nlQ4MPqS3$+h^6l<LEJOEo~tZp9P_FcgO3ty3dc92
z<y#)A$uT~E8m=Y=OY)Im<5;%>KRz63Qx#01ai65%L(LHzosw91Y)z2vHt)Ul<4{Iz
zp3vIn{EPgSz5Q2a{7UX<dbbZncQ&`4$0>$n%lI|<J^dNr%{11BfPdk+FLw_=g`TT6
zIX*Z7@*{W50Yl9!5YD#~=LFeaiohNTC$ZjqB3;1y#_U1;cU*fr%I6ZAM==JnR$;xK
zkC|u~f<Ld&HqN!QQSwlVh&EZ}HY-;J3qR$?yxx)WZV?`T*CBeFlriC*){7_gA|l@D
z3la_}WrtXnEW1>|(zMmimIQCv^|Ek(KN!ji;tt-1q0;8>#SmPVhZ*8NCoiwg*S9(N
zEDi{UZLY5_f&Cq3JQqm@{h@ZL1BU4=LgtJe@qQ<Ek6m4l!$_CJ8i$gPr(MuhK5HGQ
zPJ>xo>YoLDvkG{BAS){`zyG@OXi6&plm3f!<tth`mLU24PKyVhy_@@Eod?VK&yO#{
zCwG*4nyu>GH#3*kb}Vwo*UCZ@gv6jg@C|4~nSC7{=j)vChNmlKB1JWZs3Vw3hw4@K
zjc-T4Nfmb37@DLOH$4~M_bhSk%5}>%ggyMCu;WvE0_T2#dC3CbbqbYFQII54fBdLB
zU3S|{@9X#Ua1<H5KzGimf+Fb(TxND|>?Z60>3vf#)_Z~MFq!uup?p*tD3kcO)p44j
z2^kNDyd}GAJlo-n`p0(ZiWDKwNl+Pzgzt+-W6osre*R$li~p0Z75(xGd;`?mfFRE9
zj`)6~%&f6H;Yq}Jt82RpyL%$$iw6a#c^*Wl2>AFM##I_bz?63P!jVoUCMLCu<-|Q}
z!b6U6tsuoOpG9(>FwQ4~U~;?o;WZ6lXc7E^)(UO#=7mzacl)&Q;9FMOvnlQ-4czmw
z-4gJ0mBGeg=hGiJy7sEq*iszr4lMRH)2sTRQT$ZY^7w8ctVDFQqpChimXXa$NNbma
zOy|yh9BOnMigL{?VMT3f?`^6O`I)8R``PcUqWK;PQ0r3<W*SJBv3A_!A*OrUYo*I4
zLRaOez*MjPrrfNY);`ndr4#`vCFb1u%aVhYS3Op>{wDr&>Nh<v3tavKf{zff?duLX
ziKdBs#U{yBG=cv-yk=*Y9&7RO#vPDVV2GlgiXN#Cjl-E4QES$45I(MU3?vD2i8H4_
zX*u2omu;qnNZYW2IGTU}Ene(rV5!)<U7|bR#z^y4)|ch+!<|qB+YM4k1^g7R>+%Ei
z_440|IlG?`2p<n8S;>eOWIc6Rx~Q9&o;T94Hf?xBS48(a{;ZgLSCEI=-PK(yUbpPq
zuW8k3NoPR4b19Y-d+Em*pi1eG#4tE#e1>AhS9~_F9?e%+dT#|}Y1}!~-y5)gGA&nq
zY)E3p@2si(s*KvGJDh)|<AvMg%%-cxIJSHclYKhP<6tS%`z=egQH)6s*+<kE1#H-G
zHqgsk*prO%vu<x%%S<_}^5_|PNn`j+P6F#Zz|SEF?P=o5x0cz#zn%ZljV`7BxA1v*
z5o<lPBEPBP@;94@)1ehxnn#_Y0$Cp}P(Z~5EC$6%_ayWvxl-KpMqZ<r(Q=nZICBad
zTBW}$=nf6#PPiSBgGxTrK^%ZCjsV?FAs_QPoUqCLq|LBcz$~x7BhW0Qx<?-xn8X!?
zd6(x?0YfJw2sUL;%wHRYe~>88LwTLY*!0$7weQp=GFMYnRK!t0z~DgwnM>WYo@ohp
zYQ)oi($ySim%tt^V-1J$mLLrW`F67<hqraGu7Zaakh&hLNBaGZjA=EUZF0kUoZ1{u
zQrY-$kX4xlcF0mXZ`VJ26iNk=6Bc=r#G%er_0R&_3U7c+BLla>Ng&@&F0d!$X<hc5
z-5Vo(V*7X(o|sZ@!z_Zfm^B=Thw9%ydxjDo%1^K0ZnaX8mV)Nj-6P#;t(&C5qvU&v
z_`opw6AhU50gva5O(+?Dg{n_(z7vrBlwhhQr-Nag(t^UrmfEB7#k$HFm7!4YL2KSe
zzn__;wyah6B5L7lF=(iU8j6r*ar<wQM(DU?iU%g|_$ftGo~YYYH5jld)b)+9OU=G+
zBxRJNb2-rP&L4MZE7ZYQXpyIkU7Y0K-q_y$zO!r5;eXd;;c{VitZT;O-r&5SU+g$V
zyh~8q7mPQm()X)=VzTRNaxWFo=;CX|NY@+2JLO5M8gs_(=_JTXaX^0ZqtB0~TO?Kn
zHFmDFQ7$<!2^q-A=HDaxUb6A`Pqm%@k%x$g=ki`M7-`g+_8xY9l<ROAVWuBCr^qHZ
zRaAVxNK<>;A$v!sFb>z?R!8Pz-!Eb_R-`zFhVbH~qM1zV7jP{ibTEhTt$f+h!HlO>
zVLZ>abyT2-_HrMmS{>1e)x+d43vR=vILE)!`zpZ9FnY5UwIDB6aqnDo)aY<}N+;{Q
zp)-)hP~H5?7?Q<H$&+2?s(fzTHm8Xl<`hM{i5Py@cl^FQ<zv-21g^`ML1Y0D0hn?n
zeP(Jy=T~Wn6>D@-)yg3P`>{&*WQgn3bd?(XROE9quiwBOb3<=nFsgD|)aU!WGCoTt
z=2q<@+HdUFShLuSC0wi{B>4e|>Yp!kZC}nM87o0Gw|2~nN_sT|s#6g|7dBFYlVTs{
zQ|b-siNAirna^`@`<RgOsI+KG94;B<5+_Tn$~W@+-v#c7z<fi0udS-Gk@@#Rw+)vq
zW6rI{6!Gbl(G6;0)1kQX9o^Z%a-ZS)d7Hh74d`3Rm-G$29yWR!6Df_8BS-Q+qxb`!
zL)@w4rKU~CxBK7r%)X<X3`u-C$yfxgtlze&Kl){JWCow`Jug<s3}sHS`u)!@$SRc!
z1ls4ae+dG$n0R}8Z~9|=|1kX13o)rp-gDsjRR{$%{P*GqgFt+Lu77gRK2xo4ZEY<%
zoq3OU%+98EVu4!bsn+}Y`Va_2Tkwv1!{S~;J`@$?^r3V54*%V&vZl=(B$6MMrGMPZ
zSs{-G`0vMc83!s$aw--O=<k&aKwka1kh#AsYVdCX=SPBG{W77>kamM<Ytvf(zPj|a
z$Dwq<!_AG3wj1p4jW+P`7wLb5)2>62CH{ljR57rU3wc)M^`v~B`v13T#-Tc-?psO7
znoQNN+naG1vOq0>#<>AKM~wY*LkxQ5fz$(_$7e9m%|!tys#6&B8<7|ULLk4H2;>c*
zA>jIl$PJ-?!C(ESTsK1h57Gl{0s8!-lz)eJdHqki{5KW<3yzfQHi-V#oAmBeF2vzO
zd@Ib1WWur^s6yZ_Ko%sAfIR=C-vC*W&&bpX76owp7fA$=j0O-lDvsE33<H1)fdSNI
z0I_RBh&C4>M8g6UaDvTINSMXuJd*+dq5sN_8iN89kOeZP8g!{aQWUS=$YeHLW9rpQ
z5&GiJO&b6cQ@24REJGxg4;gN;g3^UZErpeEI;>Z*K&*p{Y+#TSG!v+;BVUL#_iiW%
z)DgOT3&0N}1_12f4gd>`T@%K;`1&TBw~J%ASOlP=0Rz2SmIY*5guuceKpIATgG<5!
z<ZHoz;_5I~Byo3=Tx7{yAoEWN0R0c)6OJ<AguEMSxF@^sFabk(t#>_fzr`tdmJekC
z<u_4)<r@+#&!L>D&Hp0vyFw)6zexb(+t&&HtNP5}&_5J{v4263Z2UWe05ADS1^kv9
z1iFzX9mr7!tnqhB@ZVN^W10VDeK(f*4GyRRX~swszA<B@W#j*~-WH+A-)7tbRDitx
zA@aw%0eIYhTJhhu`+s4b|Jhyqwe|n4JE1%oyv#0O3PW74X>34au-VGVwWwl3n3EpM
z$;q;ZzB%FM>7|Z0coClxy+F9kc=&i@=W^?E^bJ>Ph3n7)9M5a>;(Td2x#?t^-_~OB
zJdK~1<z4`RG$tGPCb`$a*1?8+zLzBwh)e=Va&Hm>O&IctKspR^lRSZ9|5M-(ddJ@K
z)@14R<w~?2oPX!ybWbv%d)M#$a8>!<UW%~_k`l?fN!NIxu1nohYwL~H*4DcdmE+^%
zz}A9vH*zlHU-x9cd@JnBkO}6_War@c?01nk-asZmhGecBdIlUJTVm93rFh%o6A;K)
zDgjmqLd|f%HC@qngM&o9k6CkOGu2^+H4c{?B)NOEG1g-GA<-1bE#1o0FHTDWBeMaC
zG+}0phrk*&)l`91qPJ0Mg+kFZ!e&@>56%^#4)nfzAw>wq4(q@hVLQ%G2V-PpWUl3F
zUDl%%Ih_DmW@{Xeh^~x{jlqRNz&K+X0W2aE@~7@t6s@SJ08T>%4iaqiIdv#+hamNo
zCDc*x^yUEv$Hm#f^J?N$lH4<X<3`Vzi=IFn@~{p|q|)CllYGI7J<{<sONGI<fzS8v
z-?z3Z?pwttCsTF@Zfsclmyo?h6MO?GSJHF;+kAt^!Mc-4vu|ht89Dh;RN_a1shx#|
zLCi5v;NaBJY~_8jJAT(!evQkra6!j~03Mj{;Yw&Up!U*z%<#8@C-f2@KYna#YMOAm
zpH!aU-o$v+Eof+eh5$}Duw!$?s_u)k-)qNsVQ#)UQEYgCg0erce7nA(;e(`qn&m5n
z=T;ez2Y#522beF!KMLe$4%leixs5e<a@y>7L8iODww8Hvy0@snH^s2<9YLuM%fP;D
zsIIIGD2%2Pmk#;Wux8S~k4cF9N;OErh^eJ`%*~2<$x%E2-O1U`Hh6IL0;>b*=Gic{
zmrkS8gk6|B%YoCfQm28{hMB9w#5%?h2r;~j=dj4v%&b)@O~P;UuJ_(T6F(^nvxOad
zI^`<9g~MkYve25ev^3A>XYRXmbuctSpQE+NX@ZbD@d^V@&f$ZSzGv?ezqorn+M~Vu
zE-{fTK)m!eE~yfy$neBOkg|j;fu0vw9x4$>G9ux&8Bc1K=NW1HzD#Kl&0QFS<~jL=
zXD936v%o7O88P6+!jG$qb?}c&<p-oJ2bwLTVOQy#V-I1X9PI2=)YLo|xB2ll=c?_g
z`}a*IhAOB8I2iLSR=*PS1>xreJLQ*@MBRmg7TE^ffLnQ)QK}<dXT6u(Q#>g<i=RJO
zJoEL1y(eI0wX+q<kXD-FRI6@^6Z3vD@zW^UmF{{neXuhJA6L?H&1~xloqfqyK|a2g
zmji?j`TBNT<%|97Y;5_(#p1qa+_r6kac7?19m$o_-b6U@RuRj%(F8XJD3>8*8uS8d
zSK0tmsYA(bU{I~5zjmq#XlCYcg7EHl9T)CDkF8U)%9pK~x&!3m1oal9mG1UQq)-#6
zt<3_*=?qwSdM0^2pjesju7K=g>(&+Y2}>mK9C?M1l5kJ@LVb+e39@NL-KUxe2F|Qb
zmsb)Yu%6k~o@NhUDSC%tPO;VA1P&dddD?Jv^DyNQ$xWkft~FV>U8XKdtZZsVPQ5v~
z)bde7oEQ519luUb>CjgCo^n@{q%!I265uEw3?I<85wJ3q<p-Zq<Fbm7^f4DLvh~Rk
zvVx~%Yl`52?Ivg3Pgz^(iOcszsDwsZX^cykQAQnkXzfQvM0hr}{$fSP;E&_Sdzsl@
zgRjY)04-1-(|&>tq01^P<R}n|tLcmL+VkuPm9sCPWEHE739j84!N8~CR<<MhA=&C^
zx@4jHMAK#h7ehe7+28;35D$Vww*Ss_X7(4?94-~(d*UxVfL)B2BLofy$6>rnm?M;o
z$R3duwIkF8w;2}Otyc5(u8NA;nsRMrR|NBsNP1lz<=umi!rI!}Pr1znT#wcUlDhN9
zAFNuhgF#m<dv3fNq+*5mZ1NutzE^f$-N$fPZ1V9i&fC}o4k+H|VQ#dZLF$)+fL+;S
z@D|<sglPp00=2LaR1!;}nXmR=y=b&pyT<v|%I+aVB_*R-(L1sMJ~JeRS8DLMtM*7O
zTM086WpDc45mFYS`!I9}8`!@9t?!`Qg!vi+?ZE0mtY#N3E^cK_4X-5{`djSe$xx9s
zQ)RTUxXpl1Y}w@~&{tK?4YCvc^-J&Eq@X!g?^!MuOr?^h-Bx`Glv#hEK2$9gY8$br
zjyB|Ht-TE66(PiO<7Gx?9h4>YCfqpu9udonA4zZ-6^k5oNXAMTv$bIXskB&=rs7wG
z&!0c<W_+afc3dVA0(XLb@bJompoNVwZH`iXv>riYs10lT;glA0%=17U`pGD*-=|A~
zD^Ey2wr*L4&i+*?hsD^;Ojz_(+0xPJ+10a!Ln%@l4k_quc3gI_F}p0(M%xGz7!0p0
z_vWC>n3=5gs->^tWf;;7_lfRf5|k0d-6JF<RNZ8h+$azm+SH6RIOAQvMdm=xuU+c%
zb#hPFGDC=C;{5nnYh?UQ;_F~lEBm-#Pf~E0W7A$;{P^K!v|ies^58+PYg$e+gZJ{K
z0d0ht@+F2UM?-$DayAO2UzAep`Dw#g@u`9z%*8gE7T$R#v0VBx$0BdiIYvd_^m~>O
zC&%D<fJ;ZRb)Ts6n#^rSaWDe|J6Kq)Bbn!Zauu;Tvv_PL_Q6M`_{Kh;A@Jy=4x+WG
znrfs%B&liad0v*v#<%?CEc2n5tLF%wz0qcoi$%CwN9dsP8(B$?!xtTOFLwAw**7|Q
z+dk*qvR8TcT^tV#f#DFJ;3hVAUG1+Z`Af^nYQdZx!g#r6w8diz=!G`p<H^JxvZt&x
z#_RX<6Jxpee2&Oe4O-p&CNw%qEoS7I$s+F;x18~a#J1#4nAiK0@#*v3A`Y;`n-i&~
z`(h5;e0oMkZEva!lXX8)=OdQ99m&TH+e;@4hFG@4;?~8QA~n?)Q|hX@EdJCj5k~x@
zWsit)?TM6cVj~F`7nkA1mb|D6Yb?XqM1vP@elYt(b_YjCNePLwj?+^QI`cV6t9T9S
zY_p(ab)6@sZc#d|<?URYcu}?jSTWr|r<edHr)lwAapp++Fcu^qNPEP&U0A+8udfRe
zmVd;t?vE3Yuw^yCnk7U9oE9H~9qpL85Xo;FZC2UB{BbQu1`^@#?>}UBpSrBO2t(!}
z>tF)b5j<?B<k0IYOB)gA;+5Ip2LeJu(p+Dj`~_9H!RqA~En3h=hS*m1%4~eeLVGbJ
z=3_tZmX0=;61{;h&{}`27UUcc{IUV5=$R^fgwb|OM5=r`$pdNvzuX(7;IPcU^e&xK
za2#KO?+Qe{*lunrv)K`lc$jPu9H9Dy_NrL?q9XxoJzFvhMV6+9Yi$LqTr@T$PiR#w
z_JIhAJkhqi=FsfNI1dkx(8b6K+NN)d3kwB)YnbZ<k7nO6JG^dn)r?@?YHVzjExz3w
zpm5g`uePr4OSUeW=G)fZhOH9tt1L5XAMU<}`g##f(kJg`l<(Lhx>~0dzbE&cHy>;z
z39_47o520{z=BV1K}ry4ySr^7ZB1crsMNlmp50|FB`z)Ayt;bT?lj514z%Gj7jKE?
zx{?ss`A%K*OdsQxW_G5zI8`awRHWJIjw#rqOqoCU@>r^cNPr17puPV1uQfich7dJ3
zHy_SiC@HFbJ-kpmb7d$qGN!Mh)RCNg;yT3_GKb-jl#F8MB}PT3%SxVX-*GCoI4SAs
zvH4a{a-gTihnwg2(IE>*e+Rrs+~mdlT+#l~Q5;8+@X?;cJ$A~AxPq7+-t>vjZE;)-
znad>Sg&ScmlIkT!6%rB>SDN|^3_z|HG%W0hZ*(Mx{sE!3Gq&&^%lw;f=jZ42zk$8U
zQblodwUu?#IM`vI`8AtW?T-HiVx~ct(aOtGw<dowChIyH7Xtd((Sbf6!%DeCU?01W
z57fX8Cd~~2K6yfNvcRW<4ah?>19U=wG5s4v3-%w7FbER;|Bxy9UvA5Pc-jA(=Yfo9
z{67aWSlqXUF`p4&W?K2IL&(_evxAPIA>3$GetC_8hF=Qq06rYxWC8BzE5P&oCq;U*
zAi%Nx14O!fNCyw_QNPu$?@V6GQCGjzbG#3f%wrO)`K|(Bs&l+FNuDLT@oRs(nXKU7
zZsH$rRtxFkssqmMKPWeTG~gNoE-TW520$*KJRBsopK8!to&Ma0j2#y%5)(YW#iYel
zl^9Eu5tKRwvL--f2&)X#)MT9^qtaq0kDha6Sa%{Mc&)M2zw0=a+eY6SerG`Vr3vPA
zh2=n6@X?`pans2&7}C20b%sJwJF$2sCMJNboDc{k?xefBJFmFd$i&1WiireU6%3{$
zE~~Hi{&~C+7#O&-v(xvU>-6MA1O$2~)hT@T^;T%T#X;ctnu3eguh7B~ye`+EexGK+
z%4gM!Nki=1;0R(w1V`fg_iAvF>_y;A%njf@o~m0E*mc3C?;0gV<aM$=y}Z1Ph~yO&
z6(tH~)q4x9odH5ONa|!fB|Om|l37f7fAxzQ@-9=5$3sON`|o~SyIgD_?hxVuNANDZ
zqw3{Kc#FHn6&DwGbaccN?hd^E)mBuvI60~Fn)&*Qac~rtl{q;$40aY36<G!D?mCEX
z8E&+<w@*yy3=8qoQBbHSU2P?zfj|d#Fwus!vBS&c9;Ttk%A!wwybxTcdst%!dhTcV
z2$g*I+29D&-8so`=_ZSA2^g0y{d4&JThoaO#!lun)CR*o07rnlYKX5~R4~BPQdU!2
zoSTa$2acs;z6|Dbg+etXY`79=v?HGKvb}owGC5l_muhHe=%TZ(yc~M<%S%!v+n4m1
z76f`if`Azv*ld|BK>5@3_#~7R*RJi}bh1IUvWAqqe2rI&_kFr=>Cfz^)lYqAccW_0
zD2RfZ!9q=8k&%(3O6O*NeoeOpT=Ew+bEXy+I6WGjmZTp)e(n2JXUfId*>3Rg=Z`HN
z?J7H95AU$h#l^*sTE7@)7*$0bF^Ik-5;BoD4~t&Y(mvf*?=PjA|CzstIbi$C?|lO`
ze;?Or<Pjn^j|9>>J++Q51{09xVEy(ZYTB2yLNQ?@yWo*V)01B(Q#cOZ-<poc@c|11
z_%ef~Xr&!4(-|2V0Y5fDOH2D{=<v{4F^idBJ?mk9;b2LxkF9NC!45Fb9Op+TFbKGt
z`Z)&iHa0ddV7&=|wGn*oq!b9&*fFfhIqBUx&5f}8WT}#`K13MjA3|yAQ1Sj7ji=2U
zS~+*L@46oIGjuMe8RwSZ==QW3Z~KWFRr)w3ZCXUT5MVVwh?Qs(3L0HEV);h6KK9Xu
zhlTOo<pXczHx(*Abc=_wI|I|HfCms(X^W4C2bdzkkha_6FYK2*z2?2N+Lkqs3Y0%%
zmh_vOrj~amyBKzE;Js0vcFj4lGI)_3b`Z&XXeQ}tK?zjGGZ^rl=F{rl=%}VonTD}(
zn!j=~c)m(_Ff0svcC)05nu^M<Wgt~>2qt_4M!?{3du!`*xI7~xBd|P%iHQja``izJ
z-mZwQ{+6b{K65^S!Zm%asLy8wa~XP0#3nNiVQ-k7Teq4z6V@8&6S~CBgWoBIXm<e>
zpYehDLE1Vx1%Xf9T<qI%)1vM}zM5-mC-`dA=a*j@BD8)&E<}r=N@}F(57V%Rd0;@4
zx(qtgl<GYKEN(V2`QVoiv<TpP)8QMleOgsG`;tDPdp5YSXM6w+E`wt$|6MP;-gu8h
zZG@MMcd)yDWMZf}U$1Y(<8#UalyUo)Uee$_WLvOA#N+(z*ahMvij<c!QJb5azZwoT
zX77ESn=4YDy`QzqaIHT+$3LtA4~~Sq-Q2YCXERrOpO{Dk0)^-zd_^bEp7n-QKmG`v
zBo1AB$?>xW!)JWVp_V=VA}`57mm-=X+}4b_;M&oxc~AbP^{J?5B{&a1$LAdt42$1B
z9$M4lz2H%1i*<<sfg}P-pKcP%ikKYbHJI?#VykP53ngopDsEVB+kxxy;gg(d16#4B
zPt9NymQQ1kKQ9A4<f8U^!zMDg420z<SdgJPARq@IAbZchITS3NSbuYned>R}{E=V)
z{V&$<UKhv-7KXZ=e!R2r=-R#}%AO!7gEj1vKT1Me*{$lQ2=t`a=&|S#vTsSVFykk*
zV2tDw9R6-KlO-C!2q9%sb0OpEP&a+^1PnuehASzcZsf3qOp(FIf6}vxWtt#U6WG05
z0HV}~<$mG4@QO%ajCm!|0sP#PP}GMGVO0n<5DEqPg&onth1bh$KA7vz<N-9kYrsT@
z#&w}-W(B~6Nb0f*8|~nvb7MR316EDpyq$VVUMNfVjtvC#59<J#K#Fo;*%IkzZ~hlr
CEQvw@

literal 0
HcmV?d00001

diff --git a/docs/installation/images/cool_view.png b/docs/installation/images/cool_view.png
new file mode 100644
index 0000000000000000000000000000000000000000..8eebf21658a7dc59a31b96266aed510b92b5e37f
GIT binary patch
literal 24385
zcmZ6y18^rzv<Dhn8{5{#w(V@PaW=MX+qP}nw*DL2w)wK(y|-SyS2a~L(^K8YzdmQ?
zOqhb4I6MqC3=j|yyrhJP5)cq5I1msp7!=6&$m1YlJ`j*Dl%$BDitFlmrdcf7lG6yc
z;)`baE!6?yN;$6P52f;am9p`;DTV4$xj#fBl7WS!I#N>O&c7vbvC5=i%aK9qq<jN`
zum(f1kO%_>{xC-Prs*4}!XMIoB(J2jz=7Vm=YW@bN_dxKC?Tb@d;8iN+IiRLK3zD>
z@NT&16x=PHc+V)HiYos953>9@yO@30s<w5#vVB>oz3_a>?;{76Tu7=&i9Uq}6{h+O
zd%>O~MIJT6agU3O%l+4XYaBR$-9p3#0I1L-UOYEb(W!--t#VZVTm3~VU^`FBP)7P{
zW$wp+6caUp%tePA6@;+=hkhIQ_HY^_-8~xGe~+z!V|j-gQUB+LPx=~gH<m!*a<$pD
z2cgFy2<4<|`&alszTP2bXJ@Z>LI`dvV_ZNPG6`j6WzkOZ{Qu*5+$2o9!x>H3np6VS
zPeE-Z%5040zgeEi%k55QQ?Nzu69332Zo%=25FHKgAr&g|CU&S|;p5|DW1pU%^Vn_!
z$!lAwCd&5)^&Rwy_80YoCn$f<@TLPSE^c-zl!x$<2SY$Y#^7@HCmfMYq_^Ad%oo8{
z((AOcu!<U-?hZwy(Cf6@hGj)yEayQMhQV5-R|+db1xu&U%hrWJ;@EX?pt+6dV48&6
zp3lWsn?BU3D;fgJGdeK+F+h8f3(Gkd-N<|xqLGV6&~mLC)dLwf&02Mmx3ae{XEDB^
z#ZQ63kdgbA;idC5Zzmkf^6FUk)Bb6TKefvX9Twi1@fVXb;lieuqg(yq6_?rv<Nu5`
z)BSBW{o1vu`a0Xvd=^E=KL3N;4LoW!H8q8Ifw!+<)9=DNb7K`#b@d{r$6bAO=d8`h
z5q;#E9YSR5x%I@*mTmD?z1Qa5tF!Iae57}G(R<^`W~rT{FJgzgL=I=e38Nk947${W
zXBkcR0hXeVKtdWkK?F(+h6}`u2dvHUBO$>N4>AEq<Y;0d&KGyucu2i+8Cn=shN}rD
zGo1hogPek!iwheEr_D0>+XoUe5Qz`fUaxfzUtir9m$1iElk>)pw|r{f@_e}1Ef$}7
zpWdI&S7=$5ha{FJ4LrCWDO#p+Rt+Pq*!_8F=k+j1w3%Zz)^0yPY&=KQU%(AMu09tJ
zf7Z|bdm_99{=2HC=Bn#yGb1$>8*!M->6ML>o6rKn&m!Tc)h(&>8uZ}tY!uP<MLZ>_
z5-&VK#lHF2Ge?IXh2Sg*LP7ufDTFh}Y%&tP_Bps;BX5krV99`k<yvvfUhvHcxmkle
zA)<64FcMh&z{zmG{&6E2smH$e`Evf?G^ccnY(Ju-dCoY%)5p`?-XAu2A~?e2pHH@p
z0RVu>LK=7XW}B^U^S|XuG-~z5QAM{3OEn=7YpZj-o4V^C{9Dh%s<2}1wv;r5^H#^%
zb5%XOO*5_LeG(W52gA+jRm8!IpVJuTU)$y2B-$KWIr!#QR<cD(>+p6Uy7t+fxFMA?
z*l-r8(XxDSXGrJIyQoE$zvq%qL7i8-;oz^yo)VJkJV*^DtHBZq>BD<d1eba9_x3oE
zw*7Og7KZ(_Q_$IFk^)u`)~?|sW|k#hGxfI#;V^|V&>*h|9Ed`s9|HaC!TKHYxtiqd
z%oFzZv>3G5%0s^6=X2{}w%hAX$NS~r;cUrfxz>->ik7`R1cD~l<pf4bur$XE<6A0r
zHV@a6S#rS4J*+lIB2LG300tF!o_DeKalig`dfe{pW|s#Zd#BB=logRob0RRQ{#`xq
zEi315w(O%goD0enNY{9YgY4*KJf;R51R`H6gI<Y+C<qArJTmk+ZTqfD2|(wuvARl)
z9;U%Ds=U0+{X}{a6qp*ZeKEp-D6)h?9m>dnM00TzceFiJr=c`y)@lg{E6C2Y5eZp7
zjYP@9yXkTmPC<3`C7?{X*bIUC8(oMrn=Pr9{%&o>z-e?i(^)*1Ms@Z7vzn_)XotbU
zJ<>l(CJKZM)+SDg{>hju9@NVHOAc`^XkeR_iGe|2m(%%t88E2g3QG|i4q>*E!eX&@
zyFSr;V%x=#m7sJ0ffUANsrLX{U$o52?hdX`MLb!=M%P?vNu@L^8e)-<Dheg>Fo-}}
zvv=;X+=t;Krrh2u%EU(@sqQRFJgSY?-1^pC=%a|2iJm;W{X9sbkXE)sSH5dMB|5!K
z9xGQBUnVP~y<NYvyMv4!h%~66R-Ey%)3@V?3$ZC&84?^4%y_fE&cGc2DvTL2Ft23o
zO3BU<Tfj(a;clePwGc#VZe|v@{jG@>p3qdR+vjhj)$#dwfJYL_p#JfQGcOE^*1NF4
z!=Um{WZ||t9$vh2s)~@~{=9Yd?Ce9oJbU+0dR&O=AD>^J$8!Zke;8AtNYh?PRqYGc
zxu8>g-^VeketP46u49g^#jA`ZD!vG5c)PZUOQ8i4`jXlu3m{WXd;9t&6M%I;b0I)v
zE;n#Cis+$YZ5U6{TX<qhKtx+(wRI|@d*7SZg4Gt)qHP@4k^K(I7e*h6v6iZ%V`q&C
zLOTT}jm;$Y=4#UAY`W3&{|?I#X;UB}$_vAej)XGD@yS%Pg~{Sc74nSf!ufhB@`e*f
zh~x2eDin+Q37Mk#*zrQ;lftyA;)XPp=9ZEcAHCY5ric5J1<?P~i~BcV4e-_<8)I3l
zs#7Bx$w>QvtK^4_M^%X+CgEs?;h*-Pj~Z%gYje9?W~Qe*Zcx(23lGTPZLrj7+q=oi
z(qTghH;TB2LO9P1YbOgZwbP}o6Wzo=l2LJ=qxkt^GP(*_`b*El+deG^>lEtg0M}V=
z@(Hi}py5+Wf;uB-T1-KT@5GA8u(`7zq+C;QkVq5JTCb%YSft`+B}U4)Glugj^d=tl
zzccYRS7^slCUG@VcAy}qc-e5FC!#O>jQyp^V8S$tvoM((zMQ&Z$dn*i%v?&U5@SY=
zvaFnD$QC9fWmJ?lO3Hi^>H0^KLfM!&;Y0}S;o)w`I~(R)?Hl5n+|H_6jE^raFU1ZB
z1AbMi_ocHXj|*$};Ge!;@=tsAz=hZwplEh8-+eIQjz@hQw%bho8?^W<>^a5vBSv0M
zM#B59@>+8zSvI~=GUV4i*%_UtdGTLiTE`c*7uES{6V2p(x6Rp`=gN?nLn~-A4+CDO
z8NT<Dcefrso6ow*)P0{3>uRr8deF<)m-cqzm*jxo-6BX;y}KGGQw>+znuMI<SYEAe
zH^RE?+ZOV8li7Pb+Uz|hFEQ}?)2B}c_N4u`8kx|XpYJE&h+ZA#<>rs;D=t&+os3sZ
zg)Mc5JJ+Rm-a1*lKNSZ!*AO6|)R`~lqs71MB?lPXi85EO{r>VZ2A2PYRK`?5ACUcv
zXh1l+kimS!NqrlDbo=bU!HUJ6yy~2CBO%<^lDhh`Sv51syge<h!#_6#*q<36=Iptv
z^GI1dN`n~>*>kb<@oNakspPhwZYXqAw$!+vU4l#fP_c8ozXe!&Xj)yM$nz+EDrY#G
z-`>=Q6|=?9?A_PNN3|B!DVL;sLHsee;5H_f3#2I_ufv-V4wjW6--V{ni@8T?%Gn!<
zG3jV8TuhM4wL}s$&dg#dA1xFL6ba7=3ru4$t1pZXBP~R6Rc4c-SRRa1<Ve-l<}FFj
zn91Z^sQJzw-A%>zk6c$*Dd$^SS{8<H&t`>rrITmgd04-<DPsh>v==w?Zwq_vd;~G`
z%SQ=+HT8bEDJwZhI02i*@rZ*Y@0<A<NOCz^-I_Q(Xuc=sTtUtWc?_V<o`vEIy#|gg
zpK{i^Jru<MJz7Mgq(}P6y~SYdQ_N=EY~_6`9bDHsa}y%Z6Eo5ta8cKON<Hu_Xhp$^
zokds#V@~Z=!dC4q_GkS~<42j`@Z($ZmKo+(6CG>frX+`f5&pyVunYX&)?>5FP;{sN
z$pu{4+M#T>3D?mc4&0tDqH`lFYcqhA1wo@a$ql0==P!U_1~(B?p5TX(UxSK(dS>zl
z4hD}iH?OoDYJOV=_h(wzxoKq1DiK9z*IF|SyaPvE`eC)oM?dvmh4k8>d?L7sJQ5g;
z58~YxeCyXBL--Kab)o)xT`r>;e#K{;{`<<N4r0#YMg~1Wg`EIu&cR{y&-|9=&2w{i
zoHyyIf@W^QhU}gx+~ducLc2Aq7ExsbYTcJxH5ii!W>0f9*(uR#QB}IN7~I>o%ro^A
ze%8!F4YbClCcYNEzP<oR1vO9PH^g(F%Qlm;6W1?xRz%=o$!nNlQ3!iz?ce=7x&{>P
zCCoqMhj+(ZdE&y;jCqX76C|=+;nD{9ei($QGi6H<mm=FSqen>FP*_2b8Pt(_+!UtC
zP%J=IdVl9}x25>`ax)H)E0)Ri3gm??El*+(3cBF;Y&oatPZDicYYYE2gpII6k&A$X
zZX5Z3Sq$4ydUw~3pZ!)#32aDr_)bic1StX@*WeVByg7qDaBp&_i6mp6J=q;s_JPf&
zmRAyfyM12DTr(w6JmV)X_hOAE1#41ydw!t;e*{e0g32wgPJ#F{i5i9U!_UvWy4tb2
zTFw%+_wF0ZtSe2v14!uo-=HJxl`D;}WBiQPK24?`l$mqOKatq8jxN>}82Ojc*daNx
z!Cr3o<X=%@u!rY|^Jl^&n#Khg;m*J0_d=SqyRaHO2-8<3_U^!Np-b52+m{(WNq*V?
z(9ctkh50+?vRJ*<X^D`B9c&o_dbBvn_NgC%C1+)Mr?pp6p#d{hv%zTd@q5PDJSwwy
zfugh}lYiiZcU~Yb<j!T-ng6q>$LmiYuEAv;NL+(F)^L5X5=WDRjS3cjWtb+e#Yp=D
z&Vjo0DOJH3*56H=cRlHTnyCAuVCJl_&)v2==zhLM{f;3mZ$rwgpNIKnb`B?(9bY`J
zfaIULY)_w%hf^Nc+j#?XC5x+b-P<cix*DC&8`>SIqAX31(aC!h(d_Iw=T}$oC5NcD
zq7(E%${m%dg^ZVY+}@TqyF)!Z*Av2Th~2HGKMIC<Pg2Tugp~PM^T%spG00m3TVq=@
zUxg@-u9c&XF~MXh${~{iMu7|CC<_WZkMn+JpP$PN?vlHYo{P{EMZ1p7%D@TG?<_AZ
zOwcjkE9c}>j?>9FIXyHwf8M=Kb6+WBxIX+<dpXEc({T%WNN2TRvtA!nyNnZ03S=rS
zYGG=B>W;a5*}r1^Q)qEmmzLahoGt%}Pa@WCjQ?i6XYDvc;S=+NM7wJV#HV;51o3Vv
zhcLBvRwx;OS(r((+9$3aC<=t*RA;u35r_Y}@1LcEqbr$MZ(jhZJ}fuQc<8BqJ(eqX
z1C^95Yh`dB)!3t-%ccNC7U6Y@@@vVD+MLb9g99?9AT0kn|BqPNhta7((Dm8|$y7xo
zjk<m5((r0W$msBS8{(+3B7aiR^>obD?9pP^v$(p+R5jDK&98J+J-KcX-ZBG~d(E|C
zAHh02DzHqRa(GT8yu_F4wgq)pVw)R`+S^1Eol+VRWsBc#Gby?}(P_`gFMaY?JpsKF
zr{R3=qwm{680H6ZgtsO$GYZ;4N&{L2r<Cra^t2rduGbhQhUO+21O<mp_oQ>n4j1zl
zgZzpDb=%Fs%paj{H1TBXYS?PCp5;{Ot6n}%x(*Joz{x+gy|=u!Xp@G+3y!*<x~^Pq
zSnOS#Ki^;8L;F)Nx?c`6)|z{!0IO@On`>Qb_zu&*f0>M=y-V~pXKK-lA6$&f)1|LI
zKXd51>9$8M%?H1}-rPV>0H>u-QNIIR_omjKMqW-aF_2Rh#Fx;%pxl_a(61tgzEZlF
zqoPl_Ze4xGGMTsTtm1z<FmaA>CZx$shB*w^F>elwVb(A@199(>)me@}P$2ze)Qc6=
zgN=-g@*`xZUkMcagQlTDlUt>ULkLaeSE#f3nH>lg{q*wJBUeHwo^?A6!}>w<bg@da
z<+S_PlJ1k$!<>YdGOEJ<9X$NQB+!cl6eB^eLLojS05wbmSQtJILQj#`f@Kxe&rC14
zw758VZE+QiN~!P|rue&{(WN!SH=Rmn<q2S9W=`-J-|Q4vw?QP8l9xX+w)IZvnFSc_
z5S3QlDy-3*Xi=kf)_?{R_lGrFS(WlMf1%N%!E7!83;);=S^XtKb9klETO`!?#-&F|
zTxh;K2#r9#=*oN4E8wGh&44XF8|qU=2QEd*M@6XJU`$uj#KnwFRMK3N0uirb1euy&
znWTe=eJtn;;Ho`0ZUdq?&}inv=ep39wN$hIKpFB_K-3__%FsIhBUE2QhlmrYN{0}X
z>>Ng69TNkWoRZ_Hb>)g*Rs8FCxUW%@BkkeWbRS-Yi88m3ZpFoJ{Z_l04dtd&Zo9IO
zv<j2Q{dRJJj?Kh8D(aV0cnlANJwq^W`ZkjYjsLOxgLs}B*+#ZFu+Fs<(rR9j+LxYw
zQAqp+Hg6Q9J^M`Gw9TT6hrjipTe~%QzP2vzRl`O6nb1-YYkK>|TXG=jCzWMx&QDIT
zazTv1;Exxw5+26YE@Cn;>(gG3j+>dhSyrr&ge0tElf=<TxrIy4t(R#R+L^`3{ip6H
z-e|Nu*>-niHBw0NDQClGlcP88maFBRoUX>S&z-A)fCjg_4&IwqLi{C3Qm4z~-BxlG
zJ1tCS04a-L@J>F1k2Vdn8hTI!M-+OXm?o!r>2|eNIapx)@0L$L?`{dttY@XBw?WXo
zigNSQGhl%^3E{-CYzY<^p7M$aA$#-6ICw2(FO|cnQ@w(@U@r1lVi`DAg-DhcEfTS4
z0{-Nb6bhgDaMW+_xt>M(!{mK3UzBEm#4IL2oULsi=6XDsBxr~+%!piub4+mUPN!+l
zT#<>t=a>X8-%iG?G5KSqLapawFYhw~V;{g(Ez2gB;!Hoqm_XYd{gOv-xjIQQ*e>71
zvWSYR*4&g5f4^lx=F-y5mv-aL^b?z+4g?rTsFkQKt;=GL$$KB|Fr?iQLoz?n!s62v
z8KBSEC3fJHM}Riyk*tO0UY%RAbXgP;FS>;|MQ0BVzXL%~P*na}=*8DK)dT&peZaI<
z=hiQ4;N-TGci0@hblf#Jg!?!H3asXTDTNVfzgkb3V_bdgvZnbldvEm=^vT)vt}eIg
zU{S$q$*4p3JGa80UaL1)+~lB@F%qBh%$c^TqN=E_vb45rZ&{NnZ)D5rF|c;F;hy?1
zN3JcGspIHxg;0#m)gS}CDqRk$do`uvD~w``FF$Ftuol0_LA_cE-HbXuZc_z?_QvY!
z_eE+li%iIp>Hfu}1JdlU!{(^gf!i<V$BrArbuxt-HF@)>C~;1u4PNb1IBs+Gr`N}e
zl@8aN-SFGn`rBKwh=r%~tuqM|xGG#6$2k*E$QW!_O4lqb-EtH@Ru-1?wU!v1i!%WM
zCwO0cg*d%z2?MZddgLmr%8H`}b!jgzk|B-#(6hNPz+!_)nO;>@1g=$_bZD!?MIf<g
zII4CTSZJI2=sIVE;Mp)adH6Hr1FUS2SWz=gK&s)y*chYi0`FcA&%_R>n4M&2Hkuap
zg=@0G3kGG+%c17pHjz1=W-V$Jp?#s%!=pLbBqG|7zqA}Sr{w+pWr55at`0jhsyi@;
zO2cWj!tqe~Wnp%xle4qqi0o3`s?@h8s%M7~Uz>J~%<Q{m-ibYqm@)3wqp>$66FbA=
zO0X{mGkTzcvNz`Q)@~L-9qlZP>3CZV45iK1Po$1)`Fd!KU9;d<GUX>qFY9Bh1eyzm
z?kl64SW>$n*M3>JPL)@!lN&>l=sEo~@-DqcT@HQsF&+AwH!B_0o@Kfk9Jdrriehw^
zn#eVqZhMivA)S`{D%^FHelc|R%Zj`Bx4W8&2MvWKw;bz*5I@cQ#WJ}-c(-Fk%iFB^
zwelwP8p<Ff#A$rDl-wNafJ(cg66O8T03*$cA}xwWM#hYIma>)RSo~k+Gy;$|&!>(p
zS<JER(y27=qd0N=ozgT(hv7*qpp9UOdqjsr)38FLHEsvzN^cK3y^6|w%cE)SYAWDG
zz+cCacIc`SZsXsZvjxLp{0a&htNrn|V`<&YA0J&i^YKBjy47XX2SAWW(pp6};<a%k
zI+~NTX~jcJVLw&Zz;_dW<MIAw6FD^}A<V-jR7P#iZp+o^;~^|cmjKg;Zw)C=m(WJl
z*QS%v7A6&<yOXS(MDZ&<1yZ;AhYgNJ$V>cMw1(y(nqzV?vVi=%pyFyRp248w_m*kS
z&<2wkjpnl%u$63|kTe5E6hev7hvnLYJNe8+Tu4Mk8Z|wG5ZP;D$ED`RYt-uLlhX!9
zea?|v^pNQVCvI$~7WQUydsE5}o~}rI>4lz|BzE5TLNbSua`YhYXY&-FCywJhs;4AD
z5{rqnwQaV?ehOa^zK^4Zj8)zg%<+XUs`~-7jc63^W>}RUvjH^W@X&O1CN~=x*tF#f
zwlgPG@&kGtD>QZES(dz7!XL<wR!e_4CWDJ|v2whd_H#u|t!JV|dvkp+w|+z!w3Y}(
zCJr6w&_^&1=~g*PQ5F%OFqLaKTsFeOf8KkmT;qi*)Bg>xdIw*wkTxDPHDoDXP}|l%
z?a1PjGMm<R%sYADsVFI=^}J|WLcnK58vj6C&xvO`$o9CLdYyRPE<HFrw2xWNZ){9T
zOKY#<tkz4(@AuE|&kw&1KU~}sG`-2DkG`%gI0Q+XOi$;^?hJ+Sjh(1yGugBQCqfJk
ze(EI*<dBFFC~P3e1O>V&+O7C|sBC0J7Gqv%fIz9FsjR81ri^%927U<;^X2(Fry;dX
zf+`@b<*$twR3@6VX>m&2OY-<PHxJ4p(S+3=1E*wV^&j|;QUryN%cX>dXw(4hem#G@
zJ-Ik$8^ZLG7eK?sM}cw?dac#kr&Sq95|eEh8FvF;o)AREDxbybg3B?qiC`OT(Lh+u
zlLzmQaoC$hmr*>p_BRgZ8>)(c<Wm9(&l-tuJ(I9mDk7&0lI)xIFDF+GwR<?OlJu#X
zAE$GYYw}zeo&82XbT0}aY#cmEwT6S8T5J-bHIp=D=?yj6V_*1_DDglDGxl*DK_h57
zcA349&S`8)Z{&`{&*Cp{K2|3@fVi?IX)C3KD1^e#ffS5>6^`X?noMII$zh&swfh-b
z0MUtskG&{EIHPB3fY<cdy_uJH6MFg+X6mr-FV9ps6>hgiRjkhu#mq~hML;?DzQE+C
z2#G-6szhK}o+&&T1LB<+Dj3_}C11Z;AO=xlQ)tif>KMT2x}vg!fmv%~ZEdY;+&7L^
zOYH71edUzRmI7|AD45V)e%>|1U&7f>>k=ADXE*Y|4wLP~V@uZCW>YcQ9E?vQ^1qu_
z25BtR$@l~dD=|;e9j3~lW271V(O|0Gn~Q>mEx+N}S0^vxwk#@>2DZ|&oxQ73=p$RW
znGI^$=0&XN#!R6ySSHTNXl$wN4feM3WRwLKMuCQ3Qh%Se4D0P9VJjBxYhtJo%8)RX
za7}{LrS8`7?9=evy)f>zzAS|V^7AO?{P_!h9QXvV1n_r@1-lc-#0F&*C1JIHg`0ws
zkZhi#)M7|LEweDUhR|!GR4SC1LzCoT3FW+<XbJcs6NRMH<{C;<+sgG|>BFBkIn$V&
z122nATsCFc4&?8G7i!u1XK4HeV=Z|FQeLUCP<>TBJ_K)p6gVMsWrdtqVzUs%4-C`z
z2!_6v*HQZ<xsaw<;);PK(UG<+!`)bk(qIH5-%pfw`=^jD!jZxW1TzK-+!W(V$1_SM
zXMWe1n0wJLjq+J?%+=mBV4a?EH47xfzVnTa6qjwaU--bYqtJEj5aeO|<tJQxg!s*T
z>LB2MLA|z9rOF}E6#KA^4m>q^J%wde@vb1u6bmKd@@e8-=W)JJbjV3}jWHq_miUNx
z9N*XEI*I&D*v%xfJjINYX-)c}2PS<<WhD!WGf4#L7ohe<W`x34fWI_W1*DZ)E&8OI
z3(58+`-f5KVwukfS22ar4HW?lI}#wx{xCPd!ueOkC6W2UtUNTuj8~x`*qDNmG^G;a
zfM*o!V~^)B8HIr520FCWElw8e33+nXZjD>(dLk7aoo=@~<6@H~E&Ll)c)4~wwg2V!
zj5@{49>Z(c2x*GZzwF1baKU_?4QpJ5D{9~41t%y$W|P&JDXGp^JpOO32tz6K;2Yep
z$Vfo`UMlI-wr4aTUchK3*<Z$VR)L(6Rs`Q;;eI<VUQTwb)7bV_956OrEgAekL2N3r
zLb5dvbBAggj7_|i-6$A|1VqS&1j#!vyVz*v3q$tH94R%sO6W~W=xuwQv)DG(ec!^_
z5=xZg!)YZj&ftIdk<y^Iq4@VLH!Kl{NImnw8yW<}xFT0O@~_IfTHx$*3J1hs{fuIU
zeSXQl>t;bAR+&+@W$s{7p#f)j^EoCx*|a=gcEv)OLq{_4`hrkQS^k^;SQYIbSQ2I;
zG4vaAgTs}gbZj5hb+p<UNT*QGxzYKJk0|WFiV!gjYWo}fL2N-HO52E$+F&kdprd}G
zu{+;digg=<g#80Si8*#Zp@R82o1b=WkYC+*rfCf(Z?ZnYAoXyZqQqfKWb(wxzd@Ci
znusWbw<UrMdCb$&7~o*75-O>}vhb)@Q!q)LQ7JQ0;cuHGBqwS|b10#Xq>|JH7Y3O$
z+hHbu1KKQKmTim4F6PKLq~vV@v#@5Ei$Tj_Ie&onY!eUe5vI#$yW?khCNBAzkq}bA
z8bq`-y;T0e3aZxy6$^FM=cCeebY_8ghMOf4bPDdNM*JT<$-!XRzId=BFpTN=h7U0F
zc;y$&_&~+L2JN{zTy)9R_@A;ImSdg4m4enI_~<()AbCOXC)1?52}x#AU{q6-*!xcB
zyI^Dk`k+|F7CY&p2x7yh6m|eY3=85Sn1o6;2+A;F>c$#|MjiUfOa6uR<-t8HHJWc_
z#pT<8d?$zvCT;~wD}D|2CPB-H_XCi$oq!uZ{+{f+pd*NffaFSAjKmpzRA$p`Vbx!S
zed70TMi=537D~o`%kb9Ey>QikEN1I^u~r11`>5Aor|M|%dhgv#Xh-BzKlgz=gxPn-
ztj^)GP{TrF=qzkQ;^gW@2$EpUmGbBR9LfJa?xn#K<Il-3BehR7{c|ECbli?c>cjTO
zUj}Z3oZ$~l0FzYxDP<ii7;vVG7>f)rbY(Qr;*Bpn{u);&87(o|sv17F*ZpJm&f8;<
z?x@Y>RyvGqP_dA5o>zttY?Rdd@SEgFoy=DnO?(S3hc=rMNs3o&oQQNw>0c)$Z~}d+
zvXU~Aram<MLLxp?3C4MR)iry^6?K3V_q-Z|rf+DlpnYF8JveQ|%JvB(#3vyMXWyAp
zVkdZ>)TziIgtQ<+VUVD(FuQG*IokgbE}K;`rEdI@7bHe@`aWujXSA?*t&|WQ3WJj<
z3zC<sX{tyDQ5S9{Ya$GnUUrt8mlpbw>IAQ5m4#i-DqTR?8O$1ho@fP~rmo1!da6)c
zs5`mfGh1`+L~FrOdJ<^Wr@=H`Um&Eha*Zw<H;;lh)(-^M071?2|DjLvPxkqkB7Nj9
zBa1&67?xpwLw?WG9o7{#kcqt}5T0cE3o15*;ZT_QB`hyo$0Hpljc&6_b(`U6B1c61
zwu{a#BcUc<EKB;uw+x6CST4bV`;$yx*2m1(7dua<1feKKs5k3dA{ISG79wV__V81s
z&g0<VEPDjqo)@eOA7n{%7S={tXqSsJUu?_?Po3M9Gx!T1&L{3y7yaK<)LVK?!-?r6
zo!Q*5qnE|ld397!2qGRFj0(@=UePR=X5s=LfF%cQzrvN<VDI7;d`CAIxWs=}Et~Cj
z%UfAaX1>__damd!7Q*3gWV}Ywo&y_b?8V281Q*XiF6|St;qaS<5x}(ar1NuS69pN-
z@<cW3^;@<TYbVFfY+&?dt$gJv=hH)()&me?@%oQo(j%!bthd|f4*#0mqx)14$`S?%
zDRw2vuJeab6jW9?ED92n7HjCNbX@SrV7DAyZPni!e)xTs7lp$HwjNyh@LQsR%{ozb
z@ipp<-EzG*Sz~7|7f-Xbl9oy-rwJIIu^HdNRMA&d-kdU=Fyb&#L7V_VRs<00<QNNX
zEc&xlZz$N7p%F%=;Ibl@+FL0C!Cj?5lok1ZZTdDGH0&THEj>Z|HCMIw{(o}MmKu`I
zjU*MO7L&|kWcmSNIF`-QvczL1+1(VN&g#u6lpy#V#~n((N^3B&nNlSDi98laMz&?5
zGB8zdtY^V30o_s!ye3aRCID^66b^4sD-511ksfCuCvQYz07$m?347*gfQU&sZ2eB{
z9WM$xRKMIAA9#DZw6NihlOSdJ#xyFWdsag4SouuTwH%+^SBa#(^#7MX#_QPLid?nK
zYhH99%FQ=BqCpfE&$_;FC(tlx=~xMPJPJE_9i-p!$Jfl5(Cd#L5)c=RVerz9Mn<_q
zR#AQ;z&Ob5K{bPT0uuKLfPNH7rS_C<Bbk$V@ls@id46mb!4S4Te*Hy3#@x<=eZV@w
zUvuIFUeyx+z_y!haK>Kzs4M{T4sQhSXhipb6>atTUq~hf+}VS)*M{=KnYK;|i7%su
z8j;Cv(P%XyosNda_L@d8Z!@P$16%`m+Yf}FK0_5sr0L94eZ@nFBj^LheUXq3LlvGN
z!QYAp$;o49nem9xz9>o1Qdm!9Aiz2pAU+v6R8ZoNwKYtmO)!FCIgfMx2WM-rZuYcP
z)Q^`pIru-RYszMa5$RZ{U$U@WV~`nl#f1i#lMO*kkd6IKp>wk1q3QI)kHWy3wuO1~
z&MKih3!1jD+L1k#q?wFWW>Gy7hbV332lA;5pycVab3=*Xd2s~;QBsGZ0$l}(Y~{pd
zxdsr#n!vzmDTZkI`f^7Yl=}qp!Rf!5`Y!6x(b}uu+Wu`wRIlkj_@_mKz?-dfS7W{o
zj+)j<+*-OF-efbB$-8sqE1(Zq`AS)u8qax<rdM<uz2y5AJKyO#?phA<d{>$~2u*Ah
zr@Qm%+B`Hh*ShZ$H@x#N{x0csyj^x&wVzf0JJpTgPtEY#LQ{1xZhpSr^y{jbXzO<0
zj_ll@jsN0Pct}}_L1S^rd8dwEm0&@}PGSMIGFLP(3D<<sP9-mf&&&lCMnc=y%nxOk
zESDukjT`5X%-Kz)pC(f;jr(ywHkb$qWyKSv4Ndpsgh&lQq|nJXJjSFj1&{>?>W32r
z!r{7i%T@})CB@t$&uggI;XKt@kBe$!*1`Rj<y+M=ZMP1f8-bpB%<PZ<6BP0<e>lDp
z%kg?#dAqvOYNWK<8+PIQeBQgcQLxjmyWqh1dd9&n3(|eu5A9ssT&c6(Xa@i&e4MU$
zT{hiDz8iq<L{3pG7Ar4~k6Qyflk3e+=`<<6o|4B}EaT`pb#d2=dowZWy9j%%768zP
zO(Mui&yStEQ6ADu`{%kjnz2cmwRT5+QEe|7x3>)rckG~Hk0A~b)LY-LJ(oSZ2NS!j
z)|$;0il;I;9lqa~-yKe6Fd7VZy4`)rQ+05oYtA-4jTD`zCDFFIzSy0_gTuF#plo0e
zH1$wmLq|#FBYYA=3Hp-f>7(>8(6$1Hf#J7`Z#5eUpc7+ZCqj_`*^%QkV-M<qgBot5
z04s}0pvi_NQ7Z@XMF*P5d{9u2z3|<n)w{}NEhE0NUn^ru6;oAj<8uo}Te9vB{q7`;
z92ZuF#h}mpJUdY?k;~%qdhHL2h{ol#RM#UtSC2?3WS(Q=VOiJfl##-<U9*dj4(FYD
z^W?apc)c_QEG<3#k4v`0?UL>P?0z;`U{R}bPf!DnE*Oh(pyHpa=Dr`viGiq*+$9Qu
zpR&;W0Q)*Fh~fEszEV;qKty*X9c{5(<9goX@9T74YfjYsIB2d)_-zf}tR&-C!WP>L
zb%haNwCh$yvDm<7V=>I_v7mO9nG*MLdn*gOHL6p4+vP^XHl^ES_DEyH({o-G`JjnT
ztLs(X;lN-NldwddU9T%C?QxtJ0wio^X4YUl1%k-?@U|5rvBH;IAnx9q$i`yS@{rm6
zcD=TpeUri+)48$e^}1WY#)r))GuR6jLCO~@W-GxK>c93uwfu^a7gu+!paogLC~_mR
z-kZ@{N`Wc99&XXC+H8m0zq-ypmBnJFG;D#@hl(YD?z3m7JtD*~?~B}<N;~X!PeO^T
z_6`GAUjSdv0UGM7Lz*9N>pGGAG~O0B4;g5xp8)|Nzvl?RTVm0gH<Mr%#(YoC8;pk-
z(`$5b=DV9@Uea=yl4aj;e7k7bay!bhwCTJF&iObuaX5OfdvkOV8@Ay8IFWZ+z{bYT
zenEf+3}zav?d--!+#t;W&rEx}l<u#$Idnphacc_x2PEyZ)YR1fx|QI5N^G_}tv$Pz
z7Pc<iW%UvG2xE|AQJ6@W6N|$gHYKIel*oTQpvV`}Yc`+H#tq15tGA<_h2e2}ny%Cr
zjh0P$k}yBtP|V1a*2qpvrgid?k(n&}D`4(l2gL7~ql{TxlxV~_CY_&+ZI=G@F3>mn
z^*8xw%gx*U5Ri6O@;>9?GPA;E;nSC=dbQ7UcY9lcVK}LiI%ik^&x+|w-!*2V*%SYD
zFDTGpNwzyRE34DX?LiFR>oFeRR5q`L$apap#0`3ce`oD+$RgfV_tj|okJ%%NqKWDn
z*AM>j<fzy!wWdo)V!qwds2DL{-jkCEpO*<;ouh>ZPx^cu>sG%uf$QF9Q&JY{xvog$
z3lT^NwNT|+vCO?;VBuhS4bR2O74~&ok^*L<aa1=MCETZzAiZVAX-n`@6iKaMv3vk{
z)liuT8r{h-(q1Gj*YOTxQsY{ag^Q%y%jJg0xRlg81@SKW)CU*As=h`niV~y04}^h9
zW{5g8`DlB4JI9LK9UZ%aLfV<fdEH2Fv*k|Qy62s&%R1x3Fpf<oj~f$%0|U!7)n@HD
z2Napr3>_8yf#jbYL<-UjHlsIo4o_U#PF!%FK(LoUqPQQM+B@Dnj+<j<)%4$uaxSf}
zl($5HCF<Mva8sIFyJLd}`kH)))^kuZny51~ZV^inn*Q#oX+$yRATe<ZhqJ9x3kAA4
z?6DG~*8G9@vq4a}(F=2!x2O!{j{y+=E15H_`w_B=1BIKN1fR3#gw4mp)B5`Q^uxz)
zc`<5>siF{#%ANY2?Ar&#rIuWNU`|6z-Rt$s#|GP!?{WzBYJJ7fn?vQXY^Bk`#QUi?
zMeoy6-cjCrp!evz)>1ZmIBlV!rq&z9&Sb?oO2pzH+Syf_X%6`INTt|9w0eBAG!`*x
z*xS`;JWghlX+5^m+FD;N7UG&XEf^TsQc;t)$BX&FS&I0j;_e(K%at_ykeT&9kQwLJ
zem%OCYuLNho9MldoD~9ZHrx9IVIu-7{#$*WX~+p1kFPiW-yeue)-NMioL@mXFGfi}
ztDYwY95AMIYVYq)lmn<dDm&TYX7RnB_2aqkjOF=W_HBILGzot!Au^WqJ_ccA_fQ%w
zl=$)XsYJ5pJ?GgGTT<@6$X*OnH|!P2^T%zy$@52Xl;nhVv#S7q{1CVDWD%O_%}Pv6
zEHhZJYT01B=r)syjf@c!Do~PP&}AxS415OBh#FZYV?iIR^<}!=Z<yipn4oK6Fht~g
z-d=68a6}Oa_1M+|fQ^ESIGm(6-(WfslMC!q+9{Bd_xNfM535T(YfJ(jUSCb!jNGiO
z{$8$c7#$eFF*P$5oiXbB`-L0$iVBY_?64^g{lO)3gXml5bm-%1g@l8_2*DdUB+ID2
zKt;#k{kUI<;kkwCh59Oy&*@8r$TN$y(TeOR8*;+SyWrZf#q@NzAt0h?*5~UK2ylhU
zHz$rQb(mRKINqw5)}r(f$47)O;%5O@HPO&{Z^^q28K06LW;n4-3+vCg+_D`WYs3j&
zyBC!8(R^e`U|z(+Fu9mMpS7h%@p;|M`S>XuR8esb4FT0;_3|;>{FC7L2Gr8iS)IS^
z2MA_FX8F;}TzZm&x91yn%0#4#fJ!A7BLgWI#jU;hDf7xmaA-R_55Lw|&E7a@;9NT=
ztCRD0x92ks2OBr5lQQfcQzvZT)CY#emG*Uq$!2wL7PQh?GiO=ZPZlbH!s84{nU~J{
zdFcR`2V+B88#6O3=``KdFQco;t$eN)-kGnt9w+{pi?t`xr^kzuD~I_K`AORxxl7(K
z#-r4^(m6Q2Oj%qMG?HoN(jO{Fkf`v42?DWY<&?(Zk^<rB6}GwILJEk5WRgCMo3+YH
zDq)9@ZqXDTH^xgHOC6gJ)eo2BI=V}5m)fcaXq{aeT`ybl%VUbr<a`7rVCcK)RU@xE
zA$J%*KPy{HLqqe1o78l@f_yL?RBS#2%ky{t7{(eBFv1k0ENxD{2oKt)84MEV!Exsg
zH_2I4c(jgu3X8vdOs?`{9BoMR@xA}8JU7wd`p7Xp_|RTIV7IL*oWDQV+>iNX^YZ6T
zE@h!Q=$z8-BCZ<P9qQ)0J5j5}8qar6-scrXvz(J&yS;I4o`uTLptarw>K;h5Uf$Ho
zK|Ke0g}JffZG1U~p9KszgNxn=klKBqf$w@8Lg2$OdzVEX;2F`N)?pqaLP8sb$7>%*
z$<NL-mmU`f%n=$bM!X;5c^l#qiy;lB{s(cRHd-ft_f9p3S($(;F*9>gdfR4QpvPa>
z4y2bdjo%oyIx?KfHi;&8GHvNd^oNv}f8@^H2<2`~y(bi+z{33eu={T>D_OqZ#KJ|l
zd>|S_1)6_wlyr=z){Y*+RBw+ScI#L&ri^K|YW4c+4<_&sOlr5}^P{ri1}YB6vg2Ms
z(dd46riLX}Y3fYgkDp5{Dkz{CQ}5n7UzNiQTwmLA;P3L5sfda9sKL4(D?rU*zihFP
z6z|hHn0%0n9mmM-wG*HY+P})1tbJs*(jeI0zE?w>CKvjYc+Vc^c^6z3Zl}t_P?X_2
zsa|Z>?i!`%rj4*V$a;KYaLur8#dbfunZ0vh@CuKBlTQ6~*f3f@%SFFumyOQxUT~gd
zzTd#Z!bgCC=NFJ1Gsohu(g$OIr}ljt=cI!a)MvG!UY_72CbXHMtpoN94!}%XJ;xxS
z+ugoGY!XRr?;U!m15sns{WXcleEx=7sALE)MP2&IBWoeZuQVgQ+LEPgx)5}x@s-?Q
zA)+&e`NA#YEq_o&=^3gx{^W(7VG0)bIWqgS<m-4uv6Htc4fk5b`p&9Wu$|ZHlu{BC
z;@-ecAHFtUwnvnejZ95XztZI~^LW9HjNDvyu-*n&)zsbXy;Qy7@pM^mzFe2Ecz?gZ
z|9%~?IzH7_pFe+vXg`w7OMx6jdhdEb@JR?y92pn|XjDla_->Jx69DXDdjzY0?38Z2
zLm!V4j=^Ux^JTR@mUJ#rHT*T;8#zH2Lhl7R%O7l7JWHP534X2H4d>VG^t{R_5Vk<R
zqV=hGCiwc;_3`dFPb&&)IQgxv(`3CA2TsH87qV_0gI-@S*mPX|7XUctww*n>;I`Wx
zlnFAP$?js+x0p*pmTn;9F)YyNr_rj390%K5&3*)dKc2LZ0ENSA!72?&Hq=CmHMJHl
zA6}VLtkiBgHU(P}U<wE%J4QH(){nipMjGKB5OygO5*|>31_O-|BKdKRq%@hZP3BoR
zPJlA5Cevn~T5k>l7bh$&DF+P(EPNV~U?_VT%)`q+oy$%bU6+cB2DKNAIY7`V3h|@4
zGeOeL4*5k;&RTh28?-Z;ThFW>kUGW6+T`Ze1`!YkM_|TB@0Tmi`c$$@aEi-elAovz
z@XY&73yPSOn0Q@JQAp{@0CJW~`oX8!Xu2|QR2k{b;8G129pe8006k^MjLZb0^`<Q;
zH#g@QTsugz5+*SRHq(#%Woi_oNXnxU*Glhv5S(Q9^BoQYpQ9%-?B%Vdf)#7*{(WF`
zjUOD*L0@MEETYsN!}kX>0wl$djECI$`ZByGJJfb6qhH7{*B<^bI{PX-M4u+8e~57=
z*3!w(!iDM8F$;e@$r&Q%{#X*+K=R&|{Ay?m2-yr$QGoZ=90EuPS2UsLA{&>t`N~hP
zjINNJsIasI=Dd1`?B#XB+CD|>9{Z0v;-!JOPh00x@@qdh&c&2^O6!-gUsl*s%_H<0
zaX)$~q%XU@B*(@iX@qZPQ?m@`SCL!+Hdf8*0Y6@-;o0-{HJ$1#OOO7{8>1NyU2!ih
z@_Q>IXwW3=s!^UNdCVju0%Z|j7wqL(nJ}xqv_5cGYy4=<YLLIqv0W^>U++-MZZxwo
zmXy2I5Isn)eBHdPM@faWlAE-PIdzpNDT#dl>^+>iiFxQ>dw!-v2oW9-eh=V8g0jD(
z7?m_6l7a;T(tK{r_-cPRlXy=|N(mZnO3KYco9GkHWB;nJIFP8;Y|*(#GU)w*{1FO)
zY|_8C$_-xArG5Rn7F45Hny4YIGGGnAwQeQXx}GG;+r}97>&Vx^;IFwMfSxHoUWSMj
ziK@EkQN0{enwmgs97m4R-Q*#!&!{7SV20`|r{OL;%jWgs=-_HsWAkq~D>w2H{aP)T
zcge)%qL6c9EBa7Vf4_ghNHjPE87_d0EumC7Weh4Sz6Ci;J!FXZ3WbDII6(#i6S~WF
zDD-Oav(urpcxw^aQ5pIt4!6Cx4M%QPx3Ys!hxw1$&_ir6cLlacsv66}+d)%OA@9+%
zB#Zr>I|z?eMIv5Ld}P(_#D}xRay`?Nc(RBTT43gGhCT3R(yynGlbo*?pITKcW<y6r
zHe299%-KxwYJPD?_ZtNMsN(X;yEH5eCMNpYrmyd>Ny9IZk(01#Z7Dx>KQ7G^iu&dO
zD$2@PDIRU@?XToI?hF!<ckYQ5pkqY>Sz1(`;Cf!ou8bD?1k*V)PKty?IlH`Vtj#J0
z{F4058VSU^Rxsni)TnugoQ-<4%2ir0G3*T6HI=2U9#7UB_*{0oq=-SAIpNz2;gclI
zaaxcBojkx8V2B@T$U-Qs6g0o$X=vHnGT@t<`@;CLD)eS}WJ{<{++Qmgzb*z{&rC_K
zO+{~Cc<Y#t@6RLd<|8ld)Dv#$Gat;*Ha4at?R;hgj1rc%!D7t<vmhsMrAB-_FcGa%
z)|KwE#JQlH3VXii?;knNO-Sk9%9G?@3)a@KTRgpiOvACWhSq8YQGvu%+oqqjUC}*L
zTeqbXAoC2`tD6!-QuZpv4O6KTRG0yU)_NwVYTH|HarvQ~x$OV87Tc-Vr(J2MyaZS&
z9vX9iMH{6g9^?QA0ZqRSd$(V8$|Tv%93BNE7q(X+p?rtN4w0#Yy`1U___<))Q8za?
zE2Fm&?kvTLq2$(bSLU<2S(rQ({j?ZF|7OF>0eBfSz}JxrfBvM*!w)Iu=WklNg~Y3q
zla*Gxgrzf8`8G~96_p#p+IrDqdH-a2d!jscpWT&`9MAWYk{qobYxpP&r=|zXIN)!s
zzk9g5$BE!alkz};qpIX@QjF>=X}#qhvyS5)q|RpsN>a&65@@+iVL2+<chrj!L@Fq9
zX24e*X}Lx9Q%Pc@BL8J%R?=#4Y(j;Q*Y=9de*I9Bd`h{*do_K^3L;Sbvd%uy{X@sR
z3m;)iS5s)|)bGa`u~Z$lwPU~16pKezEovVnvo^QC2m16$+hU>H<FI`hmO!zh`mv~K
zLq<m4?A+{uY8Q*TS)mt-LPjTIBj!(5hNI=tZQcW8=dE1l;CTLZdE74a5qHp{>d{nz
z4jpA$U3X&shG4|+Waxe~l%f<L1Duv$5SL0Nxs8Gm+{fUL?^(g~Od%a(+39|eq=rtb
zC81%oQhy+wOiv^_nBYplBXiaB#a9v8i{LgH6G3x00sad$4*@BVuWoWL$;I8oD?_yp
z{Z~PsDTA+TBt(MBWN<pRvX^pJQC(S4Sy5hDpC!}b(NVw{PisGcL$El&@Rx0L1bs(Q
zDm$`>=g<qEFb_H<#OOUEPP{`r>S|UVx3J;zb1s*NlGMj9SL;8>=8V(giia8Rv0Lg!
zqzfp~AxcWo0Uno|T^Kss3$K(sBHg5@^pS=$QFF;r>%|2L7#SjkDXip_thbx7(TQ8;
zuBL!&&Th%$DAlmBjzc?Qw_IQ36^Bv_5h*GTHv?yzOppMC1J%T%qN#%M)(w}97wOVT
zP8Ht#^9_j1GFMY<gnBpAyu&z%rN(X-x;2G|+9d;FP|zpx$0uC$;|1y)J`+|~Qwc@I
zZtca1+xEl<rim6k|B$@iuFQuz3s#W>I`BbC*IirV$CZn1xRrX8$U!w1r2s$VaIO5F
zL&|q%r@dvzWqY09J22FQmf|=NRDi55H1BK!S1Ir6y|+=<P?g0dy92rribtR*sxzaY
zf^u%9nO0u<gl;HaD;HJypVg5IH?eZ^Bu-9F4M@WdhCD?$qLHli^YaxqH@ZuI|Az3L
zS}<U`+EuFwWdwQ|J&5%?A5Rg?3g5JK=GjHrHe0SJ)r)+`giVe(+AmOsIi*&ZP9gqD
zNjs}gmztQA_@#++vX;wD75Terp9nWx%~$NJNVsfMNqcy%Znl~<H75G28#l0GiOd_(
za0@mQn>3QEc=nf8mpz@W`lxC*-8cSFD_1kGgAfdCWp0leKdE}yo;M!vr%X}Z%80EK
zJFfpcKd58aUq$Vy>6s3?a}2s6qMEasMVs5<vwtOW@^;*w&M+Xa)0Yhx1#`NjG+|tp
ziZ2?IRIPtN8bdWy_!TlJf({E%qTKku9#4bYdN=w3u<5ybB$<<#OdM<-cM0>x=c1`_
z(NWLT8}<W*<kNWmVTPte6RQ_3&!-3rnN&J7Je<wxQT+WkOTxJ`&2ls~Ym0a_2L+tq
zj}Sj@)g&}kF~Yd8o^mN=qoz5-QZURkxZvSoa%p7)0|#Z*qP(Uy@EV?X{e+Py=k;Ct
zyCVaT4KM5W3kL_Ql}o%gGg@im@51QFSX5P{p!INwp*p`~W}vbFOF|Z-1>*qp^D|ru
zlq$!T$MIa9sWs$a>>4Czab!@q{t)~RG#M*@Vf==piWRT=;f^DhtHiyqgB;`tq-m70
zgS5e(I>nT0S4|BK%}!G)Rr5LA%Icbx#{99^&R{dX?tJCgFYg5wJf1+SuSW)a^S{@z
zvl6jB)W2_?8Di`AF{BLO$0h)z@cWaSQ25xYMA0Q6lqgd11mV6Ry}0J_#-{7O_{n3t
zY#6U3*NVazRuoPx+mU#yd}p&nLiQ^6W~$rMRZ#CcrEejZA(_@d3%R-*{49lS2}ZC9
zST^(j9Fr>UaBP%g27zdkr;u?#`8EWRz&MIDappT^@9(Wib+~(yAXIG$e1?MicEaRd
zUydw1yzfjU2p0W1=4f@beKy1AsfnI6?&@w9Zw{w^m~?JPR{YOEVQX`(<)OF{GpEux
zE}1WWQi4s=q=L8nuZgMQ$!W*u#K3gc#&Xf!xOgm(EFPw6))q%k6P98lZ7GSD_F8%x
zK$G-~C=L6C=hFh31-p$yoAyGO#ZI-8?$zh3!u*TzSuw;+kM|k_O$#SQ&GvFw0)BfN
z?x2h%k>f-zJ?b^IG_F9MCX<47aTZY<*nMx)QH8e-_?!26U-PuTWb0AaYl3BEvFB_o
zb~-`2_vm3<^T2sYHcryv)Hf7wRf*@uLA?<1=)05t7F8{Vck!}zjrZG`3OYxH_yh{}
z<+GH*C!Sy$lq0{TQyFbhKoMcsMr`eZ6B7i-_A|;yy$I*RHoQ%pTl4$Wv(@XBCnoO|
zEdK;50q*H(Yx`@+#?H>7qMD|$w)!lH+?QqjTLD$qb2mmn7XdIN)=5&hDJLam*cFMo
z)dq`YSzZwICC#!#T2;a`8sZjip+~8ahjZ+&_eTDXi0~X0JWh2pJ6Evf>j427(huvY
zL4bh>9rYaPwq=|-&aiB)uCD#3qQ0MQ<rVUPs<z7tTOcetL<pIohrc+;uvrlnaO|Qh
zwo*@QC22}{Qp5mtEAXpMh>rUsJ~$13`7E4CE^C}s$3;_4j-Ow|I&5Jz_pwl|_}=Px
zn%k+o(u2V<A|4_`C=Lvjpa&ltQh??$=KrbXtE1X#zO{q5xEBq@U5h&ehvMD<E$#)1
z6<XXSP@q_GEl`5Hws>)Z2dB8Z6#2sYe&71mz4yPn)-Ur%GG|U^_MZLh=Zu`$;dkTk
z<kIT3yEW^$j+TJB^7YR=UB~hDT<BTPoJhW(eBPS;WYyuhV7fj#+LCe!7a7N2Y#VnG
zN6nC>^kzYpq5uYwKgZLWS{O&5(?4-?VPWWSw5qD=xTpXTK!Jj=eOT#OQ;(#oYl~Lf
z4UZXjK@&tutI%?Drf+K691%9wh<->b)vXR2`zFPwM8~}<7m5G9AW-_3qBr<&?P;tA
zn~mFD?QX2<;!bMPY-=X$&6Tt9eP(Ez5oZI1REbZQ#5MrvRAv^;Q%p4;QW7<F$l@B?
zaQar(+FAK`;e@rS;^oG~`qrtNYOK}f?QW62s&8N6LSB!<`trTyTv&yd$O10d*Ao2g
zkFm+?;lu9yfZSMX_|d88(jZjK?_n*nR<~ubDAX}-sCeaBAVJjQP_?-SjlOwD0Bz(R
zOR}<0#b!vD+t7X6FbWr&@r{Ma?>MP@;r2jBOT+b1=<9K)F#~^I6S^(30KSdU2|-@(
zL|g{;QWJ=w2%V{^YcG=~Qh{!thLHXi6~ir3nmw<lZ`Qr<CFK4-P!5go#2EP!kJ0gU
zr+&H}5q@-S+;~B-kJSkhk_)Sf)h+7xHMCN+#JnV?cI!0?>)-RNL1V8^<qH`ZV{u}8
zRe}qrCPtG#3>@a-$1^Xh)s6>hh$7#)sPn>uSz}+vid$VFqBuO93`^D5)$;-qN*x?|
ztNH7WS61Nf+os^K{HEUT*pQ!5SB){N=8MuiZ@&wM*|?@%(<?%Pe1m@e{D)CZxCfVy
zJIoACkKZEa?|;<)3{f+&j+#q==L?GC0`0$gKrfbG^WWAhH*f!ncw`evjpMfaSOkwD
zi3+b>&~ByW@sl*Xs7|11hW|V>i=GGC!oN;3R_-u%LbLG|e<M?fubpcb2h^u}=owc;
zg)E2ewCW^&rhO$ww3bTP5#*hnZZshzYOiG40%7i8>K-YNA-X0+!V6UL<S-`o{h|Ls
zJXU<H{z!rT<fs8k9K+{#;frPYvn&FQn*{7(!%`f)@>LUmQ-~%!+v-ANfEney(VIol
zg!^d#;J?=mg(0>NtGGzpwR?lor|fZ#ehtqVGVWPPY7-IKFnq^Xj1XDDl&$eO+Zw5I
z-$|G%>v$IHuzO}@87cez!R&`=?4QEu7m?Tq9*mB8#p+6hqixqVC44y8_Dzg(23%$J
zGgsi=m{3iau7o%VKusp%1ODI(Zqzq6t+QNAjx%^~^tJNwIBmb?qgALvbW_*(#&a-7
zqbRfIO@>CY|HXxR!(eE;VsD-13}$q69F>G;Q`e1E`Pt1KWVW@rtq%stR51Y653YYB
zu9l%sl&!}|v;(n&kE7po!UCuB#)R-re&xRR87y(w@Cv&x!R=xYcdsm$Yq1|6e}+@N
zp$r_-5yV~IUB|OXq9Od!KyvLosN<1QGrXx~%YY1&HLTX=l5@plmWX<%A~+-;JoK`{
z=MQH#)(gMdx2wpe_pMfgq^<!!!JoOZhfp7zh+nGsyT{+V<zf%x)AWBNfq|XT9&;&-
ztmh9-Z^1yJy|l0BT^p@~j`>i2U49{flV)f9jBg=Sbm#K9;J0kH25NF&N9mcll4=T#
zv*=MS&VGkTwO)q5vY9x*6^kykG>7SEw4Lsj?PG39s4rVv@usCaaPgvuEg}bwZ~h{~
zdjs)qceJ!*pu%Hhq(;9wHZ<}M)Yx0!4By8*H1hk=y=kv%cH=dPH=Xx0?Io7d*@wND
zjUFP)eX_IwjtXjr$cXUCt%E?l@KbopH<*E>#%E4D+JN!vrJUQt!+GM+4vrb#s*Rg$
zu6czysalmUBKqLvCGh!%s+(K=UoI>g`=U}PTtAycgQT@ECqEZflcac0FZ}(09Agh$
z+TypEirJZfu?>)>e25nIE6syXXVv{BA~4cAmWFF53Itm7bE28q?O83YE%q~5&v-i<
zVkIP({k3D_wtnrm<Tt*g7Cbes7hjuvD>N0T^y&T041j`T63G9i;!h!4O9tdpWqQ(5
zN`O-K4TQY{pj39WYtJI7Y?6FQcP1cSu<1AHg|To1Nv1K+<mxE3c&pY2620dn(m>tX
z+<ZN!tFPZ{ak=`*dBm}DrH5sA*lZ;pUdUh&A*Q>~{Tvx@H2(`GG9Xtj+Tm<#bbZ_h
zGC!QHZyCQ|2bbU)bzhq&JX0&@nBJvep0K-6Q((YWXNERqs)HRI9XVLo=8`JUx<>Wm
zac*trjPWOKL)x;-m##0vt7y24>$p!S)#x2pjn5m4nmp^)?9C^>u+L;ra@=#<2yhOS
z!#&o{f3Dl*(zZ0WeehMkX+9rZMQg8W!&<BsP#nW2Y1q|HEc;6XT9WGaA&>v=+L<<H
z)M-iwxj+)bgP(1ug@tF8&(7`dPeAAC$Dg^_{=Ia1WtvLhA$1YG%uo!7&wrZNMM?r>
ztq2lTCz<`URs+zyG1c`FR3H4LjOZ>2hqHyU8w}af*tsPZC7UsClb)~1VQ*n)a8W^a
z`CiUqgmSfaM1`j^(DPQNSbwC$=dt`QsHdl2&tHGsE;n9rdCVig2bchIvG?WzX;!20
zNu$YgB&WN*JKdJ<ZuaTY5ictsVh8oXzl*dV|B80;9(p(%?Epx;c6)s@lAq3v$80We
zgjxm_jD<kL)^oeN8C>F)rSK8+I8jb<;`C=9SJak|n>{(}!Oca_zDPc&cN0%=76Dz{
z^LK~TN{Hgw_&8^q-T0O-pVp!a)V!KDJKNxh#d%gnMSk=Et$*;C@ncknkD>DLHS4j9
zwJ(-b`Je6B(TL;V@w%g8)JbTc@qZoVVB4eAp~fh)+fQRx7o)kmlQxpg;=H>TO=#89
z=)J{E5TY%b7$|F7{pKquQ9!GSypWdD-3qCS_%x^7COAq`$~Eg@H5h{3`F-Bie}Mt$
zGc)@QCW_$~(Q7lOu1p*X4ZU}%F((90@Wgg(h^r(WOeJ38ZP2|U0nV2`t!j(XJ?|d1
zZ3J^&T!H5phbbdRGDNx{b{9>zh?9k<(bkDRt{<2Tk0li@HZ?qD*E+hn8Igaw`c5`_
z*3}Z9pFR9NDl9B4bLCt~S^iDcNUiz)VaIN#mQF|Cc=s#*cDg$FjlP(}$0Y4Dg#spi
zNqz8#7V6B*ncvW4<9XxXY%!6Fi7Dkbr;DMkM;wOyLY^NNq6ETrjT_`%*_=0$?#|C(
z5T3#J_uxT~Te27X`?o|kqclpAlB|~RCH)zT7pL&AC0je=r2Ns&lAhaOE9|38l|Xxh
zwgTK_mt`%R7rSb#!2+Jdfg$~rpQp0c+oW<Z9i0cBBRG2O*`Ne>`}x|R`^kz9sGsfM
zlE`auGaz+rx0<puvkPH|VXeCeT9Ig5fRm)jbp$666Qd~AY+N`wW9Sg^y2*sN(3d`U
z5thV#cQFyy@qq!1WsMh#n=wof%N5OoV0!8?&bCbFRJE{ELzBe9G_ze>XQ$*8MmL$z
zSc;H%5_VLvf&KirFT!I1amYb!@oEf{DM|ebd1y34H`4d4q!4i=MNj^n<9D9riLqE-
zI1mkv4e7)hscj)W^5Sj~1|IO1mv5ZSd;28vv)Jh^2q^s+NAC{N{G|)&S31tWqL$%k
zb<niE9vC7grFbr+EwK6A)-lO<b8KvT_IyK;)nfd{0(5^5n(Qhd!^U(V?+NkUXNl^b
zQD)A}lT;dg(7j+}LhP3=)jNqvnR;$(t|4ZqH&>j<1rSV3%wH#(UrR*spV<oe7h|pI
z1a-h!?Oq5#36#05t&zRFb9uSfhg-c%%IkV|PHXGyO@~_haq+KfPc5kB)SMsOpD>{(
zrK%F_L&cr#z!+2Vb*E1ti=wLvdbsD=(ze|)u~xQ`?!W{ZPK!?K(;3yJR5R{}0B2-P
z;6BIwBN-FRr0#8LdfAyN{(lTry!)B(+y^ARdnvHFkL~0ma<#D3kw%cXb!QxbTl?vj
zIC!DZB-hETUVn9wOeghv(TsNnoD>vDEY%&R^=b}s0om;SyGVHl3v)FbJMxP3ygGz#
z>Y_ow5?*oq*oRLlS&=CBnaF0Wre>WqWK<MuDKbe4*3v7Sgc1ES&*j*d8VQmWN<N(2
zNTYXk6EmBe2A*-%vNe)s%docEJewU!JkCr0X@YseO7S@lV0E5?K0f4l@->&Ph9xB^
z{iT%Y#MJnB7UEOsu@{Cz>1}|7*N!;ihK_t+0H<pzg08KiG#lOXrI+4_KwQKN+F1p(
z=bApGtk7n<PatenB$Jc9zwbEBdmRXwoYWOGFO`aL-}p_!2l_#Zh$D7@2u73WL;IFb
z@8s_F_V6;ji_#h!Z&1Go!3+bDj;U#HoN&qa2(#Q&fju0^<Z9>EOxo;2?$TW``Ha5M
zNZt>-Pl>1Uuy2zhm^vc%XhpwgP>aZCs61P8+v}R^ifbQ?^-Jtv4@rMwGDb{`b92Y7
z8bZSyQ{aKG5hJ#A2SrG65xCt={FNA|*kgA|E%eeee3+NjGT2*N%vp}D_7;_4LI%w=
zYb<_ov-LsYBHw@6ujt11Tbs~bDZ&uoSh(Ng7<DN6QGf#ahJ}mEovz4p^!tYg#XQ7Q
z<#|%j%XSfhZjjI0XSO}7Z!vccav)W@;{3iM=E<{B#2&Xw^3B1Xf9CVB*eAbK1xW3P
zKuHP02r-(D`HBq{h8ew6FHE@=yHPiVd6sE`EbH%ZX~?=~LUAq(4+<%(g$EtY3+NcA
zZ_v-!8&Nb};@c$d?-M98+a1Jrt)YS;Qj^j?fEMXJD9^<8)!`01spw8YqB@MuO&sBx
zf5OFL6zGle#+VMjBNi9tYHZ%?=$sXpE@XWCVDcCsb+>usMnKJQs|Im!_L7l#fSR=E
zmz&dyLg+n&-Q6Yqz;DdXF6TFeSRFWOYJZhbO+{(*OL|;W?k=TSgKL`h_3B~`*h)1>
z^cgd*FWY+d@Ct26zP;flA@_k^&1O1#_7Msm;BFCx>?cedL6cK9NWK#Lc}+Rj7*)W3
zfdnJA4D%(la|L|*+YhUqY=6_?@iP*x2@SS8woh(UhMCoMFi=Fs)3}ME<p}qAaf@t+
z7{t6}W|676#tb1~pikEdx8oPR?)0b9!mr~aPGrF0>S0m3HdMtD(B*x%P00I2fu3ze
z6yStw9|bbKlh#BV&Wl}@4|fqaM*;nkrpm|1f9H|Vy>Y@WKg0YX_EG+$kTzobxnUqc
z%!`hwy#Ef-kBH8MJ#rI@TmBHd34Z8ny=nPl@aKjT<E9+r<{+FI;t-a#R<XNmG{YBN
zoh2*J`DM>+str`p7wa(P5vyFx?bl@SxRIybeW1^7@`y}J*_~*+tE>8V_~%M?M{ypB
zaWPT#9+k=8H_=N1G+S*`qq_SmN}u1qc?TM;Q!+T<j#Mx&Vh9KDhcB+8=V*D&lT;2X
zdA8_)Em+7$XccSoCpL0IrNXJn<DzwDSv1jC^P>1McI*}7K%ucpVwt4{seRrE$aQ(m
zRgq665Q10}8K7Oks+8+d3R~CLxVm{*jAZPjVq;A6XpS=Omgp{917M5SW47NZsHcSd
zx1aRCpCS;lNu2BdOP0TIchPvM3Pw5EXLZtz{<*u?@*yQk-}bYQ2@GmHl*C|wuN4l^
zX@P;>yAq+u;bm$u<zP?o5SUXf7>EuumZD(yjrF^V9*Wh31PB-Q=bK&Ejxpd)phzxL
z>8{0Khzvy1q7lmlybFyb`m`wS{)^*>E&%A($k|QqL#9@n3)HKPYdN-rUSJ>#)LAb@
z(cZlImw6uSBj9{OHZ^lYs-OP9j0}JD<=JW_+n{y^oYpFIyv)eX&2KY(-cjS<kCpA3
zvxs-g%4OhEu0Tw&9c)PV*-}5aqQkk`P;Wnug|>S4H>m|DESPhXnK-@VH{?VAJ;g!p
zS;N6bjpW@}`cmxtRYay~ROrwT!?#2LE;d#^j2NUh?mn6j^$~`WOH1g<Src_8^~EV}
z0o-wc5{95h_lcc~fJWN0Yl)7n$+@Wk4H5aKn?2Wql*Y@crl5=B5A<JS$wM_N9Om_+
zEB*Te)xn7)g0-trurL#EH28C(_jX%dBO?0a5hDGOa2^sIHB@RxKJnPu0Mx~|U7d`|
zwDbFd7@1B9u)Jbnh?wUC5r(7sPSh)Yi-==_b={r*5Edu0U|61lb($9bi+z?hlk+d+
ziZyG4iA}w?7LNxHPzY{K)3jsh=Bk2D?11e`m#)rmwMXo@p^1)@U{{!ylWe!6AQ?`P
zy<g(ABi|`XokBh$Y!$hh0udM$XKJD@tT|F4@t>v)Ed(dRGQQ9>2t-j>ycQ7so@%ej
z-8RfbL54GIt(8k=y=kkf?qDB-{-<<!iiv*TKGilq6OVpNfT@PxTzKLRL&xj&Kk1<4
z!!TF}J~u^hyu7JSy|G!*S7)|1A2`vg*T+XnBTVqL$#LFXWK#FcTj>svdtols9A7_|
zVcrn4H26{_aah?zGtJ}&kw$#dPZL2(jQF$!N)VX`b~r(sw-P(G@QW_$exz~7@0Kj>
z9JQ|~)RhmhlreDw7)4xjA~DMa!&_23lUg#{kU2B^;XK-Zcnz$PS4}b0TYNITQ7EmH
zBugA-VaxtvWY4e>F)VN5mJP9Ru}@pm@%uVgaxzM>=S6<y9%KA0qD!#%N2UGpM_Rs_
zt(;g_3ncndg+(Qwjhn^|s3{s5P^qW4j)}~dW1k!o*7}=DGfoCVCp<1Mw?j+14c+-C
zNrXbtyhX5Fd2WZz;v71<1)_)BBwEaWU+KIb<Z5`kqqCRpIfWpKmhu-Hg1m~N=W7}j
zI8;ofs13PBNh^G8K0SL&rUu-woY^?B{^o54Ot9bxegTml2Ab5d5)~@Xl_;ZKn3FB>
z<1uQ3X4L94Hk5$!G-l!)0xa;vzFZS_q<y+0)#{vW5t2#FjOw@fAfSRA259&HO82jf
zJJ8o|2uG7e9_)El&`l(niqgYG9IdQB@c0huE!*?kFo)04Tq&iK=hI=2l;ySzd7m$!
z(UhHHA8HC|!(~Q0<1w5RO`}u#`4N|0z|qE-Oua}BiiFHlKEahgJ{4up0Wer2)vkP-
z6UpWNmc?g9<VCc4v%`N)iQwq81bp|1I{mU0KK4uz3$=KPh~Mw(-c%_inWMi7Du^+E
zu@Ph6!;pqaQAtAjkP~hl(nn;;(j(BF3M@-K(k$p9F(wNHuAj+j9Op%>aw79b`0y(H
ziI*-UIfyF6W!JM0BHgHX;lxt^yCjxrQQ*I%I%Q~&nzGsMzfX-P>a=IER=NGh`Tu1A
z0}x^>_W$Mm4hj&Ho`1$p2y&QF{~tvUG`?PwFntn$%iSkZ8a3+xLCIl)oaLWGc|_4i
z?D4EJlAWYH+G_4KX>WqDlFS9IV=cP7wO^x?fpVE@&kH%Z7jA!XYHZ!Qd->SEUzred
zVPzP+e*~t(VKCp(b*YA8P5{795f2Ff=*SNT00NfBK>$GKk>~<QJH5zJ$T<mzb@U@{
zzP1)~lUk7$ZvhSfu$}wLSE-2Z*Wg(2q@gs6*N4Y>u4#Qumbik?f(}Q%0v89qAOC7k
zPPgMkO;;l-mT<Sm<HU)u<$JHfI$SOzaFqEsthUf7D>~weu<&+7$bSFbiMt^cbOh3u
zta|yefAM;|+pWskEP1+mhxVztvjrN8$ZzHL<oajOM;52@Tj6vTBi}Q7$JN(ZSaps*
z&j0|Q{$a^P7^wIc-K97sUUXRdPLSUm%O>giICM{Sc%UveG*J2_)!_@eTCj^=1c$TD
zT7DZ1vr2t^&Gp9|W@6wrfl1=7qjNP?9GGB!EVFiwVt8bc*!T(qwns8}Nmh*Ln$FPk
zc=f!@;o^p=pHl_D)4TS~ISR7Q1(|7Lo}XxKDpB7{x_b21IrMQ9Sm)ax{%sEbVZR<S
zI@H@z)Z8WFh4-~@a>%lM+;HxV{buaO=elZlIqF^SgpHB_%`9Dx3fCt!+}p#gr{gjV
z3D*5*=d}&5;?H`&)RtTs*<dCg)QhoDw0y~En_5@?+?wgSNK^Vyz@!eWoqjb%W6CmJ
zzH4EF<1<l{<0E<gVbKCSfw1GXX`gTZoD_oxibTRl)ow14nKo9h{^fku+z##MuSFUL
z3mXhDf-B^t-Ca%_9QEW9)f9ax2QhU790EqJ;&HLOP(=FX-+5k!jX@U&eJ|qACg*6~
zz5e!JSP9X#i&tvQs(#)c5^s<B^z9$<!7KN)N5Ja(!)^40UaWgx`9!Oy>=w-~j>1%I
zXihri{l)c$VDXYY!^o|ar_Mo2d#-z%s6SuLZ<tReaQz$~0PsElmfn*R->z5cNVtEn
z>L8~wi|~|S@B*3h6f2gMc!f5;Z})i|`})XLHAyeG{~qok;`FCw64nDRzaPhd$v(Hj
zmMFe1m=n!fzh!%>@O<oXFW3H(eRZ3B=sTv?E_ax`4o_8mT6!Z>?a7w^u)I&`w9skr
zJCgHSO@@hLU}6*fUttfJE#jEscz5=N^~pIN9^SKYfwWhgS1RWfstz(+x@=ADxL8*1
zYeW~qHT92CC-c3*Ib+DVA<a{$Pk?3m`)eQ!cj)4iQTnaMKtZ4Iqdq#q8veeBz|~J?
z4gexTSmz)x1=vOae8uZY%ww^ql51)SL=AV4ryKrpOVjE%7*Fx80YP`=7)>leVl>Er
z!%xoujc2rgm632jz<>Bc?rb><!iNC>nTP3MFfkIqOA-~ZaDxwU*#ZGNGZ9GnPhODT
zpALL#Jm97Oo(xyie_Gl9-lfrtq6o_X0Qi62OZ3Zs`421mKe`m(_o_Od1t0zG`Tg>+
zevsEXXCm*<Sl(vo;OGYn#sb(m4;+2Ohzyfs+Khz@078&dKrRenl`#ZuzTHNE>e%<I
z6=Ib{5b={oxB>3Omlm^B%@Li8Kvx(Uh~|A2LDy^v;$O5qnjjTA1oE)C!qSxs5Lb|T
z#%?}wMdhW*Ay7#shb{lS5L65+`8TVAt*2Kv=jaC(MzkjVXt90aQ?6f@>>G(_XY7p3
zm@6gUKRWX2uL+{Vs7VE2grMjiy1{Dk(Z_F3)oqs|f)|=Lr}};4J^v(06W8Z1N-Z!+
zw9fEP88QFBC&@=rke007XoKS6H@zoupvDz57gkx7%SYTPsv%lGf~I)g+e|HH-9EFZ
z=RK82ZB$mMS}SL5Ss6|9@&n`GF9z5Csn3(J5FWhCFn{3bf!$Nd7-nv+cJ+xIFxFKj
z2R{&OOT2Xvri$xJCOdtg1>}rk*=Wh`*gD>kftECI0Ox{{=@OGMw9DKm0G}+mf!lK6
zH1D6kmk6B`zwhk9ET06fDJ_l4yN2P5t!v)NAQa9%n9d~$;K4_$Jmi+HL48Eu9@Yl}
z!-FlORuGJgaGw9|*YP39*B%LQC#@H&*tdT$gbcW@WmuGW!sm)7(!!e&vmtw1mZz+;
Myt*7z_HEGr0f)>+{Qv*}

literal 0
HcmV?d00001

diff --git a/docs/installation/images/ec2-ubuntu.png b/docs/installation/images/ec2-ubuntu.png
new file mode 100644
index 0000000000000000000000000000000000000000..04f1d1c50ded44d94923274c0e727bc1d413e733
GIT binary patch
literal 238001
zcmZ^~1yEei(mosm0t5)|5F7%*9RfiYcXxMRT!Xv22Zsa+gy0f%k!1<)&a${`V0Zud
z-Fx5nz4cXnRa13p&z$Y<Gd=T6Pxo_T)l>jj7-SgFo;|~omy_0b_UvWOvu7_tU!(rL
z!)^1*;MvO(UwLT>E#K$Ig($v+x_^)>UOw3{Q;D><y0n99Qh2n3_>y=OhZvDBw3pej
zE7qHgiI?l@W{np$s?^?ToxeMJg!gW=1IIjrb5}&n*|Amzt^$kN>1_A9&T<C|RUxan
z>1;?9Mj#9Vf7N~k5fOi=5{DmX?jBSXBbvb>QLA1H#>EUxPe8In*|I4+-hVC+8&ZD7
zm!E`7E~Pq3FJ+;r1Y;7=G;-D&E!v0uvgBYyQNZa#X&_>H07v}E`tp7!IV5t#+jQ>V
z|NckFL~Qb<C^X3PQ^&hPwOA(ODcU^#(dLl~ZMICUJP~*vIAkZ5spx($97pW_1VH7t
zE8_9{OzdGdeS=P8@A1D(5pq`#1}v0aO~Lm+drAn?tf`GwYV(RS=km9gXO3NCHqS>>
z`R^ZHJ{XF|9PdVR!!In8KYEX8s($p!V-q*dN=!MCExP|d!xE#C{zqITW^l5L9H5+a
zniR{YS+TO?gU%>JVun;1ul8w#$S%Y>IOCXEX<lZe$u4(zEU<trIr||3pZNcVY3ldM
zzOU!UnFrec*p`wcr(4c5O_^!c6Vh2r*3BC&*!v61zLNXt;U$aj*JHcpW8UeEQ7iL;
z+Q~FZ*hq(HE=S5_Boq68y>Q9O)WyEPr&vdEiV`sa?Lm~MbO&wWlqZPeH^T<?kXBiC
zS8~?f?6j=@=O_h3C}bD-l_g_HGE$B1%1fhOy;7NbBXGO)KaTw8(ouNe>*Xmn1CLWC
zR^pT4NvM~z<z2fN_mt<0^GhS^-aThLtKy3mRkfA?R`U)Jj5}yDid48Ib1I8XW*j)_
z2M@=_|L@G0vfKBr+)>8&-w&>QsgqxtOGE#g@F2kxAWUzpk!V2{#u5m5D%ooVZx|(2
z7J8rw2?>#4EG;czKtz;P2~?^D^_Y?^o4IROh8`$9drfT%u68WMgIllgt1>rl#MeNc
zrlhEXFyLYlbqDeQQT4cSF<JBS^v{?0pv46g53!E1s)feXXXC=#%H3VP5R7u?)z;{v
zlhr*9-0~~#dnEBR?m?WVYzG}>8oPWI@2hmF+&%oyJ;R`>yw+h^kJnnvkg+kzcUCqw
z!u>ah%3J4XboOmG_B-{tr5!y=%O+=Xr_}-x_GR`qFSVJHZ1O0$>K)gbZkVa9?nAS3
zGE)b#9dIYUhK%wPY2zS%Lcn@fzk}P+f|la$7AE?TNQ7XE`ELlCaA}Hz@Q%HwTnBw&
zn#<^hS@3XR_NYJv^(DH5WS3vDGaqZke|ZRtGWD-d%0;GW4$?doIx1*#EDB6DT0wbt
zGmQCni~QDBR-gJPg_XPeH!hw^#zN#MlMN|CDJF61$2x>sGPfwoGB+2NknW<ws;h(0
zLnEevYGlxxKRKtY7{p#J9!8HuqzW6f19y+A|Jd${B)2&^Z#)P=tnl6o`H<&73Wlvm
zsd#y>0E}km9ua_lt%!r9Lw<eXzotBKF%~~vZHD6n=W|SFWa0)=)IAJ-fm~mE>X8b#
ztbUo1XrXJlLA25#k_h*M3yzK*3W>ekQ+a&6Zi`J9prSQZXx3}Zbqik5+0^D{-lJJy
zn<=ZycyTrSZ1Bjkqd|~*V8;7y)0gTxdg~Eh^;mow(t&(Hicu16EKnJXv<ahD6@g#{
zKo_7W@YHX;03u$GtX}^82>0DU?#D=?6sDfaMVBj1vm9hanOy>M`+X*up396!>1$NW
zR(98x;|GUrdgzu{CQ5l6qRGoE!nEcq#`#b0YF>X=VHYkCp-|D9bTie3c~F54h5Eko
zTm%GHRvJ{@dSR%J>o=Y$ZXqaMI~WFw{%bfnj>xXzXuXhsCMR*1@DT#`)O`&1@i-rU
z*ns4FcpDAw_!e&21i&o)3{UldptgdA&dE$PC_xdFjbwwtQ+kH*$9~ek=Ed||rJGm!
zVir35!p1R~FWUD4*sB`T`mCH3$hJY1G)#2p_!t(P4F_6JTgMIC2Z}v$<duQs>8u0l
zdFh`sG6?7sly#wku0v;BX=!P1iHQL_drxjdRLPEu`xh4%aw;k|J2-cGbu-BXdmn^_
zg}+=$!N!A-B3q9+E&+F5UZ%E%rfbOShmyx)8<Jab6S@nsJm~#H$jK_~hT8SfD%X77
zW#B7v>i^bLO%c80>q@q#_rzn#Jb;ln!Q4q=vWnkIRJ?lhiOMqOIut~$g;4>M5AWBF
zFG(r%5b{r!bEEfnhw1LVL!*m7u4fjT&wuC%K%@6-F!~mEwQ!krK_#9np>BqNF)~uC
z+?yZP<b0G?0Y8<$t5I4XFE&1@{!-QtprB^WY2~sUK7TTMQgJhEeQ;lojz4+Ie$;Ep
z{TD7FdVVCs?tb=<cL<(N+8aL3$_Ry2J1Tm0?`lJgjcwawHcAS3x)3|A7$4gZz)a+`
z6}J&s$oEI8zsrt!cZTvH#Zz7wiuOwLzQ>7kI*?55c}N$_xXq8W&`&ju7JmmStx?iM
z_JzWaGItla+^QJdaM69P>f$bw>7}E}i}}I`WUVkdT6QpAveCJa(b5I-w+SAt^>%9N
zu%#gNhKT?}4#nI~SAGs2K3+;nN=*5nbj^=raTfJG{FDqUDh?L(*ruc_HoCHkraH4)
z#SBX(+Dxgjno+qFfBKvip`C&s&xC*CDcux*dMB4qo6S;zM|YLEi@5jB;n^E@r#3nj
z(*b!Dyf=b<U}H;wp^ZO;pD2=K=PkFW!=%%!1K4ripZ+Pn6Qo!P5~`}XdjlsKD5+n+
z%iPL0W$kOY`hB?_gq-;cbAORx)n!r~Pm`eOM^nPxHFR%}mV@Ige0R^ioi6E&YS$yp
z(QFNJ`v+s^2iqN`xHtzj3JMBfbTZqzc6_P>I)2&TFG)a1$Rg<KRLrq5&d=Y5Q)*$c
zR(E4VxgMg1c}1%iY$z~thCMe@o<;;Zioa{f*U*=}O*J0`Kkag71r9rYIds|M|9mHG
zqd&^+?yDSgaZWnC`6MD0U_^~azL1MIVfbk#l?HV2vy3zwXKzhZSF0XPVq4t`En+Nr
zcWf7ar8qR+MgTd1%>qQvLjJXHs>f7GO*2rUX!5JP#TZh`xAsTH!FywYui=Jl-}n^-
z3r5f8FAkHprc=+S4$a*GY(hv)L8k2YWc8=_?0IptzxCe6E%DJcww!ei+u7La3vT0S
zz7QjdzRfi2sIj!T6y#OO3y-{lm9^F=4YHzVp73xX)BN`B*`zH3DIA2W%-6#dr!;lr
z$`|#t_*I9)hA^jQjAGrFtaF0q18X}kY*w4SQ6S>L_i^0PVqwgL>gwuG;B>a{Bs=(O
zMr$#cM5dAXF72e>vW+8!f+pnTg@-%JD=eoA;yLe1g+^3Wcbc{^t}0)pOYSpgJt@20
zBK@{pi8K;!vQDP0J8R$2Co4;2ITc$E7RUGs;q2h!)jevx@fSVH5X_$WCnnn4iG+)!
zZ1=@`V0^}FN!!ND$k1bEmu-AW)Q-=l!CahZEmJ<yk4CR1|6Ux}e*BH3f}w($l~u~m
zPiV~AK*!+y&E`d1f@PCRg^{Ux=-8NombMP*3`Q;o2W$4pcv~`3u?F3e`xeyk%|9Pc
zx`yXfPE)SALavgt>XvqC>8qhUQ*wZeQj0a|*k8HD7u;0yH3?jghoJl8c5O}oLcR2>
znxD>PW`)Ju>7W@23(d<R|CJpDrRE{ozH&iDeFf7Ziu4;B3MUbbu|OW8Ovm~0h~ivK
zjklaVfdqtPLTN#dm)5&6kJepT;$&~dPizx;su$w_L1E0u2unPr@#=|aoz)(QSYndm
zFz~83A*A*r`lD_jhN}s}el=)bz|DUAPQ8#g)O{3v|C=zDz)cXj>g3~#Ta!B$3WEpq
zCx9$JlWqhp<9f(uZCT#%;Gi0(U)s`w(D1<2a6+lh>Yar+D)w=oCi(n3CK^0S%;3l%
zwA-!8)=3#FX)+z;t^2VM=VyRxetblmd)uE|aZ58Zrun)K4Bd^}XX{HhRO_c3p{*N!
zIGyWjNu91HpPg`Lq@$CLBI+PXl;Ygn8gR68b7*-F*GPR%%!b$>?)8<Qm~avA%{AlB
z3y5KZ*~6-fC4D+wn>#JU-8~HaC~Jq$d@}6M&eZ7so^iBwSJ>W&$R%i(&naMs!w#a7
z-Q>O(yxmr39l?=0uGAL7UY0OKc0#0>Z~`w@b(xe{5oX8%&wLpK4S#7Xc}YBJ8iRsK
zWVY2Gi5gGD{%PUfXugn(q*2!gGT7e^8zGi`3F-EI4mrw?0bhGI-zWnNy~M7D)!j}P
zSdE5GIf&Uk_7Z^9SDnQrEp<Slv&Wp3z>XRoQia00YHo>R*5{yIG-5BR<p+y_GGUS8
zaZvBSLc+fR!tIl$uy3DANy%^Z+2LgB<im?O49nm^!W!<%0$r_9?kp}8Rpz_C$;=lE
z+LV!3(59j=J6x9BEVcKEa4lWkvX&Mid`6{TuX5){M3arJsiHx(^)-DF9m2f4yk8m{
zaTBo;?W!99YZ1a_O3qm0bFZJAqQ^<|IVu(AH7x|BTNYE^r79=ISZiu9TklbWu<mn9
zOQn_2EBSioj|hL%z3I!~j*5s?B2;*)NMqvJ;G3&9@3tDdpIF66Sdxq!`;q9O;iBg9
z&Vrq@s-hwdmS!=QJyM`rnwZlRLz@3ZHj8B@Dlj+9KKbZnV{X`JbexUC(rQ;=3j?&6
zi{v83fsSf^t(N?VAp^ID!<<xv5F*E(gFlLUQAlkglJ#W-@7t8i>9XpU7gEH#&+0Pz
z1xG1iL8~gAMcVljgDGmgIJ#aC9)k6}H5*NucHtKBDJ%w*#44URz$z9RQn$s=NSl*B
zCi#|9gnzR`jU8R}`={~2Vc9aos+X@TQi4L%_f<fvczn^JQ3k)!=aZKqpgoWaz(tnw
z)Xzl(n_4V^k~}1GHI3|PyRlBN35Z{B;>m@$JfxynexNltic1lIIyi|xaZoJ&dGqJ8
zRQfv{#x5#aKrx{!{pt)q+kZ$n%W?oH;w2fVm!RI{ymQ^Y=zebMdz8Cj7HIMUV)94v
z=|mjamsJ&#R1o7<zPDReQAauBzpQSY7u}Y_oG{KRBPCT>a8KA&PkQ2vug=p$U@zZD
zTb^58@AygE?|GguQ^~ggyx}1bEejw1Pkh7QGb@Q%Q5Pd}ncld5391SJ=OA)_fBz}Y
z5)AnZ3g;w17DZW2H|1JkVYR?5W#Zz!1kl?4hu&UH+JuqXz2Ky%NB2foWK`6pIL)c6
znnhWe+OjaAxIXY@eP<vSBu9*r$97_n)D|pZX)la7TuIye{WXeTyInpHj$^iIR9+mq
z;Lej@&YX7g<)wj9j|CQc;ac4B8zG!_Q(HkiWs-2=XrW0Gw6%3-q^4%bVk;JR(R}7i
z^4EHuC}411Tg{Ki9SvJnsR`4RquR&fBkq4fQ&<pOutR35tV_-9@bGZzT@!z!dnpP=
zfqa=o=^rOKlc1n(H72O?p)#43kiAoi{Y#k48>TOnEm1E@2QxIsYUQj88_)LkY?_;!
zzf`oND~qDu$!rn$*2d!J|DIlsyG_FO^!7$C+_yXX6ktfcY+x|83~u_sojLhIECGsY
zw2-jJ80$>CllDix(7}<VDI<fs*v_Lou@#!<7Lh*PKgGqs(uJxKX7M_Q4|HbA@$f3W
zHPyz-D(-r>Opd-*a<E#~D#y=0!=G0^Xhb^nO4fy(oW3_)%{8>0Da}WNsqu9hYpVSy
z5A>%)AmPsTNFB@X1Ui5qSw7i8xs^r_TiB=|YU~7)N|afWA|NXUC}EB}qz0)lnAf}<
z&#Cp(x#7-z=a((4YSztw%6b#7Zu@KUeel()6KB>{GUgm@KGeE`d2hd2h})TA!AU&H
zN`uq+r0TWoKg+4v%gp3lSOu-m{qcPNm8j2Xwo+fS+m8JG5ZKkyNs<lmbK9yKs?&G;
z9!tV1K_Mp;?yHkwcDcLlA99g1NGtpvM_{cL_vPcCiv``5&0oL7R{iWbG%&xqBU!o0
z9xmzhJR$nNHlXJeqHfPR{|J~Pnn`^X_IyMi4S7}fhb;}U%{B`s+AL3gw&}T)b^rMq
zDHtG29H(jd7N7VmhsisFK{0Fd>$iGt6@s{-)plT`(-Jo#GNDm$STR>4B$cH0q*gi!
z9k2s_SY+8=L5`*C`9WV;N}o>4{EbW2Kc`J!wC$_|8odI<y>HJ3$0w2KwzJt^;QjgE
zt&eO(AHlLtYb~UPE!{~1Cij?(+O}WXt{l2rywFa25VW<OF#WE^3#w+h!iKH`pT({^
z>a(sZes8BB%HH<i=a(As-|Z$`&zJL8zF(abE?y3sHhT1V?q>0CE#Qc8fEL3h3|lO&
zjwUT{hJxgh;-m`(gg_J*;`f=Xy4wXn2-oE=Y@d^#3)`3D9J>AX996GW&?|R@DDWvm
z)8<+9{Nagh+x<W_O@pw@F@+4Gy?5*^q?A06p`VJ`<_BJiZZ}@zjW$ab2@PLCL)jdC
zPdqR)MCo{=#|>Gnemen7$x$jW<Mq`$kot?IwY9{a9x;S%-(muCu`+)4Qd~Ld*kk1r
zsekXy#$BDSI;5j8-ovGZ+@afO)=v(4{Dy&PP^Mdy8MfVNUJX6|`+%}OF*GUUe*){;
za~-K9-(1PxF*d19{He{}sXvpjON^&n`l01B(&Z{ytv_2yp$01k$_7cnSzcnxiS|Ip
zcsZ?f8XW@JxDVFh9xL?QBXBhmCNHm&Z|T#Ehxik*v^_7NKa_9h_-e>Mb_eBfTYpXN
zVc9=AkU86>y7tUhI!*P{ABH-t?T+TGt|gwzr|*&!?jPI1xU70<y|KKi>r$uqlbYfZ
z2nmVQG?XxAPr4}{w8QK(ISrGPCAa{8-t>XNk|x2=6~@Q7dOA>V!0oR&u55RI&P4d}
zZQ2Gv^le!ID<f~6_PVq^82wyaTr42WNDBE~ySljXry#2$KSSr|TQ_NG945M~7fnM9
z_w?zPY!{EOctn_V2ivu*T9#wJ$ygP69cK9E>|htsX)rwugbuEP+bWVo0n4w7q{8A>
zR7A`Jy@dlcPo-`b2K8jj9-_l8r|}qaB_)2H*v8HsA$*R*Mlnr>-VqPX*I*%6l428l
z2*AbhW{m2by4dVFg$!lVYKcKC6v-94Qs|W(f<7^Tx4AKIq-3v97Te%&*8`wp1zuYY
zP8&h54U6=Wn|F<BA5MM<p0D$ZK2>!#LQg*WKD0A6?sTvD-s|@E8$RM})tG*e)Uu+5
zn0oLO5eu!ghKS#uF2@p6Au)AK+^ICud?^&+&hFonY>R{V|2#f6`rkOLr?FVvVvGM!
zKk;hK(heI{xh^@uC#Q^EY-G3}{cyKAR|j8YDt$6R5{X{_G8PQ+7JwN15g{$4{I%9<
zoT#t68g_?`z#<Q6eFOXO`0<unFs9H@V0+#=+Z<k8JXk^((6|eBG4fw2cHjNI(iUh#
zeCoUX;rJxv1u?h>+x3L}*L?JuG{9OU_|Lg)*PmHbqn0Nfr**Hl97rg30apM~(P|gD
zh|Fq3ZtGhSB*OLD_2~l<TMt=s&pF0v#{st$lY+?b8!CL@u!`5?Nh`TuK9?oxe1mDS
z^Gb{PSO$wzNH4JmffC{-`jO_=J2vSJz+I8L-tZ?jt1jCB-vS%1UpKa{vA5WJ1*Xk7
zYe)AJnHlw*wD>D_(>Skj;*zf&gz*iAiL8(V8F%lG^+tXliNN+!PF*AH$z`{$;a<=W
zcuuZk+`Y~7^~Ui$lcJhK^=da>YslGIl=&v_7l@EP6NpS<^s8~<Ek+LZ!`k!Ob!@L|
z?hsHJL`PIeJlvhVb2NUu!{5mEpXApJJXx=|0TVMmVMRwMY?gj|81tdNUY^!;jn+IJ
zEjn!;m@z6{UKh|LXW06;#gq{0&odkm6sC7b(=W4-P*iA^X;QS8XQ<`fqgfWej(erS
zjm5Q9UG|CQAVXM#y-FoNiIm6IVjirI%2PEtm~g<uX_<!uN!RBI1k)Rd2MJfI=10|N
z$|yYgL-p47-1CCc^e1q|*SQV%)0HBX)qJt6(m55$a~2f$q}Vl;`gTtmt)Ya~HHE)Y
z_2M!IXNGbZk|igtFu{#6?hU^en7j%tzLfjF-x6JLCwG|)`cBE{H5$xN={*Kar^%h0
z+cBps`M}B2j9&SGiq2rt(iTILOEI)7m7vrImU5TRjRAfjV_+{*loe5+=<a{K(HQBF
z7j^YT$gKs$43_Nw?DzT@agpnZzag|VaaAs50Tr54OE#c`l(mYApjQ^((wW?ebD#kC
z&&8h|Wkkf9iHW$n^*t?tU1@08mwU}*^~3LQTywQlb+x_R=o!gM%%=ohA2`0lM#Rrg
z^Yg!(54`jZ*a$vexnX3l9qp@ioZnds9a!vkBwk;?<emqceoj1lV>a0-(&%G`<C3Ep
zUE8GqF5p31vo(qFqm>uf=y{&+(-r+ugx`EBK_Mav@GwDqB;vX*>a^5^V%X|ZVaD9<
zDZPgG)g}3+IGaRThUv?fuUJ4xP7;u#og_Y+ZQu_UjybG;ZSi^mcK#S(GFT$@*a)9k
zIG=WOwRnX1G(H@dZf<+sS#JKOS?w-IyGSiz&J9FqiTxx7Tv+oxy*crP4F#x~W`-LU
zuSTuGRV@)e$vMwk2kzn8g|BfirOb^*It(4%5nqe9*ItGU1c<b3LbC<7>P|$y8(;bj
zY_qgMPsJ_2f$z>1lLSots2qt@WjsWYYMZOU3fzA;P!*^3E>hR73sjlHlZJU5Ve55C
zNy#tk(KVN@4BVm#VJvhx0%oHO#3f}V&y^=W{5`kG>U&Y^tbNCZH51daSrL%g7=Qjb
zP8?7FzVBF4#h;6)!6>@Dn@^+o^&`ShiM4BPsg2KeD2@=-w$O_xTO<p(ge17#@mK=H
zNs%v+)_dKWb?)fcva&CmFU|(&!F2C>H_QIX(zcvACYfFOeD31Q+?WKQ{K%L5Z5eq<
ztLFXM8X$qb$-Pvcts!myMKosw=E9zS6QMCRH8(n?yly|ZLZRHpE32lDmSjRjX}-J9
z1n5dIlnZJd))--?CjjSWjO+j4GE^%SS~26_1Ls+~4Ljwg=^G6@w^K%@m&)rO@$FVg
zS=HK?Ce+R+04i8=2)L52q4+D#<qG}2bqAhB8iNU`JsDc%w$->w#b*3ubS;%;c^>w1
z1i+edkGR*nvo$%4jVe_XnrRb)%JkTpc~u(1ON<|*7S(S>gjX1BC+yx{e66`aX9V10
zfPD%4!eqJxf0dtFk<;_<2+`vCgt>b1J5w|@P2hqL$%cng0Yv};Q;hGw9Y+Ei!frDD
zsFdt0I%!rQW=7s{4@9>+y>HDGR!-C+zrLU-_f#R0D4cc1u;C#SG7u?h9nJc(NK*52
zaK8uM)lc4MRfUC0V`(AH*(=y)2DxY4wk$;X(QQZHPiyfv?^L0PUP(6LN&B9g!kskp
z{v_RX>-;%xT@@8b3P(IHk)t~)JR0>JM9v|pvSQRV+l%w^<;z7x|CzehVnl%He)d$4
z6p1g)uX(rfOUqrL(@G~AhnPE#@Ykjk{ohg1{3nAUsNNO_?Or5=7PF(c^XV3YhL+hJ
zrVwj|49YF^!RR?om7C%Q9(9tBjOaYXNQ{8H<KZ$N<K(ymf`l{u&jQ|9W}v@WlgYE9
zUmI3dm%5JZl7^4%zMD0=7yBIb1P=&GY$~D8`H+IoBV05wDkFWaMQdR%JAHP3Zw0j>
z=Og8^ApRhpmBs*&W{%IOKgIpy#`z*geG2ZT1zY<LmFQJfvBd+&S$_Zk5d{eGPP|}n
z8{(kuXXOx$`vx<L37`&o)vFgw<-gaEr4FH6ya1zW*~rk)a{rOKl5IykOok*0(cTmA
z&FuxNg&nk=<a~ciz;|P@bR)3UbTuh0LxsFz;V$~a*Hbz1b`r(b`<>W(lpvUC)R8Wm
zthF^Jkviw(sicbz7g3#FbmWix)VBh@-6w9md9BL@0jKRwhS9eR|Ee?&ME^bWWR)0{
zf9dP0OAQ0557tB2al7OrnwUKCfduJ#04^bpBc^=1oOJ0okxA^K#hsn6#4IHf&AdtI
za<KNCn+{9F3aX?pi6&e4C0a`KJhbBI+@fOQGFqCys)N_dE}`Lc*%U*(0CwA@FIsqU
zWRVjTL*-8jA6HfkI2+YpRpf<fB+#agi(W}^9rg(laNdy1<QFVnIV!}t5&)0&lCG`a
zF=f*Q^%%+@N!JT`IIYsI$hV(mta62b>8|9>t5Vdtt4Q77_m!(n7S#<JWaWkl4W+<G
zoiO>rMmHobeR7BE$|@>`qIkbWljxf|r}d#d>FrJ@Ol<vG5?D+z8w1MP@Lwk4Uc4W+
zZc!(mBt*D}3Go9gK5W;%nqkjI)oI_QejZrX`m}?32bxlhV?dHjEp3rQ_s+bI92|Y)
zd60s?HhvqdBykyph#d98yI_kbGah~8l)@@-V@^Y;oH8I%=8+KGmLmt~b7G|k{p|+Z
zSvvZg2xTHkKI2IG{{6L<w{d7U@=0KQ{T^-hlE^T%@oW9TqW5kuiSLyJZ`S-44*BE7
z1`<I$3BSaPNKzU;+z_(_y9W4Ddf-Xnrt3!*BlKmTB~!@ujx0O6It_(}zg)cD^j88W
z5lA514$O^N6ptwg7{nXj`+lp!`+K@?=9abM?QOwK?pjTz1Ke639X0GsIG=6){$;ZI
zGw`_qQ&Ft)3ib%|u1(kdw9WAblFG&8cT$Zmd^pAnzT_4229r<LvdX0KIWo-}DSS>;
zzt1XRr-TvQZqI@Ec_*Y)V?P*GwN7BZ5vgk$MEQtKJ&bu*E2Hm>#xMFqTQ;iIawb0i
zyX69v=uJM<&RG<5@<jBr@rr5ROh^!6G~z;4wA=hc6CT}LD)Usf=tX9mV>fW9Vc+g8
zxU-O}gofFvC@xcAHHy66G#omf6?;Fvzdc=%vt$yvbd_axl9$=G9mm?}aiZL2eUn*D
zu@S|pyB5I!Q<1fi72D%5j?Z5hwcE{Ll#Yy|348SZ?6s#=*jk(I)sD3QS5=1dlp|D(
zGQ0${9y{=0JM9fWGCyB!R~fI)%WSonVCed}o7(z-e&D)w7mWLb1TQAT5C!x9u1O@>
zB7d~{*yyyJWlc0;AQ;u?2ivqWTV3K7`K}~{cK5?Qq{-ggceZ+$1~Y*so4VHS9>@3Q
zZFqn3np^yMH&dy@?kEGyH$$MN<9KYHaXefR-Ds(aRb-7b=MN8r-G3t4VJRQR*Pg?-
z($~42Iwpsgy=Hx0>G}GwH9P2I`6QZ*vV??s>#cWw>y|=y;?(%EgXMKo+ixaw{an%!
zwX>w=uAYJSO!F;j?R<NgR(Z5pX{Eu@`Xd|W8r(su1B6_qdIEd`7k9A{erZPBRh0W?
z32S0Y<yP*zt{pVfFNTz2831v9j!sp6j<vfzsa$h&+#$pG)_#g?L)__SgA|~)X_9Ps
zsK8;B*8Fn{>cc0EH2VaLyw*{J-Q3>Bn?$)*&1Wo=VcJD?t)R;mJ&|rB&`QKoy_02D
zc2LlHs7jYt$0!MU0}muqL5e+|Ih!^!*GXi!#^OygJSH1HN#572l|<YgT;=_gNlr+X
zXuB6@w(f@aT}Kb7#d%hMP#%;8=)Ia*jpFuyiE`x`5g`K<54R8}0^H=hx#86bagP}1
zWoTHw$J7N{qR{paL~_L_kAAXTp;tP!lhrZ6_)3-!eU+Q=r|C^ZGCIKBi?X95;I~n3
zVq3MEl!wOEIF~admzLtlZRcj(?KD?YT|H$FKVHIPPaK=iiyb6e#av?;`qGZB#+Dv~
zm5eh0B3WzfQ+DB&x1^b$iccPXo+7QKvOk!sYaBl}UN3W2&TmydNK;V_*;ktr8pQ*&
zH6~}wYA9`+<{0Fq<nyAcbGcVL9}Sj67|Ugc-?dhgX|kI{5Ps7&N7Uw4GlQiUb6#5!
z&26s6@0mlt61MGbFIA7kfO4uEtMe9P+c6vZRkMu3<14RA%b69IxhPVf?@HjBxn!C(
zl{Kxk6=;%MzAY|@dvj&)7*|{Srkr7zmPH6_CqGYS%rPZ<BKxY6j)nzG|KQTksMP()
z%RrWYOyQea3M=gMgQsC+cd(I-X+z~LRO%qa!NF3_+PI+AgnAMwCVFDIPCXe9TnG_5
zOST0Cbw6cYo%^oep@l&IInAiv_3msSk2hkwex|04uJFezDyW%2m^yUSukW>Vdk&?#
z*QEv>U*H~Ss>Z`N@x>ly^~7jebjrU+san;My3!Uu@M^LXyVus&5$4uqrLtqF)||m3
zY1<=;AJ&!GIq;dK3t%4#Wg_?d=QSfT@HEG(#`0A03hm<D(`Awju?&=%#~Bahn<kn*
z0_6Ut>52@rfV)jbhtll?=w$`vm6so51806s>2|9rWqf8~aks<N=isJYxhN5jmA7;j
z;;?2TupN!vEoe}!QJ>{BO`Gw@V2;cy3!`-^+;avW`ZVn^Q&Fc$r3!4<z+xCyBrdf^
zb+gX9ivum#Hn3Rw8A>zL60CY8B)Y?-KB6oz8YeZfgzkkCC2m+$ni<J50)|M50o)Jg
z%tfqw_}1i+v6a$~h|S;q(O2Ks!{2#)I5KSi0PtIC0Tde;F<o#8@BvIMHAi(bM%vZ2
z)P9M-QTrmpteI+IFG76sPfZcTmeUfi->bROlH?Y&pCbqUdjI@X=n8X@v4QU4PGPLf
zjR)n5JSG+!)T>(v##IdOUMNZ+hJ|1+s3I`9(<R>$Q62ao=UD(Zz8;OZf_Vo_*t9DV
z=CjqQB$Q;8+g#EP*VXDI3<+EOC1nr#<)GHy@4w$BkO<+?l$3B!c0>Xre!pAy?UpT|
z=_pxU4+$Pg0oJ`rzd+SuUw!K~s!qSXM7krmO-?J#iCW{z+%HY^V6~=BLtwkdL_h~f
zvS0%o2{R@<q(W(4Cv%QRB@B;D^*nGj6;I)+%aThgm<)hL-Gl%PiBR00r|)c6q@<ML
zzG7{5vvxd_Ne^y?iXvrz<Vv&4CpXz;@4<tr9Z&KSJk{#mj~Ua<?WBB?S;-_UUVAWH
z5(Xi&hqpzVWs<&0ZowmZE5Cb`w#10*TY&12vtXmSC511b>z?Fxu`>dR@rJ95t}|8_
z$d6~^e)_t6l$U<|gMq=)|3-gL<d0y1OXJl;c!K`Y(#XWbj+9y;M^kIpU{875;AanA
z0}Tg^FAr2w>C;UbHxQW}7-!^DVX=G(nAp8N1J<l|n?IS_yh`D<QtH1Y4*PIs1J*b~
zvHZ9YJGfi&DdLCTs9o*_0`T~V%Q8kJ$T2SdthLTef8KceW=&^Qecau?hSrP#PhnvS
z?dKxkhRu)qsf)`R{63duk5#b==#c^nBqriCCCUj16|ya2L1YA5dS>^_>X%Vq;`?E8
zq3G`xal7`ord_DL7qZCBw?&+$^n=wE;&ddtNOjqEJP7k;s+C3)MBe8fkOr34Hgl|0
zMVxhB|5RqMtR~pXY^ml)G3fqk^|mc(#m%rK)4u}iZV1@WJa`8}Lu`fOoU6AET#9bl
zF$_(o*xWSh!bncsQOl5ibUES1tIJhV9iOu7wX8_eEF{%4-QPpL!HYy!Vc!=05=CXa
zhZk`138SPGRr?2EAw&x;LFC3m;*zr4c7rk+o2!)R(-p7MxuG0Xk;@R3oV>5j{aT`5
z6THL;ShN|z#msGEWyKyDCO3wf#L)hvd5#3HmJCcfbLkHvWZ#0Q*^W{;BGrdGM3tZ)
zzy$_Zj{1At0QwZ~mfgg#QE}Px9P9{>ZY*HHd`JrPc5=QZ+BYwLO9S%QvmGQP@JJdA
zRe8D^czCq)&76TxK6?C9(Xd5Q?Vi09au`DUd44-G+swP8qlOsfl#&j`vywAql$iv0
z6Aev%#);&*n6M?49O2f`k(-nwwi@$euVNd^I2x|Vr&D5ah;U;|llS1x&ZQskGBX4j
zQtAVWQw)yM97P8iRHcO`eZMRAM2d!sl4o$lv0G=|?0qN`Wrs$*7)BEvKF^X{`H-Pg
zavtK6&uz2HSmTmik#Mn=18(I2ka{bXKrEaRSc>t+aE)*sF!E`p!)S~N*o)s?-O#mX
z`A#Q_@-W^AV`D6!$&CNP)BW7I^tUdXE1FG0yuuWI^5JI0JfCwRN(pvlU!Nf<^(9`&
z!)4$W5GT1a+Hm;%qm%8%gYCn>tD#&C`y_tFf=WFy$r=}1ueso3>Y}?|OCqH?_i(RJ
zim@7@Qa*kg0taqY3Hig<meNiZ5S9^nVJzG&2gB{})GLwQK@RdwJNyIa^Y*X3DwM9Q
zc3}9zvP14)TgS+geI&UlmNnd8-2R*M#yZde(Rl)0;g<fJm347-Au-U|73QBfD1M1=
z5+4~wfjnXw9=4<&57sO4!+7|0`8I-Ne6~lN``=gzqT7Fqw;kRpi^t9*n;<DU+hOVK
ztD<V<S=%?c5*y><`VW_K|Lhna4-3Vqd7G{y_>vR*(SxT2*?lx<Nd(@>f5sp2MJ#>C
z*C|mJPB?*z4F6u5CFJ7Dam4%cl;au2_(97*JcbF->tHnh^Pm$%z)A=y48G{5PW+e9
zH3SP3&F2+zJqv<-OrD7P*z#-{@}t8ynEk#1$oa?A4MkIXd32HR))|fhH$QqI*e71w
zgMHsX4lAtmj!L5oPzoMH$#Beu8i7dUgvhax4{h;tLtMslbL*&o(Ub!3>l4>0;AC9P
zOL*PwAcQ(xtnxALWiSVJl!<QdNw5;EU9+(6&BockICp>3jvJu^(8uM2fR&@OK#m=t
zyJ-EDD6HU440f6<u!yW#Ul@9Xx2;015I*2Ap;`R2al%uP&v#gaPqLm#AMcU&6iB2K
zfeC1T+vu{Zz95N&i}vmPwccOE^fsy_*+vi!lpuqY{-LSqB*BKBUm$1)#0PHwm-Bad
z_cPD`rqJob&I@7?kUBrlKW0G)#!W2b#txG(s<+hiB@IYf`TZ~L2Z)H)odfjY12xst
zFQ+pB?j(CqQ9DDK^YQkx>#9QUJW6(-JmD-%GxA6OkVmHQOmcSkndR(X_9o3~@=1^o
z$4VdM9FF)8t;lI3w!XI&9)i=ktg@vo^ypd5CA__@Co$SCRY=k33cLI>s_hg?F~9<n
zaFJpsKYZBpLyFk+i9$0pzx)?Va)JwUkJ4u~^pjq1aCauoijFe;6r|k#Zj+IURVp^q
zR~u%@0;)Oc5>$p~T)mUM^TPg8oBin3ul;7A6?yQFZvZgB`D5|7uKmBn(tptm^;^j2
z;gcnhfgYs3kouqELi}<h%fF{?$m7b!|5rQG_KdxaynQ-yBc$e0emyeV9lQ8Vx0Jbx
zaN;R{>?rLxH_sRw&j_<3BdN9Fn+gqW_?ezVfLCR@A5PokZ$zE8JX6|Nhcnx=s_V9|
zt+=lw-u|b(McG^VzhCNR7-8>T|GSm`BKY49=}?yc-2L14|JM=oLi2y5O8Dk8bE5pO
z5($Ew{}mhd-yQ$0FNEvAwfq&9D!3Y-!k+cORpD8Xxn%!hXNN74HbZN~l)ABnQev++
zN+&C(cCwL3tW06&(ky<{DP>Wc=$W<xZeFo97lF+Cy+wUfvordk&coJ`J&gEq8a%&T
zYC7wBJ%a*k3y(PHPva(TxdY5woCe=kEtR|e0!DhohjODVN%^f3s0J|`c%reb8GLz(
z2LuA0PAE0@CZ)LiAea3V<Xa>mwGS5q#x_ihxkW|Rcg&Dp<J_G(zWEmZrIo~#Ol_(p
zu!L2%ug+eG5>5UnEh||FI<F82VG`ja|40Ws3cERZEzS$KVv(WumnJ<W1TIM9SX8@l
z_<8?22J>pB|A@HTvHPr%HbO*?NVBVWle+d{eqmv0ah1+={=SEs7_<ULh3OlZ*x0)l
zwL{-7EO8_GF)n84wqsu)iL6;v`8nVWo)poYN8k_jz|5?Bu7_{<L^hQ<1qF-*Ni>d6
z`A}CCJrhHwrq1zo_kw6G2-BjTiJ5~(S_RbDgB#})LklsZiCU@$X`J;<NMK#86Q_{S
z=q{Kd0HpgQq-Z+4sAoz?uxu3&5WVOZ*E&jZ>e9q1KKXRkIt2A{X~IJi)y%w3y?XQ4
z=OJY%m6F1ww&o)PuEAG1zuohwH57*3W`l+rLas!_klUKU7gwg66nbW?`#V1jFm)eZ
zv<Kp9mq~ue9<ljBK%Xm;r@>e}p2m^YrpYdEHEoZfkt>qP;hoDiy`t+n&7>H3-5|b|
zO+62!vHv_)ek2lniG+VtEzo>sRPTK;9`XnMEXa-_I9O>7c6Kq_3l5)&t9|uEVifGZ
z{4wVkP9KL6QeDvVWybnTjblzG)X(7Lh8IT(cO|zUij_8QGeSszI-(KkDJ&&F)kX&e
zme1&0-Si~ORm~76TAvbJkxnnYAai{`<!o2(2u*8Z(|j*K7nIHSY^>pqZWO~o-=gG4
zc;f^Q0oGWB1@vbp$ruCa0|NeD8{<JKPpLj;7@j>g#$}Zmur$arlaAlKY<js{k=pp_
zb9;sJ*t0wZ`S&#03UWiVxeA>b0?S1Vg`*`7UHBfSVK&{N^Xt#^C>a^0)YmKBsn9i6
z%*=fqLMw9B4?SfWz3ZPPTChto<^xbZRcNK9#tBX5ipEvatR0tz+!Rb@YFC0P+cLC1
zm8B@Be~`<(%O*t8XMg$SJ-3H`&0wuj77Ib#Gr347ui`G2@R`+-YjcctkJUiy+Kjo*
zi;P}s)i_UiRYj)M9dh1JsoySYA@X&X57X31;@UL%^+m8kjV&)F-)vrQP*9+uC1aMx
zJy$-RPVn6l{ycX2s=8_G(I4)JzmfPwaILN2y6Lae6Pe1d8H)oJ^IY7W;OW_CQN;eY
z>@x)}Y*Ru_at1ojZ*BxR)JkebpxhcXAuFn`6PahAmWWdK-eezrH--UA5;pc>reRXb
zVmgLiW3!^;I&Lxk7{q8R?}LACkuj}zZr9{XAB<K@;dDTnLUo>Oru6qoRX6AxZ5BF3
zyj(E(iO#syd&`PfdHsk>&b1)cxxliqxrNK21=q~f^25OFQ&^`0dp;tVO7qmCu)njU
z5!Y@2dTLR<k=$t;;hEdIyJHUarz;HCtmS~1@$cK^CqDZ!GIy`YK=@2QE7kg-$2m{K
zqJAy5!ZBfP=^4Hwz~`zxP2jzybj@y}LeI0rH2N}T4C@ME$nJ_eBjNg3o!YzK&Y)HP
zPj*2l#U)9%p?th;XIGE+tI!lrY?*Jv-{@KIF4`uAJYq{TEWH8~x{pNrT6Anm1$N`{
z$Oto6)jPy-6T6p85)y3~iL-Jjk0kDzLVxZYIgpQ8#|_ag2Z>E;%s=BTPfIZPxTKJ;
ztu2v8f4TH{G$!KS*eU6wOB@b277hMWuouheI=;y-FwOtg%*G+Do(L`KR-T*t6CcMO
zYtT2HJ^9E=?Y*I?WqKY%-Der^7s4Ehzj?$qm1?g9ub6z&v@X}k?WGEP_ZP}1aQCmy
z_v7y#dJzaqNi>%A%J1BVd&S6u1tq8A6geZF1zT7}P)fz;eA6x@4M$NB2#q>;$c|Z-
z9T+=#ot7+)h-jb^XbLWngjA7SlHC9OSO?jAc9^@Gq$xLePF8fWJJl-sm8;PsjRDvZ
zU$w<j9QcRjro|h=!+rN#?|k8MJwP048jNrhCZ2pw(i+l-MD!wypPs^DgY>!PGp$b>
zNEmW>0|}9SditD~j7a4$#uOD~>9f-1S&6pCIFP!YEdJrAy@?}}g;wo@mBLJr3dO4#
z52~!PiFHXh-&g;b#E6C(9v<E%&EAtZ=_2hqJ2Ol5&X_q}&|uhwyHsHR;u@T$V9d36
z&~L+K+0+8eV)y9biyv_6H{<1Qq>|ZEiM<_0?a;j?J##2qI_j@&015D_GWrdFihmhD
z5m#4{pIK*Z5_C(mvEME2EpXtj&$$97F)kd87pnXteBoc9hlM350vgFya6(1<8<uh%
zBr4TWrzZjIee}6<67JEeMp?D&8hUw;QG)i3jExG<Ha&0CbZA0ID}&6!Dn1co`P1=#
zLr<^Eyz)%7aze?zX)#9aU=&CtpfW-@WEUY=(ncL$tf?$BF8scKsSxU7{NZI^P@D$3
z{(C(ATx)($X)8;NpfV~;OS+do@-xZ>ohMB4D3nRaJeAlZa}OHNk4!`40A@w0Mb9A>
zc&T&G{L7x_uZ6D6j2-Tg!STnLe?1J7l(Cu<flx1am)v}k8mUb{j(q04WF&bT<>10M
zI+h=QYz3hT8@MeNl8_%B6vwKy36<21h7MWvuW<dEA0{adx+ayqd%bWV_;NyrO^3%n
zx_Hs6V5-R5sfAGqmGVUDTSkRw{D4@(@Cw&~#nxujtn;yxY=S>s_m1Jn`?Eo1&rrr6
zC}nfQeVP3@Q{{@Q!?FfXR0Z9@kxwi@$ftP1?$M;V^0KLAnfF1mtt&B8+rPei10A1A
zRVoM<!=}mr;1jA8xr&(DIy|vAJC42(CR1@s2fE=sB>~j%=iyUIW^e))+_I{f@Tp@n
z^WY?^WUTR{c8}ET9%93)8AW;;TobB3r;ZZ=G{r5)^~jUwI9NK=eUW}G*z9V4`5Npr
zgm|8$MO;6<WiOp5JBL0m*$qx{OUk|nw(yxeoUOQPS{`nSeo$xNnwe2@gJz_kpeyY$
zQt03l1&Ayhh_ccd>(%NcR5D76d=pGmeb~M7=TEYH<qszT+bGHM<TsMv!aBHeodv=E
zwLR+7Y2bD6TiJmV5&^Cz3W>C)gd2WKZj$f(Ub>K-zDyOaBgcJAcI{KGx>JgGHC@&v
zb74!wwFLSe^4p?a{fl6t$ZHg1<;t<Z@4o)+U}!G&$-s`M&Sgt?U9lX!^csx%VsY2H
zsW<#Im(oRrzcDXikpi2-hTIVi@Wu-z##r$k=)mP*ds9%sRM)Fu0s@|a0=qH|)n|OM
zlD~T;0?B%}gj+yQ)9g@>q@^u>Fyl)bAZw~`(*5ZRox<noQ=ed3G2`9#e<}r@3mTDG
z1zHv_^{p#F>@nFm*B8e1+@fIAL7x)Wq|z%Qf2OmkS(LU$w%d_C;|qzBx(i!c!z^DA
zFOQ4b(~B<vw*82hT#6`bFC5Agszv=M+noeyl%YS!JH36j;79m@vZBoTvmRU6g3T|h
z#!^>K?sor}vG8x;a7h|fC&x5lOLAh;+|~;BJmm<@p|P7IQQjf^!eU<?ix0oG4*=-{
z<LiCcC+qCnX|gPS(zdn&z@6@ddgBza&hE;5)`jn(OEUa>!=%PyvMR&p%M=t)ZHxGU
zYsfL}>#*|$O|w$<k&4(_ob$;LB$s0}%eszP^#fN3k`<p+rn8qdZIp1y^!gkLzozSm
z1~rPov8eYSb55&aw$vYOExd^WPKX09OACMIdI$emXS$vM@6^EKl6&eb{XJq#k#J;m
zWBbd70eLrAj?0l{@WTbqpU0K^IgXI1M%(a!NU0w9eh^t#nP71+L;x!|?pNClF!*XT
z`ssL~c#0yY;<oedVK;vAe#zC#sEGRVawlZ_n~%Dg!+Q;yWQ{TI1=yFqdHJUD^B`*?
z)RShV$Tpx4h`mQ-(1(xlR&_Gxlyi!wyFUgbIkQP&Ya89HhxLZTdD?ky>SODGJzK(x
zQ)x(Zp{r?^g}GyLZYp}|7S{2f?CV#pi$!P92Ub=l(#WrPlpV7Ey0rITj*FyP58RbL
z7ds2<mSo-JUP~9p<k8q?hA{M~y2NJ439ymU%FQk=J)OCwLzk^!_`q}4@}vm5?L?iu
zKDh1uTC=+d3fHt)0lvAznK|IGaK>??Fa{vENkiSj1Sr{C%I>b;joSxC`SV-Y-@-cW
zNKI@?Cgr+=QfA_TvIb7~vbOdDe7}X-``7pA8ypT}j0n~xNX7}`8FXGy2HtiiA7Gtc
zWqA-ye)G>t!dz7!XDA<hp0zCe;^?tJnuu%uP!HSHvNoj8mw9+fK|t71q$*Y3p=hD0
zxUGC?i`Jtf`lrO?u}Z>DB6`vMEEku6{(%UJV1e_nNDt)u#-OD!`P9xwqp0lWqy{{F
zOtq`7RJl@VZPfglR5QT@&AYJmhu2kx1N##u^RO!4>p>+upXkvkF7^i6MH7Af<#u`?
zsr7f)jGc6;Rjh{BPRH9nddeBzZg0DhcCSPBhVg{E3(pT2R)A%m*Q(t6HC29YsqhIu
zlb&iO56#VzOpPkvj}x`dt}`>+W@ie}Xd@Su5}rGJalNYg`N5iUJW@v~*#0(su>AMQ
zB*+p(vX@$O{B8CHP&P1e|6_MX&GeW)5vYTUx2xZ*`S<k4er*#*(YfRb>lC=#Yvb<N
z3cG}|3DQGP7wlyIDe)l4zC*_1-Z9*$QDByb&;V4zvkJO(pJ3f<;pd#2<?hBcw;oij
zYme+2eyN#j-&*3+%q_MmQMWFAFT0J#qVKQF2aaZsrDlKoy57C3_0zx(8UJmPJ<l9h
zkNb$cXOV5P62&m4D?yIfo(|;oB;U;D;m-AO#AzieW0t^oQGW&4tS~v|j*~Qw9;NG$
z6IKcYbZ|yVOCe(ZOJ5PRE3EiZ=eoyTWwNyGgN}~3_xIU_M!b(uE1%TUzGvipE)Ivr
z5jZ&e4i4o&8~nuR3i^eI(<9ZI);|Xhjiq<DsVTnW-?af(P6;A;v~-#DS%7Z6yl7T9
z=dpcxdq`2J4u0agIfPy1;(#niEP=;jYO0;Uy8Z8dBQWUpBeed&8DiNv+v_{HxW_LB
z#GC@6$AL(0{Jl%b_lvvD0vV*E%MbvMZ?aB4=*jJ&e^5VSt766nWUoemd=b<A^9UNc
z4?4#PY*Bv7msjTOssq<|I8D4$ado!1pHH}$>iQ`Cjj+0!Zao6Mq>AUjPRDsBQk31~
zOtrT{Zk`RLHvJ^z&J?imXL8x(ykb1=xeFsy4bv;@2^$OGO^b*^s92A$1s#FG(6XAU
zsay1q9ZIL4H?Lax-N_Bw!FCx9I(EFvG1A%90Vb1w`h*^jc4h?x1+#hAQM47NPpWO5
z-~@@(X+w1leY@wIt`}41+vukVKgeD9Y?l)~!AGmExr9FPhz&b4m%FI(L>h3B`aEM$
zvx>{~nf))mx4UMJsK&-G3%i3BpVA9X*)HZ9kRqWY4B=uTbR{GqUVjrIA!t0L`A}FZ
z%AR^$Yv$|bxy$sBK(Kvk+|2K{KP$2KWSyRl$A#-J8N!SwA0B3OIu18rn&ZzH^ce}x
z&&NX^;`ot@hyzxRG&Ugr0{D^oDXa142Qc5p#r=V$*q?nxRHp3jv%!PnPlt-N{P?E9
zmn@8T%+_C%!s@#2(vk6|Pp3dJ-!tl9)AL}(`_f<KH=0EqdG7OpqXFVbp<cu}3%uJT
z_+ng^ecd_~U2X}uTx*lpRYze${QF*t><C{h!5DbgkcsI&9QDG99mm{9^~>K1>2m=@
zssz{{UlW9vSJ_1B1X^E`KVjtwU_nvV)T6lDCNDIv?R}ZQmNa^79pGF*JlWfKcsaG*
zqS@f%?n~FJZRTH#r9@>ll|gYL%OgT;t90#a=dsMGmxpdjoa5TUgV)1|zw%|tyl-Jz
z@?^)Bt-y3@efCqxKAtk`jO$MxQIVw4k8=8RYJ|D>@+8p*=#yCd2Ji{qc>&HQ|IvJG
zqLtsBozD|9aRr>qc;5IYuu<6P9kgy2f0UZxRhh4BY`yn;n9xjs*gT0bVcqcGLYhQ*
zS$w2Kix{)JY%H6S4UV3%#GYw-v=#Th^G(@;%&l|3tP4)i5oeK?(Y6*QyKYu~<(>zp
zx6YJwit<m-ADlz&kfmF2AWANaomfLjXu;-giZbY_UiG8GQ8BYGmPJvqg|~sEu3K{s
z^aLeYiZt%FS>Gs|JgqYxlARnE5cleuK~7zExB~<yn5!39dG`}2jEZJpz^(7OjsC*1
zRg>oiPZY)q1nGe0_F7-~2VPM>@ck{e*th((nHL5ZB=L=*C5<j*@R|R|*jq-m6}Mg9
z)Swi1hZc8tEyao#cLD@=2(AT+Td@$lcyV`k3GVI$hvH6#`<|KieLl|Ttd*6Mb+Z5a
z+WVL545o&t%7L&K3(C&*h)2kEpA8R>j&!2(JuKq{!~nBIDWnwHFMYs=WMHcl3+Jry
z4s^hkKaE-V;Q|Gb4;a;;{coI9y<Y|9{2^^QXxz$--9_WxpI}l};gogfQD|Y{n4(YC
z(7+jYwb!C77j*yo@><|Y0z`WJzQ`3lt}N;j7ri7VWmjNij8(Pz+XKCenATy|EIV;}
zm#sflJt7VcsAfjw1>K^CB6d1r47RDdWo%`p6pPN}j-79kspR{vy=huZ*JvzwYlW0~
zt6J#X^Tg-&8U?ILU|CuNO4pi9v{~^Yh^slKz=hD+j@NSWlSxgR_Ak4jR)j1<$b0P@
zj5$*v%Obl*W<SmSKb9q$R;~swA4vcn({IA@U`P%qsUU6^8HdP>q9SAB5p&gIO@=kr
z@iA?(SHOQ7@u{qA0rk4}J@~hW_HK!WVXKeaKBcm#Q-m5odH>rMMszBPQ?yj0n(#6u
zyYP^a_q%sTv*-ALqyAIUoRV2dsBP^9yuXyzd<?|=a2$0?w{UnpWqFi0Yixd|Dz0Xh
zdLk%2&u7V7=j_NTaqzxIWqj=Pleq<7lMiw1eGA1%S!&`YyO$(o+{PAn|M3s5>l-&s
z+9l76JDT=6&D2s_QYDdbV(ajolKJ@FJ^^p8GKjYp!pGRAb0qfzmm|WZR>@gYFGXqm
z3YvmcW`+JwgXcV`nsiX0AE|*jZt+f<0dXd`^KTV~LbgQ|2d>GJf;pj~B_E8rwGVRP
z5+jHNbO+14Oi>U;?%1&njyh1%hxiii)Y9XVG2m5{dIi%i>Y6mwW^I3qV@-$lP=4|U
zybT$OxD4%O*v98!%QQT-0qPc}XP=uB_q(Su{xZSR6RuJvmnlwei9fU7;JWF9>Rjz{
zQu-k>GrIb<5Bl8POAvkiE<3B7mX0hKElSKB`7tZSq(?x9;D2U+E+_7u@s|z^9kJ24
z4&gte#%2QG-7!zgDENyqywe?#E$Cfa>)jpT{_ohh$)E7sETSRt{LZJvX<q3xz&|#M
zRwF+<H09^Qr!672NTA`%W|k;rWvg__sg2*`3zhU9t(8YU9lu!L-WfceuI|JGZT;Wc
zBU_4IrWD}z)7c<C@z3}kJvbixszk=+`gU^qa7PP%CbmI_!C`X$OQzj;F39ht0)FYg
zXR}P0-K6w#-X_R8hVFU3DfTZIl!-*Q2eITZvCG;xrj=#Xd#^!R-PC8M`>>Yl$Cf$I
zMbZA1bytV9Qq97Ssuinq4fnl~$VQ%-ZK|R7yUb0E>J)ym5M3_|EvxBy_C}Ylv_w5x
z0QoaVHjy5j-inHS*SQJa8AYH0OV1I<>m1}*f8(rj_d-=IBJb_N?5aR+{&i@|zMivz
zANu2r`n;FM07kq*CB$6Mzpod`4r@4{5)t2ez&wKPjgT5lSXUJKUt<40sL@T)Hpr<e
zk86W6pa0`NDa*K96|^-FuRh>6C}Uynb#Art&kmN>B4GS2vM33-O&2sE(UAhysmZjx
zrdb>VE`?ZH>$oh}Jg6+v-v=-(Z)=@g40f_<a<^MKJ(`B_!$)rZ^-lHNyQY_oicm+-
z<H7`4S}SirajdG}Gq+~vC#JZf^2@<Zj_EU2AD<(W6&!*qj|2z7U);GR%DVa#eKPtH
zMUv(4V`s<K&e02&bn$bXOpbbdZc9VL7iC>;(5LRX-<?Y91COpAjum9K{uETri{#p{
z$~`z^#CBw8OXo8Ntxj|vpVBHBK#yA9lyD!CAcuhWkxSznMZ0Hy^z8TZj+#@IgeKb}
zd3&0i?mfV8m7hU~T65>AKC?pfQyjFu@4D`ttO1JxvIJoY7#p@^c>`+l%OmIqX;jTV
zqsN7j!nJ7$WYX`p6=H8RK8*zIs!b)!{95-o<|0`azb(#8+9#Uln?F`~^?&=Oex0Ff
zOGAp;gL3{jXfeD6%?6OPfk8Qef@efx1Chj{h)}P;MIdKfWwqgT_KorZu9_Yz%b0>2
zj+k3M%fD8pm&~%l&7IIf{2NLpLg8oJNkWIZwQ)Q>J2a|DsP^F*5Sm-a_R+p{Vqv25
z@EpyerKZ*mU1h>UTNiBD5gCvaGz?6O(NZQt17IyLQiBIyPvsjzLri@kU_n#N*f~pi
zjHc&x9~ZcR$^#&3X1y0Ry)V4(V|BMiHga%k9tfqgRdQwL^nE}0e(CD!y~X}9xjFnP
z_5KSV8X1l)^OccvG<Iy%dFfi``6!yinih8~D;BBa6fZ?Zrh84&#xSKTPo1rSX}C<X
zW8F=q;Hpw|-?$m0-u+v#c6?Y@(inS($C%@O;>;p##Ub&6fHL;l0wtBria`3&4%9;P
zW=wUkkNSB`klA3G8MS5d{;lbSm9(!HX@+=n8d~l9T!biHG=;3)S2MwhEn7Xgojob?
zwW9@mYV<3u#?DaWC9rDLAT?SraFc(2^7D8{i7{Vm)Z}z*-r$wsQB`Y(-sFV^KQUlZ
ztV2eH70ZBV!!tK%VhWQ7k*-P-oN@of3+Z*VXg8sEk$!>wHU}_W0{yN|zf|Ajmd)ud
z1-7^}vXo}zzeynv$_%y%M@|a}7)6<gh<YTszc@nF#3*kngzejS1?Ri|lFXLm^$P>s
zLJCi1HG_OzMs2f)__S?o2n}N5<Vk@go^qdSgKJcj_qi2qvm^I-q;ujltO2~0-YH+m
zGYW1rs0yXl!YBUVMOwTKE>6>iob2~e2vge7#)E%o1Rwpw=4nQ+|28e`U9i0&*f-Yw
z(QaBVk1cn>W!zJ9d#n0y6&I|VuTCnt4GgPtt>%-tdoHsz+=V!|?Ld>Id2et3!k@To
zMG|(PPuH*IA1<Wm(yaaIpTMR^+{_E3vgjR8KpV;FU+0+nFKk(U|K3peKfTHF)sWc#
zm%9CfKzY>g6LD#j?%gnN_q8YPbB&D8^(ddu{WZ?p<vm=kJr5g-%h~z$e~WwTlN3?T
zAgqG($@!U?nWq<DWg>vsHe>T(Nks>2a$Cm70BF9=jPx^6_}lHiyEYOpy&QI*N$P1o
zo5vRMmkqC&DvOY`J5e@KkF3p6!pCeZ(Z{J#*QfW(m$5}hI(ykei}Fh(nG=@w-A8Vl
zRw;jeC~z*o%$})-$jbChU8@tMb3Y_c2Z&n$UE%R*K>|z7ng|PMZj%%%Fvj|b<<gRs
z50wJVO~Z2f#|kD~B$YbMjja;;y%-0MX-<tR3wD}rW98w@QAXTLmd@H%WB_qhPes}d
zSL}r-j(ztUFT?jV17Q_OtGVn3npBG9e41)FX?p@Ug<cav%Me16Zrl0|H*YJS`}CMN
zSuY`<_qPdOQ;@TguRT&{tMH@hX^*9;wrxVGW9A(pBaQm#BQI}QQ9d~cE)sW5^F+M;
zgMUt(wTb@gjrI}Ozw2$pRwX3OwCH^eaLox3DLx8%3!3sHe^dOh1QUV%zKyGi6Mtpu
z=*VeiT;odj@|?2nuHhF@NXJmf;^Chm`@AAx*pWiaiIEs$4OvT5z)dG-us&*sJEZk(
z@TFO*k4RpE%1XJLs%}jAoTka5FbUT)B*U;(5zXiRP9TlW!ex<VflP@Q(3a=^W!Mye
zR1&K7vw!lCS~>{LA^~l@ll0a=K87_bGJ4xrQ178>%!WRkWyMg;d%*bEoXOrD2hoC#
z?f{j`fHj?^?U>>hJ5e<Ms^OI@o0a|L_ALf>Wbz-6n1NkdaHDZ+U&N^Kz#n&x4);DO
zmn!Tm+7>*3!%ux3U%FTp`S@RnZAOh98PlcR=X2B<2}g-Vg2-swwq#POJltQ0NH=R6
z7bB$i-H)nxn%H?~CT0ZX7@fYB)RBimrM9629xZe#e^oDJLxfiM?a=iV-Hw$oLWkZi
zPP6j{1x!XufDzlYOYxZzae`{RaarB1PBZ@e={{fL7Yu3=)Ur055M=Lib|i!zE%=@9
zGc5Cc(4<@9Sj^zoiH>4D&G|Q>jy^}no>In7N-Mnjrn<V<vLS2Z1#LYS_hapX&T<QF
z^GxiTQU2o5-={y;j;>j&!C%r9l~OajL?3J8dOYHav7y^-rFL03I^@RY_o(zZq*okm
zRZvT16!R9Gl2t=bNntF#zPswU{IU<iV6W6xL)!w~E0%2qjCxMO<~N_-KP)eZLMu7v
zf+u%6&Fj?3cbQ@3``61=JOWh$q`$`1goTp^S3Wi)a`C36)K~F*3I^%=l%?ZwpVH^!
z2H1-s=AyYLd?<mA`%wZI=2~gF&_nSu+M;_*!3TyER3wE6@0Wd;0r(61c0d@tlxa>V
zxXN{`2PMhvKJ~=szOQhEbgfckF=EKJ`>0;c;mXmYQA+;oy}*ZfBqshShdoX1l)(#n
z!Cd6z<>*mcQx^t>Du_v54RXnJaF03A>g?BZ9rBeRlcF0+85K0IBF7_|mUN8v&~TQc
z*{@eyi=<_~=~0+ME^(3QM&<03mbJ_3Z>R(DvMesoT4Gzo)Gn_EEMt1N|D<x7x2k{a
z5I11g;44kDaNwq!&l2k01MQ$J4LEca!lJ3KgyN+qB!gtr>UHrkax{8XecZ?qCB+?B
zG_DB$7A2HMl~L<5n(IU-Zy}E&)5M98e<YC()-*ZipB51<t*2$ap@rqlTNd|zjYO6?
z6C}pWIQZj!pDyY0CUP>OWGJM~COr|=!bXHJ-7e2G#SbKc!!+=uf&CwyO;x4L82O<o
z&b0m_a6VVPQ?33vsTKCLm9B1<B!?!&`g>@15}^q~mBf@&#Mq>eT2f-8TEtBw)dJ8s
z7xa^&)G-KFSA&{PGuUGzs}`Z=S4R{Knoi4Zo%0td#I&gWZRe9!VgwaJ<m1Nh;x34)
zgRzT?f6LOw4S$Nzr%oEvdI7K|Q0o2mbX+=0qN&lTZdkTk=1KY{DkH1nsn(?aIYG`5
zuY=OSDmkP$ksf#FaXvENIX|PxHnmqVe&yul&qe#PpB#1k&c$m!@MF+SmRil!dDd4$
z>z!i!cMYvN?}Wth*P^@c8@bMh33}LNViIStZHPLfIBi<RRh?>azgm36&eVaNK4%gy
zj47)ldU93NOrxaSBTXS*&Vq5^Z>E0%_Oxw#*zhfbS-6k*H#KTX8=O|#+G=kN1fz0^
zP@AovwgpS9QY|*#@sgBMr#GNh6ym;bF{YH_f@xBk>f9Q%$!velY3r8G=I2*ds87cW
znF)sS;;BzHZDw#UUe`Xj8fx6;f`_zj3RMR8REDiWnwN=EAwajhV2fyb`<=rVhj>}e
z6a_Qk?|t8PeNMH^$EcYq_9AFb+tvz8>2Xgroi%rd&xeQYgsb!7WviRs78j^6?lAh7
zw}NF86bgpS?YGlu0Q9OND|RFo^cCw_3TwZW_I~4)3Ch$Yooh$aoW*M%ysKLpU)KxJ
zjf+eobX2BE9@TirhK&FIuKviO<srgWlX93oWXibr{0!WYrNPl(U-><{%jEl)VYW&?
z5zmwXFcdyCbA+cndttE51Y&#a*B{CsBRW2~^RtEi@DtIBKNu0x<4`RsT{E!rZl`~v
z-e0e-xqdqDgWgoC2{Pl9DvlrE+_|(0lwi4fADAShUx%hNHcfMym}jyJGHdeacxzPz
zk%=!U$tb`Xl8b2>-%CNIX_6F8ZXZ=n0;*rQaVV>3o&ojCVF|<9ZL($z;KcbRMtM$8
zA-<BPQ?kbKEWZDIzEM2qrsebTwiY*99KMy6mES`Ij1^kt?-p%o{7vom2-P3Nn~&0#
zTRoTSO#-Hll8i1@V<uKG?VfR%M=;K>@-r=Sw42cLu*2u826O2zp7|foS9As7!wW6#
z?X*clD-?RgBddomauK>iUs4p}B`>1&UB%dnvl2cfX}8AhW$TY<m7|>JiZuJ+3l`L`
zW!@&)0KjQSOyxLM&Q1Eegl0O;6lb$d&fZTutNP_5WjmvG>t;-z3}h)~%n|MxBbs|@
z`Y^Jh-WqMyCMtr<or@{GrfWaazn|`xowBWy#%ZyU<5M1we9g*tUzhH=e9CVT_+1P;
znXgjcrCgk!Pc~uIJ8&1r{3Ukz_HuRlE*6_x@!k76eIuvRtfA|m$H?1*F-ko;ofqCg
z(z7xyVfOFvA3vj?`H2I=PO{!5-A&R0dxEYoP%Aw>#C0S*eh`O8(g$Q4BO)TDEDL{|
zyQ^`p7EoRv#GTi<&+wI?U+vXKl~Un(c|iVe#g0iHFI}YF*h1w6_g)x|=wJV&5yyc4
z2{!`UOhW>*>iJRt&e^wha!;^6d5@A>{24D2_tUIUw?A^?@Yw)!_Bp!MCug1i5?dc&
z{tW*w=$0W%(3yXrW>s5V-IE{5lfx6Cl*;#fRg*`q_4py`YUWE|^`h;rNKVCzJW%!E
zmO>>wIV^m?CiIX`HvWzy_?!4uT3E|IfjB04B0YP;GW%6WXV}8pQiy-Y2mhg16^$eX
zTB`bvpNcApVh>UhSCjttn*V*5c?mL^tCWS81q?_;U(P-imir`I;Adg_*K)~>-Z1DY
zC~ZMb_JvS!y7z{lG9WBFEOMV~(jsSFaz$$8l}Y<ha3}QtfTR6S%I*FC<kbG>3;&Z?
zd-BBoQ1E}@xxmk#6#l>OFdEMPKMA;VrtrCx_sZT|kOI}x0cfjyYB8p^B9|Y%%GMXl
z(qr@e#lbk0Mgp<X$@bp`b_~(*TRo^r>dh?k9?e<-m`Gn~vPtK2#n-3iUMp!SoDZ-L
z<wItLv}FZf1G2h0*L_7+b3UNu)BTTK%9d=NEuwHZs)k$@`&y8S`|_Ob;h`(Hd$dz3
zqq7WjAcc(B#LE~*R^pCNC7gAflbw5TNj$xSA)h;PdK(oDt;z{^Z@_e{J1QoMgOhM$
zqq$Q;5T$~Ho3qR6+t$F&_G46ZR5f|{WjRA1ccdEdJ+0PI@sq{^>G{;c&fc*%8Y9lK
zPEN-wYF&o2mV>XImS%40_;YuVfl;iKaGj2ww|}COaPyKIVQLgB;N=Z$?q)INC=aGV
zVsU_d_FrJ|34Z(>tf#TO1doL?b-cI@fNtjO+}+)O{&8_Hocb8{{o|A!Lg2?R%I~sr
z?t5=FtG2F5Sl=z`ji0BFFOKgC&-WZP!!!v%F^y-pA~27dIel+amw*y?r2FeJg!yfm
zh2!;caF`0?fX0)KW#T7R#A{HEM*z)<SiV#@=fDEKfOKeL1$SG<#`@F4B9>t9fwx3@
z1nHK-G5;)R=?pDmqt)qYn3|cM`&Tc<rVfi97ep*J;(_2`rO_F@+T!l??;lnSnZV#!
z*)qS|4W~PK(tdhN%&x#ERf>4X&07ZeOH^I5<H-)P$#CkuOdKlj#-2%kc98c%(=7s>
zQu@Zm%c|{qTP#z-7%mUmyFaOaH~X7%S6oocq(_Ox0^F)d=yI7T>yaivzG3Q6f8v>h
zGxm1B7>Q8yoU@d`rxwusKjx9R+)xast2>4ZUD`VfRnPUHcaLM2ch?AFCONcm+eqk}
z1h+9_B(iXCW~GzuzyN|C#+M!{5{JIy711kO3iggtgQ4ecLM&dBXWXOkIQfqWpERjX
zdM1xQAz>Wv1=?}fM4W|7$a}Vm(V>%J5(|Da(I7xbC{q@2a%2k$Xu9HU-{@WwxyzgX
zvzrAawkfUZC$_On=IOOSKVSF8h?`&rI_k>mJfjK)BAyq=Rn_M0sGL*tQN%bic?Qa$
zIqyW6#TzQ%s0c>NKM>CM9nrj#tJQ_1{&p6!NoP6--r<f<v(0u_r&cc!*@yGm7bvLC
zl}NTR?*#%VygtNhAgVRzeLkRjoVKjJx@I;yw?s{tL5>MVt287WxuI#Fx-$=i_t#-$
zeL^miaMnfKt&L^0JWbrl<dJoPbFPwM>-Vig`^FQp6fv(%Vy=?ao?xp3{e!Q&;gaW2
zVdI}qDmEUP-r26Z<K9-jXDm7T>wlY?$Bq$0zS0MN-uuo(@^#>XUWs<E$zvJ=87}%4
zSCw`k^lu4c*YXuN$$SOX#<|`LRw8KiP7h!TEg043bfP?PVqjrmQ3vmAm^t*Gj_UFM
z*;6>mdwXJvSBP%EnNx-_O+0sp+#I>ZUk{`r;k7j#$i8en25gC;6o>Qa^VcOSrtwzo
z4dN9`n>~?V`|!c$W2&6CY3ps*W&0mFUQ!Zev}^pHMLCDP?y*32<Bru;H1|$S{=AnW
zv->9xD4}BuoH<)!yt*_MQ)iVx=$k2<kjd)qe~-d3b_C6EJ2H}6KtZi*yaux?(B+z*
zgwM|Os5}AJebjGHaSTgear}HaL{Si}uk{eYD2FEPB+YL(-G))FPdE<Ui<IB0`_bwH
zTwzWd7|k=MEm5Z3&ybe|09rs){&0mu8CfI}<jhU24QG@tpc%$1nd8n!U6^{o0VPCn
zppzGbqrlLrkxZkr6F()>aW2u4UOMC7uI@5bL!=hKP6Wgc*uyr3i)7rLWye<beP~rI
zUV*nj&hk|(#F~G4K}F9k4<xCHKysc=@L!JOUq!2*4GCWVnJMqH+r|!o2gy)aVE3PU
z3J1%aQcpVMjVOonN+9w3_$PuUgKVQy@*I?6G-f_qOwop6nY$G#Q>5h%gq0?g5shSJ
zGYI__If5&rW=Q;I9{%-P{jUae5T8akx^lMxzRk99XP)z8I8MR0^P(SF$<Wp8JEb_|
zue%Q?)!zuau)JDYh=@sK3e+z@B&h~SrgxNTR<ZNR`U5c9e1jC^@h30liHel^dN)4F
zpq~Pl!K1b-|I*kYv!&8OKH}Z2mJT}4x%hR7eNEL;wr{UVCH9HaWD0)d%vox`@HaFW
zpSB#H`#&!W9^)Ju*QatJH8>BA#mWW;5^*$So{EMH6#THhd-tj6*JSn^FE8&tfdook
z>zALpL&rP(&s*v30bk6i<=1`X{rtS*yIw>ekU~>30bef%5`K>;a8At2E5k8sP{iom
z`r?1ZZHjaB`-MnLOSSJZu@omVf2VG4Vu2D6k{=cp7ABt`2&n76@G>H+u<|X`-O^_o
zj*%|367BsXD7h#x1arYXMI(ZVGBmvq5&Q1&5dPxIqhg>>txk{MjZi#lFqtVRMNKU~
za_~whjLQA+C+koGu8V<pO1bmRocvO=UqrD&MOUA|9mxNxzcH5Ud@cKMKb1ZxQL$f<
zRdk=<VaKj~3QU;TchGa&e*TBnQP?7!kgGRW<NAnRe{$E>rOv_TytKZq>;V6qi=#&W
zLg=vy2|;{t0TN^F4R&AwgV`Y+Wny1r*dZ5E;rta@?d@;O+b2V%MaMfk5!67=2#L-2
za&JUu&Bq6pNKKTgb=3eDTpXN|?(P^8xd|pdV#e(5aFWpRC61h_-S0bqoXC@E^=|-W
zzE$66g)tUiaJ$0H#K6rXQCg~D5&=S4qo0?vLbAV#n1aG+b?GxOgKb2KV**~(Pt6&8
zDmc{LU0f$lRm(5%P*vbfNSgVTmH5GC(4yI~sWzbv@ykf5E&{Hp$3czpfKIEg!9u+g
zO1TpaGkneH(68$AT*atf6&j0Vk9Ek=CxHfEk+cQ}i^#tj8i=4v!Lb(FT!aV1ekaFA
z@~3U4$?8|N{*PqCg=a3zY=a&a;y4>FWSPsr*~S7H(~O8A$sdQasQ(xRP8$b3>HYgy
zfoPVF)qm=;#9YIPhJ5hORtb{d?3)RPwq<o9GJv+O=TGEY545{!d?D~I3(V<s28A<>
z^L0;D%z5_l-OiVFA_YR+=MOKY{uOB!cUh|s;dbE2mzfn=VsnXweF{_<oE{Yx-l(Dv
zqIJZV=B{*kQzk7Bd`5+rxQoFP&M=AE7-w{8`nz4o<uXmwbGljo5^N{SGc(rNAYNK{
zBp>&j0^oe*+FtC<e_?vmzO(N=yf5i1Lh84^E0K%!o@NLwRDt+pV#vD$?pY8}fG53c
zZaX7!J*2`eVYve_z*9U~XeTKGnZ}~NkYDDXF!rd5%+1cOAW~7EUo~1$vVJe<DG?N$
zvxef1-!YB9WP1n@R-QLp`?Euqf|XjME1Y-Y$<C0deK4+7#lT)N+6|Y?A6(bH(dD2<
zAmlNy`7he}?9?LI@nlB&93Sn-dJ2vV255i6I3`m#*1_cqcGICe^lFx1)6^#jXmT3b
z>vXqZHL}`mNtC{eQhje6-_zFQ2;&bG%W^+x#wt=i{9Q8n1wcr}wG<m!7)$jq)wh4u
zceFBIB7Ni8P^KYA5B2-`lFvmdOuvM+r_WwV4R>V{TcavD@X`B~8_s?xBRaYrHaJNm
z;VpOAGKrv8hNrDB95db~bGJ<7<N^0HSf(2{+%P<40)y{MMy}@_PdX7})=^Cy_sQmC
z?RPg^WxQZo+_QkJvGDErFj<BEfx}Oa7$3_%k{R%T_H@oszUhw$)WQ)$V@P**QsjGg
z+9eANJ*D}(rvnoPVh&B*CDTD$>2Io<%$SRe3vz!Z(8YqD?uMOij&;T|1^ReOwDEa<
zdc_UX$r2if#9B%agyL9?ISFxwo(p_HP+WAMY;jKc_Y0TQ!S6|X`;7tl7@%!v+FgXQ
zUyK)G5qq|K*MySJUm43qTaF5?D?#<ponSF$jy1Nk8NoN^o)RNbNU{ZY_hPbU37yM|
zg$9qsWc9F6hhv3r*`T)+UsSbwMpI>7Q5_zmx*4jtD6{$SLU?W0s*!I0{II=db<)<d
zc-_BZITi^vuI+U36`f}@prI_m`Z*sf!S6H`B{PH!(H96G4F7uqOy_dRDK&QKLvWqL
z+_CQGc*T#O`tF2#5(rZPFC>VUY=S`o1p$lY-^S8ghgXqeKRR=MEqzBBE5l!CA+BW1
zaO-oz@BHtlk~^JJ1{L)INBlU-{g#WEll!rNuYR(>fl^FH`#0?=u2lhmbuQ%|IUj2}
zo|sr~z`M{U<4sxHzevdrI%=yO?>kqtkyLUja0Wz2cPFaU_z`<2L>RVZu3Ez_j+&$2
zn|4S*KSjhf=;P^%nQsh-24FzQ7Dvjb-LB*kOHg5>P#J!Y3ucSnyI6gWT)iB_>r+ed
zsKHfO(1KuUmD#rRDSXoC(4{=?#ss9fKQfrMNrMJw{=a6RrL_A@oB}?2!ok?Dju3^;
z;z;ZGJ8hh12OLu)>Vw<RO=Js{(Y{^$mk~p{@c=|d5NMJBpsm9<rj+$Vv44iF(J(IK
zv&$20`CpK1DV;N`jMG+qC(YgH5l(*VXTe@ad?7y|=}#p#3(#4`g)29_srE{K)0oUL
z?6CRz`)rOK44Gx)V4G!c_+xG_`_8fmXC970-uBdB_)hpx^(|B|$nyu`2tyHZ@`m9E
z6nrQ9Y5-j>fn(%LV-GCejjvay{tb~Q`b1%r<&O$mO=IOx^#ar8h6u<HHe<?$8u-3O
z;OQDwVKc?a7JGJ#)?&3Mo93yp>7Lmp&^sw3jn`>SFkLn!^(I;N`1zWz-gdFy6+{<b
zbNM|Aed8{`z*fvLDyo6v4y)OH4xc~=S4PH+xufjy8Us;{$8acVy5-)kkbIV`#s}k|
zQ;(Hmt+y!c^`_<)+m{b8wU3c1!k(4H+oFmUq^dkyK%?AJ9aQlA*%iKOyXX~lyd;i5
zyBxvJ-;!pxe7ogC7k^x;-g<0bX?KLrnkqOgQ26$Q^qdvncDXeeXWmx!`zY<XA;R9R
z9YM%8x5}$d&g`uk&x2pxD-Or-AT0xL6cow5(s)lclRNsYE+hH-O8-aAG2*3oNT$TM
zUwolACq`#g@`=8Lo8HW*GbTRHbjvpxonnjut*y4k`1Vyc(_UAk@8T?t51&D-ua-2e
z-hO)oP2NNm^j-ercHX}K(I!djDP(iN(lhO3TsjW8KBCJ_Of-3ueCOKZ#|d!13@+z$
zvR$hUF4J=d4J{;%q}x6jL@h8stW<%J=vWVNlED&kS7b`ZtHb47h%@L6UpZuQ9yNIF
zS7O4wF&70))>Qn`7dw)k3oF!ka=r@8OLRZeQ&OH{VR^<vAU|Tr*DAaR9t$jJp`FW7
z-lR)a(FPRPBpC{t)^A}1F_mW9=nB4|-*2vCeFPfswN_iAv{(#e$A)*s!<fA59X5Wy
z*gaU_iE%>;rN|D1yngRHjKEF`Jq<fdCa8N{3CULm1wxTbsUNHDx4{)>M(y&K=C`!j
ziV{ND)7375HLYIXXP`>hjDlh$(ci9=PB8_AVzl<(Iag1g*R^$l6-n4@BhAE7lH%N&
z)9rD9d@fg1JVK%0{q^b{76%!oKbmW>>tu{{8F-&J0non679$<aIpEG853F$fOn)Nn
zZYy16*m7H?{YAvX99?hheoDCPM%F2?Au6E5z^@nKW4jh&V1$i*GEOvdFlXy_x-eXC
z*TSFcplof<YwS0dqgfw5@9wxWVwMxnITVJm_mpk$&3$jkSM1&35OQN*0h-=q%`ILt
z7I8S*X8(}Ev9MzV!74UFDhd^Uvp3fxx&a;Km!zmX%c!w4f)fYx$ie#(dm`c?%q~8*
zD%U-GTVE<k(&>NB?700tDAM-sL~0jg+_;Db=TI1^^=TDU;}HK8e7^FlXZ5W*F;9xP
z^i#Dl(ygIO1t$cN;1<+10#0=F=Ew{()wsI&u<JuGN7vvyL7m>3?l@NgkA|EPDd7D~
z9cZYiv0pYTmQ*bN&$#+(fW#8|`*nD|uB&#}2+?EdntU97!?SKb6P<k8;zGQ4cq={l
zH)Vj@`ZxS!jNR;6HAdzN#Nhts=SaG^Uvyfww`70xhM(JjBBqXD-_3@2Icz*Zmvaoh
zEAlg!J=)K6o7C@hxz+DPdB11<`x_#Kq!6T{cR3xC9gFLNlK`7D>;d0L0ZcLRnMj8E
z)q}nDS2-gA#9pp9UR8^k<6e%)DooK;`tnNX>|qlGAuW)I3@`ruGAE-nAz0Q)otGsN
zuBO0TREcr8&4vXO_Fx0NrW8S%G`Yq9utK!hoIT*=ybfz)*;E7k?&pj*YhQ4+>MH*r
zl<9`Mw3FEMY^OJ$(gwEu(l08wHv8nwXWQFN7cDSE=^UIM+=Lw8R$gVlEuP7PF>%8f
zY~X(%41Cb!#u)#c!1P;|pvV(@=q0+tahNexpedw7%3b5h9gQ|ZAa!kCMQwRF&?V)J
zV_A1NC8NXGk|O$;E~`k$-<p7=A%n84Hi@PPwMk)kc_7YKrvZH+boP%%{Ek!P^%37D
zUfTFfU|6_*$ZI9#orzfbXeZRJbCzO1zS|qKzEE=ZO>v%IHHCC>iqdr)o4@sdPie)`
zNOA;Tb;~nXv8?c2vnVW1pCGq?3YQho{_UG51ys!rlDXEC9SP<}8}}EqunGtvKt5it
zj?oiWR=JdswvLz(@<Y9?q{IiC(o4qRTcok`*GC#?9b?rEE2wc0)W57B3l<DOVP94W
zcc*AFr6E->$z;@RmatIz{_|F^-*%6RR-{R9Cg6fGZ6x!?8)*RwZ6@q|c1wd*D4E<C
zqhAQNvkuF#w-<WBz7~Uj52PPdNaQbjmkw&I#swIg%`9nx-mmcw(Ik8faV1vUhmpZd
z2b;@6WlJ;Pmk}2co=r^^Zu>f+KDyhRuG0t+BjNv$_i~&P>TS-Dk!7?oR$-jpwXUuC
zRI>fJQ29v6*5`>fBzkOc>+kq&JQEh6lcAX(IlWRN)b*ff5iFbX!h{GynNNRv-~ms3
z?syKdbHS2h5hSkm34XKwts9Cs4Dty^zBggl*zrztI<7_DJ(F=2z!S_Z-+80wZxE`{
zt(P%|z3PBW)fn8FX96S0r|<OyNwB=vB_-$|`Q7h{rlE3U3%_1(JSCLAZIm2Q?wT6;
z?5=QAV>Q5|OHEu5+$CHIVq04$9O-zHg2+ZXB3g*{xmnfYKqEsJ{rZ2^BY&vVS+mt`
z2ofT~`|jckg=C%d_1vMRVd!tUChruY!D8%47X3%S4F)*PO{_8XTh4X_ByOZT#wmYm
z#+&6Y>o5z>Fwc{=D~06~4?M^8Zwo;tZ|?V&JV=iitZk9p<wL(-s|1BE)?NyGRtSpK
zQEe@#q;xH|9W6TUGgiDth#g@@p<%i5BRDYEYeoxWzr?SPHYTVtvYuSs6cc0Ej=LW_
zPG$@19Rk=a!P4g(qJ6NoWcpLx_eOtclY2<~w<9!gv9I|MFS|vRQW~f3v(wd<d5uXS
z;gZ2Ir}5wG%a*@7D$!i$t2{NIRuCz8Bv_6<0Nj6TE_VH&1nr4Sg~jHt2VYOqf=bL9
z#cpqqN{)5j_vGv{*BJTk^n*eLM=Il}npj$fL-1xgSIn&q0|H(J?W8}Wu|1KXAdDl7
zVzMqjnM3h95%C}}@X-?|J(6UaETAG;`v?8`cVe1Kb7UH(T3$HWGXuB!{Fvhxa|lyx
zKgV~%K6dX^aRI=AP1d&l6TO9GN8$DWKg|pGASU8#=6RX(9O#Efwv}FEGB#9(vNA+E
z(C&erg7}H4z~$VL!9f32dZ5+c`j2PWd6M$;sQYp7_k&)NrfnCSGenTkL3^8AVD6vR
z@0axo`AhbO-Xb_(Y#ZF|HjEOsyvI)X{Z-#bnByGTLx`}___?A{l(Ddg`Bgk@I~nST
z>%bL%!P3a=E8{RSKFgH&%LYuu-A6<m7VElCNphpH5G%Ib<8oL1n)V>cOAzAa$fjL7
zr;~+b^OQZnm;6!8{t37qXhOIR4PEpdgTOc#m@EmslE)|QjySG;z8^?n7|S(a#u-G*
z<r*AFhz3*~eBdQ-l+@@51k=6PE>s4*qpR3Bpy=&Mv@JebCL~HTRVg>QTLmiF;z&Q2
zBHy0TU{Vk$w}!d9G!oFcms^}M3?#*x`332=e+Rf@WRR`Sw6juC(Zm^vS=^i~jGRKz
zuUIHiVW2VFd%p4|>g+pO+0n&z+dDH7*>RG4ED4QpQtaomrmb(rR(Kj38i``cTVa;|
z0|7QOF|0nL>xgk;XSKt4WFK=)-0dnLH8ep`rf^RpbDDAyd8xgeF<~Y2n~Ut4<obT=
zOjrSkjWSHW5dCub6o>jF&IJn<nVG&oTNar&ny0SVXA|^<(Y|zoDj^5I<fh#uA8Q_H
zVj)ts3gKgC4tc7o&*J$JqW&qkGzyDFSpqe<ONh3g>s|{LwrAl+0Q)#2Gzd=6bQv!Z
z7YIpP!>Z5X&IbAfT%cBrBZ5c~hI-k_GDKWz8-8eBK^l>69ogqCw)>+OdVQx-!Y3AQ
zY8u*!J-!koA7tAf9;HH5x=ZNwj7{9J0TbO?DOP#H7sBHqEPGa&v+UO*K@5j{<vFoQ
zrEHD^|Cse+BVQ0<-*I7HJ^k+*?<6rPE@eT;$Q%nO({L!j4fC;f^HnJ3qB~5y;S3RM
z?-G@r#$Vp+-R@6THO42qpBo-8Hf8<N0{$etb)+~Uqm&+X#f4dXdJZ)%bq8PT-D0W;
zN15lu_q6ai&r-!O^hLyQLlf@O07gBc#=pF&g|A!25RK*R41&Ts;AX5<jj8%Z&unRq
z=-weA>)AwIn^)p)hLzbi)@D&XqrvG5FKO%}4?7*@*@q{3!yxRYT6d~6bc5V#wd!G`
z%*KPxFm>tDdn-R7%kQg$*p-rD*HXM>jo<1B0U+6hb#92=c#rFm(L{pv{~4#Yvqmqf
z!3Q)vz)QvgF!%SqjyLLzEL@S+t2WaV7)6Lp9(INW;yDv<|NO9o#Mw-~wXWj_)N(cb
zF_%uKQkwmeWCPJxKZ^N~kN@*NKdIv#{D*&W?DmV#%kh9jfzGbbOtJE1>VtC_$U-s=
z<x})2@i|iJ_#Sh3J$~=?W!ADLy;!uTQu_@mO!;%X(2C4*sFJ~F4XE4>CsAZ1HlkO{
zVC*Fht+9w+Y|0cjGt$Yz87d50=l1pXex{8f6&o9xF64JT#HH(Xddj<d3<qk9&=*u)
zVYSRVP}ey{X)v>4J2b?i>9J0*vpyreCh=4!MLSzv*Q8Sog${9Nlm`_(1K%(z{-9E;
z@uZ8iYTU9^a}l>s!TXH*HG)bpdQiLtJbJ*HG@4(Ie0zf5b$hg|74ok|Dw1IQHkcf@
z#_bhcGu>XhRCi&?)=%AWQYF-4%ba|!Fu6Hh?U_ulXtE;dTn_kvXlUl>0|hKJoqa4+
z%9QSXxOCFL-RooOo?tGz7a0!bApg+p_<ShEYS=!qD^DQcf6DCLU~hDWhx8yuGE$=l
z4{V15+w*C(AZq}4MAyu)$G**Q!S&HXtt;C=Y}Uq3ctSeAAA}{XzS4M_S6HoBbC+#j
zc64|b)V2Uvg=VYOM-|`6dEOBOHNCf{ne{w}8~|WX`B42PpE#7gagYbx9;*dMxKw{K
z$tMSo?m5AB&FN=oup+%WF#>Ixp`-nPpuLCi=51}ePu}B)FnEGes;ci|yB~>Y6;Fv6
zC6U)<Au3Et4}f2*YiMzYJl&ksI1e0|vjABxo1?C7>&#g);1$^Kk}0rAT(kY-=GzGz
zgqp==p%Ab-KJ=>8+phc?wa6e!UuQy%5XnK+%AU1$>Cm2hyPMUqLw96G0Z@^by>7k&
z2BlnBF{da3OFw_vfXM_|QKQ0eZym@@w{HwcMf_A}u8Jy}g**?bWzf?<pB|)T@j*!Z
z`gSKl?FG8LQnjlL^(SrOw_9@Av!YifXXWFFY9%>E?08H)CFva=vODnjut`rPa?!zp
zlSdasHIa)z-{pBASyJ?sJCED?CNSCn6A=`H8Va&qs?O+<>C;#86G~Pi74bkl`=_q{
zgnq(4W`SP$SS=#LwS=cAsr`EJIJ`cIAOlFJ?5s*UfI(qA09*g1S&#i&CFIlBhan^K
z4u-8ifj3*<>z|qf{#cL=h8*&D0QUPi6F<~}L%KIQtk}Ja$;(TF{&yGl-*i<MQSBQf
zmcd)uaMN>di-NcO(*a?7GWsQSuB7!uSKo}C;LYy@65x16nj6;j6&eeRB6qw0_+tU>
z8sFSy@e>|d&op;3ZS~Q7^e;Tus!zM5?$PK~PM0*qw5I;WT{Em#z)L6A<(N1CU+3-J
zzjK{Q*P}-B<Y?PdGK*m2M$;o`?E?~`+FGG^z4e(HQ!|Xa<MI0`ijo6dk#I!&)3(7v
ztvv}wq^@?bS0+LU^obVL+;b0G?jZei*?_KJ#;Ux8lI6==l3bf(Oxn>-u8f#s(ir;(
zymya;ug?{bijpdoYEA1?c`gWS;2C8usw*{5;S+FQq#9W>L&2!d?AVfU7gJNSTgY4*
zFPC?F4U*83pE{sM!!pDi0yU9jkK-UZ=G1*}6-g;6EHc+vOb3D+hxJY(2@G1i39aja
zCo2mvqLH9NTf+O8uF~T;j&+0nzEvT9pH14y17%Cg6C-EqKo4bkUVD+NS)*e7fpFI;
z;AKJC9W7qXAAKvwC*Lm?_0Q}2HHu${tcxi^t7Z46ZzH>K`zPoMQt`NPpU4nF<d75Q
zz3vx9LcxJJkLAo!y&G(UsdttPFDC41w64U?lR`b^zA{c2%3HH7(jg%Oo`6i&+D1Pq
z3xb;(cr}g4C9&p@>GkuNr@~-Vwqj2*E2^!QtdXf%M6SN0tylTpTAeu~9tjDs!dAfe
zx2)uQ!Dww|Z#`vIUUVQ5eYU1*s3{A-BVFp~F>0p8dmb~&e9G?fx$_F#4Hvw^I5mb3
z9sQ!+Rh?hyzuU<p^u|mR^OMvhR2bctzd2dy)X0*AX_Wp+?VUa*J-Ri(MFfF`lWR)X
zeFAp^`D(fOE)5$Dc`n-PrAP7u>ocpw#-zA@J-=r60v3voy_^V)vILp~x7E87AKrdD
zbz(crRJv8UJ;fo~8GNxL;kU&c{1=F5Dgr<)P}-iFltzuU+f29OSB|GzXg6kR0O?J<
zJ^S=h-(|~yj^p_f{PT(U|C~^-72r!BYC*h*Khw*}`W)~S{&R?iW}TAAXP_*h<<6{u
zyzZIl%qVjbB=hzsIHZun_Hmc*I4F}+qe!Jhj4V3%w$V=`D+gw%3sqaVPX_Q?z(&I)
z`v?#ZodueFMTE*9I2qO8+lXqpraqRxGuw?#KjE!Ql@u`d>kzheIF5BD-9Fd&K%XYO
z^~*CRe8pvEBK;smFSdj}?KbQzz~Zk|G~GL#9T7G;6dlI*@>&r()s)9Na3~@vg(ipU
z^KV~@ES@^lY;U>tDa{kLv6IEl_DJv*%ka=^NRZlup%{enSA%i2#xhqiUw`HDwfyns
zV*e4lw#h=;1nUiTTAbG&N1fR+_aIyTXF*^0gwBw1TY3jASk3Doktx@IT~5Y1soUH4
zoVMsX8;3<R!t2iq8S~HTDrIUMFgG4X^QqCE5rH>4Gmp6gOZ<NU>d6cL8Yc#X<aNv&
z9cHGHl!os%Tz5lyld7rJ!USxzGby^EJER@Q{KL7a3}44;2<hA$R>O3D2y#`=>S`+T
z0Nu=mUb|iFR8q6Pb(c+`V-%p_c+YA;_)P6Z9<5*^60sJ_^<EcXHXq|lDqJ5*wU@D<
zRQv|751?QGMGZR|BVFnqdd(c!<a9KPCav)jslBSLo)K-y=YG1yElXS6yKaleg=*FU
z{KdGwht10Jo(VnP6OFJT*4$FCL)N{KF7ZdHI2mzlwQr&1-zYkOI?wt2X2R`z<2({J
zjLQ};?e6Sw@}PV3h+uT5)dE1}$I;iZR)*%HB2MXiVqLq}lpu~x=Bq$hUz~yM17y9w
ztHSfBbObgtrf56!Y7O&Q)<f6*76Y|Z87?Y7D(938=|^7udEnbiq+0B52lCx{13r&=
zsyBajWif^3;OpA&3)wpwb#LV(x9`>$#vc@sWQ&O2c&=LnSwVllonUraUky9aa|0c}
z`Zx-Xd^<NHzbPY48iC5wc`{+I>i~a_|NlM@Lf$T;A<SGF3t?I2aB5OCG)BhT-NoH4
zG_rCGxIUT(^{}MMHsP!HbQ@)w9<{5j_(Hm&b1FMHCkuw_<Nc$d|B!vZd+w5C=B;i&
zO`h1U`Def;J(rlstM-yzpI+-deETlkWG$5k=4cXvz5=^#&2OOMA6EBiE}H$-FG7fF
zT+=^`HU-eh8}iD%Gbz4g*bY1%5*b5yonghu$U4e@OG{@)XOACrc*~auKRiB0u@<Ss
zcEDz`S@bKfUjn*H-~WLtexkcAx0nw|prl=-bjuh1=w@_wqj)Uj@b#n;HQMCYPrbch
ztksxyyU!o;DccuiU-J|;-U#o1URQ{9_?aJ4_S+{fi<2<!rScP#@o;t>*rNIY6Yk$7
z^1%t4Hf2IG>to3SG`op-V*Sfc%t!vK-z@#e{3XYxAC;bV;cGtw?C5DK7(HM3iME+!
zf{CzTFTJi8#g9aG^gCCy#_SpG7VHgv^G4P?(<^ntL(S1hgVx#{^d-?LA|&t&hXt9v
zN%i|5xB90UPYvrFkh#~ye_5;}NMQ1JcMQOPcjE&ICyJ!LAwK4g$>3{*y4VO5v+wqp
z+mQmfWKFERcEpl&@o7nl($aH<R6<!@_cRe_o>e+Kr-NoT@t{a4q2Rj|12bsFk$}VF
zPtPRql816V^1Ce%+#B(7|5e@z+F!nXlTTp(((((P*KX}6P@l+J+m1c0(6~I{NXD(&
zvv5M$gcYv>>WRDCm))kfSm}gAkdbphoSs|8t$TY??~QSUlXV?69AVNeqOiz{x{UYe
zkw;9AQiCnHaQiOE^R%W*VW$&4yJ_DVA%ddmf`9{j)qh4ZatpLJZw7$;Zh7m;1tpAZ
z5tAGkhayn6?oQVi{3kOr1+D=+kpD6t0S7SDdfU4Xd%fKq+hilMrftE;>y4RhbkVY7
z{;Y>v0&$}F$4m7oXnO9(c&X!wlF}L>7|VR++xr4k*jy9|38X=5*=@}Z*lR93jJvC<
zJKKs7GMuB?OsYHS{2yNq#l!^SK}hwLCxa|&=(6`zy2BKZ@brv7t#+Tld&t#IBW&IO
zEHrL>&wM!W0lY8OnM|iegL%FyPjg0ZMa($DETsDu=8Q=b2dcrZ*9BwF=n_782$RD5
z38wRVcxpbuPNFdX-&o0i*pfSfCw!d`26f}-4O}Mh)79hEme}XV+oMeQviC9Rno5xm
zA^6Xm3Av%j>)p<BgX6Utg5(`y$#++L$y>%=NzW}emGDl#o0HYi^AdB@MD^SWODoTm
z!S;1tle3e^wR@c7MY@NDhGY?MWsuMd2M!AK2{q_i=XkL(ZljQ=V|k@xcX-j)R@msf
z>$tF(WQlokMFydm4Eot3)x-LLC<nOhQS{~ceWvk{OVmjAhuTZU{j7!9b`U#Ax1Dq1
zAEd_wmG|5MVS<@W1@QDSH*#Q+Wl7l4h@!>)Z2O7DLXPB7dk(=8a_p~Mna1!arGM)i
zbC$hr@iCgs#My}mVMvm0vfZs){}^w3Y5a}TTBa`&2MBFW1O=&*e^JIKjATGk?3MO-
z6zjj3KyE!X=i+4A^Hy-1-*Vg~6mmbsZdx74d=9O0#OR$r6<ls`*e;b7maub}5NeH1
z%Z$AT&pjc$+ItCSS*{KlPVFut<6laI?>XA9-X)x8hh28xopit??jvz;9M<G|FGCzq
z%_+tnkOaKeJZHHe6_j?1?pKr=ZJaZa+tgkuH4b}jlKL(JLO>%KNS27qt-bl43drZW
z;^VWuMe;<!#M!(=dPyWmb{#vSPsJJMt$^<_LW|TX#xYJ6W>x)7*y{o##Gf~G?u!jT
zHa`siTU3|<4zInSjM+T*x&)6-U+}h26KsE=l$Z<(D$`D1f`WauJXZy-cNGltylR}F
zO3tbM;!N8ba{Lw;$42wy90kvmS#%Z7Li~`U!kbF_OO-%uYZWG%L^Da}^E>04uqB)&
zOc4Lia1bFyi20kp%GYMgH$c;5_$iS>7L)CwXEa!c1*E7$D)M<G$r5Kn(eUGP{qe5s
zBQDeTkDTp;V_dY{G4zwgcr!_RCVnTVEv`V^2Rz*l^BqZJS3YZ&b+h&c#GrQ_PO4|T
z)4IQ}z>bzj_&!|2_r>^&+!*O&l}CR#L|(JeW*JdZ>}`djRLPQbDv?g{QlaHw7{)%g
z&sH%}S66$wD1Fr3sZFbGx~UFt&t>9|@(ljY%vixie@vhZTPbUn`QCYnItJ6%+?<vw
z)Rwel(Z2J}H#ZTkXYm0%i)ME8JU+>r{XQ|JaI~yaUHpf2r^^M+7(>@Q_w&c*tOM+8
z7fTYPv9zg)c?J`A2p4Tk6#YcD;bGs&k`u4JSXWK+3m(vbu)jY#E!=+<xzpAH3(3v4
zoBcCM6TbFw|KYJA`jHSv?VnA+e^9Xh@?gMGqw=Q?S_|5JTdOTsGa@zsSoOXhJeDa=
zEzilV+fE69<aQLMotCrq!}1U;XXIeCGFCR$I|hnqb!ekk(F$L*iV-YXeFsmk)4qGo
z4-Ed`i@vUF_12P?nMa6J{h;fIo}~ZHL5ofeo1x?f3&+B`gvA-VYCg<CK{MLL7`!%y
zzox1AZ>tZ*5UepZwb<ZQu1iDZ+lCsem~9+vmh!88j8)nqS+iMd7(#fE+mwwTheVvV
zOqc?ZDl%+REzzjq7n7Y2#pk#sUYq5em=)@cS8w9<FO!b43ppL*JrvDUoBygO!<PVx
z{L8(R1j65wBwhOJdmBTHHGr||%gj6^MIm-E3ss0ko0wV&oA`8=CdU3{DLsueue?5F
zu3SYOsv07R8cGYh$8R!KjVcUX{2<UF!;)24*b><_sl)yB*FiwSSH$Huy86y(Wp!17
z#cvusF}7et;rk3^uIZkdp?{^yn8ST2X=yXEa%#$S2wEOOXdh$>we=x6*S;)uXUjw+
zgntSP^+<ErCI^ah8<M3mSZfFKBT=v1Q~|dfZfBM!`zE^8zaBt7$pjYrczeoY<#P+&
zGwcSd@0b~8d<c>f-*Aj~RmrwzW@~V8Oi*12M|{gSu(GjFSK?p|*Z=TSwZ8MKG7=ia
zQBHkkOr|kDKEc6}Wx<1iNKk@20y8w3kO=cy?N-*}Oi$3&Q{7*wbqiSj3m*nfEd3+C
zqthxHrjJJ4C+zF%YvRX=V2U!mWzqIM@la!40S#kfRV?rr$~VBm1R*BNt7{UUclTA}
z%EbZEgL$4lMypyD7bdi4%eqVg408Y@-p+nj8X`)u{|oLw5x@1*(>Jop+(~CA>FeoZ
zR;vD#H<6d_j#g@gUTa1Edxj>2o+Na%)`>c4VSY)$P+J{UZ{IUGI6%jTR@%GznV9&1
zlfg0eozbI1@}<jVW+z5y6La~pUJZ@SAXln?JeS2W!Yog)?}9fY3!m~eI6Q&+ul(X}
zbf8<rP-s}LU_@xVfB0LCt3{0ag{Fp(e$%gXLFl}zo7pAB=kgFb5HTB>lAr~;Up`=;
zFzIgL&rxgnS7ePf)>vbWHP%=&m@8;BYE;Y1EQ>>>Qlt5SW6_G&#qs^?RVvhK^(wQ|
z{33x}>o$`1eq48*_&F-|O8Y;_O5Z;}rXQl!XmoQ`DwSfsDlvBL58C|6F^JbR>d*5R
zZEJrRV~v=<>aWgU`}rIZCvpB?IY;#M^Ko1~zAvw-b^q4>mHDp3_2={P<J^cpe=>J}
zd`<H;E}F076fyezZ|z?_R`>Tg2P$2Be>%Ub+xbZi{$xzWm_E;CC7)VdJ+0Kz%6Th!
z{N5P&{@8ywzn{;^iiUJC|Ji!g{v)wn{o3lfSc!=k&*y*3Np?KN_B|H~O)Oz}a*nx)
zK60WR*}G*u7j5sdpkCG5>h<bxFBr6zCa`b!E}~!dt)ACU>RufG$h=o#rkv-V<8^lJ
zH{|W`B7Z(>tg*%#Ypk)xn!)@R<^9V??Ao}6^!H<|vBnx}{PWS!S)R_dWBb^(_b8Vx
zU*qz{Gr|yV<M<gHN}4Co@?VBZHj2N|MXp%iW?ZJ_-<#2v=bYKI2hWGESk|z{8f&bv
z#u{s^@t@aV&X0DInUqY+_yT_hYpk)x8fvACzSg%qij5+`&kqkzPlE5K(mptaQl<T;
znAouoHDu=%FutJT-<#?F22xTB7@Cu_#u{s^vBnx}tnr`PU}`mL<T9D=Il?v8SYwSp
zZ>>=wlP<Bauz*A&VR7ZT>VFDawF<dh!GDdVOru^#CR3ngjWyO-V~sV|SmQsr!CYgF
zHP%>TjWyO-V~sV|SYyp#uCc}%Yy1$cmj3{(vBnyjf7iF&*H~kXHP%=&m}&(bHP0!1
z*U#UJWUP;p!sm=i)#%VFXsRxwq^yx;R#=|xp{SsQ!SN*&k|By-zGY6X<qOiuA)ddi
zL!#in2+gvbsj+dCTK>r_^Zs2G-IG$jhgPFxYIF>Rn!k-WcWh`vcdlgUJymZz`56>T
zvy4y8@%^d&c`;Loe3g~FW>KNxA7N>3hN+n)&`4>0`-+iC8Gjbag&_(vlPIidVPayG
zxus?PBOsd|;YoTLMX#Hvs(Q(YM8Q85t%~XKA(liARST1p6_qo&r1{62Q%v(TJ)fa@
z1%EbLwSvj9VdN^1PpzyI|K6<B-@hI+qg}jf?PF$Yke5~U$hG`5(z$UaXBGe$ZF$9;
z+CKhMvAjT2RXL;6vVX2#<_3BFsvZ?e-c?o7Il1&-Rr9Sc^Qded=TAi~p}f435vk_y
zy^xlwYT73i-(9nQhR*6L>U(GTGf>R-QvRlzMHRp2UoM_1#RB6KlmD(?1g4cwQ1tXU
zt>467BORmU`3nZ8<oxTSrnSDBw&A&d=$`t|Lq%h05$`?>@ugM8OgGOSKWA`4@=f1L
z`kKpmUe=11Wg2T<Q`0%YpM_+qkJ2}Pyss>bwD9IlGb;Wz3!?+PuJ1<iO&fEA-IR;h
z{*eeS3w;%exb#g*09YJpr>wjJi5fu5<WMsOMRi~Q7jaX4wW9x4WRgi<K1m}YB$&tt
z$u#y&qUBFx&0tC=TCq8`lY>`07?x@Id6bks@@LDIecXNAfe!5qfv$S&Jz+@0xRNi_
zr}(jB`*CtB2Zg9!a_*WFozp9_S{mshIrRmza{h~0nrgw{JD3qA|77HZd)km%GsyQ)
z$p;AV@~3Bszl}K8-^G_+1@x5!;OLyi&oJ~R7mxeTSmyWqxiM4E^^lj6%ZyabKSD!6
z9Py8<K|4W|y(w>+=lHW|%DjWVnLDqVK9GFJlSl6+`H#T+f`^#f+~##%JB4|v^vp{6
zr=nUQ&fAq&{c^O6<K!gfGCZ&5AEmW25j)@e%qz6~*=QEVi175FZc>ACqDQw*%*gq7
zXQlrB^=N;ShD&571EZZJ<rX8+@Y6J=h2fk08i3(<k9ktq$bTvnBShO<@ap{x|4bIU
zi?B8dW=W-_=t(xOd*}YEYJQ|4A4l7}Ovw22P)(DbnMM1IioXvvake%@RgC;$&8q16
zxdCUo+2jATgFl0X?gI49ZGL=z|Fh#cz0A)d>8iowP68uR{{2{<<Kb;vu3Fz^S_Yt^
zAkLRdrU8sBs`=MPMSP$G(Z$XDG^_RbPeCzWkKW;(oHW17*n$dxiPjwU?AS>_>MOoP
zQaRVpZM}mW){9~p1)*+MxFy%}XE7^`<ingl-d857W3VxgLBZc<qN)%R*LdcZ`AT<D
zI%WacEc5r%Rv5;PEnD$Vd5Id3^_Ozf=q9g+mB2Cu5A4{s%aGP71)$|=kO>}P3B=s>
z#L6>_{JboZ?s;?LmId#J7x<G{GnfrIVVIaZ;c)9Fk6!ix&{bVR(!&()dV64N>q>4#
zH(FMsnCZgZ!U*5nZrpMTW>y0*gP(&Q`wko=B(?TS)!=7!nVmaNkX_!-{9q}kFWS)l
zjlo<TY9TK936qi~D)W<Yw719J?Kb7Dqi9$`t(c+UVHl2f;^&S&l-3Wej7u>|ypJV&
zMBgrvc}P`iy52s+)5QiGdp8Q-4xp9{k(>}uY|LG(ENqBL$tOQG3Oh>+f*w3YqEONB
zB9;61@8RR-h`o~sMb(3Vl3*7zQr``W@i!9g?}fb>qi0AWeUp>q-gRZqp1s%vrZK%F
zr~PFfPIflfIr;LcV`62DswJK$`mlS)F5IFYQ&$jyp@BPLLB3d9+mKXJk6NQ;w!e``
zUr+4pZSjpvrM<h6JI2@9eOQmU^fHvJAfM_c@vaZ{cD4lGeaNsxfmWs9b!Hq+HdbN`
zZajZC0NQ!76Ou_wOu)^?8W-PqI{F7l^taN*%rz>Xx%o*lVncOvvv>BT?86kA*<NDf
za~Pi(Au~0J_}ED7?CkIs;~JAMGud5FxUUzs_6~$Te9DAO#TTa9%dxm}oMV^Fcv;s(
zw6hUDe&M(|+Tt1%BaD;+P|;HP7&m)6tn9sc(b&5x=L*Rv*)hRle%5#dM9?*{h(@LS
zW`6Fxs2^Z@s2=l+N7#SSoM6A(Tt9Y*(+1vD)mHKF-Xn&kTI3ULgonj3AW@@T>?a{2
zh2GIY9z_M}=IrDZO3mPskWvSU$!R={xI=tl4Fip@@o{m)%EpPbvgXyl9oDG$@H!87
z7dxCBT*xY}VHuE(cJnaE8(V8jyg%w>O2)!qJrAOihz$wA*20$f{5l5PUSWFvB&V)e
z@VKm&ti%*LXXMBydr1lvy0CF0;$9p{$+-*-ws2ouKPm@MP*sr4+qOa4YF?0;l}Ui7
zn}~BKHP4c8b8yDS!Hvgn>M6^4z}bEKF|ZD!slA!Bc%hR;P%I3S5O!OqJ)f|Lbk8VJ
zO?8rxkVtHFFjkhf+)XcGX<7Si;S+6lL#!2DXw}M9IxDK~2Q<7CuLTALirRC)**$=o
z&M^RH`sxYxbrx~7<I&T4mgN#k@{@U#_yGUVIEKdhND*^(5L$5YilBL5RMbllC-xk~
z%;f=XZ4D%(JY#rtgu>(pqK-dm)tZop`7A7hMlr?nln89BZMhQ^MC84A`lpwFtfi45
z9>+)Uu6qW6#lcqYMrY97)5iTf?%3N}3r%O!*Vpv9{;m_7QI48r-aSvp$<`Jdr#n=M
z`ALQvh>1$%L9jnIHjZQz7LybaDDrR5!<;uLHGG$4Vfgc7!*CS!WAElC#xf~h8zVa|
zn7g4tIM~_acQ=g@sTxUlrC6I{hz|1;?TWF*7qX~O(_WQ|Ls$v}{cR*A<RL}Nhw^+}
z9qdJXJjf|;XIZUgva^~HPj}tA5)_+5`-f^AE}me|iCd&StEH>v84n*f07@~x4Ba|x
zBl4Q}`U5J>GH(h}h>w4OtEdGhzbIP97Fa>c#P8OENx2ry(ioW!0<p2R#5XLRsilu=
zMm33vnIwk0VPxyev$`Gtl#`9zyPLq!f`YoDN1~prL`;IH?VJZ$AE}8M<Yz?U7LbZm
z!z$EDp{1+`pVlr1PYUV>(a5IANcm>X67@bJE>z1zd>;g1D`FdRHwYUeBPv^GSG_yY
zT~o+yH#h7=d*Mk1EUBRFWd@N^5%_t!iX6L>TiK3E^!qe1l!&__IEiz;f<zt7FC*_Q
z#Pnt$OB!J?A0|-MH-~(xkE9S^Y;EoF2}+`CN`Z2=o21~suKD=nC(J5AI^Dy)JKk8^
z*l_z^8bga}7JI9RjTgF$3c%9Jo(GSsP%JBH5&3s_cEZNdjkJ<R6!K{zZB2Rhc9<0u
z)R#RYCp!%vH!t3{bn`qtO2o<%w>$B4Psl(cr8whbTphR*5<zfK9POi%ynC8V_UjG+
zWRuN2jC&&HI!osLBswNW$xX@RaprwoeMJrSwh|fOhNaN#-Na&~DlKZooT$A}tgRgg
zx|e|ats6vtHJA#@#kHsR?&pS8C|#3_Omw}$*Ub)V5xdx|QkFy;-;(ZbN#L_CmL)yk
z#50`6{sk8L-x7I0ooN-oBKb+FG<Nn<_BdJS`96-KPTYcG>6udi%QThe;r{V{;N(e;
z$nkt%F=sBF!#_9>XFE|l4+>fM<|Z&$S42$eOQc$WWuB+S@S=5`$*#9TL(W)>Ywo4L
zU{0ZBxS@!Yr;Pw8Cb~$^f6nyW953=yKCOen513H$3DqQN(Ft@&RJ0VPla!i>ue&{V
z?*6n6&7qJ^ezTrM(mB*gf|m_@51z*>Jcn87JVoE^mtHoGp_O!#C~}l0=Ivl1YBD01
zS%n6be1epSJJ{QbI=K@~+r%PhmT4}_#?{dpTW5dD8%Ov)TITxSVSV)w(M4^dzTaSQ
z@eJ9oI(U;4|GRyNgpB)9yy~6?V5p^x<g_x>te}*RuNq7H#1h)&CCbvHak3Nhw|D1B
zRX>WUE*}1sdzD75pt>*v7e@y%ejkeJ`%!CP{6iJ~B97L!PGps|q6HrK+7MaXEaEWF
z;|HNwSy|x~nna&u8Bnfh!r7b0RrQo+>+Y#SpCNo0Us#ERa$(gtAHV5EqnIG|fr$CT
zSe&ga@d!+2ROIycRHgW0<lv9F@eMLXtN_NFb2zqtJLgUO8DCNX&{vbfiQU^cc_R`P
za>AWVaD2GhVAdBrBqAyjZ=pYXdtcpNTB}<4dcVCL7DxX;pQx3UJ<7n0oQ8r#(u$h^
zSf1|Z!GjDM8mf7uyRRT}`x;+Y2OQmfiN0fwk!>6*wDi=!z}wMY)VQ07Pa7Iww5fvI
z?oK$m`f)GF8)NslRR**7MJg9>SP^vF3mZ#E;_|CeEDn+w9!1@-41kf=a^f;ekgHii
zGfRkzDPF-|7#TU!FHxgakKw3yov^}wp_NHOY%g>C#08Sx41#tVS0f|t=fA-6);aDz
zeUD5gL%KLcVn_%T9aH>>$+l|3y+jRLTM-)nj75cto~nEveq3h(ltQbqne+~IlbV`F
zlF(vgW-0P7LzPYQBrS=~DHQ;f=}D9|4Kmf=Oqh?0Zr>gu)^~|Yi(+<&bfJ4ID{F2?
zXEH9+i2h#^o196wuN(Pw{r|xX=JFJ`EpHL~ypQ@+Z_HidP-vm<SulG~>XDFBNN(J1
zuHLxKr1-(Nbe6|sXdA-Ncqi6345{dp0CV^|Iua;EYi56kIW<hRKEu?;89!GWGK%_<
z41F}1wtV=;V9vHxVD1`8-TO+eoiik}_!X&ly|4<+Wl6<Xx?iSXa?^%_m#>KTG{e;D
zE=ynMGEY%vIOk4ZCPkQl>4AD|Elh~Yd`fQGeXiYb;cep^Y_1-}=}tUP)1o+c;siGS
z(G)y+#FdK%l)fLQ<em{nFWn@)ppcCCKrUQ%qGN83FgHtbYTJ0=Cya()ER~fd*xbB9
zL}4rMN*{9m)LG&RYU!zag6$Q3QlC5}E7q6mwgC(+ETcmu3b^<oCr_LqB>x?4h0&Zi
zdW8EKk9m?9#5EIl`e&uWu-f7fki@HsVr*_*AgZvEWM5}aoVVrWyG~XjCnd$t0)2-&
z6c-ocYj%-<v{KqCv$%2j1_`<Oq>4G5zhX~QUng#sm$_`=Ls7|dJWOwLJL)kno<{3p
zmR9zj#*#$z%)BVBs388fJw{>0$VO|hHSuS#uLBo@Lm0UPiN2m;W1vsMn{HuH?J)C<
zqoOz$TT7ASx=Fqu5r!zx`6lNr{HX8h<G$S~(Z46fFA7D$Unk&MH<Ay}xp~8!nDl4l
z#Q0-u>Okv+f-lr(`*6m<f})C-gt;0K`>dMw*O?ex`ZB*DE?%{vw7w1x!wXz;4W}?a
zAImdmFmZn*3cm&CtG9U3HqAg?Iy*KVpr~t}agiqrlK`G%MhfF~o3dBs+_t`n{lj<2
z2ddFOcL04$A08Lx<90)z`)PSR&Af-9i8a+dGkjrwpbk^LYXm1fp(Hm!#QidrJwqh9
zn_yz+%M)?Ei>NVczf}60^Eq_%G(qvX6y`qQ$_0CBn(7E~G2*gqAWfZZcsbe8Fgi|p
zfGx&0UKEI2d5OGTvT&oVwFG@r3py46mdLp4O!k}ilx6y}<-kQeLlcDQOb{`&AzRc?
ze!Lfkc5XZ`eSy)jlXylwVX&(nS1U)_Cl`4fVUM1PH&35F=8l6Nrngg==&8cs>|Wf3
z;VgcV%ndy=D*I)8K{53K>+2@G9ahl)CXE}HzR}qwTUsWkx$kDmaeaH9l#~$bW65<Z
zKL#epxa)EYp9h&deUgg)6*Hc^X&~0+0>{MP<8sQ#3v<CrXu14V1-Ff^iTR{cTlSc1
zhfWccSW5r<axB~;>F5<&K7SDF;AD!6GPrf^45b4S8uG%pYG_X8vtl0lTC?}O8I8j~
z(vmT;k1NOww!}BN3@z|3ClXVyMAAb|xh`~6{^A)fW;e*LeD}5f%4)k9uFK`RzR-I9
zb5g~a&1`+CeVxsblc$6k$t5c;kYoGL;B!A$=qn1n%jWbfsQDfp#gSY$^`PXHFpvJG
zIL16?W~v{TQ@b#AzfY;CHFxt%xIZXkqAr#5C-&kN7Ee)8Hb&R<NO;~vTTK>@;c0Yq
zlw;)-KxfxmEG}H)UfNThW#8xQMH?ErM6KSj#49q3N)c02!%I9Ye@D2v0jIBdP~AF6
zeXb9lL1m1;&*jQFJ>pXzlb7JnRefWsJBCR2yUh7p4m=Z@^taH*F|mpj6hwPiuUZRo
znkFer^uk1##An3?xLcYLl3qziO)}f}p1{#3m;fIajC@m20L?kUSUAMe+E9pzxwSC8
z&xsH9#=t6^;lUcNo<GG!Lpzdk->}ST2J7><a?O%wFDpn9#`U^aI+Ce@)oYfh<JdPt
zR3-ax+1NqovzP=?XS;S^=WXX4Us)Ky!^T+D=~F67GDHnr<)zTk>w69yKXR3n{9+y_
z-r<VA3AG<OxqW#*H*7;GDJjI?_A1sv`ONebV}3IjISTH2+L2k`Nv7!QmZcZPFJ9nd
zZ-i5LF2ynKSo{smo4Z6XG&jqm+veP|38L_6E?$;baJ=`7k=k@Fo;rYEOd3U5F<din
zpuVRA8$AP}GfOB;iNx3`kkLh9d>*>umtKyBFUZKb@5r{pSGW`Ph~&Fom^u6Mq_~Ix
zXB+J9q*3=gmW!7}O+9@<ZoDtY_nzTR*8n;9Z1Bu@4ZwVN0p_-TNYvxF3M2ojqZKQI
z^PIYFL0oDc;T~qVMW*nqAO}kWW6~<ys4cwDb@B83;!@(n-PwEO3<<Bs06zcHu>iv(
zC-IDY!thWlUS?Nt4o%`ob_QnW&U61+8{d-QVMSPRC$H~2WA-JUw=Ro#K4tWS(1wL0
z!%Bc@{2i@$Ufn>f^BJyLdh%R%Khh(hpc_eh0s0s9L>)h-C_Rj;23C~5%H!n8BX~xo
z^88sch8J$~s%?@lOtrq?$`uD%r`4z>AFweorKIj1ZbsK}@sFo4HxY{)7YWU&p)v0^
zuKq;;%(YZt>L_wMIW5L=Ubha$2$Qs^`4Wa9oGh)WoK#ZiZ_Fuud-95lx$CNjZ%P4G
zc|n{pu>887-Oqi_leh>@95W>SMT0PhX_$VyU$TuBHStc=(Mha)?(tmIshL>63#)s1
z^~j5>#@-Y@FDBZ{1k;dw2HPvKFgGLNaUsd~1Gr}BLHoRt@1jxBP#DAc%NE$%n&TLi
z&-=1e48OMzvA)Wqcf$a*yokom=K-p3ez{W`=el|<q51T@dxp8Fx7^|i(gN+dX&gXb
zcNK<z<z6M7Y~;pSeI7okAosx?%mY#x8tUe@-A#g$@_3w+z_rVk)C^A&d)t<n7xlc&
z2*cXagM#8`1iP8xbiatnwn7XpebGcXdP2i-DY=-OIF0+=JSL<oF&VCXvTB?LhPRno
z?88j|EH|A)M9d4Yy{=Dc$p^kgs~E%E%7m<jVG3hiG4n}h85nNJ#=_POCo5CZYKH*@
zkNhohx_ui<izpO2gK3IG;%bAL?{kaer;N#dRzk)-S1y}+(K9rn)7kN>mc*y$5awi#
zxx>mH#l}C4nx~=MbO>fa4Fhk}xak^AT|+UJP63QdCb?~X5tr~}N{aHZxOAKgR>>@m
zH)DOvlrUkGo+O81ddrHcrh2@MuHqh=NJ+_KEc8xr);Vd_e!j0Fol`px5D=eFaee|f
zu3e+Bu37g<H{aA6K+Cge2fPwXQL(~Idnq?fTo{@j#?R_H@fE#*hFt%fI0ZdnZmbF$
zClB)CJaGsuMm|x+O+z#4CuYeGbLG<ci}-~`lbK({yOur_%No9ia{dF}2A6TTbC0J_
zGceZE6DGBWxA_5>ho>V2kal2i<HY;+I^8c=F5Yq`zq0M?cvbU5co|z#IkXIDdEjr)
zeWAyc+Xme7kEcx3puNdWDtm^>3$Vvd#JQ;W3EuW5A_i|5tc>I2@uS$fhf~ut`yb0-
zPS)pg>exZt9^{e|ZprrJ1~iW>Quo9UecyQI<qG68@3Azppk1=e3QOFxzRY<8YjX24
zF*&jY_oUZ=1YZX$3SPbBwlFYny2dDtci~RjGcv=RNGt67VlY>|gE`Y$j+tXP&24qq
ziR9ZjdGjDHg;(``sI+`#da#YhIXPsc#Ni^$)O8~-=2uFT*^#%Hm^(78P|;ix!GY5^
z2nvZJBFvvNm#z@@C=~}oOPYt5P{?|*y>*Kx?GhA<8KN9bc~&{V(_mxnJS;<|P#}|z
z;c8?+?5j2+y{t&B>E?aSOLFqEiN6=d)#IlLDd=Tc-hqXwB^?XP)Fj(-<lI$4BkmFE
z@6Oqy$0_*cHzdmoAFwvFq<wLj-l8yWnS`()lOyeK!2XskEmO<%G?bH_l|$_PP|lt@
zL~K<Ly(MXw3zH&WUMV%zbRC8UdgL|FpinB98SSB?PY5-{lE8!tq;k2K!yEx-rbG%+
zyW3nQy0lAoZe4B=w!R5WiTs+0m<@=SO%1e=n=9g*^Z-Zw%iIhqKsHi^)lDA;dRlR~
zYDjVOxbFHi7b`+a+9(Ki<LWgN?gU4XkzGvRlzb&4>SZc2?hu^%f@Re#5te#nR`lww
zFTCx5S9UY+({FS7)MY{=?{YW9mm~WxQ}Aw>FMOzY$eD|maP$i%F+H2M{!t!>S*@Di
z9TOuW$_FS5b;d2Z2Dx}W#@2+WvLV!J71_a7MCQNZWlkX1uAL+3X$_^Bq4+#}L4VhK
z-JFx-qcJ&q0_(VHWPKIfx@bz%goJ_eNKTwOfnR7O5upL-i+Z_N(#RL;o`s<A8OxMZ
zjzTV_qqUX6o@#8a8&laW@}iJ4^1g^0dd`%UKH{8_4c!u%IClgO3uDT9M#Nac@K1j&
zVl;+}wH0rh-{GRK&(r#0U99@vByqvQh1Qm0t{I!~VF5r&x-ghIuisOg;>vZON6arQ
zA)D;xNp3#5nUC;rGUB{2?1Pd;!pu!5>R3cQCJeWU4UN5n+`gsHllK$4G0t~9Mc>$r
z7nRSkxN1ws%o0k)47ZJpC=?xjK{8s6sj(fsOBxEpEq<2=6YiC@@W8`@h=Nw+N+nAZ
zO*o1=%gsyX)ai40-VP_~Zm2Mrr*MeMCd&3Y4~tq@k}2q|dqs9`E{X9G7+*Sytxuw8
zcM4B2t~bL9mO4Ie$in&Xp#`TK!t@MD#n_h!b~4rd@+ZRc7M|%Me+tp>a0BMoOnEz~
z__3A-CK#yA<(f$VW0T`NaK0tX<OfPK{DtYdiKozXT6O`0vr@W>Qbhfwp;%T^9_7I4
z3kKYcxJ&3Aca9vsNmg0}7tHMGlggO?P|oFRuCz{zJTJ6kX==uY`DMPx%s>-anR%oo
z$6|i#Jl4VhPK|cqaLs^MJqsvB{s$``pl|8QyRrmfrXA>7SkmR}O=d89UddEfq~mlq
zjrR7Jm^t2|Br6zGySut|MIm3}LrV+ObMv&keL;3sHqns*oH})stoCWD?|WktS%^}l
zrY_wLH(@X<AGl%_oR3soFPBae?{||RVOA1cjEK!|5`8Op73m?y`kWP1<lJ#tSqt*Y
z7#Qxv?$!kitbK{R8;QHk70$WFQ}OH`CvQ5_Cs|;j{|z_wE$E(|BHGo2n4)T)C3$e<
zve1yYCfwhaLs!fwuPVa8;2IhAV?u9Ae$U)kC;6g|vr^-67e?)}YYLL7F6_Tuv)rr+
z$*<&&y&mC0pNh}=bh@TbW%DdwQA&7SQb2ZgrqHSnCr+QHWJpF?h`or*6Vbmy#AT8g
z_p5|tJjTtykf%*kx<01fr*p&Dg4Z=qu{H`pM37+7@1x=uxC(=tS2v{VS2Es5M|VHn
zjg{p5gyuUt+r;%k6I~Kr?nmp>xN7dm>*w*9>U%Q0C`B>bCrpinIH#Aun|hd7yAT<j
zK*5Vzq$+s(I1<<Ud8|ZFN_wOPCU*;2Se(Su>MEB^-G~x#_j5Ghn3)Fw*5<e;R_ba>
zwlsjVi2-G;U1UXC;+|d!z+!iS=*x!%^%#y;R+P6l3oTzF?$t0$W3M=O>NGCip+t##
zu`xP_ad0MaZid{=e)nmOSm?m)svh^thga03oFmZGnCBgfjJ!+Y>`g~{C1Q?p8P$(`
zFtLe6@jHVVT-d=t!|PRRh`oO@18q56G__~wv%&Oru%M{AnkXBC)%T;EX5K&Y#mFOx
z#gFT`Y>|%U7LlVoE*Kc`enRxGm?O#Gij-F!d_kj}#M|0{2e10*s}QEnEuOBo1sE86
z(myZN-4|+d{m>T%<3*|uE<VKo%(YbrGaSzF<hU5iwXf@-_G=IZu`xHLaza6_w;7&~
zM7$IVTFMe|3Qwi>RVwGcS<hMrCz$?dTJ3@vk}fmz`~8xMFgxSb=;>dhpyQK{vcv6!
zF)bm?%82x;Azf`RO%Bo0(ML(9KL^hm5f&CjWS|R2&s`z8dXgWZlF#zM<vb^^n$k5R
zrQojBclRM4HkV0!Hv~YNFqk&pF{t^>vV>q0ebT-eOLNB{Gb3F*%@uRWc!;;%buQ_-
z@Zm!_CYNn~c&}2-b>Jl8V`1k`bj%~l-*xk$I+=q<&*C2#N#xx?E?ziA*z+b5f*gs;
zD<RhHG#4%0h>VQF!~6#NR?cKc`C{(%=&L3^yl-NBdV*jJ6AIhs(P;VR{<wOa7p^!k
zI@gQYt&61BeOiY~6Wj?&d&##9Hx+Vf*FM72a(N(X<LL40)QzhcZ%D`1E0Wh)f!O+F
zvN-VuD|2gJ)fQl59R5Rtnc-%FOPr`%xdPc@4^GDCNqJeRyWb|2bh0$vh}G5K?NP2f
z($L<B<+WSX_03TjW=llYJBE8+Vq)({>-z#O8CcRjE!AC9pXH0ORU%z)vN?C`Gy&n^
zM1%)%=9oSaer}i<JJYrB>D;QEP|n)M^6eY9Jugy3e8ZVt`m}d?8fl7q!c%HX<G5}U
z%;d~Co(8ulX`f+*WnLtC39n*F-jiG`E}llu{yqxe!^>z4oCB%M3&T0^8T0)`nA-dD
z=5Yij*5NE_HOx<s()hN5yv!6loh-O4=9*j6%lDY9OX8-`S&w8<%t1zdehh}L2^6LK
zVG@?|*<f~IYh};-Hj$T022^~QK&Jd=k3Khur;#bI2bTea!L;Q;!5bdOxp79{1fS6R
zWIuh$@K6WNh6m8M^Ce1X&&lv2hK_+$J&WSjEq^BF7g4IU|B(!)lB^&*E?mBWmzOu5
zo*rB}bDGGfwN&Nb5dlm?2C&qHwW%<e-@LcI(ES{}Gv}~!_r%A?8wV=`PU^ccDVe~}
z-kh?IUWya_aq+#4quEW$+s1etZ28v>rhO<M28U^QD}tYzfUlD^dRBKBSoqSfnuek{
z%q;AP%_^Ya(QS+@d|6<H`O&wSTDdX_Gzs&z=d=yUsoCUYe>7`x6c*(OQ|ZOvycRTr
z*qNJBHmn5gJaMijJgXSsNsuX#*>!wk5ihe_gg<X0%EyNE$~s{*9kF%s<8e_j?uLd0
z7xjap6LT|L`W5gt&XV&t?a0c{B`YU`sPMbg4bJnGrA}<jE$LH2-}3;h?K1$74>#jv
zVnfUD9I1geSb9bAw73{s%j?{K+eiP)G%NzLP_u%1yozf#^eG)w0kAkb%)90;(tU1<
zIW&BYTePzUcd|<Hw7o)7?JxkX9~X9?IA&*?Ftrph(?adjd)zd$CnY<d<PaZj1r~lb
zn7+bbHVSj@L{q;UfJ{#-f}b?e*Ve+DvO*$*0x`L1Kyc<;G^|jW8Ay0$IWWy#TNBC}
z=Ky#f?1)cJ6YmnexL{yUUY^KPRwmJRqj=jswxW&UZmKFONREjRS~9{bI+qk*W1_yD
zpQ8zPiu<U%>w<eqEui9oy(uwO699ZDOVxe6)yu<yf|68hojq`MbfmPgpO<N&7+E@z
z^`t<I&kUQ`j|Q^@Q^Pw*fc}zDE?m?jIWLc_>@4D<?()2@hc8s;`eP87ikwe$wztz#
z_X4XcCNxj00FVv7#n8~6!sm~;YURN2^5>0?t<YcBFfX&i@ymFFNa!bn*;s|cm8-n$
zo&#XKHu;mmY%LLH$ebQIfP@6Mo8(lrQkdvXSoUiG1}ajxWnoKHTsF`0qPcA8%+R8g
za7$BO_A6oHqrtSLv8Nx;>o<hKl>(p{tH8k6kZ0wOu`vo@b{SZnC&<ir)lGXr=;5ZJ
z9o_S4p4=8X%lS4BrUX5I&pl5|-8)4(miq8DxFrl&9EVO`(~T=PJC}#|qsT5OCc@72
zlP0tZvcsLQboL?rSt&`uHrV?;LaCU>+th-0lOXMQg_+J^HsfL{YGoQgL9m+@+0~8Q
zalFp$$E^UU=Y+AlW=7SZ;)h!Dh$+y0MAgeeXeA*Q2P0>C=F|-Jw(+L4nEQ8wvDDWi
zrnrqhUHxSP@I2IpOXl9f(0tTvI`<>vD9nrClF-qp8Wumi!q_&LK`9{X!p3aX`nihQ
ztPu3AJxR`dM&bictfGX$6lTdu--P!QDgfqM(ztGFCrr;np-T@Y`9yQ^eJ(mA@V0!#
zV46GL5qj{&+9e(>0BXA1Yv}Fm;GVaoi0K2Kmla`Va-GZ%v%HJ-!T$bB0G+{f7Y4H|
z!V$a3mwZA=W|$GaDUXSDH|KH12mn>lp4fbAFf|IgnwwVEf?LLfC#7L}>nfHW@#JS`
zlb#gEgRFAi2!m<qd5>iPjf5Z<GeQy*aWHk^!^jNzu}&Ph?oD1+4%wM$MBRTxb3-wf
zmiBZn@m<<qCUM=soW!&&GNXdH?v{*XsvUcSl{G8N%a-uma=dNCn)>P+ecmwS)i(xH
zG0};ey#?-p2^5z-!@x+7=fiT!LLG3rSGMx$kpO*s6EpF+X~L_|b)@Vo#L&oy7gbNb
z8q5%PYZ42ei<;J_yn7yi<%J=dTHlcp<}Pyew>97Kp$UhpMl?*Q0g!e*<*JD=b4B;C
zv4}wlsON|9G%@E@#~AJPwG=;2Bgn&r8%9>t4$bkd;6BdL-x|y%Qo|j1__7_eb2yn@
zLf`J5E>{_;Nj!LzO{j$l-YJdf&`jZDX+*g&n3?yigdwW}V4^w^6LUWnG+zv66ZYoj
zG|gyH4wrHC_<4fwWsoP#PICMMQl6CaK-6lSsH;zmVykDk%3$i&o{#tEekH?iA8=fl
zwJ8-kTJvsm%On&TD`a?D6IR&7lY4Hf))0r=DGase3e(`om=;is;BI6<aZNRm4rYJ2
zA63VAVeXsvMbz}YZ=mCC7MD%T=v)Mll6u#Xl=4<q(DE)T029{;?u9xNC*nC?`xJeX
zAZFF*=y(yzHAi2Hl6`RXc@Dr_dj%%8;S5a<5@}~lS;H)=Pz_>hZl*JsdEUaTJ?jLZ
z?M*87p{WcG_w)AKdt+=Nqb;v7caC6M1I^FlSMQgsgP5MEM*o%`<s-|0il=cN+|MfH
zj<E>^P4fV#7bj?`YoajOi~Sd!$jZnjCnt;O$Y|blN%(8jrn+KmAHuR0@_Y@6%=z6u
zB)b$3yQ?HOi~&%S;wcPf{5J-34nO@HtH#n?|AFR;bS%s)h)&I?Br8nh-;4J4Vk``Q
ze6LbS#;LD<OF_;fZoAo|XX!(JUKD$U0g6u&bIQ&mE-I4J=3e3h9Ei$&PPE+_?1Ey%
zd~?W5O(ZTgm+T-9to-u7YNEH{9it<o1Y4U^(j#A`gAcDij??_>IBy!e=?td1@g<&g
z&I3>>%wlj#@i&(#gt@Zi>~&K-ynXQSa_7RC6WmFyX1p~A3s+&nrkb!4Ig0SJ!ZtLY
zx!w}Ybf1v;zQN3NH^Vn=rEa~=&+(wJm?)w7SFKW*sl)t|(W*U)fxZpxQ%huo*b@?;
zil>Pc)x%OIJ3ksVe_9$IbMBS{U*06{DG0^fI+51$G|pc&BSXY2J13h5F>z!@xngAG
z&IF%mEso{9_3sU4GDZ%uEc1!VL|bg5bH!Y{aS^$WeH4wEV*t}CEqwF*sfW=yZrOMU
z@8N@|vl*vP-K1_vfpnw}TfOU;-?~nG<se$+DE{X9SX{qCKt?U9iB>|wq8L*wBbP~;
zpPeSg#RSuc628ZHRSY+8crwi=`YThp>KwzfbbrhvGf@EAiFzz=TGP~4j`a;U2IthP
zOL%?&cN0shMgg?k_q8Odu#W!jRw|1Ni3|(C{Du(^a|>|MKY>S7qR?eFX-Tofr4{n-
zX%IG!>HqPb!IX}Fz~uBr-RFAe=jU}tZC<1>oZe(4xM38Wj1*w012bb&TE1+Mw9Dj#
z*`n_l&)nzh=B7HZ&_Bn+=T*8*^Yiuz<~z$cvwIU)EJAh9D`fc@ky6mheE$nhov{)^
z{>EUolwo2UOl3tbH!QuVY-p$EX$<ENU8iMIzVdONXdAA%KG1D2@46Xs`m#NvOPW;%
z^U4(io;M6I(o({WOP9!eSw~0xOFV?3c=4tHs~fHi%xXb1fR)KDUJfciJI8$|L!Oik
zQXFxM6IWcRYU-lCI7Jlt6)FcO2y->(Vc`p$uO1^Jw}R%{5{%Cr!S=x$mK9wXUb{|C
zRTmxQ30yp5Nb%cd8q2b=G4!E(PQh0eJ1{l4NS-h^t<U_iuuc11;P0`&X+>l25FVG#
z6aDxdO;si69pBIG$F+37%;5437aF@qRu*IB1pX%Hu?<R~ySsyXt~c;aE~ffvB$qB*
z@$y|WZ=R)a>5LwwO)WT?og=<_5P+uVQCND!2!r{a>mOrQ+fA<Db*%j3_|VZvw5uK`
zEMgextHk1lw<w5uY;V}{{`2aR>SjT3ZYB3_yWsn<i0;lN{0+|FbUO<zE4<0{!P5U8
zLz8`k+T5h9aRz|GJGQu`H8NiPh>O>a$ttU-`R!9o>^-R+kggO)rav}b5j1ynk#pCL
zOD+kN<%X@E->Iv-7+9h-*bbM(YCuhlg&x+SkC~RKP)@aDdVW7Aulq2!G=$BGJ)AUj
zWprLjvdej#@21n<T8*dSDK2?rGuBar$&K60t6;Ie481d#NGYnKqp=(>6MM>AR}AoQ
z<5Mo5yFl*iM%rr%Fwz%eX=x|W>N55|4{2?0CdS!}8xD7AdYjHU6B`DV08@Ba8&ldj
zNJ)AyKB=#C2Gicul)Aot?m8P{>J&>uQ$4qBuW;JLk?xTe^e$f|<4r5|FOxaFdoPcx
z+j$!AK~!E90M!q?Ie*iS*3J%60v$Md*_aO#Glbl{LTE-6lfCuW-?E~0bcRRn1{irJ
z(%jZe+#MS(TZGZwS|H|rhj}HiJcqxr!Rnj#bgNiM&8Qt!(p(t&yF6SICU%@y7bDS@
zH_bi0lqTQd!WCQIceLSh{R9yiFX(Eo6K2qY%+i;H*&0*!UIN+)oGmWm99_hR_pfod
zaRNj8NF)mrxLv(SY(XQ#O)oLA3*kds6HZ2!G))31L|Z1LH4O10&Vy@4c2w3kkrU*|
z{<9|34=aACrL)4EDbVmH*@q)X4&!{U5VclC-d$U6$L7)1)y8czeXQcE=o9sKNz`9c
z&jjtoQJlYFLuqX*wZeFsxCHUCAeIZJwhXIbp{-1}nbXNw+JU*TDV>W7s`FEMl>f)y
zG~e`iM5izi0hU+M^SICOurQd%ci|BInC{+o!ac+}-f0ZJOXuv7Lxd%j(bHLv@68K%
zr<BuJm4R(Y3T<sKFt+ibp(dZxA{S5Jw9s6YhyDd~$|_%BCv=+nvRRBdp9@F!6I0nm
zb({}Z%<j-RG($~>D^9*I=`H*Cv04j?s+xIMn$G2m*C?uaPn@eUd1b=@R7SaC6<)|!
z)RP2zJFTn*H_zb~luE*FGt520Y3u4F_ns#qsYSdkj>XbF3iX#wSy3eW_U^?sG7F_f
zOG|MA*YrMaxIa+)JP9W^e>ysa(Gu|;Qo&&L6H>EZqGW~gXiH(jJ!$J~Bk8s=2lemJ
z*Wb8$&2lv-xUijqaBK7}y?Eax^!do2J=-twx?_$nNIKqd`LrR=sy|Rwn99jRM@WA^
z%IhdQj-4^#MMDRTm6=?;a9zZu0l$m;Fbznfv!|1|Kx;1BL^IS`gz=3)<j4thHYK&P
zo?wUTn7Aj>)z?X^w;iq?K{(o7$K|hUUiZt2f$>qIY_DPylqvGuC^TV;f!jm6Uq@kL
za__Uj9KiLK886<JV`bw^{;T(Vs42ks$Z=l0@8?Cj7j8*~XudI+$sx8pDr*JQ<OExB
z)7FRgom~_q2I3JCOG$D7=dU^Owz-?PMe!Wndy1;wQPI|IE;`1DyfhPJdzth4UPv@!
z*qRB`*7hD-Q&ZaJRiGHh%it6N2~X(~=f?WmlJugEl2m`O?t4)Gp_}qYA?(|CjM(zg
zZ+B+gF}O@<W)&knZ!x`ajOg47TI(xt7VUW^yhY0jY3`PUWS8S(b7j>Ua??JFk-;~d
zJ+IF*VN~8ciQ>?XW4x$;N4Tx=s{4_9#(Rb<;yHibkeoNIG*@PD<E9nGg=t(iGXC<(
z5narZ%3Amq<(x3pVvJ{Q+VWvqiDI-4lS`KfN-d+ku>yPJt2jp$(pnVEwVQ6Vb_tUn
zXv_)I2*xG{2(!7R8_OzGANMH6RE#Ug6^6m@@dp4}UL}coPv%8dDE8hf>)A!uWCoh6
zbdMjDzH27^z8%-U-7j5np})HVy&G3}Iiv(s<llECD(58`w@ta_kw9B_r!WW3Slr1H
zMmCr0m#<S$-OT%nY@F<!sUH|7DdC>T@f6>qKE;V!La)m}!;_HT-5;*=vTKlFCj+db
zpV8U$3d;)zG53i7<|DFl(mV{f`FSi^_nd{fOXk@lPtIF~($djJT!1CV&RSAkm4~Up
zkMC7;T_xNwbD{Wc3r%IITt0M#XD^>)edQGK&tB8n{047ZbIN+gi1D>1x=5JO2X5T3
z3Zki_lV|sD<K>r4d&NU8exnKf8|Kt>j1XpYh2XSTNEGU?Cc5O28)v^6=h4$<wDz`O
zYIvT!4|4#Nr}-0*RP@bWyb*&7S170-{kj)_o9V-86K~#Cq+#X|gi@;_%TJ&6za8aC
z^E9&F!msN~sI3u>2{n96o~HpPt~v6$rAyRp0>>{}P}k8+xHwmLzm-qmXMSnb9z|c|
zO|lF<RhgVWvYTs;@kli=+*W|0l^4TP12|khMp$|Y-R+Hd8=U5>X(E%omFQi+L1Ixg
z9~w%raq{AM`E$%KUnC^q<)?d<sM%w7@vA=~Tb9DHJ;#VIsi&)@f?L-wkx<-%R?M|H
z!JlIX4if&j4J|9Q6$_7Y%ZdKE`OmSMCdBw0{%IAUkr3^8k}bRSX`fdCYMzAO<d=2F
zDCw9%z0ix@jWak0#nIf|Pg`A?(84jiGa67#cJV0o5o0n9UyzSgV{-8ffw50%ZF+~7
z;T1d+OL<@Uh!eNGsB7;K_2bUrBZf4!mtn5=(Oana7WL8y?w3w;|4A*))dgHSyqCMr
z%1I5jAw0F1?v5th46oyvTFQNQBh1~Rb$hprKre3JeL;I^AeOdi|M3jwSXUeF{_%`0
zt)x#j+(MA61Bq!d1ZS2Y2apdE7JQF^B{ez}bHoR`lKr-u71R_x2<C2VJ_+|Dc-u3J
zRy|9kuRC#1gkaE8njA(+&8X0I6Sv*(GBCf=??Qh)A@?&FniwZ3Dgb*YS6rN&iOqP0
zLjC1D4MWYPxH#D2=ITvgfG4+%oOx3}wlWIY7_ok~INix(LAu1NtVo<)oN;xs=U#dt
z(<3c}1tu`QpatzX(ZPY#O)P_Uk;k#2ylx(&;I0K`mah2S_QKJ|k)*sTl$vESV?rry
z>ElI05DxYZc=!eq=<9%U=tCyuOQeT8W9yyD=;S1Yi4izDIO62sN<#Kq6dG1g&+zcJ
z1AZ|XG*n~~5&IHA#HE|)z;JqJ<dmgEVr%Cj#^8sygB_lM_vs(*z(dSE>d`Y4d_luV
zQz`z=HaLlSx_brCIlh2WK21ufpKhFXR?a-iuST&vPjr|!1#RO1^t{XG?!zLM)w8;r
zzDqzJO|Kr~W@m$&w?B6RZ{y(R&70N+?uDi?Hq=REPz>E;asXb$hLQGWfbQA?(T_8p
z9`3lhhfv!+%eM?QKEu)4nxc2_$%+o6zDEK;b;>;+JpX`3xxn*`C~O>EMP8i=PcLV2
zc|{xZL$%!XbH>HpUF6b($M5=(OJ_)3HNUqyoiyg(Beu8=fQG_{7@Ilqu4fXoN;1Oz
z@Qp1;i-yO+&V<DmqtU{Lm#H}02u=CkAtcZf2k#K7-&YY9lE%U^Xw?edK7NFgog*&J
zE(G4qW>&6RNvCp&=ZV2MI*Om$+i^dwK=(1`v9{OvIf%H5yx7|ZiMUKN+gpiSa3m8d
zfH@K(B54?zrr~8eNhM97nHD(;qiu4L!InxQME!Vp`rzkj$whN#MwLnm9|mG=?}o3p
zHy-ZZRJ9HArXZ1=%2ohoJF4&!+H?2x;7-78Y;T%S($qm^UMv>EeAG47@*wOky%H^w
zfqH!0opE$>z{WL*ijH~YqqPJHW3ZqCR0|{r2k^FE%2!kp-A7<k%KK2sXa1-&5wA!W
z6VBbT$6JiS(b0*lS8YOPDmtrj@o;g()!C82dx?xr43c#}l!o2~K+U_S@z{yBJUx85
z<L`p8>1}!jrg@$mij7M!P4C|j7L!R|Zx8o_!s(d<SSI6s2roWNF+J2yQq*nSJUj^q
z@Z`b;Q)-44Kh#owO%GZ?(NiEy)Fleq=Kw8(?~Cwq6)|*o!`Ul@w|xtuK09##SbxdS
zkSXTKPYA}&#ZBbbm6)fsjC5Dx9va1z2Bdur1VyAVF8{KAMlvdwk`ru?!S8MseN|6H
z>>Tm-_TrA84>p$0yltq$Mei&&ZeI9!x?<-UO5M;B6V(amoxe#ypdZdcZ=T-5$Vg-i
zwUlr_vxNS>Izl7jnN!LrN{+<d))5B>XJWFdk;)c$8XJs_y(@lqZsTENO+a)i1MP2c
zu(Bp8{}msqbGV=Q4z*&QyoaG!+c^pCIue>vA?CculekbSo2CG0%8BEyXm<rQEpMK#
zS_|q$f)<AxiTD_EH#hN`Fcf`L^wm8fJpKuquU?`ZH%mtf>IMK%NvFt-y^WKrh_9m^
zX{B|@W||2Jjz+{+XGqQM0+F)9MB7WeZ7gu}_TzS7pwP54C3W@O3x2S&W<3Za<;^g%
z=}uz&?QwSV#9ipo+QFCRp~Y`D1(U?y@xsp04Sx|US95bBGoDfu?Z$;$R`~mR;2?Az
zCd|X4WE5Y6vsgHL;OFHk>L`Hnj#-u`-xCs;g#tO5ANAQj!DQzfyhS`+-JG#^y-Q>N
zG<Ague^c|J(dkUdHB5->-JG3p5%p>-Ond#{A~P+I2@ZdZ3eYT#3xgX%)6gu>Gwx&O
z;EJ1zGk5N$GrKTDjH9vc%ehvNQJi_7;`)97md4wO4RRH65&09>J+JRUzBIw3D1Y6T
zwD`E0bNc8x%6n#*>#xPl!479vF9Q6<+(WXFGtGmrFp=YK?uA6sx1bvp1C2%ax;u(m
z5jwveOz*S|+58YOKAs|uj(GXq7IX68Y2y?tXsF1H#KPK}_OU5i%QJ9xuoouB2LH$;
zp?f9YQkED-`rAI5p8qkPoxQ_k-S-oDcIURQ7tYRs)OU1>*S>Q<654;36eiAf5$8D)
z{kWRhkp?^iK7S$sxrmuC-i-sSLaQRp?K&ntk5Fg<jZ&DJOl<5NaCNrFCFl`7({hwE
z?c8-W$5GURZ-B2b8u?7mOp+BHsvFBH)F1aKLA;+^rXoI!<ky1$^f#68K-Bx#P%{z!
z-`*ShS(Z+TdUM4mB!Tyh<+wS1vtKfH=T&JLcR~X`?R!x1`f(ypsydk;YvHz+3yv;M
zIC=W>x_cItVnOIIM6~TH>d=OS#}!DWV`80hC%tNz@6q)lo}j24be>N(LCPQQ(`r6c
zWME@!kB7UDs2O)66HC#s!t7up{$Iy(o40*4O!rpf>1>O$m`l(dZ_F&*Ns3D3Ze->U
z?^SBWEE#cO*gLw49JmmbRDx6{rCFFwS64^znggM6=`1MKJWUEG_g#<fi?qVs-9(ML
z;ppJY%Z3qD%GH{<m;V~svYN{5D4|a;TE<uMHrZ9RYMdsf&SYnm6L!~+%7Fy{8cWki
zFK*xqqm565zV5F2o|DB9Vaja%dGR8T@R%&rK!0s6)-ExONwvsFY6%WbM~;eT_d<y)
zXkTqGeNDJv>VUtGyO_T-iN#GQ<x^zd`>3-8K*MNT<*GeOb>}!*KrI;{$jgSL(ry4@
zAm0#rH=cQonyxpQy8EE3hYzmy7I;P$p;pVOdK!<dqYLh?F5F2dU|uGt<z)`e7PfeL
zdEq7E>HDAnsfv|(H<ajV+Rxh^7ZF#l$Sfv5pD-z6a{i1y%`-|?P*MEAkBCRFR_Ud=
zECI*p$H+BWs-MMRb2|%}79Bk`*_b%pXJ}pxS~Y!jCHOj8;N&K1#@<e7HG|PbC5rI|
zEc9-zyphJI8g47k#m&YBXGbSIy&o_nk)xdJCCJkeJ0}lr`+4H(6-(bh6XAjJ!ds|W
zg?5=YS<zTq+T$zEwY9V5$@@Nf-#yW-<sKeFn|_frkI9(ne#afrkDG^^ZjGwxkuX}9
zL0HVo|9A#dty*S&L5k*g4{9&W&#@$3WI-wi&?RMYVUe#s4~_Wuysp5$MX@BVS(LK0
zxQJ4v0kkYFNLc#38CQrl<w`YL&9dm@oAz{FEbFdSYqUt07MPu#6~~;ocA3?~Q!+pI
z>1Ps&gxQ&S6r#-)G@{QrX6L170i}G2IbB;bEXow0`d(N<qx~|E1(r1cT4bVM<+7X%
zKO+)yo0*@V6Yb9;{X7Qoa}+AIn8)Yw&CQFp=0yw_MSJ4<#d-0XXj?Qc<|?k$jZ=61
zYQ!9M*Daw`$XHxbe3{(WI4fm~x<2OS=aGnGUa}x!qee0}r;F3-`<fDoE+(^|&eMLL
z&!XhhIA`XNDO7-#Me&;a(}YneRJ~<XTu=5joB)9U2?Tct4#C|axVr~;*Tyvo7Ccyx
z#tCi#f;TRWySp|njWymcGryU6{_p)z>#kb2Z<pMXbIz{4#co*OnZ*K=saha9o9D|F
z8Y<q)e3!lp&S(nH{Ad1lTCEJWJLAuv%&U!cKAJ!Jf}%@ime%3Hyq;pIj44#%(ahz4
zUojL$=hWA5nz;QCX4D;j5r(7zn3z9XJ(lmm1p0?LCn2dFOut8dkp9RF6b*hon27!A
zZtHQrsa%>A(hkw2GH1Zb&^UxtgjG9@js_6tSgMErnq??t+BQjKY`4ExG=@O%rB?n5
z)|E}8zxrZS$z0CUaucQ^>fo-P*(!Gt@=^FZxw@{2^w(%CI%7=ruPVV@6o4lVS*mpf
z4zWCdQJn7m6E2%Nb&K0@%J2_BufwIpwt`WIeWeOO!X(E+sN-XQKKfhqmgeBevV99}
zmHGgmlppmj?*LI}yW--xNsKjkStEg&9fZ+_^Xw8#7vtAL)LRVPg_A#ybh#<F&IRHq
zuKCz5=*4M~ihr^Mkv(iBD!~j-rojAmcSXEBGZ5j<)zMT1GiFW+k!I%&Ie0##+E#wF
z+mcVd3uC`k*z_3?LYy)%ow_0~T8*`}<ZJXa`0A&kZnY+H{RO~TcaH1*tDJe&zgi+_
zbb_tnF6zNm@dA?#tS0#)@-B#8$S*+8vB0R!$KvL=_NdNYW{DWPXFwZU-qT8dq895G
z)mGi@0Z*Z$d?WHp>#h%_^*Q8Mc@ifuGe<i7@_b@b*v*+o+T8;Xr0bUsrtk+>by!Wd
z`#kvrUVu9uU3!ttdgD^e^;@8Ehw-8JuLk+*-+$RrOswW9oW4n|C)sCK?1YPp4zC-a
z^noCr4yhAa8h5Ka=rhcLL`nR?&c@vr_Oa-J2lw-R_Qt)gX7XkJD&wM?^%GqRhFXA-
zrd9T$-vHyk*UDrE{Y($Ue9a1VWxO_GVA*S&40t}R+tXgVE_a^(ufSQFFYgsw{4;b6
zJFaMhT5{s+g?m<Jl7b@9Olila3ahUf1wYIOm&OYuI9%`f7labMK+T|k*z<Gk_JK9~
z9_7Gt{Lwugr(NTQmTc?xX4yzUSX>ynCp7hk1ueYO=Kc7{NZ?eAMsa1e16ZL!XZI!o
znjD-R!kR+?_^t7D9`swUnc~1+_LxM<pv5gXGM$yz1nbhlH!Hq*%}T=o{HlG;p#3iw
z+g8C{ZBE8~pR#wg{?8$u>X351#eyGCDb7IwrQYeJquyt+Usj(Tjj5I%o`URjGO2an
ziUio>OdLoRX&v;}pI;k)oa}oXZg--^SNKf5lp$NDb}6D2Rfs2&|J3tjM$5{yJ+&I$
zQHN<nG|UH^PI;mD@^@3e(LK}7zj^-C_~9vdcB*@7@7l0emu@Rsr}t5Dy$*ZT_{Kj&
zuTb?m%DID2<si{82C#Vqq-BCV;AP24wb|;P`AZ35C$JH1WjEHgEBv<AYgR=ZARrKR
z@DB4J0Dweab~+xguc`paf@KuctS8ragn+5<mZ#-w+!PP@0Vb2o!Hd*rPf?P!3~<ik
zlxvx?SGQVqTsh--zJ?#%CaRW5K8en5r#=ns<&3}o`(e-FTc8xL0!#T%HncXmlyaWp
zWX?tggT+g>f%azl!O-yb<2&(!R@D)9A(1D$3dNi%%^2Q|1A?J6$NH+-mb<ZlGBcxN
z-7T(yVJL`SbXAt1!!LSv|Hhb$YXsFOQnGRF(EZLcKF?rS>>%h=Q6#t}zNBwOD)14^
zmF5tDiI*Y(ZK=LAwupuM+3q`)e(ascu@UlLK`^%^&)hb7lj0b&lO}sLGIU4no=r!0
z-T+$<1|{a{Bz6b7dNuTP9q_V|wA>kt_rYc?&75~t?7&E0o(-*K!_yujfnfn<sS)a!
z`>D3KztZQZPM_e5t!LFGV^8ph^_;Wd-P5PP5B^_NRNUQF5|fNi6wZu3BdH^C-x#Y)
zeehSqQv2yF{&Q_vErL;LUGpYrEnWSCg^G%tXih+43e2Li(JC$Q#9`duq;785;TNC?
zo2|p~Mu04dj$W(*tc%9bG7r`eePG_hq$u<s>rq`yx&Rnf9m(uQ`~lqU*pa^{(UVxP
z;m=MQA}AjE<EQmpj;e0r5i^WQe=BeZ@=WYa7H)Z=6RPncqwBYMS3)d?D7O5S5x1DE
zui(N&{%y{DEYF{4=U&H}ZOuDWb+-jlAMIF|E%yaCIDwL$W*fib^Qs6n-Q`w?XfRXt
zR_FdY<At4A_oG&OQm5wv)XpS$A#617T(Q{h6S0^mysA<XdVw(7fsfFdAZGWxil4d+
z#w^(U+wr$S+7ve4L6U#2`7w0s4~iE{aGbCT6J6b#oS}HxX|;~B97NPKiMN!YA6^m~
zQ?!3>LVtc`{CCbvBG+j+w5JKRe{AB$s|F9liZ`Jp!iD)hE4SSEcf!V6vC?G_>FKxU
zO~-_g7`?3QV2&!G^9+z&&(Y0><{bt%$QU!DAG7!le3AdW(G?2Ogx&@`W-_RtM1jHM
z!0`F)hf@b7MCEJPQ1rjb5Q_97{MU6@muwt_bZc8)F2Q%UD;6E}Cxkv^dV@>d9r8ih
z;xd53A`8!P4HRwM_Fk=&k-sZU(dpLihA0Yi*R{p^l~~U7XSY+VB^2c=9%D)-k+9xd
z!bDB3=DC?3^Z-AVv(dfIX0{q1eQutG&pHrZ!D6LHp^To-lU-aM2YAm}>8COog8jFt
zxFWkYaZ@~w;*acr)!j@1^*G?!m>^eg&zz|6<ARnTu!Dw2B#Fdn`Z4qUd=5R}fzpqT
zY~3!_^WcPm%L$jXEoQc-5$j)d`uWw4>xhV)SjOdVO{Wtd7cb{X=vvHBw|Bb!9|H&>
z2~p3MYr(?kyZD&g9PiEIg^C3--XhNerIEDrdts#mnHTxGp7PhCZxlBkNMCC?emmO(
zSnwFQEmg)~zUL^+kwq*LvM;GP>b9Rrpdc9x3s+Y{rnZjm)+EMHdR;zz$p$C*lok9u
z4Jf(wt@(27gG-`0ecyNHbHUGID3mfjH{HlV6d@mN(s$4z>S00st@)*c8Fl()!zV|-
z+{$EhH?OEYUmTh&`WL?G=+`v(p|lu}FoMbR=O%Xj!p<HG&6J{JyamsVTf~`8@KbWP
z0qo$^Pr~Yeb<XLB#l)6H0<ZXCvCGB!I>zQ;Xl${T^GW>fd`D1({}bR=Kc?<Q4wtKt
z@A7K5!J?+wRqx$C_+j8(Y@V}H*SN6IV5WALsu<7M{sK}IS{Yb;_Ib4Tq&=o<=Pde7
zv{klzFoma|)~k8K2kf2_C$4QiF`>bUiMMrhDCm!SbFuFWfK%I(J~BQ0T!ZH&7!mnf
zdw;(CSx7mX5OdY9Y-)49nyzaSKHR!gqC+QEWz^xi<b5;2KCa9q%o#pdCJaAiiB5Vo
z8@<|a)p~|cKNjO0I_X9>&X?3iXiY~*Ol&dc=+8@lju8<%2sP`siMi!A<`fg^IzN9a
z1MEiVv$nSML28?fTi5Cd%BPOcePv62g<}!3Z><)<Tnn@&A}5zQ%V`}SeF7HCFS<ox
zg}jL+Sd8(L36CJyJJ8J3W5!^<w+oK|<IfKd1ANnm%}qUg((DS}i1i5$Ldl?xOGcf!
zYvNxIyZHIyYj+-~_aHGP>sRF8F@b%cTf>OE0~nW|p$cvzNwoSnXtYm5G&O8;63c_D
z$Y$OG-7x;9BB$S%ggDnXr898j@3JdD8DSBaaBg(t;(~K@XfpZwaktt9u%$!t`mnLO
z=3ZSWE@4>;WzXW~)tU_~(iyweK=R-71_FdDN%e36pFmnmi4+UET;e=$G3{L&?10^s
zfE60num0tUu+OfDfh{G5MZY&RJh9!1@8JUQBL<C{&VoP^AG4AGvra$=II~08Et$yg
zdd^Ogw53NuJT@y!tq0Eeb7_h-jqyt8jju2FHKwbuSbS!s0F8_+Hf}@u5-Sd(H#)zT
zR!>%98|ZS#p#o!72AaNVN#61u!8XqA#&Jn*H8--l?m$)`Aw@#Zhfv(C2G`i7Z#&yM
zcumD?w+K72DOI32YTZ#*;As5`#U%iLsE-8ClBUXBTMFTTk;C!rU~W;**KwZFNTcPq
zn9(%c+}T47lmVcDDu<7}yy?TVzEWTa`%!pv+))LFqS?qnLBS!nTTO!FkEM~XWHJtM
z9}@qBpc>(ni{2$)YO{=FI5uT*B^$MT8#}Z}5bP@Q%sGd31P>$tRnITK+z;yAy><aL
zC*FV4w?;Wl`b8)kAVEqwX{U9g&+eU)RL>GIiaJTk+^k~lL8Yuoj1%vYn3&nMdgCTo
zHjYC;B5rHTZ<5Ji)6|i$kGZzR7HrUy?(klVAXr?&9ZfzmGBiTU{m_df%HlgBW5SFW
z2j`N8jJ+cQ6sj&o>#_^|O;#<f3hh$r&d>kxK7Q+Jww1xwWAzgytzgujpC35mjk`=?
zu6wuEaVe{Cz9;`sf+lZw3jdp39P&hkh_$es_PWHG*w!>x+piJ_FCrk-M}_53L1-S9
zluUTy&-w`7tgJ<F>VjJnf>>iv8qUKFr|DJAXUz&Nyb~&6!NkxKhIW4UY+vcTYiGuq
z$r_qo8Laf1H>y{x8R*_g=}A5PJA~gQdP?j`B&@y-oo}N}VVg%rW6;|H$e)l==1N~<
zSkhpTW64-v@E*#tjPR0C2||!WN9C{Ur=`NAv1=)l5ovc9w9-yMJ-?D|&CT=WRMsRk
zHQ$tq=bSGIQPgZJz5g_RK)zz7=*XXtKpEO^rMWH|X?IS3Ag}MZ`Zu!VrzvN9Q`{{2
zT<J3bL_^5blyO>)%a^DoR7&OpdAfu$n4ipB<?_^^`eLy~id?zrt(x^hGf%WZmgeoj
zsmVwG2UNNuKmN4Kdf127Z_}+_6TByVXZKxMhJpOwPdAM)j)$ljsWPWpg76pKA(D<P
zO4-`dY^tl{&fnxZR8lc@AVs4|!m6=yKqMi^)A7|mf!^OD8pmn^9q@ruIH(x<<4^}4
z2G9Vfo~q%k3~QE<l;w(X3|g-8^AXQYe98=lzUw`r^#Z|2YsCtqh=QXMxB6z+4jEH_
z?$>`7UM1=AwH;4O@^;dNNKnwH)Jp$ohLsn4AHvasf^66B6}2&rZF@vwesmwd=vn&h
z+bMFsE(lB@?M*~__>sp$1WfEXL$NrJ(Uj!@!*u5mi<-p(9vqTv>2&daZzSM){+(SC
z>rYhoT5lndR94y_1!$rBp`$!GFM$#bU@^E791S*sB&HjTt<1av&Q<JsNb}*4?IKl2
z6^w6LHS8*W?{4HUgF&gn%90MG3eSq#g1@4q?CCYLe)Cr)$HBYe5C_IzHdzo>D||Jd
z1)P3HK6qf`DyN`gv3}#$%F52osbuC%n*QK2<za?Gl7DF%bd?s>omGK4YB6%WDG=KV
zu8myK`R>`C)9XpXKQA14NJ#5DihSxh=4vI2(1#b#|C3O5Gf-sLUqenrE%p%L-e}8a
z)<q&GCr?RB9l<nv(xjbz8Jk2*B)|6D)=Ph4MZOPe28NE_{dQ8?F@}BgW+gSBPX~H<
zH`Fk(hE}Hfv5N?g+fcNFpSM1RNBF-?preCR0LK{gU3&|*`%RgA$sUHPmhm14+V}aY
zg53602LZ-V>rC@*_VJWs_PNmA$yG5W|50DwiuZf!szMP{=C-z3xyK%&^sKW}i_bq|
z)yw%8Clvj)Uzg`MOfHEjsrE=?C)U|IRMYa<zInrU==+!(_4m9!v--fYqAre}I%$2a
zV|H>T_DfR=S^wdNhdsF`YfyUq@{FqW0J5{kA(W_9?p<VFS#!b;Pq~0!X<XhnXBC(D
zkI-nUB_>!xvQAWv11Rh7InC0Z7XJRyus&Y0R9`_*xPOLxe0*Vx|4-^>1Abk%oUsPK
z#Q6x<7T*j5Uv(rGVWqQkb}M==d7%I-@TC*qn2W(+Mn%tG5xd=)HL@A6o6FrUq!;E>
z8AS(lT7O>b^uWw-kZl^;9IKYrjGrl3hHbE~5wI$(8gr2p7NcYN_cqftB;UwJq9Zs5
zS(=7MnPejuLGjt8zWBCtZVj^4bZ`$MM9Dxy;mpyN&_EAi(7-Z9_3oEIz7V5Xsmj=`
z&D^+JNwzUs;XpARCpY#uOBtNh;Oy)!@l*U$GbdM3#E@0e73{7x^xcux0QAz#Xo1My
z)ArXT$(G={r(+}5Q&swa%jh%8N~5Qp-d=UF)7RW_5IVrIF@=R^>g{8tDnrX^Z}Q-n
zrl|9A96e1Cfk+$TUoG4}lr)L=5A{;jk;M-7am!))po@8!T^c~WnLf56DOQ+a$ZB_q
zJHtQ1*U;_zM(Deu73R&t7XJ9AHY+`Af4R3`hOb$1*r6;A%-@9CUbJRXdZo!b*(aq(
zhWHk|UMTNmQ;yf`<DY%;{<X#bVG_`(wf7*ek2AEIEx@hZW7TNNi}4e`F@t)Rx}+=$
z%sX_t@ZPZ0k%pf2*AfS2*?4C|udDOlBQ<S`J+AFVf19)=MBsu)18Pp$l-t8c=%Oq_
z@EngJCFc=$kJEMU?_;wSWK(Jzi^u7&>3<Tx7jbAQ7Zg0c8uYcXZO>MeQF)VLZKLaf
zi}&QERsF4pXfv7H%MEs{<37I9R}7_^?M@%X!d*K=&0Id>O`sqeo-}~TMZV9knEo+e
ze32<*bwGZ>%AH?Y_q(5EM7prx@gt*<io2UP0!1Z;nS&SI0m=5A<*s#0(J}M+BK-pH
zGo?!acF$Orf$v^Q$A^vrLN?<ur|3<!Nh^1A9NSr@nXIMmUt|Oe+4$0fJ^Cv;h#@_K
z)^z>0ttQ~o5Z?;@`t0F&8<V$bs9ox~T8)WGgo?h^agqk+{JN_n1i<amLqc?<d}<Wf
zxpWXl`I>)frS3huFu$~vD=R>SugoIjgb6+-wjP{{sawqMe9ifs`?aGTN=~9#H#nwX
z^AtWy+QK!`le8=+sD-r;4y)jAF!KAZI(zP0G#F*l6?rlAxwFE7i~Y9gJK_Uot%WQv
z1qiN+b}9lHnxx^)YK0vW63`_P8EL-GX@}!;92g8NCCZ-{Q`GH!VKJ^=UXOpF4RzL|
z0iUV5QPXF$NXNVS2igi3G&g%%GuhEQ?3b}nvOc`CAbTGQcDCs}MqTN_i65&Gqy!#1
zw8}4fpo+~)p%AIddoZJ>!KxwH?R9U<b)_{$(v)QkorOkctw>iIfuIVHwO|-vj9XQ+
zK_p>?$*81E#ygO*^o6Rg_Vc#<$r~!_Zq#T+>$6F~6~;Ay`C3vGL*=885HNJYlu8p|
zSH`boza-#y#C8FFp!k_xpU$FB6mX+YL!dDB0iUct3rp8DP|)deWSP{12fxlu6^mEd
z;+xIQYqxS7+Z-?CszvSvIW4tMDcXB_WUUEqshG3HHU{qRb}_&3XFo&H0jR1&rZZ!j
zH<bB3I_fKe1cbvP^YYz??Bwra0niD$s58$zXy!9iT7rs;a1Jw(oM`x|D~NMj7jRn$
z`x)LTXiEs&@aAMo->wgg(MkP~;e}AXB|hsTvuUY8XtF~5HfB@1f03{?ToJQn0f;X>
zS*f6MHvZ8`^Bsx{PaU;L_Qh*1OciJ9pz-&@qA7QSGWiyoMA~{g^-75^gz9iT0&v{Q
zyS4j=a+>4z*dgvnxP7cuug0XsTcj5gaCL$75|?b0mPYt{(+o2j>zZ}{q4dAD-dh9|
z>^zsR<jci24-4cUuU2_7*#u<V&EE=D)o&LQ`pFs8M;X+|4@5>6%kRAzaa4`W0~tk_
z9Q+C`ehq-r)sBgERu>#H3<`kHfzItJN;iz*<nvg+KtMNwjj04|obHo26;2!-x0}u0
zEjN-&G@lP|(^9@>vE@@YiEO;$UK)<a$xc@A(?Z~ByDTwgYbQX6%BmwOUo=`$`U(i$
z`QsXwvQACSk)V<UtS)C*RBnggefen0nm){-;Z0h66;0FKm|av?mqZUM7jVB4rj{W<
zm!UA+y?hTfWG>&Bs{|SfwnpPoNKNzYZ9yxk11_FhL+MU>s=9lVIOp0QSSc!%t$Is2
zXMMtNm6y{!?R?tEk9kEFH;)F{j{GT2`;jADL2encea#gZ?=7rmc<GcicMAK}XD>pz
z1fY&0T1qymY+w!ZftHzQ=q6TvLHssyz#M8rg^6TWD$fpWh3R}4vdmHybPc?z#Vwpy
zUJ#;4AFr|Mkb8HllNhhH>CMQLc!j8q#NWR_c#lfU!$YbNU075a-$v527}%bX-A-Q1
z8}3?mgUY93{Q+=}9F&p2-Ftw2=#oX}GfM0%>{wj4jcT>0qP{j0F%CO>NW~@XEk&7L
z8Bn&|ixq7jn=w%ig<FgQw-_o;`*^2D!pCuZIV(5jb(`aPA{S?j*Okq;^dFgfu6rw#
z^M`Y5H=v_!6=VESi|890Q+I%ss&aY}su&#IPy0tlAG!E5lVHWo&6Y1`PWxyc5GlrQ
zalagu`<$1Apv1xkqS0s{2CU+Wt4)te%RM~2CN&KDOSyJE=E<mhEht4i3G`}$s7EVL
zUKHir^ESAzJ^4`Izu!`bK<&tD_@rX!l3!RAI@3nrdY<Xskg}l7)Ffov@6zyu%oL*0
zY@pqnajWIw{0ecIuV4M{PYR9+aJXhW6=9xiBb$cT5f5ArKCg@A#d>t3F>0|>z_dX^
zfM{eacRnj`(pWi~Z#S45I^*c0It=(9i0n`r<Xe;iCtjhnPD$`<h;<IEVw*P*Y+Ez(
z(VNfL6>e;9iG}we2Y%MiNdVK{Rp>W=k2ScoYYtA~DW9)lwW9zS$3iR&<V6j?tv`Bj
zCAb~LH0yEC==I*u<{5r!9jr8HY!2|F&vBHqa&=DLnfT*kXwgh!fsbhI*h~H{-0qW$
z?)2(nU)#`dZxzPYV-Jy54nei*f5syTJ9Lq8r7mH7&dRm^7)@TB@|a&;`DwSU!i1#v
zAW`vH-az%de>LV%X5bxaf%6DD;UX!CxIPf0<MJTkxQR<?w2Ed5Ed%PnBqlclp}tj~
zGorJ+bfXIw{PB3sb%UR*@yCU$x&z9KXC(4lCaAj<Qq#9>UaN}Y#h%2MipYBNvc2Jb
z;NQl7Q=J!If_H|K45BF4-5!HFq757Ps1&rdd`+RK+LlshG@$`wk=AD!8}YqF>^y+N
zAi09)Ls8N9<G=Ir(s%Y%O)`gn;arJ<Mly2Wsw5lk_O2;?zl=@?e8|0X#I;6A2)f{9
zl@`A%GrW<%pjx*9kMh0~;R(1chNp&3$KE#YA<Oy0=RrB@F(_(Rs&Z@R0;oVhvrZ6@
z>j9wGD){5VnK~M@Emi%cXS0Q9W%_-<`GZM<`)_P*AUzXh;>Ckg=AfRq;Z0DLp`h|U
zy~`iLy0laOh#x<MV@S?N<7*iiLjAHL1{)kI9{2nd&Sq+uPBl4U*}sps7|p4B>@wXa
zjBBG|qOtjhW(4yWRJUMR5`O)|jvM6w+~$zH$k#XYvTnug5sw=wj%x<JyWIr=7fU8`
zLhfOw5mrdS&sbnq!(AyA1T02_^fVGmG2YP7n6{NB4Y`#=y;BjQ;uh0~juR6#AACe!
z3Ia~50mh^4Bkr7ZYE*|?Qzz0u8MX|ED3OD_3g!FniiK|+^%}Du0m}QWRkcBVpQ5Ua
zZQw=MpjNtU^0py_?Q=wP9gyrP6ksUa9KA6imy!MVXUm0?dmNsohdl~K#~ojy>Piti
z*RPX#Kj=}3h+=mfLWOXFV6!iG<bF)nN|PJQImgH`daN+WEheRWtLfH?s5QxAv7s>$
z8Ug+hBN!>YE^UA1H+7S}>o<rs*Xvkh<q@uUmw?n)<a&KiJM~=@V%bNHY%qN5=!Dd_
zOJ*y)owes^jC~ZstKnCgwxeCX2!eAWvJ?go5|5{mn6mzHcJYoqKZi^bKoYZp-(#YK
zv`ANbTQ=m-6xk9<I=(Nkv6^aTW-ezbZLVS%|DFtl5e7f?EaT2!zb20D6EgP0Bm$;e
zx!l_PK4Z?kIyPSOyT&ASA~q}8BBd1AbGyvH0ixV_Xd{8q6c@9|#%(5B)Bid&^`AnY
zO^j*Hz&xaJujc~m$u(59@?LwQaQ#>Wpm*Fw(tYnqBJ_kN+i%M~+E3lA__XVg32KNv
zCTq^O(}*(MlFaK_8}c`{KwRIY;1GkNo700D=qoLbx~PT};%m&M2~)FU)YFnwPD}m%
z?fMRCevRWw*w4@r5SgD3NDk8PnE`zV+Z8n*3hqTkF)+3%?JbasHpcc3eWI)QwDG$X
zLQah=6x8<K+n3YM3RL(j{FLz#B9o)Gx)7V=l%JCUQ4tp9i??@nzZuc53iQnyHd!-W
zu`SAL$&6z>+H!+s_)o;wtIu<PUsv-d+l#I)0P23`O2Vu8Cc@``UM>n8ZqHw~72eaX
z5C-{&TuSe?mpQy>oNQjEl~$E?ZD`!J+#QIrnt-GL!>_LE8%@#_l{NW9<CEsXmvK{*
z)eQY&<2b0xWWGY`r+qF3jVvyOi>H=#dMYD&ZjX^a4YN)b0qHxBa_jFu@nl(`BeGAg
z52YkZjAgU@E-4A^ZxF|=?gw}sy68>`oFL6AJY6e##H79AQ-;|Sa_OZX`gZnhT_zi|
zZaZrer8=*fdF-Rk!m@J_GRzC1&UiSyJnVZdWh5&{GkFwFdkP14pW$b`jd{1+r1xf3
z$-kz~o1zt)QG0{j!bx-$1#|<_!H9LYS}2v*p8M8L?;7UZ+e<>rt*nwwTDy0T@bpAj
zmrhsnOG<uR(h?jHX2{HHUG<O|GO|JfpuWz!V*LkDbpUIsh;*ZRM`f^N-R;-*@K#}R
z;GPw+$>|STuRYoo;;&Ki^F1k3iJgS0Od0I_!X<0I8P2~nJlfM78eIU5dD#LH4KyWw
z`@tUZ*l^HzR&kBft46T0tdRgglw#AB73~Xw$<`N7oXTsM54UCKIQyhzpdz0$zOA11
zeY5W_0xfNyA!F-s(_$>xD*vXxzVq6oNo(xKTA1c~PgW~gNm(j1`yu()FEvBMp)8cZ
zroc}aPj4I9OmhF6lj^#x^zFNDHz)&+4&ONI!18N9qgU)k4L=_-ZEfueDP?5wLy&K4
z56N{>`aFf~T|wNbc|;_Nj1BtsE=G`*W<auW^VohS*?YECmTQlAlG~PpF-}nfBGve=
z*qmiEzdI2rZK4y~oySE9R+HBL-E!Ui%xtjmlBCn{Rz34Y3$t)Zv-D=O#F$Bw3b+Id
z?{mFcU|URh6;Y>n&vmrNJCbvtty6B1=j|eol6qh<e)*YiCrH;=<)|cVPs{JnWoltf
z#%b56rQIx+XT98PVWU?_OlCGqwkgn9W|^ePBQFh|mVlvSK5DgKLQ7p`w1?xL5jXi7
zM+-L<r*$=MdRJzfv3fbI#~Hlov8nl*dnL-BL(g}`IiM^&XMVfC-2PVBdBqq{Y<92j
z1iDpR+TJJTFM<}=*=+dD2uXX|wG|HzWg~@Mc~b<H&4)~HO4Y<_g8aEizSk0^!M;NZ
z4~COgeDk-DK+bO>dY-je(mR%8`-dMd0RmY~t81xywH|92;JSIqZGrcVM@RAB#*g}U
zp(6gPhUgZoW1|%0**WXc!v}A#IyYUnpk*)7t^x*T;bUn0-gGuhe0n0lI8$|xpb0ru
zv1>1<WBDQA9c=2Ek-<0zzC<wI=2~fMzj3X$LeA<KN8MO44$tgd0V(=bm3_(Od!Fw*
z@W^AR>O3Rf@L#flb3|7wZx~|0n@Jf?ZJt_#5{Kvo|GFHlPd$tj2a1GE1UwOT9nHCw
z8;nyqZMKj$;bNi-4^8{87B(SnLc<zZ)*QT!F~H^&k1)?%7;E49aAyrUOn29ysjBZ`
zN8qH;vwoqq^XW`0JKG>|t)P!QNZYyktkCUo&*(l)5gN4p#cP3Ve7y8d4gbvlWbx@D
z7T_BR-&5V|xV>~a7B|rpNH;qgSn@|~M1CBGeNYR`w%PO8@@ruI+gJb032!kVl{Bb@
z;P%1qJN}YuRX^P6WwbOwQpxw8?!R0!G>MR}L_HYH5$4{xwu(g0*Gw?&+MOZ3u<Nn>
z>x+P*qo#=kt601!Hy`I6PQDe**2wh2t&X}KpVSXb>JLJM>j$~Qg?a7SvVNBwi$<wR
zJ}z)Cof>WpY*Hcb8U8yu@%H5vBpHW&<hQkfc+l<hmXw^^qslz~V}3l$t&VW;Zl|?(
zzWsk6{cj}HnC`XaKY9NO-u*8Yics`#Pw7kY|AMAL*#9?dTIzT1yXpfH6(%3ARa6){
zy1qX`iJ_$Z-&I(4I4)*t4`5kfl1u{<SvZfKYmdsy2kuQBU8jvgKHtGXj~u`M-(_uW
z%}yLE_9Ee^#IlqJe?7Z$q&gzzF8_b8X2Yt^@X?pos?2wPgCk$I{kP<|P{t^#*8rk_
zkFJ+Qt`qma6@0Dvzq-hECjYO7*zC0bCkA{6`1qfn{{Qp;(;hE?Eh~HbsOq{!$8Yzd
z+{);o=+Noiv-tTVt7a|jr~WlTQVbax83ZvD8q+UD5zUvocq-ZaJ+sR&!s+GPd99)d
zazJqrVqXDNxkB@4rQFH9e`CwUE&cjs`WbDm3p0GK{hsY6@+sFZbKhpq)laLPsn1MY
z%*LE3;-7L!sj6b0oSZQ4x;NX}*_k;zpZbRlcXf#i3JTtelG2eC;MCa$#6tS)dAHT?
zRJi*jRF@GCf#jULR$GiIi<8d8B!{+VWRg((00Q#j$RZ)Wk^uf6{Q%>L^wT*yVjwv?
zuf--KTau&^H#heb4}07&m@i|#UUPZoo6(CzfiV8*{Ca`^ai2pYA-J?vH$wh(M9|N<
zxu5{Jc;MN|$u&y16%1B>+&?n%PLU{9hM1W6F;5$z$nH;e#ZPbF%eMH1KW2y&?U%?D
zV8>!<n@wQpUoCPf!5e-62F1GN@u~Ql-z84f8p$TGWJoy7z`}Qrf&!a}WH<`8wiBYA
z@b?hHaX=iYhbKFnoN`vSJ!G~u-N0G;Pt)|mFw&k)C+6n*U)0$;<}n}(3wj@IZ-Y%R
z;<rqjj<Ec>3i#c3F-(emi}*nRHo>r9RZrKpk2$#uS{Dt@RF;9rWP(hZWV-T^dVLKm
zhE!Bk0`9FLXNer1m4y|?6#aJ@Dt~ET-yD9^GsoslY-EX@bzAn$_s%VEQ@AQ~ZP;_6
zr?Y%d@65XiIl@(_<vZWwo1fx0?Hu1D{dgGCs8?6`Dnya?^QF2`Vvj>GJTuNWb`etG
z7$X+mjmak<K(s%7etupnQB-92&2(vIW@r8B*VjAjoJd4{5})f>7z1<1_{PSo_w%Y3
zV<f?J_FzVt`%}P{7G)2>S#4zH6aPyv=B-F<q2(E~*&1S$UFL8xEFn9g>v=krh_98X
zTC_LE*f+KOy~W54kGm<1eCP}_7n<yOg(VKZh5LxPQ;@Yi{naACYT!)XD%Twxj@ljX
zfTIukqP#5imiuOJS}$rBGt+yZ-9SQ8QJK?V`OQM0mJyq!f%T^v2eF-NzIDst$)kNI
z@_&Ypo^z*%VAeO+yBCg|3LS@!O3V>r6}OV%D#bl}mo=mfgRfOi7l)QqMK?a%v9O)%
z-(L7&xU^m412K%dcGL*{eIm&8frBGsyDGyBiURZ$*dz_%QQ3BoQRKM(>do^Me_Wg5
zKf4P~BbS$dSNR8{(n8YkvNhX0=8S9%=ICnOVN)|gA=<FCk=vBV%O~xXFYe?=8;JRH
z^lIx5SET;fR12QhuZu6H7xWi8A0LI|hrDViX;BJ>&`GIzXu?C2+885QWSP`nkMhWk
zw7Q&w=XEq!U3$kYrfaPFfRA^xvmR-tMF$@yIlyiXqR1Ic3-v5XECRkOzQR9L4W4C<
zii?VD9UU!AO-=PFr?;WEl0`2lezlaZ&B?Os@-sHomv#%z%+4+wVb=^?zpDe|y(Olb
z{ZBreRqDyE{zM<?`Q7m#d$ZzLbZ?GP9he!t#^1Neg7x@xGA^(3LX6J$ta9~BV(Bb%
z>v|q8|J;Qmg%UV66q@CsysWpu5tr1qdG>e;tFB??PoSnBSJTl4U+v@Y(!aSJIy0eV
z-bQy`Df<}ogc3^UVg+j;G=>lRCu@0KZkXe{Jf3)p>No%Ty+hNj1L`?)d5ldvkyaXQ
zy{r1CUy(-Q;^I1;tsET6;RQ9r7^%-{9D;&}>$6|pr4ASRu8sheS43M=R{OL;oi@ey
z_gJF7aB2(_C(EX5UbmcTQ`IhkvFw#W8>TH=QqG!A2jDKWKnGV_k^>{Lc@uF=%Zqbr
zy{BaIJ;RD{ZRC4{v5oUuxp^;O?ls8*py-8|xB(kCdE`m9GIIcRZ<=S5`)2e{r_<!+
zZ-=*yn7Gp)<sC$K7uv*S{DjgQ{5tnGhPo_ye^Yek*M=(WLLD`{esRotrk-C9zFXwx
z_NQ<Y@A@qz`)5}T?-RSBchvqqzXbKRT^5vm*(0r~mrKt^Q2y;h%p-uW$-`YJlBAJ+
z6G1O%;0mR;+MV!4H0*h!sUrI!q!hl8o=$|ChQ5;I6dH7k=8!+Wg~+Ylca&u#yI%~d
zXHCCIe0sbrn4Nhq*d;7=xZJT7T`TiRvElr|yOCpJQE9=TgBB`BYh9NPDKl89aLOy#
z;&*Agp?|*G6MNxY7tPBDf7PAU`+Y|kG&OLy{Sb+%-v@L7^^>@?$*Qm7+>;yco^|*F
zhq8%C0XQ#ALZOJVDoGsz-`C+cs-(?JN)~R&9WSD7QRQC{_uATo;xKh83a4$s#s2`G
zdTSAjg7+>a3uM1#jqIMI4CUof9v&Sbe%p;GX>Cdp*<<oe2zO`)HkJ7J?X9kerHUUH
zAyi<XU_1z;BvCKwEcH_<_Z?kx%zaVzI`%WaL`%zn<(7#i`;yUnJJEUcARqeCP3Yyi
zZfhZ{w^o~Z^1JEn@e@)=nECRFc+$%)`5`sxS|t>1UY5QSt)gOaCj(w$ayY?q?*sVv
zkooJGV#j$Mx17N=#N(w6jGWzT)RwZ8vyEtXw>{nh8UpW5gSvTpp;oh2TU(rjwaxrB
zEOFGjObZ$K;GVFrL?&OSS5zI(!J$q=dm~}dTC*bEo4fwd2uZk#rLOLLEdt%2h0B8j
zyO-YMK6*QNv<9J|2<I?WBXs;^WufpXrvpyMv~_6*@{QpW`y!n*h5})gfM1Y!t@;qN
z!_QB7{gw{(AC};X&#}gjMXk%W2gJFpTjkr&_n*#!uSA0bu9e-#X0|8wxJ4$UbTo){
zGf>z`-e1j_>`t%4e`((l90ck08+7<aJaDnbw0TE<d3udiDnPoBI+z1L|0G+@J*Ad5
zR?dWdkaM}ITPK!{sr!bb>OZSptr%6gT}JR8=bw<fTd0L0E5YyvCjPS#d+@+{#4q^9
zS5$HXwi=GXm``fK!r%UaNSK?FQ>8A_AB6XI%{)=XDQj>IOFB(Gb6+=<>fBg|CuIgF
zjwKMi`0Doz4f!)aYltJFkGZ_8qO<sZ#OQKk0^#wr+?XtUm{?>a;5_t{v`R1TPR^?z
zD--PQu$&@Ao9>foJ%xF{q}j7JSx5IzM8K)VKNmO>Tq>qs7&x_pQHN`cDmJt=C%r`Z
z7E^?2WR{8&?=XvVkVn!MlA2a@vW4v-_jgH_&I**gX6QzKVY?YX;N{t8<nF@d6G-b6
z_b3JHQya#y;X{BZYFacmrl<5B=;A^5ZTz~@m#e+UJJsN=#^6ULM*6dYa*;8I>ZjP9
z6~yB~#cj5ZJ05@M8BKLi`g&VRnDgI=UTv52xfTxvMMe4BTcd71vMsk=Gh^Rf<uT(*
zE0dvO(8W03jE8DXC;!SoOC!8@xqOS?XNwTU%jyE+5-bZ@RPZBDg)UVaQ*Ljds*o;#
zN#IYamO0IR^*si+Pu1|w&0*!4oW+51rbI$^``gvUtj?qA=M<+mDTG;~|5+eaI+5@t
zi-HNJDLBb6z_pT)jSW*%S;v>%<ypavglOxy_PM9A0|DicBttN#iubIU=mURf1~|}T
zwL^J8Hpi_<9*iKpE`EEDIUu5|;;qXk5*RYFtdwlo_lJ@(C*oxF>gI;?H*nkcS<|lB
zEflY-hT8*UTHpWM#<;HfqH`{M%?-OYeq&o;*cRQ4B6#du;-?nD)&nxaZrcffr6Q8U
z_RZANs<f&%rliGm6HoS(Vdgj*<(`xPUD820C)cuf#OxUo0H#h&>Cn^6wQu@+lcxG<
zvjZn^178%zZO4%ye2y~GFDV7aGo7mcnVvniDjWFjZ*tw?v}xIW#qe`RVo?zt{OG)`
zyRZYSD2l=I8o=1-8CT2Is{e3DAMgmJuP|;6$6OBv=2qa0s9gUfs0oi3d&taPkeUm=
zXS8u3pZ3{)l_N#kxpOfw?HaqkQD0%u7|ugks?~6i78H<>Qr=T)n{HlJo>@}euPkKP
z?gJ<#r-!-VeQ5W>%L#rK$O&rrzEFV}Ls+3#+`2$m^Gj87ive`FK8I-)Xp1`-IT>(2
zsi3m%(;LFny703FF-y9~<?-3GTPJwL2Fst2gCT(6AKT*AyLxG9Nw1rN^GV2H_$ec?
z@8_NHU)J@43r*Z)o=fbUZ#V*Oy^gGw_SR7jvX?*NRX<XGN>~L~aaG^y<({=k226l^
zi=EMqvFVC-CKsm0zWqh|PK`aVk}1B_Z+S7k*0XDsV4e<nJoPZg(UgyRZ)GC?hBqGn
zHre8NQ?W#tZ_)RK1${0dxgj#<iksJZ$F;mB3(+^S0#)@Rmjw<<63$}aJvKhY>oQGQ
zV+CR!5oCPdJ;srk?UB^^#q5OP0>(G9E5i*xKRP$4AOem@hl?f8`WC(@jKwiAsBr1V
zIn%OQ;SkvkTAm1vA9KE(18QwO*x%Q?0h?=UUq^sGH(kMfzjc}BHZ<rUKs1S?ro+v=
zGHRf1S2BpyWXj3f^?7B+6?BL#gYxg_xMX@rz4~IeYB_Cc^ASYjzYp4)x|@F&*cNuK
z4nK4=WlwW$*5=OnZs&}VG&`ta+!r}$YAV4u*4xW$9ZjbFf|})Y;pDVoH~0ReHzHG1
zWW#<(0pv3EZgCT;BplTVAbu?xkDg=}ClK<cI_e+Ob^Y$>Q$HANvQ)?k9Q~Gi7kDcf
z9lUbZb5d*J-Qt@bzG~iWTDz&qW9Y>czNl|~4bVG5Q!FJXpxa)lGm@Z|DIn@Q>9^-K
z<Iczyb>=p2Xr9nh=&=LJiV2NYtbH9V-PrRK`m>P9ynETiK1TFt@n*=Db6agikHz|(
z%=R=mMg~&prIkGyFapehgza&Y;^XiZBMyV!G-6JG^ps=_$??=`zA*b}ArSRo58yr@
zHJWAurNxB6pwY;o3ngV`7MR6E^lN~*`Bou(V9>g5a((>_-i$O-%|<6Sy4O|cbEj@g
z49ELtUQyG&F8s4mY?sjyG|?nxHwA-FSnwztth6P6z3V~!XUTuD@Bi=p|FQLvl>YYw
z<Nw?NG^Psw*NXm+soh&E*SP{)@0|Jv!~6oUI8#M{DB;`;R~O`vey+~BG)YdLsU0$9
z-?;X>3&Z(ms2~)X^Kl3*#ZB5KCw}p|>)D-|!S!m*GU5N{e`!nwvs8+Ti#dR!8XD{6
zkFfYr>wh4ZZ(qxGW|{>B8Fwen)D8!)Gr#{YhI_H=krqjb@xShgf7|x7|1CUf8a8|3
z|GX71HIbM9PhGULWT?>m7u6<u!nx3AAIw=q=jvko?wVXE;Dr_)J(tfG5YV#+CW#^n
z(PXP09cr3}1~z-xzrU!Wu6i)?bK_|IZAZgj=rV{kDCyyE&{O^WXyfB)b!xo9^QH0Q
zowxs5V|;U_o8av_r-84hjZomU$}e$*qU7ZNv@!?R83fj>dfU-he_0L+dWL1ber^m~
zT7sK9JwVnG$DgXeES0G_je61BAmOzs0L$LWx?mi94=y|Qs$=+UH+aZLNv*3hSo+1A
zA>dNOE(X8Y#*em2r|j>3M2{a0-X^@fjNVJ?WPW{VV7pQO%>kMDgk9&y9C4f%TylRD
zC6Jb1<}=54$Tt1(o~5JD*Y*TdL*t-YM*!EmD-8C6#@gf_VP%uE54?Rn!F0=y%x!^f
z`|nus8SuFzpW3djF)V7B6d{5NXP?DFBnucaqRbRz*Eincr^XZ5?bCzz&rU2nG~y#{
zgjGBWdahuYoECqfR1{p>IOF5RpGH)a**Q46c6N{iS7)}yf7KEd6CIz~*lI-ppi-au
zOWp4M9*BT51sBz}gpeW*J>2%lvXLph<=%l?B#VL&rIC?5XtI@8;&Z#%6^<Y>ivOgt
zm{`0j2iL;<aBn77n{&*!Z$aVVMNnum#FK+#Nmh0Jm8RzQUv8esDS;pHF2#C~eP@3q
z$v~X=<<?09L*_sGo`36wbK6VP$4*~YL`CHUDaZz!P#_{AzPrL?=N69ZD{Nn>o)o|L
z1OH*W(dc0pm2w$>i_tecEIgtV^Wsg9%ZKJDSp<0{2f=xSt2;eM(<*HruNIa4toN7$
zaQdusJIW~v^z{QyZ<{dcls5$^=$>%5x04odQ>2Z<7_(Si;mv^{IZq4jjPsHJ#8`Mv
zTiw?vccUv<Gkke<)z^8w)u6D|;4?AJ??MtJJaLY<SbZ{TA84iCynCni`NL1vH#A7U
z({rt};m7*5d_uyo-q^OeP5q<BHJ&rr+?8<qdc@^)lF3L7bEb{YJ`axO<@$wanvI`X
zq%!Z~&hh~<&V>zSeF^CSWF2;Wp^Dn}XdyvyaeQJj-rDlM5airb1GAKDjeY9ic*f*Y
zS&yG|mb^0=fsOk=+<vSf2n#uJTwK5HU`+#l7vLH_Kbnt;Q+BMdv4*hpNJ=UxDZ_tS
zjIs;9@SeZm6zJ&tUy$V15C<o)tT7j-AnVzswMS@V<2onUn)i(++B*WO%1Lqeqxb~e
zrz+--Ps40O7eKiv_^X4gV5xhmx4&%esyHXLLR%}bkbkucp8&U76{b@x(vH&Ij?Jk_
z?AigOEG!P>Fy&`Vg{H6hGp{_Zl;0{dS`+QO6KVTaUW$QykDpm>D}na)C#bFU<umLb
zV@#gJqija$=2+S6OA>v39wsuWsre%!ga;WJS&!c@2~ZH3qWwBWH_pPw{`<E)thk`a
zzwcG*#?GTj_=%Ph;khJV>l;~+d<D&|titN+X~U7daE13Rsky3`<uAN@2PR(OXbNet
z=~DgteAXj@;Qb|!4Y)qk75gY_RH1N(d>Jy1y0Y6_Gv(DDnOwAGp|{}UezxWWGIEsX
z_X_izEgM{mPDnt%Yu;Ntu^t;M>4}N{{pxCMv{z#NYm5V|3FN|8MAyH-k2E1#|E}}6
z{0oBP`-w>&+B+#$Uoch8P1J9HzjRm)_v$#b_w&o)0}fuUUnw%T^p@=GjYEcT>KmVB
zb6eBzHSLt)GLU02^?{WO>{JXHGjmf0laQJk4mt>LFIlS;{I_j^gjx_YA)*M0GtWB^
z&@~3JYA#KHW}<P;i#m~L>gK_`kt?G{`#D0tfNB~?1o5ToN7?!Kz#}ubh(=_IXymm+
z-Z_WU{*iKwyCiabhQo1PgDl@$Abc@@SLsBVzZw~nBlTNP@Cc$XPrJf6#j~@0S{`co
zP7td1bj7(<x(+OkZ*KZ}dVn$CADA8gJXJ+BhtlU*X$&-e+;o>g5STR@iM??*H^E&q
zUb}rGqj~cObCBQ&N8RuK6=U;tfDq8JRvujPRSd&7N<txCsn+i{;&zSg;^}?DypwQ4
zO@QjNaW=Vr`}J+h!eIY?((38*!f8a#S%ga?^cmzrnr?YBpo;TsYtmC>`h1245x&%H
zBaK4)_^8H<m=rxSK3dBzCVP}re(Vn0b_3@IoHnz02@!l?W)09b#(x7kD6<-O=EELe
zwGsdGLylk4(-$K<`}K=97j+sObb@fX&C(lo2C?-LodzV~{-#rdHWB3Mef`XkI9}hx
z-oY3qcJjS>BHp6{+Zt&4i0?rmd9U`y?!e_^^Npe$6C8oqyGsrW6!?lOR?dW=b4Yld
z<=22}{AXn|^r)yZ8pzzMk0}*YhPXpwx%hk5X&Kql2+XLE^vq0|zh>y4YpJYnPG~Of
zy@mLhYJ(*5J}f@$8ZpXHNyqs>FFEMa4L;P44b>9X_(bl~VrkY|Tq1Co6m!sHDZlYd
z9Gk64I7m=&UIq04eJRT?eEXOq!;}W+{<bI4>l?}ZVX(APM)(Mnjge!pbW`ul{~QV;
zW|ZinLV#jxv`4u<3J59lsA;M74g~R$;V8a(C(PRW<%ugfC1nvSFz${=FTJ8?y8i>7
zHeQTUAdx<nyJ$Z;ULXqjHFNFQ#p4HP1F~(Julut(@2Spxnjo^ewq_VG9l61{#<2Nk
zOm-BS|5!2?k3eVoPN2^MFuzGUI#Y<{l@gCp*V4+5i4YqG#%3AkH6Fo;wF_GFp>g`$
z{EFecy41+a2H8<ZdRWdZ)`{7-UtuH!7Z-2W@}k$`T<@)a-69MM^Nkg5ZktDhXV9Ub
z8QdW=CDFVQG~aDVot(5;NIS&N4oLU3R|zZlZ8>uN@ILcxjkNx7WN{$Z*E9g?8bg_Z
z+8TFnJ->~Xwzk?N=gz{Y%Bu{fsR=b58ME?F9E^AGMA@X2N0Yy27_Z5$XDNAT^Zbx&
zma~}V;)LDRX{$$5&u6PA<A>L_h{|3J*_E`(W;W7(5-buX_f;GtH(BJM-kKhFf8H@$
zX*|lUD3U&gYVaN&4;MGvGCI<3_|R&YmbDRDTsz(VHndi!vXXv*1P{tvL*5+uscQV@
zlKDj$QziESJ?ux{@GH4Foe!*Ndd5ac9X3c39EyrmcMjg_AcRCb>ms`JYy(T`TG;Q$
zCptspr|@HMF-FK^n4ty?Wq?Ap`iE4lDrxbKywFjlZffsaDf68(%^JPuc3^hE@JfDK
z><@gK^yFE#D4pAcgbH>hgNL1EJ1IqnSG9MRfXWJXF`>ShV`1#i!fYLEKXiY;0v*`>
zuCm%7fjQW<=M21(#W1P1Ff;psWI~Ui!8*M(IkL%4K&85FW?d2e%Aaehdaby!KKvDd
ztVUIPZUHl%tPKS@PvbBWH>Nj0=#vm#8by%!7YX(;9YMX&Y)ivG;<KrtN^z<$$4Pgt
z@)%T7=hYI4Vr-P?DznH|hSnmct89@Wo3q;p`BdL0=DFxD77%$CEt4odrgf<<xc>nL
zFHDcF4~D6cKdX58TUdIYvG74$wp;GX)103@UDzn-ZlEsE)kmwCfaBOF-ro_y%0I6I
z;fCuO9SNhC#R*1_DHV^KbC07ICI|FPaP@|{N)$Nk4M3B94_`0sfTnv6iPi|^wEkU9
z6GJ%=xU)shhl|^&sk1EMFpS>6Ha4K@L>9dI!fJ@3Nz#vn2Js0HLG(xG%4~y8@U(Xh
zO)+~{lS<#=&~{Hdv$J8>GT=}8ZR7eyMIoJuj300D>nCL6YI#uVrRAP(1`aWuPOgZ2
zG+0)xw{%8>+&a<l!3hsSRDU)|cMWK#RYgEs<xtpOwwY<5kgHw!-}OR2*B)_x!^A=g
z`2te){FY^#qOt6eg%-^6A|iXp`+u3)fg;oXyv4>m27}j-nf%#QOj^31KVZg;vP24J
z4DUa3M!N_Oh?0i2g^)Gec!knhL+$OehZNIqeeXUH6RTM2y*2aa+RrjHZz}vwNWrHR
z6XUjmCpFo|tCQeL&z7`b(niyVWM*X@wR}pL5mCG-w_Pap7nfU3P;*@7{tyj%9a|je
zk+=l3dHXJgN|cjOF=-quUj*>UhMp=c`ce5#abZ-rZ7Y33jbt=z3yAx(@sV}Cs<65!
z^kdFPcP0b<hn5w5nu5H-_}Exl`@{Ynt-r6?^^AVh_v35LYEN=6$PZtkky(K`X0<*`
zYvWOKb$EY2h%Nhu81GM@ZxggZSu|wdYXXW;quEh1|A@R?DUj%iMy;(}dv;BU9hYS3
z5}M#b?35KN<#XEI)sI`~B)HR#GxCdRFpYTMjlVeNAthx-^vq12$}FosOnvGpmi>?7
zR;-#7JcP@(jOb@Vc1(R3hxh~Q5QG4ld;W1bxxQ(Ur;p$VvV0_F@7NOddrxKT4r%s2
z>TzhpWIx-Js6*ZLF*}E;_c5w5Mmywsg6RVDt{~S|Vz5B`%W!-yNICr~iuc$0%?Hcs
zkVr{}o^I_bnWciFvZ%!TPoi$cSXGs-977n=R(Q>(G899yG(M5l4cOxJ&i@|(+(0A0
zzV~#~*6YcrDQOU&dWF{Re!3bSlX3J2rH@{4I@*VAYQ`MDe4p<AA)Y_J#gUZ5)D4Vr
zA<hRC1AFdw&dC3vp}*lKc7`gLxJS}ICt)4YWEasp)G@G&WpZteyC<ShR?sE)P6w0y
zPe_T}jhV3#cCNnU-F(i{>MRGNTrjc@=gq<!QuoDj^wbSjf$`oaM0)S$PHR6;Zk{C|
zFp7QAp;(z&5EP%mrIRVxS(?hm^5<IZD<sPT>dJHRbFjqN%$(4~lXMKsvXRwgF+!n;
zuE%FlR#YIZ<S};(kK^haOZ~6_q;p(2x`+6*i`3uABQkCe$$P`Fv@pTdKbDGyVPJ*k
z>M|mH956CA!z=s{twR$?`QcbuoTThrG9dxM1bTZBpPIvjNJ8z^G?ES;V^2gVUY<T=
z=j3o`Zv_5c-Xx}8Vs=@|v%-@cI$gy^kgjk)CkZ_rP3-*Rse4q6w~rThUoNn=wnls9
zS#14MX{;&6+$DjYsbyLH3U`kO6P9?6Ylma;i_2$4)^>GyhI0u{94c#IapDzMbIy<y
z?}b%R))#`g_@<rA#7KPoLx|m<gukaN=Wg96E5e4HN1gIHm!_L>wR7ig=QLx@4>))B
z44(Eoh)TW3CYx;Xe!={spr>p}?&R-cyZGDK?w>SrS#vEI<!1XL&HVyy*S^I*tDnD*
zmPw(!jjW83M=qj97sj|zH-X6k+3jd~{TJCd?#BARj_Kmx5A@@bGlb@Wp7pjralXH&
zlP$^Ze6;s}Sui(uFc+Ag?jXv;5gQvP_MNF@c2UekPZfdAHdx!aQ*x)AgMqs!Yv@P3
zD&%JR0fJMm%i1lz+tr+7ZlaH5KQD5M?~&~5#^uU3)>x$S@)0bz+u`mROY`dmRt2ME
z#`)u5XGiG1Q?fB8$cpmf>g`r;o{S|ZIFk6d2wYrasp}YFVd1Ct`piwid~+K~=`SKJ
z`B_<h9ckI`Bdy$mbRZo>Z;(FOj<o!*k(B(7EWd=L=zB=2{{1^An0-(3&{bAu-=+H$
zU)YPXsvddICRiJ-!puMuORp&M3vvl^FhEn^l%qL?WJK>oNz0njx)EA$rpZJxfP%70
z@=xu@KwXQpTOIVZ)^Y1b5ql#%Wpc0uOW!!!`Wgv#)W?2z93?l(I2h%Lj-e|L`^U&h
z@JB_>h{RJ@$Ul1+0~KYWE<Ql|LkMO=#W9o=t*GxG<i@!e6jXIdIGNAYll#z6)+M|2
z8NE%HQBu&S^w|KgCKnBJM{k<?IyvNPfw{E}&X#64xW~x<0cs;GO|Z|~3O&0Z9@gK-
z!B8ESedkz|!0RX1u+mb*aJ!ZKG{n@hXPi42gr43Ge0+CeVC3~)!4%I9Q+2O~p^153
zJ-?5eg%Q>}qd0#l3j+;Z%H(aO+&t`tf=LveBQuN+4)XkNHY$obT)OiDfTHv`w3O7a
zb#TYQ+5%&9Cn}oyHwaM=Q5IWqK2(Yn5DrwLr)@}DMl!b62H1G-rM0Vza|gUoRM8~k
zZr{d>${2k;Nd3(`thAKad$o<PGuB**t(GDON_%0tUbY59^o=cW_wdAXmmB6Lx@=M2
zPSK+w1mkt=)KS1OI*%7M#Tct>Blt)K5~N&-ut8PVnC&K77&wMd*IJ94nF+gmeKFQG
zAnITqtI|bM-8C@@KEwPn--=+QfjvH!=;`TUW#fonP#6bgGSxr1#LGuTc$gZZr)z?Z
zqdOtt(PZV`VPRFoxoB@xHatg?)maifZBeuGrD=F+gTV<XNDpS4rYSd?I!F$-McdMo
z#;zA6_?Tni<jvKRTcjoIMqAsK(z-Sd$GT!{9m$)yL3|v|@rlS}6&Py1fsvvTIW^6c
zo{NzQzAkZ@mpPXlh>p4n?&13>C^*k9a}}(D&(mC6ij|QrA<3sHzLJH7zCNA_XP8~)
z8}!#+KuKX6>6K0N))r$T8!!Iia|EyMVQrv8NYXW$Zl|K9rbf{IG|Gze@vt?)(sM5j
zO*Ob%8R8szh@#@l_-|LoCgLP-7FStkZFL2aNF<MVX$7g2FBoenCn`LK$Ishot|`RX
z*^R;%Q&b-G!O1Ow<`*5@&Pm3=Hh^2T?R3_c;kMI`hhs}T%!no+ra*qyfp~p<@iK3E
z9^>O`#nF-my6>LC&oh)kF>>BCmErCb$Ai0<agnWa{9S!_WhP<!v#2;7kAqtT{Sym}
z_dO-hT9>4fI;4^{L_z^QHThTvWH2HG5R;o2!mhC6v~~5-RCNs(OI^;~eM-)L7yOPE
zGA$6%asL$hI@`JW_!Vm_O9%u4@)P`sI$X&QVv|ia1+#`vlG^#3=ysXlb$o07`UhlV
zyT6ER$ME7f<01(&<Fhn$PqDBfVQONL?FT#fgNP3PVNa(_<huBW*be?AvV*XDb1bba
z;&oKEBPl!ncX9ILd|y`nWu$D}s1E*87FpeTKUuqW%+8H5EnFodt5-I6`^L4dmp}Bn
z*Khw_Ogo<)c(Ey%|2Kl!PN=sZDJM@7;J1g~X(4yc?IA2NgV@MGZq+qXkQPSxiE;!p
zeZ=~@arS;Yi}Ukx!JL~H&{tQ0otr<8+XpC455zkumuaz(irf@@;?g)0?MqH&JL7%T
z`1(hZedZ9M`?B5%rZ<H*8%XuGA~-3VM>SPk%DzBt=MeMrn}YdME0`1INN@ZilH%`u
znX5mCw8b74`;Zp@8q%VlK`N`4r%0Cjp9|(V-x;K0^5UIQP*P!Ub{^TuQK)>XNN`dC
zGh>f1)YK#;=f3>Cou9rNHEmbA1Y%y@O+!P?lxq(Lndo`UiPU6b_r&7m=7gr22K%qJ
z$$xzIJ}$-CPzytwo!ogb!oY)*XsQ};uB=u5!T0h}9;VvrWZr#2-X34H%^ay86(O2v
zC&YLwI}hJN@^!&f)FA1618l4>Kgw2x?L6xrp!jSgD%#F8Pl*su)U!idmFTlKcu|)p
z7tEWDgTM-z5xX$9+eN={jp3$3^i)+**D)fmdVn>Fl#NWZR${BGfQh{a1tnM6sjrE;
zt}6{=0*0Sn$4pZVzXK=O?P-anqbE+bhPWqO<kFcvXzK2IuV5mTu)H`;`GvzcSefGJ
z62rrmL8^;SpsTJ&<x3HA!Ax;st8p}4Z^THYQYJf#P*v3C(z_kZo~Eai-KwHzXoSA!
zx7neoh(}5h>q@jV)kl=Y795h~f{AG89{L(OWEECYk#`U`XD2*;{Bd`-MomqFlMi08
z0r{L0&3ACnR`^!IY^%yeUr~kp<|%kvhpo8*_MTxB6c%#rdLajPJE5Rx%JqkXAerN2
ztR3q5PDDldqNZ#>amxg-#^q3Jl+3)y%G!sv!FGZI+|V*{<Z@Xtj#ef_B<BJWuI#r(
z)nY$ygc81qgqhJ-Jg=+a(Y;$_98O@Ds{=Y(hU}Ax!O+Vd>TBw_cO##qxNw~9tk5>J
z;oQ9@F2(zyYUoIf{BZ}EBgu0I>Q+89k1X*eQo8P6##log*T4uI%(QTg%44u0A2V%j
zVpA&-FD)_JbQ4=WB@$%<dvuT6JHZ^l+rbp?@RLYD)~6U<1x2}FuD^C$r-aP++(1`N
zlhpi2h{ZExg_&XObd(!;iEL9)!OF#-;6P9L4)l)QiM*Ow<LmT2Juer`W93b(F1#kf
z#SA;2y<E-Qi;=D|`On7bzj+WPEgNptkFq2db2TX(Lla9P4;;l%MG-R_7s4Y0akMeR
zWJfG*qXO0$XsIG5D2ULIAoiTO$&8pU5WXFv^zvCwWM!~_Ul@iK_T<%#b0aB)*t|Mc
z*VgE-%g5S3l`-)eYr;PKeVwTo67o1Rir|D|2I{Vn5FS8SSSayFZ?G&LAvVN`ycg3<
zJ-dw8u0RHskTd@LCcA87c~F^$L-?11*<PAVKx_t6Q+*tZ4Iwlliny349JU*fQc}x0
zFYB*jy*q<ZvHT4}khe1zs)t#VNLXE-B`M0C%m*Eew%sKrIDqiT7^1^`G1Rl6uzHAf
zuJ83HI%QKZe;}J|3T9vpAMJ1DuOeGzg4o7izRO=kw5~^f`+eoc{E4j2?ZylMEsuL~
zN@?KCotHd%K7z&JcC;^y@^pBK;kgxRTP86*&`xOOEU<v<p>|Y`4^Yu7k{@sGoyPlE
z7k?Dd!LE`Cn#NWbo?Yfq!#KMxj?gi+3c%cyhy(fE{BGzEx7PPW-sW$jTKRZ?i%c+|
zZ3^c9g<uAFc#>8Aj3eOzoUVAxfiNGgRX-sq!k?1HKKiS#<K?%H`l=#!d+noRc>0TV
z2!yj-O$tO?&k#?)KwKTn&@}U*abScymk;BSSU}a)OahZHQC4u2==3X8-#$rjLgtq{
znB|?cJuV_KAqr0qcY-4ldHmwl`d^^^sm!KeRv<0?MOnUwJSDPR`yMnq!$KdD;$KBB
zoh9#bU6!ivmS75ot8q5g!g#waL80M<g#=)#qlvCV7*C#-VWOkMiEB>)Dc7^ZP}lWf
za0x~pWTBy9LGk@oa$=oPH+SXyjfa%wW}&C3N^(gXy$_4=G||J*+J*AQ0hU*#jMwL)
zrK-l^{Ko*a-Off^O@pkeHZH~cyc0f<O!pFFz7^M$ZwjWik{WwX+~Mui6q6GZ^6SH@
z%MPQU__<&XQgSv@woZ5Y1%UV^KDz3JXBW{@a}mXD>f}7?fu(UGy)Dpp@M1tDrXq6>
zYAPzIsHqc~Ucmh7S0%jSyzID=3eKMXL_~z+<!Uc$uSR@+BSW=Cn5rlfccO~I)DSdP
zl~GqW=K8Y^Ze55*{Rar<nrM>T_)v_rv<N$Vny$ey7Q`YNZ=FF$S(Vh1cGkqh#M)_M
z6p+D~U=4tY_Um%N%)QqJYx7(=eTaRBvlv={w>=NA)7*;3kwW^rUr<%u$jsZ<WQLie
zX%)?D@hV-n(@;~^<7`107tdsHIPE<3&25}Z@<Ua1I}dwCX>F+CNn<BsDRRbJDzSf$
zV7_`<gt@8`$L<ZmbS>5<`h+FsAQFoai$zprgrcNi%(bckKuY!XbhH(f(9%{z-zkaV
z#Wi4+%VCym)Ai)h(^`V8bx>7P!_p&;fuUzOnCTOdl*^iQiPJ#_=<Z7A&D&`js;g+~
z9{uVy#Rns?G<T-xVW<3h`GNWpEVNbe4~}AQTmUxiG1T{uvoJTyqugVteyT!3)@?2(
z?nYJ5hO)*X-cAg0ulNi`+A7%j?q^IWWg|<I?ReUopsuckx~3MH_XZJk-M~~wjerBW
zECa8q^D$CWBI!yMN8>&h%qW>)_Ty!5h;z^(7A5ek^e~D_D&*EQfAQLVDTbw?yXa|X
zlU4K-q>G%6w8X^em`vIZvPD6al-%1qsj1;YS`sNI3z!l~-z%6$%ASE#Le;4R^!2nc
zHZsK8=OAyFrF4}XL|N6CE06ksCC<eAqHDT?#MBcQtEdokG@qwWYPfbGo%jRi7@88Z
zj(A~;?)De7wY{M8<rph#ykm`q@+>@p5~!?g;$_!E+;)19+c3_pgJB%G)dN6(eF0Vh
z8N68nM12JKxlsO2FazTXS)3lDtL^jg+vx6p1IwdC2RoD7G|uXqYMk9%x!tt@Kx<_-
zHs0wp)s$jm9Y^2HDgfn2g9wT}$E)^-Tq(WBtC#%@4|J0n=ERAL7Jx6;^0{D&fR%B=
zJa=;RS{ri2lOzP#l6Aj@mg;hDJ#MD2?<GU6cW`s_r23U$gJAk?3g&;oCYyr!hk-SG
zxbKBbuv+-Dh!;Om{y4M+)%0%pAM;ukuP`wurn!BL)Z7=Cr47(Azs6|a2*+}Jm|T|7
zR5MJ%y%~_s6L_MR^5GTc#>Y8Y&`tl$DuX?53B5kbs8GU~tY7NQK}0JO8tMkgemD+D
zsk_sOS#mRf7}oleu3skEEi&0|-W1IL6TzHnXSeGvGAjFMyq<!E<#u-LKE&WiKl{Rb
zxnA3iaONe+L2kHvdU5FdEv6TR$p4#>c_GsS4FtJ3kX>|_XLa>7)>aYj=}dCo1MXZo
zjAML0BVAANceBUD#*r&koitUP*dUnR<d;0A@YER|*0<5w@R0oh4kYB=V{Tz_Qx1P>
zufeQ9c8aVl-&>DdFr_Una>10A{MyFd&F`RKN~k&&!IqCy$;f-i$k-TTqr;RO-Ob0J
zs&VvWGU{rYq~%uwQt~r*vsKlF{v~*QFP*L147hs#1(zas@|l7@u}P_fdf1|{O^GO(
z&>iwM<>L=NMn%^U7mr;ydd2eO`Ew5Y*`aT`oxreAtj&!vw-2FXYL-)>JJGRlq(=a2
zZ@UTB|4-}=lx`GE>M!m^<FgOZ*0;dP$q5Gsdv?0|b3P}Yk3KS@u6K~@Cxd0{bfQ}T
zEcN21ww1uFLi&3iVyvl*k+nUc!CvU9D`M>A#kK3Fu~b*UC+;9;_xqr#q(gRD6Dtzr
z2q)VKw^T&kB!ZTK5yr;Gc-iy_S0e@VU1GR*J0IOoKO*$VV<uXzVxaU9Dt3E#Ju}Po
ztU&o=Hnbv?-@h#ymOR`bm=mqV=qhey%eHNp>~O%{Z70sY5#*Iu5$$P-wt+PsZuYV@
z8E~SwmeqCHYt84g50yDr(E`#HuBOMJqpF78P7j=IO;Oizp!7)(ce6v#(6Og}Xq?8I
zr!Z1h!`96mYhx|8?+l@B=rtz;-O)ENWp|Jt+YPnxKT^Q-!~pSL=2*GJFtYk?&c@qp
zSNwpOD=mDTskZw#=qeF$sTHQ5VyvY`V8R8~edA$T03Us*N&ek_0A{)#utQIQ5C8KM
zBC{*r-LF+H1ex-m3Jx@OjZvEB%LgBPhJVHb)~0GP(f)kQODwHT5pSW0`?2f1>1!px
zN+0j2t1PpQgwFdHu`<-g$Yck*JUwxButG!6oFhdKDL=apeGN6tZJqIy9ka18Mc>Sx
z@)xf-8|}rGPqtyc!wyG#TMP~KF}8N1sJb7Cl&>NYaVFAL*8W3Ob-ZYuSVFoyPG*QJ
zdin<VhlXNjZHA$R7xld_Ner_?(>RdvrD^&1hoYJmet~}Mv@_+i&$e)>x|!>zLfER}
zM4u4EgB7T5RVKBd2BZsQg&3i3n@VqM6<$_qY<Kn|G;lXNOt+JqU5uD-(o=nkk3RT-
z<aaxDqLDfr%ydyvQs+o<Gg6?vBn2&16|5Yb2n+K=PfH6Y|4d#Ev=ZjF9YaeuLPJAw
z++j}SiPEo~mMoQDiztsovaz1pvJ5nBcT;%t^IhaP^fmNIE_gy-LLkYd-2n8~=3(k}
zj4?4F=)=>)mRo~D9;Aoh6>$ZrRI*`wDJ%~Y>TAvUx)E5LB`d-W&yaX-lob+WZ$?T{
zHKLgz;yoP*N;*SX;W>8N*^yoOlBu?0T--c4eYu!R$M<665kbrAMb_zkdKokCR7QmW
zYgAo~V~4XJmx{~D%}PX1Q-yQY?K~;X#=#|wlJc7*hx_6mp2hTvly&l>JqS5)oA<NH
zCYyr!|JgeWs5p{#4Ila4)?Kf=ySuyly2psFM9^Rfabgg6cPBxH;2I!dffx`Zz%V`2
zJ>LD?s+m5Mfy>Wb)^}6SIq#{i>iVj_uCA5$6wnU~gZcBx!d%X2;PKga^jO^W6LUU@
zWZy=9IkleG*3`1${0*9~Ymv`^X_|+VO)iFmU^sOeTAldA7Vf?QmX%0@=^}MU7j859
z2fgasoM?U%qt8u6%P?lhPyVJ#9!)6Yowe1xkx|Lt<lO*F)~=}Ip@do<pJV4dCzkVs
zBx9cuCi@qY>y*L#Yz*dQ5?*+jRcG38UU%^PpZz{b`DZY+PLifiVqfVM46i}))_MHt
zKfTE5n(G+4CgVlBhpMA%c>aY%+WMUg4>|D|8fRA}^U7=Qu`Mr~mlAiNc?MWL_htV6
z-xFx*byIz81=AKp4d$wM-elK_T6U$(B4KtS>sIG5>E(Z8!?{|9-R`^85GsRd-99to
z1XIe4Gnl3@n6V#^l{z5wxiXjmF6`SxTJ|bhx^*neifEvtl=QSTwjbS3M#fSKsyYCR
z>I=Kb$lAqF7@TcIq-U+5`u#zAnoC%ennGG;Hp|!KvUpJ@+mDxWc;_mTQ`5v4nPg_B
zlajTL=FVZ9H|trGlTKn%5{c={C~D{=WQ8f(vx%jvH_-0~OYddh$|TmGYQW+SUDc;q
znx4$U^b9d>RErnqQBrY&)RbJV_7728vX6yXo9GV!fj%~6XL6{xfk4pU^v>1Hoj;#t
zD^`-bd>QNVH?e2`Hqx?|P}V+x(Q}Cv>1iz8c>z6WA#wL!Vb#K9@{Uv!w%5oEX&m03
zOZtlSILgb(%}QhU*;cHOoNpl;Pn3ziCe?+zL@qlRwgMFI-9*NcwR8*yz^1qH9GPN1
z`5c*%brR*WTxxG>bk<)WJ2jca1xc*jc$5MCPMp?VO<Kxg%A0N>F@~<QfBg!Q<eH`|
zWcTSRe1R}c1=~nYUP)`eLC`nE(M>B!T97E-OEv{H9fVAi!M1AFElL%!iR7%>z_r_6
zEYWvgUXG~m#c2}3b>kANGgCNJ)x~JS+I3+@gz2BL8cn~-s+>jaI$VYw%9Vm$q^9Li
z*?Jp^<-g6A{N*f|pF>%5Pt2559a>9LRz5d}ymU7glbMo6afb^$?X1XI%${Sl40jdr
zx8ld7bC1=a4|VePbAQ9X&)!9dJB0iOHRleIE}m&YVq#>kZ8=zg(;L9A-{$n*d=e9r
zSg>FLNvT;JExCk06r}jT7O}3WWTa;ZrL%Zx9;Hp!@CCz+#kGqENl!~+`L^>ILHiq&
z-7Rd*&6e*%jJ=psl^q1bK929-K#n{e$E3aLBnwj#NnM!1hK+e-q-9fg{T8*31F^ju
z7;GXdeKCdAHvpf=Etl-|1tL#BmoFY8bD?-=$tmRI?xej>XDs^KOGr&giu^uq(C?-H
z=4Iyon=qJvJB_+dH$)6(7Qg?8f63hBG_u9}O-j!dhWIw78RAA`F-tQRl9HTE_Og6h
zyN0p&V7U9*$zPd6M%E(ockX7(k}THkKS{yCy_{+2LDJh%&W1hb(Lz9Ih;7?8&^QpF
zy<{)jkJXI%xtD!A*WtM81S|%x)sVL|ovh4ER^;!ZdpH1ASgh}9mM+dDJ3Ev0d(JWJ
z4`T*h6dc`3W>zNY*-JT5-bT<QMt^%HoAzCZ<RS^^JsjP>mh{YQa@VY8?dn`gTKn)j
zyV$*Y1&gw?$Xc?Irkk!2YtndT3;Rx7LZMKMV=xmO{CtuyS+nbSY*rnQj;VSc8$+Yp
zAD+>`<|a3{x`s%|Dd)-8FOXO10>aewcrZd1?HzrrJK9D?+Ys-!++capkZmxp;{~+d
zKGqy*qon0F?>F^O(l`j=Fsn8<aL?2RGEdwjZGAI;yP*>>$z9&aJ=1FC{IOie$$8x8
zcxq1FXJRmw!4zY;hWn^4y-3TAel%x4HHGJC?&!v?4Ny~AL0hMsa~Q{t3|^kOh|Xah
z&CWrVSFhCLsJ@JI*d_W2X&Qaknkg+Up|Pofin`WF+qFv-qOE};aov5jnev)uF~5_h
znsVB%_j2oM3k7FRa{R<GE;!2R?vMQ#?%gP5F#Atq9v*2ht$2fZXr#e3_Y0l-@z2#C
z`SBY%np-Di62l4yaJw}OuUC{F{DCl%fZq^xFD77x{E>S>5g6&OX}E;k9*<~uWBB~|
z<k*^9)+6^d(LWTnWH7p0lkYpy7LaX#-y8j8hzVescs&}rFGxJ$pbw8*lVjSF*Sg5j
zho*TVrzpXI%-g_3Vq%DX-aycvLyycW^VFqu9Yf|RpCwErH#xqh`><l`A=<RjxmftT
zx)?{!9l#^!@P}ga8UASBU}Vh<Ec^Ln|FB8?=UwD;#H49jbX`p_L-xA5G(3hMi;?e0
zu5BRp;!J#o2hINXn>P@O87;XkAyY<M@_oxbBVsM{&iiod29d6qcy*7+*BiGE!AL*v
zSZ2!#aUpLWfBDbPQFcw_>v7}t1>y}~{G74R!N}Z#u{H>Lqx&&zTCwL3ME8t6W{}g%
z#WyJb^)2eVb&T#--uW-_iIod&j3yND+3V*L(lBEASonQ1AJJ~Fg+CaM?Liq6dl!+<
z+E{!)!olbq9&aH2<>1xb(Rt<A_VbDT5?fC*=#Pvqr5k!=zF>IN-Zg`AFT~~M!L9r4
zdHu0xbL(EdUy5cZI*&BSx0}nD``Ul=XMgx7B<3APw}YAwrSjW<^dFq6>XdyW>mM{N
zJ3ffVo=2{QNb!SXg)uzQb<hoO<k}-jzt=1BG4Fgj$m_?R4a1OgLpUJ%`+{Q)idXar
z*ohFgcRhM!ZSCee>!ZiLn}E-_^Ik^nW0{K~bBX_F+=%=4g|0{UuVu#GuUxCqYajF*
zk$pNg3WcJjCu%T%Hc6Pv88ti-r$=Yjj!>*^oPG}^R5RmvFP3F7G~ne-lZ#Hb2|hRT
z4z<zj4B{GcakQeBUd=~EK`Utm!+_506^)#~=_jnaBfp1!W5`Q;;|<>1c$ERa#o&<6
ziDo@=B6@P~75*;o29o}6H?uc2^S!CnA2?^J(fy>JoK+*tc8xHZpRU1F2Gf?)=@c5q
z6{$OILn5w4o37oa<oJ4?d+rt1o@zk%XtH0dkBoDQ>sVg0jErY1+7_$3;;x5fyeyq|
z9z%l+4h}}!q+z{_4WarS%yU?WzZEr=hwhwU((uyA6U>7``-Bb%Gg|&H5OktYeA)00
zTw%xd9W>n>=99yR<H&9fpRFQbg5NzvTkAFSK$!7SxO=a$Z`($89y-e{rvWy-%|)!=
zxQF&z9zHD;3WYM5KRsU<uIW`gm@siYG`$*IqF&7pzFkJ@;SS21db!dzKxKV5OSjhX
z^i&7`p5H=YeGiQ-eUv&n_^Xsk{yD#$Qx#YF^LH!xlk8fKR`*cX+(%*cP39~q=dr1!
zOyAi`aa~^|?#$WC{Na0L{7iBK`^vgFUERs_wRL=Z%7@QeO13>dqne*fs!|5?voV<V
z$)hV~M5JQZZr2daHANghS4#JQbM*YO{(alx?~Q*wTFPAB^#(II3|)J$YTkk~KaP3m
ztC+imk*xm@aCczt`=&6LU&Si;Ijn}6(7hjwn}CHv@ufqa+!;pXB<_<#o<4f<1%h_f
z!Za-u|38))eLwPK*&2OvXLt#zb^H`iC={1_3?7<R%#Y8l<bi|=?w$70b>Gx-9(t>U
zA4@3Wx88B^Q&Wm~WYR_Mom#;IlO6ov)FOUkb}>KlRx$UBz7I}u@aUVxJTRq#`zM$3
z<m4iLb#@6qD9Q&Wl}E;Wa8e0BG^LndpIyYWVr&_A|CEb7_C_I(zgfsblV!ikkCwO4
zBMBA4Y*&1W22&Z#2^f>O`lmIwk}{ZBVEUs*Q+}4D`yf=k0IkUpgGtTn&~pUzYY=qF
zzRFxG6bgkxp}4yZ=2T%Y->Vd+O&F~yA3~GMM@Y8aGr26L??qJ3J+@>$c3<`#)#rPY
z%A$(gkB%uzS-*EuEH2h2CF3TV_dTO>mU>7U%z4saRx$yU!ThwOP8F5G{9KsLz>v@Y
zguM`Sf*FY3L!nS86bgkx8O#Tz!F)#=#f!q&UF5sAz89zO#w*q~_Py`CRT`71k0WU$
zBc-kJ<|!K^ZglMUdBs1=*g0Q}oQnR`+%jb_KLdlQqztA)p-?Ck3Weg!U@)f@^JDLp
zanGbuzWr95-n^slMCy)6`?ub72u12bqhjp)w(K~eG0JfyW9`0<|2wxV$Bc`gW9*!z
z;-4vgKG}BvWCuSz_aeWb45l)eO3Gj=6bgkxp-?C$#+6=SFeexBlkZ&==Bk8my;00J
zW0G}SZ;q{Rj?p$cPL3%{d(2oFZ$zbJ`?qXKV<=-}Ickit;^Gv^$)0-x68*m;%15R-
z_=$HN{E{-5%3vxfgQ-v`6bgkxp_mwho*;jiRmW2^iujQ^r93s=!4nA%9v6Bnp+uCn
zWZSf8`Iso>y%D9nXUmR{^|duBZnVbfH*LiHGM|x(pD$J)JLh=C=lrDT^Yjb{KmLw`
z2c{G<V^=#9Kp9LWC1o%b3WY+UP$(3p1%;QL{7Om{k4!BRrmK*Lrxx<iC_Ox0IRQ;1
z?!(PBey;I~k9kDsQSt1LPcPwLb1!jo&<EqA45p@O6Ezn~N^;+Pi4CSgp-?Ck3WXvV
zwrII!u&unGe8(*|+{M~oGeEx<#IzU>WiY$Cx)>N3kPoD!G!e;tBlpjj++Zpc3WY+U
zP^gnkU(m!GxVz;KS$qJL!R+kpq_3~<!$?U<?w^qcQ=w2O6bgkxp-`yb!E`#EN=g$_
z{O@2Y6bgkxp-?Ck3S}_mDU>t{A4W<_a{qi{1~cq)QB`u5>MK2bmh`tbP+oDF0N4a*
zE-#~|wHJj#p-?Ck3WZ_<sJ|ksr1V++71^%F6a4)j{~pgxUCQkcV43&~1E1fI=F&tN
zBIq}8iR+L_1S{mnH8hA*a}x$a0Y7fH8(r5$o?gPyUKk!tJcEdf*6ne<XxcEkFGxJ+
z*UsgQ$(d+iqqAdiDyt9F5DNM+ygoc`w}|x+wjkseb)O$ez~>eB<+yJAfpBClx2EA2
zxlf$H|FZWNUUDQ^-X{EKE$_aw-*9(V7o(&SE18*@nL){*WM*b&X6B3x#teAAkRK^a
z`Ifq?ns%mV;yK4odYGGCyVuOzrC*qbIdel@R8&<_TUSeMZ7tQ+Z)h2qW_EZIv5r3t
zqn63eCMLHp_>V=)L~kEk*IItU!0N~#I}$yAO*Tfm=^R_;z173H5t`b2xzTZl=4zFi
z>Sm6w<eY8IGP`=r9R>|EeeJ9t%J^%d79G>kP)T*o+i|Tik8v%NtEU_<k5FwM?>b?u
zs~Mf&L2DEyI$P7-<fNyOoSI9|+%~r+?xB~RGB`McTx;S_#iZA;I6TUghF_0f#>D6x
zGPV8>7g37nY-nQRN(sQ`cptM{A^<evW7?a#xm4%?xL6yfXLJRv{EE)%LK5QR$<41}
z_fp1x2J|{L5~&;$zs%n3Fykwy+@ZautF@C0wSoVyFx@H{YpJ2KTDW&mTUSFxbpsQ#
zi;VOSai#h5e36~)&^Nq**6`6rSsiVrsI-o2Ex(Gb@lkfng$-I6H)7@ewoaDm=pIMM
z-;6(dj100P`nrda{9<uE`>XTp9837~FtX6s#>l(-lJsDef$>!g046Qt?JcYxiU81w
zkLc_eK&nxj>ok#`oIpxS9+Rs_nE3lZe7I(gZw<qHhfOLb`ujP!60thb&*I({e>w)F
zVlg_SiC>LY#@z5A$09Ai2A%who~CNyo?cyDL2b(b=Q7>LO)Djcr5Z43SsW7XyB7X7
zSOlg;U|NzzVCrZ}aN>(EzU22`Kc!*r8Vq6zBfRhr@W<ilQ~aV*NC@%Z@xy0i*UqAn
zTu_x3h^><|HclSAX&Pg=`8D=-&bYg|;_MvC=8cTGo;SGKzT(*{ThiZjq0)+Yoe+Y5
zkT<qZAL1VInnQ)2_w*%u@Zwb<Qr;scC)}U3ifNX+OY!#f!rR4`N6(#T9^YcDBAtkg
zT5f@nl1P%u>dB7`A}qa}@t#uLJp!3KlJcjcXS%16f`Zq0*gxg5V=zU9`BXG?lI0i0
zp^-lc#n~KopZ*&TF_ozF{0AZ>+TVkgEy=y{AFQZi;rf=p7ADOBq0heM2fIKHZu9^Q
zWd`t@-#wsv>FRwcM)Upo$A5p!;L;g0ttq5e_i%?%$xu~3bE_i$nw-ydWBbIOoWfGd
z%1SB7D`RB&nAUi296V!rQ(jJ1dK}N6TGP39&DF{P_I6Gb)U?u6nvV4gYx;y3enNXX
zfsaERmrDL*j9Ll#K0z!?_!BrH$|r||KcXb|rW^U;-~Wm5l5qg~(gO%iY6oCvvX0;V
z<EON*oC7AB6Mcv;?xH#|5bwZvT02@v@^!)?AdxGriT`LW_r^%he8aC{C?%Yb@)_>X
zT~Sj}z=_((|7Ykmj5L*#Ur>m@^%HzUk|`*vU}&(1AU|JrH2hiI%yi=%RDk%FpQG3z
z)YE}Ct-~k`{3;ql18LjUaygnqWMn%ZB0ZYoO?~6vQeghsW28G9#>>l>L+vk%o9@zV
zT6zxnbI{8+@c8BvUIyhM*1`3B8_xEzi1c8TuJiKuzaz1-4-;@aT8F297870NINP{W
z)zU_JdJHdK+A(yX;_rcz{(4+uYJVDYqlkn+SNhlXm>Z~JeB;mQM-}Pu@f@g4{A$$4
zWcs)>vMA=)Al;tC`H3~DuS+Q@%)#Hq2Jgs<kIvoI<^&Q_#{d<DK0$1%vGBLRA}}oi
z(~>L#^H#jblW%^Yuz8TkR}b(?tU;rf5cR`9@G2;UhSDs){-=K-wy1`zXg9umn$GFb
z26^#O)O2;@>+pncANVo5xkzViJ`eu!fAE=YB<ouXxc=}75qVAY*5~p4cMoVBn<L2m
zF)u>$=&nfS^Y0!}HgnB;`cgc2X%&Qw_sEE_eTje8AS3y{eE!9^)O2(a^!QWUW3ng>
zb;ijjm0O@S?intbH7t)e^YV*N`Rw!02+V0lp*QkpAgqWgl?w7B+_6jP6pmG*1JXPl
z$SKMrJ|>ZlnOy+1;zLTaQ;AGSV{rKdxX(aQ6fO~oxH-Erye9$RU}=!rmL{^2W63XV
zXSAo9#F%KR+orfR8o550Co3(H=(rTRCU;QX98vZ<iImKI@^aIu8(KvxyQDTRgQ%!@
z>U!re0HWPhI?Q(S5)+BbC}Ufsy(ch3JsoLT7vB@pvt6z1$n<QF_RvsQM_P0=In{kA
z3<j15I@yyM5x%kS>tJzrpO%V3mX2khm(WyE$;ye0583L>#ojlPm{3<r1~vfbPxs;X
zpMFJjekU3L^%0@APx$iN7xc`YGS!?!(wnY(E12WGt*o9XkQ~gBmu8M9F@>J_y?a}h
zE3bDbd2Q~4n0QJXhJ{u4<;iZE8cRuzkK#@1C~Eyr6;3Cba0tmoq*T6JZC9ebHBcSq
zMoil#LY`boVvqx`ht`>C%H;RfsobbFXjF1~O44W>-{nJeXH&Snct%=QI<e+4Y#dm?
z04UElsLV?yHa>yM&MCAexE1eHlb>!L*F>5IR?%uC<oSBBt^(!p9EEwMoXB(>F7%Na
z7e#t*<-2d=4a^VJo9!o1Q2rWcrxcEEw0sn!ilS&AqEh2<bPr}%0Vk6sSbN4G(?d^j
z5I;WphLEapFy0XA=1A+zJRvSWP(HGWMyo-7vO;P~E(cO0A7W5l(OsEGLVPSm4Ff2&
zV%n-Y*cWLL=2CYPE9XkK$2)1Ltt2BphKzy+uGI!)$IDa~m6DO2PJB`()7#eoNDh}M
zNJ%6nE|s3yJ;1<pdo!I~&E%zI5$^BJ!v{}k8s9>vyrjAygUHw<I%oC(P+V=3laWYD
zb~d4QRs>eeafkMby6Se0Pmk#7@1mwOgP53H2FAyzDM%tV;WaA<QcNa2t3z$1#Ke-A
z_L}+KD?r0gYbnw3<~}d2VrXgw;TqeSAv4KbE+e0fO9em2gjTIYp;S;6?MzA2I!dJq
zt!xu_$5&*O6cZmEOa0&~05|({6r{$GkocPA!<+k-v=TaN3W!ZiA|pD4=K+N%jIcl3
zO-g(;DX+^o5-XT$OyJW`z9YS$7n%H$&Wdc};^TN-)rC|eroH-q8lwvp%@O`I%&b!!
z@rqABb7Wxl-~)j<PgTP>D(N0|l?@aZ=8%w*!N9~g1vx3^*bCUXRtc-0on?8%MMaZS
zTqlgPNv|-spJ(pdREmo8sp+1>WHPYWS4(_sG<nrsNN)M)81<URsQ%5{F-o9!ZVv$I
z$ufl*aprhZ7??Xodp?Sji$BMTE1D`gxlkFwpklnUiDQ|OtDQ+Q6QW6dT}*6P2(1Ih
zV35*OnoDGK0+rqKW`9hat&WkM98Y{oCbN52<~;5(UzdVoP#m5vPP8mvVw7*;Y;Vuh
zwTbhw0)Bk<7`y0P#M)bW%cF@c@1m{H7vJ<Mlp2lj^iD-aDs79`e8|zt0BMQQB&NJ(
zZs!^kusho+T<?i#IjmpE(JOBlZmp**C!5&RxAS$JH|fd5rx&wvsYQ3QPkT=%)kP`h
zekovNVua$%c(cu7w$I;=%e8sT3y6u0Bd4SVvC7Et$`JK!jpU?8laXJ|waSE1eMLn<
zhIwpLNev6YI=T)$?=Xpo^me9qd55{7ZsxYn*j^Z=uBMjMlmya?o4C@LFx|@Ns>~rK
zDvrj!ISjl<$Kp^GKYac*k*_PcQr@yU*hFG<EXg^Q>|Lt>kR2`YIxUfygj9x?k3n-v
zy0;_4i(<|<#{bwD3EZp>;NY9Wu|g^QJAJy+hOM&$c_mH4zaIc+8&lMl*O46XoUgw2
zW_)Rj`~YV%iwa4MiRDe_9LD>;Ftl_G7+4<fH^*E}Vqz>gZ#t3bOjxi8OpCy@B#XfO
z1y-7q_^1EzfAhr3fgk?$ANb7^e>RU#i2U}S$?lv-dN|9AfBr242Nz5>rt!t&1kTPj
zNc42ZCnOB}C*ShT18+`LVoHK+`TbY+^sikYS|8xs|Klr$4m9XAyI8$^NJ{MhA)Zf2
z?A%3nG0b<59#JrGc28iwvI#@Sdo)B@KgTbtpWz%|p1<@#qSeutYR~h)NOJw`aPdjQ
z1k{H-z$v2^rSg)*SO3EQ_K&}#W=X_fhJm7JPwZ2B0Wd1hh<x@b;rTW6H56jw7|-7E
z2^EQ6Bos9=)KQAFtv?Ir3f^N<ALH-tOz*LR<|J=|a{Dj=qlG^F=om&vZ#%&+zQrrP
zkiM=uoL|{9zP3(#UI^u_BMdZTVe>ME!}Ci<`@3naDdg!VzoDRGochcFJY(|c>1e>$
z<~gO~dmIfn@aoA68hiRF2=yQ^z31lwb3@EeXn7Oj$MB_&&PZo$y(8#1w-aRVMElGh
zby0x~9BRQNr7+Bywy^^y8&mO&&850L1&@d<&Qu2OFvv&?aVBqckInuP?EDM31$tA0
z@Jmd@D=3T|*)2yi=2*j{NeK3#W9)>fmSmFObaRJZN>PLxEyJ7Sy4ewz*UUgi8UD#7
zoGDCq<1<zjO?Fu;(<2SIJho$Q<BXbEYaBwd80c%l-NA|Boh#mRKGnvPr?$K<E~BKR
zn4<D()=m{PMLO}qFM-N8mE>nc@$F|ejP5D8-WbBe(Hb|uDDund7@C;nN)UWT3<d)R
zBWTa&aeDAMKIzpAbXMZ%U{BrTK0W#ABp0?ZGt!8al@}9-7rcpfBQU0b!Tu)vox&Jh
z+@U1YpP`uvBE9^`t{LHca{xDIADV{7sZ94LqOg_4$rhg2c+=1|KxK9ipM4+3nase)
zP#uq8=i<k{QbC%#9oZe*7^SPYTe~uQbWW<DFP+_`c==~@eKv)&Lm;PWIStv-I668L
zot#Z$TMr8>yXZ||G#Z3hjlfJv5-+X87?~I(CO(OdnK{BeJ()O?0y^^i-N>J~pfk~l
zC$2&C4)&8CU`2d+C(C2yeD>K7lr(kHTA7WtO*9*OTg3W15uIB@S7Ry8*7gkSo>3Cy
z!q?B7D5!3sB0nA*I}aw-_h@+AA6b=*^w;8Q=gr9C8YQu=gk+ohzN;F$Z$BlZVu3r9
z+xU0|v9LCYm-SN;-?UMk;?L8^)|9sOQx@+*Kx`Q@$qF%1G4xH&3w`dJQp{9mA+}zj
zbPV*7=>7!X+<Gq0Hi&d`qM~(}=F(*BLh`v%8~8XnYGci1+jbF9ZDaTR8+@Zn=xcw2
zgJ&>{8w*5vdy(DHM^{xc9zn4jDUAqVVyrR-Yu{*khx$nNe8A(tHyo^u<7@9jW6u~>
zuVZnIuVSvJkcXdH(LB1sXnhG0iDk^qkK$wRLSgSXkzW7v7@gA*<4^O_0qyB-W&t0<
z^6?GtIi9b@Jv4`_lVKiw_l*3iPAXpq@!eBb>N@+#j`JX)W{|a+Mk3OSnVB0W#?O|j
zu@xp;U-Qx@o}T_5LR}v5%Bz%>u|_<dBj_I+B{9sKh|*yU9~&d9$HWyj(_NR0vv({P
z@>8Py+z2bEXP~VDkB|iBmU{8>4C3Tw2VWO2)+Bn+OGxtcq}6QS-@}c#l2&?~3;6!q
z=X6aTF;o#raB?A|qiqDaxX?T}MV!@3(knXYXvim|uoH=vpU__s?c+%O>NWkZLvf3(
z$AE@RPX}|~9n+Q^KyG6*!JhuiZEaB);Y#!DA=^_exY*d>9~MVhZ7buGi-@(x53bEg
z9PM2xXzr!8JOj^|e3lpbaj<fuw7!#?*U`KR&SZUKh0vE@ll6A~=fv{Ek5)8v^pX?e
zhJX1in!^$7o<Aq6p_B3`H=e$9p{aL(+)xLivYXkNEF~@}pP7YG0$)C-W%QWo%0M33
z2GZHrLqdQfRfCIk6@}v-lS}_V2T=~+@G`0q!-oRX$A$it4Qg`2sUKUSuO^xwp83;d
z9@}tlM{;}S7_3gm%N)n}co)I$_SDUtyf?tv_6W9*pHkd4$x`<l99+Dq>*%8>)&q~Q
zOir$jh<ABTVqp#KbtTw63t)U@o=ksd`bXD@w|?=FF}jareHa^iZ(4?Dn3<WOIwu&b
z;AnCqLkQ0s0t{5ex)J}no2qyRp1w$A`|Old`)>(IE2h7r3U?bHCKi`Sa({8>i|tc?
zW_FKh%n#s+Z3KM--2}KhP&#>p1&hG62uw?|2+Uvj?Mt-lQ$By@C;aZLG%Jp;{>Q&l
z&^|!WH~&Uq@2aq>^6Vdf%gEt1;|*zi`7D;P-g18T|9nsL=mZJw&-nIB8!Ad7`ImqA
z2cG+8Gc+>J*2)-mpZzm|#chnX74zj6Ur;$VMUd-{l+0ej^%&nictrld3GeAob?5Wn
ze@|LQ9_h)MRJS+c_39PASpy7Zd6@-fASz%u%ZbOnk(9+b^VJhaItF^M{p^3>mRZGU
zYp(E(>4UF-k5yPMS8CH=C@?*+OX&eXCq5+J&4bx16<YBkKK4P343FUW`ImTx#*>y9
z$@kxVMa{wm?>U}q<cHswMQLgl!45z0-76nX)G(OiO>k_#uv%1;63UzIEwow@;a*O3
zF6^+-TS-cCDhXi@eEVZCXL2Jt^%?1L0r;dhAUfZ{-^z)hJ-NA_hRM<hoWrVE?W`a?
zvjMeM$3}Y`?taxj6PT@=l6wNP)X$Ut3oXszo)ir4qtj`qjB%l&eTA9`Kl)B|fP{h|
z2bzb^&3@bv<MD#ueEyV?1IfJ=MfuSz)}Q<qkBAhK!rb`$i$_dcY3WZ1B)WEtqDX(r
z`e&)nj-;exkkSZuIz~@FA}}T72RhI)xX(y&5-x6jM8_tOTiwrxdUkiJmDJ=El4JdN
z^!*E_R}Lr%b)dR?51m#+a##rMi-)}D%v|2;l^bO>jnvoIQ{U3T?v<M6NN4QBa%gC1
zprO7RzgLdLmW`p5NjN*)Wu&j0+KNK_++OjzYl8kac|=5nlaNxv!R`p|);_GAtI=sy
z^cMvZm|Vx|R5yun=D1>l`0jgKddB<k^6+BuN-6a5+5Rq<qDx-8J>cuFzu^a~RKzMB
zs|_)H_uVrRQqzd^b>OR)k>o|W5FFJijH^mCkEeYi2O=FGV>CaEFF$)oYE~954}Xhw
zU^dEIC9gv~$tx?zBOnu*>X1ku530(u35cygt=DmRcEZ-mENv|f<fTU9@Z6jEokN<l
zVhIV2Ah)cUt*Ku8?VSmUjv+R^oUQ#0g58~&JeC1^3cMW29Y3W#(u2&mb6Th4c%l_s
zw+uR)b8!qxMXu4JQHcl*a3-Uu1V_(AcExJ68WpuMZbamFk{j+uOvNNhwT7L=F2W*m
zktt8{`05Ls17gTXiRJNwuSh5^!^6glrFVVb9Oa3B*)(@3w(xZKVPSO;kLLkwUu#fo
zG~()-j##7RaH<sNz!a2vF*OC*B&DX{>-3aYL1D!C_>kPTD#WlhR7pr`1@q$-eDd`V
zL?)(^5b49WU)i#FspjM8sEKvrP3z8`FK&)DOr0pvYOaa(@T8<98=HsU6B?gLVx%8m
zef5&Q^&13C5)zyp$nM)W`=Diiup0ZIJbIea`28a*;*!&e332D)kN&K$590nRj3bGj
zlcf>T<5NgA_tDeu9+BBRK!lg;{V^Ilr6bChwp|tbUGcbkSD`l;dC&1|1ulW<TpSEw
z=MuoBN@KR$grj>XHySMytyzTRH*<cpLPqM_w&JmVVjhp$PKqL3sp{PkeBNkF!re86
zsyu(beBnZJS{eZ^FR*q=M*guedf~_Bg$Av93xB^jR@QoPwF~7)p+=`saj>(^)owp-
zZb6)gw()XuWnE$bqm)!nFNzBj@U)NPN~IB=4k%5Gq_KUPs22~g^$s`tnjnb$#M%KG
zQ=@V52qY>tk;<+`K3tf(TJ7h_Z+}NXLMD+OPx<nJ9gAWkvz5^V#1<3e7s2A?6(vz#
z<Q5kY<?6}G<t_4?OAfZz80c=Jsw@Y$$F`KV&heg|o@88o@=*%cfQ-GJJx0qz@$`Lz
zO07k$JR;cLiJF!U68wVLGskf{+K7!$IwGx>gWhEPOUF^}_Tl(4noDz?3-egHc^3)y
zhQ-bdyrK%YI$j_rCCNN4(Y*ZOTk87v87=Z7IJQ@K%A>a-kKC$S!kpdcT)jc3)3Vx<
zk8M;HI@5iDIk2)pb!H&-qYHGDgp*h~fYxkdC_5bQq;g*S{fL!o5UJ@&*gyOh_q1N#
zV>H~DZG^CCj-xr!m%x${)aJU%(?$HO9cid9#la_<bEO)MT1iZ(8|jU$Wcj%;ID1Tc
zdgT2v;^#;<$FO<woVe^l3JUVcD=uSn<CN=-cAVUzIlfrL-^HH=k%sxIQ2fF>F&O1!
zc(^cfs6?keAl28E>au+7eLwIe#F^aQNvgB_c-=lL%;(lPAA&2Uv0xFH7J+F=7J>Ok
zP@K#W==dY~J=?+@RmsoD53<HTw~kDYSJaPfqdH&3|Cv3r=TcUCt8nox<Ya#VKSz5!
z{Q_~evBK3ckenn>zJKtTS9UJAd-yQ4d&WpZ1~&HgIN8||on41ic}8-yC#|bDAfCh3
z+l$({OWrg6CZ6XHf8gok7d-so5h1B5L<dHYS~baRRU!d_nW({h9EDF}E~~R$I6Qxb
zqq7h8ubvWLm`k9q7m=wAY|J)b^~{O><>S9tVA>}40H75eknR`2o(_;M<7*qh#LxsD
zj~-FhGsDK(0>#-$OzepfFe<1q_lsXbKEuPK4E43){^AKuQ%4LJ`VyHk4j5=I$e^kB
z2#^x(=SpoyI{{W6R1YmOH(1WAm$6((<+No*;22fPg<K2DBYYpfqGeSKnCMRP!6B}Z
z)s70XYWo4$?uf&~r{<o(4D)oPc|#)9F&f_{EhT=Q3|wev3HN???v|REw<|BJR0es_
zzO4oQC9#gyw2zC>oXz6->U)0p`bQFLXE5>}6Ju2|IQhrZJ3Pk7@E~z6FNmrbqbDPX
zh}vb2hKhOq+!`lWU)GN=DG7C?{SOJuAO{);Hkln6U~F-P@$NF5o;fhHEkoe;iUfOC
zG8#u%Ug*Z((VfYKeM-WeXc{^POyopG&@q3&drrrjun&06jarTRZPIAa8%<P&xDngD
zh5B87Q>-Vp{)P0`rju1Q#H~(?TBW4BJQUaDQg-*YSz20RWo-xP@g%O#oS8jQ0R|dU
zy$OscBsRvI;<hoCXL@md<w*BfFK#wAj2>$MEdz~Jj4W@G<?TqhdCYxn9mwh3WTP{Y
z$5zqIudXvU+)jE)Gu6qSxCB>W0MsYrINC&WBGw`k-JsCi@*b1&m=OEtq?9)^JTyvA
zQwg@utXVjgGFG3)r@#4x;No#i7->ne=XbyPlG6S)^x_qwd;*w0lAzJ3QCzJP^5Oy2
zBkLS*F0;6}#OCfHTZ>b44NkDUJVT<dJt-+~2=sDi{73=XOJb~T$R9tWHPV%k%1HnY
zM{9ZJoI+PyHZR>G5#Iv0=lHr<@w)5{FKmKY72SeKOTMoykre}EMz~WpaR|V{N*AFK
zxoB^1@PG7x?B-E6Hdc6(0Pa8$zn@A=XDc4BY#2LI1A3~1T?j0l;SR+nUhY0Dt`3;X
z1#>6`{dqs0Ze`p8r*oCK1!uA~U5=M)IJ2v3v=&8T9~en$fV<h&7$#t{J{iySYL@4k
zdGyqtk;PS3X8XxZEa6bBLM)b|)f@kSz}&tQQXbAOtV{Kvmy+b+N$HzRY@WH(H@nR0
z{1}<pd90qP5kO6b+bg0PmjT%BDlz+2z(9MRxgW!sURh^(yo=0?dQSI;@vsT!N+KaI
z*@w8oCe~MG33sp|vuS`ZPZ!2M7^A#9fvM)8GX{6>N=$H1V7dmq6`1|Fc!Z$<&Nn)6
z@`^wPOm^fD{JNg@{6M19>sVcxCoRN|#M&;3!W_wLUIO$C7lq*Do=I&<1g_z^tgLS`
z)>c7oVHdiOj!_7Q5)&AX2=`B5b-fR}CqC@U-{vW3si|ast_x4kU`|DE1-mP2QWGZm
zE&*0<l$WL9WEIMZ#t8ZwGJ?Hn>0Knz?kP!CeQa!)$M;P(O(PQwb@wr~xXMst4%RP1
z*gn_XZJ5;YIuQ5pbOwgU86N5($o4TwwR6Z1`+4x2-|{3dABEAxMoSvsef}Ff0y9t;
zbTp@VQr5jJe7U7kDyWXM$1S`R0|M-ICt~fGiPnVKy+f*N>S-$s#?Iq4nzwn<EnIA@
zsc!8cGbD;D;9{Z)$Dmx~!0B)%{$+0kW;f2(aY*$b+it_#yB>hm-ducQGpUG=!7I6%
z_0?GteO;*S*=MxWhlu1c07hF&DXeKG(%F{ksdE4pYqGG7sOFY;n68QRalR)o+e;$J
zX`TRJ;&l|hNhM_Y*$`XQ!N$fqjb*u%cCYdi5+c2V*wz~9iSxoSwG9Ix+Z)5-sXc9-
zl~~#Na3D8;QD!b{Lq>BunSL(xPwp_*+j}=gHZMZiJeD94i@7y&$IaRxj_wI;UMWy0
z%t@)@)?mV<myjLff`5P`LD|jdO)&k&5C4cxK*?(#FIMD$_K*y7oHcI>v9kC5$rn#+
z^7<!**xwAU0nnA?N64EgG;%Rgg_{2^m@s}U6Qf07S_GygSp??CFd1}6#3EEW!}}am
zvKu4{6$;4>YMmaF@fPWg7@fg{UaLYZQDQXck(%pWU*B*eGM5)iQOLwxi$vVq+z3gd
zH*%{{a&vvj<<&KEr3Nq}mq}3H8o_K=EHNMJjJ!vuk|Ppbo9&v@)fE!COxVR%uF?tT
zq*4VYp`6ToP9f|pD}HPLS}e3FS1N?}hRPHgjCzgWn?{K3&&5DNgbR)ty#Q#h4@mX$
zVp|8u*6^|oWNG_?mK+~EL*pndNWs(Fht(@30P@pWJf6Q|Y)gzzr!yxlJq13vB~?<N
z?N4adIH0HDbsF{Ehk%rDFE?tty6}2wMMO?1S<!xc@`Wuq71jLs&;KXx5s8!(<x^ch
zN_&1N4!&U&=B49gZ$rz<DVr^2WK;_NvfG`6i|_pv%t*(lxP>K>_d17+v~*g>r^)kv
zCoqHEY1|M2dTQd`sc2uPJv{*HfD}q{WBBZ=SF{c+kQe7hTJ0b^3*Ef5wPRrO5&)z2
zk|_IU)DG>LW4#q(-Wtf}xqFbgAAJd{n8m0$z~P5aaf&EHYgCgLXh-Yl2@{QpB$VD4
zn6CpJXzW{|Fe;e9*c{69;<10}$?A~`0Mo6QcxO9267nd@ishTnzBl_d#OqKe8b;3n
z$O;d+Cos<@TKM7Na}u-j$jQkTR?CNG_Nk9_;DK8N`FVL{rzPTGZ%@Ve9!GP%xITVH
zLRKLaWqG*2dPqsn47UaYdc9tFbX0dXkKK2_#WpB`vivk2+WF8nHb-K>E5g$9$xDmk
zyRX0Ib@wP0F~PXFMN(RjVU8t)+07#gd_7r`>ev}9#KzW@iP>R1++0Y=E+!>95Wk{c
zw$_Hs=Nw7RD<wJHmVfynj2qbvd9fi>jO_8A!<jm)twTAIY7pj}ModwZ718w*9L;p_
z)&KJ^G%Q{Lur-j$Km7AU#&)D&lu(iy%yXvzN-HbLNebhoRVZsGa*TJe8kub=#@5cC
zvWjv79A1%MIZ9Eg7v9ks<fR7jyWf9J(Zo63arQj0cBZJbj8OMyWHgSlGFHUD{`;52
zWtWm27lM<00(-}Y<c8bh9+666W(@W&-prj|lNsPd*~9?=7drzun8%=Qa*OU_bN>Z|
zQCgIRmxnu3o7*&Hdf*ZoPg!9mKm7hT1ihKR_lT^Avlk1?eYn_%aVUe^^FCZ%iqQeb
z(-k-cX0tb6gY^%N6jziIZ1XLjKJcKku>>zKSF-Z+@p|$tKAAO$L`Nh$IS`qWLvCUO
zK0YPfT<#Ma7{K`c4foMe8SOx6>lOmaEu0-(S&``BR!pp;J#Di~q=diizbqks>(FeD
z<Uc(kyWEzBt)nA_W##z3_=@iXOF2JWBjA-S3E72YL<bWR)`a+YOb}KV5-BAKPPm69
znENA#7Z1L|H?xfNI3IjtJ{+Sn+QU6*-d1omRm`KW>={`-<UJ>I6*&5*2rHQOE@8-k
z^VK%oJVTHJvn{!V=G4-W7lMmh92IX@V!!!!oWiSE9INA{OCULUxwt(4oTpwT>@W4>
z_S}K&(lR1lT}jIw`-5Y2APCGuf;`N}vUAcRyl{)mrZhVihmbUOwuW$a^5tA3B_+g>
z;N(2A6TJEN&!5pZyC7^x=N6esX>J7n{@Eisr%#w`PQ=+KfZ~#Tg1j8ec~d0&`Vwlc
zTa+1&oqaq<H#z`xvK<0mKBIH){M~(9$8>!(&)lOq7oXzuyMH94xE~{+IUVBr-+xAU
z!6*PL{bf9U?nFjjsk#3%uzBXho33@<qrP0g%hj2f%wn?Q1Mo;LV{dyFS0`s;)ALA<
z@WVFh4Vz1|qy_|Y0bGnXVB?#G3^*A~$GdnG<xV$tj)_PNAl+)g!>bm6<*pn&qjIQB
zi{MAEcq$6Bd1}7*_-6Ogl<o8G-y9fjDx|Psknx5D?7adgDJ#bH$Io~g)qwGXM`Xji
zoakTPpgJRfn&ElciXzEq6l^e(6^w6YD^uM?ymStxtgH|xH*YHE&iDyAiJn%36|}NE
zV)oO?hSa=bV*PCJPb=q2dP%N_1ODMjyiSY8)-H(U-4)Wko#+`~A=TgKZj9`mlUQ09
zCM-Cf1DT2Uh*k!$^+@DU@pA>V)?dQE{^OT)tegU{(UHo-Z#|e^Ul#=CvK-Kz2rHPq
zV{7F5IQ`^{Z6F(G7v{bUpmbmrfR0#i!mB3eFHIo6YK*@xwB|8rqp%>4vf56L#hQD4
zwKvyK@9Y)^?qg6(=%{I7PkR51=6sdL>Ta~a^}#ATr_%qr0@ETerFZs)m-GMp{Lh7p
zOpZ({L3DkM=thEEq4=2XpZopxv-EEh!<`S7^fwon7Jdm6hg&PGA6+AS(ka<rTSI9A
z3<}m(wvlU$Xk_P1jSkX3ILONGDYr%w09wT*3k$2L4JO_r7acOQy3g_c23sd`z{L5{
z9_QC;;Fhh`HLj#`4mTI+9~fk6cAkmxF=11J$&q13$Ho~SA7^^u5S8MFg^6MM`udn#
z+Y>~+^5U5N(<=Z}=C)Qg&-e*FJBxFSj*ba7#zsciI6UECeT{3ak;}~$E)+ThpY}F5
zxm2Mr+ZY_^XJl-Oh2=HQ&d<#;Eh19hVl-&kS)OF?QUZX<pkT#(POLWm)S^nn?7}L0
z8>?)eNdP1J%X4fV-U!DB8_QgX)krRO*g3ww_u7TSx93C}WS0kw4Ve3PV2H(yL-cq3
zY4-VGje&sy#wTZ)n;mCj^??2DbuJ`20QR>wxsWP(k4AdQ+}IFf<3c|&GBU}|p_r?k
zB}PX_nV2x=kBu_FvWNQCfbmvq?w>jOdb{cA8(?~N4W;&$4>4(EEYD4t>y9!oILPeU
zA)4D;F7}og8t7+iYLSJRQ5JTOQAjSC85yFte~5*RV{Y|&4%b$Y>%pj#u|6|l_Fcin
z!8(KHxCTb2IG3m~=ye=zEz;lDZ;o}8srhYmw`z*RJSZR7;60MdeU>(lG5q8mSI1i{
z>|AoI5VJ5fi&!I^MJqdJdS?0E>s3ss-uBJt5Ix;J^bL-(esCqM?tX|)En#VLlEMB#
zAuh2>hwOZZk^X*$$EO*coa0!kr7^^voVGE>&HXWA&XcHhto7$$;~B>I^aKNa!|WX2
zU^E($U+ptF+|R(kAgg<4LYs%{%bbW+0K!Hx%jTFD_O8$>ub7({rhlNH#jQhhdIM_7
zIg=y(3=WMlHagDMxr{rEYF1Y^kjbxw)n<(WOq#dH$C$ue_k`v3L-e;Y7RN{EA0B3Q
zVV2>6Nv6A7DScB%@4x{0Nx`_MR--W)k(}-_I$&;ZV4VH)w*p+r>f98Uat-$}ak{g@
z@ud<0bGen}H57W2Fu!+}7P(UBkzei$tNs0hV{9FZ_~3SdUL$9HZd~Y_(UEaxH;;uc
z_|DCChx_}?F;8+VQVW{_tt@S!HJXr|?Jzz(z|hzX%kxuAF0627_Id2y7-_iNTIE8i
z$EdksdTflna}n<l?rBTwd&1-JORL)$0FC^DwY4qbSblND_Tf3Q>k~!?`^{~ceVd(P
zVr-T5*?tPk>gnwt<h9=`9OD~>`FpT3%b?kZ(eXt@3hf^rqg%kFW@BX&wdw8rIAVBc
zK)C)ljzq#(EibQQjvCR?IzxiZX~w1(xKZlOzU?tGFu?HW2$Qq(TuQXuY9uU9kI-i>
zJH5PtMyE5^-DcG6<G|nu8wXbyj0hOsmYrX@x0#DZddk$?s_<&9y@eU}FJyPST`$ee
zv3I2eK(AA=xiC#%PnS9V0cKbBQE3g_VbpVRu)#oopRhW5a4E;|c03Q>#$k?e<n4H>
zFsSA1t#6_QG&dLKu{b~vXheIgAKze5UbD2eFXY`SFIe3;13-Rt$m;efGSLwu!~G16
zPclC@#qj(thkF}rpU42Xxj5$NLd>m3%EIIb{e!~%VsZC^pQ65Hdu^3#xx(z<7H2n7
zE|0g_H`fzv>~FGqaLuh&!Q$*V{r&w+EpDUI8Sh;KCmRcl%`PKVX*k)OXV4t`@Yp2h
zVwJGjlKkR;@xgv`{b4o_uh1K`=Ga%bk!cYf@7#^i*5NgZlX(IIf?2sV@E)Dq+!w1m
zsP){#pwqC}U5cGsIu~jq0Jri>CWpt&v0rnzu_oMiF=^S~T<1ovLwR}lfiIUBj7HA(
zHaWRb0C2gp&eoZTiHcZ!3kLZ6!Nhv^Yh2yk=^7p-C*Fs|njy3ZAUmGr)wjPRsJIh7
z_t8rZ3AS~ke_Jek@h?;A0Js%x)7spRTBo5iC6LgvQPdjUe<^`!5tuRsqN6pcN{i^7
z-bba7vN6+3Mf(_+A{lapn2E+ZYFfIvG?!J$MGSN|(Kfch<>3ZZ`RPQ21QHRMKuiBD
z*HYO}wr?&OZ7ZduX^g9zcVb5_=XhhD(t-kdX7-TF{&-AE`3*x|tqd*i{bKw#S7)p)
zE^~SF@p3Y`l-aH}T1MB9Nu?HnY2j~<QP{}Ebno+f4CZ6u3?^=Gb!fG^du1^h(F^6d
zpQkrsG~U@YADcg$KCo%RTud+A0L=o#T>jSl*MR=k{P$K^88rVD?4lRi)&BJRDbriq
zrn_T<Isbk<dcjwnPDnyM<GVOa=D$K!!Ke4fMs9_&w}NkGU(Nmq<?rnM6tn5WbNBKL
z@B8ttPZ2QQ#ruKZ+&_m&@ZsnE3+D3%VP#l%`?jC-LO<QryR&hxg3ymb{I~DpGMSq&
zyzg5f@2)>VIH%KU5&HR~yAqo)yd9@^b3hQlKh+a_GrS!`!KUebxqJO#LO>{IG~Lw|
zd@<ekL-13WS9&RZ{ev8eR3G?i#9&Uqy*wcv!OsuI$0Upmcij1=MXMA1_!xqZ<}!D4
zP#B+|#z3gokr+$YmgH`105*q8h)6HH>*t@QjR|3Vb@%(^?mVWu{<}Blg#sU3f5LU~
z;e7n?nlgQGEeOXyyG9IVzl8DA>jfWA=9>u!3?eZ-87BvSTE})Uy{n_s-R~pAySVRj
zKaM+J?jQd&zlA>eWBsjvH;x~fA3{v`$3vLg!Zo4C^s_O#cfAYO#Jzd*zQ69-{pr{w
z+-HpM$4+QV=r^67^_ezY-9kxAOu*m6k&eZ~yL*M;voLS?g)!n@yJp{ou@U^e=abM6
z@8Y`OpThl3h@E@$=JtcJ*WKB@caykx-@bou6XLj6-k`rX#=?26R<J9K*L{S(`)TY<
z{4}1r`{QZ+X*}=GSD~?w&u7zJ*}HKO1guVPxc6_)-Tn5iU*2Ck#*dDRxvmhiP|x(<
zhG6gB9Q|m#27_SRB-GL0jh6|5J70xyxPRaN*%-;L_ULV&Kx5=1bM-zK3mv$<a;C9=
zoe%EjcXM56gAdyKxG#6HzmLUW{=CpXz~bIDe?O>%$Bsjb+Zh`gpl@)9mHkWf2w%8S
z6ylGyqb=bDt=w`Sqx?*G?U;?bKc246xOhi1x-Ug{GD~7wB`b5?SpWWa{Of1dw2p25
zR}z>OfvM6cm}<%6lmGXBU>{t-jYh}%U<Kbj4QA<3ibi&T-^=g#{Fy5Yr%H6<Jwn|c
zlhV*nWr8!#fiX0-v`|r$%8%b#(LS+<N-2m;<f1bQ1Hb1VK5<}b_ev0T8l{-_;u!wn
z|NS>&8yC>1mBM3|7Z(>?UR=FfDHU@g77NF6*#+t0ZY0%>qEIRk-@Gk*g;Xx%Ms#I9
zzC<LJn9IpHSRcU8H-v=~DKg0oB9Vxz%L^{dNi30})+(uw@W%UfA8PemTi0BipL20_
zjpSY5%48C=9~Xi@;&<XqDwQF+66^>*N&lM(%#Mx@Qc_aL$jGpycPS|;iJhGt{(iAw
z!Fcx{q5o`%&yNwS4Sa}NddbnL2orxF7;e>^AMG+bJIluI*{^)u-omX;&B@*tvoo{o
z9A65*O|@X*uYvHztLBzpgZk!#<+UADe}n7xRuI!B{%+8o<7M-ZuU<J35E>wCid5D+
zD~R*4#xxR&+8AgnB&?tfBcRi2-|a`B<yLV@_;<g>Kc$ZKjdd!MoUsqc<z%}DcgF<I
zMd##u+2IiJhBL9^zmCAP2uvCBt35LO?1_p`#QvE*qgx^*2UFNRd_w!;G1uz@SU-8j
zv*#~poY?1PXBe9wtmvDXCDG-#_@!5Icz%scd`(kH9=+4MD3mfmu*pTI<Oe_DpZ@g|
z604_Csg>LuZxHA7fdA*8J|V7t5#{AJrAgs9JGo%%=t6PpI9KNfRHh}7o)kf7YzEPx
z9;7x;BQ=*z3-u?fdYFTi3F7_Sv9`7*AhDE<y$#a+Z29MZ`wbp(Wz3GZ6XffKx3?FL
zb`B)w*Kw&*Q6K4nfBqoigE=z8d~kAf!rsA$#=$jIN+}bKCAc{`VsGz4R8}LWH!`-S
z+VS^t#@fb~guGVaQIG#l0y8cyj^F?O_k8{J*Ov4y{qA?aV{&p53l=Q=)e%-bOh3=W
zXik4m2&-YjiiZgce@eFr{l<Stw^^`of92PL`T&QQ5Ae)v=TdadR8tm@-P2f@>BH)&
z9gQOkG?m8S5}C`{^);3GG1%GL;oud|%E}sHcJ}mc$%WNi<yI?J4vzGVH{)TSh|*-F
zJHelj^69^)`@2P8{z4KSSKXOu<mD@O7PgPb53nM(d<c#5jA)PNBsR}5(~^gKTp>jn
zfkapIF*o#v$8L%2UfeL+oXw-Je!$UPcm)6zEd!ihO9ej#fq8vER)`Z(krCK=M{^|8
zu+m$Cvy&^%FRY1bSYfw69~;*Qh9{?}&JE&)S0vj<`-FY>8|?k!=$)7(E!>@i!U{6{
z-0+XgVQqJnM7I}&r<E`~&`G4XJ)s#D40ILq^v9Ppj;=F5P{!}ScurCC0Asy%*#7t<
zIbF-N#CsE5Hb8fF2(Erf3{Omv7if)(e>S`8eb_&KOhH{Q<NftGTUk@t-a(M7Eh%L!
zj1Dwm`{ETj9rMWLvj0v3QxH^Ne)**(y-UCO&2NO?;Qg1yf&~i}ELgB$!6YHf;S~uj
z8vtA`w)4~~is6BJT%0@z3k%25`bR$b?lBFcTO97LGCMmX?4NLRxku=;XLKx!0FbWM
zVrA>h*i1X__6aC~u0&r#tLFYIZSrFgm<olA)-*T%>GK~*$jHXS=5u~;o4}b|L35%X
zjuFKaWd)JdJjqOZ5so3b!po8avl|d8lpG&yF*h|qdvh&G5gt5x@RYp9F(eA*yA{lR
zGJWl-tnDSx+Mf1>Bi=-~5|-OQl)D2F)eGG0&rx1fL{?@BPPUKu(Ic2Gvt57lgsdIi
zLw747Kf;aA%mU}%K7By*+zFDsaqJ%b8!tVAh>3~D;lVdJ1SPV(F@l4W7aJlq^L+(4
z24!;~QVDU^Cb{4f-y*~nSUAA$+yJEod1Ry~;Q0Jo?0qtrXiLZ1E}R3Y0=Y!Q{?-Pw
zeZ_q8+1GgcMG_Yo%JUz;#v`X2xm^C=N??BS$tQgE)mI-)Uwr;4zy0lR@6soqekSDq
zN$JZk_|#nQ%dgCTfBy-ee(~j>VdFDlrS<operisi|J={d-sXSCr{*%Be)c(Ee^Boe
zbKV!fzAYh6^R>-?T`X9zV8Ma~3l@wF6bACl-kp~2ZW7!d<D1^djY7)#=^1Bdr?iyD
z;1*rTm0XL_DC`_A{1(}yJSFI>f8c>vBE19M1bbOy7g@*EZYQ=cVo;c1Fe8xft%6zD
zJO8gCFf9U8j`VB^zvtiM;1xt%Y%I~C{(SxQk2K7mvD=@=(}z!ZW$#YU!YQK70UYeD
zc=7xNWgRPsPnJpW4`XWk3Yk=l=<<x(G*|3ni#V04kqH9xfD9jN>docbvV-yR4ad&P
zjqderLY=ILtY2cbCYdLWzLZrpQ&k$rQ;$%#_O}SMv8QYGN_ZDhZkQ`JJ~2dk+2S7Y
zhU3jK93Fl_Y(WJL^>vixXOLUm#Ky(|_D()*OLffm7GN8a%ZXHrR;#8l)(!9ICR&pH
z2`=iQCdC&!H-AbSI;qO?$0;C_@#Yk4>>@Z*YK8X{El+jR)|kO3Upyfrzn12v2J+LB
zC~KcZDr{zC5tv_m@fA<4yhu$;C;i>;6QjKC`09(#KV0!Mm;1u}SEzIE^Lugm<#&&9
zadqUIuO1N)9E0og@6Bc2mlMS1ovpii_iTO6HxKLx3k)J4Ab?<R8@@E>o0D+<^UuHJ
zg<Sxlo(^~g1mWrY!YpV%zpED+62y~lKIilMZCV7T1q&7|Sg>H>zcpIvF*W%q#Ky*v
zoRQ1+xf~P1&l!ZYyU<U=z#Mw+W73Fe%1<RLJB!rBc;YfjSv^;y7jIKu(u2kbqU}jy
zqv9Bt-}<j0Ff9U8u2wNx5zUW}yjVKDMl8BPCOIX;%?exJ5=58t*nIZ?<7?{xcCOTD
zr3VDtf5$(4_L#|i3ChbYl0BaD+%=l^{!s=xt8skvfS96oZWJn{?*wLw#|tVtH#u5p
z=bL~0-+1U-h*)`ox78EE8y4tE_U3_gI735yL_0s@^T&=%FV5p@Wlj6a6&S>%1lki<
zH^#~GAkQB>BBip4crR<5d{fNzdWdszAug+f)5Bq&JbX+^+bpyFrF{CEugR!vWw5If
zs~;Ya)3riVtOtQP4J7!#;H7^SgZ-U&S$)fQ&qJ7-YUj!K4@fI%XP~`=m)~1a-_=8q
z^>>72lruKaf}g`HO8OTqE12)nr=NX^Ph2O`gIP)nvnePnB01QJM~@!y?Adc3Km3*_
z&tG9}^^ynQePb4NU-J0bOY`Sf=FeaA`Ilyq`1z+ia!X`<VG5@gt`xs%BIMO0zWU}N
zR@T<McxFES>Kh(D`ce2T@RLX12_o}Lvxxov(G%f!xQ`!v#kVh$Sf8GvrnrEjSP!Ah
z^Osh<dijEf4<F(dlt*!VF!e*T^wq}m<mn53{NZiAWOkNjaQ*goeDm;`V9)HgS#16#
z0`uL@g&K`;{c5zjKVJ4$*sbtS#%K_B-$SEOo0FDbg|G|ZU-$P-CZqoT4ypIg3Gw|k
zG3a%u)fyr8yZE&_gdJWDM*cG(?0WepZV+KI7|;rR#ow@=;M=e6Cxf}H(P;YRIi(ZE
z0kuYpi9ZdYzOZBGU-)}Rt#HkuQLEA2%||18{r&lF&<i_W3Ul*r{-`w=|KRnayYHJ|
z<5p<n524p8g?H&HHMiVHkMu^wjYNj=!+U_RGcdo1Uav#*?!Kbc>Hh;J_AN4r7>P`U
ziTkMKQbgvMwYSE5ef>Av(8OdEuK8bWUAQm*2mB`X{(blF5DOMeXp{<s|Jy5+Kbyyf
zTP+&x?Z@k>6e!JgWwN(*RTu<isz;^LA{-iSg^fBjI{kkIfoTz#N~M^NvMkcd`jE)w
z$Ye5PN+m1ZZ-`CG;_&8*nxrr?3fmAVROa#$ddt&^O(@_*q7Ys$vbQuwTv!PH0YL->
z1Q40=hOMJ3!B2BSCOW0DAcOvy1C%%W<R%1D*}sfRaZYhs5;bEx9L@I$t4?9z;UuRd
z5$x_w*Z3%<S=r3)i_vPuG?!#jH?)LYA*HV}m4w%&EX|IR7!*WsNHF2iIm~UHBfj3H
zFe#X@q&fyWiumqFTY|!)2?_KgrKrj5w~W#1T#CEqS?aGPB*34L&?r)qqj7VOW^#6$
zvGy{8`~nCF2qvYlmGc`3t7FYXhnZsx^e6dsIXkDK55~eGF#Qtyk?#$X78g!*R2Xjd
zKJ+cEv9UN$cVji9W1|d>&(c+sftOzrqmz>ijn2|jlgY!ce$OXgJ|MDW2&G0&$D0}k
z`^U)kcA~gxkcpvwW~Ro3vF=@5WqWynqDWieaoPtqK6H#sGSD}|^k5Ax9+|97n(elB
z(pnfnP)a%LtMkk(@31yeM|gS*eZ}$Aj&2~oIc9unf#s2UoLw{7T%07_)ra<>Npt(d
zO!n4d`{)b4`0~#am`2Sxc`5P4C8m&;l1Nl+JPln-XifYa?FCh(rJN}B{HZLomJt;h
zLwZ^Yk&zJ;RgWUm82F>8Pbe!W=18IEuf^JQCrxAPd@Q{4l~GC>M$w!2D`8@LwukuG
zSP~LqiHdpqH=4|<9)_FBsO#L|KLbY#9TZfxqchyHI={$`*2FI%T5TsMw+$_S8lsgy
zt=`#uJ7qOf{4y#gx;t3i74yfC9j}rV6Ha1M3UM)!WR}#iaV+N7Vv-&6Ccl=WYb}2^
z>N84n6NyPkCM6-Bu-G)_cF)jB&!{eW!=coG00t&n${3%&;AVG#sK_W%($a`A|II9|
z<5F?o2d!+64D-2x)g#`cS6oq@7)`_E4nN1p>GmY?A>jo0`Qa0u#K7DM0BZ386*(#R
zc=_P%6+m`*Ga|JC^dc$?N?5+S<&R<1%4p6>ASOPU)Z_#rW0Ghe+D6Z>!>E(8xU`Cn
zKM$?si2A}Lf`UQ`^ba7fX&9Lf(5skeFDJ-9kU(!ALgI6o+r9!|W4xJ;@m2m7NY0ih
zt!O~{3mu@mI%R(22%}L>Q)wY{ha&#A{2BLM3l=Q={R>Qsz<etJC5W!Cxfb2r*){(a
zUITJ{eT7)^_WYIkya>rV!FVIOHlMq``z#UPaCLRb(a{mdr)TD45#o2Yg)$Pc(8kS;
z*lb@c*cIJ~h4W@R!m&gwyh_9z--YlJ){AqqookU$Pb@b3^wtm2+p;$w_#iT$6LV><
zcY1ne{%dYSEP2=7rEqSdBOm9eJa(@nf=zRrNQC+#;n*Cfkbib|VQ%l*e0+iEUH<vm
zDJSOizK+=3_T|MnC#R=eUW<gj`Cu$8E10pJ+{#awo)}|dtcOVdShg?sDNhTfW#NqD
z^(lHr=8#;jv2uFA>CP-&g9|9mw+MHB$Zvo52~T}9**ROs%gUF*@h!RwayXY?GuG3^
z>fRN*!%ggq_NYh=<mnGz^XccG<5Mswe2LN3KES0yL|JY-D<cz(3=A^c`-cAY1762^
z;1O5M{^l5od4tT=q|-dH!d!1LPi#Ht-8!Tquani05jxtsxiYuW)iHqh`ikm!2Y&zQ
z7k`$(yp?a@U~Nb3z%;Y7(+qc%^5VHY<Ht&b-zC6L?-i79;^pSfszixWVLorXTh;u?
zy9n=77v_d{N-eW9GmQ4tWB=?W)zgOn=(K8-D$QM6M$@|$PtgjVt}d)eZ~w6WZ|f>m
z=zn_Grmza6GUw?&SdGxCm8jGjx@(e&t{TF`&)M#JgHu!$w}PR!Hk4?zdH`-eTzxPZ
z?%pwXt9jo(A4Pn=&*a1y6*(b%WfRWe=s0s52ef8-5S2QDTCKYGZKz(S73|&KcTjj2
zo6%?z&g+Dedci+oWlD%!crPYel@hh~_QRU*V%Kv2o7$i9B&Tak%q^i39TVc@M&GUq
zKIj9j+1{NGCbJJ(Ez+Y!Mut`}+}XR|uJQJ597=8t_XAO#Ei*D`uJ`UecjoaE{P?hx
zR-?M}ZKo?9PoEl0CgTV1^%LgfT`X$l+qN&M&PZio>f+tJ(4bVQF>;@?sWxow1L+^1
zVSKcY{CGbexF>NcGrVj2tv~PQB6sui&X#l;A1i+r4>j+~YZ3A>AoSI(;e+==n&T7R
z@oMBA@-5sPZK)X?XL@=<xc}Hk6mhh@N}!_;D<a;Zr!LNks`h>MCJV6f2xW3+mQl0c
z0XEM`?O5YO)Yl6<{m1{otAuJa1_VwPoB7@U`G1nwGKK#3!*^I3xmBK%AM8j%Q7_v&
zo3xk4^3pYmE3J%@P)}?<(wSe{U}bKUV5_G@XAfX9o#E@|LjQ@DKZag*LWI>z3R}jQ
zF~`_ek<2qIFP6mbuBUf>YT_q<ggL3v0iX~q6W|-k)%!VRGThBY{oB6%h3jFYFqS9o
zi7ajIurl6?>(l4-FI}-eRnB8OZyE;|+1gm8HaC(-jxiid^-R{skzCQuuR*WX+?(G9
z;T^cQC<Px(+`kS~9Im$G<Q>7KfqNL<UGF*}-^9UC0}i2uNR`*b__@-ta)59zyZykX
zUVHDJV-Qx<4QSQcd+%H|_tD*TU_jsx-m~<=eN>H5U%4f`2XO738rGR@7!evam$`qP
zoAd7G{ZH>sHlkJu_s)B(MvAxhH6wpJELgB$5tx65@DS3+@}&3A-#>T%^ZoQQAuFVJ
z$FdKOe@*(CpTAI6XhV2>b#u0l>Xu=y6{?@t|J6yT^9wOr1g3vdKho6}yc}Qf>XkX!
z1hcq0ipR4rX<WZ#W3rvHHw`SU%y1yPW`DYe;*w@IR%ZzJc*^g7`x}06j$`d$5vy<P
z>7UqPpuCuC=?Tr{WwiFqurl7k>e?`#k3Thw%dhzS^DhXgoI`fD$(xc=CRbOe$mw8x
zbX*Xa^TRdFo}Lry`IzT^>FjKclax2aLTv`^6HAOX#PhGeeMs%<8LedltPYPcI5^7X
z(GsNv70j=!P?_q%C!c-(X9~<UVRyA{)h)tfoAM1@Y+unjIYmZB8RrTU7%nKwtm0C<
zjjQ!TJOV=q^7kPmp@P$sO)|n$%`s>JEj{H~w2kip_o)hTBcbcy-OK0IB>KG~qicz?
z%^@O!{PFbhrJ#NijpT%ivRvXKBFM{6!qvlv4aqG($H<PkuOox~2r}1?$g1XAd&^K!
zx-btyyuArdEayt4Wp}uqAoJ(&uy9<ge<Y@El#j8~RgP<1EppKbMTrq+yMcHI$1%FL
zLtRNa9gC*`%rxgy+P}=!WGfNA{saa1k@&hAncf8aOc)9=&$j3Coo60$^YN|0z)-#?
zKRk6LG$IJUz(_VOl*liZNs0=>%j|1ZdNpFzPjR2F43ZKPOIUCSZ_4^<HusIczYhU1
z*{q2)Z1z==7!yjQ*=J98KiVhPFrs6qF&|$~FTA}y$!niMqt!CgT1r?@5I(*>ln<@4
zHPcCEQ3Lgb@qGGk|Bg#S9oLdm3KK%{_VU0tIGoY_Yxbr(NsNspBq)-`{9Ljs`!VQM
zjJD+C=j(?@Km-Hx=g5wi$&C#sG}sTn*c?``)x76=xt;W~0c5AkWMn6k7$1bUn+tC`
z=P+^0WKRXYKA!lS?G<&-v(z4scVIK3%`OsiThRgXt943q8qu1xbk)4Z%gdMW=m;Df
zeHdRABRQNRHaq}Nb3bO5^`X=ndC%#16App7NZyXatq$e+GJ#f)XrDV~d$^WBA8&JC
z`H)vRf?B8Jc)6EgKVN+PeaNV2MSQV{k9{DUXKGga%ZZ3C;Y=){vmnLnvk$(Jsmz^9
zSRZIG#}-4NcPKNfSKLFfg{QMKyV_e}Zrm(&@uNc&D@zLmIJz@)q7ojR)o5gtM><m3
zxzF}!K3>tUxfT4@(h%*2YgRuWBEOu)?!gy)|IC~DQzf9MDanO@|M%aK*3eIDMGp1T
zdjM<?){s$DNs{YxQcHU|7s=2nj_GLW<#4SZhnH3i?#Ki&XVBkrG*N-IgCEE86Z~8q
z=|9%+$Iwd;32|^`>QaaijdTTjn^z2;YT2G@CCI}aUvD=O%Q}&%6bv_&5b7U{ucr?U
zT|K<X4davFynSt09}2mc>eq>Q`vnpd>_<Ri8B5dsq{hbm{CbGZW>ci5DcPG(t>f6-
zJ43BiGuz+B;?5yOK`%+IokpY63j$0nIUwBjDRrYe!rlf+Z@T#77&uuUB_<$%Ab&ri
z(@K%4Z>Y%2Bq}0?fIx4ve}!D=Ovn!ANDVfB4hkX2(^lAd{>H!^(&GgZLIUyj@+KrE
zlkKB55?o*MFQ5NNVMC9(4QuQ@0|^Q6#$T`r%ClASVnXrv^ClvzmUEem#`Hvz(xT1&
zyhfxl0H6^cQJx$`ba)s6-ku~E)S}R7Ss!oy;GR{3%4lSFp_kwQF9LjhNG|E*;&L4?
zS5J17dX{_3h=_g7@$n{=SyA`~2jlG>CS2!w^#yNoqVV(&Ak>_nU08)&r>3|1H35Ea
z<Bni<?+WS3JQ?v31en_l4lCe9q``s(3x6&af%%_Rz?jp2Du0BP%DdIpKgY(e$`g|1
z5!uupF6Qca_24r;`{Fa6yb5M+x*vzH{+*EAc6Qe17#NshbGD1ziWc^E*XZt<W_!L5
zhlgMC>8HQvORFH3&M#>zZeU?*oi|Y-46p4m)8Eg+$|hZ<<xEfZ;PmZp`Si=LgpGKt
z{ZiQ2Ibf*2kL~S6;$zBK8l7Z#V1%)TWYTMUS)CtYeCYtm;V=oW2brr(qi$>i`Na<1
z9m5>#%@ZD4%=*+A$#I#i@9)yrG03jjUX<e_p{+khU>a1Lxc>N%;P@mmQd0=`v*T&t
zYmRrv@URQzNMZuRkvTt>L(w))R^O9U-pA454mly-q}O#*7VAe$$s}6sAwkYgOz!=B
z{2C%0c;*pCW@aWCi4pv0=StVqEQ#*6<TZ`4G2exQm4i8Nf*`9$#N>9cvu*al)%_0$
z%v%O3OQ`OdXJ@e&>&K1^?un`Nu_h?DnS=dhqFr2Q?jIu1#g4k6W%jq0h;aRps6Qky
zyUTG;tl?;Lmb`*SwvTto@N&ejXo!jWG+a|!Fln!e@$#U1**q@wr8EsMn%nQe+Uf<v
z$4dSX^POga=~aMSkHA2V7cX4X+1%TwG&PWdwqeR*Jcuc1WoK)KXisbMdRBPP-c+4=
zE?H64J4RzcEKYvuEN^d7mh6X5N&`d1F+6n+WqJ3Ixvm0SoI@CWyBcEc&+x()8`B-Q
zySmUfy-37^A4#q3XKtd0lJ+UaJM-|3dCk%8BCgL~(Kvg+NJT7e!G&yW?=jMtgF`?9
zJuL-%@wGh-qf4xJrQqdX%JFg^wzi%OE^IJZmx7&d91WSVJbM<z^vV)d6%`C`iFwcY
zcn<E~Wr+5NuzPGr$IKS%la;sxq;R}Dh_j6cEoNJLOCzM^zM;D^8vn3%E@tv@b<ITw
zNKU2+4b5hMwGAs9KgQPf*_>&`?x{UvGuz|_IFMY?!}jVhuCHEFGjn)PU^)fma<?dM
zQc|AcOKwFW?hbY|jxDpbGKIU1D^)#%BzQYe(!IdZ-aL7!$;>ZL6KHQod~7&=J{~OW
zp0U(djE!p)vl~0q=Y-)Jo=ZnvCSN{qr+s`8x$2gCD7SI4`H_&s6f!f@337A9JE@7Q
z(;fUDekzEHpg?m9^5*+5zNdcRfc@!0zJ2_PjLb|jGZJ|9y)|z}kN6Pj*(7e>zT_u(
zlT<N>;bw+lcYiWdqR4C<Vy-O@yQnwZ>Xc*!dr{o8$ogy-kwIR#d%F`JlSEDL68och
zIN2p4HFAeRv4+h{C&qU-3G#4Z;1>j@L4HQW%Wv_CNf)m9xKKA<1SGR}xQvgTGv($!
z-Cv&})YpZ|mU^rlUJ+Z-&*EqcbuH~|Y>eRU=*7yZh=rCktlg7X+uLWTCXpW=hcePv
z%~xMqfAo6rh^yuDV2-@xDBN7V@DB<jv#6Tmt4oqx?P*(;@)Nf-W&4rWHpysn8p&_E
z`QvDr?XRJ#dy<3oQ5<ca)4j4mT!0NB=?&~3?hxzcOzHFvWpN%vWWCKhpgP%`#~%tz
zgPP)SSE7qM+1cHqBHjm|%m&8l3V7z8!0zz@QGU+|NULXmU$9BZ#5QltHvN-o+1^?p
z&d-H}vS#AkZLto>WM=gcg9!ok`5InNzNf5jiNnnWqRstVGO$2T!w2^)8ykk#mWgn4
zCa-Inqumv9GqV|4oFTx~ncTuOJVRp`*|<Qm-A{386<bFK<odrd$2!PTV;VNW8EhOJ
z&{Y(HwSO$LLsi&0_%Xh*Lr+;OP7y^k<oWQ*If%KHCF*i3**uW)x5a`53l@QCNkU&)
z`s;5lFolhD9zC<e%gLJWzW!3k`|i8PI6K?({a2s!?GI1!3ymZuHX3((E50*-_6ZIp
zE;bSmM{B+jc5D5TFTQzzv!@T9F7CKHyYT$s54>`4BidXqGSrvnPoCrKXwQSMzTnGu
zZGZjEcQ|+i5ET<gfQK`W9zMs_(HRGO2kadkC~O_2v!<Nd&QY%S2e7ksz{%<v)()=t
z`-c)86@!<XJwKRza(8j!!FP{v^$9S?8%=<x6W{*@yU6Ml8@Ru;roMlMg@t+A%j0-q
z7suiLFdjDHoJs)GA;G@U9E!H^a&cx!tP>ttTpTLIBdwCv>1N#g<Cz+&z%#f2)kikU
zs1J3*IktqsfquGsdYRie<Z@>U>)(EkS6CbgaZ%XW+0i`EM}Sul3#VF)>K#0sU0MH_
zz%=O?Yb_@{IFh)SP#!*b#lVh;sz47~wpC{Tq!fg@QdU@igP$MQIs-<dp5E#>A}a=X
z@1gAGgze)i0QP#yaf++q{BVWjNVDCzSX`fck7wZ+>XT_)UBj85XvZZmg)60!k%mG-
z!=s6h4duHB-_y1w=MORWR$zMO-wDj#Y%ju-MuZJqhFeO=tE|EQ;UnyQBS=h$!^7zn
zIqmbjXJfnqr;q~S@wB>JZ@#f{BR(OX5MO8fV~Xj_jwZTdOnB^6FFU~di5K}<!T5R<
z3y+o>^(rb7+$rs!W2UWwkl+vk0s_gd9Au(B7w^bCv>Fi+j;>6fsA-I{p`>w5@b6Z(
zj<2gT1(g|i##f@b)pI_UiKkB?Q_aPE`T0|#;}VDp^~J$AjQNE{^5Y^24iCdOD30;9
zE8cTvuIK7ehG@43XX{wRdLug7n%S3BmWN;C;+la*ZxkMpzBoQ&t|<oZkT%X|a?Smp
zkKvt=3J%L<p(hm&*MfKPi788nrL%Js_piRjB`}(V_!u0lpYvvH_nyFX49r7j1OfdO
zDW0~ZWkq8bkc|A+Ahewl<Bnfi22NIf?8x-OCOhXxhg==4;s4@WVZ$$L=Ro9o6MYpS
zeDTbIxcCGj13mB#Or)YBg~05#k8fzC*uvHR1x1Y=^!N7A*FVnbwF33|Dgjou)DJJR
zw6w(X(i}<N_EdKrus>PIGY2nv1_tTv?qOnX6P3=uhe%E*aP$mkd9f2;zZg2pqVdme
zqPH%C#F{a5R~vXZ`ZG4wi>H4C3wvkgvKw4nU9hpS%s^`yR(1h2yh+2sHh^O-fC+_6
zhWvbrS60p}pC1tD;lj|_Eq@HX{DiPqPe`lmWT3x~-hm-D&&0@gI&u6lm}_ALQO{6$
z1PLXL^t4wJ78poqkiWT3KR41X!u;b=8cp<NyAz&1BFt^=(I{><;pXyXIEQ`gdT_xv
zFpasbP0p`xINaN2exjc!KWh@J+lg|tp?>}n0F6S1N+qQ{+J%CSX~vq<NU7-k#f^j3
zhUy6miy|Q|k_SJ0OT*kUv3`!UEF1~<#hNfrQW^#b^RcF9Pb}n}t+in98P2r<0h8vO
zpyv+s?Q4X``Y&c1uyRUeeYgde&?0oVQlfku1e?aUHpAcA>?hRg39meZh>wrO%gKSn
z+)~1Q-6@|qz4y}u#lZsMZUOA7gt<#Yupfa1157p--`%r*c>I)xfi}Es{5TZmxPhC~
zLoQBMak2THhY!Ezp;szbIur7}8PcL7h>4HK-}y(vGJ2?s^C7%?QFs*mdS?(nzgW7e
zV$FSGMO;DxQ9+(OcTHkueuRv;C<23m2?~p4;Yh-N87x?^2uzE>v?R-WFu(rlYrgvW
z>-%};&tD72Uz&yBw`S4#t+~wm&)<CT`F;A@Tt`Un^M$|Pe)k>Ueq+x2@+X`3+j(p2
zJHC0}{<|`tef0zW38hR<%`h`HL0OV7-+lG@yE;NWv+ZwxvM1CR+7Rpse*6Uj^H#o&
zlcO7J;#=W;P}-X%++AInT^zv8+KY`#HTz=~*jW2<D&ED(>H&ovt7vs{>XLm4$!|w3
zza%ZfiI*=QQ#g8v>gs^S^&^b;9+7n=rg0sePS{OV_|2sDVvE36kEt46M|81EX-*2`
zQ~d-cWw9#-)El@vxv(MCa<aX|&Z(3;RQq_kyr5=ci{teX?4MfEyKzZPuou0@T6ilk
zgB+=;@5I%{mci94)UpdQ178weJ;Hm|Cu?~XoXeF`O>apwzS+%mRz~5SQp)A!F?j*D
zIHz}mQB6^VGgj74WH(G;Q0@_E^@945Z4Ot4v3vTEmQ69I+l%a+NPaFbJ97BeJ?~Cn
zc4xa0o;(J?Xln_DwH;)5+mKp6!nNpvuBr@LXEu1x>To%pN#z)TzKVF<Li0GjzG0!W
zlA`iaMv9_%;g!s(Ov~BI+xK>P(p;az3+rIEE@g<17w~qprfy_{+OitvcF)-yt>D!I
zAF7KJ@rlYqtGy!F+*kcOQhKvJ@k(h#tWdEvUdIb3e=4do3CwB209=e_;^tMt&PXFK
z?0i`|y5w-RkG!JSba!-6-7(Jj#UZ(YF9?X~;XP-g8MwHYBHHc3$vO_nEy82j!2!wa
zEY@K4%#Wp08S;}=lGAc%DUZT0w2kwrT<jeak!UnbR3+jPkj3s?70+G<v2(3Jax#mD
ztrNo&tHe7#C9i81(e*JExpDNbo!%3eR^BNbh-6%!AJJKs!qcaojE%Qp^W2`voh#&`
zUHt7|l3CqEfYo!_m(S72kI9XRU~Fy#-&Y>=kI$0jX+?U&v>?zOyp!0w5V1Z~Pr>UZ
z>Z_88su%*3mW}x(&ZOFV0@K~mi6xO*xE6G}TTCWU9WUZ%@6O_t0fXUf(oh}kL}kZ5
z+hh5-hh?JG>4Z93*(Hl}>!|b}u3%1J=Muo7Tt>dvGyd(1=X9+f(^sEj_GJ)E1{zWW
zd2Ve(YDq6*(E)+hR@97bqc;0+y+4QjvsbhXO%dT`MMBj8GMSkAj3B}S-Eoe5jZ}Ar
zuag6<YnRBR5@GjQnM%v?&Kmm{vU`unhT1tXxT`|<)?b~lD=C`OajYKO)3b4oN^(q6
zfD;*SDygflXL;|G<)I3`d+Npb`XWJ|L7Z#!%v4A4!ZVu-iIlmPG=BIogzolIypk(^
zem!(mQC!$UeykT!84X-X)u<I$lqNY6THHcsK{#%HsT^EMS!k;wGB6Ow7f#F`ikWCg
zAgZ7qiByJIY>rE=M0S0^%H{!j(@z^TWqUuNuyv7>ty$b&{y^2l0x`bMv@e~!yVrS;
z);>#CpaV(eqo{Q%2FoJ&(IX6z0R;3iQk-6p-ZF<$C8M_>0=w86_QspB_Rc_}6cOd^
zc+X~f$2{3V4#XC9b0xl{x2%BLrUAnIU1(XC@FAMhRlJ@)q-pUKtvUWQ7h56<stB{O
zy1QrDKYvQY$N-+N9B4O})5$I<NKd4FY8)Ro8-`a`N%DC~TEh?>sZl)h&F4&XMrFJg
ze(`;bmPB9^QOLDS#_*eHp8Li!+MUO9yBM}luGpIGCAqAf@t#^5x+b_h-66&IA*qc+
z9Pe$ge=fs<1q&8|X%U!~^!Fq%|DKXr$bQd@SJqg+e9m`fQTgScZ|l!k!Q3RoFNke9
z2pDci2=t|Sa)pX0AG~}52n+PU-YtO(=>Y+5FLCkkCpaV!H-~VR4y9l+G1HL6m*4wx
zrZsXjT7;WV5(<8zDItiA?p^L-)Uwc1fS0!y!2v!*q!)3vzd-!!QugJ5_K?uPa1PZf
zY7%^jsG8#ry^M-9Up)NG{)I>3YWs}T=6)(;A{jo{0dlHRBIuqvWUes}Z#Pdu!~A*v
z;0rQ4W_ge5Y72i)cf5T4aCG;kXZ?)**#<n^oC%4HCCJMWJKsn)q$Z9h%X#q1gT*5a
z7^D=1dgJCENMyJ_PriRl?we6+v!h9CSpn{|*k6ikToo!K0z>7|B)wS#V5+N{>aJ-H
zS2_vsaU&==fPmm|RzDEbd(%zC=hmVE<mcO@`gsr(8iI#&ARSXDOch08Wp7JxP`Ei(
zJ6_k1AXkWZlO2b<X8^vQ9)xALB9cjI%!<duD}Z2sPomT7nd+?~JhcpyQAcrv6E0!Z
z9PKR;?(d7QpFeIMzEqEGvDE*D<kAidz}0Li0YQ~$R5w&*2H@czM3A=|g)KwuEezoA
z>`7QegxNoD+Qv^1cvmkdv<~t92mxV*$n<cl*dZ<=6Ny$reL({D9svZI<4dd@U~S+v
z;j!&#Bx}UGI^rK3g0F`Y{*lFKbz;i0qHyzmD}Wq%WaY`iu7ur*DtvuB2oCZiI5vZQ
zv5NOxF7)B>^a<X9!T5W-;~x}9|J)8borZzJWISEn@$>Q|BBh*biImyaOgue3&Hi{2
zl~#)AVx36uST@gY5p4|MVs3kMd7b=FU$d=XJe~Zh?_Fi0t$^&NNia%@@v^6K=9D{>
zyMzRUu`Si}A?mYrqI^SHzcGTqEzOxhGz}iIKUG0!(i;r#O&pHk<mAJ)j63A#vjhc2
zb76p$jtpLTW+T=a7;DZYqkaqk)m{hRfB%e;O(`a$mig`yoL$`r4hzTM%Y~S{Ms8HM
zT&xcf7376aU?6tS9`e<vU*iy1g3@qFoU;v1o_+)e1>)!9P0jEeP1(U@3vD2vm!Fd0
z8^F|wjt?;z)b!Qo<Lu&1kiREh(WRW6pHQ0<g{yBc!2#X`XVoE+pONBjMQBMM7pL1~
zB}CyL6hW}3E#E$mWVEk=_}6tGy&l>|54hNzB-Yze80U~6KRi8ySvVG<mRwLCAB2~W
zFWyeJ!Yir1eB!{&k(8yrTpqu&Cnz|Wz(9ZE(_2^^D90|e7}+fd7*urUMd9r1OH@P<
zFCRZ9F}0rbxCr{z&+qPa+5LN5uJjY?<VZ+(C=SoR!6`fiiQ%p%IGk_8*UKG$e_y=3
z{g^rwqdc6)&C!9^C7q<ke$3_&VQwyhO;5L2W;PGWiwvN9N5Y3FPuB>4`3<fCk%R_#
z;1`p@@zoi{;Xe27Sy?6HOm&xG@8(NbpeKQ;6`Wu15fK>5j?#!|wF^(@Al{S|;^^W|
zSa>A<o{l{BNMUYyj@<Y_0>i@zbaTYPJCZZmH3i9Gc=-k6>*q^h|0;(IErfbF5gHbP
zr<WI#Tc`9EhEm)y!+&}#Sg;68i@>xbi@=PGjO3sH`JV-m`FE9m_d9;~KK+$#|KmUY
zBV%J@{6S25Bw`8r4|bQ7OT;L(dQ>uzu=Dc8l?c&|9HYsA<mQ^|t4ofL4!IObg_TIj
z={EU{y>(Dy-?9b@3^3^6?rwv-Gr-_BxLa^{m%%N#yW8OI?t{C#ySu&o&OPVe^XmQc
zQk7I{W$(4RS9W%~zwZ7T#it(w$q-`V-~>kAYG7EtqyTl#;$7SYpbTOK8k-)0HEdCI
z<NHOcrq2Y99q4Yrv_7MSE^e~;5)zfKD#67oaPS5yJelWKQ{<K^MXvzgZkKY?O9bx_
z8yPr;9U3auPV-JKb0$h*Chq9ex3!Jlowan-Aq&=GS2Hcn$jE?iW6##f$Y%ysh7HU|
z25RLipcI}BTHS`;j?ytqP9m>U$By<(B=BqrG+97#-ehkK6{~;%XB+UT(nM-@9w0P5
zXR;}N+UuL*_dEK_>C-uheJPnsucU}7ZjNML!7k<@Gb1LNgz{DthOy493>}yUusJCl
z)8Zlg%q%h$i$E;dvi*bhT{IGbRN=k~)gaL#Fl58l<~Z2PgapaTpld<?E-`OQ<i8{6
z7GOXg3e>Qh0DG>TrL{`oiUGS<jwtCUq|J%U*GpWs6ZDi**qU(T%iU@C^sLmtb+i2p
zLLvt@uVC#$kt+7&<Uc_yEYm^UpQ1}0THjULEw%n0k7yB1wqS;}u%`rGw+ZkvC-aMu
z#{-zWo6Cx!r{|%PO+FbI7@K2<FI))cOVKkj@g1#fv}n};9*<GO5ly$ZN9bX~6nr++
z7=zF<&;*>Ei@juhQpbo?;vpHCI{6DH)1?^xpGOpXKLc6XDPE4)UG==y)2!idProH<
z`%760eKvL(OKs%0q<}gDXVoDU*Z!iiA~uE0-LxSW{>)Pu2~rV@JPZFw69pm9mmCE%
zr^?!T8MR$ajAJOvtK2seSgB9peee7aNb+3#D|uC(s0|~bbNIId`xL@Ny4oqH)W_cO
zKddh=LV8k8Bc^elaCjmWm%!hzo)Yj<rQ9Hu3uEj&UToxO=X(K#H|cbh<ZyBeU&F$E
z$B+8i?vH(zLJsT!3}mlI_r$1`&)ILAhg)0N)8ntFBjk6-%hLjF2Pupbaw)iYCXd<^
z6{<E-hsDj6wtM*F4Jc{rzjq!OnChi)sD{KdbhPcg?FZ)z(NmSf#cZFpbWM>DLiSEF
zcKgtJHr^k@NY9|@I{8GJhr-EWK2qO1TRO$Q|N8JB2QX9>uBA=VjUTc-QlZUcLdEfY
zQ5WbsxZ6v?OBHrYP;vgu8fcIhuaFxUIA#tp5gc$xw98JG3VaS@8mh8YpiT^BkmnZQ
z7k47txw}b=oQ76p3CB*)Dk5hGs%@AL%Tgvdz*5;(<=06kXm;4~hciwFUAMHOz(?1Y
z?Q;&R;C|Erdi?*xy-;-3R#;id;Nj`HNg;i5cJ?L>x?K@J7rxDJC~kAwd#Xu+C18EU
z*BSXt5QFse#r_h4#~X^?<U5Bnt2Y%qZMOGuj5M15VfLAF!F`o{^Gndz9bx74NOwuR
z<dd05*4F~mOyP2p`f>E(6Ig?K<C_@mA1T;%E?8IP6Rb;PbyfI6*OmQ)O3>K*(qC}k
zWMl=I<j1eO@(jmKrP+>W-%DW3=g0mlkIYq#ur}cZu`1rv{o9L=>IS|-T(XF;3_dLE
zHHh6r|7G5>FZ4R!uOsp~bGUOJcIN^h0oo-V48Y56m1pi*w(rMeS$^kQeqrsm*dNrd
zqn(@g?^Q&s`}3IlL8<)|11N-<14q5gMS@<FC^!ET690z_$=4M^scJEQ_W1j;59-J5
zQ<G>}3~?MaQ`*y(ci5W>^AV!@Q{S3}axd+!FUR*3rZ@V^F4s$xcctce+Gb42=@Z$v
z24-Bul&4jF790gybnQ+Zm4x9yjOs3aR|qZSJYP^ST)#moD7K5_fJ0e|ySF(MqxV&p
z{$DZqe+fVYG5hcA^zz>tga6=~pZrioV)@%!Tfb*#mE`2)zK_Ix6c}Z3_P+h1P1OG<
zs`Nj(?EX-ra0koFIEFP(lafhBlD%&=<@%bSB=`Ru0Ww&{jp#>iLd*Z}lz$ttplsj&
zO!Cic|LHRD-)HxLc-lcL$HU0{?|Ps&|5QfPkAR;4WYhoGLPj83Df9mw_^<2l|IgA=
zv7;FNV6pFqs5QR7#uQV}Ozr;~)kfEopshT^uhjj2B`|it!4lWHt7li#Ssh;5!Q@0;
z_Wfp0-f8G;@7GsnS#U7PNs6+gr}21j;-A=}5yeos8TK94RGfEAX42ln`PT0VwXUvl
z_~ryNFI_qbE1A0!oumO~tP2dDXM~cwG>n{*5``#TNK%DJsv}IVzr@J&73>R<$f%nV
zI~DE+^~x#Q%gG7~o^L}F{uzGWOzP8VzM)r6^f`dtm(B&+vJ`I}5}ZArzk*E#YpTX!
zfB>4Am)G<Sw-Iv?J6#K4QXlrL1cJW;R7bWaz@a;Wr#n3sDxKamfq(H_qN<)O?dUX$
zTW#R}v+tnVju1GRQkjVd(JvoS(f0RuB*fi#uWFMLKC^xjv>2)npu%r<TtwO+{M;yQ
zKgC?3VNR-+Gw;-<p<Y@NsYKKuMQ1hnj}LX4C80{D?Bp&`i`4|Fps6IqQnp2m6_Mx0
zj#B_!Ui`6M%hrp2ct*M51V&TIJgw186NEBQlv2D<aU(+7pt6lebMi6UOL#7w+0oN>
zR08Lc_8?upi?R-Ylc*go`bWsVCA_ImX-#C7yF<HYq9^{L1;9p2GRWIS4{<Bs<8Rdj
zuk}^Xgrjj;n~-7z#M-#eihv6%&5HKD{38ErclY%KOZ=>3=seFv<BPrhqyF<AF4-lM
z`I1JOiHk`vxxD-WMov-|3pew`MN6PoVxV*^Bv`{y#%_R)*bDS82vbiw8JP)t`YtFT
zhsM7CC-h=Y+KqhV3e+7GG0R0hDpOOl``<stuaBV?v5L#97?}B4hf+nq{62X}D7}Vl
zlsE3C7hlzqsCV6fb6z|wN^!@_my|PBMcsGymKpo*P}mM7gKt~GBw*Y~Gk=xrAfOc#
zV#^`5rCKkk9D^l$t|McuON<#2^pSbt9uOkUf)|pkovD*M9q@y0e@_v*NowK1G$lpr
zr;nvkeM4YgFo`PGkovNKk-bmUz`P0vC(`uB$+DiF;n-TSnggP^l1`vIBvXg$M6VlB
zh@yfv0V_N6$ig)uSnVm@w@1#Dj5P7`)}P%@qZ?+-QL#ARs|Xw@k_;f~<KX2OD!BwV
z418>YgXZa-#Bw1#)1?mtw70~Je`|5SuC|#0Va()1>|EsmK0aytnT~fnLEIcD&}c{V
zocP%hF&i0mHO-*f?+EF-cbeN2-M{t!`%{Owtx716U|fW8@&Wp4LcN+EYU^gP&L)Pe
z)A5=-Pz=j8mC$+7m-n(c$&)0FET<6^wzXydX_rx~4NuY3&dH@tPpIb`Op1=lu%6ji
z`spi9Mspp;b|=rYpdv3NOv-+awia5IdTN_*YN3N1q9#sP&w*Ii#V@WU&Pjh?*iTU~
z%h77|aP6N|t5}4ENfY_FUq+M_qp~4osY75HqDGw{CAUyiVsUhEcTl{vH$x|t$6wvp
zv>jy0gqO_1hKsXH&;54$`O<YeM;8E}ikm1lU}4Li{jvE;rAla?p-X?gBTkoQDzBhx
zJF9+^78uC(hexcXJr=}ZR5j>tRh*gpU^8ZQQNyz?QXN9)eQT*q(T|#~Bjg~1j0hMl
zze_~HOc4E{%fg&$dt^<s{d!3_-E!rFF*|JL{tdhaCt-i^YIra)u@CVkZic$tO+?Cw
z_Di2me_>*N=e%Niy2MWr_(B|RAkqRF4zj%YFOFDl6)SqAxP*)!KYyYaTx;Od-GNCw
z1iM{lVrV=&qaPM9)zFEw^N2dgu{&#kKLt|UP%>ub40|;`G!9DwbMItne%W7t$3Ig_
zPVZ}70)x=xp{pAiqoL&G&e)k?wy5i<fn{18ktgNJ%@_y*?*$mrj7(Cnzax^;`=UV4
z!!mcu0SU^uvq}d9+XF{B`QTQ9M`RKE1WAHs>Zu96b|p90_;Bpatwv<1A73OSZ1T&v
zqwCv+9kU0oTAjnU8y&(=UyrQDa*Xw*+*-*f29wpm-GTDXaVbeZB;|ORpXm`e53X-s
zi|c{(3R+phn|oZxHQ;-Rn5ZcDKOavh-j{12$=i#F>4Fp9!0*7s2$WQ&z042gm8>!B
zaa7C@o93_vl{RLi$~)M@xC;+l`lwG+0p7I%PkVe)4zm)Im4|N*>8Q8vv4noBw<x;&
zzM^vOIMY4Mz^aLO?Bt0s)k!Z|1}JA8<zncR*S44fY@%MJTAIJ0#tB`prQiPR-ir~Z
zJ+Q3!Wim@J-}N0eQ9D@1q>+)w)YvCAKAxV1|Ge74iAq2qP#j4Q6#O4m5Mj~tc}y8@
z7JXZ{dfLdiB+8Vjj=-q&(ZIh%xVgDTTJnUBL&g|>+~n(?V9h9KR>*qOA3gfZgF$lv
znd}1cFSs<z`v&NuQvDROKCYk${ZPoo+-{cyLQ~JZ<2v}wv2n@hdQ;^EKcfoXaCdaF
zVpe$q21{}&D6mhr6m1F|3WTlTDqX~?8|({x&7pmV)b?B|4d>`^Y=-xG0G8!hE3<VD
zVLzPZ-1D$F8dbSoC_(i~&t!CIhu_TP?D`f)Le|cVviR)^jLp!3G;L5)y5Qh%I^+oX
zKVpIHq%6DsZYS9NOK)5s8z|bt7#T8+s96ajwGoUBj>*(}#RWr<(`;;_p?c_QJp3>c
zVRsKkdlJAKlWfRGFpoC48qaMpX8>C6w~IXv#CUAN{<#zM>9Av96fhnGLsC^A*)|v{
z2;;ruT?G0T;C6v32T+1~V5qFG*aXv`BSJe#8r#WASq@&@V*^etDu_ysqC2~PBt#PA
zCuGOs;rw*}1<h!kSz=vD)jyrq>gQ~P3fm-xJe7rd1ft*Xg@Z$Dhk=nGXC#X)`rxl4
zQiFVMQ(Byt3a!Ihu8Jr%#}l?6)eH5jj8hL!FE$%RBrf|5O?==&J>?0#i!d?T#U1dW
zx{xb0b29t~W=Zz@n}KztG<xTRg=kHW-tWGfwlXXv%}sINF^3*B)0!vb*r;E*`*ZaS
zmdcY=nR8w#6>osG3t#oXRN@+GSDiNh%o)9^j`V8W9HX+~`bDO9hSv;ujrO8IlGe9L
z1x*7Jnv82NU-h$)kBVhDJ9XaN5LF2q2ZwBAJ(|A7KfMroEq|6K)S-upFJxs0AOEaZ
zomUA)4|T)&^%=}23TKTv5g{=+W~oh1TAN9>uFPnlfQgAiQdJQwJ_Ifp&vCefK*(Mo
zL{E{@lLhTRwjijRLPWewu7PU_SeaU7c{uuT;iW43xbFZew<n;m-NQoUafdLjOzEUf
zr1~2}PAMBOL_qRPdnBb~eCKtDq&!=@j$1K2(vrGOtAo$yB_=KxvGT#h{`m#GP={`~
zYT??kzR21kYKC0=4Q@4-wgG=~ac2vq$H^6((YM~f=@eL3Va}(^HPuip*<MG0$SQ6n
zGjDi^-~Eu7kQHaA3x#3t*dQLd3-7RU7&EfT?^CAAqKrGTOT_@JDvvpMqn9)3GH${Z
z!&P)YNEEio;Jr2u$RJ8xwYMuMAVo9n3iO1yjr@csT!xySnwE2RrvQw;4)3vmv{q4%
zv1tNa;tscH`^mJ*ySROq9Vc*e4|K?7wP#rt5;DY;oM1?Z(leaNio@O$f9;3t`S`Vl
z?H&TeR+E2uD8M#;4Qzdx-BbYvXyH3r;;~^BDRMgZODWM-5(>2Y%#JMg@T3}S8$r7N
zVseA=!14YPP;VTvgZY{^A4w5DqlmqpNUYC8vBnzKqJ!8P@zd*zKTLF_(Y=hEQWBOi
z8I^uJIqzKdOdf(&MxXl9QcfjX$i=ZWc^+K?4;jP@n%6k9%7Y9mtHRK!KirLCe(A*~
zR3Bo`Mbz9q(v%=qzrqmS8NRnV_X5anX`GR+t^yeeC}*_5G0uKuwP{i>66f5&)jEN-
z%+V<lim}yn_SD#SKd-lT-FRdIsUNpYyA8+9h4ZXa+G6%PNbD4`bMoa%nfMZt@82~$
zk~&Y6No!Blamxn<xFQmRpcLQxT4LyE#v}Kf<sh>p5s#RewK1d>#5f~s!0WA~m`XWd
z?!tGVA&tuDn~PNP`ue3rXl=55+8NIGPK^5a4s@+(BZrgH?BV3d1Q$Y{{0TWQgWWPS
zM;BVqr{~!(+jKk^qC=Eun!25IAg9k?*S;?r9&Ss{SvnGB5XGco4u%i+D~r<v(W7A(
z;yqD;LV$z+=co9($Ng2#py#~VyM|v;W0)@4JK&?3i7*z<S8`Lr52%wx7l*^p%nY8t
zP|WfyR8+$D_x1u`<Uxavd{&3rx2K<V;8Kgo)WU8{?`W_05L;crsEt?gDz`G%>+Gc#
zBwkw2TDaDbipzwdJ{PNGw&POu@6cjXT2JL#DzalxvU6+(b~Sv-y!G!cu)j!n4}z|H
z*Z+ntR;l`G@3t>x34oe-$o-BVitN&r_%}#gs}G;(_SKeXYwK+6Hbn1g_0l?(x7o0r
zJCmsWCgrH2cY)WhHqQ<Ji;@O5{m=;Sg`7Ue1b(fcpoG0HPu4`^(o(D9I&X+_Wj%<7
zJ_zdBhX|acbQpYUN;^$Pc9V_%XDTFQ5Gp#V(BhlGS611;XEzjFLK!a`c+POTnJ?$m
z7pY?Kzr*IUaNE6wLlJKJSLlDAM<~%M=EFvYlQMB-wKyVrT*K+ARw7ic=kRalaFHao
zEDQ8@yoZJ&kmS}!M8rcW_I(Kr4=3gm$VMv!hfGlJ|A~U4^?R(Km}Uc~Dp2fB%uKd%
zJFJ5-b~{&;BGKN)rj3crf2&%emvly5P#|Z^nS+kAi8u#P-U0JD#ncPoU&1;xt%y0{
z_?0nF_=}{M&g8|z_Zk%NKuD<c-HAOJpHaQ=UsR+dOIg3$!4bL@#i6Ux+o&y1MDn2H
z4Fh1b<Y{?d%xUC_iAm#xqLTxS7L*ckqqFs>V+G{6p8IE(6s2`uvH8bSjS7vn?#{r$
zx0#KM4yJY0{Hr1aYkG9st8WZktmAvBkrXYzme5EV>Kg>*6%hB5l3gQ77+r`;*(yS=
zw<*f}(b*xZjrIHeVS(dH<V&lmI&Jx2_r8s>ZfOYIp?@Rt4i~pW_xq8n9BpG)&trDc
zg)A&AEJ<s&b7ql#w`N#*4|6mj1{-113--N{B7VLrTGCfGBLrhVKnuI!5PhGbmVtw1
zQ%gkUk&p5iv!+UVDfxe$agY}qd=x{{wn4gfAa3>Mu*}yY>f|gZZjZjn_h?ex6sIQ0
zmy_p<GrceHGj?K0G+{~`HQd^YL`{<nKGJ<D1k-_jwjC`c_sr(*YV8E}{4{wuO6{uY
zp9*E%e6MVMPTrLw%#yzk0}M53(%0-N*AskA(MGkrh*WKC490MxwopZpUvxmP@x)Ba
znPt1F6-W`{hI8TYH^TT&3uk&xK6Io(Vn=u_QUeF-^nxE-LZ55UZEc=sm9l8tZv-@v
z`9L<4n+8kFp^#HZF1|e?-&YD6#E3H>*6tC(=<$A@MvUexOT$?D5sXy&(9)(Z<@zN}
zB~F9(h%zYEwyauz#xjr!T!uJDbwt6!8B{<yAt%Sx)&8Rl#GsSh*21%Ubcdg+7ywHK
zcg=1X^io;*qwL`33^;qsT4~#V6e%_rj#rlnV5lry!wrIt4ed8cr(`<%_19=^!vaMw
z#hNG^HaZ_K(qoTvF#|u_f&Q2N+lZDj3v8YxbFz4PKX>zNBP}S_{0D(bD#WFQs|%U1
zj5Ae+df!k^E-Gk~;uH~@9F<v<%yrEoQCl~|!Nn&`DpaHQc>t=om})q|qRx|teDN@&
z^IqEIp|4*L9L?bvQL*sbZ>>m#Ak6^9!k^W)Gh}U@n1)j&Mj4q|4)*S0qPb%9$qoh|
zUe4aeQMXb{1u_*N9)0-ebw_V^nl}*#dern=bnUd=W;R~|-Zr89j-NCbBypt*v_@w4
zAgmvySlsq}1S+;NR&we{)*nf+)W6Lx(!)k{QTTKG+x+%Pa(_chhM}vUx|%KK1S5A_
zvseXdO2i4WUY6rq<K&nCUgW_)70nSpB1DTmXk01?bLGi7OX{J!e+x69y-k}ZfFO5B
z-#s`4%70+De?dfk&uS7TS}di&^J9kgOsi^#8}g~4OsdApghn~C*i6N2f`PIj#%nvr
z?Rh2nU^N$<lE@+E>xyo+>Lu;pjz(d`Owk9Y_BTLdUsrTI&r??j$3%T`QxJy2Jp2gz
z=#X#h5;7la0is@okhc}gu+G-sjh&GBv|Qt>MTR_>4sXeV=fBk|c;TAn^Zh%20mCra
zHN@YZW*HPbzVTh){Q-sGR=fm*Wn0i+sx)-)yWSe=h8>M6oIS0IVXO4+n6=T&Yz&>%
zoPDXnOvdpj(q<czFRiI(J$~|U<%voTJKq!iM)zSe4O*8;-JQ$JfXH!p+7QfG+C2#n
z48qvwPdo#n2zf2kJYey)$ZT`yYTdX#;H#)mDnX!R!dc3=G<}tV_x;mVr1zlq^hVUL
zw>LU8`tkg5=Men5ilf2n-V}evKHC>R9C;<^{!FxF`d`M|{@ug|;@7rQ8Cf7Ji@-$h
z3WpkJuP0fHfS`%HLDX@nxhls4N*IN9##v2`YoI9Q?#W%~cqZA8@(t~*>XwEO2`3P{
zFtq8S2_EO-nUxjX5KC!jW`(T5>0A1#qiXU&YNnPxz&kSXT!dlr+xR^aq*h!yU7&{=
z=|dAIcSk$(p-x>#=h)wu&gxZbd3#7k?Om?8;aFIEi6B?akI!Z9(-P{%4&Q9I-Mfv$
zidoY~pEdxVlWWLKPH3L~Y-mCPJ>@F2axXD@1T+ROGPx*18c9KF>gi*~HWhq;vrDIC
zmFwoBX0~(mq~p*dVfOQ`<|9Hho~5~&Pf=R2nsY_+L-F|B9NUeIMPY;T;|dX{BH4L^
z^vUcz<#~Q5tcHAYy;wzkrA+IC@}FzynNJ+oi^Zvh<-)Yn&l}hxA>vGiKXUs;A6k_{
zR}FbaMs6w0EvOh$P=I^@^>YykG7KbypAgJ}X_5@iy3V?jt1DT&takcafFR3qzjNv3
z=;@<Rr?aj*ef<09y}+Uy&ZK8s>F|13*^uE(_~q>8;^W`aJgb{P7Yn-c)A5F`mn^wE
zPxs5(Qco;@n*W)c7#XGq-JjcAnT0!banFc!cG&RJvWn{PiL9#F$l>kOTMuuxZ#USY
za-&_`vPs7IyrDyeYUa;FA^&I1N^vKZFcTC=M9?gd{<h%4OkM1$eD4XQXqO?#GXFCS
z;kPwP2B`!S@5UIY5BHBg{~WA`Bh2(u^uGp#nS%7gL8AOiW6%+xk9yEi{@+s4kU}c`
zbMpVp(PL$4nO{{U4>Nlh6?(T;l9hc7rF0K0eYt;p^tB`-{m+AiiRtPbd2A?}sEm9Y
zUQ|@{{w);ke}xmu&}ZS`C|ViD3JaAmHKmfz7Qp!LRRgcD?TuKLu|C2JLPMVrL0{Rw
z1puj36#7Ia_-}<E{E%fxQb_-AJ0M6>Kq~&1hM)mb(oK&4RS^L=-11tGoj&fpc{11V
z?FtH{E$RPhI5oo?KKY?3@U691oJ7S7-Q!*>g;oHevsW-krRM%kNo*+b-+Si8I{6ja
z?D8n5q9ed26`@cO_CH$$Er$M`PknM|dr@KYN=S;oZc*N7fi9JQ*=O)A*1j%Icj68}
z#rpoD*J)yY>0Cm!e%R4X>w?h$*W-orFJ*XJTbJ&Si;vQ@t~f6{C#yC-V|-t-alRwL
z?5#AMzUhe*V-w&S+L;Ab#mDCQyg&=Q;`RlI0D*LF1W*Br9lKH=SSTQ2et54EUw+m7
z0eJWRaMa=dMAw-V6yubMe;ILMu|4`k`gI@g?wsLdUHiVf+v!zQ)$-BM@Tp<(Nd@Yn
z9@P;b*Go?c+8jtFQJ90oKV@SJ3)`7QA2B6eZzw-(KSP(gUTDAtKVd(gOnnD0eLg)=
z(NLc#^YE>WU9}Om4RRsBenmkCF##NDD$45tWJXK@qJzipvE}OtLoxo6d$peA1LgZd
z3+{U|c2tkZJ>b&`>sAIl2_iacC9S<3!Bo^K{<YC)rK>OqaFpca>VF=QV9D8NBQJh%
z&rYwd2)Pfi^FWI|pWqaIw?*<JId$hLc-pC}*P){21Gb0r${5$zCG9PNaTF(9C+2%i
zjNE0GM~0IK2xRs5LmKAo40mZq#L*0Yr5W9jRkuU#*+$8r?FjHsj(y~)k^SR%y3HbW
zI|Bo!Gt|<?q6~C)a8rZ8YqZ^+o$Dz77Dn-@iHC+@w<pBX1Is(ilOksrSTCl4zlg`1
zqMs1)bpZt(b?|`Tm8R7#e10^bd4;9_j@sR;IP{49$J6Wcc9#{D{VLMT3gg$pjC4~a
zSS0NcR6*Y)dL$!L3xNPQiVno4C3Hg3(33jk?-a^^o|$B8lNbNA#r*95Lp&p|y9>n`
zO+;!ofE!-PaZQ;eSO(B?BMu3-d~P-G$Qoa%p8xaGw^&ZX#|O;$twMgrBXdZ->E?m^
zXQ}p?NvFyuYmZF3BV}YGAcV{7iRoB8D#o2J`=Ih0L&n%vw_gC-Vl)8>eOXLaE^`*U
zHraW%kD}5n7x_A4+v6FlH^T&>Y++sz!SCrx9+!b&l!i})4nT>Udg9P^tq0{V1Vxn?
zNh_=Gt4N2XS?qp7S0;b55wFTr5=$z4y9GrBwssqwl@tY2yCM@-hRrogFXto{Df4kZ
z6}32*r5=k-R=9Qb9AE6?8#;AwK?R8xpWJ`G-4|GVu)h339)k`1=T>DEdy>iRNcj&f
z*Y(@8e9LoNQ}gYF)?ND}Ca2FQW=oe(L{rzRj?Yy9k=@mlL8m!&Fz!_oo9K9V_%nQR
zwb8T}(79on>0xheyg1uFj!*!x_J`{Q<;$K7%Z937MX3N?J`&3W<WDU%7Rw@7oB^cN
zq>WRz@fr#TOG?JvGfIa3_|y{*t`^Uo<88kXP-=2S<23Vdy)xE$clT7#A5(9yd+HLt
z4*9qu(JU|69(*_D-+oC9BdLWl#^rTc71MrJD|*lD2@C-5C5U>bJ0?y}ae2M$<?J!y
zohgmM;<L+#)IN0!bN!2>@XS&Ho}?`F_B$);7EfjjG<JfhO&dy9b9Rd~6MSmx9|KEh
z5Ll}Q+YKoqG_cqcX|hX$_~_m0rvz{K&NW$BqJvRf<qaQS@0TsgCF!ArHuM6rD@aaG
zaJk$99Y1}b<W!*p&*;TR(qmouiPsjPt@)*sf*`9wiD9zNvb{(NHwCRJ&q*goT5TxR
zUhEefgJxzp4&{GhA6BvKrr&LyBCW2j?z#t+vDgs_GLp$}j1+p{jhf{3^EvUFRA8MV
zzuegDsJ61KcE{%7;@IXjU9;%Ed=AX4?|ZHDF|3Y4$YZT#oK4Tpi){|0Q&C|-pf$}h
zPjF^s4bpO0^N1eOWmD}-Af>MM!s^x~4Ig2@b*$GoT<s3-QhBvfBvoIri;9WW%q>Hn
z4x}IBVjtXXV`sbtELGd1NnSJW>3R1P?fOiEBh1Ng`8<<=(HGLVdA`_RXnx6*$7|M3
z3yF>(^TUHn)z65V<I-O9UTP-8@vY)6kCFnYhY1m<$T6v@var^uqE=`MXuj&NNRU1Z
zKFB^3?|^q9RctrqHoOUVtvo9~E1bN_HCq6k-s#5g8sy@;BFc?TdinqTA0+o%afB~B
z$V)zMwCUq*Qu29UD+AP_HsSr@(5ds$5t?EIKZ)hABKs=y(ko>1?ZI_!e$jUq(y_FK
zVNkm1y4f`}H&;N;Mki{8iswww6Yuwm^s|+erufbQx((l%i9d5CMi#MvK<t;HD3pEE
z;ILK9EP0Hv2RQuiGB8pS*$IBN3B+u3V<WUy5Q8mBSwl&Pu>BO)d;J4=cf*<^ya}PH
zVI&V1qcqJccj5XT`W9{eCkx+rR#wezZSx!QLpClbK_xvjbc|%qhhn7*>uVMlJJ*?T
z9HI<AMAieR=tD{`@qaEqCMcEihDJslPL(=9V=xIU{arqj`E#*B!pWWrtSjbDbq{Z6
zZ8=+S3@e~-Ynh%yL{N0$h;DZ*MBm5X7P25|aFrSv=8}$vc+or=S!)Y;3WRhi-k(}y
zhwP3iPtB(p=^rGI^FF{OlhQTJImRF4c{v-V1<;1~$W0s?|MIHv3vs0z;dW1}&4Xwp
zAFSEkvgi3a<i4>X<g&v2N6Q1eq|Gbqtgeu4ah-&fJu~kV37Y_Ke=rEGz&J~s!<~&^
z%KM(4mX6W!-GjSqonWfTZo9VwlM*M<o=G*1iU0}jRI^#D8cm0tAg=CjswlUN+zskn
z1%w#^K@ub@vMho0H{BDVp!US-LPsX&$3q)y?%Q(bY8}*{LrimOMuz1a5x@6@D~V)#
z6)h<>HPh6`w8WcG)1*OM9XUZoMU+t&22Ma1H1<gptS;=8V0W?(#6&j@3kh!*7A8KK
z&3sG9X02@;hu^hzU#CArBUReqagr|BwMTl#dsCj!)XdtvQA{&a6}y}?S2as3dBl(6
zTE=FWNw}+$u&9T4H4d$Vf|ns|1n>-Vp5boC*;983#G~;~{xHO3Aj|g-5+tmdL*!Il
z!@&bhYiSEpUbKwy`CSN?xtJJswFjA{Z1{3^N4%qojFsH3@oDf-B{zJ-UqbE+E|-PZ
zUW}w{*jan9U8UqDdh4TPd1sqH%d<;?NcS@<D`L{l;Evy&?6gouD%uv88n{y(7m4y9
zp|jShSWh7bD3ZC9?7|}ku$G$uUnI32>>lkIY4`e+GkK+i*LWI>jArK8#}0om%-aiC
zGM>ioEO$OqBi1q}Olq~*HHPN-$6EpAcO*V2ENs#1yp<qUm1f*#1Sj;xzYIBsAK|Fn
zut*Jxh2Rh-u`EptCfbw>DvXsVjvNgS_uo(8LcDhjmz0Q<#?)}GWXG$eVaHxb8)#R8
z>E~1=k<pBhS8nzXq(`>rG?gZV{=B_@(C9Cvb9NGF9e?=kJ{BwbAY)9gCSO?Hy^8k*
z;3(XP4v}+YOX`)&>j`g(gF{f*@B&e);ePjznLi72z^JBtBl+enpsCasVrfBj`@?N~
zPJ&eZ^+5H6m;Ew$14Kl3qLH}X`!Z`?E-=-<`E%~dr`bvGM3B3we#2AogYKAQ6p5Xg
ztXB0ziIw|s&LvIaT~Kd4-hGy<^nJDAF%^Xo)+FKICa~Y?<Dci(t{3U3_Z!o_&jWg|
zjgQi~4`7n(M$u(QQ>-M8@2B;{`;O_`k>}=N+l-`%kir$G98<E!5#TtxKQfInjgUQ#
zunET6T5CeW!L?}*d7<%}+w;@bK2LHBp@6mr%W#Lk5h%5`y4KNTgAZxUnZ4#t#^)y!
zoqZ$wK+kw`WO`FvJ4M(}!p1R$rfpGswE06<eN)T6o!?9lZ|lqrcKW8O%y?h;rl#ln
zmgd5j=2#MxAXx?G;Q7(09*Ruk5@UaOXyO__rn|eHB5?3{Eb(}5^G`zY(_3STTIEr5
zCPGbMnwcMOR};s~VsI94d)3%G^$ZQ+@v<t#MP=+?_t7=uNxjxI^(-tTmC*lMTGBMI
z07NGje_c2zTJrp!T+k4EG@o^JlrGi4i;Ucu4fxv2Tzgeqddi&Mi=}U9BfpfUz=wYh
zvr(N~Jb5B{Wp5A_K_#$pTT|yqylsbblPt$X(KE;HCd)LWX<IWlo{$JjHL^q)mfJ`&
zLAcS(yPQ*)+gFs~aAJ$4Uz$7K84eBRu!CuM)S6+5bh2FAFZpLYIkSz^z`&|MoSvI;
zqym({!Jszf(gkM9%D+HZsjr=D6c<bA@K8?S^bWfxMZu2skW*OM_Ykk<=4aR(QE}^B
z{f$2me^{F+uqci2_KV?iT6<z7UY>pR+`vp<bjW13BeDKBi&h)udH&tAV!G5q6B#)j
zq^8;3nyIXy%1*);%7+ZwxY*cg)Gzb|G6gFHI{s!~9r6wgm`s^Dv!kvk#WerGI&tbZ
z7BP3033J)8g+yRQlz6U;_x+jWk`OKfoOS<+A+NoGqh{!ok)C8aZ<^RH=MDIY(gH?}
z?m(!`2Mh~_E<=^iPa)+=EZrW<s2JD|$Gt!&5;jf3tr4$up!5C8z!9vz+P1Z078#rR
zb!Zg#*w;w}bxZ@&*CQ*#+W<R-A<qU3+opSQ>~~H={930M!WVvTt4zMD3_wU{CyAqu
z_Vt~^khUHH*(Cd1!@W{!Jg~5V{}%Ik>%c6c?NX|;3E`IZ@5CsV#_<lxd0j_w0JbS$
z%!^~DSXrT!k?;$eC#nm9VQCvPrtcHb)7=p8CpuCM0kI-8Lt4InZ6y|JhG)V>^$D_k
z|JNs1Htar3@ngk+w+1@SGEVv3wUOi=jz>CUP4`H`zz>vyvz6cR9rU-}B1?6)j3g16
zumb8mb$C#2+*R8nV6zU~j$dwt8)sOEP5%Z+xUA8>kwr0)s<Eu7NT<A89eBLfd9*N=
z0bCSTc_++PWqaS>LxHj;n-`*dnB`k<nH&i>x~Pj!@m_g>!1Z57Dr@2ocLI1x+y;R2
z(UEZ6m+Z&s>FL2vWIbVy45*x{V-|Spj8M5yz&)z3>QAffmw;~|w^@cU1>;R#o1G|7
z<<@8E-JDEv32(L3owFcKo`d7pjZvUqti71{K0@>`O{E1u?8)1Qas6}u#Pe<ZPum+y
zb=syBOY5CB(&X3dIy(S;7ZS)Fg`m9n6t>uOXSTIt?^1|tE5?01?e;9O_3qUv{XjNf
ztAZ$e`E(oiWg`lbz8_i#IrjhZAt6sWY_~5z&t9FnUNHePlKT&OZwaY_udvx~M_>1(
zdb!C*_J1d|b@@honK?cXd>?U5Ev@X?nwsL2W~vyUTA2PRFE5WlFYBD~F6=(DI+_G!
zQj+dj!+1*m+7y^eCn>u(p=5=S9+G<x@h8prj$Myx>K7Jkv~?A1QCR>@k?O+}!*$=J
zEi6Oh!Ps2&uG=+PT4gq+`7DQAHt*y{Bua{zIZC=tpM)08H_XBE@a4(j6#OC>6T>Ah
z&}EhaA~We?+Z4WpD$s8J(KpVTGMO<DSMiMSZDgr-4tAZ}XUzs@XYiQZq-<H?r8>TK
zhb+aibQ>i`bmJJ|ji7!i1MTO2qGPkUrNLPzuosV=uhkoZ^$Wop>g*8?{+{LrA%YWP
zm^AlKqa3=l7mflf?R>2TxrHn+Cs{9ZD|6!RRXA@)*9SuGzm?;7l9N??9v9Ge4NmGP
zZ4nveZ0%=2CRc5-_1`zq@Ft`5Nn`ATf|TiF<GE%QX|=mni0{@-8b*JDJ+-0dRovCb
z(grSSJ-}`N2Y{_Dx^r*f!`GnZmDIe_+_3dGJB!t??ikN@oUee6=~Oh)Sx4?F76G2#
zVIi!-R8PBFj(!INa@VW}dHX5oq}0-Fsu4Qc9t1J1I7Uxb+qbtj_1Yyocrt?W4$N6D
zn0ZqU7A@I`NON=1wo|DFu^Ap{&e<KNY0hrTWvMgk?=YHOA&H%G&94<?Y*Sw?LlW!3
z7Zn4hnOusGY_M!aOLH!y2qmX;$6Q^7<mIt+MBo?BxyEz60>jUg7oflQEia(z5YWq%
zYjZ1a{Jz7`NYrNl4sSzsI0tdzSZ;MaFy%8zT8=|mv6-^^uKPStJ?G@^OI)vemTPf;
z6<ICR_FWOTRic0&o41P?%`3dX6`=G*9&^lC!UIOdaw2}|9u|26I>RhEW@shPP%tl&
zlH}tr*R6iH=jdJWW{>uG8D8J&`Oa_qw`!AQa2||)^(X%LsDWcM=gA3lf8mCH98Gpt
z3uwkIx0eJd213n%q$G?1c4sS?`)(r}FixAq9h&>=Z|jj(b}`}Q^hcIv@d-(?zdOFY
z$c=I{RKz#;2H~VF#5u9c^V9CTj7UahbNyJjo}CjsHbxzQNxrQc>97mCiHqoenivAO
z<E}^3UO8t=|59Si&u2khJ70FZNjnLAmz&T{st_F5#WPJgtPd8ar%%WnNjeaedngsw
z^b7{aJ}ot9D5Fb_Yo;?m)zG22&0MFcOa^CKx{q16Bpq&5A6Y-82z(wR(f1TsWR0_{
zv8TAdgPOqDL#yddn-VE59p0F@X$U#S!`ptEfMKDt_(h8`m$@n-WOlH3OeLh6Ktv*G
zn#z~Skvg&yO3onRxsH6nc+MVc`UM0^_Bi=#O!y9L?03Yp#Sw43Dn46J>8#2BjiJkZ
zQRD}wX)5*L`|V|fzG)=MKt{Ng{tS#!s`$RKI6O3y27c)2=hGffo~x}CV7j6-|GsZ7
z`*zr$@up??WwcfkhWi;9M05WpZbcAA!4Jw8gPY{<a{?fC!L~jYo_-SFF?<quO2ZT(
z%b<{?ppEI(hhF*~@-}zfi(Gu}$m6`9Be}gqk;l)3?Mq5B6)MTh+cLLpc&FDqZtgtk
zz5hlMd<zYcjqcR&H#h&ipGO_eu)cRNF16Efm}7nRQ*vHKbtyH+`dm&_8R2vX00SFl
zbb0Zm{K~b*K$ojSN{9xqXkiJ|*8L1G&rgIM%~v!#Ju4_Hi(k8^Q%JX_fi>Y*W7)Y*
z<3#%0l2{0a%wZfkZQX5{^46e8>46pBe8Q7qeJz}G8IEywm3DMt<)SP;Hu-i?XHu7c
z1P=CG6KBNDa9}e^?K)v=xM0O=)A(plZ_2sCI%j{42yz&cQc__21DX^xlS1mq5pqil
zhcTp}i86=O)v_y=_rZW{nA=7M5(;PFy=rYNra##D9iW&b8p%_52I1Y7IET+~X04>P
zLz+TZT^2aLhp)(fbV}ScG^BKWm$+|OD`7VX6sK?~wtQpnS#xjqF9kMjWTB4%$4Ri$
zmzCa>zvUB<b4k923Jk7~KBtUljW598gJp!KMR(ReYSF_bh>Sx@&b(fJe&~HiSQhGv
zTQn=<4~cw0P`zXn9f8~h@p>XgLoh9=h+Bm+7I}ae-FPPAFARzZ9lklQ_bQ1;=6FMa
z8IeQh6<YU1`Q!4mwH{ejQ0m9>o7ljY5(V}YbE+Gahvg=+2iLK~$kGVGY762=bS5!h
zzsl8_l+wMtKx5;kRv*5paEQI=8wir5%u^XE%w~=*pH3>@@bd8tDyP|E#i0{Q_UuEq
z@@h5vo|E?6(lc}19~kNK{9>k27CbHJC`^?$ow1))>NC8y!L`lk`{_yv4{!iih>BM5
zv4US=orhgknNUWbTwQ7$BXst5{9f3h&LE##R_I5JBw~eiVJHJT+@^6^8l`dto;9Z|
z3wJOgA27vnlPme{PJ3uWAzmm^zbIE=HL(43Jm-vf*p`6-et{WMn;(DJ>KzI_8Ee<N
zAfmI6FArcC78yZl=ZyU|N`*LEjA=b!=LpIONy@Hi&ZP3vA!ED&cGWkiM?BfSfrZpe
z90%<DkwL$TBi)@@%Wh$&f5{xh{?srmEW+^qFZ*8de6A71fEf{1^clJPt4kv}(Uz*n
z*ZASD+-;2CJ`-clcoXF6H--5`qDnjcPcCa>zP?K-+|~N{@rpAFK;~TcqCjwFD#IRl
z9m1Rt@snF_s+xZoHJ<bQ&5!y4W@9q2Q{#q6kS~>D1g!H6xQdbkNQ8yQesJJw@!}+p
zQpx2za&C2zM!f}Gk2N?M&1RuDQc2(2t_ew*V2)~AU+dP!RZk)FWmwr=>x>Mf38XQ6
z{9vj}k#b2O%4LMC>x_GTc}QTpCre(y^--PBUNqKrX9*V~cB|9>Fm&hs#PLpd^|!fQ
z?H;*m%i+!D?b7tdD;`q?^H_c5Quzp!ud|iDQSb2;or}@r?cdshsmK&TK#Hv4?C^_$
zz?m9?kVGYuemTO!FKn<3B{}|Ri5P!-d<jA4h-TpvklXCW7Rh%o-*6#x1zo#qtCNF(
z`8Th9tTK(ids&-^Nqa0}Qpy<rM1(-G7DvBJ!+Be}Pi3i?ND7J-*5=#AO|?vuC}{_7
zJ`}OdY>DB?58$KV%M%_|%7;m-dd14m!x)Gl;hxB|hLTC9?WLeHd;~`k(+kB~_`fuN
z`FsED({cau$qulOP~faKIt(NI>wvUtP!QJgda4)Oz{yE!w{DOiqtMDKM3F)TS5><_
zl$2_s3xdN(O8LX$tjth6Z@`^YxAe^e4|f{Y%*+DRI!Vhc_r|j75m=%L_K&9Xjf^sL
z+R5SJC2L)h=fPvp_>sK7>Lu!L&@K%FHB1yM2G*$g{5oPWee6SM=xGdW6{*4TqHeZq
zm>uU$;$j>VVYhjs3&S`jd@O0&y;AFCx6LfEV=}yBL-*yl=tFafC?OpmE#_fOtZ%&+
zo;;CbV*bwK8AEcX=Ge3Z#vf}j&ohx)IPw%?P*_EMqhxwP_Lc&pTx8{B>1H$o;T^^?
zSy>aYXWABjs&*M+i}ai@hsb-_*j;nVo$-TLH8|A}i;ob}E)ur$?qTJ6c&X{=^sn(9
zoe17rUdy8$X;93LmUeb`{VIc@cyBMRXq#@)KyH=XL<1$Ig2R5li)s+L;_FjveI*gA
ziN)3#p^(c3j)VMx!{auqZVt8?$)Ev8W9(4O7aU1HGczrR>UIo_8`HoiZo{)Pk##U8
z27q3DdVLXYT?0P1a|_PzvJk_m%)-8xfW;OsYJ8oF<s)_a{F<_$djn8DWJLi+b4)cD
ze@KwFZJfP{I9u+udHsFVwSSQ%_mTwQd<_C*jpgsjP>!wvnH_W`7p4)-#uWiS)LAGB
z3-^l7`{lf$FSduwTI~tdI^?VGb^Bt+0B38+5&2n^D=u+M><`y0yV?@+!j22y=S(bW
zNa|1vy?*a0FxDfMbH(V1ZI^nhmrR-*KS1!{+LrhP;M6|y6+eVXzj7GK%aJ^nh8<Z>
zq;U0=%lx!XLTOn{`>`xHWhkD}o{s}oiLX8`)A6jl?juy2&Hi%HlR@+SaBQ0YyAGj{
z+<YBpmi|P|Ob<PE6a!SwkqO|6uf8CS4aiq&<ug%Do<gWd6yolOuJ=cOvq)veM}|vT
zp`V8lZOkjLMO|BNqNn0X(%=2vfKdsD2+!EbiPRw|4r}-|8`;K&CQJ*1U@~n9?I2(^
zZk?}!-mvsg*y0tPwnygbZfiJ53=DUo7_Iu5d^}FygD3c=*%eq5)=~&$W_}0L5>Bpm
zQUd?0_HpC1!>9F-)zJr^wZRh>5y2SrNJw^SMrnM`mn2HCr8}*weTL<@Z9}F*5Y1gn
zll0C#pk4Ys=|NLsdH`Yp${nTFnlaKkpDj~QUPuB{X#|+U*OSmVEjs0;h58L^mgY2X
zZ`k9k<BR)JmFT~Gwog#qgvJ)V58Bl->B!QY3rknh&5v%3g>37h7S9y>mbhtV?t7$_
zWxJwyLMXnD&9Rlt$0J1{c_m)h0sfpbz<4KRR#e~ZLUH-BXL2hccOStdw_^o-i{g)8
zABZ1xdvFx4TEj^N&KDbELL(pJAcn$E+Ai4kcX7+CIL?d1bz(_|d|SAlw<6dgatfu}
zintn3ZQ07|s><=%Sw=ep<gIUrGi=z~(U9Oa!Lc%n{jCWu9&V`KQNZb{Ao>2Ht<u$m
zp52A3t)sR_$JIH}H9%7I)AT^*<tud85C7$1DJ>;F(#KhTU^vy{4Aac4spka+Pxczc
z(kc`g8T^>6tOjmP=7BEv`*>pcbwf}09I7LlrHl-M{oU%oZ-2=_UWQ!@Q&~4fXa~xY
zCA8qIPJ&`uB8PW37FB4<G5h=e0q1X+m_>p3tq5fD5(swUdTJpQt8gh9iZlSFIm3Eq
zL?&jA!KHrDhRVWmmI-u|-JG(~kH64hH=Iv~7o9-Q^WFM&?x6S}@YV&Jf<(?=9#(W5
zlqM<Z=>YT7iLk#sJn4+PmHFdIvr3S&b6{Uhd94nX00pL^c01s$*-gkbf4?AgA>Msq
z8Y>MzNzr7;FKtTp_l8wZ(b_sY2}~_ypMHfq^4yTVxS%$d6&a&1WY0{F(OBqKhE9V|
z1=xnw)La{VKg;CS(UsidvsASir{d*?z|&G=Xo~EU_<DMHyiJ%rE~H1LrRr%=QWm|e
zjkR`=2G~cF@{!}wJqRwB`kU8qPZCC_!|b9VH9vbOv%mI0VW#nYM-zaAM$Ogb$j$R&
zlhNfRiHb;e7b(lk&K`Th5+}MEx=uyw?&r{+{RKttXd*IKoO#e*axiinf24CdEWE~4
zwA`+5a5Q`H5Dczz-#0w92sg@So9%%Xtl8U(6%*Q|T)t~WL5sphto6xu^e4%ssYt)@
znKt0a<oEc;1lJ4XjgwvA`{;R!G5YX(5{YgO{`sNd;J1U6bVD<<P(MEbmx&D{9h<$D
z^2GYco|IH<sYhUer&!!mp#5tq@FI-`bLGUq%qq{LQ$}V?y_q)7agmTz?FN^iX>!-R
zFf!|&^lw=kRV9COFOM&$%$Q7p`<UIU?^!046TW!sB@*LqhimFT4+uQDG4hD%Mj)f*
zpxsUmGjre=@v5OTH1ldNxVf8$LO|D|ia6_oS)r*h=gL#(+-1h4^5Y_uo|>!lp>O9!
z+L^PH279}=bHV4iDf*>ANN#Cho6S=^(0Xvp{7oeqa6ge>Ki}0|<zr7Kegb3(Xkjyj
zo1G;hh0$JX17?3xWWMMkB~{Ya7OnMOeq5=2lrVDC>GyHSXa-J)9@_q;_cfZBLFCGp
zSV7vDy!3e^DEb88RZ>HGl%?9=RvEW9tv_(`TfR}f3v7n0Vih!faMjtig$cg>B05C!
z-Q5_{?dBc}3>AMr+f*nKTy)&C1wS;B-yQU<U21*&8P4i(94CmgyStsYd`5r%bIRL;
zaR7<1cg-p8`IwH`9RSQt)9BPE)RK2~WH(qehO^1)yKc=biz{K!-KY(uVKt3S<p^kL
z6{<XcM2_HEdOe~oI;z<}C}5?t#-SI(sxeC_VI!Kf)fxCWkyf13WpIxfpwrv4h_V_n
zeol((mtadg2OQ8p#>6J}oV!i{E{`cmsnNr)ArCxj>7G^`bj&c=u0G1>y9CS)KfeH$
z%sxGDacKkuh8>4^Q)(;2)72Io%KJq4FpD<!2Ka$v`nVOk<===*`iPN|c}Xrz_6fg`
z5M#m`)IU}8yr;CDXV^NT!Uw6}PH}H!*hj4{WFH0_V?E8rL;p(udSQEzx$GR4qVyL@
zW=w2_?P|N%qq8Q@<_4+=HAT@(B9?iDk5FEUzj!uk-Y_wqYTTsf`cEhUr$850Q|GxI
zS2Z`)FLmxrb!!fMv}{fsC248+m;2qP>s@?a7hqf*>YZiih|vpDm<$CIy(*pQJvR{(
z_R{Se{1W~*J|Dr!v!#LjXuiLl=e%6ari`0Uy;!12N+!IsEG))JS1%;~qc#J_*J#pk
z!NjU%Q1na)*VqE%KYaC&I^M;eaV51?!*?8)k4}#Vj2edzCok?$<$qO?oVoDY$p3~U
z$=0f}q{0qIogKnq!8<xW9iq)*O~)wagz3Nb)P7+`Q*HV@`F3q4$E+H@Y-JN1@@47X
z+Lzj&_-OicSx3}x*q22v9V*`)#+FNtjRojDCF<&mWKyQ&qlK{ua6UTk=$Q)b=40^X
zFuJ_}sDGz?Uqf{BH^50haM*G3h&#l+vsAZcFl5O`>o;T}IW(RU(<jf8pzh8YAs)i7
zHxCr2NpfQgT^BfMKXYlJEnGDp+J{HIvTzU(sflf|)2#7)V=4MQ^uyPd6Z#fet{Aax
zHgYq6B+<p&W6l28&}qVBxgh?og{W59xFj_yRZn%h+&BN1r!+ElhKPY+M&um}T<NTx
zrWd*iPrNb6_8VL@i6}G?$K@K{O!DARgs(M-h}%<as12mxL>wKy(SqccjLA!cIO5u_
zZR-KWUBPYlYON6*_+)Z{0eBJ3G^ZrNUZuA<k%4yVV|UuEqH3;0m?7yB-vw$>OS6B}
z#a2pZ-reEZc|e4U*mp#-?&B^^wS&i|;)#m}*@d;(H^YdFdtIkwn2P8j@qZB`nRCi6
zr+amI?&}BqI>SU;=l5R1m$Q1|%Iao{wbS2QjyV=vWB4jpjP!##hotJ4G7x2eE~{h1
z1{xv2ZU3I&i@kh=>FPNNCZeKRZA79w>(e!o&tzqs9OTC+#@chTUTnt!n5upDDYK{e
zg$7FTLG{$^Y-A6cs6JOO9SQ!O{@G=*eDrih3v=q&5}(hSoa>FimATwoF15deg5Uw-
z-!6E$<PdeQG0CBG7gQK=NfOLKV@FhAznHh+*^t#yep3}u2$j%I4gBb#{qL*`fwMH*
zId%Kza*FKr9Hb_y;dz8tZL<x!PIWf_S&mSzPVtYTx2|8*3Egie4mvseI(y!&9j;!x
z-isx-dfZs<c_Z>%sJl<4x;|Z<sfYg$SLYlach~j%wrP_zw$U`Ut;V)Bv7L!0Xk*)U
z8rwD}wr!j3nfrO}_dVx2|IhWi=GuGhwf0{4eDOMd1VB}A)JtZ-V>2+jtaC@zb6HlN
znW%*l?%>G~opz%H<xbcYRaO}4pMN7ngwCSJ{f?ATdT}@y{Ce~tR>D6G1}h+ca75}@
z0=uct-EMMM(V1<_tXJ)de8GNx2@CfU`8qy=nUd!%Apuhek=x*M^oyrdpr~kUREI^;
zQkY$<*W;V;TjPTZ52K=?A>(WcshCXIMf5DxoMy8XZMIO(up;fH9Vm{(GWJaGkw-e?
z4jRGCxhRBje=9-b6NtvhO0&t2oXClqj+R-tJvwlu^s2qU>^kUSo*EXhz9`<FK><{`
z7IqxDMLeT&jvmhzmsD036&J&_tuwr0^w!qYC{3t9bgu5Ge{ny<*5JVOZZloG6Nopi
z^6->!>4@0t6K6k<o40HirKct*4L-kkdieYuLph|du@U@>RPrv*fKJTGr6@Nz?);F*
zNj`Cl`ABG9uk%9rh<Ck$;_6aoDaBLfrYd*BeoD0}qy8d1f&4;paoDfITXN2Z?i=_>
z58G8g;sv0%?o^2A=?{VCYHUcsWu4J#b3w+k$N1%&leJUsVY8tWk2c#sl={RMa>Gu7
z+P5bdjeew%t5}~_*u6I<<MJyJl=XL{#prURBgSZka?J7c`1|FjO??#wxvpdjwkUfp
zaW1Ul1_1W20X3VF`lCM(?MABDoMbfxwiw@jk}n4lAjX)kuHfwyK6x&*ovE=%FQ5=T
zBRjXL?;pjCm_GT572ul*kTOd$Ly~OVn33bQ=njY;<<WloYOwKzKOF>^G@|*%ZTU$B
zHezD~P+D3VAc?jrg>F=un=2F|tF?G~tLS!uYlpF!myjL*r_S8k((-ta$)Mkg8B)Lg
z1uir^gFvDO!kv*3q?9Q8w+!^LAz0voiq(+SOqw&u3bKOCpfUBJoaeK)wnA@NSoa(8
zEK9p2MNUo6ghP02a9|J+QeiCYu{&vnm4RBv7PdRWBIrRRFhtSmB)cEpJ>M6K#81*!
zYFav)UrL8Fvt%sgV7$HGx$YYon!<Dc0A8S>arp%?F)?>^MX^*a^gF$@U>!-u<8CQg
z(x9NAjP$>bFT!3chL_(hP-bm~7H16}J8#2(F8GF7)ZB@xrQ0?<7x-QFvlu~@+0ga_
zb1K5?`gh~ZaW1j`CJ&>-G^$TT$>T9$biRD4C<IBVz$Q1GK;i3b;jiO=M;H#_!zYhT
z=`VfQ>GI<y4-;-4L1WZjIYGQh2{-%YEE}mlNyw(j*F%M-d$yH(L4K_5oONjm2g$d6
ze#!!AYJIOPqfbhX+_>qb&$~Oy0u_(<4+tIdQ5G6P6G3o3$!<Y^NBGL%cWFBH9m0r@
z-@ODb=`M$P9_@$zbY^Jl*(^dfE)}wI;gALi>NpcKDk25uX<t)Qa*lLcQ3C<6t>vi&
zZnbffcJ&g0`?;P?tJ@bDY*XOknJIx_d-l#+i)=b`qE;$x$t8>NQF$Jfv4Bdktm)vH
zE@XO^lr_c<nL!2n6yE&C_}!(de4dwj`IX6<nETh_{1~ZqGL!d;>_w+Fbabafn2<4N
zG(EM6k`l!&{AJ(P!#0+dba5(n*2-{wTha0T<#&a*KS|R<`x}VkW8;*xypf=b)Ili5
zd812SiRm@5_Ih)e<<!T~KyG0lT7`1jy&kB;E6=#^N?{`^#q#6>g-j%a*!0?DQRJ*;
zU@*9KNuccWfpx^<X?{zgni-q^B^3r-pfKc2rM|an((VGot)8pS@HSGP88ru&F+jl=
zpkP2JZAaMOH2smb*)r#@tH`<7KQ!;nOW5aS9ulo~H|`BKk9HlIOY(P=qi(0Kf5~5@
zlYI(8U7h}JhVyQNq6J{|wUzTfADF<&Mh}tp$LiLb@!fINET1VGa3oyp*!wnzj{ALw
zgNM^>_9D-G2V)eikJ`380y{hXcJ6TLy!SlPPOO)jO$3hdn{E}Sb+IZ}<@JDsyqp-!
z?7KqHnJXdRfTIWpcd1$#Cv3oj)B!qxN5~4lbu-A5x$uxdvG&ri=*=6+^bk+eag~^A
zqdh)o0zlvisuCRDA3aQU8gm9zTI@Jk)6>@3nfG0w6L{4BY&*nKT(r%(S%yjNbfEQ4
zwx-T#iy1A&ODdK#cAGcVT~9QTmDyDdCwbPcLWvgEZE9+w)F;Qf4zp)=yI7O*_4QSD
z4tt)hq8HCsf}Eig+GXi~78$bE<V=5gWw2A=t=*F`JgfYUcdpM{JLD2x{&d;odFKhX
zWP9pHB)0w?Jv%R9J}rV@D!1xX^-{-9X^=LMFY3ndvxGciu2HIbSI$X4-Hx-a@pykF
zXOCo?TRiovAsjNGg|98D>8OQqbNlMH?h2)1wpU$U9aG+-BB_7>S;l;$cdlL*i-C%a
z)L3A4mSf7+Wjm>=_@%~$h?KQ12I-Iqb2Ut>_JB!(NNYH<X<aUMgF;X+c=d90d+FFI
zsh|+p>=Uy!%$c@f@G~em+hih+vbweXsbi<9_YX2Ie&h98(g2;7cgVJTLR1`o0liPc
zMx{2K8Dmam-*B$&-*1<{pi~Ln<L=0Hn7Q_vAlX6Gs!q6%N#B_UIFp;!UDHvrgaeA6
z#3(dvXn&Rbvs!_|j(Rzt&CGDKwG`=D!|fA$6;nDh)l=*Dd`k7TYyX6Fm^!yzkCo9E
zA|K0Cq#uFSu7?Oom5Nqym^DTgL0y`<-uz!7H{$`$lqM6KyxBc*vlli-fHf_A-3<4<
zRj)D6<Qes2wcRT<&q_M?^GqGz`&u|%HfP}dYSh%m^u#hc<JH#gD^B&-UnS`WeKS4*
zcjI0>y21twai4Be7?_H&ZE|Z`LR(i@`JRuARp;kw>G<Q(>9IbM!r#IETK3wbE|S&n
zF-_O;d93x7;R!@OGuae@*Q)tLX4qSw?G^Pb^-D`st_=z}<~U<ELCVV*Nr{}<clx;P
z+NS)uC<UK+s5c-7qilG?c~-8zp&|4=K>w@kzm_!MB38CM>1&#B6DaoGUt=QuFzL3a
zK<(-v0NiF|kH*1SC|kn`m=CtePrgaHBbRZcYuHS1H71a`qkkB(OAaw#OHrAmCO6xj
zJ<JoHG*G{3*k}Kbk=fYVVtzL^`gFS#zs3i|gc#avg~zp4`bZ{kIyxBYi4W<)cG$>F
zn}gTY)>vs}o$p4Oy7<v{Yhk&Cuf~{n467jic8er~fu5S_T#qu<@l}7h{*g=~8z9|N
zo6OACH9n3ztMz_0%h%qS!h5rzw7J%uw+!T3F_MFmMfLA^<%6FoW+}6Pie7K>>ssdt
zhEgLWXckQ0nI8&4$vt0^H^boj_QmXB&Woo1=1->((P;W;q)J`MsoVDK8a3@q*cYFE
zxHcnSzF(=Dmg-(*mP|Ma-Kzh(IbH0#Wq&WesyIfv@+}eW#C8?zRC|T^L0)Cqr%~tl
z{iAmbbYYi%<u~g4p>ut0Bj0hyq3VPb^!<jFsHo@l<9)BvoVe)y#Ou|_`}S6<U#Z{o
z`mJh`8T8`f(V~Y2IBlfRy%!f3NwHg|*Kiov9iIBNWL-IxC69}^BQm%h<7C9s0Yib{
zHSh@3tNY7w@sjTq7ZesHLwaZ&>Fe^tIEU+{plopu%?gEB)R;hbDiny@q1CT(P+NLz
z^~znBZ6U*8ae~lhvmv^)XpGC&j7B~q2Q(Gx>H-3bxyc|-UaU<t+VXN~Pybx6nD)6q
zFm2Fte+S6w$q_Ji{4}-rIZHWu%)E3B({ZMiD)rFH-~9du!;z{HJ^YRA&8SmU{Wb{S
zP7*a`hgZGkDSAo$)2-)^|G2F{Vbst;E#LZRH!$Nq`j>sL#^1W-Cp3*Nv@$7Ig$dci
zj572pvW>*+Lk%l>`IR9uNsD+2{aildQZnbevpZ|>W6u_LxWp5*#RUWZ#NBt<&~>|H
zL8ZJQvf4yy3ZFwqlkGHAp^|MW6Qrs)*Mf`NE%`9ortyd{Tdh_T!WMd2^n*_AkQP(I
z=*4i2S%=euYciiMr-Dcd*#+!#i5)3!<n_B&PaV0&#TbEUpMuPYb<)OtO$#K}p{5Gc
zQT|yj)lJH}<cqnMSfCC75ar_?hr8L@%EMv1BC4;SjbfIkDyZV5m-k<%lM5SQ#OF2I
zKe;%6+X0%qUH5I5mlJ&K+Su$pcEz5?sp63~C`vmLF`*u+4?vMhm{DG7i}z_^Y*ewK
z+q59zIJowGAa5E%k=bn`zHK&Rb@EzNckR%P>`N@?T-oDHDOSi%q8$xOG`8hP$JjTk
z(|YR<cQ;k1dm>$-{pGR#?~3QbitRoH<-6-29v}};i0S5iK42eMw#a?>n@KKOt7FDD
zBsdwMA0mA%ZDVOk4H4f=qyS{jSLsLxX(UwruLFgA3}XHiHb&oh9CgR*P||h=Q7IZF
z%-s|J_fY)vgHI~U5JDUJJ?*dO(NHnc&;EU_U%nn;MGdCHPD`dJQVGYoM@(H+ZwPSI
z;+wj2iPA;=H=aQ*be<?F(grjtpXzq^(APYM)@8GqGpXIyr4DxF*pNM&u^=k2CL^Wm
zpJP#K0AxS_9&*=QK=+1{_(nYeUXb4#t54|!!M07)pl^gGPVhj)h)JBFwJ||Gn(3#0
z<7PsRPq{~GdS7aEG6IZ4c~CPJNa}y2grX5W7&7DEyGPu(*!xcxG(|HlKds9XXvb(s
z4_9qFJhuoFM30e7K6{d&T^YDo^gm;Vh<%0r^x0o%{S$;Bi=}W*z2#!$1{$&>x?y!_
zA#Pg_JuE%NxofTF*5xX9eMXe`vsj7-AM~HskL}hZKpMo5v>g#1X6@mbh;n}hlQ{k*
zyC9kUwz18W*5~KZZ%$NOymsibhysqhuh%~@=Ne3TBA`e+IWZyh4UihTblpZ2SI$;D
z{YJs>v-|U7xX7+&w>f_I9)d904_^)1NV#)_7Jo9_g(Dlgf|?feWI;%afnh@mgaw8Z
zVb-3@^=aq_W2F-I58#rcXOI*cvSHm4Zd9DK?s&BS53a#7DZVpf#W!2F)cwDd*G(e^
zOxviAG?3_t_TP;G=Dq1ZY<!|CbKd;hd2{Zg@TaY9_pFXGbJ}qZw+$akw6zUiRQSga
z(Jx}E+CNalT2)#_3fi*&w2#4vI-5<Laf2oWfE(Vvm8T&31;Q@gMc}hbg*iXCM8HNc
zr?2CTMH-$MsAVqb>9hPZuBcbGSGX!RP9yx2flF9%^iH$mAyVUEl(7+Z51cjC&?r~^
zU)WC0(hoS+USSiJB6HD<EK92W;8Vi@@d4#U{_*ZHI(ed{9+LdBdZdY~*B>2xA>o0z
zjT2c<?rp}lwqY6uG{8~fvgUqUMq+7CERV5XN%ReYMI3EY!~rUSN;|Uoh->e9tToD0
zOU86un+Xa1O$=-W`}U4@2WJ<`;y<sa$PnsZ(sb{o-zdyS(e;Y$;u$s9>~8##^zksi
zb_>Q@xYy@GCV(5U{-vn;^RY9=TF=A+76=B0;M}(Q7BsvTmd2jImQ-M1YDJ#NOv$v(
z9S$KFvS0FORFb3m@`nsDO1R6o*zw74Q}e;r?J7y3+aJ?K3~=sH;G%XOt-egLzcU!9
zsH2!WXL_Wihbe3knyGp*+V0~X9j9+!>_;XSQ$_*)Bs6sGEMRIxlxJLDKlCr?5)Taz
zjZ?EnuqAGpS%jn~V=p8#?BY`ls9zDCt7)a2;BK9q{Hmxa!MMd+SAp}9m$nm)nP(b@
z4u5}YO))+{`<2|r+WI2SNB3K-XY*Srt`QX9NQD&z^V(M+FQ?ZUA#<ba_bzYoQM;kV
z`H$B4Zo0a3(@m|?m;G>cdTLxpr@JQ?k@1<Ss*{;R<m+tv188^}y=J4tPus-l0dedH
zJlQ)J$Kc-?kFm(;2d6^s!+c#bCZvc@Z7sV8M*hEYKRys`xO+aSaJEPMGiT>djZhTB
zl+wjaU(#u_?v@nLZiP2Wl<#YUY=>NWL??f+RukXs&INqggOClJmECD$-Zu$)S0;Yt
z^EMivIlQkEj$b>;6F(<;2TvN<S_Y1g6S`i`<?fh5Y0yvZy0d@6=Jl4(x-BFVjC$v7
zs(JK7N9>q=6Huh9H?%R3wp^t8r^&+wBiC)4PvJHBM}xG!1io#D$S}u65O{ieMOMKc
z82~+K(!h9?)Upj1L6?cETsy&Z(E1{Z74<<{9Hz~}&eGV%6?cA=E>u8Vlbf8ijS9qh
zX&RdH+CL*GFwy@M@K7-V45yV<kZ0v)mX)!_&u690(fm%?3r8C6UUZ=TkzK?)v)=Wt
zd>wJR-0Ct4EZ=Tc?G{jSOf4S#Vrgq@>gD?NXUmAx!GRgh8D2qGN9;qVmLdb|)U>pY
zgkU%eqV^nZ`-xp)2k?s5O)f1<%<!CWpv|O&I5QF<f}ysRZD?+sjGvJHt|RRSRQWiV
zg}<%V@e%j{&LZ|4XxByT9zU`!;<zX%EntqYUF%U}m}C~H`_R2+AxICll^q}X(12kc
zJMfJA5<I9ls?IT3O$PJqOne{tZt)?~Myajne7#Cjtt!&i$tbO6T1b0^Csj+eI<>H5
z(b>gidUke#eNl#M-D}iSBUZs>*LerFW|{HWJ9TJ3Joz`i)*e0HJ_5-D)}9NJBX~U{
zV8w7lIRkH0ESn5Y#jp9yC7OM*brccCyK;^3@K}vh;MG|$8m?_RFYDXUj*!5rOKj<Z
zyit3(#{yf=qtZ1QUV07;LUc4MgQbm4M&Z0ApG`!I{>D&1!b54p2mg3;>Qf>z(iyl*
z-WIwsb)3t}y_+wjVV;|jA{>kU=Oe750yO4kc2S|*u3j#aJA`_leww*NT{N0`LJuxf
z#d=uE7av`o7vvw#4`ykl;ucl3r1r#WeMrK_)=Xey;tCMXH?*_)nUsVDEm8b&_#XJZ
zrZyW9i?@c2xv1b2Ge4g+p?G~OW1c<eK)u19MdKrtX@ml}ww`NpynJqP(H{XZij|vv
z<jSDQHS#bCv)$B4(yFc@Gc-_bVd}~=C*6$N*2^c5eGftMbaP`pTDK1*+qh?Vfh#Yv
zjE<D$Sa^N^sSKW#>^Xf0Py2_jBNsGuuJRiumKk)2GbaU4SLAjY0YXLP%=HPFaQR~v
zC3MYSKSGztd3Vj08TR4>dZ>nIF3?C;j|buh4<-4OS3cqVB-XiEDQgfiu<YjzyFAvQ
zYDb!xm2=p@{i&IwtMUsdFm=Sz@;unW_SC@BF!cDE6Vw^r61h4}1F-c9`pvoCqibek
z60j&|iG!1>BFOc_*cQEx1^lx9#9efVrInIy=;RfEbdERiaZ}IjpP6B36&%@IK@<N}
ztnP>N%^Y)!s9zVjjXs^}?L|l|MubbQb0IozdE720#Nw{oPtAHe5!P`J%)R*Hhs=#F
z4_Q5Y9wv-K44M#yCK|iOptE(Cpw>>I+TFZn4@x8rYkt=Y4kH6A6v{eQuFWcu!iBdD
zgrdL_%!)c`HayHa(uNegBb7D5qIZex#7M%T1G9d<QWFo4umC1(2CbD{GyCoyQf%rY
z?LB%RsTxlDk}@aP=ut?)A|rEW&gA*cV*LS`fw8TBTR8ne7Bkx%rV-Ew8T6R0GR-=m
zvqDQ`bPSB&sBt_8;1FgDlM`=;l|f-8$#X5G8XdU!SN=lcLqM(tCJQj8L6=NM4Q;Ft
z>EN@j*_lY$a&G7P;==3D3U}C}Z<!5>0d+D6>6lzPg;$R-M*dW4uA~`S;z}DeBgc-Y
z?NLY=8Snb}rwRx)sc5Ow#ilzDTI1u}faOBuy(enZ5Yw_ZyB8>-=Zl8!YVBUGn%^+x
zxEGmff!%%c(CDPBR-Tl<!L4F@{!SmDrDvL*SR-M!H<YvCQ*e&Ed&ff$&*Lqohb2R=
zw_oDLKa3Iupd_gFN@`$E%rs}5RXE;t3~t@QGNbk^Eo<%I5sh^`S=cNNp*S&y|4Jj{
z^HYhfkc}re4vY;&#0m-$B@;09DJRk~hCd_Jt7&BFKK2}iaU)^3V8f%(&N8sul0Qs{
zXd0%3X~A?3{^P-(wr^*{sF!18k=0b*PBXAJ7fgN6VrX|DdcelS!PC36L=}DclzW&x
zBI|}LemH)dqLiOeI?z8AF<PVMRJoL6ZyBUw@oB8v#277zVsJ@wNokc?N=TZ@aD@E#
zGlLp8^Aa>A6I*9v@F0b`5^HdD<kzo-db09SvwF$lp`nEI`RIHt`w=xN9|~P6WG5%4
z06GIlMLJJViEb?x7d=N|R=d|%Jw?h{7)^P)1f&9UFghSmIhcO9<TAI3fpGoSjH|81
zz`|tQzm~yl$n)B*rf*{dT1N-w1SW_Y9NITAft3D}DJ*+`$ILjetr$L;evO(~Yi~eJ
zgGk+;BSmj1C3U7IXQ6V$!4}J0_RZ4Dj)H{G@9Pi#g>M6}#pPQy5AtOtiTpJh_Qv+s
z0X31N59%*VUj~>Pf9LQDe$+vSf=tTRRDUfpH;LL9B|AGOaEN=cv_u^|t-&275;d^4
zjgCy@?itx{zb&>3Qx<N1Ir>7X7f8V4^-HIO+_?+S*sD77B#Go@%!nH}lV)C+h#)s^
zMVxz%muA|`0<W@|K2EjpkZffcVh|2ANnndXIg$08N3mA|KkS%0WUUoBD$4I#n#wwv
zB9l`uGIP{-5B4HV#;itw5qD@J3$N9P7j?beH`w5QxCS6U-qN-l90#-n(l#C>S36wy
zL&k1s>tx*f3u=GQOvRvvufLdwSl=0&X|R>&pXYlOd}f8m7FRF++Tcvq;X|MpkG?zB
zapuWFN?2XpIIupAMVil<ZJj?J>1MC(2BPt#{Aa%3kSVYS<3+?<lw&!)Dq63oz&otw
z7ti?Q`QWvkfaUapjo^8I_>2*nop}5c6QaUvIDwm-IEBuBPzlmt<D%yJTgX{YpZj|0
z9N=j8epz=76fo{b37PK97!F?M3v)Q!vh#*6hN<D?jTG^^zXThUCbiY@xe&m^Xz=l`
zF)s@Ca92UZw-14T=1f_}@Jfa|dzNL2$O<X)><Ndb#?e%uFjF$wx3msF*=uE$AI|*p
z$I;Y=TzkVC3aLRzSqFdt6!0X=$Z%DDAr1aIda}m`vzSl;Vdck3MH@V8eOo+AWTL+D
z6=+&ocmm!0loU{4cp$^|q_!3yZ7Zyhxv7-mw*o{#f<HZRgvZ%s!iljstSAfuI?X&(
zvV%U1$~yE>!ml$1bLq~J)-<Ol?rX*QjbBBLe;b{Jl!_f!e4hlm3?~y~oHH^JYrcX+
zjnxEN7)Nn!+{X*+u%#GEi+LEc>L?kNn49nVpwYQUG{)UiRwcyRNwFqE#~B!|x&FY_
zXzeGM2BF41A^hApd}Qv58=nznls^zB;B^VDp0iTtoRm0*x;rD)(oN}}TnJh#O<uci
z53m+Rvpr{b$3NL3Ocu$hW0>HCsGnT)jS3^LUfnZes7`C4MOJtd=$Rht*5BpZ8$}&!
zG-v{t$Y=$jRE$Lc^-;A~t+>|c@TEcf?ZIY2))N%{eCI#j0j<!1x;<wW_?+I6)m?a#
z^>2EiJv(IM?Uzt+M!Mr%9v5gF91C#-E$%nplA-E^8YF+en;L}&TgoF3PVFPXAwsw>
zC~*%M$ROUd;zLPTS28;CNPN481h?^7jW<}BzoJ<4UcrNhZd|TgpOZN3W#hhFbY73w
zNX9&iO`PBwT3h?qY*@OUyiW0vnp>JBjDupimNX6RECYid>4OgT+6xal@m(t)r$6-Z
zV>WZ~Y#W>oXYL8F07QWodF+MYbH2#i-FgpLkJM>hrdtzd&#Z^`&$3?j@fdc|Eg-VU
zOxrc&`ktv*qUhcA<~`TU+!5Rr>8xw2j+BWgD}uszd~GI4!z&nQU<rQRSTR!rupbQm
zGAk1lK$gHfy(yhihMoV@ssMx6m=P|U!U+Ne4Lt9YZRGEh9Ezyzv`jJ&hOM35_3@-Y
zN=o)nTp8HeL3s4jy^?nyj89KWX@yqNQW0^TVO_Cyn&Jj!&G|uF0r<A&YQ_@oC-TJV
zgq;Fd9Tn2+-OzQ$vbQd`!%|DWs5iQrB)EOo&&<8iVj-Hq($r2fJU^2d=;q6x*Gg#}
zU@A7qG$jgJj@MrKanbQ1kEP5#IPCBm(7aA<me+v-1@F6pH_F6TTUc+L5qNCqH_m|m
z@(qSqLI)29bmhiIT6~Q8ff~>lP;{_s2@HM0&ZLv?>K9c=PH1(ccm){PYzsej%P?fm
zE<YhKFL2AKzoVp2;mHDlFhTQprD$H&H&Q}HUXkH7)D2aK&Bj&H62f0)#$*!6KO1d(
zC)dNa$(`CoR+@izLi7#!A7_IGeY+3E*+?)~_@@Dm?e=LYW4j*2V!Lliu<7y{n-N+5
zRQKD72d^n|-%^J$r|W}!#?n1`a(OQ&LXlN@!20IJ0DUXL&*>Ms2_KiAL(j_u%Z<oQ
z-3~U4g!^L<?l2dx_|JW2fpuW$PI4dQiNnxnY-=K}cDb^fM_3q&qwh)~cuF#abhL$y
zA?y$%n5FU7f{q?)s>p-)0n9>DRK$0@^cG@6PH_-buRveh+}yuo17p^j+@i81BIHEI
zz_9UI@BVO2%RB5PiK^@Tr@kg;x+T5L+=h3WCcsSW)d`myZ@^l&T($%+4Ju)+o^xM(
z`SbZPpcxt~KZ|DjsKnS^50QfG2~OVi!lYBOuXiTUCl&8NyN1&_$HN`-XD7B2S8Fip
zp0$FPmLOgXLJ@tZVPU%!EeVAvUR51?RBq_p-n#JPlgB6F0*{y%JL5w+)5UQR^y~y@
zk{gv&rx6YAnt=2r_YS)D#~)e`dKYGi%5jd7R}x=7+#T|F_i}!Xi6zJxTd;q)-t!+4
zU=N3C)>(;5eTLPkf(0nZqu7G5SV6>o{vr@r#GRLQgtrV^kC`_-#aXpmqgfmx#do?-
zl!xwCtQQ7&F^!!*aCx>7%|K2f5Daz@23`t&?^u7tj1X>ms*O)rRwt{!jMat&xGd>V
zGi?<GHGSf))DP@@NDh%q|3n4r$bP8q2ooM|4ca~K_~Fd2GW7wG`j@7M==PzN$XPhj
zhd929uVa_wf-~@!SLsVS9=El1ffkgkqbtd{Rh|*4r*a2#UcsZ3%v=(MtbbjRNA|k;
zvRsP_IHGIbD7+ove9cuVO_P)#zsKi}aDr?DM;6aN<7JTZRQNUBVTk7%AB;ty&4ob(
z%ZEIC7GXet-A`Ekxm{KQreX~I-uSC;BglEV5g<hqwr-1k<MH+HExX2}<SN+0!u~Bg
z`(cX>FnnS6JL2l>cx<Zt9pT~m_!|Cx%yHv#CL^?A!fTyCnAy>}pY4N4FP@%9zU*PT
zxkjB;v9KD%gC7S=9he?S7+)D4G|)Abtu>FqeQQT>Kx=pfpK_So#YzLCL-EH_j@X$D
zhjJs96r9uTg-FSE-OTDn;P+Q4x?uUt0YS2a7z1CMijERr_HeBEPmiC<rKryg>zmTT
z7KBX7%IFv;l;d!NvNCCxTgX*iWvvcf9bFS5@HcdC<a4X|@Ku_0#>=#f9X~{mVY{zP
zNdSbu#YT@UkBb61D6lsA*Ae<Tx4%^319I%WGnvVM2AOXoH9u|kj15F3L#;pYYTmTl
zV*JG51XUL9?^@dn%};&5!ZU|g2@6&$kJ2!<Iu{3-qZUtOEIlDO*1P2XcG&|V9>jc7
z7q@P3BdcSvH#+r3P8FAH?;uA`!}{Q^_J+fM3w!aD+TL_AAyh(F0%7U+35x!k76FRb
zVra~>)|Gyob8cEt0nCO=lNWasWt>rJVW@G`6{zNGXBM`SWm9rbmM}0D*AybNpAHvM
zSN+cMHo*HipQ=<UQ<kEoSx{IcT6!C?(`z(3hOebmhI>&?`B#g&N*w#yJ150{U}-9&
zk-PqPGN_t^b4$zdqq=yj$-MK7%3}(xkkDMhVQy9N*lds;0BddkNQe;7Zq78;Vq+!o
z_hfa;Uo(UA8%G%|sE(D7%C@+U#-DXaA%31s=$IaV+-4_LOYJ7<;YJkU{H?^ws;K0c
zJTej-f#9}dVkUgNMevPsboA$Noa4&u8Z%p{nNbmPayWKNw#HCd7M^gy%a<=LDVkg?
zzdszjI&k^oG%XQ8zv?*F%urtWpc-D7^=lxM`&NxX+i$}3i+_pHnig{N=AfKNiPK5&
zPtE-@QfPbEN!LHY7%_o6PvMU{@&(9=m#$;!x%>kt!|T=&Avu0g$Tfl06od9bn&krJ
zu{ojDZ#Bh3Vs>^`JYm<v*<0DtJ?m$b-iMOMyyo&<soUXCms5&fi}CAi(P-&_U~N)L
z>KWX&Db=80m=L(HTRx76J`kP&d!*kRJE{<X4?x^k0!&(qz8#ui$l5OQa%Mb<S6dc;
zzirc<V=b=dK!#@pLGR_H;`g7|GLu8qKCUpzBJ|v7Q&=se5S5cN?|#V_v0WnM9hna>
zhj78BH#P<!%xE17d?I5r;y^UqU-A_AKt#nDoQSAZ5!IhwFXU#gZnb~o82MG4J`lC0
zI+B-RFB=H7HTnEnzsE>Q9%?qTmGpQe05k45gpS9&Oo=L+k=#0Q{PsZ$3_WE(Nl*89
zz9C19q>q@4+%<L#4H+V@Z{$!>N{B3(aGWW_bH_0Hl?B3(<M+R7NZ57Q{&d{}PA4Mu
z4Qv8?WK>el-diOsloHTQ5KrTU|7je`m<Q&y?qae}5^p=v#`l)vYr2bmWYSHFO4Y$w
zjuvKiXd#&=KCo0q5GoNX7-$Ca=c8#3PX3|OAUa^3Qw!g3F@ECr8L2CqSgSe%UGk<J
zh!@p^X{IdLv_H}zH*A%f58ocx-NgHIIn4RDmvh<pUDhC!-(lsuo#8NZH{5Z^_?`kN
z+Uk=~SozyYS&oj&`&N%WO{ZdF2*Pg3TYc<<0zYXJP=0?#Z9Ke}qP5NKDnwBjvv!W|
zdX2h@=k@6qs4%Q1fnPU%F~OK;<ztcbj3A|8=rkGp;&@PtI1s59f#iyUZ4oSWg#JQX
zJI(BrUr>|STI==cEMl4y*}zInNIe3dv(|bkLY!IXCj?<gG?V|^7;E2zGRc!?ZMd|c
ztOgc-{gw<XdB@IjbS#&|Z+#rrM^$oi>=OgAps?l%JYV@Z6`}5jd)hNO1ZuAe1JeRD
zC>4npGjYeoj_PY%G?QHskx7E|SY&KN8=Jly1jP||g44mK%`=LY3-+9y#(C;HKGI{{
zqr<GOuTe^td&R+0r$ik!7Xs0viliv8KJt4qKxel`>#oQ0XC`~cq?!@#x%OynYU7-$
zXpiMr_Jr_RXO}MFLao<lo<wPSgd(OC;a-D3SQc}?=T78`Pa=oZ=dBW5tL!H<$~Fp0
z>LnVq>$p)$IW6(PgDu*H8w3*RRoV)(7IQ1WlBdfr`=cM2QI!xF>L$L2#xA<A@QLdP
zeX?ViXohGUWo(8BQy0_GLra)bgQpRBn|=V0s;-juk2&(b8{;O|O{7a)R$iBTq?`<K
zI>Z`zd=W+2Iqe6pNx$fXIW{`ymbxW0MYtyJSlNcB7gG{lTyTK^BxS9suQi;O>AKJf
zCYuP9WgbC^8uQKCJW6wGLsMhIZ@L5y&Q7E>4A~<ib{C?XM!H|eUA9de5UfEUzBOG3
zc;Eg2*}=LeD!7%Qj~2r%VE?;hw#0(1v$L?abPP)FY_&qaq&(G(%nV0IAf-SPQD7P(
zplQ#**g814v5Vp9Gg+JqXIyU@Y8w27<6kYt5A=zX!(}$+rj6OKzUCQg?T$_^lw2g?
zPg_5n@Pm|Sk_uapchmv!=~_N|{$-bHD-xz3=;WMH@wNiP!_fs$qj55`_kOVnHbAlF
zC@H_5k;tDKH^-_Eo-XL-<!9w7)Bg5!!ndT0Baoy${=vN}Z=y<oZZ$<G@4!gsm*n{6
zQc>}3FUiD6$79UFnxs?d`0k!#+tx0yESM7jAaeHzp5km8)nSwIZcbU5ZLA*N<wb4R
zOt+@b95@ab!p{5jLrOk@7S-|#el)T=xkQ{Qd%zs^4ph4b1sFL^YsOw|mYE5>i-T-*
zo0e)Zx!VqAhsIvYsS-doA8P^)BT|;=KND8D6L@1vNMJ)`=^UJ#_syI>j?rL_p?8SB
zc1i(zmzPtwc)7<%<}d%=jh}J|zwtZ998AnFhc7k176`gmX3oAPq;qlc?Cu;7g)g8&
zr)8r8|5AULtuPhsm%2Wn2<alCYPbwZx5tqqomCa|?vEd}`ynE;4aKKR;Q08J<gFC@
zm-1UX=o-T<s-|ZYh4Z@+j;^ZDVdR8DJS0^MBssGB@F(_|Z5|^g=EhIWprs1MzfPiI
z^U~SX^*hxycNq=)>^bJ=wk4}qANCv6StoLpOtH_N(zjbDvfT|h;s>VA$)-E!HjMY{
z@%`mIdo<uS7rNHy*9NjZ<@KEcd@k;#-IEiV24G-mr6WcetH}oZz(fx&wz))mmG}%R
zt$Ae=k{}Gc?i#-%&~Zmw7Oewa<{L5P+y%>Ida(yFq6_Zgbt@J);nURb<8sNqKDCoF
ze?n&Jz~O|t{>_jgkXhodG+Dj^fi{n4qr)>fS2grddjXLm^&hMw>%U=n4%w*8KrMtG
z;a?Mj7VjrH1w_7I@|jEJ8nTWan|=R&!Ib+$#@CXCQXa%qoA(i8&5gN#Lhv)AWyZxv
z5@&^B#bJt&aQC*0#or+I;2+<fo;C3*2PR(#IHKf_^cM~RhWIoKN|UI&ju1fQGnEJN
z{uxTvV3caqEfH<iXlN^5G=ha}_@13mG*e2i0o+%A>L*9G;e98zb`g?H+IjnkYQOn;
zwF-<=XwAX|`+|y5llIHPd1bnRBF(f&P5gTkr@dOWJ?TVM-9kB)4){E|c+1_cM1(@=
zNa5Ti3z-%obg;Hoq4qm~zeTu^{Uq$Z^LH_RO^bz$@nsx`K1CrE73NK3<Gl12xI)j{
zlm_q51#J7PY__-?_&05Qwl=9o^p(=QzWDovI4h18hdK{-Hco+PfwDz}ldCPszEeT2
z87$9jEeq|TB&#^#(2=g?G~hu^j%cA(iIERpDNP&MVCy2iDzJ5H&B4n3CYxC*hC+op
zsm>}4{;o$?WzbAB?dLUy>4}k5=E})n*UXK)gt2;W?{MksB5)J%yN*6(B*(;?13kyX
zg7f6>l#3EFitA&L8`C^-`N+x2o7L)4M&**l<+_*jOyx+h#p6Spqt#=+a_-w!+SCKk
zwzI)w<-Ps7X~*_;rD0C;9^=&dr)yRDWMLy=>YJQbAjbx>ei^>Sp{ecPk%a~ELg8H1
zPfVMMfyafMZZMmA#M&EowzlId4+8CfOipbrRi#Y?tN+f+R9!ha7qq*%8WV9`27<kH
zPB%UOZgx#@J{Z`0d~$W=Ox3V@LTOO$oTd~wT7219Uh0~`vl%}eG!N0u1+Ok0erSKq
zn2LHIdg%6CzHUTYi;N7FF8%T4XM{Vgbr$02Ch?)$0wDz4S4XlN+r=KGgiBXmIiqx&
zP~R)Au9g4hL$!If9(}k@kkB4&We58>mJHkW_|sa$KSYMc1n{NwSU|Zh9QUlEZ+Ay3
z3h!BYn(Yb3<e#h_8ng-s6@mz5<>G2)Ah8sv-{gMv7w3>Ov_mznbNbw+Zvw2M_EZ}2
z3){qHt-_-&zYs+n)=1LSj=S!I#i;Y&+gGj5+cE#q_e16Dd}jU|!;vjjZl`sSK92~Z
zhv>SrxtG%Q1*c*7&2g&AcNEw^K~v*9wz<(QZr>h~2A7(@ObhTKc8f|dOf38%>kr;W
zf5qV@uI34v9I4{=><QIrGOC{9{k58jhV`OvV2&vbvi`C#6zy<Tz;9|>^#}6u{ZE{Q
zhJgWYb$^T^<ZWcg^?rRI(Hna+%oi$D%@w+OH9tqa-Xyn<jxBq(40-<x%vCD$F}Lqf
zx9*bfW+aNVI%jA&=<9?8`9Fi2Cw*IQs7N@ivF~rVBpk_1@IKvld$8L8BtAR5yvlDx
z(W@;#!(K+Q$tWq~Z<>F`<_hplW>J(FeFzkm*S|)*L$tMYPxVh!LJ7A@d;ncvJeJjG
zyZQe3r&vQ`$OLH*Uam7o4n`&hBu_PM`h+{%-u~73m*1+o%Y}Q4nkX2eTxe8T7X!rR
zb5HX~?|7Bp-9C?Q7~y`%ZkANnqV>RayLx;i-O?t|)3bF?PgA*;{`k}E=?ip`_+A3v
z-~w3+`IbirIsp0f842P%{He(h4su0;Iqp{Rxojgg%aFeMKY#oe(n`DL&>Enoi3gOC
zQKf(ZZg7N6Y+%*0vW$#CGJTUt@JSbQ53)I`!;4)_3=%C|5sTN}x*n<%J0~pUQhzeo
zA9CABk>UHw=sqeyomYpt_r}RWD%Ahkkj~lI{2^}d13Dfa9_>tSmz^rZn<$67Bc)^a
z1eM|mhn=O^Y@*#^X8A0x9!SqEm-o$++f6i~zKkG4BDc@k(d)f@)>a5p%D;c~l6g8c
zIzJW(Yk}iPpKmh$1fXiwu#hd8_h;F*a&1H`ccB{heuhdTGRjGP6N6F$f8r=LUX!Q)
z!~xe;U5V~@?&-5$6akNn)rd^}|CG^RABcNbcoVO;KLR>!woFyfmpOHpnhtebFPFg^
z-mlA~gybR=iTvN@xraBJ4quVV2e_+~p$^NXWLqY$-&^@4X}3z3wMs4k1y0Ht9Rz&t
zG2WoZYS5z{^+Zo3Z>Dlu<9JrbrqkPuS}8o76evN`DS;K{;oP_>fihHY^P+EsG<FVF
zpGbgyN2!2br|Ep@_oAj!z(5JVR~?8xYtG*Ae@Mb}GzZ0lxM#!$&PLGtFyhKJt>e8n
zG@C;CW`?dosmIg+WJD<!^TiF5N_8gArU0||CKgJ{!ObehfA@k12AgR%Au96v%N-&D
z(-bQO%O9d+YRi7;7WC`{DZ2}FKfZEqr=^(HXd;<I?f_4%YTv&;4}=0yI%mKlEHkO7
z4iQgJijCw6<3krcn&h$FU{2<C6UqKe5TE?mR%<cpE3)Ll-IHbIT5}aWkZ~;&_(I}5
zHy@w%^b;iHdX%;lpPF6_R*2{bQ|Z<t(z_)qEC|$CZ%}?wxd`;g%f}Yhm!Vf5Qb2Xz
z&29A3O@Wa>A{51u{TC|?dBRxugtvAv|7*)dee--6;eB(9s!AGqKYr#5^25WkCGK72
zHKu31c*Ox}aEO0zS(+kx+ZK|UCb2H71iueJd9_`ls0&HSj(1SZ@J8I+xUzizbc};f
z!pI%_QpsEzcRAI>Bw=mIaZyy<;3gvXDIS;jcz?UYS-e;ul_+g|Y=%Y}KJ52!6nRNr
zdT9oz-+YmURdaMcJ#daZI9`3aM^gcD(T<FTX``<p#zdPYOsf4cq-T+kuQi)tfbje1
zHo_|s0mRS#4=Neb#W8g`X21ggn_K=)YfgdvUKMO)d@N$_%TGi>IbuU-UeFb}5<~$&
zte+AT>=E^)Wxub8kU8{u@I3o-pd+6GGqd&=tz)+cL-j$?nGvE6MV)qHWqFC0({#Yi
z@9*M{LumT<m&i)C+_hw>v7uSS$_b<@uOEwc8}Tp$Ck-F&t`#S{ZXj5BP|Rh!FCk<7
zg`_FWQnqCxepEb5@NT=TgEF)Vch6Foq=Fn112ch%_ckmo%`-?JF$V8=c*7ee;D4db
zki$fF_sWt|iAqjaZ;}IYs&ej(1}5`acxr_$Uw8B;B2KBt32Q#_x3=Q_K0Pn2;)tdd
zLOwdT>jxikfm|;SnwK#>DWO}eP8HO=1t;yqZmc{5U>18Ny%&DS7;?x(ilq>5f;&Zm
z8=z+yZn*2J+M0>*gk3bS-SX;=%PWgp+v5hY9ZfpUC>gi$Vx<OTkrU9I+A@;rsj}uC
zS!P}kB+_Z?BcdG-#gX*b)%YfcO-;7QNdy)xPcA4nB(ghpkp7oo4e`*qo6$Xd-*B1G
z4<&0aq4R-fA7GG(w(huP&@KjZKn|SP5qcx^H2LN283{{2?jkcs80ZSy%OmDiNiq^5
zc6$6@mwi`4Knj2u*GE)pH{u<`g30;S66F@<QMl|a<I9otW{bP%v;FSehHNozNBL-8
z%jbl|#Q1E~=+qM4P`91X$d-W$19Lw+N)<qcf|499Yt@+JW7|N-4{SeUVkK>5hWWCs
zk$ejVeJ7HA0D*X`8JVOv6(i$r3&!QlH7Nnc=Kr@b%qf>XP`6ucw|)3s!6kBnPIowz
z@<fMQB(|;2J_+%Z(T?u<Q3dxnarOI1mD$9C9)89W5P|qC9}D2>ijxGF&kmUcl3gid
z>RN}y1Zuoe-`I(h72b-)aN9r$>1!b$wZ4vcsoPs~qoA^HgXN48zS}va%);vbZ|jo=
zL<@MMmnjp-h{Xlqpu5-8a_jixIlOK#vv2c6(XGGo8G7;k)m@u(P7`gbc~m9tl$)bq
z`Qy4f<kbHg9w9b|_OgyQ{`2Pt*YlOacd6JeJ)Z7gP%A^OzK1n#XG;);wt?u5c>Kf%
zi4Zl5C;q(Y9Hp|qIe_#(A6Kr+*wZ#yD$}yjge(3`-~2bKK)wjAB8fB3>vmyaV-t~>
zIKRoGrLAps-xg(UVj`-df-cy9qKWu`1*t}RY}wdHUnaU!U?sj$rE!mrS}9(8Qw>KU
z6un9$DM5x{cbmzI=H7zJ6*Z=Z*Wd)9ZcX^Ty2r9ieHgS^s?gI^e__oNL|=+K^75o4
zyfAYpBB=ltdhCV0w~dJetMc}iy-NWj&t-}X;2BLourT?qhZ$casgsY&T%CUc$Ng2?
z4*`IfgFDgx^Usg4?U^v)zLb@frIXdy*5-8>-;0dj?->~#4_v*mgtK;twxq_Zv3Adx
z2rA6PjrgdCF4$Wo{bn2?=cbSEyyk8#RpzS57g1XMMzf$;A*&o0FKuRqm4&rX&)B<X
zz)C$bqFRqo%f&CMGfB(VZDJ2ke{P$Aom`s}H>;W@p)5_2S#|gU$D-sLH+N*w#@7uN
zR@J}}Zgjg%khqErE2Is^CMc)~$#WHO!^aqWcQ?d#ukeX!V_no!8IBxW^%E0MMj8j8
zdW$u`LnfAbY_g|O_bq!@=?=3u4_#7zvdGwkh>gW^d{R;xTwrMswwbhCS*)q0XDW_J
zODfmQ&3&bd=c{)}`|=7Zp$C(b3Pivc6H?os<d(I>b8}N+2YD<DMA-NwU~A!$ne&^w
z3yJ?z<|x3PURIV<k%9M6s2v&c755P$tP6)%#oW7MVwb@iL$LLDENq!Qv@|AWEDLvM
zFE%R3k5aX?4a4(Pgfd<yRMo(Y&4?4*>_^j{V@azO;j%my@=@Z?gzB^Sx!j|k#sjh_
zp(mkb^)GKXI#6f-8BrR?r_54&oNV-4gYq|Zg^5rg*0TfZK@os&M4qy#K5&0P%F>3P
zimjSunev^#ThX3XOd;#)P7Jl;e!rl|bmqYd`oH=B|2zZV0f+|*64g`bW8B^%SqZ9f
z*^bz(D%PWEX)R{fli+%Soyr!pcr8((UbVG$yKAytq$oh{9>3f{@AFuKTXZh;4<XMO
z?2GAW_aw9tZc<vj)zPb(M+$CUcwcMEIAE>AZIp?fX%@alhm<U6yduYXk1wnrd=EWY
zn6iO-J%>rYy@e|K5KlI4lWCci@UfapH}YBwo~U3S$hnsNcEAkK;NKp-mmmvD+eN_{
z3y*kRTKTM~rx6t#4`sQG+svzZn^zJ~8TxpfsRCsk#LY05c-3rj@p*LzKV4`B5i|~E
zcSA>u1oLVD2RB>obVYWr^nJ1Kf~98EKG-M;78(79=irDss_)(k>;BnLcamx=tc_fL
z`+AQe2>2(0@_zmNsqJ~1qu4O_m6`|;2N}lQQCG(MO0w|;0g7|I3b@SzuAXuQamne~
z7L!r8tph8E^k``6V8bIx&*eXJe0-$xeSxim7sp_)k9S{<9&aCVZ(fPN=L`NI0fQFi
zIr7!HmxL@fBjL0err;aQ6qV&D+<pREG5I8`!&Q`-QfEKd8bHS96Y;uSw<haBQxVK5
z6go*Y)*7ghGiT?8!7#CSOngDQ??VHmsizW`X(@1vEoeW~1p-Oh8nJve>^-s6slz&@
zZKRRh+QBW3jPdwFja)(faj!=d6C^9o*#8wVfZQGaX#q9CddYIS=oQ;Riw}uL>K~p7
z-zoi`vF@j-MwM#MFnB7B^9MSL?>sqIb;6N%DY8CK`E9L|rEH;kknQ5(fo*a`sZt)*
zc30l+K@Q=rLP}P?XLBNvSHU{8V@KFd3Q6O;k>zjeZ!3%GOdw98rg6y{OgaVzMVx&w
zc?t0dWcUZ@xGgnCrp?y(v?M<DU=?_QjSSnGF6Oy|I0LsT*|sZwGRAHD7tO!Qfs!U9
z99o@ERxWO(amP`KQabPxr0xRk$T3UF^}ygJ%m;ggv@h=dIZ$m^IRdkte_V=@imVqL
z88da-FUVjb)MGCv=7}-=m3yttYV3UwH?6J`E#WQTL-eV$9F<~Jd-uc+3C%s<A0#5@
z@jfSC28IV}Rki)Nlr(9Z9H^x2V+^wn=9Fi$0gw3g&QY6J__abFa8)wyMaA|;KFnIz
z_L$fr&I%rWsMD>fjb&;;`X5mMu!p--_BD0=<vUVS4#G@TbKD;@!lV_)hDWm?cC3{w
z1LDjm=@!|9ru=%Jmd}7TA#XkY#mo-(3dOu5@1R0AlxZRgE_aD*stbz7#$WZ(6&Bfa
zQ`JE>1t>bVTzkrG^CKId_gqwb`hr&{!@eR#6gB3?4#P46<Y`LATgJ|ZFsaP79lu5v
zxT*X9)AswH_M3o!p0_Woi>ZM%g}m@^U*MkUu77Drj<|<)q(aR@8LOI#Zxdy9)4R#|
z5v#ItXoi<1!i#|sxmLMm1e?O3e`4m@*oM$r7}s}vHYUZFmQks$ht26M3$DlCfV6(I
zsJle(LIQj?pzll(fBPb94bFLI^qqwwc(s`b6ulPkgYM0KYI$~0PEdao=3qLHsAqLF
z`mmwzw}$?%ovB}88DqYTG>ZuMtGDV%za)C6Yhyvt`cVI9;$Wp6(K-@kQ>lMr5%eII
znuU_WmYw<F`=QGmHs9V#q{Le1fuy7nvr1LE15*<PIj28N^zCn2aIffM%u1G+kIq5x
zNewGkSd<hFE6s1YTk<U*p4_jvvJC!4dtc0;V<Q-&cJ?i#wEp4@IA&?Cif^4C2@A`A
z8F=(#y6&2+Ll_~T6eOkINCrg%uN!74_dW1$>+((dUv_;-<BJX-n=NpA#|Fjy&Iv4u
zv&a}`!g(KitDU+gPLG)(?Gixp+&Bbc5Ruz>o|etf$V&1tqJL^&u71QE<(FM{WG;|!
z^iw@vQc<hJ>|*h6V8DX8qvp%TPAmrR(E^YsJ*=4si>857+_+B$E72kr@zB`N6PsHx
z^X!*`I&$qb%S0wu*yTDU-9#q^Uw>o~HG86#<J#!&AN;F9-VS8^v;RHtkVa2Q$R$Oe
zCA`Wyr1?6A{6j**-UfM7QRd5`Wiv0&t_OL_!Qw4l<Q)3(X+T{%wj1z7@i&%almq!6
zElie$6pO0vp?N4|PRg}Uq&Ql-MP&QXSy@C+pEpe%lp@VcQ>d~HAoYVBNS*W)@ZDd8
zP!!a<eX=d&Wk*;>YfL5qy>+}j(ePw*pjJ+LIIxbd+u<3`&9)b;vyG|~1dX_iN^z9N
zyS;rOcIN-d<VNjA*~r1sg_4Rdc6yolVsL1Nqs#;m5sEQ;cXv0m_!U!H|3NVch%UoR
z9aIMY2&75PJR_x;!^bvP$g|@&1LSTuiPw$4r~m5TYy2>!_YgC;1Lp*1oudC`uc~E#
zTh7Rpg#9_x-Q9g_-*6~$4lRsmqo;4#pLWCU30n8i!%%>66rik^(f_XF=)R)0b9^de
zp@~rVh5L!8*+~p9J3O8k><z`&=@NLgC!A%zzPrEmc@ka35$H0+`1G-lR=V_Jy}-%h
zBlra6x`vvrCdh0XQ={s0Ow4qIID6Er2Re=Zn4*H~mg^ss1v@~qw6*pE>%fdC_O#Fj
zSBoe5V{=&QvOwN0T8etE81r&BxY=m#hsLqD@=1_TU2h+(epVL&)IM3N<>OKI?3B`b
zMseb~@~i)v)QFM$$NwAXAsL!*@qA$hjVr7~<zLE$;uXr39aNGOA{8ImtRSgf+ce=4
z=pWR{BpRg~fy!ku6_tsxBYPJ0*L$ajaOd0>1zb0gDbj%ne=?Ww3YJ!YEy5#as&FkF
zt_per3)s3A8M<G<H2;UMw+xHwTik|G6qHf~>5%U391#R*L8QC8hOQA&knWBVY3c6n
z9D3;PhM|U-dFTB8=bYzx-r8UGm$~*_*Shvvd)@cCLtc%@oPV?&s@Azvw~bZ$GI6-}
zxNX(Q0oAHvdnF664JdpM%P&8@J8%Awohc-MW;>G(*R-h(#`rm%|DkAlr*w4ruSeEb
ztmjp=KzY}qs5hunFL|2Yg!0|N8gEt>r$>D;$y!uj8qGFK!h&4v3|S=MX>097Rx$sf
z|7T{e5Lt4$>=Xu;6IM+v>WaUC@GR6UZ1rw!Q`I29ms!mBz^mO|fJ3W1%04?p7-Ub{
zkA%89e6hYSnAl;f^~L93fRFzhPX7zHfjdz+VT#Vb#sjCETvi~y+h2*J=#~_}P;=kj
z&eYn+`_U~m8vz{<`0t$hhmU&>@}02eFPupmefjY4V%k<9?bWQ*|2+0T%=^D-i2s@|
z{!K`sZm1`qD82u*J^hbF@_z$9{|L1Ie}C{V>`agIU;O#*AG)SpBdAETSgl9{boS<d
zU8pr+ubw{zwby57XSW`H$X59DpUc|YTZd!>%=y3nRiKxQCTh|6Z>iJTO%RHeL!C$d
z2TVQt51aBo-xt)Y_iwJ~|N963vkv{|k)6dwU*rDve<~zl$i8@`F*#Rlq*6tzbq@W%
z4U0Q^xZlp=K)Y+n_Np)cC))>?Mv(IZw`wtU^m)KMSQW5hh>jd<jRM&ijl$>f@`)24
zp8X5y{jY)KZq79~(q=<W<OHgsH{T9_b3}B3l#$EjcJaADhlP-S&uyUtha?S8*m-x$
z=)$K}Yvi)p(5kS44WRJK6|l7Hc~=3MoNK;4vc*JBmtjCJrA)Zn!~bC^hraSIFtM^6
zDd*+_eny3|IxMVWXeRBDkdc|2n_}c)aM<Q$%*?zcWPR(T)+(<To2_m${zrpbLa?hi
z8-FMHZOccRczJiN)p(`+_uXRrWVlsVm#<>W6|S}w0*Ls@woY%9*&08foI?w!HrB5X
z*UYJD6c%S!+(1RwfFe}A-SGnQHCbZZex->G1s(g~)~PI0a(lfaYhoIBsAuh6&J=85
z8%r~9&KB26NTPU{t&q@FQ#1Egy-gN|AR8o9C`vIc^-qoPoF_|gP1SIE-l$<|YaY|N
z{xTsA9PsF1>0%kz*-4YXL!<_~uKMyI>#J3yZJ~1zty^7`Y@1jYtx%hGDxLTF6P#D$
z;lX}n6Elu&<^f3=DGQsL0?i`cy?!vXrZ(81*8Zx{_cs%{H`CjGzPDpkez@v&-IC~r
zXhV$p_MhBrBUBFEg`yVRj@8oZb<z(@`zQMl6W4-vrJ2+xFiZcrT@V{3vRIY4{n~EF
z>{Rq0H8D!yN69;b_0#{=8JBqAay%Cg<Ux_04={<~$Ws%I3Dd6~;(AjXadEl0M+F#a
z3&Irfx_#kuZBnB;L{ju?^C6UgeoON_X{;bSL)byeW{Q6J%dyuysq0xs03L<tNN6>2
z<9*GOpM-p!gWve9AkON4K^u`#3h?|B{zz7@;e%<kP7J2;>QF1SQN{#uxAE<SJgy)h
zSpc+Tq|T(=*YIF<zqU<Y^k2R^R71vA$mh@T;L*(`+MTV36EzNeGd~Ig@Uwi)Tf1uh
zm5;w`dF1e@O;-b@DMWy&DJ97RU&#>p<0Dt=$JQzuD*X$M>azZ_?02I5B0fhX9&KuF
zs>5?5U7tC$?A=7@BiGjggEGY3Q-8EzY^7N^`iMF2OtaW5M*)xKTvQDBX=n<brlz?Q
zg~Hr>R<`l5{gU(6UENeN870}m-}wT^7BMCOt(xB6h0h*=1uv8vB7;g_7DV{%ktII)
zonqbd`IK;nhGjZA|2N&SQ>G$@dF?3LZynOjrs!1u8#x!8@Em4=Z|KDAET^gWgHWU4
zJytR}&Y)0>NPtWlI?L(V1c8@~q^V(c_MIa)u_}0Nx~TTi_ux{brHo<xrgO)}AAc}(
zvp>}DE>1v$a0R%2TM0B5!aetIQHt7#JF(zR&%bT-hKr|3Po}75h>tb`cgID5x(BBw
zDx^kMrt+g)nQ+9@rIvC&h|%c5Crqe+&|YRpVlV!QA*^Fy?zL7sGg-(E8j7Nbb73Ov
z9!{<VzRU)?5q+!7!fMHM;1Lwuy=!F}Vd0Nx@e3=D#-^gmLRDiZfbP!<3-RBcPF>Su
zAnj61n2qp{Jb$)*lzcyG{Dr0MIw>Vp?{!kl=xtRTm>}@CyH_Zno^?0AgLBZ_{eo+$
zsm<tQ`IHj5joJTdxa=@wvvg*;<kdy()hZ?6sQXp@x&Jn(rS%F1+MVcSdQ$qJ1tBxx
zhW=}jBpGR(dHIKRlxOVLi6kG%6tTj*39z$xkljZ<pXx_u`d*!suqNN;Rf?()g)SRa
zp0+%98MOJ)ly=@*4(Qym#qiIopGWKy(Z+>)D=MbF0^3V;hTlO6ds1NYyQ>>iKH<3`
zLc)!n<VF<yzyJCs=;iyu?H5gs^!?9oZu%kp*r#?bZmN#FDFm4f6b}MokdVqkQvzGv
zth{sX=9tvC0lOti0<P!9Typ{X#9RQ-!{fu5+YRHn3yp2SFNOykRp8QGEIvcKFF)2n
z6;)h<5#-PJcE;kZ9^bS50=>$nH^V`gLX8dg*piDyilb}n?I6v<A?4oTzHg;^bsL$}
z&pJLS;>oq&X88MPdWob~`wtVR+%nQE@<%mO`S{hj3pr-H(DxhcZnc#jiT;tBTB0z?
z7xim#2b2Y>Exmy46xN)!iFyTFQ4-W7iZgUUvm_P)a{c4c-jXuiFlS$nBQeE~o|r45
z_qV$JSt~ZUXv0B}Tg%0QIa$D(+OOwezm}lfFe<dP$*1#ohpLTf+A_Y!{%sE%*piPA
zZ1&w%Pf`w8KU(b)N#5;2Gd!C<AdTsm0LZv+3F;c4$iwn__Ne7a$(j0d29aZY6-KMu
zJy@p9mYW*s;lM1U&UtV;70rnlRVp&r5B3WUw8N>!5==SaSRbj27Pcqs{f?nc+Oxg|
zwU^lXw3`xfnj<)tZeVn}qjJs+5PFPLySTpWoF9wf%7ria_q|?4GkV%h&Bp~jQ<RgO
zQj}7AenHJ9G#MOT#8DbQY%W9MJlhr2^~dk~F{g7M`!5j<b0gq-O_tclUIrOo65s+;
z6qL?D7zHEr=IAb9R6zJNPs`>|%3cXA1DuA1rD*aT1-$~KWn?96R|-UW$$|ZcBg1!<
z6&2aOsW+d;u8nh0LczmVECE@;gM$S6je4VyDAWghm=`hGZosQe`M_7Nf`B(6QtkRJ
zZKeX&8gv$FKpT^t0M~#5(7^&+`YN~OinrZFkKBK<4mNeyqC<VDL%wU&SPQcQ{d<*1
z?e#Bos>J>@=s1M;!~C@^Kz{_1?`)7B-R5L@k4*cwM!BvN50ly_5VQVdu(8KBQ9N5Q
zJFdWnquF;=4GhYUp0{^Xkj5<iszKwsi@{_jZ$pU=y3;RyHQP@iWQKIfrDvC#XidSK
zD7MmhYD-UY#jbyNMV<&{G)zgZsfbV*y~lu!%N<R=M0Oan7AdtWk90G&95}oaf0v+F
z@3>)a`Yo^#6Ji@O&Ya&sOxn4;^+BU!`aQbI3c`FFK*u{Coi6{pgi|RdU{^HI<c35?
z-HA5^SAXt~R4!waB;9wa{P_;?PHnUa-i#GKAys#fFO;XTBqZ|2U01fiW~6<%Gt;Qr
z4EaRA+^XXD=Sj^A65pv|{TA!4;{<ihM6$m?s@Lu?DjoR=;YP7|P3=!^d+sMoSp7$n
z-t3v*ZAeq)1OcD)KfT`fZj|v#!;jVJfMHhl>}pj0iJ8zy3C>IuNsf#-k5;jCHhg&?
zv|l7lvhQ+U#p7B1H-=51#Vj@VQ1iiOSVi3qBbH5*1w=CBEg|+7b2o-VHP&P5RcrVz
z53ohS9V%S$!NZTR{<I*@kLfiw-<JpUvN!{t7w@O0Wc<1ayd(;Y{}zy;1UF;*`n1eD
zJn_5&LxYZ{blrmkquu?ZNoPxA%FFxRgSXH0+L!v0xav2n9l49&9K*wnj%h0!$mi{u
z7z^6BZ$G}W^d6?jYU;neUE~vYAd#XmV&vOl?X%P*ylJ6b+9Cu~3ue1~;M^V@Xt3?x
zH9BF)Ut{1ovGi+oCpWT(X8>gb*!^xiSfA_=3;T?v%EO<X6kJz4mT+)%E0&a$@h)Ed
zaB9DMwn%PMGn-!xn=&#ZOTsL9v;7Ccw1^kG%0F7%)Vv@ld4Kywg`|<M?kN}e$9bb0
zVz581(+$Vi)h5=?XK~(wXf#3z7GDNvC*Rk|eSXo~zxblnXedlc%IWG0I}UEBl3lL&
zY%D}_S$d;d1+`z?F9i+3r5E9D^_&(4z?P4#qMh!|X7=#AX98cycGAAg!Fv0(^%X6p
z+CE6R^7r`=H`trX9fT({e{1q`YMXCN_O*E2T8(C4qzUpicK-`bhdvD2Qked&4?Hx1
ze)`n#GqRK6NTU3UW?V>dBEFA$Nllywf5(zDCXd!pqq7uo|2I9i=+SD@NZrn%3*K^F
zu<PDb^aQp-UL`-amYnKEIun{T=o~Hjx7hSd(rbK@4;pU5b-~Fzm9YFmo7ZUbBkw|?
z{u2_QCu|{hHF%>J<T+|QXH_o%LVETk9A`<__iGv7D|eonIx;#xh7nutc!&?M&~luR
zX(n0T%1N5Lef?=)l6rf~#C~qj=X2O_U>_1$iXMw^l0qsv$<IBK$XDR4F&CteXZlAp
zFnpJDl2`Iq(E4*n`9l#25h)N<(REmN&koc%Sbbfi%A9+lQ1vedqPOaOO0{}XOm40u
z+cPu1SHU~mzvI4SQkGMOq&vOq<n&1qk*j8=?ihOyjycR0o=@9cJCS=Frv)xEXz$NW
zh&2--%hIW?174}YV6?9>U=a2pc%l(Gaw#tpv@=<m4LVptknbB%$~)oYnUODc-G?%#
zG3NLL5A;j>9W4$5Tqcu1T-SiONy%5#^!$ecdaa_j{R_P9sfav1ChF&IF!0i9&%L~V
z(q*ezqLK$WXn(N_boC$9Cp7+BV_2<FQ%7@T3bpR<O5D8Q5}ICV<X14_OAfX{;)g7i
zlcb)mC;u>QdR`qKa(e{h63GR=Y>#19ug>D-t{nPof@9=gwe5>*8F0+)K8Zr+@Pu-Y
z<G!A;a6M0Ib=}3#53Nem+fMMKVzY)@eFkCSUuf-UC;2-xn?igko~3xzus_%qy@P(J
ze&>6Le%EMkptNsW(#WTG@!{ws8S@Z}<`;w=@BJ}W11?B;-~zeN(yI^Cot%?~PFJgN
zqYM2A&$2pO8XmDdvbcKy%)fsBF223{8KbwPYBlz@?e2n&lT3Hr)T-;`Sg&yltmGi|
zRL<kr7`pP<AS;<)x%Y(0^QdcXjFOsI@A^bSM#JZ2eJlI?-CzNQu*XwOYU;B7AJwo;
zh_Kfk@5zY@#p0Dn0Xv<wJ@eXSU8((QW6+mf_t4P*sX~M!-a`NQg8rCD(Q;1y$<i;p
zjg~Q;7V7EoTmGb+`@BYvvyR2Vgz`2~nFkorbjwE-?^*Y@+Xu6@JCE{dAyr2vdi90z
zQ2n}&M`OOaV?anjJHT=m&vmPX#eojp%TRc1wp35V?^>MmIyghP2HoILm~e<iT;+H-
zCL6QVAyJ!RY1G?H@4;_L*yBvkzHFOU=yTM`da3<#V+b%fzlZ3$D$q4BDOk7a^rNfs
z;jUL1`AAzB&iAraD>t>#!(>&F+Ecc%g=OQ=dgcK<_ua#2z<M!d2v7A511C>nRj{GP
z!N>2os?`=?Jo!moEv;mHV~;>c{qefv47ZsCrAC4|5I$n4a(M68Z~Ql3lp8wV@10D@
zAF=7N^G>hsw0nFKLktsB30DQyThKmBHj=t8wWQ)dSQekvLT1~wG3{{;uC<cELx1Zz
zSG8@2cQQZ7)I6p($N%a3vQ66xC`Q7_VZ9{?0JI&5;@zA&-f<fn0!>~)0c|5PW}>3^
zb!R`#$J{yf-VphRFhPb>V~bf@9lHytPZ{%mgEoB=MQ9lPE(Zg674E%4;<~nq{jLWE
zyIg%)+V+`KHw?swoYs3OU)7z?g%q{&)#W!G-T5%NeDvq1zq7@)H2uhwZD}QJY2N<}
zE9tJdvEk6H<Yb0NJF73dl-gx4<E2Vnu;1g1pa-R7cxDc|RrImxsT$LrtZxmnvtl;^
zAAyk67jMV}*0n{jv%zEb5wt1_7%<mczCOJ$;Z`7aa!b5g(e7EZ*Eh=DV-`*Y)0?PL
zKi`L^jwfRoq7BIs{W#3Wr1X8)v>|x=Yul&MgK%jIo-;FN%`vC%KKTTP!%esS7GJ)m
z^)@~hH2Rc>jukvPTB!#Y$`#S0juP6++dFBvvmSQ$ClR6_d%~du7_L0k*QQZ7YNPI(
z#?Dx5(b`y87tZyQCIwOG5(LFK9&X&Nxlc#mq~gzJ2(%6r2g*jc<C$%*{eoNgUvg^4
zE{;dryC;=pJxTax|Cjg%*6)G`>eNdzgqk>CKb3c<v;LMf8ImF48k{n%pH;BB+jWwe
zBD`e&@d~Tjf3mIq72_!!X!__N95A2R3IDodMVv}?y6f0bU*pKsU@!-PM878);YD=S
zCxQ;9SxH;!sHXw&z)j0Xx)9Ae8N3OB0@*rRGY`Wk{i5swyELw4U3l|#=|iJ3Hpp_h
z3%po&aYM0CF$hi`VmCphy8vP?kWt5r4@8LUO<ghMnS%tmgT(Rb;-BDD!z2RdQfa+w
z@Pii^q=8&&Of-TEqDW2Ye=%N$7u5<<PES1#4L&)%WGsL&66sKz-OiflBduIT9nTa$
z<Y{ov&3{_R@oiX4b9U~B`c+zB*U{V*LK-`xRNLS2qKsKBep{VPMj2~5$1g5^s<C2M
zH<IoQ_wvcj)m>qG98KgDX2+9EJ^CSf4N<7*1y0NN@@Ov4xU7KoPI2PSs$k{91}pEF
z%-u{DE)~=Jq|#@333f&mZ?<xWp_rG2)JHvg5#~5Yv}#Yv5BT8MInkjkhi2||n2MP}
zeisvRBn@(W99mtN7+*a5HS3PYI~Pw`waT8Y9Rm|Hx+F!b(BVhn-Qr~wChnEQ>D7xO
z_CzS2rR(csJcU4wnNrw|_|P|10Fn${4)CDwFkkIY9voG6E2eukKP%BAVP_oRojN)F
zqV3L}Tqyi5c2IM$dAp+kob`@_E0Ir6a`W5FSD*fTZG%i2eJx(@Iv%%rs9BvaF(zbh
zeeLLnku#36!?C`5b5B3msefP=(@2ZY!w)X9>qk|Q>v!`eW~T8aYZ$EIE&i{Q^KL(e
z(!ne<QF_V2jVg1;`eVRwV)2udeX8{-uBf;SqaXDv_>##HR)*bZirDc#7WXbj<>|t(
z;)Sa`iObZUyNRQ6r)#*}lrmnNov&@R8N}_^|1POZ2*0m$9plefFY?}E6-ZYro{10=
z-@LqzKKGh#Ny=BJO@_q3CFs~kSI<x!OSn>j;o-7P(P@Z}(ufYk1N&c97?AakZCY*#
zx)YeVNb!2=&3m4`#=JhYxQB{WG`fa_GQ1^=)C~iCZ#{QW+4J`AHy#Qh=Mk@?lt@-G
zrl_C7gl{a;340sRa5KN4CjL_AkHDW*V_}|QRsVCufZl|;Y7D>wowEo+FDB5Iw}s$G
zQ_?arKPy0o&^g~m*Mr052BYZC^XVsUM}9ibu&8`426y{yNc0f$Q1I6d<vy+Cy+W=X
z6Mgz5S<$20JGQpDy5wI!-e5V2%ICXu8`~EBs@~mHy@}CZ7`4n_yb!rQ*5piWG~rCm
zGKgcbqqOb6m=mH9ayPU8+IQf^CtKhFTw#st`oVUjBa{M-P<0vU$if#Wxr92~?3PzH
z>J5MP4&y(8oGYFhyEg`5i?zRp-f#{V7t_mWpIu3!SGiKTzE2zWFTi~nx1*}Xn*|1y
z%IWO#Q}fPf^@Iv}at8q?n0H^+2zO^q?PzG^1MP3{D5R@M4+l4fA#L<$YDL%7%2zgl
zM{||bo{-Nt46ydYaS?I!@7(RqO1#^vF&bhG`(mxiGIt^y2M1xrpr_?l7N`v_ue6OJ
zRjSUu{;QX3YtWFh_Qm&$W=1#;=-QghItOgK8-c^quQ=>ZFBwGj-aO<|&l^+a*9DA>
zc(_Q+5eo@<`jrRA-1C1VE5|qB!*YP9MiG-7EKCaKO&Atb2XVcu725t@gbop9(xGCO
z-5r1m%UFyH2@g~+A}B<*dpk-L^x7Kf(P4_BbKb$_%SF>w3MU*)I0hR!U+vJ|l6EFL
zx5fU{FPc6n?XnhAqNJ_y<Q^R(RbOgFNozkyu13ZpbWUa?(744U-uLA!rhp~C^^X!J
z!M*Wc1i=e-@*afB84<Dm@#b4;?M8SUr__KEy?ArH^oCn64BXF|(4i*~SE`u^9<kbQ
zj$Uj?)(Y_Lo%e-Ua>I@NFC!5llT;y0c4wO3KS766AHCouf`CT*1g9n4+b`*s9z8g*
zm#%>iQO_MENVgU%0$hDH(e{p0dim?(0hRFI<<wN5hE;MKWKVV|a%Y*Dbj0?*WVI%q
zW!(6hyrv%gx<&AoM~`dqY?Pu6Qqzu`D-U7kI5T&q_=o0E)CWV>Jju-(cWKg@PnN08
z;@$=u3k)!aK*1(d2?H%;@1_3Se+;;S%U6Z5z7TAW0CpGz?`qaYH%heb4={nwpVwE1
z{}Np8XS%nyJ^)*Kdxz%bF&w9}z$Jr<$cI|=BNd8diZrs-*;e>c7VD1IR$z>1RJZe0
zcB}FV&AQx4IQdxy!f3~EHNT7Vf~CJ+X579LfW~N}$6h1nA<-X|7FV7)JMdDl%cMwD
z=uZoWReGCM{rR*u#0%#~!V;WyuXA!d@|EXFFD3z<JkoNO->gjT{2t~VTe=)wgx2w-
z0@`Hy`!}7;y0SK#YLttg6e{_eao5Ld3q61T^)E3s$S+2&Q9fho;$@cnTWd6aMVS_!
zl-Y?EGH+!mS*&`~vQ1O7q0S&o=bBet^ZUGDhvbEbCdIB+;SZ0?FI8Ek%4Ea+Jbrz$
zG8k!f<dtNCmJNpAYu#>4sq&mP1&<|zE9D?r&7P-kh{;3K_1-;y+bay7hsa}dF}@{3
zYXZ{F!AJ3;C>Hup9+?J@4fF3Sx%4EFZ|oq(HZ3=eRIWe2t!a}TgiVN45G=kfJ-;*T
zBLlnI#&;%gw9$?%MwGYBMc&WI$XZ$y3Thdi^h0MU`aABGIEQjw*v~uq<D!wKVo&OU
zp%s#lWK;^b?zEDX9A;~Iu#W!M7CWPJGO--9j0edec#{-wic!vP+VhA_S5qz{aBYr*
z+uKy7K7Gg+56~5hW~@B(x0OF~6mxek7wHL_kB249Yn1|Ljr$bt9k@~%-s<zM^d~tO
zUCfv9ZA}YqdUzm%JK2@uaCWSi3MsS9P)S7Dl`Mp5)XfNw>cbXEM?5O+G~v(70=)-A
zSdTON6n6)}2z}bYNSAFGq<vdW>J?dJ*kCqM284QTlhTU$D8+=249<)<x$<}sUg`(m
z7QCc5q0`&nSZX`Ys4_fcsxlmLzjj`@BzsPdQJsF6A2%^oxm8P{i7_N{H6u5-qQ{ql
z*>)FK(L(e2#;gUVSn@|*Er;eYpHl4Fka6=|q79WRJEjenzrUgqa{94xK%^uMnSMn+
zQaq35W*$<pnVy*;?h(^^9|g<x&zc`|v*B`L5N*c$7WlyIaXc4Z>i;e|%4v5%2Y5nH
z|HhM#LX}C?uqN^XWwFyD6d!!Y#}<!D)v**>{%Am9-(jdq9Nn=<m_%smt`Nc&8tG<!
zXM92u{6>3^<Ks;sLuq$08ojR$e!^6NK#FBun|g~47I-@@G4bO`HL(U^u4@38B}ma)
z$NOt|Q6NVqpRH_KRRuRshu8ytH(zn#^lysTk$ZTKxm&3<?zX<%%l<muaY=DSdHol%
z7?wS|nl`ImB__D@ZkSP%hKhertZ?5JJrVU<8r|kdtf%CeA{z-9;Y?K*`Xdu=`b=*M
z*zl3z4f6NvMA;mFK9|LKV-+1=?xGDVxpz1_pew&YK#lL<YPEksyA!mAX8!?oqSlZ5
z*m$LQ-T&&(GYwt_ht}#`35V_Psw~Lm*6=u&=ddq8La1s*?s!c4a`f;NsWDa1xQe4-
zd4+iU`-$O~`N?1TXQC^Zd}8W!1TGpslKJeaF$*NjM5!;=qjh{bWyY&dy9Jd7R2Y%l
z0K^$f>Ek(470WS9xL0ZZ$-1+R#7dNX`CeA>MXj_*!mC`nb|+G;LzzQu(j*;fItkWd
zffS))4mbnP#AOP)5vUVEKzx4D{^46WpKtrZkVv?3Ux800pfO0b4kh-V$2NN9d+mr+
z_qEFQH_s6EG?0XwGxd3t={LGQA4Y-j;qs^$wJC*!2`b5zCSn3RUkXY}mx}7%SuXW^
zgFp2pN^ZuWHK<=5jHK>bMOauE6{4r8=`C<BC^uiW`Cey2y3Vg9QcRWn$*0Ro^ZPP7
z4V+6e&;8en9@Mnl?9bANnQm|6Ar0p(5zoMi_DEZ5L_itE?FHS@cXjP)YeCWxpD~BW
z3<pezG1Jwknk{r}A#D7I(vUj(t@W^4)~rg`#k)FDqiQ1no_5dT8sVbHN$<UnVDCP3
z4lyBw`V_u?OEC0vYWJnQ*AOl-`ZY!C`~Ihg7%)*i)SM52prRGt{6fT*-`+)FTYMFv
zc)Th<Q!M`w?h{)9Gpd5HrUehN;{~*8rInMY6VQq@m|@=u3Jo+Ib_y-lf7&;Z34Z2$
ze*4l9;PAd%^x`?yv(!(pis$I$LdR*^<QXQzR`;Jc|1u6C`1PXoQMRu1XTs^g+3~FW
zPDlMH|85pLu6zw^wJ~?&7ON1#U4p2z;L6{@gR}h<2tTo84)M^a$iB--krDsNl%wLc
zt@_0ZEU(U2Ji6fSN-ogP#UMsBEGHdUDB=CE!+oVEtY>&M^4FYslC~U=bjr4k<h?5s
zqsPgDi@sz)3|E_^lC1?fR7s_3`}dP8X;*%-Nct5yo*!4+(iDwr=gV@$1-d*UkGRAo
zRKHCq3h0{WJo<vOSOm}%(Y=puH=rqU;^w5E$7-D6BSL-;hwbLO@b`U5U(wtWd(YSg
z&n$)9)RL$M%8|oH&f3sSo_P|%5KkBNG>AxEaR0ij-*qHqE4sw9g~M#8{r+DU{pA3I
zMdPYB((@=BQ{cw&B4($fdqw-+U-N#>im*rce7hg)d>z+#t#+nZ5LLN7#gXz{!ql)6
z)0+8LP5cF5XNp5Fbm$aa(`zlKKZ)|*<z>{y-{zNMZA)E=Tb8y2EpVSjl@raVn9X8H
z!KA1#{O6jZ*}yI}C}Me;%rKFm@+KVe(w`UYuOX*GAC!FqpLLpEPEWz*%I2i7d#i`@
z+MtGsm6uEl7QVM&WZ`Al8=`bc<odaZic^132DdQTr$X|I1MCFP*wj?B^Q~Y=Jl3ms
z{?z}=PE9Q(OL(AenduW-ai{bRv+t`t0)H6eii#yg`<`-t4==ejza26#FEMO1V%idT
zH*B`0QKtsKq}ug3?crVHNqi;2U5)+m$%tpt?`lX!zIzaSd^Ce?zI8#)T$z12b^Gy_
zZBscVQ{uawHr8k<?vk6}8XKjUs1feEuaA&ro7(jBtlC$Dj}BkNcxNa&EqA#++GYKR
z6;JNTfqncLO<_X!n`p7}kiz29ysE$7qYx};!G`&juwO4Z%v@I{FW7_4LLjl4+R9&M
zz9>Z<b#&~A4*!+nJY9**UgfY&PyZC&-ZinA)WSTt-W9vKG{By-X~9y)xXa@fX)Zqs
z2}7Z201wwTz?c8x#(@mp9ETWVd|U=I7L6$)DwW?7n~`}>i2hV6lP%Jy<`#eirIA`D
zazEO}<+f<C|21(jkL&nDIzF-<aPyYWRy#9&eIi^+HhHE*g;RY+JY2VQZ9Rw;5vU`A
zZ!_xk6I#Lam-;ioTa7_#Qs{*zC_JFO^gjBC49-P$)n(i!{g0Z(V#tD5x67I$Kx*_e
zo)9ZX5!n!9(_}_mn|Xrm^D;<V=Vv=^ByPQ}J)9w1ZP<DQ^rLqhm?7*PhUz>pJEHht
zw#rY&AHh$&Y3lH9J9B#HP{&(+LGYJuj)~2maPC)PV+!6(s+k{lyBJKVwJO+?V*_T=
zV8mR`>krSzzyOGM=2S-gmH#QVbl5y}$+?Ywrg;F4y<5AjLfQUaT?$vVi;~+l{C5!#
z^&?EyT=NPo#+QwR;0sd|Q6m3VA5d*KqAshtm>}65_m`@2$7LK|+j(P2iPD=xGYF|a
z6RVGvces5WrDu?${&;I)DO)ICfyx?LKuD9-c?Pt;;17^Uv%g`-_Qy=35`SUQP)pFt
zPrg0fC39EDv`cHQB7d8uUAKy}U)fHUNj2O~BS#WmwGl~Smxo777Yu#Z>d3K-wTLXz
zXuG>qN{5c?BhroVwDCWNJK4>WmNYEtM>@Pt1`}hMoeUCg$`Z_u=^q-!WruL7$K;PQ
zMM{H8wQ!`X+3YQC{(|+M;O%83&8q7rPZ8sUjuy(~Yw$|kzHwrs8_SYl>K)(Jlzq!P
zLvJG3CmhnpTVP4a0CDtk)!Y@Y&#EmwB@mfWbu{xr)FcED`P&%{`R?jaI`(u<e_Q*3
zI-T9WcBQz4yuNC|9FHNj9sY?;jA{^y@AJy4wsLd6Y#F6J)h4moZYrlNSc%x2mUqkb
zZcf%4{cD@*<>ZTV^thj@dEUz0|MIG~w{w%T*zcQ9@cTnPit$QwYnwD?Ujn72Zc@Yd
z!$Z!``|d=4h!5$NvoVPbP*U1}jE22#1m`;YG;DB3m=Ci|J$_^Ob^~u$%VoQ9pfxb>
z^!Z*=KU8R<JoKJ@ROPj~|M%tlQSZDv+_H9rPQrz^>*>!N&z+hC&h1ReAgww7qH@<X
zz8szwuOw_@E^E-rW?c459(hQr_UAKyCC~P?i#%-o$(uZ1UA&GVbK;4B>kM&VQgs0Y
z-<i(fo?gm#RyhJEa?n0&MsmRhcurxJ+lp$n{!!HF{Q;;)YUdZ#i1_%1O-@SUd;9vw
z@9{9T97ccui2*uwuvX%whD4`=t(Kfz2=<+(d6N6@=`+fmU^3@vkswHr`mx!JE1b9J
z$(`TjVd;|B#FGv$Mb^c(B~+vj`X%R~!o7B~-o6F1hOO*Em<yjobQC|a6&G3jZOgV0
z!iH+Q%Z^sUo=2dvV{#c2<Oy^$$nm=14*vZsgc)sqK+$jM`+imedW<LCuiHtQt(>>d
zp0&4o)>>=0$(z-4^Y#t(Vd>fF*^ATek?nQpA>ZT^CC$yx89P|~3|UoXoZ*HV1V$e-
zjIfVZ*3@KI*?rI6>Cc#IX78=&?(36PsAqi8WI;oBFPbxG?2P!1t5N06Th?r5`;c$o
z8v!w5d?%jycAJ@|Oy$<c*VM{lh=D*a4!c>6MT-Rz*4Z=t)J~BvBJ+dI5qSMyyTN>&
zm&ie7UY%Loher3!V8n=mC{!W64SpMRM-VPcYin6(L$Oif$%9;|_;$M>^8O=ijyBvC
z*Ngy2I2%1FDJ%zqyk0-Vm=be&EmFZNBo~;lDk`jKv`CW3F=b7N_4LodEj8|8gJ1RA
zRyN$Dwkxd9K#qn`<Z_K;4rKD2=?b2?l5*sO2ygzk5D)&ObkpJ)(cvdiY4e{fH)KmJ
zhpKs=O@Y%p#oFfnKh*j_({0Lv?P6I*WVVUw_b*nK(gjkCd`?4l1#I6|&Ai>&wM@-Q
zHM95{eBi)Hh7wUGB@?A&rkm-6Wox&K{Z1&aqRn)&_SVt!Y&~ecQ$HHrPD+NFS|7IW
zhv*h5YyF+Jb9rkAs46$SkM&@2O6|>iTLiH?W+B8nR?GkV^tabkd*W9I@M^Yf-Gxc>
zaLLeiVGU31HnjhSvF?qr#ObIoN}uT;E5E609v~%#>NIjqoo@F8v>Bz5_0@4K4(_MU
zBpJk+vgOU85<o<>N}}yb%h~JzN9}?t$2r-G;fjYq#7W3Qa&oR9vCzT;TBOH_VmS85
z*jQzajq-S5tzBaUcRLTn3HqKfxteq)z0%=iH6NY@Hqt(f53Y6jbhVB37Vx7cq{b|f
zZDzGus0PRt57K_w=s^KH^tF52tLuM!D|nhWYQK_P%=>&*4qDCKc4rH)$wME|(pm+}
zMJg;Z!S4_z4$8InT4fpz2U!=(k`pD7s`*}G;NpQTEJG+DW;TGS9(&=vph`lw$w(`K
zHsU38^-gj;K$4T4!*0{I#*Su{KV-PXdUv<nFsQbQcba-+YO?ET_^{LUw>N^O<)>3u
zwR+<x-7}Hy34QHtpxSh_`MwOB`w|B^bf;mPn+U;th0&WT8@z3^QvI9SwOb*hs{06H
zi78&RzVx`;qny&E!QzQ13l~(XXMcTVee&$hu~U=>m0+1b>NTHqK4pl0nV09Wy&-X<
zy~7b%qK9(ZaNk_*A)~)#Y5C!u6(k)fKPkL&3>aM?$+go;FQ2tGD@mN!Fl5v!Jtgnm
zX}#|ZFfjGbX>s+BaOz{+=HMtT|7kh3n^p%_Z(iU*l)QLWN@s@w12oLQc9Uu!iav6H
zs>%ShCHE$!yCCfoq(E_RwHHyXuC(V3KaF>{Mtf4APvY5zRB+PF<yFM%l<AL~hac0z
zn$G+raoLT@Cq8UOq`@a#zQ>6c?xp4xYzuS_N`IQ!JIJKHohQV06?m(&Oo0m8vvwre
z-Ku3oa8*;E!Ym!erlPw4M73LeWlKHQ9W+N-!2f|#)Z&a{mBKRf@5zLU9bRzpy=$6`
zNU^m$5%MvCZ2>t8keC@+C#F8$2>^;`$J-(eB0ismnj+Sc15p}r@)bk+xBNL9yE#03
zc#w|87Q@ehron%!{CxV8Uq8$+7u+|#-3u<(di{J9o!pKeY7`vaD%5){{o)zu9v=g?
z+B|)3MI`W030F-v9}~Qkn}oN!mu;DhKC6Zm4`^+TjB>`tLx%v#3za_N9k(M`;n>AW
z?OAKCpE;7_<Vdno)>7;QnEvRIr08164}sG%=<ZZFkaHyw6~yJKX$DD?T3$1f18VhH
zh-M?~W4dtl7Vq!W{O162O=L}*)1@98O4wQJXU1KO$~*W+p>--9q>wY+ChuV=*xR9m
z?XbBWw_ejH{0Oi!y7)4E|6=?MGw8jqr$U`az3N%G$+2V9hayDd>UfJwKR$n<1}p!I
z0K!P0N5}MsN2XUbo-7s%{DEsuLa4x>N*&aaSeXXkE#5#P3<h$)1KJZH<?Jw#4a1QF
zM#!z$UGIYt<JX6Y?Wc%Vw}A1+Z%B`Q5oEN>bCB)rchK+q41i$SR&+!dygwK+f2=Xk
zF61)?CQGn6d<<>VfZRU6r!+h}<!oI;@)T_$1vs~<_qH!yU0vJ)yIm1nQ>$&KAX`I*
z)MHi@gqHhfTbR5BYoXx$ZT~Lw&k82Jpbvqr4}SU)WLyyrT>!HV?ng)!CBZ^ajqCrC
zI!i4M@Ph2sd)i$KH;_D~Ye-(i@*a{O6*8DunwP5KsE|DJTdh&>7&*Q3)&7A)KAmf3
zD!)9>=1{(`){jFq9Z^@R;9wvRXpLS~jvw)OjvOocz?<^*zk5^xGJ#`)#HAvacYh}n
z&Z>rgB<;UZ&zG~WjZDxg^Ph)Mi~h&q_&_&Bi^zM_Gpm;mwm3Dv%xsC=MAA^M#wRd_
zBK<i|F{9N<9UhU72J@qn`H$fAVTZDMoz-LLt1EcO;?#9x1`?W^0orB$x3C$}al^g+
z_p3bHsXR?yk$~+ADvRPDXDLp;o9B2%0&;Y%|Ej%gKLo~=Y`@nGZ+9W5?pqSJT}1Am
z3to2nb8aJfShrV2lTc|a|4gTU3&BCSKROeXzS1E3)<>6HO%Ya)ricRfM@af*yFO=Z
zjmHC+%Wg`LQgLMpc_}5a-ymWjim<#AtP$yZH633ga`NiN8%R#wb8B>|cxx8_22m=_
zf*dT31AqHJ1>1cn*(q_dEuztZ2ifyC0l>qu6CDu_2LWOPN3D-fk-NT83++()M2^_W
z+R6O(sU08cgOFi|1fe^&yKC}m?`pvtcywMHBGm@<dX^;sgxI!}+}Hq5P$DgqvxxBD
zviL#)=XTSCc00qaRROjw>NMhu8zt;okW-T2aY%G~V1Q36cx5*F#=Tk)3ct5AOIEVX
zHg71l_Ng6EMLG8WcR4&(VsOR|>E(%=>xC>flNsVYL*(+E8nwYDTcN;%`~RsW4^+Tq
z!x9+20N9tZPFwRoQ2f6N<Nu%H^_`{L*Br{qZf>|0f2P0r{DihXj&QJ`eP$n>00<9M
z>HGGby%$neha<9i&@^|M_Wxx+FIO$jYLnWruwAL*73y4DW5&WgEKK#27+4!%2c7+U
z7+(C#84N?3opNN*$yfO;0}j_W&iILh2o+d)_@u*7J;kZ&ESjjh`iN5K>X)C1f4?p_
z!7O*Kmor<_!Sg&U5?v6Nn@y@oh&b;DJ7n_<rTO<XmUmp<Ik2qLHu#&xUsyy|xqA-?
z{B3kzwAtK2arnfywr&3f^&s#2%~yMSduPY>tFg<xea6yHQTj}3uZInhRsS2xXmCrm
zfk!7LI$Wv+wE0V^Q*JBa<K0^3bPoV4tlB`=Hf(TUAkWSmU%=VDrT2E47fawpVYyCf
zx+PNM33JMc9UT*0(7}#j)Ha#|5mWHqLBizB%ukI4DWrpcW11MIed$PL6R?XZA$cS+
zy4u&ZyS#IM469W_UDRpQ(_P-?^vG=YHV$*bIw0><oLM_P{e7M9&}vlLOehtWD=$lt
zz2%|I80bZsqB;5EKw_He@mvxIuR!&{d~Glo*jE2R*@kmogh8o{>cO98M!_6d{UA{!
zIiFSVh4t-DQcX_$cIFp^?zEO~M6?pH3^D8-!%+?_y4#jd3+EuqLoeYRqiGiMgy0FL
zr0SSDnnujDVxPo-?Rj~5$L{*xJfcr6LH1@4qCwIGBdRLg{MA_E5eIiaVpqmq9e%2a
z!egnnYql>}qJ7(!9iN4u5sVH9YnA|fkkVxQnfPWly4?F$?S6o3_0%An!}~hW7*coI
zo(ob@<K3gmJg-Y7x7S@NFLpmKk_ZEj?o7Yv-n3)pd<AI6`+MT!S{Yqa_PyjtTr_xB
z4efxOM(zXWf>`cIIW;OdXce+_Ky#x5CO7kOk5(N}B_$^@J^j#WRk&R;rd$O?4RY9B
zSn9f@$&xQB0`%nM!@_Lm$O3*l(FM#OqxrP#Q9anoywEG9I+Gzk*%LH-rI=(zBrLgL
zY43(7f<zXUsl?1C$0ub;eL1DadJlAJMM`8Gm-FzjNtXtOOjI<B4-Rw@y~_I2W**>?
zs@NEY{KTnRmtvqVS0)usRNC<X5iGTNZrQkp3-Y;6x;s&8N)N+-Zq6-Cztf9^F%8`(
zqiH)t><sUo?q#HQZ|@VhmHr{2O8+e?k&*IUQ?$4n-j1~X<N$otP1lWs7v<tsx)arg
zL%s4~JeKx7dg*g2#RoSPY=bK}eL*h%`st4#E5fNo6lXLk&vl5YG7ue}lMl=Y9wB+-
zdN8MdOt%F1c9NQDbPkHf-LU6yzP@H+q$P<@E@wH)G_$IB=?i98Ia%<pRS64`XeIEy
z42>V3@TBJzCDXH`vu}YlYGe`|*ha>-3T0>0Ji85h0dZ_#VkZ1l^*9)Va~68&5JvY%
zin6OgjdS0TJ=XU<`}yNF1>rYTIbY?r8I@^Oc~(=Fd;so(g4yfn5m<e;NnI%pn*?3g
z=EiHC6yyCP$lcF0q<f)=#FAOA$SYvAa~(wEgN~;TdvMbAoUYFL7Uf{t=ctasJLUk4
zyI&t@f1O=*t!2`b!tNhNtvQ*)RgA9_+Edr>tXEPOUQ-Z-g;z`5<=0)7W}ZXetsb?M
zZiXHOV>UJlTL#qNGwERxjU}`XOf(3mchs=j0>2O1ldMIhUMu;TsWamc;U`S@QFiC?
z2#4}o7mu#>PC?zA9tj&b1R|hLN;c#tz5Nntk=SovxwHuduQ%T`++kqb4KB*b$Pd4(
zO*L$(cctYQe#XQGR62gt7XDl*sUC&!Rs8<J?2KUkj~!9ekqklyfN>b_Wn~;?Bts$9
z#@R9h%&}VkWdy!IT#j~gp$51}xi>MLmS(=h#qFEyB4LYuKg$J&NV_QgZO8rUAWbi}
z=;uK>k~sET^9cX&G@`PW%cZh&?|}4;)?EMg;AKC>&o#P>j_L83A48l(q6#iyEE_9e
zG#|e2m7arJoOHflI8w;rRd>L*x#Bd7(A2xKW246C5LCR+=Hc<rz>{e0Civ?$@=uRz
zZ`z4`71iAg4>#VvR`@o6-hI>5gDNz79UfWfbw3LPrw0kBw|pSgBcT`NjQWD$9jX?H
zd*I-%fYC_`QYd~wZ+Sx|vUuEk<=Bd(w0F~3C((_{2$6D;O}ba4N|&wl%nKMmr^y;D
z0T<pzn|n9BDevJO8~^i>jT<?oY^NJ2vY66!*bmwf0tG~5YH@!({xYzm=k1|tT*lu=
z^J3&DrLD99{H`831_kWl6J`#bb&)-8d_wGlkr9=R0v^}1bIo^j%{L(hfT<8qKuUGl
z8XdH!QP=cX>yu#uo6!TDLkhps4|)5tZ7`BPyoAS%1GBCYzK)AXMK5u)f<5N!w)n!I
z8r&Oc{m2;6%CR#Y8-n9rq?6yVesNYvs8}!v`YHFO-}AUF0sq)I(9JqkNekVToG4~^
zJ7YLkc)pp}#p?$+{`uD_IciSpdXLe_4}+@Ag(@)G%D?HV%;hPWBvz-lamQB{mIW9w
z(@<XVX1v0AZEa)!o2TE<=f&Bo1TgMHL>e#}Ed88+Wx~LwZVcX=uelH;$lybA5!S?v
zt6q^ljJv{ee7>fZ;j4Yd(Cn-R%)Tn;LnENOjA!wW1xA*|UDgIk6K{ve#!$(8V#^e8
zim7!&@<I~^qs2YikyBX(Yr0usdHi6Jyrw5)f_ZE&UhoT@qvif)RQ`rvNL0QknV64A
z>?&kY<fq!sk0du2x@4e#%dg@{g2`>{wX{LRwH_dn{WR+d@kq34B|o2%q5<aSrXsWC
ziIP&}sLS6UuvUw-UV$1nT$fT!U`2E1LRv%_LMmXAjF|9;_t|v_swrH(=lZ#G_4nE=
zJex@iPF13_$(fuwry#NXbXxDzwc$|id@b|mjrbaZ*Dh8rp?yuFY4?nc7-e{~+D(xn
zON(RgjfCt%gwQe^%PTA1nK_z%H)Hrdm$7G8kgswv#Tj;y5MV>+9;ay@lDt%qL;s_q
zMf698A@v&vE2a0n{3z#vF?p@~6^>HrpQrp#OdPjgMFjQl7Mnk`E~1X;>Fg9@s0a5B
zN!OIdnEGrtz3vahvc!2z*Of;7`Js#SUSgB{jM5qV(hC06o+EYn8*AXc4<N~4!IdLc
zv{BMn$9(!v!TY6QyF$o2azCIi+PJ<09q(fl=zd4;?wXV3yp~Rxb(2O#(3iX3)og!b
zXG&L{S(W9N2c3~<AUEDFul@?jXR(0yT5*(R2<kq$vC(<fKu*nRr6XX-gBJ$S-{1`c
z-;3QPir6i?pAH$%z72P~>-M<wyG1$Y-#H@~s};i|u0Itz#Z>|Sq8S?r1~t@OPjRlm
zvy=vIjH45R!tIhmd<%<<q!s|7A4-2;BYfJ^K@*%?HBm488<xP`=dC<f-Qh}+94>hn
zksEP|jif4E5bcZ%Qy0sWtU8_~VoMUr16h5o;qhs#7uItr)H!WsQDqZ4Th!1VH=|~5
zrat1j*9{_;h0;p?K?$YcW4x0wLDN%`uB8MLX&9tD2+t)l!|BolK9n}NyyyzYC5U7Z
zeojxfNY>jmlnB=Y2|=|+ZV1l|p)vWXq)(4BNf+8SqN<<2lnu_uIc9kxQ2HDp+@qQE
z*?{+*L$>Bp&(RLPvqD-3>CEw={V<WX*sa&Go{^ao^2ehx=~VnCzx=^ISl?J$kmJ(d
zS~eKtz4w@x7M=T5>A>|E{3R|HJjBCsZP!?3d5>Z^K8M|r0{wT3xUuU+oxNkyc_q!k
zAt0h4X47cPV63}DIh>~!X0mx8oneP@A;D97C0Ezhb-hlC#-ul_G#sVv7}e3mh+`v1
zccpyX6;*oR6-h$;D*wiVgd#(h<<|g*kM2QXvRj3}U$?((v9z}htEoFuePDP@qq|g<
zI9OJ<vfjl~8E=V#hu-103cHET{j+bSc_L9|0>9O0^)eoXsR<*l-9N9+DJk3H^gZci
z_DTu*sab-H%i~q9dVYrCNimdPSpIg3?_KANU{YlzizQLL8favAYmS!KRRrj-Zfj>t
znxZXLs#eLNXKHDif#E`FK!?rz<a4#8n2dn~N9(2{cu14c7k}sK0`F-W8)}!Ky`-cp
zj}xT^&&c^0u4#;5N}sKH`lWYeOtkxPc^XQ%;dmal8UUw+yTko%kciN*^|xq(x|{He
zUa>S;==@?zL3wr1<Os<M;L)>fDq2RLYzXkEmV8u&k%mg!squ8lpY>zpb`PjA-ZfmJ
zw*r<t#bU<s+{tr!BXpto5Q%&CtC)6X7|RTTWlSBS<#aZ>_c5o5e&$3E0Rh2r=O5Fp
zZ?8U6M47^_F_*q?6x!@tngqm-K7Oh5DXu*Ggitc>6V@4*X!@ueCMFu}VV<bLQ&};x
zu|eiK$`V+YFGHlTcX<4P_1M$}wiZBdJ1Il|_2w)z+<ij^&n>E4jml!k*O!`CosL_m
z(#jPWKdEhWv1s|kIt(9QV_Y^Y8okUV@=}QCY?d=@)VKM)1WQ|sXXKyy^5`)YmSuFa
zjEt-pQv{h_^!rIOX>P%DOFs`BkQ`ma(b7IyIs?<fOEqnZP&L{N@hKf6%Fa;*On-E(
zo;Zq#mDZl=&XCK5PdF<glYnYvU_LsRk>2b06dCmrt~^RJek<>dE#i-wAD(&SpO>(Y
z#U41SesU94LzHy^5_hq1Uldw%VM%L2e%v1M2IueS=;-dKm*w(IP+RSC^Ttc_IAdA4
zdOxj)0{)me$i;Xv6E$&;fV&b)u<Z_C=kGGUsH<aO<%xey&Gb;s@JWHr8!n4kzNh3-
z4*!+bTB^KrKg>OKWAP}13%z%9b9c#~d<RJBzAAmP(P?lpmsa=@c~5;7EuWKTm9PyL
z@rW*O)IRQm&ZHGiEBR%xhYs(XHnQPndY-y?yrP|5BtdRzqR|&g_Uz2Yte*}a&EqPE
z8fxqL#%2-yOwAVRt|r%z^Vy(`d2buRC3{j?LdDXMQ_W9;tl?e1bFOL+0~bk}T=8AL
zWiUG>Q;;`d#b8vKRxOM1KI~T_RPa$kv!qgsP_0|v+Z){&d%8|b{++jHsh#iq!8s&v
zkf=ndG(|$q8Qh)6nPD$6*Q7}^c-<pF8@jS0>2v2Z7**BH@-F<aSXm$E$_5OOZsQ9J
zjg<gmCf8{7m>!x&=R{I33RMW`g6^9|`tEi<)z6gFFs;AVj=Jd7dx6RA?IfF66S9)U
znQIV~p--ijvG&8tj|x3Vnm;MexX`JqC;NNRopl>>BIb5P|E_O01+2GosoP7*Ys1rI
zDMe8<ZLI;NprEMY6{A_|D-_m$r(`Z|ZHm#EHT$ezs7g@#TOh*sA&1~4jJuPoGWeK*
z#Zje>-pXRb(LqIb{`FL3Y`tB_Ypzvh-9?y-GmNhN9WgPv8Cm~M(eNc*W794$kn~W-
z)u29RxU@H5WHnWNSv@E`lZ#ixT4nY{h36k%53*<>z}eV^pr!iDLBl(7As8(m9nqIB
zbQiu*ZCgn9?0fLQ79qvusQkcTb~!&jww+U$>n4xuSsu!=6%awqDRrJJ=e==6JlMwo
zCSkqq7WnY}!IW$fY=9|rtum3pzGj*q-C95`Fq%2SQT|SEanq}r8k=0m9QwjqgIGp~
z?2V?NtaJoj_6(oj2cSYi(39Bh_}?P*1AX7Z+C*$=DJy{}@jvSe0!m`p9j$@0y5D7H
ziD_QMSY$*`tT`15G(}|<bzVT)s~Ko`Fn|OSBbndj6(jq`C!=CV(f_J{sDy>m@{JMS
z>$QIgQIM1deru0sD1{y3B+(m_YlmW_{Eh6Hp^G|OoZ~V~jm=06%nTHH+1pLQQNQWK
zb;|P5-};szoex)A*So^ajdrV!WfT?r=taMeza<n2T3Wv8X3GzX95Zi&U-PuN?90G)
z%{Jn{Db*>&g$PL#aLkE?09|W8rqt63BGl+Ze9cY>`VWf8o+RXok*$M;e(kIr_mbC3
z;w9-;*11?69{iXde?<$8&SiFTv;T-Qd|h;Q^V?rJ#X9$XL2a?Q)7qas_?jx$>i?qa
z9pfVj+J50+lWc6;w!LvSwryvF&BV#Zwry=}XJgw=Cbq42?)y2<c|V<RUB8;?sp+o1
zy6U?ApfY+pl-+_+F9ecus0FtJ6W52;Jiav>w9)+8l%NGE#{^NDp&Xiy?zQ|u;7T$!
z!yJ!+h$+Rdt&1(GV#SAvHHx@pt7G9VbySvA&j`CRTu;b|_YW_JN*FXfTyw5_Vfjo?
z=gC}&*Jhs#;vtl>b#$%=vNk!Dx_JlYY$#306O4{X_udb3uMA<kgkv%4{CUZ>)0u~x
za0xiSXRSqLZD1(uVTyG8Ixv*3s2Dz&6*k6<AKrK;2<|QMehDP)3XI0-^opjbi(g!n
zaPDV(UUn2LXF%Bh`j`tlZ3dSN9md5aJUUhxB!txN?)1Jza@xibgCv)mR7AV9`ty57
z>W_5}oZilxh!K?<+L`g67;`$^dZGIq-&ns#6ir>hG{MgV;rGv{v`}pF*01E5vc>c2
zNu>nb$dPeGcpp;}mtuye1*6^Mu{tzxrsc5T%>_R9ac5_c?G%*XU|RRgEMw9&1;(ji
zKp^fy$BQ88{ou$%Zs1m14-E^{?5WkyqZzo>9E<&hDbiF!bUNo!bMFkGJK%Pm3iQtS
zC6OdNFnP)Fc$IrI_=MFsd6~aU{mTCSe3Q(SV?YKn=(-M<k!o&`s*J`(WDgyw(G0I`
zDe`*scW~lL|DAo#cz^xMB@7GI6gEEpeDk1Nv7TAG%wA}F6LdC-gb*!%qQfh})RRxP
z3g5HAC(~E;eLBJUw~L5KCH|njnDksW3*fP|pdtfrlw|K>Rp3)Ow)2#V&YArAGF+&T
zKXn77-7@vdi%^-gn`eF9$O1V0EX^<ZT63*Hm*3X?JyO>=UBe(Gy&4wt!&YzmJdv!v
z#N=1}pEZnkl~bHJio5$RL35x*gleGs+gw&Fk0ya>1aDinNWUV;T2F0#a|O?<!L8`q
ze{%jyrNyoI8GG2;6Lq4KgmlFaAl_U$tZ}OskMa9bfb$8%Tq9Vwm#Lz<82jq%)VtAv
zyw`7p!xZE5T*C$~wO+5xb)2`3=k@e?K3ekm`9RiHp5~MkSBC8GZ8@h`mY%gSnvMqO
zsfN)-bnt~&J%yc)$^5Ss{qB!4S6tmNOjAg$t(3K{WR@Oz$-o59jMG~dUwd&gHzFh|
zrU?QN4K|m3WxjvS8{gu}u(0$FVmyqk`k<#1QNyJzEHD|7eHiYtfs1yiZ#Gsnk9Iop
z>bD$9xOm??*Rl`ocexoQTuUie3GO{Y?Uf*`JTM&@GFWCB>cwq{n`^oRGs6Vg)9=pB
zrKYN*pIWpj4)J=ovLLz?i}xplZY*-0z^|t;6JyKFdNWG{JS{l;Uw}H1r!FCVkn1ld
z_5?yB3OZBY<SLdJK5Dis^+w%HT)*y<p4z|3DKK!~t=5&y9Rjr}Gg;E@E|%if=6Il*
zp#je7{A^rElk#`3WoI`monMdP1r%$c%aS=^nfO1iTXw2UX(ogJXz^0JczaB4-O^B+
zFE)CkL|QP1m)Vq3&3{=!+$AK4OZm>Q_x5iRN_lxf6ws|C|28qb7<iTXb7E^P_I8hx
z;`mU046+Hg$=34ni6|QH(?{<=_`}mCg|=@mW+qYd3+CUN6=r*kkXp%raoL%;wLD>Q
zlS)abF00pr;0=^|*!Y~o@+*CX)KhEW#B@wt1@4c@>hrrZBUc^tR2g2Wb$GRXO5nvs
zL~uH7ff}nWKBU&lCk2a$SV^D|_-bL4CiD&-#ja4ldcIb8!iv^K-+;`(y(spO1y|IS
zciP|7{b4UOEhVw`7R29#^lDP8afS`w{EKLU=}u4{c(<M{IpIv>j!h-B2ERMM!1^j^
zB(=2cmc0ek-lI`8y&MaF#ay4Z!F(&hOgIs&ZicC2aW;Mc27OcHm*Inkb><|i^TlWr
zopLs0rE(B5`{r@;Xs~6t`sz{y#6D+kzP((hUg7E3yF3gC41|<N*L59wiD$wEH!2%J
zkKJ)Io70-8H06ySk0+i)wX>C0cOm|{<%^)eVSI!))@MX?NY!1bzfID^lULJ_`60^*
zu@PrvDk-<O_A%wu*)Z7ajPHg-W^u$<>uou`KZSXl2_MmS5k_lIHoTsF_<%2BRN|4L
zyvQM0R)uR0soU3zgfVP#t{D(uSiq;>r*g$xfWRsrobUZMmK5$oDTq6@5)l#X;ZB!m
zVvI2~^h!pAh2_fNFsFhep`{FSb{CkWwlG6REAe%q%C_bxOwEI?x<x)v4d+CfSCp+q
zj1T+^6D)8(5z8*X5f)p>l;S(e!MR9UKhwKN4FN+fYcuQ?)UI!yzhVPmX|jSk6b`VK
zr)M$F??UOK-o8D5)9iG=M=W82JtrWTQze?>_WLA{%@I0`H54GD>xs7=q&*1l_I?}0
z?)1KkaP0P#lU7FV0&0D}7=A`?f8E5s-?aDvkqw3OjZdQZp<Uiz4!1uYeF0wQ+g~r-
zoq*cm#U=2Lygo08yNn;EVtRX-CrmM|(I1@c7DED_?@@6GtWH})oekfMOKBr5w*?A2
zZQ~6iAG!$==1-OA_Vo-68wAyY<Etqz>@jgpUu%8B{SRHCgvB5;iqMNBidfo8Q5-fq
zgjNUUwQ`Tg3`7O(%5+=bccfT~Wj^5lr0XpYQ&%qs>CaZ@Q`Y-1mN{%ga8STN&v0>x
z7)S9-WZ!`;JoAx`5sUm5hz{LN^?v)%&7gK`Qv@U+$G|cIZi3gr7jI1yvI)}#pd5q-
z*h?KB(+r%DJP;uXrrd50VbIye&dO_QsAyT!ySt(F0?<~vpby-rLC6=mY?2urtOzM*
zT&U3;H3T9skOD@l$_ne$<tqYW0+kH=UTqy4wV-eS@%;o%O^uYEs;HVc6+N}{w`xF{
z41$r>3r^dwvm@}6>JV{C$$ZCZMQ;(#2Oyq`X`<C-ijnQn$V51_fBBHB9RxY-olB9E
zNp4-rH`hwRvTAHqO?7b<QLGbKG8LQG&(LkzM$UHhG!{L=$izhagX~1Tam)?NBDRE$
z2oa21d}Fy#I7rqO_yU2kSZ)il)6=tZhDj>QmVlfL>5cg{a3w=~G;(JOAzmWtSd1x5
z>>{sLc7ger;x?%HQZPIVDX-(R>iy^(Bwoyiu)$=CK?;`I#%aR2Ig|jlF<wF8qy7D)
zGh1G~Nm^bfp=T*e6-~|P#BwN9TwI>C=Y|>xCHA$&sdqDYsv*7sDk)Q=gMa_lpn7(^
ziQZto9ln|g9wLEffj{7abpGzWGjtQ>fATz2Le_2>2DCL`cjqkaH!?%aXkmzmdmxho
z<p{E}SQ^}n+yR*JftUgR2$=ilIJ3rK9OEwr`=%13k?X#7h*Y(a2(JYeT&^nGm&Mdl
zR^(*>_Yo>2pM<6g+2;f&>%#30V*<mWx9~IATu5M|WwcrZSB12A%vp3Y`$1VZy0f$L
zavBQW!m!;E_w&j`WiToHz~{H&xV@{G98;W!mZN0Mq67mqDcheUpHSrfAzKMX0`KT$
zRaKNLn^9$BNFqj`&M@=o_aQ=4QwqGif=80o;@z_$#l`sRcspiL072cgQc0(}-$sXO
zkhh2?gmTtIt1w1g?3hyY!~%j0qw!4OzdGl}bZsr6EwE4Q97_r)(4}no6AI8-mRZSL
z3Xq(95O3;k5EuxYrQ%0Iu0zz3LhpP%2)!*8ye#=qfBx3nO4;5>ag63Jd>Tqf+2XPz
z5L{Iv`_;hxXVOa$PAVp?`nrEnal&V68OEuZm7L}uc*}xYHTU{V%P)&P=sy_*ew{9K
z(r+{@^o3QlNtIxDbSe;K#{~I8>$ydz24Hg#gkg?p-==Py>Pjn{P&-;)DX=xjs%yw8
zg;FxQ7h#}E+`S<=oNxQ>Zo;F7df5}Y5(Oc$<Y~_J!FQ~RVa2EcCi?m_0JyKDr-e?q
zsfG7|XlvFIjT{DoY$s3WzQG4hx+ZArB<>SLQ;^%A`wlLH#1d*?v?>-vg%8>$15IVT
zFIpPX<*po{#K;(HlG6V);`5P<OCkAtUdhDv_w|3?7ywGCc^)3G8P1ichDc`BM6`+R
z*7{=c9|@Nt?!Jh;WB{Ed^?$IVOjv5%(L0XD3jOD}V37}PX>XXMN2wD{M>kV5IgJ~3
z^)B;u+#WxjKTxX5tKGjXk^W-)(;yLcy%@d3!A#I+0(<kj#L_o5hQLsqw7jpX2C3v~
z#E!6tXDcw^@h2F??&Y_G1$3Z^oX9pDSZOADBfxFvv?vzf9TOMYxu7N!5m{FcT4;X2
z`G+sLR{dKjz)bt1Dd7Yim0_IQ!*1Ie+jz$GH`sFc%Xmz#-3pkRnocm+I29{_=XDBM
z+MCCxmyfRBB338UIWWa)X=@w*{+*nxtE;cOr|0{{N%>Y;#RNaBp^>t>v1<IZ<o2k@
zBe-I23PO+k`n7(Q-7l-QY{@V^&C*jpb$CbxGfZvgV7HOu7o$^bWGXS#I||i<bu>PC
z+&xdu)8>DfgES|$!CEhG><1unq!+9V0J(5okdY7M0Gj_)o)g9I6~^Yven%wK4~tBk
zVQ(yPvr8wTCluIoE-SAtDrgKkePo?F@D~61y8@odL1bZJK}lI##KnivxVgmjo;mK&
zTvYpw3ari`r%{e!PLCiW*^yxKH&mzBt);+xX82QcKdro+qXZvcjX=6UD==ot9oZnw
zQ~9OWPXf2t{GoD0<7Z=w#d+bss9Mf^+t;-CLsz>EQJm~-(wSXCW9?*V%9mCz4^}>k
zULk>OAKo%Ikh9J^s@s-zBZr33i(V*5!81a2qYOtFvU()Emb|7M*{J}sH~i(kQQfHE
zDI(#JO5g!OnmLt(R$*wCExrpL6XF#9bWWm^#ksV-F8eUUJIXL!X;V<9BvsJi)7n+$
z?1s&`uu3(eDVTDe`g>U{HjD2Ir(>lAK?Mf^qpRt|Qk19@e$y&znBLq-%pFO4L1buL
z4Zx^mFXkMFBb2=J?MC;Uyur%eI<KTT`T<l));b+K9F&DjfVVkLk-2VS>lLhsf0(6X
zkbj^}a8*e^l>cYn6Kd1%G)epe46$GRr}syuaKc(U+$lP+vI>`<k7RWX!%La13Wzpg
zusScqC0m)zYg}&b%8|NjbKJXfOABZ`ctg)(+-1k$e_rXLVELP{RAFb(;~rwD!$gFX
z;!dqTqY@v|osC?$7p<kWQqPpCN^BgQuTQa#EhDsNhXrryQWAr)apYbO55Nbw9pF_Y
zZidrd0b^!Ev={{Ulp!<VabrAVUw|;|SPGnAVJ?B!jOY6n0O-UczaPVG-;yoRb<xGv
zxYX@jOH3}}heoGxNPEle47O~i+?d<9yGW}VBTi3c#>U4^aC6Cp$IxVRX>2NNX-4G-
zp0jbA0{=EzdftwWq|AjN6(JUD;r38#2mr450FwDVh!#ss3oQV0rs+PJCtcs#$vq{m
zpspAGdYg5Wqfn9vIg5HuB-L?u2mk&iBE8Lm^mC@6jlQV%7$T5i@b__=(!vGe+%euC
z^6Fu%F<ZE<E$XIsAH+^!4EYR$i7U>u!cGcqt%AH&i5pTbT%pk~UTCtEE!`I{o2KOL
zR8n>94Q8(xaaV~}UwSK?_O^*e<|T?sqhOmJs5qU?#TCk;WnHKSv#V-mL&itha)yrZ
zIU!eJG8Lph%t8%qD6^v}L9V-O-G6stw!Dc2OxEHY-QIzGR(834r$7`p=<PksOnQNI
zKKe0q{Wm45BQMtH8^jayMU123JtOOYHUO2B42snHZanvdW!W@sRO5c`=LagHEOy=o
z>4p~aRju5>Vq03zQogZO6b7<t#hQk-{O`U+=IoMo@B8l8l(BADn>h(_byvtZhI*1}
zUx?O!XIyR<`vR=pkFDZZGxIv(#SLL0gX}_L4Y8%ku$+aqVCM>p*NcvRie?_vcue12
zJ;obaF2jm1g3@q-xCWDY03nN~TcQkuv861Go_}hO$=)XR1$bhzijSP$L(&E~o?N{g
zEej?EZ;;Ks7nOj4yTR0H>6$pD6wEPIF~y<Mqp;s@g?@TbZB1bxo5q#$QLs}L`Q0Q~
zKGc3GikusD{PPh9fEw7JbVa2dP=2<m44a87n{g%<hyLeQgv?&-S!6EpYUZ~x%V?v|
zaFjwCD<Rl(O7R1lhFy{yjD?hoMC>&z8K9yRj=*lTAtraI?11D@ox3-p|LdVY1whcm
z21c0%BS2mn&E1?(LD37A`8Oj?g)J%nP|mi%Z}T&>ef;ds_d`IMyTq?*wYanLKq)O!
z6(`iI?pH)#+@^hT-o#Zt@E`hdj5)!Ajm4pPrAG>4Ui6<O8sb=pb4hqX$@VOB-AH|Q
zStGQ>`2ri5vYARc>w_yjt<mW5!%#Y4ZW>h97|Wy=xj@nCL!sd_mnde3f<u>uTNh|P
zuizt=jiW=O;FxAo47^r>)xGC)9eS1~2vtxi_(d~sHc#WPqx_x6&9HOyA#>_>@@5M^
zk-+EpHH5%9@(y;LulfQVR|yQw*cb^pdthgRPKw*~tkuGK&7_J}oUErOA1{=-Ts0xw
zWT((pQGR_`)V*B2^X)N_p+tEK`;3;9hzR(g#2^OdzUmxbUmH-BM5Cl*WRgCwtW2x+
z^_2*kZ~a@mAnQyoaEcSGuuHI#Ajjo*t*E*(7q5glMykf_8h2EYPTyf0TGMS(NeEwv
zredq9SAFPQK$h;d1O_&Cf~L}V{kea6HPYijK$&S#M`Cm#KGS1L83SFB?TvrnqOuHp
z!|2p#p`{Jv;wT@XSfXC}j~io{`GKH~QxFWOq0AN!C|PV_EH~EoXD6v`mgtZRiDx~h
zu!1JF@|*#WFSJdAZZ#Xffaa~ACz*}!>xB^{hCyD$X>Mj#l$f3!T4V_qEHnA=Nrzb6
z;#==9UZkowu6S(iaG*3Lr542zX^pD|@uN_qj%7x&*M1|b6Yg;NNjvM<(#|O~R4LnW
zc5b0RonXQ8OidF*SxZgsrxU7&#P3Q6!;MTLxWl*gk&l_7N;w&u_0<lw0%iJid@BlW
z>d1GX43=9Bk2Y?ei`&~4@uB*FdXt@@^^f0^?q2vXaEPh=@C#V`3GvC1MPAU!I+G_$
z446=>X6A?UbNs^}lUGfv;Ls)J-Z3E$<xFrc4Ky^VGisVL>bA(X<LnrR2XWciQq%X)
z6`A@OnZ;S<A|CY$>ei4TJ3;RdU|32C7gCMiXI!qJN*{qWfuX5KLFjC-{pE@wZef!b
z1R|IX)jH(@cT9mO*lH-(v_pWTh@mbd<Q>dE-0aEdO2aW)q<XS^2k^xk9HzsiiQMg6
z?2fQVI9dj*CD>pIiN=_!T9z#l1qUHfZ4p#PA9flwJhfX>Pu+^qk>}cwhB((4rz$lU
z;=x5!{RB8R;eFQ9sI6Wh9nZsAE49iP+0p4qs+QWM^aoX@7AmXL90^FhT>DvCLeX*+
zmRW5nH#e-{gWr8Pm(2Hb9j@R0#oHwS&+Tqy$IHsA3MyL@({FqwvAM2V0@8ceomWY7
z3oV?=!m}pq;AH>Olv^909s75u#JYTX2J&bU_5tT;C#H+FHU{HGqh*|A48?F)wY4#l
zf3EPUf;JsL^z_6P+?dRpF3t_<cvsW%8%c7{v%HH6={I^7h?$!A$h;LbKy1zGz|_9A
zH3Nct8s^N23Ax({`m{|R5ub+GxWWRm-T}fu0)5&a-G5q|2pJ=#-m@-(jmKoyc;~^a
zc-GSj$-V-&_3%2VgIROV9gMB_0>--}#$4D(nQ8OuoBtG7L28sh<LGZd8x_<9mp6(1
znEa*7E-U5C1i&t*p(UX|S~A=waOM==OW1nUNO_t9k0X{h{tToQv`ziT3O;ohRAjD_
zlqzOi7j&Ttb&7oU=)3h))3%mb(%zP>N}0<etW{84l_`suo6n<N+TQ42d2T`xjp&Nx
z=+rGJV*ZoVe9*&eA8Veyf%e@+nC`;t$tp4B(O@5sGZW;+wly?4MQ>*18~V11ddns(
z?xa9<f{VMa&Qb5dAmzeX37A^MQ{b|sr61{t&X$$^5*S;r|5#*ou5X~FtNyXEFm(F}
zRq>aQ;(&N9P0HApH6h<zt@MruhnKzkH@N@lZCp${-;!VZcXD9^F}=l!&l9Nm4|y|l
z3uO%r>9*EXmo{jQ<@=@OIo@vYf0yql!RhH3DaoqZ1~T#z#EFH16P3gewE{CD%M(a+
zFQnN`<^esxQzWEnwX$mDxFw9l>|`+yedJ+on<UFjj^qP)zm|x|J8S%OiSU%ke718r
zSLum~p~Wfx+Il7jlpjvb0rPLv?q*zh`z}etw(fYVvu(vdq1#PZ8Rv?4NPX+iAWcOp
zs1gk$8&JZg>Ah*YUyTN1<luHaSB4`O$=jg%^8`%hK)(%QaTt;=S>^eCH0d;VP}#>#
z4<vA)Q9fh!qe^4*<x7of;KjB2Kl;`SZMGpY<rpU0Pc@yyhE@&Gy~M(IRjA(Z4_B`*
zs)if^$KY{}u11zuV<jrb>znpHxh<N{`q$*ooqjoz*Njn#zovXHU-RO|<G261EML8u
zSLD9_T8=fm*AFAV*M5%D;rT?t>)lptQ}gAr08DmX=~@-Oiz%q*rf%01zI4h1x`jbn
zUT@U<YCrCNr2k`ny;bryCP)@_5FS4W^jWkbB8r6}tDVvC2RL(9Os|s+psu~BZeKe8
zZYjB(!jAEIR}XV(V2|pMr=dTxscx1Wp>;UafxKRQef6&T{wZWA3~<5dy@I?u{?kT<
zJ@r!S5cK$Eq7QfRUg?;j*z@;lsU=P|e@nmns)p1!Dj5#*6z0~gMdMS2DVWn&m^zgW
zn9XpU!}En>I7n!7pr0v}s|#4h-oZY56T&-ymDu%Fd#V)jCd6>|(e(B6@y;piU`_q4
z4n$M=mwdQ;cCMd!IqfmHndP_h>bi^^ElD0Vd*lLg3~g_}dqSy*{d9c9f_16?r=CRL
zi1{GYTb;r&>99S06X+pTh_$q4X?0oC0CQCT>;2Nx>nnpiY4c$(C-=?vC7;*j>uUbv
zeR~lbxDk2Nrg%_V2X=X&LYqauZJ5_sk*(SWefhri@YT=_>*S}CDMM=bw7d~m7tC3p
z=F?2X@l<_M(Q)%KvHaoTvrILpuV*Z8+eS6nk2YON<>m%R$Gwo`YY!s$L0-zIGLU%X
zH^AM11eIIJw+Z5CGhT`q^YE|ip{Mkpro$avGNcEi9S*J6c|NAq_|{6yao1p`>HH~g
z`ci;!v9Jh<i9zDy=NHacT3cV|<>A@65{o=Ek#cW20iia1tx(;@EG@9&|8l<TWL?#;
zchm<$lY+qoNA&n(Js?IVqMs9OU-twg65`H}XO=zZO7zFrp{`!CejU@qa9fon);0os
zTJ)zEW>C(gG_7_EziZqWA~04!b~60-a6AfX8}+&uI+vcRhOAx5jLf77Z?8A=R;^IF
zX0HZZzkMQiHo%saD@WyC&@+h9^XNDXO|gM2lW5-`wy)P1l4w`EL5~?!$<il3>_lE3
zN%u1lK1aagcDC`cRQMwtWH|6?(D=PY{B9eYvB&e16K|pAu_eE2T(n>Cll0E%=>hul
zrfq%lYgJ(R+7O3PXDXF-!Q)SkCUnDi<N`(bjFY0Vhc5!PEWXZR%SpB3kYINJ{vai$
zhZ7Gk|1L1`-}yPiR!E4nMNAOCXbiP13tN*YpHgJDH4io(=OpT-J2t|*sbNnO#N9IY
zf6%Vd(%%jJJ~$O~g+8ow-fqX4+w|Ap9V0=7zecOs0*S~&Fhv*ggf%XZ`&<^2^z0($
ztWsicB=*&>T7anGlh^0{Gk=5*70xM^s+yX#a&S=7qK9|XWPG(AWL^@diJgO_swU#&
z;jW&yw|<7=P1z&=|J>zjh`ayzKd#M}D!Shv&r*B6@0TlmwydfeTVD51562SU?VmLC
z^oJ^Gvg9N7SRIAlQVYE781j62bd~z~Fo3|ij{g5UMiJ{U-d85$2_|M$43pqGN32Yk
z^$9sSR(5uI<$B_jt((eo!@Tyd58yasXYLo)U7Tpjvc|~whJz-3GJJS621Kz|FuZ;O
zR%b=yy<@rmUB7xzujSm_MuR^h#k97!Z)VVgMB4=X9$UgD)?EzW!(yh^*FA+z92_Eh
z&#v5Gxg*ApwtEIQ1~Ay!T^ORaZ_ZEVr`KL2hY@7S^${GVS!aBrN!WrtuY$0Bdb~gH
z4dnilg^~E5>)f`HO|~|UrR(K&PN<Kgx7OqJ+G8}YZ(fult8Dv>@UYl@O{62m&Ap+2
z&I*7lGX2CD-1?p`60BEdY$_d<p3keEz4!h9hW8$ydyG;e)+7E%4z8tb9dzFOM*)v}
z#@L|Efw#w?QpFtaNA2soXZ##okGYlAfpu(Xvs4Zgquax!r$WUeA&=Lj;Xb7DYkm-#
zE|)lVJH>DEDMVTB=|MRqQ^GfhJyy7JcQ$k{_W5;vc*S!wCG<^+l(2|tK3n+X<t+B0
zK$`&n-{Wvi(A}lC&?21N|IVXF`1KLT>bB0-{nyvmR8f^;@oF_eHRUpZ&qr@{YkRjy
zG3vXMOX2ge&L~J{9u5SV|G$4ozh9R(qhe@r2*m~7CF;J4#@eB<rz10>Qfq)wrQOqW
zH2O|NYB_i<MPb)PB!GLG$Zx!5+5jzXesFM-G9kbO&xR7T8$`*{lTlp0XshDn(Op$x
zur@DiNv$NgTW^i^xEYFz8k6KJ-jt5mV_}Ij^Zb>zHs>5+x>@UrY-wbc_Gj0L&xZXP
zfw_QgG*{(>BeY}u{t<arCnM~S6Gh}6B+nU6y!xt~rX@G9z}=wB{rw4Ej^kVoISvEY
zKQ$B?_vImLg9c=2wprWJH61P5Uo+XOg1p+sd7fL|y65WnXQR>k@QL}kCNQG^!^c4l
z4+Ouiin%P;2V+9kpdGKVI8#IVcj%7KDKA#`ob}NL>p85c{8h0h7}IK>^){K5drmT?
z*tfl$xl@ZVr1|(6QF`g1s;)=hX?stKp*ehhnUe=zvWAzw(!DQ?*944P3W0X3ejXTo
z<pHLUCcR@HSmZVz`c@~M!XPm!ug?rOMSQVL0W9M<p7M5xxT)_sI6>G-AakKftJp-@
zd61vge<Q>HJ|`yx8~(SRxvMAE7NxJ>e<K^8?8i0NyAFt*F(7iQC~c0;UgAJTx>PDO
zB^u6-o*XjdfVf}4Oh;C%;)dp)px9{Uxg70N)dFqd)xv6)%s*{{7L*brQ;#P!ii0vo
z!L{tx_{_UzfZ&Zv6}PD;Y56h>y){`&TbPdohSTBY@<{|L8nKB>XYAc_dxX>hm0AA&
zIVHizoP0Tlap|@y?pey>`udoQZ0%czkBh6T__HeN`>QL|wA+4Iy{&H2*CkC=G0G`V
z<{Rd?TTLgv$Pu-H^O69=%)u$O&x2fIRep-Sm>f1@5JWj=j;m+bk8le1?#A>)rC+R3
zykiGX4eFn_CV0=A-`9_aXXw2Ajcw@M1t#AqId!3*l-chYm7J+YmzrT&u~rT=aLxmB
zQ>m{hSaa`$9+syQx9JHzVJ4AtNf2gU+yVo>esELG+F%GtNi#i8y?#90@GC2PEIwn@
zT+ny54+wh^Uj-WzK#R<YT|`h#LpdN?1V@VdJ+w|JEjAm#VRPx!CK;7Yc|k7qZoVMy
zv7WHmGbSwX-zfgyH!J4_(&1><H$zSQ^9y?x&L<O_YM9|C#qyk0bI{`Ja7m%0G(?+M
z(8$!&za)hS%M$v=W#Q;AbN4>XI7*3z<gAy2jO`WKMH??cmfh_9oaogKPof~=#1vq!
z@-57fNEqFr=7AP>*VQpOr37mT+k!?WiDi9J)>4<>bWSCN+ss|({hw^+j}i;dFzGX+
zMh+yWD;jyI?)SrK<`DwDQr4D0T5IIFM+KzjLu&^cQwz6@0xiqkl+_+7qns)Ao2h?s
zZIDoO#R(5}TnTU#9O{^)+3Qe7fP(10R|AW;fp2f_KzxG1uyg;}S9c<x7mS)b6@>*E
z=rd;&k9PEA^~rcR4KH0<+7U{b{hz-iaqXMTpF7&nQ|Wg_i%mT8;=el*clz`l=WPAx
zSDXM?Ua$MTP$P)ZE5mwPMv^ofy`N+Pq>lir`sd^fGuX)S!pRrxG}BKg+-ixbxZxxH
zi3x|w9C)1T>|Fz|FC=I$%3Ev!&^%grWMk9lS36q3!~`52AyFSHa%LtRKs<Buri)eF
zysEymg$cn{3#+rOE=^2iXEe6-_zGX1ara+5zj*%7_)&&z8lL1y6@8r_Sv|r;pH5Mu
zk2uzo2dkQ~*I}b(XL6I%+QfAK{%ysgQ-;lN&Mba_w`?dVUF;c~i+;R=&)ZWzd$yxz
zs7$2j^*fuA8u<Ph@ICHPr0{WB-;naClhC$cATl89Lzi6@?y+dh57;<oc;65RqqjRy
zfgEc<oCAtpBYme>nFKG~aZd6U_X(@HkOiJXD_5wE)Bt|QDjHuZ4ZaNFIQ9Cvd%me|
zaZSF2M@3BNML47XjHN9p$dA70A}?x!8lV>6C3mLI|1mK-Dzpkt^?nk|x4(GLKDYJn
zd=^nw1y<svEy&#yB~7XCunGF1Y8vEe*69N|GC^NrX_p+TWI&)4PY{@z3A20CMxdw1
zI=?OF;D!YLx%F)jyWS%o`T>)Wauj5Ql$eAQQJs$HV)=BZ6qc;Zv%DcS=&noKO;jB;
zd{76-hnU0!c779(@D(2ziq}{hTYR9kFCKjk6MzkyGW*=YTUd70v>>~^B@rn9w)%?K
z)<!u&qzBGIUsY0Io6eu|6>3}j2cDA#DP<%YzIRep-0e3ux6O<dQ`va*@aA~#^8yV+
z)jZFJHffF4L~k<m0t`n|BT1(9zcr31^yHALRRvKWiB_0l)=tj|Ne@X=5i}t(WU@J#
z)lQ{bbi5QPyc=wfUCf-ZjhuwLMc;_OV<QnygY*1h-7k<FHc;dVD(`|_*N9;SU;VFH
zG*ZhmX(J=QI>o^`Vk`S6sp_V%q^T8n;t|makE2ulcs}Su!A2xA985jXFbSjE;*p>N
z@!!Qj2;l!9y2?QTVIEE{wiRiL>aY9P9(PM_&q386<UP}Dt?uWDv^7>N=s`0J^?HHr
z*doWY#c&0*L|d(F;sNb1-fizYOy-FXZGja^dWzuPcuX5$U;5@&0UtT~&t(pBpv;ie
zdadUT)V7chl>qD#U2D+h1E%wwYPyy-32k#g+b8O4#~V%xMdG?pFUWl&`9d{oq)5Ez
ziA6i-$K(u~<rz7}(0*MzGdW*<z~HX0F}16`eM)1R-Ju57Pv_+>%m%-0q>@ADY%2i1
zT%{dsm`qW7cXZPS``R63U1XJHp>hH?FhbE4YihfPw4)o}$(l`w_ksaQqws0M-((c0
zzv@LR<86+g4dhuzSU^DA#Vc~0sXf0zJ2<$5NOehi@5X6t>L5G*OSpvU3YOklN(WU+
zO@@maPl$CfCAhc=o@<FHir9ALWNLVb7KIucCIcp<T*0-p$lAZV-OP3Sxt=Mrck&vh
z6OHcJo_T0tA$~EDk<H|N#NpVqmK74xh2Nq%1ywr}J&wLaHenF3-I>?wl!jnv`(E%D
z=dz-2Wg_P>91~d8JuF-mm6BoC?e!jY?+hEwi;DA%&BDDF6a7aJIE6|#FUA7m#pkzx
ze_Z(%H5NzC{nD)Lx?4>^G^ze8WuVGTt%<zZ%@Z6L&*?*dCeG6_v!xvrD9gZayScLZ
zOkz(zJT{a3_^GTSmgN-o*R;DZh`7h=r?o9JP)>M);XGYf-FaA4RzM^kS8f^+nE#e?
z`^bB%e_wkYQB>1`D&@njGt6DC=-S7{lfCuH6~JhCEtH3b2`IComHQ{R4JI`WRv%e`
zo1+Chw1_pLCnRIDJ+ZIpo1I9#>_*!1`(Qlug>`LS*s(bo1X0{+r)p;JWQu!w2$^;D
zAzV6+C!T-@044-R2bIes$^KK^IV<e@3BBXfE7FCvsI)oX2r+_RH?oC2EwJO<!YHa6
zy<!ut2fNs*;|misz17hBZc#I8$HR9m)vouhXggLicJmaf7alk#{Bs-giW>fq)2?z_
z&*}df-6D4~a<wk$#J3lcALEss`|NJUvF522j;icQssuMFUed4Sgd;|KH9Ez^qo(B1
zjU7X59f(!uAmk7TtWStZ*jGYlT5Sr%v4S)d{a=$%`03%Gx!MY;=VPCct1#K|bxM{;
zZdv~El7vqo!N%~F?6=6VEhG)aYJfLBKE|UTj6^=&5LCJu+cJo{RYE5t7%u;!D#5F5
z3A0e-iuv0_3l-fZeJfVm7@ODC{ViJ)$rTwH1szp9#Wk3JD#fd|t~O7GPg=d=JAMm?
zMMuMoPq~zaJ`5-B*2;^;FK>>JSVNM{J(nb^c2oSci7{7BL%+MA#yKj!ftTZM=ORDP
zD0gn#j5X-%78a_GiqOYXHP;Jr9K5r>pHiXc8EzT$Y#ukq^bwNH&r<)hPk~Sct@%nY
zK@2Z(*GZ5+iPQc;Bz50kNndws|C$;Y#~k1O@fNCqB8$Y-T(P`RM&@lC)a(QWV_&RZ
zgU3$y_iwuoq}wMu_(Za;ek{F0zFNnfy;JOA8}EAcs)cndjVNw*TY`QA^RdX!9ycGd
z0%E|?NqQ2}0epRZ_;>LwcTacVfsL3-U0Mc^AmWUlXYF`ssTbZ*mz_WW6666!O--Hp
z-A{9?o0W28ITOJA`zA7?G>;{=RSC7mVNc+LzbDYc#dl(B3dzOPXJI)R{n92f+l9?G
z(nm|noxOu4Dlicy5FTGm;?>0dEDG=gXHihL47t>a^~TKUB5n+Wn&?a$l>jT`Z!*#0
zl+ywwbfS`=zf5s~xS8y)2L`(2fH?|o8_8uFMdZG|u^9h<BoUb~%4IJD;;L|$`Q-}~
z9w_<(;tFZ-*3p7No-1Uy+Gd?iLA5hV5CU?~3e^7ct2j&{Oi`73g(`%k&Zw*|-eX2$
zw7o4yFJ5c6qRT<;F*fIn0X%9n%CwmKp6dyT>Cu07W3@b=(Xr0^-*n^Cv^N#%OYy~E
z;M8={Thmuror=V1ZHLL3B42^uyM68b4W)T}bGSMeol1(kv;2=mnbhgryb^;5DVq+X
zj5HlB6dc@94p_^#Vg^brjm~lg1}C{hrkeN727tuLiuTpW+nt=GEDQw9UgY<a5LPv`
zKQJ_dMT<qtSNiv=coAJnH=G(dq*cstNJ+boyWVr=QgGqAvS~8;#ESVSH^(C)LVUd$
ztE{qnP;MJYMh6-4zPCYxN8g6@e+V|4-?=tQkH{kpUwgUO*nm7cZq2XypUaa7F6|n+
z83v!b7!zTf)k+h2GTm8t1!X(`;!c`+1$<5Bs8#AGXr0OqKlZnlaVAA(p^Q&iAp)rD
zoD_I!co(z%|1s$45#X*R!<*0bk&xYHdW01&Dg(*LVPPMoz9!Mh{_>TL-cwe0%9gEX
zpNHzIP!|8Jrr<!>N-0++h&3^`?w>fBhO(e|YFLOr{TG=E9V8yKXKp&+(hmmgnjE!F
z!}cbYUp6(yn;JSqOP`Go3i)RIcnfuTVj_bsQ6xQt0@Nq0s{@RvxIiCXmRC+T8C?>L
zZ8e4P7dZ(HXb9G7s0fr<C4&%HeFJrRICsqzGz5vVqsX;Xf4xP^3Rj2+W~s8X50K8I
zIza?f4*ci#P*{lhQL2pIA+{W!8*+os{BNH8*M;4vz#LT3iz=u4>mg=_;N4`?OPrdi
z{n=&5YecyI;mrt5tf|IG)!G)h9i4KZQ5QD$wAED7u$mbK8UbEZ;Hs^wo)`{c*}p!{
zB-Mk^-&E9n%Mk+=cxW3Jw37<EqsYQQTolpT9(v~7PHI|8F!(F!-WnMXk+MwOHXpXn
zy8on!K=kPaIJqk8?ZB7)J#>>RAz_~}^j+G@>EP0#t*&_$8ZWvqr5yO&+>N_Card<|
z)86G!mmul^G6JvH{pR;k=G=2nd@1+sgHRq&YF7yS@o#Aj?4+HUiEGkLI4uQlueTq)
zJF%b#*?`ZzbQt46M-|}e$bLNs-sd&fGvYjh1B<^D2kC&$_=6~F`TEgIRikEl6!F)<
z*j7wl5nRj^lC`~+g{O8%qd>w_`yaaz$zN>0OpMR6UhRa>A?CG`s#rJlBps}|CvU*b
zIHDnx&h2HjE(r4SI2I#MKeeIPGSjrRN=mt+ueSMF+bMgfS<syjWK02VQ2m;U9;PV&
z4tKFgFS#(5HB7&jB5prDEM6m6xezQ(e`8>qVh?FJ`m2fxK;UMd^v<uOonC5}ywbCB
zHvO1ek7%nV+>>%%IAZHW*iuzfj;%^3YLhn|F}q7DEuQD)kk2TkR|S>N35F*({*<FD
zRsFn?8!2p~LL`6tL4~EMO<+weSQXMc<ZQxD9|yUv@1&(&T)2xNECry7J;>`cvpfR}
z4)L-&ri<O3?)iY+@(A>Yc1ptSdE4Ypa+9Ca#tbai#c-i#qbgoBJLF<r)ANtF<rt<@
z%4ITnx)qFuKl+|Wvb>18ek`MrS`y~ml;3I`qT;8i!@Zx!OFB89b$a--&mLjqOdrOm
zl?EC;7Y*Zko=|%K^jcPXoxI2b%|5@l?@F88_ui3#5N*<D*u^$pj^9hh2RpqPXgul9
zG%VOZT{((seW3h%>whrlMQC5h56qFlQhKAMG3FCtAXY=nWSvX@a>pfdqe?=w4?K)`
z|AAisx32WJdS!cEEFVZNb85nH6I)|q?i3?Vd>0EbpSyob1SVqSS-b>WpqfM>iAXU0
zbB43Y?6LbF0mHzUV3sUm*&^Kn9w*@{QD;k(sjtM4RchKk8LLOH#y2xS!CYBd3dP+P
zN!V$DQdZxbwt+Uu<~&-<f@ej7-u0vvv=N{(e&w7?ZH%ywaI)5^mb$!v7*Ti@bx-zH
z%$9Nzgzw=xmq&<`BZiczNEE!0t|?#``;#}}28MJvkfuXb+d(lnwvrv~!jtVdum%D;
zCw+rC!zo#_buYCPTV5a=cj+>-ECET6OS&9^jsJBidcoP-QST)jkM`(fbu)GK4SuO}
zV{?hXwGJPi;=|?r)j1p60$@|sKUvXwWohaZH8nt?s?Lu>Of57$jXKwZsvz&IL>Mh|
zr0CsDxxH0!-Nv71ZTolHhk|?a5@yTp?szyAL%^}D+p66~4zS7|PZUH_WCC%zL0bi|
z|77I-SU~I#e&v_zBmQ36_xJO=`HtzQ>5hh2bH%GM;)t6a*4;ahjmfFd7b-fuZKWLI
z%Wj*}BkSQj%o(hZF#XpXRLQM-GK(UA6eA%lBK*Ihg`|J`7W@Bt)u0q}x=Wny!44Lw
zc9GmxI$m}!Oo9^~QA>w)zoqpIk1}Tu2BQifAfP~Pyw0>xv^b<p@fgnGOM=ndH)6P%
z{}6FXfKm5BFM?V(z66HW99<}aSe8dNmpG{urbmf^DlQU@FQx<u__Jk-*Dj6uolS)C
z#jHy?;Lm*Pw~MBNb96Spno(JsnP3#I0guL_Tw?z5L@}4$?)+)jN87@rU9SFXKpcdL
z?Caawqm#m;q~^(a!z}-{KTy8D25I=OY;Cm)?U91$M|m4K{i`b>qozvZYfceU7CtV~
zO0ue10$olGO_Ut@$!$wA1#@Gq;BIeob&c{;lZdbiuUg;CSa|26s=C68RfSBwivAG$
zy>TMCgn}_VnO(mLpRsj1jlMh*2n~g_zPuVcT8Wr!vB29)bbj2d+Mknb*#CAyo(6(o
z07+r!@9qxg(pLV=eA~jqJVjwVUi=wLj{fL#T^D7S8%81^ec5tc-_Orup%=8S9XPcO
zCowM%w5u%~AR$Un%U?$5l>CVrM`c{9zKspo_)KyO4OY47`yH!;2s!X91)$Y_@ACp&
zdG)k=iK(=bKQc37B@OP@p-nk>*RbPAg>~t`Fs3mK`$+J6Hzt^lir{thm05Qcj;@ca
zw|MpY^JH!~{n_EKLTp`pRQO?=Z%Xsod!f5tUZP^1vp%1kRFAYtMX#uai|{`*JF#QJ
zCkZMM_DTvvJ934&+Na&`hx}g}ym)aKfj9HmAXMGn!EQjPBiFoYS1Z5PF5PYa)>24W
zJ1Un3bZvcI|LQ!9ZXvO|HJU;x1r#~DDnx)--JIW`E{t$HG@p}qX>4kbaLE<JNM$BC
zhg?|y3$TqcF;jCx3h(6MTIc7lVvEzb{C6ukSA-j^Hk0eE5Rp|OFZxX!y!73}i`c-y
zCvRJn@zoRPc#ROA_VDXk_MPM$Y!`NUt#t8UuI;iKwY(`zWZu~m*Wt33HkI)3g6!`B
zVzr!}iYButfRWhcum`q*rGDi2E>_a?MFv30#?tf;aDu9*-4oRD(@LCqY|n2&-%P$f
zp$vtZ3);96r3`(dyE=poVz{){hw9oI#48&x?E}Y?LOqO3uOeD9(We}E?Hn8u_8bDE
z1NnujQ@)7#0pOTY8D&1+!YzwumzR84<UhVU0diZtNTk1^C4e~r0E#3(zJCJ%tn-{g
zORV#YPruYNW=?iP+E)4bU0klZdt7o<H;Wy+)F)Pt?kCthgXk3_Pu+cOxVuwL>QKLl
zposUrSCf;$S^W3`MlKm;w9)GHwaex<fio0E_{J_=6B!8~9v+S$H?%S<t|3Fl3R;C8
zU=(ud#!pDnsX8{8+!5(au#wC!>WS&7kd2n7bGRLYr<d4ZzCabHQG{#!h8-PiVsjp6
z)uL!b<m3RjLeA)@{?zXPkF&N{n>UV|X<CZUNs*J0fo`(bAL%T-vXazaU-GgOgNnY`
z^cS~R$HdEyUwUOrNJtoAq{|1b{!M<PpJsU8H`nPTf7r0dXk;uFQ&7^pVW!6As`^*7
zX3a<;dk~?DdE4>i$YR}+^+1kR7IJXQr~g$Ovt5g$2)8)U@q{%?Bx;g*u>+UWSL19X
z8D-O#S1+Qbj7!Ln>X<FCvnkCl$Hc95ZBYUtPx7itvd;V1GHlsywok>9|J1~JwkJ6y
z&)VbjYu#rjC8-r;p_zq0dSZfvSxd~5S8}33GTRct5gSpiDs%N#m#4kTvCYBf_ZTW{
z&a}+TR9$5eI_i|!RJd_g)qnH#Z6%vCXr`wrSb3Ar&qdW9E=D>{n~uvFM#zMiQi76P
z7ozdZv^9p7B^`9=oPIhk{U+6ZSWv4tsmtE-*HMq|E{rhEk!^k8i2+4W=W&}lX*R9s
zB<zF2it5s)<_x67pb`c7zf0f!ONwJMhPV<81a@Zceyukldodi|?;%7H4$9=;l;*9<
z5GOV#pD%DfWk~$gMr}){%gD5`uJ2-=S=16U7lRo=n>;m9K}#4Jn=EdX3s&x%s&u4e
zW=^fFWS~qpv!Gv>*I2`+x4UxnbYtaf5SLd*1F-~2nV8~Xr~wUQSI~T7*p#c~6vY<#
zD#`Jgxw2BR!6jp8325jeBbrm@@yD|O)VFJrvyW-NgSCIlpH+=##amD8)Y(BnYGW0d
zc2~I!y4GbhD%J7gG0u|-5t3$RYqsO|rc?Ax`Hclcf%%Ct>W~^{2!x1cC6ozCITEU+
zus`cnbXCM7>isMfV097)_}MnAIE#uY60*`|Gq(aH)`KdVF~K5#M(S+(Q#>f;<Vu)0
zXRy^2o0T5SFRVygTcf`4o;3HAzb-kLt;!X)!&Mp7cZu<qk5W*X&&@d0c4<n=qo<Gl
zEHXDsFjNx{?G<;Cr!@afxbi)K<a>dU?=mVX)ZNS7(Kje4r|0Y47F1XSgrd&QtQu-^
z?JBKg>4a}T?0q?GQ)_^FX0U7@Pl@MeX4=iffebx@p>|)Ft+`Pj<3EmENXW-Kp9DUt
zi^W9~%-@=8))iCu+Fbc?6t74EKDZj5MyxZuYU3$Kn`;>Ob4+)pA8%w6`nk5aq1T%b
z8G}1zXeEZ?eYXGfJmqTcx7<1OxcNQW*E6if;9nb1jDBtqGOzl1eOXfceEfZtOKb|+
z67c?$es1MZ`V=6)F649e+J#@A(D+t*eX}Nc{YTJl)g!I|ns5k-^JaE6?cmR)`enzm
z@6nlXY}eakX(b?R;|m9@BGPoF(HbTcBJg^%JtGbw`9sTG==DQT+R(${r{YwD>j75|
zsIYe2|EclXmHRmPc=WUdFwo}S;kPy1V^M&C?A*Kc+ID*Lq8NXyTiNQ`dWd=An&IDf
zXM7_VLz-4Z0R=56Rq=g(=CrXl%QsWDbh$3ny2((ApYM$b`c-9gXDr&3pAD?(_X|m>
z%4#|>OJ<^n{A99Pm1x4m6zyy4vze9ex>}P|88-Bz%nbSJrauziA`%CBsI}`0tgZ9P
z^1yzZ;$!^;iZyXBDXFgqNF@9xPJUBnk?6&Ev4StTW~}{^dCX1vNbQPEG5R`q+M9o(
zCnP@Qf8|v8&)~#+F+ew8^*@LI(*lhaL+-x~P#a1WLk?A$1?vB_G2}q!1%2axKKxAt
z)cODJ{qGR|->3f155H8ymyrBt4*qu<Mude0(Ek6e09rD*|Lp~Jz?Fp2qy;R_h>FT#
zFdGD+q1^^7WXV*%pP7vYl@!8<KPfe<W9{d$-Zf3=Utp9R6eK>g)Gt29q%oigdr>VM
z6mtM@UYa>lEfO_1C7Izl4+i&(2IEx=oxDk0ZQA2smYWvTmDT5^&8?|Uk<bmL>ND(I
zsI@(580A2!+`D2wsmSrFE-ml7IpY&cC4s_(|Ggyt=lTR!S4gKY>5muIN*f5Yg>R=^
z6s0tQqv^;~>*yo<$b~rYads7}EGv(E?(}ou%7dcj`BI*>?S8?s#%+h^cu7eEdZ0GM
zYQ&(;;E+wp-?otD{CF$yhPtN>4P5+DySxU~z}1NC;?kIgUhGj?n;|nca!8VOA>9d!
z`*sJ8F<u6=N85V?U1+l?Pr;9la)m+>(~e;#hb#dRaqnO@B*vwhjRxq30d5UkpO8sk
zZWeH7P0rBw7N@&QAE1nGolL@o4k0G%x2vAep_#xzJCS<C&4^JGs2|J4`3<t62m``B
zL&?Le`$bamnt$_U3q}6U8?)fV{~^jwiQ&E@6)UBSjT9*@TXIcAeF}&`!mV`7i7t6s
z1xpwdja3enER-mSm9tdF0oTl#nKf^WzPp&ZPn$@a6twC{I&;H6HeImw%B5_squ)k+
zyn9&aviLj9$(Ll>9(`D|fv=V9q7zq%b-%{c{u`P>5c-WB^S`qXH1*<RJB{EnZhvVw
zZb@WoC~E$VNbKN7&(M$q2GZL--S(|7=O#s1=&0X(dwr!l6KH#;2r1(q#^JUR;4ZkU
zo%zeg`Yrb&=X~>Ga3eXB#@?3td`ZIX;^yf1gn!?B@Yki}cMEN*!$;gpA-~>!TW(rS
zb7$95WFevMtX6ahU0J9WCIZW8BH<WA<otCq$eB3ov5C6*)wUxJP3G+4yk2odc`Rz?
zt)tZgl4cLjy`#Os-bm)-8CNvt0}OEA&vSmSP)T_~ZY1c$d6WFq<h}tVq}R6wFGH5P
zU^=4Q?Wxo=?wyAI$OZt=s)8P9r3BUicyR)*!M9I(lOI+)yV<SE`IaUh7JN5%h)u-s
z$_<^R-RSbb`tsqw-fm6~H%<LTFOYLqTBDMmJgYhEa;n0ieS^IEHwthRBPbxxOwD>u
zrAgdF^|;8`XDI3XxI+5=-qJ94hoSvK`wi;cVj0PAN?4KN^cB1$8YJ!!Ck~p~qLS$u
zFqRP4Du=d5pDsy_CqLUgVgyA*+&%2}B&~$l{M8lrDIGVCD)%SK>GfLC|3FE*dxxA&
zi}D<Fz$zLF9|&}Wjn<TQapm@p@w&aeI8jp&%G;t^BIOi}Mn$)={xOfV+--5>Ht0}L
zR!JWpz2mlS7*QMC*aZek_f->`ZO3$-uQg@wQOE3@os6arhu=&8PrLvHhmm1Dmf*{=
z?}rn){k@4tJgv6u4H_3D4J_!n^87T8%gRJ9nO)S?zbranGz-;S0cGFs*Lx$2c)Yuw
zX6)+c{ze+bG6rFA7gSC6`z12h)i~C=h1XxIV|1ic9}e_O7kgjk7qy4^2TFy-MC_e^
zLh4;_j|N)?<NRi%C^AR$5=^7Sf4ZYPrHxEwCT}c42V1Qia-1ivAJ6dcxuf7FZ}<t@
zH97dkD!_9z8mw82!}ph`AgSUFz+7iHsbe4xGPj8E*a)Y~%Wuca4mLQXdT(ahUCFlG
z;O&f$CW2{mri;TjmcZdiex`YH{#vzPVg})-LrH^z2lF}a5VhSs9sWPo-ZChT_G|Yg
z2@)&>cM0z9nm}+1?(Xhx!CeO%G`QOUgF|q4cXxMZHqZ0^-}mfYb#~SHaQfraRCiC;
z^u5-#?%%am3TrajmhI{8MjqN#cOcJ;1Q2_ikY845S_7*u`BrUGYYG11GOt>?u!S@r
zQ!rLS_MHe4OimB=Uhux5Vfoh3_{J?obNCjtW5Ik_%5&Hd92qZKOvm;)JZk5$UWERR
zU)n$wFSPCDmz%Twc9$-r9#Yr#0CF=DFKHDly1ihs8C)w5q!h`<h<0rmWm>cfTpnu8
z>xyF2f<Ub2H*_quNK7E3EJNUb431l0lC>Ek1jA<U_T|`|EcgXqa9u+Ruwh&XXO!m+
z3R6nHB}X3zmYh#rA8pynwU2G@oe}nwmNtRTzZ$T>XTYz?d27&B5ohj9oT@p`7jEYz
zD%XpN{TssmiBE!C0W{{y2IZ><fu%L!A!*t%&oEc~>`3zG-#wvh4A}WT##a07nr0;d
zKQQdyJzkMB#<%gI<P^lhc8q2jyGf9^*v}YYGl?*QJe5cWfs6c2j%idhN#yJNzx6hJ
z$8>#!T}0u{K7Qmr+8qphk%N+wj&OG{#7@7<CS&7EDl3vlRhx^6)~>>+0btAy<CFmw
z&#Dq@jo>7z4mJ*h3Hb+SKl0i_pY3e{MatDXQf5wMh_nUdl|3m`%V5gLjf@nxn`}Qd
z==K0Et_0N>*Ee1+yIZBKKG2_B>W*(eD5L3#U%$MGa=M=vwJ!E>sU)FF{q7(Z)bbuY
zOdRmQ8tL@<Mj+^xjg=Wy&yr@Nb^eL>j=G?B3Yw4yW#P~x*r^D`ar2VSkeHx<`-IJK
z9cu(`{ti81Sz@GKe@r{N+d4_Y!y(*f|19C{2<!MGqe2{@yCf6tfEn26@hy&x%C-8{
z8wtvTNq*bw09XFY*^a0NHjdQdVSTKtrweBAmd71D3Ba2Hs^fL&y5%KxX~;0f{k-r)
z9Gzax4-aCw^TjTIL<3_Aai`4_QDp|$a#J=?l&ri6QWn0g0Ss$4v^`0AMBfgb^&-B+
z-^Jyb8D+;kWvJlHI3fptRgT3Ug+8Yf0?f?+<F$v8T|}I-U5gY;jyDl-8;7=MqtBx2
z^txQdAE+eMddDoP662)ZX<=9|ek;b@=@eA9CI5~_Y`Wx)B!Vi>U*Q=Ri)|xV+3t*@
zz^DF|V!t$=@;6WX^73NW#e^$)j~z=^^Sgu?df$?_-02q*&MP7!{5Bq()=<L!^IX~p
z(}ol{@fe~WGjZlpIdo1?NUh-734C*m7^jojx+dpYlfPuhME9^pqZp6)gl?-VL7uis
zS0@z89U*VmSmv_?6T|jalhO`2?a+jLr|(DW9V}|ybb2I8Zj+lUeyu9)yg+q&Cfpbx
z6SsGaP!ReQ<*(5&5v^8~w^BlTeCBasEh{s|pepFj>EKLhY|ZCKI#K=@J$O`W{B=OR
zGW*6vEshn=$`nMifrtH)<Zy~$4B6ZDZu<5+6s6K>+kt)j4AznSfh4jp#!PJkl~K33
zYx|gL5j+@6*3!Uib0?<gbj{Q5LqSE{PgAg(9T)WT%lXofe>dDBcrsM2mm%oM>#F=`
zU^$&Ziul*e8`jwZkn=0nSunQIBnHUwD20F6T<lD7lgEmmNNRHZ^tcyjc8EbCV2~0k
z^aJj0%Wnrk<+gx8$S2&CjZ?ry!Ftgb4l(Y{9L3*&)>!%z5n_=&B|G+_`gloR%b;D7
z1aeznk{QiF8mV_ohS;qC|CTsDvee@778jRxOI3kQIid+y5BSmsC8S8ns-Oc!g+X}K
z<ML!I9Dz%m0<37!rQSo9=_mb~UUfTW`SEGVat<XCL>j`=`J@yy@fllq^sFT5#WZE#
ztrFtBoY`k*48du|1EcS<H+o4`Ai=nxru=t)54lvSR-AiLMPWd|3mUr)q4w?SNX3lj
z-=1y&KKCVa{LPI_=@DPNaX2^xVV3}YCxv!CS*BRo#5v9QN&V(@$G9*qAvsiR-Kgch
zd<01`K`F_>JigqNHnLVyMn+U+I)MC|jYL7MBDYW$?z@{7A#%kjdxNWfJk*HtyJS}6
znpo8p*R(`f^zcyTaGlWA6V+5?ZF=+=BEXnlm=d;150Tp?uvDQCZF+adm?V^0TUl9A
zQgHywGqfFRuMZC9rj>Pse~5l!h~_YV7sOW55|T3CI`Ti1kx%O?iMDipOz^jK5m0@O
z^P;9>%x%pDh71|=H#{hrB}}UA+v~6Lc1^QN4$~A4TZ@8dpZCn-;u7Ut09b=lvL&ow
zB3%5%8A%n{<z=s`g7)dp1MDTk=ChjLIVTr>1+INuior@-uGd%SQ(6z3{NL06#~Ogi
z;w2(06l=n41i9o*JOzB2iZJ+`_8SioBG}Qqp0`{rS#{ZC=U!L-k$<Dfrho8;xZFlY
zl!oauLaThJ3hd&~m&ogUW!$*643WLId9Yps#GPXBas_O3Qgral2(jMRDwIFpuj2n$
z;`T<6{o{PzZ9R!QLtNu7W|ipSs6A#}n&@Eh#*gs^A5f5)o)Y841Nw?P!J&NlF!X7O
z9KH+<HkGXe(q!E4Mf{L?(4q4`Vdq`Yv|}dB3d_d=1yv*A%c3qS5?InbnYGq29U~W`
z{`<fB|0-+#BZ9&L9<zB#bM+Da>zM>lr{?NM{9i@UyK?{kBANbkZiGVW)b~^4MT^yG
zR@e}u{`V1|J%4cP`A^(zx9CiK|ADi#r2l<fIT1=G{HqWl5#|3mkGJ%{AN>C!86^{H
z-ZI3K9~;o#Rp<Z6&Q9}WZXDIojo&hY&pcyAUTpR#W1A+va6%OS+~xb#|4V+#U;%%}
zS-vgMWp=_v;CNOie(P+*U11V|)uqL~X!O5FbR6*lqj<N!;XW)8`x5Q0MLs&~5&4|~
z<RolEsZ${d|2_{*yjk<^%4xjDRLb%AI_QzY<4fF;Bhok%=*>K`>(c~^e=e3I?~)$h
zaWSU<>(_^D0_uIcyW)pq|1CXRJ>DIk=f&&jnCHGjzf=Dzh}zJ7he~o_K;rJ1H6_6)
zHq15QKR4Z(I7-=^MNnjWsh8{eEL1H1f<gg7u0MwSv0Q-Ucy2LG`HrDW7VR35X|eZ+
zwZ1c8pWATpMZ92gzKsu*lovJeX77)a6;B^L_K~v@GRT_Oi3z4!lL*m7v~bzk?=Hz^
z1&b+68|<tD%I(MnX`-<zV8k6`lW%(FjT70w`z3_u-na{Ag?=T<lq&0tAk%T8m}I$}
z0UviXw-+QI?2m`ZSLDm9`C!I>lZS^#rnu=v6izaEhx4lpl_s=CF^YN}?(fnco5x=F
z6^gZPU!<{EMeH1}Rqz%sS%xla*xm3>&wt81Am*}04u(f=J=V^%gYi%MF?&U+?{lK+
zbJFISgp<tB#7ql91Tj5;L4rQQVUA~@756cnMp2K<kSZgNIsguC*C_scqvti2fkJp4
z{%(U)-aD)(QmNZEGP-;pCdJSRt<Ld2lyl)sPcn=Z+kkv8(U5P%zpy@lN<RCVw<tm|
zlR<^w>n@|Gi*l`hLR&1zQI7{E+Iu-F4Qor6pQ^`|IOhI3LNyQ=n`t~32LOtuz&zF7
znNyE3kuWjEW@PZwmZryh6iMnx$hLgoE6du-V9(7%|26A2(Lb{)C8bU8aEV)YNdIE>
zUd{{mcud$CQIuhIb=iIVDJBZg(T;`@S5@}FWw&DZ9B^?;TReY>pAN9@(0)tO!}SA6
z51u({z1<vd6@i$Z?;vs8Z#@nr1jlhGg5nVG2?t{PHX)^}hBp%=c-o!p7uKJhClvoy
zJV3?;uQRHpt8ZME^AO?LuyX~Ds}2Q@J3j@EvuEcu<lN&$c#~I1uE#ukzAZ8_x@47M
zuen*D9j~Yo7w4$QJ+9z^(u-{yIn4=owl8md<B)4RO*C!b=`glEd2R*@8Q}4OWLgZl
zf7ItAKrGg9;g^}JElRG~c*iGPKu#u=c&k0I`gh}%?OMEquPcIDkwN*D-<X=lU`*@C
z&j!?YZ^G6NZ<@^;*M!8)k;UfB8KyU@IVp<aEVtzdlG)RQygK-r#fLVRh;`NCD<hfM
z#>q)k<nU)P>g;`{MH%xQ0n^5&4PHxrqrO<Pg*bzeHRrUYF(QIPOLQQcBl)xKPe+es
zYe5%{pHde6YHQ&%L}pDs_H=sQoEg$pS6&Sk(&{X0z<9*_xU9Dbp6<}g!;MXAUV9Y8
z-vt1XHR*rm#p3L=2NW-ut2Xm(du?-=!jj;_^VEEBQ!`r;mpAN^;0pQTVsu~PWnNc*
zq6ML-?AF2Mu;3+I&A{Cf1UP*Q#yQSQWj2LotR%xJSsA`C5J`H@>S}j#J4~pap2-I}
zpO{4f@qdP5rZ=YZCEY(E#<Wsz_@tp#v6%Kq+-1n`Ezc=r^i9Q!;0ksjW1E@n0-G1k
z%uXI)cEETK3&8q<2hY>*1;KAeN>w%1Z`xqn<)Nk7bZ!R*G&)w(ysTyrxhj+PP#X>h
zrz7@!>_d(Dq$0RnXDkDgs3)b)z?#Vba%4iU)es&{w^w7>4R6^zf|OsmK~aW1YP$V&
zTb{}h=rg|s1#FG0Eq`!CJ?5%1*c+kHZcO*5AHF%L$LL)(?Ck38Np>Oo+|^K4t=nHk
z2Xh_ySMkkRjmGb#Q2$QsQQI=sMyJCjX87I)BCxLLJKqqrzHGqP|Gj^)^6{B(_#w}~
zipyTmTRY~SZR1X8U1taz4&gx@;;g{z75-1KGj;26nK^?1Xy?xt6$P%{CPH*NQ!#C{
zjsU_FR6^nccW}x)5I5ec$4i!YB-*)HCxfYEHumFc3r6>#>xuEpj_ZV-Fmxm${$Oki
zo}B_pKvq%LXZ@phOKa5Lm@QN@Us}@nt}|{Fduds5ad9Ci|98&=xm4M590eKfcqNO;
z0|{rw=R9yu)|Fxs$QthN#H^Tx0X!iu+qpApqb*~0%Qyvn6_Jh=OpB^)zsCrMuFBDe
zM60B@#MJMux-eL{e}$Fm9oMjsW&bfo@BdQPl`I;Y@#>rNl#(uG`5>S(YFtDG$jFdY
z3Ppv|31zJ;)nq4>HQvRXsH~kTYN7P!a4MoU>4z^0*Yn-=i{iv=)qlfLYsX>D;NZ)?
zp}QO<&=kbl4=)QFmZ8uewayS9-zup1Geo|E*yS=nB8bbI6grv2Z8;R9A9Gzqzy6pg
z*bEk9omPZz@d*hZ3ruaf!x?<HmYNhfT}M%6qd4umI&w5u;>A>@=V1J$=}D~LpoY8&
zhQtDYxZ5(sx{ho)%@-J}99GAdE;6qLmt^e^N=E8OOz+b#_z)xhBJ_%n7irhu?`1wJ
zRZJCHk)(MQNv#_JL@<VDHEYkw5RFY3h~Tg~^5BZrudMO`HW33X=A>I=^Q(+ke`06s
zo&TxU5VsO#rK6-f-*J>jxXuG^2_~9&F-{atE1|gnE{ASYyy({Pw{VIQUC#qk29@`2
z?;iCjo48rbZ%B2q!BgU#ZuT7dEFxkul)?p{ngD-HjBxkBAuFB&sy=)?hmz!!1;18{
zKm6g@h2385`)dCUIj=ArO@+g=7HN*ia>k_ClCL_|S-F(f+|nY4n<{fBik}_!Q#}O_
zIXPvX>ey^ig{r8d;YVDJf&&@v;F1==N*%@)8BvYn%hwgN=dY-@5zAb*0KK9Qe+_4T
z=_*Spc~RA4(pnxJ(+m!iu<!sv<UaW{r<X~}N>xV}l!<Q@8Ra&!$3D25WO$f3r~lw|
zQBo=?RQ;!K6&j|?sk7S*AR+F%YYsvnl6oD+?#@*^F=UI$z4ms)2?;ikK`alxTufN*
zk=3Y=T+l^v?QuQ{D)op>y~!N!e)^c@fUjwT2e6HTCgIhb(nQy)P;Wk|Y*uTri8R)y
z4E4uC8BjT5WoXG64fdFDGC0=0)AluJ(KT5yYUR=qEh;hYPkSWr$THH(zGD6iF`A#m
zYiT^VrBI@ZHhst!UDtR|r4*RaA5Xrs__fxi3N2||G4c_Brdi%MSXS?z+k0Pf?BK~_
zR9PRDG06gl9tiDBR=r}B=4c8kk>)oX-;PGzo^N4ewq1NzYb9uEKE+u5e#W(LQ3ORk
zdi&*2r?&l*DZ)&bTI3nrQYkl4?>au*n+sHbK8+kU7h%lx@g)-Jaza{UF}H=w@x3nF
zt3Fp~*db2b))WE-91iVN=rN=+igf75R_JG$9{e)f8_OJ3SHlj8O&hDxQgEK3Vllfy
zVic7BL?Up5##T5&)?S{`-ChP{wc)HSlI!cW;0Bm_CM2gs?B7Uow=`~?aQgq={xFgb
zp?K>jg8GHw7Yj6^ysY~Jbh{zYYKhC~7OyqwXCV?NPr%FmK6A`%$s3g~$UT0gp=9rd
zKWJV+53}waUD=X(ECoz$Ge(x)r&-=((m$Cw)b@^#GUl-7vgcsKhEvi`>wUY8#63NW
zNnch^wt*+nsmLSUqGmH=(tj=OMapgtN}<rXIV_di)4%vIH<}(X+!NfB<nl@Xth~!^
z6sd6RAz=_*tj4lmiQrJnQR9F=Rn{!aAc_2nI72`G8YhOIHm6_*29Z+McrfJ}XOA~C
zw5sgQq|^B^3X?C(fNEGG;iuEw@S07F$gg%fmaB&VuIw*(eUuP=qLBXhBqH&JGGonV
z+1BaqTb(i>vlWerjwzAnsA2WBvz(rXnEOxeocC4JE+1V<U~GCpy+6KwJMmdZuAuYp
z>2DV#BF^}@I@o4>G~jcgH6O~h)4oN}p0ZNBvn<VUH_jRBh$^!a?UJN7L4K<UdN}R;
zg&?RVjbU4y#e0kY<rC8dt6*mS!F*4?@su*rXwambj8<d7wwi5xMw*ziGls>ZWwT{2
z&hA#<q4*{EnJZoPr_RdY#CWK~i6k1Dk1<GieCw%~`Gv{E(A<4A5miJT)g92hWO!$z
z<Nqw7mXYK%s@WP(Rl-qMux|P?z(UZNA*yoXKsll=YUn_PW4Tc4Kq>7em{-dgh%9Xi
zGJZrTjB@Jl_2I`C;Md^yLF&%T0Cp@zqRFDb7;tH@`87L6$2Ydf_w64rEIG4&vEJqa
zC)XMsVMl4X`m4Hdrl-i5w5^LGeRp_ppo|6%zlLF3YcYpD>M@!=^~4Xktf+%HexGQP
z$$A)AYq4ZclC9bk3#8q)r<5pELJUS)n;jA`Bj-@7?NAVlMmKNT<`38ltkVP{F_&8}
zm+F#(5mh%1Yv9)jrG8|zr8=Qp#YZQd++5^nKQoPcc<g%?GA#=K`b82NtCQC%2?zQq
z;(=;WQe&Me5Zf||38l_%Vy(p*8`xl2LOX2yJQb`R%Sdr|g~fR;5Q{`|Z@*%NoE{^p
zl>LfSHG6%zhWopJ=+XK!x44Kn<}y~r#>psL1~);^ptKvc&D69m!6*nfvgvMvG4u|`
zX;+RqiD7jh0T>Zroq$fnYPTkpD_#Fj){8x&x12aY^^EXHwoY1rgSC7OCny?IQ-QB<
zF@ElaeW~U(%mbJUZeEQ7FH1!`Mx&3HKGIc@`i_g!1PxuefwAuxlU_T#r{qL^s1O6B
z9|fwomJyRqr4q+GAa_ec9yZ5`3$c)sxU}PvQ+fe)ORf8FMy?}XXDT#{!QRbG*?u?Z
zFzEkmxMIkx9zPfBK=3gGleQWk#%nB>4x9bLjwaW|1)d;^0&i*utzbmSssfX9>(Y!w
zQr@i&qXF+*1?-XJu6{k5)IeC|{^u9AQWYL|hODULlhGb3A+xT}Typ$ja3s5fGzIL@
z6s3)+nfRug{0<)!7EOMxf6>3#w_TB?Ent2kVp|EReqFIj8`5JHrNPv?*M<4BaqA-X
z1#c*GMU0>xi)ypMl}Cv(rr&3Wx^N`5du&_2xO7DS6^W~menD)YjQWemm|5Jl_11Mn
z;{h9BJT%G-(ks4$QBdvLWxw~JTL8-ajaezO;C}K=Ue3;VAuc?l6}uA<`RqW*3tg2b
zKj`BCo$^gYqtQcX(!!(exMD#PYq^RzUL3r^X~5`U!drdh?zx8FKw}jy8DX+&?UsDz
z9-xwNXk<QY&{_S%T`&6QN6l$lHiHxBmoKY-&APSQZ}?>`2WZ3^WjA#b5gv~b3b(--
z4a=_W%Y_w8fBl~E3gxl}s7=}_<$z-`f%_H{X*IR%8?~-r#V)rTm^0h#Ze}XALb>eG
zR*!2Sn-Kz|oJi`PLkuGT7-r>#d%~XPlv8!7!4vM_G^bPmI8^Ls^-5(+e@y~yZuP_<
zq9lH7#z|Q$TWs}46In@)S1QQizN0(~40YhE^}h$uc)f<b)1qt+C+aKW(WXxsy#(#3
zfs=-mM{5>XBbmL8HAXlBmi+HSlJ_OO;hUGt#pntyW&+)x>aYcr)>g+C92f`?&z;Kv
zsa(F?(yakW&x^ss`dpRm1EgC!mLW*#J-5{|${v^HX`5qFx4y>xD+X7^HBy};Vwgn5
zty*jz!0C@qmS85l-nv`217)gO{Z{nrxf7}mYQ%F5GTfslicK0A{*JGI?e`}$JgyKr
zFwt@NTsUIM@_6<e62@VpH#G{=-l7-^zyUm-n=~?Wj4@vHe_gK7uG09p8+>`m_H9VZ
zsG|$WLfK6HxoCDRb#)f=Fg&sEh+BGzVtb=f*|V3&bsbJqQL_DbqeOBZ7bFFg)shlY
zQsjMo1!Z+$Pv|pOxLtog$MYoam^rT52@riyn>4=y3OT`l<EeLcDZS9;L53`|IJ>x^
zds?#Lw~kG(D)sguYuT7IH<$Ogp0#!v9xWenw~q(9=!U|hcm>U;)T*~XLswA7nZQd<
zIoKb5JZmk5`p#;>UGFQnUF0_i9;L%&F`$&c*7_xyY20-q${#UG%Jafo+uu~pyMfEI
zsm5K|>SR(t@l%Lru*V}^a!A(nur7Q=YqPs4a(|)8f{5;Z^$-0u1>$OGwe__tqb`5%
zRWRa$!wC^A-9SQ6K9ky9#W%%wR^cHA!So}9;MbqT#*e<^Ef+ei2qy~de!qOZygslI
z*BK=L0XHT`GSL>Ff(=2b8lH7=dKdIvkLEB&@~T^C%3XFId)v6H;q-2`tc`K&zaqBd
zL}-^?8$=3TYQ+5&DG{wZoSO;Dj8DQ5LWtd!K1XU?7h~3{?5&N`zOBjAWPdSw-C((I
zSr@vZ*#P|3elPd@ll9c9J=eG>M?b?8&c7ad+Cw|}P`K#5S)4Pak#&SF$%a2ey5lfK
z_A6e&w@D)Hp@L_d;<xMim3Z4-Jq%{%9QxC#4(R*evQb}1A`(-mk^*>waa8a@^r(KW
zWPxI1`<K&JGB_N`)3HiWVeRN67pU9ejEttCip*wA*F{<h77QMP4?pzm$yr19TIWYx
z@Pi-#)&m)nr-w=RvyM;S`y$!6kzKd4j5^ufE{-Nebbp%sQb`ydjuSsouZ5y&usGqd
z514flV|IMOP%U2{d73TLsIkVB-)3#x5I}DLKAUrBz2j+NPWZT6?WwE2T1g+7lLn#;
z&xqA~^a}_^_3GnYtW;|Z2Mu53R>&_mzhz_;Uh<1Zt0cH*FQ98V;0uMiCw<^mc9+Ks
zn$GXFUayO(>CVJqGY~Wr0kBLBPo#}%7yWq94u}3jyG4%PCvW(usAt-OY<iTEZVg$=
zt_9#nCfn|a{^(Xi*t33j^WUI!+Wx+>m~{DieFBT3SEx`%OG&#!<1c8Hc>RUyLXy*U
zkC%UL#CQw@h4fb^78l7iy^J75N<o3eLxU+*$dg+MoR!m!FgkP(%*zB8Cq7^1WoXo%
z^Po*AU=ELT2J$?S2VAe!+T#jEUowt8=rxYt5<21Ty!RWaPX;~kMG>(lN{4f_#%d@H
zc3a&`4l)$7Qzc=?+SM4GL5IZX4b|hvHeDZ}Ho@%f<o8@(9MPD{+Z%1M+JQi%sT+Hh
zt%2b;gI+{o)7T>1FVr94;S!QJToCPvh5Ui&{VcA{tYBEe27y9W!*=Y_FYp?yPE%GC
z=-B0Cj8|An;`f*%`mily6tqR3WLzHT3G)&sTAWLjQn@+_V@0as^NHjb9gJ4`(CZ}8
zIN<MrM`vT5(y^E7>}dOw=<4mhPUkIPXBsuVeLvYwet)9kD1q*<c=U_qhLk~c$_?C?
zuR3a|dc4Se+ltT$^hP$4riCDzmiaHL<r&eDj+qo?T-COxw5nC=V>zL?3&7<@hr2jX
z6-xVBdl2@F5tYmJ)uyO-tH5Vocj$9u=?h-_$e0-IIh!ldRkBZ~C+qE<s+=D{XJ>|i
z_cV0^D%NWUKY(K0d2Dc(x0k(M4MOA7Rufjd%s8^@^jJ&7MjGrkxE8bwoT|v3(%4Ig
zraF5{ShBhj#_eg9F=A&#Ya<B)^XA8Aq=%2lUrtv0Cjmv5y5QdoMY#$^9pvT>*e#y|
z;a6IM9j?J~$$+j5jmXAK?Z`o6VJ+10G?U1t*NbnF;<8jVnnqfBNscKchz&|hj34x8
zF>9?iE#En)O+MPxj%F5rznk%0Hvy+dn{j^Mef*vIhF#EwBpuXIuGrl=<JLl(wl|Z>
zb?=$5w;`X!ar^|3d`ZjsA%n4#tQ`Ho(7_%xk{JA}>~wXlg2VAlH~6$;yftn%8Z?$X
zw`Us@%rR}52*sQ(o8hC~70b2nn^yw?i!*j~=+LBiIVJ`GVc+Zi{}xt;+ZSiXUeS$x
zutRPnka%ilWFAM?AVg02X!qv|IT%u-qa?gzp1DLh7$cohol%f5ghGYU<dQs`Bf(fN
z1&x`x;>MGP#Bo8~zR?3~P_7&e%rvn3e%sut%n-5!L`nxm95hnN5FGa0Z8un0S8k7F
znII8z#21qm=vQVJB&G-){2nXiHl=~N-WVppbJS&-zGdUgh{@F<9IbPxq+bJPr|n_c
z5-k>E2+mhw$@oyD??s#R)Ty+N&=<9}MIZCcvmIPdKEP#|_TI#g=;8i!)g@vXuL7;I
zrDj|?GP=w5`@AVQt6E#ucBKkhf9?)JHoO|joN>c(ceJMo3>n#Wu%=u*toppx6et~=
zFz7=x@->A=3f>0#;VD3)5>A9pevEK);BuSb%R=W&O=VPOjTB9BaK0G--pa0c@oeu&
z+J09t(<@Cy$=24{ERtJxU&(X4wvbDh5tUrE*|nm!&Z>Ho2@@^{-V=K}P5e;C=&E<d
z$O=D*l}%E9IA7E(muG)h4WTgKW@BQ>0STWkC2mLYy=72%BRKm<HWKND1E*^;W$XN?
z!CnHPxpCt*OEi;qN<zuh5<-)4rQz!XYFmdT{&&ve#YXouRzEpzp4dHA%}-D^Nm8B4
zS*Md~8u_8wy}Q@r4<jbL-)NHf*Em9%tYK;+6N0p&@K`g%c~r=Qgm$))yp%1=Zzk2m
zSw=_0aq$BOR5>QrR4XuIalOw#ztN@qaVo5reJ@~D7*6X{O{yKAs0)HT5;9*C!t=yH
z*B2a)*H`YhH?YHn%@@GskGTkGhfLd*#Ef#?IGi)#qQ~;NDVsGAZ$V;CfLVA_-TW?%
zs2>4(ihIK46Q|PJOMnMW`cxPcEK1hj*=p?>Q3d)e_Mk=l^Snd4)Xpk@A~^;ZqX1U3
zOtdx_r$oNcs?d!ldkm$$hlIi?md9Nk?}jtVocu#8MAHUL<2<}`i*0)c7t@}`MgF0)
zpJziRgJA|ydNtWweOOmrW6Yk7Y<wSMYAr^cDMxh1%A&NVw!7dj*2bozEZ5>ETrA#a
zw*JX$`_wilMXY2*bi5a{GZSf?mX_|}yz*)Ml`GNbdZBtT#S;BH{xjH)oPWGVKP!J&
zmAOH2io$5d<u*$%ypS`6WL@Pa7P~=Gc`@Le+2={h@fhhY0JrX8l_~WoHGKrPHd(4-
zQ1#B}9GcnZ8J876#%=$?7@etOzC65GvnS0cX5#30&#DToU6k7nOxSsr0X6{3hor#c
zI)5Jrgtb1{4Z#~s1{9DN_SSelDGNK{$CD#AZBhY2GjR1-UY**d7$YeZn$SNUY!UW^
z9_V&Q$U@hz27K&%owQ<%PL7}Ko}(*xUZVA|P$}?a5@cdEa_d#P^DY!s^(u-+5$a)7
z+=+(sR6;_!#O~V9pqe62_h|>ulMii+d$*mxP!Os*BWGrKtp-R2bS0wgWe()Y8Ijz&
zz-Qf;eE=4zO+WOX;=c58KC8pw)f%m}oZf@?sbSc({=<Hr%z6xlmTp3lLZU03Ggbof
zr>ClY!$4=JRVhOt&nG)WiwaRE$XAsyADHV8#3<n-)lM?Fry&3Uo2@OGJsxjHuWo3G
zHCF<rZ;;>9zPv*=bBrW_ip6?@xiwa|sJ4Zus$d#7KQX3cnv&UIg*v23mK<D;F`lH9
z+G@|G`6q9S10AwS%tMeRqNc-nT!^#}7*BM{5DdQGOL{L6Ck_JoSv<CIVCm+464!h9
zRME}}44&LgWX3ANkdRS}htF7a6y?P=(Pl-jIQ#q=G;F3DXJ=yxglZPH7CR%!@Z6*P
zVRI4DDq4Z(pv(83TF71d18l~BD5(+(q<C;RTuIR>qkDapEQu)Qe?2)fLD=093@mPu
zc5dU5k??tvQWY6Uj9AjGJ0ftbrZhNv!yg4vs?{kfE3-$67$XN2UE=Uv!dWUA8>w-5
zM=}|F)hz1OnbSRERoeJ-F-}-kJXJze-j3dBp$v%scv6#tgM-4>NL(kGN0yqbv@W?4
z9E32^J8NQC*mOqLl&06`VfoR~)y3rOY88Xs`7$Pam``oVx0lYA%VFG#)=$X!15E+m
za|dUeVb9k-YkoPvm+xDH?e*T5gF?)PATG;j+~2CZi*iq)@0LP#xM<$!;5;FdnQ{hY
ztBREs{`d}J&g_#RSH*0Y?fk^Y))38@M@EC5o_FXdwYt{Q-F_laflM3cY^!e|-WCa8
z5G^)Pt+<3~`!9Gm%HGv5C>`I{cBt*W&)dPR`jS;1?(ts!ND+XQsgj#U)aqm>I71bD
zE5Z8eQep($;!l-NbaP+d_J+b6-cskWW3?p{WARA9AKNx{q-D?Eo5647YXUthQdShi
zrk=e8JNmj6Mr8&(hjE!aVBxtWfY!p1!2uRK2LT3AOZFMA@TEp}Y^DqPF>UmeZ+EDa
zwBt5c>G#ez5~k%}@^crz`}OS^^7p?Aj9tgH`nZ{(*`9V<Onf!15EO2~^jvaMXPrul
zN2g+Qx#3>X3EdJj6NndONNnZp%?P)RN@ER%Crdh}UlNnc40-Q3q`cYS$tn##+dS~~
z!y3sNdC({ellALdLe?#og{pY4(G@peXG(2w1Gz41)D<FdmTSl>K%_PJ8odW1O8{zL
z-R*@UspO2#gP#v}+D~-|9vrc_NQXWgSTGok7cv1GT={-{5R}PgPS;}LspH(MwH?z2
zKf`VAH)ZwGp-in*?4BKFHje9#)&RuSTO3)8wEG+$UA~pb$I_ZO(ZGEnG<==%u;#r&
zimXq!>UU%HIg$zpxM#JxvW{7c>JetLazmBgXP}ZQ5cwKp*P;Iwp~wueZBPWQVfE;_
z4cOh7q;EU^rS9KhJyT{m9?J*4dJ@g+sVFU)_8A_2E0K~mLs6H(VoxKI5y0Y2*Wy8)
z{{RXRaI<9jIH1Z~FMzXtqE_^+HviM$Om_|&&5OGYLhXGY+ZtW)<bK(Qa6td{LvOUk
zd0*>kVE+lua!to^e7Dfa*gFvLFL~~T>ttAhckh=Z{J376^`wP^s5D6xs>t^2_A3^G
z>N5NW?=!_lf13n`u>FyuDsYZ@g%{{8@s=Tvgjez9HDD5khli)2Weo58@(F~L$$;6@
z+Yd;~5;p$H9bYrZ?gD(b{|pI}c6EnENRm)dMegh%vBL`Vdf?{oCmO)WG^<W+ZIxKg
z23Qw>NYWo3en!k9v(J~fW0qvF(I&5~SfimQSWE&Pj5+9x=tjs%Nu%N>xQwK8!1ef&
zu+p(1D?934-Cgdu02z@YR1NSil~gIiWCS{&#N*_h3tmoml{_pc4UnQ*mh{cAeOI?$
zypCdIFKwO;H5nsICf2U@CkvHbKx&3u*;oYG;)1BHCz=LDG}O#q5n6UyWZ&n6SqTNx
z1lE3opZx{PdlT_F1qnet7)MLD+^km115z<mg5Ugu8p30x3pIF3B$tIfg^?BukZ;~0
zqteLQa3r-ox*Zs%JamPIo3WI<h~nBtZuu<(Z5Y`CjUGyq$w{vJgqVOGXvK)qgZS!6
z&cwK{#L}7y^=(l1g3Ibd>AXK!f5l}=iMhhC{!&Y|<TLXUC+nY&G2Tj>Hm{&eAf`33
z+Ve&`V&Dd)u8ruB8W`jR(K=zIWXP7W5@{r}xN^p!VT+neP&0LrN{rEn+JQ;&H6`Ta
zyt$adB{52mSZJ2l#KCyfQj*Gd()kKjM><qm78NuKYk|yN-QAMIN(LZ_)FrDVCn_b?
zvLDG&7)AYPcY8|~JjNyk@w&>P8tZamQmim4Hot$GsFDuCsH8%PcnQ#iUlwa3sgLqT
zu%TI>Tl`f1h>4upS_C1zbymtilXe6n(3vU+H)-=7c4KFwY^u8pLWO|ovAB^9hfDCu
zsVKf;5lPBvd{TucFAI+dKw4fmcJHy0diQD>3r5jTDl7a{HioXs1<)`uZm9eu$8@no
zK#*pZfTA2iKr}yN{rIPZso+oJ7s)w=#FW^%kFUTMElFwjiWM*D%fUzUs2Dzt68fP(
zm7-?EfrTXz3kMRr8m;6UMM!z?5L9$UTyYBO&!6q!wsF=!YJ1!~oFKO^5${n&&`g=#
zupVbnI+9EVc%IsW#EXOlHPXyw6uv2{&OLZ2YCeh;>Xw%taKgWYj21xR4F}^S!td80
zO{1X&df@1{9;@3|YcTH6$sVn`w^2&&SZb-;Pf5&mYgh^EG~Vh-()RT+;ipPq|DBYN
zhwND<qv^?`2U~DOUljZ@!y1sg{Qb=Ee%F!xyOIS=<VU4OfU@`xIfhM|3aAxt%`W0+
z4D_6%y~k-sO1;Vt<c!%&J6sL4Mkn}HtbP7{@9%u`TB`tO<httE^?eK5Bb);Bhky5t
zlsIuM)_8!WT)mUK9ltuRl$K)bdX$r+^DVj+i*or+Xl=w*-(i|_aKK{YB<6^iASa02
zpkBS2x<-@2_!(B?(N@&6cGYru&ppmYYyGa>X2^_!wau8^q=kODYPzL^J}}{}fA~}M
z=u=kBVx@_T`gwH+dB;8h8mQY+!`ExA{Ss>6Q*_?C!_@P=LSNobSDetBB%8Uln)dVj
zm~AJLdm=NJs37ZXt>@dPRkih2^>raR5oA7Wncm|O5hT0w#rW6O_wQ-XLl$`j-9jJF
zsACQH8pE}t$38`^v|#kau#HbjFWmYiOPyTrxo57~fLV~Zxxo9}%+GJEHysUr9=2sc
z<a{xsmiQ^#K1*2*ud@!^x~>`c{bqK0To(`4`^@%&1Meceuh#xmfp$3x3P;mXW9zJM
ztz{B?y}Z8q=GU+1m+8M|^^8ODxVm0)ljQb52eGzKg$wsz=v#yUd85>l*YD}+U)MU?
z{RB1Q*RORKvLw&lpCL}0BK?MZ{SES8gStZ20v@^ek^<^!0`(jQs_urX7E(U#V{_%R
z>Ci+Fis1q@gpI1FjFJv*Z4LSct-H#c)hkqIM#V-{*~YUlK*uUnf6RP-abi#L#!-Yf
zV+DeANSQQxZ~l5CEX$-apvm&Wms#(1^=gY{R(||z4YJ=d_y%#ac?ym7`2Dh%j8tG<
zbdA#TUQ_$0sz1`;8Ie$u^^)G!A=mt-HnZ*b{kk%|j!;+9>Mwze2~a()v>5N%r&R0>
z#kuPI@?8F_v1Vz+AVXOv>1D-ay($2xB9Zdr<M*oRNh8oj6)HI%?eM_RP(g_Zq_Q}z
z4x_L@Nq0Twoz?5|8wq$E#@~97UU&92F-lYX+Tr1A;=`YJUj#ZA<K)W5M)jrv(6pdG
z^d`Z-bjKKbGnzS^IuLoq6kV9510KvENOPGo+jd+97e!jz8eWX)k+D~o0x2<(;`~Co
zfG~g`LVJp1(-jH!xQOJ-WS_CGn-#*ae16TFGOw*~$&39e7x8nIonl`No63JOZ)XyX
zNzv6D&%N_sEGJ&dyd5-Y5W?Fqh=DX<-W`vtMM>a}%6S#}V;Rhk2kL=4y{&eEJH5ZY
zngRTOS7?r{m)}9QH!@nwiR<BG!$-C%<pTYJi|t#Xz;fx$XS(gjUQCvkxg&L7509uT
zfpB7)W#2|xe`30IKPMG>Aq}i?l=;GoJeA9rjsgd%AIgGNl3Q>?cY0cwWhdCfD5_L+
z`!c(5bY8K~(JCx2<{tb)nq}H%HVKZ}Q3>k1t%E}@9ghosqQJn8E7^BX*uSy;xki&Y
z$#}|lDey?6Lwfe&d{If@F~uBNJ&HvDjh^zqC_mpU#66~p_bT5VhHowgn7Hck@H+2)
zC$vpLkm}x7H{DvRivIN2Z>M?;tAG0`*=jv&+E+W_mHU~;`jK+GUK|)n{x-y?L6chY
z-&GSKP>?mNp(^&2QtIzZSp+oZGRHV%-njDrLdsuOut!{KUc&d&uaXAt)u^rl8y??E
zp}i8%V`{4K&C?lP?`xP&kKx+;{>~p~XWMFjA}%72*Hcd)(DS5v=Ux7Vw)8}je<ZAl
zCjZA(_k>`I<OhC#sFgAMkcy~%2=5N$R+L5`?9wLPzW`nYcZ@<ba>^Te!K1z}-}`Ai
z)?J_L394TGp5{>8SG+1q=;0cRe2wHbu;+TN-zlh<w*P>kkJJB}{eFBMN=JS<T2g<T
zqU*f#8@mons(I<)(zrCm?Z5ZR^LCYixYWed5a;#yGWI+1W-YS}d3t%q)-w@ayYwS7
zw>RFeOLsWE*{cwA)Y4=Ltzq?Jdrdvkyo0Bt|6{@Xa~!YkoD-&}`J5(nE%9qeh2O85
zB5Pgk%BxM9!smEvtx_#Hy`#C#=S+6}^3LZJccbw`?PB|hKsKl@HV<+uXg?C;KyXb=
z`}`8_c<y(EJ1#%hy0=rN=_~brV5~D>Tn*Qzp!LPXzg0G2n`%ifQXMZx^GrhA#Lg>R
zEpva3PE+3cscT+44vBm;0z2t1mHrQS^ardnWjKiPlPI!hgx?pX8%~u9fmC|d_22Kb
z=l?_2vP$h_Utid~yIzmq?d1RMGW@>)wfUQ!!A2P!DIb4pX!Vb7e4iRh8;EEdtvDcf
zW01*o!AMD(Cc8$BtI@0&V0BF}7ELfQmQ+mk<|1cnKC?v<z-m`w6~fd2UF8^SfJVvm
z)1_+%qZX}eMjLv|y;Vu4%liL_ELVtZy_WA0jSM*`cEA}Xk>~r4qkIQ1RT@eAU8Ub*
zu?dJFzFQJwYq_wNU5rgE4t30GCiG%;#T(Ybdj3W=+t#gmlDE5n&GeIY-;UQ-0~fpc
ze{?Mv!F~td{F${pWRdm`o;7|p%bPUzIcH1w>+2m`urBcKzHKoQTDX&e^R@F!Hh$)|
zIq%pVeMwIoM-#G2CJH>Y8zj9XPM{x_YCq#as+LU_au=*9B$6?u6S5L`vRz)$dIS%s
zQ@{gJ$nVdXJ`<z-XYXTLJGTEwgZ|F@^Y5Da)Qas@_XJh3hiF1;0gn_=uJ)BwY0byx
zG1wv6<G47BlFIL^6JlB-9J3tt%85G(06qV)Vyew2#yuuoIc-U{XpY(9qa~<BBjsXz
zzWB#8br%=y7Iy$1p=&sb?bqbx?+OECThf}34RNw~SFG2Q2jwqT&FK-1-p(kx%RY-|
zZRry-n5IBG9eFeOSfb#Z{jvzOEc7((fS^xhSu+FT1n)0=65qJ_RQe$q{_=Y(NlH;0
z%KlGbO>UWCt*TJ$9HQ@rBk^AsKfatSi(hnpzawsv5H;e{7`Llg?hj<ZZ*bhXVMuF^
z=1#al))w+gz?RRlzc*p@q0ii1X}*aIDlXE7AO0iW*Egjz{#ctbI1sTfG2s9j<~uMt
zD&0~4>)U0h=R|oxF#Ab>xFj-exoDx5DUM7$<||HPEM4sOK(wFS#u`)%fy&(JdjDV~
ziupw9-*U3IMHuh4w#%!For`+28LLrl5FY!_HU7anhV%>NJ9u8F^eL=Q>xJMh>dLjK
z&MrQRDq_ctQvv9c+wGZI`=yrA7q3z|kDkr+$r%+B)H*9JBCUq4O~0^*Rxv2vGBzIk
z6SHUhcPik!@(+OlUg5JF!MwoE=g<7U{)t<(n#vB)*<K+EeU-JeK%*3*Y1{120{2xJ
zROETdZxLNtXzvYA#}n(LTlQnn-I-HghrFCfnAHabvnbUr*~rod<Pl67Lb<ZCv@VgG
zfBvWsvD1S1&G{(t$e*F<ElOJS)PBeoIcHPcme5NX+$}?a2zfy^XH-GA=Ub5J3VSEt
zZg>CzB{vl_?zaFml6WV%FE~hG2a?6#gFO2gP6-1f-=Kwsr<_i8HagkfGWp!ruG4w<
zy>65%XkE|G*4p^!AF7)@o&K(iwXBF{D2iE(^ZPNC_ruj;?|r4leD`UJjs)^2yGFmX
z)toXVBwZywMw9s>?qynJnWR)3RbQY45c0YDTVSWU)*{MqD8^cG4@7?8UQ7G=cIv0N
z#3$nOgWIp^<<pn@N{7oWWJgU(+~R?q5GA~R0stZHkN96Qoq5cadTo*2t8_27Q^-UD
zRpg2<WRPRXjUS1ucehA5-<#y)LUlZ`FWl_4r`*Ff^SS)i?(Xo8U^eyVD~cvt|Ktb#
zD=$@UmUM0&?APkW2U4tIcq%M9sJTo7<1YxX`!@@3rV|rAWz0g_xw_139pBv!$!u5S
zSek5KFv8ig)qPb0cdzT5qCuIlNWN0wEcG!HmPsXGVC*$A0e`^azS&)hSEJh@L>Q>`
zy2xGpJk)ebl2ZrDQonBr60(KyM_*bmxZJO5FLb=~mhI=iLXV%!hyCka-LG#)mFW`P
zxN1+)Q64^)Wnc;`W#6_h{JH`CZg7TfS`h}$cY09LO~(mR7f`U_NqRDvrE*kAWQtgn
zG3~`@QAcXBLD8);HSVL2o;Z`~L6#x1GuON$B+M!)J&-4%H+&|m=Mrz+Zom*~dzej%
zL=zp&Bj(NB-PH8z=)nzb(x87>x6{J~U*H&6Gr;E@pvn>8`6tcliy~gAX)56%<-#ML
zLsQ#6UH-NSv)mSxW+)X9c(89!%|?V8JE4VI?Q2kOqdLq)Rv>(%l4{lw)~6v4kP9*|
zLxyr${?v08%W}n5AO05BorQ2dJEt7cbxVX|C06|!Jpk^d9m&4FKDKK(WY6C97AsQ;
zOI>;}F<?0S@S)Y}=o{Zc;6l0P-kurFc=QI?3r9;Fjz6JkJ5zDwrHeqeYP->gDPZ-L
z!SH2OVvMP%s0aX>$6a|Gi{HzUWEJr-CzyBao1FW6=0<1%oFvs|;@Uo;&vkl*uJ*l?
zV;D3rRzZFn)$iEV?zzE!z1$T9;R5ka3d&lD;=5&cN_w4LT$$Uz5DlL6)8W@gkEIkA
zJCyDH4Jlm}q3c>B{&2Ky)QsTHJCp2N3tyo82I8sE{*~Y;U1XA;cy|ND@0qvkYl#5Q
zaMWp}p!7kvyr64MRp?@-$dY2$cy!>ccX|-ZPz5f}Df&0mRT&=A4ie{=(>rkM=N`4B
zU@@<o65Fz0{VC52rULu(3})lc8UDHE1ZR!ExVZaPdPs2J+%6FPA}&|Fc^<uOvaO!i
z35>o;K?a#pT@P#zjLjfB`|Busde5P?FO)9$YhS+6p8_94yJ84i{?;MNv@F6D8vW&i
zl37-I@cWu-LJYH)uHWtuY35+!KLcfE>p`yY${CHwwax4_@~P=_RhU|<T%yyXCXUmQ
z1%{j5w`ePU5M?-B1L48E`QYUPs)akFKAHUO=Ke{9kgEO>)g{^^i;J#)$V0q#$M<~^
z%=Qmb!aHa^zEYZ0vnL~UadFxKxD!msahYmE`tl6l{1u?#;7G1iCiru58pz|T-nQ{~
zHmh(Ctn)!GJIXH@fS2<4Y#tIhXY8VZ2J4ffnp79%HlOi?yRc}Ws_;uem^Z~v;+<2u
z(lzZlJp6k@Ke|?lQIByJ``q*`hZ&LNxs*ZqFa6`=>3{S0i*I2|iHhPA(V|DFfCaK-
zA63y`U0}$Ao;Hs#A0_pdVjA2Du)?xeVvCE;SsX%=n&)evP3I8&$Sdmjd%OAKMf7bN
z(UN+I-LTb4O`WshN2nZ8W7B4`UvrEnqx0;QSV4~T)@EA7-o3ZWV>e?}@aumykL+?m
zMrra3UnCH*l(?Hk?Np)LaWPXzOl2t9LJCa1S8^wdv4454<@|Ajd0)RyMFyt7#LTBP
zJ*{Rp9-s~<%zfk}MA@l)v45rXaOp1pqLv#qYH}Z>XSDoH@l0~|f>gB(bNKLXC9MZa
zxyloDO6D0u5P`D3HG43b|LrC)>J5k-!+@m<i(g_+w2f5efY~b`j^H`_S!+cw)xs%t
zAILPh_?=B%q*yql;h*6F_Xhk^mz*3C1988+Mc4AN!A9(aY`XV&e&I~*tQ50(cyoPP
zlHuVL<lhG)v0V~7WcuVOyZgD~O4nRCTZlI)e7jhLlrnL?n_s4q;4vhl(`Lb<zO_ar
zV8>bzEyG$T3XK{WoBGc+8?sI*eU^=&;9(4p)2BcyVT!nrG3EO5fvmoY?cy43bDOHb
zS|3Q({l$)`hwL6e0tjW!oikj>B4^=;if=$c#SK1)!Wx?xttV9_uWoFYDxD`J!mO_?
z6WZ#jdmlA~>D6cR@l2<msv?=8;=}MH<!*1%3Eo_|Vps{G9^a~~4Y|--=mhpGdon-C
zt}NS})5mj{45~{}LMZ3fu<sa88LO+J2`XsbZKBXU{DubWKfN@e$J6`OPwnzwR+?q~
zR)^euSO#n2gPtBY2(x6?0M0MHq!^Rq3;ZC%DTWJn9t<WsV&!lT>%;L1()SsILE)>C
z#TueQ8nO@D4FsQ5R}pwnh_Bn3Q6L*6A3yFsJV+K3X!jYiu&H`+p7|%DROoNdr_MFo
zzYYS2)-1lnFdT4EQCFE8c;p86I0@3xRVB{WtLPRMhdpp-8L~+76cD5#w|Zp=>+6%C
z0ijD+gX2v;aRQPPs2m=`d@kc*r+F()?Fu3jZ>&j46MLwjuTK4ZBeRcq_>$$vg5nEF
z6Wh`9+kN?It&J`6V-iDyamF9ZcPmV;*hnvu1}~C=rZ}5=?JbB1rFoa8$p&q3_Vm5t
z#TEPqj1|d$gh!p=9*)Lf3<V9ExQFj5qcB!?s7I!-2l&)xg>)f#`*@?m{ha1%8^&Ea
zG;Ou@8|{_$Wp@Q%QL{#*Qe#@soLgWHxo>Y%73F&nO^?ybXXX1g5{C_litW{ECy-*e
zH%pfsWe9P>Y6Ug%#A^y(TG*U3Imh2}6K5)jD|H&}tSOTFDk7wdY2cTTFfxP>e5F}4
zd>{Epw_x2r^Xf==YT=%V^CO=Y$1a{&BdI&%VAj~Q!%))9)Ch!IAQKSV6MLg}zQ}bl
zeRqbc2t*Rn!)-F@#+m26a6vXOIS=ytda_XSzHI)jOV`n_{N~cpCtFpN0R?v?XZxb}
zzId|NR|PbptNb1{%_CpT*5ca1z%Fz;)Fid<`s9bIt5D?uDBfr`!{SW$mr#SlIAkd2
z6xu7S<&*A@qkH<WKA>Hm5qEZFw!@?1*Z3F1%ZHH}QRG#kLhlblcXrFw`<ALz9X2`1
zRrsIU`mcH_td!rm)`Av<qL1$78(rnQ25v}CgHbM|Xn(RT`yUi?$&%qmskCk>{P+ar
zH0vPoa?KO#nIHe~i=xtY4H`Naptk7mY6eul^vP1at>It$9U6!~yP8={P=)%~n08pg
z`IBhP*-i`ijI$XzwkK*y(!M#auB}7PHWfS3FUpT}x7Tcjv1){v$^agJ8?Hz%`74dq
zCkWMF_dfLat~6$BNt?8G4DprhiWug)&H?)OYm?MZ5VdPvBst80MTR!H<e|uI`P=-*
zT8&W;>m}5k$`4WWgdg>JmU79dFoo<;4NC%o@~uO#?jC|1!l7zV0$V7b-Y1N_72ywH
zAnXv!(6;yYmKmI6suz!a?%~S$7-@hS9?EA^CWeIQ@*o))4*%-{<b(S<(|;MUf7#6p
zqI;@2k=<bUVro75(EHic`LB*GcT-;6@J0LsK#fmqn2aK&l5gXj`1eSEa24cLe8_8_
zXR=Bm5i_<Zl&d`f3XOP=xvqQ{X?l(MEUR7Sbh-L~(>*;=LfDcuRxcR@;*S~G6@-a4
z8bO)gIHk<3^a`WyPv?K84(dO?bcWB#sYG%UM@jo%e7$3I<<GJ|oS6wGwr$&<iEZ1q
z?TKw06KBWH#I`-Lv18}i=XcJz_kZ6!FZWt|eY?A=y6RKts!&Yq-~NF`RM9W(%Q|mU
zf#yx`RnhJ@yQ{E=oNiQ+m^-LCLt6S2TRlkW@Z~Ueo@0{o@|66<DB?%2ooCo&lp->g
zQIG+Yv$Je5GS?3g$-Hx1p~K$sUYlgchSZt&=z2pCBr)EDE|0i)mr%2uO#>p@#Id<B
zTPgepjGUX6c)6uTyV$bd`u9U4BSx#m8u)~w2O=gik*CrxN5m82hYKc$T=da<otSe4
zNP<XEsqFA}!EtZ-4@4lJ_f9W^Y1k5j+Wo4UbxF{TD#X;di&}1=ceoE^?$wZxQpR(C
z$xk%x@9byA_ST7K_a(iR65OC3{GOB2)YRNpt@tXbg$$3)+-Z|%(tdMqezqjo8B&8e
z8y<|Bp{YkQJC1xcpk7rofrNT2d!HP;#)iE$JFQq*CaK((sIU;5a(nz8y#raj8w^U>
zgV%GWoTKoB_75ddPAMl~!wtsNMX%q&7vYh=&(gm7&1U1O9h|k69Y`zpU`gj4+P4gE
zUmkMZ3TKFWa;kv5`=?l5K)P7M*vbrMwVKd#i!0R3FXVem2VdnGg}^nz)-0oj-u$%y
zE6P>4jTY>@qY@cQTdUOay31t;#Qaw3^yBiC!pcnloJi5%Gpi0v?j5vo0*L7b3oK28
z(hejjPGo-8{wI%cd0#b}t=ZbuT-*KC+plWP9G(@O@)BC4_m+m8xcX(Jq=}f5{d9=z
zNh#{%FAprxdNm<wa!gNjiCMWnqZuu+Dn|R}`QtCQr1mR3UTB;h9^lLz?0&6vQe~4x
zWJ6rbMSG)(M8$`t0vZ;lFKYeCfUfW{B^j+AG{@Om2K8l-l;RM!-zJ|n9Sd8%Qw!!y
zE;o>7Il83O73sFd*aQXzU5mo`HZ3*zcThQC&62Py?Lw=n%HZf~<~0*1d`01OQxF|p
z6j*qAq?{d5ZdNcS9uEDRWAXUV8{OSeU5+3JH<jrgJNp;uQ&SFzzw)WVA;hB6I+C=w
zg)|{rBBB(YWTh8Bt)fC6E**R4_40?2HK(ovouS{MP}1GbS0GAt4b~<Zm~72p3QgXQ
zK7o`bfy7T-dOM#_4XEF4vlhDH_Wj>l2qpaEr#8p+cQDk2#Gg?=_C7mB){0#0bYD>I
zKpGYKqQB%7@yoZ04o;w?mC)uxde7U*wxsW}q+uhe|I1cja<obJhyDleKKFtDHO8tV
zUsv%20WiW`N`Lnh!$MjqL6Ma*{FrnSYc~sKj8>lrQEm|CxNHr0FJH8~X}qr}U$<ss
z<I*$CN(FVXME2$K=fuTYdbN+};W`Bv#u-Y&3udl*>jWJgz<!36ll`Z+tw3(gqsMhS
zQd%v;PGvL^3m+OKCgm182ND&$k;^2Vh_K$!Gm8G4w44eU1ikM71dr3Eu#kudI17Mx
zM^Zi<F)2ZlH)_yoFYWk{1|rZC?0B(j;}b}sS;B5Y@#?%t8ChV8|23W32XCN%?I#$*
z5luXJXu>B~=9R9Hg<a(UaEe_hm$S~k(T{?ORePB`&i2YVuv~SzuCadbat(!4c#}^p
z68V`7U@ZKnb2ToHDqJ);=CTagBh-Y2jcwxknyJf`(a|wn#2KtT0;SVO=)__~d_OO=
z7qWd->Mc0}ZqW=0379>1BuR$BrjUUtYUW9ZH@S0#_h%+?CklCj>R0$gB9EB3I5q*c
zxu>$cu@zWih!3%?i%s(G9o9y&XH^wLeRq+ua@UB1J?{x<rkSW&VH1(TlHA`zA|n?l
zCR{8VoBRS2#Nm!^w&qmF`$P1%{=SIsh<z8iv{$EE63URw#*Iev@<_+!h1Z@e`uc4@
zElkLE3Se|{OwdvfK@e=bHv&D%EoCDaONf+2F`{-4RkMEx6WmO<UXWpo&C05Ry7qUW
zu>;N?kbt|FWNe+|%Sd!Yv8PFP5EPA5rg@zfr{as(Tmd)QQm|P)+);o9P2R6UIBN95
z4z;LQEJ1e|?GDd-CY)a~4?B8ji<`Psew{&;Wa+<090o2QN2mz@MgyADMwIj$-1E(?
ztP=Py5ayFe7ck77=X>Lp5+G6+aS#w(CS;;#RX*@2%U&1a<dJdz(uy!mTlk;`l5}KF
z0uee*B<XPfnoqJu=<LgaLOVuR3TCP1lBm3MeD#!_NrugM`kxY8CBru_Dh9dwEnjv_
z8~GzB8oV?{^zjbGg$AqYE^aPR$<axri#K{EWjXx|Nl34Ot>Wid6ms1}Ovc;OU}{oI
z$$SjfN4BBSA@!C++oJi=l^8w|i}hl~5(E9i$UeUJhh>iLooB<>sR{b^Jtc-_hNu@y
zID4dBXaW&CrRHe#O^opn@8=CZZ}V7$_!MF&6LSDn3xCV-$oO-o-IOhrX#4M1?sZ#%
zl|4b=<$|;J;=edF5mLW9IvyNEi9dmtIG6wo=3{rRYK)BTpR&7o@&U)xy#+fV5Ry;8
z2Yw!oIBKaoRG+1J3G8W}H0GMv8!CaIx;TOHJse_0ElU~rgNyP%K3i-P4|7bChK3?y
zAv;d@l!dgV$G&)yHhzpkg4k>$c2XYtp9rcNY@WaZosZs#@DT|W80OqDDmF2J*?4M7
zny$2@_b(f|2Xy#3GwPWVD^Xs(@><oeBVPwQ%V~voP-4aG`wMG?X~uhPngAThaa>Hu
zdu0X}UyaN$D@qZbL);?MxN9|*tvs?)q#QiJzo1~+z5bfjNR0OX5jgX35aA_c<YY<v
zos{Y6$Q6zLp6E&!TXIZ-4TH9MQjY9Wk!}+Hdv|_$DN2GfQ52-%+sgWefwz0qT(*jk
zP(L)H%VF#>a|i8bz}NZzaoPoyojO}avceLmQYsKJdb3^(chde^h$9;^JBo;epx|YV
zt{gIpXEpGJ!;@2SL^R%+=&8HTYXU>>HpKph+?-Q(mSZ1zxCbTwRzT5bXJMWDX%i0W
zgkgeWOhRRaKQu-dcJF|E<-P1V&oc_0uZ=r!KP3x8@n|8Z`WNpb+BYd>@WCe=@7>al
zp-&d2{{xT#ctmVH%lYX#YHWg>0aoRjN&@3Ib~(hw0!0X!ijYw~LCSW3KTH{xY&wEG
z3i}-57|etyUO)E2yjq3TL<=5On{;zS-wRTk>kWSb)nq^B;o7}%6v@q5dcyv!DM06P
zUha^{8ow&YtA%h9W0#!cz}=-CDL*wQgg6N5JycyofPXnWz#J1W*vKNM<c?hl0WT(j
z@^eCiU2i-TA5yr&pVxi?yZWnhN5PuINP7K!s<;vmJ+Q*HyGPpQ`OGT<Y@<7q6M&u=
zRzgInFk{9$UR^%nVoI;Oj3shbWOAZ8r5Go5KpL!TtRA-FH$2uwX}O|a<*FQNln7`E
zG0cgWns6{dv;rkCf-;uZt{o8!MXe#u7)G6-YV_RqB}G5W9#JJpR|GXgPCNn$?L3*8
zT0|!sm<ZAy4Hsp1NR^<W3g~3z>&jU_tfFijr_sWop!&*7LyL@QP~H**Z4a)mk@`Of
zVy2B8)%XekOxSq=a0}jH8r8#%X+w_Nj3K&b(_xVOz}p`QT0={L*k=)e4}ECe?IeZP
zHc0lvuWZqlGgtIV*Gy40Tf_tvLFt@d+L7NjlT|ty2UcgJ6ek%v2wTj{4wbc2qDT(V
z%?zsO!YT<ye?K-Y9ER>z(}>S!MXb=?VrrYbLwn7RkB&wdU{u1>Y32UDOxkV?F|@}h
z@AuWB0QD7809Lr-*knC<Z<3JrU^YyO%->3Eq#&MDPW-JA#{)I@&3Q(^!{hVN26fJn
z#P5L88e<V|qwxNbeB?`z`k2pYVd<46Y5ECgF4KaUFU4Ts?2Ek04;9&t5mFuc(!|Vn
z#ica2AQRrfT8m5Z>n`}h(!_4rV_8thCSW=2O&Ra}EdA0iF0TI(&274fph65IcQW>u
zbNXo9<KEh$wuq^!0o%z4oC`(4?=a(eVtCKl)-Y2gSDfDLYA;v2O`2<X`l5S9G<oYV
zxt6)tcm)CYbm}n`MdogC$8g@riN|9&uXdW;n`YC$>c|sFjOvBsW?&k)mBY(t0*^VW
zGH2D%=)d;%Q~C}AGcL-#E;r%xD=Ll~9R0KJa3*tOBLLJO_%@|+Rk=ImOYIxQ+xMbz
zS-F2{%Y0zU=$JO>ccbY(fS8__BjR_2VM=-?q{66rE@Gre3X~ETB3O1bX<|}I4UD48
zZ8<^a3Omf_X9Fy}$G##6sHk=QVWi414(LKIM%Z$ZzkK(hX)J~9S&wCtx2fk+2u%w9
zHi<*ayI1mEKss^k5b!JW$-wUQsNT0uSTRztVnFP43j8owLT}MsA^SjHLJs0(lYP#V
zA*2W2kccy}quzuAj?zYMVb^ImEVLN~jTp#wK)y#8XKE@wJ!S!~*~U1l`7E+YDoCQ#
z!F>7xM1ra}3oIX^Z1orh6!VKze#HB22Ukqdm@xFxo&D+D3Kz)^gH}N7?4>1&Af4jc
zFOeGXHD$obfzFbYA4Dae3e=o%H{09EH}F!PHW(DXd<{|3PYmHBA`CbH@bncqV^#T&
z=sxBxC+ztmUs>afe2*}|ud8a>Il~#fc_aED_<85@Q0USreE)=T*w4;lEJV%V)qkHw
z<Hi0u(cCpKdjI82`r?V_lh!Vw$=QZ)!07#Ew9jlFx>=uGn~U%5{$zd$l@%&%_`f-d
zi5^bEoLOeEBIG?Fu&p0Kj!S^Uw{8#7&Fd*>GIZ31t~g7EVuG^oh)4h*iV<&~(Swn;
zH11%6QiyEI#YgL~@k0;;w#Ze}qm8#f0b*xwS4c)o;8hLRHlvrz+Y9L!6yDfO*f{k=
zKwKPvX#ZQLuzTqe*3m0(S?>2!!H59tj6X%9NYBBcRa`3o%W}jR12YuKyOlJB7I^C_
zj-&jn`8m~;OybxUMyK#g=KQCD2u`LhKB=o__@EwD@fH;-iy|W&$~#q<DE-&wJ$xm;
zT9o%v^ni;KhCV*s1PI8#J7_;{XGj>0Qqb<JugM>d&f;lMSE1@OnX^KGCchuB0gP5$
z04z!Pd-4`n<RZ6R4@Pw|Cu{^e7@A>DfQFph@MU~55jMN?>(SH&*G|e<hV_&l6`GTY
z-&P2pbzdF3XdPK3aFG;j0_x0Uh|1CRmRO?X&#0=@&we(JDX!gwv9x+1J!I}+(U{d=
zxOp$cFNq!tYp7t5+r!tBs)R#wXIpu-;-x+#$Q-Av=pK;#e^-o(I2dC$+6_4<&VWk%
zCdwV-dqkX(?T6E0T9R=0`>{!sPHlJ*wTO=Lw;pK(Q<L703AAW^yq@6)Z1VPwt(Av{
z`N#cD;HLRsImHpj+9~R;S=%S63(*C_eNCy}OGdt_Pz9;pStDRmc?HFVea}z{A|Z-8
z7$kS<>(gNR0_7Y+vx}XlUv~48ZELGrqSHrWs>-~oA^A8A0`H4=l5K0d7ZKujvBSL~
z`AbEWG(HlE=iOWS`jY|?%)47`4p`s86AzxK?@E%bo|8#iZK7LdgGw7+RNp6lTxoA~
zGLrl#|8pOkJXGL1F+@)=RE`u;;^7%7L3eH@%_@@KgC+R+!>7~NbBSwcPJvs=p3{T{
z+wTTUY(Z;^OT$LEFw#)d+^qP6ddkj@>Z__mS2ncwTPpt^G^(oS6BjRx^}=+2OngY$
zIo^39+F>s|CE`Ad;0B+lNlK%$gHcf#T~6J(l-yHxOz*PJ#|c7{FD_V>90#e}qYy*V
z-+gqU+Z%>1O<<>8&OjYc$ni$IYAO5NEn7lbOg~s>3^Y--7Y37ZBC6bd@|R5`)LuWi
zk$o5+-x8N;TOjxA!1HVTV*U5NdR`(uFWl{Yt*SrA>kbS$PZ(`1V2FtFC|hoZTr-Nf
z$oG~Ts08c|jV&UrdEtkv7tUp9*3{z&{j-a(DN+$D^C@?`2rjRc15oWCt=SUntdX5X
zGWLveiGm)egh*B}T6JZMgnK+9@2+!=2s3bynjSf2ir{W835`LVItC$_uDm&Y>VW+P
zS)Ln`=_3BYu`}hwMiZ$HhrL*;>-s@CKN&Q^>Q|NtW^ACS^lABY{g+!=hz)0;NIBe)
z{QdyEB}$wMvC6c~>?2uV&=Rp&Rvzii&4507XkHoV?y<{QJu2|-X=PfflONCHsRngZ
z3O6!e#I4DyzNian^lQ9VTY~ZyaFx$u0-AWolF)1utM{V-^fY#$PBwN9lM#Su<j$F>
zw@@^Hhnz1XY7BNO23wKuBNJeDP5-g8npa&OJW0K)in7slK!x7jI@)iUvD)7_8$34(
zp_z};)`GhIxi73Ig;j9URCZgNuo7a973b#R;)jp!+R()$rlvxN8(?dVl;Y1*8Py;1
zBFfxWXq-<1pOA*hB8W^Zx%xY;6!?ftoLa6R<@*Gz;ba_>f=(eT{76GicdHV&?vzs{
z0fm9@5z9=SzTujuTY6;t5Ywcj^qGpV3yz*4gKV+QK5{6JiC)o(4QN|JISpO-A5FR)
zgkL!r?Pi@b_{^=gaE2vo1~w4}`SAF-s-bV}Ykj4Hx6U<pQK)FWvb9+6?+~(Tvj4{b
z{EwA@*e9{<2*{hVR}ULBGxc{*QoZMSeeoqud>psuIDKr^(9<#yZHVo)=yO}E$%$cK
z$Yj40r`TcZ5AG-RTl&ip4b?txZw>>&^|sQi%D&#=MYk09c#k!y)*UkG6s_kU9y86&
zj1N7_6Y#AIBlrY-$M;T)&5Av%<7HZI5dt?1$}3h-`dg9S@YEE?Ixnw{y*;48pDbI;
zGhgsiUkR6@DA0A1B}$ss=HirDTcFmwfE-rx3HITay-cRStJ`lq`#)B^9ehUe?$;-4
zX3Pc4gkKz-Y<~D#yxmR876IcEp?dke1OqNarq3Ep)`ps&v1!Agc$!;UR-acss_7eF
zy`saQ&M(ftTWV{spP#^K*pyv47Mt6;W|SPLx;@<KKY<<=83z;G-z3JHfBuc{@BcQT
zR+pQ;vZW#3)gJpX6H-V2`WFlqOeoI~uo?nbow1myvNvMO`F;QwCT2r)S8eBxdcVfA
z7I*9B4AnnN4B3@%n~s3Ugf;nwG9Hl-;|hP4rETF#INVF(vpjFn9AJt4D-HKv8P>*P
z!R8A3_RQrCK|^1;XmzEREL+XyK%xiKwpvVs6Qh#J-E|$eszQBrmhk5JZuLkpJp_|J
z>AN*hxVvPKeBn&Hk2m)nQ?~=u<qG+JjUucMrzs~U!N8kv{SEj$L~ry>x13;mCvByQ
zqOslAu#&XQw{+RANUd^pmH@`sQh@J=N6lp9<y$*Hi=hBZc9SI5c)#)ZNjA?9jZh9)
z$j#vwwbeCFA4BVQ_+ULoJd0nG1AP{(xg^Z+Nw{El-6}-TG-mGRNlh`f1%iS4u^rdh
z-!2G-d%kmKr^l^oE!VX+(%p3_d|(Pln{x^A@`@DFg-2BLFR@vl``<C1BOM;~uGcUZ
z#7^R0oKTl>#KLPWEmr2e<xe^t9&sI=HEKL<aF(mH+gw<#Zf=>#d&6C4OxHv2b;Wx5
ze%tJhjj6_eaD_^zQ=2GrzM4R+skSfNUaoIzm@McG(Ce9A8hV+2H(`a{&TlmA_xWwC
z+c37abXhBB#(@iu6+00C5&QvmR(AJoY0+wFxrK`(Z_z#Eeq!0@1}H}S?p#%N<{$Cv
zz;q{`CMss$am`G%Yp6zT{9%a0D@QL~+WdCSfa~kiAWuDsNHPLk*>nq$5AU*<(<v;{
z(#KS&*floPu$kc|_Jg~EHJi=Z14Levw?oKIQC#B<V<0~4BzHl$3XsmuPEkEw#_1=i
zI8oh(cHgr93ullsZ4VJs8nhE|Uw0WR=K?=k&Kj)lyjo#-CPuDfssYS>V-H4ibK#v9
z`ahYJHJfHe&?9JE^XHxwz#GeR%kt~`xX<%*4-ntafBl2`^aIz}l=VU>^E2qVXHW5U
zsfa$(S-+vxJ`j~O^8f-t5VQHSg#GFD=KDzxp!Va#7?d>c4)BahTaC+DVetX@t*0%I
z*xRjNy1>?MyBj@cS??&nY>U)l6P4u$30Gb`PM!%GRDWBUz~zHOBx|b+7H)tK_%$V@
zmm`*D+vB_8A9(TU%7?&-LFKDC5PP80t}3p0Y3zmJE<o`?{C>TD3w`x*aM#l`<+uFy
z`C9wQSn}?>_EvcWz5H3RGK+e2^z(X8olhoqZ|Am!&K4Jp$u0(o`hk)|AUgb<MaCy~
zvhL?ob!{7{Gi2Qu;js6k=Nwa%V;j2ajBx0ymE+qX?Z@4sFHMK}M+*3VVx|rC^$w1X
zKgm#XGB>kxa<Fl5`lbXqDNBuIC^<gtR_L(eWLNz52u<Cpu;OC503V-~Ua%B~d>>~T
z^0CYra!+ByW<OiX&<pL4<lQ+4vOeR@2?=olez{c90Hn<(<KZbm!m#mhJpcVOUXnQ$
z!d>r29Aw4{ZULU+zdxy_afY#NJS9Ek;K5E0xW&Z8u(0#QTN-4Jo22<XmMOEjXH=0w
zi_Ed+lNLQX28;Lw3fY7rKldPGWhg(TzRoi+U6^5}gPvyjyx%YDbo)FnoIfo0e54>+
zXMLIhjE7@E<w55w%$D)3Tjbp)GF(u`)t~$=IV6@9o`WUQ?h^i);yS-EIX4enVyBej
zaVfKJ|6b(%IbPw~(GzH-&jPFajq8Biro5^Yw7`n|O(6~I$4I3>fIs_xN{%M%yPrd^
zdOklu%Py+xzjK22v+|#15hSj=<)5+$z%bVIoX1H6x4I!w_7WxJC4bU%Pamu^s5~$@
zfhOsN*H-87?|{F~WT}r@Yl0a7*rPfaSRlnKu3hE-fT;|RLwjun#yI~^gqu;f{ZGrb
z-|J|1hr`Kdhed}^1S}?l&(kx@w(lc8CZp~LzN-$}7|g>j4xRQV=64cIfsGyq;9TvP
zZZoXRzo_xA{pCz!)%phX=V+4&dIU^wju)df!)#ZwXUGIKrIi*<P<_Ok9q@7V;}ocW
zGIl#B$7kFJygptPc&+{ND<?oK^SI+U_9Pg0-{w^o<cbOa#oi%GH_yM`_6?4E&=AaS
zE=qcPze1hmQ}M?~ZTmXY+<^lh6g_ey+sE^CVefTbh^Xw_6XH>Z<1nuh?mI&)ra?`y
zpm(osOn+keQHJ-k0;!904xdx=E+G`(PT9FvHTk5~9DsdcZ)Js#XZ8$42tGo3LQL4x
z+wsWcyYl`Yr;R#HSFqcE{qA|Yxht>w2K_w)E&s!OfH6O}nOA;P<|&R=2P7AhCfD@V
zA<4Y-nZ`3-*5Js51K~Gcezv9M**W&U?$w|RkF?oY2ss;v&Yqv%*0{H)^x&Yefd7`W
zZQWLxA3~%rZ4@LyB~-ydiXI)iq$!0;5X6|9!-7<aE9nw^IhQ_2KFjfyeS$jT#7=GG
z;e&CrQgPv!6P6ee@Nkq@uFN!HSsRWw6g(WM4kaOH%XYi;DX3^@K?}DCX$-m;B4t_n
zL;wKuQxtydW%9(vUog=&ZWHlmr-LDUArj;8NI3CBS|OA~Q8^u?D;_ay8$V$U4REK~
zFsIm2I$4C>_kQ=*7n)x$`$m)nx}WHQmi$W%o%Lf&OEnIed)u%{a{Yy7m|*ie49?D3
zZwcvf2s5W}8qel^eQW1zT1EHjCmmVZ$1#*WuW6SLOG{<JK~)s^4XoCm_uT-3hNkWq
zpnJ{_Yh(4Uv8C8A|CXkstH4Ps<h$@etM@)x+$F>Z@+!4TgVZ=v`X%R+=7v7PIr_Y`
zmj7nDUnmz0H*m`8i^JUq85N&HS-PuDJ&giVo9%{PGCj6u##QXG<@HjSnb#yWZ5dfN
zRa<pGQ)?OZh^ZPv-}`l82nEX;e8bh5rPjpCEWJKc10%S%_+`wDtf3}V1hE4Vd>%I;
z@V*f;akGj_Dzd}gzK4V!vCOTCI}4M>h+6XbEKg4SK!xwRJ)dAl%F+~{&O(diEuFQe
zS5TXeG;7O?pD~xYYrZAg`O-gcoZMAy;%610@JQI|aq<W|0Vqu)6Z9X>YGvbDrhAJ{
z$*srZfol1Jby8Dg?v=6~8gojCY?6HcZAKYOTEULfpX_uB(rJs$=<w0u;Zhq!ZFk7;
zw^2qXBV*<oj~-~KGV=>KJy7$9c+eFZrEb+=GU{cdvXwhM(T=|cj+x9JW#0%=*QCD7
zG5-A%{f{C8U0skQex0}b)cLB6tUeB$f@4oHP3~bN(m?L7@(LONGanmj*3`!<vNnjm
zn6$)rY+2F5DQPgze!tf&EOCbbxJ~i~0uKyzYCPu`*yZ<bb==|_;oRI=8tQtT?CGP<
z_Q*!@+k8$~Fd6j7o?HpT*5G;8y*0MCOQ|YjBbw#bvNEx)sEge#GbBdwFUL?bvd_t=
zJAU;R!i{x=Sun``trgrL_xDJ-!HkJ+ahX|I2~z8jG8bp;(9TLOmVSQdi0Y9y$URRY
zASpF*$k;{VCKn!$MnD8~Rv$eX<iM4Gi$Kg=S(%B?!4tF6!`5E&<=|Y>)XX;XFbSdG
zL<S3Mw_OrQ{#JL%h<u7K^O%iLwH`9sNqv@QYJCL;cJYF<_HO(q)J=BsrXFXr0GrED
zwxPEdfX>uVqbXiAo6r8Xn>#tNwuT`Fsv-<_OS{+<29trr_iq1|nz@y5cMPADWDFNK
zNy3MKYE7&C9hox=;$jI>TpY4_sb%IjCKe91xw!pM)p9&Tr+3ly7w?Np21>9)(h$VJ
zPZA^d)|R1>8Kj2stnAHMduuFg0yDWTh=5fhAF`b12;|bkW$u|P7H*b-jW8B9q+=iC
z2%1W{)-Bx}Qws;I`&5DzQlUf1!D|{Ytx3FoVPQIZ3;9<+sLdVbfNRC)rg=Ys6<uQw
zk96RrnU8KUob5Lbd}t}ctvGv-XFGH}LzLt^uJOab-#B3>ZhBMTN9)qb%JwodC+FbX
z7>60{S151LFsutE7N+p6ujvTs*tmu!MuEYo;B-U26k?&+IogA80Wmo#+@YbNnyWL0
z{E9`1FY`@R{r@(g0Ao;vZJ=d~KTTk{jHM9g8%COT+Ve-)RofZbz>EX!?inT(mY#X>
z2RU@aYIHOrQ$xd$j5c+`>~wlI9+8SqQmr72j3eIsspQ+`)9k{#qJddMf$ol{4<F-r
zd%8uffk!L$m9_ruX315X2au#<gTbY;h-`Rpj)i9`YC?*Fr~Smj()9NUI(<|YU(~&5
zg36y4BVI|(YB)@Dg)P=m4P}Pq8jrcoPRXBg{CgJ{3(K4h0^8Cy7A*WlNu6>?z{y|I
zJ<<j^Y_=Y+;Pr;hz_m|~*lrXhqyB3o@%asv*vD$v4QJW>j-D^}!&zL?pya2eFnM=a
z5m|P~cWk>Gi5GRm3@T}H93TuW)3Ta`g_Qsl$BauF5?-GC^y`sCQ4~|gUGXa~sps04
zL-@pRWZ=W#33}Y&io9{#IkcSw8;2GpF<_q_xdPEd)w|1&WRWV(G8|w$+X6)IuC!oL
z^uI#Pm+KbPqh2Skpd+QoRCc8l-h`JP520^hO_jXAQt}Xlg3qojh73%?m-}-e6Qhtx
zdQQZ&{B_;a-r4kq@*b6xFr0@>jS+Y|09Kt&WCJ>8q+7#qk)b0-_)7LW^M3HF#EkVv
z#HVWv$QkLS%GYh&!<jSM7bY1eaPbhsLK8DH!vK9bwT6~|b$^GyD|5EXS`CEB9_%I~
z8~95PU+8F)xB_O6L$Nr4ptj?sFCycDWoHCUPHKH8C{Nzwi5IXl2j0h`HCy?rAj$t-
zR)R#tCk3_zec~$EtuXLUKHb9j?ZBAH043!f<2`YSRr)~$N3jwF5SSow@Nq{^r<{=&
z8I{Gm1C87&`OPwY{woiG*l#MU3nCr#!Mo5<^>UcEAmi}wH$;5wSuwis@~G(GqJzjp
z$Vt!bQLC{^Xx(2-Oa^w&QGaY^$G)&Z%npA0FA4*Jk~}F;X@K8I99eTZAk>^or|Wv>
z<twOG&hj^X@5P*YxG*a=0e(T5d3<grpGpEEb|zj~rFHyPyAPgU=bu5?ZKs`@kV7E%
zDJ<>DZ);NBo$;(t0mzOHY<%o}PbElK)j^MsYj#XV|LFtiwAPE7e1LmUE~4iUB#t6P
z>8z5bw5KJ+!8A$uxaaVb1LJ$r__5l0gp{|uu^V0+dQKJn^!zsOgoi!3U$>+Sy9)AO
zOtJA9uFVVn=zC6*j#pGnhR<&Ldffi!@Pl$JKmw^NF~B6Cs7Q9sG&h+|P7&`&T5g95
zBPwI=$g<N8?@#`vxX*gZDZn*4RJUIE3iYEnrznU05R)^&c&k{-a~|-OgVdfd^tQq@
zmQ<E7mw|XfE+)VA)!ff%+RV6_pqwS6CNk|wq|?NvHG}r^p$9d7d066}Rfu&wqiTBi
z74|W?oIE?=hqWPJM6K1A^xAg?^<Cc7cAB=U0u!(C06%BAl3-d!+;xSQXBOh`GV~Dw
z0?8a|L^lp)mR7<2_t0;AKF3<CMO0c74K1j6zr`gLf7K&sEUjI;LYtXhosXK)=!>AH
zYYp@QnWf)lRhAl)kclbSIuhTDNQch!9n?|ey*+sdF3ZpH@aED%Wn%YV-@{%ZMp0NQ
zUo^5Th`0{1*M#Xce_ry@5$-=dh1X=Ftci<-L*EtE_y?R5$+N(`hKyKy|HRw9mZ_L4
z94*HN&leO7&kym^a_&PKM9=5M(LAR4`@xUx%)=Vv2{h@x5^rG(86V{3qqi(BDF|)P
zb-XFsypHf18`(#S*mA#?W+?refadrn-TctlDI1RxKOf;)g3RbhCY?18E_J}Rl;*I_
z8eTpr49A<4-0dyzElbR4@1?lTDx>Si$GLHUW=7_C6&n3gLjdY7-~Ov@%)>`05@7gW
z@CrNOPZDU!`D!lZ_XdPnuGQNKYiK0&+do~bB&-o67`Xk`f}i8)>VB}cnAiIDj=0f&
z6cE;d$|;ci{Bfh1LD=f`&ci9Na$mXpbkct>uU-Rvkd1GD8?11IUNF^gr1zolFc#Ax
zgm!#+UrBiS6k$!6>wPeW?$>!Cqjv$;BwFjCJwG*O!R>CZw=*U$=yV{Qi_3`z>I!o(
z)I=+^NjL_5(c^f=aY<0K(dK#IXbUp$3@s+Rs849D7<%ARzqOga@#I2!D$UkQXjTwD
zt44t>><jMb9^oxr==tcX{=Vk`dx0%V2<w5gS+U`W)_$kz>Yu@~#jA!#tx9GASVLsx
zs-#dR0HFCMeENbFxPbsiKC0t=4|kMbwUMpKXawd*DEoOoWPHG{ywvI}DC7Ni^c;`)
z%o{r+$mx5K1Ab*LOQ3Akue{{`Y30QGVn8yx7<T901TJ|nacXNYpFnj}R0a6zZ%I^1
z@uNj3y$o}c)@zIMSwW*C+S522P8B>03|IGwJFLFb{L7bbj7cT?9I{{ryjzA=X5k9{
z$fEC+V8_dAt@Q8(HDu7D2FPGVuG}JIO<)QiY{}=3wkrHlhng2?8p{$7t_7Yt-dcVM
zqLX~HU%FM?n-VCx<@>K0z+UG~J)lGs6EURq-oJwdKNE+LFDamv5mgy{2fJM(lS0IP
zzl|Dz@Sg8-i(d4R5LYE0g$7WObr+kZ-mr}zb8ahu=9PpaC?;MPrypVe?6k@NGjOl}
z8o`&EI9veEZ$0G36$dJ(UJtV2Q<-M|>d@CW0XO-)`gR?R8bM7>HYAFIlGV50N0MS+
z9}xpByiZ<G<(xA(g!Z;?{{%Jk9{})Q`2K;=@iu-ouJfUL;NPL!`9}IE`g0$>d+*}R
z96S>5Y3Jtoq9)D1|JJYP&jRDp-T`K>07vflz(N%sY#%M_OiF#J=oY0XQm#_qtWn9O
zE6S{9NfjdkQMY48`f|)fjO*W%a|x|cw#;6dEfu%<7rLNp^NW?bS>5btnu2Ilq;#s7
zqtA~sL^M~r`83KS|EHmZ<`dn&A!)q?KCgTDFUyU5z}5lN<sTSs)d9~SZAEv5Wl29-
zWbGAP@Io0b#G0OoL#*qT<js6gb*JihKW7S~HH>BH`KvM*_TCs3+^gfJ-7}=SVpym9
zTtc<q+o$t@F5^$BHpR$l&Xno51E8HqsVbn0MJzsvRy8<Dr6=N`HZ5p%>EyQuFuOSe
zzJ1%wVVgWCq0JM<I0#ybzU=%blO4e<oSfVZja(!bSyp$ZNasN<7*>Usl!FN?SV;yk
znTa_G5YfPF8)nJ(CW-8c0<E5lQ_dxykP(MBJke8$lkF!k_=gT@9y2$)kWxI>Hq?O&
ze@rhgTUy4d;oGJ?X_UQLDMbozF3U?9=I<%!gI#!R^5;0{=!s#I;EOi7ugT?iQ&ls1
zXw&Z<JDsDkL#%XR&j+IQ^F|&zi@lX-{<)kn#0K0%(ymdTZ)zfsK?Jd-K;TVDLm4t-
z7;fhomT?`BT1k@Xogd!A3-nZkZQR0{0B9-MIXO;FR}uhm|26J|@L}s4O=PkC#(SQ_
z{O1-U=;_zgvv<$qX7<FYE;DT+`nMpmZw6qf6f#&pAihB=i2Njv00)h$RQTZ(pJAB3
z!aALkNdRSrtnR*v?taF7<PO<R>#9f-r>cw25;YRybD14M?qQ8!amL+vM0Jk?5h21t
zk|05*#8hH179YfYV;tm+eX&oioWbJBvWKtVqxE4=ksi4NeU`>pP}mmtCj9#QxE}0X
zN0N7-`jwwe)dU$p61ql!KdI_j6%o5LF(@O1Aw$kbll^<-I|rHhoHYRW<VEwEgxK);
zqp*k%-hje+7{Q6a!Xvb;GV(sF`8Hp=pyQCmx*5N8*h2hzf5{W2nec~o*iAH<8(~{G
zdanP~G5NV0F8AnJo5sWUhSG%1ED~tY6H${p9JgHBqK4*Zer-;q4u;fg)dIY624TSJ
z?^d7i@H$nIVH*?G2?RU!G-m^S7+sFKvkr;XwyZS*TG^5ek*esD(vle3vd4NpvPAl<
zz16x~JRV<0N(3^8hX+(NV@}I;P9$Vxxu><w4O<R_#byVeajia5l5nk-oQ?~zH5!%`
z_Zy6$VRUXhUT4hS>g;*E)t12G1s|K=$7|NBXe~ptmrT2lIby~OPB$|GW4L)nJ})c4
zs<ZI#`h#ne;+|DaJm!&mOJc~#ZLziy+FUNBFj=DgZSTMkaZ%(ZmY~J;M9J0qtSEOL
zB&yg~^TcLUY>b~K3q19agvN7Cb@uCG;;TDVn}<{#N7T#HWlryQtkbP&{@LkWN3%2m
zCBeRuP!^Y*PQ1JspaMAYEK)9g7erBjQes=)$cRK?p?Z?;LwI*Hj@w`rIS)-HyCZM;
z#j%n9z7m3tH+ZJE%~o>?uPz1|N`weWLZ@SIauBsJ%wef)78bu3TN0(b-<i=|u_TF}
zcbibF{Z{Ab^~#7~S4=f^n+Bbkja#+`JqB79e#d0wtc8<a%Q~721?pj{HTYyie!=>2
ztNDNlfTWHZV**1w9V*3`qi6-|k6r(MJL4Ef2K|a6fL3iH_6mZd61#!wk@ixPo}y|B
z<~&`tke?#DFh)(ZQN2;LadlNLN}{Y;*@tnCyDxgO)BwO|9fluO>HBTkP8?9-DWXZy
zu$UsZU@K14tv2rSaQ;BNEaF+H`!#D4G>=p`U!!`e(JU$mx5I-VN&GXCgT{@Q$zgia
zzfgbi2y^<JVciP(WZ{gYdeCI3f@9|W)^QVade^GOe06s<C6KT1bHi3?zVgJziZDXK
zpMqdnMq^P9%c5gcX1a?HqjqBgwF|wjZ8#Q0JPEQyPKI<PCR2&t^OF-t0?XO8wNn`E
z$;rtn{X_kb@|It?<mh)97oBi!zPz5Rq82h7WQq1d-kZ8(m+VI3|M~z*1ey$WI*VAk
z0nEAEYnsrIy0N&TO(!2oSCGh!EMVPcWk0#(pQZk}##rS++-MP-RweerXhY7FfP0tQ
zruct-<zIjKHz!L6lCxsWrbO5e<q8=M=}Qy8+F-yY?f|l6R=n~G8=DM#?~u;Acs0iC
zjHadslao%++=SN*;ldtfddy*8=$Y>ZLyMwxBJJ7`*8)~84&_}#pR{yPA4PBy)b^1*
zMX?L%6icbJ7l=<$TqD~>aYeNMvwAT|$uNHfSB^|n9EnDfnZC}G)gSYlkcB^0S|g-#
zEBa#n{%wM@#(>KW>AiH(B8?8om#t8!QL<6CQL$0AQL|C^-}DfHDTTvUV(L*2`SGC3
zCw=usJ)M@eNQ~vw0Kk6fSuV8o)j7&0XUpb__Pgb2l<o>kYloPhft(a>nak@wKA18c
zda*q_+3tYvpY_F(FEtqBi#a(Jo%pp}r?Szf<&0TUKv2>JpQRSOY2^0*e>67OQiOFm
zAl$Cz0BeLf>NJ%(ANjv1{j8P{L=B-F`Y+D$<ix(NVp`q;oyH>=1`w;a|2%fVmK8~_
zg|<E9j@&NU;T5q74C%Pw8^0*tX&VpTEbKtY@;UD-9nsYS`z*`eR(aON=We5#!#N_F
zBRC?PBRQg)5npw7GX@)?1dx1*UqtREImP}TQ7JZ%>Se=%TUcIpKDnd5gqTwQ<#b8L
z>`h_TJ<t)Dn~1V2-Xm;Q)g_O8vI76EVTaCb4%YP1kjt0|TUw~yl>VU$jWt~o<&Hnd
z8*AU>644xGjx<e@E6JDTA$GyUnp<dpC#lVxhQ{-HZcY4;gn~GNCIey#d1N7%IWr-j
z#}73#isk;)xib_*z`)$nGG(eGk9lWf)De96=o_`gpp1qmG>52RF_GDwOd4bUHWvNb
zF}HV1ALe_kEY>uhdt}+%4R}Z4^|zmVl^$lm^Fl-s{cr)`G3l(i5p~VZ9Cvao$N!b-
z{S<QL+U5C`m67|iWp2Wr+y~E!Y|Auyl&h;Y^PvGJnfE2G#^3{6pwFG9I8zIU|B<wW
zXjT=X6%)_tay86Nc19NGD)%?*_VmDAi}l-t@NQ&ZvKOhl3~|Cx2%hb|#)U2KXHDII
zuF-!DCUx3)rVItBIi};=>d{2+`vSv_)1;NGD}gl&R#vIHjR+}6HZc23l;$sDLCmbt
zyG=S@`1A{E5kJ<!M1`Z*Uv9pHwV@(+8OOY{VTFwRe$7tQ)&F~w<AbO@(MKCK=%xf~
z7Z(?^r$_QF%Ja0DUXq&m-6@r<FZf>`$qVm4e13@en9aC5V5W*A>W^2I%9i2#omhwG
zfs)16vWwO_H#Eq;)GsP`)yKxuC5_6n)p06mb5`tdQU5H3Lj7;`lq_u~>M!VZ7hb7e
z>%>fvS<{xJk^!qv!V!=Ca4zAzW%{xd;xQIZD*st>OT|N98(Cf1@2L`Iw&T)v=UU8A
zqRW-jE$m&_*n;pr4gP<rq*$e9zRk(Trl6rBGnA{#r+1uLaQFOG+HyAPmXp&+f<J)4
zVd{?~rP1(G4luofrf$`yU$&@F1HDQXe#)4WZCYfAxD}*#rVg?=xG}c4ngv{`tDiC~
z7CwCx{M90GnU@4r{JR-rbR*0EU+O*k4$inG9Rz-ah>9S$+h7+|HYaGS46Qb@jRj-0
z|C)86d!|h*UaMB4Yk`>^u62wG58o=;Iv%vE$-&Qc#ne4etjpugar;ntd9-!E^rOMf
zpqi9DeXYAKLwNHUyjiVSXC%)&d@$m$YYYEBq<kYNEbj>Szvfwcjlp`&jc??M-&3ch
z?r_T`@7^Mt%#@6iCVMebGd#Q4F|BiTH=K|V?pRo-ClTVwB1xUk^Ucjo>HcQab_{z2
z_q)0bc2qm?Ni!lZW4NOg6f`+z93$R)`q_NBGMpm@FSU)zklXg77M=2N2^ai{?&!}4
zJ|3TLfY@zF=Ppb%$Fa9lm^J5>lJ_g5<?Ev}6?;q&?a^v(YgXZ_?SG5{$hL=~O(4hC
ze2}nWdN>O(=1HGGT_b7?#f(Yqehpr2eWa@VYL2>tE74yCtbl`@LeJ{$Tr(4Lr_JF_
zvBHqM-Ke8<h>cfhgL}Bp6QK1ACE$HqVodLiaixXU&HdqfODb2ETcF+>Q9_^h>-H$Y
z?|^2VM9s0gIJs5T+9RJmzQg+4tDK(6XC~M~sSXjfAw+@pgCqAlm?8A23)X*37f6@F
zQKyq)Zx%^UWU|Kf56e55*nj=#wQg1OiKz>hwYc*-t<4*xbl`>+z!|2uS0(W}lI!!>
zX^bCMPelgs+HAi_$Z%_(GBhP#LAWJJzRB>LRb?H@6$u<*y~}&owGBm<v&S9$3}ezp
zmy)X?XLuzR^)_Ddr;dA)^`@%+ZE_ULzHw5ol<k@xd=yzHP)%VpE_dpE@qcL;UHZV+
z9aVJPpi!6Z&E4q8Psz$q&%zYa*KSsmvo<z1`5JzoH@WdQMh78V`05;5E^x*^W^k+4
zoCyUqCwT=)0uwMmpUDqfI`4YUgdr?AbU03jz!ic`B^hV7`5czc8<o!PiozV$Fk_v$
z+RUBEyU7tbO=#jThTObmC4}OpupInfL1ZzJ=*1g7)|OgrV$AUaSA(fn9%1N^H@)Om
ztBo|cD5Y0nzn{|t1t7x(S<R<SleSUTj>?aePg7s>*#vgSCCF08SR5xJwAu0)?hj8E
zRUYsrgaPZG8Xnoo2h|3g@!j6v)GK)YtjQj(qTw{USxMJAwe1T$bW<SYjTWkg{hw{j
zuAont!A>hwVN^xJXMsk!u^F*s09JeLlxHm2`TRD1D9*~VAY2{=KEkOIV8{&myu(Zj
zlK=#M|HKqvDq00_W7vW^=_Y-NGE$yTm!;z1H5j&PGJvv)+{KGB7&dD9Uz~)^Qf%O-
zufTZ@&^SIhDQIucyfvS4a6b9NOd7g3DnZtdZ)nWt4^#c<;<{Qj4cA^jWyFM~2gH;8
zufj4Ni4S`25>iBS;laPZzt<7W`q}V^dCE+IOX7))5-~R$>Sx^eDoD;#q&~BLjTJR`
zvnyNlKZb}HgpwaIna_%AsY;gpQ_r3fxizGsJg~`7oOjrn%@$T=^cmM`j^?(v;|i(X
z{`_0E|6@82lr$Y>BFwf-Tsc>t*jHS%y1BjRo==WZjZRP#vLoB{`oYxb2Dwk02uWTb
zqb(z>w!<Z)1~+~iQc+ZyY91%;o=8WF=cNXU7UOD$Gm{R*z8+_l273?OSaWAR3;+BV
zJot~BM-6y<EZW8>V{k+}GRzeS-89?7HLegQq)U~JycWVeKhP5^mt}B(wdiS0)tN$s
z_qN4Y;|_iqR`;nWkft>RgAZ*zdMsjS2u%pZ;x&Sc0FbS%bn=8Oy?6n7laposA?3dy
zNHQ_R?Q8T+F|uxW9*yruL-w#jC&3+7p(^z0cuij{tTJmTmuh@;423FFFurTq!ga8a
z_HLrIJzUBpU;mbJu)xBiecL1hvaD*)bX8wW^AP#fR{A~ZqXcTTb(^dBU!6=ljEEkn
z{Y1@wmfQfL+kY7F-CCDkOJDWDMRB~&)$MxCVnV5ey*z~Y4lUm`(mYt3i5<H9j`CN&
zqolgOCaaxS#mum0hxxV3DEA8529@c_aqi^DGvuuP#viavtfV4HGr7G)fJHTEPZ~e;
ze_M+&alr(S@Zw4F4(+c5))($EFS+d%lOyW7kd%&f2HptmF+XZ}5*#KInP+}j!3#4j
z<~s{WlZ+Advfcj;tX9&A>nl9s)&T667Qzx7WBQtLKhz$lEyrLf8`(tgcwxwuT}n0I
zUO`kYM*hFI=q=Zvx-H6W7PDgiJbKuU`IZNeLSAmVe5&tNs=S9Q>MvF=jnTz)-)btI
zGIh=uP0c_ZIrZnVMtnqvWN4S~ZZ@~U|By`eVSqPkD4MKs$}6$%i<@c?KJqRVZ*aFc
zYuNJz++ZYiud5*WH)FSo%AB7XG6uDB_+-`*cY>(1GcM;o*fH@|>b$ve<m4mlyxc_T
znFg~{U#sXhSJ3ssdF6FbhBoM0@*maDdg}G{SV4zjE|ofbE8pOCA9{`}TD3`)Hv0!0
zgP`%hEKUpl_~yC=hMf8@<E!T7+wKFTpEqg;($nhsW%}W|4k$1*52q$gwkbGO85IgR
z+Esl0nbl)i1>M5onc{lKZYgQe@JVNzgCG`Ivu3l#V01wj-RiyNcjBmTshm%v8#20J
zv-9=qWw42SZK5XU>(4&Fs9LY!E2}a*Qv?)4z@G}DQm9smdW2V5rcWkRwE=4c910fl
z(LLuX{{DKusqRXn9?GQ2xGh!4NR_g-rlm-dlq&s)BOrHf#G@<7vSD?AD+!1n0%*jV
z46>}qC%^hw@@rFf+S_c1pYE?&Hs;iX>I&BUh3m_$wS1$fI>%?ebl!AQ5s-@BR$Lz1
ztHCO?;Y4xMk+wuZW<*ufD`0`4_}xffiNp(eG~!r~E2*qEJ1bUz8AJECR*hDiHq&7A
z1(GD*OKh<pSAwsjUJ|6WE%#9LexPY<VH|H2A7V*+z(=yk%dU`)<>ot|PmfOrFM1Sn
znbhINXfpnqys&Wa?G<FyAjzi>k5DKaHjBxK0-7kyAtyWtx({9^^5n=BCjjX~o4E)l
z->55eO3#nh2fCPL9eITnAe7GWUVVDmRNKHCz6swcAfuXk!<eB51K?0(0+lj?1$yZ<
zPrakoAYXK@C?3cw#6!YoC@Bl%r3S5brP+%7Qw7;ze5H6o_wx&aG^?@AFmAY6)18It
z(mfD1Yv6qb&dZ>cwfKB3A%wvdsHGn?5cpgos-^Q$lbB4%yuKgSy%&BykSj;?D{jxX
zB~fj(WP!?P<`)-#$$j7x3IB7JaMt1ygV?ut;<OQ|<R!C40aleZKF6nyb@D|{zY!Eg
zX{~VWAw9Zu9M!pyaOzgYNYuq6kLw>P0|R`JOl`$%*tnZmC`C*vR(z?kk)1DNYKpbD
z_@liV4N1q+*fh?K`*5Cu^Au|Z-NDb1ppazu8iK9U=!|z;u&Dyw0lt`+_l=INm0#{3
zukO!s75IsV?mB%oAIxxOs?)Pf&R;?El$KUjeFjWi5Gwz1)h3YfK;}y7{N2li_I(rg
z#YbI(wQwWr5o^4nZb8jZ0>)8SS}3p<Mdr~-Lso}o2?1WpHMR8!WhAg9*Ei#UivJ>=
z)kyb9c&U8cz;`j@hq5uJn=Nl?GScImuC-ZsCPy`x=z0wIJh|KG0o+gR{4ME;zSG~s
ziFxO_#B2+0Jqk>dUb(`rf3OQ2N7Jp(6mZTUIhauz(kQZ5Xp%PGEh_AOoLCGgr5<c?
zFRxhOn1!-oI2-dy`F`=OX>W`$g4)7-9Cr`#-peZ$WgQtGLrbKd9!vfQ5WyTuApFZ4
zbjyPG?bA{%CP_2m%y_!2Ga8k{Y3G(Tf{gs?lVY%RimXw;$3K1@GdO4LN{DY1etSbF
zNDakH(|iios9&L<rnK8$JDiTTujwWP$q~xJR*m_RETX<DNp*iByw%%i76R7+x3u{n
zGX1j2V%zu4`f|n(?Z%4A+Rty+v|Rr*$pp|}<DKgC<oA4uWULr1srcBH53#S;CFShg
z;OzcyvjMV-;(8#fPwmJkx&S%VyR<oq`*XIak*$c0!+1XPN$a>n5eK)fx$&0I27hwu
zRVwb|`97*Mw$8HJ2b(##tg*32W&NDrN~<F%a<te^?G7I4Ui<7!1kU!8X}ZA0;z>#d
zCpop(*RHR05pkQ*9*miS{YyiRaU&I5dQi|;AYvIGrSd-#0m8TRAk>zuahY7%pnO|q
zP+e_CMv@Q?Smm{^cdjxUsx9m6+<3N+Eu{J{?BxC`1d1_4Y#NERYz#k3cbphOl43`Q
zL@P3@;U3BFiHs>$R95D6jIG)Hueba!8;LvQA>|7tj|l+p$cDz*kr=>2H&%^arS0|0
z=J!s0dGTs%r~;|FPEj@&90__WQtqCV{UAa!yb1dQ8&Ar2ii20u|9Fj5w)7SlGNP>R
zC`;{HWQi?bnAN=TgH}PmU-yhgCMQd}x^%nas6pt%{tJ1W%iC)^%m-Ula*v*GR!^+j
zUTrs;KmS`<c)_zC_vXwiquisFtG}!7!JDH5v_9G5Oi6>EAh<Fp-b0<9*bT3E8e0nG
z4%(M&I5X|g<;5>nE{DHhDJdyN<yD~ZSiK;!j4F4fC~8+eum6Vmu-^OjL4Ha6iB>rz
zI3$4e{gEB`d_#QGE*Q3T8(#3ZnP-(*Z~zDG-mY%nu(wKhy`6P=3q{=Wop+H4VjdL~
zb1ODjvxSjTCKy}%9-Zcve|OI^2iWN1ud_a1UpzvIz-qYEHASrYPC-u}lbMNg)bmrU
z0h`wz*X^9+_4aDTHr7A`O|<u;^X7bd7hTJcP^)?Jqi-*UuXyVr=nfPna;jCGu4Sa&
z6-NO4e_XwVTNLi|1!@4&-6`GOxe5r<0@BUW4NIrejdX*wNUn5u$AWZAF1d8qUHyE2
z_dd`42R7cAcjlZkXYLO8v2Lbz!(cZxyCNPx=8z=BH}fo|n|hMxG(y9f_&W}AWYLEO
z3l;f0?x!e>vK{__tUT*)Ar!d*4OcIpakRz&RUFBIdvL4}e({tRxV7V+U+-XaC{@i>
zP2vlY`1$b8lYn;x2Y!Sd8wtg1%~a12PUOPV%D#&ks1G63xN`19m%9!)4(a*4BKBF}
zrvjHSES-!W{rz6Q{^6jOeyoyLO8X0S9STQU)5A#aEWthC(~jd)#`8^Fz-G3`>h_ds
zfev<46k$brLr6-7oup<($x?r6wUg_mnm}&l#>j=oth3c7i-q@CzlS-wpzR`d?aYet
z%$a$)K7sP?nKACvIrvl~?c+*oMj>wz@~9t0;jwlPo9qHwP{B}zRp(Qd*u7vds5zgY
zWsjK%)86>0T=)j5lBVVdQWOOiJOwXo{s5^$Bs$9_qdKuvt$T3Z3NqQq8-V6Yd-;0@
zHx~DwY?pe8n_Bt7oQ%k>;LEA>oP62T{v5UY<^g(V^JH?#&Ybr8ZxV^9zPHzzb-`S}
z84$v}k7Y&m$T}VKj8X#HSjZ)lG}mLm@^Nq~IK|dtQ8BKY_ncy)uphtXs6#6O9!#AE
zNm>^JM3DU)UK^p=qbv&J%@p;`NYRgHWQKEazY%>U{zzl*B3y-M>z?#u4M$a*015l@
z_NV=nv?V&uD?RfB)?7i0$3GWC^PczEK&={M(zY7L6UTsuRK+{fmnfOD+#bJ~o=$TC
z+g9%Ej%atQ45*PK+?et3=`HU;5eo)^j7V1%mnQkwHV*h}W-8M(4D9G7E5@6%3rcK}
zi=#8Pb3-i&N^(lH?uMf)quCD-z@uQqUdWg1<>|WUGu?iE*#%iacHnaK3)r=8*q|fa
z8cg|fz0<)UQh&@PJ!?lW+K_W}#=43|37kBlA)!fAK)so3Bz+RvkO&}F9ieL4!0I{n
z32qb^Es+hk?daH-=pb{?UDGS-KMtG2%sj^Gp5Y5PnQ_Cgo;wyjZ*$EQ@2(l!uX(mM
z!+0iSL_Amcw*gb$_qZv3&yhzHxu&QO{G@BQ!jv)yI3RC<sMsfAFye7_%Y{@o$Mfp}
zj^kd3`txG$Lds8w*3X#!PE7pD@288WPwIZCXx&%By=AM5y$Vj1D6mJ3>ni8M`gMwT
z(zi5i#1N*i9}f-T(-CAxxahr`U?IknEx*G=+OY_a{6ukp+G0~F9s%7O6U3DUE&Y8I
z3b(ld0l8A?8rtaMX5`wC!}MI<6<Y>dkF4)K#_!h*N7`d>JjX6JqHdqahnqvXP-j;e
z4~-h4hc*Xz1dZuGT#I-S)Up#C8j=MbOFBXo4dtY;LSx^MD=rSf*vU?F0AVvrSfJBs
z|CF22o&i8ci&ERJF6^7P5Jg2cHLi!%9-GA&rp4Y_->BY}%2^Rld8p<r$75E3AldZi
z3PJL~BPnYT)n98vcRtANwRP(3Ag?#+@B(pjFk-BLwD4V?LDkz`M|P8@YZ@Bb)SAa$
z{?5+4dEvvs%3e7m0z=-Ng!AuIMI8}AWIgEsNZb#l2!wktP<`{)L{U?erOc|7xvZWr
zBZN<9y}habO345>XX<BMpEv+&)hTv0KwIOSXPwzWlBoxFdJ2<CaJ)*;D%w6NB79=3
zOj*MMm3TlO4F>8w+$Bubwh32_SkKz^vpbH%0Wsd4aT^CWVOFZEWpz5e6P5%CesKXY
zO$SWss5`uWDT6@kHwR5lcK1)%OF4id$1BMBjgf!OaL_3NEFdfy-f3B!2{82;Y6;f&
z3_BAoa%>-xp@r9fd`bNS(XNN=UKf4zrlXK|(2VRUhC(1ehHhv^W+W`#^%f})!Zr}w
z8O+U$>gWD4v=DpXvF{=TeNe~9odQx+g6fymz?x0eyhUz@I!^{#u1U@KgB^W&M_rQ&
z8J_K@FJSW4K*CeoQ$clxP+q0-Z}v||n@qH|<JVQ1SdXeL<)nXA-jW;aicuh5fusT&
zb4dC9s#Cu~j$@1?x!H0qBj$vjpn!l;=oBOORZ#9pBAA!iRzS_2E#X>L$)X2l=HAP`
zz4Cm=y~L@NSkE2&d>7||vf%QKy)1}W+?GTTCSeL4Ch_I5rzFF}Ma}?ZU&|n>%>Z|{
zxtyK)%wFYtd{XtwTu}w3H=OcSU@4@Zug2-r!;l4Cl-K#MfW=6C-}JOQ@4gHL9}4#c
z`83_I>q(WwaGGp?JTa3|N*gL=oojTp;M^Qg+&GC5(Iq3B)H{R&KVZhdA+*_v{28$M
ztdFmlGwGB6c^aQHOBgCCm$=_xq_AQ6s!P@e*+Th6?$}ucl#5m7s@!lil(z`qXud0D
znj9fp3BxKzvr`gw8WWuh4!kpbJ)p&DdiL<Kk|5<<J8Oa}Rh#VMkwEoAwa#7XsOb2w
z5cN}3^pdG)ct#>7%Y}9WO|yA=Tdq5}UVVBGdA<l=)6p3d_0hHB|2k$SS;kAfYv((B
zuR8PK{gJ<;{(+;T`H-WdK0jkk+bb@4&h;JO3FZ2Bj3Ab;@}6eJG3@8|Q$5_d@NMqR
zgRuvzW@hr(5=?aJ=}D{MmUS~uQ{$YI+v9(51_)aK&0r4elQTT_|Ef~+5=pOjdzmFt
z6Wi4CoDsepz<4?<+Pm@~IGc5zU!pLQ31@YrlH<}eS~2Er)!zg&)1v`(%N0%%z!>dR
zslnWWBkZA%Gk4V8MKLPH0PaEYo;joC=%_pz25Bx)ETH^!XM*~X@o9ATw5chVymPaH
zYtXI&yr3fGE7<+7;7@=T{4Z(?uKlj;NQe`p^dSlS<tOQhZQ0v;1p2%Q@6#@ga7TAN
zFY;F>&^?6ff6+mCNn8^9pw}{7h^A~&{(84VjGkU&odL5#{to~E&C?dYE~Q4iH&X;f
zgdWOOCgdLApNav6IoTgG^aotv@IvpwrW(X=l($X`MWQCDI(jVCcfj69x(`H(n~YTc
zJJ`PmD38IE^VOk63aP*7%m^42mc-1eVeZsK<GJ+K0~Qa2iqP{xpjau38LS(5|L#R}
zxz6E8O4KE?Lv|FclMm^&tqTfz#I~FY-l+*I`Su$;aso)UCWdUvD4op+eU7u~C2nhv
z3XSJoW71d|Ay+^3m)q;+mw4M=b3gp2BPZu&*CRZOz1Rzco?r0-oIW}zz9JKJpmv4f
zTU10-`x)_}5tbJ;)ugh@nra7d!Dnhkey?f^HL&$1;b;FAwIQ6V$>p;{uAD617txkk
z{XLzW!@Ap|#-xGt2YXxhx&gN$32)qihb}w>CUBzdR3U7iW7)z^TBtq9X|yhtx~aoF
z(gL2C1M^2&R*k%Zq!24y-EGnv+A=ymTD>ihQSqvYubI=ki8~QxYnn#eO{;n02q3us
zwsj@}ea!lW+5bW7d}QP&vD^3b!#7C7nRjv>XTi>*WJ4Ym!&YA9z`i_Pe{1U*L5Jt#
zs@5JrWvLUg#eej0q47^K7&mVGf=ss?Mj|HPnGp{Cp{SOuoCXp#qYO^+HD)Fn!1OX%
zML53Y%^@w+^UYLWbb~yXo3(~mPXf+{Zt>5746@@Cr8xR(nl?SIf@&*g)v$4|j##M4
z*yoVn^QIJyDHZY+d8-JQdzDoc5J)Z#UCJP4E8ZS{BOU(d!<iviQ3YIFSK|^kZN6X4
zgHZH7d9CnOT>IXL{ZoQ*F>pxb^IF~XD{XED<aI?^oTKL)lw#tMe5&!WEalIi@tH*>
zy`X?+oT^=E_wo$Ln*v6hrpp&^a0O4-1D>$BtqJ&6s{Xjzp!#^wW7kelCjipB^MWFL
zuNLk{waL5U@%9SIB?kL1GY3oe&0g^G7u{~@kFTF4vrdamo}y=h({KI=BghOSy0xVx
z-WQzW2I{1%81HK4?7plm$2>FX33-Ezs!~DAbeeA5KjFaVBKpjd%4xLYV))WPMEuQb
zOWZo{Fw4R|jy^$_n6L&;F8h9c0hok*913G(WrS@J0r4kpiT2pFQA9Inw)s`qrm*J~
zO?tXcmS}eWI-a$32%E{(p)i~7?$|U+?&;(%_;9#cVQv%GVmuwP&wg)pR6|pJnZ)fg
ztFJ79r>I9%76|?3U6a8p>*2hvT+$Nf{wBt9pve@T=593wHZ>=#8LAFBa!`e@={gTk
zzz!;%49HxL=TbCz_KjZ?&I!!3ANggCv=3bTuzir)l47Yty{j~=#BTuplJa+dy}qFG
zl3ha2R?g43f3bufs!7%+Lv}fHq_}t;%!pKN<GNga^x>20q|Ewj_CQ7~UF{UtFe7xz
zN&~4J%UwTy@&v!k0JvI+_+N!otl^5|ng4Y@OF&}TISi2Q7q8(AweHyZFm+_*u(tC4
z!!43c<j&NRdusd_hmfjfu`B0CJ^D1t?iuwz;Gx)glsW)?e0$@!uM5LTES+`I{G|wj
z#Voaz_dO7729t9uspb}m$(*mvVWuQ^n8lU`cP_P+4=J_Sa|vtG7jm&5mGdEW(^^Kt
zwZ3}hzib6GMrU`7oyK-hoonH)aF=a{e&g-S?hUR7zcTYq?-|qnM!g?75*Y!vsR273
z&qv2MOC3){rq|hT9aj0CF0<thCA>3k2v#3<0sg&rQz3^2WW6e@nZvU|dxzm!kdCK&
zD`ms>uDiYh;`>`M0S1O&7Nr2gn%7NBKscEvUST{8oze!;#r=#VV>9APj(Dk8%GMtF
ze1<@J|Dsm<j{WVG9eZFPUfJoAcUFdv)(MKCQb~7ewTtm7LfFk1^kK#nm7|CU*iGzi
zX#kw*hNS&siAeaR=Ab`P&{$47Hl^zexKGj$RcB^rH9q*6K8mcA-%=3zN7zsrCejlW
z<}pvuo;DaGyXU?5!B!8=zM>*)jcC0wAgg3i`ASA{yQb4Ka(H;C!#}$_vtds?nmjUV
zs4zqof3<z2Dd^z#=FvmQt>No*-FwCCn&87gJ$?C=@tcULK_+`iI7ZRVmexU@1X=sA
zw$qTJaY8oYaDEW9A!x`fog?pWDTkw8pPb;;f)^zB-gxdB1gl4?An?v;5lWwmUPTIx
z<=ChKAhv|^%jQhHN#j$IgZN15bzp!}bI$JD<_XZkFbU2;tAg6OE}7NAnXL_Nl+|GN
z%J5uW*Qm9dyCZk#V>SW7gP&^?{^-kpX<^fy>1$h#I`D%X8DQ~KztLD@XVb;z^3o$2
zapi;2$%)E(*YT9rO^a*&%xN)P2U9A!2@P4X@QFg;MUFzjl5<tim7nOmkBX2Z=D`g^
zF21?jMwkkw_Wt1%A<!xShdMEE6qQ`r{7@>f^V5@pn|k;P?fZo^B*H>dS^iLVTe*!{
zSeR5OYED_boP0V?H;x3CpJuNgMo~SlteqS`Kdm8z+5b@mkzFE|pcpoOxsCGGX>~z-
z|GwQ$LOr&!C=$cu>u9!UuGe{+PRl*H2rKcTBOcxc1f7%9V(b*^IZlCpKO)d8Z+OQ+
z$bLra`2iUv6HmLzlbi8ZRkghb=@HTk@iz?)TXxp0f%^}ecFG-+>QW?29^{2{@VYy`
zjWZ*8L=(5!1*IMBao+2JG$U5Fw@N>FZKH?{1CwE5EpBG%>bHH+>{(Pf`dQc9T$niy
zc=>?ut*2V@$ncARSFc}d;}WW9)P!~|x48!<HfhYWtH>E{#z8iWEf?O$UX*RrPuL-R
zP#>wB$0ocLsr(R%heOg=7uKfjlPQEv6j+tpQD6v27+>i&m4ct0P*jUQ7*7npsZ$kL
zZ}?>&_G^$ipmWpMbK-!o2qQz^%peUB*qWoct{G*=Ve(kchT*%sW_6X^K4sgM(2*kc
z&*I+lD?tpnRi%MV0(CEWC#v@7?={hqFU7@Lmt<5mu-v1P8x71KawW`f$bXou_sdHx
zJtI_u-OefeS-vaU-%r#x13E-l$P*04*JS1Xr-X_cP>C6pIQtT_U_UDM@TJ4hIs4l8
zS5szFN=D%`k?r2I%P{@SbJWhk@kALvyv!srRJR<c@2BzfL6`!`Kr~Z!6Ix@xl8EXv
zaeP%QBe6i5^a~(<kFMsSqv2G5&)A&$tKF~*T`d)yLHy3nCh6_!n(xyo)8ZB`63~Nv
zVa9wK9Y<ykS04vvdv%;=jM|$<2x+qHvV#u;6ZSfz!@$6RPY6a3xUY5}K8LF!eEkli
z5#S;)t~k2@ijWSq0D1U>@V!}sV6-FF33)a_&EMRax#KX>NJmY;_s4Zu;eAM_p7hSu
zTPvS@;M%3KLqqy|?q8?FK+;RpxP83^r;V4%?A|OO+lY3y-v`?D6_I)?0<QK)cJeJM
zr?ePu9=X^a<q`g5d;-_M1UrbxK4n~fJH02vnb!2+_K+n2;GHDfU!h-%&w<!DHU)ze
zZkGnt!p!8m5dPiIbgjpvn<<U0)pFV;9M(kn@Ok&_d*%Xbp}UUn`_G|a0fB0_9iH0w
zfvde_15RdD1NW(pa|{6LG}0E;pEdfTP5lLpYvAa<<@s1Oqd$hGKb7!Xz!I`2_?Hxl
zfAMfiaTckRo}bsEd@wla;N@RuT>K-@rrhC4zN?USpstr6ML||j-X62r5>kvVeE*xh
zDTi;0@$81d1n&}qP{zK=XHL(+{WUs)BIF_;u-RK<X&j)i)-#%Q9Rhlt^LT%)ZeS2I
zX$7x3KGM-Da6PlMMjILUMj4^rk%AkiDLQs<p0HAgoZfcCjIa9J$>6oEh$!c@^*C}g
z_jhkz)?Qoyr!#jQtTv+>ad*fa*PRta@wy#&ycOu{D3G9!<5wkitDr=q%O+(-P1>WC
zSYN-#=@qZulDv?I$3+$gK^yD6*>6te3C{x!Teb~)$i<CUWD4@Pnc;B7PS9TtjZ!`T
zPrpOSwKY*4l<;@T?XyYSy?WYD|0vi4Ag^+tr%i;`krb|{8aL`5qepbiHnx#!>n&jo
zT$T-HG9SN(O)$_G#Q9%Q0$Gt%x<K}xn=GuQSx}Q9cgREOI$2cF!2Tp9uplC@(NdIR
zJw)gERaZI1qCdZ6sKd!7t~GW1aJ3q%0K@*N{>Fi!=0Qy90B8uTz_qd$*4i_)6hb_e
zk5viDR(|*Hg<ieg`p#IURh_OIgUY|vl;jFv{v#4VsN2nnw7La-)$a9BZiEBiXUzm$
zwhxAlRGrO%e%<T|&)w)eXFg1~vObJ2v#sj6qyz3YaG!HkZ~%hOJOJKDT)=_eD8$of
zlgPqoOE!x0TolA{rjCYsv+zQ;U068wnDbQm5551$0S{nXYZP+3{KpaiI3CO#g0L}p
zvfDo=f6v5RXooBH{vphq{Wby<r#DFaf(>fwF43W~Zp6`qhqT6f+D7`p=c!J%N(6xo
zM-+-aDx&fV_n&ULt;y#y!PZJY(yFa5IXULcx+}TF?i`Z(k;-H53`r6xTZV=eHf=h7
z7rZ~a#0Kg{AN>+mKfS!9XJ81;$|8pXDkJkxcHpNAcc^XF-+$<tG@$v60dQ<Yw{?=d
zY3Yk5-tD#0k(PVKy7PR=>^l4h5`Nt02fd^jxTNu4q%YW5gb1}0&IQO|T()mE!zUy3
zPqsfpu1Dq^QC|{V8@0Dp-dIBfqMQcZaRNv*x3EVu|EB=BoneBP*Tky3-LGaS%rY}q
zdAct8%PqC(aJh^7<}0&#NvNo(XlQAN1_%EPB{Gf&Wd4;n@bDm<6TPlHWu%s@Cg<7J
z8&ql8DDg#Irf$DRzFeH}kveZX0X2$*76zoibXFh`!9q+AUpEO^{4=ztkO%W0|75JI
zrd>%^uPsCaP#UcHTiJhP&IcP$^0L9f^eI!jhSBukh6cgBygYJ%f0k?<WhvR?U#i0l
z0mXtEu$c&XZrCl`d?q*zynkN0M|!Se?Y*v|lo}y2ZyF(7>+tr15x0-sKD0VY1mNht
z{kyBt4O(3E8D5Fm9l=W-mb@bWeGkB`w>tz)2W*Nc8%w^v-V>HKX7TSI(jZJxYj{2M
z4ZrfAg^D~wx(^=KDsKXix~YvR^9(%#R!_p;dxbPcsKgy?oSUCDnOc!Zoi|A-T?YyT
zG}+tySQFhyeQ*@Iqsi@vfm2HV6rjRE%<<9FB#P8&uxzvAwT|Nl*{d<yzXc>_MMyv-
z+d5XN0Te5B=e+C*bLdQclgJ<!c5FlrbL}_`2r^QW(hp!iRp2DCxzlnyuM%3kJ9s&F
zdyXwjg|Nlr;~4YbqAGVK?REz)9~;ZltwB7vN~(>!UJ-H{j^>E_^s3U+N^|`s-c1{%
zWV{$V>V$HQ&LJS*oinnRO%LARWgDxSj=g-_B^%G%ymjkfRp{{!Hv%m^ybwo`jfOy%
zTk{UFCpR|~HwvV7%)it({EvCWKVp6xG%yP>MnXgc+s<+P9YNEL@Q=qr#BxI@7Bho=
zCEcNXFbVa%8sx>OwPtH|`1>fpvGtswQpe7;l#fP|<)m_@X=MBl*x-iGCc~Uv#cyvj
zpvL~smj8Y(&EFW;kBqGtvA!z-<y<e0BB9+SPGGBz6|l})51IW>j<OyWO5dk<(ZfnP
zLc?utE;KM2(v%xO^mirx3UU8;v;XRE;2&{U0ggtlrRQk6=>N1Z%6llzzbmCNbU0$a
z6BbOb)XGS95jpVdBm5EGG@oltcl0Ovk0SgZ`ZMLQx49k^R(nbMf{Y>tZU|EJeqw1+
zdL;-+cahZVq!3M%Q)X>yxIosPDVohrd<7nN>--Jp?FCl(cJSS%^8P0V!8_Z_3=gCP
znj+sVBjuPlj=m=%4+I-xrExKQ$b)cne#7TEY)ZfCe|0C>Hcj&T4-<M{<yoyp?7{op
z1W<KBK7L6)8b)46BMF>Nb@Qb<%rLmbkj&MA$(Lyzj1S_tm0e41a?i|}D8{;s^&^@5
zICN+KI#$5RfdlkM5}C8B5TK?gvnKB1<8K)upjk~#;5|IkvGvDY>}5L?>zQ%9#Xvr!
z*xoH@TdC=T)A6v{eO`tFzuDqOx>1Va_vR(d$JV}5T%Q|w)v$p&o1#4n^+o49v0p&{
z@1FfT^eYCfGBNa~KA42IWFrF)MC$o!pURPNdx*HKyJUVRZXz!wk7+prJ(y~CWC~2S
z@(f@F4j1Q*v4T;d{?vBua`T=Nge70RfwKpDL@tSH{8rZX`)`G3fS)YIR=O?7Xi{}5
z@2M{=EhnJzYpH9P+T8S|8>O5uBy|GahGop@q6mfVw9F8R@g<Fh)f(6z?K}02l_PBX
zxe_{*_|HX?TO0}%qW{o1R!5$C>cEBA)oYzabo3$WN_R68xEp9im2PZg*;+!`JL~U|
zTSZmkUp2cPa%BPq<Mj2^FiSo&h61+;unroZMdKYm2@v*fjYLl|8lhL4@TfGGH~sb;
zy1BV2WoAZ4LP8?ub=G_9I2E;f>^)lXOSk-mfaoiw1F7L-vF`qpTK?sN8w(QgM?xgv
zth-A`yAJ;L*AHt7_8J&SWUuFAKCiHB4^8=B>fH+_+w;14{M_Z|{W2zb1UKGkzEh<-
zok3h3KPcE#CGpw7Yt+9AZ~mF7Khz}Y;J_g)ynwH{JTN>$?Jq;15x3{FxOI1nu|3qr
zlJUkZROvpvO|-$~u-gsY{qIfrp9-x*>2865D<@=q$=acDoDp#Au}abqxwG>oc<eqn
zyk~AuMZxTRy(|ezPHWNQou9%^_m(cl$3Uk1&K<KibiKh7rKUvDxZaVi?J+xRnPdbW
zX0_|~xMEfe$Q715+Y^)17Ud%hYC_9A`1#-yf7`qS>-ZZMD9DCQjRIy5#pI$^hYw@|
zj0cdtu%_rOx=QCeT$+BYG8ZgX;g2%G-A#i~fLV=HaXi{iZ}vUV(!NP%*RXL$vuh&E
zE_<fFX#QlA^{QB@?A1l3OTs6yUeA2djy916ot)C1eTN3+EjN=PWYydv&132``F57F
z(7X4%5eq-RMg9uCO2vljw}mGhVI=EYE;%Ohv6883UskrfbKYO?4yiAt>xA+14i^Bv
zllaw&_=w?h8GJ^(`MtcS+;#E)d(UaSDR;hAL*L5iy;*8F>Ox(HEPU7veH5b-t!t7!
z&E-ur&x^V>g^^OW(Dx4x*;9|MIAJ2H)Lwdg)UW%>fmE<LF-|<3A=>CgpPjW7cf&BR
zq_WT;7I=?@^r<#$r9Cuom@)$fb)jiVOO;)psI*@`;67<)8eZ=C6&@pI=fFVyJJU;{
zTf4(w+*VT-e15W>N;tZoWl+9c9aldfIRDFsQzq1ffhMc`&0{0Cdwfc5#zK_VRMA`b
zgY<vd!I8^>G=2eL#m01=P_c5>c%ii+Ilw3I_SjES*^Q#)ip|{6PJ}2<=CpvjX1<>N
z>mE?zEzcuE$ey0p^W&b~Qcdo6Yv3uS{=g(fyzgB)(Ne<IFRL?41V=@S=jOMBH+|~f
z)bUtP=L5a4mhlK=$A<!UXK!`n&3>hgkHh|ww6ji6<LZWj#oY({(b}Uw;SDs8oXlxE
zso09nMv0%{a~agYy?o3#ZQ)ze)cTaXKd$bgzb^D0A|VxgCYs1i_-LdbE*i6#lV`8K
zlpTJyU9V}=J12z*F6n$^dmSjuRrW*4b9RUBPJhJpGC3m^S23u?ery+t&USjFpxmdw
zb~GuW<XZk?fI!mB;P*lr|H<g2>V@T&$&4-ub2yl7vEJ*Bjv<-~@<T<U%h8$`QP44e
z#s<7}#HW#Z_Wc7I)ATBH(QPS8l0W5Vt;xl+U{Qh@{2dC*E28rzebtepEI)+MKBw)o
z598(rC3=qABm#cCdRpT<TNM_aou`kd_~Nr~J<|e$t&jb~uTyHI5YL_I^|~d8nlpO#
zrl5^W6KL8^9`}{!fYjMAPFf!7h~{zs<$3h!<>u~E^^!r>rm(=6(4X=)RLk_&k`irx
z7W=Gd!s-4Qwgi{jY$8`-h@iWDHy-8e;w^tPW9VehJ)d|f^wWlJN^oVtue>+q-l!lR
zIe<^R_uOIehb3jhSsmq^mflSVar;a9o3Wgp*o!DWLGk?jV%2Qx<Ky+GY+2%%mF0kW
zX`LYqn80<um)clU;+}q!YQ(}gXb2FH){`#yQv5&@!TIt%S<s&E#h0I=$!5Yi!Y$RP
zuUX<?grNNklFBu<lJ>mh$gDOtqlQ!od$R3@101n-pQ!~cEk{it!g!^@czgMQS+<0n
z!@_I)??+wcgq%hSCEX4Gx)}be<}IK>tctgPq$KWK*(QB>7H}y#EvW(qOL7N(|D1HO
z@u*hk;>8N#1wLAL_J&q3u&w&%B>DuV6T2b3-&y?hu!HoAZ#on4R2bQT3S%>>6FU-w
z#q0Bgu8DNV<=l<X`k3;E--j@h_rQu(yywtbU1tjl*(d^k=DRp;29w2D`OR#9m*3nJ
z1Ozd!rt+PVH&2S1vk;b@xdbx9u=>PBOCvS%g-}0WP}|)VelBN#nAh(AUfAJepK(L6
zF~tpy?j=Gi*1HI;*LV~eJWuaSSSCU)W>{RYNPX+mO0}m`#d1gq5uXsi*cml*&0Bpv
z;)!=&tyR*zra-Zq>sexT1@KX+D?pNRX&vC`xclV}_sc<#s;?bO?}alGtWP(P=g2sK
zZ!XpIy~@1L4ielt_kC9vm*mE{NsS=)L88h+rWcuktuVC$O=C)?%*n9!c-BJCMTEMr
zYiZJOtDo=5q~`|Sb&Yosr>)vq^><Ud3Wi==7FMkfc)#pO?tfPr*9PSk1<%BrWGSvF
zgnL#Isze`M>+m1>1<pFq3Uh}df}k#Cd9m{ZUF0pUu_v9k2$hj}wT3;sk#UUc9cC0I
zJhAKI1F696OLEk6;6<Uew1ZfG-39yTHHPW&`eXS?ru<@ECLNMux1cY@P>TS!#}%qg
zPHlXv19u4rK{c&A^Z8?{b5U(5nokehJ!QCSh5P2N_tV<%&T%Wpl=7AFuPc*mhRsQ>
z`B9^pBI&y;1I)q=F`Y#|T(4Dfm+4sS7?0Qm(<IzbB^0EDoniRzpSli(U4rXIb`m{d
z48vT3UMF@q-x&p5Dao!yb7%!qM}(U`3%VyZ@JEyILP1<!fcG_o)yHSF847CY2W{a7
zVVJ*`ZTVO|a`SKGd000wCqB8Qe5p1NYxcwK2$3Kc_R5+_e_v?!8RVP@Fk-vd{N#cg
z)#}@*w(`Mp#r&ZIt?RFt?tk4mwKk*?ndg|#XX7R09LF1XmB{`VaRIUuS5w+YsEi)$
zCJu@sP^?Ottv~d0oF75j^#?RWS0U$5qx^gVf{C>*FC`>cwHt=xoY4d)r)P(|G;(=+
z94QPkWC&FrzEC|j5bZ(7f9>`>?_{f3s!dKoDn=}YGu*%G!M!$i+f=0;N1#jZjzua9
z1D-Kg-@@p>FK#8|UAu_WkH0nJ1^4nEkDwMGv@`H!|C3ANDM;h+O+lSMM+z3_yu=~&
zded7mTqj+>V~bi0MK7#in{+dJrtflX3$ihN0hap|_-$j|!WXD2mf93q-y}dJPf90F
z8XaM{FPh0N%ux!n_~MQpaZ1dx1m0oDQ{d=SQfcyOI?9xZHkrJ7Ok_A&?|5K;7Pk>u
zUted-JS9Q7uWA;&@zPBVGCCoJt+aJsFayISJQFsu9?O^0l-1pk6uKMo>%>ehe_~v`
z<kxcFAi{}5v|^PQ2s{xNtNYVCVb~MNOcnnvMZta>BV{~$9NfKhXs|u<b@^Vb(KGr>
zUFj~Ly;-)%$KS9O@)qBy*gH|_JC1ebRD$<5^J=D;MrP_axRo>fpzZ0G%G+ApX%^hJ
z9z2O7smeHfD^W+n8iz5cG``0eb{C1*yJLU3PmxTRy4x|OUJ3`pG5DpOy&V?HmiL|%
zW);fYvLD%tzt9fFy^`Buy1oO7Z=X6zT*gbdZ2J*#G3jdFI*DV5yx{e4NIsp;x4hry
zPjbt!;#`#bWSqc~#$F`-;V8e3J5^Xh;l~^kK9zPq(RqsVlRV~|Sx(@^LyRlQ5hwm=
zV|B>rm4T$0bg=q-oKeO4@GP=G4x7}sO#JR<3NLa!qS0n`4P@9hh51Z95MKgsv<0e7
zn*0%XiTH|W9H=sEJ)S+Z<zE&W?KU#+RYciUiV-C@^s}IBJrb@>{C{h(H5~WXCGJ&!
zvg6ts3xX<t)B4^#F(q(nyhhz?NyYv4?fp(3vLu$i>ti5aSl|8Go}d13w_HIQpFLp>
zLu|Lto&e?QkmX+Oq~hZSnnY&xH&BSuml$3!$P;?*#>dA8rnTZr48+VcE;#IdX%S7T
z@W&Lu;LX0XpRL@EF<LQZwWBQA;v`ZpLE#wdKF3x>yOF>>H=D;dYoh2?e{aL4IrZf&
z>M4(=Adp?1{%9K!uRNW)(t`@^Q|(F`ufeN>1Uit*H-(3biTHvPs*K1n@hQ@%CNM=&
zduN-XMkbTH>!WVqUO2X5%nH*CWc+1}?5Q^4=y!KIlRc-xim~_CY!%(u<s_AsqfGCu
zOY<RfGvl=^9y*J?==c?snVapaZPGfMFe54R*Y&X?cbl#H@Nv>BekG8KuHrf43Pq2$
z+=b3e>1YGE&|EBA{OcrD>}Em0qmRs(_B;J$5gMXspvSP%^?j-U5X&b&6}!4K3@9vI
z9v4A3Z;4Y%ud?@39_V}{z!y3o9adSg#+>G(4R+uRoXxL6kfxio?TP^3Vk+z)ewvI(
z+$@vQsrLtr0H{W~JB<m))B5j$t@FtVQbREcW`>RL9Qvf1saB|Yj1gzrgygWWsP{V&
z!;FzYM<#fwQ&%qgcLqqi(D|GhX@_N{t0D#Idk$krT?<_WhC7^*o2c$OMfa%`EIac3
zG#t~Nd5D6xX-H*kW9swq1)}*Sxgps{O;xgM1)h)cBSjtO5-;%pmMY$ashpM|&u2;=
z<)V!?GhTL?7ifq?HC8a6;n^Qn!=mi2LI}K03x<d9WM_mmrD5MIsN?8IfO~H$kBx@J
z)?&<z+7)N_fQMoUA+vU`Tl|Q-4rv*r2T#<IK-PXj)<sIlE>~=pJ>z7BB00iWiu{55
zty1O7{#o6uZwvyxQvQTjSY5OwB_}!UNg^GjjF}%j0WrB_=nhOcjj8>lUJP(bqy)kh
zuK(Bb($Z(Q54EnsB>OUUXq8Er*caMqwp#!(?l!~Ewdjm(SBV-oem^m{q$CC8%`n6e
z$$t6u{nAKcKSOgardVoUA=EneWy?w|*eGgNC#5sAz9gu)nDN5q{<a?b(ng?CQ!u~D
zDMK)l#$xz$(|NcML`Ou=t$E<F-An@;BZeW)10zh9objy48<(dV!;mzSt6H>-o_5#|
zvt)x%m%mnSXtyA@4Q=7>!GkNvh%HTb&Y9T;p-FHQY!=*@f=GMvV~M?(LNh1oce#8)
z3l?xv98a-4Z7RS0bBbW-KJ06OZs5wbzNAhVo_e-r6UScNzE?pwn03*`|4=si)>MG%
z;n9fKI|a+<>hSG&0IE-{me4?RWOjEA%EMBJQju~AHM0v2RV-Tm3{pjrtahy(t%y2a
zS55mLPZRbcB99HKCcO6wPjWk)Dy|UYMfSErN4?Pvx1}K=Fy673;qs4zVwJMIf`Xug
z&4^JnrTiMm;lgUYO-k%7R*IcG!@;ya;dpl6%)ZSmn}PKBql`n=qKxqk!%tE4%1Ayt
zL;l2S`>>%F*MuhZ0bKt-_y<~dpvGP9!0w*1v;(r<CIw5K?Q>yS-YT$dpBhWuPh$pz
zd*{blsViBwjl&oLQit4b#<xiiK5;_zL#c!IVU6y42&_^mYMOpw^IsyQkLB0x_AOf5
zQqKyFAmbVm<*Ob!_a7LM)Ao8$!nmpog<@_M8m6v<-Z(ygtbI4Kf;OsKotBt-Hs9gK
zUZz%g{(~h`gDhc>Pt1s`Akgxcn7b%rEXC$-JZ)Bs=0}??RJF(h9J6C|1{+&$j1NO>
z7w4P1LwqSJWKx4UiTDPqBOANoe4n$s9k&T7Qwpoaj8PVD5f7sc|LiuH#ma<!Q=P)l
z7NR^Dh)27GtMe0%x!LQsv&2D>hX(|^iULSeD^97uG8pj1!0E2|`c29;<L9xZ=hUg3
zgeLV;Mk=fZq(T4SM)*ND3|@CHWfA!bs*d?0(O|m-o}Ckx+M7Jr$8S4lQ^{Pti`iGz
zU4&!ft+)&^v_|LOeHrX@#jC;xMANP)>)5YS%k}mqPiC~iZsE`=tTjjshW3ZH;qx<r
z0#{d{AUA@u%9e%*U#oR*+6=;|d+hqj-aZU$q)4tZ5vh?S49W-`A^K5yV8->BjiKM>
zjYd1+-jLL)cZrNH9)q8<{Jv{AyH%0LVL7iUFC~+p&ZhlpU~8>8Y$%khrZPyuGB)0q
zE_uU8g*ZB|CN^{Ca{jb8KS2J&69I=sj>qt4fAiPhKdGuI))eQq$9j+F3QJiBg<6W)
zH;*jf$$pfB6rL=aa~MK4HBXf&-LBT9_X;j-kirtM;@v9ngZf5;5@@{HzKnIY{Zd<O
zt`jR~Dh987sq08&wNy#)slte=OpYp17pBX}yF&?FWt=f12XwE~4m6!N;=Qk#7lP^w
zjH$RSx8&?KdL)&XHQ^_%4t%%GtKP*VL~y6nB5>I{p;pcs%PU)ptSpEvKS<tXZ)|dg
zVTW<xztm)rcac+2fNl*X#zOGSi10yclRL86B6H=3_QSBcDVL5wPzjHa*B$y$i>Xfg
zk<gfZT%(S2u76Ac2EE2S7ieHoVzPk|Vo><Oc1O;O8>5Y(Q(4MQ*lkQigwlZCYJrqF
z4R`1|x_INWFI3SIvR+V*o;B1Aoa4$fos^(6UJNUrPmLf@DOVxW5oY{yFqY%NM&Tg`
zaKYqtvbUt;-fJlOuP;#jjK)rYtgUiI@E!{$eYWx)wOD8gZ%FW6v<|ns<5>EB(ntsz
z5iUM{?`(x0GYboDK#9=6&7hQ828ftytw^8EcE{W+&Ev}#f_QR~c*)L(x0pud8@7|r
z;S{z(I>ha&lyE58w~DKpwKsKU;B4>E3TmPx-0+i(t7V)_IZ9{f24Yza`@}#frs~RG
zuEP~n6kmpNaca`HFD^E%4X$6?d}l*=&BC!MzQZd)+z@__$Pb|VpA8Cp`1;`Z_|9-L
ztIZ(x<7sz?K6*^tUN)fbR-(ABl5nUYu1&&VMOX_mCr#6DQzgaGLIHMJB`-1N(5(%x
zuI7RpLG|~9VP!v8$12h_=U6zb4wlq|Q&R_&d)oA}6cskTy~G9DDc#kv2n3^=4D{j_
z;6@_1?cZH-aJa&BzDA`BLeYvL7n^r&3<!0CS9r}904)x3GyC5<Z0HLcnQrQ<K=%{P
zv-2vj{{kOjrLeNcqdDQd!}q*X39?p8(c#tZ$DJIig#R`IbhKF4dJk*yJsV==(Ldd!
zdj8v#5-O#N?;ZO?ba<a8#aIhph6hfY6quGra{IWzh$w4PPft(vTijzRD>?9mQ{dFX
zR+yBLIGUxB#nU2wj%zK5--}`@h5qc%DtjOylFOqiBO;MIPW>i6Qcce08-Wd~KPrDB
z5q_2(gT3RiyyDQ2qurn<hFc1&W9Mv_N}VtCmk7HSsaA1y{t1j6mK)<$3uL&RH>61_
zZ!V@(;ARW{>lT1VT@3LkXj#~^(Wo&UZG74<o-E+yWY!Q{1|SX*tvCLi#D*0v^w8Yi
zo*gNu`D@Bw9@n2q%)IWI=4#bS>U)6x;PQg1zF0%<kh%p9K6daN5uWGs6qtOda%;Ro
zpND7sn=^M@O7WZW(<|CF`m~gOJHp%Bcy-SlbAOcGuOlcX<#J{JNAf_@xJ<}_{n5??
z^Uj+cp|wiJ4>zad5a-Q)9{=t+><*Mo3NN^R%ZiL4+C!h}Sf1BEP_`W$Yl~-CVBBoU
zjaFF-pYNU<SXZAB5BC!2w>WMc8V5I9ud-bqnmajhMMOm46B7QOnxeJj{JY+7!jhxM
zUXG#~_GB;WVpiycJKCXAESB&|cq{g7%4W&M(h9j#v9}?Kan*voH&oIZ1kxApbluA@
zE&I<NYv(LCJB(j@zh#sN_M#TGI{Xdq)rE5{aJh9;)*w-hFR~uNd)EsaS!q06u3R}h
z#?}OV<t(0Tuk#%)uMH>yJBmsC9KPxmYcjX>J~`nV1d-GW#CwSIR_>q4@pMp-_P%KD
zho`S>8OPh$izqPPuBg|yzGt2ctrA_X&-Byng3iWT3ovCFZ1|~4gc$%KjVb++3km@N
z0noD>5OjQUV&d&u8@%{UpkmTI0$!EtDZewu9+50)oXZDtVaboj`?e#K<;<fSkn2*(
zdrAwjrXu2C6RKF(px9~==n3XZItIn=>j(P25&{*d{ROu9|2D((y1&Xh)l#ih8EkWj
zVATT2$!YiBI2UBsglxX)Ys}02IS~U&I;sghD7qcZ*-+ZwBj50CBR7vDz}*dZj?U%k
z;y)Mie<x-z#}J-A0?y^05sjBkPR<g|={~j3i?szBxWxdccTd^${F3nW=A74e3|!Rm
zZ+8<XD}6<+Dl1GEE>v#qqG{WhRFdvV5!Bfjrz4-@4D;IKNSg3lhI$*qC>5M3ckUcQ
zzgP4m83ii6oG>0A>-ueCY6k49oH>`oe;lDWHu?QS7MxaY<cA*-VKQMn1nF7+;ibGr
zXv{*%F+Af>w42FoUYxHIUBby7|8)2YAI}kio3JkpA9%jAY(1JQ2x$XD;E_xCzqYAe
zSCJ+@&A*I19A{Wlf-`$0Dc?q>S}c)Kvf|>7X?7q6qapcfKONV0Hcs2N2v+hBuPBs{
zqJU3<A1et{RW+T%c;9TKZDCKU;&mAJoZ>2K;(3+uH2QLf-MnzDrx@OHUtnj6tilGn
zB0|yR8;vyjz)CM;y$86>Q?LeV(3sjZl%GOgd)_;)8_JQSm+*dE!%;rTpja+zQ@MQf
z9tOqXw9&_)$$<;k8pB}LtQs@d%tP}1OO~uy$4S^Cb8)qYG{fZE2BHmARm_q+9r4D^
z&kywge`%jT`j@*2*{8m?yCaj4^i4zCQs((0L#iD_@ZK6%4PP?2o_`{Q!Ia;x$Ax9Z
zo)SqsbT`7tSuBD8q+7o0<FWf&-jh<^q4m7IUF}@{v5YdF=k!BfeN~C{7-#n!S;cY9
z{VK7ZqVHTdm}x&i$dc#fIkYLYpF`(Y@K~l`VrHg-k53B-UEv=G86S9?9Sm<^V-?hw
z<hJ$HH-c<7qYB76<iEd8%ED_I`g!=r*-L=g(sAOtHngQ8My$yrrhw7W_|UhPv}4Hk
zY=M|C_&6_b^Cixc>J|}z?!FUK1YM=+n|HWgow(Szcpsjhpq9#Er)9r%zX$@z>o-68
zN({NgH<=REp1eXu*fLY`pG6G$Dsp<Lzo_L^xy2<6<SKxlP<<@YpaOea&=~rL-ttth
zJ>_StX2P|FT5>=TnojE8elsLK$Xe`ZCV`MQcM{0x3+%$@1(<@81_Yyab-2cE(c0E~
zP1*?*HI%<j7JtU@Q7-%dU^39fSVO(6Y{qXVtnVjPTo~dYLBqB8=a?O3;xmfx*Gw-j
zj!+m_oQ&ok(n}uPa2MMh1dSL6)a}gNYgK9WOe+Ue7i9f0!%rOYGcZ;@bE%)<vqJh@
zs;G5<G1fWm5k?%8zZxr?h@34rz@GZ@<;&jQUZ<-=o&AG@?S6^Bj4#~e>H#Jdn$<PE
z+|v2;&xe~k4%0kGe2-%SY%vfz6y|Z#c*h{DRi&<>Arn-Y$ryWF148{#(cafgfOd13
zsFFt7__ZaDC5_hvM=R=}F~=pzL5Vd)tMbz)m&}&Fh3RDo<4u&xjoqO%ltIE)Mf3ZS
z@94~k@aN@@k%*O8KE%E)sKKW4lbk~X->+d0o+-kCPkvS5?Dtjb>)4}FeGNm(24l~@
zTwfm>a-4*>k!A!V2RjVkY1y(1FEqtoXppbr4FBNXYzG^o+6iQW(oI&Hro^&E<&sB}
z9vwe(xk=gt0w)Jh)^UwwP0Einr|P%zK)#MPe5dHP4m5u`+%Nn96a!O{;$^dIwk!_j
z0WXMQ?siVm6jGRR`Eh3&aiBy)7btYfO9k@j;-bvF{S)O;j1G*iCpVyU0Gq`E4Nuim
zM$lW;|H3%WR;%jP+s~kjT-VZx#T}_YwGTAt#@a9K$mhJ44VODI=F|+}WbTZ+c6jVT
zp|YPpCxPbX_xEj}X#_y6e^Dg@fAp9Q9(<$cy(m^zYT&qQq-udIFQ|(Ywmd!%uu)<+
z&IEnGN1u?$>#6UPh$bj+)u=ZJD@5ayU^4Gpj)<ldj~w#n7CYSAn4dLcVWo6-znA%`
zrz;fj=j}oWf0B7l-Y>DZ??bs<?%mS;ab&XZ4!IXIC_!7D5-<t>!OEkOQufmCg(nQ=
zL>?fn0qSDJbTgv4JlkgF?yr(RRgO1&bzb+!`jD@BWX!^la5q%cv<xNBo;LXeRxF>d
zdc-{S2P!9YqDih}EV;zplL-Q1k8{P8A<IKQ%@~deYor{NxjqE<0|yn|74o!yTEp!U
zXmnHX9r@aa=3gl2e$#{9si{p4l$sWg{rH;WaxwX{b{`j)oB!%Zx6lN`WC~FfxhBF+
z(sy`5_xoM$4*>TYkVTT{*r$u1(|x6;<)+=lC6PH81fX9HETt6rM(ylf2<i!Cxf{6L
zDH?efySH#oUnyF6G8879_|a*k$eT`1TbuX|7G+^;tA4ablkMLg-oLb7$I@Tn1vw*+
z&$`-dFuTRw7Rq?GUWsxpywjY(m)itAv1Ht0bNn^AaE9VEj}e1%&e&b=N+IQn%0=W0
zhFF4uh-k}YGtTZ=d*jDN;@NW4f%_=PsR8AOv&kOv`KGUkHLWOU2IJ9kmDe<VnBYVP
zu&>*zu-L+C^D+6>Rzh4#(*DS8>R>iBQx#o8k^xNThi?AnOf;QVGkTMks|X>|*d1Ps
zVVLxIc<sTE5(uM+*!1KRr#3-DdeU?cUAe&!z6OU;Dm=KeMRg=O<bKRsqECPHX)p;e
zsFA+Y(xWMhP#%bl%6Y|SvkFE1POpSq{Egw%Eu3Yr?(Qo|XV>LyNtqk->x2?Nf-cv&
zTd}TMQ~A%9>=j@5d$KK<ib-7|I;eI-$j&?52X9g)_DA@>Pk(<TM8xx>xU<sWdDBg1
z;L_jFJ{d<0G%b%1X(4xMGFfG7(2rE|(=6BSg7*h9F)?8SKev1QZFBx>*GIy$Ix3vD
zIS^w$od#BPqC(*@%nIAP@lQC99-S<hIp>y*;u}Af<#ivmI&B-^rUlAGkbH9X<J)9V
z#I~NU;g^k~upTHiZ=NbkV1~swC(-U>xAeuj7d?9}L(A6!;`duTvK1c3j|_UYoO5}+
z4}~n7a{UD4lb}Bw%Ufc`-Qy_x;J)3x*K1Bh3+vpOV|;>wpo4kUW~h?0;{&iE?Y5uE
z?V>Hvct5HojALDq%@d^yUyTUPs{i~PL9RPzOQ={Rq&lWocC83BWhxeNmAVIhe^fEZ
zyrN5P4EbD^@_2+?jOL@loAOHxo%z(}ktQ$^d|L6gKgCBXS2;|-e?0SuI&~zKlL%@c
zB6x`dRF78u7n$Kl5$>Ep8z{^Je6`uHY<%VGNI0H86zt6L(*M%)D3CdYnKVWwBO`-J
zB1dxWp>*Hn_Yd=V5z!lq#w`Xuzwl*kgBtgozy(aB1Zkz;PJtwasKq6A&F5DEjDe*j
zo`5N>+AffQ(+^^SG6m~I1*gqLJK5Sb&FsVB1GrvDACy{jwSIuFsQ&s9PAB|q2`dz2
z@NV+x_FD<(rteSjEOrmmuO#`V0A`zIPt~f_#{sHED>aqI{ogHWgWn?1O0(PFf=Tk{
z>aUyNIElMK9IEpnTaJ6URw4q#yzVqlKx;pyG%fBs81&|{*5g{-!&2uI&2N2(FNZB7
zPd;W%kuBNW*H8bLd_1Dh^e*9|*Xys&+?3Kmksp?AzVb@jR`SDULa`RU;?!GbCGu}#
z^nfQgaYCTrAo6IvNBmoj+pO?6(Su!L-se$v1~KlYSni0vJM%ro!LC(R<$%Z<^14y{
zI)lYvY4lrubQ9z26)hsgIUL6PRZgJX)srTIdNe(EaWC)8Si0g(t1zVtb4nj<9vlSs
zeTxJ$c|<4wJ;TzdI}KFu{&&M>*9iNidN2s8Oj0@D>{fP;9JW3oXwYZ7=-Qn>hfC6&
zMISY%Iyd>eoIc8^lH;^8IpC4{gKYCcq}y}nX3mdusxA2QCRtQz^UES|q<@M2&zi(P
zO+zY1?gaI*q#mTeD7SZ^`H5gxKA=2`%h-Nfp>eYX(mjuSH8Z485E<ykJIkYC*l{JA
z)-yKBA_ShZ^lYWF0bPd8ztq~Z?)>&g+;=7Nn_Yu87HgX6^@@K<QZo%biImQH6e1p8
ze{e))eId}=TGqO}Cn<h+KTaASaurZ;&E7}6?{*35TDHD{WJ0M^si~>qjUnb>Q}p3<
zg?~pC?jt4m*D0Zlc2aDV#<<V>4(B4Fl_Oj|q>eAikimP~C4a;H_k?YKeuX6@^dsRd
zVzmhbM|mt;8ghuTU(9=ITfJA?Dxx`R4VJ>Zn`0;}@bx;+Y{ZV^yL$+IZ!YacPLNL~
z7L<-d*G{R)HHn2>-mVr@A+l1C1IKZHqQ@}&Dce2`2~21H9o%SXcT~4W`KnYxA>8sY
zou3nbFi*i={9cKdueZhrwU}iyhv|qIHz;%`PPz9tkmC1KRS+?+>0vlej>yJDEqCkv
zq*cG~1LpIo%JXQ)<3Iq9e{|Z)b8uaRthJ3pip&2OwF-@6&0OO+PH)Re4uuo?+iyNf
z7*z-U%8>8gdE;Dk$2}M8NMm6{%FGQ<bwDBa9+iJK@ua&e+1W_=BMIkr02yBv($K0-
z>$vt*bu+R}rZR~M+mQ5B1O?iXIe~NT1wya|f_CA^RRc(7=jvp19r$ID6eP31(tcp^
zcjc2^ErTJEY58CCD&>MXAxTT$ai8Z0NbC7J<HI%Jkv>=XA+Qt}&~3@<C*<|^>j&zC
z9|zoWP5-kT`DY0#%d^-V#dcw!=&vK(fXbs&!x9>m%864CAKbASlqo&HQ0?xIthLnX
zAn3#;5&c*KS#NMc8A!xZI})@swr~dW$;*;K-qYX!rJ`}JJ)1=QaM1uyoKL46&tU;i
zaa6qacYLcp#~s?_B(jRyFKinqiqBPXOi&`GFX#V-{=a0`Kcl*|)kTo!8yS;##&qT&
z^imSxa)V!4Qt3_P^3ldq5ejCo2s+o5moA*e*sXLaXU!}rY-v65QFDVr0XgUK)MDwv
zh6G_DQ(SPs*g*B$M+8&0aBk}UP-0s44d0PTzy=i{ZPa&QF5pbGW2hrQDAruTml&|~
zx}HK@VL#T*PS^znWJy0FXa_aH`Y$K`PkRZX1J3fPesU$_eMJ^$<LG=W$GD<&Ehp-m
zc7dklX;T|i6h=lA>&(QT{r@ob4#1Ud+XCq6*tTuk>Dca$ZQJbFJGPUKZQJVDwr&4?
z&VBFwdtd!}^{Y~~t1{PKW6Uv!_8f|MW$2MM+0>|m887v@A8GwI-t~;d@F#UUJ8L$W
zvG+9>ViXaF8Dc=)J|^-mM}bU#Q`=M)e>iB$Z0Dl$7h{oZk04j#?~OIC7C+7d_6NSQ
z(rsNI+EmZhpDr;=Ey7P<c31R0m1RwjH-2tkJY8*1IGO8|k0+P5@@{T!M*{e4C?pXe
zBt()>G|@r72J(aog)G+2I<Neq9x@+Vf_;9Gj!^P!9(m;GI89<1O*9_1A89*5gMs*e
zCjwCcD^dh2+HQt=V5a!Hgbx)VnNA~MNelPJ!u4GNcj2CGFSH+$=-J30SQ>VOrAR0^
zo02rdJ3uorIVomfkaz1n{`u((zy}Zm3I%VCB>#CUl0P+w3KfWo=pmxud+z-QDy6*s
z-cWSv*Q|AiR`L|$#FvG5eIdx!)hdOI8L+je!OHNt)xwq9ETxf#DaviVpXa-zt}emY
z*x2;qVn{166=K5v+#b$>F1!T|>Td{OMNqOkggW{#zGMzJ4@-J`yMvLrPEg5=dVrHa
zP<5ru$h)*!L4Jw?9>T58ZUVnz)U7K}kVo>jM4$547j1Dk3=@h1Nd@)W3KIv1+FR@K
zogD*maV}LZQ!ZDokbmtVtOw1X8u&MzGx_7)<MrO+U~@uE*8`kiM@L;$_^zRAnoerC
zxjcEtZmOai{G9iZ_)YoYj2b1`sa`o&B41fg{nl~0tc(VDZ2*7<zypv0NjGNn;D1vc
z>A&CoytegOv@YRxvC59e;|yiBR5b{^ub*C70ZwxO$C^~Wnjt$R-_00=y>7<U+g|zg
z%V$u)XsgthFB3VETB9_gWL^(uoHZHP@AUZeRN3&Ck-t%ZQJ_(fkr)vYkWjrM#K3a^
z?x8--TfW8XiGe}8<rgR<f<DkJrwaNBw6(W07j%Gm)uZ^Lq-)eZdwx2<yPtr7b<5S*
zElZr!F4(oR?oKBp*($0pE-uzpuN<9w0lopi|K3kp<Gab<F#bLaMc`Q{Pu7)edtJCc
zTK0#)kFkt)bqT<!{nXczXR!r9Cu<E<7dh{}>8#y6Rg+<SHuehW>(waOM!$slG;*_k
zqu0Qm-a_XP6eJ`kCoie4HruL;Sy?)FdgLGONzg)|{dYj7Y%AU8M>8`@-q*d5>J8?|
z5Ri~FYFg3Jt)<Vx8y?AN*wKt$TGt!x<u`jtGVVM`HI*xe)?SbPr-+Y}Z4;vN>!ftB
zFffTa2DrGmD=FtHkMwWq7jrB|)c=sI8WK5GI1fq|IlaS*YAe+3{n^2Kr4Bq2lW}Nd
z1gZ@ex8^qy>>JCTLtt<;!PO%AP6j#b&C*_h!nFe>NE7*5qRlwRVl(&Kc0m*u-Gr>T
zhU=nFUtLEB9<Yn`KTHzuGuCB7D2Q+H54`^-Ul4_0asa32%Wfp2{pmb4a9$qhcrtx|
zgT-8;85zfqL?c&S3Jw#B-MY^Sih3q+y(xm^!iJdE`y`u@ruk<2wb#HXFxe?-F(uVQ
zpC`3jKn<|Z&pGKM`dgIGuz;~%9WX7DgzjI=2Nce`W;x_kJfkhYuaB!JVGJ_2%XNb<
z+IqdUX5b(qyRPt)x#EJ(PJDKDb}DKHaRqq_)%az;G~_p@+B9_5-ol1DAlxFme$*3Y
zb)oz^R#NmdZ0r#tQ&UqCTA8%QADov4z|&pk{5J#yf>V)Uf`#)GN8WJ4dc65y#Pn||
zh}SjTllR>ui5biHC-whiau=L)y?(x3(UO=xp06BVT!^WtpwiILBu*Mz*0a<Q@gsZ9
z8eZy2YiWg5o5Am{{j}Q+jd9%>9>@Grl(B5BTsO7lUHfIz%hBp~Lc3<`Ysohj4{QgS
z3714oO)aUQVCFE|WSUWbu>yGx`w0CO;xo`?m{WU|ty=;0H)>SI8{{B&%s`<ZmAQOw
z_2_njdC|VTXx^e>b~u?O&*bw!an|kgy6OxCmh0~prsyiWQrlQqC}r2G|NIfA(TW|C
zGFvtQ7~D97F_AiMzM>mOgnZl{E>F2}qq))mU&>nRvDx8pSZj%1S8dz~N$!##mlZNF
zg@BbT`edj%b)sEqvNmdBU(2+a`bRweA>hJX3^EWkG?-vM1`L1dcXFUO$G)+>kc~R@
zQUYhAe4vFQ5)L)ltkqa9(9o&Z{H0PPD`aL?eCr-{TgT#jaI{-^&eoBY6s41P!<B&?
zsCA+g5^N^VciE)6bJnVIbFrHAyt5Z`-8@z8u+mM=YoFC(t1VGQyOefjTO+rwYI_%o
z?Vz5P7NkK&rB%-oTj0h>4lDiOE4}$G*=Cr-SgTI%KhS<Jx~l${k_H-=LdB7re&K|a
zzEc&d{kJzR@hZJ;0MK>bt)CK5x%?=&OSzSdIv7te+U)RnPlem`4l&zFT;ak{qAP=`
zW0{GMi_kccQjf!kL7X$ZmTKEsk^kwwNj=rK@rvTTq7=#awsyU6@9WL)$J6EEBhaN&
zi?vnhg}Y_5nQNWgzk5|p3D_NW%Gn;aQoC+$ce{Qf^wq!h`ULpxv1KO5>=<z){)xQX
z?`VZ%h#cRqYem?Dk)mk!U+c3;PfHFPnkO?ZE+S%Q|7oD9iNol2;6-!QnG<g_&}5iV
zd$Am1Ez?B3mTWWeUmS%J`8Nll36Snl5U2?nYHq%KG*dGHC2redXS1*YXj_MXQdR5s
z<%=OT_NNGVb3b@}%>>lIz#jKw_0D6L#f621R5UaJEM6%&kUH`dhi1h)Srug7iP$kt
zW!LZUac2WAT3Kmft!dQ96VejMf*b=q6=aMq2TcyR|Hk?TYc<i!s@AMc_-ogjh1Fnx
zn;W2-MotB4>f~7hZbz_o*Na_v3-?h<!QwcxQ+LQ8CX4dLb3%IV$%%>I(X+|P=F6O%
zrc)Dw0q1b{CWQtxH{>X8)y5P?&~a`JJ}E8StU?+9&tL9rq!>BI1KY~tY*obysv}n~
zyr0o?_L>4AF$a8HjDHgD4p~|%Tv1{lG_XrX#zch{`-91rbo3-0{}BLN*5)jmo+kZ_
z8XM!2^8XjfZDb<Dgyzdb3DfH+yvP#Zl+o?;m3l7M^VGVxlRsI!wGMmY9UqTt?t9Uk
zXvjlT&Ujc@zi9Z*PEY576C9Px6wz~Ofa*P!?lG0_J(UjRXC2ji@u!`o=Yu=D;0H^K
zY@@e}c>Gxrj8qlte@NuNA+#(`Li68-I+F@$<Dldpu*>*Vo`BO<sh`kp3)p|`c-$W=
ziA4eDu7Z|b|2+m4eTKtm2yXK|Bqg~nRmD~9;^f4@VHkJs+KCvwc4>V*YG_E@1f#a8
zDf!Cb$AG?v2e;kt{{5$S{I4MkE_%ZLVMl^Y%%f2cCv0tulu;8W{1ygn%Bl<+verM^
zZnlBIPn&gdTiWKdwLct4LjP?$4(CFEq}%cMeD^rOj^TTAyWSQu*~8^gxUI;oYd-}J
zp-7Z)tI+Evuv)CxIVc{Z;C_#i)CIh*T2=2Psp%>W5DA_dEmmmA`c7@#*ky*y-7<UA
z9rb!RWM^`w^qM%NX>%<3pY^%ywmIO7Ny7ZgGxGl%`c(Y&{=skW9FnVsA;Zg|Xx#T-
zMq=wX1uoC6v3yqUm+RbJ)p2IX9&>oUroZcOX{YD_007Gizu$1T1CIRo@O5n_<k6sq
z<EA!5%AkqkiZ*0bB$U*@xRvA|xp^WINIL}uXsnkS{vh948rh90h4~>euh2hye3W-s
zo?MU&`|r&C51aq}kAKkn$IbfNJ%N(_uZRBr0Qz13xGevA_J1$^#~1$*nE&s0{>PI0
zAyCi#&vQ^<|KR>Fb_PQHkEMSJ;r~4Qe}emuFa96z{NGDpMgIdE2})G|zfSC*P5+-u
z|C<*72bunD3F!O%{{<KEf0F*+-uWMx@TvUgasCJCk^DW5{@}l(Y<Br%=mi@J{>w}X
z=S7kG5jG(UboJcd-33bP>FIr_1>QeBg+@lgYU}6>%Q@L)d$K*hktTkm4$Ebtma;mL
zxVSny2Ze?X2LZBL<R}gylN7dFC{Mff)E`w!?u?4O-uHfg@!Pyfe<gfUeq3?t>z(+`
ze*OMp_P{&Y-*;BvIq|Dd0Zy^rIXtBJxMIHbv-ThTRyMn_;iFw<(b3VNZ)#c;LH4nA
ze}~Q3?J#$9CVFbv5>>3U`Ru_&=vq-+OerfXtDY;EbbGHiykoTX#5`u?6{WT*YIw%{
z{<1&r74?~W8=gY>G4(yG@QXR87KnwyYtFsk-)Okg*;-k_R;rHgQJwfbEf3AlCyE^s
zc78E)3;0TXd3pPf!uXNwN7U@$;o&{s4Nw_N)PJ~RsGke{0DX&_h5g6#K^t3^LQiE0
zVPX1n7|xWv@lmiQj2_>;y*!MWO6N==%#a8k-`UAO)yF(6GyX+T6X?;DFbdT84{idg
zUk_?WMv242eBnIhAXzpy)3?j2vJ0*g;fW7$%PALmIoVs~-Y^fojtBg{1PYZMg3e!F
z=?DBGk3J#)y@lUjQeS(uT(GjVwB=s6iJ!yy5#SUGK_4@3gnq+&=X$YMd$6(?OsGU^
z$tmuR`Y{<HS!3OIIGez7TT%uFgqfKcC>R*S+TR3kp=6K(u(D14fwL<sE7aA%B<F|^
zLqkI(EUb~f?2EVdy3kj%pnu#c;k@e|BL@N*EltfatW$zAkc8oJKW8m_>l%LF-r5*O
zCXHj+Ail^Ukh!6uq3x@4McuD;U<+N~FIuFfYQ5p7Ex(v{x2xUbnF941{ck9!s2bmE
z6+IO-5{Hs`V}%)FEX=A2Sd|<%&J#P%O8~B!j0^tVUnb7K;zQ{h_mE?D9#1F#ipc<+
zrN+ko`rDtpJs5vJEw2WaAnEO1@AP9~WBbR%Ag*2Ynkao*Gy1GCU;M}rbj-Ri7=Kap
zaBbp1G-v!O{r<AHqA)^WxqW8_<o<V?nVpr2W<`9xcLr*-+m`TQHw+96Pg?L`Spu{A
zo_&Y9fpC%*ztNZL8*mEPteX*ZWxbz{dBFYEG&OZG^24SAGj6Q6y72uz&h&2fVgz^B
z?79azx4a8FKCk-`^|f0a!GXUuJ6yH9Gjk;Sl&!A9^G`Y85D@aayK}gH<?RUUi@)`6
zE<OsmbmeGs@=63zCh42!;$k!Jm`}s!7xJMuy?XGc(?2HxoP_1&P+xh=koTot)&%$v
z5nMl)!oexJIe*wSNy*CtNQTU&vZHTr9i3fW|MnL9-L`xn|8{fTQz{(JY^{u<WB0Y4
z5fSpbtFI{E;E!W5j)x3y;#MaDW>}fvE;>O=XvT#cj2PR}VRuUKs_m>SGXe=Mwce(+
zvq9B(tuSt4j1dKp?Pa5n1V1mKWA9$s@BGqTOa*S<b4u{x?i}tu7Ebx(wfRnXSabY&
zWWMGEzgCu4X^yCIaRrt>E8t#rTff3b{3<@2qi(aJC)EYK>56BRbzNVFZyw_Be1mw_
zZgRYhhL<-}sxQ>LV5kK@E3#8wxH6bmSNV^%tw9U%6}rEu{pM*dc6prI@6Y=l%-T0t
z1r#szQ?2#LV`@7nv?&`A6w1C<N*}+_-*UQi60uUvzl;R!;f}wkE6s*OmlM8z`A)QK
zzbCmjsR*t)eyMzo0I3&vleZ;!iGQ|C^YOyz@u9MIJMs}TEN9IcE#99)xZF%H6{Hz8
zGdp&gt=<sWn8cn`x&O9*E_^_9prHv!0tVbiP%%~SGb*E#XUz?sQkMjqpr=-Ad-mP&
zzdG(%+m9D+fRpY^Z4N&Nb6T%7H8f8L%Wu>6c518r%C=40WgGs)&@;78hsVNlu&^jE
z`keXMv6_|uhs*@#!N`ah=Xu=hiiwJe-9R6FI!Y3ytxD*>93~`w(yq5UVY-EH`98sK
zT1$p3uA?2I@!@^PNJdL-^2XyG2<RqFcgm&ms9l~_d_AJnAZa!s?|ONK;9xlI--OlM
z9SK2Bja5IqS6$Skx~ORiXyrZ<Vk^E%>IHTCF4HJ$PRE88b*bKQL1ml05nTaghLurr
zV7Z{N<h3@q<*<DRSJS(-64FueyxkjEQd+7M#Fqke*($=MKW#_j$;YCu>rBSEI(xk<
z*i5PL)WgQzx&|-W-RzI53<WLU@H<x0gkRFBD9P`<tW7Fcr`9ulIYVn_$bw80cju4X
zY9Bhq++F6BqAqm-`jzYxqY$QLh-^hQxAgsacW(B^7a;EGAJ9WZ=eTu)&$R<CX1$f!
zXawQjQF%*SEIEa3r%M_Ktm;?8CG`WL_kvpLT5G+WTrkwwX~4ufVe21Mco#Mg;FOu#
z9Z2|?G0VsHEj+7p%uUz#@Iv0gAo+bDN#ByAJ4r$M3*ustLjO`QTQ;xUIX(xB*4~6g
zMhCPfkXln$Lk`v^pP`@uo}b-=z~A}+ke{v$P~o}Wdqz7~2OyR3#RVNY>&Pg_ppd*>
z99*PabSTWV%wf@4aDs>u%UB(k%e@Pve=*M^P?~H%+`kecmTh>0AQ2#gKpr5fxQU8M
z^v+E}YgY2Vmu%#H5_k$U_$P!4_6d)4X#@Ok@$vYPl2Riw*R_9Bi1quNCud27BNlZg
z!1m>n>|E|XKi^DxC};HblWw0?t$vL@2{uL6s}c3}2b6p;TtD9CVkutS**n6udAyM_
zQ$y#W84>R|plLaT!662RwnO&y1@2s4hL4OWMz}O;H_GD)>KZ-1ntUkSl$Ya@6c}yq
z85S>(X1yxg|KjX;4@5q{8uhvC^7aYnr`qiF{ltYe<~0in66?u%%hVJIr%_<EYvHE8
zxz1?&bolTA6+t@QdmT9_-J@`Fa{8IOrDpbLX@eGQ5PhMfvht^Td<G07BmrmniB4Qv
zO5`#Tr+SPZ1IxY&sKvvOtH2CZ`L5$xqT?OwuEEsH8p}dbxMs^U7zr;WxbHV)stGBg
zFTUkV?V*0}Vi?(<dRRDC?Ovg|9aZ048W&0`DnxB`_${UHwvR4*j#NZ0mYT1?&im%?
zpe<kk7i~odXeJ@F!gHe=xZGmkP|j}t`GuK$aayTUH$5cI6%{#2tZ`gB4jf0kJ1yQo
zZzWhhXq^fp^}Rai^Qq$VMYmV0+4e>@gNA~Tisfi3XG+N4k6TkF)x5uEKTzfQ_EbsM
zVpPo3RRCsmduQ`9Y{X_j>#BmBxgCOZ65GC(z4-P*X`LzTr`4j-1uyNiW*UMFiqK{6
zNoun@xN5a#a5SNJ6mPS@aNCmS^-eLTy{|Lwrn?pSriT}FnNxw3x&{$ZBaBRP^-!D3
z+0A3!l2Z1z1jralY2l>1(}QM(PCJg%>zR}&w^8q5L5r^??ra~Pk{}mmxf+9rktx^I
zB~AlABrl`MHn!{o;klPh$=nH=gRYud@v3@lTpRJ9e6dKhH=Rz;q^t3Lqsyt`39#1A
zJNt(WLi_tpH^sEH@b^Apw8JA3YH9)%47#CAY}Ok01Ir4X4~o;s-I5DcNvf;9F?Oq)
z$FadwPPcCu6UV}q;=}-*_UI?osov}O%H<|cj*g3t87?-&a_Wop#&V{4?Z0@JgwMI1
z;3*$%`)8L@^yz&B6*IuRa0}u0RsuowvOYf5ih-VqrpBtFqa$%!8;_!vR?J~Chx2Kh
zl3qHD1V(hn?a&HnA-&J>l1py68xnmX_4PG^$nZ8&+v@7HAYar3l^)pOfst_urp*Np
z+~Yh+&p0Z#3;ywmwODx-;zd##Sw+L%V(`~8T-2!O)io54rWP~Xa`e2to@h}DHLd4r
z`|I?YZX^*WWRNI%epM%?Posu?-AvCAFG8EYK?6ImmZB8_y4SXb#eSofgg8aDs=pl8
zl$d=PTy=5GMfZbK#|~mt*P>ncpx#j{=o7ArCsnz7F2m=;BKEiMu!&Wv&*lv{7T&Q?
zNg#M;U_G<l4j<Y8M6d8!Ncx}B5^3n|Z-gldC-mFsY5{*9X}FZLPb)B0Mq>sXJxzFD
zd2r*BvV#{1ZY50GNX{F7H1T-pS1w8*HwxyQxHvxvS?IunbmALW@N*R8|51&ZtZ~pu
zyuG*1n`qgv(yK(T$f79d_Csn_x=hT0UvoLfNUrsC!XE-G;o$HdPie;#DxKLD|KZcr
z>ZK<`M<-9Shm{u7F+$h288)3w!bWM&S&Ck(R<o0Vwfdd3Xi!rC<3NpljE(nQSDc}&
zTpAgN1Dn5dG7Kt4*hLQ7JJbD8j6eCpFmmFQ0<AE#w{I-n=ff#uh3Ww>BZ~v?EIC;-
zXaIBXKn*jWBjdKVLD*Rc7Ker<R&_BfWY#@fR&h92cF^qR<$!7|?AOq&G~;H4fyG%2
z!UmG`US~^{Q8}`<(t`FBD#$sc{FLu=tImAKgB`T;-aDmWRO1@X;-aQ}`4Cd`&n)tV
z7^j~TH(m=%&U9<i+}ZDDkpUs9^QIvV6a2Ft(ie7o*+1^OQuti6G8X|>&5V12jcf?M
zZm0~vSegfZny~_go^>cu2e44LYW@2yVWUu%)K5x4B0L4YM@Zb+ME4Ds>I>-Ps%mY5
zA#9_~>5#}y>z%{HE_Q{+3&x^v4epU3Z*X?UU*;n*t_T2oN9UlVR%qcmD`wAQ9b<Gh
zgN^ua&)gcZ)A+O^H~y8L@&<2CTPkaBJq{c(8Lb2%Q#Y#DuyTX5Kdr7Wz1kfvR=K^u
zdm6sblBS+t{hlyfb<Ak79_$`Fg?Xf%g1YsR?>~sjQb@cD&@}t3c+_cvFLc3slY?bN
zl|gI%)ANGLtCWCWDSPiOVP<f@YE}~USlp%mP3_7#v&|DCDXo{OuxoVKF>QUygJmN7
zy!ci0?HZ^dn>+!TNQ7GYj(IfP?)Q3EA95eQz;T{**7trYpJKqCKRsJtpHHC?G8DyY
zH3p!O3vc61O}}c{VJ8xvZ(q&SKVM~1Ijk5=6>LP5g%|<aT>yoc^MawAp2{^$=1w+{
z(E}dsmK$<;g7sjL;y-(fg(6gPQiFZ)1wS@{hS3uWQ=r?QS5I3B>=2+}yG@IdF$~OC
z!F22HUog5NW^ejy?T@$rSq}a{@}!o1lIdRx*4Z)3i7a@Xj*y(y+5NTkm^aPczTxO|
zuh*xqG4?Od1a!JL2!$UwZ;Ml6VJV<fP&f^gknNs`wB6lHL+ixL6j9VFMJ2+(Fh+MR
zk(t3Cki--sT9O|+RTX;4t>MUyo=3YZjc0wOr0Vq%qW7y0>P_ZQI}R3H_6J(tE_)~d
zLcs`NPz&A6jX_M<5c@H!J-j_9r}&RAPIEU2vezjnT0##Vum&ZAqa)&=U9dlGgLX!7
zF_d=e<CoL$lhM`A-1F@i)!3M4?a4Iwde;j#0G}s_mb1HWGLjeh>ZD|~Uq7?f{xAW&
zn~?Kz=qp;!Z*q^|xolWs?28)jX<+pUEygSU!V6}Y|K*YYVsA)L{51z1nn0pjvB8DC
zprQ!-;vs3|52Kif4(VzJZyfImDh5Wf{SAzSj263hmb-pVRNkgInekFVI}1D@8Ar4b
z!>FVk=4WUBNDQL?&?<ZqJ!r{9l#tvMk+M-BGdDSAf8x+eb~XGW9iF?rPy=4OfO>!5
zI*ioILCJUy9BeeYqt%+Cn(nW%B3(2&*TBX_e0m>#D)|^8ZO?C-?Vi&*3DCT>D(-{(
zxy9AMa0+u66fBXDsYwq&wZ;ja;@d{>;vWV!wcq{HM*hDBQ0^aH3fhZv2JCS)*LbD{
z*`ij@vD{xn@=EIweSCb5Z7Y9uw?jtYO0p$D5#nGAt4Lu4kS0to2nO}$5u-p_*xSR1
z|1{!VUE^V9l6^rd>fKyLSrnx$R&;*2Ct+R3j`L_t<#vKtl|kJ(+>5E&(fvJCn44Fh
zVwaM)7r)KRjR~qEF<p5^9LN71gcL_}EcC+6W-sWq*P?`4Ixw^zl@FvZHX#edOoA|x
zO>qSj^w^S4A~y#U#!{=)#|I1NR7lPiu5m5iTiyS#4J2`KDXzzv@|%jt0fK&RHzu``
zul-Y`a6*+rsf>;TPvbaxFgv}pz(;3g7_0;7*U4}ycm*EGv|Q7qe0TwtxrCY<ViNbS
z-6*DI<<2qOR^5-|GfUw_%5cKYmVH4i_a>h1x+DPhfW93h3W)YLVM=&Y6T>~?BhgsO
z*nDa~I|=^J#-C`-JQIE|<ZNgr#FX7|ZP~hG-H_Z4-x71s2b00Ab>2%DHjb~(#1tf8
z>rhyjxr``^5aPSvLYU1K(GoGybMx!qb_|q`&&!IJMoUWR#eeA$S+05JJ$F~ajB2zV
zXK{oMneha9dKfsGa=*U5l~!ei!QTr1@FZR-h6GLI94=jqx6a=h)+kwN%WcpJ^{f+f
zb7EhwV1t?}m9Vj(QI51!(n14uiY9MPFl3F~t&JSJ5*AaTg;5sX!AT4QbbY%OLVPV*
zZ}?3%-+*8^1hwMw%loG$uoEfHL^>y;N}FX|yq+jX;;KSd<%CQC{ag5{$sTfm=B*Ov
z!O!e8fON!)FHcuz7Z`y&K$4+ExY=;Z)>!PVZ<H1W9{)aVbxl1TdMj6dp4}~$sQ3}l
zt$^qc;vq)Uem4YKp%_tVZt@tOsGb`w$*7%f-p#bqCqLS_ikYm4Mx9{fS!h;u8lSB)
z_+iTuGprM=Xi?M7dm22HePhp^cyem311Cq74=y9UJ0#(yK$y<Bh2wr!q59`3owYhI
z;$soT$a!Y8Tk@2|TMr2yuLDSE48ZWE0jA}3V5icCaF5LA>E=)4ab_19VO175V<mDv
z%UaFdNAUcWb?%H}>kFgN7Vq5--%0m2_}ur3Ek_vIP}W#Y&Zz!k`Mv!U74<tu%6O-U
zo0;r|5jyk1S8{%+=!n5O`ZtHuXDROvBXHA>IyhXl3IEU`sJubeo1OMZr1J_oGyEwI
zIuMVEic_?}#~+ecpcE;FU;Ynaj}1X~-qcO!xP##d#Wl7Ds3@#1%db1Oc+2&KTASJ-
z`1d@X#%Q6gc7w@Tggei*3ClGlkp2dv>YYA}2!sTMJk{ccxv+GjF*vX?U=%3^M?0uo
zE{AXe+D|ZbvpBV12{ONx{^(nJAw)$-?Vu+CJ}~9;+4>+caNxE1=9per41OdU8~nL_
za@gKR#^ddPe<=Ngnmil2>>nP19Ii38#6Pc;EtT6Fj%+hd6;!xx<96_GHJc)^%4Z~(
z|9v&~B3z`<)e`+w*5!9Ih^cXZOjyj7;1<ydEMOs>)UW$)*!!EI`2(AN@+RMe38UK$
zPtVT@lhby+=OM%Gda#)HX7SHQi^m&=YqcM&%+`8ThMsS@&svI+@q&T(*TK>9`(wF!
z{l{Njua6imu@}$#tSEdLnEgp0l}&E=z(#0*hiX@&C9`G+&n1$U)wNuw6M65iji1hH
z3%L&0?CF(W=+z9K@Ws{ZLuSPS1Bn_LQu7-<nGur9USdXv0cz74KZBRHHiEU>x(C$s
z{DSM>7D<)?LCh}Z3#uX3<Ni}1DmoceImz9WggbVAZ@7PFKmcpD$aO3&%N$vja_~(X
znwshuFKLJ8kHz-yCk6-CwzglBWVoD8$>g&HB2gi?#B?2b9(6k+6SPeGS2hvLA2WxK
z3JCQt>ylc0k1$N#(0gVXK<qBs!)PfvNhmx2lF-oadZST27YLp6Qq8Y2#9He5AfSA-
z>E*@cOqe_(=4wFUmDe6_G|E7_I10E-3cbF_x-*Y-4M`KX$RYN+h95Ed(#Mg%Gr!@!
zF}m0Dvk@q5JH4}**NEwE@lmM%6EdEm{+8|ktp6#^O#h)^RORm`N#aZ<oX)EmhkaO*
zIk&N{9jB=s9dWOpYDJeAS#x{UrbT4A3OTKr959gY+Hg1|Vs%T>L83CfHuozen?TH2
zmZet2Aqg;`#^PxC#`IN)oq99Nhw?j(ujS|IP(7iqP%jibw10CbE!}VxGGBi$t9_S}
z##n`kxG)`bm4WdqucA(c()4n8-GpMtbpSF*zH)B)cu4dR+{{YS*tvy;1GackbS@J!
z6pm%2uNOVrA=G49p%KguL2Ou8wksHq1_@O?a(@;)6fBg`+=z4H5g7>;54wmCeApy|
zkeCwBd!XSouMf^F3F!9eDWIf5ST>C(>^z98!5JZ+$BX4XfOLkRFRWoe+u0Q{mx2-D
z+YU9>v5in{Ir>DBS55<!MFB@F5?#6ZcMEx*^pf+D5xD#2pYgvg#bm@7`lK2j5uZql
zE53=4J;(QVAmgNn*~}A9&k>|EdwB#8<`wvXu@)<cNjQO`kbsV2JYbzvsER5ZEg|t(
z)+zEbWq~=d<fG0`3ogTPVlw`4yU*j|4mn@*Z`t>TdpwIp+Ksj^^Rsdx)|BjN_)+G9
z{asuLUpz!2HUTaAKETkJOsuC*wtzEvrl(H;ukDZg{%`WUPB)l{-9V&F-QcQ2&3*Kw
zf)ucr?ikEET3n@{v0%}gH;1MeP=N8?>+iHLeUQ*%563oD--US=Y{rOYNdqL!&Cz!b
zuyuYV7b!oBAI9n12`ftSwLzNZb}^wtW4BUG$OSYG#T)iSS)&0bF&RF;K^D|{A+cjC
zjZ|9+Svdet?{<1gL#oS2D-H=Jn#^A#w5CSgSxKh=g;hx@9aQiO${9gH$k&qu2A600
z`><z_X*~aHEDoyw{VoPvvueH@O}Hn@g;MPa)tFRZeG)gF-=ZM9J%Vh%q8;k{#`~za
zPZ+GLh@?2YrL=OavU+5CA69C*#Rx|clsxSaQzJk7JYw2Uxe}UDAu%Vx)7$**Gs4iW
zI3YCSqP(I)LOJISJAFD&snp?6@I0lZ;QSV(A1)91-Hm7o1uBZ#v7nsv2XY(@H*gY9
z({S_q1H|1;pq-UJp<vUZnzDU=sH)``n9-a@jAWm1k4#PpX^1ekS=}Mw#r=gJKHGL{
z?JSoT!e{G8{ZI~6B&}d7e$&Lj8IPc3JbNU4ia+Lrgj>LqvPgkGAh3Nn*lJs-QrzzF
zQHlglaj6V}M||(~ga6(z-i}l>*V7AkN4+7mu3i&HjxJXqHJVqo9Z_7JAGk7!N{z$Y
zo4bc9p(_Dj5D1~#gkCEwt?tQCLt*)}_@hmF9bU2g#o+dRG*_(;vNDB)!C^f7a?`1c
zx3ec2c&&lCy9?(gVQFw>YpElws{Ih1x8oy|91?v`-2$#T#2pp{ZA8t>fCt@KnW(oW
zzbhe6gv+?8;oBqn2=$D?7vvqY(}OGCN(YFP!3~yX2eOP=^}r}8A&FldD1_Qo-)qWR
zuE7S=Cs(*xmPUd-KY?QxXQ-bsx4>rix0!FYsbUG5yjz)ox>Z+i?^jeh0?lZ~F0R1O
zM;>RmivB@TvY<KG8iOlt>vWC4`3Qk?o)*-$Q|jmUS7<nn1%pSc@tMQ{;Tb#(*Q(U!
z54a{qEKzM)hQ$l+z$d*+p{Gm}t`-BHzISbX@qkTI67;vJ98sy3X2;0v1PL01oRv@j
zH?6~C!W2_+J4QbvW6$;c%5uXI*&^d~Uc(1^=G#7!H0rv6HIFYZx4e7iq^4p1lJsI&
z1-b?+O64$mYT~irY*m$C9+>L=N+_1XSVJOg7F4S~2KzamZ?*3*U_bIQo!zR(efd^>
z6F-Ttw^#U~%aN_fy_ZB?gXC=?so#7A-oM$7$h%{mslkx-a=kNJ1QJpID3sTJ|M>4b
zF&xHfL4P}2KR~~itNvN`2bYH<nqBo;v<#b7tJMu!>Q}L!xZ%!t%fo_Pg&!~ni>t*J
zYU*prPx$hh2Bl7o*~gxN<D4t3o)Tbib;-}=_kkh6-ww%0|Aw`-*%=0)qW?6B2fZB|
zizP_NozMpcK0%jk*ZU@AhLsX<z(|dZe6&uw%Q%hdWA~q)8Z!nTR~xO+->xB~iWPFi
zRaG&XY&XgxWU@Pr9dUFy|8%u55+-2keRqA**8aGZz|(Anav-?8MuZFKj)8n9L9P9o
zO?h_r5zKyz#MkxkLsJ8E!~~ZwZ7-&9PV1$7L**r;TlPdyQ?UK+swp5|y-DHUibU(0
z)o%u=MmkFm!irhl+r>|~GY4!2e6c=kUX=;h7_Qzq_PX0PwF*fdgp}0R6;}&Dm7Tn@
zE4M^M@ct||Hgqsw?ut?HnGw9<qfGDKVae{o&o0t=elAuwdw9^OsrFwg#y11TJX_<-
z{m7sbSblIc<njo9BM>m48W|V&upu3bf7dsyQiAx#@Tp{eg)3@hLy&1Rft<7zl6;P(
z-u2A)o<GYZX;{%^2Q^BZ?QRf{@sh-ITy`gA??TGFjOmYja*TT^lv@Bl!H%=c`<9@7
z5hTA9ZiwQnN>McS@rgrAzk654%r+mIiAAWs>XjERs@xVsA0^jNVtpmd4LgA;C#i4x
zT}>uGDMiEMrFUuLTM-3?WSO;ym(MpkO1XgWQqK#H;wG+wGMm5Vir{i93vlc8(nF#~
zyP)K%#dRETCgkXqW_W|hECZA35qX>+!lL9vM6_^E&v2Pd4%vRkPO~=Ii<@X6(y$8W
zy1)vXT`?JE%H8D0QL~)##-->+R4pR>hEUOJ+%&(k6|X60mqpi#ADJvsH6?4;!reYO
z4vc8hZD2o@j7=`c0F$sYgSE86ot6n;?CwCna51T2^(4UIHDjCmCBV=V=p)fL_$@Dw
z*xsowG_sv>R$4L&09VkIM>zM&qo|@5Bd^1_sx>zK-4(&Hc_=dZ()dXr@poZv<m%DY
zS>!7~^|xA6ZgUrie9@E=Km9g#=CABH<oi+=?0t<%$^E3o-1^Sw_eDTM>R+iixYS;_
zRLrIZ@-FXE`Wy|-eL6;9p*46B%=nsTtJ6P_LZtZgUG0NY+F>U~^-RauRX~kY=yzEp
zf2a=j2d!F}5=Lh?QJ^I!<+chS;(XSx#)}nDuTvfs6y_oQ@ufB=F))_vk{P2HF_YkR
z-q4|vjWH!I3q$aVQJimbjzv71=46Ws7}b@esSvjjC(;fynpx5Q%PL|R0wooh82R|P
zjJ#dEpuQd=kBrYFxjNgLo6U%)E<Z3<W9AnLiUb2Qc`COFSTwwgx%G*#p9J?TjP%Un
zru?vL9to!gG7$w|JKN&dgzRLT`fSBJagR$Dj}-!rqajk(&*0NtV=~P6X}U1g-NlK4
zRKt2O{AdrRyjlfEDSFE@8Ko`uC}T!gpj*W~rn#n=ngm#-zz;`}z{*gHI@UzGyo?w-
zH2n>++`~x`x!VbfPxfvZ$-1LI>ZP12d?qBUums^|1&PM_s6Y0d($Y$j>hUR$juCzI
zB=|U&=l1r+8>PraM}@h<s;I?MR6zj~C!J<yQ%UXxTVxMA^0CPkWjl@TT`D!j@DUCr
zFHuiM3$yKwS4#GYsAn={$gpUn)LitZB~jGRFTrQ+p*<Un)KhvZh$)vM3R5zsjO&$y
zJ@wmDzKIM$Oq&;_ng)cP+b6(wG=S>;gj=Cvs};1<Bb=>hBZL!EuD?x(Fpr1{O6P8?
zcTo=5!tR1_XJF++{kgYzxkM&(ru!WfkKY>^4>bnB`Lwrj!qegBE?5@-ULsHwApkX&
z8O&M$Sz~`GlPc(j0i9?699+D+r_zpmVCe7nTz#nC;tPvF;7zF2Oef;%fcZG{?7$!0
zsdvISAo$*&lk0*&gnSsP)^s^s@n>bZ%Y=7TW#cA4Jml*auAO!%jI2O2RzvjX%O+<>
z6xd;V7~*5kt;mss{qUQ5yDk4CA&)<znsr}VC+$uZyO`;?C!XG%ztj*QwcC*J@UW$i
zgb9=Id?l!2wA9^d58-^Z6VuDh+Bk3IK;?t~hQT6nOjPiF*zb+fdBO|Qi*rKQb<+7<
zeHJb{4H}q<>e}j#BlfL|iGw2`S_DOW3SV4ID4At(Q$*A3D|<4P#qQf9US}BS+LF;i
z`<ngXz3-31pgE64;|`A7=k(zf>lEl1Sas4mRpZH#)i`!CtI-^2+1H&foVVL4Q5l|*
zNP*$$HxdSCkbU7&)b5_S+ozAAuis!`VEV%Vd_LG>#xS(Hmi;St%$0};7<s!EJSSAX
zYUsXrIkW4B1JaSmnqenKtbX&^$Pp|}sh9PhGuAi7mF4h_g5nxyX?`5N)gZe|-9Zu^
z?6EhD-RE%7`Ilm&x0~{omldG{kVfw#YHy!2Coz3rNszlC$~R{9%^*aC?0(K1!v1+q
zj_t9F>RPuG+4&!w+tY<>TyBQ6ni&|ok55~>{Xbb}m@eqOZyq?8Z&&#`T74O-vNrv{
z(Oj)ZU)_uX#Gu@!d*&zB72D@CYBhjapMj5iCe<C`h-;C0qj~PYggs^+9%;kJCPP7t
z6kvc$!rs0{2p6aO8n4df&i<ghd$(^iP`%a|Iho!I){fo>G%#yn3_>E517R=t$fnkQ
zPDxv^7CgyD#s2iJ8W_HUOs?Jxn7Z-~cPcoG%Sw+iTDsJ~gD`<WEq?5Z1cWTvAFNt*
z{LuP^ZD%v&Cb&6pzR7t#Q(Ml}V2hwlFL(Ug32AGq6HccCG)iu`84^+;hw7ys7!3L>
zj}IznZDbwOY*$p%2p$R%Z)l94uCNeR@Inp9l0v)b>D?rZ_8~2ymh^Yric^K%8X<vm
zOYD=givArS?##JQ)ZL2sput?z^dv$WUKRh__#UB=bV3BytD6fY!w1TxX{MXt`mJ{A
zkW6&~DP1`P871Fg=UYvEb6{{G>=>?>l8oV>Kg>{V{=WP2u4-UKK%+a+2B)5?NnBrn
zJ!ukNv$RT*Gl0YB=i>4p{);e@d2DR}Oa9x;kDPA<p^!AZ3B~A*1u<Zj!oKvD(sLsO
zizTOoN}|7`%X3J2P9a04RTIjs;pTZ<z)B4a<~L36n{Qc!dAZz!s6pzf7BO8J1kCZV
zzI#f4Ym<a34&~|VOTIm^5RZ){hlW3RMC9@uGFW{F$1)$IAU5%@h~S{pW<rHFAf~dL
z%VY6kvA*Do)l-ciD_hgAMu@v?vM+o^jJhXY9`}DYly15S0f4FaDpOUAgaCx3j`6UF
zYu7`v+q4gK%YL7uBpy%}C@uLDG4jfK&cHzjyQE4PhF^u(xjBoAnBk&0(J;@?MSPcl
zeHJgwtItEr3gj;t!6}y!!#0d(jZ2FAi<1)(tr;$_xe83EOZWQ5@u0Vy<bA@re_Cvp
zhLSxk$cj~)y~sX%LQGACwv6_4W<&We30!&<=`%&0RD^>mXEokU>lkaH&zSK7&-uRb
zQ4HVFgRu%tO;rKSGp9sBp2SpUcK@|~kOnr4c)3|gF82O4*1t|xG_LRL#T^}3#XZ-y
zO>BZNDKv<A3NhxqXm>8pL!|5Mq&gVmBP^9tutA=txsEkq^IV{b{8vJ*W9_qhe}I`v
zc%hGJt(IIC+PmBcZ)`(38V1CvtVETqOL9G%=)*u$Zfb1N(qS)%y-?9l2&bm-lFZUD
zTh*W&_-{hN-G@elziooyXz4W^Lny`LA?QW)E+=|N!Eva-HRP8aQ~FyNTaWE#ftfPD
zkU&zPbyJ(Tl+cZm?<~iRB@%J9hvu1;5PD!+lvrH~2{qu#vfG-U*^0G<@|LY>#^Iue
zB{ty6KHiDiYkxC^dm@<~7e}^SyhJuXvGp$~1!pNwpV7?%=dDClzLSYfN(jD>a(<?H
zv=;SyBH}5HdhNh6$6t?CQ4h%PgF~79X<t*D`&lR^6o^n?gs76Xc?~T$pznw3jdy{J
zmf#<e&ho=erGg@)XKWQ89v_rS0U;>EjtPVhpU|^v7n|azep%nCZaP*55nXApY1^hq
zZYaFMFU3xZ9md06^{$=2LR9dim|pbzt8}m?9)y3KS+zV5x}58<N9DE{<8^ow_<&1|
zSY(9HC<qL#FClJUuLWK=H22PvUl~1ASPmSz#s2DyBGtkqReU3nmBgzTfSSyTiP`eN
z21Y#KNKsX==AJhMs0i8xc|%K+M(rOYdy_vTYFs|Xm%D7Z>mu6hw?A6lFFrb#Yi$|M
zM=09F)~+>0Ad;Aa>M^@|^5m*}0*9ye)`F+9tT6?uOL$DQ(`T*($e0lE6-}9H?T;+z
zu4sd+-Kb0%HN=FU@Xz&FG3AFCi4>Z@Q7$1Wuh^>Boc@J@=Gn{9@E76vM)<2XzV2z6
zsQV8NSG?A+i#ut9F(W5l%#N-r)QU`1M6)#_x;00%4BaX*-+t?J&vIB*9F+q;>pj#!
zn_>nd4;f@Uy2?0pCREHnm*OTeltod_M0|WOkxh90y_JM}$D1OlYw>VTVcr$qUeqik
znb-NXD=jt+O{$kWKdPBgNvuQ{BPy^pc<Vxp=||I*kyFnWE8lWnKyL)6(T=*OV{oMR
z<sn69tO$68$ko1oE&TPuiIGYd5BE9rWOlo1uiG^mv$}nxe_N-4Awd^~W!L$D@p)e?
zSbGPbVq_U~H1TnBdkWfOZ_UdhY;*FvgvuwC>&57BjhAYR(LV5&ztavB#l5p0*cD;b
z0W4=Lx6alZ5VPe6D%7+XR^|mw$*4W}V6{||kkv<NCU1BmL+}2yr*M4|uF^8_;_Zt}
zd(_ys!VW>}Mo_r2AoCnlR5+C_5NYJ4O00brgDumvGmFXTa5jX=)oRA>7|_X7cP^5-
z(u@&z$#Cpzgj=P<AG+lHVvQTf@q<vIuN&90-Lt-_O;%M$dLsX}#~(B-Dr#Rt<{&Nq
z?r_pb3%4O>=5C5O&oxyZDg}+$Go0tkWH;$9$8d06yu<AouZiKL=Wa^FXz^5stKJXP
zupdN;^TQ^S%LmWP&3158Ntfh}z!9~+=4_w4LX!hGa+6mW-y69PgtZ3PW);}u>gNjl
z^Kw;^WElPM(1%&A&k9o}o$PdtK5tdFU_d&PmOv|38D(<{sGg4D2bFO<jyrp%Jh`9m
zE1UMwu)@>*X~i(~^A4xV)mDSgaP`u_`}IEc$5d3#oh(RQM-}h}deYqL?7Ni{Xnx>&
zq7&!bC?$BmO6c@hx0`cbAs>DdAiKo;LR>)&^VQScbpqqhXWa4SnS`1eVR)T23d*A-
zgRQWg8>X`lnZTWqBvcws6Crew6h+ergH>;09swJB<9CTZO4cDl27}VE8y+3TbXq3^
zD+7=MDT-?ZIdK&a7&<x1UT!9YN^OpX>hAh)LI@m^6f-Mxx(KwSq&SJ{M0~Yq7fGdj
z_G(p>uC~3$ILF^zEl{QJQ1neL!{Z-q$-q2%R!3psCl4g)OGFVDx|4!Nx3`gi*ZwmS
zB#rI$_%;_=C5(TByfp<pAxh3Kb)A16_4Nw;^&mGXd0ihOeil8nh_g8%(#nyVp58ON
z2%f}GN)>&hWO~{m_2c0T$i>zOOWzAC&5K=+(<OVv%yKhCtEvhDZDcrP1JI$-RSwb(
zA-+ny@8J>h3!+8IKXk=*=atf;&&14lp^vLDP^yGV%x#0ZGvH-QE*3YTj|q>35_3=|
zBo%)&P21@bjFj3E>$xZj@Q)SA>H3cfE)=$+31kzGotsHmp{|ZzVbA1^R9}79vSFCe
z%M^WJ4hiRgijIbt1Y|^wg=lhR;Px}Kf!aKvUq2uS%b5{22OAba?+EBpRh)j83P6lP
zU&HFxJ`0&0BDg<&&K}n_7WX6~B8G(jdBTK?E0LOxMeVVuOsCEbQBZ64S0i{ZRq^Xn
ztfckHvABmk9$R8gTpTo?$BVTd<4X;GAgKzqFKnCyNGTh4?5-(Gx>dcw!G7e}kS7>q
zP;PB$rl<iKj->H$@uBcirHGXkB?LrqZY$Hb@E3F}9P`4|Cvl!Z`IsvFwrqm^VR54N
z-w>dkI_9<qCJm$4;UnL@RN&X?sUaw_6OiP{zUhKWL_;swpiEd(VXVH+tWN{tE7S)}
zQ)aEWD3mleR|JTt5u=k%?l++vf|G!;-(Onp5YC+&^J=`zMnh1yvk8jI3qeteyjU6S
zxlOGIy=1Gb<ytdq+R=SuJohSD>6)uE%2|+<GAf1EGD}GFN}6V{D$8wg%kxUzg`Q8R
zILHTAk?S;`)ypcOvr$;?!DM;$%`sERXc_2X5n;c5HHCL23!wCyM}%dG+ueCJdqwwt
z1>i)iFaU~e_lLlHI7z^LKF|cw6jX}fNO{KyH3~ac6vB9h2x91HJorjC>rAgZtk_1O
z{A(Mz?r$tnQk$e@(=xE<o>viJQ|v+*X0nGCv)!Hg#huN(dPkVSy#%-;smYFkLp5ux
z?|ku=8&SQU2nSbYd{X6njyin`mb={$0lppBV#Zs3wQ$3a{YSNiRG5qc#Zgj8;W0h;
z7R!%|aPFyJ*h58pRY!Me<TP)3{k3}%wRT@rO;xGE1Lu4lPn&0wlNNo+Nh-)W>QR$F
zhBo=%m|kx<_Q81j28glNrZxw5ha^!3h7cPfc>sq`i1m5U2M5U7zbduVh(>1c3^Xda
z+>O!NEg+r><Y*Ojxgj%><pTp}oFuI@1G4Pc`sOE~SvQvhuvadpAxsS(hS*0GN_)DD
zhHISeRPmn8X*K8Glj>d+;zsbs?v@?Sx7@HoUAqFI)aYkvC2AZDQ0XRH=!+u0(^=<)
zs}w63Ej3+mNmo}R{OsA}hsSj#9L~PTsPWnokS(2(a2?l<0uc0F#s~~mB{^*y$<<o%
z_~I^f>iLek#Ix_FsydrpjNrsKl37VFCP(!A#vc4iAaJ_5a=lo6m`a>ZMB$zj${T>=
z2#|J-5?Hvp_uCWB@%!{ZAo{e9eUE{ORFnr!S1DM}NJ~x*0k&fd=$&$ggM-_LT?HNA
zYdppn+he+)#lnr7lifZ!3LP~Ns$pl{`K2<pYeGjLv=at*8v>5sPnjzvJ~Xy?5w}A;
zR#i79$X~I4l4OVDb^|LE)D0P_R>+!eWrKu70LQ6CPwQUjjUcR>Z6IM$KoXGGIDZ}8
zsx2trkNNHLyU{ob+g@Y%*@(a0^yaCXHD`7jpW{9h7GLBjF3H7KH=&1z#~8);a@ERR
zKXSMi*(rs?kQA`g42QKB7g;E)T;?>er+Hg%#}6yKSAF7D%~$*TQ_ko6elh!*8p6ak
z)UZUzPDkFBi_gzIsE4PZ;8tZnay|Ls1E;QtE4U>E8`iCaF_nkCLhPwz2)_(Ty7Fp;
zWK>4G{EsV(#h1~yotqb{mk*1D7v}d*v^|m6oLa{}oS|6>u<IMziFfI@S)=MW2f`KI
zz$>{EjeT{R_BRXqN&Sj_D>x@w+ylO1rEwPaK-Cq?&4`q0fr=`lnCRK#to~MCvat&5
zo&DT{6<QjZul4Hvyx%)knF$4;6?79!C&5x-V{{^7x^#L4!?Sg<3(eu-%Goc=6Zx85
zY3a?58@aCuimo+H${b`$1Q&ykil^qIOHhOI$&0S`u5}0RtqgqjJMY|tzJA@^XnDVz
zvTjwz)K<U2uS}1wC{>m#b5;c=bSBRouUJ>m$>6rMwf1hxkF$aqjU!ZUpP!3%F{=$B
znR*^L_$=IVG1{`e0L-h-mygZM{S8$}t0I$6cY9ojnPn{|*lH-hRy8g3Wl5-NYjDIY
z4Cu1wd7|N0(X>tn5!d2<1`x;GR4<o)To`}WGb65r7|z70y{XgeAs@K!PVK5sJxNd4
zYm8a9gPu1^S5Uhuu9fU$3FBLr^2uz<C0+>4H+O346;_>=8`9EN;!m~FEZKGmrtXQP
zAsgz|Po9sOx-QNWG<9MZ7Q5H(Ia3(Dq@E47DKp5<H<dV)!a#iLR9AZ19PN#ya7Z$i
ziJ0hu^!3fna4v`5E2_yF5}rK}vv0O$XBLw$jq1vHoMeICk0}pvW2oByPTeW|!<W5}
z?N*s(sbHH?>WElNJ6KdGesWh<qvX@)vS3xdD`DbhKrl|@ThkOw`qJB{T^qRi7@D=$
zf=|cfG4b4U$FdeVrT0{{^Eu{Fgqee9_0GR$W9@Ao`d!ekMbWy=-M#Nmz-h6AsCf-x
zrgbX<V8lAxUnKO2XnZXyC|>s^qSEj5PL>^_v8oH|<}n~C965?gAaNO6X3CYL(e;<!
zcP2cxeLY&YL|56~+5)Y(?Lxl6UH>DQ&k6w_p#^HhB4vR@Um*`Gyme$*o2G&mCS{xA
zCW(uBqb8LYcA&SX#ns0+O^Be$uq0|zt()zeSj;?ppssr;*c{2cw1&$J{eDdCMcx(l
zjAvLH?Dk7=-KMe?@1O}3Qo=3>+_P7>6@%~Ev%LFhJZPA>0$GE$&eZt7HIkTq*UMqX
z7pk1eC*l2GH#zt#;%~las#<=0v>r~oI#6Kg(0%JsHn5$#<jKnxI>v84qfz<l>gpqD
zqnq8qvSXYSJV}_VujujO4$9u+?E8cgzR&EfGr#Jutk3ee_!wU;E<|~&T!E+k$!dtx
z_nyZZ_?8Vs>EXu%9pD%b9$g$SU<sJXT#j4@NA1V*OW7~N9EjDjVXsp$4klMo-#a*O
zHcyBY2H+r;|EG*I4@x=><M^tztyAW#PB~`M;ckbPW{R4URI(mrIHoe9CKjj|qM7A|
zNOx(Xsil|)nW;$_3BkH%9vy-gFy57BhFN*WPecgix2W5+v-|$@{`I``9Pi9K?>x`v
zJIgZL-JWWhofI+Ml1X+-O`)9M4;jS-Td*wk)q36<!kVfW5cJ)Vvb^*iL>ZLhVkhD0
z*M>Fad#069g_6X_AKp)B2d?fSrO@$8*Hb2t5JPCkiZ^F7scS|EjY7#N>lo-Xn*{yU
zX*{pgK1!@YHtaI<aj30nbe*w*!y?=70!_|hFYM;YmwfNJ4Bc(T6|FG<*}v{V;p3w+
zqR3`W2-&iuG73Q=nRQ}yPDIG=4cC{AD)Hy`2CY&@&DSDp;9vNC2!VFm%5ukH8}G3^
zQgrfXis(~=M-tJO-vv{1;;Bt<19{l{u$5Ng_{;&3vW}q+dmO#vV|KI$>}lD_j?oUh
zRq9o1a>@#Nr57dvQFNw(a+^IX2^~m@yes^993j7RpJlOzdx3nn|28q!D?PUUDnLr0
zADi~@>q1`sPw|(YBebSeQy*2}b?}OTv)7aI%f)9yelx+{!)d*Ar3tJD9Q^R?10ReX
zTq0x`y4F~H?X{i)VzXv2W2Qu|YQw0X$BiPN^G=#?zXb=CqFt7B+%x`|99B$9$!5>m
zz#ksQmj5z{>4_UyyEZwhw8>U<I{CCIy~7c%T9`I|kL^Z(aQQYQDT>928|3aF39u`V
zS*zbz2JV06IMd&Wk8B2B85M_D&yY0O%AY|}he-?z^v-WpP$$5Lvv9NZ9$_P0MvyX$
zwEqsjZEP}`qEPeW-p9zTs#pH+YkA)ebo&6hrp<uET+Z1>`sbeXU{iFyW;XP-brMUG
z^-4b;kDL=r6i)kr_~cza@WB@uHZs-aF<6rX;?HZ<h46`}Jf8EDg(Ut1mLbt3_M)A4
ztG99w9QFvTS@TZjUX-;^^=(=@Nl?^O+yqz5&!x-ZQo6!xe!JQbOa;4RIyb$dz+Sx6
z&}x#xsks5L8{Q0wX>V^kg!Y%J;7OoF3eDuaUT-MZAt3HaXkqh)1oz%-=1z1VV95qA
z)#fm3J#!7}8v})%q(0Kd8F%0CKE(oJpA=a0sbtPk%XtBiWrh}1YUd2WuhatL(LMDW
z-58C@6M&+hpIKFbdDm6Rk->Em=Z97Fl*B~}QUe)=O;~7v#7!ckh7|H6c7if@?07Y)
zrz0_4d2O1)wAb`vc{DsFgenNgf|l08P=g0^xn*1TD8oF9I|u5?DzGiE9Y7wyjz@3{
zn`nor8v~;Y4(5*--1toX(tpX$VwqB0QjkzgWOD~;%@$in*>aPv^I1$?w21+CvB%4f
z!|AmIWJ7-^9I0P5)9|U%Gr(Te00`l?z7C1UDUgCG+YLSy8Fj)qPyAJb(&pkEV>l`#
z`yU)|aibq+^Gv!DteMK@CzwXs`m;EqyY0y;!JRCw+4nrE?W?M)z#_*R`*=}ua5O?#
zt)mW&{EKNE-t4rJN^~1{MqRfj%gg3cmJ|V&eBO~9*YYL<3L)(8O=d1!mt&uIrgOLa
zxL>~ER_H);ZJ(l7Bj-4<XDzyDDsXGNbd!Gxu=XGm^~K)j8`6c98zk<}-~@c<Ts00m
zKgALG8#1}?XrnfvdV+wP&@BX)<%aiSGAf0^=Gr-5hZr0hLx5Y?YJUny3P6<?>PExc
zjDbtG`(nSTMY2K6j=|V}`zmkI90?&f_ogtl(5u<oa74j|Ebdl<tDi=YERVT+-GxM!
zU}PsU*sU$?R$n*3<IG1Iq8M*^L{+>~{M7tho#}3)y(lroU^#e=c*UV%&Jn+%>RxOI
z|4k-zGvQ$GWu_i_sV|X0ufgr@)*m~ACYQ7@eAgAo)Zly1d}csC3~Ih;x*YHGa5_Wi
zb8ZvifS)hhuG=V=X{wjnrb3k0i*XrMl?!xQVTn16Liu5FsDz>NHGPnFn0z9_JxC2s
XUeOj01s}!yq*)$+AQ6uag<Sj_+5A)k

literal 0
HcmV?d00001

diff --git a/docs/installation/images/ec2_instance_details.png b/docs/installation/images/ec2_instance_details.png
new file mode 100644
index 0000000000000000000000000000000000000000..51e3808a24e04ee1132419b639a38c91418dd5fb
GIT binary patch
literal 187842
zcmaI618^lw^Dmritc`6uC)(JyH#Rr6wc*Ct*vZD&*tSk=>%_Kk^E~e#^?h~gR!!AR
zP0jR7cMlrBa3uvvBzQb{FfcGAX(=%kFfa%J7}%F)Sm@6lU+!LiurKT3(qh7D9^j{0
zP>Gn5&-YsH?wjI6>%UMXa0d-jd)7zLC=l=|zJLeT!NF0G#+l|DtgQzPLb)UKtS`L3
z_}tyjc`M#!b+SE7uu?cgIQtze)N8nI0$)y=%G%PNkh@cccSjPsUZ+HneWAKF^!?xN
zsyZJwybaJ7{^~s3ePBio7}sbrV0~6B{6QPSAGyD#Bo8Um%>%1QW{ly1$&5OkH6}wb
z_LaIV*E+=huUGD2D<ke9d%zU`$^V{NqZv4G3+IUV4BZj*ZWI<p$`ab{5NN6`rY)wa
zUZwx`hAjAc`76igdL(wk@8v9~<Vo;tD+t+7V(v8u=6^R(6DB)Fe~5ki4;@i42?_~T
z7Bc3_C<N@>D+kJk-iIWlw^UxGS^v9fN#Zy2@$_$9It^Cy#Pfq6B}E@c>+YMjME^4K
zAAUq)a~1!GT+q8Pa$f9|te7DM1ZX&tmPu}tL8tLlawW`fJi7Da{e^M<wc35dlUl`B
zf?hP@J8zUKZ!GdZQu#08<Vj9ZA7ZWmdJpk$zdpn82MdS*SfB>uv9%Fj5?Q{9_H75!
zncX00qj2^j9TOIoIE9kwBstGZtdu@^_WU=IPg=LI&yXD=@xqfz{j<D>#J4EVupPmE
zB8qucQ#$E2$hfwlzQDNy<kZS-_|Z^pYjT<I_X+s|kr;(meMwgN->tMQ?%d_8|D&*f
zwuZnTC?H&wYd{lGZ(lGYcu0DS>IL^E<~_Q2$T*%Fm^Xfi`XOju7CP96>HTmXE#Uji
zrE6t|?)*$?uvt{qW~=z3S8b+4m1Do0EFA<~s%1<7tb8+Bok~9X52fI25re!Yb`y9B
z!Q|7Idi?uuv%ZrmH`mvO{|aVr=Z{{STO%O@7Et^JU-VxYA5!09Ji~Vsrn%sPKqFkE
zImvwj7IN#UFy_EUn|}*|X_}9Mna;%cI3?*{YhdH6c&oV${>mn<7p!lvzKCF6vD6}q
zr2Z|C+P?yN@HILA?JhS>glI0L_kSgMNE(6h$>~4)a~z5E1K+#2n;l^N-ZICr5z_xZ
z!=^+J$#2n~;rItA0R)hJoVv9JX?`0{9FiXgySpU3ysJIQw#&&7DFE~ITzQ-2<dFl-
zMl(Nc2H~kC>p|nyYH9zWe?=O8pO7=7LExzzQgwsei5P0%s+LpZbIwX^kerkhG8xoZ
zV2j1NYECZd@6<YQJrJ~LrQ^hs0vLBTsae`ADxzDhW&A9hwEyZ`>}6!~kp31+Qa>4B
z@XjBzyI6G`3yL&(d^ICl3!xxqL!dq4j<DI?E6A&*!Og-DZz+`m4vRQxf1R0U{kZXC
zWi7Y@_}Z*z)H6P%rKL$T?O#)R_<f#*uGLQg_ar`jXdRxc)Y|qH1rdo5=cP<39@5?>
z@m&8wEN&sw?|P~Yg>lc5QUFRQsN+2+Np2r!|GgSMBsQ5`s{(By84Ll@JA;mVbquA<
zC?cE_;tG<-haK>$l*PowYXk`a>?Y5J$S2<V$9CJ;k+vhZRIAs<2WZ>?tVr?f_k^6B
z*ucOq7+6?;N=je{2F|8C3m^%3T!btwX-7v#mG$*wA|l|`)YW-hPM4<fC)`Vvfb^qT
zuJatDR<w*D4orqc1$y^JgEk+tkP3Udp$^90S~>R^Nn+LFn5?N%RmSgGWlG=oM2mnm
zPW+WsO<LXzg=Tyl(R92+75hmqXOnp*>uy`O&qjpNJh-X0^h2Yd^R<>bQCHUneEyC`
zKi%x1+|@Bl=SEi;S0Y&@l|K`fjx{_@;(SAVi@^t3mv|^+)ZkuyPp*|2J1Zwe{0{@Z
zzg1jlzPpe#%*sfGODL)W4^PHyEN*xb?&F+Cyb$K`-rSRBiF6k}bb(KHI4u*Sqb~Tz
zAb_%~^(0Si<$wY&mS>X*Xhq4ku4AQh)=$D)DkD>46sqODaH8Gr%bd>ip%;vxUkK;8
z=sRQnzi;ntLhfFOu)LR7tEg(y><n96dUE)YuV3UM)f=q$fj`oa{Ttl`<2%}WTQhF%
zWARQwy4z!DmC@bq#r8s8myn%0-OLOtUc+Ws7%Ybmc`Wz3Gf%07p5n~ROc))f@G6J!
zy57(l<k0@cK6cv}K;6TG>&2{=pX<%IP<mx3*)~o0v6hidYIww`yBkdO3oRqF0*cvi
zB%qliP#WM9&<+`y{Y6yMEixXmB8iA~7xNSy?mqnMJ>}LzcN`A+RMihDeNBJS4LQrB
z{<m5JNFp-PF-yW|uhd=@Rn;J-0$FUBWNU)VCy8~jQ89fQc!h4p85R3#TJQqy>~5rD
z`sPgSP7W{)@CsUH%Fu3{M2FTvtwGHRMg2823;4)cqHiVl^IZr=X%5-TME$D9a_wfz
z&E~SQdylx?*5J2L7v{Xsv!VTUNG<%M0T+Y9X}{QW0CYa7A|SL>l@G6%g2HaS3+Sq>
zxKQWICfeQ2dI?}8ZbkM7tF)xB0_*5CXu6I9KB2X#U)7{5)|YP8$$UHIC*}Ch!tu*k
zo%HR?z$#F5d1o}P@5j$~vuzq{>|eF*kapyAZ!%z;B_;~;3$^jdHe-sSMdZduGW|1L
zit@k;J&AEyS$Sn(A<s!6B{exME%;H|^6?j1rCl;MesJj#S}Q-3mAa#o?8+E^T2i94
zW$t16VU5PDp!$9>isBNUx2mDR8%Zuk?s?t)NL{L;c6K={I+c^Hh6=Vx&0n+WiBy)v
zI*n#d+rY*#e0nWJCbit2-25y+nDM>%ZU}fHuG~UWkQK~R#!WZ?NP2AqDJjNEgP6Id
zqDHBO?oY}Z<ntl4342c&ccwC1s89{SMPRZg$^mH3qnViNj(VQ1RSic-sfbDuwnI(!
zt7==-SGb(5V6L~iIv?6~cX3yhYZo=zsQ?zjZU63t^b|V}>B3}VU{fzu;=82xnCo2F
zfij0qB>FXMC2gyOY*&X@l2X&K;R3}C<tT1;(6Afp+87D694E{cS9o~usMo)B-fywO
zH-<M2Ll)(4HWUr$eDO4|7SqS+mjwe{TQufFo+33G#n_4Zf`oQMSP!tcp<-)D%LvN&
zSgM4DkLfp6M<lEQSoQ|u4C*!njN+|_z8_4n^}ciV1krHn>!<T*M#ztKKQjHTF<V%4
z95NH^TVi6I?%*OwdaA+MyhHZzT8q6L4JI}=-!%ABL<9XTB>vI4SiRZvvg)d5t_pP3
z^-3@emqvP#0?wx>S8`HFhkG>lQq{aYm~qu)nXmLaDYQQrG3pWcz4<9QgT-;q!E}(4
zq_~1}f4zB1tEl9!c9E^Xpgun)=XgfAUm>BA_B@O;_IfyVwil5i{}rrVIzQTXGjS;?
z8MqF@jMnqg5h*F4glmqGrptk^$MMs_<s-Sf$wG+{4ZT%)!HGY2wi-pzey+}kb@gQt
zK69&g8sxcwOJEB2f+U<&^4c=%@Wkk@kEr&{6bC&%_p(-^Q^VJk5v5txxB^oa7U|$+
z{7*9{-tR$6izjSHZ|l`(6oCzZD3FG0v^CK!z4@jt?CKf~xj^(N8~8Q-7*gsL!!n*p
zm`rqradauvMzRDjbwL;4=iUQrM_HYe+sN_5jH6JbmRW#~EBeN&P@GX`ei^nz8p&uG
zg4++Bs7}^NEV%vn&+$|Tuh;EiKsLWO&+YLtLWdXa?WPq`in1$uxKT&h(gx4V4&*w|
z%?_>yozvLQwuvP~PDEzzO=@N<UTv@FD8eej2tZ-~6MJiH+WMd=H?`8i9Z4XAtuQ#I
zmh#={M*godwi5-fJPQC!va2^ut87N<!Rp8Y&cTpqCsfYik8mSqfZnAXs!Ky*7y^Vx
zJk|vV#Z2Lv<>#sTc@TQt+vsQ-vtumt*I%Q>3MOCSTd?b2*@i7gTXk2g<)W!MKSgmv
zF+M^|w%q|nru_zTG-Gp#z#%zSNJY>dB_-v6drC9ysPffO>e64z_lpU0F6Y%0$J?T+
zouHG>kPpt|VjPVdd<-*65?*q+KDu<1qsttV`EQ$jJzc(-#da_7@6M8J?d<PEVPUe!
zmR+xjU;^CS+`+C1@u`}jFB{sieZOM2E(6X|1?vg_kS8#|Ra!Vc-dfuD-Px&Ggywy;
zTg<Ua&a>h>elJGExW@^7Xe1nr*Ryu`KuWlJEj#0K+J%iF;E%}PodR!v+vzBwnGh2Z
zQAudvKEc;sS4APt2%Uh~2lWx=T%~%pN04*57y|U0?cw29CCEux(pJgKqJR6GP*YNl
zxIk~VR>V2Sr~V8}{1Vk+i>r{s6LF9drFy66vY?o_N9Z#I+AvpfI=jVCP-HLS)Wera
zGpMMpX7+0_>)I$W85y;YWl1PD9BoKo@pNKb)N>~sjKS?jOh)UbpvK2eNewX~uj(&w
z%vVZP4Mz3v!15=YRcz4U@IoXA753#Jrwjl(uO1}bYzTasKD)gswrQLKtS%^pemS=|
zsoI{~OCeti6~HKWdb@|mAen`3g(!Mn&YRZmT!Y062I9y@l3l*BQIWy;EfcX#T@>9*
zN*ish)cry|<UKS@2>`@SyZb0K28!%V^s31e4Gf<vY0uSSB&9QTx-pm1JADhp6|2og
zvytKFgB*)X-steoSG*87T$P+|0yvKPVq{9D9UVy_p6tOQ7KW|wP`vbRsk-BvbTevU
zyBBqnZ!H8A44!_K4;V3CP_Px<4Ot)L+7}Nlh)QFC5`3eOh})y{3E&BGS;y);k;~%D
zR+Pyov$rokw}F|7tsb*H=Rj>?6AN{Tciw}m5+>Y@T)S>X35XZcZ=$TzRM1(NjX5`5
zTQAI9W;7R|{YeH$<Z09~E3B8aV5D@4stD3`Ux(D7D)T11eXR`sb3(F6)8&nU7lBAA
zvDota3n-J#;C@0?pYOzGA)|{|xNlGNRo=S2ow>wPh72^roTr1Z#S~*(x+mDg*|)6I
z74^pH3)MH;7q`ek)OO&DWP#<2`=Nf5yXB;NP)P3|b=h36^Z*3Q#x8*D6^_Rsj=lw-
zt+AU_&g64kGaATei^m~~84YhTdWd)C>NKH*RzKL@w-D$JN2hjpeN^V-D#Ysu)eE0g
z_&{hA&<t3mX6o<se@B36s_YMrp~Z21Tjz2(?s|MU(!=2{fuF8%yd#p-)g}0opP!|e
zZMZ;6MHR}fNj!mEdM*R|=Qq5=K;YivP}ijK$tbmQ+V5Yu?p56*A1?rfGwlHIteH7a
zIdNel>e~x{TspeZxU96${ztW4Y^-vCM0~nNa4iwUbhKdo0F;!X%BliTNLcwysOERA
z9}bHRV(Wap#+{6qxw-(4+i~pn+jHI@W@Ow_N0~UZxYYER_OD5Y94=f|Wx)7#j&aLh
zb5V^nH1ry?FZr^rl-Ev)O8o<znq9%ckj0E9CMIThtMRj9*<X4au|17+WW1kKTCz@i
zo#eV)X|VvALFHBHVV?pro|)GGMF>8q52gK_bNO1kCrSg)vfawv>^R{{Gd9+fi>hI`
z+l^OXu3<cSn!#-GOk-MHOd3)PssWJQ8MpNh4FO%=<qP!pudgj@G?~CvRI`{y5xHFM
z2N(f}44#~s;20N|Jin*LvycwOy)5OV5A(zaRgDS6v?-WPn9WS(A87-UNx=}W`CHYL
zWxS5T7UAyUf^^A;FUGePv8TLX5h47XUnA0Nua>A$wb+aZo8<_bD{)EiT}l&d<6Gz8
zWxM>|rgCmC09^hLC*=@s)S4GPZsmUy$W0rTv2h<%bZv$aASOv5&Uw~T=J}{0W;ta4
zmbdX+dTzVsv$>tx{n$doiH`DQZH-`2!gh3Q2*SczXdylk%uNP|U=~t-ard9dA9K*E
z%wISguRv@fCo`EEkG>$d_9?wFbs5Nqt!2!T3q~D|Z1;e<0uOXoKo4-VBbYPizd?Xs
zI*U0gw#UOc6JDNj5=kTf9YR(?9zUi_D7NDr){mZ*w0lRVcSaEI2pNit<91S^bMR$^
zBW+P}-Fm29m=f};jRF`V0{X|CS49){JX%?!1bivhQ(i|C*K&NkK#P5HUl^6ul+!MG
zNdn6b(2YBxAmiafRmB#JB&Sx~nc9Bia=GQYuk=SCU!^3W`f#e)a6|dvYrzDC%J%>-
z?1$ha9b&fs{<0s~0}&4_`)Bp6DsF}w<)`c{b$x{U;%gWV8r~J2@k1dCJ`oT#yR%sF
zB$Wthe^G!S2it?<HSUMq_+}h;ri&sPinz_LZ+N#5ej`%G%SJvDg449i|9X&9Tx0$;
zi?i0m=_RinHk9Lu_pl*=Q0PgC<8p`A-sIM1m6E?yXN{h%%Y)rw$$xoya$y2WN3Oo^
zK(28;AhKDmMm-VK3aB{)DXm#EZ)mq6T`+p%x-)p7>A2bS@;m<`W$fU5e}9BOU8_U>
zg?v7g{LS8EWS&314AOF|en7Ls4*#BzCrVLpJ+S!V1t0!;bvwe-eH%2sT60r3Id`k)
zaZvb+rM(_@`s%KU(*Fmb>(%LfE4=?w5TlWDw#57rkSZ*=7b0k71N=!*Vp~5B7?{(!
z=w)0)61LNk&MzVrV8SX*^ThGo!&s|#K($L1MCRPAXvLpshkn9s!QnTet8BHR2#w8&
zrj)fCI+MjR+3!~#R%OM`*=i9aV!Oy>&Nb9dbv4#|%0Vo?@@R?r@T!;{i2byuP9x6+
ziY~wo_PB$pe6LkTz&axWd%)HRHLaB|M*>y%UEmU<+BOhlqIlZ_yPBo$`w=U}pefKr
zzl29hMWSCO@T9?`;<VsjY=%UAF^RE_kBYQdkcR0mXzK=>75x#`)sJG)w%<4&70F}w
z9fpw+aRvqt(E$#z4yjC^=cPASXSYypw{RGaj~2jl^4rA4*;u0*I#BUXkiCq(MA5ku
z&9%z#7{cBFH6>y%9MBwEf|&?<dOFe65=M1POk0f?vA;XOG!Cvfav0~+3ov%!kU*&5
zbXvE(s*E?>Nbyy^a~_Gr60RcYeCJ>v%2EcS1&Al6sEkIAK1+Km=~6&Y{@Ia|wm1K?
zB=9?$l~pBO0B_<#p5_WZ9{0$cdXtTjd8}J%F#Ldl#>m-#_Z<!G^x`)IK74cvHuN`n
zX%9KpLHANgeV!&Eqg5P|pY83Bi^QZ1Jd}yP*OlxL9{O<%FbxVmy6nHNy|!B1-9g0E
zZrgb<_CpBv7Xw|2exY5HuWTz~1v{0Ci`%EmZyv`V9RX*&0)3yxW{vxWu+7FR2a(S+
z`nL-lqV`UNYu@Po>%T7!JG+hqJk`X!jduMJ8ae%IwE4<$d4b1|-9!B(i3T%B_#8qV
zu5)mm*bJJv_jTAe2a^XQ0+X(aLM}FBWs(!U_r8*jB4)q8o^D3|#b4Y>Dkkop4{9|z
ztbST*{(!u<)e5m5`Z~aNVLMm~@^%CU<7ze<!Nd^q2K34N(D!+#Y`>eJ%H(&2j2-Vp
z43gXkLI2<i`VJ6?I<eCatviSTwX_u*U7y)+@0KQbTr|L3rqDXqxNgFo8g#)&T1*b`
zw#DvDRen$9G^Zf)|9*CGXvg=s736Ujw9e)J46E;Lh<fgIY3bAG&q-v!jytj)A68Y&
z=$W!T&bitD8Rlj7d31;(<i+B3Kks**<i}<n=FDv$cCt}aY|a^L|C;IrBy4`$$9H(U
zJxcX^yG!NvrF&N2%`3aWVbHIIME~_Yuek_&f1?(Ib1XIZb<9|o%>;a3-ygSj)xB@d
zGm_bVfeVBFNm@Qe;~I_F!T&WNi^T*Qi%IwJm3o}`d>|4Vlx|(QjjWgpGRtDJ`wZkx
zbV{M@-F7Xy|3t990K-qiPHCSTaflOmrTD$a+;*0Vivuk=BWdvY>Vrt!laM@7pWx*6
zpVP06VWSlFy*x)EubPdBkL^YEt=e11o`AAVLf13%iP&|KXo49k`l+5QgYC?h71Spx
z)Q{|6ls<1p@r$ZNQL=u_@~~vUO)kv3ZPXtX>Khe1bN%CZ?8YFe+GOQ?B<LTGxa?tw
z>djDti~!%P?#>k0s7@vb5zi~>ruek{IrY{(@mkGJL@`@lye}oI)e2O?D@w7vswa+X
z2tyg%>w}*@?;_DUp(Cm#OR%_mmPwYh|Bfy`UL)Z_<d~8%4KuvC>Az9xWNfw@GS`W!
zGghj_*oOua87ZkQSyCoNJOBXk2hL$!5zQ}gY9pU<Vu(>-YS})`a8#v+zP313NUH(v
zk8vSD$sYN46kUEBJ~yHl7zLu0XzUyh*z(2m!Dau<fuYIGfY(QkL%tJFN{XS&<&8Hw
zP%Uv)*Dc<Lb|dDHB0+C)4q@+Aeg<=m2~#b+%=BML>@m#}$iwI)%`Q)vuS5c&`M(+s
zC#I|@#KfWah<fehU#CsFJG}0!D5bp}9@gDug*FWJXaIS0S*wgp0LfUU6r*Xz2hjNU
z3!|HuEH0N*9D%n-SH7!ft5aStc*%#0-chqElatCxhtqyIpNif6bz5(T`!PR;b|<bC
zssqE@2KSxemO9OkcVP3uh^q|Oy-5#d2eZ?*%qwWjvBG0tqP_l|c_MQufYvPJ2Rc!t
zu*rKMoXMc!#4fMn<Efy-?G{seaj;2Wa)*MqfBma``{NG$DZc|OFK1QXbA$EONXDeG
z$}hD3p+T~ZeElzVXs0*QsJi6~tM!)X`o4GH{Q|hFHttDnSL#tc;ewM>&?NP-Ho1^Y
zBw}4^`SXW#V`2uL4!L){)@oenu78tFw|@^rYg}$NT4)#s()530vmeYnfhHvrK-QRS
zhN~+=ln^^%hPMlP*^ND0YjGxQ(X0P~S|pd&OH8}~^napyiunu}qw92Dn!TIz`VMB1
z(9IHxVIGl`wKu**uzeM7jppuYfQ{mP=~YC9%xU+C3Md8Kkg;~x(lXt-<IjQ%LJi`O
zli^}>a}cGl2#5u$K6tBGDVrUQ?xy)(Neq%Sw?=xp<C^fdpUkcg^Wc0T2XA+8Vp))d
zS&NA}VgaDpV7COG>0X>0y9O!32|;aYs=4`&PR(Sf@}3WPj&bC0EClT6&@=ZBH$M)x
zJt8kuRha6qL8yE454-N4^AxiII!_~&I8Xj0@9}J;r4U7rx0iS^$1R%ZBciegdXT?t
z&4-GuFed?PPf|_!pQa!hbIARYIxh%UMFlIm6S0vUjowDUU{G~i)G?Sml~@0u;HF`3
zNGWZ~uG?1pR@4D;5#zG$B^&s@J+jIZ?HF&MAZO+J&wgGGbLKUSJ&ySB=2~#ik;yQ4
z8UWz+?$-~@c$`tcrxCDh>R)@g$+2=1y#;ORJ7a08T$Nw;AzmJ~r{dA+JOrXm+624J
zzCR7y3KFfx<n%jY&gF1-!pK_aMngSRb%)nkrGbj8A3)T~Q=Jf%-VT`e=POYu=NVyc
zw93OYZ*0l-0=cb8Sp&dXXfkptxwF|94~ngrs3@1t_SGhPY{zXEC%==*#>K{52qK*h
z<?tT7HE%700*P;uM`p9td);uE0*w$Cc55+jk_y|i^7f#2N(6@k1o|4Yhp+8^lPc{U
zwtxwujo|GL`l(iNXH$(2+zUIwvXw)Wdm_G=Ae~JiPd}I_Z81;o{b68vM(oa5jcuxa
zRwNe78S`Dyi^FD??A61-18A$o`OyYQ-Tbg0;&HpTw^ZxQo6O&UlV6!0UTok25xda{
z2^7?i&8Lnvep+{qCtk;6xtohuf_`ciirBKQ>KNo@%p{U~32Ps&&F(KdD?Vt{xOSq(
z(wilwg<~nxvo4mTD#%|9!)<oHV#g>HFSq8#1Qm@bUpswUDa5AnR0io5eU-2=Cauis
zxmN10hcn4KUZ<{tScv@a9M9&*S1ndZs!^Va9?Q6SBy9RjP&N8&1AqHEo_{$xm38BQ
zL4I*3bdL2tI>vk0!F%bg?S=h<^c2Trave+#BWY~P?4%Koqax|CE3Nc30Q&SM)$7tD
z%-`RiD1jG5wj-kKNEBUu={KW^S+@3a8+`ZKRQ(n&{H&7FeP@LK5(~<U!ew4HHvirF
z!V2XF(xW)piE<tJ*2*=KZ^L%$eT3I;&GaQd*=VuYg|UMGP)PisLlZ0OCP<fN<|#~B
zMXy43!4^N{=<QCJ?;`akZcL%c$qap-0n!^o%r(6x_%yW#JDPK3hHeIhPqU(g^et-O
z5uz(1ar-lte}SdJSc<+0<se#&rN!T=IfnXN6ab6Te2;|T*q|hOT4mdA-KS&c##<fm
zE167Y{wCb*{q%kCz_w^lM4aPni^K)#w)YPhhz0%xhF<gDcL8NpXXwa?Ks+$XDbs`>
zVePlW-Pf$=zkZ-HA)&F4wO>NAq*^;HFCG3c#r`^Uye=c7a6V*$K4^3pmxtrEY^K>^
zhCJ~GVkgR2(8;>x<Ez^To1oR=ZuMp?a*6KQ(n8+pzH;WeiFMZWTr`M7!H*SQ6o>#>
zOl~g)5PIy5{JPu%0ZfMS61d!rkt>NcgAS{i`xpG>`0U^jFXS#GG3EFvN($Q{4IY+$
zh*387)q8KKx^hMPt_lpQBCkbL>+6SzQcrFlP9&w)9+KKDyQ94{b`}qIGj!_#7q*s0
z6l+X(?=&0FRbOwG+z^lS!a0m=QHo4WkLrkb63ad;lLE9{7rFYW%#3br%jZ+m6Fl6G
zT;%ktWy04iD-7QF&OHxlPx(AB+627_od@-TzP%{!TvmQ-w%;b>yIXkSs<ns7_S$D@
zzaJqY*k~a_9?J<@+|UYg{^0)gK-7iX63>W=iLaJ%Daif4b^Z4V3HmW`I8rLWCw=cn
zLkIh3((%UWMZS*N@ihrY(2tKw4kwm0s4ZVL7Pa}TvM|+aj|LH+1q;Ehg^+Wi9lpg9
zs@ZK{WGsUNhecXEmCqX0uFZ^y>0}+V)bY4oY;iqBIoUc`4@ARKq0uok@~r#%nE{4|
zYeyiUdFcgTLgd(U9Lc)Pa&(6d^g#ByPeJzl9na?|x5YkjV`dDQmB&Kdq`T>@?2*!5
zj)i;S{wH<Fq;qcCN7;;42Fi0W@~RTaIVZb1rl8Zk)5WDjk;2foAi7O<kqi1-8>f&V
z@Q0hf^Kk)jLd8%kj{BIiu8A&}0;y>1Upd(utQ5%KxtDNJe9LS|N9OmGoQko&v?B3-
ztDSH`P7z3L5~z|+Q7L(~)>?%ZJkDYhV`AaMv^2KRh`ZtOdZ=1Q=H?f>uP-H}M6u7w
z){6ZLsMyfg&(bD?n%D;JEGC(e8YqB(cG7@OjyaPFC#Pe-3xd4--J2Jomg1#yFI=?z
z)jpgX5x$|;uzqi8**A#0tcomdsZHz5$hL{1`e3<|F0<%lY&bh9)kK}pA<*dYCWQMU
zIlwXz`{Joe_eqo;ITG2kiwr<eus(IItUNu8?*t*B+k~1^;qk?+RC+=a1{#!*%olQp
z&uOwu?i^RfGzG-&`1v=3({MocA)l@Y3aw2yh;u_PXgoup`?MzuwRj;sl76s#HM_qx
znm3EdpzYywaN&*^^o~zW{*4MtdCmWA2=Jv3l;YX5ptnm|(u!`;61buHI>&0W^4)vP
z+wG#iHC6)@Y7I@UGBVVx^<Z>X6ungAOYL^P6v#=O_Ddn{yT@h2L-k!>(^Ok4fA5?h
zc^}!7^UPn5hlJ>*+HKpYQ-e^!kYeNEM9CW06R$NkZ=64DFNPy*<u%TWcBd;12pJ0<
zK{`}-!ZI!lOgVKp7gg(lXS|IjLkmb&f=&75Wk7@d&46!K&y9a|YHU}reCnUY<?wRF
zC>Uz<c&-y3o6LgDRP~$fNd6=W6`1auoZc>{a+^S#|1h7(47k#`m9SC63yp4ruR9p;
z8>3BdT%WUSejY^~mKhl+xmq;ZS=tCw3EXh*_ZUm(C0>ld4Xk*C6%%uOK@zcqGjF+h
z|M%U;?z913=c2lkSP8t9Y(FRrw<%bKo&3G%_bKl%<s57B!UvS7JrZTfi8<|t1Po?8
zLqTh<K_57CkAjOAulTTayt{O{4-VHKlH}mRA5aEUib2gsbOV&xTa$3BiTYn`_c6a>
zn)B00nBjp!vTP9QqP1W)xriY^HJw)6r73)vK#$&3S>4(<m;-tON4P)0Sb+0S(=1<U
zwpzgQAg{q=uehXfM8vn#MhUg8Dx;QRkD9`Z4iQX+)#GPx{=H}yP84BBW_^`qsClvp
z9*{<1)lg`hbye*Q%IC?h`I66HxT?2BqQ9cVygD`Jm2NUY<4<XWtdITbcgaiYH0eCq
zTDy^m67mvm5;z<oLiE!}pl9;pYM5~EYS^rEh&+GE+a~q_?CpjE@M;Tx$N6{qx;M9o
z))JHGS6-oicYMfL0Zno%aR{Hvh^(D<v#fqIVhX>n4%@5mW9$?e1Jm4FL^~w*Qhc*V
zaD!FI<qzl<7OxH(%<jQIN$Es{_(3=ga`ow(+HdPTGPqO_L(Pz44R#^wwqz)T`N2V}
zD#8|-bVEbxxgS$NHLPO5H4TMsm*r~4ki2I+?^RC~_V{yYWZ9p(1V_A?ri`-KG83Q7
zbnFnE?;lb1?6>$_INy@a5`UH=D5Byo<JtC-&-sk1*Uy^QTwU3)S$HKn2hfq3EO$=a
zH#4ybU}kw6I&^JFNz1GH50$u;+g|i9eYquA!d@T!9gkAA5WT~ZMoKTVnB6h`w-q-2
z)D0VZw!n4-pnkIOcaNtmXBf8r5oCXvvH1$!^>$|Oo8xbTxj!tQvG1?43NNXdq5fmz
z_2IFPSeulUPQ~{fyvx2cS$VHoo$+#Y^X;p@)doR4AGF;AUoVdqLvm!!<0Is!V;NKu
zC70zp5|4d=$@<71C=0#vej!Yn^~w_HwW-sVCDai$JX;j@V*3KUPwsZd1*h_7%1q(F
zN2^PvmLe%s6V}Qri$S*Z3fhsHy!)q4{%Gc)=b0WE=ybN5TY|ID&w+m?K#E@m^5Xf?
z!Y7PAgB;|dOGagaA*LHuDUhu<Ft#;I_!Dgse4Y&OT&nfl0T`5}Uk;I@kWdzy+oag+
zPOGFWYRr<&<e0j97<0pAwIXp6p|}x8J*W92Q!l6fSQ5utjIWlunEhmj?Y>C+Q5*>+
zsHwN2MC4~^%D=Y_(||l4_lr331lvQ!cr6x(bMs|~8ye`d);#p0%YzHpVK<PmoJ-ju
z)1opz(~X_Ox{@z7@PP=A8e@yg*v^~!;c28an<yqGLHdn_AV|h9vc=agW^vFT!UEe;
z_{p0ss_c>9NwwEU<;H-LfmrSx9t-ImS0eEP8p`so2MkZ5Z!LZFXXN*3YeDry%<8qV
z@aioZ7Gw{dwI*pAtPPma1jqo;#}jY|o^%^&SG8jlcPS5BGi<v-G5b)5nY;#BQEuVt
zIJ5HtnfDI1l7GvKGtP|cVsj`~+}HM7YqM+CrPf2ID?ye{G)6PYYZitcNWnL)&ONQe
z+;GnCRH$M_Kvo-BldPfu*IG>mY)(WB8m3N?xwsS?Q1lCwxr5dYP)sUroP`YWo{uI4
ztUBhW18)HY3yeL!RQ2Q&8O~|1O2zhOKc`zS?E83Bs7^WskZe_Lb*5KEQ%&<_M;Kz{
zD~4l^mDX}jP-Ubtb<pqD64&s#zLH3t-x#i95~hPfwOmDEu5movX<x}NZwU^_+$Z><
z24CVE2HUt&|0Wd2a9@)F{*KvFe^Hec5DekNCS&Pjh`R7uNa8}}wjZlVq3zNZ89SMZ
zt>qbRC|*_l;u+%%_xi(>4FOdf|JnB<^Axi%=FA9IPpc)qlwJRFG%9Ksv6O{nv&i19
z%T%W(dQ@Dy{<gMrfQ(7Px8c>?y9;?()=%CO0d7?GKR+royS#!JW6d<`u&j0XhPZ$K
z=JOk@b&)?(pPD)qJvZX2xi6CJFF#~ao>!tXwsdk*4n)+%xTy!~>t1vU;hlqDxS1UM
zXgGD}HbH~-L1v$M=b7YSTj!c&K(zBGh6{%V$Np_1uIcOqTU|x}mgMvc?hr{&8?UO+
zsO~asPuc-BBc(PT<bl1YDWZ&=<#ZZqL~sD=qqEjSP0RGGFWEL$iU=bUl%1F%JpVm5
z#(=<WD_&`kurHeEXqd%|*9Z<95tAp&<`Efq2^o0_=bz%{_kC7vw}xh}0C$cDqfrDn
z1}4_cQ*)|2cZ5vSgJAd|Cv>KRWQ>;gFxvFsy`PEAY)-#JN(56iJnHi`@Q<G=F9_K*
zT4wGhUMIN!*mTaRQiLw!pyHzas7Qj1Y(pqA74i(q4PM4V#rDK4oa4OAZ(w8Nqf8B(
z3XX{CLkj=IqCj#M&;qw3s+qr=Yy1gwpb%>kUhP*8i&Yo?E{0S4otw7k+aJ#dZB!~C
zr(ah+kMnb(zFlDJYAxg&0fcLOUu)*%ea)x4^v}0B*31m6%$#d>Sz0I#qvZJ%+Ke#*
zc7mqp$<n6s37=`|PIYKiqI*P$g8cpN&|2J%qN=<0g55*IQBa~}VSpGxar0-d7X#g$
ze~ulnvM3(IU(#9~Eg!(bvL{Y@#|k-!?Qjs@uf*g;fs$mXwsl7mU}<>Es+$e&u4jo#
z3I}a+`U$h7th93pB&CBUW2ih)prLf)4}pyB!@#ke{L*!As<V${OY0<sXCr#!J#-Ir
z?ia7kGN&qwX;)K|!IFR+42mJzA)B!njZ9m|Xkkix=Fvl@WjSTCh(LrpUdh`^9d-eH
z2AJN9zG>?V#FCUnqj;qM2d{~YBgU*bO5OlMiDH2z0`X^pmCdomRa~C)NUQ}=E#4Kp
z=gwh}_?u>X+K99Wr-j=S-YB#U{q*hW=o&PM@+|FQGTS(_*_y9Zp^hC32>fFhBRqml
zflemuDcaoT+d?5GreWH|#Ja9CCljt^|8Ww&o&^g8zZx4wX;dW{4QKM!b$4B<oBA;+
zQE#$!k+q3KPlRx?<=q|9i-E-kB8w$?80&Ol9rSyOjGAjYmxo|eJ%sJ}xC7}ONc0Im
zlD;Q@D{TL??A?glhFjPtLI#YDa<@>qWJ!j8D#AqW6Y7I1D<LIC4kikm3Cnn3Jkk>&
z^$SMPCt<)Kg_7CggwOFlo(5YhOu*W6n5d9xOJZZFbOBP$?e4rVy(JkoecW~?r>IvK
zcKeLMl)qhJ!)n@XhA6eyEUF(@mOl9K7QY`DDgzOS7SZC1m!4F`%YucFv*T(ch<c^k
z**LRtfVgMWwdSx9(^$^|P+8?>)dEK<FSjhj*D7ksNX-l^Iqi}Kf0vk;dK`~+4xoeG
zCFa{UqJtrx0GaKV%GGFV9x0!YOWQPv2Y}Orcg8=EQv`!XGq<-(qH@vzF^FYoXx3=a
zzX0}n-6JTm`6L(SI3}GOa@K4b=8Y3i)1*M6a#b6*X|_^({);U>*e~;Kr|rsKewCDy
zOlARaHAv%jvDvnyXmnbs65H$R6Xl)yB52nQ=ss^y=K3OU^49h3>;$)(49QrG+Pb&(
zHp|yDT*O$BA)5zEogY|0?DG%S)ld$%ANB2*xeQpcZ|wFPnU|41HAx||2R@%l`MBV{
z`UlRL@c|QDTgkY}K|#hWFOt8vx7hXmjmgaKuH2xdSnv7nO=NLhpZC8I#K{ssV7=w6
z11+2D@f=|4YN>VgzV4IQKloyHZGDAozHo$3HUAgZ_@AzKL2vhMqP?__tM@7{uMtQ0
zkCA6Ly%k$6L!C0Ef@Vw_NNN$jeo@$d{(gS+v@wbV(;b0nY1VUro3R^#Vsx5@H%~9O
zNl*QhD1irO;6taKfDqV-yA)Zx6a`wi*k`pZ{(o;5T>fu=r>cs_|4g7jqiz51$^YMW
zIEMaz5&frv2mEJ&|9_h-1pD8G{~a2F{r@1=AD8oUGIrNM8l{^!m>Dg6_d`Q0P=GiP
zWq&hNj11-W85T<P6&MzbvTQBVtvE%z1qce;JfK9uh?9CB{bUTI?{Qt9=cG7|1^Th>
z3;0U<e0x0iSdLSuC#N&wT_bT%^F&$%RHy6&65|CmEiT7XI7-yoB;Jnp1D1iqYRjvd
zv`s8g6xGCjsg`5#65BaaoVYLuhItJRJis11Fp1*_52P(j?l#Sjg>DuIUrv(#4TKk?
zQ@D!pYen+zL3pk}@1!sz4*c}Z;Lr=v*^{Y8WDNLs*6`*mHwJb5ca#qjmaPG+x%@@k
z8eaZaSx7#GF)Uu9Vu+0O7(t5jWgf1->X~-L9|Xo+a+(-V)@HhE6#0%&Io&x24UP;3
z(oQ+q_W3G`&RxzKRj@d;W$6P9*MVX3#UQ`V--3H39&F#Gr{hpjrjHs92?gG@;dHcF
zbH2tWR_)lm<J3tYZ*I*wcIXc1r1ib>X^r4(^_|KR=ebTy2r9yg&r@hYK);tp)#2ml
zlD>PvR!lIUB$e)hGL?D0eeLz(t(q8~_n~~LQ#<u9*fl!An-EI%XU$JWzWz?pIF>Na
zKCl}T>u;U+Gxnb2+l5&fS6u1t<E$1UQGh@G*Rqph=HTwUWn<NY9b)u)oDl}4T7Y-z
zTbhgl#-#Bz{Oh-=7zWgwatdw(@s(LrW1xj&m`~85>ovv0jc?J8P-R5ZY!U{&+a&_o
zM~OpR=)Lqxy*`D1z~^~2UbLUNElA0cxFgxTy*U#p;T>AeDao~82-`3$_*0Ri3N@>_
zi1jG`%3Oy>{v8Az6+;5{r!T}uMshY0^_L<E*;byvw&GbZc-=aT(9*V{gNWiuJ!-KA
zShsznYSqGYn@vddutqRMeFM!?&IE^ZgJ%M)@Q|d2_M`F)4u?Mu3d?xaW!>yu=HHc{
ze+m8W)1q*#<2q17vp0o(=@^Fdj$fEr#+z90g_jkLWT3wC%bAHz6KbXi-|18@Ae18+
zKKQa&*wpt}337>%^)uTbcgv9DtcyKnRWE>9`)(nkZZGs$QT{j}9iulQzV(5=dE092
zjltqb7vhB$?!E|!#?w4nvjy^f9j6wahxhB|K~9%hQVSw>unQ7K$e1(|MFMwQ<}fUT
z=O`97OmVe)(C!G(5UaN79pqB;K~4u6dP8HG_neZD9R_BJPgx6hT^s8npqQrsq07Hl
zmqG^cW0;$?<`leWG&>yO#nP{^JVJIxZ`KI+)u~P72m+t#ESlW_;VjYN)x&~WhPkY~
zq4Z5Nao@2}a(?#&v$RX5xkVS0YmAiHQ1=TePxZ+uA~{7zcS-1{#J826wI>TiK1_y+
zp!U^=Zf^Y8zbm-Xz}3HGWh*YW5>b@?PE4F!32wNU{zK&iH#-9anlq9kYwNXRwKCPM
z)D^jKVBu%)%X@LEmw?~|?q*sp<URzGq6qPq7yGSsHx9rA*VyQ=*y$)&@u0LT3>Mw0
z#o$k+w~KjXBFZ2A$YHCgv+FrV5bd5^ipma^CRZ>B>!_dQ9oUw`OkgXQE7f4}^zjiL
z9$#7Em?f8ey>+5ayZ*MH(p1xuiL(%`7JZ~-WdjNIdDs5pTPmHT>D3uBx59<BqZB;F
zXP!i#q~5x@XtSMxctX`rgZs#WeG$ixOV#k1we@hC<iv&$9jbg`+5~^D8Ww8*&3B%N
zl7t1hwoO?x(pVtXkELIBrqcJ=6w3e2_nwdw0)sWyT|GPaGY!<gwynG_PXtewXozx^
zb9`T3YkL2~w(B03O$+im<Fkf_Ik~}87;;hKwhXE6p7|Ys*FZELgAZ0UGO<t;5@1O<
ziCyu?58iqb`UD^zK1$OsZt{*mN<bD7z?k*2DvGkP*RJOAU2;3s)Q9|9yb(HaJWx_+
zvR0F;--vqcIn97q^5V0RCEO|3#x<}xbjy<On!CC|%F&r%(KiUVm(9|i3|<fx>jv%w
z3d~$EmJ|1qB5LDrprBweTm9wY)4$cGU)3=;Z{QuyD4tqA<(p7)D)qs=s|_ct%Lx;T
z3;B-V)+Hp?Eo`nXIFzGMS5Q~eS=-Z5V29S$<j|IBW4ofnh&SB|1sR#-)<CrU8i@z%
zp}FFKf(G6*w4aVtH5BVM8))7mRj57rXJkm<$^IgjK+{l{1z3~%)h~xLQgRpn)s5bB
z+Lv9yzOKG8$jc!;$KXQJ_BLop`l31JS&J<YMWndF&<zqCRx`8WuTJW5hN<!agh<5?
z#Q3*@hG$rB9~&#eU@_FD@rlL_h%n7)ta^39-xt9c`fKV42<RCUV#rf%+j}}swwZEA
z1)8>`G{M3cSFMB$45<#4lQ)}w3lqFrqH7*=!0_K@m)uew3zO6J!gdyS*GBsc(2*JG
zXxtY?NKPyogT$<Z%gng63<SG#=$I^}Z@LV6gZ8y(Ni)D=MM<t~ntUlUp<T?J0V$in
z!1Q+(eOdKd5L7R(ZtLd6YB+0pa;DJF2x#shdsl~2JM{Y1_Ipo{no}c>G)9<6OcCK9
z&)~NsPgJO;DR~VzBBW%2cA5r|>nMCr$a&jj?8E{09+xk92RLeafkm@ZE|>(}{k}B(
zU$YkT_C=Sbgg%gdbij{W<ndzKNc{MKO}`M`^Hcij%h;~Fj0BLyyu3wm5eUA1V=e{1
zb1iwn;EC<NaZ%Ffsk;!?<2gkXJ<G|Z{z|tQT56d(9yHUG`;Cas4;kIs@Vm(T$&@F)
zm0;ksz!Y-NO;g^@*F-<CNbOFNP*Q^6qP{79_-*Df3}I__*q@C=+LOXB+%#{LE@Glj
z8O#-5a&T7!0vG6~E}3Y&g$(T<>kEc-x7DqXuFtjY{JfIavRykBF!b0>*Y_Snbmr>s
z^AnpAaNXnUlocHz#n+0Ew99}rbhP>IHfbo;JTsCeI@HmV<us)>#(s`L@1YDa#QbAN
z^dq-?01_sa6mk6K`q{apB&E0Zfc+u~FG-7OD+$Y#ak4MZuHWt$oyM>TYwy)VF+1kI
zxmFujv(8;*?))*<hMx0)>?C=_YIb_1frFY{)=DdCX~~+nmyn5|$H`oR7Gp<;r<0YX
zVJbKGnIEfd&(=8**q5>45M|Rwq^B#BiJ)a-%6Io5^5^Ogt4M2%u{$oKEAiRrY2}7|
zOgpyDFK7-v4z+XB-LZQ~fKbE0R#jddZJY&WqrKKI#5mD=$C*5_#k)Q^gP&PGfkCa~
z{YHC{Qq~DTA)JT*N;T}MM0U{CwKh1tBA;n(O%R>pSgbTqc&PABWry>Ey*(iN-4-C|
zS@Oro5c91OZu~dV`WhmPeZy5GBvd*h%=j7Ih9b_Eoxb43P!w}{lS(3;iGeP1>@im9
zsHy{rZK}88^V8M{yIoV{uf3p5IgL0a=HZ?aB2#B`o)yXF)W2I^3II;JWabvAdx@}(
zYa>5bjfwa_j=y;p9KHH{5}IF%U8vaXHx7#|m*q8K^YOKI`d)n3$_b1%`-oOj2pBAr
zJpi3KFqD0nvBwl;Znzp@8rzie6KCp3jIN^Xp5?!GjWJ(#ypD9-nU^YeK&M9Mm_Sc}
zKjJ_);xDEq2WFjUbDMa2TGn&55^hugXrwx3zL5LgcVS@t52}FlA*ugd*ks;;W_pzD
z0Qs8V5-{ujd-5RG6SMhGoe-I?lyo@LPfPT&(V$l*ub+=Iv@uC?Q%#1#yBUbU*;gk0
zo<`nanm`)Z(~4s)&SqS7Ifp|dL3e~*ABWG^+m-WVoxI)AV6bn-=<CqexYdqc(Cydv
zpmJ92XY(+x3b6*`!VZ-YNv*y$UxtHU%KU1I7tESmA`i7NC~<qV(#Lv*HRfTQcAptC
zo5cDe7KOsm@bLs^3X=#k$)70|<!nA5R@hh32n>GuH`?SG637zc@YJd=9-0+f4uOH4
z+z@7G<fpM0)aPk|vFP7RIFQsVN~fB|FS$p&xuhnKd16^#Ja2@N3u~o~Z<6Hx+B*o8
zWf|}h<ktHnW<1^C1Q{{VpR56KE&3?Iwz4x0hTLB?YhX~tQG35o1;txNqo2KE2(~Ye
zdrQNs-QdL(+&eKDj5MSY*)`aa;AlLN*kUxn;%Gc_xyB`ZLr)=cb0ATk=n#Q|LC1{3
zeLamICW40+v6%okkhvyW%7Vq)U+XYn^wXtsc%wiNxqzHs4U~Nm?eT_z>JG2r5p}ez
z#@_71GLp>?KIpKdRruSEXJoDePF{=r40PsCB+3f63Bm$n_$I;~6Qz()^y<j9jeZ;6
ze6d4&#apFO)aY29<Y-4#(c!@&;8y6+NBR#}e|@O*{g)&b7c>Nsy@Na!4;}@Hh7UKL
zjIy$JevJe%$XDJ(!UPRBC{#Q%ZiJnY6+5RROheEtW~CxQD^R;#d$`2R*60z?ri*;5
zk!w@wJ6yu>k5Zob)+KIs$J`Z;FMfdOVQKCWoHG>7+|tk&p0Q3rGxjs4{0Ks=G3NJN
zb@+fO8I!!U=se1S)#CEY<(J_0E$8k-Um5{837Acc&?3<({s|4pS3@<Sp3UxOjzgZ@
z!-wkJ(6XHFWFnh#r6>M4`n)R(W;R47HkVgCE9cyEn5lR~Swd!R$YU3pCopvhqem*W
zPMCMVuaxq(Z8JLJ<I10XU;Cz~lAyEfh2_aA8h*+^HzNH|{JCuAP!ZG)**KJIM|{f{
zdiA1|4d%v+s2dn6ks2Gapy{w|SVt^@F?9tuC($zqTi=0Ti!2nZAu@F<;1Y{!bR4q7
z*^L&Q4J1hsKCsVYLCAE|WD0zaWH$I3@*<QUJpF^F87`Z|Tja8)rp(CGEdF?nLc!N5
zaL^LL0Q<hm0hExx=A{<aM@)fpYr<)zr8T`>W2>6x6m*lLf3We_I#ZB%U~7j1V)D<^
z?y30sTHDAGdQMz&hGI{?W(<MASn;$XE{!~BC5uaq9zW51ZU43fxaN8J!RP1n`&ZgG
z#F5BmlvyF1fSOKY0qzIbX!GP>2a00viHGlfn%6*t$J?Fa{(k<gnI~EHvPD>bmU_=h
z0$v#vBmSFOG^R{$(Yf_iT^{$}8E{Wy6XU;~ZV*#0sDA&x{Rwjw;<9Mwu)ky^(1IiG
zC<^d=sB{K=i=6wl__(V}fMC7K*Wn${mQv|-v2Q`}@kk&(o<BBP-t2cpz-hO>f8F9-
zu-jBu%PMg?e<QXYxqUy6ur_YpM~JbE{-=9)i(&|&h(+F-E14~Tp5ofJeRVZ6=J=1#
zsF<5DXBR-b`-0PfsWmp8me;K<NXJr-pj1y>k7I0T;AZL6&OCJfmBJCWZWzI6jRSqp
ztS>Y2<iMTQsWN#I<hn}hQMq+A#i9Q<d)D2XCa2DrEu%SUQB-D;Zkn^zqs<&QVZ6`b
z1ajVroSzj_F!nnuN8@M}@hw~9UT@y!4)%1GS|h-5#~g;``a4FS^Xrxjr!BqRy~NMP
zXH=rZi5a%Wu~qjr8UhybYl}|+E<lgndJQbKIGOfD)5t~|_-op>-~9)z=Stsvk^HFw
zXA+XrhG*l?7whdkg;iEFvo~Evy&fZXlpJdEVo_NwI~bTcHN-JHB~qPkD|h7-hGLtw
z0E0Fec_2YP9wBWhYs~&63k%D{h@`5G<{IMHvSzKC-XFgra*E2PSJw|U7A=1e9{4D5
z5@Ss=*H#ZMr+y`Bv_Unum(z&7;>2DVxk#m^EzU8pklTJteqKw(*@h`45B3m8482^g
z;0rsaGFOTnKi_fm1YjR?D$mnBN*_Z~wPkeffWOCe{VcT44C0>ku#wo1JvwOd%D!=g
zpjpUTLd1#@Z;0opjb_l1z6r#Kz2>w0$(w~IBm4Zs<sOq|#%RB82a-5}&qoLPT$s~`
z)P2>5M<Am5wcnhxG^qpkcIwaGJJlL;PaX7nfol@QXdj<S3lhrAL`E~ih{+&(Da$ho
zoDN~k9;DZD3E!$gckW1OO!|IKdGFBV2$A6&c~knv@Dg~-ul#$tY#?vl=tB>eE-SL}
zD|b$V4GKm$Gd<Pg%c@NKPj5F$G=+N$#2d#Ww7v+^_aT@dIU62jPNZv)+P76KZ2X%@
zg06ByAL9svA>?f|@HaHUm=iO3ldZdxvt7kha$g1DA!Um#LOegl?G1ZdhS>7gFPluK
z)u`_ISqA2aj)zywUG4LO)9^^nY^pvNF;T5>jN@nI?S$pV6^i5b=-*-eU?f$&JOnE9
zncH$g3*~oIOm)lj4Q-5)*xbFt>{9ooWRU+4UGEs3Nzk>8#<p#n6Wi8IY}>YN+nLyy
zWMbQP?l=?Ov6GYcdA|4jIp673t5>b=YSpUVd)HOh-n)sC-3-_6y>k^~%D<;z{}3Su
z?1JYTqtd@oOCkBX15g?sgbcYyQxSF@Hl52b=Zmv*j?bn@-o&6R%-oe6f-ZsMT^-FB
zql3)L`PRken90tVS2#t0&MVn_Q9nVqX%Xd}EWWcoQa_;Tu}f%t(e(CkjR6*Dkxr^T
z1@xw8u*=gE%ColL3!YxNQ)>@fbL`$(1M-EXN7E1}bMUqO3#v$Z%_6zrPv(&29h+|X
z;FysZTMB~1=^O06)f%bjlZqw%5qvSScZy*ZRMjq6J&Zdg{~KZjAHa(&6ja<&5bD89
z*#kS5iR>p=(FJaeo5<=L@ZDoh9}0Y4`Ii1v2thBR@CIhBhe+Sss0okPClY5iG#+Oy
zH|%O~4k%?A2_6CJo!^&@WXnG12<D9>Hl0w&hb(z58W9|sRIRKAn{valEGpiI=uOVi
z4UhR&^hIvDjV#cJ^6u^Fb^Xf|cD?WfPrgm`vY-zq@X?@ujsrEw&GS<((W0-pH)v;Y
z?g42@4>}{DenC*s03^mNyQSSHm)}2kp?}!{mKi>Y1m&reK&Z2e30)2zFP&2$*Z-Ou
zae{|o6R)YBfa<Sp<l}vHZf8M%(~ji!AiJ)-=fJ)=x&@PNQHw)FTpIzC_;$ISu*}p^
z!nm#8fVnow)iLB1^{+w#&xy0llTcKgG)%{fpKR5W%|iqN;<hr-8?BJe_CyErKk-^y
z%eDkRkgykcfsj!s?{~U!p&3x-d<D)|w-&C9n>dxyds}hPt_kreo-Zua^+PI}uc1vR
zA8Q`zp5AXTtek_HwVNF2$13wnvQ8^{J8ye*|H3$l40wjSFWBze2=|rpNm?rsr=(bQ
zyVGX=PKQ@j=Vy;#ZD_l^JP+PsEH5Rep$tb52Tarq&gKJixN#OIK7BD0qA}mgxxRnX
z)0ZD6-E^NPlX@4k>bDWk_WrIuiQ~%>Gry6F;3Gje{vZKWmf1qQWb+YpK!EM)JgID<
zBBmL$lS4yL+SSC(+oKEna1mEeBs#4NYn7$;BhfByF`=iV>ilFV#T{znAroG3#?V%q
zK(RGBm$G0N+!6w&pTHPR%E2be9skl1Qn2EXy985=<yn`TMa4%<dB+y%>1*^u*ZPh%
zbmPcrH*_qiKw%bfjiTh#Do)X_QXrZnd#kW(75^<Yf>8Uir1c$dm=@b@IRQwlVg=8g
zE9mIzz-0HgU$QJz1yL&)D3QQ9d8Hfr`39Uv%m{ZXYhRR93B#s<s~Me@-s8Uh?w+Ez
z5HXg5)1E#uu|SqYk@{VQRUQiqE6>dGKIJPN20@)RxG;hbD`WkQy*9LvH^<0)GVG2b
zF-e<KUc*>^W*rV7AR2%07=B+@Z%=AoZ>m$gNAVBGxROa)CipjKbpNQBWWc2`LdYX)
zf&%i;o^3NMcdtRmqt*-CXW5!-aKgAxoDWz_;Q?-XGItb27s<?&C+xw215nPQ2umy4
z&L(k-ZPwvoS|}!?t`-vYmXwy;3Fj>V$bYn7eqBLG$&GlCS0-f3z%yrYYQJJ#t`Q2l
zLZNp^fa_N46>|FrUQ;8u)R;zlIH&4LUmbO0P@*5BkQlH3DB1m?oC$o%2k})*wtt+j
z(mHbY7D7K}DLip@7OD;&v%G;B-u8xh8~5FsU2Ma2X7i@ia=%M<aSs2wQzzaOgz40+
zsX52_r{==q9s9UL>Yu|ILo(nv3=&bT4vMm^ezlELXk?hXn(`fGMjp>Ud2VzgIe&NL
zk=+yyj4Wg}oae?9G^pEztIqlM3dBTGC?I~<9N^SKkTnuJV<@r1Inp0t;`&7Ql2G!>
zt<F0vr4->MWD<H5r(j=(IJa33undpp$%`4t1;xWwkBYuFGT6Zxm8If&e);QBzo1=5
zQDmE2d?9!xs0yr6?{A!P;y0q$rKIh8u81ZsJeTlnv}#4DdVuM|C@$9?ci2yzs^jZ(
zDDP@WAhwV<-po8{eMS`(c67-nrWn`CTDcv~*&b83<K|lNJeQ;{3vnUn-4Htn#=KsE
zy57E|@G;GYc1wx1-<Yo|f8G(pZM|G1h{QKv**6stn9W=8ssTj>c{(QRO}H{MU5xKP
zH1so%L$<%4uhcr8C?Sm{MYhW7_Pv&c#<iwS*XJCiUlHz{R;qJn@3sI)gzh913ZmX)
zHSh|9)Zk_2fd^^)s0N&UA$(&{p+-ND;S%~}`F?i8`u7RKC<VaAs43sb&7JmjfgA~i
zCuv!}62{W>T?YO(5b+aqH3)Mfv|SoVF$iS9wiW~{K~>i&6o4M6AAsN1a37o$M|7Qt
z!kG<k!)Hl`k!x;fhAI1kuTd0!BG1$gtdy_t0dXhi_yFT|F*^L=S{1462gm8gLJXd!
zvIpB|i{!c_dhKTU7m|rQRuD=;zyLFNL~M?8f(cc9vgpvEun1>B_{~Py4UwR4N}+-e
zQEs;AkQ*nqK@0pLYY%-Le&^Cl)_LJn*Lja)7P!}(B0j8saQpY>SuFAbErf5VKwxB@
zFJa9YLgb#TUg>0D7y^nqhx>KL3M0lFm_^&+5<3g$Z6(t^(S4!XMRsqdf9xv?TJ2(&
z+u;~jMGC)}*P$EfEi6}`>vJMR_U$^xpEI=kx9{T+F8nZzpcj~_yp~XP&PrS$V`k@-
z4J{>9WML2AYZntcdF{djfECcw`-ydY)9#KDaGC=!`~AVXdM#c8JD}}CbyB}uWFsPF
zV1n7|_KQNw;9$Vw#`1>-ZKq#oL@hhckI{CQBQPr^dN2L-k++C?7QtTGtF%eew0m+i
zlDBtSRk%AD>2|5557pqljWrUx%i5*Y-@yJPn<Y2*MO_UMdqu(O9+2-z$+x{KqWA^1
zzHI&Z85BHWMIOGaV9xnN+#MDaUxrnH-*R)v(9Lk}5+!X%Ms${6!(k%woRfq*))#Ma
zM#{}*Y8BzmdxRS+BVybgGXR?_^p|PI<V;8`l3?xX-rd`ct;5aLrQ!xB72YN$#=Q;f
zRc42OXWoDlx&Pn~6=c3~9L+KckswiQvQzzoZl7)%PV?iR*8c7W{cERm_1ovaeRg8K
zoU(d5b|k%4;XJO~RDakFRP63IGf;}@=s$+;9rictvvsz>AmRT(=asqI=r>woWwje(
z_Gj<vy3wLmpx5tHa#mqxO^d;q_EsEfL)~ssl(0gUl1+Eils7f=xGgV+<o_P1ah2e{
zD{b=XPD0D*?j+Lxn)T7nSI;VN%S`1HM0)$zE0Bn$PtRsmRRzrr|2lsIZBnd%Yxu_!
zZ@fn+Zs%E5wYflWa+F;<9AVv7SpwdaF}0+offTFo7+d}ev#oH5k{Kz7bd(b0RFBb>
z0m)wnio`LJ&^aF^@5Cw}wi{bCY1KFcBKmM0wOgKZGkM{dU4lY0ac=&8C2=((j9E^E
zTh|Nw9-3n_|H!KRVxqh$Pw?A7lz$-tC$}iO1{Vp&cM+MdDIVr)Rvc+%C68)w4<_io
zR)>EyjkH<K{&XyIiAc1{A@|_(S}P;%ZYVfuRs^m+n}|Y>hiu~5nG^A+lW)4;EcmXX
zeCf0Vm)Su>=>AMabgc7DIv#c2@nMUbKN8)kqI%7W78>?QE@ufG9E)2L{A=DKzWcAl
zdpXL<E2$u0V=~Y@E$0lJp&bN4SN<#}6#G|WwA3#=-{8n!0+aRjZouyarpLlDx#HQW
zxQOjshMZBr11j73_)PLmw<TxOx2!J^fbP@HNd7txg6m!mGq+6sLxjL8#5Zfx=*OU`
zTXP?O+bi|Z)bsn~;hd4;>5_!IRyX0CLd0Cy^jhAX&XdtESU5AXVKYv&BYGV3kg|7q
zAcdP!jtNyfDN%j2Ug*5&w?it|H3D1nfw5Tg*h{jLEoe}qB<0t4ppYiMKQK`57^V*@
zy`|*rDkEjbZm~@8WfEc-3LB0yGdI0@Hb)`Jkm{SGUYD})tDWwNz9*%?g?#p4-%04c
z{UHd8$rDshO2g*lH~Id0)l`Bh6=0`0r2st>M0YrNM+%IvrA3yX7I~(hVD@?VvsiYp
zUljP3e^2c8xk-gv>>qTD3pv8QyaBIRdu+_s!FM{b;esaU4wde}X>)RFjs6~aOlUP|
zT0(YI6j1Tw>`@+-mOvCNP?QjTHu%?Zf_(D7!f`~XcDoq8GCv#9QCJb=oocPnUA>Vg
z=rtQ6*3kW-TR!2c0w6D;3(bfxxD897vf)XA%OUym+!Zf~Ete4+e~he&7)<7zF~9;{
zFz9w5Q;0`W3Lo7pUpZX`z#U*XT9xm3Te@HsJo-zae_<?jL)JQo+Ayuv&bi=fKZ*^4
zDkI;7HDE(68kyl8>j(>q4#~qJVDy=iF7?9N1%#$^J9eMCY)i~>2rnlTU4kqTguYhK
zVM9mLl2I)dmJxQH&ovNdBMV>pH2ei^Gqdy#c-ja*NP6m_>)K5Bjb?_JQvM9+yC*}v
z><w)4D7qy1NgR4c3Bz6Z#BS-&x`GNBc@dRpm0yZa&Ep~vzm@y*8)HcheOJ$Bt4mpC
zl?%*(pwe#U_TNXZ+l@O>`3KIF`=03oNoZ?x62<2cJG<{v$vAO1H7ZqslUvStME2Ay
z2Mf}a+MF9bEycb)aHEz%L(I{<oIXB2$#rU=SwwOMbyBxQO8N*|F2o}u@61W(g-hJy
zllxu{Ii$}w6G5$}rI)+60&Rh#&k<x;M*GA&$~>xUpd<4>J$d*?0Tsg_JVT4g9|-CM
zIh$oYeY{bN;~Mx|Fl|x8L2Xw^_PD#+^e2Z(KK5keK}P19W)a&lH*tV>!PWv85;3o+
z{x5imvsE6?Q?RNRGd5;jl1@!n2x%d&%m_#`4h%ELe~0D#jI`8`uardQ>TIRffT@Ur
zL=Dy1=Gcg>E`z{+Y~y-}V6dyeKpUCKv|=9qeiG+lZb$*X(DkD={o}z{)RkN?)Z##I
z!)$m7m)OVHJEJKQ=w|4bGYd9ByG<%Xb|6VffskqSvsp{5fkpfQ#>@UjYZm5C<h6yt
z70lbh;Z{}d@YP*&VfL}ojackedzPxaGmBZG(C;yxe6I2IWf8SUnv&lr#fIeU9)YXP
zKXYgC4lg(TO2>YjWyIZhAH$ru9KNq+Y@X>mv9NOw^I6Fvl_EPgtA{L8H*i5vr8QqD
z;q3{JkQDH%G#foMHgU|B@FFS()i-T&r*lX@{l!MfI?X%0q~N(es^%u9KQJ8O$g#oC
z9Va@>>q7nXY)%_YqkkUkLJ?JG888{93Tvg)Hop{(Y|18u^KR2jRRW462Zwlx5lpBy
zUm>yR^G#egE#JE;+<caRA{|z7=PXR(SIXi^{-#N^17{Hu5)*xZ`%xX%;>!~-Ms%DY
z1D=|IKVM(x{E?IkzCP%iSz>IyIjIlZd6|ldd>i2k*&ByXqEkn0+Uj(a1hyQXpdsGU
zj3+2dU}&(y;y{V)SZ0jc%pB_Oo-{ZPele>IbdQdf&`B(dce-*t1Ie_-1#I7P`l7?@
z(i(vEhAh4ej;-2G-N(8xC=3_Xh<w&BUYf?{uqsa7=0rFnnbPs#ZAzsZ=UKGU@nYqX
zz{TFrHVE0V+`b&`)4J9#PziSCJ%jP|dUFf~<&y5m5Sn^UN9pxWci;Ozp2RgUdqwtO
z;vamZByD_k*)yk389V!&RcYK#rq0&m?@14!Ogtc>6~r~{gFf>!AU0z`*j*Dq??cmO
zw~5USO#9?**>CJui_4$qY)zk@On*b)yZh})Oegm91hQq>39{)RKptBP!K6FySC+Tr
zH?QAwsBrBxOsRJ{_oQ`Z$hUXmn0z*pNaBC)?B7wK*`Rq|Tyx!Y61zDTSf<{}@bu9X
z%$fLA*{pzf$-CwyR6ensN|`Vjap-3st~RkPtH^imuP|@yho!CcsA&B?C4dke@cX*I
z!Z6Az6{UXLF<$OTN<>J`Bo3MAJl4mAq%i+FQaOYd3d4XSaJ>ruES6|UUgBi{kiK;w
z{y~w3B!TOMht=X+_ClMI_~*R%-co^uAfaOQ3q2?Ur*J4x?>ivgF)57A&=DFSB&Wy?
zChm<^H^$BpD4_M!eQndjzo%oi@xfGvE^nL7oEz+J0I=a+w5N!MH=)mL8Jh`<#6tii
z5)gneN(g%(Oz4M*tv+Zd3zbD+;usNZ$SMdCp{HACLNE*|m#3bu*c{{|BTHS78Zs&9
z04Pv95(RvZRpfctLvPb?7pgY`rvHx*@;R0#AxSh!Ly#JLJR{I65~$PP2x<=w0p3Lx
zybD=G@(sHqqoCdg?smVO?tqT|c+MpO1BLdSLb<(s9Bpjgl*+(;M*>1e!SME<_^?t-
zHdytWfsrB@<8)Cq*m!KBLG%FV?RX3Y!RfAoC*{QN5{!Hyba@@|NinDf9KheGxLr|T
z8Y~7#(<3&dmE<TnDZ_G`%v-z(yUVP8(x#($QXX=$uc=BJi;_h}!J1<IY_tcWVToFf
z@QzC>P%-j^y*G`F`Da@D%9_~-fw62qXLkKlbj2?*JrXc8oR2c=O6w|@V9>Os!7D(?
z(G@oF!{lNrI8fAQR=-4mw1O=)H%-dAiHsdpIQ3YeQJ6Kc+C+-fT(zJbo8Fr*;b1FB
zZ8UPdQ{`@#5z)qT)1zCF;-g`z9f3QQ%>MT0F;}z@+fkM`my|61*gpw@fFQoRrAkg&
zq_t6<15)JO*AO^6FUZJFm|2U--7SJ`Kw|}>O!J)m^gsZ(T2)TZQZO>c-QSPK)^5T)
z*S2V2B<4Rxwk*m2T|N&rx`qY&p#%fcD-<|M4NRs9W$6G5^`gXpF?NC`PoS!Xt{sk<
zIUdF8V2T|)GugZ_+&muMgCp}V^Myb_V$PAo|K`NHE5Y1I<VbcB_mYr7gy7U5wNPOn
z&(>p0bk%_bu>?kL9+_<Z8#)D=G<h{@BJwj4kvRy<HT#Btz0}1@NYO0(?msr2JRCVj
zByI8#4N^AM)ox~I<1#`OEh0gh{j;Tk(a8Pr41pS$C=_{f=fB~nd8r?Zge+&x`BZgm
zNx0}tR~@stt>c@uOBe~E^oJ{uiw11(2Ey?zY`deSW4(!&+(PYnc)iF23iuM7nP=ZN
zWzT>_?45(}K!VeOM1tWvZ=o`D^iA(|Dr|lMLJdY5f#wWGtQ>9$C=HPLNDZCeG@Cdz
z*gXJ{LP-fm_Sb5Yn9(7>IZeaAX9oWE-wbO<h>^;>Yn1j%S{Ob_-$FLLg)+~mHB*P;
zAaqv*pjPt*&K~?O)5NVTf9#<Yj7^?z1xS3Kq0XURK+Z7eyM*0?j{@m@IChk>?t3kU
z(nlq?XkEDwws91<=Awxt33uY|PP)^-2BM=3F>kEDcI9C|96Y^{`^Z{6896}#;lUK2
zCfNmIw=so5AOcWAwi6c5#CQZIXNm9G?BH$?0oYHRn)7(uYq|ae`6QphD9wCBbsC(7
zt#3exfxyVsON+t7p^JMHM<|q)hj&^Tnd{dR&J%B~FCRLf@uj}E7Jd**eWVe8-57!2
z4R6!6sL^{5$fh~9b_{a4lIM*ROw7kGKd-HzF(OPc(y1Q~hczrby&NZsLNmfRp(v8&
z1&Lz@Y*F_@7cr5=k%zl|Li`D637~%+`u8zH*Ev5B+8Ez^Wnf;Nc=EXO6u0z=jaXxM
z4~EcTZrntAxo!m_27@LqDH(dEUO;t|o;)^Df(mEjR!<_ZXSel*j7TFVFGq;cV4?lm
zw~0hS;VG@S+C4u=y|id^1$^R0VEqn(PMz*=N6sB&&<>g?!1k?B2viVOhP{_}K7-3y
zcrg16_<Es0lzYI9CoDLiFXk;=0!$Ej2HWK6IT$1qtY>?52ShNz=E-ICB*8v7IB@oI
z<OCUX&!rRi3MPzG@OI>}&CFI2xqI$E-vb{&Gxg;W^_~O!c1oB{-k~X?7!_?X$O~rl
zS*3-*SE`<H`@BxVI(wqU_LAr;brMCwBG4qSeue@mF^GZaaDe_fF(XhOvQYJv)7=S-
z-`_eA`pkI$3@VuHrtBHl-ogxq%-BP#@q~cU-+~|RCLNAKK^}sE9ojZCv0=aaOjAg7
z3=(yaI})sS>FMq!^f~66&E1~OYEH3rH~(Ss%io9r?u$r_OQ=+Rj)jC2rhsZ7hUEQY
z9PR!oaGCeD);@V4;73+nx_16?X;OB!qLmk8h<etSZt%G6@Z7eN(rV!)ZNEVt+2lPU
z(){*%gwYtC{Y(9napS`3qLRlGNJzl&3xyoQJ<{A4=Ql#ZZrbMS91j-^!yHTk6CJ#4
zJYvd5F2fce7hFgJ6HF2bB>Ud~w|u|H|EZI8{l5p_;|62qEq(7EixSdlbP{UR>50iF
zn@$&Z4|#LssRU({NNiwBr{CE#Dx}zp_7R9nXyCxX!Hs7Ejs;jbIEJX#(gW5{B2O!a
zjZyFJG}1EhOa7pCqkY~D#MptkdUz}@F5casnVl!C+a8-x$e{VX`siA0W`rlG);PWd
z3}k(Q3B6m%EsYn@TMU=?fJDB0LOzA|8}6aoP7a@pWjrjIvPHen{)_3g8Ebm~{86ki
z5TNg=f-&sQ9{GCo3Rx@_kfMqari5o38uTjU67{bh+T~BXLGOY9si4$n<Se?1v3(@k
z=PN)01w!P%B^3MrR8SyL_5b%E%Kx>&XOFli>i;(RzhC$N*Puu6f1e`m$?DFjnwX<t
z?#)X}duD2OqB1|%UywAsCgo#;UVBNHIrR=@x^ZrhoRcPEZ4GBtnJ_-hTv|3dv`V_D
ztR?HNE?CC=k2UAD(oaQ3%mte*027W7ku&wzvN28*nQx?MfCv3A%(R~x8VNr!(=aiA
za&nlYK8uY}fiE9na<sUYfFyebhDWnycfKkAw+Eip!m!zg6Y3j`0SI8-0yjWlLt1$`
zGWzdni`6g=1oNF!2mhJ4J1(!Cxp58ZC#RDI*p+(SnfKFm@mYhRf31zV9oZ9!1NCIM
z+1wtk^e*L+`v+%&&YxGFFA!`VXS|AA-qBIJNp68%I?!2IxY0WbvrC*l71h&5pNBHG
zJ3grF0f^BZSwm&bFnL|M7bkh|#}wd|Tn>(00vRG<y;Nldsd73|1bjiXDk|b}ONX%N
zk=dLPoH=OR0oSl%zC6PVauadqTeD+d`#we$$DoTNiiYR?=QP4TW>9y7!E1MmYBm2I
z-|tZaa&lH|2ZO#&i{7kO0Pmh&$1wbi*#@J2aejfNitfQRj}uC`!GA7_`$e#OTZ3pl
zbi<;b-6qdxoR<9Hk=gt)l_{eKwJs9Zs1xf;7SeDA;zX9m#{0hacp5D|q~Zacan)Q7
zPA?ZC>C^Gz)#@dW1rtT3WEB3yBad|Z<Zj&7!CD3F5qDhI3%YlaQAYkXJKiYl0jS4t
z$Iw28Cu~uv<+blC7$%4@gW#Es?tF|`pT*uC{;sU<NKB!#u~grI-!hL_8S?ouU{Q-a
z|1Gz_g*Euk!tzd|8HnQ57#cM&H?LfmPETOtRw$4$^hF?c#+QI7%sK$RriHY8c;M-S
zN#3o#`{G*+xCE@q>*nTaW;%xdMgkX;B&Rw+3BRJMBi4-@84q$&^O&D*IHs0re3P7B
zPgNC^Re7$>`dhumyGRJF0OM0{vADke;KF%x0KjbL<3VZvhma=*XHdNNs?P65*EK-p
zB3Kq`FD68l0(&qABCw5^8?O^u-Apdx^5eF6aUg=G>w0pd_<p5n#sVSxG{p50nZ=ZY
zR3>Ce{ipKkO4x1MD|~dV|3eW2CIifkVXQS;f-T@^)m;t{k_vU~X%iV6Remmq_kO<m
zLFm3b*lHrz=;D50Daj}xATYSREny)=E;D)nyU15E|Lk<A$eMf$39V+Gbq1ISO^dqs
z1qfqWCH{+s!`tWtwe-!G@5^-1q#l?o_>Vx01R5W&6|)drT<~P(1`Sw(b9OLf?}-^6
zLjBV|@9?$7J~uWmcAjUmIKy-I^~g-UwYSB9A4aZkWG4-JZr9vLL*sV7K_ZmQTCG}S
zZn*4JE48q2JO=8c?e9k>#85k}`d?u#-O^qzpM`R-13FG=7(dkY&+Vqn+N#N!l5RNe
zwL##mxMrIfNs}gJvNWGzOek4ZKG*nO98bN8#IT~~F~WKC8#qKqxw6Ok8Ej8D#l&dK
zAFqw%L<yYgXN=B~{G}%jFDtX9JN(l_q?A-uG^Wc;eAWowthYVgFTNLD{xX5kvDG!v
z`!k~QV)Ktkr6e|_Opf#5yy-iic6RG_JX~c+p}%;{G`iUEJ2g5DQQMvjTr$AjT{TnR
z(6mCqR#u1KNx3_pJ}Y>e26~LRJV1X3HJh2#@6&v``+RcxuxGk-^CDPl4nxF$RMTEZ
z6t=iji@(~o!mqcR>Wo)WUc8F|m>ES<yI0ASVzh)TNv$k{+Y052+C8u<UT@3l+A=gc
zIZ<4F1z{70bQxWe)4w3_wb@aUGNp$;L$qD;$m;*XHvCO<$EJg}f__mq%w>$$xar~i
zPn!u2M2x?~BWq}=mSPCWq0>x`Y*j5L31{WuLeS@t;MiRqbN&0X7zJ0{x6#_J4hOo8
zr@AJG7CTSYIvDex+cj1hg7n@JQVizDX;$os^uO}$bkHK>VkiZFBoWt@v(bDEq-1CS
zhGnKJgWY#5@GcInqFTB6_)t0Am@ggN&G*Mc=qc<sMRhNLnem^FDNN*nNx`ET(vb#I
zh58}8?c+msyW?j$FEk(s$v!6wo1YXE4Q@7MTnh!H>{ClBLp^#v?M^=J<#A@?5b<!#
zY|Ksmrq?s#ZB$)<EzsAROo+Ku<&yrRfB@B~013eB?<j5_UbG*6gtSWZXBTXSZ4+zK
zSa>%2s*lA%K_g%*Ge{$P^%B+d`<DkH8qXN+Lbg!D;uB|a;t;QUXJ=BH;@qG;SC#@F
zT1}tO*$QwVT2fg1RW}sAwiTCLoTNrZp<xikE-r)2wm()?=|un`;odeKuKN@+FPxgV
zR9WFPT>&5t7JTpNL?tHDps^QGS>s<H4qq8wHjhU8gMZ;>Q7_J7S4+!MTeO~8=;N3R
zRFr=zDiz==pVoNx{h0??>TLrNVMzHIARIgxy{}1r5cWp(gRu;KF1yTCKFG&M5A4n+
zBsRc^g88a+R%Nxh5@PyEDqd(t75t&T(q`mEcHkH2*6RG=4u8Y|<9B7y55U+|IU*&}
z-H=Lrs($c=K};Z_n8RlNVxf`@FZ?ByxM@D3oiVtj%oR*#VwvhW`O^WvnaL6iIa|d3
zuT)_Imx>xzgYS-~?)K02v+|^0OOkRodd1XXMNdEqiu>h<o6%{7(IFms&*!c?_CYyl
z%?%!0^w1K))QSq}E<gS07?@z+ZpUBeQQAJ<hca1F1&_n%SLZ>U<;+F^Kq$m((P9-Y
zmmOjm<0XGr11_?M0A4LrUMF>rzsQu1KW@YA>9;4-r@rNupY0nmJnVqjNx0G)#f&*8
zm~uuJxPb>@KR_iE5*h^uO;%hJhBpq+4k)j<Lkq4`0Nw6!!x!x5X1Uc33ky%pu}0jT
z6Fx^<J?6bG$acNK^VbaXGoP3LBN#RTW_VRCVTL@=?nD(wRgk=k-|j^0Z?$vg!9i?}
zKW|x{c|&%)3q`!sXTBx>2MjXu=<X_b_e{v?rN${2Zo7{=InnE%kDD8KV?dQnp=L*b
zExgHx!2I90_<sowL#9lJZ6I?ReuT)a;g~nO->T<26kFLd$vX}=Xs69DB0L-w4=uEF
z1@pR(mO`jj<Ucl1XuW7Cwk3_Mv2i;Wl470b8x*_S2-+htpV)2Q&wPyZd7IQEGe`-%
z;<~0-Vr0hQaS?^BB>2M&{_-M?V$wT?B!Av6Un-Z!QQPbd9j{v;-Q6I+<2+R3<t;i$
z6B4udQPse(K<KZxy4&KSsPGJ>^<HzLtN0mDrMR-+lS2_S(V<R`C@H@N_}3Ih@(Q>+
zxZ)d&^4niS9qGCWWI$P5?w*;<m2!qXM(Yia2l1}`A`+^>*)<%>HI7R#v?P;FG5UDd
zCbAw<9G%=vZ-ZO6d~SnRep_GVZpxT8>^vUbYDx+iwuE7)bqf#)id=Mi=KNi8r~4MB
zEL+f0b}+l!RfVlR$+14GStn)*v$^7`F8Rt@y93I1cJB|`Shakyn3mODqZG^n_B}}#
zf?t8Jzuol(yQQYK8Y{N8<}As^n!_?|k3-whxUaf_#x=$-xg;Dx2T}uaZ2kUMZM*lL
z5sHStw*2k4W`9?=#;%P6Dg?T;I<M)N@v|!fvIZaBnjPKUjUHdOT{FLj0|rt=20E+A
z8eeBIV&-trxm8QsAGJ*PEUWJ>ITMqvBo@75Bsb3%Li#KGBVVqhqc!Yy;O9P8+~5_l
zB7;EksIUh<B(4SQgCn`;vFg<c#$8htzKs-V4Aq&V;{)YQgbznc>!PyCK;?6prJi19
z_c=h?b3Lj+Kdd>2nthcJAR_^OiO9V6M-UGini^|}$W%J$@wQX`ac=(*eLS7rqtf2C
zq=!GJ7QVQl*~M^Ug<?vbU1FRXsK$fNArO9UHEU^CO@1^g7K?l*c}_Smz3^y2sGpk8
z`^fy*zs{H%i-nE|`6qMlAXukQ9%);;sI@iiJ++#FfH=B(CF5h<48gVamf{0J<f<-o
zDheQC&&pig+1Msz=3j~>)k@4avrT+8J4vQE#3WMdOzG`F2lBDJI@ehl6(z*O+od}$
z(RS}_c0zEGr<>LM#`_B~Zb==>h1(vfD&RdN@mIzf7y17fq64d>12MLos#?kYfDgXN
zd_kf(?GVLssq3pChdFNJ73#!X1MonG$t82*ksZas%FY+*<XCxP=+)`r_2rbyi~=^(
zCNRTRoJvK$==zl~TGl96nM4m)RHk?&hBc?88BlVzKnB)1z5aO014rdE?qro==Cg_!
z!(9Ck^?HfR<LGJ!nh2s)L!)oc2cd1f?R#W|8`jwwyOF{9BnkWkll{Av)NM-n%UE7#
zTran6a-|B4DY1`I1L>jd`6Q<p<oSds@ahvohwG7j!i-b)Y!#4UYbqWiRyrR6e5BG6
z8a6RTX3gs_M9}Kld6QIIk@>a6*n-RPNz|IYkn7_;+v}-U^gn0Bcsm&kSynWkQ8XUd
zx||1NZ-*%vbm_B*l5fZ3a%`la-nmPl7rpsn4!a;!&0$rWoi|QyMkCSPu5r4=5^W2+
zY9m!Q-no9}$!aSfF90(MmPaOg+g{bNz<IDh)3f7$pI&P`9ZppZ&>fwjVJTe=tIv&B
z&wjj6jAO}R@f#<)0xsF5OLQO<cXH-$mQlJyQYB{XN-I0oGeok7z_U^=KaupYPIm|g
zXdkN4Tpx7(uI&q${I=w#N0FN7+K~Hn{UNFAq0l4P7OlPhd@XK1?xugIjIZHO7JOgv
zf63bH^!xwt)h}-D^d)5q=l%pxWc)B{k`4?W<`8~-=x*=iW(%0KOEtjNXW?-4^+Jia
zX1>Z;O>}joMN+iCknx@g9KU_snfNPNp+7v-;ll!wd;`hOzZ9DwQ@GB%P>@eIL$EfI
zM4W8*VN@#Ak%4po*y~IEg{=}8#HFOK=tt7!>S8~M(c|Q5_LvU;vkgxfBdY&O@+x0w
z@THU*rxxx%D1a~L{&m-Pck~Ad;+<E~GI>sP7t}SlEvg28_|3If!DRJ>rdIibST`XX
z3myORr0pBo>dOv0aQtZ%mC2TK>UFoXl$&*+!nX<d;Z7>Shy|y}Ft9U|L#!%`t3dVf
z%A|Wipy|k#VPK5=udJmaa=%!Y=|U$eV+FGpn03g7|E&A#5BiOJtI5bjtt-9nQesg^
zTiXw)SaUk|_&r+(sryd~C{xL^fUJ=z5KPbm_4%MIv1$uIDbitQCt?@9-xJ#wfm_XH
z3RGZaYcAsF?)Nl=zncm~G7KBu(K$%SoyllxruIZHx+p5-&d*6z!q>?Y_TG6o;FV6_
zRm<yg-eb~Hg9m`ko&Mr-!s@Ui&6uf>7!mF8S#%&OdxjmFAx!Ygh~NI-L9Jl2BE#s+
zd>Z=8CCQVs<$>ruoka`Lr+gM`M3{{+kIMlPrrR{mv^ofe9HonIORNr-TyvOFw78NE
zIkPOhm*XAS=D`mX0UxZSB9ZpWC2>Z7LVfo=!2Uq-v=l3Cmr;$}!0dL`&E$dA4>^LE
z#}P%$2_>bS^JcR7)kQ_0a!|2F_LWfXB2^z&yGQ<GiQdb_dl}UBjZIXd)*$zn)iCUi
zKlvf>zK-*;)YlR`)GH8xLREAgzqU)9dYh|znN!`1o9IkMb7(`qeg-A3k$UOE<<~Z$
zZ9Bv+PxZc!oD&&>v)T4JVclPNznOc1XFz8j{KT;?FAxU}OnYmk5h(>~?{z$+{7y;0
z9o%ay)_*XNXWnlp!!0SxJ7Z}}6be%r16L-QB`5A4*Smt&voF|5u#LFYfj=2u*zGYW
z33!WvuZCESExET}WwIa3BQ7P?TiM}Kk|pGU#jbH#Tq?1D76rN1p}42$&t5`nx+54{
zk_QftY<@@DJ)L%VBv8`ogQA>B2`kgYwxl-O=!V|tq2Bx?f>}__<0kaU%jauRb8MC{
z6d|Ll!-Z*3@3b}MD`Pfeq~odOxKAVoSE6}-tBF!aYN$IU?U@zVOqB@!l=H>e#eJ&T
z%ZCVZkOOqSDghh~=^Bi*E9|Qn!I#|saVDbzk;*VYVrIP#%K%ZrCd;rbULV3oM$6a-
z6qAwIHeJfS@U1RjNm@*2j$Tq98KCF~JN}HLtoL&D?C^44ck~>$fy8+A$$7b1vQKB!
zADXH}2R=DTodYBs$2exTXb0eE(xbTmW#hqd>vL0C&o80RZ+pc2@f~;A4gBVqF(>lF
z+skPcVGe^aoiXf_`-+Bu+Wrk<sfY|M{k2N!l+T*D1YBDhqt<$Ix+lZmv)OX@TOP-6
z)n9ph39UJg3zhGGfeUIG!}847TdwRhm7e|cW}n<uTT$79Z`<cad{<qk9Sr)|Qufq_
zUj6b)T$?EwSm)=T9L~H<*(d=9V7r&I7qq9p>g092Z?FerFm08v*i#f6y<d!vr?Vxc
z1G(_>h`s_FDTq1;3mN{a*{&5svCGI~V2$*j<>LTaIblz<$yxCD*az=%>71Lyad6DL
zyYzjM)<)aKQQSTdPW;{BE9qF-IXQOA3#tk;2d>UBbgXiTex{(0NZN}0G?D;4Dx!S7
zgp?3;R*QmLQb-LGr&UPjS0mJttd0PCa`#6?+aC3aljOhoY}8}$(5=Kmr2<j_gYj)h
z283_mVAAtSz^<fd&nK7g5|`K~OAx-q6=T;VIf6VWsah&5BjhRP^AhOn+#}>3Pn0Vc
zFw+UOF`<cj7%nT2-ldMNY9crfzzZI!H(gSR&~Nfp2ie%02bgUoPjh5@k)J3dSVLn@
za^;oPmOSL0uZep3|2WHfaed6`<?rI?#@1Ji4b6C0PmHLj^i`B_V;2zE=1>=+zMI#J
zr>Gl{x|DxTE$cc3uW=ZZYsSo3kg|YrbfF-zW)u>bD(mT(e*6dc+cGKM9&fbp2B3U=
zE+3R@L3UT{*_x_6)cbv9&U6{|jV3T|Sm&b?p9N0%fqJDqw6t*ao~ensQEHu4V*L6+
zdUFQ6^%H^qnwU!PNng{SC2Tr`5YS`H-C!Yt)?lu~{2ABt2d{c;QkJ~4G?^3@L+xb~
zNM>|*@%i*znG2KMl)ss<^H}~m5BWW*jnclA15m=lhCPnR%1+vxUY-?oS7uXZA@c-K
zBt`Yqopy~RsXGY&52zTrn+L<JX|2V-L+pc1n4?6wC}_E_Cq~G;&cdARaIviwa6g^{
z+-H%TzUl0s0U6VcGKh@{$v)DlU$9UCfeZ}qVxP*!=>M~sFb{o5q!&6d9JMFWN#k&N
z(mIpPzas8wTz|V~Yy?ky%XZ19I}%H3d<Ob&Bd*Kb(s$(X1$2$ak~@1Igr<dKSxsGC
zQp|;(jkqYYqm>*lEd;zD9V<nBAy8%?anTUpqK!%Fz%t_NLgD9=3<Ae7n_T(8umu6v
zEqw#q)WYuf%wf`2Xs)2?3<^u0K=)xY6q`QL$G+BX*F=M$xM&e3(DvU6V7%3{y`y+O
zp7PHyObD|U8##!dAx34ZWVjZsk7vGP9QqX?MG#k?7hVay(22_Pm^V5n!gHEUQ|3L`
zDmJG%sQ5K#m!T_{;liweDFm}QI4XW!%C8qvBE3;_>i!qMp>`xb5oyYpHFzli$mV`i
z%}Nhqy2TxMjw5w^=@mL|ETJOI=H_(pOr=Yh8>#IC8u)5}!0gnbN&4{&mU}^vg%=Rt
z=1)IJkuM||kq|?u53k5Fw>T44tJdIhZ+cQID$iC3GIqEtFnIW#V~b!mEFl7WQ*9vS
z#cnJ)^jDKHE8@2&$wb~Fthi^#-s#0mW5n#YG0`bBWa4l=mb@)w<mtnL*OZbaM4M}t
z(_3D!3Xqs?H-l}_!~j{SzZT;hi3)pDV@<dpwf=XwF^~9dD6yMNV?O`%>`0FopBoxS
z1jNQ@%NbRJV&GN}2RC-cZp-QG86axN^8Od=c%mMFN0a#Dj$Ya-b$K=!9Oonb_b&1N
zp5yA%HLCrH-O<fy$Y)<wmF{&X6k7_Knu>X6>}>MSSS{CrTKZItGA13D(2r|D5m`wr
z<N)5$cUqA(p0jmlUVO+g!6um295`$Z!h;Mu(ibCMtEZGT9KxWS5O7qNo|4AZfr$Io
zv<8MPXdexMX7zy4?UvEft&aX<$b<R6Yv=?W@zG4=hNb~qaQtriHQVkO=)|kr&#A5G
zVs-|H!K0FmZ*TOa0y88ZB5a#nOybx7f=if^#bjm^F_fpaw**^I(n<(HQB?>!-_aA)
zh@DL*(YjpeT7nKb^fq8|);o=VDAs>-&JED@?c=;}7dC(P4Zs*&{HmYvqn7cwa`vA6
z1L0kzQn@u}MLuRv0MZe%_HxkpM~&TLT~U>dU8cu1wxfu5b910;kh&LN-&Ulse+oak
zENwfcxWPl6)k}+?>#8&<$-SW4#^S)-VfMMK(~6a@0Ew9iU7FSw+68|!9om<-3*(-|
zL%`%n+=C#uJG0kZ=t*rsTB&pLGZfSETc+X@O65Rg>az`Q650t<bS8WVZyY%1?+Aq3
zPYK-+@<m)b?2xlRfR4Hc#B`2KuVf@v#9^raQ2C(i;^y;X>uQmmQ%M_WArVl-b4a)6
zla%#_@~|hcFt6ZxoY8jQrV~~%)i>22);Nl#Vo81`*BBd{AUS(iF^@QN{0Zq&xre>;
z<M?!<=ArZD^G%IF$Uj%i=Rk|w59|sLlZg&<5-nko-w?8}n?Fvghl$%NL=!8(_Ic;8
zS9}_~sH5v#qT>TD90_77`><RDlOdQ-Lf(<nG5l>xLg7b;kpIE4)9bMxo7%OD>526w
zeX-t8`%s0rvWBLl&y5^n1m^SlL$a*D9qo2(NW1N9PWt>@{@!B;_ZTw-JF*ok<BwDw
zCwXH3S$F_qMgqaqO|U!0%Qd-aA>t(C^snP1BA~Cl3GI26uxd6%tX0U(Ve!Sph~%ik
z3ROFbABiV}?tdi4rdsHlE!RkM*yHi@^E<8D%s(esyp2~c-D`r333h>4=&@9D4YM(h
ztv*V!Z|+{too03LCly!yFbzXiHKkvsOwbgt0Mm|xdeSgyu{)ocGRqmKtrt@Tsmayv
z1c~@E8QpgqWxZ2r^J`Pbbg{g1=6@J;(7FTS5T$G=OqRabbUYR&`j?~`!HMOi>GHJa
zD=RT-e^ftgt5mm!%4-e8)i}#1gK6?K3*w~-2AXKqcG26dqUm08)@)|HQgzily+D6f
z&-TDFAE!$_cb;puU(p;VIjy9debZtP?zQtS@y_^tHJb$UGtWRPmYQj-@F7g;79E;M
z1_-%YXI9ALW@2zBxtdIGHM>H{y-eYm{{US)$mpo@k+M8!Tvr54c8`xd&pA%F1Z+>r
zmo2mYm?LY2#f=rb!oPufk9aClH+Nwl5-E-<_Ra7FZ~gY)`FAjKLmAts;l%a_6NCQ9
zYP=>FFFZ#(=536X)7s-V!@9V&3OZZh*66xj%v?vM-N_FV1+)*s<qI7i$l49WyiPtM
zp$v^ah<$e|HrfIFP6u7B?n{E!7Yj#?O3kLTkKL}VA)OQH!v#%k#=@>|mZl6tF50_!
z{Fxgsf7ig8^DUMgdA~LrzO(}GbS#U((guL1WU<Pw7n9eQG{wL9{RZg#z1Z`}WNEjm
z;y|CL9+MHkJ-K3cuuu!l@q|dmF5j3<>*X4fiEHAtXc=+Rtr#L@NE0PhzqsH4DxBoa
zgWijBS^a5wKc!zFZ{Wk}lOa`vdzEnMe}j}Q{yrm473zcdM18{_9`D+<#W6J0{mIAt
z2j=-iNYjH89yaT-%GjMD&pHR%+v5qqQ?!DL!4ok_Tc%0zUxVL!Xmh0IH)(b?y=U@W
zW~b2h{zzQTyDM{CZuzX`zl%XK+OFTySlU$vw|Cq$-jBKJgXbE1cvcP-WJ1&_EvXm_
zi^OW0+Hpp6kqG1fGa~o8gO0S%;EmgFVYMiuAVc|N#rjYSMWOXF{HNHBLtQPkKu%kG
zV)h|(s~GK{j!(k`TfN)Lva+tSxSJmzT*2=({pBrLs~dFH>s`PoK398Is`$i#ZB-60
zOIFzvS0DGB#Behi8*zDZa<;7Gl^UJ34y)EKu9z4mCFQIYe#0%3m>TD>1mzMZK1d>?
z*pdK!VM|>emtEVVingk#n;t!!A@0ATzps>-zn1x#8OfNr680^at!fxZ1t$=pXWf<_
zG9@1^N*ix+d9o7hx~IqJ3xBt!r2mtZEy!53ftuRpr>Fg0TnBmv9-w4VSRQvG;Z<7J
z%iHUEn~$-uHJ>m{cc(Ie@@rO(##djaKn99}H@ljKj;?%`;VxZV!-g|VVz}iYOX@g2
zs_m~VT>c@Dn=!5B9^v*brqb@r+v18A!JSh@RaMl;iIw@^Uy-CUyXtao=7`bC%2L6Z
z;zKXWZ9gbFS!Wp;nG>&H?CC}J`Iy*hdb{BRI!%=^7L*cQ6?LOEhU8ibEh{|~%+wJ}
zOBkw)Y&5jBg&uPp);cj(k*^b~x6W)bjnhx^vfs=^%NC#$S{`HlOn2n|{=UjDZFLbF
z3ueg_+^~6y=BTz;y4yQv+b4BxZ(hhU%r+l60B6`|UAV?a<HMtbUqY>r0As7eTS~sn
z_#K`1t9K=h|8fDxM0HM*)Ul3&A0NnZzr8FxT*Wm<VeA%p_=<OQ%&p|{yNR<)!EJFB
zYKhi<HQIm1VJJ3^*J9>!^t$bUDVxy`od#L7iP4ob3JNWvZeP>y=x0YKO&jUG^yfhS
z5pF4Gu5#ROOKM|<kZ0xu8AHa~B^KGfdTj6@#Vl-=QVtEP`DM9dbHcc_n8r7iK~9q~
z9dM&VX)5uOK{Vd>>D%B@vXXHWfLm?1x%yQrc<s~G-KEuZ2Vpk7-FA@msx2d!7pZS1
zHTRvA25~$V=j?K`k#^$kKxK#EF6E;^v*+}6tjSKX%cJgA>SWf(#bU{=l~Kbp!5Duv
z=d)XgxW?fmm;ZK`Ld&ap`|aed@vF|)nkWJ9w&Fo>efDYg<D*G0$6)Jf(d0V>8>m*Y
z-Dd2+$y0dK&H9H2KMTUEO^yH3IbfI#b`QXtpUV$4uS~gaUP3?9(bQ+)hSwDa4|(LG
z6r>FYCtf_ymMy_Yo$jmzk_R0AmjEH|Svmf<ulPvEQ+0j#1RY~tR>ux?)MJ#*XTo$O
zObX@Gg;DoUo)lynPAyw6>Hm@#01|A-^NS{ZwrMY-!3?Zx4u#dtDUXltIuAInjnZuY
zUxvv*0b`f6IeJKlSf<&hT}eRf#}R}`ViJa+s0iR39YP}c(@Y;Oc%9?hTV539Q=UR*
z-$5=E8{I6+W32#ZG}~dd@ng>FwtC}*6GIId_s^{J^C4~W-L03hZdBNAhUveOx?4&=
zs)k1or>}iR>&@_I)yuTAEyYQ(*CzDew_cP2;8;C)<Kkj|jD&vX{w~pBqg)OtdNvSh
z%tvLdnWmq&ymHqrC-$Up0SG1z@V_2vH8BNqigBbn?!lj2WE*d@<wcIc>vqQmh6+NB
zkIar4o8a-DKWKiYoj3_}qE!z#DB&Kyr1+$Axf!y#D&G}D!LzLG2;V+Lv>^RYy4JfG
zS5;>r2Ybxj?$MBBq@GZ>ikyuJSt!PL0Ph4FPmcw10-QeC-RAkV?V*Gi7szGVQ~MhY
zH2gQW<JXx-yYD%u9hKx5#&Nmx)qt7xYi$>$T6V!iS&RnDn0mgs(7v@K<!u31<HClr
zoLqg<6E33NR?odaR1Q~z(SbS>rG*Jj)2$7Tc2$M_g|Jae)s(BfVBPz`tT{a+Vr$D|
z_Ol6Xi-!8#meHO|*4qY6_2<$_n7F+p+&U-WI}wE#c*0fbqEW-`b&6FzZF%G7n1<OE
z)zONVJ5i_juZSTVDlvL9PP;K-0|hJ(|G%?=L)cBpAJ3>>ZhG%Q;-2H3nSHTVDg@n*
zd8MT}xjW7IR_qoj+Uw&PZ2WR&GpSy>(tl?Mx8&<AGK`L&%&h&!)6J^K>>$hTAnCiP
zorTKdn3vT*1FQcK8y>++KMXM%C`yWP8B8mqm;V?Avh;p<z%nPy=p6vy$y)?W*PEs}
z?p9Y-a)(;0*J<8avlr?bP0!5`(wPyGEzn^QvnNyj>VqIG^GxBM&+gDGHQrhn?VE4?
z-1jgAz9o5inqiZk*BPe15PoO2xCUb~7cBXGh(zDBt-xhyU3>EHOo!v1mY7gur8TZb
znmcfanZEsne6?BU8SMkJV~A;2*orHlfiymVFCpw^l(y3P@CnFfg>SQO53cOY6n;vX
zgR{qM+z>v^J_;x%9<AM?3fJOkc0shC@!n@jzm*I?zmX%G_xcKW{2ZXaveoMg{i@A!
zc+YXsUO4k~d=j0Eq1)R2-Z(8A5<y@oJYkT+<W$0z+39OaWu6{<Mo;+V=64@=-@1IR
zfBmS@I~$8pH$<E3OUwWAadwf^s|o&_|Lb#T8FG4FG_=a{UyhDd6|;z;U0jppyHG3N
zQxOTAmo?XFKw8F*Mr!Nq=jh?pYiPD5<b#0Cmj)LRWRhU1hu{A0B*2r2&1<K(X+<v?
zkBq9yEc=Um?mD)RCF2%w$MfZ8UkRU#y4l_Tm6bcKPTJs9T5-UsL(S!D5x@bTRh(#J
z*h!5P6c@Ox^BHm~4Tpic$~yTa@h+xsuk_ogm5Z{;IhQ>St5!Yc*fj)!7`dtQ_?l_$
zDZPvo8$N05*Antn33U3X4-FF&Io}F#l(ej>7c;b!jcEnJ%h#8+xU??oU_D>ORqml=
zy~T+dasQ4p#!gSE*-7%^bM^zXTB&6D?aLlkU>O(Tl6!n(54WPeKVcd!Y3T2k!o^FK
zbhIdGnjw0Qv@pMEWK3l>jH1K&*#yUQDpq#BsO!ZD&sWL)qcY(u^!}w+S`eQY^3Z1*
z)M$#*)cfL&zeiFlJAabYSR=hFGp2H7>242D;RRrns!g6`6YPDGirbY-Rbi_VO@9kI
zur8rYUJHE@TGSgtohWf@`N`QfFgs^qTqjZpR=5$&BqXW*l(cfkP>o95JCto>4zwXe
zuMMLqMKgt?#3Xd+SUB%ksGwCu>aDK#u*8#t#@;HiXd%NJgcdTouGxRcKyUGZFAeu0
z$B4f9+z_;$Hb^$-J=R|al%$fUkI7Wy3Hwx*Fmh$>$3ucJJ!w>qGaEWx=k6pkY*3$!
zCpdPz9eUP3gZ+r_{gak{d_iF?sSY9>pr~L@5La@ZYuiK3q#35kKuJ-TJ4?NKii|BC
zsd#d*0}1l)42f-Wbj={Yu;zDu)fRWx!QFZ%6o~y}C0#{fNiAAH7_k~XG(-0}NuOG@
za%pkPlK}6Ydh_><A;=mtfuX*1lkk=2I>#m&-x(w7J3!l)=hbp$M!UjG&Y;+=sd;p>
z3tN8YPi$%WqQ$K9@fCHmpe9L2(y@dg<74X*PbKB6iAq?}p(P~(59wYvZD5k4fItKb
zM@7UfpjUAoNES}fPZ^m}2(G?&$NvYVKw7^CB_(BKM0z6@$w;pqVrO%b5P>CsduT;u
zN-djv>l7phB9Vwu2E;M3diXC&mG1a6DN1W>f~z<?JD@I3gr!d!+nOux#!pKrDv21G
zOhsASTdshG;X2YvdePkgT+)%3#_Od$e&kwrNMm*k5{U#)RS2&pH@LmMW@Dy@aBl@t
zv4nuge0ENCtWCTkE3K6Dm~ccMVxqFzIQ`SyxuhY~j=-o9xYaV)n1j+&e)qp~>PFDr
zUeS^rM^*plZ_nPOJUxd+^%mtBMbuW6;3ttFQbsefZ~*ApS{NbPSBgX?Cp@Epy^BkR
z>JoThBqBB{7|GYRts6$C=LgOhX{n{Oyqs{A9EmE3mcc%<!~GEpWn@&3a&>#bNPRvP
zeV@1mxZa^Kxq$WKP0Era6g1Wlu5jSzr!VkNX=itJhVr~ZR*%o=D2yXKHV!{88FEz!
zU0>S_7^w?J5|RPjGBePCpF)aI>_zp^Coc8;iSeo|>OZWrFw{;-Svl$9D#RiMnGGY{
zaKrwW55)Vc?#4zyLLO`CB{ID|`2E+Xh`ln{ytriJLpPyba-<>&0Z~P$&vkr$(|OlN
zsgYrbJS4>AbZ~K_=l14=?y59o5)m?0C=J6)-00zabDFH^Ks<yZqB0se)ZKD(@rA0i
z2&57TN}ni3=61O+{xyBY$-MaaZ<t6!=x?j1xVnkv%5+pwRcsxeG2EDqTq;2*@ug<)
zBUgHusLLa#vWlc|6&_+AsychfOAJQhE+V1u&*NzK!z;XP9`WE;QwqB#cv}&Ssks@^
z5n*@=g~S(iadrdTp3zsGfm|d+a#zkB{=}`0>ApGw<WeM3PqG^O(cb7e*_<IgCJ?zy
zg3>RF!KHo9HfAX(ETX(98M#DERCX189i{jyBzXG8FtWS{=-FL(O|-8k9%3o!RehXX
z-SAgd`qHqqkP{s)!85gyGd;jHCDESz&;RZJh_xt&Z?8IbW_qyx<$vMl$4;zXYblBl
zW8_!&FUpH%V}Z)5D(Wk9P=zP6etOQE#yliqA#(31`lfdP*k7L_HBg06sv@hbnxc#>
zK5XvLn4LoH$Pxf(m&i*jU_%GzJF{d)1|akh5uRDYw&wco{Zp9}iA*X+stV=x{4O6m
z3ow8DGnUpOT0gAwog2+A0Z$%~P%y~3_G|p0;Y~w2!MT0tZ_cPMOd~EPl0bzFi7K4V
zw_gCzoovyN5p`F7g--;7AGg?D89`$7l)pW)BPF*L9rw(46jRv!fx|B|<QJ4uo}YlH
zREU2}0V^lhTx!%*WJlbUS*8kOXkN`sN8VkTt!>40eB9vR%Q$fXs=M*6@=s-9SHsoG
z3MI+ul;$PlBNL(wOl9dn3&8S7Gk$mLn1bZuZccQ!aC1Uec`8z&5J^BB<4gPK^_NU^
zRuUkSAdxA_YaK!N!<NbFL<{CmAMn^tLUGG1dfgeXt8(tfn_Lk<<G_zQ>!4Gw5HB(2
z@Biyl!qdx9UmP=7nTkpwLn=~{-}H_fu1F5_AhP)*a7A}{Dj{*z9HD3XQ$OJ<86FZD
z*>$hcT;Fn!9?kwTnQ;NgzQ!G@Kt>nU=mGUYKOx>qq)KnHGZS#KR?*kfK|)d)>MH;}
zi^Fx4HI8s{vQA}U2nx9jsVtPviFNcGQ=gteRZSToDlsB?7=w%Jj5Ot8@!(e;nJDO)
z_{`DjBuRnZ$mJ5egA<wfathqu#eYFEF%o46*+qHemvwOooUTlf66}LeBqTbgmAyYN
z`rK-d=qt}cE)gO345W2*iIa^v!rYAb``;cBl~K;#6#!_}OT>u2e*YOUdG*Y6Wnp9V
zn25w!yu}^_Csnec1<*0oQ;td`MCchv%jn`?#92q2pBr&sh5AZIe?=y8u?UGwMP2_a
zm)ZmBGU9l<bO`9^Dvqb3e-?n1w@qYKba8QW%~)G0o)R%)c_8gmtK4!<b8a5(oecy?
z{dl{6{118gmpJ}ZiLIRt<9pZKqv!nikh6;m-nV68Wnx2WNjb$?As845=v&%mswbb{
zelo;ArHtm<Ol*uTX`h}VH(1IqX0B9r4Aaq;i88yLz1=1J9ADlAi%m@>xLQ8N$hVaF
znQjbBg^aCT0WjE@idS|UGs6Y^^y_n6L`upUUelHrhLcAKwN2HecngrnRC1)d1%TTl
zTJw`I{`CdH$xW=UeIoGb|Ad7gfX0?4!W7mh3tyq$nI}wUPGDv!jWtC$+q+WUKgTWi
zeCka=7Lvo~fozPQJ;W;}gVwqd94&0g99X74$_F!tAYKi05$)}YIHaD*?re;nKg26J
zpHFLRM628o1!piY(1nkaHOlf2Y>l^K@!)5aff=+mRUoi7Cg;sM>l2OGTUd}#T1`V)
zD#kC2=>GVbw%ib$g`s!#P4;p^5m(L09~Y6Xm}tz!(eNQE|1_pQFOcKsf~`1|^4cmw
zBvuIga#3sV`}1Js4UP}ZNGxlkr6LI%2PI>3n`8)V2uvCT;QY&b<Tg@9){e=PiHNG3
zqAkyh$IqUVP}#x$xgG$xr6XF2lRSe9;A*=c2Z0B#rauxUwZu&sNp)Q{e(qMdg;%rp
zc^ILoIm7EG04z0!Ad!{vdAt>?hyOD+Zl0u;cX7@)w4d>GGw0C@TLL4qm>R6d)y|EC
zoHA+);}JSJ)BIjdPmV7Z4l;@wTFH;~<KfQ+MCHDrH^~bpk0NdWu1|?`bSB~TF+1I1
zNR?H5e$$NQ*XO!>l2Ox5eV#wgN`ESvn(hKD7iA7BOQU$0J;2>BlA5oXL~{cS1U{5B
z)Dj}K#lxq8ll5^VuI@x-Rnt(JhpV|2ZSy;fwPx_(7h^)Rs%WZ8!`jT2SD$9c_LK7H
znH%-(uW71@<ArM&T|Mn2`?w>?=tOhFzrZb9A3Cu&dPZ1ODE2Sy=$qX_&n-(Mby%2L
z5|v#+bwMhY24+-^eP*~Z5d&ojr`G^ygeY7o7~B3+a5qw$gr%hm6}4@YrugyF%$M2u
z_r$rsBp{=P{;oRYwuaP=ePX&lnV%jS5SCd*eN_t926pt%>~PN|jp23#$BlC|Q;M0D
zD+P7kw3S6;;Us0^@RT^Y09oM#0GG!zxVp)B{dobUs}UwH{**N~6DhYt=u^$<$r36z
zOQeD6G`H0tw>QMEppTK3RQ~_}e*?mDYiO!W!P3-@H#=wCb3{$1jNi?iDXgd?HCV#q
zhh~IlRZ(3Si-oZZi~C#Dq`Ki%HpC6U#Vk@c7iM-=sYsSmP*+E0v=>hdt;nezWBcPU
zGAB<aHxEg3c+3lP88r<pWCpoo=AdL&ea=`z81k@Ow&%KVuyi9iuY&5_C_Du2G*9gF
zBXxmN0_&z2X-eh612dw&)}<mDD+^~PzARA|Zi`)D20a}O__|q<*D**{Y7_<!42jS0
zW_Nv>Xt$SyWY^KxS%cihh}L)WOm)Ta_lJf=X4g<(o`991J!A7bylaWZz*s;@T@yu#
zo)}n5`LMJ?Mu07nh;*8os*t+6k=;7MK)woV8v$*-oumdzk$C5z{o#1*_^V>fUp_^Y
zSjlL03IdBqm^z3^s_3JyJOxt|Co)Q_$xjKu(%g~$B{i*4?mT;DOMXQy*?~eHKYvMN
zP6>^rNtl?q(6e;kf7>5NiIW)d@}&zM@0OUV3gzL$2SnzU(^8Rzg}F1`3&$+9r()&o
zLuEq~*-`$udibz(dULO^^R2ksz9cZe<?cByw)Tu~s>u$MV<(NGci<HfLVFzIyV#u{
z!|Bm4xO*j0S6zss;Zw}q71TD@6XarnU1B#H^#TD>ca+gZG}TrhvNR*J;{&(+fc~8P
zP<OoY2iW-3gQ=|-lN;xNo`NVj=0a~IwgS37odCCVWvTEE_QKvp#EMQsQKSST|9@Ft
z4(3M?Jo%q76Nrf~Y^JR$4p)(w!n#Isl7g^u3}s2ZMx2)ecES)E+8c@S7Vz}hOIqhX
z6RWZysD2Uv{eC}US9j*s>m>O~5qrne*i=ENn+0J7uXx*&$74Hh>bkqhk5J$mS59wR
zJreWZ5z3+%Ti*NeOe0<Co;-SHi7Gsmy4DWfPRwv{rUkv4NH1$1TMMaZY$ZL)6JrYz
z?{^Prj8$S~>qbFU70KZ;%xx9)O-~Uiu;P({l&1doTyxKGdN3|=9c+Dijl;vAaaYCD
z(o&0utr79<lT7sF@Yvpm`d8iLh0Ab@FQ>1q7O~myh!rusU05PlX^bMKkiPyd0-cP>
zY98kNd<LsuALHnqNMlPqzD{POG!C=BJ&uQoF%juywAB`3ZDdYG?+g=7DOkGtQ`Oi+
zdYB3iWfULYw&HGQNLXnH4aM=e*gG<^eR+SZ^iwac<}WdmM$-RwouSHDOfBq5Ev%+6
zDFjnvYZ@o++f;k7PGOKEPac|4+A_p=T|D;o&Xl+H)07p2jg1@Iw>r{-MZ~qeVYn&-
zXKN?gCcdEAoxw-!j$dLaP1U8io12r@x4<9Vp3{;p$H6m!uD(7J{T)%|cCdf6L5Q;f
zvZ#ETn`;Shwd8M4RE&-HU~A$?&+G|sN~ymC87<@VWJs|VhtM@JNT$CtV*eyA*~7=y
zj2E^lDw>-}^K(WV7{~BfH^OI6F?UPk<K{BSZVrfpGw2)aB0ykCV8kFg^&l=b76iwa
z&{&y<{qx^&^GZW=zDbh1JpnP9G&Po>lsFMuGQ=(4xniI=98*gt(u=CePYA}$+>xf?
zIdVfB`TbV`l}!U2-vEF{y-I$d9Zw#bQ`$DlLU$G>PySaVVac>Nl;UD(MO^1PyQAee
z2&80`Hd2}qgTT&({#EUt<;CBf#8)5r_$nW3V{4L1N-50_#mLx+j`3+q{VYjtev3}K
zOQ_L*k9lMr=Q=Gd$wHzl2bmwK!rD?qQB5tSiGH{Wz4^GljGwJ3h9=eohi9;OaPbd$
z`Ip!k%fjAH$jUW;$;|4|o$gW+Xi03@>pPLroF9=Q6X01i#JjExez%Eb^;m;Wdqjk%
z139CstoPSpCrf8fcgbK&3W|(YW`^=HcJXB4SaX+|8K{imnIw--GhIA0^k8K53V@-O
zG?bYwObw><z)Z;a#u1vs&jc9#4Uu0Y1qB5pgeZ9Uiyf0&rvQMSvy~Z?Hf{`j(Q<P*
zhw9NI%3dwp?IO)}7Gmk0$D6)9etu>~L`FUZd6{@RJ;N%zmeVW#VCGdEqQEp3d(*MD
zbY$Z244qa(O`r=wDTB18d-BA@k)-4-TAJG!o89J0w}jHomfqzZu5V5l?d_m<aDeKP
z9E64j$nz)IdDDQ|FZN8XpQ6)UP#q{nmiLPG0u`?DHJoa+XfMtfe%;H&$EmyeN&=#}
zt8cKJ-+!@ZX6KymT%IhGDzT-te}jXSJ}eDg7+gN$LVLmCN<S`UR*e2&>?dpQa5Z>{
z$S;E8ih8>GhEN|LlkRAWU)%rynw3dZHedVVh%|Qrv9ET}t~cW3D&fn8mRmi4aJtlr
zm92pO-CL%MLvRWzV`;P*a}zPs8>eWs7pULYVd*TQXRIHwu^~fiCjhLpgd!A|vocnX
z*{|jdFRD4y=+MI-SwX3b0bT{89G{-kmn_HNsVS-X1r+3`WBvFkLE(w0l(r;w%%aii
zI6vLM&(w&p%uxoC6*#))aRYF3Lb8)1i33OMbOs`l+&vf5Uo9A2`6}nD$lXjamVX^v
z`D8@Ocx2{GacvV4v!}E!>~WzzCPM0nZ}~ekS}mVyeUV6u80*O8!Ov!-W_>MJ5)LNM
z5Jk80x+RInPO0piU!c3#BT!;b*@t~rIx4VJ6`;{xGEf!Ib7LoBld@@SYGZtM^IyHk
zp}*GBUlhbIzda_RsP8U|jQ))JEIGo|Mo!N!xX_%@6z7J_r;PsQM4rftzsbuvp>hFv
zBbz_OS!-k{j7e^J$Awmh=5&+6-aa;WHW}$`qpPczlDt?PO$?|WnqjIdf~U?td_KEC
zd$CDDh$F?l(|?wiu&?qm%K63zS{plf-PJ^5v^NIUu8bU<5-oE?nD-8VtMgB|x=0yZ
zo=5ItNJ7`bT|e%OW#Xm?V|=gy3qv{cduMm^W$pa{Lz4^i)yMP9Ig|anw%x&3XiwS1
zF83T#k?f2|RvVfNEwgQf7+6QM{k7c3(}<iMnAusQD#aN^$+z7(%`8$^M`pHHDNhnp
z{`x($leIWVL)f{v<al-nv7MC3wLRkPEQze1zH77dy*XmsEvO%#Wwbd0&*&UlQ#>&=
zuqM5rfc%^^%zk}9KvFZe+*9r2L14{0hU(*a?wZZv`PVkx#z*K#-J4I8MmzD;QATo3
zIV~++ENvgMKQn~%YZ-QQT%T++-0`)KdML_?!QRAx`Zu$Tw}$Y{)t|My|F=eNup<?{
zW5hX_;h)}nH+D5g+l=(SV)1P)PYeu^MrKfumrt<77*qcO8qxwVd|^aPdM=HvZS;>X
zbHhECx@~;KPLxicaXeOtz2PJ3r?xoLsEKrU!Y6l_^9wDSvqMTk97(P3p*~E6voPoG
z`#X~bm<c>sI@h2*+r;0}k>-!5eCPJ+lK17F2*s6XuWtBM?v0hell5~Ax{G6S#Ew*U
zjFK!DU})`0enBDGX+He+s|gLm_v2gpr3Xig$2fRLQdHGQd&dy_nlmPcx_Q;xM?+O1
z3JYWGBih)V8^ZQyOS-1jXtle9$V`Z79Opu-WgsySL0Bzw<4yejH$x&4vM4OfLSp}d
z=gzsD|1fFK)~9iM`Zq%Jt9jj0hQpJ;6WQ_+fPzQ~j$zd_WvK`)8sPL|1F4HET_de1
zMD8qolNZB(MP82P2C(`01@&VqoSq*L<73A|Cm-?(3dl|J!@$^x@U#j9MvnB(s?qAS
z9DQoR&dQjE=_R66rufxP0KonLA`cIS#s_hF_;<XclJ3?&e-CSnjODa{oi{IS2#rmn
zuAzmIsb$VDjwtoDqqKgG%bUOCpwAB&>~5#DB!_S>5vHaVge7*Nz1bl|ZbeG#-8#eh
z$!CHE0wT*=339fksCN#{#RX?4i}={v65F%Mcxn)iVRdMASNzCevL7xnt?bP7Vg0iO
zy)$ZbIxTH6N(70mO!O4-@@tvn(y47|W#s*5G#7^ydD~Lfu)yWDhKX10baeJpS)75p
zwIOM>gPfjDVerJ3mZ`nFHXChDM44L0U}Y!{!cgwkajk~Mi9TkQKM>+%gPDW(-Pp@Y
z@#Mindul3*5!gJ(*)N8YnnpT0huOQhZ=;(l9Z5kVA{ySKyE-Jy(+dBuF_q>5&Djx!
zzP89iyZDa&_J*zgI0Tk4oN6!G`!r5dOAkG*^`wN0F*0#sL$4!0Op1k-4NreJrsUNe
zy6amOURUtj-;9Y(&ZVF*9S@u57>i5L>F*O)^P@d<cXrWKS%l2Z0!ex^^OMyWJBXQ4
ze~srZSbkm2i(kcjTHd52(3<$VH=G>J;bH5-$m$s@@A_$KAE2qKhybxQ&Wd<0Q6sal
z!oO(puD`eETCjKZWJRl^Na9RT{Sw!==e+4_r>%dOs={={Rt9*-5AeP`3`@rd)TbAB
zu~1ur8*X0dtWB0<Y4`x2q`bR$$j`|T3sC^uIso8WO|aa8;HuHPlS7)*Lvoas_{5H|
zKbnBEO(JJn9r_>IcB3~Mflb2QyLhWN6>C!~#?)tb^=^w0;vd&WWvr4%PX*)^6jG2M
zj^U%{_-BuEkB-;?4-%SQQxR%QWN|-t{ds;&n$iVnc0X?#QgIBaVrgj%7sF>5y2LR*
zJ4cwkBaKr#)CO2$Y~e<3egQe@u^9aA5tXmnkl5LxO7G|7<eckU{XgX8U*h6RGv?+t
zv@M=<&m|>k5%}h}lIv+nMbBrx(;P0xIlYIso#{OC$U&_G&=Kw9M*7ein?nuQ$}>2=
z<qvsz*PDd3Jcv^O;A3|l2ErU>-gjYOEM$E17J&ZRD5P1fO!TE8P(^aC2c3Ez#nYdV
z`G%8}kU&Cg41qyO%<XCJ>##9{r>&6DZQyVY<r5=Xzh#=&`)aZC%wnKDiJy%u2~SKR
zAwGea@E{T@`q5nfC@=Ad0@GRSO~b)P%-Riro>%eC_=WXyxH?O3Qxzd9DXuQA1V+}O
zyIw`*Vb9R|DO~N69vyIZ)Fmyy0HvKZ;=)PPZ|X67ENA8D5`fNdC5rS`>eJl`s~x(R
zjMF1l<|mOq{Rz3>eSL$1l34iBz%^e;7unD~y2t)v8<vh<e9?Vxj0F@9#`LZ1^PQWE
zW9CMC$xn_z=<JNMiw{H7OC&p65|}sw!1?MZ&c-6f)(-FFCB8?EeybIMn~WX)!tEL9
zGJ7KPdx`Y+Aai7mwcbjM1o0f+d@tii+}wmT4D=y2GiG$_9DwO^A3PLgEDzRT=8}T?
zf<L2MMDAuq$NT{Rt&twQG_)r<Igy0e1j0ijC@soCC^Dz<)8Y35k?m|oXyzzADGD6j
zN&tX80xca#9=wwm#L^0u2C6W3O=bTQ&@CZyF~rU{io~yN9T$D~@@sFYM`UWk$d(q+
z5aQ`f=FmC-%T4~sBn9*}rSaQSdtwt3iBE_lDm;wbhSv->CGt#O@=c1*3062$ICa36
zo^ot`iqYJ{!R88GO{D~>q&Pb}Ax~=N?2><#)7g3qZS3h>y#xS`DNl4JvF#n-nXU9e
zEXtv;F$qJ@GA{H0$M{O@$sXI{4~~~ebT*}ad=miBb9}VT&iY3({atbQjUb~i3#Ee*
z)kCvPbw*$$4`cTh;OH*MFX*27tGo~rH_p~n9TJg*K>v91a-%SCaOch888H$^JPW4)
zxIG-l##zFhyto;W_f8GK@q7*L3V-@rD=@K7;#B`V>3_)a{vN%xalBBLb8!Q3N`O>A
z{`k&c<ppKg5CDtqC0KhEaefP2%pq}gVrKhJUQktx0Kn0E#13D-zy3{LrkS6r#a<rH
z5pXg$gv3tD)T){&fq=BZgFl{C8tF)R{}iK5ktn0HsQQ{cH+3fEZmh-=5*R{p{SY^Q
zk{97Od5PntS0%a|fD`<s0!rR(vi0Q?jU|~Vr5?BlT*+*E&)%nDqz-ask3qLHLz<r}
z9)1yI6=vY+U`)gKJa3wVFi}LYuLn4wEI~|hM=t^9HpDiq-0!IG?Xodh#P3E%DC1J^
z*237xU}6f}SXy47zq^i5Z!yj;E_g>}p}yt^cJLNEQT|EC>6;7$rk-qQ0Cw?rbs%G8
zoA10XkP=tXLVcJ756@}<_CJ>4B=qJ4K&vL$&goC`0x(mdKrF2X;A5E=j_yI60NiS*
z^mC-LzMn9$0~W46Bqb)0kPt;+P%J|qw}JcdGWBMd(zGaq9`3k%DCwMBrXnjEccGZ1
z>>L7J?Xik%V{i5~Hov>_X6YO_Ak5Q_^5IzkM$&?C39Di1btMlUSr8ii^?7l`MFta=
z-onKXfyGRB2EYCC8+J}ExVZ^1d;SZC&dKPwrZ7^1S!g?--?U*PPN1<N14n5%$NMA5
zTm>v?|805Md*6eleJC?(J+McJ(gFjKA9w3kd>rA?(d6WmU}5aTC-wI<^CYe=)-+5n
z5~(sJsBsE_o7Fai0uTCzUSajy@A!qq-i?F!*hs>oa#+~fWU!-#m_QW*fdlRlrEI7V
zsPMC)viS=?qB~orFuj<~a~&6&a}IVk87_^$(pbRS$;Mscq-Jsz0JtSbF2pCT6dxM_
z19Qg!z%}V&0lqCOyvqo}De_+U@8!k+PF{9r`mp-Voyjlf01T%D;27S(v3irfj%uO<
zRXBewb7VPN`+Jo8*izlT1{_ixF2YR}Ok!R>fo{g6){Ss>I*Fm7fSyGy0294=NRsO4
z$n-|!S%Cg~3AM)@9nT`SGRMl@kGruKA4NcL0%Pyz`7kj;QA!vd?rwO9RdmcAbI&D-
zAwr_t=YU;&#U>QJ`OJ5QQrwVu*7GCk!5Eya61fIu+H>%fc;FSCMp2p%Ru&#?aY=rd
zgeN9Wc-Wianc9pNnC>g&w?`I)$KH?CsH{$|{z!yr=qwD!&CQFX<UB(C1&A|Sm>JE(
zQmo<t061Of$L6sIvpW~e_GDo1pF>|)2F{*|oZj5>Dkl(ksfvj70#bsVa8smkg&LW?
zEuoDo032)#V(a3`iVljU&V;wE!|g74!Cpv}zNF_D5$I@yZ_)rm>Hb)F7W19SQYG#_
z87vQFWAWlCehEn=BqR_M5k`DQ5$enD9kY(N(3tXxHNMlI=!_zuhy6G4INKy~q32I*
z_eJ7to5nS;)02$7g)_@q02s~?5g6J)c9@iB=E84lOblVc;S{&d{6$`bBsBDq?`=s*
z*D~K}i}u7OzK^5DS2#QSk&}^#PjETGex9V~r6Y0mVnusPf!G)`J1HqiU*8vT1O-IU
z`?eRkyBp;*r~DiILtgZk8+Vrs9b{RosZZecijDW(*ccj;{puYxF}4W93)nf)aJc;u
ziH#A#brZa8|0*w8--1saF+Q%O4Xv?0SdWb~gQIWqBF|`LVWN@eFD-dByUWSZ26;ht
zJXRF4JU5KhQ#-on&p1C>B~D?4G_Q+yz3F)P#BvGTo~;sX|AMfrZq!FdEWc~SE4-MU
z<7>WizCMk_*p7~m$LRLvkpFH(%jgyWt9><CduH)=xEdp4YuaYMaD2E!OHmwo&7)lL
z&&W$p%ALHdUIFOoP7n|j*+xTF5=C`m>>V8Nwk`~78xMBQzo2xrpmAms&F3N9OpK{{
zx6J;|GKntMxTO!XHQIp5Lj|7?E&*r{_e7G>MNf$@hLTuTPIPDwm++D}liA)+jKfPJ
zvU}M(I$~-3Ykf=D`{7swXDg(*8&cW1z`^<`w$Du{>77TTJ>yenE-#<iF}Zs$ck0i>
zM0zDKv%16n#s?zYo{`rvLW#FEiij3;S2{*&V))5W!uz#DQr!i__3WWvZ@|XUh3UOh
z(DNrgy~@J;=_8CB!dO1L<#47O%O@t(yjeo0J7cUV4nr$BlS}WA*qBf^y~EY%HmPn_
z*vraT?61aFk;{SZpOY6mhQ1sD@V?9+Lqio4OIsYNzfhPOO-a)zQ8Fu}sf`@#ZrESx
z!{)aagyy_uszimYAdwT@73=TndGg$X?7N+p0K}3C7W%5NRpxPc1>Eit>|u^PqlwMK
zW7a-)6B(AkyLWvEjg1-I&;aKIDxAq0-T+{!(HF6_jOl@59$P3Gncd-Jf0L@jFp5VO
z7;Z@5nXKrWyqpnoColVa=_<p*BZ=MPeR^us$!U1a-r)i7ThcImpk!n3nB@<ntnZ)k
z&vCX?hq1jAeOr0};DW9Ke@tcZd_FkmY=50Nff<VASG;S>#z2sQT6e|vTn|<zkI4No
z$k*(U<86W>v61u3YYvwB5Ieb2+gi$FBNqnd)oiZ5CB(ymoZczkwTELQ4Q1yB;P9Kg
zO#Ve)Yza#qqa#X=tw$Ey`$v2nEa$nEGyOXna%7IUC-kAa(J@vZ!%JH?1{dd%yBd)<
zzWYsHs&SS3Gxeqoi{CBjoZaE}Mnh|w7~kkBy6fY4=~>SCw}3zJtGvAVi@YQX@GN-^
zz(QLwc0R?N-2$39#4e6}+}ouwSA|njBigGAK6Yng^2mfwdz*jA%iL5gCIa8Pou=>d
zGP%A_oZU;L3C)~b-mo|O3Zd~6S|(O_(-eVcWG=&HL718bGPS(T!OjxdiQyEsEyG{s
zrTQJOYh!t-s`w^i$N0-!DeQemZF)GZuNOHy*rg@KACrJu*53~yG!-zmcFN*-4G)c6
z8Clw6V`Yp$cMFP!rWtDp#6%Iv-YvjBB?%(RdWOh$H^IrbfD_#{2lHL{xVrGFuNiA|
zGcvkAaD1}QU_&OEHC?o3Cy`#=$L`?)AA9n7Ve88D2|uunO6)}0M=hssl5sW*My=5U
z$E0~WVCz@H?unL@jgJIaKOw#24Rt}HKjdX^rWAq5mlJ@CU4rc#`K!FVFA?JGo^^M>
zV5ZayC%5nNa!#ec4du-f6a~9t>0f*|XLc6f5f>i8yUlz1KbdYOJTjf>&uR{~W(c&m
zLz!HQznu}8?e93;UnAes8FRndyJJXJzq&HEcn0hfs&Jrkcn*N!v>*iGb*#Ma;Dxap
zHN&4dIa1S}8%u1}@E@X~zuYI;!;ILHUiS9)+27x1^=%ne7RIzKsVR$+V(8z@<;fcU
zVhjG)Uw^}|cn1B+FdoiMEMI6SjF4dLU&oF9hLyz`CYE;4bB}uJ6?Pu6%pL-qljiS;
zeNZ+ldq-?7j}jjoM9;_|ZqE!zZ+p+x^(E7tX&4zkqh)cE1V4L(S+CGtX&5T@#q^~e
zlb^<LduBpb-8e@l2fS&^Brv{~(e`|jird*zAFw=9iOJ6{Onh9W+}niA@^LP%`2+3A
zEN+HIB$f}ecc$a^TElpKG=|R|SUcS$Oks{Zxsj90YxbA>u{Sp+t!0o<=jR0Ev~i-<
zvHr0OYa?TF-tIG+;*YhefCJ4X`hP}Vc0TlC`HLG9pU=L1KLDrjYQ{PWNGfS(d+&gy
zp>j-qcIEx-DkUmovMZ-JQorTdOB)*AuCceXM3R>+5tV%$9Zg_pAfRVK1Hik!93+W#
z3^&B{!pxPATc=#<cF7MGk<-*pqNg(sVO4DIpRoC9gt(Yw`Z}wLiOpetP0jws6e<e~
z0&5qz=aTpU54;Ko(dmy#_OinvsF0mgEeGrG@iRBXH*1_9+3t<R!QB7uPG(Aw1T+6)
z)Q1O5b){ozAz=PeOIEOuu-dmQOm<@WyE&zA*V&wC<f*Zcmhm-C4tHtJh$O!L9s2Jj
zIbOr-=}U5(KCr*HMRB|W$M{;7X1XwZX-3<JEv~LK3|2<)(@#=ncdxkId5hT278`RT
z!mH<iP2B9P2q+ul@L-Fk3?+8*D9)~Tk=xl4*02n~{(3+5E=oS@Am76dpOOz~x4N;j
zF{NyHorCQq(iKK1BidMMOT_S{6T>U}ob4?U=ky#GRXXaWPV9_c+|9|8qdkVIvWbhY
z<C<^i4~bV;BM2{L_f*IJ`XpY)h6I((vp*Dzz&Z(yo<FhP6^6Y<AUkK5Y<Azt3rku6
z7|L+NKdhaOOdnpj#xl2lz`^Ds*^$9iP407#j+g);Nv&_Fk8{K=IET&SbB=arQP>%w
zESW;D+aW}3%TK?(Bx87+z9cUmJopJ|cr7<Tdz2%VjtMMpAF#JNNkViiBOfM^i(F}5
z*8M|X{%vmA`qYD$yFJzd86iP_INI3~kkH71_LAM@F(ek|xJwjxI5;9y#j}2_VX7ks
zBex9pE&#M7csY|dy2kFC1{_uC9Nxfia}x5jX3jJxG-n3m=;DIXTY;^)5igZRs1NqY
zRJmX!P~h(?#n9*({-vEv^k(4Zm4FUFf63Bl73Nm<D13bpxH#dLKfuKgDXQzUEs|tb
zm^pg$er^JvmxeTdlb0`jRXBL(v2%1pL!1ITCs+J@WH>ll^J;bzJ@-s^Cm{6CW@R)N
z2itpj=}Pn<An`TtdrPr-VS{f_Fd{os{F7?XT%C~RYloqe7qx?vBnnNj^N{21>xHZJ
zbBx>qXzi@S=Bbp=`&R(8he?qYj&Z#Hi6DDpT;)oX?v9APqS-t?W@)4vGi!U4clC9|
zzi<%k757{n(-<eh&|E<4>=t7+iJ03sqVSaAXlqGq{nr=Fea$o{E5t}W5V*(*P|2{j
z7BIG~W}!13vlqtr2Kpngvf`zcocG(uq_{c}+r0zl(<rPSW95_1;@&ksqEjyrWcWYf
zS<uBLpuaw(sUVD(W={BdD=@NfCbRxMS2rgVgg9X4B*fQCg}~%DoI;ve?yJIDk@L^W
zi`2!D!7qmZTplhGA0Wa+ASb{_gpo%GL(3<ujy58)e1XI_0I`b`Mvop7oH54PN;l4i
zFOmEBA#!u)<uh~g-kq`49)?iyRbDEw@yzA$65y8Q!CJ&thRFN_kvJL?lv9g(bqsei
zGltjCfpfxSPGo)Cd0A=*#7$I+?qrkPU^i@BJqh%Y;vn+l&Grdz8qzS66#OACkuoRB
z-m5uX9Ky=Lkih6nh6ih~w6w?DKLC-FJ>F3bsMkN@WAH0wgY*1zoG#U1WNS~~<{um2
z9IbsK%+(ktu>ysM9nR7K-m5P-Ssuf|$O4Jd2c@Sw4<A3K?87d9puc5hx)W<7E0jLI
zxH}05jB8_S^*v%I6P%?!_<IX6H#fq{HI2Ud7>vXr-{j?h(nL8$z3+d_fY1=;L`cdg
zOWpYxKQ%`c;Ezl!#NffNgcY?h-I0&sOIv&cd~tQN<GGC+Z#PzuxtfymO<oS?t8o$r
zqShQxo#f3+TOmOKo|rj#(mA`!Xk7~CiV`&6<RwhvNX6t1_ncCdDn?N>2*5&X5jI{$
zf5?kaAYkf1$I6>J42>-C^!CNm!<;A2-B>u-q&z`N>A)-pYj5$ec!q~x1?%qz5Zg+a
z+&Cc1{&yZcHpe$00HMGd=a547POliP4?`T1i{@~VNN;z{oE7-0JTR6-F}i%pk5qYk
z;9ot-o4RByJj?%(moSMFwG+#XREA*X;6^}zFHZJ$#5K>L+5b$Wy9M^bP$p-G5j&dT
zD)Yh5TZoydA$FondTSyul7@eimpzK&WmFE$vNh9*yOTXar7t2^dpshm**`g_FE<QF
zYYY4Wd~vijq4C`!%de_&w=_c;5RAgb8cAgSU*_jFenJPzW-d4#%fQJp6!pa|phx|w
z7cVz^oMm3fT`X|&OJn6gOJ|q>SI<fS_NGg55(fMsFF`i;H2o#RxHVFU$#0K{YZ>QF
zUDW-~%gs3zK~9vmedb_s5HD97MBafYh4x6Ji`lv0541ZUNb$ADUZ^D4SAv<NoVJMt
za#Xfh*t_H7?~8}MA<ryasq5{+@v$?b^Jl;wAu=Z_h86%AN)5z5s0Q8nAvH-#tQ>>{
z_$qO5mQXXXfgS)jT57}8%!!dz4FG&w4--7BQN`6#8mGi6qWNy#b!B<+_-9K-_pae+
z1b2Z4i&`C(5ejVl8$f?dT!1|mq0RiTgrlD5#?~!{xdT0*XY)fZJ`P3*RemU3%#nsA
zqCP!kpgImiGY5SAd~g@p^4oI*8do$-HYV`G*b0@84^nqyo*Rnze16JcRXm24PWT0Q
zWA5NWa?=O4raQ5-wMF9PkIY?wP?g8t;W>l(KD;!rybF@`Kir?2>d3;})Dl;@4?%vO
znA<oJSM(a)?G6!Mmi+z6*D)1{(ApencpAG}9UliOaWXPR=B2{k$Qs}1LiR6jS?Mjr
z=*df>(kr;&o`EDk1W~Q1XM3@J<ifje^J*~BANPb-RzG|#v)#8cJ0bMSWB>4s{v0n1
zjI1dh7$rbzgPn(pAYU;yHYPl?2xEGB7&}8}`o77_WKT9;$(8IMZxZJ##9koB$4iW*
zO%R{fj@kX#iR|m#@D9Y&-5ym^Eo+~rNcOVDLF7Y_j|fvoPdes~x#yOyf>55kup+zs
z9h)Bp@OCi3RpEum-WXv(JoEcHe&l?y1DBUiP$uP4UYdfTiPc@7%4IJ6^58kC<%48}
zi->BR=JxuWmQ+uSojqCD-lHmBj+LW`0AB?Tu5y}Zwz==FV~Tv;F}L%$TVq`8t$Ai(
z!^rX~EvY`(IXL1I;E#*>3m!gG@M-e`ZZ9YZap&Pf0W(K8z&Qmm5}sSR6X-9;)y<Z_
zJ+Nc={R}|@N22PN0XSIe!_7^>>J1EL`|;q39qofHL@VvFa#!Ln_r%rSh=<m`Of7w(
zHX{&ATM<gJ1ShL!xOm2*y*Z~XClV_o2Lc0qu`_a|s%wsW^sK+@LS^^ze`D_~xZ7B^
zwEfS9c`h6dnOSCrfMZDF#9?;gFrT2qcF;+j#3;**GE1^$kj2>jeC4)JugEL;cxKLB
z)6b=ITUEQ>z4u$)DkV!Iy?8s>37g2RJi&-9$kOLi=;BVTKfK@?en#>Sf1>E*ExH>o
zi?z}j^`OvnHkaakA8?v_*k6=Ha?Vb67U)RZewd!H9{D)7GlQcq2Cz<bP!J>hpHoOy
zaxz(kht|GSN}};>2|s<mg^pzjYjZ6>{q!B@KF<NLJlV>&JRQ3H9TXR&6TR&$GYdwF
zGE#V~9bW$TkVAgvOrx|mH}m1c2U_&~EI7RY$Wj2)*bp5pEwr_EGBf8u0^G}U42@a{
zNB|P1iBYUhpYl5^qmyQWfPKltxOoxR!UT1fF7xVB3x=*XYWC%mc<4SZSz>8!9KF7s
zZejePkzuB+Hk@_~#tAbrtAqj`Mu&Q6X>Fygvrkzk3=wC+Y^2lBi{0s9YG{B(yB`4G
z@;t`LSwgamcX^iXjy76bTj(Dd!xxlLQF1aVzs2EqSs57_$0ws;GmkTAb`tP880qa6
zb!fw&@58d>K}Kd_#z<FBKQlHj^OHupI}LOSonxcJboH)`TVQlx4DZ_0XlZJU39D1c
z4q=@bp|ic6j<yaaXKl#q@@*Ay=AC}Rk+ILu&}A@SaRv!`9SrptXlZLf-!p>U8w?*U
zhgh^s(zz0^wS$4tDFPvhkY||zLnj@bdisY(m7HAx3G?WP$i)wGkeT6LI{S?{d~(>|
zO<x*sV{7C_9(9^kO+M#5z1@1TMk`%?V>pElMXP0;PSIn1S0Bca0gTf&y!Ls9$G`GD
z_OeIR&8U1*yk<`9a}#ukzO}4qpAh{C$wGry^jY+xMXc4+$IXgF%Bnwr<YTO_7qKts
z9U5VHaF|(_gx@yJ*yKE(<?wY^<Mb+V44qxf+C4}?C&r;6p+N#9X2wUwbsqrU#VJO|
z<`mC4ty6UCTSUI?42YNkNyfP}%aC|oNCZMmkB_k64j>0bPX~J$7#2S8c^Db!74zC?
z@9bu7*+a<hVzj$U{Ii>{5%MlDI4pYWM@9ID`RNflT7?GTp)vEKl9wFvF+SWwyYN)s
zz#s#IgNlYPk%E3Prk@tEuiN!28hl7n0L$c{=v5~@0|ShX4hmn6vNUgEU`%)hfFM@W
zIMy(oGK*72rpyjPK0AZG-E<oC^a?)>cDIXqOcD^+`+D@EFP#jE{tk{9aRr11;}Els
zwaA_YMvYShk@48(=n-?py^Y>s6TXm)bHT#UxD|=D+K#Q%){hDj3ziAS=j;G@mgX3q
z5WN79+={Q90SNi+4EJ`@F0>2`4KO$~jyLF6@|v@|k%K;_M|y>?rtmoJjESB(9Sc;)
z#Zi8>nO;LXEuDSL%sY@}a4bwQHZ==K*yhIR(6=d`7@D*yUj35!2~np7m+*<mWkSt`
zsWDM!ZxFw0Ua3=CoA6`LFg8yRSqd^M`rOq$fYay2GBKd^sCTVLogHJMM>7nLO|SJR
zz}(C@^LDRtZ#Rz(iXOMp+R=|mtStk6_aZ}G9kjNzia5if7ePWkH{%06qUS5V>=OAo
z30LnII!Ca&B|?r_Mn{Avq%WQ!6T_?fRBvEH^gxnfd1e&j`24CWx0Mmm-_?Eum=b<o
zbce!y>9aG?Wnjd-fWu~D^tbUy%ukJBwfT`HKbG-+p>riCq0{O>LPd$aWEsQIDg4u>
zr*C8$Uoga?s7be|o4%t5qj7}pZUg4UB}NBEad<+2&@^sT>IPspPcb|-4~idW=`*w{
z_vBs?&l6B}i=NHWFZ`^8P?1HiM?~&s=FF3fnw9|Y2(JwFjp3JppabLR7#;~0rzaSh
zS_J$w94{o}$W#0hDgoy*!^RmrK@{YmpV_ei+JzpyzJn?2G7>U=kBxyoy>hP{8fhjk
zErDPAoCJig29^CMYAZZ5G&F%vW^KGdxo3Cuj<D<vAO(HG^Zm50)VH&fY3oWaW!y`%
z^oajIwdmqYLOvIxgFUo<{><mk!nYznyE_1qh01~iPCb5s!O$-1ZczOf@_QH`>=pW3
zlzz<F+^g5UD|&hu9-SnF3U-sI;q($gkDZbJQJh{$y*_5P5ej%Q3eCzhQ!g|tdsD`>
zI7|0R4ognv&7&B^Yu!C7{U4^iWf;4|uJqq7ngHNjwlHa)M@GhBofiISQ(}ty4nb-4
z-fAA}qfK0E(RX8-cM%E&STGsUulTLKlm0OizI6{a@1lj??ruiMm(<=V@2P~I$vHdg
zZWGG$Vtk-i_-X>1eL;ApOVK_&W~9f^#mI=2S>flIwO;s^W*F@6!!FkK+RXHIuIla|
zox!{A+s5p3Gjtm|Y47e~#Au|eqm2cZ7oYG*Z%6Cu^K4*9{AU7}Z*{KCG$Hyj!D?D7
z_u?rfhM~)VQE1Y)c41v`GA-gwFM0t8`s||4<M;vZvKd3Cf!QUS@_xx6deUX+Wo%6J
zp=XGxkq&O(y2~5kAANf}H6<I#DZPUX_?(OMcIuV)Z9Tn4p((ijStfeYPy1Rur>qV_
zK+v^vk1`{%zP4`0`bBMp#~k)~j3Y+Y?1bGi!NiOm5tK#KnDAx`Ep43`XBG)7BQoa6
zQA{?Ea(}jnJoL?C{Z>6wv&%>_3hu>8h6aa~y(W7W85|yD(Wk!oz&bOc?6a2EPDU+D
zge1T6n_i1vSv$P^ZzD?tg8}@0KfzEa{3YeJpz<FX^&*lae=%KJdriH*I!64*vpCN2
z%w+OQcX9aOE@Cz(^SEUgd2NgmTdXOq#E|9nu@xjKL?93lV^wYIHLAbrFSLA9XDApH
zaf0jPuNx~XTE2*_no$yK1OtlRFV;}jR>mm*tkg=$XH}E@?Rb1yTRA-6;J5Qtv?^<&
z>LQ@jQTpb1MVFepI!{?UBuR=!wU@uOP{~29r-HTfIYpUKWLBQW;tgL<3Mutf=BTWz
ziS+dzt0+DQ7mwPvFN!3u)hHy^Y&e{ye))hTh36!zz5Uv{YMij1hV|<keo}P>RbAiM
z7iv$Hx~P5*u3J;_3g1BS&^PyOP|<*jT7!^UgRe}L!uFK9kCb^zuf%I&?)sc$)gRy7
zBWnFaiiWW3lIpefy<S(_P;f2I|GKu}I=(($S@YYz56eqddnK=G^e%8PC6hDFi%Nae
zzO7$J{?Zd)uel`uFMP6+claJs?{EJnJyI*FdPLQ%)<D@mVP0RYOEBDv-@4C#<2j+s
zRj;Yz!smqdK3tbF?%Tfmc1|j?>Ywo5guc8tEBp4_dwrdD_1?C=vFl=}ta|G!o|M9B
z5MHMMZ*JG|xo4VizESVMSNbZ2)}C=@%Ca)48*l>h`u(^5*&6OQ>5E>XUR9rSD&fy7
zWnI-zV*TA)GkBsm5(<x{uA$y{!(*v2!uR#JpUwX}n$_o!^8Z)Hs?X-|y)3IeC-~Lp
z&U){uvBUfpj;#7x?VXxC-+T@#bx?9vd#A(+h2$^ygBo8}bN+@`6~5R9tM@BagPMct
zk@b5aysk<NC3mHkVecKndnK#yg;4Hgt9?*v8Io|%G_iYICK;vsl`knuNX_ETM|BS<
za|7${Reak^-`q3nJtlw4PijvC-@cbCxqkaSa`=A##xwjY_e|A~+TrED9OZ#%w~X-a
z#WNm0e#)n=QM`d58h@F%EPXtGUeCbvG7`TBWGu!mx{UK^X#B_A!@P`k8JKoTXlVRL
z;&poo1SS68@i5S8VBRJ1UxS<8?tb-8t-pzeM#zVCVvyG_p7Ze0Q#uBx@B}0@w8P8q
z013Zu^+zxRAqkDYTx2PT&*$g&)J949Bu7R=<39@JlX^5X{&G-1RsXL+{Y3eHiH3&!
z+j~Uc|J7FnYiNfT4Gj$q4Gj$q4Gj$q?eL<Zp`oFnp`oFnp`jgKG&D3cG&D3cG&D3c
zw8M+?jU@g6-$D)s@P}l6H%LKz{{J&Q8X5t=4@u@foS<0e|H_`SgwHSW-wG)x`htdr
zhK7cQhIV-Q-)CXQ!2a_$nGNt&tj*Urd+HGZejoT}KT=bB25S(F|3)m0weqlW0Ga;_
zLLTlOuA#1Lng1QeK0Tqa$Mk=wZ4iLZS1(X=_8tGncqh12dx*hBH~%Ntrw4fT=ru0>
z@^DW#QhWXyb{P!~4Gj$q4ejs}!f9W|F8(uTHZiwoSAP`D<8%=W1z4J&$2vPo-Lv=D
zLI4u>MJqEVGs{jN0L!EAdGcJ3Bn5Cdz4*K?%qA1oMF%Q!0Gri}d2SxJ$Bo0~L+0BA
zd`@OX470`h#Sbk>ELms8+7|3?AHU&RUcfYCVsY7t49H7EJbqHovW$Y;z9e23bDSRB
z4hMly5SQJJ-{-|D@}9NY2=W!=mHb!MGqGg%uIlo7@Opi?Y*tLBS?s>A&cwO$`pgX0
z1v`?g21M2G@qe+5n>mZfb#9R_!v#HdEGu<fcB!?Jd@e<^#X65S#3~^_OLJyS=2;xR
z5Mjt6+%7jhpGWl3ysAf%SQa`=qPD)E^mWaE6cl+n#ayRN>F0u|nX1F@V%EIcAGa^S
zZ}?rSV;Ai%v91eWKms7(Ud?4*TvrJBaM(TgJPvW)jLqd!))ToY>j%E5nedyEo6{Qv
zz~^${^7(Nt3m>jr_sL2PdhVB#nsH9}z(EKVq<~k<4T#=3lwXSm@Y<JDoiadhnf(dL
z9C~dAK=!+_ik{5QulEM{y-psM=a6-}5u2F5nx8}Ip>_TEwK{g+EhjDWqVSP}XO%gm
zq+Y>hn_tUI0tjDs;VYgDEb!vVLriWjKBcEV7UwLheGJL!o?Z~w6fY<q3(?hdlho{T
z1{R!Z?=0(j=kthud3?g}b4omqFBsm_6<;i=bzSYtg3=e!ixA&N-J>GLN^fn16kGaN
z?-io|rWJ45TmY&!=I2)S!vc!~zoN@3!Xlv}=3-ao+A*(q$LT`~_^^sNbMv-vjY}*0
z)WWjEhe9ZT!|fv|>O4QcL{J9Vuk0yN^JPN(e$mj-(9qD(4lk006FYOrD$FN4Q%8J!
zCik0q2}m|BRPEtR?NM~mSv+fc!NKZt%mah3?@*viB3-8=z2pcTW6Lad-lXc(E4<b|
z4(_Sq$o_KD(sU%HZKGkx1|b)po}48$F_HA_0(O<{q~b_De!h-pahi*jMd(t~(Iv-G
zb@nA5kDLB?7s*ad71!d)E<TKL!GU$Sfjvc;Vr&XYsoQwnIYVISGgVb*u>qFe_w33O
zuj#VcT2VzsSrvwvX=<zXbNJAHa&)Og#%6K-#SmeH+<bn1f%NoLGSd>tD6V2?*+XCB
z1NQE&qP#d8U19<y`>$aQJHP~)>2IVYH(kutk&u)|L-!1!pr8Ji7f9753$4lIZWH>g
zcKp6st{g2VIYnqpN#)@6M(jTD&G&I)R}qN`3B;$C@KSHY@15t)=_=AvMBKOp4&8Xp
zvd6{8N9V~F*HTjwDXBig)Upp1kCnS;tJqz=o9t}S6J0KsE?r<pPC9XMaqPYL7JtCc
zOy3)d#I=kS&B^J!?l&_(*-mxI4)#=RBTJV+N=60!Ru?|^99NE2kh0RBggADbx{u8#
z<2HA4xGWc)sA*o|4ob@o(JK1yUFzd_Wg!XiE4ggtRp$i$xpvA+_HgJ>73p!&WR@M|
z;`tNgh}uL)=TO%)j12TQ+@UBni3BmGX#aI4YymoM9HFfGF#EP;iR)2Ro_oUBXeULH
zf8g)`_TMN!aTA+_%AEc-6$egpq(XST`U#^Quh^ZJNpf-`I-#ebeS{Dm4yGh?<n1hY
zE!?izEn>$Loshw`=gp`UMP{h^K3o3vANl)#j;7|uJM88mYAcF}OGqLyK7*@IKH`#5
zSvKm)kN7u5+n)1xxwp4~U;Yq9aY-?WLVra~9g6{w-6npm*+oL^%DS0cuW!M}7x*VQ
zRCSc`r8(Z-uBCeKL5i}n#lB7E;I&W6hX!4*YRS~;NJ)w(Z~JM+jUDXNZRYR){SRbT
z-e%T1#bx0)U1}OB@$u|D^ANjF;`7}j?5sG*_N}=j#l}#6t{ztaoHK14+L1%bO3bue
zetqAAALxC0lS0v}c+r=VL%(8N^z$vuqTc0Msib9P2ybO`@7**$jJ<VK98KHCnS=ld
z?h-5s7F>f%aCdityEC{XSa1srgS)%CySuv#I>6vE!1BD$_r1Gk&+ggnzv}eqs_CBY
zs_MFaci&e{da<4w@tOe@EKb%5z)eQQk5PH~u&~qHM-`Kx)4N{$4lD4Co|Sg}5HL(z
z!sTL!I3(q`Ya=+CuuQ&t6t{?#(esqg@>z2Kk*C@fN<n!zNY5>N83<=N-q{W}z~x~`
zRCTCEP*Bk1)2zH3``IeJuM7ye`?vp2-ldW1_YW;rhwiRvuw1#S_?Zd{N`Q@%2y)#o
z6+|iR_AGlOnp-mBVswT&56mxiI34d6I8m+uj?MH5*-x&r?Sisq{gkOx{M;!ovDrHf
z2Zv`{+W?Zox$7jajhM<Wp>(JWS4V=%#0{XaQ2Y<)uAZM5<6~>0Cw$;)IcKq+cH|Ly
z1<%&c8&2BqV%pO=q7oCJg{J;QeJN6d<(c-CK;D9zs{JcuU1TPyk#D^w4GzqL$=f*#
zheyYIr&Gedt5`BQj(^j*Q~uBjNa-jDPFRIY$(ET(iBobdNd00APeHXsxo(Kd!0OAp
z`N*T6zDM>#3DT+HIpA#l%)s$m!Us>)TfJPvw5H*P1}?xSRWN3xexw3KYWtOiHtsT7
zU}|Hf|2fX2_{?wfI*&w@%62cHJtRtlQ!+Gk-{<9h0{}m!`4Wo+0S<lQjGD$7Ju=!V
z^v~*Gp4*cP`&yp&fE~{R?_l^n=de8o5`RV!?Py-sMp&40;w8KvRn-+Ugg;G}S9wrS
z>^0+kSv<JlyQs~#0h46#!@5oJgrKpag+PNKkYr(<)zW*!&F_UAvAjLEp(3qE2b=48
zmn~q7GjtA;DK=XUSyIdXihRht)L6$KnG5-T@c7{F>qz!;wZOuD6w=gAmr;8$BF%_C
zen!q>%*o%alEU#aS}rqjaAfiItl&&)oHw+6r8A*e7O9xAnte@F$c6$xqirD5-pJ39
zwWXZ>{7Cep;7d$rkDIMa-6}Ps{y=0sjsDy&MpK^ZtO-g-#PD4WocHaM+h5X-@q+o=
z-B5in$wPv?2(_Cvpz2HUpXWo5D6<2uC6lbDBY|wT*Es9G&Vk@#3W<V?%87A%dL3%6
zg!CV)Hzg6HvW@_IJS8!S`&qlp!$Zn?n?L*gEtbAL#wj~csBHFEfDu9Z?ozvr@3TO<
z#2GI$`vy4&M^MPlNUd(^SDxd{YP*?BYoj%G(wh|}D4KFitnk7pg=-x*%&S{|-4$u0
zl}loExc&9Zq?3UTaOarkL$iRRg#`RHgJ=2%?@;0$z5d|<b89&zqb)V0?aABM<(Fiv
z*I8*sKRMJJKfZqi4bHO)AS_D7kYmP(mlvb#k}S{CzBR0mr9wC9HmibxPkwWWI0d{_
z#idm8Xivv5=#jB?L@+HNo8sgfENing!JXYohXtMj{qkYnByCS?sly7n=c5w+*U^9O
zzJOXPuCLtc6hV!@3InGrd&0ePV@+5Zj)t*$S_I;VT0nnn_j~nEvDPu6GU=6kGvc1R
z(ZnrN{#h~;L3)G~z;v_R7r18B7g4J|OMQ0Nuy$3f6t}<VWeDs1O`=A!JPHU9i+?v5
zDLT^^a*rXY)x#QWq@eSq;H3nNu9<%HU1};t*9!a$L4S|h^t)Al_PLBN-0cK81JM-y
zEqLZhtPCvo#bGXMlzS@6rKlTF6GQn>&YQ~QlTvK~zA{SBV@f=jkZ{+VNb1W_newiQ
z1ua%WkDJ`65qzs9HH-l=Um8>I{@yh>!d|Mw#rDU~8fTo$mU{WuV7u&`Y#Q3K+?!?o
zWdu2Q+3Q@>1ZEqU?0CM#I+1M{=|r#0*LY=jHrDR(R8(Sb7D<P_hjTq;WhW3y=2tH~
zOW(`X#|0+m+UB?n-#c<350zz!;8=!=b){#(*ZlCOKAKby&S2@mkg4-@#0EQun**V3
z@(%OIIZlH0*-FY5oEpy0VE8Jgq$K^M9d~8+6)OSk55XTE_>=l0>6uXDpJt*(DR!&<
z{J!JnL18OyTI_sYKlIJ`q`1XY$pi;3-4O6j*i_FZF+p*CH+msWD!0iXQzqJS!f_M7
zfuengbh%t~RMv_YQG+Ja=cCvvOI~a|YU42QaVocye<SYL0udpRXV<Nu=``z}3OnaI
z_h1w<D!t}_JG3#12xz?sD%+VzL7s|6i^I<7%>&P^x5#-S`7X<f%uru&Jc)`Lr4O2t
z?X74y4Q=(!$cP@t6=s~%y7FP*OYEh65i{Pev2t=tGrfDF@r6Ar?5eA)wAqs#rnHkA
zPq5fQ=)O>1<LLJ($f#0NIv(Vp9+&8u<m%zEP_&zzK=qA`*a&L9&LagWX=!4?+|k)H
z*54ILTY`WY!QANyLSrFH<F;~p6N3FJdOrSbUe))f3Mt$Ua?wYqTH8bA?=F~*KEhKC
z%B=K8Mp@>Cyv>LY?@KA-nhgvi5PZmu7`?I%s|R}3NXk}d&2;=oINvRr5FbzY<LW1!
z>-loj?DsH(hh}gl+Q%j;<jI=G7Qb2{Mg6!c1EXtqyozD6TH@pD9pmRQQc+$~at%C2
zH~6XV#Imd>p?qp**0;FV^z#$xoFnAIQkpI9jxqa>Z+J9tj>SYZwW|Tk-cj>jr7+ly
zY%od+JWPFg^wec*?ldYokwe@5vc-GxxBZ0j8Ymd2?fAFvv%!~M2MKI+($$@l&>j<U
zKLzPSV_obsskL*qGqY6blhb2UoWHs`Rj2Pi<}Elr288W5pPf;%n67P^-l6iaGz_&)
zi%_>*ioP6&;GUtZFNy0<!HEm3{xt5^H%s%S9KVo+n>q|?weS=HgEQROta`{W+DHEE
zKN`f%zs}lZF9dy6I&1&id*#uYKs+Sq;y&Np&ABk}$9fhbarR9VIZxm_*_VF^uamAX
zq<v;+|I4ioWr#E)_|$*r!~`k=I*!-IwL#6-34m{se3iuPJW=g4QmLAEX-Nr#`i=W~
z`!o6{7CvPAIVINqwXrJS*qKX<7qwp<Zd~f`Rir-K;M?o{B|WWz#SLu)fvVnWYYRF-
zMZX6v@i^Vg8YO$nsLOvOCnp<P$B?@$CGzhy;a3VBvJL@85?iOf>Eyk~(bGnY_f;j{
zvBk;FQ>iaWd;p@F<cc|I2}-S8s=#O---Qd9Qh7DxIbJ{rtfWZrtms&W82JX<LYTN+
zxuWArDh}Lz0t>Tg6HRdv@u(~a3Cs*+aS|4qHTx$1Zn3ec=;hi*d^SIWKiz2SS<_kI
za=gIOdlI>FafRle(yAq_NXd`pmm3HFdKM7qDBM~6#h)uN;FRtA4R#)P4YyCEzF<+x
zEBzDV4D<Kfh6iEhMGy>dYk;KWr@oN#c@Bk&c-XY858j<4x39#Aw9tI$Bw}$pzDHR8
z#E69r90$=Yxci=cip3PG{q#5#Aq6%oL4C8K%gOEcCo`)kG=d>^_q3%kaYQY4<oi{I
z9Y$JQw{<*9BUftN=+*+>8<cCr!4<uc!Q&lKo2X6QHMrB&rjfc!^TvnF^yVXBWmZNk
zZ3Zq0mmy-Wj?t5FB-WYo8q%E|)@c{>k8jeec)rHZ9001rjQ{d0Da~@CI`Z)bu*s39
z(oSQ>y2T*go;vNH+FC`Wfu%+$3@&n6qr0u!Fg{UJ+p@U^aHz*N>f`i`!<}`1=UbLi
ze_(i{4;i7NJVwHLUEKx@@tCf~i_wVE9<M7c_!O5C`MR@=$~v97@W5-VW4=E}Q%Xu7
zq|O0V3Gtul3+ygFvnt19alh09vrZ)_ULBv`yYTZ%sd^*SY1p5i+)#e~8h-dHlT`C0
zw(0>tyj?_m9YlIBIqjuF6?Wu-aBqh8dnZ>VM#fk<B>Eim4@XF*fHS(y*Er|~Um80P
zZM$_=ZXI580otij#ntU#t{1s=@90>hT)$(!GDH*$T5xwh`_Np>BV5X=-w{o*7UdcO
zT*wV;f;jtj3VF0gh1=r2K{&G~@5qhXYT#UobBZxl|EMh(pBg(6f2%MQwcH;8*Ew{0
z_1*|6T9Mky_jbG@74N&>I>*=<&cD(Nq$1MP{^6sZDXRD}J(=C<&Oip6<@cM|_=Mq_
zk1xwxdFe?ftPhCEf0obT5Gz{E0e~2|CC6QjRpV^v=5j`BZOrvZbStUed&B0R_@HKO
zDz6Oe`<{tZk7aR#W8`U$XWkUn3JjN&Cf8@?3Pi9_Usq1DYW4^tn`!!1-=5R+oqbj7
z<7!t{pyc?18?${{em!4osWUpaK}^?;aRW$8bN6~L4fa=WXmgN`mGzQ^+q`ISRo3&+
z6hXp^TQ9MjjHCA);Qp6HtHYtzk@(HTE_R&j($5g!kee&)0==r0EH&%Jn14zT7F&#H
z%Pz=0bi1^#c}2^{t(m=JvP00Z#d;n4i0-%D?F^^VlcsvWf!T747l5D?;P(`D$+W^8
z?N-D4gb&#8=m}32ZV#u;cb)C+3@Nc${p<uu+Y;A$$D(6R@SSNAddJ7TC*h&vmOOf5
z+j`8w!nrDW0;VV)7tCZ8OgOH1(5#M9Dhj8%pDn2Dk&)|nOD*AibKZRV0p8q?x0OAn
z%9MBQ0nO><P(io&%*d%S{^D<BFQkQmU2reNpn7WJ{abfBuw9AIc+b;NFBoF#wB8+#
zymEi*7rigHL4n_3`-SxkBP~E=l|Qj(17?d8i9oI)vlF`Jt3H$m+0v>Wjxsv%mQ@vg
z$7F8OIh3_48r8}Qm+4oZaZ(+>2-cRmyT_N`@EGVm;o7fHbjZEIy$%VNoGc2#zX@+b
z+*o23WFn`{_OE9_7P=n^=s{CfQ6G>&BkxOTr#|a64W_1kbzuV<d__K}qjzNg4%(5c
zsWqVA+uv0dxJm|{cnkg1f9onj+P>@P!BG{|y@HHq)sT-7UlTsRB_%LVVm^Y7se8{i
z07O}^rKYV;8n>i#HRYx-)m2Aldc=z7x^RrDN9MibHl-$epqD*3rWs_~ovNfhIgbM-
z{`u({*D|0o)Uqn+0P*w{$EpzIP$I$aOK3pA1NU=Pkq2+5kP$HRZ4EFKwH^}g43&S_
zMn-4lw+A1BjGoU2M3aN@Ef?`c?DpWV&z<PWgEi#fQU@Q?7vpfr#xE{l@*EV2SqmK$
z&%nskwwGV<HL=Ov!e|SveJo48Mb7wy^}oV$qDKSImi#)xn?gx%_F=*{{U7rYK1r=r
zhR$oDzY)2ukBfH;4~>$rc@T)xIeTD^KBiHC{bF!jSs>BZkG&Y7TAoK^;&qB|n&m<6
z+*~uNb|&4dt&RJ3D(1!5VdB&pZEVVuJ)^+Fa~|=k@M#ibVQkMqg*kH7FRJ_!tLh7O
z_w93hr-ueo@S7YS*;qU1{*{4idt~HiseB{Gs5qHIaP*MO({DH9%?g*>BO6rSz5x$x
zRFz$Q&i@f}^AJuUN*NoUA|yTkrP+LS)Q?ZX^4`b0-k0{W`i`spz5kvM11~_3Vz=fJ
zdSf}wrY^9yA?4dGZsc6CU4^Dtc~8a#o4?EZmVXsJC@uAwyu=?8v@(@PrR<mk_q6tD
zI<9Y-8<e~M_xz_xItXlzbG$t`K0?jU5P3P#;yBT6{ut$>DU6l>jDCWrT~qD+Z38qC
z%@W$0QR(2W!HAzi{q{V0y|V4<O$`?9bDrZ3zFBNsqR{g^#AZx3tI!+YUVnqU0*1$t
z!5WYJ=;mM`*kwN`M6F;|EGa2VSy7l|s}n92rI6({FMV7=Eh!^Q!S+39b(>#yx%Cc6
z&DGTMr?-|~+0{~2&$1W$ucK^3O$SBf?5OUvsJ?jyU|TbJ^P-(NZrW*Z1PgkrXJpgW
zpJLr2B`-xS$b_x8Whd|ns03wlc>KZG@agfbg=M4U^_cj(ABGRudGH}1kj~~1h(8Pr
z+cv648f(r~eI+ls%sFxTG9UcsA1+fp&(lN8Jui%MhK89wSGXevS;i83ni-BSc1@)P
z<(losYAF8bMaOJq8QrNrC}NZnE7*;bhg>qQI+vLw*yIg;eQP&vOSk1cL;R-A-nxj(
z8%_#s3VMgtjN4&q{_*7`Z)W$0pAV;w+qyn)D_4_ZbL4Rv+V6a`iyZQA+>W@`7zv>Z
z)HG%8l{}=NA@G2WTqMPJa+O(zgvYU*_ofX_T+MeLLV@g#MLY&Y&g$A<y%_n-r>HL}
z<1_5BNifHTtQ9J?5V$olWSqp&XrL^q?JsZ5zj?P>!{9uobiVQ5(oKw?;d-7{kmwVq
zu2f}jFwUoex7%CiTvg&1TYUA-2wG%h4jaa29IVN_PJO6y^_dDLZ1V2=S(H@*JF2IL
z2G@j+cUjl_l+bYdW8>UnPj4HBB119T=qNf&^4ye&?GJV#bJ74ZgOVbjh;XlAOVZjJ
z6K^@O`l#Ac8<%W1P5~6GzrySr6_k{;u_q@etkpN+?OZG!++$Qq@e5Rnv90W>bkr=A
zau&3&={;i@4tbkyt{BwB;9a!%-$cxj<(y1f?`Eb1UnWpc6~vLxuWHkKx9xmWCrt3q
z3z$yzZr*?L565n4aH_B-eX~>Zs-k(KRFn0LjP&+@JTuA1jMt~R2_o6(^#b6eb{-+U
z-E4?dX`$9AyMLyus6s|9Xh25S;Fkd32K+C3`A8r&lXpIO&=0BHId?xtr2Nspe_foR
zKjQSEVj=`ZvdjMhw^2q$#=X^-f^av+pq2EEmNGb~SL_briLoL{SAa&gr7}SQ9{N&@
z%^9yYgVIHbmhji1!Z?{JHt(~3R^Og>Ki#%Rs{F}wrshiY0K~|{gYb5l$H~I9l&EDa
zSY`C%ho{nmYoxX;c*eQZ?S~vQ`WmYB=jISOD7Wmr2~2?L*QEVN1dV~5YIQht(rDzC
z6*~RfO&6{Y2yoKn)`gDqPam>a?X^JrxR;5zWx^eWY1ko?XG#k?bK5RUqWYxXzc7%b
z88j}myTPiD!iJ`$&LGnknW-;uS)Ie4Xe=A$y{JHP@V8HtZ-j+j@T~)TKlz$ysk67N
zZ6(8XB`iN+OwTnv8(P!}+Ho>wb?sc!@<Z=*TLm=wf?DiB^_q9EO`H@Clk5!Cz`g3$
zxbS82isHGm>taC{+Mqyjzc=$RFxHa>tUg~1>8{)BGZ=w_lB^F|KSQt-=%ffWZ|o2y
zvyqVrGynaCTQ)%3{1HnAz}fyI=6W#8e{dzzpf#92yovPWYkJR~x>YTyT8d!i?D8${
z)6Zj`_WDz45+6yrC#1W-0_7c~NO#c2_C@mQIA-6z5#QWN?X$#=gS1HszTA0YimV<9
z$%ip=(o_y201$Cb!pgwL%3w8LVb@%3()wlD7sI-l_)gRpEd)-1`P;Uqn!OZV`xX4p
zu?f47NYfCJCAW3l=<<p@9yeQbY1ZQ%N$F@};he&tfd=*P$!7OsYf@#e?dvD>o6~nZ
zVeC(j&&Q{L6IY*Ab#X%kvQ@p`?<LQ_eZ=^Xy!rlPmmVSlI_Y*g#$jWNj$6Tu{<V*a
z>*p9P4>JJp=S$1Ne(G`V<EiwVUfOB#!<^ol<Ck6o+%JJK=gI?JWi3NTs&{{h*W^}1
zSAX9Y&y{M|rTSNXkX|m^<hZEM{H>qTUGS5f4UFeY_iBARpJHmw;mFyJf(xZl&0GCS
zVfejdq1?0x$f;pqYNU3@`-PZ)&Lpum`*R?M@E--CZe+&h6&}ZL-bS?YDWSp1NYW#8
zhX-{znMz7H2?|3Hr|BtW1uaXOYlgH3ts4cAZ+6scwsL=g2}*0T!98W4pVPl(96Zs#
zHum8oQ^v32V$Y}Tt39heYHHsHXNG@vf1zmo@Z~>+z(D-}Da4$A{ddoQ3m91X|L(!a
zi2VO`m~eOaKaIau`fowf9aGpFp{=dW1ptti@|k8$8T;pee_HlS3=2cj*492aIEaaR
zpqN`;me$fD{HOlwkM(Ad=<71#7Z<-)igRjN`wIk;zqSj5LuL~GP%<ZNY)qbzkl^|K
z`}ZveE&*$IN1ilqT49SV&F=6!YojX7!itK820t}5wTFY6>~H^E@E^g1?d*cQ#G_^o
z99$B4>_}Hv7Z<HN=W76mlHSJexuT1rrbo}hlJYK#y36#QMJYYKSG0@o$E2z@$CMTt
z9!~!KyP8+dQ9@i?c7vLR#>?ERk5LAE_}F*>1x0J29g(eT+9C;U2MVsS4s{woU{;Vr
zP6nMSJidc#PF%*72(KhuLHICdSy5s*#R?@@Jr(91HY6*N^6><XCpls<?a08SEoJ0L
zGPI~aX65%1__?&AueFuWCnY5@QTzpp{xl$T^_ulDCMFXxSup6Izqqp2(R>5TZ1j3l
zT$<sNmk7#w_&zq^<P+mFpC!IeQafYnZ-4-exeu+cwMONjF(K1Mm`4T87DWlidnd}g
zfQ%7kX!08G4Ti?@fFMp-_JNSt%Fp@v`J)WDgTuqAlD0NI!ApE>?0_!AN#SvGWG2P}
zIAaM)jVQa_pUJ-zq$J&|Kt~|5<o*&T<PH>Ge0$UC16>BcqyTbsXYTaLA+l+8t)8|6
zabg&styUk*-g<{CcDcVp&R7{9NH%+^(j*5V=1w19$f7|(mD@Sqq@YS?>^V@q<BqW0
z8%3VznO*Hk>;bjfRzvq4ZV9#U6UOnsJUuNZ_BUw108C<)ZJ+2XL?FGffNn`-nq|PE
z1v{EeNL{>4g?`(#-}A?R9x{qn-6huWieNPJn{CKnmy*VmbQaSS3m71^$Hp!%Gc!g#
z2TswVh(5b98?B{BR!fPc&h;8+&nz}ER-t7`*w&F$N~-AZf@`J}-)Z0ZeS7OTEd@VA
zLTVh(YHQBoH#U>F)W5<?YS=u$pyceYpLkk|7)SdQr~SJJQfKjqu4*)v?kTTmGp`7x
zxH>>*?L<9cF*CDn*HC>057yX%@i=|k?pb9SB`I!H)H#z}s(90HJ=vMo6%1b(zK8DC
z+8k*!Y#vcQ+hFWajTzqVsq%P2evp|4X;Dy9#wVL*=B*$s7SYq^SC^+Ni=atKS*mil
zT&7pmCBM43us#&nAJzL>*cYGJD^M{se8^EFB!JQm4Sl7d2|f9ZB@6JakBh@HGB&Ow
z+5KTL1$KLRe)`1$sSaAGFt8?PeszNQ+b3vLa)#B9LNt(;izPt$Wvg#}rIRlMM;}M$
zj>TGsb4ts0)q6!=PljwWyDB>ztj_zX@72byThhRQ%r#-{ik&EQ++rso3pqta%>1~=
z&|+U)ofp2&taGSN<}hMK&p)d&AVrHrwLyn)RL)YH+rw1cb2+k>;}Z?T(dJ_W;Aq))
zv({lBsskot{93g5=UrjG{yMnMk+USS8IP_5X!Yg7{nJY~=Pw$>utLtm4k-yA&hK??
zg%+u`YHl;LR=ew=HsU9P)OE9eh&pFw)b)utYgUS0ok9m_vyt!Tk}1NpNv@VxRSApl
z$_(Byg^gL1qUwp7*F*U_u;Z6P$CqWwZ(vsq=D?dxgovU(Z`@S5=qXugZ%PP18qbl}
zfdxyPoyEQ{0FnR9&%kv?ae5pb1ld))R-7>i5Ld&&uOQ34RA^}3Qv*qz0h{vD;I=-(
zXh;3W?DE?45p^13Ih)d47IB#gJ+9Ra6ttJiEJhi`FG@xmr(P}b05e7|Mi6Et&1tcy
ztTbK_WVY@GI&ejH8<UhIsi6UEADi<PmykG~TU#sB5D|f6GH9O-i2P?%xC3qN9VITI
z+ye+UP{{hgg&~@}+aMNSlwUtJisV{GTj5_V6s_Qib<a}<E@FCS=kvGP+)2X|8IAh`
zt0G8wgXW%zph?`ZTRp)nJ<im5*JiBa_sm8o6yULxz5^xlS95fMh4_(5o#s#h%-+$V
z9RhA6oSA*bEjx8?@XaT{SVsT!_v0kCE#B8|*45?3k**tV(lz^Rib6KN7|OQfdVvJ8
zWT7YF{QL9Cmb{>XvMo3M_S24hl>-Q$a~%-xYl(kpHs0;L^sYaGc)ZZ@vhj{NBe6T=
zjvmxEOT(7LY>5>9bmMdn=I5hEJvJC0d`|9btCh7QS??;fj8Eb=M%swX7%e8jFFGzZ
zyQ~%)z0~YK8QOVV@ZqXaC(CS}leb=C<0ws?IEW=DxLkYBr+${#I4;?<@>qJEI*>F)
zPRMVE^ej<6V^WXdV~ET~EpPsCbr_MsnviCGIt>9AOrw?8D&az8H-0!w0pga?E_a9G
zYwPMzYpsQZiP9Xoh%+c#T^9bvf$oEIblMs}rA!o1QM8U;OKojMcZXNyM``h5YkDxF
zPLx4q`Asqhmc@G4O>S20g=WlcK6BBBG!JWouN8QGy;yyJ4n^o?_;0jPIox76u>@53
zU_)2p2V*i-?e=QV&$X#uuBW-ggYqi*DALaW`;)th_nlpHBZRu{OTyj94c@qadxzJG
z+=Hl?*=IXfR*l~M-oBGqhrTDH>zy|>y3H~PMx@xTV~AzxvJ?es-m&Odeix~yg4Sn(
zik_=<X%661SDXI!50m2_c*sDEUbb-T1Q<-lmbsq8pM6g|)PLpVz-{Evz?KDLDO0cr
z>L~+~gxSbS{FFvtj&Y+WZgFST-F6&!i<nL`XLhseS`({Mu#)PTg1!qm(nruvH3*qA
znO>+FV!eHgyL0{V72nD0aOB(1!Ndjvo#yl9cwy~45Tbb;VKq%G>Z1y%jU^F;Uwm-r
z8VfD<$9(&-6iKFwoH^ZZD?=WT6ZzJMilaP|lCKH7Aq-8eZ+&Vk9%gsK;5xb#JJ>jx
z`|O(=ucF&?(l!*a5!YKi_R+hFKjjXAt`EJM&~4HmwR3NGbxL$R|61{qFXP2ajeZ1B
zQ0b||_u?djU~lDl?^6pY;V7P7UM^mn7uUTyce=kYWz=si<R^n$*?QigfGD#*xzfG9
z9bT|Wx;GKCM{0FRaJ9QK_E44XPQ{;rSUg%u^=WtH*-Vd6<lC(fh*Nb0qPU;8{%Z8I
zdQD53dD&7ia3(OY4M6AIE}L#>!_D_OFZ%Fzno@M7kHiFnec96gq*M$}M0J@TaYpE1
z4z29+Mmzz&=_ssz{to@FgCDusvPWH1LT@y1m4!mWAL;`nRa8`u4nuP`{j@$4!sfH|
z<${*3smd9ZTwG!Ae9il!eWNdsW@gEaEk(a1{PrlF)U11UDOKV0Ge4_8W={wC?g<^z
zv>mJCt_26Aqd&Zm0p)3|!RABT>kyUl-hQpCtr5w|?!*xGm++(|R>;ks5>dUv$a+z$
zx`vIb)fc5_A2HTICt@R_N>;o2S7560DXHd=eK5muhh7)RzsZ};gD^TCm4cslWLJu<
zF&$&VZemGRyETd$O1LUepT2<x8jhdkQkNqg<5X#Dy!{%Pf~m9Qd&OGD;mgWUo12$s
z$vYsFm-e>R>$V&aY@aDd6f`AnQk#)M-db4vTZiRRMD-2OVE<z1<42};8omc5_o6>^
zCh8_{$58omP4QVRbvRJ-0f1AvpFL}M?0ClfbO5lTfqKuRtz&72R!G%=^u?NNyMXQw
zIVZvwD?L7R8Luk9t>dFGBb^=4=}a8&r9=UbuuNUHP7MWJYST0*5}la1EoOX5LQYh0
zV)JD!P6SW~@9aajaX;YHRv8~L`|e#daAx%<H3N5sUoCg|oia9foHU9=Zp*-ysdHEP
zzH{u7$eyrf&40uQY-qxYOkVO95y+I!cKCza(>FUl@=@7C+vMw>5oyg0-i&c|oC9Zw
z-!4#II|ts_3%}ron&niJg;79}L_K|N!dO%hOGHG404q+sH%FU3O23>~cB=#~i2YX6
zvZBm*<W$$`qD0G?H5^}ze^#xw##DwjCEdkngnq6kys0XF=vk^a0n~(pIni6FoXlHR
zyE}i`7p%HHOa#4_GdwQA8|7DLH9~<Y$SD7@uY{(rEp{fO4z+%3$SfM6`#F&AQcp6v
zJ$UUDF*gUR$<%D;(wBCXA+u-9g}&HMWC=g6)P7nbAPv9WF`KqGWxM(zApfQyK4;5O
zl;Tzq#+>5!DOt|41lKtwHm1$7v}wWr_%^!P0#V|up$?9mDVj_Wywwu|2hlE^dKU%2
zl4@c2r{g(Gx-W5sTI%>^R<pxTSmq>gd41{$i8L|3`%b$v&g!~sGu~VGR-Vx#(p<k&
zpSF0N*=Jf+7_FnTtg&gAKNb`D9ZT)ES@ZP0k&UQr_10gxY(xYc3&4hJMw~v`t3y|m
zwA!?S1>r{^%Wu#nn9XkpD_<dH^snWLyY-;ye(lCKCLn~g1zAkZqk`ie(>d5r>@FOs
zt*zoh0J~q#^tQ-m8T%`U&lSylz4pAS*<2!NcEgt?FCYT@t!x@gv^lOFP9D}-DE1P8
zZ$k5`Mg6@e>t4%LM6y71nFOPX>Wa+F$OkI9l%A$Wbw!3;zQ<oryuUS@EWXT0_>K@n
zj}cgfK|wsfP*-vsXlZdj4%|UFW&SA0n?bG|-R=2BqjkC<PKK<Xs$6!rS!}=NP|KT*
zdn@pn$(nE9g{J!8P4pNeLa&mB3S-H&HuokH3W}0aVJ3NbdAne+74L|U`E7P~wq~1W
z9iS-*;Ac1hN>7*9(_1r#b+*T@P{W#FJRt_ZUvI)rEO33^ZhURTd}Cde%3gl+1!X9I
zX?Fbd9Ow6GE15@;Ii#HUXt<cLi98(<-p4}w0+|3nAAQ0r1{)b`a%q}uO0_GM=ha}!
zW4l%4MuS&uS!(7?7(f^~3j`WRr?}&!^`9WCY2tRSjch+TzWUUE*-(_7Y?3~)3mS-4
zzJfDr2rFkRN@9YWIdm#SVJ6aQzC?ZbW&Y0hQRRNDS@Su5?vP!(Ot&Rzy!3WU3^Mz8
zSzH{weTGUesEo$d=)#dk(r~1t>JkZRLg9{)AUmVEVkfk;Z<w)$<j__`9Rn}#=Z-|9
zC=;u1fAH)Zw@en%a<mXN%yiF0Al;-%8+*B9y*Rn@@n*Q8A~C7Fi+`2YPZf!UDzp{f
zE;oaSV@BH|l=&J=V>iG*c1rC`liaZEk8E1^Pi#%ck||D){0tJ3VbbHewA;OTF3)@A
zy2&HO_W-Z26LiFdTun8cky@NqN*mXgu109<K<m(s#J<Xav!3wq953uYl80I6KRGr?
z7$n4UUab_vH-fA@*I-G$%7u-Mnk(~YNK9Q_UGL%HEgKNwlkl1JVX%0~fAj&?3sz8(
z5N9RVNv@BdzoP;A&%qeX_mDPu4_zE=Dp|7^h;U|jn)3jw;JKbVh&2*IjrEojs3B*v
z3wwi<tT&r4aj}P=(}ZjO`MwohM1qmBy^<(ZPxnK5H>ZlQhbwi&7lX+C%{{LNp{t#h
z{Ux6(jyYU}dWDDYDHQ`dhL!!L)bs?`MBZPqCudv346h2MPMRz-`JV$x*~eQgpV!V=
zAtLS|0k5}Jk^ag<#i7_Akvb$T?Y`nGWb9db^SLRU8SXY1FA_ulE-%K*rgEfwV`z1u
zV75IGRk!03b$ZarZlz+j+A>3_>$6E>4eeaRSM;9_?0MQUrGbJ7-^-FsjJon#*7`S%
z{kWUA<&*OmjVszoYN3kJps}Rr6QDBM_gy#H!|>Vpv{1gWH+H;#az)$|L$jW%@yTy~
zU+?1LqLySk^BjwiFcb(}$UHY<1>M26^7errnO@(;n|=lP7PT@S@4#_F&Dri>^H*YK
zY>1iu#M}Xx%orVROS&VaoYrL@GUKr1cC=-c1}pJmHyRiU%_u7l{@H2TU1iucc*vhQ
zQJ<QnQghn$fY+!nV>R{T2Eb>AclywDVCzTeN$%h6P?1U$upE2i`kcCL?fu}>K#trc
z3S0EfLa?2mnot1|XbDxw!K;Rmf}sjNYzHpInJPte-^_Ild6bxlnqpSF(T5U7(WEIh
zO-Z85O;}$X;O+bqwW(~v_qFO0wsjEHMOELRm8Z#=k8UaJW_o#1hcn%RjrREwZ!2=y
z?hQY3{7_R(l@F>x-1*?CHCTVn-b%)v?X218P!|z0h0u;BPw_P?C^#4`8<1bMCx(9`
zh@sEXW+AjN-?#gGBVj)RYWouU*k{HLp-h0~<UP%BE)s0kI=h<_UoxuA>?<na!iT7Q
z*>`1pF_DNO)fYdL%Ad`BXLougV|rA?I!V*&{&#$tu8v}DXnUpS{@WW4aslfd?&K+v
zselHQ=x?H8IT%mOX}CbEN*Y)a$8?!}xF50pJ2<$HA3hM^=+{Cj@$_qDJcC~Kf?kEW
zm0|b|mI!ED#1#B^I#Ru-+`hq6_;XC<4wjslTM|FugRvQXw^sswPWv4$n-4%m9~$=2
zm<q#*i`2o{>fWL~y*(X9g<nS_aj)^>^licDLXxlM*Tys80~@%M%AyCUo#+O4T_Rmk
z;~sB=#u&7|(Qd2p0oi=4cYoKJ=SX^y{U~GGiyMzOplNLG<ienLl7(#v17|SqkQ}sI
z6{ax<NH!ognY}9#ZMWMtuA4$6SljTWDoUIEb1j?18URG~S00~^%{gE3N$({JNfH3_
zdJ9K8@y({#2g`3x=Ful(N3(hKYD6S&_Qgvmje>ZB31whh&JUk2`+d7&EZcWgKb=3@
zu@ebTWWJ$<KHl$lfJD6QNT3=Vte#hHrJ6*8VfQn4N5>woQpi3u)>Jl$IX05F0c*3)
z-_n^QUM)u9Ak0HH2_m<9@9eH{pSTq+!pzQlS7c>vJv2Bt2}pdIKc8M&l6rYmS+Vr(
zKc61E{&TJC9vg{~!P?pwfhwzwH&U%~zv`zuIL3=$Ck}M-F#r1Ul`9~y)JmRI4(w-u
zIdNHyrY~xGkupha6hER>!=L^_&J`~HR72tDov{&~&%M!Eal1dQrazGsSw+ufAg%2E
zk({$18&(*Wf<FUlYq`>MKQuWm7bOLwqcLF?sQhtX91IAdkrhybGPWjxYN!*P5y)}H
zOd~F2z`{2CX}GSky4W(Ed0+MUm`sL)-C<`On_v=P{N;d=7N8BUKxb}bPyJ6*%(x)3
zpUedVT!$90`ziO+&FkrQ+(ztq)Fli*!o%Xff8-ms$rq@LtKjIxa%oH2M@R8KCK_n=
zx-M)jP{uas@6dV-7NbV#HJgJzrRhGO%|S&?U1PkNLi|pEqh-0;cDm!6$F}xTQH(}`
z6GZZTYS>SoGb&n*?;cbsNrot4p2m3j!D#(=6c{R2+q3NiundkIYlum$0$+u6GdDhH
z`24(q&t0v%9`X@ZK&LEaR|%~W7optY=&hj`{;|5kbGklyc=kf{>^i8EEKN&T%^!<Z
z^E;m-C*~#3Z@J8E#N&cF<HcExk9wxrl8F&ac2DKNUmjMnuX0a@-|N6vlTu904O^hw
zS-Q-O3tSX#zX{uOP)6*C=6Fbpk7vVBeE#81cn7XpT-1E3|BqBrbi&`-R2#y-uwBLV
zR+Sd}45QhS4d1S#D=*2z-7{KXx6SqT3z`k;m+fhOZS9MX=qn>-_(2wNj6pTmgJMUX
ztF;OI#>TJS%E3I+MvPck)sdC9S%L52t6k3s!?Yh1af6yu_XC3tL=FQ_!?Sbeey_~-
zMy@^UhBI~cMHjhf6ga!PeM{j$#IANlSEwm*D4GOa#;kdvpI29=M7t8DUpJ6Z<gbc)
zT#4PB3d#!MXVyE~-I6k{hxTpR?AVzQ=!gg}Hd6*ZDY;pmIOil6H@X;7cL}XX4KsZO
z_p{X7tanGH@h-LaAb0V~t0=0CFP%Fu`o19GTG054Z_a-RJCbdLK=_(n0wYs?e^@3S
z4nnkCTth-LM%~C*9-)G;{+8oyguxi>#In9H1v`|X>xeA2x^fEk;$;>Jo@HcNZhW1e
zon^<+t>y8BanY%l5`19NewC(=dF5Kxo(X$on53qF9`PCh|8%ZzH>6P+<L2Uje|Z!j
zJ&bg&s_f<FX;eMg2sr0lEP0g#wo$J;Q5ImU*kZp`Y8n*)O>F6iojkUOosI+QeGMe7
z%1GoC^hi?9G<MWghuMmgyjY``s4o_sT99%^q;67>vQNKnslFXuZPSpJk55C_?d|;w
zeSIb(R*`Nx?1a#H!Xp1X2DMsNW?dyM`Uqrr;1@f7V+_L{)_PrV84Nftc~v0f^o_kK
zh@{&`ZqzUW8|x+1x$DssG&hFsEL>a*1h3J5g(+hO1MtWD)#uYk$j^ls7#om9bh(}7
zEso<xem$xsrP7kAtjS+s(LFxK^pv{!gnBRekCkoL6E%6{{4nTWeT~msN^8_JBVA{F
zO_?L$JdWr1;3;5judaAq|0_mEO|xb6q)As;C_I640;wr^CZK#^^t2>zw@&Af-pcS+
z3=Vl5*ZIJO<Mrc1%A%?M0o6XaxfR-0a_1z+D~6irJ!jthuzj}@OG_)$l{Dq#(xVnv
zhuBX#5d+ZG=R+rMSR-kPj+kpwBj9@mDAt3XU!(U~23}M{>uRL`xvw7wHnGRHuSrUD
zHV?~s(aR6QhQK{)GZW(I!=9d?mzPAZvz3fb9p-t){e;&)^Ht!A<-n;6`ZD*DEl29v
zvMw5L{qrM73tY=uaL=Kz8tzl)!lAOjXwQ}?ylP+2nAw8cQP@b4T)|u?9}aFLM_M~^
z*_yy)`F8D!Lo==~lUf(lSD%BIaj$25(2lIJf=DxX?U#(u*~sSJ;zn5xPi2($5(%R!
zLcT`>Ba&T#v0)S7vBgyhhZyd13dm_eqDS@=HM1wq=I%k3E~4g$&PT>!tG9|Is39cu
z77B&J8B7(;MG|o?w)?bj46{1aGf`2QZGJwx48nJ4NqsmL{i8sr|D$h9@!(OZX$|Sd
ztpOqrsVDMT$thkWMoN5k;<_GCR8xC7RG&JywJpD0AxjVlA(HW1N=5o)yN>qcnD#87
zF-vx<(Y2?34GDkBu_P(~wTE)0kkg1;y6kjf=kq}3%!8wg6i`H~Uhq4+@S$0Ay`p43
zzujv!%g`B(-q=v@>KUEmH7AQo%Esok%TctY59uOl%N0l4mB7K1<M9M_A<9)BMEP}%
zb#@2=5CPGtFr9LKBZ<Jp4k&~0m4rjo_6AhNd~RWj*S?k$Wyd)kX<?_)<puM8BN9HY
zG%)~%G!}{BN=pa;Vqba@Vli?gI6oy`Uk8EwaOZY8z(7PJp0q>vHf_668(I#z`OiJR
zYY}jt8Q-<sFq~OjEIj*`l9F;gQUA)*tOV;evkjIv0WE@F?wH#u!T3<lA8JKRMU*Fs
zpW*>|TRvR)BF1F29jV1h!i;?O+XdAtkY#g&THC7nr@4ln*HE~Jn}(bmkw^2chXdIc
z$2d~Jf6&}ri=h7uAZ*$6XHiknGLf1fcG4^Ksyjq<3(I~3+uqt!Vbu7brbgKcLsiDb
zZCQ)#1NU1kNLczRg>ih{RetNM?mt!EvdqEBz#!Mc&-^tfO}Dtb+_!@tNBAEeXu&I1
zvs9XKNJmFEQ_|i}8s2xY1V~yI%EL3PO{@PqTTnPWEdAvC-rHCBAZJB9CpJ0x6U4R1
z7Va9;F{I}UIpcp?f&F5e($<_hsyU;F09x?Ub8`hOEi2f*nDElS$^rlHEYol2zwq<F
zh5ru<`U)u#o_lWhnP~pI6;)TWj+)g30tI1Yc6qt~-JZ3j#s8O@{+|@||AIsBVgJKa
z{|i_D9}mO)m!rNe(EjfQsM|j^!?Gt=R>G$&W=D*wGK*>bIRDe?>jlk~8P+Tz4BNRu
z@pFo~N;yvC_a;&!k*zaOfyEb1G>pJ!KAH|ggXZSuTF!4(RaLF-P~nQkMlL63=j+dx
z=%Finy=HYrWbSR;_s4tLC1pX)%~YNwM+NRIKi!J|hwa{lYG1H^xV$vo$v6BR5b$BS
zF|=(!L1lJtcVcc~y_2xxIyLJ1=B~nmdPcxm^K~o7--{9F*!!!u8g^~{D76%6)b7Xf
zr)I8~GT)e(_OFi@aPaV^XJ<tf6r%MbBO|Xm$ULr(a9v$py%~#(rza<WNJ}HJu&@Ns
zz9!;5OId*+q)FRdV88Q*eLzB^YV3IR!ZCUoLjFsHD-g0=DvDJ@r${)uuG|lLO3~V@
z`)!&&0$poOD+o4w#<{ssK3xsV19pvmpWya9LP>)Wb2#nj$Lr0HZ;<>8t}P^edspp!
z`+7mvT;3*3M11%x-UpJxQERX1|EDHScyZrwg40Q5+c;F`iW*i(7-iSe2pAaI!RctP
zS!oVgwI(%FWES}z3^2XPf0d_~KMyP)I@7i;SfAKiTV|ED!KKK+rwJ=)5HUPK($>t_
z!Q)s_5G3-V#<wAJ5mP4l6$_$X)^ut7ZQh&tC2f&6QKa-fJ_KH}T(}8j$85I;PbUZL
z+5Y2}XE_5F-P6|DJ305wHhL$Q23@5=&#Hu8hxG14zy4tNCVZOu20$i(l-1U|8Mzi)
ztVRhu-5=K6WZf3jAQp5_s2dnei~yPH-eis`ATxOWk&=;_5jVbi{0Es!M$`*rh`70N
zzIJ~ce0*ykLRCsi$_L|R&rFp+9e#ly>Cob|6h(c1e$ld=(BgLGz{F>rDnvsri$rC2
zyV?Z9IV(`3UPlrzaM<AGJo7kRfeu(!eiRr%AogzGEQs;QBT-RZTv9wHY#Sz57k{WY
z6D^yB%?t;GZ`tq=$)!vUBl@(qll1ewd_cjSQ&mfJrt#(;@wuHW7tWCCaEZRjM@U|7
zb||($c-WX<l~i#?1aSI?_n(xMYLZAw0WpEyZzQ}}CJY8<O1PLoWs8rp><2!ld;E_r
z*A{li!f%P^c^FUEIzi^4Nu`YJcsVz#R|+%BK|1iSpJFYnhL2h07G?dKm&c|(qj9Nc
zpPF0@96BPNJp=cPYx6`jdJN1-c*($_j@fFSAZ4We6Y#Jl#-1l=wDpGx+NSKk_H)3B
z(QqnP$=&AT&idRpZ|`?QRw_c4h7(8MPxwjXGFU?1kQtznhMGXKL3bG=ndN>00^tR0
zo>vy&iuJ+xRD=iZ;U$4<8N5e(6G*pK#JwFW?^m)J>$4ojTkhu)Fx$^<ihTL>u632$
z!}=ta)~3#jXG?0i)X|6_qQ(quISCPtUo!I-UmKE75FgJkP))2mY5V;+gPTU+hDsr`
z=%O{G=_c#5P}!vIuKXB9^)i&M$@Kw5J8jyy4_aqkuUHJkYR(NjHQg4^`@Drl$G=cx
zxuZ=L{i%<5!q7;0MAE}0P^l;6T0sycx|5tjp#AqozZ~B%+s@Iqoue+pd^v)?!qA!}
z0E`j0jFE?}yvp}UTe!jA4BT5Kn_L%oT(PmeUEtiL+v;%{{5sGx<f3@b@6DI#oUFI$
zAk)G9%FoR7@9h=!3ETmytEh;GiNS|uXBHRVI8Q>Bm$jcR>e06-f5U%qL&#TIrIIhz
z8=QZt=$h}H`-6cuuG5(cPuE187K~je<0ljYM3muc`?!cXUOvgd$9xsz$&$JWH=+0@
z)y(c>sXvk!yB@6jwZ7bVy&InXd{xrL6I<Sztsxqr#sowij?cKg39^u07cd&yJtJUo
zW!x%=cesqQ0{i|YBmJU;v(T`us+P)6x!MX%C7l~j@DVE2ZAqS^<JV$#V<|WrFjoKZ
zeZiUAi0u-e-ei3>=%no?uD@RyP@2~FC$<N=4)`rj4k!D)V$u1WiXqZ|smYc4@z%y@
zsk+bIJtSt<qHkJt9GZzruX8$-EhfW#dB<QG9mVW%BAGw-8u6h_l2*6$zD#du__^KP
zoqoqi7`~qePD13}5=nEY8XccztqW?X+M4GNkH_=(;rx6Lz@1+c`69Eonw2*k4m{p$
z$hG^{UDD;fVB;FX`{z~t#0t&fZTQP2mn*NM2>E}elaEZ>Y$3n_`cK!C&I@F_{dFV6
zt0aSe?8P@b&c05?ei=>r9<mVWuiaNXgbm&BfmiY3bIy-6J2<d>U2SdOT$-1r^Q00A
zc)7z45bG;IgOwm&8oDv#+tDv5DSIPjA%Yn79v?TnTLNLrwB=`7y;t9V_EJ(huzK@v
zpry!ouj>FN2!|)3zI-0{VT1fc=gZD1)!9JVM~I|d-+sLNddL@%fhx9b+Kmjs?m#9#
znZ*E;<YHwg!8Lq%06NCgCSpB(Mt=i2ICjni+}0k&+6|Q5Txt5X8Xg5cKqG4>VGZzt
zM>Xl-8u`Q2Znl)D((3Mn8qJNJRK@JiCBoVszW)jhuuduVVqSU#sK$~e@&b8I$)G=H
z8>LRTAN>*W0W40t7Vi}JGGTKcsUnGos_V8y1zY=nEA?nr(?oD^3Tin!vpt=0^YHT4
zO-2419vs{pil=sQak03qJI_W01qQx<dS;SC)>x*r@$;Wou-$pb6SNyboy5Kt&+m0x
z-OvHBMK*k1#qIs;7UN)sh|Eb$S&|u1%GsdRZh?9`<Gj@5iI%mWQ&d<6?yF0SNN!KE
zCQR#vT$<KxpsK!+K=%SxP|>!Bg>S9f{Am;u(jv4!6|FQ8;hIR_7}#m4;u|Z;q_~AA
z;ylSI%=;~asiW0!#!5LyQs_OY9@~{@I+L`sHIyG?d&2LVklin!IvV&2B{-SGR^yPI
z4D^g|A}Cjf3#qAS|8mO+hfdH?3GyeSI-5D4UszulDO4`bq%3Aj+b|-y09VayHyMkE
zl{LRx<Fqge=2SQTW_vrbM1U)E(etf;d?h$5KR6YralYY^mLG-^Wuw>se2i{!bh7(=
z2(jV6hpW5(&L>z06yrUe(v20_476Xuy!Ib1Mk*)%Xwm}$s_yccJnN#LQs5}-rT4T)
zj&NUa1%*h!w3@b<gX6HKPsOSLP)}v$bY`D+>V17&m7kJS-p2sa1kHa#;r>jJ>hnGH
zj0~RTv%0Mlzha&K>^*^Awc8j^Z*n%Xi9I>CAE?K#(D$Q?7x4^r#LqFXWHSSRHlF<c
zh;yfj)F3yS;Hp+tNmElyK?HM!`sLFZ_Jm`zZmuBj&|pP=ywZl4p8h*?@~CQR6KqoC
z0yd{vVdZd{rslN($DM*2!y@Wqk(+bcmN;<ng6v$kOzN-Pnd3XNWu9uQw1+{7$wdQ9
zCpt`#ZmssaF?Ld_g(DwHZ;Y<<3bUAdC3i~(pPq<~=frc~q1Tu{_r5rq4GbsVkOrm+
zR`4;jwfv|b;^bsMz|*ggGEwrtIBo+qTkkgHSwo7PKx46NMg(T$Rog!4n$aWWj2(9G
z*_aNf+V&oOwnSH8wVX!zN~*T)#LZRjj&cdtW9jl-I?-%Fj;GB<_<=@Suhl)av-1Z-
zC5k6KKfhiF-!U*>kMvcLxRQ7c!Iwunz=<PGGaQ{YJ>hnb5ebRLsI>Yr!>1lQ_Y>Us
zf|NgYPC-wfy4Es(wV^+Bnic}R)|Hb7ija*tYK3bF_)+dp^ZpUs?XlV*`t~NuE~-p>
z;?R7^Mq4nNuq5Ddzb0hTe@|AYIcfymXmO_{3AbdS=4nz&p90@d1=r}5jPlBJI=bDz
zD{{;#E2k-{yH%ESO(1+>``+E=17%rLT2EIAcgl3`OVoC~gMd2=BDn!(l_@_WDR6sU
zB0=|6l!|@LICf~~KF+g&!Gn_!?V7Ou6VlJGnm}1)_sloVd-A}8x4s<Zcg}xwp<fAD
z5}q%;+?s^a<?b!y(5|h9UhSJHW6~nY%^{@ow~h=MducT|pviQT&FH5KZSHbY;J6-M
zmbm-kPNZ?VJG-IFaFTVNs4J?$TifG9(#nXnd7_$RS{JeFLu_?mAPxXpG}iWF%}?Bs
zw)q;LjgQ&JY?d4?|Ev*S;~HO|Uc9KgchR<-G!;det);=~`b2iPM$zw?T_1?`XW^{4
z)8nZ&J04l{>oxP`ll!CMp%%l~^5@4)R8G7_pXAK-NGCF=rj)HeyG&Osx$wW0y9u9(
zAYl#P{VgnC4(gBCYZnzw+xfBhDHt_HM%<RS@6f){a|>syMFe`0G=6u_D>dZV9l<2-
zNVooDyQmJufWSXXu5V3W`k>dKW=|a}hz5B7(6GaGyZXkCS7F@VcyV$mpj$?!&pQ9<
z$Qq4r@W+hKO>ka(yXnmB(pmS2==!YIr0CgNXQ7mHlcmMxDxN)<aaodj5(dM-HmBb{
zy2RnI-ZF*iFHgBt`*d00*$Dg??vczNPa0^t<LK;P%JX#38X8i__X(z8VnUA}V*l2f
z%H{ZuiHQlqCIq+DXY*QJtVQ&=LZFp`k8Aj3ljuqlvIqg#<g;>&>h*_GFA*c__iShG
z@cFuDJff329Co9UuDAU@+g8K5YMkUA(Q4`pzdTIqC4rjCb)p~W*4=rP?!dw+e*55I
zxcncSy>(DrP4_K~4DJ$Kg9dkZf&_O6?(RCcOK=VD?hxE9xVy_h2=4B8p69*4_ufBl
z)mQcHs+pRp({sA(OrJix*IIk;V=lCd?SsBIQXcPf#B!J>H4PjrLf_y4Bb~G!L*8#O
zf}QW=LBuU8%8wDnfrL`xK)sdN0@~Ir)G9$w;MC1uF>M&Qma2U<ZT7=c-7ABkz!3|g
zjm}sKW_nL%(1aJ%z|_3{OR}4v&QTDUNWuKh?T_KGZfhxX9=dbj5tVZ<Nr#9m(Crjk
z$LPnP)tDlwiqsMd=g3`%jg8e3Yj0e<ZGJA`JGq$@uGM~karP-4pzvK<MVUL}m&LMH
z!wp~Uh3zmqN087=Q;SA|w$jAbpz12RPc#i0>E&fOzb=n=VAdSnm`v0+Md0uEIy;7Y
zEy+Jgh(h%Ld-o*c{reTv(|6FX1J=!+bQP6}bQAIhagx9A{_>!p2tyt4PsP#SVzGMV
zaQ{k~cT}U$Z_}STagX@tHk5XWIlH$d3Qa{>U*s^vUwo$t$Z<5S$a;K&-#IEx13Yy|
z|LYObx^iG^z?th1K20IS9pxB@z<?&uUzwJAdYkjR?&_VgMA&r9LDG?3C^w{R5jpon
zQ8X&DvMV|7>LX0PCGp6T?zh7;`q0#k`T9>o90d}vFNOrG$7Oy&XYvtQADz<`IgiVX
zb-p(m;ZTCEH(Ox9#q~U1dxg9;u!>arUBHZJ9v4>Spw5}rk%~epn&Na!{MR{=>0G0y
zu0q*9=)EbLgfq-8yf8ulyZ_Q*xbAAiWXyoX<R58Gj2(<EkpW+1+q;o4eW#kHrj5hc
zHooVN=;&7`FfKmR>0Z8S;0tU67cd~Koj(C&TkltF3-nVYNq7CqZmaZ2)ZGv}TgSCU
zUK?r%a&E3ppB}orD7UfOT^+TH&e-isSs<Z1w>25PuEt*Cygt@V+wx;9535}7{NC_}
zH#m9L>FbmzzwVB4^ZF&Qk}FYbNm@sOfF5W1kGT<&gI|Q<)n92DLVo-m7Uzo)VV5o_
z;9YZC^Sz}0Hec^)8$D2WYoxw+pWzl^&rXjW#(}B9@ENnloFmE6ot^!s-L9twuf&h-
zJzj5WkjHi1!iGs7n_|v^+MY9*YwNaf>$R^K!_;E;fLy&87)Q%QK<t*ByOFKZ@lXC0
zhDtYY-(b2V7rB1?^uD6qoYN*HZiX?eskpm?_Kjotz=g{ce|{;uWFtOkdIg5^lY9Ob
zZ?BYMeg`Azw(-}ix07tsyn2D8nZ*WPob3LaG6-|euq4fSG0|&Aji(DLigQ%`O73gg
zrjXbnfuIt38iCL0(=uQv1B?=ByO^x7_|qAoAw9Cn`qK5$3#74obIEGd8l9hphGYXp
z94rvWQ>!U=wW$fzos=G*Vd-%vO{X@#Pdwc2J1HP7#S)-0XHUF)P!PjhwP*?WqCDNn
z3kY^Z;Wyxdn!G+mr7{`4_frWlSJ80uMHb)u-Dz{?MZ#s+w{<0{ZaS*U`4ul^wQs7w
zKGca~l<Zbfwy92}FO&|A#$K-zQzU8d+4P1Qm56un2XrPrr|DE)0<Ib^BTVg;URy+)
z%K@wRkg>w1On-ivsQ~|ghXI;N@w7D#lWuP(Z)Iz)R$!#eQlSe&4tq@7JDlgu4wSwP
zw<CQelD8&ILVjf$cdfs^%ildhufPfg!bztCtzXWJEpz-3{M^B~_2dkR?#t6JILu%K
z+Ro0dhyD7O@nB@&WkCv90dg;F$bf^?!(zAU@A|tmKR@vO4DMoIs3&MU5bm}OI4pna
zN$O72BVSvbE&Bp}seKYYO~8Dw=NCA8RPuf%`}(uy_i}B|rUQGFInbG|9!pb-X<ftf
zS540*H;~ZpB)C;`A*z@)+_!uD`^mwywu2&5=hSao+r2p^1C837L5Bf4u8SU#s7;9m
z@-WVvarh`;%oto(_9A%I9+bIg0stOC`$v<-xSqFda;FalqsgI_t2?+Od>8vf?Fj*^
z<-1%<&PE^90-AO+>n*w7GL;gLE>v*7KkIBytSUONw@%8v#+C$2t!&3EI{eAPPzf`}
zEQVKnIdEJo@H>{O&9dW!g(@|icKX>*nP|eeHMP#$5|fx^N4ou?YWMXY0e0p$KMgf%
zb*49qC{b&-Ma;jWfw>{LkQ~pz0eh;WV{#2|a4PQ<?!NqRt1}nF3%Ua!F#f&$UcVtW
zJJq-@t>aP18BVry31g>)BzIDZbwTH`>OUJYF}IGoyE`L~FFhBcwo5|o{2ldL)wfpj
zyt-Z;O&{F@M}Gwe&wj626qHsXH7th7DvPSu=`gP7oyV2b7nIR4g%c;0!<p1_8Fbxl
zE9;`#2|Yu0jM@$!sVFt=-`#<n>07h8o^9Q+Q$%krYQ7l_KIT_#_+_OnD<a%v4vyf9
zs->U#$f@7D6_hqWH?%!$@|95v#{OA1P^9iEM~SKr-_oaNYKa`GekfNos2M++S>7xc
zE;)t^F*l*n+r+VTr}3(M*|X}kIvFtc$h&T^Ec~)Y=(3|T*vRL7&mbfu1a=E#WFmz&
z55VZA?6+?}xKxVZ(%aklx*FHPp&rjBdU|@nAK!{M2ZuLM3Aw_tV&?4&mlxz)+R!@Y
z??4Vq%TgXK=|ZY-FR5NmWZie0+uJg=tI><*1LjR2H4%rF@2qYfC$-;8WgQj{HZ9nU
zI5LG_tFdu4Y_>0+4yx!-?MU=CT^rqwYZZNk(pGSGCRd{+t9-lC7;sLZFQ7kleRNTK
zdEGrA(h*b(ubm7B7O;uvG{3jcyx0%|<-E~Wi0wrTgyl9RCrAZJBW3+btu9tQYUSy1
zOh~yhQ5sf5=Ff(V8bBHgfk#c<mKzFiII_&<NeCysHY(o4>ns^whpc{Dq@@E2wZ*CS
zc58v%NZ_X`818*+C`V;~a%w@?Je?jZu3W|R3VH1J+IYpLGvlpYA@+(uER5;FSqp68
zDo9LE=Vf_T(bksvcv0-x{+DW3VLt2q^k@rNQeOTIi7~jMzFzr5Ahx37b&w|}Ya3@G
zWkNwHPG8|-YxE?N<X<2eBoQH;&h^XW{HUP1Erz6lxTWA)wM~!9Ytpy%@uYzGwY0eS
zC^i1B=c5q=)$XhK2aCU)T=f0WV(|DuNyYI+b&mk|P^`uT7k6%WWPKr4rmV#Og#8Hb
zx_2}spx6N<Nq>N&YUagdb#yY{)Bf3t{Wd`P2k%x_zsuWoZo8ecx3SC3{pY~{2R{Gr
zkil>Nh1vi6;UBu;U(os$|NjE}Q=6N)Dk>_<YHB29{%glKnr3EH;7BD*eZL9&7L$6d
z_sIVql#v-bbC>;}ll?zXd2-Nx!@na%|CgNjx6l7)vwyF{zmEHV+JHUySFmpX-!K0i
z?LWUPd!4LXKLf`-C8ec}+#F2bfd^C2-cArc&?o$#_TY(879F=g7HUJeznIsMIpXP=
zP4AIdzw+rF-9-wEcU1z<&i*}7O_N)AqkHJ2hy(jwAUiwz_wewEQE@>*(EYu8S0hUj
zIHIV9Fh=s798)Y}X-NYa7W!=%@6Z1J?9vjL;8fpti2V1;)($}9-RwK0?c&RrbzoI7
zW^MDt*3z8kjUMixjs9rs|E)~&$Nk|7*NoZXXoVGU{-b{|x2B^bGnLsuMMXsnjP3jN
zba&_cL+!Z#6TmPZ_v1&ODchB-3tzUj;~bh$MrJ0MNO>QsXsG@H_tbUzLvuB^?6B!V
zudBzO<r}C*w76Yo|6rz>7_46VJw6@<#!}dQ9v!I_vLaeqxJwmtms*?#2M51ONEkJ&
zK4$*=eE%x;6=E;kcTiJ2y#B<T?Yvuo2~N@M@K1K5Ha3xOwU56*v{{sZ)>%(@Q6wtg
z*sj(YYZ7Qc5`^_D$^_S;&Se}D(R)M78kuPO(?sz>u?Ta^G>ORt=;FwE?VF!t?A>^3
z-GmK_g@45GDO7PobeT9fkoNKmjo7l&VW0d@`81i!z!R+(?bb%_5P2hIwWhl()$)pp
zm?}%qS0tvjSp8a^7W;aeWhO=z%ZEE+pO2S>#zu}a55L)+0+{lW66z|AN_R(cDylnf
z4b+a9`6DKCT}`dWw{UGoi_5n`k5554m1?dP!k&$0<3AariFgxPO@>%3rigGDwDR5-
z&QHz=x$S=s3<U3wr<!nOK7Bt$J?%nOE6wcr^n9<U{HSLy;yv+}ug2XYE84_Yr$dxi
z;UoFa1pX}aIiP%RxXuvdGZc44Szi{i&Tr0Qx=XUwvF_<e7q6_ET1U@-?0+#Rm(}xQ
zrRb$f2h>+)WO9WTMYg+QWgbm5H2d32#@L=66jiI${Epd`4eKK?RL^ipcT~&F?)zIw
zfZNtMY1*1Pj&yu0(^KnM^}DbK_COEebd>~s+vPJPed&a$-He~Yxz_k^)`p1o><HC2
z&(tXJA8eHxffC(rnUa$;wKp7hba*&(egavNpD)_cc$!M&JNsOeolXod7g^w=X1{SR
zT(8TdD@@mNqL`gZ=u4uIiqm}S%)33k{NrZNxtl&*^@Auuod2<Y{bf9VbD4y2p)}Bw
z4>pzSY-hXWW6CFs^l#zj^1ATCOLyz7bK8bCN{-*9EA-ivD46oTlREYlKJzye+-!xt
zyLnjN8O{zq*)-|7aA2RY@CE0h(<b%J2wa}eQ&|+&_V?UXi5<&YN0dFkTSj|U6gamo
z-qhS~s+?#mcl;u|zb)yV9U2~fGs(Tp;__FHM9{0q;o|xE`SwiP)s@5LV9IQvOc|Mw
zD>{W<b8dZoTyd}H)J`xz!3uCHLw(s8*s6k6_WJ$VOKxFV$MNcEWj$u2UFWM^ToUAz
zkp3n!b!|;bYZ_QMIzjU)N%CS(7~!KWUOoF`YHK(ul?p&4O>U@2$A6)rv|zc<j`7b@
zdKK=I-et);d-Sa;lRNhNRyUvqZ#tqJq?Y`*!FMS&T7PFcy$tJgr8OFS$2fDg1fHf^
z;NRRKZ@Ke0Hkvn>_woD;-Pq~7)AP9-T%Pz28sDP<XWa6l4bLrdGI_A=&cT<HC`Hk6
zKoO-kXPst`UdxbMnk49Jq<W#PI_ou}@3Z)eEg4JD*Fqt=>$wBtUYeOJ-oe2@Lt{bK
zYAM__2QIF5u~nVjMs%CTbzKk>^r}KYNC>Al269}ff7ouhzcV`GG~vQ$y?348T>Pdf
z1@|HBZ2?KDnbPyNyt%n)wplkA*}=esge{|InO`hHr$nnQWA&wRVVxsq!jui)!y|X}
z@%JV{?!nue{dL%k8Sc{I`%~^g!}P)06}#R!x0F3|=H_~Mw-DC=-m+DEepJ6|mT3F=
znW&-#9N+r-$k}0m*S)Lk6(w`*w$uSq$%!X($R1FSSkIEVsW6#2UyXLwlW+~(P9k~j
znl^a_20Iew&yA-kJANazs`T&Oh+*T1VJzt;^Z3$M;%vRc5{{0J_SxC3Z%0k}@$?1p
zjPW<FIZ{HI;?&tcmuLpDzC{Wj0E$;Lreuy9UHAmE6majpBk)EhDOeO8;LFgb(&sB3
z=2>8uWS;O!pBJ{f7NjvN;Wvz^5Phk3x2}vut-wvC2$r*<*Qt=o8B=AzhPQ9?^OQ*%
zqv4hERPn1;s{uxrQpuRftF{kfHu1K2<SvBeE;p^jigm|~ElGN&j@T{eFMzY|(GW*b
z{b{q+^|y}F%~?+!lf3e#&GvhLn~Eb*`B3h0S0+-RXWk#5Qh8PJh6}wIz8s+)La3lj
zdtwYwKSZllgqJ=S_&yZ;$!tRr-Q^>lZHYVOsxz^692lU-ifb+|j&DHa<*_sSDTi)|
znFMo$>F1zvf}~+h_p>#E<4-2NXHHOYw4n?7vOSA&sX(~3EZn^&(CLW}s{%^=aZ_Eg
z7pu=^*cp#;ub_NGIAEQ-@+zYp_eM<921;1VF8E9Kzz{L@Mjdy^KnawP-8ayCwbzCd
zZ49XIrtJB5*oiyORbUN@`p?h$p2H!P`p)EYoS{)<<m8adVq$zjsU3b-@X>;*Go)+L
zRGPYBCqH$6oLsEN09S(Lx%DDX&V4YMZP%h1neF>rPBcM9RFHAkCc283yBC>|V-!G(
zJr&)aKhzs;!-6Yq7BuHQ7xpp_B)a~4bRleCe44Ltbn9PDkW)no1~R7w17AosBh|)!
zq&zV8t;L<C?OP;$tLlE?+Hkz7ZarF~YJEs&jJTHvwP3tuCgIdxk8c?RS6du%IbsS5
z3r!&PANO;mOr6_^y1zK-M;Y)@QxCCn@df3J`mLTzYD)31MZsXZeE-8{WjcR~+*78y
z(Ro{-Lz_G^#M}y=i=Y^Icx}GO+bYh`B_Q%Qs0cN-P**<su0MZQ+WLcTkfhw5KpB%p
z4cN7uqUad0<d_j;GO^)>(q9WB2F2i|-ryx);lDz`hXh~3L0z^BI<6AeeXpv^s0M_(
zw+ad&5=z-nkMIBWfk*$PCZxb0s}&DHhF$2wCs_awBYyex>gd_&*e;N$XHV+$j{e!H
zLh)x{5M*%xho}N2QORX;OWZiRC`+;kWrir*_o7!mgywbx1-|&g=id}g0B9q&MH(5y
z6dCp^M{i|bD0nXccqQVXWPeJ$f=lHf7Wa^2BFW@q;vY(_0k|YB(C(Qq8c{Ir;Ynk-
zU!&LPhtWj?h6BdlQe+xcx-j9D1>d@9J9FT95qpHgSQh!kJVVM+RbHN6|3JL<u`H6u
zevLGYoTF9Jw!1l@jST(Frgm<bHjgB8c5<&G9MUg6^Y*z<$>4)*Xev(jl8qv!Jz1H_
zzbW+na?OExuf5R4(Ruv`8y8)G7Fzr<%odACyT?H}Tg^vRw3)iuEA`dkY9KV6<EmLI
zXaG$(xrTWmN6?!R==lf=FWzgmTQ8dJt6fmyxAz<ks8*+vlS@VL8c)k27@8GF_1RDp
z8Tm9&KZLjS)El~(;u(GKx>Nl?+`3CexJ0CwXW<H)MiSmm7f{-=?le%z<wHqt9AN0b
z$OZj=piR+C`mI2K9aYvBg1gIj0EM4eDIAtXM_+BY9%CdH#_3cIqG!c!;EsQ@t~9)t
zfbw$t*KlCvm+4eRa~A1+8@|6%!5$F3$P5<2z(OWC4Nb})nyAC90-?MqG*0(e{C=0t
z5QQ$>h647(aa+jBdN1`)X6#$aw}y!)f`U<Xi*dO<cp(E=eIDFeGejhbIr2%vaBEl3
zB>dR<qPiRi2naw7%*$(Z4!hn7C8*4tR%lJVHy2(12m3#4%AHS->a8Yc{4Br?7OtG%
zKkqUz4vB*#+#xjIZuxvZbLab7!UiU-TS0ylxBfY%$#edC`Ml?`SCMNF>1|M+hY<?7
z;8Ta0s_Tw6Wi0@oR&jZ_xx5p2ms=os(u)|BdVuQPONZ6T(D8&rkRuE+n4jJHd`-3T
zsvtOIe%UnW-}dn2gWHev0hf#0$`po+IzYkv%Jv%5kED2$j@vX%8z@T(Db0__OVSlV
zj)O{ex|eE&>%)`^fE9`}@G?RH^v^{(2nfN^JTZvMQU|*-L`F;_<qkmN1_qCVf`-q6
zm$3q-35#0EAK#1sOs-_keS(Nmo^5CLE74qOZsuAeT!k=TRR|+&+62L&ytSpg_F*)i
zr5j(Fx;1TP#_Ylhpsfl4F%**^8<MLu3L+eWEMaFBkIow#(g9w-lvJNTbs4E=UCPr7
z^mB=9^@}e(GBwgIEIV>??dmbuMTBFiM%F-P%175#pqZei53N@rqG8Y=B~l1m))<Qt
z`JyLAokAfJsp=<0*O7Eu02C_E0g0fCwh)q3r0UfMryLux<AEBrLHUioB-}ni+@di1
z7xl_(3pnP)t^`!ch`iYH&W(*_h8*eml<<zb0@qSIY4N>dC-?pKZoNe<qLs}e#T<na
zRzZ?>VL59HmVch{^9wsU`54pZxH1esLo{MwxA~|k$k1ROyvI_=oE^Hj2ohm$1DYh6
zo9aicgHs{sB<$u_7lT2wta6y0mq_POc@RCbV*bFhCMZoGC<byK&-UhMC7QZv*wY2*
zQ6XuThLD}VW8!84ZhtFFqp!4a!f?UTTbq`!(l4e+@9j}{rMuOwrcosKQ{~KCxmkUG
zZjm$0++QbYZnduUA*_92nY&Gf7)e8nl$wms=*_Eyk|c!U`>QLfc?!n*wMc(|=-G!(
zWe)YdX>7C)hH9%ripr)*ie&L@CJvRW3cVU;62DI&Fj%_ctuI+#`s=$DYOF?XddmZk
z9btX-e6>0TBHV`eEH#Q9_hltJ?HKYv(1i8^Gl<DA^|n!{A1~_6un0mExx9}1-Lzwm
zx?T5p-3_xG4{$BzBvpQ^5v3=5khh?xR5>j-j$pM4(gZDTcVFv1b%&w6a+lr2O(A4O
z<Akw=DfT>DFqz#6kD!NawXGe+f8hzSHpdXarp@>X7=UwW;C7+liV|12s2&A((N40w
z?M`p6`wMX5K|Ij=8~axd_3LgJ{Z#|u#W1-nsrhp?@V12BX+B9O{xmbp@5A}^ltvR&
zNR6f?C?VV|<b+$(aWA>ygA`LHQ2(iYNmTBj3ix-+rtY2nL7<be?)Eve-s-_hPO*7!
z(!&1tbge)7m?2?zjb$}btqF*C2YmNULmC9&vMJ*3)omaC99^}&N4jL=VhiccQNVVw
z`b_~D^ogIyTyR4B6EYo@D<k7f1;>ol?aYxJ3qe(#c9vtu8$1j}#Erob1x830Nh^bS
z8V7-;j+#=7Wxg_D-fUXl{Pp;+Pq1AvyZ-h`vqA?S{_<80G0AZn<)Ob442yn>6xAS%
zg;6(->;q`;;>RnMnQO(WJ7JrC@hxyI6qc0Ws2@}~p4(DQsjC%KwBy7$!!*KT5djR|
z$pUfXs({dr{9OQedmaQHT{YaeY>_C#aU+jj+j=oYmb^v6r~NGX0~{@UXLz5YBhz}k
zSAFKdko4m+@hBO%l(5~yEC8k-50Mif7@yLZ*Lq$fsF18L71|52a2_35Ih&YkY+m6>
zl|Ung09FFaRZUpWg*}>p(bjeQs7{q13%;EZfQ4*l9fZ!CVai!nDHNVjA+xZ&C|+)x
zFg7_u^dqFq;8jhkA}a7WPpz<A^c(0?Sw(!|brtgB0fDmSd_<U+vkCOE*<D$Z+<`Mb
zK_+&*YK9DBU;Zc{Y7@32SgOf(fm^aHgEL-vdqFkVk+7w#sZK=?_&cmL3k5aC(AXJ~
z{ex7W%$2oq7~ta|?07WX`}V0<8~^fVpw}!s!0fJfZ_(vIIFBWc_`@3LdERzF2?QnV
z3m1iLBD|i$V5uBj!K6&*4xj$!IX<p_93{kXm7g%?n-8qaQ8T$KH6p5wFd0N8e1Fm=
z>_79Z%V4i7p95axp?#RAd^$hBxqRtgai@$rD*sNjT00!q;tfvY4wdVN)BE8kDZ#QF
z2NQ#8wArBDX>~lvF)M1p6CB<Qm(LAz>7hY*)t^ACko5z!n$4$s=MJS1gC^|DAJQiW
zn`%1``dh6rGEWTjk0ZWFd%l8+c`)9O0(^<lOG7QWER?4PJX=8C?(h=0J#$YV*SR-f
zC|1w!g{7X&lt}JWxbKd61h>YknoCNte!IiK#Jv1W>59QIw@587L69C+bUguB(^i$<
z?_kj@Ia#%8#MQ<?enyY}J<H9;i-v!oJXV|_XEDntkt6mcNwT|3HIiFsA<&d9xNjDr
zZfyTMvTF)D3M>doO6icOS1x@XKWWbDf*<YMJ_0s7zN;(BB}^E<voy8#tRmT++n~SQ
zUznF$hq!!GNVWTm?P;AKOub0Ldrhpj7fA+}Oaz_LsAyp97-dxrS+o|Ks}P5;n5bfi
zFDT4<#Kwla(jlNKP>Mr)rfLQ~9<O`@6^LgDMIQ175LAe)Tozs5K$a-fMciJQi5?ol
z88Nly;IyKxK^-%1CSkPQ?|dQ=+$)UClPFdapUo37QHMUJvsU(K#z8r-KFY`|ZiiZ2
zEOo4Trkv8qrPkcB-RI4!<_TvnrFVQ@_<p3N{5`Z?vLajoEpr~Bb{mZ}Wq$8!K;m-u
z7prX>h&tkmPvElsFhfco&#(%>B8kPJEvRNqlETtw>!M6Bmt66rjDjl~fkF3aF-oLb
zLY|DGPZq-6o5;_AU{;ABK_rW85UycLQpqAD%ytF?IUNtvZo%9uEm_9WEJlf&Lqr~;
zP_x{KGZW;_Up|psI}KYJwYE|4Su0U=ODQyCj2&QOp{%2aBB6>Em>)QH@s(_cO2nnl
zo)yEj0$%q|S#_1v;E{F~pMDIM6ur|mUejW^%T2uIkK;8uwPnr1idbEpn6V53XU2+h
z0Te`-j72~ppxC;?CQ3}=iMy~yAvQxhh)l*HU+r6=dY=*?)R+(!Hk?I>^+!5BBr~pR
z$8E2_Kk4JU-_Dp~piL~q_9mQ9xX(UK?_&5t&Koo0O|ON)+lLLQ&m|;N*R4vHkS{^c
zw}Ywd0g5<*pq4E!Bm=32Vg{yl+urnE7NKSASaqP&%Ph8nhE82~H%e9gSA<li#huVD
zd!Oe7xEIvcx`%i)djonB;9_hHDNxySCFX*urC;=N_bT*qcb2Gx#=>dGj<^P_v@9j{
zb_{r(>fkE##qAw;Ccf7`I7bPQ1wN;cC3}&+FM3hj6J72mL6e+*%)~-}`r_KyWO5^m
zO2l*68#cg7Bw#(TM8U-1IT^T=a2?td^4^N2*?A$gXQ98*K@;??&a3XojGZg%OWq7u
zkggLzuWK*u3p9Qy>4$d%Qd=LsPmQ1L%E@nSJGB4(^uvBT_VMVZX70|}u0Nz7NbvV<
zpA%FF*X?E@-mxjUxsx*Z2ju)>+F2876x#F4;QRN{s2qIVq6@Od#zyHv_M#{_W{TiB
zZt`E%0A>=nDp=0ONJ-ig1l@}1{Q7o8lqNUJG8!@~H8Ii40uAOMTzv`*<Zr4Ir_>a#
zbWlWXLH%?yGi8+115sHZiShV;{Q$ht$Z3#7wJ8?zh)!OaLr_(F!iI=hd3a|SL`eyz
z8>fY`x(jTIYgJWskqIYVrFEHa<tS%aMTG<-q-N4D7%!5(ORpU?7z{(;9USOxW|lZ)
z`;$m~EIIS4qTA)o8XBptJ$DrsKe8kgL^UK|Fuq0yVYdk0tTb|h5}pvMxYda(EP}nO
zB%GXvux%_Yq)Ox(Rj`&;5N=L^<e7CYp(pu`bkgQ-z`P8ExM$j;_2DP^8LrWMig;Gm
z2y{mnamcTG<X?@20Ai?gsTkBINKJ|qkbpp<KuHr{;wB^ZVyonmF2>%dl(8aeAbCJ#
zVRI!Vgn-L0*iuEc*#ybbDfBuub*vC{ys_iim9Kf99YpNJi6P}s`pBDT?!4tqC<qV?
zv1O?C2QJsdd`EpNz7|&DUsD$Y9C4yh$iq_mje%`x^Ftx}8qgnJXqTkhFeH^wRi63>
zP`X!N^5mhXIUzsNbKblWT^@!XWv+sJ-b;{btw5Yg2Gs9+6G@6fKgOARh{DlGhn7`5
z;V-~ZgFRiRQdM@?X&EA{+P!hhHkZv6F@E71wi=DWoSR!Ql^Rx8HO*K_CWY|U@CvAp
zj=%aNbcCgiftJ|#Qn1^4Mj>rHh%NjfW*0Q9EG&`76tEl3!m-Uc%5tvmJ57RIS}rCA
zA*p6wox*6$!JyAMKu-8B?lAf#of$l$-am)5(egszZQt+HTZUL-mR$#-nm!{<;h-sW
zzsEF!RNwesWIuJ^HVxf2?I?f6fZHF1q={o3*J78~GUD80W_7q6TgyM-G|Ir6PKNg9
z=^G*gJe{CNZkt=BmRM0~>E5XL_!&}H1OF{`IdFouk3I{-9Y%@OPU?R^{uaX`n>mTl
z)cRSY+Xwe=6iQd|Xe5~kICe;`02YDgxs8>8ztk|=$<{$QIeg|}tA7IKkHlH<BtGYS
zja*Lp3apMq;)+7>$|fO*A)$+bw2n!b!iSo0-4<(RTFJ|8v7eIU<0iD5D+?KvK1fbg
zwhIs~4$hZ=7VL{CNgtbIpy08k<Vi@#9GSGVrmovfwfXfcR0`3RC4+Hp_eF^^2(NZE
zVh|lQDHuT3$Fs;CXqq-gN-?Y|O`RAqxC^fe%*`$Jzv9E8i;G##0`M>`rXCZ-kbj-t
zR0slWQTBquk^)9f6w%2r>b^Q-*NB{n4O>R`hk@LIMhBeC8n{^ka|1RJ0z!{j3Rdme
zlX>A1wZSpVwXGY;nt*aw#8sb+tfCwE&&tf5`h-pOBwmb760+=Vp=%0o9h0y<+u_nc
z`?a*;{X8xX5&CKv6|t=qxjgY2in=NqyaXqHx^jmFfQ2@m9G{R%M|ob}eKMyq4@?t%
zajlx_woTJQ_{N8%RadmauLRqGS;G>(HjI5Mlj3_%VERsV67#Ocs90ul@AkF?#0}2n
z#TG1A3q-ejuR4_FCB(<kW}C%FK>x-odACYoVIlDS>41vmdz1C29v{Q{L&4zXLFskM
z8(Q`cjDr*F)|r?^Z{){!B(9B@8mv@7i(YoA`9s1?F^MLaY3?R*6;H%THsSXdFN$-o
z@xXEJjLY_Jq%Tm>vdfrRr|vu5b^tK|k7CYbA^-PY&Pt9}P!|hq$6Ea^j9`t=VysRx
z{#BF*1#Rq<;VhAMXPrje1H+r)T{xoFn>7SJ6r4#YoTdXCC`Zs;w`&%{6Np|F!5-~@
zRR*~><s@g$@3fl4xN<?#n_4cw8urj^bLGI@o^YI*(X$$^*^*u-we&=VF=lyJ;`Am-
z%;dcq=)K(t@}5qwYiPq_Z+IM#{m=A<z<ZAqbg&pd(f;Gin~{-0Y59#hX%6o5H(VHf
z;QMpuUv~n+Lvc-SgtjHhT~T2u1wvhF!74tK2`^#>YIa*LSRCe!*SX30($AeH8j@>$
zQ7w0q7VOePCh#!OmzXTA8~Qw(LVUm89Fqj?bDHnkx)Os=Lqp#nW%!Ar$;1q?QA04U
zVK9m;AZ4bd>UNsfcN%pJY1U6W>oz2%_*X?AvH(O(bfuYNNBf*ib7F6<)D(;Sn;Czt
z0@S8Bw3EJ@>bQ(pl)binj(qxzXu4IxBMwT!cCe>mqEjWKl*dhShnJnUv&qUb=p{i_
z_M~tc3!k%RRMNLg)`Tmb4-~6GX_L$Gcq^z|;L;_nA<P~&L68Z~kE?-(1aztCJI7y}
z1dJ(p$}Z3l>z)1ioP7{KUK%f>@`x@P7oHcs-fvD3;e1_&@v&4E{f*8$t6wRzebaH}
zv@XMLA)E^VnNhO4dBA>O{!`WhnterK+*;(^t;+{yJnt!HWBMpgq=Spnx(bN`ZWH}o
z=`vybX}(L#I5ZlswB3Tt+5A=?sS)vz=eyEwe~U%;nm-VsS{cIsN`2>|3-y)wTG$U7
zSb?fV1NXkj-@EOH^4QT4*du22v-9K5L)GVg)uOmM{-XVa$#$g<(xLMT795Na&VSLF
z)E6eK^rgDzxmt~B?{$Y(;L85c*RHM^)zH)#rz$Xz)fHLML_aM(O{{SR&Zd#DuOFV;
z96rFJB!LOFe`zgBYaKo@R0zO7Elb)V*Mc&jD!{zYy26fZQGnZQnwxC?6vXE09-Ze+
zVrf29Iy1`|`$Z@>OQa~}TJDx?&dJZH@AdRIC1xmV)&cFjizmu!7+Ub%gUTxH<TS_x
zb~C&1u;7<ZI<Q&9f@YC^1JXB-IDfaSkz$=xUQ7&1KO`jNuy!iSU=BxU*Q5UTJRdmX
zi-kFi78dVFhtXGX6Z3cS_4guZ04W{k?kIq*+RDmKC0}G(#_rV@T_(IIdyd{W*DS9m
zH@3@lGxYwR3;SuEYVb3$tZ6&bFIk_W$J4>(GZ&`B;zs_W#ty#rQJ>SV7W|ug7Fp&w
zV+k~e@mVxCvc5UGY1>2T{Syb93RmszPu^5rhezozQ?ikHefv{N?Sh9#=Y@O^`MD=E
z!~DG{6aEfiCv);w2V-i9-OTf&S6>vSU+-tK5AzO^;ryk-u8)d+XzjPj21$!tSD=xs
z+*AbD$~XTWFMqiUG(ARBD2*AD{d@aJNRKp+6draUz#?sSR@&*^PAimBF6}mLMrC=6
z?;26s;NmO0e_Uju!wQ|WCB-5h|8o>G{wiUOZv3h&dql#z7V}_rR??}BX@gYaD3fhf
zH+IsF-@$$zs^vs1_Y)G83{718Vzd(NkdB2aA*!)yvPVXSq4fLO`+%%vI`SjZI=rEK
z-BH%7=BU3NuAakz&9%aHRGxBd?Z=13>xKPtjo#xRvtJ)+Q8LaI^Y>q0+qb%X`4v-B
z`rnv#kNVh6pSN+<-qn}dSctX@PuNHgrg67F#7KPJis?SWd=7427g=zVL6vInV}u4h
zdjD}e5qwVuNn;8zVEkA=CYkY&^{|p?{nrf>cbtr!VYfdk3&;46%F5$o?agmXe_R<9
zd-{&&{tWrKgpp?Zx#yPfRp7FgJC*$5!@Y2<laVd%_6l1oRIE>GOCj?DT$Knsl>nWu
zeUy}xzY8H>cl%WN1xVuR>MmO*KzUe-#D_yYI;!B8;#Ti4QYW|+<aYKD0tMvT?FAR-
zPsv1FhCB&r@cKDUDlR4_hQv&Ki@|GT1aioy85uB1!o$ny?;T0?c63E7#A-;(2#g0?
z0519eW&cns|FwT7Hh4h)v40?^|C;X$)y_XX{g3_Qko+I}|94I>k__HX{~!COgF~G>
z=eFn{KM;^nP>dWMm9(@Tb^gwRM8B@l<V{1B=sqp;E$I!7Q2sMS@O872k(Rdf@**H6
zCZ@%S+NDx_)UknNhJKu33tU&6*zIO#k9vK&gZ@)$V}2D|9z6wOdxyaM$G{z{<>d4~
z-5juTzPM5BC`t;nC&*D7aS-Gy(Nbp0QG-cJIR%AX;|K#=#L%GRkBNy1WA+uFw$c(7
zPR>y$9D%`y6$6s+T;KA8oaqBkQ7xI&HCv*+J*1y&j!u5KCCn+|{f=7C**@~qrHqSa
z%1=1Q+~mc)^(#pG&(|CWW6y(J8Ctq=PG2UG)*ZHTmqppK{mHZ2EO4J~mOY*LnSeoZ
zW*LUeGB&oh(E{6&x_>3?8e0X39LOh;p3S$Sp2PQ~r4&xMKe$Gs{F4lx2=`xlX6FsA
zI^H?o6SqH-7aUHJPF_6y8X6jKwF!=1|EdpJ2<`MWGyn_CrxX)OD{}_-7Jc+fyj}Iw
zhu%splt0n!?b^VuT4K;BJUQ-Q2_ILTf&Gi8u5}}0Ak@LI#ihkJ!6VdGW8btlb~TUx
zaB}QPBS6>3+hC8nv*OgchrPm?c9%4!y=A)8+nvLNJxfCT;fu;q5Gnv#)D`*NK7Mw6
z9jQy7xle{JMa;va#WV~*xUcttD*mx#u#ky@g5p)I=`wMO`Hx8<1s=(}55elp3|Uxs
z*odp(O!!s~ldHR1URMM0nO^qc@sX&5f$;MS91DwM{*j*nX$$0H8=RirseXHjMesoK
zG_9nRBrBW1XL&us!;4ZdG1~xbSN!?<iNSf5f%t~DsY$t851fcsg0y&5(P-3l%IsM{
zfhkpjZ<DUcjV<Nt=X4Q)1Q7-W1xk$6i3e5brjmrwzsd|v`GpO#bS7vIXxSbrFRn^C
zXT^!h_BuKUXJ=G=ILZuv%XRUKbW|<nmHAvseCCt=N$k$ROtq_*SNp-3dQrQnOJWot
zI+?n7JJ#M>*q+dy#+@|u!q!0?>@JnMMh;@$snUGt({?e*w8&dW$x+Krk!Lb0`N5bT
z3CO#BqgIiYc9T`vRCQ69TINjoxr-fXmu!x^FYk6%<Ze^g{*!NHAvf88eAueVna{Ms
zAmf?Lps4eU9BxYR#_H@hw;gAk_|jJ-Py19<uc0288l*SBurSuIBt&>c??-z)3#izo
zGm>Yk-;CNw;SPD*a(5kb@9z>{indXQ!S`2oFcU28^%Lv6Z|t|8bR(~Bmj2$JX%GgY
zV(;J%Cz=6KuHW9RZCV$LVB-A2_EgZ9X(6_c`}Vf!71ynS{oTfcdA!|i7YA;ya%QhD
za-?^}g9o>?dgaK-KFF2;P9&Ban7lSTzEh^X8dWm^=bGqndh;to7-(61S(|a-4#Q^Q
z3tGYj-}j;Bzii-erv`W%ajol41dnqh!#7dknr-9X!7rZ=N#1<NxKLKVaaYK{JvLB2
z%tF|&<@R5cT5*tg<S+3-{Ab>72k`Yf3%H&vw%&}Uth}w!17FW=oCfXU#B)vuYm?fp
zD0FWcGC^mgeHWDq1Aec&?@~^4YjN8euf~OHbQn>CIQnV8#=@p1H_#wI9<o@qhAgwj
zb`hBG{b&M0>Qlq(N=k(xka^7xI?gRgGUW#w{N`VA)uSUzm8VFFr1%+4q2M@^F-n%o
zoTtQaJ<in@ftensyDYFjz`R~v&XG8Z3@ILaUDCMrwBL>9+vR&`RCjcke9eG!J>pD~
z?8iYM#zXX#67wfSQA!?V(thd@QP1xNDy`8XUV%P@P$bybORr7Gwroe9v$|EgI<0CJ
z9XoK~J{Me7Vs;(>#w8FMKC~cWI7zKmqo_RV$dq0i%T>NNDS8+l(O8${xTVOnJ65R;
z%8%JcAFY$58P_kD6eRsMs6b$`i&9iJY%ae&L@WXz9uZpTBmYE61wn^_=Z3lCny?-P
z`0Of7@<Rz&;ldy)lKj1lW<V<<=jl}x=nLk|FaS^(W87b#UUuBuL9RR?*F-(j79`YE
zB=_!%>;98cwy))=R@Oa4cj`Z%Y2~d-f0<Tz7&Bc!EDoGq_ewam`UWis&GJBFh?4Vu
zJ5a8WikL%E+R7KfuBUA=2n&pS?#_O0i6Se{%qvla%2F#xImVXa!7Hs>h&zH3m4kcW
zPw!8C^cZkD^3%x#eDei}A+sX40O$c|;s63@09qGO+-{@lOVecFC&(=#9>!h-aYj)B
zXww6t=;jueHKZPSd(F|dEWoG$=Gs_KF>?C38LwUB_JHGn;Xtp#j`oC^Qr<i5r)%UA
zHMDm@4|G$u2vn@zXcK1{0^asV3g#l{ST=hB?V(Koiw9<&z;|e^n}Awku-kl|=k1Zr
zv`3BD&{+{3Ri1w@P@`+nOD@hW2}a^_1d?S<R*_&wUiIqI+2CPrcw7Y#&CHPxPlkqR
zJ_G+G(GqkC#&d8&m9hoOhxf0za)deB!}|ixTLfx{t7~D%8XQ~ki?YAlf+HrzOEE|8
z<@A)|l{x5jK)*__z-jamlf;}HnI^tUF~{a2?)``xP-=fs%1I0O_Va5Q4{RQC=@(Qp
zNAxOvDDSq4kc4tJ9FCb7_5)*J$k;;yL%1>oaUWFd=uKLD(Bx;MvHlza$-`*U<<7$)
zP=j)X3E=LpLfx7VjHRpRh^gy`AzrDg9d;CFXtGI-er=Xa0S8OqmMbc^-P~U6GIad9
z_odX&f8CS(vUk1L!(q*x$vqU><TZ?i(R#DRy~nSFB^ISuyXWkOnE-RIq({qXSsoj^
z(2ge)UH_v=;8~ZTR?{u3t<RG$Kz5JzfyQa4`t0$rVPK`niZ=)7^+|!YD-DW;e+lNU
z{Gon#RI1)~QlkvY6Zvlt5OlSEbyHb8EEs1W$g1&NjWaMmf;cexYG4jWmCNe_%kO?F
zVqsD0I?4R~_5y<|GiJ}H@KQ`w|1a*@jX{$Xysp=b{usrk3>kV1838H<Moa-G358Tb
z1OVgqCaMlaqvMlCDKt|pF1Y9e1X=WDkT|?@7c>A<$m`s_4Me6?w=RgCdJcyrO^I(D
zN&6>i#LPunmU$52w~6vs3i2RyW&wM+ECs@*IB5GgBz;(z+|<+HIEHL*uo@+bPc(AU
zIB2viT%j~fyYQ<^6ck%1(H$H9G2y;tJZGVDO)>)o_ZRJ%xq{+L>a<C&6+2X!VT9C8
zn7H6;mv)d#2gYT4@pZ@mBvd)XV$6+OuTev<HCLZ8TfZ$wzj3pYryjftA&X_v{1?hH
zAyI4S)JfFvL0Im6P$`GFUoJpLz$=Lck3Nwdn`Z2CKaWj`r#9-^G{WdH-__@K;@DBd
z;g^_2ov1_IfMug<wjIl%{EU_BOc|$|M@5eYN{R+_u_RKlHeAXO?O;8x&n27*U}0hF
z)DaV*Jr=Go0uZETfM%;9Gc9s-B%d6PPu-v%B*dRGF4~L%$UwotYrNGpDd;?ETNRxy
z^Y0V|eCeVsCRQ{>k19RngGwDhikcO@q9v}3>t$9Dkv9A}N}g)2RmApnVBrDT&MAy5
z2tO!o${s-jm|T`5QucKw#con%l`5d%{s;P>p#)09iBIqWYkwg_cPPhM5(|Xl{WMt-
zr9cBlN83f)7pZ>YLKgx7*B24b5>P@x%9>;W5Cb+`;ZVg=6b=hg_@;?~2EgJEcwPe0
zEaD$i!R91q09)u_3Ov%>-y8$7ZPC}C4Ul~eVQTo0Vev?e5_*e;V6!fvK}<97$b$SD
zL+ZId>u(vDD(1k5_e~_BpotknnLu!N4QtRcWR=%?fPceS0KL9z|FN|3d<WOYdl;d&
zup?-QQDejy`f>@@X;Yj1J{J{Kd?xw&`bju(itJpkdRTq>yK*T#xw*pbeYIq#*GOEr
z0ry^bE!<2G9t+>g)eI8BYc3<ssqpSFapo=XQVnuGI9ThU2EXOPd2chAWTS32TH6C$
z0c6fFyqhqMc(?{v+i|@QyM(4h*}$wXW8Tvz=axmt8(h1#dDZE(6<64IDj?+-)NYFC
zt7#z|MFW|9fq5zlb7e<-1>&xOK+TYygZEY63#xAWR0u_^{_hH?$8AL$r)d)0dtcK5
zs%f1aT6r@2=)LA@YTJ+Bad74Osofx{6_Q@TO1D<)!cTVq6@SzJXi}_i)OT_S{bT8C
z^n(m)d?3Sx_>p3$qOXp~M}+jk#~n6er*3*pr-Jq$nEP%@H!o?0`x0fD1~%hr`^I&a
zcAItVdzo|jLyX5FIni{ZPV7D5b(*^(;2b*eJwC3#1Ehv$JN>cF+uxXMx1RX)b>HF7
zJ$>*|m#r`Vj(Izsp>Tupi*<}5ar`QejQO$^GOind8IhazQsDIQUS3|08IWNgm=mhw
z-Ltc)wp=f~ozZbdra%b2Y^uf*<4bS7I-QBSjA+NS$;*|hOY|xpMoBz3f-<#9CE8C)
zW!iaj$9ddohFn)s0_m|hSfYTyO#RYO$?7nb@*uJNu!8S!O>2k^p^zcuRDnQ_SZNly
zfSvH^y=>A!M~rwDxirHjJVRDOLux`QmRT9*1G=WjvA)avuTj77WhAhY<()aWImMW2
zX|&2k)z5gdggkI);PK*eYkEi7)p>lIy{26K!gQ6DgENl3I2Oid7FI&cJ=xU|Ke^H|
zPIytAs`=wCZlC<3*fEK?>b;<7b#(ScQBx#FR-?|AgwFoC>*(#-6>%xc2x-7`7`|>_
z*m%o=uAAltD>E<VXeu>xkV2MVQ0GZWtuS*y!BdYPt-_P}V=cRPdRk=f0h3`ZKi@(g
zp!<uO@sB(o2lvVBTopxS`T3-p2Y%pp3W74?<8r~{Kk{XEYIzDvVq{WhwHAlBeFt%$
zu_MS&sa9OEeA?gOTj81P0AJM{nzUu#hI~stgL5f=|0eY-C@*eJdI`*DRzsou8S-kE
zI^w2ZSfJUE+8DN9ITg}E(2AkvU!a4=c1FQwW8|QtzpKt&qn1R+Ocf#fYIjod%uCF5
z?2QX)9I;dKDO4A-*yjgXcpl$YB;Mea>i297n!b1#$sqcuLDbaYa3xA=`2<;Nc-zkc
zpZ9}hgBS@z>w9h4Zra(8wu>bx-nb5`R75xDf^dE%PNisjN&1?CW;y5#*d{4t@PlN7
z&K(2RCPE<so2HNQx~XW3Z;9PgIWU(pnDQz+NDEE&(lY)g;D+Jos&(1H`nf{1o|+iS
zQ#k%c+Hi$xy@$WdM_DO>WukF>I+E&TR@^NZGdTD?y^UZ9i))ROhCgKDaCEi36;a^e
z16z$k?&Ht~nNq{l+DWX{wHQK08fL^@q_nK^m3l20E7$W<*x=IG+MMVGZSB%XmARx;
z@^V6-g2^|j->buLDdaMj`_O5P{S^k-X6K8v#dd4#><oLg#^QJXi_j_P{NuV2A-vJf
z(OVYy&N+5734e^OAmGFjK6Q?H{=K}<e|=Z7f+eJ@_V}v1niPo+&G2O0OShc{zPg8S
z>o5ESNC-d=^*HrB4Jv+i<JYGG{>VkzjhrNDl%J438L}=Pu;)P!YM~3csA?{73%Nks
zxg+K}RW+?Q&P7P=`IKIn$`|p`+7}S!h=%HCJPav;R#G~S{x2SIE0qf+7#kuR8n?X}
zD|O!SNmI|0s-|t<$VbgVVty8-^)^iN?+%sC!1YVbK(i`SP^vh9Syl;TKk)mJ7S+}d
zvqi8G8!-yT=As8y(bgduhkCiY9kFHm0}x&PrL%QcU)O*94frxou~L7IpzE|MzjBp;
zMf~jBdN=iQ^`je%g`4^4T`jQGE_XmM`Iz2}j8A3rd;T%IVkhwg_23y`1M!80Bl83G
z8$UHfg!$B^qs%mN6c&F&<rEFf+36Ko&iG4BOMrlUY^|gx%lvkCXBj_QjH~?#GE$?M
zyfR<88C{w~bZbS#=mZ|sT3K&1U`-pw)S0-EkN*^vBn1JZ5wPRb4yv0Ij6y-RhAR!W
z`yPPX@J-QCYUZn1{3wC4j?~ejT46<d<XrVvH}y}}N1Zw6oD1rO-8tu2ty$#)F(##o
zJ0m}^czj;5h4`IdhZWS~r*{wQ=Xtztv11byNrYqAX{L8K(p}1G@*V-~lQD=0hE<Xj
zeNiw%2>QD4FamS4>}Z<c<t-%#B!R*R8J!R?eN^HI+S!0l+!l9hKyOt_!$BdwtHYmk
zR276K;VuB7CtmR+vO*#Ftu|{JQID`zPyq|>>!#!2d5jt}iW8E(+7O%W7|SX(^Xrx6
zl|<}6_mU}D72TJoE@Cw*dCz;g6(XzOIjb#xfj3sORKd@0X{GHV>obP;BSCO^9@U4U
z3Dcmz1t>78X@nMpKFbC^he<9hEGlO@3nx}uE4$T@sDDCnwWZ|FYyXua?<@a=H6d-d
zXdIGwt;%6jo~5>xVIGu?10_$<MA$?T2$p?IhV)KQ^yTRj@HS{qEOc*h0iXda>81pu
z(nREn0c*nuNlVD`4X~5H%sCS9f89z(ad1wN!jtcyDfy%VX0@BbdTT=0!uz?tz@PuI
zwEV-SLb$k;U{kKkSysHQfI@8Z=%<R60YB!(1*Z#GQil4h50|WfP89kIkI@P|OU_Lv
zPkL6L^sNma{42(jAy(c+C_Z2!;C8AArLR8^{o%rVxd#nkg$pD-r}5`FAU#d(mAwAQ
zXF($wlu#c#9PrS;%k#b(K?-xK`yBls=PB?M8yjGQUL_)d{&8l7(tOS~YuSt-Yf!&)
zH*eHBfiKXt9;tc1Qs-Go@^J)1I)*pg5pKJ(z5y+Vwl^#2<>NsyNbv}CE5)zWZ^>KR
z2!?UH2QA%Mt5Hhz9di#mE^^VF-oyLd7m=KJq}4}V>-CHWHH8}=%KvnHFsD%%>1@3r
z=05jd4jN!ow)I|xF}T1M(!|fMS2%rI_z}Kz>^Mo!)M<AplE)TtVSj1Zh&<;>M1yAp
z{E>~Ylm2Fv%vxGC5N>l1XIM+-xW1E(CLCJ9owcH#-9Pt${J2Gp<?h_&?$~vz<P`<{
zs3U$!-h3?l4_7q<NQQIYYeI{o*c6QJ-csN>5gyuH){muGBKo>nAJcleWOtYYGj@i`
zK*O?1*N3D?*a5v1i%@sGtsBKp;)NL_iL@jHBwq6W3nTk*uf6ehnWXe2xN`Y>vi1J2
zcb(sfMrW%Vp+@am1X^5Xg7U=xqlaL?wBI-<^R0tIMn*pceH6%SyW1CdTwV(7dxh$p
zi9m`Qxm2r(f?_@xmSi2dR2d<|yzMn!__i|#_Ml<fLdl9GmID5Ud2wL!Tt?}0_8cx=
z!G|Nu%THo<9>VM2nt~+}&LafJMYsdUp1|_Ty`BxiJnqYO<eo;2fs3mF!H+pxcJ?|g
zkn<WIDrHBu29K?ITA3U&Gm2UmxQv)uRwWsh<4pbW2JZr9FNc!;uV?KM0vqLRB|+|M
zm2VWx7Sp?r>1_$AsurUbbWYc5FbY`$!ASs)(h-Zp*NvlwGCrLj&lP+K`pDMAL^!ax
zG;zq%hPX&C82J>6xi{^^j=W$2dklbu?{Jhl3ZE$`Q7K~i7=Yj^Fn7zAlmj7G8NO;5
zHgBC;5-S1aXLYPhhml&68cGSQ@2i?0_{}^3i<RY`!^REAOf6F?Q7K+1CVy5VCSI7a
zmh&t#YF8MjLV!<hNjZ}I1;O-xk@lBSaRqDFD4GNf!QI{6T@u{g-JL+=4#C~s-QC@x
zad&rjg4^lr{eJH_=iGaLU4Aq*x~tcy>RPp`YCiLsGXWew%+xQ%be@%30T`1{<XYRd
zZ3nfTxJ||g#XwK+c1OZMKB^|<WJVdI^ahz4p<f#HC-J2-NvsSS-DJL5#+skPu2jfG
z1TM9ws4n(r;$G>@a>1|sjM3F;Kge(NZhLRT;S0er0)DP3+l1SJOCs;KiK5HL=DAJx
z<GoVEp{lw@D6lAuh%v{cc0?h+i?;G$;r7YDaa2x{RvO$sf16z;N$w|VYz-5OG@eI?
zv;Rg3vo$R~ttNM{=RP0vU9$|@dBt<G+rkeQ;{H$Xjvs}viF9G?gmJ7DSx6|d-80|3
zDflw)ZIOylrLy8{xdAK6b`T0>LK`C^Ygp)r#rSx&Q*1<dzFI?1w+GG>!_`+QE8jFq
zyJw<pkJqE3sLpBFH#PSM0?Ki|U^@l2#Y~`+oK>yPT4-r0Rt~R!lRV6)Rp(bTI=45F
zShH-PSkLIN-%~ct1hfex(<&Qy@pyFDDPfkER<xNM`pg^~tWP4smd9o|GkMKX4%!u)
zGuQzV?`zc8XoAU{Vh3=rLT6l_<DhPvH?{2pYfsb)eg{;w&V9jY4B&#5^>ok+<18Pn
zgABBp2}A-g=z46!-P0@(pJ(1iKI`wU0K?MukP8WhH9bqnP`m*rve2;&!N7=+>YK6c
zmz^N!uI`!8+Egs*d-R)aQ<6<przsf<kD2hO8w>p)!UH3mswYNphTgG941F`?#P&?r
zPX5ToE3BLSSXlQ~U6HaSAb!Cs<n`h&oXupwhS`l+;(yT#X3b3xY=PFl?j7FOtRVhQ
zn(XDE&e8`gjUNA>mwc`3xv@*pz}2q@rH^*NMz!68dVGu3<;G-CB#dBe8v(QS@TMIw
z26m=@vs!cbady3qgrI)fytp&@>hs;97R9#09kF@67M;2sXE90A+WW?2zQtpDu>pr;
z)1HRiXFBBJLjkmnxK!dT{t$G1zV1i38E2WI{VyB7Bjky=XRHF8K?uz2nDPKA8hnRT
zeY#vlo(6TF-2Ax2LiOjuz+4%$rLq0+fsDB#<;-kekgPiuNAGX)X?^G&3nOlC2^B$!
zo2Tl{i3#4qVQBx}ufZ(7`h-E|0T^{+h<{&p0Bz8Q8MAuh@B9dY9YdtY@wf$6$^DS=
zfAr=HXE6NY-R(2MS?t>m?HlEFPtnO(Ey<KmO(`|g2(6Oxv$7UO(&QPGuG=u`{B~zM
z-6e~wkl>u)%t^<FZ{4vH>@DU4PkXlor;(uvvEcIAkVLq#_DFg~F=y<4QWpa+5^}~Y
z$)4=F3md7BU<gQp{kooy*exnU#!iY}zzdQelzGW39YzX306lqu$UDFLq?J(%T_(Ha
z*q#U>Vh*bpD8!HXy=b1BL~~xWEFX)z6HSz)F>(ghf0IxqboO*al#dmXPnnx9?Yl54
zH69+^w7h!w+>d5~2;b~A{(u;YkQxs0YvE@^)@3aH2z1FcXt+T&3+M=CI&)RUban^5
zvJ!#@`9@4qn(yRku5=2W8LM&H)j9l%xe~d7em#;ad1B$CUm8b+zW}Y`JFY!Qz<)~=
zpnNYdBsw+IW$4clbt?LZ3J?;Xski2qu}R2#2otw4DzrawgOjUI`;saKP?kqIPNjo)
z^@5FfYY#(aRrI)7#lu_B7|eGzM$;m*$(x~lr%yi|@3v@#wdXH3qf<8HyHD(wyNDAf
z>Q`ElBx}I9r8GU}7WKl(;chvfmxHue&B<Ebv~(fCmC9Y-4E*(7x5#y4Ohm8dQ}D+%
zf?hUQ%IEV}P=fLBUQa4v&hG;xO!o)$>nX}{n^yop<f5?jezzMDoR$x9AQ<hdc9%l5
z6~DOt=^NqYX4T-#HlunyU#6>dGJbORVWFL_Hpr7D^OSazSHDM2&rzR1<@$0$^KGFR
z&O8hu=QQBQmX6VYSrK~!HgbzeAw14^Qs)k{zQ{E^aRfTuyV-CnH7Wox^EcIMeqqG@
z0lO*0Ci$$TD@UWP)-Orc%=*=}!9U;+%w*r@fQ{2G<2hT1z1{ALp~-37HzII*J-RgB
zO(RjA_XfOD2d@XUtS|Xk>n);@7*UY57fvi6k4D%Xl^3FaBM3hCbJ5@Is}Tr15Bq$I
zZ*A-E3EdW>KbuBFW8GZ2?#dvv(s*Jy$nEB+>9PdSdLLY5S}cNp*zCn~%9y<3FX=1=
z3Do^JvJB@edcBxrR=a;Y1~_0_+CEa#{zI{NC0J95VBt~NfPXkjV>`&#ycu-%y9JUV
z)1iOE6ME@w->l{G;S4ZV$+4G4bJYWc^Nu(?cYWBjGT$GBOFFz@Yq`Tf=$%#(omuc*
z=x#ycSa;?5-D2=PYrT%(=29Yp)Y$c<sr;rsd)*ht2v$$6V=-{4_Ifqx2T0eWI9t~j
zgZ&?QADn56v*TJSv4QVaU!aX=EyhNM7<YRHF>A<VhmF8E9-LIQZbe+bk3H3ZU8_*!
z@;8QD;jL7=g~$k!?)iD_BIC3JO*K~zNj1t&;6q1GS~KRPq}H419F~PzwK^v+h5#-x
z<MvDl=4>fA^Zuf+cH31xtBtC+h8gs1zyADO>sM2HoWzA+Zd@0$4J_YCajYF1mMa+n
zxS;%+CbzlPm2V`yp`q67X(P%U{z&L`iKmAJ?$3N(&)pvsF=Gvq?b3<28Wuaw{OO{q
zeo-wA*ZhbnT3_&?A(0{n3m{&pK;+Ko+eu?&U+`9Mq|H`ZkrNa7jIG)-@kz7#1l2ef
zETfj#RTfleq%VUpId5(=-XXU)(_X=2LQZ$`c;6#<e~l)e-%rReIJ6d6SkWV7#$Pzv
zH1ZfUaqAcH*WADxe)Xe<1VV!;!PXM?s;AuMcC>WOHqbOD&)&uqvQjbV)=afGD`YFW
z%Z_Hh#$RkBA=Sf)epBz96lYiZluu8$hDGDe4BNGH)m<9MK^9}qDq<g2z}c4{zNNPX
zlpU>e=aT-xy&_Z_mTGtN>Pr3Em>oSP>}8bi-H<kd&XYI+Ca^%2WuCbv$Q_?3YE6ur
zb-H6OkB2)?FWVG9DtMm~Ec3D<zcOJ>O{23$$@h)ZmN5dl7`P@pWvjN)ujSu7<3#UI
zo6Lc1T$98eVW+V6N+nC3DdeGs02wUy%)=Mn4dyV@B&oXu`<8eC&e;CP=jTWC)i)36
zp05<wK968N*;n0P-<)6^E?!%X({h_`!6i8h%m;PdV9=su|3*)JJFvj?15I0LA>`g|
zeJz5hV}~d4#K7^T;LsE1AStgBMl^tYa`3`dD2x<-(Hkat8zf*z*^iew;&z-=F=6qS
zU#8q&vVb2XDTBlcTNc`Q!?2QW0Bx%GRA$E6nP?axbSO<``6mymsn!${n|JdX7sC*S
z;Na=w%b#mKu=MlBS6|ZL$UF-scTx($@ZOaur?SMR*Mh)Samy(6pcc3``Tq1;6IfQ@
znX@0<#F9rR{S+WCK_m&}XKi!;wLmsOOmO_G!A7u5jrr%j;=}@tA}$0Jmd#ahTk|g@
ztUdy*|8j&}jrDVWNLYNWg4(e|#p~=(p#wW8WojTh@g@vgJYPp|$MZMh6j%>$_`4B_
z+V=->_l9<;$m}bO-e}>>rVD<>%q9E&ty_dFfPL<m-V_n$2?-iFGs8iC@MlHBaldZX
zg&9&5c;ht4K>em>_tM;aZS(!%;~kWIv{DD*x?|SC9`xbmo$r%sqQCpbHTC_ZKcK_h
z$NYD>F|}5D!vT}eUO|9jZVyA;9eoa^j#Snsx&)LDPGECkVpH+O$!Xr1Y}=OXO`%OZ
zRX2Rw<?cqltCYq!?lK-*D=8rV2mJV(bCZrvW(MR2$uSAS-^ZC+wHH%KF^@Iv&3)b@
zz5TlkW%?6_JsTTidJc^j`X2{!07>N_-VK_B<BrPAens9kG5Q%k_Cbvjqu8sXS;i47
z#8IaSukga^=$A4AA%C#9PJ~kJA0}s)n#)1WUOPAp`yyNJJFj?|vo4mHrWjqeeeY9A
zUBN<A?j>+MYgD|6@oQl_$r}?ze_JZUl{XEwpcX2XB<sV+ZN#4E>XG^Kz4M!Fi#^EN
zfcM7DFB35**24}R&$dnAovQPTG%cT;w)Pm0IL+UWge)XaVot<Q6!q+J6jLTa+1P-M
zmI>D}>yOEaK6?9kF=K89`*z0|p3(}wyY6`YvQNThipIfp4&9d*N+15o=8HF%pkvOS
z3*Jw<Y~&*{5VH3g8+CDfewynY*CYvQAKz<Xo8tt?<m5`<L1$I!$C{gx``yX@QB(6F
z|2`*fbMPn=rPq<ji|IHf-pSUm=jUTy@@td-Yv=Gy3Bz&onpigi43OY4qh*_<pu_2Q
zaGIIx8bg=ZcLn0j<W_I}>s#dpIGyb`9}6g*tAagxn0h$ZW5f^A0jogrVly&17N&8l
zpv&Z1aYrV$euJ@;BD1^40?v42c!3GvZJ!qm2Z8jc5j}1u{jt;?^`6>Xc9s-@9y+AM
zk%?!k>EWKzO1HXMsi!jj!!9$!{L$DQwbTyAl9e-{6MZ%G_mBT%h`tml>ptlUKKIdu
zK5quzjbc<WWK`91!V(5*WGq)t_`k1(>9K>v_T6Bxs;y%6|A@g+)6mQ;QFLb9JXFro
zi@gcH%7l#}hYuD+UwO3#6b()7tu=7TxtWF)GwWQdT~cLGxPoLhPBpOpjG*6^-)(yL
z#&*IzrB8j$J|+TDivAv<{bT82y1J?{RjQ6@HQp-IebDf0tww_62PC%qcFt@yVJ+U0
zk3ei6E=*YOF<OvbX2c8N5z6c7M>I+fuZ*|p$FT0pbLVH96J)jWM2-*YKc1A&<_?IZ
z^aWOqYexZIcZv9DuvbO~xq&oZB16CjA46)^J-L<%AHvZ0B}qeFy`{Sv=Vl#RJ5-`2
zPVcviB}{1)R)lQAzXp>2V>_9DMKzzf^fNnjCVEl&T47rm7#R3xrJ6Ailxg%IO!8mF
z|M~m>pkGaAGr*Bn$TyiYX$KW#CEz%zm;rXB*?4omktPC>SS{=h=K&ezw!iZB-rnAs
zTxBFP_yD*I_H?)YN>6#@xr(FHsOOMH9=S;>+r!1#yGpla!3cX5<G!9#oL$n-#$PC8
zGk&ctvvz5lkoL2e__>YmhM&p`6S9C<%0tb9N=Iu73R?lYPo$1?FyQTzdr~U+zlIlm
z^}E3I=4p3{cpPVlGyjJ^=K9P+Nko);E05luycGzAzvUan%(!qe^kRar*V-JlJ5I3%
zSj%VlnTZ|nInU1vSeoP1)Cum?${L!byCUR+2QPoziS@`D+BwBOS9c;<?0#T+sZ|$p
zHF;-I_u+(=Ca--+^{BPDVmc{5WLu!PS)c3fd3lsIIu;yGIqn^C$r_5LZ^gbE*19<>
zD04?(z@OU{G#(wD+D=ZF(>H%v17n~lPm3WS=!-f^+9@f<(JQm(knL*5MtgwnD#4<Z
zz3Od>7nK(JFZZoyESn9~uf!=K?^C)8-A~jk?OMFdFL6#h*8?oJ`Cit@O7WeXEj!*F
zUEN3?O;tlUD*V#2GJBrcP;$I2s6d-aSKBe>^OEc7cdEZ;^RC;;Q-X;+(Nk;@8#qY@
z{boe^WoT!r>(MB^xvh~uD5JU!FfO&aQSj!T{M>ilE8HyM;Jq8L#@IU}tC&eAr0<2C
z|Kid5ICC|1ec*3;+ORZbvm2N?W8<%Uuh4D9#cA$}^0K|`xz#}%CI{nm^A&Z4@BEYO
z>=l+3$}|k$C2^D8n|9>Vmx?3k=Kk&13YE2bC-M}%p8xw1Y)X!M6PH$v)g2_QUKcLU
zgIXRZD_JB+HSz+OW|q}kKh+6iQxm{!ia4*bGq^xgV|YN_;iDQFTdF~e+^B*6>S8-M
ziZ)j3zJYF@XCuCXQ)8xg@D{Sfs$G{~G7CAQce~dUbyQem#eNw?wHkTriZAwvFJ|D5
z$-_<${H{k(H1(Kczh$M~Xb+)Ur5ntWhB<ohRry>m*o>Vo8e^$q=$4HkXENcN6yU+8
z!+ywbMT5HfmUdC`Wva>(zPM3g{J--IG}8{`)Id`gYl5l5(;Wf#!@WYI9c|-_=B7rl
z$(fuXb_FvlL1phE-_>?wq}9!>0gbv6A3Lw}nvv^Se*N;xItl0Q<+pO)tll(W_K>&G
z62?xTD9j>3rhoGN*cI?nk_EYxQ}7o8eAg{0zQ+e2?6`jHC?l@hSF0uh;I#g?v1I;8
zhX?$Vu0}(s%QhFPNp|-9muno??IN1m`o%vfd${<mce=P0vH7(xj9ISRkh~9?bi2A-
zm#v21ld8P&Day5`?H|A@bZfuENs`H4ZbXQ2_yqV$1&USqe92}%&gE^!h~{g=nv_Rm
zSbt??Kj(s|Z$qX@s_OY@!&ICg*y$~9-WJ9KZiSkuTK^e2>Io{o?4c1$oTi!7e>Or8
zTHp?uVhalDZ@*q{<1lDS2khTRy8dl+C*_TF-QHY)Zj#C6jqB|Kr5KN54vg3!=$|xs
z)o@$8T3z(J-el%uW{MlEjLOv9BN!~*fy^P!gmNws@jZ<B(rBALftxz)1uG0+Fh32C
zCP2z5LcKr1t;x)QMrS{l46N&atU0Ak2`)LiVCeTa*#l1BLqDV2_rSDWeraitf9SfM
z6I9LEkp*o@5|>=H$$7cK<8K<k(%CpPcf~}!U_{)rBVAw&Uo_EcQagNC1Q{`RMiN5%
z5r()vN0UPPIhAG?q!4oJR@=2rhfxppa9@`YVw>#4$$qiBE@1v@b14JaR<(CPPsBz6
zmH$F3@SMs3aVQyaW7f*_M5cSlIE<?8+HrfeN46fW=k|nzR7%WB>RZ!7i{G8vJHjEm
z#;Zxdk%vrwd%ogD?DJ^V0I{&l)r)#A^fG~g`*|=q0om*zDBf`gE>#<LTw#Civ*~R=
zuu&%MsdW1MwCZ<8(082KWN)pvUDg};QwaXx08N`-8aTC)csnVZ_pTEnH?kw^1;qfV
zTi@C!T-1jm5fE#YD8uW%ICZ{CeW(t>&kTo#mbl)L6f|~Kh^k#7mj6H`oIJ9iHNor2
zJMhxWw6&c2!r61TiJ^W<Euj)fJl3GUm3kDW+gG^>INW;7k;lYb<K4fTcDUp_FWz}j
z+1>xZyrbr-iO!QJW2|{Ta#c{^>liwnhr;hTE(9tDbEyP2H-vbdVY89Vr10q4d)klQ
z+|Umyz}T;fxlSufzhnX%k^^?Bl>mhm892$4`PWZeMVB0$h~U2v!I2pJ2;ZRGy_t~I
zI5_4<sLT@-z2C#P;sC9w@byV0Pt0A%!|;OfPU-I#Zb4a_2aA#RmwfKNOxmHX4j~Bv
z`c)6r-+XNnV!m*hyq|sY>&|<pv~Mx;@VpiSq82LoWbtIXI6gaIrvzGv;oyZzVZ~1G
zp|t(~dTOo`s!`|XSiD)GHYA=fZo2<8N{UP9bMA6o@kWzSr0e&W2^cc2vx7O81yC(Q
zxEYe0)_;$04e-nOrW--ed{-15Hfv41Z@(Yr@YhGz*zKHd<DMf_EeHh}S;|BQVFeov
zS%tXJhkr|1ST-xPsrV`t(?e`;f_OJCA%G^&!n1W;EsF1QDJf6Bj7g{c57j~lX(fc+
z^pd)`Fn|tkA(eDr6>#35n2sUj>KB`r-aNb{$#l46=la*HqomZQeZ1XcVIYWRgjp}Y
zgY&zDK7Vi%TiFD5*~`##9ye7|!%(tMcyh41y@_j}umLsQPDg7%-#PB8H*SCEe`f*`
z_>REzdU|n#dYVO(dP#d+M0K?QT=W*xh6mc#PqI!29`z+LE{eOtoE?w`GOV$-h0&a;
zndz{f?N9KjB<B)wSfSXBo}~AXS}2nz$$YF;$J+_~m75*&uJGi#+{S93oJY9~)hbIB
z;ln0-^G3t>xfZ_1u=y`8)Y*}C6bh0dhs5a~V%Afgq-^KS1@qn83QjPaMD9Zz2sJhn
zc4Ta*pAF<eP&lzxbsB&#VrT0kFuU3oU|LY@ixfe_Y-z5WOCty`chVJ?_BAhA8PG1H
zJhb~*4sM(sAq#C2nXpuCZ^)w#4dP0_nVJnu%sxmkV5a8mKZ%~X$U4$D``Wstvjj!8
zpK-eEen%RqwmRHzGD3NjJL-uKsws{9L3yAcAbd<Fgo^|0&A{Mx0M~dzq#h}jw={}q
zr6jDKv3QznZ{kX$3wD4AtSNody6satz3?P><fI>>&JRl^?U;ew?P+vtOzkuz0TR5e
zZ`KK~ks`+PygL9BV#UPRkw%?|#i7!1s{NH$h<~%-*T9$$=`X~LsJZIT2Oq{6KW^^u
zdnG8@SD3;RCfCtCad}8Y<Cfv4DE|wCAGN)g!q~9Gd|)lwuc+-Pi@|FliETNvC$Vj>
zikb`26C*CxDZ8M^3+A7AEW-t}7N(ZIZX+#RVKmI2XF$3xd-apn*pTQC_WJxza}uFg
zG4pBiVZgm(VU1Bp<^>nb9?5t3NWtRJgNSsDTY@w!Ec2gO*@L&=ed8Bu`R6yyLL{bh
zlY-)O*M~-5NS^_gf_;Y5gJsZ(Kt^63DJKB6S%(lKwiCD%sJm~&4{uV6`Go<(SfCyt
zC+iIk^x+<)+LMN<Bf~L01rN<UIQuhXJm7KDn_njf<T4#AjDp!cCeCoVeVOzMGb+e{
zn=tIX4A_$ii#u=~A?7MpL&3%Fsn*VS<+{x{9tMBma2c7SF2&O|Y$-=25WvEY{NrkZ
z+3oVUXShV8Sp~edQe()26U`GU7%<Z@e18h?XnZ!F|6AA2CZo`S-AbIsS?G6tt!>&|
z0a_lQ{X&vIUHu3-qntI=HT%E%qO48AWDEG{@9$BDpFwec#igj2lmS7Hj0B>^&m<l$
zU-3lRs$YEwT0goko!=@P9%txS`eCsJ?ZWkYH#P+A9=DMN?fhQBp%Gn(F0-QAi|17D
z-;ekVm;($Pr-D{8w#+KcRGjYDHWoUePbh3vT+#<2t8J#l<%oDFvQ_INITjL=6&04?
z)u|Zhikc=ymu93V5>U~M>SkoLl;EC&uvs@mg;bbEs4N9;De38oidx~Onb?(Mli~y=
z-Pwb7nMcd8&26o6Dmq}w;lrxdN~qalG7`i!-O(dOY1*o06!j!bC1FNJuuzki@=myu
z7Ts@In8hU|$*N0m^Hsof@@r>*idqtnoUACbHRYe3*3yhjN|TUrMfS~FR-{dyt)`z1
zPmPoE@dd}#+1uB#lv*_Av8pC1YN`fD<;`j8$vT^&YiMvKs3pXurb!tYu^gBjG_0_e
zjY(NBS}d=oGwqwif-J285?IfzEBi~VbLv{M3IHOFlaYc#6Ztu7K?{qLys|F1X^Zk|
zQZ}yC{e4#Ivh?YH;-Uo|&_v#1$1my0Y^*Y3K1MM`7Uq`MT1{tdAB`?mE|sUAKiCen
znp`e`=|()wR+jCO&1+uwZsxY_mG1Z(dcoEF&6mxer^_HU=FHbcF4fQ5Fpl5(^xf{>
z$H!@#7j7N=>YulbK4`vbXVqC#XMdad^#19cQvDxeFrtJ1BPsg7g?~-@SBEGd0ptH&
zh`IeAYqTdjaku{wNB!Tz|JSP?2vGz~JK@ET2rDU}fb6-DL-)a?tQ<&A4#@p}5LJkO
zt{SVJHKc&91!_}BHaRHy7v$LkGK{(<m%Hs19hCy3AeN43%VWB1yJ+-ua}yLhT%Ws!
zo-4Ipe5R0v{@4CoQx1E3duTYggOj;p>VUvN1$lYj73)JUd0XqS@bFr7TF;UIL~ab^
z-us}T2#?IvmDo}jwxSJ{v$oZtc^>Y)YKwJ=h39{+HKXC;(a`&|&v)Qrq<J?stfO~z
z;<9u(I(wPrbkIBFsamLs>^JF*93XLJheVns&ldXwdoj;zFLYsx`oL<FQi`5ObOZvj
z{5hT9@?SW9zbY#0`F{!#T=I$wAMw=8BX4{7uOaA8n_3V)-N-aDXm{EN(x_G2uW`g=
z)QNhBfE<cIj%X?xL>wH+r>B-^DyE<eC51JW*liu9dU`rKI?v?*#3S8P&gWz4u0ocR
zqM$Pw6?I3`t)*1Ed?PL3Lnt1gt*m}V?r81%zu_~WHUox@c)rX4TWB}Mdz)o9(mC6m
z$g1Wz<VV`oVjZ)ctl(qPwt8&y8c8$Z`rT)XyGg>6=?sF-)X!i3njB<>&!2VZc+k@v
zwJ{p(ux<Xe1}ch1X9~)DQ*p>%?hcoJVeJAlf~Ps+++iNfJWV2Aq;<@7`TQfD-ks5^
zq+N4n1$=6xU}9Z<;y*n*b9*?)N=;2=Wo0cHvuyJ3=-_Px*}&t0T=AY>U(4@gU6aGY
z!sc_0I!Y_KBQM$+=A?^Ng<yUy$to1zfmA52$vA1zakk<Y#8upwD$%<zIy<BKcDWN?
z;sj6Wa#SGe=NMwhX||MTx|-ixeRgPn9LgEp?vGH@I&4Ms4m2|-i`h{#V&}^yC-n*Y
zRb}U9T}sB~wRqjas|Gw7$O4aHTTAxN^Y>g;%ntcNSbrLF(fYvV^E7ek%wf4JnDyd;
z9Ns{;f0v5N=#L_Vv%#KRuoD}OKR||X1(1n{y?#8;R}Cj$i0-j0SKKyG#+uU*EY9%H
z;NFTA4|E|f9IPD|J1yqq(z!#x_Bq(-sf=f$s1X2L%%z>l=#UnDT+eSR9#c9ka%h$n
z-p0Y`p<-oRuO$mO6R1vyJ_}}B|GW2_>3G`63s^B#37cZ_2~hOWzW|NR$cC=>XxOw!
zE_3psznHVjmW4w|iE`xH3>ej~eaqcf$2FJQ?anjv+<5FcqMp^8G(*5LdO>|~FEhV{
zTI0Qg8WfQ#^3xrC6N&@CMM*$5_z2VfNI+3c9PA`D#N=MbgWtZ$;`Q=PRvRII@EZ~S
zm>n)h;&h+orR(L+aVsKgPAzHX9M2My(;=*?E&oqtRW$Buiz%Z6Pc!YJ-$iYeA#8YO
zvhj;?8_Uv0IuIP}QAc|pbI=l{&-@hq<*8^YvdVxHZpinS`!nmUu1t`;uaib1Cbu_!
zXjqtHvs?1PL1l0Rn<?K;zTA<#RB@ZDK-2`D)c0vc6>&{X^vFt8?iI?>2~vt~T$~Ly
z6)bVNse+DLylD#?^Ipi~wA4dYlvcHey3YX%W|r9zhSHxi)~c(TX;i~wc|Gz|7}%q?
z5>iw76BTo&u0y96DAy7ty+w0{t%?^~?2$IM=UTrYxMNW4|0qOlVoHv-?3@ma6yLBW
zm|at{`>V#I8A-7`>$$DdGCTYzt+W_0o_P|qk^JJ3#Bem3==5fJ%-&~|7a9>l%Fh31
zh@FL8iG~d8WFJi}FZXyJ(_VaPIBx;wVnq$BaVtEb!jbt-YR0$iI2c!JTM|p(s+@v`
zF0xLPr0JBD{c256J{O6|JH#kf-vwSpe;ziRnx1z&fJP!l6{7yCKSqk%d6T=|mM{QO
zQFowuS_XV$Q=)s5Uc22V{^TLMZuSg|J%{wrft>sA08807^P`kkVscsa2-|Iyp=kWx
znBIIlfm5MlK3j6m$R3jyMfO$(6a7zviq%V@`oPNyHtjXO?@-ArxZD8b=D>I?PFL#C
zL6LPH?ri?|pt{##rlyLNiDij)3CSqq-kcBE%>AL-eyCIyZ&I!5z!+Tnuq<cLh|`iC
z&r6;|Mw{N0-B)Py26lOQ)L)oVj_l|z-`5+>W{6a1)hEondoZ6(AF*n+Cns0tdoUWV
zNaz+7#3Swj*QsP99CakMEy2ggVfAlXT@#LiRd>(1{ipr3+3E14w!R9f*I2TQnMLG&
z)&MeG(|$eGs<cR_h?;xj<Df^Ioz`iouZ=Eu8B+V>4%Il%iE4|%n(hY_4lHQ3Cnl@h
z>0sVP9}M=aLeO(Y=?S~Kb4%13oTqbyOo@(D5O*JV;L)R_q87j-ouxS`ghoXj&g6^D
z&(D{PmGzXwA1>sYTsb}zf|6P*4+@FSzVp4%x>k1Z?hW{r8e@LbX!azpH<dP-w3jQx
zE)V(9)>B|nZ->_$a~9n{b26Wn+;eH7l)`TEt?Gv?Xd40Cga|JArWxk1(ah#o=WF!#
zmi!>?lIFX2e8VflB%g&e@*pyn%ICvPB33cPP#D^_4`uC?-aj8Yx6&pMQnSYMG}ryc
zz<Jdo6%Lmm+7G5mmpM{#qLkV^8-6-OZ3s5SWN}KXO+kCGxmS#<%NzFjrUzN~{zRqy
z@zOo#uulA~-;3*MI(t0Xpahu7=7XItTGh+Y82HkHGoH<tLUm`#WWTJQRlqhavDX^S
zv3Dpy#No)64SP>WM-%_|ud%%pjs?p=o!17sY9zk@T?<t}0j4+t_h>??Ln^lc=b0>D
zVd;AI)JK^>y{U5q0I*x*L%zTy$5m@iJt)JLv09g?F;`UMxT6X?A(}<NH?Y7nWA5oA
zhzlDWEh|*bQuEh=Gy98Bb&v0z9Wf01i;%5tCVsL0i%M52NITsP>7udqJni@=!4Y0T
z0qHJNB}XS7hy1i@KJ#Mo2pIpt-|}1gSucL0p~|8~OORF|!B*|>Cc7CgBLCp%L5_Nm
zMHh-LO@>{{u4q_p#2pZ!&g&Jv>1sLDN0!X3c8YV)DfJ9vvc_}9`21Wul!11;2}tYy
zfZvy9!?V&n=ASONOF0^DsM@^=n^ohR+5Wf-cmikQIxr5zJBa6>gO2hHeO)$?)@(`)
zdvHE=@Jn61GGgC^CgVCs&GzPw)9PJmXim0socV&gw2?D1-`Qd9a4MwtYQV|O&1_r)
z_I?gob7cxUF<48Bebgg)l}z~yDtYH`^dM>SeK>HN6F^aDbJ2j_)iYv%cm}V#v+~_#
zNIE47d#}rtc20FYm$Wxp0zSKT*A?-i$hj`huk~&^`W$j?DJj_ruld4?!*?c178cK3
zuG-sQ-SHS7&a{ig$y^--EUEz%q|n&z>WqN!Y<II4+-!G>s;Up0W8rCT&ka+8r^oX#
z*SOV#bKep8diDMSb|R_;Fl?dZ)9`z&i{+M`SyEo{aj>R6SS{#sl!LR4eBX;*`CLbj
znzLhLGe)h04-&v8G!Ouo*y1DcLbO>fF=>mcqr_F)yq~nc9&MSdj*+n=Y<U0P>c8BI
zN6B3RwWG@iAh&jtyB)WGT_0Jmb3{^zpm*s*Zw?YX;`=Ateo4LrmrpvJq6OlgccArc
zfL(GfN0LyUvctb$&HZL}m}(SQLZN0l&^DZ1DG%W7n5Zz2vS4ijY|Z&&(e!b#y3u0f
zg_~QI8;Na2w>;FrqE<#~Z8~T;w+F@fPP|P_9ob)8+EnSZ_w5}UMg%@$Ho0O9R#uW`
zuZ%NY;S3CJ3?8{5%gI(B?Rj4&pz-BB8oDr_X<5+y$Zft;?en~{cVDsY%evT0?pE&$
zZ^7iv`1mtYPQtXlIyDpC%yjeqy_N>k+Z&aiACADSuUgJ|U)jvtNf9l5^6f&wu5*|J
z<=<Ah578@>$m?a+XV|<*I@51X-s5Eju9v4Qp{xZcUH6&5QoG<Axp#R7z-kWD9CvlD
zh{o#<BH!L$ZH;iw5;Dc1{0dcU$YH=HA>wAO#~BY2erGma2d@e&u=ki!B$vsaxK%k*
zuk}QBcHRr6DJ`aE$f^fAv-pe}54A)XjYc$*q9(`he};6XCo!!!@$L<A)-K+Czxg9}
zJmZ4>3kiwV33r^eS%>x8MWF<3?Ptn;Sw}!tfmk;cc=4idV^X-47_<AveRD#x+zE#P
zA41kM$~AFJz&<VZ1p9bkEG;IF@4;p$<sYb|J=TvgLuSAxm*W=)_9~&^ou(_^si<xR
zUDZu;hSRS`7yJj?;ex1IAnTlGk$Id(+YC3XbIw>PZ;-4AG$A*Cco{j$mRMU_qlBa)
z3(dyp*v%d=mCY)N+n}qwqXY|sjU*rbz<ukWu=ScN+mkiXkQ*)VsYd_U_*Sz11`hu4
zWTRdhn?H&o`m)aS+)Nurg8XvDt0US?X&qA1K?FYc1HsLG4^{~>`sjtk2c45P56fJ#
zd!%QEfpJ|R1UPa=>Fxy!53)<UUd2<DSq;D4-6b;}hc`S6!N+a82^mP9$>4JJdrJ7?
zoT)9T4yS`1uH=S@IzGo^mcr>N2<+N0xL?lFhL<6qyu#n4sE)zC3hyi@7@gC2Z_PFe
z@H>;{_Q3mmMNnsRBN(m!k(|N>%x>%lqG+%C+0S$lEbWc{tZlS=Z(#ZTM+P&CuHfov
ztz=1I&~lE+M9-w-2u|})2hHnshh3lp&r!|WF$*zR)vVDrI(673)62G7nta&_hbvO_
zl}^9IincDVdVh5hE*TeF?9pR1V3Q*|?(FrN(`64T5re1+ypI4cpqmr6{;IbV_V@y#
zoAbL`T+al;$1UUA$S=E_-Sq#QCugFjiX{Hx@CM=Go3*$;Gn*k?=#R_u6jgVN{ys<1
zz7R0&?ZO!l5ir_JnBkOjR5}PGu{vV*d=kzgHM2MSlst!mHJM8MqNw{)Z=AxHfB3s7
zN21@Db#`&FNKgm>X@%!KkzkWNJTkGn-evOl;z&~a_g5GAakCj&hS_?SR!>JbJ`ZlY
z+dB_hm(0PHU;|@vsGY-Gs&_LyqNh-(?1xmz=`m0G>a-pTFl|o2GridZZGl{MmUU~X
zsjjRuY6cZJg^GV+(2sJ_j>ZmaymzLk^xrf3bs)=#X;!?#PRfYZy>mN_?O%@CsOhHd
z%%1DkD$>g>#<2dPa);io-+Eo(4Q)BTJmw>~0u1pcs}qx{#%z_;5QpZGyzDgWGg<<`
zW$Dv_CACV|G|XLv9oC8mfozsuVLT>_m#=@lO61U`q@~{^-M9d|;2=%^3sv2DOt!l`
z*+ZYL0}+nodZ&5uqUyWt+k^0m6uw9kkKeKP&+I{y&PTg}4&(JM101XY{aRu*x7Tj6
zHk!by!S<4TrKl?i(+SPd!MjcAY|b>AXoBrS^Qk{~$t$NX7;o+`An_EpYm97I!>iV@
z^Hi322%u-^b?4MKU?rs-eU`y_2PJVcgUQM)o_2?8h6c)FtX{%ERAm+IL&$*nFQV5Z
z9RH(=qg@Ew!&ROeQq}+=Ezz3OVK>>|+GANJuS}T4Cyy=;uIQ;E!|ZBB=bh5p%UtBy
zoqhFdF6ze}aD$KQSVI%h#LnF~^^4Z~ZwLKvFGoJ(kptA+E7zUQ0a(A85(26ZqrLfp
zl`y9E++JAuU9uIPZkeNi^fR!=ddovIN@iTlmYCu2y4&Zq_iwud<kz$}L<H}HgwD7f
z0Y^<5Efsgf6vtnIW-^3ibO}uPNqcT5#ObPXJ3j@vu#TJ^PWwn`p>N(>`GP-N+UtAX
z-Y~Ug{D2yEd=PJU+-CY8$6wx>HyCe8_2m8o=18fKq6Dw909Np+#}6mFx6^2rI~~7)
z;eyT#{Hd9D8MS9~(FT)~oUph9%MzE$c{@Jd2w<<Ce(%N{dGYbrtE}N)!Jt??L9!5$
zX~6tzY1X#-rUg6iertEG2-Bg8Qdk_;6z})oJI2<O0tyN{Y-V3TeDN-?A>ti-W^Tc1
z&q?Hu8Uog|Ql%l55+k==3+59dv8R$NQond=3(C-g>q8akZ1(sGo+cJ2I|O!Z1R|=x
z-~^w0DV8-LQ>zVg(Tcm=k#*3<1N*~DyJ_QP^qI@u!wG04SLoBtzl`8w(9r)=v~7}z
zS0EWqYG}GxPCzsozt8s%d_+oZq`DAFu2|9@r*|5*|C%5MIc>XN71sAIhlCk_JWSRC
zqmFk<c<sN1BKcZw8cb?ltIM*MG9neH>MmIgfiRf_(wS#@lST?hO&uD#hvTVpD!R(^
zJBF4O)J#|H9lo+!7U++Y?)K-)-|4q*i+hcK)w3gcKNC~Px!W^vLWEC<YKg#bbn@Ns
z`ot%Mp*wP0sFFkzY#t^QQ@CV-8#ZY&lJWu1A}E$7Gmj*cxrR=qFJCqXUeBpIJn<FQ
zO$%$+e@ctPNNO0s6Wy>aOT+PYyMC3MVi7Jl$Ungrk;v7)4!xviNGlAzmcp3t0tk?*
zT;NoqjjSuaI`5#DqE#Ndvk)~i-0{--FQ!>nt-A>e{zeBt1S(^~4g?hCB%qf7D~VZN
zAk?O^hF%xhG6Y^c@W~VJ0^`*6;43sm6rAAI=rjA*)^M&Ij#`|rm`oA_15A#LAkrL^
zh9?+^8R!)GTz>Pr_sz8<gi=%XR2!W)*6U_)Ib^=UkR-J++vf{fELralz3w>8#yd3U
zThu4))%x(b^h-Sv1*l&_`Lw`&?BPEl;62X?)d;}K0{gZy1AMBRt^$2(;UIB$&i(@z
z<))`o4o?+V)Iq+FRnDs>#U<;B3$-V<g)z?}#}AKBs@QTeVN%z8OIqZHxpNqyqXwGK
zF|sSiC8ml>+A{|RQCF}>R?k}4lo0aqCC-m)-~RY9GBuUIX|80;NkuhEPR3Ta_X1m%
z7IEAbRa={O-oOg-_8A$b={28WY+i_oH_I8EA9~LmOXYOn%7z+1en0=_&wueJ*cP_3
zQZJ(R8~Z8E52_OLpK~X9S~AM$`}!r8!h15@6Kp00g+(!GsWJ)%M1eubtK;O<qha%0
zWc!DvF)4A<3L<>$c&nC@RLrO@QB-t&@~Y8>^$mu@Q)E<ZffX5ojdG6p=~P#kddk|7
zGR=-vIMlVb{T69Ovde10(WQ#BD$251ydxmP@wU<MHrY&^xtqIZSpgeqH1hi=+rl&T
z3Da@BT6G)GUenqV8@-RUSvFcrZJ@Kv=P1XMOO%(BhfaOzm`<=-u9c3_I6BQsIk2&_
z%~ofr#^U8Hdd*2=BYDse>`C|4v|dwJry67(RcnErR+aA}?6C(>%EldZI%Gw!)R_!9
zfTFUhzlPXQo_H2Ab4Aw)F1!P%%zKr+p03LMoqWA=zf`4Jj4C;^QMEeyNToaG_FWBT
z(4{#mzrjYkiRNl@=35}oBoGX7i{3Fy-$rohBXHb*Z0hgc1pD+Rc>8#W8sp(k;@L67
zG04N%lK#)*OlOHl(8W?~Nfb|JZvLRE<2Gq*wY+xgWvGqBwzIqHOt-k)2G7l*A`WM#
zfA-lSh0_4H3Wb8n?43waN~>+i(MMMA?(Lbo`l0yM;p#!N<jkq-`Vh10c70P9u`T+_
zdu_}5VQ^|n4o|RX(n`VPm)977v+b7Z)=gg64=gM!UY`%`iOFmFQZI!qfw}edakcLg
zmWsiehSnUjtG`8$oZ6`I%K~oJiq<Mp*4Ad84FXcGeh4^R4KJ##JPawCki3<v*s-S|
zr2j*95z{6F9h|r<Ms5mB52vS1563P^29>?a)b;fVk&uuq52d{V>cY~v6t}9XyMBo3
z9O@{E$a)DoSX!2az3^j)3g7-AqagWyWaRW_js0dVD|XnWSvLM*zoz%QruHBz@<lZO
zaW`Ag4Jq$6BJx;QUsFqKfi{@CIuIC5aJN5#qM|uGGSX|#dfR25R%D7XPa8um{~t8m
zONUKEgl@njJ#@^?L-$Z~xUy!(a`t}^@v1!iM$LA^`jz>nZ0X)OaZ&=ypRY;B+#r1Z
z|AyGV+5N-o|NjE^XV=%IWn>~f!EWV9kwb-vW5q%L+<ksCr@H>2Vpv#MIE8Tk{Lh>J
z`Rw$)H6gh=|LjGM;(u!k!{dMsC;!iO{NExC2Ri@1BL-9qin{*|I)E^&|0(<%v;SW1
ze+&O&4azDir38u~oE$__B4T2S1sVK-e)#6X0;E1zM9shV-_OJqQ?Wr`1y$Z{pP`C~
zB;sTbbkC3S+Y~glN6n25O=vjw%x%kyxt?YuHjFQ|D2^}8>`S2R>+2JjWxwt>-xm`@
ziH{3cI1)2r#Xfm*BOxUGiH2_P;GhCxNNo>>V_4##hX=Y$l>M?K1K;oOmv)UIiWTQ?
zcp~j>P2S4*f!CVy#buUTDq?Wx(U3W{q`JDeu1=ATDShG}eh=#3^cp9N4eNVx8;YLg
zFN+a4qY+mqcX)i@W_qaOY^dw`#5VuCon6MzN)AjyQXK1gCf>1tIi-V|cK;AUPNTiy
zE_6}LRsMWmwBWm<T0QN|%*;P9O7DDrak0#a?JUpKNO^~tnfW#o9WxxRFKpZ1FUqVT
z5(SA|Hb9Cr4uP(iyN+jg=;f$pr}bme+B3JF2UAwG|JhZX5<=%l>!eK<_zL|`fV)DY
z9+Sxse6CpTXuH>cU|>MMe#P9}T)uuny;7B*@;@<~(Xqf*q1x=0pnYZ>eX_SprgMP{
ziL0#6)W%D~MpIP7tc>2B`mDd_3)zhx^hRIn`X?D{K+0AtaQZK!mj{KltnpfEmx#&O
z(Ni~j0cNTOEDP8BX&fGp=Yw~nU@%tFzOgJUkUMSe7-;M@Y)RW5BTA9IN53#5O}m<x
zm(}m3v=h-mFM%G9mpeN<xgV0H^ySF;Ft8F55?2*1qzQjqDkgVw(0RY5bE2E>wg?kH
zZ|`Cm7%uA2kT6(9bXGAPY69y>jH=Fb&L;V>qwtodTFM<bwU0EJ_m_NLBkGEaDM-Yk
z1|}z?K+Iz!TifcSQ|A64xV`0CqY9n&q?LNJf6pZ-P!#PzMBI(*v#g^)_4wH4AVZTI
zHn`P;v&n+nD`<+Gw;goegng?Z@Q3_sG;j{Lzp&QQ>_qGjiEuHDXi9sgs|#xoopL-)
zPz;!aB{=Qti~)I^(Hj2^F^IroiBb@PWCFfZirmv>r1N1eEqG8`l<x1xwMGE2rsk>Q
zxk1P8vw6M<>@5u=qkL}Vh_Emi6-DJg3Pg;Ihy(-#W##4Vk}?Vkv8%FLS~%S{bfzuw
zLDaP8J~PApu#s`(B`lKv?uvUnF0}kTcO|2t&dKrf;f8i<OC7bf6h|quVUb9*F76}U
zzB}CM`|51K&BKGLNZ>DjNWkA?g}C^5&?>JcC7Z#SYifYWX-DYw`d~7d!39#KzTP-y
zRhf5q)P*UYBDEXjKoIIo-Ab4+&aGSs8+u)km;a@$4Ux8aZ>Sh=MaWy4<XkRGK~nl1
zqC>h=aZlHXoUAnlyfO1?N?qxfq9`2pf2On;9m7c?c4MoY-N}l-Ota8%M7!*j-0RK_
z<E4rl*I<mU()G2v+?F>=>+6$)DNnS~bK3^3E^A`xk81rrsX?Siz{Mle<Q+R=jJC8w
z3kL}li16iXYq_@S3Yg5?%#J+#r3|xq7tAuU;s5m0Ruln$yzjm^G~%z(iaF2AlpRUq
z>X1tTOlX>$0z{$K+uIwb$Ah(+n}R|;!@pI8J!q>b$hjp2I@nLM1=B3I3(t{XSun(b
z!70Pjk$h`5)lsSczKEKZyZ-7-y5+{wLrhffq{UO`$dh+n_N&ZM<?ZdQ9RQ$k5O}s!
zUGAVg%_;-xtTI`U+udPlDkdmU0$gu(=yq_k7^XHZ(qa^XC##!ffjH7Zf?dUyGYk#g
z5;m|z*X0PWz4a#3mN<+zxoI$`JieH)c0t(wOec^~Zv76?nMRf__>`~0G?0|`<X73(
zvsH0he6?dd?&;%J8w$&t6an!sGJTVul-yvC@`3Mgverxxe@JJzP}lnRYAGFQ4nfJb
z5%G0CzSoN!1@&SoEZ3Pc+QHa&j&)KX+GuZ-N?O|v3rCMSv}H>8H4E2GH$-NR>UJZ#
z-_8u4e^jh=*kd$C?z|Npw|~WrB&Fj6G1nz(n{ydnjKa)xGGi!0V=kpZ{|Cs+z*7yh
z4LFr&WCNSKsHp`x_LX-FJEzB5SXwF`4VLuv+iGPZO?C-SwAoRJ?8yv;39qx;kmchC
z{%_!rM;sc!Ejm$l%=voEsk@NshCmD#qYght(0?3dBfI1%s=bKiC2=Ikt1aQ~0UFYS
z(L|cR=PU7<JT6`L+MRej&Ly*Xqd&Y}{wj!w;+YOLGcPiGh(WV-I9M>PFs89-rdzGF
zk)(Jbz+u+G3Ij3jb`{V)zLn*6#!@`8q@1S)naN|Rro*d`gj4B1uCSVV6e6Xl2e)>G
zRf>@ucQU~<Y$5lES_l$_cPeVQGR5b?kW|k}iyCGfpkO3Toragvwk60YBq9wiE)O4^
zVU1r)@BKC>!@dxHJ&04E{&s8(dE`LTfm~SI5-`>UsY&Z7(UCMPQ1MpR0TSWctD#CL
zP48cR&&iNwvtCCXziNG{rzl91#U62qdycM}IzEYA><qvHMP`Y!-%!EM8206-&5QWQ
zeAil8i!vq%SxeE$IOt=&gX3zyHh`=#oFU_<3IJ?5;QzThz{bXWCC<bp<@9@7c3?pv
zinX8#>&=E(5eIU^C0owyqhypTm!MyrLviX!Q;{1=Py6-!oHBa9yp51>&?5((dK0UY
zlE3nCJ=Vb#a$oWaoxju@KB}BzpF-bgOcnD5+4B%1RjaWu)JAt=vf4pg!Ech$u_XeR
z<Z8}_MI_U$J=IoLR%~e)PGey1lZSsFh(szJ4C*s>)Zf-!xskXivTe?%U5#~raD4iY
zlrtF4<}&q08{G{lg77Js{eog8<&^+KHZ8_xwz!qr%9gw^23BR%xU5*Y_8|}Q08aGp
z&PVbPL7~l#D%!3oD;n~%W%>_ZnD!FD9lyzt@XUjQ)1?Fq71hORJ-KS#PG}gIT^o?e
z>O2K?85U+^K|_ObB7Rq7C1G^*hX40*+aoD%x_cXCj)uE)0PLrO0d%*0_`umO_TuWH
zSt}t{;3WBW2YUqA2im+Tj-4)UALJFPY*yG|@|a<0$e8iiBBDDjXwg}~g*}02se(7^
zR6{;{5Sw+;V-AEv@5*Urt#wc#^r`3e+t>^pU&S04T^nrRXa>BggBv||@As^@emJXe
z@=Fx1^J9)Y-HH4}(PD?3Gg3nq#Y6r*IQ#jNSv8YhVku6ShT%f{wB@3}3NlR3c-Gd2
z)@f1gz(k8Po<o@N=qI;{4R=afYCBJg1dmV+PsVI#M*_y}%IeP#dlTrr2l80N<jJjS
zID^Sp@CR4nn>&@A^<nEgPA0T=p;Gfjbb8##K7bi+@f5lK75-$D*?}j)zbCq&?Vv*$
zo)>x5!D^@s?C~7NBS}|7b8~qNl3jQ%!Dm?N>m~B-KB<>CQ^vrm>F#^S@!gn@{-m>j
zqZW}=QFM>RWZ>mdN5E#^NxhyOciA@)4mCT+3*Pfr?rm-WEj-w{osLsR$0@n2^hNmI
ztWCl^dY#vb;|m<_WJ75cEbg}NYp4~gxu@DGMiV!xbYi?M9m6SN-So8ly@c^qO$RFo
z>SI0RD_k;nQ5`3kc#cujRP^Iy@<9%qXv}cT9#MC~pRV9qm#Z$~z5R}(+QwvA@xzFG
zf~d45C{9{0i9v5P0l>oPcnE*dAtxB(zjHlfaqI+{<PCp>qJNBrX@@T>+$-vHd{J3`
zhUE-TPwMIA#*`{etJ9{Oh{4wW)_63~k$RQ)Y{H)18W_7YiNo46bd)W2E3i0#qGvRu
zEI-o2_4V9SQ(9XP4H(tAKczYtm!dKr2?eolx`h11o7}C3{L9ge<~zgO^0AKZjQK&B
z3$ze|88Vihh_L=w0y_6UE{Y^Nn(69HQ`wOW)J&;1`vYcsZG4F(Ey^EDVbC4A3CI|F
zy+bHOusn%!1Mi&fxU&74YJFnA|GXLMumTbzwYd=|-o(&))W)P}^y!$U`}x49rm?Y6
zn4bsJ^gVaAd^HzsqW7Qfr8AlWwzZaJjeb$}F98AXBDnCjR1BZCPK0y6lc!DVZmz{i
zv)u~jtm_Pz(>NW8Q#4#8ha;p6dTJf9=k88wsYBwYXhLO5c3Z?a2`*%c7W!N${*jcd
z_l0?n+?2mr0GN0^@PC?GoFy-@tDs<ACrl5cN{-sQK5&L;qF`D{L3>?FNovrTPYeh{
zAR(uRPbROHg+t$XNdJzEmE|r9LhgIx2RV<t@_M3+dyD)?tBS?h5i_@Dz5wABb-ozU
zUJIC6kO2yt`l3he_3E^z9@><&w8~_KYX(O3W>X-1i279K=Mpd!r1uzi5bi(cKt1P)
zby4RRLZ~-cnI#eODa)_rlM)27NmeL6;W|K+c#NuZyfDz@Y0_D3{83#l$5pqjbl$v9
zK6HgG<nv)QY07%@0Zrr#(LWX42Q1zpk$buyiOM(~ua<R2$4S)7@a;A0ZtYmMW`DR?
zD<1t3O(1ZXULr7DA~ZY?mEei7*x|_!Kp@MhdB3mZeVo!i=_jt*2-n}qL}txlD~`~0
zcuQ>}i^$~ZS8pQm8^mXjn4mGc&&5o-3ftb!vimUBMFlK~A|opTc+^5#H^P>3^}QR(
z6Y$#mR_a(X2DSQH3AC0fJ81O~2VzUy6NVa)O>Ja$MC_11Z6p|_oCE3|#4yjAf@*IB
z(IK7#$5(FS%$iYB9e88CC`eX58B@P|<V#f4f^cq9{a(@WOwx}jRv-5&n8K}9{g3B}
zFaH-~XB`w**R6RH2rdck1b27W;O+#caS873!Gk*lcX#*3-92dI?mC_Kz4P5$Q&Us(
z7rQtuyUsqn<+q+^E%A)8Pe)p9<N@B3qnF%RgS9fB)>??h<2=cC$qT05?Hul}l+}eM
z=?(iej{I=436#c;uveuh=}5v7vBD+8<$+sb&}y*+1wU#85x|`RXkeFdhSprlvdmZT
zYzF>w4zuR4=0K8Dky*v-;&QgGs$6tNN}mteXjm@=`nVIV+roN)uwQBK%?2z_e~yQ2
zoZhV@1InwSww`IJsQ!TW{+5{HnTxsM@Y%j^Eot64g@xb(0ENgHDwLOH%n;`t?QF)6
zMvM2vt)>H$0FsW77{k%4M<_wf$emOsbSoRGJm@O2lPAM=hIR24-wP@%hDQhEl`2gi
z(#W}Hrb_&auhmmS&!j<1sIb0HpWn8b#yVl{S$;QRy=;@|NPXlKd>HM^T;z4@9k8Wh
z41W@=a6R9k(`ml2nlw?OJSf9SixGH|^hQD43~NYYPY<l&jr$fq4R2nrvB=`!4I%Rb
z!{J(w?D%CwY3v)uO&Z=%@K4L{R^O>$C%cbDP@B#}SZ@?DA2G&NDRB-u$Rdm3Ng4GE
ztFL4~B)K49MZ@fP5XX#+nBtC>HM{X7C4Z_|A02%$h!*n!<6CRF9zmMmE`0(iNe@yR
z_Hi<(Li=kAX7%__=Yhm8RW1G*uqDJSY_Xk=kPpwVCH2Qn@w>C&pdMu|J12{k_U9kq
zA3hV?buH;6B-%rnT8(i+Vy%xh)bZ<)dCcVg;^@c6yn-AZd8<Maatz)W@HRp~o0Q5N
zvf6%=G(Zn#)|`E{dkJV?rHJ{2&10q)T{QbELm~!4m`~a&zo0esq*}F|!3>aeM)Ftd
z=%lMrM*}8J8Q=`qmA1dtLqkhalfi|woilkjbfR9R5|W=zB)n$M8NwSHehzfKu)h6R
z5<}$9iNxa$6E$P3bKereB!H!yG((YSugqOrv4=PxedFWf#i4A{)#33>hyv`#E_8d6
z1=)EbzuUW-`9D6^Oc-5pAygLm`RaiX$A}30-aCj+<h{ZBPyI?>n-w-^WdU&E7xmDN
zE1p~5jO65G9z%U^n$)MRm~-(WDw@z34QLhzeG*Edd{%E6s;-p`A$2vpMcd$-munVu
zI-3(-yy16kw1HU95?M{6-saKApohV0l+oTLPx{2YHjziy*_Y*g4PhS#27WB4Ef@au
zxH0@E*K)=SdBgi*s;7!*@|uM;@DDqap!=;FtgthNRN*9xRhsTj<u{C6!WazWrH<6!
znY^sVO<;O=^WmWI8zi@3GsAmWy;N8_(eF!FuB5oS-mBRq$C|P-r6M+=a3WwMu%>q&
z%RHUD!#XVA#GeS6v=S;aYte@AJtI_*!$a?<yqZ4C2NMCd7=0U9@+LKjl97p`!I7^(
z0vV&@OUbwMTsuNDb`|vOeoD{y=?3v=A|%jk!!&+Ja_`b!PkFnE(3ii&=p&d^GJ4+D
z3?F%deR>h$PkLB9KHzyk32<;VAz)MPuT721v!1Fw;)ZMbJ6`^q4{D5Fkio1qI{EXC
z^FG-|)5j9dRr6s5a^5D00xI^*wO-uv(><uo+urLNt$;e3DW?rm;(iCghd!GNqWf;&
zgQ0A~fLB919?Z8hvX^I#)%SIV1J{?;(TK|9BPNZE%uF?5!?%~m3_ka`bWYpSKBM_a
zL`Y~vgNKW)qxaVH+xPSzvsCoO+cOa#qrJ2GmVcunHc+q;z=xN*Ygz6h6t<e4iDNiE
zX%R2xl@?nqRyQ<mW2pgCf0Gans9$ldbZ5>%*EhOk4JOzV7s`**#HZ`^v|t6hL1VjV
zt%b{hWH|8P7-=P|IC4^sw8Ioi^Twf*p2P{EaJWwOhccTjBPsC0OLD?sw$xP9oy=Kx
zuyn<R;}ba>66P+sI+IFEJpxdVE$R-OrrB6jM#EU<;^Q>s#Dn3csO8JHEj%El9d!v5
zW{;-a<+NE9c!8X&ic{=SwJ*{PQ0NXTn?lCwXzEC5R!6))v}2G{@Nh2?sJ9Y)KWOCA
zT39b0ivJb;4k1SJz=#uY6pn<4^B9j=HgwkEB>&jFj)Q=K{LY0nD_;@Id9Y;7qw9oJ
zHhyP0AF^x>w61a1EwXqjQ>!>`St>VWM^2vr@7Xmkuzecg-s~t}ge81zd0&qCFV63K
z&TY?|+w)l8J$Mm)oR^j|>#OJ)bwQo|Kw#<h{amt=i#J>CcOEV-CIAo-EOzl(a`$SD
z9w;?buQ@!>O~0)=iJvblv)8od(XTGCAy8Ueo>M+v*<hDnoC7#Td#+y3)t{}hpN<cz
z-k15B=-({f34`dJ=1%7vdkQ;V?QJ~n2N&l#PH$JQDV($Qy^-`!i|+Pp+V~4kqZZ}=
z5k1?!kY(K$3?Sa?dH20dP_nN{v&8BmgaA?KQN!}<;R^ZvvMazyd$G3Qd2e$Q`rQhP
zu6g#6Jn_x__wlAcSvm3-&zplUgoK3P3MBrbp~zdu$7OFqdGN@88Sx$`Nzjy&WYy6N
zcn{`B;qs(jb8PP{Q7TX^Nfrm`lXxSz0qk-Le4l((TX1H0A8(Cr?&~@on!LA^Z7p}?
z!v9ey<c_wPnx?D7T5)=MYFWZS`VYeVEQp&9%{*X7{Xt&*I~Th33j}GbWOPt{4P|$4
zk{Pacb{GFDPc5S&$PHcRXXu>tU$y%`3h&Qlh4H!w)6f@;2a<20m|<cLw4e9@e{ML%
zbbSQ~&k96ckTlu<kz#+|E|Qq-Da`f14U7;YDX|S*YX#Q^{BRWc`|z)rAo*VOFKcc^
zUf~qe5dK$6|1UXCNZ$1OzmemA(DdH}$N#~o|C^-$52T(lZW<|`_g@?wj1A!iOzWiF
z-Br}oFdiQt(b3WW^6`Hz$7KtFp^dqPMeNlTh3?`so7}(f9DMO5h$J)$99#RRH~%j=
z{e{&3?$-Zr|Jpr8V09NQtiXBkThnT5S)^rT1pkidQMl2BI0x%-=R~hW8a#q(>w*p4
znI<9p>`#V;ntyH_7BLidl=!V_09b*Ip@z+rKHkm<9$IWfXiH1Wzq~0Gg$W#(5DA#*
z$HQekciGJXmiy`)9kJA%IseG^&<1QkW(Fz$D~I+`9ZwwS4+{Q_Ng!db#tNULE**h5
zw}A7=tf{R{P0glgTYtH_u%e@2=<`K9J?dPnNl`^z*4>@73r@xgVc-!OH>z>-2~onu
zg+o|aSWH~Jlt>kWgoI>{10EjUjY!o(sgA+&J?Jx0CBh{Spz2t*Bd;uO=1b;qRqn#P
zOCqxXPpGK#KTpd;?2_ai|LBWFrL0}%&to?%9SZtC3AQ{*rJwg@Ge?=LG&{>0)0|uw
zRwaczKG~N3L@=GkHmf94yId_m!#n7M0)^#+3!utJeml_<%-;KP{~(tz5K`muB>SUi
z@p3iSlucDhiM*h=SP}yo7Z+Dm)&8rXAd#=HFF1y|;T}fC!0@(`N+hFAZ!sK3MsBKj
zUAks*VBY2UO#*fcqlon=eBuGGwBJ0krLc}u3?#XWwdw?1KftfM@sIu|R3V5g1DCEY
z+warw<`rNB+v*!_(f7>aaj8DTlD)lq(7#XGX`J7WMu;OLRq=%>HaShaG6%k(qbB38
zYzh}I4577mY7*M6AM^p5UEPY3lsRN*iK~}L$57`z%S}8nM>E|@(g#P%O$<HtTLV?p
zJail?t3_kL4{H)i`q<tyb)h^i!O;3hzL8PHd^0>M`k}8he33z8MoxM~XxIJm{@L7D
zbli!_N{0PKy9WCRr|9_<;5kRwK^+d)k2)q10l3{dm!A9L)Z5oPOjB7Dk0I&<uM}$-
zB+-%oyB#OJBz7zTD%?_ADN=19zpyAiGp@H~C#xTwJ%?=(9SsXdSWJ~J<OmaeeNIeX
zoW`U92|a%xR!=z)=$f3GDrI2sn}$ZWfSisl5)AsCZOV#^|Hfg?y`aStsUrq@)9J<w
zPINhwl>oXpf|g7SqbQ2TANw+`^5^TX+rGitlSrF&2TwS#<dVYleJ!daZ2-?(;=1!{
zc3f4g_euYI031IYW5)FS=$33GxFloZ3C^GTDq@6MGUh$TRTRq=l^QuZM0|5>Hu<6p
zqPF6wcG-qnyVv;!37<E?Wbi=pF>Bpq16|^2_1^5_*Vaihws^`UgE$h-&)45QV2GdO
z4|&2(q#sehldht@&*Jop-{lU{F01{Q<0OlumrragBtc8|ypVe&5o-ufwe=vHlM3@{
zvVz&f+WJ~+XS~uxd<ysUCm3Gdkm$_e@t~`-y}d&mXm8WOASpC#mhNccJPNxDFRrPP
zaRitYCI{?0f*4+-HM-~xDQGKVE36p6pXy6lduL#!{-6z(EqP;YVsUzwECFx8G^qr$
z^{$;x^4S3A*Pjh_5;bnuqHIot1Z&;-+}AC3_g`dm2km&v{Etq!IL4h#6yM*LP_X+G
z9<44WEqlMC_Lbs9%j#DL!I7TWwP6N?or`56R+*~JAxdc2msC{^E-og=Qz|H{sm(X=
zb8>2oPZX#Ay4TagtvkC^in*O@Y@A;CKFVLU!xsr_a<=)R@FcG(rW5>0^u@bSK5MLW
z97fT*u!SwEZ1Aqm;P4|R9k1k%C>-K`g}zwW19#{r_rB7iUy2`Oi25QuFKQ88p#9g~
zGxf5Vc5weLf8SnyhDJSRn%s#|h9Ke&O>ITXX4L!yGy%+MyrV~9Jqzhp#Jo&tU_dB+
z8_r0>A#_RH(FTtTtV@0wQ+-}@o-D%5E%{>W#{Fh@_+5{YH#e~R+&8`UdrHc)vlrak
z@?D)SI&ySdd-1bN_eXtqW&XPbLDg;}RN|9*GKxQmW<zd`mLIu{Uic0lM`P?VJ0ecX
z75AghhHLW_E<0+I2(yv5x395DygTd&r{d?a(7KfMpl=SwkI-U<We@<v_0y3lwfJ33
zzNRrpefhU$VPVJy<EmI8Eexa$xqe{PFO%_&Qx>_Y9bnSyBs6MIIl(_vqN&ztnnMJ2
zyQRez8B#nFv>jpWQjswtxk!$_kX&ohgRKL~BxBzG5)XZ|ZREre!>=(_cFyGWF<uI;
zWpG#NZcN89Raz7=Lg(aw*O(7xLXf1Y5c$;;KM4Z^qX1r}DJUew;rY(S8CGkNgB>By
z)OhYnmzs{w%gTLv1%8=xBddoYe)-Tn?BYSzGL2?=_MT|TZXvmMw@ns@11)<}^m4g6
z;Tx}QET&hwzwc@`!XznohZ%dkdU>9fDC{L#H7EMp7L=C@G_;;FEB!?Y)(sbAA4A_%
z^vz8Gn0Qbp{}blk9-Q7#mGJ15sdaFKb8|{1NMB@epM&s-(v$y#K%^tiTQj`FomTnf
zj63uVZQ++r!mz`jQu&$-G7{BKo?*(;b~5#8Ma-cCa1??tO<v8Aid67yu)t5u*%MJI
zCgtKN>UCDe>Y@BzgvBcAAT3H_HHq0{Of}%@db!r^<3#*Iwbk**44n+SES|*EHkYkA
zSJ)WVYc~fAjBM`mfvHkM`Y_YjGJe|j?F}l%qw1P3Vu|d|8}C^K&9bS{_Z6P9_79Q5
zq&lhW&U_O9@huh`;+P$@rD`X9wEe7s+(Yy(u5Q@D%M1htVoK(q9nYp}w+TcbGLG2$
z7qphodZVMGU_%j$zju~d3M(*6u8FlI(tRl3-}?et_D}Ar-P71@{zh@ma@taZ1N2Uj
zZO&K5q+q~lYRx4fMFfT}h<9{kgoK&7#tQh2UQIreXCUAc0$6LMyU5PLfl5FS)nnjx
zzBiz$E9ByiME;n{cd;B2f6W#Bq>kEYjqU1aMa}2q7x-KWs9&kBr(i0Np^RbBHGAww
z(zNCnE9kLa<&OLXAM{!9!)oB4NtC`#f<UEY!xe&uXTSxggyD-bwkPD<8`sOcA+|5!
zKc*@l{08a|W3Da+Z;di@-|16i#VcEQucS5)`8v;|>P9si@lk}~csY{aDy<}GhKy5p
zm`vL|r}9N-PNQxPScCuc)8LK<*sBJUb0r>aON!qg42Q@FQyorLF}2&;R<@7r3^dSt
z&CG@samxuIP;!i!R$q(t9@F!!b_MjfWKXx<YyR*$8=ZlZzd7Gb_Mhb|wy7Ar-<B4@
z>r90w)eO(o;+pWsFx#YKG_!k{^Ovbf6k;7*oHX6dPtE9Z52XfsY~0@Ib93|Dyv8FS
zCHSOhCC%1z?PYZwJ`phS-5CU38#4$*nLJ;G5geDf6XFiPW=7!fdC`FatZLL?wzjz<
zg#%$&mki;V8z@FdiJ0sSY$rm=w(D%@Ix-gG7NP3VYkx$e0g7xXyS^rU+riiLCiXv<
z$vlrsNXQSDYPxdR?uXl-$Xu;xXJco7H6Do|zW6FyWLr=?A2L4!Z0TT4spm|cN)){e
zr_Wh=hXv?x8ZlX56M}Pn<Wg?M{P?rx%GYAUvz!C6&)5_3!2{bc{g4>{_?`p{azlwS
z3hTg?yM0tS7jgI`+ll16{o&n{kt<95?}qy)QD{ZMuT$EhsU{6yph7Be&SDmOZwdw!
z+$QPeo@^KxTGvC0O};ziB;fd6T3Lzu*|d48=$#3ZUUx{0($i-ez$bi}IF}r<vs8s8
znn`JQ0Cbe6!x70A&eLpM$mC|oJD4xy1n~kBfr6$-zb5T6*wW{%l3DD!4fdNe^MnIe
znq?yEpHpHa#z-l;{H@A#9uAVbOoN*Q55x)G7`L%pj;U-__Q>P3qP;bpctRKt#h$W$
zPcr%pSBK4NHn`vfKCLi&AHqqOvMe=sr}hBMYF$R5O%?1+Yo4W!qJrtN+2KK2SkwL_
zo8DZAM5D`-eaj7NpW2AyxsSX<$m5}}!!k(+v(W=Ldbd919bOJs+3Re{(JG?*U=40`
zZF?C}GiGO+NKSUjrqu<o(-txt{9)qI2`{Q(3c$(psGFlbgUM7uMMKMjA8ATT2D?9b
zd<5p*na=Cm!TO2~;~&(6j)Th3h<Lz@tv<W&&KYwatOJwLMuLWft|}4DO}-xkLy^o5
z4odi>D}GaL6N<h+Fk<sf1pAZXb3f8yAb}Ujo>H?5TbFL%%}t!e^k0g|C5hEXa4#{h
znUAi#21CsM?wo55*pdnzOefVBDjWf)X${uv&VC2w-|Ji5Tu#>doV(Z(PCy&hTu#xw
z(0JdN?=?Z4Nw;_$_Co;1AL%i_l;`|@lz^@s37ac6yC45}l{$(pw^^`Ttu@(A?NB|t
z*pPp1BV0EnpEzgH<|rQ+ACDq{sf^QDkIrqva<p7Dy>ow31O&ZQN0jT<1^-cnG$3Z^
z#%t1DEanVUPYzw|sc?hYy&})d2r{$QYm26DYpUK@&y2#mL(|X<t+Yxgf~hlm7GGPe
z0`%<%_V04!u9k9vT2NxHg%5<hM*uD-{6BqN2)O+hm$uJ<z;W&6I%l*qygR$WE(mhY
zo3s_*v!J4!ITHy-^E$i_?s7}zau2!!BOwhx%5_1&OBtUzEw=JRt&EMXFh~DKFa3&&
ziX)YNFg7TSn@I!=Ml*Zfom5`s<_cKIf(hNQu}2Z*NmEnPwHl9UeC&Q95AIRAg$-xk
zht_#n8ErgFxj{?Iyq3;b;66urn*2#TUURfvUQ0t_VWIk%`riTT+orszs{oH#U)Rcf
z&5308HPZvjOIybUqiavs3Q|{>+Fvo$NW??UA+Bk>RL7wzxI%K?Aw-(TPQ*ZIj=4H3
zMcpR?)yD%|TaI+|^HwBH`u&Mh4g%dKLzWVI3R%;-R>ATrXv-s}21Y`ab=xM+*1|=?
z(cB*~r}L-Q3(=#68avK%{BIf?OO_n86wY0`lgFd4vki=QC8QLr90Wpxxo3k$p6tL<
zJ(z|n^Tx$Hm393^tE+*|20(*_?!66117Nnb3zNn)qG9#eMk&z8Z*EQ%tkx<iD?6s4
z5fBgnXYczqUhCw&8S$iAn~{OPL4MmTxL|0Rxc7+<LGDkH1T6Et<HPb(wDmKK@9*3N
z{mJikU4frPUR3D8u61Y4B%b7N-iQts7SyHv3CYQM(t$jxvh-^9N|bl2)*Kt;YBMvl
zv%{mKc`YreNl8gW861E%ngC1Pzo+q;g_YiXD@>n8Sf9qLhH}Nx#k}h>8y;r&zd!+t
z_^kvBTMc#2&@eVO_6R01I-4JS6jfZEi;O6=Xh%63kK(xpJJY{;H~WEsKzCd$?&N~i
zeB>Gcu-n7w@Y|95=oeDcv3hTv_0sN7g@66?G?bPuqT}_(W@dTHIy&VO5lV|4_uh5O
z)_<jck%h}lTGsWco!qCG9iI08A`<Ya9;}4?R^j{b4>tIZ9sfU#|Muno$BzG>1~{s*
z!T*2qhW}jsPvdX!<Fj~P?97ZZ7+ok*)6(`?bAa#hKevIJv2{SYAqQL3o_V0khzVU;
zPjB+RAU!GpC!DIxDvviaEsX_npg_}o)4F~kS;@E<Xgd2ScTmV7jTEfPiTgN}f@j5y
zjmU;m(T>ns8K0Rcr>OY(pF4_?`12?1Tw_4MN1x<+wnYFHomfXm$TkV$9{bY6dQk(X
zl9F1C9EdWnrZl`2oYd~FAvWzu-N%b(JnD9iqp2(KJv&NOO&w5w@S@min%CMMu1*W?
zbAJ2F8LK*my+JAM4yC-&RsOJS7GG*uC7NdE2n_9JObJ=^cm%NK$P#`X=W?wp);(fD
z(R7D*%H95vP5WLaH<m~nVe9^$1#qWSic9aMZxh0HSEViUd+Xf{B+#C#iRp9xE@<ns
zz;93arEXOyA;WRvD>r=ZM;hTCy056JOvI?<AS!O;xSe02Qk$;wjETqGlX|Y_pqBfr
z*Yeryh7m=Tb+viJB*9W`oTFg*?bmWR-<8R8|NOFyh|aJ`o6?8VgoF(R%6(}D?e3RQ
zwv6_VLqBx3eAyGF$)PahBn>Ss!}s<~78VzSYwPR#A0D{CJMo*lJ9uJHws46m3mco5
zyE`{ngz!|DkeHbBcqT*<Pb~BeundTdvbngr9T=R1(V(OZ$h}TUE_qZ#zvgR=1FLGg
zmPIs}OIj*ks;XI)M3voet$1mCA}&Lc*L*aG-{DP4Eb`lNcg}61I=<4~vCvxj#3yb@
z|G=8R9!;k%p&H&EDRW7{U&=nG1i4_=dA=y*eJ7wGCCS=gKD1r4i-=oYJk(MRw2ap_
zl$wh^{rVS{F}J@YQ)=Uqi{JA`r#w0yPe2m#c@4de$vQ}{EU$kD{Jtlht((1RWLMf;
z8@`H0g_w^{=se>9=MFGGJ}}XR4nI`qi)^rOe~aFVIh|v7zL07~If=vE4#>*ELj4pF
zd?}pv)@U>Nc~!czriD$aIUR$i)nyJ@zB&)$uHdGrNl9aKY^aF+bE)Ye5x$XyP2xs0
zg}50A`{dBfLtezz3JvMBL$awU_2f7|r!%ai07+<Aa|dCjZlk)fWni~kqR>=;d2UrW
zvoOlo1kYc(=fQyU*4dejy@{o%6Cs@bJN)dl;1#6(Kw9ID=<a&gaKt_}RJfenyDu*V
z(hZ`tB1Ex?q&PHA>P!EeV$8+zFXKepl9Y7p9ACGL%dHr;`T1*mqql2(Gd4$j@f1K?
z;Up4w@jcGr>uODL(d!PEv`|Zjh>tqmieSc$762w9U0MhzX3N>@79x<djlit}nf3$}
z=Xn-iQt7*!!S0dYKhU+yH*^bsj3JWj@($e(LxSMIqOh<jE$S=?JWM2jFg|AW!pAm#
ziVvDdf=*lU&{|iz)<!}`1|QbRp%NK$3Mwn3L6h0O73ta8SOI;4R-a7m?PK@%P51Zr
z!F=zz&>R@D-zMTVCg&H9!l*oT-8tIsgm(zU%p0GaVt4qX^okgFsUW!sI{aY)a98p7
za1D;$=P514OHEmYnnQH$=v|vh<5lyP48{{1H}=I!RGYt17|YuqCFfL-03fLmrKNmd
z`*IdPqsm!c!7$6qH!QIE9sgZY*O|P*`E<+&>HInJwn0TpYjkRtExwNwmWZ0;;Mja_
zPGfe1wO8P`PWB&fIjlBMUazz?W5XY5Pb-#3xNS=b)E}1OC#ElQ(vDUr$Yj!oT=$2&
z4g=%$p*qlHis!rl_O&rbG~+30JSqB{qJ9~d8!j|7We0>w)hJ&PEu!y$mO+mU){sma
zn%}MujzG^Q{z<Jgmbg4PR+GR1-hfZ+zt^?_5@>4kw~=Eu5Y+;l<3-Ed;=ISj<)r{?
z3xwqb5|cwXor`99m3wRl11rOD;0jG?*)ewJI+SX{o-R306EZpM+z8k&NVH>cCaver
zm<})0FsUd3nK<7NNpJnJx}mlEWt)Z-&{5yyZ7gyX)^aE;psF#;%RE@<lmtw(#9et>
zUeV}zqhTjXOV!;lHT8;Yd8A&!EiJJ*F?yBpQypb{Wm8tul2QS|w!!1XWqG`e(@FWP
z4D}xI5U8oiR?>c0(#iNdu^ifpjLC8LK{E^2#L_3WGn$9S3O7Y(N%$}OHgbDh4@uTs
z@3LECPi?)^+bUYs&E%)ErcFI&7!*E7RCnP3XXHe$$SZ>FR35uKqa@V1+*@1D=62Of
z&Q{1GXFG&Lh(q?0jd2j!OhIU+<j(g-1yz%YH#QE#JAT`oN_S^>Lg()vkW2=wtYq*x
z`lsxAEvR}mO5DzJA-}r8+Ej>UG{yYc>Bl}y4xHk3kLz0*oT`KSqxFh78s%Ee#N55S
z9(7$5^CkWry{+y^lULLJ?cqyw#@qny6p>@5iaC)$K!Ft>>x{DidVh{>>e!N|p#1`f
zxuIs@qTIASw4uhOZKB;Nb$^=-(aCo|vQoe-I=g$A(tlwC{=|1-f9i`({X`mC_AlZ5
z7&t@s*RT3yl%)8XDuYuqGyC;fpQM^fm5NP&B2@QvFX1}&v6>UiYzJsV-Oje*FA>wO
zpy+y&%0}IAIUIa8V`x@U<meR<rN9J+^x{uu@W`94L#UzjPV+kI%*J3+I!D5GsfhZn
zi~0z-pxfBUW%~1fLfUB`lLJ1SSjeq^8Gk!zR$78Pxu&7Sn7yW)ep<a0boKAYyQdm!
z30hD{1Nb~p-smza#U_V0bf7I);FaIElPxW$>`2s4@pz!BG-+-)Ro3aG`=`bVEN~=c
z@DxTZ#K!jvx&e{9Ho)5F>QWYd{#Wv5SpPq_$BX$zMF=@tGOq^*#nn953T`msny;xD
z885CHK5Wh+#nWCI_(91a>XeY(>)Xv_yi6S?XOg=5u%NGu8JXowOb&V104zAetQ2kD
z?PH^u8b`K*C~rRb3vsYG8FEkt(P!m%!v$(1vdhC$E5Km;oAC1Ip}{a@yMd8~C?S0q
zx>r=U?=R61j^o^dUU3JJA35f{*w<46lRLQIzSK0Q;h~}X#?a5r@k#dp$DrPSDQ2*F
zFY!E2x3<eE0m;Y8*M3HI{;Vls*Sd|MBAbVLD5_!Oop`14v_3h3gGcF^pZPh}uC6W+
z<*+`CbML44l0naOCz(@oLXAvO#0}1Ka@i6!H1AbtT277SIW7=DnrF|lNKVC`jTD^r
z^h~U&rG<u1=$Gn`<C^6y)W|BFpN+8K;+tN@Ur3nzz(i6&LLSr{$NVcg7Ii-|wt_R(
z@QrI3*Kmh$GR-4>Ez)gl9RK3dp?_gMW<Ql3H-fc>r3pAd`Rl8#1U^6GG`D6%b}CpK
zaOg;Vi*a4oLFSgaO^7X3oXpBG@r7>0Bw=5l^hk<d8j8xbi0#yx%jE!lVuLevQ?KZ3
znLTnW<MP&FU<McutWmgWpX>#0;PBQVxIOBTPAz|wFeCc-%E!!F*Ecwr`sWu!d1Msq
zq^(4!fS9ZhUDP_-+Ff1u2r#&M%HU+&srjy5zPS_Ek+j;`j+BPxqay)8Z*Jj&jXrud
zG}^$LQ2ts-kTdWj715@dYc8~)8SM%Gt6g=gpJTr>MZUv^?)AXjO4y(72sdtAt0P+`
z#+`d9@Ql)bK@yV86`1{S_`oeIAjn~AWF)Qkj*DPp%QXK)3d}*lKCtZ{l_w(DF(8ZR
zBYRjyOH!AW&_+6I3^_=FW)|4+kE!7h#CufY<dgPk$NC;RVV75&+QyuPjSFMhNI)`n
z#%31T_b@fn@2pRYoXtj7WQOs9Ccg|I*0%aP?^x`54xgaKK4S{%XE)xYc?o^@LoudH
zY|{btsL1`&ecGGOkms}iM5imZ&$~t>B#ZfvQsQ3ah;x+m%hsICwR*+Q_cK^V4+(1T
z-9i0m2^N+qnS=>_E+Ya_6@AY8IKGEBPtq02BDd6|Kov1e-OLJOz02vj<JlXFuzjri
zDZwlLuquy-IjykOU{Y|xB$1gH)Yt6JL7p>e0HCA4S=(+m1Jc&h1NNTn&k{H72oKCq
z*Gc#tHGi!oCRg?N_*V&Ji|id!LsrNr_XB+XAYC_H-2$96LElLn0OysA)uH+9jpKu7
z#x@ZX*ObHpxmo9;fWl$-XT~%A{R0$``#Sf8<}q*i<cpuy5W)8}TG;A2P<a87^Ql}j
zj(Lu)dunA3@sD5+BcmNDsm-r7XGsTmtuuW5lalr%Mb2_=n*6fr36K)<`hN_+5qYcK
zbLYLH{eZha^h^d?(A)6!60t0;`dw4gkA2)u(YUaJ%PA-+IV4hNwY0JV!(((p;%6Po
z@?LXw<DkuVoGlX<mn8jM91!PLK_^)hnndK!mbkIK2PhqUdS*wI9PeBrK{I|?$TL=o
z)S^Ql*uo?|aDBYGR<^!ZNj!YO40iT0aJ(lN>s982kquyB15C_?4hexC?%0aZGN7?N
zA22_HJV?_u^_CJ5FUI4%;yrXHjE=abPg>wma{PTL%r~u7AS*-0hNasxL7$OYK>T8J
zGwiiF+Uk_qD)Hq&t4&#uoS2*<uIZFi5*X6FZ!9wvZ-}m9YsVR5=;INotygr>bsLcA
zOdV)@2G~mx@dUsXMdK=7<b>9|nGzbWn;Cc|rBNEXiRqcx1Cp!e97>6FD2PwlXI0SJ
z$E3P}f?tMZvD7j5^E=KYT5IIxrjcIa&s5&N!Xq3Tw1U{Kbu)HNt7%hhpWSgl3U0!T
zkclzVvk18wwUJKFS*x83OP*v`HASdxj)e(qPAqJ5GNsAfSZLQJR4v2yfs!7A6(qU`
zJ+m7bivU`u{mlUirif3646GGZaA942)y8RC3q~j76*wCk+q!S;Bq+TROv%GfEba9C
z7TEe`Ci%E91hfv)tL)xByJ<0|bkmP>iT#(!bsGt6C@jlrfv>TSYu>BlD@RbVgssi`
zz7r!)xVET)HIY6O6UvNO^zDyREWOThR8i8NJy%COnS1w4NYZB3-$vqPu!gH}jV--W
zB$9O`N8HCpM);VMT=+`fgRE_1v3aqiLqWq47yUrah}1o`tx&nG{U^TCqg|5#yrcy~
zSvqk3b+wp^0@C?7U7zf~p?O5c?U9HLeQrxM@wYmSUWN9EY%JDx3P9&666T68MS&N5
zqDS@(6Xy+*cgmV(UJhC40feA6{WzEV6%|%_FAmXh_v!;|^x-YlyruEZK*qCH@<X}u
z8PMIn=Y}MYw8BlFYitW(R@1;b&@Gf4?}4e~`4$V=mJicr^!w0CsiJV(1A?-?o~y_z
zI<r6kG@02?a>2s>$T`LBoz&b$KZGHjL_s_KI!k<(;GC;m8B5@k)s+<muuzbfSoV&7
zxs@PnK)PmF%|4eGXW?0rnR^u6c5V`JJI_6RC5V3emb_nL0@U7!MaKw;k793qDw<m0
zC~#B*dL7e_MZW}lW?E4duG+Ekj0_A`IJLLsEq7rSkXjYb(*X7QFR$GJgzY7iy`!+C
z&#Nb8b7QJx_UePb#ztCf`(%ETLQ@b*qSMTk>i*Em+%ET|!%$G+a(%+TybtDPQFY7|
zd{s(b97ltFRmI48-*Gke&6tfOj^FW}FS62|P!(mys(<UfWTjZr!p$+WLk38o{8;md
z45skXWgrkPP_OH1>N{HDfS>2!d?8?BK{60l5q!PFHFKhOduYvKx<}BdmNgVD5h+M;
zn7_c@CzfKvD6-gh@UM5xRxG<?2MC0O`SR5{_|R|h$5mEVR?#x(t81~auz-y-UkHbv
zu2NNLFbLPdX34J6i<#x+FbIqW@{*VG9kH1xRpoeF*uf5!+Gqz`bbSrSEEfhiT8;sw
zjpo9+-^!51IF>`e6-IxHL+r}RtU0>wH!(Pn^Mv8qQB-yeCj&>wQfSeylYRfez3{5l
zv-8thMhzBa{E#9L+MJh_Nqtm%+o71)w=L_km<kCJfarWPo;yoz4NCWh(<h1v!nyIY
zndO`4`h2%uQAj2(&#a#T%;@p9_DzvyJ{~DfuDZ3yArMQ1KA~;j@Z%2Q;Nw2lG%yWp
zaQpEpjA$(<On;B_^VOlC>1^QIkapRZ+ZGY6Vc`!|(}eHqV63^nFuu61O;oO#%(Bil
zGt6oxSNGx74-Pl`A|Qt4qO6e;02=2!Df<$cOu6&rm!!>}BSXd<a9|Wq-<FY%z8n^;
z0t)C&PYK4VDS}@53S0~h$f2j$*fSt{OweUNsgR@^Z<DaL#(xuVImoIr^m4r?>O-i$
ztHBg}hJaoao>7aeTu{nb<GZ|e?wjsG=RKzzxgx#n)ax!(9={VKburViz+Zt_Xz`j(
zd!FxrU^CO}CEmB)Du^+lC9>2Gk!oZi2A#q}9DB1bd6Li8k(t$=5^%;<qT*uyylhcf
z8><q}*&y542wQ~I{;f$d(UW-pN=o+JX4htj$?o^PCzP^BhtX{`LPo$18VmN;n(?zO
zNX-77;vXqa-{?7O`@u_UHYCwktqn06jJM07v(E5Gb>eorGJDKlv0skDYqUPwjH_u9
zz0;maDVWc_EKiQ3^Iv}sx-iO*3btin5mNSvN0X5MlKuGfwLP+N%YBQ9hd~2uL@F$-
z_bby-p*q+6(~WF_l{w9NV*p(&b+yw!J=?$TtDxe@s=!)l_iD(TIZ$$Nglku3iRo8R
z0`K(ZlrlK){WbaOVcT6!GR)LnL45Gp6MsG^d9XsiR|Z|gjr&<5fKUT+N<C>f?EJRm
z@PuUILL%~Gd~u2G_H;$W%R?S<CN0Z;x<35Yp35jpse(<jE|;{TJRUy=3fCJY{me!T
zq@oY&&pfjzcg1y)pr$XtvlvClSz8sZ>zJ+Jxvvrv2P-p7lrRH`TUgQd8`r3bkBh;B
z!?mTL57@Tt;6eb7V{WsMLdVD2=I<Af?vRf4U8B28`jgX*6lR56!JqZks?ewA*80=e
z=#*#9uL|>FBX)d&lzGU06EFA-x}8$TYw$S2$k=HftdL{v9l*)fedFW?)Gd=<95i2O
z4!;UR9VZmP7Y8|5M$m0!i%JK?Nvy?ndSApvr;MvBXPUv4oST%4OyBhMW%@;JP0gh~
zMZ1@qJ;CdrqLY*JI!1JE8un`5$gXtA3f6Rp1fcsiwpTU*lv9UvKh4*y!zd-4_4Z=@
z4+A%NHx<@yn!H2Z-4Jr~1;(H*GTt==(C@(^2*sJW?6K=6$jHvH{!!K#+tXi!`$3{>
z{70T4IHj_K<L5N-D!0w4I=@|9@cfonR<U{Am8LfWnhMxmBSx{)QvNh1^I{<Y72oc+
z21H}lR)`^7#PxQ5eCg{}6m&kv!y$N-9AD*oIgzEZz{%ZnCh-qT#fNAxigzNyTk9p9
zT4t42v*1bU8ID9wGOz|ok4NJBrPlDoIm$G<PD3tE;TuCxnUBa6?s^k3Zhs7;KFZ&F
zbf)tny5zo|dgQ{^*c`3*atqnh(!k|?!hYZqnr+j8-(*+Hv8W=7o2-Nvl5WmMcofx+
zOcnqN6vFxy#yLgu=ecjL4E76sBE0(%Ipp%Teo^~WgGn^_H3Xa;|M*iYDAR3ziZY|_
zX`8QBe?dv>v#9bN9t6iAZZ+@D9d~<qtle~Mk@Ks5Uj*PJ`C=Pf>pLY*o9AP<<t7Y%
zhw=d~UjO1k(C!PohXkct;+cfBPt<3<ZTt*()^?Z?lkF2-cR@Cwnyo}`wiBu1xyt7s
zA|uxhS%c5p1UgWDmY)8ao|GFux4!*z9=P%()5fQ`0tsG#NQ;<RI0pLrq4E&KAA+$+
zExd!bT;CZvEzKZs79mfjrtb@Daz4frz5mR)H#y5Ew-Y~>n81FV5u6Gy+CX`EY-4S1
zeE<OLGWtLj?i>74;y)qHCOlcX+C&^u5WZ6)ULr&QXE&e_79qYTC*m)Wv-f76zdcZv
zi^N%!(seI9n1L-ta0s_O2knG#t{Y5xvA|&!vzEsn(0;*}_ZbgeT_E9aC_{^GpY1Yy
zXOY2cxVZKqz0bq@TX$fg@CM(-?j~|5%i5;gLCrhDd8ir$TbCTD$d_02n-%XDkk4*)
z36bl0p<$J0oS>D6aNinoUBx-m!(o^GLjWG9^7+n>{NTZLhC6|VZ8Q4-K&vU#6U=YV
zU06&8d)dn9tsOgLg4O5Z55wtY`25b%_4jr7OBD1=pDMEJnOrY>X9tq9-yBjd=0K6{
zT|Jj7ASuS|Z|2;qGW7$@(V47d7e-&7%oOZ^T;U}Zx@nv1J4Nqz5;p{p?s~ck^=%(0
z5pCci5eFtTQ6_(}VJ?!1d8S_O*z@ajbTILiM)_C7T+HsyF=2H+&+1o)N#^nJ`lFdS
zwWzR)?!3bK2wah>Gh{V$r(VD2T$2fuo8{7lkrp`(6{o=5Nisjf=}uCa?!H*6sHlMb
z!muCqe9`sP)zzogvU@$5y6!KOuWx8t1yGjbt}E7s`A#b=Uh4g;bu|PiLV!W*ZqoC|
z&)A3QcHDLF!49arI|xvP9R@agXw(da&B2s2OB+Jc)i_^DmLnT5jjYY3*ZMf;Iyxe9
zYB26gF&}T<P{mt0_^b|06voZ8`=59XP*dc!WiY0F7Vu~53Tk}=@L~zMn#nH;%Tt6X
zNhel4E*m?M6$0b)6Xz6P_lX;MRy4&im{}j7DR<2G3qzZ?9Fip1At6o>6aN@vN@-i+
zG=eJJF3Q7`N=4e`<dtRwWL=llZpKdB*7<^^qlD;_<BUr~0YbQPQHf$px__Eu@lFA+
z{oir6vEzhvMcHHTTA|1UP3v!|u@J|?eDhPmj$y<|8}}Q-5To%2NXMro>{4KlWK2+K
zl|?aC|MCSC1v2wkB_issd6<GSVTDcNgL|tTcUNF*KpFOv;3KXc3BSz{-kO-Qu3uIb
zsR<H6yL;>ebKPeFw)tx+`T$Z1`OA8fgqfmbIQN$i<S+{o+LsISJ09|%A|ga}?%4-8
znL``*aY;H(!aS!XO?>K2y%<0ILY_DDSjuV@rmmK*uVP<jC;DJ68PUs=>z6s8_ae(z
zY=KKMArvD~6#}7oSOQ#orJ*PF1`EOM>7V(L5*2Egxq@wWb@vw*S}biOrxGb;#}!ab
zYzAq^*Pg;rr#PMe7)pI2cg>w{F;LKY|2U8n&GjhoNvMHcAte!s5ey9e<&gYwG9W5R
zL}D_wjOyy@s=cS3@9IEaDY$FU>mS_T`FxZS{bey)>v~&K`|KYBMSh02iMbh**-ITd
zp&(x~aR*E(j&Jsfz`?_lADd9ZC&q=J$fBa1*X62{rW5>8H$ub;4ECY6z!xvs$5W}W
z4MXUXl)Ul=YTV<LGNS9Lc3^wOK9r$gYpYZ*yoNUiiEZ3geyFZl8dQ6SE%hi8?huvR
zQVT%6T2dUsIj5oIqe?-^t8-Fc$2tO;77ayQqp4d$Q1H<Hgm3L#x}vE#uZ4qcmlSg<
zXBw=&u(PD#P_&)AWTOA@{>Lqg&u2LBhU-i{GT?hyenrC4kYWHMwB^cXzPC<kiQcZT
zDaqoQdM@;W2m7^jv$WRcO4AnkP?)0`<7Z#iu!s--I<2{>_pJd96UqG)IyomhxE~wB
zTY7jZ#Xo()MwgTnLyZcIDE1#;7FK4I`25*Bs)>kGlc0p0m?HAeuZSRvm4?Xj-{Rvd
zZmd!@UwUg0kvc?92enkY#jdT4df9Aj_h;0v<3=^&sgCs}sP#d6d1XQ7EBc7=q^E}5
zRu1H}1dKnY$M#+aorUDxJ)nl~BQ!Ox%4}?HRrK^2pdg8xy%;!cH~Kd=-elaqjP&;h
zU3A3_8?(H*f(vP(eT@8G@iy?8gN3CRi&U;aXR^{zVYunetT{V%VCZNAG)rAnc168q
zxRr(~eAUO2beHHCxl%-}gD7R9THCYl1k=P2jIg*>ke}}46_=|{ZSIpUrzr*%`(@f#
zz{*HFN4%47C~8RY2cP@nc*`%RE(#8c@RS3pGyYZy%?p#PWG7bMh2G5F(SG27BPIPu
z042(bMw9#dAByQOv0~(Fe+<>(FD+ax@D8@$DnOD25ecBR-}^h15XN<x#-<&n0MGc4
z<Ylptpf6wn(0JRV)}}@c`=X4g4pYrz#ZUq`-Nyzh8ljZa8ad0EAPF_!uO}rqT2lJ_
zZ=tA_sjGYWyoiivx#}Yp9=AUg<#ff2*|ZqbVyWlZ1Y1UTj-(W+52;6qzq8&C4RO`7
zs7SV{1gTbRt4w<4vR_9>!cy+5f4F{@7EhOv8m|<sgkCB<c%%Pr=BiX7_sfGlsopbq
zj4m?HgI>HY)06?nf{cR9;d~3GHC<+?ia>1O!`&hk<Jeaco>Z;W@PcX6%7Jg6F)>FP
z#y$#EoU_cmL}Jaa7k_xXVrr^dGrgE)s2;8xbS)-G`DD;s{_EyN-1s<qXu^%`1;x?C
zwNh!8*lPl)O5{q|W#}R!?085(LX!J4rmKHFR14~pF$=L)QPUG#PftxfI1ZH(`)%-s
zkmixXqy;C)VjqnV<C~s43VdSP#`fyk_zx%{a_yo6b&7Qahkum#A<3J>><-I>o-8=E
zlP0#d3T`fX70R_$kFq(+kiUPOTL~oRLGM04i?mg(TD(=NmayHX37)@JoWNy|VwCzW
zVK#)nPQIR4tk5J_zGZzc5u%8caa)5<RK9F^%_^*#d{&|k>I}a0UOvx4+yiyd?y(qp
zLL?Sen9BB=(G=(uYm^1IkZP1dC?ePx!@g4QZcZqu1eq2Gb6WzVbSgi;wO4U1>0#GZ
zuM5!J3VWvNJQj>M0Whr{mnT2)0~j&y?osw15Kh@ad+9y`DDQuo;ZHx@ZZ@d+@;Ac_
z>Zc?>tpX|!wW(j+^_M1-uPN)_y=?I7lL_h{S8IMD?7Yc6Jv|kdlo&cY-&!dSkB^gs
zGr)|#b5OMB>nkY{Lk0PMG|U130KL!LY3D(<;f2v#TZWB|ji0~jRQ1|F!SvpK)xpEB
zPjs}i#_-BPkA4I-_O`rwz4~@EB3G&yY6qionbSV+>v%bO!-J$KbovnbC4%FAJq7sZ
z$X80V8SePT%iSiw1zSmAU-$4=Ld^BD=e(Ss^XCvIgxi9yPg4@!-Let9VHcyP#Fs#z
zJN@%d?3-uLf7-rb7wMF|dC-~kf@&FKj$ixuNl(s+Ccij5CVPs}uMwr$C?Q;<o?#gJ
zvgGJdThn^kdLaZG=^s3g-meK~hgW&ibXrr6UH;J-L5VK1(+jSFTa3U@EY!Pf+Nt8>
z+Hh#8R!9)Z_Uv8Sg;^W}9ZTOmW_YKrE?(1kQH%*6*uJL&avt_^Uqk*HI{vOGr?Wbj
zX}ur}$@!O2B`WmZHac+jBd|FTmRP)QhPZvTwzih!r4o)oL{gC^@uhBP&ta=0J#cWf
zvonJ9rSGnb;uC;ij|>Xt&(^-Q!J3T+nesmmCu$gYQ~N~TD;+A5v#X!**?{dn`$AI_
z03c2Cl-HaG=hYEXp)7AMR;76Zp_K?$NuQma5td_z|NG{?2uZT1Zz5dFYisE0-$Oz}
zgTWCQ`gSZ*XsmyeGIjA9xqS%}vuyYdOPfaWqV+dIM-qFW?}x4TUtbUY^FP~QI`$u*
ziX>Uce|^l~fBnxkYTxL)%YVP_|MNZI&aSMlo0yu0)YLHNj7?0`c6G)4YnYi9{M(D%
z*Ku;PIBK%lx|89AuZnezETP7h;fIfEyOutzj|-^r@!3m>)bBfh_{y)bl1oc!7hQqh
zD@@(oQowZ)aPjb_*BnJG%*{U^QBY7kR2f@2A`S26+aY!(9JY|7zhFw|(>j))pIqMG
zaTL&1Sm&r;m(k0|C_cW?CpO5@N$<g`dV=dAl4z7XPAb*ZGY$4W@u<YP8|yRZG(<ig
zTI74ud@hb<n5dyy-)rJcc^->P*kmz2oMBN;4S#29z&|`fP4|R1_Dmn6ugrOI#;a|s
z0Rjs%-skTYurzhn_XR~-+9pnN(b@l{4-t|#2!&;{_VsN2Q{7ojnP{-atU6(LV)_zT
zlMhb&caP(R-_Hy!zQ`_4;Xcm@Z@2dr6YBhFN~w|?9A@<!j4FGnDpW2B`kf0$4NlQj
z)80Pz^wg>d);3`i5f$a;25fBT5%0dRQYA`<goIErGJ@vIG&U2!o*=eOf+1s;&&B3+
zo{=>*?0TJ@4{n}2hg-s9^XN&BNOM;0tyr@5s}R1nxw%kP4@N%YU19U3x|WWtcGZmo
z!_zoeW|a6Rx>UznLLHnV1$GJ^SWOR;%cRuI;pG~MVt6gHJk^NZ`;zpXE<ha*W>`N<
z-(WE-+aI8t%X4LVhht03cx@V=VYgcuz6zCP)vL0O4s?l=Yhj;ZX<PE9h$E$I1l6*3
zUt9%~cP>(X+slZqfsv|{uIE#=GjN{#UEhjnjYY|hN5Uo0z%3rz<jIwlO=O}SJ9{Sm
zKaVu{IX%FVO)j*13&Q*^_~K_~isN9=(S;jY7y58kwP{HBc`y>cXWLj13CWqw*~{2j
z8_v(^M`ULXb0KAj`Ha`XG-rqo(lIG}zMk(;{}@Y!S`7E&BI()~t#EBSQg^L!0x-lQ
z?K_X=nleOn3yY}!Cf9KpYkiXo>xz=F_`dFU%Ei=dd=mpF_~HJqQO>tF$dkW6`a8KK
z6t?nsgaT9W@eIsmuhKOlpkZK2N=s1#Mv|wLH8cjVL6cnz<CBvJJzLogAM2W%B^@1E
z9UUFZD=NHI*Z`u}y2O0@AwmP8SkwoP8)iNLyb@KKgz<3#m&JXY__0fi^7xSvOAm2O
zMejpV7D*d5a-yTOl+`831^2Y0!Khr$`h^AaqgBlf^$$$n(*kXl0FA1@lg_8+RV8ji
zJqj^7ACl58_jTwd(iAlpN6*eG3(FOM{Rs^A=5tI3Ks7JVax@`zAKg$n&#TR`H`Y-+
zx975OkMytcSVG)kpW>N_at*^53N%{mU;1~(5^o3a4Od!%<bUI6VRS$^B@6r++ajt)
z85c($!c1qXbJ%_C=Ag>IabbfW%;|7V@J`G~%~3v~mvvKK>}^;5aKgH<N~}Ya>5WF^
zKU|7WH}Pq9VV2%{mACb0nlGCmw~+HUj8kt?K7?Bet~LaSy#*EmXLi*^cB}m=vCa-L
zEsu{_e9GoWgc5Lc@<<n3*DWcV2_IOXSB`P?waki7sV6?b(Uk;eUe;8Em8S7ffH)t)
zHN0S**%Q-Vk(AUv_caXKDuG29CTTe(?jcVr#if-1>AKSwNk(>zM5jB2TnK*$NB{jN
z6xBsGQmv(@*3%Tz)vZpjAjAqgP3NP5dwbXs2b?1see-f!tfK1V%MsykquQ$Yqf$#A
zkHKFbiW^h0GsRm4B&=jm>f(t?iVqEJJ!4~QaQ4ajRMpijRul*$Jr$&F9l<jbfvl_y
z+o?c~(BHWmJe$9crueu9UQ;%3mEWRCAc~~M+sxk3Af0x-4CN4Y4$}QWb%e+EN)OK~
zVOR-m;BvU4L*CMoWf(E{-i?XQVdgLm!JqeXd5I*hY86khc8`qqXKdJ;v}59*G(7FY
z7j#bx$|V$U+t{(rjj68MDYCnZG16=m9ejp4c=P&z!buyAUqebs4Ub3Zdc{k|*SZ^%
zl|#Ky2yOoE^fMl~!Dp*w>ROui)eKONLa<$KieDH4vO`ud5}v4Ptg9m}FO^kL@CC1u
zU)^4x*bfg6Ma&<R1$lUA$|qjXHvGS+`%+L+zON?|$z^`FWZT5}s;Kl#@(HpFhVF;8
zHxgr;G=|D8qg{1<ci%w7R76(FQmbND^Qf0Cy#NsS@J(#%*fOkc6X0^c;N~-!3@~%L
zK!NXDUlv#K%?$R&ru7UE?MKU>`4(>LX0*Q>-BboC-Z*`uAoD2QF&V*y*1k<xQ>A(t
ztV5GiQxb}F`1$QD+Nt97ssscnKmpC==DuZQ8=`H8S=LsDUi65Txafx}#351*Hsxz9
z96tSus)=TPGt7Z{;L0sB>%Q*crg7M@m-Ptz&OrWd%9R{nX>jfnTS=cnt<c}YA3|Ob
z*<Q~zR=)m^@Suf2%VfR1g<vSQ?|X`;xH2zA0mn1+0<aJYCe+Z<RKY`-7tQ$_wuJ>?
z=a0nDHx${^wc_+;XypIJ*IPx!6>M9e1OfyP?hpv>?iMt-ySuwJ9^4^7aCdj7afikw
zxVyXC>zs4%eedi2)#&cArF!k!tJa)r&M4RRp`~Gn>fa8pZyiiCv*dLKUz*4ZhF%QJ
zF2a+`zn_0%W^-NGwlA985_#6?RP7a#ClnZ@c$5&|+A#{Z-b6Qf0b#7g?79wd1rkCp
z!jjdsbjkiOfw*^zd2G=(KJ^HX$d%;?mA-Om=pEz_Ga#mvVc%(qQxA@Z`d(daWMdVm
zuK|&Tysxq3wRv<hIUuAicfx&>YmVwR6n5!6I5+@BOvxLSX>5_bD5{hcm0HR!(3AG&
zwPbuqAa)TSG143^O3Al#*T*GC%sob34{<CgRRWUi8(jP%=%*ePMgP-7A=<k>`5TJ*
zY6g9)0lJ9o(|6&W^UKl$Tq3t5004-JwHqFn`aM=F`3JMaext%zv~EkuQfy^3^SM9g
z;{W^1{Qjdi)UANRxgmrYll2W)o7pZMlHm~fZSMJV(L0<>waliiOMvs=PPW@9rF*V4
z;&;!ms5&<*JFm+HVwYjMiu^Yp0nd#$|B?W$Ho?{1SV1j?Sq>@pK4stcat=%Ay|Hnb
zxIM2dVtG%+d45q{MG77*!LKQ*veKGZp&yUth?S5YnhVnIdIW+eX_qy=L1PM($ixeK
za+;j79&iLRJfJ<Vag~D4xjv_S>ImsLHlq>;hbU>x`bKIK)#O1*MMXt^8sjCEm0&*+
z1whcLb7l>EzGfV%?}vF%^3sx~Z@5{;Mo{wewu@W_TQ_KfSWsV|ufx055tuYGXpTcX
zy`!7_xzr`=vpg?DqHjSnUAlC$K9c~y*vksy*loV%hDOn05~W;t>sY0vW|mdY_)N-e
zn<fSAwL{EUE|3FTmzGkm`JR<+YHTl(BWQ0fUm;MaRV?HLnxT;Mnx0*%5dJ>o^2VXa
z%PJ!P#PLWbXzFGfJa9#kQ8_kJW^u4YuO8rZq6m44xP5RWYV3{xr)DncwLZK&$di8;
zoN|&$YHxus5~@>i8n2mlxD}C3d#9V<ztr|yvsu_Ok1;Deu_Td|Ok7-PnK{73Cd^u{
z>9fGGnRO{Nii9-H5cXm!7?RaWj(YGBemwEc6do=Fy8Oj3^nHcg>tIcL=H6bl4fEjd
zSLb!+i)bX<RAZK&LBbLjFt9C>KE3%QPUAeq-1bxC;H$`6^rJQoYT|~7`<AW^<V8(G
zt?Ws9D49v8iIZpiU-i-y{K5Lx4xtHGMtFPymPN&|z5x@@W9OR2noUh*6p=teog0ol
zqhpae(zn`&*1pxcKc<q{?>v;P@3$+LEE-?KbA#C{<HeGS%b2E^cMR{ooXl{~_*9Je
zu>V*{V3MhX!pYD#GgTBeE8#|6!gS%2-VA6(ibjw8iA@<+U;C}v&3`&xq1^|5NhkYT
z|5{8%o4ieQ$KZ-mw)O>&rmk*LGYf(bf*{Xx*;UPK9}it}X)3vZEB_!p_$9jUeTpRK
z(Cqme=?ETrYvPe?o_WOq#Tp8s40b>Gq2~Ovrr`<N_x~pOeUXRy;k&jhJmN_Om|%S7
z9P#<yP9t+>Tg#B!U3bz5FJ<`90h)($;;UyXPNCFzQUNw&rQp{z^}ZJsPGsH7B5Sp9
zC(EFz*^lVo#jdw=Mc3xCfYK99Bipw48^4)-%eSv9(#D^OKE5O47M_;PQMrd)InMPB
zUNA>rTsWLoOAKFRNaU(8-|gcGo}|RDF-fVFpu<q;MbWBI6>m5l7kpZ<>)0_%p>3mR
zLOd%AdZ1B~i7`g|`k~z$c}XOxuD-B<nao&D2UZDeX=(WqYvS`HLz4&}YbQw-zhMeE
zIz8pn@SyID$&$c(L(dMvOb@ShOlroISr8b|q5QK%kD0UY+JNF4%e$D8nX~zWrj}Xp
zkq5_VkPY={g5|07ov-3p94SXl5ocRW<6WYN=Gq|wAfqeEqE+nbcn2m{&!WT9`gq$X
z)fRvDcM1hoiHjB{=I{TqG7l*mRNG$&`Eu)$>(h`B1>v>cH0FISEh+b#GdGq7;J6YU
zsox8_&nfEQ#bn0>;PK4z)k6L9^n<rYK_I%b$<wjuo$X1@+tzvQAWd0PyXIJmOrdS<
zhX(#u<%B)fUAB^zlx-8$uz+|rclk1jAM$4SszZ3FrCiUd=3ie+DU$vIQG)SuI&z;{
zGBKdTm@%Nso>RoNim-8N*Qrn)>##PS5$^`~YidE&o|6=z&B8lwH2k~y<@MFT&=9IL
zEkd51k3kD5O6YJg7&0cx^zyu*sGU}PT*P;pAPqn35OcBzC@(HD24N3vVpv5mILk@E
zdf5wlclgw_8i)d<&^phv3e;u2b)P()*Afdd;QtWd45JM7e2+k4rz+6p;`W?r%!6^G
zj%Xsk82?J1?0wZXA0&m8Qv|#wBI1lF8R-ZrH)m7I^$iX9DdD6q%koS^K)iw74WHXN
zvHNgQyYvEqed8ctTMnUMBi&+g)B}1}g6ycEI@gz|3>oMI8(=W7PRB=<my+|Jyg=Lv
zz<p=h#<Yz^XTBOUQvW$%HMmZ`dFm?p-|cJ&_H@@@UdEA(Y34n{H4Jys)v4$6NpJV%
ztY?3ZI$htv#SfMQ<><o<o(N|Eg?9I`0<LH1yO8J)q`lHA0*<?bojkm~nQw-IA6qMz
zGr<017wCfzK-f?t)bL-5u$d1i9$%E-Wro@_zXCfsnzqE)x+b?D-8~z|?LS@G0vrd2
z*?wyZQBZH~O8Qi-mTp-#U@uF!w(9dwi~`8rict))sDhF=ZvX!fQD4H@DPgyHtGR51
zU%P$EW3GKED@u?G1UnM_`FNujp_@d$2}xNbA!Wpd_NW8<_wdk1>pIkS&^;9DZ-j94
zr{+=`9wSBPw(tj;0VQXICI$w-9tNQKs*l7<_gOKKxZg7x5zIYxd$0qmcbME9^34sS
z3>d*z={bD6uw%Ce@ufiL%9)g|IB6T$sWWB|VPIZ?#_4QbmVR<6Xy5(fUpVQXtNtkY
z-dE+SP#wQ%I<CoY+*^f}2PvMGZQ%P(=ZWo&v#e4pI2%x(iuoY5&dSH!Loe?hkOjX5
zO{@+pU>9i906&Ca#x@RuSj>3sexsDPV4&?D{dVjO@XvE#-114PE=VYN#&f8)`r_}I
zTGLfI!FN)0Cx&;BSv9@H`;DO5o%;bW&pmVqBp@)#_V)~3XokFu8qH~RPw^jpS=1h=
z1p-CSk+K6XotRULuq8E?feP%8%|3U^Z*{-(k{QEqoXEF*R~9bg(Jh3O?DhnMuq7TW
zI3Q9R(7mwj1*)J<zXc^P<o_Y}+`>u>g#0`{X>=v!BW}A+uG211?OD=H9o6(ipx1kO
z<@JdU{dh-aIxIeOJ(Md=YpRV3N~m+yKQWlM@Xj>IVsHuA4*Ti@sLgY?CH~df4guM>
zF_Y<z$vPW3M*DTH=y`LKi1z=xdb^TJ$Y&nhhq6=XQ#d@ze-L|~*N&Z1NjA?2FMN+!
zS|cRVXFE8o-2uSD7@2y<WXEV-bvmaV<Nx(8K9Ia<$9vj_5RiD6hjg+!tdiXNc*-YX
zUyH1eS#WwUzThr37ge*Q+>7mfJTFG)0>Ext7lUe*4~FeB^Y&zE1m9M0)66(OrFgpH
zo+*3smEcqGcf%0!+nYfwsW5A46^Bb%8?}~y(MAWW_sBTbG;hvrT`;4_Jj!mFT1m~i
zOGkcHc$e5RH8q7Ef1_@Pz41a}bPc8^_*?h=#WL>lQTu(?d;M?2v~p%>&xnv2XCeef
zu-CR%S4OjYJJUVzhe#i+oft63r$6I4*D=Bl==f;P8&P%)Nbm_ncz*sPf5D{pjB~O%
zB!k?DYT}ahC?UqSko5JqOkVB{!V38(IepMdW*^PBxQIbDnyj^+3DMA;7uR9aKESf}
zY-5X*t|H5G+damgq=ba5U;bI_<MriiNjeASCrqQ(v?F1)5-&AyKJ~MF!1M5|S@N<I
ztJVaxVUn{x6Zc9;t5NjKr`cTRRRAYkcTqv)ui1}~CVd9p?t2aTm^MmDKTVOlblAm=
zg+Z2W>X}N%*E84fVY(lrxRlEqFxs&u$J*B6ZnZs}b-!a1<(aq$d$(iYe-;0j00<oK
z(%una21_0u0<PQIVz5)yxpE6-Mc=>R_o;GerNw9H{#Xe`<I5x*In$R=(hckEWGz%x
z-8BIiV5P_zi?Cb9O%QO~fm;`FmPUwn=Y33a=uv1dxG2oMu9%ofu1AfRk3nBpT({Ni
zSak;^ad1~0<yo8SGRP*Z-i8}bo&FFU`r!pMir^@bv^N-=o`_dt7=#vYVexqjj2;hp
zBi_nNdOXHo$J5=q%8Ymj4tGaVRS@>Y`64rVq}|6#QQ%T{hNY{M)QA@(v)?nLJh9D>
zv-|O$>f}>@TxMyg^V;}Sv+!!i76&4&Nqa%i-SYM7u@;9X*___W9_lT@=1{J{qI4PE
zV;{r0G<8$HGuvOYIJ7&!<3Df}g#9ZEAu{Iq;nHT3{{y&egd((_<64Gsh_L_Wi_3ag
zk&QgSYpD0E&oH4Vlfoe)k}`3Hv^TF&saQSh7o(<m6Njrrd+wlnTy^r55*lppSiklu
z9cHf!(d!rPp0fuC_qOP>h8uasoX&|t212&tV2t)Pj}NO_iSw+ZqPhf6H}XTMd9Hu;
z;tns1<6bx4*tSyQu(ndDbVDa}PYt;KVfM1@0pO48-{n=A>l)hliGTA8XFu`PYGq{w
z+{=j2BlLwK8#JEIS=-$Ffu<M4!psbo%Ts1ajrv#v_uK?Q<g1nYF$YCQMO_Y9SaVPN
z_lOSlf6b?!R-86jWi&A=2yQ6nt~e`$u<-DV&HHPqCV?**fka8lk`&dzOQsinpywf2
ziTM!T<(9g*h(jt&I$VAJqco&-0;OPo?wdMws)dh;x9FEGLz05kaZ?ZZ0nRz8q#@p)
zF_EOAvlMK*q|G-pn#r_=ej#3|?l`*1`G4q@9caVDY7}|{j6G(V$Zi|!nS_oLe+u^*
zNy<u-a_<RbyUm}{N5`dMlrNccE!dGc?k%(P2vo1qyZ-qN_#S<(iW$(Mx-KZSsb?!F
z9BmcZ>~8;+5LHs8SC+_(!ujagR={r5l5XtV?hKL?Y|~<@<&KpLMqJ#MD7k=%iP*&R
zPeRUWenZ_Nm>lX02I%qG?oR{vr1Exp-|5Jr7Ogp3vjB+!T5u(QT#^q^2{GkF0bI@3
zv`Z@fMm_;^<&Fg#ljbHRM>nluJ8I8_XjMA<imHOq_C(5pY@kyBR4Ph#ZK)dbw9aVZ
zltXXd_n&fp6Q@aNiNaD#`DC)XT(!*MCIz}XrnV?F$aF54367N6x`q`yCTpFMCin)~
zg8?#D%Vs~wi!14pYib;1!*|W>pta#KrF)y8dz(s3=djmuJKdw7{tBP(vwgCH8Fha5
zyMKpli>6z9=$h>KcnJlKJuqc+o0k-mtPz?u^o>b|q7VImC3H#2=r=TTn{q^qH`O*X
zOG-5XHEEPRcSaCU%DGRvOtwSu^G||Zxg}}NmK&|r=^tCm=pZ5QbL6Z0W`2uY##Gv@
z)uncK8?cluD~>;9+}PAtjKc|)lY}TIi!iHEI^QqCjjrfIsPwOIzplBgCSlbXWjQ%K
zFu1`G9t{8Wpwnu@MgTWnlC_5k;*_lfuh|V1LQt(g$Q9#5B=^Pi9Tg-*%o+}v)q9M_
z%oeu$z;vHG<heE0t~j(|stg2=p9?8oIdK!NyAs;nN&76V-`#oAad<88tP7mFffw|F
zz0)Sbd0x2-&!<=v7Mo!MtVes}jfuuvVy28cbG^;YWN=eyw0J()OrsNtW}#Z&{N!)t
zdO4kL*8>_V>K4+ME~s@M25Ranf$W5|wB?R=5Ih3H(cvM)AxAccjT_Ki_u`c|gDPU>
zrEF&8%w^lDJg3cZ5v(KGw{=;y<3Qb_D|d>_>vrLuIfO0bvlcu1b`BQ#mA~N5zh+k{
ztp8{}TV0!=hlS77K^|JU8RM;bSh$NhTYFR`u%93Y_HEI-Kim{+cjat5EdvKX);%oi
zdE1Q-tuEYn+Ce&_z?*R((o6bTXR1isc<yZFjO@eBsuvM2-~7C|BX6zWI3L&PeU<U8
zb8N7-;>K9VO}X=hL$0so#_9cpfX>A|(7MC!B?qw5&Pz$q0*r24VSYJoTfes-+;iJ@
zX#-Z8Kiuz}ZM@qtVBD3j+-CX7VV52I+IyI1!~eZz;;7P>9p2HnM(bT{x1jq(Y4lGF
zZA&a{13#i8@iqmUV5K>_Ti2`ghQ>dH1GbAU8MNn<M9#yL28Lbi!%8bF?*vxBP9dj0
zcb~ECe>woyUaPn=<u05#b(@=A{ji3%9KQ8GBpzFkAMMfqt<)Qd4@OvWJ{Mp=Lk2f9
z{{*0JKSXT1Z2_EJd-l{GF+HGU?Ch!@nra>&0bm)ec6Ijc?d^6D*alhw1Dd4&B4pdi
zs9v*Ht8$T$LFIoAfRfCa0al0hs&2r*!tyMyt3#__qU-sOi}?mWc**<<mMrXxC~m(9
z{@2dj`9b!-cIN*#2nxa`>39EAnun$<jC6*aSe;M90AF85ZL183Et^qLkX4K(Y^+4}
z5$8u%v9Wctk%Lw!9V;arH`regc2&~Uku02^;8fH(D=6?-Zld<K=NdCHQ=8sb`8SpS
zPVx@11h-VUr#~4^(onK<(6j`Ui|wjPWCVJN4xL)hQ{C-Vbi~IZ!E%bkPhl)WgaI@A
z+OS<;wOYmqI&k`~cGWt=^E)Eqthc!nS0^4qO8rTAjel~M{u8bHcYl5kJW^6PZHj$)
zP>vNqtM1$qK&m$2kty4<*r^p)adhh!7qXT1C)z8+U^?E+z7ccNjMaS8<3=lsauT+N
zU)vdIo==u3Zd}PJHs3LqA-7qzJ|!NzK=Do-)I91CU1?GX_54;B)2Z+ua(7B~qezC8
zj0P<6gaOiq*e2c7^hS$w{=$?cLSZ)&NZV}r$c@HJX*f}&Lnk8))7e3(6Dq$NrT9_A
zA|*R%de#SxisM5J3Pb(C29u0KPvTTHel24_jYz7l`o<4MyP!|BdCKWMG;r$+i2~r3
zORVT1{&Hjqj+)<7Pqv|EnbQ19?Z*zLySZ(?^F-Z4LS8?}V=3$fULZ{DUiSiH?Pw5a
zS|4hDC#X9;ZQC#?9*IM&%2L>^Gj6WuLne7W^If+DApdF-hp}Dw8mHJZYYxMcK?6~V
ziL~mi6SGuE`rn8W_Lgr2xKV_o7E3Yhsm*$c(G{M-x6teGC3GKHZ*#d(2TuEIy#s1v
zK+jk#*(O&@H1sQzW;H(QbbdUXX{qkk3S|*EwUk7e90|Dy`8Y(sgE$J2*OpZNu2mNn
z=7i+FPmc-w?(OXJ^sI>ZUePaV<U-+hC&tznQ{eO}11SiW&vZ;rElEClwMfj`;jGiB
z<A>Q$-rHny-ZVn&xd_Hiye+Wttq}$dDj(S(&s^=?jhNt$rq&Ag`Q67FFWk8lJxVY?
zs6jI*Bjqnx;`)&V)?+6;rFLcEFHyu#6kc+I38L*3N#$`*6&rY<FhWTJ?#y06`WS<L
zf171`H-;=ZgTs4K<V^V;;)VXNm+cX~H8!4Af1R$iD5N=un4T>du-1=;t9#5{*|aCk
z9T~{th^)7%8kfRihc_9`Bx>2XGL3uSvbe+d9BYx>C6V}(f@ZC)Ne>tcrf2m7FYe%V
z2*(lEF-00WQzZ5Kzv@{+5oGxN?hZgOZNUKl0bk%4g~KjNIlhZDSuMWj#oUuZ@k8Zt
zqge+W!#qDqI8v5Fh0e-~7@`Vlp$^RtD<xe-8fsf0xrO3;ITI>lNwDsyA)Sws3an&G
zg@Sskpd42vt%lCj!uXPUlTHS7TB^-AYlW9>>`w2I<p`q8H?Qcn*>PVDRPhqcIFTdc
zMtF?@Y16&Zx<n6X*3@H`yQfcxgBP?yjefEKM_#TvP0+A&;i6t_X>PPJwo@1*t#L0r
zJ&1V0$h|E*Qqp+$o#2?(ddZP7JHF1$#Sv3R8+9_3>^pOD{L_o8BnBH-NzBA<Ao#t{
z&gICpy2@3&vjf#Sm-y$>{GHjRQ~!sQ6_nTHz_mP(^$UMSH}T7mGka@XUI8SLn2PaE
zW>OxE-0E;~UQOyxSrS1FY?0i72oApJE3X@iMxY}X9RcrGiEP$FD$_>q<6@GgW&hbN
z3PGAcc_?M7$`bR#Dh(%E?L~L0h@3+#rnJiqjPcf0j{i>ihO+P%Xb~x9KYrGX?5BY#
z_sS$cR?YyT&}$~lg;|iibk$OHGVoJZqo<qzeXn_Q$bl&`Pb*g&Nk}Q@Mld!l76)<E
zj-C~74jOJo?>?;<K}UtDpALd9yvQt$%QvJ<3aE`WXqOfUo-ceQ2a-;#%LSx^XA!0g
zTYx0nS>|maW^Y}9qt@bawejD2&o-_M`12SVvx=x46CGLzk5&)5^#oa4S15$ZLKgGl
z7^ogk0e!roR<iGHzcB{08N{HkiHdHPCJ+f+B4#MAt~zzf>fj$Ye5c12QHSIvpFjCC
zSMbFBko5h2Ky1n)C?vAM?pV>L|06Q6d6@?9QZVh;WDMY*C~Rl))n%QQk+D~4>7#@w
zQO@H*`OvH8tGfqMcC~atPZ6ZSMTyCNlS<vSHBOuI0Y8IS8)OKqS)Me#!RBAKQQrRv
z-wk=;FTmiP;)by<9r3K(Obqz}%Kghgb~rvywXvK=ysDyRC_9;f;MYujzJ)$eN`o?J
zf2c91O;OfWMyJ5=`Rt(&^!(<yI@1gl!P#!prZ_gh>-Y$RZCu;dZMc8h$rVC4Nvf96
z6PEeZ&;`esj(h|cU12uc^i!>)q^Phqvww=fI{;pRFsV8OJ2`R9nhlX#A2K2U*cpuE
zg$9V%?H^;mBA8Ew0K1|Z_xS6e5u05;;G;`c+2nVWWnubW5y-IQp-A>zm|;R-ZXLZE
z*g{gfB0DU?A^)A~tG82?WERw`+$mZQYb_02ee`Bn8>QTGB$0P*Y?yCGtsdE){5z1K
zb5M{FsBTz#i!%1DzA13O*U9s9zk)#{8e!Jp9Mn_8%Gzd=gReZnTWoUPpM`1T!jKXg
z{LLahhDa0+N@YE@10MsyzRwZ0afY9!AMIwCcBF7=HXC>?ENXXD{=N6Xi^K+4mZ~X&
zW^gim+wKQ!8T{ypQ)BHkBYd_pu1;Ih7_9WpqPt)^<_Y`jk_{5J%Xk4lsOW(ODc#Pr
z-mN(1Lx4LYoU_bP9piGRn~cZ7;nabSxFY<((u{vvB0<wLKRzjdW{@G;K+XYgC1B^t
z+mxU>LOaYWb+CoLH6;_`%m!r!wXE{{t^u1!Ks=WxZ-Qj`_orm(?O~RNx`U_?kt^|a
zMakHS?Tch94QKk~Jul-&18o>`cFZw-ygo}=1PEwNZn~93F*6f}Y=%gqK=ap6utxkZ
zm=iU$!F+-#{WIl>5G}lE8Xc5LJ^1KLzAXM-Is}rFP)jZv^g4nV^4WKe1YW=U8XDs&
zd^N;J1L>Ztr@jJclgD9QZkJM}G$YgH?35a~UyGr&+}0+{`rdKghsJ)o@iS5~^8|iy
zv7>#krk(<S_fo#|oMWdrVlQ0Jl5f3Iee*Yds6TAh>8p^&q#}&=Zc`MIs>fG>MG3rn
z9f{D;!$|p**k5AedzdY1S&#ltSEd*A5c0Km)rgd)7A`?H7kK^3qqm#t(A1nCUQSBZ
zo-tM6X@rhPW#y35VpBjl|Mj{o<EFOp5X~x_x;`gu1&}o#g>J!)!(ClU-c%8|Px?K)
z5KCco4uj2sBQNUrPpELQvldmRzqsKbrY$819g_n#rIr0|m6cvwS<K?Ra*x#I?tC1m
zLRl=Q$deIkr>V?sr?@!PzM~SS3D4yN6>UWoUg~fp3{EZx3u{|)?qba1J}Dz3dUJjs
z{kesF`HF2tt?#Cq<7A225DpC-akn(t619ywQPq39)bu_vyIV?E6ViXGB7TQC*-^3^
z*tl=GY5kNe+p<xCE^cJsRcpvEY2Q1qxhAV!zVX3~RmKa8sNVKaBQ!+Cl@ZkIU&E32
zi^J^4XxLWj*3%d-E_Yd-R&gAxe>L)kqDY5lz-OE}VO~~+*q)%gaa6#<f)*-lDhpqc
z9Cum7{GT`n3)(d2U7MEWZ7W?m0aXdA7P3_@UaIyZu02}=X4hI*D<L;+4+_gNH>fk;
zI<zacT}ruD*OIqvVK1K5KB=_(aJ9dcwD2rk{du^fZ8yGd^7G4xSnfd5lQQSE|A=t+
zn|~Ozw64gRG$V|ZGrzetq!8389Jp{~pYqXbKl$iAb3eHDeXwKDjR325#xH&3Ae)=}
z*&p;Isf&H6!m;so))8Lll$as3c~Rfq#%}2tA?T_!*872DV;hD1U#_iyY2^gs_9977
zrDSQv)eW34ygu10qAL%$?L}5uKd7+YdMbxMwM(ovt#x|Qqwo@;t!e$2s=w#-ft9Vk
zhz)Eh)Nt`sGrds&s_&`16U(-rLu`36;oXuW{{3w0KdJtIQv3fK{$FbUe}jKH{=W$Y
z%L`uq%k%!fgRdL)|NGg066$|nf(P#ga3rgCoXDY2z_oXNT54+Q;y$^^C0SeExsK9h
zPSu68c@rox@Y%`Qy*c4XFvP&ZTZ+ocBD%VSjg5^P_3`oXR(2&@VNFokCo~CmtsU&s
z%IJ2~_8ao|bIaK9D9$Q$a{nG6utYsrKlrDl<d6L6oOvrrdHEr*DI{=adisZ$7_?bE
zuBvKRF<55Gl^UsNT`lFNrhebk>i)#@^0{M_VDco&i)NP3Ru8lMl@xs8;3;tD^*FjZ
zbgAthI+;GX%Tg!g(S?i_XYIPEP@^3g83Ai5dqPP&I@UJN%*+7pjuYKeXOCVpgG!T<
zusSz_zG5q>4z4St`l_2Q69$*M^K49B&dsf?Kdj?9>zYagf#>|+whg=XPo3!iTL?1#
zMA()H4u=aB*cH!cI7e}HdhhaO%nrOCt0N;Lo0^;3MM4-KA76hE&!5Ks=E6gGb#>Ks
z2Vu;F<It+(ommv&Qk5YHdU9U)S<3PWeyP@@AuaQjhfDi}dh+LBFQb_)!_MBDwhquK
zm{z?CElVpZa)Y3`BNI{glbbL9Scvc_7(a5UYhK6$l^v*W)iuUdfqDn4Q#<_U0yN6#
zy}zrv8lKeTUcQKCNGahuikZHSFOY~EZqp~0AJIHGshX{yAky#Hl|{8w)ZP03@69Pz
z?3xzjEm(8mHvG!!5O=;w40(L~OcQP9kQV0UndtN5M@A=>RN@G<6~d(b+Wr;j=eZst
z3Dx1(++`gVp<4F*4)^G{A1{l*4>Cq{cm;)@zHYHE@_hi$3mUJ0dxyJl<njo0+pMge
z(EHkhVYsXlr`kr`7N0Ac>TPF;Lkqf1@nOyF>vDysdvFl_l##g&N&5R&&7L1{`700>
zMM+=(;_VcUc^x7lF0RL3SxjtT0fs`_7H^hP#@v2bY~mEb;4uZdpQEwPFpStzmHw3{
zMX8tTZa@_A)hJOOWyW}zDj-1K;rfxp4C!|7S5?3UhO{%0{;jSEYZsBJx;whl9uYDR
z`yPMM<SLUd=6;gS{)4U@VV9nj1ovd#g`&|mzH0+!t<fEi){_ruz}?gXBw|;^wwLbS
z4+b)oA1=84fBO2hnO-BLx^8H0>~CcM8|D#tfYH$#(8=M|lIToYMavpIjT+IZ_Gtgr
zP6~%D-i`#4vE~%D6)%kjyCq_uc&z#IpVBCT#q>|;e-l*ANKdCA#ba(wr>{+Aa5>|9
z^3~%r)CYpWwmxj$4aM1|k1+&7*`JiBP1Kc?(MBqm^Kp+@Lu!pBm@T@wssw;TtIQ&)
zxDLNzU`+%Ue_muI0Mb-OnoU_!+nXc6bY2gU2+D2%Ee%Zs*k*5baq*F34iFIJ-a25k
z)m+%#{%YMPt?fv~?^_qNiw0F`TWKQR@vXipIH$)4m&cu`FEr}=t{z9zy_<_URO%*g
z+K6&<f|4QS!4`iEEOea*=u-p>`r;OAJToiS6<IlI`h5SHk2Nm0H&=NQgTdM&F56|K
zs=(q<$#|%x8<zvuDc>4rfa8LGE}V~)R16#eJ0DV)Y)nsg=BBdEMr&Bl8}=2=>`(0E
zrJ(y;wF|CdnUx<(als4|`%-fDX+t<0%ydh4VIjwmW^c2xIJG8lB7AS6`%Q+{GzVjC
z;E5s{m|@4ZWLuin<&&QpY}5guN&L;Hr6b$}jorZx+c_HBjT+DXsg+6Lj$}_5bh>>t
z)^V{KLD?hrz5NuKJX!RSXKRvv%7)9L!Rv~aFA;5e_Eg-UdD7x@O^Ofcc1^|+xzfXn
z0~R!0;jlIE{7BSkzxvfb1`|c@_!-tUE8CLU9nK?OdaR>93g-yap9=a}Zc)U?84zgh
zR`YF>C#23L;4fpZ`6I!(gn9mqq%G~i$Sm)!I$nzpU6AbxHgm~_k`eqev#M#W$32Gk
zkgU<i4pkLn`gqqn%17$_%Y~8EgwaNtSQHU|Ks4pKu~jMg?O*aHxwMIr=>$NcX5_fq
z$aJ(cu7DArzn8snL&``burF$4CzXx<SNk!R?@fO$*W)9`EgwR;zK{vEOeaEqRZoKO
zA|_JDMEUI(f6av_xBmw88DD3^GP>Sig3>JVuX2tM$39pV<0}}wfg$HPdphE~^hgfX
z*o~IlDE;>E8F5x-?1f9k>Qsvv+UYg!!I(bt@aZ83y9K_<YfX#U(bhT_G9OAh@~Vb#
zn>AcdKdxUZ%Q8e~X+Nqz&3dGn<mA$1=3s)jpGo6Zc#AHt!V1Zf=bSxz9K`8Yg-Ru#
z3af0$$jLpRq#nSv&7ISwdflx7ZLp$WOAFV<e9DF^pl7YO18Md$l`p{+2+8fi|3@o5
zwcB4r!<p9q@3jL=6rY%!H;sDpg-~|(z~A76lx7lyw~(!@yC$VojowodV#jN{&m)Y;
zm-UXI7Vo{!9U(7@^NWLhQ1v(hRxsl(N);3=%IIOS^0_Td(G2sG$X9`e=v>Zks0$P4
z`xhTuP<fGcTn*=3?%6m!8NFG?2ymc@gUHy>%Wvf&tI46bTvu?qGSEjl>rH_{uQD8d
z%;DVS2}eqAY$<U&6jw^beW`)TQ$qzzcY&WWB=2s~-BL)LNlT~s_E!^Mb_)bdj>DGt
zJT#>)H@l42lTK8Uta0y0CIRt(hSu_xaoV<VhVE_6?%rP-IR2os0kKcy1;uieohQEg
zKGv5OsHK15Jq6_*Xj<s$Y;M0XDG?Ex??%;%V(hbC*$bMV+>u4Nz&^Sxt4XEFh=z>i
z9&|$pPulLyoelMi!QL=_I1$uZ&g<y%{)$X(C0KMyoO`8<p~oMZaGv}EY|8FB>i8Wr
zV->J)Z~S<UZ6dyI^e8V#UNI4)o)EJ}sSn#pu<yebC9yPb!p9qQ5%5JXOLM&6(mFiW
zqq{V6Xo}Jb=kZ7;LOTP;=)UgClc4o#;qYq9ghd)Hh1r$kp!a$N4vEA<f+;p|pT+q~
zL~ErSZmBLDdpR^JjXT<Sa;CM*k5D<;F8}X{eae@aUO~b@dAYu!YTEvn<4SqC4(<1R
zW2Q5-jkN!~*U|JC+(MFf!73{xdyoPmFDzs3Y_kVrhJ&ZvGMNnl#cf}(USfLvUT{~1
z!q2IQ?=t*3Dlx|QzCY4uP5#lWPvLc?%D&H%l+nUX#zHc#`;a?cn^L)tP$a%P2%(6}
zca~uCTvDT{peccObB0w*#uphR6!&3Ckp)8Gvd@J^OJr?tuYkp@Z`R?>SW?%4wsc%v
zDNi>CUG8E<m6g#!L7(k6pL9c$_cPSN9OD6-^PF!x<exxTweJd${>DiOHir=EBw)59
znMCoyqLN=#aF@|Z8t&L?y7cQYs*ZfAn5xv#%LtjAuGcWQBWbDGSdc{Gfz>qx2Gb(K
zW2|aRxx_a;8IiBuF$>|K8a-KAKDn$I7Kh24J1)GG>^Q6bm@*KMl-A>aR@{O;58osc
zAXl|1Y4(X0rm8?v(Q@2RID0+U<%mjZYZ%SXE-19#V;->xwrG05kY;P55GsSOA<}eq
zA#a+z-Xu&gy830rt2f7xv1DGrXy>nSP*>a7AKV*{uZm;Qno!|3Zbl3(ld*m*2}5yl
zt6i@Cvl0(=hT|ke{MHaEEHO4a3YSm>E>@$+h58#{3#i>tdc&T4#5|EnGyq%BB`q+O
z#g8ryI+zZ>A<DBjz5N9p$C(lz^Uy*jZ)g+3s+<(3>+IXYgss8bbG{CeK+ot%=wXd|
zz3aT%d1%M(A@&Zp3-ccdPDa*o{n)&;MZx`0IstU4{v9uZ<<4Yta<g{4yHmc}_ygQl
zI^y<G-cZ@pTttG`fcr8!24b$B+)VA1&S!{H@>Dwfnlz3a1?MPJf9$Ew_Fh=xF%o{t
zc(EaruL~7MQeXDw;(RiWc_Usl$A3lindQ>G6R{S{Z|>%+^R;>>trZg+Fx}u&K;~~v
zBKK|(`D;FG84$ega=rE`eu)a$li#|C>DDI-x;l7N1-q(%bNsCVt1m;v8$wtWJi=;n
z9JQ17b&l#xOQxlCgzWLEyc4+)!OMYJmn`VA-UJ|TSSDi+h@+?Apb)y99fA6(!er+w
zSAb?mq$hORsNVJt93v<D(dsfw7LmxoHBEhdS}z-9vCOwiIX=QcDP(#g@k!q|941c+
zcb1h$Q!xDCYYX7^edW^kz8dh_8kil#*F%KqyWneAITFF)vLcdCsG}N_HPr5QQOlAy
z*qI9MS8woVjrHxAxY^#<q_{nmRZ+s@eTChs=fE4U^Iw%Jhm4XTU=Qfy)cal0I<%U|
z`Nhv6W?IDjcM7-@FQoJqpUdBDT>*o@jg}*wuvxoMdhads(T*=*q;k^@_>-GI)k9s+
z$#aOojWG7x{<9v;!!>zX$uC9$eHnU#QIDUolf+Zxg4dA7UiaiY+|jnaP`I71&~`j~
z{GG#9{FIUr9s?Q7f!v;Zkj^iUiU<v6f=1n!LwqQj<9UrhN$Jj^xhoOww{Mvzv!1!k
z{`n*^lU}i#iZbww)!E&GhnNomob^T^M<-_`4gPy{wM;;eRPo>#toQN>Dg<}#P3nsf
zD7^6m?n|5W%v;|h@&zbxSEci?F@q;Z;D`XqTOBPu9kdo$|JWn{#$4_O3FA9q9>}4r
zjW2S6@*dIHT;A;vn?0^6B`S<3ktAm{aDTHZ;N>5FbNefC7GKa@>+-vjQI@00DCA6(
zi&Yr;<sn*Dff;Mpg3|G?!KhF~yxU)t%@4I7uc{4O2e|wIj@-#cy5lu;A5;3+VkG0M
z_m_f!jlDiU0!fWm<9(tfSsB)p?Q>@`i)!;RR-CRY$ktZ4&*NE>374T`S{zyEh9jbx
z{8Gc~<v6Ooef=R0kJUdei(zwyEW;QA6X0sT<IPwZ4)0Ak+z1ACACPVQ^B4i3=0%4V
zCtu|g$CBo@5i&L=o@ggC7d!}2OlI`_{sEOj^i^2QnaKI&&h%(snM%mtj9Bn-Ni;8E
zX0g$NfIl>v;+p|dr-<j(POQWYA4xK6{WGAtW{!GF;WfZt@UTZ!mLnvCsVEj#d}FIK
ziiqd;JCwIaycT>}#QDT0PoKF!NonMnf=lVrswxTwh6#MRPLg(jJxOGEcy4R!Q!}n!
z=Y3ansU7WBGYYHWwkU;cT7R9$q=hS23mPDzmx8vXY{`u&zU*4q{!1#GBm5_SYYpHB
z#ubT|WTnMt6|3upu@vUiaCCD=%J$F6vtya{z?8!y=TRHKm{V>k{4NdaXDH+~uaKo^
zb=70nrd3d$zya96Rn}lT=xS`OCVM6XZ^A}Eg4Uo)&S)oBw2dn*k{fl3d*V)ep~mdM
zk>{|$Wv<Tgj%6~1qK?KvaQ-eaW7#Q7EhnEQypocIImtqU!<fJso1xpUPilgH?yIv4
zz8IE}EBebT8oJ)a?A%>J(uzassKyCrvgGVOv)8^8k$6$=Olc)eoNQ<UM2Qslc=(*u
zXx6&H-xfIU+V1Q<5Egpbw3F2exmL%THo%SHcQ`s_t-%}2E2NzfbY0&)sslHws;${h
z8({$lSGVSnziK4k%Qf`7wtB7ih#09}`}SocDa0~O!|6@-;gL1oP<C-{i3<znHPtBr
zt|`n!`_co42&8tbxq;>AfZq`!g>1%f6VyX(>*?wWZ)9{&GSyGO#9TPKMvWos%0A=P
zVtsOk*HzdnM-3Lm<@UP|9&Z_Uhc68}|B1ce3q~kN>>LzGm%$PT=lm8%ZzsOTDO-UU
z_yKl8Tj;pd=et|N1*k$g!r=I<)!WD)T>Etp!VvAPfMH882GhcXL3wrC8e$e1$si|9
z_^dwJ;&(w5t0$_YG8<FYg#K}i8IC(pBIG6VNnWpCVZ*2}mo2e47sccH6gN)MupNLU
zr>V;te1+OiW@@0^v#uw7o4_P>B3lv>dHiZ3Of0ay9;mP#kKjOMS9Y!3>gGi0BX}}0
zK?z;*>Xacz2^KHD4*6{FaOAeK*zR%D)*IOj7N(xEU|VOpT2a!}l=SlA)gL-@F{n*p
zPN&x(WPr$UgN=aCF>-HFRD}*54;ZlNF>Cf1^<OcRP*jCb8HgS*x=I37wx^==f=eoq
z^C5lboA}fW1ajEADg)tbrGVJfJJ}62?E?-%H_FUDXRo1$3H70;n22$+0h?Mta=HGI
z#8szfvuUGI{gOkAPUedwWi#l>OwiW;V94z3bk?eI%L#Zi<6~2{;@?-9=eh9EbQd!)
z`@V()kvw}&2%Nuv_Bu$nbTn{o+lbnDcLO4)V@4J_3s$OyK6pEECAzOPxlIK26<)>!
zfcCt3LtQr9F>L-$cr@|qK(w5yUFc9poQ%J&)M!^O>f3{q;eTxp?z!aVd4iSr@2fuC
zPBVulBDD9Kh3I^d{TiU(vvo7?7~Q%*cs~0%BEDZ_UL41A1YSsX(*L&tRz}sLW2e%l
zthmac!=QfPPNQenj4!4LRO{b!%XjN|Xma&fajCj#L*cX&%T0&?YU^7)xME<c(5kC5
zn7#JbMr9NHRIJa`7t_?lWz_Gy)e8nYkKMo|Qp#rmsyo596NdlUSqBFPd#t>2;6{ss
zt+3lkPF|$H)NWG0PQ%FCdMU4LWkY+OtkqR!O_m#Mu=;-d7cN&BWlabVm(MHfgbLP=
zE-PCvr`g)t+C4Z>*4N*-6G;R^G~C?W>la{yvkqIo$o5>Y2UpnYst(w!4BRF0mX-MD
zkBYGm`_6>sV?Ot#L?m#Y)V|~GwOXz0kw}%QZ08~IKSehu%;7UN1wW)N!`Z1RAtfa=
zup&8_Gm>@vUL|d1RmM5oZg&IRbl_@NH$a4e0t;;ar=nNJ^5=?gq<_i5+`Qwuvs3+m
zG=oppS#hl*XSCA$KM&3qRn-o49xZL{4#NTEb?reNhU5p}#?@kbA=T(ZML|J<$_0HR
zja+i^s$kbDd<nSL_>X=t35T$u|38Jt|CT5JTZ;T7_Ef~NQKR!ob&pmhSijhQBm3C)
z<wZyg8lzpsz4=Y$X<WgtwNn+FYpp9}{M~6qRdui9>Rqh_9(=HW)z8j8#1ZHWfP%0q
zFugjzjj+F+j-qX_$4ey<QWq7K`>aG(RR^xRJ0krV?Ypck1Gs@+d8{%@&6gg7*HZGS
zKwbNh!p;k!ISVUZ>tq)=vAo#3HZ*`Eqvm2LW?@axaG-L@)ReUG*}WqU$Ox)wQRxh?
z?CW1!!L{ks_%*-su5Qj)y=NHosa$(+r9_U?fwmP_*#|*g52vJo>Xn7S_G}lUd24?~
ziE5mhqN*hN9HSUh#E=%N`Cn=G9}>Jlo*a&JlK1#gB;iQj*T0}-L!f~^<SC1Aq1@{8
z6I1|FEvW<-Fw`QTXhV?)P}3|wsW^R)XsNK@U+A?p`|zNbKm*?agEMBn`k)ibdcS*S
zM{V$mI|7w8ORc>uf%Yv0VyyB}BW?1=XD?rJezoJ$dYV@w8p+xt?<VTRn`biu_z%C@
zLF~&^Kgc_dMEmato*eo2m{Te%W5J<?Dh<FVQ=A*;EAHR^(e~0?BRd*u0;RdU(q8P=
z&BY4S{{MRyg-L(-JZ+=*9tSWwxwLNYt3iK{tpZ{wrg@p-=#%RgTPR|_Ggp>ip(jrk
zGO;lEyB70-pc-X>dQkK*a{3@Lc8*BmiCClVXR@sR1;ty^^kUENEjs;zAVaO3tgS2o
z#*q1(5<B?#h!y~CXpTtu?RwJBsqavBDg^Z6F<Czg7MebXT*#2o6%(q^!ZKKK-xpqP
zJEeJCeake=>V!R$+IF*nVvrzIR<pou=S`*dLdR{V4D65R=$1|52*u?^JKV7(c4+*~
z0~D47d|DvJsyWhtlrTCj1<@I6DnNF)kvTtl!>EHzyK@5?n_>co5)PZiCXa7|ahBIw
zD#h(G<V|mzJ{O(Jk<&CIB{Fa{FtWB*TYp;JEyAc-sn3FPz)SnWl`8o|l2D$(TzPhN
z@CxaQK-Qx8RTHn{VfTip7-?;XZvXV><%HqocPP1e$sbOryfH<a#D9isx<3nNscos{
za#u&__KZ|;r~D+Iyrx%=Wa3uI2v)t-N*D6<B<U%>wrHUGCFS7;?KOEYyQTDrX)kdT
zNE6YeQM5O<Lz8ij+$+qA)4=ZEvl0(Tv+FM{Dd-&CnwjO}AePy_EvHylS}m}?el$ua
z+UO|NL6O`H{Dq;VL(>SIXtR`Gd|}4_a)H~vBix93^)0Z+A1;bJL;UCOERUW6HvHoj
zukzpGv|L(RTuy9pKe7a{35UOx&mcxbHk8;5+R7KW=VZ}0k6JKP8hZUs`e^?a!H*ru
zteL@fki_ie4$0qq$c<sueGX}(Mx-xqet7>Gi*WqgrUl|j*1~mCWn3hQ<LebRUgu)6
zm}+EWJ$T)JBk;B9K6i^lO#_vtx6%n_3?FEteeuu?hEGA7C*b)r97YH?wwNB$xf)QJ
z6W@2h+Um_4y`_CO#+xOg350B+9$^@;PtNLGLD%qW4BJ0eL(Y;RFP(w^rKR2%vtzmY
zm-jy@f}cUqS2sE0dDa~*_LvA5&*y>P)4MR%`2Jolh-;a0E+*6<<e@8j?4uUcjeb!1
zh<6)_{|lpZs}o1~2RH41h%z*hhd^Hc+gqce7YWu61>~h*@jMYFO;=z<{H~I3osRTW
zrf}9eXm@sxIYY+gn_|L<Uq+>AmU-*G7=_?%EJ=QDwAaI}cgy#LloqF$Oc|5QTq6}=
zDipTymvbULmEd9Xk=If`KF+LUhZiN9j~c$D#XO~=%BjmCZKalCdb1s5r0<i-2BnO}
zLsEpF9;78B#)`A`35u1qrm|(Xy6ERNy}l(}rsz;q&(v*t6U9v;9M+Ns2*5fsrOMdA
z&oDoUBBP>`-)>;_jp37%ZT#G!v^EZ(NksP+o($vHbeS5E9E)`Ec0br^N`>pp+xf`E
zmxu<5#W7^}0P9PrOAOzZ$>I?yggK5kLXrja;Th>IVV<kzoX%9a;pFQd4O9`KIq+*y
zabHJPagYV*D7F<jva7?k09Lej;ij*5V_(els6`*zzv>Ip(_SoWQdJhI3!#~MB+BSv
zj0Y+qwAd1K;zfQ0;;CR(|Lv7h`z(HQmGs$284rM!)}IY#S6uHHRq4wdOuia>Xc=t(
z_(}KS8jhTuui3w!emJA0HFAlG_g9ae>{*kjvz+Y}sA`#VjF-|bJ2X}gEgFK&Y+0EU
zh<ay2xqn@%Pe2kY-Eu<}DX5PZesP7Sg<zG^%pExP?8Xps_*k5I#5a}Xa4CeCfV`(1
zuiQOEYs`I}hxk^`_go>h=|9;0ChhsYst<Y_wn{^S*{_T?y$D3h%fe>*_ATTjRknct
z`ZQFZu30bf@>C7akN<nXIHR>kd4BLEY$>81R^L{7;T%R{$AbLFFAX~rb~F#t@Q+$i
z2?q=2*o&emFJ*Yl%1WJe!l6YG?t(+mV#oIok|9t{apL6;c{R?BXQv((i<>PX0@1v2
zHS?vV5ZkQ$K|Ttt!7Uy=0;5^|RZY_TgVm?RJoBYn{REi~<^Mo_uRl<QTdeUPU0lgP
zRTv4VaUl8Ed<{%3ln^jErSymLPWPEw4F@jHKJjF5jZqP-B^TjF0H|=Yp}Ec~IOK@a
z+Cd%bYU!M<!j6^~W#H!9cvN1AD1o#gsL@Dnb&C1G4b!a{oCt0Yw2D3xj((F%_>n!n
z)WD0mTE+2t-+xUtFRCYr)K=i67lc*kVh)-AfbHu8a9sMLRcW}51SOXo06PE1-0ENV
z3|~|+RZCfho2*U3N*{UTRcC3#aYa`f)exj4r!$eaFvG<_fjgZgwI5h{)Ubp})64S6
z#FPlLa>7g<#6NX&^{!*(jPS%r%QnUp*Eg>XT>(FH+3bIm<s-TO@i<U(==2HI@Tp+0
zadVqc+mW3ga+|7z$!V&7;`bg;1Go6ZMzpEE3;O=GCr5=WSz*~7b_lk!2=5ju`5}Mf
zg)q;DbzzKBdh}tkWd)yl%-Wr2yPfbP+0=okK;yHLH)rwe>FH{$w|sW?`D8&=Nr;|x
z0+VY>tApgwvzO~)d3tKI7U+#dx>={>dRq*#6Fb5In0cyEX?Xl*b-~A*X=ZjlUvuP0
zpB!V6>QsnWFVa(a86rFf`aGCH)xUeV>f3wf;=7qFYUU~6$F2=pzNtQ7j!o5Wd>v0?
zi#dxlJIc2rV1P~rO>8MUM)B#$DElHsHk-ujm>FzEXb>GVdBv9IS7!F#Vjbga0n!wt
zoMfnnCd_A?EeTMA-Nwj0Zux%4fGU-4`Jx3ib9XKqg~4nY^9X$mgbTAeS74SaXL<Wu
zYX%3heWcl0q}ICP(P4>^qCwe1YWfV5yddqy9qSTfJT!`QYlmRm`pXT^kR5xSp(|f3
zf;QD~r7*Gb;0_QvY7Ivu`!~yJ=|ENurmRywh?ntMni`Qu^Cy^x<J-Uzrv(hyRw`j+
zyDn=<>@{EV?i7Ho?;9)1*McPG%mHKJV5B?e3(2a<k<(-7(=_6GMe%_ezuyt|xZwFj
z9!GJKp0C#R7`&bpROH`d?z@UGLm(R;qwCbjKpc`*Q6~~(sYY$hlLA33%NT?xOmWSV
z6iFzfHQWr|k<ukowC{^j_`JzxJ@6MY_ODcW*gHN+o85_7L{HmUbZ_p!z9DoRuN<6C
zhITIglgFc!w>*D_q`$~oTC}O>#1anw*k2w`bgStiVx9iJz&kK;a_kI<8>J6s)&0RT
zk}qPqQ4%v>c`5a7V<qIwG|EGJ0_Zb@RCvDw3PX^FX1Va=M@P^l34p(YbLW1xcc#3B
zqT|#sC&f|Tlr({f8y2P>zhgwyS-HK*5^4}iqj=+bmid{3k~AG~kKrB%FY}brZ4I{X
z0pi4x2NQcLzAZdSN}-wNhNY(-3KGeyK<Zom3<+6pYSw$~%^YQGagJ=l;T)PSaG0W5
zs;M3;j~=3fFSrEp8QRp)rQ|{o>RL4R;)ztj_Ee|TxV$M`jv-)jp#H%Q(;V4q33I9Y
z1w&ZGIMo9rlzeRN;oZ&>*Rreg?1S1@wW%`Eo;8#(LLiVnu$8H36McL<G~P!m8O5t1
zY77p_CX+lyYU7^g&ojpaE=ncrS|ww&xd(Fmpx6S38#$PK_5Pc@VR3CkBL0Wsd<gCb
zW&VTaBy@9SZp`@Oj=NJu0G2h>4mb9SRC2m`zUECu()qG%;@DD>a3d0!TX&63+nC|K
zHd(3?Lo|K!tt`XZOF#5V7(zuF7IuOBYnpQ3U8H5ya_Vp^t>$Oj7{l(9%Xl@JSXC|f
zF?a||_XJ$eykEUuORo;jFly^H+NHLxIc(~zWK2n+cu+eW{b*`-|6NiIQH4`hmTEa8
zkS33rR#sgAWvzKZ^6G=m`#%KoIjt5^|9(NHEv(gijoouxjVd!(vLke!Og5_5vZSRi
zURbp-TlWxbuUNr8@VWot$lbAJx>Kn{Bp{Xd&?G~1GR~Erw$#EMQko1uC1$=^&-x(?
zI5IdP;g9Vthg&4*v9qN|R>t4rWIgQQ$1YyGp1<5~a%NNLlL&RP<XmCKQen1>jtRvL
z9@E30gv*5c)xOGyMLbM?u7)SLo+es2B4aJdo{&6L_q__$=O+!Vy&9APe)5Q5Mbw^e
z5}dg*tuJrh<5<02W^P93J5P)?zN5xifv8#ihn7H`dL0*_i=ciafP^`{3w|m=WoMT#
zc(H!u)sIz=`Am!3HW>OfyLIdFd?IJ0%!s!71#4?yBH>^p%VT(O(QNRyZm(cvI0<OZ
z|6G+vq{+<4qUl#@Fnzkw|3lbYM#Z&sU87MXxCC!VaCg_>?(XjHG}0t!pmBHC;O-FI
z-QC@3T)#f&8Q=51_x`xIe$}Y1uBu&ojM}T_nsY52-~6zkJmyzRNdl%Ix5^|gAKnZi
zz(B8xitzYs$jqYPDI>E_O%Ney@_xNyi*M}$J@UMX_^<2*G7=HtP=3{{U)9KTurFpX
z$#IhdXHeEaK?QI@z(2EG@_SP&($X>~h&AKwEK$f&5BH;55AZEEDYskZpbSyyEa7S+
zG-B=Pim_J15g$LPQn!19gsip|p5gFo-N+T#>;;U6nHtV(%iq>u>PWV8Ll;DavpkA}
zfGDGpvu&0USpTd8Y9)!@Q^Qwno;RM1)mRM59qpMurdkQ7*?wl?6IhK6Z|V*$YYved
zCSE{=UT3DP45oram`g@xdI})Zb*qm}2|einR)mC-1?QdR7gJ;HKShLcs}G5aHdEGq
z=N8B3!fqcp*TOkFnR^UctG|<Ii|vWp5VFd>x=#(%>Kf+B%7tcbxw$7~_%JKm(?t4u
z>}N5jPnq5OUIWl$%5Grc{4YtU{Vo7CoNQM{qm*RHV3%%o?D7Yau&|TF@1cUX7#uNx
zgh^L3jwi#6BUOF;V;Xb8gE)(aJ+VLUus|C2;Po<FBa-O#Lc9=<9ig7YRwQ<>gN(B5
zO0mkbo$9s?d$nsx!Z>>`i%o6<Q_B>UbyXB*@>tmE1C)RWI9Vkc2gi|T=*ez$vvG@^
z%lDY4CkW_e3o9G!Oo+;Nz|*;?>s$OaZ%Y8R#2#z|)4dDejI{wEP?gSa%g<Sq6p^Y=
zPL$*Hrmgy{AMePRU8HG!62zD{WC*iil`niT^i&Fyy*OfUPb!S>*#Vgq5nGU#MU6B&
zC8B&5ll%mx496SI+}+ypjG;VY^71gVgEi71yNRpbVx2Ixz%wn#)x*<gyxSoB&c(kA
z579EMdJ$ieq^&d?xPR^ZQImt|aTa;wZq1wavgbdiRLM)c+8<^`T#p?X0ce4?4(%uF
zKA`8Y+{?2N<JOS;QsgnlZRQK)&Gm1-S9-M*`_#?e!(wO8OH?}R+}7jQQj{V;N2+A5
z{64S|BKcgm-!kJ#ajxv~O#D8RMf4qOoI3OI4bw_a;XWSHv`}b~y|dG+0%A)}%008Y
zIBe&W>$MJ1u)V?ul0>nqLTe=^&6Aaum>%&GBb*wJ&Zm`u+%&bNuyES7to;3gPkrYR
z#shv5W&nn4u8trEcC#o`7p1J>><05TG%t+98maDwdow&|=}S$t(Tk6gh|8t9cT;eC
zE5$iwV}DIL;DU&TbNd#$Zdg3|wXw&O_%5$C@+r!v#I#M3ARJb>sByo~6L9!-{ylzb
zt3l4J0;^F%f~pwv<3|tIwgT{^Gj6Cr=3o4<Yk`T~$LMh5<y#sKv;xQz+chK+lgGIa
z_Qx?H-ch3GH{4fCnD3O%NT=^C(Eil<Zx>=bfY~zI{kQHd{4;(VA-uEQ4SYUrwHPDA
zf8YA+t_GK(DP{g&x5UF5h7hL>`;c`R=Spk;j7>q~WCS$gWY>g{jvfY(&FqggEo<s(
zR%3Am6I$Z>4=GU|RW<;QmhMKa@`{1zdjeavDe5IE4(>|4vYGnEAF5S2qoi2uX!<KB
zntLLjO9AYE@K1`Ue+miv2O_uN7cPp)CByqT(vaN%cH(g?*?BBkQ!J|+59L%<@bH&-
zZBr#E*(X;vKdj8mr!b|gzFV+$JHoSp0?A89$mmkq5=<@%x~o!luJ~n0SVvmA?-uY%
zn%pRYFKkGPMa6Cb^AmR({9imO$m0_m(DfHY>I;cllto>6ic2ghs)~~Duh>(T(~7)9
zmIXD#1J%F{*ylLZvh?p%g2ByNU=9Mdc}<IIO3tOSIM#(jIoBr2a;9jNDIri9uCOUW
z;7u7XFgfT=_2Z&xMZalY^<u;a9M;~j)dX3wkdQ`V644vAH0mNZ>|R$aolw7Fqy4k0
zPcQ(QzhzfnZ2?$Asi*IX{zz#%r{3X^W7SPqIp%&CMKZ(V*6{`e4@!9|vOEfr1T7(l
zT9r}$9JZop7=dPnX9;vw)A{mKN?RFr@FC+>TC4b~w!*f0ySk<5wzjHC(6xn<Es6Jq
zEn02zS9iWgq@}DY&*K)B5)DtJrDFQ$Ua#`{SViOBGnm3&DYdFeuahf$oAjrWKeaOr
z(NXIXMw&dTu7H`kmV0JnVc6oYfTZ+44VfbhH^%H*l$N#I`P8hlnv5-&Hf2~!!`c#*
z*7^1A-B0a{7Wt)Xe!88*OIG>UqXaxlwt1>JAvCN?O7=Imr?otk<0E_G_~=yDjvupH
z`GbPov`+qkC^vUe{7{8dAGE9*&R0W^e0(ZSQ+Gq%AD&KIC|47weVRhGKi{PGZ=QB9
z*VnZFYOt4oc?Qke*~f8+s;{s1?bwtVpU?v^K42_>SR;IOFvcev$(xH-Z{O(Zo^CsU
z?X#I2u&c`#s#XnEC2LMsSC(J;g^t%pvD2y9M4`w?q~`mEKOom9+tU>uK)1Yl@714$
zk?~wmH}A)ybqAgHGhU?@x^uaQAZKaSmZj$$;2}t--Hg^7!oGet`cmZm5?t=++NSP1
z+4N9<Ue1oZMO4Ua2_i+XSMz>I`;Q|9?z_s!C><&JoFi31LfREOfnEGLd0;{_)=?^f
zck=9loGKJV%Iw}GW~;%n)uXZde3_o7pgPkt8~~$bORX>c9~d`4VTD>wo{D<imb&PO
zq3ZdC1{qzaeOpDe_vIL6{6ECc{}5dNOL_fo<^PlW`j3L_U);IF>%Y~1IH~`({Z9qz
ztNc&PKd9_K{Mi3s-T#^L|MG4xTmFZQ``_9BTlxQ629yt~qOOiXL?o}Ffis@LC!9MO
zm6#|lE)M(egj?=%&}CtPKey@0o0#Nrl+Mh~POhxTSXvfyjEIPcC}?Z{XVv#|(HA+*
zs|)FN?NXwOI-Do;?O+wrPD}Uft5eE92%?Jjwo0dFVWV_V4@f%=0dg=$t;d)k6tHJX
zmRY+{Qc(Dztc-DbdJ2uk=2_7*Gc)t;-yLdaA#EkqU+!9%Y$xz3>XmiJV!f+pvhqfq
z9d&CDS)P<r6N8Z@r|CeVnw(E!bi<ydgEqGnr)5!fH)RiQEL&7C5R)|Elyp@{<WnEM
zhnUM4^!#R8nK!=zY$8!*Kqm3En!BV`R4~C<bY0Hno>0P}Ha?X0yS6;2Ly!HRE#MLC
z0>6e4wR!o<Wp?VL>P-ysVCm^x?stF3FJfG}C#Rdm3-V<SQ4hI!X3uNolzcO^F1DzH
z$d-o36X-U^VN;2E<2zEAvy9o}tJ;A?<sx8d%?AED5^y@l`gvlke`Ze&PfEg}rly8E
zRr2$D@eQCpH;?;^?=b$^)=dq(`(<}(%>Taf%k*!XWSgY|K2JBf^5+>cI#scFJoXxJ
zEzK#BPxg5^gJOwu&FEXX`Z<$@QzokKDpRy1z<lECdfSbcq=9?v2nlmAh~c)4s;xQ+
zYJdKeFlp*~6x+$j&Z^8ME2z8++za*2(Gx`lq)PcO3StK@O33Qc(P!0jVzluit%9c!
z@v7RjJscJEZL?~tk-^Hle0CH_voK*;JXsS{3c-tedBwbm`wSVm(nCEauqxPnebn@&
zxZMF{#}ahKy+<z7gR-`c$dj84lZAW6s=#hRSy?)<5_~Ud06ZR`$u#ifB6T!R^Qp+n
zvU^kEU1c3dR5JQ`n=K7V#iwBH{Fa1JBcmMsoN(EkF_V41(AcY1l`ehJta1A77hM+v
z$`N96^3eMkos=a4Z$R#(goj5XM^Y=5y+%kxgxO-Xsjj+Svrzb*v$r?ze_rc6R7J5n
zoQTU}hB#dy`{V>n)Nk{Q*C*vSq3SlH+n;H7MLb;2wB4_3Yza<$k6&!z_H+5y*%3SW
z1EP7?j${~sE$y-f3tiVx#Fsp&I5%hlN`UbelQ$^yg+q~NFj)xjpQ-13|68ERpQ*dQ
z=1u9#JLKG7FDx+I?)>N_(_L+lUx)y1KSvA-mNk~MNn;8}fdaU%MPa-{Iif6!J`O|}
zFvuoj%mRc0JpECd$3-^o{>yR)*{=7<gky8L*o;lU$o%%Wzmp_QfW%+9Whp*2;#Hp8
zP6aaQLp_ohIBede&WWeltxYi-&@}f`6)65ep11Z}tmWox+w~33rpMIYL6Jt)=IcH|
z;Rd%kx;y{4&O5J~z#15p_-~($aZeV5;gu<vZ4SP{AmMf%ID$ycW{f7*O^+6;!ctiS
zsbVP@J$Dq^7k~)4NDhl0ASaS-am1UGH&XI&{LukP2q#g3KfVGtHCK!EdlIp5!>PQG
zdyl#Fj%{jL<gbZ!3Bve^n><sARMQ2FbNw|hi_#v^vjIa-(5SM&%dO7<0N^|@u~0sf
z+56rBnn}8C-8C?=t4rvd&h$SA18M7X%E?+=syzQg0O;k>HU18g!RK{P{utGJo!%OR
zC`{L)9#J@+)I_RQ|30E&GrwR|R`p1j9PwyyE4(ugQyrDaGXY5Q#JFhBV>*k(+W{E)
z%Wur-{YXf~m4DDZHnpFd9q_f`0~WHq#=tn}nrXNptqYkIi_dtYU%07+CQrfLk1+Gr
zeC<e>)C4>B`s%%Y7|sal`eF||r)3y##Cg{Efq=;;nvane-<Z*C7pP!RR^@E9X~rY$
zbJt-%YIGcvi&5wsT2mTyN9pPO9_X9X>fB?>yp&vLvJrSmiV6L2MyMru{+he!%aE9|
zg&9#nI9kLd-E>16N?j9JJAn#whts#W(SoTSce%5|@9l;B*M6DKMvASZFLDPW56fuX
zNiC<}+&Nu{!uQMUgK>e)o@iVKj4?cZ(2em%BNwmiKyD6cD$8;L^G1zh9=jG*WJ`Av
zzkuP`k#3J!VpN$|*A!FclykKJm#i9bWJT7xf_}srTwyI~;!`0zi}%Glx3%Fs_CwrQ
zPv4#}Km%n(G3n!(q1f|@ae^Ip@bR)P@RC36e0y71OsvmqlZ=8wy!<~J@aM-tTVo2j
zw2f(bfqdV$*R}bmDAaZ&p8@noxoeU#sZJ%l&J%tjCg7^*2s;hh{M^OmU)dRaZ4V&d
zPZR-MX%jcJy4l&8S&qw-2?G8T0Ss9;8aHDC{+9x@_*ulCO{5Wl#$H>#d_+rMG<bYj
zV+$h9cKlp1>x3Ui<FC`JQ%bq<)f2)Ec1~vFYH3`UL^4e;{%+c|L<u^dSO%fs{9Mlv
zZ#;~9yh8MU4DVm}WqRR%{tYlEG*W)w&fjW7Fc%DtUR=<oSztdBHaqkB8P372lytxn
zLD!$NJ~D_cbGt72@n>5G_&9jFn<HwZn)**kNs&GM{zU0_#Ehnhv?cVpFrv`$6V;st
zN*5*0CP%92=km$HF#fBr$q)G()yn#M12^6HI1|nvlIz%bJE}7xAL&UuIwcbe(h_yr
zi3D|xsX*N@%(K22Tx_E=D)Uo1(MRy&#yA{a9E&02$xIu<eWeRyA7z=zTjFB^M5+<~
zD0CbqC)#bA&J-!Gc7q#SxYKzd|H^SLk0~}q6*2w%{O%8OBNtlSEAAi+7<x)ba(`t<
z()q6MO9jk{t0#CDj*u9F{#e<aBn|BQ1T(oVu@=bt>P{!Ko3eHX(fvqOk=9O!$pk5T
zB&+!+F7?#M*CcVi5x6ERjsTbgC$QZw0Gz=|rFdiX1pQs%ok>hJi|&}9U;PdfveF;g
z`L`E5rR0rIsKkJ4M82x>iE$Ush>!Qe{O2447)JcYhm&3|l<V}ZHh@c(xwYS&WBBDt
zSP|(viwRioPA4B^u9wB?5Ok1wZ7v_uK;8X}r#Jlase3-@tY)PAkcMc*gvd9G@q71-
zZb58>&SPvQ*WS-M?}}7*tl+Qju6ckk&iiAASB=q#1f21CT}I`$*QPyx@Lf3XzvQ#W
zIPweQa8D&#vY0dbEV+!Y$eXS#RE=mi2Wm;<H~7u5teNBR=lbC8vZOSD1P?;39DG~e
z*!Pea+S}Wq`P=4w@x30d@}C>3)(QUofCCLWo>=HRbUYm2W!1)4*=C@S1dkeb?>$@-
zR0l2viDhJHNJLiQhs+#Zp2(Z`iaWgt;<$>@(5WikUuOz=cp~W<McA1w^%Q@~TnHW?
z5mr%+tMS=VxJ^ekTgt=zv^wyKdx67_6f#GYFS|)sxJi{8^ia9$(8|$ze;>AM;^EqG
z;gs+z^9l7zVz|wi=I}+)cPt3o`xu&fNQ#wx%^|+>Kzh?OW}V$i=Z7|%`2MYt&R<8P
zYk2!xzKF(weO^yoX=!byVQ;Z&=8KVWB!)3=I%6MkMzcM<@-?7nc6LUXItR|YHLGO4
z>B<^UdOM5UgwZygwKB3iNvuVwoXM30Q9`Le7(Z9^f(D>jgD-kK^OBbrJ~lu7Xvl0y
z`_Dx1y77AXs0?5(77c-2Y2lCe^m(g?f9O8J?%rrB4kFBmS<Um<uzTFUhVpaC&RsWH
z-Dk+hJNP!=e0=<XgE^|%4WW44@9^mXr~GK>0NtJKCp<z!jP7wx8~K+^`F;pzRVaPL
z)xHcKPaNpQtLDrIhdwcUVq5xPwSs|!g8o~(-g_0|$dNtBd;XOPtc_iEM}7;mHrNLT
zv1O6iJ<i;AX!I~498Q~$NN$yNnAJ9q5}uKIVf7==*6<9*iFTa^ALEdP<Y^1{iyjV!
zwGU>-c3r_5wKq6yW*>)r#GY3!a^BTN2jj9@kha+EZ0xc+IiI6Hdh<t@&S4o50rnu7
zNV_v7TMaMz+B^v;J_#{uvwsI4NN|{(`M6|}TT9tav^##*rP{?}d8LNr7F?0mWYD90
z=)XMt<Qr3xCUA~@+xDH7m$&sPQW<K?>gc51WrN`9*SY>RdC>J-`u8tG&W&QAK^z=0
z9Ie=V_#b`}cC#y3Dmk$2SG!iBWZnVBN*`!6S<PWy_%_WJZ*!A$s0&g!3$Bk(eTqPv
z3Co=CEezjgqMt9s+nTWAk$wz8SiEn$iI@xrH3?jpRmrQZc2FNt2!~3^hLbslgY|r1
zA-#{owNwgUK~cYigPgBLzv`lAeuijPsK(&}-eI=$4qnLn_Fd14TUOJ!n3s$j%dX3F
zK2alhN#nkM@%=j_9lhEmjpiKmgpNw^`NvjZ{Po#tFj~8DQ@Uv$6+@_KJKrIX5i8_H
zjnV6o(-Xv<cG|DEsq`mFz~CL2Bh8zkmEbycxG}KM@qL689ZMfd{@qVUTFvIL;@G}T
z9xJ#u{_{bd4ud~5(;6JslzfljCS$FpBk5exdYQ-u)1AkhDwOh#V;9-}xXezp!_R8W
z=3R{AI^i2KE?jh?8CBt@g5#a-BYLf2fh>iLdGZW<u!Pxj*;kN89eU`=KY8e~_QsBd
zhbJW>5^(qZB_aa3-T6OvzktM{ohKU}P_k2O>KQ=+H9f4I$#I~1k`48{gd;?`lSR27
ze?8|u+wA;(c$#sc^k^FCSrHiQ3s2>8qQc`y|I#IgQOOrj8jAc*OL_`!4eRgjf>SdK
zF7L3r?RSH282PvN1ntjhVibC(rd20AE&-JUB)Zhh#0z!j$l+KV>9o9j)xkek&8dp&
zC)1}@Mn`pdLIz8EO)YoS6y8O~d~tvTwPe)5B0E#?qP%mqrT^a2PzAL9RuLNZP9<L)
zt#*~A{pOf&8_LLeV$x7~hv9yEvOSefspH~^=Cl2wpFw1^Ksn=<Je9-#x|HZ|{Y!>V
zNC>gXxS1P(Q<%npR@&f=ew>}d&Y-(MmY@kwuEd{1MJhJ4%G&td@mz)ROSA1t_<&Hh
zGEfSqrNQ2GyD!{kp)&f7$jg57tNL8Q<*VQ}#C2Os!SCxCmXOd265OvwRE`)Iq2KtQ
zD1;oggoONB5)nj}+P!=mIKe5y*Tk8o1%)j&nRTF&H3GME&xW+NJLP@UTf!!p4wIvR
z|CZNpd!iEmQ<AU^_5S-Cv;urMEX>U7SiI~;5rF&j;n$CEsBoYBDzFE!M_yT|x?2C+
z_Tm5eKahE3IQ;)E5MroM^S@;T9Q8kikwNHx73i4%>wgg9|5sOmw`UfC*ZbUm7xM3V
zp6lPnhM(@vnef7sWXMC-oq3;Bdx){Bev3YH^r9=#8lizTdWc_-?s{ST1(_K;@FB#|
zXZX*fv`dlde;Wb+cd&b<0AO-TN{k)KBKp_=+v$@&Lkz<`UlKNt(p1N^$L;Yt);}Xc
zXCQl3fKKzz4ENx<03y)+W`nKXwdV_w;rG`kp8xa_rDdY|XED%TzHLuNgV@h==dBWw
zQj!S&vz=d|tp(?;GIDY`(}#H?zJ(GG%at7W=cvDMP(GBYS-<s(e|uE?XY2JVQKl?d
z^{+sNdan(*0DvhpW+n;||H3ixJ$E$X@W23^zrX*~TOLJU_j%#E4FrGP_pR-KWis-g
z=e_^X*WaJtv|z#d>NpBkD@jkkVAyK%-85HA?jXr%B4c~HPwbyEn>EurNmb>!b-MMq
z-FB>LPj8st$KLftd&?O^*C!kw+pkER^sOH`A$V&iI5}q-ds$o8wIM<g78af&iT3UG
zsEj<seI0tpXMR(*HBB-;@rkdRL55y%ydSR*E8^yjleW25xhiDwo$n4SP>*j|nhsAd
z^@ktcm=o@&Jk$iF_I4}M-x9}7miMz3O+jS~{Bo}p<Hd<brj`B9{NVC8@nzuSi|0$)
z=^MD}=4;<SFQUJ%FRw`>1?BaXP4Mb-hb6?QPAi}ERC2t}U}AFiH8ixEnVN>Wh_Yfs
zPL{7?*=qt%1}D$S7vIxAI(yDc%68v#i9KwxJ^S9tEHx1tTf!plNNDiXh_DT}$0F_3
zn~vdZH8-a@`Bjk)=4EAnJ`8Dkb+&sTpl_{HKdiQD3UNZmD;Rc`A>Y@xUS<?<wo+nh
z;;AqOqz7zw`@6W`G5(o+9p#cZ^Uli*O7V(QS<SW8u($VLr%_6W=2SV|+pXCaEab?V
zmz#KOOaK=~I&WMs*~QOKE($~#MpRjH(A&z&s;rh}`|J!aTiG<O&zbwkSh(DRUbLbg
zN7*|hp#%67Oy|xbI#m3L`7`uoXn2T{rXr{Qkc(tVU#4A*WZUPwQCUsor9=<$HuDAV
z;Kt%{T|rYzYI<5-2C;2h&y*{^K5ckNimIYn8Uk^*$QRv<oR4&aTs47e@$aI~8dO#q
z2RdJ#xSS8kBegvz4ne!@llY8bZc6SIp+S4>h<yx16t_(|b>#^$Lsm<$b+v5l3VNDQ
zX*pNE>F!F2U7oXridAq&gHOMwS1~=+w&L=;nt7yH#bJnfc$~TlQ`RJ?%{lbPx2O@Y
zt!$ky*X!L?3nRmnvttcLeLogB<7jKzgQsPqSYe~^qIY%?w~0Cetco(3DsxcFErV53
zt5~Z=CxOr1h6e8STQrFpE96K@db|jEP1%M<jf=~5Z>~zY#tAbcw>?iyN$W9ru7JsK
zU9sZex?R}|J>BbV*Q_&UFc%K){j+bkNyQ6DgO^<DJT~Mrd*P(m`rr_vGuSqdp&<(+
zV+MBNu$r<Gte7@pOgZp%%Gk(aJrl?Tv7Yj&fi)kK%QBSGPr2|$v1rLj+-l6y)8d?%
z<%y=P@&l)sb=NF<xNoB6o99dA5GZK5P|8k|t{2s4#9m}xuE}YQD>P!Ug1DWSPPtiP
zv1qWM{Bc*Mp=lddgB0)a?wS?}DLsjopSUH8T5(L;rAoNk?J<heM~F(k^1khhZqNOZ
zVrTk`{=u<fy@$(1=PXM@a`V1l4t>lp9+TPQj#!*m^u)c^mm-&+Ce~g%K(uXR%nX@C
zDCDsjh4K4vs-CE*xbjloq#1;EB4vC+%Z++gu;9ht*ZlsHRvgE1fnDL!3gSJAY>d5y
zD9Q`{A!-yibY`)VN2$<!>bDc)-sObF_O|^eyRzgYvJciF8jXST{#dkPFDJYm%^nHB
z2OZpEK!1>a6i!yps<xbj1?MjiKPUG?luvD#V;k=A$PL@gCG55BorHe!NWyVNWs;19
zbIhWe+1_J9xxeOo^c*N$s=uIW>^d8{M)OGfiOov5`E1gnZp!;c-#OC-nZ%!g;XCBQ
zWV?JCvGyx^)|D8!IvO6~uc3Y<3Qf*_nv84~91y}O!)4%Q+Memzm1p0RUbU$p+}dj=
zX<;5}jzc$@#dnUB^=yuVeBeB{Wk<w`ZJzP1BUm#<{S-1i;>r=|1DZR!o+7YdPdyQc
zog+;j1IcRTyB=;!0H_?Z^UB-(CXHhFjh&7<GNtW#%&L0HmrGbV<g}_ro@MZe)GXUY
zj(jcYCY*tq#O3cLS3q2Sr>?~wEuN^Dm@*<7sCLN6Jrzr1;4`L{s@L87R8{xUTFK}L
z-^#k<jacrO)z_YcWt7RIaF*j;FVN#+*I+un!hj!;skD<@_wJC%?%~b3rc6<(E$^~q
z-uO-CNz1e@CEt;@u1-=bIG=aK>?y4xcB!k~PTD$C4eZkvJw{iy+`RbmO4I+(0SX1c
z^Vw7@=HE!H{dN#Q*n7Ph*ES<+d^fx1irg)gr(#IwYqb*=Pwu}nIjSpJt+e_Xk70|N
zo%~8=4^Oz9A`&v-#g>k_+@3i(&IS4{*sscqquRvBrX4y0j42`@S*D+AB!_Ff<`<LG
z1#idNR=h6|Pp@-KarPZ&zq*;^$JT6rV`FGGBUe7%k76%@9z2OhO4^<<`CtS)z4kn!
z_P{l(t&x}?-p2D27jnUx%ksOs+ct9Y=I4{%TAma*w!Q-qt|5)UKZ})Ai8TB2jt3)T
zOHX~cR`z=bYsM-9$3J-3N751cIe|3^j^P>Zk!RI3<_Nf{HC(<eK}>DY*<*!i+%7Rk
z%};3ynZvs|=<MYoBvzNe(xC4{48G!Lo!crMcyZ*uWn;fpAt`mzxp3gsA6{=f^qE{k
z@j1(BT#emsXQwN6Hu)8G39^?~JFlS9HQ$Vc2t#rhttM~Q#F1;nh`q!K7BjKwyD;U#
zF$LF(h-Z?PMfYpC66~PO&98PP%2Zn5gyzr>ZZ^Z;SXfeX_lFMw(*}%q2i{JR{w>u5
zLt~pKr&d91+=tpj_2STEvC)zRbcs1B`%^)k&@WeAmA(u6Hu2@dWmf;6^ZlzqHqNF;
z#p@jGShFOAWpxa6jPBin1{GcY;YIu#3mJ0HOjU>L9xA-0zT&l(w8{ZEWZlM|j1!sL
zecgOliO7O;DsxEtwwNJW|D6pPi8%)ul09Rxtc7?BRfk91i0t7`Mx(^>&xElhVzoZ1
zi!Z-Ptk=nwg8ENl`{#eFxVHe4YsN{h!y?;^vX#Vkj_6ts@bgOQqF2H^R!k9!EX#MV
zH+ij&&Ye8$>9H$R6&&^$^W`58yjFV-jSCw!l?FD;G;P-1Bl_iuoHi%inCnk>+;mG!
z%*2*6onANes##bT>$l&z6S^Bf(>XZ3T7DU}rtEMD1Hd9zogcWb*q;2gnVMemNNsz9
zc+AZC%RLesKhi_kppoJS7ko0Z&(P!6_)AB)#Kt$i+2aon%3O5vfCTtR@LYUbL2)DC
znMmgZrir^PVnVw!8-8HAV{FLWl97@>pJs+SwNLc4lD3qc99FV+y|UVRsG5D3#T3NM
zvwbmPbZ>OINoi_eAb`++kn-ld_@lPu_`r^ZAeAl&H)8JU%7{SUL#iky!Me1V8T)6`
zQ41HbYvWbSeWH56^3bAlQ;$esC1)<`abAMC`<KPon)s108{~|3xx&7`EkR%8GAXl~
zUy+|0PB$mU{Jqs3z!{Don=kq8_D}a`%B(!a%?LwSa2wN;19(XTdFU`yc1OCG1v2na
zmT*qabBYWY&eoe_w5I~p>^a6f#h%t2HU~h=(=3BSgS%s~?guhh<U!n&oXx3WCuIZz
z9#NFZEG<$*#*C>zRqdX!lhG3%k2EA2Z1jypDQS6pj&Z=QmMS37{MPYgPB*9yV+IQ(
z?k2{~;{@@TVs9J6IrLraxoq<q92p_Kn*i#$gd4I(OsRm90op8sBTI6xH+W)&Na2Fr
zB`L&i`zDp9*7T|<+GH#&Ytvn`t-1BiCY3(>XoS4yj{<4qpFVWjK&~QN*V%ogA@}xk
zts1mgRFY7GT#459zL<s&+_e~}Jj&OanX=VS#P8(g&WcQUiMj4GINAn=S1SpTmiWf|
zL+~m{x3+#B1LGTo>kD#F7&(3Emp%^1kG<Hp7#R4Yzgm21v4}|2PQlcaVQ_UH+*L_o
z5%ecrfD}wtUllLmdjeq4GHRn@628l@!0aUgmqv#-HnM6p)02{tR`1_dTjOL>vF$&6
zjBk7_blBG<npcC}#%KxZoBLjFtIt?M@1(?htElf9F+=IwYWk&%#CUKqAs|=#Q!k1Z
zP_GJ>L)?6BUwz{877bxFEwA?us0^?8`g#u=gi82F>}+?qQyawtvd6!fp;z?$toYbl
zZU08bJV$}r_Kdiz9+7n&6Pw^1ZkP*Srbd#C4PI^S$)8@+8m*>e@Q&;3>4T;&+7%t?
zB1>avm5CDyid=zxyLaWaurkosLbr1L1P|}{>He|CaQ^dSGc_EFTFx~>O#AyVt*U^D
zA79t1-_6;sji-kq1bBF$$F?S!g10W>O9q-A(>k$dOMk0=ht#xD=!7@ujHMXQ)^cFi
zFzN_uxbR*oq7?}XalLGWzu1Mhz4+cN*y-^L5V~lD3&-g$gvI6}7*-A1@Hs>T1)00t
zA{o!tRU3gQnZQ?*+7v+TB!3~mU^J}%%(;Hx&@%Y%2AmP`Ok>kyHAww^+i89P%)q63
zFe(P%S7a(iwsgbf6id&;sAQ49e@LYKw-NoZt~7rguIgCIw?lqqG(bbjew*-tOAX}t
z&lcCnu+FY)SY$h~>ZYvHBl21VF77F)bCS-{<DNeI`ISv*h3^sq5ynmG8k23Jl~=4e
zeAL!D*C8HR{v6L8bKt<noXqfj(@;b_kmT-)l-HFml80MDKO;crtKia9zDSYxZy9ZQ
z=YD6kyddJ(CyWE^ANNaajV)9Ql_W&riv8}=UmL~Bw;Z21$^BihBeFSI_Dt3Jg;#qA
zY#krVmBUi6uX$Uf<yvX<2K#Yw9%O4fdZ72RlGRr4_OP+P2QAA1k6yXg>NPgo>~@&*
z7mu>A7~}|LvZAELAK)V+NZ7g4-gS7`vDQyro)9AVnNWW4heuJ|KHinw%g2LR&WK`K
zC$cyF7QLBW^sLfTfXz5@n>2#?nUMciPoG%sRdhD=QzfX*ppI;k<>E}i$Q$~5;$3T-
zw`Q`gr1YTS)-zv-j0~AAh<A-2WW(){_{h=%cj?eAFp&9k<I@}r^#zh#_SPXB#%Vq!
z@5+Lr!bp<omohQ`HH$1tKD6~HOlocNqLrAiNV@hHi+3+Qs9)z%wyw%p#LxM=?DSZ3
zU($5)#n4cPrs8SxTonoHlf@a9o2qD#Q0zZ<8ls5=6<@mCeQP+v)g3R<Bsd94r2c&{
zK>4h~e-F#B>1vH}IOx=h`C5eeg?UVOe{0jFYxe!rBUbS(i5rldVM#x_jTVhafX$Ky
z8|^F3-=WcdpoU|RNnKc0)B~+vQdkFfj8B6;<YZ0|-T$jdA2}*EmW+hUhlb3C%himV
z0bbJ{I_=I@N;X9%8sL(^FFhVF#Am#JFZV4#s5CKlZqC<0HtJTc!xchIW?9h+7;M$J
zo{5*-3pB2?uUfbBy<Yv2*1D(Y^n%W``ASMZl(o4lJ!TWSjo*MHh0oJi%Z(0v#>3Of
ztfC~1`l>BAt>=|eIUykzCt$eWY~uYPwo%|B1H}hrp^7YZ_(6T4mK<Kx-~(Bto{|$Q
zz}}tf_->`whArpCG{QMGvFX@oR#7=Ec!(_`CS{rQiHk*mCQ%pRIhw*Iuf9BH;M-?O
zY4&N0lHtSf$@=CVr~N^=7x^m(7x}E)MV!YBs}Jq2n**afn6~nL-Lq&Nv*yL^?u6L;
zKkR1OH$2^F?Ltk?>Mia&XGYsq1XhgPmDhD7!wPA>Q)%*^;22IVboPB^YV`8>?(9xx
zwrt8e7nx)R6KSGHu4OhdOunRTtwDGyd>!g6^YV<5$iYBn;K@Yz6!O@83>O}@*?FId
zTg(+Uq&_w^YVPrnlW}9n-`HP~|7eId+3EDbSY7GvPi7{+Cgrd`xQ02HX&RG{;m=}X
zRdC9F8E>OoSkXHU_KdRp>n%5(^!ObC!X0yGltL6UXA9r=>SK0&i=v{SS&}1Zdh~o3
z5+}*`7-DU06(Co$WbDI9Fjt>{z?eyI>EZ6yrp+Ej!1n2;Urj27A^7g%!j;83K?EaF
z?Pn*qr1qxV2VvtuFGd;NvoAaCRuNwty6#A9<W;s}D?^$Kw2M@o)J)RNuEvR)8krW{
zc+;DkmHbrONA#10r-u^>v@!ZP2qjrt@p3QkKbX{mYymGl6eW5?$JVCxzz6U3BOH96
z!JKabt*X>Q#KZ~@jobHSG~kBBi$_OXLpypA+NH4)LAq`Gvsk?BZ`()O+<)lN4o|xt
zSw_7X>#HfpA~$;CTfN?*t?{wGA^hH6Y2(lt7U-E&7HtJx2BZNeKT*);)aM4qBM3!3
z^g5Ssk(muMF6Wqjq8r;gTrTVx^45f=J6~!%GGpKO?`VXeADn}wzCr^g!!cu15a{fh
zVDm+v30c(nra|qcVg1AY5O|~n6e5eJ*zso5;!h92?VX(fs8Fc?%P}Q4Ckn+PFMZs+
zl5&dt@8yP`lP0OjOI1$K0Ok9<%*Z9e_T{RC6Xn^N75>ncT$Cs249MHF4LO4~6El%O
z=n?*ar0Vy`W&geHNEN~{^1tex@j>MEv{&66+~D?N0hWa%d6ld*GF-B2{*K{Sz7|S5
ztNh{v#!W#G?eL!s%})BR)-(y7j!1VBHJHqd&S6>6wQz1iT`h)HRVwQ<<Efm)IsCy^
z6Vgq5W_e}?Rc+<Vo7?Z4oPJT?$mEdMH?W%$3i*VmVm~V_hoLBg*b_+-sXbnw(SVDR
zoDb!N_4O&A+cQXacUUf8DVD70vs~QGd>@3*uy?l(cKR1#)1RLm)A)|J6z}PFWRHcb
z_evaMDV*}l{fnbv_WDcU<uxQnhZA+y+EK+DB<OWpM*KW{F*idn=VqMQ&f(^z@r$`)
z{ihDK(Gvi<?FC6B6mk>y*JLeI``h0UcE!4-smE<7evljABz&khC*9tl-j<l;lcG=G
zQ(61k+|Sza$_<4L&DMccsfiuI>ybcQA|i9QuG<BRIl~S}%=`j7qysBVp^_iQd>xZM
zV@Xyg0A1DKonlp04|!n>W`m!0y#0aIP`4^pUy7>beV~Zbff%;&EG#^H<lg<M7JEe)
zIjx&O%AHx*9E!Kc8~pJE##|oE)?w~9X8MSt03azDo!Qe_stiuy=x~n?Pzql)6<B4j
zcDgXUIAKtIP(;NQ*hLml=<|_PXECtQpJwgsj53yml7?H<<u`$<!8gS!$DXlNd86kq
zp=Ygm`Ik6y)t{)3c$gw@97#tre<qpakmPDMS|MGcWs~-nL{pURD?U*IsXzf`3qr>|
znCsg8MU9Qf>Y`Y(NTvZiz!>*C+}KQziPT-t&GcUHDgpz8d(QMN#Lj@A%&h>V^>J@;
zZ+8?*Gat}&+xxCeR8X|mkn($glKP3Fc(G*)OWe7^J~SdHy(nJq(`Ohoe0*Uit1ptn
z4UTtfWPbj_1N>^8cLF{;ZH_<j&F43AMsiB*1NOsJO-l8oY)k^m<f`t6y$3kGGE>df
zwzsNMZYSXp%@EGleRurZBN19+9dDx02=Qf2Y=|LB(;97$q;1>Nd!}wrZ&p>;R`>{0
zNtIe<&JnPK8!jEYbH&?nyk|dnn0iXEM+sJ=!cx6ZxnSul4P6NwX%HB-3J?A)NE&$1
z0@;LTPISdQbcpX@%Vd(nW(cHuD8BnQ_i2BE5v|<T2ru&);pI&6<E4td>e>$Y{J4dU
zDWal7;7C<W+FOxx@+y4>$cVJx5+ii8U^=LU8c;`Di>YhlaaBxw-#bX@enb#kz3(5_
z+qv46UMVk%9XVL0AS(j!QdwB+zMu%?097Te@?yeD%4*g1NYxHId$BRRXIhO0pB=W8
z>KX4ZF;umu6+Tfo{dtC0?^y2b0y2s8^`M=ci%VQ7S@CFVWZ;cG-|Qzn9%88F{_1b2
zcD#=G?z}4HJu8{ky4vXljtDvAt@DI2TLt2tP<QHYimEK3kLfjA4L@+lyE5dj=TBMs
zVnA^pfv@AUku}2>uG_3wdV4E%N}m07E)5-9XLY<=D)jdvXIov@>8$qpIV9a7;qnH8
zTGYeU<BmXS%CV4Oi^C~nD4N1`kvlu!pF=>9He~@??cYJkwBT(EmWWT2W(zkNS4V9t
zA=sV~C(K-xl=&G$!-iy1c#mFF^QFx&<}L-BRwl$)@{vx<8oW?thdVimMoJ!#t3nC2
zsye43JRvF%4zD3Wk+Eji&4TqJo)`^obke!q5?U#;6_)5PG5}W?K2h8dsG*qlC+)$*
z6E>=8pH#g<cdsuTT?<x>2~QTPOJU((8ZGPQk&q4{<0TL3q2xOIBRj)eM7|^~r?=@t
zEAagHqJ(^EXT7?xH2El}jMJlhU-TG`$d}dG_6=($6jMu!D27X3&O{822r3yq*;S1p
z{(ArCIlqpZ+|tuWdnmt}q7|q&8o^fV(a5=hjW>LYfsKoEw!1bOOZ)q_zjHNlp*CCx
zsu)jD-E8!FKu5zCHhJca*{376eo|fH&TzKc7kh4l#^yvYy-DEXJ;N2{@v?cg`p16S
zijGFJq@S~@dmBjk_TaZ(3uH<iRf@UIGdE_nE{;EIZLBWKLR~hG^)=w5=79Y$RX=rA
zp26u$hA>BvT~ipGutZ#aN3dzy&$yJ0rS=5eJlhT7wt63VEik2>AT6PR33Sh>vfjQf
zJF*B(Sq9F#L<cN*KwWd9bIqjBv(_Fni?Vmao=$hCyPh}rv|^Ud927Mp!~4fZlf=o`
z`>0mS!Hn{?RaC0ssU<9-0pYCt?b2bHp|!642i3E?v;IQbx)D=TTqCK?{+!KX(Z0Fw
zb1mckSo1hM_MwSh^A2UQ$5#F5%zWJ$nHqh<t@6%cq(P(*{h)r<Faaruu!ZnmN^y^D
z2df5f4L2!F{v5OE<z4GqGG*$a=j<7!fpu_pG2g9nBER;`Yi0A4*>;0eD>5?-8}HDL
zTlZL0Db$&hZAMS3AZau;ICFJ=|BlIfQc$w>&Z&v$7$tt%xMbMBYx;x_6zE<dtq3a`
z6|Wt>X!N)Ae1C6|t&zIs@bq+Rsw)4vaGTd^{RVRTs=5_#XQE?~ceNy!mTsCx?ISb3
z%*{?KZ*thIQ?5JE)ytGnU1)!J>N(o9{lw{(i&mp|RHC2SG%}pFEtosYG`ZNdW`d#<
z2cfdGGW4(s8|ogubhtCW`voqoxsjGQA<uBVb+Vlo+7VRT;ls(Hcjsyk{Z{{VW_tZ5
zY4p2O9MvH!Z?mkyk562%f09|Pn_^RGSAmuw6~UrNzkFPv%iXO+$9|pZIsBR{l9R75
zFCp46rLBdr5XtWCEVK1Ak9g){^aw)n7Y6j{JErH&w_Wk&oyV7c6pc|&JwAG&Q_6j@
zQRV9dDzS`sV-5z}c<c~G&!{&SILHADR$%}-4?`?JI50HrGiCRl^Zm7Gj6dJ+bvN*@
zPC?{+GPIb=-;d?<wDRHKOmEl_#ptx!B7V)w(%!j3rE;+cwXU@X{5hFPgWAxMuW%tw
z_)Uo@xKH#3(wbVR{2-4=J&5aVu9|)J*??0TfNwEFUE*#4XLbCnTH^F4vnR*A8yQ4)
zLy9_eZE|_B%RSglN#XK$i+SSq0bXZQwYW>W$B#ZCHVAXYl!_}Jhd77Zo;u^ia$iO`
z!o`K6@?%l*3Fc>}WpFa1?39NmzT$f+J6>;zTXf&nk8?`POT*JSBqH}Tn(?l&=k*nx
z)4ky3@uveQGHsJ2FziGPbOTXLg7|fSY+-UN-}&&geaQgo?hL%%DmFu2l*#j#$=pYX
z+$WLYs;zj1PSWVr8^9GW>i~hbZ{fcr!G>xrmbf<dq$8Kwb3{Xh?he0GgR!>q79?zy
zS-^2;J$Bp!HMe?J<ryNoM<cI?JZoRY^WAuzPLX}m#|JeCX;y*2mxAOG6E1kKA>3&k
zCKQg!Z_K|JX3|?v53^4Vzb@YrW>*~&_Pg&poCpDYUMd!oQA5=&h$*hF7TdT|pDG?L
z%El;E4tt+_HEo8agvqsk*lKgE){k?#Q6_>->sC1Hz@<JMHv0$p->ko8$kCrrgTfEr
zjOd_l)tG;7Z#Ahg9f|8rz$%Mk`l0TZ_1BNE6chvifP>T3H&#ow`Lp_~OIVs-FODoH
zcM3{cM0pf<qj{pO(VxGlMj1KoM)&n!U*vl#ngSlWNz+Ze6pNl0+|8rbV6l_14}Jy9
z1T{49R1cWy_!jTF8WK+OpWRanD^Rvxfc0e$!Duqvqu8m5Pl4i&FY07>`tC+4p7PR{
zikS3o5z+_fc+IscJLTesd%sk$-QBl12sT%vevOG^!(X^;Xv3P1@t@??)Q2eq`-*?9
z3XMMRUu-AN@O_cTU6x~m7!D0d^!ps%nWVM7DA24r#C~?D-$XjKKg)hL#~xcLPiJCa
z(Bu~Qo%I<TSYb;-qZkq!9O`_xX2fU_JpxuCM^!z5S<+uO{<ReNS^S7mvn<X|KS19A
zb+;{+)wcnlzyG$ezGB=oeI2(F*4qdifJ0E;KHKZ;Ggd!1r4}WJ7<ZRTjbLGz`4Fkg
z({HY~vQMoFNZf>{dvJ22H8@a(Y&vQCq-#`m1XYa{nvhaDx;l$zUv&zjb-uQ&hSjrH
z@@fPXs=w>Zrfz*P=Je@6YEy$~vooNZb$^OH!_G=*+CJF$9ScT?h#2dsSnI5LRg~MK
ztp&Ju4eLT-BV2JHj(7<yu#yD{CHSppQae!TEU*TQzdZJpWkor(rI6^*>zvtiR<Vf#
ztFZDb@6oJMtuxsd4wRYA?8cUs*f?NJIU1kr=aNgOdl>Tujicqq$=4f6v82Rk^PVPd
z)EYB{bUd17+>cq)*1$>ckL$i}yIZT`F+f}&Jt>_iSZjv1f;wKJx+jh_Aa8){^Jj?B
z3tWVre1&OD%(aJ3ydpu1R%d|**IK>D;g*WY*!l);%E)OUie?h(kL#EZ*J1#?@C>Te
zcN~$lU4y-;Y~m%!)d$HqnSbr{9<}MWPB!|Q)0`1q*8cWlRgCh7_gRTSX76&5PdAk3
z=t8?sm+c*0Tzfk^--{|>nxA!K-`N5j-#h8-{tAG7+`_==E!$5=ylFGAO!|Orj{EB5
z-ugm3;5!rO)(G~I7IJWP{r+u$2%Cef#68a7z;~?K0^6^~j>#}1=eEb}18;icrCU;{
z^;2|H)5c-`H%g&EFqi{e^QE}85}Qb!A_tqEoPH!yz-PPX`5HWvIV5Q7W#3sNIOuW|
zF7~K(EUD78og20fsvvA@1F`JwJ|4m8s4&IVhbcFI|AO6t6Pg)rz;2PxT(d0Bl5J?R
z1F$w$@dy;DGLod`CyaO=WC?tdZz<+!L1##`zkr7$|3Tj0y{qjO$8VMgK{}q1N(1P^
z!J%|Z?}g|jcMT`N%!xLkrs(z@G-CPB_Pk*5z+E{|FtQ>hH^3SWyFr>EUz-jg4mSxk
z9*a=tfFA9Fn_sYdMbzGTki7wcbWHc<)fZ@7HTBjO=Mc<zSY~}T5Quqa(-KqQbmMW*
zg?B|KM7vhxadrOZ{Vprw(Zs8LI2)95F*3ZckQ8^oFloVdeRngVqb_f3oEr|4l9KV_
zd!j4ud?bbS>Q$56nv#~t;%hJmAu<!-va$Qd^)t}cuk+W&Zzh9cZ94eR0Zq&HT7@Q|
zj(pD}KJew^TQu!f+-WmD&4T%2>sO4a_oxX%I9?Wjgp1cxo*i)TK`Q^tQchftg^T}|
z9h$i?zLZ4KBp3B8^-=?S*CD1qgxn2+yYq#|VpSt4fZxyZ_nPL{KpB|DXXGV5{OP~i
z<RpUjYVeAfd?mxWZ+N>#pYOV6Zfry_U~h)_!yZEtyuv8m>gYvVrCpn9`rvqB>yNXP
zITV&y91N*F_E0I<gpZxV9S^o1uRra+e4!U7j6=N+l{BB|O_)2?rH}MH#sgt?RR?jd
z(B;k(Dg59%BJA&HBVhN!f#ru;#ggKI!7Jpe&O}95Db$=buG?H}u$UXN&`WmV81N|!
zv8wZH=My_XQY^utOrUPW_e}D{LI(4AJkf)vHqmGqg3hn2d=)x1-G8L==hI%>$tjlB
zeiw=Hrkj!09x$t6tSx^E`sJUCAJz@Ov+<$N4S7)pYgUa&ac7#u#Oxfgg{y4;iPkFp
z{nlR!FW=Y+`;6RfX`CSG?ar7llcXVaFm6to&Hly>8ht+=ueq(<9U`2*R~S2>+$?<`
zipOj2W;$C&ss>l7i_zyUtKb*gdQn<0*Eb6{N}lMm8P1G5m_J;@<WBqR0@Upl7fOsM
zKYTKVjj-JspzNenH~fMj6k}6?t|X;paZ})4JPs$dQPdi2R)Vz2nbgog7L?1AqW{u~
z%ABmPMijpEUe508&MDi`6WNN!mvWK`iy4KI^hsSB{~GQve>}UBcMWCaUlwVv0?~)W
zaJ^t%br8=dZPXN}Ayd)l2|$1U^oGYW<&OE(bs}Ql{Eg?#H1ztDL!3qN5}%LrZDeb9
z`rVEv@@tXY@;>E600EI7?i#ivslbxx{=?lUJ>k>f?_!B`Hm1&=x`UfLR&eVmjL08;
zgJARh=;v=zv4sPgR{*dITUhZ*gy(Cfwc|?{U2yF<S*|K#`8-)1KeU?1A72T}1A{r^
zIBnyiXKzsO`ioRcENX*)&!C2P159ofc0YdHt^SppOMk|&Ty%<m058go>`7<xdTaiC
zrTyq|9o*5S`CHV_WkR4hM~7$1)*Dfdt%7}`hG0Q@uStne<Xod)ALbz)K%nOGOvdHv
zf+FBD$yk5Q9WS20Ch}4lcDBmb2ZDn%gQ2=S6EGP8fGFE@;b)9HXGx;sDKZryT{fz$
zkIOO4>SDqwlLMa%nwawa5{g)H(Gw`r7Es7RLNtwncGir9*}&|PNoB#ueUSs-#hKUI
zmTx+;Q}5tpIYkpoBA=tVEWYOh^Z9gouB>c$h66Jg5yqGmPf<=5g_x$BRaUEi{`O+)
zi67olbB=crl>&~k|Kln+3r!TB_&(#KVS#I2Zbzi#U~n*eUxZ)0H^rwoo&vXD`wF^G
zml<gNL6-1g{%|#mG7ah9ulXc~1E_57H$M>-d50RDOlioQN<U0@BOK-oV|B;_spSbe
zt74hK=rT!bi&-v<IrJ=L;Qa+uH6{7cbN`FDfZDHJJy@GKQ|K4o%}>9Mw6Vew+zG6_
zyuYpP;d?F%Vp`)jNzF5T&kO%~W_$UqDDy`o+GL+vo@arp1#P~?%1p)wInNG}oJbY=
zL4L2_md@k=?ASxhokU8%Tv9TJtMyi2L8m^&car!&V5blL?I2mh#8+MiEvPCCe?LC#
zeB5IENrz4(-3Th`CnYixy49$C;OKsOdEMSL1@fXMUI>Q@MvZUd?BGxPU3r(C!-jTR
zphu@;yv2;hHf0@;p)bo}JTWY|b#h=l#=lIS7c&sXa4NF$KhU<xi%3>cE?aNQqc98~
zOQ(E<`$%*pncf49&mS`;%)OzkyRMp5N0Hu<P>U869fYC{7rJ?HsaN<-=7n1{t{f>t
z`YtffS<q;~e#>3pjR};s?r{SVcu73-1X35O40@oI>DN06@>(*Ky4DJ8N^e{z6Y5!<
z(UnvP9y`id&xFlAQQ{Q3TF~X)1P%GvuO-Z7_ui08R!92q@lG@<Yi-A_h(J=83bz#z
z8{P24nPv;?ctR~!KldWuun5aQGS2G!j`MBf^SEz(pA|bw_jn#p;{^ITXs|17Z$!l3
zGh{XT#W)cf$C)QAD)`SS4+%IDW0WD4S5v9?ULxjY(xb4s=oGSt)RrA6iUe$KbKdH>
zUs^z1&L*@tymXFb7UW_ICHG0s^B**g2m*Hellua$D}U_9HN^54WUZL;kJVXf5f(a|
zDvIxoB>T!fA8zg%J9Rx0>G^&00Qnah@^wN&&TE#He75l5^-JG0eUx6X$vhwP`Fw1`
zT!3qxGk56erPy)G%ex-jXEC4vjr`2n?|Mq+4}C_Wi*wdf1;N--uME@fA!j=k49MU0
zHgf0NHqfWKhovqh{|{wv8P-Ph?f<r=Kq=PZP6c-e5S-#gi@UqKYq8?)ZpGc91eX+d
zw<5vaC6Jr;{LVT57gwG;Z!%9ZvuDptX0J7Cul4yt%15djpj#jHxjC7>WpJHnPnlFV
zX&aDL);@KT$oc*RqYG5~^*F9qDt0&*K)s(oc8Eq(=K8+g-b0G=#O5Cs!<ou+E)?0g
z<a|%RO?94sZQPjpF30B3?DF!0|CQ6uNT;iuSFT*KNJz@8Q;#Y1Qh0ozP&lD0W8fMk
z!MVof@tpV7rP?4Z9w$9ns?|iyyQ;&g_L1b8jbh-*a@f&Mu>p)ZLh!-CBWrZGY3oy@
z@PuIHAtf=q;k0Qoa~6Vkdi>P#kJkdANU#xBe9)TxPfw5~i}|LFJ|D{zqLa}aQP1V|
zLQD=F);ji_mK;)Gw^v@wiznKy5PbN$J`21CAg~r`0osd-(s~xLIdIYc4c;`s?D><N
z{#Yir(~i@#=52q5gZnujX75Jq>)8+8z(i)>j!1yn-=BLj|9xK0gP4n)x~)024*hh$
z{{Hsyef5$4zjowO|8^DLUfFH`{)UOuvxmXIWBxsKH8#8lHki!N1%iJYQM3GQ^D^oW
zbRpG5W8w*}ni=q)E_UmKbSF%D9iW1Lg=8xM>yI6$yRC#6(=2=dr?CmbgNBVCX?f^M
z3Bp80KT0>)(E(1IeXfR0Td78&w5F!gcz{$2AH8D-kYY}Q?DDNG^)Xb?>M4auXX$Z@
z%0x%drnRxNWut$?J{P(gF=!0eEBWu`0hNgozoDtAqvgNrgFj|d{?F?Fto+~92mjUT
zxf8dru@NhtR?yLrRZ*E$lUE$7g$JRAY9;<j_gvtfdA2t+Hcn1WeY$?7re%eSRE*z9
zn$B~O)-<5kgm-q{fA1~8M>ejet~g{S&wZjtGQ=TlW5b9P_%dZUc=`DGt&|k^+z_i;
zbh{%)hbX)%0p5|~=`hX8XQISJp#nplpBV-zpvcw(h44u~Iy;HS@R0L)zKYN*ER~aj
z*~|Wp*5>77JqO7}YfcgjWU1Kue0Cyqssxnt-8_=Vq9Uq}Y<P10S9gp00!85D0N6=A
zvcyH)8+s4dDpgWb3+Xo$y5G6&r^YDmJ^I3YdFnco@tj_)Tr+i($0vt*#(LS5(%`wi
z+ksH5jXKl}9@2SnKC2)cfu)<sjNMT(G$eJuKa~^bc&o{ctVjN@_v)w%%})$eUFE;V
zdrYLiPEIB@2Zt&hrU~3K;(<6qn%8)v$`-*nffrHL7dFT9Aq#1HMpqo<3APWZ?!6Hg
zTwBpG`)-N5QhpNXJf~Y<;!mAmM_<#vL{x7Vr;i7TQg*3V&M}jaz%^3jsV2yWck|j;
zha-k|FE^jkkxe1PA0Q-u>%y7M-7ShJc%xDmxTFq8zM%FyP^WVGAZ@f#rqX>*<M-oK
zBgcy+am$%Ga!h||HYr;q>yhw>goDY3Q+ij{1e}yFxcm*yOvN8R<4A}n5J?)8-R&!8
z1-`Ta=n>gv5UWYk>!r>MNvU#hHiy7UR`Wj5<^PD8-f^9tI)Hd+I^(|9Z3$Rf8_Aho
z#Ug)H^d^zHcKDOm35}6j&-z48F0ikpyG(Yv<=O#1J7bwNsPFq@41fxUY=hUGx3{h~
zC-F)0&2Brw!O~m!LPJMaRMGINvN35qzr9~b!+`9b5_drpM59?Liz6^rSObbqjz*1r
zxcKBqjz4AW=-uSNNOX`<K@%Cpp{%OxU6os+SSn8iA}{nN>x?|hXBws0-!M8l*(Eni
zkPBQ~98w#cQ0^@N&$@%KbUR-EyNfNYZBG1vVmY(H9*sypBaW92ge2O4EZ-+xld&a{
z#BB*StAnotW0~NGs9^$bZ=T)W;lW?O((X^Q`$a+$MK0Bwo+)fVUqD0;?N<oCfIFX&
z7XrW(YFONx#u#R41>tvAK*3E^E9PRqbt9ZPcEQK^yjXx4z#}=NCD&~MIx$l0gzc_R
zUT=C*JUBU2A5{4%FtAv-w)yPdozYlaySPRQT<mm7Bao@pjDXVOo1LWvj8`|=ZPm2?
zxz68zE<NAk`S1b%^R#_S!%B;L_^_KWx6d}$t>SR$82VQ4R!XbS)+cf@^e;vhkc2zF
z${C!WPWubUnHWP73h{Un%FZ}??YklPdga+Axmw!oo`IQ5yHCoq;yq9A$W)i^>C!kF
zjg3|R(Fo2>V$Td2L4%pJTPR=Y3#yvphqZRu{8ryPH^woj*TfoTB<%b!FOta_*{CsG
zVI1wt(Ht2%R{Polit?z(+$<6injuTJhQ{LQemLfcOsfr^2X~A>doj;9wwA6s_$E9`
zya~pLMUYu;u04!r+2h;|NEK9cmn?hTy)He{{gIKIurFKU<iu*#78@-ATMsv;vvKdz
zm$i+9atwce|0t8w8Mu@#v*Qc{J|CP)*z<A*R36%Gz5FDgJ>1&IV_s_bSlgDEXjXHc
zWpU-zh<{3s(kBLpOF>v@bfG?+vor2%;ho{&`ueLT&c_VF-a}y`e-v_7$UYOCmdRTa
z(t+^Ex*t_&T)YBF%7GuE3Fb`(<SvZ{jc6et0iIV!xA!s=;Tike{s<sWXR6Pgmm<Cb
zh5#|ysLaKNL?MwMET*%%QaWT;VhRi=%OM>F1NDOJ_#wTLo863&q<pE(t~x*GAX|qc
z%a&A3cW?2TGq-w@mS-%l`;d_0%ddsJKIh$@D5+|64e~E@yB?rXf6M$>Tk}3dLu3Jh
zs@>upr&K(ipjnYux%m5uSFIIp1z#ErD)086bw@Lj@VN$SrliQZXV6AsZe4{XWD2;&
zHAumJ9UnI|H^yfW{4Ok!XlQ6sNGIy<ciQFl+rT>Kz9!vT@0ert?Gs5q80PZ$g9a&b
z%`8)tBkB06xQ8y6jqy{wvWNm0b8w)EWk>e8eddLFs~_aUc_BJ`lHlgh{iQaSUt9>K
zrnmEtm&k~ipSfDy$ajU`^7>tfwSganf8gs#@@%}{peXFeCP@$>{;u>*bH(R^=$Izm
zh4N<+MO;Qs&#@M;6&Gi0Yf5}cvyxBB`-{0bjll-%w#vTwt&g_&4E(Y9F;T-JEb{3$
zZF%pZMFHLI$GG=WdNi~e{VhvN6DpAR*tp{A>NKq9gzB2hEbNJ~vARXjObi!UGK0L2
zK@#Hc@yWkQnG$j)gm1TqDq<Ohy;0MRDD2*Rh<L+XG{h5M=ghV2okLI*K@ObSzL^Ym
zWQZWPU~jrmxUuBWXe9!DZ>sTM=zA+nmWUlEKN={*QG|yn9BN1K5iaO*^8p)-VYbAJ
z>T$d3mUh2noP5eBF6+W4jmKErLAs=(Fyd>)R7-~$KGbJavEq=3Y}Rx!r$ud1EOHPW
z%&=yE)c=+_TWSF0o7T{R4C1yXaYzyu#*6+?%NC;Gm)Vnqj7UMEId*4Y#qD;(KX5u!
zxH)6&=>kK%=j13bwWVzB5k@A@lPCf>I((=~rn<o(7u|c3cFy6;*#psyG3N|s%1X4j
z-M{+`22cEmCf)LkwU}ddxcK19`Wa0G>afP!5Yl`3c)7D<ymTaMO$>}a_BT1Y%?WX!
zuQmWCv3lNU;*IBw|E@ih=gmtf=L~-tSYRG0FtCS0U(&e5UGD-wW)^jXoP9M7nh9hK
z@$ZBo8pK$I^7AGLjy-<gOK98UHs&yCOghr83oDo}E2)w;?rqANQBA2c93t09S02fK
zpTK>Y8-S<t=`cC-!}i>Jq?>&SUs*;kHFV><U-I7GKHOGLTn$E;4jM6G5f~KpW%1?I
z%&{|j{yT<p+8x3MVlRsYps^L2qz84z7^I*tk|wO+W^#&haS4k7o3Ym+2}HhuffBaz
z>gl~<fnKdyvHefd5?_Cpb=g{q-b<=GNKz&x?R(#KOAa;QSvnfNiTPHDYtMn}c=MZ<
zNT%`+CpNiz#!&!Ud_eRgIA+^m!3Be?eUbHfqdgPDyX(H*&D;{9f-Znr_rvA|_s!{Q
zf4^2Um(L!{c}%!Fjz@NRUhTG7p`-0Oo^YKK*Tcs9DlxM-T&E--i7`dU#f5?jW|iZ!
zE!nrmPWO%e!%zI20Y57=wFkt75dupc-Om?iMMKth3<?Q@+i%`)#BFS=ZDSK*eccO`
zm?@hvrj)>T2L@!Wc(XknYY7?PaB%Ix$9wNLLK~Pgw9M4>l!;w??9PoIuaOWFVv{8t
zggAw|<F+9wu>_=|>MNh6q*24(wn`}KeqKuV4*1N*S~lEDY@e|mN%HoB?EQP^gf`aJ
z)N7ZZ6_EJelkwZPmtmdcqVArEWa~gaP(#~7BWE;>ojPrg=$4wP-q(VzI9%HqvNbaH
z+EtL{Od-b3<YGvUvd<G`F=0%Q(f4=XmPe#uyhx6ULnN<uz}&IWn{#xyl<A(L9E;fw
z+U8IhTrXqCLGd;46;`c<p+<{2p=DP=xZxbMRdlv7k4BcO=fZ}XCX9C|<8nUtI^dK3
zD#_Zi2PQM~J3HJ0U49V{5nhw`<Sfvve(Q9OfW476v~0c*C14Lqn_DzL@2Pw&$#}BG
zmU`{Zr`;+N)4_DoqZYi#+9+y}sBT7YxF}#kd}8@?i~G%+`Zeza;*H7IIlSH7TIZtc
zZQVbEEoc;ln^;cTS2NpuqPH$pYh0!sgl!A$E9do3h=t+^-IHmRj25_kXe}D?zHF`U
z)S?mdq?ZEL!DAA=((Hjh#FYr0g8=wdd7)gc0Z#aap=h2dDq$G%5*N$sqZ_);Xl|$4
zkgHNuZ65CcX`s?~RSY}6{@EAkOJx*z3_5b#PjBWrCKE^{2W3dyv(u?R&Mq%WX?KNy
zR?N6r&ug{$-QrPGde6?UAr=nu>5s8mYD|s~BivKr^sSDYShRFqT4Vd=^Rx`3kgHaj
zbp98nw%P(x%C2})_7hEkRRVEN-5-P2Kx27IYGH3$!N(cEFv&5h;}h-+`Udp_wpN!z
zDu1`nlEdf_Wqlf(7ul|nJfF!v?5-(Py{6tm)XWm!Jkj2K$YQb86C4bVwePXzBNdzw
zoV)&RK1S9SJ%moCgpd-WLvb}_F}C`(3w0qvnA?f!U4n>&qchk0_j%d^ZmExHaYur#
zq4YwxZ%{gVqn7h<i21#hEk;ye0+773d%gw>fNsm#=F~hko^wLzwsyGVbSpkiS73#v
zy=5p$o5(@J*=EHk1s~PRgn3yhVJ^Z(TYLK9*YOHQFN48C!e3b|G`JISc4On?g{3Y;
z%C1~TWTO&s@#JGOWEHjF2(j+(H6{fiBV&_h$jIrwyr*<outAD9g5#L{z7+XoW<uE*
zZt&8}E?e-k<!n@6Hycgad%obC!5P3NNDGwI8*V3VE}h_2C@FV(gXSli0ltmGU>?X<
zM6&+6F=|6=-7<N`Ua^R#-LBCWR1o|ZvU!@WEG)J9Jt4@8a)e8>D{MmQ=JczvU4C55
zP+NlRxQ<5y{f3Dj5&~xObhm`G1%Ic{=d@5ue7Mzl2UlY{tT0|B2B>#zyw)HLv(Dy@
zSp{QR0I6Bsh6rx7V<ePFx*Ha!QL1f36rg`Z)-;@AP0c=Dntd}Je11Xpn#6c&dr{l>
z=Wg(3rLlYt_O?m`4ezjjsmT4V-^0sN70MB!&O|4JeLj#|D&nr4VG|+O!`%3NZ@!aq
zO5xcf?1@n>2xp@pA*Cil$(>pXwZY!S)9+-Zv)d|S_Z^fbq((=p#akeLrsVL7*qNYx
zHma8WhaXIEeN$QaBQ1W>`8VcH@zQSTz8hZ|ZO^2D9xl~u;?e8|Pfkp)j21)wAx_Lp
z`yX}TbOP!uVY0gk7S{niD%e8RLUGD#&#{3L;~NMkC%nH0>nDTY52`;ecJ2Np0hd0(
zOB8O3HG%FnUPBZC`=Bi|vKO`j>TW@(FX`Uq%S{~@q8slN)mhF|Yk1y%Je45_-wfB{
z6lEGc1U&^I>J*)x(f-`svETTET*0f^HJ?^ml!$6(r=+1Ica;So!SwlESWt{2SDpLk
znL~ijH#`60RrJZiz!QjQsLqhf^9~EQ5HXX_6W4{_yzInjbB<r}6xr#@`Gd+e$7>zX
z7j0ci3nA(^;ll%yYtd}?s#N|(MI;!<f<meqq-nR+j@%3w__j>PykAA5F@jZe2IAmZ
zHjHJIH#_e!bkM0-`C^UC0-#%J*v|W(;w*xLG8ZId#92KC{k`p36UzeJ<ubWsZC&_L
zfaCVZt_)&?ZY>G1vL+UsW*9kn`FZj5)G<!f0x{{J$IMo&FG{>RiK4oHwzITx)^701
z3YbCa8~yX*J{CmHwuo4GWO6N?!U48UKpw)RrZD6Ux3A?*`7FslvGB4&^Je7~wF&k)
z<m^inUdeTIv^#yN`+R!A!W#mGqHS(%g?Yt(2_6s~ETH(*^C>h!nqs4y|J7-+fdhxp
zgmOX}k%YTDjhjdTZH0N4DV#!<C9G`B^)YXQZ>U;SMe943ZW&uo3vo{HGV-6o4!+>r
z-$&FNl%YHYq`|+~a{kzPyIX9``8!kTR)JHsg~m-vOEQwCEjK1YF!wunlIl|&2^$3B
z{4`Rfqza>Ew78+Z7Ffv4+jS1oY%ngMzes5gnXcz4ZMUUW_eOPmg`+PwF!;_Bxc&kD
zg18}OQ03i+Obo2EUFEqU`xQI{K_C&$S_dyZrO=eoZH%-6_~yLiOTrCXaL!&Z%Rka2
z%4TrZ`EHrYA@cVOqYf0C-JZK2Tr<*uetlByX#OFEY>pb3cKyILAgeBH+<_tn2f0?Q
zNf)iIb(JO%dz9Gh(vr6hf?HGV5SPC4)+HHI;{;n9T`V}r=r)8YI`JM4@HNTg^sF|}
zo$a;S+fonCG993j)i|tkEWNC53`(#9v(9y{H64~pVFF!q3e-)IbCOpjuqL^>6!1nb
zdgmuvg(maIx1OfO_Q=H?VZNUPKJb1@Z~1B10I3~Gt%;9h!&lMx7)dU;rZ+rjSCc?Y
zC~GbJenMQ-m?X>tZ)x`aD3dGh9DB`R^gzs75a+u}LT~2&79r4<v-{lTd(7Ek$kRBO
z)vsGf*|lSh&vnYEx7GFf?L0zH3FndmZn6E=gNyA7NK)OJjV>zuvAY>MZfAczgzi{|
z&NZsJc`Deqf}yJO@m8tc;(ST+Evl%-tz4gob_eH-ipFd0PO+#0Tpkatk`a%t!r_!w
zU+TnoB;Gr;l^BmNt^FZATTKasq$7>Qz*Z;f*bJds_Wg{nVQ=!Cyn(t`E*`J7Tl*jx
zZXVheFF-gH!H(AlDz=ECQ!}qHbT~e~e2#U7P=%#I?p`>_ayHwpoSiDYC>67OE+`71
z*sMR4cjvEEHlgT{-zZ$Q_{hQVJt$w?+u3{;|GhhPVkU?W>tvnsW9R$g-hl$-_bX9S
zqU(m#tei9J>!S4{BHp6!;!y5WZCugP4Fg^Ue7%jiRnUz|`~97lLV#`nQm2$gK79Ne
zN4YRf6ihXt-!xsZvXAoi)4dP_iUVt+xeR+V*Y8MF>K!4X*+#J-QR7@X$(@}_c{*Zr
z_3P`O;MZ8*g821Vx>d*uR(oj79_x2!n--S2j}Nagz=yTCiRTyTujK^lrnB`1hljC4
z%PoWqDrmOmrKc61In8gPDKNnM3htw_GTs3HC)ykm-A|Y%XUD*;)K1R0r1DLV>nJX~
z)sp_Bi@)TcXUs?8H|I&g_z?=@l^GvP7;LjGKk_rghHj(PO<}zOkp^9aTz0!9b}~u|
zpIT5eQ~o%dKZ(`R4ir-o-^<c^9TJ2^U?1^Fd%uv;?wvS3FC`>}^U^IKEcDH17M4`r
z=2yR&=sydvB`ynn6cu0D8e26Vvf{w`$^YTQhtQG|dsv;@V5xjTnd-?;<Ef>cd@kN>
zUblcZD6PZCU0+W61qKXDsILaHVuDh@&yaeH+cR`@X5G41mv<W@k5FHQSAN<=<9<1h
z-_<Zv41ATvPH{0yZ~0KpD>d<|e}DLtm->-c$-U(KdwzSA&naac@IIkedLe`mYT!g>
z5rb~LeLzdY5y)2ckH)A+`BzG)8XVX=8#ynHZ!^l2d4jj3sa2B}xhIR4$wbZ6?5C02
z-bfg->fhFiezxJbFloh3z~HL64Du%VriF^pMrgv2vK)++Ny2#C(8O-UNj$lC#g%lf
zkZjX$3z+^nYv{yfaqC~)j+;`B7?Kyh9g@awjz$ng=a?Xj;-fCq1`b@_zY_G^7$jhF
zqyKxVw!C)M5oY~a;s-9aQqZIXjlOX;!B4cHSl@E&7M;D<eCBT>?(-aXDcb{TwGtNI
z=e-0q5GqGz!dTsOZQY(07rrCl{#U%$j1sQge&MoR2ZUFCh}wVUircttA;l37UOUIX
zg?X?h&rMm`vejPO?#-AQT?eSEh9o*ZD^kHaJ_PeOJEk>Xy%fA)&XBi-oVR;>f{4LI
zTK5d<DP8N|qD<`K{i`-86V`19^GM0N+mt*!)M)?3;=Buk-sKk+AvG_L&g+y9%NY6a
zySQANk79Ux^RokiN;*2DFm%rPq$@-E6HapH3n8DvXbGuY2VP09pF7)up81z(+dG7l
zi~L{c`(rpV!z&?6pGmo6t`mth?`hfwguP1<$#Y9t;?!;b2DO7ys^K&t__PANU|zR6
zr8-$Yy4CUM+LIsNmw)WcJ2XKpOKWS<N>zHH9eM^@NGd&8m-`<b^Iyaq&0ByRu2x?#
zNt3rpPX|$_2WxZR{P)iPI7LAzb^`x}?EL?NasJ!<pH9}_2L6wgukQB;aH-9|zyCi(
z?*Hu?d-f0O1>f+0sG{%?=l#F^{*Uke7clxi$kG2d(&+g$Ix{09<HGR`H6_HJ>&%@G
z1Q((C+r!wi__#PB85y*&urN5w1S*!|i1rCyoKZgezgt}FO@96h!m(^LXHW0kn>xJa
z^M$4k42bJ~`LC1w>Rwt=A({pPa&SC}rN|Y31_E!zF#f|k{hftxvRO523CkbWXMuxB
zZ}We^rz!sHI=~^Jx$}ofFD`2ffdniBS9?jjIiL}6M^&WN*?j%eP^wOu(G#=$keA@<
zGqbLE!TJBR3O{6dxf0dMco0h9U}Q&L{Lel6o`S8CNn%zP9i)OmQ6mq++tc9l65-&<
zh5PjP^^($_ntXASwd{8}#7U4Ss)lO_g=oloviFki?p*KVCV!glPM1s?ak|-p&1hkD
z4?LfGggs)@!^VtNA3E*RMoppM<R3qf{*P0xt_B;k(Y`E_UL@hXAX_muTvyuzc)tQ0
zN;xczkXC1maAh(rfyjmoPcJ;H)fR}8Vz6E?sPZzop{}`p_FD7GnA|drt*+H)C1hRB
zWQT~=|7ld)Uu`BA2|+KgtJb|b;teW%tX3*!HDXO;Nn_;FVOp`pcg?sSyy0?Kuu07Z
zb*@4NY#B^u1Aq&lQyN)LYSY5?4N;BpeP?~v3>H_WQ{{(ME>cbzsx82yRjoP=4UM}{
z?|%rj@cEFzUsybeFD@HK@Qwz=ZAo=S$8~-7XT4sa0<(m7oek<2C+6@SPP#BSPZ#>*
zeA-f3a)HQ(ZymTQjMp*smj`4?_`D-2?M98EKl^daE7eD-7&xhydS2so2!yiMyT!(5
z%R!&sG<9%<+xj3m-r2rYO^J92V2?gp8Tf&&)#}NN+b$-(*Kd^Bh9}eB9bHu$RE{k8
zf$RAtz5w5!(-@&sdxM!|Z2O%L#B+8VU6aFnRa5%Sixcy>PFoAUelVnHU9>!LBc-O|
zVF9g5Rk(P!-u8b#J3;u6sz5A#o?*krd?vrX&5!LKMvpI>I{CBnrtvOodP0@-dhgKz
z`>Sp&M&NJy&;^C7L&5J`VTH<kXd6*+K6`@JXw`5D$=HtwX)Gp$!92vA5rpNv!Bs5&
zZhGWhKY`;0HWo$wdX$oC1QP|s<>SGMsu!^kBQTro=Ald)U))CEfCCd>@MSsGq|=C2
z->y}O46pR5tq2#cdqQvmHN4Ex!5IS`oIGl{5G(Y2oc_C}gWtnvQ1#+KY7sVPEgnNO
zK4YOoz-s=w+$~eW#))=$rgdD3#w+fBZ=W(9?ogjj>*a)oYg=GuZ2Q$7XRP$(zVX_s
zaLh?>D?yy3j|!HO=gpre(v(T{3W^nItWfpMj<GgIUJCF+Dn>zDvaGL&cC-B+n*d<J
z+K+?`*Hvt*Clqn`gsMmWyALR5V87t7a6FSdaH%<dQo%zmH*=o^|5GMoj<0{@gsb{K
zbdHpu<4e936wgsZa^m2L+G~fW8(X}Wyia4u;QG-|{7o_2BWqIR;qvAI+nm%DYs}{6
zmi#lc$95o!phv45Ga;U=e+VUTkAJb#w)K7U*1j(<2?i9b{@+8IUdEYWtwHl#Eo?OG
z%E#p$V3+AnmPhqu=Qm6$yY{aq1vKI=r{k@m?CJgoi7cjQN8Pmx3@2Gya<?z7Xexml
z-9!865ouh$-QbWE#A4Rg%$7{Kx7gnRB@%9Pndn<5{{2^{g5M<*1^^}p>^mbFqbsx2
zzx^`D4jlMXYrQD};uyQf9LVy^LmKR^IMSRsRKTMbpT#3Lp2`vLmbAGt@z6|>5#4TB
zT+Q{wqlpG*Xq8eq+&HJ#HNk;Ln%Ybue~ruEajt`DL#$HOsCil8RivU+*Mza&ZsYqv
z!p9|sIh&QPA1<foHzV(_2-#!)Ab*rOU5;8@9#dG%{j@XXi*$Q3T6)L#soJ{GE9Rwk
z<Y-YTT_EIg0ARX_6&@v*=}L^@hB^>WfhSA$dr#vuAw5gl@eX$fB#?N*54Pv6irv1X
zzuWpg-|{X~#zF{h{@c-J*Q~nC0F^DdcL-U#ZXvj<76h+2h-nK#G!n0MpQfd&uVypV
z*IUzY%S<n#5*GB%V6C6ScDDu=h@%<pXTKPdjtFh>O}rK4k}VwypT2kQ%#z!UAo&jr
zJN9g9X6EOLi~Os|PLhTO?l%iNm?*1{wT}Zvpkqe&B~l7x^8CkBzwx?)+m?1WCLd2w
z&jc$r;jG^WAJ5xudv9)ZZWIv5Pr-Jt&Y=>?guUfzU;(&OI&Ls{*Z{n^5?;#X4+LLt
z7pAmLw|lw$ayjh&Zm_lBeT7A*g}QWMyq3ljogFB_>H)R)yd@qv4|Ueg=B)e7%(fTP
znYUiDxKiyhVM%Yi7VAHv=kZ1<!XKL$pDkC7TpWW~_*A#u-3)ATz@c)a$(^(2gM6`M
zwY9&ztCD=m8*!n_6jBGL130$Q(9(J+{O@B3pSvE?L8k1Yfw*e8XP(EVF1VLnb7npZ
z6b}dI<)!zPyxFWPV<9}03<XK(%hR9?VoHX#eKW|)PBx{+<=zi^y}n_4<r7a%6`z{w
zKei)E2;Oium<Glt6No4~qp`BGiaw@D57Q1<+jT>f*VcoZ>SE8l+**C8Q(I=NM>z4}
z>Z1`w*&(&>`zUt|9e>#`x$uR1ebH2X&*_GWp@e{G)PsTsk`}eb;*eEM&sbeZw{(9;
zI7SL{e~%eoGQDW-%2Ok_XjYhbE-fvsH}k&(Xr*d|<Gc_Gixf9>c4_Vhcv`N0d2#a8
ze$x>+eR4jvwiG#KYh`t-MhpjjKl@@b+TsuWVtnpsx@n@W_JGd*kR~js*S1}PK9P-2
zTiRLmAAA0iagr`)tGXZ~J#6FYQQ75mU((8n+|M7~I%l2_sK2~+g<Z}?A1gLV5{}QV
z1Wc_z{OoKk=#=IF0y|6oJL>^1gtEUc<*snTL-TTn`In}qro1nws-9lVKWFCMCL$^`
zUDDfj-I#vE`v~Up*>KHDaTF)lwkPH?xPs_^7HiIo3;IHQAczK}dzz4ACwcGP(b>24
z5e^Oiuch!czKH--I3%U&KYrK$Pj~A-G<Ur(PEG)LW<$Ybs3KC}hSmCsw{7$CJ>SK_
z@oUrlmiw=d`6<djlK)tfLS*Fx=yS$HMoqn5R%=;gjP87c!CL?0(Xq8wS653^s!q?$
z1St|l?fh-03O+x6P``k$3zlAXyc>M5_H7UdA@7`^ye_z2gj(xxt~TvrWmfKb@R4Dn
zqoWU9pS{v;o>F~AFRQHVKX#S=N2Twphvy3n84GzRQ=tu!5){I(X2;F(*zS<8MWZI1
z`9}R5bCP&+XhG!L!5SiXQu+te%gWv28zb{^B?QyUGSTz>^3?OR5r^N3&R8|43AUQ`
z!wfHzlsz0<H^g!N?|@?w7bf8sc8XS3<w5^-HS=V481PV~+#Ptb*7x9ErAQiu4@pK_
z)=Mu(4+}NI&LxG>@n*Hlh-xuO+TDYB-lvzQW~|sTINk@O;z?510eXjuL-&)1*F&oW
zD9k#4J?eZAh$N)<Jc=1Yyb90nNW1}0E^FPNl(FkBDs^|-mT&GZ)A1fWRf}jX4RIf~
zR!8bt|L%H3ahsQ+N`SjTRvU<&x`iXA02LJ#EM0-@zyG9-e%ofhghN1Zie06Q$o>7~
zc+(xi$XvA&yiXO&Yl^-%ggp_%5YO&vHQN8;`rq}P<;&n%b1nm06HyMGdWW0Ue&$21
zkEk<-p$Qv~i4Xhpxr{cD%%sbqY{lnmKoEZM^nHL{wc>xd`R8F9VrdNUM3HZFkZZFg
zy?RBeig8S4dZqi`F~#T3s6wdmGyrnSEaV|uO77N_<O{hT*BK(nI=%j+yzA=&b)~!B
zUCfRjZ>s3jT~it9tb$#gO)V^xXd{fb>soUj=4_>_tsSB=TxPl?J&)<1aoj`ccBTFq
z+H;k2PYWjxa~H3Ui`&B0$KalbenW*ar;D?OC-TQ9h&_Bz$*Gt&xgVdsNx{vSU7v4+
zNn6lk&xMDF@BT<xKc(4_AeOp2|FIdpbl31yUugohE$(!sQ903Tid?s5-0-rBXk&nZ
zZepOvIW~+CN|?H!pJ`fkN9ED!H(<)eqt5fwqUytu>%${VXCEfjBtc7AlX$kAWde15
zH1pCkA%AYE-)r3vYrQmVUKWI;@3*YkM8_}{XctTQbXa}U7(a2|aOF-qgiZ^hlKKzA
z%+HyvV0{qA9QJ64(SUOHGD!;wXQU@7Q6)x#SS#v&*F*9AQ44%5w9%RK`M4xrpzxpT
zP(!G#9c5|Qn}#%(X}8@Yf~px3!kiOw1m=+ov6yJS6Hs$kph7jR*GS`|iTSpSN35zM
z0586`-|Ul&Cg&Y+fNk|_Z6pHCYk948QeYJ}CWa<6@p$f`2=j)e76)%w#`SJd8<YOt
zS#;)g&GXoG8|KZB!-zYD`OQZw)HL_;uT?{%Tb@7<blVH!)t|WP>dtxbc9km0kJi`6
z*Zq+lR{6q*JG}`IsJ%|!6wIvr6r|QSkzh$?mEMZ4H69~amt_<fm1vRCy1WR(ow;43
z|2aQNghiYoIXL?eICwd)Ft#Yo`&Mu`3m>9+w{X~J+bkasi~Wp@=}3RUIwu&60-#l^
zwm<424L^`su*tbzQX-R8hVXyl<|mGt47gTGZsxTyUc=nlixYVr%-^+bFHj%ZYx{u;
zicvhK`*Y2>`{L)iq0>Yxac>%+7-iJ5%b=d`32I3f*5Q?=ld)#BUv}+nfAvW+4WfSR
ziWY@S(O)dTSfX;%IPCSry*yO#&tcl6|HHYE>H<nWwJkLnI!7`kuh?qKuuOFq3Mm~0
zr<6yb-V)u7HhD^s<}ib35)e%cZ)G${)U68AI6P?DA21Ep+N4u?Jt$UxT^r8blq;K8
zWUVjJ&2pz5Xnv!j8Uij273_Z-R<BKKpwL_IPRIV3SkBvdexga5kUl1vBdO6moJ!sd
z1s{hfa%LQJZxqU+Fh6gpeaBMvt!c_Fm~(09Y~#tfm&B95<Kxn?VQ=<OaM!V2ThZ(4
z1nuhC%FaKmEsZs?Rl!<e=j3bj#?HA&1*@aSyoKJdcIa-^Z9`}5DZh=It=TTy_zd-}
zAn7i7$}Zr>8$0|0D(-t{JmROV)i<L~93Ef%G{kzp?T}-uwfpS4no~7vk~a2GoaBMV
zrxHTQQtqsy3)4-xoO1Dcu4(_CQ~3>ixP{#-4QE#Fj>l)y7EcRHZF4_#Twy(lk9}s)
z3m&%E?18d6lRqKFwQ8<lEQ7V(ilV=)HP$RvYU{BkNuGivYV!!&uD7a{>iff|l?Rgx
zr#<$YJB{v+#Ej=O?9~~`TgPk~8q&CGd_ThBw1r>Iy65f%#_%kSZdon2<(pQRx{u`r
z#_>qx5d6WMXO`6hGP*T!m`xS>`ls1fUOwohvv@NaX71OsgF$^M8?MWOrsUZ{FtZ22
z`}&6?E7HdY$)_A;IMK9cI0dfW5@b&Ou_lh(uFOC$AH8ilaQbNHDFglLt|o4KK$YFZ
zv?<%p7}_nqldbH;I~`rz9u@nBL#x_~+f}E3p_fh-X>YReF1Ir4$e7fQ)JA_r0k^Fu
zYA@+|j+1TEd4zXr(vQ3U2Y7zqxJKOb#5#8qH3+|8vP5}zJFmc|$*9z?E3>p9t==8~
z$DHcQ4pkKhn4A()_30Co^N<rXK1#o<adX3WgNUn`fZaO>xg-P{V9~qf6xIClPxK0L
zx4IUnqf=I&HOXA6UxF>U<l7yY91eQTm|GJl_h+uOhtE?-njKWQwUT9rEgDh@-mpce
zl2H{aMyROt)E-MOdQhV1h*0j{SQ|VvSjc3t1tRSBmd+Be`Z+)5G$ozo9~~Blq(Ct5
zukrk1&qBgZEB7_mb(6p=T!8SN)K{JiZ+6{I&Ek#DUy@;DdyjNk$^Nv|Wc|g*exP&I
zrao5knaGl%a^;)VpHtQ3I^J%{sJ!59EYu&Sz<FD|%R@~1R;}sCvHgC1D~PH)dbQrX
zqJb@?Kx;DD@^Gu#ys&IRu&$Rh0k&CT_exJNJ*D?)J741Q)8Jzv$(U2Ft2;}}vIR@a
zf@^KOUY2>j{JM;5Rs@k2uVsYa$PABf+cWFuF?I!ObCJWVT+Ze{2yYz^p)V;gO>$ss
z<O8}fP5Hn5mQFDpJ-n^VD3MWD*ttP_q-2(j7)@lA`o=YcCd<)!bUVduL#<k?G7hb2
z9MrQo>6*XG92CqhbJ?1)l8QD%o{z~LC1n+jP<cX9s9<dKMwWy=zurb6FCE*yjXY-8
z(3GTSKRc9_3iY^w(t!WCEnf&oyYHhNj%!o9hNLw-rVy-^Q}cV?n64f4me^oaRk=s`
zS2O+*@_$*J7Y*0sOcU_<R6VNEH=D{(k^TvzQmcE36ii#8;&6KBnq29X6Sxdy^H3K=
ziY6H&K9q|~yZ?^BEAWA*@kPP0#rL{}V`Z}-fSKsGACV;D)dJY9SaE@)kS@!acP<`+
zfMU>C#wml@NkwU7MolbRK~$YYT!oJtQi56g;Dd=1oI+0Wc$&P~kikkc+Opz#Q|+7b
zj3Dkv*M!sF{beZ&Gqv6jTd3Kt&U(!K;f8c5vDD6qw>|Qq$GE9Fb^PvpE3M5Kz`8iA
zj!q~1&Bl0nQaW?3J{^AJKbLdmC_SpO868-G1dIf<Fc9UdSdA3%9URszsiOR{aEWj0
zoO(?KxEzq%hb3)XKeeeb>TlkmFlhS4Mj9qz>1W?(x;9;Vwg;s!r@(!vjXzIL*Py!U
zI1(4)EYOK+=A0@EuzpjXquRS<(>^HMLgL_VbWL12*|bTgd`m*>Fx9m+Y!OU+cl_u=
zGHfrOURJz*LzI|v#lXG(d%St(OfJ+v<ebRUrrKo9hM%6fY_F+2yZoLr;B%+CyFv$t
zO2@u373PqU*|K?^L1~1^$<?GxR$D+{g+!mkia~Fr+CIREnRODMfZO^-`(H$O&n=fX
zeY^@loW*zT?alGxz)V<gYU>6Gio)*RE%=0_Ge^Y46b<mu-Zuo8d~Kc8*Chu2U0t?2
zaO2@j%oT@w$XR=owSRT+Oa$Dj3vF-r7rfDu^Yq1@OGld<IT}yY`N;Q%M<$1iKdsY+
zJmj{@02+(3A~n)`b<{yqD5EZ@<bFSk=O?d`1$J9I)P&Vtux4!(=4pd3hE=TJ0QIlG
z_nMo`7Fx1Z3fQ-zc$E~5KnfQ3ceal`BgyOuE6|qJ<f3~+svFb1N>y<b@@6xuED`m1
zEn<{K%eDMnVI5YrFUcZ;2hAGP+h354Wmi+kl=E2_EF<@O4|nQF$woC6l+aDuQ%{QW
z>f21PvVVyn?pl@;@_#Qu{DnSaY&K!{?4^JdD*FsC|2JW&O2IdL;)}bTI$7gZ3Ug);
zFk6+EN(GrTL{dbdzbF47S`y31L^tKNxRr<I+}{G1cMAGVcY7~o8(uXu$fs5JLJ+h^
zty|^g61$NblvMNby3zk^7?^&ZW&A$AMLr)|wTSHA`c8RlozV|Eau4@X?3y9x)j5nH
z=hiXaC2?yEK<VW3*_0EF(~j(J(ld4oPQv(V)HF|zv;lT4Se4ay<~67F`fw4Xeh=u$
zx#59Mk)w6mX)00Uy{IT2O)|2%3T|;aq;mqJ8Qv|RRIIs0Y}X(_PuBHz_C{%B<d6r(
zZX3<RK((WO{NFx&fRfo^?hh_|Rp)W?{toLHx$|WPoR211>o#ZBetrPhUO0x+*Qs;c
zF|;Ggm~PFDj-+uV`vyL3Ky(Q)tR&vm@QkeR*C+V$|C+2{*EeO>8NdJD#>Z5ZSIU)s
zOm8;P4EwsKQI{OM{hD)}u&*nuezC;@`?46lU^fUCKKtQhb4lTOb<#WG09f$3q2N_z
zG*Dl!J>v7u%qllyv)?1Y5KF|m*^v5ibJ`0s$xv_W^0W4AAL`+dkhgGD=XOBDE@m`7
zU0WR?VhtjUaFZ`;He_|V2Nqu{z|E>0+^n80EqXUa>msWp?(sWYIyLAk^46p;xo4Ve
zn#TUHQt%ugtK7mQXU}Kjs6X~3?OdtsnSi5HZS=QKG%@Z{7K!D-oyXRHY6lTcOtGF0
z%}g`Yy&9u)Y^!$zy*yoY6wap}8)Z6YMZYwJ>*{>~Ir~oE%MdcATAp6+9M%2}v*w9}
zOjN6V)7|F{e=^`!#$7X%Uw^LPC-^?OCajPT^SC7&(P>LilE7d)z1~106A1hn$*wBn
znIxHEi$&Oylf7D$kf<ed7EK$e?HC}jNC-N&#Ka?Q30_3lxxiT?nN9!-yrJ3|Q~iam
zE+n4))=HMj$_&%=WbGYRPt0_)nVl)4#^}jv8@C^SCQ&0s!Q`34WB%&~_?wKM#&fKm
zwdWBgU8}d1%KSqygnPtSe*j!hcR@tpDI9@+#*_8BxP;afx=+|Veb}lx`|6l1ezTFl
zf2q#1C|FCLLZVFJ;_aGhJU}@J*pP2tqKZAYfYE{XDuTq_JC|l0n0NlAUaFsdx$Yi}
z+e)+i7~-R$Jr0P=E~Mg`6h+l9n`XH)#kS2YEeXgTR^-x{dd2QUvm!&E%T)4ndAW9^
zMKcET_joB}x!h6y=Du2Ohn00I{L}b4tTKsv$m@O`5JG;;_{Xy&7~JY2x?^F1OlNiN
z{3GiRF(TC2jWDJ{S6h{SdA!U4p)8-yx9LNmmz2Jh1w^QVh&tC!{(RWPL54@Grx96&
zB%-1y51j;w6xOl%5nN~UJ%-+(5PCh8X*L#9r_;F@KRiC?<LO>nT@C9yT(tyTuspmH
zX_KYkq>kdZLo?itbW^{3c!MOXE2Ay<vb;!6zpt<KNWjq_!D?r^T+0qaH=<|GaC7_7
zE_bDtkl&5oLzYQ%IlZ;k8>^aGQ=)M=VpLvQSom$y>@`7>WSeeGx4Ed&Wh$u>(xlUh
zDch72*Nv*)FLXU|O$SPY6yTZT_##De`b%u&`HsOmI2JRq4O}6_Tz|7Ef)j(#1TgLU
zdV`pv-|Q^&?1BWa&G<2LWgdO1J)Zgz!2^<HdqvDO-02rpa=|?HG;7iKvrK+huW)`i
zklPiAASQHWBJScBT(A+Qy$<E!M*_*pxRNp+kIw8AJ07keR;_c5&$$)f^{$9UugMy~
z1I3X9yX$Jy?vdOh<iPO$!*B8gUXc#H$ZSueF7Pz!zIDMMUF>x#zT#RZtsL4cIchj7
zj}jhZx=U|$ER7?#Dc_nhq9$G9BAxr1^K|{1uc7YJ8$l$Ry>2@*eI9fE{1KDL!V^o^
zx3M$Kv@6TZ5Za-M5p?+UbPe^6d0T+r6{x$_C2wg0Db@7-RiEuP4y-*12zQ|-=E9ol
zo3+Pnck{{n8>UD+VDp$D=II$Go|a&>ozn^`{+aO1l9hiUZmo*k$c?`bu*Z7Iis-(4
z{8Kcm=-aq}OlD{5Ed6|)!IS4)#gdGw3T{X<!=G8-tu%ni2W-{sqB>34v&U*y!$AkO
zi|MqbV&=B$A4Znvc|nOB(~qo9ZY+~8we~oTX$dJcGs~>!#t6G2bvD>7h(h1C{9Y1s
zQt-9pbm+0l4E-u%=g#JE_=`D*A7niO$x)+8xT?C28Lmsa?uyLkE69A7E+F))#cRXY
zrlL+^vUET=wy8|ySb{s84jj!6AIsuh9K^k8sy*Pv2t$qD13~Eu6k?ots_|jPS(cT7
zmPyzV<x!dOR7GM03JqR9>XnQH=r-<8He$lY+^}Cq?_qbw%Xs~J6Ff`iY;Cl5_M1Lf
zx=5?m`G_<!Wq;HT>lalP(AevNLqW(ivXz^>5r93HIx>idkX)4DPve54OT9|>k)SuI
z;m{FFUl3DDPSyBU8}S99&w9{>FH&WKW_#e+85`|Tz~)KRtBzY=*0ih*NMyKaqQlU=
z-#m^}DF~4g)Yo5P@zOH<;J&;Wu<x21$|#g%jaDf>i?Q^J3a-J>di3q^4ReZ!^j$gS
z;&>)GB=hNUCvzN2m#1^lZ-=K=owsK=*0vy&xvYq0pQzXKHve0W09txoV#|^9S~jbH
zcL8;s`Mp<#R$Cm0bczEN4OzRw=q&%`{#-l0k>2uGhk}<88ska*TWQd$3m`L-HC{sJ
zc;ux1&r2V4By2I1UBU-TJtQ>3Zn#DrA;0y9rw6p{z%H&&Rh5vW=ix#6`Kg^od)Grp
z-He*hJLKC`)<3v6qWFI-&*k6OMT8ki)B#IgXDoj2HW$~58+|6FU-UW=;4}kpM)>~*
zSnZ!X`pF^k<<eYM2qwx<ve(9!RRBOMJ`BzIWYe2g#h)l62cPsdzNllV0VB=s>gs2#
zNLm=8GFO_z;F*uNCsVi;S%5%;-lVhmzT_kT0k<nZt~fECEQS*}<~k&03rC#Hbo1;P
z#A(B1HCJIYUDU{+)s}HLVmY!CBZ#kAsR}oevT!3gAuu;>XNCTR33Oy!mb()n{p>n-
zu^dQOcQGQfs@)4(rfQ&rlQ3p3+uEbdN51t8cTj16zpM>&@UmKjb@f5oqM+Vdq#+4M
zd_xnL2OXNGx=KzIHU4_mc7JTsBEZ4ot~!<!G_vDaCE}jm{=CdX#&T&4GzrL%+WN}r
z43@byiTjKcAl^y$!d&$7exD_4!8~Ef$gi$)1l?Utd5kJkVzHQ>)QMe6&TN!Vois5S
z)UNfmPn6D#wu)mX28J*)XTL&0WV?RD2Ex{Q6Rgj8<kZEWOj0Fe7WW;gfD>wm#~HaF
z&|3WER|&0tX25D^@@{`8p_O*WSjj-oi=B>lC+iFShfbUccP*I}XY`Q=H^^%OL_!I2
zX#}o|_=Sl+-oEY{$vvHww;}!z4XD!m=4pyC8(=OnpQSK7hglZVwtOiG^vWv?j;*mo
z6JX)sV0AGg+EsMnT4A~&lZG_!63I8-ec9k-wUi+HEIdN9*-Jm@_KFF${2QMkBuUD-
z(k5taun@N4SfML#jAxEA!XDVO+!Iib2#s+AC^Q}0JuSOduAtv>Ir8SvB9}S5DAMG3
zvg1Qx9#nyP>fm`rB$<sKb*M!2BMZ0zh7qh5Rp%l<F&F>v^Q{|)d3j(M<pkj;%n7;2
z1qUe-Pl~C=6EDADZjLstc`&7A{9+OnT^omola!>%DaL647yG0?&9Oat!>pkKoxgqC
zqP+N)adZWvQvBGTGbMu2%rflgu96^_lCDe({&K$I$M}2a%dhs&pdg&{PJBTx-$bXI
za@j?A)X&Am#aZ`Mr`m(mwA?@OD<vqBimjL=MYcb$vEIE=!VPXSMYSanLhzyujz*e8
zhlfA&a)-(eH@(YIkyPFL_&_I^lL?IQ7YVr>t0LZGpc?B0WGg6{I(+0w*c@T;ThNf5
z2t;!p!bj31MH0bI;T+kX&4Vlao{<0%Y#ktd$TGyMIg+PG)K@p}A39dDDyggE+y&o3
zB7#_}8L4>z$;|`T2EU0<odhZ4K3naunE$3p<YiV(Aj?_{mDT!PgowR=e(=sU6aCNg
zlRDFh*1$0T4<}Z>z^O>=t0Vqo9dg|b1@Sit5A7o>jb35jE@GN}SgWrH`i~POp3m6)
z73jwl=k)vM5{JVPu?cu=Nf8@4f_z(M$aM$o`KkiS+wiB0-2_#S_#+%cO8ia*7&QDM
zA2MHvW0DUnFWbfH#Y&t7V=gq@auw2{Qu)mLIq{HF{u3nB3v(qaJ|O65gU1Z3gi3`%
zh{I^ywj9{&pN$y>{W_x^$Y;*uVdua{qTl6?`9Uc;erFV*?R0|nwjak~oSIP>7&)c8
z_*zzX*G-x~$Q2UuEqdpS4Yq1E6FdFyj~^S+c;|vHMs4lYKl8hKKc5-05KNe}k0;NC
z=2897P!b31X7RJ9Mww^u=uTT+D;sAO-*!oAx2H^>>!AWT-@Ewo_dZ;kPW*YkBH~Ny
zZLXg@WLU7;^6-KSk42}-8hbL@Dk1pu7PC2@zrQ%FC?OAFbA#%8-je?=Uwx>x9!8uo
zMQuc^eSUs+K4ksA5h%gtZLYUN8k+lyA`M85S$uk?5J}7tS?e@^R-+gtSN*u)qi|DO
zQE`Ob8_~TsAjm9z^Ue23$i#vQR&%8w!FXs6JI+Tl?Ms)(p;EgjFD!+QH{QRVag*5`
zM>MYctQ!?mTqbR`*UA(Kt7FJG8^FV9B!obXO?U!(8EAy<AS@8!m#Ub~bykfs%SqjO
zHovLAu43H131!-jddEnXJF0Kkg9m$L_N}vt01)6*6b4uEQ2_!^_RJB&<LU1q=`yZ(
z90-*aYgzqMZxCP#LUJ5%tGf;ZPg#qLsk@77@$O@CjDvE7jQ&JzQJQP*_gL3lJeP_u
zeebEDdtO)Z$W)6DtB$HfPS7AOFUl&G3MWeSDSAhmTRnfazCO0C|BJLgDOUIyEDQlT
z^Go=h`avNBGO&ATFI#u`yb-xq6v3!x{O2*&J;-E`8LmMM&m^8Go6pgg2U*Q8&K)R5
z9ysNuG5M!oU@l8-m`Z9{pMczv&EmHvo5aMl^A;^FHb_1XQ5yqK!iu&>2KqTC&g8Yp
zv0YEjUiT_;E8)UstOc`#7Ic1H4GJQub@s#@uI3Ivk@9o|tMy!1?D@*qk*(it&-T;p
zya)rb`d4=fAWjR`Br3o;@P^G$-_G-vw5Nd<n}BbJ<7S1i$8g3)`_dGU6tk%gG{b54
zyvYsmizM?ws)6diXw(Fh#dEEtO~lx)df8w3l4*2H5CBT>pO7(f=gU7Yczq<4R$@$<
zk2ZjZFmUDxYc)AullsKuAv~~|Zc>P&?@PeNN!9)6u&s=k@CDR|M=YEcepyjZi$|MI
zmSM6sEQGZ>e&2X{U@@<OwOo@Abbm)Sm!)bLs)YrWRaGUQT|ltmb7i1ZnNj7rMVd;t
z{ARB`W4A{6Qdjv>D=`}z2?(=W1b)QydXvZ5%MMj$9>31Q#fbdX<Gj2<$<m?V?n&<C
z7(6vz6*_9%GE*5j=C>)G)q_)V87VN{jY7%5wGxR+g~w$cG#+%>^s)K$i414<vh)dy
zD{~H6ngrI2{_vu_^zeAL0~JpaIlzz=QUsxiPSV9_S$C*v8p8ociHj%uGn>}Y^R8vt
zkaTHTRli}q5!(Sga7LhVt(>SfnL9TzGZU(5*Js>hz-C@rR+5`v7f)4yTRs_DXQRgl
z`gxYn_{>tX{ob#cqM#tzwTb+E755zayh`I+%f2YsJ-%I?^79<V7!A3NIC(^nB!X?)
z!3;Eb=$UX>Y?T6FjiS%vhOmc->HEd_N1DUu<xPsju$$%->a!5UNvN|1kzX@SwjPs|
z!CLJrJTe)`Zp7vtG0fAikv)o>{*W<zqnMuTBFiKU>Z*X#sR8}&r<>lr?rNI>JNILh
z%N>6ZRm~YKJRL%Y-mIGYcJgK0Rm*I;p%&aj*kGK@!+#`(PcM04H@<F?Jbv{bqHB4l
z7wqBD*A&r5aP$uT^X>k^uEg^>0D4L|PL3x|zdWJwe17tH%NWhtHl^;u6QK~1=wftN
z*?Ic-?DIS?TguQGJKnGw1|8@;v4cJdYR4bx0mJnkz_1LHeW-I7tmPhj-#z90>>)|Q
z%;@*~EsV#`PHG!J0_#4567&985!S)<O>qoaP=jb!Pf(M4Z0NFhSB#dj>z>@NLm(li
zN*a8N*c%~UE>-}@wKVT3ng72Sd#k9n+O}=?c`8tfI}|JK?q1y8-Jw8$;sh-Pio1J}
z;1=8|9=y1Ff=dbRE8qKmYmK$_k3U;;Co^;28RMSwx~}6qPo_n2y2`;<L)_SxX1Cl=
z6RIpoyz?-Sw(i3)mr-3d?;JnRui0ba7w#=tR&-DF(TAlI+qnuPZ3l#(K;n=ruP<!!
zmu_1c?*W?Or+Frr^IN1Yf+oXQSr_%Z$8;xYJFo@cr?MKRqWT()YB;gBBgft2$*5gL
zLDWnXQ`VKxToxS<Qc-=^%MsD0r8k2a(;syc2?cvb9VUE&Z1e_+@X4=(zjQo1<3|cv
zqE&U24D5+{n+#99V3QF9A*!*4b_W7th9PjlB5+Am#VFHUER!}9Oeut}CZIKVv2=V-
z^Ta9&mz~oK@;S|=D`L`O(59upxvZ$M@rO_<Qp0?(Y9*lbzYNje`@U$dOh*TYhtQ+W
z*~0s!#m3Q4*~>&R8v}$@<=~Hk<5snyX{KJ}>-;>&j+jbiQWaZnIxV>j2hB>vteBo7
zW5U+PZ4vg&V+g~%QX%WfJ}2GZRazcKxW~lB{e|!H5<guRdIb6SlsrA#Kg~-9-BYCQ
z2UT7%PCbLFcG-g-DPQ;3X<m-jwO=aSb4tfVPmQh;_k#@CbquD=7!_ZKV>jDW_m52!
zfhxeM*LCpAEUewRAt<M2m+|~Ih=7JUz$ES1|8?>@zkJfOqkB^>KDb9yeCE}o%kH+)
z{WUqCoIl93=CQ@3#R&K^{=)qH+AJp3b_qv}#oK;5I69`9|BYN!*ymkoQhU5=*Li$=
zIwqO09haqEp{JB6dWJMr-5=~rhNzYfoB#2Qs}}K!dme9}>MWJDKjzFD&xlcb6S{Z!
zcn~YgVw;TfGjDCs$16X@Go^z=HyT8pV&C4q(B?AQe1J}t&s!v+mb^!uuN7M|#;Gah
ztynfAx~y6~t!Oi<!dL4PqJT@s5x9m&P`fGPUrx|av)k$!DvXNgAo{5){D-O#OA95m
z;VRWEPjLx&txe_1J94irm8{kj?O;{R*UW!1omwTZp~$B&O{2T)pFdQiTYr7kULiD7
zE3dukn(Zz=Re2nZ%hntfd|Y1f2z+=#6zt8Zjyud<-8vPMH-y!3Q@;sYUxd@|0gr3o
zHM`{vw%zhiIz;2Dq`GfYVX&0+dCTTDFp(#Zn8_J8h4+8(gaLO2pL?WqE{gzXpZikK
z$dkFwr&q^dxBabS?f?0u!z`XaI09*qExO04;Vd5-8j9;Epi6eU#j7q+IDC|}V*FS3
zze92`4PxdhXp?lI!baPfl9m?e;B%i28u1SrlzLfR9YMUE3mpY@UrM%s)(u?fFOzRI
z?-!d8x*P`whZL9Vp5kNWih_b|>Qi>HI2`l;g3vp}*Vos%n^{awHt>sB7Mngp0|NyF
zIYTkLv8I|&mg(;eObX)4fdmCGk5E`X&EMbkHG`hbo=#tzK1Wj2$lI<J4Ey7Btk)p0
zPornTJHu4Xa_!L`nNeWUe|V;d8e_I}uJUtuhYu~pLo5(?WwhJ#r8?vsw>wR*-KE6w
z?rcW-#m1E?sD&f32grY@K+AMp*bM6W6EvAd1K&*@p-IWOe>d8uM>nY0^=q-MQCR7o
zzr3kQ=f9w0o=wAYSw)3rU`c^LceP01u3{z@WAftuGKuLh`(g=vDthPsG3)|i^J1cT
zK6F_<i1OrYCDgm@n^)S^g|N_XM_h8c<_oK4xAwjCe{qoMm6er?e0knaJsLJ#ncswR
z{mH{(Rc)xotCiOme-)p>h{|T#@2gU<99vdX9e3Y%n1T>c4S78B)-lEZqImy5^!&e<
ziD)zZpAhl?WtI?{kO@ShG@=Cl4+r!A9{gV+>vwzqAH9x{9K1T7v;Mkbs`q+54_aS8
z{~*=4{=Xkq1#gjrck&4g1Lk!o(h=A+H2U8Kg5OaIjE~<wE}mVJfBiL!lA9^K*?xOv
zI3+aid6aUpqGKm+r#HVkKR*aSc-KfeIx-{92JeaM2!())ib6_CN)BfaGQw&O{~#L7
z7-SC}4Gj%iC#Y>3z1;1ch~@n1?EG?^TC{4_K+iroIVm70NO=d^Zgbz?+1mQ-s<mrJ
zywK0a#-^{YZ*FT#w{1UjV1eGQ{BmO<S{44@S0D3uJLt{=%ve=bg(zlIUtN+-F+1AZ
z>&<)LBrc;JUjJP`nyDIzPERLn2m^z`#;=lpws&_!y1GQYyu5t;{M3?V!yz*1u^41R
z9tVFe#!gTX`D6emCtCmPD<S`Y08V~>!Wn)kAu{hur3N~7a&q!<0!h=xzw1)r9>ocS
znZ_cbqArQ5>4{sD`P2WoL!m40(gZ?B$K%x=DNl%;CMEk0S%zRWTWJR{@CG`#zMi|>
z2Z0>K&7ioa!fbXlup)xlK5p;r@zLgDWU5Q6^6~M_l((p`JF8^I@U)FKP#wRH+0YD}
zVay)?cL{}{UFC`C|8w@QP#J4JD?<}i@5`r?k!Ygd4PgoCnP<_Itg@a6D+dHL2a)Am
ze$v*_k#TdYxAiBPImYUvdM8asNa@85O7+;O8Jn7tgEBF&veI&Js6)12tGQ-GG`%xS
z5&zWxtOw=K!X=~naH&4-l0`}i#jwtZYTgjh5-G@-iHNu#oa&v_s>r2MKPn+xr_Co~
zntI!B^A$QdBETd>Hf`Z^z~uzLaqG8WyZnH(swx(ZxYZQeZ%HCSNc5-OeN`(v&|+9f
z@~m~<(FVY#Fbo}7(HS(-z*P{zV(pfwn#&gZWoB-E-W3YLt}*Qz-Omr2^xh1h*VCq$
zU0f`6`q^&MHVe_-;;C#FCbnke%1r^yR>P;QSr5-df>dO=5(TE3H?Ql+UzUe14`(WU
zPP+-jCuC*P?Ju#Po|X~io?yn#@S$B<|LJhp??ZNKwO&BqtW`x$&`lNHYvyJCOl?DL
zX<t=-E~QAch#kd(wWl6T$dM~w$eHKs1vm6H9Z*|va(Hc5^03LICgm51Bd+og^xeW~
z{I$?-uq45b1+k_g?hp2Ww<`I8fPH~yot3gCmnao3DL?dGlLqk@Nza7%Vo6iz+o$nE
z9h1@q6_DyHy{A-iW}g~B!}HnoQ)$nyJk*hnY=2u7(_+eo(1djRUD#Mpetv!eE@#F4
zZ2k*PXjpCcgW~T+vmn-sr~9d(y%~@aLc0<1W38SPnfB@XxGkT{>X22u=unADHXgav
z@q(Pa@@;Q#uPec|_rTCd@>RRciLWIpdK>m!OqJbZbCdNQ(0=qb+QP+AN?#KR(`j`i
zz{*pS=j_g4qKGOvy2M&M>?GVC0DxW{&Z42CCnhFRnzCvKx$O?2zuXOrN5zEkD4Mna
z!b7@P^R^k4MOtI4jrf?`oF$>{z{-c9bt2c^v!&(DHZ)Rv!}J=v#XVk{R35PNEZ@RS
zGnTnsY=8WWkh$Zo%;gqW-co(uLlqX_<V;?6h9I_cywJtt;M;&{EQ+^_cpp_^L~I<5
zz#l?FP%=iG)|E2I)%EuCXO4t_#9ipjl(~ilI(7(u?K}m1^K>1M*vU1%xW=UUvq{Kr
zhfF6v(Au`kK2;%LM;sLAU9y@d7Kq4L*g9kz1JI8R^sf?Ll=%9!Qo$5V=tL{YP37B1
zFwxnZeI6gMv9P}PFwOQ)5DycNCb@Nrtkc%^Xow3`3f=9983f508?RqnUiS@}qXB(=
zcaN`=IoS>o0Z$h<1NUiM9)0U$>3<^R3#s}pF5U9yMb36gju6t_%1g8Q2{xbd?kf-X
z=i@OwYuGl(`Y4i!v8Ki{W|E4+Zu->x$J<U<&r2Es9_j1oBN7*vwYj^$H}K!{pDPdH
z>GkVtp)_kw*~RBwf3Giw2LEa(AML`ne;OlpIqmGy+Mf7)inEI6*|@hZ6e2-fh{y?d
zch`Gl@p!?u*4@+H>uBrBTyrM+tf&A^t(Q3GjnJQRIJhKA000{2w8mW}ob-eY&1&Lb
zm)Fl!R6kys9+=&~Mlgx%rm`o%-#&|g-E(S8Ohd!Mwg~Z*5t^Mm&7O|h@TE_ZrUQHJ
z6Kkh6dpTc=^E5Oxq-BQ7zL8FEOSHB>QOu#*@fYrLm$Rt#kGa>!f4jWV<3i~lUZ4J3
z^Nm(|BL2mcJgEHM46)IOiaWv)(N+LTD6G^K4o8?Wv};2mvG8LXm7`sHp3`nOgUrx>
ze4yl*O`~Q%jwq@2zqz*?4Y>qu8&G~R12+j`Ig%)iPmFWmW*C{<o&QSFyZNF2%Ce#0
zS(dBlV(ZXH>aNF>M!uuAxdsJyYcG%r47Zqd%5~L}(9xA-RN4XPQND{VED&S_<fjWR
zG~dXt1DpaGq-L_SvXV^~20&A<<3`AQqc|M+?6(tOP7!xz#I{UFcsO?m#Udme7C!Hk
zl936kC_>?C4edPH?8%ReM1gvHPv#1TV`cXBNiK_XI~jN_q}|zS|AmKT`y+BN{Vyi0
zgZ@r<S4^={(9;j4zDHFlW;1+D$#Kd&u}ZAG$8<`2B;dON2z%v;n*^oT2cvgBoym1R
zha)Te<r<oMLSD`^%3vgZUw3i1c)xdvTICRJIq6>{oH(U@TP-_&h9%?y$rDBvdEWhM
zpMDAJI6ONoXz7Ws$ayD{dx8hn5Tbj$SnFhTIJ5Ex#DEhiqmrcRygg{k>%s=33BX@R
zs4CnoT^rr0%3I^Ww9y8g)-e?)0>-(bkjg{z3(M=10}dO;Z2`eG)7lUm_d_y``xw^3
zo~9TqcA2>l%|jx?aVmWNB@L;FQe0KGns=dtf0mY|WNbgDEqJ~Axz8cgol?+i@e^4{
zKK^EC!8z-K(rSn`ArExRIb#@C8p5jCoLkMxr3Nv!De7zfSyyc#*4)yN`ud(LoQZf@
zVd)<dx?OD&Cp6dQW_V6W`-<|&A_j7GSJYp8Z<Z1oZX^;VBgy0ngO2*}gMYkPPDRR`
z$qHE6k>vbz*sDpIm44J$5Fau0jclmLtz){S2D)Fy{j&NNS|B!$FoIzDbU-5pd0Sq4
znsTEcT0GHg*x>|7>`oV2)i>D2Cy=w!!FZ`j_CqOc)|x4^LkBKLJdp;i-5hRM9Chb9
z{uA4^n?f6EY3BsW%S{TWobafBKq*OVSRk+upObqSL+XK289FwAz2Q`)#R=wS{N>q9
z{k|()#r`U?N%4)-q8v%x(;A;pcO%CutgKtpugX|HRgOhWFqM|l=Knf)M_UPaN~x00
z+Z-F!ou6XP+Nn1-J^@wPLv6)nnhniV-})IL&m29px*TGGgV_}K$s!c0i@~46>O$Rw
zgcV)uG;D}G)^wo-)_}t;B^xbV&R#L5AeD50G}1>^?b|EOPq3&q&{eoYL+sIGnaAkm
zZt-U6K^OYXjd%>bN{ftXvRh;R%Il4mhqQHhp68z{+X@V!ug`SX*qM%pG^!pdsrT;d
z*(Y{N?trKI1M;uEW6KK1!>f|iEGu+ZMkP%ReN4^ida7pI{q7WhHy-WU+@6Kxyv5}c
zlHU*6?y=<XhgX2FJN>`mHtX8z>yr$n`Yx>X8A4w}Osp-!y4JESnGN(Syo?N}>Ra;X
z97&2zsl@$KCz-|4L(a`$MW}W<_Y~i*lhuHyVRDgfErT;~WWPSeks<NMNN-gN+v$+_
z`rF^8A9GH00$56m!TpM&R`xa%P@;Mr&)Jg!;yvrw&aZrPR|##jiPh|#qstA7s(Q7q
z*E2vd0l!3Cwc3Hr2_!9CEgeiSF<C~V0xL^`KL~?>;K-qlk=ICRW+jre1Tr==^FZJH
zi;Q3|OVpwK$ULmWTZ}#bH34@@JO)eD5tUohmmE5t=}kORH#9Rue*WuQoWFl8GD$R8
z>!zbTt>;L5n%$8Zbz*3K2zvU9>>a1$cvfeGgoqJ@cu71qIg*-zK_2a(d?RfYo9F^B
z;tx%{{UuuU`gjw2_udmYmPeaVLsL^0D8mRAn+zRZxH!P=@PUtr0ybNd4%A&h9DLFP
z&jMmh10=Z2^p=&fK9>7z<U#)QQ|Ce1Q{o+c)axTvzT0SK>mtL+*)3qlMdxPc&Ug<@
zI~{g22SZ)>UEcc1Mprg{v-2-rdQv5j4<qe_NWIC9H`wXYSFxx{fuUl1ZNdczyS?3|
zAfA#kYHqlUjGcqNi%eQm%v(v~aLR=>y6HFAqDy`le549dRH|i6JfZhJ@4CHv?0NO`
zI$5Fwsv4!mf&|4FZAgWKl1a|H23L08d{k6oWM(d9;7`q({Fi*SG4=YG!g^Jewm)~(
zzI;>$DazXzm!#!P-6`;g9J%qZRlJK`l~9~h_~y=W<+=J?Q&y>2K(<v!I@aNy<bGk(
z$r3HsO8?$<KMnIjkL_^f+T9fwa{k8n0$Im$Q@~ptAhy2Yx}g|cGP6GYDDGN29D@@t
zCqUBv>-n#enz)}2hKf;4UrzxAV9)PIYXT=#Rbb5zYRu+`^0)=2HKCw1Cd(NK4*&*r
z(OViMAXY}g#FjjvYa|dYJ}v=!CoD)G31OIxXI;!KP;j-enEQw4`sACa^Q6`hXY7WM
zfZuet4`=mzaI5dT8G+7>_8FGZtcODum7&@7<oX(mm5<aHAEQClE}^{4Lkwz|18bvs
zOF6c_Sz{<y7rl#%$oz!#Cnc%DyurltF)A_BwJSIzC&8(?B-7=<lr+8RwKaKrQ;d6B
zoyKOq#B9>AkXY7&D1F|>=09uta)l0+-ts)26BCL*730uT2j2T`?-4871mIS)PC!92
z7LL0LvZj=@VX($ByRl1LyvS^Tuw<2`o6#ZbRG-wK&0PH7-|hG*L+`ht_{xh*43Pz5
ztv>IxmVdzkHT1M=B%6&~Kf{H}Yn;?w(XEHyo4X{G#>R?TT)@`&jpZW3S=0E=Qs%t1
z@`(|y>Zpe@6)LCIDa;{@GKZ3YpAL4a<W2MQb2|IDTU1D8%p=QT&=Okpl<b)FB6Kke
zMjoD)nHg=Vq>7N#SZ)*p#FwkJ2|>GOC*Lc*TMJGVZ5gQ=^2aSK1%w}`|8T3?OTOc@
zzsF10(Wr%2GffWkYa~j_iGLh*{A!;lM7IlY;a7QG-rg%3b@)mksAQmMcN#gB(u}8W
zmKatWUgQvtzcHPujR(TYHX0j<O7&>c!QDHSv#=p^st{LnOa7)qGd!s-E=(vc<EDLI
z?G$l#?}x0hyf6lj#CE8xzyq6(9+-1SZeOI}*)iSg{Mk$jH~Wf53sjWLO?gVb{HhD&
zpVv#q!<BV*qF~lzFD;?L)gzI^saL{k)4?xcN;;45_TlnWVO1XGn^BASJvCgDn-nWY
zdMXu7bU*@P;>IvSbu3J-{Hh82Igma*ty=~C?4*GR5o8rL8YyZ_!2u2H*o1}Nwe6k}
z%BWaztHjRZ5fb8H<H;NN@gtJDD==o#m)|`g&2sP*3@vbk9lC}N+I|k0TT_>^{+^!H
zb5%)2dedzUBTO<=myoe#*$6C1nJ<5Far!K}Lg?scx6`2bRkt2c#z^;j>^+GeeG&q$
z%+h7L)cU6Fo03v<lxZfd;zZp9TCO<H0oS`z>I{x#z|qwTB@U&uq~0gKsOm5KCY8Xy
zYP6e8{~6x;hI<xwv!dU_+Q`0+XgFjAaEbz0>S7MJQy10TgFJZ(usQMcPWDDK)7yfc
zan6i9#Yy;FELP9+cbDn;|I`7fnT?WM!J5xW0+64)tkw%2OdaMkY?ixG|NdYdk7U-p
zS&9=Cxt>d26E~E({_Doaa!dp1MI)Sg!{-c48Nb6CpHRMtnAqLQY+zxXqGsYr8Mtuj
zbia9vq_xg?+!imYCOViW8b6ywr0`3P?7Z_8r@wL${#e?Q{B>Jd;`D>?tq2IvvyP@W
z%+=}tez%KPAS-(}ak<|LvzA6|Nkx8Fx%uakZhcG;Qrk*-V-4c<9E;p+QVV(N@*$7&
zq7#c4DrG-RmACXv<L4zN>ljy>q(+8WqsKS9rvg}MjcYolusy~VUTQnlNUJp%=A+FQ
zUFA<ABKz{yf+RbC3AEA{0xPOs`ZN?C<C331bmj*@R(pP7BoFe5Wa`Mkk3ZQ>KGqYc
z-<NpmTnBUU)0R6T9ENjj8C0-kn2ki<_W2yb(HG|TG&ID2?~byqHuwn_RSRY;0}*u*
zqmh?OP|84=I*?*Rwbq)V-q<eIAer!xhBNAY4-X3zMt=bZeKGc~XE}+Bi2g^NtWgf*
zpNwXfdpH&q6n4oj7z76{R2vOuJuWu5DZDK}nIIJlNX^a<EQ`5mSi9R%GJSr2hcXgN
z`e6U0g-Zi!z8nRS_&;9n8*8H755*oE_uOE|d(eX6VYl~34J7_<r?_lE9x9;wA5z(R
z$$DG^AolLvm0>%d$E!#Gi)+2kfN#vS(?HU|*N>b2_kt8=?c;iz0b|H=%^bQq{fCZb
zmuFxTk%w^H9m<_Q=lokRI{L_U!#pl9q?jssta_&N;i&Q-G)zoKHWgxHDq+EQ5^38b
zGn|wH#+^PIH)JRy_Xc7M1SLMS>24<{=+1#2k<Y>uc8_tng{>?#>=q*dYTqtb#V_x#
zEB&tyd0~n7xP)eYQ5ki{c>-=}wLSM)V-$e{ys+*22eqKRt%^5Zq=F-hdK-mxLEQ9g
z8(Zu93mo-6jQh0#{dS9NmuJhD{uigbc|EUz&CX(wCib2!T-p{jotMq$dtucR1C_d5
z>@>dFW|Lpl$ti!yjw{F)`WF_O-^uOIOfN~BXd%mh0~O;t6~>h5gedcyOPGwS$6-p0
zH5-BN9w2h4B$f@##AFrJeBhixGG3ph4D(}h`Sk+^L7UU7rul6f`=3p@!X`ys+R);e
z72%;Ta@@Jk(Fc{vgT0e`a@W`qloj(TX?93I!?qk;g1a0)tnXT->=jSXET}28X8Q<6
zYT8_TrEgoak8SufI-Zvb%~EhP`?(nsfZZ%p&ho^3SD8^<oBAK@-0FHqM^ld`#YQ#z
z<(UqOdHLTkBeTPghV(gCR22+ZqxGr_5H74qM_y_1O*lA2tQ(9DAGsMF$uv%@>E`%D
z`;xdSjymRzMO1aI8F<%s$SR7;3KMO1LujPw{>*R>-I<fTr)`S)NO|GaC;QMhiq!KL
zjR0L6duLzDN-v!%;nYLB6bCDBKtBk*cOy^RD|SZ1NHWldyQpiz8ZV8b(I5R;#U^F0
zvBBqp;bJ3hiD&~`OhN&T)u6AimyIckEAqqj@Zd;fM5AHaRZDWd(U+biCtKxrw5(lK
zhJq4Oz_5x{4jb^9emnilytu4_?k5xU`**<b=?)*1iPW%^1uxE}W%)n}#t^Fzy#2jt
z-ulqAA3h(2hKK<*w54@f+ck7lT>x<XOF`|RunP<-7jTOcg%4yrF&?eo#`uV;NMyoS
z6_JT)pGw9;e58Ay&dDPrt0S8*x;uQ?+?9-c{ajIXV;Gg9oEDuU^~~T*q3&cLs|3uV
z((=+b$iPi7Pzmxw0cX;(WD%9NHAkEjvZbLj%_LVs1=eIFGw2B<msqPKv}oMFwdP)3
z0Un0aG}9B6?WIU|twgocQvXc%WOUas?NHSpI95<o7R7Ark^ZnsKD38W{}KKX94r>q
zFjEeo0GW*x{Ax^%ghewbM$>UN<RpUsjY?T-m&4OwS1fX07GUKa#MANqGp`?#o(n2z
zG0cWV3t~roziuMLCCx0q`t^}rCWQ)@IkdA3u4M1R+^5@Qp*cDE!gIs$rrtkvhDs)_
zeI+tFsyOglPR#>XR7F<mX<bg$0E6QEouSZznnYl^f9Nj}!O+4q3DB(xbZ>te?1Nry
z^FC$Hb5wvJDKa+2g0K*>_KrC{PBSS@LQ9WAlof`j*TgCEN6A+5P4rpzuR@Oa_DKsS
zO{<8J8cXZCaR0>ThzcWF5s+usT8}NGO4J=123sLVABkVBx-S7{GC{WL`BDT`V3c_a
z`s})T!3VAP(L*|!z%~!Gm<A68?iwokV7ivWez*CwI>(#A>RF>~3-a}ei{x`RGpm0#
zy8lJ14N9y$?}nU-i;T$eckeu9Kl+><pqPq1`5i5g@2*73p?tWqFkd9zSZa^!8jf>?
zA8-Q#k3Q(J<=GB?BVLWm-yJ29TLSO@Lnz(_nN=g-yHpxxl>bKAX2-9$8I-v84OLlr
z{9F8p4itt~`EeGn9JT23rOR00R*Xc}4|qO1B^bCxY$_6%rM3YK?yCyi@VBE-Y6igm
zj0OE-E6C8B+T4OB?)$*Q7F*#LV<Pu6@7YK<Wpbi9*M-gYuex(X4Kl6l-Idzxp)zR~
zQ#3~JL8W^`<KTFk<LG^X7ir`Y*~<@*V;B^96c@g8E_k=+*BNl9AX}k(c}UT-y%xFK
zdG{l!e5KUi<J_H8=$ewhHWzkZnzsjqO#!_uQIJ);N5Z&k|ITp_`<z$n9gH{j8jI+%
znO>a>jPCDmLNiPAx1DS%yITWr)kK=|<7@mO-DJ!cH*SM7a~YwNo|2|S%HZGHqQ~15
zqe_J0wx<Ias(J0dGt<qWhf?&w=f4yO%;Y;El@#FfLwdoRJsH)mIt&W63EM7E911X#
z?q#wcF;cKxnnX+#0zc9JZ1gd$F>WhlCGKFgRvV{|7okGBYlMAxM6KBvDCNhW&M@Y?
zVco2Nsh9=a;XHT5U9?g0x^y*$ot?R=GFifxn`QyamqPg}k>WNHLH@TS{xy)HN~84c
zb3#bb<Ho)c3<zxHmVlsc`n#r1JbS*Q@pL<a+xf#c97WX4`YB9-+2SIciu(s2Cj;Pu
z=iR;$sZJetCu(LFKe^hi0(N}v4y{Nx9|cI#nlElrYg@}BrtQoa3NOb$iR93)au$i$
zxJ^T%J&ru=C-cSGp`rX6J|Ur@?}&{h)oI3~*}EC)pArGj&(C4%FDw*F+_;@diUPiS
z?QoGuV;6*N9eVe}jna*HT|^{)c597@9lLl#R>ldPsh%}-*4ylt2aLMY``VqY=jBc0
zOX8Jy1>NV=voKK99I4m{e^e*lmGd@qFuSulZ@txqd$H$dG<{yN_e4nN!%ZdN#Km@O
zk~#{qwv`D|fu^x-&rF=(nZF`guJ2hn^9HPf$X43d%?e9}JoF8gu}Bk@{H##P$jFNC
z1ud*C!_3sNwl&Hdd31N_XryP1j4V$NRAgO6qtn>wXqQ5^%BYaCD!+lXp@Y;BD~X)-
z%qs^DwZ8{Pag30?g=8PUR*jZAevOISqZ9H)CO$0tz1}MeA6%GJfEmcD=%C|+1nYB#
z)WsbQX1>dri>yZvAC|HHUf+l%ut~AK>oB*lm(X?<7VUy98R%Qu?8_?{<x{Z-W*DrL
zT^J~<Y8Lzab3jT~R6~P}${kG+Pp0Hf`fN#TT%Qzmg{OG5V!){z-H?pXBZgRqJz5?U
zd|6+zwEVGNcY#&_uFWp{OrhzHs-PyXEqjP%6_ERGIm^QKTm^Xf0bOvqwM~XwXi2G+
zC9$ray4ouuYfZ7;uww+%yKi7EKCXt6X}7DcQP&e(-#5*iayCsqGaGeiU(?Ial^^$F
zt2ujgz@#wPPn&dcF*t{3lbmHRkYrOd=jAm$yBXEe#bV@HRN(l%BnOL@!Vv(<l{A+u
zWUQ#tt3S5Aucy_vk=0t_Rc)avJuJ7M^H%+1lA{!$C(LStl98E}tUWIwr^3{Gh=1jo
zhE19*uO`JdJz{g^$@{Tfhs*mjjZo%Z3HcE6Cj}*4U^ySF+1wYe)6dZl9V27P^ukh|
zSbUNqfeEir96E}(z{uiaNBwKPfA-S6@NQxgv-3*P{+fR5%h54nxxk2{q#H-Aq?lM;
z5CGCJS}sVHRW>Cxh!S5b(q)!wd&?W`fa~gTM75xUF~7%|kXGGN$saXJAr{hgm=Ytr
zEGBbm_NH{1%fxp;0eND5h0JXfD9kn~DX;(clABO{|3!36X{i_qrm)OTv=BrAwZE4(
zuRBd>2OoH7KT65K7r8Mc@?>l>0%51(<&1QY5t0)k`Fo{MP+f~6>}WT7^pJ7j@>yr3
zy1*|ZH9Gt2Cvs42N3gQYKU_&x-x?DiUO%^tfaLhjw437UTdQ-f)-2N))KuLP_!BQ+
zJbQH5)}PrI2-1{Cm#6c8<_)F{J(@e8mqsYlGe(BRTsLDMSO<f;P<g3$t?6XdH#QWc
zygt*F@M&M)OlMKV$SKl3#}W&)K2CGACiN}|)pK#<XMX6N)_sslwIESe+vK3-bk=_;
zVXkkB`B})4)SyIc)EIFyisqZ9^2bn5(N>mjIyiXl>WX_tt9B*7;==(|`|79i%EOWd
z8UlA*W-ff-X}Kz;fKW)m!ka?PN+P|`iqFicRY|^d+CGQs;=J~h`kC2V<T}#l>d{o}
z&E7)D4jY69&Vfpgk_hQclz}w;@Wy=xCcE)gPQ4&o4lsIn1^-{8`rzACiQF@h@HBiQ
zL7)#Zc$qb)3ogbx5=PqbEiO=|^{1ZLK#7i2m5&E|I(y)6rKzg@Q&hWh%xjB+SVB;)
zlt&uO{iH|<jR3#lV!7zV&+-j2HLd|hn4<^5Bcg9P8cvupQS|pkVWHMk`C`V(Sf~!k
zOb)km*Ujg2MkOy>f5_;(6Ots?T=)7{Vu<N%9}emYeGszTC6-==V1eEj8Q&eKR749e
z`CZ|y4!d)5fipBr;fdO5ZYVs!bsXJ2mTwB?kHMFuo72^hG5?iCz<z&a`f`Iae*Du5
z7U72YRPaRnw~HNYoHfxAhOYQ{F&`WXcC)CTn6CFr4r^=cj3yUcwW1t-H6h{mccb>?
z`qx;(d``c(*3h|8nb)3v2zp%LF6i1?aSi`iiyOW_=?k2h^#$IBq%$ad8ypzNQR21=
z*@uxm;3{))whXPahlUW={Qdpg0fP(}&g?>AJ6|E^vsEBRWa^iZoo;H^-+m3y8h|&D
zltNH0x~tcjpfWWLgNSK7QK+QAyB;2qpqHooK~$yGxQ#lCx4+3)iE#^)v$B|e-Zk17
z=<DO?H$^&*`nkQ#pYqJ5Xy}@%YM3%%o`?qfsMQ2i#C-GY^1YW5(<D!7QO(_7xuzI4
z)4h<x=qeJS$*<>P&%D1~Nf5t7mZ=wmZO8c_=;i)Jvz(HJ!89}B;reID`<kF{QOH@s
zKBkH3@wH4`ZqFs~apV2D>|y=xhXmgnZu0X>s||nL!r7=Y_Q_(l4$_Ox55Tta4|B-u
zqRNe<vwd!|z)>g_R3`B0GR<DwjB4y6^mmSc>yP4Mnr4?xHgZBiC%{p`2P!>5Rf7kp
z-MxOsr|m@jacDhwwp2eiQ`XRnudS_3`qA%Ci!-uWpl5Qp9-r%ZS7PVg8GcRovq-;@
z_qXkaTEUAuhfcyLg7d6X|NCkxcHHH!P}&|lZWjhPycZQSfs6ujB>LFqA=7DMRuSkE
zULEbX{4!@T&%UoeO)z@?##iw9LeIbMT%s^{zv5q^fYtXah9)SR<uykZq5yk~V52W+
z)h5+Yd_C?z(~>eaq9M7dc)DKG#<?M><yEZBzcsPb;U$zm+nGMVT?gj|&|d#areVzO
zI@!hK>P1j7J=54NaxBfuBvhlMH3xd!c+M_rj>xN_@X=jzx}y~75&wuh!_Ze<7>xU~
z<b#8Y8yO$}yLVxT!_IJ<#HjD!01J4iA)udW4mguFN~iiak{t5Vk+Oo}`)L-;(eitA
zA=pv|;ZE$24+PUw(qfCtamP$lMX;TgR11+fT4}MA#$ao4lk9LY8E`F00A+}6@S9jn
z5hG~rcgvo+13!JucbUj(WlVn<gD*amfID(qi&<9uewK|+eQqjC-FB8C$FmqMJ2Efk
zrSNm)1{m)U;cM;|ADP!cv|ZWJ+jOoPJ+O{#qa#7$lBT0pqG;~FXl-?Cw0Umo0f$^G
zOjaDtABsWVp*B%<*7WZzPq8MJARO-x6=-Nn)%8=<Y(1H~q67q%%WpD-)YsRQ{4@mW
zQ|9|d)9S81!7ZgY%{VZraosg54Gs8=6@XJjDycvkI+}!3J?S_qEZ(TjltDx)XK=FK
z$F8nt5APdw9EwmieHKYmDy`82=h~r-Iqi|PJV>aAp^@)_69cWnwM7Y)C+&OtJLE9z
zT8N2+K{S=|+kr5j&&LZe5c>oD##?tk7a1x%pvJT5!itP<N@Y^C=wOAjK@>-0(@hf0
zDqdutEb)tfD?far;mI_d)m0m6Q&k)CMNW&>&S+;8$$nfFR8l=y=iSfIlAXDeZ#rV`
z7)Qn49mV2-O$?1J>YxClTtEqQIZH&e+omP-vojgj)kC>k;<odUl6LX8)uBbS!upBn
z?_`wWu6j^fiNt+l8Pk(o%R{FcTDEHG#B{(LbZK@0me{iw%BXrxdG<r~fpT)SP3x7%
zPv8cR!m950?w>e3ZK(t$*aYM%l9Eg?^ne&lKHL-g=*)u_i`R&Qb|do`t_*yInwno#
zjVW;joDYt(I%X-%J2~=SJR*}!D0Qh^5*tDi2xS(Y=3ARCwVcjB3zjEr*AP4bR5)5Z
zHK8^rnHSqB%}pAl+f^$rN;YcjDs2_#TFk^>M`SS)QKDn0C^=)>7ybop&iiz%SlQdh
zwRvLY<_1U$W?0}SjC`M&E#v`}Dlp=urX+l#Q1+2Vi)3tTtav#spDgff&97OJOf|!)
z&*5U`O@1(>ybX*<JS0j|simU#L>I*a{oKaa8p`-oc^HX8!|bM~uHN^>Ogt6k1=6uf
z$q|1RY-<dtPKon>4J1@1OshoXeKxQ==Wg^7;mVlC^}LWfI_^fqD1BxVc{k>FR$w#F
zw-M+`k4iXRY6a8X2)uV4H?i{B`E9VV1dMR6J*5+*jUK-38O%m*VT3<?cFFM#e>+tL
z&22bO!ao`DN67gfhwbIj3oW)jyNLV6xR;t*buOV&b1Th@;Tlsl2>$IQrei{ljE<#d
zV@kN+i%Y2znQRk}*|Om$4FAh=lixP^0#ibV+HgN&GQu?j#R)f8r4qtf7sw^9V%VvK
zX+q~8H+De%rNI4xK*i2j&W6T31?QD*r21Tm=pIjBRINS1L9kO#LONT_Jn0;8(@Um(
zW9wy-j-YnqJBx+iQ}9Hm-w9<W=?R3zY&dg~{P%2sND@fy{w_8A+vVS4z@V#XKwYv0
zh`T7{RHXCP)7jWJ9Og;P!oxQ>Pak1LSj&`@Hq>cGoNNHc;ujZ^mVNl=JWo_sA&H;s
zHPTdYKjz}huhc;IaO^2ev1a36(w74*@}m=T5A&4Z8nK)17qRm$VA62Df7oTMxXM(a
z>simMgz3`lJH~EjxP;A6^H@1xc5u_)X8|gMwz@0{8S}X4JAs9g>X3iON-;_zT-Ik(
z`Zcint<uf<QvD0e%2?0ORJEs$)Xs=nhG4G}PN>=C#=iM<;fPUvOie8uzJV~5zo|~w
zZ@6xyVl*qiGo2|Ns9o`hVNb<=Ude+E(9?kre-n3i0>ffY!7Q&Kh>8*%pn$<BgWmbP
zZRhW^M;f#g7+U*!M>|zL@~hD^VRrQL?}8(;!P+H_*~=k`X@G+u+q57+_%GkS8oA{q
zTx_HJf!0p#1Xli*f}#F`SZ#eXqWWHv#WtbT%RE?_?Gtv+M`C#rerIW64doiY+cTTx
zdYcG(S>a_BDC^>Wo}Vf_c|VX%Yd5TQn9%j=M5V?|q(ALKLY9!#(wG=G09~+Z?I{#)
zybeu-sVFXhPl9fl7FEw_D;;U6(x=2k2D7$PMIJ|iVy{PzH>zbQ$A3wpIy)6iZ|Ooi
zJ1<Wh29JgXu6zAN>f3X(E>w)~pNzx;cNvCF12P@+bF6^w0+)S{f&nnc&`xQg_2|g^
zD|n*U*X+YazQaGRc6Gn!`tm}n9FSHkM#k7nDhgv};B*fwMiEzavS{>LR@{<FaDxWh
z(D6G4sv^tCkMQ3zAI6eUqPQ(b80>BA)zG_Zg0EuO3c>2cZ0}XjJb4(cs3WIA{l#+O
z$vI}jg|sGj%d5X){R9~X2Bgg$B5=8OR2OGpXw7L@<ewyrm1#C6y^6IVTq(X({kz0O
z2GTN}{F-vhJ_a+q@=hg~Lwh$oOnuX{#_~P@p(5NOyi%lHl6<MmigY4R0=NcbFuy(6
z6;AyO&RJt|P;l15>=I>7nY+a*g+!-1sO=`%3^2hht04#jLBbJ1-WZHqCO2GpjpGly
zZ`bi`p!I;$Pf@cwk#VuqbK)5bU>P1gYi#WN!5t7aja=!Um5tJf>{u$g7mwRm4gCG!
zIkOdjB|uft0QZ=$sz^W^jS00L-@@PgnrOPaIm57HT1ZII##tng66MNsF<H-G5HiZE
zxPc;Vm&Vm@jZGYU6ZIV;+!ysd^y2~x1&D+7)9aS}z&BEdahm2Yi8X0%eQ%x^04JrN
z>9Q(rFqoPi^o7-DTB5?~gc4L9@(L6;Cf>ih8?2X~h?E)87_gb=T3fEV0_AK^^Yy)b
zVytm2D&<Rkn*6r{H5uhYl$H6RrKY7Ngt6u`?H}y&?2}lYrt6Xd7e)}`nd*I$Objc0
zn2ek0MRC*I(e7#|(zO<(;fd@{)EG^Et1wzwC_+nQfJDdDp!=@O=>jKflsiHmqOnoN
znbh~hczjYwwL&(luxx1QY#C!Fi%y*j)E882qt=F&CL@ykjCB5$_?MCgjipG0_an0v
zb&T>!Ie^H#jxYRo9SsuwSy3%Z@b@xlX^gYx1)3C31Y!R(*D41KS0;3f`0IoYls59E
zM1%^5nTX_!l0_i2K2C;(MBSQFKqv9m0_VrG0-JiMePb#|5N*o?-@_67fas*)GiT1$
zl1LisAsroEaQ%wI8?vg<*7A#r58fL5Z|8|y^)oG<ZGYJLV^c>HYNTo@S*hau>k9Jl
zOf#q4Rlo=VUzP&DU`PK$7y}5<X-yZ9k<1F0D`QoqZu*tR>zJNMP9htYWMojxJVduJ
zhlVy|h!tvA?=Y;+4IV)`%KW!}w?9IW)xxqc`5(+>Glz-@?*yujkO3isvOsioUp{#y
zSCQ_5au231CIuzix}LDRgfB98*_j6{R4vW1y=StL0dE+b4@(+9M_06)Mo~X!tob;d
zDPR8)xK%;JI<t?h_IqPx_11du9d@3vqFMkgNb!|W<qC@gTh?=*fjN!O%5Go6!s%_~
zi!)Px=4K>3)d<baV7qXcaJCOXIfN~m<9m!2okYlC7Yt5HWJKMY03CPd<^)_CC=-lx
zhUWLmFI${CdjDmu^Pa_We?AiQ+{4XV7MR=#H-$blF^jz337Lv`rY`0IGtz>?+pd;X
zbYZ^b-R!zIb9y=A;J5USxGZ$niyulMq^2(iR3_NnQ4Fl=u<SD5u|P{$_1&J8S5?0G
zbFy69%eKaf8}dBTeZMkby?3mZ;umdojCV}{Xf)s4e7#|<6PRR7L6H=#=dKfQ7Z9+I
zwNSFhJ*wEi3$0i#;g*Q#Bb71rBJJuMp?~Bs5r|)E2X%U1a0%<=$BJL!(Z`eRCT?6C
z`#3Uh+;~~*h(Y9BTza*z(~|IOT`%XTKLE@1FNI3^L}+A1!@X;YZT|iX>%GrlRbtL;
z`TaqOUM)@ZwFaI=YTX+2BYmT-w^H~qBGO^6Z`egW4GNNv^N&c5H*f3wwu3{cN>L0d
z$$M-e->OvGD74&?z#t9EHmM9J@;ApMoXWF0-<!zk@y+6;7Oh(H|Be~&GN|SeXxoJY
zr&=_yLOckC?3y$9T{c+HNB&8qC|zrEB!nB$tmFe|7H|3?_SSH>1g)`wW4FpqsC4M}
ztl@i%Ru2zWQ?}$#ByKJ491#bfmoBxtv(?(xml4lyok!J;wXV3|-(~as&X3}E)J{#6
z<kfM*r^>H3%L9n`UEu4BX3SQv?tHfc4SS%mzjmB2unoc|jX{bfE>)u`f^H4#t%qU4
zHh&m*@diatQ+#u=^i7XvtawFd_Y<7^rC5H>QEgLB%k(|PGm5HMLtI4FzidI3E6>Zs
z1nEdzn-Gr`K8G3wVh$={r+@7KASL=3hW@n=r-WR$!#T*r{PiJGr2d~tZo-xz*mIJh
zC9FzF>5i6+^kOd<FHdsaT8FSq@wa9<!jOhxjLTDs9-GyG>hVn6;fv@|B`=uGOh5I3
z!7C{tyBQ31es65F+JASf77Jd#KYzP5)_`{<UL&IB5I-J#9di}ye%5X{>a~l@=I@j0
zg1@}lVnOYfCtMTt9QwFYlz}S-8D!rsDvHNB^}&?2ogI_&kQVk-nI$9>IwRV%jUrmb
z%{P&?N(O8=6?ZqMn0w0@k4xu|<CoXbF^I$t*?QJ?=l%Ricl6P6PSo*<O3U8CrKq~x
zkk6&E(bh-KdU|F}(p{^Ii)NjZtBIDgBeW!qz|inW0nIbr&8{pxlZrYpWpR#p)Umj!
z`v;VRP#Mt4SWzv<=c>m{Wl3+A#)?-3h!|m{p<R1Vt%FSX`nAFu*V`S}W*KEEn}z0c
zWpH;l6F^xx@qTu?KfnIyjY#eQs#P2y$`eJoxUMW}{EGCcGpDZ3o4UFfEyx?0g;Z32
zVyt(#KYeXfD9b3Tyr%3|L3`3ez5me>Ny0-E>7}Lrx9iAa-4O}ChjiG0h1H(2t}~@X
zoUY=Yv-LiHGTzqLgogLFbabs@16qbUaq+pJDE>ieE-CC9QsXMTHmyVBw^rqjx#L>c
z_3|P=EE&qHigmAzqAS!S6p19!8oN`U#ZlTojg3t+D+{ttKnzn1K7GMfrX4M{?5NsW
zhBU2(lqWa&tNbd=owkcewqKH+rUXL*K;)!+?2v{g!CtUnqoP^Gi%RrG-_mI8RnkX8
z?UxBp+IQ^&Tc5DTtXFk%N24{h#oPY;g4lRgF%K~Xm1mcya@*h2O5gior{}6=)QZ-}
zP<Q{zVGtDPWlVtk+Uudt50)=wt|VmWN?YVmWg|T&wzuC6sh5sAXmK%)=(_1XQ>3TM
z73RM!(Xu|qNmJJF!rP-tuEIHTWcqN6QP8M*7@1`6lv#pm8(}xiPZgOp#AkTqSYB0K
zP|rj{(PJ*7U+CIcPs1UW&R{TVOY+6SmMPEz1!^O`vqu<O?5agmURRQ53koTuXLT?R
z3k^*+F;oGXBHb*o6{qTQGPbN(((=pwu;jw-a?r4<{wzpJQmXzj74Y_ie)BwnpS7SY
zX$gycJVph3$K3Kb>;#o*OrD;X>Vw{<zFWP`Vd@&cl)Q_qgjo044N+yF{M3|=(23$V
zV}hm%r+EjF*ji)hC@OSLgXMw8vOo?nP5H0y<3yN%uKx0}YAqnskDMemD<u*)EGgd@
z@r6A)&7V}o<j_6*E%EXeTY>v>F?)clN4)^`8zmBYF1U;w9j5Q+p-q#+a#RD@wfyVC
zJRW0LBR!*NzCH!NpoU^EUQddMqC59D4sP9ci?AR70c&-V99g->29Z%mvW~8dyCZjO
z?6r1UiMdVDijlrbPD?bDd-sXnti36}_0LJPy@hRPq#9f0LRBe?vPgUK1rfXP7h5O(
z<3%(}OY0A{<l6OS5q5_7B>YY#O#-3!mjQ=)J`n-o7#CN0r+^>}c1(8S5>4!BCwB6k
zzrpD~9`?d;>=lS;)c)o}DB;jYX(Xg)-l0kQACa*nklRZvVv-}9K7VBKqjYEJpF}Cr
zwO3Lrd~Bb#p@x@U6veC#{bmQwK!P*vt18%Fzns9gzcOiFP;;v*lC`2)pX1r%7=k-X
z+lpli?$u8?Y4Iv8K`j||zx&dgr_rlUrldUP=LW)twws<_eq+apT=FOxR-mYT-P(TC
zUUjO%-*$m+^EyE|H^HgQON|x8$oQ&d1`|gm@0bkz=6*ie33~X58&MF^Z%n+q|6)-U
z5oz|7fF$2PxIaAZZ(ka6#K)VyNx@X~_$n$f`7~*@Q8ary4+-IT@k`R$e1VY*YWDj2
zS{y=m;ZNabyN9Ki-+W%r4SHIM`RT=d^~A>uio%zAUhR?KePAu=1^>NfRAAyUz;z!g
zv+eCL+XC|atwbAxKbS!q+PMbL^XMkpwiH3ggs6M|VJH8Q%B<)1cS~YG_@A$(F%yU(
ztr22;$W#eYLmgg$hx?)8ok(dCkrHb>+AeU<nSH72VnvOO2_ko~i=G>1=E|SGK-O<j
zWc1g-wt;~LkRU^oZ<t2M%4&$A!QluYPzoy~knKiw5_%g8wmo%tSXE?TWG$^?APEx2
z^_NO2CpR9F!W5OxR;1W-4DSl(mx1X(X?|J(&XwIv8F^D-G($fvtO0IgUWiuZTUl!N
zSy1A`?ad9<SfBJyH~cr3BlP)L6cp^om@qjB8^%nApT+s6C3Hjj!hVT5`m#U+Vw=sP
zA3L4eNnA6Gtjx4*GiLKZ_@I(O;KxZYsA@GJ=JLEt)y$6;^F(lza5G?{;hDI&xJ1Js
zDPB&UbXmp*&sN&X3My~xC0M;%3Eb-Dy-FWDWEKk@vSTzr0A*VdU@0shEk0h!@YYxR
z(8$9^__V45HfCyQ5V-s3k423+pizCOfGCw~0b03}!c&rwK{OKBO<`_5Zr$k*(%l`A
z&*LOgN=hGhH_S79L4^ecr`^VI+-m?Y@#!x4xq0W*QW2c3kd3i&bx3(+q9VO#Mkf`!
z(fN|dN39UfY!<Vb40%&S@)gowI|QGv5yKH{2dewgyX3lo$}4zIqZB;NOTnZ&J>F+i
zr$dJCs5>gXa;{f<-eko^L{L?wBsq+-I>oN62t2x|E|<7_3(SJd>p#1&9O`_crn|(=
zR8B1_XVO|Jn#q)3MFZM9aqumy*fG^-X;Lsc78K-9pt~h@HofqsUCs0$waJ?~dg@I%
z!1WFZ<nK$^py>p-Cl1s$&t=Xtc7~e@B=oy9X4P>&`5fU!cgeS5bhrxiZV5s!#jIH@
zGPZ_o6}5EN@+RmuWtDRi{)*i*s^!^=MKAo=#ERruq{VqN=`*^l&zSafW7ushb63*q
z+)(;!9>|1`V!l$|3<0f@6#39kKdmccC?m|_TxvuPp5s5c^hZzD(6>#THhx6N!uC`i
zxX7Ur<w3}dBP_BcQ`b;$w#WVlT7q_|V4xHT2W|ezM+!*yB34*M_vAQe&{eC(7^*l;
z_I!}QM7NR?t&D|@2oSrh++`GoWWA{6mc}&tt28!O*2VPPv&=!6gghQ^3$O?%*}0r~
zA9ohiL#@x&+E_SVG&++eMDWF5?JOv{-S@^d+|xO!D9ZC=i$bFEr;ObNc?L8`{Mas8
zPQTSP+xB+3*MXI`5=${Jw=;{Znc%b!AhKCzuG~uaBiJ;Xnkz&6))X4b>!^f#pZR{8
zM5no;GAnv-A~!rTMcf4=&5J3viS~9fGu%X3bc$4H5_!0Vq27wyX0iuVO-Z59gn7X|
zrdXMsz^rq&c5mo=-IElOSdFVXbAGA4^tHQU%D+E@D^!M%U>s(e2($KyYgB5oATJDx
zQ*9p4pVOIW&P(CHWtw5_>97KxcNKOV8Bp)72@@766pGuRl?NsXuv3T|lT~LF9a$hY
zQ)t;vEWouMKS0w>t3H>1-}D3@++5FParTB<W#2B8l#zAOVCM$0O>K6<N10!Bu+#nK
z<|S$2+L+SOTTmPNJCKFOS>_Bx2dR>wsdyd|LzK^~TeSs;jX~JY)6>((x`;<L6XJAp
zdF;;KT)(F9e01Bp>r>Dx3;P7Q<(lFsbHVTV!WfwtS!bg~qt^QrHdMjAFRwp8PvmMg
zYM$X@{X-ext}V7lfWY&E*n70>=ghIgH0<}d79n$WG0u6Kx|vtnz9V)UZ!#0+KBsW)
zLAdzsXRB8jYK$q_EwR?PVj&6~930;P8;h!rk2}%qSX0qQb_+Eo%%-H72(wkWB8sDu
z5eW`C^c!GB&z`@TofSf>d{2hTin|Q_D+)WkPnkXM2CZc--rWV<n-B#BdQZ6|cE-$o
zPxaqt5G2VaqNMTe_D8|8(tt6u`?yLd876j=U;JP^bYY~JCOd_Ey$?$Btqi}eD^Y6*
zxM{Y3*?V9tl{d(mXvXl~VC%izw%@TM$rDtI%x+`pZM<kG>*ui{<}eWjp`qTJd}<3?
zw0VZX{Ds?86u5;ACTN1*+B%<`i2<UDIxy=OiyH;Pzwje-#+8<2rn0REt1>CG=XcC^
z8C*pZ?R)|z3ZMt^-aGQ;E`1q7(ku=52ZzdOKLb)i_Wx9Ir(sPVTL6H?7D17+C*bv3
zl2En=Q^Il)p-5yWg<2L3A`wK<3%3vzxG_i`F_4fbh6bTXkjg5B5{ww32BNG%%3fuY
zP4X$CKnQCj$=6RF{o(wddFGrszh>q=l-Z}59UhDqg*V{cxm?@p_Yl{0&va}!CM}Hk
z1qh3DACGl^ajVc8YjAL`MsgDAIEG#g=gicd%h_!KBv{CezYpGN@}4Bj)?GdqP3dqp
zmjE>qRDdC=oDt;7{nibMnQM15k`>p000c_cEeE1fS7whSuTo1d4#Xj75_sv5VL*=i
z?VChe?$`GX1JjZgYfQ;6$inPauvl1EpTB&|fwm3$ljFQ9;O7Okzu(-1?)<dI1phlF
zmjN;@9u8K=bD@&Nj~@!O%VVR}bzJ$`^aUdROjK>He9VoquKd=3Sv}r}B7YREvZi0t
zK=|q3lul*C8n-Sl{f9nml_p9hcxCXfEd&!Ks7f{*L9rA2(+dj5#$7OyZ@iuaajhX?
z)`?63D6(QC_<#*hpS(*eX9D$>`Ucj8l~(NR{(sXQwqxJMe1pC^J0wy$h?Mj34=AIn
zU}vqs7caT=Xyuk7b-7?tDpC!B`V4eD`0fN<eOV8~%25_fPPA}+*Gu||jp6wob(8wP
zfS^EG235*F*z5;;47$@D7O(6Dt41^*2Jq+)iq!hol6u(@I$Gq0f|S<GVolZ~r;yeL
zq>HDRCCy#zWHC1ap_bgdU?j@u^=~z5p|3bz)77S3Pqr{|HE19!?n=BQHbWXPlkn^F
zpEU7B#`+;K>u2H%SQHV`#1MmIhtk=3gf4<R*YYJ^uY&1xlqS?9%5MuT6;;a3b<n#l
zL6zs{6sU~<V+sKHKPL91yg|P)YnUJ%+wml4V+4vJ9Oz<rMU?xN&;eF98%~I@h&*9V
z9jk>tfNqCkTa~&gYSI0AGUR4h44y}CYwFA5<Vqn<U0YT4wz^0;-grUJf|*v5mOa`d
zizV?>0wey8zoOvS#q=mxgB5|`L4Yh@<ewvs+lP3xcRqVLg#H!fPkn`5hvRl!fi+QP
z`y4Zs3(2BEz_zielZK2<PM;cAnQWnBNKvEvvt2QNUM5i(ml3U=aoXcOg=)A%9u;R|
zdb@!kQ9jG*h#~3Tf%6h^3aN&{@#NZYB<dR-%zDKIf_J&TB8K2>z7sf$jp2YyPCvE%
z(gN5Xt>Ri)1dM-Q?amr%NrvBcdEO)TG0*z|%IA~QX$|0fVxZ33NLO@U3&hI7man=(
za^EoSkb7O%|ALM+Hrn&PLwO*Nu09$_^4Z8L3aN)~x8={`Ur7rlZ4Qx-bB&JJa=PEo
zbvy?j?E)zz0b>wYbc~-++;~uS>il6LhB>VWePQ401_~RU|9DDGNpWcq2n5at4v;+x
zqgL6Y#>yOQDe<R_mDvBDTB{@~=Z?mMUoOsmMBk9czH_+4Ubjj598^t$o86$?4SZb*
zF1e{X{sqp9ln;kgT~s-Sr>Fo|in2OkFu;dk>fatMV(sNrGrC0ER7;bINl7YHq^&+;
zBG14gK;eB;N)`90DvDA^FScZ8_sogM`vwLExU;jfp@}~)p9ipG)yH1j&6(9+oinT|
z`F(0;7f&<Tb89Ofh4`IQVaES&AtfRgx|l+!12(7>eSJg%u#p%I)eKc}W3x3Ad7MDw
zh<~wdnT`VS-2GGy1@&?1I#8Au@jkCPE;{I%8BFI|+*DqnYFDWB^{ej`N0;_x5F1zQ
z;_mJYo;FQCnMe)$EDQ969bZtTcJJazcGBJci2WIpNpd2;%(FfdZDLR(b0zl+G0kV~
zx1;tM%N_j5ebSkm7oHu~N*CX~h7KMM8^0ftK3wTUX<2%jW#|4Wjt|WVoM{IwV=@a9
zc1^>WM~zv79$X9S1*)|Ie&9#EK%nWZrn;8^BRD$xo}_i2{nBgrdVP#UZK+wz3-dGQ
z=Mzs*QE@&eUi+wJbSt%J!<sakA2dEy^p>ap&dCF&c|%tt^U86B7uTE*PDnR7oL0}T
zV1vT_%>-IK9*6pFR3GbW8DWgDmDM7xL3gY^%xs^@h#ceJRjRAaYg`)zpPPDkf41#%
zTzy(Q^fs&+sh1TwwFit?o7U3F_X}@*TP#iH+=gpIYj$g)GTRJL1#$-@ihcSt?yT7b
zgv0g`Jc<pR8T>p8_7kRiaT~PiHT_hC%V8&ag3dIe+1vgl(nWpaAOh`n)hjC1FWMf9
zLi=Ei#QJtt(blbPC0hynR2pt=!4sz8IHz=}*0jl<b5P<0!FbgEJ>&+PIyy9Sn>ivs
uP{Zoj=V8385W3G8?djF+Sqd5`o(46nitKmS<81bBgNCnXfJY7PWZFMfN9oT1

literal 0
HcmV?d00001

diff --git a/docs/installation/images/ec2_instance_type.png b/docs/installation/images/ec2_instance_type.png
new file mode 100644
index 0000000000000000000000000000000000000000..5327a5e21eec8bddf5f0abc943fbd52218fe3ae0
GIT binary patch
literal 145409
zcmd4&1ydzW6D^DmGPt|D4({&m?(Pikx^ah%Gq?=y?hb>y4nDZM+eR+W`<)vn?)M9B
zMn`mYMRavlR%O-7mDy3sic*MhcyQmoeM6Ly7FYfD4MOtUH?UL~sIMCRuw<fd;9R3J
z;v(u^VCOl|ZWvN69~Yk!FRQkWRMh#9XlUa+M?lsj6gZOn&;)6yrQubo5H^!L-lI`o
zl<Y>tY3^j#miJB2$CH|StX@dCNXtG)#BTPLyn?5@=f8E1-H%sIjlAW7-n(WjdhP4a
zT)^#^vy#ArdS8h`7J<*}Nhw6EKalnRN<$;OPPn{SOMN}k!EPR6c-gvR@B7t0MZgTY
zl$6w-T}tBr71WGyJF(%pt_5<ElUNTDpO=HQ&z+qJ;t%Tls_pc2oWbE?Rqm|u61)HR
zWscW?h${t=M91AAhD!HQ2>56uc&>Fxa#Gb)SI79S#%ZDEVIT-PSY!OJ$Z0`NPF~o^
zfke8HU_Z)jo};!sn#<52HrF^K2x3zG@SF>nkTIRs9Kpl=zmoWKl+&D`A&xMP9hs*=
z!h<FW;?rzzI2PM(v+JewHiG~c7xt^!|F0A_s+i-&*fWxxt?Y~@a?G!i*>?RCN-pr~
zyPFaEY{WJKI0t5v(2<dW2hfGxEsP%1D|>lyyKANytXi6zn=fYdQvWy1864t|m0c88
z#MN-1*b?bog5RicTvg&UmQHfwhsM285$#zYs;GLH-7#``T^&qlr0Bq(L=61Uw<2K-
z3TP4z2Yxd10BLK;Gr-kZXn1%MiH=}|x!o1AQH4LgWX@j;Y|j72m~*p*{-u@ZPcBxR
z_xh%(=h;Eh|EV;hO6-snln_LqLyjm(K~?h0&}%0wPuk{0t6;~au9iT1Ec`<m4hd08
z^xkXH!gr@3iu~GXBw%Oz_U`5(_GqvD<umlG0=kf820i2EW8P#iYSFVRwX~F4tK4{G
z@5xoz&%P5i!1|u@)9FOW)T&W`_2<{%-KYY@fWQ?ka0rN<v$F|rLZM6#T;fdb(641g
zx|iTS%5P50s?5b~3MXR~lWyp9*?t5Cui!oQM8Y$M!O2cR5h@z+OH51@mA<3nR%-<?
z7O>aXaCaS0IRoK<{*SCf$F0(O%A33Wl)tOz+Nj>=bSN?wXJ)Tw!X0<k<yW*|bC`?K
zNXtKed7<YPAv@28n{39r2u`1S>tNK@oMP6e#T13rlz-CDj0nsf;ho}S4YtM9%>)km
z0Dd$yw1o6@8d=e#q*uoE_IT5b^_0aHFCNY~xzpi6lJG11C{;R{6K^n;L>r0nbewiY
zeg2vF{eAPIq9PKFl%yo!evvqjR@eDaL)Vh8oT-;Q&@M)-tI$uqz{UuTa)c_TV_K}3
zjDzFv4_D%|x@tSCZ1)cwo`4h^Gj$3f4bUKzp&Tga=%_ts=pu@2Nv3Z9S})0<K>;K+
zjW0($R(k7BHq-CX*exw5SD28Sdr9xGJl`_Mxc=hputwn@4{Snoggd)|?O~%i6GS5*
z08|jXPo8ph<r(-%t|yW_#$>Od{%j60<r(+*y!g;~l9ZVyH`UqF@)P>$+o8%URL*_@
zO=SDz9KY*#<o{!{gnPVV?-={M)xf^>rCJGqb9znchf(>Od1+O;srHZRhi=r?MYOvr
zP|msc@%u$w>CCx*qh{bjOK0<oBU)a<|6_4T8B$iUqoM}JgDma^0f6)Rkq?FA6H(Gq
zBi1Pj%r_&SlVWS0y1)L7uZ8@A+>kdaV52hEV%`<hhp7ky0`{LlGqvy3V_5G(0CMGf
zA#kY?&FuJ`m`~JzoQK-B3R4s+D<2X%e}snJH?O!&LoF)>pDoKDH1h9rNPC_?q<QUd
zo}u~G1w*urTEZ%MUFhQzc}@5k!SnY<%mBtDWCf-NQW^BJ!s?-R$rq%4+v^{7Igi({
zlInH@XfGoaq*$mTBJ+p8ueLbb117)Cmzs$5Kk^D4vIbb=0o$gkg9nW;t{NHD1pY4g
zyVoqt6c`+7uKsU%MLmckSmV&h)yZm;x(%YMy9L&O-vNOLDpW$Wn7`SqOWTa(?5Q`H
z>(u(I8D<;6S@ndoX&zJ$2yjQo$0ZdNkz6ErR&_?lCxvxwqM<0D!r{XAv-w-YBM>V6
zGBPsAco^y6S65dH2zZEpO(;dLTl6kY81unmgyP``o;=br?>8SqyA$$+FK^#;g=4i^
zNb4;y^d1N1SgaMVOV*!X$A?oQigiKFFxgLzO-UFU65Zb2sR(0YSdTq{JEXm<6S=tl
zTyOO#rtQQDp~+%Txo2LMkb`dLJ$C!}oMI$gIrB%y916_sDImm}EzVm*>Yj8dic}U)
zh*m<u+3j|_XB)?bY*(-=?Cre#S+kNI!G9yt^DHX!68x0@L=m#Aq_Nxz%4is1c(TP=
zmX%Rdsmrnkg9X*Fk*I9_jYt`Y$UkkxF8&>9Jn28>pG4^wG~V=zu%1!0lXZbMRyqon
zw6WFL)(cJP4xzZlB-r@wLD<4aWFxI-uu^sLk-vxj|Fh$old`H{<LEHCyd#%;C33Wm
zs$tO6mQe5*rwY)V#W!5FDNiyG1sTZAj1ZR?gr2;RCtzR2hSCJEA0Z9rFkp`-bilLp
z?qf^G;Kl&8jpWCO!thW1qn>Jch|jFvAvZrvx;q$!V4>f3>Nh&gAXJn&pt&}i@VE@O
zq9%_~o?{V3Tt~n+S`Ins&#grUwS~m3G);>&s5ySXfT7l>w_oFJbhzN2Hn1k}n4qQB
zey}YGwWBK41YlHZx&5Z$!rTJ~N8N}QylTE!d=>`6$BN7qL2W#icHZm{BWiyh3uv=6
zVz!^Kz`!8964}EC2N+|(RWc3Pw{8Mge|h`leZ1ADzKAUt4_=j~Eyl(jBx7~%qM{S7
zR&RQ#n5RGz)F;is!-=TN6POkryn(Ahsztj8zlwO^f9;V9FWIzr3ye=-4(x0!H)v&O
zkn@;j`>fnn!h&GvR2b3wYU4kImqmPg?C55bUVmuMP_diCY^;QIKtj38B8<+fdgl;a
z<4H&i(J;_T==`LWjgC>_&j04kvx@KtE6p2eF*`+~Q<F$HQf`Ya+Zhc9e?TBXlWHa>
zD=Y3o#G_S?);iWhhJiH?1vL*@Ob@k-2CR5Ik&l?(K=FY2(T?VZJuAr5qFiH!?)S%!
zm)mM~`W4TvE#6&x+{%02!H`Q0q682vFuwfVG@>c*f`N%iYG^R3tg1}d!lGCV6SE)+
zGo1#cEw!pi|JX>#AAm#}Wh{CO!je@trc=db>2yo5MRs_A5V9)oF?+~@`Qw)TtguZL
z+cREoH*@q(T6F!PcM-X;iX@5(`X(ZKK0`66TUQ7;OjuD9-ipdw6^fSIH%$E%^ACOK
z1Mc-t(z9609QM#W^a}N{6?h?pakbL-X$+C<-DZZ>Z<)%XePr~Mt0X}^6cj4-0anDU
zb<{W#;?YW`u&KKPZm+>DjY^e0<2@3`$(*qIjlI`gB;$2`d<&1tePQh8D!96@>2~I}
z+ZZ}dv`32Q((;<fh|kI)9_vMHeJwwso1$Jt{*OtJ-%|V!gqY_$7*k+=B%>!*Ehg0x
z;E<~SqTRy29=<OHyooYbI&s%suIIZF8@?lZ8NY@#yf4EbA`NPPqAXe=LiC?hPker-
z)|Bb~ThM%D@;(W_!$VcHy!_XxPxuZP506K^ofOq+_=+<UpNDcWG*vBgeRDrjY)dq>
z^9j+?>xC^#CYkSZg3j&nMxjXXiKc}mMPBdrV{^lqfcnXP;2)QM9HQez;$HlAUr+Z+
zz&43uHh0vMq1U(epNZFZ#78X*cCB}w6+(8@&j$*+aZis#LpOyH^^P-!1l(RY)QUv?
z@W_mkx+%zSBPXvSiWl?iRr0Vy7aeg;{Z;__OvjB-vyr%+jNVBpVd22NXA+RN+iIfo
zoPV7oHjn*PHB&hoPp<v-_4Rgq&Vy2A-LcnX+nb9%ZO6turj~wGdt)gXJ+tt3(!;RH
zc^k|k*VLas-y0J!eg*y{Of&g7=e-f5khLu_(Y1#S9unfWGK%5+4~4cPP5<fmZiUd+
zKq>qK1;vzPoFt{c6loH-OiSL}SeJ3Wzq70X{B6I5RVt7d%$v7tBH=e<Y(lc6%xnhj
z`W+-rw6Z2AYH~$|ike!8u8P6~1y35}J2>n2m-a~#omD(=6(R@=QRLd8v+;V3vRrl<
z_1Lk$$t>Ot*@Y!bs)*0s9UXYdR2ua?1X@%mRM#4#j|Z~CO!nj?#l@;{Jw;RA2+Bio
z^9`)>i=02AlxWuYRMwP)X~}^<Y0MHB*C*JwBL|IcyVb>j!ry8YJ~2?v_uE*@wJ1I0
zQ#qIa{xy;H6TmA`#N_y0pAUvemRc&G5$&@&!rN4v`B7kSU<dJ@%LG;f*&0f&H!KN#
z2Z<q21hgPrVe7L{u7!Bb{ZvxHMUI1sicFE00+6Y~wDB|*Mz$;%-9x<7^?PuJ*acIw
z`P+=9ewV<-g@gIt!7)2tzx5j1Q=K5Fr9t_W`lNAbWpB{EB8aIrh^$u1X=)Q9J^t{Z
zrc4J~MP8AbsOG%xg0zf?=HOQgoke@pijejGG#3)dBFUQQp?eQX_{}DLUy3%dH5Bpo
zPRqQ@%xk%Ej2uh};(Q<ZC=Re~3bQARyd#wmG?5W}!T<GoUI<6<Gc7rq_R=gzRQ6Qq
z_oC-2^+S~)ovEKFZhz8sZl-CY-UR1joKsQIEL4b4`Y5|OJ}Z(=#H83GDFjcSG*j2_
zBkZvwW}Z<cr08EWfK`w0j`9KHw(`uDSV$10&|GxPWF#t5`@XKz(t}|jv(JXl(#PtS
zDL&o8KI^9J!q(-3WPgw8Ktsq3Ff%_CRX@ZQfb%zK<VZ*)LvM53;4Ufha(h_8H9v$1
zp#WHS30Uoi?aGEvk}^<DBC(1ev<JZp-n!vGV3uW7U+(7%ly6IS;IumNqJayW;5rDi
zNAQ()trVkg-Rk`3I*Y>w_cI8j_NIv67Hit>XrIQrxo0}t@TLQ}n_{s;_mX>n?cdNi
zt3Mj#;(i^9DPuxN<IR_r9h0)RhrhjRM8(I9bN&#KmR1z;$&~H3{G}w~?SrR!;L9Cw
zO={u-e9cW)j+C)@7@biF?lt;GR*0UEtQC{Grn_HCMartaiaq+BcivTbZI(=El7Db0
zG=}&M1r0T}2uPp8zBu*>PBAn>GHCR+Gc0()_nKr8ZE+#TMPdR?ZjhJvZ^EUf?%15Z
z>nDTeRuc^T;mlC>sw=bSCcj&YI+=70HUVCc_83}N81-+nkH2lsFU`_O@!|(5obt6y
z64Gv1So)1{bZL{~`r_%|EM}Gq&iz93bRX@f9}HG)zWkh`oydU`7)h3T=OhMMi4t=s
z9H(D!Rm>!m`ip=6vf*eYeM=GX_A?-)+&W`+m+giuC3~q#yK3f0{w_)t)NhdS4I+eT
zMD5MaGWj_)S7|7Q@>`Ag)IKk}bi(?^A~5yPlAS~L+DI!#2JJjeH^{$de2uyAj~$qZ
z)Y_1(5?H>8t{Hh|i2^!D&{2LSy+ZOuY%Id>;tTgs%AleOS(JomSR+VSOI^smd*v4J
zKiClJ<y<=F<;i>2Sy;WxOK2TbjSRbVe`GKz4}Pr8T$rw#{~_`tJCNyO{4tJ6f>}vo
z@coYqK~R|?VDho0sma*KmTs+7X$1J_;np<MhoI7#QaaJHw8Xh&VgN=JtXiFIw5GzN
z0#FP%iptY4&Pw=w_&WH5Wd5#^CKdO~(3_zjUO!Q+#ykiYBU~v$h2zXWSQ{vnsf9Ho
zFaCz&tSLEBLb9@%S=1%LZ2h34HO|fv8)ZNn#k{6~nRNvBzW=FEeb0Ad1^GK%(mQa}
zcWpj;spZ5pfN$+29+wbf!aDhaVT$1#dS2;!(!N)2#6?*_Ma90_KWxLojx*j+XW4(`
ziO<THw4}P1Qek~MQQsuMc2+r?lIwmFCrJ_yKmLjENr?n6q!}EdCgBhe6YdJcW%+5w
zu|DHJyoIwaacs4PCZtgSFr^e)wHjnxBNxQh`^hA-nm<P7P+L-jWN-B@n^n=4<EKrr
z{5y{-`rnX5*rXsDTw+Bymg<`2BOy52PUKAz6geLP@A?K4*%xs^KYT-eckC_c0|o_+
z6ZN6z@fK`$xgYqAheSl3Vyo7K9Hf?OHeBc$j0m(d#VRi}#@QVh`PRyNwQTGL#t#Vb
z@iRb#=Kbcu6yOz46j8avAO0>CZ+uk4ROdPacK&gU=|&Y7q2)!$+0}@?MevT}nprda
zn%1gg>?YjsqgP_03gjf;w>t#wC?YYSu=4a*=KO7&M_<DzwqaN9y0nvc(8xc44bD}K
z#p7H%?E;6*5+RRqjJQKnaBjPT^3CMt1m*KMarmd&)+(cW7kI&3lPQ~GE`PMAp%=yj
z2PVy>K9KJ+0HwG0K-ZkIB;Vu1@n(9Y)9HAY^n9xoU1`f19ZhV)`KqLP<z<z#>wOxu
zLYh&+)VmUQk!L^Tcq^Ky&5z3z&;?E0^TO}ndTIh_2gz-Cn$d|4{J1HNFdFEAfZhj0
z96UccAGy0n!oY}3Y1rNzQu8?pw-B%NqGu87#@_FX%NyPL0-DT_AJ4ZU{6LS}?`gTh
zzJ_?izz5f#S$TQHpU<~K2p^?ICdn2KdxA^O-u(YLcE@sByF6lK=yk?_@iyA(kW@%F
zsGP|B#up~w_r&&Q`Hx&S-0m2(>+N7unT&!gmW{$gXRX;i45PQ`twsEfn%gc~^qgW4
zxVrp55N@jT%vF86h}I`T6QsBRn~IAsQsE1vX2+kcD*ned!N+lDD+ZzF>6Vi6aVa%m
z7nh}ci&i?q$HUW5{vl!|Cs!#gnDx>P%b+gDwx+8`!HhXZ-HWcAenQg5Ok-A3o*k%O
z)*zittu`vJav}~pY*Tc}&f~$$Yw1?dC>H$h#NIl0De@JMM>F^=$y5;43aS$FAe0RD
zxn%q$D>HLe(#zU*;hN;=ShzGh;%HukO(ghX<?^SCp{TwALx?4O9Apn1w_CgpK@bI^
z#IIyX1X!cD-nO5aEA&Y-R6J6Jefaj~D2h&179QhNYl?vsKvaFa1J~0OUPJ7^llmHE
z`A!%R8#baUX$rea^`&OR2$QGhgV{Qb%xTE~4wX;AHqLb#SsGob?2GO1c`nG($D475
z)8L(0>MU9$En;^yQbR<#`~=}95S(5DV9XE+H%_5}(@7UUY>WD7NLjw)>a?dTtN-wT
zF<*ouh*82>L>C;VfEb*VD+&CLtw@4V%xsoE2Hb$W5nv1W6$%D*7fO2bq<+)-%^~KV
zw!YTj{2ayCD*9iewa`2B5!z%<CA(D5Op;#?VGelG1+aL93j=`*#=H_#Gzj{AB|}cy
z6!fHadbi10e}z^v+Xwn_L7L6xnvs`A?o<@+j>f4*BS2ibEQp}&8Yf22EGwM?w7_C>
zfFyeP_qYC{DabzQ5yc-LW~$80QeK@aOs7#&lpL>ArnA$(5Kt%FtXwg9v7yvvXPx3N
zy^cpCU#y)gTTg#fTTL#UuYaj$BGS{>Y_6uJmch~(;}_v1UbbXhWHRgE**ik<Mfb(h
z1pObnuOkR`>uo$XJCp)bY8-6OV#A=JOnzQIW~J?8(RxeR4GZA{71&lS5P-A$XZTy|
zJ%Xf?n_-}e;GVC$0#sBe1RCFjl?!kS#}RTkZSO{_b?;0pZ<{GVI|{@V5dO*20^M3`
zJyND(<~%@NyR#A{;C0?J^?bi@QJ^Hzc{5g8yPGSuHGE?Rx;dJ-Maj{Lr*83&eg{XD
ziX$BAG058uqrMu@xXYx#A)+?k?@$P(Dgg++U5j;rE;|W~qVXNOP@y5o9NKoEa&C^*
z*8PeFblmUiGy+4nUFE|UE<Vm7_+R>nnM*5B9^B<_#)4`oARfsMTQqm4WA(28YDHXk
zhAr=vFK-Qq1f>h)IShq7ZN!gob%lL_e&crrHs$3uq=;U@xU{@ycuS_uzI<=5Tc%~>
zoh!q^vD)~tN1@*(_C%YnZp4oP4c~i>njjseH7~ax)12+q2tTf8v9kGlh~ou(gmM7~
z@BqK_Z@C|LKQ@{!745dVA(Y-8bs=LPgFk-)#)K5{Iqmvt3_54$=0xfz?KehvOF?tv
ze#Aq>ynZLD{w{IbkzVxL&U6ml&OBHKy)er$SPZ(M;lbkj>MbS@nSayu(qhY+`1RZ0
zG^@1TXm<zDm~D4lXt~Jg1)<aQo53fr-N_im=V!oN3<G+JYDYNl;xE1&l%T(rT8+KR
z^se|%^@{N$^Ne3yxvN|$2vmGZ!@au@&|{Y1Dv_kB3M+|Lm6~reZ%*esCr=`p<)i8t
zb-)QL3QGZr7nBr-i(x695hM`8`hK6Q)Ky9G%%rtSE}95nC8<d=ZZiy?)8tX2hVY+6
zol5ClwMRQws<v8+)G0;#rIWb#olJe3+a3?X7#!6k8ih17YL(4OC7qItpIMtqnECF{
zYbZX{;KRct4f6yWYOw_+4aPMY0j3iXYD6<^ph70SV0uOHJyuYUrtE+bI)t?-){I5J
zihWL5u7%}NTl}|TaK{%ryYxTuIBZh8$Q<&r7P1t+q`2Tn@Z<>0bnFYk1#*y)hf_H*
zFKPP0-f5Eql;Ggt(s*%$Ta&5U9vpRq-~f#u3&X~OA;u|gKX6!ndm^1?T+H@YcO&2A
zXE8QzL3(_DFhN_C8<q}Ae6E#0H@1xR;6f2hkJ>>IMVi{pW@BvVBQ?9tn4T;WF8fyI
zt_0h8pA|eyHHIMbNw$CM4~H;?+R2pves^e=o7`pqDpCW9Z#mvj=La28Y}jycpm$|@
z37rT%TK%nE7q8a*#Pq627VJYXnhOPtd05WpVG+=xCS(IfKjZ&BI}xxsW>*e<@1`(I
ziDVB}F+uecc_ziEe}7}pSrrKqupG=3pHg*5w70)7Jwo^%H$THyJTqAYllZpJd1>Ym
ztHW7etq^DXYfo>VU!9F37MTqruzqVvT}zJ>n}k{paqK*}-<%J{1DafLvUPyuqN#k#
z^gs4YGDZIX#4G-z3I@6QTuRjmhKkSk*)-TytZkxtWYhyv1OVX7<N=X#%$d1dkoEaJ
zHT}}8lH}ds|HCE-DF2p;;hC72<gK&AW{`3QcLa=fZ+t(4k2YU1sC#(hJaga3RUstF
zEcyjjm~;vRI-hn&cMP7-$m4gSsJ8}o$U*hKGyVh{pG1~c5~S>mGXBp$(|f%riS$1a
zHrF~3K}dOnpZ?wWm6@{JOv`v@1p*i$&Wg|EINdkH_$xhrd`ne20~eDt^@@3`HGO@=
zu(UFxvXy<i#kMztY%`{3QhB@AQMJz6zpv_#3<t46@y1(m@%1-jQuPl5GlR$x*O!H@
zd&S6ts3>b;n1s#OPxm85OPDL}^5OgT|3ZZX?{g=0)?$Czhm{$;0VhXzf!M@4(GOP_
zL-pi&rY1fF{sK-gvNrg$n`^<9N7X}{=+t!qt%3VS%X_h&f@za;{&wCw-uxe<l7M>O
z*6b(5S4c;D0HmuL8Y;;L&e_qLq@$zbhsmD>C81dR^%j-?EV}&F;qrUl>+!{Xnrp@r
zMWk`lE$2qVIb0J5*KHJ1re0P;8bL$>EquMh)IlWt{hwMWuL6@p(JFl(o?Xgh_PYiP
zZ69|CNl<8kU%x7SyAK?HI1+i)qZfmLB~_xuv;`Tn+JB#E=S}6zXrRry<<an<)=S{a
zy#p>Td={BQRo&kAhJxYQ*x;5ani-Gv0m1MfIHH3nC`G#Z<`9Ak<2<5`2QMb+S=#oJ
ztrwTeOJ@lR)X0q07r#qV-gYM$Q(Q~n9HXRXD3pnmLbfoVbuBF~F*oj}-{rGO61WV1
z%TyXIWz(YoV+av~3JU!J6^a*W={AAGG1iRJgl@>qRSJiRIZuTofKD=glpp{LMJ*lv
zTYXKJ7R;34=mo`2-9w%NtT~wM7YiB2UzZwW5xMe~62<;RVbU}9+$5F?@nR0oBKevD
zdN9%|#Z#rMrJ|ttmPjE>T^;fuN!0$t*%6ZTZ^EEe#<iilGoVV;G>)^jFB$b$wWc`t
zZm7>Xb6sw*-Xk*hXI@#AN&@7A393qD>`_;f-Hl%T20jvW6**1xDUW*WlYXq*tnnZ)
zF%XqavfY~ik2X*q=GUZY^{*V;B#>-fM!zp@%S`T<H-AZMdT7nq58H@AgNAZH%loK>
zD0xq3qPr;lle^#w@{cb4Y#yV{5%rpvzFFaE2s#7v_;`^JEG#61td*kAiCDldZ+JLK
zZ7)dE-QC2bRMOwvK?D2yo+Cii2(=%~sx8u%$}z%=o20@Nj~>&eR0{p%jnTS|5`fvh
z2uMgu_=L5Cm6K{yqsIHJ63rm8dbPet<-x6rahw}cNm?ptD2^;K7+6u6C|SjfVQXw=
zX}*6I$RA7p1yc*uW85VZzv7t!!Kg+a6qo{Sx*>oPSQQO80|qnYku32CDeshJZm`1s
z((i@oD2{2y_g+T<W}(@I*vki{;Sj0+i0SeSgA&u9Kw1=Mt~kC=m&0*{e08o*M2w<=
z1AHyNtJyJkP!+s9YcsXn?)#3~>`ka^bU^G#a4-b?ZWu;A9!#dms!lHkj@#ECgezVk
zg3uSF2uC-{T!1fioSz?>l95)t(^jI(#lrfZz-)B+t$<IzD!o=kF%{zVX(gl3L5kfT
zEuoPQ!X#ST^hlNg|G2U!LNDLW74K)ZuKP==m7XV<mVoOYm#_b(v_Z#IU7shMZ|?tW
z_@6eZx$8g4+0`x0RuV{I6l?p~uFm`C$f4`C0Ig30r3tvnp|o<GD8TDCF}dsGQ~^kG
z`WpF=G$U|Ey$`94kBBYPhugm^&i9ZWez%Mcy$6~bch78IPlfhgkNH_DeD7!*H+{)%
zPc0l?ms8c;^zeFJ9$O01kGQaoT%51Z&)4zjL6Ki>#Kt4#$BJYefeiDm=Q0`!E-_Zb
z3)iS}$Cf(ziX*$Eug@Q~%aG+2VT>h%@a9$n27j1A>ssTc$!;_{EO?r*LDR!xaLHwM
zQ#)Y-OLz)~&X(_cetzbWBr|?KsOKw7Ver_h^sZU!drh(b#j*j4DgR>nzwbzcb7TIN
z&;`@wb-BIG;6UTv75&x>2(G5;<Z^<^z|=n7k(xr-W@o2Cjl>DPH9>{g&m5b?(I^0-
z-%^+5yP>Bu7+Y4@H1tUnW=8~_AaG#Fg71aXK9to|?CTTQV)E3i4GVXK>R?TmZ?_ZP
z#boj@m6ppao+~#>3&Ezfz?7jxrq|E80;`7L;NaU(z#Ci}5~u!-wXGQ>ewQLp9C;yf
zsUiw5o-V`|oV|;I(UH~2?lfV5?B|W+k^I|`6GM^mt70c;Y0&#SK;J7r)9H6O>^u>8
zaIUR5PBBcWLBeuDM2vGTrihYN-#r0&P$EJRg{uU|dv1v|RKs)(6SK$cDw(fvEeL&x
zm2&-kN9lJ<_<{t>LV9+1l^vsce)!NFlE4U1dBQg>F;|49VN)h$S9_@DcO`L(OAzw(
zulj++alB^qmJC!>RJTrw_d(9BifRQ4|DX1A{wgHmZQJeKTybLeUJjIxC%l_#t20%(
zL_b!m2K@)jU_C=2Z>)mMw^-TckCiCkw5e7$UlweMS<6}*Bmp%2n55`KTsl1Mk0w=b
z-E&At7R?kb9BlBC+-NioR~TN|v<dXrVu4NU5qWG9kOfGH;z_W31F@Etk?Dx&(%IuZ
z<W5GV+qu1JjOL=oOi5d`*a9*~(Xsl~b0>aEJ~!WoW$~b3CDtstP8)mO|Ce4cVoHeI
z5U<Caw5S?MV}MkXq!f($sz%QLKAX!mN{Q2afFSBthuvQ`@*eN`#uXm>c=h1^z&Zi&
zxvZ(Fg&a$~QM<WKgLZn}PJ4EhgNUGFsiqUYOGL=yi;Jku0+y8-Z+zThqb(Bu>6zL5
z^9DdpG3vlFI_HZfABi{Ft7d>n`Q1|FN9aMw8!iUzu{TsoG#nCd-$&i~w71d|f0Gpr
z?iEkqC&|f7bF_fDdH+$LbBoChJ2I((?<D=(=`&a9`hMVPw;qwntkpc~5zqwNSZfrs
zEVLOzNZbS5`sXF!p!@mbk?@Uxi$g#9fypm48PsZ`tHCJg4g7OGXQKU@HpT6=pWZj2
z!r$3p;D0YtX4HdfG^X4^y~H>O3_Ei^9z+E+SU_C*Y_p6>5)Rco<qmLE=XiZ2cdvj>
z)}P-SirZ}8?^fF1%{DwgbG&RO90*oFz&^Yl4!o4tJhWN8Yx%v%cfa#@1OB~=*Dgxc
z14?=pjm3>RFi7c`*`e+%X#P!2V2@?zzoZKVfbCnDTH99$OBy0-e)Ylj$WwOB7b>-;
zOXm>hUGmkBotJ?bZ;zPnpt$YekkY!EQ7XL`xy#S%V<D#H_<&JI(7@pT$tEc$ney?e
zKH_s4Vy=--OU{~!x*_NprbpC*HtQ?F#yl2u?oJ)}O*57nX|vDQ$m?^<2eGdzni#0y
zfOKSI?hFRCf21HRBg0csMXIeIC}Nck!&p2tq#A*~#r6QQgEVw$BTEa04VDXQ{y`W~
zsDS3&4*?!!-GH`E=YAjUc98ufN+OyMMTV5vP%BGqQ6rn?yQXo{W5C#{ZCo9hQTOG8
z-13FIv%c2Ivx**&@jypFx~PI68P}^*!%7C1_2(4U2hY@bupG+vHpqi<HAaBR&)Vu{
zFKHQVKP=MR{e!J)biGJ9biln}jlV~dbr@b&7@9f+q$L`vOcKqm?;($TQa=jrN&U7Q
z9vH_PqAdG$(%=fqy9@C%LRUhe)?wJh7aR@tRH9B*sNOcpk;sf;neoAbgLhi0@S-UZ
zmkYeQY!0o_?@>Y+rVJy3`Ns*5p$+AqF@3Ku@Gp-p=smNqR$ibAFpwb05}(yXseGr~
zT7{k%Dh-vNW|Ea5GuM^VlA@iZK=HF8zReeRs(WTm5?n;4q<_}BtFeae&lY31g=KzF
zQ&IZ;lY$v`-^rT5Bx9T0rj%XSRq*$B?^r;cNZy>%J!$~92KWQyYm{lJeY@*4?B1*t
z5-tVg@bIi*PrA-nk31Kf#I*9hIoHHH6>IDe=Se}r)pyB`{&!_8X1tik4UxW%-2PIH
zKAIn8&|k+3V-E>#VLp+6cTY_?1XT6q=^d@F`UP6o<D+I*&yE9ytTM0lwJ`!7`!@zU
zhY>x!&4I=zCXq6?z)T6`?QYLj;{~$-;nZc6=l#h+v#hN?->a_R%8EN?%Y7IxU-8`r
z%7Ec4y_TJr3qDHFJ*6N3<o<T~x_W(g8;)IjwTTs-{Q1(oWmgL5>Sq2y0Uh(%K;#&3
z58HCJ5k_d_AKq#dfE076Zj!#Ny*Sm4>(~VnY`IzqGcW>#T3vP_ors)hKh3&&eLlpd
ztEa>z5+#x1a-g-_FPkmc>fQ9GVl!8>LWD@Y=9@m|U0;IqZb~H(aZb`=hdk~2T4s7M
zu2<tcxBQ7JEz|lupJCLeI*Dd_Ur1Xf>e`uv-oN2rbzr^(ft4lOjng^$1<rWdjacOY
zLYMP=F&gR6S=I*dd#skYxb>5G(et=NQ2kD1ZKMsADRh~-(X<S`DQh}TZS?&f{<a-v
z+A;?$nLkT^R@<HTam1u;cT8aKHpnpzb*(Z)A^`gqPvDCbIRKLJBK`ZC`tBEG`YesO
zEMU1w2D>l+<kk;ra{o#GmmeosI(|6>Esqz+eMCA~FPrK=0`w^_@y{>up+<%<Y{n5~
zX(W`eIoVUK5HA;x3F<I=F#<<2>MA#^8N=>$8N1Bp=OGT+jd~>%(C5q;xsKvEyQ9oM
zt$s7O!Z8)j37?cF${M(<z&u;zixo$2BVY+DP}}4h{Cn{ntPCFIPx|9X?l`S$SSHZM
zx83%O?=+AEII0rOd~qQ1kzc;iDu4+XX_1?EHMG<0l4wPn_Q1-<Z6&5;TzYK#hbBJx
zwM#PSkwr_wwH~tZmvh7VuL0Y;ch39zaSRCwmcRpF_r<fX4c)Wf2_{9Lu36|?(*)|q
z`Zf(sdL^Eu^9@ov7XVrl>RlMt4sF`&6D`9;`Kl+%*m%lfzzjxqlI+Hh|DN=H3?vT1
zDLSL<l!$xcM9p1nSo8ULZ~EQD168qH6wEg_etXFE&T!w2HsVRGo2#6}s5@``5sCgQ
z^6!px^s|`7R#Z6QF#??#bsU=_rY8hh0*Sc7+uw!gy)!wC_Bm@0&K<y<Pnv~H)23Ra
zn^>c298Wi<Kn2Nr*o=xn2@?B@TBIUXwrk_2&yXlckN$bXKlJLUQ)Y;hoi@`m?%TJ8
zxg{_}>KZDH_!r#2DGg3C(#ME0XcQMR$KIpGppxmM=YavIKIpxC2krWA5z=s+#nIkA
z!_i)r9_GC@v&|S@=;%!$;d<HUFJ7a6K7vS9{KS=KOoPnvEZyDzGhZtleV=V?Y{SUB
zv21K5Vxy5*d;u34#*_<)a9|)Z#DR&JQzD?(tIx^H^ZQUPj?;}q+x4!I@iC3#cU?np
zynzVQ>ptoIUnvvuoY;F%2!F0o3*CHQHM*N~ZqfL{k#R$V66<MpR<63-5ODZ0$R)jh
z_(~##MF@*3`lG6vzMmlT4C4<#=>uc@Kj6K*=8Trw`K5MtWBh~j-p;XIJ}vkfwRhw5
zqPN0h@fa>{|6KP&pyFml7jzK>;VU8Fk6mnD6L5fw`Cr7lDPqJDM47l`A6YAvvw?^B
zpTzG2?aV16cGKoLk(FxwAIPtYp~zb<nr`p=0`m+4;Tex>V*CZf-;SdCdtZ6{Un+xe
zxUaRIUzixNKHu<i4GV8#@(h6R0X*qPD0y$uBip7oN7jx%A!gPiTpDIZM@P#*TTqzB
zWh4qSgeN{bl|J~r<_U|})QU?-=68$gP>N`yr8+tUKOk^35F*RvDc?<}9GJ%C>kP4Q
zL(<c=Es?mZq5~;Ja7oGHlUR?2nQ;^rCrIub8)$+ppuXZ@(-*UJRV)eQc9B(4H+EJw
zc<Zt^e617ye_-r)m1&S*cbVA)!H!-sG*ESLF<(g}*D3?$g~vEwvh&`iZ7UCAI%5RY
zE@WFMwshi`f%V}n643=16obR_%S{qFdBW1f*M!3Nc?KsK7X{hps)1Ik6pzdaghIJ=
zVa^R5x%Y~(h0p(pCf7lcjoCzP&fF!_1m)lP$;b<<L2G{LxEBa%@A=@Hr1QO^i!otC
zBd><T3r0;@ob^KWS7mm1{rZABOYc#*G)wu!`m_o~S9~A_kYhoI7RFVn9eD~>BhuL^
zcF7N!cK9z^U)m0(4}%*9tB$}?FZvbqqAZjG(^QQ#hJC18mrd1D#{j7iWci*D?Amw>
z5BZppzqnnrl{2K&gB+bO@`Qz&eV3j;so}rh?xpyk$a2EhlsMr`UB7kPgKC<AswPbF
zF4Ya(tgmo>>e+)77jlxH_cR_HekkRq6x$UVMh|0wxXCKW+e>^57$)_$nj6cS8Tpiz
zEaR~yAp;k<4rqlz_~%9xx8)?5n*(}kbJ!g!lYZm)GaQRyUC*=9{d}M8)F+fnVCZ%j
zR2Y-BdO<Z&`s&czzHvw}+8_w=s&Z{iRlEh*fNrs!ljIpTOKH-Xo)aUiAAu-@rC9S{
zW8`ff0G(cV^se^Gfg~5W1e(O`uDAJf)LIre6Vo2udu<0JQST|=PZd>rkA8=M7E7r?
zK?@$`rQ=`eT$@a)9{(kj@Vw`oJbvOvJaZokUQ_0x_3<Kh?=ol75Kgkel$fS0?)$6I
z2StmpgwU&Ge-{JbnukJ;BD9EBxw55OwgkC%8vkh_30zFGZE#Rdcn>@3ut%t|zc@?6
zBa-xrE^yP6s2~{Q<R+08dRbQL_5Sz<6-f3ze`9PoatM*T&d5O!3rDT|Gq7=u%)RMY
zXes}_MIHiEUi&wL!LrkBeR4sk%qjPJao%N&0$$`>XRybJvX8&bDjWWz;I3$#cEslv
z-z(5CAt(^T?jLqAvJfE?-!H*pa9hgv2JK7iJQ|edsesc{p$_C#!ymF`=7eikx^eIP
zr5A!>>*k$#_oQc)t}&*6IlSm2fH#B!=OG5GsLfv3q{n<Ov+H9KF8oIzXYCySR+X<l
z1ZLQivZE7asF1O<*j8vhk#D&56BGx|C4pPRXTlx;WNg7rI8u$Lx5zJIsG1sPcwX!L
zk=5!hg&;}R=pRo7iw+Qi0z$lsuKFTl&m6sF1Ni_c@#gSdsQX-K-YQ~F8mr&E-sc1Q
z7Vkx1kgxlEwLTym%084*C=n#h`<#GD+n&eLMq_aIywZzKeZ*utfm<_Rxa%O@|H6!~
zDFsTsN*N7~pQIC3HmzTo^e^kB5FAjQ{#!j5dg3&w<*ife;66W|^}<lJ)e~y-!&Jds
z>YxZpu??VXrCs2rt33OGYC+w11*nf{9=6|gF9?)Y*DH!!qO@y|s6RZMv)*~}Chc}P
z8A{XQC;Ss@MjGzmN8bs*0RKXBd`QoOGcp{n#4Fw!Bacy<Lel_NUk9}1$JUOlB3KU_
z$(#|A9?tRIo%&~-%KQW2mE=50MZOjU){vmYi9c3R{(P7nDCaU6$|zOoVu8O^VdF4R
zE&!epRs;@8d}}761$xv+n(n>iHLg$~^#YC)6M&veZqF>`h4#~_h~Vxwj6Z*Puf&C1
z7IMyO$%13>Q}p{t^;8Oe7D&PmT5=jpFCYz;pIo3Toi>5E<V)e^y>?H(SlM6*IylBd
z`n%s(dUd{16f<`9Ya0!kPBuE@|05~h{xwb*^vC;c9+cM!xBDDr-o+3Qf@vvz+x>=&
z4_Mt6`FrspzWH~T)r{7cZ=@lors(Ws&tMvQZn?f$2NY-uY7&^fb#(~YEUod5CiM7J
zy^mG!7no=^5crlj;d@2Z=AI_va>+J*`?tT@c8j<B=t$i;56j-2)?lQ?ylKLB-%Tjz
zwc)WGG1AUym0IxpQs_0>zF}SDCowmXs<oF#V6p)uv8+fFl;t{e+vQ`<Zk8IGD5LPP
zuc(UATlE<qvkSiRmvK9{-!~c@9e1;_vhs#_ODZ;8dFuW)0VWTxk%pe4<|-nxUIeAF
zA>5-ppLTdK7wFggk!c4QfVqzgf^JG*%kwm!&+FeGc^Uoq!soY?%(UV;A8webau?cX
z+7iR{#xJ$3%9<yBG3jqvb#81Sa|vE~%)HL0F}`NX>2>sHK}iNDr3MpMf3rfFAMv~+
zy*L|kEO0#Hdm7qm@A*zn$o(HT>=JLm_{XW`jG)`|KgHXHpjip?sMUXDOmOCJ(b|fy
zwsiV{-pk!*>i%tf3LFe$S1lknSa82e@qZ%Muw8kUPH^+afIeDIJ+~eJ|J3~E2*bgZ
z$fX3ZSGl-Ot?)tHjt0cRiR*#mqoa|ovC|$oSx?jd71{Ko2JBxI^GW%w9EZ$inl^bz
z$+_NlvhO19{njp2vwM#W8RI@#Hnw`6`IbG6_XU4{{mg>LX}6+NyE71x=lj1_<YYS0
z(~>Wdb3Qt{%Vzu}B_$mK=q?}jY+a4sa{ikI;{Rp=5tlXe&uqTfOiRO3yZ03k2z*vd
zCRUe}q+HDS%fWgY)9d=RQbVAThkuKN(4^n48WC|j{k{pI&HB<$11;b9#l^*EUN`7E
zn#=$@;L~#>d*JHOS80=Hax-}#mmnLLn&&WE5<@~cAzK^;MI1#X7-!6lgoEd3rO1I-
z^r+^#+nz3Xplv`Wt8w~VEw6dgqI&tXb<?LZxAaw|KBa`cnD%1J9z?g_(Q9aeK}@Wq
zudiSC9@+BC-a>Cx^Z#}G^a)F(pP*6rDXW$_|G#$?ehU5hYUBL@j@&;R11?N7Uzz6X
zw!7tNQuM#l|0-nv|LuVS4lU`e^vT($n>)u)U-0JUqXD?ibmK_tC0`p!BXrSshJFLX
zdglE`W+>v{^?3@wj8*`WrfChHr6qU^QozP*4W78{-A6x5yfF2A3J9X68HvIWoz*H~
z756gNSQHWe3>-@eHA;9f({vrZOBF|>0L&PU#I`&C<5qmyvt^RLO?Kd!eZEPu00^R9
zB~y*fbUTI|UBIv(6&`}LHa-KldOJJ<a*6l4ae*SWZI4xcH6ylHZk@rlr<g?n27;&*
zZ$VU}c5osn!~p@<ug;&p?oyYT$iUuKohkN=S}k+80sj0i<DHC4fG;@v54+O&5nISs
zyf>7l@EKW}7HAGzyP)9y6S-TGc!vB1pe}H{e^5lVDQmym9b@k{<(rUNvXUqiNioq6
z{c93W#b;wA?-IV{0UX57MWa=6^n5Q0p&OD$GA2GaWcetxc$YFUoPQ2Atv($xHhC#`
zfw2CT1sdwR7_@0_ICuM;3nhyJr{koHfr6l_M64wN-`1_)yM=vQPjp(lsN((?U;;)0
zS^IRDq+P!reD>0$Q`P_Q@+6J*k6qp4#>5oe<i%i8TVSSJ34wesl!EhCR~O!~m_4~N
z(@(z-;?{;>tP+I2fwepoV$JNz-JOX1g~Aw#%%>S3NMvmDeg#=E&Ls=(k0_*gKeF*p
zY_LpfwZFq$dv#rnJUt!lv(IgE^g3@m9NpM$4etpF5!=~p#Cae%S6X5*%}{61pUW<}
z6i>j}Wq%smbLlW>2Ip4&GWSoxhepvh%Sbn!DV8+sU6~|C%cMDJgftto&Nll~2Yk!s
zZ}&me>>NC*UB6rQME5?NGB<LdI(31^cHzY_aH<bl9betBG?Z~TTxN;wN-5Z@j<Mf3
zZ-JVz7n?SU2{YE)%P(un;WOY&SiN3FJYs-HKv1mPe?+Ia^9uO+p0BxlznYH9b>7Nb
zI@QZGvM$M;GC!CqSKXw*AasN`-UhrIwBWc|8^YR@x1p%8BZx41jkz1sdZMQBpH&#j
zKAM@Ku9~5qF(Mvo{qx?yX{ca-IF&;6c<`A2Bt0`6GpTmV=7%5OjfGAE=RpS7nbG8{
zqnn95oJbK6z@NKQPw&Fhn4zVb>CI4_XcqQ<{O?a={jk}*jo=#h(%tPkRgyLiAvF*4
z)$v62pg9++5&LMgo;k#ry#7}%+TzWj1Yv-*16i#DRPVhVuqt<?F`s%~eM4@&3wtH~
zGjEJVi7#Yb$OEpJIjJ7svMozvMyaP#gyUi-BFc^5?&twt7cU~UPH!?rfBE|1farW-
z;ElB*YSS6L)i+JM>E+w?nwIqmm-1?B=nyT*#P(B%H375J)11GhC-chNqeUhNsE(Xo
z#|xQYkxhk<DFC%thy~aUN01xphWcm~cv>;wjY1${xIReie3MH-N|u7^V`uMo^w>B&
z3;vm|x4k@KbF6<`uah0l0+&p_((OuJO1>}~%ShUoNdJm6n~L5LfXwH4WeK{3F#qRZ
zxoT3({mLydB?jX!<lkGD8cKosncUMnNKOtTT4#i^EMN@zxhE)M{_ELIDA7u~kpkeE
zPzKa%v!LbPJWVg45pq2@&Z8jr)-Q9|Eb?56qzR#y>)+B7LYBeE1vYaY{r%YP`GcId
z-iRzDFh(5@xnzy(`*e=j^v@1tiQK9;vNWyW!*6vnR$F=0quDeDb9UI{ZEoo+<;Bzm
zW<P^4#?wsDBk&$FR6oN#MO_Nf8{mjmX%@EmXebCQlj5ikrg+A|HQ4otPfYZN4u(W3
z%=zA(u_T;lvltATd)>M`Sb$gHKVMw<s6%cfej|b=41ubEo|;tD({AWwnO@cQkP8Ib
zZw@D|h71{7_z%nP4YC$&&1}~t`gTiNGB}to(J!{%DOtHccL^R^GROlngYPmMUP7GD
zm@~^yIp^7JhR*J1H#Vj}u`BXThJ&`<p@$K(rCJm7C9spWW|B51pUW~Lx+Nvk^uIlK
zBl$oBQ=S;=jUUJ+wi|0_Hyn#>W<v+)>Q?ok$k*e3HGVEZ`ez&^oH(BBv_@Rs3Ke_o
zC4O64>arXaUoG}gRL4!E3<|?_HLgxQ{_B1nQ>OXGzvG;o?vzJvvA1G?)M3l#&7wQf
zG&UJ#%8<8#W9~5Y+0B0<lKMV5rJbI^!Pc=oY-=RBYz4@6WH9{JwS<`o?w6^8uC|Az
z`F87Cb7h%;>u_--Z-ZZ*gYM=jZ`$I^d3oT@#>S!K2qMWND%-J{Kv+<VNv~G4q)u&H
zu=s5<8BP*RFGDY%(YDn%IGPf+>J5!nsUHfx#3yIpXVa3O$F4SKCC=v{mLh!5dxEd)
z12EFjuS&=EVkrr4T;oaY24CV~d+J17M9OmZkpN6vP*KsdBQo7M%}z#3f$LZf85egf
zOYcSE#*>iBf;T41@gH+CcWsNOtg_df==4NuI+wbK@2)XErUAFF9r%Brv$%3rq~?4V
zqhHfX$H&`~w&r*t#2V~n&RaypJ67>ztKS#9=KZu5te;+IUgg)G^f<i7!W*vglDKI<
zGqX88q^7Ps$!<2&ODE^=NQJ;`>_6+`wk_#em;UU6P@!s@X4{k7xMH2JG!jVwOirzM
z175+0f8u+jVZV3%%J|8~fbOcUd2hm+8Hq4FheE!96%MfnHtJ7&hn`wGM7D`(ntbYg
z<ifNUZgE&r!h^0hW%Ye8(jR+)O;eIe9;gfO($oyzQnG=PU(qLPSdQ@b$IXL;5gfK;
zsA}uNv6=)5jynoKNn+_|`8aY{QLS-=xK%>EFt#MMHiC3+BJD_~8>uUZ9%jkZ)ZpE$
zeV^II74EX3`>zTduT_BQb=+O)2v}Hl{@=Phpy8qT44yi1IA0RQiP_BJFUcX$<#LSy
zC#4rKfeSWf%Dv!$Q`TmS$CCNabJ&uKmA?{ucvPot%d<T0Lf$lcA}jYTKUtMv8Sl-o
zH1EaUuBeG_6;;V2Ol_apePPDBCtoIg1Y`fY@R!Fup?73(@zIWJ+&BQk4X|yW{Q&sr
zC6q1=8i3r5!E*TK^A6rn-?8yIcn-T6Ys-mtoB3vV>8cxTV5k)5bzO0Uk(6zQ%P0wx
z%Q=9gerU<LaT%#0FL)jAF;v63%pC3z>*YO)w}Z2q`PPY#ElHqrK!u|siq|z=fK*4@
zf;0WBXJC`5hk~aTxD<zUxz+XOvYM}Lm04J3p9l>ej+XHU$>-s~b{dfmR>q0#{%bRT
z4OZ&BfQ@LXMc0H+g{*_~!zl;RqUSD}1b@kmuo0<uJI_Xq&Cp3&0)R8KV!SQW^;biM
zrJZ0@X%X!-!HR;oE|}{A#74JYeDpY9(2P-G$4>;Ar1WF^L&@!xcJJk%xSX>F29rHA
zf|Tr38F4@H<<RXnCTGZ*nByZV6gQIO(@q6FiPcqo=$O;~tOMzN62yhx5jFHXeSV#_
zUb6M<!(wTm`^92Fz1})*SlW%nP5yxPyI?50+}t0`t>q?g%@GDTwKhdIK;vx$dKbms
z@*S{ycsO-d0r@B;^rt#S*2`G5308q-DgQ>1t5is1{m`XvsjwvPBwvp<=w~KT-OJ+|
zk&jT!Igjb=4yN{rmPYAM5b4*tn>3s6B()hv8W!Jvh)#v5&~>-Eb)oCZ$Sa~><yGf5
zxrfT#aJ<nMrFPx=M>Dn*KGCbWX-veZ=>Azy?*j1GO~<MgS=lNpw1Y9};M&0bC~Z$Q
z98wak;7Qz)Gtj^{8nWf~sgIjMTT5?w)^094{o-$VucvXJsm=vE(V7Y5YmO?bL@a@>
zp@wB9MvCyD=_OQ+4Y|j^ydQVn8v64HYKC*ut=R0L26NZL?UJvh*iro6@&C#Z36KeF
zK|_pHo4>ZRjRa~BI^`Y!Nt;pq#^j8Zxqjuk9)lX_F0KfrN|ue%!M`@Z8A#J~#~27l
zNN+;STj}a*-1Y5<NZEB2hSJfUoF1YxxAK-ze&z2hM^s8Xu$vqc9qzIHCFm{LyJ$py
z&LihV@&0o}MP3+fMA3Ao%oa6gZQ}4J)ZQ+#c1Ha+-b(#Ad~#z_qjn<sLO$IRMnG$-
z(nJHJEL?hezK*&%qYyR-kTn<M=$$bd;~w;m|K$M8%z!WF+dF)Be;7XN<atZc;JA*l
zCfwS8Leb#BofMcM*R2u{T~sT50%sOv{Sz1IqiAS<*sb=LA4ku!!!=TAdKo3P^dLC_
zu4nT2>mZMDP1C@zwxaFTo7o~R-x>W?BAmUb%J#FczAS@l=KsUjTSmnZEnT1q1h?Qi
zcz^_VACll6+#LpY_u%gC!QI{6WpEhW-Q9V7_ue1x$6N1Tb+7JTed^TeI<<H8KIZV^
zrN-uNn0_t9Z|i>dkEG=h*~I+IvI|w5g#l<3#IgCT%#gY6ch7&J87k@z<ZYpoK}cef
zwI|^fdnO{7K@)R!WgbvkIsznFrPMpIf%MtxNBij(s3D01GLii-TgS=*aA9tTSv92A
zQo4%{S}!xrBIzu$^o%LV>@B9{Cl6s);-+(4{mm#Qg-J9W^ADoe;-J7#jU_d!b(L$z
zAX@I&)nASapENRSfumZUFX!uXU)5R0CWFz_x`$TM{Q}NxfdbDakr8e9Y9w@3OHj`p
z1j+Z#KHOHk*va>OG@IWe#vVR*i>cNHHf(a=6)0ZEZL{aCSm;^1A+1_^de}FFdIL*y
zHe{eR;&^O>nK+q;<{v;(vY|l<KHt}P%0Xk_eQzGJc6sSR4uZ-rNEB^0Ext)I3v#Q>
zJ=s$1Bm-vL=xXDf+|YCpV7Lj{pfwacoJS_6`-v&niJ%n&$-2baB=$DKoNSqM!`ktP
z$SW^-Rs&QY5=sUeQtk2Jale`E-|MU+4S!I^uW^Vqtv7Fx2v8|!t5^#o((Va^TloFx
z!W8G(zFzBww;q<W(eoUZ9`BV`xkVb8xbPOBYrTJ|Hm*Zfhe@@Xy>4xiN%zg-{ca{t
z5Ki+ZLL*>6DNnp0Hhzsr(HO$XsQ8Ed7;<s0;`v1OwwWFZ>ql7d^eA4JxLNVti?~48
z*k-el(1pD%G(ObIDWKRS%^CKI?j)pQLtm1lmHc>7i*Km!fbzaB_h6~Tg;!p5{{&+W
zZOQf4gYcRmMhUuwLp%IXx5r}3L=}K;#;Us^R1&yc59o`RGGIvykuclqwgfzfQbS&P
zhJv2-&^d`6w(s%9!+1uz&ui2YA^&d8Xf&MCv)u=zqYp#`*eAAfd}@+CPZqs{x7Pt%
zqu@q))rBa%k`zq1d)tc#1k|(D;cnIxDF%i=sdkb4t<cZJ{9|`oqTh=bY|ll0@HU=q
z{T}0vB;t`UJ*I5G<vw|E!X+z|sWMoWK_rB|y!Pi4e&}9J2R98@-QhfUzNYpLM%5bc
zbDjv`3$9<l7iaS>dhH;`><e-cxWy0-$DBOunLCjn?#kE;Bnd{@?VP~m^q|!`E`M(k
z*{4BHf9K@Av)x)m?|3>PoVGH-H>Ka-={P0gu}gn-cfyQO9NAIioC<2JJ-2}$gz9wW
zI>W&!>|zb?6#_iPPOdO~s$1BCRNvzPaC}l}tBJTgVyBmKx@<d;$6k3OPuB<D48DgS
z71D%q_f)*D+mhQvt`mo4%XW@|VvO)pj4BMx9%bFn?OQ-NF%hX1br;K{y=Byh<i6e^
zar<V&7FtkIVP$P@Ys2UHuOhrzT1SJYxAIA=eG`PaQk<x9ww_q+Yd@VVcnuVC+wdxW
zo7+$@GTI#|@*|+cQSKBKXV^hoO&Apom8b6gmV#NPz2Qm>KS3!b72@rm-C@)5SB_ma
zTK$9fNYXDOhLSLYnw+`0E2?7x2kUYuhTUB5*1{`VWRfPDdAQ#wR}SxsWNC?35B-sU
zs2(6w&nsusn0H!${9LELeBnrcjz7zg!P5Pssj=2>)4~@kM!*sJ8v~OU<bd4I((mOu
z#?4L2iz9$CyLG)griTo)Of`&Hwtr>+!}$6HPsiW1Xr?kcNprB!6?14F!3$G4$Y~9Q
z)=A$$iIPLw{+nnogxBrD-L%{sX=gzBi}J9lG%Ulu*&|z7CT`B0&|2Eho7QHHLW*23
z*f70NYj7DjE+LQO-iAwF*kO*3p)#R$m%r}V@@B5?>OHXZ@HlmAJ6I&pf|w7<&C9mL
zw<NRqC$e>0M_TXTc#yOOEzyRaf<P9)Q_O1pI%=0Qg^N&L_B4)&i<L*B*)6bH7<zDG
zl{!aG);1@V-`Tk9yr502-<sjJ>mD)pcuCDp;^^V%j?F77EWFK(ylw`ougHb0Iu4T3
z#Z~V|=YHa!SNumBVmpRMQ$l3iqf7Q`h5{E__(AOLo^LHN^S0d-6S$I<rkzbY0oxY+
z22cBWIK;i=aAQKSEokut1sc0H^AKg`7^}F2cpOe&UNa^1&u=ke)W8c6KUIE=bxxh-
z2{8Fmv?@gixmRUO+@`k|P~6+$T|;?DZ067WY_IwLy9+R6$VD-EB1S=d(A{-=QF^qG
z3b=E;Ulw)ZI8%1KYhnnfgdOl=t&g}X7G|j|g5IAGTGJ)vR_j+e)aolxv=gcS8lH`6
zNpiFXyenj5Ifd?XZ4fm-#LL`XZR+x>r~2|tZY^w%$F$U}Q%TY8MbJ1mvR3ODf2dWL
zz;SU`FQ-iJ7<qa4h>G)qL91|0BxSZ$ACGglLe$L$?0Y9v9?jUqwvf(v(MnFVZ6)k9
ziWJl<>3Y1YeV6B*vC_5j!Ihbv0<wYE4A}GT)VsGy56w^t&G%y<LN#e+J3Oc=V;7p!
z<ZwM^50?6v);bnj#?&MiBmLSd1wYStw4_0UP?&yx9ykR#H{GO_)D0}J2RsGJajWJV
zziJ{2E@3{F8FmM2l(n^PcOr`R`TC*B59)|+IL+u9gYR|)A=<B4L0k1V%amB5oiRN_
zg0>dD>Uxx;!8v0JK;HE}mDp81!B_<K20DzanPC@ePDZLaiqF$8@SWn5lk-e6ihHC^
z2+{nMpn3ZvH`Zqcrw!D*$KiG*>14Oa;WKp9yv9pAMgINJ=b{Ctiyl*yb0g;~JvUZH
z$~xxS6P@vjoxJ(W_kdDYisBfZ0Od;&bpdU?7z5LBx-o_eHxKBfGxkg6wXY2Y#7;Oe
zT`wS95mHHVs@JazalMOP8+iFG_+G&boblkhz!}y<sGm6PbO+SQ8R^*%FOBIP1wH!p
zvF>KH#$g11b_1{HVy=<tnyO@1Hjlw*e;hf3dV|oSH5WtIt-rlK0DBY|V$zaE?oQps
zJGF(ZevwJ@Z|?+H8tfMv{xBoKaDQNJ5KYjxx1<XfspI6fvk_2=BOaiw;j-DGxp&~#
zM1~Ah<W6BFVEs{5@AcIN2UzO-SzL(_t+DH*392E$zDLA-Jh}E`bCCUmWg9*dqEh{s
zZb-~K6cFyf!eX%K%@pdImE{vCQK8i-F6_vmV*wexbx*(oiCi8gYSqy#s)BRRcVD_0
zxf52Q{u;D}3c^K3E2ztgoS^sEE8R5WT+TJvheH5#H>F%px5_N%d$k6~92oWzt}eVb
z=}{dU%Jz&bX}|Q%*1C%N1HjZZll)@>0rgB(bmSozEaq<3M=rF*n3XgFuZ0N--y-50
zZ)*gaedL0WKbTFn%jpCLMOVPeWa?*=QFA@#H#~a)rr|olpe|Ef+~ma2PjAvQ^-D<>
zF>O2YxpeDf<n-3SmhWgo#IY<&I|AucRMPzsKS@w&$wYrVYN->F7&>2=)rIz0jRy7%
zvGRi_W}R-db@gI!WoM_Fb@Pi0(&&rn+Z-w)$68?g`_Z+7k3XsXRGJ#8=%ZQ#TWof6
zD-XBd;oEJir(8jCux@6n6BqHgFkcR*8{tPyO&E^SSOZFTBStekY?>q1wI-)Kc8nBM
zlU(?3h+C0bo1<5|c=goJP}F1c&)=!pFk0kM-nWN&)}*X<?)S}IxLYDFyF2RHMGNx(
z#nhIFZ&el*<J&`#PM}^cC)ayRP`7B_IFIXHOEh^xJ#~<IJ!-+EextsXKHcG<V`=0X
zS&P4Obgc<wt<NBmHq{?^=EBthFI*^@5uO*6JP730)p3N!c{qM4M6OvMdA3bhIh@6G
zD>Li8UB!wWn$CeKRDl(;S}+MIN_XGmzIy2q1A$EZ4G`3UL&#Xr)FiQ!Y|^H`S<wcx
z{z~a6urg{Nfg-|!b@lS7YlWmit=M0ondN%9$H{3i<AjXruher=Uz2!}b+oB?6r{J?
z;KEEZ^RQ4zbj~&!W9Ix5rKXo=M_RclKHVItyU-UR-Of4L9pQYAhQZyN64u`$xw^kB
z_qjdUx$RmMFHsXpktWTVsk0+@#>zszy5Z~OQIu?ibdqJMs<%ESRl!ODLrB%~O0(mR
z*-uY`7g+XQSg(i2ZC6k^Q}9t%Do&C6_Od3Zg_qQ7LX`{~)PLQfliY7`A5$3MWfpp`
z`Ou9lS}Iq77A}L*sbVWk9<>}WNemsYyzD5l^6O%g6~P$@oS%R}&}l}Y&>;~AFhA9I
zR8MkyOcK$y=NwXmzS6Z}=ITuzp$^DJI-y55$>mVx+a-_MqRdLSs@AhGjSFPWPu7zA
z4hDFceXcJFSzxToCIM{pHz|L@G3R}t$;B0ir6gI<C*Vq*>#iPS0IiUM8Ly_rvBzKS
zHF?&>DwUuNXInUAu%$N>AZ%{|%wAqH{r{wQLQw8SF08}#=jskElj)r5N@TRdOpWcT
zvfiJiP|gh<FTIory~QkY)H%D)D6x%F_4IQ!Qfynk%UWa`*(9Q2{CISf(AXfTzXtgR
z-W+{DQ#yucwAj(KqmVNi7uqj*q-lpk57@FUV)_xHK^tCH>&A8(7F>p5+A%W{hK}MO
zyJ*{DxwBvNAa2HZ2hsB)Sq>!m3bouBy1>HCH27R-=E7yx4dm}$E-d+OhOam1e2aCT
zW;-E!sisPgZ|Nr#f6t=pu!Tpokp*6m)8y`&f8YS66C(@eQpShtddBLl%=ETlWP^sP
zd=DJ-v!<`dL)^}yB5cX)@pE^mu4_`gx&DZ|fe|^RIoE;o;bw<xeLW_oe<WwC0Yu2s
z|BNhfvcORr_6GIz6ykjBFQh5p&J{_uQ7&K>T5nY-W@`skepAerJ@2rxBLzHz1lUtj
zRSwz_Vhpk8@wqhmyf2U0+CaRa{rC+PARsZYs`uhW@@RZ#|APTVOBCr_e<RIUq``e-
zYw&0(#q+GnNtD>`+H26t2$-t22|q~GOC2wRzv_uogp<pW+#j6;@2JvlX9%4bnP5t3
zwV>{V>T**Q(##n@KSieB@#=d#-cF|xh#=4q^+5{I&`NAyGontdaEj~oeaB!_`TXar
zTk>MKq~=KQ?qv07(~H+098Xb2S;3LE#0BfZ$eB&!2~NsKZxV!v5Gfa0hmSs7H{j)(
zda==2;MtiZ-*#Te+nh}2T-<2*a1aRTPifZ(8J68Yu5^lvRT%0GavqkE&DC=tNEs*n
zBey(cjL)x{F5||Q(ai|P958B0qf)bjFS7$nUu+fs=sCLK@&v*<__f*O;LI)3h2Sa@
zea{*&)gfnSj=UcgF$G%}R_P&pTAjnW!wzR&2FlEjGvnY&?|fw4dZzJxbjO`L0wz?{
z>!WG{26icXZk68rCz$jBS0GSBT;!Hbg`wD$>G1OcqV0a^@Tq3cVSTK3c}mOWu48~4
zb*G0s-f73fj;z=|uFIn#KiX3u{C9vZ<g}o<Cd6CjsE3EW2Z@=7sDOK|>CZ2<PW**2
zN=AQ08%a)SE8j>{v>|0oV_DOp)5HDkA)e4cI<5$}yL^txX|CP|d$T2EnRHnGLRQ}7
znr8@>6=%XJYhJN&aNGO@b%^B(VFL?0)35b#Kc%Y?J`M1k0#H}jsr3Rs!au8&s=ULG
zF-KAJP#v-2+<3E|(#*Jc%vxV^>625EU#f=sTW2uG7h+5cCz;G5(l#^1!a+YRf$nn|
zl^m9ee^w^nE+@D^y>#our5Z`p=0gWWq&xbUGf-lzuP@sWo&q}5n<I|5-SouG4sIZ~
zg6wKjz-6S@+xaWDA~Jz^XbHr|lQUpYSetZ>(R9ydY22Sm34P9@OD|c&Gtz=4yyv&#
z>=FOps8P-zk7sL?6WEx>`ouQctl-`<Sl}qY5Mn{e(~-Ka<#v}f{Y_I@E^jVQD~C$Z
z__O~{saaSc@A&E#u{<0d7rg=zpOUEFATolAqT(IQz}x{>`fAXO@%~Xg&mFGx<n-i7
zs~W{82hPTeqXcc(v-=BWO<E*WT<Ez|3rSNl_Nw=g5z};SG;C+b72=vIZbKZm!3WBm
z0Iyy|18M#?y!oD@?hdl7AqHqTiV}#oIdb80n5l<vql~g$wWn_%-fdQvZ0LYZdDD=@
zf?cI~a%Jw(yCJZ7iLJHaEjB95l^v``lCq{z{=(Dd^Q#?DXq<AT&u+crBp+L8Fj$|x
zVeEjdrCFZ3q3^^lY9+hnur%D9LoT~ONS97Ka6)&7a<R<%gD2?LBl%zUD9zu6G2STx
zSo#TFqW+|)&4exvj^6pn=eE?9h#<!mr-^T~7itq<2e8p(YJDzd)!!Hz{2oOE<X*Ou
z9dBUt=@o^a{Q=hp@L7SS&4sBuwby3qIDl|Y$LmfK#TovFt{6eI5M}VDX0;7Zb*O!W
z2**s<sq&i4naCD%_ij$@CBz-t*2gadWsL6-qa3G4)}-hNU;h~fdoI^0Jrd?O(o%{8
zf&<*Z%WyHA#rMoFUnI8DOj21eyyS$<#))Jq{o=Q9%nFFO25&7s0PKbwTPo=7_O|x)
z8yr?|1uO|Y#hA5Fr+JjFKca-|JGW$2B6f?zZ6&+=xC9Tq{jgrR5PzqU5DTJxzZ>G0
zzf1xX%ceYIK*ogK@ivUo-2^dgYRN&{Cr<}Orwb>;e~cpIt=xjDS~7@M9M`oE1slm^
z{k>dCr+I~@uG|$V3pwnDjd&LlET5pAc_E3M!DE;?QDd4Y2obO8;6q()SbGB!#{Rl0
z${u+^#zAXvS58b6)Zjtw(;`-Egt>U(!$TaH+l9|}w$5<6wj$T8b2MbzbZnWw%nlDO
zM4-iQHK>DPQ=i2+ibQvCqV`~*kOpyG=9eI2>_!gPi+K-XJu(MYwfh2a+A2OK&LNc%
zP3xcYzqp;+L2f&$L=9mTt|ogDwZ}#phGr=tMV{0aIDg`o#Hup4*~k4wSGv@Zk{{FL
zveCAc&`CorJtoxXhn)EHJD6_dSo};n&I!GuQF1wFRL36hhy8PWG!h2SDy>C;1M0&K
zP9h%6!PO^>j+L4S+HdSDoy4PwV6@3e)?dGbXvEcie7gFLijm-z5E`p_XT2_acdJ2}
z4(z$CLRNQIB6@S9hH%n;AMF$~QKfQgO}ph|<rgAaln_&9EiIT$dNe!6aY`RHP`hBA
zbPB5!cun-DeKaf(sxla~t$RI9U$3RLIngf}L4xN-7hWEMO6xagw<DMP&}AgliBy(b
zF%YTJ5O0|j>rGE%_i7<@e>eyaU0`guuruTjNnnM~@y~V+wkCeHGzm@A>8qbHzMs;V
z6?QGf|68Gvk^Up2XOdNVbM<>-I8Nvc@02^#^IZM)W%JJ!%A$v7KcyW<)u~40F9Qn~
zX6h8@85R2#PKn2^<FjKfpHeO-J_AGNuS9YZqh?x?wa`_KERMFz%Yb~fVd+Dsdh^mu
zk-$jPJbSm8DhCwCf`%*Q&_v`px*RQV#kJYQ%6a}yV&uYB+T)%+bXK}j^||^##@sM`
zv>_)X1l&}Ube)3o3O^N!`nJ@6dyC_8E5wXw5~<KxmOJ%$DA~JlTrVtX<5L2Hkaql^
z|86n^!^TCF)mooi*_%-YpU9g^Qi7l3*yfzBMqKGDsZAgHzhghr<9LYh4^k+##V(DJ
zOw3-D=4lIMMjICJJi7|iWG*mpTua2KPR24Te_?)T6eUTYyU-o`Z9MnH#~nUru%W3;
z>n1RiDXbq??{lfa6_3^Aw5eX<M3=*0zM1d<3ydn>_Fhqto{0@Bu83H0RuIE50Qg*o
zPF<+~-cTJrrQ?DbXyxVL6a6Gq8d29IQfE*6Q$Mdf2rY-;1Eh{w-9LuJa*oX&P?911
z(3UjaKnps*9N7gLDmOQ&PYOvF`uIMNYaZ8phJtaf&pX07tT^8auvcG`u-0=1apDw)
zrKa%!I~FC{t-`G_>)KN0$1;c9w4<!{GbIKaa>PG9@$x)AEPeF~N{E*<)0VK@Q}L;;
zxP??pfvdi0j~@?5c*HM?bxw^JT=EQ$&R$7aKvxQtHcy%M7(ZuwkQ*G4=s63~S896P
zjFlOCcYjrm`g_PYOzm7?!>x&>X<1+eN+DAk%o?Lk&_X(%*8!PcJswlgrHO;(uS*vP
z*GaTPEb_cO@WDBm+j2)6E9(&mH-`XKDk=yDVY0J4GzsM)UNuiK?ZV~E0j##v?3I!t
z=4;&b$&f|%0^Q&B5l(!bz!T!VCum!&f~~VWB=M@ty?`Jg({Mh?0U&ShAq_SoHRrWR
zP2jmaLGb9Aft6c$6vO=n+(m1%V`)H^DBK>QlI)J3_=`3!3<RYOYk7!s`1a*TNy6Ht
zFovx1mAD6mHGgP*A4kEd7l(qV9Nb`7q3Uj<D#sdOj!)HS`Is9*EC6*2V>Uig72o=7
zvv(-4tA5(<-@hy)fne6$7di=PNE6ZpOeZD>gG*IpM9sBtAg6p9lxtoBLK?gkp@xF_
z@PW3-JmG_2a;S0~+Q&ltj9<k3eeP`AInRPLWbxDqC-J20p|Ae^Oe0#kabXRPRI-eV
zC^@Me+-7a!+TTANid%Veqq|6C6^@G5a}=2q+<(^BvbBEke)KH-2my-sQA<4d&ux#$
z?o$XH;qDH4dLf8|>|G+_aY0`(lYYv}lV94}8t!R}a{iIkwD>GJsy)v-?huzkBx$Hf
ziK`!5e4ZhUv0{QaU38rG8-w2jDXzKV>_b6#`euWGx%$#4QL4EC7oREWKuj{6f`K8i
zZl!gsRX7|vB9EFnIyqiQLjAKJ6{FQPGE7ojNJu0V8GTep0QNjXkdJRTo7Kuf&iRZD
zJtql;?qM+*D{I)AFs~){f_QKg1v7JIn>;;3Qdq^(v5)JZeWgM4NE;hQY^=D9I5`JZ
zM8hS%ne~o+VF~WvmbOvN&e9$V^`ap#{0XL{=GHd{Ol3oeu%IjOl9^dZM{LK(is)CO
z8n}_IKO(%Vx-{rhbQ@}*`}y^0V!5W*Vg&Ndk=4ccTP@|cysz$?P@Hq^!9xeFX5x_%
zDB%D}D_ediIek_HUy``hka1ezwHN)bJ$FMs21X<iT2PR;V5co4LLoY{gG4lb$9OG)
zLeh>&*-#C2pqvi!9c;Y|dL~b;KyL^#KTyT`nP|(EkxbH`rXz%5<X_K)X4k5je8Rw&
z)3&LFPy7o?&5NTUv#*gZIQdj&%u1l9?W~>DCy)kadtndb(v_di9j4FG;Nf*EPBmWD
z78vTu=u25ioV-izD!8>iaO4K{0E2$sQXlO<$Zg55mUw}1#d>}J&{t>>3=|M)4cnzY
z7kvaqEsVy_y;)er8)*`M&Z2zR&Ach!o7;H!ZQ~L2(QJ2JW5E)uGA*Ol`Z>bvZxYxP
zzZ!wC@|?=voj>{HtnfT8u5X`D)DXX$v0UJO<1v-Us|`p(t4*>!p3yDvXnm+b`6N%@
z8dlheYmOm*(IPH;4)~?%362k+IqWuZ-qyaSgD+EIN?ftREf6(7zOLQ619t3{+9%HQ
zgM~gH*FdL9>Lv{C8x5c7_A^!=<_+2!IzGM&0Y7(d_g5Kyoc<lZ>#YR*wP)+~)pF%g
z;jxd}O7&f!8JH71zS(8sSmx=i8i89HXB2fa#zoZ%okUs=OMYhrr=0Y6oso>+b>c(+
zVd>6{$h92^%OmRYO<k}PGKd!Q0tFie=&ix+q#;A{xiefTq(o1f8IGM9oSDIbp&OMs
zkzK>DuW1t63lI%R`Rmvpq7e<Th`ne(|9yqFO33o2yQZ~`JFicf+?vQ=x^RBTWA!3K
zvwi8}$8CJtZovZlB^19PfcsYdJ-+9_I`Vfc<r@p4-x-H7s<rX{rv1%$#iz;TKV6*0
zR{HmsB=JcViOgG-9MOs86rzp6UEX+zS!wPluYEdmv8l@v{m}sNJ<)NN#-ARhglcN)
z7-vze*7v!8u7<NDofzzE|HY(bNCso1NvPUR77)C@Lt4=qiYD0C-WfOBLhTc-1w7A%
zl7VBBa@9Ve{CA7)3nr-{phDa#LiZ@SDsoa%a#GbQ(snVDBc@VMu#*rLc4G_sd!MIw
z#c{&~-*sL7F{crVqZa(-;D;`R{{=_9Z98dJ&WJh|bZ6q88KRZS=F9_le(INT8t!G5
z*uD2zP3`I+ui$yk_zWuS?>Bze-BSM&ZANcAK|y%3ZZUW=|F6H{$tdv<{%iPuq4=K>
zt$UNz_o-arD1)By;|l+;TL4rM?aHM2dF7?0rMxGGccS7FiLAC;8$I&8HuG=0It!y=
zyIfD^fXX*^*O<GzyCiej5doE&cO!3!;k5_zvAJVRjPMu2((G)XfdP@?j!^+oU{(~c
zKCx@>9ZF-ZKK82e*ymj~GPiU7@<=BR*VM|&tNAYP#s1r~&Rt>rNkr#_CIW&;<uDU+
zaZ(vB3-X`k{58nY0}`>Qd<}>tiKS4!hI8!{!#dq#;Qx1El>ZsC|5uFg{~5o1WB$(z
zA4g(L82>fk5k&rH{C|51T5I7o-xST81NqG!Pvm~FesJ6SY&?7+6IYKfT|h|3ebQz4
zKaX-jqQt{*5fK%{Ubw1=PKf!n)Q`+yyf3FH7nE~&qmO5jdiSouHOY>mqXOqxf8Xrg
z8QH)<Qc`ezKB*Yc5=w4Y%NUaxBl6TQWmln{TToo9vK(0OM?+o6))6|jn-;?or5<aQ
zHm4;!qp|w{wE@;!7&d}k32U9UpswyFKuO+>gv2`jKco9XA*j-n<{b%6@)FA%jhqAZ
z-hpeD{P5U~$av%IOs^05wk+w$PNfLG)sMeiW*3FE%?f#~J-|rf(Cc=;eDi47bob&-
z5>G3+JVKtm<B=g*>+>zng|E@5hMc_9(V{wksa3YxP*o?>Dnb3JV*hPj3NTTWB4F34
zwyOjmvEAv>UA1YjSar){o%!qXwlpsvB!4{jaC}*PO=6Bu$eD@;eCX1_q~a?=c+(Lm
zx!fLPwVW7Kq-hiX&qQE^n^|R2f^^|QqVTz(O1%Xi3L=5FuzFTeOdN~e9pbJ=@kVBs
zB076kR0TX<8J%4;qasc2+60>*lrZ{abPB4koOWNVTJghr$DKtPx7c02xjlQLdOeb%
zmLiBA{46Mc@XZ~RwK24YLMn{7fXn|o$<^^pkGA@^B9MGu<UUvDfhF{q#}&J0RF<~z
zdhOk|<|OR8%~h+fGDW)Yud0m7!^5#0cf&3%$eSyJ+kU^sW|I#V4SCS27J~qDaE#kN
zh0~eA9s~vrhn_c8Uhe%b+*r73ZK3vlV%jg9=VvSJqSx1kV5X^{8=~rpt>Cf|z^0bS
z#{gtI@6%7X;-X4Q4n)oycfN;Sfv+CD&%6lL&pW+sNVM)7cRR~FiR%n5$hD;V%K(<t
zlfb`VZ|U6nnXty%ggX8#On_kzdi!6E`qNJbOTAtusc${i`y?7sqgG@di+Fc=*wgtY
z{NDS=7P{w2VemCK6#6e1R%}IhnespYsE4RIwMGP6$y2|qWPlYp_n8B+<E+}OrTf}M
z9qe%f$<#aGKjo*pZ9cs%^Q(+%cryIwR4FN2OaL3jw*p-P;yVd@XC{u&+3#<oEK3pJ
zaJN#n5c8Uy%B)|gU-O)Ic-<Xbdv!)A1#Lv)^&OhMC$DccA=hPgJUp$K2Ug?)>kD8#
zuNn`pA75_&t%jG|SEWL!)|_GyXPsZJ7o!bapIpwd;;s&A-@jdh<JQ_cJ%GEygCgKl
zw}JfQ|G2sBxf`AY!QO!BmbLa!ae$Q?0?6kci$XHCSwS2jFmJZG`Xo@16|{P!f7w#G
z=={KWHKP7`GM?c~TiodUuG}Itidt_JCo*$9Z>m)H;*WH<>m3o_@EqY|I!{BEGy(!;
z-(ao%Ia!UBQnnearzuTq*VnX=;Nf-o)q>05HQTInV}HE{WU^arihl~xwwe6A_clO&
zl8Aj)kA$*xrcbrs{43EwxmR?#--BRsdk*&r1`pfZOlY@fvZ?5%Xon|8cOTYPEo6eJ
zH?!&mm{VGu5=4=;^6U2)LW1sU93}ZKFVhxVJUMY|kS?Fxvg&BH(GCkEYYj%J-aRaq
z8X|f_OlMtM4!G|Z6iX0mx!RmLmpQ*xefPp#b|%?)+0|$V!WDc6hE`}Bf-5ZF8Za<8
z?75gzo;YCqaG4y`&v0X0Tm+UI`f3lm4J=ki)+h>TtdIIW-ON8zW-Wp*ks6DBbPT)!
z(q7F0ovyTSu`H$s@;cw~T+J$KjPLcVR_F_vwy}5{t;p9poxOG~_N1}KA5;wP;r`C2
zdfc5ZkFTI@!J{67TXdXi&s})NGmg?olCo!}{zy#6v{O=2K0LQt?lZ_3Yvzv^0@0bU
zBr1&UHWo7a1e#VEHMm_)=n|xX$l5aVdyj9rbuJ%Jip$ut=7hETy$ua_7HWVt!4E|4
z8gou+h4X23jo({ut9hE=DLLt5=ruT=pIeQNohG#D{;d|?tp#NeGi2~gOq_W(Iqow|
z7~b;fk$$9vwq^e|{hMX#?doNE<TqWI?<$fPb#<H90=Z?`$3NzF@0%POL+`GLa3T=;
zL1;a@PTNkcRl<E$z+x!D>zEb;dgfO_8=e&*Az}2R1_S#5R`W;HvuB4-EMDmo?mnnF
zK|+{VJ5+S!zQMsv79h-QXezs%9ssi6{*~e$3&js#rPkO(ri1Lpxv!l}7;)@@Vfn;e
zgPdVhR|0Rx@4C~z)(1O}saMXJ06hweF{p~U63+=)%S-wzB&(^F>40g)u|h%1#hx5|
zW)CK^v#;d2<OrxWdNqq`U%dly@}IppW0N_JxKP6ooK3#Sp`&wIDzC^1s$Gqmsw+W%
z>bH+N&GPy?s@F@5B_(9|C7S_`sx(Y|^n-KE!2KIr7AFPx>f66Z+UCA?lKAt4teQxy
zJ!I|GwK^U^h>yS9b7F&zjxS!c95Q}n_|l?Nd{uOlpG%(Q$Qo$Cu7-dbM#@6&8x8kb
zrHbF|!HJUbFVXl~uP)^0!k>XY6tYEtl%e65ZW%%<(J$8>yb(``-3QtO&TaRZA=$m6
ztaLxZzrJq=8nD9XB85_1j_`ky&|$jk#YOrKUj8Lkg_JZJuzX6zwdljEpZ~7JZ#|a=
zP?>3`Q;s6>Sq1e12xJr$zgPvqw3>f9_Tmz21^vyAj;r%qeCu9Jw|Y+v4ETa>;>6_o
zsIp?I_+GBNQ#_=X^Jv|6o;tQ0ny78>0eaSdJAZ#640GC7$nf-4y?*av*QJ@-w9+Ko
zeDlOJY{bCA7|%J6GdV@gQkO(=2WE)`ulkGvB!m>d{NiA}o5bq~7Kq9r{O<><w;R5s
zB12co!dr@pw;~!|Bs{a*`I1+h$35nS(Ao6fvGaBGAg83vUm*=wpB=8+Ym}^FwL{dA
zRuOcfuiBKc5nO%3og%2v8sr-`m<%A4_)8J%=wAD|sm&GmONKXbqnqw+lO`WUnk{~P
zBPpR4o;?LVR6|<MFKM3{8O7S27pQc6JD*z`q5<!ii~wke+zMp)x%-f4oy?=hvQBx@
zyRgs%e(CBW#f(ez3JFTuHg6g%>^)gLL4Ar!>F%yetE+Pz5?}f)6_2m+plLPt$kdkL
z!DdbQDup95{vIEmmQcs064!L@p3}3E>=zVmQv%O4w9@dUkp8a^1y$9)CWCY)s3M<8
z|IFVf846mpjT@nVp+6)Gbm=94v<+MqG_{1jW$!<Ewj%33e~q}{)-aJrHml4svM~IV
z7;Nj|Oql?R3ew;%RApnp37hMtcCT>-1|W&fU*C7WW;CS`4z+6thZUy0)U}6`oOD^d
zNBi=?l>bP2wC(<)e&QdgITS+cd}w05w`JYQ)OAW~cVK8$htCKIm#Eo7u;Z@M@O`v7
z1h3GP_s;woX{aaBM>!ZABaxlly|&#NO!185*FRG(N%K@(nJ_#&;Y#21Tl8Sa;%)pf
zi9&)K*->o!S%fexDYA>;KzFtd{LzFUBdLLDD%wFsHPpB6x5bs@oi$NHSI~0uML23>
z(9d+Xo=qXuJM<fCAm&%ytvJv9%fm{NaOD2p%}Q!aJQL&97%1XP_M}S)oRgFu=5Xn8
z9>YDBfgdyzFCbj|fm`Klc5+Q~yxC6x1F+YF#S;HeYxK7}pWob8wfv)JI~J)qpRIA;
z7PKHD5|D}zoZbZ?y!~$+&UC{&SZRsx%+%8+vsrPGRgk93z;TpfI~&rOb5KUhsYZY{
zR1#XT6$EgX!F!i~s4r;?4cOtXArn$<+SanG{MW3n86c`L9oab4W{rJ=#^jWTVJkjF
z{@DqZdD*aTi~8E{waMPYlOOeT-Zv{_hh##@Ki(aDi9sso&1DVmm)QOP7#q>Ne&vn#
zoXjD(eB=>G6&GwZYr8-3nn(jZ;-DeE1V{<#{#u4<<Q1srXB;O788*-&delRo_{2Js
zI50D<JwA;N&D{J{OR-BOTQULx2Y;na>>h1WQ0t%amb%Jnl6~CcGODL{aBF|yIfA^8
zi*&r~vRMKw(;@Yt_t0f!OR;n2fD$`d3_^V}o-<Yg$IM<)uOkK=dhLPcEf7|}XwrhD
z@iu=)%Fcj3$v}VT2Q$pK7vW%lfIrrNq;zxe!)Ujxo9k&XTD7E2p2=>JUPx9|^b(UW
zr}zd6x{L~zaV=zUd-Gr*#53x3UxDqZH+iIBt`<ImU?k<Jk*UHCI+rYA)9<$pO7ibL
zEwrfO^rub90-5yj;*(a*wOTC6e}0a<;H^`SHdN_GOnht*x#5b6qU-Deiinpp3mWF>
z!QjT>`gF;ris$Rsn1Y`oo()kPfFrv&yyGL$gAHy&MK|};UcvQ=USeI)-blGi0zqP*
z$R<3==;3jF``rZO0Verb4Prxz0`q?*QLr-?-eKze>u2+TXC))79i3gxExq|ljjn&6
z(HF-)-;nUfA@!fGQr8MR`b{<D5xvCQDUU_;8lr(_XVu11S%V-^X7gWuYbmeT+7Fk?
z4X*>Uy8hbS72r&#b??Rr=%X<)({Exh=9D7V-!ojE)}YzIaKoRG^cF71nI5yaV1G02
z0O|hugo)!R;U|;jaZ1m|&arh{{6G*!qV19WP7s>rd2?W42rj{cqVFB5u-Z9#1T?Lq
z8IB|wyQZq!g)h<&_U@H!%1jB1Alot99NC@KPls(<8jil0NbQjsD$UA8xB2-n;Qor#
z6$yX+i-udau?&D~R#KKul7-QMZk<Q&wm{N9sly*jVcoa&<Vx|;`{j>9AZ%B^Bs#BH
zTv@#5W<}uM@G@4Cf1S)>OBW*p_iF-gx)r)_1)U*BfA3Gpb+Y<IiEFRzT@+dI$((Nt
zJJa8OUYYIP>Vc84@H$u)mth%orHq&BWgR{z0mjQx&{qs@|2~%8h^S)+cD91Iv7bo+
z#iJeh0fl&onN(;1E$xQ!u<lJ8R;M1ty)m~o)LLU{W3goDGy}>c3Br$LmDh+>ZDz(6
zS%rtHZ4HAQ%Mni9#TM;Z-1xc4`&$h2uX9$9OTEm!c29pjbeur&Yw%Vqn+OWhAOL%O
zR?R+TZgpMFevifSN{nd!r@qR0!Bp7)6_9<r1mPaznlb|5e%gftwgX`$PsMdHJ#9_z
zHO_$QtLL$^I7pT|9EHwz+I`f)BO6xz6aS#~&S{0XWS|iX3Ek4r+>eA(jr~b5b7<a)
znH%d6SK43huD%nJ>BF!JhiK0&+&~oM-c1K)uO&p8eXLykwwk3n7uX<J3~pOyPD1uf
z+5O28<|e?@NvjRCj)oCf=}_XRt=)I(ETQ+M`@qf-lQY&CbB!^YIV)@5ROHlEAC4y^
zr8aU|7#9!w)Nmsld&R1d)0*{JSpZ%`P>j|TN|5^fL_3i_eS8*efQjY@R_jd2GXLMX
zbwKaTQdh;UVD+LOKF}@Q8{lTPMOh$|F)$`PDpoA-nkeBqflv?`IshQ*xoEPLO5w;*
zV>M<n6Qgl*KmRo4y~sC$O{_4Y%FTIK?;G=8V!jNX>^6wNE)Ktd%LTAGKm{({FLv_(
zuFc`c3}3rwdg(6Wcyxc_Eg#dq#nb{LB!=evBmA*!Jg@<e_|0htk4h%}p-)}PaHI|`
zg~N!rIYIhenF-2|b-kj?)UN7bx%S|Qe-9af!mNkfilgYmBeM^5ne$2>;mI`a_dqF-
zloTEr`YS%`+WJD~w#!!D_pxN25L2C389})J6xZh<CYB=we2m>Lb~gr?TSPDm*TwMf
zvh!v)8Bi92h#5P{IEf#<#n)vPNz<ar+=hlby}1N?dd8&Vfczo?%{4yUIPQ4B{?(ML
z?<R%iyYV749o>p;z&?w|3SVPFw;soeUUk{~?x$T#9<UJ}-dm2Wn*j&Oz=sYqbM)#k
zXO=s}JpUF)(jfQ17{B{mP3hp&2+dEf??>n}ya;4YdWZU5V#rUo&O)F=`;?$gb9FG9
ziMHB)UQRP{IJw)3e1Lw(t-L2rQT79K2<fv3`&M3;IUo2#;>YnM3P9HKdx~+?W$!>#
zFyTg@8K5ua<u|GaF!QG*ygMsWv9}$->_?MYw4{|DGvEh!QoZ!iN(9SiUQF5R5i<$#
zY~%34XTIlcj`@pf5D=SmPkzr`p?k=CYyD%oEf!2oi#)m);bI+Hi4Tsj|2LJ7c6?La
zI8<~mzHa>+;t49UHIAb)R`H59x*vk@i6&nBt^orDftij)rNx`dUJR}Q{SIbNo%rGZ
z+HWW+a?``LFVI!wxAC#|^xyWMFMr805fI)0Z6%$i9%tVw#@7b^{lU!L^Okbm#U4OK
z)a&Yd)cj#};E24Sh#TY19kf*<;sE{M4>v1bc6^P^%GWU`&SNJ^`SnA=Tb&3Q(HTV^
z!Z1}%+DNZGCZI&qG-f!|GfefP;(YHpC5r=UrH=oMq46fJsLAzrlhymmVMuQsGc(<C
z^iL!kqfrkc4oql}XMgz;2b;9$0$b{jD^+65z+wD>j#4E)S#!(J_Bnn`yn{9yJt&Gw
zo+WI=EJdZ|*#}nW?DdX#H^Td4oYyw|2jC0*Jk8QPNx7-pAkU*K@2IKYM0-DBrL}qi
zQGrvMJz;)Re^_XjO*=e&LZGF%dPHgkS}}w@nF<LyCZ0VS^?CO0EytdBR9djm2nWz8
zx{maFJ6P+Uu->;zLz7nG1iqRgQ9k%F(iE3~&W(HViCD8F^Bs#;Pm3i08Y=xy0^YT>
z$Ha%7-cj64e-E<&`T3&@wW#%vxT;(r8WM(AbTsf$N$X(hXCKwyd$!MB_fN%$>;Z>k
z1P23Wcmw@MPB)F%;SE3mJQTH-u%`joJFlml>gB~)In;-jZW=CqCh9ZCN9+A^S~vUc
zl25s0an-%Qs{$jp8YREA&)*)~#=L;v0b||qyerac!83+NPl2y1*7w<_XbaidTP#Q-
z{Y+L6)FbtJZ(cl~D4nDzN*WJRX1`qcs7NDkAGl0-k!{Ua8<B8B9Vb^=?}Q3BFKzDe
zPBdJvHWF!TgWkSu)pS9K;~p$f_;f7@cokVm?IcFG4Bq`m{(p$)C8|!vv)gndGAgry
zJq)Ymu7DU{ngj?0yDv+kf0}NqYKfCGFhSj1RQ_zp@ws%a=RmFW@m7}{f~{4zE^hc_
zgNtKNQ_5jQ&VP(pTzJo7DTU>Y=5RTj=x`&dl8<DkThASm^2!|YJ;gAOvc~P`>xmCY
zzwrHMg6O8}Svut7U%+l=J7)JtqV0niK_Z@;B2=3TF{<(m*p1!RdL)}<0G;YHzxLC-
zvU9|ofk8E_dPsQW?x<zZ(9j4u>n$7M{8*P>wLVJ7_TYMj!6&WTdsSYVswiEyx@Sx4
zab1_iI$L6p{im2}Oo;6XpBnz~%XXaWA{|b8Z-MQNI>o2{VF4z}mGBwt0qV|^JAt<t
z=`3cN=@1D1SX4-}i5c8rXNLdbIS4jVZ6dqRu!bSuUU!hQ?+dSuP&h?pf!}-$-yRB5
zPS&^h;!<zQ+i9a|SpeuU@7I?$Yop6~$pgO81<i^5+?8aa?y*-7+TtVz+q-+66d)yH
z>zvOF{xF!DrAfyjpt(2WhJ<Gy@`;%mNAz8f5mltr7~|odRN2Fo_;2i3R&_Fz>dhFf
z$oDs0Hj_h{)MY-R_p=Y_4u<<rzz!WCbm_NX2#M$D)OxK+2_5M5V1tv50s9Zv%cF(w
z7-*%M72?R3a#H5dq0J1F^ga4>+`L_(T<?B!?-n{Vf<ses!yfg7&KUXY%XwKkk#uKg
znrihc6oBVl{sZkREAZm)zI6Rj<NS5kLAQ1}B;|@7Ws(;U22QtHBLwg6^Kw)M#l8fr
z21f<uqFFyae+b3n?WYyVH=keKAm0^=hs}jt&5@R|5PltIt`(8L?q7^6mH&gKz+W=x
zBuwm+87;t4MG^Uq9(GwZ8q`9nmMytfHl;EfV-4_k`KC2v2X30WxlTF8vi%la8W8{b
z=1GrbewF+Kem(snJW%sg>SE=7F}lPCm*!4di^HHl_Sfd*V}FJEZHFKh(2+!qwbD$|
ziRHCz^Xl7qsVxtHi%2$p)&H9VLVvyXPow=M*TpxG{zQqi!==8Xu!?G@4G+3rHx~fa
zd!6KNz5gP_K4d*f1P<-HG`0mEAl$X<hs049stEHJb$xMKt55%GTmF&==!|U)k)GTI
zo${RgdgI{CXcIx}7aUmw<FV!mOq?~_bEW&=l5|re1U0Qk>Im9?J~j@gX6p;-^=^gR
zrL-F|>EMkP4}#K-cE0*_J&1M>j`;v3jyhX5ekPVZht%w$W=h`2rrkjM!TCS#&#X7B
zP9zs2sdc#UbUX3t35wdk*fB^_3o(&`-fBPVui0oq>vO;Q>ehWU*F!<~s>Vel{4`o)
z@cyUTeoU9q?kku2zJ(;1c-oiy+hDjJH)<8`UrftAA#4!Lwq0_yP+39Syx`j*$@)Q4
z+pX|R6^Qt?cXja;?LKq{zi()GlsnNbEXd(ZlYjgKfdbxXsr5d7_1#mMHR-+Yv<638
zWTFCFRoaJcb<LUSiaqJ-&;|}i^lKJzD}pRcZuQxxKpE|!lkXH&YL=_dlimNCieEe~
zSP0PYfoR5!-eW@tLucF5fvcO89z!l2>+ZfFl>cTg9=zKkMn-Z@+KibHYA&xAt`KAS
z;gNO`%dn_5WP*{fAu!{=4G}U&OT;J_Gl}8h5mI{gfVw(|D@4h|*~6H6Q;ye@T=5n~
ziQU!TEUb*Nsi`BoD^MkAJgzYfEi8zLh))$gEN!8vKNVaNU|b)ulIHX;Di1S=5i56N
z?9SLa-<{I8JKrY)>ZC@_+z*6RifP+FFyDOssNF(Zw0FMFuTd)bLDLdb5gyYs46(7P
zA_MtE-f3V3EswBKeABnbrexQYW9J`#4#pScM<aZRSQraF-a$rLnYb~u)HSuRA$=u%
zG%r6dHZf6TEuxk2@<UAKa22YC_=fCT#3*;O;(X&YM7}qF2a5r;KeGZ6hqV8$Sf?8(
zy-wcDztJXxSwJ$qBjC%Dkyb-jL8?%gUqtx3b!+o_r1XP;509_F!IfsLb0lI~9qSZ(
zprXO%d>#c6@#=e%Mu4oh<hHy<lUDR`*79sT7K^=IQIYk&X}RMr){bFJ;+-ylA=bG(
z8i$0jd`3ao>rF}GoHO^@Lt>jBNNm(S@16O6TD<C}<)P>F@{P~YNVEB7V^QiGKSfwh
zja#PCA2~&_dCcbvkSYCt7nfd4PkxVnF^-gl3`*Be{$ESB^7|EJ@6Oi^(Ab#o3x$^0
zGf_k)?jJ7(rQU@8FF}3qkwydHE4bXeF$wLguQ@d5d?e+nLqj&W6GdDTSc+G5M<<jb
z-0Q|8QTQ(*|6@{qj4$?<xn|isIzd;;!rQVMkuaa>28O5iHRNgXIA%^M%MA@ATt7VB
zr~U7SCst;MmY1X$4j0eg@LEa-Cg!>Ay<xv}kg@uMa*o=N|1S#v-!$ORPX#5m@eQ!p
z0-K`nFV`GJ>EpS325V|<YuwNhes`VsMTfVqZ*L}ee4~@>4!s+<?e!gx`@>9YJ=>-P
zmAy>iqMa9&w;BcqG@)qq_iq>H_}lCQ&v1;^V9nQJeE#dJ3zu0G?a(Rn&W-}(ds*2m
z?RtQ)>%+I^)c5rfmE`Bl5AIwgwPZs<5gD3I>Gbh-IsM%^Bip?4G1A}JJ2E`e^LcNe
z!ju5k+o^r9sI;<46dBs@oiA{nUp6qZ<nVp|T{<xPaoHu!;dJUTJG7((&AYthZE#L8
zg0p|peS-R(Mcd%*8y<d!W8O<g){GkV%cF_ru-M+mev&8ao$EU8PUm}4PezK!@reZT
zm}oU#s|539uc51*8HMxPFhB3zhGYf6)`MQ#9ulax<-j$L{Q4Ao>eylv_5<nchb3Vv
z+=a`hHTm^;Wkh*d1<je^v^>|5W*eS>J=6r1Y&VS}njeCnm(nD;ZGjm$8I3v3<Wc--
z-a9T6T39WI#4;KDqT+=Ur3WTO`7H&XGXx?R6l85}>0!OK%j@$MXB$7+Fj8dHHY>Fu
zmpA*{hv1r6&A4b;O6R9@CCS)VQaQXYV9qxDXe(oo<ra0e291VjBC^H~4HbWC&)DKk
zc(_SA6oe(t&tQG?gej8FOJ4y;@p|Rvbi{-!JU@Cp%Z;SoHuAimb0ox;?u&P*2ac4Q
z7FQOOHAFb8L3V|vE92XntB;8%GNlXhK4PTo9uLJXRwgFJJFBDptrPn^Hnz+`zH)Bs
zJL8_=75mcc!h2_N^9jrTwEdLphvrH}hCo*Z|1-DE2B|12V6W@V^Mv0nJTD$fCZoxJ
zu=JWLUQ3+v+cgi5H=vUF9V7fl1(8AWwe?L_RSazZf$N_1W$}9%LtBQnM@eA8!-X5~
z;gLL3rr4o&<$_LV$>+d#pw@d-TjPZ}t@*O|dy)Ob`66wU09eZS2#cDsiRz0p{Mp$w
z6bz!GjdKx{@DfzO*7TOT82kl)YqTJIM&tF!U>3V2byh|~eZ_M}<?`Lq=lr|#n5UgB
z)Wb*3-F`sYc5ZI%nRY(k&d;VdPZf8uwn}~heDM(3aB3>5z~Eq;P+D_tc`q`?`3#K$
zc?<;wahZ_b?iFNH!*9Ggoh+(=FflqZI&vs;1;Le?Wr#qF9kojS?|k{p553*5x*0mS
zRm3Ev;0uzhp2NlkT)RvIMep8<m~Blf?2!mzmfjjXP2lvHT!yDe@lr0&jL(iSfS|p&
z^62;EW8>?@{T~3}eeW<(!WEnLUwr`V@}v5XgeRyp2}gf3&rRgz=)ckih1cyJhzqCZ
zmu0S~8!HoVa4qf!UY)|FNZs1%T0g*#**yC}W(_Do8ZzM%-u&ybU0$R%;;wnHlOrAh
z0;O3zw$6x#zluTbuEAB|L3E`I=VWEJ5ak}Pqc8=*1l`K@j<~X1jR>OKP30BLk4=bo
z@g&#;UjzE;9JD=@k?v;7%IoKp*0OBx6syM5T8Mtvm_NEXl+A5p^8-rRkH0(4^Dace
zW{G&KuPk|1tW6uV>;qZWkx`>MAkR`x0AObNWA)KVd#SlO7wO_o+W2g`FM}0*M`;V+
z{Q|32iQ^rnhj?og=xmftfY08Y3*%;5M_$MSGUV#<Sg_1mkx@x;ATnyXaWG1nvS~_J
z_Fc|&d${>j){C%{p)j6KmczhezrRp$<2UddnkPWqM5878{6}TQ)vKT-p7RZ*?|Vmf
zD_dlbs2`DKM;Bxw3P0iK2ylPSy!gyi-zaScf@PeSec*Y6k86FRxyodoRq$Wz`n!=n
zC{<C)UcLEK^!<q9*7alEhe>t#v|&9c4|p}V%&)Kg%IKiK8G^b$u?@88)<UT$<#{3t
zs@#LOq?;L=TRL-xc>n#Vj}ubq;L2vq7WWmmTT@l@>q}*b<w>$KAtm=d0&gMhNe;!+
zm)0AN+hf>jith$$Usl$i*AqN$C^Sr76uLrj22<98G6&@TyzJ2>70<1|$T~J?M=9U2
zYM9zbfpqksBPtKK<fRRaErsXe5l<h$*P@(YuWg^BRu8w1+hNEv+=mQ*NsM@xL!ioN
zH7&b8sA9fjFb|J#8?X{e+B(p&#9z-+^3@QFNhcC}$+2=m#jHwuxApI-fYScKL(~5Q
zeL#Z0fJ=~F#}3DuTH{CS{J2i|?f47`JUGh_8b8tUx-rND%fwFBM*0X(X<+@}Kkws0
zKD@|Hf*gDvDkr_51f>?=l{HQTd}scusXdN3`EfqFdgqE4<<UgMBog3m&R=inp@@nn
zJ~NNZtOAVx;KIb`Z)@o0imP>)4(|X?&ugd4+jb-vVecKQ;g6P+-}47fulUokT3e&(
z)=RqML_1G2_neQHVvV*AKmF#*YE9fwp5Z;c5(}0FD+K))qtwpT=1m<Np4EMt)3%d;
z;>PG?kH<;w1V<;}Y+*&=o6i8Oj`fg}T}EMg0&a45vYs~6RF;d6t6Z4-fQ2o!p!7pt
zHJ0G(<%zqSH#tvxIXv0oX>tq^kx|4(MG_enO<D6K$Etn0%k%Mecg5R3ikALajs+ui
z6c_NM>KU0~9?0bZl=pl@*BpnW1~}r7_VVo5{#bn;)K3J$PCko8?~V<xmv^<D@pu=u
zHX-zneIQ)VnBv9>0A{)#apUhEd|FY0W*qG;^EfA#q@)=9yxj;0OJ{6(pOgI!TFW2M
z*i?lgJd!@)Gm||vD7@YA@bsm$p%10<D{YVSs2`jK;Ph~jg2WsKMn<W7^pNRYI96^@
zQ;>wKn;S71`6PtP$gX~MM!><=3j92T_57k~f4|7d$qADK4MYTa;^yH)R(Ur&M<+T#
zcx!%$v={{*!si0RQyE&?yBt;->ZqWk@ht#z?;45Ec*eF0PBx}UO}o##$%%7pJ8-o1
zQNSA}U~?xU{{dl67F2f&IF9ycE6>2w)fK<!Y~C&Ga;g(^RSYzi68sIjZy@DeBZ3{_
zXlIEh+3~mvp9@PaWqwc1@nR=3V=q1~sZegtk{1^&yzfR-&NEiOs?UyhKfS6W&_|Hj
z&6oVAFFDv>A~VF9zumZncVZ>eQ^S-$sAL-i%nMYc#|m>@369ESXm$rdD?H1}p|Yle
za9>y4{bK2vT>Gwpm>=mRBG?;Oxeu8oo$RR8yl;7g*)KnFR~*Fa4-06c*BVc9OPShS
z<7s{g)s@c(^Ke7%9YxoNm9s)>xUG~xFAv;3e5q&|W@F(kUN(kYGqWbCSm3I9kB+iz
zd^|k_&UjPSI>M21pU$dco;`g`xWZSs9!$r(<+H~PzOGJ^8y$$7pdUrz1Ew|(&Vt(9
zKr11>UbuSrQ_=pOqe~I`>tY`Y7elV!zC&tRCE4+5^vvu4pxT<HFfEOtp+0g`63Ix8
z$4{_LaQs6)tsVfN6!cl16?bN{sPqaJcD^+ytF)A);o<I%Z$KoSBLXL`B;Dn)9^w_=
z$Xz{2Dr#U;b<FAZG`Z<XB&EjT<?cpMTp^#fzp^;iiA?V%f4$>O!P73@cRZm=@cpe%
zZ+TGsh^NJgf=ygWDXpicxfp-<Z+@7;=(<u^bBe<9W<JflBS)biA|{6Ts4zk!(is#;
zeDrns3jU)rTTi~JCtUDnw}2Rmiqo)?`ZIfY;q`Ps%f<BPpSdaWr+Z``)!t`aUd?Rj
zaQ;*K6C4b$p{Hj>%bSmU5I9@j@P^V97k>KbZ}=rWVE*z+&#C%1Fa$BXze{~#83P}N
zh;-89mtTy?N=hWi#guFR&?EOzJ-f$8jCMaJNWkJ27)9&wqTpZKRF+iG)>=zcU@)&g
zuJU=jS9t9s_-_EE-?(*hLPyD^Sn3+U)7KxFAMZkT_nZEm$S-Z@NK10sAEr{=_znQr
z<Y`tWA2yCz8fqub-wStlPtwX;*f~1oM18>Xr}yy^aCryD&^NVlC7BBxUeV?7^u{44
zC(0{1qMHMO!`qYnq(%e@I(H{JtDME%W5IMPM!GJ^J~V$;jLr?};@MXIM+y6Yx_lYV
zS@mpfuTfQy%d;m1DEwUU3W#HPVV9HRLtZvMIE(l0-XT=Jm}35I6E4O-aqFf96+Q1!
zDtBovPs2;_Z#Qp0o_39M@*l>TQ#PmjNC^)RWbq^}>nV#n>i@PZ>ireUa^ufpyr)kP
z&BF@<&o{OCC?bl!r5#>Z{>Qdh9q%MHwVcgk02u3j%431ABQL6X(zC?ki)WNIv{IfI
zM^t<`&Z3)VvOnp4&)c>#QXjUX22k(N_N16s<C`4q&rzNlftP^G+c%c3(N#E|Mebln
z{j^Fa*3J(8K7abBH#phX$kkj;M5rGLd3iLCX!GfVglygmIc{ryn7EJt!OuO(sSx<1
zK4GS>hQg{g3X{S}E`P<#ros!GKJ6aka!t3`U$3#Rr6A)F`7#lf)`3JtDR6Zc?A!Z^
zQ{ZrO`jU)syqK8hWmWz~tmqt`)vZi~yjqeHd6wT5@!5<DSWi!m7;G;i$WP$AuujIK
z&U4@V-8yHRXT|3}9vd1?VOlB~#oZifeDy^|J}u)bJTEW$oprvi6NbMWa=JZpB|aB0
zzJ3U&TRhH9BQ+%vg@+qnL5aK)_BjDsW4)23cd<1+Kxu6^yMo^ytp2`_=T^RCZE29O
zv)pu>)F;oG9_gm2q8AW+e{O`Vh#<k9a-vd8nb}qeFh<EwFQMj%u#Sry-|!s9S5=%G
zt^IaB`oWleoyI-q0KNbKTSN7T{%%NYLZX0APH0*M%U{oLh>Z2t5Fq%uhj%bd{c{}d
zE>N7B%*et%0IJnbBqitbaqTOb!ShTRCRR2iMMvN%cPIbZD+G$8)ZtGoy%X!q^i+^l
z)`?nUo7c}CP}ukp^}!dOUaFVoHkG=yTw4Xj4TBs3oE}h{lTPRRCDy0jkQm}8$RXG;
zI-mJX6<afX6cp7^QxuPne*zh)_gT=K;;v0TCpGIaBmM1^JbT0XbQgK|pYW_S16R2V
zF_}+UQJtQ}tN!K^0tNl}MQ2c4P(WGZ_&;xBv@a0Y$-tV|pLS_akm4Nh5J6AOzRctg
zfBgmj#C(b~!@2qAzax>yQ1a+LHn(q5&@#yKL^F49i^wgj=4oyizZ$ymdUl1@@?!Fe
zi-~p+@#lZPO-}PPFN#CBV<09Wx0v)$FZAw7=$c+7JIIMY|7=Ed-XjWQ-7z+oGI@Ba
z(-@@(I$<bJqNA&wmX;Qpn%WtiTHtA@9EtA}u8i|LA7A$v8yaCpd5Zc-Nk>rxdgk#g
zZmYE`uYbbt=D%~#CWwm1kBN{PVd9m=)Z8b6?)@9LO~m*{=F#3!gN4Bzykqky&Pl@P
z=1uaN2WfiXg=OqB4uRFdIz;z885kPG)53|)*#mm>e7K?SKw(7{xsh^y{@1_qK+xOd
zt4G|sYfWb1L$X7qSUPy~VPXJl3p3;iB~%tBV<oYoaA4z7yxSti+Yw8T7@C`^a5p!^
zF5|gQKpd#gK+h$UokJz<r9S-c|EHMu8%k!MKf%yChKcca0yZg~)9aK3nqy=iKv~se
zBHgU{!=FuP9+>4#c_eqmo)ngq6Xt4*y+;JgO07LMhRQK9yoKU^6-B8*SXw$TytT(;
zg&cbaPf9CF36h&*9b3cxLKiN^-i&{m<zbXFVz+o6Jt{(OW<YdlJM*8qu@-b0mR7{m
zqEznQGUI7OD@AF6{CZoTnEV#T-qj;<3Sjo&D-VOj=vjJDSW=9_QG%IcFmu~;xEbB%
zx|thAkDn0jVuoWt3j12f?9aAgZg?9vMIt5nX;>N=5}en<U{5J#w|>RcE0K}8OU=~r
zG|mprG*3<vEHmV1BPVjopAzF~f!H~Zg^%4h2)qfqUrzahSPbvF&^^#bsGAixC2~sZ
zh8gR6is+^}xs|m%$_(J<H9ux%7AW?+%{6@q`Q?wv3U=g{TRzL{D-;AuFmR0E$+L2T
zY;Ge<u3~De2iH4yh|MXaC_4lLu@kNDSI`W0X5J9*E9REIF$GQC#7V?>B{pyh%=HzZ
zZyUh)$2Ls#e#X)>oM)AfkXadG@0ZE$;T|Os62zV%l$Ae3ZfA{GTs8ewQJ4t+eZRVv
z)DTxJtRh*3OU>9@<O26>z2hh<&cW937yR<N`MT7PO#j~nn*<4o`w{*Q#)v#K7@Hoz
z*G!+A_uOfCIZ9KaAI_Q2SsG}>=r4c5**AsK2dNnT`gcs6JbCoA1UIw0INTrLc&Qti
znI~`GeV{BihX<t(@w)X7{&+)1|I`ZQu~s_x-6Nl}KHrAK;2vHPSv)Sw#7_So=t~1G
zHAZUQv^>W0*Xx+t$MJ4{o(I8}S9le`%#Jortc`Z!WOfGw18-X1exf}~hPP)iRR#WB
zzws;KLZVsT)~4&d$p%E<VF+Swe+f6KGnK<rr22`u_Ok;Ig%}X(W63Z7u;t;iZr-;S
zA~LrpKBttdm;lU04)je;5iB#}Pe1A7>Kn(~o?0BlmITLVQ=Ao!jhTqb!D(`Xo%zc}
zEcL+5LdNs)xA=?B^<UdL!ttfJn&NAVB(5C*R5M8JoTz;}OpwD3ti$rDF3-oxP>*UM
zA-`|BkF}wM+>%FRM#;D>jb(a6rFEIZ74ieFa=4oDp+@v{a)c{y=9Y+;h_G-=q`s;U
zJ4*{<O5d~crUWyQ-G%I8b4PmKjS%Q?Q;WyoE>8!Se%KgEvm04oUnJo6zoRelr2KIO
z!7c{4<u&l>T?0SeF(ad_mclq6#I6cz>YGql-{PKu6OC`D8LE#LV!xEKnkMq1oH3S$
zuz0wPo8c|pI1`k?&fYvhVgu}bqNsUXik-+1pTv6R-jpHwFUz8)_gOM`MeaPSt0ObW
znOk0k%rDFktaqM|{Gu{>@+b#8<Nw$e>r?IM-Lj->@++Kda^F`(R_y>?d2)hcyLoXx
zkQ;yd6B0)+Qd86MwYh`7M)vj;N9?>(Py!q*kuDRs)jmT<nw{XE0n{`#6D>7C8kmNX
zFUWKoBVoI7d~AQ8KYA|lj8Beh@~niw@C4FQJh8o$PtEl_8GJuXl*?V*;<9;El!ckF
zMseF1FAC*C-Eb3IXHSxH()sze=)$IE&VdZCX%oQgt7iNxZVL8w7Gxaffy{uPe=#Aq
zs6xQvgrRc)v&v)I609)3kkJ%3MFPE@HCSK2j+tHTl^n54zP~9(4!%^>JSND_6kES!
z=0<A~n@UJ3s-~(a8hzn)@9Hi&K@LBzb5!&ANzZ-UOOZr|+!2XYI!cYNrdit(+dj^H
z#c$S2KdciRa{D<J;<HpIJ{w`?p39zc9)Fo0zlxlA_@s(Re+TqT-I>@wrZe6fd3G<0
z&#Mr*WwE%iN@3vd`}hqLcUpR$lNM+p<R&8?G!8P<o{Y0^5(i%wi4YrL<rYLqNe)gH
zMmPr+u(8~M(Vc6U$wDcA_6V7oK0&Ene5i@U_}0~Y^y4wvlf*qIKV}cLzvx`_r+>lL
zJ&tEjA7W{All0yhK94kEXK6%aUJ(VEk=)jk^Kx`t(EV)^tNQ^MZM~14brOp^+Q|7T
zSH@p|x<+*FL&`J5xnU&brLb8?vbBznxP;~~)0>A_<iP0eDI720X<<Q1=Qx!SZaVdn
zRb)BZGV7GV#!RkT#<P3?>XiXOALg_S43p`48+l|N4RueD8D8f>OFuLH5BS5Mt|75?
zCN8A_x0^;hc|8Z5&{7nLQ_@ogI@6H_XE5E9i{7=rAXCIrStejJFe0IKiIv{_7#f-q
zdB2Q;xInJ`@fzOI?f<-u(P&*P*DRzo4UN)O=EpxwWxQWgG5;!s8#bOy9{^j^xZN<N
zVR#cbrY^^wjH+H%W?oWKUd_Arebf|XAu^Eid{za3dS{6=4^tEgm8e<APi9I$#ajSi
zn|Nn)6e$hlM!H}gSPcM&A8@j>qIE{4(->t1I`Qj08-hbZ2nq_s*C(9nx<0Z(WZ0#2
zfBz%F4-Ys#)x6$aruJbH7Wy|SfAf)Jv_rZ25g$EM8izLk*qwia-5n!Z`d<=s^RHyo
zoa1dR^2Id#5eFLLHl({_?s%WMp*oC=yqVeFqpLg|d3r5t%hUK+IMX{lgP%a=*pguY
zPQES?W_E+z#y1ps8)507K(H;Xb>&$6bepp3D&#g20+LJUc-~KET|MuXFF*gYNo{#C
zJ%jIf)!jy<wHT-5PTeMVsvCP#DMOQ=coZq&#<kl#9r#51<46Jun%G(quvxm$(cgxJ
zm4u4nZ2%6I-y-?DF%3O$2o#y(5RiL@t^P?ozg)AT?fsUvF?w5uvB53E3#xhE_ll<a
z9u{Z&aTEQ8fV@gNh0i@n@yEo>hF8NKc!+#>^`Z@vKi?&-u!hdgHVRWb_}MIhCrM6N
zcqMR-Ld8g13BB*<1sy)eUK+?Uus+j_SQ^aK>>JF)BFcu&ZKYfv#^H{sfVmgBg$3b{
zMgdqEtwiGN!~7)*Jx}*SWF5k~8UWr^MPMZL<qPo8#etZX&j7lOk)t!M6O$-h4G4TZ
z1i;~VF^-O&43G3;d;J=*`DJvxenC}T7hev)72LV_<TP*$%#U<aTGz?oU>^++qcJh`
z<I~Inh3+>AE$=yBZ&I+Ap${)#c3^(Zg5HT805(3orR3>z+ViE{v2>(b&}n;19f9Is
zh$!not@FFV(vb$n1MsOW5i@5$mJg3<h<3&^wGq`u2NEl5dY9DztiP+mz|5UjgPoX}
z8{?l>duHp33{P&^`%;<~i%8Fif|>^U`Z}p>>|+n@7;MVtjwp%+jWc{~Oh#hv$@J_i
z<VHsHOzi@&GhUCmxhXw6@FpPuX+}2ytufxXWc9N0wjQ&;SunJE3@qU<Ga#pT4uG~u
zUz}5)qyE+y8GACepaf3XnCQmWLZAHVA=rM+J!3;1{I{I~$P4zy$~IiXDHwVbs7;cW
z#(k+^_x5$zeu1I+RbClU^L&}h<4v9m0U;d#bfwwj8`=YVoj5tUaJ5W-p5lqQRoE2_
zfoF}8tCKyAi?I750VnHh05*H#ak9w+puktkZBY=Not<=clpwxqMr2+MVP3{KCZF&B
zI@cS+TViU2IUSvC_?qb9A6-Cdgxhzqv};{g|5s1qC5fE?a595jDy4Q{1YesQILGGE
z)cKO;nr0?vrzr`(jdfT$ZGx^_o<2Z)^C!v&7qut#GcPdvN%9?sKYi$-w7f=}BMfD{
znqDMYW`<>8Dot%Kc+u8G|HJ}CK`uJ7OYVsXPAtdY@vat6bt7ZTTR%QA%5G$9W1axP
zM;~=g0Wj57hKW}$gZ=fG=$n&WTF0wbuW4;;V@(OK?`!Ql*<D3>MF;QSJm+Cv1g6eG
z%pEKv6PfG884K4C20HSvkk~S)G4_{{dMcaR$PIMk?tfVpB_q!(sq1*fU|%l}qXIE?
z6Y|X56oEJYOh(NhaKIzQtsmOr^kAJlS3|PuhS*sd#!2MJo4EsCWjhiS-9z8~089*}
zOz#4~i%Z<@NwvqxHx(to;WD|dmQ=M*(_dRoMavL<&)dn1l%Czt_^rlBy*`GA)%D-!
z&+ThGZ0$VHv(;|_`24m;C!e~e*E0I1gg@Q0q_DPwj`kLk0?iReKcOK>ilL)FUk+h=
zvJpdlk&aDQ_R)?D89M>EZ)bp8NI3upUxu(1In%rNm4WI<S7b~?4HSHf6|K5C;$*cO
zBXe^hhwcEd_hp!ZswSr2zo4|RmXD(YG}abiW^P62mmRW$oqk;B9L?b;)5k%R(_f@{
zA+boiXpC~D_9S<VlOHPmt#y7_CrC41p<a50>}q_LnA0oRCRlDtUe7E5?0i5b$d&nO
zljljkn#QOaOOGtxkG{nG=l_I{8%TM*aLkv!%!}MK*_DcOP#W`tg6++n7+OCDVC~&A
z^i168c~gtTQp6)oO)^>?jEf?ZH_uWrzHOkBk9PmdjZv+TYs`78si&TXdmzhdqO~-L
zzuSjX-!5>g^$B+3n}k&kF<6(5saG!B`+HQxIuiZ(1xIK{Z<;+~_b9djzJ4Lm(wwTE
z8No*?zVnfz<1ctvNXY8^!oi0!tnGaHI6H{@m3qm@(2Rl26K!-}=tHV+LigMb6P?9a
zxMi~Vd71j+61rc1ptqw2g-k?l-D{=?a`=m$BYlfXKuuky46mF<_IFo_cNX*H%?#78
zvylq=pX$m(Y$oQdCSKJk90^Wt<zc8h_F>f*^?9VFF}~5Q|D=u4$vSa123)(Xhe%?H
zSftNi{&It&)(=d*&cs0K&%7GcD`R*_zMX=ofkUctJkA=U&lA0Px;Wz%7)U}?FgFdQ
zyqr^WqTZk)-T|kGEY?l{^&GxZL#juYFPfLmBwIqFD#?zLW0TaS!841@!JfKl)%TCm
zrSx!hG$eUpW|hK@_T2pJdkHaK_6#oXu)p|@7+-7jtpn+LH_yq{G`c*7r=_z%KFvYr
z(JcNl3Dun)c#0fopEv}RRA<YGd)jgFJ%WX%FzhYUIZ-X5a28R})=svMh^p5MoNP|v
zC6UrIK8CM@EoJX_HL`8-C`?RNZ4cQV=G+t66BZUqNKi1|z9F=|9c5zZ75T{_n2SVM
zN_{Bqo<l3x21QvhI662Im7Ii3WQ<*E_jmS;^s*-UegV<G!BpldaF5R>O<_;<t3?6Z
zC%i3PY3-`S$;pDZn<pA*bA%ZhQrjWeQ(}zB-kq?}5JE$I@d-}k?c_RuMn_xp^|q1{
z>Ve2ig4{orwyt(OOn%0~!;jFj=2by>Od5S}o6j1fp6&(=uH8WH9VDz9EX?sCDE1L$
zp|*GgJx25NJu2k^Dz%!WsTRzg1@0Ze+Dr=)se-YI4jdgV89O*RpMAJYwp7r0b0=>0
zcEmL;0`Pgd4NE6KrY{x3t<l~{!s{-c6JD8UM&jtltn!pxsV!0Ub3bg1k~*dVI9hJT
z-qD5W-CaieTSyM`LSk-;y^BA6i<|T|q~n@ig9@1IZ^qBr9#2IS$)T>?zU#~M+&mB5
z?~+~Lf4<FPH*!-SIy);7+jug%eGc$Mt>Wu}lAcTluIrf-5Eh0)(5t_f4-Z@WQKB7V
zohdl`#c>3v1^fC*EUD^zfy~K~swp*mZo<yNooV&?+J|4pa5HzIrKeiJeg|8B!On^h
zf&+X|B;+&pX`0s^&j|H&z)WI+cSs^rmom|-s#Khkp0KOY<<V><4$g8WCOeUfy%_&|
zcrJsWLkGbw&0nA^-Up}T4&BCRpcd0#-I-iHhU0HVfrOUv&lhu~>DtEV<FXpn$|%83
zcL^_TLk*}GnlLuHbqT*85t)T#dbnZf|K!5fivtB`Npj{;$MZ>dwk4+J3#>F_ZFiMd
z##FY=a(Q&6+2I@9dZ{t$=5(tadwVI`x<t!2k#~g-hO3RyYI`{LmKhuYORe8tX8|hG
z{GGUIU`0r1sPNYx|KKPpDr*Vyu%hO}7XaE)eYthh0L8aCK?;2QgDHAiO@hJ&+hm<s
zdZzzQt^Rf5YMP%T_L|1%<m)K*c6KyP?=d;rPhoNxRu&>`9o(pB>!--)F86HZC<HDB
zD?$nM4WQ}0wpd*G)Qrf|<2w#7zHh_hN{)Cnr(|tnfG2rL*oj1lt>hGyw~`hj*Ofge
zjFP$mCMVx&@z~3$crgQ<a-vbNZet`pZ;aMw@fUPd_hJcv<(_9)xMeW6vBf|~Es=gM
zn3@T`>le?v#RFbuI^q}H4!~$<Au?w<fdO%ZE1b?w`xXwCkXu;l#2FjcFuE$!akL0$
z{Y3lywL|4PDSpoXIayxLpdCl_x0d2;Z-*i(iZCx3cRU_2H#3f>nH?RIN;ui1!0Yx8
zZ2>0?HKk$|RzQ10Dh~b`900v(4g|&Y(3=^EWoQGML1(J{h3q}T9B02&RKV%}BJuWS
zRQF8N`zRV`7gzk_QV5nCBlXWh#pmxDBTiL(eBbxG{0R~`Th-oy$61~|008AY!I$!B
z^_vA226Fhv?R$8Kh7qC&LE-O3Vo5u-3AXquDgjU*2sx>}M#rYZ3ts`Q$k+j#lJ6kG
zFQ$X@-ftXVi6dPzyYv=EUXd}ABOue+mgt6gE)V5g1D3WH4DXy=d_Uvsp_0$<S_txy
z<L06uIZ?qKk%Z3G^Tz0hb<WW&elqcek9VYbA+|{8NK-q+TH0MSMn7KX`#QlP``d|8
z7c%oJ@!8RdmWhuj<aV@9u4wG1B*np&gpOriB>P=7MphnK3=Ov+w*Jrg_?rdw*-g8%
z+@xuYq=D&7zs|tHB9=Xk?;d{sfU`(WLr)cU_7a-rj{unH5kBjm!0zs6UbH>=E+3t0
zf70gfH%5Kc=ecI({6c4(FY@GSnhL%6S!7SpxBMEUILjdg9a9`F58+~NLql5={vron
zeA4BTaPvTrD-9KZa+zFrORCyF(OY)KNBqw1*OTdmdw3!Bv3_`^b#b)Rhs^LNoq8!G
zJdUB2OLpWd`3igdOPY9`?M+H`A4f;4Jc@P0+SP~1<OIQ<x4GXm$i%B`?0ury2LL_~
z*CR0xp{=7Dk%J%82Qb~6cGehu>dMAeEM-=$ktIV)Xhaoh;VvjDhA+OeR3aDs^EO6n
z10{%zE$RHU#m@FN+dG@I+z-akEuWW7$rw2MF{e6jjJ(8-bj}<Bhg9ZxkXiMd?rb^c
z(ipyM?=bti2Ju~cVXX~bJqhEM*onTG9rkzkI6VAJjE5Mf_@}Jx9kQ`Bgtxva36Ec$
zKT4L+aZ!*8f%f~x$lnnwMU{YWhiw7p*48#VdrDT`Ji_eOEwbtd**;LA`npADQ6#so
zyE3-8%%c!7mLWMzf7uco_^a?&rCS=TP2hF!+vi6(RH>MIU5@b`GumFh#K%IakylMm
zc?9<aImf>U@@#z}OKyRc&l63+4dSM;7)OTyX7=ECWn9peGrcnlBs!QQi>YPjP{qcl
zH@MyU6M0Sj)Wkbu<($p(#txgyAIQ!~=T&bjiHX^~UtVK-bAcqA+qeZbYUADfD;)0L
zqU_a#@cuG+ZgyBkH+|RaJ<n0__dom*7ez5Ui_I9^_$zm9J($>rlhtv&1-ZHg`;bbE
ziLZXkfgty%*Ja%LgAq-yhe?oIB28;yW9KWMM_-ecl+MR3?JleRPl!n=V|h)$zA%7`
zfjLp7Eri<LC9V1e+xz>>4>S@VRmRFfCvp=X`ucmZH#Dc9eS*EO`+R7xB&oEGwt@ik
zE!~+|-{)|Dfh>O;@@o58p6kZM+KqP``>akkV=fJ3dig!h<_5%7y=Cw4P{8~Q^It9L
z7<r4UwG}a%=H~NMGm<NX@Vl}I4E3eFo?jRCS*JSF1Ccz6)#FpL&l;oI?;0bgZ;jE%
z34&epiEsS`fO4@BC#f5+`(KcjR=~un;4^}6IE(L)+%rjUeFhHEkJvicqb|z<>#$;0
z1isEZFG8f}#MtBv_ucN0S=|SKdZ7cEi5IWmbRoH;Pf7bEO4T9#k28?C-lz3pC?Xp<
zW6SI8Z!S@pnMTvgNiL7^jwGzy6@p)>fCJi!6qxA$jKu9eJHU~E*-T_YN$)f&!Pdi#
z>0B4NGBWWNxuprI&F|R}Y%=z$nzXDU+RGl0{ivC>?L8KUs<~@qMD?Z0f4sYdoBD3N
z9A6Q1xk+=f3nq5q%+K{9H`1e^b?j`PvG!aHjjb8jfzB8&Y{H-M_2~Hgx%I4GKKIpP
z^0S<Y|GzPkTGBH1ePbjw_C9OY3ZktMEAm*_JYa8Um&1*>*o%#I@TX>#&{G<RsezRK
zr7cv4n><UfMNgX~wM~J&1;J&b9BmI`XJ)9&t6wZ=eZQgG7^T?Z8`KIw=eH&)w2RZt
zR;;XT8Cu=t<W!e$2KTOF2xRthW7HOoy@jSRYX0^*lT%KpjCDibJ%_n3yX>yc^Drfm
zrr{xi<yN$68pqM65g6<FFfzBo{`MDY9;Q&*GE7d$)mUmz%NOX1{igq?>>eInCOHp-
zWLSh$ad2j@9P~xzRKFe~Gbxj|6RYeAYo|C#u!*UnGTs`Ggd)Cd?y|Y`j^w};K78Ir
zGuRQ5z4<M@D;&<JBFY}I>~fB9q;q152T_TF?=G{uBj_jI7U!TSN>hR`^3cj&oR-A1
zj$X2ovo7H=$1<^l!|hexjZAWIbfViB<(;1xZLZDYbNwFG&ldq$=n?Gdo=M+}YNAsg
z336<+I@yct*BexK&GRzH0au^L>>VAECNaV}q>`<j9bPx)aM#X{>FqgO#1=$fiZhlj
zA@p@uU~XtY-S8Jws(o7X0`ZDWr6eH`BhTNLMH1hB3H~ZMvfG3eHnY9E!ON0F?m4D2
zIWczj6hhaG8rb7mtkn-~0dO$?5@$0JX2$x&SAEj()}Fwa9=g&4aZJ|k+m&o7$X+hU
ze!|dWKg6z4tR1LWdRvX@AB<_}>cLJTBBWw~ot-tB@_e!JPGt9F`MbvG_{%#|5;A_5
zKdHfK^bfu|ldJPmeCfE9PiOaF?ZXoc%&ckqxXf1}-gG?4rljc&Eg4e$6m0-34pkA6
ztZUQCjyV7w8PDyjCdbwc-{`iBo1-3LDcv8(aWFT%B4hkn0iS7aK~UKUs!L9OwDtlk
zBYhGYMo@l>s~x$BeIv;W@x??O%hJX!OXF=Ai!EuMTO&Kr>Bn`>(ac#4Y}5Go@WTMa
zk{C7)m8^_4p?A-WoQ`pF6+f<*eydKfj_*WuR*YYX&!!FxEKL(AHzc^QlYQa(+Q(*$
zjf{CXyg^TbFD{x#=`7u|7@zD%a{J!z`}iGuI;RhreV%fbn>O~3nCSf07^Sd0R*A&u
z9+d-g931ZRx;lj$Vjl(u8?dr5r(VN_abdnJD2bPqg=Cjr&POKH&VFTXYMk-K&Htb=
zO4MnLmS0z&<(iLQ&M&ma`rwk@Oz*Q8L_Ud(uWYinvB3SfFq%KC07{A@r05yy<KUml
z&XoqNC&dn@vlCO`aETl@G1c|m*jb2vgFmo2+l8g^ZEhIZ(K4|G+mm=(-qNX;;=&%V
zd1asZwq%TM8X>WD;KkHec4j;I>86<acPnhHPm}IvNn+It#$IM4^^HY|W+<14kV!B!
zyp3;C8-PatX?*I;!barGjFO9(5FFJ+Wx6N&HVG_l?6E%Ii`9)g_{RT}K1x>=<A=38
zALZp{X}A^f-;H@t7>RIVq-~5W9O;@n0uHFk@glSOC8I6rnCKgmkd=v#%#2&N?vPq4
zINZG(=oy<59iKp`B9xMvZpOMQaW?z~ugE0)?DVnqj%0l2fct?moD;Q<?&WAl>)d5T
zO7a3^{Npc11c!za92|_FPXO7)^{CmWHZ2t6d-n)Q%pf&75b<q23VTM`{`>)_Km8d8
z&miLBVh9ga5MSKG?xm$w>r;f?{x^OymXeZ{g1dtVX^P;4b06`saH31Yp6$6&LL}F*
z_YNT{zy)(lTbd@;0ob2uMF09PcqG+v3>+?>>FVqhYN6+WKtf|elG2Fuu;SX!*C}Wk
zWNV=ZTWbmKVM#=VxN_4mp7F6kVtnin$rR*f#vw7Vp|J8jnt^&_ig5e8IQmDD9IwFA
z_!@UC{du>o+Zydn)pPgOUBd5=!08gwd$(~3&*$g@n-e{AhrE0cf!NrH_{<DEBzj!C
zW<q1%G7B$@uo0UPmXuA1n+5h!4_H3nVr-8$;w{)u7Mx6Gd>{rko-}@3<<-+n!HLBr
zr)S`5B0&+?$nIh<E+QW$=C<f94#wEZh2*ppT&>NBsTp8(?IZ3smbiFCkPzjIzP>N-
zr?)v+e}|)q9x_D<qr-LBeB<E}yvmQj+(e&<q-30of5kWB2^)uB@RC@OqA6HbrkZh*
z`Z9O<Cg%1Sk$(2*TltV2<-@P{>?x@q15SA0Y4e*WMsg=7+9qZN9hj2PcBwIv`7k;@
zLa^x_Tof^6CWK&V?Lh0)I+L%fgal?xVr~=t4aw-6Ig*f)hQHLBpMJSR^3&%$^fx85
zM$;J0_aL(fWO9Cu_B<C1E!{{;jmOzipRCRgY;DaEVrz}eJ(QHFU_`g2yq;L)@>m{u
zjG5j|f(m>1dJL<>ZJ7S~Ux;h_cyY>QaOY?4No1r69JkZELrifshd^&m7-AD+lCsiq
zv${c~aQ$7=V;uGM2u{i*AxMg~u=mKuu~sz#rko&a^zD5~6l`W{Zb@qU94AX}ksJMq
z>-tV)WTy)J6{Co)Lk)~PPT|gV6N(zTsZR<-p8cGa!FtTDyJ{OFnGG#tUo?qJ(-;Z-
zk&FFkYbfL||MD-`xqA{D8$(D?B)#J^^gM_{VyeX-UQo&2&J<CCt&Qx0$w&_3p22lY
z<pC@nacQWjj+S%to&(P(W`%WPuJEdyb)EU}Jlp-!iIFqD5nZr1f``Q&Y!rD+ud6Td
zZIlS#s~Cb=I$XxX$)1J<*z8Hd!8!{S@TKegwerlrI`FeMLZ(P2IaH3=Eu4Y*34-Oe
zn#NJHz96HaEL2!u!A-F{H3Rb$DdgY9(vB4vd-hHL#^gU~<+4~Gs<Sb=Ye_<C3Qi6d
z{3_V2ZFG{{05c>mA>?KzAhxt7t!0A6@g6L17^8?xBEmzCoqZAuJC}p$F0DB-9S&!A
zjxti8is|JXapNYb^<88}`eSD3LRM}DZW03$i`!WH^c??7vP;~<dH&%eIXZZ3Nbi{7
zLt6oV`I|eFYlk`wZ{vMWq}dH;kJ9<yHK3+<5rFybXIS~<@?oSMJ4<ssLz7634iqqW
zGCZ}#SZx$~xAZA`@t&%<AdHP2NzF<|W^TrfU-hYZ(}TB-9jTY&jLe_KgH19bJTNkL
zBO@~k!@KsB*3Pg$(~a-%%3?)g{rDvv?opTQjG3J~Dd~yGtnToOV4sSP9(=8&7x`#m
zwCl&V065(vJ<yhGx9oYpeWKy5l%T|Jy3+%3N@+tg7<m?cF8lKdmOnNkG1ezEF^xb6
zLw>m}rsd5CQbVN}IRuiG5{k%7pP%#`dHZn~Pnn}`W3)9(y07W)^2fn3mC1<_d@P;l
zn$=>znop1SH!1eB!BXZyT1q4~qMK9>Ow#?$AH!P#*qUs`)<UFX)4|D2fbV5|F+!HJ
z1->zw#%O5_FKZdSvtLLHcGQ*et{sEZ+cYG&pT&xvv00tEq&Y=_*vOdV%v78V^~ikE
z&bzuoM7K?dNzcGn>cE|!t`SvKNlvH-vLDqsN17O@@$u~swKy2vL6Mk@x03_6el;Nf
z)hrJ~<Ug#JeydK<vkPPJeLwCdy74(AzM12b1p?%T{PnsiF&UY7NsN()B(QP{?Q!1P
zN9o)%`Mk4Bd#($=@8dT}Z5U>8v<A_=n<$E2FwmNg)GwJM_IViTi;2E9@ySsb|6)jb
zMJHcZULvuQP(Q0_jJncsQKU28_7q10Z9cN`jNsGyGC?jzSS5G-c4O3?jG?n13mUb2
z8K^nSHQL6=8)@DPw&%tPHoqb46Gd`_I~MkK^et`!@cDVhnH<TrlUyAybLBYsrd@mw
zFUQlCn$8hY!=?WpyLRE<xRow^{Lj1hy^L>Zd5eqFE;Dr*3(H&{D$JAz0uDILiDPyW
z$(C)QEenr+cO^SclQgAIcS`yWgOzih^MDM;@@JuBf}`=r&;Bd_bjNRLbOaDGe&*MQ
z?w7v#!zbx+M7O}FulrYS{``Fy0_@frpSbxZKKGqpaPJSl$p8G;zw?2+enaM&`~Mc(
zdvG`~`P*;t@BjASTr60Fc*gG-{f6qyU%CAwr`RvKv0tC!t3R2dTN&kBpZ*}XfA#x(
z_0Bu^uYdl3eC?hq@69JhwQ`k0-Q*CzOF6ehMXIq;sNe{QJezVZkKsgspe<LB+9r{3
z$S*B0k(p$9qe^LWk=5cBs~hVqEiT3zWO_QwMt(3%%Ii#yjxaGZPu=i{Db*6iU7bYK
zqg=>ic!C2FjcSSIg?awA-{eO&n`JX!K@jt(tS>S4;tM?g{8d(qd&Gomu(`a<{QO+9
zj+yK<b6b0OAwy0*$Cp2JD~~+CKz3rB$@xvXfq<|#*soxpsnnRwj53y)peP$0aLH|L
zQ&Zi+*L`WMKrXD185<$HxJt2*Lsm^<x?CVLKE`NfmRidq=BN_0*=a_`Gpuaa@Hnhp
zD>FYe$;8w$m2!clrFrVM;E<@tR&E=~@BzWzR*tG<5(^Kl&84_9%h<>$i>o<`n_ILE
zmzZ2!Wqj-^nVA(@md{bTR3tk+&Uj{;TumV&=1^Q)Vr1kh*|`m@5O7TjxeC1i5Dwcb
z)BG);nOP~|h9qolm&wdHBV!X32TchPpp;jcnc2qBTNDZvdIG?sv^vLFe2wJ|`pXTd
zZf&!xI>fx5MzL5v7CYapGe0xI$mj&?#X1qOh-NK5JLgyo%lSOI<54T;*wO64*{bC8
zRYJh1SD2s3FgBiHquP%_<aQ{mEwH@0i|<-&ug;OlWLV!Uvbny*Tv0)(<&)ZpMUFwC
zu!9pq6xiezXBZzDWp=H^ehE0b#B?UZ$Y_Rqt;JDM;80mxAiK3k&vlV!FLLt-?qpr*
z4WG>2cH1YovbI8I^ePLh+jK$_{T!HM?CJ>faXdW$fmB*&dVHMB^bECz#ZjKwVr6!c
zkxYiwVx5@3GsdY8ews_8(@c$xGc%vV4oL{lU~OfQtzwn-UX7w;5ZW5s8%1m{g2<s#
zD4^LMF>R+zVb36PO^Vx9)Mky9l@%5SwLCpF%U%*gpW^CE*6)*W4Vk%_45OK8wu*W3
z<tjdhIi}3~>@0gt0|+S}%d5l8W{q-HBW6e?$~!u-Msc0&@+Rt$Iy}CH8h+$a$>&jB
z2)lI(c^Luto#F2jM!iIKVuX=Qma5VLT+03U9KL>bf{~F4)+@@OmllurQXfd-zrf~p
z8NmTWm(8_#GMNcB3q`iJx3NV3+RJkjjE#*aecg*lG%DMSkB%^&nW16292NOTaySBn
zeRxJ}%(GT&;`R*I=CX{Aj5EKI$MlZxy)wwX-jVeLfTc<-tybyz5eFi4rA9$g2?Lj%
z?TukibBq?HTAcvU_6lU;o|Bm(zuO`f_Dt61XW80o<Ma$x7iY;#PP0*|vAHlwwINf@
z7ukEcKI5n?&1SheGRkUhkC4~C7cb%v*J`smn<bN(WwTIaeK|{BZc@$_4(8FTpGCsh
zEtA{aC4ynzR`(2yy$XdSPx?Y<fA1}VC}4MMA<2ow)on_JZ8S^Z8aph`W|^GMQmK`h
zomirws8mY@)Sft8Tdy&HqQE&aXOGX*{`z!QrZbF;jIx%m5dvmXgBts^-Q#DPIJU<o
z_3Ad2LH!E1o1ClVgKN}|>~WDsvxnPlB)wv{sUMpYh2=RiqhrjkZexdod|zK-Vlu;G
zzCvMrf%WZ8q*|5I$@e+OdLV?<HrJTUWLVfNP}th0Zu_)quXew5{61l2ZH=AnQSSQC
zk^U_9Kf-ql4_p~1J2A@i%o5E(FVkw}q*uE}n_N-C2cqD$)_4Oi@TjgWFq7LuYfBU=
z5(2<CSfB4-V|lGie~ep6|4|3IU>ouOmx;+Qok#oqFu$J6h?ip<yKEIJ!@LV^bueqh
zaK2RP1~H>iB|ARK_;`l0Vh|Idhdli!K6=~dDfA+avYJ&2<vj#|@Q^AcR4e3ojVw}E
zY+{;HBEP31NF2Xk^5Hmvl-r_GQ|XIPr5xGG31%0TsZ<MOGaIzz+CglA&~wQC;cMJ-
z=lxi4D4uS&MSi=;e#z-lnaZBY-fEU-FTB7+Cd1_HBwzi&2f6#q=6mspQK~0x@wHn&
z&s2j{>K!kC<uBa!(d+o`>2db^xhFlxr|$X!4gS9ToeW>N^}AGCf>bJ%O1*uE-3*_9
zx&G`|`Nroy#za*mmI}#DJ;sgKUC);up5q<Ivl)H(dt7(Z2Y7I%#%oo+^n32Q{lon5
zSAXGW-})rCp86tL$$u|CF-is9HcL~Jv^-L&cf8u%Q~c`B=cyYZ`$VV4<*{{K{=S4M
zGcmJ{<wT@XsZ{E9yY~HA7-TYwG)#|JDj+xe48MNhBB~eijuYC<J@*$LxG;kg@;ZbR
zmq+;huYS%ie*X|Fy9T^*=@X+=DwRs5QmIrbl}eu&rBbO>DwRs5QmIt>#3+?YrBbO>
zDwRs5(kDi#C?b_grBbO>DwRs5PmG45(8u+Bj){Wg?;~EXh)@U;BE(CsaV<soo{iD5
z5gZo9>#;5BvP`3;<M{#6V4be(;yCdSC;8#;|63H|x!&Px34!bTM7-NYgrRuX?8S3k
z!iYC+nA>ljFbwgJ#yE;|*hfUXQyi=JNC-p}aZN=Lfgd1vZG7J+5WIav2lW<(eiF+!
zA`$_1$H4Y{eBXQBdlbW*jFP^1JP+eIdk7IB0*@dNKscNiQ5X_M*S4m@cpag53y)4D
z@#wF`#|uK<C6fJwLcH4E-{cwYA>M>_o2H59N4(n%YupWZw+cLuP(bMW_-~+5AIzX=
zn8VlPp2=|u!iaaU^ofzSevwBWxJ1Zdp}NE)r%$7Xye^{GW_orV-Gi{T$=N@jMKOG?
z6~~fz?7koItsgu}%k&O4lG553_x<=gociRa`0N+I#UCDd4!IK`v@&OY|1*B}i+i~5
zzI(a%-h24d>8B{P1JKv_%L5OPHwF6wb&JRTbQVSTc{hvf29slpSRwCxp~^##Ji<y_
z@J0=D+X;EI<X6WzlUc>%fNLn6`QthAYREfD(CpWH+w8HMTV<=%;#%@_h4X(tPf-tf
zbs?7@IL-4LI&T-ITwp4jBLZ5vOZ@5VMU0TwO<H-DAAjfTJe*nPxrfg3;_KXFZh4He
zQ|nl!%9-Ck##Srj5LYL2`VXuX4N7AVbMeJ(uvU2F^jQodiZjy`B>fuJl*iimX&#^6
zB;c(f7nhmMDa3M@|G?RcV}!gLIILt&GqzfK)xE!I!Zr^+`WWj*$Qvdsu3q>nU;Flt
zd3r_XU1nJ0500<m@@^Dz<-td}obR&z{L?&qwfMRpzq1w3pf=zSbNKJh^SE+ukr%fO
zuA%gaQRww(D|IAErlnc<VFW}twnd{ZBS{U+ZjT7?x(2#sVW<rxsgBv{(lOdddlD_x
zB8Xt;`ET>l5C4FAyNM)8wDb;v0HJSk_T1xWLSSkJmSv&H5>mZ6e3im?ZCZ+)Jg(U`
z@xu^(^J#9q@iWY<EA-SNPdxfGP17feLQK7dBumsAZEP<DB5cdRGEJ059l5U19bDV9
zJN^C0bu`OHL>v}{bWIIemXPaBx~@+YI;>v$HUD$thdFzBg{~X2Z)foduDjub{Op0J
zSzKCTarz2(-TYxb`NJ3K?q>PKfBhr(JoX&f=_$rXF7SmL{*5o)bAg_6nHxWN15cGa
z_Ib4{eC)qI$;OV&%Mt;Wu3?!vby-GfY1p<!vo0UnV-$L5twuk7nnf5zgr1G2ndt2n
zvLvHf@tJAJl7!OI2j>lbuZvQblmDZd-6TH3>!F(+ETcue-b7Um0zo45d$fmtJ}z{7
zsLjSfUIhW_<~ct6p*xswX!s!r-$7FvNz9w7*<VZKVdxg!jzOcL;`=U^+RvqWqm|^!
z;k<328778q5DsEssx2hx;F>3jLTpp*pSi4HbX`DToRFV^@1QDm_M|$xzQM<CzL}?r
z9tTc-Y#6v`EhSl3+w2euG0g4k+8&*52i@orCCBa1Zfp1gK%lECwkHTZhgQ62S*E3$
z1R^359+qy>u{4^^Hdmj#hfm-81UBIHIw%blOKtGX!xt#3E*(wBvP_h^gw$x!^TLzk
z`RcvmgcyQtXtdP!Fh@H*7dSW{IXTZJU1vXceayi*D@_f@7le9T@6VvNBu@YAPJZyv
z#Uy_XRmBaW;p5_1xq&$Gj5}sK`Fe7_fo1p4*g7c=?*1O@)N@OG_WE17QgV-6(#2>i
zNgUdmfo|w{VZhYmPjY#^g{tYe;b47154CL|h;Wm4m-pl0@lwL?p{m-k`Vvt@uWR-n
zCn=a+mk4mX25r4dpP*|Q^jrZj{JM)5e#}QteVe*rlOOph|9;D7S&<a#abMOtgC2Nr
zeQD75Udrj{{NdD1eE75Xvs~WcXSdwKw=Pus=Wc2Jx>VZz^YVI04)*shu+$cM*QK;E
z%~R8P3@OiD*Wb)ji!$}POhZxo=jNMCU3{3$ipl7`ALa93y##KV^XH#H@2PzM&Rh8Y
z6SL^Lg{J9v!`M2gZI$7+BZ0m#sHxRGJOM#6Q~EjE?$4rQe78$0nGG_k75Ba#7k_&P
zxBTK9yUipQlDGpW%$*beKIy;B#zD=5QS_=Y4|*0Ce|iU}zH&aPr_o=0kXt_cT_i<G
z`m^5Y5e;XS+OMUihU<qM7U6VF8uDOohK&G(+oj!BX&;%<gf42kjn-}@Ig)$|A`r)V
zawx>h=A`g!TCEmsrC%GW(K$9pn(a30Qx}-rC_^L;)n;51fn#y;C&}KE+<CQFAzXCT
z#Ikhid-2>evF#2@ytcTm-4KMv`Lj>5sd?z_CWh@2^WquWI@;&@b(+jVIljl~A%sB7
zU*-1e{+D|mzQ|U?VPD|bSXL+LU2V-m#Iss!CHF*1+wA9RB(R6~7IE$S!(OPzGht7r
z(bNX94$<2xJx>7r8EIHug1|rM^NLECTvHuhv)l7eyaz~npx%#jU1?#TT;nX2>IA-f
zd@dvC=my<x2c_PiH_Wx5zg}MqUoh6yHck*F_j8I;N0#czJw+HLxtGkYkUrNoF*<&d
z^H!(ZkE3N1almuBC=D4&8qB>Ur(S0c<M4}{Kg!+D?;=fH;@nv2c<uMsnC!vS_VZFn
za?W>}JldZ@$^GzVlEbBw?wyjl*EJJeO>$w_Z~L?3V9vR|;1zWpzWLP`_}XZbqe4HR
z*>)%^4r(VrK)<FehibD&x#eK>2KU9LOUL%vi~p|cp&KrS?od%26vHQs(kDg-gvaWo
z|6}hhyW-mRZr@i|zQdI-aNYfGeb(K3X|j@);8p@<lmJyg;SyXE+(LrIad&sO;83^)
z0ttow?nyOH0%7f(=bYEO$4A<ntwx{yFMW<NXBFTobwuhY!C4nc=hO}-AJ!?#2tzCs
z;$SZ#FzGof?@#E@kHhOhIFWuD>@4jFe3(X3q$g5=Ju>%5Ms|+bY<PtA9W&hAHAqDc
zIQt|pxU|Q`ZWm$US?r%|kPs9?RAdwyi3Dp~8Cm6{T%3QPqbw6=g$#vEgv2$N{#gV0
z!BYP6hkrq;4W)0Qm)O{B4DU|aT^l7-uS6&k<0w?~w0eZ2qg@J90tpKX!_`HB&|XMd
z)u_otG-f?QE|cRZ5}=F7VSVqIt2kI4Cn-dSKqSWAK}u?I7hBWqXsmDZ{SQClms5M?
z+lf!faj`<~_mm^Pz|dVrbW$lh%iXBW?$NZkXIjEH8jom6Rv`0CU~j7#dyyUG^T%Hb
zv!M}{rH%>1M}7~+oq1CHw1kBRqmhdc$vnu)ipN7ELtrN$wQ|s8B3H*7(JSQ$g(76S
zaK=}6S?MpuT^qy$Up-=bJG7yXNDL1|E^@#@?9JffK4+%~H032A5eX3q?QsiCV`=+<
z_3=u4e4>c;cSb1j!AtGW$mTHsbKS4e1*Nlbc*aefFkbl_twN5}Nr==lhOVJ868(hy
z<<EaY>J!WS&Ji<Bg?Pvu5sB=Px&+cZy29DsAi=)jq$dO-l!w#PUO||<GjfF-fvt?3
z>On3pP8q2wz)dbj;;6>k-=E;nc-BtO*?QYVh+czGBtYgCPW!|<|0w1UH^#^a(IJy7
z5Zej~%dEzDy1}Eb^;tH``S}UM&9873*&~*#2#tDxoxO;Pg)2HbUHb>eo-)~0j=Nln
zP$0xDD3Q?x0|mhnleV2bf_Yv30{@U)_RcO?AFW63q@j27h>IfwVQwDOj2M_`c#g`^
z39(3s(k+z1r5*OxMv2n<@hHLztu};$!erc2$~gRZKto<EYL5g)rzgmaj$vedg;Z}n
z;jvL@6=Lk{6y!CInLgi0_1AnpWcB#lxuR=&hY#E1WM1Vky#ga=ynGaZRH?#6Aw_5}
zB0i^rcPHm;j<yiura-2UBN920Su_Zovog{|uuNT3aAr}LO*-i~>5grqW3!_#wrzj0
zZL4G3wr$(CZ6}lYXKHHp<E{H}s?NQ8?X%BbYn8!?h)_y1@&s0V&;CXKMtuti%4Mdp
z_8!8Out55D>Dn(T)B_^>_^((oTOmeRdTc-0R5M5mgmB5X{D|?#WoUW8$*_zme%dGd
zMGmKgwoT+LM5MHXjpH*cEw<)&LxqSDR0`z~w@2bAaI_cAOW_yOAXutE>^d_qoZR(`
zWo`}R9IpNE)on;apH^uWfDkGCHw<b25v#q;JE_wnI@h)Gt9EqNwxlvE9Jd4lKLr|L
zZPM>_`O(KW1veeQHsXsPvd<oFCLdf*t;xmMi!t^z`+M(J=NFf6N&_5Q!S#prlkJ0@
z$R$bl%%98wXMi+srNTdqpghrlzXYUt?Qy@d%JzTa(jh+|v~}I?d6Gtg#pO3sg%oS<
z><wx#=Cvb+1cVgewVP$=+2`P*x4;@1Xm~6${63>Pvb_U0n6MV5JJ<Dgj`@3+g~-vG
zD=%srUrc$SwtMfA)Ej}J4sbq^RLK4X^!xQ8B$7Y9`mb-J>m%^0LMh*bn|ygIy72`U
z<Z)19n#w<Avx`|=<Z2k!j&UHqpY&hP#M8Z!QQmLZ-yuS#@A{apis8?G;c-t6C`AOw
zFfrmdGl66bO&wAT3eH~jj=g<?{-Oi~6eVHNMJDH!UP{iTK^(kq%)E96?|U<dd5$T?
z`AF&g0`aXBg{;5WKbvphC-o|8K!Vr4j3>R@1dT61q)yZ?lQ)Luw1Ve1(Wa7<&M~H5
zsyU?fL&)`WpnTUeW}}+YwNuttcCe}#1!9KxMF+mgLyT&CeifTX>|>}p3&+lyz^C1k
z*qpi6oY;`xoNsgV!0q#mq;#5pfedZmW77N6*r}TM9{%$)(9V&tu`+iL(uQ6ZU-r16
zHwk-q@xoei5CfKRIOmc&;S<d!6A^4(LeFOh>t%1xHq8Td);5lfn~_x-AT>35!xuoC
zTPQ+mCTNuu3=L|Imj`6cYJNLW958HbLkLqSsj8j6p<m3rkpR@>?+p4C_td6nEJWn=
zdzS<S86$1%eUwp6Tj2A#2;XKQh`!cwlr-6tnvjYp=ywKASMm`?A!Mkd3K0_QzgCDD
z=7x!(4N}G*_oDgoLIMoY+D`i1yvCO0h#jMdkTFm(iV_e1eDj>cg-q9rG1tL$-K(Rz
zMd(seaR~><w&IVJPU($V6NjN@iO|IUu~Uh<ERI6v-2i^kH`b25MT+6QTEvLuL*W>4
zmt5{V|F9Zt4twn}Bh!$mTslAmJ3?>Ee|d{bM+=^xOqnd`kmywoah$s?H~8t}{{Z^#
zka<5<Ij5Z(Ixgok+=Hm~7b0&A68MCg?G)Z`Bc}IM=8~I<KrfdlF6!}v{}Sn&nZn?O
z$N*m@A0v@ZK_ZZUsdsOkS-tjkm9x`BI>|w(b|R$s0fTIfBuat3vwMHGEMsVX<l{`8
z$9+9dkT4?2DN2KHSk8ier}G)8Gg0B9xgcX92N76-oSuRAX?0c4DeKp!LEpp6%MNpH
z`x<Zk6ann2AR3m65;_gZoA)oxbnQG5<HbQd*O8E&TU3!LOlO#XMDvxw_I?BoFz7`L
zbRZ)%HbF@oZzpvld~VMO443_smVO$Jy80f4OulNc<gUW_i?k^5*MZIZ$+U;jAvt9u
z&KoOF!lr&RwD+90=foQ0;)-Zp&`;&w!YvHx`Jywv$ViG=`6#dYJz;pMqdx!5=8TJ}
zHayLAJbJt6>WlAv?)$1kDYADxtol`IlZ9O0>&*n|mI~vvq)$gLl=~U;&7xu0&^&RA
zZYS?Ea&4C2)E&|#?l`D{K6Ycnmis`u|4@->S}S_}l66KY?;f4pz;P{XJ@=dNvzS*q
z&B)RuuAPkGZbToMv7u-vVlyTWI6G!`&1`Dk%g@Vci%u>7ZN)Xfz`X9epksynRG!$F
z`a@BiE)~#NRT^#5BYqkBUTk$$$jpYM!Q>uxw&sGi=U1W1|FMmeg&r}vcwK8taDRZp
z_9UWXV}8tU`N<^LBFxOjDyQ}efln@RUn7jsgjM}!7=iZ56EX8hquuq6Si&0^HHpxR
z>ii<S572T(CxzZzw;R!Qwe*ED;hN9kU}jlB%B>$DJ%snSEO~z!(h+l0k`ZylGxmN*
zkW%H%;F)+1yNpv_4AeU&ZRFb`uV@a6O4MH$QhqjBVwj1U{Q5}Bn*KSYAivTL=5A4I
z&dc&|s9oA-;LY~WpuN>D5G?xb$@YFKw=FLS(v6L1F73D?qGx<PeLcuZ0r|k#3q7k}
zv$YjVN_b8kvu{=s_t4q9e|;nv-3XT(_BS!SXpXzCk0c+1-4w=SW3X)M)&ajUA(-a`
z_}G<=%1+<zCK-d(Qw+CgPDx3WjSR<+C85t5gn<}8f`Cc4(^iO*Nre7Y!04#&P9g8l
z7+`sHcI^xN)w9X{FXuQkf`g(qV?`QGj+YT4w*@InYoO$=zD1z3BCAv+DLB{W0O>BO
zmN1!RoXYH^kT>cNCX+$dr;`$~9lEc#uYtHr)Xm5RA|#jTm9>!ZTQvTY0SD*$-v?y<
zGi+%kBWRcJTi(KlcmiTdTnk1crUqHEu}J~Xng3E_)Oagp_Kc4t_r^)o&$gP$!?O#z
zve0X2LmXnttKe<oWa!YMw!a}hJ|<UGXp|a9U0iiYG&VW{|AL#+;;i66ic{Hng5p>^
zmtr2*WXfd~@@)jcsdtqsurBXUu43b`2j1)wUvHfd4?>vBB3hcPhUp2glw98W+YnFC
zZRl|LSN+hJS;mR9)zcaK`38QS=l$D((X|v5>#VMN>-Xor<KHqKJP=)GN^`lnt+y~8
z-g}PFlVXj5bxJlV)1P%kd7?(IP3lK*V$B}RQ|O(a)US)_-FhbZwaa^g#j#TWmj4nm
zZR}*z!$BHDTkNmRu$mek__zOiX1p|vvDtkrv$v;#dJXr;RoBAtPv?8);>;~kyv}7P
zg}G@_0S#nK0!Q>2xv7LQ(UV6A;`ScQ2o*MrMN+3>{exL1&%7>W{2V>|w@3!b=WQSE
zZsx+wmPX*}Y&tr;0vrm!?kF=h_f%b+5pP?UG~e^^!vvX~>7J5pLlEx{t8Wrv#2mAR
zr7oVltVa1wc5zzBDwof>f*WIN^H43~hsDzG**q|tSn!(rPhv|{=;Bz3<rRkCHg8;t
z{NJNvS49NsV_GqMb7gh;ZL9K%T|y>>NS?B==vU_dBo6MS9(T!V`#EZTYGN4l*DtQ!
zR^ihX?nM39_n<|xR7$qyG?GojO5S5x2j9+quh)?=*Cjtr0{l>){yp;?_|Pq977u+!
zk<Pq0M%=URkT(+CN^vc?UcNtM#-l%MI4GLfTqQ>AxPrOnL@k|8TEb#pSfg7-Y}Llk
zP4h`MFMRpaUQ*&(Hav5*T^C;b;n~{9S=>UnmbD1|i!-{tPG(tx<<)M`Q@5(@R(4mz
zfUdw-!*3Qr{bZP<$i@<bTG^+bZS=Z9nWXES4Fc(#y7ZvsplGCLW+^<t2xRNme;kWu
zGrxa}1kg-a=g15fc^3x<f7+F!#L$e->x_(OF&~0okA0-2rk_dewP`$!P*~-56`@ru
z<7|y{lC3gHItpQ9h*-YS2bxuqpf)h7;`v9OO90g=9vmVgVs}4{E;FVCx<(d8#8IEF
zJ_0yTp*L{hi?2S1tsnWB9i8J)34{+3gJT@y<)II#P1-9)dnN_`noDEp`^J-3FnRQF
zAV<oySnT{YmP5{nEch0;AtI<t$!TT2{3IZ|a%4Kg@3dK0iR;Pwdg|K4jghn$p{}8Q
zG;Pl_GqoaN`0JOkM66DA_q=0Gw8`u!n}Hv^{3q}wkg_+QmBNqF^yG3|EFKHC=r5oU
zVDmK-vD;__l8CjXTPCe%+8)~WHKh~d8X&8=Abv9Uw_Mn2-U)76J=M1$F!i#ApD6vp
z`W^(nh4+19HfHwGN}B{S`zc!QEIo|@Pp5xY@el1`msZu-EfgyPd~@>0D6RyDT1!DW
z9tNlnF-&_t1(?00u|+N?f`%3iaRyyYyL(oDJ7cSQ>2-p}E{;||(341CgX1nKcxg!d
z8rCA8crG~W>lMA7Sl$em%?1G^{o;|()`sN7kp~R-AmmC7N&BN@%Hz3eshWG)VPaNM
zx}Ujn2CYcswmLMUWDvUsUuj<A?o4KhA}lHsPrKjERwAKiUlbBCv#}71nY~TYHWhY6
z*b*a1`@`#MK4CPgvrFo{!Gmiu4Fr}3r=i}tDF$gjRA-)A`U@;#rco~iUkm%ji$l=9
z56*j*ZCj@S;H*aX<?oH3@d2UDbG0u6>JPlICa|^G=UZ}$lW+ekAxQUCVu1V$<_PmF
zb5BJHtR|!Fiy4rl+rkUs4#|cF>NDpFW*<J+??y3Q&|nMwn)Q-%8(l>E2P8+3rU(SP
zfn9t64i_XnjwtE3THAn?JvfpaJ3c6gpbj3II6j#Pwk&5`tv(~*DYQHV)TaQ+P#%@3
zZOvg(NkQv9Y+ht0d8<uI{tXN0ysN)A@J?I38nC(==iABe@HAeG;ROkDj-1^{)>)nb
zT;l3adH}W2JN|2S$^SJ?k4THaZt>7hVyqyyHvW2vifqRiJ-eED-xxUspro75jK9T0
z3(m~FjoeA6W@p;grz2=LO|<9>PNSizxYaB96?x#i-eeCrIt;2C5A{jrE@X{j*Qn@K
zHg&GZ;nlJdFuRG4oVi)lxNo|YpKXBnJ755xGnEFadPX69p4vNX%GC970@?1DD=Hd7
zye!i{r5rPlDr~27GBNtInk_gjB{>L_*hX47F=~I8b=7Xe=5cc82Z)PC+z5{&R>i`v
z7UD<4%WtFkcIW|ye4m8_Gwwirb26uAt#oe!a-mSs9dS`1B5U!|6xHQD{UW>;fj-Xa
z1w4O$e>Mvf5S#k>sE(GP)+i()BFJx*5)j(tGs~R(@>Ft6=;pC<**6o$x!90pZIe{w
zZhZ;Hr+Cou@kae`=r{XI109V7^@L=rQEuS!@su$$Xo!Dc#L_-8Mb@hlRFDzXAlL`*
zNu^{}&x)ewIThLR1Y*;u>Yvf~kiaL6b|dfUS)RD~2m|~)n0gi-i1~L7B@+n3B}Z{)
zk<siq`$%TfDOO$Pb3aI{ZS<V0yt<P)|5rnds`6JjCQ!0R@}%$aAf0bgS<hQT(A^#S
z=~C3R1-J=m&eVK&hwJsa7TruTZ|?>=*Z{qb8(%*uy-W2QQNapC*Q66dB<ZjE7~U?)
zb@OD=2!<!M3JpVD^Z4jK0qTJcdwsQ|p1(n?$3Xx}v^_M;JMOiIY|pspFH{zmeUpM6
zYPLS<jJ_Uqba7bwQ#85}o)tY~x5SP>nV)O^fe$>Tbr1PU4nOFZZs8>4*d?eTX4fx9
zD%1A;wuWBUw5cRUT|P*_teq**#Q73=%d;ENJq84SPZ)`@!_?DgX9BHrf^@Dp=DY?l
zGH6uvi5;@da6u5z(we=eQlbVtYc=zQ*nrit-&;2a=7fNLqr@r8&Mr8iAoB?<AfqMp
z6|vocvb4^dIyr!q?h2z5Io+&`E2tl!&Wn?fO{);eP!~7y!z%bh1o-5!$g}9foFz4f
zy+o13cQSyCHw@Z}6q>w%cbhV@j*!CVx2fyu(UB7p`aUn)jCXw{ysyf2Zu?0lL=2}o
zZbuj<q&Md(|M(WiS>W*Lm$`$sKgvu%jplOV*h=evo78#M`Lr5H>(K&HA4RhHR<Con
z#FMcQNu_HeLMXDStIPK)&VsA(*$q07Fqj`7XmiV#XVK{H10fZgfCY&_7uLT*>ACFr
z;VZ6T$5lC%GJ&88Y**W8)6FKr#I_`J2kHK_!6V{=RuOD$V#cIaqIx?5skT-%bTUi1
zm1K$SXOsq+M88(zkX@e-xXgTcXw9o3Bk4*{+e_?^cfREo2#l)>f@Gj<r>ZjX@(gxZ
z$gs9YaLA{;fi{Q8euzN{RlykoA=k)f52q+K6E?Ao>QJ;ErL>i!eZQ|mZUDp9aVuRA
zGasWac8e2H3}AEq11wPwoOrGFR?RzLG$Et?>N7nS0$vDszAdD~jYK7Om5ulwGN-Q-
z^I<QntOCciW=&g^MWiXj=VCSIM_=y=l$P}8(hls8N1mCV&_Ebby1e4b_GE4-YV&$+
zApXWGMtJvVfE=#H$sXrP4T_S+$?`h?NS94HnEZO@`?z{8O0pkR!jVfY>|yB$lc2xt
zg>={B97@A&UU6Y;^BPsUS0=ZWz!@9lsAlmQJ)H{q$dh~^AK$>#fMl2|rM9s}%AR|R
zOMHnqytG9dw5VoQV63+X1;Hn?t!v6|@4&p`I*hNc0;yiT#S&>k2^u<UaUKdyEHK#i
zfm?DXQPRHchL&JLmW*7qdx~Ci_sJ?JGNW*h=nxHHB?uULu{OQT+}`70)8{U<&Fb59
z!8z|L9W$P+pODE#W&bV5KCz^V?HL$3oN!YiSi4RdfEqm$v+bLqv1sB2pRuB9`ff%o
z1vt&#XDpa~77f%9g5AL6T@EE;-{zd;EuWUxkWx}2jLsFT>9p+Wd$n{*CH`E%LQ`X(
z>wNxH@M6Wxdvu{&mp?n9{w~_jt*e<AB%~aFPTBJ<P#``vM8DX$2{<-FnxSfepcI*P
zt#CCc4%y3GI+AWtiBXvq+_|Fs$ievfXZqg?<yac~=X~85QVs~$_!4P1;+TY_78pf7
z5MH6~V{1Ds+R9S$ufPa*xr%o}(~t^($9TMnXJz0I`o)<c@3W<$OT=!>ljyW-%jM@H
zhF0*PRCb}p&2kJGUwee6!<2MfB0yDdRrc6DS<YP@@~h5sE`o=Ur8$Uz91(dEv>1^R
zqc^yXP;A|tiNQWesPWe`9J`6_Gb!sR$mXOb8-U@V4g{x4kx-?Tfs-dh`!b+Sg*%W`
zc$fr@+g#%SSb$j&n0WGFKUsxEEa5&n<Rocb#lf>l+}jruOlryP^cEREyEzpkXjx)l
zXq>U)%UcR-@49^v)luNH^vAl2J=#@Mh$!>k%GSxNXXOU(B?lot-idJ~C8&-!mbkKa
z*q{Q}u1a&xYXf%s{XD*gEoV5NGx5;fhM`SjWta#O5)uaw&(6cmc13l;;6k_W>_+Cz
zo9<~qMv<`nVsQUd1bItjs7TYpD1zI1tEk=+m7Vpck-Qu%NKhhMNIjWBz>CZiwAe5i
zA6-&<gyC-O=t+6R_tq95vu`AKYh`Df-Jr1N4x_AB)blLl%pB=)^X$F9M>IKdtUF5;
z<Zy$UR25IzZ)KSYo9_+Ar3-;q#sJfkANOu=j?37jv@q0g@Cxf{Qj-b14H2B4MNsc-
zi$GHpLwC;8Cl*!voxI9%Gm<w29IBW7m!$<AEf~xT!qkXuYGjOkhy_%<XLS;9NaTH~
z2*OtqQE)7I7;rM|^j_O-$qblzmclwVJlo^!N2Vr-xrhUw<8k2L3Y);a9@=L(8q|E*
zMH7S!d5dVsF>+LgMuQKqzlVb?%q%H-M#sZXGLX0Z@)q3A1G)?%;@P4tEvmX7huZp!
z4C9jGM4XI&gsv<A|1hU0|0Pd~1}Tob6F$ET*U2V-z#S;gXurOhi`}B{(R8MI#KLck
zEF$aN?5Y?%>5M8&B*Mw)Na5J6l`XOxnv8sg!Y{|w#8BnhHnbQuj8Hcww?Pess#5)-
z>sW~vBSBwL5Gs06b>rHHu`!NnFFDy+KtzqvgNpF;N5u%nzzY@BA8dvTTRuLnLiS<k
zuYYVPLT52l8zUatLRKN*HTG!uiEVNz(55MCdw#G{d{&IC43m!@#O4ye4wV}zN2X&G
z*Zs`K-Z$ZRrHN)U4R@(*j9m8SQA7swh$kyyV}c~TfdQQIb2@U@B;ZU1_(9QS#kk;X
zt`suDr`aYi$0*IZ&Xt>nZk50SCM^ZX8r+I9k#wE(Ivy?m6;uNh<(eOmea+&ehMmLR
z11td#9bl#Q+|7Bn2ew|mVql>&a_weWpgvoXRTQi;w4y5P+Yj~83JSEmg*R#xt@HBc
z@>+7o$n;+7Ih$F;!;5~oi$<0DwKs&5n=$F>I`nHuL!KtqXwjg&vgwt?EzOy5zaW96
zUMMIi|DH(Fo|i@HBP&5bbnM(!Ux;i3V&(aPw$y}|i6KAmW0SH(tS*sv^^r}pyr<j+
z(O2D_Up^~+B1*-i={hm;Djr<dFG%O7Jm|HK;+~M3xmIP_uD?r2PC%|FYX6e7J!mzb
zpYo27n>JNtWzV=*!_WQxX`k8NjKDv{o(CgP{+YLz&*S-L9XUlILUxA{9sp-oMyJi_
z6&?;YGt=*G+sugCD5DaE!r04qNfr_fkQ^a5Fg&s8xOCw}j8U;O;9l2~)I6Y<m=l~=
zK}Wjlh81zw*bPq=vvusgOiLFu@B{DguAr=H<c{4vPv~aoo`E^B5(uN#xItMXx^Wfd
z_ri0PVGN0sF>x@<lAu>e3KS(E=Ozljtp(BqAShP#7z<)Z$0lR5xS1Cs21-sW?}VPb
zw(Fb<nimyTR$xpNrF($ulBj*YrQ(=Mi|k?!yv;EwM18B`1xH#?NiCfY2amPRNg7zO
zH+};rb{}*-x!BCxQp#awPEGgX353d0M9c|b@10VY*^K3$v64IuFK2p4SDhhNtT>r(
zXS{i;Oo*-XYsbBQCwhgQ^8l7tKDDyv%M5j>=&10|;2s@sg@^IASIdjDv!g>iX|^=Q
z4wy~jY~<=LB=??z6bm~Wmw$i=W}(R)nOp03K?m)ffrL$s+aP6Kjow1vY7ZPG9=aN|
zL06Mso$)*3ffZj<ma^u@E*tF?NSK@!g^z-vGmhxKfjBXjV5A0ce8ua?L?`2285lOl
zzVW4Moq_5zN~C0E6;{=Szt@|tE6EE@eo6wfwnA<~QsEz4@i&Xdh_F#7>X45U7-39g
zp0P|I%lb?E^Lah}@-#)J@ahNM^sf?zW<n_+>ESv6`Ovu?jHo5kDKBv{S!<%5Nnl>l
z>ZW4%0}Qp7g>=c4!emH0*l1#AO3*N{khy2hQl5uh>V1nat7uP^n8Zu-Zf>RW*8QK?
z%ghPU_yqq<hsV98r9GgYG#Oo;9fWR*uoP#FcMG1^I*_FjZjvdhj@J5nzuV}A$LByI
z7BZ*=$&g;U%!<44w2u*$L5gO_@VmOZsjk5`h!;ARKZb|VH?J=ku4+8{Ns<b&3uE3F
z3sRb!;43c~?^*nUK>YGN`15?HQK)Vk4g4>`X%G#3&?vDn3&QNrtifZZ$06$9s%bIG
z^HZy<G-|$+g-3wVEFnG0+Z-d)pq3cc_W@&YZnJET6?91cA46G@F{v#Q2Jz+Zh7qhQ
z7SjE@Q7ltf05zQq(upn178!^%3wR0?tMYT~Yo!!q1uifj+ZH5~$i&4#yK=98Gn_TO
z@1|@p!EfN5c>68|@R5OFq#1SRlPo!nx4L$#e;YRulCF!|Gt!E>2+=iQ5feW0xED8x
zTk;`&6a<OQv45>{rC!IrO>=WkO}>)MoVMjBINxHTyXU)z|8_56<ZSB}-Ge1LL_>MN
zPQH)?*!E%cNNT|>8nYTEIak+rj-1PqgX&|~$0*^HKW4LbiEP}nvgvB}3hIVa(Injj
zIxeD-kA&L{^fF{d`XeWjt+{Hm4G+yx2Ln3?_Dq=Ov`8ceMMdQG&I%Z)gtDddtjv(`
z$w6(aT2<H7iw=w+c3K|p7s&Ms?-_p{pA3>*BG{#(Nz+Eo6de|4oHW7#f&Ge)5e#fB
zqV;Xam0}6^Z28%(`Vs8zB4L{`S>B&9*F_&7I95>#vWk7DpDPKHEdu%B-#VCYD=RCz
zj^)TyUEq&w8ZjZb#aL>(&ZS6!9UP%m>Z<hPx4SWHXrne{<fU>{w2qG4(aV!j-6lN1
z3h6l9lEEGpzm^lueFQWTbSFkOCZY7f2zPNEG$(j)%5&(kG9yQK|HoRz-dv^?CMyMX
zb@8kB%?AD77kd#K{^&r<%IRw&7<=rWVBreSB~@n%mGg`Y8_{VA95ZyOYFZlkBpcyt
zPZPzO+%3DhN!Ril+)j3lzbYa_?sI8bn^Y*KB8k}R(&i3W=g|;Q*rIPf!5>Am?VsBC
zbdRw5Ds5pq27bLSNKQ=G#yr`>L(u?-D^HEQyu$oMaRr*-UPVfOm$uVc%l>s&`+--I
z(Eimd7(b6D<-u?!VSV$v*fhl}T$zMybbi107041r<qa6bj)ATG57rK&@@HW!2M7E-
zv2nS6hYenohP!Mhp3w3A_9-HUEgOed%3(&2eb4pNtsv!p$pBW2-w}z2H4wx{M!LRd
zOw91n7`u8V1f|QK3xAHwu;kRRViHr~on4E&jLsfHZpV)r%6PrLkZTgb(*GC=wunDK
zXQ*?sVObVMTKg_M2L=zRj8+ieztI@ziG}WaP4+9Uf=r9lD=cT>r#KS#^WDdp#tH4_
zRJL>d0C~Z`lom7X{?g~Vl(5eNPdtnKB#7Pk-fM5B&kxVsyHs{C2&%c?B_1cq+J>Hb
z|5SBw8<4R<t|On#rDyd2JQlh;B&Nhbtdp{mBt9}Jqx(m$r`-&ozKX{+-$BAswJJA<
zl^hD4qpA<Ww@I?_?swLq7nWS_Fg|LSx?=hK#TpoXhY63X;D!p#c7FX}L5NGxiIA(6
z7Y9C&Oc80x1{>WvImWH{%HuslGIh3$AmfA5`eMeTarX<98=G1tHI5p_F|4kzZhJnt
zzcZGqscRI}T_YMRV*yNxhNn4Y*PA6x5@9^AyI25Ni}XlWRYFOcqpOeZ+v%sl>YrO(
zn?$YI(0f0ZY=EZ1mW0{4XMgrK4ph@5D2s6o&8#A5@I}B^!JR5`>ZWx<20U|404t}v
z>^t)A_hycYhAp|Gw0mIPCqJ~Q7#co^4bLvD=QD0M<!X7Xqq@va$drn9gwNR5*2=g;
z6>}%cvl%z=ci1?B6Ahv59FZihqD-a#?Y+A?+5|GIxQAg6x?+_Jpec91pR&eX7;!^+
z58v}<$)R5aCU|1NYG}Z*a`%m|hxz5;Hew;yv>OQXf2gpyb%1J&ZG}*p8asLh-oo)+
zQvblju6m7)Yk3Y%O+S@B7}^4lca*BFWfsn@!Y~qG=zt$7{)PqT*l-ImW%k?_v^1<i
z=cp6$IPVnq)+M$FS733kgTMLCeyVa8MxJUMgZx;5A}ubHa!OP|1$JP<KrxMFh}X)*
z4M!3?%RouXbY!Y;(|F_);<0I@yFAxmg0UhRo}`yig!&kgjTF@(Sa*&uJ-UX#Y`EIS
zvSBuN@b&gkeM5Wi5OrYa0KD>GS&Z6NL2e#&M|V{9x%%PZk?Ck;|GM_r^f|NGBpL~?
z#Q;5@uwQhtMk{$l#5{ql_TkIiuXvJD+v!0DhOTj;Cv0%zALg8EHwht~r=X{%!_h+c
znSJY{2y+#53~UN>ou=)Gdpijh7)j<aD=FXI-Z0%mXY^@`{P-zcd*mSpbiUoor!TtM
zYyoMXz*WWb@jz~CTw_<K<ls;FeNY+I6v`esf<h06o_Mx=zRe!Gf`mhGK9n1_$e0{f
zJV*(0PI!%RxW!$&tq31<WFRy7hXo5zy(MLhEjB0dx4T&c^N17;e7t7(2UH2zYBEu6
z!;|ZEeb~c;usE`3^B*{qn+;x6wL+}^(?zbZxvmW^cs3Hf!sb-#4KZ5teEQj>5b}ib
z^YiIX#?&_|Z?sKId3AMxt=`Woti0-O&VZjxl2Mk79IZXe!(@4V3h%jR+1c)C4-Z-}
zw{OE{+9WGY8CQ5xwVgLnvAevVI?;HWm6)=;$N6TLvltDJcUzDM`cwrtaj9#5TYM@J
zmA#@0a-2k5lx}ovIH)`KlDKxZrUYz&=)XH*X?4GshH(xbr!d?RecOf<z6&6AWbI8t
zj0g~b-TQrhgJs=TT(p2`G$0RfwG%eX@b9w3Io+~h_X4};aL7{MUrW?l1EjloF`&wu
zIUGB@znN05xWUE6eUH{zsN$Ewovy!w4yt@KWIcit;x3+1D|WN>anFKUko<*To)F+Y
z94{*J4P~J9p8^+n_lfu~&{vUh3}sieFOZTr7?})eEH-aIQdRi1Zb_0&2TTeeT%L-A
zq$uVIKo8g6OUDSm7kPE~EV>p>LL$JR-hpl&O3W*VNrRhdSHlDN2M}IcN9ckSG=avW
zf<&>>c4?*hC#p0rV+C3?f6#iDL6b5e$h&vH@xyk~&fI;;*T5W>$VGkQSGTzgYAYlM
z5PM4X)GJb*R`95@PwhltCEK?khi&*HSCuztt^%{SzS99yaxf%S=BNa7`}{m)H=jOV
zAJaU6X|mMja0|C~Iw@So5N(ipi;f`{JuIb#hlk4qgytdtu4wJsce9Fo^>7Ju7)avs
zax6D8kJ2z@W3EZoGl%FN9V}^ug;_EwY(@O{=rU-UU!?DvkzB*lMdvguoOm=dfZ*RZ
zfzhEyt7@QETyW}|aRZg3I56tC-aH)@A(`4!jn}u~QlFc|>A3x#T_O;rKFYRr&iCb`
zO(_1)?aw2)1-=0}qJg<STsj>YAkfH=yK+}9p9|CSF6-fB54q>?g@HJd14`JAo5#VF
zn}xk(<9MUh9I7egGxq{}2qqon_(A=Ao)_iG+D>nsU_d3Xe<CSr!k&GLWL{0o1;7KM
z6obXx$H?9cGAVuRo)IER)jJ>@IIbqRw2QYEgmCW_lVl6^0WSmXsy@b0&7&5sc_^f2
z&lZCRdQbBQ`6}ngc8?K6Bm56IIH1<mD!*+12A(%5Vrvu?@qVh)pq%swD|nGrzV_SY
z5HEKpnCr2ar`=Wo>RO6c|E&)(k|U=u!T6UmokxemGJ6T-v3syyK8#5YGM@G&)Bqj|
zYlThcjEs*4O8A<{xC6Jy?sm67n?d)_D-k<-rlxJRFIJE@iHh|%?<@KFMu!iqBwhf~
zzwMK~(6(T_mWn^Z7m-5luQ8sH!4#}?lgHGaVe^B~bac3rcJPc!ApQ`04ffIvD7nsP
zJGpbY@?tHPm4)svJaqmYVx8PagQ|$ejppiPO`z-?%Y<}_k(vekMNYj;oQQpIV|QM}
zozk0hu{f8$s)hUqG{O%A(HBoc7)=n+v&%WNCo?5Vg$W~tJAW$mtxLc<;!scb)d8H^
zIoHvHHfqHdFhnC&_`CaiRM2{t>?IDS%#)`2I<=lIqv+|f7!_UVOQDogMfE_NW=_fa
z@ZSk-c#-p&B6MRIXS6;1cz?eRDRHjiPV)$^^%!`hI06n9>z=G4!3$V^h`?`ZbCNKU
zs=+IyV>!E^l@>LcMEar=3Kcro*KFyHf?1#+6&?kh0}BjM?`>^u^;TQ&lJI{rcWoS4
zq~llUg;7@Ubyx&Dw1@ChDCOG65I#WVxmta39u0byGXAiMHM{;EY{R<!7x*ElzA3bq
zq%bAoqW~rc>g9m#w9Iy|UBxxk#=*s9U|sT7c7qpz&o`Zb94$cBH>VIRo>yQ6gx|~Y
z4X}x}wn31{ptGs1B`I+VnPi)J7U6AS24L@tyvlDi^$k6E_44EwJ7}Ax7xZ_U9-f-9
zLY_@?ird`X|2;Yg2AB$pzG9=P%U8EQfWa(0V0qT4`6s+seoH5CKU|6i!i2pYvag&z
z$Hsm6k~weU*DYuCek;yJj!%F&FUh3d>v`Pqz<RpsoQ8<GBknIgGHGT6-<tzhRpsV+
zd~>>>LK8?sSp;z|zrM~p0#!66nyNmcJ^C*Hoq2Vgy}oXkv<X37TJ`V<5D-fH^#?W!
z`hg4Bn68tuGcRt4&Q(rTFy}*d=;0@&-&LAKNY^e^rq-D+S}&>xjyL@6DbZOhQd$w#
zv?Fr7JCvCsoWx0w-yj`BWcyhZg|oBKT|8a>Ye~W#^tgh8fSxlFuOL(=nZ<&8GMtoz
zD69|Bm*fbIp7=fIl$7g}8#&x99eCB$;%qTpGvHzU=f;blq@eKkDehQbDgUApa(YM@
z5hqzp|FLLPIyHX*6XTYWc>XkCd<R3IkH~eJGkih6psoJjcDHOSBQLLtP^?EwL`|si
zY~3XLlCA>FV2r8WosHkL3NyM@lRj%oilZmQx3m;@=?TCNSuj9)HWZm*oPyS9!t^Z=
zr)gGAd)H2<@*<;el88f}+wqRfNw2AnVK(GTrR#|QiU^_Hoa!=TV2sW${~79Ce`=Pe
z03yvVjl384X)<7$WH(Q6*qc{$2sg&MN&T4vAdKI_z~4_&Xv0n!xsSo8Keb*^RQfym
zs`LHMtl1L|TRE7uvWfDz(=n)gt(M2`3rWEom&Zsr03zhM$mCx<iinNu?<wI;>3Uwm
z{-voKchQDunXi&5Y1ogbBif{o$C)=gV-4*%6f*s^L|Qx6h}~HPI2cS{!XC}CG!t|H
zv2$g^ZI#06Go!{}mSNLPumK|##8QA4<TGboLYDN{GjCCbRZC(_D`BU&^+E6*Zhr>w
zD7fEPymgR6X<Fp1(FO1p^i1Rpm4MgX55|xM%b4ImZ#U5UnhMk60opLwoClR)Tee=S
zkD4)~Hj7>{8G_qwjP|u?(BMsFTjCfGY)FeVWx--)Q=}P9%3uxTcgXE9_0|5WsXzs3
zo1m%0t_B16M=2%z7<er-tvh*ca(sIo4Eh$IiulZv!A6K^g-1h2m!n80Wy7_MBnz(_
zZ@AoZX&NJ`<P?{!1SXw3_NaB*3)l3|mSWYxABBH9yjI*?42A(pbgk^dR$h$YjJYNm
zr`0R&gwx#hrh(s@dK3Hi+-2%u8p|oA-U6#HBE@jq{Z@U&bGoZ|@gv2~lQYJw9E<yL
z<Qs!dFQf1obsj~7h|b-{!c_~FQxli^kZGYT127Wd631}HAmzq+$!&;lMe@zzbKIkm
zB%E*1WR1(|XM|h~8J(!q-wSMyr>m)4)N>qE?Mrn-&P%wc9Vz=JI-W{p*yBiR)ihX{
z&j51N2XyD_3N=OQxJMguvD+)I4*N{;NskbaV;rF?m>?{At2CcC`eAg{_RLT9#5t9k
zb=mUds`3;mrjH+br?9XsAmAV}%6Rz(eo?2HlimvFSX4+yC>+WE4BJ@U+)(MHIIQaP
zRanDby8+3Yj{H<`waG*1=s8wL&@8br^%68$Kk37y3m>6)O{@0CnmTOV>uOru2;zUY
zd{=~7Y+YEYz40vzbnl=0G`T`;GiZ*IZtFQ2hmux-uP&6YDOc2EUTaFjma8h04S95%
z@v?Mud?T|IDcjWLr!{fZ^8ZlyG=G>xD(#I<Zi3Em3k(uzc^=xo5pyDYpizk;m0K$6
z{@M1k!7b7#5T;=#FR^jZZ2BV1-#&wtchXjGMXpq(Y=L7mm#fA~R$X;?t`uT$P=u0>
zqwc|7!i@`{H&<;rNBeGNeouRlQ(^3%$9#T!8&=m|5vMau*EmK%t(>T;DX(Yqi2TWn
z9mQ@{+;HruK92TwX*ZE(zQ_unJhArX<LP{<A*HUI*mRDa@u)R=z<Fde&+*mKphG(>
zSGq{Q)<XoeI&Th6j(|XP&$#ZW5PK8(Fq<x2i1Gx~6xyCD;t<iR0THm>{4vkD7W?&u
zI%<3Y#Jf%0G7}vNQTQy1DK>g4(kr-Ft5jfBs{9peZT=hj0u_qY^(3npG$6@R5Dt^v
zwK+?k<M?lM8_tjIm-Abtv$mcSYC$e4<4?3qT{V-1Js}w3W4yrmvkbmeOC;VT^aGlb
z`EynSks`Ug-}V}F$G8UzY|QG1Wim)eiUj&3xB5dotL!@bHl`@V<~h`Q_FBiIjTSPS
z3UQP88*ma6f`qT(b}N&y_l+4(i0Bt;E9(hq5W&(o_Dk4b=c+4zH26xbz^b_(PVBx`
zwfXW!0*n<Re;yHKqkdUBOkfYWD2;{FR8UN(luPq*W}HQzwq7<#3#B(bGAyKGtwrI;
zha}Tf6{qjnZ<Yz+pki~Te^#Ikow1<66cAs!<sp_W7-c!HYN~7M3inTO1a3@$Ox7;v
z?l+jWU8*m7I!9f3>I|MP8%QcU<!ESSKNvCi?r@9)lbyo?Sca%EP=J@iJazng%{s-4
zYz)VNI(Z8*Pn>xv9rWfb<zcGjm1ffxY=Mc6<BA7JNbg4r)n`nleMvp<;VoAbOC6m-
z`f7my6GH>3&_Pq%P5*h$y{wmW!#WJ-tEM&EC0Oh+{HM@|i*(cv7OV-nb1<g}0Mn=x
z)0lbOT^`#SDE6olu6>x);se@IXU-x<vd&VS8GT(#j^lnzkFM=!apnTmYRF?&K9E@*
z$2JB5kVT2)RQT$Cf~~z>*Oy=LYK(Q+V>>Td{M<iyi*i-!R(;nLVw*{Q6orVIGCGou
z@}A2?X_>i?UQ=A`wcrO4+9kyOg@n=K$eAW`argdUptt?;2ca2KUiJ)!_|@@eg|)>O
z+TwEe+Ah<#?Vio8Btp;U%sRDY&n;W5PNgV@tLGg}<{Ox+DnnSmPE<mn1<sgPjYM5x
z0w-hCVU7L{-GJc`Zd3+ck6%ANavy5o^Xr>UnHALBQHfq?7ihkJOhCZK`0V{};yH0%
zSQ@NCz^j?{mA;c&Wd9M040c(#1Q2Wd{ec)rC&ft5=%3I<ElDF8HBD&Y{J!b)VNKaZ
z0;G|NU|{AA#|-VFF`l53C|l(rX&!msg<$=(!)Q38DK~xD6A<X&=HHqo0gN5x>p`FB
zk`VsCz>OgJfAOCc1^iz)(7(DzZ%p#xkeqw_pHYqgdMEh^{`d9oSCP{K8xnppb251=
zm6L(F`G;oZ&6VdVTGZU3|98%>UVd5Yqa7@@PgH(iuhF2PNQ%d(IPX5E&}z}E{g@aS
z3c9W^aMhbpvwDaI%~L+3IeQrj`2Kg>v~HKa$%nP&z4{+O`<*Ldr2oWh&#-Zw|3=h`
zzVqTSo5qD|zX`ch8gAUe%AhNJTirz>?wN9%R`YVLeogYgP#A7^b$?&F>Sn{}0898@
ztA+d8qGQ>_L8`&|r0a5kI~THL0ym{~pRPTwpz|E{WI}^}^&0L6P?;L7?&s2rN4qha
zSNYnPWp3p@W7V6|^10Iy7sPi8@x&TS<QZ}quYAP$nrh|2f2(}qTHEDRAtn9EcATQo
zcgQL7cX=(fXzxp{0xcL<g~^Gg&69Ib4-H?%y^=1;p)z!XrBFGXn2h!jxcJBY^}tMe
z;DA7bd9R;{oPjj5Y=Ro0tL?3Ia?5IqL*}h$nR9LRylro;DZ8(Ip5F=h8`r)}!@&8`
z{=s0410VgOZQ1G7d2n>n%98!4w&T(%ZLf7<fvs|NnITHYlx}er)15quWu=4#_WPmi
z9AEUs5vTpaNEC0QmfJFuGmi23?q0~4_Ubw{ZQBLcMYH)9DFjGYzFshzSK`s`>Z&O$
z8=i8F72;=q>yb%@iL%-9VzK4agY)y&Vmq<7md&&CrSM|M+hqe@+xvM2tW)~ug~z4n
z{{$p)o7~X;JVZDw_WWbXajJ4%<?Qr&QNEdJhGQfqNL^3&esNe+uGCgOR>lef8kj;I
zb~)t&GhAg}!}2o9H|0%5j-`IEbg)-@nTG6;EGVX-VP<n>ENm4dh_tdFfB)6rt(DWL
z-Wfi79;<0pLu$AP@UNk9c7<oWbrQULwHHMJwrm-Mo`H*XB+M=pGBD*Cw?*=)*#dK;
zrRJOHNH$%ZAQ?5qz{4r3A%QKpXGg=z<+Nj>_H2f}cY2JguVkWY<dnRp9URiG*mqls
zR_7Hr(`mJ8XnBtinZvM3Z%xa<OKRd}9N)Nz1~GI<ztX64-oz-_WJ-N@uBTkm)B1s1
z@p40`KH%{hWHKE-C|#YKY)LS0&$qP2O3%bK6&&h%B(V^2CIJ^cRomFwKYUCt$fH%?
z;7CuYGf?|6U7_@6c7s-Mac1H+X!FL$e71^ld5&`M`|eP_^K76_|5Cp)Pydo}m9sS&
z*`UF|__L247S{gWDTKoTK5srXoemY}6C=2h7SN_4dJDDl5syf|C?>GZGtxXKq$3k7
zp;M>b7yOCG@Wl!tVnUx>VVYF*LSNUQZT!F}NQ``p!@$hQ#Mysa=<4iIy7uoED`LkN
zEFNp)%mx{+C;qh6(465sJ@4~ObaGv_Wn*fLOhj#M&KHRnnFv62mA=`FO}xLkEl+E_
zB95|U)b?+6%ENfnBiCX_ods0EAo!sa*}(Jn8Pg2iVugi1YS7S#9PmJtr*Jn8ZCT$q
zjAO6(M{;h4tbYAVudM^O1HkX?99+FM5Frq`(Ahv1_97O1+4c&UIhF#J7K$P~5S+Mi
z%)y@GdMRUk&>!W-<<zLruu_-ZQgRM7uLa^IE;=sPgs-PKjbvcPaACU<V}}W&B`GIk
zoEiZE2T17t>OHbelKll4GaNq;FTk?Q>E6QiC-3Y4Zh^eQQFIlRVb2d7ivr8S4#I7n
z!`H(I@ZmSA7f$tMun|(Uz!OZ>6g-j6c2RpVUcOg+R1WS?Z5|O}VV=<isly_&f8p$o
zu#rxWa5Z|>KnsURenbT|6LjRcImvPFc@XLGSNK9cNk%@NQ`P9q97;IlwMDlOmq#ZU
z`1){7SyP<7fy3dLiUvF!5zFU5&1<+EtJMH6`;<>SL^?I{y*hD`c3y-3$;jUcS&4V#
ziSj`x%cAd3iSJkXtibz$w3oQ`VfZkoo%UFbM&x|gX&+Nfru7`w%ht#rO$&{I()90H
zU}D50_2(_I47i9X`*Q)NE*bOPFB~g^hZ~YJH|)ygm}picY%ED3MUu};$dTp^AMLiu
zj(M<i`#UmD)>IID>nQCC2X2pXgast*{cs&w3eZf@{Y}@YLT!<W3AorQMSYO!5e`K3
zsj)DTfELd_>&^|C!-1w`8v&IC+{w){qx=s_uT41;(n2J(^9jN&$sly*Z<*a#Bt%hD
zRgz6@Z4_SbzA>(&=SQ}#op3tA;!C`|2RX!?PhX*-fNdv=kfDY<iZyFQB%Fzua`0Y%
z&l@=L0w?uoTO%I{5&i2MSW@ok;D9(`$r33^=J;5oU6H^4zT3kL>lV*G36?-N^Gn0q
zHk~i)^*-blg<GHIY9WZk2OnIu5e|VmtGU-s@TLz)D1>Mt&3-cOPl}B@bGS05^+}2T
zF+LD)9Ub|*%-VeUnfq-DuTIc_K=5tkf8tLOu^HvkEHNp+0jdsgUU+;lZa0)^iAK@^
z5Qtfc`~s2`cyBx--kT8vH2U6q-29)NLV!UVc7{a3Ou71T3|sv)vPlEJEti0}WEARG
zH{e49hABmhWN{TbA-=%@{@C519zZ*bl<|{0%_+Hj{3u(50NxJvF%mCU;KP+GX9E?#
zshUJPv4eEv%-JO<AQl5PsLh>#4a=ljEih{~4gBpH@%T#6Mv^lU%wU}hcOo!}5$Gc~
zBhv0nvCs#@t0y}~IU?0dM-ULQ{nu}I^4reESotwTh#~4Y8H3x);b?b{OtMs&=%Y_;
zYMh9ZCfO5G&{dJEM>;XpdK(=_cyY$%hsOp~$S}c^D#T2Vmq(Y*@zDpIa-JXL&ld2I
znpgK0WanK*eC0@rp;L|&9KuCv5bG@2FuaAihfmh6kISX^&%g9+I&jy}3%Y^R{O<@E
z>7)c7thXzm(nAn?7gsVqS&(AnSGCQZViOfv2hu>CKYL8`d>x{a`Ve}&m+75rgXHC{
zM%tP@VM!_=ayvZ%gGSSwb%UosKG(MMvXTyObyLdko`>nTO|BTblOJ<T7U5^+GvFKR
z8R%ubll*D1cn7<8u|5`5Zlv0SMnQBB4{Ka#dE5b|S=e2l3r+pdA9N#JBjRnt)7SJS
zM4q8Ck|ex<@~$+lrZW)+tbQD8lf5H+AwwWZPLBR~5nlHEj-g{=imJ2sZX8l5qO14t
zpZKRd35*8u%tNE!zki2hO%dwbSur&k3$ZNzHP+1EYi(2c&8E$g!v@2%$$gXxtIbgF
zsk*H<!{Ff;umzISmCxirdm8iaKk=OY3t*4@p0~^y)frpY*$#N$;rx6kAv{!OR^+kV
z^VY@?W?~um3aczCwhD|yWg(s7dNvW;kbI1|{Ti6R<)e*eU~Upq(_{Lg%1fK%|M~F{
z_fGrF6CK2AJ0N<o$7FcGXRPn$cY0>>OqiQ&R1nJ*y7kX)hcFxlwJyWR<@_y%yrN@Y
z#Pi5S_WSQoHgzYh{OUjJp&YdqMpnMZ!u2r<nm5HahY)eK|AIp#w`OWMe~qmQT6*b6
zNu1eoOVIJW5;GfOraFL}6l$?8E6s`u9`QKAmHxQKuvB_tcfO=j=sgPjt22A$l*=$W
z5+1cHE=;GOK&%<|KtS0BY9xUO+4&XL7TH%$jXn~6O?0PB?l^#Xe#bdE-HtS%Nlu=N
zVBb}lkiKm_Oy$)xJ^cGyp@aSRzu|P>Kj+Ge=xZD}yOVv3pvp>fIM96kE2RwQ%A_kZ
zo%<@kX6`OwyxHRcXUjxoW60?d_XM~5)P~lyw^F85SFLX+SLOXr)BLm@9#b{=U%!T|
z+I1Zqd^C=x<X1T-rCae1kkVYkLr2U`CGKot#f$(=qV;Q_e$hO7{4L@pE12yDQB1tD
zQCFW?6lPckmQwr&8H!#H3Mdzqki<m4@JQbKnPyZD&bc@=`KLQS*2_<Xb5yr2#aOrA
zjApkK4%ls2%Ou-}ImWNNzffJR_bE<qZ(v9D23omzqt}AvJWa_LFPw4ORQ&a&ga=Yg
z+mW+!Q?1Ca&+sX{w8ySx*_Mzxpd?!OEsO{ub7}J!H89IMqIC9uCf2j^GAMe*dgAR2
zlO+jjinPR|4(zq^YG;I!->H+v%_+odb4r@da<Iln;&4Cn42h=(T9XzW^@WIbL}8}W
zC?45g2Uoewa}JK?!fj=F5j>8%qm)svPh69#9h=lXBE5Az6lpF_=sFW)X1)!#sf+1J
z({GAYO*1h|-kk|}asTdb3pJA_1Gj(YCoW~d&8j{<8iui7%R%O&jUS=tLXp-r=Ou=f
z7$#Q_y=Lz|LI2~vA4T_&hpf-D`y!(=aNSyxl)%E1m7LI_yOq?V=rjctNoT{fNALRU
z%*CD(*z}R~M=`Pg#%Lcp=fenM)cWS&>pr*K9wM+^tDZyj;~wc-LgCo~v-VWKGo-n<
z7NJ{I+l~EbD{@xH?N`;mxcf0S`q8rx-eghhD-cYbFZ?K!PC$;LoI4%*R30hZlTwX$
z7o?F^9YsQ&CKqCVmXMY+2S$nU*4;ssS9Wzhc7bX%q)F~@tAeoigYf#sdodyh^R${&
z?iX)mR|WD5o}bRC)N63C>(g^PJJgW8#$EE?rjN>&YQCtbP38A?gqWxNgqa@N%5?6Y
za9{ZUJ&y72`NtSp`FUrp3Y|q@(%Tc4{oG<31G#T<x@qf`OH2)ZktxA7<$aK&K}4F9
zHtHkzQmVI3WdlR2G-A1x(Z?PhiHq^7jr>AU9(r&>tz1@3KHo7Lk)lnXARIjU{f1;+
z*V@|u08XdPN>dx?yMC`*d)2vn4a#Q@XaMHy3CV*bZ9T}_QU`_P+TDW`QqB^CnWidD
zD{Dy#++asE&psbALJL=&SboEuBB$M1VpdpLFeQzpv1@5)K%X3V5a6HVEn|Wd7zR+e
zQaCvF$qD-0ZKf%VtEtlVRuyZL&r8Hu4|}vw;72=Aa^qe$Azz{axsIF%cToMBrAKf6
zLJjApWc`}8O}I1}HB($bi0u0hK~v4|Qxz>aF{@9jEh)%Epc**I20z1VCVdq+FYws3
zjAHxxK>i4ad=rOwoh>P;Deh&V6J)lwc34!5X!?ji#Cl2Yi$1z~TDMm}uEpaG(*U;Y
zT!>+z@9xdH*?}r)SoRl!5Wb#t*WdCiz9VXMP+93N^8IVu(@_|xn<?FtKdk7f%UyJ_
zWJ&%rD2SVtp8f{WbBdm!*FKtyE4|grg4e!KSSIl(Bmr?>wSnpN2K)PkF|lvSvkE07
znr7h3s9CQmQmUsUuid}qC9Tyo%XuXfk6Fk#soC$_z62fYuu?EngaV$Caa_Y%TCDWB
z-_2g>d&<Id(!CdhP}AoRf{`;^twjib!Mnv}o@7E?ZnaF5#0^0|{1;(g9TZ2?^$P?I
z7D#Xn?rw`M5Lg_71b26WySsaE2=4CgE{nUnyX)n7-{<@8Key^`b@gn`oYT|uo2k=w
z`gh(0YnwvV<f3G~ITNmxAoB4T&|_S2KXJt<Yj<j!==Y;Ajci8iXoVj&%(JJJDnziY
zN$o!~b~u)*8i8Ov3Hj3o$G`J;rCPu04-F5K{pjuQVe~g%t@)M_yeGd(1}tbY36gO~
z$4N=uQ!2)~FQ$Cx4LgDE9#52Or*(od#ZJxMGQz)9re)p^l`3tLeInpE<*LNJwJ0C|
zO}}`JbuxhNPzL3lHz$u0plvV&QAs>Eo*8&ZZjcbrX!bz0*@b0VOtZIKNK1DN8J;E?
zm0M{lvp`KreEC@dZ(+wlk3iwz_>_G6`L)$bbLndK3jO>+Z!IyshlhEjsAhACM_t={
za#I+fFc$TkZIZYQ8U5>9tfC@lHo>I*;qZ%iGD*<XGy;EPR4bel!qR#F_som3TQOvV
zOi>o6YxKUP8kNOl#OEB-WVM~k#cg5#K(yrOzA?((a5}U9X^TfuLGK)OAy3p_b+)XG
zXb0A5AP-EBwi*IR3)Ms)t;Ol3EL19!%BU!eE~QTX)|&=v@79uVLM1hNWQV*vmWIte
znWhvExVX2apV_cGVtqt801yN?8Q>bSpBFWzgWDI(=}P`ICGU)%UI|KJB7#;)RD)gt
z&$Y2gva%VqU_F-9Npq~h$lG1eG=#NeECQ`_fKu)Jh@minZH}puxTGOk5MzgsW&IgH
zHb#4XL00r@_j@gxz(7d}!nbw{VP;k-Q8%L7-6((;S;i+q<{N6Hm0)Cw0(X>>{KO<b
zV65#PH*z&Y==Q2OaM{1Q$Qz<!(9-Rv7a&}pa{V_cW8}if?141qC@g*1?rdv?hh+76
z!^dDi!qSp{wjxtr<7ap4obT6bBvUz0#mLW@98BZ$F<)?d590>JfbXA4CzMo!*F##U
zkSXYlNUQO1g#ER1PXuAD#3@~_&-l*GiknpJlR3+Ngx?Gv99irRr9+XtqDI>^V3KB5
zUR@bLKf6!4Xw8W^EE=L^A{jZ@>bbuT(r3cxm|oF)Rt=bzwTlOz>w@NPRmzMo;YJ=j
zwaLn+%i(f<GtRfSGY`bfYLU(`#-N(f8-?NYiP39m$<+?hBeik)COT0GA~^MOvwguk
z2#oR~n<YhrXxX}U6!H;S6TErLEPVV6Eua<m!{9*L=y`4Hb@uxiFGIoIDvuVhP0&W1
z-pGDsJcQ)?K9VTO57Uf^X0u%4KNGnm9LPp=MtnakF>0gi<M2)+Wsg)P@C@QHD8IyL
zjW$=KWI`|w7f3^d&uA}g>)4~b%PxIk4nac9*Bh=ai~GqU%Q5-5fo=7yPgPNlX0Fte
z6N}gCsvxdZjT*Cm_LJ29s=Qh1U<a3!24kOv6rc@gE`jh4lVOO@X0`Ykd)T#GaEdKu
z6#gV_Wh8>GdE*FPF~!c@yuB5UL6m+;D{oM?iK5l9nf9NxFsMD_+hwQkZr`_h4oHY!
z4=2yQKsFLsdw}X_6vDjqc2Fu!2S!Bt$)T0w%24v|(OCZCe4x$_7D<Qk(~>cp`Od&G
zRyA?;dA$c_6pv12*Fo4VcVc;3vY87zfqeur39B6nJ=CPQ-B(ojW0CF?MV!xGK|!zX
zF)l54T4BEVgUms_;nGeuaAsAakCZ88o@iT3eeCskzR;@Z``UWqfdctVJC@7y9>%;i
zf7aU~jL^##&T29u5h{qZ=H}Kh?2_H~`N<Fp)m`){!LgKr{wPA);@^2HcTc#SMT9qx
zrAWWY7>;>Axi|QaIS|3a2<LA|(`(G)wvK$-yHQ#AnLAzt*7}psIt2y!L0-uu+ad!{
z)q8U7JRiK&)C3F%zgDEzWX-zt0|U9KhHv&|S6B~H)Al`&_&slcGWw#77^n=k7eOY?
z6vl;A!P`129Ot;|&W@z1M0W$Mm8~+er|g~=;GMQozX2F=_siqVX!_F0+cOS0A(q0k
zG#yIm-9&L3&mY=7>?p$dtlPZU<Z>EILi5-7Q2LRRD?st*)RLEtWU)l|xaSZ-Xya8w
z+Y7)OWX89I`$^^ZQ0xk8crcajjV4-`ryLh52xik@cb4_13#OA3@GPvcww<AWKN<*b
zDQHUn`on%o<Ou|Fak+#Jv6){qfXjD@>~o1#eeoYM<kQ&`iR5`deJ9+KzUTE0zIE_?
ze<o_Y%8$`fg$Zg~8T4El6IRFhzV^mjoXAY&CM}-}+$~$(`Jn3D^CTzg527CZOmR5Q
zWAENQc*_Lrj;&x}S(3CdV$*I4m}X`c5E3BXr!|65$#9o6vB%sV(I<m-iAizGd~4@m
z=zq9M^_#RG#nwb&oYcc-@X!}t??apNTM_5BK~@zd1<1Ym8)*m``j0gkt-K9*ksYaF
znAORLKYCqt_>I?8ng;M~+3kR+^;d6uUGO*3uXXHWD<{mcXSWSR;bQDB0XalZjY)B0
z-FdJO-%e2<o=`g|Nw#Tl@fb!OfSU!Gt&Ivx0&a0C=jUxMs=uTaRhWiE62fn1<8Zde
zd@6I?v5WhGgHfTUaL1ERBf|OVeeg1vYno)8Ji{(bp(u!bE==g$;=svZ$0Ot}{wxjG
zxj_>zf{+jdjf#|w*V%1oQS$3{ulWANeE@#uX!xYCoFg4%avzd3&2QaA8H>STVM2n>
z+kGt*G#Oew+my0esH5lO>FdEO$;ta;x8FW%vtQc9>pS=pKKV?OpC6i6pt~*)6ir!i
zuW2k9c9gpL4yW1(e@i^)!p5jFfGB0n9e|!-YLhyDPA$j1`-bbe*5j^BP6!13Tv`x$
z%o%Zi?Xzy8QP*iI!9D+!)mn%rL~s4&RN?UWl=PN|b69N$ViZApO<Wn9fQW3!4oGRm
zSMa7uJsH%#vz)tJc*7+pJy-4JmHV+Q>0N&{l8ez{Bvfj?@g4X<8D!M>N|5|!GZPH>
zr7ivSnoC6T9qx!wn}quqiq!50*$XcgO5gOFoTR%VS7OE-GyB>YGm)%}riEetAxhK0
zwJOW?;=d~xuaT2S=vfW0huSQkjLgnZ6sGDRJ9{^{LKux9c|x<q^}zPmJ&z1``=~6n
zCeX7a%;Y^(V_cPZ$SWRG1DyN9JeL4fK-8Mv08C3n$ecXO_E&M9Sn0JUcNu)~O~ZSx
zx&~PrHrj|B(W#KAksX&Yc!>N6Q-(}#Aw7AP%OO!J%T(CTzb~DAX^Q9yEP(Vx>AMig
z@WLCDogZmK62$iw<d|tpbhNwu#~k^h$Ab)weboq^0+NsP!-o3U><TM<nIg7o6h&Kh
zWwjV_W8==(U-fe0oYz;SZ`;Di3i4wT{z%FR5>`=`Ps_gt`Xcr%-~BzmWw&a>h8cnV
z#R-mykNx1<hnlA~RDoFSCf;YA5|flA1$<9z_5_sA*3;MW(vtA+Qps}vij?o{sfem#
zWQzkJqj0Zj?YcF5xN}6sX3*@p-jdV8cADj$y}8IM#EMHs?q6+xuBBj&i>Tm=CDF_H
zBeWM{cLOfbbRT#86_Xq<)E`54#efx)>YOw@j%lS$wejnD*b$?X;d7W(_2)r1GcNQ*
zF_00gs2w;aPJJ*K-uvq_cY|!^_Aa3Z*7Ld@FTYke`LAB$Ou;5xh*Yh<ZH3GDp?*lj
z2=H~I3Qdm=++DD&uZo{&9g9^aILFQN6NKSC>s7@Jlp|)K+0dXEx#lQ9FudY<JMEN1
z>gjtcFK^RN<~mUaOVWruPVsQr@8skOcJt;Fsq{CkE#k2c=cKBK8Z^U{92|*vd$8kJ
z8o3^eNS*FpI4}*vOxw`6CK&tUn3kqJ^}ThH*=?lre>-ZEQlpw75m)Q(LnI|^!r4nM
zaBS0&Q<cVh>{N4e^Wsv{I&+=~=^T?x+=Xm4Xvk$<7rHXIt8nL?Z4b$)Nu1D83x3Mi
z=Lv3?uQZJ=g!<MGtH;+P)gY!OXN2<P7UYJ?Lb)_(WwZFrwnmn`I*OW}mOD8$Y0L$}
z{6t~1yOY47A=OdeQ`#gSz~bOu*IZZVarE;|#j+FsaydB0Gc<W(Va88YX}a?*9nf9X
zdQ8WFBIkaFGR->8`(@jjKoP2v#9gypp)W;C(&<(|GT&>)jiX3BrZI0_#IScLUoXjS
z0MXxSZ2Wao%a9h+!v0S}G<u@2ge{FRLx;|)K~FOP{Q5#l@;*)Q+*6Y;SK8@*f2Q$J
znOjg$?EjFf$Rbj1yt}Gn+e0_^LL<uhPUPmax!s5ssQW@xRyj&c#fmUIy2ZlE%DVq2
z`Rfm^D&w^yT9pzmJ|ctf<JWQgeVoh&r%jWsT`lk+2#D}^)K*vO!=j%{aZ`!`)tQjE
zD{H$;QYra!?fb1x19j!fkmozCwy|V#RqY@9FqNFNJj%;GZ#?pz2KFm}e@8N$)iuSf
z9)@Cxrq0r6KltuqowP(^dk=-1$R^i@f&GQ`xu_Y<>ILZz2}XM6MC0S>w+%U^m2e)D
zwBj!lM9B1WBe!uHUeWVZT*p|X3-9|CyH6K`Yz_JL@3Wi-r`Dd6CpQ(%$HRyY*V9Br
zB_w?woh`zLHZR&@Y15ui5Z*e9GQWKYTV7exJ^I>;{X@bZx3A}KXO`DX3buU~t+gjj
z3)0GrfoaqZKpZ%?#h^H=AKGmf!3-TcLYmH(FwHM>19iA;&=3&tAbmuc2ri|X)oCl!
zjsj2M?4{t8C2i=jE%_Pcw%+-3r2^^aT7|NrRVOG2h&aq}h>xGQ&W9!h1T^VCIWacm
zKZh>(fAW8@g@6!X`jCZy@J0J4|MLG;xmZ&mFP8h;@e=|<C)*b-&CZM?wRrwmQM`E7
zYT02mPGIKLk#dJuo`XRJ_)%~kDo89=SY2IRO-*g;<)sx96SEL~=IW~2m$;Icb?WDg
zSzT>&GdJXZboFKDQ%nS^Y075^h<Fa{F1L!hI`+lh0gBdinE@?i?Cb0k?j_dO<Ktt@
zNH&@XP!CjXTP)Lej{r}DZQlq~4w(h#k7t7i<r#d{aJ%dHs15WW#WXqfaCs3-a$ldw
ztt(%Iz#UEesT<2Uso}Qo?C@}C1lC6tp>yPml}hfUDy7{m&^4>GPnu<9WtUmsaRZ8q
zs8i`=H=1&Z7P)k{Vg7+H0f2qkhe%$^6?vLKfCzFdk>j%63BJWxzBfphZTI&12kfrG
z2ink@JI&+p@CN-852kA4fE=poYH@4NMVd&A0j2sEYd7qojJicj51r+SGrTFSR{Xss
zR1*M_-Kl=1h2hsFJ_Jxe)c0fBTQBSTM_z+{V!|BrhL+Rcd>nX0G8EV@`#b2A=dCPj
z>ZY>J6>JVy^=Sll8;y(AfrE2^v+bqzLwT>!WA%vd|J0?T?3O*1*r2YuwYYJ1qQ5_-
z-mI$C+}zIcSDl)qd~v>qr7h<qf=yBO=`VU~QHj?zxEv;=_XZ1F#S$x%Bk=mKWL5b(
zOx4uxrNDd|40<{%6LTBEgyHzP;`(+=V_oW*?w4>Hg_`1}jvSw-bL>y2x+V=i#j^yb
zisp_TffdFB+{2!5XQ)B-sBdlW79BNl1UwBMXU+k~{xGKl+K=0Y33aN$$tfwgi|U7T
z*aT%2FMVt35KdJV5$*de=d1Tk`1f}FPKh-(lw`dTR5IbtP~ySS8@P}{zR<pw_B99$
zAEc%CJLl+vdL7HjA1=y$t96S+%Gyf5=5KE7E9zWti?h7mlM$?6V^DA8f5{6dDRJ~A
zAm0or#%dEqPL@6e>G8CHMN0#eas-Q_bI=Ep-)e@v<^!p;!TlDR+Ua1TjQQm>C0dNa
z8Qh`v(t?Qoe#e=kips~$J8LzgvXLOL$m5<48+(YSb9^Kw%&%W8OFXqEpaIB<k=h$n
z6jH7&g|OU~dL<u66aRJw_N5qvwc+T-Im(kr>F}(BX=3HJ9gk#eg8UZIkr8F>^(N(t
zf#}<k!gBmvwS_;21J2h8oM+<pGz706u5!;n={*CP|0I-f3Rtc$Ctwa`W!|>d3(P*l
zRJf>Xtx86gw1eE#aFY@Eo2xxV`KpZ+nQ@VU-?TX)MMaAp1~N>{0EF`tisWynTU6z*
z&FRXxgdl7E?a81*5GC5SaEGdXZrtL2oYZ%|z9%ZCqvPW^PlAj^XmO(X4(<6v2R6)A
zqY)$HdJ8@QQ*+=`mad{@k+Yk#?Ug&jqqvQ;>%&E<NKd6qIL5YCBo!BtSG@OM_>_bx
zBa8^e8P?rXBQ-xY?o9sA%iMgVDO&AZcw>__QF0P^LZ-ZCb!<vE)2;LQ7@|cCH-|=J
zf*M~fw{Vvlm~QJer$`@}%-g5AdBpf_{ihR&vaoS6_sxbPXN>bRpUN~3HKrJkYC3ny
zfLlx9(z;&#XQL`b9*(0OR+_z%)s&V`1z~rqFTb)|XQ?@AGx5WFOMb<kq3(rH@ku|X
zE$nu|7Tj`iac%Cj`Vff56&=P)9@9l&h@O^mjnCu(!~ofEw<!`;={~6qHgUGXJRbb|
z>Sl>o5}_?x4-4x*g)9`I??=>t2L<ugW`{57^s6oIvBNxKbFH(CyG2~>BjnUhc`vcU
z>Rj%Ooc?DGuWL)Owt{>UU1JAg47@|4ISMgxw)j{LDk(gM2jqOQ*5~%(*GVC5J0J1v
zJv81%%V~e5IN3OVY@-glbMnZ2_G^@NXTxrj8(eUx_ILTdNQXRZB={SpJW+k3)pcm~
zK<GqfJ_|R!ol>UlT}QOJLpu2CIEY6<e);5BVYL13uG_qv9815x!9Q&n^aswsu1)Wt
zOw=7mVX*u4m*PFr7YucQi!n@!^_oTXUp*C$-!4jZP5QlO7!pv29*z@N+!aTBC-C<W
z-7;Z}YAyr-sK-IhK?YL~i+0Z9S9N;f_lYE_Ny$Cm&cU)~ndlC^HttGk6qH8CzSPu8
z=Y5uc7)(#_ea42;Mu*beS&~2H3^BY|gsbWr^_=A}_x6G8E;i(<&59dc?!G0S?XZwY
z4y^S0N9%(R%iBW^aeuV>RZNsju>t^*j+J4>!?rZ$sXtLV^gjQ*v!7UF9n`Vraj3Iw
zb-zE)4;|r&P&rHxF!cDei;+-^T8N#QCOo?i`my}C@Kc=i!Kp=FUKv&y2&5bpTNP4)
z3TkU>6O;8{vs_}UIc62e+L-g9r_-tp?h8}?;#To(bpn2P?l~zX2@O3}=4?oZ*-7Dy
zy$EMc;-d%Iqc(M>MZvJgqIu<MMjKjGZvHo$Dzo%N!))0#7kOPr7LObT#=zM4V;`nS
zg~ph`5AKXqDOK~9#Of5#PWSwHAnui&?Z-4}UTraCQ{@L;wVr~OxQAw4;~!~HIl!vl
zM-;9C?1TK)p9{l7S+&)XkO2})FGEk<RJ2KV--AM%m3Gc`q{EcTvYYtRZ_SYxPjF;R
z?Y<iJ8P2fPX3d$(4LAFb>*1#2_Npn#|5Es&>q!V`3Sg_h&6<<oJ}@aJQGSSv(-tzn
zC!V6PuS^{#G0o@(vn;t8%7?E<Ju1(T1L1aP+Ud?HMB*XQO1`)KX?@~9!?2IhUXPNY
zyiFk9`|1}{EB;n#t;ROYfG(7#(&Wm%>@;9|x&%Ygz*D8S_*n>SI59shV<QOQV@U{(
zNo!8A9X4N*8-6ZCYm!@^0!gd#8`iPM|5BWsS&=Zb;m^C}D@<THq6r%u8Ybzel?e3#
z0mL+$R8pT@X+jZm(~3<`h01<KyOBa38(s%DKBe`~X&Ln-W_Ku*>JlzCJu1%6$;-(x
z%!yGv6&{$CW4OeN$auz>;C-o5oR(Mq;UdEBFpClUntkO8n}Cau1jn7y_p~33KT=R$
zhZms~R9YZ%Q}H*iE&<)9ti42bc-nUb-?n!N>(4Ax;m@C$_t4foE{%i$Q5OZugyaS;
zbdRucesb<jN%L2G6a?+7E7PNcA34)g>$4K3;^fG;B<lg?E6L7gY}$-oMziGanZNF0
z<tL;S8q(0(l(<9fiZpq06jq3GpL+*<<@#<V-a0p7!cdiCpISps<pA!>fH<C67KYHL
z^)rToELBlezresV-F^zleC$bNh3Ud9mD+~;D6#vRtgi34%eSqreAElZ@qdiyi?eJH
zuy<C~)Z9eLO_F|6F|Wl0-k(~Tg_=FwHDjeQOt3KXQx9W{Z!W%+i=tr=un>|b+S2Fw
zF>j0=NM<Q4Sj@yem-<@+jBN7cDcfKR6Ap{Mw8tZ)s=Y2)97MmAjTh}XHRN7iN2ANE
zn&^NRS=vuyhco?uO+A0^A6WZfT9vpiGMmlDONY?1;bw@+bjJAZ#_E%;EUFHMhtTgK
zt*t+vKx)IR4>CEOnO-lUR1UX3BLEc;W=l-viN2em_iIhg7Ja=aE@=7{isw<RjIP)=
zg*v@JRyRq!#rd+QFfsX$5&0+iOe$je)b}sA2L7C_5YCIv`gw$nN3;>$K=~}Ys;`n9
zQI<f^A_TT$nusBn{G(sF6rL0h<(e7_z^^7y&?gP2o3Gl}_{;(+>g4EFv#3wm0#(0t
zfG>QX+MtuWcg=*Sq+;1Sy_(E!9=?EG8N~uAAj=4?zlRNqvkjlGR_o?F`5h*<C1{JS
z-u4xHqWzJIDdlnYrAH*^$6B&qO9ITDOgYy=vfim(sMRfealNQYiaHu*y11tv)!d&y
zE9Q!<xd|D6nRrP)=ug_5pYgM*ilUh~)gkfP8@W`g%>p2`<S0!E4mKUP2ur1<E32!!
zhUWr$X~B(z$0JvHBdYE0^lNUi@+uE$J)X;zRkhutGf2k~Z!05~<i}frX{Y#?$QQlc
z3*NK&GHLJC@Dcf8>c&ykYfDI^3JP-ow`g}D)}s!s@)qibfv!(h41x?H+R8|YC_SIZ
z1WT#ezHn}V!SbLEvet8C)uJvRfA_o$^L~G+-9ov;UUvdC?`nNz-zqYXIwBI1)a7cX
zutJpYUG=^&OtXY}+uTavMcljz9yS>t0M;0hmaZ3{?(_uU${e7Thf?<KxZ+ptnAyE|
zY@N-om%S&&yLI#IYzOZS<e`1HGu5=A6Fo&nOLy|%$6g&a#O!t2=I>9#);hYi_@dxX
z_J@?%ZmfaTIgyCWZ~!-e--~f#l~zqic%W6x+Sm!gT7MwHJdOpmLE<2CR61HCkLnj}
zf<9O*tQWuTMKkLV(G@$1Opoz9X-8}v9Nn|ZkQ(ZyoBDYhlhm?77w!782E*CnUyX3-
z`K{b=UO{zq>Q%nK=Em_`k|L~Bf<R>=B}e;jvnCeOb2=vVk*CXizirpLld&xA6Zy6W
zWw2sI1Cx@LzBs<{M)<vI@M4FjZ+|Sx*6X&KkyAu^uFxL{FDik$yNE5uq?uTl_1zw9
zu2OgGjnZ^SU_~7RgSK@HM>l!yLr|{!mb!5zuj^EntacrhxCcIQ)|froDkX;jh#Do9
z5}8Y#BC_%%K?*M1Exh$Q76!ppAuy0~14SoC1qX+Q7WDX+XpdHg2Hrj)tjrBzlV*AB
z?@1&PmmQ0}L>5v#m$lyXy2|)@c9U;P1zctwXxIswWjk=GQ%qcP;AuUa+dO*w<{4qt
z#1zTr>&Fml%;TP`hvhQU7dIU=kv2w`GKH^h`O#jtgB##gRu#NoQlMpc5zf%${d7sI
zWBAY|Zp<)dX0T!F9BLIK)u)DDqc!;8Ln^aPaD$-&v75NQI6cr&jC=z`iDCFD`{pZV
zeBZrCSkc)5<(U8>Pn>!(zSqz;<FM+{pK)#HT^;<`p#}~EyBvw2YV$AWKL9Ur>J(mW
ze5vV)YB9)B*E0E_;E2I3r+Op13M+VV|8_gnBb$yHfv_iX5txXD)6p&P3d;lMIi0Vy
z!(YtbiQh88nNJCS@g}S8RVV`C%#xwvMUb%{jqTbhqn?NQN^gerw%0T~E9ui8(E_0R
zur6um+1~p3!jg~x3ZXJ5eymlIqXWcDVL-I#`bQ~JwTMW(c?p%Hm=GT)ijkLVu2gzs
zl!*U!*ZD(6edMBZ$YDW7jc!j{Evp0#6I^D`>hQJ9J+vouKZ-Rh=t~#t-XX^Vu$b97
z^xY-^DbLLz*Y*Ypx1jPh*<H0#qHD}#n~K~FJRW@2+TYBCXp_7{bcXg<^E&o?-G5+4
z=503RFu~_(eP)ZiD=2)qY_BA+ne=;7T5z|31{EGJw9BY4v5>XSrQ1pS5^XOeZ1E1_
zux7=0iQUp>3D*dQeIYVf^HDC>lB8ZSYe>ksl`?#RdHzqJ0oFm;1@=!My>KJf(v;0f
z!7U+PXn1D@?YM}Jp3g`YzG5Sc-<X<kNFkA_9|6#%+GDsiV=J;=U6-qZ(4rc-b!UJK
z^-|`#sO;*Zgi*<$g-TskacUgiHrp?L7=h44o`R8;=8YB~K|ZV$qBFvqy3AUI(2K^o
zqYkeO8=*6@3+ck5kx?uV020G>+t_%ey~i8mQ-s=GUB5BL-{4G@k0y)ryMD<07_;L@
z!LD&}gU*vaO<Ok|k*8IbFZpmF(*;ZL0ITiJH%%<PcR@rMyNNchg_MYx<-1pLih3St
zDwb`Bt7>3vi~bLHoW(<(A^93<vUPFtN0Tp}F$0CCaT!c)MDG=)$8~0h&j=+7>@R!u
zNN;Aip}f`NMbWHpwqi%Lp|x2UOxNOFVh8c|9p|ZPJVMvo+exKr(id-xIG*g`LRnuf
zXTUGUl|2SP-hpATlz7?cx5HI|;0glF)YzYFMw_&@`kNAVBr>bHjTfKm=RkDKm75QX
zsU+Ifm&}@>W$%!LK#%T8VmM4(muRh@gZ!y5bPn))a!MS=k*>_|%71d_YNI`0k>+Tz
zzBpbYM3jB%Mnzb|E|eaaHKN{Azf<_BBvyNF^ryUjqxaQztB0dTe#h~uhm9YIJ6N0$
zh~JhhsTc2kV;G3v5+nGu`vbd_O;350m9Rgk#&s9>juN;xG)s#8nF*2Wj(qI!5()yV
zs^5%u-<p?<^%Z?j2@l}3&0G{!uG6uh{E+$R+nR>d8os~ny1~1PY?(_2cSS@iR9I%U
z@xq{vhKhBTi*fY=;>DEQ+jiK3OqOM+KB{?q=v&Rc=p(3KDDAZ$QT>KHcEbC(bX%23
zitoBIbZ#lLfBpk8H-{^6Y5flEKFAsx)I4Xk(rxz`1CgfPXw1x54Sx<+mpcG8HZw-8
z+Yjw+gz+;J#9zNJb`UoU2o7NxzT_*ww%@zCC{0BcJtKNnRs8W?q46Xm-WMwmU!m=L
z>3_m<cWg}#Y=(Uksuj&0*4<(cp=440vfO>J!-d>e_cB8rLF8h{vJRA_0j~e)NA-{_
zJUr;)BaX|vls-sZeoVDwd>D9T=PkxFn2)h&uj3C&#o+5D8rzI=zXl{PN!rUpc5J3~
z?S4i+H;^Bvc>nl_oM2v?hqO7PWG|k^u=PDYOSNiWq!Spr%T;Xj774v&A}9MBI@z3B
zpm`l>cSmdaJ+>pgG3CNSsDk)_7?+{ov)$n)Ax}FGSbnD^v38YVF9*+YZA2i^9{aWR
zS<%aNmYRJ!!OH?q0uY6EQ$~c52fENhbhN6t(Z}mjdONWzz&&|c@Suygdz}5sHZuHQ
zTNUtOt1A6qN+QY-)@y?Np0l~WI0c}H;0YenU4(Ek`ou&u!RRsvFr|dmHIcW-hH~>Y
zs-#wd1bQ9ce?rxB>09UsZ}mtqJTB`WY>1eG;cG-(^=e0ae`$pj_WN+ApV&5ZPTjIR
zb<w!vE7e#Hz?5gKb?NndNx>j(#huNWjAUW%n}^NG$RIpa)~yOj2wh+sD>k1PR$n}C
z@gb+3N6)a2!UkK?X*P!bT`(?e&d@bw#tWxwoc}9OA}{fiosDI1=qF>T<x61&hR#l7
zsI+K?<hr6^FRZ?yX;01(ECUEm-`d>IugA6Z_3k%kov)lGt?nC&iWLBSF(TJ&7TV}~
z2OZ<qec`A+aJAbn+-o4=NH08ku6US)Yu>fI1ob}Xd^QlEOG137X9ZN)u847Rn&M{?
z8?H*nM$l2C^rmnQ`iL|eVRN-6A|8ZWrZ%cM>f+pptWAsP{zEpKC^MIj(gy>PE?BbJ
zKd8)mHCXtmnYFT>iSl9a2Zi@rKUNZ0U1DX|&Z4@e?`LUUkTsL%w0T>9l0pN~)#Ijz
zg{@=f+8Wx&XEF6k=ekRyDADJ3`F_+)6<Z;(%G6I;{1~ZDfeQUCqHSjE>>Btvoc|zI
zf=Bo`Od$z@>jI@I*j<d#<30PtbjxMfl8|?7_c7<XG}%~2%>xS^`%${$9L4~75h`3s
zcRxM+ZWp>oQ?`nOvzzt=znOFUW}d(A_oW^khegl4G3D9uDHD7B-rO|OovLTxKoJ~L
zM3h3>pWb4Zd;<>D3C#!ph!Rf`cNtpJAJhD_dDinstmhkzW`t-B!+GadDe~D>m6e;l
zW5)h2%as-h2y22}jn>O#SH=V}LDuLU1KKx>LUoRz%B$ci%-0;0^<C#i&XGT5dO1#C
zcvkB5OfAA?o!KyC(W{tPNKOo3t^Ku&*VL>u0b@RcUs_i*nbm5&bs!a9J<?BDpHUsP
zTqy+P2mD5OlC8f;m<polQgn15UeNF4FlC`tT~&4u?;<5fG3qc`BS#&<CF7nEkItio
z-4?{iege;rW-dC^Nemq)_M9|N4-;9AM@MdH)Pj$4lqBy%qM&l9tE}2^i_LfAck0j`
zvVFafhxa(sw0@J-rREOuzEQN|@4|<d@H{#}axw>aXe`DJfSvwK<flNa{eHDYSznSD
zPWM)q1+z)XDpiuQ1!+4QU-G>RWsmP&Ei(XkEeQ7#^t{<q6##0vuz$-7|73FIS5apL
z^4zBg7a6C^QUH@6NzVzAvB~O*M@)AptqxDz*x&`+#9`2}KeqCJ=ZZUbG1#oGfX>te
zybR5;p#T$^`@+L%FOdhgjJx_2hqT8=J$&<*w9fYIe_pl*ye~XJt+%|2P0frtt+G_M
zYJhKZahPzY^gIL>5XxW$l2yT(@Tua9ZBQAXAM=#IYgQCskCkmN>v`@aHbb(Xy&b;P
zc$29r-~lfs25v0yARZI1A2XsLa-OX2C@`-XAptKgKM7OsvFsWIhE|sC?N}&3QYL6m
zE3byRdz>@2-Nr~9t9@>-rgJc@@_={3NYBs;G%;x$-fq=1J&yGCS-MxdwKqX>e~}1X
zT*8wbtF5f^I^^#@#sxoifLi6$A(JHy-_zUY7Y=N_(`2OZ-wabhvy$OVoN7L@FZ!VV
z{GYcR@><hFv~utHI&3Y4wYX}bgq4f#FePIr3$-?%@Hj0yO?E$@G>FQpUSq3EnhQl0
z#HD`mO$c~I!j_Iw&LT?o)MG;iwL^thUwqZsab)>)I>=-?$&)+3b@t0i?&<{7IF8{r
z_Z?GYeST@3ZBA`XAd@za)cgSRUz`mgf2=@SrLPVoA$TDz%xd~HTWNwBmFD`oU9TW^
z?q7Us-Ecri21W*9-Fip*DpZ=75x1dcmxyE3OuK6V`1}&&ix8=es|52jZv4KkM!T8Y
z!k^%WvTv@f&^s>BgxQj1qI1fUjed~*nE7;^TB4&^(n$BbXg^JSm3Lg863mKiEA+X%
za47jZyi013^HHYM?5I^s9Zblaw07j9AJa<q!Lh%Opx1=f<q@$m5*)MVB`)6!Nw7p7
zBon1X<z+IxKcXTRxH}RZCceocfFdFyV#iURa%cXY40k%Ls*TQB?#g+7`rxtNS(oiJ
zx^<sBZw#(2dbdF4{CpJc6#r#IkJ@Ka=Lcr{bQ4-8b=w=MwTpLC0QvWiKu}Nek~M>@
z*Lh(oM2$gVi41mcC)9WT1mD?t5~;4i@KViDQag%ses)3~I5-ijwFYZnb#8D(2@{y8
z6vV3J%pGd6c#TR9N$OA9L3YNJ_j<leY*o9xWmv+G3)N<)t}>eKz3f$1a&pg2?u-cv
zXzeN~Ez^Hzvc9ydCM|z)Igyk(xz_DFsuRv=9!#Je!jD+$DGEa^a<N6HrIpkp<hYiv
z_`YujABIE+zvdNttQ@D(phGA)gnDRVPBwhP>MpaMt;{SC3X$Ui+mdU&gu=zp%|Yg~
zL<sYWoa}7L(lz<cvKSSY3&@{!WXdijU6@C?Mn)J^q%kFE7mU%nmhWZ!o}<h?KAdBX
z0@8Qw)~{B@Rg}`*XDZHOrm3NQ)ZABWJ+F=X@~5Zcv_$y%GYErVv>_8V2l7mK|62bY
z>Z%2VgG;#EduZV~lH*U<2d^A!_vn>2{YYQIJHA$`e;TRy_7P*1GE0=1O>i+szP%wQ
zIQwnB^IKg&-HX@(pEe70tW+$1!pOZxC^^$r3M8qBE^Ehc>7IQM<5LWCXlDFn8FJIg
zpk*&RTi7|=H`^N{#CfY<cJ5yMQCHtyo-m(NmMO0u%f^!Z`Hw^x_NWt4b+9sqh#vQ^
zZ%lc@G_)$uBq*OYnPDYyAL=D3WEyarJlmszmtS>q=Mk8Ox0bsw<kM0J6)#yE=*DG%
z%-p0;511sGkomwBvd#k`&cEGbjOkw7KmAIZKDuGXIvFbn0(-kqrjZG^pCxLJMOKR8
z+m!k$R;C_CE?AoDzWzHgG(;H<U}E`0od0}#a%Tkz!hATB5rX>g3h&mt5=b4`bD&5{
zD%&@5q}CR8)3G!MS6w6Yo-GdrN@vBhq1e)PsvRH|9N#|c<Zkv`@nABrbTK}_!#TO=
zRrh-b(*{7?<WlJAH%7zITDoY=AuIIc;%i17Huu=mw!f9wudc36F%GgMBgy5Cl`1C6
zev$!3#okw2Y<`wmq5WG{CLOO7`-4EGb}9MTX}oHDJc9`ml#Gz2qK+_O8l592b&R%s
z3l;9@qHlRB`ojSeQl`WP7{jm><bwH?Y)f~btyROZMRjARE>)eH^Y^Mrz-fN^3^H4#
z^?>Ui#+t2*WMLFhXk9%EnU}Gaw59!#(1d>f{x;%$dn%4tO<mbl@5DNC{;W%TPG0@g
zIQG3rLgCZJfZH2$hb+;e(RW|V@jn&_`~vPTa_;q(n-fELgEy`_Q!BevyVB4Wl|2hH
zzI<4OtV~qfs#gq{quRj%b`ZN)%2aA+`o@;QG0Eg|aQ9ogdLz|!>Mm*v-90K!rSpq+
zWXu@{Z9KhdL2>Ge<L#%ZmFxI}`%dRoZZ*^;1fRr8PB3i#fFs{UXEAJ(Z=_>P+&ZHE
zcWCwUmp(Z-M(rWS<@WF3bln2C#dqRPR7yA6Iqc<Y5f{pYBBx4?dT7yk0TO7YRNS)O
zu5FfTSjaKfrYuF%820sn;VCumUVZx?YOro8A=k|PU420hc9$oMhdyCo0B#A*qB%eo
zDyM7ndo@wUfKEFg8CjFf5U97E(wAg;wK=+~$A(MpXUqPh8Wts>S<l2ILRJSthQo;N
z>#aYQbZ)PRPF;Vb$G{fAkt%%b%*S1BuKV$W$(NqbG}>IQmcMhjJ7wa4j^>Q0XK^_C
z?~j3ysMVkmkgSY$SvKV>^qkThzND#vSP98<IMIl5*mW+CMhN17#iWoUe5Sg3%A$S;
zE@?{yK38IQqOxxuB?vi!fMmT}rGDx2dgZGyj79(GLef{T8I`lW54&Du(JxCR+GB)E
zyIxxb5<iJu&S4@sFDHD0*sFtA{;5~N6-s`TaP0lFF$vFB`UoH*gTW6C4D-9)%hxhh
zvTt{GHr9miG~S?BTu4y5``$-u_Zb)Q__5s$wgmOpZ?3HH4qNGgLwU-I0ZJ1(%Pm=G
zcn{f5rSrdk=tZj^-tniaFa$dNGbW<xq|nujGLmF}(zZz?O6bL$5%iLs4+*;J%`E!u
zk6S2ZTIoqG2C0g{uHOz(zPPjZcR}@Y7}=Gmb#3qHc^+np_U@Bdqf4r`)_8}{eK!g#
zZu_LZPUm@$Fc!LvQMwQ}aIe8y$;UV+R-(JTN#_YB4Z5gdUkEU`{tBr^9q~C9{7vE`
zdba3oWB<-YDuXIlT4}e;!aKn{KEob76Swkc<`c&EPl~Fy?r!EZm{{aY-K50nUVOxS
z%v%L($tq+HkkJl#-bC<i7y%JUp-H9ODqY(Jw+pU@7w69<hqGfo|4u-AsqJ-&frJd;
z;kFq6;-;>aZ;YP(meFz^E^JR34E`P4Ug|&e{VZe6FEI!)L{@V0xVaG*&nGdFa+&Wn
zxarT(!7+lotbf)14$RJZ&8Rt_Dc0S_DV|tm1LN8<AACfcNR($9XN72VUBRY>m3Q8<
z)zXauQ~Cbm;+GX)@MOg^7n3~IH`dhEMUlYLiU>F?lFKU|LH&xC)y(Tts-}>rM4<9H
zIa<9jaQ{4B-tL^vjf8a2G$AKiocpJ#L2eo!^^)xLn*8wLCmt@(2E`}B>>EcYxfUmd
zg|b|lTbl1a{Ls*_U$DOnV>Ka%M-~pXdIS<^l}{;TXTKPqAlwcBiK8bb2p%5c&@*5B
zvw6f%7WpidLnIajyU)b7(5-Vk0TLeLSpE->TZf0@znzi#kXOSa&8S=)F}$>8dHd9$
zMSA6yc)it_2ff+OAq^xjR2#ltUa!gg?DjZXUJ`F}gWP_+wh8eJ*D5jmd&pm}w8vF;
zPew9>r7Y{U#Sa!JCj?QJ>`R<j4V^ho61veNCp#wn$sX{3d=3RbZ{U3ql9zzAMGNcl
zfuz>TY!1GC-O(Yl_Y9B*{NTn>)z<2?e!}B*;#_GHYE0J(u`+;9fJp1z-fV2KrsQH1
zF4d=UljRd+u-%@KvKlm?F-V8{LrMy;<0Gn5^O4WX>Yz^a%bHT#+WaaZA;@|q19`Z)
zEbg8(;ti4%87Fl_=wz@u1FbHPHZ4$X{(vZ8MBu{(__5$r`w(7bYLK(=#vjxSkr6G2
zgcOlaMlHD%S!}9VG*)hs+xCPlj4=L0Dr&Ohh!l&Vq-P;7K7-m+{}wWjh)qDa^H`_i
zE<)&n(9x|AEKubTmOYc6H0I>AU7n=cy<x}t&Gnnx$*I!Ln99eK|D@%?|4a)fS(|Kw
z{NyyEU3#yk#yKD(r%5tUX;NnDQY;3TF?IWuGb0C`nQp{IVB!WpwRwVinG4G+IC%Sh
zt$Wm~7|ERrHSf7+zz^-hEcn^UT*bN4KR_;EbX~dsjj;tAhiF^emc3kA4aXI^qR#K(
zoPO7+En{eilh^BK&}2Kh(g}V4p~fc<-wX(fC-#SdKYBLh3Dm+J@vc%Rzib=y;CI@%
z`r>V~#1O^WOe;RxFl(GB+`t%r&RET`2iPUU&*Nl@=*|s@Nx5Z>2@XLLs-A!SqjPCa
zP?axRJ>o;q*lqS{AFNMSgVet*wx7Ry9j&>IuWp_sFY5Z*D1J*I!yz*s(h(Ra#qLV$
z<E8lNOVz~-D;(>e-;!l_cBFW|eg>tE?-2Aj*1kV_a_gE=kyTh;t5jCNuW9($cXZY<
z_lbrvQuh|xIWsdvIj7gcW$?ZHWXnq#NPO;0q!tDjJ$Y9`wel1UR(866PNBqa;S8aZ
zWYcmUx=QC$F-Yzz7u>7p09%(3#nj&-TsQD<FG&(uD!azJNO`~ZG1+nOXYcGm>llud
zQ<4!9b!X!mZ$?taugsv|WETZJ*6|^krSn>x8eTpHxz}u>X<NGv=fQCsKns5H|AH3&
z<_1HCkSV*D`L&bw(fRoHnq#;c{lf{`CH~B`cR&{XGbk=DZdhb8{Ie$6Vj9DW6(vO(
z#|_ak?x^F66&6a6LeoJ#^?O64bg~hPRCdN&s~V5b;#u#hy$;KfP4fzurO}KTJw=#@
znP(fJ!f%&Y#Fo{_k;7hH=Bzn0=H>i9=k`mLDrH>hj`%Wg3=QUH&11f^-1=>5pCUK7
zPcSKJ&7?5lWC{>VdVH35dkxtBDw#7a`%V+65O8P=+Y{j4j(W`NRmqkupH}~NF-N9G
zh<Vu^+0}669^J_$w6tczrq8#SCU}8lbS(H(uv%KGT*AI(&uz0*#&t42VehxdQRn5z
z<Cy3_oiBx2cE8WiruEK<0Ls)VP&;H*3Q{mF(Fv~S(Nu6E@dc*NY}@lxEuL~|pqJ~Y
z14<7Z&YuE7Wk%gP-MfzZ4M`I;9x`Dv)^bb3x;506W}L@KNfX;iPifU!ZKlPHNw;dX
zaomRd;<lTW()6M{S;pBNsV})qnEe%7D+!XNL!r8xTZ&dUQh!;oZMZatxh*1#?owxD
zq;6pnzy7GSyk%{$v^C=oLJk`988IDTDgs$oQw^->u~6-g_)livz_qLvofJ$t5pa-?
zs+`Ig;%PGQC@s&p-l)-k9ln!X@EdXDwgFfYo#iND@wN|xDTFL9Y7$xaUvhQ6ZT0Q{
z?gp}+J(9H&hIpxT2F>qoy(fAHdGBohU=g!2$c*Y3ivsU<?q6PHL3j?q40_pRdJr-K
zfj~%cp)b&a57F?T4yfX;pp&B2zRMA5BwXH$X+N}{o*t7QS^GV>M9Nw65gkAecMTWG
z*@uS*(W6&z$9>I5>?<Zs>N@n^c*Jel@tjE+%aUqoB6aJ7^DHo2B2Sk4-oSL-@J*D3
zok_+9fAMVG3ZGrL=JQdL<1>!yDYRL{pO8sWd>;Fx5>CRbY3k)$$H%PG2{Xz!wUmjQ
z!}SE0x|E6acf-8tL(emvT>r9;n$=-2d&;3`HCqbKHQ2;B;z^T8zGIzpX8XKB-$ae6
zH0V!})capq>Jj&Orv&0sr4G$<+;rX8_QZR@$2h!og?G-PDCbp<h+^8nBwga!1UQ8X
zthO9JAAVVy;N1qUy*Zr{F7@9(`y2J&1>LDG4is5VzKnUi%-@k3;>FttA%J{|;eCmN
zb#8!?5FOy4@GWBm5D_Y1J9tX3TBUN~WWfSdJB@Yu(QMgbjaba&AO!TjtFi+Ck9KgR
z<Q7G5Rj<fn_ce3x=Z3}1DfB7@?@@$teW9}!0@p*2A|X0tABDq{V80&WM1XdEMRO*p
zu&T28RkILZwdGCg)OO44W654MDvp)@JRX}&-+xLgl>NiP-|BJ=!eRWd2Op{HKzYch
zCct-cVIiqdTTYq}w$RAL1U_n@2TWYMqVu|pFDcjM`3;{k{_>wU{{<Q?+%v&IRf)k?
zR8-U}VBJ29M+11@@Z#8_iJ<l_<D@Da&<|(W`X5n2=p1eOOmKn5O?Y@X)%s^R+J}9e
zSCV(SH+-{!p&@ZkE6lLn^=;=+;0I?2KGBOO(3ki{{X-R+)MkIsN?EJoWrR^q!r7)t
z<E2C_)_>OQ^_ECdZn%;7>>I*Az{39*-v5H|pELiWy-8{eG!8*0mx!m5%NG9U&kQ3i
zc9RCfu8Ujh*j-J+|D68M^+)%1Z5bw9e0)VSd;1$>>VH-Kt9x{M+GoP{R_z-@CjKJz
zU(i1C_@BA+$6l&k2gdF&)&Jb}KM6flm<jz~naz1|Xwv^+{9oAqSM~pje84aEU!?x?
z(Eo4YSVJ5f!G~o7Pxg5JcVJh=ds_VCO%`VF<Bhe{o0q-Si#{#dN7-G2=Lx@6!V3om
zCXYtBRtXK>)~{Xo9$p{?`nRj~onC3{Nxi2xJ9izg!Eu)^ZO$H^Z#M4>?GGOOFD#z{
z8w0!cIt_3Q(|&Xx*ZrOkyRkNmcO6ud(<U~5yLi>UP61c6AT#j_)VCDetvF?d2H>Ey
z@_-{R9@XHWX{!OFh7TK<hc9al5%3Xxf<x-Be9;7sr5NG*O}#jmrqvFSWyJ{jr2<T=
z71_`LkaXi-uOS6nxoAQP`*$;$0YsklLc(h@!>%zT&d!F7!<+MR8<*FV3)!|!OXc$E
z@Z|-}PLw@!<`kh!!F9!M_x7ciJs@_ZYsWv(W(?XWl>odf16T#WLb~h;*#O=jJ&zq*
zggo}9x5J{mUpRU4tIzH^1}JrF0Bg%$QOhB#n{SC4jm-)CJT)Gt!_8jB6HOGdbqOzw
zM?G3mc&Ty&4~?*GL!pwc%ll9g?-xVFFwfKBp5{(mm(H&*-P9hvx(yu-)*L}!wTYSd
zB0EygemDER^0AHcoN`dGZJX4_amCxc6g&$Pq1dS2VwW;}yd7btCp`C9KdjUB8n<cg
ztLkcMD$Nm}K=s0KD}y(pD=rt8drVX~cIZ|HLXDN7{6H%UbYO*djQ(v4mq#8N<2%{n
zP+UC+cP0}02GLHH-TV1z*m~dbeiY6uzz5=K6Dy6!CB8=##cuCeJv{mC5fOJNdwZ&C
z1S$E`i^h((-?K7mRlPHP&^RwV3;>?#qBdqVvDwD?vE}B|m`0-w91+p|QNLm2`qB0P
zRQ`S%w;OC+RL2PKL&^{JhHAHU&!eNGg$^&G+aTE~eb}L_g4Yi^MvhVnATYCT{dD7b
zPbN(Z82Dy{lF<^lC>ne?%Px~)(Ki4TMQB99YrDs7^gNygqJ@$@W!6<WErXPHv3{ym
z`S=xBGa1EPqz0OBRYokWK7ZT+_<VP|d$350bg-)8T4DF{;8F@HB;^4H*q0O31bKxn
zvq?-pvf_Vub#5akx^OdvWZo~b0e|mVe8OVT%H2E>X>Ja3$qZNE9KKZuQc;kTkh39A
zHNXFTtV<ND-EWM$bJC>-i{!X=l|%_}x<Gmb0pGb8Bi1uFf1AIr^Ewf&x_K|1>?ybh
z@{benfphzM)Ro3q9W5%h5Ag_CHtthQdA;I$61_I|_o{H3<XimGpYxaM%NZ8hgRq&G
zAB*Dc%BnsMEsfypt~@?ISAz9(avnb~bCzaRR{Gzj*4yn((No|P!Y6Ury^;Ko3E`O^
zul5k7e?Gobz*^~e>RCB*kEHBmOgWsTKXSA-K7V^XsVK>@0yCIJY3ug>-Cmh=bv#`w
zs5PvVM#bkIs>u?E@_~r+1O7GuI~GeQ$;m58uU_I6N}&T+MW25M-yIq{5}0*96n$d&
zFiyU5-ie%dXt!h557!N7-;|Z(FzUR)Zx?_*IQ2?bUX^eo4MHM8!Ulqz#Vn*Ft00(?
z)sP;ueiIJ;D%C1#FHYS`u7drl?D^vfJgF?h##1FaB|N1tgf^L=Aw5cBxXQ@3Z2LFs
z!L|1`+vupBw-E3YYBt9bb4sbRhtJ`QL61pw+daKmC#^0sP68N5>b#zF<64IuZ<6}B
zYV&$zgXp{IT_PElg)o#mA*WFeWV%dL-yV|Y$+O=GlFa;Zg5}NQE0<-3_^Ttskcj%^
zVu5eYz;5T?`J8FI$|hc^n1Vaaf*!8Rz^7Km2f9<@xX2Bb(nc~OR`GsF$DMwgqa|~E
zM|!vF#8~yFuo7iFDk%-A#SljgNFjp`tkk~HF*CV2%jzW?zzH_8D-tN~Dx#GWJ3LZD
zr*p&48!L6ue@&;;q<Z6WWOx-O@AU*TeEM{^ns!8C=~#cgJvH!LK3Y>?)oE5Zh;rH-
z;R~5tIDR=2rPDg{iYJj{7=mAyx1gyLaFE}k%hG;{3A@Zht6}1I83H45(+PHh%dN_Z
z0%WC)13&GYc3)|25oGEQA=uo>^AOo!V=<`3bA-C4#l4peJb8zGLrkysc+y1NCWm88
z>4*rn28S#gF*X7f*<N308I2|pV^PZW%r)uJlRgbEmR_9!$2|(HtA6RhgR#$Br1jFb
zSVIA-i&~#BTdLP&tB>FS${optkJ|E$n-svk`{qjMXP`o>6`W&%|5Kj>$sbXLnhqbg
z^z;?;$BfzoY}<zVEk%d8`VC1A!X^Q8N!Ez@@z@#z6b!diY|~|_n`*8=G9i!}7_Hrw
za(jH^X(cH<ut?viYCG`}nrPn1;44O4PhNkj1$`u`?JS3)%-Z#i6kuda$!_ymGL6qJ
zq#Ukil*}yxpJtqlfg$nO^1jjOoUq`o^g9Vj?3^wl|1ZuW#P-}Ouh@o_BV~gi%1Pdx
zk8y=QOEOcc)bKe+L1L8MwWb`p9A3)z4TZC6t`ns^S?Sw*h}c&Q7;zg7_o<)}TE7$J
zC({cR?6Iy(XkOB>T+dWNa8g{u3I_&H=(dWQD@0q5i1o8gw^85p1T)lNqwn#gY`T+`
zwGOwGb5%-0dr|57ai&^kk5S(TGcg<NJ}2$|q12QC5JuZmdMv}Pww8T*W=2?FpY<yT
z^#Z5Re#qhxF>#Jm&BBRFyaP@Z&*}ob(amtuE-}QxvpT@(6@_C=8XbM>u%W3+<uuFl
zI590L!Np6B2y}O~qr_*2MWNudhkJkKFkyd4g@E{{^01Qt3X;}%T+3i$S4Y%_1(BtG
za%!%-OueD#|M2!zL2*QFn@I>E1Pc({J-EBOLvSD5-F5JwgS#iVyKB(Fb#Qmr!FBn*
zf46Ec_iC&9qI+tptGoJipXWXABkQTXDVwnEsTV8>%Xa;H)y5n+g#)B1){h>z)jTWb
zXJU(VDqw+y0Rfyq@TyU-VN(YlmL9TP$VRH!!0BaI2Q5A>ubj;C$gpoaUfyWxo3>q!
zT<mlaoyze&_UzcXW-D=K!o2;A5AA{(r)B%o=MGo@odVgR1*Z^RTly8d_Ti%wi{xZZ
z0~TzqSPTibS%D?q*5-MyG)VDoInQMx5!73EX20TNoo#8wCxG<fzFUT;m3|WRL668+
zz~G;eE9nHbj?I8DhY5LIlP%(Zp{9VyEvSyt8@}sJ7MqGU#GzRid%&xBEQXAE|HBIq
zg<5`i^Qc!ikdX6??C&4Kif$<tAkOYGO0_o-l{=}dc&#=&o!<4NY>3SF6c$oyIDVo9
zju`w(no!F%egFMEwRdc_jJi@A{5UL<%!ou)VM3Mng`SEtA3AH^wST;;RKDhw-rK*<
z!ua-6ZyqHsQ%l&ricrgK#>)mNT)YjZR!R>3q7dpWGoy}1&=J@-syp7mFL~vS1DqUv
zY<D3|rl+X$U|sFd{sfBaa1c18cqdOX5H_*>O3eH>ZOZ(^o@aozB1-6AZ{00zxi*fZ
zhYK5bL59ZyG$Nsm_I}1ZhuQpAxAe%~u<@Y9(FsdhDUL2u#t0fGA%{!^XiJ}ID+|}f
zRPgd;E{PO07M@~OJz_qZS93ZVN8oFxm~lPg#q_y>RidrsTK39H(%N+?BPSLD_sfrt
zR7&ns_VK+Y%J-KoHku-(m0a$q+3$~bukM&tkXxE!R`8>H&>Q2It#;F@e3;qb=SbPD
zWdTxX{Z?D?{M)_a9F=~0gTDX}9uGmVP!+{rRuXrzqLHTN##dRAH7jfjjTrnX7-Div
zK}{2=H<tH#Q8h;Dkt1-Kk*d11brFy)scwczE&Y($#_PYn)?0Yfkjd8^ew|70vf3ha
z+AZM|AD%(gn2?qv{WvT})0ES5^1E`ipAL{Iwp%KqoDjcI{l<b@h80s7mk6Pg;P;it
zX;4nek$)E(?q;B{SU51x^!3t;jSubK<coSHf;Sy#ViX^d7zbn0N7nWT*BqUm?vWMP
zIyPMA36o6{S+*!mp52g2!o4r=_4w@ggblrT4lPR(?Ri1NN1G~aL8~XLt;x*=n~8Sz
zo8Wr>sKmr`iPPkdf+!59yOX~;qEpCYRh2{eg$6U)_BA_hNJB2+c7ho<$5Yij%V)OZ
zn(KI@>Zdyp8|UMGBn(xH4KA!k_U)gGA78U9c&6u;BTlOqDyw#+7zPE!#IvhnVAi&I
z2LBnF*GO&Sin2=zb^oNRizjO~M&ae9Kea6QD7?YR&nqf-?_`Il34iqzxNN=McRP!3
zLHMuAS4#b!)b6%4iQ`+c>opF=lvaHg&h~W(je1hDvUaSjnH944MAy#t$_b4knWH3}
zuQB6t=W<`?YR1r@=Fo7t)si>3#oG>M{rSP!h$W(V*0_i55yrbTLP}bmvd9Ku)mZ&K
znWi=wYr4#dIpI{E>JSyW;I;8}RvNnCam66;&o*u2Ioh>cPM(CFEJk)U=>A#2<z=;;
zewdt^BB?%8=B#6GgSm{W{%^!mR>sd^`0OIjm9weu8w4?(G1IV-Eh{D2XLZOc0Ktzr
zk(JI*L*s+Q{Pe$jX1#GZW!o)QBo{;UAm#L=)XYhzH%KRy)aItje2W-QlM8$n0D$R!
z_i{60g^9@?^um(1tjrpx;r{DU7cjo(hN}9DuQt(bhMEr+cO=0+5wYUB;gtv9H3yN|
z&8?_r`xj*UCHb70?zLgI_{Q}#J8L+ym@X<COUk?TV-3Q}Q|*xuJ#Q_QcyS{q4%Z^Z
znv&L7$o=QJla8={GBTV{uG)_D`otf~&{E4+;olP%FvlaDHSXsewdh-erAq^g?@%<U
zB|bQqk6{H*C>hv(*eUI*z*ABZzLRLX*X<wee*>G5#B9ZCxtNq_n&|Lw_*qzCRd!B8
z^}+-)4hF3+N%*+n+T)M^YHL|RW9iM81lP1Eu{TU0^V$|QRX1OJFTF$^?#hxqy==oC
zRo_KzGnWT1_#MKt4hdih)@T1^A`?GU?8iGwtQntlPC>$Jsx^1Uz_FAzNwVE<=nwL1
zkIEcWW7Ff3KTH?JZdWlLLE*fuebGcGNO6l-Z^R1){kPN>+?(a2bbi1Z)o;W#_K)>n
z4wyX@=A0W|d4uA>*$aI6#6~!=>-Xk}L6%3Okixk0_Il=wSv6>M*IkisCJtR*e~F_|
zDk&FS?U`!O^5J$zHMQncO2_FYG6PROYWEL4JG>spI1iTTD!Mv;>Ut2=cWy1o3JK!X
zdfYwN%8XZBt--^m&jznN8}l9W^p>wbM<bb^8!|`zVtRV3u7CVN*#sgr_+z!`^LnAi
zWzBh-%S9jGw-t3AB~U<Y!+=0Gy;yI_AGiJ-zMF<O#iP0tI!0BOi#%Ia7CiQn9tJVu
zu>EN~p3_BYyzR**N-sA45>dU2W3$$py<2CNkg6l`Qqn>9cqNNTA8vTw|FpuZ(`&9j
zPSNE<z+Qmka~sNyZwu`2ML52HG1pH}Yfp}1rx<<fwf{;hAgpf>7x{X@D-*po(61u^
zSZ|T?z4j^P#NX{-;M(5iX%~Qpnh-5VC{veO_Z^b;G0hD>Gj@{LgDtg}84}tLCi=`O
z_isDg+!DnSH2lzmZjoS_aq2q>3pfNb^M_Ym1kQ3Rc|su(1bp^u6I(5Qq%{Wg`#MC9
zW}*U-Mv*Pk(+a%-4PwFI$?39f0>&Gh8r3<$FVC4YGQ@3H*zt%}>5bKF#_U#{Y<6<w
zH8xatge&IymiUJSyw&n+WY5csbm5F!2M=z9?6wqjMpR4lDbiuG`;am3di~Xj+At|Q
z`G39q{dB1qW8Db!D{a1ki3JE+?tAb8Km<!1PejW{YEY!n?4y?*dsY#P;YaZX`TKPQ
ziTSWsFZgBT?2YR~l}tX*_z_NR9N?_jbf8DJrQUNYBI3&G_|`Q_(A02#P&24wr{X^S
z`V^^ty;Vfm2r(r)8hYmfF;!A_%^<2PCH&sR6_UXy_qiP%vNz!H>_)2wFI{eb@N{tN
zsfIEL;7K7s;%r`@6+b@3E0@+AFSSj<X{$@=I{={sD(SuoNU(3)fF21vbx@p}Zg|R+
zS-9M*-mxTWB`$dL&baBQxxOqSto$6iZaDb!sEw4~K<<TR#1*Sn^Uq{-dBw}i@wz;W
zz5!K3QmNcGL%6XD+xmvai{3E!^?T9U6kpNVTQ6LNoIQyC@j@rP7{gGm^}=8R@7PMS
zYsONhrr89bdvUx*(azr16BoWg?|wFB=-V48xOQx%ZN2}t9otAlzwqr<%P0jn(%OrJ
zXfd#uLnOIZip0jwSyMq8S6nNKEpZmx(0&kP@R=nmR0Fze{~A=ClmuEbjiqQ+te|4x
z2#VyiceK-|KtPkZH~f=Qkwz;;y)LifjrTNPfEL#nko^}h-1P!;xtP(syg1a!PEBsl
z8`>|(ijDNE!2z>>eb(`IMN0u+P(pU%r`Ig&6(+s;TM{OZwgM`zH#O&y8XtH35GS;k
zdvT#})|mbIfe~6P;FIQUi`3_X*B#|;6>@$~+2O*AsmFVm_8So-KqcseT0|Hl`mg^r
zH)-e8@@)vH`Jim###aI42)r(xuU~1Ex3)%DRRnBZfnu{;<8`!Y;YwLkQ#89vph%el
zuJOa8KS}Forkd9xL-D2b`<^Klb?xo;2akTd@=<|A*Et>cpBXSiie?IGCsi{hwssnH
zJ6t1y)=pY+%EITz%VNP3B+fwo(+bW(O|FdJ%t>sGO?6FdarM)Bno;~e=#h+P=V0pB
zTZSHU$<=qx#MoDQrhnUmiz#o-DH7_=5CJ%k+HR<EEnlJ{W0cp|q)jxj+hVf!PD&DF
z+Vrf>`u3FK2pT}m5v!S9lmAMLZ%o9-3$7f<;&=AeN^a;7BPspHFr%}1#G$KT><R{x
zHRju<glh7@(p7Uy%Qj*0E7Dp{eUpnzq-4KWoPrDmhpx7y_Ga<&4xH!OzgZ`PMy+RT
zXl;Dia{z>oIobT;arhQK(RMowQ{k}JOaE!~ye~JQPArhIr1*}vo9ZxyyzX|PY~K?z
z0+3mGAfr8R&w)WviUA+wslMIE2&OQx@QjySG5J2ZemSkW{@hNMxKFn^;T(T}JsIF0
z41smN_nLB=vs<4i>=6@qd%=RNT5Ma4qnT9<7EF9Zwq>n*-9|uW=ZCEdn1#M_K2V)~
z0w|QHgHPIx<&M}+<X#c{q?aX^Pq%$;mpwD>PQ^ohF)hWn267`L$F`M5q`Mw-tzHLr
z;w`7W-4JOd{~COKS(ZZ1=qKu_JHYpmR=WS>G!Jn$_M@olywALUJ})k-Fgwib`W~m>
zABVI%`gBBVWe@renO__pi^gi+g}>_Ai_-!~PELUyd~R=yXy$Fr_Xj@h`Mi2N9W&Md
zcR!g)nnQ=_g6sor;r)JzWY1abSZYvJsqs9IZp=7ZsC}AWruup%tq^jyp3ldb1-V87
zrQ(m~6SedQiXX0MjQFRCwkT!V;E*2}&Io+F1Be#^MIA+u=?Uh;WTUrlQ)B-4=Wjcn
ze}IYN)k01CCrj&}eiDX#+fb5bwEs>OywyG1AwbC3ir0j8MEse03f20NqnNWc{#x!a
z?B4W=<z>~q*{d#z6@2`23`AMxL!>UstHi9t##e_1SqI2UEOH<&`KDK~PkX)a@iwW|
zagm1XNgpg|%N-rjw%=@M;vDw#)?hCU4O8dmZGV~adquZ)KT&^u`Q>SbkE*mQcmFlb
z!{xLJ8m#1fkBEeXl*#WMVLg^roXvsCD;P-_6`5v}3}27Q3v_pvgC#qZbO)gwU9=9A
zP%DrNGzHUpM?0N*@sfGL`AuXkCB^_$x9S{yfuGj1Izr9v3BxbNuN8`a%7mG3-}R2}
zxMxgSxHb<ECe%GM(nUy-F!E+V^0^|ck*D*Va%~qSd`2Y$mDT_dFBouHg7i3z!N^*k
zuBDZ+koBI5Nf#XS!r9GFLk4n%zm#3(srXN1BnofEj{`JYy8Rd@gGrUbazvhQtN~AJ
z)U+M{(K9}1R@?+*r`BdlmjzisT|{oYR!eoBa7#oqXj;J>`NW{V7LiASPw2x)2Apbs
zi1W@7`lkz&&v}w2zbE#sy3+pClx0XMl)}`j?om1^p85}gO~jw$APv05>-ym2X*yEl
zcnj|pIp1J3kN_8^JBk|9d6^(u0${v)5k`PaQf9xFyeR^Bb91uT7;pevx9GO_6Lk}Z
zZ|VvD+k)3nIA9>EvQ2eVf3Tp^F%XiKqM6+k>PSUG*!v*~+V$6`_v5%e-$Yshm8B<h
z#A@!}n_KzH_2%J#(^;|K;*QYHbhw+e{6xE6goT0SuxQ%+3FJTfzq-Fw))(XWR>y#9
z31paLbkcrfGNy3;h;4o4Q5X|tF;;2ewRs%^F0i=8EKpdksPSawfTJV_HPfWEuUL{z
z)&4p~CuC$x9J?@S$G1j@K(Q>ioFkUfMS6PT4}1%D3BrR)MyRuWZS3>wk{5c|7d|42
z{s5ae**o~FZEluJRpobfM)UK2OJ!vY!qbR}t7geQ&Jzf{%_moO-NF#=CGZ|BU+KT-
z1(NqAGwlg)V%t(#X))02t)mllk+MlxW@k~dQ0E9FL>g02t7bK$JVzPSd%!;_ayWF7
zU_UB2H=HsfzhSpbjY#Y3f%_xhug*1b7IvsF-_B&z0BpuQ1?`2g^Yu%vQ1hhIuT712
z-LHX;_gZ^vWw#L}fO_t)e-246y1466>>d9A;Q4%J2R23Q@DtoaPEF|b`!|ZC5!j`D
z<{ePREU2VwTCNX#njx!V^h1A)Awk4ndt$;R4^PNc^FuGeRhZ7Fq3|p5!7B3;<K^6=
zfYuN=Mf>WDH{b5cW0W}Z@C-QT`-wvXms$@2eRHCo6WC`OnY!c)+i60d595SeSQDEg
zu(Cht%FJ9{*~JgJ@w;yPVGa@CC+Lh<5Zr9x5Q>80Of*#3@B9+Ht5Jt+bC4w@9i;#~
z6ZRWjzFlGWVGlk8Nnq!w(C>@#`tG!FjkB>?**&$e>(yLkA!VT))h4$@@G%OeH%GJO
zB{Y;}9_WIIe0c^#B2M!s+ec?soew9hxd|FIUassI{Vj?1%Ol;h52IPUDS0T@!+G!0
zKt_*er|(7X!6(0=QnZ!gR}b9HP9*w1E&eM#G`rA(-#9j0zDX6~>nwsLu>xhmVE*pT
zq__Ue=R9nDfpRl+x2Dj$W(Z_goED44=^r?<(8~$UsJOH%aE^pz<fjiIe2)IWcSH$U
zmP34KfTFA(05K&U4BzT*iv{almHU3T@~0`%vXMnP=OlyMwUeB=f8PeY)CcUrNW@49
z38{nOL~@@^(){O#7o#puI;XpN)hV#m^sp(USP+%*F~9+J=2CKU+g>>cCU8ZaBg$u$
zr+mKAz_Ns);$m=aSMP8V4q~fPd#8%5`YtlSU7wtcJ&WD?)}hjnakHkT{$O*w(MY*z
zr4KJw_!hclh4c=7lOo$jPd=Twt`IxTHTg6F8R3qO7VE5Om+vxr52(b-_+(NhV!I`Y
zzkf|qgoc%e!Qvl#1<ex?51u<ZxaxDvnlB%=xW~c{i6brn|N8m7*8WZJTi|bgQ2=y#
zNNl%|sU~5>w;RE>Rdy-w#gQ|z5V@Oc9KG{pSb*-x=<m^Qy_XFpRr~=dA3~jShst>(
zN1%3ik5zUgyltSG&CneNy}^FTmtg}FCTz!6;O7z@H#GDlxfp9J9h1e0<3jXc^HWjd
zq+dvUn~w$P<qSg<Bn-(N@880t7b!xNk7+n2lmPY`9#b6dW0VVBTlkKU#dGM!<zp-b
z4Dbbpi(HV{n9y!#*;I=U|L$t8uj55bd|;B>3`}%kT&G!$U4JqpPhx7WaiG+iZ1~Q~
zrutH>88?uH%4l~?+%~*j!sme$N~d_5upSBC7Jrpuk}1yu?8W!jBjOgu40$P|AIAZW
z6U_!@t_H+}p2AK{>jt0fc;S#Cb$;h|ji-F0k^4=9QTLa5E-WFPZfIn^i*C<syO-}}
zMLUKxi*vaNYRzvo2mzOn-ivP|#AdIjVWwPav<Q5n7M(V~G*Y_rwbFIvug@k+rCTYy
z@_L7q4HGu^nqOk2$tzl=n`P<{*QA1y556g$yTcyj<8)85Q=LxP=RDA~o=3pYU&^g%
zS)AJs*@u_;H{kA{35J52IUKRsnIkRR-h<TKVcqm^I|6iRa3z|psW2M)qz|8l7i>Aw
zJRO|jBByDv9g9V~E&SAYEE@>^I#1c-n5sPU-Rc3KeVMdz#198B10T;I@qkuT6k<zn
z>WHzOGa<qL8dP#j+ntR77|40qZd(PM=Zb6ceIl0~=>9`EKh98j7c(ZVGYhR7EtrhE
z5jSf`RANBjHg)IVeZ{siHY*JSH_vCzk)x2p>HdUUdFILj@9snGRq7u`V!w-@dLnXP
zX#5NYG|7UVL#|Uj+*Y!Qi52CWZX3`91@D_p5On5G%|=O3GiRw<Je(RsOgF<p9$!5j
zOgW{G6%8*R<90vXW~<~E>`%{L@=rNK4|5#QA+44eIBjcR@<c+e0bh6(;x(ItX2A2Y
zYR-r#21MRMJ@Ilp5)}UfMEz45xAD?mzy|(5cTW0cPu7)tu)5x0N^}^QuJ%Zja^A8r
z#4}oaU(hHn*Du=aX$pg;_{{bRdx$>{i-Xbjz>v+4v11Uk-!(sZ!bjYfn_UmTm({8}
zcWLyOl*0~lUgZ&1TP~#$eUreY*?)<qXt8eb-G`@AA2WA5GaUWMbh|?0J9qvNv+kqd
zHfESPx<ODx$)9#|rA;X4JrI4}^6d61Q<=#xHah*AJaKkvZEYZKX;#&ado<rUF|*p!
zL~RyYUK8C9-LJNq5MNqKFRq|7S>Ck1UgMTnIH?MwEibs-bFJO?5%-Y5Fy>%?80j>1
zRHfl0LU97he$oHk|I584sj)D!d}w6PNdraR8+u>WMYq)!q+#*;`n_iTIRv&Wnw4is
zQQi*M+g?D#=u1j6%){mhw<A`=BL?@TpV7;vgv2b3#9F(swc93?%X8W%JX?uBB#r}<
zVf>Fb1fdh20$VQ=S;D>Ql+<s+g(+ep_jC~^0-dacXF6<-Nf>&FOZts-$`y#7ChhG2
zGf3&SM-`{+nA)j?1iWLYakAvvKkM2gU<9jE{PNwwiSUnH4wXq|Jx0jAayR^Vftc_e
zW9*0(B}wu@!FGg<!H;!2Z!EuR^jpW|pSy7er@502?NeM*<4$8$`wdetY)^`$(`!;%
zWk&&B^x!ri2RExU^d@bye90Fkr8230^ph9dc>*5lM4YuEQz~V%s~cR|-MS&=SY8=j
z4xZ@DOG-CXsN}U9)rJr~biU|&rxQJa;u8~&>+_^na$<2y=D|TP+njh`6Y5Ea4^dQi
zaO)eKReYY5zBiKP6$KtmndJ##j|rrjj5ZFkdaB6=quaI=(0}^WCvN(UBB|*CyXp)F
z))6(BURy*jBjnF~R0ADK%qHZN$^t|w;hj^>z#V_mpiylVXh;g$6DAWhBd{VBV9BI6
z*ZGAfXAz=b+d-GsERQuMUtB^vzOU>q_$4SL507=QxGjAAB4i}$^x)*9$g{eYb5GdV
z`rz@Dql82Vj>_@HCwoG+>9v<{F_n?|sb7z(1jKp&ZVjKw<T_jbYV!m?gbcT1qYWQ<
z&J_)qq;FUrzt{WYq`)`P=WbriO~aM5d1$iijI5!}7k4<SmUiAyPv%3HyJ*_|?%=7A
zvoTRS&IV&7rXVp}E!-jdASH`5`!}E_L9ILJs@wv3%{N%@EhPP9*M`e02tFtvTc=2?
zYmcq<vJr)_0J_8uNg=PxeGI;$koQ|=-lLP+8JPKqd;D#vWUY7dp1gETVGhf7duW8=
z$~bqy>k8R;+t?+0b)a@ow^d)Dz{8ho-5rFU-|8Kg+TL*vOD4T8In^Ya=xK&)vpk&J
ztm}(C&-yG%)-tm1_^3{l<*JpR0@+GKmSFBSAn!nuVAi#KV#220H~1%I+pYY1b;=Um
z)GqX8^r$muF7!p=44>BgVHmAa(Bt=-iP42879PtUdN!cDSX5qt3EQ$9qGtA8&jr-Y
zX`cwa9LkE^5o6r9*(W}if)t1;UFkvF3{-1zEP1do1`3_+Rl%FJN%{6X;DzAufTt*%
zh1wh}MqFtr?d}`Ha~CEVqnDehL*}An&{ft!h>lbwKxDPS4wBByFt1ieZcD(=A7x_p
z-WwCjJ>F8soOl53ltO<d@F%dXwT{&>^Rh;*uL-;KeY5Mr-I8}GKRh?zi29b|95z~P
zL36a^fxfc;3RoIHC1;^Y@t)uv)b317f8oT&&iVI;VD~8qqdbgO_?W_EXA>hiq-v)p
zi;ykv1z$f)#OKluu+}BBQ?C11k0#v2iCN?1UW5i>2?A;!gY60Pxdb9w5PG;4*o7zi
zjwO=8SXa~JWdCXSPl1~$E%`bUip8P#W^<fAtWP@1kxiEa7XAC|j_s5gT6LWiK9<<b
zw4_=;noyIpNBUiB#L5LCr9b&t&81MGYdGMes35*HmB_`I7<ynM>@yNKJYs7nL`D`c
zlc$tRZhr*th@y4DZ@XBd_*Nx^&_9f(@rMSV05g{}rNnNuKz4!($6w3pQlM>u^gEOM
z^ykjb=PLrFn7?aCsl!cWla*?Zzp1Arc<&!+c3OPg+?3V)j@cbxjp6`DSrQ#nVDjR)
zLI{&`q*3Rv`3aLzOGs0UN2Bcv{O1$4?1j;IaRkj~1A$1g>E`LFAW&$Ct?6hEls)bk
z_g553bs0+(H$v}M9j=sx`i5&Odafv-4MT+ST$7;~gT8{35&0$iJ~sXd`QvfdFV9j8
zEY^FydZIEzahq>X4ESVpbP?r&YUSE$QUJ3rPZ`-p4HlYs%o$`&0HY~>GTxHJqHVy%
zAy-YIe?}H=AmO^e=#p_0)4_mdiry%&p-*bW(#eSICj+gisSV3KAtLLdmZH)WGkKxr
zmvg18uK4<PQWh2UU%r1(6W-fpR9Iz$G>b8`{vt2!X?@jNHn#Xes18nlJ0lMA>1bq}
zho}dQE^B?3GRBnvHPOuQ{RaDn!<+<$_o3>w+gm?>(ii+GPK68>K=An#=ZEOaH3`Md
zZfRr?)Z;bVgZ6RZ-%M!5#jPhjD6-iIiAfD93QT{CRnq1DwFafR@VgIc-y&TeYVGXp
z#V2IR0}icPU0IOFXpiQ1zQ-jBi;KgT(2|yLPlxm)c~G<}*qe&`v^zD`5%Wiv$Dez!
zY)ZIgJakqD2SaRVWFn<T8UEI|$7_tiJ#3q6UCX!Lr;aCJKu&D-x7#z<0WvnvRs$42
ze5<1N@^r%WQ5BW6xLbz8e^jiF{h19a_mdX)qB#})B0%nVJ}s;+L0?eao*r1vwv`~`
zS;@S4*J>$P9gql7m644c92_jXOpB<Y3Vk?PCU2D_UyG-okdh6f;9$?0jwiihVb#*}
zPLw9fqz)&oIwB_ItIt}L-MSKs82J_!MV)^+g=ey64s_0uH(ewz+*JW+OL+lMGpxU9
zd7n{#1Wv#`ZDr#d=-I&%D4xfnc7ci)G}V(5-*FcBl~vv)vz*dL_>(=k*@d&0F)Rig
zAt|1B@u((_cH!+fAc6)rk=W1I92K=2E0B+a>9#&@bdYOz7kMbo62Il@Q`0T#t`<9@
zT(hV3g&hIBBR8MQvXT@BvW9s)01&FpIhYPnt#w8ilvglbZKPe$MYHFbh>y<{u@hz(
z8luK;Weqk_s-d6=AAr*i9B8xqRsBlN!%0Fo^OgN_Xqb;xOYN>?G>ojQICDBvgk{=D
zdetc^dHeXMj^9@l18m#8KPE2_Zc6zm_^4HFRmB*U*3F;lqE!85rA59BBYa)IM$3!&
zyj%c*fHi@Ogr{ngS!Z7jW@c&2cdxD3w9LWuba{xXjS+;qyER^ICBwzZ&KWim>zy#3
zB59|94DT41c=AS=*E_*0Fs@dpQdh>$rk)6aur}zxl#ekK>g<9Ad}5AP#GE3Ahva3A
zdP{gUU1EmDC;n=&V}PQQF_oA3Ue}!3?+;r&{PTBfeqijQxAA3U#H?*htriqZaSP0t
zj8>hYaUL_`1ItMVi>%Fuw#02(1%~BXC8?w%v_wR-kv&_uP0R}t)Bv(oR-m!NAu+L{
z*qj_iH+9?^_;ASjSvRex=Zt5_{etE+RQ9J%lB}E+$-d6hWrv?b3$Q*Ubq6uxYDQ|b
zqR?|8WLJ$<s|Ew{h&*t~y(;f$6y;t7sHuF0oui!s-r7yF;QzqFXlFxJ-~qGu;lDgw
zV7$Ia5rMfub<W>7M>@CgCi0Z<xHw@6HEqxr{sb=sfgF@jt#=aM%dq}pXn($>c`X?<
zdM4M{#vwKim0dk0g*a3xbj`%@2&oY*Bz$Nx&oq8yxGxyDV=bb$R3q8G4&-38&S8{1
zZtAN`VT?xf&12FMf{22|%qI{I^wPU8Dnvm>W)&y_qyM5bnmS}kv;90oNQHZodPTpN
zzb4~vDZq)|J%Jp<RKmJ#9x-oe>SPosodAP#!9`y@5Q2@5({JK>nQSu4%)&NUtRBkk
zVMB-f-ko~s`;6I!mv-k#LA7-0c&(0*kbqtcRx4IjDQM!kd;+FY7DcNOZ*=E#k~|dZ
z^V)FyUi(VfVxwupVCwrWDMu0dupO-Zz~SsO{jQE`w#D{a0hkfkhrr<|%WqtLzGsen
zB>8;^%lC^LKE4Bua`p2#4)l?NcImy7XiP(=&br;**rdsvMt{H4^kmg*QUmi*?h#%>
zB2)>FF4bjQPEKK~R%hz?TCP~)fC#tOz%_Jj(u6JjvcuN-6#L~R2y{F;*v`0-#B>x0
zcFepyRJNuPv0s9=mKTRSd0uXDi<U~i^Ta$-RiiGh`VqVyzc4Qq;5_XM@d}J?Y<$<w
zN+KSaBv8k&Gt=DPGbRtkiJToPlHx#+2#UHJBy=f7_0n(OP+R}5-oyx*m;VA|SCtb3
z&7ChjIP~lunGeFQP$;C{&ro151tDznpnt?UF^(x7XWR>)gJXT{1XPKZ;h@|IM~(Yy
ze9168n!RHYB7ToN#=*fgRW=t7Q9OIQ*q{Y;9*LV)6SvrE;!jK7iQjrN<H<KuP<`o$
zhOgkLN8-uDP?=D3lHp)E+~!w^#Ho`H6uN+(Cm$l*I!8Kt@s?Y#;UXfxsjkmh;vAey
zvRC#ZY$Pz@B+Xk-SY&K)nN$4ZwaZA7u24wZtHs5^$2T|_!&b2Or)DV(cl?qBUGIaa
z5~=42xMV+)Q<;?o;gpFW-&Y@rLPv?WnG{%fSc0|7dX1(p&3Zt+cJK|q*Y^kB9ZPEN
z20rJQXpA@b`&q5~)Dq>{Wg_rG2iF|F!TTl)(0OOcfsn6`#8L8$wRPizS8bFCXX{fz
z%`YqpWognCUIP!s2n2O$y6Qo-mF~vB>94VOA*qz;J52ISYztK&4Le4ExS**p>my<V
zR-BqvA0j$Q?j{J$7q~B}lWFiD?t_d++L(uJr=U9nBxuT|I4qupcT@j5x9E^vk5h-v
z9skVB=PD`2uy?<f&Tij6R^wh<n4i?CoA*udnstP9&v#tkb_nM+`ED(=77g@la>}Kz
zMRzcOyi|&-S}V-T6;Q5Rh;BXju~mak24xGkJnpXVEzJ~tNi!I4i2nzCF~)md!InAI
z4$(5?y{ZeoMFsl@z0Z3V7GBXroAj&4DK3I%-Mx%4;=F@nw0C~Yr<OizJr(<8Uj^fA
zHg~dRdW@hg&pprK0(93LXJi5bA;2a-A)|D~iJLlGO_=AH{RZoIVTz)W88yEbuW;kv
zj2~6&!(n*;rA_&k?D$JQ>`iPrK-U!=mO&PY_WZEI_x*7cUO9q$;$7c1XXHu=TM6$r
zt}Y^fTyS~36bAtslA7>al_Xp^{#&;H9~S%n6Gi?1%byR{|HDK0??#H<vT8Tw^uI~>
z#9_P=0YV#Z#^+scrBc};e)l=8frd%M-9ie1{-1|%#F+OpF)%PR=H<q@;eTQea`%2j
zriz6ixp$u5vG%8IAM5fRpMmwJOz)n5RaG7y9#&SCR+b!PpD_o(%NYbRexzjj&(0_G
z)PJ98S((x^Gk@fEeSJUpzkYw;?Zc_7tD~i2!o|V)`_Ao1PEM}+^sOU4{om)2a#qS;
zC&3`wkKJ#>_30kgpAra|qNw9)Ecw!QtOC3KKJV}EYp5HL(@J=C06t_XG?ja}yEp0L
zUCA}Wzv;D?l^vt-S@)P0nz^{B3SD%OXHl-DJG`G`Grn}z%FD~k#B6cFoN1F5AImdB
zSG<!l`x)xsDJYX!v!xEI*RBwA)`vCmm$G`l0~a&T&DAz{P)rQM*VmMSnLZu#)DwUB
zK9s}b<0rgms)ULkEx6Be=+Dp{K@N__t50O_&e<y~EAt<;nByUzDK*Wqm;<oMlVm7}
z@28(AnJ(u{;P&3$jTlD#W;-Vsd&;@6=<2KdS28$zG`O(gB-W#mVH5?o5K1mqiJugQ
zq_VZNZ&{aE4z`}n5BhRW_Q4z}7$BHD)1!GOP{2c#P%j_R?geK^m#6`GA0rh5BWDZ8
z&I_SkkNiE+3=TR&$kIkTg56elcoQWraWfbB43ET@Cv5CAgEQ9Sw6rvJgT1mFy-ba<
zzOSbh6>OYM)0|u(zUnPh0r4Uu*YzSJ-%_ebnBEl~7?MW_PlV9XBgpmL%~X+pJxN&%
z5JvRi$66E;($9yE$Oj-|RLSH7-Di5a<HCbu3&~sQ`n&7ADf+>z0^4wq%M!d-tG4Hp
zI`#7EM540#(ftow1TU&qHrji{?cSGbl#<l!hZkQ<RnhBfq}*BAwSDN$>Iz$)=nG<W
zNy_pay5~20@y;$C055m$;GZ1nitOM2oFpbLgot{(#P`c>F0g><PoLNjM*k=s9Gv0_
z7v((6vb0iT06U0W!(Y2e*d8rg?id>=9&^=VXeaLerl+f4_cf2Me@kJmW`W6jHzFr_
zEc4&oHT&-)U)(?+Zwse-A2cWbR-W$UV(J}Uh1l8@O_}*Q@2UjLa<<flR3h{n@^ZYJ
zPJr1Neqb?svJxzmt@Gocq9RVzORAwN8{^wm{3@pzYMLr>#xgou-A)!^+UUI$0!7ku
z6j0}=iMtPZoDy^2KtCEfhQf6xwEggSe{QNn#<xD6NYTay-y1oL_{|g!?I2OGUB+d@
zt<lS)nx8FV=Nfmw6(Qi~KtQAVtn|`d3OvF}NJ1TgFUjSK46Qgjd+&4A(LBD_4Yp~F
z?}i%q19S#`hvJ;{%!o1%w}!E6im0HIGtE3qiU)k`OF*<X0W4JL*blPv-$`iWe*U9=
zq+_Q;?S%0#d}DuGM!k<K+>N?2S}M-@hF-^_a3}7t<+xfk{cyI54|9sd=b_pYrft7*
zljH9xFlt>g)+XoBC+;Q5E;U)3IKDPOB^DxyhK^TuAcyD}?%n)aoH|9#@BG%2nmvmc
z>wElp)6v`W7yF>%`QGdJxy)i@n-L6I8Z2x6NC;lX%Fg4R1G-($Tk3eK1M>!p3K?<p
z|2z`^!LwCG3!c)i&g{L8%W4o-uK_ih0k9efgveT&E~JiTR(K-^im8d^EEVD9k8*2{
zl10V*oaHUnrCp*?W$a_~<K5lZMUFZzLp^(jVUBbBU@$CRFd9N-dt7f-P>H(J!TWcP
ziHwc<v@EF+PBPIaua*Vj^|k2khyLR4cTcWxETXu(YtnH%&J6-!{P>Xcxc#!6(5T^;
zqWv_rgN$@+a}xv25<kQ!^%w{%JNNi~A2~XWxIPuzfh+ES#BVcE{h}l%)<MMEuz1dQ
zDXPd{b0?X|$)cH`Y%yQQ@`~A8O%vW<y7<d$3SdkNir`F=Gx8IXS+kd<(`}FE_<P=9
zIIZC1+*|U`JNkuIPiN{IlKF`<W2pOE0QB|T(n}>|`SI<a-#X3}LM<2eQI9*`OYxa9
z2^#~XD*s$?G&aHKdnEhu1w8k^nQOQ{PoC;=AM`s}0EsCjCZ*EA4*_IiFBW>d>1Duo
z%g*#V#VaN2S+<?kJvRVMsWcMJR1WMao-n&WxR>(pK{L6ylyWB5IX;SAM}{miD+o=J
z@_s5`-ajstB}=kZ0;TLUF~Pd(+8#*oLG!oMNj$fZmTmV|smI#P&K!t6J~ptnJ(0Ex
zEoAYLU6c2>@?43;vX*FS29B?}Y}|+UwAAiEhG>QZ&hvH4pI$y8=cA+^Q`0fmS_N~&
zH{ok#l#s8LYT4)lU)Q6+8_hk(umm~jCN@5SL+}_XrNS)s;?VQG%lcbI(mM&0=VNn$
z=|yed@CNJAFdm1%r@OP*=H77j<5Q1|+?0nF9Fy`WL=f@SwBiIYZ44>VO&`~^nY;WK
z0gg9?e^Wn>c&Jim6`2bsS^0_wy`5wRI<G*Ov#Ak7L-4-=(p0D!ER|?_*oGq1R9+<8
zn(WN|*X36rKxjQbotxz5RHFLC=(PwT`dbda_Q?p_bO@krq4JY*XgpO}YNQuwqxIjD
zoT-nS^TSA>&S}rRE2o72%p8FK%p9aaP=@z$|1H(Sx)#Ry+*b_0vbX}z0ijb|Q5M77
z*oezv=lkn&2YdvNoNH6WW+fKBJR%hvUt(C8X101e$=##y3O?Q9&SvlB@k9OWe%udK
zX%Eexyn%Ths<Q(Q>$1q=;?6r4!Xj=S+jy9YYR61<Gw46~TV;OzAzFTU;dVMjecARJ
zXtiqbaiQ{+0Z2heBJ|yuSnm}6x<(WE%{jk0{FqbE;L1^#SJc3ZsmvsMI0O1NyTU8#
z$Tlu;JN#_$U%S=N6|BJ%TtBrz0g<s+VV;7LK?rbCJWk0l@Ji&XberP0KvFW&uSiIg
zTt=K2V=!{oA)X#LOag12!ROpP;d)BC(q$&fyb9w%w860NzFXf%3*aaQBZi(&Qc|jv
z46enGv%KHX`5&-qni@#F-he!9OL4}x%e-)t$4lYP%fZgSKB*BHyL8Zy4UHh)0R=B=
z9|h*D$D~^C`RVoeRrmP!7S?9kaj-cbbq`?9Ar&XcP6Kn)v84*^@1Mt+8x}al<Jo&c
zppdyaOla=*Vw*V@NkHdkv9sLTLk!NClfLe0G!%WmO7po`zhfrJGprfq6lq->G%yPJ
zX4hCobH{#*qc7vfWxlWST;d~><nk>;<k_tX*47=QWnx>~=;2Y(WGrr+6IPFh)+Ial
zl~T_y&*97N+51_>2WlNF+_)1Q=R$52l$&ku0awt1FTRX;??9nTqmqRiSC-bAZjAH0
z!wxDL!9@7wlF&f`OW|y9zP{i<w2)t5P_LAHSwR^|iUFg>E{=Duk(=X*)Q`5RJr)5D
zg{2m*9u(ljLf_{CL41;DA(|JmyhMRc35P!{5{*xe7bie3Rc+j9M${CS;2Ajdg@%1f
zOLufl+qMkOF?l}qCD58@U<weONKnV7qP=HHO`Y7Fe}C2Q=?|YDLTJO=P|LKsMB5Q}
zgUV({711WMWQiqFVG~K#LNhr-4!4kvCO+8xi-BR~ftJH33i~IIxD*)^|0<CL(u@R7
zOPp+@;+8=EOI~jGGjb9~$rjfKQg1gZN6o27TSA>hzq2p%6X)i~>WW*6YlT2%Nq1u$
z(!0qEhfje<&2dUGUe##{-alS=9TK_x^xJ*5rK^sN-OM7=N0+7AI+tOjcw8gr4B64i
z2*`8fj6!pWNd8{tt2GT3wfP<CS$+e_DOAGC@fbU;b$ygmRAl6*QN5CDe<4r(M0OX;
zThBkyGqWXlsmRx}3k`LwuOU8DXNJ8)sWpqrLi<qQuqTAA1kO>u-SOV?sc=AE7L}Mn
zU||HK;W}p)#hjxa-V<cFukGC&8|ltxpnmU&ImS}lX!pf<I@`T0yz=I-Ul6&jDO+iG
z!oH&i@G+F^4FDK9xSt#^C0PD4%r%Fe6^gP?JaPZM;m<OSkw#n^mcYZ)?QnCrcVYR>
zKH&*SmM@1=>H<Xui~YKzR+ksI>XT^Q?VVjTm@wUZe{>#Fvd<AX<9X-a;ge8Q1k)-R
z_GLB?_j+qM0O}&{by^@;>;G(m2->2l$jT^ht+B33M&!+c#?0IZ+WHprzpF2M#H+9N
zx80qq%e}+zVE&dAhemer_+nI8s%DRfh%}FDsIWXrcy_d=jSDFkO~Ap05Z!#$wt)<0
zuW^U&B1S;asszWPJ%!nulCOuZ%-aHa(5h{_7c_aVQGrK4`Dd$1xMUBoaF<nR@i>=|
zoTB?nr2j~}#m|4UqxfBe9V;!)N#CoYJo<7reTUf_b#%Vho`0UL%4n{0W^HtADjw|u
zrKKTlMzH!`36WzS(=Va|{hg`MYXG+Wrz>7G_F~m*^zpSJX4$JUW^ZTMHuDwWIg0f9
zcphX4n#V1i@!64-3w4)1>wUFv(+tKPa{)kem1bWCc(~t0hAFSw0ZRQz4s=<-uxJGE
zkSVRk`6|_bI~l5mOz}v2;OQfM#0rBGizQt0aeHDXro*EU8>TwpO8Zmn)4b8cI7h&K
z!^GllbM`siC+ez--NYuGSE`&}8V;fK!`L9TYrdN+Lq3jF=N$lb|GcrLz1c`~F}d9u
zBPp3Hl{E*f<A%YH3<A9t72Oy&vj9aRn7o_gF=;NR=+P6G@v|7iyaHMjT73t4OWF)R
zk!F|EPpFlc9+azpN`*|U0u-eXQyAW5yag{d9QumaX+NA;2sg~l6)dJ5l~owGHmlP%
z&=oB)+e{vEY%Y;^Az9%3lbGHqGZ<7jg}5KBNVK$gpU@PYj1-yF-NtpP?RK?>wR*_h
zFE<v^NqsUM7jPw2ROp!r_iQc|cZPQnJa`tiP+wrsR3B}a$xP;z?ABZUxuKXV2ry7V
zmlWpgmxfCshsa^uXuTRUIDu9VVi!3W*d?=8j>Mf`21n$T-z&#_))7S6w+5*DY0)Op
z&(qUW$n30=l9I5R8b%eMBYpyr{1?mREm`WxzmsP;HiB6(FPne#I~=wXtd}+Qdxy*L
zzS%YuB$L^b(BJjyg8l2gSp=vxeFI_+SLz%`LrTi%r(vCGF>Y?jrQmsKxg~H78Qj8|
zK{Rxnx7}0CAL=DZs8J6!l<3zIl+CT$k9DUAd~-qko3GZ(cwXoM&>cP=kZa^#-rhNy
zsF^7Wzi~52aHmtVO=$Py1cTJ&HO$f9c|$*b{D@8W`NX+=Q||t)sM9>+3H40uq^0LN
z1{ln}R7-Zrbd>XkVr<L3@LGh?<TTuZaT*|bz`%1O2;DA^pqf{RO{~u$gL9*HsU+D{
zXYkbM)!P0pk|wfzVu7$}t%2@N8+3kW19r+ohkuH8^sq;q!^~(&y20;2s~+>wdKms(
z!8N%h1f23RPZDb8y(5k0Q2#8JMOMX>Qx0<ZR(7Ohxg74?)H_9$O5`;1lW};{qaABb
z!4bm2F|GNQ8J{b{LbygrGMF`6#_7af7BU*Cbn+FM?57>029Zhpfpw7eq^X3fQ)&<5
zQ8$MIthNzBww$Oj;kcOsANBc$-`gE`#2IDnuosp6TBm7F7Az-J|H{rRlNbJW;oXjy
z=A6`elz*t=)Y$4z@R->+U)iCN#Ee9J1NVHL6?GSCP=U_p*;8Dzfn{zY)UZ_vqO)C2
z)=5pFe}(J|wlTZcC3!aMd(jh(29<!Q{^8@#Ko!9&-}bbH54>)f^c)x7EkZ|FEfGF`
zO}Y;Szc@Vll^*txsN8IfXDH22PC3wklu>Y0&zc?GS^2%-#f<O2UnH!Rv)!kEr3TIp
z=v~W=Ppds4qR?6wj0*5&WjQ*zQf^Lu%p4`~_%$uI>uQR~aL|(c#=+Zj^OKf?qVVe4
zg^T0tud2(@{ra1{<ZYJNTqP@bx(Bf-RxBO7^DiPT#-&kJcc5nl-<**sP(<`=q|DA)
zuT|?(+1Ki4<dlD3qqF#Au8}2eGErjRuF2OIJ+8`Y6W$*D-Z+5`4>onW;!d`lt`D3w
znhn_}$*8aMj4GLn1fV=?x+DxOn<m}f-??VK59@DPR|ve0P7b8@8|Ggk#<z~ndV)B=
z>FFstLN7K%)M=}}ouL!8WvE1~0Cfo*E<yVhpCxoSs~KPD-}Y1Bqt6igSWj3AJUMGr
zm&V?$QH!|gk!Jf<Rn;Bm=0C}%2q6>kN{hG<H>wjRvZ1^x@oTlbF~{3uMP-3@`*wHD
z_%fcF{-x0L=2WQs`}vj=JrYCEC88s1+PwA92=Ua9ZbW1<&V0+@d#-JzXJTR!GBu?@
z`!NJBTpL05G0uo8j`;BAc>W9CU6d#7=^G8oo5*8bVs;E;Qvt`3yD9yJMm-EG^gPX~
zjIyT}Z9Z0~el~yGwkGX)j#<EhR|@1pb)d>HriP>2=@k>$?t&cLVqk_REUH7>v~_wZ
z7~d0_5{2(lW8yuHGc4mIeYNN>+CvZM8t(0$4!S<F6F88R3SX7mX|Rz|xvQ~@L=pVa
zRS1>GcnTzy9+RV5T1Kk!C%?kb13DeEP%#utbCjF<+GV>x`ZAoLfJYcpS3)qCbZ}cR
z_q&(I0)DVx$K#$w=r0hi-Lfa_oce1>@kMorLd^6BoU-@@6Cv?vo5Blc2y!pa2)(Df
zT=vx@mk@fHtL!cF&WPqje41?hft97KGDTUBY(JEghB7IsA<APJK0N%!xaa2Bt#)uG
zk4t*|qr&^hI%Kr=?srVSq;0(w2cp1(TAe10%}vEUrU|rpmo2QkdNZ0%izNW)$Bj5e
z{y${^?o+GJ@jId)%h~TX$CETOvtZsa;-8|f$V^@t0vTe@10^IqduwXOsz14V6u_Vk
z-37d`f(mr385v7!JJP3D>GHABMc1aV=v%b+2z4hK_L$C2bvr_YzR`#8_5jXm^ARuP
zRSyw+MaHJ>(*?8)5z{kR^{PAKw%UxEP9uCezCn-53)Awbj*NL{dMI}RXKr;YMjlqw
zirlr?s-LFQ&NTYcmyp8}Mhd4gq-^+<pA3w<XE%|$E!X@g7%!}K-^iLO<)<DHKk1c!
z6|nybN*;S(9m4g!c+A-S9X&lllG+k{*{&k1I0mE3kwHdF&z#~k*pl|oy^*&$Lr=_b
z4n~2HS4Lb?uz_1+(V#J?eaVgTi+&C5V0MFbMc9&a@-duojhczsHqKC_9evcDJGC)5
z^r_$ez_!$If`hd&$3yBd?biya+Z4x5fc_rkU^~Ht74!o`CVyaF6q2O!754nt6*Ch}
z$LP}A%D*J@--wEGOniI;*DJgbn6VQV?U?hkgdd5?(1Tm?Xn?PT_#E{phNoJS<^667
zii=v&w&f*}ZmC64&5k!m)l>9Nrgn%It`y>8#BwwlL?eIOxF&q15mn&%IUv3co@;?O
zc9#D=4FHy}u{Carx!1-Xxe~CZ>!mz!sMopRMX98$H*iJ(;A#b5Ha>7G5hiCcSZo*N
z6gDUR2sFPpEyY^W3$0(C*9K3mD&e<1f^^z+YgV(xw0&`K6z!Z(F4)&@WBe*tG<*%n
zzda=Z#s}(rojSH0KW3>%-jZ4Tn0(pfarGkLiNahp>OjbWm1lJ1cs0DgItC$sj51RS
zk*Fr##u#oY7=LoQkQazaot9&6_*VuSs^v158amu?1zMRo{Gl79dklO1sa3Gw96mxu
zR`&4xTr&DMMrvxR&?l1ag0rP1?f0BC*f+EGBuDyfEwbnP)GiBNHryff``gF785W9b
z?43NFSjM9gYL_qG<~DgQ1Ka%z0O}j;?1#w3fV2nqVqWX8%f^0InxyC@o5p1>rAfX4
zZ#^n+qmJ<Q%#q0U5w67+=Zii^w7~WSLbs&XfRBVZh~3jm(P7OancrN&{3cXIif7%c
z<7h?q8EhPT+jhtD>hev>>tCDDGQ--^MD;a-lqWb=fI(joE_%A@(@W?1RoD2Vi^}kr
z+uS$zw?-?S-LWBKB=5n?T^WCGrN8lJzNfkj!3uWSF4!-MJRdG2${l*RaecDJ!xK^D
z|GU#|>7%E&fQr%2VJ`XXmQ`fyk=Yif6E4@<v-6bm%XJoQ%S=+LheUyJDLg9*$8nzZ
z;0)NGJxI)_%XfkDt*8Hy*My>^t|h`jknuTiJ3Q*5dyzAIsflc~BjaVdmC84)oNmzL
zF|adq@Cj!1A!YH%ASmiog2PVr-yE(po?q>V>_Ss70^aY?49<5PnjE#j+l=-ut+B0e
zJ^2PTuB#weetC9iSP!(9qHEB*(wYRrAfzU|T|-Q38AVFKZmgBjw=#Noi-gW01C@>v
zZIO#shC`Sdf=0$7HOm$g0T5D&P%kd@ort6?1WCI+C(a>^{k~;YEZy$WrO=a7JJlEQ
z<|U7Wl7s2`(x?s@BD;4C8HY9@v98D02E--8qAf2!g-85qDCxk)*~z%;IE<Q^*&epu
zkWjJQ&gE0%zc(QAoQ3bOf+=H?+SCK1lUtQ6BbYpUm+%;+0TNIH46Erz_6^XcAGxs$
zjz=fBF@MoPphZ)rIrLH!32Q@tRjLt#g{!9L3fP-+TuT(}nVmyx`p0DzGSK2jgDhJ|
zpV>SsB)R8_&zXwec!x$qAw+myNdXx6qyK&L@B7PkpKw<jb+v=to_jmZ@sORfH!#$h
z@XrfO=HiAN+d5AqyZoURa1G=u?W&`Jjl98YDHt@m?S&IZ5i`dCPDZIXof9h{XZKN3
zqHSzS^+bsrMKT(<(c@~tzdq~}9afGFxNmzgq`3Yiu-LNc;lS4ghJzLY>LM965Yi9*
zvVZ3+6cm!Iy<A66N47b-yHXW-M+ZF1-g|h*uQHFhC?aPIEVraTWFChG)wm;Up0p&~
zw=Qk(p)0;D?~~szICcK|lqX$z7G<K-CociF<|MJCwiJm7|8J}}hKiBL;%7%_TLRu@
zP1{#^2dbZEm>tI2Y0uAj31KWsEi4)!P}f+BOPa&BmS78D>i+tK4Tiwp!-q5Je^K^U
zL2-3KyD$U~8r&TQC%C)2LvVL@hu{vug1ZNIcXxM(!QCDHdB5-cRp<6pt((~wyJ~8$
z)!nNfY44}2n|@>ghpR1JW_Y~8(YJH%gS62QV}UEB<vB53AzX!9nzWf|rUDLzueiQJ
z60N0I^WqW<UrkY~)2EGYe}AReCy!^Un57>C_4Bl<0wpDgQ|&wY4Src}k(b3s8?AoX
zWD>EC^bbsOo&6(l8ot%z7<ywKEpgX3Qf7n%A2dLHx}vzN>(bI}$C$pSRvd2YD39lB
zrpkUJ4}myn&)L7p$s}Kto?o9I!(Tb%0KnbH)AsnoFz;aK+|m-I&+}^sMu~kzTqex6
zGvEQ7kz3-|FRnQ`#k7~C_Odec<>sG7IWNWB^(Yoy48Z5w@s0}>T2^=E>vQ(uIQ-rF
z7n4YITsH2`gzZ|30<RPMf3H;5I6QGVW+cPNard2jdwGeftca2G*C}-nPSQzsKH;yY
zs5JTwEc_cHa#CErG>CgEtP3DFMpKlJ1y087l!WYTc{6pmix1<8iBp_&9~no(AIWT!
zF7E6JiOEv(e&A|q6zCe=W|C#q`Gx7(d2nVfDh-`f`(oCNZE2d~?dc=qW29s(VXw`)
z$Ai7<Yc_O@<Sb-C9d+Nm!q_GzWf|w_zQjRJ8Hyr?hDbO#n&?Stbq>)ream@O%_Ajx
zMU3mI3zimDjAXPdLFa+YYp(}Xo_v*T7z=EyWZvY(u2$T5W68`XK&&KXHFeR+42HI?
z!&(;ZP+DpQYFeMb?qmw{?Bs$B|1kWp%&g?Rnattwzx*bRlHCYiRR4via6&(+Z4n^f
z*1D`|8fi`fsx&$kJ$1372`i_dh#bb?Ap8rgs%oc+Xr)N(g!)61V%0UDcD$UrJouz8
znJgnD>Q`eW4wq+nd&FL#j#%s}@bBMwHqNO&$2nV1PR*7?AC4^H13x<@w*GxBu_12m
zj8pVhhLPWoDF;c^PWb26>K5gy_vZMMK(K>BH5b|zy@F#iO(uH2euSn)73GIO1~Dva
z8tETxQIX#<(*9oWJ%F*Oh^QuGQN1Qe30Z>1Z{i%5G_rPsNYusoB4R~JDJe?J%r)m-
zIV1BmM)%sbQrs)bGLCBWLErs@zxGA=RMF8D*SSYFD*CE5T!G<q=(;|%b*UK=^6}n!
zc_US_yQ>4NWR-{`-g%w|-#353V0{0)Rm&l5wlu@QX2K0>M7%gIKEk%CD*D$H;CO-H
zJg?=orl+X5G!m>nd@Kl{czIc9MD|@!dyvEugDPrxr1ErXTQ|}##?UEIS7Ph{wY{tF
zxeBc4(L^Rg{YJr&#_l>7lBi!71Y(b;e(A%TLalz6(@g5N5aQq|=be{RbHw@hM=g2;
zovx>>q$jlf%$gV(tE!<f%Tp!6F)O0x$~GB<hS12NoSG<PCLhoj<V5q&`WO!vC}s)=
zZ#!vWX;)fw>&fC363bLXDALXrLtufSH*s3*p{8GT?8vR@S>zHU%S^`p9(VG4#NQNJ
zoVlNd;2D=VAij{6=zc_|gysmd=@65%#e47UEGjMzOX<cvEge%#E1ycM*VKT%n8*<d
zAy&#9k;KoBm%f^qYa_98_RS(Ym4ovrw2n60pSk^g{i!QqDjffTCXx`pce5Yfy<~F5
zuC9M`9=^Lq@|I^|MB%VOd5O4OOsD&|HPn~w{&kGtTFMRmHNcYTw1AK)A<NYg(yQIb
z{Az;To{@chZ4a+LhXVrlpUPfM(^hawvp@iNSIe6HkiZG09KAi~j!CF*{)FI(=hHs#
zi+Q4hqZ3(y?&SMKw|qe~#;OW=xe)66NH;2Z@@iQ_1FMs>v%sOu40&j4aj|${S@o25
zUSoG7I&z4FI(rj2c}iZ6Z&-14rXVALZgOHJIUz>+EA~X;ByPtmXzK*a^-ASp?1O^4
zjAJLt_<a9Pi;TOZC8q&#nV{X0@O*bD8|?i2eC70DQauHPB0=6Z{L9MQ!ir-57kjJS
zUi(Ay4HBh;3=G+vN2de%`qmXf!gm=hBXhLH4(UUG66x3+{X;SE#8dM{(Sb`=u-gKe
zJU1Kd$X(0jm~3KFe!M>NbD9x)?>2GKvw-=^RR2$2msm!nxm|5nh`GRDjky=GFlkHk
zyh$;FY+Y`oLL>-8=TK(&hM#;qfCfojI!L9vC|A5$o_58j4I^!@edh03!gss{eA8Sg
zhYB7p-)?4i&%?PTZQn}qZ{GFaIGZK!n16$SfCJmz34HilPkTsGXEF6Y?|q-$7{dhd
z=Qq1}{{-ouuVw5&Y}=sdL#!8p%9PQ0=67CWYHy|<h3<C?)o#7r3*q%X4YQ*ng4G@V
zX330an0y)d=ltvrtW_4WX(_&XnYW@Dsx}_JdW)|uoaSZ^TS)0uQ_wV;Ad;V`FQ0m=
zgMJYN@7NaMu?%yTGr9pGe$r`!U6F*0(S~q;gOMjjIn(t#^iH0l<1_hB>kV}z+xq}P
zy2;Fa`n6fYLD%Z>okEO7a-(mYNHM!)SBS(NIhbj<uco5)vcIv<raFGeDGw2Q8?S>h
z<Z=BDw06^szDU|&t*wRr{h_gT6mKTWA=KTsxvE+|ElAHx=X-;b#%l)(81YafsWzJy
zkm+cZ1_J}5BEjP7=&wqx@k_k8(yEHwii)JulnW4Cs;H7Ku~uJFXlgRQ!v0%}Puf>A
zK=cM!ToRwHEvhn4ds{c>@i$Fk{CDKdEW;cT|ACwWR&yWzO}H#^^)1u^g&Kl_TmiwE
znc-u8nF7D2<}7d0bPeQyCdN-4M*8jzZkEc$pEFC6nrcuSj~)hgS2EIC)YH~9WmL4}
z-KT7cxP1FTS?EWHvny-TVnVf~XQa&Ygz;(meZQ>|a6129E<xAL<;4HZ9vuIx*8qL=
z2tQ9}Fu?)wxjyxF1cLP!w{HXA`-H_f7AGvwvltli^L8n)+@K5%&BjNQblSYqTit$U
zK3EfYDqg3LC1I;qyHh-9B5qzZX09JZt$K0PmD6$o8*tlO&|in{C;U@Oo^3j8s3<yJ
z6XGA2fu<(c=bE?_)A}q`pRBg1U}_o~<M7LzU<p3TDk`4u&$T*uFtW^1RJ6Q(QPsoR
zA_fcU;b9?MhnSe0Z<hrcU$M*6^1BAsLv4-L;qCFgseXUAzVZcpr8jZ4tj4Js$_qIe
zQ_L;X7P|dpJRKPnvWu1On&2x*OUiD*tz_;z@9(M8LNHtq<#Lz*mD17{w^e2D1=`%+
z)l<_|8_V*=h%d@Gs)Nhv_D7-7&mW8H*KCfa4b-P~jJAh&HgaXx0ze~ya~WuH6f#_c
zb)^g3TT-GW6g=ixBwrdO#g^;}`KyvZ{-ozm=9T#{81z}dP5FVo3$RHDtKx@o8yMN=
zoH~|#h|?QGy+yu~;;MkISt+==Zfskb1MA=0-=h)u`=y83PMO-c+kjte#}DJnOZGff
z<I7bej%7MA>$<qul|E?<-E`{GL}HiH2&8Wwh{VeY_EgPv5M(Dk%V3_ZQm^j6Up(pA
zxRz`6?g$Kzx=LDFes2Uahb|Z|98m0E0tHQk@w@DrJc4zKi(2D53E4UA9)?zD39U0?
zp08jB=En(WWn@-!WvrdyE)O$WRTPD!lX$XgrO0zu!lDXb6!a8kHHf!6c^vjm@U|uu
zs#Ui}4SpN|7#ZW<-+jP)DHJY!U9;jfQ62MX6GduW;tGp($Nl{|q}GxpCpg0Hyd09&
z-p^KkaXNFHfv?-J@17pUbZ@KMaM%Hlp9UMc87MZk(Ks0Oo48hYah<~3VwuuLU*<rj
zWyzgveH>hs(#oyugyS+<Ptz&0=R9rFRimK_vBgUTCnLSXn^~J-45)ZDI3)xCoVoGn
zB+fMgpy|>49G|GC6S?)oW^2xJPvO557>y?*yF(#6Q>d`4B?HE7Iz~uwXY?GIp4HVD
z^M@E6$$P^B6=JwqLl3XlJ6~6r`J7zsXd5M^c>IPM)}N%jyqUglk2v27;+`U-qClKQ
z^q>zl&+?RM`1SACH8lf{QS=!gQ>m}~j5C=2+Pa3`F&p|DYRv{VHB`bK(?Wr;vMc-@
zw?M26d|d~3_kOP+ip#Fg=T}eT_Fnv>()|t`T#7p#R6C?8P^|6m9gP@J;lRPSH!g{T
zpVIDhaCfHU-oSuAQlv>AKK|DdnH+)_CzFwuycnA132lA3bG$bcQn9?jhdm0d4Y*v6
zyERl7bC<vqLss@s{8c@p8J_V%d5OL-t_QP3`@E}?;`s<9d?V{*+HT7@+?Cow_lx_m
z;<?Ru1<v=H)<97HbdpCj$oxvn6|rA=D}JkUq2Z4nS;98)&mCFu*oc6j_w<+G@^$4y
z`8Cyq2(yijiHW-|9pBhssWXKF+N_%YZPrYpk^%CK7RP<Ekwze13JxxAg7MUUlr#T%
zHYo8N<lBqp3hdPi-LQUk|NMLqcpa5rTpu-b8<xrGoE-R#>(jX$e_HAziu;kPqVH-&
z4p*-eSek=_N5(Mo{D`=mkhy~GniV?alc}!xCsR*Ux)ASD>8-R}YIwXiyECP})twv{
z<_PTHTZ8PG`e!aG;Q007>|3DB7RNk}W&6Dm>|eWGRo0lh-F^hQB4kIV`W+*AuBX@+
zBQ&qSuPI!dzRdwD?#?)br^E*}$Y(l_4o8Au+pBF3m-5`m3CJ~8jTjs(*0YmSzK&Xm
z^$yK;n|o`G)(N;~+A)X?6AQ5KLO~T0C03+Mo7p>?SX7c+zsoZik?Wiz9yWfP&xvSO
z{>uE3o!j0R(_1SgT`g{GXBZRq<o43>T>+WH$4&p}VqF}GvvNpJJzCZ4aC=(GgAyEI
z?w+l#=14q|Ew`TEn(P&IS2F$QBVUI9<<;cN6iO1|a;}Gpn>#%S1{t>+Tgr;+YtfUo
z{>Hb`v!!Bv;zlKG^>kNipi4y*vh_#D5xHa4_788epb7X{nfu{%?bU-q(N?1?EcufR
zyUPp5;SH`o6GvI-dT~7)Y=M2ZbUx=CsOY{i0kuDz7(;5u%y?cJ)dsw|4Xy~pERA{S
zT@_XvrqY4;sDu{}y}bef8W6aeC!!p8v5%Q7Ev@Z0&#oLAPr-GgQyGx~T=$)W=c_nk
ze{wjwdXGFlc_B&`jSBuz$w>9|ZQ$B}5gX-`!L6J|HyT5}RMNE3%-=BUPsYq)rcvud
z^B8<fOG|cd!RIISz93Jw9{r-7rRE<hkcboQ+T)G5v*FD~2#7x?dkbnBL&t~zGTD>3
z7Zh|D)n*9WxYj3)FB(yObc>7@Tar0JYyD17srmj9Sb$8#pF2Rg(dDbH+^RR0h(UlI
zk&icL+8?8D=hT_tC}LpJ=|w+0H;!>|RZw0+v<Rdsa!1}f#TeM?4~sx>>6>7Rz+yaG
zy}HgB*cvhPF-l4rpcmB{6=kU;;h{*MR9d#Q85uU6gsw9G`v>(PRQs4g3jk=ry@(lR
zC+g_Xf#ph{O44hd^Q3|h&s0ydL`BiL{rmUJikoceR|LsVD?)QWJETnu7Vo|dheyQW
z<*jrTg|U-Ms=m<)kO(#1Lx4jn_WiDhGN8Wq@|V3EiQl$TEa8?yxIcDWq<(%@wk}e7
zh<+a)7o9LDj53fJIBY?E88go*s5p?|!yvoAZ*1Pcbx%ls(V{|}*Sf|QG|7}{7aZD7
z`gSz8j7`H(cM=YBJHsI1xA%R#xqDu-=2Y!UEr{6S-!b)bU$ff30iUNG?XF@>>O1i)
ztG!0QK2brf3UhaxpKclWTpu;K7l3=6d(qkuBSC+Tp9!jZ(oTiV6+eA#w{X9a4XdFZ
z0~0fM82$Oo`=Q<EqGY(v8zPVKEDJB;4Eia}jX!oRPn?xWbsUk`#oAx_Fh+Y@LND{>
zK4N3%oPT)@DC*n>SH>a@TzU3Qgn8;6WEwRNvNOxTgU*@sMjnjp*E8YfFRT<Yf*V-)
zVe3S+8}sb^w3J-kAUm_{*p6{j?3<droDy@;bz^Pf1rQ?}?UwL$4(@1Yt=UW+5jp0f
zvlJQgFYnw8zkJF2n*58NrJh^QY`f2K(+ZVvX<jeBSG|5whuZRQZKKh7k94nCN=AD6
z08{dpTZEqs&2j?c)7N(wX&Ty&gfT#sQ$-i2f)jm>%b?`-^fj$)i&iCOSA>ey3<M~H
zPCH!p*3A;vp{GUKAlB*8Xy^5!V5geoeXc*~Zq+)q#20p}i+}6Kz``z5r8()*00(9L
zwp*d`^UToGOcR?WpW(rT!@-nRq|IN*9DD5bOxIu`MV|QZu4bJgs1J;1D_1R{$7idh
zs{I?$^<;Zi(23k^mK^!DQSygs#{5;*l`Yvy!qSC2m%9-SrCYN~E>PBY52^Oo<ojxI
zLO1HX*pE@Lu%Gm<;%khZ*kjO74r3Xr6LM!jAgfa~Wv%08xA871cw%Jyl<>yn#7!*k
z$YwhS?A=D7cb{uywvItm5DXxZ=<fJZvrqU@`Mv|~qr#8tI9b!s@qKVcy6v9l3e@5z
zI+W5^LDE~oOx4tKq^nm#A|UyCG}Jk_z5Xt<1B{0Ve&aIQ$CNcRCQ{?b|7E-@=4Og4
z@JZe~#tQG0jZ66<&5DVKAF<V%k~sXh2fE;B^eCO`sX4P#Cw-(`Cf+@BXFsYxXH6vT
zR|-g_tT4Rr%Imf4$>M!0cz*VXCFG-7CJLe)lpjOZ?}oEK@bkAOoU*2Cjn@!yj)*>R
zZ3))RFDi>54`UnHnkeSx(3~Z5H~z?LsY>RFpK1vK%yIK8tPcK(^N=~wWcLtNURoKs
z`EA=`6Sce4d9{iIjJ%5_$8FR5v41c)Ro^->G5wRHeAm;Axv5;Ews$tlJVs>V6q5ks
zgEvbI%hAOJ2u#E**1CmTJq;|VXM9u0+}r6A^~tQLaat7-bLFnuj)+O<p#p~=mxB}|
zceuU=H|qOV)4Vy*I7hjKx!v!%X~w*beZF|R9$*ir1<|#GfV<7&b|3R*hA%qunXzr(
z|LX}zq?<p_TuUt<c3j3;<V64C^o1P#VOp<7sx1|wE|v24N1LhXF5ZmwpXH;VN9XLt
zPruKjJGD$n$1YP-VM<~IfMcWpsi%{|nB=NyV&%xfuOXQSH6YEc?hF6;?YL3VqwcHK
zMl}Wz_UJ@{5=;t4N=n8J<wSCnb!zs~b=~<7lCJeu{Y{4NJxSuD%ktN}7tkc&y#s^8
zXn1&HipL~YczRA0Lt*oAGD>CQo?hGuiO7*4E+x7EmlW`1n3Y2V^$4$TKjDa%2WNU}
zAIp*`J@?L(iA24;HmX(n=(sP+eeiAuY$zw>T`O&BYN}c|Zbs4j3s#6HPGvjK$W6<P
z31CUx7TQ?}#p9-L^6M)$U`a=Zp8W?3y0nQ0%6bsmXyuhC4_8l6xdbdM0wonyYGFMx
z@Rx3xd#eTJur5M%q0G2sdtEU7b(kdzK!I<qe^Z3y`GRv~+|IG#-a^$E=<lE1bJ6wu
z>akCR-<uVfB71VbAix=V6)PHf#%<dD4VTO-)LYNdP#?c*y=nLCOwQok@K*mme?Iz;
z?;CpWcLmc9Q2>6)`NfX?Y3l+YgYN(Zx)+g=Bn`BGCX%fC1z1hu{;Y6QKY=p+6AU+P
z_ygjhl2pOFK;Q>>m(KV<Gn1N(D5WhONm>x$bRx+5OU?gPZNHEp%J8Tb-X(Tg(f#XM
zqNDz?>X?SHof6w4ZMf^0*o|uX0ygTv@<qF7Q$7|z?!@1S@DYt~&o89%!t#DG;Q-$@
zlFOM3y<V|caLL%eJ{S?aZ;2{7tDZRCRSMSO>k9{qbOapT9{}j(UYf!=t`CZ{DL<WO
zlGYPILO$=e`|^AS?CQLdz$`9MaWyCYbYG({4<a2lZGhM&T>b|*w(%14zWRxq6&q1Y
zqLr~VGjpB(H<pl+vSh}REgI=z)H2e=#f8ceMt8F_n)-=S9NP2llud-@!M=&2Ocrtk
z!9_+U3R2|#c|R_JQ9h+Z|K+44hdgI#Nqsc&*6B<8ZtS{yK%an72BP5LK_uEH!zxu?
z42kc9EOLXtc~i=Zhv!(`grA9>4u<Y0GlN%0VTbrQ@VV5fTcx%7Gx;4UR4p+_ru$mT
z?BoE=aJLd<!8a6<*+bo=pzaLJPKvJ^AJPUFQEX_KnClt&(|vn$kTNLUS7a}9r{QBj
zPVj<j;L-Y_E0`o?VA(|#EX_6)Zq?T^VZM*MiNL3Z%$1HZfoaXdV6IxQBwz6Ic6Ysg
z934PNk+q~S`zujFxCTobf1@SgF}+ojkI%low)vj2voMSLfs;mTXf3XO$ZBXv92-ZC
zsqxR#<TK4ZcBXspmkEd)S~Ml*W99hQ)yOBQH^5Le(aO@88reUYQc5B$3<n$E%tyHM
zSkhvKDp$P>8<)`7N7>`$jdeU!Z;&B>MRFCE?gCf7F#)TVGY-Tyh|*m94DDb$Zrzdg
zgwoId%2~>x*f*xG(sQ|`O#Y0e@=+^`G0AH%FKsU;3CdCu;#}c&pgek*BNlB{ceM8>
z))sl1<;_o7Bwx7Ic<L1rAEu01V?T`o=lGUqYE%<q956MYBX4XX9cFg08ZbQrMNdY+
zCTjZt6kmhq(o7m&o<cc33n@s13HTw!OJ!%^WEEZ4AOjgDih_nGA}fo)<9@OKm`J*Y
z7YV!Blne}{#6j*ZbKg^y>M`~quc<(|Sgn^}@4ma67QnkL%1q)o?&k>GP5|-6U$q)e
ziyv6cHc7ZS!$q+Ca{Z;_<cHQ19@(JZyC?q8mbE21zqvad4jF5e=Om!y^z5JV7h`D{
zA`)NRchH%+|Ki24{b0U~zLi-aAROAq;>(wyYhZe)?&LrS8^FG*Ph#ca$><M5#xuKt
zDvaI*OS8WvWQG){-PYGEt9x$p8;L}Uj@I)6QTMw+)P4I{`1dj|RxN@c`^eTDuS6o|
z$P*lViSo2piJNQflW6tw;s;wcY7Q02X<9=ABk4?6@z;zN@3SBF>(H~O4gNZp<JI2K
zN4}mXvm*~j^TjWX%sEme;3m*|fn<)52WX_=X=*77kpq_K`yGKEwAaHqAEKXv)?Dt&
zc6Y1=vau;&$;?hRz8LP8C9@ml!sS`7{rAxb4Gv$2e0r{QoPo3}Nbmd%ALXC?0f-EF
zs%&w}E)+=PS6#*udrFs^?eZ-d7=L5)7Mk4uWTOuMQ&T_Z@lWO%Jz6>Jh(~l=r?NcT
zk(^-P=&NS>H~VSUp1-_jfqhk(2p0&_AiS8UniV6)rX?lb()LZ2tI~)VG@Sd5B#944
zx8)={epYBd5T)|KDBWA7T2`j#efo*3p($tI)RI7l0s+rx(FllRr}aLlgV!sN>7)FF
zBgmUkw4RB+gzfZh`2KSP(QbhOeyc9kNf$&W$^vrQC&o=x&7`2b=Tx2Z8DLmkO!0-I
zJ^7i1=2>m39K74>=hg0Yz>k)gQ@mYsRMpj`r`{;G1)Ub9LXFg##B>}EI`g5vUPG=7
zJa(|rqFpi{6UlLmpbIcJ!)=PxI0g>36inB*k?{+b9HszHx^H{IGKvjO7WyyTWJukd
z*IJvbYt;Kb0o@IBe>t!GwL6(OOK$ftAZ#4;$cdR>qlX8y`@bi=pR3)$@i0@!w|d>e
zH*kys_o836KQ{AbqvP>U$ptuzy;~x%Iq=SX3(D;9jNQC4BP)0yy*v`to+2lBcr-hQ
zvWJr&?p-*X8MwpgANkP{WfMF}!2vMHW8Rdra=vYRnivTm@Iw-_GGOS~*dz7k(<Xx>
z4hmyZFUh$%dtu=aA8JF1D|dMsV&@LELsOds+VwG+{;H!hitvDZk(LDYNnlcB$9h;e
zpIc6`#-a{?O~y=(L*Ta{PDenBkQ#>uGH4Whkh0b-<38|sptXUcqfFK~MHz$u!V2w1
z@Rr+@bdn+xS<|9EUQt-IBlq4&lv&^vtBh_p8Df~jZ_RCM^_OMEKifZ%@gBlr*te&?
z4m|(x2FN$>!83f&gM%(`<jl;<fu{RAnn=Ju=D^izJ9p4MP^TJ%I@bL<xjIV5#vWBb
zE`lKC75P8CT)F4&Q22M1H@mqsfhrd0qYt87fo^s*+r10seM+96A!Z#Rk^lhd<Azxa
z3(V1Eljym;nUP!U)G5N{mqQ#+^Od5`Q|P@mkLFtz)E3F?z;N)ck$nir2R~hvrNh?=
z0Sik)+4?PQ>C>w{Va)N6`ON10_bAh*ot>RiBx(2iZPae|e;Zu5Ybap$_Laoyz70;A
zFnh>r64TDy#K|Iq0;yKR;_8%?Ym0C_*SW)QeuS{OQB+U5<oHu6P-L&g^@=3y+Xa(*
zRN?&typhfYoJ?C^c}F=X52!~GhH96!F6QyhPsraA&|Hsk*~?-1&m(j?bn$uMa(C_^
zv4zLZ%vzboer!JJoh?(Ead+&p(#B=Gw>7E+&b7A3_XvYqf->zDV_O#AN)s`~*Q8F^
zq5|Iia-(;9d)t931}KB$xN(5vxs(bRkHz~&7JsFztM~H!U(vTu>R+os%ltC|$p`9B
zN=6|_rzmCq7i)lXRJQK-4rO+#$J=192~2USawqAEDecYhT`K;_@a9%%PfOyxb+P40
zo22N78=ZP3<+%<tPP2QR*@YQHAwOw%&F>_#U7L;Lo|k(}uRDgF<Kuywdo!~}l^h!t
zcKfJA>ev)V1K{p%FQ@?m`u4zay3Qp1AGgW;qeo)neA(ow1XuQZHbAo_&6c{a879(B
z_By*D7OohA1ryzVw=5WQ2BKlJAQ*-549oHn1AC)yVR3{Mea<X+8wFJUx(b=?WV=!t
zp2^-&<^aGHZ&|_hr{*5&ljFN2DgzSUDz0N<Gsg6FQ^R4{E1_RDo~iyj6249W6}7x^
z`vdOdR;$GC2QQs(eOx~0uu9-aHVzy8XY!iypI=8|hSh0%$dUb)=h2Dj>5(}(IkhYd
zriB%T-K!eS$)p<bSKG4;^q_$9+3rLEE&eT3J{&9s4OB~m)S7<C9J`bog)IIkSV816
zE8hY$JdE}#N0EFCeVo2O3|I%64pLD=C0E7mlW5o0JRPcgamm@AwfLXF;&p3FEQBD;
zsi6Mq^n!o7Ew{9@2HY8aW5=sl^)8Bx4Xo#E=X5Nnfaw(fD8G=Vkx!mr$76Q}eQS63
zr#M>iP;cd`ygZ@oH<@vFOM`|?zwmQo8_!QLZ)X|aj;4At&ZM5-7dB0`#J5I-B60`8
z?Y2D=efT8=?VfC<dv?(rkJ)~_lZ=N(9XyzJKax7D085hrGlk=<hk8SUt1$%{{=}ox
z&~d?0=tlwuVMmxcBKFr!=Qw(p)?BY5Oq-RB1JK^P4Ze)YAoKHDt;xJMoO2iUVe=!V
zy6=%K?)&&})BL%{g8Tw3`TnB=(Kpl<L*?j0Q!PLoc@b^qcrw$!1RRj!%;5H!pbD*;
zF)BG6z5>`I$z8tzD$mkDI@>Hwvp-C>zZQSR-q`L{{wMy-73Z7nH`JGCk|4;_=94ks
zL?d;#F)oOy^uY~_YUg37k{{5YA_ce#m|?2htTlwtXK>VeMiKbU!cbWeQe3^u>tym#
zU#jM*`D<N~W2bz%k6QidT}@EnF38UZrh0+or%#}A<ZJw_bOsPxuVm0*ldB$==*<8*
zKIvzo(NwT_qKM2|1K1#dX%<}*e{E?2q&}S4N^(B@iLgXOMh-SQI_$rhmw>xo2~PG#
z7ej0$_h>_Hed3OJS$1&W9!t~4!H07kbd?}Ak2~*ktw&rZWt>&aj{O>XSZVh_!95-}
z)7C&LQlD2!8*<Bd&>5*D`<mj%zu=3Ik|Z`LhhWmEJ0Vi>S9ZINNZ7-Z&V9d`m!5@M
zHUFEMYO%6R`cxQ=k7v7cp%GFPFgw;PMk|N8?PoKdy$uSyQZPVHF_AW%mP|s5<<O4p
zLAe$<tgz#|9JbwWp=yY|a=c9ciF&(O`5AJ|lziQ>ng~hII|+@nc*NZAWa^mbJZ^#1
zMQUuSYRM{_EAk}?If;q1Z+^di_n~ezATzP7j`m9GZv-(i{me7Foxg}IAj#Rqj)h@=
zN7uLo_WW?{LXh|-ll@;Tzz`6{x5#sUc}I~_>!6_}?ygAhiicaMLl&;wGnJ$8go1KG
zikp9_(~4IBZ={E?SV%;0=_2J}$ud7VK~Dk3C+mxAD*zTL22~e2%yRcJ#Kgp$zLUu{
zsuhB;C@*=!mynR8q@}sdq7hogjQ2pDxtyZ-EDd^q2=hiI@W^a-g>B$@1WYZ2D{_jL
zgrz%hYnMrr{?$Yul6>V48t35Z(%A#4_bm8}#$O%y5k6|;>$|@T_3tes^C;N#4=ft|
zUGJb|_8f^AE$T5BPz{C(>hk`t!rHLx?te7O<6xlFMUoTQp!VbFWV|yFml9Z5M*X6B
zftspJ`-1EE2PmMOkguU!nefPwlz<H!UF=xiEB%sr1$-UTP*cY%91Pt2!64P_O|l+M
zLENI1=0FUXUC#BCE*AmdZ3FlZ^OUN@2op+{s9N+&Mr=@%Io+)gxwF*OQ_xXbEyd*N
zbjJODJ|vB(22vFx-2P>EiMo*eH_I@ldnuKzWod52q+g)^O84OFqkfw6oN_Pt&Y>Cb
z^SxfW>Y!fKaRdY-N#(v*x(KadfOzK`T?AUIb<gTPOi<#KfMw8`Wa7F4DT;S;Okh-L
z+O)RkW?6n)8Qs=Hl+OnErEfJb|9gEm*aH!unc?Ys{}ejeo(F%5d?P~}iTt-mJ0_j?
zdndtMX9)d2fWn93CzLqzIJr{gZ#ozT07HEJ{~b&bQgBR|B>y*<UVx@`@cb-RmipIo
ze8fjv=0xvxFR_+<6fK}1f0j(CFJ&629;l!9b?1wKW>*0-)OKBIiH0j$MXH}j_v!gc
zJu^RF57M-gXqoYMgQ~#)Uzve?`vn`&%^CyxKRqTevcv*rpX*~QtZpDFz23Wskoq`K
zFcJd|TMC`AWaYj4>*=ct8a9!f4de>IUH?vuR}b|$$NGO{{Q=J;dvU2AH%|~`0(V5P
zl&RUDU$u9HdTQhm+n?PJUELgEn`xU;r?7#)ftetOK~Zuz$yl@D;7HJ~KXhCLuvj2U
z!uum>|Ey-Wv(Dzu*^;w7!JCVQ{w00;KYoQ0f_<HrufN#T$<m*i*Z__IL41}kbost^
z!G=m~7)X8QA$+3=GJWvC>5;T=Od8*rP+<p{$okqXv;(kV1jB!PBM}EJ;b_QjjuYY6
z3~TDdL*W1O=>PqxJ})Us#5DtoE$t9^01Davu1>u;`I5Izql!CMdAn~v!bLr>!kaMm
ze+!1k|L@XaF!%M%dU<&%cy)Gm9`fJTX17~kSrN=r^wCYs5QHTCu?3ZHJIG0lVnqHw
z%VeXeqhsQ1xtfcU^QZJ&Sfpb{ZES6oV-BOgQzC-Jg4F^pqF2y>0MUO_wge&b8F@S4
zMb{%81&IeF|96$l6GTjHZ4uHWe-9D9A&QLupEq2NjYT?cGrBp=|HH6hkX3%Vr=C95
z!p_j!Q7qfdi4bp{o_POm1^KlmNKVpuH15@aOV8aY6#V25o}l;T&Z|VSre3|AH*4|L
z&z_6`eed-l6(5Z4%j}f}-MIE^0U%bufgeMi?!Nr-_$9)et3=Jk%PX3vnwLV(j}`Q3
zfq-U2{@nb7EJ!{|z2wUr7##P^FuY$i;4L}4e<LC92uKqxVYzOVOc*#K8#tD9F*7$;
z01k6H;Ei9=<3-&(a_@KP?*S=Kl3bRP_IH4x)zt!BpPwyU+#u)k;k+d<2j+Mj<eg?o
ziM-zHGp|ad2(%fiILd*<(W#bhM@{?l(&5C!%hFifN_FI(B_CSCAJlZ^9>^azcUl1d
zBa@HzEGgzCo=-h!a;dMTdIDGC&CzWyf1{)stF5nWFz8OC2N=IZ`EtHbgp+b4(XmbX
zrYCf;W47;@X2U0!#|8!_ffv3M2`B~rYZy9N>XUN=REcNbXPa`6tyYm3L*Fbejty*#
zeiSYByh(zHdOx|D`<|aUjg9w5RB=hfa{}cD#{;0Ptj;VgEOKjW<3mHWyv*D^8ebCD
z(s6O|@M4?T8XK4ld8vzG$O(94R9JaiWrW<=G297Rx@rQZh;O)T<XxD!8(-|n{@d*t
zi3ImC^2X0FN5OH1);>vXYi4F{3mxOH3$TbWl@(Oa7D&yMIJmwM0n>sd2F9*1Sp(Y;
zB;xb)^AZ|CNJvQXkjL(SV_ak2d}@svI6hHiRN(8b-12!7P}m9(IclFr<C|WVv0ZSN
z%*4y8EA#S-qUh7U2Z>KjjQnJoFKA$0Qrw=Kd<?++qeyT*v$-ZKXG_qpLTljy{m5>H
zlc8-^(H!)7Vyjvw=cSETR#{fmXpNqxH9RFu5PO+NSIP-4H40SZ==|txSXiE0S?WLR
z`UXd_-?>R=Lkm7L;_ku38Y|p69W`sIjs>u=Brvh|4alyt^IBgot*$Kb_xaJNj+_t>
zbV0F(dsbFiY3$$x7b71hRAOS-kP^D4g}c`F%adN>n`)f~f?ETK|1sP%kiewqn;bCm
z?7x{zBw}JYtVEP**&31@f;M{-@w}3On(dh3OK?S;r~GfmVgdj1ij3z^!G~JtgBCE1
z`SIzAOSSY5*hg*dKXjP$t8vBB#`j41N@2?NFBvYu0*?2LsQBQ$2WVgVMUQl?#9xi1
z1INy@M9R9@5y=I}a5q0vwObtPec>Y9<Kz8iA+V|i_l%6gV<QZGycNP{OLA9=>7FGj
zbReXp<tdq%;)8=dq_qx@s~LCW1XfV8l6)HIxfc@a&Gc9qOaGW84zy<M;^6id0ZmAQ
zI%}G44hGxagWS1C{0Q9dQNg$?ag(Kkg#A2Nhe{W?!P4gmVB`LY7b#{hKta%i;K%5_
zp8gj^N-4&Xs>9J$uYdST#0gjJSo}CC)h~^6j+HME&YSc337|?k-G2em*&i>DIu-5?
z96q1?Ke~f4UGx3TWv38b_cN~KJi02NdUDmAsS;}$c?63Vot4#`Gm()nCfG}MG2)|N
zmopu&{d_B>L&VF)s0BF3yc2}R^J=HM5L%UE$Z-^_8uzX+#`~(fS6eQxIa5j-e7*@s
zM{5L_FsCW`L?5`P#JF~wFj;k=|E@e!TL4Rl4f^nXeAJuY)|>_o5n7YkLh9D^@K9kR
zOTc$96V`XJOLSaV+7NU^#6|VZ-Xff+eT-muZ%kkB1-5haerBg?LCxJ5C3dyPr~Ya;
zFt!{m8e{+G{NZ>FOHM-h?Jh^wV@_av$qK$H`v=`WPVjzap(S%J-`<ea7Al>|$?%bu
zsVb{vVm#|PYYp&~bnAh6p7fVNI~`kFN9U%&Esmh7HQuhTyC)B59rD+FMoP1)1;k0R
z?F_)?{0|;vB4G#}rpD`hLy!1_-M1BOZ8ThrsPaY}B`%J5OAKDg@58IJAv?qxQ#`Lu
z_0Di7v<RXZjO`IM%)1JIcX_>ji8-a>%_iH!)Kv!HrE340Ybe`?>?fSI<IC@AiaiI4
z?lB(B@zp~lWIvn`ey^+klbIwauZhu)%U8ay%j@@^DRHn$J^)buY`|(25-w4i(|3*=
zkGLT(DV%3*ut+NKH)fh+UVI4usUh)sp9rUMrV)beOL-c@&r5IPInxbYYDsh3zxIIZ
zBrm8ei*|k}HMzsvUae2Yqndw|h+<T@k+*O~x19aZ{Zy<DcU;{$M4dzG)?mL}2GWB!
zHBdHwV$^NvR8&+PYpqKZE#(U6>}m~&S-om_U{yNhRGBZw4W$e$_;3T%XK@U=y3={$
zPFs}zium}Tx?97{;^y*ACzeJ%c{rURecaiD{aMK1rJ*)3(EMDC0A*k$?<St?U9Qrd
zr?)8}H}?T4N0c4&+Ys0sA@cZLDc%aCLH-3v@?wx=_aq!9$@^^~Ow8?{E%PTysmLRz
zHMTVgjhSQ5xJ&EZ_m}QZ^NP;BUtB-I9DZ&Gl?)QS^rzh|&|AkhNEdtk8||>+jYyc<
zUt&Vnf(ugbwE#H>Qw$|$y9c!w)p~^Ji_xE~q+XIRelWvDoT$3W=PltJS6Ah?cE)J8
z;;<r5*Yj@5*%dQIkth0hrpI(@@G`*e4ij}BDX;pnn?eIK<~Js~rG<sRC9CP;m%6+o
z!ZM|&r!(szGD}ZOU>NJ}^XnI5Tb702_wrT3fk|}<ZWVdt8yiQ&Mi#mH#13nmJ48$w
zS-e9*xGvZ7nh(uSF_8MdcNeO&Iy+F6ya{3cjW>-(=05~D)7r5k-WXMY9CLVlsuySe
zoJ~F*Wm)2An%M7Cyv+7)*k_oynf<vppuH_`ThX!ZzpNgx07s^!&9}cNP8`?7_84iM
zZ)%7}+&u$|-qs)N$7+RDY9P!rW-zhvi3ysq;qfq=t=Ds!9`)~x5#II_To%3=q+G)j
zJfU&f?@wQ!GQhmyZOA_jGVC%u43fNCoXLNTkblr4Q&F`I??r{J<nV||=@Kyxg|%YZ
z1>FtW0Oyvm!k5gruld|VujIX*zNGj%gE}h+EoQBgWH}Cu4tC_ftoZ;IDR579I}=dI
zbGMP<*B!r|4WMWSQK=0XJoGw*JsqJji%VL$I>r=5;I=<*5cq3x&=1HB{FXwi9yBHz
zwt9Pk`0-_yg##}}R)-?P=TqHJ7zO=&P0j2h4$dSuFQCLfZDI|C`)mHq^F<53r##l0
zQ?tFU@DTFAh=Z_rdv}LGGPfDVQNzB5X8zU^mWc+QTh8SXF;qhQWgLG}&|g6NJBG*u
zl#exrnC>=gKUx36)@bi-2ix?as)YvbwQF79JV$!iqHRZN=D|VVx3{aT!9|v98Sdi4
zM{<)xR04yrMsH5z44PLN-<Nr0^N8`WT`lFGC6z(gI`cCsJ90W35Ow){uq{i`kR7<K
zF$Gy<WIS3V;$PC_aFvJ8Y4wRma{NRj;&vXP<^_S<S3HDD(e%-~M+OplXP9$-97lf7
zXaP5IOp@Gn9R%StM9*iL4r4*yt|Bh{6MbuQp~vGIQr~Y51G50OcTQVHECBpFc)e$D
zuG<ECh(E_(sWILj*i}e&3spEPI3B+f8`(aY$_fWy3{6d^FD_k|-YyO79Rq5BI=A!r
zHSagm&!QML-7M0->(Tsn;R*+#b_}kBF9yC-%<^Zx_ClIt37oE-!QDL!FmlI?y~|{>
z)RR4(pft1izTCNQqxwB?(`w5A-?;Wqh(M;QbnI?OCh9T7Hyk7bBOYuP_V!l=k+qj8
zAm=ec@;755KdeSQVSx6IycpMVHI|X{u6f-*@6u?_e&nXhV9{VSZ0z5OF^Cwha-!Kx
zN19L2U>R9)HHZ@>mF#g}Z~K}ZBK>giaJ|ces5$q;szq&kL~7B5KP^lV7B>O3e2J+m
zD0K24f|eIEVS|$0zq{LM7iF|!6>a}q7)q(x!h=^a=y>|kiPtxBdURuuX<z}kn-Rfe
zn-6zz;$zdB>6$+S8}$j@nLFWP{lW*dF|{s@E)%DpO^|P}L>ye)NS}?q$E}N}R*V8S
z(yknkVu|VK5RiHB-uGF4Y4~Ralu}T9t3Ge;1xFY$ZI5o+=o{^gXxT$*xX#8Fdrn1l
z>coQk6O+8ZhdQvg#CxC-b#h6R*If_C2!OwBJH)o417_Sw(Ou&F_Du*Rp!#=q=$4NW
zKNwRA*1%Kvy1J*bLZR37JCxTRi$RSMp6OM#DJ;ivciK+YmIj<NwKJ@~9t++|ekBc?
zoQ*Ci%(nA>fxqYAJWf;q`#=T7=stbyC)&h0UwA|W2{%n-_y~47rW>{$&8~t!JAjip
zH1*gb&^Pn>rGo9D|LnLC7gGXvR5E<u=od)5Y{nU;XXf*Q0XXJ>t?dxh5hFs)ji+}Q
zy`d{YBy&l5Hn_kWk5vy0Qd2&+@tA9rQmDm>AI+lUI503r>;0=P;i^T<4;MFcTP+$M
zFH}1&=*`E*#<tM>aHnOrLllfc)*tp73s-~~#5;LS##)elQ6)T;kuyk39Pq%A=+WLb
z+mQc$micEMdd@okodHE>H2_jF-4<1sK3vlJNSC{=-{Fzr@T8KH;ZWe<`Wj<Zh+(6`
zo_uaOrC1J%!`R0GwzD@6Qd0U7(1x0sB;)7wGgfGM_S((Yvxd#jv8Z8FvS+V>V38op
z#kI-tCXjj-G%EKmFfL7navc}qmBSc#fH}v*Ca0lI@M*SGxMV}p`LBPoKLaCZAft<v
zZbDw^*QSt$2H<74i4z)dH`KEoh(eYo`#5W4Qt@^W`GbyKZ$B`NY<h@8v6Rh%mBz%n
zz+?5JXK@Yua!C8fU)}$)yE5iWGD~6RToV~MappbIfiP(NAVCuHyl+r5FuIa@=-~tz
zqAu`tjedj*Svm8<#aTic*q7nSsHoHtHZd`ANLhBkw<>t8{IVWgVtMD#h{n8eav<(@
zg=<s~vT+UHsc+)F!XchpOiKdXNo>0}aK|`rF->&X46Sdz0a?t}tBp<wCT{~!W3<GE
zgAk^|l0n6CxV0dScG!1S8Ylwy`Jafi#x?CBp-qm(;;$Y$ULkjw0jk^6!;@2y!@dQw
za`H1b_k<W6R!VqXQ-TW)T#(Zh;$W(8GUx#Dox{t4hc&|_RDk(2xfC~MfwM`|1VpZG
zHApv-vwDG1bwrMOj5nIRAd{N$A!;~HD)R914pf<lMHQ6uO5#{m(58-Z*pc7Fw`aO0
zC&3<`5D&&KYdNGCIKJw=v|wv0=}g^F{8po!6WSTWIBpdiYYI10ioD9FXs|=irV&`<
zL@PF4LR^KN{G3J7{0|Q__FKF_sFJDYrqadS=T=i-reM*E)2CBf?+@bE?6M}V<*w8^
zq!(O+G!7%6O%nDeMN26r#&9WC>=gQT7WWQpQ08zeAyCbAR_{3MX%L?k>>py}w~I0>
zt-O+fjO!J%8Tuc)mwgYHenx@39;|Ic-IyfeZ5oW!(lMmuoJpnQAsz1$y1i&d_dLEO
z83(m6Eg=#r*hIaHXU(J0-}5U-akj(pfpaiU!ftrSOX1f{N3$!q_DnNLmy#YfllB8t
zkmk$EZpF9`jS>09hu}@}yAvInfRXj6!w28*q<oS-%tO_(Y=tQ31PWHNC^t`G&&i+K
zhR?%TpieqIT_PJE9ZSN^{QWD}LHcq7KtBayd^3X0bfr`Buw~cOpv+Z~8$Z@loVaS&
zsKiBOaEwE*SdI0a-&1#x6~xIe1V6*XC#ej@rguY;h>P!f-W^VYs-aCr&1mum%E9<5
zooiU2nJW(gq8fQvyTR>d4%J1rc||L#whR&Ba-)hj88ULa38mQ(tbnQbB9D;?n)1lT
zoJ>L{eK=!_l)VN)1h~2?EAqS!ilB!N1X%mHZfbUY-mwy`+_ZEp`y1SLgMMn7-N5V_
zX_OVGkk-KTJL}=)j|EpZMZZxPnQ77D?UB|Wr?Dyy{FRex9;+D!mw3bHKJZ)FT>$d{
ztoFO-ZU5(pg}Jwe1%bZl)B9Pqn#L4@mh>zD+ZX#Z;a1N}1&&yw2*QTK&=h^}=_3iQ
zow?Hze|m2kobtO4oB~yGcXP7L<yPTQGnjrEc2V$NrcQ{k<48X(78Bb|iL2A@a}nux
zaszwkn8D;_d;6k0{^8`%6tL3e?EMowQTI3JiEd}0<r}N@xHF{Z`kz(SDFa=?ZSTYS
zA~3~x+!HZ3SH>rmbJ+2&;m1#Kd%aHbq4mGHw|-#3*j({C^mavWIt}an&+Dm<<<`(I
zyWrC-?~eD>f_W<SP45XBPV{89Pd9Q5#)e0~`#<O-g|i&xDu#MWK-bHaE7p^z46fEj
zAAjT!X&HYx!V;Z2&(;UGkBm)Q(AaL&RIiLFZOdQUP)v0V5js^nf=%O<E{yNr%axp>
z{Sqy(yh*>OdpbLeoDCWp*-k6YatoQ~A!i$EC_$7iQC~M7I^N-KQfvi_ae&QeVfS;P
z$(-jq#W+z89P7sjh3y^R1UEZJPl4scp%gUXbLa%BtgNk@e{t5+B$tc&=3XT=%jWX_
zq8NIee&5xGfyTu2RLAZi`n-loAdL3o1Qha$RjmP)YY2K@rdRnmfs=>mj_m9MSje{w
zwyV7>+`s_440L^%u9y8dNFA@>Y}byB4a*JH>+u6(8{w$c6}}w<_rx&=JmEQ+mSoQ#
z?Z1WDpOE6O>{ZYWBHd+w_{PoEvLTyWxJAS)LS=7_9SMz7Y3z55Sfzp+)U#pL=UkNH
zWf<BXK*j%M9}v(KU#l7(988|w6xl-9>>FJR1c=nz*j3D`xF+t^aW|k61)-2NYWb3L
z4MEs|uruRGP%DuL)J!`E7OPaKsKpD(%1-D@(}^t;&A8k_)2r|p{JHDM|J_nxOTF+o
zRiM^c{BMUwgryy<Bb_k!R*2RKuBl{gR5F@`oiemy56_17VS;V@aBCh5KQD3qvGDgw
z3*;QjTv>;bxX%RQp&2xF^?L}x<eL%D*gi%>7->}MhP<$F{?-WQcjXCt0vej6ynJy@
zep0@6+^Q#=l<7-W;<U$Va#TbkS_<=AL|g<($vt>A8yG5!?zANTtDGac>ViWlOpsH|
zzd9GAeY9|ewu#O|ru&{t9Y!3-n}OlsM7IZ|apnsRyztN~6C<~+thc9Xv{UPVBL8m~
zMPfi8P*M2>mJ8Yr0BLlg0^UZS4^c5{lP-W+!0q!+hK+O8|5iak{c?bAqSyDjfc#vH
zKCh=T1hs9{gaKydWb8wAmTBzR0Unk^FEuen#>R~f6Gj}$VFJsftb)HIZx!P~yLm*m
z53=eq*Uc}bn;z<&3h0Z)DBQH{%am7HsqdS*2NOD)M)Beb3v8gu%*-s!_8A0#`nDgT
z+O>zNZP1B-9h0M@UFMXl9lDKUXNRP_-hwFLQdmaD+N5=Yc@C#OH!ik%YIsC#{-7;A
z2B>bd$@ppEtD80P5_o(y_Nz=+8(!^*jy0kx_v6=oA2TtN=r_<L=8tb3Hfj)(YN1^u
zIJ-}VLQPwM?b#B>EBPA#BHvfy&;nItYNP|D)uexjCK>*CP-K7{h8O_)#sBR8)~=D_
z`_H=<H?jRrC|Txx**2r@P%gzOV?6l!ysCGp?07Md=X9Tn&`*EGE^7@bNrsD99+QNt
z9p?I({z=bvHK&IXP+-o4I-{RHpdgU$U~GY0h!M!kTdK=e!=Wcq(~jsTwLH>|9$w^(
z@)Y*;M{WW2+(t^&i|GJo_E*|_u)pk&+fKMW5nhLwj<JhK*(n~Fn^ODi4pD(Rydy9V
zws){N_@fqOzl?Hfl3!ULU#s5m*QK%Sc3*W@Z~m9JTHD`Mw`kC{Dw2#aHbfj5<?}+D
z8x(utA>9GLGF!p~H#QR+&+Xid@uoinROY~ZsWrC!1R;2*T|cUv-KJQaDV?V#c-^N~
zSM%uBTnO9Q;-`-|Z&ul{TreTRmi&7=UaTFtypv4P4xM&%Si5H-qZiJ=JUu;AWhv<}
z$L$kt)jU<V9ywdtI5@UnMKrARiyD!0ybz-s<oE5LeGg26&vz25{X4E){gS@r4_T4@
z$Rp8-izMe~NB|QM@bOLdfrD!or<Vhg5C6c?hFwTZ$CfLuMg2_~7SQs{dYXPVIydLr
z!FPigMaskwd0k^5eJ>_De5AY%Tk52|NA*(!d=kBI$Z2pB1k&m|xwwIWlciHhMv{o=
z(;K)TSCsYjEGp{r@^->@Wy?X#C>v9JTK!x-v;vcDl>$j)_jh-tl&j*mEx(CRKA@ZH
z4R3D~`3nfVYq|2ZM@QD7_I+!Z{uC&(<Oe4|JbhXHH+~Cub9az`MxnFm8!pF~m!_{p
z)*7MY;nBK(f+d|@h6-lw`2A*-i#1ONA6QJD+q_^nszA!sAFidol1eb8Q}Pmgq}E6F
zUEJuK_yGkqBn;Hv_S&?MZxu>Lc}WE3?d6PnZb;pnO&{8wC79I&g$|-Zaa-3*tfR1p
zB=PKxB^VGOzISmM+iVZk8an1*B_qT<8xhh_+R^mQ$f!zX7E)0}S_l92U-8ln2gWvS
zc8mTE1<BFjv-L#8u*TvtAocnAY@h@<gP@A*e0}%OH@O*AP8|XUEFOrrt=I`&jQ68g
z9zTn*m&|mlf(<M%YINpMK_LoIuwWgcu_$9kJv@ra$lxJSDtm|5cSifEEaa%Ei4zhM
z^4(+MbF<JVsoDxGxf#^xIlWpqaVhm`O8?g^tupL4DRHr_owKHYW64_U{9z`{EbX`4
ziYlz&JU|h6=-)ck*nOabiZY7a@&A$b)=_Z;UBf2?3lJnY!9s9%w<Nd+cXxMp3&Dds
z6PV!c?yiHoyALq9?&Nv)J^OvT`^TQMr|b00>C>gR`u45rU)_q7UJ(}C3Dk6NLfT-;
z?unE~Dz=p9k}7)%iPse1h6Qr-vJ-s3!NsLJR9X>`CQ(uDpjT|oT9uKJ;q|(r%*n~A
z%UIU1I@Wx;xV*RzpfAkd>zI2WNBPx9>6zMq%ZfFMCIq@Ydy?j!hk5r;2GDSK`m?;E
zLVbh$aZclKmTiwBF*6Nb4699cC32YeGqoWlG~5ma$IICpV_^!Fz$K*Bl}E$<H!k!H
zO#@o;KuT&mhMmB)!1(_L=r6n&`{xMhm688R1DXspE!g-EQpVE_?C8Ic2_pUzpeO0C
zl>eWSRkE`y|8Ft8=Nqy*{#%f<B~{`thSyTsI#~~k8Dq&9WCUueszsT%L9`qkDt6*u
znk`5JqY*=tTPuKd<x&H%N@n5+OG``BcyWJb-P9H|mbWjHx($CgUS9+%>Fbm7H9z3s
zr3zwFQBjqaOI^d96DpajH~e3*?e$@Y>5Bi?*s9(V)as=-<nMs1x>q-QNoh8uzm%0Z
zX4NTMKzGqn7UkrvKPvy;uGk6X+lfPKj&ig2x4<GdAn7qtN>9;EZ|=rVZsqI#NSQB*
zdg;T~JBsXjJQrLHv67IYaw%5;m@pph%FUdre#8ER&W<6$>FeLd`GlPGsGIm>#V@6B
z|5pNSSR8nxqKFdtct~byf|$j_@^<2RPd=buV_d%ttkspD&Kh#28@>=CiSb9l;eOR2
zEq<k}nO%jUaPuPrasO_<+JdKmrHKD0{iwfoX2h6K*}zAO{S)#R<X@DY`2P_n7Aw|&
zuA4ezOMg`@cf}a_z4?;+`(Lm40*xIQFVzJ-C}EYjG>IEM^h>FumifD$1z-mmyPrhK
zt#qK-L(}`uozQ#V<w5n4H63lWq3u~yzL~jkqH^=6R0(JQqnPXCfRTj)g95q@<M!CJ
zYhyVskITvy7k?_`b+WYoXZaZCerKi(ojbTEDoq8?sdq1(WfJf_P!xdDhRebLnCUuU
zb51rLcq8=Ps#Bre^Pa$74Q>-!hskN}A0YwX7x~nE!O_(pXD#+hSseOQmr%5lnRx!l
zjarmh+RM+3RB>4XbY>6S$^JDB!oNoOPZgB7(!lh4GZQpC&}N%Mu`Idd?MN1`Z0}z>
z{LXIt;`x@}sOdBW*bIb32OL-lFOhuLdKvd=E$S0nywUw4TH(Atm%8~E3kyr7dG|cd
z!IHm!PyR1W=#K9yh6&uEObk5YPnT{Xf=(L*oaIcqF_5T`5(;YE7hbLKZuQ}tlc|h2
z5&dpy(@&*Uvvnt%dX#nyhLry!py*q~>piy&>i}`Lk-`^6duV}G$ZZPZb{*ahSmfSD
z{(W*t@of%y)-Eb$w76-zBj`NG`N_}Ph<-W+%Y047o1I^K!0vm|`oUGZZ`-WY>66G$
z3`Du@Z8bPH^3=5EQ_g}%nF)K%(X{wP#|+k}Z#yZ~3!P~fI}8twkCMDGq`f149iFYE
z7FV;#(XNlbt3w8A&7b(LPRBKEmd!4h6aHzW|LJ1<vS?xX)K@4`!z@j;v(;bp2>DBa
z?F#lDUhi%P=eD{58t=Z;mSep|g%d32vyc`eesD+1pGS;zL(t{j8ar{oF!K1y-S9~C
zs*V)e3f}A#dSRFBosn)n7X{P2jwGFJ?Iz<@yY|qgfIpDWKD`$TFQcgZ9H_6@*|QJ1
z#5r=aeSB0YD4YFixkB)I74SCEI0*fYlJUJ$pM}i}BF-K;da>RbH1T%WUECy7a=fDV
ze=EMX4HJTRewv&_G&RQ~I|F~BxShj_#-N-T^<HVt=lYXj`JmtRh;qp>85wg2BBrdb
zA%Swx4F*w*r-Y+V1R|rgi;C>1MTAff!1!#AeFWxb@BfOeVQ1jrBrklw*t2V!wBTK;
zHv}mf?f(%bR)DiKdTL2#+`#?1n2dc*cu681FW^-VF|J8+AW0iDH?FyEswDfia7o0*
z8A2tJb-;h~xeJ~v=7$x7@kCLFZ@~IjH;4&wn+5|ifl#O&qoHf6#+ZX*D@50@LTSZE
zCsmT{Uk5+i&*}8hTb?F6?qD=DEwiO={1HB<ED@jL$Tl$&<QPR=yWDUFM&)oJpO=Z)
zH<|KPBTa4;Qn25*W=+w+%uEYTb$}=JR|@Sj{cTawuj|sdxy5|s0kK=@)Z>>$a4Hr*
zRLef!z8kGMe|?zn3V7SN{uLY#heaVsxNO5(y@!^D7FGse4a1NCZJPdI7jNJnuS7^(
z`=<VlJpb1GyIvy$>zDRVa$1*+#A|?BzRB6yuKhU!OT*m&xagk&vNG4?{GGgERnIbv
zYHqq1$eVwBc<oCE*liPO_O&PR#V*ZL8~JcmLYqq>dg^{qcP;?3h0RMok<Dzje;QL8
zPoqbOK4-uw_GzsV?>ZzMHFfB^kX5T&)imta50KTKiSgOTvt(bi{^uQ_uI*f6`OU_!
z&V_(MM|CMq_@CM=;aVbMQ{~(M;Of8O@)jc|9tYr}rP(Vwkf45Idu7;>*%LY(om(yS
zlIfBXdKjJ<&Mj!k09PD(y|nt~=x0I{y=7Di9UzOx4nI0}Eul81J6Cf(f<BjLwn+Ep
z6gB~uH#5bcg3(w}gl}!Hf!{Y$*_f+u<$^!IJ*|3kG$7hA@u*|gHm-6Pr=QA?7`O#z
zzKX~z&=1)(Z>dcE>S+6x9MTVKg`CTn13|FDH7xI_$1aMfyAiZjwi5`brH80@&f77Z
zs&O{%*_A8mgm-9x26RrA=9L^oG;ENR8A|GtFMqYm90Xq9e_ju0ry*jY{&>^@=zIel
zJRC3LGJAQtTxIc0HFL{ECTMZHu;HteH0_^_Mfpi4++q_@RheFYoiGzMF@e*WFEb5u
z!Q2uq#34|!mNB!8tB`v<CFp=%A0y^XyDVkiskIl}X*5te7_?<DsaIk7DW^RozQO9R
z$sXzt$C)-gXW}B5)7^@~h+WZ-t)wdZ;8#)^sKl`pK?h%uS?>o6gu3ZlJoy!c(%U~C
z7nSoWW37Z6tbDe+i|e>m1CDWx`^v0`OhH-kdm4pRgC{XPek=^t{&d49>%~G4S!P7s
z-~j}6CzpvPQ$9G`pw{?ThtrI50Gq%jf7Qu{Z(kiC38nJiNtECDGWy5!5!iI=-Vi;;
zwt(!xlAWs#5C%FXDis6ZZ9sjS&Q8==s3)^0B9^}L0(YvG>gvbDA+t(D<#9u$hjU#8
zod<RKhcLc-gVBW%yYiLFSlDu_&TFL_0jUX2Bg>~1f2|3J<iPk8eOYsJ>iXDEkM^T`
z!*l7b&sTt(GHSQe5E8EujlHR>1`$^Fg|A8__;9VaX1gOm_(4-gF7BYjOm)bkY~rO%
zy^{XiS8Zp0{I%!iQzF@xYV|c$O3H$di3t&<7BHzV+e6Hy8azz-)D*A&<V{VF*eOMl
z2Kn~8SYKvj-ebI{;2i%R(JkdD^&Wri<pNC>I5aQj9Lhk^;`h}U!H#55S4+{>l{j}H
z@!|r#hvJ7or}`i9QkAheUS*l%xtKD2z1e4Wx@rv<ri#G7bvUcvRis%sF^S`)EWb9X
z2Z#i3M^33V7?#`T{`vFX0Q{BN^2jJ6{}5Mf$woR_v2U)IEH2PeIr5ZeWFhlCdhBkS
z4(7K@s>9{Y!;i2O@`#B!@(c&;=I6+(6XzyfRa0^q4<E4$$4q;6y|Pe;fwU|^!=mPn
z+_{lS1O^3uHL+RrthjqMFQvHm_}}dOC@jzch5(ySP79)%HOKGv_wl|n=NR`)O3S6Q
zg*ZVxu+^sf>O~D8a}Q|^-xyhhfA6^rau_WW55xe*BPPd)LN-kB+DdO}xi#P4p&HKX
zz-eul7q%#L9qJ>25pAe0k)?e(Y~S}bAa3-+sCE^t>JRM4Ax*n<X;OpIdjA&JCM|9P
zB)g8*T#u*Ys#OkHwN6fUXrh5DD^V8{c3sNqL&sV#1pNN=E;MrHvqK+0d}2>54Rc$x
z4!B%)6BiPvW(YG!DwyZ2-;94OOq<aC7Bp3G)<{dRJ>78R%ggdE6R04o;-+fd{X;)w
zeLe3=nEjuvP{Y4@6*oi3?S?&IUZv`E*P${Ox~^S#tJc|NS!(4&Z&GIa)xu_SS_d}2
zBB$%6RLhV4yKH5l+!`SH2FGR(H{FKy<%=-A!@G@}TF<K^i}Wgiph!eFVmqC|fngKR
zt>y(skk!EXj~m;(zhe?X>c4WYs2S7i`HQY(M{FXRoCCLJItCZv=a0>0#&0uUxeRBI
zO-rmL9Lm30*z{c0#!VHxHkbR-PDB|^jFtCg5+@b=qEG73J3zUe00#gz>v26@VrQk?
z&XJl&5`V#iX}t}rGEW)k@nhT7MB!hJui|zT`G^!$;$gnc&U~p@vO}?P#^a}2A4s@j
zb9-qZOWn|orE4CXmkrIw^d`cwsi!)j%EdKm(6VxKH}{4&=H>TC3JF&0eedTPMtHr&
zAs-cC^KGOMEgwpP1(TCB&b0_>>;ZPuNip4ul!Q-bqeH^I(j{%k5_p;Mis82hA<{1C
z{AQnk;U5m7$}NU@QZJV_yKS#|l-6L5oPvA>jo60!kD^J0qP$QG**w=Vbe)CzR~*_0
z+lFTdMVu)`X?zFvPVx`05qJX{2nvmWgxtogz=DdNotB{MP)u_L;_)VF6+!`Pc!M){
zaSgSIlL9n3_l%yjYK2d{WqY=DvCe})T+CwFA=Ra?5zVAGmOAAnn#NGGLx7gq<xeAz
zQUM~-4QF}D4NnATCjhY=03cR>)m2DDkxGhFS65l_Sd`&9(9I^v*0!1m+IQKZGhGQh
zX}Tm4-czwugG-YMcn-e1%AnrP>($!Y{mZ0qsiE#k1Rs44=evK9U*q*aum3U=U~#zr
zwd}4;5tU%+R3b(36!c8?j;?0zcV(s6@Q;O1P(|e-zb}H)BYmVC7v&(*)KPk>*13+f
z)fjn>&#f6c!k)5q1+~D|CkT@Kfo4_u$j{6L1&8WQ@XlbYQ23Jbq2M><eoOKA44jbB
zWZDUUyU|LlUl!_!m;szc05J%u)))B#ZQokGKgOqSHS!=#wl8_!_#^A1i5n<jQK#$h
z6eIEI@|9YS35EB3+5=0LHA$!0bpT-Mhdo~+v&yXB$Fm+e4tuGzm4(L8qw4}(4c@k$
zM?3C=DA-(l7!`Nmz}^K9R=glBxoir)vMmwV2T|x?d;0N22iyT(IrKIRq|MDxZ@pP}
zsir$eRi0Dd9yM?XmP$$@BBM>gK|8i<9>JqVgg7hRww08EoN0Pb=+1|2JU)$;zyqX>
z9}*PB$jHRP&XIOLaXWbN5xIzYa1<9&O#_z{2gtuT60(x|x=k$Zryk(LSqv!FRKxC$
zDj%K_9jZo|vIJ#0!U(mp_`FiiT4S9@Xo84sb~-t!-xHXbZWa~iJ$W2G??qAO{Ls$H
zYiK+#H5rk7C=oovil*1rUKA-15uI-_QVL4d8tgc0U99p#vgvpX>bf>YFC!RV0fTy8
ztT_)b{03br(R!#@L+L7Ccm|jq$y@t|hS6LI1wA;r<2%|GkG$ryuW5KW1E;`urpI>`
zO{W<HZ@wiAIul6ozf;B*WQ8{~YvcR+f3iP>G(H%6yf40djlM@9NVlWng`zD}C!j>T
zDon>`B>v84?m`on^yLRMJg?(oyU@P(7!qw98KI}1uaA8OM?wKeM#y3C&F9;Spu5f0
zdN~vnmwVeQ)}Q{~@GPlhhgY@+69%K78CYWa6(|TAP6-a~SauXyZgwqyFj}C$bzN}@
zNXtO-L5Tq-56mpzzXab~iitdqKgZWdAi%~+eN{zUqB1kxJ)y0i&w~-Sn>!$8(j(~{
zA9QY2yv_D4^SEWR8F|Q$+hZ19X1jT)_BK|XlXLfHQ>sQDBfCaKtvoFH$l5Y!_o07)
zJr7%XQLvp%wDECu#v7F&x!T&=fZESHZF5m9_{%o(WRi}495@H9ZQ23-pa<)HMC8FV
zpT)Xw14lU4G2Q6Z-#eoAbY2f33qeujj*`6?8S3)c+=0mXuA2BjYyq#6?07kymf#5N
zb@Pi*aWUNaZ9hkH7FYkwFtUJ&JS~MbVOwrkDkw7|6c!&<aj|#(act>RU^D5Ji5|hC
z0}QOVTM{b4OOSQ<{fy1ov4Dkq+PQr5JBiGK%lXanazod~j@qQ5Yew_yGmu08$KHS@
zzsO2_HELV2rM>A+bhqyzv8Wkb(!w`wV_NLDOPsfpbf?o+%&3iiyEdLfy#hwP@zq?Q
z=bImmAcu9;{3?nB#o@(-;m=r-u8!aA$J*K#{B;pq6q4+RdpwTg4&*e`AsE60-IIg>
z4u^FqL|@h<3UX@p?<^PHUF5t>y5q;m97l6|xZW6U1$|k4ryorS1s_cC#z-f+jC!49
z>#I#hG+WxH0I+a_PCZPKREY&_rV}U~_s=H!V6I=|ug$yxd=YQ2BCq%mZeq&(uY<Rj
zCItMx)MPB#vf#VHi<>>pQ@6LC75b|_+K`MAnU)I0tv6pR5I|Ud69k|tIxBxVPP<b2
zHxUO<;UkM0UeGq!Dho0$3u8AS)#=#i8L%Vr+DksT-%=(pnD7r-_zBuNVOn``en5G2
zKmQ34=b^s!kFi_l{uK0~5w1-H>ZxP`yt5&E$&T8&)_u3(2a0y`BWQjkK=MzMsZ`3O
zMY82aO;tGGdU~;VFoLAIf~P|&(FfKEqeo=ZUL`OT%(zun;BoiDd^x>8XHN99L&nd2
zx6Quh7m78p7k~-2YqmXaZq~C#t@AnvgIUh=pElJr1GPUZoOHp7JZ6+{i~;X15>*=t
z21z$00MZ+dP!9zj^%K0l`^Lg6RZ$eF6iw%?=`;eao4^~9t8ovVbjT~rPdQx~bsZtH
z7>%RVb~s+I^DkD--lu4P8jfpac;32&=LatYB=C?_xf`lnlv(zDPzcs43nk_PH%8*4
zmyi7vPnZl%r}ksl+gANpkCSz8KCOio*E%WIV!1j}C<-m5E2-?WdOb2qU=aTCJ0DNC
zF}LO7YRVSsNt&V{IO7cJ4hd&<ITOyS8CmIoGb*Py879&rY<tEMcSmY27LEo#@DnLm
zIC_Cp`P~UeZj>2X+B^r)j{0N2GE_WKbC^1P(1>H%zIg@w*4gOUbK5x-a6qD(GfV*!
zycqdam9+(T{lT1QeRAPrjrARUc_;)1PU$^P6npwV`(lbNgehY-XBP4c_I8m2;_aA>
zT^pez^rF0)n|gQI@{k!+VZ+H!_>8#8a>Vl?-%8QrO-iUlxPD@^ws$p+BdhYP!Bc?1
zKWEJLxf{xK`c5m?ST&Y4*=)X)Vt7}VDT)ZnX7aMz!Dom2iMmQt<v-fa%OCgu_8MFg
zarmHz7$93xtS$@MO~l~8oG5}5)76w36zPnq^&#-@NF|)xA*8OrFx@$X6@1wCt)Sdf
z&I0uGIT<)I^2UEA!;o<E59+t~zAn~x_4fN<#4o_dR_J*a(OGr-hb+j5oRM%YPJd@1
z*WrHrE;mp~LIP1uE!kB&wd+k2tM^U&Q}3I8Nkb#}KQ9gQx)~aYdBi4fXR7QLzO7FN
zfm?+OK<nYrh+Llqi~Cz+f{k&qfxuz|ms=T_0~US57i|mQ@4@MlPi_sK+QkU$t9R_i
z!-x~jq`AGL*-P#d;iEairw>jH6RBT#+x*^v$I<#>am@8hY%61<wOh$F-e3yi2)hp^
zG^8US7WX3UG8!YH3VMsAs=wx@<fPR<sI2>8SX8Rwc?5)*rCt@6mF|pOf)8_pl)kGI
zueHcibR%*jh3c-$9tcMbRq<ENEo`^?P=(<6gMyew59d6Dn(@NjE9l!i%KpAR$G}rl
zZf_I*98Cv~Jv(x?`^0Vq5Bl?qY^0*m2sP~<jdtj@F1C$k_LN8-M8qd}YiMfd$0?O#
zs)a3=faqT^?!0tEJY?O3R;aHHs|ywM^IH{b>H`n(dkGi}T|oeX@+|g1uah+?2KL`c
zdUC!Eq$YkG!mXXT2a}5LWmu@VT9Xb>G}8J0@PPeX)1R~8E5vqz43%H_gtAcwvyWzW
z)b{PJx>PqFN9??iXY`MHVr`OVIfH>6De|)BRkjwG2iXUgx0~f@LG-P$d#Kbk{r!O_
zLBnk#A{q2HSU~UFZA(+cneb@iQk{9S2bBE4csRKhU3KQ{{-G%aInA~l8>;a;>uwTQ
zAo&Wdis3cn<ha4$M4(&jk$CfE3*dMWb?N)~!sFZF$k{q!`Qosu%}#IMlZ<wuFHB5R
z-Z?j?MYz~1AcDC6LkYuOK78Rr!CRYQNi#xp2Z_Q#HPWv;fr(adK(|#YYMY25Z;qGu
ze)}8|IKi9y!*TC+`_>|neG)d5&HzX2k1tP!Xx*EzHhBMNY4iK&H+VW|6P}3ZSXtw{
z)>x+fgcgDnV?OMSKOg-VxFqt^#0DN%5eV*F8Q>A|9ZZ!?oxB;2WxT6Z*1{PkTC+${
zM?Heg^t>v@PpjS+Q1`oGstrdoxeBf~ZSdQ8slZ~Le)%Ag%&o7FJsO~e*&m?eYEf)b
zSrH=+HIZ6wo9=_Dfz^Sa>=wv*QW!A=eQ<Cv(+!|-(BJvu;eKDZ<#yroc$+=`af6nb
zY-1qp+X-?^%f#%u-qNv^6#~%jgTW(HZp7u-=^M3yts6Nl<u6>a7~`jYRt0b-5O!FN
z_^bMNOg)3+{)GdIX6GXuu$vEDp_ybe>DJ(42ZaM1MXBCkC=Fop@CAESw6Ypfig10*
z5%DL1-k*2_@QQl3vjZNkyKA}B4xquR-8ouvL66wu>7wni!GF6^1XY_i(g^#X%Yokz
zW&K?#n6I$l49-SM&QhIPJyX~mI>s%0-dzg6k%Uk)Zz@YMGCy%oHQtG>CSaw{+zFYN
z3&jR#zPB+4nI2`ZGRhm;OTxximk^qm&75HgJsVyd@!)yACs<Qty}CE1HEDqU)nR3?
zHdYS6v%Sq7QdY>B_^w|}*be*%&^tNg^F>&Q9HE;`O*GIRn$Pb&;<@288eF(g*Z{qk
zVfyAbSUqOCSt<^6)b{zHcT&oP*BbBD?#;TyrwJ*hWZ{TSC%fJ`*^$;=eE8UoXx9y|
zx`=Y`+bx9_EvGBY8sQ-l`6op}p;G@V*h6B*<vdjkXU-&E?dVl=$!3_D^LL8F=l03(
z5$${WW93j2r*QISjmuQqb~jafh`Hg1Exp+}$>W3uO#&NEA&13Rq}R(nTHlI-8ow90
zoPc~d2zscI`|~zH`V#@#<1zwpyf2j8@4*s?+B`t-jH;|P-zl)e)2}?|i5)H2K{6sM
zdZ(<f)fegyzKl!N&)-OTN&7Sw9Z-vu(~owV%^mEqFOXPJtMr$_Y-W4vLq=_CyUQSC
zB8%kjF#{bpfu=~SfS<%U)%EE+{bNr2g(}kueZ}3wbs=J8X^Z}<S6e|qU_ETj7xar+
zY`;a{k*E`B_d0r@uVuki(kJLX(Hq1nsr<}vMWCnu=~t}>=fbvfv*Q)5PPXXO-0J{=
zVpkD50v|3nk%J%6Xy+4c)*I{Hgz_NbD`uguPIpm-o`O9d(r&(i#SOj-A&(heV&R10
zc?}b9rT$3&q45|s9MJ(|pVhIXTpDj?<((c-N~5bF8I_krE2!nc<xAV*rf=+OB(<?%
zEUVczPQiHEaI}|Ale!_zq#p)=uTUwMKeB(M0gZux%Zl4&f5N2y0Kjg&%G?tIyuY1s
zGgS|+f858WC_FIuv(O|ymQy_EFiq+HP+(XQPEe^5O~f59J!4*Tnh1K>g*Xh;ju>_4
zwVT!nv!UEAjsgH@6X6gMqmeqRu`~z?a=zN4^|6ykQ_Q7FA-mJGs`=Qed`WfAb`Rye
zzi=w@Ons-@mE7$2kNvUK#;X%-enapDV`&jHr{If-dJ{XzC>Gk^ZQ5C}I_8+9T1FY)
z9p`Qx;@ug=NS@Z5K`2&C6sim?noq=!Pop*rqRE8OD<q>Rb^-+ron@Uq>Z~QvtqXif
zSecKp)4iw?0_Jyn*bXFW_0aFIq7CL3ug)K^-5=NgGbpI_Ul(ZG;{-6ZV$?hg3fV5#
zpr-P|k%u=<=k9z~w-fG4(R*5|vZrfbCmT7yznaXyhuDKX2>H#Z!W9h6@Akn2lkF@-
zEPX%bCs8Ek(3;NmhciR67F{ohPc+8<tXwSJo6l``_#nSXo^`=5+Vz(`y0Qzbjyj46
z#%+;FZoy2OtR7u}->^A6yo`%9%uonkrfT^Aw5i?gd%q`W<_{1Hp8#K!L&zJfU%=r^
zK8`UX`_t<zZ^d9wv)S#U@~y#qxQ9*_7OLUdU!X0t=Sq>ckeO<;#(n`5*Y6E1Tge_4
z&I2L{cWVq@jUb(}jgy|cQ5x1NFs80D{YuW`(x+~Z6M`21CJYx;T}__kH%I_r(}o33
zZO+^L_B_hRpTo*u((9ldL$l_RwzaV$@6Jb56Rh@Kd(-LhhO7%;K(RJpLEXFUQ4nt6
z9N0veKn{*G8Q_uRbJ>0mlmHo;Xd<5sqM1YX#71xl#I3zHJQK$Y+n4GgvfdtkL3bU_
zk_H(=NDdwrOQaggQO*y(eY699brCc8dTAoJqQX!6{Cnf?BswoWqK}8iMh2|eY9TV*
zmE|#cy%rj8(jZ?f>4W-(#REX8Z@nNNy~EQp3Gh?ZeDJWkqJ4GpDVBhB^LL0MLljr(
z&a%JIgSWuLz^7;tc{wHmh7+#()vFL4dApNAe47ZbjLr#viq5I^&~M3VXesj>tn}RK
zKMdV1y@=?h7xH|gt)+)_7Jw`)X4c?W-Lay4RS1ZoG{4NQ`~mMw(B0Whtw;lAE|q5v
zE2ia&T5j%#J}P+yl9$D-2M!<cGT-STgSP#%kQ#jehj@WZc~0`-DbK<%kJ`MFVU^Vp
zx?H(cV?~jAUb2JIH){dyiq-;jJY6lBa3RIZ=~sNOBSVdK;iXjn!pHjJh3bm7rZ=)S
z*UkRS<&Bco!poWz@J+A7<c_6=KHs7=Lo0>@sjqnc+w|M{asaSQ1HG+hg=W2AG`FJ7
zEssYi)^$5yXH@w~`$0&dLlo4TedzUEo_XUSw0>iWQ65cN(q>S87xk1wv-Bf4|ItYA
z^PhMIi$*8*sn|7gLst>g@(@k%%PE>%uPzjPsWdHj+&tPIYZI5%tTNRqO{w81`W^kt
zQCO!b^r8F+g3n^qsDsmA4y*Uw6q5mu(Y#`x!=amf9`L^KK831&T!veq5dCa+#9$;i
zf7Gd2Jvtw~0?DUpijP1=C~4)asj0=0DnIhDO4hbBEv~-cXY@(Ohk#4@SaGdl+uvlK
zxI*5Be;;Lh7sbm17}fpC<dG^V4eJDWU!pop+ymRuD;^DuUtmQdNq!TNO^lE!Bp6%2
z7H+W756SQB<O6D*0Ayxd=(-pVrWNYzt6`;1$m7j+=szx%l`s4|gh?W%V8f0+`qmq<
z(BV}r+hsi)5iPjNFA~ecd*$o_5y&_cPo7%WfON%(HuBi86_Ryz`C~d)Oaiy0rZYL1
zV`z>{rzkFUZ04_daS!`q?-Az4o6goFJmijIJZJSMq|s_-H8}!iKHicnj+K;$D@AoR
zk=zG8oMboKhvxNJ&NEGpXg#xyc6g8%tE%TejT`=b2Y$xF?(gqEyr%ZuLE$4x8MKnO
zu#bN{#Wx6D|MP%{TPjHJ(3-J2HrLtlNpqhBYMvkM2RQ9jkF{1B7Wkg)$CgLCK{PgV
z{`49?$up$YKbYbkzrPS1&N$OgBO<>;zfl6X_=6&??Mn0O$yhT^+JAL|9~nSkuLN|O
z0~hWUvdXe3-I111n_KY?^bF|gC(uQlAIQc#<>1a;?5wlsD6E~N&X>f?9$af@wd}+s
z{~#nQc~F>k*cfc5fj{*y`ySm?-}L;l!u2`-O%VXF5g0`Eao7z|V0a2^aB<tMrx4=H
z*&FDS<ycJdOsZ_#IFLRlbeNZ9*y$Ht(@gh_cdHOx!tx2W`v~zezvE~tBJmk`a2P{g
zik7{i=0Bf0?zrPiRwPk5ur9r;^~oVWB8SdM+t{s?=0o*9*azKi6pTu+w&K&6x8=S>
zY&fqv<>~WSu81=0<l}eJZh&-a;FX`>#+6oUW&NaYZKJKVCr@T`1By!j+Eb6&p(~i|
zggqax0yj?&OEE=(Bw_b*nEFz=dU@h^F#l>|Pcp-B{w!91<MB)NRcD`0E#<f|R$!rD
z--n~}CB<2dbd>3!^2Z+S8auUSfI{WMtTveY4KSlUh-{Nxpz}(dEcvjg_PU(8M=z3W
zZ}p;MSH4&GGTtfwPD18*Sj^st4kdQvL%yc`qrk{t5(awaX<s+!TuA0>S?v5=*TlLJ
zS5>VY!_Sv);g~GGlaXo;eCaomJzeLU&mhgX=Ev9BrDMx*!@4Kr9N|vF5Ma(pdN|*2
z*XW&Lr28+1h`lT^7Bzz(3iOG`d@PXI=WGx;xMD;$NDy#^6fq?I)IYg501#zJJl*eH
zT={1+vBj$oPjlriwZudDlGO^=^PY-xd0s%*xsZq;Iak1#DM%|?1VYVn=BEvZi)M~~
zW16+1YVJ8<7<pp(m`x(5B#H*me?YlQ(7Z*8+0O_1DLt5b$y<~Rnhw~!3ZTyL9dp12
z_`weMTRcp<vDda2PJ$0b?#ZcOOqx3pEm+v@r^CmtRd3Q{z$TS82d5WbyQTgi8LnWn
z4h%&kpddP%+ocS1@kX9aYGok`0WyI!fNKMIjieIrkL{wL)fu9rrDEv3S5O{IirZhA
zRiJ5vHe#9Ep}p6*;#n!D+t@0)?}yuh4V{S?1HOt52RC)V3KfBn%d5{7!$=d(0~;BV
z|3qPj3gHfSJZ)xr!pN73J>o&GmCScK)W!4fYGm%%AI9F_?)Lq#l&9!bAE^(XxfXuJ
zQattjnVTw1)mjkwQ-Xrj>y<LK5VDt_emW6r4~ZM%8#*o8!I@2?E27=i9n$0nKQJhQ
z{ev!HTcsLt<F!*{;+e9`HBuAvADC|RqdJA-Lq67Oe%g_d7Dumc5tAty9cF!SkuvB)
z-iXkpl>=6+i{%ObWYnQsmo}*4SqrfR(yUEPkoT#6ZQx6P*BZMsHR|Q{R(p&Lg~|RM
zhxjfYLR5P(cUPqULyRPi$;_?lu{TG&{-Tj!-iX)P`LjqY8%-W`f?%O}#1Yh#L2W!e
zU&HGOSMX@Q%^q7NGKZ@oN@6tpI?J<ksUXsmJNxyMHlyzrS166gYYhHvd!Wm?o6NWd
zfsYx&FqikOgy;G`*phbNa?9;HmYsQ!Id3C(qV3Pz9?R3lPEAF0WaP<dQwQMwiv2WM
zN&97llT};NQws%O#RJp4l$_HY51gGN`nx-NinQOUHbUi9rCBpWw0J$vst}2tWisyg
znBdEeM#KWrm6GcF*#j3&e=>W7V$S(N_UpcrW879Gn16iH|KL<maxO8mNKb@~z7D!s
zUL^}02z|d@rJcah>JwePdxy|W#GT%OF)$)@b<}eY>9>v<bvb9^et~l^s^8@pTK6Vv
z?NKB)=*&Bq#{Jo0o<^U1VYA1^f+qfuwTgv*pF5x(_*<6B3P)=vz2gn}wMEj;;RyWv
zFlpIVFQa|t)MV-%Z#XfinHXD95FN+Gio%h<ncN<CXe}_2+H%p^=)UKvPi=-fl|{>u
z*EOV<DytgH0kVApxQf)L9}j%N8i7P`!PkB!k11HzU9D+<PZ!&}J!E(r!E;2b7!40S
z{s*S|Cu%k%ASw}E4gS?j*xR^)yU@5w>#N)XYOPdhZPk^S#iMSTLIv<$Wl?e&`ifMM
zaO}(!bJ846wSYOC%@>cvAMVLo_)nL+6@{M82Y`F-B_tqImQ|2J!s%o!&9$J}T$tUf
zlXpOaMOeI9jQQ$$;nBrR52_+$!S97vD^0PZJGmdW)M*%%s$wWiH$2&F-N2=uF$A?Z
z(}{~PLRNQ_b78M9t(;&4$ZJHm<J!f^oVp9-kYok-5U7hi8dXbT{f(oV!tAPZbfBlN
zsHS%15~0@rT-+DdA!)F;)cy~o`yce}Kakw@eehIH=giira}SEB=GGNY&N_scBpdK&
zbm{V*0I21h$3SxHVWE<MK{r6~9YP_+*wLe!8vmSzD-+2ax|!gK1&L+bUPRS?MHehj
zZe=y*vD)WVC;;@f(k3Z__^e*Zq1EMky61F8dPS)Cu(A>qD-xt6$<OQ2M`y@Uy-)cC
zH6(&(z)9HpW5=VVc{9_FZwHwOyrPL#Fwf6O&YsAfB3o-}(Ba6yDs6*LOgG;HO7XsH
z4{DDzd!ZA(H=lt7+2_wTB0>{#-IA$da!#0AKRKU`MYdvINdC$7f0wKiJdjTx_5LJQ
zWJ*b>eCdwgPw^)A<h4*qR@Y;4I%nmM-A|!YG}RAuHC9pRb>_%}=)=5O%TP<;{*0Eh
z3gKiSJD+f^Tw=V;91s}fhdkS()o4RJ_^%Mb*?y_8g-=#yo$`f#Bn}X;%Qct2K+(h#
z9*fm0y}=;hI!PU%LEvc5I{FTu<9xeSn}mPzK-GYs<WvltDCBt~70@A%M$W#2q%L_z
zRk14eqvzc^?<KbodWTrtPJ0~$-FQElYV6Jzz>M^kyLY6pk+{a?=#z3z^HkI2kUNj4
z;JUJ*l&zAj^Rxn>RQg9hLixx4lfx4tHKa@kENa0MM%5Hg?X8@V4f&-%=shV97fw3p
zT?{I>5<2pi)s6$M9l6)h2*ut0I9k3WvRbPL390$l+uhhfM5g5*8j>NX0cVgH$gQfE
zeX@I7tBi)*Jsk+-rgWrt<ZDTLQu*-Pis^5czKpgsra|-V!8nD(^os<k-CLpWahBbR
zJ<oA@@{~M7>DeNa+xfQ=rEslakN;J_Tpxz~V==F+-?PZ<EC0l(NPor1Uaj$M{!J>K
zP#kUSgK*jWQCFc8KOhRAo+J8yt0VfqIu89EJ`XI>mX8hBK)Dzz?;O$dihISYg$Mud
zo&NAm{{ICgE%Ab}&R#9~7;z2}qNsVsY12uX^=~aN{134^WoM|$<gMz;Kp^cSn6n^K
zIeT>xq*Sf$lh}R~L`%g4rF`?A{6N1-GKN^#=!#$5brh|1;-lg6rfaOH*=y($U$1GU
z|4Z5?-+Ia&jI4ga#*5n9dIxO#0@puqg_QR<NwpsLKY7znB_(TwDoYDg{5NkU|LXYJ
z*$+pGahsaO6{Rg5)1+|+H=r@5E^EJEU9>zr_=!_e&2x`mlTuO&8oo^Vby$e0%R@bP
z(Q2(Y{hz?E95pr}A>lNDw7XhaPs7bGUx*ZRVxXz{YsuEXsjH}>A{NOEN+kb^7#4yU
z$_aI-TZ5oDH8qr{jugGRy2A9imirft%pkG(Di@9-ytg}~rmT#yuWvWUi?sleBLCKQ
zy1^Jq78mo1^-~zf1-``cs>tojz*4ZWHCy}#{Z4fHD)&!l|NpO^=CZ>A_xH`A?g`FI
zQd02JSNkYGCv561tIG|*vO%+irKpy~j)r=*DK0Cs)yYwR3G!Ih5FXK>=3)B>5kooj
z{}x8B>oA@jmI8s_%*^c2l^?q82^}4s)e8MuM!~|#99iYn&@MHU7l#M`w{B2W@zZ~3
z^uPKs9O-fd9}r7QOQHT>+Dnt-uGBu~Up1@@m*>Z$WTy8#`(B|&v89h%Sz7OZ({?c-
z*}Ij=z)TF33ihyCkp!6%TR!0HW<Ed{l3+B_*0?#{#kD-FC(fYP&P1C`7=Av;;s}<S
z_$>WHj0!b@5;-`SmXDj0lQWm7<*4B3d0oYVm~_o&;yKGNi*T@g{Xk0*U(FzSPOZM<
zrd?%@3$K>2bey^GP(}Pd&YFfy*{kd7D22YzNMrD4pZjFuQ1p+OvRkbwx;obW(arhO
z(w0V4?bJt||Jy)yV)8HXs3I?|Rl`A%=WOtD@a6&iFI&7@H^dINZP9GJy`RB1H)yIE
zaQ?Px++;;ds%J)x$4d70Cf{(tPxQF0-cgu9GPun2wQQ!pt#2btxJVMELvUoMt+?a!
z^rH;UyI0Vi-ACAod=SwwIEPYGJJUOBdP<D5N$PKDJBck-hwuvty)J_<(-BlNUf!I}
z`4-o{*86<!J9I!Kmq0p3`+Ipk*kwDJE5ZrMC2&_A+B-QVECYjg*3nB#PYxMH{wge*
zN#;M09lZL*yqe5%evkg!`gPjS)zR^D1PF<XPF-74`%Z;;6}_=QI_~D6CE&}QHR%r(
z6?y9<GW&Hp#u7A#s9JeEd_2vh@;n~xZgYwHVzK(#;j8I)vZFS{X|^z$@<?UOqiF`3
zrY4e6B&_G9OUgEjx;o#gfrHkwKuvvPBcq_bIe9ttAIx=5>r`p|y?6O`J|<}WE$^1L
z-^nuA97d~m^`scbw8Npos6${^MwrIbDONJ+>wH#*QWmDpz<HWFqSZA$+dW?*%iDpm
zhSN5hTH2=HmO*xC+%T;%?eYjwsM8+W;x?>sh8!eS<Ob&cMnP_Lw;W8rY_<8&VuWnZ
zbgGE0kGxc+zbTP7I^a9CwnQZBQ3OPgWRCwFw-4}`pL%X|d1FVcl7*~CC`B)*xHiJ}
zt`l9MUM;e{o#BDadxe$BngN+0V5-3PXn*(y{P5zTQD9S9Xiwf3QW3y_C3H2f607wg
zV+{G0IW<(*KzGPd{_%SdxP`lK;DLn~FQsqvQGEKjjo8^i#Lx;9yw)Tt=>~gbMb{@O
z`4Qk4@_eP;;97t&A|xq$y0M$$;H3f(HydX-m8_NwS_~sV78Ygu<RDjARfEpqE4AU(
z=|C(WFvxz&h|w^~-gbTd3_SD0$Bv^%MvdNm?V^|b=+3cr7a8%ZxqFo41TcpnsT5G{
zw<iYIpB$66adHAae*)Z{0eu~>>uocrj!ElsxjXM(IwQ7_DEchj-ER*SCc`<Qed9m{
z7Z~AlnI(KSo}`Si$VP}U<)Glgz@HVnB#%COGK*V)O-d@`Y5D;Tgg*(UFOre}`-e8X
zuZi_tFvU@t?w~On`(0c5{UYsm(eKj30Yd{7LCxzj_IT>?AIZMyuhG_q)Kf}Gek8$_
zw)8~7judLx)8lOkuYNu^s<Bh{r3n5NN<=9Zj!lduy3_SR;shPxa%wit7OtvMSi)Z7
z<H(s-jS8f=Vu)I>;8%6GL{D(9l!6rH7sj;3S!Yv$r?eRDoCOWckDp|uq(1Z1fNS!m
zb2l=8oD}gzL$u#1@`}&=LYB<Uoi32AoTfs<5E8RAdY|`S4>T~B7>58Gd(#Wdbr=(@
zZ!J+ag&>vX*}<qB#4MJaef5(M;4jh_BRx2k`Y~7DzKF>azxs>Bxf{E#rim*hCDXMv
z&0PG#E*F5&F^bh5h6z}hPb(+`g9Dy7$G99(rD<jE=B+AD=nCIzA8-mw7c>Q*b(q$f
zY~|2?e<U0O``=Iv$L)QO7UoA%?QeEoyQ2mT4irsXAN-YMMAdG^1jcoD<MrzsV8%ZM
zMikQxY_x5S2XHUl3im2H-`}BD3;J;M_wC|{k|g`y6msm|of&6U?o1c6(AkriL!ZS|
zp&QQ}r`)IdE0Dbuq0-2KCl~+7;UeXT9*MhQfX+moZSupCw1lL7byY!+dHA`jWbpS-
znp(QXPddXjgqk^-<`x@Y`lK$FB9s(=!cD+7^1^p?f)A^8+{Qr6d0b1d*rO1RvNHmh
zMHS}S&mtoy#FjkGL{J~lRVXRy4OLolw&jeh)N`<vG(Sq}7Ciy$ssXP@0dFGBc>2Nf
zA7J){2)i{px5@lpsLC1etOgg?w6|^+86+ePC{#+S7GYZv=33-RI6OJ{1`S2uDFpGb
z!nUl*Q|rgEvGWhqD97L~>gyT#nS?Z7F3`H)E^VwCZ;#sy=(i^vf4mM4A3~Jj_1R}X
zQ;8x@>#pk@eeNTYfC@}+z0a~90{79Fat(Rfx?b`MA~d6XO2a6@eVpgpgr|-QQ=s?L
zr`2ouC5fh-X{^$LLpQNUO%mgLj@yw&AUbj4W3*fc`F3eQ_mW6*p^(t-K+9&%THyEB
zpI;BK#r8C&pycgDD#?(QuXsQ)M(5)UU7m`wWdQegr!<O71dO9&%dWTW)TD-XvEswt
zEl~eZNAy$rj_wD!Lf{=;GF^98>!+dX0pfM^)aJ_u!__p0gBl+km#FqEp;yU?)=(ww
znckB^t>@#o!Qs}8?}{359Sh9AHRqyi%Sa2c4~9xA@?S26+A8&^AM{07j<+AS>)<?e
zmg(eCY3Q4O$COLwF$1XC+tYrw2;B1<P?i;;jasN<E}^x~Qno<I-k!<s#VIeVY9sEq
z-EZX#xvZtH+k-7$H+>djjT-<k0gCT};T%0~|C}D-=-5!e8{AQT;m&|@z_0LvPfSme
zbNtPsQOWy*qbl%Qr=*@YV@^j9JW|un_D9fZMr?n#pkNQjl<nQt{&B>qgL-t?ki}0g
zO|96Ihp1I+16<?l>S~Ah?38X`HA&aN@rmT~Q4&4{N-gv$2r|l4?yQt5Kl<L>O!qR6
zw>N;upBNT@`_3Pn)m_Hvpc3I*5O;FGqVlL5b?(L&i$C#WeKp)xt$Y5KJ4Er5S8bU$
z%bo4`wF|`<hKGYeR<>@F)_hmWdXJ_ZJE?zsU!VBqjyDOoNtxS~8}Ul$S8Nfr0CRBO
zEgwwu2zg$+(4o#e)CbEcrtvJ`EZD~qJ^Z5Gk0!q?ooSA8OCPpw?5Ml$YgH87k%vUJ
z2~e0L;V?n?6sBv$Q()os8sY6Wa};Ow%-qgB?fL>{Rj~ci^^%hBP1r`81I(UAG?HrY
z{1FLXQ9}J1W(d*7$ysnXf+N+d#=5_XPgdHRvcf*6skH?wBMCJ7lk{bP(hE74xA_V4
z6RG&G4Yjr&2pd5|G0Sk@U@t0*20oM$*HS+!mRI~t&7A{dVPWl)1G!M3&RKsAMeuf7
zqe(fx<cr*?gn-{(D?JAes>_xw{#GPmlCiY4>t04kSs40<lLcY|)6>%_*rqKxm7mtF
z{=FM!a40xDOxhh4toso)?+%83#ZlAKN26LODz6KTtQ}T5{*ubCs18~d2;<Eb>Ta(f
z{qlBALwd~wSGB6q8`kwD$0PLuOv92G&>8>pQQKZzx0|axXWkWq*=ysg-Mdz!%z~>g
z);d03tE!@ZSNI}zI&`9|hA&#&ldnE<!R)saK7;iB<U7EK(9qa7jKD7H9&bikd~lIn
z(`|9h5dbB_FkV}@4D-b6F~CIg>^V|bB^CIRWxYe4T!PtjQ^BKwv!7Ye4XsVZXimN>
zawy90a0?7u_npXoO}O@vhZ>g&q^`J)lcuUEpwiC?=dW`0sg6f!aP@X9S{mTI8L~VT
z2CvI&*os(ELE`w%R>bx=<@>cg$BfpNCP1o~t~iZs4b*$@9gB3?v9WI(Ah5Qxo1^4c
zb+I(Peanu@WY56k2Q~##RpBFGB@k;+BxlPB5WI(v@I89HSE9NQ^^%F<-y4A1UCkOj
z2C0lGP6Y=))Iyg{2gzL+@q4s;(R;z4E<cEqlhu+^p|f4;-S;Ue)fL9CJF*rvvJAy#
zZKB%I7=sE~2S>qp*Ut1V*p99H(lXx6VPWEeo>$Q%<FJy8cXVhTJ2e4_pbfdHyC(QT
z$bpqt`^2cS;;Z8^7L%xn90s?`%c>ebHP;7xAFRa5Z$4U-8o`lMD`(LQ)Glj0>2}yq
zV@TrE9PWf6Y77LbZOZF1Y=Bf_8YhjDU%dDod|{&4G5y(u8Q?(NYb<2&c7)-HxCi7o
z$8>t3H+w<pFf%Csv$&9s+95txPDd;2exPiK@<M?v=nxP%bCifv&v?lU$Cu07M49N)
ztK)6`zILfAWQ-L{W(3(4lIPMpHkmD^V1QE49FP=$P#!9fO?^3`(o*{Of!wtt&D^>P
z_f4g9kl~RVB6`OMne(~=&q4m?65pxN4B2@~7-jKvKD?-nkkx(843MZYV9k%w6AaKE
zyh+5DD$6t~;Q`bhfM)KE6VAd4@3Za`?t`uQSB~F12}NmGqlLTszyBUhxwW*i^7Mzg
z-@nD!)Z!0gENbeG=8vN)tq-(3No8a0U28{_>2cxBL{141;Vqms=G-dQxcegbWyHt#
zPsg0&Atx|pcMDEbe*!J^#GlXmv=XkM11@@M3c8<JNbQ0O9^{+_$bq6a?+CX@;i=4(
z+$)2BpU}|xvp=pGn<j7Vxn@gpd^!!(s)hO<h~jiZ!}NUlR2;V#nBBicKjAgN+PWCi
znn~mm4#T>T8ly5PUuRBaXwvY4j{kz{nY0t-Accz<h1R+@qN>AJ=o^)$m6qGyoc>$~
zAN<mG88=?oDIAVU(?QML_&Z^H#gvjNK}mBw=K;d->r^M?J_kd*!3?1lZSMHPP5x1n
zH@tJ9d!T6P*_!2kI4SlvzLc04W3%{Poe;pxt~$zuM$og`2<eHL%0IPfqy1f%qYrG5
zmwb^su3&NHmi>+1l?sqI;FMTVpH_<y&-hw6eAkONe)bD#{u5gjfqOcMr<|`Ut^YTx
z=us|T!BB!^1YdDWZ$c0v;vx71Sm=P6KhY&6NgmKdFtL;K?bYQ&VS6r0T-1S7^9xS7
zOoUuR&&V?)+#1vFdgShQm<vvQtnn7pzL_9MK$*V`5eDk+#g(%1i0?&QxGBuc2$2>1
z<M2pI6!b}yDkpT{&P3gH>-=yGawA{Uvno~U(+i5iq$stHPtZ|<M?%8(f^eg*;0a@W
zkM5~qgZ2Ho;Wd*LsUZjJhZ}J(F7XkUK;g}iiB#B#k?6EdcB7nC5H%cz>f3oC9ijG~
z&ha+!`$+pey&N;7on8G2u>h)x?gu%=xNY#E!rSTxqjh~(2g_j$C#t``Y0yCdQIvrx
zF%QKHGPC!<RHxoyl!Go?d6-hxb1(9=bM5fRNY6}nP+yty^v?6e(BZqT0)sv27Yb6L
z7Fl}<l!LfzDxeF|ZO-=belK;^T=v9eWq_ikHnW!2l30_#CZSWJJhli9xkPJgE7Sz?
zn*lTs1S!nRcO}<~;V-b!sr=DQp3>9lY8H8AKoClFO$ps3N$&1jWv``BZ2p)qoLQ_C
z{N@=vU||DOcC+BLBm!8d6mW8ClaPO7*k!1l#aZ9fKcLO_$_edreOE<svK2STtOT+B
z8Mbsld7njdu7KpM#e;579^gJ`Nmz+$@qVn>%uBEPFp-@Z;Ar9Kl+Jl~0>5|nM>D%n
za4BXdXKIYeeP?Uit1hNLh}b{im|juBTvI0<$U1==cZ#SlJiJ#E!axE{WSnRx7w91Y
zXAORsKS=zo)jO7uH8sz!kcIxIv@so~P*$}Ly_VkKZ!>Mw>Na{A!04N){z*5ajBLh6
z0^MVQ_I+!l!6914&wbX+G0ii>#*E3LxwLY;dHlhnfO%1qagqdzcHXn3k;PK=4&lAw
z%@PDgnaF2mrHy=;KW|RxuMgvl@`Bw*tK#eo)`#b1{cqROq!<;ojD1qSrWAiBrx%*R
z>oyOS3zU~xen?|dKlNqo1G+Z0$HgyPy#o%1N?S`%;FZS2H~7YS;nn89nZIsz3*TJE
zdJd$pEo;h|I#bcdkd}_e_80BjXJF@ejT6LTC1(ZNXbge%2P_+mS2s4@?-3$%+WvM9
z5rHO&<zT{3lwWhJpUMfuMG(+wBd*CQsjxv^jsx7c59uF`UH|Nh2jJT&E*~8S1U+_*
z41W6+uVYEgzr*t~X31&9_2S`Y0Y5kJUbq6iNx*xO^CD|RXWi3_4>M~nGUo26i7?bg
zf(P#eQEB~P2%NR~V>!n^wFFbLN5y-6Bem>vg)YND9mlt-5QdK*jdan*zT2s9@0<_J
z-1v<c3nJ4VfA_E)FrJ;!`1C8l7ljWw2!7Yq(Xhsti)1qADAK`}O>df{V5dUR*0un;
zIbT9BBWb+|1;u>kb*vXmol1;u`|eQrHoN!Z$|b)~`Yugo)ml(ul)z}Xx%(q(ljAX^
z7Y31)otNCr*}KRQqA9Hh%uoWt7>R<y!nnT&a2YrZ<rL*l5$N{j1KOqUF|NqzO4IV%
z<e+P5eqBO<x5>eF4@6&to|}`C70rDaFL|srH-5(-?TOwk;=zo>EA-5e)s#<7<&a5A
zxeE4+YlR~DOmegijAms1-NSfixR~rj(F3@jeHZDRczNqS$WoAyo-UlX&7sB7{zgOr
za2e#=A^rZ%3z?^<O}b^~=Q6ygTDs?BzlyT}(*IH1S4OoJb=yK|p-`OSS|qr;yB2qM
z*W&IJ5AIUjiaQNn+^x8zxV!rcz4yEK$NTgCy^J%GF-}g_Ugzv=TXXI;1^pS{C0uB#
zAz~1xx-=jyUh?@pKbnXYnkprw%IBsMPhib46WBWPen|)~HLaUYJaddPbn(RK(}Yp#
z?kL1gN_3_T&HY2e!G^aq;(T@+liyGnfI9yT548K&`Evo#=!uc*Tc>Y$_qcV()3Zhr
z#|`Vn#fJ&FocjD)!-b4peIsU;Sq8?;OL#fz_1P`Di36u!PAm!W*p-mrKwsPnVv1ZO
z3_+RyPbkA&iqzaE^J3T$F88s-l4=W&MSbAFA|rK$|Jacbnm*cM0?zu$2~aj1?SuX}
zc{2j@!(LjGv<r7=umOu`wLUW&Q`g=dpVzrMD7GgrGV<@{-6~D->mt;|kL#KF<&mum
z<Z7PC`_(eT4Bi}OCMF@t5mD0iszhb}!HvH#x(s?`oj>C_6KC3v9LSb-dG?Wl(>$W|
zB(KLvvVx}fafymbnsBfsv3ZJ<5WzQnWPEU&I?M?d3eI32(W14G0k?M~hxEHBuV)T-
zI~=*}Umz=8t;i|EJnY>pn7ut>)4y7R?fmVd6_tvvte;Z_4|$IhWh#pKBcBz{+&izu
zi<K{rgh~BxU!Nme88z;me{A<T4p9b26n(IE%6EhhFR{79<R2^Y;A&A`ynW&E_3Y;2
z!F(6C(z!n%_|j7?U5N`fcjo9^WU@LqSU^XREn4c&L)U&5p_ocrIE#Ey_a(<h1IBYj
zaCo7fBZ%<{`gG4&z5n2>18ea4#;BMQPP#LFu;&HWX`_AcC<{htQDe06Qp5AYD|G#b
zcAG*rd4mtm<~S=~mEMLvn2WbgnEEx&zcV|1pHsDDjl8o0j+ZzZmCTAMp(9SaQld!N
z*CElkP}3?~K_eRKsFc&RjmWcma1f__n6M!;v(yCu<(6#IhKs*Bc8BN<%epXTTV0tu
zl?lbP&sO2^v-TZFeN11OV}E~t9CcGoyKhd1laBk9!*Th1T6&hLn;&$Ma`&G*1duNh
z!gusUAX&}enVakS$so(jrbAj*Y96}}h9R?+R$8X9v2jKt5cq1FnI;RmZDI!Jj9dr2
zH^<(^CH5X04vlP%Vmh21m5;uBxaLCGCW0~)Z)7lef~@-~cNgby)?g1cGqQJP7jU9z
zGc^U~=Up>Z|Cmyu`(I*hBi){#e<Hg#XNic2fMjHzY;1`2atx=MfYPURwNy7q{ERJn
z1SB`k-zc@kGx9dc$gEu)wb$wbef_G$1GBjdC5ytYxWX2q-6(cGCS{D_;B+WKLp>BP
zmgK^EUl*}b2e`^`WMPd|%;-He)c!P6O0<S<d=+17V<8<LLr(Vq%bA!M9t-?ZzJaC#
z_##34p+4pWqMiI+92Gl9$j67zv9?y#1(K=wCdts<Ab)d18WPE(;fpIwfK_KRuQ|lE
ztt1&_3<=pXH7>}Pl4=bWDcIFR%$!Lo?!&-M6>>4f=^G=%8D#=%$*N291E3N!1}L-;
z<&IgFwZ(?oH5Mw=*~-bdo(^mdLN%biNCZu&MDOHaZ4%?i%4V_o4PX%B4z*j%ST<o%
zJ;rpvVD)>^e3Z2lb7(BUIR&sWA^qBk6SVNIiwe&*q&eVO)EFuQVallbkWS@6C$U|>
z_N}Jur=Z*K2z0~Rc2-a_fB7+Qjla-LH9lzQF%$W0n3)oZ7*wzk5sSQSF3oDg(^Vtq
zERDX-d`{li7f<&rR!{*S1<BOw4F7^wOHR>`o}x82d?EnE)cOOgfHqvpEaCbR)Y5B;
zo-iZTiY8<0$Ic5!W6eSe4^kV?U+VoW#H#eNPEJXIj{Bo;Fh2tYl6rL3T0Bp&rlZ5}
zs_zA#nn#<VPv%hS(9b$JbI~^C#8MhUjiaA#U{lb(xg1EF5C8Zv@9WFFodu{lZXsIc
zNN`-hKjlOGtZhP-e>4Ci3>F5?iysaSZV%-ut%9Shrpv>!*BTD0eqRy98YxjSfDnL`
z=rXbfYdB!cV&sc&+o;W?RRM{YhaH{Ta4``Wv*1k<5E$2HFsIWk9IHbhDGt=mVCHlt
z9XrU<kAs6&V)F}Z542aizBLXqaN!7Y68Xl#IU-3gW+`vzfg`Mq6>RA7ir1{eyyrTN
zzpr>|UDVd&{$(2#=$6W#y-r1}^-3F-7JJie`~rB@qzA~F(;g&qFa4ZxypA>(Ho=6*
zL)i8WnzK9K*}u*la<gf@K=$hR%y5p)HLp%a4q5iUtm>pbFolHyVwy_S{Z-%=I?1#T
z`~kF3ZG>R(OW@*_T{{VVUGDOH?%KRj-2zw|9^it<?#;swsBfUZoNBt_L9%X?7^Vkv
zn`_HTxIjSOY_!CE)NK7&%$kg7<>x?1CIixKf_?MQ^~qioh;#@EQf@_6Rb6fEd8c*4
zXX)B$@q1}x`)TpX`FYCr*6e1fnQ1<&#R+1Q8RzDfteumWPHWzFLf2?HYX1t~mn;NQ
z>6N0x>%Hc0(<N88H#Zy(@x}giX_b}q(n9_ZA>^n7H}#lg-7emkMn6ten@~))cg4fw
zA(^Bh;vxkFAw{Y*@gv)Vrgf(fjFMU+^4S!QQ~ILNH~GY}T|6UYM|wmcB5kZvF6DLj
zxWa+Tf7JJ-0)cd&$M<S4o}3B_QYL41c6OV1#><fL($bR0{Y4SgnjoG?bO;Xo70rh_
zvk$QN#Gn2ng#yKqiBvxO&@LB=7M%GvRS|XZ*liyq=(VNtko4lWYZp0vrGQ2DY{!!B
zck|}D`hVn2gu<tG1zX_7gvrqpga~xv;od{ER{kB3a{j-a&B?-{r=vSt{1P{Q$oTcm
zAypbo2)ssVrJ|xTU1FIZVY5SN2~kI}&bbnZG@;EHgvpn74JYs1(DZSW<EfT(-2v-k
z*xA|1@w|2tFl%dTivSX(d0!G6&d(k9RoJF_*)K5~?(aRze5W6&Vk#|3QNrI;TY7s#
zxUg~z635G3{Q7F|mTe`CpQ1n}E*>6t^?b-*P{VB`_)aKdDuuS7169N5=;_bzAud8L
z7KC}f!6{+<4I?~A>htM4M_X|s)bLcskG&(<5a)aU0#HB1Q>}g2Scv5NAE6j>Sk6GI
zaItd+NOeH${YR08`Cn~Bx(9MKk)nKr)WW|bqFasxfmEsOQ*SM%=l@E@AlkoELXFta
zBZ;XTg!wP69LPIICa|YR^vbLK&*Z)fn47*&s`fvwZ7d*&5utu$M)y(wr&kj(esaQq
z@I7dId;8Sx@bK{H_*nWd{J#r}GNDEF6gu<#&!1)0Ub1|)uBj<hqG0{+Um*}JdEeKZ
zQ@O7rg*eo1{{9Bqw~0h6bO0FZebX{`ZYG@jvfAZJ0zA2e`$Dw;`~FQiGK+YH69}X)
zg5^tiy<AROi;Ez3%*@2KZ!rj0jx1I2`A+Q%^6xmBX;02uD)ARVc=&>ZUcjI#3$ml-
z`*?`WKI4AtdKklIttqQp#d7yWL9QpIzCWgXLf(eG#>}<livu)~x2HRl0*oTjM|&>X
zSAa}Nu-6^hWI?08z96A0qS-D}uO0rf`4#QNPNmF!3SZVIs?Q_9+9o)8+w3#G&K}VG
zr6lbN&jqfy6Bi;*#LTjPJ9&V7#|*(9(kh!!z}VTyjb5=Z_0P}ua6E4Aw@ljih7|z*
zN1mQnF2VHZoml271m*-W3qQXXDL;W+NH@eY4a(X2Yd%H$OCv2j*cr-dAGffi1Y=`c
zR#BE3{}BK+8U|OY##`#%sCgW)8oA!-Ct75ok<r;4+vn!eowvGdW+4fDnM4fea~TYr
z8tv|YJr2~;&Uxl<bTO(a;qQXAWpLTp!x*~wa%#9KRAOe({5sZI5dV_he0keQkYVTW
zD$NSV!_U#04D+1Fc2?Ki96RJO*x{D*+^(m}`|}o7qIEVzqS9QF;<#i#I|dYME%_j?
zEvwE8nF*CFn(SKQcm53;G&eOej&39*GqjN8kbmxZTxs>sSxRBpvhImZp~EWqp~T5G
z7Nb2LJXc~_k?*nFns}q&p&x=ncv5+BCXB>i?+qD&u*?Y=Gb5>~7&gbVd6f&=+LDT=
z)V3}ehsLOLMKTPOy0dwc*&6soT`ge_p*MYFsfQ*=nE|1hR*P&dNVN_P7lKB4%^7ng
z_5Q4Hf98fs?^w_r5uJ~Z+m8OZwPO^DS#5c8+mSKI!VO%0+TWT%O-Ey4ecD6uwQ=FA
z${{P=)Aa&MGcKObSRgPK(rYg+YV9*~@1M7j-QWNC7nV-MENJ|(oW<>!92)4^A<jGn
z1iKnMq_{Edv$q}D7U#DGMM9EUV7oIB9!<Zt{1}f>w?0u*R971N1A@&Q8&0u}&hS=C
zN={Y*b405<7@HL56jwoK5UZcx-J|P7k@2-@h!?Rjt=XB{-3A<Q%U6NEfAPL$T5NQg
z1@FETXrE}T=537o>eJKIF5K>WTm__l)rPt{Fk2#WuPa&2t^5_7_d>by>+${K%GaN#
zYXvvLNbWSlWmYGWmAt*??4;ha3bWZx!y__f-YkPvC#VJXQELN@s;gyU4^@mib2Y{m
z-i|^2k7`md-ge8*9F6@3w!($rj4xz^$-~8ts(2J;%qJdj;M^@YfsU%wUs}AQc|fuX
zbC_j(og>>yG96v9+A@je5@Sy*v~(Y&;QdU)%*Cz@pY-p26dY=g3(z$M%c~;V4rZ>w
zH(|IQyKJQ3G>XPOqTwFVBm@dLEM6${;FPg3{-Y+*CJr~n@}@X?x|*M=dCOq&j)uYM
zx}ay#LkqpOOjn&GzgJH*$XvIE@MK0OyW63YOTu{MC!{I&bz@O<boOwQNAM;?@&c+V
z>g&soqy?=viM$-saw5>u{8G`9c2p-YAZ(R6Zb7cU!1YUwMN3wbadl<y`^DMfwgya%
zYHf=}s+1X;&QHRao5UN1!fBvsa&uc$9E^9GO3{WB()dZ%Z6s$)%gLQU*P4EO&CUjU
zXhHcV)wGJ6`VC%Y2lZv%ci?7B)3)ZF=HjAa?iwe|x7<Z@6UmWg9F!YN>5IN+b+X|~
zeyE$GTJ4|kDH>A*X|GNO_ORy)uk+w_&+>aqf_mI0=?lII!PgsFZS_$of|GL1c>21Q
zmeH7<00-`cWr?Piu8RZM>g5DSc=_Isnuyx!sb=6_8zhHYGdQ4nu#@YD>kjCdyp&l?
zYV!#8B82+c(K%E8d4hIaC0pZ$pjD^v&y3mF`>jj&-5;3~3L#y&%m!KGX=aMCpb>N3
zCD%BdWR6n>lse4FW&P-c-1PG7@F*xUz2x?+Wor=F;IbjA`|aa|iM>%qsY>Tgqz)H_
zSu?z=prl8iiYhOy>38l8qIfAU89r==ma|g-AKkprPwQLaZ9YL%4g`gOMWoJBReNl6
zr|mn9mD5b2vc2s(?}bPAXxovytmnwY@$S#bm>9dhgw2zx>JTue!y_=W(g`Z*l2F$<
z%20T2Vw<((n~M|W!47}uvh&?Fwm<oSx&VcE8JE6GVZ|}KPTg*ZUI&ERM}NVx>Dc0u
zJv`1S>yGX8H2OjLA}SpD8-S<aU9!AzV9uvCVI|YTKF8|=SC&J`nitYfq`cJ!&Rn;T
zuU(7uK|8zIcXy$zBs0()AQ}_y9fQc>L9`_xJj<qol4_istOx28_5GhUT1o+qpsvY}
zUL~A0nzEyvmg^EebnEMAg;;a7dCcEhI_34OV9|`$$&1Ys2o5Es9BB^^SwC;j)-<w9
zd;O-DXdZ>4D%KvNw)|ZqC~B^Zwe4<?fk7a(HO6O6td{s0Ls(G=aV+@Lg5c(cUOjhY
zv&P=-4{XSy4(8KWQDDgTkPXNt{Ia*XJzl7tjBjkbo*)S@c>2`twf@+sVF|}-WHa{U
zL&b?ze2QH)@Z0l>xYL9C6!5d-`U-A_<nH2%dcm@WvQFAWS5kueq6WjaYLf3YXWxQE
zO<Lv!qQ^}wip!&Q(wm2dK++zHsAWZ!mO!`v!Y%VyC^L7^K0slO(S4A1M6BEs<b4|#
z4<_9D_}Ril@76k0R+%H^c@@l!@p^0kHC2g;IOD5Lo=^`q7ehZi{n&PB%pcFV&nY^2
zcE+=pp#Nmj^3e=Jq%V@f&$v$5QR*ye&KV{yMed(FUuaWTgVI(xpli6-Vn)6To`r4h
zS{XDN&e>0&=cWzTFo}qe4pw?aE8F}oT+RK(k{UP3w4qWrD0|UEMu%PCq5-N;!G}n0
zg^4R`&ID>Z6qeVeUGS<EN{UZD_+;&7$A$wVC<J(d7IcbaD=Hird!oQkH}fH88o3MX
zr2Y`zf-%ARdfp0+&)`N=%>SU44*>wkO3x?X*ffvyH^#h<9ux$yl!`(oBWJ_m#Kt}d
z1$f4NLkO!;<@w=uxh0H-9qT_9ye2^UdZuG9NHk#G$TF+c|0@n%0`}x069b#7>U7IW
z1D`XPaU)@>H&GTvULVEOUL{PczPo1y@qpLhtfKk5=7jTSej<@KK%cQ!Dl{w@CY_Ll
zPMx-OBv@C_GyZ1X$S12R@k$f9YsZ*UgRdZ6?_g(T5o6^i;qIiVd7fa@jJ;8X<(OtA
zEa<e?S)eW9CQ^~1l`?OE)2MOJQyXpI*O?6Hl+y7alGUB4d1_XDA{bOchobTAWs7*o
zZ$bWcMt&NG;Tu2scm6}hT9P`J)n}+`XMb|isx;<Bgv%%!9D0eSd5b}WTk@JScrRAT
z(ydjW>*~%P!GeU86mMO@7yK+A`^l9x8JS7(AQ|2T?HtmDZSr+)Og@l7|MgeoEza1B
zI%Z&^g<hGxeM#dDhy1{6cGm@R3YNFyRiu$yEk4}9Cq8`+Xr|@FKpiQbN8aZw?sG|>
z1OzLas=n<*LB}0!M4+9*;73rXg%~nK%H-Uhr8Hef^SR>^BG^V&)5$L9q{{^C*-V1-
z`d04>jQx&EhKU(Ca26?3l$RF|TH+z%|7j-QK2bhy?B}|YSSN|Z#>VlDmp%)FlJQK{
zysOwt)Vh#!zRDv(M_1a;gw>aka?u~M>likJMTE<jJ>+prp>#O5dp&{G_mj1Liq}P7
z?M%`i!Q%Gf0O#G6J%c~2sz=hYPbMeD_Z#T1sGn-4vnMcjg-jngzDNjCs<STX&2n~f
zF3%b_T_~X%Z$U@^9ARCzw}cuG#ei_f&fk^A6m-MLF}~+EZNE<p>kgz`+{i1femE#m
z7q>V*lMWDW;(F8zi5hY3X1^=_X;W0pmHpL%;o|HbaLN*gG2B<a-us;gLST#?GtaA}
zi_c9`ZOdBS*KB5a<jQfj&>O7$S#sisW{*9QF!Pi#AM4EJJ(oN!dE79c;`BTM-oR8F
zU9#n!ALoh7GUyJzK-8VcDfsCgv|-8EaW|%g?y!AseMAktwpN(JpI@+#oT{KlUSt%s
z1_$r+d_Dh}jZgg7L!{<Fy;$LA#oHQ0;@v2*m6NXDC?etUE}U<wKB5_)AK|0oflU>P
z44#-Z&W7DTH6TNfxVt1|2<rgUo23n(Rdb&leHC$HId`nR^YS?VYlVU~AV0&_g4`wH
zPpI(@Vegdc@4P`aDI0S{VXqkJyVVF9FA?XTtbt0mHSf%y0kO2s(()q!dNSM+Rs-c}
zj+=kb=jMj&W<E4js~-?C^^(o?3hl2;_MbU5s5!vFFS>{+W6r9o@wTOU7^dY+pv@pX
z@)1<cAK#p)jt_rKz0gpVoL$x@+*h}g+@TZe3$`rGA!5i1Qkrz%Z<jr1v-%dRU&9@q
zkP__4(RMaPw<<-NWIHE=2HT{i2iY@PIiZ;F+2}fs0F3lRjJKNo+caz9jnmyZ9WHtP
zi|=prBHI;I<~WeLCKLIBE;7@-l=?aeJ7v3{CGhaArGYI$Hrhy5^9-m-i|?Q~U}BZ4
zHq@>{`idNSE$wSFY3CWIK*sM3J9sf-&uklbeRW;hgjTbNY7*R6<HMH=Ae08PO`?no
zt*EKnoPQ%rt7j}I%aY-}IV-)vmyyNzvsRNmlu94O5S(L0G?!?bmnleUY9&QQA$?(H
zGJNm01Dc(v>MW@d#^RcqfYHoaT><a-gBWRKSMR}MNz2lzd?wCd5(kSa57=perr!7t
z&ABsP_lVJfODMx70QeNKPeB5Q>So9KuiOnZq6|wm!_=K^cHS~k2*p(aUU~n10<rTW
z&q<#*Mm#t;IS1p5g!(b;u`6Uco#I&11ktzr9vgyMP-7bn1zvU^SAN?1&~6rgM=5C9
zM3H#NFc1GR++6zx5t24t!cDgAtAPyHk9$b^50Uoq_&<EmP<vD#Tcpl_3~Sq3ZXf6Q
zW%g~xyIyzrlki#4`SmREh)7pPGVP0Eravn1IW!r5=#tRrAckgc9*q9fOIr)SHtrzh
z(ocE9kzK@`^>ToIo0(~8TT0ox{>~9Md5ipR14nrX+HihcQAt_G+n;gl`qoj9njg33
zL#tj3$g>u@^vAZ-&Q@w6*r6Dr7kbr2+Y$=Mt2+~g$nDKq3#vvJE+}Y58`@k!Gwd=d
z{oxsXNWr@v2V64hw0IrNZ@F|7Q}-Zs7W%BoPOxy#DYzL!2yh1IPhp#E0y;2;mDMRD
zFZa=iv(8gf5lh|7JG;eJ6~hI^Hc2tM?m-2uP>PJVm)EJ3)ILu^`->W;p<LhUi&NP>
zQBw6pUpAC@Cca{~IQqvO>#^5OVXesPmU#PQyq`Z5Q;W$}w!0{#i{2!Hprw3$t9_f6
z_@7`F3EZ!Y#EQilD+@UUqiNx1uja_V%~B+B(jMAUYk0;Hb|;6xA-eN#jQ7|VmjL!E
z#y9Sy4VH9H)?KgP-FoZSF$szew4>Xnx*ImVihLsN;SulHEj!fiv1esoQxXn|#aH^p
zPDgbc<A-m`fmfqxSE|m#?KYjbYlBroMSamK>zn#6z#`W9<EVqVacLG~OwPK5J+%0T
z?}Y$~MAy#jBpZ#7<Nh(T$ZpHfv0tCgXl$P)qWMhHQm;2Xj?u?hFcvD?N@Kdn_=u0?
z8Ik81&c*DZqqn@c;uk<(<gGcaIE$72oqUXL5Vc&fiUW=Jdaco!4mi!q=#F=rr`#u5
zy&<|i1HybV8XK3Gp7e}0i^mH^=Jj8EJ8VZb(=;F?8}KOSp?eu(Ylw~*_e^`^=QZ!h
zHB;zJ`0IXxMYP?sA&2$SiA?pgR=4kU@piUuHMs7-Qhk6=1EN>h_kVFyg5m#u3nul4
z!^^2+R^5=cbm3fR{<VE7vGmOI4(4f3U-g`otXHZaH}7Y7R+erg4ZfmJ?*MZzVF4Xt
zlf%OgxdZ=xv!~bmQ(cNq&$O{V20ov*@XPDX@lDFlfCneCA>!AN)-;ctm@Sf(I<HzC
z&X2czqO+5v>Q>%ZFu?Pe5DJ%$PDU+ZT~`_-1A&lvGylj)r<SAm!3_O~&M@B9L+wbi
z)reBRnETF~`QPPBmQTj^aYXn+9(_<)_=fe9{>yOS1>+?d46c`L@wy8Hs?m|R=>6~m
zWnuqA!XFlxuI^zHCE>u{l9jEKRdfP*U6Mv$j3(Z1PB%jKjrFscJ^LmG=!waaN=DFS
z5%7hWYbNufC=eK#oDV`RAfARa747Jn;~Djgkn%8ItL9Uu>ioD;5(VAD<%AyEifH!@
z$D!=DWwoS2a@0MI09&)rg-hfH<Vu)a9NXXYpsd+rxf3x@)U0n&83*VhZHzNaEEDz9
zOvcI}=ml_ASI<3<w5OVC^2)~WHfxKx8WaEQcS#`vS_!V-9nq(Y)!dG&ITvuVD+tbg
zj}qJn?dg<O>$;b+g%9@3_VU=j&=W?dWdsBLzR=-A8+uaZ_&?4PhqtH+sc8xPKu#_7
z<sLb?A#nUr1?jd`l2SuwxGl5?QqoSTyJuFT@>^Y#%=$KPl7@bV1`TgX`S@UXUgaiC
z+H@q%cf9i}GcGJ7|BJ|t*<L|id?t8HOImM}rmHE|)X)pkj_ou3tENFV<21_|JMDYi
zpSu!GF7aIeJH8Mhx04&ca|K{}*{<u}BJ)P47;)yKk>AkY{ixt1+H&-xEAy9{x;b39
z%fmZxf*V$<*SBx6Ld6+<J^Sd~genz7`pzTIUsrk}C+)AD&O3=}S^dc*?B}I?=->>C
zDL>7}W#%;E5ZcOZ`rk~9M_C)RC7+NPbC%)wEeVfonrCF<pYuAt8)(6sn}zcsfRGc4
z{0z{wuHqJdc|xM&em3O`ix!2I0gU4V=TFxJ&X<?bop|K4x9IWr3OEk*8`D;l2R}N5
zYC8gbjIyF9ZN$`Ejrj2D|CqvoHi!(m8)U~-{rUB=$CYoL(z{6&Rzz5s-w{-)?0E<F
z+kcpF@J2;ngzn0GaCx~Z2e12FB3lRRg-=ZYS7T<a`K|xa;eKp`oTkXKYSSGaz*kp@
z_&?cMf>+P(>N_s?`Vas;9Aymte@|a}zLz0U=wYrut-jteZn;fd?()ff+H{hlw&5-R
z-0!)8rPI|rO{2o7ea`QmeiW*;R>a5~5EbKTIIoOz@>}q!r#hVGsAn9HXnfqomS9?q
zVB|xySSTPhP7Wz?%P}x5!F*{Xp~ZziW{R7;+_^fu^8t>JEGq4Udi#Lee<_qQegx2x
zo%s9t1isFAb!aaO#;|}l)tQoEhWXdv=wZoSHlKL!Gd10^f+J`{XrKWy)l+XHVEk5M
zm&SgNPT#k<h3Rg%9gJ#h%7z!8(5hYeA}sf|dn1u>r9xZZZB|8F`S<a%8Q(sxab0s5
z=LLUPuckZgb`eEVvKnhs18}Tu;+qZ3Cj>&MrAAK>EP(6%O>+GobqIS<TgKO$nCDYP
z=YF2Q#|J1|K(Rp+X?s!W&blZFk{O@wRIHXq!9qjubXB~WVbgUizU2b&6B4v)GZ^`k
zfeZz7$~b6EmU7_px@bt8`ytGx&8<h+F1f7fkuu_mZSd2ESW#bFMrEFfhZf3~AzE3F
z;n?DX0%(8<T9dtPucD};Eh}>P5m9~+n#q=4QA17IN((m@?@=l9sB<M~Fu$Oj4KL>}
z4v{PShR4wN-Ui)^OXnfkcJb#)zK3VIx|IpVRbHU^A=1ka$LMOEuAlh;ZivDe1ynVN
zR=VRc2__hlpo00m<bZQ4Ra6ZLC#YC`ifSMn_>uHR9r^?Jxo*4P_pBY^&o+$V;Uk8t
zg(U!9gwr$CNaw_}YbSs}J#w&l*54Y#hdH`{h*n3m&o`AYB;HEWw%WMG6D=NKt-ast
z`7_?TMK|{Z5Cm5cFBUzY+B0v13?hD6m`A-FRqlsYSZo%Tk|J|3_L+!J$Iw0(I*hf7
zd`*^&pDg%}O0W=2dOdp79T;6#fwQtILPbYU$xA_`aQZP6>+{0j@auR9(x7)O@#zXq
zg`C1#C`y(UvU95>9F^!80gh1_NgqLyO&*s_@eNPHP&ZqmSx>28<t64oOo6X&Yka)w
zuOeP(vp}76)50PrR_gSJbx(B(osRm`0JMFpj7x#$DV(uUq&cVkAZ(1x$0zPj*=jA^
zo|n1L+;#Cp=swknX=+kVX>e1x&03S1o~iK%szC)dH8AyZ;w>PLGt+gbqeF6W$>~<3
z9und&v<v~cy>xYnB4;t<g$CwbEgT}|(J1lMo}Y{QHaAbibS2m&dT5H$YdyqERJ79~
zze*uI*W;^h_bM~jAO^VA#%dB{D<jAZNkw$eKO=n6LRp+)h{HROk?QxIbGx;qAL*T-
z&8VAxC!+hi^fY4|LfAL0)zs9|5-wBCS1uDM{qIoy(qF);c5=sI>oh>_>t&&tpm(&@
zcOeG@5XTGXSoU@cHADBx<oJ@YiG;=S&#1h7P5z3Zn|(@InKS?Zz#%5K@bpHh@9RBy
zBH+b?QICSYPatR?LUv<aM&S15!GQ7_<A^-wKMI&FG_&`KPGywTjH8W3h<PUDhU^Dn
z;$ZF>K0p}OqX#4+|I!U?kS;LKE<2x(22SKER@5}*^_#QS&>0AuG{A5)Z9665VL*jF
zE)QZZF9__WGVZC3j(7O$o9cLLe#d#1(p=O}tgqyR(9AU#DoZ(2(|=?bJ2_pH(%T&{
z9i7%Ou~O)Pr`ukivLrx>SM(_`?DZ;}e8fZ>+k^O9nRp$al12I#7Cu%3b`||I6aO3z
zV(KhF*%mwK4^%eif|YU=t*6SGJXXDlvElsnX;Ic$G07ky_270_a|??!ujN}nq2t!E
zN979y`_G-Rt<P07`XCG9Pk}Ivw2q&+IW7f0IkOI`e-3D97uS!K+I;%V%QIte5+&0e
zDFP&{!T&S3J%V!#1(@4*Vw1p!@=8t^;;hE;WbIz!bqJlYt7iFfe0s-bV>41g(^Ly%
zzKX1(yvoedzX8I7Dw9~8CL-E)E3%D`sGX0V7}QE-WNN4CF@(8ZBHgTKVUs9CVisf{
zk4hyQWvDdS2}U!1pF3q4H?nPOYg_Z{*U;SD+*HY*wQNcVkT%Vev+)<ezr)GHGkkT$
z1_6bOJg4h&1p7gf-Ia71Ilw2i<$Z_h;&unD$JqLb&fcKCz1PYQhRw_IRdQw0GXV{<
z5B51e(Tlb(@Nbao@`QBs`x!!ac-IbDZL?2;omlY9=nya+5!LuT2|rPDQxiZs)`fGA
zH?u)DGTvBlwp$LprKyPn78cecij96OF~t|1SyWWC;Wc>~m%!)6<m8gEj>PN!g5vV>
zQqsNihoFDVpF%4rD=h;9FeTw-&a?i3M!pBOF*$^c6s$>nT2$46bl>r|mV(sR+X0n0
z6rx`(Su*2mk(l!Qdb|n~XQD;${k+j`xyf#sp~`NV&JMxGL1v^Da^g7M8T3-ksbymi
z2d;dWm7Dh5|2fZJ4d&!L^S#?tmkGuom2A~u<!?LK0J~qBq4<xXDG%S`@_E#}0x7si
zm=~Hu(1MwaQ6&(6ms-EJFmrv`2<SBgI}sSZoeCGmL6bm~5C3-|0UXYMUkmxbAVro!
zyrCa}hBfLXiH3Y()cZFi90onucf>J37>D^I8LW{Q&i|Xa%iW3UE<t-pIXEiCvSr;=
z>%Jp@xw_6grM`!vk?~HLsvd)f>pqeBPj}b|L_ov9LUQ~+jT=7Qo%eT8?fZU;fk|UF
z2^H)C`YHuJIbTnt`YL7j1MzpcXmXhFcwF`_jCw-piTS-;(D}V@t`N!ZvIAdJR~N94
zbYftr%mh&OS6ewB^WWX?;_ar-!o4U|ULcV9|9q*?s(*rir1pUG{8!xX5cvL%w<jY+
zed!slfwh2*IVd>KHBlk|R4IF@3PL92At<=_vGe)*cys*fiUY)9Hojl^<($f>RY(3I
zEX{(X`xJ4*mFeiy+ha>&%Lzjy7RdVNGVpSg=Dp<9pE8wKx6~G^6%KoX=5d2irA!XH
zro)wAmusNSsf>xl%&W%RhVxyTa^h=4yTViklo>w#OSbfakxR2LP>>fn2Uw1DCSNJ^
zmsTMVzn^}y*m1eVG2ivZ?eWPT$7-$D;7`BzevIUP;CMWK!#WJ;CBugbeCS2H|3%a^
zS~kV%VM+GQj?@r6x*Q7tuPCg+sa33}ZRekz6&`z{=2-kvs%TR}a4Axgn$mF@FHs)S
zc#@6F@~T$=wkvnZi02rP-F<RJ=hASjfGu_wvd)LRlq0clG3};#wTm1ZzK;KMYcSoO
zkTZ690BH-027%1i$Yj;XW~|jFShTU*Dx-SxdU=al&rd@jO0B?r`ipf%4x&@`n<*jV
z;CyK>u>v;dda>5F!<6{t6^<#cFpy`yFGm$pfsa6^SG(8s+#EKCHKb{%dl^kLfPCUO
zc$Dz<w%i@!!WyP%Ypt(}I+av4X|2FoqRtv`{z*}57q&Mz6||`3YdP8DG)HIl+imtc
z9=3R{2-uS}$7PmsL|+lKA~mjKEm=yg8VPbs;Qu(Lpj>qe+o9ZYUETE^%dsApB$=Jr
z4$Z)adGk|diu9T^{K7ujGG%@{!ZO|Ftxgvw#x`#pVKBePSIpKJ^;}>7E*N_vE%X>)
zHS!8j(N%X!T%l0t9iD1UNJQCYUA_6fQ~l;1Ns(pzM82HUg+1E{#uO8$_)ONu|9Yn=
zhr@rn;#|IuY%}b&co^N*P#C!+xHf!(I6GV9Cp53lS9wA`#@Nrx*H&~-IClE)G0ND-
zTPDn}P)*UG^vO)gO|e+C*sXBcXCGaQPYKz8BCLN?dBeamQdsqjJsU~ZNw&@HX$r>a
z(#=2Id!C0P-uCKv3Rc`JdD1bzIq1Qbu@z{Uw7f!RpK6)Ly256U&l#gL0J+(rHIF>1
z=%*Es?d%|<SmZq3F*RJ@@D%lV2N-(<6HWRht00pdyy5Tz=grOvx}1|}?<A&^W5Wow
zJuWBkXdiN)rsd-Hxl2sbnzIvSm*~o$XJB96Yceu=ifX7qZmq^cG!$dg?qvLmGfE+r
z-=JA94*ktmi}(up6u<(cwk6ga1!)Tya`grH1C^UQj*l&YD<by!8BD|Kz^C72{ukw`
z$!&o)!(Zjj`P%r+1i7gMcK1GxNs0$@r^U#@zZoM9h;hplD<C*9k8oR@`R{i1uRTmK
zmW!iF>?qSj7nGLDJw5TJCWC(ogTGPgf!PI6trYauzJfg*^uTa$W)6Zfd+jzP9LvS(
zkG4V`NB*_+tlw0_>QO-w6?mBaN_6y<*f|ajwcv62ODu*;59~0zXW-}u*tcK1emO+v
zjMV8H+i;5rUF6Cz=jW6+`ixnH)pwS>!F6$Y{A6567xzR2W}x%usUTj_)!U(<e*0nR
zC#_V|><x3r))u2W5+_KP;D;}cwK?yoiX){({;Q%+k%dt>`QK9;^y)j_2puvmWeR_x
xi;RS!_6Yv1h=3+r^v{2UWeTrircjY{O=#bqr6k;7My5CW(&F-BRU(E#{|7+dBB=lX

literal 0
HcmV?d00001

diff --git a/docs/installation/images/ec2_launch_instance.png b/docs/installation/images/ec2_launch_instance.png
new file mode 100644
index 0000000000000000000000000000000000000000..2463f3441df0f9c3f24f2bc80a21f677eafecac1
GIT binary patch
literal 234843
zcmZsCby%Cv(smVTDHM127N@wixKmt$6oM3YCs5qoy*LzihoXVv4k2i;;t)I#KF;r)
z^S$pM?{#giY~<NzW}ex5c6RO!|EetW?hVPCXV0F!larNHd-m+5?XzbulF?9}zR{O_
z`R3WnWEwfiFB%@t4?9sk@aNhdCzzYB-2};s5)I{O(X%z=sp$OQdtnP`zY>|3z)k)j
zn`&~hP~{i9N{j9`AT1E_`fsN!>KPP)KrXn~t&U}MGA5c*Hl?1j<m|#nA?nxd=40ld
z^Qv@9bL7j@mt3}x21?P}twgaGrv(`q8I*oE8=-#GK6igh{48sASO_8qOrG9SPB|VT
zx};9>{igaF664Lqe^S+%M?kcVK$qIf&GwH6?yH`=_Pln`8+S?at&`y9Rj&ie`~SI~
zAo8#3rq%_^9YN;^9)EoEH%o-S>Ad8;<m{^VNvGfaR-y{hbEa77@f?XbdCb&9o>2PT
zpZUFSyk|uIe<27WrN|;grK<Cdrt0?qG!8WO37)u)&Sr}(FO*_Q%ibYXb=SMkpIIR%
z_-qzWN5(Sw`24O{+^fF|b&HR6p9f-ze*Yhpo`l;|xnR1(>x}S~n#i}GYTq-u;J8Z*
z%QS_OS#k$Q|83)2^MM;Rpd$l>9`*`i^~$%87OIUXD~oIYV8G^{<IeWrKKw5Y-#&y>
zNaao&&gJAtt>wE<b?+HpaH>CzRnX~pNT=@jNvNt+%|)!}!I2S~C;C-Jb6jJq)XAbT
zk<H3e+wZ@IezLc?U%t##$)4uLM=2Um<f_zTe&`f<&+LNRiv(0j43?kX<PT9(dJO+7
zVE2=yrjobklNqSh3ZkxB>IRiLYLFZ|s1{AV1O6}3?r=r^Z8ysa`GWsQ=9PX`-~F?i
z2lywNpd{DyyjpQ=>Y~NiRq5S)Wx3X#<)vPQI^0SJvj%f+?qK%b)v7C_3J^)6S!Gxv
zrmbC2?3JDGMmgS*vCt}d4QMC79(HZ%2mwzmJ3d<J@-(Z$jdt%{^_%tlusWl1Jx56%
zva^6rzq*_2Rg_y*Ty266GZ8Q!95PavLl<Fp`A1&z>i(v2e9~*?y~P_5PqN_tVxT*?
zxcger-3BW9iMNW@v2wf1#ReMNZ{B|-m<px5X5FoT<Owo0SsAQ3<%~Hq95{C?+sp+x
zV}Ov>V%>(Y{-JF_-kguep{{)s)~#YoIUZmw;9zl_8<i_<t!6tgk+*-sNilrvHfE=b
zo_Dun<a!->0~!OJWzCf?zJSx)*)h5fEz-Fyg?buZxci9Q+)J+OmD^o3UbTT6wQ$Fu
zUOttcU@aIi=`L~YT#$36<^rg4?$ebXEf2*)2F;cp?Y*J7cLn;RUinqa{Fay1dZQM3
z%e?GX70+~wb@cMBp|!NlyY6`_{ceA!%GcngrsuVlmpA09j$TIAT*=l-#tkyGPns`~
z?0Oqok9*E@%GykKjarXA2+=H<ysT=pg1HwSTPy8Hsz0v9yZVhkE_qRkD?L0~@Ez-^
z4{?Pni6%~3E14udj9j~$lsi7;vM%qf#WzMjiXmLDAD2WINXp=Pv^$LicYaNt*{>dQ
zk31`fPr~%A=R_YZ644B-MZ0Nvs2?qybpxw-e0hOyVULGx)s6di)jYwEjRZ?bPV{m=
zn=Ed%qZKjC13hj8*mptC^;K2l;8kpRzt+*3Se2#DV;WKls~~o2WY6N_)14l7G4uk+
z@EETJ=1lgAGSicidd)`vhaJ-ON5GbAv4w5S>mwtJ44HT3lJ(d;z;i~-K0Yc^-}gu)
z3YeOj%9jTxkZkRoKYX;_zItp_xYvW(E7AcAo=|BIc)@i?EE3%{uNWeI?wIJ~g?<zR
z{FwghV7lln&A(CX-(dF7JSXam@@0^qBe$GkA46)p!j`LV@Nhxu`dD_*Mr&<UfZe&7
zGHs0?po^?#_w1Z~c})b+1s%y2a%Z@Qeq$k6Hn$<?<<-I|TjRVV6p0d*W-rK{n$e#w
zHp*HN7h~m8NPc@;^nc%VCxLf$Ymm>``Mxk?a36ekU7Jkk`9IS?_#bmwvLoEVGfcL>
zPE+rHr?#HGTd^XUxJEs7Oloay9U2~XtT6*LnRPqOfOBM?WE{zYoSPY89$YV))Y=Zt
z8}mz^yGQ+ZAgm|c7>jTE2a<1sa0Zfn)cK6=2d~jgEi7P<5z2+?ymfdi766u1I-8Pg
z*+e#Ht6Cj4!bAHy*5#+>6!ZuC-$MQK3>)5Cs+%vU#h0!v8vJ3u1|=jXM>j-~xr`1;
z+bN^GX)Dev1(39D7t@Mxla^WON~gH+_c3yFtABXp8XTm!y~?1UVKC~FJb02+$A|K#
z>2xKa`PoXlyUaC($Yg<q%EjT_+fK6cxYX3p`+J|zfPfc%QLZgrfe=v@j_Z$z@e!<5
zzwhZIN<LjG#>RQ<$CuXEiK*;ssvy3X<8LF3ip2{K`nwNf@=8mG@>*JSiu<!<F794e
zJ)C*hSIMd5%;fAtul9Q2ET<hK8fbR3(g@BSQrnP=IJcP@ffTX@$(>9y>e3un4F5YO
zj9*y!CRmlYJqUe7Gd*s>SX+1ZOCY^ktQuC8*F}ZIrgo@#C($MK5Dz}}c@{72t6U)(
z$AuMNI$rlf?9l(XJqe5L;V8(6u4J1^=;KR?H$X>cDIsCkqwa5y0hAkCo0J7RDcwDz
zzqE*!giu7B)U#c=xrBm26?=Q%V@QjB4|R-Cx*xItdP6ry+VK7w1FWX?e_h%<fjb$m
z=_*_`^mlkmt59?jGb?r@`8Gt^@np4gszik{v<q~XZ@>19--wmbYGswKMZ$oI+$yCp
zjvwJZuf6>DDDWD17+J#tH#4}Uc(}WSOLcv0-nbgS{y3lgKqGOgkq&RE;J@(*I%_-l
z0e^^36OZ4P#-L|nX8!Vsd>}`;p#1UtB^wpIRXM!AD@MV@L^x)M_=SaAmv@WcTA^|F
zQJh;J$O@aUFtSc_Jq(v~Ko0okSHtTviv@wX-55tf4m+;jpC>*#?n{ij4tZ{LJur7o
zj%V>&59JPJg+)<2tX}RhvQR7-exA(|jK7N$Z1un+m8}q0t<^8VX{N3<29uw8LwZwq
z-FCRRxX5U<$0flRico<IZ4cPIUr*j^vHn&~vHn~wo|i*^%x@?Mn#=vd)D?WgV(k##
z6~vFYF2izC84$KCn6#8stqGesOTRn0AC1uj*E_K*s{4iRiV+%t3I%!6T^<nI2;6L>
zY19&zec8!CA|c>}bJ$f-<S<MDRV^~pg+dDQLM?AVR&cr}>~~tWsXFw{yPGAv-qkPS
zLr!6Pc(^HYVHLG~%6AIj)z2xd1C?&M1DA4{qUK>0m$WQ=Ki>PpkR3(prb@3W8yfIl
zlB1Zce-8eTn(*T{CodzL!AXVvUl*Z#>bjk&;rVRqmFK+2_&6QQ?*`T^`IJMNw4mn=
zEy3nwo%KS}3}bP;>W1%B6Ystqn*RL4yupR7XXFVlZeE}yRrH+Nq|sHtCU6&VyDFE-
z72Img!>dK=FjC`q*Y1&1>Fh{CJ75I52NZbjgt09vXVN|%ri;^qlw%hcE}^nXGt=CY
z^g{Ta*@>J?VkGJ)&HW?Y58h<DH$b2EL)72<=D#z{Z)PIQ`D?ep9^QY9jFDkGM4C{F
zPAA;>>L!>di8mCJT=3L1=sH_{W>y1qENi*d@yV2_1yd|BszF1y#I3y{MpoUyP|xav
znp#3!PJ9u20GVkqW4UM9P?(}fJ<CjuiG>fdT=>w?ej%v??{wmvyYkV^t{>mLdWLTE
zj$o>d?kk<bXgEktK|w-hx|Vh%BIf?Ekz#@KPo46XF<Fz%NUCo741-~l+1k{z!H3qR
zLyf-``l+9HRTW6<sg%K-4Y;;{CZ912?b(D)>CR7^nR0}gj!MpB7-R3h|I%C6+QlqT
z)TXW?X&1DPDRND{X>JaU!pH>7-?eT{=K9k6ntb&5lMzPpy0W4IV|#lW6QATEeWWEO
zMhRR5%n#$5k+v+r;LqP+CpKqX23fx>Id&_U-*roh(OWvntGD&f%i)rY_lU^kW|v*m
znQ&bg_>6C_o8E6^{B1r|m+_@|&`M@k|H^#fSj6vFAz5mM`mUC<1z~zG58@UK2@OI8
zmj~N6&H`RHRr_cg$&<+k#2?7*9elh0@})|h7BOm*$!u%)H?;+{JbuknM`dHFz%7^@
z&je<)*c_~LTjV^E`QUv;c{7pV#`Kq>fQ}7&;a$rMc7sP1kB1#UHQkone3fPoJlF8P
zp-nd(j(zP#4@B%4f)q(!E2kSRT4kEaU(LB(?5g<XBtovmx<`#A&GX$G=jr&QH2?Cd
zR_w@B)*e<|#-HlqID*@$z!<|4Z99?#ZfD1_G4<M;Dgh#0jUPD!_-TzEJUM=UyU(WI
zPM9n~*M1tQs?ag0pVI(#lbTS#%1J*MiY@ZompEATE~yOfPPET@onuW_`_Gt;m(YjH
z^ckTi1^dN7#*6X}bOi$T-b;x)Rr66-wz)bq4tCS@T?s+K?NjiClCm4)f>#p1s7EMG
z?znATt8%eA<FK5ZtfIWzyj<in^QeD$i+cJ@u~E~upbR>ZM2EFd9HC(BVN`g7fZve?
zI6iyuGozk`U?DDfK>YLk{_x-F({q5hiVTd`7$hh|b%zB(2WdBGF|skFZ0dU_M0=yx
z&XQ5$^MEbZ&-UZ(RMu822}o&_s3e>ek-d|39Q{FYd8o(WrmUXSYm|2+K|O(}LK-Bc
z6Z(U$vu!b@4&KKKb7kqaz>>^qbGMfEH1gy3Q{R?PyQ2N!OVkU~8yKCMbraOS%Ei%K
z484P+MFHx-G}A5yDz}gtf%6ZpJ#OZ*<+B4+j92m)RTYv&(xCavywW&9^b|cfv<12M
z&4+gx@OibN#nK=9x!Z6g8tFjrQm(RSa{$po&TJk;=K7e%_H_mBpG3fpne5&(np(7?
z7r=MH@UcsgkR-KZviO3hI3(A^%03atn_R>bJl1{W!(Nc{1klI<v4nmGb0$mc=tp-y
zZlC6TRQ~q+&_!W5`&mEFV~pI(3|c<!f#FY4OjglzFyDYn^+yWuF_L<`8u=V~-DO_d
z_1EZqcHGn+ETW~bxR}?cy#bGoaSN80G2yV;kDkTfg*C!>A*t_zQ(Wzdy_O{wn|&f2
z{6*K6<NG}PX6HsOOSlWSIo173^K`sU_YsjYB_yOIRk`ou$x;7VqSb8~H^1k35M<5K
z#tX)L@o`AnL`}W`7H)bdhi=JK)q+cTEL_-iAeSWw(o>2pKk<2GFUm(4+*&Iu|2Is7
zF)&Ts6foZYBZHC&HKl}#jUH8--Ish<^P$oYiRq%aeO1T4G^lIT#Cg3fCKgabJJkj9
zHk`$=&Ng+~k9y4F!sjkl>bv+mLvB8r77nmW|6wz@Uy&LWRH%qS>CIZK(n{>vy25F`
ziKp1<D$F%qud2sG0F%KIXIO}S7PW!%ujG9H9*B!RlsV(MRWl5QRD`EAb#(Z+H8Ha#
zeRzW}6jU{;5_~M%&U}5yB1A4REPToH72Xn+E$hZ&c4L$-`|TUrH>yN%SxLni0)vYl
z{BD;t`}XIdh8QuMT-0cWONOU@Birjrm!GDfEZCb>9Dw}jIQ&@w9GY80MiLoQpf)@d
zM=kM{r|^wL`Ow$Rq;focE!{F8P(P-{k~rB0@a1{Y*!y?Gb*@$QGpyOR*QG?XkqV9@
z<|$eV06rPWqMcQ!5Q&5lGm<6qTv~E5A|QCI?5(ARKfG*{EPvAs8j<%4GX#^H=+_Qz
zS>m5{=VRv_MS1oH0oF_99ku>3dXA81p|b@5y#SfLSN%$rBS(^uv@+9`n$<g5&{yPb
zcGih@aeZ{*{fq76Ltt=tdN!-N!?ORI6;bqR5yL>I?5pIoY`B)k7cKf3b9umnZD_X$
zHoc7{(1I<YpNYD~_?z`-Ia00p^X~FF2U&UtnYq&;bkK61vlh<P*du3GyG%GF<Lz~;
zBdI(<L);4(tKewdhr|4xD7;pdnCoTkA%8$3BNHp*S<j<8p<2Gs&(k)ko4ZNkEXd{a
z!DQFLdy7@@8H~~4zMoTA%$wtbv|->1<2Z1lg!0?vWn_&J`k$$6N}znVX;g0Q8}FD$
zEadevsKrrSz+@B0r(4Fvgk}>4i;s(=%I}{D+Kwa@D*7OR3fq}qUxr)MSi`LMa<d{W
zKhAG1=Kiq9viWU~VpbsG^Tx^P?N?m^6e+3Oy`=b%twIe~GWrUGx!|~EViEarj-Nt)
z?*(Zk<aFfq1fAMT-xdJ~U5->kHj=f=-ttq*Jptv!=odrew<uz@;QaB{p}n-Qtt2|S
zl49z1YxWCrQE7vy;Ju{uomm<11;&=!LD>$LDm*eiGrMS9Tdnhqo{=%rRZeF|n5|sf
zNfNRpJoKq0YqgBDm<<r^eWDwd-mKKuP!>VV&9U7KjF0a<)D^6APIFZ!ULrL&*^X%c
znv@+$Ex%rs%kj!G``n?=)*U#I514FKM;T}u2g>P31-jD0b*r-&9n%j+W}jwA#tXJQ
z?s~_zm*Y01kDC+5dNj6&U%5x5YfWSz*l(&2Rf?ovg)hZ@(ObvxOjM?hM~u@sgJWog
z5|m4(=Z2HU>5D>pCB#E8)#hg%Q5WQui^4F=OqL30Pw4F)MiDd6C7xKI;CDG!W4Gd>
zKvqYz;-S{-k-ND|y}v$wZ-#4(`#7>ND3zZSX8ovaQ{kTN_|bK%DR;c-b%<=n^iCo@
zIzjaNzwU*7aiG)&PH%?Z`OIk}p}9?lbiQcEZo2KX0Gi(7<@6!FxnM7%o!K6=C?eyZ
zqUBzyBcbY>Ob&R$@GM+-?AtFM&8<J4)w9vVlX9!K<SnwvEEC&Y=71~H`3GN*Ma;<6
zen>)?>ML-~n~OwI<TIVS+9UeHEjZ#wX^lHpF&H{{hpC38)%F(+J&%abiw7!IjA+f(
zA$0BEn{p?cXwNdbMdI&3Zvl|S^hmlXbn>(1X)PLCHvW^r>6E>c<R6dC5Mb+{hDy!p
zd1|)GS}?w&F=~_lG97I(=tVKBH-(H!PVbaG=H@9M*zwx|Y8q6N^+1@S+Fsy?SoUg2
zW>t=V>gw$aMi-Q$K*ELfUves&v+fqPXN{qp=ljY0cPpM`&^rn{O2hCvB;UrAh2fyO
z3N*Ior8lkeNGjo>OTBRnDc|@lc1(1%t01i76dX%AF*umUW_TC{kXycyI$3Xrmz-^*
zR+~tg3EZh<L^2wB5vzzc5IxLd0hapdZ`SLx<<(R+CXognm$d_X)3q2_UFXl6{BDUw
zZ%lFB4u!%DmYaaf+N2zne!Oid8b7_@%09J!$)WA10yZn1<m?q4n3iQlExTuYHM_r!
zv(#K$4$8$g&jbqMh;xI!G_&+B=N>tX_r&+L*Bsv_51r&hI&!B1`{uJ3-S^&Ol8gQr
zJGrMwMBr12a+ZxR>e%1Mx9$HbzoGrC3Iv^tk&FZ17!-p0lgQ(Fea%5$1u=;!ORv=l
z)*_SL^`noMn60`SM@(kV5@rOAp@nP4!x7#!Hp4V5dM#)QCppm_6=YHApI&p9DD^KM
zSOCW|G<90N=n2L<UcX+F|9v4EV61<iw{2u6P-RG$1Y8h^6&sBD=pi)t?J3n%LQU=e
ztK2g6++sfHdcLJFdb1Zpy)6DY2@84ukN296A8Hbr&KY!L{LQ3MU@wa7jDd^^<nr%?
zlBdH{SkTVm$jpl*=YK_2%zh0X|INR~IT>F4zQ_1Vkzy-vVC;Pp&TvgI#Y|894Am&2
zLJ`B0_GKX2Y&CXd*qh)WC$5CB((j%y!Ki3g<=Z$L()!Sl2F@7<iRF$^c(7ZWfYV2f
zn`|4^&sVM?^8kp~fp?*f8<$;iLu<WFg?08=G6rd|Qtm{a-h9@gjLFuJDrSK+vyK~4
zSxR_Et)V!Vy`&swa0%N7m-Ye&b*Q8X9efLi$Q;t}Ec8#Lr+t?@xw(S@X8hKqDJCbr
zB{2J|i7uty;^O>hUfu_W{QggIpd^;Vueh|_LXuVf)W!X0dbpl5o4h|HB<cHxoXz_W
zX@4Cz0p<1j{g(epR%zryTQulxSr3wU*$xuYpH=*lfY{wzG(;-d9y&6!*~A^L^L~FQ
z4C1HTN!bW?ci+4(Tk*IX#`oAbGLWCf+&F7z%vWkRt?)8?Ii4jHm5Q_`?^<mm^}aqH
zI9`#d0WG6?Tm-8)Tpgkd^VxH>T@c6eb&3Aqwor!kpV`;gFKBfjAkHmtcic%4ZuB!b
zS3j)yCid=ooJ>A@Hzb7HVw{Xj)Q6~CyV|_KM3Io^swGJBf|!pSa7_tbnqhRjUo<{k
zZF@a8Ar_D+lVqYZcXZ>jCP%h(hFz>e;SZj-?Qi9laXe{g^|*Wx+gwCXc7%4nJ3yY2
z{8~d|l&IwPLNpUqc}$37azr9k)_f`WCaP6k-AU|)c?g?X$_M2%`2h3XVd2ftn2GD0
z-(?`9%`f=7%R=2fXMv=S*M;S$lW$4qx?<M133GcDPL6-y)`L&yXUc0fSHZOh>(4uo
zTQsJUV5+GSHs)&Ug{pxr5Q4+=+*D@1$$l;7dd)AF*?CwITV>dCp^BW{Zr&`LKmB*q
zc+2Inca7Ho&1g0^X}!h7U{<R$XPz)t=Li_Moq^zhL*y^^xSzSRXmPT%;da)wo1D)E
z|MC$L+`R-VHM94g52$}#Y{i{c_w)mpWP@Q?qqfZ}gS;CJgh<pnlYuv*nS8Npsg9m@
zBP~zcd`00@*<=#X7vv7vJWsWh^K%Wbo&}_k+g3JHVeyx2a!y;nQXQ%JV01pi^~QJ0
zf>EMghOlR^<p7p}g{-ABkZ+a+H3Fqh9@ARK^tNVn{4gzf9k(MuU0O_oW-zTSUNnw6
zB+467*hemy#s0B8M!6ZisE;1eh(-7Jmsxiz1qE@ICGBcDFKmOhxIr#uOdwYcmBuEC
zhbx0<lQ&_c)$se^7`<KZ&-dc>{WP`@{5JD(yu=j5L;P|g5jS45c~q`x<APi7<;+`|
zyE;mgEFb}eN=Ti2lQ`piiC;`bUTLL?p5)3=HWeWwOr3Xn4qKIKRa5e;b_tHob+)4c
z>JTQVv|DW|26`nqN!hXrmBfLaP;rISy*sOoWuh`wxMVBH=1tXspIP>_Tc_SUJ?*$Q
z1R`DX>8gc>?Xcr%axCsKU6Ar%8~Hh7GR7Vbe4G#t;Nv~~y#%*7{R;_=Pn{(R=FW8w
zkvLv+|2n+*r9;;sFvHboeXERiu{~GfL$mSVZ#!A-?6dq$aYcig7k(brB29K{fdydY
z4d~w$or}ybvRe7^>u}J`dwe97@5AMSPPebf)!|ZLNv^M6h^*n(qOP)}T{9aK8&Sk-
z1&YDU13u$+!JS%l3x}=9>(lAB<{J2(rH}J>#?>lM{M@prh1x{<Hbc)hC-zIfOb^kH
zGksa>aAr8Irg6vwoiUfi%6mFhY<pXs!Do|6c|@EDo-EDjtErQd!I4a?^~3Z|ov*8?
ztbnF3+b!jeu**bFcnChf!wyRf<x(J)74k=P?osbqBDi+D59<{2(H^)KZ(jp1SE)Tq
zR5=B^FPP{Vizet&igI$*4^kHMt$Mr!G}{fNumXOrepWGtadqEO)7aLHl45oiHn8f2
zYbxxl4<0ZWZ}x|$`SiIGX+Yo67Zk7iBP<H|8PU6~rk=wXRKO8t&Ql-DwIC_%9R!?b
ze{UuLx;bHKO}6iIsSwv8M?b_kp0K3<e0!wUbQp(4r{?$VMs#E(93s8h2L1DtTxS`I
zngMt@x0L!>Ti}cIlb)mQ$CVo*wq9u|!eo8%Z?O5e=)&Z$ze>U=_^^3%6*Gl^Ma}rS
z&TEgFB!a>TYh_#<pVV+!5(v4Ni|}|Y(6Y{QxN*G1GIvjhLa?Ig@?sANZ(7G~0GfRv
zGANQsoB|SeObU%yG=K4Fh-qxje`BorY08u=2TiMn9=bbI6mE2U5U;ZhSQD|e0dfgX
z+gPZfCRi545p6O={mTC3iKmOrD<6R-?@%0#xa=D}l`oFAEl~OVEz28%@qFHO*y~gO
zLOW*otg)Ugxl>r7vk`!=>t`00rE#`{M<GQDOFHkc!+|$~h!QsIO4}zrj261lPj6R|
zm`7s^P5n4C=z)6PHrq#Q9UAlp<RcQDHs-w)z#VB0-3cp}#c6672658iY`aYjU&;e^
zFBS!hj(F&8ZD&PE9QBoz9LxLwJkiSIzwNcV3+jN3j+?V`WFkJV*0T7+6Xlg-PFA9<
zKb*(KJF|A(?7WI07YgA9UvKnys&if=UHKi4F=EKYf?wu77#hsJPP@B7@He=lTIIC7
z&c=aIvAHuLYb+_p@Ba#~>O1f_!62o;g~x~6f}x7{!Ac>&<GuFtRBN3xQf6MObX~u`
zI=+9QqD&N1I4>sSwry$yg})omf(FJm+x4yXG1mGmOAEu-ouJp}fE$xtw+`gugB25O
zf#2N+l_8e+hnBWs_(i_4$3tWvKWLNbic%y7*1iCA_#!Gjs&^o}94ZenTyc^$yKvh$
z-U$9a$41UKt``WV^nF%-Vi@?cWMXr&s`~We7mvqXvg_jcrCY`034+sZdd%ZufTW{k
z=XuA&usMAa<LOysxhl~b1*a&deCL@=_+~Mri`Isdle6oRws*P77Jx*hhVKWl2X?y-
zceYsU=$IBs3hh$KPf_z?)6-h4_aJtDsw`+U*d>NJE=>G(qPG>{ZvQroM{o6(fttC9
zn?XhQ=br^?DNwUcE>KP}i5uAh^+g<|iTQ~F3&Wh!*P3u(X6j95fSuWtOkaUlsU6`h
zo~{&{O=E~I-iJ?O@Gjnk#CJtDZoW#!i3rFmm}L@P23I^E&K(D?XI-v%&YjE#y6^kp
zZ}IXbs}_V8g#*)XiFsk!ww;~1WW;waGAg6jA+7Iq>30(8!Y2}GrDDd6a|<I{q#DK%
zOLQX)z0$*R)bR<%<sTIivdEI?^IXCX6`ICcDHCEV7pf!QJAP!s06Ce84)YoI+D2rW
zE=y{>&^3t1V`b7?|I`;IEB8&-6n|Sf=L7R@j>k%9=??C#;uL0EN%RX^EY}T=FWBFR
zX_(GU!m62VR$Uisn=sA73ZV--oS!_Ys>9z%Kuy0F0-%M47$Ml)BMg1CD-yJ*5jDdz
zGM-|9%EEIW0W8CK)Hou}ObM&bAlC01>iswMg{%n;;qv`k2_N^L7EU8_k!1jg-3?>I
ze%x#+Fyi9$l^p7P_e-+K3TV8C1z0spz!i;s)r)p8iXw0d2;LlHU3NTPuJ^DUXWDX;
z@8ixr>|08dhhBlgg;2mIH?~;c)@q&kAC3en{I;YE83*&v2f+@CW|?W6Ua;+w)BgJE
z&4WO&19JBHX!kFiT3aEiE~K)+Ny+BGD9Tf|_H(h-Akc*I%u(Kp%W>q7yCz17qsIy1
z&4YUE`jYlqFA`Yd=yU>Z0o?)@8{qtywvVr{*fIkLsw=>%_#=S}V}s@PelaJ?hl5+S
z+uxU~Dh1bcTM%c>j^~F0S%U5aq&Zps6*0_2qTMLF6S)Hiu@gN?^@iZ|lksoMgI2;9
z{oIRQ>qIe!kT9u*wJ5ABrm5xT*H~=&KNx)<8LlW7BNvdT!pIt9N@emJlGqi2mlN9E
zq3Ubd;FSH)c*-@DDaXrsdirQT*Ns?C?(}z63h}(^N&Gw`j-!jNqk|{2HQ+gg9hf`c
zT2v+vuAh4FCK6b)i9~Shx-S5sH`W|RW?L!j8Nn39c#Xk2j@NW_#V$Rr9}e73_Jh;-
zP0$4C%i%brPAtqLNshIkuhYb-CwEajPiZ-urjIll)1tqNJH^s-cM4gWrKX(5SW5N}
zToj14wFkW6x^pgfaH?5oU0W{IQgd!3j%Pq2S{4Hp|IXXm@Qwnd9%Jj(*ayZQ3Eb`E
zSLddm;Uc!@F}(6Yw<fl4vQE7Bp&ZgZ597So-n*|(QmwdsPfAQkzRpUDk4TEYGydqb
zHo~Aw{ph_os_gy~Rw=Yr#ZsAW>nsu{*&jV^Pj$ji+Zk3-V6<r$2FUiK`uSU~c=+A!
zYl;Ukrkk?(!ovU^tWTzTA*FBX6b;d*RDz-}nTZ)eMyVLspF*WV<_mN~-^2>KJZU9C
z_q1`F0x)p*XO#VOfaTGtx~gFlrFv`&ByTyf=8m&*-s>#3(WbHHqDweK5&IFe`-jyA
zr+&$|!^CX_LeFeFT}B(vqz<VnXb{l}ZMZCGkXm52<>7mv)oWC-IdqhQ(81T+eQgv!
zIZ3nkTP(YMI{;Vb+e>rlHCh#M$!M=PUkiuY3c0}&wNuJaG9qgujRvX=glf*RcR4w_
z=r`}yA{NB%aN6BLF;ci6;wH7s=JVT)uj+PdT@i+48pQ3ip;*QfSJkJ7e}v+SV~EFK
z3-AXiocw}<+g8<DbqEQGP<V8tl*ZL(77&uvX04f0CWdTqLjtwtp?pk7#QH@(&Wyw5
z1>)@Xik#o&DbuBV3JHdts4wfhVE)>oy{nbE>-)wJlT9F0$!6<N<ibicR`X$hS9b2^
z4*JWfI$Plo=mnnJ@ltrIwn1#^tQrew19Z4jeN}YTY>l8i8>*<4J({E_uwd(DG&**R
zadud<v++3U{+gT^U4EhyA?Djiiol}iM~bx9UdEoRkE4UIXGBpPFTqTk(mD*6RqWG)
z-O`Q}2Q#?lM`~Q0w=teA2UWLERSW|wFG2zqoiL#imCq)MZ>05|aS0sIV28SCpxx{i
z&<^WfLQ3>mqCGe(9XIZMV%W6mg7Io^QJT;;%Eca0Am$X*ukV}wWhJoRLpRxWDMg@h
zyV#)02ohzJDF9W<F)vx`H0$7#ABj|8i`s}N)WG#91Pw)2j1k@l4n;P$8hILJ4nn03
zZ$`jXPi4dt!62(22OxV%!+Tc5w&QkL$S4};L1K0NXV0K*$aOd|yI%@ynDgDNa9(WY
z>K9IUduDAK;+PyS(iB%pHrzU`sLI0A_WA2spE9?;Af@>EA9=QfTvBC*OT4hNM<3Ns
zp?Az@3l1K|lM;Q~gKt~kMqj_UGP^I1N+s@7V<w}(0x`qATANHQU)t9Cj$T=H6$(#S
z>zJNO@ZTTAwd}`TH<cY_g|-p(DP{|9boz%3r3@835>o=rp#F?<@+p}n3>XZJ2}T<P
zja&;rq||&A_?~bN1He99L)>T8Nhv)2sVF+TRd%{q;>94r0|_`)y%+Dgjq<NpnbBJp
z`DiDF<qU}HMA>-(E>c$xAYKsrae6*(oFzOwQewo22b^r1?6HR-9W_H8+gm+*-(=<I
z7>*tmvH!z}?-4(vIb7T)3c@BzVGC&Z3@6aeH*gW&%(k6#n<AggQ)0)U5FjX!)})a^
zSHct8I0w<77FDX&;trBjHd)WqKcgKq3|7@N`%Z};{e6(Ap!h@1EBxi3)U=#6{4#Sg
z4G=a=Ra?EE1NhoBA5tElTMLB6N<|v+$-s?_!ml{b8hZ=(PyXzTVHX{=Ng$f`G$#pZ
z%Rj_tWc_*-d^vVPT6C2j{9FR1Kv+zbyj{d3fA+rRdxL#)aM#OOskLrYh@?!p=N*|8
z+HNeSE#xaiGHO5QsL%|ayUr-q`dh{CPW}EOVm?gkazSqnjIZ4!eW0cNtLgmh{rzsY
zbW%i~6x?XDgjG)f@qOX$P2<?aDctA*M-|F=4Z=3Yc%sBOF`EpfPjuRzOUgaa4P%IC
zC<v~f_Zo@f$7S!oh$oC^mEqXRBkyrYFLA+7$I7RY()%6plBQ%^x=<dgw&1gBAzs!w
z_pUP~)ZSiwGc4sx3i>W;;qW5kHUs;_Fp^2GNS425)YB>*u>Pj8|5j};WSM`@H~=S-
z3U0cVBQ7s5i#~Eb?S%bx(5y>QNOCcY+LnuM+B1}Btti>ftqs47x|ceg<^(~Vef^+%
z#Y}!)XDgZ(bUt`hu;C!?KVs_X9?v)LY)j66mRUOzr-Oa=ewK?SU0MAuoO$LP$Mq#<
zAie&0Sq{7SiC1ewx+7OE!Ejr}E;X54M4Vt!Xq)M<NYRdjK|{-MpI#wbM+kl@_OR2!
znKEx~>Z;Hgft*|AGtZtgc`a4CxiEojmA(r*q2rDC)fd-(-YTR*&hd1Df+%I-szmb#
z+G&7G+=}+IY6suelxEb74M-PjT=MjDot07l^CrtXtXiLoZeyP*_9>pqXo!qHZ7i{p
zB`kb1t~SKoN^a<0=lYXYWGa#c9_9^*&t|$L&(};(=)1)Zot__Bq{j^Y)xKBC^d|U2
z`#~QzAzSP`=YiKL4hi?$?O%MlRTH@3@wZiGbROMYYy6bh(uGQpWOmLxxJi^{(rkIX
zy)Gkz2S`9ma=nX{AaYwxqJLCr$XW;Q&}Nu+=w-Id>hhqs4ZnV*F798A_G8TtP8J>F
zac24xtcG~>e+WnPw6Z`r>Mj_n>foI-W>xVVG|ifRVl~Z*soX|>IV~mA=xM4YN_rfW
ztX(v+*mMgtGUoS7Cc+H2s~jj_Hs8~w2wSXt^@mpghZq0FYOp)-jc<a2Qw|&{0mU89
zmRRkOu~sUsBAyytwxf9Ahj9F7G<KLP{P=AdU!RJS>9#Cu07K?=Q0E30ZT;URl;B<(
zOKUC+UfEu=Ry%Lcs#MGN*9?GH#hkJ2Dm(|1pp{xA-N=}t8G92dYu#v@oOuS9)tf9?
zGUj)`J!vfS@^^;H8Yn@PuMP8Adk39&A8~BC&DC|3EIVCtDTZV8`@_|AgD^Swes0k-
zHu8M%*7t7@ec<j&yQI~hd3qQW?Yj?XSWyV?DCY0}ImE2kgrvbuM*@;86__jo!HnVL
zX1-mAHMKGn@w|q66$(h|&&3-l1*5lX&bMln7EesHc;!4s3U-B^N!b$Eo~feCZst<}
zx>Mlo&vwPBrJ6pwJibR6$>{1XBk*;5n?-eyS;wHu(Zeci=MR^Bn-rGFY!g%J%Gk*H
zHfFTUH6V6@$_x7ziE_*z7Tb}|B_E-~;4075%?*1$9H*EGfYQMR$K6YRqm#?Yq`bBu
zuVU|&-dL}JP+8LE^fC|;^Uc?$FJU|(7qRY_9nU}M@f)9(KX*xVN$+Hac_=I=rpjls
zGfZ42rHy*+b1F@aNL00tk2+*tqdXzHqpTJrsrkom>_-F>a}!MijdjAqc4LZ+@l3#n
zGq=h|sl$G5bL`e3+^z<>k{BP#ZOkmE?*=a3h4f7lJ{YO)pW8k#_BXlDTdw)1*PX_i
zxv53prkX81(Zsm&(D)pQX3RWeZ2l8AQwXo``o@KfWpc9Z{^+p@j=bj^4j{UwASSnx
zfb3IneP?rb4^!edTKA$pm`~5<dL41VqX-F0Zw30$*ncVY-1#au-1HjFN6cQBJ_cd=
zouvY(9uuxk@CL(DT~;KW+@5iU{#?53PcmkUOK*6JKqyKhsRijVZE7D)V}&bEs5I}Z
zk{l_$KuBu40lrW#&Wl|{laQr%^uV0*qVyt#_yKndTM;JcKs5!mN@&<7vZhwqgJSH^
z?Nng|@hUPCHOt<dX3Q8|+`wt5uGYDX6&ma{sMrA{sC^qS!bY*70C>n2i5%#?Zsc)g
zn`&!(B0anPS{(jGIPCFtax~A%oKcXSzn&o*SPz3Pdxz0Ero4rYCvLXYGnh*cM>o$p
zkQ&`fO?$i#r#e$04^r`WC-cP_Z94@=DO{ZpsH@9MrFnF{rbWz^y1{HH>5N1SR6;N4
zHNL)m2wmk;r}Jp$i^s{mnstzj5-AG7VZ0<(7V$E2ui$Il(V;vpNs|w$jAgb;Fy`K~
zPYTS{+wbaDf5qk^Ti0)G9^(Do@g40>7*1CMF}d0kDG_kR24_xC${M*MTdHGqwi;1t
zAH_^zCPyx@s_jh~&y$<M+3yC8&c>AUAAzTxIpY>C{OG%gN-z-7=V}Tfr0?JT!W_hT
zN6o&>8~<=Kz3_!1Y>H#_s3-@-2}^t+B8RW$Iql{K|FL&ic6@7IyJSZq`!gnxOIq~k
z59%7DI8LtffEV8AZ56KxlDd~MQ_*Li<D!jwKNf*C8>&nAu>G7)GG|usebG+)i!sKi
z3<m?8yQ<H`^2|qbctUFk_17mD+t>0p(^`HO6DGB%t4+n@MS9Ioak4jtP{<<s3&j$9
z_UG7==`+rQ0N+`UGz~Q5L2C^7Wc}rWC0QPV>7zwQz%7Mf;2Qxgq9NGd13H(?yMy}P
z_M9l4LO9zAHSRqmFcmMjif}R25rd+BgXjz~cqBY+NF+(Jy85AzH8|X-d;PAWnhg;;
z3)~azx!fh|)1<@+#r88Rx*c!3+h`-H$9(CENA{8VZTrJ4{hU4ldT(meosc&{Wbnz6
z^?rlh%3VSQ;0b7qWo&OwH`qcvIiQi)v>Y_QWuwSE{Z$L3gE_n|_6D)*VyEalL?(d4
z*QY;5`hG0);@A<g(LR_^A(vwbNXQbiWO{@b82UJDbbx3}p^g~Fbe0+`A!|(m%b3Kj
zQykp|*ag}Kye*gq6=KzQ957OD6yS@ffyLT)KMqK43}cU-r{k{rJbL@?$=~Fj7DbZ_
zL=J4KjHIxlZ<h?Gu+RO=%Tvx^U|5EA6?$wqE+=P@wc}BvE4Srzq4dV;s&#7x9MnSu
z`Z~gX$ElgE{ON{bbK^GpJ=E_;KgtdNFE7s0T}6qq_-1z0aAMz2?8_Zc)r|qWz>_tM
z?gQBG9$Eug`5w+Ee6P5f-=?~DJncLFYwHo>G{d&$0gFx(bluMdH&~|46BQ@^O*@XA
z5G}?{VI{=RnK((boOWX)QEta(^B0WPS-CYJ^<9{YB2L?QB0dw<dXy-pZ!*-`viVrH
zA2lt%NOrwVwoTU`=Y;%2nf=G-g{|jVMsq|E2(xiA3qctrxiqsz%Hxwdneq4}_Og@7
zpIjyJG7ywy!q$s%Akii9U?cw3<+eIf%u)>d`{Rbfa`T#R<j_-={9kHt%42RP0%^r%
zedFhc3_PjcZFWWmmOz^WW`ib++$AG=ze>b^AoyH+y^5_$?7i?sN@^e=8Iu>U@ES)}
zWp!=1F^Jyzx;5KEVB&B=FEhcmN}rT%7-^b%zdsp5g%<Gdb_&4FQ+ogE%fDL??|(W^
zAA_3grT_0A{^w8FkpEu!{?-5LcfF)(K>yDTsL=jbKWx(cYu_@ChwkrcdNk>R_}W^|
ze+IZgc6wjOJXN8bPS?N4D=3ux`jy|^ookuOZnSf){2l}4Wn*JwmXLeQ1L9iU&~QAF
zQKcABF}+L5XLqkG4zR~hLQ?XdJ)T>m2N+hDG&iUE1*=w@sqqZY&dzF^B``OlaIdBP
zqp%v|<<@Ybq?FVK3>H{Y!U*4;V5Fk@(a`WIM-=quX|pseJbVMdk$F)%sJR!#fJ8Hg
zSabOH0ZGy{bYm=EjDDX}FLgyhisqG+go=1yy(b|NbguOF_Qu7->#s8#`EF%J!_A!-
z5D>5?_Z{Ja>GmMzu>UCW9=R)?>A!%F2*-@2V-SoO8j>wz(I@(%uf_|m*5KqX+g|>+
zsSBob1Z&lHHOn-d{!Y{D>FM3HJ`UwcgcknX+1?Ho&!ghyO|j2A`=iy{5y&j87d+p8
z600gR5sE?rx#LK?3C*asWrPZ)CCeP=^KwOc*@P9hX}iQ)rt{9<hCqt16~B+&v-XkC
z_1}d!BG0@z%J@6k(&<s{I4w7|XDp?^d+5rX483|Jy}Z0s)zF|bI7s>G2H#QA0{}cv
z*PlO~`(YFo)_>#B)YMdA*m>uU0};&$TuGU{dW2VVbMtb^+N;D~^u^2DV~KPIe!r0A
zAibSEjX=FFFY{Xnj9;4lh3$10a$~*lOIk!(#eE_bcE!aZI9_c&$+0*yvRAs3ihpr^
z#layQk-nB@oY1pMAr0oCX~=^igJ0~7!Sg&0L}SQAM|%Q8nFTs>vkG4?E(yi8-wJvm
z4gPVqv@!EC*#72b?^CU#aMvcV=f|*VLd3SGFe4*st3F$B)6I<s(zea+yuc@Zm`wGC
zVVZ+~;AGrX4D8f-Hin4jWcADK3dN7SkAoZ}el~cdGdl2bi+=sa8gur7qteU%#d!_O
zzR<gS)&c{be(yWy{VAczShW-($_Z#<l-11~iqP?<&_X!Oeg9GWO3wWV5}cVyYG!6u
zs`0^+ICjY<MKm@h28W!S)!-l|CI*j?@DW=)GX>Y1?>#OtYbOmZA)$<oBHdfA`Lnv^
zFv~+$R4qDe3Ih4BU(xc6u~}9eLvrM}(=LQr)`GcsBL*C6>F6s9+g!t{d4xOvYzC`|
zIMzmn>*C2=O;>($DZ9}oMo=aeY19GN5{)!2>OQCsXON?EoRgAPQ8Th8+ai8F$A(a3
zjabAu^IqmMP9C`Ixp-Z8k-wy*NT7g)m#Z+4TXD~PN`zrxU2$`8^d`;!UWgLpfzbwD
zU}19c^2Ut+wqXzf_DNt|U~zo<6f*t|x!*;?ps7wYHp)TlQaZ>uMLH%sgTtVa_N+i_
zU~=-AUgz0}F^^&t=JcA_(B2-uAk4@U8c&Uaf<i=+Y3kNU+-McB;qMy~B9oq`0sIGh
zx&#!!ni)9e>2uRdOU$m{N-P`onrxRDq6PW+`M+6MTq_mJxQVg$EKj8FC4CYX-mYk!
z>^0&bO(&vEou7G!75k8E>BqpJ37m%St)FtJ>xtYCIR7P*NI~|jQzcrFbB{92swbAZ
z4pz^6)N728i^hE0sWp}~9;RDu+)|y})n%-aNHY2?W%toPmP~&$*nOVUOIky%d)@vo
zNGqbcn>}95+YB$;+9cyk$<D(=y(GVGJ$x0BZbqHFycri<4Bt9J(+gD96U<k$tesSj
z;)IGtX>rS!n`zi+yxV{N$EoAYP;dPAA|8<T<pq}P?!6{%^mhhLSx_=D!|Vrqb&_ls
zwj<Vsv+R$%4g<IviF%4Y#<L3Q-&wn3r_k}cZH{LP<?jRlzJ$1mBwaEqD=SZxx6c`O
z{G6OU+Jz^q?8=Lai?aT<$I#a4FeoKegC)O4Qi%SsBINGqaJfCzK&ZKP`&14hGst9w
z&)S)vs9zI^%NSe7CGf(Vl=NIaXKKbHRA<8T)ngoZKD!+K)P<hL5et{We0D`Fq<&7A
zV27X<1ot{mni?{7GI5?i*ERcX(gMeQ=XyE2z&9iE={XK-?potlZGa5Comaz)<9da9
zaxE4bt^N1Aw}b(R7F3|O&aDveAopi!2oZboz0^J~hP$s~8)%K|>U!z3w--u`BHHbz
zuyP<sLbAqL%q`!1>2oLhxcCZ0e&V@2A1h^q0PK@wSlYLU$90PdWZDC%#h1Bu1b5Gx
zEFyGA`zj`)e-DTRyG0XEPTlVbrce2|w6$&=?hohFA6Oof_nFwNi!7%wtZ(l`mA4BW
z!vmS2&N*G|{wiX~^m;_(lg2$`W8@ZC_9?a^gY92<2pV^r5{R-#Lglz;R>ityOGjuZ
z8lt(bYC|q2zhP!|jpmr04Vf8gbpADQy65&@D2Bl{0xnvP{qc@OBzDuDzYYAA`7v}J
zd+TphdHLI8U*p63Gir4&?lhj+RYZIchZt1fz|q+q%>E%=A(oVb2CcW55zPb?+ubcD
z<bIqaJ>R7T0DP>p0Mwa=&rT_+sH956kRn#{sq`D<coTv13{JoYw1}ntAMwP4Wva&%
zYtp4BK9(B&V<1s6mX$x{P0v{r+vI*tP*Bl0h_Y23x3spLNnD}ibdi2G$tm2?68IDR
zyhY~@b=*#}f7iLb>Mib%ro_!6^a=rkk*KmSe-@<SeZ?P%qV$e)^c3`w%9!@L5#{9{
ztL!LVu`BLsNuahJqe`M6)^{pC=Q;F<@Fx_gAZ`ynkr|csfBeRYrI$JU*pvHX=-mZr
zoJOko#^GT^{kD$sIFqxwoL)juCKTPm!U8G+)de-C6eG5SLd+fi-szqbc*FKvBkmyW
z{hl(;53Z<0()?Yslwb#X&$7rfhx)8~p`Lh!ma9!xug`q<Ij)@4N!pEEeK+ab@v3-7
z9lty4TyMPjH!2+Bk4dqcGbla_orl8_Z%*BvQ|}mZy7Fv9R0moJI4mtY-4hl${IU%6
zi|*n|>Gi!QW71E;T|^XaVZFg`@28jQE##DxlB=8*R6it7e}_`iG?23?N^R_q#Cu0~
z_|3>WtADgL=!@#=mOb?mc&olJ$z7Hxc=>CUmo15W(?p6qI(FpD;dEVmghSAP@O4>_
z#|^_wm9aEvj#Iy4r?#YxJX<T$ye`#X$yY~!b!&dacNHoiI~_pf<I~~jn5`nYNka0(
z_t9@lM(cj&(+N5~y#!w7DPXv)Fn$<CeOxCJzZZErFBaFZ!?f~CSxXufc7!YY{U@JO
zdRAD!Nrq^2fN_*FAO&~*Z%AMuZI>}8S-H(OEBUb%+K*`Pv)<+N#bZ&^Dgh-6Z6N?*
z=$V8x=9K?xA?vdA+*o}-s^=z^Grj2-4(0J276YSULYjtF^V5CUj|=(5{w+G%KoJe2
zMU~QOvXfc0+25h<VmOBz;<Dn;ciD|LUH-BWc#Q(T{K0HP9lWuuPVlT!J>+-Fh)iX#
z7qRCY=OT>2>V7fE-zNH6s8vYd;93rTjb;Dw_p&90YU?r)ij}+;_AzPSa<w=Bp6Had
zJGwiL_!0sr4|mNB?JOWW`9b7H#xDnON0mt(G_l<UL&)j%Z*E%<5s40(PiK!|9~eF*
z*^YibKAyOHU~KidrCEM6?O1na3U6c>T(*`wOT{f^**TnWB^)QC9$$Xf{F-_8YVThQ
zvLO4i&Q9{D<sF-0$Bnl853TaK>5OJ}DH0IEUC~XLmQ(VJ2a?!@fp(XV$?+U5zoCsX
z+%uv?n{V^@y96|XJgeKopIfGR^MsC(#T9o2HtA!Do73b*#|9V)j!fnE^I^~PwYvdV
zZY5%pOq}!?urYoT44g@2bKIDHuGY6wd#$p51xBCrqmdyNzw;+CFZB{gfd!vT&wO`H
zgfflvK?W(h7mKn){o>zlBf`H9g$?N`fWM(GOpsH5{PQlglngVcReY>O4w+FFLr53O
zj5hqBYIPE<WXS}5$>cd1Dy41k8o^i9FSGF(0s%qW06o#|d^!af;ydkeN~kJM%|)@P
z%?b|b7J-4#<hUE3n3T0$i4oTOiY$J|>gN~*WJUy|!l=ZeXCL`p&t4F!P|{5;pj)gB
z2>bH=Fur)HAYw+=X#mE6$*A4?46%rgW<o5;mUY8Q0!1vP4q7x+2a+7q>Y~roZVVbv
zUZt`dnpztR&vUV3YVdMR8^|PNzMB##7jXYeld4Qf|6vjJ`iF*LblOdhhPJjs!Jyb~
ze)qi5!<}BU59`WRD4MN|RuRmUotBCvL5g!KC^Wd<?F1e2D|U1DP;vE+G%ekH@aF=M
zBW<!2#dGG||E!Gj*SLMEV0-+)?qpiJs$aL_8{2kD9}~z(f=0zrZ_90AcCMTG`^2UM
z?};2|<7=E92+{`;Xt5=8V<IFLp)Mw}J$j69N_evU5c(lMzyLi$u3&$Fo0tBU3QHNL
z2}X@DdEsy#y?HT4VwbBI8rUduFd@42Fhc3rTu*O*pqkU|(F>8J#9I~UxI6VXAf{$n
z^10t#&aI>Md#)AXLy`$td{5ISUHt8D46bl_SC70IRm80$)WZ;bOP<~`lr@YX58_Q6
zrhCACWQ=s#xW2f!x6V8AdCq%9A;}s;%Sr8jldEu;|NZYArT4Cj-NL&Uw1<Y+p}q78
zLiUKF+iR3DqGlD_&vx6r+Zib11h2Vd2u8-VbEil#6t6nXPg0b!x@X4wmlaq}wceLO
z#jk^u+qw<8`}54?_=h|B4f*6jmYmq4Q}yD2kwho`?x3crc`ILs#@;0%fA353@2+0b
z5IfGb`4lL53DN9c5o~`DuvCgc&+ATJS#9@zdsq6fP7OtK8pZ`tmr)L&G*r#B^aSNH
zAs!iQmN>mMQV<8<J8x+Z+$f4{`@{Z~y!pVGfzy~??d~Tj#nQ+oMd51xpvX=U`U$TZ
zA}@oGl6u^9QkDFd7k!kAZ8|Y5=B)N!bFvdBUOf1Sa|g`v!ksap`9Y5j;{V6gR|dop
zY+XVK9&~VbcNkoPI|O$K5Zv7%!QI{6-QC^Y-Q9Jt<-Ohgc7OHs%v5!k^sQU>oO?Q@
z=PvSw@qwG>v66_1H?fRytIkLgtx|VKdHylyQ}Ig#083ErPGZ@SFg$Dcoi?Y!QPp&8
zaFsnhv~V)TP@78ouaXGHgO~A-KtZX3lVAasN{;I#6Y*46r&kz;$3{Hw*?<9w4cK<=
z4E5T|9}`LVL>^gsq(b@=J*fmg#Qc;AE@XdVBueU35#)`GhiL^BXc!BQ;@3MO<}Bf2
zKRZHiwIoh2!UQr$GQxMuC3a^VW-=a?7rp3W-&I&rfo_NmAqX{2PM*W27XxRP(!zTo
zuw=x<)~<FqmSSdks+h6D!`U{CW;}T?D)@vy{Z&D3QI7Mq43p?j^Qf9<S35Sqpnh4S
zdsz(-y?drg`k%W=i1rMoJ3hB}Py?I0nOn|>-ZeCqnN~tz?}%UTdl8q%<BuY_%)(nc
zR{W^Q?Y!t11xGl5o~gLo!!{+2b*E4mwu%prk;NC`&q4oY_MHtu2HXdG^^qUcUw_Ic
zRemn?axx;`no97+2ZD+(v7>{rH_R0N&XLu=bGV5h5&$Wsv_k@@<<z~2otbR&2ffCs
zctYll^pDLd@AsUvzdc7L#DJ3>S{jd<3JJVrT1K_}N!UExtkFJnW5})bR)=F|q(Rzc
z8VV|1lxI`c(SJWhCnKXH8y<okdVyqXs;^}p4%~i2b*Fepb~hghjYetMVTX!??dv8L
zdWRU%ae4L7EvB1z!pDhS)PJ87O?~C%1~Ep~qccs-goU5;s+Ox0Cme9Ch=@Pyn-ESG
zw1SVHPN5Y*?oizcekGS6n3?1kp%Cs(t#dh0b>4<9HM#7RM3cHWlXFs}co`LyxPSP9
zH>7lydOdrz)$QKnjx+5!9Dw__^QpVMlST~D=g=Qs1vaW5arIv|)4mHf9G7tUR^$m_
zmTva_0BAmt#hC-IXq*A(#C-y6|IW+V6qQ(qW#syYj0o(b2HL&1MjykG&o2&KU0>pA
zEFq36l@+%@uzo2va{pPtELLxCZ|N*n^TD39SW4YFQ!zs$GDsoYB7b?er`NuZ*{Urw
z3(zESK)Ba?Mf_=b5ApAF`IVNUKW&!$OEw3;jC{5)BRsdy)MQE81~VVun*0u0Kqw9=
zhn2aH?Im*DRX|87Dwm`Fb8p(24&pV~>RvuIS+#?Qz|0}q8ej_jwOU0?ZLI|N|5+&~
z6Ob{#3e5;Acq9<0#&f~+;KeYWo3H50Z9AlaM_)YmS$$XOVh3*_uXj4Fi55z02q&H5
zW=@IuQNPu5RW_}fc;;s^$SlTYTzC?=S;yc?zz=D1eBnAa`cm6PunLEm4K22MwIiS=
zx3a-a$1l(&)!d8ImHgd)c1}Vz4(=mTRh`FV_PQ|TLUM<5G~M>;R<Okq!o)^d@%50E
zqLWcaM`!jjT0=u))=5CtzcH6hoA15((OTrRT23ZBFLgEt*KGs|+}ib-e%IOy31i|Z
z3b4%^6@9KGbKh<x?D@Bz-)yag#!Rpn_T$Sl(ws0H%79|Sp^u1S$o}Ej%gmILiezOO
z4o|_!oe7_S)NIEo4QGXpgyW`Y7XuiQQ?R?Bu|V~*y_U_s-891pgsydTAjhbZnzaL=
zuEOQM!Afh0R$=_`nhN=)9^-V65haIiu!lB$V1lpC%c=CYBY`l9aD!xXA?AKTtE63T
zB4$^@QaedH$4cif5Ie}n0F~)!AqH?FQe7(o(pB*Z>3-4O_wFLKn$2CVsi{fPasC*%
zt&)#&9LZ^r23kmoz1~^)yDg*E<e=V(@B~nM4|f1o9Jaw;A1@5AHofpTU6b?3#hc&G
z<Lb>M_TtvkxphYicRf8jwC$p~l(gLwI1++j9&dgx1VnjSJ=?+NbP|+z+!IjOzcB1(
z435_?7MU0aG!BFc)a|I!&T$i5_N!v_E(B#gr@C9l?=YiBs5zq^Q&Up70D_PRqZd6c
zH@dR=#G~xb`z1Fc(xwreZC^n~QivB699&Q)DWnAau)L<n`&xkixNKk4_?^qk$<+pn
zf(Z$4+KmVf82kDmT9R1*{6DCu07)4sGV_0gjg6P-uG9VMHV`GXTx9W^S?H@Wn&|Id
zq{Sctl>Hq!XFFJs25wXd78Z`^hMK%_I^&KRC3D{oGpRpPFvOD3GqORAq>L%dE0h;d
zT==V%34gXTlqQoSv5`yy8o{ML1x?Q^N`9JO`3C4UaD*JgNPBE>s%iv@P6?o|BJLPm
z48=t<7b19qL`}zT23dU`U$Dga>sVKzqTc52)rHcE!e>1m#+e%8PS02YtAT4*y8=rg
zwLDJh^#UDY#p|j4zVvuprY9B`2_S88DJf1(`@~9WzSbCPYaN~^hj+wVMH0J&l^vYa
z!GYAvs|$pN0*(k5C#M8{pOtVC|3(PfxSFO~ax$7k|7X`-3~`i{j*!(&>dXw?u)1;B
z&uyysQM6v)_Gs!i&d<__q@}0duSWv<jB3aU$x`O_s9e%Zb9shhIx5t+0uwzvY_b0S
z--Wz3Y~wv*>)vscK>W8D&$|RTeI<8A!_qMOU6#Jhy6^r@C1KYH(mChjT(_95`k3*O
z3whFC);?Or6Fv+xNU`Ql`p|7n3y$QyI<BQU-xSy)8KbV%qNJ)Z)qP}6qMZ&CEMfEx
zO7PcO)S!M+T)PeaC5}syRC(|gRX_))`1>M8*h`vqVDnRS^q)mB*!{buE_P5v1f|9c
z<UU2fZytHM$5pMZi}>N49sLu7&x#3ub`8Xe44O`30t-VUUyjVM$iHsE4{prOu0?m=
zia~Oe=urIa21+011oJMoXWQ<PZ_2b2l8fepW*)D><3HuUDczQo@X9q8rIVLU<(Q<V
zq<O&Ee%<=3KI6ksDD2Jc!A&+S85BXfRzyVt($j~S=~)G1pLZspZAzfmUxa%}hqf-i
z!9jLv4ED*%Xe6>t;)pJR+B$1v2$W%BYEflqxI<yyMwyS#It1nJ>S@K{tZM(L=kA|k
zBmE!KK5yPokKP&-1Wip%J$ql%*vQ^V4`_0sGpHnqXLZq=TUnrw@Kl$Yi#zLI)<S77
zO}~7^xb-|lt-swb@4nA%j}G=<m~WhqJ-w0=8N_LwA9vNQP3WK3u3TDFEdJ5UV+l*Y
zM^PA2ziAj##Rp%<@V6%8eE+ur98GfJrBx17KjP<s$(PgT*j^{kRQbM^b7A`E*`AbP
zI6AK9<l;iNC`X)L>Ip3Cm;j>F*;kYNeqmNNK6ay!jmqCw`79rb4LF*fo;sg?e6a~?
z+<WQd1XbocN%Ym{G@9q)A0l_Xa{KXFmEYGJ^c@uGRkW0mEpG&b_xiEsOxRSW?;+vT
z9DBR~;L%j~Gu=TdU7`bZ(y!E;Pk^i~UL&0u44k(4W2Z!KX-p&^?J%Lsp4tnfuCWLg
zI5@a`i;dfs+*~10#@j#Pw8*o9HVJu!S~61MRVyk!U_gDY4%-th(+Q=UV~c<IK3Qxm
zs-*IveQPO--^h5GhY=aAl16NbWT4{~TO#Ipj@nc>Qk6|?TrQbch_bxcAlzsrzrKtG
z*m!#-r;xiQH&;swonB@L3s;gB<L1nYV-~vf?8x{i2|a0$aFSj&c1eNlfjwfTN60|i
z8nguC>OfkjT%;A1fut%_3KupRIh96JUOI7x<SI+U!48+bQk<luLTrmC1S5aA0gJ5t
z-Z8i0EX(lN6uFNE#R;~B+xsCtr5ahylO_TV-T05DrD}IK3~EU!xF%~d0h<Cx#4Td#
za*aZ+Z=Vi1vL8t~2*QjO_87Ya%HwFpneo;l`ezcesfsw7T4rXh6CVw*>a-XN8_R<=
zKNt^R@@+pJSyMGNO+DQsL<rTs?ZTZ9oc~s_Ct95BITz3qRk8p?S;wOsn1yL2$GXH(
zoO)~bc~WAJJ${NvE0IRgjA<NShIja7p{)jL5uom|@zj@yZ^q&uhx+NEn%M9abarND
zjV|sHJN#@pq=6FVpjGmXei2dft_$R_*}N{lWee*#SFe7<yE?N*F|`@UMTd4>S(cD?
z0C0?krdZG)T{k2pzZ`x&7~cim?H>C>0JE>kZtm`}$;rb_fADOGM#KewOQBrQ%$2Wj
z7M6HR!Sz<#X?FLyWHncFf#c$uuxFG<XNv17>->&MgXk1Mn_;fp0~HR8*MM3&_j8p$
zK{E)u!t1v1W7)DrN0*W4%TrE7Ml1Zfz=qlDTW~G=zUtbi!h1W+<2LnFWdAlFmL^@`
z?DBJ}VOhfP`4LL%?)Vm>RU6&fwTZ%((Kjzb@jJenDD{aBOj*Y$)0b4UT-bsv-@p0a
z_~qVmJ5Ir+;QMM41Ac9AiB5g3#oQD6C!J$#KF2>T0>z>Csvm=Qo*!`dA0qGG4vEu!
zP*y=}-YtdnSQc8825R^@jU_3Cg*c5SQ2K^PJuO9q)8Q_^u*@UmM=1!ptP2ZHs4Zp<
zsxvIajduipC=QqP+C&0rAJemI3J@;(#Z@U^a;^~%`YTN8JIxMWChT|rH1=D!^tQF)
zHm^;Jwp_w6;^Gu=7<JY9V6&vamqoR|5hT4z5Kr71-|Fk@&sxWxEmpje2C?TurlnRn
z>&J91o-(DxU?I4lu#eUAG-&$un5K5>fV>yq*|^8+#JqphMODn?a$uzx*WzihDhW7v
z){O)|jy;`b37jENbo;B82^Mj9w^Ut@xuwonG}JlA%$(lKuwoZ{Ihjqoog=&(*7T<<
zM-&waa~AW*o!sK%V)d&hd*%f`lo?-0<c2^-pU<eh>1C<`#vDwVeO^tBo5RJ$_rVf|
zNkUz}u3p4|G#&;Pac#c7Wv_Rjk~`@JeF9m~tAUM4RPO>LB{UDOP+W`pgDOaVZ3`5=
zJ5GgXd2V}S+jDs|wIlhW+ztwdO+KwMba3W$eq>qKMr&?^jEzT)IG_5b?1iVlJLiDW
z_RgVY4ea?ritofBsk<HJS3!>$iMYH*BSEt~QdTM1ecQZHE)~%~vk2~jgmi9sKsTx`
zDmz3)F~PKih`E~+y+@U_S8m(eqaf$mL(GpTL;N57wreMH>Z`Yr2>JIv-d{bXZ5S&=
z4~u^v#L$et#fB_#L=iQCSk0ibm=<3Wtu$ta@h|Lb9pjyw?zP(E(|}h@5P<iqWtI5A
zusnoE#6)+kZ+WaO&)EodXvhNg_G(|^63(2Q9^0liL1Ai4ZE^yF1*{NInR;9z+2bfJ
zb*!OT(x#TEVGsxYRh@q~nFbDoN1BZZ(tr!sGdZsNC>m@?so)4vQ#L>KEg~8$kY6vI
z?;4)eIEY*v4PJ8ElAp;*8xq77)Zat)-+{-0ni?n<6YB!+A=URntq9Xkpdb2|_T^Ui
z!#ppsg`+ImpKD2!I(ss>Z^{8zKHRqFa-_+F)LJ`H8S-Q|GvHL|I{Ezm<0C;%Mgq+F
z%>Oj{>S)tas%*Oz4(Y6Xo2aP4385je0}8OfFI=J1;&a9uQiFWd*)u3uGa6i|r4aiT
zbpzXia35JHg#hqoZ@m739D)NmDy}V@yW2z^vf$3naI;HzhZlc8JT{61ahTt_&Nm>H
z@m4mUUM-|6JC`;#uJ+tLH@Qen$TELUBd=HdgFzLN`1?H=1ye}qFEXZ(FT0$}9NXoF
z`rd}A#ljOy0|oeGirZ3+OJ+*lY29L^@&#yVb3rA?r^NjD;-a9vJ^dm5UKq(r)Yh4_
zexwuE-W0$*@grw8qS_p=EcM&q516bL&z><4(Qb9>@mxu9MM-XLBe>2J6GjjiQGnx~
zEn@`&!u;aG%yN0Ihp9H)HEK_Y+vrbe2T~Ok6*e|@W;SNZjhpvYF!(s(;?uL@(#kxQ
zrLlhhe~3;<6lDNQ+8>T)SbFM4tO~XguU3}DdAY5rg@^1EhiWJyn^#M0Kp_j^yn8O+
zKoEvl5eA3vXKKi0r8CYcPO;izp4l7=S63hvN!-XEmX)q^j{2)Eh<n1h-F`5ui;VC|
ztrv>M0k_r$^VYy4K{Sm_{Je^Wf2pZbr)OFxxM>3?XwgIlK>3-?bqOmYAn*a<{<O%J
zbKvRhq72@#sidT;QcPp%Z>5Lr7*c}sYSQtNnL=e%RhiA7Zl=lOpOk!i4#6<v*sn7P
zvUi>NXc*8Z$N0t*|N2|m#G4usWIZtBDApEV<Pc{UH+zoPo5o$t?mRPO5T9lW6=(RE
zd}Y7S)QtXWl5_t8HQT}m*rbyRgGAf9c@WF6Pl7BM%fEe_16i+nJcJ`WO_wSwYUu<u
z=Bc@(S{bH^y02*#SCr-!3I=$4rt9iZ`hhf}gU4kNa}+F&&k1^Ie5p7!lJN=~8YJDj
z^0l|DUG2dI(ZFq&F-}gD=ccps3oF4JTK!5O;d_zxwK2c%KohJ|(C&b`Ae%mgJ9${R
z>cMk^iGsJ<r8FstY6ZVk^<cg$ycK?2F-V<UX<3!KNS$@*(_NXv@3y&XJ<@xhac1DY
z9^jsK5<V?HXdTtpbjVPAjfj9cu3lGHM7{Uk*>jaw2HMK$+R~@$6;flR&(rg6A$M-G
zQ5yYNW2A=pE+M;~*{9YK(r(-8?x1Iv86vK5Vx#!_?dCyK^3&jJ9=+jKZN+oNRT8^7
z-0f?kPwMnx{oftxdz~X5@;KqN|6YzIMTR1%aVz#1tY^|ilp=`z>-<0SB1Hz#iX{ba
z^*^8f`vq6MSJd$S^#A$s>yRV+_3sYdso`N59~i%$?(S|dKR>^%JPMAM5m{^dxU}^z
z<T$@-uB&QiXNRz#_kg15<HI{#Y%fdK^sBU$r)PS5J1+<X`q=hbxp=(N|0=QnzYEJ1
zDShBDa=d6K38$S0VXb~u)NHp0WipkS@L?kKKeymzBb=7-af!IPwmNOfrf6ZN!rJ-!
zFsettX4m$MS2&y_iza%)9CEf)CGD~@nZfha@t-#RpZ4Lc;z1d_A#Pt1j_mZo_74r9
zpkqs>w8jYp4slVs<>TzV3L;vmmL-Ts5!ijaxiRQ<(*3{AIrku3{m!Sa%m1fi_Dk0@
z|BG-DXlNFXiKNR^L-Vbgo1?!>{D3Z$Nnp8m!eJ%7LqQ^G297SzQzc9_kL1%5(S&is
z#MU~c<U{P+y31~yXClo4+3qS?l~iSPM#fmj(L_0?NT<i`UQAe6*cT7MVW$_8tNy>E
z^40jx&;4n3q2?q^>ZjD?bSzN;mfmV_--H)A-ww|fWj^qqPjyQEG?PrsisGKlpP($I
zV1!3XG7u*yz%FtK?@v@3q4*pN%<ZPUvLbQos>k`uJt@C)SoXar?TcDu&62#}V~U|`
zTWj<~Dej8EgvqK51>oswi;|L3{C~Qy_6o>VA41yidTx}YhHPgCmz&oMizp|W$9hZB
zmsK23^8Gu*z_Wd+$Uqot(9&z+OzBLnnOkp<&g%$6`L;+qZ4Ty`MuR#tyKe6kWgzt{
z9GAEd*Lyoen$^E~DtXV?%Dh>}Y)|cR+Jt{s>3FM+>vnBkuk2s=`SAapk6VUcy@R3)
z&8e|EF}q6we|MKG6UGS{BdNozD=2<~V?{y3376rPQZ};VS+fz)-0X^GNBmu!%=Yfm
zFmj;Ht}vGnY{-?XM-T<8CN>UFOiqIl41yk*E-esVR7U%cS-e?i<0}@xRd2O!mzI_$
z{C_9iD}Nke)IGn%W0?Xw0Q@L7v)q<(H}4IGQ`H|3vo^AGuCV@lnQ8L*7$(X__ozZs
z*1R0PXzUfdS~ebV?_@eA2S?oI3C47@djnX762~Gq&bjtyWZ1;4zLl3iv_e%ti}{~n
zuG*hIoCY*rNI$yvJDiM?GiY<lKc3vpJK=(X8`*LDd~Nx6#5S0~_8tPBJ<drV3}DIC
z<hQZWgpF(n#f2N=9!sIY)|RE)JA{*wFV<y{j_x3WiWS)H=t+IOh=*K3x6~ot1m6R;
zdInv7B3cQk|9_8$dfv_ftCSSMFHOx+KWHSXRz0DmVKT6=LGMiT4rAjL#J|V&ti>g|
zS4uwx^--iM2!ej+)I0)d-oJtMhGvF_awq-^$YCeINK)Kl89cp5o+9MS-qr;djT*&D
z)z}G=N3<$Dp+3YIx7^V-TI3unjUbF4fCP-O{}V_A)`hGL0KEke3lW6F!zXt4(^6z9
z63d;-6VWjeRZ*V#xYSb8^m?gp#ffUoQw{W2e21SRx<`B2;s(tM3ky4~0WxW7C|eKJ
z<8uYp*^QOxes(bx=gAY&oX-GqIJ&eWjRv^4%5rJ=@if(!jS#x=sagZfmF+((?cKEt
zks|em$7k7cD-uh=F?uF-49xoJLznBW8HYth8jUvRh68LvyP**Ri7zPlUV9GZbmRJs
zoQ=FKzcbT}UYa-qjSU5yMsZTtKpKs2VXtcyW#ja8yJ-01Q}o-eYKEgfKd(92p}RO{
z8ryX}9@3uL*rb~(b+{9KWEvM#WTY*EhrKy1#}VaoEtr_5fqvac{>S|W?1ownwJ8n*
z<Lk#i9QNwQBj|sp>V8N0*=@j5*Lb?!bWl&ny2|y>Z6M^!WPd7h;UnT9@;JYW0Yp$j
zsLHDxNNNSq(yv~*AW^`I=0fhpL#W=p3_YObieQ3qUp4e7Zi~J~Uq@aJfE*WYJ=@De
z?=pn~z!>U|9YzZ3-W$ie-Hf~mQeU8Lv2TJx`Gu)X!cRkp+tv0_yCy<#z1!ciR(>ms
zho(Kb8(5nZxp;)vr4^~M|5P_E;;c#|JSO+?YjQ!-{+$=L?b`nY*r}Ipp{yI(%Shz^
z#jztHAqj^0%F*qDMPX{>qtrkN-s*vHCAc2oAPQffRZZ{i{fU3Wtk5qqgp7_mRn{o^
zu@7URtj#IocEQvYA$cKf%{v3mbWIX5e;=m)tV16Y;~hS(=GRU+c}F6UqP8mNFG?!9
z0*iP5&^NS}<_GOHLQ^t8ah+)<B3;_%``7~srW$z4g?B3Kyut+LYn6EiezQ(@x!+`x
zbK^$slp*Hbw~AF1Yv{IFn!`31)g2e5;Y5T|VazaC5WB@a)r3l?yeUaZ^fMIz-R=b=
zH7vr@*x!Ubn-FIUq5vE+M`rMcxuYbjqT=p``P>>o9YK2Qjgc~rjPs3^Kg<5J4vh^H
zcb(_#CXCb75ZrCCPsAJchVeHFy)u7((I@x8EZQgBO*n5~AF7w#Z)@b`>xs)HR(-b8
zaJy~}(ZT_wArw2kZNzZ%OIYmp0c78H)d8Jquj(4Q8dqDx2oK-3jLRLOrKbj?)hp08
z%@2pfaa|W{!oTLome!ZAqH!q3d3lGea71Vb=waEA`+FuQ$7ebS3u7UD?_xSrf0E3y
z23Acs`5P;vmw|{`KAgowcV{Uj+?~xF-Rfc^dFh-8j&2-FLzA6#dTAmZU1SWEueI@k
zUnjZZTUv;3grr~QixDoE+!#rmQr)s>HKTmaT<P?&d$LwN#I%x@V3~JHLyIKE(YQ?1
z<8-OHu#NU^M#2m1s&d7BgbWiOaPmGk!A0a1rxkkW+MY`)%KJ;f5slXczsRPUaAA=f
z#)86qZK2-j(Xg?0Ak{2TJ3s(BmSJX-<L1L>zQG(lql2_O1Pqa(Ks5G2#;@@a1I6Uh
z@Y{&G52krTYEF$tzPm9gX&(Gl)IV=mw3A;Uh=oJ<UjZ4Vmqw_%xxx8kG>W(o-HJf=
z4K+gt-~P#cTg-}5=fT24Y}~Y7lHj-2lErV%-nU#?)<~i&JP>~koxuC{c^z1x=JoJ{
zMnvfjH5_Ts@jKkhucAi2@!?w)vss19q=Ltk)S$F-^PF5<n3z^)%}@it76&w1>-9P=
zGm`1#zG!SFDQT=<21uyD++?)<@hl`Zw!b4^+b!JA7%^{#s$s<lx3NVx5_CaHQun>@
zo)`Ykfvu~(JBh)2{_!Ceup|6?l<&u$duW}|bqHtROb^sd@BTBL1ugu&BSN(<YMEQC
za|4`C7kC&9>JW=CpWcK*koQ~$Z<$-9Tt({RB)^P>giIXNU<7<H7-tGDu=-C8i$%J=
znH#LI4+pC;wED#T$$arzTQb{P<NUnYyyJa4k4blpd2A(SLScqkT>!lZbVq5^eK?(g
zPO6c?YX7nXV+9R@p%`o0%HmQNA7NnCC)bZT_~Xz>dnR>3H6KPC72Lcukd|zmqp9*S
z=)N4bIw2+h7a`(7Q=NVy57!Rb(#f&1?jih@dc7e$U8=0(;{IOaTEyc@L=AkQzP+%E
zLs=m%n9hoo_d{IQ5XT9>TsQZeZ&@3os3rhR%uB#LA$8{=)w0#FK%r#X3E?;TZ?~K@
z2TAY!cwQ5G{Ro6_d^R?F9?v-NgZd2OK7)F1$E4QEh+ssT#*#eSV=Jd-ohcGWb#>=<
zu=&?kl<@HI<8qEMNuJT~lv3&tw&l#rC87(ZIa^GAF!yDl*I`nIo=yR&O;TcqM+%#f
zeG{bV+&TizC|_v!j9F)Eq1a~7@XLr~qFNF*?y-@*d1y!tmkcYwR8#pr0?Q68@<nj7
z-Rcj*Pi@2eDnNpi?A0`<oJe3992b^P2v=D*6!_g6UYN9WIO5~)WKHlR76@*H(?_{O
zRnbjm`KVk4vtz9)4j?<lMhe^6Yq9BhA2<;w*5zW(qUq9EGI(`WatcnCfwd=cgp_QS
zJ`_0e1+C0+S1V%ra3{}UB=g5iQ>fa8^msWp_A%BWBdPgtWrn_!K4ga-IvI)a9%`Y{
z5a`xuaA^D<DaCce!nns0;%BvHGSgSBK&1_%To=y(1om)JW13c3tZ-ThJPhOTF_<vg
zdc<UEHRozR1=;s*7CEq2oQe(#8qheMO)GgjuUVmehxgMmFQ)ZEv@Xw>G5rF~N7Mti
z&K|8yYSM|q!(G#i3a`SHJ#$wg09XeGb4Y&LD%*a+%-r@nL1?uvDB_JQFC!)dox)M9
zF+dsc=@_mN2Ga<1f0a@0Jo|jeIA}>hS1rOc!`J;|Yz|vzhV9f9GMGc&zW@{q%(r6d
zO7okO`UHVEbST7%mZJZ=qiGcQ7Bf<*)_m?r{3%N+dgA>|dC1zf+t1H28nI9G=>Cj?
zVvD@h&ACb;bH9kbUD4d%&+<3!Ee=+jZmwp<H7XXY3PNO%=F7bnpC3>gAD^=4x+L0(
z$vL-&&uw@3>w8c1_zH!*y(jwX&1p~;W7Cc<!eM<aN!%$9Y}}$OSgKX*NrG_*l>{a<
zlH9eU(PxzWUfMY`Q)=6D1FiM7=tipw8-OGCry5#UU;J3zmrDnGNa%476Gix^DV8p@
zC+DZ;6i-=P2OifoxxnWNbbnUoNL@SIqxUt+$3JEfFCB3cjGp<4fqSa;_HSI<mx40(
zhyV-RA&2Tm0v?|i@T?ZXZS#`QkJTd)kMjWzG8hgHj>tdpzk5ak05N~~ma<h30Wmt^
zBgC_=lo9Wh{Qd!uH9k?8QE9JO=FI^<+EDN$G8}q_Lmx~y2o}}r@<RE(r;99+gtCSP
zBf~B6oZr3)!9*!;pPY)Vmtg))2o+DV+d7eSlwl+8*>uI{mHDiVt4M6NpU=v-NYIvq
zr+hxA1v^}Lg1LVpl|m7!?t;#Q?&FF_mbR2(;#nL@R$B!x^V`n|9ps_H5e=ry{AYI@
ze#bk`BdRX(T|r^y{Nvnk7tWkn{)auwG{8kq;2YBA7j+Y}FC6<}4E~wm2N4}j=Jmsa
zu6`2JxCZ-{S)7p8VaAgBxg4E^MR`RfNhk^5L%{j<M6S(ZAPj0xr;wo$q_8l}<$7zN
z@hZs!aPg>SO2Gf03VSjeUSv2K`z}#iN35wC9VIh6OjkDY<CO#H9f-6Xk=5l+Zu^8#
z$}yPZ_1(Y~Snu0Xl&BN~y?g}-&uW9-fh}SxUv*8!m7gA=To(DuRg0QSeTKI?T0-g{
z7*Oj{1T8<N>p;sB=%srGgy?_?<_mRS9ohX!uW<u?{o_Y(-$Ytp$`n%?<*@wI5ao8+
z-756eUp8(E%*J&y4`+sdK|laj>6F9vPq3Mrn*Q%@JE)0rL*W@N_fAnT>kq_)Z@Y%}
zgurZX+fb`4F9``{x|^O&#m`ADlr<4j@w{(0w+KB}S-3@&Xmv!@Au0PzdInd=%S_UO
za^D9Y@Euk3_U;&UTHf13Z`@dY9nhT&X_aW@*wtOVNdvMS4z}5p9En2=DWi7o7M$9k
z_7XJken|c41y9XA``*@uf`{|>tj9LALCl!vEadK*SP><xDv35|G9kw^dZ1CB|94s$
z2P6<`vraZHi(t5b<DxqM$e>@h*U)hJ0%dBgha4G0;_2Z?Xo79aGG-6ugG}3|=MpVC
z_}iUfNBoj`P38FQsXZR_Tc1QQ;(*hXpr%;ii4E-l<sn(#Axb1ZpP-u(X=fY%A*R5Z
zAgDmxk%ka(bQI$9lZyZKG0y#iq0X6SDRwtF6t2&!jW(b_4Tcj-MA;IrW~S$S8Gn%U
z04uR3i7N82HaNqCLw@fNyE{gBrn&jmzD^%?hDFNL6wF8%zMYcc_V$rls8`5tr6H@`
z!=~Bigo=US<2&dDIak7De)o57QKWiQ$9ItdRCJv1q%>%GXiRLi#N1&w->-ei82ruo
zicfU#?=SW-MDb<X@Aj(DUurIIeYw9xpm$rRvMBm~4DOgad+iEmSYxbwX*3$f3-G85
z{<=ZV6NV4={j19%`neA`(X{r=l6Us5v)@LU+A_@|ZxWN(1zWZo*C+KzTl#V?f@|&v
zsc#vaHK1HaFDNNtPA?ErPTFJ)RejB(H&K;adLvPO@EKaUXYh_EbN2F99J?`;@WxpR
z^?7XmG31x<J!86-iDxK*HNrFf*H}_04gc85@9{rF)7-<Dp_<yWXD|YqV_D*=c9mwC
z6RBldFJ*w%Cl`-_1~-1$%6;bzG&e{omeWJ^j5HE5l@Sw3r*o;|-K?xjk)rbf*4Eh1
z@g`qZjx{cq+(aKkFWxThS$}VXQ0cQhjjg8n&ntkYf^2!N&DnNQ(CG_jB~;X&`R(Mw
z&7BB&&QO9UUcnzdV}KyF(|Kgs?%dqQIAi&3es#bGY{N6z;%(S41q}l2f1_K%YlJdr
zi>~h6ffst#eFN`APJYHeMV=nvvfOEl=W&=KAL0luC4ZhmumPK%*{*p(qF_8NLnNFJ
z`4I@t@lo~?yjtP<mf?Z9(&w;T@}J9`Cv6}9vh(rSHu~5)Ck@pkNYGbxL9OPn_l`T~
zX9Sye3=y&QR+!}I?qG$fW7m<K;)Z(w{*|49yF~p!p48!q;X;R=K^;+;62^!6qoUfg
zJid4{vE<Zw)Puc&gh1j;WB(cfVx$hc)Q`c}^VJr=dvOTd*Sd;akMzK%GkqvZ6Vvw0
z(6J(hc2y*4r(7@ImTB&Pr;n1(t&}sfTtAx{)2F>WMyPSYLxxv((XfMjx!lhXSO*1b
zNgk2iKm?!=Sa)2wm98Z}$_ztoF7$W)`T!Gw-}BkMMjeX}wd~<>fc925U;It%`i72y
zHP+xn$$yE`f^YBgO-jmq;U!(ke#9Z+vTVpGsN>VUSd;+m73{d7>3z11s;TV*l(B3<
z@$fU}N%SRFKA@naD%qOAL$=4vh;d>Ji%>gXNoFn6+btadLCg;={hSXBT^{~@&6dQG
z5Y=AZN89UrC5l1{w`6RQKSJ1J9Z?}aWD6UXx+QE71o^Ge&JI)3Qhz%-#y63-cwUQQ
zq3guWqxbLOd&Ms1C=3Q_1>f2cw`8Zb4pDm^yZNVH!iM_+zqh$wmwJUirDG5jwbU7Y
zg69)zq2fwA{`tz}ftXJq=wmEOhHOMlm;2r`a$1T2u0GF!O1LX1p$Ur-gHR{sx!%=J
ze#(;J1+h;E*GGCt!w2D4Omnr{$n!T45xC?1Dlw{-OL)4onc_%b_5;mWyq2ELuW|?W
zhZll~Yjd=BQ>F)(-8rvjsLFRHdn%UTpjCc*)Qy*!Nz(a-C&k31!ApDvwg))_JgXz+
zXu_mTXC+4lxFmnPdM^l5i>ogUuD%S+gJ;ic(n$do7M5~y+LIr^v$YP&@?WvLqCI;k
z_ftwMjV=N<+z&EQ54Q7t5xuL-n;O6gMK|Er+YRnyCK=~c?8EUH2-<b71V|rTit_EE
zk5b^)Nf~E0S%V7?`K{X!e-&q%_@%_#z*)7#pe;J-*U|k-b%06g@PLIwAZG(nMOk>*
z)v9czX*IuQ4gHypK}Qv_vOo&i>{&Mj-chi|Rs(EMCiwc@toC|I$^HD^dB;O2t|g$5
zuJpErlltnTj!#Od$;n@d@AmNb3qTH!`q-?-xK}A{Bd|~VR%>+S$6T1TY0wY!>rw)L
zZAKBs6OCBjyZGvBxPQ84({ijGE(@XAaziePtw}_|9lDLd<n__i=B~HsEeYzqk|GYK
z_y0ca6QJ@fy+OyZp}xNB7=ONJDq+@rF2rPEGtRF%z-CxmZ+<V#NMH7|T*H?&(&8{|
z^>{Ns(ya|mW0I4%Wu1xh52s8X%0$Jo^Vb;rPR*=<M%$K*g}*Pe4W4Ul{tqZ80%g0a
z!GSx@+m1H4<%2Dr&=^!W#IbTw`(dI&_`WgG@78L2+Zj7_Bm~3bCf&-jrKIG4)~KgA
z-QoW+!RHydpJ(CP-N>iQYku6vnRB$6!l_MKIg{hnTO_bGHeruHr$nkPi$HXz&nG?R
zpxkNoXVX&j5x;iT74)-DFG%$+uiyQ{&7Ibb@kcqgXendqb6GwjSuai!641U>AMrsJ
z_-P>nj{qV+yl3?nQ`yro?Plic|HRViYYC;6QIbYOW54ksT$tTh?_<ohXi)@Coad*s
z`x<{-iO{=SA${sgkPEa-iw{MI90tmHMw(AY(9J1sjz*y>vpr7CRpFaN<%YH!^O=cT
zytr8-DX~i5HzD3BMcLb@9j%mC$W3%%Y7gC5T&%a`k@A<te6q+$junT5K}yx08lTKL
z-YTf_KtKU>B7`lYOmhpDL|*EQy&YR4Mo!4Z*!G&m7w)pHG8?7PeE@SZR#71#HyR|9
z^V{BDFisJHJ{xVR{<n5N`tI-q9uub+5SX~k4kgWKKRy1?PLN8=)c?3K$%$}$lm*yc
z19RjN!lTCRFEm-B)+UBOzW)agf%)d(;4pgx-9?M&zyq!Qi0V*@Qv~ySZ-O3jq$z6;
zSwuwP&-nzbkQYmFRr4gKASRa1cUyaAU~G7iCVN`edEWgbkVT#Xu-}+w6{CiYjeC$h
z#vf`ShVngTHJ8l0b|OOJ>xF5>w(Z(YInAm;U%PO%9IGP&DH<`bWGiY?qBlI9K;p^4
zpuH2jzrRFLpT<&?_3D(eVTe1%f0}$S^J>pA!;=KdT@D7uYAOn=`qHYIyQ6^5n2`Xx
zv-W5C+0)9Vh=*Bm%V18=s9l>aD*-~QV~Cd~gEu!pYYP2?IlrE3rUnx7>k=$&ZHeh)
zm8M#M*FXfAFsbO&%`&59lxf2tka%@WK8z<n<<PS<#aAxAK8sK#+rcR61=Yj^dlA>y
zBg9}{^yQ5@Gf;@;O7O{8&(NCNQ07X|3TvAak#K&et{-TLy_JZd@@3KzRaVCW0*#v6
z2n*&+Aw)3Nu27D5q?1;9pkkWTBJXCRJ~Ef*9Tj~aZ+4)&_6;WRr0F@XogQ)>B!8k6
zNx<Fh8IQ4%kX*Rrg@k$pIxI+dxly}m6a|MN?%rLjxlMP#<PHn@AoS=pE8RC@7X2>R
z?-#60G)ECZQ9z>-@IuR)H=qfPLbg5Rho606p9sMsl)`!aa)@bVH-~c4JzL#hk5A9D
zJMxkO5`dbSnZ0`=#C2MQ`@gFj{>_AtcT2vewJ9FMNwtRPk4$1XIDLP;C~EEtCz^~#
z-R^13xTM<M{nhV!J1_~RyKv^}4TKl4vGMfFZE?NgdXIyW8)%DpI^6I~FSZVhvwdcO
zGyyC>@z+m8qoMcqHS)_5-jEeELlzO)A1Tx6uQ1vMlLUWTYyetDV%J8x-h^%N&wdyR
zd97S^X01a%tWQM@jm;r!*+OziZ?Uvgw*u?QJsh4+V1%b4cQ8}^CAnSb(Fh;*Ci4i`
z&ln_$NKU~?rgh?jZA^DxKgdJ=q48B7I+hczIX9zF;zKibuDeBlsSa<!SiuHtSSIgn
zwwPWnoT{@-8K$S2OmYfp8FFFD;p;zTdaV}|8rA`Y5s3M7cs(>^ERPk$lB{^8kanI^
z#M32Ub`{_85_hCLoxOrBOvBkS!H_uK3{c$^w8m<#Aza;Db0tO(t@?=M>@s`nV%958
ze*W>>C_c!~q6O-NRkMt@MB}3Y5m*FfMV{F?E;|-%8R(wZgws^yMXI4OPm7kvSp@#I
z>QeIQu4&w*-?g;haiNV?>UmA(CH|AmsmSWiwlzQe`FT#Y6N7|;Pbvb{`iuWhY^8@n
z^)JVHzi<b}VaXrlIY0fBkk#>AyZN`kN+aZciaZ=+F`F%=0Ncr^-jJ1i5p<*>n{MqT
zB*P7#j`Zv$;O4$183=`RmKghm<iZo<O;#nCFY$3ti3@y&A1`z6q7l2gHdlOd1=a0X
z^IFc6e)DxmKW0L@<rxoer;g7YE_RLX{P2J(lT*NXRlEZDJ`v_BX!Ig3sdE=X{>;Da
z!A7-FG57?r-jQtKrvw|hq0glUxZR=ZtfExv&R!q&0H2c(=WOdDy4)~V`&BCO%*oEm
zrk!Pluj%>ZP>@B<v)FHU3UpP)f}Uq?FbWIMs|}LBbTCKX-&DQb%OlW>U`Xg9A^}({
zLT*+=?o^i9*7K1>y~DNw&{0h_zx{5t9^Q(27N{bD(b0-S;yo(){EMh~TOuK&KmIm1
z3Te7SraW|EuYSZKlLtAha=JA}>>bs&n{n)*S*1@^9mLy58qJXe*t9m==D>cEHoWQW
zOgPFdPcN3d919`k!aSC6#Tww4VKv<xI`d^6A#9`NbFmhm_mLO)9aU*PkL_KIYl`**
z;i*S#B&)KL8mr2zh3(9+(qOQ{-*`&}Tm3XNb9V?)&F#3fhf-d>elRXazlQ{}r&u~U
zp?~GkY&gAI%OLNa39rWKlP#A}Nf41eF_)2`$_nB@d)k{;wogP>kI9sS?|!31Bgp5w
zTE1P$qg+uCAv0E5%Po94;aewRn6Y7s-UsxTbpn58w{pgKiBILt*XJmjQFYp7n8^C!
z8YK=%Iy>zsEO3H#G@QL6bpD*026K9-xUc89sek4ctbBD_w9MvY_9U&pnEEXVW*b`t
zLwYAjpAxho>9ri#KP!GOC?A>hSho_+5=2yGneK_ds=ai^*;NU^6&fsKkYYhQhvAbh
z)AZBKJ6yT2;I*Ew>zRD1mzd3RCQ5Bna6Qkhx7ytxkbr$4e>Yl6oW_XJlCsf)^?=C3
z))lMeR1RA@iZK<JDb_teIX?4Kn>K6Jq~*lB46AD65#0!@{w2NKHjQy5HEKu?wrh!i
zvZFswv$fkm|M$?YgemYA-u3En)xJnpeKrp7SV(BlNQxl-HoHFlyifN#!K7h6b5{2|
z^f60VH<{fIIGR&3*fd5za?*3^$1QDh+rag8O6<QLif_W6u55pX%uNqOw&m<YOFO;O
zEhA=?F>5br?Y?d2?}vYT+AEOAp)bOUgJF_Q?M;du+@wEJxk164<S$JS>LP-fy#m`?
zJvx8u)dFev^Y}^zttDCWTC-%+jQ6dP$0tqTmup-ETar&w!y?^^b6kNLOCa$6{B;Pi
zI&ZE#A-mq@o%Yxxm>NHEkK}X%I#81HZ?mK7h@O+&%#W|XoxH1uF^H3<=J&vQil^iR
z8$W#jWyYJoj_~dey|)s8-Le|o$j}J>6uR>Z;;k?}kg4VPSb0(~n=b~^uXngdgf22@
zDpxo<HQj+;yuKkd$36&!RUgQ${d>xp5ZK2u2D3|mJ{!B@JvXeI%;n6@CG<sGjoihI
ztu6T!49%Q(5JM5^9x+&DGgqdcK+|m#G<u@LP2@s37M@=zl|736SGUtfrFi<K{S}yp
zNw6ytf9bwjKK94|1to545@XUVGQh2RY#^c!I{@Zq(k(jyPgC6*dHN-JHG&$-Hi#S&
zC|j&TqiL=i?bG(%st7To5y{FBSim8-cZfO|Z06frr+~)cRFlG4wkPwKvVohmJX|8@
zBD0oIgtE1E?ELBacUK$I(plk)F?;3E%eKQa&S6ApJum;1NhX)0h3?+ff#7By4L4|B
zTM{liza@%)V{uxQ2OdNj6cS7Ysh=F&{l2a+MWP>)?x*`lo1T)DIvlq`2`u?ldie-f
zq5<V+{>uog!EB{u4m~GL%8VU8N+vX?%N6nJCjTvoPze1onB~40WX!K@qrPteM<gvO
z#PoR|J6!w%uCXADh<mr@+FnlrUfMmyeMD>3r*A})E~tkc89X{yLTgr~gjv1h+!=1T
zu_K2;uIF-vH97uP3^k@j-@$YRhADQ8$q_p}SfDivA~Q}lk|B{HQQ9WHqMw@lEi(};
zT@hUZiy{5SWJHCLVF(WOo4@W3TEI8moZ2#@Zb2IO_`5brsaP6l;K_v8gQ7E|d1(`G
z!uGUts$}qe!snsZ1-XrWSs9i+rs6ET%RyU9QNXW={=SX8>2$*vv?cfJCOZODX#Hk*
zCRvsuUfVi4lV>w*`8+X1`pHs};T8rcyC|dZ#BZciG#yi%RD4n%_>3vvF{+E<Utszd
zGr@*yWon_~>DlrH+3%O5t)32*D{mI>VVZc@ej~~*Gc(aL$DGn@xSn~jCZjFOC+j$f
zM<Ws4RBeh;|J@Cq&2bxc3{{^eeb0__e3epIt~s@-1Qg*-`H39!PW@#;Wk7mk1>`4@
zYxno}HXC0sd4Ba14`49(@s{jj2MkptFfFtCbL>Lf^*Qmdl+yqF1${)6Mhs|U`;x$j
zl%ToE+c{oD_!d0Aw9#&&l}qH!gQC%Na=BzrK9YvyJdiW*Y}-E;#X?=*BXP&t{?u%H
zW<~0iy3`N4$WzYSQXUfNG{6k1yULkki$3m%kngL?t)MmNa-o`vzxYw#(es(q=B5ek
z?hx+5^C>C1&}8v&Dd<A7;vjvO^j?%7SlDZBe!0o73~5^tf8LLq;(YlNJy95Ma<kf*
zb(E^RxlgfId)EIt?QGF88B;`hJjN&;Rkq<ZCnvwhYS8OTZJK7{m$4qtL`}4-ejp`<
z%%FRtTn0RQl{G#>WYjF2(B>qVEGeQ<1~$R)DfRD{XZm;O**?GNXwJ)~hpYz4+w;#k
z$GmK6u6u(_Eakl;t2ujP{JQojvj&-IjKa;oy??_>$31eLCqN}E21i~>f_{ab<zxRT
z=8wxCR5e{(P6YhJnC0XBH<O(53QIF=rBUgh^K9VW*%h+IsrN7@gCK8nifnWmW`;2e
z^*Z#6ZB^fozmLvjHR8InsaYeH@(?9wmq!QgpNs<U;pegD)&;M(VS3GXxs@rPRZY!R
z=wC@X+5%9}&7V?|3t?@|-i>}|=oj<r0>1Lb#CIg!Xw(XuXux~Rj=9A8G>D)&*N4K?
z&?XxypNClYjbjiEX;CiU${zMe9mpBV5tu&&+C%kB*7pmPXu9yv-x4dZE^I8sNT@`@
zy^;jy7+wl`)S%tYK0MWb1QF({^7x+~(0?<CoY~y!kC70NTX!EAwxukBSpS9RHoT@q
zxl*^5v3shziFUZ#VCcm^0btvZF*&N_#Bs#eo|4<{ixSvT5EnRsBfMO62A_U;`|;|0
zz6+8@utJA?zStaDD3mO%%IfaxOHxa<*3{LB<!8Lt)DTZE<8hNu`0><$dQca)FJ7S~
zwDv9{e@lqOde4>u0WNtZtga9X-9+G6r=eztS6R8k7CD|rFQa{x)m-qILCIIYDQ{F|
z!#jlwnvOpJAUg#wk+QSH%<Dz%jp^uWx2uKpOb@)LQ+YRRL@n+>a+fjGUDR2ncYMZI
z{`(?7=nOeLIWy3TuSjjXjS7B%iu7XNEs??IY-wW%-?<3=59-MNnx^cl2UE^aFP&hY
z=Mg<1Q<u0DdwSv8OrdFV2hFs12EGztx)%*mb72ZChm75a)8Awoh0{v%^P1xQJ3z62
z>&nh<#01l~3Y`=5cwR$#va9p{R}eWwR%nu&W&&?0jndY+EGBfQ!VMKz?B)zHrK4y6
zr~waQHTAshAfL(ZsPIHVxO71nqp2<&)cU<Dc<&e!bp3#k>kcI*1%QF;gjR2k!y5Pg
zRM!QXxuv`K^Syp^Tj3b3Q5Udg!v$w@NvfV3ODdHFiy0g$5y{uqSN+8M4E_TJI)z<-
zp>DERommthF+CD@CG-eZQQuLIXLK87W*=9I224(HSb@n{j9oiFZI8~W26CTrq7n>G
z6oS)S7S*lMXEr%Gt@C9Kixa-b_HG&l>S1nsQR$uH*1oHykNZej2y;<;uZ6U#i$#G@
z)|^GNS>eFi=|{JZFQf{G>ha(O#MXjCu0m!0RE~A)eOKA_YJqo3iYXk`{h-N3UGgBs
zqTzn7JLW!R%R}2T-R<I0pNI(LQsw}@9sL7pS29g&EDe2PYDOHzN&1fve}qlbtTR4L
zukekA)SL4UpBji&naDc=3C_mWRQg2lD|YkJb;J4I-!^I}jPWGIf}ozsWF&L!!-*3j
z39CL|%qOTeP6gl4fV}6)2b%+8A6tF&Y^Q^6y7PlR4WGakSqIBS^@ZNgjM>5VfC>@#
zmZnlJ4c5N2vxqk*d)f>?0NRG-fe-JmiH%87Zk+iyflznzwIg-htR34w5I{qA3ZB-N
zpllpD0m8z9#-NNCbUZIEQLlthy?y5nB&!hdQAwpqaFPRbbHuGhAN*B{7fBKP)lD<S
z+%icoHh=HmzQQL7&zMm=Xff|4U)067;{3Ujw~Dj@gC0}1+cvFz)j{gZg@~KT<7x%1
z_%IS0-{WChmZ}7nx<irrDLc|5&Yc+M{7i`hiCq)|3$bO(`~&PD(%fHoQWW&8LHoie
z>!p^5rz5QO;hLS5HU)*(bfL#oW`riz0)G}ss#k3198h~ngLzUV%ugldbbWf_-9nO@
z>b_*<gmZq`zG*Yxu|pqV%ExVS_PIXD&PHw-semE7Hgvw}j-iDqk;ZF}kP#FAQ^K6u
zZrF;rPtqEqPlo2qLK7by@HE$5Cnl}<n^1KYU$NBErYr7PuAt+YnT!P)x_ta#m!xkG
zWBC;wc4mNF=m0C1dx}o7_fKBNA`y-v@+uTZb4$z`dk67Dt?Joz7W<+r{1JLh-Ct(P
z%`=pc;1^x$XCWb~l(PqtCYAyH{zgDAu}HQk`hf*gAgmNkF}GOmUM9q8Cq2GezqpC1
zRbbVl|G}3g`S?Y%GSqjod^FWv3xJiYx2cLzxDJ%%LY!e4d&m=aQ@2eyFSis^75N=`
zwt}r3Sq{eZ%RAwY1E*%<F*eTAUp>G#p4DVTMv7=pgycw`5*ZC|B&RP(A~=ei{EiwU
zEJfTcMMPW#6`Nop;Wa@${hQ8c+n@ES-wNN=w;u<z&D{sx<m>02iTt*&zXB6`A$m4;
zHO%SlOQC;<Pn8*y6p;YffCv(b&|y-O>2Ug*!YYajQ_h$gSUhgW;N@iX+Pll@QK*@9
zxyKW{z;S1=^fDzhJsEN_6v_$eE*ZZ*v!c3O|6@}~*r3HE%1kjU^<J}#osj}Vk)eKM
z0QzJ>EKRu_N}7WBVol$yn?1`bo48_R9s#TE)hzbr=?^d%XF$S}eF1;X3`#l!o#6=e
zu6Ek)4Cuqq5S?l<NzbjY-@Hk|<MZ214Rb$rt|Y%hT<6L{#a8HtF~)%`V7y*{i1n3%
z7Hk)E`)0YxhPz^ERG$!EjXcR`k>7R$UQ}med9lS3FvmXSCp{Drse+7)J2rtyL-$RK
zlm6_kD^=9gHQtd=WB_kh*9lq<<@*uKLxEaw2uxh%LUOQaCBOCW1>)N?iqorD+c&a`
zI>fIWGF~o1dFz+9wh)rK4g|cYNI{gRg@z=_vtaD9m7kk6A}3CYB185Ub^tlS-`OY3
zH8Bd><xJH*J!!o^b}N^*wX5{pxv`C=_6O6}E?IIT^A#35#w~^U#TSS2SZe}~>*rJ+
zqJ?+#`>70I;iD+dKn{uca_O{UaEt}W=zyV{dNh_=x!mCYMb$qB#`T8X;&9T&w(T^w
zZQE*tiEX!OY}>ZY#+W1%+qT`b`A>iEInR0Ce8|U{+4sKgy{~(%b*<H<q+`Hm$-ME+
z#yYvFtjU_AKl@F1wIe0`ySvAC+f%kVXXCyndbKB0+$Fm9_;Fw^Gz6nY4V6W<GzTi#
zoR)7|l;;E+h%+(8HwyX~0To1&Hl5Kv<Th<V?Mk;Vcvj0z@dss&vta;+!%>0dMx6`l
zJKc)4w};YOcDXqE;5Y+nM(Y~e6pDJhYf$hDR3nFm)ANdwb6v*xQd_Z!cZ`(NoPow<
zK{<HqP%e*p{%D|vMfAa@#Q<@1lR@OycB_0Vf!UX(RO_#3j$yppOo&jXU8@up7FwJr
z%lINZu8QvI`F)%Va+Xu+NRKPeyaK+rnwqICr}3|pzJtw6RJb&S%Yt8O2}Q3{IDS^R
z);8z^UnAyxm0Q@vq?e(L_;H54kgibY8PiL>r8f@8<M8Z+UB7`)=C*I~=Xiu9D~rqD
z#>}`TUtL}Of?W$(fw|>p=gN?qE(u0{$qU!}?CIZ?u>@^~$g`G<Se}`y)e7rT%a@Ro
z+^rb)$-Oqmxzm$(C%g^#U>b92$GIR!qNB!K6V%AgCFcTQ$PMwC)S$UCye_t1`$4y2
z#e8jk9HA|&<Vb!aO&WzmD`ejznR=G6QoYezR4Qr-BiWo8;Lw*l0QuFB?7);3rYWSq
z(|ALr;^n=W;JHb^b5uLwpZsKfz@hCUw*dJ<o57=O44~YFeA@L;!&9~S0}6bW`NGts
zTcf+2C4si0=*C}sxg>G$=0m6*1)Vh*F=aDI|2OJ9(3iMsK?aJ*WBrXAXQ@};q3QEZ
z{c7=Tl(K+!RkI!NE)r<T=W~En`Io$s<e<Sf40aLI){fe=Nxy!@j+b~_*V1eQCyJAM
z-7(sLV0*+fO+vJieri5wklyZ;5-#?cOR_&=vGM8e3c}u!^Xitp?e8;PUY^A^@}P&#
z>gA12zu{jYN$|y+^k(HMqb*b_Phln&dOJe>-;&PksZHB->(}koiNDR;UZZihHm&9m
zx;9tyR4KhRx%bq3Fi+{}GuJfr5q|vMC$~q1Qx-4)u@NfoE`wywOMTSW@!IJ8diu0d
zb$a<N?cfSEbqRo}_I4hv7+WB43e(m~+9r87>Ao~^#owh@**v**yf`g_IJYbLx-yOA
zqmX^DPpS`d#I>#d*0SHSjy}y4c(`Ll9k`2y4&BxKcR9_GCI&>YDDA}G+ws9e8s^Bm
zT{E|lmX=mx>#|QI*%@1G*7SuK@dAaGur;`#E)G2__6Ky9#L5Qz`R{!eBT~ZUi_C?s
z#k3>ygd^H|u4-;fw90(nrN~X2O`lkJ6l)}uZ)Sp@4D1$+4a_Vo@K1^U#sm^F&9!Q0
zY4NKR+in14BqjMllJs;nEbGmiBQ1AVD}nws5rnR3t%sW(beB5%4&bzNxzQ0oll-!&
zksJ<NM_dE%>HvAq$fxV~kBdLhURle3KEQv=X|KQkusWW5g|ryx7~*RiPuQ=q{@h>r
z=8=w1006-JoIz@wY-I#e0b8k}^q&1i0%Nmz<>np6Td(G8kDZOKrG)v9HymH@W?OWq
zfi8j`^B`@a5VXqqtc>K=pA((@nzYNa$AfGOyn}S=f^5e}*RFef?`!w*cOAym^wNrn
zs^$?+bU{@2mNa9DiewnHXwhilvcYET2+Pwdn)1;hh3pAek-&UCoyq(hrC<v6YrpUL
z9ib*nboopTH1e!p=6_Ru0Y<#GMKd52<k~)-br^%viTajws8Z8MnS`X^je9&aDQLF;
zk~aGuZ8PJf`5rMK?Arc;#f(#;NaWo>NT@Q?`K?Zd)3tQo5)jn(l+>=xTk2%Q=ut$f
zml!dOy|eaM$c~UN%icfKvfs0fC<eAwZ6BPW;hmJS%gq{CVWY(76in%{yoYCaKTP_G
zrzMk~o;WnND}gWK%f|<x-Ifo^mmFW|3DPJbelJP#vnSeY%G`j#^;8*|)f||ssE8)u
z3)(eP=PRxxXQq4~)}Ry69}#QG0U@?=vzi$|2ZRXFf?ZdK$ARNJJN=)D1OgIWk3lZ)
zD{3egBBI`Ah;0~>R+v~)Gz3rkXD%~`w-`|heg<Re(chP226u-D;V9|-z)q@I$mo$1
z;7_L-*hNdc3lp)F4ifGpLNO#EWs^Hv7mKIBXlNg>H;+)26-T>Dg|lDF1t)qe+HLuq
zQZ6|N{rW5Po6gos3hjUFW&avQ%)lgK(c(mX<H<grUmh_#i>B^PwFp^~M~<2YuzK&A
zYugFMGF3xh9A*|xW~2{9TV(OMJZg0+a;VqmXc%a-IqyjVSYD$exk-cI?Emxp1kXW=
zujk2Hj`O|sB*@$Q!a=NR^q2qroZbQ;)x&*aYriJrKH)!|5D@+7{jA&lht*fR^!7->
zk;72}=Xi-_XHccgMflGrL|SCCq3rn~bnwFbH$wc+&-O1Bf20WRS`d>}tzp40)nENN
zS$KC>WqzftPENa$Bg_ISR5+A4&J8|pfk)NjdwZ!B-LJE(!t1SJ)zL@@RR*eP|MO|V
zb-{4<4Yf9@Q+di0!J13<`lH`bVH)M^P0u&X=VA#uu1<m>Cv|HF961X3d$Z`xLfO4e
z=#E$fB2fQT&%b$pD6toLuz&89uFOYo5xs-wexnxqev(+VJddk~JHj=xi9#4l&~hqh
z%v0EWx)afGr6pt#SN`_xUDH^9xXd4R9!>gx-3uy7D+a--u(}fUc@oH9%kgq^za3ct
zXN)w(G_%(^X{REt95GDNOG>25eGQm+JRV4-&)!MR?x)F>D0in>d940dpGHvM<LMPV
z_EP`fW&T?<tU_Y}Y>P*zLIil1<Pmww*Hyj)?8UE@Z0ed?KRX!H6fBvOveIM%<VZMv
zKblSV%bU~7<}~2t$SXNGur1ZH2LAZJs}?`dyp(2k|I(4swJ2%UlyU?>#I~?Vc28?4
zj6QqAp<v56FV0Ugz4S)85cu`_;Mdu$_RqFhppXoRz@uS~FP9i^jxUvvV39F0Nn9L#
z0t#wb*W>m@l8`RTcZ}HLH%U}`iJ}tE`p+0xd~#~Fg;H*-fP&FgDVZ1(w!sMqsm+u#
z9rj0>)qRb#R5530Mg^AL{nR>$Exa|Y!S3#BXsq(Lxnj9u8sy{sTLo6#KXBl(45W}3
zl-ICFKUN{xUs(k%w1R~Uy<GqInpDfD)<9jPip8^p&}4H3mR~=}iR$VbotN-N>?di6
zP-rW~d$M?hbHitk0N2q8NEw~PRSe1PEC(%(K69cY_Uh!|o&5)%K2lMTgc2u?lEDuc
zK11`Ln=_g#*xY|d=n0=6f=+}z?Z?mKoz#Kq4F1RkkW2W8>5!?~8RFCJ04ye5B?r6R
z4y(s8zgoL;|DwK%eNs-}zn>1?OIhMNQK%}CN3rx6kM<-FG^l5`C8x{^2H)!<%LZk%
zeA7iDbh9&QP_<REMWR2cXFD>B#ow+9CNKM1**v=P6!x-)zU6Y%^%}c7OxTH0?4nsP
z2?w!-h$s?a;eYqyRa8idn<2g~*|~?JYki5Jq;<fh$<6YS_kC<=g?`n?grXj5)uY5~
zc)>t3zg#F#+%kp=?sSYhcw80+oLzJ%%He~$u6uz8i@x<sCg#7wzm*HLrxfP9Et^36
zw@(Ucdb)q`&>kkNqwU2?2|bup9Oi{pdRZ6JsHsFx@BQ9?xR`FhOnb$Qa<LNQ2GvyV
zs}v4O<-wma%6i_xI(yc?eC4BNLhp5k5{t|S)$SeM+T@ZX47-{=M)Plq%O1t*-ZQ@2
zsluofKV|>H?K)p&(~JI79eR{WK$2-7>+PG}RZ3@`$5XGpi6H8#g<TgjKDdH^I6X8r
z&UvRo8Fh<B&QcZKM-V?;r@__DDmGXbYI!$UY`0WlN9X4cFJ1+plo(Mg8%dOq-~MsJ
zBuqATR#9{!V*UA_5%yk(g84~Q1FRX{6~!Ae-bAh`Do<6fUv$rUQ#?9&=k*qV|6ygP
z0*+YdcN;XpG7LKs=tob?weAO_N}5Me#29c2&e{2eqF&XmZ<D;W`)Ir=hO^u*KRq)g
z5P=TiwjC)_k(Y7zvUZ4<Oo2VJI$steH(rwN%e+KsNo5jI5=(<|<oI`SGR9qag$OPl
zx*-ao{mo^?Nv-5{iFE_|(@8nc_vru(D)>NMc|$~KQSz<1UxV|UL@bD#?X8Ua*Qc}%
zCP9T{ChO~g_KrJG#u69}>61)*LcSq|7(5!L%e_44@M13#l6D@U)Rs3_Pd-R3%CRJ0
zcCSNE=~_qIF_(xqo?|8p@>{E(-wh_2_1A;kG<96JtNrBdZ?|00J3W|9oimKV*WhyQ
zoj}3n!35kpw0Do_2&fC2WT&kS7Y}mTj~-7PxHLTgq~1LjMc!bDWqsQ@)U(jcFw`Y5
zTv*^uZ<QPrQDG=pWr9SwwE_jqmPeEM8POH^lp<Y$!f)k}@_KV>;Y7cuXh<h?*Q9$1
z=F-U}p6;3s?|9<%d?gjugA`35VpM!f4se|={LlJ)fQP%;eSxRZO^<CH=<?#APO|EW
zzb0&42&kBdDRipAVt*Wd{|GzQSR~kapZ04#;y*z@yem-mFt(C$_R;OF2v!=E_ZE^G
z?TcRKIIYjfM=DiVWZX9CueR^lNUJ^^uXr`2dxTK+S{X}pt=VZ{^E6}Yic7iIuS_MS
zJ=Jq+{_#~4(p2-T>Qq2)lttqa$;eo7ZqF3Ses^8Mz=q$osWTrq7<m=IZG1`FQkDk~
zI|YRe?O2tfW$WU_uQxilxv!wC=ft^^&ZadSNSHd@7ro?KT8v0fWWIb=cm+|d@bIU<
zQQby>a;W>#PS;?fwFf3Qr~1%x-;J@|e3(>+j9D$-c>El*MR23X;bs7XdC><FUq*oe
zG41#!$yq-)GZUCANK2++vN{&r;S<1bJUXA`vI35*jU?O1;npBlL7s6LCX&>~+Cw1(
zDQh(-p11GMJl(T}Kw+y2>r7|b7StGt!^849<)<IhoV1JR0UdGE;?16dh>kWQ)Q$7X
z_qVQYRZ^2R=4_4^TE$676Nk5BR5=37u$SIwmg*P=&(h#R1&PkK&I@k!N#tkQ9VD=c
zNg@n}$AFB7q%zOJ+)AN8+R`$^jjmO+$8-+wKN1ny++ixFYE6fbgixt%y)6KcY0=79
zP`l@%<YrTNBrn5Bc0HQWpG4y=_F>on{@f<T1v_}8eSf$yk7^F*Qtqo|6?SvtV2gM>
z|2@p%|5eBj3ZNtf#?~}VKvps^rOUs>J|h!7>zwt7Q={B^@7)`-4x~PB>HGPIXf$$^
zmLkxuOeQ#I{m#oV2YSt@n}aRsT9Mu~ZfT-F3Fa@C77#iqE_46T&(R4-;%T7>Xm7D6
zE)>VaM5&lvgy`z+EkW6?|DtE(2_E#Dd?jMQ?Oguwvg5Wq`|M?N=4D<SN)J0}<*JX@
zrVI+aDm!ZCy9p_<&#gqfAlb@E9`93PHho?UP=0)HE$L1g&T{SWbYV-ow<F@UJ|G>f
zSk0WBzIB!EO{%1EkIUFNf`Eoacnw=1La}H|sBt{HOjZN{+$loVyxg5=`i!-v4-FY;
zQBrOlB_6Eo#28a(dU-UbW{Qwc?)5Wz$if2CRlm0kD$NmL_Zb;TXgd%JJSE?4CfhY4
z*dyteAH8ZVo*=BPG`6G%64a2lQBLGwLWK<2eeRQG9=Hgf9UL5j_DPIgX~(qZLw<Lw
z4<(0Hj276?ko$ekXa2Cmv+VRy{V6(@my1@u6BHdAqo;l6V(@B}82S9nWy(@>WHNHD
z>(q(w?|?|EG`4rBWPumCE}L0<ln_EqH1DZuU_52JA60%9?d0P~^1)4>W~5hRemdFB
zMwvw0#)FZV%z|vc_MpC{$T4T`JhN(7wz{HtMuEJYp(md+KAAMG593fJk!ERefPgHL
zYmvW6O9^KJ>tKuj8^t7ln4~x?S}iN2bYlcp?SPjF`;};;D~lM+*4lnJN8<=229do}
z|LY9<=8s&tXDv52!&(CvIN$#`A;&4s-9~9LiQuOU2VPViHEl49nqE?1bFhP-EZ>%w
zstRh@(ATzP$G=weMx_^{#d)&3mF9-%c_@woI~)~Bmc9p5(Q}%o-Q72vUL?ScrXJnS
zNh7vrz7BJ8*)|ys)zzZ9v3Vtjx>GYpqF~*LKKpq}Dp#W}wA|dpE5<JUshv4GYOBC!
zT;lirjn6HRWr3Ti+ry9+h*w}XD96EsOl(-;HnTvD?#X?BzN$Yrg-!*n56m2AY@9uE
z(@1bE+)hUV0NgN;TV^ebQzc4rB}HyynT?5y_MBS6{s^=PHgv=I>dI{#J6`N`kBDn!
zWRM1C_TRbUR5GlUFKgdznsZ&((3@Szb3H54ef>C;CQ!;b`9kCtVsVvCHfG45G9^-i
zGiwz$I|%BQTBX|lX4PbjZ2y_V%TXC+@c4+ey6a743Sa=Bg;cQjv;vN<pchq@rbGvE
zS2Lq7QUkzmrn_ke#M(&xzX8pesLRPoI$L5&S^^z7q>aT+Ut2QUJToyZyDC~kb&{f3
zx!XA0sxwhNc&Mh!sm9Z73094E$V$Q6X-Xn^qguUJKzA_7nolq-bt);T#m}-i6gh1j
zt|QaSt~%247$+fRUAm_uCu-4w!WmlZMPJq2^p-bLoJ9}Z*B*K@CPWOIN*1Y^HVC|N
zx`=^$`^3FXYR|Of@;***FGtEU8}CvbqU{+kZ5a-ufjFqaaT1uH;YByyIs66i6xzyq
z-gb1i<pXS)NgZd?_)daC1DXbC`&d#m3$gY>^@)qSTH`;LVb7z3<zPbG8l%IVaPW{U
z^hJx+EN43#6N0(MYR<O23e!8Pm)9uvj-}>XoTKB(e5;Clmb9jAO+Fg%py{c@ad`b+
zfu?ju1*i)pL16{pYbF|*8CRxkX3g<x2y}NxV|rffBo$LrlGV(_=)Q|uMi7--XXj^A
z9GPf`R%Q*h6IDcvWjeM!W04do?DzAsFC==Zzs?m9ylc90<$<)PR+Pp~DRK-^ULMBW
zsHG=ff!6pjS9n2A$5>w?qXmU~<85T3gWIDLTw4?cHatch<NUrV3L_h#2Z1BZKW$=1
zOt?LE3$dfG8MYuRD$d^@ynou#)f)Iy#Qyp<4PPp@K*T^UuLD|;%V5-h|Dl?9S)7xm
z$ulNYSl|rOs`3=xzJ!U%k6nH+UqicAqZp4(1y64mXkrayy*rD>xU00sV_0X^UafD2
zjTpfa?N8Pi&6f%h1mjNra{2*XHIOR0N9*F?lU*?Pcz>%qgKU;ilwMP(?GfYL9FEhh
zszP*~^e=6R)UEF#p*NNk;#rv;I@u6(-wS1lgmMP|+%q@}NC-K`O`csKYm=5$oHSK5
z@H7)wbfK@&Y!a=h%ioMsapF(32TtRLa5LfBO7!@~k=A_kFG%Xn33)e{X1f%I{|=B~
z+WyTMh56Vg(o9_4LEk(z_3bHw2E}&Lu>58Z6{a4~057|8Kg8B?*3UFGb`l2uhPCbY
zQ;{psstp!iGKeuVcigTf$7^LmVBe)fcbRalvo34=R-Q-3!^X==4ciD3A3`S~q{8-Y
ze45+!gI15I!U+>j3J&Vxf=_$ohXT`ufR4-$rl9TPVO>pN6ei~+?|KB;2C_^{NZDHz
z-z*vg+1AEL5xt(>wDY!<6~hp{D<QZ>vDGb}>jUIaMDo<+HL~(VsV3Jrv9B-N+(6c5
zN<N6avP3djKaF4!y`041k7D6qm#w@l+g_JumTb%(=&-M^T4yL@xx2DG+ZJ}B==&&}
z@x6SVnflv<7@w2H<Gyyql;9FrJ4@bpw$EhO?Da$HPcOs1Ed4u%7t|!E<vm!uSMDDi
zp3WSetTea~T=$5?9o51?sB<ckp^<%|=P`zflZue?8KHE}$dYS-gADxc#Hox5Etd!p
zBFifob%ixZ<2Y~;9Zxn25AzNsfgV5$E&&-#$Jptk#?veDbzj6L*)H>An2^10b`k;;
zNe#<*%C6>j;DLCo<wBFaFM6N|T@ETY&ySj@?Pvu{6Z`KZ9_nT1>CPQLJBuvd%?)p3
zX0%NYMmZue3NFVAiE@pWA!=y?*t7;iG6@TqtlKlSIvm8OkOkSLB|h9Oh=kRrzvJuw
zl?Zg-d){=Iz1mwm02W)g|JWR6*!*)*+lx*?J2?%Qmg7L=v3U(}VfJNNF6z`BuamL$
z^7f^4<GMc?VtlJB&mUhKsP^^=;3dyP^8YN*isK5(cOx;>m9|LA@Jw=PS0%haj;b^E
zzo21Z8sR6wD>wbsD*uq-j+9+_cwL&d=iYvjSGu>Q2Qyt}u+mo*4m)zno3c9aiw}Q;
zqbN8k138;dbKs{L*JPKS4BA!bffJiQ07pcg!|7I>$yMjzPRGop;(4S4v&M%*1TWuo
zciM&f^0ea70LbfBkdYesC4gNhZ$cTBA=To3)43yCji=tz5?+KPvA<7|McltKybr$w
zu+sVkVS(m|aq(`xVwiJ{GJ7R|e>AC)uju-hq282&8AAC5oQtyxN+6H)XlatWp|I98
zrkoxU?_y}NQxe{r+vg8QS#o0vtJ>t7yLW<5&JLIkHOKw4U$*otB(pYuEir|>--`;J
zB185vfvZW<Dv1!E#|n<Hk*LQp?jfW0=G0MIbqVK}EfYZdj_&R8eDuV+%E}EIju)80
z^9_lfejlID9HL15SZ#3^`q#XnqW+mI_%QfuM@?hA))VcSkGJz1`g*J5SEmmZyr<K!
z?wbJtDwXx<8sPLTwktlr8{B6Y6f@u|1_c{57%O4HaB5=%4;_ZK(s?rCd|leY@Hp=3
z5bFon?EP7#K3E&{GFZo}r^>^{#bLKHqX#Y%>UxwS8<Nme(~EBsl!j&1tVdt4TovkB
z93{oHKv`hewE%=SwSNj=P}({|%h9g?TJNuCf|0L%CPb;X>G&aWXq>E@uJ2DRk&1nP
zhwxdU72nI$90yhj(qZ?B9UN9G^W|N~k@iiEYx~5~z*EH6#R$s4j!|E4@;(Z|+uNC(
zl3PpdI#KM&*`@AB834Btv=UM?FtB6m`c}<saq93nZj$~$UW*dAq@(^VDsktI-Ps*o
zkLep0U*um!=sFO~PD%*0UwtQ03^f#jTe^OFYh`>I4$j^CJH?WT138I?6&vS_rS%?v
z#P#{YANO_&j36f+tdQ6<oGqhl5HJeC%SVh2RzZ+%179X1<@p%r=3>v(*w8Ss{J5(x
z*Qq%I#g+0;tM=?kqLa2hUcjTJyBc|24Wq@Y@#ntGoY52;fzi0M+k<xsV?D!PRSHN%
zz-!6Wf{vk~{Hxn#o&|N=MpjoPY$cM2^ySejBkFF>zWB7GLk<@ME~CG^ZIK!pR(my%
z?oi?17|SiDx1=c&2keu1M<&0#ffx=BOEz2b<B@S|{IX(`z?c@Cy*wo*?1RNh^03`n
zb43?7yX(8^NXcdK{MJ~bGo^0x9|UY{X%EJ9(X+F8PVU3IX@=_tHxr*{FZlH%Dz>j9
z4r}~bdV<{|Nom(bGgc=kHXJW*H+B<*HW?pVNl4l8Be$-n*_*Agalch4fnQ4{Tk>??
zqGgO63J)e6q*XR#lQ<&5;4H2NoQ#EeNEb$g+z^#R!5Bh+eQ+^Eq&OYMC}{*n^wT?W
zv8*8^^uX*;_BqD$Fcma4GiLMz&!y-7xtAghkq$)2%<-}el_`63n$G=GBgR}+*A1+o
zp|Jjlr;K^hGB|@Kg2ZP@6m<E5`|z_6Ekag@RKjx@UdjUN<Z_fW)#oi0TU_TjqzH<F
zeRjy7ZLd-B;OM%><-Dc19ZVh!l15UIlr0FTkY}&31c^|f$1w2p_VxVv$0r0iE&Bwf
z?)8W$u)R7g%fE=|?51zH;?#aj2A+1PhL2jjFV~WWZ@gs1Ml#YaLDgP4U%t~lgb&w#
zT#RBYzfd$T{LW5jCyt<pFyU@{7KHWzt+xF$vWK%*Dt`JM?->?tc2s?;n42!2hf7L(
z86WwSYAWn=#Z@|~H}LjYl>t_|umskp4<tq*5%Y!U_XRTo+m+JrUiztA9yULoh-JR{
zGP04}Yq2>yi7+1klAat$pDdTq;}llzS=jC707Q-AUAG87e+S4;9O&6?`)3Q93H5^k
z4e@o8&iJCA=&qdaZqg)<jKJe#IRZegBPEeW`~QKO!QG?-h4;+Y)Z7YcJR~$Ys4;=x
z_}55A3VIolsKy`h)Px?5me0&j7b}x%#K#rY?L+y+8JyB`;aul<zyC^do^c@IvBQJA
zN_4~~X}=-sm{9AViDTucpTABCPsP(4oQ8|8*q8M-rxyt<vD?2}y*=iMbu9k;_tONW
z$WIW}=4X_9XXUkuRQ!V5{=;X%t7byBB|G<vyt;d4$bIWf0V$9t<W8Ql2{!OokUxK?
zAoBw36083@Gyy@=>&s%>s!IVxTG>z6bDI0Dl}Ap_Wp=Y)0+U-F8QKO6nLUVJMb}h!
zF(s2kiNR|akiRlrV*~P(3(5;V|GZ)a2d8Un?iDxD{QP#^J&}^>(aQwJZ?O*7Xou<l
zgIfO~JN}RrF{_lL^=w5M=X;k@iX?MslllV4d|~+9Uab2gv>bLPvaz^ayUmApv%tE$
zt@wuG(pbRG4p^elN-@rUbWwyv!kL~>B*X6Xi>$Ru35qCY5}%92-VExytS>fZSinH~
zxI%?(jm6Roc{E;z;$3)wV)iq>eJ>q&DgKB1FbIkUUDBW>oKlb8bmj!_u}5MJnzhZ&
z%>_;Ek~7o0>9gar0@z`)lAgF3h>eW*8b3MN2f)_Y*Q{LR+LFeT?YjDg%Ri`^`{gnd
zq2MM`VBT~#w6vPGwC*EHtNs50`&U6hg>JY)7XajnB;0unTDHGZK1bUfLw?}*$p2+1
z&<ZZ&un~P5xL4yv{~y^PY4y7^!0R8l{QtX?WbX<8;PC$f1I@#wAn^YyIxtUEa9Nc<
zWX-9o+qw1Yg-d$+zyl+#gQEcg7?*aRRRUvdqBl{+AdlZsk-c%ojCEz)Qke=rN}vYk
z<e|a`duRAgjzu3^H2wobx_>n^OH^xm#>bGSQ+0ZESsud6b6@Wm2px83^e%>luj5OL
zqJk&(@{IQE!|R(LU5pKrdRbji!Z1LbRD@M!<7MxSUdP0AP%<nv$!FJ(t^ML^GhJc%
z{=?@T!BedN+IimYo}A%dDg484mie0Ln{~KuhMchDim}<8tw}!8ivb0tQ34o`bDkBM
zWu@4Sb_UiIFFou$X?d}#9JlHMyX^y;bb_kCFo6?lH}$4r35)!&f$?77_4eH^xV_p1
z*u!uS!Tkefo{m#X8@06Q#^m_Hst-+`!!aslQ(#V{6rTswE=URfWu;yVgsRabr>{5E
zh1s&f(H0#WK5$Jtuc-_AOt~P~w>CB$)lzL@Fedb~5znh0UhW7~der>GWQwUDv>88h
z8q?h~5*+;R#(-~+Uyei;(f*FG(DNj#`f)5K3T%3d;pnys%V61tp4D%!h)n2HBgrE6
zgmOu;gKwZEqQA>yhAsjF5W)Oi?Zs`4O7qh8QF+D<WRDiy+!Zy&X?!!66Z;v5*s`*m
zscrK+a7kzn>haqnG%?s(2|1#wG~^@$c6MfQtuahKgvj=g;m~wbjz@oX38XJ-%KC9&
z$Tm**8n-5vs)RUypB|!qrE6}KTa-5L`6+?u>UE1KZm?S*o~y4fot?#(!A_ecR|bYS
z<Q{rt%nrSj1&E(mm!;OTiI(*+<N8$(VGhp>2{8eH+pSmvBzNO@YP&_^i?iG&g>`9H
z12nOhN-svHZhqDzY<=2-a7hDeq30NF=e2|5=cvLS!-4HGto`VTp?&sQtK?0FMZvam
zB1b5G0;2S+P0i%iCOL~k@eWKqZHV~yfXI8_>A?gd!dy`zRi|~s1x?;^7Dvmxk%`qH
zWkJY}=gg%_6cpR8W%G5b&L=~4*NI<du88GT*XDI=6F;hK-`RY|+8J{qI691$Lr>RM
zui4jidpYuC%J65>I>IUTZ9QC!9W5-MyBi63f^IC)<1jtE;SHI}(&~AJaw7JdI&R)f
zH)3STL<K2sht2ndNfT7Fv*>SG$yLIwSY>bY>%O(+m5cbTzvZ_?g;pxB83_JI{eX$9
zF9~#2xaMrP;sOXl1k+k~UmHnWB|G+KxUVDkmv)a(a!GQhX^IF<no_=Lw7m06fq>wG
z6QB;`z&2JLsOB{s>M2_2=FtL0X}E0&=nvQFXhM?UfIxs-Y+9&nB$GTKXvF5lt2Orb
zXt`IQD^sp+JcmHk>#G%)zva=*q%N1rBui20#$-Du(}!<-Bx$T>(~cKME)BzA-4m-Z
z$g%c`l`m{Q#rWney^A^QI!^ok)=h{-Y4&#hiVNh(9{A15*RBCwMsmQnXTXC7d|tV-
z7NCQizT|NFu;QxoxW2#R<%$C_7ZmeJ4lPZ(a<~Z!@MS&I*mhV3r*2XMJgO)5|Mu%`
znpEL;S7&d$%ah=j?Jl13b@Lk!_h7orHp8F?*9CPnW~NCWsx6UFlb;nkW@f^BK1?_x
z83E`&JmW)GN6)OS9x-Cay)GRpGe3_dPOeU^zMB`uhS8jQn^mUv5fmJK&467c{`yED
z^c=m!_7%Xb60LQ65J@l~IS%B!+i~JjQJkA~?99!JR=+(Ou~`#m*E(kK=G7aVpMU7)
zHl7-sM;I?hoO2l-+m2JaoiQiAR$RUn3AJRq`}&#v>x|}&Y-J`cjc1*lw(Iqf-L$sX
z*oMKcZ6u9*($Ml3w}Kx7**I^?vrZq9LjGlEFRQx5S?<bEyHzwTEBHOKAlLglFYj+8
zEKFbWuS>ruwxabZjE6K{HRYR0Xw$NLGJlBj6-}>+!q-2`Vn32Z5EdFve<=VR`S_`2
zoXcy%gkD#O1?DF%1CHIE(?O1%zx^t@jw411BF02ne{J;)3yMg91T@?P`6$C6*KO)y
z_x@F0AS3u3k{@S1eyTWivD3-y4+bz7=F#2<B?yU`x8#*9Z!H*n+s?hdB_xz;lS0bS
zMy1)jjCZ?KKWgU^rS@05YWwxl<seT9rc~}VSZIBZ8gFXK@Lr8Qb%EX{t=RRF(=j#H
zbAT4fGZ5F7q8#MG=HTCyo*^vWQtdA?bDdd!bK=`XBCG+3Nz-152KTJH3HH?|kEB)!
zt>`r>0#)XtvG8qP`bCiq5PhB;=s0ih)iMOZiRi~EBrHdPajLgF=0d0@HS|6KY;wR4
z{Mv7?7POFNpHbtcOz$Fa40T9VY#H)m$G`5qa@#NyzVz)k@)?~B**-fvd9opD+P`Fz
zr!r}>UD+X`I0pCRS+{#S;8VLhbjP5mFXJ@SZ4Bn+l8u=gj_sSMM_M(Hp6r@E6%r+)
zthZyb$>7c}A9&`$GNDE<-_3Xl-J_<Ly97gq{5)@d|1%_hNAT0Dn*_&k@ot<O@p5Vk
zDN}8XIw>oEU1h6+y;q<S4i(*{4yGT{CN{P6_N_1(SMxS*utjmwhQ{9>@>!9&aPneg
zeM|9fLOu1k)2hdCL?n8#QOs=gGRo!64H8wEXJ*6ZaNeAYrLL~D$#=uvl_Rhuwl7cP
zhrrJ9iS=hkrs~rDv(@DV7mz3yEwJ;(ZS~bohrTGbl>*L$YkY26V_ffo$K%`Sjk?j|
zWVW}yv97vul?jab1~-dO5^R+a(s$6V*_kGjN?l$5MYI^FWX|x<x3lbNGzc-B@7liM
zBnZY`q$;ej4jS--o?QE<^|$Ye$gt7O8@;^CtC5o%Jdz6DI?*JMsfzP6j(r*Ln<av*
zJy=bfaV48d%F@&-DDy5$2jur(*+epuWwcwuJan)Wj2QfB%JBlr@k8o_z+DY~A4rCC
zq~?I`uV}JBp)Ay=Z+ndcdD&#*2E0QX^lhQsWv!tyG^Z6GX5v{>!-VvwjC~tJlbT$p
zQ&W~BwdzL~TsK!(Ods*Z`z{{TADm=_Mh59nQerJaab;;*pO{N0$H|#`Qto{tU#?zE
z{n+6fvHE9ssR^QHjAw`bG9WVw8&2o*5&Sh#XZAiq8+wlhgLm$^h{<Fe>WyA>m!%}7
zHm{=z1llCP!!iy9Yu8~&)nbVAxd*|%(p(S&pZXA}^w8-@{j*N((jg3UHp}s<CNbii
zfHkjC|DU3V1*nv*Cf|qf+|ktKuNCa~15nt{amxvvRY6RZ+Webp@zmVRYHW}40ub2H
z*zaz#G%Ctd79+a^$_Jik(c|x@@Ilc}@{rF;bfx3yv|_jHz6H7PGIks2)Y4Q01KP_2
zhfVHO_DqN1beRpF(eEt`1An;)wl)Cb+7PDY%xQOTd;9~t5K|#It%mFzj(tC#%dB3u
z$El&h^QY(z3-m0!Oc5YlCV|ZjdfiRilCL3O0{G~Dj+P!LdNihf_V(~Y$DhwoCy`?q
zVWx-BwXyNyD#5c?hThJ}x3v6`1tnD=rnBrn(g+@Rn>A*;c`MW(_zs5gJ!LFzip+&7
zegjv_8|Rj=C0<;?O=pHVc4sUeLjD-S))I~}e&McFP2N%?3=C-Dc0-a$Ws31AaaC^j
z*7PrMhw-m>bE=&gp-e2+y<uf+8m+Cjw=sN3&Nn1jg;y^vY=rL^yDxX*9ynceTY3{O
zOz!5Fz{5Hii`%ziJ5CtXWqKp!t-K0A$QrWf5MZ~ZVl|t`n|?)YpzcWX;i2ODfy-QA
zaH!C*dvsRnRB_a$EW6XC^THX^h0dz#ODCqJRa6@rhdrdg!(|(a=ZS8M4}6VUK%W(Z
zz!IpSd`cp}Bl&09q8IgFPH=Nw$fnIQX})01u&hPOu)o#dLr~~RvW5fT?GP*IC=T^~
ztK!w#ntmu|+<L1H+UHXuTGZoBRs&s4!pKKezP3TG9<<1`D>pIZl{p~TyUrW%wRPnS
zG~>fL#}MUr7pIJ<bC80TZ>yS3QO?$RGmNHO$2-ai2hi@5*!2fHKk?9smBvmV)F|=z
z@Mf!ldVw?^ITMFJGO&5y*@eXIa<T>yZO{5{E)!H(SSU%-5^A*suS@}8x5rwyIj71X
zUzt;DB>IPVURU-o6XvSYP2z#2lLK`z%ySg1`-N~u;Wg8d%ZR&Gb*_01eu(%WavPhR
z?D1CCKn;>-WF5B0WNf`%6=gKWLoGp0im;1w%bDw)#|)dJY`f#<JLr{8hCKIGX4T{&
zZ!k77>Afg8qceEO&l0v|ecDu%OTxyfgY@oU%~WDRLqb^gZKV`JIb~%fusZ0P78{)`
zl4kQ4gKHHW@FD)^q};^bR1S@J0@~stin2vkMiYP52Z!cVG@|{23H#m4JBA<vyb>2z
zw+C1A=|l%DSD0Cdac$Gl!u`IO&!jq@QRojI+(mS4GMW(UN>7)D`~;=0sCLWb$Zdzp
zkuoyBM@cKfI`M7vqO@gD^{W1p)!9i>spVP(fM7})=X(6Gp~Rw@%aiS!4fnpX9z0j3
zw|4+}T4h&#rhT;R)HjRRq{19(LBX;hD88YkQ*Xvo5}pgz_~t5j9SsK1q-ImyP{b(d
zaVYO`8`j<Ay9-1lDq-hOefn?sjcqA6KiPb^iOLUV{<^5+THfyrnKrskczGz3cu%o8
zl*%GBT)n-4D-w)fa(qQ&nC5ck7+#i@?o9oTF}QW~Yv0-I3rpF^oHP~5h`x!Gl!cIy
z7(N#1+oWQq5c7oc<v|jg!gy^x2CN`4&IAxx&Snq+-1zs*rJk;!1ouof@Yqwr;wZG3
zxK^*b)$BnNIe|V0&6xJQ0`G3RJ?6MvH-Ar%NDMW_WOTxX2p0r<su7}?L?<zK4q7pc
zvrVMaI&wx~%98v><YzDkHWwxZDr`s$v?GF|#=&N{-X)*G50Ag@>7i!W##oN=>i&Fz
zJT2e-yP~|w^ak~FqSARp0i_9jBt^76{19p)`!ZJPz7;WEf+JT~BmtW}jz5{=(|v8a
zex%JuYo;#TIp$UBY3)$qz<v8tyB{W}C)hOpUP3DAvR)=rYQb?Bl%$%G5hi27ey_;@
z=?JIdD)2|zlJz|}<<3<)*HBwp!t#6h;8X<W>xRgptgB@>D775lzcZp<Wa6)q4-BdO
zz~&*X`8kz$Lg=y10;bMO5@xVyQA!&ufK{mJXE?2F&eo7;sD(>`@Yppra-)A(><51@
zTFtP+5Fy3ho$H|=TcD7tjB-()gspp9F!v+&XaCd%rz1m@4+~8aXfBdHW**pQ+`G0S
zgcBr~F%Vew0Bg;sek64lYQ?>9lSFP)n$6YVVTS(4GxOH%^|sA}%|@Q4&MnZ$w?Yt1
zoFTx+fa{yR7w>0BO0S$=cYSSYZ7o^u6LV?Z@~z4|5FU;E+y%ZbLn8vXFI7i>91>!|
z2}Usag)TOdN8<okd#Y%E-zBZ?z3{Rs&CV+@dIiJ=5u04(4B|)Y>1{}IjG~8+%pCPe
zfXxo!(7bt$roXQ!0E`p6mPJjgna9OWI-n|3c=>pHjyv6i^Wp;=t97%G^emp^s@b(d
zzuZyX!TouJ^79*3`;^#b%u9%qHqU1c^}%GW5=KL#$&D822QG)gO8`kmf<!9c<dh#1
zN@QgxS}#}#szAUSOpQy>p|??M_H^;sK6qK3%awH6RLbGA10jsZnrU&alf-TcMcQ+Z
z-n5iUjn~!y_)DQFrKd=ILjn@|jk8~7SKM9uoql`}kKc~fUxeV-(u2zYJGkfdoLXHO
z_-)4F?IX|q+0yFul#U4&(QqT7JPZ}b^7dImvzuQI*d%Au%VU`0<vU{0L@M<o^$o^Y
z;R;23-UY9XF-&H(TrYDg0t30>RFwQfkTdG9!o3%V)}ZHaqun%xFKQ>Ib8bxYptXcc
z6ltcpyPvcCBXwhkxPzKVt7ap{>yt7`9IxvOb|W=oN6Sf^?>qBux$C-N^O#?!h_FTQ
z3IO(@F-tIrb)L^R4@yFe<0qn52=!JWxgY$7gXJx+f^2G2BG15`Wy15<?sxy!cboo8
z(pM4d($tDF0kJ2SuPTtws9N`@k$%Fm<9q!TujPzl;z!aX*MHv<==q8nLAwp;_(<#9
z;UL`ocV(e%(#+v<CU-206wg2r&2B!PIJSHD4IcTyy$2Mm5D_6UxKQ5Cw(lRpnp5#o
ze1hCGQ6_ce{g@grf3PmxYy1S|hCfIOEM6-8LZ|2NdkVftla`N?MmE`&Wa_k~pP);)
zH>9`WYMXItx?YDX8t3GUmWTKlla%fDAy1mVC-_7zNdI*V#EvUF!)v0*laT@39^D}j
zbOvGNF&^SduzQ<{kqjQ4zp!lj*Ma?HJbRO2kFg#@xfQ_rzS!}iLQ47DLxd~BioKR*
z!L6LqL&wn*UbQnwDx^1rzt^<*e$55Zg@w{@(Gv&D^R9Sp{Aqn8m8Lr+9Ad#DsOW1h
zn;6Sn2RipR;eyi^DK6X5cCEQ~qFLX_@BR2>o^|#f!1`I*xDtNUT^r2pymHHl1fOVW
zL=D=*#?D_-r@0s;85(jy=9YV45upjHy>AVg^X;1-vX4ymy5#0$cFN!ZNZvaj6D5ZW
zhR&)D=e}wcJD3t9p$a=C!Cdr=f=>!qUc|J4wtw^Hmz!(yBj`p6jKSuEH6jsNQtQkd
zHi}<rwzTKeh0Vtbdvr4m_*exZ+5!ba2HpT?&FlDry!cgh8GQ6VJJdIWcMpW$VsyhB
z`la6*Lf$<#5WX<RVC4$@+9Sqwmg=wtmwhC~{OZE+t02QDLNyk**Y*1)Qlw<Y@OX$i
z?eT<9Wqv1O8*NbWMsuL+^WTuo-^a}fI>$5^IuPM75_pyTyt(TW);~X+wIumPk%oV(
zbe;Vg_q`C!<z*(d)tRa-1o3crYl0lOQg>yr(Br5^tA&HARl*&s(|#jq(aCRU$j(3B
z6s(E`?F+<xMmt5wr?*#l$gg!Xy{HXJCCfW*?HIScDRgSWqe((^wS@Yv%PFf@lC$s4
zl+AecYYtsf9YRX3JLgcdA;!#Gn_1gq7kLB{uCu#5MwwaLH{O&@{yaOod(BczfUn0N
zVL*qH1g?O`_|I#bOXX1P6s>a^mR|q-)lpDE${!m<nR|WJ#di2mY6yM896bG>52`0F
zUUY3x@n+6vQy$7V%`T-Y5#xK}My8bO7othl2aC-J@>Lf^Aje(vik}{qSkUqN-zsg1
zvgw;$x@SVC52(M;LtT)#oD0c5z`g!S*6xBI!a8V|>{;!v@MEC8Tc@jki2zc`{$TAy
zfKBT<_K{Gti&@T9L0IE8nGNA#BnKbKDhhH&ljigSHY6Rig?v5myuGR;+gdZ=eT)=y
zY7di`7IhhkFE(?5^-L|2$#m<bmQA|H!x>r$FaFl<F)`ghY(Z8{sSgcp{W+kwlPL=H
zp|<ih(~hr1%f*<xdUH##T9*O&#xSAvmm`vz(IdEfZ|~9j*E;`sZ{Hqx6GccY&OGef
zooE*<VHIi5-t<1w8p}&)j+mIsYyq=_EjAkuY#+4Veo3pYfs+Qz`ZxWIq&IQ~4kfzC
zAe%)u7$)AhYC73gq>*U3%iQ^a?Bs%SMrD2kW>)h(%awfurBKBYRQ!QoKL+ItdeQB@
z8PM^;paWRI>?|jjT<xS|4!zenXVB>9`5Wj0@&c_9J~PM{`p7kkS6gn?{C=vw&S2Sg
z>ziwmRu2e7oof*)w*3P{Xwz^Y?P~$8lg1U^g!GIYuGel0&@jk5=7F_Yeuu?b0f6gF
zmp^tBLl~APOHJeqCVrt<hfA(=uG(gX9jZgN){DV?#k7Z|&T_AJP4wGyVRv2A0iK%y
z($x53FZWj0rU#Xua!oV`7=ZF8ZN=$1xQr_j7!XG8Q;J65%r1sVFV7N4`x@Bz_U5ka
zP3nMy?@1O_UCXs}yDea|(>kV|`AxvaB{8Fc!K7m<HixMhy{k4shw5?3nHv*u+Wk8Q
z`F?uBHY2k|U;p5-_nJOFD`nmv3x`?;0i(h1OvrQ_%8?<ec~v_#udm&m&GE;_*kDz&
zvZC}00Ik4&W2c~6(QzNZX7I*TV6O!bf~ZWHm($O2W?FFv;dAUtTiH5&1qzJ*qk52j
zHZ6)<wEO_lJ~x<aV_c&ch$nG`{>KIk@FWE{EDUUDFiDz+I6{l5Vu`E42TFq7rTVWT
zhp~Oe5q7JdLk1&$Q)dK&$v_%NI!Vm)eK3;;2B2AqB-Co-M&YFDVu3>z@%t{<0=&iP
z*()40^d=iRx}DT+?sZBRj~2!4*(dYYPrInY;o!_So}X~`x6+9sFYyf=o(VZcGDT_y
zbBFVW0fonx3Ax$;nx4@{1{w(VR3*ScB?E+HO&Y$isbEbn01!(kTe>PHGi&kI%M+>a
zhEYpoFtkH&OUK2P=;`wLS};xA2n-|tqe6lmzv!h78w5d%q5Ykdw9@EY5w!hcHcG?c
zeP>RitZ1<jY;j;U-RQE2la0=^zEs@6(ue<j;18jmM?J*%bjmzx1)guH9`zQ7>~~ok
zV_P`dEZ|WX?{h1wS_|tnO?4VYQ@=BFk31HNFAV?qhyTL`fx8Mtasm`ggb=u}!QieB
z<PZwkTi#hKEa-4)${rR4g$BBWbjctJ^ax2cRSZ|E!?l0})?Ftky@Uu!3|~*3bX~*$
zH6Zdo1kHbwC*Zx3`2Xmee**{q`+NU4AC*NGK2y45eZL<ywt+5HFn?4sjt?0^h~?zr
zQ(=vYp4R7A)8ngLMH@;6_mOM<DMz@Hu%~(L(?(1=i=stSUizetM5NmK(J*mxM~b9O
zR~$uD+J&vw%1Ox}`rdN{EQMy<OT@(gAzroxDVn_}nUFFvWn!s^h!adNHY@fELQ+=z
zFnR_cQ<Xu5+kd48oDYG$=yv)g-v9tuuxL_1ZBH|Wht(=F)C3i@_qaf$eJ&6|zkzP6
z{24WdrC5mKKILZB+qpK@Yy_h1uF2e*`@^+7(<FNS=4)amDbn;oNJhv3*tgDzKZ?Mc
zw*<mgR{B3#kkU&inDHv8Y6ux-koR^;O#R47mJ#zmiCtd8)w<tQ;mo#0aLFm_$PFZ{
z2G|!=c^dP6!8~D>Qj-lI(d|+lj*dnV6^k|Lsq^GlH<Z>Em3xo-<N|s-X+fhK_3cfi
z3NiRMPbQcFhVpZ7b+6mW;ATApDAhT<e5)b`zQBe(rQJLay5kYu3Lx17Nbodn4hxjD
z!NJR)HbVw*a~F5)pXrCpgr4bhm2<O-j#Ml13|=$(c(Wk0ra05PSeHH3Osx)+pugmr
zm{DNp_|&1tK3#-}iyJt2f{GBW5XVjUVWq@Uu|&x+Qs9Tp9ZJw*#$W25=mKwDRe70R
za~Q{aKxWIn8hh+Nw!Fct1VxyYL-i<O%zcVFRd$X2%V#wQO4tVOHq4Go!|~1im}Xxy
z2+4O80s=){0V6ta&Cr0^Cvk(YiiD6T1pF?#tZS;n1lQ35<O3Aiy5drfn{;ewh>)N^
z&>I{z-$R+<`3{c95=;Yx)Ik3G?$N92Ayb&J^wVonUjXJF7^rUbfQlb?ORVt9sQ0PI
zMGY`k6`W1ZD%4dX3_Dwz#4IdyyMDD95%*0UB6=X&DqzKFBqTy_DmM=E)b1`8vC1Uf
zj<_B!nOO}dhr1YeT<Mv&hYiW7D}Ovz?;}({pmM(gQlEJlHr^s6eQ<<BL$i8@@9)VB
zO^4vcs`i*GrrSHC6lkHxozuGzf|sdg(j;?`67xYYz0&du9Wl2YNj>}>5xW~Ks=KY=
zn_N|$1ku{^*>npvPZ?xS74KitO*{%>ecf~*7BSJ5kyN|k<JapIOw-Zms$&xaP5z<j
zM$dTK2$i%t4<C=<V-V&U#Z(LD@@)L7LBAf0=f$Q65>cA`rU773gANbo4QLL=r8)8X
zT9~_=RYi9l4YA|sU^zZvNJ6mfzy0t@8FyWcDkK}Tgi%;uX|2*Q*H~ZLTZ^N}^0Y%l
zYZOz%b=72pIyWg;BrZO~J4xniJ?zVu76Rp)QwGXe{I!mlxygYF%5hs47lsHeMB1jN
zUy()ngD+}>a=ENO3jTyP+*-jq|9jOsg1cRARr3s4$pL%Ey*98?&;_>unR+P5o$r0h
z{Idgoc$ZvG!Qta07o9xPV*$lqe!0>2B6lJ|!{Ma;CNEdZ&m@7-$O@X1lNVHbj)$8E
zSLc}$RBmp!0C}2GMqvVA<?C{9Mt6N_kbhaF*SEsZ4>m*Kihm1{pv}%M+m|;|n~?86
ztzF%^>+6&Ml%3)CaEJXa#WJ;W089!Jt4uK*o~-(WGSA<#B;B*|?fG@V2L(0EjMa@|
zt6hgDkafxB)={2@U&bNYy9CGN9o`0xoMgBc$M(Q}c{!|C+*;F9VI}zbq{+3Nqd)Yc
z3E8i;CYTguHgWN!Ot>#GEX>;5)0ay|d6}I~2^2_Ly=y*vSztfAXJ@QyJPt52C~VEH
zIVf?qIRbcy3y!rK@dpTYr2AW*ulkLR^-<ZjtCALT^c8d+i*E>%3UnU7pQQ5HOfQ8b
zFmVT@B=@71;xrz#M?{>vyiPBCiq82qF-`dTyFowkdD;2hoJ%Ek{GcSp9qOG#{mAxp
z(eU%S$})$Uy>J}Wv1v0*M>}QK2fON2l7f5&n7KK1)e>xJ4AMA0&*<Td`(XP5>ngej
zBNjdnsLZcjjrjCExS}{6kcFw>PA^3rV%X~x8<o-F_L$qpd*mW?Je^H$Wc!O$t6gbm
zGWnq30<;kC{Dh>#IowWRh*{XF3tDZmoIOa!jF%1XtT`~`1Fhbt(Y36c7R&(HUH)$1
zGnby9J`A@jKP@!cXp$OVa>P%b7ck)zO6K)v+^2!#gE_doq4=W^!@qr*b$y!jzKcF&
z%*ma6iWZM$Bp4V<DLcJ`W;I+J=(<)Z93lDipL*d|z+TuA)BlRQ8Io8pMKHd2H<DVu
zy)oBUgY$yprQhsuSk6Xxb6%E;2J^g@z#e-WKU>KmDNRXXv8Ukj^6K2Uw(mc&{6X<>
zTt#){Xi^m03bpAioj~i+o#VVb{D}Ep1DU~*#eLQkp!&=vK=4aajSl02j$XxB)lOPo
zrLJ2=w94_Rx0AjwE+>;N(`7c(^#Eq#s|O}jhC*56>*xXn!DRzs-B+dw^4B;dduLk#
zRFyH)rIKk|OA~S5g7Caj9M#n;DibsEuC<7onxx77k_{fw(Ze-n?#bDkgUE^8d*U?s
z1)kfeWJZ*<O)$dCcy;C9oQiJEhomrnuO6BD!73|t*9%j)3uhq(a8WekT_a8gXx{t+
zk3F1!S{65e<W_k>JSykaCzj@3_Y&lbD$)v|aL%Z&ida^^U#V)E2`mWp<l#Z<T{3g^
z{{NWzs(`4%u3Zp8Y3T-~k!FBlNTs_wrMtV4l<qF+?(XiPySuv^&iH-*Ip@FI*Ke%7
z-lrA})itN-l*&az&I}!wZg$p~czk^z@9UIW)NI#fIHwo;z>gd%>E2V_rx_%#80BG*
zBcc=~7rq}%MXrtC*Iqdi?Vs<p`X3EC6?(v%euGSLRnB7rt#kVrQ`n=%-IbAe?E6q_
zqJQLXt#}WvX#hB2{gsJGQEhi<?=TG^{G_xSUTd$3NLNH`mcsP{$&?0+iqfbidkPrd
z7k}4l96+wOw^3<3|AevbDR|R^)dL}PUpiao{dZc$VQvwtU-WrLPh2u$GP@NuOuuFJ
zC?gDSeQ8qf6w$L9(32JCmdGcPmdkju;G7zpLH)<kpZ3<r{vSxnTyV1}YwxE6VAV>W
zLyW-b{e})h4I_rk@bht7OEM@sW9IFrwyr7`0`GrP?tfDJ%cTP@u^tf-d>W9|&hJat
z+MyrrWcM-(HMH|Rj+;;H83&1dMfj)$5NQ3JYCmT3Sv<9bs+R4ch*|j(0urUHvV4J9
zHMn`zSACFvr1gYexmcR>I8xC*taVCes4I4sgkHNEib2arkLzkw`HiI*^*coJ@ld7e
zKqT-+TFC4=Y1Y7>vW3*FR}T-QW`xY>TMWYEvn;o=%OqG!dbi5NGDG~Ugxk$d_VoAn
z^LC3n<lAx44fzJw!&jtU0LH`)f?}$+`q+RWv$gf*9~C}+`}>6;gO{y!Q;DT{@d+G?
z2`w!vzC>yKhc_mk**B)yCxnd5{Ovvpq1O6bpAMpuz1Bm>yz|c@g-<JK9mg5=`IK>=
zEoCB9^likTdV7?4)04)HagJPEGXk58IUA*;b9&o!&Bo)doXM29c`JP86SO^vzi%X~
zfh^=5tF6N$fDNg#P_hT5mOG~bkK8<5sh_BhaNC;j6Lq$Xe19>vbow|8E0D;V4Ds~)
zpwU*=vDG-fq?U5$c99_IR?M<wzdsYs?baA<q*`!miGIb*t$QG?nPQ(hvXNI&6BBYy
z29Nf3V^c=HCSeswTm<pgs$?9a=;eTt$|2GO=SRAdz+cpY3Tx2V^y?wKub)ZU0Rh9x
zz$~9c3|gG3$J~S*2{<OxYc<W^U*6{UvB$-8@@aqE_PvIsx8o$v_m_*2$>OxYFNWgX
z98sl>S$)MskWY5?LDlg>4WI0cd9$uQbm09h`zK<UF3|e{Vc8)*O$(6LzOAevuiX_q
zj(vTlAXCNG5YP7?k<On9I9rC&k^MD1(2G-fg06dtER-faH{VZzsW<F$bB5Awoo7=y
zH7mEg(dFTm)p;cieyES&QEqPP*y(UDvv8$Wj<z(oNF>39Dz?am`J`y5Keje<#1$5%
ze_tW4nF!^aBFD}9$IF&x4)5BOv=C*6c&CZ2u#LJUxy<67c4&O|J;zH+s?Vphw=ZU$
z;i%~HOP1Ws%%Mu(_qF`%`O{b$s+}%m%_wVTq|0f?zi(#P1{mxnT%wBM_n%pI;{4fw
z<ObLMRA)KTvPjC?ORk&kr9dYQr{{*~EH)Y8EfpdhZ2%?h5hTcyQ983jNx4XYM5P5i
zM3fVz`-`UdV`|+C*8~r)^4~@iq=j|T?K>T&39$-}^{G_^G(zwNR0w@s28XFIt`^gD
z_qJWtpR6o*n)_eG6NpN4UgT-s6SB7*qKUk}`mAq~UTcE-ka<x`r!VK&F`#0AKAa`t
z$~vFDQ~knf3|}BrKo$$1uML30jKWgW`z~I6kh}3uEsXkB7dCqy%9fqgC-{&|S3r!a
z?FJGJNtmG4@uwfr+x}#7&FXf^6CHdoaHvMzH&TuK;gTf4m=j7I`05~~oEWv**DtZ3
z$aQN!LCNOgMvKOsOq=7?o#1*w-ngv%H)g0qub^zU=)Z%4-MYSa;*|HV^r7rTq_nT(
z)1Ph)cLOC9<J0sv22E#Nv7ih@m@xv8wz8#{SFdfVi#^E)+4Bo-_G?;|o9W<`rDb$`
zlgRVOQies&Z#P|vkpERDs4rQglf9`q_Kg+@whe@AY%eCVaPL(efe!XjA1V5iEgxTI
zsfkLYlLk3-`us4eUGx=rv}NMz5UZ0?)_$WqO?VfE{LWO$nomt?{4wBtl-k!s$;Z|&
zo{=ga_^58O+)k4ylQ2&P^F{yt1!6o{_Sv%B&N(#G)>IYGU+bP+rC5Q8+rn1Nc$4xr
z1Nz_;LD*x&fU8w#Gj^QjhkA^ULz{Y#>E2$P>!STw7@^9$mnu2-OikM>!E+V>KEgu1
z!!?9@l0wOu{B$hMp_)o3DPoAxnSEL&WsqBAXk5hbs^19X?uqklT$GKZqAXWbY2ZP~
z?QPzt^vqQ%&IIYj=1-uQyZNBpJPXC?(YddoZR^V&1VQ{Uz-WwFb^XIIJK>D|Y6p{E
zhK{;Nd3~rd>(Jvt4Ytn>FfxaAq2kBl>f8Za)BgKe1ZTqF=peb~a1P{o$G%-ub*Wk%
z^0GEDH!L!=SUTePmroY_j+bTF&5ZFRp|qOCR>KuFi*dz;3;Nlke;pz=ug2lf*~!zx
zmR59UXONySUq1u=wZWO0lP3K+F~L?yfAi!`-it|nbm$1G0sUh@tCj*Dw;qcEC3&>k
zrmqP>ssgW`wJ<$AFJi37t>J2sgyiuxLji&Y)aSaLYNIoC{B*0OlvGnw(=M}P{s>kk
ziXy&eL=9+J52Y|%?wHvY8J5fG`zF=X51sRW^|te8(>UrO{CHU(9_h~pd)kuv41JNK
zmQr3NQU1Tlmgf7m6e=TIc(G!sT#0HmloR(5V1(Na5A?YISUWCi2iAsKQA$Sg-uGld
zL`ZtPTP7T}{P@F8DT<{QRioyZW{`WNFU^h<5<*2uFP4dvx3Kr0U=TqQm=9;{`E-l}
zzryVr;{GPij$A$dvgbkR=ykNMh%Dnm<_1;x;Oy;P&n=1L6QM;>pq$d_>3iXPjrCj{
zv^RZhZ7hs}K9<0%to2We_##z@y=TRyk2?G#tuz*kZf)Hc^79<w8o~7}g^jA3Wo7cR
zy?4akyPjI%uh%xEz>b_&G|@9rzkis0hKTHsf4~r5COX1GW5Q|}0<1^Jw*wv@xucZ_
zGx&il&iz&vdE=$r8S1jVHP`M(hib53&^rIjx!$WW1ve)npY2({MOn{QNRH??6k?`}
zgOv|nHHClFG)9u@n|-Jf6gN?yCNlt6S0^6Y>av}kSQIZ#Ld<3oNg4qQZ6$F!qcl5<
z0YbrU)$Sdra|sH@h*`Zkn0YD}sU^=~#$Vuk`8@{4owD#<gOZd714D{(**{y1N!L$H
z;@`thk#w|thp1q_2AqN+3fUq%68XWNdI;~!a(>jzt-Y)oK12+SnRY8Bsj1wFxZ2ji
z3d}UzPlcC2NJPQI^{!6-sMalSwioW|%Dv8W{^$xz$2%*^lz-vs`=!dv_5QKo!Qq9J
zGy6wnx>l_B$jCXR{mBa~J3~hIGYPnR%5-~bj;58}<~tQ*n*L*$t_RC8)7fY05W6xT
zQJx_I?fucn7?9l|O9>T<;g2cBBP|AY2Hb(?Ov!D{C)fON+};P%0Tb&%irs0I<i@M7
zIFXh{vg@deDl?*QyY#J3OR{&F+ye<%3a;;MuB;%BkFQ=H&?M~<X3CVvI|j`Gs)J)0
z$uPJ{)k%PTnJNc8z6`HoRM_w`gVXe(5>G0dof|cFI;qW~0<Y1G7~v~Mi=A2MSdiBn
zcZm^-apy~pL%@F`U(lA&F#~J_h2<ao1j*#b*Oi-3nI#^2bYI>s=<f%z(I?GuVj<W@
ziTwv2dww){v8KDBgf?@xJs~}W`96J?tYe)KmFL8ZXTJwBNGi?;AJW^CeN_JokuBh>
zCGO8Jm}=i}gSSuv-N(W`8q6tPfGVm-uQ^YX2eTCd4+3)h!1QgGlcN>UdzUa9MN0H=
zsxhN;`=1v_o|`56>{T7)_Nl6p{Uq(TOTqg%0R-M7%pR7RCG&p-;r(+&FH3kvI_x9p
zX#BI$S>|a3Nm*<k_x5XlZGk9krrG4mc|O6qXP9T(=G|WgZV%IEE)e|bb#LF-4Hnhh
zM1=R<+6EgFa5!aQ!gj8M?`TMvJ?}oum8y2XJem(NG*IxX^)7a=(VMF_+7O4ToabiG
z4p?qEMG!6Y=35e|)*GNnB$ofwng9L4pR;7K*-2@uhd-g5_lKnju26L0Y`WoY3<aHb
zr4P}*{bx}G`QD+!wp2AHZ(c;~3K5;jh-@2yUa`3$0Y%m)XxNInm{W6XX75e(daLE`
zy-_Yx8<FT%_B(5xk=92<)ec8MD!X-d?;h1zjqR^zd~9&)cy?V&;o;479XSL*`iDyX
zgF?SV3I`7uqI)1)h~i7SWu%LePie`Kt7Qf8)8U`uMfOKwwfpeXVN)z=wH>=BjtJ&N
zuib|5`_lCV3%m8}+Xf$R0ncrh`!I7Kq<E-Vs?6OX5OFro>+PMrKKE18rHwUXw-#C!
zJto4YQ_H0bH&8_ne0&Shw2A#sa?s~RxpWSGDGA87XPruX^!o`m0?f|N&dkiLC_6ej
z246TKf_~^Lkd^=Pmo_I0S4N!=(6p?r<%G7WWs}!7`kPxD_O$0j8Vwa*hoz{jte~MG
z;HZR!70*`d@C1F~%&u={MnN9^<*tc&mK`H{XYH6B2;5ABB0niJ8Wxv8f1YPk4~EuN
z;kvC;QdCxwQ&JN%lp>1wE7`d!?bsB(6@&iWoB+Pp(BFIge-_MUnO3#opB#T_dAUlx
zY_K|PMvGaD|EMV)_u8#ZQBlz*)P*)Eg1Bp8E#Pbzt^SNhDpUpfZ_Wt<&Q!Qd8CDv1
z?I%kyirKuylV#_)lWui0am1my{2Ie+28JSgYC7ufm7`Dm2AL}(ftEog2Ny8EtjqPD
zpQKEN%i897T(3CFY)!t8Z(h9lnTQV;(T(m8p1~X-AukNG5puYM_-^STAR-PyjK@Pp
zWXC&JW2T5qv-lv#11RIV+0X0$ch~<Z@$2gANof(F5P-cD@QKS(_l}K1E5p&-1L#>&
znYO-KT+TM^HF1qd>AQyz+3J9HneKV{>&&v2f48o>nFMv2g>V8nzZF4{6H#6{y$`wA
zAcEjhcp9%;Tv%AFCUcS;R8U^CdnD1xns<z_Gv*GvbUH{Xw#08l<Sq&_{zo$=+Ax?w
z0`{pJKPAj8LWhnN7XbqSuH`)(trlo!uxx}NIr;$ety$fCkg=3B@PZBXf0;N$L_SGL
zNx5(nJ8)`Q7tJ2^(%NWgl|$kK3{SO80Mc@@O5H^{L4}pBw#r3~aaQD8R{V~e94*eL
zo8UgluvteA4`wLRc9e({PH|6&G7>%h={ik$exq91c4Gpol{tCr31O@-bZ~@oplXD|
ze=9u=<eku*04IIQ{bv*_KarG7j3qtK?CyMVyl+IM(czLbvBu8!fd|(CXQ9O$CrBnO
zr_&^Nc2nd*_<vbFMyF={XU+6a7OKc8C@9PxDs>O+?QB|BI{>w&<!PM@hxv7!K>`CT
zMRZNzJS3P&o6i;VQZ01>PsQ@m=j%ftDKxaNM;&anL(p6}5vO|hlK@Rl=alr+2KlAE
zKCAMLxMHNpfw4TYXX^6ryC;32N$M4W^`5M*q?$O_b#fMk+2x{rlM3JQ2?#J|SElB!
z(ZJfMcM<IPqmG4RggYCTh#Y#Kb>9EykpDX$$zUT*E8t!r96lX3c)oagv(wD-xh-q-
z*LAiiFYA6prRBcURGp#XZZU^#pQxaGlworI6e1zFeKORSXHAnD4Wtv0OGI_E8$LeR
zWSn?^As)T-7AtL#6<s)MS`)m+!?oymfT^4rd!ygNp)>PC5jqZcueFA-r7$l`aWq&W
zk2+*ZBO>1ng-BugFg%Bv#mk)e6Y5z3P1wcl|2_>;mh?_Rei38RoTqoa9rM;eAkh1#
ziTUnDbWfafqpTJ;fAlP}PsQS3`)H=Ev{FP#k?;1ilMMqPsCr8?;&fTc?I#8E*S+J7
zi#xxWMgG5n)NQSqp?yYr)nTR74+Nnc4i8Mt{4i8g5*M_8MTxH%i1d!fJZpy#M&p|Z
zSDIpPPDsV=SQhH`zY4JtEsQ9hEZSqHYey=V2<40yv}XS<#b^O}u*2k3`G*eN*`N60
zC;I=F%}bR1N(_tHo=pBn1PVfaecU7<UgG59Dk?0@&Fd4lS3s0noqe@FKYe<FD=sN%
z3P6X14Q@vE+b&r)_AsMk!nf4LOSj+%McXcxB}vsOD$VMdn)Q&xR!D_Ttt|<EC8e6<
z(9p2?)O{1<SG%}m;@o&(;}V65-c9_etW3F^h1w2DL<3N#gcYZvG;Lx3B@ruIn~Giv
znN=0PQnmbT*?*dV@}O>7RVVTDUn6@AtuBu42J%|i*R&-S0YedgE^O557Z=a~lD1pl
zwkC(xP%14gb&beFPNOH?n(0pXtYK^2+=9aK$PnF;pz?#=<d^6AMBD7)(666$7`E<g
zUVed!%)?80OtO10b|Yxy#Ovx_oRr|L=@@rr^C;-J*ZirnFO(3S>RHUJ>BF^HzH}`e
z^`1uBJ7?q8n7Nu8GDFlh?@QHsaA$0~j{ay6;;lU^ODe&T4jVBqPq_KMsjRu;Cmr_o
zHKtJ0+qva-n}CY-{mY>bW192x>GGY}Ok$aUT$KC$eoD!)Rh-AI4tn{03@*mom4F5v
zW`5P;z;80Rb|8CD>(du!x}#k`q3?Uzc2Qq~?cRRCd-ITo)`qhC+6M56w}b)}rd{oA
z(L#9vl?DRvGUGEB>CA3-$}SHq;)4TMk9~x!UW<f3zie5dA|@U`9PV((Bw}9;f28MA
zSCw{G-Mo)AWhmayLNm)ylN(;FVJp?t>U4%PV!p8f#DG=4Ppu5LWGcy?%KoUoygcD{
zN^oh^mrt9b-F<QR6Jnfz&tcabII0oSL`4&7oESfS82gW3Yj@2m12&4q%xGQhi;J&N
zeO_;!$p1xOk-xq{*Um*A`<@yn(xnwxADLK~oH_|xg}aYJ@W3ZfBMO?7%mr48)y_Ip
zYRva%y`X%^;;_vOYK@WRe&gUV;G{<xHs_&U$;}A`_8Z$x>`<Y{qwk(qULI~B85KgL
zrGyN%i|kGZOB47+f;s5aEXcc-wat2hJj6$mRv#=Gq<0-B_QJPJ9c@4@;cadNY{<mz
z;UBZ|@&hw(RBBpQL^wz%<FtCl1B)6}N%sD~m*|h^KQEDJTsrLxcTFLo41`(JJKy@#
z9=^KBj=%Kb1_5@6v9d~GJ#cK}M>OV-?6R(iMf~g_-=3{r3*_vN{ED+qXoq&O8LPrd
zseU1LpEAm!@&edi+)5*6UZq%*IENUWw-ASJqD-u76{azNYzF?4;DYHlnlKjOSv!6e
zp%}hV^4RY|LQ!`8?Apef%>B{AiecADb`lK+<iEHu_RW)EACdF&K@aMq1p`8frr-hE
zjZ0yP14cY1Cml-IthD6nas5&AJRaefM6o{uCUn-u8ut&AX-<S%Xzl;?xcXj{p;&&o
zdZ1x+j!D-URe*$htXi6A6dPT}J24OeFXsJb!4l_RJ$Nc<Z0%S^T*=i&OJW^f+;T&V
z=al3oCkFq1Q}a;XApdq^IK{%I@5Bnhw&htsW+)Q^(3zpOJuFEni$4bqx2KcUGh`+&
zha8CBS>;DVZk+UfLtRsuENY*0nHTRt=)Q4>_4o0jMNM$cgmZNugbj10QR<0|xh15x
zzqTa%%q{_Oq0is6S7TE*TtUnoY2`>)&wUfd30K~qOjT{BBx^=xB;_xbwBj^gL=hH_
zz&Ghx+lOMD+S1CGopB!38Uh=))w-4_@9g}e&(jVsMsX=P4f7b`4~wlD1Em0Vw?R!c
zl}-_Y(ZSKvR$hpa2ZBtVG7+_mVNDp@!c#PrwF1QYym3pnGJ}d18yO?LiAwadmZW_L
z2C|!y=~`!kyB!gPnn~ZB1W{luzgfvfkuiS{OJ{Y{uboYCVJvESKO^>L`G#6o<wyS<
z>S9xy(m;9GXk8jIuM)2?kCt<o9gTy72^kD(QeKqz-phY<ipFq0xXGo@${km_+cpG=
zVaVD9wt#!}bQwy9T?(Jufdz-I&F&pK`SBAQiH+fqminLH)T=-$0n2xca!q=8_X={+
z-e_lDI-)t>+)Uu!b$tSJ*tE+Ln@d}n=|Y2zQ!cqY9TL=C^b{#eSe6&-g-2;qk1iz;
zqVrLRi8K1%zLPW@*j&!}BMF~TZ+9MkcgkcimQRUzU(^|Gmj{+L#owq|=8oZiHF2&o
z%Sl1KXGOnz!sQbmP4NJ>KbgJtbV|mcuug0t*)g~IyaT^SBKAqIuz#9%!lrtY$?k3l
z{W>V0CMqcWv&*^;V4D}=ovz8RA-g9ncq&a<0p9NlRwtI6y&UwnNFXdP7{h|40T;V|
z&rsLPZR?TwTNEo6I@8)*MO@Y&^;!GVu$BuqnmAh>H;_J2IWjT6#UYH(k*qddN2{|U
zasC^y{(7R&!K<z|hDGDEh9TDd=<vV<VP08V@O{5=4e4sc{JDNVD;A?=IgDCXkHOyI
zH+2T~kBvV!hYtxM!59%#AHEdS=l>3W4!7Wy8!O-5jZ5OLolSjkU6*`1E$o}Z%Bm}j
z{uF3bt*+m582qb<>3Zig7Fk5YRFZZ-nSH1&4LR%V+(oKwK-@BE+IseWNBG#DOCCW5
zm7uLM#eLXBl-f#{?`|@L)Ps|V{UnkX?^O~a+u;BIc9oyNXM9mG)3!;oX?dbvv*+C!
zGGX;oF&?*6&+C680-;SxN;mjW<gTBJ_4dvIEY9}u_hEw@qocR1af;XJ(TkXiesN|<
zFCNl(MimYkCdZI0GLb#(i_IlHUR9-D_Y(0W*YbeMkKz+T+R`w`j7doiZGQ@c^8qG0
zWM~zUGtBsNdo8x}%9nmLk24F|)IUNOyQj$j53a=#hwdc{h1NYs@ej)AA1TBQtCHIl
zW?rsyJ*JL5s8_yGNORzKt1pB56zam>O5;QZjO@HqqJ_;7Nx~rBH?YUv8NL4In7np!
z&K_R`*myOBj#x)K04VND7`}0E@wXSIbfK(`qE-v?bDE}=3ZA%gsSc3{moxZVlArS2
za?emF_QfLS{DE-Js0Er@5zGF)@xu`pnI<TvM_+>WA`r_e3grDg@p)?4=F#wL#IQ;B
z`4KvtCEf03@b`S3%1KR?0gN7dS+*d#sKFtYtJtc5+8_!jOf|h{1h#QY7F}+wevE4?
z|N6OR^)+#Z+*Y3MOJsHJC0PMY%AaS|*I*<p`v_o`IPjtZhQ-Cx3mQ=-Sro_-O#5OA
z5&Zmn^^n%yYGvzgWU+Tc`ui!)cE0a^4ZzgTFsHk_FOkvsM#Ml{Sxa4+gaD%b5|Gv&
z|7D|#wJ>(*7_i18BjoUqXwXAi1P2n^RNc`n#6(Dmds1#wdVjwgwm;(H(V9Z@3>hY|
z(iJDA4tHiregugWYBu}c0;9`p$qNfbft@wEvm@z5RszJi+TJwtYU>wN-CP#>vZX7X
z4!o+7!#5(d`ddpDmTP0|0qt}`^Gl%|(ICJ@lM*vrf4FGtO{O-D25`Aa%_dX9WT!bl
z_(q55K5f3}SrmObqR3sJ9a1S7DeKeRZN!ZtvlU-YQ^0kAw%J)tn4u|`389hl3z-`!
z9z0A!YcIvbQ3&i-p?W!qkYtAR{F<ZjV(V`Bru)k<hp#0bkD)ool3$^E4U>P7OHXX-
zO{F<dYMB&N)h7T4aOA8aVQd{##2??1^qR8~cnna=m9I~p@WTqixj`KtQF(?#M;^rN
zzU|$876F>LI!X|=y+~)IXOZs862$QRFwIN%!>h|>n7)pcQ?EbJdXfIG9UM|E6W@JM
zN!5}z$$uuuW-?vOXBMhvHITVlv_f>+ML1<2U%z!*p5AEvH7r|07R^0p*wYCzy7HUR
zL`W65X?%5FikN|I(uxy+XrQ?Ya0>uGz?-_m{A?9gH5-=?NlZ_|CM|qrpG#Dr$;&kv
za>tDwYn|YNIk`_%6$aPCzW35zmyv!}R^W+58P>bRqCJ!5Lv#M)L+cMF`UAI6Ej8jT
zK|@-wC;}#-Jc5sMEb{Nb`zxSdUt<v%B9f@GX&3OPNsEwMez0;}(ja|wzaq#mR{K==
zE~p61a@na$FO_bUa6WZ4#*V0~gX^q7+mZHnt7~@8JWER85GSDChW4EDSk0>`wlUX-
zaPK9U|IJAhn=eIO)KnyGJk+^4iIpuh6HK31*cU_?_QeTy!M-->eF~TkN_6L6rrmCt
zckYKWVPuB{2T8K;IiTGJRLujgQnQkgIHn{Ogz@;&G9t48f-9%ShY0lEsp^6X?*7vn
zH!q&z#3}fw;$OpPmcjQBFNFH~Scnp*k%0qcyYm`0?YWE!z(9vqNAy2gTM%Go^w?x4
zJbE#AUCHG7;;vP4ieafq8lg$81~TF{eCS(2SI|-8?+%jkt=D*14;D!OR<NTmg$Dig
zm)S;D6&`nOcFf=I)1~xQjy;6ulGhdK{DVKgGf~EJ-$OnGj?Y~#xUfMOm6X*d<$h$9
z8kX^Zn&LDPY1+;sIjDgCVz&(Z<RN>2ov2pq2n?BGYhBy#!fr@1$e<=DW5oM`DK@d-
z7?(+8oT}#5gR{aX;cxGG!Gzi}B)M1dB@<0uxO~j`;RDY)LAGA+n%f67cm-Q}nTV0C
z+eO!~!}jyU99BX=<LAXwaBA7E2n|H{58f_fR%@-D^(7Y?9Q?lTjRH2fsP=#xo4f4%
zD@m+w$zQ+l(1(lFr-cqRRxIuXaam8*a|jaMWJdKtoWu5|y|6wd#lh}D1=p#!j)M^0
zD|yOy0v9f!zITE$3Rh1w7^B07ML`}JDY=>hegb5+*;bbCky8=4P$BC*VNxIu=f;q%
zk!x2|2kh~@_$X_5471vciv>w97W%~805`AbxW3n+N7h;qjt2VF4&tn>CK|W?is9{|
zGuQFbV#*Cv+d~7icXJzTn1nrmUVTDl_;hu{!YB?p<XHd-jewZqMEo%0oi~w&SC~Q4
zRYO11d4@+{7*O{^PgGZIb5;F)hfz?B8*IoM!jJC0RP#sP2}2S}jhdE*a6$x!N-Fhl
zB|Ok*(EkqFIG!6x<DRerIhvBDCF5shgqkpFxP)iU1+=!0JSFl-B_MQY+F+d>Q%n2}
z3)R~nFr?L>t_3>V_HS$$IHyxLsXIw0a$fdgp81o~Hd<(<F_`HZ8^Ju+q&CS<3Vp>r
ze+7W*g{cN=G(a<2N1Q-rJXy?cEp3J!4N#%!o@OwHjOd52#9`U=b#|ib!-hGrPi9o0
z1SoMP-}dg{mV$;g`%`3EAASkH*w{X&@0PkyTga9#-$AjlY+dV%9R;I(hrUKmhDo5m
z4RVtweOC6<3wV?p_X?Vu-4Ia@!`5xA*3{an4j?F$tI8=b3iC&>eo>u0M?rFqP<ql)
z3w61}W~3;gdck)5?JlMgXY+iWP4lyt$i~t(a=>JQvkgZ>fPkyz&b)iD7=rhIs~wG(
z!;{5unb%nedO^)-1Rtgd1oRviOK38$&i+fiLdifo*!KLrH&^f$98aM>e4N}OJ0cK^
zXc9i$kwXO=z&PFFyyX^>{Z$O1+U}TBY|kjz_0s%Rw7R<?`YW~gR@$1f^X?LHRino#
zw{1!4cuF_DTfcQjzQc8Lf^})ERqA~cfSz_RBuva&Z#cxli+lVJPw~s!TOI*KpZ(V-
zJL>C5$2n*pF+&A?dwzcSL_2@0Z~Q1~cm2`Dz2bfUA7IR{Q5yWsFR1206W~116=GU5
z0c?VtspnA4$Q+Pd_ootZklYskrpymW=?JlL3;lhsk{Dx!@Ye%5#`dm>CBazzQR`!u
zbp_S2Ja#-iiow|rZb_}I3_FSa#IeW#O-$1|RZdTzuvtYxtEPY?FpgOTbCiOjkm}}m
z_pB9v9$@3KJCGb7x#=L3_A}%F8=JEoCNlh;B=|h&;W-37jOY-jM(9EGXX5U?>K<o8
z&hT;Vy<_Ly-r0L4bAJh(ewH5%)wN0?8V6-d@#8Bz<kRG97m;so-qx8F*1aMH4c~t2
zyAU*Vv-{p%dJ~|bz`bK`DOBP4<aO1ZB*9ZzYzNyTO_PIoJy<$@bT#O*moL=l`R-J+
z@fJJ$!>|deEs(L&eqS0TtzAqZGcaangieR!QwLAbpc$@E4#QUWr6|9Ev(42KV&EwH
z>F#20U)$!;tp3SLd+2e+6*JT?()U}-ZUJX>V%M~j6m5$gX7qENZw}8WC>d=6L32o=
ziiN~AK#xyZ?h#j%6|h1-A7cI4yY$$z0OG0!ko*1Cl_VwXK#3UBE#qqt&8&v$#r3oD
z;;NG}Un&iJ)On0VVDQH9bOz_dm<GOEKni=QZ0}c8mQE9sbVE*JTUlvOa$VM+82)uw
zw!Ia-su^y*!9ymOnpm}D%$RQUMt-%;sLN+aAFxX1k@=f8Ln66~+5bu#kuNa6Bjn2f
z*23aqm06F|5|$TBv)R_?HLtX(=ATfKS`-hZ8Do2)YA=F+CiYHGh9`S@S(D{T)mU&c
zSD%~Qx9JFo(wgG(DBr-mbDSS95BkWQo|`M#UZ9&8$E)=w30v>d$Qv4yUVoN9oP}@g
z#^SP<>2!_yDi2RtGh6qgd)%k*-__}JlrH=*awlOcb}!Xw4~$LJ59UPg_Qm=(<A4(N
zctc2#=GW+UjsNTktiJBH$NwIqS~V5`sFG=NG9Vym?V&!7eVqPRA0eyw@hARwy={o^
zbv&&vOfA%Pl?lAwh288l`ik|fVVe1>=Sd?*^&z!rMY`;xn#k2@4xxKe0PNou+(@ix
z_(tu1cj1_F;yq2UJ}bI6`lEGD<+~gF;wgUncxO2Mby72>PYgSNPuP1GhSCENX+Ca`
zJ7p66aCkt+JzjA-7o!aN>|<D&Y;Jsqkv`Qa6Y|-z&4h(vtI>-rc~ux}gdx+zvuMvA
z|Eb`E+Cg<JFt`Xazk}ji0rb$6cv2=UJTi}{K-o%*TjW+XLiIGpg{{T_g%S@%(R|Xj
zO;rC+45RBWK@BbT6ugO_KCxFmE2G23;!PK(JkK*Is4I+SIoAB)CXfjH?uRo;rN(ZI
zVZC);tyct-cupm+C@Z>EBG^3e<xTK^)+y^@j2D|uN38eox{*Hf_k6U0L3{40*;kr3
zEJkhaeM{evqY!>4`WFp;D{r@gvXUZye-*}3eeI|yWl5n!0&H)~@zYxIPJa93ke3vc
zK=%|EBKPQ9i4)r;+vu4U(pur*gc#Q9kYeWR-?=#)fLZ19z7dWXMG6ziR;oz(xM(3)
zbJY00LvGiXKaGiuLuFR`_5!DM<ZWJ~BRGtu^bt2{@<`Yg2y4R3*QtFwFZC1kj=a<J
zaPm{S(6ND2VTvhSrN@Q^S1*SOTWhUZmBlbV{ZpD}8HhW}rnDgYQ|7)~p4Nhb`X7DA
zjrZde%oM4_;jjclKLo_S2hj7Fd`by!IOD7NDP^gPEwn4ent=1={)L%Qr~PX|JyDIA
zz|SS~3_kC!8WpiP_PdK<K?PG3YrawpV;*~3OB|m%zR2gfHmS7sGzArsD7Cc+y(#&q
zWWilyV-kysZ<Czkcda@U^6KlOB7s@#EDF^JN2jEW-y)31Gth7{`ODmryiK;!>%;6D
zL2i>4-NKHOiCWP^VGeUwchZ>9XAB%Iu67S#^RNV`?w1wO@^b;a(~bUQo7Q@No0neO
zxeAT$-84$^*ow-9eHI>0D2xKq7mi!Hbo1ZRE7HZ=Jbl<-MBq|BYq5ondM*D6`}39C
z0=Vo<nAMmU{?coFf_!OI#wPo8#v>zCfbt&=-@oGX5h-2Jt<><cS*tc2rF!0&>^i|+
zp7rmAoQxD@R{2O0=V(SUz?j*5kDD+pO^xML!)bNs2b|gUwv85V(Ba*5GRT~=#)z?R
z$dK%AeQZlw9ZNN^vC0#A<c^!1Z<G6OP91P!%;b4Qo^QP(EVlm{=z(3yZo|iePMveQ
z!nM`cx(KLhXlN)0r61N{qZ7Ku7$JXU+iuXq8<}gVaw|I3;x{iV0&ARhUsv-&Jq_!8
zIcP_CE}BkeGsnK0F3{yOC&odSkoD<)aL%$EvPQO?B;nUkOAKRG9FNFTP&?k~PZ6?D
z0`;g{rx4i_esIw)-P7}DoTgmX<?C5%9&=dnJNuozITz4Im#WXRAC?SG0!_PFV;}p;
z$SxJZOn(K|GeQ7y|M@*f$=5vsemx!A{(;{@BlFc>eR@V}`;w`g0gvXIpAlAuV?cmp
zQ@+?Dr`Y8E+Mw@sD3!8NHhx&wdrUoRYff{fb8VyRUj|F2P_jwaPc1_ntpTOS%i9O{
zK2;g$t#gtC&u(Z?$VJQ#AV$OHQ#G}F^Rk*>i^9Z3!_WuRVfv?Gha4?Ul?L^WsB_nn
z4XNEM6=aHzsgR$zpV+7isKt)EDl+S)rV->isn<!losF~kNgJKSJ>57M3kexj?&^wz
zV9qknJ~v*=OS-k#yr5-+tpvv{tN2K_vLL{cS2|6)B#-=%1<{jXk_YZrZ9qMM(Y}eO
zJ!1nfJ|Xstu<%#Ixib1y2*+M^S}afz$)wI<HrH<Fh9^Xk5#;#@-v;C7FmH_3=t3hC
zGy8vyGZzE%TG)|2D`F4YW1b`idd?a!{U0LMXkmUZ-&}7La;-1WZ|uZMHa9n$l!Jez
zZnIEIKP6N?tC<8Xf!ZChov!CEzUIuZ=ZoKd8Q85!HbAy?o-VO~-gVpXzz$r|{Us?O
zb%&vuxVY`MgIBidc`(XZ-Z-io{;u5&mc?_%eWp>cMQjl^bjQ&mLe@mMHP~tZ1aqhU
zQ8Vqa?&Hp1V%+T?A#84Lp^<1GNdYO?EIniUJV$FwR%w9a{Sn~c;0{Zb(Q3Ceume^H
zej!>WdOMgXz#Rvxa!$JSE3HU=uS~CcaKyaMAJu!_6hT5lj`DH`Vo)+r-I+49d8!`)
zGAbRe=1U#dC4Oo_0*DaD$4-Cc-!?t!NE=ufL}_HvCNr6mN)R>J>`P&%r$CoK(-}`G
zx<{;p)TGlsn_`AidXIz|GH@#^EzWsC3WasMT7M`ZTS$A5zI1GI^S7ARB?dUSAZj-+
z-{d>{MSEVN)0Q@#webdwMB8IAb{@~1q#4+U(&Rv6#c$YBJh~c*Or~?{*;{LwWpvwk
zR-vcKO-xBkKQVX$Di)bef#Bthq2(C3<0R=dO_beb_|Q`KVvMX)R3p=#d0jH9^_#y#
zO`ZL9siv&IVx8vvw1Ut@J?$dmueCtVY$=}Y$Cpc9X}YhFB3d!fWzBd`($Qr;Depwg
zIWh#ZS(*YOy05GuAJ8%^dRB82=JT(g7}b<4%5G<kFub0(yXbYjJH6>LopyZ+s#PQx
zsrnVpCBmp_U|h*H_M9=Hnc-714QGCOt;vlyl+s7MqkK#DKa_YkNpdOGH};sJ*po($
z3Gl@Rla^tF8pjAq!vqGBM(2W(z{1OVrQSUetFY<Ic{uw{Kg;oP1-yHdn1%w%2$du`
zD<!fYIm}lH?5nf0z2gewu%LQ^pNNndN+@IqN$U2Os%$Xtw6N4r2Te~5wXi2S)44Y0
zBOmh1ZnFLwVyZ!7_Nixw(TAQce({L168Pj5x?gF!4<AT36|~LzrPdKt0$dk_8^*}A
z;d!EX&FLvjJszrSUpq7zpCWQ*e&dB0B-X1RS0se_GA0)~6NC^iBLDDzP-l_3j$d_)
z33Z18TmpL@jD}gzOP-^#U}c%imzoZ0e8fsnrYC2Ao|I#G08C-WN4S_J&=K6Sfs6)C
zBDhlOh*14=+^xz|#@o^4bR=_UrlP;bRPK7o6MZ30%rQf4qj_f56%hp~JTcS=Ci6Se
z?y>w26LF3SkUl0_bpih3TkYbub6ZkIcSC9F9ae_1JhK|_+k5h$t5d=u1{IpZoQU-#
z0lVaT2#l@Lw)b0Z1t>sBM}~~EN)Te9gG_tQ*28}e8(eY<2_3<Ut->=Y%5FBr4ONp6
zvZ4&O-WC%Z%5HK-f(>Zj`_7`cIOAYqQvCfJ8z?v~jsLqi;^2_-<g9s_%3PS-hbYr>
z8UY@r5W3W&3c9V+Wgt1Z(Zmuk@WWtCMsbXV`MU<Xg8ktPZj>Qnx}zaECFK=6O>hi8
z8@Aei9?g)yn?GN9RfhUqX^O79%0QPRqDF&DWuGTK;FL-qI1pdD^eqgA%_8-k4MjyB
zR|yw5rzACa(qXvIgEb3kNP3zz(3_HY&{XNsFt1D+OF#FopBxuh-u>{PZ33{@ohF=v
zQ?H=+=r<t(MD}U)m=ap_yDvg;eldfzs^nke@pBW{;UAIMcI|gMtzJC2Z5=how_Ix~
zGdYuITh3mIv&teSnqr$S@^J%DbB(yy1L`lR>3-NJu+>Uw%h<`GG7ZNnFi5K63h!42
z%k;YtV1WG(GiGY*ztre6*8qi>nJ6PG+#RR&Jh~Zv`Jh76lAO=pJqYez%Xyn4NR*A=
z8OhT?u@&Q-pxg{Bn<GXXD>ED4AyF>Te|_=bgpyjEn_xF23U<{AWPd*va=`4XGI|1P
z4xVn<uRdBYFx{G?P_a*{+@v5+8(-CX`9#7kO{repI#`iohECj}{!B2$g#A&a<(*5-
zQhj9`=HI9Hvzp@N^0|J#`a{Ue*^-`Rby=Wg+EsZ*x5)4VXT7-w&xlJK<9wBeF_A{*
z?y5RMhb(C=Uighe#KZ(|h&1D64h{NIyIjaD8K$a6dtH2O_}|GC=qP$4POg4j0L_bQ
zwB@Pu>ikW3l+xl*>K2NkBmR>J_(k=f8fqfSEu#pdpvrMxdn}`)v&nv+!~2Z;Q;$dT
z-L1hL&yZeWO~#LBooy!&EMlg~GJ;L=16B*M!IWZr=SfH1wzwTA)0{EHa9HJT<&`Ll
ze#2}M)t@~X62V?G<Bm!s%nRt2+Xt0ig#UHS#j3zE|J;#w`8rX*%Rb0MxVAYQr$!sh
z?H;r>Y{sck+_V8m?EB{IH9lc95S}aFFD9kqU!M<YO{Uyp5Z$48#&ftI-Hg7_;~$1L
zGcvkf+^!JS))ocBtMz6_sj|ZHB3epZAh-Bma%GJ^>z&>6Ye<TNdfF%&$5VT%*)n?D
zMRTjArHuPLvFTO$7Y=J>vPP|V#9+17;Vt`W_uKVm<0?23R)+UyV8_+iZ-Hq;XSodr
zSOocuU)u~1Y9<nf<;_h(v9nGS|6Pzdv*0FepVb7+lZN~)x2ljmXaHY`Sm<>y(wj=6
z;@cEgc*l*{?z^3o(e9?*_vi4Wz-3#+!Ebe9<C&-d<q=Nhy(M@vVjh{nb1%XPp9-!R
zUja!tDP0}QX}zV}hBJ<@N%jbk?dkrk@`}UkI;31p5Xh7)xow%7lSULu1?V|tDl2nL
zTVah2Hg}TEox94&@IQ7>dO7{rO=2)PtsOFuwqE&thr5gfCZs5l;CUtKViZh*WZ6Gw
zQD2@0$%uz+QVqZ6j$3<5Q^LZHFt3^1s_xp2X`@w3XJrxc_^$b%KTlpJ8pp1vHTme?
z1+JwIpvW!*;RM4#0v33ur0#01$SCiM3HJEoU_)<b6WRkfy4-a>|J8Y?G`Ez<<ol-*
z1$b5F-;b$dQ}fGG;5#9@73`6VbG#)zh2euz*M7lcP8{uB-M0%$QQH-~lT)1PeLZZb
z@M3@mk0J7<5D!!mpBML)8S~PUgC@4LQS>=z1|Ob43$+2I{dsMLUwa1C`?KY>m^D_G
z)I$J7zeP&h<o`aT))!q%e08Pq$VnYs!N^WV%g0a)B9!jiSEj9VgsIOTHrI<b=GGu-
z$iXwwFS2I0#=mJT_?3W(gbgdSDN*e^nf>eWcL2rVYnyGz2ZYWbP|Q`;`W?g~fGpHy
zA;%;(Y^>E`7(uEauQ*nFYRHO`^2i{i2C%QEWZo8}$O{)R;bc?9EUH2j+vD?(XC|ek
z-mY8ARN3TNbc$dcFCSd@4!?S=yYkAYyIj@xbV;Z#{THkH@;EWWZ9K%vwc?yEKz2!C
z8n>_F`xwrKxiV;#&$7u9n(x^oPepQfwkp%hK#~BiHNNt%fNzWaZNVJl;t8B?Pxj4m
z{_KuQY@iZ_2skYOY|^@)<w7QO&%f+5@o^-e!S7`7djP=(Pubxo+-~V}ztPHDM)mS^
zKBl81%@=G~B1hCHb5!fA;C>=&s4;reG-9;dkh3BQnd;5&qy5~HG{zwSfQDcqdiHeH
zP3f`~YztC4-FJW51clFZORm2!S9~AS-0R(b!A8&)VZOD-iCMkt$)X?jL~){hrLGI8
zSFayW1JC-)_a~RSCvkmR*TPv3s=rZqG3!=GzixrTJ*Mun?jb!nN&Het8&i3~W1+?u
z34d48lw-!vj$*g!jeY&W+7oSwp@puO_NKdFVlE|U;Ht<aZTyk0mZIiB#c4&7LH{pV
zWV}<XYV~CL>N8~6G=A?e1!5A5DFPz!Buk!0+_}&5*xa3P)q?{&{&#yDR0Wp8q8r1f
zTxMdDTfI34t~o3Ct%)_J`sZfA2>x)}-MV4#2cAbpHFIEU?Ov9QyNQ@?SH)=~nhs<f
z;6)7;f9fJQ0E33EWzP4f+dJCY&H?FLyfXvQ6vP2)j+$pjZTR3BAzwM$XvY!EHd%&r
zQ>=EDD&^q^-B-AMcFIp_J+f2rL5U-ip}@8CbEm8)*P1)aqf#Y8&}tJmEq*68?JxG2
z%j&SaxwnqbvQ@`cWI0C3%#OgsawR)Z{hyA7d_6l8hI^J-O^(D7;GFIC9Zu{l2b>Rg
z?&i_12PJILgY!2~Z((zl=tP?Q=-L9pUB>8k#jE0rqro?<bj~FO+GMn(e(!dga5gm9
znOhCqf`cY6n$-6JveYFs#Oe<VW2Legvg6%;6b?g_@+9%L$3hrXV+J(`g7mBSL;<Gp
z7AqM;)}_xj9P+}JiNprM^T6w-jOB56O8HWIeeL_ssDz&VE09wi?f}u;^(VtE&!!a4
za9AdV6s=JELdW&4@5(3i<aNRjWt8v5e%9G8p5|&>V~XlHsvHj0#&&DOMe5@qC68L<
zSk+=*bT|Q#t)1=WMDp~>mBW^kIvbQx50ngp|MpfRu?Q8Fre+(5>mhCi!3WWj131&9
zf`PUR-sco%z}I6}&u!dP_VPZ%XXc|PVb`j8zf%#$X=^yl;IS)3rzb0;o<L*{>y<w>
z`&Mh1?7A^fVx!s}mYOcAV2-9tK#;(qEdy*+(YR;eyfO|UQQ5PT-M5nkEWL_Mqtzux
zLRU2*{WW{;`DcYCK>xj(i)Z(8bHnxw>L7IwecGkXu9!5;b{uhp`?D?g5gXJio3*Xe
zvXJ!Y7xoZI9R*$yzc!ndhqpzL_2u5!GD{dXtO31s#d-Jsi@7kJ$FD6hf5xCOo~~Z^
zy)y(9EBo!8V|-rxGjPv*S2#`+@?dpx7}vgyTEkj>znd{5!@7HKl}}lzCWffA8eesl
zAMNw2TE}E?)OH2)jk5iqy8ZjMJQSGBv$fgjBbA8Aa*cM!WU?03*%Y(h$6tR*!_&)o
zF&#}FMVA#M|M-2f4UmH5H}JVbx{Mpb&r+nUMM06x^2LviJ|S-DSKIu{n~F|+r=3i>
zLcqeTnrg%#A3@EtLcBBUnt=LVBc9oD#77dIY0yjI?@y@a4@+dhZHH}1w|=FF;+rbZ
z5{+-A83I&xkLRlZ(PR7^hJqODHbuy|qwOg_@pc5!u6tK5GGr}DN3op>($L1M!ocvB
zsYep_yy_!O3TF~!mJ!<cA}aHrbGA<&*zZopyvC)+#Le=9>u$w=tZ{SpgqYv+%)j4J
z(Kf!-2GVfF*oIl=(ddj`<t)Bntke0H&&kePK5ex|1SzO`G~vNQAwFp%_sr#=5@mOI
zevZxEzq{3Z8$cHGz{(iNi{m{4e1DM9Hs#PM-#d%N-}5hEG1LL2!?;0as#nvuhu((?
z>Wmup4GG5)BbPK#T<TbjeWk9CIN&n$IMz*fu0u;#AD#bJM8~Btnp5CdTCM#)(AH-{
z_fLrK4QCJv-=-b8NO~=Rx#;_|qUTo(RFuWG2p%Es5A$?m)?}vkRK_6>17^I*$OtBG
zCX*6N7Pb8Yr0q=dD%@LK$po40(etz834*Y};h<+>jNu1jawIsOoF0g5D?-&AziM#X
znHe7`35=deofH;$$%Z+kw;a^Zsl)YTHEsj}R#UQc9kB7#suv)O_3|}zh^ZZ@VQEf3
z^5DvMhsWflDdW|!R&ecg&}%S}Gi`!PJhOD>eF+9{KNA_Vx0jf{Wd}~G_ZUR;IntoR
ztronBl4R^&Y<$g`^Qu|&9by`um>3LtrLJ%0JjV5#WYL~BN$7ZapE$-P#5KBky?(lS
z-&$S7Y+smvAclmAc<l+AOovxbGiGe`TJhp5&R!^0hUAmrEwK|y>}Ea~Fu7Z^1ITI~
zmKX!Pw=#vCa!_7v2qZkK#Z2&X8cM@~u&XzysME3wgTmv2-3rfzQjELrcjJ^5)BcO3
z`h*Z8v=DN*mcR+3jN#jm{82HN9IzPVNbdJO4NP3BcB14cxXLx^WiNQJf`8Ywrwq?w
zF{+V#3MZt@EHtRiPk!G?4fA$DJ_?k^mq=aQis_s)CfZqJ++plSI3$j>U_$_eCSz+$
zH)v-U<%T?FVbz*JCR)h!vz9K!_MQR#7N}t?K&d@(l}Py_26`mX5<i0iTYy&&9c|Zz
zrvSYeVGw@NRtb#ZfmF36y`>aEhn>Wp)euu+M1D0-`*Y|-{fz;J_&AdU42F&SN^sZ9
znI^g+<JIH-x5v1W;^Z$eV6Z@*0hV)4`6*?Q*_WLEq_zK3Wp$53z;t1ZpdR$a<dq%~
z9{AapGH<v#w_Oph0(#_zk=va_rzou%X=zhb`d3PF*nT(-%PjhKv7r3&;J<BZk~~r4
zD*}%%B~rmBGN(BgUeFy&3gD;=R7^U3&M-d#i+l0COzUx@u`KRALa^ac2H{C0mck=L
zZBy~!0V}kuS3_9G6|I3_7v;G&uM<_t!D#tDpDXz#aI*=_YhwB7Dv2;fY+*!tN)Mru
zOF87D55JTc)*aWdDG^{=R^7D4YC_bbi`#cQ8q+A#WQPZ%j@~nF7F9MuxliX~ZuCm_
zw>>w8k_g~e7$%?hawPUO6J5=YK*OJxC+@4G0X?QC4|KI!?I}Ig3g-gLdhdc~Gm)2a
zI!dtbCC-$|$O1EkN2>S<J&;g-Z>%J--c=(FYRvy|A&~a|0fd${s<*c_WRRe3-dzec
zNWMb7lj*iQ0pZJ@xGbMBo}vw5hn5V?6<n+xHndDeD4L2=r`-XMw`Y3zOSNJ6w}dDX
zq%8J6OAUQ5e9Lx4=MBGd@HT}NiHoPK?mkj&;x7*#{25ykHig95UyT?&nQ=ZWvBln?
zkU<$bk32}c^9vhT*q!eHb``NwiYec6bP#Z2T5yR73>{qjTm8l5k63s3s11grS-?=#
zia07P`o^FmW`JW}Jl%@Y&*j4I#ITj7gpv2Hd{Q|c&Nn~GYSPO)UHJF)IaYa%K+7!4
z!%H|isF1)xEj&q1_3&PIBS)%Oc8V`r3*&h`MJJL+UHvS9*Ilf8nWllxS@cZ52OoHO
z&BSSTGe7Rd#I8$t=mP!V5Le66dwch;ts%G2eB#@G%ry|5_k}$vKLJZ$G0R(>Ilc(-
zT=Y%0FMP%j$BN0%K!~|q`BdiHmK2}P6Xp`O`(Bjdy0oeb+&eFMB)C=CN(AS+A`K(i
zrquT-kP^G8pz^{2R17v^$Qa-Ewi_oe@eDiZ<$tSlrX0v*myetLqhJGPFFnViIXza9
zu9)kIWLcH>@+s5zav}jEb--U>_t#{#wGNzj6<K7WX<2Tc(iO>SEGQWuxR~>y9i$k7
z1{F}8jgTJ@mqpB`prPK?v68!W(IXrPM#u!*IBeGNgnOe$jV@9lD`K+RFS=#Ck8>rz
zgL(XrZkd1;dzB9+JlL>5vi2<D-?!&jyRGJ<Gu0z?1mV2va+30SiBPR_ug3)tgGWsE
zoFtjw3(P-^jCG(|($-U4c4&-y-x-oUUb2BNC3L%k@oRU(U*erfM;H|qVpjRVw}fv2
zGT24oZvQ=y5Tx3Z8e5oEUD!eRjT#eANRF2c;>YpgUgQ{FEeViZkN4A3WiQ{SJtSnh
z%t;zpaH7vFQR{j6vT8%cg%U42lT}bt`CDldB)Ob8(%K{BuR~KCSVYLeC2T@#@=MKy
zefrJ_z{8z+u<{ekq8g@twnDA<bVhh`zq8>{9CySE^EAgxc&C1RmkMPfQ)WC{^}XM~
zVpv<H^3sh5{r@m^mO*iKOSpy*+(K~IKyV*if;)i(8C(Y)+&#hF-CYNF0t9!r;O_2D
z?tJGv=iXaIO%+x9*V=pa>ec<cZ|9sJQeC-`#Zx<`;>C(zoFX77a?By`@~)YS!iwg$
zl>P9lyLCD?RcL?ZB_G{Qf0f)RiS+uSLU4KpP3gRR>XuvA2bru^-x+;8=5r{Gm=<QX
z%}S_YEW(xTk^&Hhc&ZLZtn$rYE{?8gNcd#pNd|Q#0o2cjK+{<|^I1$L6QN>MWR1&W
z%hNeD85LCvXCrmvBZiCiR<C-TGPKirYF9jlEu(*uM-nasm3m9rwf@=UP-jJBW8;XZ
zsJEST^SsE22m>|(pS4_YbB$k0NxU^C3YE#d&l&Ab4*R8N%z;f=v8+&U@+cQ>=iXKz
zs?Nh7membsOL~Mr-}f9sP|~ps@$s4hic0n|vGZFRd^eM@g-#B?M59HHFSzKzL6ahs
zg_TU2A{>o~Iw0hfBT&SXa_VP2x9BI}mPrvQH}h%Y$^4;mYUcS3$BF#t-RC%K&(~P%
z*s1j0%NSEGxrnGkh_eF0=+*rIOf8e~Lq*5iDv8x|ZvLWW8jVx~HQJ3O;aul(UBnO#
zHKPIh2*IenQoW{0|4skp^#})>4<2@YzK2uez7ZG%?-8tdk}aXoe%Irje;QHyGtwlM
zkUOPjyiSNS9?ANjtVDfjX~`T6ejVbOlCZL{$gQe6HzQf<Ct5t*R@kT^;7}u^>G(BN
zH0Rh-RfZs{VuAzgwgyo9o=5L#b)0DQyLoa)II?oYbP`nTD>}iHzr(zsrB5u_p~+eo
z>Z--9>@~T)itV$Oio+4U_W`30KaY7G#H-*4*Fp-t(hQd4X?#`s)R&E7-IS%fZ|%l~
z<fY%f%Dma(!EZ_j1HK#(8io2&HI+#}KK`SBz=2v$?TUocrkRK3y?BYI7Yd{{SgG6b
z6=KEHPy$DBeueE>XrZV5u*5h;GVql7pv}{=(X@?(4#yAEDi{A}vjJBFAHOj$J73K>
zhx?obLmpJ?HO9}<Ubck|S5@`A<;e|eWmgM8#d8!fB<A^em4hL<Fi=<G&&wyUc}6N_
zWRDL6p0fyWZ{7UW7ml4=<+yi&Jj^f9;_OC_d8Gv#!)=-o@=LTBt@R9{Qo^QZu@AW_
zlkW53EcIcKo6p+^Z9v<0>yUp+0LqcWS&hvhQxe2}<Eq?&e^|d}bpVb>;~03SBPLX_
z4~1qFKQKYdc?eTPCU2Vm28CYNr2^r~lS{L{X~_U`zLC{p`<(<Xqa+iqOhTsY7QdYB
znu6kX)6M}8!D!)vy7nNjl01^2M||%CuZt}(_<mEGE6Mc3VJF7K>a$GM$sRVGtu1^V
z<pBljTF2&CI?t~VzAgqta=m%9co!>t7TDZhGP0lUw)Ey(NONk+v#KHGm*}0Mmg*dI
zjcv7dEpS8VV<)IuJv9&fFr%xNZXOR)MGGI=M*M$g2Fs4i>`wczu3)a@e7>a&-?Q11
zl_I;W8PGhoPZLvn_xuiGhP<ro@P(c(qo`(EfysRlIiMN*3DA;3E)5lweZ_ez`ClLu
z?-HDr1}YInpRLnSO=doZ&)Z$9!JaZ(@Y<pjX&Fn!G2LkNZPqgcJV={qp0>xk^gO?H
z9r2PRBTi3qN_3B9>UhOI?&^CCh<0a^j_NeV{?7Rz)`+-WZOuNSA<1TPVygTb0nanY
z@p4*noE!zT*m`>+LKs=@FM``HMI$S=enBLyVfOKe2%LL*5IjliO1F86Eu-tm-WA1Z
zhb}N&7>>_ZKjzPUOw#gt#5ZoG{;}Rlgy&q4y11S!-=zA?5fNXnB!&iVDwp`r##v7d
zYEy{(xY(-5u=4-!lDBMUn!#Nm`1`ZG<|ybUpJ@7w+|c5;+AxEv-Sw(sI3aPVV&Fm<
zMOGhKFL*#t%3b+r(BzoImuML=Bz*15><Ckb$%b>iNR}DdRQ?<XM_ysu9y4(!&vk8m
z#vmAj7mEBI?T+Ylcm>wsvtm0kr=cHHsYG97(c(8j&S+-2Yk16==~UBU*ye@19j%ZW
z(Ba<;j8Z=w5L!ikwrcB5<;17AIV>vu9Gr3;jC8XSQD;Tdu-ZQVda^Set{|G*1PKek
zcMU<hZ1i5?WMILpLjwPs93XWo|3CuoVgfrI=oi-U*eW>l7VfTYblA#WS8^ID{Tt-x
zFWHJ={Vj0RMh%nr$nq$j>8+Bgwk>>6sj2;Y^`i^|N02?Fq}`pl{RR)r%m+rjj5fy5
zMSijTk{Cdg<5||_aTM$bI^Imb6vmTZ2+8UwLW??ClvX#yBa=^d<m*7&ZfhVXF<3m}
zE-3NjZJi0+I6%7zGTa(}taXXxIqFiUg3h6zgh<qTz>TFU^Afm(M%+lBtow%F{a~+$
z0IhW!{AQ1&)+B6=qn)$i+QAZF%q=zh^oA^G4Hxc@*LbTh*3!Q~&4++&7_226p!D$T
zH7`Ub!fXTZ(hjJb8uBkVvI%Of)f95XVAK&r#<=PqnhHd0v5b(SKIFOEZZ;&<)6@Rb
zJeAtCtNU5h^h#}>MgPmgtAj9mteX|SFup!VzqC~4BX8Zd0)LO9dq5k+L|&AQObJ@4
zb0daKiH?t4S7>f4803&^d+BJ__QwV&q3%}w<0gsl^7;ySb~ebIvEj!J+{@T+u5$V<
z!i%(zYopVeE$^$0yPTo(XUmYZtq*rym+p{=G@t*L-%3OCo-kfqYt|<tLl+6<YGAA{
zG1xs)hN}L*86T1e)>gEYJP59x)Y6jCs-(QUxXqS8R{g+2wtI>?C1ajND~-tfnCv$b
zJ^9|jfwe_mN5_w-HCU#rV4wV`vnZF=pc^kG5q_C$_26#0{MYsy%!r><oE(#q#=4}I
z4MdS^XnxR|_UfD**qd|J+w=kKybsLBS`?IW^<*4lw)B8-dprllz)04zP0mT`>M}!)
zSZ+YblCe`5H`6PVP$@MdoE97kMe5Cs=KZ3ON%d(<IV3UY$<^$nDf5y}{Qp<1N~wJ9
zxV}gCAXdFZUy)7+*4#3#r(gBF{&{*^>p%A1G|rYBW62hco7-c3>QpAIy3V)sH6w-J
zq{CnOH$XxCof^qO^XM~6IsM(rent|yGlL~igFC3{)4vboo?g3__%PrAzdQ{5Z%iA<
za0+aGKMY>zdiJ}pUJ*1@JP29-{9tw(mG%R~gi|V#Y&#^DTr$?jv$NtqXn&``e_cHz
zA{|&8f_`rUo6p8T&$kR)$6PNg{jpd?<w0x=6vSv;8kjlUpL2L(9)875V+i>oDcXvd
zL9?q{16meDM?QiDx&0J)lhC9mpVkIEAExaKB<EWqg^way?PallKBBJ|f{*vRGmU=T
zgSNbRv;CFROHZe++rAgh+KIGfpC6Uk?)ZRsQ2vQr7t8;f-X<vZ-HGL|##fePj@IVv
z^`2B>_ZLe?THEx2jt7YZS=EP<!Wy#9SJRs`T!qY6iIc%EP|lH^ST?-8pjI3c1%L<a
zvIgsa6`uVDv)gtr#p_MsuTRRdZKxu0&zT0q%jmu1Y5z=ZOtO~Uf2ztnY}ODFXQaI^
zVC}uy!rV+=QXo%v9ebnQpDuh;K8{;+<-nLd<BGOHmew7_xhqJ201YOLWLOq|NEwT*
zB;M_Y=SOswe4D#sYD<o0ntt9_fdb^Oi*gC;R}t`7OVA|y-}goUIon8QE)^^z?zy2<
zNKx>pTxZ@hnTPp|0yZ79jv6$XzEf~nw~-W>{L;JT^w!C2@j$}7F`K3E2GM4y>p`(N
zoxXVSq2yB(FIZ*S-WlVVCmjTJM_K31w82i62=Kabr4t%124per-RwFLd5n1#q<CoV
zXZFt{T8`3kf@Je@bF$j(Ejf%(A5oiViV)1==h(VMJ@E~t>rzOv`Z9#vaT+7orkDE^
zt;R-p!c(nQucKnn-u4v_-LlJ#W~p*L)W*XyQx#Af&SdAJBYqYvd~oE>Mi!_8dgsOD
zZ>B!1e7_D24Ys{{q^*spG~~ns)&#P8yRvo#%gNZxe7mZRAidX)fsODuTV<hXun7p8
zRb~0)<Ub{`vifoFbkyiIS4?c8B*ifo;VVIzO_#4e9ya6|J*+a{Rzd8a<RusVKO4a3
z5GRe(vKo~sPnQl3q;>o>NPqN+r!zc>g%l2~Td|(1)SEB06@Q#sFW`@AYvt}#?C1Wr
z*xSz?>s1v;s6D;t+DX_`om4GkvBGk;+n<H@*7=)+jD`!_kuf?o*7ODq!_mza0W~@~
zHghWC{LSet+Rv+uU%|_0=XB2N&BzLcSP9qR#hKAo{+V4{VU}j0rkfQ$dPJ?h3Ego=
zfk=L0;j2m>Xnn{@jLda%d1<saQugIZ6j|l|sM)b5pz~sE(_IR2S2A)GX>1c@#CgBP
z@VNgY6<Rr!^;R3@`SSQn226QpPycse-bB#0k#oFce<u~^o!;#`ib$f*tf!R4CBY}%
zdI-{Ey}IKjNzSY&zYhqouu4~$rebh1$I{Zr>S@$3SiLx!uNqS$G;m)a@*Iw=^M=zm
zTkX{Te#?<Ng@8H^Cb;tfOX!#RzmIb>St*YTk}wymh9>W4p8{<UUZBdF#p-iB>p6Xm
z0e1WD=2D$#eOj<d+^!Y~l*A`0g_I9mi}Ly75tf?8RBs5@dNSpZ8*8{R)bx30V5-%e
zNO6L~e^!>Go^N=4tQ$@x%My1<hX=+TmQ)!Rxw63P2LP%GoD$S-?1U=gz=)g=OG3B{
z%VPw=QlSwF+n~eGVN@zA(^6UvLayiPM)+C%<8-7>4O|>ELh%~t9txn;wHLgVJB?f(
zq7a`Ls5O7g$f5R}PK#c*{!`&cpYl}iXVpK+Yk%MJ!}r*`qsr_$DnTnHQG-IEBx7Xn
z4VpVLtHGrY0R^1SjtKU1L?5fnIG?@H0ml5@P!7O|Ih4l%h_5>~7Vd7{@^a=rC^LU|
z5fRpse0(?r+0=j3x+hZ`+f89u@mGDkli|~%?q(ILNB*B(@eOXnML9FWFyg4+Pbp(D
z0m1I66a_)D`uIfk!M~^3Lxseq68fyWmfwYI?3usM&(<Cq@Daf?>3Rns?#C|Ec_V=>
zpv9(21@*P>a0VwQ)YjU<wll*I&L%9kJ%7-exNBDgk~1d6(rdKGvPN)kh;g-lvmYpY
zFPgnLU#(MdH4ph?4AIYp3;%(de3jB%9CNUY`;ak8abZDsw1?0rkuV7eQgpRJO~?3d
z%thGjrqLI0;bkM0?656`tb%{-{@R)va$z!#hkl(ED_>k^-&O?5u-@^A2;1FHhn|pe
zghT+2mFXUY_3uW*^)$K@ptC+L>;8Tu6s2wTp@B*DzFkzl6W_HS>BIZlRBSb6X-n?E
zYg*gZPJ~lDaxETw(dqX`lW8~s`U>XXCL<%+?`k5W47rA0ZUzsW`A0eQ*@&D76z~Fk
zAO7pAkb{P{)j^#&w{K-}N(9?OFcxSDa--Y$Tj9SnZP{@<@u@{A99X{F=TBuc?Fofh
z%;qYoh&=kMo$faG<A<(M&?6$Ff*TzLL;?Z+&ZAKqf^l-`njcc69^|=;4AE=Y`Ce>0
z+`l`gJq)fCgBtbuDKWJO$)>vokq9RkACt3MoLtbb@v?>w>&dh~I5{cqis_N>y-`N#
z4Rv$21}+78=-eewTm3E)C{Fz(AZLC&b8)4Hb@$9@enQx@!t=Z4TZ@SrhTX0zk)sk1
zTftN=7;L=Nh_hl-e;KNvEeZFxzjf_Lf{jx?!p;|TRx-RRkxKb(`^2P-efO6qJNo=3
zcC9PR$J?OqXBr)-V7`h_8ye=K7~i_Okh?V%1tEWH45fxZfTAvS{JZHET|j`lQ^G8r
z<VpKn$j^%rWN?yAl=NBux`<y+4#hh-IOL0KIzS5&wFspHrgStpb$(AT9mqyspzmxs
z@a0wJd+C-ev-y_?(*Ggdv4>#m0UnObPUJDesaPG*nd+wR=U_)=ftX0CwY6ch;YKDr
z=pm$TPWuS<xOw%qMwZ<?ZZ}1{$G~={$@GOX{6PTp%~-+}7E%fiU%YZ#Zxrxz<9_UV
zeldMj)~x_%idFl0J!fVqtUHbm-qKeZ%V`E6PRww^pdg;sLMBN{SK_EJO@64^6!2x3
zHGTnJXoWX(sH(}V?nDOfjFRw$pCW!AUhRSG0cT0!$cFZjj`Q4!@YTPEWI4HO=YnMK
zT&3pD1X-6K6)rQg`F$a$sV&P0b)Du$>~Ld>i*Rv@VgXG8=Yl{aA>wuFz0F&ewL010
zj#6n-tPS@F+;p`_%D@Wgp~A(;hR<!tX=WqtlqJ)v|H)EzmxkedLyy`YM4Gw{Bho>H
zk7Ri4iyD31J$zoIDP#H5h5`Dj=JDDWE7h^OJm2d})6FfxG;ibfNvue@H489)Ma7Xp
zPg1SH0}q32EArpGg_uc&2uy^(5*%3OcjSh`M#92C>vB2seumZr&e{T`-b6TS@ex`c
zp24tekr*?xU!z;|F;k<N(45Lj%WXk2%Q86wcv;*;550q_cB~ngba^sT2*LFSQruii
zM>o+6>`@qtmOKsh#tB_U2fJ&sz8EWB3V(yWG42~x^!26XJuyLqIN`8kzuEH1#~0^0
zUo7-%e>5i19ucQaMWhj!5#=_N#?m_TAcWr22xT5g9T962P7?fm`Cr18$5u4=ZE;%J
z5G)eej(|ojB_;I<h9*8V=+1ChJLoGW5!7EGmXKstWybh76{EQn+U)HCd&(z-V6=!7
z8mVA(r)W*#9k$R-SU9QtAfB2+!J)&#BIgvu3Dk$<3!_$PT;XCFyr(Cr&yeH7YWt8N
zA2`r*x4|@_#mRg=y9~hq+N`Tp=@F5!fsC^8^9Q2LDG#uisxbUa6f7xvyOhaqUZa9C
z=a69l`YSbF0_KFM0GE{H3<Y<l@y*>KVfETG%i(H=hZKG3d0~Ny{6uxEAp{npQUjS;
z;E{4~3+mSs5`sI=^8abmE1C>R`l**+EGH!69_$?XMJSW#`hip3)so(du%Kqb4=D9e
z7zofe(-^09&i@<+LI2)vw5o&2z%PAR88tA|7wUXGUu!7;+4L07+_RjQWGk|~oY-o<
za(~MaS1RY}R@Vx0TcO|d@&2@!{uq$U>?tGD`voJwqsIQ4b{?Lz=u0uoSC7AJxmeMJ
zhmg%_J#zIb?SUn9GKo$mL?)cVRnzOVIo?)V!~HDX3RkC1wYpg42%U(Fu16DoRbSj^
zaq&gs4)i9)abD}29TgyJs}Faw%lnO;z2Vjd43Y??Vy;Ji#(ib8&A8nRZ#^k#H4b5I
zUC6Z#u+4=u+JT7hjG3;xCpc5!=bx?C9}UN^gJ42Y)tg@(P9KVIm74kaYq_~loI5cV
zX9sSLH!HL|qqxgScppDUvTq|*oo95-wUY1OTK)Ox5p*T|nr-@DH>((2c%b@MAKnE@
z#vHGzzv0K^h7q30SDLLt{?*qlOgGBZC(ek&=YM9Rfg0*>XF{L#XB!&Gwa%q8#go9#
zPn7HH=l6GSJ&w4$Jx@rTP|uF~4?E34&f1MwSXhSOO>27{$-&F#n|tn$dnetY%ZIZ(
zvv&KMNN1ks7yJw<f#YjCTxCPb%|l({$>vr=6n5KkdE2PwC5-#SWUlX&1oIS4(PhHT
z>aJg~<;rU>ot-wniy`K0<`ff~WhFa2C$QQ)SAJDl7u9=FBgycWp&z6*82dQBqAa;O
z)m?rqpxNpLUzMh)AJix$+?+8idc@GPZph!YPd>d;w0G&F4+vZ>rZ~jA3-^|-vdjfM
z6H<Css%U5rMdp)9Nc2rEEswp5zmc@XhAi=)cNJ#7*Kzxztsy*elI*|*NStrP%fs}j
zWu^V`lwnRnq7%YulLIMDf%8$)@%^SWe~Lt+OZ~aDvXJT(xdUUIrjTxPuk}ZMG^%+i
z<M!6t>IyRvR7>aj@BM_0c%Y>GXkW#Kb<w$pfEnfI1u7;O@?h&^V7#Hnq9Zs^ialTt
zWRKslvbC@sGrO$^x;?>TlQqVRu5&Z#xh7=P4_Mo~cDsjTJ}c{es>@5ApS`Zo;>Wy?
zVe9U8sWUxw0Gtaey&Z>J+pmbNmcRp(WcUvw&)+-`Jh3mU$E%KQsW}Wt9ZB1fP%)`z
zeX*@FbQe7j7?hyd0h$bS21}s;X|kfyFKdoBQS)z<&WRtYUFfSUpRKnAu$8wO9;r^z
zTLL_Iw~mgK{&dvQfaVOU2|}XRx&n&{8*6lL9|fb@yGr3=tu^anD2^AGmmD=)hQmie
z@nD6nW%&RdxBg|u<xAxDAn2!vLzr)q!k!<c{RM*w*q*g&IL~>4WHhvbyW*Zcn)upg
zZ*M=~>q*m;O*g}D{sIgJ^a)B8x27JI$qhq`7q&Li#xakF-zG6`r`M*!ft%#1|1ere
zVHHqJj0Wmil#AXncXv6MU!~2Ss*n;PRTgJk<FrjFC#R~}ZZ2eIoPEu}5`~X>?m&OX
zJT?~jJ#pdUZj<{i7-8e6Cb$>T%x<|liMVR*gBj`b$rm(s%=i*T;h^MY3#VTT8jtUI
z&OaDU1b%Qhps$@BI}=6xrL?kjTh6Q39<|*cNkF#V?!P^J%4JDo?J;Awxbq+&ri}$_
zrSU<36;)JY7)x+<e0q8Li?}3rsr@}~jjKSphTFHYvz@WAuX%c=KRBdj$H&~>lkGpI
zquJ;#O8!pNaB|wKF>1g+WJZ8-*vdz0z4+O*-?Z6ujexgyY%yH;t0C~XE6VyxSnMTT
z<Cn)}M!H5-oUV?dt}dx*;82EucLao31KU3T!i;z+Xcl)xn0S2HeWtoD-4gsQ1>i`z
zjH#bn?HnUgl)LvaPR;!$QuE<ev)R{!ZbZE`e%)#llUDm{a=8q%wW!$^=6}}tAL{~;
zO_x<Z_JCgF)s(re;F<id&ybR>k_94{4Byb!y3GA#D&&r<wB7?d03vyAeQ9#pjyWFW
zin>8mGG<#VO3zc#RT_KBaGB4JAvNk`+uEK#JnNoDmsLezo_*1VdqS=i1{)Iteq*OS
z{H4f6F0S&!0lAF5@h1Tt^$&Je>_?6Kc^K}TW|yj49oLtGsD@e1*`v^n-)lRkx~2|I
z@P~pg*1W=g-8?t*1;u_VEoyl9R4Kn7ufCwrJqC6=6;O7Ugr{`GcQ{i4Fgt%bxwiXl
zc<*d!Ijz~^z*t5L2jgzb`oZgt5Vr+WvwHBy0R1l4e8E<O5jwjqLy4DnM4^?xEHgN-
z;{i9_yGK^pQ?@#rM?-ISW?6T_aG%?H8TY;p4g7RwiD8{Nu~T~IcG@Xnq(x+5F{C5V
zk?#Jj({ynUjN_XAU`*eJJ39L*eb5qc^~{d#&4%Rp+#+Z-d5IW*D~PN=tWYKI6m=2&
z-?CJ%0JuE^34L1~gh(#?x=VtxDCaRlAv9MSfZ(=$ydSK8VZ(9sOnA(=tq?%I2HW-U
z_+)<oddD9g7&Kb^&}Q?AZIWDny$7c$nmxrgd~nc{;8CWC_Y&p!C(Cqc1B}5z)xKOn
zRf8Ud4_SKijUZ_q(^SG=5^`JHmv=8nk!XEp%SvGgG{P!w?wd%6HaI^Uf8^&<mJmI|
z9*l$<p2y-xSn~6BdLjzz`8;^K+kZYnrUr2yZD~A!T|Qmu30t^M)Hs*(bP2e8tZ`)(
zPH&1+&5+XE@R3`Jgh?=4+wbn7iHM7Bsww_+bQTyLjhP!v#+H*DqxibgUXSl;>+9v^
zjnwv(HdUkYJ({I<s3&+M2gXYb<J%<H%QY%EEcAr#IrU`>=jV8bk=<wrjcg+b5MlRs
z5<vUnLA9KRA_|yXTnz2c$yvBj(O3}G?j(fS9)w{YLx*}gPL`eZe!dLMT~i{mI<B}s
zHn+4iG#^D9M7wdp_FYOp49|2+QjyOFMMO&>wp!SfG>lt_u1-bw+8Xc8=Td-1QwC-b
z{K46)y1M4KAOr!eQl_fh%Er_#EbQz-wEOzbD*bhX<+^dS&j_uv=sM_n-4$cf^d%PJ
z`J9n|(=4^+QJuNDXXgQvYjeRB2FBAC=Eo$^+$-0nGPkTO4bPcap9$F<vDLh+p%SPq
z9p4(x&Z*C4iD+)^_Ln4mxh)pz(KeCw&(3^nZXCKeq*Db$<Lj4bN%gNL$o^jj4h}x^
z`@_nr!w|-+L@V)x=~WGwH%9!uDeHRjFfr*}vXxL5jU6S31PRk=kIrk+;s~o+-}YNy
z-=sig9$-!DDrqTaf(Qh(^LdSjpM561=1DMw+YfKTl~#{mm;HR4&@z>xr%WC-mm4+w
zfnpr#*2fXRed0)|<7RfIxPU1G5`E>Q(G=l~86yC2;Fm8gLVjTMDDAS2)!$-gnvv(F
zr5g4dgk{dh#Xx{XMKovnX-XqU#&9Kjhx|g?#1OS~h__Z~-cZk~DJiA2jU8`qpzOE(
z4^LuaqQ>mSF0CBkGE$ds#T>@tC`zmHQpWFNz9zSKJHB$9&?<wL>Maz~g|Ywk@Epv$
zIM}6Qulrb;q3hf!Wb-56hg<k5=-Q(Q@IXw{GD*KdxXoA{x0Q@w`#Y)Yg{<NXnqel!
zh!@>2(6r}S4W>;5iWIVb?4NzBw{-FgRGs7eHP7<<Ox*h!$jIv<5Sd#^va-NZd#5<y
z^W=20H@a>2i%3e#-HkmX@a|ixrI7zBj=&!4`e1lBEtBZCGq@zy`<;VBf2I`n)jN`+
z39a6@^h@(G7?jnyA?x+}G>dO*LWlxI6TrSM`RK!WdKff78E?&M=3)G4#ceU0RhJx#
zAiYU%$$#VV3o`Vc@PZ@0Y_3nQG()@Ld`L)?dj8EsftDH+9<h=fG}8*Nki``XfBdW2
z?)lTB=`P8=)=&fxW5q2?EQle{F_%RllRdkwjNzuAr5mcOiJEaC>rj+VOdVR(O|Quo
zO0J{7olP`#WS@;K4JYAsKc)vZc%wBWY}R-II2YbuF#!V^ZgJZH%#Gvr6b%K}=NMrB
z!)E?bv!Ac;Fr<VisHrpC%<kFEy5HXos2LL4815IrE9hhOhVLkRKMW<g29DD_JO7ep
z&1E}h_T<q%w_WLn?8_#&5)A%o$X;}Dc~254S*RNO^hBnO=RFdq%X7f}MZ61c&-<B~
zbDtmknIpFT<~@eB?s!7rc)@q87-#N>s`QbBPueYS6hCfmoW=vJjh-X~?sQqj2+L`^
z9oZe#EBD8bzjJWL@nLm@B6B7=ibHSo|1Rf6I2ssQE~ggat4QPekz-{aanUy9UCIkd
zjeK?B`6$=Mp32O%Ct|i)VEf0JF*NIkVNh_edHGO})mu|DnY+xr9bNJ3yOw12D9Jd2
zISduMbBb{M(e24PS`%O%6Nq>w8BAMu`Pv3~WX0gTJcfs&(Iy5m#t=SH-7YvhZ-H2U
z*N<#3A(M^vb7C3Z6CBpH6tW+S8jW7m7dIXF;T&yoe;gMXHGPIrQ$+Re(R$Ky3~lvF
z4ss!_wcfGsbpSm}OtDi@GRFLUV4#GRHYegV1{@KZSM65Z>+ER`I2}XD?#0g3!NX>%
zQM{qXBK~7R>{InCruIyXIh7OIvHj`zUzgAQSybI#f=D8lzqS6NjewMl_vdh)5P}Hi
z(ehbjyNw^eCn1RRQc?fgGlV)Dgww2995WmC>>xkrxreH6K9BmFlz+!bXfh@oHFynk
zw?^g*)<cM)kLVn%4|QQ$uO7NXTwYySv0LBi-9hd&OuMF^_2&?Z{3Ph@6^u%Uv3=SR
z%Xjy!CcPoVcp@F<b9)2&^X|D=IvHE6U0-x)JgBy7j#Q%wlRH!W;?(vHp*a8kkmv7e
zF1V)^_oP{8P}%|7D&rabeJFz>BQ6-RG?Y;qpDGBZJznwVbG)S;Y6*<cf*B!Drc(d&
z4%mi3Y*7$ATJLryDUF5I8rdMf$L4(1#B|xI5KTsOb<XBEjle;K@KDmUMH_FO3rYNW
z{NoR^%cmC5i6^-!)UDJ+^4zrMl_m-7WO&`Se{dERzb$n_=QCDO=y|}&`0pb9qZ;k}
zJqem}s<wTUIN>45D_kFRO-<9U_2^;}Y!vF^Nb74=lSkscL4a0UihP7J+s!KN&c{iO
zjEy0u7?@}4+iNol{FZ9g&N^YMKha5ey#w(tk$;7R84TsYlf2rPTTQ}&KC(Ptjn$)P
zw0Ok}xY~49x$g_#pRexP%Mnu3?z#py{%|58U9dZ_n7J2A-`;$WgEQLdGknbv>gf>O
zg9SU9X*@AYSQo0q(3__z90*|kO%Pov#Q|P&nzvr;I}OH^Rq*P;ng|@d5BDHnx-v>-
zU(T+*i#-o)+&_dAWL=s(sq%0fJ9|-0Ev!jR<OJ21KLf2r5_R`&t~P9#*xA`vIvj(8
zG083t>;?UyBNqQ%87Pm2iU$6S@UiOs#i_>3AM*6>l0ao9V?kb=-q}zWiIviKiU=5t
z$seol(aGobg^k_<s(2skCmS0fgorKPf+61bs-G2w$9iSMn;-Mg@`nQYs8n80c;)vd
zc6-YKFmg6p3z{8?835}mJrdJy4S6@!KfHP~Tr1t7qU1Im3|;R;sOlk&L5)G@oii?i
zxZ)bvh_6i!LJ+L*zMoU(Id%N8xA7g_`_r8Dw4udVBPqL{iNdG`7St<d^mp>z<_kpD
z&#?-xIyaeMbnpTphc6n~M}%N0tFU1zt{(cW;yYfOej-m5n7Lf6|8XjPuKKV;6K<wx
z_P1_Yc|v8OuK{lPk2fV@>>{-N7_c6kM@p%oHnAPRPu2n1wFpY9WfA)PQb1Ubz(o!6
z!OsUr!22~`0luSaz2Dp?{HMd<*YV^fh&O5!_e#<|zWyaKQ4*xi-^5B{61&R7v_>M9
zDJ6BNXnGp<>HUfOm~{V}mRKf88*W6(NUtC!vvA8|ROO^2vw!nBb=FLh{ZQMp8)IEG
zF;nrVT%cKCbbq;&6Iu9gkRjZ6!KMBk=yB(=&G*>Qj>ZMr7PMukn-9LA0!k*yNsg9+
z6;e2|wduJ(cb=Ztd-K!_Jqp&V)q1}|E#+n!G&Y)6FrMd@-O^&B<PyK=oLKC6bB9(F
z%N{U)RK|qtEEm4@_L@#keisiocQ`r8Y$4A!B(2&?au%5>_8Rfp|H?u9R65cA`Z}qO
zH&#GDKbf=?W|~7VAc>uF+#K0vFI!MR;|Q?Eo;fYDzma5|HlXh!-eYr}lRE1yjL(c8
z+Ai^DdH`{>+3ZvQCu;fnsybrc`N)p)stgB}aHx|`>}u=dP669Lqlf@^UFG?%ny;m!
z>3vlD8u2rcx+ehtG$80}6&xi2!Em}M!p;nw`=f^A8HWm~{KS8S_CH&aiXtRzeq14$
z|LDebdp%VDy|C7EhM`C?yK9AyvnHDz`}}pv>Fzkz8BDU+5=!qf{{aLM0N**>k?{NV
z)IKWc)+CPNVF%rD392*ywiz~AnJCB^q#ahnywnkhKIA+}<#dF$8JQ@rmWZFEOgogf
z-ZoE1Q`xhVvwa1xfN<pW;?5@y>HhnL3SSixiq^VJ7j=%aia9;^(2hIrcoDO6Dy30H
z!As~#<7xd8R%6&zM5PL0pu?Z33QbX&P?rNnotMQXx|Gs*x-EO*z@v<|(TwZe0cu36
zEDq;!1ic*>7>-CF=AU{OWS96;YmrA=9xGhwO5yy892gF8Vd%+P?flaUWWxT8sYr7H
zLx@biNj>_X9sc5z3n3O*$Khy2J5b=@UnKxuetL;C!y`OJV2irAGsGpHNOn9>q9%o-
zwN^lI*e<i<(-=QXZ<uvHPzmyAd9D7T9trO^{-mB&bi+3Jrw_6a*-NLkZP%FbTxwZX
zOZ3N~C<DoAj0FM@1I|zLPaXlf=l(1Rqx`M#MGS7S439;(=}y0bs?H`x@3{H5pVOP#
zS7BGkEpC2Nz<`={`&XsO2Fs&1se_s*<R`X0A1S)XLuV5lG?*Ol>DEh|$2_NQ=(*c^
z@!9s=F=%VM3}_)VGiAnnFv{Tz__xCcbp#YECd_GR3>!YO47)}tDT8)UZmv6(&5D}J
z!#gN@?)Re5ZYEXr6(xb6oT0NGqEo-(z`(Z`Wfv7`F));we}_&C0Z3`c3*j~}N2K9=
zr9o&Fu&}bq_mn~OV*(N!9Ts%7#?=m65-sx+ast0T80P!GIypJ9fe>hfR#$b=wDcq5
z$8NNbZ!OWukJ7EJ0Q2*zYTv|-9f{$zR)dB7O#qXti%Qy_i2nSjwI(^mb%{qu3}u$-
z2PecJ1p(2qHqP5f1C9vIh4UU06=7|Mh^TRv{)p*^bup5I!<>$yw5zbNdtaSplgBm3
zimIxHHP+(B8gxik#D60A3vBKfE4*6t<G1zSAJV;Nnsou93g5{(*OJCck3Tir${Tl;
zS|Z%yP3z-bvcBV3bgfFb5IP(c(NvNLqOYHgQ#Fmf7gdsD3C};WkgwXy_9&=+`%bB{
zfBn#;cc`$QJdl{)H(IafDSX&1_@}FEl>v~&xVsfdwRbvBSD2ez!nyb&l6Bau&$#)g
zMuC=`DJQQCm;9XTt<)88xd{0c$pVs+A!{PnsN)p$=Nn)=gxGdn_oOr}o|;G|ZxGK!
zwRC3hZXPQ9NuMZWlvKDM+xUH~gdnG#T2CKpfrt_sMc>cD7AX)&^p^3@5l&Sf`3(nJ
zTLX`IygrYTX5YVhqHH&<wZ9o<T)nzC3cGu)MFao3KIc9)dcRz(oZl|rT}x(Djclv=
zHuv6pbo|ZmxpDlLZxyU(=a7Sv)eHKGR|{=*A@n5OCUFGTmWK25XlKbywTzm9=RGbF
zAVRP*CXaDi2}{|QMqAy0xHd=*_PTO*CP}AHA3Twlr`&CF)IZ06|9uGtRM-1DlUfm~
z^6kDLqVr;6Pw@*T5T3N+O3~O^0e*jcpJUsN)FVEkv?;Y^lP}>WeW>+&_dGFJlZLt!
zxuMt0NmXNhB-PO!szQSgV~Y3LTuo7Diu-w_iUsSMRytg1B4z;VtQCH$P#7H!fvt>5
zGve-aQ2JE29I$A;vv;WT%eH~?B@|j8DpFh(`({iXIj_FH5~fafc~40!eQ-kBOEqMU
z&`LN<^x*mJ!LuesN~Ouw=*1{26wr{Cs}gD-7JGKbQZI$tef~dMCzrWyqFXvB%O=Ts
zcw@NkT@eXG&PcCkzVXRYrj(NnGbNULuUgb)mJzB!eq_VTT&4BZ@)%6XmIEXg0_!Y?
zyB@GRRRvRIBiQYz(m(*~=0F+WPy<QmO}MHOROPc{i}!x6wOfxLOKe8L$R6vXZbgS#
zob`8=V0mnpa$v>Z1RwLnKeiGf9%sDLT_G)H_3NKQ5Gby<+Sn~&w9QdlS0!8==mn~H
zjJJg3#ku1#_f^vthO1T`OXf6T0-288?uj8tzC={@z@^2*2EyX8wfBgKo9Ej@peh5h
z{RS$=7v5FA0NX`z`TY;>tkKspY9Zb0!9gkh1D{Fvq>0Z4`#5hXn1fg+w)V+;haLd^
zsmr`Xjft~M7;kz`LMwcZKZgyWn8AO@ja+7kH=2`FJzRc<NOE5%I(<=DMU?GNj^<cC
zq`1_MG(1pC;dOl({CSMiyoe2=q}a@4e}DDIt#F11OILtx`i%jX!;L7>broPTO{Z_6
z?fM{oEf~-w)MC<<3ghNQ8PDCMW#OUH?Ta)jzRLcyMp?Z3m5QtYV0Wj3QOP45)M(Rq
z;!eI)%Zj(<po>oZ$`mR?d1Z=84VO<Njen6Yv<qXB(G=A({jN5Ep)ABtfO*zL<Ejeo
zy7Xwye^CNzCFDa26a^bH`qt5V3f7zIF&K^9st1UmV=e8d|6_3WQjgcJHzDJTf60Sc
z<JN$g3L%2wKa!Vq!;UVi#>kI|w4VN&BS$IBm)V-f`$F3EZJ{!^kSck4&jzOdDNRP+
zOWaEi0Dk4SreWT7XIT5?F7Kl9i61DXn;3E(<V@n5C4F9v<u^Y}wVcv@1!DSTMtDfY
z%KW2=o-ZM>0~CI*M0D$wSHHEt)jgyEiHKhcy>Q)imV6GbUXale6AYziXsxHUrr~sk
zXISfS7gq-gNdc7=`{jSl^V;8i0r(q(n5f%LifFHBDFd~fp&qFJMo+52vDKIUZS?E=
zo!V0gmT_2%7h2x%?ZbAce$Y(CUExld?gYeM{u;kXpcXuz6Z2Rfvi@ND!J{ohu}u}|
zSc)-r@S&@1=HdQ1oY###+4mGL`n3>YwlwiYO$MX=qrs8UH*>r)b!?b>WwYuFImRnd
z{O}4#GZKcq1IW7$<k3A<Svn16lTF7`T$n}vg#~_|rUixFo{w)l_fAG@N!z|u{)e7d
zkZZXV?37;L{ZvW0@~ESMd3Kx9m9M3;ZJND%$B;qqo`*Bp9vfvcM3(*QNME8@3nB9`
z?Z<m1hBBxdN`2j<b?Z{t1s#=`HmdM=B?&1eKMI~WV%skbdjMn&ZxB#v-z)MbTM-I|
z16Z=BRM4X_Z4DdB$v3eC7F!L`!{>u?$p~mJ?}YR8@$(Luy9eg5qJNXVf99<b-r#Kz
zB3dI`jf~&MyCYwU?2)6ZT$9_D{Z3F<q-<PcMbL*%G_0R#5Z}hQ+=y7~aSF;K!|^W+
z6mR<l?CkQdt~LPhRdsa<B<!6B0?h7&Sd2|fQht0vPwS8q6V#QpJSeOZ&W>?rw7b0Q
zaUDS*5yF_7T~^*KcjV>u{D4&xe#@AQot_{w`y+ESl^<2Q$vc62!J%seJ35E0`zN4g
zmM<X>Arc8p{yFRl+a@m*%E3c_mdGW{C<>c{1zOsB_ijHXuZOof;=~ug7_djg#xD#t
z%;KHl-b{&DBZ$@>&^L~UD`_n6xu6rk9$1iVxPXXxt~>^-4kYKe!VE>_#ri0u;A7Ae
zw5kxDIABiE;Y<L>FoAE4utreru`-ytUCCco-5f%kQ!k6?M@9U(oWx`j2`@4!*nPDC
zU_o$3viHRXaSBL^qj7I9(v-PngMBr4@XS6&^pqC#xpw}`kD4<|GSeo<vDS%M*XKAK
zlgOyvZrFNSc)uS(U&^#@k$gFzBfJIL91heNvkCY}_eO>WEHYg5`#VshOUg>AZr3d4
znJ}rSU&$C3TH?P?^@O;j%nA&o@L3Tbb$r>f39#D)BG?ZI+20B%?N1`5-7!R+B2hpJ
zejW$kUr`i?7Cp)3H44-SQDv!s;oj0$Tl6{nEJ`9EXBa0@vPDIWOIoZMiNenz;lg2c
z{)m#N{`1_=?)FZMj6$wngiGeeZ8JnkwtwX8>?qz~f4qP4tTuV$=det7bGAXvLbRFW
z=k5Kfj4RM+L&3x!`{!b}V$nM)ZV7=yZ+#bN$-c_$e6muVif=l9+j^zRVa1N01)84J
z9P&?JptmG}I!(YeXeoMo3!$T<i{$?MZlN!DZebx`z5G#Jw)Q8`W1UIlVq5QO;JFqG
zsm=p@qzTXKR+AGhxjRydBQXDR?aizxdxup}FzQ!6#_k$>!!u>i*Xxc9n;DyEA1XTw
zM>ehcpP$-$y@-%O8P(G0K``;6<2|#X6=-9lH5JC!S5OF0=hM#WYD{gniZ|{TF=k-#
zjzu2M{ETpCE|OHoE2~%1*VaXsQ4;p6i2?!~-jIy@k<~bv$l%%Oj|yOONG6@?50)3f
zrmI@XA6X`V3f*o?SKF7@mkT@Hfuc$33=E`x@V>VRe0o%#cE#1wW9DR0|N3HR$g;bW
zt1GkvC#hit+ocVN)zs>TTqv%%e+z!+H+t+Z@W*3|*}3oXy<1CNe^=~jZ1G^Fm03kq
z;8%QQ)pSLJsVe}(&oP!`d#9_N**UZN+la8qyB|y=B4ht|9T&x*7YLEyXzA8w`z<iy
zIX#!@nsMLB+^@kgYKJkSJey)weGO@_J%dJ-2<7n@d{PVIOo<wd`MCG*TD~v!H$Es(
zg9Tk={yP-n>kqap<dj02SRLu}j&HKG=tnMOXNxiio8NP=^(P>|EZ~AT?Va=n0t--%
zDy))riXAxb=#`^`H+Q`JDA&rpy?@^+E#Hff9rnj+SUx<&!jxuS_$kuhBs<c1aZ8_-
zSHt8`GjwAo=i4WMioR-1NvPSgxJCum+Alk6X{Z0$-IKH|hnFp<eFUN?9!WXOtbc4Y
zMNih>3H!gZZG7KBlLV~`&Bh4ywE?$_4FDa+iNS5y?n%c3Nv5o{!wt)_>zH0qk^Sqa
zl6vq;USUmC^=&w^uvchrLGp=1YEP46W9}LG#^bK2l8911;1oq(o!9<RmWtK()NCrq
zfP-V}!cMO%>)2Mt#|=Jtx6bZDP`0x&*?<SJ@uX8y!xxjit#RY1$-jUJcb__=;#gv8
zF(E2=M(Z6$UmTe)aWZ!uu$Ddq1edL;b?Klvk!v=le*?aEqUn%RbYD_TnsD8i&MfZL
z6C4f;#Q4Qfve_r=x+1O=lQ+C`C9I!x8c_(T%R~w;giZ@d_Hc&P*0A2uoW-u4(finJ
zgTb?fD*0bp0V@20g;M$Gm=jqv4(GxcB)q>nUZtB!lSBK>VSneH?(7v}2LuLVyIjx^
zI=6qWRd7{f7`Q*9^*aADp2;_HICFnUPL|7iD}4EgJ{T7|OQ#VUvSJJlZpl{lr%4@h
zC+S=B_T;Pn%j9aDk0j)gc_fUjhRpMa)FrJp4R*8#eFf??Clnh?BIxn+B?%TsGLMBP
zO2(?a-Sgh@ZAp@)U(i72@rvo5Rr0c|KH7d72Gd3_zh2j$Df05}&XlUB;u&Lkpf16I
zsWzgqE<v8|e)*2b{Qw8p(B629vSq6^;T^D)<-;(Y?MT7&Q^@nqf#FDal{)T!ocYfS
zI;cv`0FcT?6uCWS9s3~BWzAv4M!-g(xUK*Dy9sjqrEWG>{E!J4gd>_Xs!2l#Gi3C}
zHt_&lA81fW8Kc!!1i~%?<^z}*v#TtK?+?R^@RoI!(?IbJslFFXc)&-8zaUQXHkvx*
z?KUAo;ZtPE{u_(-OHM8EB5+2<=fSw$9>Jam;QxCY>;K7A{s$uc!?r{J{$EM+|Chw1
z|A&14H?1lC=c)f8oBtU<fduXWgJ*dF(<>`tR#uE-ii%wGJk$ByP<2#AAtWEOu3H2q
zb#olV&z(Q`GW+>}TbB#^@a*hO?%d4uw12l}kRdl8eU<woL+VkHp0F9f{NU)su$SU8
zS}~TUb-9h8&d;zpJS&&Ipaz!T^GOBA=gLG@Sz8*DHc*5tJZroW!wCWP?<CDD1z1=7
z^Ggrm*_nx`@fMw|%H&NWXU^2MyeY}l^z?KPQ01XC7M;4jfoo=VmTQejOY2}ptGb53
zf@O&EOp>G&9vAJ{w4Yw;$&>$(c%I@~7lmJumDF3y=g_1sc07nh$_XS~i)L|fNDRLy
zp}!1+5Z+DqG2h#pYr$pe`?_RZ1NWTs^nB4~eodv`6*jSqlDX6>pqmb*h@DyJRGeV+
z<GNWvTWNSwkSlkad41*76#LKrj0=F4+2Ks|$b|hmePN(I+CSAc%z8faR^<9;xDA)j
zmZKrN-Tn?fOyNa8O2qLG_V4NL_wA0{XvX+cMG}BBVt>j4tyg@5Z8E!+!vlXN4`|kP
z;r{(i@$TKbi~IXeTsN>F8loASt@b`#OiblQ509Fmxx^4+dIDT?#t7rOWxRL(?-py_
zIWfOS4!%%xpgH>7%ht}~5s?Mg{r$=z-nZ~))173DoE@2P7DyuCgNdpi=WNMBE+`${
z9nAsw8g(8eV+kF^6pLuZyV0KX5Qg!VYeB4UcXI-)_X;kJ96_9zX1>0^vsUKC!YqH3
zjYIDxz1%w474%7spb-)1SqUt6)2-SpmRhJVdfrpBzPq7jqws?f(H9iEyUfw_2QK$M
zW>z-0cy1iFBr>0kTca<ED|W($SH?3+``g`L^*PoF2;8rmOn$x$6>Db*<K#Iv+B_HE
z>N|`t;5L6~DS?!2{$0%Ie(NRsT5aK}Jzf^iZ9vfdD1iVJqU|5@I1?J$V{J5LKmIDr
ziMeOkDT2Rn97!>R(+M%zQo@y|a!kcf?a>gZ4RM=`f{sm;t1|E~2h?HiaZqz)^WYM7
z7@UCQQ^NEE_t}o^IvRY);>FZXd<y!R=>NMn)(tr#*ozis(%ca6gBx&MtO#bJ43ltT
zBEIjHhD0kDG(#oe_mOwpaaknFMwS>yK5#{p+^%>0+l`N0b4O%2Igr|z-iM}wGL*yl
zVT$Ol`sE<EoXCs{uQ>hn-mb;W;M4~FUvMTQXL%I`N%wpThSm9r^LLb@xedR5w^q5;
zqB0UB!srG&qvPh+{@5#%;ulyNQdFX#XU@)2!3M-dwNl~QZq1a~SQfRm4)JSjw#^>m
z0~_4X<u%;mR2R|xWM^dEGl`t#TTa~*cy96zZ9bizYI8UY6UJ7vqcy~5W=VJ%ahTo;
z`9WPR`BE8hTioGsaCcN@mJkgx*MBnb#TMY;W)e}uh?82*9w{+gakvv_%NaKXu>xh<
zn*0?9j1Q&`35iJ!O-$bVcSTf|qjg4N1nA3}XjVzvg69sWm|XuzSeg<dLKC@%QQ{yj
zxL+L~0`gr6NJ0JRWmcbU5B8|Rww!%x5Ev&O^|*`=(G2^4C&sm5`WnEiox69#$1QDb
zdQID8eXFahq;WB#NbE8fAAVwYLH{LoO_NHSUtcZ`hskt&Ti0+ozYkDph&nmrzRxg@
z<X-fbyoY(_fPug6p&s=eRd)Z~yMgmD@ThzCq>4kBdYV9Lt|nzOSH(pM$1iSi3JWA*
zbu$ljihG}5)qa6e0jm1Tj?rIpf)WoSI<~gN#EF_-0(;m+)RSLl-d&<ZKuU<k<s9bZ
z8@lK5<NgRi%1i?`#+sRfyJ`530Ud5)L&St_e%$%AI!SnJAslmlc!pPnzW1n|HrW#`
z-cEyp9fcY!O26k)z-?ubs|hUp67Sk+-`ZN_6r3M6?UO(W9@pZMP>3cn$`H{joETFe
zkzWrO%NSLFq+*P-p}BiYf-doA5<(G+l58Ji9oOu4mG$YNRtaQJ&WH3D2|0IWNW&ag
z6Q-kG*$eL9HYH_w(!@lO0d48rJraggP0e(}ahjkl^We)Npo=<PY3aFSA68v__{n+2
z<l>s7<0)~(don##!4qqwR`Lu{CXo?a@!p*s6qv0!`XASpWyk3$Ks>mw9}a%{-ce|M
z9Z4aynK@ZV%0d<{suE0`oLdof2G6uaxv1l(>Mt8QRLgJJr-X)vchuDh4pf-q``xBe
zS~8R$5Tr_%VfB;E%#56XN2iw9BW^VAxGm`mWAP+}4q!xoafxY6un}8P6~SjRDWQL*
zyx`$z@0XSVfGofzxkb70iLc)_0xo|Tx<n=Tr4<gr7HRaFd3<2!VjtK$`j}T}O6y6)
z?dfKuILew6!?CnLRiW{TS+|E|gm3xp_Uznu)rIMS);*tW)s_JR&pNhqGesrGcO>T_
zDH*z0SL8TXRrAAtIZT$ntz5H7tzYo3A@2@Oh4>eiBI5;Qv}swIpO6^IGl5F-Wi^xW
z_B8Itm23A91WKoG+OS-dL@D)(^4tCI?vy;95D5qfB;#wZVm3R}4cn~_$+h_e=2nfp
z<a*1@<18tqq}OLzl}eOB#P+jO`92{3_#SaZeE~s!u}Z;QwlzZPVuMyZS1xbGT0ybA
zYv*oGOLNw+Eks9rgycrelfQni+`4PdEOvz2j^12O3U)L*f_!y9&9!=Pd*aLYJ#C#G
zV$v8CqqjvXLB7stJdD(0wPh*5IKLym%`-ej5%Y6WaTFQXg%ll4yscZ5mG4sm9Y3#h
z1j4x%)KQl#4BhpIrB6bNxZ3MWy+g3!|B4QNmb2OJbg<otHhirhDTmRlAlQkH-L`8T
zXxdcdf(+N+jc%WSm>lu=5{CH%lc=!zYZUr6M>+l`J5t;4j*!SEcE?OV`1q|iyH0Wf
z!m~86qXI`r&Q9awW=Hiu4)Av9RC$rgPvC8pE$|5@B5wywJ=wnrqyzf<<i66U5H3;_
zgEN2d4FxKxyM8{?q-!z@hv*&-7%(YY$1Zn#85tzwh-`j87G+acLk%bD;x)LHKu~%U
z64)XX)pYkb+18V*GxW9sc<lBrLk#>YqM9*)gUqhq0A{m$lgIcZ;3$C8P<5SaOFR@C
z$EcIq$f&bP{+8M}R#dD>yvX5rbGf+@f+@RpK(Ms2efs0g+1ud=G1mS^{_U5QOlx~o
zw1JWS59Ki?407umZpWw{PgjUpz6Yk&NAxauMFEln2Ib}Anhun7&v4Dliw0)KKXVI-
zZ2(DLmval69>rArw%yh9>47!gFpdK-4o8mE?y9rHny<#z%!<g7Nc|6ul$WeWv9e2-
zw<xA+wf(Q6_z`2^%PY+PL)2SE#T6}Gqey_@!5u=d;1=A1ySux)yK8U=?(R-w!QI^(
zr*VhI_2-=LjC&vUTlXGo)T&vlYOdNf2ggPrmg~?L2$eHjQ9Dnuzrej1n^%Vi*2gK-
zBG{fKY}@u{zuGli{4;j`;DcDx)zrwq-8nmsPOZd(6<ca;ZAZi18;r>m<Mm;S(BhS`
z3E*40=ne7KHnupI+ZtmZoW9uE-wAGMp%U=9#`CKMuIl0bm=S?v6*t#8k6~(#F|@J`
zpKAGYM3A;~Mid#>PT|E4PiI49o!(r+@vgBoZs4jP?O`9sXGkb5k7qZr{SQQjjhf^W
za$*kJSeuNri0=#XDH%Y3z&^#8X>vE#8{?vs-mPmwHn_w5EhgBCniF@5TRG9Mcu9$(
zN1T>^1j0`WdvwWs=}H+$L4nBIwC`Wr%&zxc9ehSkHZ~>hKZ^~T9OZU_kxh!J%IC*K
zvoV$y^d)%k?I_n)VbcA6Rmf~B@4ys0&te<wTCNdh+CUckrx~;BdFk)YzHzLG?}`TO
z?E12JStg&{CaK6H&~cnSKF}2g@e(vM&pJfbll$G>+J(^A;@E<GOf-DD>y>b8PpKId
zGN9j+7-kjRGA%GX0m1`U8l5OZ&$89^t_@=ZpL!Lk-+k|_`q<E;JL5~|R-Aq2MR69U
z{b4N3w77`#Yc<@16P3UiPHc)3k0H8G;9pi?L3kPg?(Xi9U_dGxY>J$V4eja)BiV=?
zob@Hdy3K^cRfMUZVI<Rd?USB(>deeH!yMxG+J69<bfu1o`R~qj**<@eZqTioi%qT0
zckjs1NdFyloN7QCl<+~9@}wgnr|e=RPK@?4`Axa4Xk{81>;$!E)9d@*!I<Sx-!7ON
zTV9gw!Q~Yc-ZBI_a-CHJKo=H&3hlr6$%SdW3^DtDp&+gKvWMgZiO1*4b(Fq_fqxN~
z9LV5!8OF7$zc1SnT-U98?b0l^%$o&2i^9ej@=Aa9`JHh;1vxfZyM+k)?>6CgKB~FO
zmvpP~-oABwd3#1AJG`r+yp*>=FFKj3x|X?N9Swo{vt?Or$0Q1O;(Pe<jgZD{F4AM<
z=u|4BGW+QEIJn-N=Jf`YJSVkCml{ZU9%UJujk?b<%vK%ZTQ}&R*B0a)bdYNy|8RFP
zHG&Yz<WYJ-ex&r5dInYYL7m}@f<nBk?cWaK7;^OpXH+m57mj6AOuk`1b4c3fn0Wq!
z(bg8U&o|^u-yCA#j%g~CKBh(Sz}k*X&r2PVAhFx3+g*I&Qo~PV!gRSfIG2k^&5rLD
z*jEnsiM$4uYP1e9v#3O-$M6uHA}EktO>8J=keCMrzcRNM2gm${<`?Yp&^*n%%p7RY
zkh9n0OgRYZDkNj>bj%D<XRC_q99~<?j5iRty|d4^-We;?7`c}G;`MLH<K^qAv4!l-
zi=>IPZL1cZ(V>OBL7f2Xvl*`?rmqnY-(jXx^lhM_r1t#c{0Beht_p8VW;TkYEp6G<
zT2SOhu_P>&2$GuFRdbCpIK#?5gY$2#=f<Z-_N;Kl-><SG<~3ZR8kxCmPGkdXf!Zlu
zK52ZWowTwe(-65#`Et<01-p%wHGaKu`mZsyw;R+o_~aj=gs>%Y17dK-76uc44@}j#
zH;rt|;tI2SeB<GsDVG))iJX6)kc|oAAj<2%ZrIj0AR4GSjR74H`NO<g5js}2PIj`D
zhU<g;znWP8@I$&NF*HafAtR7HMT4$WVD2F)oRZNVs7-6m!k%C`;95`pzRI(0ARi>;
zC1dPLqCXs4?_Q2aEiaEpv|?sz7<g#<*G6Iy;um%^xO)hNw2M%yE4JF5R-V93u|hC3
zX!U^kop#Ob;6bje8h4j5XL3aZa8)dgI9LdG#t=0FZzIOh3@w}s+vU&Hm+=kI=n^5&
z#$iOXIL0<CwtgcbQJm@V!UhI7q6QSV;dShWX=JB^zyW6bh*k$tJ$f1V;*Y`R7_bj(
z^*0thH~W~07!*X8VUJpA_Ot`9_8Z!5Yk<+ID?)BRq1SezBadH3S0;&M@1YK%wDWGC
z54&#>tbu(=qV+$sBsaz%*q5_fNds(e5@sC5J_Gk6c={hEB8p(#M$nr{X$kYcANl*C
z1a>)XgoNW|p7^70%hhxY6AIbHA=wXn<n2Uh_&WW}HAzi(vIkUF_06uO)=v<{Qj_9U
zw<Qj1o6;ljzr|eLAmSpeslPS}EiYsTmRrK&M|z}eM9Zv4M+IXb?wT6;+%d;Y7)#R$
zF5G;vMr0f+^>$cnla$-QMIYr~l!u;u`|RNo#!7W$QVOXqXQn3zpXl-qC{KX?OI5e_
zj6T06pfE#g<ZqA3!79A2ti6I`q{{2kM^+Zue~i#4Ow7#BXk^riukDP1Fg!>Y`LMdS
zmQMpF-Z~AP>u#0Rjl{S&oK9Z_nz}m&8HgK0&7E4%Asu*!bB3wkb7`Cp^be%n<YUp#
zFKM9<r7j~ofUo-cH;6cJaDHsL%*7K#7(1aE0rHi~6)IIn_M8^VG>AQ-V$#t9gGiNi
zVmlT?|E4o@3B!Fq9-ah77UcNt>e^!@-2`U8`7RC7*8gIss4S0r{0-d~`2wL}&#_};
z-+z=79j9;+yJKl6^;8#;f1vXI+`fgb$kKD5!CJzea63(hZfPt31USoOvaRD;jA+Zp
z5svcyW!`$dw&f=)dC3dPZd(!QFfjte)<uvHrGD9Luc&Xgl}-NU-1ReLjgsAk@!U#o
zqagHdq&nTS`jUd3p)2A(PN8Btu23V_erO4pj*^f@rbyOu8#8L3JA2gq((mjyhiqta
zEHMty<o^1c6fxR~BNmod9lGl1WNhOAW;E{>K;+@W2y-`ui0-%_q`KmRetMXB84EZV
zMMfDw6yeso&htu(ZkNM_=`!*C2-rv_4ubYAKRKtGIHL`kt6UM_%%kN)C#(E&&v5Mw
z;FNGNftu`>o{#}-8<q@bHak|sed;TpM~plM=pdUq-mf#B8ClnSg^P0-c<JO!(;ucI
zk4tWnRl^3d@d7@pir9lZV~_|KHXyRO&%x)Sh<W)w<EoWVqyWZCTMv<oYrYxPURZ$5
zmI{*(EWG@}Y>c7oqKXCn=M}J1g5>whHLt@v={f<$$afNc(z1kZDTHK#?<iZ()c0Q$
zgs-mEkUN*oN$>bV%0YsnP>k$VB%_g!RnS-#r`_?>9O>TGq<qU)*=lp&QwX+hs6}d1
z_!^He-ht^wk!?W2hA~Vd1=>10OQDky^ymeRd-X)b^eM;{Ky`32jb?jU-^eak^h95v
zr*cKQ3b&jlmBiz_g6kKalTJeGM9rMT-f@;zQcah@=-P*?y&>Mf8dlkaMp3wyCEOsS
zCxmHF5T=oqzIUwa-lyNfwDOq9Xt$!U#zB45nh>2@tI2gh7}*bV0T-?Wq&0G@h~tSB
z8z8@H&~e2f5>}=e3VnT8`qRQp%I$oF6LuHcPAXV`$;rF^z2|po`*C(aQn;AFHhNa?
zMORvw3`x!EBXe8Ru#`GhvluZ_RV20S*Bwbs5=7_upr!2V2%kt5w}Gj51_D;(w2Y$!
z1?GtZ1>^$`yPGa|$m?GI>{>Er7lb1BIxMPeMo%@KvB1568%~_FASp%5^k(ccd;ie3
zY(%|_i`IYtws9WPF6vQu>12+8ydsEJY&6MCm`<2d6ja`{9gz)(DZaR%H7AC`Ltna_
z*>V|GihOf}f$&*ZaySC=m2~tMtEA@P9Gz}6G4Nwj&l?;upa1mxHG9HEGr79Fvk#NJ
zkqqWO-`~Cr+4yaPQ1_*8r`Z%o{%*k)y{6=e^t*gje}10la|vXu>5bCaMWJ2FVG!>P
zhVQ^5T&C?3=MJsxk^8D@;vOB%)1ZSN!XpD;`QKaeAWhJzJyCg{tj};y{5Js!8OuZ6
zr|W&{^}0S-^Mg3d8y;%(@y`|The4|Rfo8G`G!!hM2ntN={Dc16>k-1Mk@sCHHU|5%
zBi)CKV<f^nkG>8BAN8{Ietj>oODS!JTM`!gG_1<)9TR5<QAdvWK-edF9WCmUEki?#
z<n;;3ltb*N>e{PKR9eC_X}rsf?GJ$U{`n&z3gr2~!X;E4r$CJ9#Mg1q{42o}vd(yx
zxv6(1Q!b^SOuC`EQ=~*1#y8f9#{okBuNHl^5(Brl45PK&k0h5!N}t0j{plPO`8tPv
z;_`y4s0Va*#sIoI2p@eVw)K24w6zd!(=tg$O<3-}RIp~Kk6+VGLQ@q5HE{7P<p`Cc
z2v#_iW^<3j+<V|4mc%k7rRB(($iLC{TXQ~=ldYciY%V38JYg*KylW9)qwt#_Akoj4
z7+?C@0Z&+<JvC-Vo;}!lH&Jl$@Ib`(0sp!r<ytZw9bF6!{nK$td<(WvA@eq?`ZpG1
zN`{<}WXaOjlb{`#vVybI`7qG2a1?GX6u;(vT)1;S!|q!81$V!nTPId5a~}Bx#^h6A
z;QOh4b*U$9@rMiG&(~x8a7q%VT}UxQ!@-Yj$t2p^YL&d+LxYgs7}W5y7BYQ6r@3SH
zL{l?KiY<WsEqng<&Bh3!+?Oc8R|(RHEl-aMI3AgpvnnqKgkp-5GBh%c*)OILLHsc=
zOy$zq9WFRP%OFr&maOzlJD#qI2`&C>kHXN}RKh@snumqrlk=cPcJ8GrhgDQ%adU&W
zu|?T2Kac^9EIkEZB68sLf$=@R*@##;l2`>yis_sa0%QoXuILs*>pHZg=7l3-t_R3o
z*<$vo9|ai9E-i8;XnAPN-!13ET#_Bsr5gyeM!&jK^bIGcRY}pXyh$)v2zxe2dKywP
z&-Qw7tzO+BTjPhMHNpt4{1YKngsu?25vm&X<%#mBf$)w~K$#hu)niP#Cypiw@*syp
zRF`j_(#f`}#IYxX1BN{SWHa+#;Qu79*1+aa4x*uN2am>FI>uC+bu%LJ_|7}evnLS*
z$RELl-CP>^(CU<-{gzdXCm^lGm-x!E?|9eqBpIYaBU;ZR8gPw#^UoY&<y@k7^Jm7n
zaq<#QBp}5Ujff~XH;zoe$1^+ef{Veps}#bxg`6@a^{Tn9(Ca>=@R(!8Tg*x(Gc%aE
z7^A&R&>7v%^l~We3reZeY?EWj{sh2vPkfswbE@}(Zg6!v0v@4vbt=vJK+fg0!ZLXE
zQ<pQ#cIM;hmV!6uc}LW1Yw$YtvIew$5t!MC!EV-a?R}H;%47_6ageW6DcC8m*g!jL
zs*A*7ZglFM8`Ftb<^PJ}i$TlFyYApNCqB%pGPB@3k;Qwoq4=)6kx)U7*!6fp(Dm|6
zHFt6dnMQ}y4<rp?!|I_HO^99h)?la#XC0mVv5>W>_l<5LX9!r9N78Kp#E<+M-6dVr
zj$;qhx^{OpzqpD&*!|)HeZ!>&B@uBCplWm%K5cYmePiQ|j-gzbhTF*8`lh!&cyWRm
z7u3l#%h9vM8h;kaa9>QrK$JeGtUA&Eh#S<A-F83edSQlAr-ByV<h!l;&LUNK77=Z~
z!%}owjqCRYBd`G=|2=ag-~H0fbdPc0qB2IN%vV6%0yzU_z)!sr+3V?*p(4g6zO^6G
zJgeS2?tl66<;lR~P20zqRROZ%uWO?4dR-)=XoUi^I@!_S6W5FRi+a~acyc4^zASPp
z-pPEM<JTS+$)Y;9^xU*&F+vynn;QGXrrehdi$9Ci!bRG?ts1zBon@WI93sX^O%r)S
zlS4vqf(K$No?;4Yb%9bb*j@tby|f1~e^vjitUT8jKq=htPX$K2oD(uOeIq!FEU$-*
zeP`~lCj31HKkJ9maijq)cWhZreyoSt3kAn5@GA0qlaqib6!&d!I#C1iw`mf`CSwJ)
z?}?O;<*BE?z?&zdbc*ENdxCvTm7}x!@a(2wYcBjCnfB`jDHe!mairU9DWE?a#pTTE
ziDP5!SSPhn>1{d}fXAO{V(A%<HOo#5=E;(X8>O}s7chlvJDFRPF9Ix0F}ILGr-#gO
zyuFUL!;A-s#$sAM4gk_U*bBiPNnsUuV_R}Y7@HBU&%DyCjjw|p#Jb&PP{JAYUv0KO
zkcbWJJhR*5yq-GEp#?%+<5jw+o{zqC|2Z;wf3zu;iv5aYM_%ZRkecU4ypWyVoK8(>
zB&I=_d+_nqveaC-c(j*3FJ@QoT60a6j88RRC+%R%-FmzBee%nf7K8J}9(6_E+m;FA
zm$Im7K78h=lOL7F(q&QqBdqk70M&P;&i%k(OJ)cgWObv*V4UCrM03|VZW&Qqo~Xvc
zU#k0{qDpDaQ*Pl}zH8*FF9RZN8QafHxq;=P&tn(6xbe{@-5BcL;w9u#5T8<Nbq=?t
za*^0eaL%pg+mlsD3Q{9C?Xpgev}EUZF45DhOIw1yQ9oS>h0?H^Ko>rSz=BPbTs|9)
z-Gc)uZEbop0nM2bW=5vFdq}gEiS!PaxssLKp)H~Cl_Vc4Ypb&IN;0-FeA*B32|$Ul
zy~$w67XuhZ93F&W3iFal=#M&lu`Pa~>7F>?fnZ9CSDh=Mz(p|7q#za|%DSWMY(9&;
zfWP3oQe4^@>>h-~XtZPhnH+VKC*%qR_75>*V8m^6NvpTm3#)DIn}eU)M4(p8vkgQQ
zvZ})ik1v0;%?%or_4)eaQb0>*)Gz+_sPuAFdMJ0L^dSBI3llCmHTG7Z7Fc6jfgYQa
zxl_(<Z9Tn5?W<b@d2?%UhyrV$)C<IljqKo1PjtQSd8;x-91|OJ-`K|At~Ng(Tie-|
zI?`G{l%%x~?RRhqvPy?E!r;uvSB`0q12}Mf3)}EIFy;9eBgG1RmgBmpzCCyF7;+tn
zuq;EF>7mimIYtaBFY!ujgyZ3ycQ>7b(<9U=njOXcU%ktfi55b*^3!^Qi<yf!OwYRt
z#*jekJXdF}DX@z0ElmTTaz!l8TXRu{o=!2@AlzJoYxu8y9S6I)MitcF9^A?f+Ivnu
zhdXl@k*67OTQ;5ttqqy{3jrwe?OM=2GZnAA!`hN+U=RC=s1f4KjlZw=r`R}v{x&t=
z{9MjXm(jU^R4BV@<T7K2B?+$a3l|p}7Dhz2_z!fpvzShPR$D#~ZXi=DJ<PVqdU$d$
z+}~jb7X6^uYS!v@2o{8XBzTW_=_e4A3?cE%EZfk82Spf)or`qd8BWQ0#B7b(GbJV7
z`DMYj=1*8N$AzSU>%Z9o=f=u1a&k(_&tWYwotPq8Xn$vV#Up@D^?-YdiRsv*Dt?s;
zt|~ixjGXzgBqsaT!ar5fLeD(Tj!vj%!TwMu%2LJ?SIE=Fq*T#s2VE|;W12tVhlfZ*
zKIb7O&Hc2#;Hx0*-AV|!tpV#>V20vtW2MH*)RP^l!SM;xZvMJe$R!#<=7Y}KjZ(-j
zsXu~Te$&fMZ-y4?JR3c08#%M^#Pv5OOKdzz%fLv;#uqxuG)pOcDYrW_vonf62`bgt
zU@vyPP24=7t()QaQQaY|amb~_i_{7>3fLdxv^fi!x)CU*8wwhEbYm!FXZ~iq_SNd-
zw5+^5pZ9|cdl|VLFJ~tq8EsY`2zlg35M{oHq0-aqLZzps=Q2IHZEX8nL5r)<Sz4v^
zc?aunAo`~qA2DYuuK`#ArANsaGK`yeBA0J8vUJPH@>0xHo9_Y^)}@*Vl1Ujmx>0$G
zQ6{r6ht$`54%}4&t6+<<V-qC3r)`oYNLuoJ7QXPYC4y3$si~RbNtHe`QCT)F)W6BH
zvFX}e6((=HpNO`A7(j+^QDo^5nO^VrS-T?u9SYQaB(l1p@t|MI*q<F(evvj6WgHKR
z>UsRz276(~Shi#L+yp`ev?y+V>8dLEH3*Y>s5%14NqMM>FlhT$^rBDoqfw;rY4i^<
zOQJqYJ;lyt%tk)UJI*jR@voZ1#kStH8j9!*{CWm0vrfYhfj5j2daic7!(G>f+}Dou
z%d7+cdfSroIk-ZO;nJsSQ;bE{%nr}FL31?d+bJo|gv!~WRdb+^mZZhHaJhozkkSLv
zN2xOvU!n3kz?!n#G&%H`NDTk*=Txqdp;JPb8d@c*_TKW;Rg*L;*S_!TC8_O#JQ4Kw
zt<8a%n!t%b%~$BPwyiq2-}=6&{*gq6rZyP@qVDyia7hFjUhF&SEieI2_HpggRArY$
zJN_sZq@|9+&L8y`)Ck}qTq~T}trkiPxz>+x(s$)8cENds8V6HgjYFt^ndO>=MBiQt
zp0at#xr=+C#NX3a5&k`2PdrF$f$bcXvCZOxb{@UxntTezNNdY#pU~q}FBL#Fi`vm}
z^%}|o@&m}sJl69_8b}a%UDr0r@qB@VoC>lq?tctKhZq%Ogypb9OH~ct6LCD2mix!t
zk>4M@jMd?fHSF&H#40b9QQmPFmmDmxNVL%*c_lVYAGtaxmSuC6wxvxvaYva?5e!kr
zZe8ExWZ)$|@b{ZGQugId%_AGX8pq>K#$B;MoC@n|+R(!@sf;bH0!?y8y}(-_iJjK<
zi6v4q>_IdU1RcoCT5R(O5@Lf<_v$Ny`FF;^O#O7_r4^x}4TY|kS8F4E>_ptMX_5~M
ziOu$hBy23DP0kSsXZDuvWssyCnx`dd+gmV$DIe>vy+=dr++pGXub6M@tO(qtO)}cf
zeh}TWjysxe44$>lo_91+K@ZtKO|*I8-4B4Wh;!p77L}938*>nuJsxT}+;vM&DD79~
zDn1_Kf`X(?lbs`vUmAS%9(|`tT%eBi`JwKpJ^%QvcUksl-bm$RySv<;;caql%NC#t
zXoV@MJ_IT(Yx}&1mYc~k3OCJ1?cXuZHpPHMs=qJFg-?G<n{`wNf!Ls8COiZvjBlEF
zYWVlh?#T`F2}Wa6EQ7P(eFE163^8s{nw*HKHZEK3j>l^dN+SE(s*T59me`%p`JN8!
zw{EJuB6nU5CT#mTIazJFAjM3Qr<^(zf~Kkoid2!DJjS?++WXViyF^{Qu)H%7*Bk$Z
zDqHYg(r#f`y^%3IAZn!Q?YRQxL(7wS$PoD+S9FFS9PyA%H97Hphh?KImQvb7PFuc8
z(eL{X5g~QGBgQ%=-<pa!f?o{s#UMtm8~R%;BAU-UT>Lvk%|wI4oS}tjy(r<X7T*%o
ztLGuk02BzXA)oZXY8U#u+hk-_OAO}W0Qhd}J@Rs1%7lhNP;xXFg8$|1GJ=i}#=x4B
z!1+*Nz&o2$J7c!n(}^-ral*w8Em>`J$%;hH>)#_ej$%S?k9_VM{Kunu(&nA`a!=~X
z5;pM@&-JQ0RPN;G_a0n3>C8Pa11e@=`Iq>@#^O|55710=-P5-UaPM9MXm>2ROF)iC
z;6_oNZ~QBhbKgbNHQGtPrVg_IUglaefPpp;L+XOdz<@+V)fw)%UT;OLh>0cs)8`qj
ztsv5@ruzn7_@iEEs^MmW6fpXBc@)Pu{$MRF@c&4z;Ydi+e#xH1+Qcvu@-U*pz>*AF
zn*1~EC4LQ7s5#Y2)M|nFeMd&{KD>oH!`3+Nqt4#_MDl^Ew-5(46YrgxNvvsJA}f;?
zg@?D1+O=)&2r+Hnb!g{>$7Whv*ZzbI+ZAV7>o-JC=Dn%%OZn{p?KwAdmal7ET*6Fh
zcD8M@bNNoC+b{aU-M^omGpeh=VuH?R>Lyi@&`xM1+l*g`B7JaDCA^))Z0aRLs7uzX
zjua(s^PAf#wjruE#L?%`$3+g0^*zU?e{dyq>KMKX>CT}&RovN?A;l}Gi|9w0MEkIM
zu5YZZ2|m`PG_{xh@QQ>$K7&}=6NRF(YS7=Ngm1O+lTTtcHCsi#ci#fajRb7YSo{ou
zbTw}<xgjo_d++PZdI^8E2l9^6R-bW>^t!8`8Yh;f*jY%vfI;$VDi8Emq_ZK@t`nYb
z&5`cKqI)>1jm^FTrY^~%JLvb(qZMB!CU`ZuSZz%e%|iGriUr7E5uI@&@p(KySQ6LN
z>~7DA5^xQo{(L9{X`>t$-!dLKuok*}|1365Ga*cslpY|rblva@SkfXp_EHr7JudON
z?Rxu@)L_MLLY3z(Ju`N~zHymT;5;ALaAG!=Gl<wRRM*fbcMUCWgt(Rfb`MY*o4=*(
z@@0vVDHmfv3T4Vb06x_U!<GAQ^xOA|@3^FP!*a~j-5ld2{JOUHbiFR{NQ++XFY3lG
zXm!L|+#wcolzolsA~IQ=zRovGvgbW%%jWLCA3*vDwWUvyhoi2{_}*?2^4!IyqJz>I
z7AlQ_YR&kIAya3^ztPsjz%TA4D6DoERdJa)ZaQ170|6WNjPSt!-eSk}4yp+&_;s)#
zVQz;lXUq1mHc%IHSq_bGc3|sAxCT&woC1(8u!&dD;1^A@VfCnA5T=2bz2}d5Y9I`m
zNB-f-^U>+f^CS!Am9ROOMhlK`8|00#1+As|S+!$F{IT!jwoaVtFzmXqqiC@VR0?eQ
z7_H6jQsw$k_&+LX4De_8#N+;mA`{{6=@5pUYE2>nfs&j&q`l9&Ko`%7Ax|x9Mki5B
zLW9!~4UN}NwKq^{@_Ot$YEbZq4WU8ZDbZ{~LSMuWGLFC7Jzuy9PDdtu1}jutQve|+
zXC6WQ4VtU`JA^c(e#aQ3e&p^Kyx;FUS(-Y*Sr=1(({W`zM99%*9h2On6o}-mZbaGF
zsL-XHa+OvZAp*2`X>_IyK_X+XzcHpUE-|pOB~E-%WstKpIQ<`0S%9~Z3+_aO)^7%@
z`QP99lZ)FrWF`$n5$eSKv=Fj0J_4VHmQ8R_@_5sz=&y6))xV(XnO*Ph=;lytP_U|&
z(UWJTrQsG7l6hVg!M5#206SFrf?@oEfBY;v5zkj*Ue%R4c|nPVSa`uSE1qTT_T(Zn
zd)~yrMHh2X0eq9kRYY5te+<B6Yv>fcNd$$mAyRU3hLpi+%3S6+H7xXk9>4a5axpW{
zihSkj8le#zW1M}RgGn9m;eTd)3XJF&z7`1yMaM>$*WH4mF>r5AE^6Ni2^)-0xsMQ!
z)30}{cpf|!^E^@3!*+pWQcNBKr-o*g3DR$rZcA1iNDD7<BaYAz?mBek;7o7*_{@NU
zY?2qu<9=G`Lhh+p8o3p~V(xOyU5KDjThK93|BW6_;H^C~tEkPw!4s8$R8ay(&RG&{
z!YpDx{Sn$cW~-81$P)Gx^0f=f>!%YT7(V;+ED;G$%K0n0b>MKqHrwJ@pE4aJYDHOD
zDiub{5)m2wo#jWu`Wa@>ZVpS`55uA#$q`rIetZshe_Qo!pe<QBV+4)%Lwz1IZ0DYq
zNw>CnNta653FJpq(N{AT{4R2Zyc?tf6o2l^T_MPoU5mP^c8|~nDnRs3%9j|}*n&oL
z!a2OYKlc<z^3O0pJUWwqy%mw{$00a1tjO3JqYDc)S@esT8B=lv_Sg<6&@od+`)(LI
zRT;lx84V9@9Ey&S-E7|d&?A`j8KPpLi7cAX$q|7ApZH=`ht_&*G~^X87dBZEZ^e=Q
z;*G8=^Ee4lRV+`MxKsItLoAb)x41Xqb6?EjB{lc6B4d^%Glpy0BSmXaoP=>h^BZRy
ztp#s%1P`hu-qx;1XVd~f=zbBx>Of0*rt#LuMA)~@a8~s-s9?<U_vDEMvLW-a%OW;B
zH&<q5%DifZoMh+MWFaYG!HW2Y={NesWj5g~nneh@xJC4w_{rz|3{Vp@akzkqkt$S=
zOiK^Aa*1``N61o*W~0Ejx@$@EJ%dS5eHJw_#Jd!YglKZ&86T@{`b%dh20F2*mn5Rn
zqN#6W`IOXmI+n!N6%##E{vS-FaXBfd9WvtrmAZn{Yc2@ZI8R@XhrUw7kIGz*wFX3v
z#<~yi(&W=o1ol-}LYR4vjnGwzBWG1j#y^n<Kk>l?-)RPQ{rD3TLjh97&nJxw;k%7*
z9bx)WSjgr}fAg-KVJ5edYqxLb@@2;`Uxcc|NR3XsNkAG1`n+zEgw(jCraYHLP0e4)
z-Vrq-HxxS0=)$HRXnjb_P-M0$&gvZ!5)u}Mhex6O$s1cx;y78ZrL0ES_ndXN{MGPX
znG$C}3qR}BU)oF&L!0%ksHnqC9yzb*!#6C9cK;gxN&XTYE&rGdb0Mxkh3u#-qHd<W
zqxPtfS|GWs&cTq8>hIeP+Cxs!+`_V;l@UWbemIJ6X!>4DlmfN9h0j}(gdli_bSLQ-
z68!Z-#+y#ojl?#i2Ck#Z9bExGmU1Ssuw11Asy|#-)(xe9+FZFXgK$T4nEeU4J#A@(
zM+?G@uo1!#-kP!lB$sQp^19!zAj7dTGhAMR-gXE00MH#WaW~<Cn-U2(DqP)owyA2t
zu7eZ&c#`35Zk$mP&4eWJf!+p<)j7yt&s1KCm7z_e{M=WFH4Jwp$+@E;)c*v+D-PCi
zGR?&D1+!SDtk{IGb2#`&0PlO14}6<cjE(c(Jsja9gk^fYXl72|2z(9VoZ;)y?_Sg5
z5>o_+v+Wf3A^(CA55Lh)(_mgEX0TQKvCLr+8-L`t`u(q2Q0XM^;GZn;OTYB+&$xRJ
zu+^8~(!RG`l!Ud`Fr`TWZ1q+a+y6Xem?I`m=Oq<tKX{UVBujDe`O6YWg%a+#8fN|Y
zOFMN?{tLW^fJIXrG(WE#l0SN`LL*GA^LM-nM7_^K8s;GTX6b_`^xF8uf+>ZSC&s|T
z*IlDf4vBTsNQjm3P!7pZLqZ>qyD#V<1z#APP5y{$KpY>XGRdVP)fV5FD4!n>|DZ6!
zxL>ujSD>PwQ<|OHlX}o?+800m>rNjj9SWj23>Dek+%<nk+ASwo%UQmdo%%4#3UzRh
zFg=X5+I7Baf1mf)DTO%Vjjk4ro}sCstluF^PwfEj2e^>c_f@CX%ocE4IGKBvrJmeV
zC{vSN`3>bx97R>&uzVW|$TgB|#i?!lWSTQ&#eJyjAzS>cX^uc&jnJlF^;af8`?8c<
zrIO)TzvNDj-Zp#D)r$rzOr}5dR;3X2*K)D>G8=E1Lhd=+whmm7-t?t^KKz~M#$i?^
zX6hp-QBH0eoCFWLRhg>2yjE5@0l)cTOW)P5$5k}qGh7M=KCs%!v9Td?bFW<@AP;A-
z%}L2ux7CUXl;S+2d2m*$dg=XTA_*0`i(;Ft(Tv&k`LJ$nE89mZc;~(l<26^0#AX;)
zuS~+vNkWhnnDdKMs@~Z0t9i4D%b9*Fb4SL(C(=JNY(wAHsmxU>=%_+$)9J64s>a^*
zuAiQ|tDX#Po-%Q&_N&PL@NB@BE!$4@6)E|>l6#m{_NzYW5d8U*q>qBQad}f9pF|@z
zzOLoFe&t6V_tq)INz{wQ{*z?w!WmiU3GbG3r-VGCSBcX5C?P3F@(E6p)uW2_a}>L}
z)1avQ<F95d=jq&+?i-)UBJ*`bZ{*?|_1(7<y)FrfYuZi~(&eMm%SW9&Zjhq4zLY7=
zBrw;CGeEfwVX;&T>xMhU617~%x4vaxK>x3!OU1TGjS%uzLC)EX!nR?7+*GZ<&{B7v
zetkOoqB=8sFXL%K#3Wm^pLZ0#3E`CT=|bSc>^|N_#+z>kR-5i!NGH<F)1FVBaeC|e
ze)}u$DE|Y1`e#S%c{wHJ0xFd_Tp#*e+B)Yhdd>HAa_*7r2=ijXk%iZ8EcMpD<5@Hw
zo^YM=$IGD4K0}26V8^IFZE;a`QutxNzPWkm{+``my=?K-A5XpH93f*XR=PMVE6c)9
zxLSxnT><_zD=YVl-~ayGhxJJr(9Sn^cTe~A1r6oF51rr4=wSR2p<`q$gxP1v*3FK1
zw|BdM;*O=Y2Y+1ndp-zEU=kj{BUAN%Gh;7|P7F0O<1t%}%}O&)w3RfAN>8t+Xj=Gw
zWLLhpuDVri_i!3rn9l)v%)Wc&Kjba7(^ud4r;9h@ES0h-=PZlH^@RNRRk8Dy9n+yH
z53*F8qGxkWL{1KcJCj7H<6bbbalX}K2P&08x1_9wh;f_Xq?G)HMqPPcLRuQ}eW={3
z6FGeHx7`pHgKo#jAT1ss-Dds12mntS@=fR~X)(RRgqN3>f+|+`R-Ag2ytF}88I5p%
z|H9&;BXn*Kh)Q0;6qo$)2HuU5Fn{uds^<{kuzw}zMl^0VQVzvm!K%DM)SWplYWt-u
zhcuFbi0WDg+xA&c%UYV#&qP3T@~w4}D2vxCvLS;qBQw*&!ls~oOK5elpWGDF@QhU{
z!8rk%ilr{*@tYFxzv~&Wm6ghzwLt2SL`?aGWf!r0Xgp&j+K$R`b?5No8dG&h&`EhZ
zzRq5toPrywN>`L{J+&v0)f1_`$DYICVowqQq1J)!34xsv=^@48$ONHNxXXZ91yf+C
zS&Jr9rd8H9OR7UAb#-Va9y!VsH`O>|T^YW}1bg24%zR);Uf7n8JvDVLBZ>Y0tWyL?
zm!ah5;labj{Z2}{<FyL{Sz1^O7(I;_R|7dE+^o=#L)E#`vjQhem7JK<qf%M9GPC;Y
zw0l?d24?qsV5{G<1biaG>}Z2!floMd4p8?wG&OpiQeIxLFoUuyFWg+-4kVX^^5o3S
z2^hoEb5`}nYygMrGe;Cc-oDi&OoU3Ft7o(pe@l$dt@^Z&ly<wExP5J4C?ZaS#iuZ|
zQ9&U!4YlEweR6Z9IrV%~f*)l<22d(dIni>yDc*%0ac$-+mingQ)()u10xZ4>9B(Ty
z^CDp7%5uSLhw{@#m94hL)Zy!|H$GmGA?oF@&F+NOpi42xvcoY8{<D*SMi(3mP%&}d
zn-M&DIgeQD`v2Ufy0{4|YB5rg0FIwP7!Q|Fq;~mZb<T}N1=vuNQ!-{#(s_db_i(-=
zqeUdAOz_8?<#>_9`E^8+X6+xd^&vnN%jr=8A)9Y9i_;@55f++X#Yc`-bCinHi4IzO
z8>p<#tgY+8n`3aMhGC9Em=7q<g^26SY`i=xTsIJ2zb}^kuQ|R_+akxrq`kb<CbK)|
zy8VJfCv<mnV|m6&xc%bqQlCF9wUjJEGua=Vw#Jnb|GRBAkVgeLR-3bbJIJe35s4q+
z9WVVSe8gsM$(|atQV%N9>6mCMBA4rS4#1FnLV7sn^mPy@ohpe>OcZi*Vo9eU0;rog
zJdQ9k==_tpDF>13jhOZ9i>@#I|LcK<hW;F|IJdbZXl?yc_KTg}a#+o7&)CA^Yn=X|
zAxYo9vfwqdP1CNT;GHKfKE9#J$k<gxlsk1a5-RiFO(Bh682#Jl*m^HyvoL6|8&!qA
z_8RxM74@HQ8s~N@gTc0Waho~BUNOEay8J43&i?~VNc>z$1&voH|08>Ke*R9F#VH(O
zX2DM%CKVO7v<Juc^WRe1nWKVEZRw!F5^dbkbQabaKDSSQia`AwzvS=nWh-~+LM-Az
zQcAn56((|3Kl&Sqh-JGHPfsm}8hFDL%g5MqpFVnzN1E2d!xrmLv6<a}0djmybsytH
ztgAd=Y#jwKCatxp%`cgr{wXA3iLsm82uKF3d042zpjKHQz*(;W0M^H?ey;(;pR%iN
z=c|mh+ftJd9DhHf(9R{()jZen08TpfC2moXZG5C0B0J;u1M|vd-qcZ#*#lahhfk{*
zug4j~zbb|>TLv*PA05!Jp)=_Esoq*VcV0HNSMVW^r*-LfZm?P-Mw~e5$Z5Zc+e}`y
zz5C-QY%;%HHUeZlD-&MS7H_f_&wY$ddA2%=6TaklZm({2SHvE=Ep4l-*b#q%ObHmx
z%fb=t6O18x7Y60Qr^Bh=Z{N@QBx%AvU0YjFJRMUlH$68=A)}o<4$_uh?W_*5{lk|p
zv^;z-i?!gIrqNX#Uq&R_QKReq5d_6fSbdPZLg>fFld4+!@5+-mOF(&0`cor-fhKcQ
z+j>UR=Q9S&Mm#72{aPEM!<X1@7WZv^Y&~i9^=IAaS-L1dJ*=p_FS#}ryOrRmt4GZL
ztx<-TFlVUWdfd~}n`_#ho{D`qq^%~#US`_Jy6ew{8Ahf0{`KvY*FRdGr;8O@8Lo9X
z&!_~~OoTL#yiADh@sT8~VigX2PajiCc{|&pV$%TnQ-n6Mf{5`uXcfKk?Z9Ny+tX(c
z@?Dzo>4&*_BZK2-pPGfZ?;)R&aZ}u~-CmR$wZ?Xvc3kW6#9x9u(EOwDPIjG0{pWv>
zFaUQ|LLVcW$|FI);MkTI%+i@01fVIouoya4S5!^TALI6Gs0qm^kRwK*&70j7SIo8n
zW=$`=ZG8DjOom1)Rc`g`X5mC;lMVn=I~m1zxRYJ|h=t`Yjwqn19BFG2VcCx0`Libe
zkR!>7r3n!nk4pM^oL%!vt-aAoc^bI#Juq0#jR~{r>j8^IhgzHnJ?;f`)<*dL3l^Vm
z#q_+vgpF|B`p9C6zI!^=1{3$#ygIBpO4D)6n9Au}qo?DQ%xw^aHnURN1Np>36GXgC
zRcR**meN1*e|)FvicWvwfp>8E1^&B8kw#<()bc8uzA)H$$M?fX9zTeJ{RAWBzzd!2
zLv0NxXE0{{1;=T+K<q+m<r}9}uD$KW(uMa!LAT>nL74RmqR+cOQ{dtA3=r0Ho-*Xy
zE;O~RKxU>~?Cf~E3T%a|kGC1NHlw>?*(IfoB}(_!hJ<@U>^1Glk#l)KE_hAa!$cMN
znSr(a0rP5bM97LDhPVDlaA&CS7n4gG)1g2HD8h5uR}Wh}SX~lhoI?lBN}SBmo<!5t
zXn`5{LikU|+qcJ10$ymV68sd`I)R3fkhUPC5#G{V9e}pZcmgV&gUg)xTd(<~@!RCv
zFWpnE2hDD|@)yA8s*}CouIARAE#F$kfrV>4dUyI($9J_@=;_B^w!52>|9HXV^4fG|
zCBn~h@O7z5ZE97KmES)=z*Y^-UK2-!MV%*Z)fuImIbyI~GK91(93vg=HpgjXdSh|O
zb!Mf-DUre0#gAB3ApB20rT)1AJ*X^QBHr#w*vhs3<N*X?O|=0MfVKXLf}mqdroZJU
z#Em$d_7@-%8(hBa;-2hYt-Xv?EboAH8EoIn*!5R8L#O#Bl3V0w*DXQ%sY%TwRaNjw
z*z~T2H-jtKZpo;Mi(CUMo%CA0<;WBMSLyo0E%&%TFWj8=f?_Y}t9D{%53d(ZW6sL)
z@~fO9jx#e_X)i9jhc}{5J&p9Klu=I}ml|L%vPjZC;zpq>o8AVnKSQ9<S4Zb^8k822
z?y;YKxj`GpLnjWPtDj{7C+dzc!=#Zx{l(d!+ijPZrk_76BIiNFr&J@Cst(?&K`Ioj
zY5|OOe%o5@w5@QW`}&#jb4!X&Ddxm}@l-<$gWIGQ3c1710xzU-lbgYoD{!R9hs)r8
zIRB~l@y{t6cLVPiFo})rPs<eD5ueF+Wh-lqnskhsjukX~jP;|93WlYaK;#M8s{t!X
zrn>K27USU3RdK6=k?<ey2M=+JN$bOCegTJ9qpObDWk3FZ8TRKKg`d^a?4)nKst<!p
z9FNcoQr5%bKJuQ{Z$&=3wK>dI2Edf}1$gt$*s9gsl283vHLHfyuc<s|S`2QQplO;X
z2-MB=kpu3=&8mF^gE@HDW;kzcF0?htiqD%V{*(Gq+rAsh*&&%v-fv7~{t9hzy8EKx
z1@?Gr>E6ZZ_Dh$J@%>Vc?I!1)E>8R&tOgvrjy}@7nTR4kyxRtAa1nK<Xc`)Zh)x{(
zc=GrqujM2)qj$AeMKTVkfd>`KcUcpVb&jv0^bQCub_>x|0|n-#<k<v(EB(oCRR07?
zh<u5qPGCK3Txofv!^=<WZf*~>E>;Zl`t}Y)q<Au&VatzP;tQQ;xwrF2j|_&it9@8H
zA_XXK6YU-5O|NGwChhqbrrhuG94ZXh|5-4%Th1=EB^83YD6|6SFFs)C_4U-`mjV!4
zH5%J95zoo?*w)H_d0NibP*<IT4lAuacRffJ#W-w(`GGHlXS@rO+NN&n5EVh2Ofp5y
zsmaA;0OZG`g{jJU)J7L^+HM}M--WY+a;IObu^A^R;q0k6z=KCLdh)*#Y9I0%A1!{Z
ztU5M?@{j>8od<qvrAFCR#vKsz5TJ56o10v%#z<{@`}m7CB{i=l|EB~f0w6!Av79zB
zN%4q{#KoCR6+m-BN~>dohC=Jfe?%YArz${bPcrwFgw{LRBEeI)_0Bavrl)eM&q#v?
z7kRnNxDRg-xLUbBJB=69-q!E;hRLKKry8WHLsZ{ZeXKUyi*1+IVtmM7fv;3#_-!ko
z;aabepQlBA+d_&e=qT=gtHF6*S<!2Hld1P<SCtCsi@oVXhL~7lu(m39+zP5QEoqNW
zHEuLvDwu=Pdevx^sJwa{iju+6Kl7eDRF;v9z(HG=W>Y2H`~>A#Ek`sLx=QYyfa<OJ
z&?%V6iaAZ=KBisN3+g98>=-GG=$*3ml5o^u`0xc~VPC*#anN-CegX037;#_qZ}-1B
zQCMO=G=O7R&-Vf>RhZNbN!M&PPW$5)X49zH14FDqQ2syQL_8F6OXeLM&j_)~RU9W5
z$>U{;?qIntkFzjxZY2I&bkil8#~O9<x!eC7o9)l|(_0!fq2%Pj#O7DOyIne(JGrwk
z89jUgX|)SWvvASb-79A!XL3jHDaY#(BR7iu4F#aflegzt`k`j4C5|~`k&@14Wae5<
zho!b&Ukgquc(qJQtTanLWZ98R1=x4L2<|>ix;`F3s0OHB-NdR@+^I2OyDC{aKqI`M
zx+kt)K(_p?*KSfmx9^e912j1{&!Rl8I0?~GSDrFa8_eRRYZ?ebYJs(%HrMHfa%^^F
z<ajXRG993YhS>cuGUbH|5gi&;Xl-+2e;%?XB(Hat9e7!4x3~Xg=Xj*|?Wp^nt9eNO
z#YFF{$V>wUGlMqf*DaTXtmQTi_(tMfz1I#j41Chp(C)9tCty?6)v5Tk1H;|^?0FFs
z6OedIL#(4D+9cb1T-Uf?g@t9oXuspl>J-7hI5fI|f-Z-T2Z<RTyypXr?1rVlmAzDv
zyg56~eZ|++QkB?lR0P=Y`)}n~EPHPLwvg)iT+A$!NjwCg#&`r><{E7+;?tGr<oGgY
z704l8Cpc^P-tsy&mL>uh<emecIFg$8cstoI3V%^$SJN7&b9<tLQ|t=+OPpT*&fQlJ
zn);aO<$dYoF!g!$vIKvt?+%<6Q@hy@P4=N~PA5z5Um>*n=UwHZ@fOghR}C-)c=zmY
z7t5OZILb5n<^8CPneUxDFx3*G&;4UnFpnCX4XdUK{5rxt--lCz<M>e`w%NKeR7fS`
z5%4cdt*fyvnyqPBN_)LTiyx~dS=@HooxXySRRy>-;EvvU=a8CnNmso+OHK=UD7VOR
zUM;2N6+VL(j(1Iiloqbh+8KE3hefE?)!h&o&Uib^b2hlnBNOHLl`-%11eA`b2Bj2h
zJ!qxM=ZOtdIzE+B$qp4cfAVP0Djn2K<LPR|Lx7Uu2(1?vu9c0f+YKE)FKlGSLz1D)
ze!>OUHSFH>wn_hgWzOzBt*tLbc-j?E<>rozGh2?{ts%B%XK>YiZYF-Jk#Ul=dtBOk
z2;1*1Di?g#@uiB4EX$uK<*|r&-Hi{N>qGrWrgL}bUdR0o1>Mhpw14RFw93@LtrM}<
z4e(W_70HeK`PTS!bf(2{+!>I2BZfG-AFNYByr<BW?8os_IJj#4Z-1Z{Pae8|-rp*A
zj=Vas6O}g2`8PUSdM!%=*bW)_vi(M8S(m5Y0#+tg$v8M%7VQY`O+lwroR-fC=a$eO
zfxs;GE+X}@f7}mEbIth~@*$}=lD7Wt3}yfHfb3`g)PQ0CVtmXcx%_3C(c@k9<lFn>
zK8GM5>B3+>JSnJ3@XkuuZEJN$!ANFzEMAC-l3Lp1A<F&QfpW?A<#pVY`h9b4b)lmw
zA1K<(W@NlLOWYAK$UESyrP*n83v%;rbtupD!>SU)z~I1gE~`UrA0KVzkbaz5|F2sE
zTC)F}KYeC{pN7`k)MQI7N0i@IZJSz3n*>nh>>mv(M-yPkB`EgVSDQ~2b{mRI!Q?sZ
zoEM+T(DWSssyiDzl$^R8oO8>G7-eK-b>esKr(`l+<wtUZaePT_u4SY<0PPI={76ew
zsPTQjny_Lx<@@pz;SuoIgmfaSLO>W0ISv{w{Fda`l^lcT`v?&y-^s6^zB+MSV%Reb
z;DGjTsZ1c=*XsS}@5t=98k|?r+CjsQbrN~vY2nYYIg{CJKZMy>u>|iCp{qVPY^J{k
z#sQ6u5~@H_5xBYJfrE7I_q3y=o@^sS1Cm(p=xFNmX%MDnYWXfs=fFodEW6g{Us`$j
zZ*F8bA!~=@#w))WoV1`jld1q?RUL<KfZLhugu)%)R0p&vuoZfDRIe)$R88sEaT3N;
zc%k2CYBld4Rb6Ctc{}PN;wI?v?y>}Gh`P(qA8OKGw^{#>NNJI^R6gdoGs1OofX*c-
z?8<&8rS0US%<}tvH@meFYC9kuuwi6oFyd+3RhnrSj;eaiY_RYjT`OT@TC>xyG`srw
z0AE`{G?Gl^3GqXV;j3M1_!wyCt+=Ue^8`!(L=`{G%>EW^6Y$X{&92-2b>>Rt>#rZl
za0Sk7WHjMaYAFq83T)llX}$7*r<a18M>!ixftb<l3(rs=A3IWkNV$Eg`Zg^`>Rn~$
zMh_=nNO0T|dNWs?{nYr5GT7;9wWBA)(?^Ntu(BTS^%qO9cOPQ#%iGHO?l$+sV9E9T
zkxUnQ!Z2zffDPmnbm%X*HardR_NQfulNYx*t)=~bp@59B^>YtSkqhXH*v3K0dgTjn
zoqxLTu+dxBm<Vd2^<<`r$rUNN1|89L5hoMr9P%W<_!#Ly3Pj9a;3N;4o8vgji%<&a
zt558bHSu;+rrKM)yvMWqix;tzs8?;&#;U9Be_4K)aG2KG1ZN3UO!^xe*8d-=7O@7t
z1eBNg`|-Odh)>4c<TzuB&KCT5ca>UGKft+3&<yo)xz``5^5JIz^QC7`iwBSH7&ihy
zcTYW9Pd+wg#3Z@N(nr9V=lts?S78uTH6WxWJ$abQ?9k$~!>T>kzuj%>?o|AojR_|M
zl?d_u*5}-#{~5^aBKLXO+1b1dMc)SGY6HG+WusQJp7`aTHi16h<BiN040Y~&<OfuI
zA$;B}EY!vLIrTqw#V&5n4Gd3h`!Ixk^D#YgD9pMgkFYtNy8*Dadw+)E@Z9qEuI_34
zkkTP_7ws<nA4NuOD<rjs3RO%`nfrl}Qko1m>M!!{u0gCHOTRsp`Tm~@DMX?75{?2>
zb%#;;u@V#JzlCEpqb;gM@%hCO@B8pA;d^Py2i9j-`thT`%=m1iGqJm6Tl#;aumY?t
zc}}(2d4iQ1Nwwj5J@@@#W*ztI`tQ4V$F4t7L@4jPIDd{OlkQsoOMkSq0y?`&!`cr_
zt?hvgPqoU8PnRDlmMmRZppTM$fBETy8c(iQLt`#K(S0+t&!q769M+GWD&}gy4ZVTq
zkAQkV1}p0ysSA8nAj>p+{5t1E?%~1SBCOL|_J8>cZ5`l^c9jnsd))NI=&mtq!{f-r
znRUW7oIp;(q`0{mOzvBD0#}jBtt0Dyi05|{vbc%Kyp`Qykoxr_rjnZ(c#R{|a?%Pk
za!i?W_S0yxn4tkxHDP`iqBKSsZp_n36Roy}8e|oNjK!fIr=qlJLMqUd;!9<vS=XGl
zMMwREbR(pqB6<aOwZ1Sdm!96t$cN(eVPVGN?#F*9i}%lCSp9o>N8C#a=5^burjL(U
zi5j_`BssA0{p^gct35A3_({wsa%}Rm2>;x-{+;6vU89mt)A$N4R^{D>M^GSTB#PSg
zQ#l@QS6AYK6q$D_c0Kdj#FO#<D^pGUygCnOYfD7!5T>z1be)wqWGSKyA*W`Kx!J+r
z__?7rcbX?))(`HN@KtZ7xJ&xlJtr%I%x27+QAy3cOuqkG(7z4<+1sG7#oBjm#0qzV
zL^#q-k+6s7Q92@Gno3lwzkl$b&{aHHl-#UBoSr<no@O&NIcab<B<1u^{O5}L)B{eE
zu`A6ZCJwxG)T(EF%;A!GBZc?3T>0M9X6Jk_h)nOa{WS#6Onakgp0<u>H!9-XplRSV
zNvc_bmMyuB8@4^i%C$8(XGzbGohO^HFg)}3XHE7=IR{h(P1o*r7AHIce$tTq{M^19
zPy&^8waXpwc*&^I^SUw~OMl4PdktPG>;I8;j^TBETcc0YByG^xY#KJU(KNPg+qP{x
zJ7{d%*s*qF+qUoipL5T9-sj$L>%&_68Efr1hvpdLM@sY41lWq1qme1>P@ZY2bc;!W
zc)>8%gpq(wX)Wpq%e@o`w~4=d#k%w-<(9!lgw2#I8|p6ONm>YI2?pt(4>7psU|}D;
zEwV>0|LXP%N40s=CjYm)m;vhE&M->`OQ-u|!&Mi6r7Zkf@NaiSVY!canE6Fc84^~0
zWL{$B^mFz_O4FdQmFyf!7h5Rf%kmY6Ho{-_t25!jr1Xl4b$Ky`oN!)Ihjb6ESjbK6
z-P*Y&qq%!Vdah`kpB_9-`VsVVjt2t>a8iWe9l6h5?|lXb&a;PyhtHr&Tdhjem9;&J
zK1nAJR7>ZUuk;K)&h4tEJ)U&nbEC^XuG)d&1>upApcuySZ06L+!MWGYjv^|T>Lu~i
zk&zdQe~bKk4q8H!i&KQ2U14Ndd35}<_JZWfIyAJ^Fiwxs%23*+)O$-;Q0Rd%<3|f(
z^|9VsidVvo^eJBsaM$odWf|tNKf=mE8r&MT>`qJ-Dw>LQ`5HiTo}DNjGx8andj&BX
zj$`j%NER2i`nMe`xKwA2Ff)c8HNRljE!laXL!tvBw@|+DReyPjBS>BQZR^VJt-?(e
zRDzK4?a(uNaT%2UAc6i(+PZ`F!dXW5h_vURW~O|>unr;bx>(7Bd!?khn&e>ICg*8S
zErFT3fp>1&6bFU}!OYV2#Itr$<of_4OIVj?tb31$Uo}N!E4_%^+7YRq(e%J(+{^QN
zTf1k?l6F|P{J#%;y!e(8T);8c1uN6$pM~u`+~iLMpKrp5l&|#935s%^{eG_@_sc-b
z9i2EboL(~OIZhjX(=L8KVu)qfwv+d14PoYl8P%ZKEo`#;7}v6><ohQXewfDV^8=6m
zL|z$M_$tBKikTjGRt#Jm47qgIs$xN7kW22pt^}G}mFh_gp-W<kGJ9`ZcCZnLMA%T5
z@LABEne;8%OJ%TS3){;_;WQ^<YIDCBQrNLoV#QV_TaW#4dz)Kub3e68a6GxXp;K0t
zM~8MC<Q(F`lnLy`d95guVM29fwqJ!Rl6K36y-|_3a$u569LwO;mrCRDR~?$#R+GWv
zGbG%q76C2q80Hd3bApN;N!#OxPMg1GvczBQ=orq9E3@EQ{j&kVcH;3wDY;whO_E6I
zvfTISLc9Dzd*fhV!GW_odcyd<N<k-T!f2A4D@z9h9L$$;{Q!0hz$+H0)jDuWVh&zi
z?{phF8ek$?V!`Klh41q4etJG7t)w~2Yvar`^}RzlK`feGUKi@CE3M$nk@2;K-O=?(
z_r{_!v$fvce5UldI)von;%=B_3;%OVj=CViWIprhI8#%MzcsOThotoA;aX>Z^d`!i
z=ZD%d<m+c>sce?Ofj*eqvpE`U_IO(JN_=&U5k=5OZe@93LqA^n#}I}VudtAeZcm}(
z1%u}hOA~oAv(=IQ95cV++&j9{S@fxPXB3+H-K!%wmHJO?w{_EEUdDE%B18WZ!@GqC
z?l+XU`3b4Ps@jj{tRMXRv8R9G!A#@S)S>G9*20v*sV=Y12ArFObi%^qCUBJPX3qwl
z&8MVXcxb?L<4U0jE?hWq#4@=4SyJ}fcTjkU2SdDGhT7U*QLHOzsxQ3ya<nDALZdOl
zIFjP(1xS&oVY1mdj=`S7#uJ!yQ0RESD=<$Jy~kN8Wg~l0$Yze0I23C<nI+~z#35`P
ziBsL0a5y4+eOS=F(>h{*+kzn%D!xuQvIv_PrqvJ<XsU2@PP7jQ{l7<y%CK)PMrV%{
zL2*Q}2mp?BYjg5fpKeT|oO6YJz7L**2)Oi*ZA&dG7PRRM=OopAa=DGPUPo}&rx_&u
zYrSwy=z>pFSqHK@n7&At*ev&)$}lJFPb-PiGTi|RyD^XBe24V)5_1->cLcjDQLYUC
zE4$>1m?jlyNZM#{zw!^(F0=0{3!BcFL2g0veujihC&5&LyJ9-}Jq(OD=Zs;F;ad#B
zxX+RBHvM1d$gr-?oP+?UdmHtUs1ZXo*B@WlKgR!ilsr*vcwb(P*7!3xV;PrfEP|uS
z@>6Vgo8NN`;{CXLhIHuckwv-TSrnE#lLfzY;}OqCpA?*v4I~`>`41CSCJ$}0M1V(t
zws`C9q2^+<6(kaWTikt>%X&=CF9i>3Q?|+NyR<WwI|R8zm!Q@gRYg-{bjK%79bXo3
zY!1?0n@mdu#?8%$dY{Xa^W7ngZH(+4?(YrIaQ!j`1SbqAM}bDQ96b?lbfWVMfdX&I
zYaNf*P)uW%i)_XSo>R%w?0UOB8Rp|*vL@JIJM^yu#xUPwc582|478!eE5$T!S2ku-
zDZ}fi)+`ze;KhxiH?e;y8aWCIn&1E!=jcj0lUM%3WgnHQjTcJEgwWumw%iR}nEON8
zL^gf+)O}_=6JzLBJ#*%$owHS+I2As+<qMvh;gwb2z7P|&6%6+j=GHay=r3umEztbz
z@&$2^rL~^oqms$^H&d5e)D$5Zlk*I>2<mG!7H8Zolw}XaqWTvpMmj?>>U_3ogX?@Z
zn8jKn#9F*5MISbQbx<)X3S(&cM`~xgoeZt^qt}P2R&(9S`8m`1IrGIh{sZ57ar47H
zDR&hV>NYWq&{slsQbfjWVq#?c6fav_1Md0<cUizp%7NmYlG^p5#-C$Vxe6k$AnT{E
z(BQee{~Ev!CGZ%)uf?4yo+wc$UTix$@eqdbQ<f_JJE3fXxasgNDZ28{jud4$qo1;L
z^xD|~5{y`sNRbir<<a~yswXR$QaJ(QRB?NhNMz|hBjQX%`BbRsx9v!~Ds;efv3LoS
zVWZiBL~$cwx?8kJA#u{`WyOsgPfhmJiMSDo;MPBhu=z9CBh5RiO8;;v{w>iKJR$h<
zf8;|3lc)a!pGFn}Ph9=)jbr~@{y#S=8*SIZldA6}NKoNWB&I%nR~AmeP~syJmOu$7
zlT)%WQos`0!Fd<obr45ALZAY~mQhhgjA8|p#YF&zcQNWlpm4;A6Qx$w9hFBC#Yp8J
zi^a)O#lg~g#U+trwr{%9gZ6kK;$#NI4>0)X$pHI5-X}ZI!`*0PbW}biyRk@7qHk|<
z{C=POMY??jUk3;6z$VTUFSMsXjzW?>;XApf8i#TB85E0xs2dli9jB^XW$XjQ$KVv)
zbpyzmr6vwTUlTDs2r&gFNTRlj<&{yD3PtVMp{wsbD7U!MDX1%*O8{kHfvB&EiLEVR
z@rp{|e=tGOsEPgFe9p79<c4u`{eXq`CYA&+Vvmw4_vBq_w5`s>8QgBf)<F#EX>PLz
zOLtM{ngWgdZxYCLxFRkgUmr(jG{Uct_a=|kUO_&gQKHSX41w*Nkt|xp=Tm6K-mee}
zTv1iGtY<ObKS*8XfwdE~d6!Q?v8m}B>pPLez}?(WA3CU}k|b4~%pz@0919OEDN%It
z8;c^R0Ecd!$eh|%Z9bvsXU4+`Qlodd2!|*`2V7|Exq1Dyk!yG1h4Ccz!`96N^rb)V
z#?bz6*c9c6R1%S;3#{_b&#V)Ij(;5CppS8$j~znh=`88+SUV_fH%Y&U!Fo_d*uTU+
z@l2)waWwf3s#vPdHMpV-S-QP`KP-}`D$%rYg+MZ%w|$G9zxR+>Pb#pq*_{KS!kqfl
zQC)EA68))N5;m|5nD2E@QVO~sayZVY{A1)}`w56V6z)uVE^#WQpuI98FR=%ZLP*RD
zoN&VwK<*m9Uaa(a-y>>yRJ8Sa4R#><n4;Hyt)@@qh?0EmnlJWxRcr6PppU(pprLid
zTFo<YyNl24E?U`AN%&$*J{>&>@vl`I)TFf?6(Z}?Hw8$kbxMG$b7EE1-{29E8LYwi
zc6evKcmO$^t{8&g{QA7k8^V+M=SG}7<YoF~1xFL{6ID4goe8AAO$pQ3JzGwv)%NL+
z-nvHrgf^c^X4F!%uZFI8&+~L9DY1SW_2=S~*Hm%6CoZ+_UJ<S~A?85Jz!=zBEw06D
z#>NKeS1W>(ut)(z_R8$fP<@<n2IEW74TqZ8Ia=f{=)W}I5`cro<5mEaHO+zPqT<5N
z(AGO<v5Re&7W)`%c*k_uEJ$PxKwi1DtY&KZ8)(<Kd(5!m<nA^D$dURh;>>{E1?yP)
zQBX`PlG(Dk-aRjWsHsLnE2}haQM+$H&2Zh^c!zXQ&YSgqO%Z0<0$Y1+Ph)#kQoS;U
zgQ=WZMMLw}={DLSNyf3MJH*!;3nPpGI$iB6Dkq{|eTVj!&y@t;6-3}hd(DiZ0%cjS
zndpy%_bT9W;`+=R;(|a<5zo?WAP}{0k6Np^Prk+x@-oxhz+CSWHl94rnBw!T`*{~F
zg!hw&Wm)M3K~b@^?8YIBImA<ddnSsvBfMb_Eom~|0reZYGW&W+Q~h`4*huv?u3ioA
zSeG%#R;`#wUj9aB?b9GdtpvM6iIS76&#+vhfU6VFsVf^Yxx|wWFXc%ODKgKxzF(&B
z*4lwq!c3Iu*mO55o(&klS1L_v!UlSuep?+2^_6J5Gp88|dtqu|=n6~6BPV~GYRCrz
zykBb*>W)Uz!-$oXv%Jbi@6d>_{%YunjYUM}qO9rHNp7<Rc8~?O(F4td@U)b5cJ!@(
ztUx<JJu&CyfoOJ-TbvKjx5JWWJ8#$^g_26##u)4Ak<#l!{SM1sRm&(9qO$Bsi+`Z!
zIu!26C`3m9G(Q)pw(T{_CMy*izgGeotZarP^l<a{H-Lt6y#w5~zdmfPyfl55y@c|U
zq6r$A7SSw5X&;-Ie@8^a<Zf4oW+mt~W<sBz;i?tV@sG1b$m|!84J9maj!7HGiu?X`
zDckTplxWdylaDN2QOsK<AMeX+IuU1ydekSTu_}m-D)sHmiBD|5#UYwZnsDsTa!=Iv
zkjheVu7pMiLZ1dDDL&Sx$Pa4?NQ~<rS5LgkP13tJTKdMXIib_B3wX<4JCBVeo?XI<
z6x;|ty>B<;zdpoz(O6NmCU4D6X}v;Eur(|2{LIKTXM$Nmw*kTV)|-R_8eup&r>+}G
z{xv2#C7fVJNnKbpGNev~nUhu4RgyKPQMxFKwWGw!#BOo8K2%t0%EK-r<8k+0QL9`u
z>dvyX#2jdSM(;Jt;EOysvl6E75$Zb9il#x8qo}dcb5lGxZmsQyZ<>1yyT|oeu!x+H
zx7wJsA*87(;TN1-YzdWbprdtS%yY4q*9VzMF%b@3|5iXeU32K=5OVkH9SH(Cp7vd}
z*>QHC?ZwX0o5Jc2+cC97+U>-&hHl@@EX+PTB4bkO3@=Yifogwwo6KZP2Rgs^ui&QG
zymPAcBv<<ytlZ}%!Hfx#+eQ_I<!$l?K52PzXh9ctTH`_|#J1Xu1|CXl!&UR5*TxVz
zj>$rrPUAr*sZh@Blbzmbp9wd$UiN7r_e_k$s)*JzcoAF+UrV#{=>{|nN08cmNbM00
zOCh~^18wawGsq+pMsLhCzh!M?@*27O{gHT01P^Ayl7#?m;NGMJTq7=%_)Sm{8pD~~
zYhJ_WJvT^TjM7;cuzedO*ZL<%N<mZqyGM<{TfOd;1_)^8izh4Dz7)Inb2!Kz$?R$3
zjiN>6fl;M<tGAq~B8FH(2V-kFd<*Aj)43M2-8*g;Ybt$_Ys<zA)Pc1;-!ygk&C>04
z7lW(QzqL>qF-CTzGw~5|fB9$W1qGgVZdXJ6`nd;8alk-8V3Lw+;$+D5Ldxu-W&d9-
zNp)c?9aS{hvJAU6tB#+x2416ru6u@rNewlw9=(mh>*U8$d`w%k$G94Y^9yqGW~7xp
zVr#ar)(#;vZN&(&wyRZnKN6!T!U(MtZt4Q`7tlMS2U#>b@GCXVra8hNqm+(C(g=>X
zw+gUs7kR9v(px?{0{nZ4Ep++vT@Au9%41$02;~+`jEmZ%JYypnVwPu8I*KMbqkVHD
zRWf5Io^(d<w529E+-@Gp>isE?{NiUb2<x=sNt`TlZcaSu8CHfE@7Uxjj(Qna$HoqD
zAw6FZ7P^0f*!(8`jsUwo1{P0AX`f*rXB;s_Zh5>4^cPnpkBVdM>8y9=y+>_x<`@hJ
z3U|#J19Q;2%%BA1mIyQt_&<7C+Hr#M%0@@T1ME}`tfqn851%Rc=>P|K-455j{Fil(
z8U0lR2OEzmfdFN<mJfrhk6l9~8z6W}#XxWOoA#IGbprAb%tu+D?V^^oDS80M6KF7U
z0Hm&AS@a0-VUsBx>eqeq&+e|$HtKMV|2Vi<dYa<PFf!(T_c60v-BOA097J=H&fa!;
zenj$RlBt~>BYIsPA!4yg7%l(Ww?O?5=t>yLoMxfM-X*N-7=zq4uB!@$1|I$|uW$dU
z3%+>5<r41CvrIku4l#E@c=5fcj0969*BAzVZjq;gFMscz;;%Wc>qfPyicef}R$tO!
z`e`EIM#4g|2Is5>uf-HlJsnZr&;*q%kLd;Rz9=ar>FKWIb{^w=c5D}`>my4}4*tZI
zb%S4(PFZP9@l#v~v)vuE7~#6wccbeYF>>CwM|i-IW8mH^)b5y(m0!nXJjlx&TG<@q
zIrz=WN>))@W7I|BH=L}3@;fR>iGMGf&A=V@C(2NB-AGnmfGK?$PG+WQOL@S-obqkj
z%Hssc!D?qGDtgK>XVlTUe?F{eVrbwOMeM~!0jO50x(nvym5N-O45Vo*s5xQ#@u#vY
zSj;NczBu!#)x3dh%57=aWXTb4neFv+$FZH){eqCWG&QXFk2b5^hFWOgFN!^B#JU6_
zK9`;Z*K~D94DF_;KGr)V<=o~eVtaAk?A*47#G626DqWSDHh@TkR!CX$8g{DE_5q*7
zNy7j}a__N2#@UKkT~KWqWVU%m&JZx^<RuM2Q2cyHvVQ9(-{RD@Dk>ix^4Okt2KtfW
zN-y_^MY7&SBg0t<-1Dhim?Ov1-}pB@blZZKIfV|l4G2raIg^nc^<ZI!uSVX*GF<)=
z%g}C`j%|G~QVf{p{X39|wTHk-j)RxE%~FMoUsf=Q|4X^`2ji-|@ST{Sm0MuhvJGVW
zmqW>j8k!5kg?Ynw+C1x)ZN{b%0-K*%1O$$_eEPFzdJZlrIunvQE}TnRxFVp#Z7?~<
zJTY+KovYC~+X{cc-a=PD0|B#YY-<@CkaA~eU71(WD?~+K3r1h(&-jy$K*3m+EG(z9
zHWlFAq4FVa+Ql$(pKaa+dM=u{3<G2pwdQ^$QD5U&&rLB%*(UOD6ue(in0bn%XFAE<
z9sv)vMRbzq>TnX_E`aN^#Vth?)9mb<Yg&cvx6t)?#lcs!tsd?=>`|@f7?nlIeO=94
zjg1TaSkd3VqV5zBzOU{m(>YMNmVOU@T93{4s`reQk|Fo@8h7=vDx7tUsrAYF*lLY6
z6Cw9R-O=Q?n{LB4oaCJP(60T>SIuClz2m+?zCx|9^DusG%CEg^W*PZ$dq9^_OtO2;
zL_L=I`o}WUh)Q(AmfX#VS5W>bJMYYX1S+Hyt?jw!v6^2e*N|>}^byf!0Yx20;IS>3
zO(3X=gr(5g>W^~10Q;US;O5pCg)KI9`2gcFmJDKk-_vbv&*Wl2wy-D~!B%j^ahb-@
z%ca|p5ot4PWvf{Mv4n=!z=#?47Y`5crp_bg8p0j(S<>9~o7|F|EW>9zG2uZxe9Myt
zW!4(P2uQHfN1TT-H>>$%*R&{T@68OHVNQ9gm*S90LhsBswMfK>4VPKqIa>X+oFVZn
zvKrO?jmNz}-_kPSxz0rau4K!+Y*bed|0GY}E#Y+UM{P@2uaGHcb@?*<O}1UM0j_g>
zZFB$ZD-EI}d$n%z<~rAb23MWX#0f=5nVGSJMI1YQ<j>L*6VHn%0qemF1ncBz+DDVM
zq|~{swDev%MG5)(6Q+hGu&b)Ua$VLhK5bi+*Xw~6HQMMw69Vo~#FYEQMDfTgDV5H;
zNZtf-iKskl0TA|KZ%B4VUD7V9Yl=LhESYJ}s|;(*oQ4@mi@k0mSLo4`CfnD;mt#~`
zon>K=an(j?<FnMyt_XZnGijD<LEj)ca995fM1`I;kGl@7zWm~f!<4odF&ym4;aV%H
zJyIN1aq1vFqNPXa-4`gE!&K++i>pIWd&!cJ*K2f9Kj!9%Pp6A=kdt-nv;j}C8|7jj
zv1`d4pQN+H{VJ<=lUNe-+ui>6W}}d0%Mx7mZa8ZKD*&|+q|JI#vf}G4nV>)Ah5XGp
zZbT{jMBJ8yRrvm~K}DB6RXJ`=lr+=g#xMEe%!xu2T$|sSi39pI(+m6hSu<^^9GEem
zI5w^?{|x)7>k9U7azRk<b6H4#f|&nO4xeW|x#;iW<`3<N_KoXvB1q9pm#>$vGcZAo
zCaB4=YM7!yWo~C9>NkzhUHJjF$m;myB*Wj0SjXPU@(8XNQa_%eh~_+N)XuI?wsz_F
z2@4gc#Sn{GHJ2?;em>HiA*G7H`cz($nh23}SpvS7SVdRgZ1~!StR?kDTcuPXBJt+1
z`n--H6l9vi{Y5CebIFO$p3!BVBr4S?*!(e4&0h=Jj;!CzIru17gVr;)2<(2gO3>xW
z*sR`gz1-l@HSo31{y5)4$Ag7K7bZ?r6%bc^xPqEGML8e6ye_7D&vyycggx(c0kL3^
z`QR2dx##ddC~|+C(UU)_+lDF0Y@G=ID<5+98n>JeH=pR2VLYkT|Iqb<a=ytH=qy`u
z-c;9hUVMHe7*#J|AWt*}z^e7YHO_5{I>yAK0A?PZ;9{$D4ec;&>2Pg&dnTcG>rtjb
zeFrQS-_IDf(KuGTtnqlOjjt{<EteT^X^qjewYB<Q5Z*VkW{g>=uZ7!78k<+8V!qJ4
zP>Yn6(?SG!XQMAz;?yH4EE#QW8l}!(t13Nss%st|L{Ii;nB|C0MO<2)Gh0{fsmfBR
zY1AnyS9Bv-QzUl$^odzv?*+Y(Nzp*3*EY%jH8OQx9==Jiz;u<pjB1*lUx_sTlU=lB
zFLSR_>UIYa2rgZ<;PY?2CGpWPF{1Yp+LP@TZM9D@VjKJA&6tSC7-BJs^DX$un$FaX
zbD+^}Kr&qfXr}u`mKx#o?8{6F&$dr;y7C7lAf>S$6=7Q02VhD-2f6;KtUR>3uiSs3
zQMzJ0>hc+cHEt7xePaHnVtLre_cNv{GDPgrH|YXUbKaR-RNc19<nPENm4-SrXjatR
z+jU8m-;7m-lbt-i?-9u$cn|7PY_-@=RBwf3EQn7vILGdl1lyNpp@`NPZ|mMlbbHKS
zl-7KO%I&iXE{UuBJ-`r@dSCoOt*10pZ+^=>Z%96FdLn)k18#89Lv?AG?Q2cYrafE|
zHUTTrW3TKON4x-6PI3Mtr^ytiCLugHMVl2PvJ4&;c4|9wzc0T<sDm?inXezF#sqA9
zA|${~1e}Wd)kR>k^}`KwR#;=aK8Et^n{iK^XGQ8{B8l&bxLL+vJrK?q19l$u@C0}8
z_-JhgPgt)S%A%t?kv}gN^HdNSId=gvV7}<fA_+&kpnf??_0Bd@$Ftrv7XCur`%NmE
zzJzUpX=&k?^9L@(*ym)W+e*k93!37x-XSSl_-{kv<8!j+I9bN7hACLxuNdA{-)pl`
zB&agQ9EACbN-JP&ze7qSRXwNv#i3Z-&@L`*3pkp<$cT(&P&2ubO@Dkmc)-rg%&o0W
zDBKa$IvY$n5na-F$fNfbD|dud+`;1->h~KE+Y`)a=kdDw8W6X^weR~fPf0Ht8-LC8
z-4Szf|Knvv#pwpm>)?RyJ=d4W2<M1lbmL{_>)y=)LdQ4jWJ~k`G;n^!*eug=@~S(P
zJ}_x(f<Eh&9^(X`2#DiIe+kT?alrn14R{+6KJh|`yLwr8Br&EALi>5_!`u5dqxfr2
zC1+F?{}oBNoV1=PH;$8I+xKHw1a$h7xr(g9Q8bH4m%&7RYvbdKA(SDiF7rR|p~t&n
z%6Wf%#Cmk2NtYw*`8pR50UG?=cHuw~kl2G?pqh-p2%+KMd3~+L%~zwub#huRZ8U2U
zELbvNQvbl=Eb&DogW2hzW7<K&sJLAUW;9H+iYUN2Co8{(+g5mGQA{z@|GtSX1rgEi
zn<gATl!GLAMlj~XHcb4RJB<oGL~XV>42?~`DR(eYf!X}gbQ9iEba6Og<!n(Yu&Zsb
zr53~5k-0J(MuUZbhK>UV2bZEe09O<EcVkMNytku~sIur&bk*mL$)6EfrY?Vf708Gt
zc76Nkg+9>a<I>2SKEgF8vO^IUTUA(8XP9Mfm7oF_F-?zZZ6XiXGguhBaYRosMSZXg
zRajzQtp8kKx}qH~po@u_XK*^4W^J4Wtx0H_BDI?Wqp&lk%`(krn+<ccw(Lv^$4apL
z9?#J`1zngNLO9Fw7}zSCA_u2&GzqD@<^&;{Fk$SU11Yt{E10baDeT+ErZ2H6VC8l~
z5nS%-eN*-`vfvFZ%7863A)eEHefqd^>3A&q>Kp=Hizd0{m39Ox&)KdEP|1ls2$i-A
z$_05kD<QToP|Cq>ZfJs;F(TP1A<h2I9??-{*Hwv?<{HoBoU-zpM0k0Hwus`;O6ir*
z+|trq8BQ9f>(U0rc()B^GshWbtZ5t)ltS#}=F<(eZSJFui_2fh=CXxIUJ#JlIU{~T
z?DkXNIyKfHPoiYF%(CuwqAe>a8(5D9bmb977x@o0@j+6+*42KFvW{k9Yo4B&kyhM+
zH~}NoW5~8OLD<%jMpH=iFKu%23B?FF8s^hxX6J|c>{Rx<wG2G%NImbb!`TZYZ2X$_
zHmB>fzb!#57U0aD#^Leo40~&zTP%$913r5a<)l75cWCOT7pH#7hn2>8v%}^ol&QU?
z`!;i1^TLA8XkhnK65|G(%L#J3dGOyWm91qnmOCeG(Qxv5nq?`eib1;m+ptdyx0t%W
zz%~<SoB;k6X`|+5f{Mr(hTeCpUFBV54(>oa{747sV-P9pRbgj``{C?0^<iI~e`Hp5
zYuA@nJ#X_zudENFM8QLVb!_U#DIQzSosHbb@SyMW3~8Y@U)K{F-p3>n2et<HpQ8!V
zj}uYDj-%_FRA0Tl721`O;lI2tR~N5lQLS=WuF$3nkM!M^JM<XtrOb3!seCS%7rq@m
zIy}L~!(-hag6vc6sZWoMnIG?1gop`Dy43${%CFYBKO|A9RFyD(0z~CMDH8*x;>Y%e
zC7Dv!38#ohM(<i(W5()&{*-jc3MY`R^ZqGgdRhgOl2gwx+B%j~rxK^Sc|R<?j$fuy
z6EO;>Lr8z3qw9?IOtipRm!x9Aok@(Y+^-W-H|VO-3wM>N=6=_%4E-UwO9xcI2172j
z&&M{@3)(I1T(f5HR^i@8gC)M}Rt76PYN|D7^4S213(7|4w624@ZC?~@=ieMO6MR>=
zv?hr^Ch^gQ-z!Skfkwja)v`)=br+c@Z|Bb&tzY17;*@Rno!rkZ*0EgIw00im@3TFE
zTSw}yeYBOkKqmS=2@b_)C!S3;^A`FQt{2e4bYS5^EhVx9v|&5pzoa^LTO*5)Dw;{8
zT--vhs_&fe(PegeM#H^ewAPqteRS4OqCdCd987c;=xERS-ZlpOz*_&ze&W6)OL#Oc
z+J7RUBE!^ia_{Z*(3Nb2^9LcNi2d+61n2ZD_izpmGM=Z->+N0sV*P;q0g3%0vhVKs
zH!76CsHs{G{~reqF?n5xvt7mmEO&@quawr-&s3F~e>v}A3CZP^7Qf{%G+-9|N=UoG
zuSH3gs~6YWd1-K;ge4L>bU9PlS{&Tt9J1QzbIl?Lbo3mr7h5?+4wV}Iu!r?4=wv>&
z`a%OR+3@t)KVL?<6Z{nMvhb7W8^(KRsbA8#Ue0o{fm0^c3*UP`3zaVWzgGryz;{v-
z&kC!oOXJk&)0!rGzlv*5IZpmnqj9b%d$*v*PP@FW?_YHZBJvXwlYWnk9lro~$MVY-
z1SEu2&T|Uv#8Z^7;d0BwRPT(0X-`%Et~fd*cofqscdn`^tt)c4uy*xvw2)~xCbw6-
z+>!kUSQn9B;&oI?HEO!|;PO;@KS8mr%l9u-9T;u*zvy-;QwQRO3Pd#NQX#&K|2-Z9
zM_<1wR~8rb%+156mOZO0s;W?9fvtiQb}d*2j)nzt?AVLDhollTsO0#PH(flUo}O7*
z+IG?@v!~XT^@k7jxQqKgsN*@-=o^|FJ0~XZ=S`~vt%CZ55Fa>Ufe^zKBvvpgS1(xV
z8*ujV3GS+FE<@*&<aoig)~L(;<mCYw(e_TrBKvf#06lv2fs2Rw4#MyFlJ>NKh#DNN
z_9JSQL&?3{%eb3{@j@C;%}jhzw3234PHwo`wvORh3%~w)s3)ncGd;iP32PUZCi(>%
z%gh^u;Sub-O)8(*(7PVYnQ~5Tp}tcq%=s3%-!BxqO2gVhHV1BVlj;hX|2Z*yq(aR*
zJ3I_~d-FyY7DzF^24FnZq2Ft3X`%P65X|yvpG{y}(+#cCWg$|OXTG>u1tNGnw7@&W
zE8pHFH{fWKV*Hw{W11KB-1rX9M^Exb(2!{g`^4L_CewDyWs!-{q9rr5&z6Q~*3Ysn
zD1ORpVO8kd6Jl$h6HmvR-M^D%ie8oNR>8vVx`~SiG$$%jFE?GS5A|yMWea4$S&whm
z>s^YhDgfYAe|ZS=-<Kh=3^fnC(7B(p?L4zI%Q9mNEGP~g>7<D>S~o8$EKJQFwl?Ed
z%PuSspIXccHE$2!pZv7H(46kjicN5u+m;tjoQd`@fYAHKVE9Jc@Su6=#v66pG;NN*
zNBLQDQXqrt**><_o>O#&y^(2e<G^YpysMO;*b^ajEEvQ)C__X4pJjD9NA`PVeQ(O4
zUs^s7d2`aR7Ab^HP?lZuil)^nMT#r%4<$`h8qW2pW9sPjBE!U*3701K5<;<n#I{-K
z08_UJS1O4!Zl4X_!R?P|8u4+>sKaPN(w`sd@@lv?ri;h=#uiEYHtbkO_z^!6xwr?|
zm_~I-#~KTu;j{NS>ss-T{zBjEyGUX3D-1}=9(={I2^NHBVM$-)6#q^Qr@-bvwJZ!U
zgq#Zc*4aBDOyxPZAfE^BN`i{X;VXKWylVSmZp~hgCY@ihdZ`Y!oSI=|pk1b)UWP81
zki}wkQY;;QMV){(cv$h#x;=uTk;7fm9NM5=E2fCb0_YVdi0-ujbDsw)A=ArPCnko|
z9k&sgV)GO!I#ISvvg{G!^8dj}dSQf5yLfqlgG|ILw^wUZFO_aN6B83S;E(tlq>!fb
zd-CV;f<+Ng9KxnL7vz3R0x$Z8(xv*oe$6+aX+`TdHLn#)N-H`w^I5jp*%{48A&ZAc
z{9sAK@^qENRLe0E0yUZ)jtXAv1Ekiw_xc7I9+%rT6%lKfkS{MKm2-NU9RAGoovyz#
z`|j($WgGkd8IOKkr=jiSZMeH*Xt~VmBFzesxz*NIN>yeg;1b-c0)e}a*$CQ-Fh#Nw
zt!&Ovr^+Enr(RiH5bV+*hikXZjNOR+#w!EenL9Blm}RK7$+@Yi#~$}7%omRAXbDi&
z9r6|$^=dV62pSnI0J}6F$>08s1P8-4f3M6>BEGzQ@!G-L*v#B`HOYHj>wa;yZv}>l
z_>NInuUSXYSJt()jgDIQ72L4sjJ@R1)*Xmy>O{I5CHV+4H=el|9N{l1WnJorHO^rS
zi9S!WI@h3$L2SOsnc)!tZI~HqYJlI!M9l`L<Vi;wNn(@dtG1eVsL&VWu(IdX4MYi_
z+uvuVO@z5m$?j~-R<esat1~Cx38OCV$qryEX&msQw-2rI3S5)KC6OxE$YW+Z1j!Pm
z9PM5DMD((Qak$%H2&!7oGN+5&*&CKLv9F=yTN~Lyvay4M6)O^=Qw;F%@KUiWW`9{3
z8?$$<W&|`B7^qbpwUBHQl)CEvqj10_3h*{o$egitEiJ>d*G!QBj1SXlq?i~E4vuF%
zvy&s%8hUEVQDb@KOY|;6cL=#fl|2N>D!R5WXOFLvj|as^X7fy49pR-b<0>4gCDg_D
zN7j|5_uucgrrA~}FH1rP!-;PR3P^9@AVzLzZ==tk5EHbxwQ8n04?A%d)XgBJQ`0*M
zkcMpFaUhZdK-TopciN}gp?sX7t}WR*D^QL*{f8^G&ECSz<})tH;LO_0%GiJlB&TCk
zsj_7EMCcy}vi_j8Fz+YiyEE)vnw&frk7z}ruhwwH-O$ppH~XPNyISaymdq)o5I(@K
z`%BYv3nca98OzvCRVX@jAoF|leOK*GYP|ncbAYW-V<T%{adB2qe^5Wzf05MJr9^-J
zWwuh#Scp>ZnNT_cJG5#@V{64|%{cSd+{D5nB0L;+D2q)4*Qw%cu&Pfu1xJ!y`pl(h
z+?vHX<C2b!@r<Fs@?7uaIgw40U)md9OOu5i#C=HY+BNd4J%z0xJ6V~32=UvQpkdZQ
zi#-qf?}Dnx@Y0_}<U@z^mJG5q32>ffb8I^~X+{nP_z$}@{u8_=BHS}gnU_@+jK)X8
z3kG`T>@oODdb!%Jpw!Zvvg(eY#`?&sHI`gd_z95O!m!r&C<MR0p$-D;PE24_tndZL
zM6@)=0Xu|P&T}c~p$_opI~MoQY+>P?nW3>YtfVdVvki%-IL^f|#2YhlRpkm7Lz*ea
z<;slqg#GrJ7I_iu=}>ps|5`$tT3U2o`AyBPmpV(Ut5iIQn~1D~_d{IN)YKIfRhYlm
z?%#>G3O>)Lroz9#>t?>5-aYTr{S3z&xg=b{YyUHQ0Hum~<;LUI5qTP7NU0S;cvjnr
zwYB{8j_DbS@{7#gqi1#&vYy%TQ8h4&tgd8LLNw-U6~>SprKP`gzB)7$3R{3>MMVX8
zyY^j=;(8XF?@9%2KBL~iGrM78!4indD?tPg91%-KE_hcuVorU63)Nf+N@RjA8^79z
z(*(*J(fxGDc$;wc(m^7O1>8+|Gu1)*WksT_BE%=O<|jmCA*)^2GBA&AZ&QgL;3#dr
z>cw`}lP)lswp*POpz<Tt+p_}uv{V+B_$7TY1T(+?8{P|6yW*(+zx<|-Yil;QY}9)W
zZhS94tpr!UcPc6=(<WtlF9<8Q?i}-M?lXQ)z1!eFIKQ7b;l5kHS;w}a^3fYdFHt=k
zVSjm_?t(LH_gvn4ZEZ&qj*s8a4SbjkZhtGexG%VlIdOLP%~rlTiPshXm$UT`?bNjo
z^hIJT?fWYT>Awo^f3buA!3OtXF*Lyb&l6yU_+PPI#Q*;iCOPF~Bc_q3C-=NR3Z;Er
zmRD|CuVTsHy+%grwA|=Lf1u>gP#!sDxPo1k?_dA@+y4-k!9#AQS69a$x<9<%{{o&B
zgRf^qiSias;6Kr!!(qg9esd1^?!{?sYpbZJ*w5bmB>nzK^s)2W%KvcixJU0RuB%HF
zE|h=yx(0Z^E&fMsgI!5Y0n**#+KMn>Ea38R#*okZ3b()$C)n3TW}c#?>TKtG$^n2&
zxepu+7EMhE$F$2`a(^i)JNl8O{6s-+Z09=9%+l!J7fM>wWPW5{Mf?>2e0}BFcv*jV
z^!?cQNF{nZ6jf4HRa90UbnSl8ejg@!A_+G1y|I0t=sU4u8#_qm-zY4u&5{N1>|Yg#
z^7y=F-EVQu!T}U90sVeH1CbTivhjUUr3BhQO4#HL@$ie8{8AGu=23n+G8}y+-Tuu!
zM5>FGECz)YIZ;8u{%i$ZP07Hfn-9|q{?#%u)UJ<@kEg+xrEL50-7IFYNlsH?Athu+
z!=5nCf*&Tr@^ZhF(37(qV<<v>d>4iW#yzIaJL@0n&+kv#juR?DAZ_mys>uT<XI9=D
zNYoL22aLCoM2g3k7ehls5}3vU(O3l~B_TJrmc?fN5LQ)HRmjhu<HdZ;6wJ^L%{&AJ
zL6jRAI2VQI-bfMzzH>sdBxk&6G;v~i(t0&l#Ns+GY3Z6<o4Zl<^~`LTMQLhocGv6F
z4Ib~XEIjQ=gHs~n9VdVTq~i1gi5U14`$2@snlziFY|A&sMua?Tohg0^3OvJlFu(;d
zh2*nI8{Q)Fk>p6d3?@P?o8342R(7x?Q;&}vGcz;W?C0PSLk0#0kc}F&DY5)SoDNXn
zSBQ#=s%dWi$P~=1xWK_v{LR45+TS}PetOW9f~mI15$C>12S?x=_>=B5x{vk+&VtuB
zSG`H(WrrZ4pR!wa{vFDff_YxY;u%0x`|_=HzdO#m5RstU*-;bU#Dsj2vvqs_IO3#u
z`}EMyRS2$e=M^;aOdS>_u_t6slHg09ot^#o{2Za%wc6?^+Tl?(V>a;qdPU`_qeED(
zT0PX$<5yF|K#DqoM7V5&X^eK535+^-OimCr1zk<H4>x3VA0Ks5);V7Mi2t1_#w>ZH
z;;N$QUiYAZQNVmNyyw_a-VxTF$ry6J)POMZxC86d-381kV8_XsdsY0cc?5%1v5m;c
z&~Nap-(>WtXMpiL^E4I={YK}YC4261-t}v1kI^gOuRW8efQM1X+mw7Q%6ugZzdd^a
z&+lPiX5M*yx-o0i=wjvI5VNzZc@&uJ>-&vhEm4@TQGD?Fj*pOv7uR}%8>m=6yvyW)
zOBMdmG&r!Db6q6vvjK$_k#DEzOW@C+5I`&M^9W<B7qmfP>n)XAk8?8Fb>J(p^b&$F
z#$VfY3(e(oa$aOtp*?R`)|B1bMaRX(H88urE^yI9$>s0M^`^&3jwyql;~u@cadL6n
z<^59A(C{Zee|zCg>y_8h#RaoFi;<Nz`S(h!?2ll!xW?6<m5tQ$2}g($Q;(&Vp<ob(
z^w*xyGA0+RF;mYObKIArPi`LHL!4V<<B{0y?zcaaJBNAT0UU~(Lj4zFTQ#)>2j>i~
z;qDc#ih@;R>1v%NKbcnX3J(Qr6<Hu+?kn1DLfLvAK%^acPc6N157Sfrxiu%T;QiSC
zGhLKUP}pP52_qkhodvo|*D2n68pKz@4Ut;`(<&@+0Xq7c0(|c7Pp6CCNki*65P$2}
z@YmeKR0-ZX+FVntpV}!YSEstRGo?-*4P0u{3s#yHS9nD}LPbwG-2p#a3F9pS+EWqb
z;{c*M>nbj%e7^-BNOiwbS=i>}G1%5W((X=@q#mUy+`LWiM<}oA!<ec|VH4AXut36j
z(qk(T3UJqaIV+ehgd8#lB~epBt;9BfpO`Bt0KnAzS$m7(f<MF|e+XNu@c?0)IOxO^
zy+U?y#EF%!76+eCaWu*%=o|6-z=2lo_A$;iyDhox7-meeGIO;)O88%2G&Hn9^EmL9
z^D6J|CZeaOSE*3*&&$hGd*45b??Z2A531=KPKaQn?K`mOjA<@>v14N2>jCNTow$3a
zu01{N`ko>^aksi1kZC}Wx3=)(J~*3}y1OZ#!n<o;bE-K6zPl3uN==_Re9bO^K2$c2
z_a@&gx)Ng99nUWjYpbnC>9>zNsn|rGcd*+0?Q@Ub)n&4}#t;CoPF+3&>(&%Fasm03
z3E#0C>$+gA3y8`%J4keSOmw#R&O1(bHP`4b>g(;O!86@X!IgUjqORhNPwA%@p=?=R
zfu%Xf$U(YTX=dIdy#&y!wuA@e?mE1D{pV=1a)%Iq|88)}>igt8>ey`frZh2PKzPhC
z93ZCHm7fzBn?^2mm?u8!WS5&k<(^2Bao6=RGS(A+|B=jVN=W==KO~dm*&eJ9x?0}+
z6HX8&;9lkalpk#;0m1Ic#_h(?kjUxjsam7O9FULh9S<FSAof?evbQZyg4mzw5TA(G
zU%K-b<xqONYZzJHXlD2evsas6a|rn=#x?{r{^Gu(IhYeJ$hnfHRCJh1b#O?<`9f+-
z2+1OnCv@&GHWssO9Un>zJy-4ygl-=n3usy33J0Iq-yrO&y+K7Zd6Ei=#<kf~aQ?Ix
z8mK(*)<yEH3-~IrHk!xl{^;iBP;dWrq}#;|EeVt*(PSE4OOXCTKeNi+b30B$Rp}?g
zDr))w;ZTVPMGz}{+SfmeZYhd&rTGgUjf7{%!HqrtH?MYVX#7u`bv}+2O?_jcpwQMY
znDggJu2gEd#amlGK2J+Y?Y8Z1IvM>_CO=t_sE`{J@#&<1<HOk8_7O$!DdZt7L8ez_
zu7uN<o8u;@6%{qEP6LC3pA?y?1M*#_NkG2r4eA4gx!y|TRc#N2!yZcs=MO&{VEs~x
zP3!GlYkKC_p|L1LX(poVqv`XFwE}gxd%+8JJZi$uNhgiZ!q_6L&=%J@n`t^KJdgJL
z(z>jAcgw&wFujz~WIqLpbZ@o*pM-uE3*ORnH9On>NwT)Nsb{<|CZC%KIZh0dGFjs4
z^9op74cJ}MwrbJQNleeq{<gF%f3(%q%xqb^P_*~*q#8@1A>r{x`d0ZSB{PvLXFgMI
zjBw||NW1_ES(!}s=)S0LV;&h<PVK^$qNcVe@AbgTFj2VehA>WG@95k+GKfRrsfnPH
zQMWhj&f@3r$}4<yo~Eg>bGrK@=1bAM&2CPK$mbG@jaoXV=tUsDmX@81Q{TuS0UopC
zYXKWGY?3v?AUkCy3Li+`-585}Y|Wkh%cyQ}Q%>7hkQ=w5xp8D<B-*@+iQ00|b&dU3
z<ioOdfwX#@AxswzZhCys(%?7CehjOQ`;8#Bi|<q(MwDGR{6^RAyHo@qBEn7M#)Qi(
z>O-|$d`k*`J!lt8`fwsWB5k_9<y9?wkd_u$Z8MRv7?WHKHRM{5ug>FIQpjp)YuP<Z
z*4DECXGb#eE<)UWUO1YH$kWo&49xYzMW^|m+i;iA_5xZP2_}gij?6;+<1xgSOw(tt
z0^@FPZ^J;D^g12G)nVnLJ}Xn1nVExUA79tzOv90)_ckX~%^oc-`=wETFuSdD4K(Yd
zUXYWL2fo;15_LE4BcN<8@woFt9Uhjni;HM+bouyf^Lhy6#pAcU2C28EbjysrF~5k3
ziT!yzC24p~@w)u1$!?O+#+KQBLGeU1GwIN6#Qbys$VYx8lAoMn;A9P!0B%_2AJO3)
zJ+a)4#f#-x$ET*wZzZOU1tC(o08!fCu`TpdvU+~agZmZ~3JrWJ(kJ|@vV8uEIg96G
zFArHFqHYttku@k2L{WHJlHHMUKDL<77Axf)QUd9FLh&Y;OOzc?zs2e;6d>AQm~7(L
zgtuYcb(C~Ul!Ve}KIjtDPG_a99h7>%#c-!qUly67{<C2}^JY8m3Au9_)GR|78ZxhT
z_Ak|4Ks6K1F>w??>J^ozm|+=uZ8yzuk)su>bka}{4Z5+e&?z%<-lae=lc<2de)k?!
z^qL_{^4U=DXi}8-6f%SWZ~sywB6jd;uCK;qefi1b2t)8a3Ma2KyPZxediQRp6T;N@
zMA@5D2Raeo_waz(VuS|%p_%cl#ef@xNpA#wrgQv>{=U_etVDX`cL}rhjFSloc&s1W
zJN$I}-*tM$q$J20iD4*26|L}p94hsnwx2+?WbCBYCg$MaIHX5q;0Z5kVkbIZvEJ}j
z!`5pA0NX$aQ*>T-<=qYOdoXlbzO&!@{$MW~Af_-@s>~>Q!s~*_cD1}F$15Ot1+5US
zdZz#SgIslq6UT6D%1CGDzOJMtZqPvzgB`CHiQODt&*>wl*9@KNj|pW!_nck-XNPSs
zM$Jw*Frl&{+glyr>ZkcYZT`Z7CdmAf62+hzRr$F^dx7@73W<%E+%OskhHXh|GS<G8
z!@qE>a+q7SH%e+!>Vvy(RjMX>UFf4Cqbz|XYMg-M^~zP7T$F8nXdc~`hKHnefpH8Z
zD4vFm6JL8kvqKa(eG8$AR0VXqqk{aw&irY01eSuq$==M<!I^y@CZ_}NfxA2puoaF&
zO2Dawp{^D>?<PP6hE%D#hTqlolI@{0C-UM?TpN`JvmXE&!wy)M-y-hx&nvWA1Ee=#
ztsidkYhJNQNw&qrF@Z?614F`z%^yDle6sGg2ss{wZY(sAeobXktG!wE%m6QNY`i7H
zT2Y9XM2`U4*!5JCdxnjp0TaTm(}(S04a~i(>#-}&mD?@T@`@3mjg0#44>J~Xw;eoz
zrQy7IaJEeJs-T;F@_WhDIQP?(7K;)umpE&4eK(Om^8ABHzh_rgsAar)T+i`)h?b_h
zW%;RLeEOBC86TE^T~vfjdFW^lJsuREQdJAT7{B1S1aa0|?7=0(@;>ihB*mQIt*YCg
zNm~Q)vy&<87+D8L#sEpTQcTRuU+<a>8{@yFbC1OxJyIK?8;jI=9HHV1E`az-4H*fl
z&j|+&mf#SqcsQ@k!ah)zz5){~YDYQ78X`X8M?arjUSA!|_{DT913{gyb)%6H&jO?h
zW|~Gt#W4`6VpJO}i7133SAqJ|4+*F!LwjtT@Vl#A2|fNN%1Q*XI$y1)kdTjw1e@XH
z2XnCNTzT`}g%Cga3sZiY*!0fN&o@i_RKl5rJb3;^I%_o{tg`?K2PgfHDJe1_skfGz
zmBlA(vX&A0f_0tLX!knT9(knO!|by_v2lKN`itu*hjtwxss&jp`kQ*|a*!W*8b{3d
zW#03TeM!~0hWa4Og(?LNjnPKx;;SaLn3J}|hKCN)9y2l>by4g%%W3#r)rQ3Vz2S^S
zEg05Z+|vI3p0K_#+38Qps`FR%@>FM^6?wXI#-_@>N-gjN_55YHg(tF^EHq!-?8(st
z6)Bo9vU4jcl4fV|wCI<D0t->L#Dyu}EzE8V3I)Hn2DdMDdSbP^ycM3V_vd6kJ+>|B
z850RK6Y3;c^{o%Y4fLTU>CzV7F0;}Bc%lGz7FL2W!~j5H)ip}=nYU9Ti`~O94%~cb
z&1z4!W%5Q)(`V!HPs|gtUzwi5U)zb)7{pxszI>{Ek}|&wyCvB*ebzf~i*zSI4Hqk)
zi=Z9~4h{X-iakfZ)j(H#<7xMeWTrq$OpW)eFC+#BVtt(7<7ZV3hu5=6dPb5K&yZ%0
zp@lqXy=m!N-Rl!@=CD(dhV(aE!sQzg<8>w~dFZ3w>dc9<aw(_L>shz5IDE6qRjce8
zJF>iwh+ZP`Jf~D@nSWxNZYbe)dzqn6%dnxGTZg);(V_LMMQ=d`(;`~SR-gB7tL9nv
z@5%gKll|(%G(>HI$39l=P<TtVAUPF}cM(=A4Aoej6L0d4w)JvRFasL~#hXn}XZSHj
zztK7CLQjuMZON^`cJ{|Cmcu8^7#O3S)u{&mwSzM?Ft3$bSTz%(r5%VzvH+zKg2BSO
zIyq~+zl#OfUA~Jo+*cl@I~(lPgBDQd#*TMJu`m%(ScgsW_yi%aF5wi%>>rNxDeZ!0
z@NZvurKlwYwsjS0kKWJwclq55s_pAFQx?|l;=%%~Lcd+$cRDUqOiXgVKEXV>*9-ic
zH!}Qee7h^yo|)00PK-4#HvUDSqBGPi$7+Uhkv}-40}CUlf`Q3uP^bECI+0=^(T;k~
z^>92Kg`bNDhJned*s<&1a+RnCnU<ddtmq9@T8FOkMJH`X7Q5L{`;)2FY!1ba>JhsN
zGl{m`+R(;Sal-P>>;{n|zd~w6r(Bq-+oL%#lO+9F)(5<^gInifRmuhRYLC}`a<sK5
zGQPe|X+cId@~`wKD6jK)F%JCTBEXG4@3y{OVDtKLOCaKC$jjMXEn@gh^7#r;Te4jN
zLO<>nLYFPe$6p0v!iaq(;Edxs*Z(+yw2n=cdBG_m*AH7m`Fly|(*A|u{W`^8f-z!-
z&6R0P(c<mQ>HCtz^5Bt{Lc&5<yQG;szA8fQfjiMgtyVP=&4aIRYqX~^h~KRqNZuR8
z^Q5blXP0KjgQWar%7qK$89CXcG(nPx2SEKA2Uc^6GB=&Bz&UCJdzXhk5C{zk38|xl
zXRuW4JpPOO!`4qr6};LP3sx>Zv=Xkg9*LD-IZczGmm0rhm-p2-2IxaK4`Tw!C`I!V
zf`h9op%gXaSCbjEY?(+Idbt#=h}u%<svJwTox7_?Fs7?@`}kDow5<}s@_qDn7$0lg
z0BM$u>YeyW1KoT3Rt#+n+2i)|RfrCeyxi{k(jdC{3t>)<fxW9U*>@{u!E2l<0?O}y
zr()x3kYBw!>|AOLmVndu4S2WR;6)Gnj=g;D_09SO(kpz77WxrvtKP{Q#7VcYevp%s
zXK~nX$9mc|=?v=G!V{3x#d=HNQ|yxi4=rrBz4Xad%2iRD-YFXw5VuWihC{}zy(AxR
z{b9&kTIl}|Q}4hYXWMpxMvc+fR%6>{!!}7{+cp~~6WeyCv2EM7ZSQ&BeeCbpKVW9A
zx$gV)TI+-#aw#fx@rJW$y6a%M(NYAd3b%;~DumV>P2e%{3-DjxYX-GN;sXGm=NoM)
z{Xdwzd*^U=wb=H>Uv|(z$_3_Y-9K_p%39U#Gp3VOS9|O~T=*H(3{Q>&nx=+ode9YX
zns@hzdmBb&RjmC;x1AZvw<?KV&{x#`%sh>O5DQ#;q1t)kMT-!*xPIX|WvDkEL#azK
z@rGuy)|aRl5c~pYeYB7W+CqRdU4#qGy%Ru19VEDw+nnHSfWDSnBSF<}WK15zvWbH^
zo0I8TPrBk>1Bebig}QwZm{o;@tib60`YoaE3$Fm4Pzdp44EKhGsJOUzcQh`L<a(;8
zz*&y0k?~Wzs+wwM3JW+aHhyEG%XHM(TsLpXu)#(PwhBDjJ2{a*e5EId$|^g}02f|S
z1yrR`p1h<?v&rUX;SL7iw&N`@zzf?|+w}0bGhBIod77`K;071vF;q87LSgF~>5gF+
zTs%3juuu+f;UiGnAqx;d3De>4$T|p$boxR;L7{CEOMlj|nzDONN7ediVFj1am36qq
zUkm%O#{9CU>Jve<$>}qfdXU&93tDmBMr8B+&d&Brhez5t7sc1N6H3a=zOEBngimZG
zfL+_#re7jwy}h01cAGMx;A$ByV=|6yXe27Ke@n=}JNG-h!n&b$@dq8K%jnu1PWUJM
z+0W9=-kf5{u0xoCWR{M)+07Nk;M4aR=6R18O-|+ylA{2bh`?B#RcIJIB1TD0h&Yw~
zXAfV!Cxwu<Ipiikea~^p7jfPj5g8cCb+I!ak?!X{F}I{as}KOSrJeBCjkh0^%nFLg
zqOi6<`AD!7_w&tYS{W+tz*HGeVtC0CAb5JwFQdC#di4OzGNKn^*|{#KY{{e_x;dd`
z55w%ybnnYy@~)!kT;Ya<--%kCF_UE34GGi;+ttg!STzmN-L|%#tgfYn5=8Guv8c0Y
z_^ZW4YOMGTDanlabtD!Y<@Dsz9Q$assj1=Sc7*Vf-^$qeA9M^R6#=ampj(}71LdEt
z!RQYD6L&VAzui2v<UCk<@U&^7tkxG)(vj-(3UeUW$K6)c8!M4EkK(}_QFfMmZ}(!%
zSkl$WiET+kQPSfjRyKcgU*D0P(&^V`u=G1~1ALLX|7j3@4I78a)`#1@Yvb(g&HAdA
z`{y$e=G5kG<0ZUng?yO&%3wkYF-}?{%k}LKy68@~A{)|r%yqk0ywyPO@F}LRtZAya
zu&4U4IS)btg8rjGBxK}>v5znE`#pyJkaVLISGWP7TE+Yiq3?vpfqv(lc*IHDR#yG1
zV!&rvDZ4Qz#_X<vOwUBQHzCFsKg@<t5K7!dKhx$ignPhrZW;t$(4woVvT<f#aH@D0
z{CP299d_Txz?^{0p;zW9gXlcS$DRVWy*bDXLB@*ny|bglhK~wbH&SfvK;c&w<})8I
z+Hd!afKNsTYjc~cZ5uJ9rYrT^OBX`8K|iWpcg!t38_%$#S<3x)x2O6SC{>QZr;`Qk
zQO9oX9~sn`)c+jr^N%I*!H~G_o-LB-mT2{67h0H28ynnIe6FaTa@bk<*2Mj*U|uLW
zzI@Et+={o&8Ng0gST;L-hx+f?eJ<>N2)X&!E2*ocd(^(odim1NVvNMbe!oGO9!p_j
zV`U`^Y4L-;==X|$x3LE-549^y^th0wu6n6%QkVs#4;2Mh>Y9#p0C0uJ!W&pBZ{&)1
z4tzw<)&Cv1@_`Xg+V=F0hIbrn_=gzL2-5%QOg}!qST8HxU06ejnjD_C`n`)y;JL#$
zN6tp3v6t4Lw~K^>8#2vJwO2R#F@xhyX@B!8`&r^9FI3Dw9iNY!rLLBoUNFh!Y!MZG
zHz+ubr!D6(urV}>8wD|H{9k?TAT@h(?_E-+Ler4o2L!yp{V$!ttr=MSFXK_Yd-B}k
z_i4>>`U}`-IfIQ>XNV<k0|TP*3v~v5?oKRXbr^d3s%w<UqQcs^&Pm$!=qP3umO&<d
zKttM@H0+&eQUJ%uOVRjQ?%9i|d4)SqpqjvNCx%(nMZ2{0l<`KZ{JVBljpNgv<rshN
zzNRwTpsCt(C^ciI`ZgZD{KSgRBe>GdwlURXvgETAWgVjvLtZB`ebfD(r4Q5pynw1A
zlCsAUEpf=<vpn$kb>|~$iX70s=p6aVi)tEydG^;>WC*yh;?P*Ac86yYepAl%yTvyq
zE$Xxr&yj?Zt7&jg521wxm+@1udv+l|S+OgE<A(co;DP4}C1a9q$)lK%W>$7hw&dk{
z`)Jabdb5u5P_y<}7bi`9S&7!4vs#Eqj<`fYE3s|1Z;F!``W>D$G)KBDtM9NvW0Ze^
ze7#}b27r(AZ7aj}N@+pQgn%1pe)UwP_loIabwzvn30yBG#q*2IVS!gPa4-%<A;lPi
z?1PO0qty5I`1<@>CelM42^K0j`DL$;<W7_n7G`#%jn52u3oL-ps*+@B8+jSuCHZyM
z^kWv~mk^L>r6}Yk9ld!C4>j8@5$>V4(`+>x^~h9W{L-tvxh+R88OOf05i&~`C4v-S
z7ruiH$yKfXKo4(o*Zu2G6++&Z>}j>)OU67wy8oLbr}gsn4Zg0!K{IH)=Vz`Nl}kX%
zG!j`vxACJ@DL7;bN;ieLcVzvq|FPIGm1UTQQDn3f^i}8q*szptEzc+x<dw}h&0urA
z5MI-RA7%ZE=?n+e-ek4DnpTTbS>wmt2RB|e!EnzY<=;D|L63iI5aj4`w+aHHkpA)M
z8E^mCIlF}%*%E|3Y=0~=`mS51gX`DVrL+6NL`{6WTvvFl#x|fIT>0Awb2jMIAq-_+
z?TITeH-fj};@KMM1wxJyk~e?(;(!_W#_o<Yt5rXL3fQ=D`L)ktNgw#*Wl1(1TXslR
z?bSWD&Mo8q**m%Xt1b<Fb@Tvs-`NQ`tNq=7)!si};$TvKN7DmnG{({v&O6hFwW0pZ
zm|oP3C@Ujxd7}eAF69YtsX?NA+G5cDm@oCvQ}ge!)Vf9HKN=zv*xZ}Q;OZY5ij@0;
zfq{ucS^V6CV;2;RY}k=~RJ#Xb*7ku#KxbRL>;NQx^O+jEX4jNlTtHTOj3wBS6n@lk
zE@zAv)47r54)ssoJ2SMmf5>wch3OXGvO+#A0<k!{%YRp})H#yyGp4Nvl3jM39{>|-
zxC98U{OLD2_$j6xInEe4$kOeo*JmP*qeCtHJi(->xgv;>Ayut!94JX#nD%mBcjiOA
zpq7DTkH=cm53#6cgREk7vyYp(X3o$H=gib97uUnQV|8az0~Yg}BU+_rnZgz5sg~`4
zga*two|4q}`l+}@*+2oCYX$xQ&8k8}Gc@GM%k?w0+?f;HGvBDU(Su4E`dkZRwRby=
zy(|pM)|y$?sMAAS&(o*Kyo;F%)L*L6;@$*TjQk(0zU<n|VMSHw5}12GT7i3}77=>R
zq(0~fz$xTK^ea$H^NX`})iTVPrHAY62jm?BP|<lY7E>Q!v}#d|3GxLRpqe^!wHRAN
zoM|#=A@}8wLj)*Rg5CLExnS9E!Ni+|+@V`3UNToF{QazJBS%+%#;;<=e8#UzyaKai
zGmP|7F9&0F+REMI>^opEM1#8-jQ~x=+M3;f^mCVtEEzQLm=OrgP21~V6dzZ^+rh+;
zQ4vKH*?g>Ie%zHc;fpwdCitq4@L9?xy=D*q5@XcemIxV{?@27=hJ3T6Wh%V=(uwO1
z1^;%M=E^zfSu@*>*43>qDjMj}@ag^zW!ZWF`$_|_gY8~kNAB8&y^;M}(vj4ByLzCG
z{vKiqh_t$30W2$i*@>=w$4}V!V}c=EA^*KZDsvopXmlL|nENAMWf!!~q<6hP8Xu{{
zxwA9+BjP}#?d>~mhPb;w%A;!|4!u^m>a#Der{}QSJGy}vkQHX!t&41N2Rn+MAbe~^
zq|5QI%O{ceq3#jF25d&W0JHPzO~!v|0P%H6@eevW^ezu1B%}|Rl-b2OHIE2=H@T>B
zYdBbVN=_<3SS$%aRn<QS`-1v%6etc9K%s$=L11J`mpf(m)EFk45xHw}*SBJxHa@7(
zsIf@VwTTIZ%3JvoD?F;TocL|asFni0xEVOmT0$ceYgzqsEZ%*H(ND{K9cyN;CNgHK
zw8B(jZGx&lE!N+xL^)Z&>(^<!7uR9=V!p>4lHcg<1q8=|OAZRQrv%g<pbEM|7iL*P
zInQgaQUTOmt2-$uDbe?@f*Zm~@hADkfJ?WZJ2LCzYWgSVa`N(saR$VCTqX;%IU^sF
z_rrYnV$8Z7cw9MP5Ref47Ba+<z!<JLTpo6La+R1SB^>K<zmNL(WgnETbGZ_NgWgAX
zH9XC2Y&;QBQ3zi~P8?on$9n^=z(zP=Ou+dvTW4$o+M!j9V(&L7VFB&vx++{OHDvL^
z#OclZC~<Y8@pBzGq(};0UU(EQgi3yL8Xtk+{h|D&vw^N9Y)0+xU&TcwC3jNjiRhVA
z2&OCWkgj^I6A4m^9_}6At?GVrhgOw1$)fn%?jx~usy&-&8x=pmk-Ao_d=$b=J5rFN
zVFS5a&0hZyA4F(P+a7ibazQm1#y=iPW^Z(j1YG=aZ{smEtcOQPfy(a07kySRce;}?
z6Xg?it*4$8LGbCidK4VDAz1cp%L*U$S?2Rav<dR>miA&}((A~-ywL%i(^1gO!yu>{
zsmS5=PbXttL_~Wb{;bo40$YKlX3b=2bQxG#4WpE!=egS!@B~+0i-xcspMVXUG<~Xu
zXvDHMGu!mkwox;<itmpl%Dzy*Qg7-I%7xLdd?QtmL;TTshb90T1@a3H&r)J(m%j@y
zjT!pBa0}G>;y`g^U2WYSPS6o;wN7SN@%;5zH8S3tj2o4aB);rjT@AP>x`6feQIvxA
zJU+(D?I_OV7?isXn=)10;cUdh_-C`G7FelvJ2rGuxhLz3p<<r!4qg~6eXoi1Q*m@T
zHAz8Ro1mt~p?`p~mZd8d<%3NRnmgJt?6zP{=A$`YQ<O~R<c#|%R|N5R^~D#txO#6g
z($&|-_gcWq5ly4(?2&8i($YiSC9t`&;9h|iJfNk=jbODkps?S47Y%J>e04P8kklE1
z?BO1)<moU0BSjd5fsmoe82G)!?isK(O;g6(5snmk#ZsovVh|BY8C*F*Ybs9;mK%rU
zw6~0m*1tfx7p}M_yi!M1?+M;vn~X2@6ibjJtzrl<@@K8(;hIz;ExezKD8J6if41Ei
zdBYn(Ae?%%dGb*>Nd3=Zie+$~Sm@Zc<XMGKZ{&wSLue)BlM;e7#a73YMA@%T(n!o>
z7rc;+oH}x@p#EofkpAGnXQ%5PQFiBv#9LXx3A@uTT>(*96*RaThki;ECGQ&+$10-K
zBbgUL&K#eR$BeQ_pxq^D+cAL={Ecu_J-^vm2;%MlCN}yoEq$JiF&4P+G|T#X;s(BI
zKV=s>y2?uD*LSa`gSw+_pI`pEY?IMOYyE;Lv9aUH7cks@hu?Y9U~pywJhvJ6II9l!
z6S5U;)KuKgFwWvt`}YQhifW(SdFCuPQk?u;o-nLbvD5<OM>K|N>PnWAvIaXsbU)LV
zQXUhMvPC6Lp>c8b<UB2D@!=!gxh5b)WHvffDT+<6ORbWDQ0#YN+WfJKmWBjy#4#Dk
zaw~V7iM-$)<)IfVFWR2d<JhYX$QK)f*>b?|aICbGmsAWK!7gizY`_JU=e&4^l`;w{
z%J{@gc@P!HcF9%xsp&nppJo(qBBg@auYRQZ=x=&;@9-d&Itr5mZ*fT|{v#(9z1Br<
zbowNdA2!#}w_VIs(LX23=jv~_jvCP2ZwM{i9xsmPuP%m5sj=?6m|(mfOemN9+ZUlM
zP&WvERqigbf^5B6V)!h2jZx<aze_u@SNRigQLlXTB9r>?Ml&RNT1Y`)IVHR!sF16R
z!Am3a3LJ<H#FR)beFK|FJ!y=x6Wl^-aRWOO+0h%W9MKH?%Q&fN?>f)@5qb4wAUin)
zKY?OJQnMKbOCbiByKa1RLmCT_$P5M5VC3G8Uc@r6wh?2x{O^&M3YMr=*QKg?MYlsZ
zcnMM0j#dx@mqty0YF*6cta8`)RiX|85%M#mrx4hvs!Z5O067O+P(L%1yv+uWCdcF$
z`pRw!>p)DXU)J#q0>lQB?Y2oR;#00P8v3qa1B<S;k)^EQ1o|ClhW?l%25+NBR9uCI
zeG<zC+Q}wbCSIgc$BhDK&T%?0_qVf!wnDA^^A%G~Bu0~Rv;8XrB~CU8PvqIP&8~#B
zY?{H+-(Rxh*oEbnPmDqVTFlED1C&D#=FRe!K-0ic?K205W)^aTO1Nkl7LeWQm+ZXe
zhFzn2*?>{lg_@N!*p@AMqaxXhUcpkhk8;^BW-dOu$GeyheFq`PEVVluA-(&yin(%S
z3ukY+uNsA_9njVT=hFT?Z(3qKt@)$@SMQB3O@>FG2d)p1Hxt=>Zme*l4B0ZtXH)r^
zV<^G7ui}X=LOZNz9lYq~n5$^gRtX<phd=zBzCK;f5M5-s9}lSyCgdXgW)oZ%a+Pnq
zYV@|DvVFZ}kyjU6?8vedQ-GnG@$R_Yu_yPr<>9p^yMf#1L7Mdx21<P|8djwI5-(MU
zde(uyG1QVmBY9tVuF(K$_crd`-NS&a7RaX6Vz5{@oxaiWzlH1Qr5e`xO~_M4LJ1Cy
zw_Qj!ke<_sLOn}8a9h{z{2SKc>%PQ<(|%^8^@P6s0gX>okDQBtO9%^#%-nZCu)4i@
z5izuw&JVOz{(RYKU-VUlLLPl0ZRxLPC=_JikogHMCqcO|3gWNx?%CDsiIOwr(WA7i
zG!s|bOqeAFhxc`#ec^>m<4m0m4|aM`qi_;55^+1A(d@LO-x_A>T6U-^&#F#=8JK>2
zK49Khkf7H)=$?#kLyS_0xVUWTAmsC+M*gk9_G(VOXu4=E@EFf@pODF?BK=vd+FsT&
zfmc9jtm7N*=$o9j^2gMS+T7he;Def&wPJUOI+!yYW0e9eT%0WKy#(!-PGMV`A$ogq
zqXnU7$EV!P1d0-d-H>DCcU_c8NamYbC>VSrHAWqU&jVWat-oPa0RSAls@{Gh$PPA3
zFsMH;C%TQ5oDSR953(U8#r?sFR3UskaoDt%CC8U?&Ra+}GKj}uA`>SK*_E8k-P6nA
zS`!Ii_Zuq@H1$8p{QS@m$kF3DGYvd#0Vg-MlNT~Q!}c8EFgXP(u1tR$r_m$Dw8{yQ
zt(eH>f-Gyp6NUNIv|b#FT%j(;<-D`#|DlZLSNkNcto-rZS|=YLf!d0qgB2dArZ_(*
z;CX7#;0aEjxg2uGtL*LN3Cm#8OwCTq>w2My(><(ojo5R^3CwOKOZJAhA+|lZzC+WR
zT({PDwFT6~Ooc@`8Wp9Hd)c}b;QEC$1)(llsdy~%ckl00TxDkt4%}n6JK2)tSW_`{
z!_#e<6ZznLU*o?2gtI^%Y&Od=lN^bWg||Wbzk9wHTo3BGO`@>viVD%2yWW>275d5%
zigSH^DEa=F4aNug=_hyI@=_ZLgra>Kx+(d3{n|-Uf1S8}_vF<}MB6<I3C|-f#!6mZ
zT{AE-jmpczMQwRIPW^SKb!V-3Jv2!g04|UZC@07HI{Au`==U8o<^}V#wHsKTP0kPP
zW8RWCEX5y70S+z>NNCT@OpM{vIgux8c{z37VxE!f{6l#?lwEsgmfDSCk>T!%f)`di
z+xS>!dP4^o{Mm&Z)Z17NN-4k$kvwc}Z80=9kGf0OAH|abGjD4_hv_S#2f1gYqnzm_
zo#>JP(#J`FhNh;$-f>j)3oRo3`ijpjsV4Yp4#w@*XC3;}S!mj6b@#?*)Ng1>?&el~
zTZ3p|7Z)^Lis50#=o>0S12*TbsU0974$joH7zZzXdl!GQU=dDO@uR^IB5Pd3#yUJQ
z1O3o+Fm>(4@lAqHh?xe|uLq?#(*M2Dtee_mFI9Z)CuuvtH2jO5&*+L@?dL`T5ra}q
z&7NPlMou8`pujWWY^i#7nkVYIBJ@%5vB~~w@V7#aU{B2+WoC<g93P4mZc-WQvsHb2
z1xTj>=HZ7%ZZ`3e#UGj}E$HbQVb1yCEUzaEyhKP(NnZSB*AMukDV^=vhc<Th2IaSB
z#uCQFn?}3%!PXM~(vx>j`KrLh^tN@MnE=gD>FLqZHouJ7HAURC#W2-2zAgTe`(BC3
zY=OQ3ITH{s#4pXUQaxJr?wZkL33yX$6c(2)o0*cX^vg4d`svE?X8jwZZnLC`4;y?m
zvVU5fWOcGSGjkr8h}7DeC8J(vcT1PG*TbU`Z|iD{-v^r6C=m-U5Zms++~fB^QY1Fk
zs(nLdakh-}E7RQ60OlG{r=xeJ&Wy*eB`V!b!2H3}SO348ECdxs|6QlCL6RMz=Z+UX
zeI<YO975!!-O{NuEd8yCi+u-)x0?`N^r7lZ{#zDi{{t^5ioCdJ^&6e`KYp18JJvAl
ziW+F%xO?v034Ze*I4W5BYE-BYdv3*h-Ti>4&!0Q#B(SS|0|&@O@u;qZDLg%N&G>jB
zihON+L_Xwf0b_*jni@o={RG@5N*ezc79~BKAIGD(Lp?1mWocF7Mo~0CN{m`+dG9x`
zEx!uMFl)9Z$H%XMBCM+(D0g2^j(`onAaQt`_^+QJVDJ}76ac`=$w`G-CVc=yx3{<F
zCuWX56if`vk&~cRL4CUz8W8y8kWQ=%;{Va{^Q@cw%LwgcXLZ+cL{lKXD-;7nuZWHK
zRd@@DT?YK`6GAEPc7IY=OR+(~;tP<#mHF=LO5c9vn4#DwqphHwc=cY6W$_uVo2}4$
zMhtnWsfE?4NS+wk#@zpVv*KhgC?I601e2DESonlM_k`9#V)lk&Y>B|q+3JfKp8LOO
zr7xw|XZ)YP5->7kfc~I=@;`?y{fT}5_&B?<@xi1AT3lXT&FCO|-DP7whb++FH<pFY
z(YG6Ys2QCub>!;!xQQR4mE&Ok^#^dtNJ7OLvEHGcws<^KVb<*8iX9Gj(@#a=bhE?f
z9N0Z~C$Vp{CE_YcRugVT13Zz0DJ|CGZZRTfsbMj;Uhiuo{Z^0^di`Xdum8k3n@={f
z;S@)T>7PD0ieOAJ_#HD#cBCrh$3a0NM!%tfsjRFB%LckE-c^o~jW<0DTv=x87g_`I
z|9Qjr0Ap5MCnu->o}zN1>_L~ExfomjWt8-~_QrDS7fusxx%=8|sANS6@DsN9@Ue2u
zCnUp!5{mmxNq0_e?1PZ|jY?Hld7>yN?U~B9P!Y*Ywf&z9VBh<MaPnMwXn`)?On_~j
z0k)foEKN%Bs*Zyuq9NGiej%%SZZfrh!mGt?k6=fz)4FSEXu7Vh(&5hFuBR?jKv&wo
zg!+w1-QnpTI+K8K*>?x|r{Wa)`PJZ~97>CCZR~We(y64&|Cz^s@$)U16Kb9<h`&us
za%2XwP~w~Z#qrq5P;@;%Uzm|QZIu&V{i;Xx6`=Te&`EMl?`~U{GR97qiisNhYWd;5
zeA`%*nTL{T#=OCNevd!_WqbJok2Ye?-tn&B_}Jo7pnBhA4OT1(2JRkd_aO?eO0DlB
z(4F(LweKX5-LNsaK*eg>{MRp{DGJ64oB?MJ2bLOVtNP(JyPCm??9_DuZQ3rmg9LT?
zvTvUkAOJks|EwBxY|%COHzVYnj<#!mp@#I68j;bM{q0Q0Of!_HJ<J@57(C&gDkEHi
zW?c!R0}I1^wB>dSVlOw-ZQQPGK_mjj2;;R5a4hp?pC8%z6^f~ZS9!aW-xewVqJAeB
zT<j~V|3yI6D->eOk$)-{zHdvjr=&}!HH!CAd8SOtlE#;oR!Swv3m`(uP0PEH;23f{
z{EmhvE3bkTqj~h)L=MVMKqvg4H;1=LKq4+7Z?(^B#cfd&F3CQ)ys_3+jk$UM^yS}M
znkj%%Qu1XF+O35lh(ac1>B{73iCV>naX_9b)XF<Dj%SL?m}DtJQ$p+{-55$nN7;0I
z5*DO%!%t11b9bqLO=%{`-uyvD%N(LWnSZ*g;dpzgqT7y@5=M9*HKrv0;6O4Hef&N)
zJVcC&hc&t;!-MXEy`t?N*g3;vTyQ0$vo}_Zzwy2X0%ZMv2L_q62$$STjg33sN?dA7
zc2uExdk4f1uZ5pxKj9|haGhzu_qByGM|$vo|H@hkj|@Ud`-3YU9I|b0Fi?~Z&1mv!
zV0$R4GRTWY<^!kg6_!UsSyeOu<<*+d=nFX`qH9dtA-8mgCi-4*qD129$($V(NSjDb
zyqrxGXr@6%gKBmCb6NCv6XHIDaVYmrTzdvKFsFuY1Lf-&v38dHCQM^&55V)u0GjUq
z->Z;4SNwZwW@TR5#s$fxfyw*~PrL$qdYIb$>{5&p>^KeY%*<LdM2$yoEYz*t+FefT
z3hd%akA<ISeCOGoHRku+{BuO>5;0C@sub8g9?u5DRjJ=i;L=qFZq6LZkD-&(bCEJB
zcCJOmt!sW*&qGNV_qSI{7bLqAqBO~;ljnkts&<P@eaR{#+xpNZyVEkDU2cILMpm|;
z-2WHTK}Q7zB(!@^XWk9Hh|e|ZBc@ke5#eW3uMS@jc>P^{pr)C-Q5`Y=>m6_Fv*eZO
zVQZtQn>w&LOJSWUvT^1tSYnO7KEMxL#eA;f5QmV+)Y=jt6ymQ?g{98=K@Q7{xmVB^
zr6^w@0kY?f59I>U0$uGAmGb^B{2U8oHbfK@79P62ru!dBwDnuoz_~KziU;rF1@r#k
z();(C;t&|zjC2q}A~Mp%hYFUr=BFo=Zw_E&M+7=#P|5s72k&CYX$}lR^I`XH(UQZw
zp7+xr&|j@cvIM=8>zYN7eYig=lQ`$UHz@A{CAR?h!r)V<`8fwNS2?E#iN#`SR4f8{
zad|TQJH;86@@?XL{Jq{8eokw835IJF3lGnrcNZG*zu(YNamQY(+T0h}V20g2AK;7J
zbaQv!>TgLwAP=#hcO+;deiQ~FXC-d2Ew<E<cdLrvRVnS`h!J*bY!yLE2SdZsG87ct
zsmFiCIkC42?IiomG#{AX7ENLsuK4>LrxhOUeYI%+@C@P3L7b8zUv7$TUP9iNy|f{+
zFF52EMi~TW>m@u1l5(;piJ93tybBXqWIQRY&_L?{t4nT>8PRs10RXP>uPTk~Y@ty}
zMWCRhVjB(UxXwJE1$j!4FLUj;lua=|Fs_CTrar0tLqf4*>Nq*l0uzelPhUdEAKe^C
zNCV<e7rQonMFu7=P{nNoN3YxOk*NQRiou*%)y+3KlJGXQWp4egsYd5SeR=V!`(}UZ
z-cuI-UI0bGgs0xm5$EREO6zkh>n#tDFpnQJ4^7Qd(=wzufx=+I!lVhLIruw^X=JV!
zU6B#r@PeaGPAp6hjbXiulBXgc>R2(migV8O<(e5n29eJNJpqJP<Sc(a5tLV8Qj=q1
zPmV;SRlw2VIlw%l<I_$oia%A1M}u2OdhpiOGHR|?jWB3AWLMgsua2D3GLrIU5Ws#M
zILZI~$pVrj1bpMIf=|+n>_(9#Lmga6J{WU^MA`gV2BtLCVG_N=O7^6i*Yxzw7n!R0
zFSX<Syi9F@fJWnNYM>Snl#NbLI<ikD=FpRQ%rP0&H$ZIt?$S3uls*U}`n{$4PJnb1
z%_!M8jSH$hO+8JaqqCWQIpWS45@$%j<f`6n@7j(>x4ZLjMoUs(CuL`RyIJ;>yuO~W
zLKC}qIY|K(EJDGu{@G0?8ecDp)<1l1Hm0eFZ4K0;2rGWl!%nS>>#Ff{hRCrz$?V(C
z@q^J05X{XX*r-@S=>yhbiTNRySgSL44Q~_xdhX$tjlocUF!Ys>++W+@EQP0kq@qqa
zJ&t*tvdbDfe&g*>ARs@W#jN$fwTzD7aaiNI_jj}mV+;1sF1r9dzp?Xkc2(86@o_pZ
zcRyfQ5?yBV-15`OXr@YL4@sQ#XVCw`vgq3Su$*=ZL!a9PGEs*`e%Bsh39^mp+09UC
zQXN0jhT^|aj>ALO%B|nMx$-ho8Cv3@MGnu`$nX3guyE4UG!Ep^btLi~CaRjO!EKZF
zug6%dT*>+1uUe<e>3D$PqHoy&ESW725QGpL#M!kpRIqHSPTpj7EibJ(b|;~m@w+yE
zYh2J`PW9%v)&~cI-gvxAQ!id{Q}J*O4J<{SdxlW5FEW?o!s{Z*8y8*sO)+NgcW_%q
z0&wtfcDJ{sA9pecMqvxCca7$S?e++JI}%Dyvh?$xDF57$a`SK-+8y;}*Zm%!oNzko
zmgLN79{QU}oFGmn|IbJatRmXmL#PN^Sl|l)w)eXqOQ+!DgF_xsJt4j;M*T|b#NtJG
z<naMx%QskU8(n}&maFz28^N~YYP&C}qf)a*7Ez3kHsrX1c3{Swa;50v_-Lp_Cq5=6
zh)0dn)|#nhuwHFSTpbdBkG#gMerRAN64H$Lw(*p{n)46`7bLEqF6+^Up=bUojp#7M
zbPIM@uCObXrO{wWLl-5`yv5xsJZ3|X{60Qt^#DTkLIAHW^&f6AjR{)EGDU-B%l2<>
zY{WxK9Bxe6J{S~76p*_|HnFtSg=!<K+1S}89=ZLz1G!l92#$n5c^mDzhFh}YK)<SQ
zecWH2fTASt;^gTCUEO%7!Cggqb<E&N?E>1yDk5qL{TBIzdVJA8X=P$8-e1Qfl)>S;
zxZDb*bo(#(WybcALc*c27PrVc#LLXBcCZiG%Zra+l(qT8HEgBRt#FlzddHlS{Da|K
zH>aoQ$mTfqzpMmf_0tICoC^p{6-~d7sa5vQPX>n-vcoqL=Xtn?JRV{H<6xyY>h>6&
zBJSDRjBWmS@_0+}96O+6W^*gqzBW-fFx}R-83A|&-EYzKt_+6gsAnss9)vbLiR`Ox
zSVuVY^mF?sm@H`!pM;hL!=z*{)G_u$uT4j<cj^qb+7nl<@45?B?Xiil43w=aMX7;M
zk?ZOImN7Ul_=gMJI@+t-LUKA7hy;}rh3s|~4x%-9UmObW1)mttd-a2HLm87Ck6hsz
zD}G8(Yzzcp+by5BXD$bs3<oT>I;Aq!?DS-Cjz;!sG_I$MVUIOC8`BAH;=6Cm$_I?8
zjPIh%^7Wy}lLa>ltKl;t+XPTmgwfENxYtIu<Cv*cYeqLDz}$@BVi2{94*d<Zd*Ij{
zvRYu;*Y2Du(q_u^_PMsdC1H7kI7oQ{Jvr%#V*;kp$bamO`cE%f+5)YR*!WKHQ|ijT
z-h?0+rK<Z2a?ub1+*9PCLmwMF7lpp5`Bcx?lLfBIbz1EaZh);?|3xMEPd=7B+vbqs
zID(xhuX9(+Guz$Qv3L+mN~Ett0G$5M$;e)ln0N79sq&9R^Lo~Z-N5Vnh@;g$DT0md
z(C{FkBVFfOY8Ke7>4~T*H&pC%S*3Hh^zy0Q9qXVvH)I#PEhjQ2Xf}KpM--ji_fMBf
z&PI~DXRN9wHv_9$2sUcFM$8oZGZ~smI`!@Bf5CJ|in04ffV3+?&kVhI+Yd9x>aN13
z7w}EG@f8*CG%2@9^s`pPsfi{fg-3@UD|l@#*w5FmR9JqWV~;60pakT_=eEq?^$i-A
zK>LS}52XAk#`shei$KYaT~VA*rbEGQ6BHE;3{GaI7}K?1lBH|N=cj>bBJbz#6AZ@?
zPngu-$InE;h9RAuzKOhqU;KEIQj%#)w^Id6%xo+n+C?d%8T&CL!JJu|lS+DYNp8US
z9IVKo4vxVPD)GUKozs&BdOcft`B7fhSylUb)}9GB>V@A&|K3e_@TUYMiWl?GJE!nq
zw9uAvatle&wXB2$qn_$G`tY^73_Z65DW{*Q^B>j1B4Ni7U1z4B1JoN(;Mm{3$pLXV
z?WC!@*HE3TU?#cb@6r@X3<@iPu@x`>d5O^yDJ<duIlCD;{V!Wk9U%l@71skaOU!Ib
z!)MWlmg}lw=bK5?7}*Z(|1ij!uo2Py<ktR#$g)kgVH^t+`UQY6_i_M_%&~F5?u<Mg
zYtcy4+C#^X_3rglNK#{?OkrDHkeB+x!4nYT2AS@=dG-QCZW0H&er@`3ek9_^JfdsI
zk?#s_ZG51^zlQ$d<;-mclhS(cJX{+CuTsk5>HzNa)LPp&13<~pj^&l4c`04;rdC=O
z@!|TVbTY7(gvSe=My5t1UE_O-cOoCxqmh|yh`K&(_y|qrk1Atb;NG7<sL3I^>=PE)
zKGz8xLS)@5QI&Lrxwe#K!%3y>eC+Fj!4I@X-o1e=dLYWf(&>!fkyzh_sGjei!;w7{
zBX1V2@wP#f`}>&L$JX=&n5P=6Gb%EHN@i!+eNh`2uLQwh&Og{SJ&aH#$$3jI==l4h
z(waQHKEyTPlkU)%%;k&uaZj-Z4e9<!UZpLq2u?=$i&vdP?XqH9p^gN8x)L`*Zsr`a
z)#o5(w><ysV$Vg*um0Cr?BS!q(q?bKhnH)7!uQ~c19)%FBy!@jBJLhM$fhbpMTO~^
z`Tprd#PIzmxcN+ZYG&@hzx@<w=xAZl5&PQ((6n-#%8rlU{3;&H4R4>a#QU1&wVC88
z*{5?-KVo7L-u2jKR0dY3Ii3d(>|3fs`6%0#U0Tz>@I7;~NSm&4f}Gw5rTd&_A%nQL
zxJRGbt6KwON|=zu=HBOyVKj2;;)a5FKN;Dw2zXty3~;*?1$!HM<;(R@K&8#CRII4h
zSr8<YIF-ZI?;LI$Y0g_fA()qSmCs5Sbvh=U^)UVVNI(z_&2p=RH?!x#9-9Vz&EaJz
zsdz8_+phP&x`u(78R(dLxnpN?YZ*OQn+-d<8?I0E5y}Rz@h4}MyLX<XCp%RAdjtj2
zKLqQ3{sMgP%duGl6Co@hB*mS-22dZc=@qJ3B+htN+`SZTf*i+xVs0k)k9uc>57j?C
z2$#F9B`&@$vS45Zr;>Tc{twb!t($ul^X~OUN;m(@<XG6UdI++)pD%ntj!pAZXG~3X
zlQy?gq7BbkIPzWJdT&sMombq10t<^kjPCXjW!$C37_xp#9G~Lr5qRoZdvL>!V|<Ku
z@%yntKH6-VZH_Q#lCyA|2>WJ&!-LISG<z598&Lt1@TbO_a!ie{?#vjH@IdPyCrAIX
zIcCipQGP;<J=s(YCbWX}W>Zek+fxk<R|+9a_3Xl0e^ES|tMv#OCk2?77xrj6w7YI2
zwj3l%`T;%bmbQq00&d#TYX3AA?y<b|tIPeVL1TZjfxdaz&gpOKPPG`#3S&e2Fx-|1
z;Qjp8u-U=X*oc59HYEZr3Z=g7<z)4))xO!l_CA65=cLbh*!|$V;5J|01@AF$II<%t
z_W|#5TllqGFP%3R8(37$;sV%Kr4D~vEdsuooosms__2>4<XcX3i^>w*xYL6@KQ!_;
zXFqrw{OXR}qEFgKECq@}o9*swGQ+Bry@nQo0e9ko@I@RC8#71Uf$`@bZ15aiiexiR
zUCgni4H8lEQ>;9Klh4aIb+VLMc61(_+yGD8#OzOp5HGE=a!*OEDV&^<!M9RiS^lRE
zHIuC^wSySysa>@pit}$&b2C7KBCHA1+Oh4KzP@vOPc;?ZniP2I>Dlh@54p|uGvR>a
zrU!_wyrp4tpRMjl><4zvr`(0R@Z{`d$y2?~!kPwbf!riT#|vX{sxc%DJ@0^!rr#7$
zJiBQBA|D%(S2Z(EauUHkLp<9otcb-SOG~6IY;8=O6~G<{s)#pL^z;<>-mnhY{naGh
zq#~a;ADXykIoaX5#r5!kr)M5pt3k3;WaVWBjJCIf%ajqfW;*f;NHepWW9#GGKd(0D
z)}I6Ryq@kVt?>L;Ms)GE=I`=9IVLuYz}nm0pb{uue?2MOC1s!N2=emrntLnv-L*nf
z?R$bb$fssz=QS0@EpE~X%eh&RPnGA~<@x+&x_9K=>L@(@BjD2)O(7xW)FdV8r^QFk
z7Qyty=+<zb5A{9KnX4=Rb<ekT5KO>_qXf=1`tUNLY5Y`#gKfNG)r=qLGjJRgAyI$V
zUgjab6dTwQF7gUZZT>bbyikXIA2Tis>cdikI$O)3XUjm{06BZawZ}^nyB#Wif(d)r
zt;vK?>KaYM$<?aR7A4R4!cu+COpo3-Gc%UAI*zA|kmt&mP0pxjBo=Lx-WfBU?jISm
zi~1)GIV~fcvts8g_OM67GH_=>9W}MC#qGrab|EK%-a63y8lsJh3JtXd@W>M|W!h>9
z>!uMMr$h46=2~aAr50#C{_i2O#HBr^L4;_Tx7q1@(kX)6o7v_1;62E)`dnvfR4=N3
znv?4d*$k2#!br9GzBHTgvx3C|!RTwp$hhC5&M+8M3)ZW2vSA$MQpgeu?mSnECx01^
zj*O}kOhu89eZlwDNmB^@pu~ocXVGp&10FY=uQo(Buvlqyj>d~MZO-WUAgY4CoJ?i8
z#*Jz1ZgI!35fM1fHtY<c2iM-}LQruaWN?l(+VDinF5vdBfz@=u5rI+A4zixV<sV_f
z0Wt<g&cXUipSXm${k0^Ao802=c9QT)fvkd^Ud)UoIiTyj=yp{XF&VGM)(*}N2E)4;
zx0H0bFCuLHE!T#ctUG*rpU%JAypNK9B8o+$A@Kb+<-Spf+%g(vAZD{b%X#Y(-%*rM
z!(e-Obt3qDwGqxti>*>%&tp|X(J&Sgc{6PtSZ-`pNf*)xo(a6rS2rZtB+UT181#L4
zrBRn@m+zRz^7<+?BuC4de)0^~BWr${eQird|7QQz>zJ@_tOJS)xTv$EeBo_OmOqTg
z4_1-&v*`wEa8~V#>dLY)DufbLHN`$Is@`ko<8{pJoVxD8I+Nx8)U^;Chzo_H(K~Et
z%c@&3-1u&u`z?nhZ;{8r^8Y|2V{8liQ-s%IP1GU^7nm(2wWQ*nA6K(V4)p?)kcp?L
zDT;GxkhXrNl6P8VsN)SQh)QEjA&Gi?q;NZERQe*mA!S>OQlW-#Xl*Skav~8Q6bJ_h
zBkkS*<ffvx+qKIzryvYMhoow?#kO2=%4UTmhiG+`cMXg;ok+1vd>G+!uP*O_boPp>
z__QV$NHTJEM$)v`FBmjBR>7>OnH&{=-Q<-+(Xpx45L!Vj#%ALN?v%&qQT#!}yA)Fj
zqn5!Ro3Vl(Rz&G#U=D`n;a|%MZF7TNvdm~!N(?9n;^1sVUe@G`*K!W7>ESXCY57i&
z5EYY!T4qM1;#H9PqbtUSt9x`ai_mN|74<p4(HKEZvVxhFb6`*~lg`A;!QqLNgAu|C
zTQ9ybi+W)y3n97yv0*U|bvL{riQ^HObJ<JMF|RW;Bvgt;>$JNLBn2_~QI}zF?@UF?
z6O<Yz+?(La!Y=T0;N{}4g!taU?qERV?{yjh|CBarI2pKS_t3hdRWJSQ*@SQIt<SNo
zj9Jgm_S!yu?&~vRBC@cd6`o*9NJ11eoEgd;QMWNq%dIc5t(>@BxzfnmUXvpaq&WC^
zXvy(Ik&A8w8b?wZ-n8Ly0e>a!3cMsIu_Fu=j*1+w27cI8@9*wm%c_|2ju;5KmtfBD
zRHcZnZHa-}O&w|q6G>vvZ7YUGR-w_+n7%dmrRKO&lo|WGj~Ln)ASS$1FPA4e(`&K0
z-=Bz#7N(dr$rpLSP2uuLNX||kZyaR^qw~?|ezwOSmLgK>A4rDp{Py;)gCjkm`FAMF
zC-dwA9m26q2#lAu+&nM#*SAiIz4>t4?LO`i`gZEp=hih1b$up3=}kC@r{Og(i8cZg
zswk}-r>^&3Y1*|nu2JB7mbS3H@cG~;)tQ0m2iGAu*4Eb2{J(ncD!l9)YI+7Xf;dD1
zxL3d36uPAL46cd4wQQf@`!}^A(5y`|GqVhD3e#yX<rwQ@h3|)QaIKHl{B+=6U5oJP
znVd;;d8=mOERmR=w11mN<`?P&!3%uD!gSlRLN;-IZHhbM&55-{(VR|xfsg8PK64wj
zQALMb@_=Eec3=Pz23BT%6Yz<$MVjZN8a1DwqJCb2xJ27$2a@N9dr@UBi0x%0{c}VW
z9LkwKEF;+IBJqJ6*U_t!g|#X7&tPbGwjeT1i%z>5f652S=Iq=(jvt$9<CeAX5Em4o
z(FI3k<n_SfDxQ`We&z>S%Uvx(mF_^a4{mcy^ENR-U`{A{BjZluy5+XJ0_%*7S8C!@
zY}$8e(NCLcmxS!^((lQvV257#%jxH#33Y4$z+`_VpXgg^W~W!1!&A)ed!z#xwC3fG
z)#YHcx`2P+S_zjvaeK-p0Q%N@eA%HQpym><Hc-d@4vu8m4k?@Q@wqswsN~>V4b|9i
zo3fbO82MsqTJ6Okoij+(Mtu8b6V^J5Us~ZOH6>|s>bjw(<if9Wc%!{X-VnN{?Zd;t
zqE?0C!B-l@JL)fQNG><CTB_#Q>K%u{*Uk7HOEHy8<#{l@>R$f-q27qF!Ybz|ACk#|
z<loSX){MLo4+&=H;f>wHegZKS72L|HAprpbCJjjEZ@)jvlQ`F{v)@hCbnwpzd=1k)
zAl!)5RcgHm%e+R9t-bx*P8=b)2=eoGC}B85YRCJ7`L4E{UZjbr=q_4RKGG)_hs0m_
zcFvoE8XvKZ#eqE|)Cqt`Yzl6sBWfomg+-TIYB~(QCk(tcypiZTawA0=;3+XW`gTNu
z8#G}SlZ-u=aZxxr4-Dhn{C$`{7v19DqPx=Kkf4!j`X>0iVwaGqVwkp;<{51AC41Xn
zzS|#jWQb~2{p$h&k#0FR&xaiEQGPqeXW*LUOlTm9>w_UC56_S9L~3KwJj!xn12tV}
ztHz1Mirv&_Bo}??h)?sV_}e4Z_z&xRNxe+SWxv?#XYa}bnboxvHZAm>t^b~~wN!>n
z=e2&q#Z69T`n?0f%UEb*?7Cf|g<|+tM`WDMp7t2Q5<i;40E$N&p-1A)+zzd~dyfU{
ze5oSdm)~BuHc4jL0IkK!p1SM3P7S1H*__iex>7rbLGAcCdk7MsAo9_o%p?7Aqmc<|
z1X_G%(B1$r27=jkWXFOWiX54MwpPh+@|+A~YxA(48D-NXS`d1&N^|7?8Aq(IU^o8V
z6a1c+qm~C(v!fe3P*+>l?{bclB=^^7+{o`7-NpRa2{zVNdtAM$8SvaCi`XeeHh#|g
zl-ED=nuL+wE2g^M&rjRa%uaW=Oen1j<-dmyk5bi3XDm3zK_vt)%fxwm)XNJGh9wf1
zWm0BK3y(2vm3t@gl!di5TADV%T7fZpOcdV?mzdbd&=9RiGl&GXbl+(h!xD-jo;Z~x
zSD7Y_h_DC<jF|~flZdIEwwxaa^|krgyN{2#;fwG(y6sL}^g3&nAW3r3-atx17vJV(
zzoC<pBgO!HPJ{w=Lq!>ltgWMN%4jfXk-!3*71NfR7FGw;AG0y2^>?>_o}9s9!1KT#
zG))0iBR({XW+Fe-Ik`er3id!IFB=>+6DRTt6PlK#9^vzOCs;f<l$M!k?CYC{L>rBj
zq!OT=Co24W*!((R^ZmXQ<4!&b3B+LvQYrewtr#s!pfwNL9cqf_Fh1}7x`o%ELV*A6
zW60soDB}SE1wJPOwFDS$lq5gct}XMC6ixr<KvH7vI^XHt2Q9q2FRSNok#$i~UB=@g
z)++Ctl4bq+8mi<az%zu_4HYe36sQXZb!i<*?sxPv!f|(`Z83~Q?aafQBD_D7y!1tO
z+WEVMk(lG91A8w?%_G(`)e%eOED7<aaLAr4V&yvA<HNw(5ULjp3}+5K`IyB+zNZ$S
zmg|Pi0h@?mPt~qGe<lHQ!@qty+N_Egq3cf>R5?G_!gCKk&yMWJp`zw$?ZJ^IF?N29
zX5Qaih2qnXu~>T{X7@BuB2yhU7Ti27wH{jFx(cq#YkYCBNmAmu=)U;2`O5M)=Yu?)
zX2qyj$Du_<G(-U_&aUlbJ$+DD^G-kJHH)|Ox>pvVth}V&`}*u18i&T`b85@0CHAZz
zKBc4D<K4L`3$6xylNp<K$3L3P8+b!bM{ig@gT)$x<fEM(tKF$j;FO`7d5vtX$5&Nd
zK)v8QZK1@$o(v9Hu)u8mmXpHsu8E0w<5|Euh~R)z+8SYYj0|n|0CsG;g`V|&Xr>PP
z=5DIM?ojn(82!DE+<ks?GK50$5rpAN?_BGr1{Rg)M{x*x+{>Q{#U$*yS6%qYx4ThY
zkn{d+Ap%&-fe`x{vCYm3x_<r7?WW4+e3=BoFMA@EG5x4*ov=wH{*GZ{aHNR>r%9lx
zE=6$T7ij<pqZXdH^_SQbLrJmS<meDW_KM>}dF5d!Pu<~5iE&LKnXL%x`Aw$KYc)`2
zTp&X7dp}s+^pnf_#wSg^z^073G~Nd<)~TC#Y}Xx8sN=5mhWdcnf!4dsax;kDZSjS%
zDyzgMU4JoD;UF~)5z+Hxtoae8`mR7ESXI2c=;DfLy*rvEWxVov+wl45;<|ree>TCK
zW3i9U-)x`hRCKUT!(`%<$rqA5v;JdkY__NvW6Kt5dt!q;wOV`f#0|2&(+{ey2r!RK
zD?BG=S&x5dFf;>E_fy@$^<TIBf~=^U&i?D>kEoyWAa>i{`x@LJKGCjOO=fB@+b_X3
zMZ-dDM&C0~x_xCKx*o?1cBlp1(Kk@A7Zp^jC@*bx$d1->1>uyU?0#QGc6SQ|45AW3
zGCkJxcV~nGL%?v#+rnc;SOH6}*T<raV<}!vwdbTUj9J}NhTl#=*g)25Vg=K=;F4o-
zrHC(LN}}eUD>Kd!cKk5<rH8zNw&C^T<={#vztITsMMe(jptuKSSnHI4=4~N*_RKMD
zts^owd8MuR{yjrp;Zd?jD|`6Q+*GrV7H=a>OWa<&f@~j26qO@|X4+Hl($v3QfabQo
zeSK?3u#XSB8b7aqqFN*eNeFoiwi~{`z(&DqIx7u@K{%T@P>Y}8zgE9)I|QX_>B|&3
zvk+TfyUN7Yf87B$D=?O`$eC*f!lp*(cpaso>Aef6XX@FKw_keSheK?Bvu~{jg?f>c
zT=E}zyeRWesH1n~J*($cMeD1o?$*WRn))lTsT$T{11L+Wo0V`vYC5oSUpy)mVGX0*
z$n3n@T7KblmTp@8BtRl(6;uT@)GaJQP;X(#D&$aDMAJ|ythD<*1=2I2(`$P#$F_kp
zVO!B>vYF>3-Rw?+BYuvB90fTlxz#bQrWJLi*7!ato3f+tdoJG{ebxQV=W}uH<R2(6
zl4Jh&vsks*EccPKn$EYE&j-Z}aM|0l3>L~^!QRwPGU|be`eymv0%io^x_fajbYiU$
zjrcTD{T(Y^io?6&RSBm8QT`fk<Y4h(;(dwfa=n5ODi>IcnDYB8v~OX8pFe9fo-!GO
zKwvC8S{bKWLv}Wf_LP{w^uh0s@&em{I;(Atd`~}PR7Fw)e~WG}9yMQer|r&a55=Pn
z5L%dTK~${}rsoe#na^ixW}^Ok{v#Xjrl@No^$yRF$J})k!^vkVx2F;hYu`?^vbz~U
ze&;9Zin0Q?2gMx6{P?SqTkoC1+_J{RD-H^o8^0urhFE0<`5RCu@5bWW4Uu4GyLw;f
ztJmLGUZ>phP$mo?g0QE9*FA7cWC_%`Mwo>XW;c?aP%D(LKH&ckTL=MxbnwRGe#*J3
zx3H8#v_1cTb+~%<&uNKe&;`u%6iBrD3*>yO0==l45|ZOYTo)x>uU32W=G?HZr1-kC
zE9oN?g@nhTBzC8s1Z~Jkh;7Wa79S`msA9k83>LveA47q^EbqQX`jsugMwYO-E$UG7
zQD!IBW1uC}{iwJQ2QIN(U$SJd?#W0?lhD{8B-w>dLsmU-$;3<)S%`we@-s0|aWJO0
z@3P6CLTzfVide5po@z?Q{p3*nPCQn;7ZZ0TtQ2K${bag}rlOIN^;6T7_w3H??zIml
z;%;`?uO#>zgsOnc`Gf)~3rk%8y>+#qjTrU6VPh@KZ)M?y#RoUXH@LgA@a`KdaNWPG
z2)~`wtlMN5=hub2k3+?)unp^G$Vgh!@+qp#E!yWa)PSm-j3YW+E=A*A!VGcOOG#Fh
zSst}d`F5tKl`5lk@6BEafxe$f*5kTTrjooT_$b%qe#j!zZ1<gkNGnz&!^4ID%=t19
z+-9jl<C?fuVv{CU8+Zt~|0UV9O|mi^|35sPb9AIn(C@>IHnum(#<r7<ZQFLTv2EM7
z?PO!yb|$uY=l8z%-uZ9NnbS{CcRy9#)!+IQw%ey)7QEG%W@g_TzL|OMYyiVVa$vBr
z4b|b)4W8T#dVF$vU&ka1Y^=5kP>lz-^t(0YBLC?V0$)zH?)wFv#qblNHHI+nX`l%x
zh6ZX){-27cTQyp<@Mz^P4l7PI!Gq?aC44`?qgwsj1h-i6HMKynTJ<ye6S^$f@UwrW
zLeGX|nNooQ-Ir35h3oTr(U<h3xh!d%eq_a`onM)JnHmkYUbhqzWcIvi|9cruZ$_wG
zIS*w<#*46LO_%;ksCcga&!0lo@R2udWhz##Ze8nA&C2f<12~)Sc{<)+vX<M4^9=ft
z&nMPuU68$d7hp~TS+~z^J53tktPcWVtKzGnTD0>0Zw*d8elO?ONP%J@rjJ&wV&#z2
z;`dp%YNd+acH_`H@_A1cX`XWVEX>YV3<c&EN%x;Wm8y||niY$|ooM>UjMzt@`eY~g
z|Emmtqi`m(%i5Rr!2NgM2`Taa6rn)fqKAkK@C5w-wR}K3N!jF`t6N)IS{e$Z18#SF
zKHDIlYierFS~k;^h!rd5FWpY@%ms6{1jq&o0+H_gvC>be#HsXX=|9^A{k1>bb-mbP
z6pKZGB8+O)g0HMYNLs376yC6V1waWoHa-q|?hvV0HWba35E({0M=3h6=kys+RSJ}Y
zfH&w~+unVn&Ln8CUec4eDOqMdzOjps6{CtI*ju-I!if(a;3hC$7Z}w<J2*g{ob=^N
z$wLKfp9K%y$2Y?{S@So0>u#nBmjAfbcHZaFKVrX56{Hhlqt|llO`_^4Rv1^XYF0FV
zcm02=O<;U+bTsVcpHj2OUJ2h&0WPtM^e6wtri$zSPlA!#)(&=R_DXt#>lK|+Fo;-#
z;wwpa@%)GlG{Jglb917d?6E?U^PbEZ&NipyomZ*enWZIkJ9k@>5U{G8q;$|#)VofH
zyCH<YJ34||zbdNHgs=p4k`zs$_=1;I%-bJ=;t>%zKarxYm>d4(oD_*5o;g7JsVym?
zQ3|Z!IK`pB1Qq;7rQ)*-E1bY^qIqIB?h?cjQ9vRA19i?$9Zu?>#<9{w^>gTr+J9_t
zQ2e*=^w|)C1&bUNW-O&+`h<DEp48dsESQgU+ZLe*9Y^U>M+R;f5E@5ONWm0uA9ODX
z=gCLZnmK$On;>5H0uK6g4?m0u2|+m|g^HIl-9c<WhdoO}*l_VkLQU0xHjJ4v+A7Mk
zScBZ3X-%dke@LNwO|0vSC7~)_EZpT2&+QHN@4hVj>^ZL5xqfT**bzu1Or1D#{G174
z1N`Y+vo_plQEINw$;p~1m6ILVi(APZ&@!bJ%-Oj;hxE5x0ikJvhq-(r`1Am0^$9Y_
zz#4v$L7yx~i5BBZUqmTy<PkbR{~U%_i2Y+@&1ju`^LboK6V#dpwz5IlKMtA-#Yj9R
zqxs1=GlOwC&#5aH<kdOh!qqQOf2y1>8i)YXH{($w;^P$D^pv1bD{d~KPvR8*Dobzc
z!t0+$5VsbKvf8sdcg(CLME+7K($I=u+OIxANK%tEyKt=#Kqc}ilRT@>!<J>k{dlj^
z<<9~CIpykApftXVSW2ljqYgb}?u)VBQPdB2ctu#IZG+4|&d4Gi<&c|*9{xvBs8+XO
zSEH~P7t1JnDb3IA?}$0iFbh;xbuf_Bi#4;bvLf<v>m5b@?prti-?%yH!gu}+iS-)J
zF?!(s2@m(*Ft&ePQ`t0YPL)@kc6_aszrV4t{q*?!de6UX52p!M-;qR?&S6OBOV~jI
zX4u<z3jE3fMtlm6Seh!SVwwFYgKhZFF-h_6i7duO465ZGJyKuZVEw}+ZLAx*QOKNK
zCStyyv$nR40tZ^mE+Pb$pBpc##MU~>7*3uoRGc7q`JU`Nv~5dZ$XCK>K4J#rkDIi6
zDt$X=_9J&1@xmNc&betLb2E4m)}U$k;6|;lvK1>^=Lm<>3hCw>a=V?P1$9YEbr`Us
zS7AcM@sjE<<$4dYZq228?~&mI9tZL-J>cBQ1Gfq1J8SDu(2-niXQ^e)jr76PtxJRk
zr!&3A&)DO5CkFSK2#6+iu5W#vN~VBAa=}Nr<N7+U)+0BNb&w_}{`JEBVM;mByF%ir
z=(iQgMwfc--FS+&kOijyR|+jc#q=XO2i~^H$rhK4!#V>K+t$j)e)7~cGV3UlXUc&G
z-s<pvMcr?%vOXD2!>wM}`aR2^^T5VQatKVL+Rx%XMfEfyD`jM#-pD0lGfDG9<d|7k
zhQ^f5w?AwC5<WV9h(CijS8?nrQGG^V7Vt5!*1~+o;_ULkuh{z)CcATJx7*dDURLj_
zZ19}8@FWmEF^?2#qA;2SLu2JOuws6M{Dk=h5Urkg70L9tM!xvInmwLuYSy&rxsA5F
znX>a);Pk$%)H~YUjqB5Y>6;~^L}_*iO};@14MtJpW@^v$d>fL%!1(;FM43>JbqXv8
zuLKhLk@7D?)fmBV>NO;yE1u+B`E>na#K=1LSOXngn|=M_MK_MN2OpxzIPGDWs56t8
zz&FT^CkE}VZWqRpzj@5A_+_isSME2(E~?t8?1k&`zc=e}fsX)0J%;hIQ${maJKqr2
zi}<yTUj%B<Zz&4wPCrAq_V>Z&)Dx7c!YgVNdaoOBU=z8@?%S~o1#;hAQZVze=*h1`
zTi&*=2v^_XUbyDL4eqC|ymq=LJX6!%`Ey{%w=Bq7HCkwZbwIQdXvcnUG+1kpjivne
z9r)p!@2dc~OxRpZODBvOcO<@j`_$4bQM#QMok}F1-TdYY{|FGgb7T&4e@Xjl#%D9l
z5!*QKfgUZVksz%#icu5B5YuwQLzgkR{s|^N2lNA9($$GLmxFrWQ=KnE%EVAe&tuRm
zWQV5AAp3nkytiyvSY7MueEx0d)-0@vI(hP+LlKv`U=d^r5Jl|#-Q_YOVJ-uGeS*E5
zl4){%BtZoc=$rrG!L^!bYGs*QW*zm{)Hmynh4zK(Pi#!zP!7m5Y-l~W*+~yvkP7=S
zNfbB5QG)4ChWRIdsv_-GTR%o<+TMybFyj+kFGnm1B5YY8Z4cW%MBrzd*+qfN$Aj~4
zG6l@fzX)!%Gl+qICAKx1vc-1$<?a2zye3vdpN85|m*haz4>dQNg}B-?G!@NB+n#wp
ztDYIo(ubTG64RmH(=TGD&x4*Q)lfbDwsjR?nMeJ6R`P1Jkx||+trqJSIc9xzKT^6z
z#(Re29LR*U5_Zec-+0FN_3J(JM7#Xh4os8Nxij$q86U56xo@e!WKaiNK_U8sdWX!~
z);S-2dwj=j@wUz#U!lB&s5J4p8;8@OI@p!xeDrin@PkNfV|DO%<vA`II=X_kq9ey0
z94uCDma&P+BX=P!Gj}9s^yr%#cQ}khQE4dyLyx1Ir?G(qlx6eV>#R8vsPL=S+z(tK
z=fRPo_@tbHi<FS19HyMX;rJw-iRmkX%U3zdvn<gm_8@pirG)a!oT3_@z~gdK;9jg@
z%Dn+K(IRV;FRJC@3=|DYE6Ie1w6X{svbIY0DLzYMqU6KRzr?VB<XVxlV;JszLrIy{
zxxUn$?>jo(Ho-_SJuRJ>yfDnY{q3kdyg=Ma7G(_`zsy~>x%-cRArmj^=kFl^Lu2uA
zoLBPxB34IlJ8wf>cPw}^&d?V^bNi_=yL1EFr>h7q#WLAgn1r#<JxI}iNlv~k%Mv~3
ze(jy)s^mW<C<vjHjUh6TTq@y}nS)+9^6boG3X5SpT=J8gYwx(Gwpk4LYOt`i3~k&n
zR;*&Nvrqbm=3*MsbwJ)0`t4n!jhx;6&U1#bHaPVyECbBUF*a}$2O+eKOiY41W64#2
za6yzd&nGztqUQRJO7JQrREC;QcLw^G!|M{noa8JN=9&G7@0CUgw{B0(1T{6s%}i8T
zkaM-*D6P_VOL+^zU9n5hT@OzHn0i{ZI~{Pf5|%JFG|aR@Gr<~89~|z*)Q6J{C3=EL
zx9}e|g(D7Z5T7kE_D9LxWztW_^VWfuh4EcST@P5U!x1_RzHmjp&*U!E@hSv%29l62
zKy@|D=;-14d>y#nBFqR6Il<Wsope3J$>P2+)Pk~PDx2^g3^$((^GfO)>wq?hj9YG;
zUY8#@SR*(~VA?lCi-3<Fdx*z)3j(TuF#l0Gx4~vBWaAaYe1$8eXPThI+*6cSj_meJ
zT1&Wwv5B$WugA*G=rKc6EpR;ht(g>0)`edeN@_{cFOOEj!b9`?t&o0oy#fw`EGsp-
z<ZPW8Hl(3w8*smQBlg!HH<DVSi0&c`jgmSAT(TA!f7Ntk-hQc8aD`CJgpn88!Y)0b
zV8`}uKm9l*wHXybdQvT;rY&i1Pb&*M=aHp0a4d){RcLK<eug1|+vu__dc$7U9J%H5
zO|2PoFyxg*b$jM>P-ty;CQsSJJg07<l<^o`vfBHdOh9nHfxyP;Qy$Ujj5~^!Q5*7h
zBNwbGBxFhc9cl%qv*3wG(d#24pyI+l0?v({k+xT+1CN-&7I%4_n7%%KI{|Jz9!zN4
z1Ron!*HiDn!Pe5Uy1MDbX=-ZLOR|0}J|S(S2^vP_F`*O|<~F*!xH6|IDk+Ms#JnIa
z8^z4VH`F2xN^w#dQCj5r(;on__Irk4=SV}A^!;Do@GnH$tzV@kSfKGo;RyRVg9{uC
zV^7CS(I%XOr08|TJNX3+!7afuIZ8@7z`XGhyl(VhG?yvxI_3=-uL~thPXMwoLiNl~
zRLso2-ASf_>?NKqr_iPd0yHX6kk{$o60t@UR#zrAR)KrdI5~sHjNJ?}s$NVsLQ2wd
zGE97Y!<%mi=gjzn!^3l{%+triRJ6s|JX2++-cFejhhoNR&5bS1Q|e}{^|1-*+iOOK
zc?tW|1}r=)Y6{|lwoudypFAF#!^7-zs=8^?F7Gt8N>#E6Z@bt|=Za0B&{U8lyx>)r
z749N^H?s^@Ovtl!?F^z4wp8_UC=_-C#(G3I9b0P-Zyr$ccUhY4l42_$xSlu&<t9;&
zu8j@U09W#YxG{M+;vHhDQ`;(2H_M#ce7=%YL^pvXJ7zY9{%!w^-e^O!;Nb>sLxSNr
z1@)1OVLIQ;=yZu;(-w}^^&&gB6mU?8<f!cq*zvRXxv-DEmK6YYhL-45>zLZx*qEIF
z*{}GIoMnkF8zFU5@Fh7x4ig9e_DgR^!Krq~(#W34KTYs>7I--(?mkK4a`@H*hH<x&
zT3#S;Z#gVa2#lK=!S8F#n-b+j^AkANt8}}58w4rZ5>|y&pG<%*+c{RIaeXb&A0ER+
zODzsNuTEJciW-_)rR3*)To}kzGzfRU1~bY&sMu0V+YUakRa@uN(z1TjUm<8b3PFFE
zB#5*9kaS=K($7)J+tQbX)sAeozh9KBKLpzej>p0eT$-Y7>sXW{(sMY!QU!17=Z9YB
zb&gGlYZGZ75322Cfn_!wa!MdXQ%Jzx@A2ER=1VJl17E+q@OZr1@OJ||tuf0?Z|WC_
zs$J8=->m<}WDlONlUQy*Y3!`(yI3NmOCBbB+rDq)o7qM-CnJL6hKl9w`V+>`EvK!%
zHAIOYWlLe5YC7I4u+*4xwPn)_x6Fn_u3<OLWDhLT22=$7+60PVR<VdCCs6L=+*DiG
z-P~wFjGWYJf?f?R3<nqP*b?a0@5jUl4=~V%UhX&m+0Gm;%W2f?c7{f#e$^{FEi8^T
zZyWb*1_9G|Zqw#kD9FyK_XwhC+EXTKEi!Z9^s+b{P6x;6z^<cYtpB@uf^{G&N%Q<+
z|5`wAHr+12#5@A0HK4+g{h5GDE{l?*DK;jA7-NN-S7|jG{Q_$UE<MZU1h^}{Kgpfl
z_c4Iluu_6J^^U0tr&goW>%Ul(_&F&9)9!;!7}=PnJ!7iX$F96M802s~3WcTR25en8
z;2WEdvs^^{Mdriifw3oJ;%OV<=oXXH>}u?20+W%ma-wnEmZg_;{iD$|Elb19*fM(W
zREDjE9i~Ge)cXuCU{ngHJs~_@hm8$mj5gg+h!#vTr<na#Vf7cc<8A2suLOU80aevy
zbzNO|BN|%T-VY8xcJt-(%333lA)=uxp5iqTX?nZH&Q%#7AJCzpA-!ngJGk+5t+gKz
zCGVCeSy^I-kl5AeM@@g_eD2Av=jGF8ZZ^3<3i1pKO2Y#_wD0cjM(NA+y_^Y=NwaNO
zqpGg&`rVw+ZFm!<U0N5|T87!V^}DJA8afbMmhe!PI{z-G#;0bA`8c5KY*i<zs4}ti
zjyU0{l66o_PVja;GO_ojZI7v-Mev?Q-cxe$)EdIV-C1Cz2~nD-;hPijlV88$MN*|}
zBojr{^>7H^vOCR;jg@+vgCeVET@`s-Bf!s8NB>n++Uh&oXE9;jx}XAGd}v;oW9k?_
zSKg3X#87MSX-hz}skr2vCS?6x>XDHe<leQJJ(jK7u$CN|Tuxb|>+|vgTwX=7=a)Rj
zIJ%m4K7Q4~2s&CgAji1Zz@kNf(Hd;1KYR-TnK^7K1JoZ^E^cmoaUmw~b{jbK1ATO9
z{_!|?($j`Vw`us0p^MbCFKKPFtQ}K!jjhYEmD!}GF19Z(?*~Vw6B@kq6`^deHfOe>
zhR)q-$^Ha%x>KeiFiMveSecp*oIHf>qlDIFl}VN9&DN1#nRSwFxx5a^%)rfycvH6A
z`JZ~mKAF@)Z8<7Z?#<*%SFJI4=OM-hglLKYig~S9Xrow$WtOfa=edvra@oDJJ^#*1
zR88`~ZBJ!!UtQ<w?ILyUTcMH7q}`EDMLW)W-n6KjJiPYKb$$Ov<Fw@9!d$py1P`D=
z-Umchaf0e-wMb7};9yw6e^r=Mxkt2@GkTD<Xt(2weSeS<`=<X!Q79}R`DT*Ew8hhX
z#iHpQ28dog&=BNtq#ecgBHyBC|9-*NKk`amjzPeQNMQWDfPk!S1iIjT1oG<cQ%&_k
z(zV<~Hi5}eVfh*))I2$B8FE@m%-c?df7&V#2(k)Qv1$g@Hgew?U;>3Dr1U@N5!tiw
ztvT+CF)$0A(l?d6+&znOd3EP3czEmt45!fUE*ZV5s>dj0`o@+*Nd-h4w9&>?x}%<4
z<8f?5i<M9s+Ep)ReEz75GJ8TfmPpzeTAa(I#lm11z*LQ^R6QpfzP(bSNS>XXm>>D4
zQj)pMRY|8D=<iO9X5k5NhNl+NwMM+jQzTi-q!<<0$y#3Xw9;|h)tUM&H<%SAu`#nP
z3cXE9VY%@dcojiL(*LBi&IXc{8MIReqDP7!*vW3%Ye+4UtN%8!J2L;nstofo?yvlg
z_K>pML$c5IE)MAsr<P6YWNNFMGM2&<`-yL!zAl&_x1ftPWs!|EEc$lC?-7)?uZtF;
zGjFSPfR*m<W@1&u0V9+OMMHR#VCfm)d39`@BAdT#jdbpUw=*JgL5)_`grRSWByQ%4
zf2?<6&)=L76T^mL=jpIWoKUQ@w=svIIP`tFJ({Yf^+J46>Che737=>ls^ZjZk=e@o
ztri%jN!$O$mmbXfG1-;zvRzGhb=?Fcf6lI~$a#7~;p1oT;OOY^hQ@ySCWeU?3LHY-
zW^O=&DsX&!JrYIG<46XIBDrUaR{OMH49)cK{h)8<+zb`W_wv>Y9r5*63phUahJ&`l
z7g{uz_hsFEbY3b`nE{aT?0n<CqwMg6rrytWx$B0GxEsYd4&gd^-Rh1W!6wz#(!<(K
zE6nov@{1rhi@Kd>4chfSpJ85iquHEoX#_M)C+KnxQ9HSDugmi^PBkLAPPg%Tzbarf
zR-baTy)br>+y%JJh9<TnyIQ7z_<#KJ-2T4c=yNbB^P78PX{sJb-$q74SRQkG^Q&C3
zP0(8bCiQOS(~<iFq3gF4M6oLA0W}d2)7gA6PHtdA%-mhX<V1t<_lz>o-0;9ULVff;
z_t=ak-R2+;&5*9%?CT+}FR~Thih)yg-Dne=$9;R8W6!E?_I)s!dD0O2HeJah!2PMu
z0U7qu7RaL54+Bru*y>m0yNS%S?6bXuN@UR|0^=4L|6{+7F0&xL&f)GhuVrJZS&EZt
z`cl`t%)uZmNgQtTGOGeQ`kb4}y`q(ee25gWb;{~f5y%T#_!}0g1gn*P3A!>9Ii&P*
z@38cHl@^G!>v9s(UPw}uv1<$)pRp;wQAa&ckB+yj1t3I18;UeFyB<+ebj&HcJ(ckm
z)<|Wy_=5pgda8DAWkbf*4C<9KcC0$%PcwH|W-%*fP4KQaD`c~2Xp*O_`nGsMV`=8q
z6&(uUkmAbvq)w>P@1<C<I{t*vYypZ5PwL;IZE@>N5E(ih88}!3SS9%lLEK+-tJ+gX
zfBq1^MlR`i;RF7OL+Ix{Fafj!HI%_G;*gI-r47(sv;K0}=tsoXvgcgcuCBVvFS8C&
zdkSyl9<k^8`1hnkzOCopH$FE}oTY)XD3j?7Kdyt@a&FkydcZq$qN|B<8xm~yoq6$e
zQu)ta{pc7@1y;?rrk$BnPYD@1ZPfOdAEsuqb=%k{*bp$A_O23YG_PrkZGU!70Z2Oh
z{cEOxWHBSL-&IQO(?`^nnKL{|lKlCKgXc_hqLBp3phnQQmY8e*w258CLs(zvpMI>}
z)cb-3#g5p;!|UMaa@3#9VG87IFW;LOsz59q?)kPZ%G%kBZvs-1X<e;E+wm_312Y&y
z)}?Ol?fdCDkm$9PreF99dpn_(tn5TxL_mb2ae@`6#ASXHW^+U*w$g9s<g{^WqP~<R
z@siR%s%`hbe#k8TaSkHg7NCSC{+Y7%Z<#;HJ6@>b)G_OU=j8Hg@VW>Aa!SfC-~y^<
zbF2nRzk~~1DfZn?827z#)0LH|))ITrnV>!EP(T3+$hEc9{`pZ>ODX)`NV3Y&esFLZ
zUK&ap^TkMGL*0XJLr$mSP-qOZc16%oT{}DtDmg`WwPNKUo&#`xXSRY6du+7N6K!q^
z(NpK`ZJQO;T;ZbfC$w(rhHf2T*jQhGTV7pT<BWm{Ka@kU*(W4l*T%P|NK=r%XGl^a
zpLRIa1;hVTvbL^aX72V=JY<E<Y0KPmZ$?r7w=xz2C3j_TMliG)laL`y*mY$>q;#F=
zGKIse#$OYZ1*mEP7pZ3cYYJ&#Y21HVrnQQNg@QvM_ta<~<Nd~{xh&9xSbaY)OBj<f
zTogTKQ20X&SEpvXEu=h!yV?n=Ztkg7G}F-&EcRgCxMh;$ZoKb}7`4%g;`scgfqjVc
zgv^z$v(U<1U@Iczxa`+OKb*!z&EPb9##zE&=~$l#|9Y5bxQ%kDuKsf7l9$jB!$M!Y
z=P+puw&k!ozVMiMqT%H$p7Agtz=_4=CRn@sP^?qwR9UV@Ni7j_Ew@J1Rh83%G@<AB
z#Ac@_%%u@o((()uf%Jiex!C0g-w@`O!_7~V*xpFt2GI{0W-k<6WDo_8Uw{rs{;%6o
z?Qk2jZsr`N(#N(Bj@;n}h`&w1k+h|>)YUNeiArgKbY-?WwH+TG98X?t;QS*a+lJ2n
zb;Ou(HVhKKUBD6b5H)6fQBX)s;7RS2@x!Cd#wp6Ic>v@B@kl=(b@b_q$|C-0RVSjP
zwKld5F62eDh?!+`qEJdU3x0C{PoVG}W@Y0ItgHZX81X}DQ2r&#WB{ywXcL92VT5J)
zBg5d>JNA9#1WnX)9M*l@Rk)4rD)z*P@=jP$1%ZcW$LXaFppO))%I+{9!c?n)f#;TS
zy~E|NP53_q#H^W{vC@(D%$*-)qp`Qc`;JVwQ2p$fcu#E>ZWz52Dt027@Ggkl3eznH
zHWd@$ja)&4uEaHHMhCl7<J&v{n;9e=y|K-CSa?L8I;UtcM!n#|8p1?sNsy9A!MbKx
zGmko0t*r&&l$g3Ty{JAwiE>MHLsyfq>k%_SQ42{f)ri1I;4M0+vXUG3*?pNQ9>}99
zqUn!e9*gu}#H-;a1!OsHxF~M?iEBe5nhOMZ*SA6W{!~qJ8S=bc@c)c;__k9OEh;@G
zVNk^^#Q?yKc^(^mcv6Cka@V|`16-+}UBP7wD}Y`Flwr+2H<7I7XH_|9e0)S{))K6t
zeHrc!DnM6MYuOvIzzG*Lt$gg?h1MLKP*Wpl`x4x*s{7H`--xhWAo5eHdj;20PEMR2
z<k1r4*aq(I;r{Ey1&I@Dis3u%p2o%pY+=OEdWfLH@Jn**uf1Ctr&`{8dMvQxPU|mb
zHTaXY7xwRx@MO;+>6!`o7$6EC1Y((oP=6v?*0MR@R^Ct5uk<~faH4;GOwVC_;LjZ&
z>B}sa;YB-U&YQ)zb+#MW*@P@J;@cK4H?-I8IeVXC);;!4ovCBUKIPNQv>w>%3u%30
zG1|WIP-2_9wgeS&4G$)_%+76(2O`1I^e2Yj*6&yO^EO{@J+P$4Wo?8Aw)@ovvX*ye
z+G*3O(5vd3nN0knt5c0GZYClvlp6ezX@r3jYuyb;FZ2uqdwWVvo#ZqZdI<Jq3JWV3
zyOsrTx9($SV-+?tLOB@;-I*#kZF&;e+~Xgmaqk!!>WG^3L)!jEZ)j!@d2|5JQGq8>
zqfp188Q4$a6T#2c=6xo@yfSH^<j(75jFFRln`3H^7ObCUC3Lz<ahcN~jJ>Z`#$YdX
z{|g|P8c_P%oPwfXA}2ZbyG|gkg^sehanzMvU2A9mnk?R0Dc&LSp~OH}z6#!Pj5;i7
zo=8|g#Aw@SbBp)(?%{Ym5G>`$QkUEkZSk0=e`)}i-p;OukJ?0r2!vrnD=hNcW_Se+
z1o{jgmQZhCV*`#*4$&|IM}e>^;rj$O*}D;h!gM37EqloS7t^+?Uv4U9tfiScHXUHz
z-OkIa>lVI4^k5YSWlXPOE`vfghi9t$LznBW#(r`+mJ|ISTX-v;yZq{~u@<o=K)UUX
zA^s$j&&z^fa5pOpuy`1<ZfNWj%Ny<Yi-#~#MIy^<C9DRWG$WdTX1Zqvrc(XMy@ql-
z+V>WfcAP5}B<-AL;OzmB=BY<Q%N#lS$5R%UGj5h)hWcIGiLH;g0%nkxxcleJE;9*^
zDiHnBj-}OB-_|>*(&~iexkb$SMdTt%{-Qh)-B4kD(Zq|Tr3%83>`9=s02LMxGW;Ty
zHP2K~;ThH`(30f<O-jN{00*Z8w(l`l)pSty$f=7ABV8@McU?48T3Y3nl_Fb~O++>g
zDou^hc45(X+0Uj3_Q>GSEv_g@b7iV`x9xyi@k3MsdR}DYiWo*h?uLbbtoT8dO%(v$
zI@`~816wZfT+hxW=w-tXR{M|~YIN#=%_@&!8zQF92?AxMq|MA9U95)07<;Yn{KQOW
z*3{6>5-~wOGHRg?aabhE<-pxY;CDK1{1=}@V;zA0%60o?#_001$iX-OYMQ()aSPVZ
zvg0SU4WcL+=2)9;WR5q|n1w`WZzUjCexheI6M^mJMG*Tt(~LQv(FQ`S*@37bIjIAE
z(JB%TuId<57k+b!@OZos<4f<{lAzhPj)`&Dw^VI7eH6i#_nhodfqTv7yiAyK-Nz1v
za@`o}U3oegnd`z&Yi7iJ=^LI9@F~@=C6vCC1-LF)&mPi~%8aU@)SZ_;FtwAJ9_5-+
zNsgks#@oiJ=V6z0A10Z`Um|aH&snjNO)@aJ7L^WT=R+<I>nC9UtZv6f4UDWOVO@}H
zdEbAz7?il+?Y@0_;ON@=wW~{zNTTz5vp1qR9w8)!4j7IVnug7hT{cFzyybdTrfWG~
z{yEVT&L+jnG@?9eTIs;ZBWCQyqkD{LPPl#CNzo!&&tEPlyFgr<X%zvma3sr|03Q^F
zIJi2QDAuQ!&Eb~%$~ulVZ?x|idx%LmD}vjUq%$+?#<ilx^k~uB)UE#$mI+giz661z
z5x3Uy<DdSgQp|=3Q!`{95!Yh$O&0>!*}g+Z`uO@4jzy~=5MD%dSU|`nHWR1I3Uh&M
zQz@hP1<{KbE({b`%tLn(=fzRWmqUWESfbzA*?Oy%Erxk*Y@B!fg0(z^B?ZQ1ER*+-
zI;fg|AR(rf>s9@>l&4zS@v7w0mMcd_hJ=r>Ye}R=GZ+4y&}%;4jed5&FlviuWZ@FG
z-=S&@=9h5WLl$z(h6IT&gs%c56UQfI$SmA|1&p#Q|7BBFV6U4z585KFh-^$>O$uz2
z6SARH;jLX>(<S)TU6!+?vv*XREB(wKpPb_M(sY*;^;7c)K*2&-7x~1lqS(S3-tXwk
zgKC^hA?(-1l!DH}I3MxEz|^5>aePjSjFAyMwmT`yL)5(b*7%eE55MeFS<AB@$RN>%
z$@>8)>p$4zYUSkPGG!GFQPPX2s>UFZ(ElzaCo0JgUkpQh$sTV?N{}=2rawGrhon9s
z&CPCUPwn0z;5G&x7MCWb<Vd+Yg9o=;{H48isAH7Uko`d!9&VhnSnrbus$lHt00f2`
zC-i9QYHtnJNbWjoMGh>oxe|fg^FFe;PC1FAt!d!!Zn6QDRsG{+E=f4@whOANlZ$tJ
zc?Jc&;a_9uATEHB^0I3)y#XuX6fw_HNvTphgXp;y*tb$uP$U=3vg#{+HKKw|-2!6%
z&l~l0k)^7O@)wNgfc_SD;)&z1su#;7Usg!~#n}$9KfWdhH?Dvh6GU%Tve63-{*N6u
zE1OUIEp9zKCC-t{28{|)SL7n|_fPR6b5vpfvvycIM6F%E4>-Q+S85-{7rT2svhR%#
zSHy3rY0URRW$M=rbK{91OJ7MhM|`Syp^X7|AhJT9iERp=P>F|7jaUu5Ak5SZXUB+K
zf--y8xuV;>M$>z&l#qb5-T=(+ZA8G_`<9Um0aF8A--;p|Ra7+zVY;EKOWetVD;)B1
z@wixFnX_;60Smo+FN@__|4kp#PK<hfCxXqO9Zw5a>c_LLh}L@EPhoi8U{?;GLnXeI
zyJA-l%xKB!ryM+iL-a?wTU|4UwyeSNo*%#&kEYPF$qLAsOT&t3iQ&HtWTu&EHn6af
z+|G(vUMZY<U1p!du*b4#*g}qy#g5;ohxoUx%-m8c7q77*9G46(GSHAZ=Q4QAhPnY_
zc@@&(c$sPL)RWw2@5<HTVVd+PTi3<W55K`&lq~DlHYI`&u2>0}rFdFR#Q*glSSf*D
zZ~q<uVh$m!;C8SE7LX@^G?c1PtXSTIbA~zbb+vQ8Qs!Q-e*eU^gC`Zlo*QlN7F8Rf
z8GU2;dCjvN3HS+Z$1||^>ImBWW?vIJk;A|7$IV9PkJr6f^xKfnkX?&P_p7c~BcTFo
zOlcuwv{Pp2d6(OAf24EH_5Q{P=Ahd3<HoxvnqE%p+fvqc&bceUli-KVz4tvQdjACB
zAp7)twV5zp4S81&-+t!xZKP2->j#^qfN;6HO_|7It&6`VNrAjo4^F?;#E$y6y*Y%B
zo???kk$L7?I*HpqjL^N@8-q)|Tal&j)NjsvF)xi9&Ly}ZulUz*l$D#L-t2^@fK0sC
zi=U}iJoyaN2yjOD()f0bHOS_2y`g(!BpiBC#LOhomAWNaP0)EZj;ZX>P{uoK`+7YG
z!XuM(ARD|Ec<(Q~7hrHmppV;3u9tu7p1Q>?*Oj!Tdk!5$;Lwr#uy8a`Q<J3*-K~D|
z)&kwHNLe9~S#}L0Pj{cx9gH^3qy!d+-y>DjPq_q6;&)S6t3kKy{hh9Z(b*4-%hwf-
zeUzb1HoLS_%AvDGg{rQ8@tKL^h(^dC!)!@%7ff+JP}Q-`;j+?49ksZ6UC(^}GZkeq
zJh2+)bdA+RSn7HvmRcf9%!D<A=wLVz#5x={$Fj=OKmA?SPk!(j8M?swdK=v#!lC}C
z$h|4PbtYp6UEG9g+S8P!zFcBl)s-@|&O^#()(jdcx&!9Sj_|n?re?NR*-Y*l>x-;K
zC7eOyT5I>O?Zy2sR&0t2+hS<ahVsQH{yzaiflSc$qpmc!&ro<k?{W8s@33$BElE?Q
z98)j1*qR~Jx9gy<thp=}Y;!<wbY9Awu9mdoCTb3!x1gmiBr~q#;K0h^&t}zxoTPt^
zW-vu2fO+or5Ya<gVyQ$MW96s%(nHQA*kTjXrYM_kZ8JNQtbzwXD=u2fN`3ikUP`s1
zUV@CIB<!h1`-5~1F>%AJo}8v8QR0GDS3&-M3Z^bHX`XgoMMKalFFd_9-Ot2irHK;h
z>3wx(_h#==<t_m<mPz=ggv=~q?F-a|1m@Fpbpeuqx?V{e3!>B0@<X*H!fjDSRizPS
zU+(7Yg;7<r^0G@)G13N(IhmD{pCA>V@Rkvd;?lCeX<MVxqrruzKxvOuCao(#S9LS;
znkq8!A^ra8YvF%7QCHC;DDAKg`-=+b*$`O(+dfX2Q&$sK90K7zdS-NLo9+-bt}4%p
z$dFb3AKDzT`vK*J7b0+-CyLK4_biV0j(_TfRdox^>BH1G(@kE<DKsZdf1^I@-K!D!
zikLr{7+YfdVhR+BKHfb+!4ua)+wI^G-DT(O^b>V`&SBU=Y}<7X2^6aOT7B>DIrMsW
zU8ZyKTzFw^db}4h>ux6Gxi@!<?skR++<asu=|#83<j<AqO<v!;*M9M6>yd=f+Znhy
z^z>&Ew%$IyKOcYS+P)vt(#`Pq3%VWnLN#kTwN*<tj_DAJ*&ZQucR-4e069oN)w=K<
z_%D%6;SOF$L!+#3+RI)*;Ndft9`>J_c%`1W;qT8I{(~LF@79<2t=^I5F8i+wXs9Mt
z00H0n%S?71r=X)DWhE^9e_SnKbKlTK<{P>h1?4q4B{c#q=wRRS2rVmX>neAlnwdBS
zH7zMMJq|6;kUfOJ-zkl^$zM<F1%IRGmVRe+ega+rjNho=I}_h*-zks$dn*8b6E}-6
zezAb#q0s8@bW}*7(8Aa8|2|5w$--Q!H#)i*J>}RmEj?q`{tH&9((#MvFS*X4k2Fc0
zoT)L(rxtN9>LXk5oR7Merh%<#KyfnUGJyb#jLq%mFWx&}M;nw(ZMd(%%I~1>-!D4{
zxo%(Rz9!Gtx0Uy~aXZPOzhM7&u3w3eUlUP9zElHVTqhO0IKQm_^MuQpjEt<iwzmxL
z?@Y@8Pv{0Nfxo)cp~{^P&dm$+%LD5z379Sz<mOhE1%<v@I_P=ZCXQ|iHpL)*z$(nA
zW9Y)Sey?jPPp+ybm-q&4l@TFVkSS&v^$cwLK1)bSBu3Koz-y-MVICvqiLkD`5<W@@
zUJ^J*t>M+}ZBr|UFep$mbI+lMHd-?ycmK<5nIBMZ>T3SKHcaa(qf=UBF<Q|;F6?L-
zS-XQYcV~w$SkAeb5P<iFX&L%Wt&ztmE~d*SU3F~S!ctDC+1{uWi;7L3Ho#Nlxqjq^
zN-NALN35?TNFOEUY38{QZQ1`_D+5ehOp+2Ku)a*=I+B&5SbAzV*^81M=TPOiTi*44
z(=Cil702@To5LSJIUnJw9;V|pT5rU%wcNLUPk7>d9sUMRTMJhmhbv0#je5t3X&f9F
zwNl_u+3NgFEu!fWY$qvh>&Y2|3(TRxkdWwn?F-tdde`UvVew4AcWjy&wq0Wzsn;kl
zzp)f`9&mzR8&~~P(**2LM$_q`2?XeW+?0{AfkdE>ulKB`F7Zi7F>P<+RSeL>-w<wl
z?yVT{cIFt+jw_@T)$h%SqUiCpQ}VjY)8q3ruA4IU_6-6Pqu~wP$OKU84%4$ZW>!u#
zRoy4Lo2GeO7$h^HG}qu|?s#Vs)>}y6(Ue)-4tOM5m^^rsjE#TuZCsL1w^5|0XdUkF
z{wV`~_Ki7Tlogx5cT%uQ8b|Q5ncz|=!=A$aFZq#QoESTv)yu^$j30aLM=q4gZIRBf
zD@yX=F^dzGVUiAf-l`x#5&gSeiWxN%2PER)%$?sct#})o03drSR=9b%T1+(#K>HX2
z+8!b01-+E8#63#sDqxnc)9)7-Dk~_Q;qd`P{>BOy`?UCNF0iU*cWuQHUUpn-?*nyh
z9kVJ<RI^GD%?{Z5CN?rVNtl1;Tlg2BcJ-aABO294>X5uf#*XRZ+$}FT^oHKeh)_;S
zIW07Ge2RYI^)RnWRI8_h%Y$hT{`k7`w9b14z8U>}=pYzcaBV)P#0CaL+MaO(7Z)4?
z<UTP*<}87Qjf=-3j)Rl2A$^c3n8PqmEW>;(iBAz?UIv&$T|fVfMZ?Jot0K(nd<Mx)
zzshsB{ac@hP|J#{hm$Ggxnvr#uASv&lrWRPVc(ZrRhFE4!W8_^&;Sp3SIf6U-3Hsg
z8(8@Uros?nfEbfkeZO0HRxMs7?I=PMRFL?Z4A7iqT1FjqS;1rIRzlYs2XS15;6`)d
zKgtW5i?L%zY!9_A2^$?Tb-iPleJW`?XTtzf?sYZKGQy1m=SZ7_kHwmFN=RrWDX$aF
zu}+s};UzmT*nV#-&QzXQFT;q{0?L+>ly;xS=)5r58vYaF6IuGiOepEr*gfy!Z2E!q
zwiKSe8by6)uY}bo116Nt`iM+JUyE$&)(uX_=ESlff^E36Vh@3_+#KPKd6&AOhfS*Y
z&P?f_&k6Xxm{On2ZNf(iUOT}vvROlYTd1yTYEiP;hm!kB7gLvR^9>QuVF4L|;G7Y!
zC{a_<qq)jp3>vt>f!{VR%V&(O4EcW*V<;jPw;Bfkf{<a6ZL1rK4CP=Bxme_I0Xa>K
zYAF82OYm%vx+rWNw+x&@s@Jd}sE=#HAv?Rvr1aC4uk#x_6OcB%Oqm!+!u|y#HQJI?
zKCkKz=?Re>n%j9j51=EL*Yy<O@(%9-sIJsd=JdW{p2lR{J5~IzOK&bI$Wf0=2S!FQ
zJvlJCskZX#tijqOA{)8m+aEtQ<Z@9`<NjERVw{#!@<c|Gm$qdkba0IWMLO=;AtmdM
zIHhW@N}1LbrFj-8{`^tL`l%6FOl0h=Ub$t)=TS2?1wU4COWWFloP$FMaRgd~bu`ea
z&$**mFc`VIgMnEG1OJ)lrA+OIG7)x1zmRbSX&oyDsT{NJj@VqtriP+d(+%#&6LRS}
z{GB0RBaJ|#3y?L+%dUeh;f1b%^bnsfF#wMCLda;0-2ppY^kS2Y6A!R{@>Dl47t??)
zWbrm~)<?OEc#{4$#uL4n+Ofm({kDT!aC6I}DMvccGM>5T(HMcCPH}A@)PVPb#yal4
zDzz)gC(C={C6|Zm1Se;Byd-4zfwAK5{bjTxr0NTwOtbUVb&Bfsc1V?=6dnmpa{`J;
z2Q3u=8B1}-*H}~Lpdo>uGaSu^I+~HA?TxAZd&*3!Jn12ocem&Oyn!T}!R4W(yfw7u
z3L!!<k-`p$<(o_h>!$=^>8$*{DO1wgh$O|W1PfRMVc~V`@4M#XwsKzG;9_+6mp@<*
zR|SG$-_lxatO}xE!U?KnMc#Eu6Fz=@0N;;*%!i@wF+>Co5sgzUIHs%wMjq3?u(cJK
zo6d`l3j0T7Oi2#!>hKpP=OPMfP`e5m?NNP}i^pgK7?LWC3;VAE%e0sXu`~#NBdw|Y
zr?g+v(*4*t7e(E*xmPJTiUon3m99B+q@2FQicPdL3GXyHi%o7`(flLJ-^9RhZqlNv
zJ>@KZpp{9Ngph~=+iN%6M|reL5{laF_j6c_jiVvciH`D}cf-Of1ZL{{1^5L*V$NMs
zFri^nb<08d`5&q0pXHcQZYit*z%?NRG?yEt#TE%E!xjxpVy~;!I9rF1%aw1h7JsO%
z=nH5oK)1}4{ti0d8hy(mB!O8ju@U*mY+CC6B5J@+EQ2|$s7)oDook!CdFkJy4O1Im
zRw##L>-_PmVGkz-R%`C!(5)%;caHcOxFfIBF)QoDtj_$LWI?>CgtMtCGpH%b)Ps5q
zpeRs<k!Fd$OV{It4D=jrX)UkL%&T^ZAfI`A#SOKbe{;pQygKZCHZS&+8GHIbE49Wc
zOJ5hO#)ylayoKAKs=!SCAH%Oy)ofs9537|cZ^`9(YEJR{-x(T0e0$ViOryV&scjcH
zZ<!M}^Nq!A7C~9iaMNk;@=I%CSG@Go8Ly0OO#Y$id<1jBe;11l9p1pJy07aSH3O4_
zX%C?AD#DxkdGpZJhsT5wXUepfT@TG&Fri!D<6Ng-=6btkHcYkV891DO<VHT95@6@m
z`~m`FX}5XL#N=Gr`G!@Mqb5M(!-uUOVsiIoJt&<?Db=mK$Br%tOt~ZGzUH$gGhFVJ
zu5M04ukBk6qI%Zd_&#^BTpKG-EGP#xu2}%N%8IG(*xmqn9M6z)iRj%$v6`PV6TsMm
z67rB8pSYH2LMsOH>En*qY*R*QJ{=zWBj9Q24<25ZyXsnO*dLX7W-3oi`3d&1u<n4&
zN|GxdH46eQAtZMR`Ada(tl-p0W?P?Bit}s%2!xancl%c`gqWD15w!Zskk=4xMc8q1
zZ?x&9PBrN6+~J52A!^>&O<#3kUuO(T74KiLQOhQK*Lx9>nNTny)uWKe3XM|Ri5qPk
zT>JQ5p?gcbx}|G+B>Z2D1DQA}Ar&xie@E7avb7wFt;->{^Z4>u$qDE&$$7d0#_X^}
zAjp6u0c>Oew=zUoSz8|QN-;8!GHk19(tk_HV%NX!v`YNI@06G*X{mQBdij^O?xkIh
zowi57F)_`E_oY_VvyW;*339#c1M13zRoO(tBBu;Zj53N|j2#zp_b&GWo`X03PG5o%
zOAR<{Kf8`BamST9$h8rwMN5<1^<PO7I>1mCk#7zSEcwH+qoi%C22wDsDNmBxv1@B@
zhEG)h{-9|Poc|`L&b=r_-t2PEEeeuuU|N8FwC|&32pCWCAP9QfJK3FD2q1va_caL<
zW2fIg+mCt<w$Ctg(JzFfCsEVvFq7ytmylFt=44bzLZ|`#MZqo}(IIeuLS~onKQ26G
zlW-3{g4R~d#h$Dv9SV_~(YZpD-NgU#%*V&2=ke$=ey0C?P9me=zyg!Mdv=CMV7k!H
zwEx^JJi?l|%RU{G1s2^CcLEQlhPcET*DtUf*~h&+7@f5ix!hxOOsubZRkwn~L^{OM
z8Ir$Ow4aXsM&OWvm_g@5rU?{^nYrsgEzoY87zgwT1M}vm)$o}mT>bOL>taR7VxNu&
z4woCfAqc2C4q@M7Yv8GlztH))*O`vQQWwe?KiH}3It$Iivi;Huq^leu5AP;S&y!y{
zJZV5)0qr-oZViE(ha0L7d!$UWpQC3Ixf=NG!(HFRH&6Se5_EyM+O5zgZ`aK|{O^5L
zXjj7t&ec=W{bO$oG`zE^$YTRR?qBn99&lo*NbBz_pz-_Ms;gqgzfgOuGAxHTq}opQ
zVnS2d3HbbZB*zYAjd2QvNO*cM1ONedna;_J#oK)w1NgwV(RS#lz8nn+{d{l}VPI-2
zakkO`;s=xhAD8C~w+*?o_00|9;KoFB+{w?BCsv?tyv>{Q=JmD<Oq}Xcl#&?esxvG@
zA+8%Yr_KLB{25!Au<d%zXHzp=kmy16%kk$`8uu;`+HBKU713G)?_szlZEQ+<7l={U
zl`y^aOBI#0wIBbNRFnWqpyNEWO%gQJjef<Mae(WXnN`KXlT8CHVO31B2W!UXi-^jt
zhr(pY&|0^vvBH)|#5;?zqou+!6r_);JK3*~uIix)vF$19;>cnai$`AV9@g=og_Zsu
zpOikV!!MO3bfBJK;U>_{I{_(0KF-y7<H$DhC<;4-9c$0POjO~sH>LF_v9{2A+V4he
zj0d*&p9U@OU8w7c8^-t;V()JXV*g2U<g}c*ebFxvD;;cgjddqxvOu%v8UtH>iLF&M
z_RlG|YbBda`pvxJ2W&P|)6KAnLK<!yB~&3rO;LB3v4{h)={ttzgy<oh&1{`h!t>*<
zH9%JVUs77~Onq)|>6+xaRwhBeWP+B|f-wotkmO~?nA2@jwJE9dfyXr8FHj6RgTuoT
z13Slv3CQlM7*_lqJKI#kc#P-W8`TS~wacHarVbZda*WN+M;2bNnBcUpiX$0mgDhb9
zG8}j52t;#ZJTT9q&sq4)4K`Oge}`r%gCZ&v1@WXAU~2!=uScim<I?i#iDg1k274Pr
za_)IiqJysHj0){+hWi8A>i_#L@<m+;^-u~uF2&i6t`eL8zHci^n|v{c&dB%xR<kjg
zBEW1D{%0#gOR*SBXJq_y%Lm0$3*S5Erbh>Hj$NNWsA{+=60x?&xuFjY-Iae<)%%8P
zgX;nmrh`;&^W1U$KEsiH9Lj@DSnbs9P5?XX)JK5S4)rxufu5P>OqCCAGL=oc)ga)t
zaCW3Og)2KJq2>ToD^#4_W#QUZX-`$~_eyVK`;s@CC?@BDvWVa_!WKNfmy0VB$l3>u
z7)?dnLemc_$bsgAkKAMQMH))ZqU~Z|{kV2o$nP8Ap%b(qPk<<u<l6&pRDnV{jEB5T
zC3FHIm3oPXyg-p6&bKjI6RB52?bR_|vHVZDA~=|2F$%J7O`);{$ZS~>9v;PPS*tmX
zRNwq&K-BVUuSw1s<~<J{RWeSoVlWVJf+h(OpUM*I#QDd^-cRvyy(<|O0bxeLfnza1
zTxgFs>&mp=sck24;2sTB7`a%m&tKbzLm9{4S6H#BxHqC@glPKYy(C}0T%K~ozO}W$
z(Khl#9@7@hWlrZdNU2n&9pyDGAVG5dy@Yf2W?onYEjOD(MBbPt*d&?7HL78iAa<;M
zhSQfmCuk5t5dVR}1(6u=W%9H60(&d2P?1`qQ$KoR2@GQBm+kT}+Vr?Z3~c|cC7DV&
zCL^5ZaEM~CW^qwrd%|*`Kn<2x!2PQgkCgObU$lOVSDw_=EG&IlPYfHg=lDBRyK!-B
z`v&R$!d+QSnTe%NpHzl(f0qojc$L`eV>`9+?;jew-o*hirTJ-`eEQFsM(iU{duP7s
ztGNDn+@>NQjX>h3t)ZJ{q+jN#cCUVzi5s#b@W0J796_2iv8JHD@19dE5?KlAmtG>Y
zh_0+Dlq0WHIJnps*)`$neHIQb#^xzjrc-uBR}aB!Rw&KYcTBIApfpR0JQjjXTZGnE
z?-y6+TT1h@=6Tq|H*1P$2!o`oFqMx%53xMJoZkVQ>?B|Z2Oqd>oM&D>iZE##p~{r4
zg51ydlI3G1i%V{|MgCS5tSVK=SF0YF8x71JV{ApEFS4^H=B9_$#v>f7MJV(j+Z_Ks
zmZ|5>@y`jSHhQ16AHjW}I4u+TpHNyxznJq!XNroKPme$S%*uVa9KNfQC*ytXF{S`*
z7QF4Q_X_M6R4&~x8K4fKY(Et<lhY+XhEPi_FPl;5yAk0_=Fjznx#!8kzvvE|r;=la
z$LizkIMo;^o^Sm2<Yrbr_^LzQ1NJ#KzR4YkZfDQmd287RD;OqT7`!1Mei0G#E??kV
zmYQlRAkvsF_vf>8Z#eI-wM|m5m_6`W2v&!yY9#r2sU*|Mc-`wE)32I7XX?|ba|g<3
ztv7p@0tn@c%7DMOPAi&!`?WYPRmOa6R7AE4P(YTnImxHbkW?5$4<RYnzq)Lmb`9)e
z?2LbGz{c}8_r2lmJ7vh<2@#2G6e5}Z9FRl;RsT0J7qg!}HDKPEun}$Tl$_CT491HG
zguV^GigLki;ONSat6I=ZkPnW4l8`Wa)sD<&c_J<}jyNE;ORJkxU<L-Xf3n0!;r69L
z7Udte52avDYSYhaIN(B+QjZFk^`eFiB(p^1c%Xb#LHi4Z8Z^{1$>dD~R@+~l9v!jr
z^NF(f31vqnkG1AZg-%B?8Uyiv^LE4pr(<J0)$q{Z0!R(Qf3fT2H1}vOBOgS$>hsAk
z=Bw*X0fLL4ur|Fu+nm>O56mXp@m$jD>LRtf{-y^-feCukikss>>RUBsNcq^daY8zM
ze>qQMpT)64ZpgIOF#@Y^g6wO;%ZAP^2iJaCG<2GRs@ru1Ca$SiMi?=6-XuA*hW<$G
zXPAfoRBcN4Iu(B(qywRSrZdFM5LD<QB!USJ<7rj!#q}(VTvXxd<D$ty2h~qzu+s@>
z-~u&|f*rmv{6Y0+vutQ>I%TgJUeU<b(8_3FX~XrVnW^tZlCq+;fR@M%Z&0ScN_w=)
zaxb70Uv6F19f*977jIE@DI?e}`Z#B75?PxiE3|S{1-MY)su%yY4=hiY8UL}es#vCx
zy-`qS7u*m}J6zg=rKv=$w^QipkqdxOEpb)fp8G#keN{kP+tzL<?(SMB?oM!u6)%MX
zh2ZY)F2$vIaVu8bg1fuBJH_4QX3II}zYn~Tm6c?yIp_Fn_|a8z)JvL=b4a!xjo8vb
zKos8Q-l=FffS8Zy-7yQpT7ij|RYWH)kd@BGxEAHiE*lf-hwbS!XMO(|I5Id#fgz+l
zbN}i}WAzK0P@|ar8wYBhR-|IN3TNBs<0H#U1bj=jGTk2%&4O(2l({hGCR*^KTKM{i
zb%uZE`y_C}C!HU;C*x_^2DYxr(D|vpC;^(^W%D;f#KXZM$?5C}^b!C)G$m=R@Iu}&
zG{^UX6^XY~g%XA8RdtMpP1K2w<lm;btGbZ`B_~0isw0o!$lf(9lySZv@mZ01lY~>t
zeX-=nlPU=V83$erWI=k4K>VBGj@0)(eHbUxO%g_6sLyxKwc5kEER2!UF7Hun1}2YL
z9S4_FE3c7G`O>L&bO?z(pGqU=>@Jp6Xp(SkrP3Oys7G%kf~BW;8Y8Vtqi8cd_!^AQ
zhj?6{N7$MP#t+-VGZNnippM(W2gif&KaUYUPPNm(@AA+m%U3mHKw=Il6c<6JPUi57
zeedY&D`IC?dU0*#s+alzMKMSpwP-_APzfXQ>IjI5<2Zg9G{4f|HTjHKGh(V)+B?`~
z+txzswyGG_j{_>_?2x6WEuDBx9iD%38w<&i9G5%v&!^{^b}y=3P4$W5_GK+k^Rz*W
zimS5C=@WA8uS*Tn{48%IO?c80ysGaUpbu{P&6jRdPzgm*j<uIBr)SbXY*y2f;E#nd
zpEX`)+JMa3IxSd!U})?5*W89{)*XsB{v{M0i8MmQMMFTXQLv%YDP0q|UPBG31u{D2
z(+5hkHnOgg_n{q|92e)N7Y}!=^Xlzj&`u*hYj@hP?y)p;OJh00`5f35ySHBV=|lwC
zHX{%rly#3GfX?S?-}PkM&WADpVjvFtyDnJMCBnglr>1D+5|`;6(-fv70hbtnpS|OA
z=|jD!WH17D+=UU1nUvQzsP>n){fm7l@Mrx@kf2`ud|qOFPHU1@mW>l5|F(T=6Q24a
zH=^h<dvO-fdGGlzVDYTs%u1`@V!qXkm$<4*8cv5&o82!%6MVl^Ehvqk-O3t{(XS<r
zKNo?UCwgH~)9!t9^%{qaqVp37(yZjAW%71mOeU7Pe)AtE#uvilP7%M@xZ4j6BxQ?|
zJB|Ou)Me{A!fP(M;06YNFX6qFDy+I`?mLJUosXAGe;)NDSax$*TTbPqvB9~q%?1%|
z6x1V1f!FSvHTCxJq}I1^I?I!OamPTjsb@uBR88}FK5cCs_cV@+^zB-ZXmQT+WeNv)
zFF+TV9@<qq=lWK|+ln(!X%#|gltuM)Q3hnRIwR%1OtM$?^{$d4ud)Iy9WqF{S*=mk
z_3yvqGUo{ZX4c#MX6rz=bIA=y1tD$UQBR|j2)^+v3suP~tzwf@&{VR#+oDMpyt$CG
zgw7Ved`IJ7Ob2COMkF970GEUxddnu!-vejsYg-zn<e=K0R6Rx`7zHvvOrfS82xv&h
z1l$(zR{}55k{y;X{-GHtA+#l=0U?)~spJRtY%QU&mO`@Uc$zyMWefVHAjblYOj1J|
z@nE{56e7axoHqa9ITyS(oj$pc3RXpwshOEiDsr?ca%rJ{QdOg(rUK44H%@m76!Qqj
zO!Dmf&9{BGPg=uH=;L`4c4nqNsgsM&7?NPTLNi<Q+~S<D;(X>F+h|^)IXQ7}p(y6n
z(i8f1eo0uB?mR07n1tnFCvd&;`i#Wg1Pr{zrdE4k6Niw5qc`bjne|Bd>HBw4uF&ka
zZlda*0?tuoD3Pr84aIboHG-1TazZx>%#qAil%WhJG<_P&iN21{&@{ntX6Dv8mTmzT
zon#*HaFd}H1tIVUghYl)ZQVT!F!15f1=1n9HYH2n44k|O7ay6ZQ&Lpt>!;=>6(X~s
zo5(KcV05r{mLt)kt30!z^i1tj!@i@68o4?rjqSl55)%`qXo*pUlN^__vDb$q0Z<*M
zspQK}+E!egOi(Y}Z#a1Pqd_=}pr5(TWr=f1WHf#K2Y*iW^bOOBC+S`85=%#;Yntr+
zij-@BpuqfcRBl7!e<-nk*yWQmF&xPrUVMsh+qTzRk6gO!NwW!ruC(R0mnJDUL*0OL
zuSSYcTaqIMO2|`t=Oux;Y1f{bJiL|(nV+D0vM~zux*I~U&CoLJkv#5-m?W`bYypZ$
z1o4jFoZMa8`2=JGS56=9-gRiLN32(sx!u<om?se1H1XZ*Y>tg$jG#KZe-Rj4?peQW
zyU;#MyYGA4(mK0Zt{}zIZSj4##S3{A`(4T-jumt5g)gY1fau?8Vf2s?pW2u1I4gM+
zHm>^U0TC=^Jxlk1!zs`dXSEqw>Whwuy|d--z?A?by!wRaK!}z4FWwPCl>YUHqYKi0
z>i>|dT%ue&8{+t&gUwwuOC<64zd*)MnLR<pLkjqxTK;@oRoyV~xOXcu^wxPRPK)#|
zm*Vm+S1k|IO%ew(Gq>mgGEFB+6Oy=WkxwKh`q$;d|D9>(o0)Jum%p{W7gQXEm^61A
z^qrQyJ#W*N>Njuk=zysd&AF$*3QtUm_XHEKJtIT7KXWX3b$+>&jUa=m)*!i5UDs%(
zUM^PkkBf8%;~!7z-VHwWSkx5*_>W;|H(OGhABvL0V%ns9))_?HzSPna{5i`nso6e4
zyqsk>H#ax5aZD@w&R&2IzHbeE=kOgX3Zd&2jtYX6Gs3>I$Ufk$dQ(|3N^l8WUAs6<
zOin6FYZ0%mdY4)aLrUYekm~P`Z}giQv8)DeC7d<4rX(VIk0U)Q(hmKTo;rpyW8ygE
z7TZHU=5GRH12cR`n5^j16LQo_lo_}welISs8oq4+P}eae6X2hUxVB2HUE%H6>T~Q&
zvH}O0oa7bgQr1jOJ=0pDsVfi$TwEcfs5tXw+!q!@Ps_AcZ`g{^<1?F@)>hAk(`874
zB+~cv))Q;6>n(<x<P6=SyJcgMGF39;kF&Gty4ENVeTx_WjX&t(@M?1gDZ#?O_>$`y
zbXo(+Ye0)}Y{-yB^^+>&_d<t&%|;HmwpuoxLzClco1EUX9(X$dx`MPyp%+VGejAy6
z8rGX+q0RWLSJb%}eo>*QkQZ|sRRySQHLsU7t13p7^MEf8UeW8WUuug@?P|C>JBDz5
zeRW$}TkRd4^J{Cemf*`_LXyrs7s)7@uGz0R^vWUx{CR(V18$sE3#$yXi=(HSsFphS
zJ6s+ES6W{#?(X_m*WL;B%U!b^zmLs5Q4;;9?o85_=bGF=;}SVvs1V)-NOkww@t9sS
z4HB+pvpv#GqUYK1&QRss1c`U?D0PGGH@feD=JsLW0;KZql31R+7|@)of@Lj(XRGh@
zOmiYA$bFkk@77mt11rFFC^^LpP~KF`rGl;YwLB8*hm=uy%YJc?<PQx(!t4^mj@cjs
zFzmvy<wkWHG>u6g!J?bWLL&^_0aH}(PzOLr+^~zxsHP0dZP#xp@>4p=v3+%QPsc)f
z=sg3DAH=0>s;@(EaHMZ$^ifq7T2`;I9f_P*I-SIdjhmzArb}B2oCxu)ZSRo{j(~~$
z#!N9K@X$C^GW=8Kspf9cij*3n@{8$d`X2e<B&sU&vnzI>@Ttf)4Grb>KmxX3u*eTW
z`!ghR10%zj4nD#pOf&QS@#>S79=D^)!v|dG1)ApYcwG<DHuO9Bnc$HZ)~pm~n0VUz
zeHQVQmq%geaQsl{2={PGR8L|ZT5`JoqzKWR5lI_zmgA37BoCwacXmQqM2T7_khb|7
z1DH^GFZmb(i0i2aD~KgvW&|8@en~lQ_c3E#Y5gEQo{satEgN?Zb^FoR)AeBycDD2s
ziq4!>>HSupb8e<lO=a1Ja~fx&Sw>x<xn{3{7LKNiu>3&gxT&o-0R3os<u{>pm5|)w
zHeFY@ZS2>%V9?*I$6vpHoCt?9dvHoQy?TVHdtl{|q#?FV0gr>oL?&xH+k2jxpDA@h
zXo&DA&O3&swjCJ(HfnIyeD+&>H08W>6=xsjx>4?q!p!{ETG-?vf~lOX6KnKsBV)D*
z6;s7c?3BTd&*ZV0Quph0Mol+_ef)|$ytUKwUu6A?-&ggv3JRV@Mh^@16-o_8qjj-X
zr{}L>MWSlUR2-OOmq6KK3)$?TUks5ova_VuqW&uP{4o~ngff;%mE#k7SlC9elu`IQ
zFJkWS14`}9Co^56DrWpubj1t0=IG5=#d6@`CPrM(Cpn%+T@Q}BVwh~c1?=PnwLJ^Y
zs&n@dQ6**<Q~5!2Qlpl3l6uF!gc;TetfP()+M7n~WQFk=nu_Ht>rS!p@Z0a+a17*z
zW}Xq;z#>y(yUAHv%1aKsO!aRn-Fs%RE@R~qu>9LM4S&+i1p2!ll^Ik%0{>ujcJ$EY
zE7@#$v&PJpS<7bjOmJ3p+-2fetMCyLV<$}XJU^qv$79ROkCEu4mc@Yk&kVQ^XFWjH
z^7g1roud@e*CQDRprx(F)hjbCcWnDBtb!&F(4Ykca3)Mi<QakX4T0aY<f01Iz`#5?
zbBUl<@c`Rx7l~|cpRM)h$Zz?b@1u*dijZpX*>kVWsJqg4l8y%DZ0I>6pvy6r@AJmv
znS?f40(dK69c~*CAFK@_ThTuo*JVF7S)_r_SORfAa*H{xF0^Bpqd;hzUd&A$ma4^#
zR+c-ze_k2YSH^c;AeN=zJ|py@2{Ra))U0gF-EoM_IOG%$rqBt>*7itrcYb+nKgZHU
zYA}*W4Ci1Ny_4z~3ij@KlHVt_l9(5<-5$4<H3l0aQ~sOR!saZONV{Gf2NGeHb{_ZJ
z`>Yn<)Cor3HqARqlSf+in=#RD<YuE)$89M!?9}d(Fbk}A>2_hCXy?{Le{SX2CY6NV
zICq@Lz#}_<`^mRrB3Uek1EZ$7RatkJlP?UPXP7B(LkCrabk)NN-ep@FX(eNC2g_QD
z!+uK{TtRWzyhfxN62LcaFbzzccQ#_+4j3Tz7$(0OWL3PN5KcK5#=n1FrAinjp%~%b
zEG?0f^hAZCDd38<nk3ow?@z?}O$BWqVdF(;J*l8_{q=)^-57!EnO^1x<7uI`08N-W
z+3ytLUh6WGG>V%xMNvsr%sM)m4b4DE3ltmu`Zd)s{k&PV`}7lGy$v-7kW*Gm9IlTB
zPgSwPZgv*o>MF+U>^PrAAaQEU9j&0mj_drF>BnG)95{S$R*%QNMjMBOfk+cH9HhD6
zLj>d~0~5K2j7jhkZue7`S6EpI^4jZ~MrykFI+x#E4it+;YmB-Z3aPia>W=9o8(Yl(
z&JadjH0n3wTlO_S=1-Io>~GWG|9Pod0oqC%-Qd__<8&`9@qey?J6sejJzo8(Z2zf_
zeax7cbBps!W$jJ2x#ZOxI4@*bt-_wb+GB4oVH_E7owU|N#T4Em;B)YYFE%w*;v)zv
z=4}0aS>^Y{KQeI3L~dSJ95ya{Zue{XbZ1b~bs6rLOkt*oh&__))I9a1vG^{74f~y|
zTZ%dZ2sb^Ohn!^Ye`3FI_9FjD235Jw41u)a`fTnNr|isp=?LMa(GM*g+4xTTSCSA!
zyWG`5<n2vUbL%?c5pC}~G4JR{<T_Q9VlKhdhq)&R2=v?5U7ZZ<J~Zi^RsF-m#I~&H
zk&3=y(-|JB5s;PMY`T_B?o~*MWwlA%FNK=@#Byfsy8mG<!fbj^@dih0IO5uA4%73F
z=oD@5z;o5qU1<j%B8{6`Tu2yB2|PYIt*mPtoV#Tq68pt6bb2nk+-ZS7x#{o5_kc}u
zFeal79lozB?=pkwzKAZat!=gP;;za2-J}Z5R7fcp4>l;DAB5WS$Lg$4ygzQMjT8-$
z2nUHecfeI@*<s&1no#qHhQ`Nl=7`k0U*(y6g=kTyg?d4V4*jBcBw!o=nQQs?e>X;d
z9jpe)lLzenKwq~_Q1aJj&SnUicpM>s`NLx0#KADIIl??E6=|E+Tb*ouaD5W$DAhul
z-=kUu94#`j6K4t~?GEGb>`_>ysC_)Ou*D5ezoJxgCPlS10*xJs03Nbk_K0o$Zrg^n
zN&-KoImY_Fh`fgq7Nk4g{iXpB<E{R-wwBMm`>r5Kk&7EYyTVk=;{|591bd}*Lsnw(
zpx!1%(3<Si_y`AQ>(`&=-eOLY=)LGdll5r1o(|D%dtNAt={xpUlyYT_2V_7=rw4$5
z7N-RK&+Pq+pxsS|(y;^OHQr%WQ&^h9wjLqy(L*B7S;))|Xs@9dz7?4mWmd5JU?JH^
z6<r0_Sg9kQVGTT!)}6u$=29Bgc_o@Q6XSz3A)C3I+5GJo{0K`ZM+$r3bML4~1YgY}
z`e3Y-o<}6c9Z}y6Je|K*$-oJgcB4c-(z;F--noV^j~r$ClHzs;?}+)=kKU7>CRx*>
z7}ULP-fWkj^fx{OH_gpAI%UO4GpClIz@i+NAwIu=qp~gjD@Zfj_TgvigJ!z3HlgMO
ziBwvIKd-j7H;B(Wt`L_BFkqV2utnN8a4F1cHP+(exuZP>eB>-q%X_sj<06s}t*enW
z_uvpx8J0(J#>TY@*=_~h{`fmV4ANEX#3<y&DJMJNV^bNXudGzDb9Yd)#dUu7*2`KJ
zvk^2;-PQ`y&IHx&CcL^6$z^W-Asz}yO?H8^WD~x8Pwzdv-gq({0SOYiDs1E+7I1a_
zjmHJJR+rjz-K8hG;VGWP=d-kmD#^nQ7OwxJo5;SF9(4nxN?%#6;^5g;v><hOAd^IA
z)ibgQED7XxS(`u5T-#3+x-<}axbFd4t*lgXbNBHICUMtwtR2$fTaQ*%R(Hy;C&*zI
zAODubOLJs@-Z6}nKR&ms>g?#tx{PI(*yW#W<N2wfK|a>0IsSw3yEqfq-WCBte~%gG
zzBOv4gI)LP8Y;Y&_(=Iqoa1uL#DK@z9Kl(L;fA;iq}v61*jGDHQ1V3S(V8ypp=023
zg6z1v&ddb>b;|hXVb*Z=QF3i_f)<(j&JA#uj*eCt+7RG!V<``bN1X<7<~5zxxYg@S
zMkyw}@1lpj7Nw;DpR_kaAQoaYSLi-RnRPumZ&H<XJ!Dq&HW`SIWGZ(TxLAbGvb!;d
zLoaW17!wXne<pbzMYTVd7Y8o|mfYgItwk1A)DwkpvOuJa(?4-W3i%a#3JUCd=ij|t
z*}f_+_c`Ix#-vX2l^Im+qDhZ}QWo}64>OEUwGQ=sU-=h-=Jy&I)NI8`(2%xN=I=i8
zAq0_^THt7SL_x8tvLQgeTml2=R0(O9n9sFU;hU{&PP0`9Vh3+A-4xqer95r8`qXkp
zPK$kq!Jg|@B}VEr;`DZ(@&rY}6#&sPK|OEll-^!k7b7GXOqi(D)iQ-7{A3N?b&m&j
z7)Xr&=qxo}Qqp4FAo{$wamY2D`stopbz@!M&?VB7Ebe&NfU##O6LVEdO8}@CPOpg)
z)w|HF53gQBQ&Zp2l{^aJ{COK)O<hf6ec>-`);keStjx$&*Pp`d$C)+xn5U&@Nb89L
zUcK=Ey3z6Q*YyXo)01KMct0yw{Kd9(?-Z0e07W(HvY{?DAUkRJ$KdQb)B3I`GbIwy
ztxNs4$4Af{&yNzW(A?nG6XqRR)W5nXdr=j8;Xi-=7@3&F#m0(R$nrxX??%wMrY3|#
z>?&p5#n9-B>36=)s>CKMezV3VW>mr1Gy3r(LDa$p5!>>K;`c!@D=k%h=tVE^a42nI
z1%HCXN?9va++d0`Zd&fAMl2+M%fU9~GJqk;1qMwmguci^Pis_50=ySIprl0e{=NT5
zmqQXb@qb4wbU7SJiPzVqFRVHFhVmA}e5oQsE%!W__Zj$SarnMbGpU{H4-{87?l2NY
z)x|Ke<an{<bo5K2SEJUU42ei}n$Guy6vC_yQ55g8-7lJ?uDraX;3O_~T|$&lw}4`K
zKoCpl*02^a6jv(myf-9z;$^fc*RJ91>;n?(evvRp_b<wx7osnxLiii3xZKyXv=2J%
zwBNCaJ%jfzyZOp<r}|v3TFtD+1D>RC55%#KBL~ng-S*QD%FxhP1XHIBoGFd2h|()<
z4K1v!82@4k45}t`!SSN)eZ?{#$2uU(+ElREgU>oMwRTSHn^7I|C|HawyF4~0A;soI
zAOgk*QZZQ%-D@-5;l!sWe6+AQRHu454|kH4CBkim<Pml+Xs6~fG5Qa`-*3bslTmZ0
z8h)b8Hn4X{zxad8_3V=Cku{iunZ#rCuQL4~7*NZ$%Q(92YX131myEjDC1^b>)qhBu
zuUV2)q+R~^nd$S;BN^wiSK;a|P4x3U{t9c+u7U*|Bl+eQ-e}J~pBSVSS95jLSjnVX
z7)?nJ_Sp$nzFvDu56M4yX7Tv)40L&x8%qa9+@_$r-L1Ob->~|GySM@0`Fd@gzN^<B
zJ0Gj?35<7TLwlsXpB?v!ek$XFxot4g56$nlR(*D1SOh$t`E~|wsl879^Wgq#yI9x?
zj-hUUoPF}TKhoWD;EjORD=3T<UAL?qJpsTcd=Q~HmK9|5OiSpI+OV*O=-5dy?R$^u
zRORc9>>v|WA{dE{U@|w63*nj0kVYVx_B;E2b@{l_KD>YFnZUFDYqr9DM^nZukBxdq
z8)Ej$IH7Deqdo<ug^eD2_<U>Qrp~5eMOXR>vojc^r`_;p&u~<Zj5Z<)8@X@Bznf^G
zGzdyJa{DDMq}AQTs_F-iS4bG;u2hAtcDwI<M&W7Gi-~o_abO>RbDlfb_H_+q9@H}2
za@kdKjjRqQhbciW6GD}QrnAGP@Qz|VmGaLX^~fmGc`HeG$Dwcqc9Mtvyk`u0`?ax~
zePCU$PI=SP=IQ2m{KBVb-^=&9KJMv^O2dl_vC3I57}C;OrKMI4KCIvC66p;pJTG3G
z+dC&_0{S0LxJ=hyEndEWzuHxD46Q~$;ard8EPVU0XTrv#Hn*_w1j$2*mdeYip~y6q
zWIm?*4*=)0@wX`hEU*}PQ>AO@M(^LihVA3ilbGWStT|~+f8JF(m;WPG!xPl}3ZHHt
zQ7A|oko9(m3>pi;Jh17MK5H3%SrR^+Vm+@x7b48mpkzEi(d82{aQclue7C+`8iqXI
z#hQD!%L@EM+J9gqP>|)*@gzNFV0h;Dnxgb@Q^->r!#efj!b_wTIu9gpHQa5MrhBw|
z+?<6;>YDWf!&TVl40??4Czg{4S;n1D_~IxE7?%jC{OEidef1!HanqVpoA4n0F=)NT
zGd%rKS=6W+7|+@M04zjhhI|v-S1~?;u1>f$(9Q(D*PLqtxq*4{+|up$Kk^E_zpZKQ
zgeS9;lW=zQ&lA5)_w(8Ke3xt-K;D|eQ9o|mDHM4C>ZS`0?|LfH6(1S7Scm<R7Sko&
zHf+1!A`n)F<totL%8L={rl$zPuodum8CG)tVV5<WEOfuqias&NNh6q(6p2jhKF$)}
z=)FKx+<pGizUSa0u&X3^zsoAp!AS=rB5f!va46~dhVWkcEm-&4x`~6zKi;IU9e4!@
zxQSzJk?L4}c{=Vh*!@U$cy)F;ob{T@D47@PIeouOvMtw*&~$hOytvZEn&uiClBZ=y
zHyjvL+#GUO687Dnmr%R?lIEV7<#W!kB<$)jaJ)psZ7%a6zaakk9F3>Yx0ijMK#E3_
z{T>pzDzTpfC1sgqzoRZfotvAsRNDR0f@zIx*?RE&D4y%M{Fy;&;&nDekjV_5;w_a-
z<Y6Qk+(rfxexfd)Ts$^+>t0gjl%j3lNIvr!$Vlhm0;GC7blp4*?t^O;2SsaojnT!0
z1-3*jrMcC}Utpe|oc)3i<j_bSrow~gESQ9!5Op=-VoBaG)URq<-X=|d-JYE{l`Z->
zWUh91f6TgT<FCki*-|Hf71Wcg>y+dqWy<JQh8Cz<{U8!XB}5%qbR^vJ6oDQ(W+RqQ
zBp|pB?_LHlg3s9G3^BvI)i?b`c7^WSmH6y}bhdaoo#h*3I$><H-q2kW$v<}o{!=oR
z|H~XB<zK^09686|s5j!1rG%z$AFJ<`ux8WafkoC<>)qOJ!XHvJj8ARHgZO9O;dN!0
zXI_7LC$?y`jqliaczQYpa4d<5g?;u(Pg_W>S<7pquD8ytVsbLc=H?U$eC{oyn|(>G
znGf2opeEg!0ahsUId`uyh^#LHxy*$rt*ydi-niCx?Tap@z%VM^?-3ax%x7M9N!Lp<
zI)w{Fv?HG)TzwwMbkHM|&rwH(|LiMWa!zZFoI23m{uYpKV=KHk;(I#i2eFbuZ7gyt
zMf;k|C>R3!$e#n0q7MxX&A$iMP${w~e&89q=$bOao_}Ul5vmQavds9?>G3>Hx{WVA
zTAV_#U!9MJH#YzI9o55KRXv-O`uaO*)A)+L`}dRIq6X05CcO90z1qWgn1!96`5#4j
z)<PHIMQBQkvQBpGxAH!+^SLLC3kw9dRl$$Om;6hDJg5Blo2pv+j7Hx6L`E~#Cb1T^
z_u4A3KwxpzY1$7-T&r3-|4}3D+g;)N>Ud09vk3eVe{cg7nMBL>w(?Iph9`M>U~SM^
zeLFF849h7K49|Ky<~;o{&(6C%F4?N<II@kH7hgu;d(X0z$$LOTNd2TtA@X)%8(K!5
zeVS%=L`blEX*pT&qELHsdTsZp-rgxfnH09GJyR0sM(FF{#(e~7oC4EYD2HTFIQ9b9
zpTqBb49DVYDJ>X=>6qzr?9GC!30!?{r&+_8&GbtvkfZ~Z?j?9bGf#;|M4s98d&T`a
z;u%j#gbZY)m8jHopGjUe+#aQai)B4KVB6(TY|P#C8|wpV+8>F9Cq<MLq{&~Ponem1
zwlfU(YRBa5I^~J2sc894lSAt!_u{8%R8d&iK%~P@x{}L*$23OOK4Z_1y!We-#s=mY
zBcGXlZX1~&P_+|2NS+U}`VQ7T^MvQFR5jx$yv>kEBEEm#(S3^y&E*LvTi;ol=HM~<
z&+lLdfngx5AqA^MRu*K{>>8uiIZ$XBgRF|wJUI{9DYT+@1aFUpS+N>7f_g;Q0S_C6
z?R&M+Q2inge!4z&<*r`bUyFsGOYT4fsUS+udoFVR6;rn&sQnu9^G#*uu?*nQQ~M)g
z`(*1!Q(tB{^5<aP);Brf=VvOP3*PpQrG2QhYHy3_7WBJmA-<0XgYBKKHfRwg-svxc
z%`1ae62%(30loA-&+~6^foZsYqK98?*B%y|`Lu_{yDfVpTW;#^XVo3O?pAfZaes(x
z7mB>li@c`!cBho&TU997O+KQuKRyU}-EUUh%MT}wjC}>eS+L#Tv{TgTVPLouZFSL}
z5wf$yD`&Y!unOOEpLt(mw!iMe--DD4wWu%S9MZyj*rL7e(L^2=mG1wH`##RPXKv}3
zz#@r_)eN)fW}LO}7$(zIlLuXG+6r&fMziz_za?b7jw%7kReHu=i8_-sL-x&_@_uB7
z)3v$n_dj2^#@uhbj6ZB7i)?%7^NJ_N052vhfDW2z*jeo{(cQ+udj$<n*A)+S&O2Ef
zu1o(V$Kr*5YEV%;goN|N&i-K!?lb*CFQJ2BbR-{%!Y<SrfKaNWz{bZhcnfi6*Lj8H
zWZEn(H4%`InHstMgfO!%y!(VC8RF%tRdrm02geKyVtR%q31eWM$458<azX<;qs-P9
z?E)z&0z&ef`jUv-Tb((VUBIz-O%`-xdSaNEiF&<q$*w$VRAm!2w4SGXFhnaPWtx0Y
zJkZxa7V5hG78kUpz4pt*-6CLfQ(sC-N+)`A^L>H33)GJ?)`|65897h<?JHt{*^Z|?
zDtcuLGrXRod304Q{SIX|P|w5b2ly7x<FS81`P}*tx`0ONkCkm<U0Kv-)i<4%-tZG#
zsbF}*%x~f>>xM=}$>3-kIH`UDG9n`rckCzx0mhJhH#ctOyd_ho>=1A{i&TFh0Wq1u
z?s*5%USY7gt!-XjURtjLAq6D+qUT_RK^FC`=)YeqwktjBz<b~Y;l;&8kN1tKni#Z}
zCj*+xK3$QOf%Jx_4E3^}i#}muNBtm=8NJfBY$ZB=z(==q)q$R8o;VSg+L!aNr=t}f
z?v2v6_ouIj$KhTv|2|%jE@xWaAU`jv_koUsV@f96Hz<A+NMf7JA^gQZCyLh4p)Hwb
zIim8)w<kA_mwx_JgGGOG->IP7IE{cn#<1|7SE;Li4lEF2+ghVQvMOWdXs`7TJ|q5@
zjfI>Dx^NU}_EyS3``^ps=!EN<mDF`%)uLbJ={NMifob@HRW&ueygO(wa`1qW+a&B`
z{fM$w<obAvSaZOrFt<5+WgWO{^$l+I3ciwaFz~0ulnVKlo~6P@lu>F)1folA?-Kow
z@K;H|t$J`6(nasmP;`k>_yWFuQ(jz84~~KDy`iOX|L6|U++0ZGp<b7??!gx6^-o+}
z*3mkAyF+X_26%OM8J=MUTE@8F(u=8QTZ8c=4hG!_4N3l1rv5*VUNy89H^|&VASw<z
z$V~eNnU@I~fM+~uPeDRuRlSlzpHO*_ZujsiBK$nEDr&hOf)?j!&_jd1wc+q?b8#uT
z*?*yWXj-5B`;(sawrBDL1Pjz6*w>5DP@>o~&M4V#^aLDhmcBk1p)yksljyLE_n9kp
zTR+FKA47h#Iil!kvQUBEP<Wt}Rp;@yjf<juKcT`~&Jtt@MX4`PIdGij`99L+m<QJ8
z!x|bLiGp0v>cxd7>kv#Ws-bx^?k1~lJ^&e^h*u50O07q`ubsLC6(-nyBQ1QxB3K|p
zSVQ77NJC;SWXcP;r@y`=p!?ncS>`i;Bx6RM+A}-wFNHPkbSF#8H{O-TY3pDVjkiQk
z=6?XgimF29Vf9U%BZ$9<GufVSF5`7KpLqwj6_ZY0xc7i6w`z;g?f(?R0Mo_Rw^^`j
z4BdR)lSWd%0q_nlCmdV4N0#vD_hYVl36V36O|Eu+V`pVK=Q*1td>X#9YxBwq-{LAA
zC&Eylqxy@S|BL$~FNcP;?)6^zbo`zpFROp?MdFu}BWGPqL6uOOf}V+2cvGeVSBtr+
zOX6{`<n0?&u2fsIxP`fh@H~-S+uTszZ&+}`JKrz4qOK=^?+TU(fKaEKQI1-=ec0Yp
zG<Q_&m2uKMFQ+sSA?_3Rj1S=QD{;tM^F=kEnhU>e;S`wQ9i-3gm3|jMHAH3_RW;n&
z7@uj2EKjmH<o6s5_YF;3{PymQXX5f+uy1dEal5gxoQR)at8qiW$GqMW5`q$k;q1S?
z)U+bU($#;?2NXX7tf0GeZOb47hG*yPYTbKOT?wVgy$2GXsy@)rI806wXbagQMUXp;
z9P<o20H`tdtsB)j2R*caYC3n{RL_ZEsjJBNga-Bj81?-PJH`RgnJoR$B-=9I(5F|~
zy~_7L-8K1nw8FMxC(VoxKz+8o-6|~<7gK>2Gj$qxq*+QzyR3AHFtD+X;;V2JWG34B
zVG&4yuWhq4i*@1zM+MJHM!T;(z0x;xSdL@;&so!_VMkW;u&+^vE6Q4e^sU$tx)T^5
zlq^5Z=GjqSJV0;VEn**A&pfAeZZFD;><}wb?tQ9Tw(Z+EAtNy>SdSdyK3|NoK7|Vt
zE0WSWE1B+nM3)H^Wp9`8@ez5;6Njxos^|N)xI2}o`6}?{Qf}gOfqliml3a0F2<GGR
z_t#|<CuZ=m`?XA^fDmbEWZ;#4F)4$`dkfG=Ve0RB?^m3m5ZCowRpYv&xuY$JI*#E~
zk+~$W&yF^*iHm9PN#d(cItH1edttyP=HD3vYFF?P6V`!SN{F!mFxcqW?Whe>0FV>a
z?P|RTG&~VKq@y=Z$UoWXVRR<5U}EAbDNl+k@`)IkzonTWJ8Zek@*$5t{B&P2^vRkJ
zb;4QSlzY-*A_EXn%U#usjK^R&u0?tRnIr4_4US0rge$p~{fnb`4IMJE_YfR-K9m%|
zt#dZ*%rOHX`mV6pZlS$-b+<!PS(njw<He2cld&ZatybkI@y~Q5$lWyuMBidTvw@ob
zRgl0nS!z9`P3Wk;TmL+*3k*^)W6XlBw`X<5iz>=(D+p0}WxiiA+n(M~Bf}r1dMBq4
zuK_wV6^9+VQJ|#Ka)0}XEOxPdOb<{N(=un()v?;;)s1@Uy()si%|{dx{H+5eT308&
zRwLFoH`_wNfDg1(k5XTw97nwVdV`h16$r3WV%_j8OGFRQ3>!)lXAY0#LA&C!4QfW`
zzi643QQi8$f$A6hS|G;3pf*W|n~?8(<*tXE6bl{6RHEk^_Vbs|AtM~nyD|A&N-#dd
zbSj^NB_IkxC2`g5Y5vl8Neyeg8r9FsBO%M3_p?w1%nT0A%vHp>k1FLl24OkDdnR`*
zC;)eqIdsDH$@}Bd%N=F-Gmup;Q+3EIE;V2{kkd`qX0v;PXNwV{N12}GlhApf<F#?!
z$`Vr45+f(qw%YxqAz&;nkgaAX(2`0#O8ngM37yiOjeXnWLeN(0m47KcfPjppb6|r6
z_|jZ-s}_1QyZIc&5zJ9xcl!%^)$%EOjpnok%71>k!M*ccz2}1!BlmIHErvTV{dSE;
z&`D8+zXh$R!KX8pxL15#V%hk(jJ%phIb<<8c!x_d5A*Bw*B%EUaKP;pJV{-Qi40u!
zhFbRam6_#8_rM-fx23Fv&SHi|@8yDRL)_=iq>lhDc^6#0>$E#J)rC&CCv1||3JQ2M
zwPrS;Pw>yU_c#pHDs?jHLIu*!x~%h~wV&unr9YGXa2}6mB_XeFYLm&WfNUO;$0ZU*
z5u_THS(LxCgBO129rp7om!J<cYzO}tb#nRdMrE2^b$MiVq^~lT)A|Zrt10<FX&L!=
zO!itQj$5`2?=*XJzD}sRMacU}S(aC%u9&jLI6g5+X5=IM!rH>#(5R+x>zbU;DF)3N
zH;4&jP*fB1)?JY43A=6d0en@Fu62;UPBT@LG_6zs^?9UXYj;MXH$6^$=a)3sMZ4Bl
z1N>PTuWrf=6#<IS<BC%KKkDBNM<|NFc|SYWTV&Q+e<qzDc$;qt*A1?{VrvZ<w<a!1
zi4A=8%bq|gpJ7%>S?YV+oR_tDMZjm_wY%&C3{x3C*SqXK7b-ft^+#8hV7Mvvw)*i$
z#_d62aJ^%=5mvY5#?);`>;TEIirm^7eB1f#tHpb!eQ5IHXB#@RYPnzG?TG>SaWzpN
zCg+T7v~IiEZ!^lJ9&O-I6|K8UB+=H;Q`pA6AVl_oH!mh8!(!kNMD@PTpPW$ja`MK7
z(uVuWu!MgqqQCK}DDka3FOj-2;P((qi(%nsglD}^lLeXGU&lkw1L)Vlg394xb?Dni
zH6YhHvE>y)S7L$48>REAOje<IPC+#19b|1{FOWQ+IidVjK-^6x2WZ?oI6sY-$3xn#
z`Qm5d0~yGvj*bWftGaSsx98Cb09+ZXv-7qGYOWM=>>_1l^7ITZe`j?bar+FE(*4Gy
zspbj^WBirHJ^7XDc-+;{d5-{ZEQjg0dz7fJH<`;)mVwn-a78_~2S45dkpGIVIc0LL
zU!z%j7a;n1Qr9VF+SIAizEb>bMCRj^KrEx`OfQ_BrX0Sj5-()DWOTGH6Qh>EFZj&O
z7p1nI#cpgBAt4g)%&N9VnG0^ET4&UYYlr?%>LG=*fkpqTJp${e5>Hh%g$WfA1tSCW
zw?IeKRV{cfHD`TSQxaUjyTl9Y=h0amJgve?gcDOYvq)VcwarJP(Ar~m7Kyp5bv~CV
zZm@*?(T7&lcu>^o9`rt*#~wKBx@3D~nh=14T$1i;Ti~KNNX!La%QcRfv=S9-i~AO%
z3`>?W%{2?YdaEnhm%St?{?`2yPW`<1g#8QE(fwi~nJST}x2Ty0FvpqLig_gWY)$HD
zg#^sP{mfAsF>`F6yRG$*HA?h}@o?+yrfl2i3C$M6HSFAmqQNRk{T8ulc3}FE8DN6!
z@j$#TWui)Qc=l&|T5h$p70>zxUEtpSFMCKt>qO7Zl5uzz__Do;XEUBd(er_T(~<ak
z_U2;!=L}W~kCf~fo2Kw=3-(m^_Dn^^MpU+#5!f-o*IYZwXN7Jze;ehxJR6Jadgjia
zzcOnU+MgVWe(5v22(b4O98h13D<H2lo&$56RCw^mBCp2MulK=x=_z>ev!97=R9mK6
zYN|kr#=_?Jn?`$0VxohCLt|@Q=z#RaVj1u*gQ$_QPwMUoG(c5=QC_Kn0#IZWiRwK0
zdHvJ)0SS?4TXW~mH4=k=@^bmfAQbmijp6kjIu-tXQq+Te>XAk9?=nL(hm_GW)Hxp4
z*x|X9Of9JmSX9n#Z!R#`B#`g>myI7^z~a89@MWah^77;CH4V|SZ9~}PRAjVYr<Yfy
z<Sfb4o-6<`yDU^fq+C2aQv&=^AEEzCq>i&KfobsA&@FdXBSr;7EjF`&vlBIrqVC4{
z?~9QU1bKC5Mw@dga?4Ehg2qQn?9r`1JZn;^+i+o$%t~7hvyp==x;7oK>+{kcI`R|C
zAFNOBXYF}x@caUM-P1|ZinG)&101aVJ!SGp0NGNl)Ok7CF>j-}{s}E6uZ)F60p+}o
zFS1nX<=hUe*6Bf^nzdv~=jo|?Lo6edQuIt#dl3TN2&vpmAj^qc+l{?Csd8=Gt>;n2
z)DnJo+S){Spe<HC!d)qCw%hKgS%e#|wH)`$Ghg<1T+|T$-^=$$aza+a>*3%lZ^8O*
zg)F$P-#niyPL#jQghbdfi`<!sir9qyUeZ~sD%#wdg<RX3az~1Da{Mt=zKFKS3l*ST
zke#O=+3|y4*uH!_S=}Q=l`h4MNP;mtE1&#Rt<2=@Q#_rT+o83B&CQhV!T!HYB?NYn
zG&dJ$M>)_pR_dJFK@qw6UEuB<lay*Be0ySGp^bJaWTX9iKd+gJsa`=Jb8ft+2gL)-
zEoi9)pC9nrgm_9DgNd)x&1!R-r#A5IFkJ$YkGKRRwAXhg@n%C~fQ>RHeU|ITd(?>m
z=hOS>tM~S{z$Q507U7~K#hm+Ua{o|Y9aLJ;GS6Cr?}c)PUHzrT9P88W&lywTE+*94
zBf#?2YXcOhwMbMs40~oFpQVr!%eX-BZA;Awo$3U-g?MS`cPej~ELnO*Keulf<T3PO
zUP@rZeqO1IZn(AnOm=>5g4*858PvfjBt!aa`KCA{OPxkV^*mJ^-CyU3)9ZX$d;9Rj
z{dHxu{k)>ENk7O{Tl3)OBJ=~4d)Vquf+A+dXK9U5B7k_*OAzg7rEj*VkZ`|})i9mb
zVqqB=zvc*{qm}$ikL*50my$)G?=1a-kNxja`h)ZC=ySw|4HySNdDV*jtTcz~MKTq+
z_F(av|Bbro4&J=tXfKO6(c#*Qsz1>3AyEn2y2L?^h?WiE*w9i}K}C%BtuH54B{}Ur
z-w~I6)Dq?E&820UY_zuJ9(D}FYvNbJ%-&&?ug+JDN3zkn<~t4Iu;fiV(=|mqxZJIh
zLM@isW3~ZWe57B-V@?<wHLHSTT|^a~utl89#2IV-b(>XHxWUqMt#Hx8Kewp$vl!<s
zA1cx{H5T!qex4C*%OxWTqgrkX)ytM{(=HGY@6q~?GL<|e1>AcGH;eQ!J_YGi(1Kl#
zX0gY%Qy+MFxYH4ex7!^pC=E6Gj&A#D`A#&(q?1!8F3UH0lV%02K!xp1S-Pp}4m%!<
z<PB<D*G7>qq`<q=nJd<nL%x@rMt9x`j<&JYLT(uKvUipI-2L=v73;|+(Xcai48P*@
zTcNR3h|b5gCH{Y*HP5Y!(KYL79;UlunTe4}#AO@zQlV=~re>kB74hPl@ODkJ6H3LG
ziPo-#a1y|5X29Tg=otVJuD4+cjtdhcCl@{!At0{mf;rrC-Yj#?(8M7sCm&iOF<`UG
z8R<!#Fn!%vU$L)Eb4P(;&x8juB!RlwFeNEPNaxFd`5)b!O3#$c@7@5g+8u$m%6U`Z
zS3+pVrxwaeu67xj{dbAt0t0AV*<aY$SjDL?nUS~iG(cviUeZ?%PrLa-bFSPizXTzZ
zyrR0waryVq?|Hb9Ikj+ZDyD>My1R~9N;sfka5+`9a9o&Ggj+_V<)Qr=Tt%lhuwXM7
zBUwlRl#EB7Ovk_774;nLlc!FNA)g>+U6s<tO8-Q;J3dF~)#0BQxqoEE61fRi8#biu
zH%ACwzIAG~_FH2ZPw#x8{@R!)X)tjH&~O0%VnzeJE<e-a-=DwK@q_zD!rwta9tiy7
zvvK>W5nt};9&TL*=QBO7sz`(X@`(l4|A3|^WD3ZNlDA^$;uYYXkKkwEnz5VcEFlUO
zR4}z<)Q0HKi|+AeU-_rwk<B1M;CeO=?^3WtjSP*GdZWAnd;KA1)<=34_G$QY`;h1@
z>wH@`BHYT>CI7SsVD9D6x3w?lJP#jf=UZ3qpLyH6?ltM(u@?O#CC;v^i}IhO-vQ*N
z_72L-fpPzLNAb_uGLzuuna~R$;~~v1z$sbe{e~hOw&4w*7J>fJPQd9P>qVH`P*N&y
zX$*dz;ZA2qlAl*`9Cns@{CWcdM1W^q_Q{4IkNT9S&ve|tynI-Oinbbl?kAmM=V__%
zZF#g=hOl_YD%Mbz&c-&nPd7U$b{uh%TbhAuY|^8L!Am+@qnaNP0JZL}BHLFA-<1_!
zkyM~RBS>e#vR76q0{M@j7wiAIUC3c^s_0u{8GEyk@BPb}g==GUys1?&fe;`&{~2>E
zc2QOEW|vbNIn_js;Eajlc}QDL)xxM+$i>xlaaBOH4H#D8Pv%~BRLZrog)icnyj)yo
zWqqq}u_t9HCtUv6@20uf|Ge^nUj3vJ9ckaCQXnf;N8iIeY;B8xWo^vVwGLkdUOZEc
zyQa0`qYs6rPr5cCLtO{*$sLQnJCK;$uVKiUR_inwts2}UIz%l;vg#n(DyA+C-#zT`
zFPQn)V%P~&7hI1h3o9EnKrRKDdYm_Dh89AB@T`qC{~!kOS4@P;pU69wykX@8x->Ww
z=zlGc+jXLsO^j<FJ~a?B9b5V$<N^?tmSj4u=lq#*(zDzfUc>*`aIan1VwfJ7h$l#*
zFd^(o#JoK$&ua4-XLn?@g<qDk)lS$q_NxAiS$TNh!!vY2n&G6#17eelA|Ft|FxMN8
z`0X=;+*G5UZP3^^>*or=>?%_-jm@|aSoc-O4w~5H3_kZuoc{5J&nsNR$j-6;8oFa*
zsD7yszyB85THks%;z^$FmPaGT|Bz2#-$UH;pmoYd<CETZnpe4Y7j4}WeNes#`ehkM
z?_b@Tnzv6+eeU-kh?P<_60cTge(AO=fVPoDKwoN|S)3i*JD}F9&>wPNvo3kRi)^(k
zJYc>VU;BPEIw5^!X@(?(TP~{z<iE@28AM+mVCs|dFgr>&_*LQ`Nn1Z5Vkq8y4>ygS
z7m0$-&c`0|1%tqHq;F*egOf_Vsc#AKytZ#ZBg7Kck;JLbpujVDC0h8=<LRJ?krD_@
z9-HHllG;D8Eu;Dq&APP2!Zf(ocwi&8*@2R+ukR87!PViU`xg@E+i|TS!$b}{W;eKU
zVjK^$e&!#f!e)xW{;y)6o*?M*?-C`AQ<PAmC6$l&UzUG(eqSA!c?Sp&^me&35`0sZ
zC|0F757&GzU54o{#;qF!9+RQ0wt&p7DFicNo90o$<j>>+Cg>o(5o0A6KPdo)**I&i
zi4nXqL=Y2@twy1aNMXje@MNMLdqz*clw`yRBE0Uf-J*)-dG++td{BR`IVQhgoqA=Z
zY^u04A8OCduJCJ*a_}TN+b(Q;Els@*7IbQRMpeAKDpF_)%KT32>^*(`Rd`p9S?f3L
zPK!b-e`w8ZvzHwYNnL|nLp`F1?->CzF~uqRwqbdQ(gG(9EnLIdrtHEE*A^8tJ6F@E
z`2`YZM1O*V6t)^}rJv1cHuHvrS}XhY#jU$B?w|08L^Vn~Mh<W`zh$8C>}>pcgAGQ*
zJU*7k!a5$`J|z4<4~l*eefkJf7+pp_6)=G_c<#ejC5Qvk$&nu~xGA0AnW%8XZO+vM
z(bbtY-x}91@J5WKp?Q+8Z5a7??-zL{g(A>yeku%W>Df+YRoy42pNvh9kLi<Bl!7@(
z-|0TP@djN(5gIm5f}&fLvg0wy(5F7Rdtt{r@|$H$?itAQ2*|dD{4yh6BIqjKcNAuM
ztGKt{^c{JNzoUBncKY`5$N)KFNZ*I_PQ;F0046GXvwnI)nJA>S6<bGmEeO;+vfagh
zyEFVj8fIf-C!i)mz;*iQbEsDcbR4-h?T2zgzrCFhnBWf%9gdK&43M2e*J3ZBQr0p`
z89h*gaL2_DokeksPrxHil|7U$ymn8xt9LOYggfGyN8Fu#MgF%mGzCMET#J7MB=?8K
zUt+a2IO>f#RY0o&&m+^c&hh`0V0Y-WTk3(Kk<H*_%$gW$!%uv0;Sn1zuzz~Urcb&F
z;ii^`DL?$0jh5scdCohj;VyQkww|WA<e3QLgQKj?=hhEMvPd%Sc;9Ciu|Z0<x$Hm$
zp=IL8QI<&^qNwsHd=(_OV=D!XKkrCm#vHG^T@fOff6)LVr%jcx<~c?`nL-J>pw*U|
z-Dg5Jzo4Xi8XvXmcKf_TxH~O!`(FnLt;DO5XU^w}k8j-~7x%P5yC4(wy5TdKf460b
zRBCj4g<Y7l^8MZ<ZmqNYC#zI=y`~G{Gaq-f_R1qry9camMBV`m4f{l9Sb3vBo&Zti
zgT^NLeBaTG-0p#e@1Q-Yx0RJO8#{Z~na8_fPX`ygezPJv+LH@y5UKp6{kf?WR8=`o
zkUG=U3mt%J`?C>%QDNa{X7|8aU>Z7Bu_d9267}T^m9{zYH{vZ{`G+(1VP0cP%M9%Y
zH0)}dHMs|o`@&6;t#y~jLeN-aI2>v_?SB@*ztpyC13??5`l4cSS@iv=pr30h?CWHs
z_>U$la-ZG{3;P$wkYgmT2U%IBXt~hz{3_5h-u`$}9X?--C(F*xOKIyx{{5r>m*S5b
zjY|y_wKt@V-n>zz*IEaBuxy185SszttO?uiVfG7v3qDOgCQ2p#fk0P@7R6aX=FiH;
zlXN(kdy#)XTzFf0Q>3eAC_Ho3BHHLR-IwT=>UHQU>s)v7#WCD7;%`rz#AWw;3$CKs
z)MO<X{D&v(-inZc`moThvwAA1*m}eOxG0KCPfW2qJhbtPlM932?ML<!%A%qW=ioAV
zvIP>vEJPU&fwWGdv8{5x5BACzNE27_JBK$k=@>Q3eFze8<SjwN_`~4U5q9V6FKNbN
zvGz-osdHfD$FmHq?H33ZLR`4v<YGi@Bzf=HGmz+C2c6mAjcpwZwXn(rtJk;(rRE~c
z6=g%Ad(x{Tot2#~)0XwCQ2Lhn`r=Pb%zdG{Z;!A0&HApiu*jD5*jvKe;%gSB7HQzW
z<Ox>n>G6@9o0~VcAX*l}>F$Y~>?(%Et6lYXL`oK^>2`+m0wJQyQ{_qap)(`j*p{Lr
zClu?8@K2UYUo)v)FP}b-xMJCNLYb<gw|IM9++6f^&mxA%-4SRgUumaq8#E*ebu8l%
zXE~hN2ortqRh^oq!bhyFqWx`^gr6i(Ga=+1&@*PvKV_?5<cY>8haJgWW}dPL5EWhw
zo=rZxs5MNgM}*Yf!t!Uq{0#-lR`(dlOVEe~h^<Jq*@W#Ael5{t!nk36tNCPkEeSeP
z1!S*~ZR=N3FG;B_d?V7|!c|=V9dJfVzXT(uXJUvnjN_=dI{WeI7O1EVlv7rscZeeS
zrz%B0yz5QAnW#g`F0ad&1H)n2JUSc(aYG+f+m?Ss9N2|717O6SomJ5;OLsdm<YS59
zxGM@iKj?X<OhtY%afJa$)Wx;73hfM`a-1z;CeC*_65Sem9+T5;jus}7msdb;tGte<
zaTd9S^0V74VEqRc8k*7ZAR0ywzLJPK<#|A;W{zkcCKQH|<u!PAat1Wa?Mv$9Z96@&
zAnUykSVj_^v4fngY<}B<2b(t{B_+6#9$tx+fLS9q-7DuT44En<18Z(d0GPV1a}uMc
zOZBrT*@w%a3_7#VC9|P^5VJh*E8G`L37x_($9c~ti?6qMN0vu)suqBR=Co^^emyg?
zo}Q#|Tg>m>?d)8X>tYh`ldBqQLO}UaZSAA}AN@7+KQf0RSm4Um1>;LZg}1Jv^6<DS
z7s0gE|1$HWT1%==PSH$}$W#8u2)YyUDSPKPVWz%)OYP+Mno~kqEdh6rmv^z4Ic90V
zFTBkP&LhTS=H~XNrD!>K)eFn(6c=C-`=~qsLK-y8BHY9Rgqcg@g#@PdE&<eAt$~h;
z_|i(cf}pZ6#v`%3HR=Z!Hq*M=34TjikTW@ho^v*aEwT96;o;{0W9pxy<NV%mad?8p
zY;4=kL`@nswrx&qHA!PONn_h-Y}>YNo9%D<{hV{&ch;JJW)0Tty`THp`?@dexD(?b
zB1-Gvc#0PsRzYcN4{B<s=K3BoLOjW=B*;0h%w(QtAp_iS+Ta|X3VgK((=qpjocg(n
zAd$D8`KU=g<rn{+YN?~SMo}=;`Sj2v2=twWgOzcf%;1w#RAnxAN@3{?%Tz-mmu?+1
zW)*S{nX{Ng_hG?El`ypT3?tRBad~i=7Al^~j}S3U#|Q$pserW*-PV$HJxz0(8sM|e
z1?o})`rypmDkXPJzQq4D#{ZM>eIdtcVw`DopkQE#%^2q-|B?BuJQf|ZDeu$uP7o#d
zmA3LKm;8v?;CMM<YkJ7g0-1ZYxcRw0sdawr_?adb5W=v_S{-ZZQ;nfvLW6Iy<aulz
z7Pkk28KNnjY8@NN?vgZiB}t6^nC9vFHZ=`*@e*6TP*>n-2q1~%Xx<n#cX5i!I40fn
zmCPQkqSDv!T_a=?B{=m8#kHFpcwA>APHc+v>A_!`=H(Q&mxmj?)L2ozOA@Rl;oZJ1
z!30h*Ev}2Nbw?iN;+enRvaxd)`e3C|2=Y3QC&ed0Nbrr;EWO4@-hjpzbbD6VVp=+l
zU0gGUEAR|$bFfJIoW=H=RM4Cu+9GRYr>0cyI5Xy|*v4g1c3*<IgP9@$vdP6p+pqoy
z|M>DBJ8l}qxVWhjg*ysg!9{j+^7F<A*v}ZUi|59Fq=u~#<=44gC2LJ{OvqJZ9q(ZO
zJifik<v0gtO;}hO*weOg0pFZvC}k@tfHqIH99^uF=NAD-RMccX`iuTd$wJ9IBq=!P
zWMuu6`HPtM7=|p9ZJ<}=%?&(eU>LY&zQ3TCcAAVyW)lsquj3<fP{=Y7j({@78<#_$
zZW8tzn4rkDlwzJ~=C8kM<nbgu-c-b@8+t7!m0oZ;<?A)4EsQ_DlV+J$aYiHWni@)g
zH};|PHtViJlD1Na?iUKVCbnY_1UtI$z^NNlh0i$dpL})r(-wIPv<Uh?o`KS<Ngm=k
z_aWe5TN%$>-ai6aHHA?w1vw@see+cjp>~JRH11H}-Rnn|EG#Q4i+DfaMgA~n%yJZZ
zA(#F3+;zzh#L>?Fv`zTzKXXdp!TY7C^BO(7-94?EVMiAgbx`*&rNpIF#dz$rs*e17
z{#rBMS?*c-@a{cnC(UF>RO8F33pn|$+6i1vz{iUqOwcYwaGd)4J&yLTD8@VQIYxAh
z9nrpdfeSSS$Ea~bnSK6-{^cESq3ov0$3lk#J5Gef8yCkML+i->;-+xBl#ma)Ugk{`
z5Ap3c<BkJ(4X8^BmAj5vz3Z@)bre8rgxz&T1xg%AR#h>xhlg38yrA8q1k(9GzWYcv
zNx-a)Iq#=U3x!<an+3&EPQY*xzayJlk)u4|@mrhC)Ix^2KCX0|f1w#twMbYU9r}rt
zt}}bCn<?tSR~BOM48+{;7@Ny^{S^x3BoKI*J8*Qwh<oJI<PDC`c#g7gbQJJFlaU({
zjXJkI+1&YQZUfmhcSLLF%dl#v?YLu3#iDAa+jF4=|F#yX+rYhJ<%Mv_eaZP7u}h^s
zI`K>Yba#AYGO@DuE0Um$&1qxqZW@lf`<X{B3k~j3j-^CdXH28yJofsL42Z^f_j6ce
zEY0PPZ@g3aNF=<-)_mF<d?}@*p5zcuKuapwy27c_W+zPdH%~%7`B=>a3UCz(6#<tH
z+gu`k8Bqb-Xa|%L5oAKf$M`gr0hFnW@%p&TxuCF&#duCT{kGA}H-!_O<xh{a6HI32
zHp!ExxVrX*wTKl_+@G-=f0XaUVJ<%8LA34)R@Zcm*A+jtVEcvMPU3-6M_NZluK-D4
zPB^u@Px|Jp@oET;<ydRL;*mv**B#q{Ss|y3JOv~vyJD)G)Eq7ORO#c<i0^wCjY8JX
zpU+YKL9!v{Zh(N8U0FNbuF)UQgyv0R!V=DYY(#oY{o?v$?{<*BV{e4YAmy~%pz@{O
z5ymr-eYrPhP(iXQ6gdV6OKh`Q{`o@ke$wum2_N|IG6mP=mFTU2sJW#91@=6R7#W{9
z?CF5BTlXBj9wnZ#I<6c!IBc*H8^Ee|BPE<HF0Dw*z0}?%rmFKIEiUIvPha}&NU;mC
zF?VLm<c4-$@uM)EW?&*e%6(yOo+s4DH)A$X!uoa&9<}YOk37_yKoj5ma7X%5m`94d
znjRPEM_pKZt-!3TmMcwgszQs;0Zeei4;F*$OZub9iL>>vsA6v~4F8o!Y3&f2VFgcF
zby0%E7c5SVBS)5Z`Y9)yRATGBn@k5gA&<fPQwTu$9@Bc8Z$kMJ#c=uMSLAyt&+St!
zK&`p%MP;d_O-@N8RO)bUVHQ369X_}#SPd2&(5+Ub?S8(8!?It^JniqBPd)VH%E=Xc
zW2R}Sq&-VFHqU`r;sEE16kz#Z7O)Dv+{+NQgDugw4U5hk){<6SvzpJ0j`2t4SE+re
zYAidRh{M$cRfoKC%|4HA&tl*GDCBMVG&8#p8{0!CU{_pQ+aWSyV!!FFkv)3ZWFK3<
zyA0&f4o%j?E$@?%i9GJL6V3rL#P41GMR+?awA=>A3f|ewB;gzfb)LAYKbh5=uJ5HJ
z3E}-{<6OVl@7E$gc*9xAuo{s1%PTY^$Ed0&)Gp{$RE(x4h{&F14qQ&#)Bj1p!(P^G
z|2=5T%JtlCD$ZvmiDkl$je|!j=)v*QoU@LdLpEhYE5>`Uj!F_-{ZW5_w>B{a!nTkk
z)$`eb4Y_O`YdKj=z0<>BKV%@lY>CL>Mj@9Di0~tS6?&^RJpTqy7PL2GiQRl`CAqSV
zM8u`w(308n{`E^zD_?VF*LVYfzjN9>A0#qiX${EsxrUGF4A8x0KdR$+RDG(foy7_L
zu_UKjv3FuBGcyjumMqwkrX}i>f|%|14B<BUXT1d{Bt`+L96`8Yn5qp!45uT4e&CUo
z2OLw@<^f-vU~nCY>Oyy{o6kY@i=%jQhsc2#u~KC@yKAD=Ix+IFm2i%migf?;BOi?;
za<~W??FhnSZ~t&$_Z_n(0j_hKN6=Cw*XF<sTl~$Ymu*Z&-`%X*JJAEs4y$KBA~0Eu
zN{%iW=%fqV<PV5y5E`H&k9_EWs_k>}yh^}$)<x=BJ7g@jwP$Z>oU*imu~5L>#@mj(
zXkh`8=#0-geOVle$#=fQJWRr&EuYxGml6zQHW-?c$GJd+=S(a%EcyTrO=j)cxgjQw
z^oSKL*77Ay%uK}^?H&&m%IN#tl#&fpMh-8fu?ZIcsFP&H5s-b}O<-wGP><|p_$WOB
zI_=}ebVBIfHVVFP)tKo|NNC`{TGUrR@WuW}#XhqAz|%}n!8M;Kt+N2S=_ZF&sE&6E
zgd`<09I-Sz-XA+6xiH=!BlLbf6NSu5s;LzSj0R^*Ll~{Yxqv(1G--#bQAOSzQQSN<
z{0NaMGr$wMr$9o*ThejtHXTn|alh_=7)rrwF8`*Hg5ph4$BEs$ZM&t8B2><*&e4b`
zhYM0P+rm=si!tWi8$N*ZY~nb3?#S8;72wSw_`KpV+ezufx*_b}fFhB^y_||?Y-%ej
zJpqm!(W-i0%K;gO$JIc%EzK>f!Hv(;nEdv}MAYFQM?zv-tjjC2NnPR+xZj@-=U86W
zGO{%cOT6=4G@}QYQaq#(zxdAwsCA}Cwd1-&W~=4wwhTN%GB!*Z8G)i368N#Thv1^*
za}FKhR*UOvSQ~m*WpOaFX{j4I8P(Q%7dRk98Wc|U0Fx)FhBj6~EpJ#bi;Y%tsFF`n
zC`peo;GfI?T`nqpB>+0%nE^VZ*uZ*^-^<mYP8rGsgD)Hsz&|b~Jr1MnjpuUD;~@ZL
z5GIHk70@QOobJ=mj;z@|G#W%h6sbzHLDAU!100VnP2y>6=>cv)#gX!GAiNc2N$QBf
z>`^R;t@{q%&oXW-yl7_D<Qab*Pz>b9j=|B=ut8I6qts{b<uCfVGbwg1@KvcgW(gdy
zM06-?X-87FfU+Jfcucq<%Don}0B>?y?7o6q);~WTyD1L*9cIZ%ej6=SrIpctrOkZ$
zAyP5!(wxEJFM+nKXW6&kO#BJC5_&a#$0z@D18J>LN^tlOmJU#=<{1fDQG0rBuE=cF
za<2W+RBK4G`kDQ%rCVlF8RaIwwY;_~O@gRifq4>ZSLuH6k4lK~E?&v656?R_OA-uh
zf@N}AS8!GV7A@}u(1oNq`XmE=_qa_6r{Sz$q^~noVM1W6CL<5-X%2t!B<J1Dz+aj-
z=Bk#SRQXBx=o2B<VW<vB=9&=n%ok;Z`~uh&U=kCT)6@AANF6Xn7u^QO02}t&!ge8m
zOB3PawmG+1h}e@nD+^(8Z;?TGe)3}0$ly3W!MmM|R16b-Yq0@po{8vhm6wMx>0Bse
zE3{mYWgoz*w9G>hBMKnd;xS$u*cn5tW??eb<du?VA{TvM;7&m1n=QPxNKWw~oBYm5
zl)^j)`b*GAA@CJnx?0dgexxM+CJJX}F(|Tw2+G+6T08qte}Oiw(s5l@cH}JUC{!Md
zGl4VUq!ZJc!nXwIbisz&nDe&3e}h>X!QlL|(6h4Ot4;O%pEWg&qm!M4iPGWP6aZ3d
zOk3NEn#RsZ?R~0X+t`K$wZ{W#)zQA8{VpyGD(T?Bj!L=3B{zK`GQFBM5lMZ{5U_^z
z%F1IdeXV@nzOzb|u)3ozS~mA9-IkfV{nK@a678>Hw??gvW${u!HhV1T!q<WH-an6g
z3}@+tB|*t!`)}-xJZ?&~3&U<raphd0V^9B#fmXzGm5C-r{sAzk{|>%|tFRd#??ghc
zUkOb5oZFwy+}RwOds|`5$LtL+T{BawG|z26Ruo0Piwh;UXE@vm#<rDWuVO1%&PPJG
z=_uZ7*E2E3Vt7)a;ke_x3uM0Nj)kmBVSR+#dB9-beU-exAf#YFwvp-I<T#JEY$G}B
zJ!pprYH(YB*svtofJFhvU`OQCOO(~IIPWM4A;j^}aficC4?NE5aeqQfF0Za*D{$A?
z{%M|!`9*a0t{l##?!b7F7r@U@xy);jQ$&mHTuFfo<lWod4XjKQJo+uhTKCthexrBs
z8HPaTY`$Q<Z{=(DTro0SYg+I4s}RdMGpCW+p2QaORCr{NXIi}4mV{F^RjIg&K=IBc
z7V6~C0fy-_m6y4Cb8GAN@qSR{hv#V8Eo+lQAxIo5Y#fCL?f4)nJr?$|v53$W>>?s5
z4jKi=h$aCP6J4^>N3a-U3i3?OMu&y`)6({Z$!8HfcaLJ;^4+pj6g|e$(xn#Q+GpR!
z2?&l@9|4@+1-jMLOyy~;_TIZ*Jf8BRdSxU{%7{`(PD3B^901sK&~a8>k<UJWmz1hI
z<M|vN@OrxE&=EJjeu}BI)6?7x+`GCM#VKYg#r5V`%>Y&60Tos5o&}P!;9YpkOb8va
zTcA26|5f(cG?xIDhWl?e*%Dw+q`ZsRf7V@r%Zjj3@0W8+OL7_-JQoe6mYJ-1E{2G1
zl8!uF1Dm};KZ}t`tI&5#f{!j_&65_76}tR`Uy#KfW(j5v@l(ZJd#NVz-lqA1U||?f
z%+YyC$}H=z<M8M=JyUZ3_&`gIjH?6o=|4?kYt{sIUXw0S=a8&QV449DLj@7zu${pn
za$bB=1*?nh*AoLA-ui{W!cvr20_;w!R;6_X+<3jE{!chIlf|)s>W=lGmN`%DGvykt
z={!q^w1q@02_2a*&x}xA502Gyxhl5hwXa&9JmoerNKN}DKD)dt7b@-5U7O*5=qM0c
z)d9RIR(*f&9dG$yq!8J6)txZN{f*;<L!E<)lAR{RBKZ|;H1)O2tST~xYEoUE)JzVx
zN2-y~P*Iv(yIy~lzKBbdv(MDUntEx-$teSPlq0vo8Vh$+>nrteS3fDLq`Cxz)w9=%
zX4c&M`RhXO%LEY+k&zcZf@vvFy{mM;HtdagUfS`jJfn3Tn|hCwD9HVt(nDit!pAGA
z$%di+*5@YA6jg%6Z+;>z)4a5^!LRHA?&pVg2;)RRr)raU&2xfm6NB%hReapPqRLY}
zC{`<u*I*u0*&ai@miaZEc=Cw?t}y;Vb?1x<tgP&j+W$?mICzqcYcR&@vJ>XHhh%z*
zQHj0`?)i~fiy>TU-cEgYi#e@fLR$*Io|9aAp<gMz;Z4ul?NEp=A;#Se1o!_p66)0i
zx|szMTkFd+7G@8$^qH4FqF#<W6v7zKi|<lVyWSUyp|`xg-X?%Mg$A*`hgR5L#;mSz
z5<U1;N!0stmCiiVY1`w(oaq!EXTCAMhR`1b_=@A(Ro@Xnhz8hL?MB{ZL9u?1ODSH@
z=x_IQ?i3``?0oWnn7&MAEFAh7v*R$vnjHHDpJbZ7M?JvH;zJu+l%hCuNDjI!g+JCw
zZViX7uXC=0Der{(LBk9T3rjWAsQGPmVRIx|dtNT=sS15;y!mnq*PmHRpXeeSwoBqT
zp0WgX+9&Ah-}h41e#Vg$js5<@wtbm^d8z-nyR5|WYN2t$5WTGe;?GN94})_(46;Fj
z>T|_SU771bghRMxCNSCd$f{pgeXoeUoh%O7f0~@j!WonjMEpz-OB;Q+<K#mp17$_X
zRcmAjE9~3+F6~1H_N_`GIK^-{fN&2adVb%FZAnmnSWM(bjjCX-hRRtXo79PIZilC4
z$Ok%0q)#7v<UumMjCV&Doe(JtFy8nqB6jy!^RG%G(-AF0J%&Hc9!L$s0rVDPt2@%f
zd>=ve3Yk>QG|A~W<1f!2vCVO7GTwPKZdJf)jo8F+cs(0wVUfIKV74XROl{6~?6?2g
zB$yy_oim&B^HL8f)tZ*Zo&fE>?1&ttx{l5O={|d^EqxP^2~OM>=9gE2zJ$9HPV)FG
zh5C_2b6UDG3ul7~2FOU02~2L(TudWpzn>MOc8{2Zs~M-cq#VIP{havtry~<n#pad)
zRfl}$+>e?DxOp`eflve7t}R-WG?a0Av)@cSu?si$#*y6>wKawP%*hq9DOEN&0|Dp1
zQIzJUf4~4it_$Pmqj;Ak#m-L1Xt>tp6dV-kGfc=i<g-1WyCf&tLEn8-)-woe**U%`
z$WQ?3qBq0ExBVAuEBc1;i%oG@Tc}}GUDPz@*g8M?JADs-ZH00BgyxPzJ0eTN%p6nk
z?!}$hzGLVJF4e^IfoZu(*71A0VX-nrofa?+!vtX3+`|B{UoesaSe#L)M-|4d92gDX
zhA!i#{`uwx4@nl}@J(@AUFX~STycN#K6@j*XufWKV^NmeLge3zB3fA)DmJ$0_)~M~
zJ7vohU6b!Nakb}|PC7IxM4)1CTZorU0jdR-MywPPP_esDz(p{8+1Tjt#4st(@07C`
zZGmq#;`@mgE6inQe2NfZ^b%`lc<Bicth3s3#=9I@g{HGyH89<lCdf=CU;);zwfRI<
z4tEbjE)!5g)VM7~bqlYo=o2n%nIQh1Gs<7S5qj&K8uIk`DkXDCK1<7Vhy`|6u7?T+
zXaGKiUd?TUL=VaTypjK%qUR$s+-nD~R-xRUL!6Rya577?HFuj*tr%$Ps<F7f6Q)IL
z^=1TGrKsJk)eGHG^S(1X`4Pm0?0aKA+TXSDE#vnO^`e=K>5NwplfJx(rHi!)iJl@W
zAU%v*YOCG;DBL9PSqr+~{q(11oLel{{!B!|jAMb0XJ&yXKhHh#s_+MBbe5cLW)4iz
zd5D$yzsq$O^U@;rde6Xba4yXerL_3Qk+sOf5CZV>h|r-&bdMsRhYhj7d=krI?0F(2
zm=MW0IZ;c40|<yd@KkSnf>1oK;^1iN-C=+wxPNk)S>Wg`l11+BnS9-8EqBJaZ)n;z
zvlJZ&g7i-;RiaMjM)xS(sY2$?;^7tUTV00)=lmkMHqCMH2Fs$Y=w|Gvr9#9!S!=GW
zLm8U*Ma0B_1zU>%w0#}Msw=WJZDS9Yz}AZN46epJF9+;IxHkf47k9Vm1)ky8n0TB;
z^Pv;VD?<-!Vy-PTloZ_4{5tQjL_Mr2I<1uR;{5!`nw99TYRiQ4NjJxpjnwB;Bfn`d
z^ETOhhNETZ3$~K4u#6G8P?jBU+ndU?P<Z##FWWdt4MA|)Ye3)^zW+Kl%Jp)4R@VLj
z!N9>uAtX?laLT~eO2+LBmMH_rx&!A<)T5Ssw$Q{wg}l1ND4XCTd>7D((BilEx&s?^
zn<q>V5wTYm6=^37gylqQ#MA{Rw>wS?)^UGn-4U<1F5=oYFE+Q@{ek|#DhHg*#ols8
z?7-A`cq=e2_>%J+`N310D<Vw;{|ab$<qZ2NUALj3cVG>JfkQBc1UQtRhwo$}`trW9
zb-nZEwa*z_H=P_?9!zY}(7;=I_SI-jAYD+3xA|pv&$Jg0Lr31v@z>OsSHMshV-XD>
zoD+}aRzK23g2A>gL$DqMc3Of1=d8q3zdwgXl!y9q$gmKwX2+nicp!CesJaVxVEqz;
zX+VLEeSTp2n$Y5&X!u+kY@7}Ie|p7E-$N@ai5i=lvSTxS{Yaz-Ae<5r!ol0(E*2vM
z3ul|lrI<U~ZrnS6TWF&IVH`wy*df|hn@CYbOq061D6XR1;!1^!VQBG@CWrRVQ}45U
zFG}(rLrHZtYyo?rUk+84a2FSs!XDTu8(mT&yiqLEJ=ogo2TxUbMAV0x;}^t4qX<Z{
zXDRZFLW6IF0xOA{NeF^FcG!rMkn^wun(`;!P^8rzW)}tpNK+3cKwb#;Mut~?&x3qV
z6%*I7XJXU@gCo-Eci|1=EaS?AB;$B*WA#Y_Uyq(8p#|y8tj&{>G8`&4AX7G$3z=@n
z<slpyE34*I?lARi?5UTE9k{;y*xJ)>bZfF?3F}>^2x@(|yjRdv-1stiE=Hm;KK0p)
zCzRCQq@v2KuD)IP=7-Jt<b}j9@aReYcTIkqQ&EVDny9X+=^0$bw?TA17u`+S(zx4D
ztv@VQ*%U$)7WMqB;gqg)JH*Au7x6WByGct+%gEO^b4!9cflWwga?9Mq<M}D&$G(Da
z1UD=OM^z$oZpQB(*(buA1>~UDRh7k=zB+#upE8Spgh+<RMz`Y(0TJaV#tAdjo95(D
zn3M{If&K$BCOJ>uRS&~6OqXXgI2IFFd~CCRUTp^<$1t4JIy+(^iH`j&2Ki2RMX23N
zBr-md>yu)Vn*l2p33muT@A{UsROfsTV*ltB?TT~XR3*{&bS4eyB*RJsqKmzZ2AA%E
zl~4Q_O!Y)8%Gdk&DCQ{Rv_Q^{TQt}$n-ajvD(}FFLW@@q3C52(OMV!3cJ0XMX!y$X
z_S{o_0FBUJXm1=G-Hc3L?^i+y4PxbtS4<sIJr|d8xbGR#SL@thd)OcUbp^%1JwbH!
zEObWDWpzu-$gVK5`YTPd$`{n`*Ivp@B5;L^s`)+ZP|YFl^7E6C;|chEb*zgrW808m
zPbvmP23uyi*^QZ=;d6S(sqj%E81L3&f(%nv*WiW;JuyH27F~HKCw5U$(RXevEUfv(
z#oIL(clU&(q!8`O!!|}n#-BfbI^cfa63<m6oHTN9KpV*h3oMfniy$n02%|2w1n-fV
zN=}F<XZ|7)^N=WOsfeq|;W?rj<7(;`=knrDy#><(Ccqp0M($?bHb<()AE8FXyq>(<
zr&yEBXeRbS2C`67;q!(1y?cJl;xkpxpOPSRG_$+kGPs-e=5A_vqt7;c_P@*2x1^+^
z$A9_MJ?cU=_~<7~w==RdquvU+)_|LG>?D{UUp6W&9eEcnLtnu0mmTFWjxdZ6-#%<`
z^9=zZ=eP*57|BO!tSUd38bvReRHE3rx}LkpNgo+}{|^XUHD{-IXPb5_%qvP8y`@K(
z-5aL0G`6)33?I>ViqGD*@Wlr$@&3#H-2RUYgHGFF9-=dhp|8xmYg68rnMRi+K~Tds
z-?!W!R#z;Kp0+71qYo`9^at61@XJ7c1lcNLHd^XT_qe5CRfst+@2X+h_aqeyTg&u~
zuXF|!JMjeCM=oq!HT}KoQP=g>nC&~PRf~&@DVdptWn~d1B_(|&_#`A2uC9sTZaKIr
zp_-I;bY#M!f?3x)qOY&7n)>=eJ{RS#C|xAP#D^zy#p`YEv9GUQ*f=;V%ge&l2}GAR
zPEPUn_b!*49WwIrD9+B#1|)CS58y{1P*p>NWO8Sv&LY(Lnf?;R;4ds?Tps8%0Tjj8
zyJ845HJkOjFGI24eWHp|v9xdP@+<eGK}W2a1L2w(k48Suv5T`q8LUr*?arSSZ+W{T
z3_9LE0iCS}RUls`+PcU|Yhe9*-Wh!S)>Ha>CGaDNoo|P=;^{+5zwd{IeuoD{9H0wC
z*_P<}U;II;7vdE+pTi{o&AHw%uu8GZx|)F;-JHe`-+ihIJY38Qoxwh`3`%{XIOINR
zxiAgW+hz(eryglO3zQtzdu6aU0=Y!`#)+Cd#A&vL=0X$eoEq(5PdwkFJ^6xOG{+)}
zZj|ga&y05Qq_2iaQK6z{+~G}}asV7e6uon&Dfm|18w25C{nF&jntKihcyow#lrU>~
z-ydOM|No}GG@^cIIJ}ORkALs{JSciZOQ^21_xzIjr3ME+n$8pi3T`cK;@$f^wmM3w
zP_^R7(eP6)HSo4V$3uwO%&9$aYHMy+Nr^;9XRKeZk&Lo1KBm_ugUunw#wfa>6a`Z5
zOaF%z7Q!Ya93&MLm6)U?$>99Q+Y@U3*_ng1oSa}g!t&PEcU&9y%XOg7N4YC%*Z14~
z5u-3)ESJ!&?+qV2HU^c>&#(ECv6i;Brta>^_4W0AOP#A%J7)$Tp3PIey}f<33=9l!
zlfZ(40z#OLFQi~JGjhGtCp9ntq_0U-dDNayK!oTWmInIV$3nD;Z)I^IVeH5gNL$OZ
zC7IF$^`{32*KMkXgu|k1t^{?vLLbQTNx3O!_h+?&)UI3w=o~B>-PP8mLV$R6zI0;g
z!~!fFGS1}gxG<LisMMx<uVd)UbOvN74p8B{l4B5n3cXc7XRG157nNbr(VsLi49n;~
z*&y;qXooHv5bP$!3Zlr%H+y-gaCMHTYrrg3S&$#K9PBvtUI~hRVsuO1IXDihD`&v5
z-ymC_iLWTKdrX39-Z2VIsN=A^6mgLSL6G|{gf9bmch8UgEyUPm5V&Ln51u`mxA*tM
zI=opEKO#xNm{-jIs6C(KMs?IJ)3xttnX{gYYjg$eM=ZRKQdg8}8#$%b-=Ua4d76~D
z2G;$dE8&DS-FPA`s>kq;sDSe^8A~Cg+o_M??_eM-o9g)Sx9=<aZ_Pc7v;k-9h&@OL
zPu++>dlmXbOiavnxT-$Gi0EiDKfga_%UoRGD67X;OB)+e%z-{OE-qJGtF80B>#5mU
zWlntLZliZ98XA(zw*j`!h~B=OH*=Iwh^IwDl;49=e>%a8@-Xu6yf>(;9mA-}|5sTo
zoU@;XcbQw$UOyL_{-VUb79!QU8&;D~@}h?POE6Mmi6#K*f%rt}QlQj>e^najIGNb^
zi3@<Wg8nQ(PkvQIRMq2H0wIQn$HU|pUMk$<PJoY3PEUV&Ev;c{O4-uVQnGN$LoECm
z0|UI!mMDaTvMMVpdHisg1O-2?5!NCZ?B?d?+DRkGk&%%@-~OCF^gXPut!?=UkJx8}
z8&6>4_Wvin<%1m1h;oE$j*Y<KzINp}@^WKBC5lD6=8e6XQMYTcxvRMpH|Jg&33uy#
z{R(X&qoZoN(S4=_j{!xM!F%y-s2$(`bll;c7>i>$Ze)aluisolISFr|H1>P&RGl@Z
zPt)%1Zl4ZraZypp@84hAnQjKuShrcL!LQ=t;^s6pJzYO-Qd3iV7+G1JTtBU7>*$~+
z(}2fYKiu2s`}e=squN?pcpMxYm{?dun@KNTzkDC=cK8w!62PU>i-ez_|J$E}f3*I8
z&wqFtB>9C_Q<z6aWEu`8<reahwK2sWa%%J1>hAI3P+>U_+_f9EyX}vcs?P#Mwk=xh
zUk!ZeQ4zJZvaTpNNdsrNkO3Q9bp2ROIReZ1z$ZGPs!3fqzS!6{_&@MiCC}VSn5ZPU
zc{7&!e_x_u{cS;@jvL%R;9G*ahK50GZJ*iizdTdm|3-i+u(G}`u>KUO!`$Wd;n0Dj
zKe@9o#qvl8=1r2n-2LC-k59eS6@bjcP17<m%7ai~Aj(pEAp4&+n-A*$^XBj5QMlbe
z8;_D@W#y!N7Gd*-wf=V&q>R6k`@h;I%jM*Y8XA7#f9MkU`|~Bz#eOIk9tK0L5WgWH
z|IPXT@o=TURFsRjN79(aaJkL|+B~Jw5^utQqfC5G09*kKjB|%6_W$KOf>-lMwpl$q
zJszUU9ASwV0Mk3Yq6!3A-Nh|wuR-HWp>kgOg1yi~?aUzq);RpE<K>^|1Zx~@Kv@Ts
zzJR2n!Q<0YGdHtj9PZ?zlhbo!OCJ=j>bA|`wqTT*;KYhcT2C+tmYyz@<#Us6VB}MY
z2?0QMv{UyO;AH1pmT~_}%MZKD<Gg0%=7nDPkHqr72?lq6n8EeZTSiXvY;Bse5Rmhm
zJxk_^J=K74H@=(-CPX4bz%icT=F>1|yAh}!&BXc3;G-C3`NMHGdrrLxaz7EdAfbmk
z|L8X>ghf8>3_<4%=f(ie$;;Yx?U2}T^w&X{jA{05d2NgX$D@~Ro~zpfJgCp7*q&>D
z262I<rMj-{L!9ks$N)&KKShK<ClncH#7W}6pRdA@)DKvbFrs2=U`^is+ok+VSxETy
z=O$l{$x<^J#M;#X?g2gPT`(^>-bOKD<--E%e+l*j+0!G6JAJAwr0&k?O)gq=k)sW@
zDn*#TY;PO>EzcFM0R}X63cY~ND!4Zf!AghF;d;JCo;NlQ*TR}Y0MEysK<TlWkzL?^
zxf?I^7CHNJ=9KJj*1B3*_Z?B@^>H)r76JorC}Rfvm3TTO`h)YUtM6R<C0vj!^;?KN
zw@%z(9pbEj9BWOqp`Teo;f~jN3<+74by!ERej1;5oYk|){|4UF+b<|9>(6fq)Qyb|
zq!{_y--oEw5wKA)(RHQ!Pt*vI^wEIs*K^FhyS4YupdU<wl7nEH-JhN?SR{9@>1kkC
z#@3JOse6YndU_l84-Xu?(+c(qJeirkw)SH$%mfBqsEGXSa-D2r^XKgUR=0A!Z)6U7
z>PF_?qcCnVEYZz5XJ1usSX!#Isx{X4<c$HZ$&7|V>vMqrWQ69ry#=e_Mo4J>r&X^I
z58Y-dvnA-;1#AH#Ibd<+0Nx&hEK8M&$5MFMyO;Ep$Ida%aB!HacKOww%O4??iJIf=
zcW7U44P9M5wgsWc1_QW*V7liO{2XujWW*&C%S#<-^_G1j5&bEF>XA$aFs05l4Z{LN
zXO(sk+&U~=!E%%XBP^N`%G9HUAyAxq9!JBIF#2rtFR>8Zx@Dh@+ADT-baEURSb$gA
znBxr|s4Jbn4n=#Etafq8^~&5@)AokMu}gwdbecgVDEII)xE(>rxR;-9q(34V^|=Av
zPo8{!Bn>d*>f#?De6oKvvcC!ojzh`Ln(y0OK_@sfT=iahW)|=9Tb5|LZY+H#&8Wyz
z{LhwhO(#Snq-FCe`0w*khUM$i^I0Cr%~s(@*k6jn@1(g*H|}AL68H5NrRmBL(?1>2
z*Va<UnI>8JIK@Sk=y{mE94|A7Dlx|HT{!2K6(#lF0I=4`P+WAHZG1bXJMyCTM4dv+
zy!^PI)A&Lv1Yzc!wfhs*m6eo4tVCeKM}SDNQ5^hiQfBh(8orf4-^I{{AD@_8b(E*S
zK$YN~*cVq-#jF;oWAmW;+0+X@)RJv$@l4T;AoCoVJAL{h3m!c3IJjT>9DQ`xY}NoV
z>{WJF0jH!SGrZFe*V9O6DVd3!b|ZhN#Q2>@i4dGeV1W|r{Kn|=EjJ5X1o}B+MYF;B
zHxW0!V6{qHIwO0dpG7fBoB~Z9ywbkTBnVk57gg~Xb`wA*7W`HiT7;+m@qIqI=){6T
zi#fK|LBuuZADCuE33}RNyH(w1m@3h{rx~QBwGqAdoDt>xai!v5>2TzH@<Du7mgv~F
z0N{24c$)UMtbzcrmA#+-(iZIG9Nu$dRTRokTWVvb&_}lNN;tzzol(>LRbz{jlyy~K
z(%g%WN{z|3l$UdEYwUa%l4zk2X|m#`@i1e}=kPvE4xDe~>#N_AT3~T7EmRLDJmAX0
z$Rbc!llQZ}0urXE5s<>v5|nu$`fExd>Ty+hcFxI?Sa%y3@UnyA#4$TEK51d<h$x2D
zr&o!@Vhcq&%42m#Xe?Q^GX<u=fiJNnGX`Cv``+)n7%@B_u>Vt+L}rlOOez0$uW}8!
z)*9_9YVHdAr!GO50;@|>brsxY&|il(`%e6X8p3gAnr?HgECX^^p*!bmbFFnJ*X9|Z
zc(Z*&Q73gJnJ%3+)`GIT+<zUqqAPKSC6_Y)SyD;K#M`Nf<u_VV4sY{?FsWmGElReO
zZV3yhLZ8#Q3u-;t_GHK!Iq>yMUkw9{i`FVak^bB*9V@oDpgqSes=G&*jLoEIG7E2L
z6nkfuWc}Wa`rmB<l4@z(q2n14tR4MYUc;pt5WHxGA0qJ$X>q7~G5yR4hxcv3(Mjj^
z+dY4%g$E2dY5H0B;jd3rz69+B_<c%exFj}s7?@tfbNL3_o@aP{Oz_9)D>Dsb0CG<<
zYTg&B+})Om8#jUbuKhk#p@Z3c+1kDi;OnNOCh&RZ%6wQ$hKH|7>~ToCx`}mgc7=rB
z#MgF%h28bqtDbAm<I*=Kn}hUTne<3Lo0``h$<ZRhM&F!psit>q4Zd>D!bADXgpUce
zHaIGxr4%yfJ`YyD2E^EiWtjIsRV<&?J^v-b6*<)03vpWL75&O4^>ezOl-0SMOH6k6
z!V;q3#T@VR04au=*c+e2;k}hS5l~cO57*v?xxEj5X~>qAxBiPtcx5VaqmWUMN2=4}
zeE1~DvgK?5r|SjU=I9QZ7uR96JFC4%P@Vp3O<jZt+EZ8ydbbt`@!gk*ZF+{R!8<N^
z5`i%`qnlzM;b<djX0~PWc9-x;uf92b3*O(j2%kXEJ_HB#nS<<KC{W{0v{8n4=k{L2
z-v|<%KcVk+?IbtfkKSWBCwZzX2oEx!{|3mckiq43+f$WUF-7$Z4icj(pa%9b-;j1C
zZG3#n3idWR+YZW4Kt!io82%Jzzecn3$1KnoAHq^LZ14+h3{;j5QAy9#Bry$*r0$0O
zbQif~<NOdZ2`XXNW>Y1@l=K^#c-&!yB_W}%hhj&!Jx9vNPn#+0833uG?-ytu_b=_4
znJ7p2amt~jy_zDFS!7G833pKc2RCyqKqesuM%N|qGox^4@V@}5g>J^>kueDTehdbP
z4~FW%J#ijNX~FJQ-ej=d8JQcH7M#O`$R}&5-9<P-GYFd4VaMd5Lnpl=0=>tBPB;Am
z$D`rL2%(G+G$<%`)0R9%Fgay0Lk%rH;1ab()tVVXUOUGx%h6Ohnp0Ema-0JyNG&F{
zw+g;n2K8L}AjM=JcunrxfGH0jEmL7uDFOn1&c9gPgy3CN2c6%8P@!ztIq|U)pE}s;
zkaNp{uzmT&vY-+GE&M~jU{T^hqmRp$ckKQk8>TcD3tV7Yyo`RcfVD)&OmO)OeBM~7
zq7CP{d{UnGWXk*|9x=?alk(MPl{Q#Q=(r{>ob{cOJCnr&LT%94{%bTQcJkq|%~;=X
zf5xqvWz=>5JbgSeI0~v`3`#?A{dWO}nmdt2s0TJIJ?o!)-qHmS5-RHL{1hQZdb$he
zp%YKduag%%J{e*|hr!tJ5jtaCg`1peD8Pa(Rm_nOuHLV^BQVYg-q(@WGjiRf*Z$4S
znMH(N(BJ><{3op}*hw8z#S*Kd@9)rAHd>N%s^9|g-{t-*1fjSu^l>ErA?srF_FB21
z{qDVG-mLz?pDEhiwX(q_>$%08aozp^-3?pd!wL@NA`<Z?7ly5&tm6<golsJcfc1fE
zpfRomzjv9shdj6VuY6*vhe#L7mtC~?Ux}Bv6@-wQ>Ng>!y`<+ACg2bc_r6|cY-E2@
ziqXZ8url;Z*yWpp<l^dvhBxcud<)~DjiAM)yh`Fw=OfFMEeOM+X9T+#)Y8$IeyTEm
z-z=5M!|mfkaZx!Gm?1#}2_36ySYozHMsBlQ3y0KT!GI>LP|w}hYGk7p6iGo;35^2*
zn!U6Z<R)tg58Qo!dubN?*NYkItqf8cwg><Z%XwuqIAl5O)U~AbH2AKMS|7KnJy=GO
z(?pHO!8O99z7j2SYO}9@6ko@NAWD|W;Q__M!!B+9ZRz^vv1jBRDLWh9)ZFeh+EPVU
zV=w1w>^MH-3kKNQy?_BkVI%q;OZQhW=@YiCJ*e8XdgR`Zgrw->%lq6l$&Ee#hYItN
zt~iDDGuhAo_PUB*3z$zoi`zj))hP+Zu2NRGMxMTD&#e5!8utK5t`UtI$9gb27v9Jf
zuoOOuUJ*4BZlw)rXkUai#PUFQrMG8TilLz*Y8!nIH+6mhN_fGkuJc0@K5*q>v?a-h
zL3?brvJq9?pu7n{!G$U2=xXkt?ImncAXee4e^IZuQsL=9?sidPwUcM##N0S4SdddU
zg9Jd8_N3^%&2A=zj?j^q^FTPJqwyfF6T7o&qz8mQnW!K5$T%J^%`8SV&xYh*I@Wq6
z1JJm=Svgn_l;$YoL}J#<)Bj}VSH3p#6eEis6J?m0lwwiX5Lk2Pye8osb~@4m(CFID
z168h72FrUL9iuEdo6!2E#!JuA3_Y#Fb3<IR3X|fzx3CcZwjs&0R4=E7CuY&y-8uIg
zOjDeuTc%e??T#N2%T_Qv!-64@KYxS>2ncNL?EJvp-*eKqcTusmG~4L9V3NE1Ymyxu
z&`?fAfXPbNZg$8=Sl8_<%{xxxUzXsFPw$HV%>g=XtF3>uJtqBTy@2{ejR{y1%9|Mk
zi}Uin_r!|mGuVmmMs35&|G*H%azJ*Cy#R-u{k>ZW!#n=24&GTHGUkoR+>|`5&2-ao
zpXMrcuB~xu?U3F+?_t34GMPIL`#doBq{BWBl*~{h5u{dGvx*iA*4mMw)=I^qNG#1J
z&RTt9p)EeE7Vyj{8({)aJ401h$C$a-;26wd;J$5=10P|$EEIOq*F(Kp2yiYG;5*-f
zXqvvh>}quNUTC3mB#s>OZI~Uj<uUc6r>}95j!HFOPK4(V_7_m^8I^>F_faKrI(^-c
zYta&#w4eLs8mVxRr<LGb@<*SQCN?GRSN4z^kB-pmgrx42UH)Yw!By8AygquksUZA8
zq)LbYqmE(AIk|ZeD%!8R_3OIr`aZMU$l2<8*1;pcPh8<bgdBHNg8Y#Tm(=Zdmot5U
z-!hMXty^$L=x#g++NW4zU)dURw_{}@8v6_hh=|M_9IhRZ1pnSGOo@ty-aNvH4DQcU
zdgE^v01eGe{TC0-wO3p5(sd570x}oqU<Q*FZFpU(JBP1@SvoolVuh%WG|)Zf26q{u
zIs{pk@G`Z9CwQQd%jZO+SU|ZuEe|hv=1ZnN>4Bv)O6J&$p7MQ*ySOGYYjEu;Q;-RD
zXJBW~^eB|a>DAe<k_xDG4Bq}B!7GmDJdbf#AU00k@UKh`-+qC?tez?uVMAB9sK-V1
zG#!4h{^V;>eBMPHrvlH-QtThDzgys|`TP3E)U#4|>~m8mLgU}{_wU;h`n+HM4`v`H
zaXR~rp+vGzhx3gyQGkq-GHTfS>D!d-j`TPBH78-Ah~fcYd@Hs`dWja*-ib+GmJr$b
ztaz1#P=T*gGLCg^mE)xkxi@{M_%Eh-T+am9RB@NZgZPY9e*jqYDlb*wrwk*kp~bH8
zmBo?n96wlYuU&pUor>v_&g2XhV0)h&mofLL+xWX++)i=}E`D!*l=h<-fJ?4rM7ITZ
z{NZ?razG&0(lB*mhIzN{w97e51zD?LDc12@qwwpGZ(l{3oi0`>V6dMcuo8h%^D$L7
zYvaiC80l+KvVCL^i<~zzaY4bspEKjdmG6<`?+|b+7`A&lLIs-rQn!DWQ(`uf0n(uk
zC=0nr0ktpsc@)1L>7L1V6r8k_dj8z9I=WXm(d{EBWEG*kJu^Qs6vZ*2qIoj}$t2r<
zexuBy87Z_Kh5j>KV5y_4YieW!0YIM)BPS=lUEkc?G-B-#5tNbEMo>Y}M@K!bU?M%V
z;v@R_abK?n{%k<VW$DqI%4ms9+f;Ph2$*gGp=r&sBjtn7ba64Sk#v1N!a=VCqj)E6
zVa0rtN>%S(Kc}fSzL#RbiBt)Zvu;3s_lN0{@>h*(4n$5qZE|}f-lkji>{!C_n!p63
znIu$>VKsGt&eL4VW*k)YwEkCRKOEY|QU>WmDQ)x*6N>u8qw9Sw7}2qERcz|`rH0|v
zd(s&mJC#MYKC%fyD=WJ362r#gtf1v$)rJT5^(BebxuJcv24_;~nMZCBv=rU!Zpx9c
z{5Tq3Uzx~!Bbt#j`dwk)?rfg_(52c!Vmok;VwNf`5h`FS)jT?*nU+zWAbx>0M(oyt
z2qYsTGd?jv1_x=cV#8@`Yj?Zg=<&lVYy4c+9Mj(K)%U&6l$z(!Q{EI*k(M(5RehgS
z=aQO>BVqmAC1R}zLi3!KqOv4ZG;jFPm?t*doV~7UH@K?yE5h2LV%aakbC6Pe{8z0b
za)6AlnW_2F&xAzTyZJ$$GaRLP;7~erYuTL?a|ty+TWU|Rpzwf$D0fXPah&RU2&CpI
zBTZd>=s`HM@ve;4nu_B$Ok8W5g6~dQX|*m9Udfv2#D^<$xW>E6xLb<;)!)?ZxH;0t
zFpK*Yd1^-y%R02mtaVmY!5&3xC0zK}P1tw_#9!XGURnN+uC*mg_dN5%GDUOmDNmnt
zcI-#F0s=4E&u@R)^Ff}TsV65^;NDYdNr?wgT1F-{Gt<Om&ponn;YP@KkA4}5<{<*c
z3XNs)6KtGb%WLWE2rVosQs;m9n36Mg5QF@k?1O)$s7m0Vc;q&ffyFKfw6u(*9Ke|4
z6ka}@{ceavtx|BT82gI0w6y$~eKhxuVQ}C)bO?82s^w^2jxVN&>YPEQjHCw6Kx#N=
zEU0=>L&{Bx1_LUQQuW@E^cwq9;y@|p15*wArh=UuO{Kw*p&ugbDc0?+GhQkY&7C8;
z%$hVOEPvD^m~gStw|$J+_GS%6dj5CL2Rou}Wn+RcR8+<%m<&PSsEO!_9ab*3+{UVy
z%F2r^d{CXVzIOUC#i0}(zf%AXO5>ns+Rwi8ciz;gtZPoX$iQ<`Vj;h;WAj2bf>;Gu
z4`7EY_qd=G)xjk2-z{(dS#f&VR~~S8S2ur1rKGvl_o$3|Q-dlsI!eP2%o?f*mmLxF
z8taN_^we+S+mIUHfHghXkB|E-d0+Rr(aalZ-gJ(?cJ$E)JZgx?RZP@fdFiFO^t%zO
zV8Y=*uH9>hWC`<>2Qdia!&Lpgnr5wl@_=r_muMdwo0X48Tz#CQs4)=^mLJK5du~><
z=ffKwX=)4{!HN-oQ8oRAGg_JH+8g6QRzbdoNu#EzZt(t=8ozVxa+Xr1?yOy|rEU0l
z9)aAth`MNb#xf;4%hb`G1Wm~X8anO@`QVUnFF^*5e2XCvY(Rnz5m%XrhrRUlOcq}$
z&sJBDoJK@lT%`0aWMBUugi5z6F*LNizH01e6fjUog^e;q4tC8SpPB*-@D5B_nQ+jc
zk@2JbeSDMZmxt=3n8+aEoL<j3zK#Dj$|;Q4?-!6LE>3y1=G>==SKAzLQNTJ0)`QFQ
zm+l;LFhQv)6|WfcEUl~fnO7yArNXiBOGZKoFIp{_@?e3DOK@U-o;Nrg{#S#-td5?v
z(HmnRSnVW}zg}EU8TWpwPF-Z4N=QJ-L6<a`3xu(DIwsbKoWGwpz2SXjwn`MWWs17q
z@8OWZ;f7EoVvNK38#P+xcuKD?t|OsE1KT}li=$vdd`(N18T<oOR=YP`LGqOh5LO}I
z@cDx_v1Y)RZuO69KUBok>TRTfjS6>b@0DC#|DMh!r|jgMK33>mrfj2Fr;1F4pdZey
z=bE$ud-9c7z9A6{4-G<b<2SF*A})QH=L*hL_d*oqkXtxsOf|YUvE~XBPtpoTj0(5>
z5XX!NG@bSTq<@#Z8tpz#hQ-A0k{B@V(EqLR_ern?1wOI4t84T@B9^+k2I^m*n~(AF
zad)vbLb`B;Vdlz$vf9AeS?SjhYTS#;qme!fRUY?g#nit1W*3;D!P0S=oE(!F98*M4
zKjr?cu9B>=4|^h)8m2kb&9M~1#SiE9sy2bxVyRSBwFO0`ECpLzdZr1YeX1|HAiq!?
zY<>jKBpq2ZN4BZ>x{|W8yu7^l+g-?A<IgFYn@7Na%QC{x@iNC1!#U1|5dJ?ZJ!g&c
zJhZ35Of^3GIuEpD2^C3xaXd$XF?w^y@7ZO&lo78<TEtgW4b7Q)U<G)6Qjx=7CBi#=
zO`<Dmrb{x<L}V9Ejf8v35J@(=C?-NMp@PP#n$N#26}!kw+hdbi67Y*)ZocW!@!B}E
z!7(j86oP9{582eBAi+R)<U9#-xwxh_Yd{bW%%^m0OB_Y1ZsYtaVuyW_>IshGB!wh$
zwBv0SSJG1wlQ0+RP&osfvmmSJ&!IBzTv^IZE_3HcKitcMSk>>K`%FUmsWE3)76z{O
z=~>1f8m58m{=?4r1AI({RKGM-74=l)Kynz)<!=C4H}1I1RCy^iL;_fVlf){2Y6gBj
zJ4<FoAilY~D&gm+ld9jO6cmv~S$Lb&2ABEuMsWU#;rh3=?8BoBW^Q_eO{I9&zo{80
ze&mh1nbM=9rQlr_v{VM~_7c|KF=(x;-DV7*3p1?X;bE$~Ru@BZdPm*g*RcwIGqYmi
zr{_|EVluTb|Cy-Md%sHjmTn^UDRs~5gr0~3aU9ugnyWR;$vyls1|4P<e^^$oxYZSx
zYU+Xs2@I@>*hx`*h(bk8RFd6}F80C+LaDfLs{c&N5+CX&WT}vQ_?ew4;^v1nXY&TA
zh<;*kZ2s!)izoNP<i6pFeRWIPXmM$X$P{FhG271QByFv^rUp^n#4cfE$9<C8QvaYp
z2Jj6hZuY|VuYkwlXE=p<Jt52x?s3+c^W|(n$@}c_|0s&;>gva5XBKX5Stlne_R%vl
zHGPtQyF^rL8{7NW$H$H4<rJo>Ya0>aY?)bD1z3l-uQAJY*o7xvN6Fd2_Dgv=re=<b
z7Z0xL*heT&Z2bH~tBp}jBaJ+oDS`r%8YW4F51?Q4ROOKjU_}WF96g>)IYGs5`)Xbu
z@8&;|HO-9y%KKCco7gro4Cl6$HBG<wfdQElYDqkgoxlO8By4Kj<0~^$<B$tqF4F3T
zn$gDqghbuJ)k9+ZI8o~r6o#=eT4<D!M)ee2Vp9i)U%`p4+>496iU?r-LAXm1w2?1a
zT5uL+1(MwH7Q}-r8O-1y<`gZU1kSyGg(WrV{tcH{u<zw;shUF|I`xACdIB<8;DU}I
zqcHyvezJ)}Q<Jb?!T`r&OD5<=^CmbKmMGF%LIvu1|A#{L69Vb<M9@@2W(kp|MIj4{
z<dsf|X5ZXMQtt_}F^jhoQ(Z_u8jaA)wQmKHZ!-~AMAa6?BBsA}xZ)dz7?vBwZHA9`
z&{-C-2Q18v!!4rUO#t%?k<ER9!Ol4yXx-O`P0;moaZa0U$x^dr?ohaM(KE~^W9LU`
zJFu=S!rDpHmyMgXXKN{d<CS`yiD1vwMox(rxM7s{8@(<6$N>>)U`;+bfjdsNk`~NM
zo=x+MrWmSse7xz|o-c0RnlKZkrs0>3eG&r390ijKFg8p(HBZdHLhKQ(SY}W6Ev#XT
zaY({NFqnB3lB8qMO!K=VVAKId&zyLjm6QEtj6Afm_jDCM%N>lQWV}S>Yg>emTNkk(
zkjGgyRKy%PyhrY(EPG?%9uFR6<15W}1{rr?A?oQ7>auJfS@*|Hb?(b+GlBI-#d_Og
zEDGD(7cx0*R0g;n)2%t?<un)+AST8QpBgry;Hth)A>5dldW|A7M}(5G*3J|hpYHO9
zW@?=Vr?$dbVzc_cEq(rd2a%HX>W_GXRZ$gVWM2@QKP3*9%iRWda!lOOOU!k2hBun8
zXV}s)N{c-GLKTd35+3Lqb6egV7pHUjkHxKo`7dAmmL+6lgpQA&{{(D~W#Z!Mdb7ZW
z1|2|x^iRKrFM@6UEOct>?u`bE0oAJv8$e{Yn!0^g0;So%G#ZrB_=!GS{I(<~`Xv>9
z)TEu2GfcQpmvVR_s&})r&(awz|6F#UTB68e?GR8f&?8f~s3=KMWczg-(;|viF3lBa
z9QjNN<zpO)dm`ICNpb&j5hve>Ibn<TKM5Pl=mGb7^!f?z|Hsr<N43>-dj~0$qQxDG
zyAv$9d(q+)cQ5W<+}(;h6nA$`Deex1;7+kG&-1?Dy?3qrk&p$$IWv3Cp1psvVdl{O
zF>05FOX<9hPcO7QA6*a`v6CvYY>p5OSkh|miFy8$N&QJ&E9(d&aXCt-(8#-nV8Fx+
z8`%8O(jjcOi9?+*u;~>gn#AYG2HY=o{=N=JFgh9~!EYW7?&;dr(!;9hj3%~Z(W*va
zk4Kt$v<hP6)tWRoCw2f#?j+wN9NdX=8Ptd-CiONeLrE$;q&p{~7Q8_D6c-g=$z7%y
z=ENy9e%g;f!5sI|hc+cY!AR%IWajT&P-H5{Hz9r{Qyos{(8TF+UgL&J?d-e)noClC
z;Ky*~!fItSa!}jWg%1N3Tx){*^lwWB!)(q%uWv-6OSF&*`h*Nr^>z2YwM+h0YnZ7G
z;xy=EouUaL@XO!a#~*gby%(t;M7xz*Gd`Ac3re)<n&4$S@wyM4aT(FjdTPx{OjFx@
zL(RcAgeuWNIc$YqR14rA3ny5IPGM1TQJ<~2zG(;!vV$_}F8TW%gv^~i1N#m*Y{BVj
z92KUZ0mys`(AyiqT$<0pHS&qu<ozmEYgT6bEcb}vKkauFb}ilBt}=L<!$s{p-LHns
zSHV9vikk8xVg#u-X*e`>6`aIry<x*OEyCzVZ4O1~VSgBq6t%WS&nTh-GK1}Ot|u}K
zS1n9R;-XvWg1~u)3ojn+7O5EV&yvzv5?6<~cDgxW-ur!TAFnkO3q<4%|3hDe9ES$R
zUM)8^&5agq62+l~6{wIa^ig^Fp!wcl!$2$d36puklIvJ9Xq}nv*qhXD`r}cREo)NN
zLp(s(otP=+QDP$O?|%qpxvU37;Sd1{(_f3J-@7c9h-Tb`CqpMZ;ojSvwn92)gxb+h
z99I`ZD&LWC;jZ^zE75QS@>t!CwVMZKcmt5-Fw!c1HUNLv=tB8r;iiVZ|K*pd-oXPp
z810t$@=Dw3a5<~NycSl$)z!?yUQ(^u=q9Se@|CwOKRMgRR>qm=d3@OCghFHUDdUnV
zwO2K+`p?9$QZ?;w?60$1WztLOwQudH5OouEc!yjFDQZ0&g;?^w4zTjtSVrgMkfdtj
z{vqO3)5;63E9Z>4wgxQVg?SKv42!EJ()6<6J^mIKN`liwkJp-@1uLTQ+tZ%r%TM0y
z$k=Me!Y2TsbrM{J4C7uz9?{wTs)v%OQ3y9rQUw&ZexJbuWHCB{v4pBieihfz#4*~q
z8+5a~$PQ~)7q&0PO(Z@E)Ac}w_7Z_N-)zgEQiy0WNI$o%?$`h?w@$6=GR9UGDM862
z+4n9ZV=KwZO4^^fOH5CiEM1zL%x^?QMU&ArMYW?F@r<`Vjt$m~8e&5i)AIR%-XT|R
zS}q6s@`$7~dS>&35eCggJ)ivi1H+~>Ti|uV{o@f{YNNs#+|M=D?;9NmH>_iTKe3nF
zJm<b*mVem*L|8F@x*eos6}j=Ml#EUZCSxFrNRCZgH&(g`xTgOBIVcn;jwP{4qxcs5
zIkqmXuFfeLr&7veE3vgCa&m{~QEM1@OYg?lMc?7ikF~gHO&Q+n|L}4YsHL+eq0ZX%
z(XJ*zdyXpXhuxm!;vcF?H9_8-hC*YVfv*LK&7>+Pa6bzE<O@uz@S!xmF+&Ze!?JRb
zb11z5(Ku^ET3`fSY2<pS#z<1+U1#MVUc&-+je-0rTqXrq&)=OW0nXmU;G{6qd7x9@
zQ0Da!CBT-I$LQ=^?!pSTEovhjVYacARYJmos<Fvc0<wctR@WGJ*x%K%ieob~v%uFd
z+i0b1@=}vXyt_sIU&3YzPGCa7RT~;{Q*6>AyNFKw#}>6Lz9K!ECE4)!M$8&Q8>f4#
zscS@%m}aaeuB5YW>naiuK`P7+j8z{^t3j-ht$A)j1=G#RIa^m{2@QQfmX(9l>Tel_
zl?4`*Q`oX{g?14M9fFKcN?MOXVlY3nwoAs+B#P$z7+0!t#FpRvI!W}|h;HnZV(HM`
z#+#k|G|$35UHW~poZ?@`+9v=SaP`+hbAg8p!by_PMtaDJ6Tl0~PK+J>!E(yKVu<)S
z3J-A!ZarT5%#m-t6Jyy>;6S9F6uLxky!*#?DCY(U@Am*bu$a0R1dqzY@bb4gU&{(X
z<UV2$ltGJgrN~M(c%$}&(w}QCc?UDVLc(IByB45UtnoBMzc9%y@vA%`a-mY3fT=zx
zLQu#=7O5;vw$ml)K>Hnp(p3-XrhjNCg7Lm#8Ar0D<CvbIocwgdj3O`jhpI!8=Q*KL
zY;1_6Sv?J&XAa$oTGAar`3v3}$Ok&0_~*0F8CeRV2DqZHq^;ii1)e@6fXBbs?qbi5
z&e!`Y#>BDBZga|Z7tIOJYzoo7NNryyQi^oA08eTjE4jN)6R<zQu4F_|az(^baj9j%
zOocAKhhcv41p-1?3Ch`ZwpWVu;R~H@*1oHt8Pb}3jX0EIUjkwby{lu!zV=;1Lh2nG
zOSwoVUcjdK?mbtsHn6(>j%QJ%o{$EBVR{V(n+?p&M0sCYQGsI39OVHjO8S~8EJ|qb
zAsZH!lCjX%s4yY)u^(B?QZ?<TBnBa7Me0~<dBd*_A1eDe)??Qv{8kQ3Dbyveahm;t
zPSQezZA!gu?G|}2#F_7AnT{MQwdbn*Tk{goalvJ+#^Q1pEkr*gDUr>yUwALHZ$Cqx
z1NM2CuN9)Cx*{Mz`bg|)82&sgd*J>5X@8pkrTvBdOZyw}IP!~~E$%?E{Xm}Aukl7@
zG1a9Ve;syO&LQ;pxcT+KHTNL|o^&lL-`6%M8?uo-v#{@EjnD_A{RgsZ?TsXi<qMk>
z23XRr7+9N(sLSC#`@3XpN+_bD0^H!2g4bsh*-J?|hG_i>pP4rpJwkVFyX6gj9$dw@
z%*l7QOh}vKxN=x>np}#J2IqdXtsSDzTN*%2-3vd0a`&Xx{8PtXAl<}*J4)x19|R?N
z9u!6bM~>Pg^j!~ICrl8+j@dX`EWYAl?CpgR8t-8$xT)YC+Qs=dk(qpWI<T5R-A@k0
zq30G)9)5J@>rO5X<ccL+W`i>NO1P%Op)F$VJf;D4!@M6C_yywGkI#kw^8Pd%J-?c|
z29f}#(4Z<6gNHGk25xxOocwye$%6y(K%bIBg@HXFeQv6U5Cm@PYZJ+7VOTQS3Cz==
zH{^=S1U{f9b7aXtv4G{8W<}>vhKUIZ#Y&9Zd`s8$^!-NVX?&Oo=Y6Y{mHw-#1RhFu
z=i1$!mEr<VJof#AT)f4Ef%*?zb;uiOqDXm3g_NSz&*6tJAlW_llVP~7M{!!9d>?b5
zI7=iMiOt<xnB^sv40kzRVkc&yRlOc1<Fs)|4Hy<+@p*Wp{~e}YHvF5t!Lh*I4dCuV
z0;(NR%ghTHYr~?tWBR3Y5fJBpDTH8-HfWLZ5$`0nD;QnYD&m2k;H!5ffV&nY8MM3h
z(bw4dgKXs0;a*zcBv=Ux;u{TaMDa{c?zbaDR{Bfxv$=Z|jtp*kMUP5QFaf!F#pk9Q
zIOQVHDY`_lHk)WeZ8F(d<T6eX9V!U(*?Du5^svl)>1=p?JSjVyO2O_WBRL8?G;`aP
zIxhHD>Lf<V=`NeQZtPv-JzB%hy5P~Q@qwwj>yB_t5ukWcFuP|;PDlp6$q|mMiW^hO
zUnxCBQgaY(NP`y*Xo{ZltR5Mmgr&-I4}{tXRdNk{XjJ#HoxU8RCt*mNZ=^vqHnkfW
zC^GGT&S7ut9*g`Z2K|Yl@R#O81P}b2@tx+xFI>^h=2$tagMsg(pz@vmI^)CL?|a4E
z`R?sQoQ_m^p=H;#h*+8~tK{D&*njbW8Dw@;g#}4DU1qBGo8(MfCv27+xocap8axA2
zlAy@Q9Rmscz`!)m)R_>%rCcj2_CjKAjw?0HKb!G0>dA7l_ryQ)Ke2{F79D1q3lJpE
z__TIBD-&BzCwV?PL1=jTYh6xPG{ji-i`%`4Rn}-&?-0^h40gt+==e+BVcr!ZAz`~S
z!I5ufkTX-~prV$23HQYIi;2Qxb%xjzUULL4p2p56rfWs0GM5So1Wt(d!6QQDt~P?j
zwot8?KhUE)V0~jxXKXPc&|mlWYdR_TWbld?(MllYc!6r&e!yF_Ldp6lBq}NjZ`dUc
z*+XD>WEzXGVjAOX<eQ!9VoYnp_R5h)(gsDei@BYH1mp_`*HEZAdb0W!#Ku>pmRE@n
zwkPb~g{^)lw<R<4cM1JlfI?AYNO@(?^eNV&HErd>JR2=JF<xizT5-P-w`4}B@!fl_
zLuw36uL$`s_Md+Xp^E65WAdFw0m}9b^W0$v<Ufc=>WX4Azc2!rVtJBO7N)2B_>bHj
zKH_2yPlXeh4zE)*7X<gE8gpDdiLlFB8#7#UpaSgf*Xta+rb&f;{;4lB;5u@HLM49*
zRuJ)9RaO^SSO<C=xbcP@Py&9?FfS3eL|xLk9XmPR8NU<B9v+&G$mIT7ON5N28)?zp
zc78rs&e^V~L}<je4XY`1G}=rf>zz3?dO?1x5xSIq{Be;_-uqHeNbq245a#DXY;d1+
z2#B$uyCydJy+fm`;?XixvE8)3G_x_%9Kl<FF18~&*B*nDa~9;rH@shk3owPl(SqcZ
zmbaz5<Ymlq)FJk+i10~CH<slsAGmt&-fG$Sidw4)Q#M&?<vwTcooN8tccx7sxC06%
zXm>0slgcPqKODq87g0VfEUYo5!+iBEO7LE+-P+ymEoT+p&h};VZLsOAxhkPnIxJLy
zJpns!&SyT?E5X_}vJ3jB9sfmJfs7wzFMX|G$r}s;4tuSR#v%93t)z{$De0j$jUF2!
zek~Qi5yaxOE-`Q0vi>f+#CZ&Xlufr!Ii0#txt;!_g?@!cWQVyw%tVmTjene>+EcKH
zDBmR+)Pi(0g#2uhVfVeicRDJ2#qF4ra%Pq%zse#B$|ogZXgD(}shtXL=X=$IZi8cg
zWd!K&Ylt_>^Bs<5tu?u~VPe<H^R`0+cjS2y*Ue1wiFLi*59R`l-xCpeGvG>yDE7Z2
zVp)qG8F^tjIzqpE|9-zcjWLeUV#Zd{`8<;+)%;8ky(g?@gFg3mayHqUC|m$ahZ-^^
zakJ>@T^k4o`1||3uwXdf;tJYW8>Cw^4=fH7e|f{`hs)vh1%7{gq$h39rfKd(1k5YE
zV?ltKOD#6CChINAJ_L4LvT+u;IY)g_pDW(n>T=(ZhGe7huju%^jy<J6mQnyB%YCY<
zr`~rH_RbeEaP`9+eLT}c>j`Pg5!COXa6#oWh1NA?KK}&GPPyi}cz{^Mp+E*c!`3)L
z5vYZqfcOW(w57~5>f2ZD=;>Th@L-CCHc9jx?ar=kOpGD^Vz4b+U3>3?mf*C-=^w)+
z7t01D6CwcyY3a7Df+;?4^l8M0-9yMoXgnkKebql`(0?W<aeY}yEc-N~8h;B>(M7~Y
zg<pTS<Jsh+ItQWi?uDbvaNlxPcIrP$n#%Q(XW?zmM@ICB6#lsX6tF)lxbR%iFk|V`
z?Rys)au4nIYZQnJ{<@DgQY;Z`>KL@k!fMq6o4S`jXf%$6vvD@iIM|{G%w%@>TvZwt
z;-yZVc(B%t_>DOzwQ*Ksq?ar0&wa%Ei+8uIn>V~X{e7fbZSG)W_(=sxPDBqfG_*yh
zT=Dd|Y@W$I4TF>r+zeIfm+7$!e2HPY+jBl3++|yEGja1u44*Fb(EAOgk+q{(_zLsu
zjI;3-h<gp7kh2-&e4j2Iu}WXwem8YTm2Xb#slGIJHjO6G(V;LW;k3~EeMJ)WeH8q$
zPak-5vG|88T0l*Gsn2U=UZLF+KJ_pB{gERzrJKoGs5&!`C!u-hL?H!s=kLU=*o-gm
zPq0kxhXwaFq|}Plpmv|Ek~+oY4+P6R)sC0QJDpH(ah?xLU+C~_eM2&0&`l=bT95su
zOpRC>ViKG8J~w_tDa+73$jpM-P-a+CDO=V)`owWU_@WCd><ES5K(WvNF=_wEZ4=V5
zn(w<1=snX?C+MD?6`@guma=Q=gJ2T(nWc@;ajieCUzDI<45lPCcCrFy9`hB~g4fC~
zAtF@pF3r2n?`;z!bv^9(YcL|qxeFIv43rf86Q%(iw@pH*RF)@DD&&LS5#>HQ-WvMU
z1-l0*qw~a^E(hPVdETQnmwsz=<VJkQI%+lfetU_}rr%+se?TtpUYLJ4XOf?^Er+K4
z2OMDElwQ;8^&fHi$KK#s1Yn4C$ga6p;=K^B{J<nGt3nHCe?krIh6$=>AQZEnF$*uj
z0~_!E%GC4QslY<xUGLdfZmGN%?C=nKfI4Jd&k?w{<fKM%Cgn1=nqVS*OApDBfF_dN
zT#d?Pv=@Kvd?umiQarEZCUi`aKjYfW0%z+z!8vF2_OyEm&vfamjn!?wPyCt(?azOM
zcL#CNRCC_mzZCw34@WRIuNXL78BS&$@Q@`orxl{yI?$h9&FNne4&nR9^79{!PQL$u
znF=-xOFP;EBd@Iay+)SRoGfjOf=d1pG7#yc8*IRdd_H62;13kr`*rus#;mwr<v=f@
z&LRAJYWz-!{AWAc_}(~>0zhaE^>`?&EzY+Ih?wzf?^w~&(}x;9zy&&dcb4+zFDs)f
zEw=+?gz;GJt)jR#eTLG}dbjZ5x^fz0YJYNY_U{byxFkEU^Ye$R0_G4=T<6qOv=#4r
z$;HJfZ71eCf3^UJdI!0zHySzCMwSLC0QK{-2s9<1yS)bR$<EB2l>3k?*3I~J2<cgv
zOA6W(W*!wcXg<i9Bd(NHR~Hsqgj~*iY&L~0Fiy%%Jv{f<1=D$3i*(Bweqp?Aa*b9{
z`Zd2W<aiFxe5;{8&-H6=PQhkIA7zT^&pHBzHvVaGb3ss82{843?imAWX?#ZV3gw%7
z_ma(u88X|wRCX!>7Zqg<fJaA1;gpn|aR(dpd)9uH>qDf+tKQIdHq-?9KY*pjW|A}g
z>!IG!EZR%-pLJZrr*bsbRQ^IUC7FXF;O|k(YR~NR>s);UrSXeXDF(YIGprXMP(CqH
zg@~|9$C3)j8y&*-Oj)|}E|4Db{cD!;9~|eNz*s6h*rPw?CtI$mdPAYql?Bef=B?&>
zjOhn<HYQVgs8{{VW8sMOsH5<JgzaG_mWS5eorB@v8~$Vp@-x*G!kEe=N~3#BPeSA1
z&3$Ks7A+?tWD`W($FSBhllvqI^93lajr#~nW82+1mbA4W*!H6(EU3G03xiFlE3svH
z@blICa#lM3={xK#eZ(FP&c#-uKrGAQm?bHq2uO<p(&ws|t^dCBIX-_M4gf6GY4hBG
zljd<qWO#x}$WN7%W3c`n*E(2uf=jb{-L`cU7L~=5q482Cp%U5b5BhJ<921(%qS2V^
zL2Cnh*G=h1*@GMRADqzbjUA<;kn0pjhn;`TF6`>q;<jCW;Vre0n6J-FeIRd~{)6=~
zZ+iW!yU@#){4)iE$GY*pAPP8VM_U%>c7A@3c5VLz>h0&s+`y;OUq{KmCO=9cKoeaE
zr4VF770;c?!UNuGjv%x1mX6G)D>&!r3xe#Yu2|xNi9Oy-?1IjRt{>_-`4N;RN6}@_
zT=%PDsgcGq;Q5IP%-n+ai~W2~r<}SU0*aRCqLr-^Hux3Hc0BzqH&hhtx;(xKBcwH)
zyIiV#D6jj%=Q@~K(uPXE(rx(vQ3B9F%{+Vh`qeF$n>+k(z4(l)AXvno(<)*}LHR~S
z^BIK_>Vivq`2LcsU$`zxd<P*d`u4I-Zy1uwaGvkI^FEfe`{D8L&Vgy)VJY~s$~89T
z2tk$O0|CKlG4CaN$>E7r`YX-KvqL>-Lu|Z(!kp$W9jk2b=u&j#5DBTFv&1G;fo=R#
zHpvN{z1{HY4ZIUc6u>f7S5`?bzvO|y(8pTQ&58N;76*PAVzNb`>{Ni4x4LGg4Of4O
z5H0-reS*E5>synWx+?hOE)d)9t@Zz0R}J>mRr^(?P`Vz=c4*8I15@_&?80hq%5}|>
z_9Ld>3rGj*wH6)wanCEYvBuM2^oHH@qn*PBsg>zOa+o;bEsWVE9`DgdaeqU&ZhJId
zZ!c%=8`zP?9Lr3Np6KSGBN~>cj!w{-6&z)SrkkhF%*TeT6cA5%cmp!Q{Jh7Xm06*l
z5k^8Cc@y5NAp(%^%f<Eef!J3-3#oY$2}IFDhnph6JTGBG&K|z~hszzx!t^VbvON^;
z1C^}$Z#YAf49?J`1f(y&5me~*h>1^J$kS#C$fEBE5WO_-G3GhsOgh=`I{O<YVE$x=
zG%%?B6w;3iY@;sTjas|l>OV6_LxdgW@pAml9|dk|DX0cva*E4`-R*(ns8=ZtMFFM0
zyQ66Cy>pNJM2OC*PvdpJ>Wj^F#(W@fdaP3M{sQkw1|U^u^h@bhygt!ZM{5U0jTxQ1
zvAi)^Nmy-DIUa;QN)k#u6hD_T1G;jsB&q4M*)9sLe28M4^D-?|22-08$siLslhAT6
zB4HaA4tQ<><|;>4Z%P?Uj}3~?G$j8Ic!{D+Jz$hbg4>eo$HE1=oR1UA$2sc_svxO%
za@1wrqzoAEUNH*D0kHm<1po$ae_;yCIr2#GeW~Xqsa5=Qn^cw;+9K8nuh&{MvMAog
z{q^v`Isa)jx87aDPHVmZ&j9G*p^P3J8BW0BF}e(%#_$rrWVJz#?YtL)iTglMqcpNJ
zIPzc+Mb*2J&MM?Vc3)ZCY2S80O55Xs&S>G!0{^hPZ8}{CR!-RD9u_fzw@}JHu%6Qg
z*@7>ZY4b30SI55Y!rA&d{7xkcpFY$Hk&@UkyS{Z2rh0H9oC##n3dM1e$?jkO9evd%
zD5qxcxQFFyFSS0bz6#j<rJB5Yy>>k#K0*`V-NKUZ@KwxsmCZ8_)Rv(7u6IM7wc8^0
z>nWa?x(5bA7>(&26BOx`_Fqj3F(pqoL{Hz<&YIGqyunN-WBD+v^n`14$tKW5aFEm9
zm45F29Y=Td4z-Hx7Z);vnbXz{hbQaC-7Ged-*0(29e}u<4WgDeclSk;xLc3)GGceg
zrP@8NTof)HMo_4jJUw=4D-Ff~lB{M!VvL<zQjCRr($pCZgr$M=URW_8e)jIqYPYht
zUmhfLl$G;3C*#=HPRk};ShLJMM6py~f+`eUk9_i#((Xp`x-(CKS1FuQtftpn%~=Zt
z$o1kx@riW=%pYOV->I>zXxJEV;S>$L;uSdM;?ZTxnoOUfK^X?Z&cKEikwwW$>vy5)
z*5W-L*P^>M=FeJLoss@n+)(J~f&=*XpxWs(BShu+Nh8A5T-?Yak=@;C5)y4@m<*fR
z7fqa61Z5YL79-{8NH_QfyiU`s<OmsmB<q4B#io`&Pia&9a<J0DkMG2H<Px5qZ1kfv
zO9qWxv9>FveMKi)QJ)G~VRT5!inF}DTFnG<4~KDs#sR|JuPAfCh%%7R(TVZxjYFYW
zdA)icME*YL^QhB7a)fu3orDVqRuM)66tu3ktgJ7N9usUuL%(;$K_F|M7{tV=S3LUR
zLlU-RJ~`tvP&-j}-?S(QR;0c*is*~>cWH4S6G_3Q0qq(U4qL$@vtb(&bzoeq1L?+^
z(VjmGn-R%WA>BE<p;3@tyzIfg%_4^TBcI!hBB(R~RHvvX?e~{kY0c2fr^7%rlXtOE
zdz53W{3%_E;Kt>!O2-<s9ARVXQ^?l#wnvXG6&(!ftS52T%YC)2oz|?kU9L51GDkW8
zOr~6AIe-=S*{v?T`}6j(IL*tnAU4gpbgtKf=~WU0D|yU<v+ix~Z^vsU-E1oD{Zu!j
zvt%Pu(03?S5nlA+7m`zWxNhzjBjO1d4ExiqVQQN85llVMQgpKbY8wb|Lice&54B}-
zwoXk@YKdnsED_g>!t;BWc27Z|iy+eHD|J$yx>7%s&`Q(nnDt46g59%F9Y1JmW8iCM
zXJuN)B6m`B=;JmaDxtEyPNSW0#cuHj^d#&LaO*yv83`pb#CH{L21_$BC_naEe>Q}w
z%H#WclPR;zI_(Bs@<DWu&@7PL+xfIs!fk#H5!LEyU57>J;#oedjN>ARYm>*_CdND+
z+B`lJqe2+;O|LNxT=0~cW?goDP=!}5i@B4jPl=7qWCsQxd)n6qkIvv1)$|H|Tx%l3
zL^5-SS%4>&M%%|>moAnWO)ZE$7V%~-^Uo04dC+5KjD$f!O?`|5ILoJ5*G4)ag;*f=
zc=-qV)-B4#&5GOeC4kng@i###y@dG5n)O!q<qMhDe1D|_m#R^OC}?=KV{(mCdcs#;
zA^TLW&oX{Ki_r7bj&oDz$8O~W;S9Q&DE%+>%|7%)oAkQR6G7`}K4Y+^SjlI=>ta5_
zGp(}HcIN1Uiv)@SMT{95iwHDCf-@ux)Z#}M`ZlIz^;qGI0`j3GnKszP37RCC#7Qzq
z`uMm~It5`gzO+wi(}fp)*n0|z-{_S1Il4o4p-Y#Z#$tb?D;FHEbP)dt7~^w}fCA9o
z_Zy~vOQ+Se(Q@^|rgOB43w5Z50Dd$1&yGfvymxcqac2dp)VR8olq9{ee+ln)P1j~E
zU)uagxp%ay)>CCPCMhh(+n1d-e?n;3BR7Vq&7nKs5{~HDg3j)q5SDl565NtU&_lU$
zmu<N<!I-6GI6q{Qk^|B&+P$8rDgwMro7=P07wRp$-`7h4=Web~Y;?N2rUEO?zVk5>
zX?Yuk1PqOdSMvY7zj3~%WH{S6{n6waV39W8ASO8OD9y9!J=4n`Lu8`J<IXatGQR<q
zzixasmZqIH#}n4gw-9yZk#5dtJ57PAa}QwKv0pYV3Vhz6T#4?(wnHF#`)kCltd6?F
z=IXR7&%khEFx_LfU&3e3k||}`aKmPjkbp(VbI2m_V907!hZ45zYRj=A1%d;$HIo>w
zja=JI;tL{8pV{r*731E}@Pyy-T(RcOI*Xi^o|J{wR#{2f5boR-D*CiTO^sQE4YOP_
zybW7s?cJ2&_jue;;~l+Qo!kV`bBKS8{2p;Qm}_VrR~!h{>~8DCsrF2-sCTp1GA$5b
zy8QU*p9P?K;o<q9h}FXK`(mh#&|cfv)TkOSR9Js>ZonmLMV9f|%Gp!NcCl`rcN{yS
z!ft9(Bj!qaY)GrQGEn{uJMi@r%ls3}pGMcK$`&tt&&{ahUyD3WtC)hEkwocr1%cj+
zT1&1@?`5~+e*7}>x6tItwQ9hwT0k>kc1cos*n-ysbxietl{;XKfbN^*CPKd_^=(!X
zW{v#1#D-X0P-N<i8xm#_guUg69$2p@ZC4yDp3ZQ)xxNf#swr&<&GaT-`zg38`dD?R
zp4*=l6*t6<MClwwjq9n6{$A&cmYpBz?gHBT%MR4WdHOjto{|c`MW-m9@NZ6?xu8Y1
z;6H4-C?>my)SWnNH{+<yG&_W5@HB~^EYFWB%1?s2D&h2Vl0>M&dz|7e7G1wWj<=s0
z6dV6i1CBMAt3dpNM{o$Qhp?1ccWxI8q>P(c+7lC{PfMMBy%uR1o@NfTUi0K8eN?w2
zx{n=?sG#Pl;bIp-6cpMGo|ViS&2DW|T6#EBt)}JPnFC%G2nM*?C4RzU*>IuPKiA?Q
z#@Eg5#D2fz(j-a=rT)-kprgR<uAQbz-@s3!z}P`82<ZwR%)(y3t3ZZcwdg3W!nu0C
z>S+@dq0G$YxV7{k*i%(-Hr{Y+c(V1%J(b=B^n;E^&H0I&aAcm$_$7?r-f+3U+1Cx|
zV7DD+0pVRD+@%zi$RaOb250!j_}Hs(2G76-s;5TL61BO?Qi`h(1ng<Ss`;a|2%`pM
zPhp~zj*Y0Hpin!;Q6-qt(1j9<8fK<@!^il2?@s|-qYkm%jNnJ@wbEpiSdmLLFv8Sd
z)mVC)C<@A3zbGW|HZ2T3S1{USFbPhN?Kbd*%3^*pB-ZzjuGxmKN7*xZE|5^vwg_lQ
zTlH|3NB4c@x-%!bXSFV@X63JYbEF#ihG~X_>I12^M;KA{fc@BLQN8w3kjZ`6r7&tv
zQzOcQF+eoQCYt)*+XU<I<i3=)uzE;{y|U^4ul9!+Mc{$$dGR922yZv(_k%W?tf8Y=
zBjWELW90QTWQv?n6lz8ilOSW3kqR8*y;)zWbO7|=UjkqsawXfJao$m`ygMBJ+VG+n
zA<+$SPm$5tLaS4Y2ZVnj7@-Wcl`V@WB*FV?`<=lVw^-6TC)2c0F9@Bzi?DK)weh|b
zX9w%uB?J>Ls)gs`MX*axIrd5Wv+dRhkxqHpnejXYa}WOkjG-{6AGlU}y7Gpddg`yI
zj-Q(k05Su#XFdC>8p0igYFkA{d4O!f`K|8H6wR65TCd6OQ!F>1r@21j>AK*vqY`CF
z1RqD*yygNiS%Gm{AS)BMs@vM|Od$~Myza9D;U_Naz6wabr8s8`)33`vbufvANPl$@
zmZ5k`2PSUECj=s={g;C3ob#%07^8q9t%jk|nG(7{cW8#0^bI(1rYd+}Rqwb{X1B9U
zx;`5+y=8vL{^BjAt6Q3Oo>s<dFV9ZjoBbu)R$z7lj))7?T%Piq@|0NEdVlm4sF3#b
za0knMo67{CbOm-B{Ek$z*dLqfD#}Pkr**oCR;@3|&2zBMKgsD?7^xy&Gs<scotFM5
zp^(sxr4&$HdzC{rmj=)$1&g5!nDOK%_m>R}smaf;ad+ghf;k=6NNMdL``h!Vpf=43
zxQV7`FHyMCQ&~VK2?^-FBE`Ujhqcp;G7aq1UJ<IBSG#M2tp41&6lBI5gB^7-T*+@w
zD108n3DNd+OIKIQ#kI>?EZ5T6h2cY2MN6jIw^3vgzzZ<V)_)>u^MCGi7pgR#4)jZW
z7lD=(OxCGB5*=#Y&80hptB+sAi*Em`{>>OUE)M*(H+ws|X*x8s(np)C&S_E?)`2^B
z9fLD<BY6c41#PpfFHi|#vzpIk>t+YjsKBc+UIFxshXp+x&Vz;P(-cJyV}h02oM%e|
zLHC&2O?GAF6v4qCQ|x>;GjmMt91{UuQ3AOdmtF4|y6=nyg>~n}I#?0QnWXQ5&YRb_
zYn+v_o5@;E@K-W3bdbfPhYfk_vmE`AU?Ks67*k&N(NUAE=(YQxND>Q>UQK;0neGS=
zu1!Xp&d4Sc@ORqh2YE{9&P=teS+$#_yug0`JxULTTyn;o5=Rlnnx*k#DiKYuk1HfN
z*_NZg^{`iXSpS;!+TlRgQ7WnPHZ1q;wKYuRn0!(G{@YcCq!*zV=AQJxq~7avt#msb
z%G<PM*84O>x7&{wVMyrV1hy_$*ULJ%i!nPOyZzzfsX+=^1O+Grjv5XTe5=wp)H_x}
zE@Kt#J+;=@AL&k!$p4ey>)}#9h6_zuO1G;brfDRcP0w=Y&TQ)2-y{swItOXW(yR_o
z*XmGl=8tqmd>!Io9yg$q<rgf-^aI^qg9mHV)euzOr06~t7}cCZhV72oiD_4B4|G1s
zv25Ud+}^=O@G)YE$=fBeIYEI}#XzciRm3{T{ncm~=d&Z%*!6QkEQ(WN2IA%Svo7f?
zTV&JlxWAw1h-gz*Qx+<y-96reL%e_Ad^uIq%hs=(yEeCdn+cG+;?`Z?922-8^m^{X
z&+<*`Glh{R4&-sU#y<9R@p5<F7k<}@gA_e#A-xXK#fR#<C6+{^=rqJ)ouA~*BsG$N
zQPIc0FlM+0-xT(_NM-<;RxjGKfViUh!rf-&sB3L#bE;~;O+5IUx5<g`d@s8D4GafP
zR*a8tPf}}JR7WZg=ZWLh5G}WDJ-jR;rR}=q*UJq92KkY=<+-We&&jVecs$)@J9_@s
zI*q5E;#0J^_zwqO$eSKb2@bYw*F)O;z=g*@W!C#|OpU+R$cEM-JNfVUn-|+NI<&!8
zQ9_u7>}d9N7rj|8@llsqw}j&>FJ&yc87;+#Ev&M&O-XMrA-OzR!9_uZ&t)=0koI5R
z6077Hu!|@_-8O%D#QX)nGcD`><Jga+q<eUhsFngRpzHQb2L}kvUX;_>&lHk*rS{s%
zmAP+b3m<SCGJ|ef1X?{)6XbN$lZ7Q_D!tD93b7P}W0a@4o$Y-D`7yUrFiG6I&U!cI
zhN@gizIp6KH+8f<@(E_<;v;U(T^tQfsV|A~u6jMJ?Gn0W!kPxL-*wH8zIhrb8>()z
z#z7O4UwWJU!d_wnW7E7ziMDIT1yy`#5xiN8R&7=hflsNHo{mwd{&FxJw(G`w!}D$*
z0;(HhveJMY$*Qfn*=VYrO5np(F2^@UFTZ+)0ov52-?qnlSq_bg602~K8%t?tg)!$J
z{ewN8QUlese_HJlV!=YC#(jbI1=^v{-=j(mHC?<D0?C+Xudh83Vl!dq@)|D7@tSsx
zjQ1L@Z%;@KiENxNpZ_ZHdn2avfyGu+zN`?=X#zD+C}ok*>^U80pApWy&7PNbfY~$H
zxBJX%eAhWH1g$oraI{3yM-Io^-VJkWUBiRb*G<XE0%Hscm(iCwLxj<NTqMJ2xjOT*
z4|0umtJVdb+_8HkyRV@PXTH@jjud^dxBT`xAik%?EIare`a5EtpLL%`|BRBmEG}OR
zy)fx6exFIA-My_dZc5cn<GIMv@apE2ACb~ee;$4Bf?M9^8XB>BP_CtVM#W9M<sDV)
zU0l5}{X)e5DXI8dZ3cL1(dEsVWRulum>_91M9R~tE=)I-u+^kH%;F9mV`}2RfiX7N
zFI!KK^k#{nuSkm=N%Sx$Ps6g%;<BrX+QMx0b(sOK0k5*vQxYo;y~X*Q18y1xYb_Oc
zroXPlwQaFrEokw#VK4@*TXjw%xNo|FI!B^GFJFXzB9>?F`4l7=^@TuNYp(aSLH)$`
zy;4+jHADmC*@~Ps5H$}KFkKxQ-j_0{CfFJ5mJ)g_vVQh}lmBAVc0`RD*S#)1@-xl^
zr@FIyW>mjn{@JS(qSL5xM{C*Sb~O$|%durycO7g7luG;%Z!toOr3;RG-LQnz+HH3)
z+L>ZneG4<Vvv=6*GZuV%q!v8x;|)X3@v%!t6);%1Ub(by_eJ8@6?k}kU{W@AUYKrC
zJgK^zSy}6=?+Px;z@Fo4wa8Ccr@a9g?r&GbHz(=hWg-n?&Q%hhtSpR1$-6#>A1Z2P
zJKc5Gm|s$}0%8x)a#@b3(p3PX+TN|+b+Kn5{}eJV(xg+7Ly|Cm&v}m|P08$0g(7((
zfwiKyKU=Tp_Dw9qUMj!<wA=4)J4UsU47tW+xWrkK28d)6$M9rKKhQ;TygueED<n<G
zhhTa>Uyj*veNv%Q&^M$>8N!jnR5%zbp|0m3p9t9@$To5Ei690<QYDRJ(~WW*B}<5!
z2T|daY?$|uZzIz<#tlUrn$nEEE0{rH@eisig8vYpz@I^67_}R75N{T0Wg04>Bc_@h
zahM>7_c@sn%*mL*NY^WHpJl=HDIc(h>;dZ(7EI6aCD#r}tLRhR=`xi8TThXc;UUGR
zFb|BKL)pEf{^M|d(13hfhQI;Xo8?<8WS1(?{!kA)zIUtFrO4;MZdfQ5C_)us!z2r0
zbkX>fW#YjEbP^;hHo%&p`EHqH%(PKvmd7&59g2T#ZoRBGKe%3bW6L)mXTbfvW}$DH
z1M$vf;nLFPQ#sqGwD<L<5rL<O%xi5m5#$)Z-LFz`6!E8keyzi?Je2^9V}jix`}8Ry
zbx`9(tn98t?a}V!t9eyd-BAyzc7bu5bu#@s2E(SGclBBIzA?{xDdsnXwERt2^L1`a
zY3+|g45;^A%c5OY-_>-PLCphvICj2HnK~y-0)KL&n-|c!yXU0*)e-7#*G!BjLN_Cu
z<>1iCoGG0oX~rU(_|G<GroOjlfhQN(?+3}ds@HwoHQ;UqWy27q2_V;wSKnBBw3d6<
zsqGqp%G1YDqayak3wINKIy(I6P1R|Zfk?T80`AOgbx+B;(sAtxI5a5Gq^0>+NJUL(
zhoQak^|GkfT$hhYGt7%fc22F0hd3VWkIJ!Wu;#K;F%BS+S#a(4YV+I@3z}lXix!-!
z(h6tlf`ejc{D8_+vrm69-X0M?+CeiyKILU0<UD^-aBh^+8l1s&p5?BCIk)5RfzhfL
zCA#g=AUF2b&KM2p+F5V8ljGrzIVMNa9&D)+;p1XYh1oKnFaSm$(VfYzZ}V_JR=bIb
zpF5y(c1rvj;&~8)tfr6L!em`Ad{A0i7fv?G{ex^wA*xx?2BNLHYa-{j6C;yqNH|dH
z?D*s(SgIhDtx4OXV^Z?mnUptOxqIt{ms|5GSHEEUt>$Nf?C^tGMCMg4??S3l_kHBM
zm?`P-p<#5~rrk&dsnxrjVfU`znksf%VFkF>w=Z0Jju+4Tf^S!nf`?(hzmc?DEgus7
zM32p{vEPm2<UZkB9eCzx0(CYJ<?-|u3(|CRZ3Z3Xc#!1nLlYMPHv(D%D~OHzg?n7Z
z@;5gOi|{CE1I_DS+n2S~FKaK+VLTOxj_KZyLwY!@#3Wm$W^nh(OZde2#r2ITZ_go_
z94-OX5N_LFA%IcT$F{dnegppB1E25NSZn4kYx8Dj^VA=n6rj_B0Uwdh6I3Diy@p3l
zR0>)~`fk}lfmQtc6}bg3tJS?a<4IGOx9Cpwv&fYfy@A8QMxs==fpLB_qg28A(C%u7
z%$Ob)DgJ?l<W#zJ13+Rm8`NEx)v4NB<9v~$v3sa*V!mL2Xi^R<BOBYfKKa5p0@k-R
zf01P6)7~bO-PzlwY0e5(NGRKMu;>87h7!A`oUV0QKR?WyM=IYWjaig4wp>=H#H_V+
zXY8-)K8!)Cxo*Sh_~*vW+!3s}1}9O?yPK+`URh{|biFT!X~iol`lU2X(&;(8Ob~hS
zw1>|(`vq;7K)0zlQJhF38&Eg1*$41~j)%DoQRO1f)ntM_!b<q#3_s_63YW9HESAO{
z+eSCUVxQJL#|mlZjKuWL3pvi=XSA?8mh!pVR)p*i8LphB%N+OD%qlK+2Y=SfZ-H~8
z@4+<=+3Al<CAg%UbEC822)u4TQU>hUY3M%q{x$GxTp4_^A=GYdiZHadvY@N}r$7ST
zl4mIYDcb-gr&UKyJ(Qheh2v1<0^L=pe)Q(CAV&6g&@04K3wd149R_ioZoE2PJ?TN7
z1j!;~--&E@$&y29sQ;E`TmPN2|HK#uJT#ujp?~$?uP`JUktm=Jx&MCJ4*q8}=uiF`
z8v6R@9G3N;x8%^Q^xt3n&%ed~9oVuu^}zRY^>h}PH6`Wl&J$U1;b#h+Fv+&7mzzAs
zdWC%Q7>9RzjE3@|upa;)+SG%zsKV6aJ(VLBSaPTm6x7n){6c+L#6h{_x^$f*MjUF%
z5zFJ=Cxvv;4zvDY1qvMwZSj;Jqmrf%RIvZg(AyHLfBw)xm7YyG2vp0l$4nD1!C1Qd
zIW+hvN+GKqV;){NC#&v>2_Cos>{+R^DGbgE<J7~v`fjnBIk{2urF6`K(|rTde4h2u
z^%eYKAQLSJ*s<ycdp>2KSXfgki!)>rn;xs*u`ThpT8esVnp5L5X08WmGLs-PH!-Pj
z$={m?a2$#F<{1Sm=ckjSoj=`hjgLDD@txT{j;Z-fYR)jn)2Y9=QGYFJNm}VM(uX3M
zxRF>u_yHLKvvSLqyXxwiDh6K3k@DsRN3j2`okQ>bLvP{K;q~^V$LD}fs)VV-G1=dP
zi>mn|T(~AaXg!M4)W7l=&A?|}b6Q=1hgEAn*BeZ28nazLIrQuT8#WOTVM*=!=xR9Y
z&RyttiT=ilX~&`+Q1C0hGmGpO6B6mzWKQBS=afyIiJ5^BM_TF+<p9@tGd&<G#xb|c
zp9}gGL}_|DZ4eMkTAtA{^!kU)w<ECQS1>7qb=4>!F}&jVgC0SN=}4=VQ-B+ouB+rj
zbLS&)*gzQ2y}&<ib7ERRnM@`q)-@!`!T9kS-Ld%w<M8I?{r|2kxHw?XX58v2P1Xdo
z&nZKdl%z|+{wSwQcauAVOJ={ll%exiKr#7?9yvm^whf=Ftyg0T39oFPFr3J*<*_~!
z>m5FFvaRRxm-Mg#y+Tv=WU}EU?vVZ>nVt+2MCf=WXu5GxGE53wA4PrZvaM$^7Nf$&
zO`SQ~_SkSnlx8;_iYq#^UwJ=!^jHeWbc}?H`^QeCO*?izbDhCQYeUM~*TN=ddi!S0
z>p%P$-7AKT_?b8J75jgezYpEa!MC;xudc}q&hR#uLnT|V@Eb@fDMDti%fL#_vPXS*
z%o^3NHiuF=_BU5HrDf&rTpgiv4~bnj7r-Rg4UM#tHuD{aA4~R%e5J4u^9pgM$=vea
zgxYGH_nz&o9wm`#W@f~EI&!)W!nbM4P8-1S+p7$0KG|W5j=}AuQm4mtbu#|`q2W)x
zZvutY;@$|};P*M13=B3pm(4c3YOCV`g|Q|TXjcJ?^ZgOOld_ovhcmncW&bB|`ol#e
zbl-Y=9}d~?PFF`>;Sgz>1-<XSo}ZX9VR*PVnysmm2+LSWa%*Um(hK?oa2~q_`O=Kb
zgOk3hvh0^aHLxUf5k?W))IHy8EYdCRQR?yg#HacRfARF{aBMA97^SVVVJs_a6Hz?n
zV}Pu*$&E?3=@}@V|HM08R*g;8bZ)Q6R4bO|b(2yAo$uZpeF$?=7<*R})jX@!;fw7o
z#4xVxTz5rfq3#CqHAhRGPm0I>@W_>58Dy`|ZFYDpL-EfB^zSw$1W&Qz<>ieOIxtA<
zFX+7E;`8jnOK4_k`A2`|fMe0I^9J+MmQ*(JJt|Mbxg*Y*C?c&gaY;#Wlmd%*+!5$0
zR)do`1%OZVv+hlXWTp{z6opIwpm&=C8UkZf!Rf4NE<bOWUW*1bd{NVuI^N*j4(T!^
zFedgnl;;0jqBS~ydlS7mg)8D@Uuo1hVeF7`4-c)cPijqs_SodZK*^^9VJ1I=D~{C~
zdAlAuNkOD!pEk+y#?gNPUz_yRB(tCx_Zb7^r)IkYtr$3Z?%_79@Uk)+ifkp$1KZN)
zEqkTxa_YeU*`FUUzVlEVotzkd<6?Wg{gX1~Z$>n9^v$ScH6yXGJRjFC++rmw5r0~J
zh6mfUs3k#-R#`<`yRZC;A=BH3P9f40k=MU2!9&wr?2~j$xt~wZhl-K=+Ol?$IN{KK
z>|%^UN%z33NV$qihVrtSd<P~}Y)5S(UQcUhP0xKR;*Ixk%u+0t{H;=ByKH*Bzvrb+
z_mR~#HPrO=6(#qz6}+$z>`;RPF<zJny%69O;*-+n@pu=1A=6Pk`)1dY=ILv2vsX&F
zX8a8^um7LTAOt=Ad$R{9cFNp;v$|`2dUW)?KX#i4LxzOv!+?yZbH>`apal!-rM;(W
zISL0^ryfgq$p73A452|wI2oEGcvzUAzO9aC8LFUvA5GAeu^p!>vu#PRwR6PM`1e!6
zBebJ6xQp`b?<g*I&A24&%~H72x6TI7qf_MgN$hkf==ykgKjNZSIQoz+G>qw4Ggfr@
z&GWkjvR;aO$k8dP<2vT!SA4KzH2u3BN`tjC_{jdJ@sZthNC%(VOlaMhbjgp4w@?MH
zzId1D&rA~?*jMnKN$074g4Ai|b41&J<z+mjXY~K<^tTD|lYFAmHWK5Hv|$TkI=n#j
z_|tyXDL`TX+Q6?5y4aS^`kzY}C^jvyU0do^l#gC(sz_MHvw7@DvHLbcMMLKqo7->!
zCRI~eAw6WM?9O--(w&Irj#=xeN$5yDemu?u>dk-_2a~FFH72rRKGh`5+8UUfHuLvV
zWss`j`M)?avu0m8YJ}H?`ro%^woHlE5Vo7{ui8}6DX12(r?Qss=Yeg8Q|K-XDD;(b
zb$)C&8*}y;tdEjJH9db*6X;GK%u`TtY`(jyPHS3gSsC1%UaarK5J_zl8`hic_t&;8
zvEm&_26f!yx7vsc1Y-Z_4JePQom6uHk4yR0Elf^bb3Yp^<BfHSZ3y<dIJ98Jg?e6S
zaPu&6IQz>|-dA&94y83dm&`>_T|3eIll0L1n`&TKJ6-P6ayLG?0A&2gHodh6{t^lU
zRCyJg5;8k*%RIN35j|-#<`mZ&hvg{r0Uu2DSj?HKEb^#<%qx+ab9Hs>lgTLFX++CE
zKCpjEJGiyu?|!aNCDLrf7-P#{|1~b`QIx98VsFZ(4(N3q8;{liV$<+d=lHnhhGiXE
z@y!q)wu~K-gS)B@4h1@7_RRoPacQL^i@8D|8K%S^Edn786JX%&duwle=nR{4^;@03
zm%b4abBchB&EQ`j&T||-keepzm09nqxn$yZ*Bg$X9*l58TI~WeQn#6sO!Z=Np64I_
z@+@j2nSDCAzY6BNO;&GH0ersD_I?~!z!|C_FM`9LvmXt4?6c<XKs6Ex6GPBQiD0d=
zGT|B;$@t$KO{~HuL?EyBuw(T^E3-?&88c#=uFsM*;4Tc<UDq7ET_a?#V_(#l^RBn7
z-Vwqtu#H0ZVRQyyXs8L!9flM#4~?g|V(a5m5P!!cj=><jZrC=1BbxgJ2x7tO$*>q+
zJ3qKAMrB%nhxuu#`|vEsDWA%7ku<eF8t{~u;$0)Do2p-V3-b6KT78rAWy=;jeY&*8
zX#kUQ-6#Xn25xehjg+d2QR=?cBXRGnGTHVLG|a6&P&Le4bBr&IntLvg0mIc=wwAY|
zDy!}=(BmG8Wx!deBYZ8Z3-9q;k#JWHGfl=@JYI4vNo%T2S3x&}8AXk|jCzMk+-7Ow
z7m*@@TeTwf>Sjiiz=VaZ4Py#g|HL$4bu}R9<Dk!ZDG@?etI=>)5bi-Iw?y=Hvj*YJ
zzc49!awO}2?_W^Rz|sUbDtfJ1eFU`uiVhtS_2)w0TWZ#sP<FfhG-Aw@SG%7-U=LU!
z)OjdXuJkld32dq*eBAfp_U{@M^X3(1URg*hdl-BUyIkU6Hz`i&_yTksU?LHiHv+Jb
z@m$0xx;fWzm2UjHnzz#*{lI0N*?QfiMB!_1pH*sJ`AI>>qzBi|6HLy-V*g`2m3;MV
zD@+oB>xH1^uybkJZbH!mSt058X#0+v<`|6XIGe;Ujb=`sXS_;-H4%&c*{eB$6{lr(
z1+REy`#_#`u|XE=V4Vt~%J<n>lUb5mDE>OT+<GTemFMwubfTm=p)_@TlI>=>MWK)a
z+sWRLD-e@o?quOQhh!Z<cL{GsbPH;c08biYdE2~<QogLUHAi?b^}|tH3-NsccU8tr
z(%Ele#Vuam+WDGNzx%h9cxod5?=d3OgS`Jc51dSql$6RBch22VFTaO7KwEqk0Vm|~
zoRb@*QMEfAZu8(1ks{O1_R%gc-D0o0aJ|#FGYgK^`-p6eO%Wt{IqtPE*D8xpI5<K<
z1?#t=WBj#?A67M8`k?$V4qV~Us0IF#TeH0h<}|str~`7jxX23B5p!wkv^KP&x@r&^
z>dwN9HYPV;k&$&ww%|fM|KQ-fZO!l-@NVyTb$bc$FmtmftG8~*<m7Z{W>|5zw(av#
zcCjOUW;?OkF76T}23hS1gVi~0A~M^Mxu3r#q`Kk^C?rj*YRvR+f=Une)s#3qLq9u^
z@d)M@JTyj4q#=4-3?TsL9)2z~JMP-TAs$Q7b$s2=ieggNDV)n=V>3}h^hEklPSt*F
zAN%E2anfgN3*!MXUFEj~1@KXBwd8t$O8jHND`2Go*v+N}F5ZCu_W-s!lKSrv40EbN
z)84lYRaxht0=eVX$J+rhbHL8WO&j^}RFt7wR2?<g=SdrfmY7|KNT=1eD~G8^95fb*
z<JxJ2#7WKbXt8p`-XDhc>XneNyYOr9QJE*^;#Z>1LYb7+LW`q(M2aJB{7%(I*}lJU
z>COaE`zMm^1Y>Ub@vzS=h~>8EmkUl<JlIV;F>-nu-#s5LiMcr$1@)4mIIp=$^4530
zR?QE^fboxVd8P7=z92`T-~4Rp?}gL#CLoRE;3qCR(_%E2PPQo`E}bB3YiSM5+`#|x
z_~fPi+4!rOES#hyztCGzB%*;`@vSN&Ybrjy!D{bhvCiuwrz?}-T2x1Ect`Fp$2r{H
zOojMTT<eGB{B3v1RU!FA8!;2mb9$ujsfy6>|2fM34leZZHz09mX>n|{4|oaBde~(B
zqxG#d=Dg~2U9-?Aw{xogs=AMZ1sONDxjmgdb@J=_O!Hm};Q}{&o0M#wZ$cpIt$nlo
z+;s}civs-*KAY{-$Ej?7lfCQ8lGn~Jjo#l^b6W@B4D2k5isM*?%L^$rw<`MoychPl
z;8-nrR}fUbFixANcDa+QG+pVP-lR10mT4ijJArBEcGVL1$4P=pMD#i}v=ogG>09gL
z26Ue<^(w1qzM2mu<Pz7e8GrP7KK_4ny=7EeTNgGO97=%##fp{U4#mB=TcJpCcXxNU
z;u5TAakt`LoZxPO;O>6YbI$jEcZ@r3e&k0+vUm1cbImp9^UU?k?x-hcSvKm@<0Ed+
zz|fLGZ40c7n#hNBtnrUdW`xa?IfyO(-X=b|#ZkqP-w9-JbASB2N=sMd&o3${51V$$
z8ub+Kef9nwOG;!P)D%ako)$6K<838Q+*E09Jb$j%cw)6#;z4(!Hy_GIcU}Vxv8b}-
z$Z+l^|0IZg21-J16IGNEy}b5ZJfv{$>iR^C#J+0QrZXh;ASsR~%E*%L{}+(sALE-s
z1PMF6%VP9S>g&{x$qB>jUfl7X9nxt(i>``}3UG#l1pgd3^-^56by~;P?GkApC_2U@
zh-wK)=>T&oc7L<-O=~mnzp1sf!%NkA(DWM;)rCYd9AxOK<&fqzS%vHDwiQqoO+Yop
z(m96NWdcq@eNAm`z`I)CJr0f)zE_Tp#=vWO)sx!EAijT?VH!{C^$!+Zp1|gVc0mk_
z0V4|0XeXk_oI`Yx;!d2-&hB=@Zk%h&J)xxUW~n!OcVVQkb`9)2D$-L@4k?v~3r~)O
zQ)5(EQ)8@NPV&};a5O~FbuZ{0q0y=)^`doT#cr#Iv*PY{+xhXmsK6C3*jpQl2urvZ
znp4_YJ$q|-s|iHqEcGc#ZMj*rpK)I1_(UW5UCa7jPm=R@>Jv1?0{kL7GHm#t_e8Dv
z^9|OQ7>|@6?>_b+5iY3PiotFxGZJ!^4`h84MEoxX$_;<Sp1*lT#k2_#&i1=w)#U?k
zHw~rZkH6Ud_I$vPF$RRkc%Vppm7{xi{y4OK87$dbkbt5spmT-p{^yT28TJ+L{=tE%
zJ3G36=l<Ky`v+MK-b`o33Pm={&QWZkdrm?{3zT4yV2LauM&C3fGbRI?vEaV6)a(-`
zZE~1504XsExPq^&+U@9`S-PLUP+{rMqhg#NU640F3G=#q&(J{ue69fq=%9xV%;#?c
zK+$5K_JFQ&Ah#3cgmCzLV<(F?TRdo{)xtggl3lV(ZdQ|8wE<c$H|XM%5M+%mRgjf~
zQ9`~CqdJ|(GZG<_{fJMA6F0fM+W%^F%9MK`cPjpRdwK$W2~4^23Sv{jr*51m`2TnZ
zD~<f)2Yied6!ql@*dT*<<0N$BT)w^aW77V_W}{dvaD3eI>@&A?G7;r7e_6c-ir|U1
zo-Su*S(qQ`n&h?&+MnQD3VtVoOcwmZoGo_i^k{gfhgHycA#L08I|Xhd`hw=sfB;?A
zzC3Xg_H)E=sY#Tww4)Ra8hLL4aV!-t-5aRnvFmXo*|jTuZgIl{(>T(t5m-N{!3thn
z;BwS0W%KENmz&pPL*MTmYO2x)9ILkCpI4?7u@SeLTxYSK4*q<pr+Ewh>9MdqI!D#@
zwOuPmP~bvql68<kNbi$j{<(dv=_!*{Wm1EZmrw|^;3Gng?_t+vst!Ld;lz%5)UN?8
zZtR2bmSnWpwSc?3d&dfgq_E<^@MevETrhjFh{!Ke0<ee(KMD#c?X)(xx-$8+7F=Du
zNJ1LdYqo!|PcaH1e0iwy3$^pcjVzIf9VlY8o0|Uiii}6k#=uZfU5~M)n~yau!X?=w
z!b3#h9~8uh#Gu{0S}MlDHE^#_S`Kwh=B5&IYP43CL1MsvM)Dn&&FNTsb8yrn>u+k)
zbdr+({>6ye5}XUHCkK9&Zrom)7vGnpYqW%SrUBnnN%HGZodxB$f2i=2=U2D`eR@Nv
z<)PgZ&iH5Xc6+(fj%dJ>#d-;k<sl&ml*J<GnBHK@Q+%~%pmR9tJu^!;MoAd5y`a<=
z2|*P$w)*!vhVxA7A0B_BxYc&k9`It<UDgW<#N@vkJeX2RT{=@en37vr;_w6rW-{$<
zN+fV`Dlf{7GM+U;=vr^Je&{R?HWYk3QcSMx=a$ILA*F1G%S5i*-o<s8al2ttOAZ4{
z^6P-><l^SQn_GW^n&_Q{q`MZGvSIr9fhs0<_Xty~>!GIs6Vk0JF^;Yo2W65hLhrvk
zF1voR_EXS+V4FgAY59pqfBqqCqiY?Qa7CEnX73gAVpTrpc{^c2v9yN$*A(B0<jFU2
zj+GsFGv)BfS9kKYRuKKl)}%a56RIppwq{kpIwAey@%nMFw_LjFgJD!{QtpP*L20&;
zl}j`TXTemgYMyOb%^zI(<zd$uz+TY5m7?~bT)!%~*|%sW@BJrtJ@;@7dHUI;*^6ho
zqlfdELGz`NpRs~$Y64hqhyajHbaB5EXS4O!GU&);$bgUD4!KLbX-+AyC#>XBthGre
zKhZ5ny>%3zMc$n@v1X+Wzrx6^xBG#;*;tTr1*5-`R@m~}e`NP7^7*a)t*})jPW8iQ
zG`-ZQJwUHBLO?g!%r}V9uJ_h6_pitE>r068Dr(;G7%fQ}l78a@f5!=4+6UVmjV`jI
z<D&@f1cli$U)As69IJYize9se2EyIglCVrqz_`XSwx65|y3~x@+hgcoT#j05aj7Ih
z>*C9gWu#|p_V8+tYGgBk1DF>NBO{~dcN`G7&ap<9e}I{!S+*!Y)NgD5A=(<W|IHRw
zDfvT?o+rWS{;w9l_o%N?qlE5e9glp14Q~p5w;+@1ap{g`EaYWD>MzN%Rp&4_cl#rr
zlmVuLrS=zmqrY$~L);VVUD^%!ma=E!-<!yq&Th17_Ojrqe;$5pPJSP~yJ*>1-nhAW
zEN!t4h%m5CYD<UDtvZ9n#XT`L7A$ynA*ftCNun{RVL~8<j?%ig7R~i+2sbZLk>6}r
z%2-qIz1Kx`Wq|o((0eyUI2N76z^X$YQ%F)YM)aiWOK^0b)Xk}Dp@F?_p8P-N6D~Aj
zJ{^Z;ZXy0<#U(?RV@gSHFe*juL=4H$idgb>^sR~dM77sEOeLrMR}W4^t5lV%*thYC
zM5FVjYN}Tl4h(++rwg9}<~W7!kBDq6YvKh#1TXt>X=z70&c6_D9O4M<XnP)_zIZm~
z#|$UYXn&QxpIp))&qli0!U2l!o>BNPN1-^^_c7m40S|D#3Y0s<a*KQE3Eir|u{L4s
zT+h5Ss2tDq6@=|tF{eCPi`N3Va{LMEt2jj4hIe-?G7iskV%6Y%PyvDZpX<##?o3J3
zUEWx-8P+(;6qy-^x2ceMH%tW91_)yXX3=^J+%vH=j^*zG(|<mF|Iq4oOy266(em4w
z2;;ZX634*rJS@GOFNnnt;VuIHkD#)v8`lJf(J;6hYJ3t~vYFxNJg!%krBcPs(|8G^
zYhr6gau1Ne&<qf31>IZzTr1@Ncs0Kikm>ggLsgm+Tavr``^`ge2=J73_%cc=^6kLj
zd}=tjI2_}Og69%3YIwd6{(kcqEUP``AYv4EZfcvda>ZTQP6YRb>ox(K`g2-upO`ER
zOvl>Yy~ifDQ+!jD1gC`VJ5tAk)mMx5-`T=Ty=sD{V&_G{`lJ|bZ9eB0_T>CKbFJ+Q
zRdG!YbTbHwq@-;=ur%g5eSLJAlCchTrf>XrO4Kt2U1E92RUst1UytAGZ-Yv}+NCPB
zH7wo7b&_Y7x719On37gVU+IfLicMJ9N1e|EibT}x5d5rZ@OCDT@N*XfRHf*cA{gE}
zM)B@kg$V89)A`dk&N&HblyfQu$~e#vrvi21&q-j~ammM-bwWEkMQzwv6|QDPLh=IA
zh$3HmbpLw@UnX~AoD7HL+Ig>gix(Jt(!VboQvTG!82A1^_jWwUMiBE<DMy9fNq-EX
z0)Bt4T2;P19T3wTM;O=h40kk%dBMY|t``(56oG00k+!dO*^Qa^89%VCD*kViG5lQ|
zkYvxLt({d}dkYz;Q#Z%Nviau*TZ*A#Ko;|F&=$!x&A$Us$Us#8c#aoV3J?{=|2BMV
zsGt33y&y+$l2I%H{(k4Dx0a-VFzfw9&gIcQ8}#^Kx`x{2<77G0l+tWp=5XI2d-QE1
zn_zp7op`H^ofY}CEUzH@;x|Rf`S(KEDB^mAw^iEP+Y!c<0yIXB20<8%H%%&<I&mU!
z%g!`Ny2@!e6PLRawC*?2QwLP<qdxfJB)SHjlzz&P*k!qJ8?Bac(ScL>j@>CloG2jA
zeyd=#p_l+QKrEY&fBzh|Ny*I-r`xvq777-2+~%oqfQl6Fv?W|8{n!;U!Jy+_2J0Cs
zjv|wLyvkkRdZcGGDv8?r8HMxg_#PG4K5F$#BStr&!PU{sAI%gAiHcYohB1Yw9z|Ty
z)+&jFkb&3hSD*gHC$h$hbAB%WD(h8gDY*xrD6C-Es6#aG#8pwmsTR?%?u*x#_4_5E
zRD_23PL%-y1rzO!{_=qJb>4~Ew)1f&k^UTtf5!96-?5b#{;G{4-!_iE>dvSONl|sX
zR?)f(5B-gmpfWMl@HVk(m<JPE+If`q&4;irox=TK;0(riwRrxv?T!4})y>zNZL&8w
z`U|;Fwp5s#n8w<jgCQzEwP`Joa+@{@9F#HpC`_k#JKp-+8fAK=7bC}oZ!JByX1;MQ
zZdM-hqAHzu+}!kvW-G=Dk5<^&AHif9cVxcBI%cy3)YD_HOpN_BvkW4pl!oD6$P#;I
zVp<Ll4=?nPgX<b_C)RCTqo4}j!pt6z#MBQmYk3KV7JP(x767!Uks=4Kz4fFe0NK8S
zXU<NWi&m5X)aM3m4<(t+d?FFi{N`_yB3Ae0vB9DCPb-X6b7%mDw;i93-5EBOssGrK
zAZ*NDQnR;NZV#kW$Yf;DHeV)T;^by;4i#QiILHfnMS&;<0KG9GnbA=cpBX~wC%#YO
z-*a&O>3lDxq)S^y@07ICDQht#5IY!(otine0c{`XV!}lbA&DFn{^?ejhtTt%33zG#
zYcvs!Y_@j;*+!nOu`P=Po~5UTP3sw@DO83SFVO-iobbdWMWsdWxT4zONre;@EMXz7
z7-x6im=&23w^F~w!lc=Z41)LrV;iY@Rszj4zE0b7MCw3JjMtmxE$iv^UXJKbW?k8?
z4)_?*n;ki+<7TArRz$JzHJ3KjGKq0*H?`Y+vU*P%pSDIsRb3P=fBudV^nTePQ83k^
zVx~;88(aCccSO|>3dnD90Yr1^fpfj!$;%{Mqt&!~Y+rrR5r}rB#RZ<p!3>q<bz@(^
z`KtU10um*AU9)pROFzGT8LMjpc#jK+unG;XtT5P()bW@f%8k_r#FckacFiV+`HXBA
zOKxOb;bXICW(=&^2~o2M#+TQz9zD9^sR=4;xA<aevB@eJbL8t-cTa;t_ON&V$nr&(
zCGr)vt8Dk*pI`5;Z)|@M6SqQp3FuZ;sB#dZ#i!T8sMP5c4Nhge2}o6bJF{uk3IuE3
zy1R3rmHFVd5$QdQfm}<X`&%3g$Na`&mOnzjEz>;cn`ft1)5bk49jDVwEI3v{h*$G^
zL&(H$*GB_&P-4rZQGdf5xf$)V%|zzgjjf{yV4{GjR|n;jH42;2YTwaIaAuDJ;7z5N
zLCzDP0;Q|Vtr*rm?k;w707+w!x;l4S$>$Wldy#T9ww<zvBdrKT)>BR-)q48@a6I+S
zA*Hoh7c`Lk4wXMh5wtKPrE~6+*|9JYG^k$Vbh`~Y<N&CJ9oD?Aq+HBdtg$J_Lqz_7
z%JyL19<C_3LjJ7MeSf0>exLCtkK|3F53<nXTXNFF66TNlcbI`bI*ZRc%qTL=Lo<ON
zz>v3iPdD}t3S>rbSp_YA(ii!ra(gttNxEMjhnn2oTfvZ%J`y%mtf`#p;X%a9i4F5p
zG4KL>1(#uU-EDypT+zrBkMp18N*8}+@2r(S<v_UHPpd#9vkdcgf}mAl#o>$$bL&#-
zrQzsiwx(uxetg1HIW?HKqIdU5Dhp2u$i>eqhZ#s;*fb|%fEf4(r`wSBuMZE8=D(VQ
zTC?C9dN2K~>KP~Euv#ApPv+2JCiPrUTleVMzv&sI%EH6ZTkl)=jvp^6IAhuPnSU>m
z2vr&_yRS%-d!nHt&KIb7FX$s<FiW5Ejn|hUUpLCpJ3(Hcd?F@4Q~msrjg{{vqo+8I
zw!%_hqa{!b_;2hGty<6m#`O-Ii&fy|<=s0W7DlpGaD8XJE7=>4uCd$gp;s%bS7TJm
zO(Il9kIz9a=D~ATzC+mpLVsUR2clVjck-cUq=PHi<MGT}Yy`I#)(uOiS^FvB5{6TQ
z+w+|hcgC+jG$Q#4H0}wpR{qRBKt4B8GSEQe7Gyup3~9pCk^LBf&+-k^J71_xru+6B
z3H&nOr<j}%8-%l5o4(w-htox~1LUr28&nrYvqago=-!7e27GpXecC+|uzyErMStUS
z?bP8aW8z^H@-!mcOsSLCl5b=c?TI)Dx)3PB`P#F3w?my{WMLGRyx8=#RVR?yvD|BY
z%(J2+s*Dfw{1HY_Fe&yB@QeFUT;u??)X9jIt?nZ)Z^o}PDUnaH_Lm^+ud#?uwdVee
zzlERRL_O5h#ed0vw1aToPhPn55lBASqr{T!8^7gzw6Va~d05W3u}w>Ro_o(h3!^k6
zIKcQhZg|(ieUPf=yjSc_G{Ibp*s{y(b)p)rH70vqj^i?;4uyc>Vwsg-&OL=7s<0hZ
zS5VNMd)eS5U23;Jl2lZHO{`u8e-_N^c|y8lsD{>w2SzMR-C}Lx2~KSqTqj!LHg^cm
z?BT+X{x`z7b22SBsz?19p?=@d0CMfo4z$Sl4EsT*YCzwKJCz_ACdf3oO<#S*FdM4U
zK}W<Ui2?hxg|8l9nwMxlub&|y5$;w^M%79JS1mXvQLtFN^2-{mkjdt|*`&FoR42GR
za^0r=T{j7AY$vNbh714`$8n#b^3g2`Wm}ZV-FC6@Cz`~dB$|efriu2gmcS*Z1Rj|a
z9p7#ed8cy-7En>o!O?f}o2qlduvEr4EZqXsWis5ohf#BywM}tx({ggmOsmlqTUS@C
zj*B<G0?6h|SuYMN&{e_Sld%_E*jjNpdfIsu%NUP;RKH(NfR8`)1l#g0d3$@)63^EW
z+hh~TTIAhI!@8!NM~_zIDKjd23Pm9$SMj92`(k?hr`7xt6}hOoB;?()U5hrf$+GGt
zqezfwivxAyY6tCGW}9m6S-IRg>>Z=1J=HR~=!sm8G{M-$HvbB9EvU@CXB<vQj0zxn
zUa*Jqa~vK{%TdjFk!A^^^ZOMA3YOv@X!%f2`6D}&+Jbvw*}&#ddMpXif9&32>AROQ
z5D+~Yi^j?+s35P54v9VSR$mX2!Pw*4|5ZgH)cGUjg!QerwMi|?2s1H_XX|iEgL15g
zreke0p?^#ZYiT4ZEe(^AyK5Gs1hIfk!?uv0gyu1Q3K!ZQ1S!Jx=BKAv@0JuB+UjL_
z^eu>ucj${58npg>A3x1(aCFitGFu2N?u7y8V~3x;zAYNmzeu!jI_effZmn{8VelsB
z2qoXj5MieeIdYL;Nq1(tLMg~JqA}F*A_s4Ji3`Es)g~0uNTN0)0Z^lU+yiQSspFKC
zltelnYuMh!n_Llyh_E@V%U4Z)ucV|pa5kFpuWxyQC!m#f=-IWW;uUP<T@mrG;9{n_
z1~6PTVOgHjuGLUW#h!N$kEc)lqy(sWlAiT5`%3q<h{$y<NzubJX0y}1eT!RYWMv_3
zC_xnwaN~V3gtzj`eeCE9CTAn3Smx+Q+VRw?l>}&S-C}k|BB&ntIK&v!{E{Qb+frP!
zECJ(Nj>~Sb-!)o|^nRuw?r@VH612%8z(21A|4{FR(u@x2zN00U`fl;ms8frAC)F_=
z#nCv`hRDWdr&(h$QIluP3#c9L*vmr^_1F^NZif34G7nPrxuki7tE$f1$qIS-eB<L3
zUS^hO?}TC~hqU*2?&wfxuZr=-B9btE&`LiaxaTjbfk;ICxPl378n9t8!m=MGz^%pl
z2UkZ(x6(FA(e~`=JJ!1IabHLqD!0~>6MsWs(^%Y{XB8UtME0(E0kzO;KXspp`lP07
zI<p{}iLr987m$DAO&5Jxcwvh{PsiF|9U=n2DEYPqb;8upH8LuDjvGPDp6r<W#_L9T
ziKmD3hZxY-B-02zjK=cA=A40>;nWBWeo1S1;jX~|I{>(?7rC>wLxj~UaJQ4Hw~6IT
z(0{}qmmsicv?<~qE`-#vHqj7??%dWS_>BAN(|RV~EajplG(yM=!7-x2n_o;j+HT$z
zwDuMWM|T~ZS^|zcP>vx$6`7hH**9qvkUAmT`BZAVgW(S6g|2dvgU9BvI_A0ip0E&8
zr1R@HpFVZLpr(FVQa8wh@UAs_oySCX_fDs;n&M_MlI#kg;h{fn0>8hUJ69@*>uK>h
zMX{~OyY}~t2M9bKwP-F4#i+n|TS27s!!aNbT<uCi)1r3x5goF&^sg{VIk;gH{d7ro
zbPjhnsYi9^5GmDnDM$?5>YU-Gjj6_+?alDwm;@WqE#D|soyz|6or!fUAkm2~cq+l7
zb?w62Yps-7Dpv-D8)cR6V$zxjK9MGCtR;JUdxplkm*++t0EvM$cIB_CVm>PL0(N@&
z8X9o=wnu1%l;ZDGXW95$hjGEYc6zf)+8S~yR(N)Nx@?{0o1#%h0`*M|XSGGqd3lx(
z5|G831<l~77@>A(&XsJ^{}EdIwk<?oQ2$rc2W@h68g!k3Lrkhkd<d4;;(F5$5Wv2~
zzjwK!k^H@<4((DSkZ7Cu6Jk0L>g93SNZNqHQnGh^V(L2$-}Pk9{7jAt_=P*rxTdA7
zj6f_p4T!#WVe80+btQQW<+;A$ZnyQ2RyH7Oh*`D9hY5=8sHCDB8TOc66IPd`uhK=Y
zVNneQPAi9+&a{~s`&#~Jg5LVdGPHFmU1thV-NG$DkqZl#s|Wm9^E)sh4{OP5ko5wI
z5>#Z~9+B>auX9QF5S73R)eqA~z-DHvJ`)=K^+7)|P!`izu*B4`oJ4Wm{6URlwB6&6
zdP=40^?3fQrTg^}f9q)6XWptEQMRnYVE2}dqocr>d*M$C+D6VMS$J`ZwOkuS;F0gn
z8JbgyVvfZ>g96J{pncY391W9}HEZBa1kHS1pLFUQbZ@AcN-|OoC2Q7p#c!Xec*iI}
zC$`3O9XsCT^t!umln<}U-zFOxnaEqd(46iSabsDFdX9Yrl-9@?_B@|qAb(_GPag+4
zoDi*rxyVr^j#ypI`3-jHz_7m^%bzVR8IKtNQO1tX8KV0TN;Qcfe6g{7>$^*zzE9JC
zu7zRw2mu|k&ukBD?Y$p49Dif|a#7Wyy41I4jG<n4Iw`>TZ{mL*HlyW=fMJHZbvl#B
z+Re#2yVjK$_<=KqsxQa6p1_^xbabNQ?gQSdep{y7rQb_W;1nliBBQ3p!(dxfW8R8X
zZFak{+C41ZEB=5BiyAOM{fc#N(KNG^e1X^h<Q&b_x{_v}APrvMNLN_?Mc}F82K>$`
zW;azt`nO)}CX!b{6*>7mK8TD=Bh5#AAsGu-FubvmK7fcvQ}*yWpPMg763##NknDv*
zsFaLnCF7Ae(OPRK4M<IWA?ZF?FXmW)8t=9Yqd{o3J6=(?(&39sP0vTix8_Jb99b4Z
z45-I31*hKln_z3n)fK`cB1}yx_5EBGKFzBTqzvtfrh6YF-YmY&($d|y|K`aX7GF1W
z=f1%>(+0zFvOB1J8G%N9=0D)X?+ctu6HlT`+&%}n-zgLpId*0wx#2VxC;^N62%w?4
z7?WHNJZcNB%5zn}4L2ACnD72US&>u_CS+5&ZiessYymKFA~8L|d|O#<Qo2K{=9RYx
zRI4+pr^RENr+G+~KQbQ|2y7j5$kxW_WxOUklmMVL*=15+YT`&9G4Ld-kN>%QD~_Rp
zJkF@^a566jR6zs+%!kl!z(;kdnUS@-du}$?n%*I;`2r;f`E6!-oVP5H#<eTP4~sRQ
zzlM!e2B|u`ItVN!OBP}S+A5o)(<SLttRw&fvg2EjqlvOcEbW^xQ1J|$<@n(JmP=!3
z$qm*KvC$rI9ya$^i~lm2-4YVwFI#g{N6&<L#=_>s^!TrH)S#QPe_<jrkZA!OIXvMb
zg_?&V=q}vHZ%1x%<dgLngLKPz=HnvB`$1iZx~e+4aFMh81{m*L7)`nJj{3+AjN_Iu
z7<c+k|C&cRbwrcxBG$4a2R=+d<AG??z<?vf&B?xjm3-R~&d7$6+xr}0XrA=qX^DX0
zmLwM%N9CJ7a%cKR)doJ^9ld6(l0>xaAAedI&nm?v9^(-dqf$Hnyvs7DX0|52j9_Pm
zHB4pR>IUP5D$BIyC-pTAPtUs{XJ!k^YH6Q<!&3!Z$Jh92s(zkzQ+gkxpY2ntsk*d5
zzW#!{jg){<Qgm@xFcBJO#dCkzz&hc4JR2&NWP41JTDId(afu33|GaQp*V#vZh;V6F
zYX7jK=ny{g^Y;a2N7(2&x5|L_t?ZNQDWq?9a3)otYj!+ybjcv1QBVB;fNaDj7`FEL
zd2tv7sRJ!QmxNTfM0OmABgG31t=YH(c);YKm8!d5`g+xQ3;U$Dy3)*~EjhY?+t3Is
z)#)7PkqpJ3()T{H?cmq2vi6Zgknj3ZmLUSjiN%|wBICePN6Oi=E^w3cs-qD`=M<ST
zI}gu~nS2gOa~&ikx*gK%Z2_R)Nc?oil8ZONBkD3B*xcfq6PIDHRLu;6{4-k;YDJ2K
zTdrcJ*m2_-ntQ?CDH=CsDoiKt&|ZhZmh18qYK)vIw$BRB`GoaXqjg3PHgIN&B-BiT
zvC)M6410jL>;kPL=gk@lneBfX%85ug;yzF7Mgkl7h6WRPKKKPsFJdT{qWQ;<*Lr2j
zaf__PbJw1Jt1jnw_7MLcrkVGVBYxwD`v<QFj}%~ZVFOo{dh}C`+^o=`APZih@XhoM
z+`ka2R6WY|6bnXOEcPBaz|H+rgIy8J`CuLUWY22g_mpdB?yC5gF6lAuG4}M+4Hx<g
zjY`$S{GAEI>JxN4CgX(oc;SH-r_9bDBXtkD>=M3caFN}<62)o&_hsE)Fhua`X?4o(
zDoA;-%4lZXaE9^XFzqefRjIHq_OmB*=g{!*8;SgQKZ@Z0i%*hM7F*XiM&wqvC0txM
zX6q^T9{D5Ow&E=qu;a62$U&Xj&^>akYzAw({>GSWHV4K}voMtW?(m4X^k|7_3G7a^
zMCD$QOLcQRt2>uD#JF0)gyE|EY>!dHLqQgT`)_Yc4IqSmvBLSmq)U+vJv}1t-ypn7
z{fplIhc+s-Vr6?r-Oh#IHjx!t!(UI)m~90@;RF~-YGx94wCQijVfU4ataXiG(_?@@
z!^B->9`=qo;chII11HZ1JTEJL5fywLkiqADbKiuZsC+n*wfIbaj|3oP)#QZ$m4L+a
z8;KaK**nemA+HpdF|S;qW6IILP2?V2<Q^I-2sp>QX@@WTviFDm&{k!zC04N{p6RH1
zc_mi2<``DBpZ$7OK|&Fh2X7>f`6X80Q1uSXIT6fYGq@Z{#=k07KMla-n|?^NCCK;1
zu274TDcm|<ZZbA8IltOhnVXxNG-uy)=KXiT|C+%a`RA|cCjt2r25%yxXkUQ6iH8;%
zd|qFL1m!`q@YYWW7RN^$!Vd;FVe7fYg-Oi-LRjpHNzTuTv(rvu+O$T-zcK{;o)J2v
z=RMBzqBVBmjFTH#=C1J%?QY`Lm4tVu`K>$eW%F$3ayN~rdOwWljE~MeVaVY;1()RI
z<lX_N_aptn`cs%EnL722o<7yNyzb7~XodCU<TBiwX_`L-%kMDGTvCp<-_Z_F`8gam
zR_sE5)ROAgZK;R6G&|4G=-n$f>leBeG@n-Xs;A*$GXyz!$HC#U((aWyIx6Sr=-AkE
z{BV7!RcFh_#`f<-|HU-VC5`hSZCvX|%W-x}EZqSw3&c;EIj!2p(iKLQR~%Itx@UXi
zl!pA7HBl{5Bxv`kpIVfkKll$*?{a%LWX8XI9z{n4arCBy7Vr1z(tQ$I1?GaA7K+G)
z*uppHcg*j|#zZLDl3(XqH<nQ98oJHp2IQfJ57B!OqFGz-z|lb+6B_)bY&+Im(RTgV
z4K}lUF><zIOp^<(I0Mq%4@urCr@SOuE3CuF$<Y=yyBy*!E-q?;Zn%oI!sh1Gt~>?)
zG7nIU7Wyntm;|)44wT$vQD`xUF%n}__Bd;?rm9y8Uwx_3B+cBWoT?Js9`Mz|PV?rf
zE?MZKt#FQoqB(&|-;)smrP(I$d`i-ai+#8=pMq_8Bbmamz3-7gH?fwV2*qC%8_^Rd
ze0#jXdIq0M7k}#5ifP_dS+DQjE2dRG-GVAyYI=X^88p858C~4ZIa&8FLayKht8rYH
zo9u)JE&bR@4~~ylGb~!|H(?0~2()A=UiZ5H@+Uvc|MJxE__Tb-B4;%tdyAn4k$dl`
zYh?(BE*5)3@)WL?aOfOk4Nr0gGdx4W@Zh*Tn&4v;6nCcm@NL=)(=@{-ISY|;ANF|+
znNp|DxZ{0XeVrAUSlI3oq=1UyPn#Ei+*0)T@)%xrHLcl<8gKke8zG%b8RE+|tSQ~l
z71Z5RHUYISV=LMM(~fB3-?Oesg|ApnXs=vR6_06jFU5=a(k5ZbO@CIRUQ^RcUo#7D
zg5=bn!Wi5Z0+a`14-PCHot$VH8FyZuA6HtO!eV03`bd-iab$nj6#zRK?-^Op6@{3O
zQ##^;oS`f;6o^8^Zyw~P53se3CE_;k2X|=d;+fU@#Ss+0S-<!s6x3X{6OAzgHYOI?
zb*)!^-DZ&H8dkDWYw@B&MADM<ZqKTzX`*;A#es4@*mV6I^|H(WmQtKwRLllSXf>h&
zz)lwyf`+uWz+cJhKhx<=!+i6RW@pf%mplOVQQxfTY`x#x5MuM-b0PvJtK9NGjPw=g
z8A<y2y^gO-Yt_sxFONVSGHe9rf0NTkn(pcpGwU)txLN<ZXDZ`EzV1lRD0`yOG((jw
z3m02|q(q!_m5GCGN{9<1?-=4C@WWd~VtU!Ky|>n&Qm%!C8J5-gFKe^KS7>ppf-5pI
z!Nho|x&~X4EChEka=dG7=WtZd>yE9MEEm8uIVyN88|3pi&3`HS(YRUg;gN`vJ3r`W
zrG|S}uA3tclwS+J!~WOgkynS`%U^TM%yb%hiU&c-Es-ab|GNc3x2gX_^#A{Jb$^`z
zOzymOZB5M(1VTlZ{3d3+>vXXBTH6!56E90GW=VfblI>t|W#%HRv87{lYnWHUm#Z|H
zM<O&VT~}iVDf&An*KFE?K~L_gSi{ey4_XZ}Arf|5VbQ<1I6(yRZAPE-rhl>G%ahuX
z&r*@1SAlYkR4QKAlq~)1vrL_^v$EGmbH#Z$d%DiJ=|3d?&vNco)6HAF;1!ukpPru1
zuCM#&2U9ZxaqFpksU@!QB@-2=xhLWpxs^s@p3ngYwd3(=X>k#xlKJLas?P6L>*!vT
zaQR5FPmaH6$e_yz2u&d(EDoN#x(&=tVeuhRE9|VA^mp;0rA};tNrhj!c$Yan?w=TJ
zPqMX^hbHFnI{o#T1TFgekm}zsWky339@$TS6?xdxWrQ{oxY8UjflqfPlAp+2ojC*t
zN5<lchQ7H*bL#BK&EYs(tI+d8RYs|9L<Bm=S2j?wf>vspYI>%Y5V_Vr+RolcLnq~*
zWGZ|;CO$z0y%|2o)Lx`J*f6bhxrAuNC44+YzN>3x8(&nkmu7dK#lX<SAe*Bh!bV~)
z1y5sj#`m2~dvlA&#r81~n7mhRoWT(Os?-DmMK^xVTeI*r1qawrWo5+jLA#}8nV1?x
zBy4}o%&JWX0u9aGqYGUG_~bG;s3gM(vNE29wM!)}&pFrSHD8gzqM|gWDei*>Mz)rj
zo13h-bM*lHdOA})wY4z?3$7Fm<$V@QE=`pZWjltSY3ZV7OCIZVkqNNXH*!B){fPWy
z3Xe6}`mbOm8cWntKzq&%6LK}sGxCEXgN#Jhj2<hz13gbfb_XQ-j}bVOV=C6laoD@I
zy%T=t9Li>qEHKsM)7E;K3c5z-B13oE+$LPH4qc$+2LiZLb4lb|R`PbwBsW!T<A=q|
z0>cCwI>#;kyCb~LK61Js9Bi!&S*QEM*B!t9&kSJ*0$RUERL&!KLl6PjHk3R^_gA||
zH7HxhzavgnCT<;OHt9vCZCMI34P0GAheuE}zVn{_vOy2B4cfuMA*8>2i;f26Lb}lt
zU5WemSn?wY*s1=Z02}`<C0O!8+R9*Rz1^&P*FbBG3q$La*ub~wnp#G7HW4k~05;@c
z?KlUrYg<&nL!mO(bD+o4=YHs=etaQBz2W=4wPoEO@O-mUacsKX|INE6QTbqD%KH#s
zSUFXx#>V3eM-ZZSR@eE0u(?0)?o5>tq?f+AzZ25`Vs|dvHX4n)khUQs!)@v{w%EQN
z>f|=8l<qFcwj}01w#)sS4{Tr-1J(9cTxSX}$T~pU*Em_9fN^rl6pg(!bxllfgw51R
zz}Eu7oqeVc2u7+(_tTNqUct<R%jCwl-&&1ca+ef@tb6z9`FZ?Ek`<3`_YkhHLqK9c
zub${hx4O^rkLMdYCsLH@^0>9F{N`LIstJtU5vI>>J2Dh6M3QSOVazqMhVdUt3FGD^
zF0S8xqh=fbwt@f#XW{}Dxl?(B@6v_)H;*!R=`Qgx4Jbg(crNxL)->VhBUko39Y9I3
zt!Hp8YAf<nTZN7V{&%F@2KLl;(;M!E^!SHu9ID(Vx*-1rc6NUYr_d-eCT%}m>AWU-
zGZNQJpVfQmqg&pdJzmmD2Z64XYNJ~v=QZ+4p#*Y}-~!P~RLq3KcgR(B$%cgIds8or
zYO_ubvr4=ggCywI`)}2Pe?+NMHj(|+=0!50c56~^%{w#KWs;w*t;z5hd?y^yEJAF5
z?xpxDlQ^dz_z8d;*bE=^^LB9On3UgE5qe1S`G<wzbQ9dum=;^O{}^Cm)64h`JQLa$
zbA9Ho?s8D)n<Bxe7HzE&>5ZY$&P*Uk&nV{Sct7&Yr0R;EPgK_5zZSpjBg<|K6-Q=E
z<`PZ3YJz|bZAW5K`s4D(CLY+fs&Ml&vo?L(@J<FV2`qhL7gNLTDm#GE{VaIBM`z(3
zVv5r$N1bR!&dNw%lts9OQ}upY({??Wy&_50l3ti91!UWlHV{-w-fj6pXzL>9i5%7y
z`|iV{>8LE2_$StaY-ge;60pHzse0U(^&QDA-#AXq@$ODUh`a=!Kd4s$dN4?LY`@`2
z0KmM8)6Y`P>;A4zp%iZPwzFukyl<*PYDRc6%bK8FLIx<e0<)@}!*lJXuaxVF(Q6@H
zWXyS=dQebNsXxu2*7>+5HPXVkpL3(l_aW`o1Nr5gDPPox0acMq(8CcqbD_YrQ-^#P
z>#Um4C@oMC9Aq70bVxMN_2x<-e2{gI{nAtLs}Bh0^)Au+qNYh)np?7PN;fm;I>7D^
z)4sj}&w#X>SM1tJ!MO}9q_TMLLxyo~K73QqoVG<~>i=e2KkwmhyxZ`Jogwn9TK|)g
z!X$UKzi^phb49>%>ScHwTA%kk$;n)YiBVA$zzI+HE#udeEm2h&OsX|D%LnAEn?mbI
zn^FS>j|HWNufm$YnaPTCekyN+A)AV)A4rvxa=O-csQ?@$Kbs%74Pf;XFW1&GD+oT`
zR%5i@E<icP(B81s#ny?G?Uf>oyb2gUE7XG`Re;?4qIVzCWUr@D-6@3(6KzTZknRx0
zCN*B)4*Fn10Vq1!z&~YUqivp%s{!^B>T=$CJ0<2lmCjvHs82^v`x&5Wn+SL_#qoJG
z`~6=+FL;Odg6-e?4+eOnrd8@^QtheM;#OO49UICMuR}0lJ055&$&@o?<p-SRU&nr`
zOn?YD-s{C}sIX~?koTZqU{KPLWu<hB%bf+KH}<AxgVxqWoSaZ?m@gt6oC<z9Aik9~
zemvb$X?pjS?JLT~Q>Y?(mVvxoZUaSPyRf?Eob}nqF}(RiH;b}XIeqO9p1E|Zz?|c{
z4XN*l5z2E<LVCno;_FzX3lHBfB1ZHR;~G|D`sk^GP9ll;bzt$0w8mQA#pd`boSf^s
z`dGEJ%Ny}S`!_(`P5)NL{)?~y$W5TGm_oPv&tS?R5V>|;^iMjyD*IeK@$SHNDOVSj
z;*_ZL?=<;>I<C0&^6uNbv61PpCuL$l(JWa45iyNTwn0ZHz-`^0Dd&osw;djvl#r1(
zwDVRdy0PBxolPnT4u75pieam*er&1n<qpm%t}h7B+rm20ZjrEf+=gB+@}UL?Fc2As
z{lPu`zzok`wk<BjMwU_i>>90bv!9J<%uu;J4S=0$6olNq5}0>_iN2Yd_U#gmatJec
zyFow0wrhPZImLow88`g$jH2Dt|HueNyPR<6F{3JTTWSe=jZMj&C#|dP^ODSX-Dxg4
z3Uz{%9DnyYdG`_5Wv-iN#*=J7ux^FO1je(z2UOr`O<6IXa7$Wvm0i}zg!_n%nrah1
zA|fJ_n<VVsmp=QJ-hzJ2P;rA27p<CgEw*Y=_$f#LId(##BK_ma8f@n;Fa;%5g8L^-
zjMg9upLzf6+t5Si+WDoNrV-CI)`}k=tc9gy1QQ$5-MNuI7n#UjBM4!sME>E!479O-
zXtnXY9sU-nHAwmY%4r04<n+Cncm+Avk|&tmT9wucbE`N=)uVKX+I2!;l<EZrZEy7q
zFcYF8PeEuK4SrlC=eq<-3STpQ(tPH~+OnquU9)8!(4YGCw7v@b?z@fIChhO0@*jw|
zxWMkUzaI6%vnkO%DVQ0X@?pkAZIUYeoh0X+goX8f6zn^T1X7EuDnxMM1KnVVOrFw3
zHkmA>rzgJX2n5+3MBH-wt2hdd^t!lfX`F5EX#FlFF}gp-3trzduDu}}-{cuBxewUF
zHh?#7haV%74rpu+DZ219|8Y7#P&+XdHD35lVerBJr)SzJVcD?JE0<~JxJTbF!;F*E
z{yWWM%AFU{E$u9B$9tU9F>J7%^i{IV1vA1%j!NKzT|}dlAL_VT+*zz;X8A|S3o8kC
z-yXEiW}x@pgMl7@Pvuv=gdwI^ehBB{#qT|$oTsZ|c+yUpOYnQ5V+^)2FCUZCg?9ST
zO-eMrE8v?cQQ{g`*}TnbWHvBV<bkLs6{)S{+pqL8soq79AN5jW3S=Ow95PnNrtv#i
z3B(hUSC(+r1?V``{C|7IbK6hScpah>gKtX-DhtClk0A0I?kqLutlX`cM#>20VaRT)
zgNqkr9TNqlyT<MST};fo2Ty1j?!@YY!CPx9_v~RjT|CXHGq?{Xd^IFt;p1)M`^R-e
zvfkk^UB9*<=k6!2<^HxIVY?XMt&^ChF#6)E)Vd<Bn%?F~`LC+*jFB9GB1`7@AKziA
z1Z?hGnp?d#cJ}4;MbMw=2P!_c0UhzV@YJ7rF|d#E`uYzHih!~_nHR)R1}Yb<`-b|o
z2~Z7PC2dW7*@C*<%SiF-?67;y*}l<yRaEz6jLesH4h>E{%ky|#>RfpW>k_Q0lB&*c
z8^E4|Gxpc)4$8YU?w+v)k1pnSXje`J)Z+Hw-uczcO<ft-*%+J5*oaMuia-q7(n@SR
z;%>M5CLYHce-44=Xe(`=ElC*&M`f0f_*O%zw^W(?7^|L{%p>IPhiOetJ+j}5w!r!M
zMHlFm#>LJQM#KC0M{`=DoW<hB!MMfv+8*pPqGDa_#?~fuL{OzuqclP3f0MhKf4LTe
znIPeIG0A>3>n!qp9o0)9{##x->)rxW=iHzx8s>2U+n%n|p<HpRZ8v=}tIrocREhhy
z-hAJEiLeQQbk3gGuiR6%rJC!LXZiR|jr*sfdGh}ygwaha2DjNk#%foFEa%J9F_^ph
zV?T3Mlghro0RCpZ|8W?+*SvL?vT1kma-J!>5RGqEn9zVJT&VjW%mSJ>{ttOU{+p9R
zJ@em;|F3)g|K^>}yf`w23CZ#TLdM1puIS0JaRgjxSz2O)UI*6%2XrztG!;LsG|o>r
z^F47w97)=tn({NqL885HF)-NJ*`pm@V>(e$Rf6hWIt-*I)|n9*QR`$lp}F9nzN7lU
zp>z}1^08Rf%1qG-&I-$P&?dnZVk5!4vK-CABpekQxt$g*y}N=9m{1K3S{(-bVgBeP
z@%OI|-xR|yFKp}|_Wl&DG{$o=+-Pqy(d72J|60g?k)1t!iRu0bpU+-xQvX6A2tjgi
zb?O~kg_G1mH5^|z8#5Q-(;eLZ^F9eXe<iZ1uV)QSPfy6($J@TTf$V$$_3G*5D$@0n
zfc06Nki3c?*S^{5=hmThj11_u)vEkpm~qNhafN+o65FthQWRrNP%aSWBlelx5`fJ-
za&dPdtCc~e23R2SjJEs2QuW?xg_|U>y`Al(@}!x2X>;2r^abZH_9a#S?DH4=Lhgk<
z4|Cmgy5Lh|2db{~4!|^-KcvI}%Ez2H_iab!QxsGc2o_nVRl-|W=QW6UqkE8lC)>h~
z-8fJ@@&KtC<(yOO&2Oo<IphK@BTG|Ptr_HgVB7m=Zn?@)u@Ka=uklCc=L=zb3g&60
z|7<Bu+M0T^rodEVWRRCrI%POqrpr?NInXyK^w5m84!JO|GN>uJW#RNZH@7x@b4d9?
zA_*U6^?>L&tG)bC-ajQfR-s6Z-F!Z2Mm_1Ps<y=Z28D#aiD`6q2?8Ro9*DCVd2ipU
zB>z`)QeyzEZ}M!qFrADn4O5w^zBh?~$qR`@QIUBibACZyz&Qfia{X0PXTh)L;K~!+
zS`qC(Rask)50<AJd-@?2A;j|^ATSyvW&NPhpx@o{EEQ*a<%E9s(|V3Y&hPvy3D4c{
zj3?LCqQSdr>@j74$x)Y${Vl1fONTYK&x_OJU3Z_B*`wQh$MSF|tEOhP8?MuVt<<bF
zHnweH!wH5mBV`0y8b-kQ^App^C>f9I-*MU5Ft}XT0GbCr8b-RG9WH<@>Hn=0XyIFX
z0-syX6sr}ye%>?5`clZb=^Ffj1(UdYybqX6_(fP%?gKzczLRo^E08{pd6V>g5LOzE
z+|~~*<a`Oi&vUn-+2<zC*c`!kS;pSh(QO+(1wtjJCN@FI;*^RL!JFHOJ+%?H&_tQ&
zdSHMtZBJhjeTf^y-7v1I&e&nPzO@IA8vGf={ZMe``YS|gxBY20J1AJP@W+S!p5mM*
z*!5oOme-9p3QQK|d-7NFt0wczZpu|NxjBc>SS6%3#dS*i7~0F7nyM#D$IIK|RIA`z
zjRNT?lXbZPxXl;S=9$s67Bmiz=x)?F7`e*`m*#Hg&_=-Q#pm5?7=Bi3P<4xfh^wlN
z(PY$_%odLs-@JIzLw%1WOXcps^9EH`tH<!ud3~KhRXVnbjf`NP&h~+_I#UXV3Xm{d
z&zs7!tN!Q5-uXbS<n~_>FR8QhUGJ~lFPLsH0(eGn$gNZ3mU_gtUN@NW-XW>0<klbL
z7@{#)8gd~59C-OF=X`o2xW_aG*=sWjm1jCPtmxeC*o4Gg!cJC>x(Y0hHwZ6}w_rjX
z$?zsLH3c)x@9W$0y*8sAwG{09Sj@%GM@u^*m)o%IRoVJ2^KWv#*b&{FLablt+5duW
z&E_g}$xl50oH;^~^A{f5J9Ol~&A@g$LGcU<E!A?kBat?f77A!;MWRfUkjtR7C261*
zY{(p2#9HBpRf07ce73hA7emt5-f(q%|3XFvkARe*#TH;&j*n4iFA*xy^8SfY54dc@
z7<Y9J6`E1cG4!Cz`9^$dPNlb5`&t#zsv_#=hcQ1jZGLnNRtTi*C_b%eZW$VQ(t0|+
z!M^<!6%eSkfS6@w=#x0x;k_~%w4bi@^DF0;fr%_QI52^4@UAT9C28iuK%&&nXvZyu
zD{Hndl(f*nJg_?!O9cJ9l2TdjW*b|MrstWZeaih$-Xp<9#hd(8t<xRb?=-Fa%%3|g
z3<ozxfWf3Z6O(=T#D%vti-+A&H8@Ny-chppi1c)5Dt2$U&37bK{IJ8yF@ETB`%4rX
z?DhL}Jo$~$SY~XAUcx17c!Q-JS`&Vz0KMCnLk4Q(zsMTsBEu}2ICHG`(_X!=!^UZD
z^<ZP?`VtJ}x&3Y0^((*bh_f;bee-B5x+0l})y$TSw`tsq?rV=u4WG&w?keD<l0-FD
z0sGW0=5`<H>iSy6dk6Mb_w7Z|7OsPZ+g=WSaTx<%l%2@l@$qgFc(-89D?p;m07~qc
z3Oz>FHYzA+_zl#I4qn~des$tYZr6L9WUHeE-7I7E=(AL}wMGB4>6scNty~$8XLe4s
zkxa_Pr>4vH2BW8e=aQ}3G!c5`ur)ne<jlM3X9jkxnlup~qU;jf8W73-4PtlatL*O~
z9A8xw92#6<!99ePI^JDRM?~MaCVuG6cW?E4s&i7A;U5Bzwp=<hW<YBgdfI`Sef^|h
z?KQWzayI_95f{sv^;ctc;GJjSN;!!^NmKet>#TL!f^P-tZMqg4%;8FBmaNM<OU%x#
zhdq7NvPt_@eX@P=0SDrjD$Q*Zam>XMl)kJ#1!jin9ksG6-Wsr7OU_&+lGxmSo1b`i
z@Ob<L1A<jBG#4f>$;PJMCyQf93HT;q@7l3;{K~r-7AL{IhSk@|-1a?T<Xz)*yticP
zrEA2WGj;!wEj+mKnKZ*!t1BM7>wZ^|nHT6q6d|AAVu$M=A1lKo=s9!<*<JBifoE_y
zUP8-2YHd#R$civQJ0;M}CMeodz&)>tSn-(Z_WCZ<(JG=V&8+qIa;3#FxrzR}u0Y$+
z`2u-C!7gY;2wKob@06b;&^pnQcuq9oK032a!!_-+pRQVGVwB0}kzRj`;VATsZ?Vh#
zBQde}{?bgEJ4NAD67;uP{NJeMKPU(q!9YWq|33O(7z2$N{!euCe`A~AyVpf8jMJjn
zW3<QDy8{~(eXUvw*%YtS_FE>mk@nj)zN}z)xi=^UlVmXzS6{HE_KBxHe%YhF6<i;M
zscCB-koLZ8)x)-Gm(2%d(w?rd9o>#*f`z`-H#9Y|sk5{H?Q$k2DH%pN5!oWTS<}#v
z{P5tpw6tVOV-zwwUtZnwhW_uHmG-qzZ))_RiTA6}Tr3BAR;#&_gM&fk-JsA*0LVOP
zUkFC6`S<TUka=}oUE)5$u!h0T&h39crY~m=YHt^?Y<O@>YU&vqi}ARGY;J6v3C+iH
z;6kr-d2?f0SzS{TpW}yB{uhKF8bWE;Wu9hBs_7XVl-%MP(KHCbQPY6F%{32$K+4^A
zgXn6|GhIKwmK3-H3o~(E4Wb3zK#=|YAtEwy;L}s0eh7QPdz%aNFu4hh@nMjiqtSmC
zP}3j_$#`#lVcMLUI&Y_Ev?CkI*+R(frAe>&I&|%XXG20lGKzzW%WyaL8G3%%kx-dO
z!h!{#VjDhTOYDWSq8!IjIKB<a>RQaK(=ne0|GB``r5sE+e64b#5MM4g`QM1q8@K6W
z+H?}DYZ_qMjE|4kr8Zn#<!B4JfvDhKTSOuo7kyJ<MHEu1t64@(>n`k#WMxrjXJ-ov
z3#CCt;pl~J&>Jb=O<FeKDsz%k*nQ0%>Zf65R@`i8X-S8Y^&+C8l)JBb5UDp!>vU%S
zdpIy10rn7Z^RsJ4dmGN@%A`E`fxNmilMrart?s{1H%(gfn7@C2xhvEd&ECvU*y?@n
z*m1Xo>icvq$?$rz+B(=Dg}2z^L`{__jrp;ziE^`ihIaFapV8)CM_<7R(?#>3MX!pD
z>D3~uw({}$Np$|ZSUI$;K*Gn`qXqCyO|91N)wkpI#mjcBZAek*xev;RV>X&PJFDt4
zFTWo9@(T47hXnCNul74u+^HU5x_h^dW1Kx6rdF>M-jQ?G7FAeSc|K&SusGdYbjlC*
zwph{%Rb($#KI>e1hQ7#EJ;r;VTeQr1JT%CxGnnX@NwxBS&FS;w^C88U<`z1N+j-2N
z|2`m~_522Jng{5${^IPb{Zf{xxNA9nEO<3!(Qyh@E@yf|RQH3pCpVHl+_2L;r(^G?
z@LaL@ooGMbPTwA%w~lCS(Gjry9mZ3xgQh+aT#cvw_%zVHpJ}wCcU<FZ+WB`#8)c}=
zed5DMyGU6O6%VkzEu>6x<LF867L8y~!EQbe@4ZkCN#bjSFH`@q-`9yuaUlBx)Hau+
z@23{NR<~czX+1q%PCPvvRz)hcI_<^=wz{3t-9sz*h3+9hyI*BxiGz<M%dv@|a6eP>
zLp`sU)cFddRk*g72i^>)rx1r|r@c;W^l_2`wYXZ7=|grrF=d`BhQBfd?~kaLoHMYg
zV-W?&P)g+5e}|Ox%j2HkwCeMmnA_Pg$M6~vwDdD0ET4l12?z<v1q8C7l^K5}<{GT#
zDJI?&6%`qK(1x2qW<dUuQv60`x|_4=^FrHK$?AIGhF#ov+|B=|s<#Y_<B7h6Ly!au
z5ZoPtyUPT32=4AKgKKby;1Jv`_}~KscL?t84ukv7@Bh5J?`}W+sXtWLt*+`@b?-Un
zhOS>edvPIUF2pffj@nkru-KX%{k|0h%qyf9!p6lzs;~3ffLXDG3)2R8x8cimMCEQz
z*<c;$`c>p5(7!}RA*bO^T|E5!@dcdXHg}ZZHs3oKzqx7j0v2K=$aZpZ?OB@%CrdcE
zC>#@@-WcEUH~3kD%d9AAp6z^pN3BJ7aN9nwWWMI^HVF8ZzDX9Kr=NAvd_?s`fKCPZ
zc;$rYrFj3m|4q09+~EXN52Bf3aeRS=MMOfP_`9KL05BCuC7T-rd_ar#e60~fP<JRm
z^KWTwUA^cEKkTYGfMwRZyt?fj?8PpXss`Rex))Y<>TU_L^)K&`$=LZ*4=<gx!*@^7
zZk1Xq&yT3>4kAZ$c`Yn)d3;}A-UPs-Y@W}uityp=S{}XTitaA7WZ#lEKd|&qiuLwf
zVsc+zUn%=e42}{vL*c;A*!JyjbT6$wkCE<RXKd@}NguBk2H^DI3NY-UM<zqnALgxP
ze5mz?!%(moO>s1>^XR<f=J9>X$@#i(Vc{7~-;^(-Xv)e=kE^}Q`vC)=SWM4X@am&;
z-PD7RkFhJKa2Bn94-W;UsM(X!y`d%=OHZLmgi<YtR4lKH7GVeFs-T?(1H%|DBn$%|
zKdux@9_YBiF5JpNCy^O5Y<V!UloWBu`&Hb~R03eSW5yr2IApZt^Dfcl<V?xUmN^1J
z0SjKlclYxADjWLzBA9iKY{$dXQ&@=T>pC$;tO9zKTA0)Z4Z}=etAK=l)6$0b^@Ji9
ze@ptPfYdlBdXAng<dbS8Qs$bNvFz;1iLP_czTmjJIS}7Ws>cwr!E(R2h!YkZi~vpb
z%8J^@cTZitxgo3-K1Ow;e9=j;90aIMV8xzoE#x|0*#z**Z2-nuJSP8r-43pbWwLRO
zHHeWw!2QCHS`qG6KE*%OInw4@kd??X8m;7$c+J4)@v1pN<P9He5Z|H01erU$iEDsZ
zFXgL6Lwd?ME;psc#o?slh?GOBtE#G|9sK=;p)Qw1E{(akv(o^>wb@}Uaa+-8hwSX?
z!VU2Y`0Mo&@QJ{~acy(I<5SR6so~?}h-Px}<K?a(p~QC`-q~ZKb7&CYXNUP%>c*Uo
z#>Gowz&fwg*$@zXeZ@C%8W8*EgRUL60V7d)UEP)O(v#on^U)^*BI!NEskoj=KSk0{
zd~rvEVgWONDyToE^bQtaqw9C|xc|4lq~PI*wx)k(CjK;>$)oZOk#`%LKneJcXWDBT
zbHkN{ej3-{fi*`=8517~4s=fx13S4~mzGrK*3~HwNIgp<-uCyh1U*%YNJ>fK6I)So
z%@Rr#I?uP-xw=yp7D&trRj>Z67+30>8&0^KMUs@10MO7_R}BsHE=5#^^CZx<qPWhX
z;~z#z9*8<vBPU^EqM*c0FBmA~rCrC^6QIOBgqE_^xnR3xB=APo$sQ6DIidd=EV)7G
zkUkM#h6&zz<=V*Wde2l$PPiRu)O&OoP6G20FnZM!JFgYqj)0%{^nBr^f|H7*9;4sd
z6AWf2q9PH%+5KD&`L1`d%0xR%)pa0XS564Ty^Vf*YSEVIwP8^MWZlQY7z)#E=;1@S
z25XAaxbT&+g_YhEyus69u&9lnMAAVNJ}o6Q@O&H5#uZXxrfQfRl9>b}B}Ym`0ttNU
zPA9r?$<DDpjbB_+p1r^nyWfPfhB<d({F=&dwjxVPTypDd5s<N-8mc;~WtNTRt98Ri
z(Hs@Ft;IP3gO!54c|<Y77sX9t@GMO@vz+GV^3Mh_Lc!FmD7PSnH!({0=)#7QfjqYj
z@-Y$V1WFR3prT89+BRFwMwxjPFLL9Br&d)-3=>%#d2j^dGp*{_@r@EW7q{3ZmP)N4
z-g2AN0I7v)az<j{zPe;uRr5r0-=GcVr}<i)O|^!ptmsJ9Hn&@ivW};@;$?SOonJt`
zLWE9Xil2%}`p+Ug+4^4WTvqv$jhjca434i~5TvXzhfhrRV+?K#4X!VC7672kp@w9i
zze#qEZ5Mos&kCh=gM6T0=j#NkL=w+kK-6TmU_D1OM$^bjix82^B<_hwWPsDv7@cB{
z@MOx#!eWO%zCQw&J3SY2j&D#Z_Q}%oyzH!dla(vl_V*41pV%)QinftyeI874sd!U~
zrRoFu$z1gQXJn=n=5Khe1TWKakB6)3ox&bEpnxz2%^FDeoh2f0E`LgE`&*-xrjocX
z8m-cqx!HK-skeuKHal}BPU#4qx~U_}2)|&=<Luq<jZ3~lFdcJEn)~li%}0kQPVTek
ztOm;om&XyV&Mw!u8A}!y&l3t?J<#IPl2C+CvEd<OfV;>*3<Z-gY2WnkaJHgXKN2Dm
zmk7zqXC9_Y);l#@Cv@`;*eE{VD?(wf6TXkWLeBrnWG;LHuS?@u(@Xl-yD_@{S$)y(
zoH$+<y}8CUy8kIv#U2oI2tsS=aE#vA(M-ktG=UGqu~+##h7ED#6Z}mZng+h63ta@Q
zHEv)zKsQVvD*FNVT{yG~t<jWBkCw}=Xig1W6*apO(4P=bfM$=WjaIueG8FJ-+8eEe
zLAn*5T?LC#M-k8){L*-TZQm$qG7`R6>s7gUv^2JILAtd+PO7z$)RX9;=yWiMeCoO9
z)?~Lda>7zYF*rz^l8u&vDz{i`PpI4MV7hZ+d&C$cQmCAur!^Q|<6yqh#AN4r%U6+@
z6~UFk=XOim>HY5Ykzz-y<BhAy&O7oci1mmnes88ePnu+R*XzdPk#v1`x2VS!dY*W3
z(2m)?h{8-sPX1PKZutI$>)82N0=A{Fhg@XYoL$9?n%@ssu7X{|xb{tu`WmVCRge^{
z)j+Ow?rSIVRXN*p3c8DRZj>Fd)Qgp8&e4A?Y}O>%_7%V{FE$42wSke#;s(A4AMUGj
z@+%zSPwssuN(D3%H;=^qHe9%ogrUFZ5nJ1|UuPEsi`PCa{@3)MHoVnmS^QUS*cFPe
ztSq*q;>14dwtm(f;6(m!&)%UZW#x_dN_?9<$E~cdA*$_0sbF8_+Sr_kzUu{unC4TS
zo|-hW=RU7C*yX;RSyGdCw<e^lvUm|%9V$CAt1bTJsfr1!fDPByo|vpFWf+U7YEB6I
zI_}xlW^6-{*DegZMhWzK%1RMQcl4x4+F2_Kf8Hca7&zR9QQ1~GBp@JX;r=lBSDIfk
zOeX%4f?g`d*fX(I^5pZio2dO|aZ?8_P?7@X?d^fS-6wwQ@1eN28*L#bCCc5x_MX}I
z3!Lu;%53`(9i87Nti|RkIy2HhRaECU5?=n+1S|StiObm^_B1_{*@t5vfBz;dudFI=
zDhVOeq<s-hDsyzmFRqINrIR`9lfheX6!&9;nmCPR5wTx{(M2R#<kkH+%_X-_@xMzf
zi00@Ei`2)%#7DRyNcvm?Q{8By_;sx-D#>Vuvdgw<B)tjC%j}Da^P@u0J#LWF5G24B
zyF7KE!Vj9kIKjXVZuT8m;!$iZ&&pcbO18F`@c3*kc-b<e40&WVzn+d|N95SAQfbMv
ze20f8DR~%DUT&n7YcRJWTREGXrnGEn`2P`q3Z~`Tr{BwP1u6<6P@~HhHI;|%59qMn
zp(orAEmtiVUq%%)1n4dDMwlhx10|TonZ}cMskRvXJ+7nj{*;K!u812*f?D=B7Tm%=
z+0R8b>HI#Hjz{j#3t&xsF|ipdZ{Zi94<hH~BL(_X$VgN%>eeMcK?Hj~24QbF+FN7o
zM0d+1C*8_s@_L1uRO6f>6KdcTZ5|NHsJ^pC4?dS+`4MMni5f~_%dpWUV-+RpEq<4h
zpzv3g!LpQO5a2;v+JE*}F{cscj+)-bn7X5)UXp3STODF-ozyL-6Tu+wzFOi$dgh)_
z!6ZD6?L{$l=j7e|`b+WR5bjl|7mFsOppGZe!6uKLDUSDQNi8!rSdw-y|Di!<u{IBs
zwOxQz(cjXcuYZZAr18>FU7eU%@UbT-sQluju&^X1%))vUD=3)4npk%vN@C57x*t6$
zQ4UJ$G_;4$7bd|=enV`5qX(AMmJtDU;DpKR)VO3bXMbTG2hJZV>iEMmRaMPu?C$J1
z^lhHz$8=Re=M_eLAy!U_F9cb(48y$!NBD5dM%?m-s=Xyb+R-Cuo820#bK!@oXiGfC
zCn-bueH-IK?<oU7M@LG_;Vqv32EjLbsvRmiyxoJHQGP4dqB!79!(=++7iwO?oZlrL
ztu7X5qnb=6b2F2Wp30iqt=Me46;RYbv8}cqZnVgmwCp^dZ7R<%eV)Iznaz=lRt&0`
z#Bdd-(p7eQDNHL%b*6+$sHv(vZz#4jzb|JhFTeaTI;&*)MMNCYk<HXuZcfDS6V<(n
zLebkRquZ3iK?^9QoC-efrfa(J47S%bEEJ}Ri5U8#n7usyH;N0~>c&*(&YYe}vsCZ*
zX{FiTB9A@nDrJ&&-XKiGJU*Zs{Up~=UOq1xEb`WZCpVzUj*!yhg=2tP@JC=P0YjWh
z12XXmm-oh-l&#KL9N}4Isy$+SrKv%^uOn8Qq_30<vN}sY-%%gu#`4Ex?ikn0e#U~k
zt0}cusRrk&<=gWzkV+gLU440&A=6C0BSS(=f%mg6!^uy@XhZRjlhqqzgpTK%x41MB
z(yR?GuLjk6&pEG|np-D(aT-j#7hZ8QwDHqvCh@YBgS5O+up0)J=EadCCC2#iNF;`q
zMSP!9y2HcrEwLP$JKw%WPUTxQHpJ=&3QE!g4r2JCxvi-lbDR1|738MwtU5VeJw02n
zOjLfoGJojF_ZY&>99vBN!%?;^QN7yIA6f$y#@eRS5Eh`u$)M@^O1S9p;^Y6aWgABd
z7<VH-6%O#BlNok972;-kpMQNx23dT`?ix_?aCEua=BqaBqH&VIu#esl9ylWeKzip!
z^`4$Sov(F_4`ym6>HZt+C+u=Md*<+UJB8zs$W;mehbCHK`osr}uB|jbocB;WM6(&b
zxDuM~nG<!mq;Z5dLwW>qk(kdfrzYGUy!dxEFFl2sko4B`e@Xg*Vg!>qJT44A;4tY>
z;gZXBLJn}Zx3{tC?D*oI);u=ontr_qEvG6L4hYTnRbv92u1A_rSK1;McpNP<(=X+g
zEAX;>14+-j$89wq_D8VKUv7{$Nd4k>4~cRD4$2<<(;PeB{@cMgU*x`T|7$P@*8|Z!
z0(d1JH%Cu}pM)&$tIR#Eewl8p?akjh^0^<Q0M=V4I@5A?`YkuMN7e*h$W9*K*zf&c
zLwDNezn<6ycl3_ENNY{Nk3u!itrc`<=0QJocEqjy1X4;wbp%!-uiSfP1Y&lR;i7DG
z>10p_FOAZAd8kkvahY^Fa8rcDI5pD0RUH+KV})v%2OCyobPkiaFg%rwL=AQi;MDws
zqY1Z-P@*$&F^Sn9zzG|qDVIhS=diC*h06p-+hjCv^U(6J1i^OvTVBCLPwIUz`{c}~
z9diT1+^-Nh+mu$G#0$+(-qxX9H%7d1U4Tk&MXXb%Peks;px*rB;r%XW{-xTR>C64f
z?}1=g$pt6xaDJJ1l;S#IM9^nT5Xsa{JachZabo>%jZ{WmQ89Cj6a~K+&Wz8oLl&;J
z$f}YwOucee?3S3=Nunb883Rq^8jR=U<cv}7%2HB(bmq50jQF;+?2NII#d1fsRVB6c
z3NghgKWLfwr*LCCau&x_!l2p$Q4ysL4JiZF4i)S{pOqL)%BXR3e>yFP@K!Ml7lMo9
zw^G^JM+mj+T`?4};nhGWtgCDC5!bK$jRg}CA-)4pGLAGz-A<OAa|pL^D%ce$P)OXk
zi<81p@08wG%ldl|r_R+SeR*0IC+;>8!|X4f%J%@xPyJprI<kp~NTWt}!*D4Qt+ODs
z8C}PcvVy?wP8^7Q=uLdgk5po*$G=GY4AFFDRv4!Ay&LN1aq>Hcr6L#j5>gxAtd%j;
z&;b2f9zyW@HZ(YQ=-7vHUI*VOvtxI$Bf(R`E<4~ohmd~D<TX5x4c6}Kuly&Y->NQ5
zhCOi;MBX@Kqv{xmis@Ot6c&<vstP+y#A!R`h#W1q*xGg;3-!X%yyKWsk1el_O6aB$
zebq}|BhQvpvQVJxAf79-z+n~Smyt0MOgZzDM*$ggr_FG1irD(Gl}A#$E~F-^{E*YN
zCNj2e1*MgI{hCPgQk1zGgF^63dt_Bz(ozu}8vQgJg-qGd5=gGBnN$9=b4&RcdFDvJ
zGo1hkv)8krGlJ|4tbOO{nzI2>r8Q6KBq(~CkoTTR;JHewDBP-*^ncA%RWen;;rHpT
z3r6@9FWnZFR_|I64i@CF*H;J$AN<GNnVuRYIu_KN!hoAdgemg+j|%hkY!^3`gL_rZ
z*rd!PJoFXSY#(<@pf2e6g=mDZ{fIHDcS*T)j4~LAVj7)RZ)Nv0C>ezx;gfYGT?wcu
z`YlefUN!UrAf%X27avxQ5%rZq8siS{$exm?Ik|4iACkCJW{q)ed4$)fj*5a7o49om
z0yGlz+j*txx8UGqlh@9V95`oNW{4i*SctUsN%3wE$7NeJj7+M{^<Q2#N#|n%FvUk|
z#k~l1f)!(hB_f(?gw5-FaJ&Aprgl8BZ3NsRWNvH>r=0Nc-7X1$frrTM9nF#ZT;Y#*
zo3g90LE1MH3q%I(K|+SU1GGL(^>0=2t-g1dTT<9|?=KX%fYtG^v*#AiJwZo1Kwm8K
zvvj;mzLQH@L}gPVffe-VKrBpG9A!l~Dc`rj6V{FU#c6BNQa%>ddH-19uA@DBEnEq5
zcHpR*&O>3ca*yX@PWdd6$wjy4dvzP{3-%FM@$eh**dQ@k39R7@Fd|lFrXT1p=}X`-
zq>*Ow*dm$ClmHF4xZpUz-&oBdKZFC>Gw-u4FXT`c#{z=>B^t-&V*8%14s=q|KKd@u
zNZM++oGtidJsrZX2L#}1I;<OQtT?)CRyvBu`0GSW5c^(@E39YXS-xLkW&s|_SJq#C
zB^i<wafzLy^KWjR4_>Cmw|bo;H#r6*6>b>ptZ5pW>=61q-aX5KpO;Mph4lWF*~uIk
z6h<_yn_;_e>(t~)f6;r&DW&Cc-aUj@B=$}teg+&QbvVvAlI)M|IeIz{YJBl`i)7i*
zjcg8g_WmPGiKYTln0zlhg1W<2T@FoYs4L9j1g%;p1$Db{LYm1W2IN>epm~6pvmt)i
z5yRbjbghNtodm$u%;fv-InSrV4c}j+j_do2pK7Mo*aj?dYY_9D6K{0^TT<i@lJNk)
zlY`Y3x9CZ3M%sUqxm*JAz~_0iKPQS`3(j~wB)og2Dc`QfeJQG2z282oHmZaDF2A)m
zF&CLSk(YLLbuUqdYfZOAo^-A59SW%SJ&QMZkNOL*H^v^&5IjQKS5_acep{U|(|S}7
zZ1j>fdt2_!KuXbf>!hq_r2^6fY^35z)F1fWPw_G`GF)7S4?YzeB~7A_Y?NFWjhL1~
z81K7)HZ?s=G~xP#HBQeZyXu?ETn>o&-cGOV1Clv=&+UNg{&TKA3ypeBq#cguay{<;
zE#!q(mmApnAj)#XD{da~RzIZ-ZAT3ISC)o@L-UDKuLQ11Ky+TvMO>%cdsOMt{o}zO
zQpcUvMuFC=YkT*aV;YW9&Cl%uzOPp_?7sW?(}$#^348f^*$(c^|HZ+)Tvw#E6+WqZ
zQQx?8?G!flEAEJXHzIpXiA|;o*~v>W8HA}CAfc`KeC!jBcWgVbv6L~r>`<Z7GgWSP
zrNCV5Va!r8!aTObW@UGF`6b%Y1eCKnO)wxCZe3PY7~mRY0YvgvuE{EOFn~#Cs4Oq9
zpy3g~=#cd33gAc8k>V*(jl$D!O7H1IUtKlDKeVC!s~jwOA#Qxn3%{gX7W$p@DQsp2
zXb3ve6J$%l!o=K+4Up#+6HV?5^DJzfef<Dglr!>XN-Ct>rKOz_<`yy3C-7d7=6`<v
zjB(Z?Sv1vLi^<bLaDOQOv=V)Fjn<uPD6M0IU{5)ESk7ju#`OIHQ%-K-8$8<^oD?p{
z{M^qpgV2r!mi;)yk?B#qV+YFaQIc#`M$=#+GdMnaQE}Uv0o5k1Sy2lO)U%XOxKj10
zX)O^&1LV2#Ex7Q52Hz=Gi4u8;tWAj4Nh$dHt-3TxCv=@HqI=3eY8y;K<d|ez9GJJL
zHd1*EB`TUOi33VzJuAXeXH=BMy)8)2UPrCCi>KJ;m8`v4>0<+@C&(*+g%J$aC9Q%P
zPITfUDl+tTg_YIl!L_Z0nV&G~j&ANy*#GHC+St$#ixry0U}JH{v8_&tD{9azSv$Az
z9{*Fg2Y9JXQf_xzMaLAlJEgavYl0l!)Z$|ja*}C}kI06lN>@?QB4x=a{-IXg857I$
zf2&BpI+yfC39_Umm0iYFNzIZzkp`IKn=nGsXM=Zubt)kB0h0qP5nD$Fl7jchM|(zs
zb1EL%=+jd*upa8YM5czEkuU!vpLLNrvaTXy3B^G0KTb^I;wxS}!J+DN3i1)s_gddJ
z+wmwX+mr&PIdMxb`gMc1bfhS0IhjH)D@372YR}N!>3Qv_j*(cJ?yDcReC2c*Ak;W^
zJ~gT9A>Qn9bu)8|1RT=9LWkdzvJn>qg<Xg5a2<24W;mL4PD{M`&`RlM3(5%uVli0u
zjoMafclTcI@#x$n)Rc=69hF2rgmlBjG4Au*dq&aSlt1?)WmHUhtWPfrIERr_1|plL
zU@E5l5QnVuDg_Zb($I$}m8R5nB{ei~=#*jbl1*cDZYHK;Q0|h5ZTiqv{yr>Hse5G<
z9cb1%*+rB<?4D8?i>kptTDj?2(^IFEpL8mdy=M8Fe$6l2{3i4+8%64#&``>k=D`)m
z%u)MpDE6g}PoYQSb=RUK0a~zpJ0AuI^;Vg&AFLB<r~<#{H;31VGvQB|Y8n7dxl&jE
zM)a;i(%)v4n$X|hZoSSD2nYny0yN`hne<u%F%3KAg5Fqes+PJxIaZVB*Jd`P#r;TC
z87bY!F6H70?^k8H>e+_T=xj^7m<SlI=E>bzT-w3%7U0;x`z|2`IK!qU>U`nKF8Rn!
z^b*9Ab0G!T!0}08G8m>N61;}p&=Z{WntEHp%&oOD35miE=W7R&S1)_P6=yzfPjjv7
zwWJq{f?~Tsfom6MW?+lP!+XMqHa?>pv{L)B-1=>q&bM=9S!8~`hov+@K>C2M?(?7v
z*@7*;;V>!;KF`EJT4=-LdAXgCQ=s38PKZ^e)cveR=i?nkX0G;xoFmC@&(+MS*B<pm
z?uuM;l0d6^<>P*z<f`Bc9Vwu%7&hA3<+|v&yw~^TluQ@!ApLp5^pDOP5#fTOGQn}w
zh(Y1!n&32lBMBLP<hSbLJh{G&gLPWU!g$Qm`(LC7QB|_hlICJI@mThT)0mdQRXUYf
z%ZmX=?3LbWSKZ;X59dSvsWn=o73H{i{&yb$22aTcIokcUD`+k|%eZErd<wIL4AKe|
z{QoCDIW4V%CG#?MlcXffXWGdL^2I>7Y>$&P==9a@{2|6a5@Rn@w{7_JQ8R?M{c;$A
zz*hExbZ1myE29~(zkGY5_bL*>PJYZB01fT?dxTLM<{TW)RlcXbcfS>`zCF@2$gyi*
zYNBedIlA1hyUn{%*B@44uC@bz(~#o6c??R=pYx5zMh|A#*zBC4#b2K7RlayCe8y2e
zxWXiDa5^$LUu_@1OJF58!bQ(WtRWgKQ)JjZOc784A&Pi~1H<Q&w$Hu|<Y&YxjRxns
zEXWhwPO+=x$%rvzy+TG=R9fhu?4R~jXetLPVGw)7;-f6CrKOeLb5dwO4BtadAFWSY
z?Q*?st&zztGdZELzK>6MsBlt%+v0z~ojLD%74SydZTBdB>E%sYc(M>#x3>SVVvDGI
z*=0JEyS<#9yVPEgetU7MA+Bq^A$Kb5k|7svP)ybxKBc+7{o<k7N_+e)vS@S-5i!u|
zN;+v~zJB@6_};Eb8Lnu6TVPLVZJ=ai3!nsiO$`q)_ttm^{g)HhiC$Jzuv2CtZVbgz
zYo1Xzlu+<vuy-rw^tekTIIk2`&HLQ+Q_cI6R2idU|G09mFCi@T+}cfAzmcOrZfzD)
z7=n!q-Elq_0JUS>*H?4~-?}o-1C*AUXtghNMMV;+j&kd|Roti=5<0b%y;x+HnDjL=
z>a%!h!b#q$43MVsPxNrNg-P%0zY2S{mH~F*RfU)|1cB^?<3Qtj%$M56y51>T`6X-Q
z>nT&$dul%J&xHdBgdIGs<H2SU5BbUph9{h5oXoRLXww@y!L8ursNWhmsGvkV9632h
z4hL_a)!v!I+|#}_kyt4;1i!O>@sgC8g%vS(9i)ELUe`G+(^)T-4WaLqd@uq6*nw;o
zk}DNX3lq40mlVy$F~>0~Pdb^O|1E8A5)3|k=dp(IR=d;bt|Ran{J#7=pe4vAZ|#mw
zV9FSr6s^rUFBQ`D>1_*M9>pywCGoqB4o<&BYdV4Vk=2A4<?`&2-(mLQVAgJI)d)%B
zdhl+Kq)M=0T?P-DKx|H86G@nlZ22)^DVQv&ug^?gf;wo>O6PfH7~=6)vY488Lf%m-
z4bPHicwMq*258NoKwa08GGC#`iEPK(=Jho#i>VLt0hM}*iYBrRDQb9JmW+&7bT(U7
zLJSSF@C?pp^q}r6#Yk#v!yt5?DeG?ixuB}EGFTcQq_gnBCVWsDyTHD-AzRC`@vu4W
z*MnL?@M<zYBR2>a3@?ezv1||=?f}F6g(MwrQoUS;^R_9Gc$2JEeZ+Q_z99PdQALF0
z8Ig#tA%nq$q9+0zW^TH)vKOW)CS}p*YEZ$S<#mbO#_1ImMH4;#4!^?mLj4Qm`g${>
zoAcdy*F?Odcth!&%fPRR5ZjPfQ$&T~{6fZ*e<3DNxDZ=$=?^U)>E=t!+#i@{Dxjs-
z=|whapmp3PQ)JeQ2@)^~F+KuggQMJ*(Be;}ir1SI6I5!lCzIXs)r1{C7cZ|K9K#Nz
zTPrl>+#gK(r7h<r%Q>a(#;InR*Q8D-Xsfs9xpL|3{zF_>PKiNgxEQ4w>3w!=uzNhW
zBvK~Pv?mm;If1xLs@N^x-0UYrja1Zy@UU9($G(}`pF=~J)aiRDx=@dpIJtFq6HCI;
zlD3<F3wKKb1?@gDGfUb<mY<qhf~p?@6B}R7MUtGjXHbBl-inm4sF*PvZY!8CwBIbs
zxtY^FVgG=_&Nke~6{F*|W0uP`0UK9dS~A!Li<e8}AwZHFDtC`^cdv?f9;ag-ty`2a
zac+YG(T1+woIZK$M>@waC{V;PY!p10+T099gY+mnn|e(X$(ZSVWFrqOgC<B2asq<m
zJ%k1~-mlQYa#y+sFRFV6gfe)(7;H9-lR8QEd0v%=p1vHy<$~K&Q{Nhi01&#1jw{YV
zML&_O(gd$K7|t&WDkP+$&wb%UekbS$U4qhvO~}{k1jeKAo-{~P?sr(Qk5E`&^d05P
zV`hhdTcz;MZXB~7XTTs+zSigVN^rAQM3d<S``z@(y@c*9{RFWeu_LVyN@v0i3lTXb
zXOQ}{Qmx~=Oq|~fPU|_Oq~+WhtZgt)VJaD^-J0?%OX%o#4-Vb3frH6glF~n(#!%qk
zmuod2*d2x()0I>OyL6q&I@rn03XWfz*F>cNy~yZxo|I9*cBa_m=I*)J?M&|FR6|uy
z%@h8yqv@GXuJh}*GEL=7x}_;Yh$b9qfL~~SBG%hgS2=4+*U)XvePRM%-*5xzk6)Xi
zvDrEp_SKI`S^RD>!z!dX>9j8cEXlzX2-!Bare;PVZ*d0euQynOT~9%=D`>#C%P;&=
zv|5j2SQlr@-|OQucTMK&My29Q4&JA3pkSTTMLj53NB+^p1r7lLGEAHMLGZ4u2n%N+
zbdvxdKfyx;ip}wz3a@$e@^5iVQ*GDW+_LJ$q~P_0M0zDNV-=jF`4D9hkO?qEPmGfy
z4X#Z_xrMj9&JZU6%62{Mgo}1rbe{uVz*j)F4Ct@c(|Ez!VdEt*O<+g+VV>=Lt#cyP
zT%u@K^Lj7z#5dsT;|19Jr$9mMz2<?+>f(69g@e=65R4>0x3lVQ!0kDQXP?>i^s^!4
z_No_LUlz^M+1^{svSB&;OdI+Q+~3aPYBJ0C*B?iiN%zrZP#NkDH;S!v>r6s@uS<57
z{6}^YN0f)-0dEia=?!40w(R-Zh@1eUheC-MGx|hA#>mwW;fA3}Z=$i};GlMk729j9
z1f%b{mjsog!CL>u8_q;iJd4xLsz0QihR^euzPSs~eOy;;x9pLadGBvB389!5!m_u;
zo^p4;h-Nfg?58cAxOzG!841$>o*xreN1VNhk)CcrZZEWFGXEOFW<Fky#rwWaA*cww
zPkfw<d69-z7KDkEe@_kg4?=WDFY#@**>ze^Tin<gf3KK&mh)y>D><w|v3QI+B^w5K
zfF2!25D^(c#mt;Th9=d+A&aj&t7PJeGTu?>iqp4^o7i0tNy5H+El^d+xl5CvximEN
z9afoqO3fX0W==0eg!<T@)$z>Ez7G4BiIjGLnvG!4SFJV|^1Tu&3QAL%2$a61VF?Vv
z+kICP6*(==RfVEb5<*=86k+3=d!DcR#l1_k$qD9|$rgi2S-QhL!v><hYtr-;f0Mt)
zjc63Zc`<j(#3-U*9GU!hDge3`da2#C<_CVETP9L#ku+lk7vb_$5uYn(ptz?ds!jJw
zdkB%|Pl4j9pq164qMj5}841W4grg4A@d_w*4)xh(tQEfwd#N)T%rdl$n&mZQlU1Se
zA9&)#-Xvjc{;ble)(rY2@M%n+Qn0}@!i-LyYhpHDXmn(X2Ar+d@*p|g?u4ak!mC^^
zQNXg7e!Q&R<QlXMvQimSh`DXXIAcEk>b7hXL$%*rYf>LRn~o0Etvw<oDX!*?1VIei
z7=WLV;!4^~f1O5rTSjQd&NnqJRdF{Y7|^`B`A+?%M*|}R-Zixt9V=yWI#Pt)gkq@j
z*f>w*LEaD6k9ZI65ngp=Sy9ZIo?1u@t5^y%;n(0{qH#fw>9-n2>SZz7rxKCErrvcX
zQ7;S`Nj0okKOyl){yb;IJbx36;h^4<e2lhZ2x2@J8{2&4XGc|QCO&rQfXnTVnz_>E
zpGpOJGQ?G>qjB#siHW2e@Z=Qp-e8&u_WIGM_T9ZJO={hc3T@5O$C9yJM!d^e6lr+{
zmH8~Jqb>*671skjN~>&>2f%QmroeQ)C(g!lk&xnpY1M?FiSBIhlR;v^%Ox69UQMUG
za4$1&6eTB<rc<WkpYrUfb;%&HLMsA;2`yW`H)SuBSU1eAo#67e$iQ>iZe8>_CSuq5
z-D$d~Y&tvaH2wa>DGRnc&Wg%$Ph0ho^fM5%nI_t_HeR^FgkfV;-YG%Y(^ENfS*aj(
zn3XE!xSMvFon8Nhdzn7P5z%qaf_C@_S5RE{mmV?Gqb$5)Mjm)oFTzPd4iQl^JcZY_
zT?EAS(`@KeDS<L$zpKI)u9=IM7SBNAp)TUAGG1Kraa@}g$=lko6L|ebN<8^r3KR}L
zKZPNbardKRnHIFS1}2W7AnYo78lktU6UQ{}CN3<Fe%Hk&e<N4(xKGSY5fKBD;=fgw
zNo3#gE9u|}^+zRezvy$ez?&li&^w9nrA-u3*VL(#=c77fp{Ho(T%Ig5-`bB=-Qo35
z-UULjUHHg&C<ypGLz!EtEjAWqIC(NTyQfo=M-flR0X`}Z5!uAo`+(ua(F>Q|;9J3~
z`z~SWnw^V)Tqp}bAkc8>MV|0lRDd_&NPt^dV4yw?usM(tZ5Lq9^&D?t@jhS~a?vr;
z3^1@@T~8>B;h)fdkEDDy{9dE6Eowaa=t-3VIch#AzjZTzdx3Wu$IA6)uguwjtT}4E
z&r-2~UlBDY&P%8RVt@ztY*$a*!h#Pp3fk&fZ8Rp_Q*T4a?JfSdlq!0Hp)3l{XQe(w
zp5?HOu{Ijjj4Zaw3@nqG9e+Zwq~DzsEC#nmeQ$IaxUX}_%B}e<Sq!#sBbigd58Sy>
z)aCLU-9*3@MYWC)yc-MTERAKm;BzBO>)jGT426FCv0P`?@9j(4@TF#BI;P&qtF;tI
zFXOQ>OeN;;C;Ow2dqv1v!Ws%H<9=`w0J3G9-8aw(JbG55lf5+SWEb}OUG!7P(0}}K
z$H%I=+Hx-Jb+rS6z28Z9M=Cs0vKNe^Xn!!B!EvhB9CuBT<7d;7xmR<#HywU*>E?k&
zG<L430veudHJK<-Ah3=@?>UMbe4`1Kl9v8V$Zhw-eVXxo7nz;0K&(^W#l%E3HANA!
z*tVNV;y1bgM0?opoqK4vmB`T<=4ng4+ONAvIT)zcZyiwTdg-e>t3<r3F&|90AQ{f3
z;H*tuEA7PeYZ;6s4cI+shcG33cy;gu7Pqtf1q3MfO~w*7KkSw260O#Tl-%Klu)d_6
zh_3p+zM@K?zdAjU*~>VezMR&h%R(HB);4jK4>a3zN`))aqXE6;LM&fX=leqi-h%`T
z8$kS7UdX2;Jc^@NfZ=e?V-&%%U1zD`(miSxi0YEDfYauOi_T|exm3mk7K#MFWHi8N
zsEwq9I`aM&R?2u_^!=tG0Qrl*GTa6rPyiS0>MroUg*+~=v$ZL{>xDY#zO$_dP(zx}
z${f`;9Gms}#NO<%v73nuJvu&<_@v=Np3Z}vE(k}$4YoF01@wep=qZUih#v27&(~W9
zLghAq2M4*l569jHE49c8qoZQOFS#&PzHe(aFAsC>(}M3Kg6$cP2|Kk!<c%@b?*HN8
zZ60%L3P~UL+&E`>{w*$k*B0TQ;1@WZt&frQZA;SsA*t`z0kK#ffHL4Q{W5CY$*XE(
z_UAQ@p|vUb1ip!qkE<!_>LTB&Q$MsF)y{aS{!o@vRi(V;qK0cf*<JZ-p*?fvd>>g{
zEn=<Y%RQ}@8W*1Qg*Mm9=69yGwG9~$A6Da9aC3gEXHr^jTzq9Jyt__;ic7hpO>tv+
z>gfYIv?9>34M9;IJ*)urW?e6>U|3Xv=N`TRHM+9xXT>2}Kyz}?3knezJ&~U%9sOv(
zm1B6JBd?dXv*&~OkNJO8Efu8|;Gi%h4lZ@`*^y49*#(WH&5IZ%aRSt!OpQnOq!4r>
z*G{bc{Y`7f=nnFq)7!p1YmJK)vuN)u$kJo^Eo8{JjoB`zw2U3e1!Hh1$MB0~u5beu
z{}yRZ{!laUqi>XP(o3w&6#x`a-HOD$jqme>8_Oowr-JQ()Z<J{pwH{F*Q!ofkCHXt
zWo-$qv0p34aL@2#&9L^rmfuJfFR}^t%PWh1u+h~8!)uoG8M*SqUg1-3x8V@jjz%Cl
zi|ifBDZ3FXFpbZq>}{6J?2t0SIxSgHK4whu@+15MEJo9Pr#+>7qJ7G9zv))flKvIX
zV*Tj#fV5JMdR~;4jB$7t6K%*irx05ZhY%%BOh72*;vy%FjAKu4s%FYycXt2lz*}C%
z_;8k=Jqi+$HBpt#Bz(2BOZ{wG=tf=HBKqJ(g7KE1#>t87|2rjH3b!MM7*3qDH-zap
zQ^%^Js-U1ctl)*}MU+B<u-ghGSuk_`8RFJI$ME|F1ZSMd>GJjU3MICui0A+{AC$k9
zpUbI<y-7+WW3508UjSa;ln`;N>e2PfKxC1k-D-xHHT<0!;%5rW<~g9E@+0q5p27e8
zP*TSleycz~C42J+Q+z0b3G=t^tPB~^U!<K|)@CIVd0*X=g!9-ROz7FSZ2lRQ-qVz_
ze$uqmG?|8!W0+P}JDN<@lN-yCszBt$y*{tcdb^BCP=&V|p+pomb^Zo{c)vD8S=r%a
zan2=RokvPGv3Oh)6*(S6`Bz}QU!%z7=hw-^6pA=ugh-ytr>fDJ+E&z%L4CI4B~4d-
zAWnj&c4}<<dcw`=$DTDJWg*WbBP&Hj34EEuv%aiG4>CqNrK^tpC)ux}LdjRVnseV+
zU~JIe3=>JiJJyj^ov|?-5Y!q5KSE=hSoZAIzx}GzmW)X4Eap^4hfvd5d>{Nf&w?JY
zno#O|3)Gin>Wl0{(yw{AE~iIXeq>{k_35LFF&LWMzxmm1ywKNNc*m>1uBoM<)*3Is
z++8e>&sxFq&jD)hl}tAx8SIYbRUPuaz1g;ZF#YjSF2_)zt^FGIy;;+NRq*Jm{3ryM
z@3Pz9y`w9*v&YESk3HizL1{~CICb==OBEkw4%YtXPr^nE=h-n_#fARc0sSm|xjO*8
ze1=|yPA+GSFS`WRku|%LQDd3e9J>3~ut!7zal>(pt(}o4tJe6rCWAR>4@QITVaFpO
zlRTF%5E`Ph#=atMI_u!6(4ynLKl(cH!P2Gk!u|Dao+B$yi*Ey&r-0h%G|f2l6Pv;p
zfO*4r38Rq60}t?E;48(t-y=Rnkf5{6<Zdf&+E>EEzK^<dy>8r{W!VcGzL`pZ=O8o*
z!S<p`6x_zZfqYBPome5F#g6P0O4OFthne<mi96EO!D{`LBd*YVO+*Fu=fz^Hq+DSC
z1+M+a03qLpT1mZ4CU;AdJqk7{Xqs+uqiAZ6Dj^~&O6A;+*#NB7nQE{ElV}243+7Vc
zA7Zp$+S(+JZv7+b)t(Z3x8*p7+jSJ2bVNwB8;YyJF>Cm}Z0c{&BeKPihZ;>@DeKGM
zhXxZD=8~ea&%pAG2Qo{FX~;Lsqo@(#oNVu$>UjdutQ<9i1e@cpn70|FcvcMgMMYRZ
zWoD7MrUy9MA5#Luv%k4Ok&px!#ly7@C@r0gg$qeH7&EfOq+&!)Mj-;7V&u+wC)p#g
z$SP?PN%qZxk@7LwME;H3o{o9Xp?Fv2?FteTgW^S^%?}F&gQl(2s({9|;<Kwz31~g0
zug6Ey$M-*dV=Crl3EsU?iyAAY8bsg-2u#>L6{Y?MjHEN#dg{>QeZ{6+OJUT1C*gr=
z|8pqIOR5N(Q^R|P_a&t2$~!B541<poFUFc?ZHiIvnGaUq3we6Pz)Mlo)<&!&uO8!h
zNYXZX>sl5-rWtmtL^TX!?cD~QaVw(DehGtS5L<c2pvag4ClTJXe6q1I!}JW~pa2oR
zc*eD9HA}FNkk8{<g@>P{ALH;~y{?j6>iE0zd6Rsg_RGdqer$;0IKpx?mCVe7;=%8>
zyKJWFSAJ$6BJshRYKC(m19R=x5`C(*i$T8-AEoBSQe!DMy_(d3*xXlrO>Aq9*>Y6#
z6u(xtT)-{mMpL<d(mD%nx!j-LB9_YY*W)mjJN5e?y2BTUXyD*tw>OgIMyAJ-4eC@4
z;GYuVwZX!QaYd7zW{u9tcD5~5eT|LjCVMFZ-_+SaUi2iHuSpIE9Tm36RBzEo8(S@+
zIkOFC-+D*R{C@vVFM4FU-FtYt=}g9tuS7bC1NEbK{mA{HVQ#J+^Q`5J;yd7+nFtYm
zwid_*xE23Fe;2lYT+}}kc)~wd9HhxA)Z!7|alAu2ve3l-LA<k?YrBoRY@E~=<E_~5
zRe!Bj(6(sthsZ=_2dGUXx|Y<0KWgv0QiH!Fz4P}VSwt6gk7t+EPg-eNrc8Ii5cYvZ
zvERN9fB=zsjZ`Spj8R%~HW1bMR?4m{{M^T1;=B(nc%goT>)^S5vN2M?%}swRdynJu
z2AMdiVyIlC!QFYJ1}wV^9+1-v--e5>#NFPol|@QjBA?Y>9o5B5tSDG9)Diay{&RgU
zeaU|0CP#~_tX^>fbF5h&euAMO+Nfo*VF19_pSzd9+V;0()wj2~dgZiN?CbrTpl@z!
zG`=NncL@#sg}3@mueI%nTT^4zGr9e2MW|c<sraJ3>viAu+*sGPI@%uZN4+Uy{pwG)
zqEOd~fDB8AUWkFVgT4WGlcA|OZgqih|DqetiAxsYjpO6dc_G-P*>84qEv@sO@;=is
zcc+O*(^R`X%12z!n&XBz9D8}aWe5+Ivg$q4y|(GBsg)-gR5@+#g<oB6H8TNB!|rAV
zYHE=b_eXPs8aph!Qh#b0MZNi_xG^{Y*S3F|zcw1x=9-^2M4)vJK^R^-J(@h?*WH2r
zdpjeB0mc0l_6w_bI#A(0;#=ybOz_VRH;FkXy+NV7OPi2Z_<(NXOFTVpc>9u*jG6Iq
z<L;(WNp}zS5ueYrk%ZXGmHJryd1$(dg0TdK%;MsMnRI?ze2nX~l21n3#I(zbDhA1S
z9>+7SZHz4$T7T2@RdsjDGrL`L+O3wU0cT{Rz+6Y|=G65SiK)vMe4fv87cUA_4Zbv^
z;8M!o@aX=4d<_jrW8tX)y<48UEZ>2Y_j>$ib{E^9*n^-IHug3I(9|zz-SiwNI~VdE
z&kaHbU!gfY_uzJJ`rkF=wgM;k!ja=M_b$D55fUuf5Vl%=!2DX_o^N&A>G6fY^PH3H
zPCSn(o$>X&w`{!MX`Va2Kcqb`82VeFH3R;}#*y3(YHL!zz3DaT2VlglMCu~!Mzax<
zIB-7vwm&GU@{4hK{&VCWkEVk>+VwSDs9ATZ-n?*BAeVvpoeK3TD?0ZnOi4a>ftz}R
ztNpPdyZKMY-qB3heRj2F^9Dc4LGF{hhSozUDa}CyFmZD4>p{1lLid4-4XxFiX~w-L
zEqCLM!8zR>%67w9_+q;QF;HIs*lLA93epuc^}ZCCvUeQteP9z5CA1bv(|s{DOnsX(
zUkD2SH{W}Cc78+UF+3=IZt&Fd>8`WkApYICre^*bw0`j=KA_`yagfC+KHxIje&ea-
zv4QlplJ&5@hWEiVry;x4ISWD_N3<jV2>R>y5J;^MF3~15$XyrM<k$b{EvR?1?yosd
z_>3S3e>{7Fw5emMx%0LPenqkKdF^7o+uf6l*4hBZ#OI3k+m$BZt^@k?d_&+aj0a5a
z-^7wI_%;*#U}y2ZA2OSZO#NN=188fJL-4t6p<_bdb1U?GT8_o-!fVn;OXBM$#lS<h
z6HKk#sD~R%z|P9rr^&~N=ga2}<BJd8WIqQE(kdgIwYc5L))T2@5~;3)G7fd{Vf|4)
zEhqZVrTn3ZxmidH&{n{d%Cdx@1=HV1grCsX8T57Dg?DYTdNMjKjeji7KF=QyTd#i3
zzVJOLu^?p|oN#ZcTDq_5okf^EokAemU&AGA;e|S90he9r-~LsN`0Vh@5hr;8UjZf_
zn}1<y#KOO@@k6^}Dx`cQi7e%}Bo)WZDhhqz<NL$+Ku=xWhNIqmH15BdF{)_abj8Q?
zBv*v`F#6@ffX3qc`Ohx9JbS?7UqdH6L4>q!OQ+>8Rvc07kxW|7LvPjNUcIjODXFci
zK*aAxJ|<Lbc1R$)>h^D7lOTBA7MP1;TBzMJiBBjn%d<7V*$i%KB9@#;<vuR&uX)&)
zyIkTDA;fo^UoL&Idfw;h@@g8-1Sc#tH?=0iGo&sOjR>sQjq3|D^J!;MHF2!y!C61O
zG}$%TuSi-^+Ly-LNs>{5j2USD>;4LzE|i2(pV18mGS}ulWy$o%Zpiq_eF_t>)ZD&y
zw!fT~VST?cLiB>I0b$u>e?U>Z{%0ZAoof-Tk#)PW@pgys=SR=WFe_E_V^K<ifX1GG
zf0l{kHieN-5Y(s<vAn`5t0y30dhBTNmnNbAF>2QGu<eVLYM0G`XQ;<Vw3|ArO$Nac
z5N#}^$G#?Rt&-HeulxUu8Uffn5qPd9$IJ0Y-UX8q4Ery8JYUa$TtB|8)SlSA**31l
zA&a{5^M3E0VnU~qE;lYxq5Y~}iJ#fbAq;m|+T2|M6V$>csI95l%XUYqF!spE$gpqq
zGr}6$sqN6uWltY;7E{NCSB>mZ6Fb&%$X4vL0hIjm-+EwcK@kp~*=$T=ZaXYc-NBMs
zSx2vUK2i$sUUa8l!q_$~n`pZKj5a9rYwugH4;%^e|Je86lto4M4=UWGYeDKn%4$UP
z$dKhlAqgJco|X1Iqw*<TphIaDaTYwZU}^5G6MAr$bN_kMW0P1}g4*DSY4FL3*5GA;
zu$}sUw^n4_t>lCy2(Q_#>4XD@_xQg@XW(WiNx>f!%a?@GyEQbrD*q{66`v%mvbVtj
zQ~DQ=n`*>=-T9xJlktIW%q$D8x?+pb6Zt&ozqNwG96Y(n={YV&c#|5WOV&=vn#PU-
zmAH}uJWYul#>;z&H5bSKxs?C^nxK*)z<Gg_>Q;5a_Jz0X)^);tfe$bKi%=?IB}U7k
z$sR-~<~){fMoU=G4l}Cowo40Wb@qh0AJ6+P4)cGSn69M|`+r-IFhcfqX9wft+Yd$%
z0%<A1BHkFA=)G>rP_E8G4a@&FfC`miuWU#IItJLrs9)ry7AY#P3@ef_6o2U>IVo!l
q;s5`y@Qt!d2_kq&`Afi0cii;_v4v6!0!R1(ddWyAidTyo1^q8LVa%QY

literal 0
HcmV?d00001

diff --git a/docs/installation/images/good_host.png b/docs/installation/images/good_host.png
new file mode 100644
index 0000000000000000000000000000000000000000..2a6e7c47eb579839535a26e5e952eea242c39347
GIT binary patch
literal 30853
zcmZsCV{j(X)^)6jZQHhOJh5#X6Wg}+#1m&?Pi#+Y+fLrOx9*Sc$JbT6x@+xqYVYdW
zr%%^D>qIFlN+H1E!hwK*Ajn9I13*B){~2f=4ER5UX|>Vs9{{2(uO<Ni0JgWccXxLW
z4i3J*zyEm;4-fw__4M?JDe3q3_t)0emY0_|Ha0dlH!rU)uCA`WzQ0FCMiv(r*VosN
zkB{2h+qbs1nwy)?&dx8+&Yqv2Z?3P;PEU7tc2`$dA0Ho9R#q-AF3vB`2L=YFrlxLh
zZ`#`0&d)F3zP?XRPIq>9zQ5l0_V%{6H_pyaAK$+2@9(c~?mph%XJ_a3cD5E47Wf2&
zl9Q4UV4)(TqRh=LZeBh=ULRQ5*uOs?`uhit4)$&zUR0F<bW}6}0sd$A?^C-M4-elt
zZL|9~FP@&B+h=!rx&}EpIpEN!W&JCWWq)w6@xI?rt#zcjW)Hf%yN{2K`I#w}kM2cz
zS@q=w8%H-eq;0+)mQ{qg`d7~+rDW>rYAY+N#wRA?8z=t^4Lds6Ef$-paFJ1S%RL^?
zN@;rV2x=J`K4)aS65!phU%V0^L0_!(k<syxF`N4qcGBRZkdlyRRd$?S-*-<gy*ylb
zB{#LD7=JwMPplrU^c7O~gjdZU^^`?N%kdfq<rNi|aFF9R=lD!+KRsP;=(@+7*!Zk3
z4Tm`!?u}QgSO>1`o}O$^-K{n_nXAwAHOA%F+Qn3?jCW$;F?)v>O*JKN9iNfP1-MD`
z3@>iVs2g7#{e3;`ySq9rZyV{TF5r_6JDmTW<7dok9J{c-6Ko=7F3nIE?ogSNlx@x9
z<R1%}k9%JWHr`s&G%$rlpvb`b5S3b(^Jj~NNL-u(O^Sr6yrJWII#V&Yb{yzlX`@{k
zr1E(^WkyH2+UT1c?9#aOw%Z%i<SmqDsKjDcU{&xZJ2nu8)?3W8=vzn#0*Xa5u5Bzq
zUd}u}xAV<QkeEy{jaT#Wc<iyQ{Bf@K-l^rUljD;t{hhFT8%JL(doHuYpVS9l-tO_v
zhu!C}(%07gxdRo|h|s5+==*~8K{d(yO(2WrSbq58@3Xrdr`am48oAZtqJn|^pvGYH
zgy+eGhj6jG^^nkX!@F|(yN;*Qge%*&-RkHGx7tyfmVZSL=LS$zZT~j`{$1z2-2qp#
z^&lYbv@+r%YF?lhnJl(sQs^U&6pbW}9Q2)czu;}71RO?0CMd0NLg!06N#o?IWq`V|
zLXvv=RC<t$Kqbq7aBwUd(H>!Bja|t&bF3>?$L-i{oq0%#9%1<Fa(#=VZ;S29zuR$h
z)lAq&Yy%&4X(rej(Z*Vpb?kNdu!GDxrPs=p*V_cw7e5`pIN%4p-h01Z)(Z@a0oTEw
zTPNDg@C)xx8A7pu5rOAbW_Z^daN0+kl}*fWV@W*cpn_Ncf~OpIcqN}nT$$6E`4qMK
z_CHt0*BDfEp8U#2KpFZVbIFkmixwGn?h8q38~`EQ`1hcCU0%p12ckG%?fG2*Q0<dq
z&M5QJIb~4tw_?c(p;@WgB^w!7S{J(7N+rwWa+?I-dTPQj+?|4~`CF{>x%O|=B|N2K
zNdkXPJ7w|GP8pRKrm$k=DcnIjx$Y`8NkE&a`g)C;rDca6WBI0{q_(Y#zlY#z5q0&@
zeP?IqtAh>MK-3TQ_4V^dpArM4@VjM^cKZA7ZWZryaZ9ZTY*wE_d6K}&DI>%_2iJrh
z!(z(BG`tE}k4pBSLm1D_U!qZK>CEyaR^<tV?50Uc02-P@<Xy8@rxNc>I6ObLc3ypY
z%yP|?S;>Lk-n=P`)@RowUb+i%8*=k)(kTUL>k&Nwj#S=kFjNjeLDpI_GwuGv*|ujb
zv;!a&1&I?z71TrlpJELJK+7PG)TO1E2x=tO(Q){-wL>+la%TJL>4C*0prw?4eO`cN
zZq782pg>9d%}^<2nwcn}4(7WfRf4V`H&)r}N5poKCm;6EL_|sDw*&Kf0imCQXNy~<
za*kKn`C(N`gStcsz?4}4ombjno+N82w%_)CH0I{_K~gLNOj80oCUVZVK`$5k#5Il3
z>)Xyu&;wP5D+@2Anv?r;dQc$Zi}Zr^Bw-?r%t;5pamdqzX`(RnNa~>xCb&4~q<u@*
z#M9Rft938APFFtkUwRAiDiGjJcK=1Po<mfHh8YptVP==5V8#ZD%JKSvl+0EZs7CUp
zEXYlqqL;j0h8=or!4}k?d%gqV8*7urDMCW52>7e29K3-+9&mrd^mw#kc&n-o3iOoG
zWPAo5#5o4*fzc2u)xEIc@TQ<Z{9HnWh&P{vi8bz^Icf^})4T9goib#e;~2S#y&7;8
z53bJo$tzYBAP}{c2$YpO+|%vi`39ZV&`jHZ+&W$s89S@g2AAO%LK<aq^ikl1j36&T
z^?{T3EM)8BJ}IW+1=3zJqu$YSL7{ZVKp%6V8g<~!AaX8lO#NgFz~_YzSQ`hhR0rm|
z196K**`C0o0?r=Ot`FPsiK@X(Be47~cjpo(%17YE-MnO)k&a-**}ZNOedqs_=>MIW
z6v>HGc#u#y_|jcMbuJ2)f_gKJ1UJ+~33vYZ&D<pbR_+TL2v7i2S!?qEiFH)qil@<l
zyi;($f{31O88WI~V)WU3tW78OxoZ<66!-8cRj4i-PGhs2Vcf7HjHxY%0OYC3l+?{A
zS8EYDlZtK4e#san%f&mK(h4=O!%$P%7>~<z)pVH@KhC!diUtf4!_2=!F2%mX{MNU5
z#>@b>b0e>d`P<jNGb9HjMAK%hTIo{WA}ONS6Bzy?pNUrd-am6ynI~gT2dCZh8IY11
z7*ezZ)tDdQQJh9F9|u?2Iz-Xb8Lx?w)iK<O9Ng;tLUyaMaL#VY_&Jtz2CG0v(8-)T
z!j?B->(B1Fxs`p|)C@Zj#OGgAPi>E_qf)D75i~ketKfeZUtI&(&tA_u(X}kln468$
zBtYnF@imrI1aV|?#JnC%k8U?cdV2%d+46rWw10G#hn=<;Z6yZJD%Z*N7x!*sz_owC
z#C&#>koHaAU4Rv%fzb83Jiej)T<5?5Y}?C681*MOAc+(+er;rev)Q>9g3x!s{f3I|
zq8St7Kz2*|MVfq_(=k)xs>9W>>BPJ5?9^6_zV9IyP7dL_LVehDbMoDE{emIzYqV$o
zS*Bd2VA*{{>HL0`*+3PWf=D|_q6$KG?0F;E?Cv?~E#b!Zb+0qcvcTU;jj?3)y*y0s
zmYZ|AA}zs`3PF>_4`*{!iVM@DI-}u&B*ua1>-F`(FVk)jBi56y((0n-$w>&;{;10G
z5l#qmBAs@1(4@!ThDO4?VbLZ;B0cspw`Bu$-kUKwL0;Qc)r23+(rRUob2qb?n>!G|
zz|w^xD6zv6bX16rE?0>d``M`$)=)fs4N#|hv-@U*Oi~bL)pL1IO{@fzcwTMXCVYTZ
zGih*PDKRcnPH&g8X36t+8d~WMo1QzmVC`yIFtl<I>Jk|0`th`5GyK^h79&-u@=1&u
z%J~6vO&F%MY<Q$NSa0iLYqv+Or{%ZGjljhOw;*20n4ncr3cP1*UE^ERfISr_^`1aQ
z=~Q6qdNq2tAhLoWz_BXFE1Q17$A|H=h$i9aqath`rNXI7?f)ywLf{MPbT$#t8>kXY
z(2}43qK2TAbhGN?BYMN4-xktgqwhVI93@3ll+=m+{YCBLbk|<r(B1H1bMN(&LPa|4
zSnj$p%^AD3Np6M;v(-`v{mAg!nyvd2ihhmf`*v>G@#)PFixQpw+ZAX)AjJ2!yE=LH
zF_IE>Kj7xg|2}c(Xs9r)&gkO$TQD#BQg%d9@zFJoUmAPxuMPqQFi<JM34k}{5UD96
zWArb3ahkqzl@b_JZ-ihGWjHH3j1$SaJ~n?0nm#v)rJ<oAn+7xyvN_9-3w?Bv{Wr5k
zNzOId%^$a(EPz(lZ3jZan%=dapIuqKfB6|N3O=636hAkgQ)FL}@ZPtDem>vtXAOLK
z`?B@&_6E*Qp9f^5=X3ghHr#0Szm&%TSo}S1_DirbnsliG-mUF+CHQsM-;O-dT!;3>
zlx5MA6sj%xRF_$&in)@*Rdt`qeuTKPfnl+ip3jDqaqa8~6U&O+;=GFIgQ=79P(vQ_
z0<jCqXZB5N%@UanDG1x}t{cdrjb!~N=aHCW)W|AyWFL(*^0dFtFH)4YKb?Kf&Ds1w
zvHbacBXs<~dHh-H+4C={TksvqG@2+dQ{Pq|P8Tek+|6}F?hLbmNViRgEf@0(-c@P@
zsZ})=%bG4X?$K6cjYb$T=qJK7Z;V=RO5`zS#BA8o)rYTwBmz!Y8Wk>WRF#lmfMhmd
z+LsV8aL8!NeijT6e0<;jRN<=W)e{CFgf7i)_-u&55-+~Evg{Q#<n4M$OH_MS`88HF
zR+juO3(*uo#Nh4oBL(*MqSAMhvcO+DM@0=|jxJ48m2ZHr0dMe-9W042V!2wGN)*O&
zZ`QVrA`u0qhl%Ax*sun-F3!XpS)`5_EsnMZIe1pHJt>VkB68Rc@o@HmXu9`T<Sya~
z3L1Q4y{-)2P8Zm}x0*@{!H?;e4>BoGi0(8f>%76xa$htod9y_jU2q-5qst+8aw*Kn
zt~W{bWFy$5v87~oK8{#0y7GA_X<zR1*Ksjz&)=l3lvsnl{K@Etd?cQ_zytGMb*#kh
zleh}4I&jTFyn@{ZiH^r_2bn~U20K!45&b0ugpOXn)Fdfgz3`DNbjX-lo?HXeM;vWK
zFO<#Bu9Kau5;iad99&jE;+hV)!4*Qdh>VIMp;iIFuWNN76OcB+Fhz+Q-^rn!fSGt8
zfkBNEtr#awW&yCcRmGyKpf9QX1zU;FtN{HXz4a?zpe>dYJxd*B6%h~RBg5WY9E9W!
zQ5b_&l!B%>%<X}Ib_Z=@Al8E3tb)tB4U#4+)b)(lYY>5(8^%HwtyV-9&+OGAjdjN+
z8k+(!2IMZDTo)dGqnJme0T-pg%_d9O@`CvhB*{NBc3Cl-_?BekzCHVqR1Ic=G}H>@
zli5$7mwFH`*hQB_aZcHqW{7qc_4OB)NHO}{rUByCg}QXATdIpyN!-nttu%s_zO1(+
zguuY-uaY3<rG@7Jk0~pz_>Gf+m+vWwKn0_r;O3vSa@^|_&=4V|$ig=*`2#&j@ZH~J
z2a7ZSF$Bt(xP5LeRkkS-?WJvbq9u`5&~JtB>+6VKVZYos-6`Ke$z>roY<-85R}Y=D
zvY)^1u9E1NPgS4Z$L^BqiCNK7CZDF!(A1IhvM{s<D~VX+?1mm)JTrb`9Y(y*bcN3l
z1$>Nzz1*Ivta!!QmX<R@5Tvcv*;LLv6FKNzp4C2Cl(0T*EMrJLH^#%ObZ-hM3=s&)
zM_n=M+HC31SZcoyOOV+5!&(L(kY@$ArM;uhyXybp%1_0Ll+Pq;&vX0=eIj4)3V81t
z(&_U1aME>-t1fpC(u-U#Nc)IJ@^8JqF6jM<b^~|Lvz!-*=BDXp2HIMvhhH<%!xfJ&
zzw`slG)z$kSvNHohIFt#{?*}B!W4fjRGlG(BP+2*KGNJ+)aB*%Yxg!C%SC$_W2J4l
z^P1^T=Xe^>|L3>*-tMy_V(W!Qc(t=wD;fjRipB_uDfQwM)DiEu$iBm_&CeW<1LJI_
zQI{Oz5%%cnn&XT|Jg)m2_M9x@o5wKy#1p}iA9jq*>q?im`vDbw9JMSAk2enw&G8>z
zqn-*JbA^XK=d<-5`9$B_NSPvBNe<8($Y;70j+^uYK^I0CW1^T)*j3d{u@vowJ!TNu
zmVv7qBGWwR;$LD%l;i`Z>AEn<kmuzU^+XNCqXlcQ%N{?Uz4ea<%SOt^C<kRo2#&MS
z_cB6%Ig_2Wi2aTxXcn>ANXPPj)yWePf5k|Y;FT&6o0e#YcqLVtCdT!YUb-yS)9_#j
z&`u4|)b92;^1ZP|h?6R$ae;J-)FCM@vKih%$>taelx?i=WGhuM@`dKtT!R6*(@-3k
zn@q|NL@wedWg8w4j))*Gb6KGtMY%HO`xApYJ`v}w!(}9D#M@dx{1%lffgB9kAkNj#
zY~low5b2)h?WBU|MIlS5Gli{+CK4;P*U~D&NLziWzgjjS7wKFPD9$HxgPT0W2jM&P
z1NQyV=`S(D;{;@s>nP<o&OtHtaU!sWK_$J>vUo=`iq%6UT|OhNn_hN|G%`F5CO0a$
z%Jv(udaJW)O(S*9A3ylQdE(#Ck}JNSJGbeh_R~u!m}Vl4u&wcqIB;%fD?2BfB>|}S
zOPxfuR-9ghm_4Gl%(7ddNNu7c8yX$*Rx32PG&Y~v`xw%sj+ipi8z8yQPa^iR;U0SU
z_&_78q>@<Nmdt7s1r~+6EL#}K%mtW}>j9V3=Hhcxlmp|>#%VU*>_|jQ&i={Pe1gJ^
zA0bt~_i5Bf6nM24?1g<^g9gR~1BaS#Zz2g3yvofVAX7*z1x|wCAKZtdUyRHc$+A=e
zX+SJM0u7^u>==byIx_J{PI?+#aVZvnhNKjU@#oi?JsJ>aUp|$dyjNTV2@I`KoCN^l
zCbImPDSrCdLQSGlFRr3gAkGqndR+YA&rN9-HGd(GPJn8z4F~V;w~Au0rNNgD+mP#L
zV|>KYs#dadG$}<NQC;3n6dKxvaU*}v0kU5v=EtBpJ`$u6;JQQ)Bej%EY$dZwoCKMK
zpM!kGM*^;qc&EwZyXsF)J_&OQc^d4b07EIR6+cfSHHBOpMjV11+;!@LUvv)p;}onF
zMcnI+_c^inZ?IXnIE$Q%W7P9i4s~MtSpIl6mt18AHBFXtHXoI=_%S}dohl|EKm_02
zxGyv`l|v2&Zoa=698+Wb%qP4D4^4FAG$9sM0y#wdbhF8e9qDS7Q8pA8G6=RZUmTA`
z7`c88VJUgFc&Q0<sfj{%Aqx9V4SdMwjaftzFIb#V4B3``oy23rnM06d%7mly5L$AX
zvWPt=F$21n8u}(iLzpTO&MCVlNu5?58xW@IN6n!I-}CkMbs0dC-^+9Ss_VD;O~^Rg
z8gm@;W9U~tF<8H{93FRYXIVTE3#&j|6X6~=mo~5kk%P@pdxf7S9V7U}1E@%$j0^)%
zC`jB%Css+Mgi$F!E($)7EhAP;w5~iYEt;(f*V^toBe_ej^<I>+u<=wt+3pT_EAE};
zsJ;Doxb?)gPF}L|<S--{U2)6QL0g-E(TJbzws^b<g-0~+ne}z3M9#iW?7m$Og=b*Z
zL`EyEG!or2t1NbG@b9!RVJc1kgBh!ureR~c^WOUXd@N+Jk86k=(BbWSV)`a}YaJ_{
zvN=_&>Uf{Vn1vLE5OiekQ75@n%mD7Uw;Jp_eyL6-z2{m!i#EWT1UWaoxf#QQX;y9N
zqGRJNvX5!vhnoTL^iHy$@|3Fu{Cs|S7Wz2CU3sDUX^Dj=;dAJxo~Djv-Wl><(uu#H
z@OzW}$|FcXpA%?vKVPP<mG6=P#iAC`2eGl_)=jr#k`d(@C%{G+Udr*q0>;cq3kk;v
ziU|VD);f}3`_ay$X+m5@xp~asD7Z!AE{uYoP~i&oudAZ^f(L7KWBZ-Nw?2{nG5<_u
z^2@hx$GH7{Mn#a4dtrmLm08!&2xds#Se>*e*;-=dh*I~`J|_eoRHOO&e*Cd;a3GzI
z_b<!Mc(gv|{pXbk?r|QPV(vbf$)RdZYfO8+Qrt~aZA+`bMlTs{ESm9Jl+PL5`oWI+
z5Y`#Pxwi2eyJgt@ZodfEBF5oBwE)$rf?ritvJVcm+-2QO;J#_UUWDR%(+)ClcVT*F
zZ$ag64aBs|O$gXYOlBMG&c%b+cNs==7p}n+QSe3iGLadpm^p$^Ee=8zQH|2mH8nIf
z(=&ea49}#G4XCnP<dGhFfn=}(6k+PfViq0ZPypCd#W1w^M1KigC(J7m^?$ON4E@v@
zY@yGMJC4+!)xfG0U&mBiD7es4S6`aVj~<VL1L%%5n3da+tuWD6RpAyZMHZ3G`DWVG
zs;6YR%VIi%`7AiUhs?KC188#H*Cg2Ni1iu4W(fY64J%SIR3MBn7d&}t<kJfZ`n}!m
zrKC}8aR@35o=#o9XyFjr?wKn7p%IqBqIteh6C92hq&F*~gt4sq49Moz2=r>_grFID
zFAlGw(J(Mkxc10c|J5QWS_K<$%fI(%U&*SzQ~)3~iEN)bEKvwV_s*ba%&KxIaT~G|
zF(Vdf_G=N!k|}0w+v6-r*(aE}+xR{IG6`m7VPR}hBy2(XY?|E%8s^uSJ=bC;>0Ca5
zm=09m8JpWzH;Pt_HY^l&-JlA2dpB04YSXU@M%M??=i5mFsHa2>@Iy4Up$Z{}_y$-C
zitpBhkVt?-a%2$_C|EY@DYmXTBLX(gh+BA~16XJ2p6X1i_~ruFDa*YnvO92TvqI5y
z_y!b=V4yX7np8reGCaw%vnoP2s$i9|E-RKL0qWf*jOjl()Dm6#h_|CUe(6*OYcD42
zsJV2&s4P%-3agi*(Zzf2uTKko?!|2Tf4v^}GB8Zel*7<uM)BZ=OYjzcul`P#FHggM
zB~%Xmlee_6SX7~!XV5K{A*w}EljD+YkZ!?g%2C`e5q%8KudowD&5*|l;T6^53=~Za
zU(xQTgSz)~FgHQ=MB&I&JnP7lp-MS5fu0N+^Ck13u{-WZtaluxTdDQaaV86>DmogZ
zYv1@&8GePA@#|zUFo)-y;Iyh=8CEpqRnK}4orE2SWvcKwERQQV-MiuV)rfjw6RWux
z>!(w^m%V3J1>T*s=5xen7(YV3U078o)UN4kk1C(-yNEmTU*W2%c513gX%hs1L+co)
zhmFkOdD6SNQopoK-VT2wJ$1PBuZ(!r4F~1-Rm<M@%>~OF=sW*)AwePgyFVz`q|m>^
zc~|THmf-MNmrJoph{LfWABABMTRXdZ!(NqR232BEBJV^=bcn4L$6Zm|E?R}dCq%hR
z-@>4vEwSPVP%G!Sh~sR4(1!Ggj!#B3f-3W*{9<F3k+^us4o7e_cU@<JvGGVcgW(jd
zzVXETGq4=GzUQdt&n>Xzev$v{eB`;u>*DvX)deO{Rin3w=Xj#C%Jv84m5b|(@0-}#
z^MyesP7qQmdwq3;Q%tk1yx#Ck5V3@^I(K)Xg))-n?_n|Bg-ZB-POhK7j{oY-(N5!A
zztwZt^rdngMHf>W<gvS&Tzw6YV7HT~shbk`Cdgr|+n$NHPp=pv4X^51d2S=#g7zlU
zznLUgiC~>_*$sjB(^IxxWDo;MsQ6*{aV1OrpMMIU;i!t1&epdPdpv-J!&V_O(55t`
z@&9243xm!GEEzK2v4-SSDl}y1Hw#W1Zq~KY&c>xcJ!!U01T$|c%FR=(%F})uTEFCm
zDQS+Hi=b)z@*RKhDWsn!fi2EcAzi(^tN~J`c+@6QnY>yAWG33gat<KjYOzu4xMPDT
z^gLg!7_4qT5<$-hw0+zmJ$;*v)I3k_8WILh;t_S<&j{gOtv>qrPzrGg_@3)B@7=T)
zG432&)=eIC_uxHCTHZZ-#FCiv3HcnKZ}Ts<oOhqsVHj+)K$*i45qvEf2EZV|!U^zm
z%{?UfEVxQ+^0}P%a3U4@7jAUz!(MLDyq?$b>u`f<IY6i{p(|vS;Y?B47@V-H(lm`y
zA=5mZ5_8vxHFNMFM}~C1*wGiCdf$;79TJ;YhZkAH*%>XRWUnL67P}uORcr@*Z5IgL
z69Y0qc-VO;<6jl%O!_+omtvh#shsJA=f-Ex_D8(P!aUWhQQ^z8)PiH!<Y6)rBb<>%
z4rry58iOmqtE<wQgxl3B_)%pWjGvXRj=S^v&>>G7O&=vCxpws)c?4j`Iry9zH9Dax
ze=Ep$qo?VYdKmP4GZMRBzugEw*D1ko^KmUXUFZs72T%4)3~xFjK3}{q^UR@66{UDu
zMko@Jm!f`u|LIb}<@x#kqBiJ><o_-V9$G7$C8qDV!RJ|e9ul(c|MN+DZ+X`+ZUbPj
z)^wik9N<xWIcY1VpW--U&_%wb30kRp<~9DaC88Dt%04ltvWk;#7u(mQ9^p%dYf!16
zF*;V-JuyM}QgVK6_&(X>e8;LR6CTP7eGfCmUN;JzRHT}b0@qn}(GHp>-cIWoJ?c$h
zLr&m6K}o4RQe3Z5ny!)p*W7c$s}rr5rxwCWK1OV!T&6mv-g_XG3N5OqP%9m$cG5Lz
zkDCxvP@~);nRDYDDC0x*nHigS=x4!>3ojXBVJWz6ElJ*CF$p;!E170m--<rO94pGU
zq!Xj&s;aB2>!@4IHh;8rEbs4e^zv1^BK3T=`s^sQMW=*t;d8zHeF$Rl+wN`kb~nhe
zt03GFuSv}EI_~WH<AuXc=KbsRT5_SJ>DUoG2J0)Dx;pFQ>}TL2m%|L9)n89f|Gl%g
zc27frj`vb`tDX7J97o!~#fzlcCdV127JHsLd3d*g(&}hlaMjL)%>o|f?zA;(8#*X4
z1dP7Ba3Pf@V0{|df@{d7%`iH*0V@bi{7f`XQsOQI;##WRxkWcA+-nV&rk(7+mBAPh
zYUg3OTpFGD@xs~`C5hCSP(l$QdcKlmb#{pw+!!L9QZ5E$u5xJsLtu*%nF=3awG^4M
zv=qY$8Ect%X!j(u#=;ISigeYY31nrc$cqP?T_();PmHuk@G&t_g;*&VKGWj60Ev?H
zo-q_TopjWceRm<2Ua52^a;1{Lm%iUa%lAfS`T0c_kpa^-gddo+pVP~d>o6bRu#V&P
zD8BFG`pK8ybJ@u8)fINY`%UxR*ETUg>u8D<(CLquQy|Fua%RhPWw#-~!^QTfZ(e*H
z%!!t}a9rMD!?+1u%7_R2$mQ&U-eRp<;;W1+5tp9a<-<-!Z@#nV2vmyzQ7&WytxWxM
z>%7UyeWQ+^C~9h&jWqgu`MM?U$X~pwH6;;DxA=!KqwCk{0#m-g&!?dUdt*@>WS4p;
zHSE(HOd|Z(mmm!JSAJ9~VF|?@XlQ7jCl=DjP%W_C=@7J=F0WvPwG&rh9DQo2jFSu_
zzztVqM*vgsLlZ%&y`!%%aDWc}^-acwyx{rB7SaH@5R7^@ddA3z7Yn8jx~4I)?=BOh
zR5;G0<{5JKNW3a|QBeFWj_taP4LZQhZRcQc?qEs)!8YmbtB3(>>znC(=i|>|XI<AK
z_``$#M)&<xNH2E)Q_9%KB@s!OzKxm7x)js*K8hEF*Xdj^PkEdnKOP7A{_aI$%%Wyf
zCz|DTLY!NH-ve%!YmH3_^_<G+A=*Qu1iI}USNE1=GxnNGb@G@u6c42}R=-6}S}ZBU
z4vRb(ps@zal-1Tsvaa~__c%{JMa1y_w<>C!UMV9v86e)WvOd&wFKqtC(f|I3+yiqe
zZmIRaP9gFLqq}?9))NC0)8JfjgzzE3{)oI7&BV>!G!Mxksf6(E39p>eT66}67P5&b
zj$U48H@#*KlNXskVyLrxsEfyZ#Xib=@L}3G4T-XD4mDW|?4y)4!M_gf?He7Fz7O<Q
z{Jrq%UcoG0ui=*;!iIqWE&-u*m;WBMTWZttSAKTNbwC|4)DOq`ZgdifXTZIfzK{TS
zT^xZ`rtjyUB1U0Zl{BfRk3YaJ`iL2NJv-vkr@Y?Z<;FzBX>CB!>M9%XN*YIQd)a2M
zW(49Tk=h9JPV?#>k)Q_qJha9}8&8)P27>vJz|`6pz${fc`4DIJjim%_A0@I|y{xZO
z5jWeH(cUx%cp~k3*8W(he@bL_)bEbGm~uvm`d?t;a&j>brdz6=1t3O*t(5=r6Ce(H
zx=I_!h(XWGi4G5{EX^M2*TOFWlOCW~gu$9rB!^=oUK3x8wLhTfQD0<}&BW3(pO8K@
zVIo%1MXUVqDP{cIq<VZkfY$rX^^@VxACG({MRy+Q%l8${_(n^_0LQDFi=lfV=#v`T
zjIHnKKfs@cL^*u^P1l!bKcDre2~J!R*W8cZwqBGx=r;r#p3l-cx3>dIn3v`X5`;54
zd_=sF+wM+IVmJ^1u0PO%=#Ub6+U^xFUTSQ>X_8uV8O@K@jOFy<^rZI4bO2@$lv&N~
z{posuUufiRCFIVbskGT;#*tOE*`eqhFe0R0S|k9yOie5cS>S7_K_D@sRe<zJ$g-U9
zqUa)%v?nDYcL(ON^(5<4c@gm6Zo(2UiBi~xN6~(g!@p0LeY}wr0y>?ZEX-7x89Qs-
zEE>LtQ7q)6ewrl(sqC(0mc8IdvAnX9rJICGinVZ6Y+>rJ$4+T;!@tq8nE`=|4eO@|
z6D9ivpC3fER4EIlnlriBgieWPJvVoc2mSjIjB}CK1TP0Swwl)j)8t4>O8VZ<9RhC?
zWCFc{{xC@cmt&pQ?>Dz%SXTzEhJv>-D0U)I;$YXn_)X2|hi3ewv(uhC7^J#KdBFaE
zs%R=1O~KfaI*DPKf*M3R?H9S$Z^B3Bp<;@~m=5~}>>>0A8e!QL>9!S-DpQB_G%M)>
z_%53J`-KG=2@k#aAEi*{=ceRUYIM$%Q@a`X2;0unKF6>e)bn?vDGM<xd#ED-P`%#b
zvXu?FTdnlLC`JH4!nYc7WzuL$P{X7Wgd_}Ahm?ltK^m+cAH&PbH(#d2Zb*(sRwHrG
zM@2U~7^Bo9k13Ab&9I}+8km&lT2)qcc0*Gx=ckMdrokvQzZeCI%i`Z~{`V8Qb7r7E
ztTKO$E`dGtVBiJRH-gK*B?xMU5cjXUM88WEUL}p4h~+(*ekUWOL{hw9tlnkSs<$9q
z1bBVHUwzdjC;+&v-P(pV27{6){8NW?P`_4C8w}oW1NkLyUmCGi1R|apXIx?lZtH18
zO?PA$L;!QF`Dc$22@wNrwn;eo%0ec}%K&%JIhyTmU(@q1C85uU(ei?x7Ee)|{xj#U
z0G|&tb8j3${?5i1udE_#X{aA)J6ST?r}7OOX8E2p+(>HHNm|H;wooV*{8q*!YhaM|
zP<RoAR2P<zyk*s4<PhyT3$r(9aqa%oSyAN(sY$faG*S{wB!`h5;wF}=SY2)h!yA|P
zNDsR((e4Y!_spU0D~MNR$mY1zk}eYuHA105>h|0eU6^>ycP(WUQZ;tqBukS|Es3|K
z+*DZZx~k|B;LT>Bc~}vU0`#`#X+?m7pBjOcJ$z_kCS!)0M5nQfO@JRi44D&r&+~Bb
z@MgkvjhsIJ>c%6}V0LfqX@i#O3HW!pL`bBL4_m(aPSessXN2O63Q5r_-pqzIiqa3O
zU`8bw4RPm#d%WC;49sOx6z@4L(Ni`1C^YS)c)^NlK}bS>Ji<OaABire{asVLr>Lr`
z3Y|ff2mre(6rXF)vKa>l*zs?PdY}yy7p=<ZvK1TG8xWa~Hhoq-L9>#NG~IH$!BPr2
zyIT1B7Awzygfi4xIveB2Fs8|tO%_^yni7R<1)IYs+7uyz_paamrLb|Ph|LJ1JICD3
zGZg4o&<NZm4h(Wnir&ZBi`PQeV{$M?t|3kjg1|3Cz8A!WLct#+HhyXFR2<0ShMzI;
z-(P8N@2>gH<cRXG(SVn<jyKEj=uNpx+>*Be<qy``Qm+?4OAE#42lf|*ltCKZY}H3a
zp9zR2X@q9<HXGx97n1b~=*2g|4wt|5!i;EMoM^l-#^#q|Aay^0u>+yurreK6-x1g*
z{pwh}<0MAy2{fmkAK{iLj2XaO?Za1y?v!S6f`UTC!4|LEg^YzTGn(kbe6APGgxm$G
z2|;PQ5yTE8`OBN~4kNlHL8~%XAg89T-s0U_vN^hL#sw<`#n}8Oi4rD>$@#JTMhs@=
zdxf;A@6Y?_%z^gbupgEFzagbcJV~SlrD~{m(C-om1m14{N%=~oMkqmWBMUR$ujm;<
z(ytyKQN-24`gzn!?R@oEnxJU#p+R+SbwnpQ;rq^`VQ6Ug2h@8^r2HOiF0H1C9Ns4g
ztJT%ji&=<FMb9seGM8I)4To$F%L8g42Hulp$8qSK7Ztw#Hl@+d0-vq~c=_RT8en-<
z4L7pr5a3YppH-M#EdcrGhMp9uE=f882&KsXnkZ0o2Z<HRazyb}%*}-TiG44n4BhtM
zp8w)pYo7TAeVbpzx|6pWGs7#O5aVf0;V4&u0)Whtc|?5)i4mi8dak3c<mPXS-o5+Z
z=Q+TxeaQIzr9{-%s3VoWe3nkRg*lI7kNX4ixVml*%qN6^b-W2n>8pBwzvy^1?#*Wg
zKbO|!iQgrz!faU9_?628P1a1q!GiEw9i^k?cng=(fh1_=KXrRfnC6(4db@@lCps8m
zbcV!-#BJOmeyHy$8wyVwR{|MFv$Un`MCS=|$pk}J9Xp6joMj^^NKQp4bt=NOnnq;Z
zmw6n+d5JU4P{)~)24!Ue3+dCC#po(u=tzv=>aj&>=@ipS5gP0@6YQjDQeHz7K@)jJ
zKK3M?K5D4X9SsQ+_!+y|pPgqsT#-DGTo;xN5*?m7_1;dV8~GS<ezk&Xe}9}8kQjcu
z+Ywq2U;Pw$>v>)t;{5Y!PU&5m__u=>pzSj(Z5c?CLD<jHmQOa$iaGLe`D;;y!q7_2
zAiqOU5gUg$C{Rt$s#_C=t{r5a+CZMo^J!=|buSkarWP#}L=Vl1E{0Vsa6Q*k{9F!K
zcrnhl98=h<o706blzp2dO^w_@0rz*p(hs%;ifn3?f<(rTQxE*PUrqI3MbxZo9<hiQ
zzdAPGHXLRgs;7SBUkf^3ZJ97V+o_jVSwllyJ1xYrbmQDzCiF&pd>b}ML7Qla2D6Ik
zAiz|%-|_%jhGieaTjbIrx@|S3)f*8_8azw*#Tn3-f<mQFZ)qKUQEwt!+a5|tU;9O7
zv}^e1ef)2p>S<X*GYe{>U9Eh*9#LKX-ogc6nicl^gd12Uw=FBV_a8NDBZtrw$t5Ct
z#lh*{AV$8N;#9PsCXY5+U*a~yC#4cEA)&OANK|nmj&P}W4?o!kk3?e|!bR5B0RvON
zUY7bRLd%LK>K7!fh+LQH&Is2N%)i*sT)j56S?!_L+CFIFcdC#+<-AeFx9)dBMm~Cz
z76A^VpSKg_((Wa3F2)zAzj~)d?hIeDei+KOC+>cFjyUl*+oi(d5;Bi^#vZ;OCq4JL
z|E@YHIn<){e82oj&#i~7uY1cTG3H0tz43ab8sw{MYaI+9^{Rz37Ag!WXt#j6x1`&~
zX?<7V%_Rnhj4-ZJc1PZwbTzyn-)`$lzQN+LtrWo^4O&cXS*#}L&7G2niabPP=1E(X
z>Pc&6GKwA$Pz2)4V5j3v1NZD&W`{mh`JNq(Du%@n<5Eix7Fvuhc2t~N*(i}1Q@kOB
z9%d(mIn<gW;oQlimoRmCJb9JF5M8{r!7etlCEsvrztQ9=V#hN?FAL8&e(Cj7n$%_+
zteAS`0LqLh{N+f(P353-bBkns|Fe$x>xzhZky>PMnOlB_n6sM_s~AQBh7rUFc?v9t
z3a-^QQh<T7F>yBoxeNPNKJqxKU#L}3j8*3?L4;oqGmI`~0MG2hkS<0ElY*_mSs#6I
zCMG%c&!>}0<X0E<pMsD(e*?N7#}HX~myOiPbTDVODySwh(#udHGr}J;&usCFGrj(n
zt?||%fkDLK3=)7Z;s72P9DBqhFmg_RB5Au1!o);$X*hDoWU&934Cp@#DisF&?-uy)
zk(lN`_8-=NneG>P@2Y4kgnh@;^g=QWbidV$LOjs*uMDnb6R{`7OkuDhYx$kPLZP*Y
z_+LQ5?wDZ^(ff&s?*c0#Baz5W@=&0LQHU1fThbAKs|K{QeQI9uY;R^l1mU3(3};=J
z3q9CPuU_+<=g#DhIE)@c6Jg@u;1CY86d)NVh3bQa6aotH{awAJrAHA3V2TS*uS?m9
za6}^wM01<z9wP3`73lBV3x9TGu)m6?)G1n@v;<T>@0SG?0y=c_em>`Od(lV14Cs<<
z7RbEMZ_NCJWq`eoS#T=T0Rr^pcLaf_?_|I2R!!cd)ld8@i5WaTG^bu9HCfvqwt{$t
z9B^T1Ic}vT+T<YTx|kQ-5I3eQW26DOGg^Sk!ootOYBh)Q^qaB|GW~-D+If@hG+x+m
z%KNN}RHB_f*Agg~4)>VxZFgOyk<9LsFq_fjLxwYK)g@}2_Dk1U)j&05V?od~QQ$`*
zmA(XrEcxcI1L$mc9c<<#gO}JdiXKHB3SgnSlHfA6d)ZE3Q1H3JK)EKI2+)PEKTlOM
zyjK++q8UxsrLI3tKqZljr6(>rI{Ii!6OI#PaBxsdGJLz`w7Mehn&A>7Y4`3lT7S2b
z-{n;r6?eR@5Ir<4ngQ}4A{3@Z)15HliQ&9AQp?m#;2FgD+?)dF&rt-ZNHvV9TqYh6
z<|+9p0zmJ`>;PqB@}_BV9n63Er|>@=*&HwdUg-Wn`ln_h;O#(qLVb}#vYvZ69f<=I
zPblg&$Ut6pwpH55Uo++?30YK0{&7PV)=RN)$5rP-Xb;z&CQ(gPMIq#yQAA0kw+3Qd
z1et$BK>oGz`X)ziqxW5(Ykkfqg*am`)R<>PLYX$Z=$w5*7A0dkxa?Xw*K&aRV!vLL
zm<`n_hS$04^_PA_H=q1JNegv_4lS<x{@%sXlI=H%_LW5?rMI}4S`Ak#Jo4!tldBAW
z?_SHs9c67k_#r>`d9ke4r_8xI)z2ByZ`9^bIwL%BfRC3uS{)=DRbNYE?Hb0ZN0rtg
zrN|~PGK3pabSFb;>gd|K)3{P5vPQ=iRp1JCXFIMK1i7rpre*>Xe#i4AfhmK2;5r$@
zpIp%;tb=eV^O{f_XMq!)P>IuXPN<-Ph^;Tn0z-QU%{71c8HJj8E)zpT*o>ko%|(<2
zatz{p=AIk@K<E`&$r#O2$%q{rDI5%`uHg?tQ=cC(arUUr?Z}%+Ci#Vic*tK5KYHoz
z2hT_T1e;JF|KzYNR!KyA@Y1(v9F%)0k8o!s7_zT44@gtM&zl$V=Fw6VwCslBLQS@D
z64i~M2cr#>g%ri5FT+G#@|+Z5y@a)%hC3<3PkBnkrNF#ah^W=H+ufoW;+n9GOa^qW
z>FhGApEbnm2vAe(&t((|23ZI4lxzKNtpKBUwTJH0b^zkm1uk3<pjLOMxsdh9n7pQx
zdehNSfae5uG+A)pJCfx>i?RPFC|Cg0?+K-)egGV{O?FB;;FTW9^EPaLje)>)Y1VpT
zn`Vg&!FCAg>Ed*fG@+^EYR<I5?aklOCQ(g1U5tJ-y|bqT9^l55bX{D<&A6qva12qM
zP^n*x{<Q&@l=APSNjySN@W%Y9n6muj*v^(})l1;wiy>Qka)H{;MOd3xlMN0Kf29d1
z8i0qRn^QW!B}IE??}r*ATLd67WqB;kamb00U27;qwTwA97PVHgHk{(IJ3wb<LEp{~
zC|^`PDNv`;EE$w~%jIFSck<;U<81`z4Nx!E0oa_~-S)H8*Lb}>>?ADB8dGo#b>jGF
zh`lkxvt0kau31(7z8Q|gBdf~{vEq?)E5(3tDaFR3;dnG^6vHJszHiS+Ci&bX$>|%C
zkPUihVF^*h5a(!+A4@0%9tiT^r>FYZn<1->fB!4-{Y7jk{4`?{NV_6A8b1E7sdgMR
zw1p%D*~89Mn?$I%AeVIM!qdzRnki!Ih!s6+;Mg0vOl9XQoC22C!WILyf#{jcE5+>Y
z9yzQZr_vVu?Uwj=cP=@e5qeg!vG<LxZ}RD{RPIy~YT3p^lG6k@YB9at0)`@V_6EhG
zlVG|og_zACXN1_QMi_W9N6)ef9Eh~L2=-G8|55qQP4dgWy%5c%JAiCQSUD|CB{Q{o
zTWWHLUz&vf20EoZ?PN;IfkDTtN%GQYst}5<{7n@awRu>+o*0>B5R@ZYx*A*+UUrdR
z_XxecmKQA~8I=rhLbksL7=mtSK+_TByib(@h>hO@0f}IL&J_bHS0>bFvd+c}E_#I#
zE~*Wh7WrbP-kFT=6``Y>n3(~yD@>M$WLezg!GK2aAi%F;Z$={!y&APL-AZ_D!NzpW
zsukB%mqd-48nq~0nmbC3mPN3}#Nah>m4BaGqrb!zMpy0;Zf+R(gA+f9Y8H{HAv@^d
zy{I9Bge!RhQfVKxX|RDdg3>fcr8SGT9B6HTf6E5dwf5k6ZzyBFI7&LeCIeu;5GG|#
zdES+lZD^C~qVS=i0aq3bJk~4v!SIG5Sy_ez7#E3tuU$k~L2Ebh!EH_q{8x@&$x!-A
zxWR4g)=JtsvO%!Sk|%@YqdCr7vI=8$pf(T50H?`8i%_K!wV%QG-fX_l&OE>>3oGaX
zj(6@`w9|EQT%t6a!WbE0dW9XUMfWfWY0`g-)6M(>u9j@WhZtL_G0oxGY&@t}tD-TU
zo8Xum4e+N10s(&k8BfU+LwbYF3Syy}*;%SH1#kxqF#3muU3j}+RVF4Ccic!OZ|YZ}
zCFRIpqp6g)GG7XyK_5d=qrdOJ4o4c3to8IP964rW^o@n1mswkWDY6=E;!tX{z@{q_
z;=yyDyJd{kn)9y3&0A!TqHEPpw7e8TtEg7T__|X(w&O|Z5!KI9wvcolOk)b*d?~|i
z<<nT?V?*ow)B%|iP<SSDhpfD_R^;#7Zk~O@L2JAQ;7l@!Jz~jbj4%dC_V&&kT`e%$
zZRUFVQy?^zcUTBn4UV_|oTO@#hJaq$7Phk)FWqL=rX?J%PO2MWK2(KWSaCYm4?f<u
zc@0+v2CXw0@b5fDhiLVQR6gE&B5+CL3ugoBOeVe$6YignS4&>zr8t#CKe|I<Es~}Q
zW^$}pZ9unT1PNJ97TTc?5RLDq(Ut*lEANL@Y`?(<deL<~L-*N~%W0q?PbmJFl$B-4
zZd&1=eg;HmY)uA6nFlYOs>qX@5;Y|QCJ~sIG=Ue%UFr&YN+^GNf9C(Vp^Jo}g%m(=
zD`FCrZ|*>X$(HLi_wIuED*u^k;zls7p_wlIbinTEQ>{M|KcC}c0SnZUp~=)(gW{XI
znoX+{p@~XXjD*iY!L_~St0wS7I>%80s>KjJvUa&o=E_#kTj@(yinjtZfnjR2ILYox
zMd@K&l4`Wd%9Z&B6h*>k3;K!_kUc-eccqA)Xj`Co1yl_x?9u15n`AhB9iz7WCbED)
zY9>lblo1b3%ar6&JCSc@{VlE!J>l_XDwbG3Ql(1zbE?V>Ga7yZLMg&03u}Y}A=Ec#
z%8}98(J5$RC!E#T9j2Bs<B2ys$YIq=7F2baj6mKBScAEJDX8m_5d|fWz|Mzv0F(8W
zNb)ml9=TC&Q|~zGSbD&q^*E*v$J4Pl`=&!MKsM9p4Ki5P+9P~;co-_DP-)#`Aw-Ki
zvB`79VblL$wCCFN8)zA2f<pdY)hE20H0%EUM8HG1px^>if};C_3mx<7$FGou*Ux?z
z>LD1Ju=&*Z;Ry85cpgzP$Cz$7(2c*#j=ImE9hu50!ULnmR1qXKc#%ZeG_&aT?ycFO
z`1}Nq=8MBt>)P0M6*vgZ80Smm4dLX&)(UV|60HOKCa);cbr{k#xN=6wYG)}$Fsjt(
z8}r)e34>DyI4QyAzF`rw7s)*EBR-*<7rK8pY}Z1@Zk=!QBxqkbwm^iHX~>_c(rD8P
zNhSNc5@2B<{{1`#Z=h4{p{@4`0~2{#0rB%|<m|M}|A?0wdUsJFp=i#ZaY6AaFtlMe
zzY{-gL&U^FdV`3_Ve$Ws^@7}OA}ahhHAIwYAVh%3|DgZc|A7B5_>c8J=0Dc|GxWdU
z8+Cw6WCS+ozLe^R%?j<u`W@U=h_0Ao5Qw1RY?T2cE%4Q0p_LC}dD-*I3JgoRPQ5<%
z^V}H}(GG8^ra(nH<2;l7bryX+p4ssHpFHB=W6793+Z1eY+4H2L+W-B@xc}|%`Q6L)
z8N@K2;3NfPu0L<hep%FGM<LnfL~C@bphgLxdPLhY{qFY=XHvO3WfjhM1ChWlOADk$
z+*6UYg^&oyUWjW_lXFT&&d={AcQl~j%3Mik;Ft1U6@gFF_es8`_4d-Xt0VC#5^$)A
zqdl*;!0=#X!!PDN-RyIBFTR2H+V;|!k}*IeI)&$up0>qC&t{so`Z|At(eFcGgYR=F
z+i&&HBxY$KAe(Nibmc{4Fbg~aa<d6wm}=vnxNA$$#KHDOYfjXei>~#ZOV{!K$g3H<
zTAW@ggm2(~5RYKyvkU?}+e~}<aOXSIUW#o6ti&?}eD5o16alIuO&GhoS!$@NferB?
zLjLsi@I-_RHzoZKmaFKT0wdG|hhs=W9h8}0&Dr({AL4kQ-);F}%=+G!gYHe{G~XMn
z4hJuDFl4stIBy8KQpJ*vTLfzi^>8j<Iu(}WUi{H&kVzX{W<3Y(tcO*X+NZlMrQE+9
z<=}Y`?(F7_-$RNxQD2Dg9;1_(9-^JP8A#g{LGR_`*d-S1=2IRJgLcVe7NkOCK+38u
zj;eQ@OY~;G|MIPrH8(b2uPkbPn(!_V@ZM(0=N!+KcBafCrHIHh!Y0{QSAZ9D6}vf+
zfyvlG?n;o3gQ`>(iYh}yQAa|n@e`H8F_f@Cb7<@t1M;-Sa%#`GK0(WDdiwl+A*j4F
zKR*;*kIN&RBMe#mvemb352&@(uMy%SyZ?(`fGF4(a$I4QF)sL4loYhVUJNxCgPs|6
z!gk1e+Wd!1>g@~Feu}Uo)y}Mb;baFIV)7>6EjrH|Zc5tkE{w)0EZyr&nutK)!(n{1
z$9DacJ=ogHDO-fJg}x2Wo#cq}n31eKWm+)ffE$XTzg4w7_M)7QLG?IU(m&t=ogKXN
zD>AW|Cte?9Www-Dmt3XPifWteoO#+TE;pMM(6=@ur;6ZQx^=gIpnErN>0b3jD)^B`
zR@3+p`lv5f;F#UF6igqn)F)Sw&vrv&mMBOv7>pqqp)Ue~;Cq&+A8g$*mVj@x8@*Zu
z<B42lAh<qYhua`)^hx%Ni~~xk8Z6h|o{tE&^1!LW=DU!2BpaVAh~6ab6HH6{ZzFO*
zJW)NcN-O|Q-ae2IGCD?EOVldb#TxO1<1eA?4|)!sOt~D^E{d59(@~)JeLGC{8NP#0
zI0bz<??n;)OlT~K7^5H4gI$jd#cHfHbIqk9s!t&8pLoWjsP>O|C#u<IUCWx&K4wqt
z4)fCsz03_=-iu91Cp?=nDZC6})Al+%D5$*I>N)C8?~~PP5jLXmkbXW+)=SLTz>;Xf
z<9|}yk78-2f@EXk!%d1LolW}ju+>SDjQnAJ@N33ucU(;zmve^M#vv|0Idz;KP_e;v
z@ds>x%rrwR2op938btUjo%GJc7_Yfogr9Ya@?$C>hKyCO=`KAfnrtauQxH^m@peui
zPJjt0pz`D;$9+j4{;RL4#S?lUmh<k3c6+b+*z8(Ab7+l=B0IWhM4Yb>kP&m$#gSK4
zxI(*NQ;Yl-{fviBLWeR*<E<#^bYW>iuQiaA{t8!nVCL%cvX9!;o!kd0#v<1qkvQKR
zLCNh^|7V%0Dr<OvK8vzrq#Cf-59Vy2RT4CNkYV-nCBe3R36(*Ec;V_LTRk{CS?8|S
zkm|R0y!WT#)uyI92ZffGW*KT*sLl`u&?DmFI7lAtN_hj1NI8@XR>2?*5My2Th;hoE
z@e<~WYrC#ib*OHFzc4zNS)DV&_{(~Y%lx1z#+p%dunOKEL%6d$1OF<ELobC1Hhpy{
z`st#fNjEfyW*2>F(rS=k^$3K}EG^cr3(|LyWAR8O`m$<WrBrmP#l^-sBwf5pkJbA)
z2%A!|ru!05H9%ncD{wK5(@{i3F~h5-nKD`}4q{kzaqCImb}4Nf8*r}Qz&qt50otII
z`k1OUecjmYUb-i39*ZUrav<hx3sqXY7o~G$YCoe^h7oX*D<wVECQ}+7)eDE3!X$2%
zQsxOZj#=F}_3%%p_eda)0O8N|MmW0hqZii6;DN&^oMU75`HHwemK0cJd-s2Zy>(C=
z(YNo5dvGVX4(?9Sfx%&L4-SI|cXxLW0S0$>*ANH}!Gl|H3j}%m?z#89bE{6(`>(5d
zb@#5-ySJ>*THl`B5y`)xcpPT_YVR}2<!PnQ#om~PlA!=V4lXb~DITl*I&gFIV_nW{
zZ}_DLj9c-Kt@P$Y9$JCD{dWG<pRb?7(v--3rlsr!fWs%Y>ywPT<p+HSi}omEe}n(6
zBdJVl76IP|i=4P#0N*~+{`0O7c(4=}F*%79<~jSZ&YUakHqg>IW!-nX<vYx!N?+^3
zY<#kTPBdPR;b?PF)mkcJO%bC?qBYprJE`cc%_lW6?Ot=6N$>ON%}Sc!MA6u*d5%9z
zu=h&%o9{-N_uk+iGxe=UvcpjacMX4aXfqcSAu&wkc(Ly3d$UZ3{q;``gV^J@Az+nr
z7thV06ZK`+g7?9%3iM>yvom6_UBHc|l|<jo_`M$|4^=Eu0EwK6k)X&~r10E~ud2OR
zpq=qvud54N!h(TZOe1^MkNACL&hx)<UA9$k{CtHzpZ|ppfoc>9hn9(O;Xm49Rt+t+
zw&G5jI@ES&q>@>Ygz;PWnCaeQQ!i3^ct(Dvl&0ZhD4Ss&z8RR!o50=J`^@u5v8yky
zDC`Ua8R=x4$4go-*FX3)-_oQ@o_8if2L`j}-)kD;4|sT?p6Zx^vc1QDh{QMXQ+K2k
z#jLIc@3W_m*OL0NYBuTSwo&M-`4ssW18YUJ_>bo*kBYrbvqny?bu<fsja~ujnlF%Q
zSLGwChSG2#$83yT#<q@mJ<`1~&y||NDjqp6#UvUP6ehmRr&+(==z;PY+etVJduie{
z%FD%e@wRud&QWYl-lR<n+SC`S*>cVIRzXpd!v)PibjyitGH+O9ui>AitiHWuy4&2C
zs3q{n01RYMDv$0HeOO&vc)69~TIdKl!SI_>gju85cclows!RJCMGJKO5GKM49IcUW
zfB867*C!aK8G#tpKj`uCTtr)?d^<n{T><A}4WxzDeT2X%=K5&#7aBz&jmB!8+J$(w
z;lV}4mz^om#MHi&RkH36U8)x#=_|{bX|imDcXY%DjHhnU!vKzopFe=zyAj5o_sI48
z?@NTN_G@db1J*?5=cv!t=4jxB;E1Fu{U~UYzfA7yOz;AyVui-ryA?tQ>yTUX<?>>Z
z`5cIA-`!>hT=0hq_XwrqE}~!ayZ=((MXUP9pDq(4ZN+c&ATL}gIE(t|N<~SUCDz3W
zFFEUsU!kHf3JaG1@al;FOiqR90pa)HuK8@tOqJ{t(!yc1Wm1ALRmmxoft3CXQ^AO^
zV9Ss^p{$$P;x)|iWtXI{Em2eP7#5tw%ispV@vUl&!#tfj#X1<vxlcALkQc>VyYX{S
zoL{WcX{tPbP%`RyI&_UA1~<@kn*XMjnh^Z*o{fWXfdfvx4vUl1{o&U2U63{VBf{yz
zjvO)79kw3#+-ah!<qI|#=&w^3U;(9&s-y`K@6P7T^AFObrP31X!7$*Hb(5%bzS2qH
zV|#76YG^%D9q)~G%|&wteP84}vpAsda`?Aswj%O5j{;bEm9C(jyWCz{6GS1d9EggU
zGRhRBX$#rug0<|6nv6=Y5I%c&sGhU={UFnpn((@~UJ#a>b%nd5$4h-@&7EJ&L;Cn$
z4vyDZM2ZW5p)NM11UzjJOx}lNUa~<e1w7&ydGfUl5)rBI?A7}zy+>E%Aj$tkoX?nv
z3mHX!MbU(x<arYU(J=13hSxZ^Id(xkQ`|c#<<g_u{!nh#363ehRoVofffZ`MWYIeA
zg0mT5a-|hXX*Yc3Ac@uk&PC}!k!Cise^<|*wzZdR55&hOC~aVZSE!8098@tWP|ed)
zg(n&6G|vwR97fgFW)?CunZ&)2jLcR=;`ZofOZzAt^H1g@@5igg-^J1(A>?MAYsKeC
zor)ewkuvLyCZhOf?ynpAX-zf4Z#u`S_TWoF>#-syp2t=}?0m^b5xebft%q*OBf@U7
z?|@huU=^-$Kyofly?pFu{2m7k7`bWzxvA=qP2qa>HjYuK^rpYqy<?xJ^jgtzDx&g8
zm(IFyWlO~7tc69(-A2k#XnhMgEoYEE)m0fpldev0|F~W&DpBe6y0qi)^pJENfp}Px
z_tm9@_jaYb?;NiS{AR^*2cpEF_jT<>J6bQaqkkm^2k_`IMrbOUH7z}lR9~Ob5QvMp
zDE>0xSIRO64W!V8`^(%hAg4ZVTtCUN_^f*fwPrHUGNX(eAkYbR=L8A}hnk0Z)bV!q
z{<>_~*cSk8*Jln|toG>sE*s)%m{=#GYR>w54PA%tFah%a^cS~^#(LZGo^97C(s6eh
zNg~bBl8UTk0&|oYN+=jwV7P7T-g8Iew<{wBxHigr^R0)7qIGO_v`m%7Ih8v~Q}`pU
zY&D>~5Er`2!PhW;G^EbhyitnMLK~;jUJNmku-;eH{T^Y3S|e4B`;iJ!;5OcB50O}|
z)q!}$OFFU2&E$(ljY4@Hjvk#)c#X$^Fg)LjFZ<k?BTE865b{`$*%-a6K%H><+;&k5
z0}l9`avbd};;~i7^6x^_2tO&f0P&HI%`R_dx21_iAES@HJHGd1L%&;~xho{p&g6qK
zx=Y-RC4L2RQthytRR6gh1u<mXfd9FDsg+pnge@aSond}v#mgayqKlJVdIfG(jU{$b
z3{)m0o2^(AjxLMVL1I-j5$9t<ow~9rQ}^(bD|@4;FNrg5n(G6lp;HKlpd3(dcUdI=
zsA<3rEjle?#3JG^#u$^`v5#rg81duZVe1cq@7Z}{G8v?0TOZpi9=J1=jNL}-d|Fbs
zqrPDdFkIWU;CXm1=a%1nZF*ybGc8?ClIxthkI1W`5q9XFLFkdJU=Is?j8E302<PXH
z!PxsiK*+79cx^LU=!03ywl^0sKJCR<HS51q4tsAlOQG|)8}SQ3SC8kjrD$AyE<m`~
zNUM}#S}T$$9C8x*<vR)L)d`ytFEyvNO*=(<E1iOqeK_Vxq4BBBsq$EP^f`pBWX>4Q
z#))E?e4>WG|G_Z6_{$ul1|eb&dk@)XNy-|(F&n1uc1)H@+S`jl$f+p&-&=pnJs48=
zae-x#rAu$0`i2S|7O=&49|+ND@Akg4GP8xNc)R|TQ$Vt7UYI|eE5FS7@?-;n;HE!w
z9#75|>uG*|=QYK87+&EI6_+t+B6l|WU^I9e1cN{L%(Q&>BpsQ!lG14085ub_KsFOJ
z@@UYEf`oq2=EijKe2PjbJ$>OhF~B(}!~dGei-<2p%Gjd5XM^F8m6cSUtIbwTJUt;#
zK4t|}Qd~Rk31BQVN22Asd%-g0ZAdIs)hvExA}*^prJ|esO}X;>qu_9Yd(3D7P+m#}
zY&MTbA-M}pJp^ljXEh~|<?)Y1@2@|($<g|jaQ-HBQwY_gIxUfe*N5ODl5hlSktwRB
zeC1985Px7p^eal;fU2J+e*LKs&M*$Yht-%9qN0$8q}ZTWC+@?p&&Y3a4TnLWu+XOx
zES*DhQfHqkCeHA*6mA+$h#2zkP`v;t@Hu&72PukQ$l;66V4tgZQRsqU_p=-oA8yB0
z)mvimqtvLAxl3zHJ*S(qQrqh7ZeppGmn=HEdeEbj5hN*%!T6On$&BuW<7oNUmOB4z
z3V0ei3lLXyMWOgAulVHIN2yLs#_?t=^=J}97=P{2JmM6%cZDl=5~;9zXyJ@V67mMX
z4rAj@OO3l=@mu*hP+fqw4T8G2%!A6FUCG6~fG^wam$#}>2J%8<4+;&QoG&_&%*H#Q
z51C2XeHcH|V*<OA*#lUIz9ICn306loJ4-$OnNv+4(iUg9{FB!jSR`JZSbYuf6!8hv
z{r4%a=VtfeW&gujN!o?U*~#|H6KF*7BS6mxACN@-vRhKUVv<x)fHhd?RLE8Di9B4{
zQzGt?`~}CMkgT|e=1Dxcwh9?Al)E7g0}t?IQh2*!X%L%ygN4$ui9b}$c}3F#MN&sW
z-wK&xK5Q-4OA6RQ=T4f40k(8tDp7KIewwMHM+<O#t{3Da@v>(U7W@*Ty1l2T4Iw31
zDOxJy1}7vq-R34}tKO;@(UEa+CsOSLm`qnHFcf%yKMlEj%9kP&3V<dC@3q~PGl&E&
z-jy)C_OYU!4eeE^PR|bD)aRs(g5(j&9l-up*Dme4^VNESp4VQK<ld=D3i=v9=_nIN
zeE%r=VdGJVFUs{s7S0a%DvZuFSkU4kn263jm=dPLnj_Y5GliBN*{j_R>PXtpP^E&`
zV!!V;3W8mr0UiK~a9WttE&|b<Sb9p-G;Cc1JQ1*$S?#jo!oF~IH6mq`y-lsNR7j*`
z{3#G(n2{HN0uXv6Jw7kSpLWmG&yb)MslhWg&CiE%r{3fTS^Fw-(y%IAbLkv*elO)c
zEQND*orf@RuJ<IZ3AQz(^W{QHCFjUOq;c+c=fe&ZbklG-FR6bTKxoK2xfrQ0JqF}F
za@EK`4e(wLa0Xk{ExLy1B4`g6%edEuuud}!7e%mMpVgYWHSJhfz%;kh$o6Q35NQ%#
zExF1#i<-BY4R>0&aY^>Gc<OQ~X?Uih>02myu)OCFaJWDjpajRNzq9y0lIo+3*H5r_
zm$(x0)|eN|7#*;-E?a2*iBolz5UmopG5R)oMxz-b4O%4a{rfj|piu8Urq*r8%^XQS
z^N2oJh1ZTodUvbWC<#<l;xB{`m@W9!X%K?ULg2f}W@sc2LQG(1!{np%K@O|*2;K0X
z)(SDHNMrl570ADW5Q$7+36*9P4tX>Rb1NJ;z&e<oYTnnQ`*AkEBd<OMBd7i??&bIQ
z`oF+~?xlQMTSn<l_iTzG54dk5XZ>USh_(UI=ibNl#LUY~eH1x~6+T2uD15FkTaV-H
zqs;VuFcn_W$N`BNQ=?<8!1Jw~u}_ZLBu}Dv;B)f?kp)fZFoA}{BK#_dwI5Zx@IFne
zWc=EO_iTa-7B&4a7l!LrmINqWX~JZ6{af+|vBBS|8T}c~efX7gHwR#W^#^47NS_t}
z5iqeS?`!Fn|8+;c4Neaa%lTDWzxS2P%IN^il32QpP9%dS)n|XGB<MR1I7H9c=JNJR
zBeVM^FXqZh`ADEPyLB&Nwex2ol1jdlH0hJ{=aoD~ni22ql_R2;tv%I75EMo0A->{Z
z1RFzXaif~uckBjI=avOOF>v)SD2*Ab!biLVou*c1tE$1txPma?G!{AFy(de0zn5=i
z7;b0fHxl&*A9_mIv#_m7^%-$1p@i2t&GWzjbmXxL!0g%GGopYp3k3YgWPJ=GLc&@f
zm<j}3K+@+VVFPZlV5Wbv5zVgjKDAmnisV-I@;}Oxxa81`1^;dyr1hirnW0d#!PrF@
z^{f(zM1N{b#22m~z7O_L15{t~DgyBrs-YjEuc9J*gNX$2&Nsy+ApMlRufSXT(N5xy
z-i9c{%SeH5DzY~>B9X~7T0K~9;F$-2U0tx~15pX%&ilar)Vx;9&)aoakH*-^hi5oY
z#MTyt2|9LvaY};oHg&n#3=cjmLEVz9>|^D-Q;IRCtl;`Kf+rn=b=%&TY}-_bpH&^B
z+pmjJWQ^9$3j%6l$H^p5c=1OhDae7+sYpgcr9sM6``wBm6?*Vb@KCj;Fo+(0#r7Y6
zXk4&8VsL7-vqU93QPP|hk%e^?x^>JPY=wiw$tE@Q9JY@i@k=Aymq5lBB5H#7?}^*W
z(yZ+{I^-x)40Wy!8483VIO{H%F)p;Npj5!6B=ihe=^DqJIqzDlkN_g*@%HToBqyH8
zpb&n{q!6u2akoFel0C&6N7ce&p=st&Nv&kechL}Pf|Ha@#WF26c(6GQXFM#}c}<5c
z7g^k)o*If&T(v+<bxdQN1gfEwI$5t!l~vT7L7=ugfCaapk0p@%PG46t3KV*MCWGs%
zo5M4VO!DdX_JYrQ?%97`mZcNy`~GPQb!zwB&(ln*>4OxnPyPF6A_;5`KX9C)J6R*}
zp^Sp(rP849WP*}WJ<TBt9UhWTZQKENUQQN+OO(J$Qhv(<L32>HaPxUMZ87WoCoqWn
z<CmXz`lv1a9VL9ey`gFS3AD2pG!K(J4i|?_3ItNjV%zj(BNq9yIv7*CiVQ!L))sQ^
zJH88?)j0<s15{Nu(wroGgEX(q1G@m;y!Kh687lTCFaU!<ra5|135XXw!o<&wk6Ts1
zCQqs5FHPO%b+^_vn(s3%#LEgNY<=3zy@P}u+_Ltfjt>A8`3m1Ubgh!>cwkY6+g;}<
z!(lNyJNhFt{l=n2y!OFVS%-tp@K<a)&Leeg`@vI{5XO5tOQ4dmHl3I8NpNEfYW@|I
zpl1kW{p*7d_@%f_a6IC1CpKM;fu%s$A+MV5gWU>2OkA{~_a1>oJl&7sQBC{!LGkz}
zS%K_%tJ~6hK?Ob+)D24v-Z>whe~SuObsQDr!e%B`+um)YFG@W;G8~u;O0L|*s2Z-L
zx;+;c)4$ps-p|NA-RYCMBzf;t0kVKk!T2S+HOiVG7*0vh>ewaC25|RIQg}!MMZu_J
zHw?fMOsMypE8>&*)e1s2{pNXjCk^f3{s=F%de8Y^W=i>xL)~x&4hRCAQLA;rh*?D3
z&(r*dTzpiBo}#7RVlgWrF>^1Huyzj1Fd5tk{1geZrO2mVD~RsF99f~%>H6KLEj{Ok
zUsBAvH{~Fk=ar+7WFz>9t{Y<7;-cHI9XlFfRBux~NEj-gdE>G+osLxyI`o84b7Yyn
zRgr{GiSS0hkZQzN%yT^mvNSX!sjB2Dk+>{L@x1jX-%d?KZ}q|sa{aU|rXe?XC}_>A
zCVh$_E!brh;_Fi+l|maW(f$j2&~1FAU&)m!*oGHD3MDfw2$g8?C4hRJ1ECOYKvo|I
z7N@!9Y7VV;)kMFl{&_~LY~p<WWna|p;)7YAik)xg)>6Ro8@%a74?D}k>tbj9>uIzI
zL9771Db!e_H%&FOF*;?l>v<c^uq94_@K62ktP=9Z%i>%6i!MA0=iNc&dn+qC3%L)s
zYxP4Z<J&(9dDQte1M9nKa@lE}AI_0nkxkcn@H~uWMx<46`K0={OJ90Cy^7!~gWX;~
z!ykMpuZFu2^M!u_@o%G-%p+<{(I=M><ovKl-flqLY^EiV*^0obL}j%psX5YyBl_a=
z_=MOb6dYGYg!T~0(C|(Ewf8d?16<)}*0_blnpL_J-3*lbM8o)xTCR6vdLDT0)!l$|
zan?A^S0~I1X~%WSt{fjt<-tUa59*Y7PZ1c$^_<|}qjwRoYl$WwNCjVY7o7uUQW`kH
zy1K*wR#w(Hd_qE5G<0;@@bK{DcgfX3kg2IDwEq1n-T$)qKL-D=#s4;Vw?IG}9DTuj
zGd9#1z#=&P^N(Qu<|o#!e_M}+L~jJ@<8t5+@0ttc=Z`~dX3$O}1?uuQg2C~zjwcbK
zJ+6T_Q8<00^V57H(<d)<T!KEp?*^-po`Jeo2&T-Cdghivi9cksZDKZn@ag3(ggKV=
zWsCfY(dOx|Wgz;Ovm;CPh&}5_%^F5pVS4%!u0Q*%{SEt9HM3mZfeHBT&}%!U^n&ha
zgl*n_lHeLit}XZqg~clBJKP`?!Fiz_U*txW7T$or>=#?^My}_>nU_)lk9*e9__CGE
z)`#at+9|-Ip;om&)**BPW^Kq%UuOS?VIzELM|rRLZ^h=9PwDNYBNIcx*yh5JyiZa@
z0UR()Oi5Zw!X6>ZOWD$qeHr{v$^O?uA!I1WTv|N@8xz$<Y_b6ddIpcuEs2(;nMA<%
zA^MxffO1GLs-+8mGL0aACHP*pWQLjI88iANYj>vH=5~Qca6l*qm0FHSmKOM}m5ZRT
z>@pgh%<o2qO7KBT!qOQziJP&=%JnFu!U;o|yEO680a`e6&?tYPiibNHj^p;%g~A_8
ze+c-{p#<hf-U!8D!s4aML#EVq`T(|E_!bKy(*#kO$-T;4h%A39O(4KivY{WGWEylk
zadO9v=f%GRGu0bxSIn;-k0P+E^Ay#m5lA>DO;t<<=~|<P*~(A{3qoXU3;BzgH{G<!
zF$QL#OHWN@B6M08am=?3IDh=ga0zr*<uZAHuhd0PR(qndJ*_iojJ-nB{`59obw5j$
zAcA9aFbgsisb*j{k|mg>r9*6XoGE#k8L~iRTA*eUUhtkoq(vv|q}#W!AKXT<-^KHd
z%3CnPU04hPH0ZX+Boq(u3DYWC3U_V`i}0qBk#W^-&aB^NsDoj&f;7v&f$4*->RIII
z2$jDuJsZ)bG^*4(XtQwf6w1x1Jg9tBLzWthTW9K0(RQces$ZlH#-@_1z2i4Zl~M%O
zFxBS?&(s2KZ5(x$mlH@Yj1L+p0>mu41N-QnH=nK+$L!?FN*!I#H{>3cDZ`7?@>-BJ
zM&%0sEZ(KG+@&OqVU;EnjXA|TbGRP_zU~k$HDkt#0E;p`ri55C%x;Ttnqt1=C+_)V
z83A^yJ|1NGNkFs#H6%YKKw#cOeHN|MU3Q=^4cP}YbOL!v=W7?K8f`*NMy@JlbKEvV
z^>yY5b;Fu_sk`dp6_{=JTm8uQ;_}AglOTTDYyhBXvB`wPaZ;mGqnU*0WEOb7u5^Dd
z6!{69>B3j3My)tE5rNyWz=;k%=4Pjh6K0jKtiJ!-OcN^tnpL88H!h>B!waw=`nrdE
zpG{`;C7WI!U=Xb^)p)ee{qlWIID4%mEA6`0LXUO+=3nl{zG?YFF6ONtH%?Mx>(8!-
z3X6CgqOu<v_!)s!fQj-i08$@z;kgG}%iF&Tw-u8q$@yhGZEhAuOm5vyD8jpG#I?4$
z=JU<mvHM6tM2C|;CI#$MB4w1z6YMheIAA;3-Bje!E_$p2;>67YZez?qQTIoRbuY8L
z&hDpvUEIHS3l0bgzwLGxgw0OA&Y~nzkd-BT;`|hnvxRF4wIH0ilaw>h@;sfa>6;|^
zLT$_;+5v?mUR9FdDKKKhBYtw7Z!meEreQ)PS6iX)0kIzkd*vJ6XeWGRM@-Wzj$nc|
zqr9JSCoX8Q`Gcp3T`XuBDcIl%^hNK%^^*zJ4Qr1*<uUd=yXyPeh1zZnnM__kSK(F%
zr|ASNOqEGHVYxD%s)s?fdawZgh1g{Ubs2V}M|@U^DD%Wc0{MmV<O5csiU8(CCwIPR
z6%*!7BM*FEZpJUBiyVY5gd_+eR5K?lsJ2Mny^_B5Nmb=XJgOX*X0@(-JB=OdFRKE*
zihG(0Kehc@y&qb{XiITduHBu&pQ0~T?gxDF64IX@(;<C1ttGA_rU866o<%lLZfM`p
zJ;sQE?<j-o^<=&;(!oEG9%MHb<%#cq-V|Wd_)B%<7JXJ1muia+QVmHf%21c;;xhZV
zJ_%#Cua_qK_^dyDcz!LpIyT>(S4(rh8`wy3{$0CAacir7Sxo14H((HkFFP^w<z%6P
z$J~l}FXG^4AOphRlTy-+0}D_5y4d?ADmPiUDSBbN23MFkKEQ9wG!qf%%=m{%_Z~+A
z4d`y3E&9TauN*@+%>!!LmwXOZWXc-D73ZH;?{(VRnatmklwTOfgF$2PIUx#d*2@V|
z=dlPDK}T7777eJ=$QvRsvPfdi57KOW-HzqN4bxoF`L>b!1Fr&8dFZY7z@7$(7^6R~
zpu#6z{JTZG<}nIcV^9^hZXMMe4+gtQ)TN1>P_)Zh`^5Sa*<Ves&s*D%stZQtMGrbT
z2aMCNEjgJv`<rb}TSBB2tC(3|@|SI?w#!nlybm}B1AcZpZSjq%rPAO9nH_+m*KayU
zQ7U0Y(JCr_819hm?$`ZJZ4n-!a?h6Yv+bV3^RwjL3||WAm3i);`tcB#WctBf4T}rx
zv}jlv1RtWyTVE}j`6_a|$^(LB4HE-2)uAQ9@wZYTZm+-q&=Cj-u3^bRr71`nAT}b#
zdYCCU9pM(%K;!OcO;IxH@bgKbFu$32hE6)tigwZPdeONCL;!pmYfeeBSqbDDTyqjb
zuqLiVOmrH`nUxcbyM-PgIa~Epq9(HxGlt+>^P3yN2?v$zIKk&#A?Rn#>`^LUxB~gf
z$5fOtB1;z7a0Sy0YKCd*?a*2|PS8N+oIDjZ0!(Q#M3!iTAV#SaBymFbAS%v}kRsAb
zb+^B8RtJ+`11j9wj>KsQMUba@&)CyM&7BBO_Ce2NjAF^{S>S<EjmDKHy_rEzsODDH
zezrPLBB*h>6x@Md$}{Kg6EAV#)^FsqIV2#$T@GulL2C0n(3H?bx8|xBWuQUQ&KMHB
z)HH26k~DxrL;Z=9oDw-HC&I&tYUJkAFW$^My()ySvmhW0xRDsGV&c&tT#4gO3JM{A
zPe{6Zvs`N>UveCos3&qW#OZ}4P#JS4et3n;vA2BpjIo|5hRK#mQcO}#M-Y2;W-AS1
zPulfb4?dOqBMYrxEop%q8iN|=;BMoPwD$u=KQp46H3m3}m-iCSKC<t2jW$lRvY55H
zOwHwVIu~Sgot65cOzU$z9Gm=9W7lZurK)T~gN3W(Q@Owwj>elA5<OkM_rw(Dv!z~O
zzO1#c8K>}74svgpzS>vS>-iZE0NiyR@#}i}yp2J{xAC_sDA$HPy>`<vvSYy&1nYG{
z@blJ*CLOu3nT0T$pzlds^PkpN1KV^X;#y*RB<P&$>jJNnic-E(#O3mo&KZv-qF7Br
zIzkwJ90K)$I|>;!5P0PH8kM7HN!NDAYl$UTOXMbG$#U`9<60*#uqT>HvD;VtNyGxL
z!ZA^()xmSVqE+;_`)A_<a`$>;$f^u;AUo}2V3sIp#iHf{#)8vvNiXlFiNU`U15nMZ
zE8u$b$udjP2vhQu00rRX^>Dws+^=;;!z$QIFvt?HP^3f38nGyZL0KZX0C|eG(JoU}
zw_LAuEJ@;q0T&EUEAS%+n5NU#gUSiOKk!PtaeK6bwV(H<>UR!*a<M6{yQl2L;3%f>
z+ljNP+AN?{AbjR&vYRQyN>OxNbV>_*-7;KCwv5vLBQUlmMzSM&M9^v?iX7|vRORp!
z%99I9XSeR4PLGg<d{43m4}AGnlAWz6nI@|$+bF-xx-{|n{wxg1goDW$%@vCzg$#;}
z3y4P-9m(8p7Ej!7)m+(KqRFvI6B8)cybp3(U;j-)maWp30iPc8yI0uSy8FO&GjbE}
zdW5XPxBKpdR_yz*(5Sa6J4^+23pX0*=Ye^+M4g<E7+@O$|G5nj9~H{u1_{tv4M?mz
zQTw`;#<JVr>E!$>(u9OEd}tLo-g$NIue*z0l7!~>3<DlYr5~GE!_LB?O>g~$4P?7o
zYNwKQcd`lC8q+>Vu4!TazCkRD$txkZ;7>Kmze;SS`u+Hem6X!3-3N6z4Z5&6N7L7u
z7A6l$w21`l574L)EeM6JejH(@;)8bQ@Nr~FN(~;Hsl6sYGZS<H5UD$VVogu56wUFx
zNS}~^0jWp`jg__T$k7pICXySIjb^~aaMe>}yIMH14N_Uu_9Bd599{hAn=kmJCZtp?
z!BB3HM?!5APl!y;tg51Myy5IX4`!QHGl9)4*9&9%HHW>#THReQlkRS2g<}Nw7&A0Z
zy1e)qcAcPXOdt98uEgzPt-4oQZvR<!_$f0W@in&)kTQkox&A@hm+KkU0nb^TLL;ZK
z<G6SMmG3OVkV(MZ+Wke4EFjJKp_aU>2dP;6HW1);vF-CcQ*Jh8<V9}#5{ub!e79IG
zaWmpgaYN3IJkK|YbTp*JJ=;lo948Kc`|yWlz}3~&PQ&qE+h&9=c#jBYbwL4sMFboX
zd+d~{T)OShpRzs|x00wyAaTk-@j7h&_1mk4>)#O$%PN7G@A=youJ<XdOk@NI;`Uws
z9{S$7^aFP)EMwEwhsGSB1N7i^zltcwF2CnOnFLByhhQ>IF*OS4&Jz;10HX0H-{<b5
zNVm{mGtQJ8<@g64Lq|CvK2IbGXTc}MCuw~$I;kzEGNMeqEA(HsKob<pO-x&=d5?np
z;8*HPJ~f;qFCqx{jnVNRV@)YoW@4?5`B*tGr`Nlve(`~2ITL)`P%pcOMD9*3AG2=X
z+k(^Ysf^R?<qH~_LgIIZXtd$(@;b6?ig*Hyrc-+&Zu@w;U!RjlScF=sY3E+d>&h9K
z?q<#FsS(~`6&_1%BA3y^>q{5BfVS1pud^{i4nJwTv881vxv;(>?L=~eK7Y}Vc<+Nh
z{IDs8Jl$cJ31}eD9$x@qnFYDmJk{;wt@*!pp$OQNugLXV9{#`X-voqB`^;FPYOw@%
z5f1}(r=$yL>OVI1S-T?)JZ-;kUAa5{N)=My+zk%L$`%V)-=kMXEbH!{Jt<prez=#q
zW%-2}ozscFSmS7WX?5%Uv@EzhgU%Kx<6n0-5)YR+GE4c%MvPDvQXzft>35^jsIv(=
z!1`TTzk;U&XR9v^(ScpLDar$*Pl>N~y;bUk2b$Kv3%<T5qM_G!#M(83a)RGngm+TX
z-OtY&$e^N9zZK_NjWLxDQ87EIj?h!S9*HZ$n)7nL4Fac;MG2#u2>@W2WqS~O^sjOZ
z*hpvqqfj^7K6ZIhcs8LGzV*LlY<}k0Ua9>XDgx$U6@_J*U#0|9P!y(EXcAgDAvY)(
z-ZPaFcevE!mMcTo20L-A#Hi_Ws%0t`ZM!pG3+kuV1kn{k_6hjJ8RS$fZc`X8FbBcE
zZn@Cs#*i(2-+qW)Qbf#?ijWpb{KWy_?t3BsUf1H7c6(BA1~A*jTneI6kS$1dp(9?z
zY2CU)Ht3W0*(tmSl?;>&Pm5;iVm7jc?o}P^f7Lpu;jjN)ji%jofIP2PJ%LwOZR^r>
zi*GT&--7)FG(O=U{V`Q>z^O29P^LtYX||s|!k?><byjAm;GZyEO6A|*bMtdz?}--F
zmAqeds_gYN(Oji*z!p;|g3g7kNjCi@N$uuRR^%6%ltn(`zdp6y5C6RtB<g^aorfBE
zoT(q3a5*n-_Dp(X<dTjry8nX1L^Je-BRd@wveWq7{(<4VMm&J~ju)06X(M2zA0M5T
zK18{4;mu<FITllSLP_?3BC|wDo+gwsL*5;*-<7U+tKhtN5K8ip1ZJv1UM>>yb(1xz
zZSlhp8Bk{Sk68y3wo1?fF}@jnd9voO+GmY5U?gL<dEZ`D-={jmV+^P4eHG=zu1fpI
zGi+%y$pACvtPu${Oz<cQW&bHNMA$j$qZ$a?W$@|NJ0JEQF=tn~(!exm;V~KdrK4D^
zSDQLDih$(p02!ptZ$6ffuxiEXwhUnKJ#5_cj7`Ns+cS4wR3RylrP4W5FTT2#cGg?Z
zEi!5`QQ3(1`un*OVH?Hw@;v0Ub&qU!;RRVEF=V;i?-KsH+s!R5JlV|n^G^4*c6Xb<
zaq8~eSjZy(ixLd6N7pFEcZZrmgM6bO2gDO`b~?4UQ>VUFnW8zwfdze-@ZgUH4#+G>
z^Qu4RK*{JaljUa@g&VDLuCuHT@Se_2h4t;9k=p~T2`mve(>q^(ipuN#OjyazF#UBD
znuN>HhNgq-*|QeGZVEzeUCmAxpAJ?=u!(<~M_zjsWR$PXGLZx!-v9Y^KNdSb2fMHK
zQ{|suU~YF0US8j;n0H2^&A$r{aWAK(*}oKj?n+)5x3`qUgnOU%98q^G5uv3p@B5Q+
zEiyO*?SZm{8Tgy6*%Y<Y)f4<II~__TdeMkm8&5BUMzqFyV|C&R#F8}Rj4<eCXC>S@
zz1FTv5Jr*|=H}5P%1)8c0YjDxmPxMOv4)Y@Po+E%EY-e&i!ktf#-64HI>WoC>B_*L
z45w36u9f9YO5#6oBrL!dKCqSbIB6r?PC;muR2C%(kt%c=x7}?hc=WsoYeD09o-KJ~
zf|hb{>r<~uOw=8?Sv2ob25H)J>N4KtU*At_9b^ne8Zp{HljL>V`dn0J8E-+@NpPnH
zFiB5n?y^-Hyx@AHbcu3Nzt0waC&L11h)JGUurh;=S7V-vR9o{X{FVg6KG~Q3i4C-@
z#J^t>T;af+7$R_>20L4*Zp&-~&gWVfD4kScQed%aI_k3HL=P<-^pAct!(3A|e)n&M
z=n+<jjoW1tInb3W2{h)AS1pxo8U{4d1Y1EkK0>vaj;wb)l(dr+xJ<7HfHg2HM8=?E
zj<)KiwSxzADeQduW|<`XC0urbMn*Wg@eoV@c9)isv~5V<)*y+d7YX{?6|bTz&LrBa
zo2xpMZh_-rhOeU)u_BTf5V!E7<(r~h-A5Pai~^->n`tU2dk;2XHO{W3s#doCC>js8
zXCYhE)XF`P#~%;Sc=-9{o5j&B1DFV=LeI1skGchF7i=6OcL(<71$Rs*p|z6Rf3b`&
zUNLI(U>f@YH3CGtUW+;FGq}Yr`dSlUfO|qyvljydX8W;njD)R-Gurx!$xqgiHuWo0
zdHgGno4<-9gCsfb*r26MI%hW^t{!|6iiwv9(yipGqtNFA1JFwMV4vLv7CNoF?Jzh4
z?{ZUShOd6xv2B{{%PRnk-c0f^i6Dih!jp`&@a#ZLU1DQHM(oXhN%ogdspIz_eCgfG
z3%MNF3b(t23CtIg%XJ-{I3)%Srb^+qHB)vVZ3)Y%J-X>UNb9+<ze`JpFd_+z>Fyy^
zm<cy_8GY+z%={~yWwen$sk1zCFy{R}JN4w@JZ-OG2jJ9>MPoky1ybp=vX^{5SG}MG
zi%CfqPZqE<F-|+AK#qCOZr5QC#_#XnUoH^#mQJMF{*)x&dW!~v3haNdM+gnQ(!V$?
zDZlR^SI|9eS|U3X)l|VjoAJR7M&{B%X(D*k^la`z7=Y_I1Aml?b~`lx4#wh#2{)xG
zc3P0Tlq;@sT@WI-)^>vCaotj=NM_&;Wwr@^J}1I4w_`Jba89v%J-6;j<F}lYKH^0f
z@CGd|7i$D9l<s?tf-)WJY9tuBI<!Xn`V*CwuywH3cX}h)=KJB-U!{-faAn5&f~h!A
zv8%*ASYVULc;VZ4DMVG2BeSp=rlLcWRM$gG?+yGhIma?-42c%n`?V<9#|ys$()PYm
z{=jgDa#?C(9L^r6e+6Igw0vZKVtcd;kT`*rn(z|2EZt`|mLCK8mmx4XcQT|u=+DcJ
z$j`2fA(oNh{(6jEDg4t6dhdJ!!Rf6W3|U_mxvkb??6@v}J_J2#uXBrv7{k13xg=H5
z&r+<!>QX7OJ9iy0pr93}P8c0?i2>)w?a-H{LIrI<cDESC?$Eh-*ch@1Zz(P4Gxicp
zBjOKm#TmAp>#kafs%6q8U`&M5S~A2eis}+%GHP`cE%L=?tKaQjiK*DQ8Fh9t(1Y^!
zR4@sR?3A#nbezD7aPQR)G_?xB`Uw~@$3QnT2QmDN8wy}Oi4NN{585k7xM9nK;*u#X
zqW8t?S<=|)SO->e)&09Jgn4aG<aJ@79_qOXgF$GJ?mJNMM9sGLx50CO`KzWE96S#B
zA^B=Z5$xAS_ootwq|Z#xy;~H?I+5L#X}6|`JKlHNL-esP@53&e<^A2pS<~`bERl|;
zVNfkFT)xMFY;zSRuskW0JxM6T;|I-HJ*C55Ni6Cw)FngEVDOUqonDWp^cl4wX7i+H
z=Cm;f2gPwuF8|4sq$z?1k65wvcj;fwiPwt}lp;?PwX4cvkN5E?WZc;1rqBR|5qCq5
z!Z!FK*YN=E;H$)0;oVAq^6<uY1R>rcbH`QaHr&=Xu)3zoa9>)*kI(^01cvn`yyJ_C
z0^^UH5p5Y3Jvckzk)I1#|3f<d2axgqk&ge)LVVo+148~63Hc8y`40&BuhWY+nM~)g
z($JTQr^<l!xve*jDE6T6y8_~hw_V)W;^GlA&jy~O5w7{2+Vq~CZFiX}L+TFFs}xNa
zWJiK}lMmOkAe7xJe$@Z0M}~&*8FNyHcXqhkB5u$Z*y<GgT8O&3hWzg}cYa)ofCX-2
zKqYKCk`rz6@4&`vx$B~pIpSyczpWf$Z3U0By@u_t52Le2t>m1026F_`K_nqDexvU|
zk>yuQ{IiE%#eB9p_J+els~Wqj^{F}2P%APT;Y%ijf*>bUVIQ5+AQzrsP)-#l+AGj0
zEA$+Al@)WW{n-?{X@Nu6;mj@&LdQZdrBB^gEqtzzD}xu5%5bBJJ+hqtar-?gTK<s)
zd;`-k`-M0<`-JpfP)o`*P_#~jo*zHNzm-l6UU(!RR&qlVxgpS;_L}GiW<|^p3^uHV
z*;q?yc^6W;)T`Q#)J!%9QmWbt#Q2!62K#)(HG7`3MM~NcziSB*HMLfjt)!gAkjYYU
zFhx`#c*AHp(YHpx#LGLRT`>P6#&#L`g$~;ZhEOJEI_0MtyF?B)VJ;!#Wxt-)5}}oo
zS-Rr+?3>x&oZ{0jS4DI$m%2-LVTeF`PSZmZ!GxzY(a3FyPz^iBj#AEY<*#^CKK(FA
zKIERb+cK6zlm{uJsstbQS#uW|_5*IHy+;?xLrIP!jr82y;@kBit0C&@1g(3si5E9{
z<LfRX-@dAK*F|eK7gR6iEZSbn!~9hyB9vt|*-RLmH_Ub{=a0W~MSz9veI%N-6UT3I
zm1@7P!f8_^@{bTkSju2bLsGpYle3->hVK$NA2#8t>cBRDPeNcjCatp5w5n*qKUcb}
z@`<c?kNM+9@wneUROnawcU8`7N+T-9?EK}(dz$<t?IKBqFfO?#34^%+r@DAZ8}W;&
zk7a%?2QvytWzWj_eNFYrc#@PdI}WjS%k3TVL0XonwPp3?0%=4XCO5LhsfiR+ni<&v
z+|q^cPu1UD%>um{v2f>R#qDA+0?C7QyRh|rj-*TB;pim2=NkslW7bi0Z+<K0AA_w@
zhHotdp4=kVe`2%CIK+k=A#}Ivy{<Gc^I_2(sBzT>byC{|`}w(*as`vOty749>sIGN
znk{GlZfc=hmEJ=x^WK~p%@}1(W~YzVAKY%2yXYb^8mf07US}O4Qb&$%|F+~dP;gC&
z4ul`GJyeC1QaW3f8Pyn$f(CV|zWt_M1CEa{_YA&y)#vFk;5*z}7=>bHSF^IZlfvya
zGfK%|4s9o7Fl8JS>BR&A7l8Fh7;LmwN4M;@bvhg<skzPA35VUtCl^bv=#UXI4%WD|
zs2qi8wP9WqZLa~o4Z)A?oT)1#-S<L2Z{aDLc(Y_H!8TbP>Fu2GOxP7@QC;ZSfBb%<
zEqoY2+odAPCBD3U>nx{_LHZ4vC1*nM;r_bilz%wMg?+y~jDe_XSEv~J31uJ>PD#EH
zF$anG;3|q9kuM#xKh)P@Rpv^oklA#P6)tHH_meDvfKc`XrF)Pwz35*G^p9}-f_{@I
zV8iPyP+UiwGe>JQ&)P9(t1fX{GOq=03)Z2FltFZj1u2|NqavfcoyIlJX*rM6LrO96
zAc%MWF668B#!Pk||Cavr%wc8Wa6B;nlaZDR@T<8wvt`ubLE@k$gxj^f*BrdM=u*a$
z$gv-d#5WiEW8PXMr)0pkjO<;zRquUJ)hFMfpW?wsYNCl^+R6(6`4;5|oUx=6otQdn
zpRVXa6j>m>XtV3WIaP!$Bn?ZsdJ)1Ss60JLm>Lyovw704-=x1(^`o+Kf^2h(_w}aY
zRZ9K^iPCyTe^qcXWlpyz{gI+aRZT{oIne}$V<WDk&>CmWcsaXD=S*h~sds$5uAI&!
zk5@-eI9*hXd4*ddV|$;;9)+W(M^7T!ud15|M#Hqz)l!S5;&bA)U4iM6a|}8j<>M74
zBFIHwdMRaXi|9MlvMBH-YSYml0rEt+M{27~Ii{<P;BhC=xF?ePm+WB6uiz|pqA?{m
zl<=Hi<s~+@(<26^tZVk(qPCs<0lIbx+l58QYB2NX1An5vO6mMyax+Swoy*xDMOaE6
zK`N^(iT6eIFk+1=%zpQmfPTn^jlW^oJzo;G_f)H$K~SbD%JRXq^t9lDIobL*;R>$K
z8=Twc>r8EmF!!~VGx)lEZBmL{0ty^4<TpMTnv#`n5Fzba0@iy1_x6BCtV6xf&;g~C
zmoz45+qZtTuT1NEwJ^%P1Q6;8I;LFfh8%njVEi>g>sg$(Nv-)Z?8q`5krN%B{M0di
zkhUHK$`enUL;A4GUUKj_)j3>Uc_I-BS9AKd{vJkQc26I2K97`!XpX2dYaojwC!&O0
zGtlSPygqu$zE42Bw={wMJD{~UyTbr*9!e1mCXWh=;BFKUJv%FA4@-<)iclYDL{D_2
z=tcHmJm<!UvmTbM$zkZX#cc6bY%F%9ACUhFN)4>(75#(t!iwgk663sY@;|5*!Tc}9
zqW>dP^xve4-UW^Ro2b$MXr_tv|7Y=kt0RT9{Z|A2n`BZj^uO->KWHT({tssTW+d|<
zd06U<JWty+XwW5~O)ipG3M>)Takg(;se%R?BH?RSHK#)??X6w;qoTaX_@ATUdM{x<
zt$h4nN@;@fxpVgvDbR1{al!=Yb(>{$h;_`B7#dr24zA0_b_(E2w1&K&<@Ic;r}sP9
zbch0vUhgy?xKWl_D)vJj?3_CNLfxXU)~K4gSPcC(_fYBt*{}ykQN9wkV5Ee^{LmCp
zd`XNAy+c^H*DVsb@or)_63Nmpl6KJO_@mv>flm)8cZ5(7CLR{iA>JwTU06LDra`|c
zM0K2As2eR4y`Ls9zV~b@?mEJgAqJ9q`ND|`BmM6;@qhcOJ^FvUj;i9JkFg)6H$V01
qkp*V)Ye6J52uJ>1mFlfd{PyC>ZwpKYc>k9wj66_9rdH~6$o~W8v+wW#

literal 0
HcmV?d00001

diff --git a/docs/installation/images/kitematic.png b/docs/installation/images/kitematic.png
new file mode 100644
index 0000000000000000000000000000000000000000..5bb221ccf7d6849b941dad105dc6a887430bed16
GIT binary patch
literal 14191
zcmX|IXIN89*Hr-lr6WBMxQL*DR3X%eC{;m0K{`lp(tC-36a^CL(nXpI5|Caa(!2B$
zA%TGO-a<(Ea`nF7pCnJt%$_~_%$YN5t-aqo*3+cF!hPk!g$wlBTK5euT)3!7{+&s4
znf%#u1^bHpb<xK_^WKGuVZi!@3-UL$@2foxoZAlD^x^GE%WvBv0y`gc`QK_@nCAF&
z%ilejg(mE<TO-JjEkv!@P3N(gl5Q6xRdXF{Rw|VaJJnkjEu9#9o+53g>lc$R0h!#@
zSkw%d?6q{`B0pUcfBX;4uW5AHMPI#<BaH9q;C5zw{HpuYT*avH996`4=?MA1+_qiS
zqtmqt3lgo<ISD_zlMnJ<?tN0slo%pQoG&GXZJMEQ)v*xbU|($BLdIEtJg=b{BnbNd
zt&sV+uBVt3{jj}SAPGCNlCa-b`f>{48CZeavM?ZQsAxg~3SX2Xv8S~h(7~}cAAy{}
z*~Y`&dhqdJ&D8|*MemCTx6gq3^>$9?Mdt}f(qfmb;jrYt7kpuO3b87lfZcG;NK6W;
z>3D_D@!G%kE`1DncO;N_75Z<hrv{$N@mLe_uSIvlGFQI(hA<#HcK3|0h0B2QS~+xX
zb{d+RI@vZ!%YB=iJ}`6?Vw`p~_YMs^vD9APQ^GSq>=#iu@28$()n0x<H~m{pbIrp1
z0sCI!Lltnc9VL8Pv=u#6;=u@@Y=l2NhE_F-XS{E$L4a}JV6MkmsL#yd{Lg?Mx9|e(
zQVzC8i>5_#%j?~f3C`OIb}NQkSqIldJA$;k{jt2^u@FOye3Y%*A|?{E+1u@>^QA?j
z;bHj+9k*tvxvtN@Ef8b-n$$fjSL6@;#s-kf$PIXn>faf$5Z|Fed@wy!3P2<}P)GOb
zP-#Hs_<kCFzs7WrbHRZ-&h*&pkBQ_x&C8mFQuJ=e>t3DeYjjHm-4D!@{Pd|<E)HjT
zjE{`v{he7NiVn*B!*I)#Tel>7)ocgAZi}3g`Oek-_;BbXrSGpl-}XGh`e>jJ8+Ss;
zPOoX1Tk6b(Hy-=_8R^@8c6-v5BWHk@(dXv4yA?EL`S+B&mW$pg=dh=H)WnYe*x2m;
z+0SFwYkVB=Uyri({m1%6k``RKbe^<*E@C`FvJM6W^3+j_a4~#Ul&yDVa%qh$scAD0
zja4+rD-Qjl>m6!wTlsGo*uw=uZ@Zhjso=j8ebX59l9)BJLS4gJThd`tua`!9O&1o)
zBN5;JunG}*@!RSCi_VV3XDuzG4KE*3<Sg6R^&1cH1Te&hwzm8)2<Aqb8dG-tbG?sm
z+YpLsew_gR^TjMJ6QlOrD4+YZ4<34jR@2$$EJiy0U}bpvbCc`6y;t4LFhkUz(R8}4
z%BXu>vf86xEP}*e8^o2?)JO(#-VF@uY_5^bA1i`DnWW`)H~hkaRivA=@Q5m8kO5e7
z(~7Yrd*6P7q^fCJ@mq_KiN#f1C*pJ;=8u<etpm6&hPCRq{)3HADbRnin#KRf_|UE=
z2<j1eq$iE6KoVj9OiH|9RE=*thOhSK5ycuI^BCjvZ|2yHanjpuBLL(k5eS92KJ}c4
z=1F?S;qP+E>oW1FY+$y`EYdOR13z_y72hSyb0&^A0Ul$!?{ERDk!aAnlL0_OGbKqp
zsqS#V84-##OHvId2Ehg&JDs-7Y@1O#GOsSm!wT9HXe22H>*zP@NQM3S@7kQ-It)*@
zPFPp`F6~2qOl{2D$Fx06qbGUetZL``Pa)nUSTY9-Kv?zz^ACL;C|oen&)a-&??CR%
zK;y2dr!v<dXOQ(nRPOzi@uHpbiNZ71IkWhp;^z1G$qq#9rjO}VDNZ#|u`OIKWPRKA
zOJl#ol!wnOmjhDa0Nu1rdVy{ChnLu5>Id?f+D_1lJrX$Y4>|uv!r88Qa)V??1PVbm
z3l2e`ym)bQ>QYfh!LrcKvf7$g-`A?eKw~ZOeA?CDLH<34{nHk?0_$B5#?GOdF{K=R
zbY|WhSK^n4OH)41yHkwY`TD=nHu=YvRc3jAJR*DuIFgdN9yI13_BMh2c~X~<G$>UN
zW|{ksE!9n*HCxz3PAWz1_KEWT6@v<S1^qcI>Q$9&`6I64rU1u2{vt+5Y6@23cb|25
z(q4(91BVv4hIiUBxXmK~9U^kO#LVVpQeZXJm^W16XiIq==L8MZLbSD)k4+;lm-OZ;
zOgbnv#h-?CAcJ#F5YRQqcg1&U{ssPgtxAvhR@(6f??&9!j=Aw7yT}%9{7348maT+c
zj*pBNN`;q45Atd#e$mZ=3(f`^;tfivKkp7!)$z|~Q-PbZrtsiL!JpgEKqab^hwm=S
zxv7dCuVr4CKajD@hTZ9xzY*y#5Jp)Sol2wx1EYO6cy4}$WP4c+AGFaO0K<4fL$d1C
zBmHle#wYC30@Zs;sn+v-sK)fSDZM{KTXLL{Er5XPlI?yOVh=sO7z>fY*HRx-OM68j
z`)J!K{%nRav;%R%R`8KX%od$<gNS2-ZM}+mI04x{@9XKAoS-KBR*j0+=siQEYsaz4
zBFOga5~bnEh?tnT0AgkMV{hzRyX!FGs<TPv6yy#D<I&tK0wC$t@kf3FPK*RE;&Kk-
zG%3*Y7j%yswVAP3nXbiFU;UW7Sm5@l)%Tn`K*N9jKwB;PVpQX29ycZNafgztG`lR$
z2+rQy4%P0=1jIHD@TJ;%M!`>7H-<xKiut=@2es@k(3j@JWrk_LV72ww#nbAa8ZmU&
zE}g$r;-dTjeIq30xqCO8>YvlXDAnY%!k?NiJ~)>4f+KdZOZP=}i%8owHoJ8py5*?x
zi#zd#_jV)dWz-t0w=Oe;nU|h*JH>fWhFS7I>J5Jcl!yyA#+}+dwSuN}pRPWBEcQ-G
zMC-&dFOEi)srT^ysK@0#zM=vDc=t_p_l%q4SfKn~#uBM363z`^JnCfd|ICVsj2+YN
z)OT?fe*cefcj3xrx6FoPB>EE}@z>z3rYDvpe>5O!TBa?5|EGBJRJA!D@LhZnA$jXn
z#hV9Jkd7!@n`HVXR$m1G$VEWr(Z+jArI&*Pb$WKaOg?+L_eivL)YV#Z!I!qo^C=v;
zh}9`#pvz_yU)`9B*UOV@eMmfF!Q#Vep7Q4unEKgjC`!4a)Fj9mnFKrhXyqSnes|{G
zkR`_dsk_4oxUPDFb-Ixx?Hc&PVB@MhwW6d-gGo_vBoB2&_$Qm=T?Bv*nW<zAXAOOD
z(SLtiwgcxLL#2C5LSF-agG0+FqlNjXrF%O~u%j*Okm#0H()UcKfi!KAX&;t)O7gfX
ze=)DyV{Ah6b7HgyKZ2v}qKqn^CpAAO^+{AK+Qg{TY}3kL{9L+Y%zMdUd<36AHf+QG
zt;8`DHA#p@CJqiK^)!Y%t|Y$c@2PV~W7?>Zax~upqmA44fl$OX5~HZT-)!(+XrN~e
z6{4trw)e_#uW=M+?S903LAurm4{K6;75C*z8V!|)d_11Ad$kt%*SB}|lTN_FMFf8)
ze9MS3GvFNl8nk46V@#pGJ!P%OYUGETq^`f^u~tuy&lUsScK+3)Yq%U+T#k)Q&xo=D
z>m^6mb))TS%$2ocjT;lHFh;$U2&L*ux)+qw+a5(>_*DEs!n9!SB)S)Xf6aGahUg|&
zISZ)fVj3JoYDQY_IayDiqdv*7O)UDyDBe-w8avWRR}Q|dzF{?xtWudc8leBXba*)m
zt+h>|+p$ofJ?48;ePeh})i}zwGG7-s{3wN@{L!3T$jil%jZV5Zw?{nmQ_=_ae%~FT
z{8swwhjZM~h&dDJ10B5_Q5~$9o#hZx|M>SSNJ^oMhg^Jjo0pIWR)d~VmDNzqETbe8
znBTbi0169M0e$1S+8S|g|A6G!YhAe@^i}0X-VJu;*o6@hOdIVye|D0)89ZdLj_;eh
zDUM~v+RUT}@&oJh;$DXY0j!h94jAeCp>@~X=7D1}`?uN*mTA_6v421esKGP)?AeFV
zh5hV*E`teHgMg4rLC0&ifhWeVN*7#mX*B7yU0YNIGj#j&Q={$Au_Kk47)PfYlmo-T
zRN%Td&WNcHU5)q`mp{%LW}3LRf8aZ&zU^3_>3HOoqd57~pJ&T8I&<*QahSDe-@OS~
zYHZ1G;W3KNf8uLgr+$wZLwvvQs1%hFtS~cOSnU9WXwWu1A)<C9q@2O`g1!JLYaPJ7
z-#hALwr&XHMt68><}doE%mv-M{W%1sqj`c*W&YIs!{Jqmp(*4QEVP?2d{jy?_%h6+
zm<_cgV|NRj?#^a)YZWW8LvkQ^Q6L`W)s?FXM+ZQ!LgDrp@+qqZWLM_l3RK#P`bR==
z$CNl<Hx9t#21hge1ZIF)nXev^roAP7E^Z7Y_mJKR4ox2veV#67y)mt2s|IDLX}5X5
z*m7ByS;Pk|qwJG=x83Up9W>Yb=426CKSf2pM0@uU<6_3imx%TmPrkK#cagX4{yEp|
zDWIgVBjH>{_5`!<cxPXHlD!>-q$qc;{u-yK^f<S~#y={G@C~{dG)A+#S**88Ajm^*
z&^G|Lt}Lqr3TQI4fFH%&x6T$;QXGG~6MBIWHAwAF6!^KnFMm+9vaLMpe|b6ArYUmB
zzfDCuc=y_U&mBba$@weBJ@*Ir3~ExrB9|2^iN|^bOxf<d_d5YqYAc2=xffb^`AlQ8
zEMh1il*vi@Lfx8e^-p&j%*}F`6RNe_E!@Lk6Vj&m0jX5dV&otX{w{!;llf*%sp*2$
zRCh1Kjn#dFl05M(p>M4+xbqb|9H2s1<WtABQ%Z}@WFtTsZ&q~qn3@D_FzpwX2PzhM
zOb~8_J91bQtzs5+VY=bqj75;N&W!Xy>O=-gNVB~l@zs}+2H(}!bsMNm+ku0Y&fu8(
z2ac?)F{-L{<I<opYc%5B5FdyJ55K&7j~gqv9qnG8o&g#Yv&vN{`4Q>Ffr6Owhcp$5
z*;Jb;RFm{qo+`=kdgfZobvQKAQ9$A_VaXhFyu8CV8!lf7{eUsan{ez#nCRf!!}(gw
zaHgt(@8x+YRr3%j;#|}u&MjV_5as8Cq~?RAcK)>a<B(hNwhUv6mbUUwws=}R^fuen
zDC$D53ewdt<bQ-M*vPaQnhVdYZl|pPUvt?D1X4cYqvt}rNC#`z({gIet;Tzg?5lOv
zeQT@S4w}r^=vO2b5*lj`96Z0Od;q^IxYrn&JNm=#i$l<pW53GD+_=J~{lsWTc^6{g
zRsl@_jSA@CqE`N|<MWG87ns*oN56k{9y=@zsv}V_%n$4qwewnln6A7w57;>hpF6uL
zV2e%R8uM{wP*5zQUnK-nzgE2(p<23<C)oA$bgKN5jJIQqFa5}y(iTDBvQ7>BO$TI2
zRZ7!8&&Yk?{9e6nb(ez;0X}nPTdjAP&)y~7=n<H86jt{^%r68zDX`x^)v7Q?VSibA
z$%2(84)5&81SnIgcJmOQDcm}<eoI$LeV52m?{n{0=#{;vd3Ce#z8hy@bEmcZ*dL;*
znF?cbO3aI-J<prf*Bz>0)!Cp7_+Vb82mTGNyL^%77YW(L{w8N-Ju2Vo5G``fG7H#X
zgi>O$gMn+U4?D4G{)PTrcsI-0e$Krxe#6eXUja{%ylBz4_Av5lB%iFF;^%_zW-A;#
z%uTS44a~82kqr+u_YCE|xr=RB4p)$S^+4Eq?}%2!M<g)$M3QGB%s7(&1Z_5cz{V0d
zheX#?g;+qw<X%}{I3-D~PCMg1e2*-gNTiM@x^g8MvEr4ZsNTss^Nw1=Uj-~)mhtAA
zx$t~rA;;io)?YEuucuJoii^m*JN%Zbiu0~uWf64K{K2`XE>3vmf}6tEx%3Q7Aa%ul
zwpz{5$8&@h?;KpR8Swt;sjenCTSyQeF8@0z##Ls_a;-M4ZbA0y<3L^h_eu0F((BeQ
z74jXbJ!SIe0?-<IGi6lAg)LlJCvI3wj+CK$6WatYPoE$uHv40je4SL|9sKY2`8Vz)
zVWN?s!ejfN`qUanVdl?=A@5*Euvgwi64jr!HW@0jpP^BYZ;aJRGrXRAIg0^b`2(L&
zG|(2WxuE0$hQuo`ue<`aAA**8YHL`&&m?@tj3QZA*3U!sic$?8HSTrj{_rJvAj_PS
ztn~A{^Ynx}^KTsUmsZKM;^(Y|_A<su6Ar!*R!ctk8zfkGyqux7`tt~(G)iS0H_rMG
zlLy5wKbnB~GVAffL8#Q;^!M}Za8%x-*d@3E@A7m9JjKOmfTS;-YxyX?CYYWT;;sDs
zlEFF=7K)rA%`3d0>_GCsse|Vsx6q;aRl7s9RFI+dgwCp@9`G&r?J~2Gn*nt$<t-W|
z)t^?}hwbi%7pl;S*j4^x`L#H@)+!9J&$&Xz;E=ETyRXDwLm}BV1MYz{HCfn^M{i~w
zQ6YPhn=ha>Z`PHN(lg5h_%Oh1r0eA`PxkC@u3{dA>zibz<g2X{%!9vr1DhSYs=gp?
z%Fhcg75zwZO+?Q~G5_@HBy4*1?fX5o<xP$qP;XKHYN!*IOBd9%FLwNQU=)PiQmC0O
zAE=aJsf6ESIfcqEy3=FnOb4<R42;zXR!DB2-=9(nTB6I*#toqc7&3i>=&+i_7CJ)Z
zD&x+5mBkevzqRN|%Sb&s@tSja_Xpr-^B|;r%6GKRugRucO0A?sb|^+~1kml<itTdV
zf{mqq^IG|9=Lxo+dtieldb5Alsd$CQP9|om?LUfuys5SYR=A<d(O*+Fat5?Gl1kH!
z$NLLlf3Lp=Uk7Q>I8LWxTm`m7mNaW?IL}tncc)dd?pvCAlX;B*tSBFX84xWwaaY77
z!TEkT8F<P*FiH&-M_qt#x{i-HJp9{=n`C7BTZHbNhVs|qH0y^vCJ8o$-!?ISh^hw|
zc-SZnbdVE~{SIKI$vGffqB9w1T>WkG!KQGE$F%%IAa>)(j1TZJ?TN1#6+{J4I(NVx
zYOskt*q^qt0R{#tnepL!TG4>5QEemD@2wP`)VS|9kNM7j-oJ#ugUF{Ph`8JEF;GWI
zxXANKKuBeECND|0VS_{tcZ-4Y3X&+{nI6gbd_D$p2qP_FhtQk?%2iT+V`;UiaEBoK
z%@&lvaR20KH7vz)#B^nLuRgrL&1Ska6mJf1cg;LNgNIbpz;d5^fx)r#xWZX<RMX*J
z^hZi;*J>3%C-gUaDEA@zlkeuQJ-AB-=19uc^h>Xvy&!Q+#@2Nq?)eHeHxW_d=Vdv>
z5qDwSd?chA2H^?618VcUt@>OvuoF^R-1P>J&=uq}uoBImd4Kng$2Xbq^YJ%I`lY{-
zTT!(=888F`Rgd=~JPMAO;MLD=AmFxG?U?|ZEa+9Wsq@b9tqdUx+bu)m!#$Ha=@ST<
z6f7ofN6BN5?&5d^LwKF>G#MGegIx7CPsgIB9XLsHcn43sMbpFA7h_&M%7Ld?SkeQ$
z6yIsA@^sKS?%e<^Q3eeG+n=Ny&T%2;oxzW>t9!$R)vr}Rn9~<bpYXv)p-b^8c0aE=
z#0NP3oE`UNKkiHYSx{i5bTtGptiGcq$Sd6UP8gAyq1U1I98cNdYC;h(v|HN8xfX-`
z6k&U}=R;zZ6m|ia6_#+f(FUX;Fqy<S+#a*(`OD;lpaCky-B2v$t~_c@iQlqi27q(v
z`eGRizU{Kp9S!iqXVUXDRW7fZ2YezlVsg2Fj1nos?e*LeCAB7gMyVbV>iNnd`Rv$&
zTv$zYs)r8mkm~DQU;k|E#)92yE<ziIh%UZ8Q&^7@RKa{hIDD5k9o9Gl=fo1$FYP<!
zFQlRj#a;~|zvr8RZ+-CTy;`*S$U%6*ikNs>h#owe3J1xA@$qI{QGL8ypC+V&UUmLO
zdI*871Gjg(LS@Bq6ssY7`$*_?^=3G}?5wYk4yt+M(nl)jHD>6*>r}W#i>YqB`oPzG
z#dMDR($f+7;ex}&#f~rH^&EpT;q3x*st+7#J4#_aoyJ+eLp9ybI+f#YdgQ3^rn)!8
z3_A@k%4DrZ&Q6#F6-B`dPpFK!FFeEtLBRcB!x*Jq`UOQmXJ<~+;{4rxW~{aAmw4Xh
z3u<D303)SRZsb+H0VSRVl7{C54zj9wRSe`nxI3C=Y2YRr$uW34pfWfSl4=#Hy}HLW
zu*bHwQ^O9hQBp@ow1>-K>c^#^!v(_y)v1dO@lTzA_dK_x2`0{EAqHnNdz>fq!3=(%
zNRC~Z8fyF&@6_^v+`rj+KYgd^(fmo=OeZ}1x_R}z#@K<_?r8Sehukx?bz{ssVnOwm
z2t;C|kiYQvu}Lww`!S>@$GiuFV#!}hg@*~a{QktDnyitNq5UD@4$!OkD+_XUcxwnJ
z^8gZatf+*-rf4Hx=F0sv(EPR~W<w)=&(btc=+~VHfM3$l(SXUbcMMTmlsy?Kj<Wd}
zoZ2hvYG^^gx1wC$8~F}6%IfdVQZ!+$_x29e*Fq$yWaydc_}7lw_)=YgRxB5V{0tc6
zAQ}-~Kw8gupD*Bp*StZVhZ&UuC&rPsTBIqdf_0>%8KN`h@I{1dKH6TUXvFMZR1T8P
zv*jkzt#N30JEo8#Fq^O!{oZJS!}kNww%Tb*?;@@>V)MS^XuLF*GmLXlAJkB!_wd{9
ztsk?JZft7X?1RvDD`@nYydvq`!4k&_j$N70d2fHt*cl4cJ$HXYRE!LLnf2mDaAf{q
zoa)e9_axjWG~d*246KA6=<cBAhi%PSBN@p>tU+X&!+Q{SI9;}*d#`3Hl*nJ^vX-qB
zUd|1_yffUo`zYxK2-vW5UnBLid?Y2|mP}3zHSnZ-w?8S@LoXS+803}i>6!s}PPEp*
z#i3`q#+o8cY}%t_vf%A!gS(enDOPV(WA3!-mqs?LsK9Wq-zF*nr>?RF98}qi1b8Z@
z<U}+#L7I3~LY8TiQuBtLplea$bOA<rhGBzl!a9t1KpLA0M=$j#8x{k6TpE4GiGvlA
zs^aeHc}4@@Gk=O(H}iTDFM6<!;PA8Tn<R%RXh1+rjdXLph5G8#4l%hejD>q=*hczY
zz37t=GvoJk4#o`vvLBDE{qA`bX$`wCgH0h`VQJxyUj~9eC4vOxT0j|0?}z&5AO$2s
zNmH>RsE8R?;Lr*qNxxI{`32+!lriYjK;g!8c$-c}S7+k!>t!r=pVL;XiXb5*_t3LV
zYF<JiA!o(KsMq85p?3Fg!C@BmcB%I&*7#u0R6RB?jl+3oInUp0u_qKqN=_qEbR;Q>
z8R<O-GAn-br0I<&?vt_yH$y|d5jCU=y*5zKSW!uYBg~aS2PV{CQCo~4xlP573!P(b
z&ICaR8Q5@<AdW0=9HsW<tU-MG%5#hHdPeIVTBNc4fXi}4t2k>jPWi4%^rzW7<<R7q
z^Ucbm#uFJWxpBvsJQ-h5iZX}~iYYWyjX6P5Vba7UsLzvorcSX|>G<pIqqodU-*u-y
z17GHRrmDQH#Gd+Di9)wBpma0}c4?NG9iTL7@<To<(;@MF-y)i3y7XySs&AHmOfCnV
z%twv)iE<WKoO-&Hop)k=-iCM|d_S?h<u7H}kd@d86f5RHAGJopJw$t*PBz)@oAxLe
z@i7*$MA<$ky~)Jn_PrwxR2Pehk*r4Igeu>4?dQBWuV~~l@DX_b;O%T?1J|<kWw35j
z#fshC7-@QrlCJVRYKE81i#(Rr0U%^Bb+PUq--bOXXY)0C+>6Vagv%WR+=PnWcxFHc
zUUL)vIE*dq-W=_|$4jNr-6mLD$(cwFZHi*I;~P(Z=9x-NiSn7jug<9zY(3SqK_q6;
z*V*^FphDa2XA9Dwi7uYT0K#|mb*?%xQ}XlXvY4@q4zGP>K=6Us;_zDg_i;0*6h73y
zC*w=G`8*H)m%YC72hM`h?_MU4VbpA>&*Iq5-;MclrA3oK23lzBqhI~}-R|ajqF-WZ
zo)YtJZXDi*9j(r&u3Zz`eqz!@oq$BE$q=emZC4$|Y|js<^?Z3E2DlmkYZHU%uUdFt
zS}CHdD%w@WTVjJtwC=`#U&TzjIZ@VDNRmdP=kAmfdeNLuEX7mO<V}}1RmvFyNn8ZJ
z4o$ONO8?CbHTV1%YH915!oWvNARfi(5v&AtG-VH6q3qITM5Uh8(dK>fJKj=zgj$B^
zs<PB4!&kZYw!0UUvmZag!WU8fI=0rQMBt|eeYuhUt!!%j>*uI}GK!46QMy%u(}WK)
zS?#kfw|lMLCoDu~j#5{zJ)>6<amFgCc)e<&`CYoKx;fL6@-1}r8jqG?(H9lU0AU8`
zSesXr?cPylE2V05M(tJ4VQGncR`>~1U}6ym&h~Mhrs&pew|-)5wGIyaN+x}`S0-bU
z$25KY<_h#zuPAAJ+Aa9yT?DMKIu-e(Qo-aGBAK$M?&sZXaa~WhXZ?r7>Hc3P29k_H
zy1g*(MMC(m--TR9Hz->ej=dyrU|m%fXs!+pE~rz?9?KAG53Ye%+iRDf9JpFFe4x@a
zji6;whVJ=yVtz`m7z^+{Yg_c5IqTkon&@lL&4e?yW?gV3)-8+;v*g|SphmZwMK3|4
z*|j}MxR@VJ4}XfqwJW6v3OLF#E>jY_%Wy#xd*MixlPh!#I+w%GT<91rpKasYul!mc
zakM+bYysS==*GMpR}>~cL6*hDIp)C9pcs7UUWzkFTz~Tr6D0l4LiQYUkG*ds8LD)(
zyFgDRV{%p>#bYu`y3>lkK_T;D*t!n9=InTL{FGUrT5k3YPI3&wOl*_C0Ipt~5!c_Z
z=l`VE+|z*vcUEY4GT?!w&zuR9zJ>h9D+E|S7MF7n7tA;H4_A}nV~5$#{;jB}la4Ui
zk*y0MP{FGjz|zGCV|Asbi?2qG2?Es>-H5sTxY#FJr0E?nkQu-lX*jmDESv^6ycFao
zTwQdrgm~OzI~8lCA)6DUC~P0Dg5RB%pdwYd@iY2<qMek&43yft7+rvv;0hB6RzAwE
zGt>NT)hzp>+vS3I(RI=<*hcckKp5Zohn+&<%&kHmSA5177z@BPAH2#V@IiLTS$t>^
zj{CZdRg@kR<kM}dZJW*PI~t<d`4?7@0aP<kqU?!hCmY_i)6iV&AKQ(hG?Ms|&4HJx
z_O`I=$RB~TzuV)orp+t5rNQTjq5GPq7D0)X5g1P7oPr`5(72=c|Kb-eMAIr3f97QS
zL3Yw}vAf1_A9r%{OnP7wowC0A2gTT9rX8S607wc$96RpOx^-E&U=Ul1Vf6B%thpTb
zL+P`U{dg1?+u&cZSD84sN*0Egqsy2W1=Sl-{6rpcaWR9<Zrme{y`MN*CBqDl>HkTv
zKxv=BR4wPuN46W*UZ$U<`o%{iE2e@5Zv630o|SB?7XAEqvqryd&#F{VbV=H)A1)^}
z=}|oJClH9Ly|RIguvO#1=SD#Y4g9p&?)10Nw1#2qwFxVz)O87%@_&}X{eEjjVc>Tj
z6uuU)yt0n=G8G#;8c%HA`cFD`!s~dJ&j;LQ37r&mZr}H-kxq{7H+$JuqR)na&IW03
z{tdjzALJTLwQu~%y06S~@k*!hu)|hoz>OmHPpVl&ovc6bk_~2+t&j(!EKA{SDFKkR
z{F-ItTzze+VI%U7qz>^}gwJy@1KjOcEr|yv?G*j|d=y*o>!<5%owjR#v7`N>aipMy
z(P95{>-U~!ZF<2$Y}V;3_GIBFfQ3%-X}Gk`+rRgDD3Sa$aif{^rTEEe|EExuF?fv>
zedRYjZ5-&&VtIm{wD%hbq8<Jqwp3nVWiQx1EAqL@E4LEo&^93jZHxIYTS1nbt<d|r
z)}Hco-8e48`eBM^<}!Ngtn2vdo;{^%!tB4RiY&9!K)n*}?>OB1Ru@Z7X)t3A`=h<1
zCa|t%dwGJn3U&5jSGe^*0KTy5Anqw&YcWN+AsRxn+teB#7ODP!fXHT&l4J|KpCRt!
zGfYhrLbI!maN!FQ@u~G_?f()2h7zr4p|v9gnSw5o3|#%r$H$=^4Q1x4pNap=E06&Z
zrFkCnEQQ<jl|APgj@nE>7bF%++pM^sX|Ftc<NEBhA@FZ%fE!-JvpiUVl}Q}$ePfPO
z!jTg8jL+-YzGtQ4`tjF;Dm@9AsMee}vUw(dlM%@20q5qOgHlp~UzPRZ(>y3jpBS9Q
zRIzR}8(>L<f|1^i5NL`qafNz$?3AR$g|igTbiyl1leR}vqCFtPPokN(1LjB*jFuFT
zz~XgkyAU7hvmXWe^2H?h>ONfc-M%B#BtP=fgPm&<j?9dr5@#E|hKG-SxWDGIWjl@z
zh7nqFkHSgWb{mVNyV5Yi9h1P8EHOOO+M8=8SdI_C(%vO~z%%aA@YC~r+{I(+y?8Nf
z&qN1g@q8el-Q$a8zndEg#g9R~SI{7nV&wPz?;lM1&dy#UL1Ap=Hs)n5OUK4nNOh&n
zy?eH#%;mO2W4pz3G@i6^DYB4LjTQeIr@NzMbsZQ%Qm$E@h&du9$`Xg{@31^iNa#-H
zhAj~Ko!kuD$orE{o+aWJ7J<i~FZV;?$@oI6BS*@Y-<57DJdPwi27e?Tt*oMuOhg28
z4}u$Tn#b|Otw`R1Q{V9RXJs=&+HEU6ycOj4C2e`4cxDLR=Vjy8C%1v!vmO#}pDdC7
z%mdL-SwVmlLLq{n5+|YCd&TygjQf&7b$ELo!O!^DE0`t7i)n!+m4ghsMa`FWYfe;=
z*RjutNfNm5Iz9qK5C#zfy)2gLQ8&rQUy6NfllpsHHx5x$9KC`}t?HY;X%nK2l%OUG
zhx>~>*N|^i+j63!xQ^vGmf7&w>?6tJu<-dZi84le+b0{vIcVasu1UM?gO|KH0#@6A
z++_dsM^@RY+WRCyv0?&OAvrtBNc8Rxx@6pZ@E&PMl4wiab8YFS_*a0P2y9FzIY2}h
z)OOp#G8At$ciM*NSxX;-8il;c4O;f-%`jUqGbEwJFytrW-b{NrT9x-+s0C#iTY5bm
z-k5k+M(p5_x90sSHySHDL7EyP$q$fy3we^Qput5^D$wzOTSmZSCCv;N-(rA7o;>B~
z8x7MqeL6SFt<qI;4r5gDb9sb^$RtASe>boZKP$esO?{wz+3NwGCdY96#Z4G8VYIDS
zC41lRqq~=-G?9XfMCEbHS6EmZ&Y0XLqDSz0Mu4OwLi~PXx1yaE%P+0myut71$<?j=
z3VTspyhbIHU5_>~yD}7jhi$8Fks{maA8WcknqWjUH;0kCR+GDq?9U#4+lwe)_M(}l
zbslsvZ&gvx(=a`|)(jO#l|X2*AwW_IiB&=##QXJZiy2>e3W50i?d$%VrhWhJ?GI6L
zu~$X}^2W!0^ctvot<KCD9~x2%^~5BkW-yUBEb)UR&|Q;o(blpEF$))AU5>e@icPlk
z)aLXip=`dveyjbpRS;p54OhYV5Z90HV_%UUR4eI+T+0OGHO=swU4%QEGM;CgYSU4E
zqC_*d4VYEn{>~RH$pJvB9oZPz@V*&E-t$ED!+6B2t69=f#6t{m+OL1<R|ryT8TEsc
zGNP6f%k-N4)1@fU>F%;9)z0Fp^rLbnoKO9@B_ulnnLJ&3$J`_BzLV;^X)^f)bVH_Z
zaNf26Ud~mk9}bT35_#-d<KBfVu{taWZ{#K-xO%{evC<&oQp?klJE9Hxctss9^Bd(Y
z;;0+?rP2dE?{(Wr{jA_Uu*5U=o`v!LOYI_qku&9M!C*RXJ^_KdJ0@h+7n#rVyirb(
zI`aF8i+atY66$-GFrVncbFIr<C4G*z4LQ~xQmj_oxdH{2P&}M>D+#RRI@*jN@fe3Y
z(-X1%q_g(F5fG5+Y3TpWv}*4e)Tw?rATD7OB8L&`B+X$^A}B)_L8cEE(j52Eie?Kt
z(e`r|?|ILv6=~Rm-V6CvqsORasv2bnKhE4$rm2RvP*)Yj_C=wkuJ|2x*sa@f)KCZ2
zQ{T<&iIkyCYs(#NuWF{=7_R*GUGrQmKQ(=qs!9CSON@H^SOzt8fQfGPIe~7O9@<F*
zB}6PJOWscSB>z_RU1qFxkPFbHf3TNJ-rB5bLF_myFNqUg|K+4XiAK%+KH8MKNd8l}
zgDrL-s^Z-6+c3JaQ;Is!BO=UMvQ6&#=40f-wottL_A9oRFQ@(caq=+~=Rb+rF~p`R
z^SaWh2?^s4k~{`$93?mii1v(<e8nVbFKiZ)9-6(+g1KoKzSdkzq}DN(16{J9NzYqm
zw@AN}B&3QJpkcX2hqnhvgw#h-L2c5r87}qbv7eA6#ZE8(oSQeaC)9P5CD^cUfezQk
z&b~oFy&jtehe1q2Vx+NmSqOfTI5%LGe{ViFNv2x`_fVW>OP2#ei~ESyiW*5|pGnzD
zb3UtSDG34y+Q?@;G@T#&9_%nf{~PyS3=BO0QwB|IPM-9f7v*|TT?|@3q5A@xYi_|4
z>^ETlo6vM5CVH&B<$W5!Dx(aqD2#Is!BMTUF+%6vJcrsBkYvsCfZzm+FFo!<_gtD9
z6S)$oDS-An8MrID%s^eu_f(a}2n71!Cfwmz8Ja%M?^v6Web*8qiKc!+1eh)DJW$gb
z{J;-3tfbalfnSi1Xxg(cm!J?YJCn{{7f)|ox_q&^(ZXEfX25!S>`M*bllk_o&Miqj
z$8OJRg<fET@27TsE2DrybVL2KI`KLxoIOcg9ux^SK$xdVRnqoAjt2K1bav2W&{DxC
zrw4?GP7|MZzSlmk_0zi-<bxvKI}2xH6$UMAN3J}dqr1^;`V$>Z&4M`sKIg8xL&f;?
z!1f;zae8P~gqg(37?-}&hxYa)>Le*YiQP#xAxW{iJLe(A-m@c77={y1$ETDp@^3Tt
zT!s3cfNnd&o@;y>4$qcFBvCoB3?7Kgr^z6S>mXP9CFr8JxTZ9Z=zrNY+2kLpzo&In
z{#?ihP`CjAG*6lob()sW*>fS%|M!rS=P)|;KC#@|_<7zC=iBxS_^!(k;LKVOSl5s4
zrLF)10zRVS(#Ps&Qqa2M?R2o6{go%4v|OJ~&>$ARhR<{@ZY3eFfDC=;2E>~or`Vd(
zNh!YGI1{6kR7Ux?&)bubF%l6ryCYV&V3CPCKiW1&V-v%k2{zmeqma*Urn>I)eCJs=
zEj08Ep@1E5sy?f7XC+smqLSp%z3*|kC$77$g`dnAaFq*yML}(rqG8E(^|wNx9Jn-<
z2Yi4&r)FmB&I>3MG`&D3{2kLp_Fc{NYk<kSb+Y{qdh%Ia-oEPwQK5U1J*P@f!m7kH
zbS*b2xcCy1RBqp4XM{HYR2OoIC9K8BfUYS&oHNW91HBbeXwn93891PSFxU*Zv`NH!
zuxOr7s0?{;DO5!M>y_2{RTa?K<sWMgI>Y(}^QOmMFr{;qspyh(N|W+4lpmrxai6fp
z%g%Q~g4e<8_Zh`HAJQTiX`_(9Wjx#?7MIEe7F!&!!t2?P;|kpQS=!jj#5wLXn{cwR
zma;eSE?=To?mX*f#}yICS6x*B7~z(_&OB?8T7XB~a46R!$Cw(6HhtZJasS2z&>F{8
zXh;&@iyK!U_3gyzQFZYqMs2I<#zBYV@grKlcn8M`dEXn5N2<(L8?Is_;~TuF=WHZY
z0*0KVJYp`=xGx^(F-pdlJpGs&(6M`W?Rpt1h-C?~qPY?}QYD0^^2C`A`)#i*7FxKV
zkARU*1G0Q^8cH=EveNZK&cwDfbUVX&czT`SLy+hP5H*5`+0w2@ntr88CI7hcT?Q(d
zE;Cyf!g}UE?NvfA$_i+=1wV#8Cyx1{KGZSNY=?uss6_MG?LOGx>^K43QMpb3>DvL#
z_;%fQh8D=$)h&F)RV$rcccYg8HA~Ie1t0t*E7<&x`(&z4Vma)}tyPSuZL#uFkhnXc
zPxme4yaGd%V42!+be0?k%{)#|#M^=WUau^vIfX#NYApYO-w=sE9k;&eTJ-hpLiv2_
zot5hL1;y)Tn^)h$pQE<it^GxS8n}4zjf}EIQnnX9ma-?V|C|{$@_I|Nf3b#XE)vTw
zF8*+V-Cw*P!5?%J$GN?E;AZE%d-Z%LeYbuR3P{_mpG5!HTXO{9x8f_QIGbQUq^V5T
zQmj(e7JSZriwbdm3s&fN{ETm}XYz<NBu6A`V?4@B=L)@{TT0Q#dLMfe1i=!4&(G`)
z>F}ue^|sYDr`FJseR!{}60H0S$)k?E2<aH0`c`p9zk~WZdX0C^Ui7b9Kl>r=Y37xf
z_B7mpV7rLQ5CVqvgwg&QorBPZVwFhIPX!>B<nY;H5L%uSamGbtS#V{uC`~@G;AUwb
zGBPmd;MvG3^Qt`y`X)0;y}2o}`pZ0*G<0f>jw?83w9aDQb%~VijOS_hiZ9W6YHK!A
zD<(1iBTdabiH#${(n|PQp3PuqpiU3uID|9_rW&R<(ky#)G%+Ab+AMS3AZ6R*!PbL-
zpv5o+GRRH!mb0B*aYmnL?~EVDWn4!zNYUGhQ;;(9!ck!GOs?6sQ|-uCJ@7&OGB}d-
zwV33QzHi0D2B6;y#>5$W2~|p;Goeb0(=K)Y1K-*fXC;Am+O!T}-w&Gl=uI`tm^j-<
zS~Q8tp<w~LO@GeAL-w^7aykB;vsqeI-+1aHbJR!JOXb!!y_N5zPJOF?&NMjqdB28Q
z7loe`=JS~v6A`05BntganVzt-WG7u+J<m{!ii0=DRb24FYtgH3@>?hajwG6d>I&J+
zbjG;^TbbdSBvda3VMGfJxy`>K#3&LQ2-tH8%VF;Ukx%*otEsG{=>UtPQ~q^z?$c|?
zCyjYJ<FOLHu%z3?)72!8iG3g!pv;tsvEa{RncDQ^K<q3gbf`glV6*!%{mTr5Io@jF
z&||s(v~2_7u(%NATl4Fb^E2=X1jmA%)Yu~>f{2M|PO2#msGz*gRYN`Dj=-j>`~g}h
zyilpMK~=kNYIfxZ>E}ojfun0(!g)=<<(EelZx`XK>@f#!fCCp9K!F|A_=C8BaaW*b
zdFprt27W7VOo`NWMnSWXVDcs>j&jIh>tf6$&ge6yEbyYP8zM=Oc8J4i;%f0)!mIEP
zsp0Lj;t0`z#;sElYdc*M?!jez6pr>dqldW5jDpD3kUZY)dr)dBykdsv>Be6i)_4|2
z?XA+cUu#tN)b{#L!m}TwXvd!36VkM{<=G-*pDPJZFMae}JTq{4w-;Xz)@N@cC}^^2
z)S#S6hTspxy?(~<wez0Uc73_Re<7~Nj)Lmy*)<VN7j^wZ>F=%wk1&B`dZGcBxvl+|
zDN@4Mh6LBzlNVu#5MzZ(`~IB~)B#{=#MxQk?BwLS#Alz{lkJ1Q=-m#_xb?&V%7GDe
zlrl<tEDN`Y<r%+iHKcz_U&15#%YS7biT~d9A&w%?&N9$i>*$X}rC5z7a#@4vg1@6_
zMW}AjU&f1vL=o&+KDT*x?OL3X!$5T$c%WaJ&j?r=on&IUnbXR*B-E>^c&kZs;{WR(
zLZBj`xwPrm>xr&*ocf|31Nyi14<2Jo=l<8iwSE6Zjr2%xB*xXGTRle<-9=s2ce=^;
zIe+5)jnB9*&VLyTMIv?9vAv)9UR-RNe8O3L3%OjPsddS2Q><f#+vL9rjgR}&a;`Ex
zS~lFE+=rFPvD}6kJ#gFfdLH9u8MNHJ4P@_Me(wkTa!=`P{_lKCdFc+nsT0{`9K3=q
zKcD9;7hAz9`a25ncI>bHt(XzQ7-vlCTU<*-I$d3=N{A&ZL}o#)Drs)y+w$e$2=~`J
zIpVua!LmKNCDj#X$3&GBm>l0N3@d{D;E8FRa$%ds)PZS8%zime;Sa6UhXp>4!aR6t
z;@$N)soRitfF{LppuT^6_j;CUN$C7cL&yK9tOtwm$*4k+gg`ddr^gR#JPE@uej^i%
z&4W^sYaMGm&?&$EQcI+W(tjdt&l1aidjxUsm)6$2!zr2|LrlFxc|Ysl^Zu88g7{#_
z*|;MT-SRP0fiJ#scHFWmgYzIIH4K9O&Ow%3Ym!diqVXne9{qRmpk}bHiJ7+MHv0Nk
zpm1Fy1}{=DY*|$$F)#-gC+cV0|6kF}KA4FMFg^EP8(E(^jhycL+4CpNZ^<-jkBX(p
z8QUpY$?i{$Iy&hWhcy1>))0;R;5{Efke>7bdB<?*%r-F@R^KqLa_ujBo_XuZ)Iy$#
zRY{t9n`!qSTRJ_kNKD1HRnRvdm-rhX9j>w}-?7BlaWc7_9veu9+35aT4fJgvveL(D
znAjWu4n+wn1rQ19`a1(|LAQ*vq`99}DHqV`TrJh^49e|W!)Yfrn*Rw6!h260@T={7
z_9i#SZXpC20QOmO)#uACa~Y0(HJYl~@^<Cf9nB15@@Pnr&!M>!2Peb6e+qp5*;B`#
z&!r%;LwrvS<##a<tMh#rDd&b8iV*LtSX>@<@Q>GWZ&IO-0QV_h@WI(&hrX)M0lCa<
vDxX|%Hv0Lx+x_rt)uR7z(`k@JAVAb@7*+*1w2sLYbQiQA=-sclXC3)}AXr+G

literal 0
HcmV?d00001

diff --git a/docs/installation/images/linux_docker_host.svg b/docs/installation/images/linux_docker_host.svg
new file mode 100644
index 00000000..0ad7240b
--- /dev/null
+++ b/docs/installation/images/linux_docker_host.svg
@@ -0,0 +1,1195 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   width="88.900002mm"
+   height="112.88889mm"
+   viewBox="0 0 315.00001 399.99999"
+   id="svg2"
+   version="1.1"
+   inkscape:version="0.91 r13725"
+   sodipodi:docname="linux_docker_host.svg">
+  <defs
+     id="defs4">
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="marker8148"
+       style="overflow:visible;"
+       inkscape:isstock="true">
+      <path
+         id="path8150"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round;stroke:#000000;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="scale(1.1) rotate(180) translate(1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="marker6352"
+       style="overflow:visible;"
+       inkscape:isstock="true">
+      <path
+         id="path6354"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round;stroke:#000000;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="scale(1.1) rotate(180) translate(1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="marker6148"
+       style="overflow:visible;"
+       inkscape:isstock="true"
+       inkscape:collect="always">
+      <path
+         id="path6150"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round;stroke:#000000;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="scale(1.1) rotate(180) translate(1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="marker5920"
+       style="overflow:visible;"
+       inkscape:isstock="true">
+      <path
+         id="path5922"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round;stroke:#000000;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="scale(1.1) rotate(180) translate(1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="marker5886"
+       style="overflow:visible;"
+       inkscape:isstock="true">
+      <path
+         id="path5888"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round;stroke:#000000;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="scale(1.1) rotate(180) translate(1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="Arrow2Lend"
+       style="overflow:visible;"
+       inkscape:isstock="true">
+      <path
+         id="path5368"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round;stroke:#000000;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="scale(1.1) rotate(180) translate(1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow1Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="Arrow1Lend"
+       style="overflow:visible;"
+       inkscape:isstock="true">
+      <path
+         id="path5350"
+         d="M 0.0,0.0 L 5.0,-5.0 L -12.5,0.0 L 5.0,5.0 L 0.0,0.0 z "
+         style="fill-rule:evenodd;stroke:#000000;stroke-width:1pt;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         transform="scale(0.8) rotate(180) translate(12.5,0)" />
+    </marker>
+  </defs>
+  <sodipodi:namedview
+     id="base"
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:pageopacity="0.0"
+     inkscape:pageshadow="2"
+     inkscape:zoom="3.6433246"
+     inkscape:cx="149.73978"
+     inkscape:cy="116.33414"
+     inkscape:document-units="px"
+     inkscape:current-layer="layer2"
+     showgrid="false"
+     fit-margin-top="0"
+     fit-margin-left="0"
+     fit-margin-right="0"
+     fit-margin-bottom="0"
+     inkscape:window-width="1681"
+     inkscape:window-height="1010"
+     inkscape:window-x="4"
+     inkscape:window-y="0"
+     inkscape:window-maximized="0" />
+  <metadata
+     id="metadata7">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+        <dc:title></dc:title>
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     inkscape:groupmode="layer"
+     id="layer2"
+     inkscape:label="host"
+     style="display:inline">
+    <rect
+       style="opacity:1;fill:#ade5f9;fill-opacity:1;stroke:#005976;stroke-width:2.99999976;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       id="rect4394"
+       width="311.17267"
+       height="375.20316"
+       x="2.2081146"
+       y="23.182617"
+       rx="0"
+       ry="0" />
+    <rect
+       style="opacity:1;fill:#fcfcfc;fill-opacity:1;stroke:#005976;stroke-width:3;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       id="rect4345"
+       width="174.98102"
+       height="39.064903"
+       x="13.741047"
+       y="5.175612"
+       ry="10.101524"
+       rx="10.101525" />
+    <g
+       transform="matrix(0.62086873,0,0,0.60736447,-96.218033,-10.961139)"
+       style="font-style:normal;font-weight:normal;font-size:40px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       id="flowRoot4337">
+      <path
+         d="m 187.88477,72.829407 0,-30.3125 7.1875,0 q 4.96093,0 7.36328,1.738282 2.42187,1.71875 3.63281,5.214843 1.21094,3.496094 1.21094,8.28125 0,4.53125 -1.28907,7.96875 -1.26953,3.417969 -3.61328,5.273438 -2.34375,1.835937 -7.30468,1.835937 l -7.1875,0 z m 3.94531,-3.339843 2.63672,0 q 4.0039,0 5.70312,-1.425782 1.71875,-1.425781 2.44141,-3.945312 0.74219,-2.539063 0.74219,-6.992188 0,-4.355468 -0.85938,-6.699218 -0.85937,-2.34375 -2.46094,-3.59375 -1.60156,-1.269532 -5.2539,-1.269532 l -2.94922,0 0,23.925782 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path10650" />
+      <path
+         d="m 220.91211,73.747376 q -5.15625,0 -7.89063,-4.335937 -2.71484,-4.355469 -2.71484,-11.738282 0,-7.363281 2.71484,-11.699218 2.73438,-4.355469 7.89063,-4.355469 5.17578,0 7.89062,4.355469 2.71485,4.335937 2.71485,11.699218 0,7.382813 -2.71485,11.738282 -2.71484,4.335937 -7.89062,4.335937 z m 0,-3.046875 q 2.85156,0 4.74609,-3.222656 1.91407,-3.242188 1.91407,-9.804688 0,-6.5625 -1.91407,-9.785156 -1.89453,-3.242187 -4.74609,-3.242187 -2.85156,0 -4.76563,3.242187 -1.89453,3.222656 -1.89453,9.785156 0,6.5625 1.89453,9.804688 1.91407,3.222656 4.76563,3.222656 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path10652" />
+      <path
+         d="m 254.23242,72.477845 q -3.39844,1.269531 -6.09375,1.269531 -3.55469,0 -6.54297,-1.894531 -2.98828,-1.914063 -4.64843,-5.664063 -1.66016,-3.769531 -1.66016,-8.515625 0,-4.707031 1.64062,-8.457031 1.64063,-3.75 4.62891,-5.683594 2.98828,-1.933593 6.58203,-1.933593 2.69531,0 6.09375,1.269531 l 0,3.59375 q -3.14453,-1.816406 -6.25,-1.816406 -2.34375,0 -4.29687,1.601562 -1.9336,1.601563 -3.125,4.707031 -1.19141,3.085938 -1.19141,6.71875 0,3.691407 1.23047,6.816407 1.23047,3.125 3.14453,4.6875 1.91406,1.542968 4.23828,1.542968 3.08594,0 6.25,-1.816406 l 0,3.574219 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path10654" />
+      <path
+         d="m 260.0332,72.829407 0,-30.3125 3.94532,0 0,14.863282 11.26953,-14.863282 4.17968,0 -10.8789,14.394532 12.40234,15.917968 -4.9414,0 -12.03125,-15.449218 0,15.449218 -3.94532,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path10656" />
+      <path
+         d="m 301.2832,69.489564 0,3.339843 -16.36718,0 0,-30.3125 16.05468,0 0,3.046875 -12.10937,0 0,10.292969 10.89844,0 0,3.027344 -10.89844,0 0,10.605469 12.42187,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path10658" />
+      <path
+         d="m 311.86914,59.958314 0,12.871093 -3.94531,0 0,-30.3125 8.10547,0 q 3.96484,0 5.83984,0.820313 1.875,0.800781 2.89063,2.441406 1.03515,1.640625 1.03515,3.535156 0,1.757813 -0.68359,3.535157 -0.6836,1.777343 -1.89453,3.183593 -1.19141,1.386719 -3.45703,2.636719 l 8.76953,14.160156 -4.6875,0 -8.02735,-12.871093 -3.94531,0 z m 0,-3.046875 5.52734,0 q 1.85547,-1.015625 2.75391,-2.070313 0.91797,-1.054687 1.38672,-2.246094 0.46875,-1.191406 0.46875,-2.382812 0,-2.128906 -1.5625,-3.378906 -1.54297,-1.269532 -5.625,-1.269532 l -2.94922,0 0,11.347657 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path10660" />
+      <path
+         d="m 330.38477,75.856751 0,-3.027344 21.21093,0 0,3.027344 -21.21093,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path10662" />
+      <path
+         d="m 355.52148,72.829407 0,-30.3125 3.94532,0 0,13.046875 11.21093,0 0,-13.046875 3.92579,0 0,30.3125 -3.92579,0 0,-14.238281 -11.21093,0 0,14.238281 -3.94532,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path10664" />
+      <path
+         d="m 389.03711,73.747376 q -5.15625,0 -7.89063,-4.335937 -2.71484,-4.355469 -2.71484,-11.738282 0,-7.363281 2.71484,-11.699218 2.73438,-4.355469 7.89063,-4.355469 5.17578,0 7.89062,4.355469 2.71485,4.335937 2.71485,11.699218 0,7.382813 -2.71485,11.738282 -2.71484,4.335937 -7.89062,4.335937 z m 0,-3.046875 q 2.85156,0 4.74609,-3.222656 1.91407,-3.242188 1.91407,-9.804688 0,-6.5625 -1.91407,-9.785156 -1.89453,-3.242187 -4.74609,-3.242187 -2.85156,0 -4.76563,3.242187 -1.89453,3.222656 -1.89453,9.785156 0,6.5625 1.89453,9.804688 1.91407,3.222656 4.76563,3.222656 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path10666" />
+      <path
+         d="m 404.17383,72.184876 0,-3.710937 q 4.6875,2.226562 8.51562,2.226562 1.60157,0 3.06641,-0.605469 1.46484,-0.625 2.20703,-1.777343 0.76172,-1.152344 0.76172,-2.5 0,-1.582032 -1.03516,-2.949219 -1.03515,-1.386719 -3.88672,-3.046875 l -1.99218,-1.152344 -2.01172,-1.152344 q -5.3125,-3.144531 -5.3125,-7.8125 0,-3.417968 2.36328,-5.742187 2.38281,-2.34375 7.42187,-2.34375 3.24219,0 6.26954,0.9375 l 0,3.378906 q -3.33985,-1.289062 -6.50391,-1.289062 -2.51953,0 -4.08203,1.328125 -1.54297,1.328125 -1.54297,3.203125 0,1.855468 1.19141,3.085937 1.1914,1.230469 3.04687,2.265625 l 1.52344,0.917969 1.89453,1.152344 1.60156,0.9375 q 4.98047,3.046875 4.98047,7.65625 0,3.515625 -2.55859,6.035156 -2.5586,2.519531 -8.20313,2.519531 -1.79687,0 -3.4375,-0.3125 -1.62109,-0.292969 -4.27734,-1.25 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path10668" />
+      <path
+         d="m 435.11133,72.829407 0,-26.972656 -9.08203,0 0,-3.339844 22.1289,0 0,3.339844 -9.10156,0 0,26.972656 -3.94531,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+         id="path10670" />
+    </g>
+    <g
+       transform="matrix(0.62086873,0,0,0.60736447,121.72855,-246.05559)"
+       id="g10196" />
+    <g
+       id="g10214"
+       transform="translate(6.1871843,-28.279642)">
+      <rect
+         rx="16.812302"
+         ry="16.631735"
+         y="460.20282"
+         x="177.63893"
+         height="64.318726"
+         width="109.2876"
+         id="rect10198"
+         style="display:inline;opacity:1;fill:#394d54;fill-opacity:1;stroke:#005976;stroke-width:4.88536119;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         transform="matrix(0.62086873,0,0,0.60736447,121.72855,-246.05559)" />
+      <g
+         transform="matrix(0.62086873,0,0,0.60736447,119.85325,15.833152)"
+         style="font-style:normal;font-weight:normal;font-size:40px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#dbdde0;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+         id="flowRoot6134">
+        <path
+           d="m 187.97742,46.673398 0,28.56 18.92,0 0,-3.2 -15.12,0 0,-25.36 -3.8,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path10673" />
+        <path
+           d="m 213.28305,50.833398 0,-4.16 -3.4,0 0,4.16 3.4,0 z m -3.4,3.72 0,20.68 3.4,0 0,-20.68 -3.4,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path10675" />
+        <path
+           d="m 218.5893,54.553398 0,20.68 3.4,0 0,-11.68 q 0,-1.4 0.36,-2.56 0.4,-1.2 1.16,-2.08 0.76,-0.88 1.88,-1.36 1.16,-0.48 2.72,-0.48 1.96,0 3.08,1.12 1.12,1.12 1.12,3.04 l 0,14 3.4,0 0,-13.6 q 0,-1.68 -0.36,-3.04 -0.32,-1.4 -1.16,-2.4 -0.84,-1 -2.2,-1.56 -1.36,-0.56 -3.4,-0.56 -4.6,0 -6.72,3.76 l -0.08,0 0,-3.28 -3.2,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path10677" />
+        <path
+           d="m 257.97492,75.233398 0,-20.68 -3.4,0 0,11.68 q 0,1.4 -0.4,2.6 -0.36,1.16 -1.12,2.04 -0.76,0.88 -1.92,1.36 -1.12,0.48 -2.68,0.48 -1.96,0 -3.08,-1.12 -1.12,-1.12 -1.12,-3.04 l 0,-14 -3.4,0 0,13.6 q 0,1.68 0.32,3.08 0.36,1.36 1.2,2.36 0.84,1 2.2,1.56 1.36,0.52 3.4,0.52 2.28,0 3.96,-0.88 1.68,-0.92 2.76,-2.84 l 0.08,0 0,3.28 3.2,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path10679" />
+        <path
+           d="m 268.68055,64.353398 -7.76,10.88 4.12,0 5.76,-8.56 5.76,8.56 4.36,0 -8,-11.16 7.12,-9.52 -4.08,0 -5.16,7.24 -4.96,-7.24 -4.36,0 7.2,9.8 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path10681" />
+      </g>
+    </g>
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#marker8148)"
+       d="m 114,182 c 47.31731,29.66731 16.44337,34.29153 9,39.75"
+       id="path8146"
+       inkscape:connector-curvature="0"
+       sodipodi:nodetypes="cc" />
+  </g>
+  <g
+     inkscape:groupmode="layer"
+     id="layer4"
+     inkscape:label="arrows">
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#marker5920)"
+       d="m 74.649377,83.195617 c -85,41.428573 -36.428572,63.571433 -36.428572,63.571433 l 2.232143,1.69643"
+       id="path5884"
+       inkscape:connector-curvature="0"
+       sodipodi:nodetypes="ccc" />
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#marker6352)"
+       d="m 197.16754,166.6243 c 86.65404,5.17688 43.37399,40.92551 30.2397,55.44599"
+       id="path6142"
+       inkscape:connector-curvature="0"
+       sodipodi:nodetypes="cc" />
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#marker6148)"
+       d="M 113.32488,182.78675 C -29.730983,213.05834 45.251032,291.85445 69.362222,303.91005"
+       inkscape:connector-curvature="0"
+       sodipodi:nodetypes="cc" />
+  </g>
+  <g
+     inkscape:label="default"
+     inkscape:groupmode="layer"
+     id="layer1"
+     transform="translate(-73.928551,-292.36218)">
+    <flowRoot
+       xml:space="preserve"
+       id="flowRoot4362"
+       style="fill:black;stroke:none;stroke-opacity:1;stroke-width:1px;stroke-linejoin:miter;stroke-linecap:butt;fill-opacity:1;font-family:sans-serif;font-style:normal;font-weight:normal;font-size:40px;line-height:125%;letter-spacing:0px;word-spacing:0px"><flowRegion
+         id="flowRegion4364"><rect
+           id="rect4366"
+           width="95.964493"
+           height="43.436558"
+           x="171.72594"
+           y="102.005" /></flowRegion><flowPara
+         id="flowPara4368"></flowPara></flowRoot>    <rect
+       style="opacity:1;fill:#f2f2f2;fill-opacity:1;stroke:#005976;stroke-width:3;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       id="rect4461"
+       width="151.48232"
+       height="31.31473"
+       x="114.04051"
+       y="364.15875" />
+    <g
+       transform="matrix(1.1029002,0,0,1.1071429,-73.180491,327.75181)"
+       style="font-style:normal;font-weight:normal;font-size:40px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       id="flowRoot4354">
+      <path
+         d="m 187.98859,51.93976 0,-10.026972 2.89587,0 q 1.19455,0 2.00902,0.343886 0.81446,0.325786 1.32124,0.977358 0.52488,0.633473 0.74207,1.556533 0.23529,0.904962 0.23529,2.063312 0,1.194549 -0.25339,2.045213 -0.23529,0.832565 -0.61537,1.393641 -0.38009,0.561076 -0.86876,0.886862 -0.47058,0.325786 -0.95926,0.506778 -0.48868,0.162893 -0.92306,0.217191 -0.43439,0.0362 -0.72397,0.0362 l -2.85968,0 z m -1.71943,-11.47491 0,12.922849 4.43431,0 q 1.61083,0 2.78728,-0.452481 1.17645,-0.452481 1.93662,-1.303144 0.76017,-0.868763 1.12215,-2.11761 0.36199,-1.266946 0.36199,-2.895877 0,-3.113067 -1.61083,-4.633402 -1.61083,-1.520335 -4.59721,-1.520335 l -4.43431,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10625" />
+      <path
+         d="m 199.86394,48.718098 q 0,-0.850664 0.2172,-1.502236 0.23529,-0.669671 0.63347,-1.122152 0.39818,-0.452481 0.92306,-0.687771 0.54298,-0.23529 1.14025,-0.23529 0.59727,0 1.12215,0.23529 0.54298,0.23529 0.94116,0.687771 0.39819,0.452481 0.61538,1.122152 0.23529,0.651572 0.23529,1.502236 0,0.850664 -0.23529,1.520335 -0.21719,0.651572 -0.61538,1.104053 -0.39818,0.434381 -0.94116,0.669671 -0.52488,0.23529 -1.12215,0.23529 -0.59727,0 -1.14025,-0.23529 -0.52488,-0.23529 -0.92306,-0.669671 -0.39818,-0.452481 -0.63347,-1.104053 -0.2172,-0.669671 -0.2172,-1.520335 z m -1.62893,0 q 0,1.031656 0.28959,1.918518 0.28959,0.886862 0.86876,1.556534 0.57918,0.651572 1.42984,1.031656 0.85067,0.361984 1.95472,0.361984 1.12215,0 1.95472,-0.361984 0.85066,-0.380084 1.42984,-1.031656 0.57917,-0.669672 0.86876,-1.556534 0.28959,-0.886862 0.28959,-1.918518 0,-1.031656 -0.28959,-1.918518 -0.28959,-0.904962 -0.86876,-1.556534 -0.57918,-0.669671 -1.42984,-1.049755 -0.83257,-0.380084 -1.95472,-0.380084 -1.10405,0 -1.95472,0.380084 -0.85066,0.380084 -1.42984,1.049755 -0.57917,0.651572 -0.86876,1.556534 -0.28959,0.886862 -0.28959,1.918518 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10627" />
+      <path
+         d="m 215.45219,47.03487 1.59273,0 q -0.0905,-0.832565 -0.43438,-1.429839 -0.34389,-0.615374 -0.88686,-1.013557 -0.52488,-0.398183 -1.23075,-0.579175 -0.68777,-0.199092 -1.48414,-0.199092 -1.10405,0 -1.93662,0.398183 -0.83256,0.380084 -1.39364,1.067855 -0.54297,0.669671 -0.81446,1.592732 -0.27149,0.904961 -0.27149,1.954716 0,1.049756 0.27149,1.936618 0.28959,0.868763 0.83256,1.502236 0.56108,0.633473 1.37554,0.977358 0.83257,0.343885 1.90042,0.343885 1.79183,0 2.82348,-0.94116 1.04976,-0.941159 1.30315,-2.678685 l -1.57464,0 q -0.14479,1.085953 -0.79636,1.683228 -0.63347,0.597274 -1.77373,0.597274 -0.72397,0 -1.24884,-0.289587 -0.52488,-0.289588 -0.85067,-0.760168 -0.32578,-0.488679 -0.48868,-1.104053 -0.14479,-0.615374 -0.14479,-1.266946 0,-0.70587 0.14479,-1.357442 0.1448,-0.669671 0.47058,-1.17645 0.34389,-0.506778 0.90497,-0.814465 0.56107,-0.307687 1.39364,-0.307687 0.97735,0 1.55653,0.488679 0.57917,0.48868 0.76017,1.375542 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10629" />
+      <path
+         d="m 218.91112,40.46485 0,12.922849 1.53843,0 0,-3.547449 1.44794,-1.339343 3.20357,4.886792 1.95471,0 -3.98183,-5.954646 3.71034,-3.402655 -2.06331,0 -4.27142,4.090425 0,-7.655973 -1.53843,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10631" />
+      <path
+         d="m 234.72136,47.813137 -5.37547,0 q 0.0362,-0.542977 0.23529,-1.013557 0.19909,-0.488679 0.54298,-0.850664 0.34388,-0.361985 0.81446,-0.561076 0.48868,-0.217191 1.08596,-0.217191 0.57917,0 1.04975,0.217191 0.48868,0.199091 0.83257,0.561076 0.36198,0.343885 0.56107,0.832565 0.21719,0.488679 0.25339,1.031656 z m 1.48414,2.606288 -1.52034,0 q -0.19909,0.923061 -0.83256,1.375542 -0.61538,0.45248 -1.59273,0.45248 -0.76017,0 -1.32125,-0.253389 -0.56107,-0.253389 -0.92306,-0.669671 -0.36198,-0.434382 -0.52488,-0.977359 -0.16289,-0.561076 -0.14479,-1.176449 l 7.0044,0 q 0.0362,-0.850664 -0.16289,-1.791824 -0.18099,-0.94116 -0.68777,-1.737526 -0.48868,-0.796366 -1.32125,-1.303144 -0.81446,-0.524878 -2.06331,-0.524878 -0.95926,0 -1.77372,0.361985 -0.79637,0.361984 -1.39364,1.013556 -0.57918,0.651573 -0.90496,1.538435 -0.32579,0.886862 -0.32579,1.954716 0.0362,1.067855 0.30769,1.972816 0.28958,0.904962 0.85066,1.556534 0.56108,0.651572 1.37554,1.013557 0.83257,0.361984 1.95472,0.361984 1.59273,0 2.64249,-0.796366 1.04975,-0.796366 1.35744,-2.370999 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10633" />
+      <path
+         d="m 237.8907,44.030398 0,9.357301 1.53844,0 0,-4.162823 q 0,-0.904961 0.18099,-1.592732 0.18099,-0.70587 0.57918,-1.194549 0.39818,-0.488679 1.04975,-0.742068 0.65157,-0.253389 1.57463,-0.253389 l 0,-1.628931 q -1.24884,-0.0362 -2.06331,0.506779 -0.81446,0.542976 -1.37554,1.683228 l -0.0362,0 0,-1.972816 -1.44794,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10635" />
+      <path
+         d="m 255.3624,47.03487 1.59273,0 q -0.0905,-0.832565 -0.43438,-1.429839 -0.34389,-0.615374 -0.88686,-1.013557 -0.52488,-0.398183 -1.23075,-0.579175 -0.68777,-0.199092 -1.48414,-0.199092 -1.10405,0 -1.93661,0.398183 -0.83257,0.380084 -1.39364,1.067855 -0.54298,0.669671 -0.81447,1.592732 -0.27149,0.904961 -0.27149,1.954716 0,1.049756 0.27149,1.936618 0.28959,0.868763 0.83256,1.502236 0.56108,0.633473 1.37555,0.977358 0.83256,0.343885 1.90041,0.343885 1.79183,0 2.82348,-0.94116 1.04976,-0.941159 1.30315,-2.678685 l -1.57463,0 q -0.1448,1.085953 -0.79637,1.683228 -0.63347,0.597274 -1.77372,0.597274 -0.72397,0 -1.24885,-0.289587 -0.52488,-0.289588 -0.85067,-0.760168 -0.32578,-0.488679 -0.48867,-1.104053 -0.1448,-0.615374 -0.1448,-1.266946 0,-0.70587 0.1448,-1.357442 0.14479,-0.669671 0.47058,-1.17645 0.34388,-0.506778 0.90496,-0.814465 0.56107,-0.307687 1.39364,-0.307687 0.97736,0 1.55653,0.488679 0.57918,0.48868 0.76017,1.375542 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10637" />
+      <path
+         d="m 258.82133,40.46485 0,12.922849 1.53844,0 0,-12.922849 -1.53844,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10639" />
+      <path
+         d="m 264.38967,42.34717 0,-1.88232 -1.53844,0 0,1.88232 1.53844,0 z m -1.53844,1.683228 0,9.357301 1.53844,0 0,-9.357301 -1.53844,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10641" />
+      <path
+         d="m 273.28827,47.813137 -5.37547,0 q 0.0362,-0.542977 0.23529,-1.013557 0.19909,-0.488679 0.54297,-0.850664 0.34389,-0.361985 0.81447,-0.561076 0.48868,-0.217191 1.08595,-0.217191 0.57918,0 1.04976,0.217191 0.48868,0.199091 0.83256,0.561076 0.36199,0.343885 0.56108,0.832565 0.21719,0.488679 0.25339,1.031656 z m 1.48413,2.606288 -1.52033,0 q -0.19909,0.923061 -0.83257,1.375542 -0.61537,0.45248 -1.59273,0.45248 -0.76017,0 -1.32124,-0.253389 -0.56108,-0.253389 -0.92306,-0.669671 -0.36199,-0.434382 -0.52488,-0.977359 -0.16289,-0.561076 -0.14479,-1.176449 l 7.0044,0 q 0.0362,-0.850664 -0.1629,-1.791824 -0.18099,-0.94116 -0.68777,-1.737526 -0.48868,-0.796366 -1.32124,-1.303144 -0.81446,-0.524878 -2.06331,-0.524878 -0.95926,0 -1.77373,0.361985 -0.79636,0.361984 -1.39364,1.013556 -0.57917,0.651573 -0.90496,1.538435 -0.32578,0.886862 -0.32578,1.954716 0.0362,1.067855 0.30768,1.972816 0.28959,0.904962 0.85067,1.556534 0.56107,0.651572 1.37554,1.013557 0.83256,0.361984 1.95471,0.361984 1.59274,0 2.64249,-0.796366 1.04976,-0.796366 1.35744,-2.370999 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10643" />
+      <path
+         d="m 276.51191,44.030398 0,9.357301 1.53844,0 0,-5.284975 q 0,-0.633473 0.16289,-1.15835 0.18099,-0.542977 0.52488,-0.94116 0.34388,-0.398183 0.85066,-0.615374 0.52488,-0.217191 1.23075,-0.217191 0.88686,0 1.39364,0.506779 0.50678,0.506778 0.50678,1.375541 l 0,6.33473 1.53843,0 0,-6.153738 q 0,-0.760167 -0.16289,-1.375541 -0.1448,-0.633473 -0.52488,-1.085954 -0.38008,-0.45248 -0.99546,-0.70587 -0.61537,-0.253389 -1.53843,-0.253389 -2.08141,0 -3.04067,1.701328 l -0.0362,0 0,-1.484137 -1.44794,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10645" />
+      <path
+         d="m 288.72239,44.030398 0,-2.80538 -1.53844,0 0,2.80538 -1.59273,0 0,1.357442 1.59273,0 0,5.954646 q 0,0.651572 0.1267,1.049755 0.12669,0.398183 0.38008,0.615374 0.27149,0.217191 0.68777,0.307687 0.43439,0.0724 1.03166,0.0724 l 1.17645,0 0,-1.357442 -0.70587,0 q -0.36199,0 -0.59727,-0.0181 -0.2172,-0.0362 -0.34389,-0.126694 -0.12669,-0.0905 -0.18099,-0.253389 -0.0362,-0.162893 -0.0362,-0.434382 l 0,-5.809852 1.86422,0 0,-1.357442 -1.86422,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10647" />
+    </g>
+    <rect
+       y="442.16461"
+       x="116.18336"
+       height="31.31473"
+       width="151.48232"
+       id="rect4484"
+       style="opacity:1;fill:#f2f2f2;fill-opacity:1;stroke:#005976;stroke-width:3;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+    <g
+       transform="matrix(1.1029002,0,0,1.1071429,-83.240434,405.75765)"
+       style="font-style:normal;font-weight:normal;font-size:40px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       id="flowRoot4486">
+      <path
+         d="m 187.98859,51.93976 0,-10.026972 2.89587,0 q 1.19455,0 2.00902,0.343886 0.81446,0.325786 1.32124,0.977358 0.52488,0.633473 0.74207,1.556533 0.23529,0.904962 0.23529,2.063312 0,1.194549 -0.25339,2.045213 -0.23529,0.832565 -0.61537,1.393641 -0.38009,0.561076 -0.86876,0.886862 -0.47058,0.325786 -0.95926,0.506778 -0.48868,0.162893 -0.92306,0.217191 -0.43439,0.0362 -0.72397,0.0362 l -2.85968,0 z m -1.71943,-11.47491 0,12.922849 4.43431,0 q 1.61083,0 2.78728,-0.452481 1.17645,-0.452481 1.93662,-1.303144 0.76017,-0.868763 1.12215,-2.11761 0.36199,-1.266946 0.36199,-2.895877 0,-3.113067 -1.61083,-4.633402 -1.61083,-1.520335 -4.59721,-1.520335 l -4.43431,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10600" />
+      <path
+         d="m 199.86394,48.718098 q 0,-0.850664 0.2172,-1.502236 0.23529,-0.669671 0.63347,-1.122152 0.39818,-0.452481 0.92306,-0.687771 0.54298,-0.23529 1.14025,-0.23529 0.59727,0 1.12215,0.23529 0.54298,0.23529 0.94116,0.687771 0.39819,0.452481 0.61538,1.122152 0.23529,0.651572 0.23529,1.502236 0,0.850664 -0.23529,1.520335 -0.21719,0.651572 -0.61538,1.104053 -0.39818,0.434381 -0.94116,0.669671 -0.52488,0.23529 -1.12215,0.23529 -0.59727,0 -1.14025,-0.23529 -0.52488,-0.23529 -0.92306,-0.669671 -0.39818,-0.452481 -0.63347,-1.104053 -0.2172,-0.669671 -0.2172,-1.520335 z m -1.62893,0 q 0,1.031656 0.28959,1.918518 0.28959,0.886862 0.86876,1.556534 0.57918,0.651572 1.42984,1.031656 0.85067,0.361984 1.95472,0.361984 1.12215,0 1.95472,-0.361984 0.85066,-0.380084 1.42984,-1.031656 0.57917,-0.669672 0.86876,-1.556534 0.28959,-0.886862 0.28959,-1.918518 0,-1.031656 -0.28959,-1.918518 -0.28959,-0.904962 -0.86876,-1.556534 -0.57918,-0.669671 -1.42984,-1.049755 -0.83257,-0.380084 -1.95472,-0.380084 -1.10405,0 -1.95472,0.380084 -0.85066,0.380084 -1.42984,1.049755 -0.57917,0.651572 -0.86876,1.556534 -0.28959,0.886862 -0.28959,1.918518 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10602" />
+      <path
+         d="m 215.45219,47.03487 1.59273,0 q -0.0905,-0.832565 -0.43438,-1.429839 -0.34389,-0.615374 -0.88686,-1.013557 -0.52488,-0.398183 -1.23075,-0.579175 -0.68777,-0.199092 -1.48414,-0.199092 -1.10405,0 -1.93662,0.398183 -0.83256,0.380084 -1.39364,1.067855 -0.54297,0.669671 -0.81446,1.592732 -0.27149,0.904961 -0.27149,1.954716 0,1.049756 0.27149,1.936618 0.28959,0.868763 0.83256,1.502236 0.56108,0.633473 1.37554,0.977358 0.83257,0.343885 1.90042,0.343885 1.79183,0 2.82348,-0.94116 1.04976,-0.941159 1.30315,-2.678685 l -1.57464,0 q -0.14479,1.085953 -0.79636,1.683228 -0.63347,0.597274 -1.77373,0.597274 -0.72397,0 -1.24884,-0.289587 -0.52488,-0.289588 -0.85067,-0.760168 -0.32578,-0.488679 -0.48868,-1.104053 -0.14479,-0.615374 -0.14479,-1.266946 0,-0.70587 0.14479,-1.357442 0.1448,-0.669671 0.47058,-1.17645 0.34389,-0.506778 0.90497,-0.814465 0.56107,-0.307687 1.39364,-0.307687 0.97735,0 1.55653,0.488679 0.57917,0.48868 0.76017,1.375542 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10604" />
+      <path
+         d="m 218.91112,40.46485 0,12.922849 1.53843,0 0,-3.547449 1.44794,-1.339343 3.20357,4.886792 1.95471,0 -3.98183,-5.954646 3.71034,-3.402655 -2.06331,0 -4.27142,4.090425 0,-7.655973 -1.53843,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10606" />
+      <path
+         d="m 234.72136,47.813137 -5.37547,0 q 0.0362,-0.542977 0.23529,-1.013557 0.19909,-0.488679 0.54298,-0.850664 0.34388,-0.361985 0.81446,-0.561076 0.48868,-0.217191 1.08596,-0.217191 0.57917,0 1.04975,0.217191 0.48868,0.199091 0.83257,0.561076 0.36198,0.343885 0.56107,0.832565 0.21719,0.488679 0.25339,1.031656 z m 1.48414,2.606288 -1.52034,0 q -0.19909,0.923061 -0.83256,1.375542 -0.61538,0.45248 -1.59273,0.45248 -0.76017,0 -1.32125,-0.253389 -0.56107,-0.253389 -0.92306,-0.669671 -0.36198,-0.434382 -0.52488,-0.977359 -0.16289,-0.561076 -0.14479,-1.176449 l 7.0044,0 q 0.0362,-0.850664 -0.16289,-1.791824 -0.18099,-0.94116 -0.68777,-1.737526 -0.48868,-0.796366 -1.32125,-1.303144 -0.81446,-0.524878 -2.06331,-0.524878 -0.95926,0 -1.77372,0.361985 -0.79637,0.361984 -1.39364,1.013556 -0.57918,0.651573 -0.90496,1.538435 -0.32579,0.886862 -0.32579,1.954716 0.0362,1.067855 0.30769,1.972816 0.28958,0.904962 0.85066,1.556534 0.56108,0.651572 1.37554,1.013557 0.83257,0.361984 1.95472,0.361984 1.59273,0 2.64249,-0.796366 1.04975,-0.796366 1.35744,-2.370999 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10608" />
+      <path
+         d="m 237.8907,44.030398 0,9.357301 1.53844,0 0,-4.162823 q 0,-0.904961 0.18099,-1.592732 0.18099,-0.70587 0.57918,-1.194549 0.39818,-0.488679 1.04975,-0.742068 0.65157,-0.253389 1.57463,-0.253389 l 0,-1.628931 q -1.24884,-0.0362 -2.06331,0.506779 -0.81446,0.542976 -1.37554,1.683228 l -0.0362,0 0,-1.972816 -1.44794,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10610" />
+      <path
+         d="m 250.13172,48.790495 q 0,-0.687771 0.1448,-1.339343 0.14479,-0.651572 0.47058,-1.158351 0.32578,-0.506778 0.86876,-0.814465 0.54298,-0.307687 1.32124,-0.307687 0.79637,0 1.35744,0.307687 0.56108,0.289588 0.90497,0.778267 0.36198,0.488679 0.52487,1.140251 0.1629,0.633473 0.1629,1.321244 0,0.651572 -0.1629,1.285045 -0.14479,0.633473 -0.48868,1.140251 -0.34388,0.48868 -0.88686,0.796366 -0.54297,0.307687 -1.32124,0.307687 -0.74207,0 -1.30315,-0.289587 -0.54297,-0.289588 -0.90496,-0.778267 -0.34388,-0.488679 -0.52488,-1.104053 -0.16289,-0.633473 -0.16289,-1.285045 z m 7.23969,4.597204 0,-12.922849 -1.53843,0 0,4.814395 -0.0362,0 q -0.25339,-0.416283 -0.63347,-0.687771 -0.36199,-0.289588 -0.77827,-0.452481 -0.41628,-0.180992 -0.83256,-0.253389 -0.41629,-0.0724 -0.77827,-0.0724 -1.06786,0 -1.88232,0.398183 -0.79637,0.380084 -1.33934,1.049755 -0.52488,0.651573 -0.79637,1.538435 -0.25339,0.886862 -0.25339,1.882319 0,0.995458 0.27149,1.88232 0.27149,0.886862 0.79637,1.556534 0.54297,0.669671 1.33934,1.067854 0.81446,0.398183 1.90042,0.398183 0.97736,0 1.79182,-0.343885 0.81447,-0.343885 1.19455,-1.122152 l 0.0362,0 0,1.266946 1.53843,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10612" />
+      <path
+         d="m 268.01008,53.3515 q -0.39818,0.23529 -1.10405,0.23529 -0.59727,0 -0.95926,-0.325786 -0.34388,-0.343885 -0.34388,-1.104053 -0.63348,0.760168 -1.48414,1.104053 -0.83257,0.325786 -1.80992,0.325786 -0.63348,0 -1.21265,-0.144794 -0.56108,-0.144793 -0.97736,-0.45248 -0.41628,-0.307687 -0.66967,-0.796366 -0.23529,-0.506779 -0.23529,-1.212649 0,-0.796366 0.27149,-1.303144 0.27149,-0.506778 0.70587,-0.814465 0.45248,-0.325786 1.01355,-0.488679 0.57918,-0.162893 1.17645,-0.271489 0.63348,-0.126694 1.19455,-0.180992 0.57918,-0.0724 1.01356,-0.180992 0.43438,-0.126695 0.68777,-0.343886 0.25339,-0.23529 0.25339,-0.669671 0,-0.506779 -0.19909,-0.814465 -0.18099,-0.307687 -0.48868,-0.47058 -0.28959,-0.162893 -0.66967,-0.217191 -0.36199,-0.0543 -0.72397,-0.0543 -0.97736,0 -1.62893,0.380084 -0.65157,0.361985 -0.70587,1.393641 l -1.53844,0 q 0.0362,-0.868763 0.36199,-1.466038 0.32578,-0.597274 0.86876,-0.959259 0.54298,-0.380084 1.23075,-0.542977 0.70587,-0.162893 1.50223,-0.162893 0.63348,0 1.24885,0.0905 0.63347,0.0905 1.14025,0.380084 0.50678,0.271488 0.81447,0.778267 0.30768,0.506778 0.30768,1.321244 l 0,4.814394 q 0,0.542977 0.0543,0.796366 0.0724,0.253389 0.43438,0.253389 0.19909,0 0.47058,-0.0905 l 0,1.194549 z m -2.49769,-4.796295 q -0.28959,0.217191 -0.76017,0.325786 -0.47058,0.0905 -0.99546,0.162893 -0.50677,0.0543 -1.03165,0.144794 -0.52488,0.0724 -0.94116,0.253389 -0.41628,0.180992 -0.68777,0.524878 -0.25339,0.325786 -0.25339,0.904961 0,0.380084 0.14479,0.651572 0.1629,0.253389 0.39819,0.416282 0.25339,0.162894 0.57917,0.23529 0.32579,0.0724 0.68777,0.0724 0.76017,0 1.30315,-0.199091 0.54297,-0.217191 0.88686,-0.524878 0.34388,-0.325786 0.50678,-0.68777 0.16289,-0.380084 0.16289,-0.70587 l 0,-1.574633 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10614" />
+      <path
+         d="m 275.93952,47.813137 -5.37547,0 q 0.0362,-0.542977 0.23529,-1.013557 0.19909,-0.488679 0.54298,-0.850664 0.34388,-0.361985 0.81446,-0.561076 0.48868,-0.217191 1.08595,-0.217191 0.57918,0 1.04976,0.217191 0.48868,0.199091 0.83256,0.561076 0.36199,0.343885 0.56108,0.832565 0.21719,0.488679 0.25339,1.031656 z m 1.48414,2.606288 -1.52034,0 q -0.19909,0.923061 -0.83256,1.375542 -0.61538,0.45248 -1.59274,0.45248 -0.76016,0 -1.32124,-0.253389 -0.56107,-0.253389 -0.92306,-0.669671 -0.36198,-0.434382 -0.52488,-0.977359 -0.16289,-0.561076 -0.14479,-1.176449 l 7.0044,0 q 0.0362,-0.850664 -0.16289,-1.791824 -0.18099,-0.94116 -0.68777,-1.737526 -0.48868,-0.796366 -1.32125,-1.303144 -0.81446,-0.524878 -2.06331,-0.524878 -0.95926,0 -1.77372,0.361985 -0.79637,0.361984 -1.39364,1.013556 -0.57918,0.651573 -0.90497,1.538435 -0.32578,0.886862 -0.32578,1.954716 0.0362,1.067855 0.30769,1.972816 0.28958,0.904962 0.85066,1.556534 0.56108,0.651572 1.37554,1.013557 0.83257,0.361984 1.95472,0.361984 1.59273,0 2.64248,-0.796366 1.04976,-0.796366 1.35745,-2.370999 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10616" />
+      <path
+         d="m 279.16316,44.030398 0,9.357301 1.53844,0 0,-5.827952 q 0,-0.271488 0.12669,-0.669671 0.1448,-0.416282 0.43439,-0.796366 0.30768,-0.380084 0.77826,-0.651572 0.48868,-0.271489 1.15835,-0.271489 0.52488,0 0.85067,0.162893 0.34388,0.144794 0.54297,0.434382 0.19909,0.271488 0.27149,0.651572 0.0905,0.380084 0.0905,0.832564 l 0,6.135639 1.53843,0 0,-5.827952 q 0,-1.085953 0.65157,-1.737526 0.65158,-0.651572 1.79183,-0.651572 0.56107,0 0.90496,0.162893 0.36198,0.162893 0.56108,0.452481 0.19909,0.271488 0.27148,0.651572 0.0724,0.380084 0.0724,0.814465 l 0,6.135639 1.53843,0 0,-6.859608 q 0,-0.723969 -0.23528,-1.230747 -0.2172,-0.524878 -0.63348,-0.850664 -0.39818,-0.325786 -0.97736,-0.47058 -0.56107,-0.162893 -1.26694,-0.162893 -0.92306,0 -1.70133,0.416282 -0.76017,0.416283 -1.23075,1.17645 -0.28958,-0.868763 -0.99545,-1.230747 -0.70587,-0.361985 -1.57464,-0.361985 -1.97281,0 -3.02257,1.592732 l -0.0362,0 0,-1.375541 -1.44794,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10618" />
+      <path
+         d="m 295.73329,48.718098 q 0,-0.850664 0.21719,-1.502236 0.23529,-0.669671 0.63348,-1.122152 0.39818,-0.452481 0.92306,-0.687771 0.54297,-0.23529 1.14025,-0.23529 0.59727,0 1.12215,0.23529 0.54298,0.23529 0.94116,0.687771 0.39818,0.452481 0.61537,1.122152 0.23529,0.651572 0.23529,1.502236 0,0.850664 -0.23529,1.520335 -0.21719,0.651572 -0.61537,1.104053 -0.39818,0.434381 -0.94116,0.669671 -0.52488,0.23529 -1.12215,0.23529 -0.59728,0 -1.14025,-0.23529 -0.52488,-0.23529 -0.92306,-0.669671 -0.39819,-0.452481 -0.63348,-1.104053 -0.21719,-0.669671 -0.21719,-1.520335 z m -1.62893,0 q 0,1.031656 0.28959,1.918518 0.28959,0.886862 0.86876,1.556534 0.57918,0.651572 1.42984,1.031656 0.85066,0.361984 1.95472,0.361984 1.12215,0 1.95471,-0.361984 0.85067,-0.380084 1.42984,-1.031656 0.57918,-0.669672 0.86877,-1.556534 0.28958,-0.886862 0.28958,-1.918518 0,-1.031656 -0.28958,-1.918518 -0.28959,-0.904962 -0.86877,-1.556534 -0.57917,-0.669671 -1.42984,-1.049755 -0.83256,-0.380084 -1.95471,-0.380084 -1.10406,0 -1.95472,0.380084 -0.85066,0.380084 -1.42984,1.049755 -0.57917,0.651572 -0.86876,1.556534 -0.28959,0.886862 -0.28959,1.918518 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10620" />
+      <path
+         d="m 304.96871,44.030398 0,9.357301 1.53843,0 0,-5.284975 q 0,-0.633473 0.16289,-1.15835 0.181,-0.542977 0.52488,-0.94116 0.34389,-0.398183 0.85067,-0.615374 0.52487,-0.217191 1.23074,-0.217191 0.88687,0 1.39364,0.506779 0.50678,0.506778 0.50678,1.375541 l 0,6.33473 1.53844,0 0,-6.153738 q 0,-0.760167 -0.1629,-1.375541 -0.14479,-0.633473 -0.52487,-1.085954 -0.38009,-0.45248 -0.99546,-0.70587 -0.61538,-0.253389 -1.53844,-0.253389 -2.08141,0 -3.04067,1.701328 l -0.0362,0 0,-1.484137 -1.44793,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path10622" />
+    </g>
+    <g
+       id="g4736"
+       transform="translate(862.40058,602.59637)">
+      <g
+         display="none"
+         id="Layer_2"
+         style="display:none">
+        <line
+           id="line4716"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-49.362"
+           x1="-77.349998"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10" />
+        <line
+           id="line4718"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-46.612"
+           x1="-77.349998"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10" />
+        <line
+           id="line4720"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-4.362"
+           x1="-77.349998"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10" />
+        <line
+           id="line4722"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-67.064003"
+           x1="-52.994999"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10" />
+        <line
+           id="line4724"
+           y2="-49.472"
+           x2="-76.915001"
+           y1="-492.659"
+           x1="532.88"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10" />
+        <line
+           id="line4726"
+           y2="-71.179001"
+           x2="-165"
+           y1="-492.659"
+           x1="532.88"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10" />
+        <line
+           id="line4728"
+           y2="-0.271"
+           x2="-77.349998"
+           y1="-492.659"
+           x1="532.88"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10" />
+      </g>
+    </g>
+  </g>
+  <g
+     inkscape:groupmode="layer"
+     id="layer3"
+     inkscape:label="containers">
+    <g
+       id="g5083"
+       transform="matrix(0.76325157,0,0,0.8038217,61.077665,213.23614)">
+      <g
+         id="Isolation_Mode-6">
+        <polygon
+           id="polygon4984"
+           points="122.005,77.57 122.005,22.429 32.038,0.183 0,19.314 0,72.66 92.65,101.222 "
+           style="clip-rule:evenodd;fill:#394d54;fill-rule:evenodd" />
+        <polygon
+           id="polygon4986"
+           points="92.65,94.222 5,67.66 5,23.314 92.65,45.131 "
+           style="clip-rule:evenodd;fill:#a5eaf2;fill-rule:evenodd" />
+        <g
+           id="g4988">
+          <g
+             id="g4990">
+            <polygon
+               id="polygon4992"
+               points="11.364,66.906 11.364,30.067 7.917,29.184 7.917,66.177 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon4994"
+               points="17.598,68.765 17.598,31.68 14.134,30.801 14.134,68.013 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon4996"
+               points="23.831,70.624 23.831,33.292 20.353,32.418 20.353,69.848 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon4998"
+               points="30.063,72.483 30.063,34.905 26.569,34.035 26.569,71.684 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5000"
+               points="36.298,74.341 36.298,36.518 32.789,35.652 32.789,73.519 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5002"
+               points="42.532,76.201 42.532,38.13 39.007,37.27 39.007,75.354 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5004"
+               points="48.765,78.06 48.765,39.743 45.224,38.887 45.224,77.19 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5006"
+               points="54.999,79.919 54.999,41.356 51.442,40.504 51.442,79.025 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5008"
+               points="61.231,81.777 61.231,42.968 57.661,42.122 57.661,80.86 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5010"
+               points="67.466,83.637 67.466,44.581 63.878,43.737 63.878,82.697 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5012"
+               points="73.699,85.496 73.699,46.193 70.097,45.355 70.097,84.532 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5014"
+               points="79.933,87.354 79.933,47.806 76.313,46.973 76.313,86.367 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5016"
+               points="82.532,88.203 86.165,89.213 86.165,49.418 82.532,48.589 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+          </g>
+          <g
+             id="g5018">
+            <polygon
+               id="polygon5020"
+               points="11.364,66.906 11.364,30.067 7.917,29.184 7.917,66.177 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5022"
+               points="17.598,68.765 17.598,31.68 14.134,30.801 14.134,68.013 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5024"
+               points="23.831,70.624 23.831,33.292 20.353,32.418 20.353,69.848 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5026"
+               points="30.063,72.483 30.063,34.905 26.569,34.035 26.569,71.684 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5028"
+               points="36.298,74.341 36.298,36.518 32.789,35.652 32.789,73.519 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5030"
+               points="42.532,76.201 42.532,38.13 39.007,37.27 39.007,75.354 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5032"
+               points="48.765,78.06 48.765,39.743 45.224,38.887 45.224,77.19 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5034"
+               points="54.999,79.919 54.999,41.356 51.442,40.504 51.442,79.025 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5036"
+               points="61.231,81.777 61.231,42.968 57.661,42.122 57.661,80.86 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5038"
+               points="67.466,83.637 67.466,44.581 63.878,43.737 63.878,82.697 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5040"
+               points="73.699,85.496 73.699,46.193 70.097,45.355 70.097,84.532 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5042"
+               points="79.933,87.354 79.933,47.806 76.313,46.973 76.313,86.367 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5044"
+               points="82.532,88.203 86.165,89.213 86.165,49.418 82.532,48.589 "
+               style="fill:#394d54" />
+          </g>
+        </g>
+        <polygon
+           id="polygon5046"
+           points="117.005,75.212 92.65,94.398 92.65,46.469 117.005,29.184 "
+           style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+        <polygon
+           id="polygon5048"
+           points="117.005,27.429 92.65,45.131 5,23.314 32.538,6.683 "
+           style="clip-rule:evenodd;fill:#ffffff;fill-rule:evenodd" />
+        <rect
+           id="rect5050"
+           height="92.299004"
+           width="3.5250001"
+           transform="matrix(0.241,-0.9705,0.9705,0.241,3.2084,72.3107)"
+           y="-12.046"
+           x="46.075001"
+           style="fill:#394d54" />
+        <rect
+           id="rect5052"
+           height="34.868999"
+           width="3.5250001"
+           transform="matrix(0.5701,0.8215,-0.8215,0.5701,74.5518,-71.3707)"
+           y="18.122"
+           x="103.715"
+           style="fill:#394d54" />
+        <rect
+           id="rect5054"
+           height="51.174"
+           width="3.523"
+           transform="matrix(1,-0.0022,0.0022,1,-0.1552,0.2041)"
+           y="44.498001"
+           x="90.234001"
+           style="fill:#394d54" />
+      </g>
+      <g
+         display="none"
+         id="Layer_2-0"
+         style="display:none">
+        <line
+           id="line5063"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-49.362"
+           x1="-77.349998"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5065"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-46.612"
+           x1="-77.349998"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5067"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-4.362"
+           x1="-77.349998"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5069"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-67.064003"
+           x1="-52.994999"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5071"
+           y2="-49.472"
+           x2="-76.915001"
+           y1="-492.659"
+           x1="532.88"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5073"
+           y2="-71.179001"
+           x2="-165"
+           y1="-492.659"
+           x1="532.88"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5075"
+           y2="-0.271"
+           x2="-77.349998"
+           y1="-492.659"
+           x1="532.88"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+      </g>
+    </g>
+    <g
+       transform="matrix(0.76325157,0,0,0.8038217,161.39072,213.23614)"
+       id="g5133">
+      <g
+         id="g5135">
+        <polygon
+           style="clip-rule:evenodd;fill:#394d54;fill-rule:evenodd"
+           points="32.038,0.183 0,19.314 0,72.66 92.65,101.222 122.005,77.57 122.005,22.429 "
+           id="polygon5137" />
+        <polygon
+           style="clip-rule:evenodd;fill:#a5eaf2;fill-rule:evenodd"
+           points="5,23.314 92.65,45.131 92.65,94.222 5,67.66 "
+           id="polygon5139" />
+        <g
+           id="g5141">
+          <g
+             id="g5143">
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="7.917,29.184 7.917,66.177 11.364,66.906 11.364,30.067 "
+               id="polygon5145" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="14.134,30.801 14.134,68.013 17.598,68.765 17.598,31.68 "
+               id="polygon5147" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="20.353,32.418 20.353,69.848 23.831,70.624 23.831,33.292 "
+               id="polygon5149" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="26.569,34.035 26.569,71.684 30.063,72.483 30.063,34.905 "
+               id="polygon5151" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="32.789,35.652 32.789,73.519 36.298,74.341 36.298,36.518 "
+               id="polygon5153" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="39.007,37.27 39.007,75.354 42.532,76.201 42.532,38.13 "
+               id="polygon5155" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="45.224,38.887 45.224,77.19 48.765,78.06 48.765,39.743 "
+               id="polygon5157" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="51.442,40.504 51.442,79.025 54.999,79.919 54.999,41.356 "
+               id="polygon5159" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="57.661,42.122 57.661,80.86 61.231,81.777 61.231,42.968 "
+               id="polygon5161" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="63.878,43.737 63.878,82.697 67.466,83.637 67.466,44.581 "
+               id="polygon5163" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="70.097,45.355 70.097,84.532 73.699,85.496 73.699,46.193 "
+               id="polygon5165" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="76.313,46.973 76.313,86.367 79.933,87.354 79.933,47.806 "
+               id="polygon5167" />
+            <polygon
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+               points="86.165,49.418 82.532,48.589 82.532,88.203 86.165,89.213 "
+               id="polygon5169" />
+          </g>
+          <g
+             id="g5171">
+            <polygon
+               style="fill:#394d54"
+               points="7.917,29.184 7.917,66.177 11.364,66.906 11.364,30.067 "
+               id="polygon5173" />
+            <polygon
+               style="fill:#394d54"
+               points="14.134,30.801 14.134,68.013 17.598,68.765 17.598,31.68 "
+               id="polygon5175" />
+            <polygon
+               style="fill:#394d54"
+               points="20.353,32.418 20.353,69.848 23.831,70.624 23.831,33.292 "
+               id="polygon5177" />
+            <polygon
+               style="fill:#394d54"
+               points="26.569,34.035 26.569,71.684 30.063,72.483 30.063,34.905 "
+               id="polygon5179" />
+            <polygon
+               style="fill:#394d54"
+               points="32.789,35.652 32.789,73.519 36.298,74.341 36.298,36.518 "
+               id="polygon5181" />
+            <polygon
+               style="fill:#394d54"
+               points="39.007,37.27 39.007,75.354 42.532,76.201 42.532,38.13 "
+               id="polygon5183" />
+            <polygon
+               style="fill:#394d54"
+               points="45.224,38.887 45.224,77.19 48.765,78.06 48.765,39.743 "
+               id="polygon5185" />
+            <polygon
+               style="fill:#394d54"
+               points="51.442,40.504 51.442,79.025 54.999,79.919 54.999,41.356 "
+               id="polygon5187" />
+            <polygon
+               style="fill:#394d54"
+               points="57.661,42.122 57.661,80.86 61.231,81.777 61.231,42.968 "
+               id="polygon5189" />
+            <polygon
+               style="fill:#394d54"
+               points="63.878,43.737 63.878,82.697 67.466,83.637 67.466,44.581 "
+               id="polygon5191" />
+            <polygon
+               style="fill:#394d54"
+               points="70.097,45.355 70.097,84.532 73.699,85.496 73.699,46.193 "
+               id="polygon5193" />
+            <polygon
+               style="fill:#394d54"
+               points="76.313,46.973 76.313,86.367 79.933,87.354 79.933,47.806 "
+               id="polygon5195" />
+            <polygon
+               style="fill:#394d54"
+               points="86.165,49.418 82.532,48.589 82.532,88.203 86.165,89.213 "
+               id="polygon5197" />
+          </g>
+        </g>
+        <polygon
+           style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+           points="92.65,46.469 117.005,29.184 117.005,75.212 92.65,94.398 "
+           id="polygon5199" />
+        <polygon
+           style="clip-rule:evenodd;fill:#ffffff;fill-rule:evenodd"
+           points="5,23.314 32.538,6.683 117.005,27.429 92.65,45.131 "
+           id="polygon5201" />
+        <rect
+           style="fill:#394d54"
+           x="46.075001"
+           y="-12.046"
+           transform="matrix(0.241,-0.9705,0.9705,0.241,3.2084,72.3107)"
+           width="3.5250001"
+           height="92.299004"
+           id="rect5203" />
+        <rect
+           style="fill:#394d54"
+           x="103.715"
+           y="18.122"
+           transform="matrix(0.5701,0.8215,-0.8215,0.5701,74.5518,-71.3707)"
+           width="3.5250001"
+           height="34.868999"
+           id="rect5205" />
+        <rect
+           style="fill:#394d54"
+           x="90.234001"
+           y="44.498001"
+           transform="matrix(1,-0.0022,0.0022,1,-0.1552,0.2041)"
+           width="3.523"
+           height="51.174"
+           id="rect5207" />
+      </g>
+      <g
+         style="display:none"
+         id="g5209"
+         display="none">
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="-77.349998"
+           y1="-49.362"
+           x2="-1830.454"
+           y2="-492.659"
+           id="line5211" />
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="-77.349998"
+           y1="-46.612"
+           x2="-1830.454"
+           y2="-492.659"
+           id="line5213" />
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="-77.349998"
+           y1="-4.362"
+           x2="-1830.454"
+           y2="-492.659"
+           id="line5215" />
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="-52.994999"
+           y1="-67.064003"
+           x2="-1830.454"
+           y2="-492.659"
+           id="line5217" />
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="532.88"
+           y1="-492.659"
+           x2="-76.915001"
+           y2="-49.472"
+           id="line5219" />
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="532.88"
+           y1="-492.659"
+           x2="-165"
+           y2="-71.179001"
+           id="line5221" />
+        <line
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+           display="inline"
+           stroke-miterlimit="10"
+           x1="532.88"
+           y1="-492.659"
+           x2="-77.349998"
+           y2="-0.271"
+           id="line5223" />
+      </g>
+    </g>
+    <g
+       id="g5225"
+       transform="matrix(0.76325157,0,0,0.8038217,61.077665,295.91495)">
+      <g
+         id="g5227">
+        <polygon
+           id="polygon5229"
+           points="0,19.314 0,72.66 92.65,101.222 122.005,77.57 122.005,22.429 32.038,0.183 "
+           style="clip-rule:evenodd;fill:#394d54;fill-rule:evenodd" />
+        <polygon
+           id="polygon5231"
+           points="92.65,45.131 92.65,94.222 5,67.66 5,23.314 "
+           style="clip-rule:evenodd;fill:#a5eaf2;fill-rule:evenodd" />
+        <g
+           id="g5233">
+          <g
+             id="g5235">
+            <polygon
+               id="polygon5237"
+               points="7.917,66.177 11.364,66.906 11.364,30.067 7.917,29.184 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5239"
+               points="14.134,68.013 17.598,68.765 17.598,31.68 14.134,30.801 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5241"
+               points="20.353,69.848 23.831,70.624 23.831,33.292 20.353,32.418 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5243"
+               points="26.569,71.684 30.063,72.483 30.063,34.905 26.569,34.035 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5245"
+               points="32.789,73.519 36.298,74.341 36.298,36.518 32.789,35.652 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5247"
+               points="39.007,75.354 42.532,76.201 42.532,38.13 39.007,37.27 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5249"
+               points="45.224,77.19 48.765,78.06 48.765,39.743 45.224,38.887 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5251"
+               points="51.442,79.025 54.999,79.919 54.999,41.356 51.442,40.504 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5253"
+               points="57.661,80.86 61.231,81.777 61.231,42.968 57.661,42.122 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5255"
+               points="63.878,82.697 67.466,83.637 67.466,44.581 63.878,43.737 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5257"
+               points="70.097,84.532 73.699,85.496 73.699,46.193 70.097,45.355 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5259"
+               points="76.313,86.367 79.933,87.354 79.933,47.806 76.313,46.973 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            <polygon
+               id="polygon5261"
+               points="82.532,48.589 82.532,88.203 86.165,89.213 86.165,49.418 "
+               style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+          </g>
+          <g
+             id="g5263">
+            <polygon
+               id="polygon5265"
+               points="7.917,66.177 11.364,66.906 11.364,30.067 7.917,29.184 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5267"
+               points="14.134,68.013 17.598,68.765 17.598,31.68 14.134,30.801 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5269"
+               points="20.353,69.848 23.831,70.624 23.831,33.292 20.353,32.418 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5271"
+               points="26.569,71.684 30.063,72.483 30.063,34.905 26.569,34.035 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5273"
+               points="32.789,73.519 36.298,74.341 36.298,36.518 32.789,35.652 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5275"
+               points="39.007,75.354 42.532,76.201 42.532,38.13 39.007,37.27 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5277"
+               points="45.224,77.19 48.765,78.06 48.765,39.743 45.224,38.887 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5279"
+               points="51.442,79.025 54.999,79.919 54.999,41.356 51.442,40.504 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5281"
+               points="57.661,80.86 61.231,81.777 61.231,42.968 57.661,42.122 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5283"
+               points="63.878,82.697 67.466,83.637 67.466,44.581 63.878,43.737 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5285"
+               points="70.097,84.532 73.699,85.496 73.699,46.193 70.097,45.355 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5287"
+               points="76.313,86.367 79.933,87.354 79.933,47.806 76.313,46.973 "
+               style="fill:#394d54" />
+            <polygon
+               id="polygon5289"
+               points="82.532,48.589 82.532,88.203 86.165,89.213 86.165,49.418 "
+               style="fill:#394d54" />
+          </g>
+        </g>
+        <polygon
+           id="polygon5291"
+           points="117.005,29.184 117.005,75.212 92.65,94.398 92.65,46.469 "
+           style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+        <polygon
+           id="polygon5293"
+           points="32.538,6.683 117.005,27.429 92.65,45.131 5,23.314 "
+           style="clip-rule:evenodd;fill:#ffffff;fill-rule:evenodd" />
+        <rect
+           id="rect5295"
+           height="92.299004"
+           width="3.5250001"
+           transform="matrix(0.241,-0.9705,0.9705,0.241,3.2084,72.3107)"
+           y="-12.046"
+           x="46.075001"
+           style="fill:#394d54" />
+        <rect
+           id="rect5297"
+           height="34.868999"
+           width="3.5250001"
+           transform="matrix(0.5701,0.8215,-0.8215,0.5701,74.5518,-71.3707)"
+           y="18.122"
+           x="103.715"
+           style="fill:#394d54" />
+        <rect
+           id="rect5299"
+           height="51.174"
+           width="3.523"
+           transform="matrix(1,-0.0022,0.0022,1,-0.1552,0.2041)"
+           y="44.498001"
+           x="90.234001"
+           style="fill:#394d54" />
+      </g>
+      <g
+         display="none"
+         id="g5301"
+         style="display:none">
+        <line
+           id="line5303"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-49.362"
+           x1="-77.349998"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5305"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-46.612"
+           x1="-77.349998"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5307"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-4.362"
+           x1="-77.349998"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5309"
+           y2="-492.659"
+           x2="-1830.454"
+           y1="-67.064003"
+           x1="-52.994999"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5311"
+           y2="-49.472"
+           x2="-76.915001"
+           y1="-492.659"
+           x1="532.88"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5313"
+           y2="-71.179001"
+           x2="-165"
+           y1="-492.659"
+           x1="532.88"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        <line
+           id="line5315"
+           y2="-0.271"
+           x2="-77.349998"
+           y1="-492.659"
+           x1="532.88"
+           stroke-miterlimit="10"
+           display="inline"
+           style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+      </g>
+    </g>
+  </g>
+</svg>
diff --git a/docs/installation/images/mac-page-finished.png b/docs/installation/images/mac-page-finished.png
new file mode 100644
index 0000000000000000000000000000000000000000..7055a92fdfb07e90aa5e89c8b79e3409fed5d8d2
GIT binary patch
literal 158534
zcmZ6yW00u9vaZ>-ZQHhO+qSz`W3_GDwr$(CZQHZ<o;fG(oxfEPm6=~g7V>?*a0NMW
zSSTzg00013NeK}p001Bx006)i2(W)618W=i001zkmcqgclET6S3QqQBmNupU021NJ
z>fjp6<7heBN)V8=2!NFN?1F!jceoe&#Uy}&kc0`!*5XA$R|6s-A|h(S%G%Hb&`=RO
ziPk;?!Xg^z&}_=OB!SKzyT5l{<$BUTPp3G|f1GcozRdvQT1_EA(#wDVG{1BVi+a(S
z`3U1BKalh8$boJAIU}=)@1nvW0DmcN?Eyu;y6os;o@ZTuRZ%#%aM%DOK!(P%a9q)b
z!~y!2*MSV_0D|PoRx=Z+5f0rDsG$i30m4ie<&uqH8Rb%pq{C%hir9zv0OHDNQW#JH
zI32yr@VHS&;*kYx#!v6w5bQ(OqO(U11h!!Bi>j*D5hj%h+2no*<t}=MW$<Fhjf!K8
zE$NU5KkuAC(yKgv%{hNsO-v(3PUeE6Gss}VP)=bkTgZ)F>oA0GB%t{@X>g24!)6~j
zkUSZCQpupgFq`oWPTdDH0Kxp|GY20aLoim5Ov9Lrc*N^jr77-%Uo0@_*%|(#kVBh`
z$Bc+SwsH0-8goQrV=!SkgYq-mz^E7BeE|`MP{Z;j<f7q{ABVS`-Wv@Pqy)AxlM_?9
zFa0R`WVo%RMJu3Co>al#ccSF$7cGG)PfuV@LN^*TlHjNizKqF6!o__U-EU>R#WC99
z)Wp^%0gvoI7>jWlJN)qwjrl->WFi*3uBWmq@hxhaS?ka0Dr4NWZg=pPy!7LhGY1uw
zcsITUZAY9}vg3dg@?*aPlpzS9#hd~=_giJ0;{f=T6#oK%h7hFM1A0`PP7}{E34;Hm
zh=czL2!nPS`R*bq)QJOs)*o$N*ug215PKxS!`!1B(rn|p3F+J;tb6sF#&R3V9{Eap
zFm6Qh4(A&JD8QdL$pXi2m<f`FaQ`j;ypeR5IwRsC+ahs6z6mhkm<Z;K#C#ZKjs%q_
zQ55@~JwS!<HJSm*&%^$Bk2Xt%>HZwGaS$HcfO{R#CG;J`HQ&4F!)XmpcR#pcVCOFT
zj?cHq8h+LK;mJ+gjpdBFIF>oS64NA!eSF1h{ossvg=anJGryZnS%bP_aE0Rz*6q`(
z6YCq2Gm>31y=udVtqmeiNM>NuE(+2HiyFjktgmXkYW;e^Z)_C9gdn}eK5{xeiC_<U
zwdv;}q-Ui~J%{Wa(=j8+wPg&qw6!z^_j~)K`}XQGmFU@oI6QFEb)^Q78&*jF&>dX>
z-dj@!IJ@n=eA?-|ZbtJv%(jVVkgpgV#syUH<JrQr5`aDfG)_xotplg)1AYr2K!7U{
z1WJRf%mHg4xa2ed)PRZ*fYg9y3xKMFy#n#<^KpP+2|#mz$^uOlAa8@b8El>h*9#E5
z!-FA)5E8P0z*Q7(LIfUysTadRWFJC@6eNlVA%T<>eG7xo^rI1$ic=~ATK8Wf>LnhH
zQyv2?f^Ls|BKRJ|K4Ol@S5d)S7J;1~FC)GP2P>REgJD6P7JHl*a$(hqQ7inM1A9XG
z3)vm+T1Y=n2xHKI0le5h#V9_74Lyofk0KLBI}lONRE5Ru$2#cdje9u)RwvJaSb8Y4
zg;O&NzyoG}xc)}ug{tR&+mC(c`o*;q2!F8qFBq`?s6817k|AUzNM{JqAf^Gk0mT8#
zw!#mH+i(%0KnoEUKTl@=G`TE!9nmeRD)JVj&amzwLZt8_F(%^ngaJt!CA#vkru3#*
zmjsvSCGii56jJNN>T#bV5vE)n0XpJa(p&<4Vt!)yNs2LyF^<WgNe7dY@v8WB(nT6)
z)e?ELv;qmnf;OcB%JZb+B&P|$3Cs!L32jYHO<hg$_3{Rub<&3825{5a$(J#o0xCt>
z@|~q~6~sTR%^@37-O}FDh4V0$cugW&bhfP3DXtkWVK0g?bmoNU6r=IlH0qSA1a7i7
z$z4%h{#~VCGVfmROz(pa>c`+HCMYndU8ovRktkHCF_c?s7)nLdT9hHwW|TEbTb1sD
z_w7iM;|k;I;e{$?P0Hs@O7ysem-F4{HXlqMbRU?1bD0#^B{&s0b=yTedYwWa@*)x<
zs->zXbdsf#52?0cq726%OiY+o7~mM~82RMqvi3OrxebqlfRSrt-}1N=mxYrnwW_pg
z|0+K>Vku9n(+b;WYZYz?|Iyi2@viv5d8T@1z5qr}Chw3jk*CRVw>aR1RT)$vRx<7x
zk&B+h63)=d_{jj8p3W#`1#iO8!qYm}!fukYc(z__-fr^Pz;2Sa>NTif;7w1Tax&v~
zRuC5^7Z5LM6fPAu*I1Qc7i$%0)qBmy6P;D07qt)6%iPK9Y4Iuh0s7|p_5@=BivhC)
z%Y>Q1^kQIPielEWTeEoEl31pgqu4E*IrC?nUfbr_Y}<GXft(+jCmA%Ulq{vRvNF#w
z)3W@#48z*Uewc2{dYK`TcEl3SU;cN&*14j+)Fa0u+anfqkZ7o&uVDUQ+2ngXJaJW)
zkNrKfINP-3m~Qe@O-fBr4ODGf&Av*udVM8%h26%2&4(@0Hp515Gh^M!w$kQyZT?#5
zI%TtY-MiVX4t)c^?$&M2O~PsIz+qEyopHc1`Ot$rATf2(s1&VKe&%JSeI_*P*Ok$2
z++qFl!7E}O<t9m2`LFIDUCkP9ozCqvJ4w6E?T+m~Tbeh^H?h1=JREqPyg42j?j@c#
zk6y>7=cG?u7tj5h>z?^;mGCErx5`(G`;|x7huZs}WAdx?%e6E1bGtLXJ-*fegajN0
zx_#FI(*mvrwtEI~!gB+8F9uc)Dh{G|hX{)Zh7!&cSXd|>d{2UDf*AZ&j5tByA+_+n
z7=|eExc8$f2TNh)$;!E6TB3AeJm{ja8K}+d7v4?kPZ?*Qj3bN%X)PM>Yv=XN_4o%~
z2U3R}hvcL5QN2ldIepR=QY54!WH)j+87JJfhfO`_u8WZ+yBUTo#y3&W%**CxGdz6K
zK4{h}`y@h2Itx2R^i>XOtkx8q3?9-C1e=-N;ok{|{p)?_ryWkx?XyZc%2LWXr5z<T
z^4Idt^3>AUdmfKe?zM}+3$4YzV-T}t;~3*nlU1`s=A@>$ht&7XZ`X~@X0zGbqzuR?
zkR6TLjqGOdP=Udn&T(0ooU-i`cV*6+CNv+SONpl`>glhJa#vY{&Zwskr+PW&T=vIZ
z=I=i5z0;$oji;@&bDDK7g0n)i!Q5zskqPL{v@6;=ZEg19zX`n3l+w&8dX#lE6twQG
zG<KTK`DXhG13UU(zU9;j)JSOCdN&PTn^0b$_M)RwnaP>zKGY{D`ZV=4l+^DH5#1LD
zwQ9X7zg!Jmrhi7UK3P?*!>!+~?W>*jTT4~yS$dn?yw5&DV5eY*v3G2<n(u|uZP#05
zlVl5Iw~q;rWiy}IYq!6OiK-9Giq%cO(V}UoTfNpM*8f&d6khbPP1}-g^4Xu-_BIas
ziVHUz{#lnhnCZ%vcN@Opdd)nvZ|+=nOTGHh8mv9vL2fVYUdeB9tsU86{bP|`R^z+-
z<emNL{lbpRz+YFGqp0tMfP;eTb?>=w+X@GYZ^eD({?>;WNUR;R5R1l60Q-mqhP{Z@
znTeFq5d(^AZS88w_Ypdb&q~Whn>?x-Q_CsHspxKWWb!kfuO@ieSH7g&ZQHnUlN-bD
zUFdD)Ihwx5d^-D)&Fek$xHbM*bE-|pq0iwue{Xb1`Y8>YdQFGlZRB=r5$Y{Is2W-+
zn=O|;t*hK2r{mn~deJfa+{g}OuhW6)+IXopRn6U6x_i?z*#7usce1_u`fvlgtN-A4
zm-m)GFxViD6<hJk^4{39+4JchD?fWYsu+9w+Tf|rH}3IJTzf}(ZMn{TZQeXvo!k2K
z`Rvw{_EK<Lymx#jFs~osYwKb9buqS!=c|twg@5Hq>&5$EwyfRU%6e<F+YBoT!}~Y)
z+2>98Uc5QhlaJGf>y`87v2mYMUqXMPH^a;J2kq;+Ut(n}%#YMWG6o34#zG1Tz}^ZV
zkF>85xNB7LsOXhGoM3^w5X9eiV1YYB<O;Ct9)Q3M5`ge7N(nR*a7g711;4kD7r@Gx
zc}I+te0W3)D-z0{F({Up*q#-TfED;om4k_?>yOFNC7r|z9YFQ^f@iKq*j-ewu2(CN
z`cq0^?y>%4sWqm%qN_dtfB=A`h@gr);FT`8fy(g8Pm9T-ClCk(smr;jz&QZ~ngF8b
zDtL-{|IY9ZD)b8&kp_Z-CEHK{1XZ^iL>$6`XUorS`gUi#CQ#Wd(ziLwR=e^{)_X~|
z=gCwRr~t<=4Lr|XU!U^~=V{H-(vqH9<nqnqJH`Y?Vxxo~;)umyxx*pp5oQ$g1L%SG
z9kRl4P!J|bfCr|*3-)~|Pc)NEmn2qUl|cNDjek?V3oTkCzqc*Rl%bd=7;^rtSeuU(
z2n!GvV6>mu-Y+)L$#X+WM`%sA&plDyPsRfHs=e}>VRv(qhXkkplv#&aZ+gpwHneP@
zy7NZfFGGW0dlZ2@VG}Li%I-nn7@=P7YIb5`qs>RuIsA_I>vp7MZoR+}c_Tk(tNN{8
z?8e{~rRoe7X&na0GIO6F0;2g)H~`9%bQ@7=f`mvkhX*?OdGP(7FA>H<x!cDvf1uf&
zCDkf~a=O*0_ynXMLDSbSI1tcrnk7YVf8~9W3t5kl<q`#(0)3$m)eJ;syh5+V|Hh&p
zCGf0-trHsk%+a*Mx}qnB^$@Jp`i}RJ^d*+|7JC%Mx<iwQVF(8MxOf-(V09GV5OW4!
z^`0O$57h;Jp0R_93rx-z?H1U>*-O0TPo=JU6FceCWqULhzepR)_i+~XILqs+B_blC
zBx)Lr4@@}2PnZ`5@<p|92M)yorRXTO|3JjDM0|D+4)TLqB0`}w#W>~8P7akaD^SR2
zon$Vj6S<4fK{9bC%_)c_rW-}RD9IU7D)2q^j-hxBw5$Xevg@u^y1@4@F9O7Qh;tBM
zze0T))X}9&J6G_U&Zr#z42?2-vufG%Van&Rck&L==2*fO%mXl3p*+A+Sb<gXdT($a
z!0{Knbvv2gVtT?qil%8tKpyJnz^WDd@DyEEcf&6G@%t3D6tljk+io+hHX5CVl2+YI
zhoX&SGZHptLhry?6#eB`{HRz_>}e1dLqM7V11a}(@|5Dq!#w#ufjRww_jK=5J|6H~
z%HRw^G~vu&Vw(L=2aLyzAVR<vOvPJ<kC|A6X`?tNvo*iV5MTKaZ=dDK+lv!+<k?Gw
zXV~9Q@U$|>ixB_GS}(YN--l&YVMGuj8NIlcC-8AOYo^a3Wxts(fo3&)V-~_w<|KSR
zY7urqNlO<MjY&291pGiWrQAGgcV;>(h$L{~US~LaU@e0<h7;V$m%(~&`|hwnC!!%w
zU{r=w-P*NDNTjF$5-ijCec!?J%8^QUxf-Mr1C`a$tER0DVCB^^*rG&YpZH%Svkj<Z
zkmh?6JNJzpN-jNyT1a<F`D8;VWk^&{K$dAAR7#Q{^xsJT$a_1xq`?nhmnUK3yIw+q
z>_p>W+-Nh{J5FcL9arELj+iYpBq(VOjJ;=Q`(JHMuGasi@(mw>p|-L4Jy6<iZjh5^
z4;}?u$Nt^!1zRUPdo^B%q8sZr-}<kgLLJV?ss#Og$$?5%`nCb<8RT1F)6{uTOc%HX
zC@4!Ik20p%50*Ui7EzfZ6n6x2fA~PM+bG?d+84;@kM~`BmVgkEj_n4ZZs#Bt>Uiw8
ze!D@LtvEGLu(rXhHjwAA932~7Up$Pt47!F=>>&`!a726TfX4LM!GaM=D$1bbj)+9#
z=2ci!n23-U(0VNzi}eXq7b1=6mAD9O9E^drtUVk`UUUefznxscH<tfyl-~!ye%qr8
zP>qa6_9lW_JEH3?pgS=J9F%1;4m0WVzT`Qmwot||cIgPX!k=<i9|w<jLsDPg<VKC^
zy8GGdlzJQgZM#Dj!TiP)N2BI-1K9Z)X`$EJZ1otea)I}w;*^8fj86$jkj=sNUr6Tz
zLvp$tfY~3mr#jf*Gc24KPuv>Bw`_>74Y~=J5CF0P1&425rFt-1<859gt&wl44Do!&
zrZfIxn8F+-4pA)Wlbopw0_S5=l^-DFGShvpA)iN7qIXpL#99x;4vu&(UAiO|tAL8e
z*}!5&V+S*|g$Ynrhkk%@G1|1L6;D0^nf=i)s9L{ix+jdO;G&9!NF-@)j!a!pX%{X~
zPX2BzB>F|HTcwcLMD>?`8x<8*zZQ2Llq;IhQW}ZchK2;_9Q0?U3(EcK5hK$A<2nj2
z3iW8IJysHexT=xCF>T`i>}5XSKse+z2Z42{HG(czU_tG##9L~R*y#3{e5QIY&Y7U`
zFHk<K913bn7{@7eC|hrUsOc1elp1AGpskfq)~i*bN>*GMtk!uWA`JcZPh%X(_r7Cq
zaQVi?c`2#g_}s521<I*#Ut`pR9nYEb4Z7e%;=#(7wo#Or(|T81Es*OT!#Iy9RG8++
z;OgH^Ar?DTkRrWj@lL*_i5{g5T@aV-cEXu2xCq$$49UOT;Y^tZdsS4U7pm5K2Ry{L
zY%}};@u81}JlI9-!jWd@6TjM0NQSKiMF7}rw*s3nxQK@Lby<Hb)~Zk!E=a$M177X-
zwM&;FDAxBW7%;5e8P*L~W{IJMLdTJdJV;_0zk`Yty>Q9sNXiqm0}S)KaBi}j0{_4#
z8LzZpJ_T^c12TYy?mgoQk`*H$H}c70t-R+F9aqjGpdrgjYOtvKhbJN{bAT4zWznGY
zJYz|X=)+n&HB41i5GfhN)dT3}$~<-Mid(J21PzNjA`#0PAGBy8AOefDu@@Me9#TxU
zVXuUtG{1phN4pd`^}97t4`f7Qb-cZ~i%Or3=h9#>GBRFV@{zNHKPz7jBA%4d%?gZs
zu`G9+-5C;DkyWhwop4;QLVSUNh%Blo#)T$j)y5^&0q4|}IB*RrXsHd9CVFp7!Y49l
z93Ug2nhJXzk%{1eNWC8CQ`940jmyev7on_Wp{B7O0=r!BBhfNpJ#b5m)IC|oh{tfl
zMF@jnAo3l}V#p_~nB5!gkKPXAW``)tbNL4lupUmlFEV*BbSG=Qduy*6o^<8TU0^^Z
zm<GSy6~a4?tIAT;6|Z1~vPAVY*!T1`$bQD{lo3ilDE3hmZ;SD9x!guCipL5m*>IGi
z{c`XmwE|#+v1gT{(96*OhWA!cpySVcA*i!hg{*-|R(Ls0<19Ch@1J3vqv%Z`p|DA=
z4Z{!Trv3&&8SNi}U-$5)hZU*uvvNYxwWyBfph4NlYQz|*M9V{r3SJjX)&8UaMnF4-
zt;^^L6VmReg`D3`^+}rR20Von(T>pgx7U!-rl2VKhQF@%>u3{Kb^PSJJavlgu@mp%
z7xZ#wUOY7)aTU2u#Ia^EDnz*v->g3Lxs0?iNPtXoW5H5V$C0Ix3y>t02y(x%Sb$HY
zI#y*N&Y%;^%$v3Ge79JO5g`LdAg+ULw*%iVRZ$wslCeK0Tbn?@{ESHqp`GM=?enzF
zb}FprV!~un8`X#OYuAB>2RkFA2pCQa{~fRp_%RlHhVn!?7<kDux)r}`=?dugf0+8J
z7h-BpNlK!a&VaBk;AN(wOh)hZI*w2y;^Dz*e{cU{l6@?NoMU=peoOXh<|Nj&bz~i=
z$S+5%(*Jibf&$Wy3W<E9jZI4Wk=_F6+z4UO7de!Ll>@Yn<18J#Q7QDn$2)bR-$TMc
zTTj*_z>APlU$Y~>MJ73l_KUWx91)9sF{znAE3vGR4j(UNa3i2%_E)oKusYa;aSEc!
zN2@FCIdBk_wU>y=u!w!#8o<4Wlj6GwNl(F=a3rUuQu<Q`m_ZnBeI(g(H<MOO7|Jym
zE4x<u_>k1@2i2?|3SYwMIu4VbJ{Hc(_BSC}`+fi}?*4{h5<A?l7cO}bZdS}xP^l<*
z(shX@up4Kpf}mov#vYrRZb>~8F;QjwxnI>hVR3#pdb}w1BhBExk2IS)bgjob9%9;x
z6*u@)dqeILA)uzORdR>8eZWIZ_PbZtt-iRRq90j==M7>Tg&)Bzg~?YS1)?=ahcZM(
zJ+={t2fd;Qj@7O!Nqm<i>t}knGTjt=98ANZwwdN(MlzJ4=7ykK>1|8mhKg5&fNxav
zdtH367i|2ofkqF0pjhFbnxVC9$({-xX=$|bJ%_eIxu4Xj$QH|^BP1}cQ6ujczpM!z
z$C8p?@ot<#!1ColBhiKZ3Bvz(QH^B3t1*d;do$1?j*VX_ieh?W;!h5dWuz7J`qD>C
zZ7_8`CTOXBOW({x3F63iH2G|YLU?tSkmImi=YSlxDKWb;fD@q2++Z`ba<pPHz)SBN
zeCQE&5g|P+EJjE#{W1YMb}TtCxelb|0h%A?&oBFOv05){hPHS{sqNo*fKGC?jz_@=
z)^{EbI9?z|PS`S6(o}`ygvBP)?&#-|kn(_qyaT`VWd-u(1X@6*ZfxoAJSEqV8gR&K
zz%58%Biw3?4Zvbm#;M$yKyuY$4~-1{-Uv<Tc1=n?BI+<kU&FzHx2nRb`Wy|xBEC9B
zJJDouBWsA@r6>d==cdP3^W=!Rb_0^T+D!x=2_Dv`8A`}i%Zng`W9tOQ?Zk`C|L!!}
z*i>#CZqFSU7vy0sM@ZFiqT?}LPh+-*V{&#{#)!>}V|Y4>=V)>M+-qYQF+W=z%J=<p
z!ij_oOw(SY6nVMe2hsF&JFLw05!wkOl!%V(TM*SZx>vGlqRN(<yIN~T7lXlu00(6z
zchtN)C)a2Ue?uHQOVh}5f3R@jD=~%DyFxMY`S_vs`nhI$;@&rT;%tF#sn!pVJ*5*-
zwB)>p5N<X8G<=)$se9LXdm^?%#dW0MOAD{^La%B2+qJQhY$=_!BweD=dp8JxM&}dm
zrkZ4MQ;J_%Een5IUv|a;gXaU);bu|&fVb9(oa^&J`GPm5-l(9|9fHC8mnDO>LO;-)
zGSG=d?Yj$O5^c7mr5Oovo)LrLh~(*JMJ`!YRc)w&uYZJ=n=|^a=C3;prVrI-0j%23
z6YYubH*iRn7go&W2An20`{6bwe!lT8A%>R@J82ws$P+)7e=mUlujO>I<12Mg%f<wQ
zNtOXBu(8HYbejR6vJQiHAF_;bL>xn42%?U*hQb!ZBK(_aR;050UsX>3Qr@>e!vKg?
z0Wu144~_>ghk(HKnveE@6*@xWvyooOl>E6{YL0i%3z?bV(nzh0z|bK`btYuUU>1Rf
z)mxy}MRUe!ni|TGBvDOAfr-ByG{bjlM-N0uzb$1d3os#fRNyd1#KzxGMKFP_e!E}C
z6dS=*KIs$a6`a{gCI4#chQL73@I-A0XKe_SJ>)@IT;-U25c?In;9AsbN|T0eLuOr3
z5i4|}0L5JjIhi)O`Ce~Gq(yNcKoK9aglQ%jKu}PKMf=@@Q=`j-7cAR>Xa<)Jho4q6
zXqHmNr8LfzawjtOlvd=`pLniPnY!xRgOV?k8+uxcP52k^Td{pl*_~LK(Lum|W7&hz
z^CeWHl^NbV+XL)?s7mARUdHQZnEh-iM@S@3$9LTa4@U3k+>NQidW6zHao*1AD1*%o
z>T-dVqR=m;@ek=vIv=v`C!9!b&UW3OYpJQ+Z$MV@eGJ|L`kpLy=*X0s;j#Hr!faQ)
zNHm{_)?Iht)-6ZySc|%wEPNZ3s}#D7P&fXpSYvP);nkSYy}p}i_rvRQi=7&9IlN_H
zZnn4^a%RNTq#%FZ4I*}OZ0S|6STtMiJo{cg6u4uCuqlD8q$sU4hnH2w6K3?2X&?N^
z6#Iek(ijo3K@+c53&N6~cd~-ob~sur5kso?N#_lQkEZ#r^>nJKcLOp#Ut1`<u5+#B
z6~V3|nuX1dKj0y`E=){Vq{ic``bHm1loAqcc-PDqhAUOC_s_H1juT^w7C9+?_B}d&
zt*V-<2Wd0e_up=jjF;c9a}1_DC(~Z|;L=rRa~;V@D;1lAW%2(y4i^+aIM)67<UWJx
z-#Bz9_nO%xabfpn9zx?(f(1WIp-1L;W=uqt=h%i(iXJkz5q1J#2~ii@amrIXAYW2!
z`TFzm4`)#fy|9`5RUi72L;QbGL&}~^NBAoW>qa5hMrlEmQm2-I@)XO6CKikPu@<cv
z^q{@%EE34Bg@B$&v?=_k<l-Swkn)K4%?zgr=o1rYG{pFrsl~9qmmt2XAsif5FaH8T
zwLG{y?vRGT)dnpuLi9A4sDxA-{L+eO>hZQoT>z>Ul&2sbhiof{1T;e<#&77@&Z@@J
z`ue8w*?*0{Xha%w9YisU-S5TXGP04Y*?U2Q7Mn`!VcaWN>y1|nVz=UiX0aeubN?wk
z;6a2<%rrP&7%q#j^rO?=D2&jyx9xlp`TQxjkoK=(;0K4Kq+FA}&R$4LpJ16_<A=>M
z)yW(jrk87>9vrZ&9F65bzrIte)`<C_<vz%2oDoSH3~8xmR?ta{Jm&wFp;d;a`F2E&
zxppQBfx9Uk@#r4n@alXrH<cFqga<kveAV{~z)z(Suk9~%TuIC4`FlKAV9H+*p!Ev~
z{6Rp-1+?w?+P^}ZS@(5{dbXXO!C+N+!EPIRfA|wPl;+U9tog`AwBKTeYqCQ_hBxV>
z73m`^c3@%!SgaSlm{5NkKU)9ynkz`1gdh=|mJY*>_OGiAsjOuFYK*yFPQ<geYvCW>
z-<D#3S=D6hQCPf~L<#AQR>yCYE1x&TD$Q27Xe2J9_1Q}XhqLpj+uDoWG9RQI15Il6
zTCq(ua>FZ4^TS|t{lUjsxq~aK!Q#V_d_5(U%fnrzWG#zQ#Ii+*Fph&<JS%f%1afC7
zSaT@!e95eMF-XPyb88c}?zFLrFY&!nwvL3;IAJg_Sw7V1jU1fYWh}M_WE2OIMiT_=
zP>ziuoGBxKKlc-i12lc_m(xQuBl~;dfOew_%;Z3sR2mN;3u9_AvopvxJGM(>@i{@z
zv?s7!fjJYnfVs3v>!opJQubg1UlU}Z@5!zVN0>$B5%;&Mk^apxO(OvW&tIx^W2?1N
z)yS40KKwun<eX{=o6jR5-kotxzN8r})*(|gISo2TB7e1vi%41XKEhYMH7b(oJ0i8e
zhr`6Y3gMQD94nWUszp<3sJ(Z-$V1VTEIJHY-;-9>F_4W&au<p?<+waBdOm-|d7ckf
zB_!lTGhJ~Ry*S|c6bi3fLkptQb#e#qGviQVL7Viy-PI_YSJ{r{Yv}R`o4p84BU1QS
zrr;Bzjxroa`pFPWpdunD6y|sW!SNp2uQ!TNSv}z*nH&+6L&adR_fw-Q6*V-%pjNmG
zRi)kCsa7NjNw`R13rDkN1`+M#jKL{`QVho%P*DIptePTR?Y178HM%K^9JCY_{mSjT
zD?o7fr9p-$?3u2CDwD1?Gh1j8v1v<Cf29AZ<?6rK5sg!fsL7^fdDnK2CzwsK&I6L#
zjSzOqY;v`u)vHQJX6o~B^jNZ3tB2vPId7ynlCTSX(g_N2`VjV1w$6cViV!dBaS1B1
zwlZ3B`KX~!C9nzt+IpOEN~X?vnvW+xAC1w(#>jJFrjlN!$;i(cO+)qBG5u5TxrNfZ
ziE{;#!oJ);8y<BX9UG;HZ@UO@yxwwP>72WUJAn<M4i<9u2O4JC3hLS#78(EAILDd9
znCM5uMHG#FB@-}r7JLfj4@_Hesz)9ou$d%fHp^J5*sBW`xdVw6?GA<t=r?b4Lg?f@
z3qvICm&=F6IZF-cicml!kTeOK+{OI=M1F%SayIJ*SSmTZ2ReDH6)Ep&_gxk58ePD@
z16}EKi{ZQ(I@^f2xYbcs>B^Ay4=h;_&IODJfmWQPe^r)!{cwqU|82fMP9Pj3NBrch
zGLJn6f4J_S6;<M*gCww}JeGx3#K8{=h!kdQ2e#Ke)&{tduwAkJ3A5#cDjQU2AC`GO
zErWlk4_6?Rfik-k1uF9H77A?5aW*^o;W11MCrAFI@%sW+8OC#bHX)})#2AafVJD%Y
z?M<`qh{$MBLx~N}*BN59VxJzC(z2LBD6va%K3U#b43(V+;YT>-x7g@%Sq}X^PUs_~
zZvoub^9Tq4R_C>a9j?y?F6Cvh8D&8bwEBBeil7~xDnnS$@UH~BdPk<z4l(M+h;n$O
z#Lh9A>qFf3U%THP23xF`kb=F~#4;Em<}M+i>$sFGw1waQ^jCe~tr73nIsX`V2CXlZ
zR8%DQyG@rWLjNi=Bv(q(px{A6KUyBoqo7%_ZS$-tXlMi!u~5U)h$w|s7Tu}&lUUuP
z1-iN)ml^4GrWG&@$t+8Ic1WpnX3EL+L(!6diV`MVY<{iMDmu{9P#I{R(?q(hIffR6
znUa<=<_x&Vov_iIE)!VFW*TmG<lawy*m1N7LqiQQjavQNss<sJTIj${BLQ~vnF89m
z2rW%@C=JI&)CYvN5rf-=6GP2jd!@Mwah&lQb0q_gnRVWeG2>c~ER%hg*z(UQ4KHE?
zw`GY>2Ed{%K&NXx(j|%&5a*8Mr)!p+=IMo$EqDF9zET2k&6S(4DYV!gb3>ny{^rju
z26*CrZ7a!*MdUzO8nu$iFEl(<_7*G!CIlsN_J<^f<mTL!_plw0^RKUj=g(KK6_+C`
z4Csd;8_G60m~LIfOS^!6VezEDb7$$_F&x0yJT2~uv%vY{{c9~bC>tN01n6mI4O`RV
zTr@S}uxK<pQmfhR1PAk1jgW1y1ba>*BGZvGA1iJ2y?x`#bBd<5o6_d|J#e(yXhxsb
zZW6ma{7W4ET9WJp^L`2q|4oX*6~XyJrJ$k~Oh&trCwqxTG0X3l+*_ppc1ssCyE_mG
zvpo?3b##YvA-EA`yWWJiSkfbVy{`9ky_o8%<v3=sh=r|2JKBJ1&58a-Ayd<@zDqCu
zxH7Fs&x$I0F?`Tz-!pVm#WMpb=f&%bXXe`gplW14^27$EaDE;==QgI`VxgG(VuWvG
zZ%4V&YFiD5a<!E!9j(H3Ky>}))K9L_YMRQ$TX7*vc+t8fep0d4M#54^yPm2~)AzEC
z0>BCWbN6h%mXIE3)--LM6yINaLS;pP?!?^@@Tf<4GMx*L&T8uP9g(RuaKXeWyI|%p
z&aQ8KS@UhB_jNpaD?y#Q>cv9FCuy-j0H^Q62G7mZm@IbdxiM*btV)k5%j_;z4Abad
zEoG{K^W!<)Y_ZFO$!tE=_p@ch8mgZ9`1u)Il3&klh0jo1{7+(-;9&h4Sxg&^a`V74
zEGbQZoibj^>S61MQfC4^Mtz1E!^}U%7g|*@v-SF_VPLK`^OevHwOA`+I6flu<zdqQ
zyO9o&DLAO+v##wCr2}b~AhDp-sHUhG9>_C&e7=N==EDmXyaYg*tOCm9r=2xynMzD^
z$!P`MU|8&Tn!5B=PP0^%jPCeJ^a10Z7;~&%pzLidRpmsM@jy3ve`tKDs51piXtj>B
zmBM;KFp$9#G_-C3f{ZK*Y}fNkM($LuShD_`8Fn`GuK^w77rIdpRRdh-yXrCaZOX>F
zdKLCX=BS{oG=e;vE;=l6w34@JE0~_0aYkZQ#Q78TqpwT!c<<XzyX)(VK~5!SgZEyS
z0O=2TEZ+i7Dx0WwJx5r`xa09{>a~-{H&Hg<AVQw+R%<8q@A#A*f!C+)e+)Lo@O{@j
zTjR<umE-Rl(eK$$F$Qg=#vR+}!PEEt=FJeBOh)?AXNzknf>A9=qJ9+bgG6W2W3T=J
zm4AFHunAXFQ*-2Q!IR^@<bk=^OkRy@n`^u!xLR*SU)=RU)nBd+<;jtfugDertRv)s
z#0ys*jT+Wg-sx|Y=a+;n0tSDKV2COuItCEh=?Sdxn&;9SL}GksT4X$LN57xXdT)Em
zQf4UIg`4uQhw{;A0yriOb{HZ#h~nd6m4@y0LIAsGy0^W%_5HXka!^a8do~?d#586!
zonYbNKer?q5hp$spo_t0!r`^RMxR-%FpuJc#GldhBX6-U*bo2Lq#&2$`a=_3OJZ_8
z!DcuTEXw6qiDKXN#8Z0}*5?n*$>YZe!rReuyk#{yR&V|>`S*j8WJvTLuT$p<n=9bO
z+qT}l--brJ8#-0b8y9OydW5o2?C{*2{4g+<Z}=^8_6TRZ0<Xo6)w*Jr1?U$UXjyod
z{~cp!Y9Gl=&w1FsEzadfb1Lj;5y$@R*m90}F~P>4BTx=@TAQGkQG7X%*2A}wn70ro
zFvTNMB|ed5M1y7GwA1u(B>F;?Oxp3nk|YJ={ZM3Ynm25$wpV29g*FU98#-Q$lQH$K
zvZiSkz@1B3135rQ<N-Tt%(JhYAz%EHRbLd2{^JYdK4%%CHH9he1v5;bzLapHO!JZC
zm4sGPp#rpO!$OLYsA>EUt`m9Yl(|!A5(Cjd`dUqxnJkNAbDc?@+M}i2)Zn}I$(%iw
zKR+noJY47csISf&psV*g7ZMJi9vE)r$Di`VZ*Dr=^6Sq+(^ek~0qvT->|nyJGH6}q
zS0XAxOv><j4tGB+jGW9W{ap3CxSmY6oa@;MG2WjB0TliP9h}2Xx7+;`>*9_?84L17
zKYchP71gBjCNxiw3>Hfec>9mtc58OqBAqbO?+}z2SBFS8zIHyO!uP`AcT$U`G_Air
zUe}wmOhaOk;E+-85*o?X(>hiwQ02qSBjq}minTt#L&GA97KnmL=V76#n|_^c*Fut-
zpr{}578^~N1;n^gc?q_?2VXoUH`}E?9t82d4huz&!mRr3K!2)oS0E6#_>w8<J@v_?
zEE86$EREONgFDP$?KY;89VVP9I{V#Iu8aFT2)HBFVMP~j=mjkSg!W*2J}j&=o89Pb
zM-$?bhIaoJ?~(B&J6*cZ@;!)jHl($Iu-GQdluMbh%zvy~Ot#=_g2OqDG!iuH0kg<d
z*2>v&S&FA7CkL`v&Dm@LO;2sf6S857c4gL<72zn>J6h~CQF@?n>TI-0e7ApRj9023
zrJ@@hB5A4_&&2CpnZGB?;ol#)QcfoKBqw&qsuOc+uDaO0PXLA*s5Xfc-<=W~+?eP8
z3|6<FI5??Q@)$VS%)xkL-H$AaC~s$v-0h)R5X^kxJ%OKr?ZW=emtTN*uuL*NI?lEh
zM4u?_0v|})6YHI;uhQ?;1I1S~NF2i1B8t&`aJLOzlemjq9QaJ>+6t)~QzIs4Ed&S*
zCn!WhpqLAL{7qxMW~hK$7$J_m=TR{z1fwYcG$GtW8W=yM7|`;o;epxvYVBjD|4j^6
zuvs~xOitk^&OYL-V%{Hv@j?IKu`$EVM|?9zjH|cI|6aN%j;!<8k#=yf(YR<8Uc3>W
z`%1g{lH3J(=i2}EkyX1cUbM)KY|sCA)nB1Pm;M}0OCmHZkW@M(xug5m@8~IFZd&}A
zv>g5tU@^-Af9ofCF%uFVsrth5$8z3UKrPPuN-49*77=1fMVu%d(xh}x3kGXnV|#LA
zhSmE%R@9cr3GC$&D0qN|9x?5CFf6|qav;uC6sOdun?&6g)#Z`?Ida-3&<!rf$KRL5
z;Qp93ULMk%Kp-E8&m}L<-P3EV{`!M1^NpV|P}qjW^Qill=!)<cEcfI?0?${o3jDi*
zS0%Hd#=j$d5-ueCM48F@-#xw&k%3F=OnD-i!MHlvZP1>FG^!@VW*@%d-JZhsa63tA
zo?(&oJvqz3=XA?}qY(yiDT;9c2k(eJu3AhJP|xa!HK<h}YYOo|h3{{)+vLX|lr@PZ
z1BDzhBG8<84uP=THYs;xqk+ia#84R%K`bOh2f-3xkHA}hci;4^B8f$LS&MOy^HOs;
z`xo$rN|WYyYf!qhx{}c>HVox$HlG%ff|fc1u<Ln<uXl(s)0%YdmIt(7B^GOM7}ill
zsZV1FC0{=94v_z{0(blb24jdq19#Z+#8oZLD>x+$8O)MmiOdC79$?21%-w@;$AM!G
zX1zh6$6zUjZ_(y;Fup>)Jf;Xt{IVY3MDUZ)cU2%PAE>m8iv##UCz1~U#>-#t%u+&#
zBX7M<{!w7YNN7{o2dNywR4BbpV7Q0dIyph<JJu>0iut#KIWSuJP0@G6yqY=fbp1tS
zd@5<@+k1s8UV=ayg@|v?2ndB9n9e@5<G1HezHs^(75~-5Igo%xHZWz3W%NgwF%UIU
zWiM+YpuE|O**ycDLIv6Hc#6EnP3Bl~0ENuj#YmY=NQigFBsR=61-|;7fLH==r>K7n
zKIXarX)~qhc^+rSsO8I3bupAdg4`h%6DTBjis}qF9+ytwrzfvMJK`Rq9;_#+O(oi#
z9w4SC^9;K9Rqu8QeEZ}4$OR7L-V`>x*ex;_GrseSp8sh}vjPGw5U}W6<rw=P<^Mno
z3y=#WpwO!GP|d+<o>i{i;F@W`cmkH(dOhs@&?I{ijHf8_L2KI96o=*?X}$-86woM#
zKyc!jslfOWu^j|0vA>6uG@Fm_+yN7qFyKt(10YcV1cK$uxm<CiapCZRl*%s6t!N6B
z#K3$D3Z{5Sins_z<y;hJ+**3XhPGaKHU26&0;urf{7HIeor*R82fwo$BXFjL`B8I$
zPlX)RBVAB9jw%koq@q`z3{LE85DniGVzC(IaEPgMIQ<px>)ckvnriv7nulEG#!$;&
z$WMP5<#jRc=1IIGS(N?XwEQR7|H46ix59ZLbD~Hgb<fsi-xXa%b);kur3Fp@FT3$y
zdgwotN?9XB*)CFb<Cf*f|Hl;lzwC+y$Weyo_5W|^f(b~=pmMUh(BuDFMF6C!ucXue
z|FrMV72}7tcHs_e`SO3S;V=98A8_e^jIaRx!2zVLTfPTdxU&2o66n8^K$$nd|Lf&{
zQ^@fj<A<<C>;ISWJW#f6@c+xklH)&r)JCx-8cYA1`~R7Qw&{TXU)t!uu^&QM_*ciU
z$C=6hm)H59NwhT={Qv!q|M68}6mbqn8`qv-I_LlJ91E~BM1c72R=f{LybU;IP-W@#
zdEoH5->$Lm+@;?w&83%Z&8V^8ur)pfx#!nEZTR4H?bSMr!M1G>5PkBA$vcf0=dNSV
z$uoAMr58uvPaXP^%jeHdA<`-&&_C=ZZ}mE0^O1Tp==#mGGq$OB_A+Gi`dz)%?@5*V
zvuE|tOrPILcW_{>)*G+w9~*qus;sLxd|#6-wwD{=N6OCr`Z@#oo5W?s_p47VkUy#$
zuzuSU>rIM^urC71%tudd2c@FJor$vuin~Bm=Q0SG<+DK<)_^@QX%9YQ)k^GnNUzam
zgD!{74Rw#0<n1#Gfvh+^J-jXHPff&=<%OSv9yuIQaq#_SFmrn5_JGkO0W}%`&o3Y{
z*@NL?^H@l;p{Jt8W!T7#fMymrtQ-D5g}v(o@!@7W)g_Kj2REA@qX<!V@1<(`_B0q9
z=W`X#@sb86KD0b4r>S}zq#FdaX}=9p-*-_xFc51_*t6_-wn%zNas4ZAOAHN4ho9p6
ziFxAv&Wq*737DG27Zf<HD;=D+axh??I}<`%%^UK39`d|9HA=7P8imV?z;?!`2W`Ps
z21j(KZ63&_0Xm%^ws!|XagE3-D~;|Q?D2SF{Iey0H>TTacrX}iv=cDP;QPb#Rp*4t
z=JUvj=l!6X<Y7~%eAb{S?OGN!G#t0zJo@f|&`)lDiNy2tWP(HEJZRNSMTl5*GCTQ-
z;2JERZ<*NS&mnHY(c}ATn&r8?P4T>ujMhI!#zNZ7Gpt#~rh;O=f8%-6x53-)pi#ka
z-OkN;efjLbVdHN@lY6ex<M%}V&SMJhu$;!2c0b4_645fC?f<&#j>3#yTMD3F?FXNN
zNyPcl>^vasR~q*wuzz7##5!=aoz>Oi7980W%t;6t7H4H(HphLH=<)4RL<=X2dbF*@
zyg;!?A<e>hK%%pc(YKptQN-@RwnNIV1Df`=hMU%E#Eyd!mCXFcG+)1QRW`956Dbzk
zpZet&2GO#+KM9MV{5>f*ZHJNNe)&#*H~)oN$2kD=V#QN=spAZZkRz<XLGvQ^%Z$uc
zSFbo%B{`aV;qWbiMaI!`R=aN%o(Nx<(2ec5+@5OqqCOety+`2n?|Dc}+-n7V0^jIy
ze^M#Gzx^J$7Zx#+F}vG0G|s$N&_?DVB*jxS1IGKGPJcFp%IuggIeLdpbYE_ep9S@v
z#8Bem&S{ZNFt8~Gdlhp-hE7Oq=`Ogu2j>9M0ORjDHv%$humc@SFnFWlO+5iAE2yiF
z_oQq2G9FmvY;;#3r^5$H4c-9Fj&MusmMW^n{H=}G!@fh&sI&GGsdm*C5o{v?{VBi}
z8n%*>66S%Ti)m&_MHL2T@UV`~V0>26RqUg?LPmD*RCedGTI}kHvXCN1t8FCIgQAjR
zaM&2eKP0@eS_Tn{h=_>d$?<&ucV7|FL18YQmlfM1^?LrR3rD5hJ1jg>+)E~D1ItNW
z&2YCwmV$~paP%->6fg8sKNDD72iR&yM+zf}3HrfVQEgwuMhFQhP2Ki2p)GM!dLJ>q
zjD}Lg&=J!J2?-G$8IpZ)dgk=GZ@jvX;h|u~_<;gT1Q9D*bVd3)%!1e!1{xYVu(AP$
z6IAr>o|lj?9jI8<_8!VCxma|Jo{G>6Q9@EKB-obt8s*}u=<tu~!JfaDJFP28X^}%`
z#zUe_E+R9yz7*7>qKZ<?SQ-Zj`AGk?EmQ46Uq^c~9;CV`q0@u3#;ZvYLr+5!#(Fy_
zL}Y}hl~PqjrHx($8&lR3)B{|>z_F;36BW_mpb9=>KOqqpkRjl{Ov{mm;6pNS?X>^j
zD{C~nRgbX5$^sluHajD1^#<9m4Sew6bE$Lkp+Q8{(4->wl*?VG){P?j4u`uvK=*1y
zi!_W7ikD~xDArIeDEgtIt~LZv(qab@k@{KEifd(hS>Ua!+N7+d(ZD0s&5EmAA6fj?
zKa>C|sR*7g>f$Oe?*@7=*zEPG*OKz4oK8*;`^MQyVa*o(OD#44mjzuqD5>g1e2kcm
zSA|S`A`;CFz9%O*L5a(<20AVzoBG4`cKMEoHp&lLYAOJwq+sw}Uvx89^9ZD-s8h4^
zBY&v@qqHaN*!eTw5J_hcXBhiA>KW?9IVfPbHTdC2gA%*cp<5Qz@Lpuk@tYxwBhr5U
zy-wH(6doTh><t9a%MstG5fHdp>B-IEbJ3t!(Q;)z@L2CZDU!nX_GrcjY*%&se1O4?
z=JNbGejhF!>y`@93Kq669j}Lt84czLV2r-foau*0s*HTvv9V};X+_Q^K8~TcTu+rL
zo<a=QtJoP{wjv#led+r81a_cDw*9u8=z}@9Q@q)5$#VoU0>O+4&T~A*lgFs2Mla#@
z{5SQ#5k6af!Vt+}`q(q!`);U4w%KFE|EW)mY3JY!->R>@!Bn{xdsgC#XtiI})QmS-
z^F{n&?_lw<{qCMSuVb4%Af-8MXxLKHjPEUz4#T|iO49qoN#ORQP4w(a1TdkUJn-;4
z3^Ar~3Z^fY{1Eaz-0*x*Qg{b{rq>wTZceZ@!Hw9`o-w?D%)H;BTOVbh^OCg+3wSwR
zkC5+&j%F#^MDhy^*k>@<K-l?TfYcW#*0zSz-1i~2zL#7^#Esum@%MrRfl=rJ$6g_c
z>HAtUohSj;@25xY4}$uUMmrD!okw*;tBf{CgZ&72OlrQcPILLzVtF@R#@3|ofLYav
znt~KFIj+Yy8S{L7A9yjoKc7dR;d|u_w<8=Pkz;q5;MDaUp=bCUDZrS0#_AB=Pufcz
zZzu!5|KPHKxb^ViuY_Tk)MUge%j3pS({U&p(saS%{YC51=uu2IwZmP%n9_U3rQ<kM
zSw;&4gX<Gj-w6mrRl9n(M3dt>RJy9681`1r3g67lgc5h5>G?jw&0_NNlIncL_tVDD
zhGYL@=?c|Hx{l3oGf-dQ4gT+Mp~;&5n84v?o6?9q(5dVfn$Nl>@_XY>J)gmCimIZx
zTk26=b=|O3GcRdDIvm%Q`;=S$zVbqGV`)3k`c|WzD0Ec4fY2jc-^K2+$~aq3@D|$i
z$VM?Zh$TyckX%ntHQQPBfw*nm5O(}F$~8A|I8MY{-{(f87wA{JKGV}^MOzXcSUyJ(
zKHUbieUubvX7;^>xVB(^+y0$sed8lgb>hwj1UDTQs2fjjIJWrJdUO3)pi=#_RK7o#
zZHsqnn~esgb!c27Ln}+^x#7~{v3-H|GiuMM`>pP?U{SbCQN{+W9%VP9Cu~bT(S5uA
ze$TfQDyjbprxFoi(ED&!-}SlE%W+ce<R<&Fu5m5qR6jQ$Ts=3u)?9YbbGPbHNG*W7
zrW@dqz2kli+J0}@98YBCW4P@h<x{bsg}Tz3IHP9bfu>5Q6;O2vt*yNK{bkZ)O&2c^
zefKZ8oBnupO}g^kz8kio+sVO?wS8cvk9pVQ54ii)40Zk2A*TD&vj@lfz@@`U+>V6h
z8W{Vo4?GvUeE(N@;{8=-?!g!2>p}Nx$>G-iHpAh%d7TG;v-8SE2ot)6U2ON;9_yQn
zEFKx(BUDN6H&X{$^8Wd$ej%?s`qtmYKNcc@=R=JnhX;%D{?p3-*PH4_>S~BY16}Ul
z_1JfBOYa=sU%2k(7nc}2#JI1z-jpTuI`Ep4uD=a1x4rDxr@H)z%6h(V(^Z`A77LXW
zf0T1EH3+?zaE8g*MHYjkyxyL9l00!a>Kr+H^t<tx`E?_J=-x!ZT^;;&LPKmj2a<bX
zS9M<W-7}v0DwRtN9}-`Qd=J&rK4#DzQcR5xSX&7jO!2!u`(=0>4u{`P23zm1I`zu}
zNyVfkxH<l*kk7t!{SUa5?(PfLHm#rgy5F31-?xDjrF}hj+vJYV-ih<hYoJBEsOm7c
zfo^#1fbvQZ(1qK3{@vOPhu@YKzBeE;p0-E{Tb+*Vn+1xu(04aalxK@fK=eDmBrj-c
z{hB&{$CK&?_h3-V@;!d+dhRIYq|^@Y!K((IcATuTJ`6{Lc@+-mH634GRnEo657@VR
z>7RB355bEL-@=LU8-@&a=?rj`@$(qY=gl0SMTBebkK!D@Umz@)4p=4A?)dC_3;?%0
ze`)oyTS4Mo$?-alrKaBPnC-f5DZ8F0n8V5^hBk21m+DrokPF7CwtErXWZUp%WBE~U
zr~ei3NNz~%t{0p#I*t0kc+E9;e6sGrZ&`jxc|#G1^=i$rxIgNq&lg1M_bVIAEh~<_
zoHx3go;TY`*9%OJmop!gM(O=;J51&S)7_G^{lT#Kt-w!$CWhOg^4;11<7xD#!zDAb
z<H{f8`~FV*{Wi7xx7)YLdM95(KA#)NsSj7|8}nX|)9KUsIwyLvtp|z;ji0Gf{K2c+
zmct+OZ%0ei^tPK3aKp-7Kz7|fj7XF;xzq4@^T3|@Nm_f)mu~lkQQdwHi%tmKt#*d`
zGbL)RWM~WWUNUKOb(mW04Tcj(Zk7XkDp(82yS@Rpt*80kohf&?#{_}%yHCo*cj^QR
znKNIt6zZw@h-JzUZ*A8`ZY+buv9dzDY~>EFwh@$xB?f~pHYT=|{aL2mj>p8v^UbEh
zR{0rw6_Yc4&9A;g!S}9DmdRCc;25Y0qMBE|U(!vfF3fjlhqHO=(j}Km820ji!7tg&
zfd;Yq#XK7q3cQZck_%Sr8tV=0%-a$!3N<@t&KC1gPwX4_l9a`X`qlhTc)<^j%ext^
zEPRuWa0L#NB>o5tP)ABt6R(d}^W%f%y3xkq?*e^$HkBeYz$#M8`r%l;6(})!y(#cu
z{~&O^;Dz~jcji?&^lk{DPRn}S*md!n0*2^*A>ehr^WQmUHj0m`tvxuydp-5LWNn{H
zxqIz%JSTuN?DL;02t4lZHPkZvRR5tkIzY!21`)wZ=?!zwVlqN8+v0}ybbh>>T+pBE
zvc%ro1GAao3JcTk31O`Vl{?>!*&Hcu+rO8zSo{=el5H}2{C}wW#vsd@X6tF&wl!_r
zwryL}wr$(CZQGo-ZM(mIUVQi7lRr+xiKrd5Yv;+z%3N#hb}pu}kpQ&%DG3dKb$fo?
zJIM+9oyCZ{T46Xf%))|s^)47n&1g+k&ma=ch}*kNGW)ApSc#7G)I{H)?W<xIW-vxm
zuSgZ3nW2Q3%^=qfuz=|EU~Nv;ovJjvz2S-An*##7k5$Us-p3T8>D|6`S)Se>N;;`b
zC#<>sZtW#jz>H6NS+fAe9VNkaHCguXYl-7=a0^NlQP+vn9oyu)K9LQ&hO84DCoeS1
z_X~UX&+b7+rW2kV)ta^L2p)6@;(C|m5-YlEc@P$Gd%&GA+we{Ia6Shp8`%Ma5_W0-
zcgU28WIQ^rL^mAd{&@dW{oYQcMa{F*j+&;+7PGqh#nHz6ZI-@(N5zK~nWm3>(Y|6u
z1n9$mBY?czPJi(4O0M+?f2j3VBpK-@!26WNu87s9Q3qXS|9d|MUVq9)hAVeu<N@8w
zsxG1dl6-7z_|o>|(0D*^<V^OUc~?e*?hCwVWshcD%-x4q>esH8BRV~(q3p>RwG12$
z7B4ImYIaN;lsBItd*|5Y?k5w#2}2=ow$C|{)eLRXSM23j^HbaJSmC^i35d^Iz$RnP
zR_?6Cc#$awAFkIMOE#NXJM48HoSe@=YxRW9A|>s&I&L8-9T<ofDQX0^<Nk=-GqRQ)
z%{4R~u2OoQRA#izQOjrOX`lm1&L}=@{@i8r?rOS{*B>I1GPtYxd3^F5a+HFBoQ^zy
z2U$ANg7e666Tx>cjhdO({n!2T-acAe$snx{*#fIrST2q-fv)0MvF9@0Stl|BX0ugv
z@Yq}_d`96fZPwGjh6^|N%&acFH-t32rqG0~FHPt3P^{a3YU-i>)Il4+D=UM@7NR`v
zCDdIljody6x)9N@;3k1AlB(sab?Y*5H9FQ?z=<jd0OI=W>1=e-!rk85uQnM{=4-+o
z{61A~Hv0n;nz7<1<`#^UZrq5pei|`2>aAszg+gB8NW{PalI7tzi1ykT;^3}Vf}=2E
zxZWo?sg*y6z{${~WgM#@i?-m*sgE8{+8tVxQazLmQ$ZivFYwnT;pT8pSxl`3u*w~l
zufe^pR`pLE?aT<yaaN>&CbGeWj@1N>pu?JA5E<(bQH^Z>ps3DBkZGg{G`;zD0h~?8
zp-s_TL1a<pDz5SMR_MtMw4?a~`l0cmotx*0;|BNxu8{OXAI>OeY!pucC?U&6M0mZ#
zivi(mhccGbH$}ped!u0iX|42vO6_}QDgJk&dTh2%P6$V8cC%0P3EP?|hJRZOOW>~A
zCSeq&iUEI=lE(SdXy{%uZXI*xkO{xckxKTk(;f(<H?25uUG+}cY$Gt(yCOa2s`>LM
z3j!7mo^^lo!2(N#8EbWc%CsmayZO~`1LVzKQR`KngW!>T4;S-*KS~OE5mnpB*6XZ!
zHzv8ew40Ke4XMK;J7cQ2dwHqmYz_zFVq(=H)gum;&&?g7IS)kiy){>|-c!he<gHeP
zIC>G?UbFbqevr#?DoN;0r@(9ee{Zh>6e&8JghP^H<U}+X>depCPnaI?WHP$BE#)*~
zBXHh%`q~V8U{VQYm1wGQ2O8*(jyh^tY5-|Be4ubU6H1yhOm_0^TlQLcR5BgTwO19s
z@UwfaO}KLRG<NoGBhM$k%B)^O6B@>C$x6!2_p%?^=T~D73>sFdpTQr@KjBTLzp(|=
zv13RkN_RcZ9fj1mXZO+pmA@55;s2@JnS)OaZ%6o^5ca=1UFkM{q(i)_!cq^CE(b7k
z!Lr&-SeU&Bmmc)%Dklcvty~Hno4`<jFKVGrG2bqr47{DmK_GE*kX<Hv>Q~(izu(KH
zx4@mNQV)1N%M3QT@B|v`N*DAs6gJG`PRdvdVr2KcLrSTi_Z}Q)3(mk=%Qrj0%3!}I
z%2kls+^M_v=Kc0zt?s;02z0>;I@a-qwq9@UrNXUEeK_>Pj7VE;Pis*Y)&qx&5%>)f
zF^S`$=k(y8)bAVQtoxU<0e&gBsXh*|lhE}nZY)VLMq@P&2&C-v(oUe|=;h$D?8bU}
zV2KrOaCuMo<s(6LcT_#b`@1W-KLN)Qb*8UqWjm<h$`f;61}hR3#?XGiEx>$Kc4MN<
zE$lSV#e`N!{|UEJyAJqSsuK_CDq=7nE~kX<P`(rVd#;Xx>m)WHGoJxlkvHDjY$SQ;
z{uZHSl?IO&l%D=}wbg}kqY)r602bB){2A@AKMT1^=Fd1kU=DaL02vQ$%bdRxGnbz$
z8nY4@6eavJLy|xkOc4nPo7hKXp&?sdN^Cl)s1Xnsn;YcXN`&64iVcMAh=m1EM#<f*
zATEiZ0XdmGHB+Q5pGU{rY1hqDhb+Fos<WDTXtTqRY-y;ts0LT8n7-TdmKAQVSy7{E
zc0D2XY7gEifo48or_xO=zd!)bi`mu?TWlLpMKbMh782fI)e~sycYo8x4f4io4tVFE
zwIyZw3$)tStaO2l`pip@)o(xaJChQ8?(<9W(I}gcVF+_%jvjs;dyw?uVRGrsvmiYE
zzH+UP<M~}K;Dpfbf#Ll)h~t|ZA@;{O8>(+Niu9)Ih>eTiT5jjW8@In|%?C83ye`!@
z+y<7+wjCfe>?!Zd*GYG$!Mq|hLnvw(HUlf>@}6Z+exsG8;f$28sE!SgcyGBm`hFJG
zi}13N{m@U~|L)J*eX$SNFRVMzky*3;#&j79?Z!#!#hR|NhvPNc5Jlh5WBOMEL;$~V
z<Xe5ntR2&@J;s;n&V;Py&z$){@@8wT2AvnAZ2B;9o?8L3C&Q!g#_Ou3orc@lTxJ=n
zkF}$4>YsV|?+<w*yURihF&W!11hN<b-mMH}9p(H$K=wzq%$$%c<Wvb)2K(!59JAyt
z)KB+EJ}SuDe#&dYnnvg(<&ZfbJ3nWYWWo&8!^`$Z{+Q`Y`PNg@$(Iu%Ii<qo(IJ$G
z5R@{2wGJn+`g_QivzjPGr8XybgC3RC+q?bLE;F2kB>kg|m|Y+nxMvJUNM`uOUkp8M
z-jMz2bZ-dyfy@lJ1F{(5BoSME8kR^uWD006H?rlKZSQEj`hEMiUKuWwQ-1Gd84H&D
z*&0(_?1g%SWbd({hj(o)*EW>&E)dg9CS=wg1~8cPmf;_ewaB&Myu6BXd7=mCNByXY
z<9Q65CPKFR0mcO-m1ti#b?fn#=IwmvHGKB$FCe$ooe?;l!Sx27g5kw5T2tAPdpyr*
z{(*NwW)&IuWfg>iz;s!J%B)2@?#C0sMhYrEV|`Q|*B$$V_PyB_!AEVge$|R;pxNH!
zkW)q;VXH0?G1;(T%LLpZL8i=>(NlTU^8<<<Zp{`$-X=>y84dt9EL6j*dTFx_Dj@kS
zE-ud*n9gYf=6MY#f$eFE)Q>^K7ZYnzkV?SL&yRr@iiSWkLQ9!z13BGVQxq8-Z$R9y
z9ZM$bb$|kqoM_moveP|o`#*?l2-ZU`+uq@mnFdDIpBORSTrf(N3JF+#egPc>ria*E
zEY>vTt1{=PQ$tlNTmD5@E(QCyWcZV5L1ef-u<S+3qko%FUACN{imBcp=qaM;T2)=B
z(mxTJ=Xt7)C!me2)xs-kdT=<Q#&3p+SPjsvKcCu&W=(hGA~EP=&sZUgQCW4`eE?+&
zxsSbFjPPxK?U&jsH5)UF>aaCUx4Bu?y@a4FqNnH&uhZ_1Sc9A)o~KtS-%p84ALPcN
z<$2#)Y)DRB-q4#8a#KJGgSqUtk>QS*POMN!TTE%aNfX_y5alvk`EVb#5B6XH#I*C|
z9T^PAIFL{QtM99}2YKjqngK=^nz%mb?<Oe!R}0`T7@hY9_le8KaVPXje-J?G&7?!)
z;jXxZO+{)JIHwK0Z@!}ADICqGK+2PXjfKB~f~G-#V1)gQ!*l-e1scLpnUH=Qh$^o=
z)?UA7>2@W`?}qKcQiK6|r!BzDKeud?J+J22+n=1cuy#bG>=1LKeb#W?(JrLflG5N4
z(8ve+or{d=5r-H=9lJxK)qSjt+5Q>p_2P>+2bC{?vNGw>WHy{2RhrDhlFvGRpB~i%
z=P^2h*@x~h*`-Y*JLw_WLu<FHdmnLRx#s(>7c(5baVa`65XUe<9j+n$ksM@22=Vz8
zJ@ccP>1FAbW&Qo)FzPk@f(ZMbpg$Zj(JnJELQb3*a+>bbkw;<4@`!`}Rh5yPNE+)B
zgO9X<8#{Nv79AY34K^HyZI8$&O(6UAD73vRQ=8$KYo4L1HHO4Q(Y;|)S{2O_5yjCb
zT?r95E}s?Y)~CMXIiJ5;tFGhCT=@i~J%6zF#*W)oHbt-oaat`m)VOk%(LG$Q1w(X>
zcl|7B_Mgan=>5MbfSmu(E+Kd>G1Hf`5SG?wnG=yeqUJG&uSh3aX@=_qy%Ua)Te7%n
z-5$N`3iYs<+o9NyspOa06V$ocay=eQwY~+L+HIgM?B*`lPi94i)ol76*x`*AAjbB&
z^SW-nj&3~TXLmpT*>D_!<nme|aeWSZD;=E?Fo?L~lA{lH9ocnW)3(8LVHTMyuFywp
zp={GmPlXqqlFMZTeo3;_oY#09e36tHa&U<n`51%QDPpOHEK7C0Mqk?z-tBLg85}~w
z?aSq<&?~aTkmR6`Rv=k?=ClN?ezV8YX?s+d^kRW|P3xGefBxJ08qXM;jT&rf+m6V}
z^9lXtEv?y7@97$^v6mD=dNWvsg0}4pr*hqjjTVg_2zqM1+QSJ4WTxr%XM6g@s0|RR
zCRcCynvF>+RF9Xccc)=EPjbSMIHm_Phu%gFpC-ayaJn0jTcfDI$*aHuX-=i0Y6@4-
zPGMxM^(%kjMk#>!41!3WHf?3AcJt*je}3Eve?A%UD6UVO%!{PSm@Jd2mNPrG0l+ky
zD{`e!j?=}C7PsviAk)(lIrx4+V3PEwpZwF3Inm{K;hbAB{yqf15w(gP3)?cTiGj92
zJ!prUi%!H{jgj)cY_VF3f3ASgw7J-*he#fDWU9fdfxf*j-PLGvqrA2TOgC}lduNGC
zyi9RZN7g_A`MWy2U|Y4`>_?g6QihUPpj?64X`N-{rn@>_m7ymsQPQPC*aY4<qtS!P
z`Fu;Psm6v`)FRTc9A$n^8mvcivD%FCIwaF*vkedyhia8uwUS*4sN)qEZnL>&xRRbD
zkDTm#b;(%kG@(*x+9)DWm}P7gNb)05WxxBIwm%$&QeI9YY*A!tE?eYuBIVP6uu<h?
zwHhLPbbmQ3EmYDfG<oX0Ve4F9(#*g3aWBavubvH!Ql(0n#p)LMson9cms$fdtNQoF
zMk7d_G=m&3O}IchNKxCnYmpH9TC+_bwTMcd2o$4l2xs#xa1~M7qpa)^p<2+TC2N0N
zdUWxf48+**WlMi%mRgfH7BdB^QR7vhktn;0)oL({c8s7R<QUdUW#3gLw#|~r>`@u@
zT4SM{<LC_ZSeL%@#ota`tg@m94Q#W`GAxZklKIq3&7?)PKILHM3Ke|H7T`IE$1ro#
zK@q!w=!p9(ob@skDSr0?VwyWHxjIv{yG@oxtK{nDY07XogY_#wY{6ZJ^?X+PJ>F-%
zwGCl#+R4JBg`nXn%{;+%Xk)n3d$v0336nvl(Ofwa&0rRtzx5F3F0-(4WFi{3j#d-J
zT#5Z0Y81W)c&i~<8%I*r+ktG%dXQ)=mFiKO?+$t~k%B2#+_8vQ)lAZ`7Ke~<7k%SD
zy)lNr{>h7(>X}^Z*lCf&<`5VAOI7%vidW1?8Xj)C=~*r(%(ip5)aeSp_L6PTgD$1d
zm-SY<fkOARJ+n9)`Hrf!&F0%-E&&Gg4@HO8lq+gu+y=}Y{&tDN4MONJA;s#BuQu7k
zuqfV;*qN;~VWt0xP(33K;oC3{Qfo3mfxVmV0JgC0X!zzZBQw$WIKEsDYQk#y?GO-H
z7<@8cgtK3ol+@Z4xqc8MX{2>bGjh`{v<0B1<8Q6$k|$r$Ts~FV$y3Zk3q`qHeGGt{
zD;-i@t9m$a8OpyP@>uJ2ZnE0SyxxcqH08Bk+cO#5Or3ty%>iaW<kk8ash_GikGVaW
z9cc%7fx89NYP^p+$Rs7|9-zdmx_C1ECQNjLMwAQE+=FhXy|EqRyAdE<;hm7ju!6RB
zFv_iS#~Bc;cv@=B;Qc;ldrZ=DHKF>t>(e2Zg;?|%iyo!;Ca21QolFx}rmM0eAi*3p
z4+!jo6leeEwQLo4jHE0dD>lN^nE%<*h3iXFpo}7x>rYFn8Rh}JUz&@0Aq>YE4F{y~
znSlD-3ti5lw#>YEW@pAdBx*SiGF>1X!q1FIO%M<VkZQT8M_u;kHR?R#w~dnCR3aea
zm+dM84iL1KW^{tO-xtONs0E_HCF-TmipFUoul<3HfskMgOot~-#-4XGGm#TBo`pRh
z)`?!3DdTk_&xS<gtZs!QO?Jra<7FQceAA_2(Qih@Z|s8cRM)QUJv=V`Rq0RsHR(-H
zL7~kBJ4E&hZ=m=1zW(y$Ptn)LLq&a}&A*+SeQnAjXat#_nwEc;b??}E0O-=-u$+L`
zEV+gitG&@t9}7uh?r6^gXU!7QieyDOKaYUzO?pLo363YQr10Q-jf_(6Zsqck+Xqt{
zQLAOV<vr*+l@iX1e>^_^Fv&81D%eDDSS4rrs$g!=s2^VH!;y(IJbh2bU<APzE9Kmu
z-hGnofsskv=gE8bw5Yp&qPo4*3B1FPrg$aZ)lovoGCTz^{=Y0@M0T$E`E0|!xLeN^
zzD0nI=HQ%k5FiDXKV}{4R}~8(rrbw6z~N;A&`*Q0mlXv>=@O{Ak?Spr#@R?7l*x`f
zq_?_?kwWjzfr1(DX#|qlW#-x3?iTG7T*$tmO{XdK%Xzp++)D3rXqZDL_Gnv{@V3Uv
zx-EEwL(5;UW+?o_6(Mk!63eBo^VpP1I2OqShIXAB67A#ya?U>DXD*B+C$*S)s~5o)
zoG_;XC<cOI4<GTIEnI#l4Uc82E-@Bf9<X>RCRq@xYOa}#D(lkis}QvzURdlIPirw&
ziRm=yU&)eqRhzKaN13r9<VPny*LtM^Tbzf0YWsLu;($o}dW6aoIqOxtMVuEQ@JidW
zq)TYyF7g?JPlEDqq4|tgZS(Zw-?!-lA&NO%1z-FQb%Kds!j0<H4fb8G{WO+4_y2+Y
z`1w!*N+^~v`R1!bmqvY6C4HtWNt&xrM2g;)oE{WNHQKD11D_EBY7D5LX$s#L{-fDb
z056x$(KPfPW1z_>32bDkS$z$EnTxvQm{L0N4_t_*CHhGE2QKt-jGwFe?jxg_#$F^M
zZMih*Yv!XZ%tvM4^nc+=|4>AJhQYE%oBT8Ee{e<kxh+CYyf3PRc00WQ+0c#^mf&AW
zD2qw+|3+~6afJC|8-<02@<~WY+_<On`pZ+-ej<=tU^+npI6eOQDUdOl_eUtY9j810
zf1K1y1Uxw{t*Eo}6P`{w>gt!B7;|5{udmh(2F?`T?J}UIwi)bHz`rm|FFpaj<S<{*
zCDyB7&`Qix9Dcny%w}gohfGNSxttu?56p5I_XnLdcC;+@f6!T_B79I*OKN60{~HeV
z&y0UCUq%gP#s7s|{p*I6{s~nURE_@!WW|>y^m7TPdUYnn|3CYG)~5U)q!lyj4^``b
zR!SsShA{V9zan8OKkbbZVYS5?2-T+t8D!`XJR(#egQknV*7RL>CVnPh%2IWYPalI}
z%}Hc`F_7rUNjcfz_)4l5)9(mF8o}f}X<I(~w`b1_W#x7|l+G&rN-ljcG-e>^t-L6e
ztmuDawR(BsejsU|_iIuPA7lhO4$3=IC0E0rvORv>U{C=?YD9>1Z=JWUw_zRfy!0IC
z-fA&5fN<JQkX!11e!=xT!`SdveCsDj2t5sxu-Ol?lgnNN8B6krG!zzma|oJWIe$Fg
zP266MMC`K2+pg8ol5#&o{$$IbC?FoUdzOmwhY=&jsye}M_6Ws^JzJXDIbkVcBj(~t
zj%P!`-*1x~MgLjz4}u@Rx`gwSM|x$&r+YpWrMr46DXjwJc(@3O6MWNOSvyRnf0mqd
z-=|0JxOh330z)w8)Uduh*|G!<kH3$bqdPPU+r4*<P0{pK@PP2F#b)MCJ!=ww)`tvg
zYE5Lyq<`XK3bivh%1m3WfAY{`vjJqO`hpg(2Hfy?&LVdxHarMQQP6uwDYO*ds~#QN
zblD7obWx0KKVevms3M7j{jVeQqWrU*Wj7Xk-^jq_;S9H{g(*q3&Ks!{H)EW%1SAZR
z7ap_keh{g4*Y_`fh9%WJ2V5J4NsE2j!Rt<~?O$I_@xuW(R&r#9;+H&TtG>-L7kjuh
zoX=oP0~88NFcsp#wx_d#UADgg!6bgqmby`9GMq_8qOZby1i7z@4VX0bo3spQrw6c>
zNQvs3qhL0j`8vq(VlcCcZ>~1m6!<$&zQ*iEnbOF8-OJ*ICX7UinyaHOSE@zhNSfGZ
zB(Yn+rry0ly<8`$=9zb*<VfX&&vd^7yx&X6@p1zNgk%NEmq3fCDI;uozd9LpRGzF<
z5%Hw41I58`5HjEWqS`2K!k3+Ev-n_RlAcpo=Pk0e<YE3NHh}>qZ)|Mv9*fp|;k=w^
zd;lTD=79X|@!?%-G!MAB(QWZ+@j4ATVY!jAm@~MYi>a`4pNZ6)(iY~NYcOQ39H$y|
zs-YUB$i}08C=V-Lv1ViWsQooYwYPl#wtIWJz3=a_HM00FGXgTQJkXc}b+hweYk$oC
zd9#azWH)!2Ah!z<AGCxJL($MPG)u~Ew(dnfjtM*blw)c*KXtr!+H%x~o8k}0lO3`E
z`cyex=!q-E*1${Z^#X+1!i&rL@yvkjb5Uou-3&4w5x(1?8Q0-PA2iai!*rP0@drzS
zHzTsa)<YyH9G-klsMoKf#54GPxOuRS0^_A<BghOg+SrEG-H{6xtC>dFtw^HuEA9TC
zCGu=5pM&rHKj8yEluuk7!ufJ7NF)k#H|8U)JRR?<Z|@)6{x_80{D+k*`KB6{Bi~4*
z2=i||)a_qg8ZXu>za`7zQD699PeSd~fH+h2cfAFDL|b*uad0nN&?54CPiQv6-m~51
zAuJ6?qzCVexAm2_n{PNGZiW+C<*phiIaF+MaXW4yNh*hyB}X1&(0=PrsVfIbd?}al
z{&d8x(cQ)|LJL%EuHW$NfG!u_p3eiSH{IosUdWp-DEQyEN(|=uUE<)a1D3YHuc<!(
zfYyi&uF!G_S!iHbxgTMht+#_GMnb)^kTg>&i&3ee=j6ZKU-lI24{_jjw#ae@j~%uJ
zwUC>9q8&TG|H7ef@N|Ll{A7Ip-a5WKfgh4ja$@RecJcgtb?@%jv+O#gEa-+hP;h1O
zzgU-ro7tXi-!MAvGHZvM2eO_w0;i+$>D|smTU{SfiCK$_$J=t&lTno})uYA~RVolg
zwEy4@!(PC;sI$;;*dwbPp}tBsbKdN|JJ7%ML%h^EnRY&{QL1%&Q!ZDkM_6mJl=rA#
zPYreA^^DwZa@bca0Y)%G;&3>MNEspHrhX8(Po>4|-D$fXbho8;xOU}R!Z8*D%C~CL
zUFE6XOrn&OxAu2YwrWqvSu$}rpZTwb7T|^7Fjo9%&HW2~>&FWTV3_<>aAMB!^A8~g
ztfPR@cTwA!SPzTpXqcm+208@!+v?WOY)8i2r>ZHT)D^$rDlFQz9o{Rj&bS}y3og>c
z{)0=c?+3cMBQIh8p~o10rniVp#pL0v)Bm2x)_qd2)?s|!1GzSsxjZJ^yz0A(I<I5z
zp-RndZ3RD9{q$$>03?<1hLa~B$exs<dOZW$@K`BWO>4nn>{0XEpJ8Ou=V@*2I(10e
zPZ}ZJOKagh8k48wa6XStWwU_2zw>YW^i-QG4vRyxYm0O!E!_V@Z*4@^_4Hp<wr+s$
z7UHL+-Ez?nOc@hz0V|8~EN;S+%k%kjbevZ7)KB{5W8tssV_HewJs-kFm^Ga<9~xVQ
zkQsoiF2`<?EUqfTvdtYHpd3Q6Pp1xTJo!h^?T0^^B_+%Cq)MHGj{C1H4yS$}8?Rru
z9>7$IiIwy)bhmY)vxGc|9xI+fVKY(zBpfi;-aVO^jm%#?P3LsA%3L-a@5B$64qT*M
zw;UG;^rL1=uxMKLjP5MYITDX;Q;4}RadY&gqnrLKCUR;G#CmJTl66NZhplFdb>Vmj
zR8!M}0M~M+MbbOh9he7l8XQ9Z@m6oBpVaC}b9UbRy9u1l0BbKfqh=_6;%bmqSBAd^
z0L%VtXCJ{7ErX`Vxk|m{$xMe9_6gNIwg4JTg?d=|y9**Z;GF*box90k-<~~gz8<Tc
zReE@3{b_f&f@a9A<Y@?MhAX;@z37DV$XO`()wL;Pb*5=(X=OWjvGcL@?bbZ?YjL3U
zWHNz%2fc^1y8Rd2+v8<)PzIXbxZnzb$2#rFLOqYS+5-m9yBlqbY69I!tMkShb-u|I
zSPUmvP1gh0G-nwRh!kcwyY_0cH;Rt-Gy7LeSIw`;y|->2d$`*`V3$y&zRfN+WEX3D
zGkfx@q0N6j+WS}8QC`PWCIkR$guBmR-EP*aS!pGvCZ<<f>@HX1p9(GEOrVsVOK9C#
z;+_+^vlNdBh>?dEroFaZu``o&9wcs(B7Fa{oeaX*&!)EwSP~Z+q8l%w+1z`&N=-V5
zpgXm`=UpeNY+kq)K?8j&i|CEQV^=pD+Tu#Ca0TUz0>ev&#Yz&r_4vQ5UU#Sx$y9{Y
zGyx_G^7Bhdm^4TDbhUkx!i;7njr{==Bex?th7^@U1r`-s=$w@x^X4YVbLpoTWk2E%
z9B>#A$NnZ_(H>C{2_}NK-I6!~u%J>Jq1)?A0RV{huAdBV!_tF!4J&$9+Q9oqH3AWk
zLAlkYV<*e`7i@?PBd~)N#6%Ca+DYrT=)9$9?w|BPK@q6Q<bpO^t-ro!f&1wC`)h-#
zNOimvHC=0SA{)UcF?f+%bSRqw^NY2Nfd6e@tl*=KxZhZrhw@(`;GPgwqRXd2Z#{ic
znk@*!iwdB_#pH)4fs4KGFP2jXk=bk*GS0<f;*rCfoN(lNMFh5agtenZK)gNpscQ!T
zIPBveUD*T-G$?KNX#Q<+40jBJ*Cf?iUDALWy=&FK#uM#Bx|=x^;`cD>UO~;*K*?2F
ze>GybW9~ge63B-Ye(70M5(W{Md{;UsdCQtYR%*K5eJ~>?DCDI~U`J11k!L>RsM`t{
z;p1}M3k0W=O0cyl7^X%}5MHYI13CwV7btl%c6wjNEILv{+P)$jeS+4NnU5;wf=fYf
zr}1t-6;y}q!OGAreKWNu!W~mx$05Z2*h?G2i%KJIeeaWlF6*~$^_3+^^EWMj0va_D
z{=Y1i2;7s>Pnsp{X!JCW^WTI18ThZk&fuef>n#H+SL*+9tbe-~z9{@lH3&-|c}>+&
zX|pWFL$V5*8<In9DPvy&>~ZX==$A4#)HKZ_6^^-u*YH}mg;85wr0@T?-k4~<X$dy=
zV9*5p3W{3ODF&-Gm!vYMuM96@Y7z|jxjHdLkYleyEnvZ}>;3c89xEWigrM3-Cmd3e
zK>`*YzbrfJGYqz7b9QI!9=Iu4we^)Ks+Q#cO!{9FpF?;t0nC^sH<uG6`Qp*NF9MZ*
zWV%S>MVolii3`LGQ`Rvnt$(P9&uesay3I`dkq2@Lk+tGz6ym^LM)HaG9b^~N9a33-
zD$i1%&QGm?Uk-Gpefd(J%&z;j3vsFyP~PK`v>kP8lhfWF%(Pu;xxBR8UoBiPXL^EN
zdU|H>jlt&QO5L2*3K7*p;Ws+)7}uO{y2Li#W{Ify=%Y93&I<RM@&DJuH?nsopx39O
zx?8VGKrJjLM%2iNSYa&H#>@;{QBhIc?)_o%(PFj;zqmj$+!a;$4<ZD=xroxwQCNUZ
z>>4&>V|kW1K)IX{!yW+v+{8UQa8Rfa{oDaB!KlKLUsVzY;ESJ*z9lfPn}z~;4;~)T
ze-WBmZB1<;bgVr=_zVZqb`3c@zh4jm0RzlIlk<e`IX^DDTI^ozZkCCdl<t-_!OhYr
zU1unBv|hNOjP#yLL9XBh3l%Xk^@SKcEw!(IGLRw+S!yjSu(p=&<?S@qn;_0SbaB>p
zoTJd<(4UYZ&3cJqu#AX{30%G|jBe5xl+r;FF*`md0{SKVK#25cIS4g=7Y!MbnVS2c
zxz68Rq}}lYN+xbY=zlrg4wwM`2nY*7<?HL~?(6-rSm6zE_-wtprslxbRyKuuBYCZ7
z_NGDxW;sp;nf{VIZ)!2<&XFZvI!_wZZA!HouNU!j<r@-_iIoUBNR{rn@^I>_W!}3Z
zno15hAHlsCHrprUgfq5){1mH^`8QC^haelJliD$Da9qPtf&OVfF^IC>NPiEV+b-$g
zZ-u-9Tk4|U5-W4X!_rXVeJ*pwn|9EtZP-p+kYbn}m-oSX_gzL-8Xbrt6#A)L-oz{y
z?7}Lp7O$!OB~CSY=$kF<!7Y{%+$%N&1nN*Ilpcl)$%kx=$Ff{?)<H!D>jDT^(SH*}
z^oOeViSuL)Wh8N!F1X+gLmWfc?=@}GI6>EGh5GS#VXj=k@TH}JiZq{x!s~kaLeobd
zW&#vB$nJO<0RP8$VFB4K5K;OyfSI*p@OVWO6y`M(N__{mxAA7Ox!(zm0x9U|X@UcD
zz+!bOVV$qmW8%EhcR$WR*t{-5%9~E2`m!|SB2vJ7WYPmHXoTUhP=fADocAZ8K)zDB
zV1}alXR91kxn!F9KbSS^f~=zubqZWsyrq(}g2~XHcAn!J<SPZhE>?Ts7QkADvM7(?
z2e2dhYt#EKHg#-2%K9V|0-5PcPDa5yZ=d`~fry-Gb3)ZApL6$n?b&L5Xx&>XeccR0
z^p1yCPFQWYyvz0iKZbtmUtPqJn^gt$=AzxeM*3DqgE~`Vg+NF;=Znw8t<E&}G*v_-
zDT?Y%k0Z@4FY$Xy5z}ODgK@W*ta|D3g1S^kAVnPStqJ;=U(f<7+YtXJ7XA|vZwByV
z_c5D&eSa0wEk)0k8&ex_vaz9qK%oZu`SqDv{+*wn*Hak<X(;~i6F^-fH%ayjiclRO
z8wF!=!Ys&ifH*nV5e)jxEH|nl$v}3NiZ*=5oFTW)PCIRt8m4KBtmgJ&%T%L*T*g#P
zGbhfs<i2UQdxS$?ec{LQp2O`z44G<{+u1>B0GPcOV;z%PDvJEJG}jXKXKkJEHB;U&
zH5=KFI|H__$eTA3dlu%5$vByu4T9xWOW(K>%yfo9N-_}(&cIr}Kt$M#ShyZ9U5=S4
zE*U*q`y8&fNC!{qwSbk$T)@dGHC(lYW@mQV34N)jj+ja#g(?ICDTFYlj`Z%_r8oaD
zV;2omj9Z^)`Z!=i*!Gy*=YQ`EFSiJz@-P{`L<IZ?M3aO|Mh3)B5d1Ry+x0Ox-?Zcl
z=wIfB^5N#*i)CGsCc4N9Y*Otv`x25x7(WmW`~;<jZzj?T8EHvTzkVA#Dl_rz2H=<A
z5Fiy0J>5YSh9yV`>nlJKeVei$LJu8q&#izTmrX6hQu3RuLLnn>A=00^85h)%3qP>_
zXQ?PmHepXD9n!-7s(8-E`6M38Q;wsPMO%1_Hk3nGaj|{RK)g)<u$FC&KoHW0GLNy3
zIGIE4T*@YCk@j|6><umW3}libYzbM_fUG8NsfVT5#7wWt@1P7%t^XZ-MnwM!J_zJD
zvchJifpF_7s7}l{kYe8(8sM_&(Ae;vrUK;iOQRsvq`NXD2|Y#K^oxXmX*(Q{{bVvi
ze#4=^{8EWi4;X@lul%{5u;=Vg7Yoh#GJL-JctQ)5$YI7{85s~`1ps6O!;cpE1RQ~%
zjrkNs;Z(5S9~V}jgJ<JCw-!-$Q(0`-oHKi9K^Q~TEAsgos`(W);hZ;i?;qIbnNDd(
zx|tW}cb+#wjudbxa``KT1+^<bvrb-S$VWy0n-Kl;?ac!GM@w%ai}P8ufImolp}${%
zA*5Il=!rrYQC5i|JXWLrq<!$YvJZ+doq>fEP!^YmUkJP4chIcJK#5sWztQqj_M!YN
zKIH!JSI~QnApD*a8q!FNaHS1_YkO<1)RIQ1t2^$(F|`0O5woo>S7_b+3S+z?ltpHB
zay9`;wHP*6C){q`ZL6ITRPr^CEPxV_1}JK&au>3UwRU8ZXf+W#0jNjHWZ#Q96#T$1
zB^U*NBcnomu6{7t>@I<Pfm5&%F)%YswS4`6dbSQH0#sX$u$MtL><u<7%28g`ZWYE<
zx)JAgWaV5yf!<iJ%N+kAEz$q;Fop3&y;cM9NdxQmh9dS4CsN`el=z4O$s{Eu6UpTT
zD8$73SA6_L>NU=q8N?<C9{Hyup|9jo@~RNizyn#N!I@CqpaulUP`THc1~aAK#lQr_
zLlUv_3l~Zz6OZQ7983*PauVcA&LB?8hlqqnAQ{mn{SvYe^!`FBhUg3({Je6?Y=AH<
zd|+(@au~UJeqJ%xRvXxBouzMeNYU=Hmt$P25M)dfx@^(CsL(QZA@pzS<pP$Vw{_^>
zqv6n8(wcqSg}M5A#&|POYOQgE-3*g_{RMDrj@Ga*OD(8xv`E6sV3}d-?``^aRZ6N+
z>+qXeIi=SowBcv#Fh_j>Z=cJ>ud;^EmH1bQozd@6@c%K-XYkTEJgSH@Qqv>KeBpwE
z0+K8Gz5x>}sRSYrc74RDa+LR$xxiQ2)pe{fchXT?>)_H_e4*hA0v{gAqWma<MAn$&
z`bii?A|Qe_0^(UXeR=!ZDOGT>XaS{6%scVNA;hr;5k)hzA3VL=dt8V#jvFMZu-^u1
znzs{Ei9)x>;{k$nLE$W2lR#Xj%0Fe=E3Q{F!lD<kvly}%ydTCFKyq_X?1%y$0m9s9
z0xNA}YxCkDI+ynYu>65OV?%S0SC~O0m|Sc{RKtEr&I}fDp?QH^-$y9yok)B##hpf)
z7`BZ?S(xkK$y(}*(FsOco>Cd&th{VVZK|KxUBeKmCB7}Lr1@n&t*uB&`rlQ86u&Jp
z!#7*kZ>f<%W>SCM!H59ZsqsJm6AWK;3E;7?plE4nSO5M!Jh^|(0Jj1}&QnJ6&mi9e
zD1S?E_T1wo-1o)w8W#HHS151jQpRNaJA%Q2G0PE4B7xx1ypop5#vB=u;-}%e{5GzF
z899l3j|iyG@h)9d_GGQENuc!GYlobQewN>e4gOP{Q1{5buGtY3KGa@VSAZNv7?{9J
z;hZeZP<Thsg!2@AJ+v-JkK(C9ay!XV5!X~xB2qzfkECg8QRp{wnEFb5n=_~;xMHnV
zJrO>X)!*CLmjA|vFPDD~0@R|?`RcpyaMHUiPt3xIoeZ3EkYef{NCMIl%Q*3RkIq7G
zAzqWpG*JT6yfTvD5|Ktz8ud>E%fy7*4at>Xt{9b>@lE{6;rZ6fui<V+)Cz%?<0D@0
z^X$79qV>;7O?a;z|0nMa@l^nMy04PdiThta|0Kk+0llmXwVzDjV^DDjFKEEXW4DFW
z%fZ>xDGN&<lFzLUx4<-;-h=c^@{2=AO_UyY>n#*pGp9Lel@MqndrX_(*OKXkxU4i=
zA_S~1YKQX^w-BLUHM(u#fHKCh>xuH)|9OTle(<r(R=l%g@g;9r1hEJ)epThWGeM$%
zybUlQE73QhP%4;*>YLVUoj(6Cm8(NUrNaq28gRrDdEFe>=Cw+Pr_WG8?CQJ(Twb{b
zdCyu+`P-lHI<I*gJ;RlIHQ<cR0igdt3aYzczeo*<MO_O-8<N?aN8U3YXkC8)E9<zS
zMu-JzwhgP^c%BL46ZtK3r4~IMg=Kj9g%xT<8j(p8$Ma18r|-98`VZ8jMtk_Mg7rt!
z3><rt8;Y}rOYn~sJSx?XQcw4FV8%h98Ze!yt&q~i`f2C|W*Kxg!s$f+01-UuMO2X0
z^Ww80Kdo|k#%9Z%wdlv4>?dXYi<87(E`}E6uiWrJw&EfvKSE{?UnxL`gK)9y(NtG+
z^t`17r5XH|JPrfGG%sReEyyPXuppmOC3GWXZ1m95Rp3MCqn^{UF>nJTJ25q(=1&76
z0-AL8=z>BsYZ#G`3Dzz+{CJmtBFx7x@X_aLydB~(#g8p`v7rJiRRnPw9z%s8@b2DB
znp^o@VtJX6sxl16QQ^|!vVh_)QN!B{b8-Xt2=6KnhC_A8U}u}?ds$C=n;8Z+PL6zm
z$8sj~wStk-*U*v+l$#ym^2M?MQfaKdp*BK|m2>~XK_%#`MQBspSCfq9P&rf|yktl0
zO%6O6SlF~r&fMo!;hhJ&>l=f_ns-Y7y(GY;tbho)ZXFLHVq(LyTA9+#eD2?^Nh0Q|
zXo(eb=+7U7MOU&H8USQuWQi1tps>+0YORmp34wGAU<EB`(N~bFs;aH+Z29W%^r4Es
zTK?KbwL8tVdP}!<bPUXmAx*U8#J;&ZpVC<*y6_E+qwMIcVLWO)2*a1T2(j0i6JWF3
zqD61#D&qwfGANFTu8=FIeE;VJZ}X3XTt6+2BE8!n$Sn-{VpP=GZkwzo7|P8~A2`<i
zJ_&R$lGN9#(cL-FK^Yj48f?}kn{A$<Q=-@p^EM3WTNT3#7?}yIfT3%@7Gqnvj&U%Z
zHuy@dUZwM((FrDwW8y$zmC5Sew8NRyZU$aBiV4Y!!wrtifPEHN&SA0^cEl(BU_rH!
z1{MFD!TF0|X)@iHF{(tq*MECa#42Q=E01W<fAdj<_6p=jx1GY~^1=2dqwY&hY1)7M
zMo_utgcH}@GS{rA+sb+ptym(PZ@9UKKJP=U6HLm-|CQfC>r`uS&NG?c+hRLGrF9P}
z=x)FygU1P4V9;cD@S@*Xr4Iht{y6AWgHM&k2p}(FZ2$1UexbpL<|11?9QN)V>gtAp
z(+<a%CX!X>G2_g3G{+aaXI;;J7<lMo{I5!oH#~56()S%)y{B6`1E6j+pN7F+3hP%)
z^4f4)-Tj5I)pk2X2Q2o;*d`X8!#vvojXG|I^Cdq!E14PNY+hgiP^8plt=_fwAo;xg
z{s+j9Z0gKM6SRM<LVD3a?<#CXN)=yJJZk7u2Q`9Nirt^!xa=pNNdY&tiCIWVSZpCj
z3DD{s-k1<uz+6e|RI$ILtzb>WGW^EceUjwO!s6m9LIX5Jb4BJjHpaQ)hiResyZ4{>
zD{+PD*a_d5LH#D_=s()9LTTr8ixPtA%{(GfX_05f+OZ0Y=!&G&BNe`4t@d<CoM=*6
zT#&D+sYV;EJ++3KBwDVBfq9IodAH}_TpeyWw7Oir&Y%uA@e4P5ep6x-hhb@oWc|}}
zFeJrOdKPV%Ot8nDzSPueU;oaPcCZM4_J?hFtu{*xKU(3P!_A7;2M*9Ij%Pv3FN%{K
z=l3&+M)NsDNwmx0_f`poWhnluOl+)3w*`^i3u{|sDh25F^aDsGGVunZ&B<KdRD{Wg
zMEOdJ$siGlUaL&sZ|0G~RKCe<21K;0cZtvQ(gl&RFX1tGfjm&@vNX4OCh}SexY$$;
zMXV#j^H3#)yu7LrD*}qps7Sx`G!W>=B(IY+G?9|(pg80w|NcT!$Rk$y=3K2JS%(J9
z5qRPiP!<+shNLd@Q;Y$Hhm`oxO@|bN`R;pit=wOeQI4_v>`Gb1OM@qDYO82L5JAlH
zj(^ngU1+jm?ihc2Bz-6SyZq&i5G$R(eccvk`UFIX4<6URvFme+sFS%KH9fVy+s|k$
z=hxhgFs@?z%cWRDQtzz6(V{XiTWn?)-S0U@|NLt`wdD|eI+G)~D8VDaj2I<-ZP8yG
zNvtF`fAKd2py{o&rs#8lA`*shB8KZWj<?%BeluQsOwfAF{^XdU8dn`yV=N#wq^ibZ
zXwk?BKE(p@+YP`%4SiHPF_l8{M6QaA^57~Vo*j)PR3UIDzn)sA<H_kOwH@Uq_)Gv|
z8cZO2K#&jxioCA+Vk$pzu(d!wIaNLI8&|J`Fd^bVw%%m8wHc!cJxva805=v|pPJc6
zYqyqr@J-Jjm~H|IX|vgLGFO>~3Xx(vis=NgPf|1tfFJY20{~Fhdq<d#=Nh?20)Rw?
zfPfIoUzYfJZCPqG;WW%HN*OYh(mU^SgH{Br9d)Lk3Cx+^c&D&hohLoVa!ttRGji!%
z<L?KGL^Bdny`hh`oA9}O2quh>XX}yq*M(clk#6u9H-5!4e&V??9(n=<g<Nv7yrKfK
zCQbHlTh|Z~AG)gb<7mb8B^d1vXZ{qLtht14V**ISqj~AxysnGyYjd-eHs1b%9Q~24
z06JO)%&@+g+4mOyRF+#f=(G-8ab%<*^g=P2{F^tH=g>wRv=rc!Giv!kQc&%6r@?s=
zp90J0FENH@zp6F>#QibL6bhlR3p~JWC7TLMGa{ZF433ubVB-nYT)|_WQRPCwbfrgM
zZ5mMC%zU4XaT2rn4^=M6=-%YVj-Ay`?mLXPT*>!lwK@Y7j;E8DP@%WlGIM<HGv?o@
z4I`O2s=PnMd4hi@0^EeTKU~0@+wJ|q1NJd+PZ&VLl#HODphT=E%eU8-W&tXQ0=pfx
zF3^pLzv9aK{-39-)j@BM<pXl>6Wbw<QB@cS>R7kkaQ1fx7#pphzebgRB^=T4tpwZ5
z&N2tbi9lxacn79iyZ05;QcTbGeeX*8G@kQ99zve(y0wCqt5QW38d)z^s{)ZS@t>im
z*Jc6E<nRcdS~%&MiiFfoBBEhQBb8tlh@F1a$lb(XmMQ@?UacVsTQ}M#fAYFxghuy7
z1&adUa6y5sHGZNDQ9az8EGu_Hh6{fK^c2|D5tb?!Q31jC$8B!`RSP>v5(&kr5X;K5
zDwXd9b1ePdyJ~7^{j<*lnQR?Na!)!iEd)f6Cr_@}0BiN<)Pbgu5F&y<ZOthc*A9kr
z`X$feuK=6Z8TRCz>TrG#<E~sKxt3)5K0^St&4ybfq!UMh@#nm&_cm0I<5`$)dD3ta
z)Uo~Rns#EvHgXeXTVH`E^8x)Fv2)FiQWdGhVS^k$zR&o-PC}l{fO}sUC@3I?phbs9
zuO?&L4hHf4g$dliIbT#vC&c&schgpPheQxy=3`PsX?lyqrdGz)@<p#Fk{&8^M5U8*
z7EFxh=H~cG_tUpVmyO)!mJ7Ba#cXk-I*~=vA?Jz6Lz>b<Jyn9lg=jzO?5z7`{8^vi
z-Id>#L<wvq00#%ZbvoG`9UZ@{UwH@Xn2si=a#h3<j{3iKCtjTjW*zTHI$b?cBNbmR
z2&=`5++G?o#$o=Q!t+4+;nBRln^s)~j9VZtBCocXz~H`tirc>J5mXi#hAQA5%D1?K
zpvP)4GCyXu9R|>RIf#N9<c~rW6@d`}X&Vs>>y6dJkZV`4bA=xz1?GHT>=~lGD9I6%
z5z@%>uYnkj&5(T@YFll%fKYR~_+^zXlR+rpoxcTmS)55JCi*XUu<DO=C%7IWL3=S$
zCf3NqU9L9<Hu=5vL>GzoT|ET>wO%C!%JeiFIpW~V^P(RtI2V@uhQ~nz^LkS<uhVTi
zzy`!j-zL3Oo}Ri{e=Zc!Phz0dU3Lw!@a{f&e5LOGOg}*Q&%J{A**=ZaG)iGQBBS~U
zBs{taN5xr}vDG>f9MNt?kIZE6k1dq6Iv(M>JDK^BUcT)L>shfx1=uAoFD`!QQ5|wI
zF~*eHte?#;i}knCSkpU<xE=W!ov3RNI$N#!YRY=$^7{!EksvjK<Zrjk*{Y-Fa}<v;
zhri{YoSf~Ajp3Lr7qbG6Zc?0}><Q!;J`Tg&L`b=x-%w3Oe41EOI`w)lzLsRRs4aAK
z7wxNm&5`DvZ4K?ul@IW7-OGx$g)8gj<Hm>&yydU>{(T@J#7&b#{S-fkcbK{m1XpRH
z!5i^kI?vPFoFoxL|JqLvihbGYToOOS6m1Vhjnbe~R$yEC0QntDbspa{4&E8#E1KZf
z>TQKo`JkkF{my(~{qI1XgXL#?XM_T%f!#!nfPf%YkT%`h`|IfFC?5ajv{(w#6S-f@
z=QIrHJeY`t0-}sUytUN@NaGnhl0fm^;MsppuH?t_6vWN!@Nug4^$l!bEF-kU@?PZw
z{Dm=z#y&p%V@J)H8KEfEW=%!o5+hxUC&F%^_%w`w_g=K6M*t~VtwQpWq7HhHWRFd8
zMAC`|MG487u-%7?N3D%1(r_8c??S=bQbXwigGD8%9#B=5>E@RN{wNR{q~Vfr;ltbC
z+KVy$vck47T!Cd>{d-CjB(vi`$IZ?I=_j?4Fzw2DzR^tgqw~*@wW5eJCbbKMeq!Fg
zJpwjnZc*FZ6yyiH5}%Zt<ge)d2f4Xw4fg%b%g%Fz3*D^nk4c#tT{&y;q)yN}QG1?(
zJyc<X4a36y3oru?LK*zUg;m}VGGBgZ+sT|2IX5Upoq1dvF9#Dk!LIy#`eh}xcp1J_
zo03Sqji(f_zrSGK&%r5Uqb;wds?Uu~u+;Z+)Bq0yM>dCI2+aR}=94jA^|=aRmYG2`
z&*jQ_+nue==iiU#8rBaRZ8fm===?n5cqWG^Ody%uASWpa1v`~cB*WW0ho&(O)i*GW
zVr)$8DCcITe5sf-ICDGXbOdfkdX)~DReWgM@Ov=6DujH4?lQ6(<L#$Q3e>U8znXxB
z&T-<R<+(@u8f}iLVQ`ZgbfUHN%UZK##3={AlolN*=RKv?<Vy`2X9GwYbdv9R4HkW?
ziTgv1_vRD_IMj^ePR0q30b=02F^Ck&0Z*L+r~tK61bP7oqKD~RfTYe~ii3-r4#;PE
zLu8j8pz2JizqLqHexMhuE10UUk{L_BIuyeuYduC^P-H*ogjEnm<u%-3azofmrJ9(=
zYSUNWp#{Gti=cYjl@EXx<~5>2f9Om(vXap=MmeVu>=Zd#P+)f-Ez+NbN%ZV&XJv~>
zPpuIWau!1?ipK(u2755nkLWZIS2DpAR3gzf$k<0Vm&i>;5zA|LaiPv<4mnbz6}3(a
zP4Ip;|JY6neFMjR&7#%W0LvTe3r(P4uPjQj1gH%NwOT9SCBtL(GKL~F*N(H)0g369
z1;s&>S@4g+or_D~@j>98VFA2wHLW(sT}B4_k<p6ndpN{xU!CB{O|Tm?v(v-wo(@0~
zWxG7yTMxDU?pLdX=vR2sc*61JM57iDE$#p%eq@i&8~YtAkq&WqvZIKOCCT+#N+mhN
zDp*X{z|Po%sw2`=9pceD;7Cknpsf&-;{(jDeD&{f54O%FnePR@J<rYOa6Swdv~Fat
zLR4LEo6UBBiI1Wm*_GwbxNKf~RnY9sV{U4ybY5Gh(;^l4g`zOtZmnZVgBZeB9%`Ur
zGFUO#KC$XodWklVcngwq?&Ae_xk1tWr%O@tqcc#(ftdF~cV3@JR{l9VLsWR8EbLBr
z9_#Qw)EIu>5P*0cMV`040(3|kO(QXQl7PwM#J?x)`T6->pDz9$KTA(VE1(U^ZYe2H
z<R;#g{t_1A%HKmO^U4SuvwSw3E&P!Xxg&pLBKM~lcuxS>L?d&d?#ly<OKsApmBITP
zb@s|cZ#@hgc!oTvRD5OM(8QON+(ma9(?@)wM2FCXM!1hiu2)Vly`8~&fn@f&?uyOn
z4qr8n((5lQxr>wF=bDp&&SS$6PEWg^w_j3gID|aN)gBxrT2r9&-iJO{1Tsktxl_X~
zDL+*P&Mbp)bN49nryX<;=qlgzdFzIiJX%@v*<fY3h)(=TB<HGUS6GaJDQ)oWYV#ai
zrlmKzE2Pe3TFiBuE1*fVT5cfekbWv8yFD2~<LUI*HYcZC-vAEv`tx99+P&QfD{9qx
z+<fmiuzWYGc*ZQ22CQ=3_X&lS785SO@rwS-q_O}0?&a%jKEBuc1L*@s+pndLDE;x=
z1$5S0q~&RhAQaJSLi!t6_op|QH;@Uv^K8M@_9I*39*&6Z5E*_yi70x@e!f(6HNBlu
z^OMc?%EDdG^;g+v5|p1z*k4fG!`0Qjzi$g9A=zrcqiw3keJN%dk53p5&hdmB-UAMA
z<n8cYuE7F?$%Y3|-(GkBhgGJ?*=kH*Or=4l4D0C$d-)bAAZ9W>D|=4hQRO5_T3}N3
zcCuN+3kr+v`&5;|sB6YfwdqXdF*LK<?&FA(?u;FHQ&<CqJkD{D<aI7LJO$Jh96h{i
zNG6`efRaR+$lrmx0H0CWj%959{{WsqVZZV2`-`hP(YE(QMEyg(^n?%$X#We=9)I|*
z(Z7Dnz=p-suyEsnf35Z5!3?ZlG!=_B9enRl8a6DQg`Pcop=Xcos9&Qx>NIJNUcGvw
zM~|M^dF<wU^}l{I()S5^{@M=DLSw(EvnZd3=+LAkF1-l-X#0$mC=Bb>6xFNO#*VX(
zKUzoLDI@SRAdsU1n*hY$-=Dz%sUMicgfJHp5&~gr6aw6r7NH^1BPWxH`ASWW#GVZY
zk-uDHcsk@mWK0sOG;9G=?O^OYeifQVCQw9&<I1@U2uaYvC_a34uAB}Nn*CgPL(XlW
z2iroWP`0$AWFl0jHcI%9i6ZEuJnHnvpdM{u@9c&)&08WhBm#k<k<c+Oh?y%lV#=V-
zO#Tf-#*=ePPq4VB!#Yn<xRopneO)7zDPIwJEsZ5}qVQGIrV8NR`O|n3qKWCu#aORG
zX?Rv^ghjI^BIC^!T)g{8^2^iKvc;Hj(@@^k9<_dHgR*(8@#MKbm2ufmR|<vKw!crn
zspI?6r%OYmM0sJs%<*Vgrv~ab{tW>!3fw<;8ZX0i(4u8Cy6HtCS6&x1spo*xhxg)5
zIKA95yJTD`PVC<cjY1{xOJ!$7Mn=M=LJc_P*2R%s`*8W}S$M^oW5U!KsO0W|vYhw2
zjoZ<wNqHFNvOxv+($u`@!_loQN)@(|nCT@Tf5LyfZylz_bP6gp8-NphN$Azw1LJ=0
zjT5)Ma%{Cp;cw8ZO-F>OJK@CTJGjL2c>U&GESfwRM|M-Y`?pe%N~4Kgl<?pnn%KiW
z7(XE<k`c3kh)<%%G_$18>@LKPWD?#61O_2V@uBc1v|#5>?8Vl7hnQlDJZNhCZO|l6
zCR~IB2GA8CO4Xh6Gb0TlL4lHsK=uRgwvv<MVd+o_$9OHBK63_F&Ywif@;d0#u|1C7
z^?h40AvzMTUcHjc@^5!$ehCW>z-upW#3d=Y@6>qRrb-wnf43P7eu;}uc>9tU8x=0C
zF)_;;Qy6kDig0O&ijB|gS@{v|dk@{(_kgxT6I{CUfVopo;wC>Q4C=sqsDEP4rbALi
z5w@?g6bP)8+d#=GzvA$QnK0E+&PS0L3$Hh?dEbbT+NseMAtPPE--q(J*qM|NPqzZ)
zd5n$-#hce}5J3&SC>iM~IJj>M_MSQ`@zF^;`A<Yx2z-6~8Qi2guNizvQm!kS>xzkq
z!hyY8u>bV=_X3YJF=FyUT)cD<7tS0<nPO(B+`J3UGv(N&%a_pa*BZ(ph+`1Xb2zh7
zsESyxGMYRCp`js2NFwzM@Acx9IxHlJb(I2{f?Rij0YON}#M~^uGqxT+0DGHU%x#;(
zdn>QL^i%}%dWoQhI%`oR#>1Z$nvgICgk=^rX06DeW|Dxbc4hnYx^)g0?mg#yJq0^=
z?R|Uh#eAtWWV<v3Gip3EoEDADk}e&f>oNnx{Qdk96aRBt161plKYwflvP%Ftu$DyT
zSNxbjCibO}SzO%MK6d<5hgPT166pUF8o3O}Xr2adQmp$uIECKbx=C-0eTGeifn{DK
zMJJ$9*AW=myE)EoorlKcp{iA{751Iv8zlQk;f+I>GDULi6zQh(-V7*UmU1r+HQ`ex
z7|}%?nlHsYLyLZ3K98=Tb^Th@YIVW9<y#QNs8Au4rjuSnm@&o8Lfk-AB%q>q4c<!p
z8JVhXQxL@qSV<=1#Ka`n6f6N#Gi{n0W7s|oR<^leNAqS9eeDE22k%$B!M(e|i@rp_
zLwrO4PV<IrTdF+%nzjJD_Z`Ib>o+iaWDndpvkLPzo}fmA53h_^%$qbE-MjZB8ESVN
zxf23gnyBNbO%zxN;WwQRk;o7~Bm_Oj@cupc2Hq3hdksWrh6STd6Y<nH7)AvPqp+PR
z5;-q1w-V(WpjW3>BymmS1BcWT{4bTC-y#{hSo8N%?q9fq^t_&!GHp2QOF3cW=&{H}
zjBY;l%CRY4Ke`Q<0_l&qekm%s6_ZSH+WN-mGhz~cYwn3%Tesuo%X_F+r51i|)EI7V
z?r?Q>M2F#X5G!RDNXLN<v*GCA2oGvsOVO0NZvPc&e$$3^K@GkLRB(5LdudmAR&9V=
zOt7A{9A7ybD|cPQ^Giq2d(>3s_%sAn%jnXw9!k4=z|qkWfBd~cdN@V~Jw@Awwct|P
z9WG7|Xw>abW+eFd15iib0M?ckFf%i!sow?jmTf^v!$^|e?v#c<y=w(L*hj7U_2J67
z51YFVQcsF_Ecmk*9Gy#}9L-)%6{_Lng8(U&mAIeiFc=~5{wY-RD25IbSJIO+9b1=7
zpc{r0Jh)E#GF7qrG`Z}UNpwV?)@abS9UL5;F=N^Otjos9%`5OU)eLJ_&Vy57Tj`jd
zkr_r$n~Ro}ieml7-FWfn63Uh@hnrsX31ta*dJ&%7z84USfP1IWf5LnQ`~c4xfnBYF
zJIa(T2UjOYbmzR1Gn7GC;^hz-iI~y92^^|6#!c@~>{>nr&Rk#BD%JT}7TeEU#nx%#
zaQNa=T-m)EBW5p0N@6rdcWVUa(r&0)tpXgJDqu6U?~F~y!0ye_u<fsKcJV|Vr)oHL
z`8h7`T!|5LmWye=Ek>qhu(r11eZ~fQ`Z_Q)HloXlC2Xwehs%ihfEU*!o;)|c)H*rX
zqtnoth)K#otltAPEngn(T33ft*(%s_=qOrOu7EZzYoIje<H++rc*HPN^K|6(=nA*$
zO>rk62FanXFslD=@TFGx{_(Zs*=vCMHLFS2tb?Nq=4?4G&F$*GH7M_164k0#=C$mA
zR^9$UL;_Qq@%;YVGh^HORWK^l5)*p-inF`7)73<I?LE7B2%cqmkFHr0Zq!seF@Nr;
z1v{l{_R!)XsL9_=jcS$P>B;NXwE}jZx&0O+`HPIe_lQ7_3v9ZKlKiJ4q6@V|QtHnr
zA|;JzBTRPshK7g@xR14K4xvDiQYe()2G$ws)KYcEu@lE};J^VKKCl;K`t(ERdhYOj
z@d`CM4aNDZ4_Ge%06+jqL_t)mH*oIML3FHJ1PjT=e(sL%+ek(cm>{%YA1m6-k@$Ym
z;XJM#+Kgc{)}r%>so1q^HxBIC1Q(iD1@D@wh4Aqb^Hyo>L_g`g@mL$=LPm%`{6eB7
z-ZyPJ{73QaFD6z26JwHvQaBU5X#aI$1oL}B&?9td+XS1BU6%qc1n+^RU19VYFaRZN
zP3hAS4jZFfFf_2m-+Uk*J#q+#jvT?tSu-%KV@u?>(3gBy_~fA6rj1<Ywy-T(4LfLl
zJ47sx96EsM6NjK>o3_YrVt}{+KLkg{OW5h@>Eg=4H5fW^Hlh?FvQ?~*k*Hkr$0BOQ
z(VwMMY0rqoQ`?b8U#utvyEgqzUp7sY%&&aF=fpbiKYj+iJg%rvy3l*wsiSte>WK4Y
zz)Mst?%zI*o59-HcK8IAOze+sGe=<QjvMg4%Im%RI5h1s1(z?KMYpQ9=+mw<UIauS
zCd3<;X!7nqbuo5rn2*qV$FXe7`E28qYt{kHYkQ!WdsU43y&E*BrHJ-^27Nncx&a(V
z_Xf_GJ7Xb&qM|Xedna6ese_#dPht1^dAPstZ;YC<Hd}wH4N2>f#d@h@Q52QS7pFGu
zIf7o_L5GgL;oPJvwZ_LWeL#E68`2Zo&OO8By(=(a+9vd#vI6Ih??W-X#E1#gk-!A=
z+B({JdF=$6HfoCC0`)L|OfNj%w+h{VpNsCp=Hv3kQ~1R}3td`wg+I-55q>Xm_~1!&
z895c*+hl5#GADTB;VWtZE2C5aQ`MA}pK5xj?OFz*Bn}QEA?B;sub|S}DX2Mo_39-v
zUZf$3evMB_UK}6lhn}6fAkwlj4)djI#?V$+_17SryypcSYWR^JgTDv1!<enNF=F~0
zc;up4Z{TD!89W15u3bj=T7~fY@6@ul?~Ur7#o=DNIR<rVfhQNXW8UU#n7w)@F7dq9
zDVc#;E7tQTOw!>uPx<>khaRIRW5sR?KW;_fS+@m#@7N;yT2xznITYtZxSFU+YJ3>_
z|N1NZ(@Nst$@AE-U=$879f^hOj+3qjcy#k7E<EB3;QR%sOn=<FSFYo6Y!T85?M3b4
zhP)<bp<0(I*u7~flJ1?r&fS-JS4hFDCr^<`O=t>(vhJKc0&BN=ICA75Y8KbUv{`GY
zt&79d$&+B^PND0<C2U$S4kvdm!j)IyypL+AruV_8BHSC>_gz5Ku5HnFP!H(DJjcFM
z7o~a%_Idl}NkmzD;>f8}7}cpdts*^e{B{t7$-;5!-~p6t)(<C79A?%FHFWFLml;Yv
z{-W{0!14|mf&T*p{!1?S>?zqYqEYy+i5o%IA{<&REiGY4p-V+5oAvm|zKev?v4K8x
zSiObYH*R3Z>LqB~yg9CisbkRK-<jyy6!jWa#<~4#vG>|@7#SPj(Utx9eaLXUAnW>}
zRTI#>Woz7i8H&8rVtJHyp|f@xwPj*7YQPwk>HYXAo_YCXrtWz+XX!@vZc}+<<C-XQ
zA(l?Cn%YLlm%kv{?1AlnPsi1lel%mmK|yuD(A>pDh2j3)`v|8NOS~NlI8tc#a4cU5
z1$4tPYV>&Adl?MBXIC+1>=-CaN}{Y&DQc$#DR6c)BrM<CCrk?#1svc|#1b>d4#BE@
zXK9j%M6lm0te80k5BX;6TCxbunw4Od>WhUdHX;t3Y*GlOj~|K!8;(Ikkjk=O(RGHp
z7OGaS1HaqHuxZyZ=olFx_{DAX`)wc&UVno!Rm#IC;Whr8_BS2iqw(U#IgB1U6ld<d
zW)v`a>}VEBNr|Ta;(hp${a=*~Jo`$1jxA#gYZNb%A3jg6qj!rY=s0pCdjByIjms6w
zu?5C3t&@R;p%m=#ey8fx^h&wcse08hG{x8{6HvyfB%1adfi_i(QM-B(dyX*($JmzI
zDswz}_8LW<JdhMmjm!O)l&iH-x5Ef@{-qYm)oh7hs=6ZNrB}9LjLmJ3C$|NR%o&}T
zn@;HI$&4B<hQB6HhO@mrI@644oScBi5AR^p>3gVHyDZ|uyb+yh2-i}%apuY~YLl{c
z`Hvgwd|A+BwDFy@2asgwgz1weFadmiwEtr?8ai3v)SeR*9*)7G<}Vo6wGm2C`?PS~
zUX1Aa3ol&WBVJ!clZFlO$h0g@ZCir8bWGo{dk-{i3c<dx9^DDN;Y6)qO!!UQdhWwE
zT4>&76ejfRh(dX+vdt?hH3`OMOvUw)JEI!MQlqRTu5B&8=!tuQDB|}mUPi^X(0uEV
z$okFWtGGd*)Hzef!p*)oIu4wKt?QSd5YH)N#Ia;lD-4{!2cuSOM~`aG(*4I+KN;uu
zuBWf*Sv2f30q1rvME-pFVb1xO+1MeEl{tzsE5xA#+hCOuiDL(jAeeblb%>w%6)RFS
z(7yM0jOy7I4%D2QGa}xc?eekRrxxEAH*xT$FKX9yL#Xddr0Uxeqg*(8=`<tl8CA{z
zn@J1Tp>>0rury>!G-C@)`fIG@^Y=?t2Uxo_z{tUEnfJCfN)<1FRBGZgRQPZb=``_L
z6|R73e~pBrlPh|3X#=$&KVCOFn6+vfhIg!st9+TbeCrW4Yr13s`1gzG=IL#CNStjg
zP53gYK#4rs*t%{X@A52cYsl+(>LiX;q6GR=kag$rYu6w1eh1h(|AH|?yP%}KD<+R0
z4~@tdc;v(M9deNo_)ZbvJ5$aTA&3e3juQNFym;|KGJlHR#SKkFiHiN7Q-rqe*_kz{
zUw5<g7D$~HN-$Dr`MQB<Rnvtgy(BbeuEQH|f-t;OGt4kCLM-V-YWEn7Uut?HCeIL@
zx;h9g>N715g}K<ccr@<b50zZ=(2pV&E}pKKvS}u|hrYqK<zuCru<|}lt}&V{1W~6b
z;+~<YLoFXu`v`v?mx`59w%~g7Y*iO#M*1)`wSkj;KJ1x41??MDMWJG)V4)j>o^5}@
z+-*ltMVA>H7&4Zgrhs`dPt2Y_6T@j{s$2aS$!g=Fo+}^zUNjeuyfL0n6Omh4o)*;9
zX&Y!k!N{kqx2_CoJT#5$uwd~r3>!KM{oDOQf!G`w3|fd!&_vgPBhj~s2aNR9Fmujd
z43e0MDu>oVD=i+nmPIgk!EhL=^R~tZj3)n5l2hQ>xDzH0xQ|(*`(fQYOPXBcQM6h+
z4DM7LHkNvrGjlXXPg;noCpIA?E)o_+Dq;S_QP4|ILQ1aOa42Dj@dG>K)zHP5JG?1V
z9Q~|ss~On8dK`KToDS<!Rk7{B88oZup}bgf=-*-%wupRonZj`_T<o&*S=@Mb7n)XP
zFs3<6OUnqhxpQTXssRg{8~y2LmdNW{Eh7dSSFhkxl0Im>q?)y8!+f2_xJQ39^Lzy}
z+oVB*CVn-hfqK7)$icTSSM<-+&Yc(Lswh2@`3h52Dh10lT@5_Fa|TO%?@ENzS{6>I
z?_4F@_4<C_Z?}^o@q|L8WrNoAsiQ`?L}6GNtFC`-SduzM_`OC&gwTvv=xwti4rNfp
z0l2vN0;zQ3VOqi!kuPuI+_^_+Tgx5^G>K-Uh10aTf}e~Y=Wn@1tM;&9%BwWG7g$j6
z_*k(wv&OnJHxV40ihM@m_DKIMrqnVsGsO+>CosxuPl_Ea_Ac&g%6W=xA(FI~*`W~H
zV(8<g#oxTS895$B(O`<Nw(V(F4v^@HQZ@1-Umi_d+P(+LjmtsLsu<SOhjj9+WtcgB
z7((L|sM)wZ)-9dJ`ww3NGtbY<3uo|q|6xcnu|-ik8^lm()|BoS!Xbg@pBj8+Nn@LL
z?J{@%=Z8X(gbcpNT|0XauWy}}H1K&!RY9q;Zj$?mrlvNG`O+<laQ86aHE3f^?jn{{
z&QV=c`JMhC(s6O`&su~wPuI2(RF{z&IUI!*A}t{rE5?q(n!B%IU$7w4sFBu5mt@KO
z?;i`V^DSHUAVot9OU4htYWfF8(R3ShaWC%sO@%H6Yh68an3-mt15y#0m>3f$flWG$
z^V)(-m5MH3d~&fLHNJStMMmIzMIc87HnB)?bIH%QV>2@|goTAk0SF?WmJsAVrg{4~
zFm&Qg)4`vsH=`fl(8P^L6nz6@SliI=g2Ib}Twh|ZHnj-zmTp8}(uhPvCs25@WJ;nU
z(4a=Z$gvu>96N!Rue~L8ys?QniWDv+Y1xueHPCnVVl)~QNMXzfhI*#hwBrbj*gjsN
zj!9c~fg2L1m>8#6wU)SWt~LcvEg0&S!>0Ww@al~(ePuK$pp}4@A`;KNf>9)IE=EgM
z#lbV@5k<#gYrA~VRkOj7gYKNWKH}-?R<l`G94}vsR2+f4b!fsie<9fM4KX1m7LN6Q
z#oqEwXgcK$ky=Tp8DRRheMr@100ptgT2gsa%wu1b+Jqxg1a3Gv(A0TDwXrRLB8BXb
z&f}s<J(BpkSE>&$I@hMD>7ZcI;;=H&rvRIXCLQQ=(mVya>4`{H*GHeROHjY<AOz5<
zTu0A@LUu7~d4R;^bhPX`6cuYWhfhE-9r<)ov^ah540WZ5U|p-CSiAi=f=L&U%ff~a
zQAO6N{#4(eU)YCEy=S2FpGz@wLKmLFcSWR;5>C~^bpGD6>RqKz_~u!sF7!vu!Gt->
zuw~XzUPH=8URRG|>4qa{GH5ySn(5P&6p06~0#MyP54ESExN-j>3ODHtGp#q!p+;=g
zw!N^TmqJXyQ~FwNMX|gVI7k5|Bh$%U^eSm^KQbqwDHep(Z%dYEr)VSo)6vz3eySQ8
zb{vBVJ!?o+_itE$Ky`85zipZMg})@e1-+xYNW;$63vkve9ot&Bg{Ai@ct5;N?RY#K
zYz(-ZH@Hautp;Ow4f@#O@QnZ@vM2HQT|4o2?0l__fz^$WtB@y-o;ZlHEh}Q+fc~g+
z`vk0Lnm4p?#YSq{g!~uw`W6<hKa2u4rjn0kI$wA`R;o2=gtW!m7#+J23;*a$3ZE$S
zZdM(s1>A9ik)7S<O@JL;7c`R75EDn06N}I7I}|pB*P5~jp~S?NezXkqc>X#J9tA8A
z?R5(cn)JXQ3+5x8!8v^<twtl`Tk!m42v)Rgj85e(=wtU7%eNnZ0ZF_MZJ2=;{ioyQ
zgkd}ff`nY@O0sC>0{B{&p?};?Sa8?W9u2WKQsAn*3bU?DI)9n%RCD{UPd%Pbopdd9
z9Xbcy>Qf@7Xu4t1Oz0HJC())Tg~xY7jdT_8T6kM{ug<#pc7K*H8T7G~<RV^LqCb(z
z<HfzRn6>vD<{Z9^f%Qrw;>9JnmTO8Yfc8JShlCN+-N$cZ$n?z^-ln1?M92ExLiH*Q
zv19*PboS68Z)6a2+(x31sWn|sUg5<XKh!fZg=Vxm!rweWG;dRMAI1w>I{f*PV=Sx%
z42V$Bye-^SKDdOltV8}PBk;dQAnUUx$Ho?KFT(VxN_;Ba+{F$4zkbPCW+2FEt@7lD
zb(UX@>SmG5o29A<C;trEDT<YHRz4s(hA=A%884j<@PcsDxwNHJU9^{Sg=XGgG_?&-
zq-Zf|UP3s^U!b7m^e+TNtNaD{!&SbeipE-c#wb+4L<&Ag<wM!X%m!}Mf`}pl1u|d@
zPs=<MP#K`W_Leqwu*%IhN9mXr+vbwS7IP4R7bcdrFt_GIR<!3hVxK5F#wPR^Gvzp<
zPZpYCtn3Q#Q^}Pic4aL>Xj9YHhl7hd*H5t6f4Zof83`!riX`4<HhExSn@?&g<}1v>
zqU18QV88=4C1ReOcM8YLTeJl7)2D--N%Ke*QC%zwwz0}n5H|Ugnht@bsvq%?GBUA3
zE@~*mdQ?KT)bJ<!=fu(dh~l*s;&TQ4dR~^!w^(nRfn%X@Z8JK~I*p504xylU5`1CF
z=UM|($MnH~zlNdeqnl{kpaLTOU-RL)1lk3E!T3QPp_cN9Y7OA8L4Ba`>Vl`I_u!(R
zHpX<U2Uirpl<D=*qJ1Cy+MqOcEt`#d5w_?tV5pQjEm?#?XBGvuWJ%PpzF$nqKX&ix
zMZWZ0fSaKj5*Q%E%S$The5l36#=)E#r~a)fV$7d?p`9`mX?}Mwarz33TD<rD?j%<M
zuWM(~wQEn17aD=D9^m--8)(^Y44PHSkGMk3kymdX+P7?rLH%0b=$fVQGs=z5oohku
zQ5@zk?S^*b1uUOmlV-TZ=s0;T&4JGtjmVcd6H82(y$E|t*Fw+HOEIl`cP!c13T?X%
zMx)9_v2N~E1nPL=w;{UJ{3b$Muv34eIPisJRNws=|7RCGyKoxK>$>1oa3t=YUrjBU
z6{=Qpfw5&W@@d6l)ZjjNT-O6@{+@<JI>!q!MvzPk66rz=259MShk<>%BILKWIJKF<
z4Dp62p4W<kUJ`#F>hNgt8~WDSjDbCSqxjC*SUzI}E<f}`k5*-I_UvV9qKd$hmH`uH
zVmWyH5RP7JjG}xIi@WjwYnLoRgx5XHU4N7TFr{(v#v|T)6b$}RomVxO>gkiF;~)-P
zsEbCGKCS^yqE8ur*l&@@Tf8hfR4<BweY+xhbRPs$_?^9cAC~XGM2%`H5)u-m>s>Su
zzxhON3&Bv76cT8Q$Wi5125}bAufk7GRgd`a{+J-lq*4pMlyW<s^i0O4=CCzNr5Sh|
zbYGpt`c*676CR4KoA;tr>mtf=_#4Yw4y|2{fVAA`)TSP+tR;t1YWr%UdYKYfv0^pq
zm289Lm}vaowKMv5Xn-TD7b7%RDKxF^h&#(jw*Kf0eJ1;(UfDcYFk>Q|s<elDVRHs*
z%thz%t8w_;H59kZ)EH(RSpF^}@PCAW#_-|8$A7D_g>a(!`;sxl4_yd<sz1@!KNVFS
z@tL)VHve=?2qfZ|s$c1QW@B+P%08U3uBz{>{fh6Z?e~wXw*PHjs_~_|(tNY8Q{a%T
zj;d4DXXYA(aHuq6Wp6L4spgk;y>IttU#N5=7WJ~?@ouQB=R>tu`KcP?z3#GC`X6nH
zho*&vh2&e5(?f=Y2T3misYwYGbQncUVLOEnCYOrUkw;sB;8bnYuUAdVcl+gIt1)`B
z9?F)q!Nc1(arx?XDNv<ai|$yyd^!qR=^-xCAIsKlMBN%S@c8;AM5!54Xj#ZezLGGo
zDu^1DoN(j(F<iNR59Y-yVCAy;D9T`zC{kVIw|7VBqPEiXVi-7(ueb+1UEi4;#Q|GJ
z5&DxtBSSA2BT5~SkfDuQ)yh-Y;)_TM^W`dZQL}z+)Na%OddUF{YB>(S(0KG5Me^wG
zjWPpK-XRbl7fTbB4it$Al2+D)a~w8y3P%3cg+606Um4q=PK}DVcl`p+U1TJ#fejWf
zUkQ&Qwy-SdgbI$<xOnCa9={Gk3q}x59MVY{#jS6Nnw85_n_UP6s800ri$e3Ry-}xp
zF<c<+%C%b$kk7p?Rxg=}y!0W92oI+pTtzsSQob;~n<2kZQ&qKY6FB8J!o9mUiQOGo
z<}F5|?M^UBdWa(r!qKT+Yx?o!!{Y}}@a$C}xe$k;l4C)Xty&vKnhGS4AF*D|%5>$Z
z1EKLbbMZC|Y~8S!_&XK0MtD>loXS_Fzm)~tNw6Cd<cnf1b<z9Rstl+&LduORh=Dn#
z&tJr~=b<m5C4AnzCY?}T^y=OL$pQCpn!-d9&8mNmAA%GHkyzT5M1ef!D9Lp>6wfUd
zf_!Y}?e!Y^jG8a!QYzarl^Zl6((kpTOL@3E6qj}h6J_<fb)g7(hU3RilkZO*!=^1n
zx5i~@{!V7TU<L8118bU=g^Nc_d<y*+Yg0JX=6Q{xOj{InD!DV=YX%}2^=|K02_*}e
z(b}Lu#aeZ!9ZjHLoE2(UDlMgiO(Cs@Lfss#+P8)){S7bBGI9TzH=1`Gh^ih1c>P79
zYRw81?9x%CP92)dRY7g(xN-X~oU1iM>)L!-eY-jh<RO)kf-kHE@|xoC$qQ&u(F2z*
zUVye;as0h_G29AS;tqY^F1$8^2i-U>T)K%;W!hlz-{WCvq>H%dP@1IEQJY$BBW9S9
zi;TeMA|Rd#Q4CH}DXl)Y{Xf-LquKJqr~5zEmiNmD`~V0D!7(5pfTr={&=G+ZKS2@P
zhQhHuYYF$hi4yL$u;%0)G;}VI_0a#(cX2Cu_vrkZNr;yZ;X?6$U9#ey6dTB>*mMd4
zcHeYbS;zdQ1N~>`Id?w)bEt1n;lcUMsMKmWu045;;-=ZP-5bX?$H>#h@V>YvhpyOf
zumHKs9~J?jF!1v7Vj4)he^<7A<_fbv0Y0;_TwO*$M&N&g!280Q7*&|SwKO%T?V?Ta
zyC^v$tcj(355k(5M^@Z*X`U^RJ^n*f$?=kP%pC9hvpUSV^Z8lB=1}Df`b&y{43XN9
z-p<*2RpakQ#EOU`DxF=n3i5`Gz;}p%tYP~OPl`OHuS4Kx)UbUFk#t4``}zkmlF|<P
zg4;_jG6FIJZxK*1dN?pR9JYD#FknI%(W^Qb7Zr?%Bz5Gqv6MAzDp2Il9790Xu;mz(
zaz`=(KL-Np^f$_%zrfG27<m;k0y&I;wyptxA0H1IFf_4-lAI)m2bH^%5%`7(WPk1W
zh6Bl6%Lx2z2t-GQ!(Zg-Bvs3|EHCfhq?7q|B!5A6`M7X@93x|WVip>YZ#mcRx9@aZ
zzj^`ppZmQx#WdW#ewF0eA&e@IXU^7hB)b-dGP%5ufFdCZ7tfKdDB)dH>HBqZV*B-j
zySVe{6%+|ExODac!ec-Ee1!YI#D(kkNtg8XB__ld$4^{AV)i(;ukZL9_3-4*H9UIh
z`;B^+yZs&zkOj8y;Vj5=_@NL;SHxoazz!%`ig`Mjr_#x-9M+OU>RXhQ_&^dg*GJ77
z^_bSk`|S`3;a(U#;CI}7MNYi;%Aw7R@YlRm(%xX^x$Mw)6oMG__WyTD!L;FhF@MeR
z>@Z{~FnL%{%v*C3DRF`Lt$lmk^9##fCkM77eD5>W)IdBBRwhXQ+%Cht@3Q?Mya>sj
zEd6u)`I`FC{?E|2eMdYEeU}jabNah}fT`@pE`s7e!rV4b8HqvDR+Gl&1v)irjZ4f3
z^Ka$q-jx_WVW~tFa{u%ObQwGcNjY%2zhG|KPTfY4ocP~H&-r8Lw=c$@lUGSJF`v`>
z@-f4(XlwS|xS!KruKWEXAPa2Y|2dLp_?;ne<G@NLKHrTFW9H%Hk-eyuCk?#@j)Hg0
z$GN?}X8Mm#AH@~lcxE+-!<Mb@xXq$NeX)GiGCc7K%oc?txC76hK7g$U4v~DC%=64)
zrNLB5R39P8pSfT|BC<~>BNagb+#mYyDS1-q5A=rlGJOL>vb9fR9?dr|U%;Cr(5mOK
z@F5g*C!&Oh1ic+Im393|-W;8vJSOOB-qs5a<Q$Z9Q`L(R1Z!DJd`tv<NHY>bQfE~W
zyl2URQ;<Zs!GQq?35!%6l0H)s;}9GiOd63?Xp8J6A8^hvZ5$u&f@E6TI6pQq*RDrF
zD~T^m;xr@QToC&W%`&FcF*(lyiRb&{WgGnMMg~HBpJCam<?yCYm1+vfOmXMu>n9Ox
zzpctI=}eF1OF9lO9}-<>9tiSLw)f%rQ?(a|Qj*A__Z~^Lf_!-jg|em4QoVZd9KHeX
z&YOfg+o@>HRNLbG2|N{~&`47xA}}zR*$Y%>6)?@`h;7VA?3i2dQ7WW*tcbt>e}qLw
zXU<glkq{e+*RNjDhfF2>X5i6<{aCf*D54Wpzmp7v1_#00+ZVA}wAAW?)L2}*qy|wV
z*CRhNi>Mzc)sM@pFXsN>{64AQNS<Sl2EDLv<pk)do^15<^nU#cZ@m59VkvkclO*0t
zX0c#@K_RL+s>aFuWXy%8NT8aQ1b-hd1gd^Jq&!NDC;wa)p-^ysCT3pO@AX1L^hi?8
z_(}YGs$(KhNZ_17?z#Yfe?%}Zuqa|ZcTerY+C8U8o1;4WKtw3h7*d;`Rm-m8?u?5L
zM`%P02LHW^bULj$uQViQu210g;cuJkW`B{<O5tB{er68N^GaS*<(B;KcZh)Mvi=UI
zCQnI5;QK`2bwCtqwCsW@eOsZFvnRTBZVipZXg&nq-C%QO=4sfxX*ukxwZ+h$&2eP=
zHU!6!h%_M>zyI1BiA?S|v{Q4OdiYNBc5=-;vgM!0%PYsx<B!Qm)1nVgybrpxtP3|!
zPdGU_V93nX(%XAv&{HWVq^p}JT%8?Jr{fR=M!aL}SFORDDT-=W^+1_&72xLLh^D_!
z1v3D_|IS&|<^Jlm>!6CK8|t<lfPjcZq{aB5Z6y-NwyF(xH)<fAT}aqF7<DVSz}<t}
zp4D;WA+vnM2B1x)@|pGArFuOF4n`eOPiQX7R3q=1Fkxn3&+2Kgr$)1K?HX`(aA1P-
z1(K=i&Gkdfb6XRQ>eYrD^MyL{*ob)>rK!KTZ~#@y+M{%7H+WR2iR(<<t|K16?-dbk
zt4<1$RHls@*{dg>hbG|l<(()~tuFc0s&g*xaIkm8_+`7LmO*cBqJH&CDDCbE7bknP
z>^lJwvHxr)j1PW+ew~I=xJpL%)=lszC>pm8Z$L#4dw7=d<hn{>+{&GjKoRb99}R0(
z;hJjkxEq?Z`wcIi-^0Le!zJOYd#lDwyYx;dJ-2EWoLws8aj^2?8}jlhIn|u8`|=CC
zy1XA%%9Tc)di7DBd6e7q8;i(<H26L|1&{LO@gTDwulpytT>(!*lJNM{29&AQfZS(Q
zQL%b^YGzf!6>}&Dy}*cGy`&eDhbPv<qgp+309J#ChX?FA=8W}6Bz$h{Ux&(Nol&b+
zb-22?V8o1_%o4Eye=a+L*q3LRU1cnyBSSIt*IIBTw$-XtWM0uq*mnGy^33pjs8U*q
zPc>%SP{f2_P#d0mo@1%Lb0zFOe;@Za-%+d1Ao|%!a_>#W&2#(k+oZ+P^&R5<5KVZV
z%Gaoa>Xpl)R^yI%9ukA7H>APw^gxRyb>Zsf4rg97oqwOpY&h9340UFSh>!L{n;Mnj
zQKlT69i8#V%xy>v_d}DiE|{=lPiBKOjPB8#X%8m|9_uV611C1lN14*4;OSWg4o=RP
zv*Uzx{Nk>K@T}PowX3mj4|kMuDvjlbuHpLO6_~jB3c?;7K-2EiC_u$y4hgjF9bHg{
zzX|6mb#d;F^7lTsUl%lKR-e~NN%Wn&7F%Zig>?r`A@uo8)a7{18`YN9=Vb4I-ouwb
zy#6Fd1Yl^}`fzl1g`0;b8Z@kr8ubStp2q_3oJNU!_SkXlO_nvtU%w{=WP$B_Ives_
zeh36w^!yY1*Up0X-K$JuJr;e&%tYz(b&$_AXF1<u{U2h_@ds$ysTX>*Z;7OUTiAK=
z5!7_e@#oBOBxTgcA5;HExl96F0baRg9VvvBMN#)E7(b*pH2B6I>-z#m`AXy1snh7!
ztPB>+Sxmty8h`cZjH|EpvFFHH9NM-RFODt6pMR~&b`DY#!th&{PI#5!h(k;&ziRpb
z>|HdD57&zr(z^?uYdT}^@w3>$bX1RyFU5#S<h5e%Dc=Y8arLDUHts!$?hTx=a{gQt
ztuq9N_wRsB*ki0)v7h;M)!=jQKCZnsW~#S?=vL1O|Bt<^0FUBoyJt5WSK@|+KnM_m
zYjB5Bw8e`{DN>5NQ{3I%-95OwLx2b&LfmzC|8r-vNubcue)KE-{=LtW?C#8+EAPzQ
zdFPdLRxOwZk48gSZzt^EJ;uhhN1;l2hiOBnqh6N@xPIj-mQ3h|P4gBZC|0m@Wa7cq
z^U!lGLwc%{=+dAl7R_5lYe)zN^z4a9(;C=&<QN8h>w~c1cT~(iwdB#9qDn{5ix;G(
zQ<Cp94fijfhE?&JIC1I}zV~s(>^Z9mdK-hm9Xr84r4Wvtxr9AyXW-J7X_&c8qs+Z0
zysRI_Hu*8;*WoZVH^Z+BR=_spIoh`Ajbcsu<I0U2nB2P+ru6HH(@#RMf9_0N2sXrt
z3s-RRzy>@%u?4%Y#bV;@(LCN9Q|2y#hoePyHzn#;Ll|kd4xYUyZM(F82VN$sQQTRH
zE*&}})vYm(p7q7XWs`7n!xYR}eUwD=84^ZRY8ESk;9~U;@JAXc%QDD%aqrx5WH^_@
ziq$jWV3wocs%Ui!eBme2{AH4J^ueW*aIVmlab73T#M=@x=dNWuXCkJOU)a1%b6mZC
z6U)Z;#Oi5-pek4s!#mbQ9{0*vIs0ckJ--br4?V~7?MHB(v4yn@rD5LM?a~~0Cf+Oh
z`i6LNVLMhId5IM}kFx%G)F_aGnJYHJqf#>r`o0Q*p?$D)Y9GEVM3H_fj0_-Y7}K{4
zZoZRY@1f&3w0%8dt{ucrbjfDWdiR*uoque895{9wL)+BF7M{oF;qSY8<>ZQuiSmQ2
zWCNUHY~$$mbueRCFPwj!hT=tSuy(_42^J(d>;-loJb^NN(a4b&;D6^Ne&{(8b-GO?
z;rw;{{B0Es?b!`C-XwE;DY$?B7(DBD!0D4mQM~{#b^0n4ul^l=A_ufXi8@$5wHJ;q
znTGN64`Aw|9k_b&ILexapi9U8d|6Q;IWiOn_n$`N?qe~f&v%Fjc!@Atm}R78ynp{5
zLeo8Q_{3@SBUkN)H8T;ySip5N=r%p-hlL#bh6UsC;_79*c;!#PbpoG|y0K~vA2=E7
zfKJ}K0KcLipIW`Xq9N*rqLaYaB>{ayBbb;N;oaK+T%-aKLKOG7kmt0ra3TJJ<?P{I
z2#C=~A+r<&r<%ZyPlG*Mc0olqr#m@b4G85?sAy4`8s%V22`*h1M_ZWYu|`2hdm5+G
zU~EwslO|0@3D)h@u>-95;C=SwF1DV#k4m-5A|~V|LK74yRn!URZ=66%E}uw5z(e@H
zio(=i$D@4l!f4uM2=?#V44d>IoO~9K*)yiVn>>@{>$Jk4&dqV{#u>yVks;UA62m8q
zMb)yU@on7-uqsd%W5@PE>GIW3mefHi!39j;o~Sp1^{SK+^~%GlU^$E%(;KBLR7aT#
zte2buxv?GA96O43wF}|Yp+mUx@D(j(B<kivMks97&LuFN<0w(AIJ#1~G*3;$9V%Pb
zgOjmv@l;f#Rj}*0$*5hX09{4z+d$qwUF7T}I5CYnQoA;!e40juyg1wK(X|6isSG@N
za1DoUzCx{fr4SPE6tPN66waRqCoiA<z`BytvdHFjC#k(Y&zC2yEPfYuBQV2=7MntN
z!UwChhbL@Ru{e9;9xR;9ksNpvtCuass~AHZJa-v=npc8r!F+Vjk%G_D6Gr+ufWnSN
zDxrl>5$xN4fL_E5?A(7GwOaIqBKkRQM;c<`jIk(^FE6+Czz+?p;>_i9NX?K-_;O;N
zq6jONz<v`yg*z>eO>t~ox&U>nmL~6OF7=7^B>9MX?90xrDyB^ufnv0L_UPOe@^_(h
z<B{AwPaZtHavm!;?SysdCb)e4EXowhCovBgTG*lpUC!RM+ThT>jWCLPg9E$wQ^8J#
zks{|h7UR;E46+s!tJxNZ_icb-Oc3_(K0r5S3d!9SFgCM7q5L+a^s|F!0Xyh%y!vb>
zI`kzjTzQIN6BeOj33rsJTo+@8w!!^lXAmAIsIVL`W7!mx@$y8cAA7)2p+;!b`|*K7
zp4N`VNEtRB#fuanP22>Oas_VPdyB3;x*+2IDclZ9!lTQ_$V2LiHs3bV4q5uVc6<|J
z4f3E^VMjc?e;+QiVjIT=<Kl%U5Hujp#p`48*a7e?Q5xMkv_j_FAjr+F;m+&H$jS+Y
z$@{xu{}I@@d%@l`5f7gSqa-b*0sa^8JS>*3VkIhn_Y<ZK?+*_bC+R#2B~wN1%PNmE
zW-gtCQpG*Vd)%G88A=2PQFdo9qYbUt-_@&vYK_`p{E#+eoDl3afQ?%ztlzc<)k-?O
zHxJ#9uSWv8UkJXQQRzmalfYLjftQc(BSm3_N=@402>+g3-ivazzsDY529~#|^hHLl
z&P>LxE&HKws^o&)Pf{Y1OiXc=@oBH3$HIY@GZD)qQ1L%3f}TuJt4W26w}L#fdCWD|
zKNaJ+<Z?Nbw4^8v_3-l1C9DpAB5}zY*q6e$Ue$#MGMlg<ftj#!xeE5AbkY<9x?#SD
z-{l?LZbN0jA!|FStStG!RE9|0l18NT$)8ta3Cd&~l3dS-@kpX!TCeyilmzk1&`8v?
zl-khNlYE27km|`f-sHFtOdK^3w_ioW!?PF+WT|wMap}@%7|^$OK^_y$!(Q+Ti}@wS
zyo18n8Tm-Xr74E6C0^Z!6meNQfBQlC={pvHxgb3iMbCiU$&f*1S8XIG$LcABJ-trL
zgc6P()ljf<<=>6{$rRkcoUq`|RH_XjrwmT)-inKI(%MlLHClWRFE>lHYBC*jl(sl@
z^cbyT3rS$_fO)HSkf&H9uiu<+nISr~Z;n=@XsNo<2v;A3V$#%>NQ*iOQ<J>N@1UJO
z;7VTQ8}XWJgJ*y`gGL!sP{!FOoU>3UEMS_W6H3$n%|FV=(76E2v^tg^iPCvZs`Sk<
zfAu!Zn>8Ez)-1rBaiic;p+2_l*dUR(Yp=`4r;nn~&!Zr7D2O7iPDo-boW5Qz<uF%=
z3IjbnImP<@M?mK2rm4@EOrtDosgl>YXjdDMAg--+#!Jdg%~9AhZ+1(9Pg!66l8P;P
zk4f@wXKkX{NB(49oxJYF6`51S3x%<<6Rb?Kt^orJ<RM>j2Ca)Fsy9W^JR@=9=qY5J
zKMD^L&X>&lKB}@BY@e}h2exj2zPKMb-X?9@pm+f@WW3CTG395foider5nn0YAzAYg
zM8Rn^siY+YVcnXwyw~|6L|VAE?K)BJ3SP@<<gv8Q8F1D&F>VWUW7y^~mbS>$au`yP
z%ScXS?41gQT?=I&V{L2Cdoeisx9-c=ErGAv!Y1A*1(N%JT4cOf#UlPWMZ`-O7#L*p
zAnNNI@IL#TW4QpbUe+4Ou4Ga>pLgu%j7(EUo;5x}x%9EWFWukgkL>?TO*K|c?T0P{
zM`k}D9PDj1*C|iFuu!C=klgzHwf|2GC-~u69J=-llUD7)S-LV$pFV>#`{=HG_Yk{}
zU8l80PwK;f*1ivmAmbL-$w!MA82=27OkkQRW8B#Y?Af~q2M+8<r>526QNT4PV4DqC
z+B@+9r^chFZ>8o^BVM3RsnXc@kb&B=aGbmIEUTML_};hxb9)CE^8qU!Jz7$5sRH{H
zU4N|nUOffx#aFiv<M4TZtT}j&56DB9HMA}CXj#)|KhpD#a3|`l;CS({5)W@n2NxtI
z2jTKPe@*v{mwWu+sbop|*cd*#?SpoOCTnbD4x<b`wCy_$d-rMN*1UFk6mz38z(&$Y
zrk*a6AU-J4xVX*0$e81%=oDs{v2-IXWBagY<8qWN>;X47C+ys~0eQ<e!P!eU@cP*;
z6tRfM=DquoLDYUx42^z!zN<884|n50j2t~0srk#JNu@$CvvEdT!gJCx1xd$29fxxd
zZ^4%Qux4ySj{*8|B&-+3|K@EezD^@dv4x7)r%smGEs79)hLE-Ni|3XqAlE+;-?e4K
z4zwG(5Vs#c!=-~85$byoCvOHw%7%<_VM51Sv}y_B+!<GR^9uIw--8;of~709+KZ-5
z=|Ar&g(?|~Rxd$<M}zG8)r+}-#yqJAC0wlALPDYijta&mRGv~}aOLW4O(p(6bL2eq
zZJelt>r3-fWer|?Zn7(8eG&Iibo67~_m7aaL^1K>dB9tk+vcIw*BR{@da#97x~-R<
zpk4dc@3}+80dhSix(Ghpjk~e`z&>nQIvXAZi@-HM&2&P66Y|UION>EV#PuuY171-=
z-FEh<k3D;K^B&!Y=_C4}NP&ECwl<^UFDzqOLeL(Z^(oCM*Zjm>4b3cJZe@ha_wQ!a
zVuI48i+t(O^ey^LNns3X*6$CR)cyPlB#`y$@D+^Yy&=%_E=$AqWlNB3QyN{qtIo`+
z-!6jh9rB4E;szEOOQ~E8@>q&D`J5Z$!$ahB3&gyBh_yS<qII`kC}5F{#f#UVRQ>Nz
zwO9e^4d=sSG{5=w%QwWxs5qEfSiy+Olqw|x3l^<I#U|}gp>STwg7NWVKYy#pSn|7d
zj^jHfy_E~=gQ1~;6nB!zw=!^1Z`JKb5=Ogxk^Vk^WdEOP%22OSGtBQc9PRr!qMD~O
zcC1?hW4lslMzZx&E2rUy*}ilQ9!EiIt@+{4%14du>sKMgswCQeQwz4{n%mUQnndfx
ztg&wOa&)gV0Y<d;ESob6#b!@|TP{nAH7yGd7#Fnh@Htem;q}j~LGANEMMX!Ta9g<)
zXW~LF3?J1Oiu56nh2F>HS!*zQi8hd0GiLjO-sst&B*y*H1F3I&;_k8Sxc)8!3mbfc
zkfUocx^HJjEB}JXCugwscp&EQ-w0zqsFImQr(O6(Mqv`ipnVRAn5on>2I+H9DaoIz
zr>63ggk)wwnp)+jbtV?uH?F}08x=OMT7c-dcx>Ny1mC(cmWLUS+Phk~NE71YQNXJP
zT2?54etkM4VMI6FKd=k8-bA6Sb`ZHvNh*~r;VKmwdfM@*Xcd&?mQ_#uPKZx{Q{nRH
z{!M8N9nb>_;r$T*^gL!Q+k=I>d}$DgLfh&kVAEg-R!<(Bs|V5_8Jj^B7lT<-r(jb5
z@8Rvd3SHZOhrVr^;LMKo*zq(DO?&r8;3Hp*_<1g7Ge*%0VR#iBhZc0lnH!rz85>Q@
z)lAHqI2w+Y8taMZ#MH@ygzIH7eajhi8NCd)G^Sd5Rl~O>tnm|FxzUWfdU}2*PCd%R
zwk2)h?2-m&c?^aP=!NfU7RTBJvpH9Vbd3mCXL54Rxyn5W>4DDkB}AyAr7)RE6k54U
zzmw9ajLLCx&vL9das%W0cY#P)Nii^m2i<#yZ}K4Q&K}HLcNlK@oe*>QE|x7=f-nZj
zFWz+yih{|w^*D%YR|eg->5?*%B(5VWE=3DEVC()nSiW!xLZ02klD+4la7$(Vx3ILc
zL&)tzn7{EfJb9kPF;<T5XxX{}W(?^C<ID-re|H}<_Flr24f~OY7Sg1or0nZayksTi
zx(>7F%*mz1g`scf4(QdsF^;cW2ANw0eBa1hs?w}uXG~bxmKN+XXwjfT_F>vDwOjRt
z{rtM<*tQKiH?EHTs~6*Jyg51#8I4T3d4>G6MOa=XxpRXF!x@6E9mkTb=kX)mnT^^G
zLHmJLsN!yd`M*wueZ?LaL)A2e=P5Ov_fb|!&w5!9nd0I))?Vt;{1OwPGPFkTHs7N4
zkg51VKOPnd{#dc?GF;u8N;F*|cg~=4{XUp=;1t?ab<;Mh`}~R|pf_yTunB+1c!XJ6
z@BwP9PE=^LPmIs%OwJViG|cSN2j>$V(W6y0`sJ098%0>l6tud@83XWPo8pZ~>XUtI
z-(8H246%LQP)uKc6W_P{26EmQqG-n_>a)7kmYlH<5l>E`_lVi3{e3qSvPeXao;_jj
zT?;;Z1I(1hpzU8{brWL{F)Asc_t3gU7vwKjpRpA7$V`5Raihk=o(pIBqWNj1put{}
z31Jo_Q$9ziUF~@DX)S;vTTRQO_~HCS{7A^l$2fBOA`%jl@aEZF?AUvdW^-BuxyZ%E
z#ln*@LheqCSjc+w67mxB6YrivX5v${BU$1&fb1cNDlFOZ%_T$4o`2VWp_JI#+Wt9<
z%4bf|&8s{-oh@<Y;(6S8@C*)KHL-O0d=$%TgQTc;h?kq8VS^elW$^u9DhvvLdjAf5
zn*4x<Rf^>_!Sn3wV1opeDKq~Xz{Nrj0k2=9bhUbLvCeVFxG<jOU2rheCKjk#&Ks$6
zBh;-?873T$ptDNJG(qi#^-!;AV_2vnar)G0ghZyI*O*y^1!yX{uC$%X*k`T!jUkVF
zj`NppL1A4K3zscI1y46ruiFr6CJ>xDa}jT%l^8gEG5XOZEFRwR@hPZKryd+EO&Gw>
zhoiY8Gva*c#$wVc&rJc(@+ey}AF~CM82`q4OrXe2XFUri)~lLTFA@2RltCS48#?Au
z;Od3*coh<d-a{v%LIFbrC7PgCWpBFS%ut6}fJStwsi+*Lsm)NI*>6o7*F$R1eUAGk
z%u3WiC&n0+^e&GQp0sdi3o#?&;}YOmsv5jJ>=7H6%B;frur#1M$}kV=Rx1yBj>*@W
zh77qi>Ncu_MwFX8J^*LVoJCZU48KfWfFD~`XG~otZk^eWNPTy-Zd6^{gY;=;Wd~!1
zsQU*5p-#)r=-9k2UeUUA?)q&goC;y_s@14cBrh{@eV|AVlg`QgC;q74u0O^M><U|J
z#%ZZi5%4Ai)hKrxGmVQ|(}^4=%y8Xs^fso?S%5-L7WCknqF()ai1WXV)4t3)Of$on
zg)7juh9|8<R`4p856@@;dleLo4g-dxnwJ|hQ|r(bng*r9fyY*XF_S`a7ooH!r7Gc5
zw;oL7tY>P^IJYv4ffDkei(TIi4VyJUz3Md(c;_-sUA~GpF{$`v+#Iy6TN2i`d6E1s
z7$Hh4j3oA5M)*UVzkC}qa}P`&|1;9V1L0h_G{<iV$08+Ap`<&NnoLw{(3n}u6_F79
z02eObf!v~~R6mXN9o@^KPK~Na2n|F8tWmpiQ79}OP^)TL)U4frFC!5+d-^P1hsL1a
zu!$J-Lks4Xq%g5W#(C6*C0+7r8UqAMNc9HwU}v6V!4!!V@;q*+TEGG)&z^^6K`$&{
zz7$2X-0Zftb~wCg1-zQ~M_)dpJ}joz&Qzq!<I$CixOD3ttUStK`KlEt>6(X7EQ!#|
zlNWU=mz3@|k?f&o>WVsy_jGZ{hj_{<iYj~WzP(Vkm?O@gK7spB0#Ko87c8GW1{NH5
z0@wQj%q}hORYdAKkuL=Ky_j)Y(3wElGF~Tj={n^-Pq%EEQjfpupn^|rl=5)KgIhNt
zw{l0lvW|F`VvV0WH-$Qdusg)qtID+@pY_KXB0ij>0Ifh$zwY<PB_JSIVq;^O7?zVD
z^zoX1ZtLH|B`TB;@xY9Zj+SC<%*@PSV`C#JA|EOtA0IA#?t01S;Zq#}-d%Be<sihz
zL_#Gqf}xz5T)`nw>lwo}pR2U63*(YLA4ZX3p~Rz!gMqO*`Qx0VeZobtY(igbziolT
z2WG*X%ANtOQYzkzp~P1b_&;Wh18{b*lY)AKu5Lk{PQPN!;R~qY8jtdoYvPBAYcQ~7
zEh=nk$yyf{{!TK-TiZA=w#Sl~N9hm%r45?)$JmwI(6WXH6pZ_M6Bq(>J4aZV8PPn>
zn1hUDyd~z2SoCb@YI3l(;=?RMddMUa!^eVIWRc;#QHj(j?YA-ija5%5box}d^y$)i
z<+~cynNhdW_a>TF%!>$t(L|+HD5*luQY=SO0)Z;IjWI<@sTnXa(kJfLTRybaaCCNs
zHDevLE*yQjpp)aGiT4u@nV|_>^J?TPS?@l6qQ1(lV(uX!A@K0<kle<9=OBgBtx<^o
z&R)Lqwsk^~PLPTg!Le=I!RFh3_@!I@|Lmmkg-b0$EdHPsVf7Mg#*Drla4fknZXH|u
zo=aOCE-Z)QMeM&_#7pDX5uzbpOaDlce@;5d@o~80y9>=aj=<XUx6!Oj{y*2iKU8~m
z*Y9vN#U6*4)oqaa4jpS&#oKaSacRYve`rMio8A6vxI~4L5EvK;KR-W$RccJWLV>fR
z*}4SrZbaPG=P7MDCsJfr9a%F4OAq)Xk17lg--aQBpo1Q?Kx~>l9xg^oY@ag$6P9mB
z3N2Y&pHQ$ub8K2X8uJEp!A@ERlGF51qk16L@7#joMz1iS-$2H6yvnw6wd_3v(?<>d
z<ZZ1`=;Pk`-4Z}*SS+&vMJI-K7&Ct@%E%v~W53Y|kB_B`=sR5OG#SfAR!6_Sgjg89
zfN%v>5zYYRA;W)x?;U?mjN!{BbXN?Uf<axIA@R)}v?T_X1C_YDw5%l3LLswq#l)p+
z(4~rp1{gF;9KzC=#y`SJ5_nN#EzG1lN0pI+IRk!xZ-O=UZdnUUeb&f~$AFf6bMpBC
zKUFkCx3LSUB%0#o%K*t@Y3^7M6BaH*tBM|!gB-Wd?ZdF2$G|_H=5#K$g)6qg>LpVN
zSD|<hKr`pe=)V2GSJuQOpc8`TMxX_|+0c<FQSl2To_vO~COTCngrQI4syG&AgpGSv
z|3+C8b^ZxuP4xS9C~J}g#J?|Ejw~F7Ub8l!O4o5{@-I==gaB%{YmGHM`@*Bp5qf2k
zVQgO#YX^7#qO#F7_V-EPi@tUV#Y|Y$o;`aeS)GJyPvdfwNoeEGpFjUgGm$JsX(_lz
zU_a|B?Q!a?FJ_MHhP&HW;qu)eq(#2O)P;*tymfzEx^^9FXO6;)^P92u<ZTR|F%O-Z
zR78G{T3EYw7QFJAV#kV!IC3ux^ET|ITgw-Ho0Y=Wja%_1Hl3ESkBNkDx|zg68a^6{
zj-|2p=xO*KKZsHeDcG=VD+*L;j3qQv+gaFPz^GXm+Px0r%7|c1OI8Bo4CKl<j2YY$
z$8X0l)p`rgoIH$<Ue1^_urH2W^Me7E!M6bqaPesZW^dk$69>1!T@j9T^Ec7mN%(?4
zlp3vRbPLt}raJDQC7i*d0LIK1GuGn<jz9E6wVE{7C&v+y{wYEgF4(;97!L2<gnR}O
z7}V<*_(!Uc`1U5c_xcIem73th*-O~H`d38X*otAZmO)J%q(2_R9}ZGiK_`L#X$i;;
zOi-aJUC+Wt_+Kgtb9;iZp2VYDm(iLpce?W5kwE=Eqlq&|TttT3e5HZl9~DHI`fYIS
z_5(tx?7+T5r*Qqk5mYVW^wGMyjbEPxKBk@gN23(3D3N+Dl(*bP{Emo-kb*sh0`_N%
zpv<s!FN3MXt?_U#jONW-Bd@iRKKEeA4UC{~VvOh4FX5E$E##}vfFPP@(5Y@Y6l5%f
zo09{R0UU@bUYb}xGF1QWXKdZP3RM`(5)u9up^18obz<7SaP54wsFBH3{J}HlVb#ou
za52}z+c(6_kuy_`QDElG$f{7vn{6ATNbyoATF8k8IJKm#>M<oOnpjpRZ@onCaWl}V
zMIE?#cw-z>_KQ0xvH92~<_a)KhOhzsm;&FTCXu%ZdfKvnMZ`rvK~kD<XMA)}?`;%r
z&GL1c!`oJk-3QJ|8FXil9U`EpH<~aQUQnSZ^sMmf)L&7noF}|1*Tej2<Dm??hMUj*
z@ZiEZ1jL%+o2HErPnjxgJkYRiF`Q!?0YtwS_(r;-lYmYFUzr35Z<62L6K*cV+|!l+
znglFuol&%?2NP`mee0s7tqWOCDxz!|Z&+o){ruMir|alHlE4>#IS^^VA5+N0whYE=
ziFhv&)AncGq9SJB-r5sZ1g;T0X&G6m^D1U%8ao!n@}(;=ckyye8qy8v46@GeUI|m?
zOoaz=q9j}@x-i8t0*@w>0iUa8Ove*ujk)B_hlI!w2IA-76@5&i!cv&<>N%z_9*P(}
zQ{;27#aj|F+vJf`Ib+*YC`AarP%LxDe2G-|BvSPt!vy6^coH8dg*ZM;v1Sl*38q;G
z2gML=N5p#A6Vu9Baw7}8Cox|&1EN2rLVh?#ksW7jTL?c8wR_63-FP*mIS%jkMg8W(
z=+Y!K0x^8#3P(8GSh5ewkMeLV=mATj^GA~hP!=1{4&$+K+DIr^SGaBE@(kp6E=DDr
z=hQ+3p?>aYJ{+Cyw@v~&3FsuClYmYFItlzI68Pc@n=xH+pHjvInzjgR|EonVqkB-i
z(B#q^B!!3+9nqO)ShR63<fPJheD5-b|1=O2r+7e6002M$Nkl<ZCaglO;|ru?L<XtA
zRFgB%a?HS=@z$;)b`m+ekXt@n-aa4QrtFb$gg!PlIgg9-yMlp(N1^I~S(wnL74i{H
ze(s<~IPgN14L~WB9DyCD$pX!4iIz5FQ)l8XCFAC+muOYZo%lJK5|5%kiJ8qEEtzE{
z6f;`+KF5^yu>odn%OG?~Ljp7Yy75PB->?D?QuVR8MSW&LWk><cs?1145)MJXpatiu
zj}Tf36XH{0VQB^@b4vnkx?u5|eJJ5*03{(pg6?0%L;ob?w=vemu>FqQ|L$FC(%76j
zv>(Coa@1|y82RjSGD81M-)hFJoMt<3;tbJ{mQ-ggaOj_D<X=!X;K?mqyz>y{YcxU8
zynoK}6c-kNgNJ>Q!51{QVr5XXVu|b-t1}XD;NU?-G6UAe#SM+?)?yM=_U^Cj3o*8i
z9L0;!2pBM4wh1$2-_I=73^yY=21gGZLX6r1O}}l-I)4?4<|~`NZa6v#{0~ati!V3M
z&dw5)!iP$mfVHr<x0kGIp91^)P`;uKZ9AIp4D{EQtbIc9NDO;Ie3|ALJ9{Z(zD!92
z;{_L6W6<~}DQjw?Vn;;!<IcUuNF>!wJTajxY>8lPX^w!~=dobHV#Lz=7C}ps2-ec}
zDY}xrQ;|wdj6o7({GCXxBGAvz9omS+JFe3G8%-*nR8f=P<M8Ow9ry=FP$AO5jtH0m
z+kz!fqm&y~PaTN^7w#~dHGq^Pqj4itiSNIuM1@MApucZT6PaDP$Dy6}ho8BR6K+q}
z;?>c-Tz>pIc?KMcR3|NqE3JRDm{9>!D<d&(#AMul`Ub&%cQJ9=RAlBUj#7mSp=8w>
zuvWgo?4_#_kxFc<D2{RT&se(cH1wD#B7jnK<)4uNZPU1L^Z<tb_yex_(OUZ#i^z<=
zaEOT|{X4Q94G`{MZ0f5%?9J0V7}&cTHlKX_r^gu|@d`(e9>$_6!^v&A@x9}PW&YBk
zBiOQLF}e<(4>FQ{y@hMu?dzwoZ|5fb(ytqyll1&!MMcP!qof)e^iwy982w{)blY?i
z&`IFykiZwUun9%X+S(eP<hy%85@q536h*j09UUDdn1#=swxCYYH!y^L7B!5%Az2S-
z>CzSfaw|~3^=PfKCpFBtp<PLkI|C=Tu7H{ulV<jAm^!K>-FulR>{SLCTc)Bl36~EX
z+JT-un`6+FRj7JtkCe&e=~)zJf!8o&@>0y{ODG6(Gm0#D;hHqy805qsawz757Q|Xw
zKKUo?T46=vYI4L8kL%i<{aCQGJtj7DM_F%2%o+O=0>bBG*$^M;SOK}FGO)(v`SX!9
za45RAY78?XZ6~H1V$j${XkE1glE@8bK&43PG;4zTL_{|<V7BO|LL`L##K!dvjR`WW
z)w{Wo^eN5Tw#1q<chT(ocCb>AvV|F-90hk-!zl3?S~aXi^^3StCXSf3XaPJOjhS;=
z7IWuM!?5u)Q0Let=#d)9(zO`oP9H}4luQB2tt<b41Y#q@5tEpPu?v?IgYO!_Fmp~s
zXwXZ%cpVH2Ye!~a7bWjw&H&>hi0uFT74%6*l-H5&ez_qW?06lnS%;w4o@_^jBtp1E
z#}QDIXWz-inb?P-0VST3xcyCd6rA$Aqj=#0QlkRD?QKXXuQ@~H6*zBiU&Al(9rC#s
zL0)_7oQ^;I#(v&~5=Mp>kb`qRiOBuYW0KL^=R=YF4hRhigTllN4mNoZ#dy-hbkgnQ
zv4th!W@2eMCto#bg!JL}^f?SI9Z|Aap$~ib&F^Zhx}fgLl>`+{BA(qXBq)tg+Peg)
zk8-NU5DMerljo2bTf*Dh8y37LMak<`2ix}6!I61=u;~RY)7+-L1@(y~H+%gS1V22A
z$~`t^#k^|wN{8dkD}ikmMh;3>;=Q>`7+ab>ANfy!(|6%vNM**mo}npRC`S?E5kgoU
z@oH*jkq6eaey0)m`@xeZ1e4W+M=|nBW?^I{$44WaFh-{4wy?J`k<MET<yE|R3BFVs
zVbG+7_&NR!n%1o%g;;zzg2=ECB$8Kj9<jmRHmbpO;=>xc-#Q8CB=9v!;BUiWOC+*#
zWMrh2fFQu*1P+@>Jop@|kr0rKZo(Mion>$#bI4<XL_S;+X~?p-=fg)lv`Bm#&i$rV
z)-Y$nfr1vTkigf{0;Zr6<K&VLwpON6+#2CDiBT3x>@ht_aTI`%fv;a8DlQ3Td^i-!
z?~K>apAwGTmaa~7yo-v3wVeZT+|&pQ4`;%HH7v|biQSffSFZw?2%v<WV}3YU>Eo&2
zYuNBX<iyx8!Km<#YzJmmw!}9xL|9ljzgts5qteHuhD^F2UcL?@NMj~()?86Q#Mcq2
zS|GuPzl(ttWn?T+I{Ao5jE~`bsf-d1<)hXuYH~{Q<-LoDgEi@Z4EeMcbSA>Rxo_4G
z^q6;sgw&@|)P`<g()(OlHw(>%@5Ir|hhd!_hFH?l*t-@$UOOw|unBk&p`0oZ9rhMM
ze2A)K2FPEiurv>Cyr4KQ|Ar#2vHunh+utXTbZnVF2E%7=f{Cdau?3Bh6cUU%N3WqJ
zEvT!;4#v1uhf&PCC?em!q-(t*)^Axt&}1uIJg^>p`wl~rg(LK7^^J~BK%MWpVB7M!
zkY&W8bNy0iH}5p=t{#XPTdtvK`C8b%V<Q~p@fh5rD~{d^K(QhP;CK5js`MC%B@+fh
zNlL7?9f+9!Dg-s^*TBV71aD^eL6JH?;Pkd7FnV8a$q`F>JVtkIiyfrdDqN-p68tXU
zbwmPz6H5{oaVq+EY=boS2DrF=0e=1IJ8U>|9nE{p!-B~jFn@GcOj||x0lu6$l2R$)
z<r@s2vm7J4x5{b%qu<ierAZa+zUmKmmjZ|me~F46e#MqKeL);i9NV%OgNIIm9TS99
z1SpL+cgB)68{p%SlP!06UN3C+GsCu}l-UP;1l~IgpFUe~*LN#yjWv5!sd1P!xG(1J
zzK&9*+!6TdDM3w}VC|aOaLz+c$&VCOayZ&HtO4H_F{ssj6n0D<NH!&Zw660lt_Ox;
z<igEpRzOK|@}H5S?+6>ybUgJ>!>@}MqI0uqxUgwH2F+fDczsutCF8@j`%k&%CSvTY
zT^Qb{p44MzYyg@!sD|O2@1R;?J87FLBOdd{4#dn2C&`n^7enGdCcKNl_AB>Mv4HJI
zMylJSlYmYFe?|iT8XPt;DPd_dH8q8~xhB>|JV3>^&sEk$8)_2rT01fJi^qzj0aJq8
znp^SxU!dfQLKmO2i>nmyFWSyf(TbO^5S$BSxgy23ti%L0>pD2)mlPl2niU?x{DnMF
zfJ%>WJ&HC9dzO@xz)Z%Rxw=p}V?ANzb0)Z~NGcF0-!cU$R``Z1EQW&agH?%~?#<&F
zlg9eSW>zRj<xbkionn02c?)-?+|V4J#kI$Cd<_2AOvL~$1o{=nak?yO3C!2RN+chM
z1b~keRupgLuKCTSu?jNm*f$TcV$Oc7S-c8$+D)S6jKI4D4wmdDjAKhnP9os2A&PJg
z0t8s}r%~2K`)XQ5Ghkuogp%Z86iTA#TPwqlj6k>PZ<N5p<6F^t_;L(hz8SshmBE3{
zi!o^YJPF6}(aEhCFmoejZaaXUO{*dz@Cn*9Zit`9EWy^9?eJswpWxYcAQns*0#(c#
zbZgm6vY3fGM|vILHNR!)OkBP68bfESM6d7b^5w<^o2CrIx-+kF<m5pz8MxpM`>Fo@
zKvb?)gJURxE!(%Cb8T<#e}Ii!_Q1oQ%pj=>lCl4eAPmegV(C_-4gCRgw;sXt6&ul^
zdSUnnMxl7IQW)N|8OH1lAaslohRxlCh@>`n8yY4x*z1=GI7|*jr*9@<!I-XCKj}xT
z-LwURy0!YWf|xaw3{qc}s@4&^R!_j=Q%liez($0O>kZqaNBFV#Ff^e{bMoMJ%(Dqc
zhgJ>Icf>T@+_NY<CQWl6etcdZTgOgsn1`|JPGkMSV`xQss=z1L@D1s^#?2{(m6Lmr
zDk$Z>#>8!IY;21jom=3{%<Gu@b0@5rG7649?J<6A540M63@xj9pl6**Fs|Ae`{s?4
z*cTR!>rc9=-YEa*Ix2nF8!KHLP_9mUI2Rv+<GyQ<6!r$zu0^x^`q)@cQHdP0=s4!@
z+=Xw*HnD8xXew`1j6Z44&u&ilMJEBB1pYw@d{LKZ?s<rX;*-io?ux(jT_{c3B9x|_
zUz)A&w=en=ij($;T%Xcda&wW2c(dHUNduS#LMx8S-EQvhLb=PN`yzMA;JCC!C}-kN
zTXG*Owuw1p=Gw2VCzPd+)&1C1a*h!V@;IS=vWTRLl;{Xtx_AS{T6D+gVeP<_RJKe7
znnJO5FF}Ih=CC%DNs5`4=TSO1*FRA=x7>5>(tZ6eO5obX%W$jQ0OPxUD=FN4M~sE<
z?ybxyR^r8-2Pj^x0e)&-OWK#WNGS~H-WC&%+`_A;#So^<i|wPv!kKZL<TS#zQx^~t
zlP)Q1!pE*64bJ9OtKe3?G5U9H1q;a=sKnhT_aI}OW8Y5Ac%739PR@iG60G|NlKDbj
z3VCd8V4lYkvlnecqiUX#G~E7BCNh{?T0vo8hBiOX!LSYur6XMOYFwLEw4Uoru2|s$
zw1Oq;MrDzJn=qSPSk&A8@I9=ptWdvUeR6J|lwOqhM)B#w`!t=bC^ee4fRi09@?|TL
zChP!Reli5Vyn`@?Y8>4%2dB2p;)|agaiowj)Q?6Imjsfa{H5~X+C9{0*%9sQmXVGx
zQmQ(7HE)1jkMAS!*=5vi*apdT_iBq;t-#o&2hqEAHx!<+6F2VN!OZc$!mYaznpp><
zTEjZ9H6SxeloCru4Iwp`hAQZ%Uxr}WnwrdT4@WU)cjU34H=%Sh>|Qwwc8sc^*<Rbl
zCqC6UbNUjhx9yJJO?;#}lO|2V72k6tU(XreCl1za)=5Aofqzf}f1ASg56<cTW!Hl1
z(2<;$oA%crb(KEpt{8Wgr5t9`a^_LBF;>-VN*#_IfWkDWD_^w)OifG>75oHm<1&%g
zlGanktNDi{(JEt1mJAcTrE5MYCKCn7LLthl*UuU6N%y;D9xCw>c;FX^63!Y+OJY<c
z!Xp4Lp<^kGpfDzh^oH#?vFKOEIgY}CUDIG8DBBE-QGmR;2e&LFV!oQz)pSG=JJH&;
zh}4I`3e;yHn7zHF=J%iYFWj0|cE5GEiI<poDo|S3#<=JxDC~?hE%Q1SFjtB!AX+05
zpbPiDaBKc<VK%uQ50r6Eq6o{8Ovad39;h&7R<^!5CM{Tlx~1JDD{}%l7!xy%vJ_WM
z%Le)i_WN<rYGaXv!?umH+@azKGoBa!J1;=ULRd?~&w&4%S1_{9hdhj@9XD<w<3Mw?
zOraZ9@n(XSr7cRAal?dh<4}}V(%73vFrO4x!{+yg2{TpIgh_gM?-gnn(YP~%Up+=V
z?`<;^p`FpQEY6!ybTvPvZMpyHGnP%v--t1>nnDGdZqT<c{29N-aZ_0j^m~HPDALxk
zuCC}Lpp(GYD}ld_{Qc{l^8fP4gcFw*6k#R%z^9|J4hlE#|Bv!_lE42qBxvtoj;+gP
zW6QoPh!IR4<HzC#Gdoo>E3|CW45#<3!sgxQnY|p2U2ErI?xxH5W#U{ksZ|j%jIkQO
zU_BBOli+)B3;OjQhy<(rXhG}Gj(Ib%ao=&Y8$OrrR1XaN`6rxx7zkHKH&iR-f>rYt
z;57-m6PXn)vIoaboejqlb>Ns5gau2M;>fX+wE86D1%vscQjFp0?)tmph>!5cqD6}d
zhjAD$Uj-vN<OLp+aJ&??N1=>~EXA4AW-w7F30IG8!IE|R7~`3NTC}D;xv&e1S8qq0
z$`w^gxnl90nK*j!4hnjBp(JDMK2@GxI*M8I7b7%YN$}??I70bsJA4Kf%+_vNzXo2M
z*@Z19uTgO|#N(TnF#Xp_IB_SEuF*z#eC`ldZDp+I!K1kKG>Ec)hikWjP`ZLQ;@{lE
z0)`tLJ$4*t&)q<3LNu<DStXyRH;R?Wi}gHThtA$ZTx1Y7E}D!DCthRxj5(-K!X2f`
zltq~`WwQUul`R7YYco!PyvfneF=zQU^qa5@nJ@Ok_n{gK=8T376S(3c9%J121x&t3
z!Go)(Fk;jgIQ#U$m>*l><i3qqzj-^(oxdT)&tAQ96%OuR5`lRdUA-%LE)Npg<LI$-
zh++WngPYf(Z{>zcrR=b1`eYov^aLTV?_m7633w6w4*I5f;X~4N!+#+d?5C~;-FBS>
z{s{^EUF7dNh3%g>o4P*#b_x936*e>5d}vtThk^DF@iHI;RhxCfw?2i50VYSo*6q-x
zT@%EG+{4w|kC3P`#^gDR(6w1*$&yt2n^wr9mx$}vZXhxt6WxbRz?lABm_?dSO0|73
za;<`In>K`<sR2Q#Ghj}DWXt?sXw;|)>Qwc{^-JgR_}L3&8s@>Ekz>%NQAI=r-oe3B
zx8UYgfr$*sgvp75jiVRJc^CNIbD13X4m<Z8guP24<YNNNyLXY$GqXX>s^ugXt(8+D
zc+z5b_ugH|3H;oxZF6R;X27ew55oN)LS>d8#^!n8Q?>|hUb&0Hh4RxiTLk49*#D^#
z_~Z_vi7O_Of+|$03crVUk+(=uSlBqAMwLov+^hxZ?1HFl-Nf6lNcc2mmiMqeu(LG5
z>-(2+;?iw$EEYhayv&Au_YR2)x?>qjmijILyAB>FU$GG?co#xkR0LuZ5>dH2*-ID`
z+p=j*ynT5cx9&Yfrjb2nEnb1<HHv>~nAzL&FjhA#ItAT+><L#U580Kjj@At-(lVxp
zYW13;s7pF7T)d9gZ{MLon?6*whQopYa2L)T#Y<XU%X<}KMr{P5<C92@Ra0`GDpO){
zWbYmXGHtY2netGQnl6$FQ3Xp^M&-)YP^(G_JbiqR2}Ut!-lY$!mT*RFx;bjsuEJ!i
z97|yKAa!4K63|KDvnB9%DQtgBmgr~CN>@=QfxkflB7XAUpC$S?2u9bWP69d!=p>+%
zz~3%`zbi}hkD@{T_KE2_&`Cfi0i6VN63|INCjp%VbQ1V|3Fs8I-<OYWuTBCw3FsuC
zlYmYFItl0`@Q+JCr?CCwr$9FVodk3e&`Cfi0i6VN63|KD_a&f%_4s}H==SO)@COo5
zAtX2imbMNsHPX-<{lNjBv0IHtx33^9#el*2<&lMIAszRcJee;;Q&FaPKHPg6h$>Yp
z!z4E+Rd(xYW(8h`+NvPD3%g`*{k<<rQaN2XaS?^9_`uahWHA2ulAa9GwW*NCbYy`l
zBXF+GhyqffB%vj8PvlQDE!w<vTLrJufSuWwd&f+U1&&`);dv+_4auzHUJz(dNe;_g
za2=sRY8<?zMkH}>t*q2&P(?;IiQkUl88bWmBh{!}iS>-L_7fuU65E$sa(hX=Z0NWQ
zLVsMorJ0Y7>2KTm6QcQaRm%M)`>=2Z-0kJKd|d?(Z@|Ig^ZJVlRpWlJ3f0T$y?6b6
zy2CHO=f&Myh>@A0Vkr$g&6n@t-_zpD`&aQc%?vdvc>Q|@tsChVm%!)Uy<farU4uFa
z{BKC$!oF3gP`(UK5G(7;6&Wt>U4upq+u><QF4AshXO8dkJ^D>uLSE4u=+SR1p)1}8
zfX*3%602s9!ouy>xJiZiqxxgbz8g8av%V#f?7ZKPeQ-M<8nV<#jOy_NuD_xN^A}58
zgc?6gRH63_6(+4vVd4@MTK%HJH$yY2(EK43^hbM*4pXDsG$rl?|Fz>k)@bN!6<Yk1
ziB4?yEEUYl*VX7VMuqynWZ*@(rl03jcpCIlV$NPA9zIuN;W{;{cUR)zt>4N#GFVNh
z6eY%P68kjZIY$qu(0G^<*Zm1XoNEwCF=~vQtHjfYzc!x@n^ah^Ps5UutJ(Lzvgw(N
zRaozviPU&C`b}2i;>+LfZ|w#Z799{Yb%5VJ6@FfrNigC690*966u~UzJ~(#u_4{M|
zgI_yljKSbvSN}n+{~x<guAhXd%eQ~A$-cUG7Jd2;L1^OdUlU)fLtR5(L;^a6?Td&}
z*U0}z3B&|k!@%w%2@MfV6#Xx|@O{(zd+4XW!oCwZN>=!bTR3p*6`D2s9>vNvz_Hz{
zkeAREqQpdm;rY|22o8(NIu&{tF=GuT_Ns^U#CJHlb3IPnc!mruwVSBLY}%->0Ib`%
z4$lJLN@|87fmn$dOTzYG1Ox^notB#1MUc_^`v)L4@qMZ#Z5@FPn@$eipL(lse1!t1
z)+(@foE*UqWcYDGW;U9BIuC#GQjM2y$kw4fIO{WpQ+Vd5CYY;6SrCj#Y7GXiR6~e5
zmUN^USz{y4Ec|H+i=ZN;Eh_3wDKzsDPa1DRNV}G+6D4($kyI$}C8@A`k(>a+3LIIg
zz~M=Hh<qx?PfIc->b8~pcwAm3F09kT_L+LPyiyOvOk|k3llwowIrM2H$B<@ntl1>P
z@yD4+q>?#mxeAr)sL<z|_bspHb~0?7qd;kA1woF1<W$OlV|w#8XU^Jr5Um5xDW|Y#
z&D=!&Gq=?^^+-+9_?-EMg%LbCfc(peIopU8OeO~b8ca$uuJpN;Ms5Arq^x$?|Cw8A
zoPI=>2%`Fy^wGnvDF!ghvWliq-p^mqibz>%i?E<3(OM{&>chj;c*8k=4Cyf`>MeF{
zUWaSMwG-5Tq9n&h;o0NI1Q-7F%YhzcEF)`$wj{<z^4jx9lsNhC6(vH0-{9rT*Ss#p
zfHWnIpu<WYpAhp7p%KwYAx)oPnn_NGML<9RViI!dYL5}0DLgKdw0)w#z<?m6QRcK2
z<L#Ru(xyd<AK68jmJC1gP``NTpM5<F9L$uIR5IJ7BRDvi3>TU?B*a8W<ByI@%s&2O
zU!uZ8@Y3&<#7nK+FSxP|j0~i)`@Qf(WGpZGTqQFl34YI>!jFL3S~4Cb*?W?bNJp4;
z%2d3_l9G}oHl9~cZ)5$|ExfMcviFPTGSgF$K>Ws>vkauBBqEuB>(YLH_j~pPey;<0
z4@jGM4Qtxf9;3|aNBkD;rSe8iNsLACTXIxu4w3!~W}@U&A*W1)yb0tw`YzXA&DZdd
zHwXv{MoQMrp23A9F)=xNd?}<`OeHjtC~9%e5|Xm7F-;5qTmN+m+yB=2)XnC<Bms3=
zJO=h5S+`dy*w|TevCuA8UuFP#OZuQm*?icydkYcrHEsGH-j5_>7j*c(9wMJz#1H*P
z6Iox0W1Hs@n6(V*HfVxUCCgyi%AGtwhUK%zV9DO|SoZ5+Tnb3W(WOH$W!2g20cIqG
zVqk~9NKMVa;4ZCkiU7Jsbg#}E-Wlb~S3vo)-e~x3e}b-xCzcXBmQ6(Q;w2?FtY?{u
zSh?#$c3Zi>2*tqE1mqG1EG&R(wdI)9Sw?&}8J^P0_U5S?O?zeH+o4J{`ca8yBQp>j
zqtU1i9aN!0*GzJKDp9#hCgvZ^5VXM>rGt78;l<GYmrS%8mx0J+CGK5Qp&skk9iT*|
z&Poj1kb!hA=P&6(twRf1<AIr|$G<lO(bbl~Cn_9$qQ>Z6GBhf!r(s!OA64qeF}AG?
zx39?IM=KkjZ7}9`EsLG4vkY^F>!EjTg)|;*d)m*zKgv<XNrs{G)aXvjU4*F$3kN9J
zMs8J!$_f?B;lC>3$2t4mP@z^I%3?q!>hx8j!VgMJ+LgiU3D~@eGU$<sW<!*y+AR}X
zE@oioW+kn;YFs&|hw<A4Kd>4jMk`T`@@!6-mFMvr&+&W-nQ>s+o`urJXFf7Gr=g>A
z)$gRluB(~Y&c04PP~+lRJxtk?0l)i7^rM0;6tG8ERjAuN6D>z7QMacO9j9d=Dwzxw
ze7?5k*uNW;$vG%drHc|>e$60*Lauv(MDs%j^@D$G1{MzMhF!id@bt_MRH;x3-!y9m
zpE9NJ{f}dKjcFdbT3Je;lCr6JM4cl0M#a*_P=&a9C5o58r1b}+hjwyw2>Q0DfwC1V
zp<cb3@bapHZ6}0P8CW{FHySmr2cHVX&~wIWEE?J$4I0)(wMrFGsX_&KdsoBB>#wD{
zx&JL1)RXmUp@vTx-Uqy|nzz9ZE$X6Ng^C1xE{Xp0c1YFV`rRT$TV>R2*cA0^RYe`*
z`8^AdLo}`5jmnot3-bJy_Nj+!{*gGdX)dt?IsU3u;Z>p}rf)lzt#oMnRtpg6Q9V(t
zWO>wWTo)z1yfA9fZfUo^p%I>5+=nV0d$np+QL<EJY&~&Z+86ZfIvV&?M9s$EqHc}K
zsMn%1UPdP3(WTueM~p!KSdFrE$9D%R)oq9?m(O9u!0AYji^LCYTO%+o$6EX3(q4i<
zm&M8ZZ=|+U-n~GBvL&!+$3+DD-A27C6;P{5Gt{kK2@P6x$Lpvh-1Xgt@-^!rC{A+@
zZ=BpL{SIfhzT0M_V!g(w%+QTyZGJ&Q&TWW*TW3(WTsbstP#fhdR)%-6;`ovL$)c6a
zlqihr-yS8r%b{|`awt{35pFzvi<>7mqC|z7c+AFCu`kiorvzFJTp*40)~T&1M|r;#
zbR++x<*QcM6#Dvn+yBppC?oHUT+4m)2Pab0H89YZ7B^8<pJUMbtYc-6lS)P`jG7|j
zu?C-cto9h)=f6b)TjmbI=_kPYg)>0>S-z#_dPseVN$8oOL#H-)c;O5lzm206BNh91
z9YE>YE#c*8!nfXJ1O<olq4@?Af1XHXWgH$nxQjWzw8HEu^AQr8j2MExhD4^J%g+-~
zxu7NLcN>d=?W$ytPGM$`@e4^yWnqd5bC<)%(-rYCad;i!h+Ra--#B|1E*@Kf%XE?Y
zksYANfH~+jav2_w<>2S0o*2-jJ01sfY#%8fila<%8O+FI8}vp+!g(d$nW=DasT{i}
z%1P-2Oxj8-Nq`D{7bsD$z6$48>*1%Ga+1ZX@rrz!yd@DwD^8#B<UEZ~VeTLqEK=m?
zIY~uMR4N*@g3aqf3)gyJ_w7t5csiawlOe-Gjpd{Ckk^75OjZe@HBO&QO+KZvZ&vLt
zRQ6`99jiv9sL`^P3?Yy8P`;fKt%qe|7L}zG6E!+DR8SxK?XkwzGRz-LZqgTW?4=cK
z+CUkK+UNAE?L=4zLphfeehN$AGd~&G64W@pSPyNzWLUjRjX=t2`UW+=YpcSwO$z)}
zjfxaq%+(vqP_HDF%c@EYX|BL?_Oq2P-G!57xV&Bu%?nXcKa>fz*8HLEl%IN(;p_V<
z?6|AK;;EYYP2FU4uTnv7DMPIiRIaNjF|e^dEg~|!WlUZym9oCmRWK@~!m$;4*fdm*
z^Cy8thbd!PQUj^)gz;r%=Uh1^w2<M*85y30<$5YB%rI))B)Hj`qSu54sPCah`%c|q
zTCO9`Ub=*>tEb`grfHbF`cSTs=6qFf4Gns730=C6K)s$*aPPr=OzP1L6MpJ}bAGXS
zc4-&3o)5*QL%z6o_d46BTX%y-$w`Zg#;M~M(4^M{%p2Sp%IHw|o_U0xBUj+;(Ooc0
zdWQ9T_vLh!^(~#2uyekz(0|reY+o@2w~y?^y(lLfJ#`iXnwG`ZxhoNuoPg0kcEyV{
zD{lA2@x5D+c>5RzPFPAyo0`_cM|c@$g-x5+!#d(BI`kZeW&>v9{{4Fx*}g7D_vwKP
zFW$G-g+ITI#Y=Y6UA_hP?%cze&NZ-d)^Z42nt~?MfalNAanN*JyLt|FOYr{aJ&5Nh
z0wa2NL7?0T$4{Tbv0WPxb!9&WPhEv1TE#*_L#6SEsio2i7Zel(2hU0vJ9z-iZ5%Ow
z$#S@A$b_ZY7p8(_mG%a^5Ah_k+_`)lSN&5^u4Fz8>)rvOhWT;g%y}Hyu@0eRA{jno
z9hpfq{b;SH!XhX774&QAT&EuJf+<+5JytB61oK?CgIt-4N3^o0S@_`Wg^L)_yec+r
zn2T`U7<*=q$AYcbv3$!>+_`!N-o`=b+GRML-Af`p=s9jZ@JGOlC%AMs0JnUPA&!^a
ztrG{3X;ByjY_v3N(iHxu{{83L(BC2s8EI?Mv3cPvtk`y*3(a58jgV1;N{WplGJ7-w
zi+{Vw<{rM_JB%T^`jm;Y5I}A{z06q5n>huSo&=CrFxQoq`ylb1?W!`<5FQ#rH%un^
zq{#uuc%V7cC*k^wH@w+?=hzS1(*6GGCGhy{ZVZ@z40E<^Ld61BNT<18kGzv#y3}m?
z9h?w`eP`|<KJXrnJ$Qo_o!SZGiS%}^$LmawFBJBUdbqM@1(vSbi~`l#;l{aL3@$fd
z9pMg>!O|{2tn=u@+L50`^Vb%cT!DOU`T0_$Kwh^(RHzJ~BA@6l6Gx+hR}s{2(H36T
z76=K8;Dh)WRMt*#b5cpD`?mQC)4KB#mmmJtLZNN{!%uM=gwO?gopEjxe*}s!c;CCM
z9DSO|arYUwUsXd*<#$A9J-FJ-FrbGVD+cJn%7}_rx(t1%Q4xBm!YV2!-uV=GNEcoJ
zElfr7%5dWb-Jkku*wH6@f!|f^%feiZMT2FiS(-0lxo$xv$>rtbN;RPZ`C-wj-I;s<
z)c;nFtE=?TzZv;DRWdByq(*I8lKQU5$aa5yc)U>L#Dj{ItI#*pw)SByDo<Q_Mejnf
zwRNDiue%&>oJadQbbZk>kxbW}of&ZAG~K7iX=$sY#<5ujaA5+0g&CDqOD15L%ivK)
zj_u>wYorX@kEtPafKMfN&~pWM%0kpvz0=h9V|_!K-mI+n$M!7p05)u2j7==NFJGwO
zN0;6-S`YKt%20($bUPoiEZn8SNtd&c8OP3ZS)!mEEqNXtc^ib#f|y-oa^x*g0A{8N
zxVjZVbl@#KOR~beDI<{2(GfM8bw}Ge72$jJ(r+wIq76M>o3~DHN0h=G1zfFg`N9R5
z<}V2I<Vg6QxCQS9Kj6^L)kq6`fQ@T5BH(R2jP(tr?lZ}STc&AuOdHw{g`FJe9#2Ev
z_C3(2V=aah)IiH><?;3{ea;`0Oqx_{f8PaN8u_3`jhb+Gu|UreBT%}8C#uyINj?g^
z3wnmDw_am7l~8Z@yeL|}7Df(gjR(iiAtF8nM&`DdwrC9+((?7}{7%FfS|P8aDaU^i
zmW2wzC_aSWAHUbLZQ*j*d+Y!_^CV*1`i;2uEQoW_tScF5sqp@$D~9xFi2`oLFnYvD
z$P(W0p1F)W4?{3&!hCqSxu96(dKlKP8Se3gD>^lk=P>8hLaYVC_+Usb;k*T0p&%!&
zo0}ViyH#6^ZHk~>;~F@=XAjcoV%)!DH;Pwj0Z-E?T)y)bqbJQn@dC~$QMDn4_GyCK
zN6#T9O)2%GZA0oO>zSvdES=qIV$IyKDCgx)BDS2OWO#;+ZGKE&I0hc>h0wm+53t}x
z8Wt9c&BxBbv2ZcSlF3Lyj$V&q9(eNnERswM!l$?cuHCqSdpCVy>+Z>S*$^sl&v5$M
z6Etex09-EqXUkvLg#JJz;-qP<TEhCE5&;jNU1Yq7Xrf=g7J;So(5F*9Dnu$ie7K-<
zLDmzi9gC8&0=X?4!onr>Nq>U47{op!K7_Wen1CJkO|gH^e8{Nri{(TbpQz98f_GEI
z9f${5Qut#mTfGWZ+Vq6Gc?#C8Sqc=Yj9T9Abd88Q@@%V_Ag)&OPfk+o6w(B>Y0(#>
zmu*LrDn<B)nue2y55vm49;y~E$e0)&D`cYWGwWC}53zL1dDDpT%J~o$20azWFWT0X
zuT27KY+f@LF-e&?v3U`WM+YJ%HW72i4@Y|cv1tEIxi2<gtNf+WthP6fAKZpQQMQm-
z6h(*HrL)^t(^R8x;e_S;k74TcMcBQ5A%2}44zG%Jv7a$(f&g7p$SuoDNnGO}7U>@1
zMiEZ}wLS^b70B;GZ9v+l0%^`6<HDWFKRMs^5ANAbcb&NAW$4(cEAly5Np=6|A46V{
zMuowQijPp9+;U}F+EPK#<IqG{oQz72vA*X1HnfzXSpz+U2QZe5L1?b_AW^&w+fJ)c
zt&pZi1@Ecbw9q}H0w%PKias*<6qPepPt6x4Dlht48RU%6no3D>stgbPRVZr1O1aAY
zXS51%Eato)H||rROl4pcl@(E9X>pp(B#IULXx(a~gqzj-$0jk(tp7YET#BhsQ6<OV
zIcii`u7tbo`}J~l$9tZNk*S&_?3zA=HZHbVFwSko6glSaRb$f*6{g0~B3LN{>qgTZ
z%LcR__{U6)_;HSk9HD9yE5H{=?$auRx%&~{sr%pwmE1mz-!sUgM)86<^~HYCX6_}2
zqGkLS&zTY6LhGTn*qLyxqH9`=Q}D&xQrQzl98Z0lac9!c?0=edn)SJ+#WB{>oSdbu
zcJ!BL6=zc`-1{(CGHah$^LZBOBU6(XcQ4!L$>AE=v|}f}RM_F>fj#Kbe<Vx_dcrfm
zD^#4LR+M~N(0ZJ6eTsEHZ{D2W2E3xhW%FTCaUuoyA|^^k2Hn$KkmWp|n%{gOr(iM|
z52t5l0k^`=(suFB%FYQ21WC^meT4yxsSt^xf(c|9N}S%mo0ebk4ADbNj^E2&bDv3-
z_%D>M)V{sDAwg{p509cqXMCaLwGnM_?2h&h+Nv-oy_+?kSIM-RDJ(5f(A_b6pOw8c
z^mu~AJUCc-i!|p)D8HhJ^QL`vW{Ufsqt0Ev?a%=;w*P{Y=Pu*y)kkPKZY&IG;a6B$
zQCZ9xgO#1=$3MFtAs11!{fO`492gpy<0H2r$Dx9yxiMc9#8tzga%~Xn4Ta7)SXu<*
zg0XYk4rK7zZ=i34E*(3<($WS^8kWbL<GxVpJxAAm1MzhKdK})e2Cw7O(Yc0?)Ykv%
zzpPc_%T7<6I6=+u`t@tPc<}<EG>-~}O?yH=uQ$3TjErDtsEHR5L5uNJf-+L#By;oA
z=dX~;MOjaJJD~efAx9(w6d%!K{^Dhzv`@i@N?dF-B4gqa8JWbtXzAn&i=D8D1-^QL
z2ag^hFqq?Gpp0lr&Q;#n$e0#Baq)>U81rpev*0RdMM;T|!3zdmK6>&5VUe-Y#hF3e
zfvBh$wx7s9jx#O+a$|ceU$+I#$=R3Aph#f}QPTwM|MD3gJba8W^7<(Z3?!MTm1&5M
zj^%zOLV{k>Z2pL@EbbRi99{Y9B;fOXe~cgg6AC)oz~0(MdV#RAuz?vDo(#GN5=2n!
zM;-)!ej*CAZPSi~<VTnxwgJ_fH%EROKD@Guc)^H$`y7kc9>lQOYjF4RGx+YDk9+6$
z;-+69UwU$`A94Tb(Y^FxkzS^_(ZGQ1iZ=x=u;SsME#jM+(d)L1q0u*Sqm^kpcJJOv
zSIro>I@zP3leM<$d!Jcrx3n#S8I-ejs8QI9iWXnMgkpA{@lx7yp4J*mTY$}hp@9gZ
z3sjVcml)61iCLSBdowap<JZwDOz9}c#w`r&f1b%WIa;$g-e39vo2KhwBa<6E*@lA+
z6+ph&iHAk5sc5@{JKc`OEa<+Z#Vjl?=cOo;*1vgF(n?k$1cr?qbLXo#Zt+0VjMa)3
zrpkph%H?m`Wt9aBRk+H)`voKASUFM;=22AImMEFHku%rqLFE3z>1x{(pF+_Nd9B8l
z3slsGt8sIO0-O8Ma(GRKSIjJx)~T$Od);w0;%t@hUCa4TQlKiwC-wLKGgvHT(C1Xw
zpHLyuL5Xv8A#a$dKowD6m;_mbvX=EOEd3T^vElPMHh~sQzbrYW6RPB?3QkTM3!HRZ
zuIc6aDz%|)NL*9G3hj{J4KXoKaP3KuW`9Nmd>`C_ldFpu;%|y14;q;iMpl@)ViR`l
z-i1v|W+1<V3tV0DVCmXr$ngFax2|2l&K+A(p4P53KKQjoyj<iixeW&&9cxzQ-1mSu
z{kaVT;=3^eG}WomxODkOcJn6=`ohTG1?Gla>sdz|*Q!U$ufoI@^Ve+Sy|WAJ7EGn3
z)R}Xp5ObBwhu7nIxCM?~zD4804)khTiUIw!lCh5P(mc3!2{DwvC=VZ;M<}(;ye<yN
zWH8~SE4MW}IM@?(51Tl;!rs&r%EWZUCyQ&CnZH-AONIdPT^b)HZpi!k!&0nLJ(O{`
zBERkkglD>-d6Vk2${9h)elB0Tn^j$f6Nk^i%qcJIOiYo<XLF+P@w2?Ra#N$kWz`gl
znK+NXEgB<*R<_dp%1Sa?NUdp^&F9$=+jnfoo;^D;^2fH6nH{Xn^--yQON3n8j14z~
zP_^baXzWuEOBXFboSqvhd*%IYH~&LhKD@2}<EaUyEHE$-etv#bR5VwY*k)^M%YaZX
zNeR=QpwI10#E~6dGZ~BikG-n^sOo&*&%KxK5KuxC13NIm0I?@_JDpvdHFf6ZjHz?8
zV|F`r*6c2@P%J_v1(lGH=3Xwh{_l4#7cjQD{oH@X_bK<D_|6y4Ip?0|y!m?!Y}6@u
zL@JsBV&N6q4Zxn|^Wbc(#I8lNFlWPl!Qfa$jJ#~Uj@Z5Kdn_M22>a*;kP&5X;S+})
z2lk+<eiXj?aty9Ke8OHpgtv{ZBPQeLSySKmqrt|>?CI`Y+>7DkXHr6K(pk_&sM52>
zw=1@xq25FE`)VeVvorDSnBKTDU>?@b@W!YS{m^&%Dh%(?3`t?v@%7{h2q3i<lLD&s
zEiih@5BO$8cSxVzL7#r(VMlK)ArFEfrJGc3?ts~Aw_#ZGs+6Exd&9jgUcBDFiGT<l
zI`^eNZ65_M9$~|--5B=G40LK(5yw`|!oZ&|Q3CJ_aI<-xApPBu)ob4wWyRm%Q4}z5
zQ~#ptQ%%NCQu1b#5UD@8dkKzR3&+G^?Gb#DY=Lac!^OdtJk_Ly*Nz^&ksIN{4w48q
zsf>1Bm5PR8Xk-e*d?{8eoDbJo!%$G@NyjR%`;>W^N$EBo*l!>ftY{0r9)r-UZEYOf
zumaCe9ph%a{DaRPm2#3^t=|sZ2~d&R6htI7$TlWht5Hk^D?z{7q!L|9Doi3~X^(;5
zLMZGAsXLq26r=jD8VvuQLWB5_lLOgunUYPCvo%Q)Nd2ZEkHy|SNu@`mW84BYE-oTz
zT6yw5olRb;9n}cBroq7oa>D2;hK5LnjNPV1Gc8_Vwr2B2it)ulpw$=^K5tEJ=ZSET
z+D$iB<Io5_QVohRvX2H+h#bnZlxS8}g2X38qK<1&uLVh*EM9)sJx9(Gb55u+eG<i7
zE2mXs%^xH}pH(8Psz**8elK4O`GsSnpAq_PqOmdHs0iycS24}?z)?~YQ=gwV6XE)G
za^$cfDGN#UtjI*?P=E+0Tc}Xgi6oBqL|C(z?9CEY*nXL$krb;gAXFv9z+;j|R-|Ny
zt)wAWDNQfaLE8H16efk$SD1?tNQBJZf{5>BYS%{z8yXP3cc5}LF*=mj;OqHnr1VoE
zoTQmo64lsCc7gizP?eF>OG%8SG%pgQy;Q^oCNLE%uyg4=H2QfGdepHatw|pwOc;a^
z`c1taXN&{1{%Xl555gQW#Bbi^OH}xA2R`rK8G|~u#K~P7aVg6bgQrYEjS6M3|MwgC
zdC?Likqy|Uqt_sDl_Mx@7-=;W^x|H~aHw&1ZOaQi3Rz!rTF<8^#;c`dJw`U9<cU~N
zI4Kpq=;!3*!pfy8diH9Eg%gKEBAp3M;$18|MSpwe!ool!cv|X6U(23f!fEC2=+nIm
z`nPM2BU^t#pwa<DrhfZU*EVG;kwo(VRxbI8RKD@pzGX9>OO5f{#k=GsEk;7{dGzi*
z7%l3R!P;eu(W3VcXy(}*ow~HZ595c>H9sAS*qiv}(gUpCzXa7P8^S^!k8vXhk$s{)
zHm}}@0ux8!CC8kCBW5Q)#gB`A!u%N%VQo}Q1;i%y7|^phhJLpR-UDW#Mro3JscWH2
zm*$u=W)M^v(~uW+9UHGjVf~>ss8*5g)4Zn`OZ_yfVvS9!wnAxDR=6&hT3SjMMagSK
zH)%CV_hi!Ims_@;o105!8P*s#dJx+7{~rCu>!D5=VEIprQM=PLL4sScW&^mE*26=U
z1L{_Bf}N)?ag9B2_x%iZZ!mMv_4hG+OQuYjGW%Ukgb|S!FJ2%tG*lo#Y@Piv!p2Sn
zBXAB5#Uj-|?w6@V6*#(OD>6&h#gMK|ar?sW*naRNy!uYTmUTa(rjtIssjNq>7Tr<N
zI0at}AB~#*zr~?#zrd$j8EoCK65<MtF=5mI6r?;vs-`NoZlU8U*kkX~aoBP>0UP!n
z!tBXoV3HMv4F?0!gH$|*FCJj)p)2UzZ!pSP$gy$rHq>s>6<+Sv7~Qu&(w!UQ;O?FH
zisE5~`tQe$P&vMwG#p;k=lOHDF@DZ64Dam&6EQsmSFJ`(pDysKL>J(|t~mQhiPf97
zV+MI4i6igeC$e#<=F<_CtrS?cd<mY&oXN;?8zv0yf}oSTap#c&{ra?nNDy29F<N}j
z>j*FjFMCPQD^vr#UgO<tVJee+`ps|JtT{?so1=h21}IEy(57`$nCf&h|3g>$#@3`h
zGJ|ccHW=Es1B~fG&WeT}MoI%SeD+xfbZY5|h<kx#*Kr5gDl^Pox>``-OQpGRt5F}d
zD>%ZbRB5D;N1bi?x~S{!STrIdGi!QK8z3<u2_8+nVM}kz^}K!HU};Kq)Z{^`LVa&<
zRIOHvJmDJPLC_Thheo1Yy|&n}b}`B`L#q;n5fLe=ElXL^O9>GK32B9zG!S9_S7OvE
zD*=1=XzZa?sa?DcB#;f-m|-G(-h@aF=}mknz;1Lb5F7&`(Cb1Xc~*vE<PgSQw9ksj
zMNJ}U>6s#wCj<8Wz7jlt0$dIz&O;6cbH@_#t3aj=L^f3P3~ExF?AJ&n#ca|_{*|l9
z`XXsw0;yDqP(FJ>p)6_xi^*oLx-*TF)VFnNiBW~reRm&Hore@Wmq<@HKaj_(gzUbU
z+O@Dvs(Xc0jm}kpiM=S$ERh|yuM+iPPLjSfA}|fyY0f11VPl|626;3ekD6i_({H1a
zF!HQUzmrs#z2hoLFxu8f44=wk+zth9k~C6Igm)IHW~-Oc6NuIGRFaO6)~<hR2^56I
z)et%fCKTW83z9nKh+%CDQdf&mse+i!5&izs*z461p?NI{@-t|>R9|eSt*^)y!-nkW
zTGM<JlF3xPV_;>?(l#91wr$(CZQHhOPi)(nU}D=gCeFmhm$}dVyytvBckQ*;?$xWi
ztLiFToP%KHzh#Pl{PaL>OuQ@YxgbHL+X9}C9F!-w)bGrc!7U3+`MobVk}>ZpIb#O3
zmoL~PX0*ECIgi><z$ulLK}bo9cooZSG<lsn8U-!Z`>>H9g~Q-J^-Z6sqp1GtL|cv?
zhfdYH&{LV-XStGc|7u6f;97W9?WT7f_FQ3N2(RVLTObiFGOKOCz(^na?pTK8I0%HJ
z(>p(?2o_f#8rG^E+IC#h_eALzomIO!!ZNB7rjFHOY5w&3M@O7ykEyjserYFmjwF<%
z;Bj@LyLC#DbxsBxMkaUv$VzmV(neo`O1%0<UBZ?gAK7$v{M@f~VOfFlL9uJgEhM(X
zL=z)juuESaL|=A@HX*$Jf>QEjTMg+MhWV)<6t!2b22_cAk5k&CWGyFccYXoUl%bOh
zuA)U&riv|!&>9IMx62<C9<G?Nsm|mHxTSnr3CCq3H$lUWsFH^joTke{Fn^Y@#M0o(
z729EqB(NWNvTOu;GNOi;wq|>qFvq!)Ue!c13v4L6v|EETC5h#+l1sXgu)j0cn?a>_
z6)RY_bil4{w{neGOZTmMRf`ikkMGy`jU>v@7)oDMt4;z=A}opz&x|M8l`XpLELMv#
z?<G>L#M~TdyUx4N0x~|r0{sRuo3Fzlb@{O#vx^=|X)_DNg3Yc89A9Dsq$6Ua1<(DA
z>-WR!LJ9VagrPN(F_l>V#63?|aaGgM3b+7%y!i*-x=inc_y3eLGb5`wJf%IsMN`z$
zTF)B&!+#c(*p!ffK==rwO{clK!IhlCYPASq=5qJho)QZ~OsWK9y^iD90#0o3rgD3a
z72p|eJgRVq<k^y-MaqYvC+jPb>4;$Lo3nSi2I5(QW%TY~^pe{$il7MQjKr<(<k*{e
z8eIR8#_0)B6PRwduHhx?lP38{jXF+5$cD7BQrG+Ei3t(G0W%EId+z=2Wz~lV;G3_)
z#qmvnV3syrpqMcM#(3%Xv;!kD;l3e*8ck*xPL&;pvlr^2BH;BsW(;T#p6HL?sEOiN
zvwBn7MyrLq7z(iEmrH2C=ocgJiGHI$k~@8V8+))@fsJfK*ZZ2#E<RaB7Vv+>Vd_86
zhgS97+Itxe&{EPRAy$S)=%nwgX;OKr@lBh$*^-jY5A<#2h<x6&ysJP>X(M2MiQkzj
z;h<>|g^wa>QlOx^T|$WzE8GeNVfMw<1dvG5n1lm<XfVIAxkWOc0}nf=y1<_>A_?^D
zU3egK#m2zQoAseZlcpM+S4*1V%&ZsYp;L)?onVy0vXK>_g$}$9c!xWBI(_GL8a~9H
zTxLIvNTkjpIT|-=1ylwUD>Uc4q+%dcq#!eTKKPmZz`P`qG`Qj0HwubH$0pgRrS5mD
zoDtHtw5T0kq#KBv(#LS$>)0I;GNvRz8XWG^^I6+m{h6T*%q(d#m@o+!2{Qi<dr}}C
z%Wxt&MzBb{Alyeb6Ecc!c@FyS@&H@Tmldv%cZR5svTigZs|D%^XsB~h_B|v9GFqOB
z<L2Y4L!MPnL)+96^S8P?l0%GwEZVQnd;|jQ&gPWkRTh6HwO4Xtj%%Kam^IY?i5<ZJ
zNSOWo{oTXEdvu-SKh084+dEaCD=irq-yDn|s|=PPZ^je;a;tjwfgc>48tS1Xlphw5
zmkH-ws>XegvAC5617Wm5(YG@@zLA{wR+k#xe81^G5K(h3K@NP$*45_gY6*F1O)@Gp
zSltmzipPSiUv5Xe6D8oI_|5w#JIOdN@X%^7qiu|y?c(4hWPbFGhi!|D$pv|$G2-$x
zaT>tEcl1YC>&fwa6lUh@sk*<;O_Z@KGW{mYDzhq06R~3!gi>h4b<A%_EBJ8oI-J#J
zdK*H4v2&%pv5)K3C+N-1|1xAGLuxdRJ7i5=#fOz-*AZjVqhf(&OI~U1QK=Y=s^#0b
zx6&r9{N>nit+6-D&!NUX&0lpl+`2O~+=hV<9Q}!YKwAASdF<cDXI*)X(fVwD9Gb}8
zWF&5)mh%H13J{Yl?n*xQlu)Dbz+G;6yUF=!8ZxV);RbswU9R7(R}b~e5HazF`HhxJ
zGkru>&x&WiX-K2X5+4RN!vn<!H(A^-692cISXL7?XaVqD_hMQ1kS68x)%lo&n@tok
z`R~4(Y~*);-5^4K9HhlI(v4->=rIlMSeHlSGQW7V<R8XY<yQ{PP5m<m>w6e$ekWZH
zt94k(M2+d39sMx!u~Vb@YVuJ6PQ52`^X!dufk`|DMz@UyM;4-mMq&@6Z_S6vf-3-D
zzae}GAnGUDSUBOY`w@2`eDWb8WGGA4;3i26#5sR3;h&K3Z5yI9N4v9#lL48y3D-%@
zrn|@e`o$|V=3G)-Hl61>5yR$sX~8QSMXG+m8gFaN^xAa@5p%hN%#21SuGWnaM~7-)
zE?W0SWyUXVA7TZnq*Um5r^etks*qK(#!wI-3`TMc-{XcRomMLXCV81#mgopxrN57=
zq){q%C{k-uOjW<kPRbeuRQ6<F%oDpJx&A}!)L`^7mf}a!e(P4JKeVEJ(wM6@wWtau
zv_hp1?DKL}#1wStUhhkm2OfUtpECK8OOyQgJaW)>l2e?il0)cjw{Ft5cg+40W~2Y>
z1)$`EFCIYL`#l8?AfM_WA{3V={bTE2PzOCO@7$y|F%fI4s|v4~XC}^qf*h8*;?v^^
z_#91?UK{;EevJuOVJ6LE&&h!8sOaqk3tZ4n);3mRbTd?|syF>zn8dq1wxC^Etby*-
z{DWtzgE4==1mZ^%yf48Hv+yFmo3IGEv{H)2T?LNbZBRZ$pmV|FKm)IE)sK6}<Q*$(
z!9WGt*;tW?a3CbUE=G`qA<fID)h@&Q@_I9xD7?A0xd?@HZtW}TMlTGGH$3W&u5YG~
z7JJZ<SmFZYx9ybh+<|E!6pZ*;@leC){sPrpZ4iR!%T?6=T|~%_8b;~7oS&u6O8At)
zi0K`jAt-OiSnP^y6%2QLge($pq|YOZICQ6>Q14$+PANZ^%6yFQBMDej4Cy=NL7WYA
z!>6-w_?LkHX1tU~=UErpzf<@w57DJu2D~K!(n$*i-peDFVT*p3Qs3H&rV>Y5qTcap
z|7ylV%KZU~0ybRF${xzXuFbI7(n6}uJiIGGG_=mn))qoJWNi#KPI)tvAjG(GPth79
zY)P)6jgdTs1Ik6RrYhz|)$S1uIwMHj7$N6@7JW}cIaw{G2x99!C@P+~)WDiOiX1_T
z-b%twEez=yR$}?aU|gwJl7eK!U*uR$!PO4!X?+SQ=}<#SmcZ)?@msp-hKN`^VOulv
z1bQShT^ll&#|WypypTYdrl2(jub&OYWNv6K?P6^-D7MQ~PXS5KS=t%{lL3x)e)`7}
z@#gBYr>8f_D(hnbH}2rpCVXB&&+hxt0*Xg!@sNL6`H=?Kfpt3jGtfXM`{w}h(P@Ll
z*)~F+eP@84DPED<L<NWRsV@&ya9FonzEs%I0wqYmiUQ1~61@JS4Or@kNp;@#QA?!{
z@IMp$tb+J#kPWvAX{5x8jEvleol?^TPO<UWY9h-K#z!N)wm_aduZV>ig>5X=*Wil8
zJ<r*{UEpHaX+>m4w3<Y*61R`kP)PPfA-1ex_-GhIz_>ra1i=8$Qp)B^rOngolv)Wv
zq9E#<>c)Ur*w0LvR|~(KD`6A^RgGtzED0Yeu38~g!DxXWjbm$I14oV=-S3-OXuQ^y
zVWm=R9u$=d9Z%k`*{gF<9x;fbFyE(V5$>qSW`s;sI5`((&TZh~<2BS^W-SG;3~yRP
zq2a7YM}k5xD>s&@d}3Od;)|(~smMTAV3Bam0*A@@LUDO0w8t_@Fe5u~3e0U-VHpyb
zg9TCPUpgNzFM}AQ#Krjobf^ez5;XlsaXK9rV)9kvpMJHw3cnzQ9f)Z<x*&CPKe^0=
zs#(1rNU-Onp*HDOL1PPb4-m)(<s^i>Y$#`I@1I=Bodl?<LU5R#44Jdh5<Wse5B4(j
zRO`N?;J2W00RNeFX^`#qg}_?zz+!~R7kwyVp^n0q)A<_99!yCpx|kS6sN8*6(zNEc
zD0YNEFVa@byQ{_2q{}oNGh+oN{}-f^LoQ-RQgM}A4Y$#(xD~dcVdYzi$~P%((vHLE
zJOCidy_LB?Sv4FlZ*n%-oEYNxQi)%OfJ%){hWiSbofMX?$n47R9DWpPIQQX<k}jzt
zxoS!T$0yLx4y0;OV;y794N26mD@g@^5)360&jjTh>9VQV2kgdsPRwLH!K67l>P>ma
z8}a;(Ai6OgNJ#}&mfdUjgLfWlhwS;~dLPPO5~_1UhK?@sAvU5mse*6rPFgt{tVxIE
zGNoTUZ4$FG<LC~|4Zr)cN_045`ROZ}xJv``<a;Q*yg=ROG$T-(!TCSYo#pkq_LYtP
z)g&F?X8?AqJh~X4b6jtysDNgIJW>S;p-31DF(&-g)<|`Wx5LdLUIdbz@m(OcL@d<c
z`@`EcuIV#GyFWOuRr)utfdwXqBVeYIRYvQ8nX%8GVT~Rq#NAE2KzCusj|;zIevZI_
zl_CmN)rP5J1}`ETB&obs+YhD)UGClAzZ7)1o8T=A#BaO}Sh};j5n?B_cbgKOZ&dSs
zr;PF<X0%I5$@oJHhsz2?_a!5GTw<}!<b~uk^$e#m7aX$EirxPr&``S>PPI<CEQ%**
zt6d8zzSu`Ec8|ufkNrna_+&%8TO+l`Bh&Fw$Mt?81I6$(<g2M1ns~2u?2z2sTvArQ
zd3x`j9&j|a-xuQed#!eRfu@Y%&YG`F$&fvi;I4IPCQ>c+PlqN^V;lCrKUm0Gu1@1`
zMwh3HqtvU)M=a8_sNDvu6hg(~k$wI|tPwJHbo<g1QT_<>;e~>dKFz$)HL$G!w{F}q
zk<7}_3<4B2g#G0N1y#kB&TLGz<{CBYcn{*T-huW>ZkIn`ptQra(%aR(QxKGc`1<&U
zL;W}@=EWwO(MBN$py!0)lku<i(-RMnUey~3vEPH}Qirf0d98PGp~OM1I2;QU)g=hl
zeF@|6bm6aDEx(!Q%1D8mKqp4CEzxP7qzv!hPSC=|;$-t@$K?%&8%YBmxqjAUl9Bn^
zZ6ya9#<6Cb$&Sh$2s1txRQuu_LR?%TPX@Ni%)moIX9W$L4)z^tOi9-?2NXXowi#=U
zT}zn9xVMRHZfFKpQ8A$&QK{o0b72hfiTr1rU9dnM`ulAa6Xy;f96(>7Kr#M`ZZU;I
zCNZFaaqZq|NdY59&_{!?{_h~t;cg?5v^_+e(fdI2j9y`6DF|F>&`)?p_g3eQdy9-V
znh(IF3S_Dj&;}n;lNgLcEHd6$VWDqwMzfo-LLXDr-C+`FYpo6a*?uG_5?bmkDcTh&
z!K}F<o5R86C?g3`ESy+Bfbsg<ldvB|4#>)Y(FC+8SlrYini9iZ_!=WFP_GbM@8JJE
zMm(5-vg?0gqIahfU*{3!D^e$l3+7_>Bu<#7sC2IWmX<r+DRxSmmI*sbx#$>4kX-HX
zgob<F5h%g3t1sPM{EZ@gz1dpA;dDfKmdYOfWv|^}F$dIqISUP+#9VKFPDfIDBq$bH
zn|jDO^*S*%6`a^kYsHDVcWbX5b;d6<)_YaMotRrycz906(dJ4?x9K5rSOd`R$)s|3
z8EjQ@^xS2wUcFh5<?Hn*T&c?$^IS*?MbX#F5HG}{8Fbv$<#VFUG+QKX-al0YoqL>0
zQ1nH4*5&-qvt54@5quZfjbA*ud-#~(1p0>oL<cKZs!$T15A$2^_3%mwOQy39t69u7
z6Ap^RY*wxa*Fdd1V2lHSj<>Ib+Gn*|D7DboZFPmc8NwUtZhzBTd<Ha<+&Hy5i)bx7
zb1YfK(!a5f6m>o!U}gm@>xvs%*y9)TOMkN;uusCm&W^62%drhBNLJ4lNUJwnDPitC
z{UMGzYddAb3if72Kl5(0kIyvKO~}lEd4s|$|7`}|R@tH$?sVw4T#LF-6y*3O2O%TX
zX?Xb>Tdq4DI7)B?$JQViO$KWq(twmv);v0k)?Je+q@N3%7)z}6#!{Ld{zbdp<^G?C
zuSKAspb#)KD@6!?)NL7Ce^CcI?w$a=ZRG&+M+Zbx`YjBf{pNl=dG7qZUU2~9dfx(j
zdr&!kREg}w-%W`3{bPCl^9_LbE<ECH$R&Ki9{0b3|5&D7_z({LkAB(Ud{F-`roYze
z_x&S!!4WyyOkT5llH>2;&8OV|O27Z(U&R%G;890vL(~8w78Zu$BoGQD3aDZtV`pI@
zvIpY=$i+`k{G!15-|KfF-i1N7wIQ=K3d7$gJ#02xaX(k=2>ED%TT_tA43+VH81wnF
zX<<X36~7#|-x>aYW5I{{?(<-noPbbWOduoKz_`Oz$SIweoEK)_a~4cXJ^;c%OUdMY
z@`0ek=L}R<C%XS+8*N}M@IYb0CEZs<7n4s{`W{Ua)sYz#*a+H6SA0^yMvA0W%Ar72
z5;adC72=APp(0t~)?BG(>&vFZrp5~i8jkeXlwV>LbvhIzY8i6i`q9uASq=}mWa`Af
z99LP+%M}$H-rDpkl+)kP@Tj@yp(et@#uzv>T)He8g8q2@e;e~Zb2%va35$TC7(D}6
z*c1S?&jnW+&<Pu|n{GcKu5p%S?q0XQddhI3oz_Rc;Z|TAJpR+egjq~JJ2qhf+=1B!
zW_`I?^fuZCBSWiqeo`Z1`IG1}l)$s8zO^8r2+G97bYO53tg=gGkk1#+*&1A>RtHaW
zYz6`O2Y|4%w2DI&fG{tkN|aA=sVNktZw!f)i1>(Ng1obeTOEv~Ae>N8QGNnOA<j}8
z<AT)l{lk4?PHqhOO=QBDDnnaykn>t21M_0AQiXt*78VMT@Tz9ko}&myBlKW>TT@s;
zAR!GcEeI3&%#5H}8VXp7)adxQ3_;}Au;-qw(|^~?wIR{<G$b~$wK{Tuv%E-3NTvXx
zBGQK1oK$e`RX{3XGTR5IhKx|@sB)0xkqQ+oUYJ;+pQ(BC1sBAI4K)F&c3kF>jl<rF
zS<JH;X69pF@K$t~a0X&9VV=9Vg$iElyC0T^6Ob_3C&b8^YXYt-{>@C2fmDS%m+N^<
ze)I@}?A&&&%;aq0iiC|07kqnS*=+lpM!Aiy0j*zPKKKm-6PxHkYmQ+OR#5Uvgg_Fk
zE~vY{%}x{Cl5WkezYBP&Tu%6C3XKFsQA^k@quT9BL`_y&VWB72>(fQdHH|P!l_J`Y
z>Fn^_QkIghu~5||GLGjBxu2TR^`6rjG^>u7xZTfyJv10Vpe1<wq5rDHe>PJ9T%h}z
zOYdU7V#?QxOEm;2)i}Lu4R!)rVu*UgB*Na}LC-hmf&o=15S=Ubz(^I&V*5;k&9a3D
zYo&aMEdfwaUZL3sTKSokyeERG&}+EOxNP|y$<+9Gv8^V-9vaA)suvlaUV9i;?8od_
z8{)0ge7*UbnTG0pe}dl@q1x|#l(jL?Fp>ljxyb5C7ZHA_u>Mvuu%}Cjw>yWIYda9q
zZzJNlkHVHl&|_2*=cfmD;k$_sw>uvm$#0|H75@G2Zt~^E;*}d!-i|NZ!h%Pc89A|&
zKf^iP-f=1ypN3}>dG`c_ny=5*5mC^<Rqc@Ca5|-o)s#DO!x9vvi1hyFK-q;z5!ua=
zT1_{(@Pn!llw>OXf<i@+&@P3jP>Rhb`e3HSzJp?Iq>X>@jxT!5gynGm4Rpm9BeE*%
zzi0n8jmzP1fl-0_5Zcbb&8Ry^XMMTqLQ*SsFumICPJUQ0;xN<3oD^GWbd%|N?WVdf
zc}=V1kpK$nSr7$t%7N8cpln;c*^DfU>xAI^L<dAPnrpYG6mvcYQ*tOWznl|7(*uCT
zOHHHMjR;wxNugT`la$97qE#RpMUiAN6w%QDo8EylQ3@MUQ2=JvhyY^W9>9!lSBO?2
z{fA#xe2vS`LazrZwuob_%}(w;>%R*iP#!zbU1}90MHAFS<O@tDLyINvrvx8l!s=}v
zA{!)P{V2D(BR?5ri?(lEL$W#1o+Qot%w=DHiFP6eejw}{eNk1G+cQ>T+9AV%KdvM-
zCkXQb6G^+0fY4ZTY|MiMsU?^+vF~V#6vtU|Tw2r>$1Q9?WCbM+g`z88#&dfD6beIF
za42aCDAPAb1N6fh&fwtHyZq%)slGg+HXS)Oi}K+_Q|N~%J{DG1F-wQLjp$e%tB4t?
z#YO?T-?k%Q8!((v-6o)Ch-BULmf~;{kFjZXJ*wdd`v1IG1Oy5+*<Zv0Hjz7BV<NGL
zEXe!nr6efE#V0dSe3H|4IXlsY!eEAns~Hi5aEE$DbYbx?aCxfkNN}nND00V&8K|g`
z?Sl}v7cvsgqZ@mu<K={`#OKML4rkq<^zvGir<WDj$W>3bep>YRCn!8}6@?)YdPXOn
z)fx@Znnuz#tL|ufhHZ0odY%QCHTD#=jR!I{5g=H}$CXf0?Lex$zPqQtL&`UP)Z1L@
zMNCc<Xup-tGVs#T|36jt_YBt){JS<W;H!=Wtmaf2@rf%Cn=Fk(ZO!38mZU8e#?x&U
zKZEKiBez&BmcdFU-3dwGc{-ZUBH}L32(RXNvwPknM6}Z^7P{~*nCu|zY6%0y84Nd9
zMq!@BMSSQU%t#ZMaa~RJm|TvQW-+z;)tvYbG}i0!E-<$Iwh~-z8TUsX8z_--gl%+S
z9=CV{K30lCYn7NxLf^^@lT^{z7JjNQ)Kdi4@^0++ztbwrK6b$RD%MG1QlxCI2}C1(
z9sZ-z|9PT(5}-dS{lh|e?OH&()K&(Ty%4eAZTRJQB1T)N)f><G_0-T%@}-I%S33+z
zu~uq>nx8i`dfaHIU%~rojc8@`yWqAmRm5{jZD%`$kuf5i8mvE@LdwpIEK$)l(lz^f
zR}*4BVGX3tWR;PriR7`OT*(3}GC-?oWX2GK6lob{WGwhYK@GnXJUl%z(=+<l=Tovt
zHFQ`IJrgr${j5)v3G~T47it%7kWjNLJ&VMjT4zm2_d6Yh8NDC$eyTd7zsih_lEo_`
zw%CIyOCv|PUZi@Vo@OO#Eux#sG-J42tbwK#)0ukQ{6!xBpUJYT3L;`@Y56Cci~&5@
z1rtHoaW#EQ3-dOL#{6cb)w&LDIw0ss%9$xKJsqM#hZ2FIlPS)jzC|D~I~yb-fD-x^
z;fp4a#EXcdJteeTE6gSXDou^VRC(5^7UdPpB-yM_#9J!LJ&iPEyS|wqNi3T-zDvrK
z1h6Up+0u&$^l~OpqL6-2qKKh$wB*$W4lON>fj~aWM-$KK&V+%DIXr`L$d9;UwJC%o
zDW$^D%o3Oy8QA3bP%yqfP-ET+?M`DUBJ}Y-0!1o6;43s4qGLZk^}J2kR2>|hE=PdX
z+n565;ONL-ECA8kZR%%dr!p0DP3->HCWZa~p^qFu_JIO$8D`&<2Yq8>6$%?qXyCs@
zQ~g8h8~ic=q{&r`l87Il<kJbANoGx<4KA6qnR0kBwb2_v6u^MV=#`Uov6Yn?O>NzP
zwajX(npMsJl-{i`wh(eq)ngU2nIf^KIR>P%|5@Q8uV-s{bXdfuwH{GVuLvNkxJ;6q
zOjnVo9yB?aQxF68bwzvi^4vFBbPmLT%j<%P?#2aa;rYVfBZf)y?+O7Rx1sOrQ~&q)
z*!@Bb^pCFp_3iQ}d7MaSjoE&gWFX?AetakzibxN^97ahsd|)<E1!|yP7J}j;F4!VR
zq}Y{!G%VP9dGZsx(YK8)Yf@Dvg|eZh{&+3Il}bb$rqPIjqg<mn(1O&9<;|zuHK~DM
z=>88x`_I4jT7P@sA(t(=&tO6UiITo71(T3dl1U>ZK~PXgleR0{@zKGF*267BBt%Q0
zo^z7sn2_f4EBlv!M$%a?_6>y$*?vD6OZeNPT!fZ6z>$)kc8H~$vr@|-P3y%qC)1|s
zKy#l4Z%MEFUhw=<UeM7+|5qQpmqA?Xw|)Wmi3Z}lr1(|l3-pBqbajD4l;7zaob~!y
ztaS4}>cG%pB}zR4?fA@TcYZio%soCC60&n5>EB-k#chERpS@7ud~JsVb`N2sguKP{
z@q+sJYcze75KmudM$fFb2*wL8+_2n04nJH$^~CvE>=Y2Y>H27>up4}tHQTSi`T60_
zIv>KAjK9dLg23tj-9UU;AU{Jci#St#h`!+nD$c8H-dO1r<kq2HOi|g$MbMw#k2rM7
zY|uM>LmSal@8QtnK{z;^ekhzT-&D1S128|U%}pey`7}BFAAyJ(Wf}Yq1)#KK^ONqr
zZG)cO$rlEeb4B>pVIz=So=|Qj+iIb3s+`%KHmoWMSHF=p=i^Xj!^2V(A*he=vQYP_
z|3K-eARLBo>IO%#ehv@`Qi^$9Nt$zEK66v~9-Rp5qKV<*dyEVWO@YCwgm$3Y0&pe7
zRmwZaN4T~w;DVVMK>%M>qe>A9oqE6;<#&l<+e4;0)cwN}p%LXH2-q6^bJHj*K(+lP
zY2;QZ?gC!(%A4?Tf>Na@t&ef#x@~Y5HDgm9^(6d}{WaVLvlv?WNzr^Uv9J`%VSCb*
z>k$bAAz`9|CFVg`uDlArlr*>YM0Yq($0DNTOA(mC%2nE#V8$H9NoPb&TxdM0qj$9$
z8h4Mfb8b;S)qxRyq=Q>~gL`<f34)??7vOs8p%ohECAcRdQmIu!2s^>g$b2V6Xh6x-
zd^0Fj6DQ@01rL$9&}hR^G7?5iDHPdOna!@8+KaxPEEjbqybu#U!(EM(7J8C$n~)Ff
z_8&o<iNou@K89fCVEF<^1q)YP#=tb*P_Q9@VnF(8f)Uwmho-w#l)N(J=WleBMw3na
zM~(N22Yhc!{65J;<>xO!fok)Bn2|OLiza*#x1(JPrGWfhivnlvwoDDN7ju4lMeGXs
zU`f?A@G{_mP~Vb^Y(wJ2J<T|nJ2(BI-YELn^-kp5YF&l3VF*D%LJgm5Fqph8k(F)X
zn_W+>y$}%x$GTwC&c`C}52&ARPUvAUSmC3KFoyn^WlW<<l^`2jOt(bN+?dNg>~PF!
zc15#nT9H`|?Wm=n^+Ed}eu9eN(b7KGpv@;NFiZ`Ia3GtaZ|g_bqhA1Bo&J!asn~X#
zkRt0JO(*Ow5O$%;Bp3ZgmdcR)H5-wLyx4?%_dq`D_u_$mqB_vsVOZ0@IXYcIzk3!&
zqWOyL4x)|caT`OZ;kO4%xndJtrSaRGxe97bAce%P*X%8!x#q|^QuE=NPj3?TFULt}
z02n!;Ft}BR)6t%N7YdrQ@Mk7V$T7mkUNbPjM6OwBl!_i$d2m(J>QM0FEbaZrDex(V
zNO_0-k|-N38$$F5hfp{{_Y6dVRD?&&qU(=P98eq@gQ<uYX0*IlDK?e-hRP&?G?|Hn
z*gOU)RH%$YMvv(UCX$8XF=>@__%dX|s?#L`tCwt7LFm}LG;S7HzCYYvM&+S@gqY!_
zUeoO3x!H5Uh0=g3cjHkfu>KflWpFxFz&JV*l%o_)Ck_cL0KCds4UN2G7p!dUn}u9p
zv~qyocgRR*wq%+P?UFI0V!IZ^C697W&j}nDv4;WxeSRb6RS(n3tx*^gio7WjgEX0{
z2}3vgVgR?rUJ+9BLK&9D2`qQXga*x=Cay5l(-TajElr=V`hI~4Ib_sOQb&YE8WDu*
zbOYrn)R`>RcSw#Vt}wO}i60sCw3ZH+XN;|oKi=ts+7Vf7m*9?S9zf+Ce<Ru%*u}z4
z{UVTtEY%s9xw+`GEv8VpzMK<H=(qgteo6M-i21J?d@e`$#y^U<a(tNn00HjvlR^!x
zQ8$p$AXy?~{unO(Ag2Hx0lQfHiBcM7L?XW3$C@OAOHPS+r;**Yi*BRYgEkU>AuOw{
zY?xI`Spc61X-2mlj;&5tAii*ReR+qP*qD)i_uVAHMgv+cO-r>LQu5I#n0`;sg-paN
zPNV0IV!37`M7L)$81d-0sazUT3r^W|E+H$SWOb&8;pTN82D=+iCWlsn0TpU^9LQM*
zTKB^g&fG6;b3;ysT^5rUrRTg~66Z!PS9hFA5<u>RG=a@IrVWlyfIj@rXpfg0fmUk6
z2_xaV2$&z|*e8iD^5?wTiynj?T=rU9?x^v#Kb?3XHqd84GKzjF4PKwm2ELaC=Jz5D
z4)PDAI-^_2!e4f}A*y6^u>-Y81P^!PAy}dmOTm42q$5PxnZ=;x85g95K-K5+th*mj
z{|DFU4Ug`%=Fh>uQh6Tb1p2}T;!?_|Nput<{ITCIWqqP|I42Dwd8h!{Qk90zRlPh4
zE*GPdc;n+_1(c*2q(Q{@@a+^nZlqK}&77q)$wFX#L+vC=M3Kbb$(7*3jh#r}get?6
zAnMa!QGU8w{cX17IGrM%&YFa9N(AJQsI1nyRe)Ga^N-pKWuTL?50nxtq0t2iB)2|N
z^g^Wf<BlGzxA{I@mkzXwVwgfCqjDZp7t}9vwaV=2$}Z>Pfq_5$4w!)O$OLu@z`UAo
z1<YQZ10l||I}4(!f*sOBl|2{TSAHu?%aGhk9L9t_Dj_m2U0_F*xpS+~X-i>DV7nD*
zEwo-cum-abf^0lp4#lq8V00#MEtV}yFQrPMj;q`S<>W#Xu*2=Y=43HA)y7lBndUEA
z1?pGM{KvZK9SQ2q^4H~0Tf6ae0NF+ZB*IV05-P`aB5yn?-)trsl)ejbB^Hi!<8DBa
zWm6WnIzKKgBh2b=7BGfkMutvL0*Om(dKRg<{6TgMibuNexe|p11$Egkr6&a<28SPv
zT_8W_ISQil6Dz`g<Q4J_gK?hX2xu#rtc-wL9y?1WGnK9!M-zrkty%F9;Ljtl<Haf?
z4xbN35AJI8R;Ro1WW=LTP7;2t>#w=WQficWjL95c<Wm#)mFgD!aczkRfO&k@Dzzh`
zc$GMz0)QFHQ!O<TLp^{P3N*HIc`8k{`MVt)JrU8$d4B3JHPgAJI@bKj;r>(R8zOz!
zyyZ*9X{imnxrP+I>C6l8to9#$s9$#+o|G7{Jl6ej5X{LexBs!<`PBaEdW{*Hyp<gx
z0UMKOF1@2rW4Q~>7}E2nz5Vv&bOuK-Jrm^bWc~s>RCR{atcYTz%=@==R(rr8J8;9t
z#XmPZodCmdsdM#q#vZCJ#cqqwp06C$TOGj0VDJN}5iaYGBW+naX~8I*=Ob9b;qgMI
z;K+^k3&X+6$sschO1SBnQ3-ht$j%hX!@s=S7|q9ROprX2>jS!9!yMcfr0xqxyXA~j
zvFOyCs&(#h$>cNR>IXMht`V@c3Y4GZ5D+t<ARq``EBW3#+)>Zkmn}fliA+H$-5D*f
zgm@xi1~c({Muy61lqS}TbdB95U}8g2T%v+FF5WHy?4I%a)^$5W4_Z)eTj;(_f-x?+
z-2xB=i%m$<n1XzkWvk$PPYD{0nH!qLVt+pn_~wQj>L6OFT0=2QVNSfPOH16Kegmny
z#KODrc?9@tA}=oAz-|;k=no9m8*i0{1_3!G6teiU*fd)%gOx}CE}59V<Zi(Ms8$7r
zU)ai^nGyB&OE@exvj|miIYnGZKCFfiR9xH$eHr0YB{VmOd$vBDCIo(*9+^UlC_7eI
zw{9fbzDb#5&5EC=7Rb`vi&WB9$`8=Z*1K@WQml@TrE2r&@4fh?#gA`xF65OJ!>xH`
zeFH^+%XpnK=O(LpdEk_iZyj*2P_)>peNE!*ySi;ul`Pi-q1f<-R_egESPki>bwAj0
zI(pYd&S~t9)&Y3Ctf5k?b<YhRv+E2cK5(^Pc&*fGq8Oc*5i5`jc2<;U8#94z#+O8}
z;oSvN<Nu62g#VC7-}J5~4QuqNSqRjrO_lpS@uj7&S>lN8kuoQ>IEizfZ@o|{3Ty@k
z-VVcJB`<n*AjWEia<$M~<f#i37^Jw6rsL!>JI)&ocLe>9OTAkp5D@<GOd&^{H`pnV
zFGS3reZwDKv*9QD+(dGiOf|dSisDJ-HW;Aihq9Y0ffnh=lG3R*)4-@Ei!CK~t6rcI
zJ(sWQ9`o4+3@aQPCCfihpd8-tr`K|HjB2N|gnilP12itQ6k$uTuUdw5^4SflSPJ~-
zsueDDOtnsf@gG4N&0oNl?Jo`$YWO)_RJ-?-Ry)0b8SPLp`pxLeN9ud;u?9)Em<6K8
zcnW+FA}Nb7B~uTER?2|la@oY<;iy0HaKeGG)Kk}E8Gl#ND-LIhDA-fPwPY3w<EmeD
z;Q{|yw%yZFkq?>a(SvxKPi^?h=AUPBHncH|1e5(>u<~FpEK`w@GMvi&DDU<{MjGW_
zUa#SL=c(GgKb0;&*`vH)F8E`St{NxyK_<I1`!<mULz8oJ*{J%{hdZo4z#~c5pn*$e
zXArH(Y;uq}3Q>J}7zYja)nHf|b<qpWLi&JxnyNR3QklT9T57w{U%&h5R^l1!AD!;;
zg@8~}QsOAv|K_gu9PtSbqG1s}I4JV%0}sqzPl+7mvEj=%jGcM3igvW1=ZfeAN54?h
zRyZ+KdNbp|js=Kk0X|#aDuCpz#TgzPEBu6&&TdB!Vr!Y`cAE8X%FMxvcMkU-d0H^r
z6*L2M%juDKJd7&Q`kE^DsQb^G9}puTCkJ<QbaZfXD*W;8F5VFJz=F@l=W~w}_=OI_
zl46pbp<y}t%$w(F*R4fjX0g<beVc^jX!PMT&a@lmXB<)82e8$h8A7(S1K&6t_Obh2
zG=;$k2S4wuSS1VZVpG`?=<O=ylk+cT_~{MuQ|i8lAKV879|1^>ZmItHhiVE`1q{yQ
zw#!?@tnneuB9V8sv3NWIp)g!zBx{$ic9CxMaFEu6Z$_=NE4>UcYhgtVG8oJ|5Sr*q
z;r0*2TgQJ<k^nfsTBIeyz8-!okWbmv6LDaqJcxg$`8#++4dIY_(gQ?opYmVy@^8E;
z9-z(8`)dXfpYY!+|K2Q*<2xMbyN?c#$M-+dKm31#lwZdY@d^LEN1!|opxi3o4RnBf
z-v3CS@V}+oU(SQ#f5ZO&4zQOz?%NT`dj{<-oB1E<_ZY}+{(N!n6aNp)wTmnsfZQto
z4z#;){C~gyJ_$emN}s-PZV>-BI`JL-h1?+b1H3-{H;(o<#&!MqSNi53_YCnrajfUT
zzfm;g9)Rcj|B-rp{gr<3i~EH94{YeO4{_qVe|P*n0st&hIz0Z6^h2E!$-&u`m2k0|
zAf=Lzs^cv@ywq$yisD8kJmZ;$^ONl=@{37W{_=(%%lgwBL=Hz@psh}~kjU;6S=AFB
ztNa39qC^Nwc_Bxx6U+{GOL*g7{N-Q2)$}$h6~`T3R}D$b$10#<RiHrcr=$v0vz8sG
zOh2_g+BWk09-PY(%yqzOvX*^2g+C9p#u^GZyiVb?+)u)s;Lt>i#(eOC2greEe~Mz0
zh;Ir_-tjb_uEI{Yl8L&`BNI7Zr~q70Es1&m0ejXq54q-dyQk1Of6h<K0^Z8PiWpo3
zvfcUGurFV%$30V_(p_BnYV4h+*A;Yu{qUrozX!qLaKYizeJiT2ImK7=+jx{>yFN5T
zu;UpQS+T1zd`3T@@Wj#od`8^;PJZ~pxx@S<1(E{6c|pZyv*~@+Pcs@t|6qK~vRtjV
zL|(4Z5BFA-^k3_LQ`-~0;FZDr!rfOY`Li+mIp?8dWM_C)7&|&{4!_9$qh_LKsQ9HS
zBxi=W)@WK@JCXM5;MLyl=%EJ76D`e$8RMXArmxkOyWaWDO$M72-~pR;;FEf<4*yzB
zn?<9?3oq@@=95~>mt9G5L}xnlrFQjtJHFGy4)5#K1GH1p&D3n4M$eypY1C;OjkrGI
zVPZ~h>>irzz=B|K<BddX`X$Z|KS(fG{5X7eToj21Y3?s8(bVt<YV?EKk7EHrDzS&l
zIN}u}z(^eGG@AbQw;TVZe(fuDgYA^WXUp?~p6WbNdW40M837HU<-A2zgXzOPjjn^y
zyhTr6^^;WL^y`QCQN^zAc>9;;zYB1I@5|>A1~3uPtd=*RN*&1I<$`gssX=hV5PH}D
z6scDKSD2tJFGzMSzbDNiq$k45aCn?pjfj;M)Gex10iU*ffor=GXsS-w#iovgGn2#D
z6>f<55TvUMz9(jd2Lf7Haf-`mvC`r1-wSlC^9%F&1d>97MGQPMqsW!yyuL9Tf`T3x
zh`>kE@W!Ng;-SPr>(lBM1~vu&Td;ZrQ$iZoydk_%Au=yqkz-}ywzqdG3D<@7772;j
zK`}HL^|^0EknDAOecvue0veyhB9-Xey9Vi&SD+NEY9Ned#@gt_l!(SCFqfF>s@;vc
z**NoNr#Jds!weLAWnvmm{9#OXp_JzurAKZW+{&vT$IFJ*YL=xr3i=1cN}cY&KzW(a
z7LX=fjs7qxm;PzHXZd0=yWEv#l+rMfNtc9hu1?_KPm9e?{Gi3j&BDhuAtN0aJf0W<
zIXyn7rY49#KLkiEqrs#~Aby2S_P^X6JAB@nf`I9Yg5KfyFj{crnl(5NMFGJF{~_8P
zcjb|kTCt;gPdO?+c$~ui>3YoPWCA0=C>c3O5NN09nVS;Q93yktp%f)<NC*Mv8)Bmw
zST9?nv_BM$PC+p`Gyq;8F*Em|y(lslBvL3MGYIR`bI(4i7v5dIy`$++u?=F|wbkJN
zRj|*7>iK+m2&r;&3S4(~lz%A|DLfK~jI~}!IoiM1ByuaEWg>)3N6Df@4V{qmjKh@i
zm^()PuB<eFGHxDP+t;jeI2wCB(YnKs-@>hAMC|yv2noU)A=s@0Dom^_q!e1l81L|;
z2f?J*cj)*G3<9Dfcxb%E3U;`_nsH0ibb^;Q=Vj%^R=h^<@G`Hd1Kkm<bDCAZM8L)c
z6yI;0kX46pMK4)EAt!nql2ezT-zgz6h9E{iAvH7<ZSHvRxK;S5a+~x3HPfQd`7BH`
zS9Ts$>=T-$lsmMmB>)hFFM_&XwN)@WQ@DeaGz<#1C))bRXX^cF(MdxNuGx-10<A;H
zlDDZInHMc@cjeQM6G#M-j<q;D8}JEpI-&%_>r0G*u!p#OO6Y8{K(ttQ9@tmZBUDB9
zaI;olAwlaidV)3P_lb}jd%ib#DPgGWHZSZk_u5_$BBHw;C-%TITkYxW^LqsmmgmfH
z^Fp;>nE1UPki}91y}M>3Kk^6q*-BM-U8y~BsyrAN+mi@%o|whvB6epTU+<^tf?|=I
z?>!C&0AKFI?BkuJMDpALEkE$i!=C^yyxi*t%c$A`Goeb72f8Uj#xpQ2FGcQ}jUv;#
zVT;vD_Wr!?_j-sP7lfs%<>57j%V1h&K9E@JmEPaVPY8Sd5V^5u1%Gx6PPV#9v0mJU
zi_9}d<sbwH!X6xM0@GN2c{sttTJRDufl3k{&*n2?yCXMSumdz$YBg32obA_DLBwl?
zgyLf@Rz&6|qYIQO8lGP$I#gXoa?3|vkcReEwPFu{U1R5l>WP&RA}40(2TVni6$F;C
zzdqo@)Pcb=SYOIzuQy_O%Ww4!1Ry_~?OBQJ@Wsjvm=loe$5|G66)G<LwpgA7x7G40
zvO7qFh>=4KyPbefR%nysZMIti(u?g<Xj7xbf%mG$HoIZxO@}1`E2djPR{344dS>(y
z)lLxsJ6O?cK|l|B(AgSfKJobMbRw|$Xc2P6EeA2e@9Ba&1rgoqmvf_;g?4@a0n;#s
z$uOIYV7Z`GQk~9>cEx(O+n?ibNFtJNpEYc;zW{Zq#U?&5OzS{N6c{3%cp|crV1MUz
zZ8ZmXj7NeJU*{kxJIER%Vca+lx6u6pg;qKo^8_K9_#-g7EY4_TI_Ib3Q=l7h2CxV}
zjHrVHLqDDv5x>6F2sre4fnmHtK9$im$sE&g@Aej=_c?{#NHNq1xfs}<(=75m?ke`H
zmk|>&fX)`x-db$aPyDh}zM;8x=*TI-jgBS7{MjUV+hY=ji70XOIxmgpqo8`r>F2<5
ztt!ZVWfO&C9#M0Bd7JkSq*6a#DDP=7qpRu)52?bkr3LYW-Hh;hMrGs6O+|~%E>bP#
zYAsixL1(e&BMlZ)4&8WJ#@mTGi$g{5B6K^ne2zvZoUS*yQml0+k0Fj`Tqaa&^Qr#W
zSrDCPS6DPVPtDs3LLlC^bHQ@WHbAXcHt~^}kzLRaxs&r#LUKx^t&{9#i;Zu(95>O+
zOxT8lLsFZZJKi8Xvc1W;RE@?vhQ_4A=<|oup!F6kqXR>tMtcgPL=3Rk-i#Lh-r(As
zJ!0`f*<`VkRezlMVk{HVkRo=&g#u~z`|~YG*v!`9rCkv$X%Mep&A(u4H<zRcj_*$c
zUbo5wq+@qxDR=I-|Jq{S{!z~WU;K!(>)8tNLA24W$0?)M7|eEH@57VBTUmh|4d>_}
zw)#P)Jy!Tk9XE`fZ8k|NloI`eQa2q@B<fNkqGAP-PmcEnFaw#M!VQn%_Kt)62+7@_
zSg%VR-w7(bHo6>`l8T9=$wv)n2`@Z|Gfc3K*Uy+RR)+x(6W@H4)v*zN*AQjy^utrc
z;Ry-3@m1k$27PtzHwV9of4VaR*nW4Sr&1LnmL72r4kzBIM!X6UBY0l+#2C`=ooufP
zWjy2C%zEq9<A?T!v%)86o52}S4u$kN*E*<5EXvofLa*KKkVc9qLg2j{x%WKJ&j(kN
zi+rhcy;H9OecmVTH&kr{o<<^cb*E^3kc$2lYe-zy>;5bxGBmt*_-M-U%L<MyJF0i|
z4|-7{QxHQ&ls$R8aCHX~+9U=<0}(!E29wvxkkMFn%L!kOgr*Be>m+{QWtCfj-wr)v
zc{DnYmg`Vs#zB7C5fLx1IEJ{N8kXc6%Bt@=e&F$w@a;QaoUT_$nLE7E{w6BM-GSL=
z4}OSW4HdzwB##M6thY0zpkBF<=TnCRE5k5!(kkv|Jwny=u+jOP^iR(xveL(!-V{b;
zgv5lPcI6X7YR7>GZo;3gFA%rJwFV=A{t_`Tgh~?)R(tH}uM2!Mucp{uZB{X&3&VR_
zjif+VAw)cfY?YYBhMV`Kqb20FXH8|JjI|-jW#0rtwdc|UGEp7zk0LPIEq@}fa5wUW
z>mps^1nBVvr0#W_A8n#;cD_QS&E*UHvGMP-x{>C6Fw<nQWd=JL#bh-D4)2fC`ArG1
z*sUV=4$z6tQO7Lq<bEkGD}0yCw5)W01%8aORz=|1c1a9s0f-9nW%@3|ElEu{UWfEB
zbT@gs_myj5vsCLKjsqFFkVYleKwGJ~_P+E^kc3Y6Zgu`h%*6@LDv&=FJ>cs{F1A>o
z#l@_kPk@J}(dfcKy_{ljJO#VAP)DARK}X11J=jboc*frft5)#OZbyv<M|VHyEa7JK
z{;&ht>WYNjiR&-TKz6wGLm~<BlyhqUk<G{pXJNv{;Iv2dIa3eV*@aAJtagu71Y(!J
z8thViW3<1tOM==FV9%2pRU9iQGY<$~In9-B7=Fnjj39~B%L_wWZT!Lsn|#BRJx>!p
zE=XoDRbb!z)dl}F|DAEAMnOc3m#^-te8K1QS>oqH?R5{7aZP|QP&z5-ob(8uB=RxX
z#|pvK2zLIIJCGCo=14??+M^FC=5dYdk#4#>y9N!x^M)<QCo!;BMfhE#gpF5vN&?7B
z%Cb?oLlASiRx5E<dmioY&+#`4aW9*iZ~hA+@VYmef}u`~&CuAu&MFGbFRv)v9(9w?
z|GWh;GIH=l1=GfSj;jKm7T4NnQ(f4=*fjW4cqG3y7?MthD}MKoM<$04?g$rmcgq>W
ztF;0)^g4f0pvF9=fY~ps&fIr(wbN*8PS`?2D~gl3)OfDr*KEW?LEZESrB}d;?Fyj&
zqZORDIlB+<x%8^mNn%H2%r9Xhg<-`Y<2QGMubZm+W|rZadI5=+E~WI~23Jm)i#ecU
zIh>GYfxv<A_<X&IZi*5)QH4S<=bju0ackzEYIlPt-8nbAf(TB<R1zd4q*Q@HcHLG<
zX_^`xhA-Kg<=RWIUXv1C->_kOfVq>Fy1C)`Ys=3E4#?7dARTTuP_&XNg8_PLhmTRN
zYMy6+Dz+;TP;X>G*)c5!f_G|lw!VTRW`;1E2!(0zPjmOav0)^#QZfb>#=uZW$<*=)
zP}kHjo1ZYV#)Bv<m3n}vXI@2)HRGdRxgopK=muxMqwB)l!hiij9+t@kG?#`}8u=wN
z88W<mT`*T(Q45h7#FO3O1N@!9D!^W6#lYIsSMG>xK<*ic-DXF4A;-dp&kTEIDm_qR
z=8VIC5I@7cNUmCim-xks!EVgx75j=;<kc1~mKk!+4hb$!uEW!c&kc_gOo;jCo9QxW
zuo>qhYs28Si}d=o98y`h#zhVzQ%q3Ap2i54dS7Z67DTrvq83(KI9C|}80#o%O&O7r
zJ~)Tl-SDO{)#U8~_VJwswrpVjW+9EY+`>AJ4A-l7X%1HS^|f!Zh0X0!6PUXQ$yY)A
zx7^Zfjj8Xu-!25AHq$G=BNU$BRzw2wZ<1JJGk{mNquEwZUmR{Hl$S;r91d4p+%e6;
zc^RehGaATJKCYJ*k;SP_2)Op(pUq0;>T{q^7I5rzdI7FSY30h(fK;Vb<Q2)GHMB7?
zr1g!h#HVc_FQCIGZ$l(1?#@E7V%z0=zhh*SXusRWA|3H`7@6!mG89>t9;+KG%nTv8
z+wlfPj3zv;&&CCFR@D2O{Z?CSC5)M(HIOptFuCD(#F&2Q+^hQZbD+>gI~bM|vgGo2
z^5i>n$N1)Q=^1$t-eB~6C((h7BzLV~jFG9}wHg`h2O1{%^>oI9#l14w-x9pRVEJyM
z11%X6S@5VuyN0fvCUKA8^+e?)Lv1)cNLbInEbQBX&&^sZJ3rUS&_XZ1A_YbkixZYN
z_S^0@YAc<&lwHPVTp;;JTqJRr(arKedY2Wu-*ZRLtk1?wxWPLE|94d<=o_%samXbw
zm!?no7c3A{MfPYKaCHQLWi-U_cX=g;6a(IRU$OIrB0ZXPh}DJok3^W(Sl&(8>Z#Lk
zolf{-J?5ewpvJt!2ph%WVJ(g@-}KB3DBA{8v4HP(iK|43G2s}WqVzIZzaStpJRO`|
zg9$5mmJX*f$y57kRWu9m-WZsg!tgGYDN$!JPUhNB5)<bj;NyjC^R_XVfBvE7-z0Lm
z+Cuk4baz<(LYm%*5PbUdB}gkpUTY+=m#8Xior0ap7f*gIda<ImvbYFiKxkU)(P1I-
zB|-!nm5wQ697;%`#rzoY3BJ0lghsv8$vNGVzdp+<464$-=_Bc5u6OBwCH}-<{|R0g
zOmFDWV|TJ@43Go?KMWa7QamIsC`?2KjlI!NOJyN~l-Zeiv7X}KLItawB+yVO4=+#6
z<z5%B(b=<FDbb0C?g)Ql1v<{DmGqH}LRX^O%&no#;^s`W0BSPvqpr}|!ceJsrp62R
zC&xN8n?IP5`7>)(`~Wx`0Sg~Aky1nCU@61ojJS*o3?46(_^B1`&E>ry1A8Ij>@y5>
zU0orVrJ(S9#ap7|v(ci83Y9hdgc2PFw=dJA3`{<O5o+Q!OyfPn{lzTOgX9pK-4)mB
z+8Qx6F?MMQmEi>eKF(%ybZwE&d*cg%7Yv?wQngWqg`>XL32Q!nZn$3mpR%|EF%77&
z$Fs=(Dy{Ni8II1!tJn|&e=k9fplcG=4);e=%F~H61>G#yU);S!Pl#@pTfh@ye(6kw
z)YIVE!*R%MdmG#6V8gFNt*N2&+AR)$=03zgwi;b1ZIzp2_lQe>fMzrUJc_(GyTe_U
zT2GIrcX3w4Ina1wHF+naHiYSN*hET(RmgUz>(fdxZ8kemDlg^+Mq=i`Gv(yJy}S>r
zp3GIjyXCZlMP|@arL+{ZYGQXhHmfgYxK7LkUp45O*9pd-wWpdsy`TF+`Yt3CYhsG9
zP4o_TS)kPu5or)ih!3;^JA6LtEz(&>?WEC)bS~F0_)Q6VyuvQnxib!Jn?ldls#42n
zJw0XP>E&?i`}_Y5J%4bb`;h#h1bUn<Nw_{?0}|d3K^#{iayaYvO{r5nDnZ0f+RDlh
zihUkL?|-~L2OOOqC*AMIYknQ|6bm_ZEUc$zqXBSVP*yAvlPy;n<M4ZktLJ6D0i4$D
zq+T69!CFa7FgH}UfH_^2aih=rCVxTb>A25N>z`eOi95<c^!Q-fAL|ZH)kddFfMP^9
zGgBiWMJ})!z|&}O0$r}w46S_hB6*?62k%j6Ir;ynI_Ky*!f@+1wr$%^n&iZG(%5XQ
z28|orjja=#O=CMJwryKqdhy+R|DCnw%$hUrS~Kr{_Wtbx)!wGds=|TWVT^d4GWyo$
z60myJ7|J!zklvI4_>;Y@zJ9eDCuS)WbT!-q2CEJoh!-i%*I`ScSW2l@DKf9ec16Fa
zu(-0Lyv2jjQmsZ$Dh-y@@PG!)5~i@sVMC*y8a79VRmkx*OtZfna7(xHrs!WSqOu5o
zkf?PSMgVpWwqKJnE`=J<RUVj0$?2k>iw@Xjj13q#A;%eFu<@fIi?Zy7=FiZH0aMF2
zYptKE(=P6H-B?Wxm$jI}1k7^2$np&A819E)1;bO<WI47iVTI%Kwbd>*z|TSdm8h0d
zqC%seXdW9sXssnr@Y_3~?_Ig+R(hg~!j}%87o&%~jZJct!4e1GfB?#}F}LAT9f}IA
zj;M(RYtC{#{NY_98(CF+raVw|fg|rN)ih5?Q7xMN8Z2%87tI($@&gPm`61Sgz9C#L
zZ%<NM-Y99Wmd!6t+m{ZOJ1Pd2g$I}6acwOT5)3J1x8ZCZ&-rprJJpPHcSqvW#)9%0
z+z`;_C%HbO_$+hE({iGF&rDk?lKymR7CpfG@0X5^Ouz9vzo~0ERp{YxjpEICH^+}_
z`*5BuqLt#@Z#|AnS+32e{9-B1r!M7)XBOO|0$%EMI!9aOqDYY|ki8e9itU3}h$l82
zGcRc*SARnupw@^Jie(YdboS&6r~b=)Hi~Pb`(2ZkQ0sBa$RYSJvba<*t!57(BVzjF
zH>>i#(P*Ae%^gwHmjuO+HcPNi%Gt@6u<gfn5~+*!aA_DcNT_~MG%p^vXh{q?PPQq^
zCfsN$$%0xcHheiwH`9yuhY->*tO`yM&jZ@#4<0YZ-2Cnm6~7NWK{xl2j5LP_`wpL*
z{b;s$X+A+iaVQy%64V@Bjl)Sh0;6>kQpGd6@nVIi?A+FT%d1%7y^7N;X))rE#4VKm
zmY#+cUS}$B`$j!S$0x+omV{s^xdl@8eK6>kuUo8Z7j|YhO&kIQ2+|xr(c3Ujywl%~
zji>CH_yra8^i&KGguFIT<Gw*(=>GNa;sbYp27A7mEK(17Dq;}SraD*f%rkHAH=~$C
zhJbdJ96CRfu6OCb?5@nV3~Vapdd+lUbrl!VTOkRn4|OMxZQzAZ7+!ysv+UpbMXW#7
zk;W4<<B}4s$#8oyk41&!ZnRqB-{RE<buJaMY2l0}uvnr{{l@p_kJ(VA8JHwCGiPu@
zWa$R-pd<oP=GQtLJWi(Tn;vuAg#(T;!)ds2-R4h9^8R9r2}Wf;N2o8CyEjih4RnIB
zo9roF3FR93-?aKiJ0i3Y8l6eok@2BPZ5(fQE3{U`G=KbO&cj1bW0wc&)OU5mLJ8lf
zZ#rEyPtIf-7axQJ$<!q_#Sw5hcLPP(zPuhrFuR;tBNo+|oLtF?iAoUjYDu6XDPebS
z)Jqs>SL+BsmJY@CEn23cW-pD9meG3<*&<Q0f3I1ILy9AO)wq}OZIo~nA}i_N4uM0^
zENGmA!1Ag~%zL$ft;Z5|&aDJN%0^8KFJo(UK>yL)&W4jiE$<a7f4lJ4NNrN9s?owy
zgHDz2AlYSBJF?(%llV^SJ@1bw);#~@%60Frv_ak#`s~Eb6BU%#G&H(Jx<hoF-8mTt
zs4CN4-#_(twNQV{nOaCNVhydE1y#;7L9FPucGknuJX}_1a8ID2n6EtT1VFiaw&||+
zQ5<_0{||`gN1wwCb^c!QhAG+B71E#IPexr@E~6bta!G_02AvQPz8?f%@y$4-CxN_z
zk1i1EcWf?)#fP%^O+Y8I5+KuH_u61wl}V6QxtqyjO7B!F?!@wcvjCoY(GKT?h^mn1
z!>IWy7*xW|P+Y%ogE6zZUW#>6uctn)QF?RUqx{sE@oEjJvq9RyKLnKls2NxNeK%sn
zT?J(zC_$0JO(jI%<~T(UEbbg%Qz{>SitENB@9iDTJjk-&ed57yRzn(Sf!s|wu>mYh
zEv5Tr(3-kjW)^?CI=QWMBRMRwtcc;41ZQVMYeT^O<nf^#W~`J!?MCGZNg~QsHNd$J
zg%@w6m5souT6Hg%^UcV!QO&Me2`LwN=K(QJN!eR+m*YhYjk<5AU-7^apIv2w5Sz@Z
zYJBI=D}beg?`IjwTy?z%1+4CBHVIOb8a_&=R6N4h<XFFlTu?W6qO!`}jD~7VD5tIG
zD2l5Kb|uji^^TEY5T2Re8$T<6+E7mq{CjPhRXRl3Hn!>)$X1zqx^DzQt?|0r`u&CB
zW4So(U*FF_1rv<k%k_eyfYYGS!6tI#?8gR&?}bD;p@su~vd&fAYw}(9m$VJIfM39f
z8P<!)ZcLK!bZT(7AgO}>?>-W*eupb?EAVZouBWl8o;n&-LLN$}%0&Ebr@tQxE8Eft
zKl{Ss6yz4i$Hs<eAE`EEq|c1aEJPT{AhxUvGObk#L;@-;zL7mZq7V-hcq)*LeVl!g
z%<H}L1?d|is#F|NXRRWNl=DJjCFMnP=HE-s)JU!uQ7eR;b8Hu%Dc+pW+ur^fuUC*5
znc534R|`MRQl`L~#jPC&0zgAi0kY%ChwHNlA=KEGn1@Pgz-QK)1}Q-noI=XDWW^QS
z0_t(`P)WtO^0YjPO6-%x*%Y9{j?9nT!0sKIJhj9xvy~S}9~x(yR^NkQIQxO7dPJth
zll@&W(b<-NUGmg2!_5hhjYn7zlt+_+wnK_Ex#lp7c=V_~4`j2^r$ebPJh!lvXZi9O
z8Vt}PNwz5w>J4GP<wdHKqc`_<r0##T*3`L5>`1zXn`vaSQkazF1#&m2YQ*Y^uFA;=
z>#s>Zo;^HWHgXhVMaF{8>RG}-9vI;zP@Ot%yRQAXfQE$G`E@W6f3U;ZDy+I;D(SIa
zDb{iog8Kb2|Kduh(=5EaxuC{M2=6wV-VjbqUjr^HRF3?)`i`3VLMz++Qcq}LiS8sy
zmEyhSd;=e2^z0|q;DluA+eZHm&E?iX@0O)8sR+6C8KTuQC=kegW<C3>Ady4I50qlt
z?JFuw#Lt!!T)?9P^>bUrmN8-GW~y#uA(g|J)@8`5ny2!*;>;wxP%50Y{-NjA<0dR@
zQAAFP1kmAIawN^(e$vxFkZK!e3o1GYg}rs@YflZOrQYUnSv8A#D&&}z4z{#54;=81
zwsI}h(0(bzz#;J?$KZ<3%0k#Vp1{3%!<}_%7DM8P>G?~r+z8vXBL!E;#^hh_@WnTi
z8%g2#Ym&9N`sVSL=wuQefCPZ4VRrDCzj=HNEyvGud$d6?FUdJK1m6A|7grlprs3BD
zYG@+bGE;b{akw}yjGm*+VD|YrUyh=r>BZ*NFEn>XWPEZQ%zUN`;;aHN+MZ2a2cBO(
zI2YQ|gLt^r6Zn3}wM_lU1s28V0Fbt}_J6ek03{ZpcBJ07!%dahh7c`(=EVPUkH=r}
z5?_VWUD~X}b&kKo?Ta%rovv-|=s;Yr+G_F5b??FzZ0SxC0L~R1-Q5F|fnQJct@D6^
zcG?(s^0ro<Y^YYT81Z76KZZ0ZKC7BIetOLugMbP~g~@Wv9(Bs2)kGHZL`WFqNs7dG
zppGJ;N@fiSBpjvNry3eW^&h{V@EZolNF-GNU=xkrn?@80OEWHCtz?OYx@-J|1sl$U
zV{#&=t=PsWwElASRRrH0dYOR#U4FOR)IxGUm!RO2i%Av?F}~(`+cMz!;u|w>epTt|
z>rW!-1FqnzURN+9I{tjOsXKa=meN=kbDg*lAZ$z)e;$R18~3(-f=EwCM>l!AVE7$L
z4_j(eNb;8g0TpVg(~ln*YtFBObDBE(hfQgg_jA<Z>xg2}@FNHk2JBydK6jOzurj_I
zL!KKfDxQ--o8AIva93)5i|W>;DHXZ}!dgS15<3T~ATff7H^ARgc3T|^^&ONgXO|Q%
zFL>dF92UdZ!6qI}mo-yw7u3ZKXh>{;EYyq+HQIWd|2zrV6kV9mD8vH4qN5dxEXY2Z
zygqh>hCi^e4Pq!RJ<*hDys&=AnJ&+VG1f82OAkpGu$e4tMWwT1HF7gjLO6j{hJ1ug
z>MVG*BR$es_4B1Zc_`U>mP80?d|U}B&EpaxuQOeG@c2c&l`v6HVK&GwU?O0Dd@^f<
z1Q`VWc~E|S`aqCYbp5k5pQ+J);&9oH6?hpKv$=$|s9!p&K#M6_(5nvjb^@CK6^x_B
zQX}kbR~TSRcvid3atPF%Sx+By0@OGp9=l%SLw$&n&wJ&3A40}mFC(9Jjy3>fOUT)s
z@i3JW<ogduvt1*#Sit0Gy#dfDrx|DHeelq3{^Q=$-q`%@p8kOAKb#u=^yHVP&L#BN
zyG#EW-k5>?4f0J9_;16=$v?ZtLM&a%V>SgT=7GuhYZ@+(@z*Lr>Gy?pG+F7106g4>
zH^$WnHG9~%>frXh03H^?f!*O9r&rnAAG)fkM6vI7D?80hIG-ODA7Y{^_UzabnE_X7
z`{etjg5L~_KFC6wH~%^e&S;2zH<UnR8U1%7#s9R->~-GtQ=ZUY@E!w`#Z(^z@2L?C
zC_}*morvIkl%sM=g9B8Fj(fhZoxiW`F&U^~+HG(?qV7WN0nH-#W$b2Ds}f*KCvSep
z*0-;_h1A>CPil@VR40uhWVB|me78K@XKOFZX3ip?c9X7`z%PbW&+n@Y>(d`!{9&ee
z;!~5wVoaq-cVW-wwD%?SyY6ZbU^|^co8D?g3I@P-Z7No&nE=oD6EhZT)*<_jwawH@
zr>%}Zng&7PGic7viHBWWXH#MV($dsQx4U8^GlAYArQt8i*?g|>?j|I8t@SVg5ct2`
z#>sMQ|Ae)<1rq+S?yhg*C)Ps|d;Da3Cu|gd<szbgC=mY(vsye}%&`k^M%hnRFOI=w
zWm8<ku&}jO0w<7ZJA}h>*5~-ZT_vvC@oMsO?jf{U?oTJ3gzx8{%onXSjrgbKuUH~?
zrTcwJ^s)j#cxCfT;X%>n?Uvxr%;FH>czTjuM&diKe^Y8izq_19?{Fd?nR-ais*7Id
z@M~vU+(iSfxRAVv;0Lv1ZIM2bteAx}p<)&wa5fYD=M#58EX+;&-F6)6513e0XQK-Z
zgs;2B$2u;EOpB}m-<iHs3PknnAo87B84gP|GypoqvFy*YLB)c!MR5s^B<`jpy<;KI
z*(u?-nczP`RTy+v?lSh=wnSNZ#R*DhUr`QI^Q>xwT!vEA;n#W@cJ1EL(Ad5of2Sac
zg?|wBFF9F=%Qg(?rWo8@9roGNrALcNnat{IED2?8bP{z;Bt5hNoV99MuO$wS{e~1@
z3->P#6$)`f8JM6PR$)|5%?e4RQ6guiN<2?Q0YCPNzu7Rc9&~j+mGf$!Mux4L;6n8|
z;Xb?XcUuMJey_%Uf-cutQ)&t_bo#VsIbi%VS5ZH=ox8(;Nf3J=lSGvIor`fHAne9{
zzYF-y*^qnoOIR&qM(8Z|&x#l*-xYQHB8ZG`5Z9*3UYG(!_f!W!U>KDS58>=qsvRf&
zBD7wtuqxEO-kBn%PDT?z9hjX=zpsS<D`(z-nkM_K)@|H5^?P5g-zTOvHw!6%U|wP<
z$cfeJ9?fdkLX3q4nS<IdlH;JNYkZKv-F_g!5agou=+=K_H=3(iYTpJ)u&*?5tNvo7
z-Tw7DAu*n6Xb7%?4nE3yYqc~BG};n=ZpSZNbNMSv8_@CY#;##6^eg6$Fb)kT*jMoH
z_HCfR&p%o_14)j~b!7pSWIUjr0%%TkDBH|CD*KDl*wsP?&=p=lqV9pP5>boW{TJ#9
z{fNsGl}D#>6~tn@dM)YL&hSa-TPg8xgw`#sVutOov2}A+)kCHw=5|pT2Tl18xhf#`
zyMVu0(2_nJ$T_h&AtX}1W3RaYp3jN_*j^gufz>r*%PLm_!zqJ8m8*~z@2q=~wVE%V
z-@w19_-4jg67pynAO^U+Yn?tLA^h6gkF6V*ba(uQAPF=pD2@cRt!=!ZwHKbv#d)mM
zPD??^<wj8^p-}FYNeNkdwE0t^*qC)7uHYtwp5k0+N+KU})GPE1w(UU8dN(bd^niQL
z!(f8Gaf#wfmBkEj^SZ)2s>nwVYT4fAwpg(C*%5uY*)Gh6jDvLv1d+j09gxWNWB=t9
z)$@?$miQ|kyn=oS<}R5K2f{dX3?>4lL}>o^6kq8Du0TTtet8l>XaK~3@g9m;jZu#g
z<GLT#ozDHh#wgHe{;_+}`4pee_B>edMFTW&`&#_*RC0s)N$m+2E)sgVuu$_T|6Gd5
z{x$kGS8vrYtUh-JK|!DD@|aV@B*__;^!p$3`>NiCJDRJ(d%?v9V<u!`0nwH1Letxa
zAMwd91f~P>B7dv>`ugh!ot|f{ycf&B{#@oN4D|0$6Q>r=J=;x7SG2~(2sIOSO`X{o
zIaCB9Mfwi-6D&Rc*z+7qed0*2dW53k85_J7JjgRWk8sUs2KlC!{e09ST8Sm@oeR?y
z9|DT%(vlB$U4=zPdTl4h(`;tsSadHeqK!5Yb-Oo2YpneuUTjX`zVrP_f<j^*PvHe4
zU#yQGf^;6vEC>iF5WwSC5)Wh2=W}3ZrYzk)EKTI~yoGFH&XHPw<O*+Ki$-2?E5VJ{
z@eAMi9&2<G(%<5>PkK(X7iJFe)h|HorI}(#8=^nInvV@Xxhk5?$IM}o*TdwY+mzSC
z5yqO<#F6tBEPRZ{gd5$Oo2k}*4Sfu_hUNR3k7N;(@e6ht_Dy1|KuL;hNFk+d?x4F?
zg{H#riQsHRx=Jl97wOf4+`AG|%k#b`7{M4;&<`9aq4H>P?7eG2ZQSEN13HiV(;~7W
zN2L3}Kq$|}X8ml-i#~<_IL<ltSVmzVx*@WmGJ~p^J_O<@1~q7KUGG*0vJAdO)fys;
z7BdSfuPkA{#1LU-co<C)GA<HFtG_6cQ!*l|S$fs!rQ^?&_V^i(nlNhlVRcsPh<GVX
zbfxb_#=E)l>@zPt<ui+B69-m9$NK*WMQg!DkJt%yFGx=Uv!kw_t$Dle<rT-$Hr*>r
zN@eq6_RZkI&N%RiZP!e^x*3Tsk$ExXwqGD}n@7gIG=@1`S?GR_jx?(3A6`cAKL{uE
zcgF;KANP@RKy;Y*i|k6eWN^Gi=mOm%^`E7#+!IGB-dJ(iOTd{FTyz(Rka|LTg-1_w
zREE3@el;C?h81Wd2zJSX4ne{P7bJHF)eLM`hQ=kNX&w`&a0?fY*C=HRAj%y`!rCjx
zHia7-@`E*BtmThSkeJe*U1^F_N=YsgGa$(A&Hz$u`H8t)U6&X2Vbm->kPUhEu%$z&
z3mfy_Xdzx#l!+Ro6s?SQFK6fo*c@7LIOh<J6`jinbi2F9FuCXKHuFmrR$NMrE(XkT
z0T$G40qMQjP1Ym8vw&I4A3w3HHd+HMDgmL@_0ACuGO>BEHjBu>d2tO((aKcd%qkp=
z&ocH<ersUM-Zv+iaIIv!)+&(|Q7csvtrZ4nu4T@(nP%?QGCZ{gVmmf*g7y0G#UBZ1
zJ`_-F&!JPmB^9Swd5zWO<mIG6?j_%jdzmEGS>;5!hquDx23Hq2p}pV5QTO0;MQ0@;
zz7JGZe=R>P8cMIc4H%w`(ZZ@D6quvqtVY5lxW_XgNB(Q5i<Tlwv&~Uf*_I@;F>lYt
zw>0{F_J@4@;e#hMnx>m^;jC`gVuF&J?AQHog4)|lagLAfM==vfmZQw@5TQte`|9P&
zqBDsL%&P&y>HXn`_ucN>J{rM2Ab57|s?-M$zv;yD8R#8$+eZu5vD;yu><*revo*q%
zY4}oDg-+_eJW@f3_ODH%Y<4_U0HNJ{%8dKGS?>FuOaF1!oyoaWcG6UCh>a-w9Qj{~
z9>I2>6}xP){~X2ZGM~W|FB%5~hgrYqU%}yU+YULRyMc(awLCoq87ZjvSs~fGhx4Br
zuseD6)<`?z><`X-Al6pT-VYFGgMT>G(<S=0)8ni8&lTwK@fZO=!mX>qqoajv*kEci
z{B*4ba}wt2%;=^w=<TjNtP<lwWFH7qtv_7kl{3`KJIa4RWMAp=pEV{%&daSuqj95%
z&w91k4%7IIp{(|XzEwuy*COqotsPJEDndrUMy02hB?N)m^5w-Kbi_?&&8Zgu8Y5Xl
z`9%|*41zzE9-?``M@%2FA=pq5c6t&X1?Nmbuk=yP?9_fARb1|SHEq#335+i_iI1D|
z%_Zkc5J`;xMyD)f{w;@|hyfajT+>WY9luEN2w&M;ZG5?vl~Y6NrpmO&WFPgIAucT;
zjQ?S0(;zVQ2m#`3K{g%O$5<3{;iQKMzt`V@g;&ooCSh!ke1FCtgbaYlRZR%>Def^c
z-Ur86wo%pRC%*AB3|cCH-dryd<n`W%4-jJcpfgK7ITT!ing1>J390Yzpo=*(lqu|h
zEZCv2qHr?rtWbz@Jh{Z`LrW{O&-b@EP}<ZGu+vbQjCJMGKTK~iI_ZXRq+!?jt>jg*
z9uD-;&RLC2o>O77Ji!-LQ*?6~6h%8+4CtEd->TOHn;M9fE=@+ZhT`t;;JV3`yLaW&
zJ_^fEiL_Qk&QG-ulr%X%W=?%N5fBH=4$Q{#Yhq4Lep<u*9}xYo4ND&?w%Yy>`Y(hF
zJ5F|7>a-CuS+a@zO?E}~eWyGxv@pJZEPYG_rl&7F5$LDG6c8!61AHBkU?%&wAMQGP
zCYBH|U>f=tCoP}tGzm%$sHSE&oo=7qkfEo4Z@f-X)I69VE>Af2kMV7E_Z9Jhr}vv|
zr_$kGF2UL^PD5n<y~`aRUqkhyAp9=sV6vP*6gOpYrG~@YyCsK$#%F=sG_?=%Rd|V;
zFC?0EjRF;VjLNne26O^Z`u~J#vOXO=nfYl(iNU-V9t{ec0oS{(8*Qv0j&v5=Jn;Z{
zE(8zNdZI&fHmnMn{?V>ythT$nr`F35VBJh;o7xb0#j!iJJ(vnF_k&4d1T`l^e6Y>?
zq;=&uij1kzQsG;ve>Rm~uhli>pM24$**P2^ox#b0(S3VJ8kY_?aGu=Nl5PfmJFD%4
z6&pYBH2O7b-asC>14@!!om{wzYW;7WsR01Elue`j@Hn~RE7oz?ze>cv+>s<ZvN1TL
zRsPxwG7>(aZ6kAa@70IKCnx_}>SXD^*zpvL)UdC}x<fk8+=$5kjT^M8I7m*;E!ptr
z`Bq!VbSP!xvkRrD0lx*cG>tue6J4zTmTkl2<LWJJL|M!*p}5pE6z>Ohx2hpTOe4{y
z(F^tM%g-;<+x9!NPs-`7F}(?-exLCT@W`e{5u+Va$ob~MKRZ%!amgXW1;sll;W@pg
zJ~X#S(@2&0e|FHAe)1}qzeK-5a7Z#VrX}4?g9eClP^^M$bKC}t0?&ql*US^y$bnmH
zdbSP^V3M(~@Mo<^Vhbp0TgSo#zM+QVeOZ)@Z!cfUGERE?CU8i2Zn_`g)Ijd1qO(;4
zjW$VJV>`Uy7YN|qHf0ZcidSwLc>aEWxzw$_F_WvcA}Q04uk8sD#XK18spEjB^&+g;
z(=|?OhOq5-VL&=0&>txw&RaK?rf}O4WZR7}(}SMe{Hj3e%CET!Ga(JL!ZAeU@4_y1
z(4I)RUl8V8D)gH1w3nV7?G~}K0#8T*$MhN%Yhkmi;JB&U1xQb9Hp-#UcPj@q7B@~M
z)>bp`1yHoqb_r5zO^4I#4^X_cj+QI<dOmUBf(%lSQ$7A~G>Uny%?4p#TQH#J^gy-Y
zB;2omV4I1}bAd__v$bqJ;c|H;3#~Ni^G<yQf8!r*#-R(%u)5|;u|4mPWo9CtTQEGq
zS7JjW5WrgRjzTkNns+ornWJp=K;;Tz6>m2zl!+m7<qhp)=aq_qim+7<0Y#%9&}U4s
zU&mX!$XW1VSoCPd3&5U{-*M+d#HV8%2Dz`9G{n{FxhEPywWc(@njZ)HIP4^YCTn#`
zVZ+Sg5IU}D=vZ*BHay<fB40c?Z$u|a=JPgvdAAcHr^?j6KYA{v7^h^!M=VMW7dp-K
zcNq|YTzkGE+8W2Y%HfcQpz)@C`IBi2YOvm%G4?U85W^qMXSCJ(3r!aPU?eNvZtn9v
zQ{Z!B?3$7LV-z~<k1HO-yj>9#jBo*PT>1A;h+2<*+<Om_-vS+xbLAR4fF(3*Jp2MW
zK?;9gS1V7w(mV#6#TlAHqSXd_BxVWm?!_u>{6F|)r^iIIHtP`G9WgCLZrC<F7eK7M
z{)XpSFrww=(B=%EG{DVOmhzZ>2a!)FE>!igt!z5Xzeu41#U-!_xE*w+u))XtAtbfA
zf!_4dme<z96VO$8^8#xBp>&&h4HICqAgV0fPIE#Q(C&K1PPt#Yy`E&MRdY@nKU5A2
z#OnM{sm5PZVp9Q)8$k73<{pyrAFo$3NLf^TPvWX*-JRvDwJ`Ftyu=h5Tf~Nu73oO$
zRO%~bOF}EI${M#F4aND9sjct-gb@CSFAFv81w0`<CmR%9T(%#?{00gCl`1ko^5-cs
z-tk>DIP18a{$DAb&sX`sxKg`Qm<QDVIc$LRxlJ}e5;92tpJ3AGMF{?BN<7GH)&Ij*
z`FHJdvQLL<`PQJ^|B4WO>Sa6sw4ed9eXReIr2dnh_mk`2#{<{vPpkjKxpVlJg<9wB
zYXkp3hpR(A15VW;BrN}lzxZ!B$|o@tZiOH;Rr7z*OFo~>+&{0u+~v;a>)?OgPTS|k
z-`Hyh^#=aGPX90ZAO62v$M<dfr!M~g-|^@97qoI9G%*1CKZiBNgwN(8Zl*u8ZCH?y
znAq5&sM%++U%;%b@s%;LNvnmCT@~yOk1Yi=YT?<aBqV6*nM33ii13e<{N5mU_xAJS
zrW;*vbD!irvFLy1)WgDKVqu9XtN6FJe*LztY6yQwjERXYqNWS8tb^}RiglscNOe1g
zjfEouER&pUe14hxxvmq_<rVPnDbw&o@Z5}(=ME|LFRbww$T+eFWN?ZoD=RP2u#&=N
zC`p)%PUmdyX%kS;yxmn3)EgfmLPA3uZ%^7}C#fWa!a?YCt*juFBZmrQybBR0ViSbN
zRA%J6{(b)$m;NyC`Ev7UT%!M%+k$E7Wq$dxL*3hCjnK0Sg4K4}#It?N|DP6$0W0tp
z@j-pO$<7CU0RR^zvo~!06)A)FtL&>w<7}StZ)8Dwc1rWTUhyK_YxHT#IO_9_kd{ZU
z7D7+FrfiwX2+}(P6$@neYlL{i*AIuq#L*v)*JFH`u(72d4j1~Wij$(oDr6BdHhp4q
zs6&boJ$s|ZAV({MMsNX~e`4_TzqK_TcLn~D0b3$m=|ca#udNYxrid&;4%0+)iL*5R
z57zX~Y;D&vPLpC||KrLQne+%#NO>YeRi<DB0Sa;NR6Fx>17bi^Yl0)~HHXt>7n%5)
zlCT1a5N49%ZE0yK0HL4^`#Cl(8kqKUdFu)uM6QQ~B&Lz~MaqldA8XNx?x|#F12Niq
zq3e%nD4OpH8R2UCR9&f%Y`OS<Xl(+4{Izf(j)q?jfs!RVTae-4MST*cli7hoj2dDE
zxkk8{<`iuFB#POt#x_8uGy3kQolsPCPa>*g&ytG^ln>9wQ6O!->UPcd2Y~osVOQS>
zd^7=%zmi>X-R*aN4K_)UH{OT>8ZnusudCJ`c~*`XsfSj=!9Y<iOK4T)DdE@lla{s{
z0oCg{5Niz{{!2?ToQzTg+KW32Ga59thRH|U8c~Ta*wjKV>IW~(#Q7&V-5VU`#&xP%
zO1FeQ!tr<rOfS3z$`UVOjFhuPtzO>ZDg4*^Tc_|^m%Za%6^o>lA%d8RC*YKj(1~W7
zuxdjtAhMZ62kMD*`&C8{u@meE|0gwc8S!~}<b{4xw*P3R*pcHI>{}_oVZ+mM^8~7K
zIzu_`9hTqiOhQzW_;?;AAi9=*8$-?LU>j`k7~7;h9!F_=wuoVf<(t3zn<Om!WuS%C
zQ~oI@;bJGjg1z9crf?|lW1bK{2#0Ui-;&%bd$hmxQR%_LNyxg9*%Ik(k!;3VTR{I7
z^FJh5xTNJGh?!sxYjwugv<HYI73)~ewL&2_CW(b8XU6Wp-0v)BX)Ss@l9x-<>9yA#
z=+F*SmTyS|<?oT*TJSvan@wj_Mw`*nxo^d31yNEc3XI2(VUa^(fX?h~g``9;ZfC;M
zyZV@=huuO$B;y&7Aos}WqrXl}naera;F|6{;+cFw^5fQrYh<`fx344uE|3q~iN-49
zVBM8EUF$t1q8CqeQk#Mjq*PQAn<O#aAJZIhnVF2@;^MGSP*9@kVlwstpt4pzH5)h%
zp6t?wMHaOXSTkL!Tf$e4q7>Lb2y0k&SETMrV3t-)5|o+f0Sh(4)9(UOL5;)pHsfGU
z*w1p5ZP!?l`s~UAS~*-$ORLu4sa*=BNH#5`ItR`-E<{Kim{E4VbRe?mNrbbxbx#dl
zXT<fkLpIj&Urm<L(dEJ_EAps}MoIZj5)b)Hr&@Zsg&8jN3ZzEJwDb^GhXZpF+6hc*
z<YQV;s#dZTu!<@w^*SS$6fV}@5FP*La!L`~lQllDry=-n-{<;OCzDj6Wy}<i2Yq8m
z86Wxk;)Y`~vnzVN_9Gy#14uf<gUX2HGI9(8)uCfo0GQxCQJwTkc5L;N2S#ixGvL&G
zH{_4{ds5bp5!jKqx|jYo39m{z+Hpw_jmn@&-q|x7)W4d177Yf$-Dphfdvkkp)dc=T
zkyJ303Wwj?;a(4rm(wpXC?M2SXA;a)U%|#Q8wsLrr-tXFWTiRE2K5)uW7vIDpF#f`
zoldcf5oT4p5Dau(9hq^Jhm@21v>#Jr42&(3avwenQ$YG~C0z^9AB)~}Ck9uThz$97
z8y@cMsALa37nac>rnO1an(!P2i;&r7^T@EyDf{HNMcW8&bv5$R%S^h)0t4jL^lRLI
zRK-b2z*-854#i=RLml-jyy?J3am)NnPbW|%Amu#bIbS*u&SrK&awJ3K3O;V)HaF+I
ziwa7%OHa}llTfhau>>khR}RU9p+7?c!pTZIg7>oqV24jfsg$q)mZ!8s4UJHmEJ`Yp
zMjsc!f6)#OpQ==t6PGPdzbP$Zcs>M|T#CnZorse%Fvzud-j&6rr$6gFsUN-I`<$&`
zb**=pvuiJf>fc<NK;lXg7UP(HV^i<3-a;`f_>9F^&H#~gn(d>jsVC9vr*P7vwj+h>
z^G%dhSV97T6Wi>Ktak4Xk1cXPrmtyhOy?v8yfb6hPOyzerw~Y0L&*vTj31@4;^Gt3
zYe#4%mtbibFi+yXZIpe}mNCYLq@a1_e1mC8#1_x?B!P*QFu8qDoBHD+s2YK3dbhzJ
zZ&29Pq&|w~%z<owmu_^{8jZWsj1jSGwb<qbvn%2J`qcxoCm+Mu>?C|xNKwj2-%DVG
zkrWO7Fy8+y*p7kK=gGe0h<`KGLyk52^pA_V^H|PTsL<*`lfl-amY-)}R!^Rrvw!3s
zoi0NQuZH@klNjO*a%ZIhOQqN4E_Esy++Jw#P!z9iE(D4fYluPw2&>_%k#|y632xC*
zb6D`SyHAdn_Q9W-$%1$<E=+7nlRY3-elF5z3hC<v#ZOLay8DZhb35hKoB#!WcTths
z@Y})$-ojK)<M{lL3b_^G)At+Au{B4`R%))RnTt_Yt6iGUNoRLX2SI2e4@nYF&25xI
zaNSD<t#Kz?pPo!relBbpJ@9d>_{ehCI5goCNVe>U>C>71YtoCSz#Beuy&cm1s3Vl<
z5n-j*zN>2jCQ_q%u;Ky`s;u`b(C<CEVU?Wm!;U^CbR#4=8%uIZ@U`#{3^7enUh1=A
zA2J&n%;g)(O?-iUST)ULSAaH#Q9*G;!6?x9t%@}$;WgTL!FV4nOssffdy>!8sG=Z5
zArfaB*$T%HQ`Q;dY9*gfnyS)na%;nM=b7vBro#WRWR$n*0v#(U-Z#mUf~BVbl8<`)
zvo7&%MXll&2aN^=IW-ZEJ9A&PO^k9Ba;qNzx}ftgG+<R8m`c?^k8rBn&H9@{X%t%M
zof8Q#F&}qewt4B#@#u1DhIlxgO8jm@xKRsPd*q?T=0HE6(*Y)k!T)T})Ljuyk*gFt
zIHiA6<JfC2ET-GG5%KCRuHPQ=6$u<PGD$qs@s^%_f&18S7?D(-oNJSdGJRn%&`jYA
zN!RP~Ip<t}mEP&$UxDM6u2V8FAl@Bw3!7N#Dl4i)Vp33u?`p4)_Cr82)nYTzRaFf@
z$Nz$BP*zs99a?mCISJdh-WDLGVw<b6om6Z?g-uToC94DpG|gp=0<zH{UWEPDaIHDG
zbSm5*j{n><C5BoW<$+oseln(Uq@7Cuc85i@JTL2T4WDxAbm%F|H|wu{u$6g<k-lLM
zOg<4Xwfe;@2`Tnv%}nq*x1sDhLpdWrHXPp5`EuR-Y6@nOcQuzDC(RImKR!;ER`3k-
zp|PJXDT|Q#fxVNF{XRqtLQ`nN-;~uM`xf?%P|zs=TC;0z0Yl-{623YYANj2jz8HO`
z)_p-@5&g)NjBFoXqskyK<SxU+>4vyOdo&Sx7N_$AYl?p5l>8ZxVrKj?(MW518p;BE
zLo7d@xGdAffJ$3{y+K!<)iT{rpt9Vy2P@Bf;T3wv*&W_9N)9{|dPT=?x-&AeLov03
znyw3{RaQ;{Zi^RTZf>~YHoXbrV22#zPIGCEsqyCmz<mVBcnM4=%R14L)59pFC_uAo
zI`S#+(tY}^lBHux&@ugm7tgsJ_T<Yxcl>29w|xnQ#Uf!S{p&<XsFC2i`+HrbDw>S1
z<C))LLmb%_2J;ZoZZn{C?#g3&Dkw7reFDTsSs(vur*d?V#694tf)ki3EfTdV(YLhN
z@Mu*djveQkE0fA|MsA(e6I{{!V_EmsI1OWEB&Ru&Fr-umIEV?owp!vTAhq_+KlYcW
zsL$SAolVM3k+FZa%Ds>>Twyz3C&^3d1HJFR$-eM!o`gRduNL2qH4W5ealWNhlP6RJ
zzDz{i@tm^bp1h|*A?4dI)5Tux3<TznD9C#s$5P(Z8*l8qRP*;V?jn0C=)pDTzH2?-
zU>2@gM+ou<#24s<MGd0Vek`IT<VH*mj^|xyxU1+)tXazIcap5Q5%vdlj4LneHC)^X
z&NID$)eWLq-ZD{SEyKdw!nnJ${C2U5wkz&MCGtS!*_l?ETz@Q0zLNVlcJJbsSzHvR
zLr!ur+uczS1!oQoA|)duE_A>d4o$4b5U}y;UhT=3kGvg2IeYm*V(_Pk+@c7QA`$wi
zuumMnPv(c{Pc~;83kzsd4AY+D{=j1fo?Ss~QnZFiU!9mOqLc6-P15OdJ0tS@2#XB*
zv#iFfQrzk)2UsKpRft^-8k6O5Rndc$vOjg15!|Z;FW@Ycwn-XbT<Uv9^fMq#j#Pq`
z2q`2Yijrw2bJL0_#h_D4Tdlu{d72Jrax>&Ol=6n6R<pz&zTB#5`q}bGTs9gwJ9l=3
zDuW6*niC9$ArW$Op$n6zQZL+tGIOFV(zi;Qnm8U-bcgdV7`7`e=m!_;-G-5VgNBq6
z8#T~?k9#j2?IZFL?{yLmU6!be8I1boi|+9DmA=@r5Nv_A4CDURq#DyE8F8Gs*(hV<
z3Yv&gi{id)my_Gr-@JHEpS%S+@+t|j;MMXHYuf1I--lrmeL}v`5aAVU*P{5c!RUc;
zfdruaMYlaU5=-OoDtvf$)e(fZ-n2!5kpcs2X^rvWgduok>88+uTYjwGIFtG>g_WzF
zdn|;1ej-T((4%nykyHT~+mXLB(I~NIOZI^kDuaag1}=(03c<7AtkPsvGm{*V1-~`|
zdG8bG1GBT4iHpA%h!l%hw!cHh<iPbltIPGr#&n>4y(f(B@ARTK2OLzxGnIt@!H(#U
zOy23<W$Y2o@um44baq6(KOn37RUJt`H68uA_LPr7L^iL^r~5s+|GmD0)AsO-t+!53
z{lan4Z$<scHHEH$B~^hkbjh(1#*A}k88)l5y{O-1-RtWr^56Zuk5Ow4Pzr&&NlPhp
zKR>8N%yembcU}c{cWY_#zW9wj!jD?aR05lhj*dh~&z!8Obv?%52zsMJA29qi$!({<
z47M`I7ZvZ&8)!n2C+GO=!6U%;RlAA!f=wh|RY4<Vx)KdLru(95KL;-I62?SI2|Kcm
zjgL!oDvViX7Jc|3AbN2}_tr$lMv5&4BMebY11lv0`QJbXAe1zE1s*P|CHT*&l!TtT
zoD=#L@LJ$E#ir=Me4~KC2*vwWMG&+lHf}O{k!gCqi4zEn*dP`-`-M%(Sw8Bg_mYr2
zH^QFO9_c7-5$+)X0ZRMPb(yCH)t5xU(>EG#Cxn#71YsFDmC|~gbJo>JddADj>=%g-
z53*hRsd5}{Bxn&FJ<l5&lU~+?>94QMjB=o5SpzQJaI7UMV@Px$L7FVq&H>dZ>KiK<
z+=GMBLscd0A5WZm>R721;w<G@SZv*jyfR=&F%sy;`5I*3r^VZRqNw&O7S(wl*6ox(
zs+{bF^`zNci?vF@ir-SFp~7(Fd<rK6c;w9X66!D{{D!9E%ZWWRfGB$XNB!{fNy*mC
zmz>qlT{Z4p_Q4;6)mMvW8h}IbbVae7XffQOK}5GAL|jBK>i}g1pOmm9h^A6-5f8Lx
z!=8LY^HP-RYCeKV<?<nykG#k;uFn=<J~U4ps*3^&Y6qGooKH=~)++ajZ=jyw90HD$
ztK=Qw&VxG-qJ#0Dish6PMBVJcqAE{6Bjp3LX*ZXf??inA1KVBqXS{gMSOh5_Vc0%@
zjf~>T4<}=u#MS&pQVd_CXCB?qtr)qYS<hnU4rlV{K0{qR8g^>d<MaW_ZYYJw_2S0`
zo=1^Gm0l|5OC$q@Nm-qTh3tsh@9c<2nZ||rBPEW21dbW)I$RUWugOrZV%+tr?-}ZP
zt=75<KxBpc{e1H%Z3dnKZ3Pa@>03_|Rroagl7g!Cgx5&XN0Lu1C#<W}gl9Up+xPbp
z0o6+_eI5zvJ@II!fox83HPmwg+;2l!oY>RI!6C6DDM|Jn62YGSn*%h_zMa>!nW4#v
zygALUps8teE-31OffC8`8Q~aw3TDHBE3r^iJT$VefTXEg5}TPD0Qpt{H+w?w1cNVq
zWO*vH0#io}MdIl0x8H_WnT<ttO6HSV28zh%;u2)X`wE$Y9^mZw72fUE1;BcaRYIcA
zX?7CyjcBHzE53U{0ou(b82j|hD73_VuijPf`Na(Y>qcE5<yv#T<ALcsX^jun_gDwI
z<Oqk>&1Z7tNUO;MW&RC-G&)b@YwAcV3m>1+3(bY~6AHR#SRQGG=K`xUr9x?-!K6x?
zh~_yV*=V3d>FTW^?QpJ=rD}lfFU>P?LQ{EFM)P6^C{hY7D>c|Q{hZ)#ulVtChYYs!
z1C}GiRbr-zsOCnV^BIL8+-k!Qim8b+o>PY2EU@9{u_Gi550!51cz$MtpMB11)bri3
z>E-2c%^iGS)Y1<SAU8R+D9o4fci<n+LQTd}0Twzs^1+@8zp@gsj%#b&-$pCRZzkj~
zm3h_jR3b<KMXvtGnZXCL5DhQjx?nI`FSJSyptrIQXT@8c{IXxAa9nPJ0*fIyz44@X
zv=o0W@Ql{zHT`mmlT*rvr0MyaNYnQX<G!J($3k8AQ-D_v7TVc<Tl#DPF}M?s(vGN>
zK*V(doBgcg?a2e2V$f>;HD19~i44Nn+E3^+Pn3a7Z8aJGVc!ufWg66b#!L|ghd{Q|
z(BSR%@6JVWDLD}Hrc8DioG8em%k8Y0e0~aPdb0CHZIgsc7Xj(aI<uMpiWg0$-nOEZ
zTAMZR*9PmH)b?rJ%c$G~DcGQ#&$RIC33@!$XHnnMhRIns#$x?F&)EA*oL0?`nJ;zj
zg;>Z%N>P;KpaJ9wVov7W??xnh>Ln${51*5G-c8e}S6?_xa=72lHx!?&DX~pMtHp?6
z0DYviD4P#Fd%d!-)VL}?UAP%5Z7LGh-{gQ)N%3F>1ZjUX2JWQZA$YI9W|S5z@yP1a
zHQH$)0<@&b(LDda1_?=M=%I;W>hbvGpWpI4pzk62*MXBc{4~p9-<oSx6wOtjwv{@+
z32_A;ofq;Lhr7t08F^^SNo=clR>_+dEeeqr<_jmsqNS@oVO`ge#7#4rz&)#Fhr=-h
z1`IQxV6i2d<P1djN1B%iO{<K_A;D2OX9%ZrLHPKTsCcsB<slUA<tEYZmWf8Mvqug!
z;<hi%WIT@#Nq=&HgvB&bqKEVY^J?RH#~J4s=6jEgTH;T?FRRE1F!Y{h=+J>Bojdf`
zVeNHh9Dr}-Hz3iMU3zQS+Nd0TQ|{n>o^FY&9y2_D4?G=mwrrJ-4{amId-l8Ma<k=&
z+G#%Dp2;SXP{F?y{VY4js}&-EOem#9&6n>H3hmH6B}+J_WwZ<YW+3wLHFQW=hS^Gm
z>rQ1RMS8nv?a}8a&vP7CEceX*7kB269XD0BrK-1p^0jA*-FF4~oJS%v&dQSNf{0TA
zVFTp=w;b>Ab2ItQJrI?P-4;u-x!<cUlH`E}l8WGW*!dj1Xnh7?Bnh3E8o6)d8DlN^
zwg9t18+>tVdtqT+f!9oo<<19;Th1SUlmMTRZP%!>0?le-WhNOi1>yptC-aR)lXPNJ
zve>B6IWCvYeYy0JA&S&DD=$!#ruIiwPVsv`aLU0yfe{Nc`D4IaV4wfA9Ww&rJ9C~7
zDh2omsO*Ht(qKWmm63l0A^W$AFan|$EiI;>;7~!Qvn*>))S-5+Yhn<|-<+l0CW*w;
z-POy%Wic(D9NY540!3;#MziAJt?4^nZ$2x0#dv~9v4iTJ2gCho9NjG7naiQUK{yA3
z0h3VAqM|OV>4LF0-!Choq&$m)ro-h*zS-3qD|inQ<}>YZo!fZP@mxhq%?+?}O@o1_
zNE{Wtg81Lx+!|_}0%8N1d(Jn+3Uuyo^DAV7beF2@QzlW*^$+=e)_utPrOM%JJa^;d
ztjq_(HY>n5-fkmB;V-NIuFM<eG`Y>n#p(SX_$#2zmQ6<y!BmTu-b6=#ghg{-6IEpt
zNTS3ico7Wm>dp5gb^6x@3CAHM-!KDcVsJkgcuFOO^!y8QH^oPjGOesNIaR<H-yRV!
zMvUJgoJ2!1nA5&D1mzbM)9R)_#U+5^QZ*<VscVU|WDN;r@CgFO|FWD_UNP9WgD~W_
zf5B)s66xN>3_CBF^RkxxRBg=GI1Hjh*<0lZ6MeMzRdsj>5Sqkb@)XvVmf&A2YKZbA
zKD~&;Cn1JJZMOm{b08;aFh^VgFN*VJ#6TvJ#7@%8v-7=HRdqaiw9=cIqTVs1j`Wq5
zF@T#BNviw6q!9x&Rt5pYt;DYfz8LM6hxxk9(dv^bh=VDll_>kAeolP7anV$YI(AhB
z3LH46r0qy)%D#mlA?U~h;K*puw;QFu9cISkLhTv5nMDni)^?|F<B4G1#4*xk-{tHT
z)7G|^{SM_yN0YWtR%kDjleEP%kR8v|O11^s$IXvT&mzuaCl3LSlmx}Zcvq%p;VO-0
zi>*w!nG(`7qfB}fGc*|KOGqA$zEW@_w}wC~lbJ9Tv}zeKC2<y4*mI9Fu8Sp0+nFsy
zh1JukUjfvJv8%<n6)nt^ERF1;eS9Er(f?rkoA0d$=H?p*UHIz%3gvscbSRu15?DKJ
z(uWb*Xd=s84ab~%!{yx4<ct}YP^REvE3c|0+W)9cMclpHGLmG$4FN2=971Zu`M>N`
zfNQn>BwJj=PN|YiKqMztf=S~Jk=Of``zQc8=UxaSNwV?L0qb=827j-%9O`<?hG`Mw
z?^xBp{N-!4*u8Y2%v3eB*fO)t*jVQf?HkLgymUy16_Pio7O#gno2o|*oD1I(N#Eyk
zp(%Pdmz(hT>(|RGr@==Q{>{rQdCzx9OI-EdXS<iFA2axRZJsF3!HA8=oZ>ksUOmck
zP?axHeKPzgwkuwQM?p#SJ`V!N+~SkO`nd&Uy}wk1wlz){Zi&3_izNnIpx-|$gw1<B
zug|c=mff%p3DOEoo7XLsSMWU2p0(<Np7Tu%ECeo=TQIPh8v@dZ6b7g7jWC9#vJ(dl
z#Q`%$wp+iD&oW4NPpx#oMmyBNpJP+uV>O&E?-A(5G&e@DRvrik<`rzvJm1KC9_F?r
zIwk?9Phc*?yO&2GzaiXNxML9p6oN<@vBB3MYQY4R6b<sa&AB#~#!~Kz%yw~wRBE&d
zJUMK#=x5vS6$qWxz5(enOhKzHFbaYgE~l$tGCa(r)Qzb7$G1LH&E5ItHjY6WKNHA^
zSKp3}habtb+&AlZU17M0UK{Li@a<Nj>UTq<ncz##H=|==ykTuHh`O%D>I{E$ZLHjr
z(k1zV9sSi^>xS`paSi=bg}sb~7e4B4av8_zsRTojvAkG!f;w-z97;&ucpjwIetgX9
z!v~-KiA@sUIO{fyk=mJeDmj?s^uJ}7<aWc@XBHJr{(8JfAhM!Nvf_T;f4o<I^~?5n
zteihz!bo4Q4K?JL%cno5hUU2FJt~zKhiH3d3r9;y{@O+e7a{u9_(YLA3-gvSi_LvY
zbl3VQw-xZVuKQ#%`A+faKjp~BNH|Ob{c4Zo@q9Rnv9>ja5=^0>`3RVxtS5WwO$;!+
z5aHEXAs}czlLUWiG`%loT6qv3{k5!$?Yj%x)(l(1`k||CC+IaQSm#QRfXx)_uxh%<
zAu3|%c>UHpU^_*dN-fh*kyz@TVnQkWWULqDlR@WYMM%MGQX!4m=Wdd$*rO%DFlZ?r
z*3LES=}HEZM?5qk9f}<vSW;rSSh4)2c+g7R$dXP7jlu#%Um#kzfN_$1Y(7`l1xr|<
zrz*g&fmlH`HX)uCs6uIOWJfDUffto2!>)x)m%|<tW>jh<1K_WtGo5FS?~6mkE=Jwa
zO25vWD~ZxHNNH^36xxxLhkU_f&d<yrh@DPNmgtU}8om#1FWPUiLhih`lNc`s;H{2?
z+ZvELm%E*Eavl*!%uM%JXgI5hw6Og-HK02I@|G0_K?|{EADh}0Zz;=v_k`5Qwr^V`
zkzB>aV=<<j9fF1T;-9r$MU7r*3~p}^wA3x3EdF*W1RrHd4HCuT;o-5ImNg-kMN>A*
zGaPMQM9W6LNG37a9|CJ>F{S%NtkB4ERyuLBgGcL+8G<o`;XJ&BuLnx)tnATTX|J?a
zlb-lBA1;tI_U7<UCQ$52n(c5y#ZH{{YZl_kGEDW1h^1UPjh3w_X@pEik4jyMq{L4B
zIIT`KXzi)1^A?EtH}mCyHT(X3r#ld)CJ#@Do4CE|^3=wWDj}^BoxnwGB3lB$MByM~
zuyS`~_rR>6*_Ws<Lyxq++ZZN0ZOuMXOo#pjzwaoMD+vvubT|r?4%Z>?=RKKF+^wbz
z{Gtja)9<RD1_g2GZ>8sjr-;1!`vt!^9pp8Tt)8Y6(5>*vVM-hHQO5)0)--A#n?^@C
zL?y_7lUN7-oG_afGPfIP)fPa=XCk6tE;=)ZjJE3Ub9tuVj*p3Is6mi{HfNDD^;qOW
zV9e5wlzJ|wtQu)ux`m@C5O?iwi|VT-7#SicH>8U@PBBwS=hbI~$M})dlsHUbhnu8X
zz$uw&w%aNaiEU*D>P?7`hqKeM?DC9PYO&hg?P2N+)2OdSpVdfDr_F*xd!f>ha+N8U
zmh)mU8IHq%BPgo32zz7X5=dsFFvM26XQ^v**`>B171)JOCKL$3&Os4zjKt=&lTZ^y
z=QXK*%4rVxHTH!BnJ|W;muCBPKnPWu1iQf{n)UWCUCF^Ky;(G5{AbAU($bs56f4BJ
zj@m?bDF>|mW$Q9t4wm0Fj#G_OO+-Xp4JOMoR{WrAr15Xku!n(OUq9=0?LEW*(%E|(
zqrhj33hgHfT1i4kbUfF-wDU<J-Q{Wn!hjiuYltnZJ>4!j87Lo2zYf_5qBWsaCMX!`
zAqj@c%7b0K)kJClZgz;9JW)DBu^ihG@iLTK!2?JmII!mPlIO{fe=I%=IZevuPQpn0
zk-VVq`)1p!1;aprjz#5!9t<LxKd8H%mOe_?k2t^@WfK)$P(^K&Ejm&qw8_LZ)X5$;
z5}~KkkE~0Q5&xZyp`~ABXU3PR=MMznO^vz!5FJPP+T8<8FWHinQ50D;^b>h8CXBcG
ze^i|VbEd)8t|!LCwr$(CZA@(2wlQ(u*tR{fZQJ(A{_0?#U(i+kbXE7W*1fLl44rsK
zC1+HPx+)oWu$`(g;W2EIf;n<zZY3<g|Eh^<v4pC4e2lCI#(Zo!^ul36^4>Go{FDm<
z`{DhS{N*iS6Tynw=PT+bFheiKxw|Es#p3`x+DMxay%G2_yO5ik<~a5^MCx&NE<`|l
zO9+R{8!@;5<H@NSq~0}bexV*_?WnH~s{{9+NJ2A$yA>9jWOiC=26)ta-3)O_-tM3L
z{(s5nulQ2=r>!(|SakuPhkjP+sS=n}sVRGdC`5lkNjUfaF^Uux3k*!4fEgmr$jSu5
zRRI%)5+RWegXK^>Ph^*C3@Aq+CB(<dlkz_+jeS2TQV|TL=}MD-dwVPDYsjaw$(<!I
z(SMRwsz_9jbvWTa$Kr_U@#5EW&I|Nctuwf1LF)o^WCqC3Mx}0zc+yhT#}t~S+m8X>
zjJlG2DIQWzQeYBzzc1?jVZw)wg^B~j4m!$=t%>k-pz~9-@fh+ftkJ%x=g8ECzf~dy
zSjFAECGhdK@PNhCTu)Y8zSpgO)%-_w>wb+;I+sj=9nH+lY#?;Snl9)|cskQ)0WFs)
z5d{7^F-tO+Dm55^`9{skCa)Axo<|h(J$+yj9DT+}wqFJqSGOpSXA{ZiP`z84^44Y4
zrb5fn&Y3G*3dh`@%SCUxHpwIzO^iJ}jEF?Em@j5`U8GKsXm!<Xbek^_#am0(d{`BA
zmvj#wnfpyyt&@5uqbcrT`MR3KsmZ4WO=t;;WS%eaM-s?-G@LI2jU6R1mjtuQ;P5|L
zmjBII4)6;TNP)ygt`Z{=NaCCLm0bmH0>X0XL?ajTH|g2h232cvR82_<TDyu=uI96Y
zjrYg@iinOHZ^*5!ISjL!UK}pFs!FOttFB7Y1>pgS4z~JWG1J9F$Tazn&PI%qOF)&9
zv?b*cP>#Wy5Jx9+OA^0|R-e+}cn!)+&Gbh}w;9DwblJL(pZb}nUR?73jPd;sjTsoU
zT;!+NULkJFrt;uSh#s@F`X+k#Yod61rHyZh`5Dck@KK6<Z@AIMnmv1&RU(S)=|D;t
zMwP^JY~uU-E3!gE5*hl4yNso_bs6vEXl^N9WKG3DvRYh5a%32fLhJz3P@UM(rn>64
zOS8X7c`hRl-hU;f+$sOFJjVIl%!~kBLmWU*BgCSW3Z~N<(zJsAFS53DJ@q{C-cvfH
zFr2I|Q;*eLU~rnHrpezT!Jc{+yk`<%JHIbjzyHGmK%l<$RkjKF^Q%N!i|2RyHTVUc
za&|OYeH=J1%RwKkXrqwI!?K##ZLT$0&)$F0t8)=cu?&ehCz?bMEoRf5G|_UFmTLud
z=9*6xa<EurGvu0O${r{S2barikg<EeJ5fPbeCUcZr#F1l=a>xzr-R85*(~ybGl@+O
zvSownQwm=Xu&YJ9IVb{gfBJd<H=(vu^q+MKiu_~-iUC!U(lev6(bk{2>`#%#%&;rb
zOMeq^Q}AF<tbgo++B^aYs7*H0Nw;%dFZlE~ES$dDn<keA%6T$LmV!}y>GJHDn^s~o
zR9n)iaTY5pj`2imVlsK&|KF#*{-5P$({0pMMEGXY1v!b050@0D)#zZitO=F@eO*|H
z>^{vD0TSALm<0_MN@T)BM02;Ak~L@pYqyQoWi~QQ(q6Mo$ziyf@poTIGL+ZzuOfu<
zp9z2XP(KHYNJ^+Yaw%RGz^Lg*J*iId=`ml8e*b<L#hVPg%K0f8kj7XJxz;(kZbz&Y
z#K!_7vayj;Eow7f^Q(<9|KC0FCng|LVC@$hpuI1oCm*TIaIQSdqlVqOFc)c-<7)I|
zNwHp^i)ckvE=+8sEMhz_ahx`)v>7AR!#WvSN*%7}P>b}zNH7S<mcHG4z(EvsMZq0Q
zEpG6pk$5e1Vody^&{oQsx~q%BkU-14LO!SDErA}}E3}>%$8=GSMwgZb7TJ9W8<XH$
zD6|lnW&cZ(gjy80;!2kMSkO2`qlYrECmrNWi<>)@Pg4<1J58K|_CpdjN;<8q=ZP+@
zW6PKw$zrjZV7s)a(rOdoD)_MO16p6wR9%ZoHWbJI{|>qb=vP85C4?rHxkat&$()qp
z+J&a1#Gu0~zEyIld9!1@Y>}p-hf4;LNe6K{a)hy~9LoR|5=t`=*KZ<^ypQN;M)67`
zP-%mJ@L$BtM1}@7O2bS*V{G*ya7B)TERpD}JT%!U)UwFDpGnO>0DxkvA|}-PB<ng~
z*FPRoqg32xnMKU%#4^o|F6dF{HIm@#9sxEx)f?+7k~ph$pwWnRJkd|7GnQJ2>S!a0
z6giJo!53d+XS6o(=gN$uC0NOy1}+R7QsWYX(YyUOe_l1YtgtJBvZGuSGbyDl3^?lf
zsGu;C2)BMqrQ9{V4{x+FxZ#FQ_$E|~Dp5t0+W#?GximVx=tDA3h$N%sLSV12iI2<u
zZ&th`<Oi`K@=!|bjUz1+DS2Xn7zhvcU(8Vih$pIrQE*2wF$_xM6fI;;C&fh++)Ji8
zmGX`^aY-c~B+mHiap*5>C(7b8YS=`cx~?LJJ&zEc=$2Z7LsZoe8bG5hWll=cLHG!?
zjqx&cqB3K4gn<c|Y7r=<?BA$8%y(*9!bL?_TG3h|ni<w8Bq=*2V&kF~#b~pG7%;JF
z4ZdPg<KqiGhB<P)Qyw{r(5yLU3jPj18VS{Kbkr}2TkCyyRp7GlMk_8ZuEOl9nOo@B
zpSacki+!pJ=Slt4M;5G0Q|J4GkbZ9J6u=m5Y`L1GN!v>CH4>!)5*sOIDb4l$o?iFh
zJxR)lbYajC&$Z5&E~9RwSG&&8dC9#rPOVYr-N)$YuH&kb+$lxTj7tbbs5B+MvDu*o
z>YYRhQfQ)D;!xD#>Ax#!wz7@6h(^g*inBIBsu3zPZoPvfJ2sbkLt`z0|2~v2&yXq+
zwUT>>jZ!LdLA8bSl-PMiFseNDj*dh~G6l+0WaSz!-;!*h6XT(g=Joe!Nw<G&e|{=t
z$Ia#&=vNU;d{JkQ6lIl_7s{nTZ%IXOFa9eTivX-jWWA??VIh0)Cr(8Ii_P?f#L|8x
zcg~`|95CuE4)_YUp2g5q{;IOH$hj7UWS}8+9GcQB4W}2@u8;8|qDNIaQ%E`d3zMoR
z^Zb_<2f^g09MVuPlRG?yVp%RM8?_Y0#LZp5oYd%^JP7h%`%NDpkOGB`Z7nU*Km1@d
zb}D0GP-E#s)02n+c`z+acqOeR1yN2Fcw7Mr6k36Tp@_sk;R20F>bgA`0tsVBq&pEo
zn|YQDOsrn6A|&Rgs)^Z-hE9c`sjRR?G&YGA+8NzNwC`HEC6pnQ#$t_no_uyB{$H`;
z^3b1~K9fXBULPNtiG<v(jAby%0U0};vX00w{;vDv9}Dk995()-e()TB3FC&Sqnc+j
z<0W}QqY;tWYNG&Q%u;wEQqNQ|Dp=cV$UizN!2mAp#WA&*IVts9KB~cNXc!4>Q-KPu
zM~OVnvc-u}VY>O^@)<Sba%)lG(T@^>CQ%ai=-N|r!4&Uj#=Bv@Yik1RE?&Qy-k2Af
z+37s+CQX88X3-&13bM&OzxAA(=SDBH%<pnoYRZ3uXQWX-b_{(M`--o)y~z9dTFX8x
zmaBREE4Jb9^l#m<UTeGGhoTB4UNluwHI+UQii9hUM||K<*Fd<Y@vm6If@(xdm1}`Z
zKHzzwWmi_oA6F4bD{|~1L&5CKG42hQ)cIY-QPL;R(N~x2kfZQ+2KQUPPaY-t)6YuP
z%>#ke<t~N*s_QeS1=ED`olw-%1TS9PD*x`kvhcQQaV*5>P8P{dvTdCu^{CXU*CU5*
zyn4Id-XFOic?|R;Yb`7+^MkuxEFTI+y1nKe*6xG(>2oX`3PWI~#|QRv<NQSyFl<bD
zBtpQGi2w$Y&g}Se*CIcE)qA7a;>kj&4hLdIBAF6tcnRcIP8e9H!f|SEmPof#<V=YP
z^y0P`#>oe!NtuZCTEvM;(iDNjDa+)ULr6r9&0s?e2;s%b83G5g8GKchAu^dI!#Qx4
z8UbuxddbyNRO9bggQ&!J9}YO3Ul`>=aB{h=kX@FpH@Eh}iU~MsTeM##P}m2U>HHR4
zp6c-BScc=WBZ+^N4K^wVyu?@L@Iv<n2)Fl-O|TVOhVT6bmGN}?>RHWZE7*yxYn~-j
z%!&*??@VsYx9|OOYKOLYLVya64Ei!??U|Q-y9D@1FIUF!>vkG}wbeg0ShaIY#(K_7
zWEQ}p|FQrH>U!}>u0%31x;~(X2Qc%^B^viPQkp*v^*^W9Uh35&wCJ>V-UrJj<VHSP
zE%yx;Jbu&nlUYifSS$g6I5J_MSST7!nZ!E3WDP`w4ftlv70eET!qS8VBo`n#e@-)t
zi-$OJD{b0-DuHmJ42US&55|23qROhHzdeIhMm9RnE)Rls&b@3t7L|!;lj`7Cn#F2l
z6iPh$0Wmu{JSL{5gzUJ$!~h2lY+Ga@_p@SFHi(@jV-`!JLePg-`b>;Ev1~Snjh1A?
zU%c1^30ImtQ~)%QHNDlbM#Ks`b`c=t+E+jBx)e?HiWqclIdn7cRD-|i8u@Xn3oSPD
z*~q}aGzJ{@EWwZK>_k~mF*#_Q(9k_A^*6V=+k$Ho{iGo1n<uCdQewWb0dx)5*37(0
zU(ot<o{bThw382GE)O*>{QkV*^%*4WT<lgSR%CE8jm8>R|NPKZ*;;ZMX$WUHWKU@F
zgLS%kLs(kaZ&^DK$y>&QxFHNqsAq(vEFf(Nb&hq-w9!_dOXx)A!&)}QFt)DfvIeh5
z6$;7;A;?E^R$}}o+ngKw=A!osU|gm+e;(v~bU9*aI$_!xu38o~%c#gh&4rwE6*364
zMO=lBRA$)<kU0DyC9mj{wsxq$-K0D^m+>iy{^3?Fg!6Ocm|G0KLd=R=>Eh3JgdfAW
z=9uaEwx6C1b4vB4g<&m-XqaHEyv8p}c96)rtQ3)l;SsX_Wq%P3eL*}P_V%tcAxz&a
zTYXr640~B3gNqWa>c4|iEunt&7lFZrFc|4tfY=st7K?A~5;5I6Lkp{Pb7+b1n1Ij#
zC?$LmLPB16IA{IKioYqWbYy2#SA)g9D*&uct7Q~F^h3^5i3vI)zoggj?o7~J@a`E!
zvm+A!oFe8_>lOdA=3<I}a>7PxjEyFa8{IzW!)mcN_GO{xyJ-m->cA~pO@=m>1gX>$
zvcm3zvVV>a2G*u9b8MfCc;1szaN>SEsCi~eu&gxBiUg$tb25?=_#2VET`wx>8f(4l
z^RnKnrY3kJ+rlJ<`ha4PTu)d7)6yY;K86w=@8IORn>ji%Y-_t$@6s4(2pDI$tb6ns
z>xJmW;JNr{si}$RC*;5=a|wdvb06V9bSx$?B0AmPfk73GS!Ugy>adlZ&IuHf<AiB(
zQ9N7m?Xb3(-#=WxieHuWp4-!19p_iJ2F8O12Paoz?I<XUFd|Tbg@QsbDl#Y_gN51x
zT;egIb&O(_9oIj4pU*2g>~QF_Yx*<ZTCZz$@-3%sr<{9J_gV-!Jnlf6Dem1xtN!^>
zxiW1-IjZ+-n))`zN7(Yf@Ubt7iSfY%pN_h7f6l4FZJ|j5d0V<Dhl>-%KSyZ<c}g5q
zuO1t-Y&MEOd;2wgF`3NbUcdirwg)tJB7ug2+V2++H3fslvctEwtq^{C0>|cr7X^=k
zH=Qp8g*D(xMcz5=n^I+EX&kj#{hKKAQ>1>Qq|HQ2tkD<dI+nLmg?pa^{v3%GR*6wC
zxmv{7X4Qo<g2NqbI)HfrRTbOJ*quQ|C!o8++Rhf>SkWZ7A9g83w?ss_knhRSBB|G7
zlhd<zsqb%77Dr5rhY^R@XDQV`cMGtzaNskN&)NA%{>^UZw@`^!t?_VNxGf}B2d+lC
z%Hc%`^kl1tL%loZMJ>|t*Bvu$&#rfV8QwAmtg<zBBimL-I=CpCcCLD8*Hep-$Z|0N
zw;s`H4~M0hu2ePZT5UD!ulFO9kr5}n23MZkr>A{Wi`v`y+M{-@i*s+$it<gh3htNA
zcw%+dNC@?^!L&!c=cHxr+u;vhupeg-hcj}a5_qa(kyHImcpt<6ng0zEPX~nb(2R6{
z;crxJqnmhqF8AHN%TFgnb<55Q0-}&~h?tQx>YijoD(`r6(u*S2Px5iQG?jF94U>pW
z`3jM5oF2V$+x_Ed^G*d3La)yLY*6%{9q*s^Vg&(n66Yj-Bc?xzT^<<%v}E`%e;a8W
zodl2RXlJVgY2~uIZ*J@l0hR+8wF?T!{N@0SVY5NW>coR|NjR`pN+RhT<OCr_2gaY`
zdvqpyqQk8a&eL^VU$OAWZbDY5<pgsUeY7;?2+(yGcB^D{a4>Y<G->ZLVmkkWzifW+
zu5dnM1krvy&uN|Y?4M4KM_TtVQG&xg&ERJIKs!DU<nE`7;ChwBwCFkzul-D62T+6N
zR!?GVWHayB2>GVIL<@Q2kN%on>6w%i1o)oN&syIhZyBs5#0X#A+Wijpl+mYo4`as9
zO!q;&^>7m>vE9WMwSmn6M9S4y3{F!#G#OtRAmd@CsCv7dvMt@4{W>ei8<(M!);};f
z_t2>mI6)!walLmS>;|goF+y?+t6E;(ZHCzG%fI`$8}xf$R`D6^+C|8gS*Y3LW+|zf
zHE&j6dDd$n)N-W)OQK+r><*3AK2qG9?HF*MQH}S)#ak6D72~tPOZ=BszV2IYR7#9Q
z;$k)2-q6sU%m(!(hiY%<Z=RA%7>|qcUv}NGlxp;blJ>U-Pw;$CW^Fj;q&VQD9SyKI
zK>2C(L$UJdhL0$>z0^CSe2q&4?5_L)*1!QLzAqk+;;pT3!aR2$e^%Px@`HQfyPIx5
z$5O)Wrv$deVB@b3LbE!71BC)3u)1oG&dbs{9pFR(L+MOUlp<o*!^16l{ToHvyZWQp
zlnzj(t0pXJK3`aS&%R;R%x*h_OVbReWxgvOl;~$4)+i_kdH;stE7<J>=k4uia`_SI
zC;iaTo^1a~$O%S~lNr1MC|f(<wHtjM@qnbD&|4KQ_!<!f>A-ta-OhPJ8?QrKp0WZr
zPp@aa2XQ#oGYcqw6f&4p3pMzW%Ale<{g((DxcoNjz{_*zC);hja3rXdJ_+`$*v7}*
z0jC8JI~NHyC+k)iN{xGtk|5eHguq&`Lrc?o1IJFoh97`u!y!?rv*o8#$`{KocOBkZ
zxNHdC0sA1inG*f5HhGti+9R)po1Ua6RPMcrYP%n45%WxkyS<^jxNRLV--iQ8d6`_k
zV4C8J;|&Vn<>Sy;d!}<+!@FzGX(IcMOX~L>qr=2}X}2M5x6dV5XSXwMV1=64#$PA%
z?*|ocPCuMjyH^}tJ@+*K^=RjRVsf#ZXCh$naO!!-p@R*UAl93WKx~@mw-O~!9HLxp
zoEk*CT6o2@uP9X;b_TO<5DCh^czA6Y+30=H_Ql}_>mSK?uZ%((iI^vJZz#p!Z9O_9
zNi~;eIy{7(Gw)DMqp$o&3n2FAan<b)HZ)b#MhdLPkKFezWu>+@Jz+)b8sICTl@!f)
z!{q%w@K{x$P8M3RRdUc;70*J@SJ2TO00iCS@|T)1a9v^fy19l5$AkM5hax&YkC>oq
zG%WsH-BzA9c*DGm82CQ#%tHM^h;C0rp7I*u?09yec#~L$J6YEZr?+Yt?DhC+cyfKS
zP9+Em?r^x7Ed#&tZT&ZI=^3A5Ozii$y&o-+v>r3U>G?At&%LZkie`&AM=@A05WO4j
znU*2RHwYllJ`SwC8NV?v-mY+A{yzQ`CouTxTOrw7`@9TynI^C|u_2l(1*Qe%fk4%d
zvIwMG%dB;}rfs;ed{635P7O6CVM}8Hr!=;B*}xV3MI^A2nj!yWMg>}+?2KL?MjY(t
z)lc{zG)ubz^QI&M$GWiizOSrU?CJaS^lajjYx*V&RlFM=K{_3u^1lE5t#z#xms11B
za>fdv-^!hyOxx8>tT)NQVy)y~!j%iotm3pSJ}_9Ct6^++ApnQL375RC5p?Phc{tsK
zC!d!x9AKU854?`>`i-;s4RyrJ_bU_9Q@Rz1;^2r_{ya7Xn=MZ`D86Iu<r#mAQ}|oT
zCwV9<Djh~7`{Wq|{Zqf~`&lk3Rv8i9OEHkWXuHH;LDHZeQ-6@Cn=uS(g^&36xeIXJ
zysQqx%b}dR-ziD7uPujGlWin}qZv-C^sN2ej3Xl*E#rwRiq&rg9mn5bqU!Pb-Z}I~
zq$nw-fJPPZ+1ykv?S6D(@|50<_3<ENQ<sOcP0S>6{-2S0a-vE*^b6<4zUKvf9@{E1
zh{-HZO4Lw<chxhhTpF}m(vcAV$rF3^JKvT0F0q3cX71a$!R4Ekil6tvj^KsHJ!*C3
zD`ZrvO<Msc`!wz_`T4WK)3KHP-2vEyN8rQSEwN+U`}V^=UbL4n=@c$^K<;v9+&y>8
zj#e|~+tXzTu{QheU6l~s4CagLp=TrB0)7Oy`c6uS)$LZ~Wve48-nhOO(zTo)6vPyA
zx{Ac8!-zeBU>Lp|US9;VS*^Pcz4clnqUc<T&W*Gbt45m*z8v0W#8_(Ci{U3DiT+9m
zlrs80Cvfx1d<mmnKf=MO#+Po4JWm(;4@jsVP{Y1Y(xy=ZXB%U)?k6G`0SyK!G)2g3
zA8vB>@&&TdS_=h1rzdXN?|>sYXRujqT-c{c<Jry3X1yWOB{lVMAh9tvx7XmZ&bWWt
z>~66G$+3JA<&?JPaCP9@YIZrY&~~k6j_dPUq}#_#-x)ndn=5?L_Istyl@bZQYB;hf
zlhJg8B-j-vC`dfcaJ$>aeu5{G(kU(8%P!V?mo4<U-*Cxpa}KQ4{lZJ<U(*nTe%FB8
z0Aj9p0~}(k=t|=)sNT0D^At|hP=<WT{!E68#Arel#debrk)*E`XT-o9?D;c}*u>VO
z{b*Nk41X@M{dO#4(snQNy*fg=UY|VmR$sH5+5Y;bgLfEBd=5s~k?^qL^7J;rOdIfX
z<b6&mjziF6S4LJg3D4`D&|nTnXt65GN>Z=qC3mE*6~FKi=G?s_R(0-XP*mI2&+sCP
zkukl2(Y8e8YG+cEF_4~*1q#9%a9CXK;EzWFQ<4nAV~9#8d^NgGd3#9O&bMa4Zoghs
z<9i9Fk`pHm7T+h3Wxbrk^8<8h7*8bLgRS|J(+%SCns4Rn6FgX?p=T<qKV$_%rFnd0
z>XKa2j%)M?$2e=MNVmVq4K|{GPaZ9vc`x#?f{iHGhv7aOzxJl0iKGAdM+Pxp>$yw)
zVz`Z}q2$MwiBpYk+7+cd0uN}GXM`iSTG=vQd76B0#dE?SuQA;l8^x8FQ}5f_Kjv_y
z-}xJx|6)5ywqVJN;w0V_Bwi)A@^I)}sl|Y+Z`~Fl>m|1%^+76wsQ{5Q!WSpvm>e@Y
zMvMV#1z|Lj&#O~umr(tlked@cP*P3wWet<)ST);N%uL414K0^|>u}IZh_lv#%{pmk
zv_Wl`;8Y>z>B;2{XgA(&el$n@DU3)FxYm3lZNBryifxJ+-U8Tf`!enF)kIKbJl#m~
zF6TkPLWUSxY6tsV@b@R_TlPQk*{D4HIG;tm881mM<Uli)pa$i`p7KeKvE*_&qqDRl
z4kSnu?wvs?hv34i_xxM<KM*GIy#8(sGq2nY5$Qx|#=M|h?f8*yMso)h)SYV7dGJrg
zgM4iz=NDdL-TA}L)n910+|2bCad?rT$-9+Dri`zewOP2IzSjLH{qT+Ch8>gIFqY7Y
zq(rhhq7+k5h-lZ*sax=d<+o}3WS<J`lEfXDo>)xzw(vT7^ui`8Gcmp|?jdbhA;sbG
z`U7~mcamH(u-D-gq~t^#z!#me`fuiQy3BXA!$-vB#CndmguFjcFScJWV{0^{P58f@
z#b<BDpABBmFghO}#j?8W@svYb`rxVkgb2~|6OGO+(~gY48XZ~<&;q)|<BYeLu6Ksj
z(Cvx)G$Zc+5YFB6-b@~WaJ2bhd(+t2f35k5W5SR31v#ux>;b#v{?RK*0v9&MuO+>!
zM2H~!{gFhh{6-568G?dHA-JY0Ca^MvY}Ll?WMLf;kZq&LJcieu<9U`@#584v2ZSZ6
zTJG3>2BvTtr2vo>5u^ml;ETQDnltCjkgpY8YUToVJ&K|9y>HWng{mM$M0zRGh;47{
z$g{WyFBNq48E2EdnF`Z4el2S-H!Kq)j?~L4Q=!RX6Ye=P>|+w$upw213m$lamp_KT
z3>~9In&!DJHA+@!@^E{w*2OJx#Rthb_3UtIw&lCIcj#-J9jI%uk#@dXz|W1b`o*p7
z)hTE@P`&wnGm*5tKUb8rz`0-_2HWUch<{Pi6$9%v-8=P-1h@5z4el%=J6Aq<X*h8s
zNi`j<0bCSQU9nPjB)<X5T&JnC=EJhFzaIW*w>Ol&)?1Gz7MJrEb;}xf9gb)K?R&J?
zCY6!IP8ivv<&N5&OJHo$LFvLkgFIYF7wnAL$<O%hXFk%~g{$$)z}5i%)>W*#$AN;i
z-8zmgH(#hcmgs<xTN06sb~FYzupUZKyBMobYc@#rrbLkZGuw-G1Qvuk{g7FMM()77
z;U)HDUB0+s0(3SPjQIAEqC}e`f;Q9*mTG%I3;M)?YAk!?SzIo^oC6*^?3fI+Bao3p
zfKF!$J#0zq0`QdVyM1C!XmSO)1J^uO1*95ItFbF&b;vF+_inZ@`KSpcDRVCreJ4{Q
zfLfcQ*&;~F)m36@LY&twblI3wZDG36`7z)84*6oW<#&M?O<#zUcp1E9nTF_Z++@sH
zC4ZtWQcqYvAXN|^k0s0|Vxff0#K;B+d4iy8g^jkLbiPZ-K4mzTb|Rd0C!|MgX5V^g
z*a`1lO3;oC<BY?1LP`0A^a?YUP@Xy1*o|#>RcI0I>C{r(iy)pT1$X-?RNk>M*|)s`
z(dw0lQ*8Io3r(CgA7Hr{O9K9TaJnqn;Tcln-D^3-QZH$qxpJ^(2M|}=Z?!*8h@BW6
zagXcr#pYxaQg;r{&zOzYI<Twbdctv2xU-d-+%o!in3l`o3TF>i_&*bs0pHD+?l%2V
z9B!{fQ#$g8I0QD#!CMtCS=M(U(l$0$1@<qOxRrH&$84aB=MnjvnX~q==FBgOELj~0
zC9yf;67g_&-Lj0eX4)JUFWd|G*;dYC!9C<m&_TPyvVWjBznj)z20EO4Za+I}b|+Sy
zIBMT<yw};3bs$z1y-OKeR8(M>@Hl~;v{9RD-XPa~RU9^s6VIIx&5-AI^ygo`%qddL
zLl&drb|`=hmGl^}!q5?Au87s`(7i3)g46h5OXy4t#<E5a&f+s|@qZ@MJPi*5_fgzj
z{Zk6a_1rzM%0b<C-Lp97Z1sj}^9KyBaY91uI>FT<Drv2jqUwHn+myJ5<82;{%2o~s
zB~{@B2xr^P0ZeYLKGqyW$6dnyseyExYX%EmVfGxwT#3?Dh<T_xH~F9cq&DGtv@R8g
zrqguBEHxfyi5|lFW1q6y_s&@>6jsOcQWfgxqkDX;ScXTWxBI_xd-}uOAl>CJf|^u=
zm0Tq$Mf+U1jm_hZ;;C9}H=(Vzy8K(CM(j_u2)AC`kyOcXb~X#S+ZQV$I2_Ba<$%|?
zVK9Ta2)F*R{thT<p~l1Hf~5O{2dY{HTA}OEiis|*P&Tq|Ox7FGz6crJyC3H|cyP%0
z&oHMb8JOpNL4&1IFGA;`sx`4n)OQSVBHb5?N|z23Nb7>z1&bcAdAX<i;jOT$9w#aP
z(ARuqGuw1*tg%|l$4<wd?4X$L0OBR5J2*2Ng?L0=4rA+nRyURY=u(^*hLQH@X~c1+
zhB{kDo)H30$XoEM1m3ncs;0Z>S86ZS<jvB0QrX_kb20Qq!gft~xJc6mR0K|yHQ(oF
z*p)*V4>fY52scF-+H>nIzps=zF>+?={##xf-nG+n^O#^zGjSE8X(DfiOKot48zb~X
z-9MTQA;cj?Xm+QU;DCN1zHB;VkD~W@z0NEyXnum01IW9kG=+bCI(f1JuBY-mZVEv5
zEnbT&Z6B#zkQm4a#|Ia|sk8-k?z?}Y@tA>2baCqfoHUU1c~ILtm?WtQ;tr$U5ise$
zLn$DLgc=_0L$hUH&jF0Y4Bb{YTo4OnZdS~C7)wDN<38?=2J%mfDmv}nNI~z;LmO^s
zeTkkJvKee4umhbI(ozQa2oZdf<%aXm<F}J>=exQUoLDMP0(_hd0CmEo4x_~rj9^S=
zQ-Gj|zw`N}v-9Qh$y@_`_X;LRE*0xcr6A}KT4+^#4vq#kd4Un{BOKUUgT6DEmPX?E
zA6n)Hk{C|wG7Lv`r&jZ&k>;w*+lk)TR#$WM(C715IC<Iqbj1W>BXIc043g28cn7LC
zZgMrhp|^*DyG`<4bi9b-#|kAG@^xlOsz}H~xmXLiE2>D+i!2<}D_cTXZLUWzaQYam
z@`Iv{!8kxC&yv=3$k0uewLXu|hGCy<xR?#Rx*(^?=v;Jau1OE;f^Y-veAv9BQ0o01
zxfo;O!a;wL&RR&$X2*UPz52i`cl_rZB-#RVM<$%-@LW?J`$+=S7~6`v^m4kBlaV+t
zuI*f##q8blN*VJ^feomX2Msn6Dy)YubAl_DzI-aRTf)8AXpmGqPm&SnAY4P<?(|eq
z)NI!^K_$N{6yf4|p5i4zv-r4|drcddw+;+f{9P8vdy?4R21}i<=~Jyqw`hGClhfeK
zDf3LVBElMMZlKH00Ho(GpN43)aYt%Q-N8BS-3xD$p1MC+4Nn9ivA%$iDdCwIyI@{T
zi<173fAs#?OSKi1^_;EKGL-jksKV?raZ?=EIbu_+SVG4j6JN$>V%%igRM!N!Murp;
zn`A!5V~mxXEANLBeiZ&}If0aaZ{`|7Tq!0GN@II5_2uT8ImC-XQa{%Zk@z?<3l_84
zq*$#PXEw=osj2Qxyc1Tg66a=xg?i_W2)y-HGk9*&{aUj!wdjbVi3O~BT>aNEGZwR0
ze{pv$NyHm*V=75Gsbw}N-YFXf9M~~KZt6nlZ>geWHY!*}xkNnCB74|)ipgP-Whu}s
zCcSf(YnbzB<VHswxbM`in~j?(jh<I=@1{qVH5cnC^`*#-@f3HvC-)UanRhI9@L3x#
zLwTJH#s+=w+_gv8_Gf^E^S$1SLP-tbBNZ$Y;?~%6|HiED0w9G13CV<);;3UlHi(y$
zdic+HOj6?$dPE7&ChRk%&#*CWZW@VAqRJSj{6I`+REHqG;?$^4IT~DNA_lHF8D+6j
zpakW5px@9CY4Vun{$B@W#yn%?!}i;OE=QK`?HlAAtPNQ8>5D_2MOcuWtX_}EP{)m|
z6s5rm+B*M^h94E*Xdqn)6@uO@1dC3>a~yHf{zxnpYC@A`zUkx|<nN^C%WL^(U5KC8
zB@i9jj2O|zbC6q;q8`;LoaRi?@0d;JWt;C)VGq=UI4ih2T9p+cg$M9WhZAm1g9&eL
z=W{#pLwQ8jxyxXTUy$emX>tUvi8_heCi2QS<>O+ur?$XNi~s1mWIUs2DIrL%89Ga|
z?jDC8BHV<5tV44W60frdMf8`r`Tgi&ur`p9$@rrl2=FU+199X@?Rlwbt}`;&B_)?o
zBBXZQOoY-PzVk<;BHxzf@%v+g%u>+)kmmGe<i-+K$~AFoIeTKeNSXRZBO;d=?{5je
zIQLUzZFXnw{oCa5X+yyGZGozp&JKum=~NWbrC4=oNSpPu=f_!nz(n)y1P6iOt)?*t
zLLo*y%rIWLS7tD~qKQ6RhaNGGr3N%dhS;vvp{;JY)VU0}rL!HHv?iIPPEOK?MKOgx
z6uHgm$}`5M<+3Y{x~%%VbS5so5_=&y@!q40L5xu9VLz{>Vep!uvEg$Bl1{@9M9^|m
zFeP)4W<`T#V<XF(D@4MsFXt1KA~x4(N0imbkf={6mBk_Xr5pFRiZ&GNhM+s$mTh1$
zn@;s+aW)vF_`xohMbmjQ4IiKhklNTlHD7X+WwqmVfF$fL)=@_gD7v9ivtO}pXe9^Y
zvmxJv1`jMHR`88vw%)XIk8%RppsBG*aC|W%DOuNgZ>mjXK2l+YXefJd>IXwgz1#AS
zn?|}g50MzJ^-ZQ+Yaq76d0{nZevit-4z?9AQtSX1CTM=UT2b?P#BB?Wa5vQ0Bgc4C
zRDYS?V`(g($6RjvMX2lH$!lfaZjudz?GG;Tz@MwtsOM11boi@6JUb?t!HKJ*1E(52
z;CxjIZ9~O93(|-RaRCNiYodqp&pkW8rpQrPa|Ie0AU<TKlqiQzj_Gwo#Nb2^P?ZhI
zeAik*K=j>l$N37=UH-_InrrkeqRFwT^z3}9*OXApUwk^iLYKjlh@f~{t@1Vfg$<<g
z+B=A4<w!^`+HiCIcE#aw!`)@2LOii&E#=6eO0D`JYbAEGA3AEXw_=6KRHqv#j4)oM
zN10AaqLC!OM+RbeRfi;17uUWJ^XGzfdi`>)#+L|+VFta;lA$KqrfNb!G>?Jjf64e&
zjHfH$EOz#UU;C-Tv({(}&J7`swQ6F3%B~!$5?rHJ8D^zn60%QiED03ZNs%`g@b>3-
zs&C}z^kYAS^01-Pg^NO6l~BZ;at@=oKq*A5wPwg~N{_L}f)2KQ5g{%rRVaUT4O++X
zg_n~8yV+Jn9~R4PMD}LyDBfecJlzg73OPP`+s}p@J1zu$rHxLvO?8TH`{;WaraLCP
zxf#;fy;W|A#oJBnQa^Q6tCs2knJHAmslE2_Jx$}wQY7VDD3fR>ClXJu%w=nZE2=4(
zUilFUuH%<>^>$;q)^l)^dHFa0y<=9ZaW)7RM~$ydG<Wq1Xs<cRBM4&Nu2O1?z8Kwo
zxdBG6Cz^?j7m{jyj%sT@DpMcxb7&c@T9g9)zacgq@H<^)aZ1izm}PBQB`f@Fa#!|F
zi#uVmDw8`wMGLHYZJx}2DFqms!qmk`wvE68XU1Ed9_jqwtkJl<rTt<Bd)ePTJ=b`W
zJ(}%BsC^l*Rh+H+D9d<%UOt9J?$0$5uN@58wIaUyWPEww{f1Ci3r**AN4RXamozf-
zR}H8eFUPVYARt)Di<IaF$HYX)L@nxMaA01Fh<_#NXLT!7MydbOhHA6UV)Bq9sAt4H
zrE}oNO;2+mO1ke!g<1Y%RKKTTK3k61W*eK%drw<g@+ix$mDuh$SGb!EKsPM<#TEpY
z34nP0IeIe3k|R7+JLn1yOX>ZYkHR%e(u@Fg2<so*#|WEUaJ8fEmFGH^onp7{Xa;}d
z7c+~MC#p?>P_4@+7K`~76l?inQIk62Fy9t_%0`tv(-A?6wlc%{<MQpH_Pk<`uH8$j
zTyGiD8=GfgM56jLq5Pil+nMERVLnm!T89JdM#VEpSnp{pQ^EOSz*msw$#Mbxgt@5u
zi3W_){e%1cKojWRLx;G4os4Km$iJ~M;g~1lvV~620nbLEk)=!Xrk03}RU^7eH@P1t
zR`<&107c{k(oB6ZKU=kCOtFn;|9D>{3&0&<Ef^2Qmc~N8kddz#^fM;NfFAd7@te2m
z6%L;}wh<T=jb3+pQiSr69QLv9zC5rDIdrd%lQ_ZNlvc_vt8WPe>g6JAcKD2H`znBy
z(MLpG#@mBo>T?79xXkVk@+`)HCqFQbX3!}8!^q-i9Kq`c&_(-M;B{IoQExsRI;Yd&
z<2<Dg6#$-F>+hNp`Q@oNgyCBQuSJ^&vOLTM7=4A3R<n|NxLRfdnqMd)qIW2r-GMAs
zVYRd(W|#n#s)mAp)`qu8Gfw1{EMH&VQ_O6erZCP{6YTP)m62;WcD)^%qFdcf4u*(;
z4Bt8V!8~I05h@DRA%%zXb49Jp2FbODEnN(bdBSS3gN-+f38&`+rhn%F2~NHSMbh>2
zSe5V(O<E+{-4<FaJAX@VjFWC{H9UHbu>F4jMCDuh!3sGhR`zVaH<ni7z9x>H>Xm4=
z8)G2X3+dR%wZHrY3r=rh;2^@Ll)43Ex5?AEkG<nYDc4hpl(dWnN3qBgwENQ?ynfnF
z1bAo!U70!I<5tGmq8+2@)7ib=&&*qk_E*@`C7C;bo6vDIONS?av^4|~C8dkoj^@m}
z6G&I93D7Qp!dCNw#@g{D9(R<2&_Hx8#}$9%87nEtbwun;p{Sj&yD#D0wPW>gmML~V
z3VP<EE0nsbuF++T;4L&T3gwF&7yFH%tcMe)n(e8~vWeFulwE7MsP*G}hpkqT>LH#z
z0mwSbR<8LWD!N!A->d^1399&{t@89x-AZY68Q)&X89mQ13Q2K-xei&D@OmQXmt%rs
zxU$7)Jz9W5W23zF^yuzhr+9DYaJ)r%N6GQA2PRjv5AF_?X+^i_pL~4j9Pgtvave%P
z6s;QVw!kmf)dt$>)d3DYh9@YvGP9A;RoH3+p#@N-%G^jms{RIc%sNf6BH3frGx6MM
zN#1au+-w8A)t3%@rs$QQ)CH1N0^ZC$_`}{(n<Fbxr59RsgTEuq!zT`|XIkEgYpJA$
z>e7u{1uKq2sG9*);s$z#vo>?)(vb<-DIm*IthXCZ!Z&-3<o2wl5KKsM1Z0G$m*cG&
zEk9H|qM~V$Yvoj8+V%7iRte4QR=wF5^2}GTg+b*X*z{q<#Px(L${_A=^B|J<`z(X)
zLa^^E1>Jm6Z1`2MqOR3W1khz&wUx9EUn_|E{RV?0*-y-@&8u~n!9_c>xi!L6G3Ui%
zQcJ~(5kZgTV05>YvdOvcfN?r+eSaP?8v`V2Lz~0*3N5e#ahxF+;GHUIU@im3Lq{Zj
zZ75^9KN6Sg%8#n-jO4!Gmd$NQZn~M}T~rs^HTij<;2U?4GAg+h^KVks@r5>8;cLZj
zFHJ}}kt8##>AJN-U)n1Ds=#J8zl0Vis|;JMd0xGD%_b5f_%Bupw)KQ%JoB-fg1SKL
zx*|$y4xvm^pE*hWFZNg3Kr&oWl_z@!J0T}4IV9AdYx(7|5XE*z`?iRKoQ4ObLoR!u
zsnMBZeq%lCUJ2;&f@Zxb(C^VQk{Z$EV?*;)fBKugHBmT<`)5oGOOIzJCzuN!>&lzD
zz@cIoR2<v^fGPXR?Q+>Sx)oh5f2Y`GDBam+4@5N!U2jzH1~1maHp$^&LKFt@2d~2K
z+fdgRQcz&X5EECN?L?s4B24G-0Rl3R)#v~R=#fk=SlsD#$dPdI&7sQ@S5R~rOS%DX
zdb$KPb^G@U2f4<<jC}k>-YKRSN>0O4s)Dl&@lZ(63>!<BtTpJvQThD@unMF?xn&hW
zA%7PDJ1E<^!u9urJ<oTP_{HUR3GH=;Z(*UzadT_Na5l?Vii-*L3{4~^UL$p~)DDFj
zXMv~z5Z`|SF@Jm}(kY8OKvu$RI$sJP=0u~4L<gY?$;T6=alvL4mDTbX+rU@rKt-cV
zkFk&R0Tv#ZY1L$*B`83|*%<>bMOdxm#ZtQ$cNGKw5GKAo>s*E+sYqj&^R4rpwdu$+
ztwruD!L(SzzCV@;fY;Ui_X^1mQCMs;4<>+O+Fb`}WBKMlJj(aS=MPYG$%&?HS7SVt
z>gp5M%?*G$2+Ob$$5}W`PnZI)QZ##C$Q?|5;9(gJU=u`D>jW<t)ZV1fCFZgK10PW1
z_v>sS!ssu`z5?jcC3f%|>>06t*3r~v`#|>IA4KG3yKP)M`m7)XcJ4@@3q{&`yfd+o
zggzthXBb)L0`1`5F~riLZbViP2TeptYQbG0Pxp7ic0u9bmv;po)2apTay=9*R;viA
zZr8#9=q7BJzJ3p7g#KG}s!Pim$SSCRIy$<u&Cdmmg`L1%RtVtFXEM5_)%HyY&-|7m
zZf7Aa$J2rQn<@*jwlP{MUGbjGm}t#87>{!m7_(hqMHOlb4j-7T+Rnn84A*zv3Yi6x
zQEIjG_UC36QF;Tz26Ik9J0fmWO&P8Nxwe-EX0kqF*9y_OY}j3EY=R<9XZFu`hoME#
z8=Jf{oi^+b=Zhg5jY0>9X#kUD--YZfXtQz^jnyB%UP7rRX?#OGv>qQ2==Us22hxq^
z3PJLlmZFPQf#kg!<WpXFbY{>SEeD#Z{6QTumH2{)v$Iq1n|nRI@NBg(g!AbfTG6Yf
z^V)eh&=2ZwEh<iN(8Ek$0tEG$`-kX^%$~Qj<O&H_6Hx8*mZwIFucumIJO3klypsQ{
zbLMzc>5pE$p9$$rFw{|K(}HcE4-dp8g;8UREmbRE({)k_f<2w<)bx3I_sn;62Q3c`
zn+>lhzVm&ZC6(soL&njGaJi89ed>LnESoQ!o1f19Xu^>k@eNWTLQrq$<ZM10&z1HB
zS*8_ablY9p_pEJV8wQ8VH4s3TmgsaML;=8S>%3Q>UXiVn+3FyN`^3YCBR|8$RyJ@)
zAsX#MzBMZPH=NGxNB7S0i|%W;6kj!nYb+rg@=^H+pWCs>a;YrrY>_IT@v*;LDKSw$
ze&o3Zf=tn_(J;Fm(r7!Gy!w#Ow^X->?}KNvw8CtNuOc?|@qF%XIgrZ-Z=t2S;$XSZ
zL|g^-Nrde56j24%NiQ>ONpV*vZsCSJtP}B=!cD6viq9gGju-L3QnFVsTx<4{@%hms
z947U(fQQp5=S+ZiSg1X8w<4Mh_uY6ZIc-O3yTDg4KitUg1zb&RK2>&CTAg2ZjW-Z$
zijzb2EXoX`F(|Vpe~WKnG1X&qoZVlbhfw#qH4XjFzbCS7_1{Ec1%aZ~>+d8gR@TK|
z0e<Aln)ae}U5<CuH~MYhZD4H_N1Rdbp6xtNZMr<s`iE0Y(Ol$+rr_`^@aeK1q2B;~
zArQ+z!rV*%{=aaI%RI4Z#%A-?zKkTe#{qY_H$itxa8JxKGREH%9DkPrl0?zdGhgq~
zBCKnX|B`0@!<w$P@2Tw){XG&$#2|jw(MUwyPWdk4%>4)AWgIGo{Q7Tj1K<}U@O6;$
zC!^I{W^Jb{h&;MuWxS~Q_-LzK+|@z~lL&XK8QFJGl2Xn2a*gsefehmQH+&?6i3Oln
zSSSDq#zHksZGHCTYLoI`G<Wz_SD4Yk#*b~K{2pYP@o<a~#_LRW;@uod*PG*~wNni7
z<qK`?8I(F^CVjgFp^Q0nbX_w&pb(VC%|6s(;i~a@_&!sV)0bBbg24GC>wSAy@SSu9
zH9)|}hu7WR-NISxCn^a4&o>X4Wk{!Jp-T}R!#N4B5sAq+ng2=!mHx%#*MZ>uYs)76
zjP%PNt*g)$C*{Ui=&Q}#x>qm_<h7I_RuI<1`HhJb=nf!IJ(IC4758SQs9@TvtUGCW
z1$Ek<=szmfMNIWYnixQO!d&fzUyvd=Zw3akOvtsx0^(|=wm$XkxgIEX6JGFXOpd4a
z3s`i{0E)<eVg~AJK=Wx4z+})LCMXOeg_O*Uj(aMNHcJv7%WJS+K*pgPl+``kdpJD(
zwGa2CH-Kw?<u@~>ye<D-bD<CqWDV-;o`jmop)xbE0^^Eeq8ia`I%3AOFVt^~({7+l
zn)XEK6PTv-$l^#O#%WCd;UISHJ-t+_-`zmHn2vro-e0uxkS72zKDgP2H|W4DG~&t`
zKtW8uCbGUI_*6zfi<%s@htvWt%?V{!A`u)b@$v-Z>BJ<@ZsA$~y~{rn<Pd|iv@&zZ
zJXa#O$tIW$Nj!MCrI+|b&_81<GYWs^Iz5DS@>-s%@M*<Mqlk4WSMEA7h%nA9yoVob
z0R9ocez;)e%@?7$&#nUC#3|+!k&ez3ExledN;EdOx7ay^cr4uWpMD@<I$c!Z_1~d)
z_`^g&RxEw(xZ?2%Iie2rq**xEjcC3Y=iW73ybK2ON}Z%xjEb9`mjW#?6Pp$OUfD^9
z+VZzli?-&IDz?L3HD2Gpk3sz{N{=0r?hb2CZ|cSLr5mrTg{h?xg|Rs_g&+`3uo8Po
zg6J~B)2dD+H^t`t!L{!IV;;nX1#13l0o_Y4>bsgCBB@y<{B6&+0!0t;8@<jo=b_ZY
z@?|lxQpHbj%@0-!89A#KsFH_{umwcsC&PUdy{ubyZ)}RaA^|<Az({oeQn)gU|NLhI
zdW3+OP_w>wuO-^V_G%hu-PisZHkiT)-nN-Au*DapZ{Y9CK7Yy%SOxMpd<yW~<;nqv
ziHxQiZq%}7ZY^5<EwE76rb3vf4ckl1$MMGWPpKOh5l!ls;p%K+Pf8C5R95$%bevG4
zumSV7k-U!Hc2UstQu0!7-;tYO#=YLNC;3bB3JC!-noHOnDDBb(sR@0P)~X56pWf?v
z{M62KN?LVZWF0?Oqd@;bu+xmh3xd=>?F{i}uG8nx|C?ieX@j%#DIWmHH>Q8*qh0%r
zyhNU&j?B^Hy-y-19w(X<g-drWue?u+UwbIZYiHQ0S=L=Cw1uQ?q<hB1a;BvcG43yq
z&(1?ypQ0CWV11uIZ#2w=U68~`Sp+=CtB$GQB7@1GyyPnMw!Uq<9jSp@OL<H1<@<9G
z=d@nqz_3G`Nr>|{^S``+q(0ei%Y8(-Yw6oKs1!J`dxfUf15!#5!LfUaDh^tJN+VoK
zVmx3uEIs?Ql%tHq8MnKajV!&tY_T?c^qeP2h=6g=QgaTsEwqe=6rX8RNXG!C6zl0x
z59{<_C)K@ysbP=j;{7>ay|K74f^;eL-_%62yyN`CgKgs&6j{yFZb{1$tvx5&^4k*o
zVSF*dw;uKcRo`dH((0NuzQqG0nT;IwQgJ~e59#j#c(mdcb<h3y!jPKDW7AsIBdZ5q
zG4uR0z=75DJv003ylzKn-l}nbdHg6Zr|wau5qh5{sd(i`Ki_y!ul+Fm=Ka%m+oWn8
zxAD*8!s=v;x&BfZ0D5bbcLGEJ^*3BI`z>-hr18SV0Jpt$xJbXQXfHj)>lxBL`H9~0
zj$_{MkR;#%=+gThYVjznF5DS{wGdl|6XB|4U&Je|han^tVSN!aOZu~-MPdbHbUbGf
z3HA)|TGwTeXITNypryH8z!OISewING$*m+%sB`$}hYf2JrDF`qjgbaE7)m5UW2YxL
z9oF<sk2~7)(=9+h-;@IhIY^t5(ph(>QUhb#&E+c;JL;sJ=*ts4P*@0s9VUcFt~DVd
zeuv->Lu~Hw7UuF)Zt*sNhwCj`D6b{mKdq#{6DBJzs-!{m7F)y(hpGCsd*^2Bvo$qQ
z6kidsRR5@cUrh<vc}Y&9%MnhCnth=hO)Ce{F9pqHUh;~vu+VJ&fG3?WsDFsxBBW4w
zugK{iLFqN?i=qe^7xAqW4$dZy{o8?sd*~8i973E#H`Zk4^xV1nEWh=+wl#(bO2r6n
zS4<18^CZ35RKq@`6P91}Qb88+vvlMUV^fWzMPN^qH&k}U=mA^n!Xr~{^ugYXSu!r&
z$#X`X=4`=0z}AaTBh^U$9MMf!ei=@n3o;@^8XvGQU#M7@SkL^JCr#e|`b+qw)Sgx_
z&T09VI6AMTDq&ChV-dbO$t@qZ+U^EwPE8qrJMoSQBk>m9S8}L?T-ZZNJ&AALQS%zc
z(f3n>4}Y8(p(~-v%vv55BRjIu^b<-f>9m8co@?jQ`I`4)(S1jVr~s)pdr^bkEv%jk
z;Tkt?k(g0a-tAYRAjj*LqvRCw2^kYiTpIp#SW5PBr(5K+ew%2!JMd%0eO0QbNxfdQ
zA=P8@v6F{)(n$UnRbiqSmt49ijFIChSAjeuiteL<)*89e@gohfOxALNGA?gcnUJ9r
z8FV_u&2>?)4+tAE)Wzjx0<kUD34;8dY%2ZwF!$B9HgIp6y)BEo)4QD<ix96<HI;hn
z=C(~uUu~)nBq#=V6-#ImTbmY&7bTGySCi`fw9=(40YaIEdxo;UEbMNj1YJMr3o%Qw
znZ<`-E!h?SofLdR0hwM)kxE<YsBgE}FSi_VOy}=D41ci#aKSUF?|a)XH7T=P=;g(w
zDR5RR)uB+?4*Sb9)!<N2>PN41PMc#_8sT%ZG{fuNAV{Z{V4N0@D`^~_R@f*!yBOKq
zh0VeN6&nXWXjM8G(=KqEb5+w0nA5v}CXN3^)i<zb)@4mc9kXNGwrzH7+vXkHwr$(C
z%?>+uI(EK1GuON`-(T2gowaLKtzC7q9@{pIC|yWC^Zj~EiP6fPpXTKhtRfVg=y5>>
z*82#xi~G)_>)}j-=C@OH41cXrAM)bO-}71QMnQ!~xTu1!DwWYh#DnXY$yD3CYi8tn
z<C(TwNT3a`E>0JknMEX%+pNEkw{?9RP=)aVKnd>5x!P6LkULFqvGc<P>DlCtinjS;
zv3t))h3tC<3V!SKe1f*?Vk56k1GJj=F*wY*2BCOLKr@#SoBN@@Ca7fm6=J!ffT3-g
z;9(Ou@a~dge$JjzFflGq-jr#@e7QLA$W(L2ea`^53Y9G>V8GLYffRZO!@dC0oGY_#
z?A3mgJ?w(Purv6JZslkif-~%vXs*G*(6VL0;Bn$qywu#P54f-eQqlPDx<^n}U@cBS
z@;in{m`?_WA*b;nN2p8uy!4hK&PLv-(N4;4-|>-stE#~c05?ZhC8Apzqa}RId|OKq
z|7>v~Y-3X}mfrMSfxd{xmvHdR&e{Ewn3ktod2Hh7LvD#RyHqTw6w?&BtEXM^7rsrO
zOF)Y_M6%&k;ZfRC$<^ZvNe(_=+Hq*Q(Yzt9t{E=XOIe)6jY_WyC10j~jE>d4yN@s>
ze0`1_SS^3;%3iQ+F-Q9V&W=3G$D^DWJRy2dkR6tAi(x+)?jQI{hxET1i9U10RLY_G
z)mK$dyd87S6C%LKKR)|W+MZl*@!%4MQ=AB`F{aeWwbW)}Mod2NTEEUH(<Kf$(=~^r
zmd2)1@4lKzSZIqO{~8-W5otvxE*{x8StEGLLO3>8{7i!qfZ1~};>dhD5ZO-63PW2`
zgQ*5u39?*ZM#u>I<6K=ZNu>T;FuPJX>Qb{WC;l`3-Pl~dGX|WjxB@4nRWmZ_;$!pD
zj1$5L@jqSw`y0(T+7Z%bkeMu5y=mX^Ah6n<Ie|@0UMMIGpV+zgcXvcUa|@RDINcrC
z-@&8<!kHA$#WQ&{uL&eY;Xl7(MoI5wbjut^OT5J~7+x680LO;!NiVSBMs43thnjFB
zn~Z~q%XM&UKA&ihK5uxsdf1V%tCs`*#G!wO14{q)Z<as5DC2meTYg*5M<A%#^cP_M
zN--PIqx?(mz#<u~!X5i(tzMnRqn*CRW?hCsXOE4Ud&=GS$JxT*(*V8iP}pO0Tzm?2
zwGrwCfq1Q%Jzow1#|8JN_t2=$NI&h)?ghg2exb{h)ADiJ%N3i~`=G6Mk5@48e(n%A
z^XUBI$29bh_t#lO-w<J<R7y&P*uU47NSgwox%{kyGf&gIlBG3HDd+Z_s-t}qTwV7~
z@QjnJ>bF5y-ytA5f16?7iUxiJ)cMykME&xE*Xxo(OsyD*1al9>Ti(B4HC<y;i#Fm`
zR&S|9QSIW7)UF>h$7Q2s6DB?87K8$|)!#B@)r^@dK>gC>uNj^Tj#?b+L6S?3GXASq
z25apzjwcN3L4t~W;U02Q{~*lz=&KKoj@R1~z$h5aJ}KMfHmZONcrfDGp`Wtf#ZAeD
z&B~*ASU?J(2dPY_kC%Q*28RJJs|SGAc|@YwRg=PvBxhgGejdEg@_fC<a>?L}$Gnze
zdGRVlZ=IhKyb%O0CsLO!Ra(DGqDDO|*$X>UD}}b#mf5E@+2R%qoMC`>`lv>0#sGMp
zf}jJnwk6TaJ1GAJEqWtC5T*<g^U8y>phzE6Qjnp(oD>h-h9$4~%!e#C2!5ijQzXh%
zeHD{bqy3SdEBlD*U#|cjEO2K!fb=d}w<s_uuAQQW?ULSNVU8eLro!?>JeqJqkUIBV
zRH3LLXTPTD?-P6^)e*T<pP|~#qR#xOOClcHgaVTx%seFyAR1;$9iOi&3H6F_r`Rt*
zqQLZzIv@M1Z#8{_Du?Cnu})!#r?(?OLP|P!?#<`VCoGQ)#yh3m!aYKO0IP+<8}V>t
zzW!tp1cM!1&zW<via+b^lSF8q7q;x4a7omg=*R&BUeILVd$rYy;DQ<DA&>~!KJ{E1
zo4-N*z5Fdilsu$jF6zf#rs8pee@N!@tYYQ=YdbT#+lqg<VZENi;{uUJ+lrE4%{|sj
zYrZ>%bVt}KBm#Mr5+G)T!Q{%t+rT_Eo8i(XsIbEt(5t5B5!@|>mQ({)ul3Zwd5+SC
z-B-Uwjo7&g8+;nYsh$x+d|XqYfMJr_n+Q9TIZoJFBJSmnhYwp4mViSzC*Wa^&AJ^u
zPjtj#<g#(fSi~#5hSdFZQY^N-f#nzmnGohU+A~u>_~bJw148D>3V*Ren5|F$mx|%T
zhKTl4Encit?tHGg9q+NF?|{$}taDOzcV<X^A*`xoPzl#q%;1msA5vblI3pKqubr2$
zJ-!|Z0JCE;fGLNPIIIuzWKkmcP;G43@TGxV<>%<rklA#dH$L#06^coMmTRPmR8ZmC
zAj)CK$y{r3JJA&`(-172R$QcbOlEW=nzyDp#c}AZm$NkL<84<ZzrTf*n4bRUJZ)Jc
zR@tCN%ITz0@h9q;B~MBj=XA#De0_@_6KaNviov0*Ex<y9&VUMYN)Wgd6_53U<)2Z?
zm+%K3Y+XFD@yw5Mzs7WsMvg*?9bZ2NCd_d$waMU|dYexH_^)?yW$o#N_A_)QZ3zK&
zNVoMPlwX$P%YO`EeT)6UAx-jb^+1<Mw8nqE)`dAh*ES#ofsXj>TCk#8E`eELo;LVx
z>`s{I6%~v3|L)}yqJm&(ip9PtJFt~Y@dI;B^;uFtuMhfrciV6mpO7WVTZBTQH!U_G
z>l-pMG2C1v!@=E2`G-nF1Yc~9EKf<kq)9I!Bj3x|oGM&@Y9hTXpGJ~`jQL6#)(vYm
z!OJ?UJ~m=Z#o5%I(kNlAJ*7eFjxxXJTO)rVwo=Qxn>$8Yr~>6;uYqyP6sqF4lgD8=
zBHamTfZbVe5K?klQA&{erN&ujIz|!_o#14t#l!8vcE)b$2bu}bh|$38(q+CTM52F<
z8Kcp7R3NA_=&r<6cGGWtEiqcotRmq8`K`44K<~W89)nf#6Gj?TuZITX4Y7)P{LV0T
zbh03&BINwNTs*U8;@HTyYH+Ds&V4EfbUe|8QKDYJZ?J@jdbWZpZ6TavxsJI_Ea@{;
zcCy+(=h{xXEgZ_e0;ytbeJd;>@2W8_O2;s67YVHt%L*)?o}|}KhcAlK9OIqL<yqyK
zTSC=TRr-h9U@SGtK~Cqk2jfhv7C0)Kk_x;EWi}O#bhx)*uM0k^PXyjW<FP6fNZ3OY
z(~8Hp7BIoRugo|Q4XZL9aGYF1fp6lG(IbPxps=ea?f(XD4ZRv{j2K_GF%p8@Fy-fK
zT@qJnJfPqpbiDKk;j|a{wM%lp#Qdq9kixidrYa5u8VaKW>o?MNAq|?`_|8TH?RYdx
zJ|3y9ID)-=RwhA=g8{;}UXPBx&~a6OD(Xwf;$`k%2L3QdNrX646H})@C8CifVkS#P
z<)V_1fZI;0D_5o*T$Pf*K;?FvFM21D#h>l>A&#*h?IS%v)jp^YuJWSRQd|Y^dpkL?
z4Ofggu8cP;gsSFNwbOvj8GJy{&}~{Yd%C41f6FuI!&vpPkzHwU*sq?ao#z`rVg6H@
z6!O})2N->kJij55)X??a4;fQ5ZSXsP3<{q5(SDex<-H4!lh38jVoS>2W^~gGfjBbb
zdwc22Q&J#{#1mZ&#E*#Oj0p%-OGF?wJ!mu}R!rVmEr_|q$N<e{HYYuZp(CapU`?Hq
z{m93K;PWSEUD~?GaHAK}zQbKLwp{OYu8wj4Vc7sj@pa?PwG_S?;zq&oUiEsRpF4|D
zBv6G$IJhuXYQ8*#^I>sp{Iw26Pqq{r%h6zzN7m0(GCF4Q{yC0IyLu}fT~K153~*mo
zEU3_d_iK7Sz@ZegX5OzUO88PY8D&nDF<dT_gfO(3ww1IUh4ScZS8A&juJrywFvbU7
z5Vzf3>+$@?+-Q5u)t0L!&@K%~@6h3p_^<=-e1EJy6DrEOqCc6LYf5WE`XW}}_iV<&
z2stxPG*JqxDxc$7^lY?yK{Pl3HmA2jbYDJ)d|Fp~@D3O9ai-GYAOa08khRTAHMAQF
z;0#Gn8UwHh=A<HN%z>9PUBjrn5w+`mXx(YPt)OHM1dhWhOPp1Y2xni!5O4V@Iu2b_
zY2SKU`Y)Dmk<xz0Z+cB0JAhRlhZqNx6_;>a*&vNB%I*EJ)qzeK&4+K?;}t*g%C@wg
z*0%`wmWKUAg5-x+pcm@wB)}w-ws<r9Zfn%HXeeS9Lz9Sy$e%c2D1e?-G#Xi4$NtFL
zip63b&82W~_rh?phpf(2JUk{<4k;OnQbCnIr&0b>8Rc~0Y&zhvI49=jp-y~@D}TvN
zx<BKA+@5rgtKeK!P{6OVLI1NM8}<D8>+Lsp6@0sf2gY1C?-@AvpFTk>eRa{ew=!~e
zsldQWKEX;hhdRpc;Ob7~n|=g*=8mCk7aGI99WN}hunvtc!or)=1v>NJU7Q<iQGFrH
z)bmYG(&nnnU{;P!3VHFJKIvFU1eNA>HxjA3a|~hc^-ARNSvmot*HyzwW*yr;0(}~`
zx_DCKmkI3hK32)g*kzk}+<4~?P-0J(;czw?`|tA~9JPN((klERW4|ZW)EW^O$KM%Z
zp+?su4>z@|xxh`=u%aYyjJU%|cHTf$AN5HBIRGn^!55{0&Jzo`O`YYmIgMCK{PQ>*
zH7QW&2oR_yzH5^ZK=SllH@x6#C7>yy2s`cr&~zn0a9mvCt}X4xC@}eG8MRh5Sh>V*
zC5vx2m{I=s9R-(-ed!O5;IfJnE}6<<UYAUtXiWCT6vvTmqJY6vBtpYNCmB*X_r4bO
zX2V1i6{<-<Ke97qanEW#^Hij4^1Jbr-MWml*4aujqCT#4A)_EZ)RyXJj|ZS~F39)V
zd%&#K3dvJ2lt=Tpr#<OPge+c5;(S${{B)j0I}+F0Y?bfe@qu)gON8LL0Z;aTXSjT;
z40N@%7jp$?$>2tWw_|D15Pepyyi|P09L{kcQcm(3c;5xGh(qJ7yZ}shTP_`~=}<*+
zTNJqbzD~pl0u{}-Kp2i+GnUNDAK*=<Kf6xC0_#9eo^<+es+yWYpUsCycKnK&Qk!rl
z)2ziVbpO!(hy57OZC=^0@zB|MM_jz5)V9wE_Y=O#htzFV2MzfniS#Z}IYARzR5g(B
zXbX;6C!)^1ToEt%nPl%zqS#JLid7SZvHho`1tI0jW#GN#3JSMzxsCyV!)l`MVg6DY
zAm|kZ3zdW*hNuEpYv2UMg8%@3;$QZfe;}t$88Hh!1NWN(HL(TjD=ko>yGk@Q!kO{d
zLop}|4(Xu6yj{&tt5tFD#4>UYORy~`A=HRbP5+ldc4nrx1~**N8?_dhhvbb8JD_<b
z3?}1ELKQy8e5U|vi*>D!yA7*kIxXhW2CLAtjbGKb1?);zY(L(Vu<j1BKS=E;-?von
zEO))Ltxzl*P=<m9#;xY-e7ypGWGsuS(6!++XWsQVVJ^BeIZX}(SBOo>aq}JREH8p`
zCh{y_D-(UQLHmzrERsNtj-we|z+W?AA}RW!rJr08R-uI*)8YzQffI8w@~}7ZS~*2C
zS0n8f6gR?oK(uVT4IGI!BMhf!miD`|P^<Q;j+y#My+!C4_}6Z;h0&h1(#$|2W12mT
zecpLQ7$U2e1uo`6txzW!Rn&zb9p<PPm5vQqXvMBc@xX8;4jLPndEipmJ)<xdEv40B
zcd!g1CZ|B5Sl<o2DFu~s{2(+KbFbkiJiL74)zU{{Tdj%Ck@O9!8|V$f58XVFUg~y{
zCL{mOOz6)gJ>nTrEI34}PYwAfEUcn}UqZ{5ck5HXql@4Un5kB3sc4yC?o{erfO9Uy
zyt!J&1Njha)_YvxRL0~EF^aGU$=@2gbxkFvDd>qK1)8buW(o2pzfrN9S)MR$&s~v~
zeI0akMY-UhfpMbEY6IuPv!)__oq8}u%Z_^w>MX*a7b1{`vI<L-Iykk{E0QXzk1`~J
zfG6~XPFy*CiiaX>{wQPK!9YpS4$1l3?%PMhk8)}X8}u8r-O_?IWjMDEatCAXg2E-p
zTPLw*O}M!{_^q2T$IO4vLOVkKhPK<^?u(qEs!Jx%cPa|SB_)o4&yOOS0qvy7h=`kI
z>3zgD0P?K{WqgdrrW(9ka=+vW5o*2_lb@*z^L(=hgWQ%*JMWFbFjb>D=!xN55s@Q}
zweaw98jce+9YDGusQ{f0{CBkg@_ZXQ9pP+w8=PuQvIz~rl`Ce0Xo^Z5%{aZ2++1tf
z(?drx9%#yxz}-r;#dJyGXS`qbS8maQlY)ZIP>)gW-Wz_m#U2OHWv7S|!f41Q%S!Mv
zMWL8R@WjRtxCFKcj9g!aM77AZY<{-3J}5M$bR?$(?weta0wX^{cIR^GRVJt$UUyU>
zf39FA+5MNwmfES?p?|~A&j@<V%GFvuadmZ!Ey1~{n_tB|_g07lDgZ`Rx$C!5$JbIG
z8lvGI<YtNE7^yb-ks?^{0EXala`N?A!!30-`6NPJnK@EPUD9^4rwMnom{eFeg}CE$
z;hADWyY^9cnkzmM`gE9}KoVamKAu^N(k|_7QyHnJ+jOEMJDJ<4BqjC7s2`JY(ZM8?
zskL|_Uow=nRX&cg7J3>VhihqIcaeXCNQ{1q^2?rxTtH(1uqE@Bgmqntx1YFv0V1}u
zl1QJz1cCKDNw+F<e$WI~R8NSFt%)JUQrqmZqKWE=qn5-{Rpt>=FaG<+jz&QY5%lun
z@$&XY1s~B<Nq*Z7q0~lAp%Q~2y&o<)tTGr$Z&5dm;*U#uNo3Zd{4(yTsH1!L-}L!H
zDlY-yE7G4y8hM1AL0k{lR;srF)W|F5E+iNxp-8@A&_y`B-cHlTO{R0_;>k!$ox+7X
z;zGl`h|dYpMHIIL^{F5@1;{IWuEaT&DX^4r5-ujmDp;EJgixmFRS7e0>8>fQj&CoA
zb4rSS5-^hf=8qFGyF3&1jOfD3H&`Sy|6S}qph8{1mk^^(h^xk~A>-UoHU=UUPr<85
zacoTJMxrJpJpVHtu1jz7{9q$41<R3}E~_`D8~qezt(nX9aucLC&z;3a5xMzH&6EWU
zrlW#m#%#Gv%r>E6VUp^Dfh<6CM_%&+u*MtJ{Fb{U**8-W3?6y#M%lOK<U4$l-1QmZ
zbyd3Ud(7)=!i~S8c6?n_TW<YLmqnwr+4ZT`|9xTMp&)aQ4~=FR<oMq4zkc$8F{j$w
z`Em^~ofb(Np9r&~MY5_ej+7cwn6R<^UXhH1Y`BH2YZzmkTv8_reL7fMBTC#^uc;YB
zs1CvTq8iI%0^~$8D<&qyIk95W75RBe^5Hl!>t|+zcU~BCm~IBav_8r$IXM`6)NCen
z&iAHg=V)`Tt0HGmPOzHv&CU;^vbp}b4RC(m`B@<3CLbGWBP%yPT+ytiP%5d^bf%t4
zu=4YCoGUm}L1-To*fKyjxRbzlK!rfkd|rGXIU-}Iyc_7!5ac)Y-&Xq%RkqtP@VV2n
zDY;(j^cWOEu8lr_x-C1hBce-Hq$<jW%Aa@w0@?w&2w5StqK5vTc+h?|^8KO5<Xh!k
zpUZSBq0yfRq<f!f3I9OHw0~5dL1F)$AJ*U>q{6|`z0;RtHhD2Y6lv6k!oY+GVQkM}
z?TiP15P`$gRbsvXT|zaO=y=Q%d`%*F!7o23<SpU^>k>xN*f0<LOyozh<jzNxcMyw$
zS40xr5TVP>jSfW!4o~2v&mc53*W;)~b_L@OW$gCR7$F>nCvtnfY~pkUWLa7Sk)RZ9
z3ky6!P-*#HJlg9Den#@wwsLjiXU`1xh3}P!99WoBP>R=CT9}CbEgKQw(?v#nGh5tp
z?&22zL80W@?BR)1)$JuuTk#$BUTq-8Sca;QPTZf?+$~r{I$~;ikOrl%R53CY)h9a=
z7?x2(Y9h~1`{ReIZkr4{BzvOLX-d$2Lv!gsD|m7jFXB;QD9kB&egIQh<32iyj9KkE
zht~y>i$m4k$q)!9^k>B5m&WVXN7o;${j0<hqkr^7hHvuVAIcV=@&=~Q6wG9V3nMlf
zrkrByH)37+G%I*bGEGC5M*S;_^AM^wFf5Vq8!n>R$hn~zfW40)<>R<VgL;KDHLD3s
z+Nwx#{gAA?Xa^Q{V0wZz{sdjfHl5o)9orgL$J{|wUQ8cNh@cdWEn$J~#guB_2Z~nN
zI<+MZ33!Z9(ZT|0+=|LEABBoxB_#r_X(}l%L~{%*!ogJ)a$HiBa-WNehB^X1+L<sH
z!PM9Y>SL%hU3VzXWGT++DHG*&90EV#7}ocevWeA8ZAx0U1Bcr|$$@*WL72pm87FUc
zr9W6|sz97LA8VLGXegKHDoJ3y;Dm-VoI-ic61q`-<NK*3>%5M-IVnkz2632yCkPJj
z8XXsUG4>Dcin#T*=f2Rr#JtubcCY}!1x8wxK&oZpI!|dby19rZS6MAANQt9=E7<=o
z%x@{%O-Z2850P#LWDG0{Ds2uaDQQ7hS9*)aCU~a+rIvIz?wnKA`BrL9%<LFUOnb0g
zfZiZ#sR@WAF`P?xc!)fyJbd7TH-YBUGDU^vMG0Xd;Sf6!MBqT+mXhD5%S&$uaAsx!
z$sq@D|ITa)jK@{@j+{P7TjyS&4yS#G+#OQt1!)3{pa_nzWBNo?AV~a4og4~XMAIqS
z=FfFj38m9yT^j=_4s3Uu1vd{hyQozaU~4U!nIYx#c-pG3Ap~dMvI@B(!b7c3PfVSf
z@Amxwj(#DQ?uR-$qwa2YZ)Vh!1om^8*RAl$G<Ae4i<O)JDL-7#BA9*nuojZfMtV>g
zKmkkz@1~>^RD6QHaSXRp&R4zwlJ?a~2nN`#V7JPiD!sds_~G$HIHlC~DOyT&$BRas
zww_IiB#ejmle<Gm94I9#KK3Fg(fl_JY|PBcg&Ae!ZjxX<GsXiSRR<Ql9WNL@z1j2Y
zT-0pR{}u7SC=PU#Ib$<ZiruQ9-GU%L8N-{yITlK0b_7lo!Xq>kqRjcE;aMfTuO=Qo
zr}V#wxE~mJqnVLhf&9mZeMG#$rZ1v(`DqH9+-*p0&p)d)?DyCmPp{~72H!|>C<tQ`
z!2H6Ve36o=`a)I@G<Zc_OuRZ9xP8B*Nuj@J_+tTPEiPJpoID9GjK<X3<lT7~{fS_R
ziYZCed5Atx6wD-oR3kekJ6&bOYBKakrd4DJNiYe4#-vZk9dmyEQooms7L|~8cn-0a
zP!c1^vNvh_s+!7B)Ns1&wUsbeAdnrXn-M>CW4>dli<}H0j!fz>RG50th0CdDCI5mX
zNRo-7(}#W}r6<QuWeH(9%{B52_u9forSD!!86gG!Y~RH8d<Cc3%HF#|m3e|sft{;{
zAZ@fSQC7?#l~t@-9aBY?<~>Y94?_7Vu2^+MGG6ax?lB#bbN%t*;=CFcBVErPuZ03n
zZs&V2haO<#1HFk;IS>;w88HmQcjxA!xc4d=z~8ZL|KKJn^arl3UGZHe5R8~zt%05N
ze>#l}%I?P7X-95cdUl}l#!V@+y<18!aRa7yhlJ5|T0YuAg1T^RJuzhd4ov`aIPh39
zre>=3kEpWpx?1|Y#^M0yvP<jlS;YvcUD9C3C#=Roy9_GpzNw;%8%k{~s!!%uA0Zt>
z8sjV?N}N+^7O@nf8<wRY;yqLzF~l!m2UMn?yF_{Y&pLYvAkYUscLCa(jc7>vQ0`1^
z74moq$5COzFE!8i-M-S<#WdaaGZa0_XT*?EyR&`e`*s$Q1ULb#v>%hFkZV$o3-O}E
z?~0n430Nq|n)_rHO|3o<BF<RhIJe8HSzIuo-sB40Eb!5m5QHo&X?<f^II_T%Ze*OQ
z@BK(GkZxC&idcUV73~i-!4sTtPIqF6B)Qp9>hX!IYV`%Esb5K)j9rG=H5uWDi-_{X
zXwQn*2Ltt^!Rw%n<fY=fP>DgAV2UZlHYOU0=$a8-wSq-{QWH!?TuEx{Tp<0?!;W88
zI(^{78z)6!*V3Ga>S3MHlPUrZpnZ7Y$dSMvpG^FVoyatW_)`~?ksnvkT%NG2OQR0O
z@?R3Q{y)1o|8z3@OpuINCdvqA1mhdi5wrtnS|SEu0_d@Yg$4zISpCF5JZGe+3DN@`
zsZCi;O*cg|shqeD5zKOCX-Gk7^Ryu$XtCu`sRk`C*yfFmWyizIPk4T^E5`E%N<%eE
z4?kxzVj^zZqa4yM^=CzMT=FDV$jI@pobOHh0jJ~1iUJ8s3Me1xp-aE?L%gVJn3Ie+
ze<9J%R@iL`SlGr8ZblKr@y916B)w~}8z4(kakJqt_)-?ao`&fwN%y5l%X>zbPLHQM
znN(LndCi_j#G`8?<6ZUCnfAGvvD={>EDt_9iQ79KsybUZ!$hA#E>CPI0^5YVLoKDn
z`ZaG}SP$vS3_*qXa5+qa2S2Lp9c^JfeqNzGX(C-fu}1>2k_M_~fp=Iu-$Y|;jG1|~
z#B9Sd*#V1l@vwp@7-2%w9u`)GTa#pxfT(efEBnU~J)nJu5#fM(9>))+O2f=6r_fe$
zK4Onb=a_-@thXR|yu6sN6v4N9<5+?D)i}Rm`syHP#o)t0P#+u}*CC95n_7_3W%@6b
z{Q94NDF_5BIvTeh&KLDqKu2a$EIH*5qqHWyCUreAtq5kWVAV3)BbYH32s5=0^I9YZ
zE@YS@nw8Ha(aaBB*+?OS0aV1fxq5b`bs~EHYbl~4Y7%tG`#vyT(pNx%y*+*#ixsq1
zO0M*k!a)9DTeBtaKn-cXD)~y%RIG&Tu$ffZb1gE1&~;{tBKzmcPYMcvhhuKg_r9yV
z$vuaM+6w}pj3pEyoI^#l&j9fur8)MvNEaZeEClnJy7O890>TQ~DnIGzd_aYUJVYAj
zX}-5B6NCM`HVm7!uGvY<SXp{g>UQurlg})z(6Gtsw|YGZYBpzZrC5eedqP+?gkk+%
z0`0}S=3prv?vPX#mg7B&TrLppXZTFMR1_8kRx%fo(B49^vwQqZN(#JvL47S}cj*rG
zxJJB;beGy8zRSKc4mJ@y9qDMJAItP4b$(k{7`$rZDK1~C;g<5ZXWPJ`jFr2x6)ZcJ
z17x%|&&P>V^$*qSZEy%jgY)GN{>N?5nVP$fD;>8Zx$AB<ScX6;=Qsk$08zwDio^mE
zr3RC84c8nT>To0SnaN4dU$c_i^s_0*YMgWpCZfYkq!B-dLD1sBB<^)h!2?gbpW2;D
zH$CrmcCrPLDaO$VMh`d-HXYC09^2o&BdxBxSHQ0ZV%sRooib2LO#c$nPO4aWwnE=B
zB}1P)q0xirf^|W<Bi#_~itbv1y)V1Z50e)UB&blJ#i4*AMv&T=C}PMpP6<Hl29^KD
zH36D-3}-{q^6t*(Z4JI|p&PNBqp;3p)d$gUTQ@`u?UoE5p#lpue$d{sI$`p9N18@I
zF#6;v!2Ru3X8v1s`eLJ)eYHwq(DxI!8ls65l<$b++SsyVBr$RBmk|z%HmMARG7c0)
zcH&!#KxQ)=nfe4;$;`OLrZt0atP9)GN%w{gwt44~{%?JOnSsWx40<HR+<Lm|aWnZO
z*1Qb$8?dSb*yo1Y?B(I17>F^H)YSy8_oy7+8#DK)9Dj@76As{Z#9Y4h8asf~E^x&w
z#fO+qAP)vbRq9dBOOnY;Xz&J^F}4PV8Rl^(7k^;IZQ9GkiQ4LrdKr1FHpqq;qf`j%
zeLX`Be>cJrKF~o<KD@a(21+MG96wQ*KJ}Prxq*^tOXxSsMeTD)63Wglq2y)mCPSO#
zpY!!vpIZVHRG_ta;}Nug(_M#T5DaN4X&UW`=@O^{cGdOv;f}erN^Voe-Vw{=v$T}a
zqi)ZCeU-jQKXm^mJFxfQ%xi<3Z}4ny&^OhMjA&$@l7^LNYai*kKkV9ws-~C1C+^0)
zt4}E#dR)LwYtwcFM}Pq{X)IvLz$)p#)p;*x7P|espl1mtTf6f<y|Z-8_rz&pW@a@D
z@pP7HHdD4g+gl*DP%`Ld6QAQFg{sxE@Hf3oA+7C>T(0b+_EQX-zO{19nH-kJk)G@q
z(nvD_bcO&qyUxYPMTxuKtNG{#ms{lI)2^$3KQRMRkn5JE^oNEZT9s1JdmjDzbzfE|
z--9j^7Nem7cJ+MU0L-tDOb~S&z*up5Dm^+b+S?r=*xVFtjiUZO`NKr`v9juRWkv?o
zvR+paJ^xOX#Oc1KLNi_+>h(e&_(4Hnc+Rk(Kuxm%7I%C^3m88vB>{kpq0~RT4tjr4
z<CwhK`@>;H5K9wMah9Vxr^mo=Ew7^kuq+(W*zBgtdq)`|IjL-F$^{2aDkVHfSMS%+
z{7|kbdt6=2Z&Xd}9|EzuRFA{HJy=)xV~M?I(OJO^OH)}rZ7}U;()W(%G`<5=xtz$l
zOUX}9W}W~4A0og4_6-YPN}*8R9lRA8FFIwITv)N%**wO-HEe@Gf=T^3JS}m<^A4Ig
z$_3#EWGOGf;O+;hjm&k`rIb!h<#G{8PZ7ovBpHFj=cWFO_aO<?`t+nH`Lat|76QQv
z<uqz4mS1vOHRH&$quJulG+9N(^77RMP~WC*_L=)tbTDHpVtFa0E+Q(CNTiQ#RbVJa
zju~lkZR=3DhrAnesSq~qw?3-QIXWds%;jfFlX59`x&Hplz@8=|EXH(zc6^96A5<u)
zd<7>p&i?Bg;qvFV18tSV)btaf#i8$V`2fjoddc50Cu&b9X1mHbi#%G^Ll^#4)vi|^
z?a*@R!Bh*LLg{v|)1d19CAy5g23mKH_;Aas&AVN_M<^4GkYE_4q}Z?=6^=qC2WnxS
zKU_)?KQL6;VCFh3`tTHeX6RH($L3nu!(FD3@sp{6Dp{pl#pRs2Y1?xDL_Q2SEaPgM
zsmw)UY2<PMBRF;ybnIk=Bc@uTSxz?f*LjU>WpZ}n&@90eemz_~k!*-VFcK@GT~xl>
zsOv*IAou_J+y^dj$;6?_>Ebf#B=)E7^)86o6AF-P6jR{7bC7ZvFjnrZgg=?)F}W|y
z8v8WbLHT1Uf3=67s-QxCg+#eavl{_Yd=+bvU}J*>_C^DXhndgOVn*@)9f|etN&4O@
zKAM8hU4$?B+~*<kxw7b0@2Blb{++j&*UvM%<UQfF6tXamg@8yuV&5P+1z}pha#3|I
ztBSB2%qmeMpdDbBNT)?PC0bYxm_;Zop%i|eSP446$Ui(UNMX%Me>cH|+V-4-^^<Yx
z3hx%uSmg5N7~T@#V}P@Uz?GWjepk$J2#`4lya<H@^|J`%?PZs5lO2NF|Bw)CoVr35
zKxf060fMobifrn5lygDoE-D<QFZ<n#R35b~lAy^qNv<op<a)mx{IGJtz`vB2z$#%v
z0B-$+Ctyen)ptJXGugqbGfJ-(apQ%h<@vBN@0tajkd)9Ud&teC5;zo6+*Y_dIr5{f
z;k!>Zy0xyU!)c2iiq_QVZTEDgW(SJ}z8f~<^OyVgLoMXBzoYeCWo@K24<)%zgL}Z6
zhhw~*(f;>3>WdU$0Z{;4qKOY?Ac4pX5CgUFkU3eQJPba^oq~=H#q(;<NeI@ce!T50
z%*1*tAIs&EsbH+se!bRK*3`@Zx5WC~7gAACITD|n+o|b&`8gu>XJg>5^n*g2cx4Gw
z!_qdku>CmUW9dr?DX^NEP|+lqMN8Lq#!bG*rQi@LH8-O!mpVI>(8*Bh2l>o3Sfi(2
zimlgVN}brpFfUbCTMVsM^g#le7JwOkuXpGoZ?LN>dE=TZmzK8%K<x(KQ>+mUV8{rt
z3mwz6OJu;+m4d)&#(z%!#-Go>AUbsDuIej#gMkM=7<ogn<g2a9A}V4z*_4q{V`{cx
ztXH60C>C?NTlQ_2#~uBqRAqnAD07{JWCGah#JZwCurMx`BMxkn(W}W%*aRf{ITag$
z2#soR@cyK)mDqBL>v6>%>5hPV@mdJg+k#4OIpPwNUFyFbn?_z*`MJh~pbln0sk`re
z*(Y`v>eFv)lN&ZJvvZYjb;QwDTe*0zI2)cS8>v-;vJW)gVzgw6ZfYHi{&Nul(}P@(
zLT;k<nLcP9C0e*h$SlHhaH54M8&k~Jz7}!VJV*N$cLJGMIOo@BY81A@<0&HrpX7dA
zm?azN<}8&&N9R+sag=?$Jz0rPOC8`ZL}@J$$MO_h`+mJKi279P_2M0Vn5*T>J{o;^
zM<9SRI+H()@hf{!GO^{g@A0h_!$QpbxrI(v)V}IVMX)!PMO$&P<QVQCD%1~i(}E3d
z8@>XI8C%HR)PjZ8NrP90$hlAl6%LUo-@o<WT@yy)qd!<6l;qtIQf&uN>|R6MXvpeg
z2pkW_x=6r8oOV{ZBPzp#3}vd>s>umH{9ODt(GIa<bO|2$d7PX9n`T546Rm}{9Bl`_
za-{zQLJQ$E(9M*Z9^nyw_XnNHdyB~RXnnL7e4*^>ig=fz6i^gp&F73dlhJd^Q}^qY
zT;0846;}8X=Yg)N=Ycp5y8sq|u~>dQoz#!v{ywF~<&Z+oy4e}&K!ogshSiiAZ4?Tb
zUN<C=Zo2dRaKe8Z;=fq!<};?R8p2wprT&OXA2)A=g^?2*$WaCsH@_5^)(GEAzS;9i
z2}>u(sfeSop~2-zhuh`gnepM_k*YVZuXrdVKK$h3Y~_r#vN@2el}<75l9m?mXPo?@
z4-|oe%yz58<pe+&4UEyYwpK>wr_Dp7jR3Iatm91aksSwRsotrWI<SV&y@=<2905+G
zxI_M7+LuJiVtjMaF)SZtfcsf6db?%02P6~|@@HFszs~AAQ{E?fgXbw7Su<UW<|l4V
zBMK+%u{$CW-%7F-O$xoP-~nAo8E2+mn#)_emDZ-jY{^klTfw_~5eGr;woABBz32lA
z?xN0%&PIbNw_og9oMF@Rs8XwGha32=yAiH1i3=B#39GAu$f)_w!~3euu2=rBh7Q+b
z7Mt0_nOUy8G8APw;6pxeCMGyJNp_VHx0_vLK6{{sn_2j5u}DhYXln#56S4g4nL}Vd
z8Ef#o=EVE&Hz58`#s7xf1oVkfcrRIphqFh~hz$7w5%i_ywlpbU-j$vwy6qI6MKE#T
zfI`T8TSC#&%x!lgl-uR$1quhs8C7>xXnsdr7OYT?)>{;F(BOC+$IWE(meOXj#}iE#
z-Z_9be?hUbu$;Wuc?ok)+e`%f&G75i04hrh68qW5*kw-1r|44Sc~4ciA5jl0NFx|o
zX@7V|&bC2I(<}1CLSi`D56_u0&8GD_Cvp;1(Fj`g8ObjFH~lkXRsgrzQ*1~<JwzS%
z!GXcul+BKESw_8l2+Wv^<`-01L*V5!elC@7OMMtPvCYRcnz5pLMmFt3#JRVqr;lr8
zWaeqB=rt{DU$hc~fGqysG&4lH!|}DF`G`gUUnQef%;0p5y^Br~Yc|H|%D9=Y+A$h<
z)Awc!FZA8Zjcx9XZ>Q`XrH7OplUuOWsMRzIl8A39@R`Da1*KYJWdy_yc;H=8izKTS
zPYv(IS#bBS|91XeZ%ltJ=r!vOb{-_*?o@haaTp--#UGInl2MAa&MT>Tn;lp-n|1xC
z&YT8n)cPP4X=T>me&J`R)XF-I1KAXYeGoT>ztQ4mC4%BT4}@b+*UfU~S9?BPP*Ks^
z;l~`#@_Qbq&6*1SHsF;eGRChc8`;UUxnT+X3?#S2sAdZV-Xz$Hj9vk*I0?o7THa#;
zieY8IFn97fU+Dq1I;7yDMr^ckwW0|*)z$~1R$B-PQEQ`ja`z)Da)p^UgbxeF1cP4}
z<37na%wW`OWP3%b6QgP^t=1@nqd!Z<uO^<>K3wB~NW&-u9$Z=io0e00Yekf|&v^zi
zl(pv|<*S;5J(UEvym=M(Ck1s)8G$uyKP)7(gSKh$v4j-{57}yX@3~*@UPlPLr=!`>
z=hkgHw>;r!28j7#IY@^=S(pxBuoVezGWV`?*6`*&t^d1i|8u%szC`xYz?s3*b&{~K
zTCl^nFes;QX+y`rvNjguQZ<^z5zDM$B?-62in=VXV|{RT-~rYVt^_gRypYHy<&2;X
zHKtLsglE+aPL2=bzdiy0om|U1i;?TkSrKKDTJ@%d31R^eyLx9+e=dW7NTi!zPJik+
z?@oxh!=QI+3@X6y-SnUBw3R|WfrCT_aK2e{ulGET+a_?)agX4(IDa9n2?U#duUy9v
z@w9%$`T)m)0775u%K(3^Uhj!1H|kxQr75w^UHldVNXey&d>Fzr+UEw60)TecIj2?=
z4U^+h<~Qex{!BdtaOeRiUpqPkW;a<<a1#H55?$U<>``^QS}R%aYue`2sC^kyJWj>(
zE^swL^Bn1#lKsQ^+goAX0$U$`pOsHapzZi27?VW4YQ67K6I%6N;(Gai4)L1UeiAq{
zpKetlJ;i^WlL-~&_z62v5vDR^&Qj6>X+w9+1tU-MQ!676w@TlIrfTsX_Q%K6Z_Xm&
zY0dG4h#5>^#01DNElKv1i8EAd;Yql=S0yuS=NdEleP(1SLDRwAej-+r5r$!4k^q#K
z&SCikomI5ZH22opNelyzOq(x%(vCzc8U4)kCG0jwE6$ndogQ_oieenNK8I_*NtF&O
zP6=oMMh$pAZh>Jk*G8REy6ic3-Q<LoL)xu71lZjW)T1m!VI#3t0R7eCDBhU7q)!Of
z20%qaa*zLSt7kKY%<f-KMt^h~jrH((!o!1UD@QK5b&Zqm!(ysUh9Y_Ja<h(a2QCd6
zTXh<imJRE%qwgq3Gc?OL<S$h%Xfak9t()=>Gv_XLVaecR<G}s?ntAv3MSK0AceB|;
zX)4lgEd^cJvU@9IlAv8%kwl}w3Mx=AvcH=^M~~W<fbBp3>AU}wtRJ#Z1HoF*R4${?
zBZPb1D=ojp_;VEwglb9JTBn3g37Q&Eg`7DcWeLA0)xa(4(vE@vkOhj)Mvz&>c@6Yn
z?IdBJ2GZ+-E+_koXwm>+i884*f&4ggwqz)Aet2k1cv>$6Ou{P!1Pqbzy#l2bUUcE5
zYBHNzCITS<qdLK-_jc@bi)&gvoa@iHoqE}>U1VLx#s;bnFUx=kVPHK6ZVY5Mg0;aW
ztbb*9ipRNw`re?tiq0FhWdj<}m6;Jk{ZP!mDq_|hiD33j2t$K@vAHYJ%LQcBYp<8i
z_a>dYkll%=IC&`8%+ku8hj!Eh@g^R2SjEIdeZRZy$-=?_?Uy}781Txd-ck^NgE|~T
zE#b9=>wxbH^9Y+_H`w!=?M@I*CdSIANV-0sQ>ALB@T$o3zIjoSi>F?bvN$uVY1F0J
zYBP7(+0;wMOwU_^+qGKhFoG$kI*7gd&rjhq+iN8gkC+8T1Cz@Q{`Vta3GFV~|LMcs
z=>GVz2FwD$S7CG`UTfA9xy9FMBiXiSQ3~#ikQPCk!BEpor<u9top!psGE<oDYGkA+
zc@4Q|0)E`v{%kWw61x*Z23*<knCTjpZSD$iC)FxR$(Dwe38p~?)tV~O5JY~lMg^fS
zD51mg%dIXCvD};Lz>O#f)aXnEkac%(PZS&*v?e9_vEb+6W6T6b1+A_LCQy+Wk5BU|
z7C>{rT%fjB2q{qy)&i;1et5qrW7x^&G1xlcD!H8$@m8Gm`wfd36;_}SmsuOJjd2MU
z_gFDFAePk6cPSNd4(sA8XL^c_G=eic{;(&dsGTZSxgNN{%nquL<<}#z>bR@?sumoi
zH5IJw`3zyR*(j@ayILtXdP~mC3>Vu9C;@e-D63HM(ZzF!K3PYnGY1stB|5ZYwC?L@
z##K}|r@tPJqmllhijPYZ+uBv^r6@l@oJw1_4Hi(3Y&4n(&tAf<Y+%LBta{z!AT2^K
z2Wpx2K}X8T{?M+`iHdL95t|H0Psa2Wbh~~nV_IOY>jAMxE)AMX0_QGCs;^GiftbqT
z)wcT|oT3X>BeDzVJ31Ptm}4L?ol;|AHNl2W19m=nXF2v0?SKnJ$(oHtFgI`%ieCrn
zFy3FHh&Cr=C>|bZ#0dUXj<iD6w5#T78A4^S@rR>yxm-iaK5IXL5h|A4rmYJD1s1g7
z&uM{nw`=q^pFJYN^d0=Y^#C^uG4*0GBHYmsP)OBVk|jrn#GoaI8<ZbYX#<!x6w#VM
zz4v$e=+>Yx7DwGLhv)}qqnUOVo3%79EW)gz;N{l(G|{AX;vozSW_j@Eh(jkF!)70W
zD1SCz9C&#27=<rUCjqV$H7GJ+L5z9gJ3<3P0r<06m!TM^;Q|{pVM1?M%B`|*3@{_q
z=`0(0N0dhzbX^+j&9v@2$US>%Em?hp_l`1M<R|l_y@}|-*aF>xq*WR6`T+nK1u&s3
z^}e}%mA*oN-!tQX#`)asd}<Y&p`DUkL29%!Xw;cQ!25^}Ln86tj}>-&<s<{ny)u~^
zq?h@#A}>{<R%&$08y0ITgE3H5R@<%A*~{;QhP9{gq03l21eYrplr_74;?JWzM2(ht
z@X+ua{<U=J#prCdN}*6PGrHpNRNory$=7>bnzbO#bF|HI*)k|L4PIVYs**iN;+>JR
zkA|85B5XTi*%tpF;LjJ^_fwx4OppXe0MvY_F9owqGfTl8&5w<@SmUe+O)}jAtzSuC
zok-uR3)Rp0wGIujWP108MotmZZ@@rFLqCraM^sBnt;~8FcS!@TthxDDb0D#VLtg(6
znC0c={iq>nX(=3aO}Ro&v5*k|t^lD+?`H$c+L2_CI%#3~)p~UT4C&?RcwOAgG)4Yn
z>vP-yk2@=xPBC#RcFF*Fb;v?TevmFs$Ro6QAS5ffAMRFM0xhs&oT<!MZhjHAl0X(1
zp!YAkMQ9vf12k28Lp-ZzD@y{QWTAAHSgGGOh$bYJ%JE6oq9+%yT7jaLC7{+Y3~qb^
zIkB3ZbLRY45a~4~a82aLu5wmIv2THL3A24ViagoXFjD%-<G%9!C4ctmE$uIPBPu(D
z86RmjK_kAi7X3`^CLO#DT_j?+8g+c%LwyVSd-x2~%a3!va&m?OSvg5{$YUS#<5kOh
zpBwpC=8;Ra6U9wcLt3^xdV6lW!4FfNDQY;7DU;PzREo~?Jy%b@bA<V-$I_NFmR0CJ
zto1pVdDAspi3G4Nu=P2jVEkQzjufv{6Ze(8`FYWzwj|WI3y6ONX=-xf<S4DSyE*R_
z*PadHdqo|;U`!*7TiO<$_Qya)m$&z*ap$VnHZ`HR>B{Z>e?&+hE7Hv<QHiAhWz?xF
zB>i;oDdvw*PgFc?Mf*JI#I4H=T%alz95t>tRaMpUpF6V?w@lGGCn_r(KvB-6oZ+LO
zD^-x&WVZZ3Cn$<Yhlk4*H8nzx1!^8Irx;PhK9PFnrnYz%t#RNGAvlvMiP_%Mb<bn%
zGL6)vtkK~-aB=$OilB6lztpEMySdbM3MRAnE%AUEp4rc@W_g4xS>RS+wwNwTWLQ%7
zI8x^FA%&42_n<4<_7c3B8^zJL!(qNUI#@be{5hEu^uXdY0QPi1g&fRcv}m$$i^v(@
z&h#R)q(SDLtiR^Hhe9{_3D{W{N*SV35hkfYBjcpK<c^&h{^*wqofM)H$H&WQE}2nk
z`{{fhCSu`T$hTQ$8zB`AMl@IrcI#~9Fz1m!T{+~nxL#VKrl1&!v*w*CdTBVYV_@Qr
z)_EiAG<z(;%?#=u&Qa9)>0i=BX(srb5}!Y8{3Tm!`00XxrhiUq-EVnM{R^S|Q!z5Z
z=<b_jm0Fv9HfN_dVymng{&9YG5PNLE3+EEdH=Q_Oy^oofWf(hc&;Q`Um{AN|^fBer
z-1Qe7aPawd|M!=V%#Rn&rLF!77s>Wwm=621E>~L#v#D{sPS=mw`M0D00-YL>K7P)n
z;MJqJfjV&|+*DL>_aPvZcOBW9I)2~~Du1Z<x&|4OO4Z7u3dNW5(+Vm&<#Pi4bD_XL
z`uSDQ{H`%5!~)Z%mmUj|pmhw9gGN#(7xOEZnG$9#C!4{EmKGMvT#7|U=N2y7!rJ_-
ztie~m7NSDpQqX6NWaL;3Fm+BLSX{qTKGH$GEpvzEDDU8-_7i~-Od(8Y!D+GvsOk!a
z->=S5G0;BHwl0rq!P(n`t=JnT-W5KI*ybDb_ir&SxB6gehsJ=mi1Mh1c6c7u@BE>r
z<=}4EXL7yq<_{!7#p0LMhg|woLCB$yQyH@J+df_4`c@q3j5bOn4qp*-SW5$`^`jXv
zxYId*7l}XFDiBi2H3ECS|3v_8Q(T6aG>t)I<tbI`eHK+wO;WmRmCAixD!o^6K5wyG
zFUaP0GdxVL+Ui_6xmbs1&EhO>&U7tr=9aBAn7wK@3pFhP1$=VTmsdASbGzEQWOsxN
z7y?<Urkc%;xr~BrDCYlQPaTB(nbI?kAxk*T$j4eZBYkPf{}w~0)l*rT3lPHhxh0-}
zsEU>iS(-yp5c3h?-Kx&O%UXElz6NSS{(WBPbBTPz_rHRT3)p-1&KEwkTMI?=WfIfT
zar0*muat&TP0y73;UE8Y+d<Q06gA5Xq9>@lMH&|!N|c?<J%I6V-ZR_txy|)PDbePg
ziZpG7?snKYcZNgp8&|Hf_<qK;W}l|z0GWlYv(t;YY_}_c6Z|cf0XyBida-Gd_;DA6
zgAD-LsB6CfYYT|iPb%fO>`1Sm<sk>iw()27*0tYEGvPJuM-N;SuG6pQ{B+rr9Sh!s
zvQw-zqbMtMbznbV4o0zAVlrAP-$d5?AZ7BGFM?0%U=4Ut3w&m1@`Z+s;y0QRDc2BL
ztu8y!S^G$T#u11Am?KT8_OE8qVUZ3K6I`IM-Xf+>P}b47=*#dYZ@hgS8|4FU8|Fvd
zsQfhShVQ;ZBkmks2JyK)_L1|%2SCbaoh_8ODhaChXI=R9d=wi+jMn)qpJjI}<y5dz
z|Gd8;ej?t*F6{kWa9f&cU$LoBLM328KcYk8uI9iH@YJTG=^}|^qm_cAis9-3Ut7F#
zN_9EvqdXj*Io)}m+?mtyyi&AOj2Iyos(`2xl_;KxGvvEp5&d}IZ>FM&S~+dc^@E$y
z`j0s9FS+fUX!k36x*3aNTJa`EWuwCcG#ZQ<us59AY;ycjQKnnW2>sYNuS`8Trp%xC
z4vXB3dO&`-prfu?9^ahle0l>c`w`o#+6MZ=vrqG)t9V=ps4Gvk075k_yEJihhMJjM
zxUy`V%ll6j-uo^@Qexu1dW-f#zC#got<h=?HrXza{vYybw6q-6W3Xv((>2>>WmO&*
zlM+1;BYr%x&OK=Uv&yY!gsXjlNG&)-gD7ySS~>-RWB5V^f^9DqWTjfp*vqbWblQzp
zBb(@R9G8oYX7Z-HP?q2-F(CRG6!i%c0V@F;|Ez<<lF2o<Zb65yP!>Km80_`(W)A73
z)YRYQTTJ4|mpy8_3Qq#qQQ8GFxW7ZqKBB;XvRgRQh-<MIodhCy3oNUkzOJa{EU$jv
z_m)?=Hd0YpCdDV7DK7a8#S<efoG?@}pKQy@%36gbS$~`Y4ogc<bA3%~Tl!~E(GQ)N
z>#@WLTI+v+#9w$&EL18%$ejp3p;fw?^nebG=mR4E;hO(5irC*lJ|9y6^!yIj8{g!T
z33LAj)4%7i?YQ*fdAyrB|9$s(aCWJz%F`|{5_2+GVLI`GP4sEfWZm~xgpp2uI7ze|
zpHX{D{S<+DKu-oAfz-0uTp}7iZ+;G0IdS}m+~_s~#Z8QSJyYu~0R2`IW_@25m$FC;
zCtZc9?oEvjv)D>wW1=g~pjB!8Us-zS!+&jFg!u-!@I!Ld^wGv;C00KB>&U<#K%`QS
z(%Lj!BLP{GMWckq<R}UL=~~&UA7@49h-Nna)#2b<#_uLXP373+V3eJavEh6%CU}#e
zr?R|EH?yL`Ex>;I5+a70nrt;(q51IOTv_=S4j?#tdSl$2fi>}+s~fDUe0b{gb=3%{
zc#@p)6dc{*$sep;B$TG&{zDv$S<<+?T!{)Yq;?A5_a%<!>u03`Ji?qUheJ{T059Xb
zP><su?vQ(PIh(V%RM#u3&aA*CZiD6WWq{ts`tM<X^Pb=3fByC9`I`Fm$Lar3^$pyW
zcFnds=%iy?9ox2T+v(UgJGO0`JM6e)+qRRAeRJ@h@4dg^88y~g^;FH8b5=!F)pWRW
zX>yKok?cIzzzd3sRKI{2my24_9ofy^c#%CXl;1R`l6yR&-#o)NGlk!fvg<C7K2)WZ
zw}0couwOsiSm$QOSN2#!xXuLL5Gi{^ix>{$Lcddz*Xz*pcN4@fWv_Zn@y^7|;~<Sj
zPYvZ`SGwV-{xG3gP^FB+aeLQ)cts<-enI*u(~iBg0UGm>mY9@Hsh2gwgdR^`OdG-0
z1KPAISfS*nvokAIRgkM~DtqOf9Zv%{Jukkw)M^!i=EyUh9L<?cUYqYG|MIV&@gOZe
zprW8z{Iguw-ad6Qyk=KXOsGz61#NgpHSIJeI9aH}>O#HzZszf@pVx-rMFLeMQ9X&s
zc1ZS*7XV{8cGG?l$80f6Xx&dxbbD)>qOocuY~hl4jC8ftw>-J7xiW<HMttf@t)(;r
zg9$L}rBD3dcK=-GFRI1h_b0zw{ZHy-wWS{u3`Lg);8vynF<rMYTw3woc~Cv4IZR9q
zsDd)hm9;qG(TYkoh0ZXO3_C&%S$57<OE0B4YUuuX)^o1Uh@zd>16#sSTcv|9Y;ev|
z)a3k{7?U|pvQV0$7VYz{ihhsLb_u4`>XKN<xXVZzNtRmJ^|Gh)_j86}O%lK46gr+>
zZ32oT4>&1Gm6BNvZE9)3!RP9s9i>DbNT3)@Pb{f{%-R$Lj14SqhJr1pQ@Kie<rZ9K
zdkfR+HGRoAI@q50vYj=PaxvG6g(;=&tI<V_hG!CXx!g`7W>dJ1{=9J8IqE7AzafDx
z3<crC8BZYljA4-4Tysjji}yGUFQOUrfpzx8g&bH>_M7X7c!P$~u;NMCJo#1Q8kRrI
za1Ek@>hJ%5o=T{A4*~4Zb}wgDQG!&m-Fg5-`rVs)cM+_T9k<)o)%YR~Vhw8?8xPAi
zX7U#(oCHyb9I4s%IpLELlFpr-mDlikxpZRZEqn9iPo^EMYNP`6rM-8+S~>B2KVX;K
ztIoH_+hB^g)_1qfU98rw%>5kD&*Q+Crd;ggUNdUIhspR35HnbM+utoa-o3O<QFz;7
ze^0aqR_e+piHh%tIQS)?d}<73eCR|WGfA^>ZiUcD@L*e{&onWdk(-&C|L8%76+m-Q
z?@_@6sH$ldBm{adPg~GJ9M$<nENRHJ!|1x1rFK1T9I;F_1HJGSX(wP&nUME11a_o~
z!Mf&d{8{-Xta}du?!?3z%7jSBCB73m=^$*kw6YA+Of|g1**l>AwA`VqLk%+iSb)qI
zUhSpDS(*3sN~(ZwI#Z4MZO|u({<&TWOOOvk5n(Nf|H-uO{31R2{*&sCwuFg(1;*lk
zT{op6ccG&nA1&)zG9dztPcJOh)m+gh!Oo74`<pVMTtT&q(uRK<rA;e?z{^hYSK`m+
zK{-ba64S?vrJAqcxlt4s;c^!_Cxc>>9f^T}{G_6#QhrZ2{aKoH{JP~64?m!_Px8QU
z1J)N+(KccvFsadM@V$No6A%sp%)IhUEVP@T0<$8ssu#d8`<}n{Ju1PXb3oBwUOvDW
zU^kI$>x&L)xtx@gP=3=>a2Th+STb{WS`}ks?WjdrB<nP%<RMm%P3XhJ$yhG5&$1hC
z18rTt5_}IAL;XuxkPW%Bu#nij34&!K6jq!=v!nS!QP5n+M^_iSWYNaR5jjq56^9aW
z&O}-eg`Smp&Elfifv=m<S0~XAZ<+1dbfdzDx08n)n|AjE&}<6xSVtr!FHOFnC5zIR
zM#rWDI;~1Y$vnVV+Z@}-$?Q4}X2<@C<ZjjZ5828G3*_@u)he4ttcPVjuDFgx-P0oK
zWnvF$qdH+%hm?FXxXz-clGD=CayDO>9B)EJwNcCvu!)G5)3rFJ#c`d&l-9Zz9p9U6
zFjG%+(k|m=pl(JFlrKAdj7p#4RBlA@8*^j@W-qFLyo^zaJpoHfV&H|OkFi+V+cCo;
z1?5a;lx)a$KqTs)-*oFX7QpOw$Z_I5EHf_D+#Q4*3=@yOx8IBpm{CxI<<7V6ukn$A
zRX`w@O6t>#jsMO;rI;GojNZToFCqo0k?FoP@@b5KzLl^6OM9}tsj$18XV2xYK?C;J
ztTq0w7#;Xvnnc6HkULhG(AwxW3q5s@?O*4GU1P&Y8}xGSV>C;=HO#g?Rh`;VciGx-
zo0a_CS6}?Vb6DSyk&)F0Wdx0G3vR>8L*Hu4rrRUwofF_fJ5D{_Y_sP4A;f#{sLP?+
z)Q4E&sD9%w@DO^#3h^*xDbf}^wZxtLpR4_(&k0&j;JJImZ}%Wg36<7ZIJB^~k)Ox{
z&yvj_apD=kX1BhL8Sh+lt?#`<dJh|8x#WXz77&`F@YAI_#6nD?Eiohr!B--C<jL*f
zks2!;(g}=1GEs0kwP@w$8=L`Na!N*+=Vu%p$hOqz?cGx%!rpvRxw_saq*$c+dkE0H
zp_t1IBy_kYT!#i#4Y1^2hyiJ@HvH|^kHdRqqh%R;V<a`WV8i4gS4%e!0R)@TS>8&+
zNTyO&_T^vXM=Zf6-?#gOurNDyBN;Usd$Ecqb>`cXSps?-(^XZ#AtnUm+@=72?_ry+
zplJzB34=lI*rGH!f;mG@^qtiY`G6iL8D;Z!Q3;<K?M6Kyu#)4*U+%Y$&=JHSY8Z(H
zHk%X4`4WkMB^#aY93$2#zUFkg)6s(GE^Regc6uy-6>k`pQpG(6ec8?KmwR+YcS|h%
z9vvJU0@vWga_3I398Dcnmc5;uUFohey#U7L()Ax-mQ^lR=1bvPJ5-;p^kciP4HrYp
zv>6bqpL|to^Yf@cr{g;ilg@$v3|8Knh#2J6EWN$glTkKCt!7~}uAezHz8(V+t6s%Y
zB|U#>)IMg!0=orSYgqFl;+J{Lv9;{U)yE|_6-{kGJY`{yMZC+NrB!QL!<$gGW{YC_
z+2ypeMX*=~y`+C7*?H#6P*D44?}js$+B9oeBq(Lux6|BR#f7alC+>|x|F%m9JYH{!
zVzgt&czjlflR>Cez}nq@*(N7{Ufa`KnZSiSNF8S#L}N+1-iAJBHNsT|xbqLKF=Ym}
z23*Rdd*Dy#Shk8bH|!%&0np(07AtdzWm5)U`E1Tomr7^}Rim{5jVO=C$tjwBmMXqF
z{|uliklJ8lTDnlXU#X~YFY)E2W%I`&lExhPy{pcwwjEy29E)JO$1|>QJ2wXfFjv7g
zOJ4Xr$n&B2-G6_KOWRL#Xp6JvcFR|eIThiAE{pnd`FHRO3yCJC0I|Wvay^Pat>s#)
z9=#G_HVd5wqy+_P<@s;L4=olh2`*lHNm15R)%M-22AI&~9M-~u-<HYf*2S(&*{By~
z?W=37g9w}AHLO^OcK=nqwEX4wxzhQke6i;yvhM(7eqMTAs-g#<l}=@gee8IAeNi%#
z&1SJ@IZ0?f!lj9olAb+s6$omXmk=K#(T7~Fl1R2G<?vjwaF#3(Y802GX#oM0edNmv
z8Wxs$A0eRda}_!=^-|Tzk$>FLn&=x`Sge_+{N<#ry@q(aA@AcQP+sT8Xzc6ry0)c+
z*OlhBUXRsd%wS@{c-Nm>{CtQM3ba)mYNxU5wz<-wfT#*-dw(A=UhQ-!21}&xdP<1F
z<=n0Dyy|>B-Q4K74|sJgzrd+2clj+)?~h==U?UZ46d+pPP2X^A`B8w;V6K5-^QRc!
z>P)S@KDeBedE4r>l?=Sc@w?cBIJ9cLgu}iHr9LILaNgs+uy}GHiv+~Ud0>O8l>8la
zAdcY4fVygzZ?$8iv_$$G$SC8;NoGA5weu2gf1`7XnK?W<JSM2xyR)xWVefZYszpZZ
zSTjpK#g5s=ATIj`ZMWKUCEu00N-*#_>Pd0k0x1KiFa5E+g05-BVa4J6@^Zx-Il>Lj
zT3*9nsY&5gRI-_Wb+0|Iw4n9fchtGBZvaQUXpETCdhrL#u@sxrO9JsYe)iM*lfqYo
z%mN}XYv&MGqREV~&jTtYbJCy3O^W{bq3EduvbFAM8JKBVO@T!BL`|!69-4c3l^N}D
zqZ1>lW?n6>>%eFzUNJZfZI?r#%)wByJh;TWfKCLWc`x)u+l2XJE`fE{az%zv0v~$i
zCw|8ORBa`sakw>2KW+@;M$q1GXtX+u#M}|d2=+ccpExhoTQ9U1Yc29-)6Cq`i31s|
zRzS-Gs)-#O&*mZPV#jG>u<P}Z8!SC696Tl8B1O0P<OB#{pwE~)=qfB}pfwx^XP#-V
zVJEB9ve8NJ%nnF4_tq{KS3gV0zKX^ui{7oU4^>%}3aLTouUDvP2W%^$5z*sDLri`q
zNn=oCB9uAix|(;(;*|QGK97alC9q6We}|02VDJp}U5Q%lJwa&7Yb6uy1a~z}PUSx&
z(w*61Pc<ili~*?3o+R~M;KhGz6e9en`=<i4!AzKZtxPFshLv4yE9i7BMdVB~wj{|Y
z%^C+HHe)-=-8^oT3a*eb?STLMmDU%(uhWIlvT^h7+(LyH3AEUSelh;9ri&709d+tk
z>3PJ}b93)BaSbd$2}WVRnU%U+o@0Sqi>KWseo1x8S*$DHykmkp>n9}%PMYPQ7pHRh
zK%`S)sS`vR1-qGT=qYI(XAvPcxr)W{H>!2L*eXwyr~&q*GI{}BpKp&U0W;nk84EJw
z>J#h665$y(i#L&-S`vV|-tBdG0q1*4CFY;o=H41Ow}VY>HLx<sm1a2}Vy}-^;+b?o
zs73*+tE(#N>X6i}AS)3bcvdiZ$GN58QM-2cPc#=Nh0g_{DyFiYxr+<Q`t^4aftX-S
zZ&>!s3QpgaTZwgfm#?qW;JbXri)H)IQ>9P@whkcDs#Sch=RPz40yNYRAYat%olzN%
zmcS|J0W>;pW*u7b2j&B$`Hh7eZ3b!LRk^6m#i7;slMB~3I1KjL!S@=bYIH(l`?unt
zb&Wr%XfhQ%WchpG6Q;z6EY{K2nfc0EHFjaLPeR70zbI}Wm4jXAXb0_QF)?yRBDq&J
z_k{wPkjph63IE}tT+c=JT!31CK;l37(=nc~!ON6UFve=45~@JYMm8w1gsS{mX-w4>
z&(#zv-a~4`HnrI}wan)8!EG)|x9xYKs??0GQA<x?;FFK|qg+6zT2-Y?gkQv%4|P9l
zAD5F51M1hM=XEdZ5BnE)#{#om$Y!Noamwe46_3kXW(CW_nP?JpHD?K(3yS(g0G3eG
zFtIgWwZ4uTiqTzNOEw(@r6r|ht!{Z`!v!Nqsx+Nw($0V=1k+v~kO8m|NSv>W8DyCa
zt6%1qoswZBIx}F+^T0V~owU3++$-#qq6{7h#EKjYn9&0<t7<o_zsX3}(Dq7=$+cM=
zWp#cu;^P-jwHQ`7z%8H7f+jTs{T+S-iq}8VO2DFTTXJcy15*!G7b^U>uwM<rE92Kf
z8e{qGlbohZmVqrt3K^u*nhv>0f4D_+u|jN$#JeWZlDQ51w(M$Y#}xtv9$wqBL_M<c
zS<<;awI6IZcZgwx>zJZ8gh^ykPh!}OE;sv0c8fe?iL_RuEAP?`xSO5(_@??l_=G!x
zc+VC$NA%TxrxXR%?DYIEI(&D{*i9hXMUBq;2Z6V4kTG-n<4353&tcpLS7pnVueQf?
zy60{<0{8IUUupWvor9}N*M9Wsm0OU5Ip?^(qFg92RnR<4xQWWnQt4R!hd9^s^@6F-
zp)GY*0ULw_M2x8=t2#3U3)C?Luv61PGnE#j#s{#|hxJd0MU4XhoFA%6&-GJzZsg+x
zC|lhCQ&eA&X3n<V0&@cy7(rgYf4pHj0|qpBAl*P}8gA+9RkwU?=L41hJ&VCWX()lO
zM#p7Wro)T#hZ2T>DJxAPR^e6!k}hv7qi@LiQHWM@e1s0<jZ3*a%%2V#S9-RO!xB@0
z8%mdls6D-Sh-;Z%TiDc~0Kz5vxNua7u@Mxh;zlMoQ|s>#6L)%jxONPd@np!k$z51^
zp|Z^RI)2{Z5Oe_=^#nIe02~nr5`k3~6v|kU+5I^d_&@!vhx=reKpPe6%tgz&7w#vY
zBmr>jrbnyzK@><T&eGT(PK(roC!{@5rIzq4<FjU<=iYr{o$JaZlNHu{=UBB@<v;CB
zPh^i58R!Rs_i-VEnjxI>J1-Yw!ORC=G#mnDdeZWYap_%tthW?`w>|wyEk01sa(asA
z9mex^8|US8=~M0VJe99HmiHOy{_XHHpLvS6vIHg6d8*V;)g`lq5`})&D6NDnEz1M2
z=nM#fw}8ytX189=tIk|H+xpznpMKl^rdmT&<iuEJgTo%5u~D_sjk|bO+f~xxb|D7k
zmn<39#zk8hABhla<yoaHx$;wPc!3MmZonvQ2!Lb{w-O~eArDVY$_p7np=<NbjGf=l
z`t30k7zXLL1EX($Zw0~BY`s#T#AQ8^d#eGdmx~r00Xd%r)>Ex3z~G;HaszTeH&0D(
zOs`)^X|C<pIG~o<(W7nmyO23FmV%#N^-O(fI9IJ|Cf~LgG=}OnN_8xhbbOj6JALD5
zas+`xioKFLty*t34hDSXk{q^?lP`i=?8~yuaM9X;)rxGyXbrAzVsaAnPahSXPQC}9
zS^w(7Lbal{cqlyn>C*LZ+AFQi#<BPz=|~${TAeKqtJTQ-@1Lecpky;Q#P?P|7}_<=
zZg}93%2}$DPKZAD;*ygOmM1eeT3ROmQ;q*#BHF&PZYvt^Q(`|UnL9|=(kUlqfnEQG
zNjW?f_?{*%W+Yfnskz!<Sc!}@ElWwafblu@SzIU{V~L@g@a@^7qC|50=WLOU8+%!U
zZSotgng0)r=h%^bZ_Cd1`@@f*3|u&cC%(&F%q#iDLjF&GwJM6mtB*}T6-TWsR|RQy
zfry94&nLJ0hX8g}RaHr|613}3-F7;1Jhk!;J!T7!2ucko35ji;Yokwq)EMM+-6<Uy
z&mgj<&*u7k-QiG&3L-x(|3+N>$$WYA;YoGk#3~L3Oozrcm#%tsmBY}ulDb=j`}@V1
z8Cs%OixQKgre9@m#zuZXLmk%|U3mq=3@;8&=f*?FHY;Qv_S&lR%QUy=^`*;q6!qf?
zClqKhQ;^YDo$TFFpmw~5<RW4;`7I0D{!uz1&o)f66?|RG_d<60h<Vtp?2BYS!EdDB
zY8dk%d0R2NU8?EY#lVbv9nDcS<d6_t-Fl-)dz(nP5$69ovh1-`vd6F{2II{w%2r-i
zUG#J2e{W_`3|J(r=?GJi;xnc-(;3_pHMX$MaOq7k&R&?F4hafktu#SI`8N~f>izql
zkVAAn{@@yQ%JT83dDw%Lq`rjl%9C|XQiW0$hG}WfO8<*wDMGZL);gd-i*#q7#a#Yq
zN1vF6I?Pic8P@x~-1*TBgtE%w;3o90_|VNo1?|XL^=bnm`k7~xXbx}%b~I?Erp@Z+
z7h9k0pbns?ZuF-61?_T%iE4G3Sbt@z+@O;Pe?fF6d)r+G<)QX!Jpw~&P9U-`NnU(7
zRtC0=7|}@aJnq!Kp6$oBPJ3eb*1~=V1|~%Yv8h=c1=iW(xIiJ(k(TpghP92Du{BLr
zP@w><EI4QT^n5YWFMSLEWyvx>{NCc~N@Wl^-EmtBH*0RU^2z`;h<u9B8(~oE^R(|D
zt;u0`3<-98_ZvIstrA@4X*Lc4^h1wz7S>@OI?#qq-`Ca%=Dnt_npu#|%K-n?*Fkg8
zV`X2(;6=NYgPhvj<<dS1^yFFvUk5Y+YB)73MX0Vg=xcCVlJ|@Ncl&|%d!8}Sc8}6z
zZH+P=K$S)H&%(Ww#7s!(6sb-E3*}P+pQ6T~Ud{7rvg2krP{eo>!2}XILfJKT^|PD~
zcF-QF6F|05vvDw+?doWnvGd`b$5B$8I-noQoSEU$2zt*{7SZ)WuszbrLdm10MzQu}
zTl}r)_r(A8VcK7PSO&Zi!RvUf@5lWWKlONVQ-x)*qal|X(S2N6megs5EOU`$Xefj#
zpfV-o*AQq_XzU2b_`c6^@RfO2zF>NE>O$cBpP$Pujk0j<&JW=CX36amk4M4HV-Zsm
z;9=E))i7tm@|UWDhB2GI@2w@%p41c|;C)K0*(Y;<o{}ISA+wTIy{(}ar7(`sb&FM9
zfOKWP0>cz3;>0L|HbvCTWYeXWn|e(v28OWyz0j-ru;oID`wTz!K5#jhTOq(jy2k~y
z5TjeS!CjpCzi15BDvH**uGJGuliV$H=L$i)U!s(dX@g8KlDHb_QL2Sv!`ztMD+Obx
z?nxH7(|e~NF8=u1s?+SzQQDnze^%<64!Fn-c|Whtkl4>+zK7-P3QbKoKm_`UQzko&
znml?C+v?Ydv05G2T%xd0WEliQxJ>KxGfkkDHhwVf{_jL@L9be|$<Z`vmN2C0Z>ma5
zow?yZPZX?9b49_*NwC`JOKZiV?JQoQ;_Hnv-?Aot^dt9B_V0_nG31lw9xY4xXRs20
zGiK)gsTox&7W@$Z!QG8H6#UIbQ@vm`f=CCUOj?BPaDF7RE@Yshq6Xr(DhP|bx&NIv
z)_n|=bl!yRYz8+Cy4e(4c|ig8Nn8@nCGX1um^C|GWXtS7soB;E+!n*&_R43!pUSks
z_kP8!si7(&(0RQ5<h)Y5QO+!;yO4XacE)45IRwTm2}Zj4I|pXz=J~8ZtZ8N@TI7ru
zn8YzSVEfO94|Gpn5;2-#Ub$Ios0!vrc=g2J0m7ho-G~5h+C*#Q2XzcpjSO*KrOp^U
z-kO98&?A5Q2NN)hddwoB>zpj;<MR_{7T$9QPdhOkw4T%79#2sfYBh=Biz#gEr%&mT
z&Q)Z4O#UBO=d#wg*fxyLmhDMLvx$s9>dilLm5ZKDftZ+r6Z~cE1uCj`+QFFi=?RJ#
z?DS)ZOz00s=+g=+h>Nv<p-)ewtm4W6cfAj&1DRRhmU^+NwCwJ|hAmEZ`A4*qbYU0|
zoy7I0bF!&{o~$3)uv4>t*c+_aES(_hJR1ay)F<_h)onbQ)l?uCm>DV#bCB9uoItjZ
zYm2u7BD%B=`qFmQQq75wOG_TGvLMK^GllfkBln<*i$sSS98m)d@dRl+uyvcGqMSto
zl_L<ov2<{ha%!x$w$f-!W6J(0;f^7Zh%)Ajf623*nO)WNu*k^CP*!Y~S4|GKje_wX
zUSGG~&CN?$Bs1ZeO%k5#pW=IO`Z%BZKuwK~oM*Ci_+j&$BYR4mVrB(fwSYudD(ja(
z;Wgy>ALZv~GV!(@uWQ!ixGGmlb}@=stog*t#AwM_V@qRXc<!!4RjSNnq2DkzB<Np|
z<3sY&1<$)M^r6A|dKD2?nHO5L@?d9wZE*e>_T1MJ3cS)7+A0T{nis=9p#XQd2Za7K
zRby4v5*N3s#qvEfL@}F16nWl5jkNB!IeM%2L9L%h0Qh!t7x0pUnOuvR#cK0@hc0Wf
zTTFqz<zYk`JyuyLD-|6bxr!#7pl3F?XxD;lGTB|^?(gm_GaAyxB>-IJ#JB?qq5(*M
zN}3uFOjNElVlZ|>5uIodmWbg8cIqk(=&eFT8ZBzEbQ}OwGc92Sf*D>B(vTx(n)6yt
zqeGDHgc*z1GpUW&ljLmNvs~f%VCAY?$Rwt57ThwRt5!6*jcb)7uPc0Sdz8a^K#CQz
z|K}sJPM86JpfstAG6t$JSnP-#Xmtp-Hs_$}1Xza!Xla?1209}_POoO368vz<fZEPh
zu~kFv=}KvDv0l)(R94m(U@odD1vo#GveHF!hnh%4fpreo%S4~7mqWb2`rR^;@Renn
zIPmADS)i#nf8|m``H(CLA@6W29{0Z^rA?p7M}`|xh8uNYU(~J#_Bd0<@V}9lESvwD
zX}imd_xL?KqOeN%rbW@HFC`^NM5~jO8QT$vrNV8EM#6DP92sm(B21H}m*n>(!FNTl
z&Ncc~qRo@iGL1k=Bu@Uw!4ZzI1_`?Hu>2jNaaDNB5@jNs6`MhJH&+rL&+)Wqh}i-U
zm#7vQ@U3w^Yk`zA(T*vDI6!cr`V~tl2ghY+{%7aIgA<q6DQaJn8-NTMw}+~r*}~Zb
zu`R-a3w`EUO0H1C2Uwvt-(EBP<1FYFBsIfW&FrS_QpHKU&a<+tB!d-OB)$Hde`GOQ
zbTyNJ0Srm*_ekw^u4eA1!Bi_8+=32qLtW=9?Wa*-6*>(EZ-JZMt2S?4wbWX3jnny0
zir?FV9p0=sp#iMg*w~paPaK;i7yY9X#NQ-68-V;0urhPjijBjzuy=4&#X!Z4b(3$h
zU}R^EnMtLbmc!nLJO+kKQCN}Lm&##We;AFJLF;7MzsP}RtIjSgj72@J=_hYo8r={1
zx7hfZBCdtg0l@eGIU}F|%>?|IiRLjb-PFLb4|K~f#vV5^!B}(0%dEa|JE~d}y`cW=
z(JA^}%^|?%b=81(SGONHRxDA@?gEE4SRXKw7sbohR3AMHXlA#)_HW?Lix|{bnm(J~
zYjs74_dPt;vOgpF6bDm<E##`v4qstt<yPzQc*=ZYv4e$&u|hrPGv&eOL|z4MTS^!g
zh_DheiojDr&VL8aDoMQ{pV*iCmin1@xfhx|2ySUD0m`Kn83}T++^7|l_4<_0JUT38
z%7id?!5&Wa5vAw5qpH4-pC$P%>YKSMCWA3Z#H8}PhM#0%(ehs;n|r6O_Jzv(cXb4D
zQLnK%PIx>9FMI}R2M$;g6GPKWFpav?RS(|4luRFe=M%X#Y*|XZOf{2Xx(#!GS~Oj)
zpzmrau4q(syCHVXhpsdbjzs>YhlN|Jqt}WT@5S<zxk>iFUIaT3aL)c35nS-m8O?tr
z*LIf0r*m*=-Nu`RJA4#iojCU@$+JO*#Q^ex8WT@Bog`l&UXsNtxJy5XblX>I;`nKK
zv5?l?Psfy4gIQHSb6(3Zz^_5>lmG|HYPTs_<F~^*Sum$y3bK%gsElzj_I0@s!Gxz9
z*5`w2lYOl#Pe$*Jqmq$J<#Va)SKBAC{Ls?awI|R0$DOj2EgXNI<jV`JX&dm0nn5a)
z(UNsyFLk+8Cq#RV>>e3~H?jhlz$_nZyBpKfEmBAEaPa@!;rl+W0%##ey&nG~1N#Ig
z-tJ!4s6EZV=6$*jWsO}r`VufToGwyz7s$bQDIKf<)d#ejt;#w@U%OtTCTGm+&{5nn
z1zrsg9(*s^owvUBd-Nu1NsH06R0(Oj@|ML!VjNp$xllc-;FhEGB*$&5ODS>zK-v(~
z;+)LB47-EH$(0bzVix+z1`3LD%bCgLICDp_-e|0-mN)}89v0cE@*?ouD=PHzd!C$%
zY}QnT9xKrDas2BC$gZqLk`M0T*ED2t65XBgyCE(_5IX-_4l$t4mZo5fvMd%0MH{|a
z(1i>W{kbWl`~5=xwNTXUbP_MqpSn&0_F9a=XuG7NL*DOxAr)0ehD<GeQpYEUrIs<h
z*$;XG%wj$#on#PPfb*BVje}fy1Hf`HC!|c2d5t;_z1-e-YF4MWyI8=?tUggn!g)zP
zB>GGgy{NEKotjE&VU52mG1>>vT=wceK>w>sI?eg`&wNrND>KLzM~u9%f`<{4+E8rv
z;-wcud~MivE1-2RZ~Q!L5?&u%W^y>zuCo5;;y12th6@sjKPQ}UdKInoJrUUMjeD?F
zvNBP<e}KkN=(~?1@5VjY0=^kjV;w2~z^(2`tv*QCwR#<bz_X>w+i}SW-+LVFiQ&Ek
zDiF0_O{ND@sw%3LC)0v>PxPO)WUHB~aD{A>BCAm-eKnu&PM+Jwxzj3F{+r(SVV7O0
zO_Z=QklS=IDrH+ebF)P_Q?HsC7~YX5o-c_6#UV7IrU7I&1F(Fw1GR^PYBn8CU}v}Y
zv$wTO9%iROu@{OMft^#{M}Egj#)Y@s(Y<mbNtf&!^=cCnaPxiDWEbkFHpqaWjqfHO
z`6Q9OZB_eWb&3n9{uia(kK!FX;$E3|hb<o(+ExvB$D#NF9Ow$7)!WeubC(`5DtEV2
z-GYy&-)Sspv#Z^`h-wYXh0hjQ!r?1VGO;q%2+q~{XDKbR?7)<;(^;}Hr*%nKxy)$R
zz2n?0(O<<us`!+K>lw28uj7$OqvSDVW;w3>9<$Yf4He+VPkA9^haM1uZ^DrrA*k$M
zJ*WZZ-V^6?qx&+e2Cw<_$_$hSyCqbklgp)0hm<<u7$`$C8GKU)TIO_Z`Zh<;?{VI-
z$r`!pGLiMvrZ$i|#K-ByO<`SaRyd|Ngl~_0OiWdqmt$14W52LUumbVG=4C&ca#t^2
zr{=jE|2f6qTf~ToLLl!BRmCxWH{F(H9l{?eVt8M$T5WSAhGgu)NnbC!%bnXt;q2O~
zN*M3L_<0s~oKfrN(gzUV`<!wjQ4fazJ0x1jUNzG5BKhj{d?x5`5Y?MZR!Y|`2!II$
z9FJDkQs|~D*7=BrMpx*KX5a=)<|7e17hhnDS{WF232``RcnaO*b`{j_bi{T#kGv3|
zs^kyqK2*uDvjwzDU8S4p^t_=F03`v8xsIXB{lp6&tUJiVc7U0BD-4wwkD|@Qx|%EZ
z(N}V9RqcK%k0qqj3C`?MI(-aj!~~q4pU-Xa-ey!p+$QCS@nSP!Gczm0yRSS=0DF3@
z&JM)>SZd=@Yw9SKfQ#5fk3<9qGsmyd&=f;U@Zu<I>6jk=m25?cvNAW9*}&tq<ndE9
zlh64&bge6U0Xw{Eb>*X9CFRmMWE*&)-|fEFbxELzdn<+9>ahN756p62p5sYAIHCym
zZnS88Z{c?rwd>scg(;N*rpNeEx0^^l?|5D&*4{3e`A}Kh1|^Vw*|ZULpGD%c>D{KR
znk?bjgDEE`SCRk0qSt&v7kw%~etxBz`U@xUz~}z|Po(@$rG9z8V%QG)rk{`#%T=Mv
ztmjNOIv)vLSajw;wqE5&jdt(MepW=jl+r0_J-#>k)!-rU6@dP7Ri<Pa+iKDUI)QXH
zf0Dl66THW;ESHL;#UZ*1DYgdvOk^Z9_e>^=TUF7ot!Y;KS!|*_<+>_6$XR|6cHito
z;fUA^d$)D{<KlS!y8z*4E~<^nkLnBvFmq}24Ey{x#m<l2mL|}`=Urp~9A0LN5u-m?
zmk5Ujm85u;8&83U23!BHmP6<(wo&uM-g8t(+*&`)x$4?8_KyK_=SSYP^<cPP>%%`*
z{i8&!+SkP@SYieP-KCxjT&!HthO&A`ClYcl1@wMG`x}Eclf^0t_+(_$4>Pk{QJ%F&
zH5k`v>R4G@YuHG%$jHjZSr(DeQTHzt-518PO>s6`cSsMIKNQb!dheWL4cxp+%1IU;
zS|=U;(#gO;Z?c6e7^$<61iYBHnE#0`#=7R?;wbld<pSC&Q<l%j)bI&v;Tk+)=qrf{
zH*SU`SL!K>;Axi|Pn`Q^WN4M!$SARWGVgSK*~3JIWUE9mh6(npuFTy#&(^&3YP1pm
z#`p(-zb3ktrw6S+Lq_4Z+wdnmjVw`|jWrNw5wCyQK5v5eJD}eW-C-yXHB>5!_HX9)
zyVpPM9pbNOfc>S0q$x{u|Ff@s>vfa)<u68ep1pkPEC?cI7&06nWZ)MDGb}+dXCAcO
zG`L?xL<DrUv$)%<zbmN3<!Yy<I6@8~aG|#0l&Gnv#DdK~zHm=5Qpc}Je$CZd6-)GZ
zu&D{yd_3m&?1IPllrmbWHtnx4#Ic9h=xD>f6MHXV9T)Ov-Jq7A2<wR2*^`y8qv@IK
zRmblS|8{1FYm#Q>0QT8#roQ6PPVI@h?+v5R(+xt8$Y4i1D|?_-t$Y?-*2L{N{Im}@
zOPhpNU0=Of%BqfrhJDZ2FTV-pre~#~lJLs#3ANgNPCy;*ckuARgois6jY>$J{no=0
zG4LpQq=YakDHs)1#ge{2?}Hs{MLoS5Ys(!madCiXeNoY^;W$~jvCIHJi+~nWr0tGB
z`gJU=82q2p=?Y218ofqr0mxTKcNy8@6x$O0RIWg(pbcu_LDF;;H+=$R26}i)aDp}E
z;Rv1^CwUQ40YFNSaA8_E!Cdo2N0|?JUSc1w&)+ahwPgDV*df#$J`X{1Ibc~s1H{aR
zk}vg}#_xaAFp`Mu*M2!&y<Tj&NZkwj*F@TN6*QxeCq>6U8@zujPRL+hBoSbIb{4JY
zd#UWM!DAseA#BA4BWC92E#51QF-X13g72)Cua{XIakiw>A}<JFCDVMAi}Ut}amO(s
zC=1q-m{sQYB6mb|;BqJu1y(K@3Ie6JJ`T^c)YS{+eNTzG9G}v1{0>zYY6hsvf2h-U
zJydymdgA&sY&-6}eIpfd1inr}y4>|pQ&m^ZK4d?FtulzP_Z+9-#4mT`HQ=~ub7kyM
zu`(7c1oJiRm;Hq4^Vfw*OL=^S+De5vG8;rB^u4X*y6Gc05%y|1+X=k_(*db4h^bne
z9qg|b$KcccDx=mR%jD052_}@{Z=Ej(2{o*uQX={5zxUU{Jv{a$$r54nl(L)`&6<<c
z`9x(mo@H_eEQD%yt^r<SKnA0#sUfS94Q%ZU=uli2c*G{~$D6jv$cOF*$EGUk_LrJG
z#@HsVy@vA!X9n;7x^<NZo#HCrq)m)W1kCL5{QSv~PfDlDEp6GEHh(6Nr+nr8oTfCT
zYJMTS24v7Fw+q%*QPL~(yRGFfj6Sn!LnxA!$R}8K16*T&%XEmM6;MC!6G9xTrkKvk
zkGx-B8S}iGLE!#WGRF8f+2%I}(e_rmM`(zI!$HDm#p{9oT<+9+euz0!SzfaR$TlmK
z`PlMr-ABF~2i59su!?Zc#(2ehpx)w5A!OY1Q!_HsfNpk94L&Bq+}mGm5X>>At~v{5
zh($6Cf5v5R$=kMBQUSw?dRnKsic&1XCjZ|<UuH5&71zb%gT@Uq--<b%Yd0Yopw6O+
z=_@-s(dPaNwnJdtKV*g`#qA1vKf-t3tvbEDY`wX8)6A(VM@A<@t!^@CcGP1YGUgf6
zkBvodX<j`5-5!qg1<K?_p$wxFuvu+%r7zkBI#*!C>n=x^sLLW)XZ#9ZJLqj|E4MU{
zg!A0I>-6DjKch1qKH*NbeO2=vQZjO+Xfa)^)+42ZSMyyd-I@Xn6J_h&BA(;hB=R68
zU{{0cGH;zQ8ygD=T*vIbeL@tpU3qBC!(!HPoaY=$Xl8aMFN|YN1L+jz7|t%u_u9sl
z-BM08fGU;)r)o>RRjNJHvYc$T_V$<nwQ?~Hj>edZn(}Yw!CAInBW*}6%V#<5TGTi-
zZS_($rAlLCiN>Bm&1@YQ7w3|23}XNRw$rwG<|@1rb*SA*$^_0mOzt~)hSOmxbkOjX
z<<^+p={|vvXvbxze83>YK+pUO=O&k_u6NllX8BnT9)-E<cGm5ae+kL9JCQ*?XFfka
z=gh?;OF~~%G+Oi?31b=35ldSw9R2I)`pkI~Uz+!cL+72g;ar#~aT4bo&hcbHbMPf(
zm6f=%i_;2HGXnYK0Fi(=ie*D4F(ObO&t1`q=*Mql%fEt=bYCj@)!jEs+hKXQKbvK%
z0g*-`>PK>7O`lVN89g;W+DbLE>wJ;o#NmAlZC<yg$NYN%?Rqw^4|5LKYB2YD1J2;C
zUGE_e4wsv7nRo)4CQ<NdSaG|52k)?2>p#G$H(Lf4ar*b`@G=#m?1_Odv@OdY-Ygce
zlzkv4MV!r8K_*_9BHE_)_N9(8abULoh;EMD#JRNSuKvaJ7hb5|v_52bm}0%%g~`s>
zBdN(DOBRkgfrE6w<BO}`=K`_1L$t2+Z*9x%x68{$KtLYUPCwTIcfLc@DD3wkNB!GB
z23abufX2JcN%UtBLx*0AQ&jSU!s9IsZsUcLYU-pkEh^`PqwXGpkV+{C9$7eeqIbhf
zWW)PrU^#|;&Q~K7Fz3KkKr+a;K35KJxoFME{F3r=n{n_4Q|ADp(Wy9Tc$GRd<esZU
zpPh^1-nYtUU@J=}q3aw5k2YxjiqdiSN1Q;B)IVE0Sg`-|ZUOA2@M|s8>I{4Sz*SdX
zV_hv2!iDNckQWOR4}?ZG7)8M&dX~B-Wi%>aI2}vw-_}aoyvQJ1Rwu#n8pdJ*w2U%;
zoMg6dW%?KaW#6}s(pfP8Xpz4|)1u(O2U_{pwrVvV5SUkR!Xyp{+J&P73hp-Q;sfF9
z7;oCAQhbeRbpv52PD2eRjR0<jhko|Z^!{7|e*zi#bcp**cteYmj1wfhf<eff*doDv
zcMVpIK;#Ku;UB`~<#urm0fa}+VIfwI@a$(!{)P-|$$lU)S%FvMH|pqJdb&?WTX=eV
zV4fX-AE&=z&+7-ab8K4rFE-FSQZ}xl&n`ONSDFvTM7M1Gj7HVi@plO#kL|!Mq7ZxY
zMwD)0?VsIoYP0*%xd$(Y(796sCPe}3pi?sfWvVs<eSGn^Ch~*Q%Dp^Hc$b*mih(C%
zJ6GXPHZ-ov3Z_}$D+s5XB_OJ5OQ!YV<k=R2V}WRm{^=}Xj4n`BEssB{Hc<yJM*t5|
z>pH1)x_{i9!2xEldOAYCnLxZG8Qfs%JOrCbnQACmwq<&jPB+>?ra<m^7FE?x6LX(i
zT`xC5gvG4rmNIwzQ1v{XX?^xuJ{6#Rz>0Pglh|6yfE+3&1LT(Gs>Lym{Rp3<;x1dn
z2yvr$;INbCdnFh10&*6~3(`#R{~q}9SAUlglxb=yM3IJ?cERe*wFi7`FqnL|=WMRv
z-7H0sNy&%3t4>QgN|!hSu_aWpG#ncIkq2T0M%xdLz+luM8wk9S2VZZmO3%C8cEVmu
z(WJFncLoFn&@n-+xq%573S{1sh5#T9g_U&HEUWtf%&Q;k&wY(B5t342U%Fq^8C)de
zH4Y~93wnYod2suqJx>RxB1jM$zCo)WgL<$e8RZ~4nN|7=T{z233?|#8s~9H_rm+-p
zdl%4irafQhGbq7H&|>3-^PTC3vA{^mF_+houZCUEVgNhaTGyDs<g8os*P_HV2emab
zgXNK2n(6YfNyCbF3he%xaJQCdAI{;2#||e)craD(7Jh=f6*{8~3)gp12&-5M&@q#9
zU6UD&HgF8Hpl*m5jB|<QmM~s!ZgyCV-hFqzw9pDT$3?&ofKPiS{R{_P&oM20VdCKZ
zo&oIMgb#pl4N>g2c^Q+kKpEVNL7S+v|I)X2zAAPRBLnFToPBms!z{w_KD?A*sSsi7
z>P=`OVvON^c=^|+uVHuBjsB++5RABjbOH+|2nXa?8=F<4sv+|_?dMSpJ#S$l=342z
znuYxz649ELiw0@0e?i1grMMt|Q3o#oV=*ZgW~52}Xe&Y8YB39;Gy@@a#J;x+GTqxa
zotpB7@|AXsXh}&?q%G8QdIG+JhO0|ucr8t~6YR1`C+1c!&5Vh{qX>xTdt0)jOpq^?
zbwqw4R*<@FFlW;33OXRf$D|;p01Dp3(G8}jw+1o5=VoFBs)o)rrE=^qd&}eO>G5)b
z#%Qy6_nKIT8*^-IiJE4;^V8p%F|)`^oDJ)<_3E|DEa&HrP8@reEsuI1>+l*zHsrYd
zpwyzdg@>JnqNr3cW9k(24r6v9z4Mw2FIZVZ9<G*6|6?M9;maWq;~oOntjo8htU(ZN
zH^Sz&0XE0U?<e{=$-4cQ8~&NaICvY!uKPN;#!GO>pMn}qoM~!H)n8VgF}42AF>Xru
z=T=8fX^15@*1l?B^VOsmn-!neH$zQ^U>k*laZKiw^47K|)8R*tR>x;s3ua`d$#5Ff
zAkK#XGN}01>W3hS9jN+E&?2@6%c6U$b`9k!=H%qn-+Q(+6FjCiCk`I}C)>Hk4+ALE
zGdBoB&S%7TNr}GmMIBp`RcYzrYpFvV8g#)TrKu*xN^+&|x~j(xfLqNXg}@^l>Ve8^
zGG~niAU^uuey24I%Cu_&hOniiTJedg*Y83u(pEcW+BP_x=s;i>i~(Oo__w@qS~_`B
ztPnK$CSpBXTJ>6Je7X(qV|ngbU-fTq+L^gUOsrDeG(6dV_)4ez{AEE-ENa_xE+JdK
z+G3-I*<<VC46?lB;Y%$y7wy#&0@;Yu*v?(~3Ui~)>GwCOWGJKwN9`hD2w%a05NH=Q
zleXwETUm;Lzcgc}r!o@`(@vm~b~)sakC-!dMW4EbZ|0P?nN=ROBg5n!10#fgu50O2
z3eVbfx}F2s<S+#9wxR8KwJG@@`D72jBY4U)TF6eJDU}+S^Iui<q)O`nX!XRVapVD}
zlbD!j&b$;k@iJq%GzObjT%e>dE<0RaV^ay3icHy62->F2JHI21?aF~43E&l~#+iHS
zeGhi5hCo<%hh?fQzd|Va@dCt#@Ea3{$jrv?UD}`UPfQFyUti!%;z3#8TMj?)gU9~f
zg-`hixoxz~w9#v@U*Tdqq-L%<KP<E?JS3X|El?3OmHvhYc+8#!YDTI;|CsS*A8VaC
zrIEet|C7+)IRDmLV_L|r4nykxGHh7=$996%%|5E-e@t@!TOaCoilhN*odOExu1N7;
ze9NHoKt^-ZTjRtWpXTsc%et!9X)?{qWJiOTs}yWnDhlUv#Y%BzwWCh>QQzetzo{+m
zsdc5=!3x=J#*7d(eNv&}n<B#Mu5n1}v#NS?*Wt-=#|fw{uLDxJ7~n}`_siI7lr<zj
z%Fv(aX*lnfXkxAhH~O;uby8j#eD=sYbFLpW2z<17J!U6MRv2J`@EogBuhlmLL(*v_
ziQ~xw*n^oVc1!rXJ`exGV2X(CgAJV$fAr9N<820~CNa~L^O~Hie&k<!o&C}FWluck
zHMQAj2Y~2-WdjA5P|Oz?jgZks9-(k85^2^<(Jf!DapaUE8K|&Mev{y&Q727q9W8de
zBc{_#<}Vm?m?6T8NTQf2pilz;{{5>dGG*vFf0cQZspUNC@(s%ArP*NS?V))D<+ba$
z>Uy2*xZ1q!y6V_UC6P>g)Z<i8&2#XmP0bjK`aMpKfmEF3l9taRdS^G5h#oZU`rf}N
zG>iVzi{hv#+4aRtnMWDP{X)GX+#xUw_i8kB?UkHgWHz;@``t~yRK6MBG@q7aWC1Q@
z?q%hSU*ywGZ-`v1bY>8WzRMhxHA`l;&lMfH()f$BxSTT{`inEeCXmGSMX79gCW=`6
zK~cJ*r1QG!9Lm)YsqVW5I1MOzfQyhpXA`$(-(WyAGIU0aQ(UnjJET<Gbll8yb`Jjf
z&$<V2NHa+l)DkKgZ6G4#es)%ami7dL$ods=z?{GZc6u!eeDiX&KcLv$aRix2Fjhqr
zmNsIJPxeA=O25%{0#=Ku8YZ=7dn55`7vYQ7vHfEtBWs;%^C;H$354%y(rw1!6j?8?
zy)mlMPkFAftS~lJErE53Hi}|NXq6O{+|N$0LMpkbS|;N-p}^C{O}o-!h_M|md?=e|
z)F|;w-D&XOp)BGAPynUR;&J=PM!u7x3WmI35fF%DWEajxQu#P|I2_KB4r2a%B7iTD
z!cIEy(W~bpe_9)BO-RJWq^3U6)gvY&wPCYy0T+qqkmis<qgV@8Nf}IM7+EG+n?`+a
zoM@PksiS>=_u}v6|5(7VKVL=?ZXn6_xw?|y{(KwQGMYNDat}maVQRMvpJSDTgVLA-
zZD>YK2q{X}G9k53s*zOXrwtt=6+{M7(CPgaD7Q<uXgs?gXjFMW_l@-b?=Y5gzDul;
z<Q5Ldh178d<%WWlK$^98MEht#LCVEudBpok792vLECF<dEF{pNR#`OnHAA4J9Q9RK
zFu&|gqU0HBZ%z!uwd)BMLnx+vs<aZOsk!>5m(v^+xO)NDN3}YJ)>>k+25VTDxP2F1
zE!S3FeDdKm@6R)|<0r~T4!haRPk;HJ(O^BhBlo9jG1nv{-Oea260zs=gT}V1v*3@&
zY(^|?GLYE_#;|aY_es(KG5ohMD!1CRDUr##E&qF;?nQfmH}r?9ha}dH`ZF9z;uV#U
zH-lmjQ*`+VtWvYbmiZBuQ;R8TQj5nL$&FxW^i8prN|SSi>Mzg`sIkU<{maQMmw8D+
zz|@dEY@Q>8@`0*m+Ov4VI5ZoJ{BX!eOfZ*UH$TTXcMMW4g!X0i(e);m=V2##@uJ|g
z)nz4deVS+5E;H?ZM~19IR4Dgf&k)w6CIDff)F^SJvDPw+TvnuMJR-S11n_h09&Tev
zdeBtSj@#DE)+aI7+DWAwA-^64$bX+m-3=1MFWJWPKXn-=UKi<;bUK!{BCkh$#)08m
z`JPRIbm&^zS|;+7BI4~yfy1)>EN01ka^xL?tBu**4xk-V`hqZpc+=ApB7_>}530X(
z%&=Hjjj+zUqGJK+TK?Vp(?8n1F4N6XjGfPrQFn~i;x5t(15FBN!OZ&OVPbM}^zQDX
zh?HjhBeU6Oq!LI!eX!)1uFXcY_}FV>K~{z((M!AA!z?mZ<r~D_X~v9Eze)Ma3V7PC
znf%||o`~vMmngx^g^uy{w#F9M^FnEz31?81TwU7Q3ia~o#Kb&iKkH1YiJs+?49Yi!
z8Z_rtc?lxeqX2VIclaA%q)3;{vOLMq-KVnBB#E?rTW!!`-m&nF$t@{9&+UBur)lu0
zn2o+TWX{JEf6t9Pt~d=>B%{<e$w5X&THj;|#5@C)*f-KP?hrCewUnmFY6aPnIQ0DA
z1(t0iBE<?%ObI<C#8eck0jaax)P`fCBQ@Ipm6AXrdrU=o6vG=16B;CEk!a|9mFr>U
z6tH)B;m`9-E^x{5Vc}xaunNTJ$KDE6e0Xn`4UIdT-~awRH#r}&Ty4jyX@<o@5r%b&
za}AWV5gTrH%Z}!eMy}68Ah^QmzaFSuzRB#4X>MkNjg7*zm%@Y+w&gQ9OOte;akE1#
zC+Fx-oB57?YN_bcf*~%KB?@;j0iltyn=q;Lr_$f#In4swC>7}9lp8{9R(O}<WL$8g
zw|>BynZdm{a6Q*qqO0{kG5Cva8xk^zFFOmyE~6KlMm!%Eo_(|NJ6}eLTDcekkfRPK
z2O5Q2GT2(#_Ra{0Mxpj&lyXB%&cd8}f9O*@4|ihWB?h#~W@3N{#~@R(1cNO<?pWx!
zp98QZ&in5=*f@B8!DM7xz`kRJ`(Ny=KaX*IjKt>W=Oekvbp^`jbVV5_dCMxnab?Lh
z=rWE%z(mjRYqt$q;Ee$hi5ZCvoj%$UI60k6ap$fXJjFiXQ|-X7cg;QtC5ijXXw{bw
zePEjp|9J<|h-qJOY~gdUB=c%p8{z87{V21u>?_Uj7{s(gP_AGTc7sEzXrdY$gL7bh
z5NSfAB27=+P!RO2wgJEEZ&&3-a3nD%PV<_$-=@(+zEjh?-k)YbCi$B%_%ivn{&Wdr
zKN}EQM3Wq`x7$X2+`bXCfj8k^&<Wi^&($b6=ODEs(SdAjzx%?NlKjB+0dP9|=;5*x
zyOH`?$@b`x2byL&N6aBBgh}}hH@^T(qZ#||J;C`9`+vU%HZD*EL^kZabpNCBOMDS5
zZWiG_G6HMpH{VD(=Yz!R=o;KnmdK=LX=a_r#|L7OEp4SruEA}b_vRM0cahm75lxPx
zS&5u4aGp*P1xQ%|qlr!jrOxS7njBYEd^}i~9FwH~(ucum<&1iRC1qaz0?%YQ_)0Ff
zvs;WXGrt+NdW4MWH57CxDW_vlOhsa0oXPwvnsxCPs-(N><3WPMG`E}ExFiBgh9`r2
z(9XOoUkv?wC4F8ym(e+8HA3@2T+`71<|G5=AJ+iGF@?TC2Xwe4E{FSZk6+r_)5Gp@
zir9&d2+9e4f{Z-K0?fwZ5XW6RRA%uhS)F0S^DI2RFQqNJQK28}qN5_t=5VGp)y0c<
z6kqF&9pb4k*ne9p0s#2_k|KgCbDlR!5Q0)_K_s`7?XEX71Jcq?%tZ0uFCXr)ke3$Q
z`(?!3_d4wirs`pdAW<-RwtFuTX3GrDsBdSG8XdqA1+#ui2DdAbii+tboSGa;zSYJC
z1Bjm1BfG=1v%vGSQ>xIeEY=eKH=gYo!s{P~dwECsA{YMjVcb{0Bdz{c1I^ffC!>Wa
zk**4>!~cAJEPQ=&`E#s(wp%>*bg&7cGB+vPyTfXa9)xNxkfJhNl8p3YpDa8{^8eNJ
z6<krZZQBYcAxJ1KHO$Zr14s=>4ke9rcL<0ejnWN6x3q+G4h_N(QbTulcf*JG`+WNk
z?6vlFuJfpC9lOIkH_g-<u<%;zOF2vTmt;-yN@fLuUs*O$m{KIa%ARCF3lIG8Y^l4s
z(fKF&I*Ss!i}Hy^DE+Y8s<6<xE*@=bm%%2FtTe-S?l($lDx}yEKe#5<5lzg(<;x3+
z9-@Eb9|0wu3m5Zgws;>xX+~`;{}1w>_LYX{(({h|?@Bb@eRm>4KCXD_KIdem9;!)m
z)1ex$S}sK?jI*;5%$;XUw?RjFXb#b^8a$jHaDO!kW1pB#DTIlCiu;2VXXqT#EO-hF
z6hpxp!Ag?|Z~|}&lxAi`MiQec#~Yaw-ZoppM<QY&512^joGh)MoJG<I%SV#1ZoIrw
z?(UT8>b;H#X6PPdLvl+Aqxsg7>UtD=pIVDgmE_f5?(N1lU<O~^AO(y?1>a^RK4tpv
z%~f>p2;KkaM>&SA6B;G8Eu3oLbzWMaqCzwOTZ~oe@!V}eaWyR*Y8p&3^me?{Yt*wZ
zgaFXev2hGo&*z7!0xa9<3v19f%T|Sc+BQSuwC^4UdRr&diIu_Cgy0xFHz*SK#C3Ok
z(jgL7BO@)SzA7@e3zz&_K-K9y&w0HJUE0Bs=XM@Hs*0cTDnX;o#00oI5{cbtDaM?I
zDHLVc>k$_hh>KDfZxs1_IVFY5Hp;U5^vB0~ME-xu@eeOV4V63cL&=fdQ&DHDMop8q
z3@?xSZS`{KCI=h?2v<aRU*~q!8^sgS(5NlBK_{#2M*A?<VCmV4Y@are@O+@wxLTGE
z<9d5r$QKfRx7Vtsfw!`9GCPcgUYEeWtLI9RlN691j&2K!mv#vL)Gr_L?!Rk|$;$-n
zR?`T7R%TT_AedD57zX3e=nV5qoS2zd!PIg!;I(L>E_MIgL$<tV2|!zTOoLbqYHnKU
zU_?}<!w_98VxFNxWgXhAz2_9B1lIWjz#s|gx1|y*Dsvr9wr9?>CY2o*imd`(nA(SX
ze#gtf`4-F1L4nw<TMd?yQ&J)BFk}?}^flHTdWJyP?;tJkX4{;Z2275Y@`NO1ll_Va
zMmApOokUdZJG}N&_-~;vJx2@2MWA2IP`twbG=M0T*WnNP>#0;s?0UN%VD@?3j+@fT
zcI6lF&~i5>0c87%-4f9r5L{xXlOpOE9|XeJ(XmSu(b@mtPsz=7@=<`-s!ws;#ashI
zz+W_&ngp6olro-)DylShu8AI+C*fdkh$5($<#j3iswvAz3o|il&{F4h{j>d4sEXtr
zs<+ES*>`-JK*N3jHH>JJ#U-(%p`X>G)24|tvBd4Vox;>7<s*S|YTCflz5KR)N65XA
zwdt%kBZ2&~rJr|pN!KJEk;D`w(OtvpQ73#Or(QAi#`J~cB9_$xH?5mf?DP;sJK<P^
z_87~bJ4gv%D0F+cG3gw8*sYY95NNZ$M|~nD-o<Qi0Ip$c<n6)-{hF)neUcPY2N=O=
zj4c&_41alBBgM#7k<<h!QGW%;jvVJ;cIj&)_@OpiVPiT#>vp2ynf=EA{MW%n4x28!
zfzu`K*=^fdJl+9Q_ejba3*v^tb#4*1%aXkcFf|^X)@*dR8_s3*Ss}ngMD4|_62*hi
z{%m9$_rYKOX#a{xQ`R*45!h|gZMuD}CWoqm6{>VczVQK-0bJ@L_-T~NYw)8@75sCm
ztK*2sT<ZHTt!}5Ho{I9w{=%5+rL%LMc@Cq_rD12W^hB9ov{KIW@%OdwSH6YBbAN-w
zv!$=<8pTPHWXboHTaq?oKi?h&cn&jAM+H~SS;_=hG=3NIrG2k(3VJQIqpVT;iaS>I
zXl@teZ8hfh<JYpb2tSr9La436D0WE;%B0mrfTQGpI1f;f`(pAR+?HFTA$j_vP3?YD
zIh3X-5o+0J6}KcyJ7o9RhqI-iR7>igv=lPJ-xF~h<ifrHKwdIs3Qf6H=lvGC-_V9x
z>T|7kFmNR_=vPI~6h^UsW!J0l%1sfqWgO=Bq|8Od9Th7abEHehA5PD*Q_%+lq~6r^
zQAA+G2M&KJ4h!cCAuHu8@WcR8(2jdL$dlsFcw%>rq%mM#$8kLBHkv(=Vp|0?39bo%
z)@Xy(O?-Hld4#wVM0`IWTu-w!u9ahNZPS@D-pFTT_3PO0JhRNkZXgVv;4#?T6kOD&
z!`MY2QvRyoGWhoXGh46T_TAj7(`HdilmF@X4;K5-?u8GMFroO;b2NGp>sba3r;pwe
zyRVZ8pRJ)(BQij*kAXHGRFT<Ze+g>UJAS#9+{DNe-)EIn%93C3;IgWm6TFU11Mkfa
zlz|~HOBcIeE6P}&2FbIijMR9})}AmW{CY2T#hv`+nqFRqaJqu^8oXs%=fnCW-|c+c
zv~Qk!p+#cPb^bnR3?4BO5+uA}^^TL?8Ez@S$)gzzX8%K}=%v9FsWVw->>OIPHUH;c
z-{6_TZ#&DvGNuywI&8Lx{pmfPQvK$T!1-Hc15#cfH+?_+cacxjXicnmfrbw$e#L|}
zyZ8A|Tn{Fzl@0(RhqTFyH6-&q4DWd!i1O|tR;1|*C}1}n`dcVU<bAx-m*|aj$|3Bx
zU8N}?+hR{-Wn<`8v1R<`=i<>V8NMz)$Ga<&UyyqAHzu)dja17V7V#P<VJbU+KRCqc
z;BGE@y`@-iSq$8Nz;87FPt0J6ixL#Ye5cf{cg9(-VdXEc8<BA~j$N(yI^|`nI23Sk
zhM?@#k6i|{tjoqFz+?+EQ&UoY@aaZSMAYovGT6z{k06x1C(HEm8hT=b<6drbyxK@e
z&f0N|qzYX--pqf$k_0sp5Rg1sizZi0rvI)4N{<e(e=ufKe-%{j*tH$3sotb(v}b>`
z0`X$<%~*K*uw#qGnQ-~7n7H*+{#iT~-I2BHOHf|hh&j6mJh=lq@3R;I5R*>Nt|TNQ
zRuxqpdOoTW%?kV`@Ntvfg{2@VUb8An{6iXl4HT|l5eu^Ik{V0k!+l=(!OWi{n?3TQ
z4~jagLcQ~j(9GbRD9)t?gLLAXjSsM7J?5x^v)P1H9#Wb*zkXr!$)_239ww@f;jpGi
zZ@dNnO5VO>{_ef!Ga4A>xe6EzW?24peabvfk~|lXkAY+SjamR4a@-50)na617XRx1
z^7e1*r=fhu=4_@P`T2C>Q%(Ac-Au1mI=Lq~6rlRKe=&Rbg~8u@d#zv*JSbTN5&(R(
zb%@`&9Ow-RCB-`S6u+n1sK)Up##MS|(vu{;6DbZZE~x|psocsm58~pOL2Vr;%+v$B
zNHroAU~xQ6?9G0`UHxQi2UY7wFwbRS(<K}k?1p+(Abo$OtodUhM@S09qyh}l{n0<;
zgzKULC@{+M07fViyq|d>2W-%qQ`CeH{#iCQ7Vu*eu$k;so(6;n77PE%8MB8W>?0N-
z8ZzhVDSe|<)8!xrJ2kz~bQU8W)a;GtznAa!9g2d|m5u2FQgPH7AY)=xH9)CFZ>rnw
z0(|7FUV~+5kKoo&y1j<wtL$>MF|)s3jzs$P!kz!npc}(-D?KBlO@bvNGEzg<!4xS*
zERX!^h!@Fo(54E)_lH)F;YMK3cdaw?EgO*_sG*3nGoB(HmsKSX@&c8CbEQ+fcvDt|
zNz$DHmGA*R5#E;&6Q{($AAt@L%7h-@&2BnD7|{+-*Q9bPjrbxdZE5?H+T-PjIfOX<
zoTTDHhPbq=%Fv`KA+nQD#a0Gnf>8rsneLzY5r!FDk(Vd1@t8t4uz{yv-O7}$+2_f^
zt`#@pS!P0Go!`V!>L@-Zlr@|{Gr%WV9<$D3Dv)D_zinu((RUVng6Wh{kE1;is+JQ@
zc7ieOUGjxDLrX&oax0r_h3a{fp69CGd(5c$&^_y|thJy`)vF1!m7%6qsqvk##-@!=
ztk(x0*$R$Y*-uEQz>j5Y_#U)II(H*wrGNLdqQc7?E>*Vt^hW1rVyT!=;<~HeoErb=
ze<056LcFdvTC#^&`y6qrA<P+yEL=DGDo#t1XCfFieTaYxXvZp)gO^>-?g`bb&wA|t
zNor==wg+0$%z#90+J0I74mnc^$KE4Rh`Pf`I^$Ph`dj54!e@3!`#A{)q(9<Xj0|8z
zzSR&QH`&O6S14xV)rI;7)6_)pTOGM-r&m6k6+y985p-8uK!&4-?AOFQQc_7PFXl*!
zJr0!`K|b~+mq!wh`gxKDS8{QaDt^y1%&|!|Ll^6}#B90}k4Fp_ym7xyX-UIZcj9eG
z(!#kHIeFCLNs$dF17&PM;#1$O9#mV4Me3u0P%VFzO5pyuyHp6|<Ap<Js#L+Yfd7T{
zN)CAX{tOXW#Dv@O5RMBGj{n04t!4=B)XaFbWHWSieCw0=r#)R?NC)R`*?`_5K?Et{
zk+d`J!v3(KLN?Iod1ai6?sKPsLiHLIQU7pKaL@lyr=jk4YlK>kWL}`8+8GoEcb$)F
zY(}~Tyz?=AVlGtY->9@+V2Sl^=ux29)?0Z~yjI>P6(}dR8Z0Hd8o}J73L9~VQ{7*6
zKh@pIcm%=j1imf=-hPgg9SKT|l4`dvi17*GE%=Yl)<^kni~r5<6cPd|=X9cytj0;k
z1ojp(T)g}C?t3Ut{;K}oYz3;3qK?|zgqwT~iGz8Q3{2A<MlS7P1Qf2Jp%su1w-&cI
zP30943eIY2+$#Rf`v%vg=1`oqjB{>L4!u^Dgp6bv-QHiag3@G^q1Z~o4%|zftWsW0
z5Cu7Ydke85GGFQkI^N!Z{wg8sY#xnxI1H>`7+7B(dJ@|F>BQp|&&4_%`YI{zP~9;K
zW|8?2Pnc^}wta98<awixkPLkL$-?JN2={%u*RJji#!D`si_f((*5X4Gu1B%2jyS2r
zb(?o$?!j#xSG_lTgwGf5i087aElmiy6}i-UC-w(?C<QHjcH$Q??}~9hK6jp1Q@U_p
zh&5RLj=LXD=>5=_$i!seM8|x(YqGvemLn_eZe!0G#ci9Q5aNqj)IH2`dE>bHc~R=V
zPG7wL>g_(;6(g`S2n9B)0@RHq*SFhjQPuvKr%<LWTF6`c-#70O^Q8#c>)>*R3rZr@
z^fbDTnS5OccueeLf>+L@3*1oD^ME>})>tTMpVnp1;-w=k5}ih}Jk6?&Y^?0SytYgQ
zH5HT=ikTftTl|<hpqs`<helVt<r6H4q9O(;Qzyr!H58e+#!iyI6W5%1BZQ9%-4B0+
z%BFMep`x~90KzBdW=H+H;o54$(t$dyX@abMMK{Yp_4q0$ldN1ULI&el+3G~5zYfXh
z<JI(G$}5B$m-Po95iVf&qfE#_*W;Bk7V7ja(28DzDu168I>DfxbN1TIc7o0rI3`3d
zisE&l@zO^WI{W$E@$zJ5wx7$6)<?%hpS&4$rpcE@TCL7w7VqYYE;wf@=GU&_RP%wP
zruCmV8Ov0NP^QO8NB8z>zc}psgvm}3G>Hq-C(D<r4N;TVDCoR<{<PfoCtZ{k-ruD2
zMUy7CWyK}BknIVb6|V7~pcpBYD3uBHz4$HPRjBF&uRwWKGyNZ`KEqd{QqiUq!-;ro
z{Op<q-{I(c4=?r^xtjQRTM50e!6ptdr1m!yh{PxOeN!YQTPNg<B@$S;t;NF=D34oX
z%!lAIqoqHw*jr!WJiAyB-;eaG_Or>Oc;`^?g-rYn<Ba7ssX|*+Mhw1el1nxZbrnoY
zx7nGpMTU8Xyx-D?ur0Eg!jeU9X{>j&equU;9=DEti&e`KKei<nbWI>~Dg7A#sqG#s
zH^hxzJtm!-($le(7~;)mCzJT80~--zAhITjKAwph_cO0@SpoEF>)mr<+;2*qUYau1
zZ36G`wrMQ^_0oj|c3D|xR58^7y)GFGyIp(?UbkoGJaD%rZ$QMNyWa~=$a^A@x+v{d
zM(LHrYzf9iK?lUU*i0WFr|$k$H+Q1EB*^wV3ugZ%U1CYRa5)H1Nl<B1vtw}UN-1tX
zaYuHhI*(C{+1cEZjryj|>22n#1<V7@a%1vsYGT$#`zLnyHt-qb1@w=LYxU~fH8a2K
z2DZzAtz@v*<dq@hrn}qB!zkCJouG)9ym(~V4M%?_LS0F~x$c$-ndQVo5>MaT2C(w{
zhEXSTHYE&ut2FSQE4YG`{q^Jo3Ew+?f{NoTnzQ(8%N*Xo(u3!UEEq=4T%qs{b7vg=
z_AchhkqNbk;|Gr|st}}paYx*`cXg5d{(ht5ffGHvh<0j}i4VYxL`YgUp0E{4yt%`0
ztu~*&gEyccIeJGkn=?BeJqLplF=v@4kx54QDQZXT7jDO!pOweuYSv#<#(E`}eueD}
zq<*|Trt%pH`t12<x|(PC_EHz(#v1VE-pVu5#hP7}V&~BtOY?fF$aF=zahpa_Ojxpx
z#^CM;m4Oezw<^8}BKX_u*pD8^i~2c@c$Its$$f%W<^6QOQ=sT^NGO)}Up2K3b2IZU
zPad5d7O;N9Y_tLGX#S+k#N0+%?M7*%jMeO6foGklW0ObA|IBF`YQd_Ll$S!+rg-!7
zt`3KabxDL4SwSN$ha3c}w9d~;+uSMltRc?~%E?hXn@P;*-!c_<#njIK`YE$1R`Uye
zz1o00HKqNC<J_BWq)k{iAjiY?CvV4g_}=tIwQF?l`On=8R{er^9v8JH<z<PmCd|FX
z@$j4|v*G#Cu-Ww0BPa8_2Snu0@0;c;s=o}cX-qyQN-3ByyNsfl!OkQ2CP*}ir^AT8
z((DpJ<JZ1Q&@tziu^(aW)Gg++l4Z41$=*+AZH+po$vK^$Jj$(%r$)YHmnGb?nn{XK
zBID~0!7#YBCop(?!LI*Ml7X&QIw!x}`p6T(Pda}&lv_c&)_zD~fd>^yMe|wo6b#68
zXhHBG^2%a*?ng%TJvSU@s7|IbAE^Ucw^u@e_Dn28as3M5I~l!xmCy{K-q4A2hPo}n
zniuwpXau&kv3qxKJDC4Yegm^R9i;a|uHx5Nm@GT<8TZ_k$9%m!<-EJCBoiO6<*qCY
zZn1WXtR$`frIzKt@uR~c;BdGbl_N}aJyilQW|7D60jU-Fo8<PLDjK1YHdj>I6q!ZC
z9Pa@n$)j*Li7WZBU1GCV3p43@%XC?VFeOT_?rsmdL8g|))M~pi)hyyrT9{o_;KyQ7
zc*9Z>)KELP3brse56@XdB9WjW+*{;TqK{svYv2bpK>^LLWzFS#p0zl~Ch@LLEiV<u
zhPlNat$=<~McpWBy!5++0r{|q)C({&i!CSE$kz|;nyJ(4y^ASR8H{OEHbo&S23yfF
zRd;r3MlM3`RGdfogf5$(sh6yd*hAoYOwaAiGDns2u8f%ONG^!W9OXmHW@+5#0Rr9_
zr3TgL(9o+XQ~abL-&`948}tSqR=0(b4n9+6L!gWMQ>tPf8#<Yo-l1QZ<0wd9cj|aL
zo%eqjNc{YqcE?=8{V(<4K6-Vixj`+rG2Ot8E?Y9!xDjit(`{MTi5$wWwX@Fv_sdsb
zhQ40byUp)sv%3w!%6pX{f{1X!RrQ3{E>JNIW!CL>t_Ln5O<{U)=-%4gERUO0?binV
znT&1tnoeBwLSnR4>Vg7?7=WHD&#sOop7!ej#Z1*Y<?6vWNZlW@T+u<RuYPSqXKOup
zgEeeuWeqQ~o{FtyLZR`#2cO`Kgc+suFnv~IFCFA#x1G@7s$*!j-3Z9B3jtX*^h|vX
zYrBvX^%4Wbh%!j<ec0vvVee=eFyHrmP1uqpgj?R4Bu%x}I=dE6_Wbf@yCOz)JyD~l
zQCF*<qW^G3ku5@<25t}%r-ZVDm-9i<fcG#3lRQW|CsO-@>0+r?Qj|Td#d0D=EfTiv
zd~N>T8vRs25dBKipylQpgLV|BW~E-mlX=Zcjsmc8D&yqj{MUaa6pS!$>^v_lyKQH#
zB#Mx#NE1*4%f!S9)v-rvvgLEg-DhWZ-`M*!i-70q^Fn`0notU<QgpRQ!3~x90|5Ep
zH?@F?E}|MSJiPUo6dhAtDtU66LdC!gQW2@f*Awh@IvfVlf0q({>g;CqZ2jrYcAu0L
z3C7l{VpTVxt(T$UGY|+A*ro-YJsCp8%XS-cT1+(CE+s%K@o(3j<34m&bzW_RU<t_L
z0*s`h%oJy`gJgv;g(yOnTZO2^NlhAwxEyJyWLS*)(evyQ5O}=MimL$lUGa^>cTU}i
zT={eDs~7aW+OSdIj^*-em`1^#H>1d$_Dr$Xle{2*@%;Sx`uaLHOvENQHJPMbnW^sk
z?(*heReW9i1y7jBVe4HlcE-G5c<TLGx)gfLtiotkt%hnsyNRIJ*}SHTb0wVwtI-=Q
z-T`q@phB%hF~|ls*voG3fZt)!vqYBbn&PnJf+n@n&1zBDi%}iV-M&bSY;dcy;Cl)~
zzT5fxzEtt**|vbJX?PzMxA!>rQ$l83<8u5Wk!xedjZm)f!Q6AG+1qSevoy`vPJ-I;
zpS3uHTC7@cc%UuK$`5yxfp<%_3<;@g3flG}vZRAg?VGO@=|oWs!riPtj_NoR@quhr
zLfkjqKC@gAT%i54T*GL}=X*M}DKmo+*0JJh6I|{k7k%VQO>^Jv(~GK%FjAieJ+Gm&
zVnXlTocUAtjaRxuMOW$b=g`d`o}%t{^A?*#1zw>)>a<nmp;JP4ZtE{b>|Wed(qN9c
z>IM5Nc!!K_m*lNF?%E{&%XBxSL`@Znl<vpq>%9kTAIlpucU?;E1Ale^tW|P)!A5E9
z#HcQY8oP7s>h-x?uY6KAifMEpiCd22`O@LOaybdsp8(eDJjUZ=z8_-y6hnhaX{X-x
z4Wgz9r)Qb6#?=@xSKFp8{!{Dj81<$KuMM9pAZ)Ez;nbegc(`5jX7l)=WufDF%v{||
zQ%r@m3^D5(wC2Tu6M7W-5A<c%kzR3)2hreki$O17O)c?&r0ANPaAtr^Gtl<E^MJ1Y
zWcZgd$Syx$oubS9zn8RN0Ar!@ib!rIRWGk*Ep4Q^VYv@4DGFVa)eqF4!O<^;rI9r)
zeh0=Ry;0T2+ueR#VkdIW=>wK6uusy781;0rcT!wP@VXAaFS`p)<7Y4Y;Zywf1Rm#R
zSn2W7JLQ6Ay295uf$zWi;3MF>>Qp+V|4^d>Kbl8@jVVt5+wzO*+FG*lUm!d3+lJ{G
z;b7lo5rA!#)(2p3LX0uzVW$c>)B&o#!6K}dsI1aq;G3%;hyNZVK3A{S95?yCn=q9Z
z8^t|x7n;Fs`(}eIO!rUclH=2W=t{L3DOC{uTMv|kC}ey<GgbH9-*rbTVeHz-i(iz1
z%?BxXc!y$1ykbVA)?f5qt^(w74Z1f7crCUGxEca6$^|0-L@;X^GeW~??X(PjwDnKL
z(WBVkY7Hf`Fv=d~5~w>p2*h)<ChYUS#Uc|Vv?#l``OoCzv7I|)WwEMaHLd~}Vx&IQ
z!|-uDXNau0(W%<g8@@UuO3ifN1UDs<22Ts@)O+*V;i8SL_lemba8Ew<{pViOL+PWu
zyRoaeCF-O-%3ZDSKe3`DRR1P=@3D|0v83!+`QvaJ6c0!!O>rJoYguZnp=Sy3#Yok}
zW=)*~dx?6GVgc2%Wzd~ZV@@UaH)`bm%f*%ehS1b7e?5C5v?lT7Ghdlub2)&`fnoFX
z)2}Ub_)!k36v=OST>F!Qjqey^{=ATt+a750C*YM^e<eMYVT3>BjqwRtd!KP_-ei(F
z6ciH^^Zd|bdwMcYqf&g%+%tT(Y>-k)=F^l0MGb@c)iSkbw`1v8E?eQOH_5bM?b9Kg
zNVmai?<y+aQ;DEBos}dH9=1L{>@F-uL^e4wrGJa{(>LdqouL%*ya){dP}3uBeuG1j
zK&ns@1D=Ke((Y~ythjR0rzZ2-f3Ze6##)Fdo7L#EWSQaJ0&sE98{t&DX1pG$^`10g
zkBfma@AKlaZwS(v<I_=EpBo?5iqDs-!f<`!+I4#aw6#5r)|wNB^w0IvDBH<Z&=Bot
zRkNw-nMjx0TCm3^(f2&Oo_*pBp9i;C1vx1D+3mt*i^WAvb+u>=el`1LT3%nxQ=jMV
wQ#H}T@bGY3aaqgFexknn_D2K)LH`K(u&H}_SFoJ>?CF6@DoT`oF#PfV08Qa9*Z=?k

literal 0
HcmV?d00001

diff --git a/docs/installation/images/mac-page-two.png b/docs/installation/images/mac-page-two.png
new file mode 100644
index 0000000000000000000000000000000000000000..bd08ca15221c61d647e01505a59d78761bc3efd0
GIT binary patch
literal 140504
zcmY(pV}K?wv#8m&ZBE;^ZFAbTZ5z|J?Vh&nw{6?DvGaZBp548FlS)#lq>@VNiBy!A
zfQP|>0RjSomy#4!1_A=H0RjSUfr9u~GO)US2LuF%ZYd(7C?z67r08UCW@%#z1SA=m
zq5-L?GLDh^TNw(P4hfj5fJ4YDWt(TdUtAI-1Vx0Xd^JG~d?hFfDk`crqPz`55Ca{#
zlVtTHC?cwX9>b=*OA6%lq5Et5MZPEF<7AS{{M-3@^2-e9Ppc_3SVlPrkk+S;VR0`e
z3qNs!)H`baEd{7eAXjt_>1|8|6z~t_jXkjFXO|s)+|!KPj~W`+CLTMGB-qe+Hl7>C
zkOWZQ(i(^%Jy3{z`ASw24bp)-5)CY|5Kx2(lYEL1Jd=E?kxZnVOEJd~KhU2F+Ehk#
zATCEAGXfs;kpxshoAHy|S0wxJ)!3YoeZfumyW;BVH6(xvF}wUXvHW@Ouq;9RxKT-*
zu_ZkU@yD$bSVpzyk2%+OtBGmU$nk7wY$iEe1lkGQMGJ+oTRoP@wIr+n7cHI<S;Wi(
zCyF;yPZ~K)1a>o_!HLIUCNM+*L)PFubQsn$ifIJ15wFBwHW|vh&}R!Q1`b9qGzwUA
ziMSDohc>PrC1cK5Tr6fBXK(=)8#s-U+fNYUFdBHi#5@dqilfMulRKk9qSW9v779{o
zkHv2#zfAYl^jJkSs^e<JyH2zM{o+Lkm8l7A0BoZ{<1ai_;^#5BXoNrSMt7UpuYZ{A
z@M`1hl0irI?v2H{j2&D(#p2#EpqWX<ul`comHHPqO|SN6ca<~kShqU_N?io-$(w_V
zNxm81fVU&hDcf-(2nTT70?QHw(P2+QoCT~f&2j?$NJ)GG!9od9?}9uiO{Gg@n}i^K
zQ2s&u4vK(v8u{w_RiyI=@=1TRd43zOSW^7q7XkJz)sR*j_jOq3E^+-!z!Z-AP|nC_
z`n_=@if<(U5KtlEoJlq$Zo_nl9F)gT#mBXjhx924FZt##7u4$@1I~$1u4wH0QI=?M
zg<neIKQsI2Q2s{KU<LWO?{BeYX>i>iqc#pAW9tYn1G>ciWBBH~=Y4psp&1_g*NhxI
z<zEQ}7TLou+TXl+={xaUapy;}N0;JSzv3TW2wLB{qFxZ$_WR6lXHr*TE*aerctUmi
zwClzDhUAUpR!uM4u;S}NC=yc`*?$*@{Dz1b#BKar-FVshc~98bD2@$9c7uE9baEWU
z5%OZw&r8g}MwfO5-8-gZMwDmE6lrN|X$l$e`a%EY(`72zvjKIm@2=}c10+AJnDMSV
zIuE+LsseO+(|hr_-FMZD5pa-WlfbA@IXH|DtQf$%iESkadkSovp2SuUN#6(h8bpMI
zP$&eF4qcTC(Li*;WdN)R6D0_(3CkV?QxAU$=H2J#0L2=F;Q*5jo+e1q27Nu)JO`;4
zBy>vvM+zk@YypL@B+`ToIt2Gu91ode2oqX}BmwLfw3OIu1e8_)t%&p=<zkSvz(tZ?
z($POEW8lTG?a_}!Ut_q3EKvojs@O}S@N?tkr00<kMRTWctmsqX4|BpUY}#?^MIW;e
zk7!=d-H~oZ40FVA1`SxC3;mN!5|g;FqbPsTWFzPXqW&^h<M0Hq4Z8c{UyMN1D{vy0
z9msCt)y@F%LYN<{y^{E#>jmEQ<KDV`a&HGC?(h7Y3`Bp-t}N8AAyj2(XDG1{<^j6_
zr2*`=qIam9NKukt3sIK<Z<fGx`D_Ipu}$e}iWZd4i0&a`l*nRnX43Y=0V!H#`ih9A
zjHY;(M3>k_iFe6VGV7$8alb=R<~$uideR%RJR*Hk0a8Q&<rvl&Cm;miU~)WOov=o>
zK<lhls$iC0D9KdVrd&vMmRyqTGyyz;JpnrLTT4qzSBqk;qJejftl_8u(sTy!JmyzO
ztt3~my?CaI?8??0wl3W*<114%2WLspB&tns%T|->miZj<tQ1FYPK-%8n(&)egKCAy
zUG6%iE2b;3tL#(u&F78zZSY>>2olW%4Gz5vT@xl6jT$|UYEvCcxtK<qDvZXAs#bZk
z%0uX`9Ytzfaa<#^NVU94<*Z4W0l(;CuKUd9o%x;q9os99S!qp@OOZ>rUDUJJDf~V^
zDlw`?x_Uw<MLOkxdJ8Vba16@Cgn5|}fys`EUtu<Tmn)FR@F)ZnwN~ympId23B&ABb
zTD#6m<*5-zWlDoi#5PB}XkElrXG_($@*VGq`ibQn6g7pSL)JurHrK;qpATMjP?c2K
zxMxH@7Jws?sh#<q2{JX6S;hw0gr!ZOeWs1uByaI#z0kbX<hhR9q+r!+P|3)bkum9H
z#^bCgAwnT2QQRm}CStC+BFQ1%D%h&`Qa~U!qr@O)AFP+Po!`^qSN;w1#r@?C!3+@x
zVF{51H;wJX$jThUqGPve@wzFwL^(^jQ$Bqf$TYRO#ktY8{u%~7H#GNa(4<PLjLOQ&
zJkw0u(rXEht&!s(!<OwLQ#AdMHBz9$Yu?tmvc1eR*E7d69(<5wsIaeaZhy(-YdkV(
zMUJ22EvqEQwDgD`@S!fPE~E~wKBaD7EmyO)oU+VeW5Mpn9&MXxqqmW{=44xCbF(^k
zC47~-(Y)r{>|T$#PFR2AKI<;&w7T!Gp|r*{;FxmYNfDHkwqR6-QKm5cJl#GWp8ey-
z<Ua1Oc5&|$HHUVctgGUs>#D0&%cIk|m2M|xx3Sf+<+`bLy>uPV_sGjh(8-tUndwpL
zef{8bWO_#S$bJ6Qzp>_B;9iAzd~l<3xv*Dth<osR?_*41g<+{~+J1It+P}x&8i<&P
z(?GZHN^nZh&A@io;E%}cK>o9Vm4m8-*zEz*0+OMmGbIiVS_l85P`VJ7Ks6Iy2xM3t
zqCb`)S_1yvsOtV=L`8~9p18IceFQJ2SbQdWGsn4alg4A_=?BvYQ(=0G=G*Go-{!xB
z`#$^92OS3#qYN><$@#f`G8WRm$VSMo<?%9)d2A1wdd}PyqDyx&4Oxw^V_;d9%+02G
z`DOette5wG2`lT&Zx=IEJE*f+Q*tqS%G?ueWOYY=B_8yz^_`t`ILWlnDC?+5tK^n-
zl-4R-DL5<8$l&gJK2UqqEr8CqmiUiB&6JO0jmH40XGqM+Oz{tB?pR*08k@~#a<<4A
zQPH3~8gm*s%n)IMLpz=SWMgy5wNKoZJ8PNHzKbm;ouq1Hyg15VW)C`}pWL75<(hNb
zA9b0(`Mvc{jh-}~w9?IL)w>AI2+xG_U=T+qVm8w)|JG@1vyc2q<ddP2VM*1as;8x-
z^Jt~D({e5_+e;kS*8lXcph=`b!PwHfZt&TF@d39N8<oyV$<pwnIY!f`{Yy(l^VSg6
zeZF6(-kbWv-N0??I*Rkbre+;!{bp@n<E-CWruvt)x5?f2^gRrI5`GwW+cvxTPB_DM
ztwk<bu2634i1<h@>xrXo>$8NUX5Xwt!}JRymX4;?XLVxDt7f9;ypMg#mTZIH{=~Mo
zanN5vq}kAQO@4p6D@Vb7_?r7A>%hLbbICpJ@>_eb?ra;iy{vn=pvA3jWSh;^BB#98
zf9KIR=fn4z1D{c#z9?5o-w6p14d3U^d;X>s0i4i^=hEY~4>_3hcienD1_u%R0}cf4
z0#0WZN@hnKIKH*Dn<f8y_%I<G9XDOds9Ibdmk^hdhtZ+Q_jrN2&_!RxqDr@I<N9@8
zoPckUua);`#xBdr%zF->@ASjw_(Sc<Z+cFBPPe%`qXV)J8Thm-dctla_alpNUx`7r
z@G7|+`J5?Tl@56w=U%t-j+v)M4iI~t4s5r^3-!qwp4PIR>z={(hfllXt(BMiYxo`g
z`+(d0*Mfn;1__+_${*IZ#-5Fy507|-nWIsq_?wpoZ+-r8&-;?PTdFI|HI^&$=9!wj
z*2j-0_n!3U!kd!aqg%l_{V0E1Pt(uyu^j?`eS#RmOK&<KzI(H!-_5OTH#R%X@M3U$
zUU^S`uOfF6&GFv+Tz=dyT-OhcdtCaG`V+mGKDOT&pI7~o%VQA%WF}H^AXqjQ(l9{w
zRzUe=eT|@9qe_RxFAR}H^E^dhf&K&YJei`Gz~y&9L}t)H#J4fZ;90;!s;_8-y+wRL
zR>myb;$#%VBicC8F!oF#@uZ~oY`{cpptowA%*<V`CWjaFlF#%&HEZ+Ud72ToF}=Dz
ztsokYslj<i`hYTPY!4+jeIOt~ASqEHRS)1xT}T7f;pOj^5)KroUm-}+r%)K8VpJs3
ze+~Rw%)NtPT3#-7J&iQL06&-cBt(S)Xi8C`^dQnVWW_JJHf}FJ)0f**Qz%g+D2@>9
zEbbE-EIZvS&es_%&U8RQZ;dfHY?U`^8oEywN#t@~+H~rjqX&kxDzeig$l`cO@MZh4
z(Lg(SX2}mF-n(S^=g<)>lCJ>f0X+8kmxowx*)A!9B6|IlZKIy9Ko>fUXbyj0)=5Wk
zT?o{`74fcTHV_=(*Z^@s(pz_tK3@Ihh3CHZ6&k(QV|^9BpHJH;9)tQ^?w6`jjaAtd
zJoW{3(~APjTdU~{L_$Ff#+AJjs(_Z^!ROz+NL)i#jw>eS<_vkSXG1^y&#T7Kl6e(^
zr!fp>I$IA-xif3{&m(F}YSIQwP}Do40Z7Q^#gRaVh%#LyWet+TIjrp%6mOx9KLW^b
zXNzou_cQrtFLF;fj+KhO{>21@P{M$Z9n8I|QCX2tcs+Ri`;1qZVx=-|{mz)@3Rcou
zd2!zY<XI>SFjf$pzyqwn^@?QyMBE2QgQ|<kZduktST_3y?%A|^@$3-9;~1`O+9WJT
z2>3?(5KvFH2}xZ@_>W_s@gj@2+AkNmm8iHtRNsU3e0zFAG`tXMbG7S+BLG3y?Eox=
zcCPnzyU>cB@6{+VG4WsY6m&hf5Kez#LFBtowL;`)H4D|k`Iw0#VGGI`!dvmzZx|Jl
ze=iX%bDb=fw+r)PN0y64^JyK0Riutz<4`huemLU4;qu;!35JvEe2<-E%UyfSDxgSh
zUYpxpBuVrC&y@Tbz+&3xZ%dwz9s07X`tF7^OhN4bt_O){PWb;3_~y#>ge#beV6nJ7
z`ABAk&?4=<y+ZszS!%ZL;Rugy2>UELXB-E2s=5EjRHe97@mSi6ehU%_R?<_-{h6a6
z)U{r_y$BnY+t11-&SY~GH)BDizB~|xmT!Ko(Dd)<4^bdJrrF1AiLt&bAyC5vfQ7+(
zK_HGaC$oeft>4HZ1`wM_Wg@em-=CxfRKyS?;Rq&C9U*9LyP$rWPC9Pyzt@THB8v5W
zWNW{9XuqwFi<~Pz#-2PP*2tnR{CCBAA%S;3EhmejLXasiA+x-FpDMVr3<uLJoLAFo
z^k!%&UI&lgK`q|SAPy_)s-s}jFTU=B9gL+_{;idn8NASZ-<ZGc{?sl2`B2bJ{uxE)
zecOeC^h!Kv?*p4{$>8tCI2;9R-mi1>`J<rWt6D%shqC*yLcc}1(zbE)9fGE5&2pZE
z9W-w-g=1-n;<zHA!ZEJG29MY%d@36-!&3#ftRr=i(M)(LS2ap#$nAbNqXSdz6vt73
zAtC;iC0HCBuqWr5#%umuHE`~^&U5Ql09zDaYwXa#z5|e5-L0F6>)HH&-E0>MiE*a!
zDfCOFR-lh*67yN@BG2B_76Df$GH0b<hp3x-CD6Ge{!cGK>B>06S?RfIW`?dm3)XGu
zSJUKMNSw}x#Tz(l5x)w)_#1Z*I2%d15)4lWYJcQFiuWk}s-GUT_dCBw_L871Dd&be
zm^?4`a=l{DCE;;MK`MTY1G-%xpFPthIuF+xXJ9_3s)S2;$@p1zz`$yKrU;`tM|)cn
z)-c&{Ik`Pa@tUn$NLUC7Id|CQ3QVS}%v&u~D)TdGA%rAE{nIgr1kCJ6EK{J}bm1UQ
z;7&|{7qDTkvl_^BcfGoOaFG+~<uz@a2o@rYWy&QBncSY$CTdGM*bR?-4rczk_La|`
z)5EZ|pMPqjW=;K_h6<_g8c65Xh+&YhIp5ciRbxL+eok5pTR2ZGUV~E4`?w6>5@Ew*
zKQmMdq?1Gl*Ihj-W?H=Y4WG*$!S@^;C(;YI9_cL)GUuj5@*5nmYzXnsr+2*-{Q5|j
zcYT*E4{c_6zGL}ek#hK)d_^`%tm#c|ceB#*h)ngT4`{jRwT-AB2VsFvbnEy=7nClZ
zWL1uQGOL34l0a=>i6;stGpyy&Cl0572wD+_toQ|=3X&2hzF|Ll{aPqN5m$n$T8EO+
zS;Tqrh9R`QkkGVDUEC0$YovK`Z*MmxBPlYf5@r@7J}D^Y$srB=Oif+gX~3DZ$FU1#
z`&?F?oEsu~Al#|B{FNS*#Aof?Lwt=p;a&LOY>*5D95GJ%)L&r-NICkHlHv@0li6f<
zm3$<(zh!UGLN#mLc9TPyib+wnx|HpXV3yB{&u4t5Nb8q7s_(7n`-#~kVMt0@mcEAw
z4BEp<3Z#7Z>i;0*8<*s#re(zCShjN(cw_b)rWkI$Pg!jIg)JNms(505PkuDxaI@P8
znd~xp_Jm21ZM+YyvJ@uKF8L+$7)@XC;?9ljP7R2z_d8&3y4eIzAQmcp_oq<8K!vNU
zn)vHB#o*wSonVbSO4vU(e5dqjMyEVWUJ?rPlbR{IT0=?I7dFK+TVSmbqN!7Dj*p_E
zoPb35PzJNz8)~1UL7Hz8F4AW(x%X`YnJ$1x4TYZ{lXu(?GIERhN8-*kpedkQ+U{-?
z{N5?wdj6lAX~b)7n9V-aiN5!t;eC#}zh)#$%T9W6T4<Wjh#tJ@4<aMWOKGyI^#mq?
zsxX2V?_R>8`Q0K&hs6i5(aVdgFCkUT&ZNiJN<h4CCCwFIs&Ez#az-SSGCBOFgNg(a
zwqh?dIDw_K{=%vzj$JxD=(Q{+jeXEh(nVg*UYr$^kf6~PR`6ps6crUMZ~eI3v|+WK
zM-z(6Uw?-)ne3^!axFsqqsXDMg=-<dU>MtHFDS?=hYs#(k<CZ=mx*WBsY%qe8MMTd
z?6K-iw)4$sKY*+Qd0@aM0%0p;7BAmLpCAe+2gqATW&wo?yyYB5_QM56{?wOvy-EJi
z`_H4HXXzT@+RZA}Gpd2;>z};2ykB)w`y-oYNlK`>0k9BxB0_&M9gn&^Gq&<}q-#EV
zYAzUEm!*r{3W>DTBWC!2;5fE(Wdm!Za{MF*p=f`uacOs&5a}{08psjBtCiPn4~qcf
zWqXMQn8fVN=_1jsgx51!@$kX8aVk-m$7%j3^fVL0<|+b%HB%}`YqaW13bk5=Zme8L
zx}<pn(PEzi<j_2Cg|7=yDdj{M1U<9Y8;zI+i{~7X(V<B%l@}ElFgD}W5{#9@6amJ)
zZb~B>H#xvjunm!Gs+&T@bnEJ2k%Ycc{Tka57?H(vBeXq#Yw78h(PsUmURwG$wMlDR
zz5-nyo5goINO!Lad)w2!PA{mMcNVC0mmS0<m}+C229E;YV*CvM+^)D&;wYyv#P`O;
zOA^Tix9o6Oe4MBGRc9m5z>><(nRUJDZLpChMFI~;&<0;`23lAxC)bk)XL$kGU|zZX
zEhtG~9~AlBF|2Ce${GY%u-G|<j9mM4>%n7TdP7LV1~Q``LzMD9M}y8$o*6~Cp7Tkr
zoZB|GCoJ@R&AwNOuytglrIXF%LfGbVv15}*WHh&(#AuN5@M1PUb$T+$Jsw^yus^Xs
zrQ6@L6Y6@JxE-5k7bBN3{~fGB0a?Dp#g@2-rlWm{Y2fB^#Icw-ja3m9KxyMa<->QX
z`2h?hM{XR2##kq(eLYC<A;VNx94sDH$$nz}VyVlAWa0z!8Ya-ntgB?hM~j(|#I&p-
zGWM+220KX3LDbhcb;W(iXlTMyY-~n_O#8jrHutDf{HGzQ>9~^a)C>$NAZk!kNO(H$
z$)-HbzbelSr5cP?+^Y2aimUfRYB!FAI_W9)mvQTkWc1;|7o<NsoS@0&zq7$b90mpG
zl@CH`tJF2r3WC<1_vn(lumRO1<*VhMv<x%{%9XeUhI=;Aty9dU85fvY8XVxXbDRI1
z)wmXiVna!uHn`j4HPt>;pkD^8;r^aFH2ju+h1ie@%kKkfN!{F&Nzd~byGh`{M#s(1
zA4ZL2*2$#+NnJ^4`s1`P0KfFM0=fFk#3xaxK8Cl`(|+*HNHz|=#Vj`i3i4qBCMfBO
zf&M5;*a9mEpB?5_PkWopq9yNTK&pT@=E{Aw{nwN?g>k{(%j)Z1Uf3=wl+?efJh6fz
z!h-KQ-SUNqPi+MG7DRj*FH_7S2JeBIe|%hDQT=3HE6MbBniJ_j=D$2+nZ@;zm?w4t
zmo)HMM%pp2ulmSo9i}d(6fHlWsA)n}P>zDeGtW*(q}NA(vK?j{9Fd|{Wv4Xd*#+sc
zwAl^q9IY4)u(A8_Jq3t(ixbcGlp|wQ^q70zIh7sjpZhTIf^PRyD5-lxwArn$e6;z7
zt9qM#Kufl?DZ$0}RyG;^yWz$Hew}2fs;ddR4RV`Et?WRIQ>6hTZ(Dq6klvP&5-Av&
zj<C1ARELxd1y)bQK}Bzc7_9KaSS`x_t?QtXd7WLZ?`(V3@m5SUlhBf)ALw)or;GR!
zdQuB^wck<n4Vh^VHO25@L&qMbPgV*}%1A@3;=|&b=7v0Z;!nXJi4@zJ9Nte6D2gIS
zVE0Dq$n}7Lc;rVW^ykc#$v#7qce*`K7vA(ZSaL`)-3M6e8`-<no*xjSp+La3Bk^^(
zKEKEm`9r*uBXobIeQC;K4Q&p{6E~ROe2+<P#J<sJkk~8wvqr-7&x7w6%_&<oQCFqp
zuRRUrV!7DqgDEjqk<&YyP4_WmMGywU#YYTzii8#ZE^Bf1_^T43^>*Mh`QgVk&20|l
z^>i9%d!b?cuHmetsx8lp$5}C|g~ho`yUHs+`I)UfoKJ~%aw#U>gW4L0Rh#N+x{5+^
zl}Nlu^T`;LBBME<gHHBpb?nmIbhgilfk6=32$>t7)Y+tB+BolKbUc|M37F6*Qnc|Q
z2}8h-N<NmmxTSSfj2p?!!!Ud+WGJ_-5tZ}+dw(R1S&%<3Kd+>wG16tJcLc~I6xp>1
z;Cw;q^?A<`RB8Cdufe9}|NMz|e2>IW`0LEV|MuwY!q+G;&Hwd_><>-YBVlY`UO*r6
zRQvo5f`~;`9fHWn9mm|tzW`nGA&sTv?coFDo3|7!lEngR?rHdK7@oyfU-P}4^N6MV
z{O--|X9Jy7wEmt&NN8d(aG@U_!l?0B7ecKhBry%slSakxT}K^yAGer?12I*T-uRsy
zj?7?Ok{oUpVo<vsc3H7tl(VtElvxtbavYZ82TUt!uXgN6=-0NXl4UVA+@2acmS~u`
z*O?SPgndu_+muohteOu?3WusQe}&vX&l(i!3mWMDjhxUNiE0OSR90I)5g*KBg+6d4
zRym_ZE59zgrlf=uI#D>{kixFqqPkqnDjL$FF%UFIa8^1$lL90pB+UBz&2vq&$%F4b
z$C;p(-<?REUN68Cjat6+k13V>;G>qaqtlMisi!ct-<Ks-&$kth@_K2$d){_=HVf+Y
zEcxli3G4b&``s{Rp5fLsua4)iX#~t)qv^+r^p`1j&H|QDDE;p3j&5G8u814g`KpUj
zs=%aiw#Bh#Su5y^d3{B3U^?#$D<4)zYI)v92Cp11l$P%foW|aC;VC7?Fa&PYo$1Ul
za2fyMP!R@k*mY03bRJZ~o)>~^|5ro1IfD%@{#D9VI$cKCJRf#kzW3~C)J`|y<?AVr
zn?Y!cr8_jZ_EWUWRlyFHQW9!*3}1z_fXz!;+OH#trn6aa^W3HAfdU(d1muX|#5ow$
z>23B2kK>_g26E&6C^;;r{!oh?tZ+h%$>ETf9f?<b_X4>_Mp+_%&n0%aZVyTU9+gmr
zGTGtIo0w7m>u!}TYXLoF%ro1q4p2}?M4^jgN6oI=-?G_^1WZisMa~x<vRUldu>R{&
z4-8#UH7G{6TdmHw1(g@_F6Ybe0^jve3*-vIMhAQ8Y_7~s($%N)^lH%7%`bx%3I9GE
z;L(7e+5A_M>h~rM-7uYhs;Bk=LoSWH1t#bMO7_=Z6OC}N*pbbTv7Dvl%%#?1D-@to
zLaw%BRAvM|hGbcc)u)oaF5=lMVN<vo9~#VeWpM*YDLpZ-;Vx*;oIu`fA%f@1ZR$X*
z)M}#bor^n05bz@x1vB7s^ToOm@wsTQV2UMF%stXRF2A;EtFaGF6%(NWl;&o`V@1BP
zeN18jIXvG(&WiOZommSQq`Yk?>Ke`-6Z?v1uNgD;#1r@Xd$f^|m7*$ie3cMx8rU#?
zInjT}YZmWyY<KSYZ|)~?1+)mP7b<AzJ1<G>KL3&qsK++r3J3~WVjHbW=qzSxI9bk)
zkd1x^Gl+Jg$`|f;A)_25{`EQ|Q59nqdAZI}8ZK!?pvaAy?#{{w1@9R6v>9Txi($38
zNiLmKEmLY;<8VmzvyDru=hUio0b5XyXK<8X->Z4^1kY@_imIyZ0x=X~cd=N(84hjN
z{CiJfm9cJc*1&c;cfkwC`9ZrhbAT(h_faB1^_zL!ABhst@6!w-l};}(*Bo&;B@JPB
znFbMqRzD2J>g(h2EHwQVDceVz!Dg!gn#S)PyUewSJZ8PJl#a*fwf^@kC5a}T>oQ-Q
zWLwP!1U5%><mi1$?|$_+rV&(gz<h0S2<N5uGkEovD}E4-QGFUNT`jH~h5S_}b!(z<
z9e&;S4p{Y01Mby+Hy{;)T}_RR^XoDYOIF*-KPi)a<a%yqFU|F0mba89^`{BJ7gA^7
zal7(sDr;n4Y`NL%O54SP1uISe4YBL{m<Q`+9V@PueUsG&Yu|WqmEb0^vPt;g(Gn~!
zID~w2t0<7w!-}nP&Z*J`CAS~LD;)tdsb5xqHXy2=A^;`uG?&8sVav>DF|WaT@vydI
z&1Q2r%CIYGNJYespwtvOK5hW!dN;w;Puu6YF*R9DP8q=i(S|27l?`Q6X+(7ZAeG@F
z;Bl{SZ&f0d@Iql|(p<iQ^Qv@#;%!kh%@Z!9?!^Xzrpdxf)mZNb+EGwZJJ7Ad0JX-p
zh=mqf_tc!8Sus3X&R_-UB?R^)U(?v<&JBbAa3f~-WlL01uIC8uq{UP%5)(#2G0IZ<
z8am*oRh!V<8ZY@a3L)+A#I%}kQ?;sCA^{Z9%yhj`WMSYexb)jSP}VfgQ4C4;I6Be5
z5jfHNy*gs+>9rs+Im*rU7;C`cjm07^T6kX-SQwL!p49)042c^fTxpak(3Cu{hw-j2
z4gXRGU@DeboPi#65lJc3W|`U8pcq!>mq&nrPqDP^5$6GF$14^u!L^bjgVVWL6>Q?v
za90ZJ>yglH+%Fbe92_-l*h2r@jzD91osn(gDGeIZh6`I@V=(+=fDpOIs?SZw%Jg7V
z;fA8g(@?`O?gh7|<dgbD24Ee>73mtJH1JvP6wr|j4mS;WkF}+}toH_T0<ct+w8CK4
zuUo8^GM^on%1djspwg(4w1=F}n$g-b)S3oiC7hIb-J6_88SY|iQ-KH)LxMhq+p=ca
zSK@I)4dUTrjSoEIrK+?o#0ta!W|aAKbvBX}4dBEjYBcsAp7A22#<SV3QeLKNZ2L(Y
zg`?0pjIPhTE&|Ss>%S<xZVvY1f}5w7h-3Q_h;O}fxz0?Eogmwu0R#gDT)mOT*sdVD
zzK(&O=Q@zf_VOl~dGP_2lOS1@3!_DzA|=!S4-s|bpL`tlam9>v1T|d$k~#iRiY2GL
zfqeSSJM9p91fP;vqrJHJlY-pEh76^9&=FwTWB^YI010o8<ry`LO$!2@B3CC`VM@D#
zBJ@O#?P&9;h+;D9j5%+$XnYQTZ*Om+Je4fvmb_<AG#xcI5K9$6KPOW8?R$xJ)Le)B
zx`1pznB>2-$T*cbbKp{#Raj1h%2dFfd|w`3Un>*=11rRp2JLQsYzR9eDa&h#^zP1s
zI6a}vHokIyS%Utm@m_;m2FBiA7@#V&S0Wc~cj~BZZ^t;+ml}J)=>3eRiC^$KI()*2
ziT@E{!%j&<+xKzP9Ul>*3L_4hke=RmG_t1I9$E_LcP>u%@c|Jp9)%<ST1W|L1(-Kw
zi+%Oi?uIFFoI=7MhX+HOg^7w@&Fkisgq^S?9SH<-!fDGAHWBjU53N`K{7ct#@w?uL
zjobAm(BPhyp&;%1AkX2%X0-Usd9KCx_ak333*Hb3H#_o*u7Bu!TjZUeyg0Ycvm)3U
zm*1@)r;U}8TJywiXRUqHzy)ln6KiDXfU%(=e+{qpfbf(VJO?`(Mk*0|{{%d20opz_
zRhJr3Y9>!=KE57TrRFkyDP;_kit9pd?Y!3XZ;DQXP<6JvXyGCDX3zNFg}Zv1s(l^W
z_4K)hqv(kw%jju+E-(vg-mQk<@eooL89}xeegl<H6a^A#>}V0DF-!8KvjNEE_Il3%
z4E`QaQ!r;|kbCJ~<$=V=+9B|cU>L^_b41$f?o=OfzGLQN#>UqR^Dda^o21sE)(OI9
zS&Mrz`LESAYl|VB)oQMq{5N(6&<a&*kj&4;Q)xQPK@!%K+_kju9p(B1i^^2|f4ly>
zU6P@c0!G)iZMpv@)k#qOQB)GOlkH9lFwy!QrHm<U6y^{BPY%z(xA!mC6g87adm%b|
zs(v}Yh(Ni=&=*-xuHD8=|1?J20pf?BJNb!EN$Y`S3BkVp!cU45UK9?h&umrBRJj+T
zr<L7rOc%6hXTD}pZ+4(wz1;=toK`(dzRn8X2|z}s<zYEe)Ykv`!tc2x+3Y;h==$7;
zU2UR)uUT&zv@FXD)6C6MpWr{lXV8I5Q#_?K+o=*%(n3$%Xp;DFvsKK^3tg)6Q-`>b
zf1cSHh<4eUh=MV3#<W7P9ci)Aj*qACk-XBvnZ9%-ziKL+?eOKX(QE_(_<yGu2Zj$E
zGNk_;z%*H{z}(4Y5^?dP2>86vxtSk2%9f7|tTo;a$8eRSc(WY0Dg{{06>?2q3IOS@
zvzBzPno9!c#7+>d7Q=#a&e|6xn*~+N@pq;(0$qQ*RcsYiZlM+W$#|PoN5w>m!Pt)X
ze3>D%+>`>1F*%G6)crNJXIHk!TIq7N?qSnV65&b%%%S7Gz%W@q+i+G;B^_v3m6KK1
zBn|$ug~0T0Mf&YtQswBl)IcanlQ!z}3pr2o7f19!tNzSDTz7_a(F^I-QOkXK+A`g5
z=Xh!C(mTx*X$ds(ZAS|3)~LZn1pzTHyT3St))#MIGx4Pbe|ZjB402^+>-S^?*apJv
zV~j_dU&XV>H5vlj<1-&tB+|~LOY^%5ee$xAHGlkE<Xo3WM{lB79;^@`7n}3K<fv8T
zdEXoXK4-%keRovwzu(O4kJz2a+N8+GWu~;n#K@f5vH-3Fk@dG%a}34rk`>j|iO4$p
zwDPZ*c-Y1jbYmeYAh{aK562CPjp}+sN71){-MFj%)*-8>II4<?42y|oo6-2V7;#4?
z%#d<Z*!_m;ISAzCLvhK>SaC*VL)P8nCwnK7G#uB=!QRM->1yQHE2y?|IxAlz!s43_
zi1w<U{NqeSk{zj_aw@8WxRY+NVT+-X{!AR$iOWUNQDxGpZ*$(CX0`^rAAsfC_QN2j
zqN9QHcytOJ)FkD<&@GvFyaIo&#1)0#>*a^BPD>?OsmK&Me%O*vL0MQ>CyA3bqZjJ{
z2Eh2KuTf~-iLvR*4UVhfJ4!YRL$3irZ2aLhssBo<9R^51*=E3%)Kw0zR5?$%8$1bt
zJ*&%Ft{tG+?530{Oi5AGiHjW_*3b*~GtV6}7SHB<n)F+3q<}{i@WFk^8X=AEoHx#D
zDfQL#zXn4b22azALmcrBS<&;1#2F(xJVf8qxsFPPhw}VzQvE7)ZQ#b)8;EA;PycJb
z|G;2=P+B!D(c9>@3y?baYtoOGoQ6h1S%^%3F|6CTcng3nAY?$@f%wte*&q*X#Br%$
zK+UD^#5)-Ek8w2C6Dm4&Ffl*ckNF05gt0vcYXAMzP!N2#mgaoB|18JKTT#$bgA>fq
zmOY?B%j{;F$#^hCf*8<<cGJxkC*c-CL_?E>%lLkfjLPF+(|j-hsJmT$ngB#Z!W?k9
zwR2kc5v{+t_7!sJ8@#RSwpkA8T3`@{KQQ1#Y3O-_s_^GU?s4e!GbPIL8El-lsOtaA
zuRsN^*WTd!z!@ETM6%4Zqp<4;^50OJ{hH?}!!^8v_cGH~o=h{Fttj$*NZ}YM=WZ&w
zw0A8wUo@U&W=NoRN*q0n7XRvMvDs`>(w#7%l7AC7lS&|j1aY@R5XSV2F2DMXMACvm
z66<6@zxP|$vX0-uwWyvPEHomSgEPT8PsLF<{@FS=%7);P3xBS*8LB0fIq?}AO6V^Q
zvgu-V`@TFGU526+c=fx5G#g3NxFfz3c~*?MQ&=)1$w0<xZG@Q|tK(C>Nxk|C$Ic{Z
z=tb(R22Nm6P=H0a^=k}677uu5k1r;Z5CH)MensxZycPeB65VXEvwaia87*rOUE0s&
z0Fd2cV6FE85(aAcNGwT0k{CSPiyXV{1gVE)Z<u**iMa_$u096TflOwSug}XhpN><F
zs(B*x6(`OuKs=~2iaBM)2vNw%$+^vA{%2aZ(~|T^^w$}MGUs|f+4^Z)sRi0}JjO{{
zz9&laqtDxV+BEl&cr-3_%$=lWO39Rt)iO-QFw1)d-Uaeb6LulV0A*7I(S*;?;FM|K
zR;OD*adi;PmtvDmM$qjn5t-t6gTA95!E@=AiavqG5JUDa3bM+(i8E{Cg^**Yz55C{
z&y0`f!enwwD!L?t6O{AZtxii8jR9f?$u)TKMmrAh>FP;10yZ@H&R(n%V5oo<|FeP`
zTXAh1+fgHAT!4MIvIA<abh}HJIiY8vu9m1OoHlvut|A#}rp1>{lc|h^xH^IaFKp%z
zhlr7|O0#ogrke{k_L^iq#MB7cY`6CU)zC;mg!uz{N-`-eGfa(k%dZ=wEE!x(OMx`~
zm-|!nw|ij|Rnp~@A*T6Qmt}peD`GtzdeiQE8&mV^gE`418*5nlw+RSHe-#%&Qin$*
zMgjA{J<zH4V-F|wI$i?@n_0NWSeHSLIaTvArtMy^a~T%>k3s&9Z|h*ad<7go{@9L~
z243f>8<4kTYyE7LO)L!V)TfJ;s?%T?o5YNq-$P6?1o2l$xX?Y0+8*19SpXyqEvv(P
zGgSk|J#*E63?Po>cD&XCLJ@U1JAtR{Nht^}n*s3@5h`#Q5&}Uu(z1`sFiXHgF33#7
zCk1H1YIP(-Y-(PD!UW!IhJy)k9qc2brY402*taHFvAwp1K(pH!h)wPjM$jq;tsGC`
z(fHR~<-+)9v3*Qe&TX$olA8Y&>-vd_UHNx+c=JU6{5C(it7NuCqN>21F5rP7zUPpo
zX<>WNa`;n_)eH~vb>P>tnXt%vwNI?z6Bqqil(J$E8MQV=!k<Z3uzM;?br=G(0wIJJ
z_)oji{;F1fE7<YI9{}htYJE*cgohMNnI-ZO+@lzF=`SbES}2C|U9EeHaM+JCYT52r
zDEooc0)conO!EqnY$yr6++yD#?=9~m+fIXX-#Ijb;ibKdm4UoX$O7|QOS|~wyX9dw
z#_H?vjxw97I@{xpFUP{S<bm~n=L$Q>NHE5!OgD=8WV4fP2)zFO>G>GOc6o<Cs3q=7
zsZLZ_MlDtKA=m@kD8yifDO9gnOyseLfPasX>-qhia#=NT*W0{F3{u$ylZDRj<+`Fi
z@j{5;ecTK*4{<X>;+}o#J-G;I1`GrO=09(il0h?X8P6$C`XBS%u1<eQ<QUir$UuwJ
za=CiBE@^5TmN08EIsHdEfSvXHrLVg08pxpk{nWvp28i#Tk`jftUvK?QDSJ&LDbb~{
ziW5nG9z`mS<A>~k_%FWU00xES6!M4h-<>|R#IcfjpsM6dOl9FDuFTh?AIG@BBdDnt
z0cVaNldW%OfG@s!`{nAv;&nt7{AZ0L<td7{dS<i{Wfn`lNwz1HFyvU?iO{(D(-T%&
z9C_qbpG#jTm?`oh4IWA+lNeoElPfsR(Y97$Uv|Y6XR5f*T0jA!MsQvHv)^ag+%8(6
zDiRUhyo3F<yfr&70Koz*4gti7mBDwqitLRK@oR2RMrG;0X@5wOzI2{1&zL>H?H6>9
z=Njux<-g8U{G4YQ+_7AIzx|$Mh=WV_KA<v=a8joJB*eHB5m{!L0z-dX+|51eH&%yy
zy@3MWn{23iZzuDV)O{?|bg@*xLOg&L62}#I^O^m50gIRjw1EAO&Vcur_X`>tSII7?
zeehJ%WPz<Lz|YD|p1=s^?c6E@-yilm`1RwiV+SHj-x_329H=prf;|vObW**K|7Py<
ziHYlXvi$<MHYc6C4}R}%UZO&S0I(mLk$d&O#Dj!pZn5?4yPt-t-t;FDARB27hH!bY
zEX@dFcwHwTW|{ACd+KdwPTav#Sg@Yal~bUx_ys?et2kQgBI=O%f~i!TZ0iXWtx<i6
z=M`PA(-d*{PAb?Z2)R|YNR54c2u>j?n0v?xBK(ND`>c!fuB`uqx%`LQ+4Ybha;Syt
zQolk>h6br4TPQe;3I@WatXl*GD{XU(elUPGS&Db<eVll(_#f`zF?de>3!Gd}U)Qe~
zF6d6_0IWsX_nx-)(=3rq|HESZ9~>wj`PCO{5xGNh0I3BbeBCewJ+MZJ)Q?)4=fB(S
zf58--K#1so_f(7EBYBq6|K)G~2Ph&MowO?Zzl&!7AkTvQ7U|*1<oLgO5fy~Bd1v}R
z^v?gZp6&aOC}^)xCg1-hs%@|^^B-L4|EEA)0LCiLEBySW<^NjczttdFeh~l1O8+Cy
z>HyZ%x7=s{$4ue>YyNLEjMYb$|F^sUjGiAznh)Lr;TO#6{r_6yKgu=rmFE4AcK<65
zj|WUw&vuJjy!L+^51joA?!PF~|B74eLRkdX1nv+`<^KPb2ks2}4|yfrXVpkLW*5A1
zpfuH@Nqg&|Q(jxkWrP)y${8R3jEu@l2@D$)6uj%mwO8#($a+$M;t#tMls9N6=BmcV
zi$N0<jOU=P@o~qis@u!4Wz<YOW_aN1G;j?CvMI01vjw+d*m~#JVHFWvMen&Cze{u+
z8h$iZ_ma9Y<(#g8(ZY7h(WGWL0TZ7uJ)F_I74%|wYvs&oaAK?}mOVLb<=$u5c(12+
zrw5F%Z}h}hm#FaS+Nmq+{(hm<R84!}G9c9PWMoq-8vc(Z3oMEXxcdIM@xL!$&X2SP
z!+`=}mO{VY2#P$|8MQXnA1$WJGkzMuhk~{aOFkse{sTh(xzpDgVa3KKuc~~D3OvAy
z`3*rGo{=)dw<MO%yoYL{AyFvjWGvqj&XTjD(A!aoLZ8~2a1+dxwG|f=OLMn&dGwE7
zAmugvxSboCK}t%FT6KVl@68JhR)a;>o_KiP1)N1EB(9^-VERPzl_XeX;YG*N`1c)J
z>K9C+N2$|g^&dP#*P+#Kstu=q&Uw&kHKN+CH;a@9x8XOHzN40W&u`+tdQ8CmYO;(U
zGx!iX^We2pRaaMnX&A72g1LKA;rFP98s*|qH=KXGNtiDH6&6F`iD*>$qt|UgZ}wA<
zjn7j;-7nVw@ZD%JA}*c!A{f8oA)Z$c_GBqDnC=qO>@s0WrPT{c5%`I6YDJfln%dj#
zfX#|ggFP`A=^{i<LyE5B|Hi^rLuj&G%f7!!=qAD|hUS*~w}&~QK)j?LiFQwm4<Lbg
z*uZ#J=tjUX;rc;~wnG=Tp(0~R@18<99KLrSZs#-ryZIv%BtIa<HD9$Au1I?$(mM`9
z1^t@uYa4Cn%i)Tb4TENx<z#si`iQz2L7_cqx%R@(x*M{Ov0g*1eK3fj366+-QIW75
zN)N^wtRX&hHQL)T4H&_Q!St|T8#*2r;~RHFGI;~YIMVB3#&p@uQ$D{d)}(*4KqB(-
zV2H`%Qb#@S&5aU_y!(3E+<ZTIQY9e#MdAL~ql8<)egZ4SJrW6`eLelsxI6pI`_t<T
ze(mo>J7Fz4Xfayn+}k&ZC=ddf>mTjd9Mq6A@HTza=rGFna?tbB6>*7Dre9=YU{W+P
zJ{r_Yy|W|eci6#d&ynkWtaUj?Um&RW5%bE#wk}Lu#qAGSOXx*)Tr(pIbrZY86u-MW
zJV1B>dl{d!bSyY>Z0fPEw67~<OJcdAuP&+i`ng{3au4b8I;@~5v<I-riq*9Fa%8^l
zexbjdWRR$DhCto+z)<MrMbMur2;gu>;P-T=t;KU8u)}*}oR79f!Z`1XM-><XMdS_2
z>2%-AfFvBD(4PrkqQ{ZB`VXmS9M~5qzGmDXU8_Rskc_lztfv-1anlLU1JE`&?*dQ1
zAOH8W{S2wuWI+H?y6SM_t6*qP-%R45q++(*<hhvmNBj5??sT_7)6^1~nR#AGQ5Axx
zPK@1IiAN(fC9<2xt)hf$PP5{OR(`c)7+g|eM$ocEg>DX8SP4EYQ#56-wxX}c_d`)r
zIdb=pq9z~P*u<EiJa8x|y(#wF)NaHqG6s&Y;ZzlRm7_XKhM_wfvle^ZzkFJ8Wy2&5
zz!RNpz#Rf6y4wd3qBmGF^w{LPnxigE_d8a5y7{ks)>3d#myL;uSwYi8=Pz<AGTaSR
z9F*$Q31&k{NvKQmy~W9**}qBhe)1U1ERDo8twK5jXeWF3S-Z4=>|yZs%3P}fdVrfN
zo~Mh3hQUmWEtG;qU}81g;R+|#nYuPTazn{lR@&rnL#(CFb?SYWLavqU*Qd;wu)75<
z(^J7|{_L5XI!W{kH4Q~PuND=Q=LKu3H|&EGnm~$<6TGrapggOcC$pIk6TWVe(c)K)
z+p?mwTC}AWI$M=ZmbQ9zdEa(ymZGv=K`yLiJng~ytId&#ISC6*8Zk{8HaILIAu#<#
zVrUQ^!*&W-Av+yZK>;$<^MNQHUo$VPZ6mA^UqQkBzM)f>{j&k&fyiPb^{WFPE@&-w
z+#77~Xjk2d;oghD{?*CNz^B4?pNKJk{_RCyiu+D5O9wd-^IuZCPCFzV$Z(}L_PHgY
zf49=Ef|#ItuK>E8?%H2LL2^KjHHN|Uye`(;sWIovVk#vAgNUaVHp%a%6R;=dFx~BV
z99-B`d0$A4op+)rt4ryJ;0fNCu1BMo??VZPB}5fHFSxJw$KkcFY4IKYZl=q<)<v-Q
zZI;%9@1LxYM|=T8$)9b_HYU*LOcY-KAE?LcElBe`Uv{s&CEOXmS27(mkRV&Tu9wYT
z$A#FJ{V?KSHLu?9lif89{o$#!+;G3*ojQH}7@sp^&YD6Y9v~-@7%g27^T(~WyOB=E
zt9)mvD#G{YtLV<{Y>-wuC^r}eLcR~8H!{Mn_X5PP1cjdXh5_15)<Ykk?*j<hj0cE!
z_;!3QH8(W7-?6{H9g!^`Ro*@l(-6&RLsnVwYf%lE+yT;?PFJC)BHUk^_B*h3L)9f&
z?O^zEG4QaCXR}ofH@AkT5_)95eJLD<YdwWuq3keNsS`#%JhtT0$WhsJ0)}%l8&s3)
zy9K*wD@|<NWLiv~^Ew{oz$meLN+V`IeE#tA+(k44lvESS<-u>gKUN?ci=**30nzpY
zQCDwh7Qu=My^!vkK6Gy>A2NP3{E&Hmq?s#<Xl6D;-SOKJ@M_>zFz$P)GV~*SFI%y|
zU)^0VgboB4)$4&xODs%>^SJd@g=j@~ACLrC55#ze39GGM$hDn5NbiZYn=9XGdhs{Q
z*FubzX=ZlAwk!Gt^Qzq^+0hlS>Ym_sFvE5l$ho+VsMGt-zc}H$zU8X{bY*`uer|0I
zKZ2<wqZw^KgW70uPHlA7(O7^y*BnB`_9iw6`{Xe5g4R%b1l6_BQ>Q*rT86eQj>ks|
z+1gLn?18H3J(*_Z|8vn`KrQYZ#Di0GOhbeRSfs@02OD2=Fq#xy&E&@Z-o0n-U*qe{
z*S?JQsg2s3F3XFb`|$;u!VN9V&P=PpZHWYtfR@5I7k;k&9lynOG`8~>1kr)39x%I?
z&g{wz-tL!v|33I?bA|!ee(a{>IgK4*y^Qg~|H;`wF}nMec0I^);}`f~--Af#|Hw~&
zni4hVz7>R6R(C9l6Vg@9m(K4CQaIC&kr(qr$jweYd^$=HS~e``^LQqK<s}Zo?{^Ju
zBTe&c9SGMm)nl>Y)c9;P5~G0R{4Q`iH;U@uc%vHQf39UST`M?UI_z;9+Ujth;=bEh
zk;M2J#BzH_^I|wX;uGWZ>i2lLiih8k7c6npjqKR3hV}9&>C;>bq!9Z?NbdKF(J`F7
zo5CR=Sdql81(}Rz&4n_R)yN9^vgt&3ObZw!9lG3F(HB%c=HB#qVziND0AEVg>~P^P
ztr=5#>SBKfHlhE4x#{{suSU!LjGM_{FdmI4+v#sj%99vPnjZRmdvIJi;!_lhEeY2a
z8gl7t#>|U<d*Bz*He?IUC!)<`LFTEEdOh*nsu2H2?@iBV+hTEj+J(5C#=elt4z-;S
z2)&=LrGLI5LP0<84v*T8mg(0GMM#Jn4?zBiyqL*vdJQsuN`LZAJ5}p-XKK&mXtwVe
zZrqcl-w$(Oecw92?*8Zr%Z?+&;CuiZt>=V({P@yjhJ+m?;@<QLKs<?vU1Mx|Ex2kn
z3<oPQbcg<QGs7U``uD+W#P;>fTTOaJ1G=48cK0y#PMmKsl&`?sP6Uen=#oGGK|njS
zA9(TR^SF+6A3uPy`7k5l&$;JoHY3mW3DBZtSH-aF|M>9+wePwk-}ZTs>*9CAGoxDr
zLIn43L?vE6-DxPuhcP^LwxZyq<{)M%L+Y-@3wzmlXUH6G?E@U_44axa9hrrZ?qnMu
z3;j1r9hAtoL*)N-;y!VV3xGSclcu{z4HUerA4=QNpZQCN)+I<MjFk3JY-@I6Teg~^
zBzZu1<D_bfFo&_WW{1hfM{<7T{MOJmA4qfU0i`?Lj&(;RH(Tioo9!vgGr4&<^oFS$
zGp1~3_i6y~uJeSH>wC+tX=OFr=<RLu+m)I>?~%!_vl=o@c<a<*+0^4Hp>vjVGUyV0
z$H?*>=JTZ;a<0}AEK~Jrq&TC9as$sR(Iv_6LIv{RNa=-yeKAT@0+|2%UcC6|xQOaT
z7d?yCCrv#s()wF2&}kQ4(k3YcRoiX2>1C9d@*PZvu^5pW=HB6%&Ao8Nwu1BGP=0K?
z6W!2py#9E>;D?ceJtAkJRzJ<)x<mHU{gdK#1--lN(LyNemGP1D!)d*+X5{wS4Q%21
zrXo$hPfbLAx8Vdk{b#LnHN6Ex&B$LYJGS%J61)8pFdZ!ceNl&_Q9OZzV{rKT8Q^2T
zcz4-*EY#!b>7rb0D<mO!eRpA8{{RhUfGXCx{qn;1t{y^SuRvp@;3Fe=mU$p}O6|;o
zVDv~N4OdKSgYn>@r0w|o#o?v5mfRPUyU8M?wiuM+hWjERCvoIJUqo(4;KmEN_2)qu
zCfLp<;|V<X)emyBV2bgutMP8XsBSlT8`NQ$3cucDz3SCb0eky<pH9d98rmn$Vv`U$
z+ppijr`ZP8DEQTFw^A9f#3z3mp0<-4Q=|0;RdTG#Y9O>{=<&UT=`fC6vscTDtU|SU
zBexM?^)k!NIgU!RK3w_Poqm5N%HOz1i^B7FNoJ!t$#)lNkS`D+GQunnN44=Q(pDvf
zD*%8Rqh3=K`Bji7vM2PP=kx9<Q9hfE1msFDtD1;rRduy!quEq)y}H`)0T5*uI1G<}
zXxMxv95MU4Zpsm5CnGXHy!nBX<w%&R$KjqtJz13^_6$w`;#eQHwo|8d<y_O(8P>z3
zF{KU%WE$diw4U$u@DKT95pjzyG?Ki$MT3k|TrMRI-OzI;QMQx1!fFnBd9iL1-7kzS
z1wP=nlC@2_iSboi5hr2q>+dQd@VjQG0h{$Erh#_3y28T5x50KeY=i%Ysdo(0qzSZj
zr`^-GZQGo-ZQHhO+t#!-t+#F4wr%V7ckbTj-uhjUl~IvVk-46=R>c|LpzbWs>~zUc
z(|vPlZxpDHj;3Hz>~L6or>vB)4@G+-Xz=?)NP#~MW%xkseaf{CjFJj+UiFa%wwkNE
zI|mQqMX#h|ct6}3Sw>u?CVcmPsAQS9yM>Q#4aB7Y3o6jrObI61A4%W>9<*a4?;Key
zG9ss9?TxR;f}%P?m^ziROto`s<h|uL^5qF#oyiQl@*&NM0Ap~{^wUil8w*RM#ZLns
zrKARD$>l4ZF1TH~?bvF%4v2lUjmXNNl+nSWgjE#KZhCwOAardw@H}6@uE#1A0#zLR
z*cq{q*{<MV6=O_yT9G5gw(ckO!?U!caI%KR9E9j7n4wdfYdxc`zim}T=N{spm1Dyb
zh=nP%-|8mEH=<8&nmJmPsFM+)E$r@}bY|ADf;-pm?Pt632QHT%`n{(4Lv>4YLZNLj
zV)L30s4g>cIFa$zz-^MSUhNINK*`Ii@Qw><jf}JS()rx@x;~Gvz5BQOuKjwT-QWuJ
zH8tcS)+pL1gLK-TZ_Cm_g~LKTLRb@0OK3IKE5RhgSb&Fr;7G<f24jAuO*-VrFC9h2
z!gQ;-;)uKN3c;+Xq5Wz(zTb$khTcpzY*oE1$))myS-^dQ7wPwh-waoe5)|b~utf57
zfk5*jTD_m?6nn-t1qMDE0(@&vIKdhBUHxv*$9n~cY5KQ~4j7Mn#&a;L7^5`;oJ+(U
z95^x&25V2eb)aBMCx>vNvi~x;nUiO`{&goJG0nak!`}+;Fb5m<s|CZqhG7v%LB2jC
z-k+8R=gob1Ti((2UD)~c^no=vY}eh_>(5oXyH23jy{0Y(^D~ar9@viTE^h`;#H(Vw
zFSVz0`GDhfd<jA^q8!0I&JnsJ%4FlDDDF-Sn_5N&T4>XQzfJuJ_Kr%z_SOKTNq|_2
znD_{%yJ=vzP7t*qj$om~D{Gp5e_-wHnBOoF%c*nrJadX!lLveJ3U2QT;0AfaaeJQQ
zHZsBex%2sUQ7x~??HJT0S4-R+L$H;ni=8$MTLK{9|2qDUeRq@`f4Cxt6LRlf-}N60
z4h@@gm-rz>9o?{ncvszsaI%_-p_(tFV0ef%Njc4!2%n2h!K^mcwCmpA_T1q;lW_*0
zxiF3fB_kf6Ye*XHmbffD;dS-xp;-Shm?I3ET{z8FwL8PT#b_<ck#Wc7gwb=U%p4vl
z{(?qon#q;G+j(@Nnsp0vG~^>cxbxIGwI6}1r(Q7sio&@HF!RX90V<rODo`B{2mpa7
z^teB=M0%lyvZ1paM&f$vyD8{o^w|({_ug<fMopVft;W#vVFI6y{Y3JqX~oh}$|Ry7
z!Z^)ZHuy?(u~$vrnXjkcPx}B~;|L+VO!L6-cE$H*a--CA;{rq1@di`e7m`;b;27;K
z!b3SeHh6!!ya^sQ((jgi`RGhzFxkRdm;tvO3P!)Zb<46B?S@8}+Gp|2`t#RTB!@q=
zZYQRA=NKKIWGIUYo6fa1Q$+Vo9}0F=i94_2#TM7>_)6MRn*-S0JSinBEtL2DpZj!F
zf{JoTEO}mpQk#n?-?UB^iw%|}rHYEY69&Wa^6oGI!A9NjIM*CoDF{8!69xO}NWpv~
z>^RpKynV9(W22q<76Dd4Cl-W+J!pf_r*~Fjy#mjNUYL5_w1d@!YpV0Zl7tniK%mon
zsLZIOCnc*n1)GD&L3LX9WQ7VS%2cM8oxfDUOF6piMYZuTst3Ea)Bl>iWFDLzA3xR?
zXS(Bst%7#rK>;59=)E*pb{jUqy*_E9!3AQjm1Og(xM4P$9(p>)6Knlnq<nf4vK;Rh
z%s(M4Bl+59cejVn6Tijk6$R5l%+BedL!mb(Ei=>#iW{%<&lrvb_}$)*q%Uh%Lo<r$
zvs7BGI-7A(@B2j(ZKp|A^`^xbuj`KA!Lqn@R&+)E|7SUf?A$DK#?t1sJ@I1#VP3?T
z#MgFzVFiK1_GNQAE!-j#HG(M>9r$?F+EKkHW$+ri7y|Hu+jB9a1eZ76FS~YM%&nz_
z*EUyL=|MU}H~bmpHsQ5YFx%ib@H@F=2S%)>hNBvZo#uT@J(9$g=j=OO;_mI|UrYB+
zwQ766b7cff9N-XAA{kp?j#|xC%rocE7CEnX450wmli5-2qH(>MSz%7cn;zy8US-aB
zV2)cZ8#12#2v9VRj=bo<I-v*_foE&VBNqLYH$iG~6?4ccoT0*LE(&`{(;`zXWK(}@
zT>diVEiZ*1;-Ah57PD)^scn(|u`PjJI_P-#(8U362%3zj_%NQ)!1WSBG?MgsQqXh4
z*}u4fqxgIgS+z4`Y_h|vRPJx?Rz?9li@l`EP+5GT#$g5Dedy%aKt#w~`WM*KJ5TLj
zQD2>2gj6FTRf6zepDWlL&%tObU!51S#$FntFKRYB`0Pz4NPODlHV5Sx&UC`$#e02(
zKJ{;(s2E(u?CjV#7pz_s=k*nbqp^*7=NoTM8}6f=<_QQQTCE5q4x@f!UUK^z1t2#M
z=`HsClf?FjZm(p)S_%EQ1<$<qXr7I>(LPodVCA-{;zEsP#_4WD<7Bnfa8KxTlw;lb
zb)q~I9B4(?t+9ePN*M1i;vHXW#DM*PwAtq>Fvv&c!h9waxmaIh@+L{)6PXsnr5kRB
zVmo>gh4=J&a(FXcZ|JF$1)Pj1%aLvgePWKP*uL~r)2yC5gg7jqU@W$V1`be&)Z2O*
z*9>T~?x3#*vN2Eo5Qlu3;VJj0Pjvgwo}|Sznu$Xf_5Y5CPmt=4PEIlP&nr$voaP9S
z;dNwdO^uB#*}iY5UnO<-Q{2<^jS{)tsWYM`i8Knc0I$z!exvs;=NVO8nZ)(I#-w(_
z=wWM)#e?fV4oA9Gy4}B1vQN0(xDit$ag@Q>MbCpdu!hr&aNVFyZ=xIZ>4-~QFCx)y
zd9tFgh&ApuT79VRA}L5*&Vm7D_PML6VT)EvchYp^MEjY$1GYMd#=FLHA9K$a!X@0m
z)mp42@p}RWM|{Te?J1dSSZuO@MQy>2f4m^oYb8WH=}`?|xnra0n)R31=31#UNY(pA
zb#BLS%0x)jN_!@3rG&neY)bt}8_m3iM1AgOew4l%ouPtC<$LWurM4)-MHI>RPQnW$
zwyVu4$UZ1-&X&W>=aF@1$BPsPa6>P}swWE-zg21ULIB0F;ueO3Y<QisT|QJc^W*gf
z<F1X?n{WyS?{-J=^il^`>!D5OEwg{N0uPpOXIp)kv=<gsQqb#dGR)_@Xa$2hvS6Mr
zR|6cOmTWZ18ekuxNsizQ53%&Vx_Cz@Tnc<Fsp&+t<P$SuaW_KN>aD2aZtHIBx2>($
zb^I6LY+64q|M<SSRvj+WW_Prd=d=-z>G-p1xfab!@Fqy}IL<xmU$(`d=x><!)?zuI
z{t@z98&Oe9)t_I|G2g5q&O=3Sw%v#vs#ZcopK`s|MK!tV%O!&6YL?lpCpn<zhUI=X
zC1T^lq@>*&jl#`nXWvbe;ilAFo1tog=4zBU@C~(e(Uue#!u#mUnLur{iMCyU*=%#$
zW%>(NBEq>+^I|tis!r!}$GJLaHqlSIlUxki6l|+c<ZgVu6)<7RZ3EJ(FhHK;kv7;+
zXJm)A=6WKIEfM7@3teV{_AY{$)=#`2KgWg1XdSn5@QTkG1o$uO9$@qzEsA}mHFt->
z5!XkS{XP@ST6qe0?d8Z7WI_GMW9F@;yjBLsRN|8;9V=NWXoE^yUk;mu+tB!4fSZ_%
zo;{$hx0iyv#@9~DiK1pcW}N0^QT4xF0F+5h3)EOF<V}2`JEUx~ieV1&wQoef$aRd=
z$`%fH0?O}b#fqX^h+d_#Sn)#7Zx`{!rC4YjPb%}`es$^49P7}bm_)b8pcxWE^ksUW
z5qpl3r?<XtDx!nYKgvk%Qs&2MZdnSkS$Y{e1)X>aW0PSs4=gUT)jJ^*_Ky@X;qAq3
zP&3jqGa$nZ^3A@G{av9PYmtM63Bj+&M^Q;KhcFR}T*1NG7OL)ie!R6J$6b}*8QeN-
zAMPu3c&XkYmu<@OPS1mPiLYajB7ebt)~QkP_*;HF@F4AZ9daYqK}wvnk{$6!OXv$E
zhX*1VebI-d)Wad(OycEv4gqM|ehxl)$^IK+a-`7bzf%sze-zEg8wAVn5dwK7c)Po8
zW(k3Dndkpvx*dH;cfDu0RH0G}P+$ZG>$R^jY((J9V*3AEN-*;S+JLo!x_DvJIB6SM
zH@u2C{|B@M?8E<{H(bBx2RW+*4f7=2B3*96{<$MLBO$fo|D}!r`*{D|^xX0?f<^IU
z9g4ip>aaI{i+q<<#5X`nMpl9RL^`D{N_xis|Kof(h`?_+&BTG%*GlTajV;^0*!`if
zLFP-QlbIpK#UwQQrx*40^&iEGN~DdfBnH)lw|CDTiq2C1J84(%?^#)BYd@C4VM1Ob
zwUcR{?u(~&J2l|-^V;q!{v;XD=CU%1?^f$!EMUZix%v4N0?J`)^Z$!V1NcFJ5El--
zrb<dm#Km_sBL1pW5LfF>n~Fv5IB0LV3&oqr&DL<bqb<j<Z<VDAi;R<X+iteq1}&LD
z!o!Opz)RXt=<&zbGLEpzAKL5vhZ+7~3VCBjD6g#z<D0w#Un{#__qiL7hYu>EjtnHT
z@gwYpCMTmj@+!PO?TjQ4t9+z08YSnG*&&?usN3=|1oNcqVtgU;eT}eZ8Lgn`H2n|6
z{0KpaZ#_1j2+`Dkhvo(KBdaW=gocG3OeB?x&(5y8Sj@a_k6LfG>5nHA`p|4n$9Sbd
zmU}!l4GO)|o}&6`iy$N>7NX5CEjBAG4%{w%%b7Z?IuM(Oeh~@Ume_GasidJ7aFzAl
zOynuy<EMvT970Dw`+G+H-|BKBAkgchprPT>mx!yxTGd$ns2I4$cwaG#y1Q2xl}o^d
zm+j*AVW^4?V`B?u`+={78zJB$LFN-g#KeoHKW|=`0hyb%UTwY2rShL1GNH|IEUq7>
zjOy$bD~9W53Wo2x_{aP9_YiH%hWPG1llRx;-L?zFT{G=)f03T(?RDC#uTv*=_Ztd2
zd>4YAZ}+NRGmRT`D11Bmdc*jq1J{3u7zY!$khHv}hL0d2?>KgN#|dJ8e>IHV_d@p_
zWGm}|HQ9am8adAM%(rU8ML*!iAC<iaGz0oz@Ke3LVvlAb_la`L;~m$V$As(Y&|`Q2
z$5-g3Jq0_C)k{pf`{yf$(YGJxU*;&%Pxhoo)EE*HLiyepACEu^7!}(!$#6bfC|_wX
zgD26wWB+*$yQ!I%{W(a{%~@rw;l{ZU<H3Qb`&Wv?2;Flh={?Amh=@p8*_z)CB|WWx
zghfbq240s68fwZ*?csa!;$J(yC1thz@Mf6Bnm?%7*rbCZUoTuzEgxm=$*VsW1~fSj
z$~iadzWeDIQO^iBCWmEZLSp8;?bIrhL5;)ebq)A}yMIW@scN3gl~4b=Jd;652MWe4
zh%}{ie~z$zcA(ma=`22Y8-#4$Y&KZYyZyfg`>(IYI1I1eEwohiKccU9lXnRyu$H&n
zskul*u|(vRbjpX4+IXk9T><H;>dF_WPamYtJ<)$;MA+~;oIrK)`IDZEGSWXsIW`zB
z_+pb}jcwmC^(J&IroPf(&SfC{M%P^*GSCVphvE#et#0?QHQ5oTgy+d*Q)NW*lRCtV
zCcolr%Qx|24^pdJy~u?Vx-3sx(>uJ8#$G0`aILzAjpDlfnY0kbB*z&J^4#{O&O>`t
zRQ=QPe4wCx*FeJ-gASfP89g61D<%WMo;3;V&gB5#{Brs0hu?-7(Dn9r*zTu6t&pzj
z3P&*gIq>{Jgq=zW4WDK_uLH;{374XEI3Y;bp<ij+5mM9EVX#u&LuF=qLYO7wR>nwp
z?v^aFcKCV_z_0S3r^hgV<R!2~yYDD<{q{UV+WYi;3_HQM?eje!i|i2k+QzMj?5FpO
z9JWp+-0#cR>!&v{vix4bz);y9c<p{UF4OfcRT1SYNJabJdN|wR#RTGZ?~H!)1<7!t
z$mX!YyifN7od3jed7nVX^lW1WRLM}+xmuy>;<AI&Z#dzneq{!HZ6cwNX!)iGkn4Hk
ziqyyhIAXURX3U*i?1qhMWdvmnU_&?2LfLik0zC9&hB=p;gpwe!k7T{E_lNv`!#|62
zUW~fGbjKB$m7=LXoI0g9(BXqwwAayhA{bPA?t~oU301DlbTfZEHuKu`Yg%t5hcP;#
z73vV1Qg;7l|2kK&UQ_kIDktA9jHeP^(!YI<iqBAj5sL?5%k7wb3dS?f+knCL(+ocB
zz7p0pgqq?l#SgT3RCSUj{sy*8Fp8Ys?s61@MAq{ybcu?MRpn+dLH`>}IyJIf2h=dL
zRD%+QPA7jnOsmO(KHbR(q#&a-LoyKYtm}>yBioMhqe*jJwY|_tXK_S~=h#Z;F@Ptb
zmF(^+(C?R+;fbt`QDSg=aB_F#^kssq`)UMe*>=GzY=ZCorKbDiF@+Y5b&pwtaSJ)r
zc?&*ejU7Cy)MdOW8|`!Fdm!dISZOq@ufARLVtS;VtlTP}(~axK`$g2I%?E7P_2|dZ
zE<};*ek6iYzI>~x%zK3;Ow!yhG`$g(GOycPW#Wa1v$u(3STduX(24nt`^;I>dj4C*
zZ8{Zgi8lz8W~JU0wM$PaP%O^}j2-qQ7+%*0`VwL@a9I~KrtCrQ=JiAGml~L^=bivZ
zR!;D@*S*Y!&uRw7{YlbFvWDh(Fq{SG*Ae7IE+g3N=6m6EdFlQFoD8GOn|6q}$rKyU
z+ewi)&nHu~$0Mq?n=E<9!-&rf%XL5&=U<l773k*;7g)jFV$M-E<u;m?*ZXCF--8y0
z^Q9ldQ3@kRxd+%)`?Ca!s+W9bC&WCTUbIu~H@q(PJ<M1$?cfI3Md{jQ*dKR6q`siY
z+lhVnz5COKde-5<db{q}uFd^=he@Ii27#*tZ0c0+FigG4zJ(vaI@z)n0PE#cZ}<ed
z@pOW5v09Iv7mXQmyp_F1(3GLs-@I+Jj0hpvgRnM$Zj-h9h1G}E+H~_dpcHtTG;AbM
zq_3=!+K;pVH_dBLPgF+Me%O0lZZkHRc#U==V?}&d!J)4>-|Tt{4=`UrK3Oknu)KRI
z*UJyiq&6EQ`>|ZWE$i}v5LQq3y~}L|K&tLW+D4%3dg8URQ0W5fdD*Pj;jG?MDQKs9
z_HY;7&w{*W3UrX2PZ(hICSQ>1RuftsDDRlZ5fqanYP&~)1^eP#pUf@_bTpTbcEK0s
zAeGfr^FJek7(V`Cy6<+&6^v`S^~=iStzQb-@2k2;xE!M%==TP)t_WlI=TDVabkLF@
zE$g~)x4E782WNJ@Z1>@4vo-SXy{h`{mE%(2+<i8<)1%o+ie1YRs&m9Wu`RMKBwr8y
zn|z-s(C|XW=PE;d@gmwW<j>`G1M6!WG#Hx5u-B-pf5^%h0X%~%Uu=c5$XP|VT45lS
zgGzPoOFZBJplOjZ3#xRe1lf;@yoOOM{T#~*TAXm24CnVa#m}66i|V@706*|Qe?sto
z8G-t4s)19p{xQ>WMy2C^XGw8&Z9me!S|7BRbE*DbAVNr3LEPv2_=WHN!bj%!K)2<|
z3GYBV-2+|ACzx#m`7eBo2J)GQBhnWWuk}_BaI|%7uTc90c>D)3TRuGqIQUSSt+oNx
z_5SwxxX(i`QgQBAY*?IXYr0(e33dq}zKs9p*17@cH?a;X)po>Q(HbdNI5<aCw*A`Q
z_QR~4<Kbv<)5~@=6r)*fnr$!WI}<DtZE7Z)^TqzjI3D7;z7xQ7e34bXS!0n+YKLmk
zbHR$dv+b4~=LN8Kp}sv`g~aN#899}RS*&EEU<n0z2l)>N%6|<=4(jX+%X>rGEK|vA
zDuQ6A35UU7M-OS!txh|5XkKW4c^n6&yA85pu(}e}R@XTJQ%Jw3NRdqwP}I}D<t#$u
za^?BscHwrQ#eNAC=$5pt57x-VXvdh}1WLp;+oFMo{QGIr6Ip8>?TxEjb9lVbau7_c
zV*Ec_&yO}|wB|$b0xu14zEa%UemrQaTQ2WTbKEJ({Lflqte@f7d-v1@3Ziw;WU(?l
z0VUdRHLYqt_yG~`3^xvRlRyj-=OWr<<EF<27BuWVqF%2}VT-_pzwfo)<+Odt=u;OO
z&(kv+rfj9bgcr|mM^-xhl^49Jcr$XBN4Dekg~7Vz@7_=J7Rbs4E|T+3#a27ijcLh#
zxf_~1+m%XUM)vPi4ih8}w;p{29`}XIq#qYB5mr64Chl1@r;vIQprR1Q`*B}4+WSIe
z!|&LBz<%5p6L#IYx4?X(iW63yU&w$njc(lWW@g0dwimry@sA^Mxe<JH+qLh8$38*F
z*9C?3SoNQ+X4DlegkbdHj#vXVz3_@e?FIV*IC#6j<T@(vmscF++Yx`(?aAK2%ho!l
zx^SySM1e!s?3sO{4VULl3};8FD(%h)mj$?`zEYTvv15F0Ru4HINAgtfTg-p=QU;}|
z@+>ZxCA;p2P4zF!DMIoZ*~36(%~{K~_6VmFV$z5YH*>IF!b*)%&BT9Y+%`OxbzYWL
zK<W%$<?Pqb?+Vgq{C>7e?4Uf0=^Q3xvaJWE-ZxwA82r9GTRwI?HP|z7NnIbny$O^0
zl$s$LQL5C&suMZ>eqZN&2Tp$RDTSIc9$@S&5d=Ffwovx8T-njp(4_{aL(Zai?-Nd?
z#ON{Q8gaX#g>BoWY>(<e!B0Mr2QyDk0o+$T)9Ve3QKpXXaOUeY+1UJ+x2bA#<@nLP
z=-3zTr-xyPl!;FApnF374wm24w`(g7?gvv@h$hfN*2NMdRs<AQuv#Fkh?y}(asDEy
zupkF0MN9GF?%A81aB*<}EF&W#z<tV-{_E+B^N^*s-#du<U9A^`^9=!qH7ca#0`9ZU
z8pu>Osr^V6=5SDyZP!nhz7r;H7R}@$=W~YS1zFptw-quDDlBNc&SUWY*6GN{{ccvw
z{u-IyaAX--A0AdnI!Uzd#)g6ERe8hH2A{`g7!_k2uve%E^H)a78t|%<y^p}^C5d`u
z)M0cj<?znmJqVC%7Mc>YT-sF@)*{;<yPp<P7skN3GCWB0iOOr<{3EbfIjJO4PI{oM
z&!ShX{%C69FtB&kZd)KTY4qZ`H(o|XAri(+C;T3Kvev;>jQEm86yI$`n_4~E=R*v>
zAfP`o6UAU~a4z1m9r|tyKq<n<4Tz{6$j`5XOoR7={H={wZJrxA2aCU_*P?MdW#y*e
zCTfGtj_AU9Or>3aL%!iOUlMME5|SP02=o0+!BXlo=r}u;@mAiUyy!9eQ;)p;UU-ff
z<ZzfzisA8zDsC|wObr@hFV-@2ALLbJy_r@Q3|heB1-<2SPiyRCG(3V`BkbY92@dZC
zN-Vk+&5iGaci!!T52nF+;<;-t4EA}u4a_^oZM=JoEM4@JkT`$H3OtMlG)r{3)&#B7
z=BywVi-FT>MOE*lhK7`sWSK@9BmA~#^11>rA+O+NE1ugT@mYoo9%2)#98g!DBeU*b
zy0q5}1PrW#DHI5ll^-BtdkmWArkA;5r=S=cso7$3l{5<~Ea_fsBmrp&<0vL!8@wOo
zn9nxTHd*rbC8kRUOpTc!K<9QmvSr_&XaSn#$OlJrZO#)C)FR7<CTHqpq>$aV^hFft
z?#8mKm;*q%mKT*#{?&Lln&%X{h8~$-^j<YeuMlGw*+iKybwbl}I}3{Fa)nGDg~vcD
zbX-qS2|GrSTzP{z{$rBg4;L1+4kpTMuw!>MHC04jh0Nh@3964guT=E<DICND@&Fnu
z#kKVIzLdQjyCb@gofbJ?vQh44{Bv_7e|5R;M%*ky-DS*KXEiQbe2hZSX2HbOB6DZD
zuehF@!wqoa1}(QiN=T`Xqqm+!BwI)1RayCG!0Q-QIa?)S)hK(nq>-EyiX=yoxVMiI
zv(d<FA0|r3SL6D7ac5Wk%~3Z8$A}1fHn!Ty;9NAeU|<UoD<(FFo0x1O;NPD2fhsU9
zR)`_{aVS(~AfR<@_edKtYX(@tTY_$6BT9yQ9szM4Mu)5UF0Qt_ls9nj>2f_GF;VdK
zEe^T9vFFL_DwJ;iN92v~alOcJ-J67{9bV^8+YOC^Fgm~Ucxh_nB<p-eLMp<}efwP5
zFX8+-_i}>@>r+!unEw(Ssqf#hw@MXq5)rr90Nn1Pan{^h1Y82TI@=ulNPuD0^!MTB
z&WNhiJ5aP-OZpK}<GMbl1q`E~r2+g%ATm<_smn~D#yAPnN*Qhg_?UzHEsaAJSDn0?
zz*)@(l~D~{T(Jn|;q4kWJi8wcz90^74#5q!kw3<G;Xgz0v{krUIg9FxgQw<`yqfy|
zb2|kkrGQFGwrzFJ|Mg;j;ed{fjm1ieXzFuQ)maw80s(n&v*B;fBDl}-{Ew5n=QhUQ
zo9f1#<4010Rc4(85AgRsR_6QZJpTWNp#e2U9-6gpBDchYJ<I(2BZ3hTgx39JP5#%f
zKP|lT-&Fda%(g^ymi4d#uyQpxy&9nJo7)uBd+)7cf@Zv{kzN_HOPwApEe1_=sv(^~
zjbEf%beU`aN7fof`cKr7dT`nFqXadzwckA)biCu>hmnt?Ap_0<G-c4C+^!c8%eGX;
zv3nWC#dRN=kbaOALKq|{xWK{j@@bZ8{l8V2Sad)3;l|x9>`4s}!9RQ!kBg?Y!ekIh
z_g+&jz8@9LYb=fh8i1_8XoziVry_vmH|gqFA1~l*ZJhC@BLIWNJpN8>;~wFNUdQI`
z*W|U8``6UB*)>&95m(z2w%c<sLJ-o%=4JsvX(O^-%i(zsh58DVLU*G8A#iwev*Eql
ziCrpq=B{Zb^^1GDq228|huiTgCxcmR%L%^oJtjcz;rKZk*4qJ}7~(<r9<6$&S;mUR
zY8@ymRtHFkglV+S<W!kv%U9v8#r8^_X2nB->#ITUR@lA!{^k@vwAI)1i{Zyx_ujtf
z&f7LhFk>|9*7IvZw*$OZ(2zfoAG$?-YXvcgQGZ9iYP%l)mgs8bSlU7%o!gfxH;lx0
zN>Rn+QwGKTbBE=O<totsrQ>>V6}D(Le^!6M8*{!y?p((b^sUh%#6}F?NAs(eA}xB~
z^g8Z-rpv~u@oEP3+!ZfX5EyMC1Yrmzhs~5C(<%0n*`3Cg?~#rI8|f22-(_*me9nO9
zj#pN=t2MwgMY3qK&LsL5G|Ag$e+#Qrk#NKwg|4=@WPxbsQF^y8I?{ZD+Zou>orhcn
zM)S0koQlP_0u%!{b746+YP9B8asp{sjsTi!%aW*z80Je_P&&}z{nY84jmD|Ojpr@Y
zpk>ogIAT8|z|Zbv@WoI+?<&3JIIVl2v4nJRf6z#dgv@VCh4^C9$N72@UibG<I+GjY
zQk8C~s!Ddf{RV<HmuJeSqS(#)@{JcZ$>Z!&4T7}`G(ocS<9yf072a?ks}?^N9vRaB
z1iCD4&qD_DE!D}U7<A0NUtmH|*p5OY7uG^G7=2tGqxS~V04l?1SBE#KP?(%ZY6i5W
ziu1q|>3p5>`DpipbTaI?v`kMDL`$9dnlKKJ8<vGe-ZLiUxx%Nf22?T0;Lhy4)kgFo
z?gk^_miy5w5(?k9Q$*5y7J4pZOyv9V+Kq^1>i+Sd(v05(6iT@|^kNs|U~<7`o#%I0
zR^P!4`^nm0Qn;-f!E-w;!i9Sr&6ZPtGXZ?t_<wUqw`23j=&^RgCFEZon!XOxx*u;d
z$n@7dA?|bk8r@^{<dp5^up7)K`x?uU<=cbtj$*&yD&ciUoUYS8iWDP!CC)0wzT_10
zf6<nqglW)?_tjyog-eYMaMFW^Eh`V~)70J52n#7er&zKHM}c1{rn=^|7mUF7*Lxl+
zI@@Yu4^}-OUR{Ui(S1aQ2eYhjp^HVC!WvXmV$@L97u;}op#c#(M2nb54bf^A#)lx<
zoGp-IAU|5~x3N!O?S47ovsll9vkiIPc)EkA+41W0DElZ^E@G&Rw-OL@BBj;vie=2v
z0Y1j*>!=mrVJlH5E!udHA)0IdBzj<8tT(3um7`vrnT)9ft2(mSYPb0tY%iH~uFV+#
z@<@<Wt%zW;341o-@w10jv*Q;`%>=4gwg?<E$tIAJ8+fE<H#pRv8i9919Ov*uwOkO$
z88g}WzN6%!+ZNIm2KMFihO5?O4UMq1Wq*ay=4iy^*Lx6luOPGjy?s}Yvippb5WVT{
zyh;SfG%svUf?Jd0lf)Lrlx}olPGQ2~^#u;GbQ!p7O(K+Jk%{c-Fe+v6{KKt&cI5Zw
z$kXP9oH-N{k98Cw=F9Z(UIVMx|7rhr;SnrC+F%!JK4xZQQXEvL)>7yA16M_d1jOX>
zrm6fq@XrIzKDr}-4WljYb*8^x7Fa=p<Nr1mMBR8q>+u#9q@f19!{-SN4?xjsx(Tlu
zK1J3TllJbf7;N~wp`ks|QCJwk#RzWa`<l3E?*W<}9mRSYsNHeRLKuVAhz5p{#bR>=
z)SZDRs&HqkR3MV=RR+)={XEda<g`gZ%0tIG_@#7mY~*88ShD$jL0j-T{cGxBHJi=@
z6>YzrtETzySq=d%S7?$hS%IX?<l<m2n;ik?&v}N5)1e+v-V^qIZh;4YrvsD<F3cjm
zQc()MW+Goc7eweV?=14#mm<3gh;bN9xC_o8*OXB4<wHt?6^A#b2}~hXEh(XTivtif
zwPn#yw49j|2}BXj&bGZF7c(A@tIC&ecJJfd`mfNluNJDt#wOB0pE(^Q0e(BTg@}^E
zezpVr?7W3s?~DP^YHjgBQW-eUTc)zPWf7qIfK&zk%+Yw(43v@*Q{#dJZ25H&kSMwV
z#m1V+fY0G52h&i&jIxtXEUrWg<_V}!KX;l!U4G$bI^ME1fd8`ZbiL^oC=4bmb_B|p
zF&Vf)U;b5k_uelM>G$26zlSG_ei(v@a|MKpmEgEKxb9m#5p<hxyESR}K~h$GUl}qd
zobD(!{Le%ETF0~9Zf@D#`$1I)@)PM?h@WrIgKIfrh!`2!#{nZFGn;KYA)>Tx-DXQD
zm<x=?OP*D^yrKI-WMB%aaLJ$8Xh!?CgICW}<t`_j#xS-X9{XQ04JXT$5OiDjL7JvK
zOVSuIH6TMfcMZ!Ou5kU}umk)47{Tuydxl3bbu$FoZQj_U+4A>fw2jydKh;?{0|Qsp
z1adN;WhfJKtrS&11xnYwN$yvN5u0ICy<20je?8J!6+FR-jP?||q){U@kj=)HD&QVD
z{DcRNN+JMcbF-i86oi*yv-3y0TlaqkAiDc*uG<VJ+2CKgpL(B48fNWYgoR5@dzyuP
ztXJB?q_3d>C+37wCo3wa{9-`$ZtgDkEL=?%fxbqjyN6lq934KCSU-JI>-0pc+cZ@f
z8`zg`(tV$5cJ}(il8xrua8kZpw6lhXdl}~I|G?g&Gb6m{1rd->B9>s!4F_YD+}|Hi
z+2}LFWp(}r_4$JGbB39^yy|{><JDgA_oV{~-QMUREYs9)j`YPbdlp^hQv$w^Xk$Mb
zp(Zm~`|Y;$iXLQeQ_fUGS0;-%oIcrX-7f}U^TZdbG(`(Fu4)$^luxoUdS<88xvH%!
z;HjmQI__a7b7UN7j&W?Q<7z&^_pU}SZzh+bx^{RT$z-E6<C<Y){w4=kI(R1av){l9
z3JD=1;e?Old;=+9mg!Y5gqipiFz2Q9zgovA7b&=L#a^xicamTI`E+xg8KY`onnS=&
zBPcIQKK>f31wV(mX$xb`awQIJPm@y*@@r{ZI1nZwiHOMaDT<k=_hR3lc`dD&A@7!I
z^4k{aEl#ORHFBY*T{$u9(`H8|wmjY2>383No((S8%Io)GuB!|Dn@hO2Z|Gn>ZCR|T
zI?x*wR_}0#cCpETPw&SI7f0UZ?ta8U=QUdYc>Jl}=|K8)u@y~ZdUg{hzL%~L)??M-
z;E4_%mmTK{a%?!b5y3DLIe7QVE#Ey3bFmHpZ+E|LamlW?IL0fkI86kK36q%B<k)wB
z*>0lB3Ol*0k{)4wyp_>d<~bh3m(lTAQP=QgU~6o23HKBGOG2FacqN*I=Vb2p54`;u
z|IhfD>q^JFndEEZiYjm82^VJjQg!c^j+T6;<smh^w|uz=`2_C#@4>O<z9U#CeY4_6
zfz7tJHv|r^wq(l>U8Z`vz`c;ky05SZjK@y`YYulz5$fcy0Nt+gIK{c>2NtGWlt&YC
zAt|vx)Ibu(kn@U(ghXcHa*B!Sbc^{?O?C{V`Or((C2!6cHCLMf<O*ynPWJq&w%Q>&
z>#F^d#E1oqlruZvlRba(9?uj4swBTnpvuav1huxIvfw`gKi{ACpC<JbB<VpbUGW5p
zpNVPI-QXIQaEDew-W~SuL|AClII?iOOP!4&M`wCR$KC4e4iN@KL3^82y|i1MaNlL|
z2L4&_B4VHRe=u2V13>H1V(jmqYFFIO7~rn8p+F{KYSJ{rpSr>{#{GH&VTX6>?eMQQ
z+Mu{&2&%T-J}OCkn%-jKKaSwITu%I#bRhO*D!{2yUXOyh0H}0O9{K2KG%pd@b>=u4
zo!Oe9`cq=g+w=q_WTi!}IZJh_(EYdfQ0v|OUd{cjp4`fgEFypBlA`x@#K=LQhh4==
zBvW3>qyKJpi4{&jrbsyqf3cU)v$;V=B>s6v#dnFc_-+}%usze@Xf`Ef!|kSJWG&>8
zh>5S%F2NC!QbVt8&2PHq`Stai<?S!@_WMVmfFZVfR<dJ@6cxQ*zpxfq16i?`f!wwJ
zYhqKlWU7Q>(#NaQ*$Aa@&YpQdU0(Zi+nOfFKVPoUSUn(C9p2_RqIG8e-JTGL>=7rl
z?7%BjQtETWZY-2eEBVLb3oqHpilXiyU_nVNgcNY*92#k>{FqtRri9GYfS49V19SbG
zFWz^(^~B7c96M7i>Bj^2<4?53Oy|I+0K*M{iiQ8$po}^3eiVAIuYI*D;$c*#q)K{g
z@^C6Hx5DBoj37cvDw02`(=jm#88T|63dk!v$zaH?jV9Aoo=#XQZDx^3R5Rf1hSmF1
zkfU57q|z=p_w%j4PyRW`G|C|<B{deII~=|yr0cOyBF?IDG0AVnjx{!@F&NUllze~c
zl(j19vH1gSIj<uqPL82)U$MZfIF5{#ih68uE-a;*%n(!;N=eidtr0-++pA|=$}iZ>
z+2a~q+Z!uraoyGExF)aO(~&=$s}bcm5A=XmwJedPe5s^OJ%eeq=l77b7%wdL5v<t!
z5$$Z7i<I*fV{R4zX5@FQM#ErBnVKx40sn89KdnP9@&l>@!-6K~M(<BH6bYT{=!av*
zuO%U4Ys%ev&|m{R*;-meYqS!J5$D9Z%QUu*)|-|^2B>BZzt>D_PG;-4@V<{i+<fg2
z>?}i?t1Bdz7htVt{xxzhFr%_LoSvSVuUipRq{%Zl(3za+>xZ?evlh@-sMZ7nF}n#$
zg;BZKGU$ed7D*hVZE#466i9EHQs@nc7%~Y8dL#DMKkrB9QV0;gGO=dv!Q$#%ZTa1Y
z#qvbXeerJpE4Gi$<3gQ+_1t}X#0Gd=GGU=A6t%e%CH}i>o^O?uvQB4$8eWPM47odG
zG#dYn(%cvvJzbnnLc9qJ)mkLgkhs$DO_A8&;jpt|<$Sq{%2lj9^*}7-*+w=ry#)#n
z51-BH1-D$2EsFXs4Rgv5+gSIar3lw@gIS3@5gA^Bij3T!MvfdB8p^=ToRpr<pQ-PZ
zN$6VFrhHA|x_oM}@oFg_Q<fXi)5B2T8CIPGyNJ#d9>L1Ug=GK)BrYo<5L(YST_RLd
zGl&bo3Jel7ko+B5&_&0jh>VDXC%Z3CONYS5P}oL68w8&eB%d{*WUUNZXoO^;wL`F)
ziE(-=i2&CpOG(NZ6C@Ib#55>KwMMd^NFh997=Q$Rny_mSE+-k1P|is+DML6eZN@XM
zEG#NYL?91ASx(vLrP%)r?MkFH4tiQ{(UI0HX53duB#4+54=jZ2q^^}tNX;yy$XZfb
z@<&D}4O$%wSco|PZwUmqmQ~q2v%+8Cut^V-uA2mmjy`E>9t{wqI8h@lc&TKkncnaq
z1MxthXh#o{1DJ<E?2-aX_3~`z`wL3pA2A?4hE)SprkDisQNopo7(FK$$gARZKrmtO
z`O)X~pR#*4Cwz<KqyAv?Xnvf6R4UO&noByj6B8BQI-C;Wroz1NIv=q@DF9ZbHIQAp
zxMCJ#Xu}=qv_8SNS1F*ai&DFLcDTB-o1jPzw=0PA^kK^6<+cV##@vk@t)3_1x@1NB
z#0jSPnjMNYN>k8Um3a;+KG6V}m{tUSq1-e+(LK$BcUn-~@LOf{>GHUCN4<%&jirW8
zW!~dJ{DS)+;Mh)Zwh)KZ{2G}(4QIGMg7JD<__gzIeLZb7?Bs0uxA4MgJWZ3BPSSMd
z5ln`4T?B!?E7E#d)kAiOKq_9GQn$81h9&H-;Ul+e%own8_qQih*==X+@n53wzaUp=
zoO2H=>B`2Z85Bbh!-A%oRgD3PkxHM$i3O7}?R4y5|B_jRhn#pDl%vV?1P_f*sfXe)
zV9|y+4|O+NP%eM8vJnfXy3iw#FL*hFzB`CH&5FrhL~04IhEY*w=z7tJH03a(>6ICn
zB=o9)%5ts)ODyr|2>-tY=V~pha<MnPmB)nX&iXu5C{8A3I*b-C1kUMg*a^XMObjC#
zUQCKf3I*!~+UKm%SS`XF?dnBpMV<`ojBg|Dq!U_=GxctERi}LD(7q%jNdkzC)mn+B
zIFc@9d#V}Iup%4dh1RQvt0pNT-L5JO*6*}aoBsV_@0)Q8ug7vuk>4E>3|0XF0RXRO
zI^Xw8b{@Yk9C$pQp7~Na!ai1ShI&82$2}4L1|K{w=aaCl>K{?*66kEXGHNO*l>l+=
zW`zy<)3oM~a4~xudu>oZJCB3yvY_)RBdAfRt0->U_LeUu_;#t<Y`q2Xg4GOU4A#=|
z)t6Sb=LIb+39SnzT=hH9qvew5K3R-Hr=-ssYIaC;p|Sx<F4mFAbrKxliACM;0yN3h
zx?kBDlLt#enY!F$z~C$STA@-_hsE^Wa=9X6wbD(TD)l!nm*HiB-tF5gq3(60T5kkL
zn>Q5NbsLloQ%OG1)13ved_(iy78XW}JM#NqINl{E_fHt-GnQYx=Ib+M3PuY?+wGH@
zQJ|}OdNX_h9~Csk{`xo%BlD2+#2~yjFQlgl7Eyg24Tvm`la)}YNj3go2opL25>tYG
zAAyL7h;Z9(wRL9miqbj_5Hanp!U|s0$@F@#=x}zugJ!<Q_DH++W~5iI#)YnniDl|l
zB;Izqy#;!?GjLSM?9&&$;R*8yNNJ;NW3O~t`3gZ~7_9pcC!pIs9VHO?MyJ7N+v)pk
zyrtTk<3)-ZZXce`@Uoj9uv~8&V*h&k=xTe44Z>qL-+Ru_1SYf_;1L~0jWLoO_Ahj+
zIGtg)o3DFB#4m&12f@X{o(NSoq&2Rg0Vy<bktUJ5ce^?_fP0uVW!$Jv(W}qU#*A^>
zP>xtQC^32UiSK60gp&C`uLM(D?ldl?(UrKsw%R4avvD@k!;8pbH)LF>q?^_W8Au@@
z{MY@+wSSHl1s|Dg0nRtSt~|tuNcn!sIk-S8|C#6;RYVEaT$QO80O!eoCDZCeXED22
zeCMpARok8>y1Tz&__j(>imGx=U1-J4?xW2V5anUy{}HT|^@T;Tccy|Pf5iA;u;S_v
zDtrYt+kK4@Qm=mpj$|wQ&Fd<tBLq!YTdRNdW+YAs^8M8N`=Zqy7S>WV#47@dq9VuN
zB+576ND}5MXEkus>`H){J2*Ff*5oj;udApiUbTP;gVB><Y}R0Bsx?Wxcz}{j1y<%<
zd2g)+r+dR|iZLS)S8HiMKn}8Gz>x!$8k)RQd7}$IxT5L2=!1Ppy}=#sYA%&Jtn(F%
zLU#DqxL}<lOK*WtJHpf}Io||2cex^4V<j*&FRL)9`|dDo)-4+a9;HC8xmE)ioDRI;
zU?l3zNe`U1Ct@60%o*B@hGN!z^o|sinq{P8s<OwFUdY>~XMgDUznib=9MDZ~kS)bu
zD4^fJ_<7p=z_Ok<!&<Fq*9MNJUJqlTw^YAJ-#{DCWF*plE)tD#++VEWIVcr<iX~re
zAiTW?B_u=pOEF63TV7Ofwbn9^Q*_el-Dqj+Zh}FvLJVv)xKggV1IZpz3f<a>SjxkD
zYb8ZD)OyHC$Mk}XMdA;abMRlDC3U95Sn8ui3`TPpk<8u0k5PEy9<DINrF3GKvd9b`
z6D^Q!ZeYk{lfsEgCZ}L&P7V)`zY9U>r4+xz*#;HFuJ+MIAb??UHW|>zoALUC@l)sd
z%4nwWwWBnchkHAvJ-qp?*bbsfcmLLsqS50)pkw2HNIx6#H<_=|nCox<(@4MHH-O3M
zg6zyx9Y`_aX0X{MkzC8JbC$Lu864huYeF_>cV~;OvFaOiMgB{x7twyXUZf!c5oxIc
z-IwQW!vD(F>#agr9O@=_m_GwarhM!nTE6R`jwVexdw5Pj$~d3|V5~H+1xL<-FBPRa
z=luCyU8zZuy<-^PTm*VyxmCF9=djVmNWffZhs-si`voUZ(Ytd%PB~nm5%R3x1CFv=
zgMZt2%S+d?3k}{f{`$ov$JXAA)r<QAp%B_>N&I*z8F~LoJx={_sKH6!Ajf(QUZ`AN
zRKm8L=(wp_L6L+PEv^-f_8LrEGVIw$FN$u7j2#VB)X-dv)Xn+sPwMdi1qU+-Jg0kj
z#Fuu(=<q!)N~i<{)6x@z&xUO%zQB6*0p<4eAB99+f1!X(fyA{^!j@9_liS%^HtFa`
zgz=?1N(Lc+fm<Bnii<gR_M~GmoMPw&eF)N-4`m-UNV}?ZUwdEYY?-PDOHt=IE|a{`
zyIVj?6JcQC-mK{k1`CxMq=Rn@qs5-FH@gAISPDh((I&+HT@EA0!lzcc0&qH{(uBq`
z1ilc(Yzc`nvDi|?8}EC;@qKAJPZ>n&I)=h#c5p(HS-v%4(uPcGY|8aG1iCW$*CGmo
zON~ElmZ`zZN=cdGE(wjy0|M4Tm|aCn?~%o4aWgboPhC9olwEeLk`*~I9Tn)HrRxx&
ztGd9bAgbDnEq@z9vU?iWA80WPu7=G!4#h}3?>bqt#;rng{fl9X6#+F8Jp||&7ur&9
zE(lM5=Z=?y#TST<-#4lz#;SL12)I0(S6aFivA`xcb(LMc)fDdy9xH4Q;)sx$6VLRD
zb+%li+K<%-+A_PX00fOjGrX7hZ-L;d(ae~1KEWW+c=Kd1VQIEl+)4S@r@3`qO<(~o
zm7(&sYdT{Ab2B}Ykg-0D=ahQ%(BVH`XD5|>(U_dJRJ8KRR`GtUP41?F^6jU5ui>Ls
zN0VubGcFd~(Z0T0-a3cWt^wuJnVQ9NW!x%FPUO`k>ej1wrZ7w8#X}R~Z$aKbgL{&i
zh`hW!WA@Z`id!VB1dc^>HKRXT__yEt5;;hb#xP|n5M3tkduvk?D;!PiM>rl5Lx)(}
zv`vWD&yYXy2{AoM1hV;@ud6MU6Gj*E*zNp)(ipTQx$7_qZoHj?5-D@VB}6q>dXauU
z=(@)VmxqesL4T0_$EMD*<qrO%%WnUN_3@kjTlo!uE7;UutVV<Rf#%a7hSwe^?M_!r
zw%_o-lb7M0{J0`rT{cK0cHhdk4f?AwB(Z&m;<-=}6syo{F7o8Of?;Z~3pfDRkX7TX
zf6muT>a3;JaC~j$PJ&ft#AAAkr&xDR8DNf8T?E!0O%PQ(*lTb!A!RD$Sq~{+zScDX
zx$-D2HF&*C5xDhdOoS*kx_=0bWP}kHYAth)Fj`hYf-+S^s1~~`l7)b7ZC~HsB(p#Y
zRKK+;xin%~TbLcj<>(kqUdK`G8sn={npKKyvcNN<FM4ySi)g4}zrF;-(Jf`_lm52N
ztqq}>hH^G5DY{Aq>2|tDa8z*6*g*9*)#+R*?%bb|cA_I2SX)55we-z3O*E2#f{OKT
zC7gK|<ffSH<iycGOk5b)+4?81Kz4W@OZkb*pwMY%%j379AQTfb5I`Qe#%lBU`hBBK
zg^aEb<DVv9Xs)0O-V({KV&QWV2?ZvUTYzd&8{t6^Dg_NM4Jo!K7WLn*h0O_aVR6*!
zTJ>p<ocf?ncuuOv@(pLoABEoXxqwKiBL)T+LI;C^AyA2co2iitmK+$46)U3Z{Z`l&
zpHL3UkzvyYBE>5Jx+rS?4YjICh0#}~+~M<yHp{}!(EKl~Ju1k#Azt!Dan8cfR_Y!M
z<TSfS%IozGR*@qN-H{H8dpxdO(f_AFzPQ|?VHzqNto#>W3p>4@gp0-sS7Er))$x$7
zLMJW?2JpCGY_jx`N))wc@!J;`1p@Y2)OLq1aX>pWGBmexK8qNGGLg<ICqxkZz|PVY
z<$#EnP`imxGM!p19FQSDV#GW-UC&ciBtt<`OhyJJ8k}VWyKIhw>85e;+pB!A9h8<7
zvxvb5+@nWOOF+R48<SXup{@J*Yw|}3ape7G;yl~q>AYEVRpResB9ZcHiI9K@RvHRa
zG|IkfTHSXDA(`P{q~oc_WOx0X5@Ro@-h;v5drd9$%eJ%?WSo8(X4CY)XOq1{dZ%W=
zOhqGoyC2_Rdl4NN>K%nwk?6plWOFm1?79j1u2Di6Woi{i7v8|d3d6H18||Xwph|?}
z{7-708r5V<dWO(PPg#`4mP8?oA;{I3<_zbi)AsiEZmu@DIk>sMfohYkhxlLK-<coq
zH?(ICjjyht6}=*z1Rp4(sX}DdubHj!Q?o^Gi>pn3t7DWCr?~221}h;n)Jv~)&Ezu#
z{Xhylv$_u&%u6YXR(sdV@Hslwg>&+Gd7j91SF>aq!#I?+*59F%u`jA<s%--;5yD*f
zp-u&vb!<h5oSerrbRvUMX#o)*m}zh(W3JvKU)0vqpmcJcia1+jW`(ksk~4e3IoYD^
zEV$6#&z~5^ilw=Ug74tXVr3C?uRSg)U{IMef3Iw?_T`q!V05;!2D}ze)8#7+IkP#@
zg|k|uy9g}p>nMLKt#KCLd0ur<YyExuyhC9i|1@Kn5mX1><v{^1gr{0OT4`b{<~;~A
zQXi|VDF87;UxvSW-vMRxi%g-p@3k2G?E*ld4)~alCnGmOM+e&{JS?J^nT$ztcbzM$
zcWRCFa7Z7Zo1f+MlNjT^`_km*5b)-cwybMZVi4HVyfV7g+up!Bd>PGIC}VTnF-}cd
zFcA97NM7C>id-%;6#*O<O;eQ+R#I3UYh%#T;bHNu5j=A6ngnhmuo-zUSy^rstawOu
zFs-@c$9&!~k)9keU2PsQ2X=%`zR2P-0?Fm~(010hEC8gWWwvlwnoqK@OZj`WF{@eN
zQPX2v-^Bym^@{<@&3O#@qlp;UuRXk4EvW8Q-m08Js}z2?uv$tXJdP=)LR-XR#6=X}
zgj&t#oBul?MG0}Q4RzG-t@6XpR0~q&bu{l`bR?C+Aotig0m<Z6tW&iJw<Aky>ScM6
zJ=6;k44DFoxjFyS@<~@(Mk=kj<I3agh5XCgHT3eC1WS;Vs@U3(t-MmfqiCo-1xBtb
z5cIxSVi?E(Km+RDhQ$J0!lx(t7>$Y_s_6_FNMxvxIt68UFjo{3^ecv6MkboD!AW3d
zd^ubyxi=E0fz7R3z~D<c3X(LnOzEUODM8?`d=MP?*@Li5Y*gym?80o3RvlM|o~KfY
z5CB+4QWk^Ecs7yKzG4+`6I&%&v*H1m)Ozu~xV#zyqIo&b#cY;9B}f((OF09q>#4L&
zS<lfN!DlvKTy>|XY>r<Fh|hHeTgq;Le;q;Pk_xJf;-<FPUuhLQoq?ddr@0(^)nNGb
ze5KI`nl76UPR7UU;u+wt>LQ7juIHjC60m{ta&f1?&D{>%DbN7PVkz;gSpfH`yzCmm
zt8hmVXf^u(@bnJsnKjYYZtSFE+h)hMZL?$B>DWofwr$&bV%xTzoV<IV{r!S<tyObf
zRW;{5#uzB0f`drPLfVRlzMXa7eFd2fe<(+l!8tVFqX$M(sF#9o#T=ZgzJTO;L=bPi
zMge5;qCmG-mkK$!EP6&GecoZC*J#CJmdoL9a>$aL>pmPT<ioPEst=BWM9a$OaQc@9
zk?Qbw{K|;cBLS6qq*~;N#!2ig`oyVyyx=WVZ1nsXK}+p2uR<-50ZJclYlw(=8i`cD
zHV-SW4Mc&cNQY1}U#!QjzS0kc_hKNXB10;9rX4}wn_e{E!2fMHj^0NNO*Hzi<ys26
z)K?W%K~X>y7!CYO^JiARf=FUfe9vSNX0dCO`r8XjF6*hcE>L@>T@EW)VJF9?x%{c-
zF9?BG$(PDJI0<=bz0pv_?&W$*Jd6q|X(|N`4NYrD2Ms1w`0HB%b(qV*vWA=nLK)oJ
z!OX_{r>u|`88H%+MfwbtHdlL}5(RKzdvkw87X@jf+jvpo2lHBDnj&wz^Py5y4l{x5
zx$fU;t#}jnF6T>_M2B3Zp>h^@m}^8qUkD!8nv`4)>rz`L@`fZ)Z9<<6V$7u~I#XMX
zza1s6@n*!dVf*Z(g$p!+)GOEIbR#6+M3~|SkB8{PVa231&tXF+B9K8U<${}~<l$=_
ziMxXNyAGZ;#8JOGgq6u3F!>2$1H_EpcBV9}%tA^>p%#jOA1(~DF#9R8EEBzbN*?61
z)NZWPsmmyH^Z!PG{8wMO`MuwuFy3k<pk!S^_x_CSC@aQ4t+<sH4Wok~sRw17<)Al)
zs3}+r&tiL{%BGc3g+bD?zA{D|!=T!5nM8YA#=81~JR)Fe4`v=x#JJys%?vU)M0-1f
z<mGv_iTWD?9mM^CB4F=Gos9oDtj{P#I)Kc$rN^q}luF`zyq@<s7mJw~85_iq#H~cc
zM*6E249g|P_~zJlgO{BGe3|8PyJ%p-Q)3_IXbw)G=$`0U$nf>1^$~F>(2m%iC{MrO
z@lNI}<R+J(_ig<MNX;w;7Kfl6@_Z#0nF9-&%7S)_lhgWVIQ0hYe_*WAnXwL(+JxRb
z6EWkk>EwUKz#~G9{6^{`n!dhYj4dv?yX9LH^D3|2U*|pg<EJ}4a_p+#D*vy{xWKy;
z=ld`WS47-`Rb&}$iNnEFUgPAv_fo<*a>X*3b_EC}7c_K=1wIpzcahw6#aiKumP1Av
zNNqJukjKDpvo~JR+@KldXX*P8$2F?MpkMiJ^%RTyAz}c?cz9p|O_cIRuk|&N-D4*L
zglA}fpo>*VcY|`NL{$j`#ViUq7_LwxH%QLVql!2f0>B$k%j_b~J5%CW;^b$f+S#>{
z%l?rbT}iucpIYaEOeKwG9G_nstRzme$`5@MAbTE_gq`*L@0#CyM}p`_7`|6h&u+wu
z(5Cm>Ue=I?-;UD@^bsD?%QCWpb&e;Ad_A+y@zG*@?Y!#{TaSuokYSQ})*s2WO(6Op
zXIHl=+j{Zz75+KsCQ=szM@e?7F&Dog^=L)r|JfFd1Ml@-Yp=mKOSqmrs0g26O7u+k
zK5#fiz{u{FJmPn1;KLNv1|;Ei$IWjz^h0>sRQ>+nXI4Rdafb0`3b~xm$Q>`s?_C!3
zN72*Na7d_Rd1c(COXm*nk@8(<$wXibvcyspmauX<9`~UwoQn7sDleD%-;(~R?QdHc
zsJ=*I=&+ieo+_BE!)^VVaxpaUZfY2)%0ZSIi|A27YI|gGdYh}*fB(=~rvti(6o(fN
zTOZ^?UVb0$Or2U<R`Pqg+Qbe=r{`)m6r0Z#LL+rj?4;oQx|39Nx_VtGpuFxl+43Uo
z#LE0~Dh}jM&Ntm8=WzZK?KV1GX)uL2W3%<A$rgOA_IcY@s5w93G(ykE!eI1+@pZ+z
z^o$lTFwzTm{__4_|CaIexE>kJ1D$EP7N}h73<VnEoV$)qaxt192I$l!^bUZRV2Uwl
zGTBkTJ)K4??wjo_+1bHNy<kjjakQdMv}C`)l9k$i(xAG#e3M!(Tmyao0AKrQE+m*B
zb^JzrPmVvqs{D_7LXwZxtGL<-{2vS4UrDdX-UNAev3a=nocI1f`P=Q*5Lzwf5p3J8
z1F>E_P&>Nz_kr8ILxa1Z93yOEv0o(iw|ZY5(hm9o-#))<G;rb9VjxJ~4<(UmYVy?D
z_RLw_>k6BsA37q{R5y3!LZx<9G%Gb6RLT}Hoz(1(k3PEe804|^_hNtQ4p~Jt={2VS
zXc7-embKJi?v4V<X=;lRwnF<nw;a@lfODFZ`9(ylTT);nB`G^d-EJ%2IS}DLP&_R}
zkWm_XXvUY9$?Z7pnJxD9{3Y@GbPU@4{eo<u#OH?s3klnv&e<5rLkWdWOh}kB_I7Ze
zR_rwK3m}0V&Ke*4ye)V*(8v#f^rdV*pj(48&>bE^!X{v1eQ_@%=(*e5L-OXgB>xez
z&(@kMUTAXSL^k7o>#p^*JK#EDn$65-T+$Mbu^`tP0H7{<4#GoB`dNwb4OVg$-LamI
zPve!Nar?S!?BgAf%$Nb$ej@f$WQ()gQvM4E96a~!L!w;I5<o@+A2)l4+FT8vRg+`d
zX~|sPdOafUGD2JT`eQwXsR}wgUbum8Pkm)LDUOq@SQ>0a1Ow+b;)k9#iq-b$!@kSt
zG=AN0g44_i0W&q)+_>GJ=y>g}Vgb{#jaJ*>@*n(#;Zbpho%-E_X!(3Po(Cx<m9QOt
z!;{;3dy}8XO57$E&^O+9FfQwGgZaU*w*wnk<~n^*qsX6iXT7gH&%R^))JZ2Ph1KO3
z->Bd)@qeX}9l3JhYVu^gyWuh)rTm-Gncn%5HNqhJk|xwE#4q^39bK)42V64vL1@$%
z#Fvj;c5Q9`Dr}o^yicf#Ag-(~6@h6rnS(g_fS))kIU_P<P7xCRMkrQmHeV};hhZU2
zMCQ;cGxB*oV7u~q%XP?bt^LzlV)pDil$7y|MJz?IXvHoX9br2v5z+fvA+OjRMMIy>
z3Hv@5JyQtLm2pq%Nr~Yaaviwtj-MG;{}l1X+vbYypN36oUG}c`n1P7`7pu%OoqM_V
zR$Qu80bQO*N1H@W-W5q9zguR9*a#0$XmD^+p*<6TXQ_k365Z>YtZ;t~ix<N~S+JQ!
zKh&)}t+I*KVyzeu(Z?A>;%mLjG;C~Sv436y4N+he-8_o$&Ij=@MW*-494t@=W~{Fj
zk8Iwqw|UJ8h8vN~7TI0Ps&ij*ho+ezWx{QU^)k4~jj1(aJpG_z9fpidsrC;qB5CB$
z-$(F!$4uc7X0ltRYNWg#J=VapNpBorSk4~kQbu6zs=qi`A=K%9ML(2U+lv|zO{{*W
zD^IB(x|}d`IKGwcCT%ZO=)gZyqZN&PQOVqD0WZ1k6wKF2!9NARz)l3O@a>@lAH<wD
zlF0u!W84)f7M*duHSgc%9Xu?Fo0*8}?K(;2asNLr0P*Y@Ch{fIb^6j?_a-GHS^!Gu
zubnA7JFLA)v?A-tT+J1{=<?)2h7$RKwK2S}9^L*5cN`hqC450UzkxiG60A51;9@w*
z#e7+_M0%+~Ao84Jc88l4QK@^Z^HwS7ewkS!S@-pDQu(2@0Z51YIt=G%>zQI<_QcO&
zHHS<6m&@04q9587G7jl>hJq`Id2BDB_V~udo8Jz@^oMbrA3(e>hjY#D43gwMr)rSw
z@t42a>sBXr<>v@Mzd}FJy2WW#ISWfcf;M@8+D>9PO*>^#!LQ9h?s!rSkyQV)A#i=u
z3i$W8IdkF^igGHx`Yg&wDb%>#CxKY0n_icD?=0!u{jFdB?c2?}Ozdl0@Q*6qHx^77
zeB%uO4S}`ai!+I64%_KN&26qXAGS^+ktz2^9Q|=aWE7AKMXzqTT}A_UNR*h3h;V%P
z!=%okbnsU9@o(VZV8{>siv#mGqDzDJ$K<c&POjvSQTS%eT&qLpeTNrRFv2b{3@a0r
z?I--WTw`*+WCDua4(?YFk6iJ`nekfT*zm%LI{xK1l*`9!|5VIguhh@z^@jRzzWgf#
zAyZI8#<E(C3V~&AULj8oPsN!3m&b-eW@3@UY+KlP^m}e&8B_frOfr6Cnee*-ld3C`
zuVL$H9jq{<oTvb;Dn!(AoA;S{R7ML3u%ThA-y^1{tLeu^iX!5yBJ%cD{{{hiFZ(~4
z)!i!0-`?o?l$23-zG2WPM?|D?N>RNSnCu7KGO2BdUwz%JLXSH;NDW9-DrHfyt(Ip$
zp?Iw!&bK44T~@QkEAB5Nhw8t~h^dnk+{&b`{beT>N@1eG{Dw_szjCh|Wd>vKO$AFF
z-MqKEkxVQ+ax(5hUPc9&^XMrL%QX;LCo!!SH-Uk-z$--e`?n0%4sK88{RmxiIs-(c
zM0uO1MSJ?@Z!bilw)k3Oh<Mv~k71voR;nVe#ij@P0wI|iJ#6Bc{c;kk6h6P^Q3*$Z
z^tSl|Z7(y7ZwkS0e!=yh<}BwcCWy7Z@?=g<3`RhA%~<Tf@tDzWCcLxdx*Shwbe~r)
zJTy%l<=RxBV=_AMWxt6KbM0Vhu~mjXzB9x-!1h)r&Cj--J1eZj_J-n{>(vl7qx5d(
z*efN3AdCoK6H;*@K;kaRorfdfif04&aX1-}q_bOvjMy1}Ss?o~enm_|?xskqJ6O*f
zY0Tv*l-;TvL)bnv2ESAb;|+Dyn}`fiFbOGEGkUKUX{D40!!9%A=Vd?#c<UKY^yTE)
zs$$Zsy|UYO`p1N0Me)owT@!BbH{tQEdd^}jPwnV-B0xOY40!03RUxujIl901h}bJI
z?lZjaeq=}A9Fs2A4vz>y`8HPgy@BX6s4D&3u>9qV{wnw-w<H-$sM3AdQ$_dv{e!7E
z0R)LZxGz{rPJt9s{DLC6y@8w#hn$6o5m{iSPBPF;9do%3CM}iiO^_|vk&Uu@Yl4{B
z#d~vZC40eJ_v=tM8tM2MHQ~5QOhE-E!v47?k7%TZ!qwosz3PO=8JPT+9V}_6@oT@X
z`HBlfa`dquJvNK@!*DXMm%?Z0m5Bg~fnq)y0&ON3%O}X%bU1tno4HmOq8ctoOrh`O
zzpHOd^-f|YD-oZIHkU+e;$0i1{ap1{+-ACrn7iPpU9W4P^;%F1O-m?0AINtsaFes)
z&lB?go5H)TxcQxLa<HONsCp0?%?}bSHAmspW3<K#UQk~os#-IEA}=o<G_$s>F3MXw
zdTO^jNxG`DDCOn4mJd4$unBWRzTM6-i~P;Nlux6ygRs<zlXD*F-stNH=6spf6bccX
z0vD)>)x=PIi3CJ)qPIC2b4(3KiW^d^!ySctr_{(*;HSOYA(&M6L;Y@Rk{gZh{2cR%
zNPH0Bxm+6$Q$vF=%2hO=O<qdIyT);GnLWO+@)V1SQmy7!vJ5WZ>~qGbm&qBY1B@k<
z%{Wg}gWrxBBUAui-9IL~S|tuDtwieQSRD4OGSUm7{p&M84Gk|2>o|0Hk=kH!s(_NM
z6$Jg;9oVTwXYfF8kw`vVq#`|u141-s0W(G+1gedwTK5$#DU!4I_|_xQd;u+T`3p+i
z$Fr>F8(%oti=_q*2ZK&HK-P(;%>@oF9DbU{OR+<gp;S45;PZ<9sJb&O*sI#WIrMHc
z>X%3~byA(-w}W-s*0a8(fGi%K1xitkG_>gz`dPYR@6GO9nzPh8x;##_aW>OROQG<U
z&RiWI=(akgU34LkeAHVtPK?g8$nG%cj%C@ipq>LU9Tgtyd1L>k@Vmpshj7%T3R>us
zbttT`l$xVNACr_YS~!kj791`1Hf)CJnNy`15%F(0F*Z5M>#M}9<B9K5%w`68V^#QX
zA{cXp_ydeI7@wHTQ}{-tG}44Zk__9D{+Yjoqki=@Ww&*xM}>VV`Z17vTcu0p&4ZQU
zdzmy#!ZvOw?tBz0j+y*A70Ke7%vQu{97%n#+Rc(9hI*NQl|bsezl;jUWfh8zM8jt#
z!(c<*Jeh@fmU35z-~knK!;H8VN2Xxu#V{#wBC*{*Fs4g|@r$DeCW^tUFcWG|eO)bv
z5?vR-1;mGn1*yEQ&?{KXLg~Y{C$o7}Q=g4+(m5V|Iq}uM)6fRa%Skq-QO-=SO4a=V
z=@RY9sSO?p&X@v{{@ub@D)gttttO_x@L9hL3yY2vdB@t;7u_f$rO0%h4yDDph#ZMQ
zwg|~c5NL|wMyQ#&iI?o4;GqLM^_lGGLu3ueEG?C75(iTM)Z_2gSLCUXNfv=ZC)xsX
zTCl3f8G>!4P*u0aB%r_p28;~ld(SrlRFLxJbSI(GP14cAF(VUY&Q8uqZdN_uu(@*@
zXGAQ^;XsEO#NNx(XISb4YV<Y@a|^-|^#goa$Q>e+RU59Cd!Of1ObL!Z4&2KQGnMf^
zyHF9yAweow+~Nz*yhFjZ$p|y7b*%F6(^%tv%Vy4W`LfdboCUjm4NLqkh-ma6J55i|
zCQDCo9a*(bEpZlWwpe!x`&lwL`XZ}5w+RDUtWBI20(auxXZVLo92OlT^sNx_T*(r8
z<OcG)<a{J=PImQv-7!QVgQw9blgbPs&`&DoWMV#Z4Rhi-g3bg|_3;*!jb}S)DV@cS
zOHbEJD2V9HuwGJO>rF58?Irqj{>TFl2K;FMK<*_1p1?S_ntZ2iLyh_h@MHv}vxQDc
zv348|)B<Q>i;Fckus|#AogD@{Cf93I^PaUY-vlzugT~*oGFqMRS=jB;kEA1DMoX!{
zm~(#AwtAn?Z+@VPs&Lv{$0cti`Mu&)gyhCzU<EL8p!+ey2LG{Bb<2Ivkp2HEO@Rt@
znnmYAUJJ;extlxV<E_l(h`9!^W7ybCN*e#65+pmhiBV$>z^%;lss_Rdl2bfBA5JLQ
z2e287R{RcvUndXb8>ZLyzj3m<9RNs{x?fPNd0Px9$f9gN5kz{DU6zg~k?^u+&k2%X
zqOi*`;)i(tc)dfJjx7{(oT<C?b<1Yt?mFQ;a!vgRKe~hPav;v3{Ctr>A>;%GrUn>o
zwbaeYUX4#$>6G}v7)X`n{lnggFva5VbvR?38|v-z@g-#u)lfx})eYz)^o!`SM=NBA
za}uK|5?=|`6D}ee>2#SKra)4y{z%OV8<F%IDwT$bRAe3|JvlbAMnuOdp@&P*2h=-r
zr{Wx`W{8Bilf)~EPT6Y5Oz@8(qM?UDNqvS)F%D<DG#Ci2Q6)5217nSFke0xp!Pvkb
zj)mRC3J|T)t)f*3z7N7*v=K*T+YqUn4D!VF&!5Jnp-HZYF;zkfFH)fi_9~Z)e#Sq}
z)XNoFM@VX_>VFf0FTC6hjgXQM5<~xoW1V1nlKweO3!`B8(Hkihyz>1hV^ZIPC=`VX
zKzY}C{*aXr5y#BwNK>(U@9n$S?C~O!^a3c4huZ7in79zugKis+jpuKuZv5<VjnTIg
zfYx0&><jjs%5K|srR7Z9cxr?*xQvCJ06N`Bwx-y)#MoiRjfAqo7~R48`t7&#md@C`
zcrI@;1G}pQI|f>{gBN>WO&Yb&bW@pn@HpDyD~*@IPk)kkC(r-JI;W==YigaWRIsbL
zWdwViHz3+Qz^^S(`DbMR4~4~fjJ2Fkh80|@;i^eCQzHAvyXTYM$eb##1~I^|Fniib
z>o(atyI!T}r-_|Y^w+@hfujdzF&J?bvhc(Z5GMh+%{6qWCCAFn9Mh(4lRAkFfFd>{
z%H#8gf`<)$wqp2b^d%~;+Ke>a<j$iME=sD=z{5bW>0^-hreum73D=#l-==_VvPjga
zbEkUQY>)ah!*`^}im{?_Gki#0g_6%z31>rJTSG6^Zy^$s`38P7bYrv|<2%vdDByy(
zuhI1Yfn46B)ZGBbc(NO*vx?0VMk}oydta$mYt)x;NsP~GzD(a=s?m1f9R#{eSHcz{
zw5S^mlOUaKyp~vE6ic~o&-G>!=jm`jU~({Q#EKLrdM=*{_l%tEi20`o2%7$k#AI@Z
zv+XHx>i06G3)O<r48H3rCE`BhLNy!Qrd{jcK(B#FctKn{0V_~>m7+AEABmkv-U+so
z>IRpBU7SE0Dhhmec$dYDH|oFHmxnY|t){(@p<;UU2>J=Fn`a|~jyX)<dy)KQz5PML
zX1x-o=R#eeF^R76IiP@fr|a(ij{NlDjShk|SZ!{hVFqsa`Se2qWv%1I3b%f-A)~zl
z8r%M*(CR`INvDXd{zo$zO59_m4YpI0Bx$U)<)!MOvmufba{0q~?nujE@q(E7`XtwU
zt~x7xevtg&OZ3nflNx|5CU83t5==S@ydK@n(8CUf-Y!KOC^n%i%a4ET>P%LbM5IN<
z`-@oxD^9oA*h|$RMr73askX$)fSl-^8;K3BR}$BG6@gMvQRID@AQBbw916GGLj~l(
zkS8GrNMRjb2QcU{T;+p_^u?M8mi6Raz-5U<$;f_kv=wF6FS1z5zy>eQR?Nbk@y8ZQ
z?KX%A47TApg5up|w^8+Hz9R9SfftK;#q$p67l*6onF4ricXtjW^AU2T(jJN*iC}Dt
z|7~p(Q?E;Gw1(RW_8bR0blJx0cIS?c2GOO;oa${w>M|InZ=RH_!WK1bBu2GZ;8mC5
z<OmT!AC)EQj()B7wMz(y6_T%etJUuvgzcgW_MX_qAbG%;hQ%*#dwW~WFOFI@_{R?Q
zQBmLqbrGh_&<=GV&Y_NtX<=kSgOw*55KtD^y`mx=eov=#a;rZi2tV9TaP^0Zoj8zq
zWC|_e=V0h#1U+VPZ4^K+Tx{_03|ctW2=6fBdk-_%>Z@xgoYC4EgbIiM4O-rjF1*=B
zC-&48eux5T_zr_Id?72+GmD~FQp!o(2_~0`t(1^ps8R}Ns>I7-^5vL$IwN4TBL<%n
zwKO>;D4qZa_<=wWEP!=M1yee%e`%-RM>)3vQ3aGMUMf`~ZA2#vb$AP-Hjy@@5T=}=
zmIn*{!I|B^1bTBb7o+k=0062Ch+sz^RL|`lhfrlQe#7xs>IY<mvJ<mXql>O12=+7|
z#@#*8E>J%1L8wVJ4hG_52^8IjV6T_RSg!H-=E!Hg4ra5!zCDpKnavq6cRQJP_JEv@
z&8pzJiR`xzCAD;a+br2IR&U`%=JBo%s7S}4!k3#ZKN(->?aXc_q%t`{E+th4_M>I(
z?EJf29qFjTMA2jzgQI6#QbLi#-x8E>(pboYv@>*Kk0Rj4Oi*VKo`}qdL&T44=M63J
z4eq}_pY+M?OOZ%XVkO&bin?HO+2x4JsfDr8Lf#@Hflj7ZW$N}DdG;uL_Xv!qZ<|oY
z`{w-te5gaCwU2k-nIaXc<}6ZiPKkJa1Cjj%PyGk@h(Q%kjLyRM*k%OIofi}Hap97k
zKMuC?RplC22ii2sUb4F*Q>*j938#~Apfv@CWF|l)0B^&}9!mFpFRuRzdffuvDD?sL
z5tFNHsuffl<%QGgh7=#38d#*bo@ubq)zHWwN+|br@)VyKH8)R3A3AG_oN?PhP2^}q
zObhy`qgVd5skM-N_S)hX?xw?864K=Z%<oy^Meu=yCTE?%mJ%>*BSts;cDs4|HbxeO
z&5OMj!^%`>qb`Hx8}6jdZJj=jc`%Dqy3j~K?!9~$NMB)LKK~%ZI9}M*&f4x~8>}q<
zoG(6N8qsO}7n>DDDStmUJ1_I8xU0^g8Gl_Mv|$0YHQDBG6OGvy-I>B{3<J8f%B=Ka
zO9Y4?Klq@*)8nIPnNktyufgfXfK(ICrOmNHS$@tUk@%y1pV_(WRQ)yF?LXFwjP1qb
zFd0Yb9t}?8Z6v?oVDiprq$Aj2<?55wmKd2vDdbbkb~ex1!JK9HO)h{aAkUv&!gX`L
zJJ=ifrGuC#ZiuH4=9**-OVF`lalE*j16`buZXRL(W|zTR%RI)R6GXG~eLZ-Q%7m`7
z*Zy9}E2ID=>dRAcTXPVkbpKAqL<tv>inFewEAq@A03lqi4+?I>fBzRg(`$f<s5ht~
zk0Y5$*!3AmxV$8a#Lhkl?oOgN546pJ5sw)gX5a@FBBpd^5@B>zJ-3$_mmV~eO1iSH
zC5=RCl874;64bXb1)Q!)^|OTp>JoXCA`Q@!Cclm{hD)GuzFy>IR2jv<L5m1Ta5O%^
zLEFB<3r0D`(Jklo4tU+aWew_Zqq+t+wF%*+rz1wsl)7uw*@Aj5AIU*0B1r(0DDY?t
zyG4|TP;*GdiNrgeU%YqyyP;rWL$c#IyQ$7T6jh69S>TDROUTY=$BLw4W8wVe1)$(_
z9u$IrvLMzxxDg2?*M(hdG}4ZH@egbZ&R(wb1iVEEdGtF4K~#5!kD4jfyWt+{pV8D^
zr}}n4nOYm%usij;3c8Ak$SR8p&#|D9I2;aeai!D($&MkFjY$ASDAU|2)f^4B$ix93
zM9VBk@2U6RBp+S7c(@2QBrJ)vdmwfU^5z<xx#mPT5&lZI8}qQYWoeXvTQNnPhu5pL
zG|Hm{^X^zX5aHZv8=z;UBEtu?pos|yNf8MR)Qil_+#!eTw0JN-&xPW772+21-pu>_
zsv>Bmcq1f4)IN_IM)tV?;Dp^x8U|>Hq23i8CBq2EI||N`Tzv&fT5DW`!U{<nF_66Y
z{N23^(n$trrd<`ziQNMcE|!`eKOm(tJO!yCaGr#M1{_uf0`#vUqwuc^EH>G-At;jT
zOwt3C-(S)g_?mObX-=o|xZ%B*`M9E*KR10VNr(bX74?rK(n8$5f+&`9F$;f2sVS3=
zq+jnfi8;r5O9fSQ=vy*pdkv)Pc)OCxf-7Mg`Hwu$2X7=GbFds?&Jn@iTF4x%5xLKP
zpJN|Q$=*~UvW-&aG{mhEPQHop?%Yn#>XkLg5RGNy*_~)@D%=0V4}1rMq%_M5Z{s1k
zyZJQq7t^Va{1LghR%ybmu1Fdj6dcqjD7ilZZK=Jy`QvPJm-m}vxvG4iChWfnA&tBA
zXDmv{kBaV;qs|zT$wcThuh?Lw(HTxL;O)f}-m?F%_OT37^t(I-cI+^6f|&F#u|(TZ
z3(~j!;?2^TR#0k;A{w@|9R8%%fD#mZLMAf2VX@(v`~~8(OOy*v2b`?8hu}c0w0<2n
z7{79aLs^wFb0s~;*B8C~8T~>?CCrD(D#Zdrrx5-#FdWdw?JDVnsLg`&68mX(wC!16
zsSM<_4M1ppy8J8JTnvX0#tBaS^efyM|KV2+S#0f}1|~pP_=}cSwPneFgU=5<RD1eu
zsD!43yYl)58a4LDp_qI2x<`sNf4w#V!E#=NoQ|*~Ru#b7_N{gI6W87NI=``9P>^I`
z_23=}sphvfviW2hN0S5Ik~IfZjd~5%(>|H49%po47gxSb?DZ`<so-6`QZh|cHtVTP
zau2;IcbEX3t}=b&StE(mP-XXKZQ^jar*jEK042iZR&*%CC)qE)qC}Z!8;s{8w^xiu
z>KcpsSmGWDE-+vphg-xoH@pA?t{ZbJ3nHdH*5>QgXn{RZs$SV(uILBDwzlgem>rK@
z=4$hn6J@#8xknxSHPj*eZAP3dujt_lLag%Ta#-a@Qa}bHT%b6eIQ1%LpFtSuc)}ae
zS~&+9liDx4tdX_Lj*~8NnxYHXfDnSq1_R{#CT(41$Z-GInK~D7p1T;MobRIdzZbq0
zzW+O+^=A+TZn=A8sx+gSDg~!7hGdT-L%gUn9&tE1hBsNN&$ES@s^+T5@AZQ5zR2>-
z*`3A>1Lu#MOFlU<hyFd++Y5va7KeJwubU(p5+bAVY6rQyFcq${SVEle_J%X!RxpuU
zhuJcNB)%*c%2gzkejr8MFNAtB(s){zr^g+r#My`Vr>KOGk}(le)-hFEYhZ38>>q@M
zgp}#KxmN-jO0)=m#i@qT`BfleV{?%R1D>R$^FT44jF=Lf5J`TnnKcBr6^-Ph1dElV
zBRT<IcvvZBX`EqQV{;z94y?s*5t*<kF%^3#<OJk6p;n4@C0Y9e1yO9qb7|Z6bmvRC
zf-PQB+DsTdx|NmH`LEDtQ-vx?9I)~+LxI#_LeB!I8ATi~FX#%Y*z)A41X?<D$Ywl|
zF?3;vuNi7gbHu5?5Q$bL@O`a^>o?{~ehc)b&{+4yWW#+qY%IU=jkqt0fDZRoBbrZU
zZ<O{HN9!yU>2NWSLhP}FBl);jG-kt8OC71AOtwhZ1cO6FXC!nmnqB*^Bm*zygoT7a
zKtPR8&{Bg`JjV{rGQR;{h3(@1;W7VjvW|-SqA#lNC&6B)00{=RbG6yw{&a!W+1Yt>
zvn$NwaVKIFlo(&iPfN)is1v;+VqpPRB~9W~;6JPjX`nOR-s*IV>P<YKOC>*WmS(Kb
z;i^mZAXc>oA5Q6$mM-Tb!UC}_;90q7w}LsD&L$S!9$kC8<1@Oqou}QQ)_On?v2SIT
zyZ?7KjKaJBr4H2L=?nJ6>W=|Jpu;mh2O?cMs}M`bL#cKJd9pQ^gqUb(Jk`#{Fj=X3
z2YNc2O^6u$S)N74lRG|YG)hK^@lIzG6s%Y9l&sbM=%zYchZ9a9WOU!ejY@v=`QGZ}
zy!m=9J~o?e#BelrzT!O_$Kwi4h!}*s>le^k;}^P5_xbp_ta}%*R?E4+8yN2bYITGM
z^5wOONep!E34sKoa(<OrxkbVIKgpFw2fobkt4cAPCNuW%MExFm?8xS&nm|{dVq!|M
zzLO(VacvG4ES@C>flaQahIbv%gcRGnIaTHQ>khYDAnb(-lBD@oL(t!L>(J8ydp9ot
z+r|q%kXgw-%=r?!;%Y8wQ*}(g^7#LQasG$O@kW3-I0pJsN(<0LQDW^YgocnVLq?O)
zGB>Bx>q0Kw|2EDy5w}n$E1|I=$4W#_vLfc?g07RKO6;B-_{fnn0(7#rdf(!PG}8uv
zqlE6iMFQ#Y+>!8P4;idp?YDYAQDUPm4d#<MA?ED|1W%~v=Xa5vxnf6oB#Z<A!QR~8
zi^>==7YSQRz!_E6Hek$H3|fCUUj61$cN<=N#Mu?Ei6i}nOy#iR>$cd!z&~c#ok<1{
z^Yg{<n%We;&o*W%vlG|Q;MxyG!%^&!L1I>#z4>!d_d5+DJ|M?n258v#H)V(o9ExMm
z?WoNB2cvT@R3|hAsFYnIh5QwfjA^*f$h5&oMA?m(Jve_>7ag!~cS*L6m^-wxGclih
z@4j%UW*aisBW@6xwEC`t07(18NqE1AaV)(1U*Agk3KiZ=9`TLR$HDKmW)zeZ<UiSf
z5@w6pzWv$5E=(>LI_!rWf9Vtk<E4}9oB0Tf6~`-RB_Vv{nH{7ViiO@UWBipKW7fGX
z-J#K2*d3h?_~c0}cx6!OVQ=jqBHeOHWVt`9-$VLD4zwo)-s<0xK5CDW|M!#a<P`Lp
zsfR;=gU@0SDjO|1x=AxSfn3OyVh2Y&%&Qi(Nh1L=GOuPqiekol8ZmL#eX!*g*K?)H
z`oZR;MK{&(um;~i5OR6~*Tjk?Vk7%6^=k&YHGO2Xdr&})u)abqdx+6!2Brjlkyn!`
zR0&xOhW3!|<kh|^VLCDuvs1I<#V~<(D0Y*IFC%2tUZy-kg@*|m;$YBjwnJ{Kl!EZC
zb%QhFV~Lt66u6bi=H(9p97tNvj8&=>VPnwO+y_*3R?02rU2a;eQf`TLQ24KP{f`!5
zSj?Nrmlz^NyOsj&_s5(P^HF8BC-7NJ>4c)|oBt)%3OBXU-0rdFA(yTJvY1CZU2!-e
zuT;<WSH@7>Uq(@^QnLU4%_&u@fONgkjA-f68(x>di@I3IHuYp;bf67wo|HD+Pussq
zV?E==1^$$B*gbGCZ*AXS=lX+$f)eP+ij&{CX`0FF2ttM;yOUwy&kCE8>ncgZJVjRL
zG%dLCBo~kuPG_lBE?^GslUS_*PqtxQkF@R7@^sFRemxkDk;X9%i7mY|Zk^EcjE4e9
z2iBj&4qlw8s)PuvKAyhit2p}~hVcL2+`hv>a<UAiC5e9G(L8z8l?OTfDQPbT;IKfB
zrkSnJOtgdo^n?Zmfrha)Z=@%UD!Zklj$J~Z96<(IB2yJ&qS{iUmW;^_Ed`ikuJnVm
zDvtXS-8r+~V*5p&_ZrER1*}I$bxd#W1&ISS^Ocy4_-BiwY^ISt!Y-(0L>kQ@kG?<H
zOl5K)@P<Kuv(6oYRM)N}1LY$RqqCUS)@at_(o#S``SbHCFWTrT09Mm`y&5M-xXsV^
z<o+qzh#(^AiCwE$?U{3~VBdRUFP!*D0{sBicl2NVyF^r6m@WD*xh6%}FL`1lg~&DJ
zT*Rmpep`cxyjFFV@+c~^5~dj_wU%2V<}fkBwOE!GQNbFSt|1Q*|562j1><8<Zv;qL
zaxZ^yAhLB~Bzg*2+i(~WfG^fR7!nNjR?bwS;L9H>?21(@U&aPxsQ3?Y#IzdYeA>t4
zM`SG}0Z*jgSor>QL+x2IP|2Ucw9Z&zOT!SvwzzJF{zC}~P_gB4hquv9aI%fayN%<<
zXOvo|aoN!NkLhO`aolbFTWl=M3`D<^o@ia-VNYP?)nk&9^1_-}5N|3I9Y~JPBS}X~
z9+8uLKkNk!0G-j6T33q){<QcPC2^;BqF!N9)Gw{uQZx^z7j!-=7<Cv82tK9dW6sZ2
zEH+(FNncv%Yau#M*)Il3uqw1?D3?-&^&v=}VR>$z9i2idoh)lZ67^8S&+A&JTLF-h
zS%!Ff!e#laK${^cDEE5=_#T|t*@mOO<#)UoYwe&SCyD~gNzW4vWnhr<hXvYF*){OW
zaW3lt-B{h!+5-w&jTUe`oaMhw;kZ@hi^=xOiN6#&!SXlTFyyhs<KPu94|fHj;9`ZL
zLE_5ik7#K*FmItx!4wxlc>(}Hs`WpX48PJ#<fx1tPn;eum*5MQv-$^ZAKTi^dn52A
zgvF!#pXj`HP_Tp9;IM7Y4PqCye-#w6?yt-uFb<vr^Z20bnv})j6juDxE=P)*529Rs
z8j{|b>3f_Zf~tVfmq79rHq}GE!zlTOi5tcUlF5ZeK1zuvWShC>uiPVQypcNlJ+h_x
zSKP(<(ry3hN&^a6C(z2lZFvusL9bH4-p$P|bnlAZ!Od;@duo$52(eV~eV*aiBYv~X
z?P|1*#cT@qkV6FHG<=+Cg4Yt<>17+ZFEY!e1Ur2n5G#))Q=Y(t)%3gk8^xq`FDuwL
zsot<xC!>vsYz@Q57gw?*#vS>`0|oIrI3h)~V@h|X&{nlOs|O)2+l|TjO%9-2hbbDx
z--GZi1-mtEYly#iS>ufvqzorHkBIjM|KlAji&^(wv+(l$p0*y!w(psWPmXZ;(t#KK
z6RL;BL+E03;DJE_vHAfvce{S;!{L3#UR<Rl#F^55vRy&*(Da2%Cn5$ig}V`sl0rbp
zDvX9^#VU4PZIe3vcnwIG=hC*{g~fFLf%!e7Hv<Aoehuhd4?KBz9@+zVQ-kJHTKwZO
zzVIXv#GlzV72JAx;La%J>A$a?56)Y#F?K?RBGsAlx<*GQauGK4w4U&TOcyixEof)n
z!PRIrLqcmhiIln@F?n#SER#M9bvmy>8|@bHsMuuf_g17#d0!PsFE&*ht@#m$Rp0jx
zj>aVJ+Ct?ny?W`yaL2(Zg>(8MGh8krZU^23bNt=Dp<j5rcjTY@BJiX8T`xf?sB4H5
zFxgmHlM1ao$l!9UM2547_*Uc{wcI~;fDvppBdagh_kDwq#bU9bjm3Oz*Xr4-vsOZk
zpEq(VN}|=><O~j0pzVK!k608#SZvp^;ClrPBr8>pqm3(OCrMhQna3eBdj5Iq_KkGo
z^Zhp$a+?k!@;wBt4ScsP6aYC$G0ZH`MSpPtD;P>$3p%0euuKA^=m0JALL+BDJgg0t
z&F>Q<AypUTthkUgHFk8N1dD(j_Y=Mfk?j#gytAoW+@BWmI}o{4t(de(nfNF(U-h*l
zXo6?Co|5Rd17-A_sBE46n}#)?FIt?6aR`LF(SCoMI~Ho_9a)4@l_snh)|ZAT1U>MD
zwG^g~S=7LI*72bQr$$XFR|b{h+0r*KaO|}4^X|RE@}g+zyD=ON6HLjKSAiuS#tFHH
z;oQgJ4SB=q*A8}Z3{EJGbMg$j!-adljC^d-=bjT-kXRh>hu!6#kU6F->j{M~!C=-X
zr&&QpcoE&A;wrUty0nmVcKWaB^t3oI20H?kmpq(enY5_e0`XpEZfp|Yi(o8mx!Jm-
z8ewdbATO3T&-&5mM>L|7OFZXmUc@h{=9eT9Cl)6wS1T2WiPSgCNq<=Vx+1@xa>DBt
zj%GWS;>olT?|i|Y?YsxDR=KnY5)3;=8gPA2zMDOO-kRrB-m571?<#F%FLgk`c`-^`
zsVv_wA4e)2ie`qw=o2oE#Ol~~)r;Cy7vdv3uCJCO0L3J#&I>Vwi0wA})vr-^zs})3
zVvyb4-RLMD=eNitpUaG>wae?vzKt$u{f;BQF1}a{_FC@&q?7dYf%sWyfNV5X=Bsn8
zr2LI=PE1wZaXJo{>or7DX^Q!BF?@Bm$<sfcf1-IoH6@U?nVaF#u|9n5UJfJp8-9nt
zITUuHd(<W@EaMp|+2$J#9LaRL0pPGlxvKEewAma`6HlK`zi%q)g9DIIcDXY%Gk318
z=*#%Q(ZL3cOijskzoBS)?u8}Jw{%yf<R^LKgQA&fIFf3@;Mc|Tlm{GDPK$CsZ^mSz
z@B*N_)(!pr>G!bY3U7Ov%;#%i_N<5ZS~?15^E5%FY8pKlkg6cygsbk@HcVI)s--*t
zn_Y;Y{atl_1J0g)O2K50;dR62(_;QfU;+M0hUwU<bRlI$rA0cEYo%)DkiHiSL2U<(
zxyI)H%taUW&O<s6=6V>xc+&kMBnbR>4;{|mnhS>Y_J1JW(82?v@hS{%BZ5<VIe28x
za?EPiL?}<!4PVcS?3-stT#CCDr;^IWN@*7xRpW-O_u4E3U0umloU7^_Cq1JG*ue)n
zT8M<L0oEeKCgCvm(sIKyOG$YZWCQ(V4X31ah%Rz=p_b%M;y=CPxg?a_0+E;iC4986
zqWOVFsfw-C$9X5(bS}8{lr*Ko^f05xc4L|A;abMU!T4ZhCYLGdg|1edRp?npDlJ$V
zQ&~giE!4tu?fk|B1k<Q9&}j#&T4y2ca`Q5bk6(Qy2mY{{ov6h!SXcQWwJX0fJ+fqQ
zL_E?9rr~v0q>_vFWx71c3W;U4n?-kD3u^5Tjhw9%e~|$ikq%x_OQv-NIWC#$V3P8W
z?NLk>2nS>(!X8HI_DfR5$dXHVU_H;91&O#)p~|ZN8PUif>+!bxzcX~r7TQ2+D0#jo
zj*a_uy#57~h{T_lRj7y{8CVM12NY5Kc+WxoNNFa$bNO>6C-;=N=lF|9*LpmlnQ3W^
z*WZR1r{gfWlI=s3gutq|TVoDlqSNMCaANKB`;)X|<Fc!w=2Yg{%dY!Dk#`>Nh|+T0
zO@?1~pJ4q~Q0Zfbo3d`#R}-Kjr2fi=N0`r75;>>tKg?E5gpJP#QjS~`jQ`eVlQZ9J
z#)=vm3qxdx{%lMX8vaYMQCy|P(o(_`9XqnW-fI6dR86BFUCV>hYO$1|O7=#2@9qv&
zKCU5QW5xMXvGix}f;vZvrD5Lw>V_?|^)iGs4V|p4$1j_=&6o(^eYkH<;hW`cUIv%b
z1$zkFd0<15gzWUMnhfDlCP!dSXk+ktSB1h{gRs&J3eS`Bu!2}m>@Vk$*#t8r^dy<^
zHae|F8(3IgvP?cFczCa`pm6@jfA)FENPo%HZ4LHnU1vT&tEHw<Ki<7C|NW+rkxWcc
zR~Q6FE96du+YBz*odG}%eTp;W<(ZAUt)Qu9ULHo5jO^ZY^S0gt@P^fbcdZS<&_d(Q
z_x7S#Mq>J+wtaH+dOO^uW$<T_zHDRbu6remwITxj)9|z!Pa_=V?o?dxr)!MAcVRP^
z1s2PT%)@E>4G(1?$R+vf{1|NceBt4Bof=P9K+&W$K6$}Dq~*Q3eWHwHJq^DY=DSxw
zzek?!k1bH2c)A1C{s5R-l}S3ORY6j0x5YN+F8Mvw5~$t*E<Z-b%{O@E2q{-)WZ=f<
zX%#Z^W|DN8avMs>eq@$;mJ4>_$<dKghiff%fzlY&JBQrg@@JoF7~RwZ<XlvRf=>Wo
zQxlV*urR1GV8K|)1aOj+oCCUV|38XKMKO}vPX?HmMX0X>jg5~6wuXJJhT{P8f8<Pz
zmY!-F&9)dJ?QKL6u2x(j#Q-7=)N#$S8JFtNu49J&fr%7O(1u(y1HeZ}Fd3D$6h!#`
z9&4i$EICUtEMB?0D*+FzE?-V+aS*51uR#97R3jsK*UDui_G(u0{W2K5=(81{Jz}1&
zPcodw{unt0*~pL#dCG{jvw7`$dO6*;nABF%RPA-eKPLVSCDe7-S`vj-+5@hi_I*W2
z!VX}{TO}Yg@BOuGtO80pJee6T157DPDp@df3|Q1@Y&y>b;vo=tlwpw@|N0)3*^17L
zj^i5QA#F*GbE%lvi-MCtBhZ`0(61xK)0xBUinJzoP!J_3AYD+Y)o@KSOK+ja%r~8Q
z&YI*y#nhOY6B`*#-n4$7b72cc4HQp#$I8jY7(_^{mHo*x?r|txt>yg)5Guo15UAU0
z?3$nb#}mK`h%m${qRT@vA(o-VjHUOp5Wf2Ii`^d5`6sPyu`Q5+Mx<+XMJcSx{ReIX
zCAg5*hWW?c-<2R%ZRPDSWa*OI5HIV`$AGaR@+-2g7kp5<tYo4i^H5sRyZzgTthH_r
zP&$<_CQB|iekf)>F!aMG>`2}5iRQ(64=A=$ht!Nh$;fq*@Co+?#_y{q60X}``%vO<
zqK1|NovJs5NS_$Ib+<m3OZ?xoaRI9=#l5{68UD$SOojGc8=FFEN?=!dt|b<IAJ2gF
z{NCO&nwdB!i5E2;-qs-Kqn6w#X`6EN_&T$F(+xa+0w-T<_?8MY#swFaOv`04CRljf
ztY%oN$tZ<J5h{)IV&l)@tT2VGK*h-{2iI$@O5RTx)$)$su`MWy6uG`&oY=ZQm$Z~4
zo`x#hSMKPBLFuXyyH~*pE3OATu9s^t^Q{;s?CzA6QmXz%-P8!yn*nBg${rwB(6Q@g
zGiHNeE8Oa#O=1wm7puW7ENVv99b6H4qx=@xGsc55513Q~eXIKp*KSAlKaC`f_H(3S
zhRoO|;}OMrYEyB1LKI3;{KInf#8g&?<u*^&(I*=t(|;zJT%Dk1wjOgEB(R5P&%%w{
z(s0-FkbU*UrMnk@X-1xuJl!H+bRrOVL;G@DC*C3Y^NsQfC`jS28PL36Q<!@1k@YsY
zL-lw|2J$7SewXQjU;A>0pq;brgDu<Jm>JXJuHz{;^NK~f^6%X8N;%o_2^QqtlZDt!
z)^oa_VUZk8S`Tv(e`e=tetJqYlm?`WR@v{)uw86?Bg^Mli-0XQ$oic?E#|vW2`~;U
zY-a4BqXt(i$?d?=W~{&`xONKMo4O!*zS6Q;uZGWK)Z`g475HIE`!&B>le_zYUZ*&e
zsy}lX`<Uj^k$oA5J`@=*k5Hfu^iOHD8X;Mtreu(lGJo6Y5I_5-6Z?RmdKR8*<x6+O
zaCDo|bRNNp8G@p9w)<l1-C|>|l<>vqD@f3YGQL~8yZ40j<ZyY!J9oA_qIM&lp6E7g
zP^kJ<!0KliqTr#$v+ZgSVzL6mxa1eEB~*WW@grp}0fzC9+QQ=8^%k<yrI$&gJ{ta%
z+tX^Q`JNeK<*A{viED14vN}gAHV2d~<ht`E9JY-}<@N`)ibirueWC#3x`c_wPV^bW
zOrH=E&wM1<D#n94gYn=<j|1V#NnB2Q6=p?zwUA;!R%?aOlyR6#PvZr<%Ys<}w5OGX
zo63g`Z%XU=zxr?cdlw=k&1?#NP3rI*WdF8j17E<yt;Uol2o(1M*8Fo+nj9`X1Q~6Z
zS?PXs@{;tLNF2z2PHFR2_(UujNMLbNHC82KBfnr=YJq%&QMh<!_SGH|_T|jHnujtC
z<jI4gr9MYT1vRj9m>Q_SU_1Kf8bDGaJcFY1s(}+yankPbe0nofZulSM8O_mX8yFkY
zsZDkBf3wiR4p^BRPX}`FK&$%uck3WOn1xpU83m1oDC(`7<#6-_H`ovO^jhu<D>nC)
zpURVccHnq4VZ`l}+f6Rvddgghu183ueD4`7Y@<Pxv5-NMT1iZ5uzx)vx7KPv+Z3bk
z4eFbWOTvsGtL~U7U3a!cuUctxmLXWh$#A<Ci{{+q{6;a*D~4YJWC>_T>4f0YQZ4<J
z*jB5I8lVtXGSa{#5q2>dgfu+u=e0lWd-0q1lsuGU1RYseq+u+zVj<604+$=SRqn9~
z?TSG@Dt76AG<UMzu8(JSS}P1<54<j57r19m^c+*jw?w&Ese@}Tl*6~N$~WG|YQ1%(
zRJp?Ip9Ipy&F4*RsG_&w*qmu|fxKApKp((9XR>dG@jYXOxjauA{0w=&q0KJAmx5}s
zEyS)fmABUYVp%W1xDGIUahXJauvCLB#wI}VW`&4DCzM>~)3u%By=CAfikdqjGv_lP
zK1;6aW3E;|{7|Y#@*~D{HD$x|b`)42OecPKCuM$!gIJH<*>zx0Wn9d(t~0yRXe~h>
zzD?*bG%F0)QJ-Y8TJ#MXEXq^N!1dyiGJmqu334gPF?^eI7&Rs@GcVq`*YE!;BME-C
zmb~J4!jqodAZFUh?^~({JmH2b7A}ZZXFq@j*mT6&Z&%F=mqOKADwR+z&uwAGZ>~ow
zvJT5omn#rbgni-Z3WK5Z++QxDF({B^cvKZ;at>$5o2{>P{W2n5Z|>d12{i;*ydS;s
zE##I3Ba{7&!+&Np8&Yk(Y72<F948^62clP{F@_hGw8>t&*6#=C+pr<Ib@fx3FpBo%
zksyBE{VtZr{2N9~SBX3SSRe&Y6-U6lAlZI&{Dexv<t7}Ui|1^ub6?;XK~NT6R;t**
zd4;zUNODYIpmTf%aBoBtwR8~xuK>fH3Y(y!4s7@2LYFxShG#Lik~3w9_rG=lT$(47
zZjYe3_)bjQ_1A_YOr((@zxMzK5WSEPt|3P$`4XDp-(82+c8rg{2qcMeAcITj<wX#D
z0JPN@dG{FD!<tbEB}Y*CU(z~k9XNZAhg>`=Id3mPKk)GfSx#RWod_)dNuS?6Np4`k
z-9W<K1Q=L`hyEfN(~T?*edcpgjyaE=_+Iv<QpVUr%N~x_53zthS<Uz-x?bdL-I*bD
zj8IPYz4td^KYvWSuwMbz{bWCy8s1a_kX|}f?QOGAct3is?khpEOQ+MslQ~uiJ<~)N
zt!l+Cu`R4WZ%fY!BrQ3r-0-N_zp8mAucX7#IiG;!ZA68gqd!*9Y+4y6k{*s!#Gm-j
z;xu3TS}%vu>ZjqFEyIistVblE%SnW~3=Y=qCC6|`*_y~CK$xW<=K3b+8~A<RWD7fa
zNs$^Od-bX_-d6g<3WKbfF4_O4q+ycJv^RNxM@rh)%uKEdiAchc0;E%FH(Jvrva1iw
ztHaUa?S<AiS^d01YssJ8Fo@`ioxE)n%=KuI6wjiY^RO!oL(B00EVitcZ8LYE!@}SO
zE7Z+q@^9_tbf%@EMaA;jgoshf9255y7gBJ*WM6qq_ImR<?I)aj4<L$mk1y%*h(UQl
z;ttIF|M9h@x|WxyP(G?D65pqSVwF)Dt(a6(<sBN9yUs8D(987QPzXY=A*`gPvZyVz
zsyJ55OKLn3Kx-&+MJS7~+afaAJ@}jH>h69uI}`jtz;k~$rcClx$G8)n!~ocWB$JT~
zB6Q4FAc-zEvqf^Mt=;ah@_wMC*lD?v`*(A^=9qbsr+XX;4a?zyUguZB|2@T?@-jf~
z(dYKO*0xoA(e!T)MI!*)q1>dOh8a0}%`M@_E4n#I+9#1tNn~waNazz$(rfh(3YXy_
z*se-((9MlVA^%<SQt!wJ>g~g~*-YOONeZPmQ=x05RfV!PAv4$nmfvC$9FFACh`{CA
z)?<&+9m9md$p)?&Ta6Hra<=z9aNRE}O^p8!yFf(0N7rU$u$5Z1!L?0r@S-Qi@96}!
zx0|H*DSu1|ic~Op(RP|+m5?qaMg?H{PkkAoViN9L-vO<E0IA=MVao?M1(ymi@Lgj-
z5MyE16qTZku}7n^xw{EUS*T;kzEC7nb*-Dr_V7#Fy+DHSPR<S2P98&ahB<7h@>in7
zI3b1%k^;zVg~zAEN`tw1<7scm^k?tu&rHJMW2aEO+7GZ~-?G_{3CmU>^xSgHp8hi`
z9or6LHFfAP-d{Urz-Um~O0vUDO^QWA3Pa<N{t0^=ZPuM1C}|m@SP5O`@jZ*wesv+2
zKgmm;+`br_pQ_{d`Y}-Fh7&;#Vg)3}hjHVe{UuNPiL767Fc36NNU-TooKsXd_i!{h
zoURf#qNJoKMK#DwNkUM3CMs%i47B}=kD)Cb@5+0dg}CT&sAxITghB}er!PeRlsG(p
z{+JT0H5l0UDNdYN#sJeAsMD@L2DPjprGLv}y1KBaB-k3}PsHCh{@E{CcpVmuB%ZK;
z8rYxG>{$3F#bCwU(a<p1fFAWr=6aI(g4I=Mt`YhETA24c+L~I^E>B02n(NRuRsll7
zm`bw=1!N{i;ozxDsNSd*WUsGb;PA1qpk3)9dL<Sz%b(d)JX`Sj^)VphT#b)Tf?rqy
zy~01NhNy^SWNH}*w=QWxrPGu^D1vlymX&8{JTx`bp-riDCZ#%IvGiavkxR2ZVq=i0
zDc|kIx;D^}Ul&#VwsSr@4c~-Gb6l}){4Ds~KZKEU?@1o!>Rh-Hxg8965J+O2Q{l#~
z!F8vvV}#i&wxXCZBZ<-=J32HFO4<&Jr6#KXE+9QF5a&*vN39k;$*{@0Y**M4vdd8)
z3me3(%oHq|{3B+rzl9k~He*Duj-)|f8m7?5si1w&URc_B8fLA`K!RRzw5;uf8!tW<
z0%d0_!H#iC9UUEWDs)887L_n;%L7Dn$!h&oa`L6_<+&%HC3!9u{4Bsg0R}$CfG`ge
zQ5b}(T}V)ZQnWDoa0I5E48y}<+BN1%#U&(`G_!mkl=$PC$W&3P8RY4UprAmwzj=X8
z%V$%4xDU;HbVgANV^pkE0~Zf&#F<AP3{?|@BU@Z4b<0AXYNb)RWEuF~zKq=`?@^7O
zLK~-T7&m?nB9lbOk!%{t(!Q%kZ48?-8+wrsFl+v9s2kg(MoCj#K7Sv^4Es{NkTp(k
zUx&k2A5*$Udkk(u3OmufeTA|%I&|+3_nU_?X~8zyHpY>mh{NS$o3ZlHEwrQ8wxzWL
zsuwZDx`lJ#9UQ?}fB~4la0OJ&%c7XM9wiQpQT0j1AFkw<W~r-Y;p~Z>xcJ1IHk<J{
zws$qW6ID>7d~sB(Tp3=sPhtD9%M8q%jGO27VBe)Ts9B%(nb!`WedmGjOVdUZrcCSC
zp&9e%l4+zjcSWZ%cy!|ulng9Tx@0jtzq}8tw_Kp==!=y6;~vwo=HiiUIDYjZHwjgY
z|8*TsAKZtH8`fjpk~y%~)yLRh7olZ!W;Tfn!L}`1@sJJ{v{yila>Z~_7@50=B94v%
zYqlJOWySI^Wd2|g&rtlyL52q9%i_`TLpXiw4efLjadi7~OqsS4i3wx~m(7EIwU$^k
zjkatm>6Dm+Q9>G@4{ks1dcm)+hXK1nrBOsR7BeRQj5od^Gzm$;<KK2No6ZH4Y*Y(k
z&sI`aMX<+JOkKJcaY-q7ed_>rUc8QmwOvrWR7I4~O2qt`Q{f*RiW^5(V&~cWWa{P2
zpID0@<^$mS;y%=@OQ3hZPAFuojPnQg(<Unf;S7%6tU-00-MkPdXakp$6o<8|8Onlo
z)XJQp_D<zcNGAp7F1<u?=L(cCsp8jZ6L8Zb=(}UsGLs`QYfOKPob(IAX{YV|<{oCR
zK8&I@D@xL}5Z~umvUnNX0%FO~p205*kKpI!o6*00Bg907BA9u-6Z3U|lOGmEd|2xW
zjZwiY8w*`mqCxlGFeT?LOo4LKCQ^Uet-pbfw>Le4-ErsUS*+Y~7bcGNK+BMS1pWlY
z`bYXx&`1FW{$FB1NY<*`%HR>nz_euC^mH`g7E1%;$V})n2dt1%2@t}fWFE|_7M4LT
zp8#bd!kz}L#CI*9%(QBnv>7A=sB1)H_h}e0xSvE!TlN}(7jFac^T2K}(N#kND;zrU
zS5z%z2qlMB7&Y)VmQNmvtxJVhbTS5xorGFN4H5n(TXO74W$<bp>(ZD`uf)M~mf>`#
zh8Qtz4n__8nckQe=nYNgPTwB$N4DSw6AvwJFge|q4<gV1ip{%YaYPJUSFJ+Z<C`fZ
zkWoUAh-Q7pVtB8{QV5q(GhH!}VP3klYXw#2q|IRLzh7M^F}O8x!Z8a^WCaNIjPR;c
zfC`VmN;xjsSt=SZH_^eO@dGiJ9?v3F#^A9NQPx@qGRyXuH0TZ1&Hf2HmK!sSP9mE2
z9)oU;OG7zE2QKuM8{EAuO!PGo#khu@29JQ1zB;-M9gEi!CZHSprc0Z#G)f^y&s;+3
z;^#*#`l!qk^?OK<$F5bg5bo3$&FWTy0c{QykfEML#~gLqtlC4L9y(!x9+>&dEDV@v
zg-Xu0Xi62=^+#hdq(@uggSgSO#_YMhC69E0do{)6VTE<N_eI~guP|+BFDy3FVvgfX
z{5)$mifW~BlZasYyvx)G-I18!3^MFxn)k=*X@hbkj*1=?e10no=-ZXU`Ym%YZ1g<T
zsB#8|+Ukf14@Q}KU9e$FKdD)9_|da>#ND0qP-e|kO3NcqwsBvK?b94;hHBVChm(GT
z#-nQGqogASDC%SbrEIx5j-Cp0RZGr8@)6W%KNzNa`lE8G;+$hjl)zKX8hQ_dmh8e&
z#{C=g+zWl0kzp_~K(>Y!OwDY0Amm|DzbGRJEJWY_Q&IY`D>70N$&@rij}{-)>)#4T
zU%Ornb7!nszZ65p%s}~zd+FJp2)jy6uxjQ|X$`qOyNa>nM#IRd3GAX@Aw@X@Yo_+b
zhN;3aOdN*Pv2gPdbp4_1M_rQ%T#F1vGU8sz4Ba}n!l{?L(7pW+QaM2bggJu*${Gw7
zu7pJs`(VRN4cesAF_IpA#VR(!s%6u_U=05V$mq$bINtpu4Hh&~fPrs~0dXqw@$o_F
z(xqwC{q^M3G0E9j0>i^+002M$Nkl<Zb1wroe6k@zZspo%1y>?TI;j0ZSvs4HtgZrE
zgHKm+HXUMuLqn-9lskDa(lCsSO&R<&hcLWHP6m8Dy?8=Tg%KT8Y$$ol4S_zM5MIH$
zMrJ5vYa!jrq^d78JPs!2W>f>PZK@Xo0)rS+&lslq%$7?jjhC-KT@F-WU8pFGC^8iN
z2@4H}o{1SZgfE}pqPa2o_y$m=sstlTD|$p*=I#<QsAl!#{WRXUvMa<miE`X0(UBsF
z0jf-ljimCi(UJ77)_}30+^#DoG6I=On*6Pf89()htkRDd(bxfjjOVAvuqF1ErXRHv
z65vIZW&*VJO&C1e>OHfWosj}B;So-|FdZ5wJJ`rQ#l*wno`<Kml$FC=I5Qc^9il#}
zIM<H^_K}%=*{2-uGU75kBnVlQ*qIrBY^x~YFeIEYqRgO09A;AL5+r`Je+GKA6enb*
zC&AOh2TaTYD_i1*Or?Ohs0gG}1^&Jragm$1ua_5M7`DjB+?ty--#y<`C?zr}w38Li
zK~gc!b8S6CsXx+%f`9)Q1`?uz@%o(y4^tV?Gd72_b4e&17O!ldi9!3Kaex1G__}+O
zU(kkANhj%kI!y%*?>_~*vbAAlszUEYElgwBB%dPPaGIf(B7*}Nlv)?Y1|Q~URFEIM
zgTkOj8!o59cJO)o2Fk{kC~U=b!9&fvH}4R~xNx?G3V~vGXp#xk*OiNWVuJnQ6&L~;
z`{2l+=-OXi;{O=_{z^m9w9E7I50#=i6l3Txq45wPq>Die5^qMwI_1m+DSf1{P5Z#u
zD8t;!hPeKi#%43jR$y=#3`t|ONx0L<)CPsez}CiE%4CyBGlr=6EZEoxJf}$-k(4yr
zu1idyFl$kTwXFjL&Cd(5v808bo^Wt*$Rnl8Tk_BSE@0UH9KH%le+L-&Rt%dMx*!6P
ziP=cup)4;uChmzW2*x~a<uYdzj}^cl!ay3PQnHj)VF>09sPl)OC@55bf&Xt9_-)G+
z^xYN?&+8j<9BV%GFe@PxU8<MI<xEG6?cWB0FRozQ(T6muzl@Fzihn3r@a?<Cz_()9
z^5G4?YdjTnz5oN?6a#`uGtth=s(sTY|A#79X6TBpP_c0M9~yJPQ2%QfC{(dArf4$5
zO+Eut(lN&t#?{-hV=Hdny-9}|2OPcVibhomn6-S+Rd6W}1_~r>c@R?Y^ZUoZx0JAb
z|JW%QK>-E|Fi?Pj0t|dh416mITP~~GZ`u8Vx(hH+fPn%G6kwnL0|gi;z(4^8{wf9v
z7`DHPxq{~kFi?Pj0t^&jpa25}7%0HNKZJn-8@7K4(FM)?cQ7EFgczbHUl1PoxxDi8
zEmLr@00RXWD8N7g1`06nXE9K~u>Dz#6_o#<#Q;6Jar9LNF1Tld8J#{3>p`ptMoxH+
zyV%Rny__<1MOO3zD8N7g1`04xfPn%Gd<6{rzh>A}Rn@pDGJ(33P+i22{~N%1ltl1O
z?y4e9&hG-ttEtKZy<{*FayEafir;)zL`MFMfaOEApR|`#AG?sjI8lmNE*~EFd*4Km
zKUGx~dM4$^B*@3CNYwuKTKeC8`sm9{EWaZ%3dmDb<;8@Ej4gtFxG}V0LMkw(mIw%&
zx0J{=$QVI6v3$f`l|K`4|I_MnU6DsgR~Ga9TL5E`MMp&=o#WKjGhjNaoIpsw*A~Z`
z$-m$0m&gDiLX0VkD8>Ieu+Jh^-e>xu%rseC;$IcA8DlMr^XK>Q^rc2cK3|de>+jU@
zrTYKZ?}?n!BA2pCp13`VJjyC69|A)E8@LjApk)k7E#)@-H#+bSv?-BJuDw6B{6rLC
z*=OhpE6U)@lre3eaz3vui@40<4HdD_bIN|8+gxL$+xgM=Z;68cp9~ujEK7^V#`W6~
z7#@%MZF`_rS&`IM9u4|WBZLUgWS+Ii*f=PwYr;UEIryZv{+XIY`x&v=w0<l6!c)<y
z-(c7&hhh2V{YW;j#(+LOVXDmpAUOdnKdB{edj|T*P7cTF)msq~osG`@2B4&^5hu$Z
zU>rZG{L>3c4B!{;{utZ#97k$ClT#3xV$O9Lg}xrL$ov+-pT~gU#m>2BNdXl_thKx#
z-en1sYzDBDAvi&XYd%@%UpbrUhdw4NDbYUY*?$<qn0Q<;CgSkmP|O+ax^!WxnHuji
zZ04>1kNl4Cyo<q8wlgEaG88fSdI5t)+piy8h3mrQaPte3V$5Y}=%Y=q!5G@T6}S|>
z2th9{W8m!lShIOG?Dam+<Xzjb96O&SV9nBLALT6lV&x1n`|$P+7!|32!WKC}Zol}z
z$2Z*`+(n{>70Nr?eRLx=+7H8e41yc;J~BtUbZ{imkb>5#XzO9=#+@i__2=9BsF6HB
z4!cgp`B+n|oj>L;&w~?-XX3X+b1a)NtRVYA9{hfdpYQG;NB7a2apdeV*z14TK2NV0
zhB^C_aF$8HjXpoczeX26Uq^Bny0+|sdIMcCq;uuZm-~+IM7!U^ut^)RVEZQ6{7!hK
zJI7XH^PLQAavh!Th~s_lqjifeNU>>x(<j%$FxPtveRCPj+V+P@wf;D>Z7Py{@1i|J
z4!On1X+d_jGJ|?sqFINom^kuB7-)W&3;8zol`ej>Rs@k#aG&CoDtMF6omM{`3*|&v
z$=E^y|Jo}O`ekaNUd7_l<|gNG$=ymUF;BsHq!mJnCjP`WnJG@}{8M4tn6PITxhal-
zUWM8?uxmT?WhrtyBr;dZIVTdq*kp;khh%!PQ)01p?NYe=r=n`J-Y`;rjb)3MAla@W
zx^(LWa~+O{&x#Z~;xwapR!GiN)HD$M=q%dz7!8vu4X}UbHfUueNaJz$%SN?kUEu6s
zA~9@2f+)tq52<a@X9WnU8Eck!OR0<)6UUoZIwx`>#s|E_vZc#FO<lfF{f7*6>C7}j
zWZ1-ekO`)gZ3?M|_#*lta4R2APCI!RQt6(Meh^P`yyx50fAXS0Q%p+!k~JZ5veV7P
z(w3T7dpiZk-YFxInGl2uH7{glB*WJ)0QI_zLW`<JkdhFKTc?j>)R2C-JAMJ?3~Vi>
zTgm&}ANie;oCtq6FC>eozF!gi9$!I^-a}zkwIvp=oXvDks<?LM5av%G%iMnHa2?V9
zi>F-;19Q|YUy6ybzf1v=VxkZn949|Zi3R*eK$eQ_izmZn+`hlWu<hTu0V#HEKVjHZ
zw2d%e!bBuz%Mcsz9MczV!pJFeP|Q>ZSv-;37=8W3>vko}!6jAyFTa0*u7s#?gv5Lt
z(fyC0v7pQ!!$2yd;k$c1MnalcV;{Cpk@>*eC-$?pt$(cczgbF689{zNh-S*R{~E+c
z_~Y7*o7lWyCT@mM0P}?b`n$it^-C8p^Vd00tu*4ZC9~3#5#-~8cdz&2(!&YpSiR8u
zvKMyj!Q*#6D534ntSsE}(vsl*))y_tu0Zn|MUc)66EAKZ!<?zZpl)i1nf+S4fA(8`
z`7q<YVk?4K3+0^gjN_)o(V8;@O%Ve|f#+VIhX?pVt1_k)lBaJ`C6ka%Mk6*lnrSIC
zn0qe+p4{{@mDOQq=fHF@N>ajHRW=aCgvepxky82`GYd<Yn;IZJEfsNbkq8S5M`B0_
zqGMy2zfl#cWUR87&L_~{8!_?8P}kIfxuqoxn7=WN42-;eIYXvIrb?5N1SJi1xk`*o
zQYLdY2Kad+miZjtKdYmGROa}Li;qAk+e;4#Mie(9bxkt{OFW8%lx!4tGDBK=rlev`
zWm*m2fIuXsX2HbF5|-x1k`ye9>ZgRbcuq_e=r9L|ua^hYA!RY;j{}U@h7jc{Ad~4x
zOiR>ej=N3FHLZpl=k{X5uCuT&T?v!Nk4733;ObcxMPhss^FWHHWJpbnXU<C|2+}6!
z$^NFWKRP;E2n!-E$ZeQg*)pf29&tyB9C4w>lsl23K?n|sfU<@z@ovXdMlvbIlA<5~
z_0Rlx2qCDI@m-Cm!G!S9X*m5V8EWdp=@&qW>a<c7s-ae`5>lx~O<SVS!ZDb)dMSFe
zYJieF4FphPdh+xogj2U_;ZO=~+cbx%jy&B=e7G+TA3Xv8kXY!OSfF{kb|_-Ov`=Kh
zg_vG2-vXZBzlwV=ywRdVXIL^d)uWr|ap}eb5+E(O)NP7-)k`p4RTxfPc!Ub&is0PI
zQ?RYj49#mfNzY6FvQn{g?GmUJaly7V3t%Ge0t%0u0zK6<Oj)x6J=--wQT0%qy5Wvy
z%^TB>kMk=&6vxkAL!BmVn4ZZ9&P)@g!wp41OsE(8e+ofiaWFKuLW{QT;b5lE?z8_~
z>+<fW;<sb_5CB_rZBri!LGCzm>@0#KVtKNaKU2g+1xL1Rg?A+9@3GymRcVKsRh;1U
z<StHKx{f#!A0sm>v~1lLwygi&^-F+`EmA|D<B?|?N;#<FiB}*HaS?~Fn4xvOs_(a8
zWu~C2R;RAKzy6xgT(bvNYSu#;OZmHv<rp??If0<a1X$UZMaPa!nMYIwcdlK8vYs81
zf}Y^9p9=bSZ-CpEuad6l;PU0$NK-LFlcp_@9QqR1?mU6IzBwATYKJoRrqH*wg=Lba
z#IU`-cOBuR39&&Qc<L4mQ)>rw=+J>F#^f~d?cHlQcm1BkIG9-4qE(wVurk(tk3*^B
zdH$uuhU4_%V|d4OJTg@cRH{)A4Qo_DdO`%wpT7=cQ!U)T^B9R4N+?sKK69p4k)(7l
zZe2krX-|BhCtiAn!ob27E!(!^JNuA6DNj@X*`H!<sZgVlv&7zyQ>Y<@I#g&%L)`A+
z?4wX<W`yGY!<SIkGeN8NJy5+|4nvR@gZ;aA;`UPy7+V)c8LnMbCY5hqt1M0)J`6L5
zlJI_V9&Yj0m_E8QeBM03p8dxW8W{%zGdroSiY4Xg=-i%M#-4-cCCPr(>ZOoIg7jV;
zo|%Zldv@XGqu0>THAB13y->Nd?fX7|PhVc&IEF<__j51JgqFsa=xZj9?AU|@7w;j9
z?@3er%i@0x18rDPQo48NNiu9BC6r_(24U;D>oBvjV%}xB@JF0TWimC=gr;cPxTsXF
zRjU>_d-eieyOW0eL+}~p?q6?RFl%>%fpyPiIN~nDDK8nezmj418-V$k-%H*8Obg1Y
z>WFl^fwpyPph@!<XkWh(YLb{XYS<91I{%D-crqTU**LUf2I|+UfrgD5p;4m-aH-Q6
ztM}c)>#Il5rsvO~G!ua@@1uT|+PL~66!Ct~@MGuJs9C!%erVDJb?eqaqo%EJ@rjpY
z5B9k}3W-*P+anC<+!D3e55=>Mo3+M`x50RIVISJ`nF{i&@Oye2bt~0l^5@r>JL_ls
zIPfPt_lkg)rUqW$zl5&bphf%j>eWS!8g(&w;bt<6wB1VzL645j;3CG`u^n7$)<VO^
zjnTAaJ3R6Z=S2E25ryrG4i|FUj-8pnwlgZ1lW({N+zdN)>4Z%GdzdnQD8|epL&pTc
zvh*kn@6-w|E_HDB{u^wX+KX-1LzfOMQLlC_)URJ3H5<3U*5gm1s;<WLDj7JqY!>Pg
zw{_~(N1ZygNHhlGZD5o%p+ASG|KfEaBNCEGfpeh-6^w3EM;R*HDr5e|SW09BLoa8T
zzBK+!+Ck=qmTfygPbnM$5pf88bsJr~^v1E9&q;`*u$xK82M(Q#SlY#<$NFM)|87{b
z{W4PGQgQw8R`l%iBmCo2xLJsHnOvUl?BS*T=-zu6Ji`;Egygr5EJMGaroufk2?1VD
zF?>KToVezOtdua$%W3F0U;y@<xyjt6JYnU6)VN?=edLe!o%_6J))cp!weJcu)mYqk
z?T5tRcW_<13voHaN{R`<uk&W%U04EQ{GMa#l=%pX&qivLCr0+}ij8}&v;Qf$w08q~
z^&5il<TPoc5zMSAPp><tkHN@UtC2?aqbxN7lZW=h&U5#e>^=^c_N_<XAEzKJE}5s^
zcZf(xXFkQ(WB}t4O0{t3o_%rWl?PHNaooRg38pOHCUyDj$vqhQV_!^~w*sC)kvs&s
zA(Dr{@Q|1A_6t=E>yytk9$LgZPfsTSBP4~s#gP8pvG>YTzMn*FSw0QprmO(drQ!@3
z#~}mzVe<Ud@Cu1TMnX7NOq_r|6I|h!7>9>v_j6sh!px<ckeD2ciyX_4sVgCBzIR|7
zR&6~hwejTCA@u3q51UWlMQlnuwk(+m*Nyw6d)|-Fp$p&nLrMTrcyH%gSNyViw{-8b
z|1wiBXCl>hd`C&CsqlGu52Jq?frq|vkR{UGW8ydr95w@P0SSomevR=1`eNCEYf^QO
zP9DI3Zhf$R|8=DDot@jZ65R)mgRhv71@I9DxHZ7z{sr{w)*54GuVk*#WZXKtlY2x1
zTzwY8vgw#Vsw;YqT7ZzGWZXEj3mtm*!peOYq<Yq`oQJk8n_<+<mGFy5LZr_VG$TFU
zb?y;TqLXl9iz~Wzog!&ceD57YlX^{f*m#MAkWkDTGae6l0MU?=TV`O<_%7%<VKG9I
zQ*oDjQj2Cy@ZeqKNB#X?epG5P80Rlt#=$ke!kEGvDm*>|N*FqA0j}J*fnP^<qQF7E
zX7eq~gLb;E1-kYfgePaV!6RBuyk1^A1)l^>{Me@zHAxCOEwoVCaPxctA8#LcdAj2S
zX^T&I2Ab5VkZ<+h;^J48unA_(lU&g$PZ`olyeRmRKx}faB4p4~$wtTGe`OfL@gSKJ
zvJeFMhoDU52I$$<83*?r$D?bT@!S2b=v7f43s$U!cdQ1c&07K+r65fGWiDK2&qAqn
zbI^xUfR#HALBq-({dx^VQJ#3W%^1MRejgQ^bY>32&e*nME{<Qik2U)*qw&mUpY5os
zEEC&*9gm||9-&gRu9z~oBepD?gOiu<Vdb8SSk<o*dbDhab$gCM*QOBq_8vqPiaLCK
zyx{MjiBz6olfvHOr$K{p-zyx|n|FnalL7Xv--0!BM#I3S2!3u|7$Kn{2=Swlw?jqr
z>f0TccJIf#r+2X8z-8>7)`Mc%%=dj13`A;bCYc4XvB)=FVF;VT`BtuCRfI0tk4qO$
zB7h=XrB@Gd`N=b+nN~pgQibtqeE>p2d=X7?e~(@x5aWIwhcDd4q;ca>tHv2b-QI$c
z(-uS9wiHHA9}WNO=XioSjL{R#ad^jkXvot3gyi&nm%qy|Lj766G7BSIR59aXsw5d5
z>Y|NZ_hRuhOcjRue@z{wX<$tIN^Qi)MC0h`l~A^?jeWaUgZa=A(BUFlcO8vWPlm$5
z>lE(zYGMD$T_|m*jfB9im^yD2LZeeqSV-8EGjZ|IdTd_11AWFW#@GQ(keL{QB@6c8
zhwjs`U`#8Dxzq5=sJ_^;XAf%q+JlP9L|9ksz_~Y$o~<8~gcLFv5oDt5>?}WdUn)H5
zYLcA~C1avwqsG&$#(UMMkT_^+YDwk-^6whlNR)8xzyUl7H^HG(yHMOx12MjxFn!^A
zNs_2S=~_~9B$m$@kKGsEV8zz`Xi&BglEUBNnR^6k4;g_OgF7KP;2AdUyH82434UHQ
zAE8~FqT)~U(5ad&Jnx>S?a44qoH1OIh;Pz}!%4pgsqY#*ZAWJCG`)T|s+W*U8bbX2
zkzvyu<9ZV>e-KV=-2#ue;yAQ>6YO|8fAK>lbQ!h)uLFBSm(uX)EH&)gv<p>=TO*Zy
zSJu$O;0X&bw0Q;i-8+Hi1E=C=zOx3-ws>)7J^IhMgg7o)4dPFW%(eg(5>p$;2H3b^
zBg`mNJ7JiPr4L^tmBchTIu>oaj>qI*1`zweDp>@sQmgPK$Vy9unVBONuUv%s)$9=N
z`3Rk;=8lO^g_1T2wTc!xj+%uT{ToZwl%6>ZYnE@t!1i^R+*%p>#aytS>6Gkg=o91B
z9&K9p!Ld`1@l*HeUuyP$@}5jd1sXb5*mmeV8key|Rze_}R4b1aI}f9zRs}5Has#g0
zuVQrPO4M#dqqR##O2))ti&`CZN>$a(D3v{fvV~0H`|LNk@NhhH;SyML9voY#hG9#+
zDb>%yTGu7WDAWemuOE=?uio7{2$x1(AX8RFg!>)LTf=ttUcrdA<$2HxK+Wn^xVIg{
z*6IDfyZ53@hd&{rP~%(_nEE`>Igln$0#ua5>i9CG(ni&#W;5J9unR}dJ-~#nE;O0i
zhN87Qpqynq4$_ug4l<~#r(@B?zSuZRlLxpgM1_Vy$J`E1_Ht?Gms|QecR!}if3r>@
zSa=c!P?9gHKNZyp1Pf8|+b9{rld@r^^=DM0@>+x_TJV3W<|R1ccc5VjU1<1K$LcGu
z;2jVJRM1715*sFAx_|F3%<5Ex>x#{=vT;D!3KijO7=f)j4?)+;0i%8%1O2QxH0nPK
zcFlufM6tAfDpf7o?3jSe98OdI>y!WK8ChsP<X1Sf4wgjPdMVM+&v`bJOp~p1bqpEQ
z4m-)P8Ik!K{qtyOL_O!mC@`T+m6<AD-MWBBWY!!iG{ufB8&K3#9i>SO`%PVe(}#{?
zXp8YA+G2{TW6shQ7~IAMtEg5UF@Gy!UU^CjT+}9*;V(ft)k0<JG(u&26WsQAj7QJk
zBIEvb#PD$3=!do_VXaSQOVk8(9X%iGru9cs@Ee3RtdAQM#ovDT7y-w3b4v#rQnJ~w
zdUb?rW#hulJGgW49A0>iL$#s?RO5dB%p+C)ANi-udFUCIhU`okrZ-SWL}DhQ64J2g
zUMh5T_=5f-B*#V}J3SSKG#_~A>x(M&`$^22sLrNr4b*hf$D7ywNRJCd;i~0OlFXU_
z9qW=<wrY*^J@hr#UQz&7ELzU_p^GBL<&xH<xCr=Wq#)$j5;Q!soMmN5PKZW^sSzR>
zpF~|t7hQXF|Abi+m8#K6N0*YsNUCE#0iHfHWmzyV<hsd@|LC?tEvvXFXoC{VzYF$<
zBa>eXW=(*BeHpA+wOaZfL;~x5_Yzh<%!aXJO*lE&NY}MYi(vf7o>;WW74`S7gkz}+
zXxFVP^t4zhPtZd8C8ODcfI_r)t;TgVee6)UdAlQkxOAx1N4h7}`!#-O`JP!57lo8G
zONhq)5XjfbyXYvyL_J0S4oxK+SyD5aU}WLd+Yp*&WT0k~mJ+ijsuX?G($zxs@<pW<
z)Qk<FZ%`7BISjA{y=?`fns*^*P;y(bj<dw9i3d$AwJ0%+lW1%4DveM+@GvI+G#DP<
z9`NHBOEelR)&IGFN}9%K-l8dvp4)`2t6m}`C=kJk*-#~8DC}6Z3=Gh)LFM<4H)z!i
ztIz(5FskIUGBZ%Aj*G;si2??N%c4?cJ9zoO<gfohhE426VnXKvxg9el@4S{te3=)n
zi5g_q1SsiPqf?zKaDDj>UIB(kGBQD<24$stP%}j1(vCR8X9NgoZkz4{C1y?hwkuf`
zEnPf#Q0a^ZPu@u8JKE-rIA1d18x@6yZM(lWmM>nlF3J`uOf!`%n&bE*DkBMt$92H6
zv0NWCH;9T#Li!V5NjmlA9Zt0T{}aS|`lIki%4X5DNYly@-J6%g#(jq|qz(_07riiX
ze<!HD-k57yW>Fxbf@w>4qjRGYQWp}V0x)$%FAVNK33qSqf;jhlYxt@Ro9Jvb>E_2%
zSv~}ztx4vb6o2CTAGc-ufC6E*Wo}^#I};tM0y1H2DL;*-B&9&xx)kQjnT6GBcjLl=
ztvJs=ZGB^uYt#*!SC->WmMS4Xn-e`HB?WqFGDJtbz%thjv;_)BMminpQ{+THzy5#d
z1^Z6|8x{T>OZjX7ZMrf@@MXy<QV|hWLrj7c)+MHvyuD<o<{GdvCtW~vgk(5rYvBlE
zT{;aUrNg;Q35abtB{dkS6j2J>C}`WEh`kj<fh0kl#9jj77$N`myZ=S|8iw}h)Sk99
zl(HS#dmIKHm-(CyI=1@(DkKz&x~f-nqD@mg35*FUI_QvLqeL?}1YvGTEU${IN7vxY
zUNQ$9iz+vA9h#A+QG}OwbN<~<eWwKkp2Xf7&4oMeXf!r=H%19_b^N$D6sbzu&=EIt
zK!H=m@4TPF)+{$%IdK#*nHI3Mu%J{*4bjnoA8zyAhs349iZ)Wp@k&TbO8P)_Gn26Y
z&@q&#(G1pXK3ho#lUA-l=$U1hGkpRo9p42rb#>^{P`=%;$vpAfkh#dFvqLoElC_}E
z!>HJMv_50&p=oFZ7e_suJbnQETUU_0H(%eph_~@-FidenV6rl*m9#@<LNJj-`x%v-
z)kB6OoAdM|;4KxIGMP&G+7KnP)8n!4@F`TR-&~sSrncp<XxU`Ajvt1fXRpK7MKl`b
zcq_N)jg#&B!|Ux!TsX52V}=ev_RiyIQ(jMMLP=GQ&y!o1V%FA67&qe=3@cX(uTCz;
zuGcwg5w1HOVThUsq;NlZu6^mJ4o}y`D>Z=Y<iYelr-Vu=leVm(C|}kFYtCgrM=$rg
z<tRBB6gH=llaH{J%h`D3zw>WRI2<WJc%+MUCSKE?<#Vv|>`RQFItf3Ob;85_b8$4_
z3#uPh66^mQLkA8<@iu+&)6er@r5%s4BSyVHtYuItAD<wnVWQ30@Nm*Gb%r()HidM&
zh)$4tBfZ`1RK!Llz=#sz|22^Dy~UI9@ePTGld)WqBXAHA&NZoRNQy`xzETrIrM*r&
zXDYbUnMRXlFxr&<WD?JzF-a(GqAyCrjcWN!OF8WjZ(L9D5WoMnV=lV=v<=hdFT$8<
zuJF2Z0K?|ok<16w*iL9vu7gx+5)$GQ$edA9r=kXZ9V5)=epuXCg>*p~5kY>GraI)i
zKZ}0+Zvr(^nJQ@8qZbx+oQxUE(~x9X0xfD5$MvTQb*LOO+1X04wl9jpg$v6s@Uwff
ziWs)_5n{OfwB={eZ;HkbJIq&VMyPN;keLsaifh92RqF$-`f&3PeiJlKl^cTC7X|mM
z2&<vYI1Axk?ubm*L$6`8@#M*4tXVi6`bfg9LtF6Rg+EkC&;_wcO=Bg>v=K`V#nhSe
z@bq;6dW>I;r>|b&*PnaId!pEM^68flcW1^2W6F$qc=kF7y?$PbXRlsj_V^y3Jo~;q
zN)D7I`yzRfOfEDlE+(;c1V_B##+gl3iW)rJz1U+)HB=3yaY{s;3-6QoaT3*(*Y!vK
zXJjd%LCaP!CGyYjUWom7JYZM88tRrWPPMB1WGCu*_`n;gIyC4^OMqLr+~3sL#1KaI
zLbRNY4&zth4e|8o!40fg<cgW|$HCEBPm)snk$!y7WyI^Fwo5u_Xfgg+NU9b_ACAQ2
z<6(Fbq6%%z55!xrDH?pac|tY4AHLY61L)1^AK;I-FP~!F;$JXz%>lIN)dfW@j8VCA
zO<X#-5hw1yqoYV94sM!919qTJwbH0kx-9(fT*i*0w|OW?!llETF>#VB?VPxwbLFY3
z8ligC8W=KpHVk5(VCLK%P&2Ye&C+JLaOx&>Ol;s_Wr8D{R^s55hfrg`h1YRj&*S%<
zRn|tgzLex#JB;!3HzOcC2JhZIpeuVn44SwI)mrvJ^}>|W5<&6a&vEUM8<Jupuxrg4
z+J_}cn}?`Ntkn#eDr%Ik0MF|eu>14__CFD4_iw=Dsf&=nvq?4&4<<#5p+=Qzm^FR`
z?i^c%y%%31m3DhwJ9fZ{TOKIuQXhSL^@SOaJJDofh1flfc0wL6+>n^UPfGCg?8=~N
zz1q;0CE(zN$C7hHA|=fNL_E0Mkd>VVzd(1Yl;iWITZ*#s)4KfGdbKOU_sJu8hh@OY
zsTiVZWIo4r4U#Ak7aMxsHu9eIg*xRuu)N~FMALHhFLzHBWdy-~9q0$MqE+xi-I`F#
zh{nN7PZ7fKN69%1a(?eJJ}wNt3^~)NQ7e>pvY`XURXSe8A|f)H^iUZYoM#)BFMxko
zG$Mn&u#_rwW2c(1<fNCWsN*4Rt@dBIMGxd;{B~#uuDppxmC9A$595F3i+y2d6xE2u
z^hx9JlJ;V$T!Z(|Z^fdW7f`x!ZHPTviTg{4=XFe8w3905L_EK?2fHrbK;zmjC|;@(
zO6ewJ?k|(z6BvXm2bN;j*#~r{lhY6J?lQSn6yW#jF;p#!GcrMISZZhB#BSP&@^BQA
zkcF0wYvTNtg*bBc0g@78uyXklO6SA4B(h*%q5_KOrr`Lghp=}n1xtFd|1xnjuDb<(
z_Y9k2Ehuml<oy(`WN2S_gexxPe12G4d2Yym=BzytXVt1gBUG}GVadYPXxP0MOvrg>
zkWPQxRu<enU&7PF18?8G#f_^cv25FIm=<rq!%My`eD#Yt{QuXfS4^`C=D;)JjRGr4
zlBTFxgg7W~nhg``;b{i+hd_a>51(Sg{2*O=PxvT3NRRiyq>;lBt8I%p^XH<tIaLk9
zEtN}1Q!EDY95>wnx0jeaX$HpiZ%QL!ai4$m)O>#b3bySyF7+#oHX_0XPtJPE#oW>_
zUK4$h?8PMd&s{kw7SHZp#`c{j-apIGh0?R4J)bwv*xpQx>eEQ_fa5fvA!G(h)~JcH
zmU?)6{~~@GJr>oA8DsUT4U*)fPRowaS7GQ3P8jZV@@|M4bBK9%t_3YM`k8<7^4usn
zA?=*$v{0@n_TGLgm9F2a6RZr#d<vtO9N4&YDs+_mk^1&7&O8i+s$oggpgK7yz7>|A
zScs$B7)MJz5eeRRv1Y@5SXb|iHXRw#A@>HPsO&%XDGmuPb~5aELdJ-Uo1Ts)JmO_|
z6O{>ls=Ua9OCVlNG7o0e3(KIdk#jK@E`(xVlirehS5L?3o$6$Rm7rr_g1%#BV)(#b
z(#&bzb2whQ(FSvHPb}6^MKWy+MoylGs)Y<7vu}lQgYRL@FC(yHxekq*(`X+x1vQEo
zBK!?Q%20BbMrp4$Ri(d78HGW!R^e2aA259CTuM|Xpk0e5JPeSrGcE$xv8}l}VxhwT
z)p=Dsxw?!pKXk@&*F?B3*@Si{w$j^^%&U<ZRH*(7^?nCmG7Hv)%ArLC8_XEi4XgBZ
zU`mf?2QvEtZvr_Y2zEv))$>g|VAQh*ST<=eHW|?dk0SSxlc&)xP!AU<c~U2Cgq*uv
zi*6Wx`4Uzvn1lL<H)3Fi`dCf-%WcbzkWLThVzt|&X$1!^igc7LRSL@%jEAPuJhY&i
z|J2#(^yF#?HEnI!QDPZ-?-F(&xkAZ>9wmgLLm!}QS!Wzuv=%>Ws$#?J5poI1huhLO
zaY$36_qF28RlaE-40-B>nZtTuA$8b-S?)4m9PEu~)2F0PDOm0{<N>!8&kAXk6c9Y8
z4Ivp+W!(Z)xY28B%D)S*bm1MZ02K{wsA^`AdH@|7w!rn-%h9CKb&gR7HfGlFy?Y7=
z&NQb-xi&OYc_39hnDc37?Tpsti(ty|u2@XZIDHFS*jwsi&Af%Ex@tJ|s1gMk<L({W
zAd_C>ss=?cYyM!#Mo!S7qEt`sSTX}^=cXYpDg|u@kCVb1<Z0$V|5MMlEH-XkfZ?O(
zqIT7DG=)(|RAd;+H|mKEQ~FBd7onu|9h~s^z+#kLH=W-8(WuybAjb4*4mAT+Y~8;V
z{RfRh^(rSA6V#YYoGp|XPf&n?nkLk8z4w|Ohrn`Qe^f2)#C=Q!g>3Ag9B~JOm+r#x
zakDY(xi<#3Y6LwaJt*tw!_vZ@dj{u{USX_Sw*-CrPlof+g{1Szu&>$#y;{|g+WB7p
ziEvb6Eh^}(7>DP}8$7g*he5Fha4u^4erQTux2ocl{TUFR((0rUGDe+%Ob^|<wx*Z=
zZgi*SNq~4>jSi0zDAP2A`{mLp{jqU2qf77|r_mh4sY(;9SvD1U!fnc*`3C=G5fKc_
z{uMzu9^4OMkWp_L61j1S%EdJ&BcNR|sw7B{ewW{%+C+(J!6r?c<H_p~EZTbxEv>`o
zq1X)?WozLq)kjuZSy=Q_Tg={h3&UJ@V*cPJ*s*jHX1i{Oe;iNtY*Rzm7~MEwXHESP
zY6(6V*{>f?-+e)emM-?3I)mg#8!%?xcEl#pLyh)F#jGvi$M6}YYWKjgos-b2VO>0T
z2T%FeP)6x4>NW0%EXNwSeEJ}+ZWxcB7w@50T^dw$4N%ld{;YGI?l^X29h9TqVOZ}z
zIR8*c(2TJAz<Mm5IRwwhFYP^dp2W@p4^QsLXgWqbeC;8<0Zlz)daMj#e<wgA$qRMs
zH^jSGE1di7Bx)5m<|aQ2112s-opzIOVDkjVic9%KDxj&MhMi;vMoe7|=eo^sY~L>E
z$kJiJ;JsUyO+f!Kive8+oVa)q^-7qK`Ao&s?lrOEj0Y-IEQgnmpVIybFytoilj}N+
z?of|Ge<QHobqbcOK7df+#XxW@UmbH7EJx$2j-0r1Vk6!7fACK*sy;qGD9un38X8|u
zPAxX(b@wuG-6xwNRwO<|8f^|AEqxa@`{gWU7*SmX*7}@;c_2G0T?#vsA)@Gu2Wil6
zXk-j++BJR*S@8Gqrm8#*hNc#<G&TI_c8I?(q8M*U$B-rhR&pYhnVv$4Nj!{9O(feS
z9*r2+EEH-whE%(2B3*=#@ed@Er~*s7LQ=5DY%*PuG+5W6U5y4M)n9^ym<agz1xV_8
zQ)?S2Cx>CxhJ*Az9fx8Tj88`UQEwj_@ssVbcd(;mED9Q|SA|Xv5e$D}WNMt#FG`jf
z4kwDCbo9vh*;<-N&8Ec1A&DnFBO|%$KQlRrp$sBnWMNGej}k)teGtiKG_-VJYiIl3
zPBxSFYatAwqordELjz4jhX+yO#Lzutgl#R2;OprHU1MuHA*69`E7LJVu11v_6-;MX
zD3nymWE#s=RC#fbm666k$I&n{Hl@+Cf{DsTurJ4un8LcvVaISh0umU)C!HL<p$N`R
z$fn(1WJDD7O!zD};!N5SMlfiy32`Cz<qU=u5|T(0Gh?L1#UO=pckyguPCZhPZ`PBR
zoPcP0@S4#qLd>d&kN|{J9j0w$N`}n<KAzstH?x5j9e`4#G0NK)eNaFK-;XcfPdeMM
zbtpu8$Z$j^@DQyWiGkfmVCuf3Fi4H0BTY7}Z5_zq%ID<P2|vQ!tTHAJXotWchN~c5
zb+F~h{C^mdV#4s28j%FjLp>vNlq%^6)tu#iW&2DF+82$72WP_H(}!lr+9+1MD8o@v
zkP#QkkRHcTh$?k^+HvZVL7&LbFaE`P;MB?qh^Av5Jr-c7M@>f##DoUIH#h=n+-Dr^
zZQ$qr4oYm(Ud%bpFHbjj#Pcv@ZSTMa(zrhKXiqC={Nuxd;7uB!q^6A`j*gNej-uZ0
z@iT*J--yUq+H_jdyh1*L)MR>xbG;ie#E}SrrGTXPXvC%~!O|%Ib)B7=M!LZ`uf}E!
z4W^8A)-6J(SXt35g_R_c(T<_by`>15L_CKwBv>j<JrojbWrhv0BpsCGLW)LnK4W8J
z;pyoK2M34uf|fi*{?gB{&ajDI2tveY0&tI^Jr?(JE7Fc4#F?OVzssyChC$n_FxpY1
zrDeg`%pB@UL|AA939ANA@1_zHn7|D|1PL@CA=TB=l;Yroaw7;PflR0L%!n_-!QNUz
zb~c&740^nUMaNKQEn^+#d`1P{9-QnHiKsFLn+=I(3=N89l*pNx7$bs&JT0AN&CPkz
zq}>5uuHeee%*^Nkn+0!A5Bam)Kx{~Wqxr0o^em+h9Bf*AEW%@ADOy#6iLnvl<Dyuf
z66-UCI^VJyJ;LG{=u!kyP3AZaP0Ufq!IngxUYB%T4h;+AIFzOK)LEbK*b9$}CBZa;
z2~WuiiJJmt;!~X96XRnTuO=R9jALhNO65^v1g>1ahSSFnVb{TPDBGYf&KzC|&CFE3
zll1ot+q&bIQQKZ05oCDvxsf{9T2eYE)J{s0*IJ;L7dK44STY$l_Jv`jtMT3=HFqEW
z?eE`;VN;ANii?=OC7(z!#Nk9NUPBtgi$h8Q6ky<cz(4{619$5<7&DJtKzVx4=Y>sU
z`{R{i1uUh6vjBb{1HWyVg1*}#sQO<oNhotakwx3KZZ#_5Lb5$Z^=*Z~7uT@o^mA-G
z`WxEUbIe_|;QM!sf$xf86L=OX0L7*yHZoyeAwK^MC^7&@QT4e!O4$u4l@PxL2-`04
zCye~%T(7*0B9EG|6_P(IZ&i58C{d&;;;AU=6rPxZ$q}2p5Oaz${2|@{V*7mNOV5fH
zKW>jXC|Nfjlee9N3~3Ca4=kUzzyHVHdBDd}UHkvHDy!a$C0lZlWn1puxL`2BV4CR(
zgdP$|AdrN-<PYH`korPG9uSg1c!2~+2)%@E12*8^dy#F~lGS^!+y1|ES0k;Oi?9|O
z&h<y$-I?3wJG(Q#IrrXke4`skb}<KwV^NcjeeEkryW%`ihKxOY+ON+37^j`N7!{mT
zY>P_5Lw|n_w=9~37Fx#afezer^=v%0Bo~jqwhXtPcN(7}7(=a{U1u9)%O%xj=uG&~
zWr#J0urtre@ou06+sSd1+6yIcVhFgJYw+$nA7bXBi;+U7;oZ~T^`D^79gDMPPwu`;
zKlei5(Ds#BmfeJ#zIv{ir`$bDW7%Om`>&_5f}=0N;e&D0ZQo%epHbbj>E~0Jz$qu#
zPGQzxsIH3-tk#-hyhD%7H7zz|O*@S)2C^8UN>+!;@^lwgE&UI6<W}R1^Dd_McUt7S
zukJg=h^SyY#ZH)ZR|zNqCGZ6zpn~lSbTa*YC}yH2hhJ$sq!{C(2U^g4t)1d%P<%nP
z(M5r8EK`5?^F+0$g6%|+)OwVF5>Nt4;CKlPlwdodt3;3YpftaK2*}WAD;FsAl_b`x
zcPT+%Idr=cPy$Lo2`B+2@OctY!S;F5*S1ed0^*jYuTf)}yV<dj@RU3{?X(h50!ly$
zoQwoiu$_!&Mf-G865z^tyt>ngrTaac57_%EQSpQ@cbE;=PYpzLFMilg$^+9*DFG#*
z1eCx@Pe29RNq>s8gC`4t*LJ$_=e2IL`dM7pbWai(zMKm=4pcFmI=!L%=!_t<TDogK
zhC<;S!XWzakrl(8$&F^ZmytNL9<F+}(RGS%bd1h?{(UFI=}!9M3Fb=X{v_kvT2^Ks
zLt$B&EUTuEB^^)RW2vue9`SI_Aah+$P}eN_=}SpKoTl^VOXsa!e-Cc@>2lItRIuF}
zQRnl4!)psy{s+jl!*bE^`E=xjw<_Fa0p0PWqh5P>ZEK@bc^g9kN(80u$;qigp1@$Q
z1MBv@bdb=I#1ET^1KhD?;NKkE)p6kap)DwZlbV1GgDySb6>H*OR)#)(|3pBHPjVwY
z+D%s}9y-@`8xQ#1530F37gt_+8N*H;=-Aa*k&8R7zZBQqdM_#}N^$3<i}C!5J!XII
z_Dxu|hTfL_lw2(}_~<_$(jhGGN=&7@KE~oJzlB2*Eblmyqp=46dh~a={@QDC&5bwX
zPtU)NranB;R2FW>1NYs9Yp=Z;H-G1Qc<ZBeeYUi3{WARM_FHk)HP_&~cmDz#b4&Zo
z+ut3JKX4CT{Afpii)*<rFoC`6|AU$HFGOyw_xE8P>f3+39dk~<5!IjPWZ>p<T)k)^
z{`&F;t6N`)*EMfEikp7?aF>O0d)K^$TfX^CeCw85aLc#&dh3s{{U9B`GP&vK{V%`$
ze^_|dnK=9W#rVTt-+)g*pAIJVdFye`q)f~^@7t*Ac6lq={UK(I%f$IN{mR7ruFqYI
z^QL7YGcyyTMvdZM7ADV_hadg=Q988t-$_@&)^YmujS}dafVjPrVbI<zYi(3>!=hby
zXmJRprqK5v#hv_yB^+D#<aRcrs8GDr(*ZG4L-{`Z;M+G~eZB`jyZ<f>VnFD*3l|}4
zh}U!ehwr?Af4sD^do=_0+0{^l`xy49s@eO*84{a<g|nw4l)ej(J$dlXKOVwQAAbeY
z7hQpc(=zavpZyrm{AYcSD%@?g`0ZUk#D7*7;A>yM4x{7g7x0I7VNH*?fIwr(UVQ(y
z?_;MU0oQ*0YE*6i2zUM9m#AXsuFsl0jK;8i!%AN0@5O^py@Rs)UQXU;ZA8nT@&wxG
z4gb*L9kif#6>N=+d{9tOc+6oJ2LuGIdu2uWsI8ZX)Te&R+qVtR{`vQe4}KrkAE@qP
zrC<H}GkAYP9<s)b!`QK7kvV!e!$`?B%ZcCr^fui6@N2l_np?1VdJ^ur?Fu~m{-z#4
z+>AO>%4_k4WiR4`jX7QRFL~zQ*p^d(qTL5gI5>}^nNIc#aQQcWg1<lYB%b)|qqyP1
zad_+(-^W9Y#N@A}L!$m7t?iuh1bmI=B46aQMD7S+RE|66*^yt_##nUCj4;vDTYTri
zd!0LnFbYLeMGo%z_AS_5lYwXd`3SPoV;LH=5y=@N7&kBg+dlmdKHj_+Wqe}%*V`lT
z)eFvM#19WPeEJ@iezKk`d&4mA%nNbO852yo_uqUMN$K(U^rKHv=Ze5tj5!(MEMRD}
zRR{==!x<M|hSSFlGhI2jWi8%X`Z20oS{Yg=1s7kz*s>wD`1?QpjV4zuo_*>uTzSp)
z7#kCZQKLsObc^>=QB!;XFTM6A3QOw{%Xp!SulOo58UD#Pd0MOS&Rg%{;&0r8yKcO~
z>?+IMjV15BiCZq4#lTpd$<<Vi-Fqu>72|ncb}pTVo;wpOmt2VKf-21Mi3=ztcCL62
zMS<yf^}*jDGd2KoM#tgYuiu4D`%7`ogw)PT+us#zUxTfcz|fFpyh~nJef#@J3vR?4
zFTRZ31ro9=0cTx!DQ1sNXMECfJpc5wILI(vG11{2PQQCpsvEx41Z0>zh(nIuN6Tfn
zP8^-ff}`TStMT@R5`;PIePef}QMPqeDz<Igwo$Qdn-yCpW+kau72CFL+s28VH{E@^
zZ~ub#)BSqJIL{jU*=w(7jXmd@Q@X}(4?b9wVkd#7YUu4GH8iuR0s7PT0jqqol>jP;
zg^`Nw`$K%9129z?I4I3P?D6D|yMBlNz*e}IBG3vB;r8V+o9!30Gjoc>V?lY=`n`@E
zp8eOwO7-s<>*So6@9y&HEJ$?igyC~8i5d6q!0ai5gF-&Y@SlT8>RZ7pi5*>j_MwT-
zei)mcmzwQ&JKUf*T3FcUUJDM}bN4OH9}n3~l{aL%@OdQ$ELom*RKBmVrp>p#C+lu}
zfyB!3{R+u^$W<G;HStj;wnH#eogrn1AKfO79O%0zWHfOJgVoBsxreP&pEm3~W?8=U
z=vjMwu}At2_?x?I9It|kv851JL0Ze;5#@`oA*9_~&EXM-`I62~CB^;8Z4OazbD^NS
z0SH!D%^5obZTb^!@sRsqU5ySfmz}p-<@9pBbDzHJVQh&N6<=1$2MpC#>fcL8VHDI<
zqg&H{aAr)o`@c0*dfp>>-&VdlHqS(t?%KR<^Kk4gAh-haX2Z;V-<@?nJM;-tfOO96
zzQNj6ZMdIT>ajTk3xRY59f50pZ#XK`H|ib^c$F<XI2tXtIVWecDW9Qj1Wzn`yR)8z
zHG-K*ux-f`e-h~Dr_&rheYzwJGhr%JxtecrmUamkstTUtd_49v*RP}PNxBMK#*nzv
zaj**M5LwJ+&zJd)$K6%XlXG&{j)fH5iRIGyL9#z?<uy87={}y91oGKkAq!(Jsk(pO
zmc=EfhUB7JCm@5z_Dkvw*CE{V)24M9Q(b-nFPbkJU#m%q5VIDw-rg$LuGc8^S^IFg
zwE4TE)i?ZO-6Gwk2deNrU_X67vNagl`b1xkkJ~#HL53s=!&-^WNk|6Q9l$O<wxN8d
zY?j;K$aEY&Rx}z_?atx9)R;N%KKCRP_8JZQZqywXIP3?F8GJ0X+;3_i9G?d;c83t&
z;0o^LRB%_LZm0CZ)CE@HaE9)ac^?@oTMoO3x|-M7s&?N(Fm^ZCAhs(jhORC@px9@q
zQK`R2uS{NjoKbu46}^4g!>;lB{D@@uQugtpmf@lJ^b2^JlqcwB4pn)Zc<elci(lTf
z47bfx){SV&^88j;J7|1*F7`AQIW`ezIk~B80WTBG;zefHepuGLd&WUx)@!8Wc{rX0
z7`JXFaYC#-WV1PYl{fZF`qJdy+iQwj!i>?j*BM{#S_G3mtoOteaHWCA<@A4leb{ao
z@{1KYkjwB(h7|cE)n7TyMsGkPbAU#P3jv!`-gx?GH(2kgM}v#{?)AD3$=g<mzBWd7
z>^3#cuZyr0>L8DU|9St;ItA8?q9#@*#}-rs@TgNf4*`S#skk7`b%DD3`{)MB9^{uD
z7ubWrbUh*no&I7=Z@)42q!GLS)OEehZ~$X5viihs{elg^Q$JoV1crP#yulhE7Hi*{
z9M-1r`_<(MVgsY?cWbpj14p$Wh_MhJ0>|u!5H34VW{A3_fwt~Wzo3lfhIX2|S|M;4
z-tFJsnqm!1gb^bey<SPsyU?mS11k=o+z&F%naIgd@4@s3-u>J`Oxa{5&8L6Sw5)0=
zj7hcL^Y@8USt_CmO^`QM+xv^9^TF;7#`bOzykL9~0C;KOF9zaP%t^w9YTAm(!JDd_
zl_+lwSL7zpQPE?5_pqzXv-hm54nMWvnk5ezGDjI#-)~PNvZ^d@F9JRzv>Eu|JkIoo
z*2<i(2`kW!<nTuYhmxKaHoAm=K}|U9ffGrB^aSplG;a$gA|Eq+uW1YsFWfm<N;cSe
z63QS@jJh?K@5!I)3<d7YT@SOA0k^x<w!PHl3MxwnOr48z2fUALP_^w?MPYkZ53US)
zr$P5^^+W3_pXo1OFRqw4QQhAaw<jf>p7DO|)oclX$RDCTxj(~%?PR`nuP!mZ(&!%q
z78t0UYX@!d)nIpd`Ep&h+fe6k?C(Xj6z$Yt=nq*6bQN>~4wsySdUTwoP%X}=mD5I@
zXB3wF>*uC=A1ir&T=BkAtUFF5;p%Ec8+vonQS${u;J@?Oy&sZMj%-HR)9MAcrX=si
zRAnvZe^x|S{9(BQDfijYcfWtXZ$3)%sQ<|yJ!9?*m#AzF%p2ojkfWz1B7*02xoW!J
zuW~0I?rJT^jUPD~#!Z;d-wartPU;tI$h)TwV1WFt+0ycrqqg;o8%>O$X!R~h3k^G0
zXWB?;SZ?$As8kA5)drT%^h13DEl_@~kL+*fmu-w6Tk<3m5_cMCT$Bpy7jj!^XEgCw
zhhQhsp95T1Z}IZK+3VStda($if67(EK*991Yibr+7`T8E8#6P}_wj%t<D!e*`XcJ+
z?6Q+uqi4(9QmWYvb*{ftjxY%J2E)j<sEN15B`F}^2PO=kf`hEfozu{D7ta+MunwgC
zEv^T;A0urFwH65KS>#*5M?s$HEG*0)=b+vUj^9t{wWf2R!Ap1_b#`qpmZ9gIZ;P)3
zH?DSPDD--MJn9^!qZ#(NiiS3GA0l~THspt6)6o)xG8Y|O3cLmNQ4l$Rh3u$*K7u6t
zSP#Sd>hu};D;*g4oAHQ75}9mazrs(0zMaR$x^KC?F|e!1{@j)XCH<?fuE+o^<HL>l
zZ67O|i1nKZ!CACi3R-?3>DGKVK=;+5m=RwVDD^ZN2({_c!^8<dpuMV&`rF73L4UAL
zgJhi$8j~6BTy)VR-{nEZZZ{_GXoyb?PWRWqfvBq$8-}4{GmLE{oy(Y?JQ`ODrUi$r
zeo~zW2M8e03jkc+3=UUT*oHc5fA<4q3=)CK#goQcdn=2+(9&*Y1RXcKJL4WP@Zy2B
zk#A=flsOFX>N(rQKP~9%8|a+Z&@O^Y45++aEVy~1+1NQDNaKZ^q00~GXZwLQWybrf
z3ycnQF!-VM@O(~X$lI^s%38wpzQ=a@S7q}|+E|rScW-LHV*OhSpku28ee3y9zS{S`
z3uy<UI8)t3pO|9A%UaXt5yiEAgQwE-Nrd&8YfPt;d`Nk5{~%@T#ZyX>@}qVfaTWNW
zd7JGGy5Bx(^_;e7@OB)H&HGChWRMhMFWE08myQuRo?rT;;!5x_Kh7Qi7#pr?z2uI<
z;lmdAyq9-8*iCo1V#w-OM%aR4v2WDQ{l;G-4Go=VurqgP>b4GmDTE8rcuhN{QP{wY
z;IyK|u*Z~x=9R+NB-`0}tm+^!3+HJ9Oyl)HOz}l{ecqA#K1J$p$6zJKJ&q{5n@H6l
zu@y3IfsHQ5*zaBuhrL@II+Uqc+NsBQzMT~;F#+#jm^}VGf|H1W1c@M_9}9a3{gQx#
zKtLlVqQYm=t5~Y(V0A;_ZB)@2QmutT!adCBM8ufP4uBK$;#sqt!o$Lf2~7|-E=W|&
zPUePQrpBO`jP5H3>JK@yOde!X`XAV2_#sE~X=hZ6NdON|D+uGzSyPJOZJB}7xB)l>
z9YBWVxg!T(q@yWIB@hWBLiIatdQ5H=9YA@o+}KYKO%fe%0~S}q4>c{E$cbJO;20%U
zTQU01j$v3mpm$+9D&bUIMly=+^+8Rwhi%!bDaGDQ#r??sDyYaW=<M=^!uK8^ah<p|
zE;Lzs1kBX0WWSw1w<&7wt^HPGAdPZ*c6wYGs0Q3d?01Mc43h5*u90#<Gl3D+>>*kv
z4)ySBD?CuX?Rv|weVV$#(;@OC89xYK+I0VzJmcacV>4q!4$O~BW%~QRef}o{7jS>?
z-Fr#Gr6bgQw|WNLPI}z#6ll!l^5sRJ!kKvPTXZOH$^k6R%@dI@x>&saAkgpXw7~9s
zy+a=+ehIT%YUEFQl}Yc|N|;g^=tgaHv>m*(O|Nmb$M5pbu1K$#khR!<!)=KpppxR5
zU_)E3b|pDY^QduSGybAk4p$ZL`D_oH4#>-h`0%NN--uHQM<)&y*eI&@DURWn$hThY
z6A~8b(|0;mAt1nsr;^|bxHllXb?Jpx6!g@S|AOBcL9wB%YVi^0%_(l086~$=Sk!F3
z!uSk9v*!(_(AR|Gc47wE+W1g80dgv+v=e~gvcpBo_q~Nvxj){=BBCaR^++kYpH#(e
z4<IZOaq3i}JGETN=n}ZJBfx)WJs_Z+kkA;#q|Fe(Kq?-(wfBkWt@VT!cp=?&Yiel#
zX?rxy5AW+}r}*>1X<^IbbLz5Rp%r1isS#aR=-GbTi}JMM6Pq(L)3D(`Oe&Mg175}Z
z&Ipg1l<%<R$@}{9iYZ`9ubvK~z2xiPbq&=V<LsowGUQBe!1OUtw6+>bey-gGYTwZT
z);AcYIv$Ro|17}!`QT)XhRI=%Zw0-$dy=vx;^PCS_cCNm2`|%oH{Jso9U%gqvTkl-
zVnB*vE2{9P)x8}51HS^|E^0(y$l;lu_v3D?*wUu|p`dCTAn*qEpz8EoC68>UhLt_>
zq6TH4F-RH}UOePeA7Q_i9c%Uhzu11u!TWTsB*SGNfQ0xx!1edOcSM`tBWn@iyzyAA
z->yDEd4C?*Eu&d4tW1<$PnDl1hZ8);c95Sym|thpcOjyT^ls8FuM}Dqd-)KrrrxZC
zaOo<I;O1`dkHW0OtG|e1Is@J#9_9ukTYgjF&(@0i+Tj3#4?cE$`l5xAXhY38M(RSe
zs`gf7DiH}{`sVKf&pUWe?)E*3mw{?y6f<Sde6GwTbjy)E_8m~4@BMxXA^|TW*0H+{
zY_E*YqZ+XIJYap`Y&(yi&H@pfct($DZr4Rk9J}Ll<oCRUB`FAvauPU7MfCkq^MbrD
zfFXy;1`fikCC}9S^?U47;fD{~<&?~5-8Q$KJp}!s&ktiX@Mt~=;O5*?T{KF2f%0hf
zc0>X97&qBf8-BA5ml85f3J#bD#7@Mu!EQ5>QYsZ;(FC&u%=zRTrDk(pU;0D_<O)WA
z63?q^d0(zL&m`9??Br_=NcLR0Z8&2V=X0*4pLY6bwZQAQS&7)9k`}lY0DL!EdZ^(D
zQ~5;t5I6l*NamV_hea9Pz|feQ!S0)Ld^|D&1RxF?<_0m25!EtWv5?kld8SY`nMWpp
z+cZ5)oGbY9b*=7X>_}8_-D4bQaA$ggSK^IHLLwN*W7^lLg^_L2$3q`Te0=<gemiSh
zPu}2%<?}jzi`#3+qd$~<q~il~snLNQ%lGunOx_(c9tjDufbuu1U9So6eedTsL>J@^
z@?-X1+vhvZzR#zfcQi`k03><>FEqm2lM|>%#=K|w(#v;A9-`bs9=dx_P_Wt!g`YWs
zmDC-GRh^Cm^ex*u!J?u@Pt&NZhj#s+e9z>U?~@=h_-FyImoM<^v0cG+d4ZY;04y#Q
zmdo`qV7|S5zwzT%co6|SN8shFKnFpc1o=-Cek#PJjSv0hkB-mYh7^5}^ft7h!HmeO
zP51bbx|c)_Ab_II@iHl8E_=pi{j<-0H<!W};FkT)vWi_6|7%gTd2jXBlG&y|eTp}V
z4=U1eK+K%z*SgNS&+F3l(bi^=I(}?kb^XpH!8<YuikDw~gR`lPq`T@68xfN;{bk1y
z{M#k)bKnN!BTx+<DbsO`ulbbbqEGok0uk5f2(I3lbLpu2?jj{aP-Rv0?IQJaAXDIp
z4ShT_z=FScVP3`X(1T+y+{>QXW!>977LN(PZS#qw@Z-Xlb#ZB@UfQk?!Je0(hpET?
zCCU6+_607T<MnHJ1+F((s;_x=-FhPYh<9GW@oqWm(C-5NZ-)!Zp$s;FQ4d8NVamV5
z3eC>%iR<m?^Bq}WITf&0#fgAaqX-!uF7Xlv%L2i|=n4Aq)=%JgJMn06la2s<Tnilc
zz}Ue_p|39GH`V)boWo9<cN^f|`!;sHEPvHK<@-R_{wA=)O3S`?bM*n=r0dBI;=b}W
zh7!ATh|>kYBIt-{Og4i)Ne9+l>CEi8+t#~=ib>pNjVnTFvsQK-Dz&#Aap`!0(cQ~1
zH;}OQ^KdMoW5!^X)=FHxvS+<SZybX`WM0N(I}_pi?H56w9Vl((_n=hws3|J$lzGSr
zCT&t@)DsS8Ln3Hi;*JM31y9c4#B+gEJY8qH?LZU6h?&bD>EPAGIi9fYEY8n6)&o%5
zjg2XXMUN$YU+PP%3dkx#azqgEP-GzrQ4KO|>b*9GhOMjjXv`-HO8#tyd)zv4ttqIF
z?I6JufdOtzM8&YH22?}1G-_>7&~+S;l!&!~hig|Pwl`RZR9S#t20@h5Q=F)-Ooz?$
zJmTJx{>);Uv7y>nb>p}7DgzTM<g=Tc<a<D{1d)smu|inOikYn~-I@!@7pKj%Z@e9X
zV?fusEQmve$8WvC!pbr2Jw86y>~qG$5?&wVCUb0JVjvg_h0@!zEA{nIVDa&u4xhKC
zCtM!hg9PikCa<ITk%IIy($tokqIZjl2eM>l@naI5mv;#*X(22uMvOBbTSJPz_#jC&
zEJD`5tmM1v<)dD63wC`iuAMd{@~*LLWM#5AE<I&nP#-RpWnZ&{KZg6HWr<;jp-Uf9
zFHGmqg&<i)Ta9DQAqVkRN9ifJp3ClW%i5q}Ci8E#X)B4bc|>3R$Q!2?C1#`%D8;v!
zC1*Ju5+kl9a?<V*ryKssd6IWDeffpEdsMWPs2*IqV;U|?A5I+=5DvdGkx+OMjW!P8
zV5k-=D_49RraaBx6h&K8ET6dr1<DW-9}8^16PfzB1vT|<EX0VX<zx8OgOKOq-D)LR
zz+WZg*lAyD7OS*X4faA~4VBW0T<2Y8ejh;akdcPxD=*24A+lc+8yh6-9%9qfbIrqP
z88RXWGj12d5hAvGMNEveu-f8q3|977_A^-LyD%Gj*9#5mA^stBDrD3+uH6IA=}+J~
zOBJE>!}G9AtRSdgn?UO+Evngue-ptw)9I7;<MM%T|MT~YlFoKez!>%OYgEthT@U3j
zm%slq>0dHn+Z04Y`wxhg?xB#LlM~z(%b?6#Rg%7rrR2d;rTwJo(?M>DsPXNqmD2lp
z4_nJ}u}qS0Bd7(PC4U(a&=&3?V`C%+r+Yfvrn|S?eJ!~_sQdx3xZk~|q?s5};q{!$
zJn*Eq-<AdQtcAp6`M}92Qd=A++T|8FyyAZM=UQ*>(NK?KVFfrxh(R)rSbgr#tK1=z
z_N*T{J2^3WKRM(Fw7Oifcw-{=EY8jbio<gaN6-Cq<vH3C6~_i1wr#9#-8YmO@ML$U
zK9uW*c8L9Yn{88&S3ER&%3A)CYWyPr6W@b>zFGTyt<ITCjUiEhDr`5@pa*NN`q#$K
zeGF$b%nJLS2Mb!xSDXH6jJb$d_1p{*Mx%<v76HqAa)Zrrs$z!q*heoU8y1OzTuyri
zwTi9L1v}<rF=y)cTA5TX1jh$0?^+|4kaUi}3Z8=|<LT^}(kZlkapAX&9-`2vG?CS2
z_gZoa_UyJ1Pq=)R+=WiPmeyngn-pb8sQ6MC@D1k(bbx@|KkP>?CUCO5H9x)5Vv@QA
zq1embv7tFMzl~JMrI6~od2phSX|=(h)ancT14ta8xSrYi#NiOo4fv7GztcvzirZXN
z1H0t-y|?W?2y0`X81?c6waU91W6B||&(z$^7r5gs6{7&l@`GsE0)eweYCM>Dk@Q(>
ze%0c{YL}N8$@X1}S)x2I4?3S*W&jI?S<%x0L+$Hge0Q`46aOUVcEY9~Av?lju1-PO
z{abeBW)z=CAEWJ|%`!*1uwx=#oqT%06D3dWQk5W+&-%E&1HIB-Z?*X?b!fxzz+d2A
z^q<oefz8y7iRD^T9Nt_h&Z7*?jI!y#1p<b?@B9}T9R}#?M_e_bMt1YRQ->vSWbWlK
zz`c7@9331=fP-w-3QAXl=W|_wsNAP(4VFJ#%k^a=B|v6HY%DD8a@qnJ$NA21MV%>K
z7ly{TSleRdRe~rlTH)Ux&a>@+6amYdq1^8)-)*I#zL33S!NYPG;Ft#X56_caI$|t&
zdff@G^eLl(&<)6#^a!_Pftcq+7SEB2^xuN&AQURq;exlVVAqrPH?}_?!Yxq7{=mlL
zyX{^}Vor1`7s?33Zh!^D;>F<cJUTcE!hjsVQis8_T8~D?r(=Yhc-rYVAM+Yx$K-ki
z9ak&-=DCo>{~aut#tvaFCn(wq0X5?a&!Ort86PQJ(Uh%j&cK(^%<8x*lctboaFmfT
znr6kqr9$gMbZ3*D5od6SFhEL5%ub$Q4WAZmki=yvt23;ir5dR?*BQvv2Z0m08MVTq
zsPupje}qo#V*_&W>-%s9D_S2HFPVst2*iLP!qM{ZbqO$L+Oquo{CB7FKM~`A#E9-{
zC}&6GCChl-7mQ?1(5Cfgl=WHDGG7G{2?_^cuyj@mq3YM4%qnDl#G5hvw5tv1spEJ^
z_>&%d?0YGrRuZ)KJvvMrS9j0LoyHiAwmM@>X7tvF%@6fhb%<k(EQNH9G^Qp>jgj!2
zk9KR5K+B@kFk53>q4Wz$=gehu*P@n6aGnR7z{Goi5@_R0Q4*&1-;c=;7hTQXLr(V1
z!S{eKiCsw!u(EUrl;IX`q>S;4oGu#2endexxEjSBvo0(<)qur&n4Ii?q2+>5-r-Og
z4n63CkxKef!CHR(X(h2B;{EbN<9iR{Q3o-J^=Ijv>+XZXEJGEw?T}}j`ZlkVx;kui
z-M<sPnWd%|wSuB?IPzBbA&)XRP-YYjDY>ho`PG}(S6HX(9&4fNb8CYS8VOC;X~*~D
zY%nQE?M-Edh+A2&>Bxt+YF<=Ijk<!4ONG?(R8$rXQTOOQF?V}6*2h&{D_jJ+lYE#7
zVl;nkD$75#iv0ty|3cRNk#od3XAn(P_3V2k$`xv_x7|ZU+OShweG`0f#;^d)+Bl^(
zhjX#jzH4^y_N_?xNDKJ1$<S3BAd51J>Ixd;U_b7f<zUniQ=lUwCrWp{&zIvT41apc
z9$j16OS$CLb!23UR2eOd2~^{}-n0ZpmtAQ!_s&_PIp>!D{nJ-)kJmdpu`?0Isp*3e
z?X$))Tj!1BbEsml7YbKwb7w#akX#|+`co<E_PPG6%J&5qDvV7v^ug=3j<zD(__5yd
zUu$>*LFUXwXGc=l?Ia2G{c92s;GHah<ghy?)kxrlJasDM(C9^gHg%Rf<W?eb7%ElH
zgrplEUh;?AgSV0C`s~%?mCFCvmYNiKjv^-Cj~XH6lcG1N4TnZRH`*CJGkS&uVB8n;
z?taw)QWAbCw2Qc^6PnrPYWPAqi28R8p=v><+zDB3DCoFf2$SE4(aF_D@T1fAJQB}Q
zYJ`%GrZ?u?J0lsZk24`2*J=ZjK4IXkBuG{>KMaf7eDIvhVfM7ib$~e(GEZ7T{TulN
zCmaa`MNUQO$dfm)0Uvyp8bkC*pBSAj6Bkr8N>xoQO^nS4isiWyz=UpLWJKI0L2-BV
z%Smur?_WFGeI#rkxb8U|KMW^}jumE*h?4@@vL}l?H7x?81qmR~Etd}D2TYd~NR_Lj
zbB0wz6?P-Ts5=|~@cGj)D`mm>!(#3`(U^yQ`M5M1ne$q|N3lgWI5&$;q3O6BflYiA
z)r^An4|xU3Jj~ddhNMoL<8_r#N^Q;Th0uQba$_#QT+p>-&F)H+d^4if9r3Zq#0ZgG
z>Jqu{_Bm{jaS~f^B*>f?0T(iykT7&e2+LwVu<y{Ui&RcCeF<p!+Fb0e-x#AV_GNGA
zyw8)u^UZhpxNh3}$fUqo-$<s@9u5w!u#bw0szWQiBHxh<?~Q&24Ymu%$Ok{{mX?<E
z-t4~dW#&F9Ytb?wIrshY9mrk!&`JyBPBY88Onu@(g=wrpu`cs<q&(f&Y>2y4{P-I?
zyFsrEUEWJ^tvVUcn4;%ig|InVV0+Rh*yL9ZFk<3Lej7@B)Ht2vl_1}?uw{D0PNhd7
zx-4DonnebY!~HSL*5#G(Joc7+E7W<^dFj!0oZXRo<JsnmyB0sjcBtW7<TR16<yjRj
z;10~S+Iw@<mpD|@!+5U`=%oKq&^|JDOMwBE=$@IwBw-}|m@J3Ygs*mV5Xg`WPV)=D
zxZ&Wqinx+gYDIAJ9@$Gwg0H<g^ymA!xh+h-19XvyR+-GvfW}Rzn;pe%Sh0qr8WoM-
zj7ygJ0@~mod$mm6)ot8njgcXfQ6O7DGV1fq$PwWQ$!Bv)_KE1iX|~M{21T4ObFv*T
zsg!S-pA!m-np%3T{wY%US(|L5^@}&;utyw39B3st`)+BG5))pcw~;Km<JS@K@=|cT
z6^_gHf&_E1I6<SzphraNoBl}>kGS%j&V?kAHkA9CoFi%yeSAsS__(?;srKdafrd2F
z$LOhHB|#orhQ`yv=RIu!8)Ma@rd7NL9xJ*yOoZpLFALYFcd?!V_`PF%f;rCt5{TpR
z+L%9zCAJlm%74p7Raxhj!{kp>@$AfCpwLN`SnHWtHZz>G;{7{M?9H9_UbhvZDIbcb
z@v?WjJX|s&fs!&^aiv>zxBYt5p54C-XrZ+(5rujA%YCE4y-R>A?ablW0f}I;U3Iw6
zcr?y1Dqz{UMw#aJaAwC!goOb88Ig<BhZ1?Ol^d>sTZsl<*t8TvRanxUH585@f|8%t
z3Y!oFw_~N#5$xU3&JeSgkRI8YkedkaNY8<P7K^&l;**?qMIqF>vSpf9^7dk2wMkFN
zv0p*QaT0fHLcjE}GFdCsS10HlFh&^~$Q0PsH&-aj_(7wMsb{?~x?r(yFG8C9MDXQS
z4r4s4+{(CG<B8>p0kM5UgMN4Ie3Z`QH^ps3b+^46Qs=|r)^1-$(;NBeiyw1b^YpTS
z;n~4de`QN45PYQX4z?pA|D_zq^<#2XxczQ-tk?n=!RokZUsO1Z$pU|SG|n31#zT$Y
z&EX?Cg)*17-d^7IF~3}3<E7hq|L2__XTL6t@Hz3ZvqV~VorrjhBfAE_{tJb+9@Rwq
zRn_%gxA1#GJY`BvbM7$y^(ax5dwCDD^?V7zmyGa84PRKa9P11PEIq8^(oYQ^$*OZJ
ze{!;wO5tH!(2y%M3NyN7uF!Zk*b(wqWZZJVDtRh`M;>y8Y5h94)(gD%dPjkO4q~Mm
zyojbImbXZ7BcrSNFJl@48)DAAZYkhu@5whZi^7H$5~fvQO+~7sz{c8%#h8grj_*1(
zc+wEFrp5O6gNjKPmyP6&s(pZTOmV-k9i6FW{A9keyjrC}1=@QkSKABDN_A*^t-}K-
z-2{!E{1b4CFaMdhvEJ)?lX*s~kpSLQddJ;_<_9W_s`L86un=}?<~$OoV0#+mTqA)Z
zGZl7DMp8Ps-0yVD9nKu7BU(3=B^4#;ZLSwW+76_%p|Il8vQ(~DT*Ip8y0<4qC=xkO
z+pg`mGuTl)wnTQ#C*(Q<)7Cv~&+Zo!1r{W37!sPNC%xfKDfm>TqU7Rm7v7Mk@jEbG
zJt3-Nn}atE5KOMSUu}Erz$lr$(ZU0+^Zo+b^K#=6BXR-+5m|`e$O!JhDL1ovd>4!~
zzt#vPeS^<zX$fU+-<zuYUWdGb(%NH#{9zsk+v47I4<DzB&PG9J(3;zhgA^PF&W(;!
ztY~pbndM-x<*nn$0ERJe7lx6I1}$BkcA!-kqU|@{Far088R3c5hCU?-@n8(weUiHH
zDr&Nt(LU$PI!=EaMFQs=zu_#Y&Ee_6dONWUHV>*Q85!hXsOD6nzqkR0nB1gb3-yJ=
zAwSnC*F^H;($abvRW|wA7S(2|^vM7-mOJ?c9*h8EGGc7B0;HruyyUV<N)a#-!I{m-
zr(hFOM<$si6A@;H-_HfFiqZkem?zOzI+~M=3`jL$vGw_>J6eIHgIR50rU$<;lc^nD
zu^KCCz|mmA(Bxp)aM;(pKO@a3OX4!TLqkeM#^c=U%5qzwE9x^5jLJ9t8^N`bSM)DS
zDoVdm&~_i%2+IEG`xFJuZLNfo8^olig%Pt7h8_JWjg%q-&P*2QHe9=F1S&y69OIL$
zphG4$P_N`DOa)-e+uLQL99b(2JD=?50wB$VMcWEsI67JsmkFbZ73ma{nd4+?VWj+a
zazvsltbalHi6@i7+hb8&V&ZTm{ufq`<wyu!Ac^s9DQBJtR&nvZO-XqzcsW=I^Cyz)
z-}#@R3$SZ!cB`CP+9HgU{Mf(F*sn7dNT?e+VlU9<lQH^CV|$*;Wl)?bBjB4kE;+l6
zT?rfcSZCr_XMKj`b4vdZtz*WUz1&HK?Nh}VL-t3~^B_p8UwzM4N!?0&zDTe71L5Ur
zBSe?2TPT|zffy=abFgkM<+0K>({G;=97An-+!Xc)R3?o%sf*$2YQp3t@cn4#%1d94
z%8a2Mlcmt?=6Eo_vmVq79)B>fganJZ64ViE?<6?uL(WTzeh|yo?*v;E_UAsL83Wch
zIS2gtW;mbDI);ro<|uzCZAXCz9!#`B&ZFS@W+%bktXb+rR->nl!0#!pQ&`0V?JSWZ
zDv{7H<z{=%b|jKeA|9_UsOKehd%3%ZO7$cZ-L}Od(9U2`&!%z@A<2xN!GnZJ{LkKr
zvZ0;F%Pld<wBa#|dfsv9O&6TM^?y2osidG8yjI$1)pOcNz&P#XzH|Oow=1<Mr5aka
zHOkCKvHZx3bbd5`&BA3dpKFR9C0=Yf`bPIXLtbiZ@iKEwL8k|8VnYcuNK!(HGbu$q
zm5&)$YjQaqsN-&I7O8{_HcOn`s}Xu&I#B4BP!p)uf+)u(84+u=#y7!>yu^@--dcK7
z`@oF<n}uJWb1f1YDzIN>{GdAbFLmq8N`o^`t@BND?V2gAC;TLbBX|1KrjXB};EvFs
zLOrc~{bkbrQBHYlcmW@0H<%<>`Pd*$TU`axikB<PhXoG6$Y&sJ-GEPrbbeS&$)&C@
zL}}q%giTBX#JK3EoVhfftIb*<F|_iEg04~+owi$Ed<{-eNmwL2f#^dINF}lTz~x4p
z$F1$j0eR1J!@B;M@oMkF&e@`UZ%?2SN~}iA0>{Yu!Z+}=WUd<WnO&?Nu0}f9&10rc
z5AA1D$k;rRtA{do%A<?W>*e&AzPwZI>`nphfZ*ST4zmPDWelB@TYLB@pX}VWw3VGN
zKSk#-O(rg2cY_87(WI|ewF!C#uY3@@+#nXKdIm2bWJmy9sGqaW42G{C%>2oqhFgP4
z?w1EmisnAqv71TC^nhrDtlLR$3>1kbf%@t19lXI}X%M_Q2?(`GAuH~Oseap4v7ZF|
zIyLZg<gkBnOVelklDo5hhg6NH8F<$`z!QF(!;(F2J*yfD)ZB}Wi!JbocKR~;+_z*=
za1EPdOY2ZOXQtOFcLp~;tgo?YoKvx?W6H8ng{qQOE#CiSJr%kTrFuSCyz^0)RvJ?A
zSXZf?)a{RGvFDH%E$`bQtCo~BO;4}IgkrVQO2-MSTqq~n%om4ICk%_jl_uhvF(q`{
zJ~q=$iK*x8#}t$cA;APayzgjsDPiRe3!k!>PUM#_Psz%Q58;G>M#5!_Iymgj4xN#+
z!K0v{GW_jSQ#`{3*TDcXfoc$*1v<=HlzNqt7zfkaL!)*{nCy9<J6Tj(XQc8+alR$d
zq8to{$Pig!Y)GVt=zLNKDb5cnihRPhZ_yQYT9jHAOg5r7#juI$<Phmloo}S_jr5Zj
z8LW=fbY`0#dhqnPR^qhcaRK9EF#Eyw`p;yE{vGoDI`e(o7si07FD{~k*6^vKep9qj
z)lqfceibEuRBMFr90bP3qa^KCy=#w(mO>b~8z;kNq6a>ui#AS;Wgj^zn(DPMA0*14
znG!BR@52jn{Yo#BW}yEof0A?sY6|hOa4(9bp|mgwnCoOGA8MiyX8dX9oE3ITxlOuq
z?iyGXE?%mG#&8dJD+NVJ-P}HhRzhS&Ag76ZWKOx-EGr?XlDO>95`7WoS|<bnoyQXG
zbUZ|i<t@6wVl%8S0T)I>^3m6~b*MEO!f|DR!$?QG_9XJHvjb)ylQTnL{P>Pm$7f=R
zaBzBXmdX8wfWi2&6L~yq`Ip|YKko36qGb-AF@?K`AZJ=B@C0yW=of;b&*O*dwI?bi
zLbJPP#AJR+%bIj#a3UdX5f9rJa!a0T@The@{A+jBenM=aGIqkKzq4F6GZNOj3ciD&
zIuRi#2oPoPzE;Cg1nEri_g2W2XBQA7;sjbm;%<@4A%z~vS@W>xR%4qqOwJ$7Hh;^3
z7lcWVf2Xe0bI35e8iPz2U{G_wG8>vIyl~-3>`V>9)lNYyOkOZVQGi`TzHP+$cS%JQ
zgL$oK7I}WuaKwxhAznJU+}}=IMW^+P4Z@KiV!!u9@!B3rzbV?UPiTKlSHE6C!#C_>
z6Vy8;(iO;xPV{#TQ3M3=10L<7NW^OJTcJapGbby1xif$G_%m#D6xcoD&#^Kt*t5K1
zm_bY}_{h>5cZr0oJDGSL7ZhywVOSs-=+bSVjN`JgMlzrIJCn|~aX4FvR5`}YRoDow
zgTE%OQh$rZbIX1Ga6ATus|P^1E%~UI4;DKiAYQ~2h$tU66i&=<NU+>S0IVyTNmz_%
z?sq3y{Ht4oJm~nRHnmq)NyP{|VVANyqLeY&F}RP`Ib~(-iw)K@D3@i5&N@tmah92g
z&f=j&AlGyF%7zG&6RljrLl?knRC~-FbylHX&fZz+Hx4a^FYnfIyoToUxdJ(CPv>(k
z6NM>&vb$E7*5|HmVd?RBzl4b90|QtJ<XS30JX^#sG^K-@VbY~LQ9C0Z2bjh%8p$?_
z!D9DP!PoOICEv_ps8lx)c<%&MxSzepep%TJp{eTzMX6lXM@e^jW@`R1?|j7~*|sb0
z!{&!&lfyO&6_$|IhtzhaE5+et>s5@6IMpH@9CRt4wypYj(sRcTB;I2pVgXBcy&9;`
zH5{I-7-*+yzAmweoLUHtRfM%~F_<~{!^k|MqdxG``PQ)n+-w_jxQ$K;kRt)-y(d$G
zXg9R|y1T-H>c0lLJQOR6LYZzO)l!HUqvj;yOGC%@#MqDBGFxAeq(``UxH=?V2LD?a
z+g*P$$H>YSA2>$CZ}Xk?VlL2(%$z1u^aum{k!g{=(zYnHmM9tqk6b=2DjbEvu=fdw
znHV4XVCjITc_3?{!fPb_Ls3OTc+0s#2ac~e9Wm!yUWkQ)6S46VI#E+IYP<^~-rzH#
zUi@-FYYf8odTjXJx4P2^Vt5ucB4)MGJ726DtugM1G!DMtNG2lB+h&tSJ^`<ciRBh!
zilf05CZ~B$nRI3>N7&&t)zV*!IHY#&&D7dD;33l!Q-sj02p9qNjuza1j`ET&{kX>>
z+K4MR|Hev6Rlunh?;u*~s8Ifd;q+dM{3R{CgNBxJ?fuj!1+m`YpP*WbFHd6+f1&mz
z<c|)0hv+qxR6~4;mtk$bGMAw<K)cJcjxBd#Be#`_2x3R;_o~_s+`(4X#yqNp!%qu`
z!C(;A`Xlqxe&<nC&6{GkjAJu6Y8k!#mA^ui|EMD$=Piq!jn&Qj???tnbyC@ASF`i-
zz5#-*R!EAzc0_LC;hy$Z>-YRnCRg^v$X)ZJ#foCf^I$Y|BqMyYG%M@pwVEA7b)U|=
z8ybxos`T>PFSJ6s`y?xy$&rY#C@d<A5h*4D*SpsDN5+m6W)iymnWedYdo<{Dh;)?O
z4B`>VAQ_yvnmF{7HkMYa`Fm8yX_@<#`e>)qm!S7G89AX*Zd1CA8>w0r{%+vcjaCb1
zh;#eH)kZWjG!X<qQacT&#*afC-05XuI#*=8o!U6CP9;!dkh6<ALq74#=p=3-AZeF9
z*m+E}ZoomZFrm*=m6<BrX!p9)r#>d>mzF6dEC{EBoQ~vg^prl48pER7!$1)TE<lAi
zt6Z!J4CLW%ko#|Ze*e=(L0IhhIVD2dAu^}1WR!!*F>B71tgF;=yT{^rn``*UpT$ie
zl}|FeR*YMRu{z0ph&tb<d%0|g1$8s#)D-D2m2oNQMkU1Z=QIlY7lc_<Wo&Ffi2Kfq
z_cL0kD_d>$B33T%Z==$<Y@(xOUBcG=S68hj;b^~erf$huhimj<(?lKzhC~wn&Ftm<
z4IIQ}xb)DmU2fvQ`OZ}GM_AEfk5S%L&Jf^V8?)8-v43!Wl;{-zoLkn=o(w@ra-l)B
zjp>Mpl)AZT_V>?(IRFVm<YwR+9-!Ert7$L(wvbVVPGiSslBFk9X-M~LXnH{A%l}Ay
z(y0dOs1t1;FEH|UYyS@$9B9C|zmC1Ho6*@u7mXbj+wBrHwHNF4Azd4S{R;JwNxbv;
zw&*Dt9mlxy`0Jr)IJL6o`>h6+E?@Ue7Oz@1Ybj#`v~<gZs?h*zUd-eyendP0s#6y>
zb;IXTG)!(&_(OS|J^-H9SZUcvd>J#Z?Q*ph)#j%I)+u(nqGAHz;LMeX-v<#{39wVR
zX5R;wk>a}XYiXxka}N<EdnET{AZ*`R+2<D%zg{D9K@#7QhgSP52;q_F+nyLXf`rvy
zI2tZ{`k-C9-=mVFT1!s$9uR%f$(Sj!wGsRr<_K!`lOm!<;utA}J`KN!8_(j7!*hy%
zdGA0Ck1{we5TVSG8A;e1$q)`Bw2KMrGTxu+q|ii*$KW7LeY`IZahV{iiqPLQZadKb
z$_@*r^yqaZ@rTdlk<rpQ_`^$@NmCAQ?4w#!!ttBGsg#No+FB_-nLhyr{=s1Bfv*0o
zniGH}F((@`UXbvNt0$cV*T*tsfH3iq&SAIBj<p#ns-|Uy(L?&)sH9_rd=7|2Ldp)7
zq=&9f;DkwfHp=q_;S~Mz8x=-92rit7IVC8$DTciQSy#XB<VZ%1iJcHyib?M?EJ5TA
z30yN?mKKo2FP5K|-`x9v_^=OZG`b9{g`<4z8&p;g?cCDJiaIm1lefotM1vc|Ws_Rx
z#sfdMOEFoK|5TqfB?cX?n9mtyG4X3Jj`#>AIR(G4Ene99a{q0mFF%gW^|z)6Rst(%
zYG0b;Q#XF{5ePWGv(_NxUsBN=Rt6ll7($s;M%dh3A@ab{#&-|OBdd8KU?zGEVdXI%
z4>!syJl>#qBUzsz6O;&(Q5dYYb1j>?7kW|~Cu_Pe2lx)=NN#P14p&nRGl3DC3|3aS
z`?H=xPNade7{WndtOoRxs7YMUj!#?slyP3uPm`$8U1(K(sPi8RTfSx>dq=d}rScGq
z-goeeKFF{*T@3K@h=mN?1e$$D3eD+TRFkSG)>b+%oEdCa-;(V$CR_fHtX4E{ZpFi1
zQQUgf+C6(c1>Y;$8$YZ>#&I>jmR?M)A0!qAlG8U^?LgnQ^Q8k_9@K8VoPhys){`xq
zev_a&4l`ozZX-@_?<E}>g=f3o%RmiQzqFRcrxzDE1ek(>l@Q1m`XqZ#xQhF+<f{GA
zTgCcKw~tFwW+jKm7JPnIo15(~@toT0FqBBH-MEl*CkpbY5ylo754~Hmksn{QJ53z5
z_Sg&SC+$6v`nMPqPKu{<=R-%u@DcXyPdJUgLEo=h*mFQ%2njhh0>WGfYeddYPsb4&
zVhefLCFVS5)92P>V7*Ch4f`XAK_oM1U**(NU{V3S5}^_mq?-$PxYRIt#(F#h8Z16x
z;ptHJT+m{z)ehm?Iqpz)82p9!lXi8%abbPv$+y$x=*Y-F1Kjp$qJtJ`_h#0Hc-qEG
z5|YY=GCs)*$O6A})WBW!v&|KTF=R6@GHFyH9|Y9a8zVQ`q)_PAtV;29UR5yPoW}8_
z|2AGrAPo!`HLJeW0BL59Z4|v?3RhLiORokDe&?vru|*Zg#eMkwF#_s<v|*H47n&>^
z^2QKm)WU-fL6_oGX`&A)mPLx9|7Xb3UchdJd@|`k*uEytRxP2if0ROG#L(ryi0lNx
zF-^5-aRo6lwLCPbm~PhGewP=UKH^$oTq|+O)JyyIk@!zvt1GmM><{^z@Y}Le9Lt%V
zmawp0Ml6zj$%Lz4*6Hc-Htl^LMrgJcHbP-xFq0&|Sh_N|ve6hmQRqa-x5rP674^3S
zcMyfPyg$<0`LBaL8wr=P%=GeGD+$dxrM)oylsC8P@*ALjW#prGgF!R7q|Uy(SzwOY
z2X!4VMz(0or>{Lt_gfdo^58wgjS$aO$85<r@dL39D|6djhuKsrjp^QeLT`1Xm=7vk
zNvm}94}_Pp_P?|61|oznf@d!UM7ZPxPC(Rlz8fK8Qudh5#6yD5irY(x`iBdQsmuOj
ziZ);q()(tX#X<%z7Upp3*tW@zXW$<bxM#RWoCDu2ACvsMAn&;6PpSqR@V>AwIS&wH
zxpctcHpAuh5tUz{-0Tm|U!dujw4NMR8GkJrwEs1kn*-{JEQyu8;+$`%_(jg0<`O!j
z#1e?z*xV`j7DLy@#UXe&;t&c=v2<!NcjU-kFZ(Z8?H}{Mx5N&!TFWNF*+CzF``>$d
z+J)&4+<GUcY5Fh)IU;E)g_~*ft2{)rF=TB2Icxk+Oi=;khme6FSbEi2&>o69?x#sc
z&4e|-kgG49c+_~eLTFKmVMbTQnOa_qZ@64GQ<ijTi&2oK&)Gxc$-Ud$O6No~d)$KU
zriQ(q8w9OIxtm_~`Xax)PJdoh*XXP+(ASRZ`nRk1S^`KX{s@nHy2n|9$4O!N??mx(
zb^9Q*B(0Q})uyw^{|qMQfO<p0{xL{Qa)H+jl#3@WJ3NPVTB6GFZkxXCcyhEVD-lP^
zRE^1S=MHK%OTDJWSBL4v)VI;U6q=XC3@Rq15b1AjZcph{kzsQwmlDuqr-y<!eH$?2
zW=Hi?qaQ>r&s9Hh@Qja*49}|@;ResN&5;gv=%2l9cPEG=Yo~L`LK!s$E+i%C_~Hd~
zau?P^G#^uxq~Z7T!LlGrFzogm{`nhAKL}A?h;hiCjB=(A`z{JrOQNJsvxEYe;ZR1y
zOROadC9U<)<xtq4QAUd$8X=sxGmvY7ReS5tB6a!ig&sRu5E4peh&VEyTJs_IpkrZK
z_NQMxbgn)AtZq$%R#}*zlgi5c8jogj9JCCpvJoc*(-iCB_pYVFfSJ+^dy;$+cj7Rf
zC>k?}#19Dhl6r4VBFLW{VHCjCvMqELc8uX*<wH9l6BEynVmvm~OmuiDA1UU|2$DaE
z=jJ93%QeG3hWMGGT}aH_JmHRxLBK3z$n?kU5achJcy4DY=sytEQE@0`5kI-R)+~N2
z;<Gg2s@rnwz3-&`p?QC@4p5W;c`c=gB!w9PC;1RKTMA?@Pc7aTcH;tWNVCYq6L0OE
zn#cJ6o1SAb+rbRnh-GPEY*I#wbszn?CM0-p_>mfkxnpt1oF-A2azqUn_U}h<wC@gF
z?2?diW;o(zuzR@d&`gKUlFeAz3;A}94Co9@EiIPc%SuWH{#X|6?S75)5{(C)|7gKv
zw<D+T*e8y{M~)PMa8?}hH(|zI)zJo%*C3|X@P?90=LJU-11Kz@M>sQRM1|a%_pWG!
z2LZ+=7>|20wG}269E#?6?hjIQqkw&h@zU~#_qdfw@D1~7IeCp>%4U;;>!~P+($;G`
zA`mmX<S2s><43RC$L^%lyKb~HunO<;{{iZsl>P;Bn^#oa<;nHT`aCJ~NB%*v2QrI#
z?vo~V2{Za!reZSNfZo7FD5|Q4__Q?|4>eXujtut(w$w!ppKiw3+^rr`E^El1PSZx=
zq?!qb!AeC4{owl>J2ooF8Ov*Hf&Gv~kbGh#bM7q3S}2!l6e@cmGJD+NiBL-}BdDaq
zx*o-Xj)S&?muC7=&y<M7w=P12?ms)L#9BX1!v&D4XvDIHR6e#gf2%f01{&-S=RTP@
z)9>-IlTbB(e>P>4%w|PGas@W}nqas7Z?$-GLgCB}lvRj;iRny$<dPo88!06vmI=j;
z#4_=Csy39wVqOQ;v$MAB-Ly@w{xxN{A2lq945qX+PqkQnL4*`PTjENS98IJfDANq1
zNoZh%uZ6YJL>O9JtvoHIfom`D1B<!uOilDK6RcLB95^sD8>Xx6no|>fyGeQu`9o;U
zMy(l(1EkLgi-IZ5C`u2g$<F2jn%8*Mx6`XMI9hD%aO!{paV^<iUU^dXpQ3VoKt8Pt
z^ftpbGCidUM@;M@31_3C`8Cfxd|x!Cp5vcPIU|Lf%@8OOW-J~nt`V1>_`*dIEk)~E
z3qDsr=3xduNp_YHbzeS~+$kWrY4=>R*GhiUm5-FpZWl^I3U#FGfP}8^LPTy3$3o6$
z3^c~VIcm_nnn1Ky0SQHr6IQ(BKNpAtxP#xyg~78dHdVqMQ~c*x2tv7#O*gfkrd|CJ
z2yt4-N21>N877$+0wF;FkG8QVBs^<CD(+crIAL|p_a{~he1o2bJ4#l&DQ^T_yar`J
zunM+%O)D}Z2%w;?9dwb-kzZdLfX;elcux+yhG*k)H>n=?+?fK)H<}J>WSUQ+-})Bk
zO1f-sDMa6RHEd>}QTetX7`Zw6v-@x-HPxbmURcf%Pd6!QI|2bptwQQQ8U4lbA$Jf4
zh>C54LO`T1<Sc^xSRn_YCnW_%LPC<blzr8!kqj9i-Mf3ft@iCxE7yI78qi~0$JK*{
zgdZB`Dsnb8MI9ph!AMPl_UdLMy18ipI@chsBuoopDg*)`3Obo3QSf%HrwC6##2sGv
zd%-OARsrS=sY0H$LRq}up>Zp-i$isFKXSN%I&7SHYSV*+$>PMxemUBc@CYN5)!a-P
zoSbB^RJnnfh(D4$Z@_Z5s+W#M9fQM)3Cw^{KL{7sQfjY+ZP-5k-?VTL1!;_ki1^NQ
zGrUf#X+l_qOsgHd4kX7qbeSpA^bzUMe8xh=6lKB;nMRD@Sfml2?jurMkw?G_3yTnq
zi(X`Cf~*nbY-UcXDd)7GXd4zPH>Bt8P4cixSZ59%4K#Y*>u0MU@gkY+Zyo$-;zI17
z(i>{Qzg?N9=#9y%D#;B%!o;lxgw9+@QevOB^Dp(T2$bnbe}dIsO(t8lKQ4NOjr<8^
zF^gi_X^cq;KNR5p?jbq+#iRwL$3%*(BL8;^eGn^1f0lD`abfa%yHCZpPECiSSQ*}4
z0K(|b%vOvoW;phcHgOcuQKOcdgJX1*QfyL8P74SlW1>+=G$H;7Mo^grWvcPnv0ah*
z5e}r_Rxc2wVqjn+@4uhFW_k42lFQjvv>S!8+}9YbkW+JH>@o?98oxFc|8Xzb@V+co
zKizF?KhGQ<;R`-(G#DS2#Aq1iOZzv;>Wk>&-~#f4eEIK*T#fTx%w1}bk>p|heI{jG
z^KM-eF5jv>hF0gV=R=?mgGbCkojrcdsOE?p4;vnKakIAJP!yLkBPDy3TK8nT8kUdh
z|HzkobuNPTpx`Ri_lw&pj_K)r)yC%I;^?XcqGAd)52kPE$4oT;!<jl3_>N}tZtkW-
zMi-eb-TrK)^uN#Oc0@eZ5%$0hVg28v_(xOp30Z7#OJHsL-|7GUrOQ&Gzg!>ppQ@4r
z`sKL>mj0<>E&cD-?Q7M?82^aZTNv_RZ(v&hgnIdHNK5;_VheVC1v$fDr~CU4X4n7d
zvV0;b^nB5yR}=pI!`B|ahzWvecU4;w{d>Q^f<49hL$iO@EGGZ&U&*E!zJk1j$in<f
zhvlEo?DqSTaCwexX#B4r0lr^B78z``B>(Ghe~^52yME;jWd9Z9F47;m(bsTJ_`g<n
zP4Kn45912D{|b_${}tpOCLR61R`-9e@Si*Sf3NT#iTr<A_)ogu{~hFi6rBHGwNU7t
z`ko85cEu)6fX0Ite>l6a6H24~xAIn$OYHwt*8t^!ZYhRkTEnjao8ZMpc7+109dvB;
z(CIitP|)J|>BmU&_TccbgTS#1_VzCgHzGgkb#JK?uYcFbBKUwrr7x?GuTE<~!ch^4
z-EP@GFHhKg9iN0>+$^R)I6N`#cgDJ*M;-0YBKQxKC1vU5pV19$Y?O3VLe|zW>-%K8
z>`Y8ZjzC9~0+7dk#ijpzHlG09=Eydk=s41}zqSrvpEcm6ZpOOJwWVQ9y6XyBz^v80
zp?NCAlv%{F&*IOgCK$RQz(P2EdO%3Y$cQ*OF@@e<nYGq~JLXPU(d&ByLB4E$&}C6=
z4ReXUfoX|2qkvrWaNcG(Gm+A5IKbI7$zX5ti%bkT#jyVS-F$77KFB+=&7v$nBV`ym
zZj;;b#IS$m?KmgllHofu;LEHKC=gK_(;rK_0A%vt%_S5d;PQG*tA+c2M7?8pWzn`Y
z+)2l_ZSJ6B+fF*RZM$RJ+8uS=v2C+sW5>3WH|P8Ax%dD2vF3c%8Z~E)QC0W%mVX_D
zz!}AM^7AcSxKOb1qdDMGf<qyfo16-3TZ;b_8@&}t!^B5$?alxjOe3XaO|@fnhRysg
zK34ey9^Z#=SFFcRWFPB>>pRQx!Mwb@91}+uC$mvdQ6i3$sj^(i?;9F<YHSQR)cxAP
z|5;42^>F|INV6;~VYNA;TdqZWXB7tOxTg!v0)Ey1i><yK|5=T~RD5}%l;cfxaT5}w
zFQOHYnv&D@^bey;Y31Xbe0{Z_f9irAz92NjO?)+xcChK+1zw<UjF9%S%I;n<N*3OU
zlA?{Wtt;CJ{)rVg9D6kf(j%lxcQl#(<jDd|ekh~e2nsogI2xYT$UD`wxUGjomZOfx
z4yhL-i$&)nR*K5a^!M~KrJK>9@Q0VRacO<~eL)9SvU#=TE@A!Eb}|Q^%`x+b;q>HD
z>-%=U?v;a$9Y&jT3rUVDtza_k#e%{Dl!0>v&MG?q=gG+l%~Vi~Aw0+?a5$Eq_v?;S
z3-%BpHId1Q%;HpQo}pFVq#_xh+3e6g;bYaj=1xm}$QTi@_{P0*prbBe^M6?VBDviH
zk-Z*xijSXI??%7a(G9WOM#!?C8ewfOj!?zpj%qMLP8Q=ZBVj~s2AY<38pOV+@7=L&
zJ{s{Eiw_j~a4HeKQSP8@XzC-xj5Lp8YhDY5^Fi627DVRIzFS=-V7S~)u%eGj^AF@f
z6%_8ZEHCYO*{84haqGBT{$DQuJ_Nh<0~Ed97hPM?Fi5kLwBS$ndI!LV@*K`J)i*I;
zZW{BTmMu~GpV8x^Zx|$GJv6>z5fC?;c&&OMd}zECXliY(p~1&|6+wEd9iT6VNa&^b
zKuf0NL1JVAyzyr-3u-A9@@ZYu__eIRJ?lH7DbaBQ%y`dlA^Qhs#O-T{26%E+4ho$1
z$IId0A!0>T$RhmVg5*}*<8s7tSd#b!G{(WSi*)1TI~46ThP>;1aiVX!{YLu{8J5d5
zmEV`sD2~fC74`{a)>tQOr}EECiTCSaoN!gx4>P??+ci1Rxq-|)w5ZC;vl00%9EQc~
zhbbK~f+a(ZTK|77`Qi(3N`0oCV4EcV&g(v`p3?ZeeKJ@4M(7t;x;i+w#5QprKdd6!
z)Di4hWUxm!A`K`I2ML-xY*B#^+wNObFSERgTViTt@u{TSdD4N?%$XhmQe0}at&}T@
z?=6RR&|(-W3Ica#7($hqWg%+pSMTN4)Z6DODNr5BS}V_QPO^)r?cq=ykP@XfO<xSp
zO$f=RDtRcvQ>WWwMQS>YEBw9OYD4bEBXAZ;*VfIm&u+WYu{zf}fxIuPc?J!MYCE9l
zVD8w#_}4j0WtTNt@?db3KEBw)+*osJjrpYX1S}S7`f8!&I?S&~nXqtU`f=JS{|LN`
zWbaPy&hw}U_Z82Wy4-W=E!t_hEdmwt@!NsyJ=7g4<8?~16w!r?o&E%N4~~PcQQa_P
zVxt2rr1|u8z2hH|%eKW=OaDFF_5dMP2MPzj6`7#flBIzDv>PqZu?gNIOmVA)l#=i|
z)4;*$A*tOQ$a4=~tf2JzlHrNPv^?cG#MUHeNRvf~L5x^DyF}3$qA8P%MqphuM>a+p
zlO))sFD{W3*5WdDfJIAL{Z6eeZ-BU$M=Whn?y5lsL!#E~OTiW%r0WPc3-)4iy8$+1
zI;_>{eQ_i4FzF8;Q9|ey87tGDa@fyw1>yplZp=Qz0;A->uPoAMTm9$mrMx3MomJFC
znKGN3s0ef?(vBiOhfw`|)016+AG)@5KU!B`Y42z8hHiw{srzV2xFGU%i<JAl0@&Fb
zVG3JP3oWTQeMHHJ*jzq{8N=t~vxC)H9fl{IGXK^y+F)9}&f+`Kfnp5z{Ex%972+Qa
zztfx*O%vf)xymnCGL-c$BI;ZXBq7&cHR;qE?udjqrCLK1xXge51Zw`MudiRJYzBVc
zDrov2qF6@AK9VS8=6pF)VVGjsv~)_iLVdI@o`tj<!d<&Tz}jX&-=hK*BEKU)S`#f&
zW%{*Qqs^-^ytUWkveDM`CMxYOry99U%hnL7<Sc|Rsr&L6ol=_x6B!yB$`I-F$sFr^
z<)Lx#koUZ5sTY?n?S%kEqlTUSzTe?t-fOX0@-Pf$wPO+w#b|7oNw<gUuth!ab5uIf
z_r@9`vZINb9AouSXRU}uR!C~&hI*9F%&%!R)sKvbJB;?zL;l>(J;jRjJDdh;R%~l)
zDGfm4CZX5SC8D9c01evXT+GRYeUL3)7J_SBc0>3ab0peoyd<7%z*J0&BJV6&FrVy@
zCt;Y-@&S6L{6u~hLt2!tR}%y`aHRKoz5Xd+y#7}X$Ubgb6W7WA8rUhtdwhKSUA<eq
z@_+DW+Y%y%gG>9*-m=4n%`1a3yXH@=P>|?zgst_U`V<;E3p*_{1|~sVMd8AT9Oh|#
zT9-SHm$`e>Db(#I8uP(-NZcjXf`fjuWpynuA7gNB4hK;&Y1%%!Gl9Wy82HUX-Vnvh
zs^_K|#&C=@(@t+e!uJ6BfJcprqQ=g>`ul^UYCRm+aX=@gO^%z`X2%<_(zc--l7K5D
znAkt$5AHv%!-=?p&Xov2g%|{7dMyRs{?R@qkH(nK=@o}*u8V5-%4O>ICf_-C6*%8x
z639f>=Bvfi6UY4k!|<nNTCW={b8nbD%VnM7S+yY(>R#}_2PA`U;F6fO&N0qE{#I29
z^KICSguHRA&h&9XU`xyzBEyKli0e>>Cd=JDYTLHSM4IfFZhZQHFolQQce%XAYMpq)
zRrz5Kn}o7GFG}`DC7JJN*1CF6<PBcmYdfd+P9^u$^%iX`FbT4XEa3|w*&N4_FwWP_
z4%)??6D4tejQfi2m|ZhhpA%Qw<+^!od959-uRZ^@Q5YR&FVJm-$CxE+>0b!C3uOM9
z><x}Ngm#3i_+L^*=63)@oOF%!f-nXc>05HEc^#gb{R}|6$<&g8mN{cLwu0M?lJaqx
zrhMW``}1YK9%GFq8jh=WgZvMlf+@OeqUK^8C85q=ld@xs5mA6WQtVib8{c3<EnXW<
zE%$(}4R&)U;b1N6Nm4wq=gV_0bICv@hWR?IzXrI{c$29TYbfyCH`UoMlK*1vzXeVR
zmf%+p3oJ+Lti;@87$YlqmHAv-rNP~1pxKk$rleDQOLJ+#LPb`ee5KvpqEny!9IGcC
zfK!e~BL86WZU1$v(zuusL;k!YLZ~VCYT)+Nu#t6wJL0b-nx#oHQwoe1>X|UclC%*j
zOd2GG`fI@z+yCA2hsC!uAhJsV?Hh4WnZ$$HHS!F)0-XA-kmDzcPR6_uw_{|q>ti%H
zcw7+F{!1P3XmJ$=ofb{@FP)bQRb3EJ38~y$wiU7H+hmr5vIk!AY4sBv;#gzE=}|M2
zaPK=#p{3VL=1t|AxBTKS`u{^r^wgqpar6$Y4m5^{=8U>?X`Zi!tVc20=y2U4>@!=j
zAF}?usgC7UENZN>8GjiCLV);q%SHyyCBeJVN8c1elxno#F->FC2HFvV#~i(W`1Q9=
zqzB`JekT7fz2dkI5hq{cBwebxY->b%7eC}>n$s}9)VZ{t?bV+~S}QhH7zIMqQ%_nP
z3GuMMYizpzIqXC{h}{vWS*Z|4@t#1cR9i&lG8_Kn3cuZo_3OX~Knc`b_8i(V#9=|c
z{qooOFM0B!xV;R4e>sHqcSIOy$(pY_pm}&!nis3X>Cl=Oesds@(Z?u*MXA)l?!wxJ
zkSs%(hEl8Vvv{}CBqi9kWOpxbo#rR`V!NNHA+5eyxL~z^o;R&FcP>~lWuM*d+i=32
z)}aUI{z|f6)z)^-b0Udqu-m{Dbvv8n^+0AR-pEki^`7+Tyh(dLJEVaOnGNf*uo>jA
zS;$e2`+ppg=zm_(;dWQLJC%i2^vS!DQ}6VEvAQ<r6k}?kFg0gQU4G{PBvEa7yGT_J
z<l&E&-s+euXzxjwzM(D#DTahlcsbZ{_Pbz2-O!=$R-IE7DhfO^yjFtFBNh4AXKR6O
zqmDqUl6QXmqh<32(ps2-uY@}G;wm_~{kM2C24d?)=7MW^^95S*VhTZ@=!|_V^9o;%
zwI^%J)B5{W{%{ZVOb;6iq6)U=W(PLCgM-bR2&H5JsvD-rH1^Ew#f|bsE%GgvZU(M|
zZGvCw40E5;n;ze!e&*T<{<Cm*Z+e^pbb2IEMU)C-;Je52*V+`Y;F-iQx|2647HX0`
z#6>|SkQI=0J~qXkySclce0Cg8_0$9b-o%72f32)d@$d6L=H0G0-{>z)cd`;`K}$Hp
zF`mT_cwy3;IZ>T!kaqcJ`b(+7S;doaeU@9~p5OfAk|dxZJ~1_)*hFdF|MeMPC(qD7
z(!A(_;)=e_<m5*QX|+tjVn+!}sCK63MiC%lHzaPnorQv8vHnUbTV(6?@m<;M5|G4;
z2Cj%;`4)3khmH7TtHX^%S{@+P4cb#*#r5hgMu?1jlNF$!eV=(;Qv^FFT&tJ+sNSkQ
zN-KMe-L3q#r*+9R`on5B$c6dx-^ZBkl9#|OmcStxEH18p3B^$3HiR_T-`hlPDNCx$
z5M5LU<X0bLvdiD=-G}c7oeb&XXQ`mJN@2U?6jGOhENV}^1CdDnzjZR%UUp38s7zwb
zjdot)Yu9<yPJ)d8u(VX7a}jy0XvbhRzEdQc84GfTDM}tOqy>}7jBmeVDZHQ&lBSX<
z+~o`~hRE5YebY-q2-ajDGoeHBUVyb%BST5(fMb@*COh;}XiQ9QSu{s#)7|sJ6=U}r
z^V{J`DG3mOp^KM$+qo@Ym-27rUkBUok2(D5l3@^3Jl;=jCMn_}P2@J=O>q;%K&EZ0
zipW(CodGFDL@SL2wP4OoJ&C-8zYXeY-*kK}R`gGs#!~|p<%&=<+NPe3Cw8FterrvA
zbCy`8ax1M^m&wkg%n6B`lSB-Z#<gbfWKS{}l3#C)Xpi%J(6U$m&88wYuYQ60GUDb{
zBf_RqJ9}h!ImmVrMsBG=CE>9Fn0Pbh!D1>T-_42R`UpXvsW9PqyYqW=q4rW=XE%Ft
zABE##z#{3J-TO8`S)BhF_z_X>^3_TZ6q6Q7sM2~tjFHZrq2xUNJ$7&!h&Ya2Fq;wR
z&(B*9LwRnO7kT%{p=JV0p63}v<$5+ps5J^u7!vl>!K<lnArSBaX2@Yt^I(7+uV*%C
zt(A=z9xD?5b<*pqgQ@r|Sr>IxHJ72us#gVPEAzBH90lJ&@V+U-7YE))RoT?K_PgI5
z2@<r@vcNTr23<JV^~B(A^`+`XfbsL1oM!E7b~k!@_}H=lKnETY8UpmfwVR9oP=&#~
zhWTO_GG5P(*?b@~MtHGAY(?l^9!}#;)7`2qKuYdWvgnJxpNw10x~>-qy@v<kmvwx}
zKY14oWn)o;UtABeZu|Md>*U+VcfF17ylPyJc}zVnewk7Wqkw7Ytsqsdv|viKqi?i5
ziuuNb+F&h}3el@qYX*&lVVUl`iIoH~Kqk4T4->X_H`YQ$YgFyL+U>k<U}}|JU-_&r
zH`zgJcg%5mIkmbw>#F>yOW2N5-b1Awma;{4T-u9P6zE^SOzYp38LZhMXYthxIMG6%
z_r|-ve+w<Oy9!yd{ehOGI@@WX7`MN9=~Fb(Z}*xUD9_Ht*Wb8WCNo7nIsulPswE_m
z-RjW&o*b%6<PK)0Vnx-fO`R;yy_%X2bNlzfCjcZ;B(PG>N{&so7Ob3(HbSV7cvCp8
z{;KQ+(JU1O`kA1o5ONxqlm1G!Uuvhe2I8WDhigvka@05vm(zw#w9y9Wqu*h7k*f?}
z?2W*-N~6W^tI_aDfe-cdmrh+ml{)7=heT5e$qtE7Q8n)SJB`Gv>qqaj(9VpzB+|9C
zYeeOw_gqt<jSg35W@O+1a+C?TPUFb;dU`AtR68NDbNrB+I98eM@0b~~AK<72UvToW
zUcjh`7822$1D)r>0x&e=K9WG(&oVK-2{0v+mJHHP;YVoVmelBf1rd0Pn4e|dgtblp
z3OdH~^?tN}TaM5$?s20i6u5)~=)VGBV{()&c47}NB%}0*YWUYnI=d)-KAV?Ge80E-
z<rooCO`o=XVj{9SJgOWg?;7&989@By@zh+P5w7NGC0(#-(ZnK#LUtNC;E;OrZ~{I4
zqc-5?*Io_O^`fkzVQ>J7zTbl)jOUS3=Cj8m_j+>^etv-JAe64_Vyotc+#`#5SkbNN
z?n+tp?vX!Xjo~Uf*IrvVYI;t=N!%pyFJygS3`STD;!}qvp9$TEXTO?U?jtJN+(i2x
zwk$ssc<<ua{nOscp|Mf)_sDz+&&gKL^Nq5joD)z`VQg}y6PU)dFKl=BzLu`{W3=a0
zm^2KteRXDAr%jhHaS70mT%qkoz2gI<_jEEy?X<Rb%WP}t;9vBjRA)l(j^X3<`Pmr<
zuW$_SK;Id7dR$Wy=v%~&S>4ZmXb=$sCYpeLxa~6=bzhN2R(6Xcm-|9cmut?h0S7I;
zX|z*hO~B%H7^+MnOSL6>G2#LsCR*hciL=288Rf;=A%H*JR7^2x47s|f{|p}}oEDD<
zcwM10m)AW3M&l+(sU&K(_%8`N8b~37U+=fui~L$fb;+%e(`B+PCY-BtkiYYK4U?~1
zW#SjTJy7s2=nD8f`|G|;FI~S(c;T!qL^eiu_k<qm!+KalDK(<QiWgq*rdZ6da7P5J
zyJG6USdzlQ>n%65;x-F@AOJGCWbUO;(0Q8G><1Ro^#eoK7#+2;wmFLTGBrM<QE~0p
zpAThgJY9mbq6da8t+d!b-nWihTz5%4xx!0Xxg<SLoA%nq0ey$#^iI1W=qStAgaEG_
z)EI$V_qW4Y8$(BjAwo{wU*0~@82iP2s#}4Lr;8*$JzR2TIzMvX8f=(Q)v5$Pf$m@&
znHgpbI^5ilPgjw}rC7U1+xQH^Tjalmnv95Mz%ZAm4o?HeQqloQ56#`xr-?3gv0Y3r
zE$7e77i;w0X_CR!vu4(>iD+bNQb<ISxoB-8MZb$nZQ7^LM~U+DzkQd!(b$--ijgJH
z#A<}FOZ4Sy+`?#8q)U&$X3QaB@NM0XK9W+Xqp8+oL)@~n?=87CH}X8ha9$g8Tqufs
zx{M~?0Vy{#cb&VpSRtL;Rf<TP@v}Pf{&q1!0t+_ym2`fpVKn>~k4q2sXrOvnGdqx0
z;h{^SQnL%|-k!J)o~MABQ?&M)v7^Im1MaNS(ok+02{a|8mDBJ@MsaLAIsC5J86!-%
zi@H0|d{D2!{19|{_5P>AX{=|ew1Q^v<Q{*=VjlK6DaHe(#?g?LWS}iIT3PE-SYH^d
zQkaS1+R8CgM@fGpXktPR01$Gq!#vRjADNOH<knb+a#0b`#%(R=Xn=5{En99gA~gQN
zTVT=#kH5qq>f}Z~=K?odthC3c{X~M{pcP$3xiB&|y(byPU<<w-7&V5*<{2|Gsc^_S
zy~!Va@n^xj54u_)7_(8`mtzkew1Ri_8i~&G{JA;6!n7Gy9L;GoQ6#vtU*bSnQVFX+
zw{HBSFy9u^zUvwI<UK{8hU-)6Mc=0DwR%o*_fK&>zH#Vp#_NI_g-^88M^QcV=_})r
zle3`n^g|%M)+H!6<KZOy>EB=pNoL?O!Oix&hX9E%q@hhQzHil$z@1o!@Qh`#ap0&%
zG`u2yG_tv0go`5Kfc9G4-e%QYJQ6t^iqJ}~^wTi;^qvR5>hoeo?fz@L)4Fu}-oMM{
zz16+;-aY%F)nZxY6_BX#Fkoa_E^O&vOkETm7uRQ%Rwt3W^S-w`BZ#*XVZTuygyAM3
zEI|hJF2`g4X|l44xQ!8bSLutfZ*fBizrBwCiQr-k)o~$#$wD<W6(5#*Y8WXm)=acv
zHFGFlJ$tzGCtodk`&CC<zZcmQx~WPp^dJE<x7|(Bx+9qQ9D=NBQnSgH9Zv`GNG)U9
zgg6P;W_3$9d^d{6)NG$*=*7e#pM%Q0g3xT-VmnS!|M&PGv0@?<4(O}hcaQ!#KLqpc
z2L@kWER*#oY0t;#L9XU_Xr`_QTq3UkfhnFg6y!}$qCDSgRb9`UqYazb2-=c>D>4Ct
z^uT9$0U>A${wcyAc>gRW24<IXqN(*i#Js2+6O7pQKWwhfM83xnuAmD9X);DCQ(OVV
zKjWCxA+IhPv~X7GRl(MtFBONL;4g+sEaZBuIvLbVBK!B71w(A6i9{~=YA#MW9pAJ#
zO?qG8a@a$11n1rz70$tJ6OkI`WExWIRXp`oR4W;-ptDS^?e`sFB_)Glptbv|1wTL1
ztKT2_v$E;}49(7Rb%uT#YDe$3opn$7>CMWp(&S3+$iY|~8|EeZrM}DNB*z1Oti1jD
zquud7OC2F-#pPUAch!^fm1J0eOEq^iNsGLlZ&5<d0zh?wRmVuz*lTP54DQx-WYhQA
zC4M^X)|UwXn_FXYj(5kuAMbfx%WG)0`Adh1oA?q?C8D1OU;Oj_>DGj4w+$V7uQmK5
zEP($W>&987wzvaqY2zN@ub_?CJOySx1flvGp`+3r0SvB@VidKM!Y_I%r2Xvl-M3pN
z;Zz_=Sr=TB{oeIKbUX<)N8s?M7vq}Xm)aIokl%z9%kK7c8(_Xoa~a-p&}!!S7+WS4
z&Awe2PSi_Zk$t^cp}5nnxE>5bx9^wVgTJb-pfZ%Vform>?%B%o!Qblm;JNTVu>)C@
z7|M#H+rKOYIQDDxUmd4}JG~Qv{LS18H4DMy5u7-~?p!nxJ$F9vuUBQD4-^AZKi+U+
zO)e#w*M$YRA%r%U5#Fwcx__&xqZ!KqFx;hvWugRw^pQEv>8O+tb`{eN;4G8_be%V~
zMobu*GK#=;{cg`&j^?DF#@U(Pg<|N5Y5hGAyYxDUhTkr<eR<E#QrNz6@;$J6d(izZ
z<*p;Kl)px2ekA6=$&0$Y#uVOt9(FCva77i+sf9#`x}#!-KTLP#7hvP$RMl95Ht=K5
z(w-O@XV~`n?e``jp}0i^hOzCrYU?`;6XpwIXvYy<8+BuzGTOgg`a(BP$jzKaf>w;e
zbWh`}OWNw4j2tLkw}Z&i#v9S-oXXra_k5qrzaWeyR2r1P(7CHA$;-l$LIjN*AEdOi
zx<sAB{vkbozK=c~E(>4D4*%)yZJrA_T{maEzd5dCcxT+ML=FRg3D;&X&vdSbOgIf!
zVwSGvULZPdw}~B3<pX-!&SO(7L$<57LYLqCJzpowq=YH$yKanquQn7w=soPp6F8@M
zAyx+6Ve;^Q4A;exw+mahj7&=)Jojzv1xJOXrAy7QKb*$}nRg1hjqj6=EzLdxOJJM&
zz*;Us;Ax2(d*|~}jw2P=*cW<nmQb75KbeP+=!6hWesM0eBqk)a;8#lj^gqck^Ee3)
zC+5X{9#vO!s0id0b1J4!yXxtQU+3}<T&evyZN3Ka(qB#B1IYw?q2e`EnNX05o11VP
z<P9R=?R|0jUrgzzvV-SxO%%HE9JF{zfy5000gyKEs0cm{9{;d~w7e)MzO2aQqDT*&
zfao*+rPt#*_SmQ7WN<e71>2Yp0Ny`XhG@4!$qXCT&uNObc8c_;Lhy69pMl^a%3h!X
zVqR|QU<N_d4p`45;1SZrX8P?8Um|L1RYY*ePUTc%@=pdgSuN-IC5e4Sf6Os>Os_D{
zmk3$^uI=3L+|YIhKI}`y5Bx9dE+`X4F4RYXcRXsKZW!1ey|DNlRyMq1$34-(RBk9Q
zlK|dl*Q0&qmR1-faB`?IUSTk2rT*%UP{Vj<oxAiNg86Xc@aiIpr-S<)ej=Cu`x1~3
z#-QUBu*d|A<pn;W1Z3Y3nftP1BX2p<Q3<*VHeHXe7j5FlhOqvE@-1$;UyXJeD*E9x
zR7Sni0Pi3aUkK>00Z4nkb*(7_{Rjkr{K&w7YZd~^`m6bNc%?dXstX@`s0;50y@?!d
z==isD?RmBqZcY{3e{^4I?y4$?1ra1-6NNpo5%Qpo!}>ic&nio|-Qa19J<CI^xBEz|
zmeX!xqoK3bmdmkg&$ImSTK`+`b)T*8I3D}m%pRL^a@jX1NgekxZwigPa(uTke7?7o
zY^G?CyYKv1Ifj`YbHxEe^65EX<lL~AN)y*Z4aHnuyJc6LKYzRSYqPPReF=u34!Z7f
z6u8fM)Yu@oMu!WwdV1$Ck1P5b-W_Sls>ct*fCVY(L|uqXa<6!|o8G7;x&BB84$I=T
zYM_5=HrY73EjKSaEk@t3H+lb|?2-w5R&g3Ja$&u<yPHqwo}aE8Q&NZQF1bweAzA=k
zIEIK^2+SEa;v)AXRe%-_C@tOkr-#VMa9`SvqrZcGoCZUOL6^(NCB}W3>EsR*v>9BL
z@CRL=1b-$N24#U$eF)CZ0fMZA9{f*i>%!ly$FgP*TWnZ9vmu|>THkAfhy|wopSaEa
zm@#p?oWHcw@N0{V5-cx<2b{i=-ESzOBRE;jo~YC|&ReijV&1fsvE_4AcSIhD=F^{e
z(*oY;Sc*Q_?O9I(N#Ajl4X);Y_N4wp{_1WI-7NtnPahUEyQ;9@1@eNL4>`AE70rz=
z-d4E0#E{(CIi03%@<rp7Gj2xsk8)7!b;Q~o#**>n%X-G+*CX|4MIHZPQrG(l6a#jC
z3~X0>@JIX@LMRfjVx;=Kuh!JC>SO7LBCYt1|F`?ZS*<cF@*lNAkLcw@e@K3z;g3tN
z9r2DekBOC*vl!)!XHb6z^96;k9#K!JktmE(D8Br_jCLqAHxP;E*_q%6i3O)-a?=>!
zvaVi`cQ>rx%R@oAItu0~_Fnnz)ZmwJ8=YrQ)|P&A$}5^@frB&8@5wyJ|AivQX$(TH
z4WvHs$c@y=OYtf8`6!<Xe6?-ovaMSlqaaiYl&4~m&!MG=XSh1IY5^^EF_nFzLCy-o
zf>sgnv3@?^U%5T9*(1gH`B#-|Wu%2x6e6E<SUG1|f=Rdi7r{<WAQ-ng50b7h_o0#}
zy4p6N5^f2w3)l43eFUjWa@o$hHB}_^(<IA%W86gP-n<y%*4T)-KV3BL?O5@AFOy{P
zk)}QHz2f?%3KJZb6N2g&mC|Cg`<%YBiTzjDEBFhSU9j~%@8#e8Uv4o-0TRK2x!wl)
z3~Nd;oBay?GkK6#iTEz}eoWgkg^=T00VrKz-f})KV7?y=!@a8C1I!TV%CnVFh^tdJ
zLitWQ*;Z*@jzZ7GoQg!?ZBN!4SPQBngvK~4#Y~d1Id%P6T<}XD_az6zs%T`ZM7$qA
zGPv9WRf34Q{mJ6aUr_GnVCK0FZlWn>1yd}@ct+QVi;O?H1D>EI?#@GSrxk^N=l?Q%
z(3kUxn$Bp)`!%L+yV(Xw*@fi!G@(kv1N*!5QtHkAZFX5M(K?VPU?VJER1s_Q#3~lx
z4}3L0Ih{}cJN*5#=;$_ivSoj3S{eBd6CY!2OKMIhXgzLZT&mYBd1xnOZ>sNYf!A?p
zMkGpdbZ1v_@8Gk>l11P~1=)O_yV>vrlx^sdzVmiHY<yC2xtkIG0TEm+KB<z(tHTGC
z<NiVGd0$Rl>vVc~{gCd$d=d1TQ1`|j!sdo20Iv^1{0dmPYynfB1-qZ$DV8K2unP!4
z0CsU_65yTZ#-x-vAREA0US{Bi>Uq=UN+_>CoGnLW@i4LD#n5QA;|NEw0lW67_y#S?
zTI&!d-8kksn)_1of+DF2zlX0x0XkpE{PYO92O?`YILI=m%N>o{<1zwIr>cep9Xime
z7~Ry`X@uj-QZG4#WuEvEt~*`Li+1K!hi1P`1ja$?SwTGToundJg3R`Puww?Fu1iSx
z^O9;hz$uET3JU&!{rMR^<IpFDaG6!rb)d-SMYj2D-!$hWJ9ZrNkLg7C_reW1v3v@%
zBfx<B(vR<HORMGc`B7P?E7b-5Fk?5@a>At#6F<0Wyt}U|pc65=8J~8@7n0nkxNuPZ
zqGct1A};vqa&&s9>X2w4h5C}*&>Q+0psgF;J@5NQgEX^kF@t-!^ZAr`zs(rX+v(92
z=<(r$zkr3Hd4G@n<ZMU(N5K2fZi}QKOAu{LQEei@55+>AKRg*{EK-FS6p@eqFE<!m
zyvTzse?_^mxmd0{=$%$s^ja>5r+#j2=RxNU!4nfi3(DigE-qfl66p0BHEaQTu&f*^
z#|I;`>=C&_(Ywle(}yYXn8j{Bmesjz`zH93u&;?vx2E0Xj{tY^Z!vxE6jHb7hHOcU
z`l7A=?ALDO*uw`{OnCdh{!A$(NXcR8O{%k(l3@-c;$ulxD9H3Cj9GA`eiLgcgF4a5
z^c2*h7hI{5;tlaB`KA*?NcD1&?DtGqHmX2au0hle543mQuF@dtzq+%H;r9oZz#7<o
z(%BN1&Xqj&VOL(F5Ryfs-`IL8m8E?6UIp6Jb=trj!E?p~{C@hU!b6PxZqrr}&OE-J
z2Nee)4giVSYqDZTdw9?MT2xTb=FaoGE|zLaI^DM!svVphk*=ftU7sCCfL=(8i*0aE
zjR1&A*TNirlpntQxB_oV(UX>3a=#<;C;RXeA#QMXE~gVjl7<xhbrU~AYD01ug~#0h
zx@qk!Ey>G@No3{wJr#YFTC-MKWR@z~dD(9Blh?Ql*mE;znpdek;6Bpdnywqh^+OP$
zL!QeB`+k$A3FakxW_fPxMhs!M_`-l3VRW^gL`X^C)1NN#USs1SmFs+Bt3Qz+$H4cU
z@5N*4r%-icE!r&>pucFUlLqiW#$FLPwu8lX<rQx%@$nmuUYw!8;`o-=P<rejXcZrp
zL!e~Q6~px;kX`<#Zjb-d1k{K$<B1^F_hh2p;7@-7dRfAjdyoDa!&%w(Q<OMUZEe6%
z43R8hle(1NaULO#$DmDVse>@zpup=P%>_VWiyMLF_qXhgP!~Wu81;ifal~2>dq3~4
zhs9P<Bd<+rd&c}`r_=Sm2F*oTNh{vMq*FxkP6nUA*e*~gE<U6#3TxbsWeoK?JJn^c
zQsZ)X5_zKkKA@dw81VwiWRe)>=^4;;+%5-fA4iMx$Ua>q-7-+%QEBpZ9ZzAjsZx${
zw=Qovn7azU4N!IaUVX0BD1Jls>2FJ!&fV$ykM1uc*!pM5c&q=s@xMi9+qNBTijI2#
z54&F|Ea(E6|3k$0{scHfDqp{?|8$JeA<&MQ4D9%_e|AaSZ-FD8Y||}Ea+Q-gATS}d
z%ewkf3X;sfimm(ZK!DsX6inj9TXyp(Ef4O{WbebgF1zFB?e~~}tK$7iv#8!2&)Juu
z7b<b3-+Vd})n(4xZmFTZ@CLCw*>LW)BbPYmA^gbV67)D``DQYVl)s#^NvD7l`b9&B
z7LPBIu^nf0j`0&9n@-t!)Vb`!I$~kO_5X6zT~#MZ9gD6xOti`t75rd<6FZ`+(Te1J
zMuU2yRF(*QU}W6eJnVaNuEC5~@^y_TjgTy}{NR%>+QMCiyp6kv-ycRAc-cZ6PTKqO
z*O5Bm23hQIYvT$CaonGSVEBlv2QfB3YY~^llFzB=3WEX_zU4m{Uv|6oO{zYq`1bPa
z&V1KhHmi&WiS1<7&A*)FVmqF`Pn+zoHfpwP(|5c)_(%chMChz6YO`unuyhnV?f@JP
znsJhsorG!YWX@d(%Qf|wq7t#9>9*7Y{;z~;>I+61o!I11j{_$w4m*P$0{ue^(T=D0
z0Rt7p3}Pjudng)`=#RyzM{*h%W*CVI2O5kq;Qo(FDq1FJLY{n#mOI$aswO|E%coqk
z|HT{xB8rB^_9iJF^kAe1=a};51%Qkg)-_}8MTh$&Lf-=TuL3|pc73X!{xG*3OM&sI
z#_07mCii#~S~W1Y-A~^XyB|nJARLk)BE%|n2Fv9t*9TAvEWfqF{KV9(tHaW3^XQEm
z{K4!6N4<QOhm(juVE5U9JicT%)S!{qb4nZ_dSwnZ8j4&Z@JsOXREtM*k>T*+j=?(~
zZtxGuAA#p@?%sP&<916VY6f8r2h$~_qL3n8RD93P*^a~A`aK7X_}6dU!~>7)*GF5l
z$uAO#@d%S5iu|Dzzf+~`=(_J5^8aejWGcL8{qnr6^|^lT*w45fUBggjlGy4kG{UTC
zFZ~14S=^1K0X4<v#;osS&FU-}BZ}O{omhPz@uet>vt4UV-95{EvVI`&ec7~mdbOM2
zbwy!C7hhs-n=ggC+vtx2XZ46&BSPL{;tVKA&q&G*XVdsrJil<p`(nygsU3ITF61{O
z5)`a)byBj`KLo8?DMBt<m6tnmJCaNWm6G0?wa#PVOsasxj*yz2W;Es8mS$xyMt=*3
zGJ98^Az02pt45ftEkiMOsFIWuz1W{*BDe?hz<YpU`*hRoX+0LM$@ci2&vEO=n^aLV
zbk~xO##Aq*#wYG6{W@D#WR|X4q|b+EXBF2;ip|yidh65np2v0XeEOH8o#Of{FrB3<
z`@6^13un<CUUWq@7vayfMHPfMM!F}bv<#H^W`oXnEFf@(#tN3m@5pI>HAyKYGw@#4
zd^gF)zVAT0?WvA^w~P0pr^Kae*x30WmEbLSl8;+>@(Y!)B4d|k3l#YfLczthfMIc<
zswAC#%MKoc&-+%($Hk~-yAgVtA1^w#o-a$+rkXg=3BuO*T%^~#Qd<D~hs8v}$ru6O
zeb2^|<pL7I=~lRnj%nBOzsr8RYCQsuK~kgfbKOAvNHsfOLor=<Axoz6!@9F@&A2DA
ze<gou`Wjp`dZ~mbbS3ehiyI<)to>~07nP5FDY4xQw86t>A1AImdB}gzqmN3%It~u@
zDa567@nUcyLh<xq0<yQTDN2ISm6P$^+z?Cu+&ssf4`#GlLb}_n!UdS1zu>&n6u2o7
zz57r&ZBM>|$7F;x+tu;ifYX_t=7*{!1lm1TE^yqUI-gP6K`XWps1mvE<qu!>HXMS=
z5J~IDN%-!cI;G-CsV5~*D}pvNe%u?;{nH=;Fha-kI}x|JO7*%O62y)Mbi*mCFqw^v
z?9j+*2YLv;Kq2eBORm=!V8nmi)A3E*+<3?LnS8c@k2bJozYT0T4GUflU8{;ZQkd;N
z@Dhue^I?Mlh>}c6Yg>1fXYvCL%Cg+j<u)HOOkF4H&@;{li0xa@@uRB;DGzfP90;HY
zJ-`6GRf3ptjGhO_;ZCo5$cBABilqGQF#IF==(DE7PUudn5%Es9#8biiEcpCBNa6JC
z(hKQg$?rv)__D0z{MGckFb9K9=FYuBb35v9dwJb^o!DR&G8`8zd!$8wRDp-JB~JZz
z0U9r4PNP~ltlkKIIfJm|89nZlYoj+H!vN_#$|za9XVM*npL=2BQ>uaCB~CY9%{w1!
z)5AZe`9lKUPDyj_ruHHztBCyUS-lS^64V8X1+9L+{;pil*?>=CE?BD452L&Qr_;i}
zdd<EZ2rI9+4u@CJsN#C)$aciMxAIlqMa^&K2jD`s-Z6?#fku+2`T{k&hE_`COx2K?
zjFbNznXpD)LNdNb!5L;g3)nyHnH9A&pn<vKJ2T|9y)!lRVV3m1o>uyQI2HuPv@RTr
zgacY@q9G{_e8BXZGQ_myOAPl`F}d#F{#|cxE$$`yd;|`2asI)481h5b9g7dLHZ?!&
z6YgXJQ)Yo39T`pBRPKz}ea{K<#oPQwUOJp9u&18GvBNcRoy%jtZdj?!Ot@D5AysQd
zRq2$Y%T;1=V@@mk{8)5h$`NnX{2iK6qFzOp0dr)e$bt1B-7E0JS~CD^jZmyQ(PHNq
zn(lfexp`NdYbM~zk*$(qgp|57{||w|WOn$t14d-DxAr49L=+YhwTkgk^ukwE^lB79
zJT%9KX4S4dJpNSneaOM_y48T5Cvij3B>3?96`gu#hj-EV#&2m)YteA}D1<uC7b^5E
zFsJ)BM16N&d_`7ghU<N<X8j(PuE*$#sYu97?X)JJ%XH%ao_{$*Lr+#hyZ~W)l5bX?
z<(k9`mn3qgC++54rqg4g;@*7v=cL<6gns|<-dMCs0)gywH5RY<8syViY{}JN_G*qv
zjN$;XLjcNQEO8~*o!vP9dK}`<pFdd_1+z?@ux6T!pPf^--Z&{34PsTI)(4i-e0@Gm
z!IX>PB}XQ2I>c`M$^w$dSWTUl{>7^bSu#{7zs2~fo_ZQL66(5&WSCGNMMW20X0pr|
zo<!$#*hZNqq3%WGxBkH0^zCg}2^(+vO)Jg%$~>C?jT6^^n_3s$X^mvNs-qGdpVPKC
z2vW8t#kiy)%KGlNy^x0WFY4>@$(|0oU)h!7H@YBal`M}wOSz6)BvaLNA^j(Eo<xD&
z$xZo<x-fIPqvTX#U;+$pEBioC%Vl*yPjj)})x&szgs2;1WzKqzD<i45k(!(E_f~@f
zK78!Mf*@c1djngx=aM*LCXU4g^sB_G>6=R5YEuL;ieo3v{Lr*0EQOichOV2?s)B-J
zn(h25YR6}9?EJ`FGHfSAy)7X~lQLd`xFg9|xb&MZdnB5qVlsXp&_;nc?jpb!krT)g
z(Z)tJuPQh=01H@DD5=}Ml@_RZ8U#qmZtfiUSxxJo@Bcu<??;9fpr(pi`Cet8cK8Q<
zUlX7Lky}1lmtaK@5wTTz<lndv|3Hh`N>xB~?L<lNb)TA*$LL%=E?OK!MrQ)<@Jn;y
z=_Wj-68gXVeBIYWnf=Q}LK%<O=zAc(!uv}X?3xjKvMQl2r6q$hf~>8BDT|4rUR$i#
zkF_gnn(?~0*y>1P)v%EAl4&<lVD6irPXfkFi`Gr0(}+h&#1`vpRl^OTeSv;fx`{n?
zj|<BBXgeJN;F^W%(JF`8|Ab~XX9yA9gu%<fw_(*bUm#0-6S-}qw9sTpGhH>3liRBz
zKKt8vTngoFLkeTp7KG5)3+;4m4tfF^F(|1hmer%u;EFWQ>(xfrZx5IN1ohm4RJt2z
zQC<G<!{Wb>!BQ*v(hynBy_9sSsw{0@Mt8vbRzIoU<;PWM{$4%uHJFTkvsPx?(WQP@
z@_L41XJadGm6@-eV8y;6(#mh(Ho0VZGV<Y;beXzU+9*sDSd1~}O-f2GeL>mIlKADA
zA@LPW{OjE1Y6D>gjbBFQt-k;{`NugPWn;!|89H^TFq)Xo9kM?dmRC!S?_lrA1@0X)
z>B!D9LVknqJIsak&Te;<f%&aYU@KoD2N}}gZH4Vjpt392EMje~0=qCxEj&<2`Ql)#
zAVDiZdzO?33K3$%7jmE$4iQm~mLdD#-ws7`bnag+)-q65Zf2N%XWLGOiG<-~7UI**
zEq4b0p-$!B(m|3at@c^E;Y~84p8kYvPIzW?`#3fDlH?z--9vG%HB=2o#1IggFhQ!u
z%S>)`J<?Kbmc|+;J7kA4fjQCJS}zRfEfgzUp;&TtBg4$qaw4oNFGsy=y(W_^wOs$y
zR%ncGl_@9VxD;Ac7Q1?~Ko~W1X<cL|%-2L<sI070n*NwB_!um5T++{2ItXZlzNOkW
zmi(y*<W*$i&{RFrf`D~suegC7Do*R(1b11qY0!zOnwOv@6FnwsL9c1CWk?Pi7MUQV
zbrC`%%vh@<sbF2=VASWMjCQv)zBoNkr&$1KebZ3hp0w0nl-ln4--&vG{z0Uol#*W(
z$0hw}c)V}AtjkZq`5@ds;nun><V8Snx$wdyF)o;HN@a`tjea2bjqp&7i5=10#v#|E
z7j1EklYT<WO49UjJX2=KK7Y(QwNO+%Nqi#_yik%2-cd7Y8nNV!X(X`u=}8mPA3^z2
z(^YHMjJ~A(MB%2P&rHIS&JLq6OAZfYtLses;rJ|LdLwFmp2oWVK7sM#WTG>Qi7|s?
zWdYiJuq`}IZd;}LX&xew^Mm{jRWLFML*8`C2!Czr=Z#ZQO;%cct{tddQ6W3>*4!G;
zEjVLfOmFibf@#JNOqF=BQ&PqnJ6s+$4|#ivkhkXLB|G76k}L(qR(jyO%wC_W=W83o
z_Vh4V`K}NWMLKDAa+5&fIne#apB|M)cvXR}ZfZBu>Mcn2L>BTEJ@;s1EA;FR;K=RW
zV}CZSq)F?G-d7)lhYw(xm%fGcC>ZRHREBT55-+71aZXk>-sgAivBXv2&#&Z<O;|Gv
zJxuE_9+1&pRnpLzcBH7d2DvyWJsL4exPajwz>+1FiaQy3$-)mWkP0Q4w4Vk2VE!07
zP0Y*bC^<9O$xA3N%TJT(<e(V19nYA4L`_}(%2StO9ULJ4dV>7#yCg>K{m==<lNT+C
zE`YeItl4%YXjK9^*1C<9SNtvM{5kN|OQ&eby#~YbcJgI!aCyWFR%w8=qQy}eiNi`W
z&{hF}0c|kWyXX&Er*25Rbba9;G!CPCj(Fj)*_G$o5y6)r!VjL8gB4TwH2C$?RbMkm
z6Ay7fI}CNZ)ib@vFzRoRTSpg${D;@oQ?!?Q*Ij6AVJ5O?u-SSE&WI<UI0pniD;cX$
zQcEfa47HSsh%xw33^$w}54O?EUG>%C{G+nQ&*)hYz;resor)}#LsfUcXWuK*ccm2E
zzc?U7qIO<6(ZkrGwg+|2sB3!E3V~L%hLDAhOGNuGr)o){!Y|<OK*#EdJL%;r3&DFZ
zz%Y;ID{KMbpY%1v<&Ym#@HHAj_-3G?VAJT)rS@$wtr_;^-@k(TQv|xD>LI>Kp>33y
zpGZwoN%)6S`GyW_IrfV|^E@^vt1BuEU@Lae!PvC2Yl_z2VAf<ujWD7o;^&s5Rl+LS
zTuoAhSEV_MpdZ1!vzPxs9xUoo(#qKTD&9hhW>&Y7%kx3I&dxs^H=j#Hz-<-%-@JSq
zyr>lnYp%gh7;rO&M_8~t!jYoD#NRM?mT6|avsnWe!@;e|_uMHSqz8h$=V(bVB94wm
zyBw#;FRKYok4K6EkD{$!3?<E9@6~NEEIAF6&vxnQdael2>Sq`X_Udkk2k0ny5{-*X
zwIYd3Nwr@C8UscLB?x<0hv$DhMR-dTPBojXOS4EBUs;1e8~<h8l@ac?hQVl7!JsZH
z`7@=|Ox7X~#zFim8)~rtdmm<_%*H6fM2l=ajpFbzy}_p7o6TW8^Gk*isBLg>vz>UD
z+J<A-^aP2*WrwpCuY6e<OygVjpTa8}D4W;9G=Ke)o<s>SFGYHKdSzwh{J`vil-QDb
zbHWBfEAq1D$0aE+qt*sqEwS1JEKO2pc??a<$6Ox^45OTgI5DmgMF^jN5<TgGjZoS_
zU7~oMmux#l700>HXPQw}11gG^RDm9suOOPQQ42NF{df}EBhn>1{8rmoyx*!T`&78j
z=hTb&SmYai89Yh^GPl>IIdrcdA2rU;#>u08Jw5s@dsFyEXWC-#Jj61T1eieN+Sz&*
z)-cbprDO%LT<~x~$dGz<UEP?U73%p-O;~p%f%|s|Bx_qi*8MwzBHr);rx=#lhRLB?
zjQ76z?--F$tpyRC5V|xMQ(#I?9{$e8z7Q179mr=+-zY!4>);s0KF8&$TZom3@9MeG
z71}o=Ytac@HAw6sLe$3~cA(YJ6U<pC<`RVJIarf|rGw3a=w5(3c~Em~R}@0>Q!6pF
z5u89F)f<5hz{KMBL>C(@W$=#IyVGCYGin`wMUl)={<RNElkT@-X=6wZ(DQ`Hf)<h$
ze)Xq--}pzl*?mO-prNBDW@VN8*ETR?p-`V-e|=xSRkzcNh1$QZT~Lk5%Cn>cA4cyU
z3b^>&s~cS;doo{?FJ-)XEi%350;_v=zf}oaIH?J^<FZ_5;lyzN%6BQPrlONT-L9Oa
z2X}+)neF^8ilHU%1z~H1O=t{eeIhzN6MVErA8I^}^O5sLIm60E2pCr?S_XuTbEG|<
zv8Zq*)FwQ@fUp3^J-wYy`|Q~Hd1Q0)U!krhgf+8+5#Km+qrFMg7H+>vn;8wsi*-St
zVM)J@(>;lx(>{fCKzKkV%dE`;EsFdv_tP42{bei(-m9cwG5|kBt+=76YySC4I<usI
z<F?H=g|TNwYA`)l%h=E+6n*LuT)#5H!T{{To~$R8Xvb0vp;dVr#Ir1zDT1N62$uT-
z7}h)uc57|9V<~32?PoBM`QjDd{W#33+z>>R$gzj)FJ4-c&oHR=iq+}3Kshgt2?TBb
zyV)<_&3AL(XW)`j3PyY!gsu4l<=n$NMm})yKRb>6C(t|mcv$ug5{{E`S6A&}kQxX;
zdk=+{s@5<0M(fxU$Y|I|H-$rKAb6Fvr5^<+h60`Ix)b`X7r4(kWrpr)_UD%{_jkYU
z9roW#nH(|vEMe+t#<1m1iy=*9WAjNp6h?73OjZ`0*rY>zA#Em^eAI{JSLuJChPa&P
zpQ76|f=5)6QmDPyx2Y`}iX><{{xePIo45}8#%dZtKQ(FzZ-QH5N2LC5GCXsNViE&r
zQ{#W>b4Q*F&I5_W1P9~67_BTVBO`+YREMu&)a78|Q(AZR&p4L;PX#uJ1BZrMhCw1w
zqu@j_6>rD~VaA2QoS(w6mp<LR9&O(@|HaLpjW75TVy7d<d~-?(b%M)9C=*V{Z-7{+
zQG*Z~<)~wF2hNL<OSxo9sJyLYYGB0J|9}uNYNbvp8X94G>CjEzJDQErjR&Rky~=_E
zL}?f%hP`4&zkC9#3l|x8GC-R^!DHP{An?FDR#E^mB%A6Yn_{H3L$shD>pG;mTUGMo
z>4g6aBvBIOh|0CUuz?J76?Qqucxa@EovN->(z(H*Vi#2<{ybf4YHeu<NS}Um<WTT$
zjcI`PVidshr<n5ZO*G|v<cvmO3I&+8+7TyDS^Xkv?H^?}yrZ$vpD~CJl&dl8)%I~O
z{~kJyvb=C0^W%_WZ88-HN?0&}Dg+{(oRf}5iqEeEoZ4~PxPmTM+X9~F_sF%b*Jubw
zf<mFzQRPn-E0~ZcqVIKY42Vngv$T#lN<x8I6sVCWP|)GMfk*OOyEG)$5U+5d_n-d~
z-M@2ay@BBAr!d0}xrQ=H#omjXPW^dxL?4akD+&Zz5MLW_{~8!@{4!!>>&RWh5vu;T
z#|$c^7|JO`W*6McZp^Q8oS%^3jfG(?P3MRZs=|){rx}E>N5t&5t;Wh6W(Jw{eH;hV
zh<ms=<SXzmMs=Te@}0){y#G2qBSo8ku0iV7-G=oh1gP6IQHekxXphllPzTX|^pEzJ
zx`p6j5z}<JW|Q=sn*#>!ogfdSE8G#r4DHnqWuZl0Fq`M+=kOG#8T%fr<C5`x5%T+G
zgxw_3!O9qhwM2sRHJNXo#IsQb*ULzMV;&Y<pAOIfsi8yII>+6%dE+r#@tGlS6W`W9
zC_&cBDbk(HV4}P8izC3v3|MGJLAyVI4yNQlx?SFL!``fhz#(D?8@I0MnKOft5$H)i
z>c+7~o;Vj4uyt>ug+4RF#^F-o1aB^LtB6-?2<|`NX*snlM;p!f0`InfDBOUi(wgt%
z#zgv`+^X?JG1W5BoczaM>-eoI^#2_`qQUR)@9Er6^Z!<F1j=LSXxW?Ou#{4dY>!ob
z!`~SIYm_z&3<NW(Y^<4(deY(!Fr*|@Y793s&o2X#4PY|b-*J0Eygc&aUAyv)&m6mY
zw<qn6>J`DtpT$Cg%J=D-3Bl*(Ago20@{7`t!knF%^eP}uVHdlM#UQ|J(11coDJAa+
zrl&86v8DG4g=DO`yD#BR@SZqfbVAf!Nt1Fw8;%NGBwqe*?um%v`mLNCgrN3sRT4`^
zGrxs>?Q_aOz}t9l^8oXNCzl7sYT2(PeZk+?FE0r9R-J)<4rPm)q&cd0%iN@v@FMf8
zMoR5>&QM|`=;gR7^N}X8bVMQ(3Cj7+l`-4_>9`TaAV`9dWSiSuO3?HV^*_C+P~r9X
zApZGC4V?7kHY=(qvREiQAC&S@KWLd#KUHBGA~H?~MsAxeCx$^fx!^6l86!r}6+1hW
zvYwT=T`XiQJMZjj3ocQ0aIImPw4|N{tSJha<Bw}EM;;L=X=ZZr;5G*a0bX7pmc<(E
z|KsW{*y@UQu2I;y+s56U;#MfSVdL&D#oeJmad&rjcZUMS-5rV*hvHE5a?W?`y-$9@
znk#c8BQqJf*g&iU4V*mN#rmrM`!oLGax0`TsK|BkI^;NF%=>lpX@elGK%Hks-}gfp
zmatc2KP17U<oDJzWay8@wxj~tH*w3w=-hKl3ahRDURK=u3<(zK(uLRgkXFi7Nwg*_
z5lb_uG5(puL~uFWn3nkTCsoyKhKDhDHk(<|CmC-e6X)Um@}A&vut=56%g=bMkwf7j
zC2#J(-jJL;ZAw~7p{|2bpteHD^>OE&E1vweqL{6D6*|nX*j0Pq@9z3aj{bqD|NI9o
zh%XHE9~Y#gjfKiTOg#G5m-$K@4W|Y{7d_03tW;h&ljwaZVTQw$r;ut}<d?r-d}?Cx
zQ66N5g$2z*e6DbzSaK1QlT;uxFg(S{fZ}_CjD&%Mz5;wE_gcM`CpikKMB#g!2;MJ2
z((uu%I`#m6&4-Ao3`|s7%esGS0fbA!%43@gdr1KJ-AX?38sKs+^O)Su`qcT}xiLNV
zMCkHybhyZVC9}kcCK>Cg<Ne>8VZaBo_JOi4iuuxb=e@!;X>3L5$l^=q;2hF*i4?2m
zORTWCTIYeHme;7;--i5T4^NNlQi!Iwrj+DcAY`hA6<pru_i{^v>Ul4U0-H&_P#lMz
zin*}gk%@I?=bBL;3z(o{PXY$0N_WG;J2D=FkrJM13gnoB*9V=|?>H2TWOURS&t>NK
z;<FF>dm%w9O~sg`J`F@Vt*N_Z{@L-VsTFOu{0{5OD@TX_51IaPqkGZl$!r>+q}kZy
zp+~<W#eb%WY-}-=#JRl3rG6Og_=6QQX*A#%pCj&D!9y`zxGT7-;DR@SS8<)_AXCtV
z{T966u^(A5r2n-n;Ql4vTJ#ae9%B92o|%OUAGH!ROQ}4Rv+-UjsGR-eh%-dWm3a>I
z(Y{)3s<E(YC&Jb9WQ!sG6|2jIi-N=%+9nF59y1jR=BV%$C3rJ_9F`(j@sQ&!C9fx=
z>9w}FRV32(-*3Xp^6i7i!%|_h9U`dG)4{o@R1{VCH`f01ixiZ$dwFei<Crls7(%9;
zkIxsuy%;Gmud0II^l(w5+wS0DU-#LS=ok#cklv@;y(O2a6&VL$!$79ux0MhPm+$)m
z$)_kZ5*T^D8evb`A3dVj1kw<M91*Cg{_r3@tbm~Lb-mEM)J<J_SFQ4MPXT?-Ra=L+
zPMUhPK%+_-=Hd72+7mXBLgM-*63u!SjIHlNSg)ZufqS$>!9hiMPV)g31`;Bsosi9b
z)--SN)fRnx9-9)k^j`K6>Q4Tgi8I`cOG$f~)PoKy8IHT7fsSY4fpx}LX0o}BuwU+*
z-KTBL)Of(<|4eBA0m=WoJNIJ#Zcr`oaTtYAq(1d96RP~Q4p(Dd-_WJ{2m<hgz6Wtc
za5$q6Ha+8@;MA#?^CG5MdWd*<zYO;T!%r0n`sU*Hs2`L51f^Fy=u}xyxKGOEo!mSd
zl4%y##R&zZ_>s2wp{d^wV&1ZGGYAq9PDY(eT{rajO_ws!HxGp%3~_rL-}f)JL)4gt
zQ;{8_C8TNh!M$j>EV<dZ7_B}3WOdnxkIG~Xx{^7!u*F7afJktwpn`Se;<GJ602Oc&
zsU1?SfCTii(&dQ6?%BZd`M>_C^-kKb&16f`AJ|jjvbED5OuYg4VAffk#O-g1H^OJp
ztJ1Cp*|)64V=uG_(y#|=X#auZ|MqOd+<y?p$ewk%__EY(kX=k~RG^j}473%+?9m+B
z-4`7RLoy056lAjhGi-od2JhT7el=ltQxesP6-{pi?QqqUjTq$(r}C}Nu&tOA`vypG
zCT$(Rd9>U@URoSGkdo)3Oc;|s?!=k0ryOT0#A<+Bm8_?QNGeC23K}KM+-DSsRx<NL
z%O*^hZ)XZ204oU(*7wSCG%TF@jFQ##K9^qVqaBQaA@j1Yi5QR7m@4M)rm$0|O<6fS
zW}T9%+#VF9Re-+bM1}8eMIcqa0dIuJIc(d0npPKdi%#pg=y44!XX_LEmh6hsT3E-U
z=)lmh;(lh#b+%mD)*_;$E;7ISBqiCs(Nt^YjtfD2Zst&jR$9)#59gnO+(&tv7IK{g
z#@Q&yBCMan@!*I~ZQckeFb+zbut9)uG#n8VG7P8`gC?kt!A2_*9Of7<AaH@hf67&u
zVpzOpCC1EW*o^F^D|R|uaVDyYdnX}f1}SiLRY!{s9xUxYhzg!05vxJ>hZ9k!F!9w+
z^$xAR*L`}66_G=tgsMZ6rUDn4<QecmF$)Dw%GG__9Ql1`vc%H+=qeM}>!2c%pLjwC
z>W8N1_S$Vle_^=3n$Cw{u{~bFL8Q++yW6|b(%Bvv5siK8wp={+3pZB$tfVE-m-Z8;
z13w;&d`7}&23P}@7#m@1(@Y0~Wg}&*l*Z6ineUNp>=5(23L@;Jz@JKyPy^Ot(k+h?
zuthPC4=n-Nmjok@r+#ZEuuR$=7zmE21GIIbUtmHD-k-ha?h^m&UEA;_y=V|R&`F>t
zAYTkqQGo-gSg%==;@_O~B)WK=uXprEVT^46WC}4AIx6Kkv{o8@+|TnZ5PP9~Xa~sg
z(Cc&J@@sCHP-@(SV_0%@)1QPrOSe|iRls&y4E|b(SyxiGGYX0lhU#E4+9y-(Y147w
zfiD6x@|i~Od;mJ1cnAbDh3BO31cOVQrVgz3OoL(ofdmSf;s&O*q>%~sOQwcp0|?=S
zqy*^-UDnj(O8)me6P57@E7!j6x5R?nmmN8$-1`qHSRGqJy_BP3W<C8Fwa)-NXHinl
z#Ub(qbaCY@j3%GFD?dN>n8GlT_UREVm!!&M#sWp7N_w;W+w2WdxLLi_f|wQkb72ut
zc+V@#Gu-W_bo6oFayBWg5$VPTGD0Ss*udA?8umix>5H@n5Ha^mM3aF%Z8T|-!~cZM
z5A?F7H&iDJifn{n$EM4Sw2aFe_>(##cD>&CN%{&BfZD!gQJSa`(1HVrIKV~2FOOa9
zLz#R;?cwkLWGj-AKLNA8G-l$DA+hv3`MMmA8Yd*a2qKIK%=b-RlBLy}u)sGZ-OmK1
z&95(T=gsLt3U3bJGpq3k`Pd*53L!6W$CyW5t&|)=4(;B5)u39XO2PofpQ704CA(V;
zVu8Hpp<BuZZ0+~p6=3C*wrVbl&{~p7`_^RW)%~S22j<ZT(O^s?u2fdri~9HwTPBM<
zrH2K>CxwMH=?ZNvf=P~{?2~`IP!cKV$KQj;5z0(8Zn9~5<6M_oj1SH*Z%G$&^B7Rl
zugC{fdbAWSG%dLtX)`}PS&Je;x>FSom789TUM;K_GIHgt339_i`P|f#m>|7&s7a%H
zGFDxUj<FUOEJcT$GqT#L;ttUA^G+$_wpS#(OpTX4yvCmRgA7>2)g>qz8WViGem<%F
z7a%VQi~ZX3Yt;QYNc(~{FFf0}cv?J^mKUNVBG5Cn1ze_Qf=Uj|IB#&buQDce+Q<%j
zFGltYNc;-hF_to<SLm)I^V4QUlafWZ6XZ_8jJR*`sWr^elM{!BvFMW2{&>5u2I9qt
zE0-A?gau_R6Rk*xFUQd$z&EY$9CuS$P?D7O)}$>UM)fxNT`y6;bl5Q<)x08nB#vSU
zwFpD}>tzb=U<cQLFFj77G1nEz8zqj?Uj#ji-d<Ma1rsDCj9<!H$drRc1yZyQ(thc=
z^}MY^Uk%gSv50=157aQAIdSYN#ihz04mdJJs%IEEESJClhE*w&fnb{SBo=+j;qscT
zX#S4*%TPSpq}^XhyhE}hvSvYu%vH(zdd(fkEeqmBW-h{2qahPX=z&F0;Yrfctwl0`
zwSnT$TuznYF0vvAzOreYgK>trO9j7WV`JozNtC%OI~49}21ylb4Jy-vg8EgY(oRhJ
zt4;LNy!_zUB;&uM2(U?ZRF5)JB2ISfEq|EAq}d0jIl*BL&dvHK-(CO77XKg1g1m_&
zofg*<qpYwxDU1Cr*3CtNQlhCX!H>tWAk7jEMefWb5)e5-IMf3Cm<MM8NTDD`;g#2s
zT3HtH8KOkhvpFa&tVr7_r?%$)lv>m+L&y?ss<6onVl<^-#UeG^RStwfiVE=0`s^A*
zC$eFQ2P5K9J|d5r18`J=L2$sBL0^^7Q_d5<*3r(em|T<gquvfD1GCc?VL+M*z>`Y;
z`cdm+*|>m>IfXx%S|O-R)|Wd}zSnaLLPzb>_L~Y0gtqA!B3Mvi`=wy5q8w-}3O6QI
z_%~2N_~A+;FW$R(S)&HD!NWLHYk?GU$0)3%1P7o*;>!T2Kgc^(dG}%bg?G1;l;Ubh
zRyDSEWM&}P!_Q5k7+nE2IT3Y!ZrRN;IRi_Dn>*7}*j*d%BrxpXoyc@^;?BV@SwK|c
z1u91-RYxI@FeTN9TQELEv@I~4wUkk%DGR4<%0op`;UYRe=POJzc=NgwGI#@d)-7BK
zoD5$}vN?qvlnr91u`DUS7SjT#n`wY<=RwpQKO~j>;qcR|G#NfBjQ`>(|KRm?nSg`$
z1tp;QC>;AaA}{?99cVH{Qy7a?x;)9c@YZxMDH10syu*Z)L~d(-*B++2Hq6CoadhJX
z9b^t>lFAnQkmH+Hbc>HBOI(d#J`mhmiJ(xqaJ}+V>a1om?48UiH_n0fwvk2@;OG!%
zN4!;Wfe^@<+^HA{-t}$zUD}IGuMiMddAh-)2q`l~;GW#~YXMx7o3%k`b2$M?T`qRi
zC#@MB;Jfp*pGB4O$u%fG2A&%V+C~n#c~HQX+?*xdlL)%!G*F+@{V2L=!G;&_Qjm=r
zi+M7T)q3+m^XecqjnxMCL-I<Nr9{r3yV@JTl|pG){h^9i$$c^46ymF`PXrZPNvO;|
z+@G8&?O2;_sL-YbU6$P3w7YO*b};$%>zza67jti#zzH1;(n9}9Fj^7GqS#-oi-IgA
z3TM~g!@?svWqbdm{lPvNs7U?@5BDVXdOM>@$BoA>&QkYb9gZH6#`S0=O4zvdVe@DR
zR=!z3+hTIwzsOp9XBJL8PROGNCV%-;<s|+O0VwoaCBl+H?}xIdB;J{8m_;XR9gsK$
zg+>rtVt;*U;~YYB#fVEcqQGO-B7*kZy)qz+XIk1AqnLu(0-I9Fw&4H>NEIx{f2eD%
z|DY(kiHoH2G6dARnU(%@exss_CP1J)wWoNnc<u+S-1X5ODeD5v6|3mAcp;1YA0Ep-
z;{aJjoh34xqMsoFFvY2~f6EBX3({tUHLyY{$}j53FiHvFc{!D8(PP68i}WxdMIj07
zOobNKMDt1<k)S59s5E9}&|9-N#H@8G`0UPpVDe<_M9GQgzM0fjQo+@F-y?1S<w$w#
z+8U^^v-t+qC?{L&Hp5qc)%2gq$qyVvftK=E>iFm?sU#JKL?M}Df{%y@2Fm;klq|8x
zf!wwgBCy9cjf3R=Lp?awMH&^jo$n)B@v@a+u*wXsd&u70;zVb(!;Qh5ws!YQx?2$$
z9k8m4+)7nC!L~Xwb?sCBO(Z|#MJZA9m6W|uyVIhELT}8-VsuwTpuRQYnyqNLBSr%W
zbnrqsd0=!}uqg$(AnT!D|9@0Pu~#=u_9}@oMYq8_4L%_XT9oGFjRQO6T8kzxa63q*
zwL=CXgU)kQl<Da%;C=y{WSp<?C{L-r8{`-6&~+aVz01l2DxiTL5yAAS*}Z6D7w{D5
zI<~Z^E+2~P6N}@sAj^=9>OH&ItiRuan~lt44%seD{>?owlplkEn-Pu*rP|iO)gF)S
zL>UuI*q<jSOK3~cKwWD0{mJmzV#`-SDzmvqx)r7g^feg?upcB4KQ92UbZe<>EO&t=
z6%JX!i&R6afdKGM*N|4@jDJQjZMg1Gbn(F7%6w)riDIEFwI%z5<w4j#wwQT2b(_5M
zTL3XwEQVr)Qc~LGw`K_tlT8DCn<mCatcO2Fs$vewMP<L+QwM6U1DIf985r3XHo?C|
zXj#`}5T#J0##v#wo;kWxRq0&V5JBNQw<5=qkx4YZmI3QDuRXJ}P~cr->;5?|DK$2r
zpPcSw7SiphK2m_kl#b#HH8#p$C{~{>ihXoevqMwHsLTX$$}nZD1m%W0D?R$BCTI*?
z+Sl+Vsb44msqcLN+(FbEW&0Eo90*5>Wx-0OA3jv#66gEJ-1J2yDCs*@=8WBR?qyGw
zsWA?QC4)fe*SRUlcWOG;_;D)X3W_Djhcb+`A10rBymmZQ=S!F6cs7HqYrAozq@?hC
zUK~A~SJ`d8Utj|jZM0n%AhxqO;)D#zn7^Etk<;4!e)wgwo|HQ4zQ=7E@e2Vm@+=b3
zf3OUOz=DE*)jT0as<aK|&sevUyer!rTyijx049yNWamj!*qb<cq;4tt@4yhekX6hk
z@;jAZjN)R*Snbiq7G(R>xlyygu*D39<TO6z>?Njy!x*~fQd3vI&Oe@yyU%EGnHmuv
zLw1IfCwCr}YcxSl@)Am+`q1j?)UY^YrCbt>Ab#@62c;<6Qi;q-SyXxvm&Q))&Xd5A
zx}mGAbmQ~xKUhd}e$!$;Lo`WAY8YW^hKEziNs0sQ#Z55O`m|9s&{R|dv%=(rEKhZf
zr7HH-8cZFt*XjegH1*)TzCiYqu$ky}vi8E`1^cWYMqDY?n^93wrY)newD^I>FGlr)
z476io?8(t+M`6tDX;1%C?3=lP!Bv(bP~Da{&EGF5XO(%hx|KM8A0h1%bTQ5sFNiXO
zzV?I`_3Joa!<5gHz`^A6fX0Z*sPj2eqyl0a?#$=*iY=q>Dw}?^OY!bSaR3b?3xBn4
z7)cua?1CxFKaC1%lrNl0LE1_%zCHa#+D?o(Q>dZfosk^;^}P*_?Q_I&k$N7En0PQ9
zO)->CA}=<UTY^KqX=TEGytu>QDZzkgV7g?RQv`=3cLBhne=xyjLGWfttv(P_fh%N!
zIc1!m)4xzy^*)-3IxzLg#Et*V)^(nLu@sp}7TVKp$%H1a-b3(`o2QNe!*xusg8U?Q
zh5<}!uk}~3uFeBV-OgAw7@GD=b}PaNe&9s^)`Uo1CAw=7+P4c0b6)spS8O1g_I4OX
zHk)G5C>V<6NwksQsML6uq}5!xko5OgF3oOBIQ3e_p$ua*D~lxbTur}$e*dF2Mv`uE
zo){cN34qd7CoW_&Vt9iWh%~}o3tJ`A?W!R7!R>4Vi;$aTQ0cXUoPM=$*zXW#1(uE?
zntV8!ND1<)pKal81xSAPpC^Eiq^^AhF_FBhw?)ewElHw5Gjc02bKDID*HVJNpb{OD
z6Shbh+6s4E;msTQ*Fr*01WT#`@+W_FFEdzv#iADHb+?YNFcJ3%5iBfv?j)do7Zyt=
z9&^*9uB_d<d9F_gdq|j<_qA!(w~O{$CF{Yo!q_3_;YrEWBp!78JbO+85luRrTP&h<
zu_hq)f+*{6+En={2GI@Lr2->}ScH?8YPqpe?YM0wu*?j^<~3ZmOM*-<=(j-HF`2sf
zQ1zWl5Mh*<pDs1bnT03)M+=UhF!qfykqs3un`hQ#vRxl4k_gSQ@HB267JLUh0Ok*8
zik)yorV^y_QKRgWlrS!kI|~9QCtkBCSTCfY&56H9rwMWJpvNV7Hae+@g;eA#upp)L
zfeMFZ2z6_$dE`P~1K$Of$;W+uFeK1#dE!#X_`ICSS4$;quhCA1-pso-Iv$b8;X^2O
zD-PPFC=vz3(Ry2E4P;0S#dMxnEj_0WsnK-3m_gEBx2)bU&JmZD5^NiZW1;~P9L%Hl
z#tGZ>%yn2glV{WxAcA|s#JH&ZKa~;4XaK>tb95Ckm%I(#ph|=l<@U75{IYZ+Qt2mn
zQ>G-6C&lcXfT`Ba03&nx{)l23dIsd(Awqlc<r+O~!%R*~Om+?qwec4F^^k^ZJ#aqO
z##08vMCRwzl-TN9YzYH1oz{N2Q!z*z7B3gMiv|2IW2>SlzF(E3I-xumEa^K;kU+@`
zm4!#j6xfe=?;PNZRJs#FP^xVBwFla&JWcWZaGkVeI<y5qyKKU~!NJ;GA1h<5WnLj0
zrKHU!05?K1oLST+kaq@U)+wa{OhCvgfIXW>cl@2(L!d`$Oq}6V#)YRWw=_YxrUuzx
zjxjzhOG<;FX`^YFJfy=`B5^2EwO}@hGs%9U_Z}3veUhWVqDnN2@|pU`A~)PCsH>&2
z00?3m92q|Y705u10&R*dQiQ?08i;6)vir(x%#x+GMbq7nTT!P{l)!p!^jYRpjG>|p
zruX|~s#=IOb%HARr6#r@+&!T)%2wF>Dooe@q@acjZI@!~hA>x9twNN%coxHkT755y
zW0ec)dJkPq?)<-BpMFumywUo}-8NInmmHBhrmOc#IU3PLAg@en?$zZz<l6TtL4Re@
z&Ud?5z;Hg86r;hOt?jy&9*|*DI4N0Nnyb|W!I({E1Q*0)AHDTacTq=?3Xzb0e_`VT
zncbc&M&>+lRf=kzS&xq!-g)57WEV)j6{g^dHh0cwt4UlacLB^(7La)xuYr&3=tSZ1
z!J65K@)#F+up#|^V8t-$Ijrk2@t4sa{Ly@*Ie?l!ZM#Nq9GUWoBYxO+8Wj1(v$6%b
zln<wYF^P0puYr6oEx*4AfFEkFUcDdAWK}{lJTKwcukCwjA6Whqvhx}p3w7u?sZNk~
zCvH6(w6l#&(k<skiy$GSb@e`?y3JqMVKg~WD~5J=X#Ig=n;%rwLJ{jDuVg;+w#<~>
zS*y@d^2Oh2H#l}KLDv_n6@dQlL6s6BR*ah;b<SSd!#2B!{MRYu0V-3hpxIpgwwg`%
zdc)abq}gn+AhS$xqowfxf}=i>f1vaPA>WEmVNc;dUjY9}fqd72ytjVQk=0TK$YC&L
z4jFB{ND#_dc-lcM)E4D}Z<;Rng0L*wo-N7)AA(OoJCZ0rTO)A_s+xe7$H&rC>L4DB
z&u%z{IuCYuqJpj2K!3aSF8tCQH-e!U;!0je!Eg6Pc0fH7bmS`iR#Zax{i^-`<e6L@
z_I5rBU)K^$&O3szpfoBNebW)_2MI{5=$pc0BaD)u*|^@u?u0zNKK>WWhigrj9rz$1
zVT2Fm6S=#bc)@}}p<T|JxqrcdSwSS~S1oCGJceBnzgvt--5q26s>_*85Vh-6R}W6I
z!XmRvp$9iNpAP+Ro#TkWiPBdZl!(7d4MyZK((B=nn{Xd3zT7}I#MkNt9jqVjfbF&&
zKJNH}`4frR`gwF>oz7p^4;{VNfH#~fgGb0G+LYZh6@{Ql{K)iQRfE@SWJFR;{3RfJ
zLWT;8qOAk7h%bX`2-9KB^)ocWO3jO+Gi^G<4z&b#Q2$f0$t>>8hqIw7_UG5x?k6nL
z35$b(41m~qv2h*Tb#^A2BK(3G{I`972cCDk|5L$ylnasj1_Ir>T1><k;%^h?S}}51
zG(r)*Qqw`XaigGM`@`>n*y9?8!tcJo_>#Hn`t+^0(|WgaZP{<Hu2lAG5#ml=C!^h0
z7-eBdC~*EJGoL8FM4Tku9g)PuC=X#mV}#&*+aAji)K6j&f3x6&2_Ny<N2O=U)Wx~V
z=gr4b&)y(=GS~<UQ+TPxhh9)}SHN>rWh!jsKN*e>r0qKZ6=ew5ByCFY5L1*=l_g|;
zHE9{@&!W;5_m6k-H3+v;=FRxbUF%<bixl<cTV6rtqy7974pnb+?_P;K>G952%A}D*
z+nYI!tfQOo7_A`G=L(}~zG!Q01HGuhKY~HnJ$gsWjac$jhd1tp$eMpI)IGAx!yLgb
z!AJKIY@jgt@0sumT>JDC8sSNX)IE0|T|irv1*Y4u9$SUMr=0)t{6{(E?Kl9p)&-0L
zUiqJ|U~oumuhdI`RydVaS#8sXp_ue?%+Y#h>-BswQD+1I%RhiOxmj62T~jrvKL%8h
z7Y9KafZKjh_>BCS&uLE~!|!3smr%vv8%jEU`WT=g=1EcImp38k^rNv%n|;kPgJFZv
zabsOv*w|Ed;bWsIJ#rpF`5V|8J8#Zy?OkJs6F|gfh(1%YTdfjqu%SYSlT8;k%5_YT
zXvh!3`znH8qjQP)OpQS@LQ!;qlZ|r&%g7fPB<7@K7a^@=8^d3Dj#;IYq|@MvWwqoR
zF|KeX&E^a@7_H(LZVNQTBeWKi!E$}~w)5yJLKCUtC34dagy&Qd7!5(}dZVwS>Xjcz
zBMI4HSEQ|t?^zuyH^D<^tx`56{Gv+e$x63HjazL@Xfk_$298vjHK$Uf+_V{j$T$uD
zDX~muHSwS(;o|w!^FJqhuK16WCC@a(qU5uYU>JWcE3)6FxS+OJJBbjH4V@bKvlK6{
zLVvwqaE5yy??-3{4LyokElh;#hQ_BvL4bu`>N3<un%ASI?1VVgdHF!M*$(xax)_;z
zD?;|92;21!l4LU+`Oqh|zTIMB02M}ax+V3A#<sM!2YjN7x<isE?*_&z&prJ>4~D;`
zq5M5{;(oH=G1Xn$K8dSN+dH`v6o!QnegPrQRMo{}xe#;_ba(P^WTm@fRb7FtaB`?l
z`uGMvbr?Dr)dsxJcW}fD=}3<RJLC{{mR~PjLlLfG(6t!}4dcsji*C?drq?({+Ppaz
zg=M`NY|?}A;+CPrLXkxyI}vVhYyFpV3U`aGC>gjoM)7VGtf5S%aB3wIDtY)q)fX1y
z$j%y<mt}G3jBUu;QH$QSubvG42N$eMddcBz0y>gF#f&+9Q^zF%V}F15OC5{W5D-^?
z(7w4=+)Y>byoi^6q^1CD0b7dY^73@VSKZb`der0@X$p1Kcno;aGib+b3zW6;y0GP=
z@#wzOR3?K+Y-;Q>>zdF+J8o!_$8r@KA{r$Bpit>I1_bE@FKYUMfodWNR?+<o-FJ~W
zcKV;t`iW$BfSLuZt<tqmaK;%76q1k*XPqLZ$rUUxQXeh2%y19bdArnRiB-|3KP2_6
z;CQ`CLY`j&VVn5K<FTSRC+H-OPo^CYRy<5g2Th)rlz~9StK8ev9z>KA{JqAWoO(n0
z<m%dTai<Dg6geC!>bYM!R!jlbj2L01N9pQ06=I@^+)`l5Qfg!^#=#0U1bjU269ZPV
zZdf%=Bz<;ke4ON=pYck<mUYQ1YK5r`Av_^;?@X(0Bz(X>2ZvuVR5O(Hi1U7Kq7zs#
z&XA{)&Gb1^vZgvFKiwAnH}bh4qSL;-V~F6Gz6DWI2?fB-{$f{QvXqlmH!O}vdX|r1
zF=@O;sOXVYK>~e``i8Ii0QMDuT=PNH1qYheo3(eAO)p8~67BjMR3Q;&5*($7y_73y
z>5J#=Z-wV%#2a@n?2C8Y(gkF)2m+u1h*b5uJNB#e4IE)9f@qw$#L(LN(xbk&(|H^2
zU<>9q=qN`*gy~{BYPsYV1PB$202C#32?A!}kZrlP5GOhGw5Q<bk!!cT)H?lKH>}2S
z82<h9RwE4KQlZc%Vr!s}W`8V|Q~OAEWf{w`TR`)#*wMk{RQ<4gO8MS{XzZ0P%S?ck
z$bDx)S4NYKh_~pM7(qKK2KPnuUT#)V=)2*Ouj8@`5+&uRBy$>fVXtv4BY5H+<ik#K
zyLlaiC)?Fq2r7Blf4e0LSJ*IBQu*uhdI+=lUX!e2yIq!7gz_z&^_Ww>|D_L!ItmXc
z(2Zg4UAe7Wfuh?|4+-cpZ8IKCPVV^Lbt5E-`<n1Sz;UOP=R?E|2^=8S#+(YRDtQTi
zj2Umc&IH9M&HN#s54&I)m}SEC38(Ft+y)`w9(WAZxU9?_e-%>qhj9G?uw{~r>%9;k
zbkUX=qNOrEKUvh2`ELEUov+N^CXY=No8SFH6iFQLWvg)0%rBTcM*N4Zxo38N^xu6Z
zt<hv8cyy{d4%Osd6%}Nvwj<JLU7i2|NcP=Zb;R(tI#%`{{_4p92<$wp?GoSpge!qh
zGoLac1ocaux*RZrf6{ECcXRw66N^F((iEW2qN|6VdC8Fa7<wR6+2L~91}g4p!6+O@
zP{wYIOpPBJ8X3c8D7<p$mcvL7Ft}eN^OE!jS5;LHg{T?qMqS+QnBDG-ryJxO{OG~s
zbpfU@Wd$cCK|ht<<d52l_=bKA2gy<EiFy1<RI{k~BpFB@?7xoR$tj2f)k(EIIhbi=
zu8Oe!Zt_PEVvm2Cah8J^4<b<HPcj7Ly}r0I5QJU1o<O~tU}E3kmgQ<ZY;QuF*?QV~
zn%Z?XE|VqasM`=@BI#zcn(}qDiAp(XMZ6vtSn#lQY6v@jnEi(o89})Uvn*`kJGHUd
z#m4imZ$G|`zHfW~a+lY|JcT`c0;Nl%#^YnHSEFO7JGcQXODwCjvm)>liSG(=R*3jU
zDAsAFK|v4lB&mNRSre{pnzFsH<xlx+Ht&H6#G_3;6x(K5HsrV=ox0#H#fihfiL4FX
z?j!jBT2^fDpr71iqEa5Yuxwhbg_U#<x}ikg&nX2*RQQJVnehPU_kDE0yh_-FSD6g=
zC_ynBv;Ye<VWlPTLX=XgQn5E`VZaoaXxZo>TdtCrv`zKUI8U`P)?{RZL5D{(($Em;
zG}=(i>wU!RWwFFC(-^XqKT0p3EDB6Bp~6eJP*ML`AITXNl0gFik|Nr;P>0RHM*N!Q
zSDyXMACNEh&Cs&SoTo&g*z#xpLOq74lrGqZ5Vt-I(;d3dj}7uGv;j>|t76rXEIMW0
zq)mR{&vvY;cVlP2z!VMc_<TdWa!Iqipl}F2<?p(~D~?Q9&680~MLg`qgm+fdX^Asa
z#45W)R2B%c5A(gYSsT8;*FWX+*8+OJ3H>xv4v=*<SfIZSty424w6tDS{DC%I)k2Q1
z|8kuB#)FKCvSUK(12lL|6!QO>9ysqJ36`Qw1mT>|=uDHRiVmO&+_JiDX~hIK6NBX^
zhqo>GZEK@6TdIg)%zud!nk1=cm&cHA7L6e#9~d9R!Tr65kjAAY7i!J=Qh;!j$ywma
zj_fryU#TX@=45%3LZ?D|xS{3)?56dNnD#wrt;@)pJ3Q>zV#QSHx3IPw%)kZ;$~Tt}
z1s{Eaz6qJNcZGKOmwnmCNQ1HoAj3m|nStkwG98Cjh1rCk#>|^+V;$!&CsQ#?E8eCT
z(TX#)Zpel>K2w6Glg*siRN)1GU<WaGyeRU1L7|1t8wHR_Z;-!|yr~r}&)6eMnP_2~
z0%>u6zBFp!=H?ox8Bsh7r2HA;A5~?u@xC2c)tw;@@YlnHam9`VK~t9Vlg?LSsjwhB
zO~kxmu-lu-7NzWHUJ;0wLE#iAwWkBREP)e~Mo>XgS%^o~<q%rPQBF)>Icp%WJE;-C
zKRJaTzLjEZKl*DmgsAwERN~g;v&hCS7=^GPNC3vb(qAYL%ERg!Ihasz!sTIB0Hznn
z(4MeMYr#Ws$G+RDT(;uh6zvXeqB$?0z_fj2+bmmSQ%evwy42UCRfb|0qZ({oXY!iT
z>V0$%qMLa~wuqP(_pR9jjWVJh`%}@6!`~lqLf~NWWN6*apSW`J;3@_C{O5<^%Hq|d
z{=Ci$?LL-sRE+*iPl!Uvbl+_^;34CvMM}}7EmoDKqj%c&?@Za9ese>^p`JEAPQXm|
z#bG^jS<yO85sQ<!k2d6$#RVM0%bB<9Xk|d&1)kM!w<95pryiwa21#r45#8sP9@u7m
zJ0E^Lk|f!A^$waub8B*|I~KV|kjrcCA=M!<@GmNY=3)t*iH!04kM(xJr^x|Tu=9W=
z$8KTz8UFY@U4^gk3Q@hE7XpvB<R?%usyMTP0@rbHQ}fb#atDK9(s-9+lcWHwC7%bS
zHl*ulK$q-}nFxMUiVOvHb-?0c>ZGhANr{p`*gfEnVuLac!9dGa^pH>q;CM<(2LGR?
z#}t!rGYwH=OxkOz0BEUXM2GnIev9)nNjV=v?GD;meu-W~{mAOvZ(-%LR1NwI%!Qjt
zVF%YPK$$YdpgaUmXA(7CC$MkQY$1{XKJHuX$=v=5;9vm!1uRT+ERq`<Rq!pKS<}WU
zExmu@5u)TNgHC)MNhtDy61L(MYd>TN7M*7AYu@i<KTv{<_n+-=pP5WcMHeK;i^W3%
zEtLX`91zafb>vN4+K_e<en)_!a@3Rb2+#lY4K<MqIKHF8STUwBi@52toR@_tW+)h_
zcMwKJE6mmTpmbVsX!0D<eoG#b@P~l0HXkh;+-oE?@aK`|PGlYz`{RIP+byh9$L{@>
zj<LYg+-Em7kkS0xRH%B^PCutn^D7M0+~TNE7wO!*V!EwgF8u`R78FD2h%MH}^b<d&
z*($`GRx_II^N-L_x2<Re?-NVYuO;;tF;&`VaXF;D?HtW34Rd|YE!J-5yTeM~=P+je
zWxS-2H@9H4Zf;3*ns56jRw8M=Kf!s17nbV5uiWga-0~x<gD`ZOUC^G?gCnvoc~m@v
z=Rcu!4ham&k*EjXX-HL~psm=gpVRe;D3Gv-vi+(%(N1}4jQAT-xDMqDtE-8}(<!hG
z6w3DqcCN6nuvT72ISa{(R{9--M#E{C3K=J%qXqR|9|!XxU8d&bN82NYuG|9P>H`yS
zpje1R8R`lKUrzQs@o-*&n`hTTFm~6N2j554c4Mu~tP-_xUfA7Yt{Jw2h43jMT|@$E
z(BB^|V}C!$8ZB`R2qnHy{uyQ!Tncs^vw}YEF#PE8k)oO6PDCCzqzxHaax@=oYEK*E
zQuI*ILY)fa$_cDXoLV&#@P6kv<rt*rHjEX#R|3?CBgcKkk_=<tD((LD#vKufsCCnd
zm-~0Z{L<uP$yT=&Rj0)!KRK0ny_Ff{>WWKHF=e=#VQcY6t{=0(+<mJZ;Q}Ac?e&Dq
zrRl+NKIN`LMME(yURdtrdY`2HLNlO6d@jHmX%wEF32I)Vjc$_d*r~9y94mX#-lXIF
ztH90v-s2G#sU%I`+JFl@$|MGrxx~!!dQ7?zuDXprXl80fpXlzdyYP?Y|NPQNMakZc
z*Gy9Kjm?mO7!L6LbN%iVF<4VO46+pa__kNK$BFscDU$6c#RI))sn(J!b={*r@-iji
zg}A*WuJ__1xX9{<DqDGhmm|L6p8vRP-#Y%Mp%B`UDimd%$#JO;T%S$7l`c=L;J5P3
zq030zGO4n3I`;OXkcnDzWgA@lvLQDBsSZYi@;p5$IhW%`aGTU4PxFWj@}c<h#Iq*`
zFthb-x7C>vq)~w;i*<vCYl3Krn+6r`ZC=7t7R+Uf+Y;X3kHH?S+=y!&`Za7xg?wo`
zoLV*P3ckUOc>rh=#$}zo9*DO~Zj(gGhA}gU%|xw3-(it}9vx8R*x-uB93g4xSOc&I
z<P40R?kNb#Imo=L&gtK|-tk`Fi{z|kSKwT#{J8s|p8jy~5m;(#sw`tN>a5I*fd;<s
z&{dpO23@8|8T?rFF7YU6Uz!pDJrXb5&p$*NhqZf3FsY&ak4-OjElR(VL(#R$1P2S*
z$Yvf;c^MfI8$hkjZ)M=967vTlC!&3S`CYpmL+nn*_60Igg?s_43X~@8$}#A@Z%F**
zRTHM6vC!4)1S2kS{{Mh32!r+eS6i5nYn5%iX1vqoYEw#o!rHD5!qb*BaiwEp**Zg^
z<P0mAQF&yi1b63xlz^8<7dPAkToapB0#0H<=;c^nKL=dwGlV5sU#Y}k_{%Q3QW8x!
zD_Hs5vS1D_{79`t*Lzizi`Nk!u#AiflMerUK28bZC*x%nez^cB02ar*O-?$#i$eXX
zF!FkFigZNj)by>h;n@@GDz#+Wl4Sd(yIrAhq_!MczcWzL(<mIk-%LmdQ?*-3kjiUM
zw90!=tKIbJd5mC@uVSV7FVxs0c^h5jPCl+VKx+&y4?7RXP`;tKJ@{VlS!?5+j)vB3
zRKm>!Kbsm63F)gv^W%zV=i%M*?B@j$2^Lf?+WVQtt?2wVF1%du&!=RB#}TN9{H7xK
zPXZ4VZ|9%CM+QVR(=jlJIcXP2D`nEh5QVcw%bP9AZGKL*hNYApUCOPNETKgBe%bz9
z?|-IiCr|TfC`bu$pSvYq*z{fics!ggR(g4)_pvW(T2)vRPxk*Lx4K^dW~7l@P^O-4
zHou|(W9Hs_gx>?3-OmQZVttTZo12eLk3k~p<e2FMa<q*p6H~*i^Rdd6G+heDZeNs1
zd;zxQ=|?Ybt>|U7Vwh|anpS(dA~>}gGdxYm%y+fM&oRkoX~?_7LcXY>_rwFG-w)k2
zoy|&F)~U;9#<LlRllXkRjWK;#8mzdNO0RCR9tVEkKe}r^$j>;E*kO#)w@0|!P&kqO
z(VhCk^N{QvgPzB~3U=K0Kxx>0(d@B`wqj8vFi#RZE`ApCnWSf8kp6kHm~3Hp(Hm}J
zkMSv8Nm;vMmr1W#?2M+`)<WD)gdB&trdQbDlNZ55BW@F{WU0*ThN9oOPDEW96_ml#
z{HN{FH(K5czAOO;M9E*Kp-d{P7*Hx{Ms6(?Ud=Xut3gfB<@?p}#ZJ96{7|+uZ44E~
zQ;4SX3br4gNQXR}<H3lQjdpzWowYPJB_34vpQr%+Ldv}V7#RlZ`*!E|z)$ZxsfxO~
zK`Q1`{qZS*Tve{@>9!;0KZP3tUDaie<>q7ONBi$Qo&ulJ`XhrLL%C%2d9eS4(_E~0
z@gS})t~#Be)A-)7Z|GGMZ3ZAzG@@!rrU8(Z5r0a0hM~{xBG!Lf{u0q;*O&77Pn27c
zeuN@Rw-DkYxO<&ffZV8@1?;ceaSV5V<4JS5%h9z|EZLf}#s;;EnZRZ^A~D=fc{X(}
zIy0h)-Y#9im6MaFvy?(X`$>CUT|#Kqa+#0Fdk_1TML&XRi}dsSw0UKPhjmq0sbBq!
zr{~|`k+G@4g#kJ*FKdUhOUNd!qQWkw%n4nLyNx-zL#42WG0?_KV%Nij$c^@X%1RnV
zGXJp0Qr_wwvutVuU(hevc$lm-`21qQ{-HShvB(LsQK6`Ld!7#^B8{1`3Q;Z^c+Gjg
z^W8&{{|WJJoPdMcx7m09mpOK6j;Oq4!u;k$xZz*EgnH*m-iBCy3xd?NrDURPt2zGq
z(l${Xi`-LoB0RLZ2~5q=5qH{G`y60$GCIvh4A_W*oag&riU_~_hMrK7UF9g4=VP1~
zxhm+%sc8}9h+QB5DtsT})FHn{r0Wy;TrjRI=WNcD$bb5@Y6P~7hyN_{dz-W+m?=B_
z0n&1ijs?lY1jH@E`dK|ZYnSdDrUEO?u@!wYmJS`136<r=S(X06a*oJeI=<VK_Uz1B
z_}O(b1Il@6iN1n6&jV|n1T$1Jc4hhymCo?3o7^Isss^!=pI~^eASG??HAz)9B_)BR
z78VC&d;D%+!c>xKoy%)Tk#GDYu6~1q$({>4-d@`=xf@<68#jSSg%2XVJeD=tCL*i$
z$jS*wQusf%eS*RI?Wcs7Lkz{2TD;&&9;HC!mAkz^l<DQI%<Jw9jd!q!%ZOk?VtnN&
z>Ei+rn4-|QK&$<4FUdq)`e*Cb{OyZu-sk!6fyrO;+{)`CA}f|YnfT~BRY2KaeCg%f
zQpTxKX^jFs)^;_)ji-M4S^E81sE#)$MOoMVYYWI!5Ri6_9u=p@!GSv*!J@zU8#6-V
z$I-)eHPN|o0h1SwH1MGt*<0^9;w=k<+nl82l{g8eUYT+dUk=InwP}447O)n8p$OW<
zwy2PYP>ahA?W&S($mf9f@@e|sVBCMCn16bH(N}BWi{R_qYBMZWX2=1BgpY56C1S)!
z1pN!us~0hsrp53JpsSuuTSbY2YT}8j-5jto(7HgAVk*#*=^6qFXj$M~`hvrYFacku
z^@H}5e@$CUs1?`K6jI}IEA>-}3%q}BM<OoVeFsGW&wq2zM^^FPEKv5RZ(iKA@4SOC
zrZ(-7#9@)Fd@Hd#Z~ENuS;F5HXqA;!js)tmh<!NE51>DTbf`=Q&?sqd#Q~uQdY=kn
zEfonrOH?PNf{jxx`YP1GBaB7F2~dBbQRaIb1N;E{hrqm^3hZ(O&&SE}+6J-u04L1P
zyjNI32x`vhAiu0Shb{C$vuJ24zyiyU<FEJnX=;Ea@g<60mMQdLJ4(|e@zcqEfcHI+
z4%Wda#^tXPuxv-;3PE1hE8tQ|6!f7*Qklr#5`K(N#cG?8lQi<pv>$JNcwS|Gq$DdO
zxn7P;hr!JV>SrSSY&lsnX7}En$*skmp_v~$k<sTC+ZF$+87f#WFV->b*79S^0M3$b
zdKiif8-#@c8J7}<>TaqSbDW{r;r(|+8zhfJyG8#V-z{2hZOv6krb(O=Gtf5JiFHwX
zj3x+Sfr}Gk2Ags#JugjTRbn*@;d5Ev`fpM|xB9;vd0Px0@+M($Jc%hpl5>GhhTM`x
zvIiq@_X@mO-L>JevUibJXW3D~XJuzM6i-=-J*leP0yF}2VYqn^tm&Zhx}c9{wN>|z
z%w&_5Y2v_XuaK<FZ%(h#R-8P@g-!F7nnArXBh79&;!MA8hmI6qT5D-he}<>dr=2<K
zry!dG^Tp>Ct%>&sl7S9x7!5m-KC^6p=A*n?0IpX%I3T9fjW~NO{(Y<(4O1vls2KE}
zpO*5g@EgD{sSU(nt2IYVdXUl&-Xx#_N7A-ozIJpxsqdSbvo_214oqX#J}ue3*epvi
zRp6;@<^)qyGu$(~)Ex1<BT9~?7#+sQmF-ssA6ytU*nXKt?v^YCI&+_+?YTG$J;huM
zZtCzfCVIph%l!6zwEX%z!)+F!AB1BUwPtnOwe6^~3PUvgVAoKyim$a&X9Q(6z1XN<
z6Dp5=ZVHd(siqzvY^N}!fwyvMC9c)`Tp9X5&P^uSdwaB(`_{4YiF(CiN?x$$ZHpz#
zY){zv+%coZ-01uyIRe8`5%GOdLtpIIC2z~-E7^tTwj(fA-7skq{<qGG!)3hWtnEim
zuuXQB<blrPH*dp!NwCZI8NV03x-bEAuWU;wfCkXk)sHN2KM?3*<+OXZ`7LagLbKip
zpKBE}xzSJ5^oGKmBKUW{b?;RNIX`0&R*>SvsgLoBxC13vJsR;R9jB|ww|qFXDyhC~
znGqa5^KC-A652y#q)|FQ864@}qe<<czKpw$_@kPi*G}C2albJu%i!@jA^Ey}#9lbS
zv+H(%5|5<DtKKmQjPTObhrQxu)I#S0v28v`T&_(DSsxaI4gfZGB;NtLJn@&{jC=$S
zimNp8Og<cLlMG?2rQO~rHvDcANY%xKg4YERCL?~1#1A<I$_?4_rR8if6Fp*sQ`Qxs
zUerC3s3=s%A-R?A*&RD=Lu~q;t*tjZO|0p7mW|Naa-Ri@(~xg-!reWNCpYbd(-7oY
z!G|ofz!_i4s`dSSs$ee;HQbZQ4qPu?V#t4)zYHbWoYn^`J#<z0^!m2xYsOJ_eu~qe
z?b*&}VN)@@wfTvB)y}m3iJ+}p#L7Ba(Qr{Jn;F;l?Z$w-vo0!17V<PbK$j;xCWIeo
zYG!hLz4#&O8=U?^5!K8M39T{NWKWQFYkb(fzWP;j04XmLpyC9%B&1bd@#E{bgj+1;
z#GU-^<1FRKrvet-`NDoOJ$?}+!_0J&;q_**OD&E<K=U6cLlwj534)E+6)l0lSUX0V
zqdW^{N){Va@?u4GRUnzbR@l-TK0mJFL~8IW&*=hmUAyH=&QVR@^`Mrl+FVQIA;m<d
zi*Jddyx0j;qh@1En=ytK&q;B;j+k=MUgG@YDAF_j4ZM~L;ZtXZ!{s))SH{}*#K`^^
zS@&<D{!=R8Ry<aA-Y8syb;-DmfRiVjEbnJ3tM7j?H<%?I;IbLjtM!JTIHemdp$QO{
z<g<7|b%Sf%B(=H9<eMLpfv9teBS8yMj&GJfA6e&*b7=OHn#sN^p(r;>?tmRBX$ygW
zwNAA@9~(xv5ea5zr;#18vo2fFhT+zgK(2SbTGu?x|BKdo{Gf1Xgvj(f&2}db4n8%v
zo>G1@!sWKr4&<_4GPdXsMz<d9;LnJU&*@)lW?B+nr6<NvkSX$(jr3rQ9LN2n1xffB
z*e#p>o3^p#xaQj>&Tn$vUr*mmr{wd^T1eZ2)6c%>hG;c7Vq^d272Dakzeh#9y)g0V
zgbO$Q6NP2=a-I4qFQF%`QoWjb8v~EM75-_5RO;q0Ju2g7L4<3#&-ZzKPcq7Sg2{9D
z19`*e6DJrN1D`uCqR(!!#CJ8F7yWwct$RJ4t@(SU_IW<+NHhUxyA_#9B*ic|k*_H6
zc@=*nNx%i<dQBL~UR7mG8izP$%;^vYs}fw~=uDv_W%y~L!Qsk8meeES02;cP=Y#k?
za2_X^eSTF7CUPf?gHn_y;H9IRPPZQUxZG1Vy%8$ud4<^85-z1WhEHUAPHRidu}-l!
z&Tw&JO2Lv7&m=LzB})4^JtKY|L9zljRQ|!(+7pc(NkWa7j7^XUc8QuImMK3Q_J&)P
zA8Uv4D!;y-*j#~hhoc1(CU}r2)KY~#+-vr~HHSJ-Z<f4mvwx3W6OY=?Xza(@_-jOh
zN;KBRp&HS5yt~G0*1f9+sF{#Zk}fp0!;H}^7sKBb$#i<EkUaCbU)Ge<HHXde2gC@N
z!?-tY(6>rh?e-t_HN$aXEiZF&c?u);WV9Suj_0_Sl+S$<L$0f8$0nV36BPsldG5Od
zaC6>2Hnlog0&|NY2;xIJXs;=@#jFbKFfqM`yESZ5mSelXq}(j@c?03ZoeyV&%RTp8
zE-o%~5LXA8_Pe!jC$;r^HRqZtIRQh?g{Gv=7`5I?zu5Kzs^IH%=4D}JH93lP32(U7
z*f5cpU<C=dd!)r6{0T5>DOdeJFD35|>J6`^r%&;QC@Ho_{UY2ZJOfEcAt0tO1#<{O
z)%g2z<F6=rF3U&FofmYQgCXn5Vu=eTHT7(pjim$6M6s_-DxE6OZRlikgC`MC%bwa^
z0POK+hS{cG^P<a80iZ-%hBeb(FD{P0jLoh9IgG)sYMPRq<4-c#m{P$tx>}=la|o(x
zi$+dPMA*sW$rDkqwn*1_$0Gl(-`nNGr#*DNPy$m@J|wH$`y}XNLt=d8TP&p;$Yb)z
zc-A31C!_41z8}=H8QORg4Ws>0Yqn!lpY@{qgccqnyVR7pW7Jw8h+Z=0!@o=V0$)O?
zK$(Lq{o0Nbg(`38VHh<D*S*0VMDE7$<@!?3RKB6^aPhUOReFGX&FI|gFQ`htkswy+
zj;bEa$;EI*1+7F6ZX`!0Rq^Hd9v+Z`UvkK8dYzFaW%?k>>w1#JUOAm-rsd?suC1eE
zS)dOxbAn=TpF$_c!<d1Ln5$^iZ{tXAqWz|{lR*?Bn2bVUnnlH8g&|I;6SNh{++R1D
z-^wdp55zto-*)cf8a#jr_$`k3>z;cdK})7TM!`E_ATt^Tb{?Js=KSKQNYP#(og40M
z3xIcV(z`N4wozz0yaK}%l~F_=iEulYri}fK4GNzX()9~BV^N9ubq~!veqZ2PBL<UJ
zLU=@S6aV<OSRYg4Xj%~T4TDwFrdVBW?G%R_egtSg!=<59r?sZPzHpIOgRr+^@pN=+
zb+l=+b7-acMB~3PX#InpeYBIJ$(hO$gqFl%rS@qhiIy>er=_I)VwEu#7nv&x6`1mg
zvKCV7czymRC}#<N!+hPWKI7Jn322~(c7`!crrRPQH|aOTPS&7^At@S~0Y0rdY=a#X
z{e`gX&jf{Og0G2o@DUHpOg5huJ&u>{w?}5Nz;g1&w7X2cjn=qJ^@(+9#9`zC!s!Dr
zZfPSMD^a&KNg3=gqEkPUVSWe#;1(PM^?6rhjmTxFEJ3r>SRundIrG3)U`Z3q`7oL_
zp~*Hq0fl2jY^7hB&UVVA+<fwi*`$(wR8IIOvW2wYg6T&7MkH%Wnxo09w-$KQcYgED
zo*ezR7J%iKKa_>on8Jr944l>QZlx;qCXjB(>&Lz`Yja~AKc%2$xgT{YS+T;fO@EW+
zsGCSMeDi&hmy%5~wEM_oh8DPEu_yu=GHm-B2J7FLVumg3?`ASxAavZlw)0}L=o2D&
zRj5~+zp@hk-MHcupJl;m*6h}fqrdbRdW>PVzP#Vz5GbW#(rXDAo(<^KXxsE^{?`*o
zuPq*=^ZO;T5AA5p?|s7ouHX)_&Z|q})AG&#kEwTX%QW8lc*9eZn{3;*ZM(^~ZQFJ;
z**)2|?V7B~cAd_-&VKj4?tkFM?_T(>&sr-ruIKG7-@v0kw!@8Ikgkc9*>s81=iAAp
z%JY6cOQ5N)eyrQEo`1q;CcA33@AI3~pArW4j!QjK#RnMi9!Qw$BjS4>fZD9rBj|tK
z^@vaft|LebFD@+`x7uS$(WViQl{qW4E45kBJt8e$thVJZYlZ@_k0{FsgU!u8a+Vln
zfI`1$_fP|=>!AJqT*k6uLCKKzN&;mwe%vyW(XJagy1}|#cH-D~)};qL(Dp@vBJw{I
zHrsBE-?9E~E)N$pi<~!A8C(|5UEJgx6bA?cv`H=`<%@K}8Eu>hp$E~>+t9hbmXFkf
z_E=6XvrV*_B70c^-Hcth4BEA^5pq(%EO~rkB2P~xrDX;rH7FSPMaL4#1RWFPNJ%-M
zWuZ^jY>0&0%#J$9(6G}kFd0CB-&{x@7KiQRAW~p%i486=sYynrrLfBw_i$<gXf{O6
zPv9w=57Wp&GCGU`LCsYXxKdc8Ys8Vpgpf29y^nduK|Aotp)erT0#P>^71&Or)2>(j
zf5MT&hG?(PcA-LI9gK0x()PZJF(v_SFTgtOyo!k1Zx0Ut<JsI{M&hzmRD|Gc6Z^W(
z{1Y6Zvxz|9bL{T9YvvOn&u?%4<n7;AWJS83=v_HU>z%tFL8>)JuN1?)4zt{piPJkk
zlLepICB-cP+V3zcRkOzp;`7Y^3-W#7SWzc$YFdney-F|m0cXYNF<;{5=r0G*b;FH%
zmjNA`Y01LCl%tT1H!?HQZm<-cl1SrJQ71y|Min3$Vx2OT5$5lO3LVGFEQ;U)*UmJI
zumUKFNmt^1#@T*`JgcZc9o3ZBUh;8UjS@JHr1$bgHyw~xBtZay?SNu5E<Hc^IS>9Y
zD%qV+kjYH0ne>qU%cQ9l7I*WDy&?|Zc$^)HCM~5eCnfqOQI8ZE7tI{1GEFLt5sT$~
z^1Qk{Fmq>=NL|CE`E{fe$spm-tKWp3V&pUmNuW|NgB53$vQ;*vxErIFeZoteBvIGy
zk@)$AKebBN^ibKw#dWuuBp4GfTXAOob;)eJbC6~QfVAAC9Izt4hGFhxw5S!>?hOW3
z80~`omf0+4vLFrm?>SmTS~|*zhrxZzEBC*p#tU>%XZK$yIcrq}dqrmk>E=duOmRy&
z19&Ft^~@@xe$P}SNP<SfFw50C@tiOx<OfIl8~!i;yU%s|tHbnTRg-Wj%DVm>3q^Rp
za1?dgFwHJ00tj<&2^Jn@(NCZDdb?W~`7ZmOPl}=nmuyA`^1FXTqaW_oejUviD%2Y+
z498*`MLk}9-qboi&w{3;pf<21<3$7Dl_&F#2rCzVA-XF=#%LXyxZ2=GcV;lkakOH3
zOjXdwjEZX#U(w=F>eygsoC~G7LYldWWZ`O^V9xaREmXH|8!1oyoIh=E?UcP>kx`gr
ziCMYps5F$_jtV(&snNFpl50@@rj5CbBTq3IDfcEZXGr&j=q$mk9gaiD;k#wO+-lG1
z9~9$MWPz~Pff0HMu-c*2Z_Y!eaf_LySXR)VpM+xyF*gQTqbKOoONhzKr&4C}(P-8<
z0;#{PSN+f?c-V<CJJp6)#u_Zq1U6R1+)?fA{>86}rdTl3z%L68U5pu^eayEoMRx-`
zTcIs6zW~WaaT-M*?pxsR--o11O&W8iJMe_|#)vHjTFyiKl02&l3q#=Ml(p=23!drt
ztMeaqVL3K{>HyYfOH8-cr-V5fB{?xKT_J5S{wT|8RkM_pb#dli9leJ^985*2e|SwZ
z`^dyt$oE2vdZm;o6kUW5RYmT7uvD@81OL9UiK$v_dz2)cX?_lJWKT?TVqD~+T$~#K
zw4**SEwyCe{^#wuEzxW|cFTP3zfZV^%_EJTsyt9hz}CbTV+E*OsZly*J4Hxs+z08)
zAqkXzMnW7e*-XJl!iw}5a-+&Sy){X07opx7i`4(OG{i2&s2E`N*<dG~B75J@w+K~Q
z3;!#<#E6b<n7rT81=WDUSQvYn?a3gfzZNtIRp~sRbbtBpR(y+m?tn~q$L`E#(Bh_3
z5QP+x-XZDVrG|ba&u-8X9K^2I+E#BlY}Z+JYC-g)k5(J2gcU5(QEs1SQm0(>?+{--
zpv8SOcsdYTR+*K9r4)*0*;eIgWpb4wNokTwCuDLH8LXPLUR!7tj>u#Vg*E$h#U$zn
z2AzJNccvJ8H&&6kIZ5tTXF*fic%v0|hs=eE5}j;jlv-NgsZFhW+M~M4HSjOp<U0Ee
zLDOmy(9xFaa<e@PgqA=>g`Pd1)~I33E3W}b&D=UwMOYjiOFoDlbf3D!WV6a;KfxF=
zUbc=%Xp@Yx${TC2BGh?%DY(S_KiY;zJW{I`w@rxz|I?ek{~ZTI(1)+4j&hs}Gv1+C
z4sfk$ZDrv*s4prc85kw5OcO;M1HnQBr`TuwURG244)YlX$%*r8mYqKcz21Il3f`iE
zf9SQrXpyaHUq=GA>Qo-AZph@U-{U^=EipAWY#`;{LFtT+CY~^XR?T?{q=Z}-6CYn$
zU0q!TtU7i2kJG6UZB3QpE{n4fe(B-dY6?ar6^+q7-0zm2{H<&gLqI?xT8e;p2~2Uc
zBDvFpL?BC`bx6P>14_bCv3QPql&f=LZU&y6Xq+X;Mw+S7#8Iq`8)c!M7Vo-vS>F+f
zq(M79KN*2sA!JU~g|P7%VMSK>joB2VRVj0#a=X}A{`C&7|DQhX`?16`tn;dolQI9{
zg?O8icj@wf<EhqO6ncqX%p^^7Vb>EFk49Qr?9!PP5A_qSU(k-G83lUZ;^l-!Z|~&{
z;aUY?ykix5by8LVJw2toB#}zm^7(^B7M7w{zIk$fJD8A1;7wv=u}hYe)48K$_m7IW
zjt>|_@F~ssuRp8OU~HEB*Yh@hS#D}c)DO29fs2zm-1Oi7j3<6nw9|=KZ@XwElDYg!
zBHN^xlqFT)FX+G{DmW%S{a!DL#FR*;viVJ-y0RKOaU~_HCQy_D(Ds8;NSkzksQ==B
zGI0I>F9U!14Cjy1kze-Ke}@={mDWs<Z?JQFRHN68t4OvtUWzI%BimSZsDU{(84DUD
zNv`6s#{M^8V@)H=>Sa%8#VH2jV6~0!G5Q;Io<UhqW!r*4#qeC-#y+$!DW+=C2YXb*
zAt|=>Lk+L~jzu$GH6CR|fw-1b=G03q-_AgLGNQ=DOQD^&jQ`hANjRR3m!w*ZCc0KG
zxJ0F*ayKrqcJ}sqMDpV4zpLg2Q$o2q4szIwYD#Eg%fENmQURih?*h8AcT>bCScO?V
z7^z&5lv}_Iqh1K0N|Sykt=NdHW#(8l8Fmy*f0mNwpjZ1l^YbV##OULJrW}Bi7oqx3
z!Grp7{P%z!u@qg{n;h%7o*=wm<5clNU-H8`^MmR2GBCYJtkQgI*Q1yfGw=lkjA+r)
zT_-r$64u+89jpt`y_Q<3f{2Tjh*97uK-#eZ)xn@6d5&DjlGN;eL51un{SeE!$P`x5
zQDB@Bt>^Gmjj~m{SSP)v2>v7_)xJ>LvXK-KtkodukP8LXmyzmZsnnRSq&5#32{a2m
zfs-;kCDpY0F(zSztb&5+yRC(_eMy89vZ>+x^_Y2HpTNh0`$@ghi1x56Owmw{R!Ev$
zXG?#tbb~OhZF_*wipc5zL47{Ii4E)o9FuZ0qaBIaAWAFZ4Ns$*Bu%r*dpg2B!iV-7
z^^m#Z`;aVguX_arkMr|{-foPc=4mReYa*;tPFqB!={TV_iSJSPuIFb2VLg`XLYbtZ
zD}|U1iQ>@)f(uP1r7hLe0uC$Fb|%NDS=pNQZYT(pXeR~ykHa<V+QG^#0YADHIK@j2
zcjKE3KfJ6496MFzkHmvQBAKFY(9`Ov45^%)VKb>Oiidyw5FhTav;@d5knu}iQx*V|
zq~!=5T!vNBNb;!o!7|P_nZbf>Oub2W$VKba4M9SQlP-o}CI<VTC;`#SQDSFrW6f)#
z&B4ErF~ul(kkJZTu?*z!!j69mDOjVK{n8r<`;l*e&74e_WOn)P^{I5oqL52CU1rl8
zcJh{`k`uQdD}tH9Eu~}m$4-ym$E5W@yE709euv75XJ?P!(CSa!U2>B(vCZbn5*Puf
z9W$u5vO7oTIq~D_-Yzz-(Z5BhUY^+d6c4aBnB}hGg6?wgDRBJO%yu`VS<|D`a@Lyo
zBqHJxnkgi^6@b+=>rT(-%|goa&n-64TweWsxcaE}>+xDk1#vE<Y&HcpeBPVE<khEF
z`g*$;lP!xM!zDk~^aQg8NwM9(e|!NGoc}3qZ^|PvwluOfK#s|hlZY*`kqy=j)9ejJ
z4oH+wh~F%>Lv{{L_l?s%)yXhJli*|gU6-*g!N?yWUM7R!8uNz2-yD<2%p``Ly<eQc
zuEnk40N%06jzLBTvdJwfpp1mHAmEejFN;0AGu5z^FXk+gQ6<}(v5xQ#l<9mjmGElp
zZ)T!*IzE%B=5vX3RHy+^*dc&Unj5VA?6Pf9SZ=h+#}j#j#1CYYf9`@@#Jt-6%G9Y#
zO;M>1oa(l#*g8g5{H3laCy#|xGNTpTA+{7VtTamIlj3KjwNg5J?h3Mh|0y#wmab&O
zNWd=kq?M4*o3<F_X+C`Yh%>XF2T!&N^lLL>5FwtXq2Oy7^@P$)F8))8CZRCD(ddkN
ziX|(=%(upWVhSg^KpUYoZU+YsNAjl&sjG98m>oW%YQ)9|(x-}uCFB%T#!W87L5>9+
z%C*rjXat)C=nAzk+#1EMOO}m^Jn9yC`tDTkmrK%wnVV5^F5V1gZ7i}CqZYtzZ4^#c
zPkW9_FIzg-5slx30@#*^<O{OYhwpd%k&t*ia&5sOx8dwj8w;?%uPT0d-`T-5<#qDF
zV9=>$C7jeh$dlw9?4IPIdD81`(fg0q;{vdYhsq%9QvKztt_9C`cdnw@)`$x(G9X#J
z`*t2Ea#B$<bQ>-ZR(y8Vd$P!>xBUS2==1f9l59u1fb$=SDNfXtH>LvbE2nkRxTVNa
zy#2@F%B=S-WfEr~431G@oI2x4UkRQJ<7Axzez~wyRBp0o#+KiLgIq`5TWVLu=+>D$
zDdrt;%`l?L2_T2MZ(C*G&#7XQiE7K{+&NArbDiBKQCQFwif}1`$Jj<-l17`xxvFeo
zW=9Czsd%~b3emQ^<)U1c`?p~s?Z|(P1V>uV0csPuSd11yXljY^8%#szR%&@OModsX
zWT*V$c|sDCFYZm?4a<a?4A=1Ew@!GDwM}A+6P_!pmH*|o-cZIyf1EluJdmF@Z&_&!
z!L6@8Z&KnX9#O#Kw0vQ01+@2xPC}omyS6W0hl`3Dk$=*FJdzI0*#z=#f!yj&T!$8e
zWUs{UbV0?-q%4lOOsSpo2S`RiLAL!HB4Wba{=U6l#(pmjE_Xv3^Rd>km(0lqNtyb+
z$u;r^T;99L@UbLqrhNhFE)I-&XA#~n7D{SO@wGTowQvm`)ye%j@APjN>EDCY`62ga
zRW^zuxuBfhA(wN9xhl20Q3~Yay>za>zOmzcEjQSIt`;M}Bwg$SB^}K`7os2P=d|9r
zkrhp`6BctcHPUJ#)IjrFVuu}xIQItd_)!0MSS;j(#U4G%387ZoThBe(=Erq%&Q7Lw
zA-s~F5Yn=32ZpZe@#+$1rRt@YV~8CXJq}$BvJ)-<Dg~AZMOkGjDk(`v{vE4~Td6i?
z3AR3`jN3Jg&ABPZXN!_XuLj`8v%!;)np)YbB6UjaL9TDK-i+dTu9r&e0?JrFdcc>j
z6IrdXDsHt7WmO<(j=vsx>GfH9F2Wpnsv;FD?op%U!0H}xx3RU!5j091v+tO*@kZzK
z8cFxv5dpsoqeYsxQ*0ob1?T1c<C;Oh5B~4(+&ZUv1O`EPUQm|3?%qbm>>o**-sDM`
zDu8h!n3bcFLy}NIxz&ZA)^o4zSrLk4X!Pe=Nz~8js3+&=gxe^98v&lRR=@Eemxp^}
zB_;mXAK{MejsXF5|M&@SV3n51CS6WaqS-aik<mc)VV@KVe%~%OLQ^Q@3_bE#66>S>
z*$3;xb9X8cSLD-{U_1@WOjGSolfozyAmnchIl#>u5QIApMMJwLe}mS{&dMT0S%J<b
z8$6znzf!UUX=`(rjIa4W(c;=qthdu-O<J`|Gw`xvA>-plfhjLXScV!$3#o)HdO}H6
zIqHbSes@;?b35aojTjYHlazd3wTtlTV}5stcb*@5%_kA=syE!PE2H%kI9ZIo+)#r)
z+8s-~`KH^ZtSQ*A-{3Po|EQJ|itDs~W1U^C1{48Uv~f1-4DY0CW(KW09-VI8_DJH-
z1rZ^<{ckD>{*>1x7PRAJ*050(zp+)O&5bk!HaW;-JWfQiL;nocg)u4EIUgRNa-bi=
z7s3?^qDj;0x-tBFh(AX^bMtA2>#<8v*G&t7DBu-;`-VCaD)XmAr@^K8e7z}utJ2s+
zie`1qN+{$OJBd5RPA>5zA&dWM5Ds$G4_=v@EV3z*hN^hiWFZnnm&xe~8us|<HkB<p
zc>kNoGcq?G;)HN6wwh*_x*l4Q>i&G!@K(}G3a_(d5HES}{GnG=bm%}((ps){{1C=;
z_?XDokfcjeDKW{$!!NcR+Z0lMTE?{!`973lO2n8(j$p;MfSIRP{8tL>4$PII!@Iq%
zEMu=*HX9ZMC4Me$nt!<|m72t(?Xj*-$!nvTu%}nbY_-oi@+Ybnrg!Y>-$U>+_y1I;
zo&&^sGkU>ZlN-~xUoO5v6aUg@Y+yU?b@+$JwR4w@FgsjUgL8gr_#;S2{HV87ILv$a
z6Q~Tw)AKCR`jkkqYwl(1WRhZ&l9Bu4X84Su@b&o@BZ^uE*MRivv>?b1DdCBgwKxmf
z)sKwJ95Na6hUt1vzlh{7R&w*Ova3T;2r+lQZYgHh?=7OA-gTZ6kjv#mf1=f;@X>o|
z^g>ZS@iv<O6h>}Ux-J2bMZrwg&~0`VlhDz^=wd67U^#D_6cU+GnkV_V0$9Ae;};!x
z{N7j;RCHRuErE0Swv0Fu$l?}XK>pVre9D1YZ{naA>$pYh7Cl7g!TV5?V6U~e49Sqy
z1{zIfwgw1}m~H47b7Ck;;s&a=v?<dAt*qrYQg*hwcPh^)HSh*~@AmMgt{GvebjB#)
zT>Go+$B+1x!Zz=yup9aq<}KSlP_>NSLhO#3`^l-t6_g96#at&MS%E>5tb;7uwCgth
zZ%?)RJK0mHB2vmblNJaAR{6pkk>Aqbsp-1QPuuD#Kng<f1$osm>%wt0-4-QPNzo6i
zfzwk<*2Vnd^lFh}B?y-&-xY}T5SgH2fq(xO?QRAkG4?#<_Jmhgf}fgLz&W}tQ+p}`
z&FGr{eu1=O{{vpxe}2!>+hZ-|oEvy8#V={R{Ol6wE%7E0Mh|sE(XvQuGb5q)!SAfQ
zVte1o_J@E&B#e`ljBpcHY89CvHxw>AO;re7JbLxIcWERcBT9X+F<&ytNz;_9`zwDb
z%>`x8{IGo@w7wL}1O`#b#lK$G+h~Q1C8(uLd53fxyFaC&-%E@=b$o<03p92nLI>p>
zOh-k4yv0R5%Z=$(NRwmS?Z@4fHpjAM&Tv(V+n*vZD*2G}IYi7KTIS&>1BZobOA$&z
zK}N4`D-JGKhQ)!cqW++CwXUZ;imBS9U0Bdf(QriCi3q43Ei|d)mm9vj&5M3WanTiD
zW2)EUT^<~y<fh!(bCP3P8qI1=F;Poqm-J;77}0FmML1AyV2I2eIIgHP*u67WkTjZF
z<IF~xU+etYds~buN1lzYAV_e59$V&YN#;R7kT;yix24%lo?os+5zjx=$Qii%)E$2i
zrjAQaqtQ+o-jw)4{Xn&{u(>(CKI~C+n-2ZZR-S0UT2*8eB6QEJrtjLE$ILi%6_dIy
z^7S8veHN+pf!Kf@_&7qzpOkZMVkA#0f&>R}xNl0IYqn=Nuco_B9>b&{S(Y{2wC(u{
zUws)JNz6?N;#{U3VlibG#){{w?Fz~N*!dN4|3s{n!B(<EPm3fi&d7HRTgSo}89-Ff
z*c>ud&b<~e^<+!vAvppo;Dwgk2&AqVEo2=b^}7!~R;yrOV?wl@vPHeU5ON$N4ubrh
zKVoTH0;w~Alk#INL?ZtkwNE;QE{VGmN87|%$SD1MctQ~W#_$StmTg*&zF`U;?^qhA
z(y?$dD;&SX^+%q_%+2vl=nQ|@+f_$$P-6-n5}-UO@eXnqTFN$K5#`b4iMWGMV=PY+
zJ`43|<X=bCB%AcOV@U6>430T&6d?INbO*WcXwqYhu3rG08c$|5f4z>Qqk0PZ5wgqN
zWG+~<GJ~dGcZ575%K1H>;#SLal(gGF=@ttxy3)<j9p}A0=fnJ5QBYHE6DleyA$j>`
zC&rVLlO4=d6E%f>j|Tux+`hxrfTbkmp9?J`4ll|nry~ggv5VWG=i7YW&?<dqg(X3y
zL#7<Qg$Vd;H^NlC0;fFU%TBis;^h@Bwe^;g3jETUMx(b!V)#|ng9pU_Fc}*}U`HKa
z=e4QIA5dFx{}4Lk;#5i#q)F}!+u=yZMdg<VMSyH7Dbb~VUjoJ`*(l1CtyZJ~8M%(T
z2bso=GG5RUk5_?_PB3oY#B(u9;uo}cp&k|$cpro(&Nx31o%&}yg+N;-N+(2VT+<(;
zF(++Bx?u+YNAfg{v|W|_7tT05zChic)#xbGM(J_skxKi{i0<xgu2G}jwsmKq*nFMu
zT^Fa{iR%GIy1{;0uJovSfV4{+YNRfxqi(y_`LxsBU@KIb2~HW=h&DR|77(){(zXGl
zmdW5Sj}V0K+BnDSFx%t)GuGp}uLIiPe0*A}oeqn?PjfExs@Pi%=8_LE0=_7rA_sZC
z*`x?m$D~8^A10O!v-JSx2l!+a^zoC<$x}zh0_tOd&Q3mwf{Cw;<?c9p%_#fEQPnh)
zGs5^&7Z9x6V>MADWvjuF=$rTVfX6F8q%}|d!F5-houj*iNo)zO(yg9X4wHsyrbPS(
z%Tr5}dro;F(9Bt02yF9A?HSX5uA>XFE&d*0k!)g`kG<jm@#q`jR(Q|QwdZ|-S6ubl
zvK?2&^^hJ$+;!&&%X>gd8iQHIG7MseFgPd!T}#0<x}96yvTDnYVU!S#XI?-3|1gz1
zZV>^VAM0`^qmT*Hs_KW|H}|#igotUFEQDm84F=F#0N9RMbL`cO2m~gfRa!XrdNtHJ
z!Zo(+9NdVcygZZbQATwP?g|pDam~FmCr>4kg)x|{vwjzpD0(sNY=Z>wEQl#(Q7;&_
z;r^|~{De{bJHQt69D@9+TrzK552E#Ad9K%$-AfwtG2&L((2!elIB<>)w|5;#0wlv6
zt*P#}w(ktde?N0SH9i&8g0QU;oqbFi)6R`Hzz5~NC27`q%{*Ibz8$}K5fCZ^<!WXe
z&csHu)s?y^7wZ~Dy!_r`DUc_jri1b!(BAd>ySe>3^9&C4Bo`N7bRhdH>d5zN+~t~3
zy38@{MAC!~^K99J4y=0-=v3AgjDk!vEHmw%#*D$f{5w*pV`YY$o*;Iu?N4U8Yy;{$
zY{Zf4+o?p><fR^y^%IjRolWWDWTbJhOJG!(mc7Q0tLS`Jb9obU(_4NrMd{)sZ40ps
zB1#s=jon=(FrX1DJA1kO{Cqu3P*=iy>^JsVkfvQSzdS)9Sy@&^YP>RzN>i+L!bLr4
zg>!Z?7`#XcvTZjodxPN8Ii$_?npX3x1N&<ic1GD*{#`lt+y&lf<`SIqW9k@qQPZ(&
zX%pahW0cX><1$(C3`Caam7=>Blp{9gojCiSrn24(WYD{tuPc9}&PsR|67bO)oxqOF
z@vLSogUn1*P*m6!i^fY6-|UZ7q<g&ecsu#={sWg>51a*n!V@Vu(civl<*b6^=%DUE
z=@$T@5^!KF<CN>)0*jst@{V-?N);VrSc(73Hq;w@nQV#q@g1H81#q<Zq~gj2@b)<t
zO|_1;`ldZ6x6B}XkSN|W7w7v{mu)aBqFWos_qOVYEsk^6<#bv!>+2!#=y3j-YK<lc
zeT$36h(b6t0J}hO%6qDiu;;5~(#0qXvvEUXroEIY{gI}9q)C_f=)i<an)|(Dwx3X}
zHp1B1hYMk=92KP~07obSTSxrBJ2Lc~@Kojn7ee3pO6#1UB*<UG8|_u$N*uXM{sJ9`
zJZs(IS)&8(Br`Z@)BVx|S3#4a&tY%=C*g1Cx$vbWflw){ROp}VH#zSyeWV?}e5^88
zS9Zafgp+%@hPivJaI~)&%kr8{Sf?<ivSeudQ*Q)21lTqG^4AC0_$Bw@tui5V+jD)Y
zE&|qXnjZ=vCwZ76yfeOywK%#}-xDz>Pd5HpGfmupo3!zoJPdP%bvDb&UoVCFx%tV@
zp{O?#9SysHoEV0mNH!zk5NwBy<a<F40nVL#3+h_@uZVo^7`h|nz*V5S-(f1oy4Uer
z2|S-Jdsj~YeVOrsiC*@40xCe8B0|iEYtOm=w!8el$6){`?mR*&1E~O=gu;k`!a;z-
zurMi<u?{vR2^N4R)E&l&1<T1)AyD6iMQ%rMWWw-!aGGEqj~WhDW*Y*huMz}@LhnIu
z-d<;dz7GWLVZdZM2H<Wu{WVDSE~F^&6Y1x$gy2sKYXZ7r)a1cNjf~zwiU!WU_)yyH
z$Q>%u{7B!bM~^rpa>9cQC+2tk-alCnZNUbNYbjqSoK8@FN4WleyCbl$0;A@kE6-tG
z9RR^a6BOWxJ>YWeslKCgoOmSZtjnd#Cr#j1_uOGlV=a&Au;rf*ray|9KS|0k6ceUR
zeMmk9=7#>X#&CkzW8zt&*f8=e7HI(NH9riLDQ7tj&d9RjaL8Bas_IUuZ1}naWPM~e
z?%CXGhC#s=DisSt|GL<6*VIo{Dd*t9;c=G|09|NR20*q*D5Si>v8&T->|dM3xgCXp
zg1myp={(`t_%PH?NM8f6W>N}>p>RYm$UZZ1wdbKnZ`B(aP^-Vn8)S}XeV&$%zOR!1
z257d~7VV&IKDza=`z*MAy$pUn&Hn(m0T+=S8X+0O7-Z&FEz;a)tZ&5}@$5tN`=r|Z
znB|i_L_mRSuk)G`k3rI9_|+_nr?6Lq@n5Lri3Ch#k=xeVTEx+jskFXr%nKC3=C6EM
z446(-^}j}Jhp1#z%FLj)oRp6o$q#@X(cGP~4IBjP=z2ohE<nLxaEv{#D%LaVl%ht)
z(Yr3{D*0JAW+`b{4ua96UMR2C2OR{J+#<Pq@MoWpW&&zFU6Z;Y7)$d<`AvTVDCWMc
z(yS0VL?b)%xclaU=mi6~Rz6f;Zs176a|S-C1<SP$SC%j{81m3!fDTTPz8XL5Dl#MK
z4%s?JdGisv65&YtooqG;ftCpY(IH%?&6>7g0tgnUbiL@x7)@>X8N@2}^>D4}24+I?
zeJ<@kitPzM<qZl0&9QvIYWYO$K-Hu19OgyVb4B-l^QKfYM<o+iSOB$OngC>w8CQfw
z$=FRWuU4BF5(kz-(3NDuK8_9bG?+gG?hg}%dV8cccV>1hddTFrJ9wc+T*L-25a?NR
zuNNZh5fH4d9ZJ`E4<A@8k;+y?#Zh+ALQky&TrJUXsEa<6$ou$;GqRE+uVgQeAt=8n
zjPHg|*M_x&HFNxd0mMsHzduGpWEp-oMlj*}YvK8ywf^EmvzXLLngSA#9KydDEL9nd
zQ`cqVwd^(@KJ<4uV=qvsr5Sn2lZY`k+{XSq6#SoX;XotNYm=fw(3g>*+?50MF*Dor
zyB=)cMmS?Hgq|?ut|iN5NQ7Bkg-oR(HgvncNOI*5<!TEqUszE36Je~j7V{}gSwk6?
z&PPV}RH3n0@bH5b`7s43lsFiwkc3^JhE*tM%3T*N0P{8t#T8Y~K|=o0ipU{>M0B(p
zb2XCNKT(OEwobw7tZiw|IogQoh5uEnJH;B~?%BdBmFCDT{sIq&uHE+DTC0>^m;Ly6
z-OMd@ubS@>;+lBc3AP~#bQ0VF*_3({JmN&k&F0#uymPcp9k<A5LS@>FID6>za`^+8
zXfQy;i4O)7<$W$rC04*56XJX^@HtoeKqd~$@Ks}4I*w?CzE^HOHp))*dqMIg$;boq
z=YYwakBK(f*4eQiSlmpo%Vlj5Z)<f-DI-y4GxQg2m}U!lk1t>MW26Mo=@6OQGy(oV
zO2*g7`WJ@$#d>&RerL>#+!S%D0bTrWmRN%%BITKXgh*7L!rJyoMeL8pRUg}m8fnoL
zdq!1TjbefAZ3{~b|4{|G!CHI(oDWXo>L&qBX0rNZ${+l)r#~pPnquIrbfGgy?#Lnp
zs|rNH`lt8Y)Z&Mr*?Ze5gnl@h=<()sZsE!V{(SIyd7d;3p75u#hOiw>^RzFlY~8~<
zJ5n#NrN2Ae)C9vWn0U7>xMKLiW8iV4zjKd-cdpimJQJJPJeE<{cRumlnDO?W8-+m{
z%UXqWt_2&!Fo`6R#fqVF0yP^MznyC{r0WNqD@z;`z5P3GC}7?4xR}2-IB+In^HzSs
z*lSSseuXn57YF86t@Fii25;Idci-TKT7F}Y59hxq9N#f&iH{e#&Pi!qGQKw<{>+;`
zX2_k%i-?CJ#W1Hf<lH|5*Zs*n`j>3keP2?9$I5LpxY*ia{~_*qV(jd{4Lv){(SkAh
zyO}teET;WGd0wQWVU&OoUgjq9Mzo2M$=jSwEr2qvRiugx6#0zXuJ|S?l1=-t0QvbW
z7)3|nE@buA`PW|zKIsDc)?mPiD>q$h`=iwrXD}xpk~0`{k9-{IC`F$qgaSJ0K)86|
z$uweR(Ij*?Kz6Lz3{*=taC)}5z!iwN8wAJuR&4G#a<nw=E7b1k`w60*#iQ8u#K@iJ
zjbuH1N;Hw;lQS}N&pld|nIM=zIU@(hA)Q;ysu!W@<dMeaZ=#_>XQrBf%<Fwl8MR7R
z1&RY+@*n#fxIql&93ZD`0MI+%X-GyxN>l|kGrA*5&g)E%RJH;Zy(yAwm8U8j#O0H*
zWhJLpD;FxqlUGe&AdJ_zJ=womAM>RzRsyY5?lI*G)b*Lf9IIvHWqdOOtE%dUjT%HM
zSj5;U-d`V97<uOc8QwpyjOa{xo--)P?P9ii&7TMcBJ+EKI<v@mM|tgF777u9fN-~#
z2w?nDJ=6LCDC!+bnnSJqAK?BWYc6}VGeb~amM@l{^sin2rGe=10`K6mvjEVO$YmpD
z$-++bb&aL@TV6sztTz^@plVFmEt2ig8<m;q8&RSmxw_#<^;BSAcHXlE#P^0DeWjtl
zrv{FR66I*3%Vx;^O2BqZyLdSoY<?nT)6O~YINfpvm4JLcD|8FXH8b1wYfA=Is;^t(
zZ9I^N`L)AllW$TQ4MdNj2vTQDIlX+3_givIG{2iamii$6)1B)LfIdIq2rYWYt<uz+
zrY+}PPrqbq3HJLh4BaaA4M?oza`g^J#==3!jBt(B1G7<zB`qZ9JQeI2UM-gC*#-N{
zGPsb2>(r-)q1y-<5G{?61|P`5I5W$P#f~_r5WH3qg#n`lk)+YFAX}N|s=(2iS5{BE
zgHM^2nt#8^=D9VtBSa_=cVYEk<I6}jQ4)XMylp-mDdB#cPEhjb#(%4YvIbA~qZcCF
zY<jm)%SQE#U~TlFx?nq^S5u>^<+Qh2>`CJ3KNl*8#616Txh+8VU73$mfJpsMfv^)1
zDZ%S2o9RjvG+Wlfgt97UM^vCFdaq1XsTe&SN$uew<4;&Rqjmjg5$(S_`ejnNI|WNa
zA~93GDr*^aC-fY#?Qn+^k@q)oL6DyvA^RC%ht5P)GGyekj7NJctRlYb1o@ek{4zff
zdO{`ey+JC~=`;vsR@Vl8$nUiI`$3bzPie}Dvj^VN`AH`iAqSZ1gDuy%<T62#D`a!y
z)LSQ2xJU0ebv{Q;7la{TyLshMlRry?pFaH8Cc<KZf?6AWw9ZC@+02d2^g=HLR9xDr
z<)hC;E)W{&<sgMB-6^T6aSNLU#ZllS$p##m#VWJe1_kM)=P*Xz%qbN^o2h2uW4F@X
zPrVApV02X9N((YvLKP+_kLwzEd0{uj#@?3{TZ852?j|a^Ji70cCxwrVD$m5%Gk(Js
zdxM|UKK}~ijRv2YgUoT%Y>R*$SSIVF@Ytcj8a>)bczHde6y@5^$%ZVBIX98`?0uTR
zmpEJ5JBl)WRy%Y#zAxT;@Ba&`KqGsF8*GlT*b{3<vmQwnmtg(X(PP*4%m0Xz$11~)
z$$B3h9wllO0;xN|hZtNEER`Qml~Va5!}k1SaZYsC=D>L<tVv);Om90qq?b6Zn<IL0
zo5&dEJ!TaU7ad<G$m@4|M~;Pivs<w+*XpS7a>z{Y!{ii*W=qX*hFslyyr42IGi6JM
z`$UCwNHUwCK+|#&Wx(<|49|`b9ETjno~~BI-YOs7iQpWRoshlWAeR`hU_a82q9{sw
z{zs~lLQ)KnYd;4V9x8fY#68k49-A1>eLPXK+~Ai;BvaNUq-V=CQkn}9>DChxFYK6U
zoWew%YirG@JMRIatZ@=$TENlUsW5^javR`?=C!C}-P+*q+Y$W$5sS3%D7bh+?)E)S
z*%?Ju(P|(V`S477@%36hWd~t*eMr!8fB%BQJ<9iHrbM<svL7IsMEdE6$Uz=)0p0j8
z7<%9&V{;rFZ&eTq@a41=fWx?yBZbjmSO%t&Gc*6w?9iG@;^0S)60g7{vCVrre5-#2
zsl9<TqMB5NgN-fvwF43s9=`YnT5pX~rI0kH*bXq);xXCw{z+pwm^*m{epApnPn=wx
zz7Z{#s%JL`b^S?x(?<F41T2vU8ESR{21ZSzY_TjgJ=Jjk75=*p#$v|DFPjvIl4fn@
z1qrd1DOpS-j-0vqK4-Z;j_h_rl_GH@o(Hw2{(JphtWEhk{fE@XkJGZB6wD+hSF8i<
z0@D9yS$nH711+Re%;{;f8S$0}J*u)}cK~ZY_st0NC$-^m5XDD^)xyhU{g}1n86TRw
zPMOs@7UyRJz`O)XfXi}*O_c#mLJ^KRMTKU{Ek>jKo5xkpw1$IK<W&SYgPOW1-?|^R
zn3x!=4uM8rWGPD6sE=f|F{#0z!55Tp<(i=^N6_RwYtcQt!Aqo7QT<<=4C6?K@_5u*
z%%n(_^ConN^CPP*qYZIS_WG9d*qi4cvm?f4$0?R~PnrSumH$Dq|6kV-AXn2*Xc1kN
z>A{~x*+rPYQll+5W5*J<rbws^vqwgq?5HG9uTHO3pb3|p?*w-~-!T69{-u0m>=$yt
zL&dl<QH=u%5eG(OGNPsE_YOBrS1m{$=!@&RB0encSaXScUNM_55Aeaavcds+o@twy
znf*CFxLfrq0j(VMY0H4bgZ=TMGiMqcJguBhH}}(*yXG;3ayTY{?o~e~6NSnAHDfsT
zkNZ1^g+<d&-&=E~Jf2;}f1EQYUf?foFbq)kHe_%Jx#B!qH!m1*_Mavu=KIq;mx@Ch
z#wJUhDb^0m#fOrzs=abcD0S+i@{AO&A{;3z?ZqNbeY~D+1cQ<l;tro!f8i#LNCjv1
zK^5ZShy)24Y^uutRn1>E08e`b713c{lr$D1YNqv2(+>?E3QSN}#5#lq{OTP-bV2zY
zf*#Dd)K@W=z;paBuRLa=k$RNN)p)+n0^xdxFz`pPz=TUbP$U&*)UtI#uhrg82>xqU
z3GSgf!GU!ka#(rc?cTe8+$}-^<XBflp=yGO+Y83jMXAC8r^KcgN$FQp;37aJZ<+au
zIiqXDSJQ31V+uk!^g!D4Hr2`Gs^l4_-{iC86-6T)uyqa&hONlux#$W&^nw@({LmDE
zm%5QPHg3?KbT~SdZS{6DTrNj!*N2hBF3KO4?mrmYwgYf6a4<ZSrTQChGF1X%&1vDO
z`me{^^lg>Ex{hn(eklivCq0l<H>%KR22%7qGZhtas__-4-L-0yKDhtqd0K=4e?eD?
zO;$N)h#T7Q<kXrXCMLwtKM46~$qBGYlKZ8Y>^6gNy(F|Lw`T|G=b!&^bDD25W|S+`
zp2j?Vbi-1j{2s7kbhYtJb$6l(xlg%*&>7?Q>~W9*s54ip2fh3()|E~17@HakTsRfo
z-uVsYDCYT6fwj9duq`@P0hN;q8l#G-=))RA%I^zJ4#Px)l>zmRE2CVt!Yu__$drJ+
zmBDl4|6<w)MsewXt%VAN7FM?cHaocgiZA;AbF%9zj6ioVc6l#IW-Byu8m~tJ;RXxq
zRMdeJ$)IqmIX!7EQd+&3%QW;!WsS<3ZqO$<IFe9TJ0k=Jlw;ulu*`%|wE2l9lHP<$
zF~Lkmo2WxlWt1H}2<tgb`a$2e6Pt*dA}PYudHe+z%u&gi-;ny4TYOy>7gvP=HQ~Cy
z#Zi+y8;sf3e<2!gZK=n6p?@`Y7!pu`mtrdx6wbrNie?5(S?61xw;LUk^vZrZ-{MMR
zpf#-ZhW(^lxc{HDl1Fq0FF=l5xb9hsG5b2P8>#W@e8qw(Y=?SO1YhVEST+)ES1_s&
zUYM~3ssdzyG_y53dV);)sW2_R{2K8`;^0^wLNP4Ufh}Jc$gjwx06b5%rVt-ALJC6h
z?sNes_k*|4h_aYJ?NL+WCM|CJ2YoF+OJc%Y0;iezxW`^cv}R~|Ctas+Wxvs~xpmCJ
zJvH&wv{gpM>DSQ~lB(c?w(>sC9as8W??CO=?UyGVqDf+uy75|7SC$C|0%4~ARk+dP
zdwD>zb>dyZlS==Tl_SZ}I+mGav2L=Arz|mo_5XH6Zgk{n2<6sb7Y6g|Q8bW?6OaRv
z%PJLctD}01dUfgWfw7_(|F{fwF@*auL>L{=4514Z5d%0)eP6h#)GrL1%xbVfQrRcJ
zcXwsnvK+=N=Fu5Z0F$eBSZKGhi3T64++*^qMa$zRs9MxQK)Q#`O1X>4Jv*Fcfe|e1
zrA_<H?a2+Qtg2+aomm>r?1}fQ{h#Dsbf-Q*PF^RF-Ah1uM5KHrTQWGK*hbe(u3KX}
zy80)@`l@LAPYhaPE@-GB54}~km#TDY2?PFBt=XfXN?h$YDp_?Hl@o<9I81(};N4`l
z3?gRQmJyW2<Z?b2WaxJY!pwO*ZxZsDMhV5nsI43_bvP{_$=ozlyL+spH#$X`SntsN
z@jJp1)qwM)a1p`oMa>E^<)SRz4q?;>tN)aVe$jzx0BoFyjw!_C6Nv4+{QOd2p4!B0
zQQm+cwaj@%8W>)i5S(m$gQmp40qHM3nwj0xr5SekT1`+|Y{3%}1_}q_$FQp>>;`ZJ
z{TCxO@&deh9)qPDj7FuQY8-}XivFFuH|LyecMtE*ZkhXI6^wxyt=OY1#0mV(T}3|T
zFXzDU-HK=sE>K@X<~Fak4`RZnl~Hqr%erqCixliuc68hQLsn<|j?mxV=u2L28-K2v
z|J>29#j)crral@_mwS}$s85DtCBGI4bPNEa?%9J`XPq<M@u{5$3wnPoo#@Y~olIUh
zCXm4YA_6k9=*i9jjSz<9ke!&55L~0P*S2g}UmgRB#rfk)DYfykDJ`MkfOGX-&eW#n
zTBVaicy`!7lYuAZJ(!Na)u@s@`t!$oy<xkl#&`%(^!q@jWcBFk@vq0A`^cVBsL>C^
z`j=6W>e*EWi`T37B@yg59%D1h$Su2`njVol&ggdy+U~lQN`i~W7j|?GSSgsujVVn#
zDBxBMO6z9E-SO^(uYX4sEK@#h$w|wA(;Q!Rc<Q3pXTl0VuVNuTq;(XTR7<1ZmIsh;
zn6cL;PI^PIEGl2Wf&!1F*PQJy>&f71yGJtq`*z_l-Ew(uOf)YkN%&R)b^G3_LrjqT
z1lmece(s7hlX$z%U(&wiY;nc;0&0}O?AD#1jt*Wb1rPaW!S@;LRmd!H)P`@@q36Vn
zv%VzsKQ`IW%#pjjx(;_hVz^)$&zGV-@ceah=yfy_%3p$SPY>n@uqMd!=Lf`OCfLvk
zOK%QT+5bWqP;J~7{In`XsT$ISu$c0<5amDWx3_oRk!{MVhm8AD9A(7lj=!WzZf<p1
zElOr%Q3-B(0qvUlJ5iLAnE1zUBG<H~9@3^|4ZeGNBJqtrCjQ-t+@DpmW4hOog@y%f
zjW}zjM+Qu|=Fy!J{djRvwYcxa5W*T+H&fr~^qGVSdRBGE%CY0K!_iO%ewBW3FYGV$
z1PR1tJIp`s0dWWFCUbRjNMvM~-E1=8KLWxKSd!c(>+*MJKE%R7KI}USc$`0(+@Mlp
zQR!u&U$dCCz1lDa9eLa6wRchXW(3zz5djU15MD11;(~sbC`S@sx&BX2`kKU`HX6T3
zmuO{6;_gBzbrm-0ZG1nj_;~>{4<iTd&8Sl>i3E`pETn!J8uI<RD-JCm;x<2rXk|8W
zU$lU0wkH=SMsr#}%YE`unEQ}p*b#LUa76%q&YTxMn}9+wUE~_xp!dRCJ^u-WXER1d
z#vl+LoOuhgE7=$Ue*}&<xrkQ^LwpS%Z44u5h@qj>eO+=nRKxIAfnE<LTUxxms}<xU
zJ{V>4VJp*i?tbU%J6u$#o*R|~Z@fyi&YP|W{1y=a0NAB5Oo4p=r^h~ktlf|^=X6xE
z!!7E1yv~?{C%e7~PU90Rd8n7`z{&qd;r8Dhg&@_QRWW6p)Pe3}u}=gkxZ0-CZI*Hz
zUxw&+Z`1>Uy*d5%?FmVaW_!lowH%HCVXg{7V+yv}+s`iA+sW@YWOt8wMc2>a)wp5d
zeQKO4Fi%#VUMbPrTLWhFD+VdYG!28MmuYi8(ubWCHPaU6dK_v678bA`nSSz)x7huT
zBoY6s+_;0444Y?wraIo&|8V6eLiaTv??au$&4EgOf5VI)a=g#I<NIMxr}X~YiQeB+
z!%o*7LUKNi@FlLBTj%G!m2YR>Nq<3;f7R5(^*WDuQ(XH&Hx#?wb|E?8=yNIH2U*HJ
z^7rKsz8bpl=3Hr!wOM~fPwt0b-1f(9zF`s`7t4U$^Vas8uIiJV&PsQ>-Tmd&Lovze
z48b&1h@;8V%+0|*!9bw`e<Ve|AI$eiJWBp2{ZHgvl1q0C<ZaT=f7bp1Bl#X+@dBT%
zuXg}_fzR^o;k#N5-B<4uc!B|*`M6r2&%0H99*==HJ-hIyyQ|sLErG$~o_DpF$?g`Z
zB|fGI@bJIGA&h{Py3X5++I@xZ&)RhO{<KnehQ`sR<@i0&D2k}(6(gu8x4#C7Q-@);
z^);g9rsdt1OjMPn$&QJcT85GD6bvD^pV=*y8_Wi6r#71dSwyN@+P3%Ix4?ghVG&5@
z!nzUP6D07O+#@(%@Z%bB`xT-4?ZUs;*BbWb>Fa~W<8zAJm6HK<SmW#NOYrL8;X}l+
z@c0A|Pt@CZ!~0W$&rRoQ6l6V{UO;d5Sjd)+?V%<SAu`tWP=mzpbE{|g$<OI|JbUtO
z`1n%7R)$8hbv}PNdfk~V<57o?jK$vlLtVn4kJ#b7iD3WE|5*+5PJP$^b4y^a<Le&J
z=cPfR@JM5O0Hfy~BV&glhof6`R#hVYGKlQCpWq$zbK&X(-|wv@FU+<CNB?bKpfB^X
z9EZT^6W@>{OWTU+U-!f3v}}C*u8uFCOzhtc<}Ib@?=2v;f42Gj!&+}M_DQBJPVg0R
zCjI>n`943owK6uxd$wQBNc?+A2+I|z<Z&?6Pio{Or>Dd}PPI|hnut@+NOCg8LSDqt
zmvm{OrmDQNdn8%<g)uybhp(#b!$$PtzHYugF;HjNzN)m;qyD~{&uVT*+$_oC`n<(d
z)be;a2++FQh>AHvlF5=g+@CPHAjb9Mrbn34tQZXK85JNgOy|{zTL~expUwO(v`0Pl
z9BQ@RKqp--@Tcoi3Fdr%WP*#C{_SuB;{o>FyTkCF`p_}rct7fRKTkZ3%V1nPbbCu|
zhU{C$ts6Qy4+F=RBbv_u8o${A!5{auyjzHg>s(l7L}tc-#o$(bOT9HQFIJf$D?GT|
z-T<Y=jD%}Huy#a0NM>$y7k4qL5Z7Fb=)%6cI!4_J)!%Rz4K$rFBh3ot^u34jBJXs7
z*l>6jrDLzr2bCENPacWe`?9~{?ycaizn<~FCx?oNiYSO!<@w!*=`B~EhNclK6(bdc
z&6Z^|S-&<&nl^|nXHz$VZp>jtTeb=`D2`l(fB-FS88Mz|i;qTB^<ag_xk+|Eo80{R
zoB48_!*Z<C<BPZ^4bHh_5A(DfTLi)B1*06F%pg!+Nv8Z+gs|R(vH=!YFD97!402~a
z6RhiPPpi)ep2h_`zO~UPvPBI8m(>X}A~O72ANEH%G15wq!_l7U>*p9#Yc$Pzi#2@k
zafC=~yw%@j6kqSBX<sOJ4jvEqcjOh~z1em*wA1I<*@;#cGE6BGbOYlnC`1JXRkj6H
zQa&zxia3JOW&&8}dRVuo`+(qFHVz%-W2KJN(gu_MUH^FkD;f%qW|zeHqqJXn?5LZM
zZ8N*tX2pB`FM_HK?!DEsAR*iSaKA>pu5WLDyZ7~)kv#Wn=^#LpxXVL2*zG{Zvrk=9
z-eSMMGt8gL=5XI~$ZoWVZDqMh%Et^@_7mM2;$|LX6dJO)vsNqk6;o1`^)UUezq6P5
zF}{{h(dExosVP<#XZPMk%qz9Fl=x$3vXNG&RvqHV?t!f9voM%q7dan}WY2O)g^J}C
z``)=cuTjWvbMz=^Ox!ZMNX{}<OWcO@Nd60gAnpYGxIK=Mseb4kK0Be<KFVO5?%DLz
zi?o=`c&Xq;aw;#%>(T4l^Go*}CO)uIMUGT-yKlh7msYz694`kogU^q)h8o^b2u~6X
z#WzH!JEn#I1%ZX%AA?G17xSy{2d5_=Rt>!MuH%8S_F+~;g&dD#KAhT~ug}A$<ayf-
z6nw4~A^$785pztP$v#3WkBQ;YDpRYiE;v<-$ZXlSrt01>k`n)Sr2JR8gY8a2GC>=U
z#avT@yiV|4{)Cy)RNpUPrBPVLJ-xjiY*^}>!MPqgT71p(?pFK=$-p8)GrBkwEOdzX
zmqOjOzyQ!}R~VqvAyP{Nd4~=@fzfVosGx7KJS<|dI*X<yYEio>8!&Tz_<S;jZu&$N
zl>-4LCb%Q72{OGcKf<BklP$A+u(9<PKX}P~>EKY8its|P8sV5P7y74~q(X}l3EK<)
zV*3RS_B+qA{L59G17V5FYKFo(B5G#UDN0UDThUicPAYrA4g!LSFC{9Znn*8=@%cC6
ziQFIdENdFbu9S3eO1*xc9l+KgA(HzuQfgm(e<#%2q4Fvu9El^rR0~5Uy;i(12P{=|
zeGx12dAC6U`1tH9oB09D>ny`?j59f+yw5mb&Ra7=sW>zrgU))guYApRkI4cbO%4~b
zT{851{{{hccM3FAXBHl?H`;7WJ+bh{h+eVpD@-A+(q@DePg~eENQ@mT{2QvTNh?=?
z_Y=o8oxE=8<}EDsdek%g5I1r2Ul(gXIbvhhE@2D5Q6VysV7J2`iH1Lb*Vunc_|-bO
zKk<+tvcW%r@^U03YV~Z%>M$ptv+rAyFSq$Vkr+Xgl%I4c*m*-~<d)WdjX{QE+oHBx
zXovOv>BF4)C>EV9BU)Y&#V~5qELO~+mKV$8gs!FrXJ|Nnr#8SB1U>EF7Lrct)<N@S
z@euKG|K#(A7n_X@KiSbik!C(`shR^=YfOtxQ4ec=TxinX^93D9kpS)QoNy5)2Ise1
ze#>mEN5J-k#D~F4;7XC4A|W}S5eMz5+}!<}I$1A5SH990j^`ghlJ)fFT<;ex7Z%rs
zF{Awe$J@#_9H~`txNpbqsosc^ueKs$KL_J4dPjCivb(L)1x=mDUa(ZO*q+7z>_|6U
zOsA3bdPMskh8M&WKLzxiKxeJ73`D_6H@aK~8LXgV`fdo9#d||AvVAr9ySO_V(-Zyi
zslnv6j_mUozj9(qZnU_;hvXBtI4-)H=U4fnSHFq|)d>RFBj67Jt!8#Bj?7F^E$8%d
zAh;YVP88}%BHbzhmMLMVqy9eu+7%`0UwhWn?@--y5LV3ffgL%U+`H~)jQwgJcDi?j
zceln*)z-+!7`s>fiopGwr9LVn^)Z64TtT1V-=Kw)6<x2!p~FYfp!*1{oBbupkAO`-
zPsIE!XGvW+8h#rWV&CaVELyh_-CDaK_VxvQ^xi1!^gV?}Z`Gw(&icqqd5Hi0dkX%#
z9ED$3twq<C^`5Fnxjw*N1N1Us?)VzktRm87Wr!u;5&8UU7t+QLz|n1cVD9XNt=pE6
ze@``*`%K2^)BYGU>kF*-$qFMU&BN?<+t9q0Ic}cck6<Ex3)XE%XSW(ihzLNR-Xn42
zdXyk+x_$&4_mPIxSI7^UuE<oP>uB^<(}IH-QhOS?IzvsX{i1!(puyu*n3@<-2rJf;
z%G6!==T`9w2A-N~#facNwkT0b>a@}&Yg{t}6Dv&c`4L0j8;!ugAOv1IkAuFx7&&wY
z-WmTLzW>4-Mh1qGbk9Kg1*$jdg2lho#-01uv0?2&1e`gJyU8jT6ZzriW>LOZzoA6d
zG-^ecy7iH^*PkLWq#*G8F|_N^M<Q!ne%1QTF?{HoSa39s!~3FolkSvv9m+cl8`k`d
zbEl6XGF1&DDQ}vflDf0Ykg@31u@&7-wqTT>N6&vqWR3H)Y0whG{?!kQPbKkgp(!In
zg|?kvm&h7lT-VtJCdSE#O-P1w3pa`<yAosHABv7|bb?nqcPv=sjT)9lbS16w<j$Ag
zi;`?UmDaVfWcgx*U%!j3f2^nHJdJ>>QRvpru+Tb)3j_i$3IWy(Xhx`<64hxqc5nwy
zgv7$wfYfnU$hd#zYV>cOhR}yb_;%I@MAkIw%3gzp!(;UtTnxGROv0whQlVihcMK#m
z1zug5m6?Wf2lrs_pR2L8Yex*~+LRU-{eaMrYw+E*9bs2Puz%NK7@BmTh%joLI2D2h
zod%*Sku^>>PA#!w^B$y<cgxJo2pA(Cv;I34w?l(5cG|LvN7iy6SE&?u)4Ly$HDl?B
zYyEmq9rZ;Lb@Z(}HpaSne`4srhNEMrH{kK+a13hNL>dtcX%)SKULLQ!<(}5LMQ5yD
z<bb<(gR%b19-KRV0MUtAFwE&IbBe1FKcy;RV^8x;!Wg8&l9~owjkf?Xr!EYu3VoiI
z!ZSI^h>Sw`_Jgonu@g1plc3}%1LVG;C`tZOSh&V+czK_{I63il7D=s2KV@R~+NDUa
zZi0XHeI51=b<w3qUyS*50)G0>SghE&730QvlZzKk$+Bece%N{Zd*bJaOfy7VcMrHW
zZ3BD%Kw2@YskOd=5{|VrDiFRii#l?RI#-Rf#B5kqx6kt^mZp|8!HJb5Z1=C8!{-yf
zKoqG#+fd#Onzcc-(?QZ|Tt-D{Xp9Dp8fxyReA8*2hn3UQ`6)@lrHx^p0=0J3Y6DcY
ztd)Bti&$eey$BWgIjh%x5dPR)2RnA`h2N>e*hW~{)qRar#PiUwhN&ihiC_civG*|j
z^GP^*GY&1<wndx9jnJsxX?pgeeG9o25gP)5GC;txsx30f-swu<O|*1uMxJD?;WKNM
zrlh3Xc)R;QXj_SNas!cRYz!MK^Cz`Xn!uF&m!*;Wj%TGTa+BfO$`k!*rKp^|2lheK
zo4v7@Y)l7rZHygD=3~~ny>M*O9G<O6g5S;!zL#l)CBha*W!l!U%_EIAHn$+#P}099
z(8QI(a8<SI0MDNG*t~K%2K4HT#<etdadLU(|CiZ>1?<c<YG<x*mNb@7_`wW4^#0^~
z*f;5f9eWPo(DwCMJbMN@^cjVpXH6ztG(DQ!4@U%^#^ecK;epbUaBPbvZCWGXLO6{T
zy7YYI3n^W=mCiNJq)wUDQo6ukNOnd!ro}qvFD|TL2+$a;Ap5o2Y6WU+*aHinpW#LZ
z@}@>a*0{0g@}WHAk=aiUH_H6C^FBAyr_VeilOi3`$JL96F>}s*L?k?M*`aT238$Ji
z5&@IyBK;xfz~t?k(}}-#A@Gp}HthHtv!_qR2ZOr9P)`j7lU3H+Qj%h@N?Y=uZ1Ov1
ziaM??2naZY*xV)VDjdCV4(T*&G^ATk?AwWu1Z!;Cxev3aeT$I;yTX9-R<e&aI?vhb
z)4r6HrnJbQKF*y#2-4`}q)aKl47T}`4;A{GA8~qCQhA@+xenWo+{O4Wzs8pByRd25
zkGL0p9R8sZlp}R9bQ{~$aJqhOFZQ0hjvrTS!Ef__!p9%J0}ErC2`fr<?kJTd{s;t$
zi-41x2Rb*j#v*F-w;$$Rak+2%2C{EUmL^U%Hq~LD5`!Zr&gK>scjF3zgCgOOZ^D&(
z!80~8$f<WyMmkNj43U)>LH1R@qw7c?Y+bVqpHKJ%O`K~;lQBbTCvLVD2t0O-CTlqv
zspH`@W+-N^+b7xZrt4S52VedVKhF6UHPb`kGyPW-YeDNX>iOai<?nNtH>6|DoH@9a
z>42#-X5+7Y2QdAM;qW`U6Sp5zAIOp*>Hy__*l*`=xURCpAG>#9&JSN>=-b^$0!RHU
z`KqgEsZ@JO0~$y<={^8dG`K{4i-G`u2TY($NQLPUlS1P*kpmjw)g(<R>dH{<a#fTu
z(+nwp?Gto>L#jM4(t-A+McdXx-ytKhdH)y;9{N71K?k6gjS0fe_+jaa&FDG&f3PS2
zx$!jnO-;FjrHdC}=wNSDv9&~M>`iRixB-o-8Di^izao?*jVF(vME_PjkV%drwP$%O
zVM`~86}kFEul|FvV#_F!;!VVeL49!X_--uu^Dx}r7$Ol>Q!6v1#9YV5jT_-=qmQl2
ze!<lT(X?{xB;IV+nba)ggfe#qsX(6rgYo;$k1=NaB#ao)69Im^uxzUznsgiXOenG?
zr?nZxt2G^_N|izNeImV-9P82mLta0TN~=$2&RmA5^f+{DQX3bK_##Vb0S9}Y)w5k;
zI!>S1g5S4QLkk-#S{a;-UF$X=%gY&ucKv~E$HURV;y97vzVuGjlH*UQR4SVz707jX
zW<|w8fj}7`pft0^`2YSFBSucdFmG>+{9rh0*_z<&o*me9;tZ5#rpO?dH^%nONK)1j
zKm9O;TysRBnWKW#Z?lkIvoZR0>-dbCX(p8ZzI(AS{ed)L%g#!o6^;9FCc+3y=pLTX
znN~5!*}wN<cRdr_zj_Aqf89>Om>qE}=ni@e^TxtqlQ3%H*BJA*7tZfok1f78F!y6t
z38s->NHw*hOc>iWg3pu*cxU2F{PLP7CJyOTuE%CIIR?)lsidaIp(miWpQnGM{xX9W
zYbeRgCi40PEL{5+9!wesS6d?-J#rQnb~RvaO5+Pj{vSu&#j<(xFyj3osA5;0_Ag=c
znoVdx3&GZ|T!z3q4`>4Ghn`+!+ovWeX-?n9&U@wUXS}?Zen|PXk>xj~RSO<K`M*d4
z0T}`Q9(b5%Z{Cv24I&XGA!{r%ilOevkXp4tj+BbaV)qjfwB+<*i>7GY-V<izKvz3)
z*(szd;P5HM3HokZ(}lc}v_NFoWgI?o1pcSbAUrY!14n&^$)iafO6pAmQwyk4qjBc!
z1=zXJvi)uz$b57UzK0Iu?4=;I?9m_XU2PC};U-=qTdzmAZot{|b+|fIm8zQZC=z#5
zl<3y&bvV?nkG4(g;@nX`9P&GcWQ8>b_j?1DRjZ>TEp4ykOyRxa?%@#S9dJ1Wt$Gb0
z16peYUA#?szlMjDw_C@~s8^khn8^mt!3Av_*TLB%e(<H)d5XRb2KS}>NJ8+&YaS$x
zlP=5slbM=`kQ)(ry?bv|CmXwaH?G3O&JCWese_}WN>7%~dv)neY6e;{XR5~0{rhmj
z-yacidKmq=5Bj!m1nOI1VP;4xN6+DQoB{qhd>HJ=_U*XeA+p5@fK6R@{IgpdS_Kyb
zr*_>@+b|yCbbn96K%a=+m8&<=sY_4TTjqVAxfLy7gYAPJKYlF56fNK~ajFs{z-^ub
zl1qJ05uekpwhMZ9a!1sSARO>LEPdP2>86<Q?{Cnqx+SS4-Ds6&4Yc(1A{)*m9HK=D
zX96yheP{<voAy1LIBME;o?^3A2oDRRXerUSed{J}-MWRFH}Arxb`$*Po2ls8j$Ci(
zo588JJ%TRy;pnlGxF2tV_ul;{67PoLv1u&~==T=dxjEv>F<%^__8dhk&p-Qm2HqmO
zuB_Aq1YNy>7GB*@*Up?I>y4p|y^G7YqwqS}pqg-lEJET5Q&Lh=p>2p`_7)dsxjON2
zk+`3zMvv~@X?1NTf`h3KYvTnMM~&G?;-e@!pM~x{d%=U;1}S3h;NZan@IMoPY_t0K
z>Kh+4BNG!tGYY4b{1B(lpNDf(4|M6?6{#_yI6_#RIUfekZUfNP$pRN|MxbN&UQk7a
zBH5xIx_UImgImE!v#O7-?oTfkk?X0;FNZ;7Oic2PL%Q5s&^3B03kMCME$Aw7P9RWB
z1bDubm=nUwnCN`bx{Id^W#vRDg^IBtRht=!zDWop&B&BQ$o%!P5Hi9W115Y5TXMsp
zow&n}iHSk2TD1!8e6;U-);7=lq);X_6V~N<)MQu3M$GcHS%e20;Om;0cswt>&eM7G
zDpI+mXO~b=e$T!`_oKQ#8{6Wr4V)sUt{jiBq@iu{*OCVt9uRG9Z6!%>{_|qL@+0u@
z;X^cN(4fTM7Tap_#M6i*_yr}6ZFa%!ub}($pUcx$sm-uNTRX8m9J?|qtCX0ShzAcI
zNMua53Cmv=ACHZVm2fT&G0vY~k@g7_4zH*27g_L~9QIC+qTtAHhi!@F{-@wOi++|T
zij0XhjYH4Ft?0S3W~qdUB_3?I#wx13pHc}k7PnUl1lXA^`I01w82usARMNx>1<q3%
z=e4F9oINi_;5eJyX~>PFEIJU5byt+c?n|^&QOFwK_dK%3=bp~HaEuGekMk@^()HPR
zafSBhP}*dzB+nr3ty~DmeL+c{isRYpGFa+D9EwtpJZ&`}S>t@llB^Y_o-gfM!bDfz
z!66H^Q(2KU?J`PxTi0iOZn->w@~ndYi6junkAM+1D0^xsW;{UWKUsu*`Rn2dLjGB%
zbcix%0>B;I^GF&8GEPn|W(>e0)Ky$sJ`iAam>`1X<6XRrT5vzW@1NCEA{7q-?k@{7
zA(8vr^b&`$D_$MT<6Vp!k2j^AN=(>Tz-UZ^@e@H~X;)F?SCJ85lE(9zl8`lie))cB
zwoDTQO(!8A<tsD`Pc;VWGQHCrm;V~m^84uMXvvUWJ|=!ECju%`6-7oyg5SAFuPy?-
z2#LP~R=JB*Gz6IFvKdKXZHW6~CUp@J5xJU;qLoy+uI7p2qeqV<+)6{btBp?SQ$X$9
z#dd{6fawmaxtWBQn9-LK0$eAiXRP|<KNNh5{yiaVd_0SG_1R^H)^XaA5;q*~c(?-(
z3JOBis#QyD%O>Y7e#;jEJkYTH2)}PO`Yr8FvwS_RsLk^b;P-BBZjPv^C~|fkDA{3g
z`xmKj1Xw~87Z-;rRjNpRW<hO;&+%d|wsqsamF>1(Rh)T&29q_$fJtmYxE1~up1wj5
zwx=<9<&Q{&jT)h(QYc4gNL-Cb8Q1FxRnt_EC2J~LCCY;|t3kM-XrypY9)OR@4T+6H
zxg#&_2KA&gvGp<#kZ1cm(C{E4(yNUCe-G8FRYO8Tf+StfBzHHW%@_PlaR14Ki&uRz
z;nf8%#@XK9URssS{VGeib-AzLnpCW_jGK{>k+jIk%*?Dzo?j5QiuFyrklM0Tjcw10
zD_vvh97Urd2d_^{=p-^&0_hzuIMA#M&5^j#9+Nkgw{cif1=$VcCu(#$H}N?h$Sued
zIj2{xQ^^IQl5Q0A?knjdi^nPi0Uk)LC@v`f=Oo&E!GOtah<}TM730jB3;zEq;w<A<
zFuEl>D+pW3@T;_U7niItASxnNDfFLXNV5GJQ!F{DXoKB+n9|D0;#e0k5oDJddDNZ~
zi32i8!p17m!dCxicS0|sk;%_4egy&oftQbfX!E+g1MPlNw>$D)C2-D*M``Sp8^Xqe
zx@;DzJsfMKCz?m)ZBBfxye%CNf65gCES=-<Nlf~*$r@LZk5PzpiOBJOQ4>qp^yt5W
z$XV`Jz%xN2f$WdRhzOg;Wdx~BC1O|962$ca0fB%(Kp-FxD1Qi)3&O@kjY3IFgFCCW
z<Z+fQm9!;2GD+j1nvcup<o)so@2giMnMTR)Dn9}&aWf~;d2tfwt)h>E30W>#<BaG8
z`(Vo^=WIqfHf(%YB!PfHKp-Fx5C~Kj1j+?rlfmQxnMG$D0+IZn(~fjRl9b3pJQD%d
zfHA4lUd6~)@;Q-SE&@!x^U<kNtq>D?maxgBUe27~e+GR4`Z<ns<>TU4ARrJB2nYlO
z0+j&)1rKzYGyt-pIB)YWhv4At7n#_tDibi4z_1s4eHxKvlE%7pjdNa2jdG&dNTjZ;
z3BrrSprV(>-%L7%3Sm37vPxXW(`!UE->Zt$p@zmL6u(mba>}X}B42@kKtLcM5D*Bw
zSOlb)&rH~OAT%M8#0KLmz0eS-Cu+yCtd=~yGWp`cST<B=H5aQ$xo#|RlZYEtjwNY)
z4HG=x7ODIo!0)9j-w7``P|^p%-)R0>g`Sd@Rg+3oPiFMx2NqEifq+0jARrJB2$To`
zNhNAbHbqQ|cnoBNao%RtQ`ru^lzqM=6E`kdQ#uXKR4FEF6t-1Tl`?7LL0i6t?<q@y
zkgtkjw*Um>@27xEN_;AdBzUY6<)rzm$&$;?rtjFu$WVkM(m*2q3IqfK0s(<QB|<<V
zY%)=jpNj{-l0|-$b1L31m(Tw>$#vm6vc!##usl#h=$>51XGE&p2=F^+)wuj^@YC`!
z7O3$GQ589R)F;P<ygF3-8oo{>fq+0jARrJB2vlSQ%GIKSf`H6RDoNT#7mGo;AjB%?
zIVNlhNgt|tKKUD9p_{_k2u3Cx>3~Rm7Ew5@>nbN2;;94z0s(=5K;TtDKoOIzj%K@~
zik5^bw4%MSlGRrxW@^bkP2S6qv@$WH{|2U}6q?F}HuKW^l9ep(76=Fg1Ofs9fxyc{
zK&e!6Y}aVTadrAGNv-tq>LN-O2<VJ}9z{sVPsjNCWoeqi*bqv|ajs@x=S;<g0s(=5
zKtLcM5GaQTaL6w;Ifg%Z^5ibX$dtH^0qV?sH0WhlL`hpY#8*@)9|G(qhX0o|F)>qR
zsUZ2H(aua_Y!pF(By4)@l$ZBK5(o$c1Ofs9fj|XDfXNyOBeE}Dy0mZn`0*PR@f6yz
zPjcLxKeJL-MUi^60zaFmdO1aaR~*ZcEJ{*E=3x>y%V(RW*(J58A%&%)54@x?@Jdog
zaj!r?ARrJB2nYm9iU5yeF)=aG+qP|6<?Zb~Cq6zt@&Ahe^^Q1HMU4Oe002ovPDHLk
FV1ll1Nn!v1

literal 0
HcmV?d00001

diff --git a/docs/installation/images/mac-password-prompt.png b/docs/installation/images/mac-password-prompt.png
new file mode 100644
index 0000000000000000000000000000000000000000..f29afe8b225d4c5c9c29c46d3042692184f6671a
GIT binary patch
literal 30903
zcmeFY<9B7j);%2Cwr%^w=-9SxJL!&X+dMHk$w@kP(y=<WZS=42z0Vl$Kk<IqWA6{U
zYSpY&bInmTD_TWK1{r|>0SpWbS@xTx8W<RO_rLcOIGBG=FDSWtFffE3TL}pjSqTX;
z6*p%qTL()puy4`nnXoGAr#Pd1{>}pM%xD5(1Tkb%WFZd(qGAH8aI$d4VM*V=8=`Bw
zFh@n1=+0rIL9alJ>7gOw;PgiXis67;8Zw!P9UAVSZ~5PQZT0+};(a}w`bm2n@Y<XG
z7dk}f7f$rNsU;Xkn3}6(5h{R1I5goe@eVjtS_n0mLxSW1F$oF6msTn2ZvzeQdRn{B
zz^&kPgiP99FtG5_yrFa#4i({epjW~-CTOs6iT#nuvJ!ZpxUOOxPt@H{_#<W4Q7Br)
zThdg1RrFrEV2BV=tCryaurWL?rP-sKIROjIG{<m*P_#q3GyosH1IxrP-R#8JSl*6R
z+H~qyIm+K{JDPF(=CuHR<!KK3?}efia@NNmg&Vhh>B%g)U&xdm$?8L5=qHu<UDlem
z+2n3GG}EZLR^Z+o!71t%Vsi^q$uBetoSB!n9MjFMHrKXRvDO9H-*i<Mm}cUVR*q#q
zC=VZf>r{MEPwx-&nBYtl-JRq#F1V}_&5o2?sF*n{XhyY3a3?7a0JO1?2b@;lto-&H
zt^JZJB%!AtaA>bXC-3hwN5kjt0+JVHjMUReSZ0sQVJG%eF223Cs6B)zx-$s!1ym??
z1_X;@eFNtpgEII9X_f@VAtsOnA#ei;K?Y9oKuB0LDlwtYl8-mQtDZ)QbE977;rxJe
zd%{FMYK618wLF6!5-rI8nAumUxWygi<xZ2agcKqVPH-?gv^oNo7YGmL=|N-lfdXLJ
z0O#B8PmXS>G{YRlF#(4Mo!f~bo<N$Lpwxu|Tp*l&A-?=DL5onrK+OO{5m1H^80Toj
zsDpehLUVxa7RBcSLkVSYA<Bb7-XZFQ0*2}rLH>bN7UeyGZ0KjhgEmKl+9gMj3~wca
z9K&k<enC!i0RAdbtOA9FN-ZAn4Q{+B{WnY%8pHRAq8}>U4~QN(T~M1L0>v^as9bQM
zAHBce6e5;P0INs^$egCmd{7DBaR&qV5NE>gcj{f}4Zul%obSrtFuw@@LGFu?K?|WH
z;~GM1lFo`^#fYFH8;`=%jmILR{syfU%SB#4W>`juFD`8Eg2xb%&@|F%`kieK4}}J?
zg`fpmJ)(MG(Hv-UW#-2=n02j#poME6?m67t=&B>^h0jB({~hoh@B<VBO1vCQ*mL0{
zNC<Twf!^J7t?tC`WbO>?6focfVy?sz_V3^7`7rhf3M0*q$lt!c0A9>rVqXMbgg<D%
zL-dE3D8rFap@oG#hG7h-4nPkOi;I}XRVi>$cVP@h8JMBC65g^kMf>Eg$`DajC*e_f
zt6|Znw<c)F)leH!1E@jTDk^MhE~+|3WGXtfDm5<RyItam1J=z9Ybh7<Mv@uH9Vv|C
z(+4sK&sYe<aeGp-Mc?T4>6g+b(~i@WV>F})r7|eAUE|Gunt}F+hk4~Bsnw~S%c<pl
z%2CTzra3Vp(_^Mjrv;|3P1L4Orq42X(<fG`XkKUxXmDt>R}pFcEaoVR(dJfv)IO{^
zswPnb)ve1*RgGvEGemZU`epg0uUAH>n^!e0sx2WbCDgXnBG=Z|%&I1;8Uu}hK}Mk5
zh~HB-OnL&2gqKv8;Fqxx1rZ%E%H}Q7^&`abi8%r}Mma*$5YqzF?>WY;CwgCcwt9lC
z1g!<O=B><axHhZ{TMdDl{@-L2M-?MW)r;KKj+<EO?5hcjyTzZAoN}+C3VMx-3cfif
zZdroJ19N&agKC1BzMwzFAZtP+Lw^;m?v(U1b_s0e7AUcn8yBMzo)N&{PavTZv=b)a
zv&WUhFB2}|12}2$Ipb5~W8?MXA{CJoj<V~xs@Z)V<hU$zDzdJ49JxPjM%ZGxH!PM-
zcz*r1XvF&&M=+x99`m!(H^Vpl6@Zury+AQ-Rwxxo?Qm+7ZKmtwyMfT|){LQZ*>aW_
zo`1+8&sS@vmC3!fz9F#DHPSU2VTEbevQ^Q4H0_YO2H)a6<&^)qxje_S`P6ucDX7_P
z(*5YA=yiR;e98ZG`1DLfhXRgbPeeexHPe(cnA;LOBOz0>FEpx{z?`t1mzO`J)TZ=f
zhGr&u#y`J1%Wlf$2<ONXw=Onuk|5KarO+_npd3hR_}8t)OWs}ZjE60gJ(KtO=8us#
zrFZ+g*s~LAmrTj1GRbB^M1jLB!Yr=Qh><}9rP1dW&Q|r-XwUY`>RVLc%uB$7=cD1_
z#zo`{^c(g|+k5Ss%zNgm2r3)G4(uWn6086W5Y7Q*045yj67J0Gw280IZrP>L{ibGz
zk^CTOEU7sOw>YDC?{|goP0x<6;4vWIS-_aDj~pqiX}~K2fM^|N9saiqtb;5-?Dcyl
zx)(Ylr5<H<vOHy?bb|D&q+_ffh9e1ctW&gVj4qZs@jd%8Ydc-Lpp)01noj-O_1o_+
zBTxb23IoYu$>Cp!-pm*J2c2}mb3caTh9_~ibxJ@~f#a{`a`J2P%G73<=9q~zL6(tC
zjH{Hgb!8ygK_cTBrx|-7Zbz2jnENsI?OW<*YHSMZ%hgBzM?cnVT1pyuXhV_04G%Zn
zqv+XaYh&v~>+QqpLl=^`wAqMmaSfZI54F08yRTK{m|Pm`*^JxtdO9}~3OZ@BXv%Pk
zbTxrp(7MG@b9{4wL*m8Vh4Q3XM!p`f*`TwBd6dK2T`AZ}^lFxojggO0Pm2I((9vw2
z{#^5;ws=XlR(~0<VO)QqgU7{jNnpOK)w8d@!_c_(YcOIJS<%<e*Z$s*7sjb>Tzd-l
z*xS)<!(#__3iUhbI<KI^R?DkDc*l-av7@Q%?h11rGjDL~d(*?{ZT-0ZMhCy+Mjvs9
zVdrN*$}F*_6ob@HDUjgtWgTk;E-qH^YMaMOd<s7`tXHbnq?dPQL<Y|l`&vuj>`HT5
z^ZTLjp{Kv+v(whQE2;N({-@EqJ?aTDozTr8ZND-qDhx?o16wT}f0$re;K|``)?mE|
zXE0E>B(UsetV7P!(pyt<Dc$b)?5wm)reo<BcXLj^d2E6w(X-%|j=iCOV}h2p4@6#4
zzR#ol9xJL+M4kixu#l$z`oqH(=OQQcqe`ICr;CJ~gtvKs`SIFL3$vn=qIFQ)YujDk
z?$5jXv*Qj!GQ+WMwjlQBy>Bg5z9$%e)to2iGiWpSS+={IcjVrel4@5PpbfhJoNfBu
zcD+Bk^BOqkfyR5*TqaMo0&~qbvbTwX1sARsje<8`z04!!Wz>)V%piITT^n?rdq1xO
zmO=W@$J^HdXrDW#D<#0I$Ul*giSwkOz`ReNi}Cf!)k^5uw8C_ul|ZB0?%`|CO{L9a
z{|~=)BgtN$`N`A3&&Y$shCp9ddRF;2<hNSb3)mTC7$mPAy_cHnwv)$Im9IjE;HyCM
zucHTJqu@5=QRHV3b{}zY$02C>eFD{8xHT>;QHXRJkN92ZM)q8N$@=JcnYGFIZ8Rfr
zIGFj<>bCyWf9$z(AAf(JqCE>>3ytQ{KRyoDQwtS>k?04zsGW*cDRf^}L|-T(yL0U`
zp{+atA0o#JR<Z(t7UP%pdBR~Rcvw%%q@IQwLQHgUUYJ59xT?HFQ96V9ZX56cA_04$
z0qcz(9UXm&PYf1}<9UY*IjW;?5GE&jgHa#)tyaG1d57E|d`23@f`D|mA65zmCJH7i
zDW>5Aei4XhqOsKWlxcBC6$%Cp{v%|p6kJRyfP08w!wieN_50HIG<(F|_K#taHi~kF
z3<}{FR%~Zzz1W{>w$VnDr7#Zh%w^xD^r8upc`?X-fra+aj8na?tRG*ba;9cm+!gGs
zv+=)QjIP@UA5VQ*iD<)xyc7WZy|&xzSKLAV&tEx%yC)K+#pH0sh$pOuOTqg_(Cc4|
z#WP(k@Aaa&GLy~F+?Uk1dYKiNydqNS0xgn>cY%YyKfY5(l99o|K`=`d^{$oUta|Os
z6vz-B(Z+i>b{JgyD{YIi)XwV=+9tMCZ;B>V$H`<r^;q?MmROu{c~;c}fx_;~zE95k
zBZ=>)ulL8S5ksS+sBd*UExZ(zlns^NI_>{d)z+)0!@=)fJSZD0is1f|TU@H{!&!Zs
zkpQ2t_hy>hctu#4Ro46k6NAz*sbWhI(?)B%V{O>B5EQtyE61|wW9->u01YlCigv;T
z<>7xAxb$}76?@%gZ0t!8tesJPpvHNs+-u0fTS?OFc-b`J+`VF{cM7^cgYsxQZhNn9
zc68%TY&7`7#leA*$$~rt-l56_SsnzE!#<I|NX)(zJa;n~$Tb49<gTRL^x$xZPA~pm
zm|m<XG5&h?>TB>Ju4o|lv{F3tjYfQOsl)v19KGPFshv`M-NsZKfS_`?3KWR{zxZsR
zJoL*O41x@!>Rlfw&^Ciy1-c8b1NoV?y>0m7QSOzlYx5T!o6|>S2pvyN)i)3p4%hB{
z7ZdmDThm7FHU<@cCZi|2;0XT3b31y-F0s>ow5&@5ndRwza{8Nj^#SW9O3By)h-QQ@
zd&Z~V3l?4x)OR(y6g5EGShH_8f0y}?3zl__+Y|~>lPNUU1d{(REK#V7%e2To^k(x%
zjc(0tq1vYfWBrOl4%)_je{8GS2D5<H$oRI&_D-0$th>5cX6DG#r<~6%KmF&l(Jd!;
zy(4s)u>CYh?h|v(fm#X%gL0lPm*F-Q7M)STUOyEFU4loBIa{_%_@7AB8^FZr*>qLx
zj_|d6-m?zys>$WYod7S9A7#XmwO#62G6eae!0#ddQqBVlVllzDLt^Xs=}ErY(th><
z&{5i@*ij3#^leQJS{GKbAK!Ue>Lya|f9ekTjBk6!F;3zdM%Dw*CE?;;8C5k@C$3>A
zqnxS*hG^>EYyY5L%}B75+lvPad<2H`Hu-LEEclPz%ujX)_zU+1rS2?3lKblQ_O9Ri
zhMhJ~LlGeQ``sc!{EOxHE}YATMZ0~MLt=X@<mF{%{pP~yQu;t(JW#h;0sm~P5J?jY
zkz;H`B8ZY#3%_^XWpk<-RLYFPM#;o42hFOIhNoA*2SoOC@sko_T2nToUSQIJf65qj
zH8Sl5({R&!i#*^xDd3@*T$Dl2EA-eZdX=T={~rkaP@VNob)O5^cj-!P@keMCa@OsC
zGq!6%9h37x#+Dm{OeypD4@>&(&mg7Bh6<+)hkC}tmWd)ZSoVVCa3>GcS?$9%gI+uE
z8hcx5o4$mW)O-qcLYJ*)y><X9X2apwHdp}T{G<f7Mmo>EePEB;(n>$mSb@?zU~CDP
z*unM_7YYhotcVk>5k1uD2Q&ASm-^=Ulf1E~;CM0*zLwG5Nix$CiJEZl8C&{{VBs?e
z!x1LuP%mug?$SL@u4v*Hw68#}!7yYyRD9c97qPV|w<ottRZI?cliW>jB^)CqW67g6
z1Z5v~CA3Rc{2vb&^A#AVvBRvHZN9pM6>X^uVULyDr`qMU_X%6RI`E%%fe%Y83LpOi
zhYErRq7k=tgA==AgCX!x^zyhi!}QrbD_go_7a6Dpk&ATq=Gmpt03`=p4&4*-sPvbL
z;|bL8$~T&P@V4}&$+r8Mu&#Hu<_hyxHPB|P{Vo01T;8vqCiput!TPA)oN<7k1J+UC
z>^MQ#+Js#kXqqAp)_StkLQi=?u3V_=E}-=Dt!5DGx0mmFLxWt(2l{`p!bJP+Sl8Q(
zaM00VuI2CO+%nd%&chi9*_R=6N|2OS4_P{~+p5>TIoqsgJ<dD%_&f2jZCvAR<I3|`
zYI3i37}M$}4sX^Sb0A&)vTEk(&cFp#C3G!R7llCSGbmdJalv=vz>aa!2pqK!M5fe0
znufoXX7uFa+!qA*6luw-^nc(GKs-Gqr>R_Kf{<HB-|un{hF-a<>H5~9&YluC^yPUn
zOUK8gooZmqCmY-PpV0Z8WZH-hkBu^!6BE>ZayaUmd&HJs`3&Ac4Ga@-7Hc1~s`}d7
zE$ST83QylJf^dLX>e2BcPyUCMTsV*$^W2m6XT^6meZ6n!7Au1VLljK<MS%KcT^Zh}
zQn+*6FeNJOe*}#NC4dj^uV1clyCm%w?n+V%pfuZkGVDm+ax7lj+OY5`Yf2`$FY92U
z&b+JP;7%qGNA@J71h6_}t7GA=d6=q3kiFG@Y9%q~AX~e=CgiN=yv5{31IFSlZFsE7
z8G=C?*w!3PfEgt(FOk@r-eWc|lHEtCDh_TN>4~>KgqJsc46{Dl^=nmLxh>HG9MiK>
zV+3NR|BH+Oyf)vi4%E_7ER3abS<f7Ax1m$OJk=fefMY&<9^j$bm5h{8`KS>jm}mo<
zZvJ>gxjfXhwEdjoXzhJ!*UhZ;+^zjF+rNmOVbV=OrDCme`?e+LaDNiePWGfHm$Msi
zE#_c!x>OHD+g|-_Z$*AMD)SO`w7nE{X>8~*NSJj2X6o`5-nP39G5)K!-$f%Sb}9oM
zG+^y!JDFQLVrv}lGlnk<01EHZPbwX;1{r`p3SQ3Ar+2&i`lqzR90A|7(eI%A<>F))
zW^F^opCfD)-ZZ_|p?X!B#)!>nEt&?SzS>joTh__FQ4@<|0Id2%wP~+?W`%Qe#1%hX
zv8}b!UNM6F)kq;?>i<Io8~nO`s*vN!Yig==LrC!Sb?V9xX1hg**eO#n$iMQ(q)M2z
z^Y-PbZd@SWLM24Is3DDE`d7REG^QVQ#mw-tT_^(V3ngVa7h((iBABZ%s)+VTEk+)V
z%5m|JdZC$XReIJ?5&@kUKk5?wL|D1I`hYH`nUc>ZKbNe}t*c|9y?@m6ud35Qc@PdC
zu6_Qi1YR+pTeke5)4KNGJ<m3b^a`m_N)780%!wBI2UZ#8hrA0mugC-02dlTkzy^fY
zaqjCSsZ4vL`d67Q?ZXovxw^^2T6XKv@~Xchn%GnLe4LnBGj-RV{b>g9rHq3AYVqZP
z<+K0jEyzntKtEe6ul>6y_><hpzZ!p~nD1fmqZaj53*c$ijr5OdW@;D4HUFhFRA_>v
zXouL_gyqI(K*L7e$OqBrj36tt?$E*E@qw1#CdpZ|0)H3tG6xs=sSCBlv88L5we>{P
zSnB=-K>XfloO^P<S(o;51t4fhvK^@x-Ymm7rG1?!X9M}GKx;G`2jgX#f|+yXea{d)
zU50T7(kGz<t0M`RS+ie<mSOr=2i>akv*0sm;z5b#`G3R+4+UYn;6Zp=DvrFa!5L4(
zwrRjSX6N=JJpt3E_jfet+OrciQ0PFVC;!Bw9p<vbd-K%Dk)Z=K^^h0w@oLSs7zZs)
zsii7mKjxK+lMuf-Mb1{g9KcX+Z>qh1#k<c8IN7>dS<CIQ%YL()HCdSU(|Ka^*ZaR}
zsS0=UBxn57pxgMoc!TkuMguqa30QWlnQdQVS$J^w^VgeH?$QnNUuzFw(AoBXJmQ=A
zp+42+rmS>Ybq;K>!pGsA0}cMmZ8bv&e2*SrtK9>A!JuarFwC&gFz>0QS&t-=-ejs+
z*1uCp8D5AO(iCyw(4WR`Bwtah=%)uS|L=zsrT@-LyL8c-BWZ^xO>(Ow?vmC9w9k0+
zxw&%f`oD^QJs``<*s#{C|D3nHENx%VG~ki<ykrD3n%zY(8ooxUnTKB+?$VRF4NUq+
zaT(k46`xx4jyT1PCWek65mcHEL^jV`&5ZQXH0Rlh$sIPveCANY0y+Bz&hdRVe*%52
zTZI2=hhn&@_OUH#)zhb^YB56T+b5-PKz(^9{p?ouoU7LRxMOVt&uZ=T5-}trX{NKj
zcR$rZ{f}o5%SPAwx&5;{L~lo=Z6ICTp+Eu=|G+o_pS+mARf9%`8PimI%?QG?oO9pO
z9rw#JsKS)9Nkq4IOm6a6NUs3pzV|KVoLT+6;+}_Ey)w1-zZ(8BKE#`FS>t{9jcX}_
zd&%pJXRh0!7Rd9xDYN_|-Ua^nnQ;N*YOvJutTvHKfNtp2113p<HuHZ!|3?TtqOob2
zdjUXF=Km%0f6J511S;$TB0>)1zoY%9+BE-tcb%nTg8r+>(V!rtMaNi7s;G+p8^L!`
zZ7I<)V68C!oc@2N=>Kov|1cl|uS6OM15U_wGSsSS8pfl|H?+5Bd_^#bh@YY1qbH1w
z!AVL<!xTT2r2HR{GUUGx$AC382<4WCRdqlyNlB=Z(h@XWT=^lK=$jiCGAgL68aoXw
zc66<hx*m+-;c__lFfx|*Tr^`Dkgi(7f142t6OCFptwW>;{HWRU>UO;ffEOn=JweBf
z3=7+WLqrrKwpZR1xLTv{>sl^euG6%!fqOl7`TBs)6VXQM=tj5&nEi-+FnGTmKrN6a
zkv183#-X5}V1)vg>WqoqVe%YA&kYH>1&6z5_&brBdoxDa0Jb6$cZ|CgzZxRvC^Yw_
z$htG9jY6^C_iqae30{=8n@^h^A-~*3a=6r3e6rQ`vQhxB-tO64JN9L@za=WV(F<Fq
za_@2;^8BlNBH#0xVPf=ePg?k;jI#N~BJEA8^MfskR(^S>F7QpbUL@*ExEH0IHuT}R
zaI_=xHR{3wB-s7JGS|Y$(p%-{mieeC+F*2B1q4bVbLtZ(6C)dHb=yY`)u`$Z4rXyB
z;S(UpbV4RHvQdcUWKbQQ&jFMU0mcU37b<6escMBnr7XPyA^hFkqAo%ZywBU#I)ovs
z5$}>74zwI{1zEsC3l6&(XUGK;+p^=VA;yTmrNpHAj!|ZJ6#7@JS!j1T1AwxIU{uWg
zp^h!TQ)rKXe6~xcucBB^VmU|qSB6nRC^Dx2ofG1<i}$1bib>wB!6zTo9K&d@ag~@3
z4mB}j^g}rsp_n)xpV4(GO%d^>XZq2)kVGzC1BY5?AnL9m-x&HuSD}DA4*O;ox$Vgz
z7w>V!?mscB;#^-c5FU#w@3Lz~Kf%cGYcQ9ao4ZE9RMHK7mrEO$IQojqV_XuKkWj+i
z&+}xN8AjXClUgZ{ZeU#f_&0Ac>?7Ks05;4gVH}JpAz#NN^lz2=2G~O{RaBM<P8tDV
zUkZDbzXzml2w?=@tkBoQvw{=|cjDrvG&XUduBa^XD})lY8Q4WdIdNIh6?%4Ln3SGs
zR=OY8E#{imY{|lNN>0RoSH#d)jI^C~l420%nua?fFcaj6<y}Kd9$6*LC;(%RkofD+
z>vy+Zro&6_I|)}p?zO<V8EAV@nk2Eh%GtLIhdI#MBPe*KVvBS;D}N}`mx&$U`SKH!
zhU#~R+22ZO^m?Ds)`Z^4#irhd>0xWpyMQ`F{RAiU<0ii|hl9q|GGCp)llrQfFmWW<
zJIdmZM$&WsYdn6h85lyvVjzP1w0j~9zvq#i(9A*2!-_3~D2nz$nS|Yi*{5QYYhfZj
zpCp3jQaT~6sC`<cDrHks^4^y{Iuv4oxY=h?$^K*5#_M0IIo;i&AOOK~UA<V}B#Xp#
zZ|3geshLz-|J^sAF-N~Q4<>`;aO~{UlgzAdgWjh)`TnaKO?VqEIFx|U2zt!-ITt4Z
zoQ4hAc>2cR1+zawy!z#nzSNKlxK85qn?GZ`QtM9B+DS3^l_xyvR@0OhakB(_0Ei3f
z7<3KGmVL={o_LH$W#%(`yiJ0<i1cOZZ)YDc;;4TQsTFdc=)T;t+Q1RKd!wfwupZ83
z?%t?P{EqCfuy_|EnmVtKen#}<W!@4GSQ?74djV%8-yRg|CO5wiFJLCQ%&G~o2MSau
z8%J#pOS^f`d08kak3R6%x;~6;-<;&}`&iKL@3!AHjOoSm)6>wLA~v;D8Npij)5Pox
zJWEXE4eNXki2Jd)Hy*N4UY>sJUU?l6cB%s~-ybF3@^Bkle*gNV4zW4Mws$9UWHM9A
zS{xE%Gwr`a*fFow2m2@h8&TZ%EWP6BXN41^Lx);?c6_V>zS``AG7o>v`^-C3Tm2ll
ze_VF|{9}6s%L2Fx^=MO_H++gpDX&R|n%c)r96UDebd&Ij8h-1|X7c$*$w9ZiFI76*
z-AE@={IO=y+!EAqs(a>tib`5;L>Y{c;xs_)U1lbJX828+6Qcs~!Ca<<hZ^uAK=Kzn
zu+JS)5q?;w<M%JO$t}=BV15EWqPEFqi~?2FGe_vnc=&6Zs;^#+HYEeBl*aEA!?{!U
zla&tEx2My1H*IWW!!A{iGp?sA!6=EyM77xqsOdrM($*e`V-_Pxc4T>@qHxAz`3V<b
zE0Wal%s#~HEG};8i3NHBIyecR2bN3%i45}e#;t)7)8n0=I;F?kALv@`)ivc|!$1^%
zUw)mRbeORyPortARBH67h&E2-g}p+N+aJ(0)+{nccS3c#-3a$7_l*HpQ~|WLU<pov
z#VPL82q9wH9{Yv$J{Av>OcN9RX|I!wR>J{QxCbV4QyLc6&Z{o|D}Qe)!tq4-G5Mj#
zvv`9^=F?bs&Dn#q|4_eJdyzC}&W;RKXB$wxjdFiv>jXNXBAZ+7Qzb5BT#Y2sOiOE#
z+#J+!>#zqSxHaRD9oA$5dR^pDWq6U=7#0yFWD<vOdVd`|Ta&ZWBDz;94Z3~l60Rfu
zIC*wdnvv`I0*Vd2xA!J65uA;m24eeZ<csqlV_OINB)qq4eMw~_st5$Ze2&m&c3`BE
zY!(G^717~t%VkG9)Tqp-A;qy8CP2$;&%2M0;8G*A-$(n~3LhmXXm-+;TauZ}aoja$
zn$2@BB-vAHYAQcQMxeJ;qpbNax_H@dLHeN+>@A<`)NcLo1FWrZMZ|-6RUsoOGPZ8>
z>J%<0+TBUt(d18GZ|*0@Y5#o;TxVJ@2;S4bJw2So^4@;&c>{lOKLpL$N7Liqvr$)r
z>Bd@_JxnqA^%0$H6mF||$$ldgfe75&Coti*n;Nq^ITpQAr(|~o52od8w3|k-pu#2d
zKQ;I`34Vz*252q6%N0iwyc;$7f%Eg$cy!5q72|}@tvu5ZoxXqWb&ot(y9gcuEtt$*
zqzW0{dgq@_4k@M#TM_Z^IpCntgw<VV5e3uBMhbFSYHE!L+ZDuAQq`?HWmXVx0sd&&
zKNoK-=WJ<}@&$e%N*ZY{X|~Qc$5iau&9%s&8t|XE4K1jY|2R7H;ikbfx7Ed0!o)8C
z1gnm_Ec`K|uAiwZNzdt#bKeP>wDIA>*)%IrP5qte=Tpg6B+^#azn4-lv?Vev1%XoP
zJ>a9l8S+VMi0AcGR7{@itJ%@tY5nDAU`+C(c(CDD(vYst-eO;}1gN{!vccpw&UDd*
z@AmWY-1YdCA+8sI519Q+7+lILl-PSu&4u-+%AItCkyE>d>V8=$J}wt_=j4zjr4M8B
zbdu{Dbwv+Rr-ErM?$~<MV$*+O3DTlW=@y<_Wc(IaZqW5SpR>{H9~a`YB~j4-ev+0(
zmK|<U&ZC$w*)m-Jd^y~MJvlds2|OC3vEj2Gt-WVs+5$hGkrT>jfzxdOMM`a7{qQzs
z_v>V|`U58O$SzNeLuz`Yte+CQVihlT8i$TIb^o1u@xA!P{MwRnZzPV}$9ip3<47p(
z8>#K|z0QEbY|>&xCvIIXWO;uYw$J+^EF3Oxihrfq`h-wVXA@Yp2C!p+&KHTYeFqRF
zr(hRF2!gda_1~$d+vJTgRlim|^Nx;6shVT{1xrdiGS-Y*kFn+Zm($`w&;n_?e7e64
zz8&|w8u!;%+TN@@F1;?ky_f0jro_qU5+DjcPwrZUhKEStyDsbXuf7)N3TsY;L=kz!
zfo~u6@W-Gnc3u`Pi9XKM?SXZ|Sagv$D}#l|ts>NuW6WvQ^A(N%P-fF;W214!{KD}w
zgJ(qHbux6SvGU$Zg&9H{&YEw-j`1)jo5lMEgX3K)Dn)eA`<b`HaC^tCs2Wp0XUx{;
zPdc5P_)q*y^4g|rf5wNqS{GPppI%vFoyNWrxhicOC4Gdqhf75&sRPL}ubAiroOFXu
z7qR;01890k*1ot1Uf3eR`l*M@w~!pabw8C*R-2%!n>oz14h+xZS#=v?W`}ACit!Wa
zuoVDL!un4RzGzVlzsCn=;17vZwTSFk_BRtOR81AsBc?}&-p}9iI<9Y-S=~a2EwqG?
z972B^&CcbJ<l~?}QP>PD!(BZki$7N1eGakT4*56Y5Fhp!`c*kE-Ok`yI*unNM{(0v
za>#A7?vq4HTC6Ep<P{{YYF>TJp46CT%L=mb0p{cSFNb(RW(70lj2hx1E_4%Lf`7+f
zx3wil`7wZfkes3xna?~tj?qKiACLu6dxSj<@t?wfR#F=@ikr0KR6*TBe(5iWs;ZVq
z`Q`EWb{Ux=2jl8h;GA%akyR0$xwGW2>#A0e`$geA+fY@Z&(9-oDI4?8Mc_{LzNi88
zRuQj5jn&U1+>k5m1&f2L?YoKtSzG&M^jYk5gu2%s@C{u`jHmeOguUwVeIlQV7)m2U
zxzQ)9!ziQ78X7o&E;+q9<jhx45vk%?2MLG-xv`{!%;l5FCA@GXLOVzbYX4Y@lPmPG
zH-qOERDuf{u5B(I+39~BUu>BgEaY_<*y$s<z8FlEPR4mxP^>VyNQb!`rirI^gG&Bu
zYrteL1DZ+^yvNWO%<B1dU}nn?B;ttr78Ak3Xy{S^P%d<rlrFC-M}{#iyM3`wVWY8?
zq?FV~rGNg@>$ZeOwatdJ*)63mp;eC4Zoov}KTbgldOx%yx#q~}>()6_Lo_~f_bzb$
z-N<;6Po$nKhjp<YS+Jrkc0~*8vXe@zBQY4Vh+uw2NeGApr;OibFNby}7%YIsUwxA$
z&zk}1h>Hk8x~a~c*wYv^U4k7li|=j`>-1S6BNq!tF;Y0Hb!y{;xC=h-N_Na;^<84-
z*l)(x+aJ{$=ptt9E<`MFl3-j)j-n^Cw{P1em}WJF1!JS(EO2OEyN)DY7Zo%GR}zRM
zB*cU^)s225B(`4^IIiy~t~kl-zLl#8F1e@cAIk5-VtDy;ETb8j?)>!kTmoCG<O}Ah
za_Jfzd$6<Z3}7RvS%}B;xRoS+Tk2FvO8X!f7U5+(gkg&sOp340Nk@h#uYI@L8sF$}
z$ou%ELGN;Z^ZY?UnfXrjc+d*A@h&b#0<htPHy>s(`LxN|$<`p@Vg8lU;Wg(y6m9TG
zLg020T>s1s79bakQd(35_8yz_qPB|2_PKwZ4-C-F=4|>V_7e#+;v~m)v6AnEtGDs0
zg!LrBkZGVg(Ba|T3Agypqh3Tz%1db-aizstnV_QV5=ygmy*cb?$3|5aA6fQpoNg|8
z7mxRd@nrM+mbUl0Ptc&JcBym2RqJZG-Z&E@>nQ%Q@7dwcXvuT5ZANfw+gu41K5m%n
zdReMJqyVW{Km`T&KJ|r=T9`Y_{UlpWpWWi0^br87%5Jpvx}P%we@q}Wsp&#Yq5hz2
zvO?v<%z1-)o3^V{tZ2wj{6zD|u5I&MN?!A`scfIGR6F}`VJ*JLj~JGlU9;B|pOvO+
z6B>2C*PH|s2VVr;e1-9elz(2JV|o+<B5}$c)@QH3dlew%ddzw+5rv`W#?g21UeNm;
z{dN;-7^D&Y=AL?Rmtht_!5o6mKWDJGlRXo39RHr~J+0P-WidT8H8t!LiUY4uVZ3os
z5p3QGsNH>jCenK$@!5Zx!5wKQQZWXtU5iOL5~9K%fT9T!x{q$-l6Rf(01$&fkm`1g
z>A5}TnR8pi?K3S7J*st8*<_{C@ZOTHj!<eP*qAEo-vagrmNl1U4p7tjP^=lmQewMM
zdhYjLz6btxXWe*O9JaxvmcMu!;71#{V8W3+!r#-<u!QnHe@>iUCz6acjmjW*FYUuR
zN{?I`>3bot-RHdD48-7`2u$O>jAeZ<)A{_-bb8$l>H+Sd5;X4{5jS*RY+Q3_%ws&u
z5%l(mf*RZiB9O|dH^>(qXyZFE*xA{cM>0C_3_jC$qsp1#HMy|##Po3{Y?w;3a5}>l
z7^X?M{%R{7b{V8Ivy>j<PfHsj+T2Ki`^m_dPUWpMQT)i+>p9HgvE|^f4VPA14>%A`
ztr&B9$#1byD+v4DFi_`>TEucnsFR+o0M6f9WR79QA`snbQJTzuRK~4?@@bzCw07G3
zDkrG*8u=$nm$5O!KM{IOhm9BWqg2pwi{ay1*{QkwD%NI}bh^FMk5!xAZq>Uf-p^h3
z0b8HTougvrFm#HGY2yQ_lljg|b<m0Tv65k-1gmXqSm6LUxpaHwrqPUEj*Sv>Wz=7m
z^Sn#~bbszLlrT6+>Nt{$kDtYE4s+C?6RUaOX2O^rIZEiQJpkqKr(HVPN@>~ctls6B
z0-2E~_`9?J#{|#ti$98R8qxvaW@MV5tX%UtRL0VgS9npqNwJTYOCyVCIxQ_iU;6i;
zGLd3SX+-YxCOnBq#ncYXb|Ja9NO(PC)(t{qfLMjzud-fJ!s8-R#A2f*GU~c7%lnZD
zpHYZKRt9(x{l8@?ohcEAw95J+om^kNbG%N+mCLBIy&dLDSi%Y4%<D{5yc3<NV{cvj
za^>nq2O6RNNL&MVD@@K-FaUQ|xd-k#T{hMHyl+%qObVKmvWllmDk>}R@Hv<oGwO*o
z2&Q;kMIy;6{4uNsL-+&(OqE;O@XSPb!X9KS=llDWMu?3p<*z@3uU^yqqCn^}?q05&
z=B~Qp%8TI<`>_L<E{j^FBFxdKR-^B}a;Jm-D`uaLX-%5HH1!nRjZ~u&EfMTPOGzx6
z)>m+Kd=)cAW236H{|%Lcd9C}HxzFdX(m_ujqO&!Nn(+?xPgpklINlB4<GVoPoIX8f
z9a%YljD`;@mWZE-jW;t`1x|x8jxviwz1MlY;?)Hn2E>;fk`4iNb}9kocD6c^eX!G-
zt<&3t^`e;9sF&o7N2-uHwGOv}4Y3FZa))#MQV+uK+Z{*h3i|u|EJGQ{8@IcKMl>a?
zMVH>rrW*tB(sRIoDcLg3RWA9C`Ws6m?*%)r^%Z>OYfH$LWj}7ZqJ7Bk5f=$Wg3&`_
zKhTu)Aq=>p1D=Q+X^Wugu@@&1D#=IKOQl=s1qw;|AZXDYNY@FM^Mgn{uSp~dN%(@B
zAVw2OMxttgMdA76j(Qbv_99ST4c~qZNmYEbV)NasLmEl&PSfRTVfH2okjO{>xnQ9;
zN8U2}!y{9*b{J!fX2S_(V=q0h6J5c##rGG+F^@OWkd7sP@6JZp<2+f!G!Hewo)hq0
zMFs4K@?`^ep}+1SP*We)2h{)@*;;F%(aOdqYh6;<?q!EZdoO14J+y-_Oa(un86k6A
zCLw%*-MnqcRiT-k%YhDPPsV08f#LuPk0>qmH}#oE<A&NWn<kdH!945V?0(-~^)E|`
zC^2I{U|iXID;wgu&Ti9@8K;AL5hwG4@;Y!D9zJt15T=0tG;>r8SX5zJ>%zv~1+ksU
zOM4)tBf}eyc`D$|&NjKHRu`-jPzdBGo4W&qv~i`Z{QQQWZQP|wqQ~~kO0oNs*~u1F
ze0#iEshA)%gzD!#;Mdyt&n{`%+PB%_)KfVeHKmy%;&Vj{+f!)W{v8g9hHP!H2N~(f
z2&Ig?MxVni3H*#J(kU9q{l$2yt_Wb{eZ1+c9M(FmvCS1lVy3ZWU8%M9PMgbsG3p$E
z%;?$eN$^i=?F)TGr~S{dU<jFuEg2e?h4yeR;M`6{0&4JB>#pLOO@_`<tmyEP{gO8g
zk65-@LL6Pm>c^_u_gsgA+urV|8y7uff)leh`F*J*z5g{sPl<*#nDwXBEY^eD<0I3`
z7#3X#?lZOw<av2WVH3rbHkRP;*2*HCZoF$&dt8QCKZf=HMNss!T-|<fL{lQl<7GnM
z_*5x5$uy<yQv*q}mifF&l4Piia_Gd^G2XYlSi?1w2EyTkBVVb_7}PRm4ZViOs6Ru;
zP*Hw<xjUu)wNS~*!$d?xgNS(Q02pXgn<J50x5UB4R{K18AmdcgCI3c#j_-WcLEG{{
zw4MB>3mq$iW+MT$o+z7BTqeeyCU%dQY(yM<Vhl%m^+ySqakycb3Qvx*V7FR26nsi%
zqGLMNzwufbs1<|UWaK{0o%NREnv^mtS&zVlTz(Ybq{GLCd_<syuSd-nGBvCt@<>p#
z{anAlmKGlVT__-^eZV@%@gw6AllDJ{8~^DwG>U>p%B3sV(n3peF#*7ICc>b$RKqde
z#1gR1)c}LcAd{<QDAcibm4NK}#u|xi#Zv)8nD%&_GjYyZ*x<6IaM?#?%x@FUd}xYG
zVp`Yz<W1&Y8lh9I!940sk1P>*TB9B0k2>!^%lI;}(HM3V_M72AEKe8(*=srL*v~K1
z7OxNReSo(|X}=P;*nDgJXi<3{0iqWj4x!n6Da#ybzE)c!o};}ZV$q%J8_N(=AEdt*
z5Q0PaZ2N>R7ht~#R<+`SM`?{Tmo1?Nj<3xfC$Cf}3>$k|*K=ACx`M^Q)wLnSlyOM1
z)jKn|!+_d<c*S}|=k|p>;Z`SNp3BU>ce=txn{Ga4Zr-kcg7ll;qK*f=_C9uZiq^cK
z;#QYusB2f^FMuaFLg#0~PYW(ysom6XFfPYrj4RKLq$}BqjIX>W)oNUCqs{=|K|%bT
zI$kP!0@!lXHQaV0Esj_(V8x4v1#s(BH^Ohb_ebW^Ts*&y3#n<_xK<>me^Q%|ALNgI
zpt;w6$CGyo(sl}9EbT#|ryAAhiAnVeDzr$f2vki~6w~~Z*ek|Efm9u3cDJoVeQ^XN
zXP9)S<1Nq{2vpTJp(A!WoISCDAiiGc1Xr2eWz(9+E8&bRgWv$#;bl&dpHEGm)(JJA
zz%_H$D3uoS-O&@#3>@yaj3^h_;~5w>A;=#k!>{BWX8GOQyQpQy<EJ@J>D1O{OA8V5
zPL02Ft=%vaw&Y7&hY-kYdUxO8#vQ1io^qvGETEmMad@21zH$x8wdm(^H2ia)=je+b
z>(Au!O5|hb@IP8vtd9?1oH-2?Ri^*0teo=`fHCv9E}claxbA4m@1<}s5*=|E$2*%x
z{;LMsOl-!bBl`W9gZ0$|<*caq#4_TEQ~(R$U^q#{!I$%D>hKS&D}?Ub4YiN2_X^eZ
zI7^-GGg*Pwv?;~%gprDYqo+2|VyeDa5ivR(O7s3!x~#(px?vAVil1JMJ?^s85^DLU
zrv}`3<-CUOMY*paLaqAlrB*9FAI|m*IXBM1>Iq%G@TsYX$96^LIdVvEJ6^1D5TyNh
z6;&I{1Q^}1Js(kp1YOF=&;v1{HbDGH#wh3)A5_l0U1hv{1@l_W3J&Ygr1OPnM2tan
zA68P}aqqZJpBM6S?<0bhQbE)~)7wdV@E#p8n(^LX(Z%|s#nj^yBLUt9(eQ}g3UGA!
zkKnhy-H9k#++k@U)Z^ePO$fqUkE;z!5{*e|Aw!Y~eq$@Z_Kc>L*{=wG#Bb=6$$@=;
zKofr^+9G*sewW3y`RpGK>pZQ4Gua;~SX)MUq7VltD&haiPmj?#W)UhZ7jN{vw%6%&
z!GCh%Dcrc%$J(t$Y8R1MEuzg9U;i+^cUf`7bh)&7gBF|F{%sqmr3_hye11Bh=zy4D
zFk>td)?!22emb@GcVu_(a|&>fk_>e0I(?}k&uV+o{nKz(81ZwKW$=$+#Ho%Yz6oo7
z^~;^T?$JFj63hxMn^JLOf~<%?`mM*nm%7GmNBhy9-e>a~XOuA-90rs?_(jcxQfb8<
zl&6FeMQa5dIyrUgg$UH4horVGK5>=Y^0@pdR4RctF~!-*w}vy$*8N-@OdZl*=b6!h
zm7A8S#<PVQ8Et8IergSxV1^T{bcFS7ToNs%u6zxF<*tO%ny?2)SZh3D>i&t76By;v
z(u&Un7#LA{--Y-J!?j;=wLt*iwB%@oBn1k{q;)B&WazrSy3y8gUUQc{ld>rTU};);
z7`uat7YX+-i&zJqWYe><>MR~ldSM|=JA8Y^BlVM0jhDqV*$K(H^HvOw7^N{)X%1Ne
z!rPC1<LY!P%7R5a+(z`-mA^F;bJ9Y{YVB+MoXGBO6q7)L?J~uY1NJvE=Thh|t26E+
zSFu|>kz(}r(u;K?CI!e&;C*-*;O9Yuc`H57?%PKCoIF-fY^fht<^tWZXdcJOs}M~*
zY4lM4iV2S{9qJ;trgD2*#R<!?V^7!9Y?(fWuJw+9;~=T=d#PBE#oA_OG!el?+hWnF
zHtNbR6{g|leiLQf*y`B^DQSYW`Z1$0+3M<vgN50Qz8^7QC{)jB)ZX7kN6CNFTO70K
z#D=Bx6_395QGV^c<8AJvslkwpXzwAgQFyURKMRG_`jZT;MC1?t-l9G^r4w(sQ9p|O
zqzw#EQo#!(+A0)(KoE2a8oTC`{$l;j`2dGuuDowA5yQsuwvC70MyNgdNx1SjA>&pU
zV6fuO>X$bu^~|aN`+QG}F9GOWSZTJ_erM^icvAnu4JKDA-6c}$4Q<r(4eD}Ib-m)x
z3?OofO6g)<XPfW1!8k-p*Fr7|MSM#h#yM74x51$eKiV*!AkCA<w2s?^GFwBZD1v{1
z#=t&5Ue<b_k$Zdm^BeN5tNGuxW4rl@I(tf7_x=b<V5RDIPd=XogpnL*#vz>>KhvL3
z+a^Lx*|?lnSGl>3M{4bRY4K$F2jnh^#fJ^e<KYSHFa?QS`J4@@Rxe;u0HHF-cM5Jh
z!VKWvZy1({ig7&~fI>>l7n0as538TVFs2(*`Bw+b+cud)Ku@L7SQq?eg1O_nXeId$
z=%rQyi(b$b&$4n`W_(ypQd*`|KfpUo{Raky>?gJiR6G+0Y_3GMP~Ny+_-`3x&%1nt
zT@|;3XFRtu%`~f4*Il147riZ=U%D@>j)Fz@c#akgoFaDn;Eps6#p)VzF|(z2d(ex&
zlPz5>AWDJVBwgm<j^}A}svIviQ&dZY#ENE+McG(0Frwr0E2}5_7P!-7<d$GuPi3~b
zjIfDQx>5epdBgLEk5rZ`YN^G5sf|JaFEsmTq2%ljuHeeF?C-h2vW$SrwL~F*sKUUk
zSky27nrcS*C=R3vmJ+1#`?06ZdJ-7R!StqO1-Z;H+LaHC($$L?w~8jMg>P0Fs$^;C
zvy)C`Sd8%&TByTZQ`sFD4q2G;Brxr%fdHj)WOo8Eg4e0OLEFE08+VL4viCl!@-9El
z9Vwg=sgRw7keZAF5c=|R<M<a{bL8)Hsu#=}E!=`Rs3q@n59Tuh7aCKoGWQ&Rw_LF5
zSn-~m?#sl?TvdcxTZXhY`Kg&%B09Z7Q0h;3;_+A@ttyb?Ptjz?$zn#}xgvkf7oSrT
z>4a3PSDKHj&+haGSy2@Jn_}orVkZac{q8vb^$*P~sl*sBB|7iH6L1$|y~H$)Wk&ei
zM2A5|j#k?c%3wj_P^HtgaE#(`X-P^ZiWFdSD^A|X_!tTnv2LOOhuJuc)T_FT>4&PT
z>5=B}FrFzx!onF}@A7E43SaQqe(7n^@izocVTC%CFS@W46o$M#{<v$2K}s}f+Mi+b
zO=iU&j;zNkCpM`tqLE~STtvD_Eh$k~R7bOg#fx#={?rjOq4?U01su@b87u>CM$=-*
zM>T(p>3-D6K7Xi8$KN(CSrC-``L_djn9ix!Jc2awWHYa0A0o|B-9v-yo};%`Zy}BR
z%Hvg+-(cnzMTAo?q`l2pE^|4_%{C+l_3+Et%XA#6hF39)nXF{L5R0?GATiTA&X%r(
z{zt(B%CqLr0KzHcvVvQ4XU-!=*_n^%A-8Wu(0oH<7ZraJ=e9tKlo4Me`x%kQLMaF~
z4ZD@?Aa~&#6N#n_^$}-G_TUviHY|R5YxBE<wVg-dxZx>RjVcM$#>yh^%8#`6R_sKw
zolw!r)fRWBg2*6KDY~Dc06~FwjtHhOnV}KPY8BLp{xWf*I@~y)nsZlcua&dG&d8BK
z-lag!AD+&?d-QJ8wD=JkO5OQ2X=aS&D}t)5wS7bVyr^+i^mU^<3tX!%go#W$dQA`<
zyX8%!WpdfT&ML~8E%-TN*c`rEW$Bj{NfkgiCTj`eQ$;A?lXf;XX-^ui4RJw2lCSh(
z&(^QJbQ@t!(?_CmsfyD)Q?_OYWN{Z-$~o#xm7WXzyXCEYOl16J*0D%_cIA3%%K06T
zK$d|4#luE$Q;`NqSQ~OFIEc`HoZJVpvyajc_jyT*ifAWZoP)U%5CGGwALEk!Rv)1u
zk@*psM<JqU;l;yQQs2h_KYD*kCjdg9yz_10%SGFR0lY8zFy?N$D^KAJsSv285~Y%l
zvv<g>F0_UJ-N}&6>K;q`M>~~ot-xt5;OCb{<uXl19dd_3Zc3^2RxEDz)ZXV9g}c1P
zK|A{>&gi}`cdW9Erwv8ltV1tEw9EefXZk)PWOy3}CG(P)Cmf#Ld<*x`ga}iPp>n+q
ztU<0HsemXny*L^iUZ@heps>%H7=RB}m(V3FGC3SFve^)q;7F7hl@g-~A8XWOc*s&|
z?X?ysHQDQc`!v~Sf{H<9Hhxf|vrE$KK!jKT?)i@?%KJ&r(c>T3QMAji%H}Z9n7QCH
z$9dT~1;1q+=msHXkfVBODYF^{f;aF_j4SppO9?{S7M$ozh5vdDp}-;X#k~{=9P)c2
z97dZyy9myt_-)ksc%}^O8~j{_(sUEi7Vv`=u4)r+o^$~cSIh*23!1aZ6LsZ$?djS^
zs`0;#AXP9XQnA{_)0p&H=l#hh@_frMk>``v3coc^s1VBvFr1%S*d~taoSqo^++S~O
zo!Gd0x{$Hk5@F=#D$f7UqaTiTg4JAWT7p<gf`e*}5qcAOxf(t%H<r}Jb|&V^T9W}6
zo^&8G<(6X*)ygM|%&aH60UxVvPB5gUD0x;>Lta|vKs!4&3Z*Y*nm)JGI-6ikM9{@R
zF}U6=7lt+--dVeYQXke0gqS-#<TA#V0;tL4CL0dUQ%nBO##U61{;z*T`0`zO0T5MO
ze8s#BviUqc1G%ZizdN<!;!!tM6+&63mYKim`n>7NkC19It)`%tF_JaW#)+e{qgHEy
zTCZ5fY62yyVJj)zcMLhDce`d0mE?Df-gv%r%&OFnqV_I%N@S-iEwo*p=MgS?`D<Dr
zK~jcqN&jaEBc%8zH%13z+WzFKlM;;76)!nHgyy19Aeb)iQ4U0%csS3PG{Y=u<qKig
zWX;4J8yRpXZ-ydn-nvR*0e=dK&lRzMd`ppavQ)%=e3>#;XRO@a4aY%m<rYt7_9WmB
z#2f$9_ssV1>~<ji2dwP%3?k=G?Ekvgvi>vl{iUR<F1t=!ywu}<q<QxRHX3Fs@_A02
za=Hv#C_%#hrIrG@1}%g6WaIKS_D;7k6OA-&vL<KJBV`Jf-mqV~7t+zTcf;LDomn;>
ziN&9OR(dn;O=Vcd`0PZ-y?k{?gp?FEi3NQB^Bsn={3EI)VtqJXE%W&v{ORCoQw8oY
zSw_;+8W{Q|dIkasvs~$X*#JpDyJ4#B<?xac9t8MS`u3P_)4olTkH51zvu-DBzNQZu
zwAJEw)mWD3D(i$Wa4Br}`DrUqjVT6*Pe@jfM^8SKXw+F`(ub4(=R`(>`cCklMOT7w
z_G?Z7@A2X+lC#=cMk1CgT^dRvcoE%%CV3TJ>T%BjB!FpTWIJA(Pc(RMztq~5>Qz(w
z=}$EA{({6}eph0upbcHaU;_f7YNO+a>aBN<l;78ppAXPhFV2~zv*p+?S{zf>Lc#xM
zyN3)8iX0+e!mCwoo>-1H{Wls7s`=gW4?S+{QCdC>{5cBjBd%droVn~FnX-zPg#H6E
zD_*H@5t;t_3MC2^no(NXN~!_N(cas>qhw-T*WUQ}1wDHR2^6E^3a<x(ZZ~LOUSF&+
zSmtJ3yXTm+6apo@^$x|zr(E8n7PSAh(f+&saZdIxwQ%JKTYX=9f1sovVrQEss1Wp)
zF$SKX-lBM4ui8RzG%)1(>j~9X>HrI_7Xi;ZFO8V)ZB`oI+<jV7`fxEy`6Hj(Z#X3s
zaSWt_t{Ak+h5xU;w`z;4X~IT>LvVL@cV}>Sf_rdxcX!u72u^Sb65MTY4esvl{!Q|{
z-@*O?`?~hQKAv7Z-L<N#tM0107gzMva~8)oogOQRL|ENX{*J{D=|kL_a7MzS3ZmZI
z5vrztyN3lAiT?YtYtnZyGkmLl?#Npo_Vs0wzQUCitB9F!7Wa-FFL{xcHpjz=FQE>X
zofBP5?r<{M|Hi8ipE#{34x<yW<t1T7ZMo>G!OHnFj{}fqj+#G9Dl`lf+Hys4<veoj
z8*j>s-epM%pYFvtTGCdIlKNLZ{7=dB5yx}YZ-Pb}03-}QxH2l9_`j<bdU4H_z~{&9
z58@QV6`UVg$!BhlC6Muw>meG=_$jzCj#%w@+DY>;ispB?Qp9}35&19*et062m2zuK
z#Hd!PC^OEx$3;d<;*KBb2ka;`5Z5Ft!K?Z}5OVa7Kw2kOFot;kuY5Kb>#xF5<vJ2I
zx=u~&xe`$!TV1nI<!0i_W{vW$Yb6asWEO8gh#C_~IE#Dk!<JA9truhC$w~#!P0`7-
z@e=BwMh^`+QrsSg8S5nRex3S?v3o$y^xfOiHu?J=jqy)#`K}Q8XT3c1wHjRRoOrAX
zWeQ+PyZG#T8{TnT`i$(vdTKhHQq|(^l!E=ga(vJsKm@yBQjIv&1j0*43Oq)#5TWhn
z<bZCDcb(&_E8{diqWxWtTcdh@L?Pd?jHL8gd@EX^J2WrOeJ@SeYoYfHZ+FbYr4E?*
zT!!8jmjh*;FTtZs#DRrCrGg(^k(x<x#OvSl1b02AUk!|=Y4rpzKc}XpPn9ctdsag^
z%I5Jx%f;}OUBRL=rKuNN$DsXZfrA=F@>IRuIor#VV54PdV~5JZ!`W?mtrTOuwHjXg
zaPoGmU|c6Ze0d2+%ASZH4iCGIy=wI|?Fg!Icu-Ut46EyA!s_bS=3G=kusotPL8M=<
zU-Y{lns6hQ8Y+iLWQs*}B8PeGOq`FsJ)X{<3!hhft&c4?0wJ6Dun8|)>e0!tbjCkJ
z+!OIvTl-KX#nO!$Si&^F9wUPeY)eM;kf)^zGBa0@ZX}+6(QaydRBC$LrY$dGRPyxh
z<N2CXu!aF1ygCioaBPvEs~>u`vRIkVdk21px3cJVo2td+^wi!Rjw}cx+DD<Dq`pQm
zhefOz6qh3Z5w0gUIvRTT-IEH9@n7c%%iqAWM8gD))M;{vt*@^yP23&2XKr!{7h@jB
zRPtN=Q~X}7Ef@Z7bs@mr_1=t|jO%<ZZ0a+5j-e`XfdtG_*@>i7FlAgP9`WfTOu5x#
zvZnt1#R~Qo>Q-sq`d7r!LIHt<p(ipjGEh%(jH1exk=9S4pGjVAgE<NP|BTku6Rhj!
zr7NoIW0Z9w<p^b+xZ%dLRr}*3R#H?iWlI2?IGdzqjiB_C=WfzWovOj}sL$!DfVga5
z>Ym${b=pDH4$v~mB2C0O`VwKAZ%-hEh=V~}#UL8rp;_i^Jf<*5ck;Z}aR&MpWqB3|
z{LU&9p1eUKd(3;CNN=Z~Xe1BS@xNv)xxbbRxZ96E+DGup8qT^T+oBUSOy!T^iWtF~
z>4@M@Zd~t_m&3oq!nL6)Q>3Y*;ByzbEBLgFetYhdS!ZQ|qTz=;DFgq-`{BH5|1M*Z
z&PuK)YSsdwfZfNXlKNzTUQ$kWR7R0<q|8E71YXnFWT4LDo9C#64CtnMoFNCHqreXC
zXJzU!oWY`eDYN?s<Uxdd;XRJ5>ACiU9)<T3!pVsvEu<YIDeiHI<TZ7*ISG=~aMsLM
zMFOE9qAS4II&Mn#v?@7K$gGzJYK=%}`&|!-7{Ij*j;&Y<nLyx|AtCo5U^e>mHw2So
z7}EbbcY+E2S&bMvgE(!ua1|>pWn>e!CmQHoB7!6g{UKb}VsE$3ZjM%Oy71xZ?_4P$
zR64I<Fi4t=e~!MerCWBHsXN@*tBWv&5Z}HkuL@?h&?I=rnTK&hD&=SBAx)z<N;Et+
zGfDV1^AAb@tv1b_z#2tUQG-09+4C2f-v4VR;DaVe`Fn*ye$eU<C#qsE%DS>b<a)hq
zUd3Sw3m!7^S<Q{6!cWUCdFMw7tQ(pUF6s?WD+(R$EPQnGNtF05KTYxpr+Iwt844nY
zT7hmQylp%>nYc3WN{h#yG<VCEL`jW!m*A;r%W4K9p;(GOpGFTOfAL8*>u}=X$@)Ag
zhqz#az!x?7-@9c0Wlm6v{%R$w-&MKHdRH+tRaEJpa{15f%~9OQrJaO7SrgfLl#q?B
z!Hak%Mn4Wm*p^sMt?Cr3xhikc!6xj{%!dbJb`e#iBGb}Srv(Udw?*%7<%9Q31=>d}
z+%#sWoYxzO2(e?N(R#wo(i;EZo9Rzx18Th8>&Q~Tu>Pe^gdNHMs-rH%kRtC}ArT>>
ziN-WFN36HKxId{tl2kmud-RihL7lhfn6)`h$=7rf!QHQdBQcuBIdp|-8E)#1Q&$G7
zx+cIUF9%{nFE?{2!l!|vpV+xHG4N_s*rW6;EkJA{^q=u8J89p_30j@C?RAE}$fu90
z^T1>OFL#6T=bsF+%UoE7zc+uU-f3Z5)|(KE8smbl#f6u^@WyIU$sihS=ot|&@zIjE
z{GGq$nB%@p-v?ds)MRkAM*G`X>87TWvsWwi+G**O-61ySc~r(R$vXu5u(|fNk9s;_
z6Gc@ClQQ7{ssT<A5;Z>+rTc1yaV`}dQ7{5xA&ar-K39ANHNMLZ*W_dwQ!Z)9o+m%m
z$ky5qnlnxe>X;uqG6&l4HzCN8w*^TVJb_%v9)(IA1qEdXl2pFUuR>iNP)!^D{Of)X
zYtRcm7adZVPRD;}Zwm$(Q8@yz@mJ8_o^Mse$M<k|PphI<|3wHOKMEe4P|;oQN_HI$
z#U24}25zF^S7<o%$z%D!k=loBEzt``CJJq4K9)OCsuZ_xb#cfT#9cHEH9QRVbd7@p
zAFwW3Q9Mc+7)dCk5-NQSoEFeyu%k&h!xD2!a#aF`CEd8~Z7Fg=j}`|n{!t<zq|-O}
z^3(KYssttbN(_qd(<jFAzgz%!JpJVV%=8r5)Rrj_!0*wExcD-#fkLPg-6_t6#J60L
zt|$Okl|Mkdn!Qs^_>eJ%nduuGb$sHKF}<N0sACHBIxJ3?PVtzpHFMU)9WR@fq4rI5
zL0%@e@YrjRiWe%G{Gr~nX6f=+0tI#HHvX}zN^b*e$A36i!L2PzBi2N-3<SdK{%5H{
zVgZ1YDwfP{$HvdxlijrnZnR+!Or(_3wMmOhgzHBA^8A`IJe4x_xZX9}SMVeFjZ@qc
z)J!t;@e1!2Pl=v;?8h45jF*=9fpc`GiFtSxkw%t%*c&=}ZE`3u-X9clxe1|~lqiga
zZpm44doCcHg8$El4@UZHqT+(dsF#Vp8qQf#GyCwJIh>AoJ@sKB(H+sSbS|55r)vV2
zqU3Z<egT~vm;?k?wW?$^kJhYQcj^8K@De1zz6^Jo46SC1Kk4zqOwo-5t|#*fsJYD7
zwhCUA>;W0Or~Qj~naP^}i_-j1Ep>~n4D}(B?Wqd`*`y1Yg1SL02?DpaC&a8oy?c_N
zaeM?|7ZZJpwI(ZS5pwaT%NT^HSZc6E#l_HRf(5alJH7!KyrreZj!7#Wy^*(wO!>dL
zNfuF1>fjrx$)5kES3$#g!A0Hekjh{&{zgf{D6m|h)~MjKs7S&8`L%ZOfr<KAVszmD
z*VjV?BW;`TC#!zb$`B;f{j6{BJ=J)&*OkH7rAxDUl@4+h=4$oUwMa1l2?mi~k*J$s
z?V7;zZr?>W-aEAEEe?Oh&^L5M7Fa=?>p=7V3gbxuz&wIq7nbSMN=OXo7;!c?8HFRp
zyp}%l+v$xev=}l?-_rBh5I$a%x~zSm-^*4whYDgw1+6;!{TKbEi~-VpuFWD__6r5_
z%7lh%Yq&_6@BmbMmpjC|?hDTPs?(s{z|G?2s)^@C$HOnPT&MRk&0wzfD&d~obX9G9
zmK%>1#@=bD)A1+5bO%pleD@qXl#<!f3Lj>TaZ}!kt5y6qK*9HR+NF?Dn1=zR6orZk
zrOl3408NcOTL}dUWG4qK>=M*)p}EarryjFmP+Vw>-t&VWdDN+j>1tz(_UTgAjzgn;
z92_z=J*N4qiOmPnixSksw8z!XL+sG`d!U`XJNpjVk{(&xURR%e!ublE?dzE}dHf7V
zW7*wUqiyA2hv)N^&((TDKt#toQDMyiCSl0Rp&@r~zoX>O;bcr+|IYVN7287O+-oj8
z2P|rAkvw=364M1JqU8JnbX^V8^1hO%PsgFRVMA+%wpLw29-K3@0<5*fXkW05U$(wr
z9xQ)Q%^dm9rZZp)0V+Px#a`Ep>cocnza=g*gB@j_C>O1WH)(3q&eqynsC2a7%9}bF
z%!deORy2J*NXMM_1GO-G{>?D5r^Ma-`4<Z%SPb`X+tPF|v-#Qjz`3qLrWM%jbD?*<
zW;?9?HA!d>`n2Ug<+(kB2j&&z>wjqZO{^B3Uf>E9eGE1G{2grd!qoUapPvtWBvhAq
znm7PlS`zGwejN?nvG!}pSY&S8-`23e<6lNR97ibV`)u@>h_}w3|1_qF3(yP}>UxA!
zr-DcjybhpQvNm1uu3(yHzC&$qwFVPC6qrA}L@Ao^$E=hc2G$tcKH{`XeGE!OY$h!{
zd>{BRkn8^jAB(tkyQSexJ`<O~-C25!M?|QYQDmZiF2ZgIXONp6Z`l4!XYOKvsnmB0
z0|$@C_by=#YhLsGEi;|j;?nq8i(#?!W~Bhs8x8qaLq%>`@Knt{T60a73-q;Wy<h~F
zYjJOC(NrD$!NO9@SUgzmb6P(w)Of@5H`)y*tI)H0y%OxAZ?sg%C29UbV=pl?zD*fr
zvGFw|XK<k0HzxuvSFQXytHKnX*JBvrk}lcw*kBu74%csUuC?_=+E;w8qLUjQ9Thd-
z_iF!b2eYoj1)&XJY&6pVUOB!Nw0b9(_$@687+{!JKAU0h7)l<UOenNacg3}zaMJli
z?D+%ld5+iIL=N%#BGPDo`~^9-tDR^%A>hqz^<`19aw$Cl0><5BPl4k!;~FjFdwGSN
z<)Q;`@oH93?PPU7`GY?MchVT`NBt<;ua^X&lEf_>-foYN%9n1_S742O-}RnuWlM|x
z(uah+)MAMe1RlNu;0k$c^^*YLOj7)=1&ab&sq#H$PFMZ8qlti>J$~BJQt*01U(A;W
zJ)vqXrrBttUv6nKImhI(;*`Mmpmn`?;>mLx_;Lwfb4%dmxKoJZa*;6oc4T`xu@Sc+
zgk-wvkLjOelNc~uhUjU$FHiCAk1zOQi=WeJ$2jAE$tO!7=A`*-r<Gkha_rT5|BfrP
zo|rIQX!|t_Z%6_Kmg=u5JhI{_lLPx<8&Y#%`Fc2)@Qcv{+Ia1!=fl8WcPi#kh9{#p
z5>8y1kiJ~9^Dn`KvMI-#jc3T1gNg3YB1pnePU5O=!ky$q4kNa6C1^oL)_oY5)q8?@
z2R}mO)znZyz{~assw&N71do|3)^Kj<T`mK;b|1@D8!~yEXwK?0!Z{8*g2@-+-p|Qy
z4au#9mZIE176w<otLs<_*%i?RayaCwc0`-57pi6#&AJzbW9+r?qo$;>ojW%4t|v5S
zcl-VaD!sVQj%TAq8ZweoaTUJ<M5Qhtf{(k|CFzc5Yk?mMfI*A-j2M9o;Tu-^7ZHR~
z?4zwVE!+^Nhd1g=1L$>=i9FusIi=m5t4t3Q;m|6S1iiuWF0Lwy$&SZ;OQMW8vFo>@
zm1T=7?hv0!f+eZ>%^dui!MU=H9x?IAC+yLnQm~A~97)dexZPWR$DJX;xDsl*_Y-Gt
zLvyp8xZI71lj=?+WF{{}o6;d_EC;s8@BR|8UhdTX@0*aZ1iWBE-uqVN-=-xx&x3N4
zU!QYI$Zl6Ow$JlbG+MS%A%juDHiT3|RA%M$sfp)_$!y(-?z`Ew44rv%zVpJxj9q%s
zbL~+7DF)#!fh{<hfQ9rB*n=3CZcKvIScmwF15}uTQW3c4tG3}o#;H;Hp7QptR}uMf
zR&NWL=$M(W3UDeTp<3*$<1kLDM7ZZ-=`W@`t)$Z!GuLuvZak9ffP_}62jiD0Vv=p-
z1QiE5{DpzA!cIfU8?&O<MvHS1ygSjwINZK~i{EocT&r$!fHcHxo-AXa(ONY&YvrUN
zX3+T$o>cZH_p~`jgl583pw9b*fjmw<s*Q}O|L0-fu$R2|Rh9N6ku^SN?z?iSj0;Ws
zXB>~Q&hH(&=L2cqtYU{lF~bf83Ebw?qpjbodVR}&blp<&D2P=w{WJvC6vy@{G|g(!
zyNRdq!}~tWZ|x%*VbAtm7fvoDD)jT1-ECYwhT0&CPPVjlE<UGjqeBLN275b$qx;#Z
zHqsn-f3)G#nTM2Oj9LF|acM>5c<x?EN-yY(0<eEUZREx7Ro4kkXne;?F;@~zQ1M}5
z$gI=*!1@7Co#7={>mx^0P*VbZa@!ThLI<2hmEeTk!BDKk6@nWrD`{@J1f!TjzMpx;
z#QE`DZE+9nAsEX0%w4Sufy)R>k`;#Ih+pa=)t7q1YR-6hI<X>?7?eeNg<#N02Q?|L
z8#0TzAx2!TI^2~b_TZ!|0Kd!78iM9Q$d*eKk~-IwPYflVcjN3>C_$046w5!cioWsw
z#vpLN_Vg&!gc_uhQ*nfUUt6<lzW9X9wTXNEalAI^xG`jj_XTQ6uClur*cluf>&7E%
zYVit7+S_n)AV#Gyz66r&^r4*ihrzU!t`7J8nNhETdQIqYpVv?wC1oI$peSJ4scVqF
zX+u0z5HZ)U<6SBk@beKW=&Pu3I4l2)RX-B&53cb2Dh7kU3-xC!t(sC6;tF<)sY-&&
z%PL8S?U*is;3)15F?fml!asY$@}bjo9v-*dj1RLcJJ-WnwUopY+hnJ{F0@pNS>b@y
zJ?lo7t>6*Wu;ee)NEhp&yk(MxGup@2#SM#tZiRsGnAw)~mn_<aoF6h=NFJ}LR5|n2
zl7jnND?8rH=!snfgI{uF^%!_VLWtXgj&>ruhq9Tj3`??zpLvIU5pX$<o6PSQ)Sipq
z5fri{#iH?lrF$#Uf9zB!P<U*uZM<d72*kjAkuvTM6v5%JMA4TrK4v&47Ysop{^1}B
zEx|4}6T6N7(MCuu>-&0mnK*^sB*+#gUb2;>>Ed+TFJh~GC$=i*_TwR@EwVbx-DzPh
z&H~sT5t})=*=P|EnslAgVl_n}Q9@2qV^ty)Otbnnn((XOU?)Qkz-jFw|1FmC#KUMX
z!_!S@Kc9i&=@nIn#<^ZGFxD)~Dc}o3L2?ezo0`Q<r<}8&H$Z`j2nS7qp4p4#PrckW
z>;sZZo@M|e7wU%Y2SvKlc>m+6{AYR5K>_2PJ#A0A7u9x`2oD1>@1g`Ft#qDKu#eUr
z^|%`^C>~Ghgf7kvw<a?XnbAvW!WDw7KPREscvGwYLJ!H<gjf3V1A^Xft`O(Ao_3&x
zN=VmtEU(iZm<LDMHV(00CR5^bCSyD=4Ci=dZN817eqKKDB?GMDfEJ~l^9s&$ingYN
z{sz3X$IRl%&ba4HE^>XPXCrpxge_pe<EMIapA+o(^=~V?1Bm@^vx6i%ZM2U!^=*EC
zfb4HW7jJmHB_@enH|{5XSxwIPIb9I}T4{lDHkasu-XVAPpUyv^tfUZlFW#N*dj1}A
zoFI^wtBu|N>{q7d@(rsn!&}LoEZ$RR=Ay#OtxeB*Bb7W_dg7(z^FZ26Cyi8PLi0Y^
z5tmu!UbCFs7Fj^0M`qB7-A{Yl_TO{&r=^ONm~*foN}k0QIay_qcb+acKIzemngaU=
zu*%k&q^DM4R@g>Y15XaAj<YVDnAC@NbZi$3pSM)&cnleO*hk60v!$pjjg3V;wEXzR
z$LBC&f9u`I=wJi<84@_)lkpHV90aUmB7?4od|u<qCrD39E4j6HaTs4Yx9FG(m?2at
z@dN6c9!BQvvIGCh{i17X{a|t6-F<H#G6qpkbzzIA_g0Ljxt-v6oZ?+ft`t=Z=;HVU
zmRS!U96>?{Ne<4D$bD+H>w8aDU3~!js@7oQ=B$|y{%ty^bM3K<8=9?eq4rqDDmYLG
z(iCTwm<^3c4YpyJ#aww#I`uD~QUL4_OR<nC#j9M<rvR{qii(sn^SCfQs318oFu}nZ
zK=$qFGP-`!Kj1SER2U08^g~}+09r-#e-R%56{XHb$yK89A2=H<tPJwsu`v=vQvb0}
z2%}gkfn1UQ=M0YkelnT{bjr?KSYIbn$lM%6G3~Thrk9y61n}-}pM&gCf8)%xL2KSx
zW~D8Nx*L`+l-Q`JN7*01y+t>U!*BdXL9qh`Qq16#Y0obg_UOGSxub^b9<+xx697IZ
zQ1ExTCz)5Z4E9$4G#Xd@N00`UC7daaNMA)oMfsRU76hOQzmQDT7z$A~R~55>R(HVb
zR<8DPM0Vy!CnBZcI_=lTU&li$_cvCB3!>gwT-c|C2h|`KWz#1{RW~+j_+=c5ii!0s
z$VJ`qVH?rvg9f&efwNgGVCH@&&gPtM8FD8;24k64*U+Hbu79|HHU0MWUr^4Z4H5=Z
zt<;Hon~JEU%+lSF$zm5)Z(Bc6o!Z}=$oDu<#9B`Ze~us!s;#1upW40?&+quO_pO3d
zp0s__-@YLGZ+y%Qa?sCW93tcnwq(!OYFAp_=x1hTLNEDVX{Cce`$w^b9Rg3w^CJ7X
z*zl-QDWv#0EnP=v0I3xWSx|rwJ-lDnNWts$#^w8^v$M0~>!TBA1U4?N6{DV&tcEV|
zVxs{k!Jh@o274oJu@Q^u`d@T?84`GV`ub@Wx931`Qc}^KOH%%kkLvOuT;$Ppk4&B@
z0J)K0w>pWc{VUE)rQieUbz`=zml;LLKeb>K7WQ^${8ZIZC;n@*0W(AB1ndyzW~vB3
ziN~MnJ;yK-t}Kd?NeA6P_wI6)iJL%0XSDc_^XybP1d=RKJdZ5Fk{Wc>e@tl#sEIlH
zS-nfpy|U$-bx~1xJZP$i?|n*2WmA1C3r60e;Amq?`^S2RB1)Rm_OHjljef?aRpS)p
zi@8uBpq;U;OBmNqj;HwwTe|tdi+~HBak&ML7S83@tku{{3w#p^fE2wgMmruKN>^jn
z5B!<(o}93l+~&oo@RJ9rhJ0>_+e*`H+MRBYary8$w;_qwn<c$C_zZUSpwCMJc!zwp
z9+Xx_a^OJLeHNJWe}rXzAmGA=SWlPqcQQ>F!G}}ZuYeUS(-dy6SCZ!Yn!d+j7t}UW
zfV*!4e3s_8*nDuACm{Ez8Y5t=8Dey#GfcC7qrhiF5q<sPq5~>`-yo_}My6XRXJ7*v
zZw2!+7qc)}TJw|Gj%Rh>3O5Ndz=>A@muUSO<4ZB4@aik)&{{e?9Z_Zqa3}06b>0o>
zV{CYEbvPwy%|lS5s*7+!L8z~PNsiTj$@_HqH{yc{BUU9t;PGm$cf6zc^x2imTxVLE
z@;~KWh7A%1<}a7>pw3c&d%-)Z_kvHFs-_z)E5JFXu7}>)aGQ)RIEc1aV8r)`jk}J;
z-qK7?@14^AU}}6o1V~(EQwb2w2sjns3E{)FU!RNkI;ep=YvLVgzVD$kbdrNze6ZpV
z%Q;Uc3~|^{N=#^la0<2PBG$*tc;l)AVNA~Js)io>eoGD_kcsN}Zg1WmX$uc}Gh`)|
zZ-+CiN0t|AlFn|bfAPY>;?rftwMwN4_y_w~qJbSPal)y<P)mPLSk-U)WdlSy&6})F
zxbJ<sMj*rA4llJ#J)0bq#zQ;h_GB4U`eCEWg!NDpfDJ!L*ryb5`RSCNjau<X>CBZn
zG3B5*(7rn`Njme%&G-HmiGcr}Rf7yd*G2P_w%6jtD~7`!*lbsi#h3JLgr^iKgfHSH
zY_r}YC#o|D$(-OU4%?pO>wai2w0<*YfH9oT{+)Dw!0Zayz<-2fZKNRR!+xq!*|A0t
zl)*<qz~w^dJ7lL|?Lkw!d_fq~Q;Q$ZB?wCK7N01vlit@dcoH#nJ(T7>_djm({CGRl
zAfjsirtyyFyGOK^`_Ybj;ot+qJ*{FKQo`KRXt%<0S+P-kTVq1`uv$!EvYL@)nd3;g
z_K_aWa<DT`s)9irCdjd!>9M?y?y|F4BL97Gir!=K`JROvgXh@<hgQ=u|A**r7t#Ry
zp9?PTd|LmpNH(zlwM7VyF8!LBQC`Y3O*?6^!frCOKf<820Ni0iu+5JHxX-$=3m2XE
z+(Hd#FY&ntrqP?tFdo-KM5_u;rv~0fT~2Z%+|zNdaDHfWqTlQxx}paR-w-M^-XL&2
z;`1_snq8pX&eJW(?Uu4x4%5BOTrA7RuFJHV?fE~)Adz#Qu*#GBk7->Z9@kry{7x8P
zoRt{@xty>2_B=5$zx?jVGse*qch%??{23IL@;$ZljPuC;>PB7%$|h4#bDnT_kb$2}
z(xSnii0iX(rB_mOQ^nrhEW|<SiHrzZnbBI;WrS6CQ+)sHhmEb<s*j)xRBC`YFr0Pz
z?dulXDq920`;E{CdKQ=6myR~WkLQKv8xMRI>r>d<!)ZiRRMf})+a;~Xgfr<*cM{C=
z?%x|jB#kTK7wZNN8WxKXlO`SP(5eTD#s0ZlZ0UA`svZdWP;^i8t>{&6zZ{r*m-|4?
zbv|V272O=?JY+tl)h3)12bi0i*@IW+e7XM-j9S`2idyoF{fb|jPnIy?C*3TD(9jbI
ziqKj=kfi5&;^N|x9iOco2w_Gd9vmMY9x6sW26*GRn1@)!JAAyql}7-@zMsrj^?_;!
zQHY6^3iIOkGe3PXyB2KIf~=dHP>8Xz)Fmn~HnF?$Q|P-HT!;NLb7gV5=vlE?Z-d7!
zLkg?+8TJ=|->#iARX%l%`%8k)?{@c@dK+H%?9^G2e)EZ#T4;IiMqREG^o=&|@s*AQ
z`s!wICnu-l$}tESq|NHK^Sb@>jNQ-h@N>aw=9>K#W5w6(w99I?bS?e=l^^YcpvwPl
zU>_@aM*)uEcMt`Wn!0+vW{p9)MTw>n5ufXj$$<HRHRI3!p6LAh1al`SOQ1`25R#L5
z+7RYEx5Dn@Ozd}?^!Wf?>yZL89@KOKLX*3Hf{@}h%KOmF&EDQ#wVJrM_6@~{`;5ir
z2p|(5A0DVjl8&+D<a0dmYT&>0D;nq?*9q3a9x8;BH*9GF7L^>lWS~41?u69Ju8~=*
ze6d2Q&8b9^1V~VWY^S9VWHX^9Jhh3IU666&=vPrtTV@JjN)DAE61;gG{#+Z?P!i@H
z=$g&zK((xJ2i=utZ$-h<{w(NO%o){(Ju677kGHlsBjvjunar^i@+i$}sGCHD=-Jaq
z4V~$Alht=P(UAXaG-MEol(0V&%o7CK-}(MBLh2-de2NoR47mTH;v#=h@kAjK6(!J*
zfB*CDub_y;lK!#~|8*XA|DwYG{{;WvlR@DfnRqbBpW+A?*4HO2uc%Pb(TTpkcK&+|
z8XFsH8NQk7Sz6M7$_7x-(L)v&wL&8z$SEj_mfY5SxG?yYLi0D}aVA=KAH3_q5M~fM
z3ayj=lt6PMmi7#-+kL#jI`L(@iRgH!$e}b-pnP@aciE4%UPMPnpRTu<lq)b`Eb9j`
zOsi;V!M=k{l_(KQ_>U*mFW^SIL2c1gz=^4O!V>hljf03EX0IKHJnUfU%1@>k8=#RX
z)QwC<SI}~9PlNBTVvN6i245}QF&ICbE@V!l``t_=fBX8ho1&zq)C4-q<H>gkqA*OY
zgpqN(wxp$7xyRx^wp)3?&5?!p2%5EU!viqF;g;O4r09+V;81Dk>HE5aAi6?19}M^2
z-(Ge=StU!Rr8C+BB7F|!LjPO%;U}qPn}I)b^V35xCj`NlEMF&Oo?R5&vNS}!-R(Y?
zz@kIqktwUF1g&@YaK}EPMX(UP+@INSftSdMv9j<%&dvWN0U6JIuyOB6&eum(&USe|
z>rJSOf6rzjud^|sHeDDDjOG#P#t-`b9q%Hq`-1trkJ$eOU!cXhF!Mli%-|Nn_k$mO
z3gAd<ms{sdoc_9rxcZO<g;O1lk!2_@=U7HblX-Z2RJFd40WJ0%v9<h5=heXocn{sh
z$AAC=o;+(Hf4%sf-~~s?7&Uhy-`QLG-gigoR02$ETQ3+4^2yQr92YQ2AB(!<ss;>_
zM0`h0OClBZ#gr=sOI9?DNZT3*REyxi5m7b=a2TDjA2uU)O15iof~3B^VeP<3?tEP*
zzIsgA0G0=vJub|qOjSt)uaK#7y8Hh^_h^yPfFG`=Y;KM^eJmtFj6F~@>tY)Vx@F;h
zcWl5E643f$O7s3g1oM7<K=)dv7iGVz1luV%4+c}!Znj<a@Zw2q`E$HJrH{3=9qWRq
zO2SPG*1nU8pe$rH<8A?uLmR^;2_+ngoA>f52~XMmmhiB9C+hd3k--gYebQ$)t<<(+
zTx4$HDi8xAq--)AIAL6O#K||*X|Pe}I@TlE5S79B4kEFg5!SnJnM0$^5a=+F@0jkI
z8edEZqq<%GEHu~6C};y*2FW`GMPQzqQ7aqqM5z$%G5iuEz6rX?C-*1Hr&c+u3)@=4
z9@8Pr*vV=@UCCp-k!(7j`Cs@h7@l?K9pjBH9!h57KCQg!yc${abSjNreHbQr#D_n?
zu{Lm|wRQ^m<OT$xJPd@Eh6z+vyYv+-lZp#Th3u}LH&R<pHZ>8JlaT%OHlSdek&Sk4
zh(EFW+n{Erv$@YOj6LRY8+S7{L8O&DY&K1P5HQ=n>QUl4O@8#SCrl2O8XyrYw?o$C
z;78be{=iSLz`d&fX4m_X&9RE2=>`7rveDJQQ<0$&gn#jYi}k)siogw&Mz;GP7Pxye
z4CVln921_G6B_(*xUdc^EU&(73U~_p6b*^02973Y-821}#z}Yz>!VvM>T~pGc3hM~
z<2i6e5na>3>9X2D5)I{F(KtO_dBHmDb1dPqyCveb!il-!uoP5@rW@z?{1+XF!{Pm*
z`fe~2MqC#M>ptf#8zvVI6J7_Mgr4Wj2TISepN@~==sh2ZSEG}tvG#?O32aAOofH{x
z_Pg8oVJ|*Wwf`zA_!9vXyxh_)!#e1$v{`K~4f**nB}i;uZGpSOIN_KTe`;4~lJuO3
z&HjNceEh`pYLy31IK*i$XubTque$+UsC+S3?%7PXV{z5du+@qtYD^STrUCw}z8Wn7
zcf{w_1cESL>+I({KuiE<uCK0QA4Vw0&}Op_Z?lzNU`V!hqGrT(JLMvf^kBFay~Z5+
zav6{LnCa@PI3ZvF{A7Q#m>z&L{@bp}X_f5F|7;Lq*nhRd0H>7|dJfb7^$Y-kKU6rg
zApO2ETH&&F4o~O_XhLGH&n*eKki3AL#^?_Cj5zjsk+2aeZ6}AffJl8!{0FCXPMt14
z^01Z+1rhcSQ6JOt)#Z@CLKSZzaq)Nn_|aPb3Vq+}?eq|@H@U{XUu63#!L27fjH*l1
z_p{jY4o^D`uJmp9-TghIt-ik6!+fEFJiX|OBz`lRsQC4r=%%Z!l~Knnn|jAShXYmm
zU(6p?u_V)X0oJ(J>jptbWuq+T$5OvI54|%0uk8W86cAUZmB_gpPC54DKnnhe5_5fL
zVIaHS&?%C<woU}<Xa~=a)83+-0_<j=3>a*+XBN>BgS&!QGj=9(?cc;oiMRa@&zlg;
z=HD*Oz=){LOWH2yfCj6V&V=V9H~IWx#pIc+bgkmxyYW+gv+>Z4T}{*7OiW6d9#RO-
z;fdmwqfivxqTw71nmT7dJ<JdleTa;<Xm`dtvYMHo7kg4#)k!|Ii&e6#@K?`$1!jY>
zrg)nXKhIk?h>EhE7yy{7f>VCmQVj$|3ZeArY5&)i_zG|St3HGHC?Gq#z@gVvgf1k+
z{qL}yv15m=onn1`)z#*F@|TetW6CqF?ySIW_nN4sA_1Xiz2hG8VXpPY_bFCxL98{!
zdIw(S1>Tv09Q`6xb-!p~NE8-2Sp|n<o#8%v6*N}cVNtzYcghY{V!F|h!z(AY1gpon
ziNR#6rULlMl5BQ3h<&rKqwlhMIybz<Gx?(iSJ-+1Wxv<Yk|s6D_Obyi))iMrH>N%K
z7CY7X*iQFgl50&U_3PgwIq~mF&!Vy7o`*j_k>O48T4juPhYT9@MDZcdvvl<8Ttx(}
zD*4jvH}{9=0A+FrEWE$QE|Q%iP*-1I2s3T8ux6tB*SKqFUp*j%)yX_<eHtl~TAuI$
z#<=~|K$g`1BxRWps_>KfhT$Xhyxz>D4C$-DiwrgH+7vLV0;a_go%s!ws%gw~A%gLi
zu7)4R^97MAM@@S6)4O6#HK@RL@RsbzkFZ;lf+MMlp~NIYtA#e7x;?5@VuW`wBm|Hr
z7GZqMUon^vY%Pd?`nkPpAt+`U=9hQY9&gR-RLog_s23-d)*Qly`zZwx6%dOAl~wK#
zZ25QYfW?DTp-&vLNf!c1y1g?iU~6E5C+Q8J`uM(qjQ|&NWS^%dkif|5F)s3#wR#CG
z4LEg7;LDgPg2hhqmkB*T(cbVu`?0PM?OT6KD*tcEk@r8A&5>m5MdREf`b>fWF0HbF
zdKEG`A1oQCv#l@hgz==<+TzrVtG9R#9VzP+eWjG<r_OZH9h~aX$7UBE5ho7;=Y-mZ
z)E@5|d{h>anG}?97gGK5mRl5df)^&uQ=6u5P}JVeCA6-3rK8t+SnVbxMj7xsQr?ct
zO2oXoz~BepMW#143R<+y`35oAxG2)m2tHv8B%m}48deo^%|;V!$(9$^oLuq}&Z8xW
z5l~tLZFo=HTi)f7c<Z|oV=$AD^@B}Q<?g3#UjJIk`F+gU7qgbh2KABnof}+qGia9f
z7D)qu7}+@BxR?B3wy@l#z{Knm^PG-b6M>8I`MBbb(Vjmn^2dAgrFE`w8qmXjO;r!Z
z<{;8*&m;XfhcRm;&hr(nmZvx`#wufC8P1skQ*0{`aS<5`9HjB&;6Pb-J6z3n^)~I{
zys*X6K}BNyIitYcp`nUyvQ0Q%J@)<<vF6Vy6V^l@3p|Y*#dcoSi+SzC_>#6>jEwOO
zHFCyrvOmjf7bYV=s+t4rvA#h6YW`ruP{OsWD3_d;!bjQY;!fzQoqTJ@&ovVAurX=s
zVJSYsj9w7#y>Y@1l^LO2rP%{)LwH{6Lnzhh0Pm4jg~sBnGP}RY`7V;%(fV7BPKI?Q
zBS^#ScUW%5nP@Dzpl1YGealj9tZLfoRKI!Lz-{uGN<;3qUvl+L7LsOmo?{BH8>nb_
zNrU5WX0D<v8XEfPrDzW+9=yYrV8>sH=3RfgS}l{mAnUx^LK&!ZboZ7y$qY<9^tiax
zZhgXQ+;gS(xb)g`d}&!3U+}&pxkxN>K$pALnTj8e^}-((M0hW;3tU?YYp?h`4|l(@
zt>HOO)M=E^H1KT4kotm)DIts+$p<;neYlh`TP}g)ec_AY+kw2dXGY^405?O;($4dh
zuUdc`D_q4)*B>E`fq5)DrtEeoo`4~YaL(G@w3ap`X?zA3*F{<ROZc^)ysH-j{>i<o
z<U+r=9@nv?yAYC`;Bxe}?6Lm=Zfp(@s&248SH)8aed1+$WxdS_wKS<Y|BLYY0O22#
zoNZ#>9RCOyo7tl@$B&ojPxF`B-<o^J_E;u|4=Gw1_Gq(t#b(L9(}=POkdF^UKX73D
zNn%E7BR$jdUz}GjZ)A-=0hm0D*u<jm4onD}pL`8Q$$jGo55k_>^GqaprpN7l&dltK
zk_gu+NM*9}*iF5=oaOO%GEC7cnccV??sr&nXX6B740i4B-MSMxu9#v^pnOFOIA6@W
zoblDhoU(vtKXByu5q#vSG#I!?#Sf5#tod44BHV%x_G53p<_PSVc%2BQV;^EBXxknr
zC=^Km+N8<LpD}`9NfT4u>8~{hH?O8uS?%=|JLb2v>sjB{5o}bva#e<Kn~;{!*}u-?
zBt}(^sWIqqpfV%BfNQc3EqR6oN=+=zKxseGE3+CQ490nm^8sT=F(=Kwx2CX}8^fV%
zQz<_Pw1J4TnAoK25)ah70wbl&!jY>UDH&lEI~eg*$>)an42&RO$l<?*7|Ew3o?gRf
zK3$F|*xR0tq7VV{c#2i34eatFUrMiy-oU6OXVKffW@GPsMu=6o`?_OFZ7mHg#KO@W
zR^+Nw41Z#nSJF>qugcu<<N2+atA_c~ScIROij~!r;Uub>2krFT0b#Wv{p8&9oRn$?
zqzfYFrr%mpdl=oTu8pDkV#)TAt)>Pyo1@*IF98c{dy4LxVb~p>;qI(A5cqU@IG87W
zI>FnN{t^gw#Z-@1&S`N#qi}AIl+E+oP2}yWWWY_+vy<C*^qr+@)btrv)?pp^cHs+$
z5QJp+1(b-&1ctVsBMDJ^e+YpR?X%J`@5dtlU6rulD~)zy-rn9rON|81XX<+@>u1i;
zkqV+;jAwn+WN6Cv;FHnODaBNe7wW7FG9#zI=U6|zD{j?Lc)Kcup4^mY{@zlQ79aZ3
zMy0;uOeQ2m?DvwavP|+#V2KFsz%d*DgSQgK!_IQ8vAl!NQGqZEBNL94v5E5}IVt*d
zZsTpSk@HNk=<d22iQ@9?BMS)(MoBrJojviH#rH{@{*+JTMkDw0nbe?GkD!vNs<KrV
zyNoVSI<HCxir99})hBhB6~6=u;#^@=X<vTUVSLzfnkzbxY>EMVtE(-EB0cp_r9Z7B
zFnKZbKtAc&?!_9IynCDlGY8qE7nw7pRJ3R6c(oEm+S9n5^rlvqZD40Z*<f#kzZ`yl
z#jJSCIPCA-{hm%IUdqsrJH?t)n$=sEZYQLI&+8!ojO1o(FLll)XS92f6mRvID}nt1
z4ck93klAHH-L+9{OiI#qLEYS-J|TO#1(E~OgdQ6$v`kHvcZ0tx>C~l;Y-uZdjZ2Zl
zFw;zAxu66IWRSSG!iN7#)sx9jQi+nY{7q8O)6n;~#^Z|Et7o1ElL(?|s*qq#XSO9%
zo7d4I?Gs5@l>a+Opxl@1VW3z9Qa*@dj+U18a7H5CBRA*Epu`0wCFK|y=Twz$6IY0%
zz7Rx~``lLx2?0G{_kkw0vLAG?(pXgJ#@?;*BGsVPpsSI^l^&}?ilQW<#JvXESXt42
zLrxX*-<WVHo(NMD7(m`zSl-#$87H<?P*mgsw57m_y|*nUaN=h_`cn7xsV4=bdqx|E
zmlCdPpPjHAzM9~8MG<QjNxm~l4l`LZci_2~ladrs6UEsoY1W}TyR<!xoq0<3%INRU
z5{{;TGe+YN$0--RJ8*EzBbsnU#O7#1lEnu4W&()3_QGVFVQJF0$UL8aC$!giJ{y&i
zYd~Uv{k7H3kg2Byui#}~ptqj~@;J80^GvY?!^=fbL0=#RlOP#ERj!M<hA-Nu1^+i9
zG$Alq{}HDg8uTz|L=cUX@G#Q|bK>{E?h0rGiXgbG`<6*5-oNRUAqxn=DBEbdgspS_
zO&=}%2urgRmXL4#Z~Fgt7NGcEy1RZkSNgv-f_A}&ijw1EzuxX;;`+Tr<9}QEyIB%}
z16f&FzBY%A&I8aV&Z=D=>C{91TPbKS09XPZ$FDDP%pDCQ>RMVEUvUQ4Lqj1QN))rv
zOpJ|_3xM*!#s3qOFsda#xVpN!&#*%-lVRs;+&~OA_8V~)^&GNG<@apR2Z=w)NGOU|
Ii+&CMKil<CE&u=k

literal 0
HcmV?d00001

diff --git a/docs/installation/images/mac-success.png b/docs/installation/images/mac-success.png
new file mode 100644
index 0000000000000000000000000000000000000000..8b9b6b7f4bcba71dd1d52adfe33373ebf0bf9651
GIT binary patch
literal 28755
zcmeFZWl&vP)GdgU;O-iNySqCC4-nkl-Q7I|4KBegxVyW%26uOThkL&ptJhWCRozwZ
zNB`Tk&)#dzHRqVJ=2-iL$V!XCLSaDx0Rh2^iwVgC0f8C=0RhXufdJeIGJaeI0)lEX
z5fqda7ZfCrwY4%dF*g7L5(|k-fRt6(L+fpIv*LJ5jlkiL6-ppX;C+e3$ImhMM*K~t
z|7Txc4Mb&Y>fm5)m2p%A@L7;PRRm}>wDv#`el%bM4JvK^EsZtA6}Jn=m8O>=*1N5t
zdeR;DyOysn;NDzqXdx3i20#q{@-{*l@Z2;!K9MiDYrtT!-o!xWkwTlecz96HO4;yZ
z>K~m-NKKzSR=nb%5=egl0R?2Ibj4XS$nr##I!207fdlmmZuAU(%X(WXpduB{5`13&
zc3Z}#7mQTu3_pfl4zY#I3&fkxu(I17s1JildUX4AoI@Wu)*?XN2VsjWmYa>-oMxb#
zY;>TnFJ;Xzb~xra2kvFnl%(IRV&0uyW|)E8H=XaDgwf7p`r=t@Tr^GcGc1vPv_cm@
z;%**hgOQ@iS3+Afl41B{LtrNcuP+Mv{Ns~D(YGWY7!!`r8HOvWj89Aq!;I2U#Z=@b
zsYb#-&+dpn5^Y_%6wA86?_F%AP`%NXva^)<c*tY~t-CE#`JS3VpQKkA4}I|6CO2sq
z=q96~n4#;&cO%!&xkBK>muRFXK7$t*3B3X1=kC!{qM8b^cr>FsIgkSzUk=6YD&;S|
zrR*p;+1zub>)gHgP{e>42*A|aKy^QZG4OMI2H`jb1t9=_cZrRi(JMHhMw5!s!Kx5T
zgm$X%&EDz~?QEBdu-6c6d1Yn<(L02b{VJg~PiloZ*wKz8ej3JG5*TZ9v}>*hD8=I~
zkb^ym;UgS3%_1<{YI}4@Wu7i_FPb*++vWpPKImOgJ#DyRA8u<9%Qom+KW&6SX(ae~
zAUF;g2#$V+??}a<cNqxgkd1tpY(Q{66xKK?V6baAbzr4FY8jwQkTQI%yP#$5bQs`z
z2w*=5p@age2tfN#Dtr$KNj8D+1T$s9P~eFL+{NDXXT*&`<Reh{4rKVrGG9X5qcwmn
zdvj!p%EB|fY4&Srd-EZ1TAO<gCJmNR$BGRs(igqcoeg><;9{-Bnp_<i-|ygu<SF$n
z&k}5FpeTYj839ulLb*s{FfCHxdxHL843!8J0%9?6`7kEJl0J=Z*q8!5de#^efsy4s
zbvnLu;}~!x(3Mz~;0l2S9aDOx+Q+)Cbe)MOpP-b`%>o>{E56%&;&H@e!B_L;_T~0#
z4sDJ)>Wo~sX2Xi~vFic<v2IgPhgwHn=TXO@&RB{(8;0G!ai;1_*~G~MGuk70c6ZBt
zt9KiA%X!Q5Na_pH?yW8JhTuJdzyFm#Qiogzcn7WkuTFUW2PWbMq|RV<T{s);GrIB+
z=j1t29HN5H81J3rQOM(}B0owL5^E516E`c%%F@YO%YDiqko{C7TWBrtqd_35!>EE{
z{>!1Hrciuz?H9`a;Z4!a8x*MS@O5GF3^8&w^6A*Y*qvCJ(2v5{!tw8vZ6b8*b(`05
zyICcKh!u#fa)>4BC5R>RVl63Q$&urRV?E;L2a4hb<3=f*$fNRQ6%Rjld}R1olaHfV
zpUIFBs?4l#rMy+RU4SRwT)ZGDoZs_Niz2AO$2HM4ZXqvFK`+02N`4w@I<ly`2)3xG
za8xczPODV2)KjxLIdE*qm`aty0{iIw5%5u1U|L`;gp6LLNJ$TFL{t(-l4cUuFvu{+
z@I#VT)voHZs);IR6;@T6iCz_THM%kF<Vu-`qMMkgRIgM}wnB!T{7yMdu~`9jW~0E(
zXUpW{;ItOaj5IN;s1<`|LXV`D1kXax@@McTe$YanAfL93xwWiz$_9?*<TPp89IZ@v
z?0qZ<%mEm9tQzb{O#1Mwh#Bl@Om0RJOvZ?qh_DE?@E|Fe58GdhnF{D#%q5r%l5!J|
zSuB{JjC<(9m>2bDv{~B5^uJ@&hhz09*oD^Txx~8!+;KyvfKR>~)=d`<A~xSM{;I2D
z>9Pn_V_Sjr>8Nr)B_MT+L6WUVS1EyceqoVgv7x7-H_#B-v~nf4eS6qEX8vuZ(~xEA
z)AGzX%kuU2BV<m+M(xHcM=8gXL+T^;>#ge>95OgyI5Qk9+?A2?q|W3@uMt7f!VRuo
zsYvR`)s&RfF6nA%zY&s=kP)}k#zfO0>ut1c2lV2ws6ng*JDPNjRP~%vQjHheN=HdM
z&V3fT1o{Nlo6{vtCnBes2mTvN_y*CeUKzaQw7@j;QK(UL%^pqlG9t~V6||LtmENY+
z+qwH-kC9vVONT3st;NHjTkw0-+v<m+d(nr4J6?D?s5QtbFc?S<h|)Laa2*f<U`KEE
zb@$5IicM#%zuTP_u2B+he(w8R@fkfcK68C6*X6Wn&4qJ^JJpIqi>;Lq#=pG7F_0VD
z$loa7r2(jxz@7ijHv!QRk&;N2s32OBC`u$!<W9&U%oWK3k2=gUL@rbXMFIDMeulP&
ztcKIlajCFQ?QG%9_qGSjUEo7Uw10HKGqe-+q1t90nb){qcX;<8`s$~w=Jy``cR3Q0
z^O7>ey2yISQ6!!QLFJTlMB>HYn#DVDv_>pP%u3N~6FK|rc2LjmW0qsWzChj{Kc+sm
zqm0IWi6!(Y%lL50!c2C>x8Ga!y=tK9>~ik10Y*SXw?`$jkWR{(Sb^8h#W1f=B9?Z4
z#CCWgj+qJ$5kH#mOZOL%0xVO{1^w-ch>A4xsKfI^nL*w7RMpZ7^|~hNUIrsOX)jB@
z<55aFN;XPWC9G2Q+6tq%n?k>$%xUo=wHb`EeznP37Hf-Xj){gUht`r>4Xvu@&cHcX
zDHm54vkO;N2+QJr<stMPCkxv}`!&cRcwhVlR!;Mk$~!mU+BL&W3mx$vv(zcntX@?Q
z<(Iu@CH-oPwd@v)t+=%sbx-YZqqvH~6vFkw&73<&#k9HT=qO%u)%LRyU)YHu9b+5^
z9i0*a<5`aB=PNx%XDebW9=3S49NZjkELR?E@SRpupEMuL;CFG!xK6i7+hyS4A@GXJ
z=!(eL{W)VjcDH^cc9!rmdX@5Id3-zVtCi3(a8eYSjx*ia-_LFkt(|UTu1IRv3yXBX
zx#3*-WTxTvJyJ>886@R%s`HiPIxW0(V2U|=H<zN@!sX=(;}j$Km8^&KleM6Ppp%}v
z-p>45CAE~Ll#yrkUG;g&kNWeA{heA30*$^#I#2qWb+O8PmtCY6d8@&Rc+!Lon$^aN
zHHnAm&qcFk;OdP_`^&Cp4G&j#tm;-N&HYXD)`NRW9?5!(UsrLwI46&%G`$w@9QA@E
zMHP0IMxdRzPShI?oNgAlXPVV+c2-Z^5uVm`X0u9<gO-9oqbBg1JyM>W5BnGL=JLQt
zW7FffW<4~|8oN&%mZg_>+#X#QG=*B6CkFRCo`N=`$~;_X$!R6;Veg9|4<ScjAz&Pv
zRBsDUs&}vEWS`S1ypBEep0_WxG`*@}dtq;yQCo4nYPXta9tPm;c&ftvqqy*gF>oI~
zor)hQOdD<Q%+Qu=-S@_ObbC=h8J?Bwx%J)TZD4L}ysJs%HUUSlZ}0C1YAOQrMv8KU
zoKlWK$>X~CmO-A*E53H(JfJKy@YY*`7AR{L1R>Nl_Gy<vgLA8dlu98M-5VEY^C11p
zd(JtT>37*9$PXs&kIi^Mw<JI<A-%o5*AY=(oZ&1FZ@jmQ$;)^Maqb}$y2j*lrX0>;
z+r9SjgK3~(wl@5;fq?jc#D(}jIs+drztu*bUVvD0N~#f`lplaI5FN<!mOv~f&=lUJ
zaPIcaq5=u^^@R=%CJ4>SN99*3#Rk#j(=X2_Pz7V<1LODNo9CY&XmJo<$nAgJ`H;k7
z5o3~^i|rvQNou!kKKk|B-S!6(DDU90G1-k8i$&dose(x&HnzH$EHZ~~M;eq2AaF81
zU?^E{kbf>^1waZ5(}w!`=G^zE3jB9>cW<YrrtF2mj2y0y7H>YpQ7EQWFCKm7)$K(x
z1qsXf^KCw0asrYbZ90sq^v%u9TGcA!vziK{(KOM6nUV*s<Y5uwpA-GhoMfOr85smA
zTrTJ3ZKl(OPih~E;`ot25&t0+;8`(X%$WW;Dmns!jO?c3XlTIiK3Py~IB?Wq&bZ{J
zO2;z4*6>-BPyKj~UKSuT^u<@kt3ymS&t<TO6R)<j8~&1f?_A}!v1e5<b$rkq!xFCU
z177=2()`?ajE8xwot`FTHI<pBk{G5=zVfw{AVUt9(0wtk3`Zz4sZW^Lqn7Q*C`K+N
zovK-O!;!m6m6ZEQp-P%*>vx|)P^^(ZmtiunNpjc;En;aFMPDyosjfGqEl@)%lmAjN
z6vF57uRr$k($hY+dCJ}#`y5RMyjgvOHl4G`$C5);>=ckACVo4h#rgUEX7$ZyVAY5u
zaMYX}PMXJnA#Qxa$BEi}9chv3B*Ng}HzF7#0_?4*@pdnKZwsKiKh|YfiB4!Gx>&=t
zRFrn+$WjWJD)Gw-y^)4gZz~gDv_4%T6bhW;$JP5WK>3lh4jG)Hz&phzAzg*rX;UWU
z*@*SaC~=3*DBtIL3K|Uw-|nQywKamH&eFKp{I13$1k!3AmlMdT$QC5UM-G>-k*hqZ
zex1w<8T_b%AvZ*MAkdCar^Gzr$pPJ3UJ+%j&%7yeAB<gv--k<#Xll-yhkW880!HL<
z`L+?YW%qq@3}@IBqghGr63nC?C~sdgpke#bPoMJ+@|kr<(tM=_Rjro8>l#l|K<sKE
z-x7|()qz2@9LK$gL5pTSFseoL%8?o|z7-IXXpaN4ljApn7^lZ8EI&!h?HQf+j`FTQ
zXnA&y$B@4X&kqRx{McLB+r*yZtRcx$kIq~20Ni@K6jfQ^__0V4y63QE!P>sp@bUYx
z(IJ;T(jHy5V+0+_Hr=%<Au<4G62t^Dj*tyBa_2L4>~@AP@9-RuqX@q%S(GQ&b?VJX
z;l;@^b_fXSAeoSM^8{wXqq4=27>(dSqGguqp!*gog5t0{g~Pm|&y+BJ^Fh4PTK*7u
z?EVbIXkv3{e#wicTY3ZdBRo2AA{9-MSS34x;do1`IAoPa4-0<xS0*da;Ug3>e?CJ)
z5{3yXwws$5!o3L>uvzocEe^XwpyGs)cUdM?Z&nzp8{5$?7vzKY>%!1|F2j1u4OZps
zhwa;<Up(>>)C1-Z`OY(s`VP&J8NcyBybUNIndN~yd@#i_ED`S-_Q3CGmMSFNOSian
zzT+~lNATXe(Fy}mTmP;z+QMyo5)-t0F@7|s{<OM_rbw(j7<$8}YRPYCtHoxziT`bA
zNS{7%(Z=qiB_EN@bf8Li6@8G7S_hK@-W~2nYxVo?H2PrX?zGDgAwbU$grD58preRg
z=Z!nRdSIX3`<@_9-*8xnXf2LALZwHgh2tZHEV^oi5mBOP$KARZuP@fsL{b9Xe3_M$
zI!>k*WnHUh<ps^+$TphPr%Gmp9(?DvQGHgMMbTCMIGmh#=J0M|c?Owz#HvU1q?E7m
zA+3{0!yQBBCbV7}80sU158o`Y_=+nvty%c(17F%26(xv#H#?!QkjsxB3p@#3Ex_C-
zmrAiU8k#d0I*Vz@DfQqV7syEvzk>$^5w2f4sv|uVN<HkylhT?k1-9DyGDfdnQ3J1+
z#_@Rr_Es$xM$Z#8K8IRbtz63kiDEty6a-qN`qqZ^_7HiS*v_Irrt0H}I*J|4(XoZo
zHpl6>eRDUILk?=~<}7AbiJLi*>W{P;5ExwtDR23G&aXy*lW)niKWp(ok`2VXfP;nF
zb{iCDt$Al07689E2~nPbIFjN7xh@)at=I=tM)pL|D{%+1CV2VjIcfQkl-^9Qs1ht-
z6$YAGI5t1KEi%7cYukJ3l5m9i`#$3}oO1{vywhHj6H&iEK+r=Zc+Los^QGpCl$%-o
zpbV_yP+*Eu+ImMKWQc07P>b=%rUw#F8!Y-zl*R{LD^6HjyrLYowbuM8sA;gWt}?Or
zd3zXb4oGImUBEo<X(V|!y>~AJ`*a8e@x1{xiCpv`+tw+IJ1rhO4ll&4Xy{mr0^<+{
zD=6=YSQm3Gi;t$JvdfCs;&-P`UAb8c=dF;JjE1>#y-wLCHY0FH+!Nmev(z5=qDZ2`
z8)Gi_BCdEVk#F}fXwU9I1*zD<^-TZdGAL46ZSUOYRY(6ML1B~iIHkwdtxxZAE$52k
zcyc94?adJiz)ft^!*sQ-A~hSBi;TPkjr052?MSqmwzwhG%hu0_Qy!rSe5vY3h0Dtp
zzC~HOBzF-<=hB^3<i!zdep@!&)GuFH6h!>?wF_IM{^Tk8err#uM+oYpJaAaI?^NZ>
z+S0hkn>R&at`TbecKCB%eC~LPT%$=$Cc&=Moa>iAmg_D@Pu^73dS@FVQ_BuY8gf>n
zo=~%U@9xUFU(aJv*W0CwT5CioIPY}QR`<%Ko^-akab`C-bAQ*khdgLe4=?kQoSJx7
zb`auIUYnU&=ea*scDDY(1-q*DCGu-}YR}p;>}h}c59cc#7na5P_s{p3Ja>8QX)R@-
zP_F6eaXCvbwk`U{Z8Hv9KSpV1`38h)4niJInqj31IaWmu>bIoKoECvD?{2R0@!m_<
zg(OTO2i2@!7=)d6dWzfN;<**ztIkppawnsr>ocQ&`Ao>MokSgGz6e@NoGR*%<{xU`
zOKh%jLCkY^&sxvAX=DAOu`J{z3>Pi)AoGmYtGDvJhs!wn0XMRelBaFH2y%V3M6mp-
z(&Tp2O0FfJsLD{v|5Hi+Vm1D8Q!bqO4*dG!=xTcst}3+kERmm$nOc3`Cv&56n=L5!
zYrpv5MF^OgG;BiEWTEVHs)|(Gpdpy?ZSw`|CFd7yDz7_a8<!<^q3V*z%Jpx(p<lz+
zs8Dy8cIcO$%4X;|M)Zz)ix3<quf*<5NLrR`&{tAs7!m{rcw2Rk7sJN1PcMRxK2J;6
zI_`2<ppKTr8XDU^V^iI?-z_yt#oFa5Nkci7Y6QTyF6~lL?;CQ>oU9sah~jXqBlV8v
zK8KgetOoTRde$rM2TiXPMp&<EIJJ`);@x;X6Bk?d?7(|ao9>1b?X$};5LCS_4FmC{
z0}Iv@4A9h^XHpwb`Q&SwRj9T|y)z1e$gBg`*A@V~KDTQJTiDOh{XDH&EgI{LDj_}U
zZ#p{FW70MaTixKT&1C+b;^l~rCfEiJF^B^FwbTkgBs)bCbrD3!NvmrYnZZZKOi8U&
zt*Y3%pLlQ$V-j}P90EJqCRA~9xKOHZA{67RE}rzQ_^_izzH@A=ksOC?lSGc;Xp>sY
z276LMX3+?E#CRA>^+8>@e&kz!<&AA};-=rYewU>j9&O{qmi{~N^S5k9BO~imt8NHN
zt<0t~W?*{X<r=5XZVN6Jo|T!*sM7Qdg;=bDDoG=QJ)E*Ntx>@sAWV6W0}Ml1Hy^Go
z5O`DRO_!Y4PVni?`XT2CKzu~gaH9&z-A-rR!pfUG^<WNgLZ^{)*Bc$3e(aqo6TRQS
zP-<aDhu*JltFx5q+KM$Q*Xf6euEo8FIS$N?M#~T5X+H@n>y?7-P8Lq-wSs1CTOx(v
zw>9i+CiGO3=^bD8S{M5Q98qfQ6Ue-kJXJa8K>$jvCW>Y`lNoFgU8Z;LK=UI^5aV>y
z&KSuZkGJKDFxOJ1-M>~(j&%1+q#E}lhZluXz*2w_sU~#i-IKH4jDR`obWgbDRhL;=
zC~O#d*29_{hF27@7nKKkB|3ArT9gybSD;y0Y+Ng=Na~^;?aOk<I-*?aBxcLtKG)&#
z$~=F>jcu{sZFc1E#-i`<xj3-obd(+&cDX;KT0@PtFu#EXO~IS!CIqR^!eN|-g~Q>l
zhHu4}?6IKk9Dl!U8E#Cuq8c_zg{$^J!?OxG)k=*K8T)j55_Y2Nwd3jR=x+B7XD;}L
zClTbTpM2L*7>MQB2`T<CszaL|57w79<jfhK!F?~gn*1et2TRZ>c^S?-Sfoxo{Aj$g
zUyQdLJ;so#!@&cu`?jX~^Z5-)(?h@cl*v7sWnpT#;9{+I&~3<}J0u>)I8-}aqoX=l
zD38YNf!YUmE9Qk|W+?8(*{jpqG9c0-XG`iAyrAc4cs(I6+NXLX{E_sie6$VOtFqCv
zcJ$uva#qc7VW^ruJ^c#7DrU6l?!)zhjl9pfSBoWD&+5$6qC?bI!Xa=NwO&5>T~rnJ
zv64rTWotQ+hKUAGwow-kr%ybnS7p%l$JsH;+pBkX?}wg_v=UF_o$*2ljwagE>CTo%
z$E}vsc5zGuf)X?Zf+(gd4<sKwkgr3|?v)eSM11#u#3g77#_b0dU!veF)xw)z0OynR
zye|r=!1^cI*n>l*@J|j>(|GqM9708&6W`WlHYM!n)h0%Opo;K$HZ~(s(cl-&z&Kzt
z31`$z^%KyP`>~Nvk`zWe9`_hCwG;T#$0RDnJm7r)7ABcBv=AY1&J&axMMS?I=Y~j}
zSHEx1zetQdZf{RjYD(Z&Xu6Ak#qNocZlKUTC6J5=pY72}iD*(2CP~%V#co1h8STKb
zq@n~F9)fH&QO&r5wnQoYiFVl;LF2v}k@Ujp2PZu`Lxl(EQG}VNJ@yDmn!loYc>Ifk
zKxy;QckB+?R%zy__L&yNQQd2&bs}<IU)}z9(WHf-3%QovBVEUdmzLb)$xUIP3DT)T
zUvN1b1Rij-K1JN;Z~uTmrkR`@htJYOHc^7VX*s83X}Lvo#5?d=SWn{9sQnmCe1$|q
zVw9m0V|KRC1tA7on28y3iy7?{E>d<aRTa28cK}zMW;r>r$zI(QM)ZUfnJzuiN*-QU
z9!^-yvj5R8IlhlZjQ?YlT%!G!<>6elXcNDt|FnvU#R*2}Gk2-aUIz_g3b0c+PDrWB
z?9=koEi&8lBaHddmDOeAz&yjA{G}d=24|okEJK;EDQs31y`B0k@}N*E?tK)0RK7LN
zY8}dh4X8-ib@0t<KI#+gQsaRr)zh<#eW?cQLAUt^t_%$SgW);YH=HO$U9J_Uh7iXs
z4RyU;^GdZsq`-xBjCiYi&_b5Z;GlHAPRcUx`S?ih{dKz;T{*?GB?Ke9YWWvtl+n;Z
zzG@eRMY%*FN+);xsA;XIU~D{RxTmacA99VQLhDjA>u_U>7Eq$&7XIW2OY04b;Cow&
z$P^i2Y-(!6e)0Zy?@Ybb@KXG1b{Mp)Bn5BE`;^H;y_)J0z5*vZV^BOKC|YS7*Rgn>
zpQ)T-R`*vXgzo55iP#sXHb+(ZKe}vP7eTf}KJ$-mR2%tZ!Y9(7coo_728YyTYJQLB
z74me{G%mbGdA#d1y4@{Gt;>9|t1C?6BE$(kHPuy>nMx%zd`3q5(ChR-ME^16&D(ej
zd!-?-*R3rInd}-&(nKBkN1Lx9O@zTI%UF~3L@NuoMYnng-bP&wj)<9cQ{qyRpj|Dc
zm7i8jl?sL0qa88M0|^$cg3c>?iqVz&9L`$RaZE7BuBq2z6(sFY;Br$D66C>6=MChJ
z)7_$l2N)*1Q@1u-z^i47QeFVbtsbnSqXPj8Eiz+G`|J_P3cTBnf=*1mW%8Rz=@W?1
z8X8J*8`X833m5k)&Ur+rsfe-l45k5MaKB_M%)2_f<Mg-5&gN*m=OU;gy((1rFR{*x
zUn{Fnt#Y?o3QbXs^3*a7KOY=cy|rk3!Im_9@z(Pw73!HGmdy^zDxZ%_QwXey_XG)B
zO-w2}<Z@%f7g-Kt6<t}gfhZ7};^VTnz^*DV^4~htd92rim)`IUcgrFwG)(Ot)iC66
zr11ciT;_~*3px~iN_RuX?LPEc={A{z7(NK0L{~41&b4MjH^kiA(^XT%ttGH`-o*Tb
zjCA^=YBoh!)Dh6VXqGFIK$t>79j7)mOeg}w45*ysd?9B)TX5ZnZ(?TVu|mG!j=Uc=
z4sXh_X*oKFbz8^8-e)on!9EB}KVF|;E<b9kIXP>esLxkAAznhXk*ngzV0HAYk)!OI
z0>Vuyx|JJZV(&_o*T+`e)7aGOVSm`(&sM5Qq)vXC2$HqJk9;UADpScXboXmPoFuUv
zS`LDvkRKskuUo*m2}6dN-;m3pX$WDNUov!BV&v!@n>MVCy%c(+F?8Q|Kp17Tv3-BE
zX@&9fqtTMHkN0au`nk)uti`yFDTkC03kHPS`$7Dwr<dm)l!>yEWRH2{Qh}}+kaV>x
zf$rjzd`UwT18m`W2sx*cgX12enZi%(HyZ9=6?aRX()pt9t1A|_aKe_D2SmHMHEk1i
zbq-VF)*b@N1iPf`eyl|AItYHe4p)`-q;(Mvc3b8y`!UsXmiQ3zW(=~~`<U9!a7h0-
zR&VjNe+qovfe6Y^q&0ZAXWF($!#_O8Q^f~U(hKqHi{B2(3-ndj*4%ururz3$2%z`W
zR>arNXneHr&SBW}$TH$wwLKE{KyTioTm?MT$z<K@PNt9;)ifcwiWfuEEavTWcC@Q!
znPaWU5nSYXReDpg9L;&cBcj!myuxHgsK*vQL356RklSNi#fL_<>><+1#tP&1uX7}<
zxgn!teIC#hGG#Qmav2p+eKB~M>yi2AweFGq3hn4DBhze~j2|tFX72cnk``Oi(yT@-
zMpzRT>=Yk~2FDD+yOOn4>XvA32HEN{%e)Yx7V)uy5H0qDCk5clzdpfuR@R?~;VM+l
z2us)dvzSF;xcfyUvk>V~Tkj|g6Kd{qr8mQsM)l^(I2lsyYS9`9F<C{uiB_&*{U$=B
z?qru;{3Ye7Ps^N67cZG+;Zt3A;}2;Zj+nrPcXU%|HcnFP^k~LVRBhC-MkBc!Nh|Q{
z+ip0zO6MpwrQw}T1^gH{HE$w?FbfwWsMW6qS8Y?yY1*%>x-R!vx0esk%8RIOx`yn$
zboZwW>K+Pa#}vV|ZQsJci54YdRH@t}N2W{q$cuWyxsqO|en4fc8u9q-iNq=NS*^?u
zhM*fJ-EpZ;&rlLE3Ui0e<O$gWWfoO;54y6P*AQXd(v0}|ko}<qqf1<DDHJ{LW+)9+
zioG2FMgOB<{#mftVpMalf*fxVJc1JyS`hwm{GCC)3)&7#_HE@>@oJp=?reHBGK65#
ztjK!q4c$pmp|kr0wlN7W$`+f?{AgFmnT=<f#0ST$&^K$9gXmZ4D2stjw=7v-JiGjz
zwsjOI-|l)iNGYGqw_4;u{fIRvtk#UBK8SJ1Nn`i>jK;d5qC@Dnm+fWIHU!RyAb-NV
zBrod9{&1MNNOpYoWf|C_+k|v6)<PS3<3=5arMezjPpc99YV*gtNjsxh>@7oTEytB&
z54e{K`EZT*y1HFPv*_-DMcCZFEX;mY9|wP=pLK9jBG`@UIg5dLp3f)5tom?k$@D^+
z4P#smy|1!bdwg#$?WzR+C=39429OU3C{uN(16!>T>xVpPV<)pIp0O=F*^pZOuj1lt
zvtmPOAs*GrT&WVc%vNpnVVqqhmp7(>r+k@?aJ7_35M}4T$XnB7z#i&q-Sx^@)swG7
zJbIdtIubvXESJbZPpGTt*RPWbSDj$FQTBP<2^8e@GeJ3{e_r*<4KO-)iMzrnqCS?O
zNmnqE?-HrkpbB;N`267NR@#5WZWS&BvEz4WQDJ>_6gy{G8-~eH&&%*R$sIAz>B(E>
zrYP9l9TBbC(-CinNA)TTn0YM6ifKLGlY%9fbt*!jilIWDHcU%e5LI$jJ@B;LDWjYm
zRZVFKt&+{cChAsG{K18rmC-Ym9+X#jImGBVLd5^g?&dPYR&lNzG}>l^ojS2n=@|uZ
zb6bPOc+rY{mrOdi!(4M+1wR-}jsD@vDXL>=;L>UZ3y9fAVJmtyG+qb#j`aNikxZq>
zvuVzE+)z=q(FvuvF+mYCGg<hI=eH9KVUOr%7b&b~Va{y%dLAh<AN=du6xG+ULi^Cp
zPkJG5?G-ha+!UZOXz+U0Yj?C?Qe|}RspWPxWV%E5&hn{yJ5xfn(1y_-23gn_;}S;p
zD11jiA){${P7G@`Q7Qw?PKRfNgqEK%7KF&yh>xepFN|_kqRn}OR+W4Cah{DmY2KQ`
z8vQ8TzgC~5FpJ#Jgc5jX*+H~iv+n0&H*Pz@XdLHofuYP9dKf#6d3Ug+B}wN2ZvC?1
zXJcSdS?8C35s1@M+&0dPX1n@DBSkNPg5pb>E&JJnDZM8JghL~gPk)G5EMk!}H-rC-
zz>#{w-1aEt1^)eWYht}EF9i1s#KJ7gyM__<A@?g47&m%p^&aDPSNa~)&7)l;R3E$b
z+s|R{&Cn%?A>XH7Iv-YXMIjNJn3-}3>E%)w5KZWWGc<>bM_0_)Z{c4l1rHw(S{tG2
zec2Ze$ViV1W>dT;(Z=j-K*^%MX%Jz%eQ4fEVjb-9vAnElO2CPJM##{Qht1KR-8Ai4
z5)g-fJy&dtdI<Xv%;`2YMWZrKSr%WnDF4z>{>gsb&Rk}-2!P`i1R<L93K4cYM+Za6
z%QAH6dRkh>u}OU_@FwWKoyY^J&j+xHO+ysSf}Ym`P4kEcr36yP2UqpEeKKyC)%HhQ
z0*^%L<q(K#>=%8mo5`w>zWYLY*0ZU%`Xh_F(jTaX%S3Ar4s@0m*l+I!l)H^|grx1B
z2T%6Zm){O2SP0*G%sST($)YLQpzqNnlrG~WBHu_Ti7sfjC3+f@(cB0DTQ2v)h@4N!
zoL-wz+MP$XAS!l!3N8}uws^4Xktr%lvonWsb{M57%5NRIoz>IJ=%MWhWk2C-IvG_>
z%03C+8PCjZ`r(VI0TJbMRaubu5((ITs|k6Dt`b?c(=Jf7!11*#$M?#NM}1A%7}ja_
ze^N<EqjBE3Dt7HEb8V(K7>aP#(bsb4as$?kQP9&h@$}GY8mrFCN8e>|XZq4*6uI4H
zF+H(geG+<&poO|&SU{}*w1L%$ia#{8qAoMkbM5h+mqR1RCwnGN!-m^%qqU54(0rvD
zdtp{B$ZC5?c#86d-N<Tb5dC1HJ^l(;pV|`Fztn8C3v$q_Gd6S9<e`y*vLZ&Xzm&FO
zQu~sp945?Y8^hs<Qyz?wzrIJHA@*<`r?Fw32ySFH(jI5^fQ!dABHdWX&gS4j)XIEq
zCZ)+GRb0m*`)til&?YXCKE{A$?;I$N&dQHpy@5I^D%-ZU%L?Hp={hu4W5r{%*@p$Q
ze_^9!@ELk1*nl`}V@J{E(O>^$81=PLa}P3*#_g8kwRd%coHsPm@!f(F#PRv<Rv+)e
zifJ~9brmY3#yGAw)*Wr;7^Qr5n#daaS+fbcC%S?<WJ+Tob5ORboBm9&50bnZty@c#
z!d~9lMUK>*?H>GLCC8u{;sg$Ek!Dz_qF&c>B7m@JfvWQXiBn$-uPZL_^b4GaLhmMy
ztnNsm#kYl^7EoW`RgJ{w3{|Z*t;a)qs1;lyXeViL8#azjz+~_0N5}RR=-SfJl#u2v
zf4h<Q>?^9}2{BB2gFL&=Svb*+-A|zB8RffVetuypFuu1BUWvlWIZ^U`uFE{A4l!a}
z&`V#z{G791$O~3;LSvXZ|D^OO^jQtZs{<BT1cTdMH04Fgz$0sP-EFq&zDomXOVBGq
z#U^F*Cc9sohtFMl98`GR<g4F5d?gdG!Oih<0QA@!Kn?cM)Ms;3ABW5NyDWsVx(#^Y
zN5om)`0IB(UgxQG{2h^6UcDiu@I=SF)Xfk!Im=8lqCYu9D58wRh3YV1Rh@5jfIuPp
z432~TU1$1+4SxlO)v*O_Iwk#p_T|VB`X`ac7w>&OtK~({xAEf_xAzZ|nt}5M#TmWV
zc1(oD=U-CwzX$ko5VXCO$OFHoe*1$rrSRojt1uX(5a65_`HLV;X!b^$`(YSlDpjs|
z&20erbN+t^i1lqlw`wvj)oSGdFu$SR-az{L`UJ$p;Am&K!{;{E*59w=7|v@S=`mmy
z&{y+vbKiYOS?Hzso$&<-_Yn&?rr)37tT~P0^b2sJJ5{T%n5RWF%*5u6M}z04Cxdb2
z;*qRkoEG9olSm}T*gsZ9b_0^aPkAHQ1tI@G9P+=*MOD#0U29)B{A6gD%c4MHG^EaJ
z8*lNWBVc|Rx=(Wh>TiZOwgAXzYyfahK;e&J;`lQF1hSZ<q@b&7!}VQNTN__ry1&1_
z`tlBpDh(XZU;Oo&7qAN`!W|L%Y{Nmhn?(x0-Rv62pHulDA$)3fWp46-7;ff(Fh0go
z&-=p~WU?S2PD?hB#Y#ojsm7&)*jv=sv&AYgMJ$@@iD7>5e<?3E^;PbXH0HnL7V=JD
zQ~Kg#$ohxLe9oy)`$^M{Ss}!wr31Tlea4N4o}&}k8)*NxqUu7;nX?>07ic({#dh~Q
zG%mw^%_W1vfeWgUdXCppqMqEOzQxQyMNXgpV-{ejI_N%aNeInzQX(S32XS%nal=s%
z5RfV$z-vwpv8@{I$wR$B!x~=>{yG2<N=^V;1_}wc_IP)(kczEQX-E?Dw!OW50bOx$
zwbWr2CaGzV2((IfossiTtpYpwBqm}A2?-f98l2mT$b^|S0@@LSqxokn4{23(5r1GN
zgAel!9UmpAy^{D(7yL)9Z81QgOfnQpuRE&WV2}X=hLI5m%u)2G-;k||djlttqFQGE
zWk3iJn6Uw%RK-6LiE{eB4QMz9s#fl|p#hg<puiBu2HqnSf9cQ}N!xo{JYex}gZlu1
zRx$7y#r>r^uD5i27vDN8{<=ND=MAiinNcb6$BMi`(f~_xk^jN+*KGrWHlPxiF_phh
zK*#`=#8qI8{ioJ_7+xa^#BTAIKlSTP3RqIw$NyjL{~xP;f)|84u&MMgjg^Zn_loZD
z(^+9bkXpH`iDjcr-0vpYk^rEf9t(~omkcDeQ5_Y-em#TxF&<8W`oV>{ow`ypY0*;s
z_tP|d^+>WHoJ)tYCFC=<(-bU$ARHjv_pMn?tlv`mjp@ijxizHx-ir7Y&LOcHNk5a!
zv9wDrobs0$)<N2EDAI-eJ~<CGj#lji4k9A3uv`_s40u0NeSTq5YD!89%t(fTopnyu
zoA<?<8PZxUoUnENs3%@A@g%;LC6X)EEvN0unD__Z=-G<Mh=v@0`jgK9B><-9ksjbj
zE{a`iOf>!?WT6JFdJ6K))f6K-2eoF?0oZT{-;VM#o(w8~^DBxNAX=N^57{2<m(}B-
zb37+_c2eW$-ImIVHea(V)e^oNuVYC@^=nRuz*dDXd$0qc<iSTfH+d=Nu*iS^F{xP3
zQ>mOH|25&)@(5}HBMu$4izZY8&N}?qw~V3g6~b?I+fq45df#nhJAGSqzbpiF9VV@s
z13v=x>45WeN)S{4&wV%Z^P-y82;|#`U(tr5^i{k%J!KcQl^n|bb-EVL38d7HNe~vV
z#>wc2%!K%61!4_xDdC2htB?90<v|>ie@YVT1gyFKX+<>n=+AIO5&Jr(Y-e}RPxbv9
z-A<|6ByqSKtttQVX?b*jPw#IQ1CA8^p545SUVU1l?hjm{WbhS0145~Tt&-TEF|(}_
z5K2dB;#|$52+JrNcVOWoO}Jq=m6}ZVf8=H+Y}cr@C^oyhn%qIzE@mXi&<>ZpDg9l*
z40S*}qg3vc;{o(?2NiwzN#Pbct@bjeD$<pamy&Y+Z;f#3Ha0MA9c!WIdg&$XVkO2I
zGp;R*;?|G^fgBE@SWav?lJY3^-NHAa>W81^ur>VplAD~|fW4KSu!a>XVo1-G_qVAO
zJpUk&ASY4~4ih(9#~rL++VaK+3%%er_VLV57gi?$d0T{@KiP@*0eiMgr!VxzORUjF
z|KxKj0LC<n4yqcrd8mf8CM&*-{qk}HO*nzpy9Xy=u;z$Jv9+{~XyG-_D<%>dwN=L#
z@cAwmr}V$3;hTR=R@gVTpUnQoI_v*nT~tUFtm)gHLrzv~!E8`y%=J?C%|aTeIi4Dq
z7U{4agynCEiwyb|CusXy<s%~S+7C@`L(Ia9D2*D5-3E~(hMFB&A!bzEByQr^%wr6W
zwFz*Fu?)>jtyvan2&}7gk4fLxF74f}!xP($WgSQG6Kb}S&_SAVmaoW-#wZp(RW|>J
znOG~Ib@lZ=pc3~e3-a1hB9^jb<CTkvNwi+ZNvR`GPaY!Id+DG`L{}5n;i<vA1f>Oo
z{b^<T3D>0sXbmiX1Mrzr79;JGo3s6|Xe*Owcs56atN)D+$j#3PWYXR}k~mNFAPJI~
z8Vy-AaC+O(@fi4NXr~*srE4GTWof0#UR>`kCnOp_G~ZK*sdg+VBBVnOrEw2V9};nx
z)H`m1{z`s66)0;ksw(@HmcQ-+0KHa$Of~|8)e3o3!HF|R_{VP<Sx|I*MfpU%j(?V3
z38{btJ!mO5|NqM43Dd`Tf||;Xqu6*jldc$!#m>`HfJ3~mA%0738lbrNGJ;yz*L5z1
z_SF^wJc(M1-xB-sd@rXSwO#RdiEpU@^@mZzd33p5LJ^3cG)`5}>I8p*0dHC8N&A52
z<wS+k`S+|>Ulf#^PktT20DVnIm^NKADJZLgb#H4@a*)QG@;57>kOcy@LY81S8+@%6
zeNm3R39MqogoO|;&nq&a10V!dZGC&Fe-&(z#917hXLlOrhG3)_o@%l+?YQPy^_Pnw
zbqe})HX;M#PhM}LbTj`ZH18Xf9k(%%Ct2Pwz*$ZIY3Qjv9r)acgIPNL?g!p)%Ul&s
zeIvvtstHFNB{YwdP?ZTxR_$L8K?X0&jKp!!1hu?KjkUu*XEYg{sM0OmyXBGlw0v_&
z_u?B?!^8j0Zm|&nqgB|@8kQ&``c2j$U}ciUKSfH3Pfx9|1(mFpDx%{dnjoHj$yKHX
z44s!&ePS}o?OJxk-nL!tf5(&SLKTkvTb>yZ0F>YH0j@R&=9fS<qm8}l3bEO9M}-tL
zcJ^p4Z^KAR%P$iTi7lr12IrPFDU7~8UtM;nFAXEFZ(|2)A)}?FS&pV%F<`(BjNENZ
z)Tmzwc+;9Vc?@7ytw%y%{F2-0Und*Zs1PV|>e_Zd9(L1oU08QEY$#YB9W@e?S>3aC
z<Og^{%qv1Z<)(S_PX6?;&C)N7-)|nAuRcJpP5?YCuJixG!wlp^5=!&KIul*K5%&b;
zfj{1sP_iLMj7v_M6>0J`GsPE>uFY2YR~HfRh$eEo#TT6t@#Jn%`2W6F8Ibp8G&U$0
zZTL+~fWwW0(iv=w#*cVagU8m|L4TCGKA{wVB%c+DvncgPYEgFt)S@(vga-c)9+xl>
z%RW8){1EFCA!LAfL}w#Ln-g@)V6xLu6?(LeCHkEETM5s12JW2vw2tjcrPEQ>?L(9e
z2XS405l|&nV%3q)?-YOo`#j&kyu}}mVJ|EeF<eCT7F}2=SJ5~jNGlPUZf~1u@|$Hg
z6}}4>l7ypP=|-`Bk?!7aPLo5>hFSH6&(fY3ua1Mtd3AtzFIoSt08<RPm4R^+H2GFM
zsD=Wcp+un3{c<0vSDdLQczibQ*^d0gh9rvg_aoD&ssNo5)43yybYm6H-4u*^)lJ?7
zbY!;Eg}8$F85r=d_r9@E<k45{c5HV_Y`ycjv}uM&gpht2u8@s1A*a5JWK4Bc6Bf#{
z;U*wwHp)AdT{}G%vY9Wj0;Iao_1{xnI$*nS_m-hCG58ZqFbgJp_h@ZTBg^sgTf2Du
zPco%4A8)>ShSs;k7JH@iNxV*o*vZCd8R9Xw(@C$ZuV(P$usCCh`I`7@andGNVRmeG
z^)1%iJE1h(zUsq29J9>@<ehSe`+q$PfLUa5fQi3%4#Q0+=~7D*4kZ)O84l=n?n>u{
zM>)9-e8J7wdT)2cfQo@!J9m1?9MYa`=|)0IN88?V&PK_vj`j;Yq2$)?%Mx}%LSQJu
z<DOioq?4Ojh3q>`F)=aim`pONJXQw*{HYz`qRLW|de+;Fx&cFM4g(Aie(CUvY0lqD
zkWLz^s=Hj}FE`8umfSl}%{qK1Cy(aKfFQE@=h?l~7vjw{-<%R3mCCUDDd`Fh`Ths>
z{3-xqAK5OWT9-y;k%P{bE?03psp5qd!F<BbK2<%nghzWoCb_!brZ8uMEglZq)Hn>=
zHkv3WHYrCee(`C>hRZjSeu&>zLiqh8_v3p&{q_X**1osKK_)R8Aps4yHVrswRh?3n
zf4wx+ZRd&=A2I!aqJGrqjID@I6f9ZdfBcA#7<G*}a!Y$HDB=iRR(U8*O4nKmP9!@#
z$y%R2-n^Al?^8N(PvTvAu0yazQKD^&EMbvcyBMd3gzymu&$pwGC9J1xl-c73)jwgK
z@ez#8Pl;lv_}j$WD!lOK%KM~FE_<$xG5nfv!&wMac8gVcwMkL*KH7;5fnV+{8wn10
zEfO+Fs^}X?BQO7;W%?(3*D`eDy_`Li{`bEUflnw6g6ueF+x4&5_s@@Y>HuJ(>b+NE
z4i)+!L=UB{^y{5}rm+NR8g9WB`JtTs-M&4!J(b80WV%&(4htrEP;vq)s+apeBmG<J
z(gM0k7a-Y<^;c56?|mz!@MUUNI0D<hmZBmLe$ajm2O*SN%-yjn(4T%U(d57ZQYd~n
zPEYdr@NHu(ka|BYtOccw3x!Mv_$<{NUL6;$$!hD%r4+F`YS?f6p3`(daeg^J;k_oC
z&d5jvF7Z*jBma{i>I2W!9lTRvcR{|Q(0i;|&@b|K5^vFapMETdct`#1oP2mbP~3iK
zlNaI!vkh_E8%4ZtLc$!ciYZh>6tyPRbDW<wP|L@0>7NRYeMnMz+L77a;)Fa};`hv2
zQdTy#E~-B?yWg4h&u1l+y`Qi(9cfic+aFxzfLD8`OHZ(%&vm)=Smg}gFFen5dFAB0
zJ#ydH<gPgq<<4a%X4gGil{IzJVr3HL=eGP?Co6|o)~7Z9Uc_9Jbq1%w#pIrL+7<HB
z+=gX0f=7><I?oGhiStP9$~kP&H#F^<x4J!BvT5~HP@Sb_>*<;BDnhonG2W2L%bh>h
zF2mg-OcNlk3X%tHNX_??wDe8a8COI0oQSU#b94=p<Qp5yX%#4}e1qiEUS?$<)DUjR
zrV-m+B$ul7tEwM@Ae)A6_v&N2=+kQ*+&}!p9u%!?3T<I&8?fqolE@~-JG1MTDQ6+w
z=O&f*Wo+;eNtRKa<NUMua5Z;vY~8PQjoP<~&t;T@_@PiLOjTtDhlus9WdN3Kbe2If
z>x6h5?RxnlI@hSgXq%!0y`~J?vZmCP_~?GGm0exU<B6NlvPI{XS*Lw(@A|N<Uz>@H
zb0<o2(RLUbxaAx7ji|$wh)q1viLK?TYnRz*UK9Cwd77j+&PCcn+pmUBhBZhW6W?Ie
zq@cQIu%FuJwI4mWExB7|!saHIKyV`uQ7&8gE%A9xVD_FRv_*)o2Ih(Kplz>-b@Xth
z$yr9zIv7koIZHst=y9mmcQ0Ke8|-Kb;o&;AF{8CNLCD=4N%Co4?JY7=y^XIKGed}P
zjQ7Rci%2gs0iW)-|LIq<7=VpnfZX{GPf5^^)8fV<UTJI#+{fx#$%;o6!oe&)9k2$y
z#Rk$Lv0%xtNHwj)`O1!|K9ApW`#CfUDPPeT>)U=AISDn#7k}80_#w6QG`#a0H$PvA
z0wpCuU=1G~y$A5AZk?vlwGXo)A-^IG7xc%q(Tq4FrJ6sxdiliw-z_R88uk1$MkK@m
ze5|QBFeWwgw<He)PEi3U`9ir|&HrpATB`syo{j(e$C-E|Ryt{i-m<k=#^34i#`Wrw
z$zu4tokW8qDRrMlQAkX!|A*)MS66)XfSvSq9^w7&G;w5%aX4ajS$0AC2bB-NAQ8vC
zpvpnuCu;TYJrsZ&8NUA7YiH=bp-VhnWb+8ROQy}8Jz{QS8nZHpFZ0F2yKAtuUY4kA
zvM^pBz|0LP8B~6tP%|S54`u#XexhLHUZ+rE?qT%Lk*I&#mu*{s3Tilth!c>BpQuXP
zf}<@^dC}B(LPI@KXuE3OihpqCEm<7vk00Js&X1DDv@%uXQB}TEMMMk(9w*tzq}|Eu
zR&H6T?ER_ywF*?gl14L|>!6@(a=x)Pngx^3q;JLhRk#Y(egugQe(Cl&nzPe~USD@I
z$p4`XW={)gQ4}tP!FY`)sEE^5HJ`#=6uvRa^Ph>V?*N;qi;Fqw)QTa`@i76H_2@xs
zG+35Tb}pC*NYQ4X__3jUv@rW9hFlG%h(@Cl-N|u3TeChB$N*`q4qlV!a?*I#37-PI
zSAs_17V#m+d!C&sjHjT!Hbx{tD-+D%OTGR3FoU^#3Dv6&+8f5HE}fyI=j7}!NZ%L#
zT%8h#;KKqZB|{9XGKF3sQ>!~qSd9+Ewk1!T=T!zdVehPm_VGLu`R<^Jm5R$v8xoth
zeb`|np~ky#Qsnq=)Kkk*zp&~Jf+|Pw{T)lgQte%zF4erJQ_puE&~W+-Ua13wMJ0Md
zBAH6RXvh25&;^G9@dasz?Z79Og~W#+U1yz#$k@Uvx@G~|vo*MLF`Qqcpr{c7dObKu
z91CZ#@4=@~D~)2-XY8(v$5xi2f5PYE&tmDzL$)w#-qTiVP6?#mNpZ_I9X$0g+hq`S
z_Ix$}*1P}7$8%gvG0BhAYX|i0^yfEX-?@Id`8$wvvx0Z;-er)5UT+j2eI-Fx9KP%M
z2H?0}8_nIn;?lqEY<HB`9r<X+UGRwcPmTWj(<3zihO1drQ9s4}$AsQdfU?NlU+?c8
z^fTJ4Rmb1O-<(3*fkc)i8+g_Q-%04+oKMAn+0{}>VAok#Z|jOHOVS-^AS_P*HEPBZ
z08Nw|nRowq+&XlIXn0HMP;VAjbxwFt_scYE1O9)h*xu7A<;6wi-OoM?ppqEiBCAs;
z@HpvxEtYj%mo-5@fO^n&$*>P9s69^Q*vb$2%asRGTzl+?!#iy+iB_jnMGXJeBO~Jl
zENGzp(@?mYE^inm9iZ^tNg#~XNghy88~EJbswmo}%U9L!ygPVja`sI9HRm@bK;7{5
z-A->!^#Jfi`HAFZ<}MVqnIm!;3vx4P-f3RLL+-#rwqTP=cDHR(c{IVFd5lI45RSL>
zjq{{c3|ozjGr7*h=0~&Q@@isZevpeWy6VX0(QS+?hOxOR!3Z1v>hZ=216sl^n0voD
zPgI4af{Ur7iW*AgbFbF1QGQ5gBJ&fgD1Df&<4;@wK1h4z2ykG}%}$E@KCq}4gkw%L
z4e^F4r7g%u2IdD#?fvowDqZPgz-LeYd8{luI0&Ut?Vw3n6jjfcBPS!61I9KC#+R)s
zhGtwhz|>#ilu_`a05#|5=seW_Do)LbzaUQ)g@^xJuh1FozgD%<X#bLgj|9z_E8X?T
zz8Ty_+h?0ycr}qqGe54}BQ;aA`(2RaAoC@mUm{t5{j)p09A{!HH=SaoBOxsfVKl~N
zVuKB?{$FXT4$u8)h_DSDko;RVb4Ok?8gsYPqxreae>X3luhHL09_{bOC@a8TE%o&1
zKauw@f?5H6)C<mn7by4J0CwQs*<l9W!`62mGzDDM-8<4Kgd6@QVW7y$EvBL50(i&&
zmGZ9{&1d};^`+Wxw_ko`8p;bB3IKNaZH>l%OE%3PTK6-$I0vA9lYbzY?`!KBtrfvm
z5%;Rj^LE&tgBvUzEY(HeD~PCi{=oc2m41=_@4H!)u~%;F0#wIv3F$#a-3O6qk)xF?
z6J}8j00&(d#BvM-3kJM<TTfN@5XFw4TcX!Buc-j&Goys_%Byt>s=4?tD~F|oxpNhk
ziU1(IRSCy*i^`;c(_JthNsB|E|NUFvF+{*eR(=YaUvmG({H>S!Z-C$SQjh;l`?7Cd
z3l~0$3k{kcy>Uk~k+2p}Dei#=`mF+L&l=~)EziItws4h6FT2}%W3*rFJV3(&ugz!_
zh53`q-%<nZ#Xo*_Yo*_yCzkMLqu-y{1o}ytOfu`YI)g773?!_I)rp4FhbXLE|6v)k
z^B#t-XXu5gM9^HV+drJ^=&i`Yo&tsG?3vxa8Gzj(&O}Wj*XxfkPi6G2{ufa|COZHk
zp&gWrTgcq4I&f9du>R)ft}8bBKg>TS)mRmj>}5ln;}wERG*ag*^G2m^|H1J)qXTN0
z9QJqbKti*OdDE_A|3$y!EBXOcsOsNTXq%|dI+*bzOj6YD&~M_rBED_)b(c#$aQ+*%
zUN3LS0MTER&G1iJf^5wSV2x)q1DC&&g*ytsZHRCxe~XQ;;p4Ox&}sbNBoRJ5;G*f!
z&LH@Wi5yAQ&?Z=~jh+Y{hOf3q{Xo>{kof<Fp8shmoR)ca>$YooJp~L64ITQ@s@DPC
zH5(~wx)2W;+Fd&WD0Zp#e@?{wCe<@Ko9(7p>DrK@AIzM7(nAM;x%T^;xqhTtYbYL9
zD0i8B<yF`J&S{=V)@(SMk^{*-K*N-%fX{k=MIgXsY$>1=owzdmJEu0i7Dp1DV1GrH
zoLBbCzFFljHWs)HV1T9xy1$Qo?7fBu4Xc^I?NtOMjvYS$1Vk+I`d<K`Ol3?TeoJPr
zm$D6j5hZ4mtN%8}Yh6hR`+v$Z{!bE}2h3P5@v+ZC!rXtB!9&IvCBR2xAyYA0GCwrv
zVKt9yslk-cPN{oC5Kp#81l{q4t2@-OM?{n`_dU${N5!Qe?ySX3(SyEqG=;uLVcZ}A
zG&PXMZu`A}x@dTE8$rvDw)j?CW$^U1J-W8$YB^vS6ynj{?kx$y@^Vp?U!0ezLm2Gz
z&gO;zgyg>n_UU-z{N{hPcb(yIZr}cpNFi!OiJnA=8ojrOBcc;6jNTcdcOrryYIIQ}
zN|aFsqYgnvqD({?btF22QD-oNJ2@xkf8=@Y*L&}m`*pqV?7jAC`+0xAwfB52s&O0q
zkhFj@%-%c2i_}}NKb?Dd8ApDlxxw5jRuC`W{iimiq`Z6f(O`y!2*?y$D<#mf9T5JB
zVfX9vB;7N&#X^O=FXi#_5nESd+B<ZU=k_}oC1C8+QX+2I0Y@vmgJ%-&OF2rT9t9sF
z!y@Ql;)0&dQg(}gz1o5C+QWb)o{<>{V!+EG#8SRCI7R4BUTM;~*qzz!SJ4vqc-Bs&
z>_VvPP=r!|>EelpF03m^jWg@phZRY?qyFx}3+R>+Z*7oUSG<>j;py>LT!)oX_f}hV
z(!%$Jos|B94c2`IVS~>BvnFolXS*R$GelrP;NHp6mO3!9e_>N{PdKzU@TXzO5dB3g
zt&zMVA)tUbBS!53Cf2v@{I}>@dt4?G6K9Gl&1%1R2OmsxTxjUwt~A?;Tsv$zTK*hg
zhh6^FE>vJfdU4r(EOa0QdjfuB_P`(3MMUXa%e10p>L>@Sj0Ml442qGFqQ$qD9-h9H
zcc%{Ts&CKE5pcE09LA>YWw8YxKkVxidKYhl&d)Q42>X5CL^v1^;C$)a{A!J|0lF7}
zkx0O_&|S<8J4<ht1&a!#X3*MRcY=T)g`OM8ec%SIxXbYUzWr#<dPhza8n7>Xo0<(<
zP~N;#v%52a;A48=_VN0Kn<UNF&LH%DVrB0r;;d1$#iK?k0axVIUx^dk)H^U;$$Pr*
z@eB@liW+ksyJ4`Yl0W^)SYoLHj6dL*%r2QyCJn2hJMsS<trNwxsIGSl8Rk^@{y6Ls
z!`7y7CnWf>XJF2b#dO>Vw?!Vhw;c4n4VfsCxR8;pTZx!W;jaHKPpl&6OQv6flSiFO
zI<;1*290zpep0=~QGz9ZY*0ME=brchv2S>T!IZl_=z)p<s$oM2M5)d2@<)bsb7I6V
zL~co&-RRj5XJiq`sN6lI-5hY@7pshq>Ah4dFA|z|JiMhoC6IN09)pz^lZJZ>iiXXL
z+t5yjy}bpu`~vO~V~fUP$6pA7P#)?*oEmstz|K(0fE+!v8}k10$mrB?RLri1!#iVq
z$MFIc!URqLcersG+I`vN#DTA1(c^rS0ehd7N|1ov0W%eE*q2`Qx~b-GZDB(rN<$`h
zIvI<N8%{Oyo7uMy*Zq`P1y@sgpVd#CiKc5>peDR+6_D8{MS=Z?{+sbO1pb>ln()==
z#*c9v_lsIf%6xz9m7VD^n*L}Yzv<3|m`D<27h3XpOXOwz7JY~rZJpE54Eu^a??69J
zmFL(_S{<|RUSWFq-5V3~!+UORKJ$$a@3<Pj&P(iYio=4vs(~?wj+=pyPa(4im$5|g
zJIhnu(-+!37{me}cXn-LH7_kM)h0*gSdB75qg6YqAzw7iq`F0QKlZCI3z`~+(bd^?
zm6{;kV5Q#Xdn$b?r-Pb`>U`8F)!qSXN(Zf3o3%-L`%92d%SnArVgln*UQauBt_s@l
zR*VK!LlD^2G^MV_2R#lXEQ02Pb;sx(BchWLCe!xQfJ)vV8{tM*<HTVb)d>Zp-C!B=
zNBZ}PO3_*QRc66JxZkYr`fCecuUR9ojjL{7>lWNSS^h2oD1#3uO`*b@Rvs%Ylww;@
z$cxy6`P6dMyt!JQPrD7mG)uc}+q`qm4TO3XO4~XfOd~vb&^DwWjr#F14Js{69m6Wu
z-GE3%=4M~wQIlb=NPLCx_n;ZdqiE1<3XKxN`V6#u>*|(LGqS?}Vh6anh*>X)8clx$
z@Un(R1Mri>P4J8TpUB2Gnr0`*j!sqay1A!1D@k5g(IsPO-_oUpGZFil1H5tl9?f;i
zNLwH&Ir&R#g=#mduqR72)qoo72jrU?4h+r=6}$#@LxEAzk=<rh*<E5xsWrzT2g55X
zrrJ3bB%|bH9&`mKrZ?i2W$j*5$dt6n_(I;JCn))#xs8%DxYU@thtJG|x7&@LzF3jp
zEB0AdY1&{ll-QIlD=8E=H?QZmJsF@UcECb~WWGK+oDVrj)@3t3r9Mii%*~Mh{&{Dd
zUg20g=<eof0$P|W{-#^`91vnR*!wBL3a;QV(Cp27rSQ|U_i7KVJDF_q8{2BX%b?~;
z3+bMeMBjDJxhYY`F_o6^4wg&Q&~(xU^pn_a)JAS1VH~9GK@DP);?R77#F*N8Xx*09
z0}lHo?@!vy4*xB#<QW)M_(AANdD>}xHu_Mu?j~H}s8Vbz=bg1Z=DvN*0T)+jW?s@5
zBPe85_>%VQOb?h>erO6fO5D#Fp;T_lDT-=-7Z&_QpD6E>VF%Fx#>~kFwKsH}uF>er
z)H>?PC)k()Yk|d86B=_G1_Mt<7)^6e*T&K%HgkZg8y^a5J==rdRZm~eUEr+HNrYpG
zr`PQ8yW*n<hkb?~q@_G9-tAh<Y`Xr3<J`%5HzdH-jHy|{4`jC5SsYpxG7LIk2!PQn
zYbeglK3ss6=X#EJA|O}T0S}p`HrovBekCyE$#o4PRpY#@>pHR7oVQWc8upQb@ug3P
z?%vk3NTKb4#yMedmdEYXZYVxIZ+Q8%fXjNID-0;lmxsOfwQdvgHzTrS*jWlS4Dah{
zkwQ<4$2?z-jpuR&xIw>2kx|d;C6kClJRG-Anb_!pVq!>N#!7H?KFC!7AGq{Ow3bgk
zDpYFDNsD<~k&`0)w$%<DqB}qZB<pqbXcXmZy;%EgRlv+*(CW~oYkFK#DDIA6&J>ux
zls)e79kOHY4To+~+T5!@+={etb#b#8*1!ZgXGR1lrw}mOpw!N`P8+O>brE)FlNPZ_
zbcOX+`kKvDxJ`wy%j9gB(yad&zBi(|pn`C{6g{sfw)0uaQhVI|oA>7)`fm<jd|jvW
zSvvg%N2(5GE7Ss5GrlOhFR=4y*KsFoQ=CK~v|Gm;fvB4}{hi3nv=K%q>y$_OUnpWy
zsK-vLaJmA4WA&>QU~_@31RW*9FM3S6y?9Hql`0S{QX7H|g%B=4A>aNM&1xi0O@ubr
z$Za=ITjIjY^(>!$mYrSD-#|OL2FcE!G<%kqggAt-xltbgyS@Ohwy&=!VLtyc`6MxJ
zNXR%T3$|M)zJ36oo{&cI9=n7$`Sy8<w}gC^GPlh_=Ak2<N(l|^<64#qjm#SG;O!5F
zQQ^1U^|*SYB1h#qzJ4<va75z?_Xd$=Wh`jOoVImD*|H#5&HcPsx&xR>yfpd%4J)zH
z!ao*V0&H?^j1Ym{o~|`B%aHQ9+3<;HvU>_f(HHa04(zhs=D;0WFzv7s+lNi<cezV+
z<$}B-G>^7&&^>8vx>E);PSK${l&XGD+^?SKn;eyPc^H(o1VkQY{*8g@Y+dwJeGuuE
z$8wKuWynFGxa@<H87jY>`BTsvq^A0{^1F@2U7ka+0FsLexYLeBoz_v^YPt-DyRQn+
zJtP%<IWdbH+#121>@MxfBOi!jPlA2_cmn`-+{ocp;xi!vAQ#z(?fd6)fI+vdi3umN
zqwZmbJe+m{{C2nf;f)3ib-=XXcXsHVK0Z4)=xS2Xtt25S7mTJBr~Ptyy}^da7kz6w
zCl@?y+z2{X;TwFI)_HmAqLc$mJ*w~OgL(<ODt{gkw0twGLm%qLwK4%v-+s#@8+csU
zg|?Gd?Oxtfi^FGE9p~nGy5%S}udRg+w(VDZk`^RCm?3U92*cY3Zm}{@-AZ6vDe?<$
z!R(;jPZma|CjvvOMLUH2romU2W^%mQ0u;>KGVNGe10w^sER<|e&0&EDi<&MY1ttDK
zsTk;@%d6%2_mm{eg2!;|i>Wmrez$S_$bVt^T^8l+bg!r=I977URuK*hyfjYB^=cW!
zKl8c~yR&x!!Bh>rFq6g3g}9vl+@oTQcQ<SI1!^TCH8%2X-PyHD+7!?d)Q&gWGywJ8
z^3pBucXpz0-h8nUJ!&`Yx%={EZf9rHoOaHugNdnCk|wCW6z<tCf<p&+v4`o(8Gke-
z%k^-58+-*&%<e}N|3qNVOO(4)MW2qQyV^vv(PBloOtiG1K4XXj%JN9+g^KFK>f${J
zxBT9CLt>k48H-!<2j7D1HB9*1D*+XF=c&nWo$LWIHse)$iTIb$o`FFFKML~k4jT5N
zTu9Y%$YTvd<rl;^nCI@_t~Z*)e$&nbk@~k%`SHG9J1X8i=#RKo8*j^!3~4qX-)WAb
zeLD~ukrP{AuEXTFev{$$)G!aPr6aR|;7!?hgL<R#9j^8H>@uEaT+-NGI8-)cEx=-B
zTr*$55IYeung`bwrbq=kj#8svhp=~!`IXbt4C}=>&1wY$p6|i33=L*d6i5+c;;|CK
zcfnLBIa1sh3G$PYq?}Cg`#P)R>4dz*gvJwpj!yH2z=vJ1+@V7P2T;u7Kwto5bpNzo
z<>$YU9I64xm!k-jmUc2fPI|V=rfZ=td-O<^BtEdv^xgB$4fx9&-ob(8TIgoa!^3;Y
z6`WCy`D3lr5@yu2set^9T~F~KdGlcLk<EN;?HI~J%e1|Uq)6r6BiYlwhjufAVjANB
zR0EUZDn@C=Ke@p_sDmDqn>U@mePVx*BBbYJfP48PcXGOl9OO#H{1zhNRpR0&2+I<g
z+&gTpJI1uG+8wVK`EAfWvBwt~tg8{AG)e$d$_^GQj!**;<Jx>#C?;G!NcfbyYn(#k
z8Jitud*)t}SKJSXfUFtRh{*S|iP9Ng@cZ=%pZY;DT*NUJ;$2ffch9%A5uVqezhjR(
zc7l^<Gk69ki5PW80x>@I3nM=LR2dW<d);YH+6OmXq><`dPTlJnCB}<Owh#y_bPMH<
znnkJbZ|dn~E7v;MH>k}>2XuMs2YDP(EyA*`Rods>h<`RP`VzXTSk9K~z-RGjCSm;<
z3X2XYy_81j@j<$gK<i|sSl!mHW1ef7<DXi#)>@Uv6Om3(kCq`5Q=2PKeVP%H_5JP7
zIwl{(#yQXGL+_A{ra!DSYZYl%-k9a+N6fO=PBx9w9jp?Ye#E+rg>A7^Ytcx2$-IM6
z*ZkuBs)_W-Y)_+2Dvs6xDVLU&wz`C%@D2)1_UT_d<#3PffZoIC@lCVL_1GN%%#bEc
zuqz{;h*_bBE%ulb^7Ypy*i1l1Y(kFM;M*N6p-;hzZ044=w!wOQM3L{N$j8Icf*&SI
zlO(|+Xj3>~(7^jvTf$rvV`ghJ;5Z_p#FoV&V|xkZZn8U<JZw^cI`kHlKND}4*DxrZ
zn~)9hR`3Wuc=NtY>Uw<(%t0$YK&BFFHo1Rr&1Vfd2Z#7AUgm(QO83{;FDsaPKK8TN
z^K7FX=4&M!ij0iC&Xor<1cgo71(_x9A^C;eke97bC9bPV2x_v)g~oW1sy9(e!{WGy
zaeE;j-rWb81i;`nBLJq}m9G>}FG)@@Puqv_p0YKd`x36q9OZ}?3JSK51P!KSSkq&U
z^3E81#n{p4qKq}v;pVWEFB#w7JWu5;_BqfpuAsoeh!4K|Wtv_)vFSUa{d428QTB_l
zGbbRXGKbkKVp=vR#n(>B9y7*}_xK;UOEG}zA1J;VM91sf-vekUa=EoOVC5>U2k8$4
z^YohRg#%di%!A5o9@Rn0U*f77mRz;{*RAf*zHh4x?K9yh&coaTam6z1sEi#r#}wF4
zpKidD0;UAf;tn!BD|rcvn)jMvbwhWCvA5!tuZqHqL?&rL3tZ6qZHBKHqFGdKUbbjK
zJRS(#XkL{~FNGiRtg`YcUufza!!C^Ayj0Rnv}XqH$fLH(JHRp)tZak($E6C5NL&U8
z7&)t>$kxUx*s_$NDC2{w;Ew5NUS(_TNHfvxnb7(hgL_V!<ad_v>ecfi?kRYQ=20n)
zZMNAH0~L+edx4DvYAjXfdCAz)o`PH;veYbOmr2acl=_8CzKhMDq_lUaA{$U8Ss<|K
zXsSj%gx98JcMwHs5_Mx&M1>@6=wF7N&=#j&AW8HzoX|r^V(<}>U*4>sszX<0nM?cZ
z>ISS#_YJ?F`LsqkXZ6|4&ZfiqN4>WsJ`FFR=UQ0=!oocn3jn7Z8&)dUC+dU9dbB&>
z<c8qTn*Vg@5|Gg)Q+CuR@}<^fSC-$|i105zIUeEH!nkwzIRU7A@)JV8VVybg=r>5R
zK$y^?TygE)fc!aHhA{q(2Lz5OlHsoS@8?6xt`T5Go^I~?#B(Ssp_M%H=V=m-sF?V3
z?aG95#uGt6N59<vvT^%2C3QFm%!9!zE9=|m)=j|b|EE<CPb++Ly1r1X8lByqCbrfd
zK<Dl>bB^Tt3GEi#|9L9yH4XOnmIH1bQetyrFt<kNqCBVg$9#Tn^DLpNcT`L)28);0
zRw`m)xVaBt9?$ZD-|=Cc&NJdXK@ZoE>#Q4oMtvD5h58<gef{?x>65FW8`+3CGqDOr
zk&(nQuY5+QT!<+YP~{dvvjd;Y&UH^;DqCo;O?<C8lm=osMtYSBZH_cJ1?|V#@cd>@
z#c&$>ZP|$Q>~PWIg_)}g<M{^mkCXdlqbx#=b1|PLO8F@}_RE(tYm<fdW0aIg8Y(>^
zZa!X424<n5@?E>%Q5H{!GMO%2^Xr#z-Zv$RM#PIrP`cCIcba{?hk+O?E7=L>{>#+<
zB!(5$Nd5Dau8Y}!d=<Kvp2>PmB948Fxg+>Qt>4B)Fea4%k4VTtf^OHR8&QksvuOwN
z0q4aXL{#JRXzsTdnZ8jA%1qF#&#%G6Yd=|1Hd)?8hd49qw8mbE60q9bP#f>sxeOL{
zaHBk9HA%DrRr^WmV;0h(=q5Q!Qa#y?EEoNcc>1xIM}5!SX2OR;+?vQ;z79}bm=IU#
znXfgk(!k9_Yc9>q$oo6s(Trmixu4VW&o{LGgz!@vpRX{2D-AE^PFtd<H=X+FaUUiE
z6GMdVh`Zp1S?27tZW1m_fKET_&yI^{>COuqTE#OP(FVqSA80%}**~7$0>92ZN%Qfe
z@g%Xdq7U=k-xTSp+j$^{1N!;$Kf9|@AzUOwLpMNv8q!N&60Vt65I=X~%1iU)o$)@9
zn%Vml8{eoYYy+X59I<Pp#pBmt>lf+~E6xtdUsi^G%dJ01@a*4xE@|Gy%buN0x1LS3
zd?2RyzH-ohfUs4#Usgc-`dU;3$D=!O_-_|W<D~U;i(VAyhnIOgdibDDQ8B~umcGP1
zDEXwYD6`hdjQBQ_WUpu!c^{QH-^H2CC^qSPsFrFFIsk2I8uYk-b-}G^T3&E15Z=B5
zYtL_TJ;J>8YXQ?a`c?;kgLfo`GQCgBIVz{Vv9x@w{gK_Pp6#x|b8v$<@^L1s)}!^(
z{Dt)?K$(UVP9#38V{@QGlL?KofUM^$H<>(M{yHvrre>kK+uZ1PvSbmm5^8HWGPAgj
zbH}MTbuo_IjOL+Wmi0h1$kCthWm)0Sdq0L@to&>Wn>`<M;90}o^Y==*x^~M?lMhq{
z^XbL;&K~sd=dzp_A;E4IIY20dI^u1|ipwT_Q`<c!u=k1kQ;=~(o5SfQ>LqxXI+s)N
z`5#2Y7q3vUD}HCc@|yAMH<FlHIoy_|i@VfS0o?Li`$h{R<II5+pqY;<ya^pvcibU3
zt9Lx(^yZTNM`>jota{c9)xhR1iCQ%2)fO-w^&Ac|+#hNQ9aGF)r)<3xYB~`o<7ZIO
z>kKTP&sDH^iaf=X?DnmkVCV90N;XIZqk?i=`kALe799?2Gi2G*-RrXz&PIvqzSgqP
z?erR6S^t&n^{KKqaUY{_9Y{}4Bh{rZ>K!98_^CQh3Bz>$tacnSjV!xS;mKMK;<Pv2
z^sL4WTLjd-O#0WVel1VZk=W)E*poYwG8FSoZ^GN?C_SM5O`y!jPqvqPt`B9U%*>Ek
z4Q{%8s3^&$?~q+6(`%50%x^=s2YI#c$wC%!X)0FEOGdnCSIGBOr#0a(h_{<lElY(p
zVpD*fGq}RajCOSY+==xMEcC?XfKA^%x*r}qUHlc-<czgU(_e{<BwKD0<qF>|Qyt$h
zC){>Dt@<XbzQR<CM}d(}@aZrUQbq=h4!xH}q+!3G;sV93%f#^-xo+l<HgRoi2;3zC
zGh=+oeb;4vIqR=wQFL@N5LJQF%S!S*OcoLjGC0*K`wJHm*!J<l?NA)TApd04V9a}^
zJLiqHpHXv)Mg%z@`CI0pvz{?cGC`>G_j;gAw;b;l%S732ATyNo<OFA-HzD47|Lohy
z(`5_k3C#OvaG=6EV>UTzOAC{8tx(FFa_fp-g(S9{o=)qr!)h#7G*kKsxWTs$yW@;)
zV+tJiZD-C-RA}0twPSOB42Qd--6s7Jn{rL|2fQTC5l0dKMBC2=EL`VK9XeHfKUH7h
zP-*Y=CaZLNf4Ro@p?_8metz}qEaP}W-JNGz)32Xx2yw{Pme*sN!L`SsCo82<QouLe
zsh{6;Px0r1pp&64Llh_@^I`CO3M$a$hnK>Ed&lw~?gf(j!0mJ=HoQ0Iotby+zf*_b
z{?k%bI7<vT1=iuFb+%w(X{aK7x1tSt4{~m}xjc}iFB7_yW|ZRd8W&JC3l12)3A&Lg
z-N?z|ocdkdSrvp@>@T!2ZRrgg2j$fq><rbBW9og!*v|Rp;L3(X!Pv-J;Yf){@KVVT
z0v|k6xW~7ZdQJ&t!1pVZjtfCJJ{#uzjHz?s`dZu4QY3LlOfTo(*9n8y(Nle`lNh^w
zZk~(lG*n;Ltw&y+e{quRisNL?dh&Uh&($lAKDAB{|C8>|{|Mh8xd`6SJa}|o)^hP8
zxMf20*1vV(xgv&`_$j6&@XmP|fFJ|7-lS&#SI8bjM8qGYFGq7uRv<t`R3#uD|FgjS
zGfh(a^XKX9<*ZlF$#gQFKR2Y$`SY9+sQSzm75kA-63@%Z)D;yg;xupnU9$cj(N>VX
zz|Q@H>Ur5HCwswIZwd8zQ~ht4k0U%Ps@4Y4=VF6kULPVlKmC<a-upi5qe3|eZFdXe
z)s~3QKSV+lO-)U?(;kD?x#cp<nNDfGM!87d{g2HQpDTVMuBxiC8m~05I^JL70DQ{~
zeGgk}-k;h=RM^aHS0tP_r{Z^VvSKAyLL@7n(2_<@c{Ds_k<MVvREm?N{mm8m1Xtv@
zC!hZ<6(Lfnqkq$G_d3<r-FgY(^BUhGID1~_U#}803?;-wDCW=Kw7$b$pu+rHDeluI
zxD}4<JMY$4gs6L^9DY7vj|gfUO)_PjmnA=cPUpdWE^HLp6$ol51l_)VP7!uOO5CC#
zIUf#-T<ir)4(_(+We*A3_7tA8@E_rLf*SaZc#VG|mGCh9k)q=N8|^<P|9_+X-$z<%
zQOd9Ed}d7gq+)EfnKbgj6T_bw5FW$9UZD9J+XeW`W8oL>>X134oqmNb{TTO7nlE?Q
ztQMz@Nb>FM^C1Lzcnb-iM`ezd@?U9je}}~RM<vvZ%)yCW9qO#aFD2n=2%J}lmmw7X
z&L4y#%W{gY<@&h`gx`K*$^8}>QtWf+YQkU4x$+{(_vPu}_Qb_28n#44z*|t6t@ytZ
zcl6$UaHYpXNu~`q?qW`Lw!vcZ4~JTW5%7e)2S0bg@9+Ghc&*qBZM^>IW@l7%O_{9D
zO6SaT^Pfe@vW-~$DkCWK_^)d5or;FLad5Q?gQ4YtD<CBCjZDbng!agibZ5s8n@qy^
z6q}z*>C?5mU+`YRDh@k0xKnaX^Vc@PuEWEr?=YD5py8>h&>I04=C^9RqT)u%HeQ^?
zK5akCqUFacqIb@oDCD@Vr6P5XRW~g^&g3$2{H^0UO&O5%Thd~kTKw3Q(YJm}$qFAy
zfBAC#3R494UmKxfI&nxy2we0f5_$PSt*GRibi1?TUpuKMZ5at@Ke{F|s?em)x)y>?
z_~!Ll><1rAqVFp~Wd@F#5FF<6O`fxWAKK)-^EQQ|<)W^4fe#H-{;pZypHY=P;fe0H
z@xMe6F#8e%002smd3&I8c^GVD`b{a$s(Tn_#*l3)s1f?s*IEzrYhntIaBnpmj>$h2
zOr|CG??m)7lf`Qeem=u-h|&%gk*`S-;-<5UexlV6E%JF_k`3K~+ag@DEEu{K#(7Y{
X_~U703gOQJ|4>uWdRYCy^2L7v%PYCH

literal 0
HcmV?d00001

diff --git a/docs/installation/images/mac-welcome-page.png b/docs/installation/images/mac-welcome-page.png
new file mode 100644
index 0000000000000000000000000000000000000000..6f4501fc9e83ef43b0683280675bec41d6fd7fd0
GIT binary patch
literal 155430
zcmY(qV|Zpkm$n_-w$bU>wr%5%?R0R*w$rgY?%1|%+qV7nJTvni-~27DwQBF$Rkf~j
zM<^*sBEsRpfq;M@N=u2UfPjG6f`EWF!9e{h>04R51pz_8v=S9nk`@&uQF3-Lx3V<@
z0g;MG)`Zql9mUGgRe^z}M**eD=M?r#-r}9>m5>4pMiV6|T}cp!Tn>zciHxiYFKxjR
z!ooytCtG<B43Dg1z_KmvkOn)s@BG|)R_IE9Kc3*W_;R_L_%sKJZ#IL4NG}Bg(f-gg
zD(uE)6(CKJenZc@p$4}N;Eu{Bzljcq0sa1Q?EotF(P7UJ`#A0Pt&YLHLBIhb1u-z1
zMc{@tAPLg5xC&;(01~WFx}2Fri?Z*ILJLnS3=(e2tdMMs$gGfJEE^&JtB`X*03^PQ
zE`<pbgxks6oQM~5C;?r_cJ%n>1;rt3B_?}lPiO=2wy>gN6=htNltbZ*RN<_9P>v{W
z)VL_t#EJop^!>&eBE16mZNdH3Y-$!cbTktZlR<?Lj&Y1|-b8KUR)ZsYB?T|YO-Eo%
z89sf_h33WFl}ZH{j@w9Vc<j-i0Se{MnAv{^8;Y}pW){w3%qLmPF8kv)<jE3;k(0?2
zgBspKGImJvzJ<F>*@P<wABP3c1yYdJ7D2P<<^zm0lopXcF&B%F`Y@vD_|~|eBqgYY
zm74sg$HJGgZ-)CyT8t6~%~1vNZ97Ijpl|_7b#e@M9KPPLo`OJ)^l3ys3Mu~0_;w@f
zC7#)ypenBVH~7%*orwguiK8n}JoXI>mW5p6vi7Hav0q`s)JktwM=A5RO{-&o^tnI3
zf(4|w)T_xgWGm{diai&Sh(G5Is2oWkJ?;e5ssA$b3>V0^wB!c}JdE(q9k6@l$u!9<
z(_rNHAMwavf#LAZL!TWK1$yz&kAUIExh;Z1DT#XuBHSIC0qqu^tI+lx(wb-gNj&#~
z?4ggeJCk}ep9p~gkUzw;rdiPVbyLCeFdpA!?^n_uGACqwR2vk((60gwxyC}cqj2wr
zS)(8oDU>C?r}r>n{EVj{^7HWDUSrHt5jx+8Z5>5N){vh2^hy0j2rYKbdI*|B(mnRB
zm^gV$KNIpTvj(4azW8#}w&S>C&kp4dFC?@n;_jb`n%}r1pOM-3dMs|HQ&!+EnB0(f
zL-c!eY9x9F6pZCp%r07R;;MtG6O)-ZbPI!Zp`!co>uW3OFPcB@i0kVmaA7E~@eiDj
zk0LpPpKW{jNEzAbQ%_;LNA%1|a_yKStn94Jp#5Lo89u!`%%r;3VfOdj_1$Pe6b6;j
z-}Hy)z;{+uK~Ao_&mXpWE*r7@_p@yim=yo^4-$eZ`SWeyS_{FSfSRNwvDZK|^nkwv
zlAs{{5e7?xEzg0fBRS_b1l59z6oS=)=Lm$WLA-$Q>hX1iVGG1^gv)|V6{2o|z3OkA
zg*FHjz9B*&hY=C6gdtQGZ9oMdK&X`<K;<03h7~4DfS`bt7Jmtc(e|ekm5Em=1X~SQ
zAnPU{j#nLlEQD{3dLa26!9QS)%vV#xT@*u{9W5n4i-0PaJwaf@oRqkq75T-k6RT11
zJ_GfD;R)Lr;a0#nONwAvhXX#}JHaeDfe$~7R*NAQPTv<<%Tj^I>(Acr?n8J!1XZKR
zg<7&Nw?R-f4Z;UyvA_C4=8b6(aNUc4<MzR`6@<LE{Vy1(-sl}U7>WUO6<8M-@nDud
z`#$A9+?IkjnCl2JvLH*bU;bXK0ci?ZihAN3G8NQKXzk&h1EgpXg%T{}t%-fobSeyG
z;SK2xalaCO#Vkm^Nu^NQBvp?39*D8z>IpHBUsL9i0LTT&k;i|G;EZsM2ah|N9*tHc
ztWwU?xu_Q_ny3AdV*b;j@`vX1chPU>G0-vGG4L^6ZEbCRZR*vsI=)rPy2CnXv+41t
z5#K*QmF3H}7EaYrUD+E$*JL_nePjz}5v+(B#B><!*eg@qGM>Vplw%nzNU?tmC+N~?
z(kzp>%U>mTM0W&qlzhm&dcU%~_TOn9LSvX>AYgW2YQaTe{KSl<+0ejIDWuh*38gis
zsZ!Y}_Yl5qMUx&?8r6&_P%CXvJ#A27BrG_e?L4)8V|inE!}ZK%QC^keR^rxg6$5rV
zhu!5xCPr4uRE+5*%Ovmr+(d{r8i6r2Wm#fEVzy@%P@Kuy;SS(6It&I!uabYs<56A|
zO)l4|(5d!ReXPe*oz$ckwaeBiSQB;C+f?)U`$q8i^O5xo96g!3P0m!2F2}=ij~`L3
zUyWSFq-#haW*kp6Lnq@a18j0Kql6v00Y`^O=Try3LBaCTX1;N=0l0?WplID~_?L-4
zJ$=I2oYzH3Qj}UqvanvXMASlSS&CDlS*Y3IIiE;;TA5MYA;=(eE3d1`xAY6_ljqY5
ziUleb$_gqIVG7rqiH#+iRnLCK@?}G6@yE=M?b4}}0OrY+O|JEpwU<!X*@0P#e$#U4
z5*ll3iwtueE6+s)_Il3!bUXI*46(EWwg|y8&pA7nzpW*}9AGvu4zizY;7`w=*}X;6
z&(VmaWqAS4*UX}9v*JUB@plaw4PgyPjY$oM3i-;_rQ{_}TT2dKjwrhfTZ8qCRcE_$
z+v}CtOOeZz^~P17M)w-*HR76U_ZfF7=aoIjb>&s&KBwe;Aa!6;>b!9YR*B-&(^TtJ
zSk|{2v-_yy>iL~_<SfS3Z+%ryeOG<$Dqg+z%`|&y`}NJXP1g<WtHrB0{s%rTqIUiq
zV1`Gr*VVoEq1h?r1JBuG@A|4&zI!?H(f+mS#r$sh0sg-3?)!-1GUH<Pl*7#SlwX&h
z4G1X-m!W>orO>31o1xu~VZ7)}U*40UwWFG&_{~1bJc^N&%MUy}j5dJ>;WS|!!3t)A
zVCc|lWIr4uj0D2lVYR)5@UmppTnQa<hHyS?@wg1kM$R*z2F-_zlXvDJ=09moTCXdo
zwT-pJd)|98`)&Kw!;I10zw>f>WG!VVD2J%76bLeoc<uHZx=!8Zql&jPjMz-BqTyK=
zEzGC*1Y~`&Y?gK@L{#+Vwh9?595vW&esD7ZW$#GVGdm+b6Zd;pdrptroMl_5RrFM4
zRC7w&imMba6<ri*W$|}__dh+V=fUTii~L4lrb|b0Mx)0orpYWQ%?S5tZ&_b1>l@9d
zvo|T3&@o`!>a*)P&5_}PLfT#8vv9fPTgPrnU9?T<-ozJ@j#D(#pPdvgvie;xkME8R
zax8cp4m&JfeP6pLhmY%zo9Sn?Ykmn&i%f^`Vv$BAVmHz+>FTw#I7ECW^2^f5vZff&
z)X@E)_h_cG*LKM_-%ae>0(|(D(I(QOVQm^*)p@VOc|$sg56fgGXKMP=9$^6JYUyZb
zU+W?}&-SV{x>LS+>Uhjthw<Lo)omhdUTqvIT>#A`YPD?L4emZCZ=r}2h=cfBc3F+L
zBI$OkP4d6x|HyA1k{-%uK5|xXeiV^a?wJ>9ntfu$(9<@1uZ*pFR*n^%^>9quQLYO(
z9NTr*_xnkTHX6CED(p>lWGlK4UhzC<?mINLFS@5*eChO8pKhVImUJ%VH@Q_0ZLzyr
zW|vm^Z9n*AzxzCK5;6(a6yzuaoKXlc2)%E;=B}HOAc?JcFFam)P=m;IW9Q<qI7txi
z@u2YM@!B)dGTLGx32kiLtOVY|28r3}dFYde)nlu<g}IeIj1Nq|M)Ng<&wI)iR6FhJ
z*RFD71$_#9ti6WQcUX_7-?I6ArtUXJ@2ie=8MpvkZnL+>`;_mph^dzh#GS_Ohn8VJ
zlKtvo<?`7I*^~OJZ3=oW-EL=X(~tF>U=Dh1xNi058WWYg%_ZAcUHz^1ANEI^%g=XL
zh}(cW|C_v*{J#D=NxZnf-)yh-UF%)%9&w7(hr`No*Uxoc0D)29T~YN7&85{U>!n5G
zbY*Vy!~3IqSK8B`>!O{*8=+Z1q@Nwo?Bi@?o5&A96is~LMeogjXTGT0*vx)yyWNN=
zj==Ak`{?^3dMnu&=Ow`H%k#{Abzi^B4Uhtib!T|nePMlE_DU^{g!@yPO2>lX*jmcK
zfjC%$<Wct2gLe!o9~3?_Mv%<$7C;2}_092Sh+Tk|-hz;r!-A0BM5{n%f)1#?U=Vi~
z@Pk;Jux?3EQV$O4;6=eXFbBtxlRL13lCXo{sB^Kfbhw%xoHIy0F@RLA&Uxi(h2KPX
z>w7nYX+ER`<sJgYOKfmGl-&RzAVMJ0V!~=3pcnd({_2CzUj`TJ=BfH_sYUGxN)QPW
zMHtGpHSm}hxdEGzKisIn0)L>9<&%_=Y-W$Uxp%+#9e25JZ#`>`ZFEnaI3Fuyao@{l
zdmT;iq5BJcrRVs4z4~ebd>+x6nVB~ysp=OGotb|#Ls=w(@JG+K&G$WGcb9M~Odm(M
z_sR>=4l~M8?@o?`6aeA`kIGVwcI4+y%z%-<Eba>*OKe!uH%`k7j1cC>=hAQdmire~
zN%K&YV17VgfPJ$=M4y|nyFLTFHupj-KG_SOtF}XH_C3pK?$ez4(qn$b_>$YvJFv64
z8pK$2e(jHd4Y73az0Pv9YWXF>lZA2VD|ksr46Rwsmvr77Bq=gb`wW5gZcl&tsy!2J
z4(ozfxQ@||u?L7#m-6!?z@R#LX2A#<bO+lUG*F=JqElb*QFJn0eJVnT@?2*7zABcS
z`rwT%_BY5aev%)02%+d)ee;9nI7hRwbx)Ol{r&~j^<njbabA{cAV{x(d@o&UfB^;v
z8saY^M0&$0k!M}@Sk?dLc>%D=ZA?vQ^Ukka_kQ-1@#UBMpmu)4bNDU&z?2<&TlW45
zT)dakrhf2R@|G@`z3cEg#oJ=%;Zg8DyXNsR@zu>kJWM{+?ymf_+ql{7FG(MYBNjYZ
zQ(jg;goBIxNl)u)LNf454Z%i6)Qwg4&JTGOV(H|$dq>9B5VpLJbn`(g7ok+hJk0dD
znKq&;0RA}iKr@}zg4fOPOZxX!s&fb1L)(dBagsAz4&Ni|k%?IHy_zii%;#JE&*VFr
ze-GwAG3|7R_;+cXDVBB4UN;|E?|Ae@vjp(!s!Q-I$od8Pb=dIDpNM1<70+`Wohr|r
zm_9!AH7{RBENt<gcg|KHFCG$CA_VD?T<dr$CVPJng`^?_<gjrF!V~8bvuFVFtxF9y
z?^OU3V-wFvbNQ^Cm6711XU9LV3hFOb`CA^@uyGO-NrSYur`LDCog3=XhPSKd=YccZ
zl)1Bv*9I0RAZ_uKPHh0j@k|50P`);yQgHcVHusH>P>Gu(=Fryqaz9Kkzn@@NzSic?
zZ1wBX)UK8fkG^juSjFN02{B+h$lu~~VOcpQn23szTE~n3(8`A6^G!7{##gb<nplFn
z_nb53T5?==nNi*q*vQn~xJ4@n!x_pIQ?<J}Qo$f~h6CJ2>^Sv?Tmg$uNUvS{otUOF
zDpXFCFW4E4C&Q#&X&M?8B8m3Ma_ZP~@axU_Z>Lq|UQwQ=+VnMx?h2UsYWZVv0#!iN
z1I0uQ=1<ta`=cv24W08RT)iDoJ4Jkz2%>2zN+#1m#k1AoaIm|BpMUoMbmQY6w)i3w
zJ}SX{Fhdl&I9JpZ%vOL_MbgDKL-goHkvF#n_hF!baBcRj6Vu8bYW!!R`GJ7$^XO)8
zw;y=&XZ7>>D%Ng2rd&&OPbIGavqxU%?}5*NdH&#zL#8e2&H?<$`Mu~1&vN0o;p-wZ
zIqF{ro1){id8dcCV>9>feDXC>c@i`i6bca3aGF!1l7_1dL`%O-TYl2|kF1s2ZepD{
zQ%#Weeyj)%LW-`tvGpf3BQIS5jOh6%28+>Z#0$tOSml_H9YNuY1}~_MCOF&jN<kn)
zAWKOc$O^UTH6WlN$yvw}FEn8@x?1@hAY@se$p7$2@zg99b3(z*c=qE6aZ)M!hV)pG
z=lS?MZg7wJkBOzxB9Y|Ta#l?J;tIk+g0nIsU=49{TsTFNHSKuEA3g>z{i{YR*pl^8
zli1xoo<3o&^<vRHuEo)7-RPK+H={kt#jH!m^lo)bng6MFoSdXFrYZm|D}G5j5>N)~
zee$?MHd5fL7#Q5$UEK^tYTC`!588LC?!yG@Mh{TE{3BNaZ%Bp!T;4{<ET3Om-b61l
z+n|}{gN;cN|E4rMdHmf+Gna-IN2LLYOUsylcbqOHAB9EYJva?>q}d_fbtHbWC#IvU
z9ntp|qvX5D&a~(NGBqKh<6?lA#VJ&$3{O@6IO~9t!ih~9P*kH8LKM^*|2vgi+0r^H
zlFGyo&Q3~rN`6{$&rIi2f6US8PG($A)Cx#r88s~4JLc>$7WgnWHrBGkjjBtnfxhL9
zMGH=tExs%2qF(A@@Cn8@>P_TnkSp}~2jztj#xY9`%d{`C88Lsi9mP;lIIjo+i(!k!
zJ2Ly?7z;hHvgo6#HlM2-R7NhFrsWp=XG;?Tl|w!Y)<yE+N|zn)A7i{f(n)P=X*X0{
z@^R6sxZlIk4uU-9aMr6<G+bG~Ls)s-cO(s%-7Yqwu<UqA$SC4<9DL+PE#3BR0{ErI
z8Ftc2lt#H&1zYy^&hxF3Bv3y8h>m?`D;#ClC3;_M_<&Tdy9;^5Pbz&~Q;gXL3X20_
zo9tIZWu{o~>~}xNak#kz$Lj6-sVuh&^N$3x6UA2O=_dxOI>Tm)O(Y@G3Fs`K&)BUZ
zURFlB)o%m{yVP|;{Hb`eAfS8@pQ(7K-hd*)CtSb|HpPS465?()Jiu_oz3ksn`Yk3u
zgV<+<wXHU<F=p%aU!GgpQpjn6LC<eUj7cit0ovHqi1&fO();^37#R2>3c8G+(*vUs
zH1S|6h7v#Tx?Uhcn&U#ad34M*D#=vxQkjwUQ{^6DSy5E^2tiRvvj(J8b6X~<AVNTe
zpEgJM`9KFJbAq``W1C()@MC@zI&Znx(e~+3vj0LwMa84fr}nEe3=Rpg0zBht<Az5?
z1kv|ssOQ8+-&&QnJKQ*td85B_<S{F}VuF<f_*-VkxYR3C?^}q869tmzG5`Dtrlh7f
zVgdQykVH%c$|SxZAr%gZ+Utdq1&cvxLEim@TO+~AVVj_0SpH+M;&gi_TA+WnLz~|h
zdK4!`VDfgvX;|1P8ic$r?BjG_dQL}9fi8m={AtERkL`gEE^r~*W-2>nwDWXwVT}5E
zJ0SgjxxkDUE^!d}^3?9&G@mAcv105!M2bjW<2Gnqv6&Pd`gmSTfel$fwq|#b*PqVs
zcp4ssib*t5Hpq_@cR1M}I)!*l6N6ox`aJ;1$_;U_@Qva<;}rJT{88!cJV~HlKYDv|
zcFNX~_HV~Xbfgr-;H=P%Q!(D%gSNYy6@ySMCq^d>k!eyNu9wGH!K)?cErlZ%jO|<#
zPX}z$gJT?+qtvIjWQynn7vano%MH)aI*9ap7Sa#V<+M(vV#(f>cMr6m8&*^jX{h`8
z@to<CI<CRAgq>Jf%=7rLx5l1kvzWS;AY**$$MLEYr6~|&^T0X)sS8NWfO8)A9^o(Z
z3szpaJa&q&EV1k*VfW(5^Omf7Iri)9{0RY|F{rCh{N6CA3l&y<8FKb(npHWytS>=9
zs5z-IiQ@N0-AA62Uvd^JTBu3fAX6JYrP-X&pa~dD1clVmo(F>F3kF7r!j=97Kjhz#
zrm)<ZR#bBm1U00nmizid<m;*WGAySbWMmEp83C<-l3@@K#55GJy5;sat@s*#ef{#K
z1h^_FYU*bxYGJYo^qz^6I`Y79abpGUWsvidqZMELQd_&X>`)356_<l-kvA{E8di_g
z^9}#4l^q^#swIRU8v;W@p)>Ex8qh9<tBIj!Y9lXTJiuro-b5lEq_3qUQrU_~+AF-_
zS)dI*9GZsy`+mU#7ZNFxK0L$5dO*x%;G2bYM3L(?4_(LDo}|C5uuu!VG|(~>rKeJH
zwQ0UdtkF3w=|YRGU7b@fQPW*y`P4CAJ&d7czu4w=)}q8vC-m}M(_}6BI*l2I)4;Ws
z12EELEe_<CDdWf93LMSsn*13U8Im!axMyr%#DhwJHrCd1PUn(Q>s<?URp~*S%zhDP
zJ*v^HBcdE&nTZLrc-MGA?+_!QrJ-5ALD@Rw|3QJ)9EV%J*jQHxQr-PRrt?hTpMZ^2
zs6+`yZ-EVGR8&N1D+vvGfr3cfZYWQEpClJJc(6L!gm@Un%)L~@em5Zn!BlxcqE`0>
zDZZf$gCuO|9|G2qnc@YX@o1r|rt$;X=o7qRBhh?)RIk*5*XEMZCm@E*H(fSa6=s0~
z!gNCYoZ`iF^N~yY^K`V$;WzHbe%x?i;r*`S3-j+XyIapK_SHVdtxS#Sf)e&01;4tY
z73KSjndv3GKLF$mX5$xQ!nT_Y0qc1f!Cd)HrtPhFDDEy&3S3s&T(BXRMdoy@;CU(X
z>l{YbPHUz;d@KRbrqv>rO1S%?MJVYd8>W1RPQ`nsmw}W_F!_+@2>@rBM%#roV1p-K
z_14-Q{BJj#UJRTNfXQIT;T$=7;)aEah5-~eB0h<3+ZK<M4Db=&5&A#pF<!7a^l=sB
z9^fy2xe!n(Mw_VkQhu0U6sk%E=8-0g+8QGYHph-mHGp=dG*fXWBP<bKx6r|%+q@X{
zY}e<NnIV|>)(BwA7ZZ9JBoc;dP*O@Zcs)DHre|)Lu+P+yf7!s@VARd|oBWTGh@e4h
z(P0LDC*NF#G@esgd#7S0uF(N}hojx%Oo?9QtWfUyBNAqES^Rxr474d?4uVad#^+dB
zAMZCoM1r<q#^KsDrtsE~WD(P60q}&3-~PGF)sj!~0pVqs!R)fBhOc<m4P!sqgzHUG
zuW+1&1y_EgsiUNZ+;<H(@ejlag@%Th%+#QsEL4RcGitywpZmSy3RdbxZ5<=_w{G(6
z_e@Quz4wzHU?-!*f&98$!Vj9hMvN*)yYDK{nAL!XOplP7EE^y+aaeA0HCscYeoUlU
zp#Na<4~YWo(aOT#_II?dEfojdYe`wsBj9+GPF>8%jA!Qj!nr@16jkwz<$xC-T<Q-;
zC7&tu%|f15fjYFbU9BOoNu4fkYD5suH#*^U{Nee_t~^=YAZxm=Yxv41j5~%$`x^#<
zz#Db_4?9OSAOdn+!(^vM)=?p~Ns7M%8zBFUMCgS$;P29A4c0mo|0YR#!%1=zwxoya
zUP98Kt{KX(?@@k&+kaOz47|tP>p0~na=;S}4nAdj*g5O#*b7bQ8fM(r%X%u*q#eF*
z@a(R_Aqh-Qg@sdLP{;!1GbG`#xw2EDPgQchCj*#e<SN>iue?B>PK<@pM6RdhK#HQ*
zm{OrbSq2#~@PfJ2%$TGpYt5rc;aH7AQ-9Z{!|l*b?uk=e*(sM5q9W|7BjE%?hqa$d
z<MKEVb>EIFH^3i$up~38nefoabB72`3ikwe41B`KZudiSM&GGQ{yrA#*R~-SseD~a
zV@>~Q#cC#QrA+_(a5<o$w8>o7%sxK2W@jm*CU03Xv@F_1-an6oG@~->0)g(^mHI80
z6Q+OxC;G9QVNem{=Tu?5*-xpyjn^ng^KQ};UkO>;?HVY-FD7_-9X8?IE+3^PN207=
z=9A@S=*zRLH2!zp3$Cmf+G?B#9bt32EM9a$dV>JgHP!H&-{%bLlR;Bae47dqjSg8<
zjx1{mF?#z@F-8XUh=Uk2EKd$YzpYqji!=qZyxcS|w!3iQ&HY3tl}RKJPD3c~EsRbx
zE^!3*(AWyIm*>RqnNI7cZ*ENDZo{F@r(SzSdhI9YUSH1EAy1Z`!G4{tAf3W`-L4jn
zTCP3OA+*2H5v+-~ZBL6;mi~C)Ek~?lnX55hXSCcZ2KRgvNbSoffJ(p(Pf9d^2cNp)
z8S~bNc&)cEJZ<C0ahr8yE60vem&G=^JI*D4xbm9qu!o^a>b`)3m(XJg6y#Nn<=&nc
zD9QDX_~!SBTUs*cD5RTP@BT)CLM99~e=N8?ucJ)kc$F2C*a~}^G-kG0LZDl(A;w1P
z#*yDAuQeVOk((Q9gTCZ(?PDxYF<FYPR<549OcQj0Vu7DLnfY5pRiWM(W<dU^2D6|9
z!L`&Os`$~y`o^sny<h(`f*N%{<}R43+#{k*l{hIEm?j-p@uxbBSz_G8WBJ6>lw`ED
z^V~Ty0XhzlB!9AeA_e^AnYJD}NvQEyO|h5jh8bG=U^XOJR!}nxyD~@*p^`eG4wh$7
zD)GBSwv)YB)1m|KZDWQ)el5h~M4H17q>(Eox&#H85SA0ph6kAb+q8G?9#?yIzO+PS
zhgjS{h_`7RII=lCKPlZ!##V!1F6q+}S)hzn6Y<H3Jh)n0N*4_|Cay|PK893YfYZ8;
zP5Ps_tchQfy=mi9|E=STdfjAl-F09j0sDR@4$~+F&UW(?(m5&;b(DE8Z>b|%Hwep~
z8;O92pmOR&W)Nt%5M>`cX_HdGSHZyJZXf4t-`RNT%(3<yA&d|A3&@QdUZDyty|87K
z!6KUOxjIx5TOVy>((*Dm>SiWHV)yuhswvIeL7%xqS|u*2=W~b&Q>#5wtj>yYU}m)W
zhPc4OKAf@Ll(*g*<oM;kwZ;`!sSi)PY&&B+YWXdkr}tuZ`}}gb?0O<#2vOB>;Z4-(
zY;?M|tt3<Fx7~G2#=-_;@x+Dw{(RZnhL|~1fX;5TpfSj9AGI#I9lB-|u%=OR?JCw+
z=|E_@MMpwpv+N*w9njAlts_*X8T4XF(ai^{+k7o#XhneroY`xeecri<r7xnPdC<8X
z3QMYW0f6ZYwl&kc+K!E1a#{2kB2dy>Z9_S^#^20&*sj-tKa%qrUxpH%xPKKzUl%NP
z`|4pBm}zG=+lyx&i8{R|Ywm773-<ClbdIhr24+geN!Y5vobPX`B<uVrK`EVu3Fq3&
zA^K}Ek526p8OItNHAA7GSOBa1b?U={Z-8Lh_(8o>!qb*`oF)pzBQL<7vB=N8RnBI6
zFig86Wj;#6fz)V;o|HZYa<<1l3{wDdT*ZlAkCPcg4b?&@I++DytJ9k}oFviYtf!G<
z=t7hy5&J-)XUSZ>eEQI^A?&Cf$o`Ijwm63miqdVK)c=v;HgkPiRED{~RgML2lWzG4
zDSQT$nHpcFDbk3*0P7|OJxwB@owf5a)VxC#E3%a+ppuVI8&ge@rJZ5w0^KV(Q~4Y?
z7mz#5sP&|5euGDe41XgmmEPAVE0c+$)7O0KxK%`=U&ucVT-=*$n0iY?A%EqG$uK^t
zfv-7B-DbLNHVcoA6+UkwWcFY}7Emg<Yzq4mldhNBe~XWc84%I{$mT5%U$cR)v(m)Y
zj?)q7W)YXYCO(3amZ)>c@~x2$F5CF<hQnZ+-U$dJuy5zEmY&R+EKKJLFBARre5`eP
z);Ksk%>Vspzf=cFz=x?TOiIz9z$c;SMuRN5!X0C#0z*GkZNsSya!@wwyw>V8zHI77
z7T0HGWyL_{cUwz!0s|l;3FRuV!q%!<&1tls2iwgz*4gbc-I(-R?Ec~!Cs5VVh*nv<
z;;>tbesaPr&8yT#X{Nzvi#}YkL9Lq`vkJqGlt45F{>i5Hjj&ML^tef+I5;}!#T8xG
zW3<Nz)W=$gh&01b(g>OP8xk6GPL|r#;Y?DrVJw<dEWi0^fe#%f`A1+p@ult#Zh*r&
zz}}*ve*#i4-=#X=a;r3_olw!0sN!$czx3P}4p?`|^e74I5${yH<`W81%qb$lc*Xwp
zU-)~){rf9G7jvSMfxt&33!JS^IuTI}^v}i)gk>{KV2)Bh73`Q!lgR7UCEHrbP2r+m
z%S;)(yEk@z6goip@&}iR39yX1(N^MjhrbgT{Lz!btOE?fJ<fZ?WQJ`}WKvkicv40q
znI`%cC+2YDxTs<p=bRZ&tz=R;uZXB9dx6f;LNF)rOd*(i7AIV|F$;~q>}<O~HV44}
zFBiuPMqqLWfMl1u_d9asL3J9LmKQaxffVmJBP}dIY!nGp>a*($Zm_-BCyaP(L+b5O
z2vXA4D5Sqr=WDlm{ifa5K%R%-02cVG$?O&ZGZjvj3XqX;3XQj~2(@YqNhd&iTh0>i
z(;{O{#E|eYjt}?lrv)Unyk+4ef|RQb_?q#t4L=1kSUk$kiwNEqfD0xKr@_RL&iPHY
z`WiFge*H%=FtJrp;f_QkdHyN7@zb{#N5a-hBKXV-5b^6h*%)LlF3vxK*$;`&McTWH
z&N&M7kL_V7rteTaSJjvM(}5^}Y5icVO5MEe)k{<%I<h}!yKVSYGi>(89l7ZlU}5Yy
z9JI&CO_KiN>uQVEMfaEQ3pTsHaK+B-5fObR1_nr#e0cq0lf~K4_;+`3sF)5%0U?HP
zPG%TeGN|H{gf25k)ewghHkhgyp*UqcR*IS$+I_`Isx>0zfuCf^%1&6%uCf>#_jfMZ
z8lowKycaE^iPLp|_Hh-Bc*t)-mTs-%Uxwrz4Tqs@H&!t>dDu#X=v*qC;R5iYg<Q|;
zG@EX2E*Z&j%J)+>hLWl1a8G2?x_R?a+-;q|FRt9BOHxfHOdePxn!Q79e1V<^^uUZm
zV!O<lo8L^AaY363<VPKCk5-VA)xdPAA|=$B1I0}Jvco@s;Nm|9pB}IDki1jHYfS}~
ztI>W)b5R$ue3C9#t~c(o+@v-SVp8bs?7+m7biikkI1+{g(mn*f6rR0jU&&J=jpEm6
zlLAhR{UC!pFDT{5D>v$r7`*00B~h!GX3z8P=*af%M_?FHiAh1umB1gzmvhG*$<S;(
za$f9*x<EAp8>4vz-f`g|`u1m&`z>;<22a|jnPQq5?Z6r#?sS^eInSZ%YmYISz5$<g
z=G#Ts6&DIv`OIdKI2TWn$me2ACxq5xc<9d%3?4YHCz%9*UaZ8VZh>q0(T`E-;iH&L
zwxDO3*y;IQ@lbnhD;gFLIQAqCllP~KfrZheQhr&HY8S6rg>tNnM*9$b-6f;T;>#>}
zJq)Vm-DAK~zEyc~cua(F!HQ#rPAvp%*=iR0&l=la?};y8(y_s<=u>)(JUotyI0Nu$
z$*?1*2JCk%X>D=K?c!v&yd6gwEOr${W!jZUO8D;KSRcuT`2w9z8nJ8zAJZzhYRnL-
z21?yJ4^kv5C6EJx7SGkVmDIEVs)ot(?F!uPjPbI3y@AUUl_@V^TDKwS&oY{%bIpqd
zG>zm@t3-~V?kcU&Pf3*qpwqrXxfE^GvNs!vfU>1pGgit67jYQcJX_2bV?*ltbh$wW
zyZsRB&%v}o8}%_T>)opMYvK3e*)(n+9+f({2JVi(S=-xw7>FU8((nFG^o##e>_cT&
z%eilS#ogno$gF(qt36y2G5<uOaS!?8ypBKo{LZ0%ufsF!zqJX8yJ;sz%4e@NmzeQ5
zXyjb(;suG)8QTuvAmmDnXuB^a`6Q}f?GvTuRO&T!bVB8Fj-0b*A*p=%Jww!xY3R$a
zMnLSHum-jx{TG_c=%s?v!T!;6E+s6=^%{xOmr*kbjuNi>n#LhdF*LOqtTVsexnqe@
zi2?$_>|vD0&G(xs44_e$3P~xZM99->Q1Be@KO3?}iagULzO7J|BmO1V;{1cw{+R2(
zksXe(kF0TJX4tri`6jKD($E}591nbeEgUW7ZQ6^}CTE=durB2OdiVmUlilC?wbF0<
z_~B6hRIo*Qtx1FpfIU=ff~J%&NU@vE*9Mn+eGvUn<3t)<uuK;zm?`kml$Q#RjTk!1
z^&8{`4z_$Q(azSYi{|irLbY>N?WCB{G}GEi@wcE0GQLB`h#tzoJ~QG=X{&^46#u5Z
z4;zNXW-)lS-3(s_dMY=GjgO7B65>b6R&_vqdb#ehlP7bvYx)uJX9Qa%2@Fj;)s7sM
zJ(RYXHz4DWB<=LJoYalq4yLN!ES*;?gIkH3y9qGtlu2>>$7g4iB{S+!y9n7KbRVd6
zygt3Z*iV6Nct3`mY`>!%d4E!BFzSaV_VKOsS(_ZR^0CVzc6+0E-m=_O-e3E+ofqy_
z$hR$|!YYz84yOVX26-L2V%JdfN2LCV_5ndoSa$nhKpoeE@cb9IDUl9OM`T3Bi-jh2
z!xQmT)t5+-vjjG9b3Ls>a5b#mdgQI$WI|yn#pxZ;=m4&AS^TL=4TSCwICt%8MKRM#
zlr59gkga3nd>;Tl9e@kprkSXB(&SovbH!56;})jlYsu^7s2$kyIYi4PS@(CiGSfkR
zF;ip*nN*4WVKXUCVFHK2Xoy|&qwQYyIA`!dN+9O84UogbPfkC26fuALV!6fl`p7*N
z)^xzHFX`#Y%|pMBRVJY@cVeQ<n0sBk+3s#r&7vJSpW|s9kszo5F;yW4!KfRk1N}@Y
zWlJxHcQ~LoQr-5)<-Kn<qAvplgDeqnEVjk30FUn30B}h*zxgxW8t!N-p4S>4&@e58
z0!Q$uBsZBs{$@Lu2w5c4^Eb8_gIpw2Z<*A+Zq%E~T?&?*EGyzN(sD@*T@z83$EHis
z#Dr-2I#aas-x&f8LX6keg818RmXoXQKvir_uLFTc?|fMt^J2RZkF3~-xZz|C-_>gT
zu(N(94*ybQd4M8VOrk*H($Tb76};ai$;qiBFzn&7<DQO^9kKSqEC9u~P~AD2nu6dk
z#U|a2I(;U#7_^&!;s+!B(p*M`u;oIj071v;_e}!Cnv^<O*2B3n7ta9wTKEaq0@7g|
z)-lE(UvTTw*W2W*K9&KAC}`M+S1GOJ%1JuwrMuF>`Qb9Xb5wjy?8ZKk9}VFoW4{La
zN9}ro$t9Jv^khPOneaI617{2~sgy>W0Ky6!Xi15U0HV@K0GHK5UJeI9-SZ3w8$c|)
zA&^YNNY9Nb&L(X$*8*CxA;O;#FO=CTq5$NWv}X!5<E3#dE-AYEo3FI?DQ=AiBIwas
z&9JssOhq~CMhB;?{86b1XWyra+8i54l|;Rk9I_ZGwl9Imtv(t}r6UM$x2h7Kku!=r
z9h|n(R*FqrlD$!pN2qUY4YgM$T<-|a#>^ZdV#{_1<OKK{!HV?R<Xi0z9q8M-SnZQN
z9zWTTRU0G#3}C9&GtJm{2u{V|#u>{UQ5o%1>-0`_ajix>@X7*R?MCPU+&ep!k#|2J
zzIY&_KPR^RI@p(S6sG<rL;s3(&G=H}H}J!=w019H-e`wBi(u{Y`Xp-Ga?j5BPGalu
zJ~KN70*^D6U+-zIbC~2E3jil+ZdV&+khw~RNdp8MWU=XWK)bLNshg<zf%lZGjZmgh
z4RUJsPLOO^#sah*8l^aw?=<#HrZHBl{e(#mqMtQN;8<$dbtsOoy9Z8aMw6nNL_CgH
zx;yEq-=ktbIBf2I%Z%sdDBKY&<2sr`HQ)OYan?uv(=c0MMpoEneXY+kidJ~P!B@CA
z<ecngUnT-9*RJHg3LOf)vv2&GsmkBxtQw{V^)x@*8EulIiZ)H;#^RY~DXjJf?ioG-
zZC!=)jq_LIR)ZfxZ01?eFTE5`<|3j)6(4v397iohv@*i4^vbh55y7T({ke(}tg1Im
zaEQ*emEYIqXB}<h1x@jMUVcD-u|sUEhjH)2ewA|c{zq?5!XochI?Z70%RTKo>Qs2I
zQ|q+0Thy)K+N5v36vio)P%hNi4L<2l2>0zK=Vg5+S3gU*xIJ%=qxKu>OOl6Q0x^#X
zd{=c^$Zw5LGi$$H9~UOInmFayauc<=LwW!){#&yjxhhq`r#6)x=f0mbM!y8=LU>1>
z0e)+5?WD;P{Zh+2%LfqqyvI<RxMncb=Ftg5j*NaewgP5AkK565c!wOWbn*eK*OSF<
zd0uxVLvrP8Vc=N=+s(rOk;uouVlXEuRYw{Za765=h!mCR*laCn`TZ)wJ#|z%l5KM#
zI7Ker-gD?dqMN!srGm$=u?L9$<{53($*gX-Z!Syr??z#+MD)+oIDfsP3=c~|hg(LG
zB#p~bZlt*e!8Ve|WtTje|7JP<NzD4OC}?c}zcZu7%Elok`f}zZQ#LOCzZoT(u}pKk
zu>gVaUltFtX`1$ixc{1YjyqES8dv2Z-Jg$NroXG<L!Qp?m*|!lzhS$D&IcxL^lM@I
zT}3A<1v7tDb1O<@GsE5=J>JV^F<?dlTzCjSH??wtakqSaPX73IXH?{&_gnLPiO8Xw
z*1~pB0Vmc;+toiVSo1aj8!JG0u|Yv80OGpX(~n-CKKLO5BLDtFHu6xoP{H2TPUQ;}
z0dMp8yV|LU=T%sT-}X`t51xle*;U6txz|MLk}^U5;ArQV6uH!d2M>O7D||E1Td(ok
znTIac>X**b&wI}XTOH5cbU#l6piE~)Uz&ta_&YOw#J|)c+<hpkqO0$B$AoXiJ*^^R
zcUy-_Xt0d}(H9W+AjZAq?(6(;8h`KB!;%2~S~2sQ$Ie8jU^}<LQxoO`6J`V}|LTJp
zlV9)O_30myAtW!dlg9qZWz&*yY<<l6-MC7Q_HsPGY{UN#)qaG@&iOL+Xgt(Fud4h`
zjN`*G1LfB{7LH@R%PYAZJ(rYKtQHJ0vqAEcRC3|z&ymwH0t<yksa`l!xE$RZ9SEEH
zP1-i5i&(0jKtyb1X-0&ujJb1I_H*Q%SKEN!$km&uI-r3s=O<BImmvSQd#B#Nl-hqW
zJpcUa=_UmIZk+qpFYoS_+xcdQP@vMx0+I3q7U>W@eB`iiy`PoH&-Xu;xW{nbNq)ub
zCN60e&t8iTt2#IsxJ$Sj44u9<P;Xa00;v<6{|Be}Uqq-I8I(9bisF~ixmszqiUI11
z_41LTI8Dj_5JdmeTFC@;##gps$hibZ^?$wkFDNGuCEmvTpN8^3j{bL1=_t&PfJ&<7
z*gg6GM<V?j2Lx3KEb|QN|Jb+Y0+TT;-$g83`M+a8a4bUqKl10lTwQR4_}!z?k1tjG
ze?5b>{fqp6jqm=K@leiqW5xf!aeuTGHRAtXNdFsB|380p5gkYdbN&;^|5j4glnMOr
z<ou^;UMP7UL=)bYP$d6<K&1bzlrdEG`L7xH-;N<dh>}9Ew(K1N7+(J;$O<^HkRCtK
z01#agIR@&VKWRG`8=+PVnKPBNl|f6!i$XH#uvRKSYcx~(cYlQeSx<<PU;{Yt=hX-V
zV{)E|y)#BixKc~(OQs`XMMS0@YITe#4GuBYadHIY-I0>gxu9PZ1pBJ9FHPLJd>OTK
zy_ft!np)wL-P#pjh<$2n{IuwYzn9pbO6KXu<<>wc=yA?*K2beObbQsd4+-E)GRoh6
zmCRpzpWB${!t8i_?DMHjr^Bhke0)pvxDS1N>thdgisb1)Ofc|b$!A6f>c~6Z#s@I*
z{-h}d#ZQ?Uc<UT&dH6eyqDqUBhmzppL4EY`Li=Xm&8;&au0-PUHpiB3#3(bYS&y}s
z)k{9Z!f?03*2Vpmz=^sjmRI4}f`VZgr2C7PUn2{N7jgq`1uV$0Uc1)olEqf)$DkQG
z6#2}-z_tGJBo^(R%9G&|^0=}NLth=b!kA^F$^LBnw@`yMMigA=x51l=Z24+Pa#WY7
zub~gZ={ljI{uhEpV@9pjs&~akT`E{|gnlSk%A$zxID79B8cwKeRTtjvuJBfzzbd^Z
z#GdGR>TW8yS<BrW=?{gqP;OZc;}bJYGKLAawFiYpJ*&8fPyCzyzn3_kr^%(mwL34J
zA_Dix$;l$<16sN0+-28Y>`}E0s4dP1uRml~Lsn%ucKXH{B;~>%k>O*hf9ekYI~EF(
zIettJe8)8^^U*^56&4DPSrk+l{8a3U%|fH5TlkY-2jU?3ib6!_&gr}57OcZwPWAhv
z$q|Z(fD;r~94U>PXW~P0?pz0aR!mLF(CaOIxaQO`LwKGns(FyQG66F?cD3MfZa=sR
zM)e=nHGu)fb_{HWLHAWq)YZ?*S->I)PoCfEXE(_eiI|5oX{Cb8zN(8YsyuFnfFL!Q
zc8=~i&>@(h6L*Y9<n_x6g1z>RfYSt_!%(67?OBcv@z{2jcFOix5+R~s->1NLH^Sx3
z<3oi-r!~@j&Fs73gTr;h*TMQpomOU5<}6`bF48GLNL!gru^=WNgUj0e217iV2ClUM
zRvyYekC#0<-zDKq(LL3^Fo;9_C{Sm^d&H>a9|DhUH0M=qw9(>}#_Yv#UIQXXmlZeB
z=UfSZ85*`BcWCwWN}_>pY<ky_??<op3sp%%9OczC*)WOQadb;q5{&trDM8xm+F#GP
zdV4E;SQ^K%uC1%sEWbTLk0WdK@52JlodXs%y`7RiJbBN3H0E@&2R)1@8ed*A|7rI~
ze}9JZy~QEZp10p0OM9GM($r+yjYw@o4CnZwjlLdc9O;f%G*@nO&72KE-0=|&sfW<!
zitKC$_+P_(yDvyDijeLE`H$m8`+`qNuI_en#is>;*oPbuZN?y$CBwkN_A$zG_EWC;
zN2=JaHQ*t(yNZUH-|GFM|1mZ#E@O>1_A^^u*F!HYFfg#;QkX_+os5+?At@oW;Q?W#
z>^J;O)4Sf49X(vMIAmc`V&tDX89QEez?Uh!5}TKT7foVPQi7&dXiuJDxCRqHJ7#)o
zNR4x*oFZdKzd-=okl7)YP?Kv6ScriWG`ozrm6a4<Ru8?fb&Z(*;NT<{&cEN-L<(8_
z?1h=ZS}ZkEx22OcwWU$rt`$U>fmre;AR(nUJ18qZu8&NM$@y8K8LTZHKFB7Z>b4+T
zxuuL&4;QXlon~6+as#6<^BYB&cI&HaFODf+tZvah?#`X{HX1pI+TS(kRuZL1LjsFz
z1yyuYChz9vSdH9Ao3xXUhD37c97$NSS1e4GSxwE;P2&}sdcpYvb1f6(7FPeQG^_QM
zx|#J-ARX<`nVNXF+SLuN_AECwjkU%%8GSg}pAbBg$*h}$?gGKNzHhLysntCL?~KBg
zH7RLwG3SYtQMHa&bieEf`u|BzDJgv%V<k6M<!BeH?u8q3d)}3T|D<B;YrIffavLQO
z_CFh47FK^c;gOKc3F$`0N5!mlcvcX7m>O$836hI0kZDHDwXqbn8JYk<+~&t!R4#4M
z1VnLkj|+|NC^JZv9~Ry7KgaA$pJd^gUDPnhlRr7CYZi2?U^3^RLV(<OZjghA13D14
z*aQm(#N5Bb7oyQpL>p<&DeO#(w>Lv^31pG1DOW>veC%|5AoWfKS*m{FYC!O?u9F4X
zWhNw*JVG)X#YZPEe6WBpc;T|t-{b6Ak&qT<iR=I(|7~_(MTq5p)kB0RHCvx79)&EG
zh%~PG2E<80GBv6KE4Of4t|IeSZq|(tQqoJg$9w*&d(Bp!zm^gz1uhS51_}7Q8w-7Z
zov@y;Ola4p!Y3==?;AurBiZ(yC<o0n1N<H=)_nV`2m08<T2NecE9j8-iHV{Fe55RT
zKpsvvu^AOJz@bkebh2J-KfqgFi=mzNYw~rx{jAdreD@JIoL5Qa@Orv^Th1HHO4%Zy
zW<u?{Cx*?AAD8Ez&ex#}hC73ddD&gI9wP(8R|B4Nabt!BGb0W<ZJ16vy0lsu5%V>$
z&AY$(-kwi`z7C2Ua<^J8BbtRmpy=AfL{=bjDU-Gb4x0r7{>)L_vEWoI7{u(%82&z@
z+Uc6rtgAYx1PE^M9ibjb`)Y5<-rwwfHnUE}Xn*Hx?v*qy7`z#2EVAeowi2G@O=cva
znc3d6-dsd6k`5)uX>Zeou(M%kdoArQDP#Z14Yd<|Aoj(?s@klEMK&%-Y1+r$;Bp3e
zLwyDvu-++JHX2O97-|pUpc%J@7jYW0-|&1C$8jCUDa2GK8!;VTuI86Uc(c4*Z{8O2
zzU6-xlfpsc@Kv1LV^6!;_-=Uea~Ly*P>P?)j_NB<@>_G`4v|J*p&sd85N(L1?fym+
zjR<G}2tMWF+xwwF-;J@64xarOOs(dN?z(`UBYvv`d|W3pDxERmug&Nuo*3w3Ol^N`
z%b&>e%r!$9IAZ#4)x-tzG#k^f(Pw@_Le&#XdC6#V*6|}@uNhU241QM;M)Y3jY9CSs
zuM)f%Zdf98d}t6D1x3*tH!3uk#v1c^ZBOEO4S%mJLnSIcoqiqf4yMzF7a>;7d3W5-
z*x6b%L7%TQEBf)hZ+Rb-Tn!fe<1*U7rPFSA_i@}NT}o@9c7F^nWA;M>*ByKE^3%T8
z-F(B<V7I<HM#4sC8)Y3I!%1~Ii|m^>zA@^?Kr#zZ;^JC~;`m<?B=ns@Ljk^w&Of?O
ziIKh<7TW)PfCK;Qt*56iJ9E;5$oe>ov)>@fJ_|P7oMT_;Q!{=HRkxg}!mes<5u9ss
z7})*IcR;Wi;1hz0!`DIG<+(2$o%;rUMexj0toVg<yfE66#ye!_&ckkC{#=tlPok-f
zMAUjt#UO;l$Nc5vecNjjF25bA>)?l@J(!&Kc0}%RI=|X-lM=?{I(FQ0vVrAsy0y+^
zb!84G!C_iLIJnW8gzB`__;NNLH^cE4hLQgjLJtwzWbA<kXSN=;I5yYc$I5I(unlW@
z%L87H-fJhS46wiIRo%0vnA>}wJ1GJZBHCQABa}TKUw%C>^0kS&na57#`yl<x5+exH
zMX=8<PEKf?h@8o441>>c5M{#aU7GLlj4iG7aaNy_o#fIBxo@*sFEoC~GP>*72;qD&
zkR<{#?AcBvqkv=U+nZ%*)06Z_@f*R#cRlQe1Y01(QE)4#6X98q6&2v~MZ~j$wAaKt
zv<DM{*=#Pxn14nCjrY(!cBdk?U=!k^yB43^N-Pd6Yq@T+x!Di(Hh$+20KQ`mP&*7x
z7D$*VdeUSKmbJJ)#Awyh5=?i0p$Y)+#aEsx2k1?5gzU?Tm4exsa9*Xmcbm>73<nih
ziF`kB8=~U|0<Efds<5eyPEI75P1Z2<95qb%n2yZp*0Z5l8#&9D>3Yur-f{2}o3W&y
z(|IcM&v_wJ_3I1c`p~S+Sm+#|{x%M+@KeRdJK)9-AN|cniye$iM}F1)!n<Z)2e&Qn
zA#pP<Cx~f$t}OQa)x1=lj*MGr4dH$9y7k2c<QWx-eQ35kYOy5-UdXv!_bk@OwmtOA
z+d%_h)Uhfx9al|WMpmo%#B~)G-|p}!(_auK#91(!VkR3*Z!8yIUoIUVv$h|6UT`_D
z2fPSvFXj!g<>K^Ai@L*3b+g%tHTd)96GEx9S7zOx2o{|11M6|!fzc|gPn9_#*aA5b
zsLy;+>DzLH;q`cXkHgo4O&=tDVyr<}kAG%eb`Cu}E{b3(Mg~-oHzVwdls)zfq|-ij
zZNkU4<C<S)$%siquOS#Y&8-1ZEKfU6y7odMj=bJ%R(J-$4~B}gM_3{s7dW{A?!yyM
z?}w|*k=Tpycj6Z9cbr+|VGmfExPQAyXwR*n)0Y{h`r<1xxe&dAk{00u-U?=}10bw`
zW>l-)lhZTCi-3?vlKdwVboT{!I1&xM67C8C;W^|UDV+AEMD$?1Kz127sC}0UU03^?
zy?3`Y{?#dAaR3ecueB{#t(sGqA)gm=`_{JHVzY=`jWDRkOyx9R5LT*B|1QnA{_*{*
z;D{2;c6a+2aQx{Zch=&)sf0~S+iS7RE%I9^><%7MD$@$xK=#q|o4yw(OHAz0v^xlI
z{%c4ETZM`oPV5LXW{<<Ebri+j`d&!Qy~H9x!>0*cj2sEFIpaS{;sG)1=5{=fV$)BP
zxBCeo2*ke3)|q#=Z|>V9#p943$Mn{<f%-Tr<@j}p&%2MUtT!j$5~MkY<8J9e5O_^z
z(Y-!MyN8^qdEfEyv#sJ3PiiT>SPOXQRB~d+p$R|i@S~=;(qgmURh8$+5w_(F`~?bf
z270b8*(dCAU8s+?ZeT)IJ6kNIsDHn~@_+Fs8Y7=ui7R>FH0xYSt-R6tZe&NKQcvfl
zToc%bWz5h~;cP+~L^x<(4aiR>-QI5zblg6kw_K4mp*I>ZJ1M6%n-c%@m{V#}t$(T>
zme=$RD1xQ0aUMm;S`CDjmT|s)jBd4Da)+tHUBl<F7u<GSx14x4LJc|o|G2v6@JOO}
zPv8^Vwl(ogY-i$RV%zN4nb@|CiJgvZI}_U-o15RWyLa#1|NH5u>Qr~tsrUVy?=i()
zOXRS(S%cAgCREsR5RjIRFl@;^-!EU8Y`vPlt5L#T0K4qwN6S79?e*3ZOmjlnYsTsB
zxd`MmT*~sW@Y-~7zdsm8l}EDfCf0R$+LrhJ0Lk(>9GO=7B_GPLc~Hae#&$nISL02*
zq%)L}SV+e17}uKY*=b-;i&<)zcYH2cAEQo#WUYS3`=A=@y(9AG5J!Sh*!4cWa_oGl
ze}-x@SRaF8cj{&XxA)<W6S-%x9|*ber}^3Nh1D=BHP^29(!xhZnCILpO|(s^sd|0o
z&DUS&v~eBY$r{T^V$Fy`b~e;$3QR+Zaevejz&FeR?%$_(tCuza5)Ey?1R4=~X92YF
z@~0`Tv4-N!iY+x-f12=^ysw6$Ep%EqG8Rc9lmd@-8tCTZ9EXEhZX1dKxz;S^W1)oI
z^^5Pr$bSj@gW$jF6GH!~Pe2fe*WDdaZ0GGfbDL)ea+*!_g_sKN3E|lmPgw<Tmnq(z
zqK2~H;uH?lgH5)%if$;v#3Z#THhS|^KY@7VzU_w4Sq(0TOK1r^>h-Zh4<7UI-hZnM
z6OWy$QXC8J3|Om?Te}}n-hd|G>%l*-XxuFk;5R7FRsy7FyNW0sdq3c%d4x6dVbx<<
z2=6^D!8WgY7|ls#65;Ibo{}a>+!hxv$U+5Mxk_QL-VlzC?HPS}my6<*Xe}1aH4xS_
zY?Nhi!0vA`ah2@KhBbPnQE_$bcgGxHB}*zPFBO<BkB)zt;?J>&$en%cBTb^IZ?T80
zeqU>&Zi*Oii~tuH1@#Q=jTo7(Ottc>F6<U-;4T!RiqhJ(@Lf)laee7{gU{T*>NDdz
zwh^Lqex%<gAay#54KEfl>cyO^TRJP;#ab}Xk0StR^I`9KIK%-LzIMi(1FgDi79xo&
zrGp%n;SWowCPb5>5-fWV1O;n&a*Dro`d->*n$LusLENx0H{_G9R(m(%UyZy&jxDrR
z;e&b(v<xJDLwRV>dCK++J*V|rCU^-yEp|-3bCS9Q8F>d8bnaSuvl-@+7?3MGadq@$
zk6-h-%*zagEe2Uw%91X4$iVr03BsRji;VFn7L;cCv5%#oof3~!W+-=Gz-*x^z4xnb
z$dVx9O-6_h3(}*u(hMC1V?p$j8qrLUt1XnN_^;{jLi~33oDuM5n&<Rj3}-eEO?liS
zOtb}^+H4Y=zMPwH$Ml3u@I$5)HHFk;;R%VvX;}IEupsT0!s_OL_u-A9O41qvy8iU{
z>Ym%j%U*RSfdMy?jws*@66<!~*|q!fg-tj5qa?(uK6lM{9b^b8`9Od=aR-qlUliJu
zK+BQAcb-Opk2wnX^QeJ$mRaA6MakjX*t$ftH1yT|!Nu}uoz-`4LTtoc4iAt)Od@)@
z@>fOg4F;9#qwE<)MNjp*JMd3-fJ!?tzasA)zxUNtXqe>^x~;oU5M56YaVNCF+udKT
z(+P>?OndR{FhwzCSZ=rdclU=Sf7<VKrKGAc(e%Ee6~06s3MwVgSvI|p!4iN-c9c=g
z*4n0W(Lg#<({U@=oR$;>6Tbmv18IS@Z;4eX6IctR0A3D|!*`K@Q;TKcFrocTJ*Sr7
zFd1@_lQmu~!g(&sI3m%&&#;k{b*oo!)<&s>e)zv$EfmEp-|F%k$tom_$=0mYxMwZl
z#Vp*3&PP^4f522#TUeVGq9*5Lhm2_n!y*=exv@XD{<dnCFe0Js2nTzsE5Kn-YkV*7
zpD*jI@j^t=-^fn8CaxPZve9TF2E8`U2JyNf`Ft*3xE3-dMy?j-<q5rUxp6ENr|i{T
zn3FS@ph(l@UC2yJq(Vn4%I`E+a-mob)XIQRgF?ivR}*ZC4lxUqy$L5c5Rl&=es<|~
zKp0yD9^_H~mAjN-c?U^49M$#$KjUd;o?oTPWXQN!ia4hD{3tiQPdQY6&m2B~*%BbW
zi}qt6ojKIO_%Ha`ls$u8Z5WUF)o73sGcBZeC`w`6J0sIfAEPGy4~zsu<`xP*z67pd
zWAz(fczrcH3~f{cM>1|^f~hhVt7G6GQxKoLLv>{>1${2`=VSq{`2krtp~-Bu99#Tv
zHL&sT_3etGAaqpRp85oL#h%eGWWRZ2Hr&Wby=`IP!xlw5{DhMud1=2XO8NR$2ZM6=
z`@ZxJ<sUUpND#)OGTR?0&40%}&qTlze@TG*Cow~&AQrQ{H~RG?&+gyMHcQBX5+!6H
z<%M1#fqe%7e@!cl!j>nMR+CK-&a;mC)Ca&ua_$Bm8qH-F?N|QuVr;ia11#~F;pd3_
zYM`#AD_ay|2`Z6LzPdn`Jd>=o*rFi3zaJR*SO`deCafHuMpB4PLg}7&dxEFq!e~#8
z?b2DmsQ<5JedbKNI`cjaabGhe4Ab!jvcDmKtJ~g-A%~p^27c0Fwh|7#`R!{)<P9$6
zv4HR1C@yb>cG@C<abK9_es-W<E69j5_)p6HAb6M+a7q}oWb04%zG`$>TC=m3+kB<h
zi0&=;tSYNp2g47e6NHMuZZL%P0=bwcg0x}j4wBu9`Eu&wvVqiL@O69Hslz)B_UbdV
zdX2`a@=GGD`^+O#L;0eTiV>uDMDAd&pKL@VvgvZ5P@)RIj9_(vcWCqbvvAM&;Z1_W
zT{TCj8bNO7CsapE87lfp!EXFlOqPCQd}D*@Lk*T&ddg%N^oEd?c2}kguVYP<Bp@w|
z+V$Z*tCM3N+WA&D32%#i4@?bz^x2R=;0q{Zr!8Mssb(<ULahQEBgY54J+WRXEj#Rb
zx-&>D$VhQI1^+<_EI93{50digH1e%6(ETG_@_O@p5Hm@G#0r<7$s$6HsC{p6IalcL
zrPY0>%HFUFOH{9YFO|g1csO2`&3+dAS+d#SeB-nKu#g*5+Ek10z8SC_N`pgJ`#`b~
z3%)k(?z?NUf9-s-Qx$pQhoc07&a)j)Irgzrc)MBjO5-z!`%dfrez#%L!D&qgjd&4!
zJo8Q8KN>tcYa#pTMrI{7BQzn)q~rDta-WNQwo_N;4sV6v`PFaW)?QZF*OCg^PAdp!
z)19P_Xj<}>+NI8OijwbRl!5PR0VeJGpF5!@E0RLjHB!}s0!UBbIqix^K`=S7B@^2_
z=yqBVh2D)aUv$|Ca8gWxCiAaaQNE@&JNpeNCC3}EzrcWrb4XsZ5Hz*%nup;ba5pY8
zq2G!xZj<SFvarYnBL}mZ{f{L6!9@1cmCS0GQ_S1s+os38hiq2;ul5fy$X_S9V_y|w
z8CY7RHNU@2pW`kE`*sLba>mDYX)Ru4p!zBQbXO^?j++9#&}s_;oUkge?3wrgiPrvz
zS%ui)kl8}Os7L1vB}ag|hRHnivB2Hs9AYvafd>kG%g<IQY^@feO`jd^b%6`<yUTZa
zkx8tPYS><D`_52_Su|WZh_`6IN{4x>z!{*StzKYUfbep3uP7(tJX3SB_^bsn)hau;
z|FNnuAiptDlGW3G$%iG!YuA<UeKk<y=@}9zUGKhTgVFIgLe$v5i(O{ugN1%Ar=8Db
ziXMW3H--@x>2Ol@Xm~pXa=-UKV?Ak-_$4DPJdcdClPpP+$90sckKKQD><(WT3=Ax#
zC-F3fUY%<mVNz#5j#=eZ{^n7bGGd5SjP_~0;<yIFU47JHtHzK9=`vLVFNN=Hv}4zj
zyChzJ_rlwmMz<fpul~|(v|alX2kYE=1<m(*oVcE2N@i$#J=M;vsQo|=eRmS91(w{H
z|6`}ObaU`evrDTkPV{507ol;EFOkpmdw3~Kq>@2+Z{`jAsrLWP0wCcFUP0A!kX_$@
zf%&H;U_KHJyj&f`6}%Qk#P?>Z_B)2NS$D&@FlZlOxBAl<B<oBB;H_@Uqp$ZXc9;aI
zLS%VH$9mjUmX*E(i>2FJnfmQ|j33YY#E3aGIrfl}4yeh?d}+L|UgpF0@0pf2KDk^8
zOC~8$oICLJQNrQ=9<See^6@@M*vhC@E7!HJ<I3pARmeF$zW1So>A|w9lK<>RkLCLW
zo3g`%bLu2uu{)RV82z}qZ49R!6^NJ_(!HL|oVMgJf82az$v`BG_NoDe@-+H*oj-WE
z8}*5DU9K|$8|~>=pH)H88Ne1sSL<C_8wDB<mJ7(tviM|on3~sPfpbs91G>$%Fx?I4
z`}o}Ch?S{#hi8XX6P`(n<u16*&pS&(u8bJ_tyUzQ2iu^di#GT~eM7<RCfaxaQmt+8
zQQ95Ifo)q#y<PY!0dTM#s;IM;;|?nJa`-G{E*S2ZHvCH~lHMdR<mbytUNn7eEcOEY
z5|p3l;3bunmCEU<A2MlWZ67jdsF@8NQJ93%V<Km+AXN0@&42``@0OqPn6n&Js<$Pp
zsu)JKdP-@*U(%4Q1&BC%9X;Em?4@Cur#Je#>Uzol2U<>>{72Gb9bop$*rV`15S641
z$`UmHoM{FS;)rdUQaMLB)q0GpZ62vgk(DvEIiJF2hJ%v?*CiE(DjmX$Hc$gF4RuCj
zWF)?`V=-!T%vZ0L(T?^DtiG|?E+#zasM(o<!?=OAjnXDS%La{?B1rnqKv(-T`v#>&
zVX})Wf1eS$+CrCC*D%tW4s%G}W;>DJTEqd?;)PDBOl3qvxe(<NYh)1vjYXorq^HH-
z4{gyTyjm%DqP6H-+4{v_LLWfFLfO=qGkqTIomf<@c$H@ya(ftSd30@Avmv33-!+%N
zUks>Kb#UQ$Jz_9RLlrdrye?P)dfv~J33r$&>Yc<J9pnHfir!b6&q%+AeQ^ZanQ9jb
zJJyJJ?iN=%NUF=NXx(*JSBLRh@nI&5f23Nk;S~drhpfSQmW3}x)48PdV?!~Wp^Bx#
zGHg3i5|Wl+&35ZiZ1{7bl1syy<}P9m-xPJ?!rw!kX6ogfCbu_xJXNWV6G4Z4m4#dh
zI%6LT0gv-_P@0^XgTWiTEo9;N)EEjO&HROtOA<E~XlARw+rGosMcc+@s776_)*a6^
z{p^FFyHff__e-H?mJg;0FuC&i18`-5|0Os>H+Y-p?I!(0F#Fb8?BHoY{UhIAA;wqh
zu)-}h2LvHOye`80520^aY!AbbY<6?lF2*8Zf+x2;F`)JbvNpS)Y}F(OA1ra6aq@Jp
zFCP?i7Q*dKidN&uAVFAdcf!+QNsIP;Q}Na)1&K&CTht-Y(oLU@jUn&&3hbepeP~R!
zVyN~R`LASb6T>ZkNR58unJ!i3q=Qn!`4l4B?=+v2Yk5*c1WUH-G1OJ<1<mZa_fV@%
zHhqA;AILOyQO&T256wE-j?UBa=K=|^I4$PdEoT8GNLKUm)rc@CghCD`{0m3n>a&#e
zrKnHLq+k8$PZ9bG9#6EmwWR|Qo#%hldwk3|GdEGivD*|l9%IwUqejfDG1BnFNsK1J
zdq(JamIQZOq*&SvAZkyE@rMc~hhM$*wd3OX!!w3i`xwG<g281Q&<avgOm>SmV+FEw
za!fxK$IPtIP&ZoIWdwNHNrsi!VRLgF?_c0i9MNjhO~djiLowtVx5Inrw0jEfQ4Pi3
zc<d|FT}jg3&J#BZFIX^s)}`MrsXi@P?Y_ps!hNKkMz~6`F?^g15=;9U3c0G9X3l@M
z2nS2PxA2?t%6&5ae&p9zUHR&`xu6j+?FiQ{oZprm)L}STDsb8lWP!H`GIurQ;gQwk
z)!twh+iRVW%x%^;eb1oZ;<#Z<eM6(@BpHS3Hd3I0;konO>)M)({=1;Rx;~z|IdpD3
zCtUR5sI{aEv&xP?R$Xv39=jkFixFLP_p|j#j%jQ0HN~$Zrg&*8#4$K!6Na)o3gWSS
zd&f?&SMTa;MIF7@zfy||n)}6<pt_p&=b6{GcH0e~ja)%G^)F`hr8B5%-`BJ?7XKSL
z@c(>-9ihql|G5P_?$>7*w}+G}|0@RMKZXGHt9nrK;{V?vf<J!DS4G>(9fI!Re@F;g
zf4Terorv;(=>a<-m<zz}KayedQk0aRU$^~3sG3Mo{=aO39}c*q>2F0v)YFB(g}S+S
z=E)V1&4LJ0;-y2Rq=DiWjMfWfXnw(xz9>rE|3w_$_+gWhl1LdDK?=;Wa5jECMG*#a
zLPBiT`T6-@W&<ud-~E5fhfgv{G0Q7;F4O)8^}KS6C0NLha$#kP@1<$~M@IPLhxh0=
zJ$$hY362&c>Hj*cFC-y^^&kJyC-VG1PI2Mae~Kv-nc}R)|4&!^5y^x98aq|PeDD9E
zE37F0^A+)v1!=$kJ3~<n{u;gVT1A2XI-&nC5q9+d4F8CklI;H&{xXp-xS^^+oBKa6
zK=^+yfJp;w$^SXJ?e3sI{W~+hzo(yJ>_*+Vvr&2cCi!1Ki<ipMT~r0-RDZ6C1Ma^-
zYeHr~uuMu}$ITO>Mqt2fqbWh7{RTW4$M`kIha9Vyo83SRzhvXwgdr;~TOOwfxYcUx
zCU2eP<nMFtEWm0Ro4pf9o0~0Q_4y+T5r(5?ux$f|{kNL7En@32co2-1VnS|Auppyk
zv1p0}0#7#YH(LUUPdxDt3O3|(oml;4TM17IWE}52;~Fqv?exD-Smxhl4F#w&IFphR
z@$;dfL!kEUb$MH#zI`gdu)RhTC{DrM!Ga+KksyrJT8;pLCzHuWvkUiYF>SbMWGWde
zCyIP2f>|V1w6=5K^U;03M__24=&h$`h*d7{GV|aYNviREc`;X7Le2XMa1=kR;cEqJ
z+)h7W$D<R~IifuM{VdfG)P<S$Jny^9&})dxXM#%};C<A(n`OfA1c3U^pO8OqIK=G(
zQ|M7RV&$RY?}z-K=RE_;z8|u%xH#FB0tKlcLPA19z*3bq1q;hn<BHU32deE9VZ?4?
zRK&Jc(`>B=%=+sL*E--{G3(0*YIS5;?H-X32A5LHyV2BmAtQtI!b{@WLE4q*#u8b9
zD2H}@i&h@<x;{tRX%8R#n~&Y|x0@?Uz%w7tW@>HTb2**Zlsd9sD{ZK9JSg||H+Mx?
z?uQ`)n~$FgIpSMB5d`+_Fek0Wdd)T7+uYv#*HV|STOhjW)yN#snn7Z&_m=Ci?h4N*
z5#$rgexLF(^3bjR`#y$Ng}lN!e?7d5=;!F{Nq@p)F(nPsw4gWd=KHSK(`eBq+irN-
z8sVb=H=06pYg#T;*OX>XBxkM{>U1|ZoCj4`Kow_kdca!k`1M5)&dk@lf&JAr9|5+n
zzf;I2VmsMatB9cwqXqd#5b$cKpW?cwqM^euUv9cDBw4UfE>LT;_OrgUwiZ<~hEVwZ
z<(?hvWxB86@P1#g!Ym?2WZR9@;D<JvBRqz;r7+WjtzK~5vTgv3UT)N$Y-)F4;QTZ?
zs==)pJUlXwnbD)fM?di_;Ty3z`=`@<(j@k=DK{JCK!pcOIwS186%n{W!xMAqrVab*
z9>aJq?_Tab+ES3=tzcMdlKqc#G;~KBKdH55Y^i6ggn=`igMTaT7B!E$k3qGad=cdQ
zWfFXmjxoCt<4k=|)A9_Ja1GCvFxTrV^ng$0+!t7-1>xO9^^2h|^YixfWw{+vj5j*|
z0-c{|&t<>I#bLBHgsg|9O6Z>^9&V`X_k3jiu-BN2F?HYD^VoDtWJIj#`shMm>Ii#t
z$uX83&{t0>s6>783l*~QCTO%Jf+_81Oh`_}G?<>UrKP<s+a|<vKa1!6ni(Rj`)W>q
zy4}C>;@Qm=V70k6DdRfWw~YMcrUM(LYr`K5YGYi@1E}B<uH&O070Jmrn7Mq&b9^eB
zVwKQrUrk}!XA?A?MZgSghQ#PjU5C8S6Qcz)s{Q=_l$zQ^lKEJaXZc92*X$TWJn%6I
z=Zz9HsME_Rj$_-~G0Q$-Jp8J#8TmZU`E<3I{|E&<$)KO9b%k}U)DHjWWM=f*%b<|q
z*m1ktf4ut2u<q__&d6Z9rPcAYipY#qQH9Ke&kmo82nu9T=3Zjfi>m2*N0xL#XkwFk
zRp0y9LTx-$;kGkCFhIS2y?&e4V1lPcGPZbAa`}pdA($0|LeehvP<}l%&rHhN4Zr=d
zydJ78>3n-rz~@Kwb^Coit5r?<gn~uHduJ2yI&}o{fs2`n)5Tn@g)9@dqvSH($+kWG
z_BHGZrVq^x{N=aCno0y0ioAUlZ<6GQ1qY8Hd27ZvTc&p|HA}}hCi(mKj|k~8!#b#Z
z-$IG7YAnw=ZyMPikP#Zc3jr3ttz#b;q1<GiL|??}EUU#F5DxtPj66JjOPEaBNkw0S
zO)d&S5(OlxCQPN(VjVeS1$qH@n06xBn<^z_=%=W?=6+9>bhvG}1fHbZx*so2vzjT=
z9EU8|cM=)QIJRPdLvf$1bYGJGxGiI^)j}iLLj9WFm&)ygm$IdH5{9B&495?!C9Q#A
z|6+xwU{an9N}Lq=Ei1E$?7}<!h!Z2!#U}Vl)*<5|KM%UgN;bt8gzH0z9u}dnvVI#F
zUJ#(p?Z3!l`CV+g0AQoW>~N+5nec}nDr6{}$3E4hfXXvThC7YD*%^5F%}wc$L0hpw
z`_3wH%e5o4(aUWv<t^Hdr$d*Uz9P{|uK37QMWiLdKiR^n1akFqJ}@sB`baXDR8{^k
zo;7d(4(xGtm^LGv!xUOzQ!b?3XqL{J`K!X8oqX_1US33Ak1T7Sk^Bcf641qzH@qry
zUeAAjpm1cAnVi#XAv{vD|0(TzU+K2YW*fS_pH^}9ZqHD5tU}Lt>_&8$klUJ`@8BZv
zvWpdXdq}`)d`-=%YR*L6!3UQ5@Cx6g(VI=6Mp`%10Kh|yGT(e7jNS5xPYslji0Lb<
zVCu`0sTP**(&lZpdEorz_aMK3#9hb1#aB(F=Y1iC*!chk<Q&yadzrEZo`qN&@Umc#
zOln^+(sUT&$a)`wbu(JoH{QIB!e+U<z9u3l?|%i|ZK2j`Fk(t`^|l`U9)sSo*m&0I
z`00V~de24h6$Wal$}<Az463F?JYAU49#j>S9U9-$A3pSvjE_&RU<{|W{`S=&*^R0`
z+EJ2^c<14~FInaf#tXe(8i0GUT2dGp8x_{%Zu&iegGCe#CMs!k$M2T!HU8pxgCXFT
z@xVdsbD-P;sGaxUUKvWeTU56oxWtByvC$4R*Ym`SRIe0Pv-5Ap!opWWsEgLxds({}
z`fA3<umtwbNY)63v<QCc(Kndp%3NP7FYnd8lJvZpRw%^`X><XgrYunP7!{g(NT0^_
zb~qpahwv!y!io+KP0v&;%r1gMg0Gle@7L-@#U+JB>z(}A@;hV#Ief95IFDNZsu<m`
zR2P<a3fnWYqkNOEAX1yThPeDTm%Z7lqhR;9)?t9!c-t`JD-ewu;rzhk>1hz=>a=u=
zjF&n0eNb9BkK-i@h|SFZL3%3rjIf%V#(Ch=@o*Tr;=}a?%O*r=0z5X_TxJU&2i@QP
z4bK#NBpV1mCSJSWfc~<01l4NUdKye6p`Z~k%mWc}`8+u{Zx~9Lnq7|2+>GaBjLUUp
zi3Zc%pFUVuI$poUsN5v^56eA2LD^`(u}&Sk;pq{(WtOg`8b9D%8ttx;7~6|vEGba7
zCWGi!?$5pGa@<`Bc{u*g1rhHw{|i%cyH<p5;S4OinpK|%IA4dl-!w7D=Ojml>ZSXa
z4k6D+^6w}I)p$l{76z@Z$l4)Ruh+*LTLuYG)_Dvv$KgZHd6(;o8QVz7mZjuWu#xC@
zae|S^=O5DX!-x+SJ17|-z`;q%>imrAxWHd`9Cul8d~QlEg#6k4_RZesi3*vz=mw%Z
z$|4hu7%v=I*K_yK>!Kg)$mQ`y*>)$V=ULw`WIy72hgY=cm+thc87UB`b`6YqI!=tO
zd(HY-NjY6g0BLr@$}AK2hUv*EX{t4eTOx-KwFbVt?5Cz8zccqnr=s*n9cVY9G-}m>
z(b7?53?s)F-#oNiu~ip`TqL%3TLA_w+ph+UQ3~#^;P=mHkYxScpVE(JT4(D>aE4J;
z!2ICBKi>Bh$jZaMmb5U!;<958@jxwFhL1B5L@i=;xx%Oy8E=kN5&KUDx03J&oL%~2
zsqj2=rFNoQj)uRzf>)?j4K3K4?akd*$afwPZv>n%w?Ycq@a!fk=)vDOT|c+)UEjCd
zUT*}DumG(KjpuM7mKdM$mp86Sf57w0u8?1?&R-TpOKQBje5gdV?Z^{OGW{?U<;Drj
zszl^-J!01A-a##?XL=#b&2WZocLmMO;b>YJ-XS5dy4Ags3JW<*NHuGJ1q16j%ViK#
zXy*+(al@UlS`EOy0gJ5=6cn`6QUm)s*xh%ln^vUHsS}S#FVD?}kC@j(SQX?%Jd(ks
z$4|@hnh%cAJ~|_l>HYfMwx%Vze-a#<D1c7Ndop7;gR-KWbMIQY|8d>C{9NgBV)jkD
z#yb^<^xCDrx}I;@u0ARuE`)PbNwR$Neq7YnsIy`;^Akkq<QcSnp6Yg{q?YxDuzoaY
zKRI6y=Y-J<`ZT`e`Bq5V_IWwybxGzAnIHsy;twfuNd!e#@MlgbiK!sKxk&q~TlMF6
z(c>m>5OzXb+@{y%!NaH7rQIdClu*$0<!v`a=34fR*&*nBB6Hd7-@gAZr1l`HEjtOL
z@T@bVRY-!6$BIM^<KSY|L7<~Mie2%z5Zy<K_=cz!X58PSkOPJU`eC<Q3FFm>4L+r!
zkzwBo`my*d)X)v><?Xp-Z7v53lvVc;*opdGK0eswXbcNHqyD*nTu-m^w9b3hDq&)(
zY4;oLFwK&hVpvS;a$-+|?ITQy==sv^w3c{G!2*Yo>DrBAuZPq?b(~%`-2l_XkiFX~
znw-A{X_x~)fBr_}c!ht^Mecpp%`{*l;hQTLseE#v6!_eMRoJe;W}>#!*K#D6&*ch$
zv2HegUhpp;o!(r=+?%LkA=49GCY+~^^$XEZHu)-NhSu35^$c&lO-TY8>3|+b*b22$
z`&Lj4!dhuDSo#xzy;*oyw~lJh&{R)0py@OT>dQCZL}1SlwRE<uIKRtB`I+&~+yR$U
z9nJ2Isdsar_Cc0|2UxdV;q`2puM0K~g+2=OzIWg<gig?RqwTFI|DHeJj?0``IOQdN
z4Q%lEhc{SZSli`%;Ldb2XW`RvQ=2}=r#<aJ4$xQL{>o}F8G>mFV<&>ZfP{wX9nzuG
zqMw8<&ITFLE}11$U$tm8t`x2F#=3207f~*S0W(@WXw146({pDK5=5l-e-vZa9WJ&J
zdAgp#9%M}!eoo)koi4wNV4Z#sfe6p%gfxmaEvx>EE|xChukPHhnrgHoscemA?Ma<-
zJljsf(|E7^S3E+{Fa0aAHy3M{m~bs77H5%qN$a^~@Q-h&p|vH${<vIcAV67AMD3rl
zN^@Lc7r|el%5+Vxo=q{h#AKkGBMf$RGGp8M^HlE^i;tzPQS?ri-<Do2hq~53Q<}{l
zuHDUjwGpl#Axm~&A#?1CSd?~J^@y`{|1_Gs{S!1OVz!RPIr0+C-yu7Lu=icFU-ES0
zy7QDrRu5Muh;+Z4v$dd`Z+v&x5zWL)IY-^0=z#L40KcJSIbq^ST`H^ZD#L2t2&^47
z`I5@7%@Oh87+Yzh=tX4;)h1CBRwNjtc?rrJyI%9}BW;nxaR1(XEY0`|L`0vxtS>nR
z=qjSUpcZNgB<n2N6Eu`LYlR;L-e*hAankTl=<3PtW;o9ID=5q5Z8bxgt<bEkinegR
zxv68VqhGhXjxwxAjbm*uxG2Zx#_SJRkd2Nl5rBNMf{)tlc#x0(ip&7QeuW)1aJP91
zTd@Dt&3ZG2;Aut)vJbUOYcQa5z2J^01DaS6;P=n<fghg#;0z3b&sSIXDF-wYgX*s4
zmCBX+I%C2SQmQ_|CHhK!{X)0bqkt9*0I`#+L%v@Q{pqS!V~m^_>)<<O31uWurw}#J
zvNXJt90wfSh!gTTLoPGr43-HogR%ZoQvapnoZ%<m<_4{evV}TVNeJPve}|<5bRa%b
zAPQFhNkGPU_XG%{8slaZsgx~B!5|5!qmbN{YLlISCZ{i*{3MnczC(8;UVp$4`Dt2!
zJ+sU6oEQ!CzUGt95{OJRQ9ZN~e-ZL78>kVq5f(mBuA~D?fDUNy@;|U%+IvOP?_0Wq
za=Q|F#%T|4^MKSw-opIB=?F)?t}`%d913`NqdM1k=9XQM@(4#Ufvxw1xETv~Cq<s%
z)UT1O3xHOh@4pM)+JnEp-`+6>x;{X@G$}?D8&{L`R2Q}cd+Oau6jX=eA#jpW2E8?J
zbOtUqPz!0#5`x#C4d=$iN$zUz)_co==#pgyad+6P|0w`vFP~=O_kf;<T%N78;r=5s
zUe`zA?IJ(HJv$>$5<_99pZ~V7IzFwfIBwUY9{qGc7r@(+bgw>>=%0bNb|W0@73>O4
z6w(BvpkW%q`>nBc_fKq&d3yMzrW*~IV3iS))^f_J)8>F28k5tLtSmXRI4b{*#M2Jv
zA=`tNPta#?W&&gW$U8imfU`hhSxte4^NE4#rih~T*&x537N<qjL@obXfjD7Aks2EX
z*#?e?5v%C7)pVK@g+z!72}S^Q__9<mc6(t~l*@CMA?AEVDB|UYO@;iYUh{QAikZ>;
zp}xB+bV_-(?H{bnhrO}lNTBBd{1D1nHEqz?ghdvgi|*ISl(ZFKsuoj;BvfZ(Jl|mu
zpLMWuHUu|GOAE7x15R2!&Mt6y3o@nQ6}6IrUsI=z77M0XcdL9YWWE#V>G`I$TQK(R
zS~>YyW7%vQ4kU@=u1{6DBC`|8zIdZ~0zbv&oo#7%=Vc6pC|C5rEsfC7Abub&P#dMm
z#N8B_ob!6f2*t@5aFP=r_K9>wwgBwH7mHB#EsFLhv-#>%^)ah+cw=n_%SFT%f~X>A
z*=HbDi_90-TOhFgI3PAR^{%e3{aZ>IZ={lx>1PTkl821Pf*u`ykVh*dl${vuX4TYs
ze!!ZlS<*4(2r}_$H=l=5$<QQzq)`w4Ep&N|e|ma16!A1V_6efmlOe1}gczFaOILnn
zaT^*=W4X}Pz~eKALeKkX$}|p*E%+5<$L?awpwUg7{ccK#gT%;>nA?e}9CDBPXK0IG
z23crcDG5C!ahU|}y6QEmC*m2yu!x4@S7sypzzd0bzYa?hDd1t2Vmj;-^4tBovxhaj
z+GK7Jbxd=ulT}E1Mb}W6U6;s3z(gqUg$oKwD%Ro9EC`i^%>gsTj|V%X4e?P(`LbE#
zvtK$bPP~X=0TtjZMv9;I<KSGJ9__q{bd!6%%@H4p>W7us_!Ls6`edkoKs#0F@2yzq
z6NkTDtg6OINh7FPo$q3_tA<w^4C(Cf(5pY1BP#qPE7uwcL*T2CG*OB9T%)F$X9REN
zuqQhJSNoQg?^a;c3OP~DdQ9N!IIZz&GCP}HRkDqe<i~4|rUS2g<K|%l1wui<mQrTt
zur(ERi+>)pYBhR+mmD@dDf+(sWqLoVZ2-a?Mn>q0RX21M<8YrzWiUX1pwhRa&n5SX
zbhd92&}}Sr&ON*0`s6Fi1e<sKo*uK*QOY)PLF7$#Y4Nb{I05*Ra1%lW`913uWk2e^
zQY+jaiP4dKDp&6a%>1~Zk*THSOTSlUO|S*=cSP1;Pl!3Z#%R=tEL0p?AM5q^L~ukP
zH#In*r{QWY#9-upP~a*OA$-Qe4@!$6zG<^4O4*<fmSo>ctxX_8{jK{&uX0fU(cTSa
z{7;L)d2MczAe&$AdJPLt>7I)NO|w|l8U9a{b<dA-OP)OD@Cp^tEw|GA+ij@{DJ)Pu
z)l5DHP7bmuD;ls!$9R+|081j8NHY>cLp3S-SaOWW&2mn(LvB|%eUQeV=J@X{3gpaO
zy>pO&l!$ifYGPwX3U^6d+Hbpc>V3a^&g3wvae46>rz_FN2Wh5a20f(C*T%syLHQd5
z{9ooLI~a~RHn))6@UGa5kGii&0Z}T-LKNhqHALVUCp%)msBc|3*nuJi;Ig?>WemSx
z<qN{Q?7QeFsDm(x5b<W<v`5EcNhnNM)3Y*SqsD&iC()HbxHw;O)-DB1M6^RU2Ie+!
zOi3hP&xrIHE6O^DiM$nA?*ugwsO4S$sT(05R}xp8U+Bd#0T9f{(z&V^Ek2Grvtd;k
zdZ@T?C>vAsqy^OH1rxu+lpRZs8fiDeg}50b>BJ<~v53ODRfc^x>~nk|5kM1|V%}uJ
zb3V{_T~A1qkpbdKp(>5+3>_$L{=RqoMVKo!Jc8S$Cl3T_hofj(F7d)?J>rYuprSd3
z-_=(eE`)KSqTNG6wFZYpE0hOAh*!bY?TlawIKcVD>RR7#t+K<?FzZsYf5Y2k8!;%#
z@7dG(Bbib;K*n5nh|eLUld7&-paE5u*qNM{T4rk#n!IJ#dv}tHTKWtdliL~eG@!xf
zj_D6SIHaJ*AxMSpL=!E#cBnqn)>;fd5MtlY{N``(rdOFAPT$`mQ(~;xLVxA>qdJ>f
zpi>Po406p{yax8|YbMBxrm$~zS+94>SqG)ACSix3B$F2-Y)c+GO*c#7XFU0hyH`y#
z<BFZFcPVKc+ag7>zYUE+#W_eLE2E7X5iz&mLnDB^)+$-`wr(*Q?#XC$nXAhsK0(p2
znxs5g`!(T>FpDpL;Zo_3@`qY}6oYCmat1z!g-Q8Bt0&KUGJhhO2$bd>T|h<-obzb%
z@O<xj9bFA)ah_p0T<JkEr3gB<6#H?a{Ps`(2?Rz0PUt?8YpF#_Y1^KMo%G!a_Q1gR
zhRc7O#oTP+N@`>^`q?S3j_8(jTk$;3_qn=Plswe6lsHUb320Y~MFyYFUf`bH(ZodR
zdyftE9A6teWkMS6hFwfIUs4%AHN%^ZDmf6@F3xZU215W0c8#91DytNbgax|l2DdPB
zrAAK|2Zrz_J9W_j;bEIA*059oXMjrCuMk3xZ`B+_T=b8rv~1eG$~n0a>6g*H_L2&P
zViMW{*$3%I-(OOKNoPxaR}o_C3F=uEYckvKRU|%?hG!6=Q<lDIayBTcphhz|P8zQC
z{H3%UWmP<|%^c_M=lk|dqJ4CTdrQ_n645|O0tXi!=Iwyt^>{wuzlWnVP$mNZ_1|9+
zH+o!}lpK}ecvIF*3;EY@ND&!@orBCB9?KFdRt3|{fC)QNdK)%fLkuxJ<yq4elNv<p
zkDdPZlf#kyx#o*>v44{ra-{zFw#HsBev%Begw5!?tRc=z?7F$Oh4e#VcOOFrIg-xF
zIt~GjgH=_Pzn$x2<7MEc1{-4ThLDh#!O6Z?GzB+LTga)PoIG7R4Yg=r6!cFqykG*;
zv=Kj==6fNJS?e2m{gMerae0rl=DvrU^E%b@eZm1xi#6j1t^lO*i~9{)B{5b8x~p6U
zIWSrfE#n4!`rGm!nd~DIbh7-SkQ}=EG4fygC1g1L*DT{$TX_k`Cf8KX>#?VvatQ=C
zJ0)a$4_CPi_w7u90jG}NEB3hpI%B)hk24u*6*bonOl3x>WIzvb3f#8jK+T2&Q2fp1
z)8Dc3ucY7fu@RnC3|A}Wn2IoZ&BK88wH4qk7j_h=is6;>;_HWT0O#h?sH&wIkkG+E
zrtSlLZQl!e3@ob-<Y3e?5Ja;XgnH(3*ySrIFdc%~%zpbdF84ch7D3b%iGwjGI2uMC
z0n|t)xoo=zndhSD1<a_}*?Xj>kh(9-%PQZZ0Df1Q;e2)r;5k9!aIy(OKruCDq@lu;
zoZcK*=mnjE(GTWtJ^n4S>?tkg<d*>)J_!#{o8Ri_GX7w2Hy+Vup%ip%d!e?tm|{{u
zBxFSn^?iY-p!SaV{Tvq~C$H|md<9CmOxY3p6%{vH{g=QB{`Ux@3@eG-+oS!}*_A);
zmNMN7&W}jW8Yqa*Y)FDC_k?nAo3&;HOKvLI3w~Vxi|A4KsxBz;kj$}&A4w^yBAMRY
zCv%XWIHenHXcKDsJPn{_eK+!UF(Ugo<$h|85NDyU-EVZ<{)QO0;$vbZ%uArFoSdBr
zM<)69Uu5;yIgwfHpN5hJhTY3wkPKW+8w*tt4;Q|6X@=~%B?LofG+6{bRAmS;^M(=*
zTT#@=N|f=#bBmI<88!{*VR?)e1s3Y;pA)3_O$Z@)nn^2(yI5ixDbMW~ZpoJI-Q?@n
zy@c||p}I*)ztwxtcT40|RK-ngm023k(ICwJs|L4M&?TK8ED(1YeS<n)^I&Ee#R_Ok
zVTy{j)ERHNnEKGIvpzapb@-^rVKcNeR$y%FZz*RxV7ibf&5KpHt)AS-%<nT?m_W%$
z45X8tIDhKz9``5=$6xRALBm~cRl9`$olANL=t4a@w~_MH>f5`uFFF8vK4T9(q@WE%
zfHTOic+T=#ua6*7^DGdPmza9he_!u%!NXnDQwsW=l=BUcjF)~NDA|vc(+{rG%E^t2
zHJ_BQGXzckNkYV5^5#L}=Xs(S5$8^^0{cWjF>{S}?}tl=OpW1c^MS%$D!~q_45AGZ
zR6_qzStXnBCVjZ6#Xd^fOlJSN;{DAk8EU0<$9mxQT*U>_W6XIjr#iK@I}W?l=o64`
zM+9-Q%lQrF@jVDT<_DoEe^*pJ562EP_5c!w2vp9%PrH%?;24!^fF+4f47fbfgq&2a
zn_y4U4y9War-h-xrTo*$h^i*?9F=a185Xqjt)%guIm~*0qIMnViV7^F`7Z@e?T7M{
z6X?gAgTw>B&^+ct6;FP}dU1r}AJ`RSU7o%O%BJg^_ksBWE7Q$Yx6%BgT9ZYybgtZl
zg+|%hi_&-6)-L4B>DTz_3DpDR>j{rzY-d<`3FdM^#dhNBlN!T6W}sz^G~(|VFtsu>
zxjsAPzqlJpAPKs4gQ<$#ef9thfLxPx4k#SCY-*vyL2cG=O)iaq`vEoQi*>k$Ws-mt
z<mlh<5pOoy<3NoFV}J&}b`(2oOk2dG12!{4{o8q#gp>=KW(MPM0TjX&EeA}-0Gx7P
z@=;01$S&r=N$Rdi)=$$;Sym!bJoit~$MM1uzgS6XpeDg)w+p^ZD&t^^tvT5&W%VCI
z#2V+ZmUuW7mB4xdIAz(Y7LxL>>1ua`e?S!52kO?!ipId;;LgXSj0WGkPn3RbSBlZg
zh+&~&q09>{huv3JJ*A4%*#y|z(-G88x`)xHN3YR(Ja4}V90<HkI8-2wgV6^{_h(F&
zi|_k}tD(8<q3P4!t6b3^`4k@*l-;XvZAF^w;?lro(Qk*7uaKfN-a*0w(nieG`>5ET
zcQm=Wx?A8m*~#s@+BC5SN6!vaW##DJtcG0c8yn9R#crHIrP$x+Klj{<ys+2xdgNTh
znba6GLb8m6d*SPr<##hl9^rxl;;T>sGUi87<@GEIjdZ=Nma*SF9&%<NsykrMj+h28
zk_%lu8_%@H`;<r4dnPw?m-g;ls5r?FSIOQwZi^H}rc0>aGU5mImF*!>h09=vUEhKr
za73|U<5I8<h?;2R2hC+-U3FEG=DF*)vw|D)M{j-%yxW|B8C759)6&ELG-q}<tjkpd
z5OK;gf^RPmsO0qR%q&fExiX53XzFG~vOD3BrEBip2nXc!W<PtJCc|?D;rp90LKw>V
z6!({+5@ASv?2iOjRkL=yYyI8-y;*;s-`0`FAd?IYX6xmK7RH`(d)50s;+rv7=#DeT
z?!sF1tVR6r-i(otC%t>umm^pU>M<lNxV)x4i8D<d(GMsPBI?c#jS10LF2)yLzYjcq
zKg8AXLoJ=qRraUowjW?|98WAMh(P7r=f~%j4XO?i`XPZ1&dQ0+m=+5}JSYh)PX0ny
z8#mMOq%=z__{W<InzU+LNb0(Oik-|TSoKHQj=5~WL!7Pr^Nr2(ni_srk$&y8g3b8a
zDxhfeMnCk&k*!OlC+cIAj;cK8(EV`XUjpF}TRvbY%Kmg^WI_3-Ci7@=IeYl-UKqWq
zo|g33%BmQo8U-sW61#I!G(Yd}ATelm%5syK?-&>uJ8|jqJe+LliMx`jP`pc$1UzEg
z)HFlFiOx)w$Fx|h7-W%IREJn833_pKHpgLTaN!)~;ZD?Kee&5F+kf{l>nbHMnyJr8
zjeM-kp)Q9@LSh=}jBUxtrDT+w?@gy9{ym4D-c^c25>c=eCl@=b8S#vba>l18vrouH
zxnJ9PXwsqY?#0LHM|30@-2kgXFCd2Z6vsDNsLm)9Gt+hCGP&$MxYI`_rb0`q!8{yW
zf}45dR2wUj5~eF6#=cveofejJkyxg4&lLNv{L>JTUT@_&%=Nrtkl+mRr^r0onX4Xr
zn^lP-WoD#AIXM8|3SvGz7KF@|B^lb1VMAhZy`g;b^}wIj-5G1RzHWy=b##Fb;LF&4
z3x{}e+LAhWWo;Y;!UaCp`}@51Px_MeDIf3UJ3Pc59H(Xmk-fh=L?`oBHwxH(E-AXh
zN7ChHe^TVzgR?IPtfEb8U&F;b;Ke$=K&Rs#q!veBZ}#L|0oZ!A`z4J)%;vqg3d!Ps
zabL~c*3)_La>P`!R=OeDQL?aLf2Wd?tjs>=e44<XbAs#YE^n)-;BQ5Z!*IrvRB1#J
ze?UwBG_rJRfg8PX!q5!q#gOP7%>pnouwK6_adDr~cj=f4lS_2}!$>WaC41A{9oZz}
z^46NV&Lhll*6JJC*?8*kJ5VrG!-al43xdNK?iKqT#VDpTd`O4$xM`0VnuurnVGs#t
zygAtFVeN5+)e6AnF5?|i_R``>+v&;e-g{~#5Lx8ezxLgqVe0#NOV_fUy3yBQdn?c7
z?fz51vw=c><7+MPGRj9#a`*jUAHXNro7t(*b`=*xqBEKvf%9rmrXj~b<I^tfsu$C-
z%O=c+w<UhAGizLw8!^j=#mFHv_3vr$_zD|97y*aEL~N83m905iPIvayQoaFRY)EM-
z&m$q|(EGe@>sWS@Q~{`Uvb)l&>r8zlk-Tn`%Sh27o7pIK>Fe)azXzY2L+k|R!+TFf
zfBu!365SJW>5Dyvmyo#D`<}GUNw)Ksz{e5T>2P6#Nc;&^MO}{yu%l^n;|gsCt@Zrt
zh0b>qb+~=l(6U1CY|eSIx`5P!9FxBH^&-sb+6V`NLyJeqcyUr(VfVr!OE^i=n<NCD
z5vbRY>s%BBC9~Gv4a|T|ldRD+dk5yqZ<>lf<r(jU6eE~jxtwXU592fl4iO~cz_0Jw
z5~LU&&)6M<&I)MBKf0I@P0Y=mYHr5HM-Qih%$*uy4jhah=bM;AGrd_tUoWINQj>Bf
z4-{XV&c;Xg9F_aH^dBXnF1FR)09i6Xrz8Ytm)*C(RRF(FCpU#C#MJs+hV_=$cbv@l
zX<JQ>_@6&ncW<rF@SPZWkPc%=RwtWWoOV}TFNUJ=mQodR>&-Y*Q_*|ne9TeJ%}skx
z&Q1U+YOd?svkgE=Ry-YHVX)L3)G;5f0vvN&%dryzd_az#Ef<25Pk`+ZNPu8UTz9ko
znTs2s8ydBXULVQz1L+7m_F|Nqo7>5$Td*fNH5Kq!O?U*|_^|VJ7vT1R5Uo}+M!AS&
zUu%7m#A(e_i{?T?DoHEo)ztXsh~UdTMfB!Fw7fnU?dA1G&eRSJ8XuQEQ1j&ow_Y7d
znO|N$lAT~|ZPpESJQ5*x!ZM{=za;41&&uF&B7#QR;nN}Fh7c8<8rt;FZ1Sc^P1GMb
z=-7RHS$BKTSJ78f!+zZEh44f<C<?h*7P)y>&MF40VH=30;`qRCBh-4>x8olx)0I*s
z<Ft2n2s|)hacMn~`P{csk-l8H;)c_}ub%Jg&2A?yu5|jht|X$%Bgf+e=b`!|jQwC;
zGH?yfvT{n`l6k-U*d0t>tCulHphHbd_nocT=}<m&0G3gQ%PB}vLc50hk)=-PmsfhG
zu1pESRbI)YkKdhMr@=+eM|cCL1ukbL$|T?BzEQ(CBo}*e`ubBB@tEi7U=3W$+tIBE
zw`+sPDsFz3f4Cq{w&qwV4Ikg=$=S@sUp<X6*Hxf90L9n|5~w<8xt^9|H_cpOHdM9g
zsY$DzKs4;)*rJ}2XyKr5%RODHzj=#PS~`afA)|gFZPKRL+?Ck@<kfMqMFKnQQ1!Al
zt)l(4E8%MQy=Zw^KRg8MadL`4<X;%UEB9&({J~)jFKtohh@7}9=5lo%dbjS@tBzh}
zLgt+W3>cHO!nm(;E4;^Pgc3wB8^N%hjwc<Gt0fiZ>pPPO-xiFET*hmY_3-F5r^l>B
zet6xZf>ZM$w96reLw@yO)vBi!?d^KzskGgE6rgD{^_$EA(f3_v+YG1fY~U;6ifH%5
zUX;EAV)<E`<CYEYHDXjLMg88TQ%-c0>Py9tPpz|cl?}Ui`nu4i*>{hxjYqsf$LW=`
zN3F1){T>xHG)DNnpW=?QvySF@{R}}xO*@NFL&C;7O@XuMn+$r9c|RW|&L=m=leSF=
zjmNrVN&5rGjL_u<cc$(u!YXFOYluOL8L8pp!`*||6=V+g=YNE5rX~ZT8<;mwH?TYt
z$h#(*Zq2XGsxkISMv>%f@2~H_wh(lE1xvzb?|m)Y4D9qpdiZF@pU3urfy3iDe=%e2
zS_1?Ozz;b)Ps84T62oogij6BRmLRH2!f;{-sVT49zupDtX~Rl^8cA_!B|L&?^EC23
z`Pz@$V!p`|vAAJxMJx%AvAzD8e~-89zeU}LV~FU)+3{}$37+_v6w~YgOei&<_T#n~
z<p{T$@tsn9V;9Kbpri2+1ZiX(Z(0fVM$u`br`+h6Ch|oKjR7Y;aA}FLg+gxTA0vhA
zTkn4yjMl6d=nhR+&_qRX70;^)#tN;iVwONWv#-y{>dYX~p7}Nk=gs5Y%SYpX=d86H
zC8mur1{W)Yx80jDs<$Dq?Pe*qPy0|$zLQ4|Wy8kpl4r;(P4-_;yGqEiRoMw96v7Q@
zEE2qvhRGKjFv5Ei9fOpEmCFi;;}>K6A+0By18kd5PrCKY6}pJ!mwT%<Jg-L*5l($`
zvMx1U$|4hU){pF-L+HgG6}nRdfsG-ftsH%{m9eG^1}*50wM2;FW>hyhIwrM3im$Ci
zeKDQFej5D_O(udclg!y$es6<u+PWMd4$d25z}fdN^b+^_$Ca=8E2Y3T49dD&*xbzd
zM&%0jTtqS)Bur29lT2K63p(?ID+JFNrdQ*_PwrRJ7MtU3@vYUP(P4Y<O&Y%U=RqkD
zHHX~9cF`7*I_7*p5T=_Ixe%riZ7xEJjmP}KF)3lBwzub{C?PmI{x5!G6#h=A?(o&@
zvG0DV0{4{4Emy*^^Zcb3tEzZ+bar>e;y0be8<)*_OC<FAE>%d^U!4pV1v1uH08(*R
z<eT4hf7JGk&yeq<!<|P!W9E@+#u^IgA2_*zl$cZ|sQbt0e@Om<I#=7^pxoZyh%SbY
zuBYYoHXIzLIi6Z<z86(&Y9yfbmS48aczFsONz+O$Z6+>x$8M}~_SBg28>j!Mu(Zfm
z-pc24J>`<Pze9_lw|nVs!5n@BiFF%vzv!O*8c`$za{BT*!z*u{{H4`;WR^<q(tX1t
zrlubpmhZ}DeGJ@bx~ag^*qvuKpEtZ8J7(d5zHA4TCZp|cSoi)30?6xOnUqvC)4&7c
zsdrqKRd(txL#hZ8`MEV_@P~5FknZZrlS>P<A9H{*Fjh5BdypYKSOub``M)?F`*)N}
zXU6++6WgJ7US-gpEG93XJcrg+-uuB3Gl8(WH1PtXC9&5}eQG>yW^4)8Q7pO0nja4C
z`YI)YLd#4WS4ATk9b>sYBTN_W4ln9=_)h|ka(sY`m726$d3_y(@u4}Ahn@LrA2h#D
zhPFHWKTn86=K@|>diX6f)q56c&@TN_JYF+e?cfN*&I4mUhG|VZ-$JxX$lQ-jG~Atg
zM)zR0?W%(Hmu56QmlIelc1zt`ve~`gwI~>du~Y4GB)yETKWpunsHgN|k$uc|uPzi=
zx^%72edD60Ip4yA6Jf|`UcT`4NifVP*3;fPR?^m1%%gdwzxfsFP3=1k+wMp=a`CV!
zp3!Hk)A6Zw=-Ak5LA&SmJF|=df~D2>=WR!)z~<($${X<a%4%9+8y)g;0^B?;lQDaH
zYZTqye^&2*FbewtM^i+6@c)adZ;BEn3X*(n+qP}nwr$(C_1d;=8?SBKwvFwX+1c6o
z&Z;{1W@Sd5Q#UdqP7pzZ4HF}MaBu^w2cUXxXuWAW&>}*i&E){~I#I6Juwj~sp_JiZ
z2U9@6CWnCYzHvT2BY9#l!Th2yUCAi<CQgX4osXQDffovz?U*&zc`=#bXY%{djQC*v
ziK<P?j4>q<4$_HA%l++@5WnvxU4%0(%b~<%0+k8EgWJt^8F>A2&~HpWDLa4|@#G;O
z9G^>!EbWvkqPn9mWzO_Sb`)o`*9&gUIlPsV#yVC;XYT-yzo$);`P3Ajb00v^c1OTn
z8G8KmgPx(WpfJ>XPt4>>*}kBx^{+E}qLcBLO5p-@Rwhe{Oj)opjU>F#_rq(Wyo68x
zSThH4@!BE44`$Bn>mIZ7Y*MVErA$ir6GB9EkvpO*9)X*nxC0;RQ4yb^p)H7<o@Jcg
zA8V_K{9^I&7}1DG_U(aT09DiR7xjeHfM8}0+HxT5Qka$F>BDnj31`ap;@4!=WFlTp
z*rBN7Lh33UgJMVM3_?7lP7&UYxK3!dq~5?qZfP3p-GA%nH*i)+q>jp=759kieU#Yq
zlB4EB2q~t`59CgKUL$jJDiPK|)GK?8^v%IU<<)ias!3sOMa=nsS+ddfZ3Q8VkR6rI
zvbH}7zjcEak+L#5AvqT>H+sCEkug4l1;&SMo!lJBHv+ah0m^%c@%66x;t@P!vNQYr
z-H4}x1SvRHyL~Q5uQ$7;R1-pGNm0^Kt3PL3bl@{qHAfk{hj!)zwYlBx@m_9rgp{QT
zDJ8N+W@dqHX}HHET&dif@8#c8E^7RVzLx1ZbEu-HUt?k;$jHV`X6KiK3YC<atd|gT
za&(P_9|(8MVcxi+^Evq2ZP7JX2l^{wJtD(9+sF==#p9EQ<8ZqRNnOWdjJK-4eh{>T
zWv32)nbOHL21YNC9l9?mXTN5dG_{#g!>-eZSV??8vys<W>Tnm;*%%R;8=8Y_>%pXK
zoS&`n)`qqCBse9l|C~G2|IY6#%c^o&!y2A*lgi?vZ}zf5o3mx6Wkw_3N0!S1)u#uM
z*j1nLj~Aybhl<aX<7c-Ba<Ya(TCDeH@}}$;2&%8L<wqpBj*dTszIv|4X6`sH2o}<t
z>U-T1QYuMsWMQ=ibcfJ-6w&pETUgyqJ7=6qtkmGsiL%ZqZA;GkRMx1bkAkbJXaEqF
zLzmYLZft=R{|lKdgrFP!mj%x1_$<z8#hDZb;uXh#&#W832n1w)hUg%Oq$31o{tz<6
z_hiT)1dh9MOmi;tQwectE$Z6+h6c6H*<py^8Oqz67f}r3q1#$cRv1hjcd_%YQIPcT
zp?W57&v^+*kYqh6oWr%dLSH<^{kpm8E(cB{HGKOy+v|Si!D(fBt||m=^{JqLbUlSt
zd*)d!aah91kwJk9T{F+>2H;easv#c?LYv$BwK8A3ftiJn5YspAy(Czw<6BaH+BG}(
zS}gm|;;yJD!=-0@Ub)bY0#y3Yfyg~yb{K{k3n^h&O`o&N*470+A$enZHjs`>G9d`E
zr&;z#SHGUzNuAXq`V;a&<2i;_p3zIs=achV??aWDb!Z-}&g+HAo;dT<?0hSXUpF<h
z28Row{l)MblYNBM+2Q;B%?pOR;SiL;uE^*$8eq}r&}xwj!;CsMli3OhqC!u)60*mh
zo~mrrbR^M%Y>raitpRDN4lp}5#g*0H0bU}+v1@-<J<cXAMIn-3qi9jpCa!s583ove
z^!|W&f_tTezqx9X!w{IWg%QL4?A~SLLr91onCO`KUHI8aQ&12+&^pnErZ(cFe#{()
zkIHH~lAW}o1@%3NGpvl!`Wy?6xcPNig+|<u_Vy2kU2n(u*6VH>^vd`gbaaY_-z&lV
zbu8jd2W0}`!UTv53!@xF?FbZ8LduL*L7=}w_^yeJ)RplDp~2(ygfgOI6W|;GIqpP;
z{6qfX00=;YpuY#rGe*0~j;rVpdqUWAVCh3^1z;*Z$OXx><AFo@!dBczxwq}&$|e*I
zUKr&A;jHN#93poDd#_CUpQ@ZiD*!qf;%}^V#@~e9AVwd@r-vJm49>=rCr-!s9`0mW
z-(Ob5D9VFQ{(KHio1@I#BsIcW!x<q9{YTLwUkkkx5hPIa5q}3p$8p!4)%83+b*err
zAu^VX^+!U;dtg+EO&zR+I&q|YxVt<cbA6vl);TW>{w1J@Q^*VLj6IagU~3dAJ}WlZ
zYITFBv1Yp|3;^L<sk`VfJznl0gh?!Ry55!kJ&YC_iaB6^A^v4itS9n@VA+O_d(2Ue
zCglfkz#J1q_z6RYqr)@c|7TJH{2)MeDZ*mj5^O|iH9ff;4t)bZcV?M7(Pic~p-&H#
zGsC?YuqzV1ph(}76bPdIhz|(jUz~8#ze7pS5aW-qx_C4TlM7iI#I4&*zuXSd!j#R+
z!vrx1Z;OiHdEJ&Up)W5ZK2BVX=7T9#z3w2mJ7N3BNgn!NHHplq2mSTwh(&_+-@y{=
zPBaPA>#^>%nJ6NpWUvy;eQKv?%Se41Zd485mJf(k&BxuuvZ0}6vb^hTuO!{sHH=0|
zlG8Xpq>NY8jXtYt8QOfL43RSSXy$!pNw+eCHvES2EB6i|g=M*<oaIHpvEKJi(%x0^
zjD<J*AK}RM!mhyfF0X@RE>ikpCg(J8H9{KjSoR?iYh%1i&FB0Cd&HZ@;EBFb{%@Xs
zi{}Rrx=XPTC=^Z<n_*hhk^v_~tfONRED5LG-jOI7NK~w=>^dWuT?XP%sXA+VrQQi2
z?*1GlTuz)|!cVcp*?AX7<T$>;Mbs96+6JqCQal%XPx5bKN@Ue0;dm*C7L}86QIVja
zp{!V#sIdK58G1>PwoXbII42ZiZ5#5tsHwe+6)cjDi(*MNsY3-Sr9}Okf-te2iOJ0&
zpil$*6rot)Gi;23xb18)N(eYql(2vWN!3-hfe@KUX_3i5q%*lR%+skjwv43|A_YF#
zUpaP)=6Z<DE$p#5q6h&EsR}6x3yx&)N=ozu*!Y|x?DDfilH6Fj`c@_q!9?K>Z4%rt
zF?=qz+($a`faRr_q<<zooA+nzX^)fI=xG~$+X-dH`?#cJ#D8P+II*#~{t9wG=)BOO
z=hMxB42Sq=6b7Z1$x;*kPbUIHchMFGsmaz+Xih>WA`>czveAdm>XG25z4)5)&R{Pw
z?vZ(!@>d+8+Fcd_x)|m!!LLZ=&y=uF`O~alzLL9?;FTzf&hdUb|Dmj<pHU0xzbBW4
z(+4I;YG&MGHdXICH?1Qv#vrxATSz1-1hd5FVh})q^-BQkdzR_^Z!G{N*TO!A(k@~!
zm09_Q`v&IWW~19B3c6f5-%Av$Oh7Q;fLnQ@tnzViPF1{0EeGk8OJ;Bk-?E4wyCCtp
zuU?-g!x54H?55i|qg@vS>ssY785F5#ekJiM<%6H`?m&8_B!jTNN>EX8ipOQ-yJ-Ca
za{}eWHxHeFvjP<c%F3L+Qnhht2xJZAJ;pB%)4Os^^t&QV^$kiDsB+@*@yca7CT#h!
z0i;kBxhIWyS|UWN6*ZZZ2E+gE-~R-)Zy$8`VovKH-p6nr#Q!PS|3te7ba;pszi*sy
zn*Vi+Ff?;GK)k*cJda_)e<S06p~7zNi2v{29&Y%p1O9g;PvDnJp%rwBfb?H`{x1ai
zkIvx!4<2N$ADAK3|Bo%d5g5Z?z8R))TpIcRy!ijP<n@FBAJO{flM7z!|2^eDmK%<4
z4i7}wzl`rWB>Z1+{ohd4#~1gz-j9==fK|Z%9pMl9k1c}E5s^mzKUn*(w0J;&sv%ih
zI@ft!Md7&1g0=J#cGV9qo%O=2>rh|cfPt!kz-~?G|M-l~2>!*vtgVVWPr$SMvEDW_
zQs-E1QA0?waYvaIM*pvs{onin0@YsKx`}|$eNYLo<OK7H+A3i9fpZ2GmefEvNm;Qo
zHw2}G0xMEv)Bnr|2zh95<kbM!(9q;n0Oupb)4SORWT*G<1kzNO3yYY*G`TqE<=2Gn
zcTo%fD;iiD#ChjDU(8LleN+O8peN=g85+VTWd#WNcO<_uACN6%)Yi@#)RV$l1fyJ1
zLMmYD$gBv(;m+&^a^ws79mVJ9eCwkjLekXak|%5b?|&t>ixavFb6Jw-$^aYfpNd?H
zXMqL>#lBI_E(8MMKayf{3R+QBO~e{)&L|}_+Fz*!L`zC-YLL=0TH3fksZwd88srN5
zhjEY1C~1O%$Z&EC5<NXnTZSc?gC>RsApo^zT9LvK<{T!nC==|y%SCi-J|`3s6vZ4b
z6$MTI(NS{bRJFU?*DS|r)EN(@KS@87>*dxjN*IT6mX_EBLPGZ6`!Y$(=6%D<sG;lp
zr`Z>6-e0(s9HO%j{2;c)jFN#}lg7fs#Ceh7;vk$Mz7&MWAg5~LMn0<ks!C!a0-)2`
zoB@*qiiE4W7j=pjG453VQ*GaV`n$~ztCp6Q@;W+GP9x|Dg};-}#HzaRt<mgtO%|co
zIzW9(%7vjdO~K^aZH`c_H<$%hUVddr1|z4D2?c~nDQbdhJAXhuIfn=e-3hUamQ+UR
zM#Weh4jvz&^GYjWD4MGa8UT-qhq^1t#YncKn4#e}>#>?1ValyxC?m9rO7bBrR4^hV
zrSi)Q!GwT(;7vwaa}bn%f5MWJq9d}voMNH#YYE}7s0`^))#g<~9|5;kNWzGs#>{r7
zQba?S*;;~8Y3Zm009rOCiHiXV5t&;d`bDi%7xStrp=4lMj?PSo!E9lnV<3qs$m}wY
z&yo>jB@twV(+s0ru2u7ddx%X{ik@CYwIRF%Yvj=A%WVpZs;j7_5cSrf=ka1-VIXWD
z%7?Eis*!2m#YuBh5_Hx1D&#gll}#<0S&|qn*1M{yB<0tY0VD29V=8vCL@bPLONoep
zjE{qtK5D5{j||2y;s5_1N<z?YT2Ni6epOxFSVhfS41fVZqOK<K%d*<q8M=4B@;PC0
zdtqXRxg1Och+l1rz4(OSFpDvA^1HzH8e}*@+kFRXNcML!g#|$;IzM+-H$e?u&KjN0
z0PFqt+bj7MQK=pNHg${L&yc85+8Te&N1rUpX_2sH8i$u>mDM(|{NzFeTkUp#McG8+
z;x}@dN<c9mdy6xuos=4UN2q!OHwQXyOqHs*N4<?%;Hz~vegkXpYi?Q6fr!D7g^@js
zMT{6`DTgmja==dK(B^VnMx;WAgJ~dS1cMQG{dLdbTML}<l9<VO<S%qKyrF)1H5d*L
z5bl6dJ41=OjX`a_3kn3X#A-=*!iu&c;PZFlSYm7zrx#G?YVc6hxR0tsbnRXrIFg~g
z1Ms*K)mZb578vO#t6pD1JA|)O-s`ZD(RYz7(J)h7^Q)`rsJw-JLWhTIp``e>R1h8_
zC*T&Vu=6f=?e@FBbWR`p9>(qNg!FkF2onw7-llhP|36^g&ZEocGMP=M(&==>2CAs2
zkdxk#Kt;<Np+P~~Vi9fT;HkG`4)J;b$}Rv;WnBSZCkPkBj^A?+ksjuyODP%u+Zw69
z6?T7b6~f9*!KZ|Y!xiZ-P%t_a-Vt)wWC-MR4v6bSf^1BH&rSd$TS2X>rx#WA<b<}#
z7-&^-LN|8+hl}&iDJH^9zaXTf#<o}kv44W(x59%{Ml~j+q=1si$`nvch=4+??OV+U
z;cT%31CtUO;*JnbZsFk8WET?5s-5hjd<6y0i;n@Rh;o9*P4_3Ioyu3y@pn3zF4P`G
z?!OA!+cyuIEJ7D1F&>y3gHRFC0QW+MkU_En1_M*ldb}lOL}cMSHn%oXjnX&b^eLkj
zwYH`%C^Y(Y9+GIIBcRQ|{XGH^P?G{Wl2-QkCS;z%F0Tfjng3HCH~3eJAVA5;>#*n_
zQK5L`aSiRLOl04`3%K3Y0kHl60Q$u;LT%o_j(8Yp7D<Pc-7<{zd>?x*_B9QB21@8L
z4-|W=Ic!o+#3Hl9y!KYU43-w6Zhp%RKJ>_NFAD>MekWJGDhx$#$o2rScm{E4X?{mX
zNJK<Lcs#VY)i!p_u=Q}*cChJLXi-mMH&qA|W>(v6sGyK$7-k8xJCFS6?Xf8@gdv`m
z;!j7_lLyGJf6f*z9D+4lz@>JeHkeK;b|L+n!x<-w-y-sK+1<o!Fs-=41Chc{n9Yxv
z9NcYQNEUA_b<NBk7Oy{JflEgsZLZgxk5$(Br8-`P4;>rvsiIglUJT}k`gHcgdTQDA
zdoS@xN|07i3o9xh_w$JG_vAUwHa36Jzv1uF|JBtqdgZ@UO5WRFEbE|atO<k_!PYVv
zlZqOyTz~yNSMQ%5S1+p|rvmw{L@{f^DH!IL;h`Zys$O(b<{k6yz8AVbp2sDiad?|T
z=Em64G&XrcoTGkhbq-!%=O)6u5hB{!)H}M%$LjN5u~OlsQ(i=xWV$sukHI7Ca`Ut<
zHb&?dfGf4yqJpXrmsiyh<#(Qff`>lX9G-{}A&PA*Ej~QSU4Ui3y7QwmGhql4jk+f8
z#qK6U7)UV;w9^X##r3lE3THbomc+wG0-8FJX|KxY>1%xh>R2MhM|CY$!g!7#`-lq?
z0J-dn#3_@L;z9}_y9*^e9Ze5mH6^6f)zxQeIG#;^Hng<vkqE4azEb;3c-1#L`$h&q
zOpjB{*Q+3kfO8$-SkT3&>u^51HuFR~?2eLEhB%5Ovf3=)foH}y)7X77ij+*@j5Ier
zc+mk!$LJfFl>Vw!gf0gJm|L5HSb>o>LEI9g+mb4V^C!&?l$7Md>GAQcYNieLuVI*m
zzLV3C6Vv8a*+lkYmx8kW^0KbiP-v%P@XKk1UI#nbeeT(1vpV>(yC{tnd_YVr%{NC;
zRgV72udsv$RZ}P?CPL^*m&(G%w53tp)%*8Q&=iz#&)Jw8Kr!ja6p@nPlVsbgm&5$9
z0x)}|4=(p(TyZs#4NM_&a)u(0*pu%?pgJK9a*p^HZ2ctnYJ;@YWQ9Q>ks0j2zWiG9
zp+UPJ$Vg`}hQx6>?r|Q+d7+^V?B`hcsxF#DyW5c_+*9UCR8kQV-6M*2@g;_DRdgg^
z#U`rme*DYbZ53+8npD%t3MjXO>A${U7>()<Ah3%TAhyx{P9%7nvw+6qLeu!iDBIa^
zZR!2+PnlY$R}bS!&pkEw9(<v6rY~_)QTd2W|D0<OK@zLy$JyQS>yM~!7xurU+TP<G
zHR`?wnGM~F0_X%<=}ZPJ2M!aM6hCJRvQXF$^pGaxOU-AD658#dnfNCZNiWCD-Dv?w
z1sKT00fxORw_D;5mbjyHL1`>LWIP{EJOkox1sH~Ww7E(-I_H~ZoL?t9u{hkVIa+dX
z0iMu3-NzjaJd`v(Gs2D+oIo##w+fY>M;{4O<l)}mqOr1?$>Dipb-S4Z+5(Lk8Y~J-
z4fVNrt^JQ7HD3-#+~oFpbha|EZJbVUnBK3{8rb%FwmZ|8XLq+r^hu58gCl@1xK!^W
zEs+rPCfY1|!C0MW`iiKs%F4+Fhv+_XqU#7@DXep0V`T&Yb!qIV2{a}M(g_)i#U=%z
z{o!HXo?Akp*|t-$a9F=THa0r!tWII+=^RHS-PGe#z8AKQ!0*E)!haPwkBkU4Kx_uV
zhwlflwV{20DI#E+Sy<#H#!VZ18Qi&zac!%86`g-I1Bg3B=^18)U?QM7C~NJ^p>=Fr
z5W7|3$)cLp#aCo=t7xpmQ)44kHU4soRNn#HYalQ--0MpSTmJPi%E7N8rxM|I=&|MV
zjuzW{u3IJq%xFuFyWTR)J~D`>#60W7i1*E&2M;{36pz+{p+InHt<fo{qNYPymDC6P
zeK*=dJHc&Ii?jnAgJC9xCBpWB>tp%CwBM#})}xHcc71*acoDF?8%<zLYg`mkVtl!<
z_UO%j_`Erz--$wMilD>zDg#jw-a?F@w6tkMnyXnX@B@cVvmLDCz%tU#Zh5FECPh?T
zc^{*vJodlNuGc-C|JC#H?3s%ax~<Eb&#Ko@QV`DhFi2ZC^|2R5{!L7l?T9@ZifIhW
z&q1}MjI=l3AVp7V9_ak~@)*RjP~mW3Ya}3`&113QU8Rl2t1Rl3h$$sw!L({xpBO>x
zW-vx%Q!U5`k^&(M*)}6Nnk$%+mUSg<I@7`WE3U&LUP&b`tp_e-#N_)jb77<?l3dhU
zo?lMF1ZZggYG%Xyd=+%i320DAw}G~-oI=o=m*z|k6OJUnSuN-l4y30LIEg)w9snU7
zowi-XZC})ykrgR9(Bwnp^>^I3T3!N6*z~Mg<h`(=?=Dl+WuP2X2K86}cXV{RP$nCN
zddj#{rvy$*BC<epy@-)NByHO~dAzY8@G{BVdb10{XL#DbusAq6@w7lKF*7?BlJUO2
zxn;MJ(S2!=*QF+5+Y7*fvAS<t-&GUxUW)2Xrij4C`xFS-*(m+#wQ+{u!hlzjvUmuG
zwa_ld6nFcNB#`B!ZShjF_{?}<Ne;oJ%*9UoiK$7#yAX+kMU{RYkyn_?y_>SogPf`@
zFSInZdon~15T)NRt!9*?3y-gERgs-Q=CBZLOc>>PE{hF5N&pe8t)(TWrTElP|8~lV
zk)}60>vtW75b0Dfk_3f1Iqj&3t^fqI`D7X<)izbk2qnf71wpo!tO=5y_FthlsdAqr
zJziMF16+dxIX?Z@u*SWc%NQLoxWb6!`~r$m>HH}(5f<x99P{m@7$6b9$_c5zGDgdz
zi-FXSYg}bS@VbfNg|sF<4s{2;xtJMXNQn3J9@njp*&xfb!kL!CuJ+I8F>6Yo@zZv=
zuGZh6t+dzwiqd7<y8KX@PM;d=p8CJ!k>e#}P;BhAn2X00!4-!@MF@L~0(-7Rn<7$T
ziX}0nSSTMH2^=g|-OBBZ$DIZm77!6qlR$-(tlB!5_ck<jwSxr>Nz*dY@Y7khI7?WY
z&QctJU8J$;z3wm%RV()HmcCvsZb;f*L5=3Q>}K5x;mo9dyJl2!xNxMNIhJL2egMdo
zI6yJDqCt?`9bVEX(tfiIV>9dWjW|L$RF0yW4iRFC$y%m5J`bM@?5<pbp1D;B$%_gE
zT{#71cP~hc8+(J4*51ZY3{Q{6(VV-%!PeSx+-V=`!BIiLNG^9V`tk54x>^iEfx$gX
zIr`XUXZRTfZ(>iC;Ibdc_&B9+XdZRDs9~t*%re93{yxeaJH3FO2|`4XhndJ?`N#9`
zR8egmnlwXq5B`Dvmxy5usm`%lG@EwbSYa1ER-BQdzOl75UOobhI>h8vM*fa}!0AdY
z-uu%P#Et5;`MGfr;k*1*77xAtZ06}oCs@X6#_ru0m-sXVyz^O_fnc|d>EfPJfChgF
znaG~2IdvA#=WL~#-Q)Ef1nK*bMB<##J)(4go~aF`KfXQYp=(g#SY8^qBuhpUMwcUD
z17(F}UZD)$pMHIJPhI`18hmZ-c6(5SyEAW$lHOt7OVu2j2>eA-B7a9l?Ac;Y=eZUq
zxOJE(F~1H@;O0=TC{u2LJbdzWlPX#bn$wKcSy;P2??|*CFE>Gd@Z|QlIRtW}St=s<
zsVnt2g;_M)7UK~g;L&Qr@~Sk~e)&qNB3BRZ4>P4w`qIH&&B-X%=r769Oph@%1{M|)
z4$JgKFB98KGg5s1xpZfYo?iJU{&De2+CiVeAFsO$B%`E+*ZTo@yB8Nhu-Tpc6AN&a
zzH1Y5*A-tA5fJ&GQV|Q9AuhQwVyOay2-v$|et}rCJ!rQ7Oc#VzLvM~_gW}@wI$SRP
z^zPQMdvGA`(5A;m)fcn(SfHkSJ0grVZQS5qMm*yL&8_c%>AXjadaDxfwHWVYR++li
z%KA`_Mh}mEKgPVi_it2^yho=8MSnsrCKVYfmp;3nWcS=Y-uK6y;FhyujJ?q2$&LK6
zjH4?@cNUDZ)uHzq%Plg655S)f>w?c2I+>B^isSd}LCg-(-jDXaU4ulPHzhjS=6Hm*
zg|MT%*=b>NpiC6Eo*u=-zuX6KhOvzB_g}uXcN-zwu_XcoARmwJ4+q%V!`p<o(gMpn
z$zu>7rQM$x{kDHKxC;Y6f8m8ZGP>O>ufDyr4I3#BVefV#`sCr6YqZnL7}eTugy}RF
z0Id0}M;8DZCWvEoqSk&hLI?zv1(tXTk<Y-1ffJP@`<j)E#$)}%X4IG`qq;W1hbwxs
zgU72|O@H}SOr9Sqs=FQ1!t-9h<<PO=j2@d5ZSBot#jN?(EV^^OHCy4LcG+v6OTM8U
zeYpjS1sihvBrY|7$I4^J?H%X0{qvyt>ghiFdPiC_^~c#9D;x?z<5A~4kB|+}?(rPh
zZ$Ri*J@Z#w?378nTvD++?L}A59l@<fsZ_to5+#~1R`0;z=kuTQ<Jk^Y_C|96U$K{m
zOW&Q<oS+{HTNqo-z>6O?zkw(-C`fbvZNJZ+l+oY4n`{Xx1<@o))|eOGElx$f&H@^n
z$gt?lpwp2TdYet{3?j+9?b(2E>6yXhr-$9^y%^Xn&U}>#)wGXh=pSoWq+@o>)GifX
zgk!$yZ(thk(~bC(AHxIRL*mfAgS!WL9nI*MFu38EzZ>eeb0gy9W&TO;o#y-S?yV3-
z&&~nAqBrawM1eQsp&ClFe)@XOMeVUZwc9;94z$Dqb258uOuycxc{fyLQgF_;JD}a5
zaYELnu*cIGk)8Ets|}8*zMCY2`SRkv2eO<KiKNnfO%}PkyScps>E@#!sn7V_g~%Kb
z`AxLW`F2F;*_>_#c8x5&-;PkL@Rh`%gJgxCiO3;~Hkz#^cjr+SQ7r|bL<3n<UrpN#
zznU>vy}@AZf#<A-ko!;*b$$<O=0ZEB^734sVcY1p*I}di0Pe<H)UUv=g=%rSk3MgE
zFNIAUsbDrlR9!Fq(34rbFhrnFheq8UT_G4l965J$!t8&?r>1=P;B&kYHuH%%UGhAF
zi^O_!JH}3AV!A?dbhrv^I-eVSUz_{0j{I(S;ti7xGd)qwJq1MPJ(_H;fcVa9{rKTg
zzr3U6q$1iPaCJE0u`zf7!Kb@aIxQOYB0-RL@))in+O2;0H>;7rOYB;7M*6|!C=VwZ
z_#6n#=pVD;`kUsE2ITbb+&cS}X-i-(VwY_KXN#rCfah8n4982!^E_Uk+q0Q%eP%1|
z?3(UghPz_C$`5~h%W^wB$9gQRtf=@zQP895XNd!&5OnD<SH*M$7+;ePjf-Y!&&LkL
z*u9Ri8z$JB?Ck`&NO{=jr-_+JU?a}jnf00fCT93=unGN@>&$q)h0h}Bu8jUvMD)Sz
zABbi*U4#Yk=wDYB<hrfO;wE|6<A^a5O4JCPPf4v(c(Oo~i+tbP`xR2!YbS}`7}{Nd
zUm>Dm3feiN1Z6f7OixUk<8K7~4~oM~HTc__1$es`+L9)5B(Xw8pueI`XhC;{Lv&)X
zogpj~lFzS-IyJZE@pn<UYZDw^C}Hkq4!VLL4NX-(5rqKonW@U$07W&W$m!Nbc(hbL
zZ&?@AJWP|tq5u4)G9nXMB1##l<O7q##j_1D0)W0q2iLkbg5Wj6C1J+j`9uWA4_?Qy
zyr8{og-XT!d6R`}-rOon3-~hD7r*ly4TQ$l(RwsexXW(kgs00daTn{)FMMB31{kzB
z+kv%N_xnAy*wHd!WK%MuZ?N3_H~%>MuVEJIj72D@6B;4ylq|--gB8RV`y&btL&-;f
zb92Hg&1UrX_wDL`;$lYQ*yE-;YZJbYWW0Nh&Ahwb&E^H#{bgH@)a$H4LZx4kZL(tK
z&aTqa*hlfOdNlo=W$?1P?33GE`3S#{X+J%V7#1Ut$}m^ala$en&W7gNq<vO>Ua4WN
ze?a%d*z~s(^dh)QV_(Bw>>st+QLEojg*G}M{#8mk-R^x9A`~tIcEaKGF9KZIUtf9@
znVA-Llmt4v8@@VBL)K-}{747OnrI*p<`5S|56?wA+z?f4LUFy|4P55y#G_|QW}?v~
zp$zS9^%v@2av`78>JFY`+!$<CjjcLyp`Nr@4}EiStUBET%HnMWG-Za>U$;UDcAEdq
zm$^`Nw|7OW2`#?A^ZRZGY6p$Uk9Wbl>0v{;67>#eDwQ*sdu6LPJojRECj($HY5$#x
zJ)o)6$e;g&o>!7a$kD()koInHht=@=)iN1>GC$In-La%CaKhSq0UEhm8WE~D+i>I-
z9|IFZ-Eo`75sS^oV*P1AZFQ^ee{>0>H~Xq(cX>wlY~H2!Ty+;NJtm}KfaMUjz741p
zRP=_1l;kK1$?oIAn-oZ8$lV>?<FTJ7D({c+;sz7VUiI{-hugi}!6K8*9pd+sqSonw
zc$1UZ9jy6`uyft+U#IbMNFJ7sJ65dvHo($TQLzP;#cq$(Ekyn0$Y0TuLyy35xsI>r
z-?ODI;w30Xd{9;k0-ss)N;Ce81sb7uGp4&-Z3q;O4<R1bj=aDCWp~(vjJ@0p#`5wV
z%KtD)>otVMAjB|QTZf^iiWw}J>FwuYTG?Muu6*79nqI9l=1D{S(<rP4Q{~q#5wHGy
z1R9;w7(2sf=Pc&kXb(d<mBsKfVFA1XET!rPLnZ`KAikn5`7ohNXpZ{ji2>ES6QEQI
zTM(lHyG^oB+M2*##$mzkd5Q@t_YE25_5&zk3hw*;P%e_GY{{F+49d1pwCb}<{%rSw
za3*XolirJfH~k7t6CU)my;)1&R+?(*6yh}up#+SDW;b8nLIP`vaqq-f@4XDh?sEqF
zI{+Q#a*;Bq-WdG;!0_FL9BRZ@Gc;~fsxM%|oBl;mPoQ-Bl-g*|LYV%7il0AqTW@1^
z*WV;EdNf&Qd<2<RyhZwJ=QFzK*f*|n!I0;pguT@h0RG}rmgm92!hmo>tLqO|{?*2!
z>e!5YWz>t(v}T$gI$TMJ3@^a#F)qz5PCgvm9#wxD<n|X0FBC2U-X|#`^xpzs-`m9t
z!lobNa*d93LMV6D`@Rr%7lsrf6-Jm0K-BYR89p3fOs2~~r_e_MGY#qlZ+1xMT!cEi
z4J2)Xf#yg6p5au6NK?w8{#(}=yE_{e-gHL9{U`Eg-8obA_pVVeX=(n?tHiC7f}=AH
zwhqJlR=++ACx~;ti~yMRmnCk`wog3!TXwzc6DBbGss2g{ih9cx{gjl7xU9^-VkWbE
zyAzO~6d9DM&)n~18wWiFG-P3nMo<&gg3ENB=vzhgi0|YIbcfX3WdDbg(es2bko`dQ
zJe@FA`+NZn6%vsJRo_vHjzF$MrK|W@Ryx>vr$T2%^J@BA;qzjwHuq!T2z%x?W-m6k
z)dch4i1tb8XaroW(21r|XPXldY-A7%k={j9m5iV(K#Z60`hltHO9K=5n2XdI{xDR|
zh!WcRLYTjwhX9C~Yl$ClNT(IaO79-8Zr31Qlq0(gca=TqEPxxY52^*Faz#i05{BX~
zI_pbK0mb>S3G>D-RCmHz2+t()8<q&R!Ei1(L`@bOuxxgl!!c55c~bk5$IFEYSrshB
z*%e|+irP!YQ5kGYFW@7JMizuMp~4$~0s^*)QBB}Yo)`dUm)kkIB&bn5Z$S46uM^WM
z06|k^jU6_Eh4VAOZ*4+0UWgpHi2$%8Mw+0h&BLxh=8=I*rD*v_BcHyftPYuKS=K??
zzAmbStwsSo&I3VCx0h3q32k<{>}U*?oMx9|HkW7BO%9fZk_NvPgqc~Gg!F6c+n$!C
z+0!g3^vDL;V?a`JX|z;`1y6YmQHNnuu6%bc_v3=e9LnbK8KO%tX;`@oYFPg$rF;qQ
zD?%|hu#wK;YG`w{CA2O5QR?}G-HISWb9jJ6kVG)PEf5imS%)I5%+gRdBjX!xVRD<>
z+gc-^k`RU{1?x?5W%oM(j+A_lFK^`KeLn|_#@WtBK@enhfSMLFI~Y-tnp<wg(4nzE
zU-ivEmVoj9UUFO;d?$6=8+`vI#T*rdbFt&3$4rf=75MNob#U8%f;-@HxCn2v2Z|N(
zbF+`aIm8j^Z!V%dYm%_npKywHVCGRWA#V76Bk*v#_0!(>np+f8sseVIlU<uVfjncg
z2iV$v*}smmMCV9xxgh>1XEyiGzvU)~qoQ}}Be-6#2Rx7o-KOB|iJLSIC}XdF$irA-
zuG>4g9kHd`;#QCL8gME&gsRsW5<Kmo@U|S76Kus6MGK}SvX8C~foS#a{E@@LiPmJr
zy$X{Xc+6+yrq%2M_X6DR%N`}(PqC=9&s$@kE#h2sxOwF@=W-oN0Kw~zHa#NIs~+fS
z1bQP~n%y_DybcqA;teXS#~kiqg7zZ4!8eQ@%Apk1wiU43JvCs<0CIG=zr{h!O%W)K
zx4vX}3d{4o*>8;7J~W6uT>|(}5-*aFtKdnMU`m4`Pz0iH>ARPiKsY?{M>S2XyFMWj
zpQa3rFNTFQvNgC!(F><qLLmFq6+T===8zNDmMU;C4K|iYdF7JDCV?$NHjB&dD;$#E
z*Hn^eCS|}FPH)>Dokr=D#U*mEXUXNug6>LF07!&y>*(Z96yBua))eGRP1=k|9#lCr
zIGJ-gWwIq5ezBSX(rhy4g>~`3i$fIW@jq^y9vm?`2F6@L4t2E*k{ZMK?B17C@Fb?y
zg&HBtq|2)=r4s4fk4m>Q7!QS_f478;u!or&ngTj*qVToF_c3I7<JL*SjG<bo?VIf&
z@m=ddpe-ThJwc@R9)4kWy8J_lx3&8(9!l*eI9?~C5XnK=Zp3&nvg+B&{Gdu9AwXp!
zC9g>mj0)9;_zBu9>(vB{(c<THekdmmuIOF=Mp~vLil|g*)GMIM#ZE@Y|LWr8VSn|c
zMJ<QmbB|?nf?V{X)l~oCeukn2b1vRs)sqx)<Qa$LpbS2Z<K1YY1;$(&Tez{oJo@dD
z%`jMd0Dois5NM&V&J~t;-;K)piIPCZHb#$5^kDIusLkVtmO7)UpKhZk1So%@jUDm;
z)q3Pk$?Wd<<e=Vk+Fe@xm5A015C>Fx2o3L-3XRItU>VI|2RD5F#Md9jUJk_NmH%-m
z#cZZw@Z{E;7iUKV+=*4_lk33V{)5OVlVrobwH`ZMti+cP7P3Bc6t#cSOQUBK-CMAH
z1`n0%u&_$p4-UW@&}haQ(5tS$iAe|_$Tb+oL6`_e3c5%#z#qlV33&hlV<Xf=@?(Mf
z20~t})14B_iy%i#Niv<<5&{(QGO3`hE*u3VX3;^<$b1OVh*{3r1++1E^t0Lt+g4Ta
z@?+9{*&PNAfB+(lAe@EYCRQUYLnW4CDm0Y^)5ufRByF=kKdv}YT}Dn$2`G!KEdRWn
znfmjxnW|>5lJf1R`SKe766=)nkae={HSLrmLBv*{cIH5MwPg0k?dv@{s6+(Ckln`H
zoQYUM>kpNe8#K;xq%;DVx{X#a9Qsh3sY#Y!Q&|p6kf{($WLk3nrg-k%Ds;IoI^|mP
znG)oPxD`76P^67TrLYzT*^4W>@yVn}f;3HXN2utq;$@p>&)sr#IqT?fOotcf8ayH{
z3`oaI1V0g(E5X~ZcY%-6h3e_TP6jST#hulC5Zf;LRCJ8Gio_?@-sKsTm6w{SVA<}p
za!4(Kjh1D3sLL~?e>Rte5LdA1^AXl!P@*yfCAyxhmROuCh-nj?AumY5{&uWOgkJis
zFbQu-Q~K-)t<;dg0z-rFO}Ic=iA`i+)Z<fI%g~1}H>n>rO;xpy%C^(K!s&z0GCZ4l
zFic)bJdUdMYILfuPUzA^ioSv^1YpP0ub83_ELo^iyM{tSEb6qaOsjeC=!={L7ZH}M
zcc$+<D4y><if+yu`}ioTn6y?f9U32@jc(F@fV{)&M1$My`mxWgeIZYNJAodWft5$%
zO>|r2svk_#orLUWTyi?un+!9*!F5pow*g`yT@R3xBx4O7ib(rssLkxUZudd)LTn6*
zV=#020UGjORH|>tlI9~f+MYGYbuUW?!zcS@Tfl1n>P9Fud|Oq_F>VKPFIMj`qO2I<
z*R0qtQG&8+4norDf02YVpG_7}zUqyDpvTMZM>>p2L|$zD0LUe==sX2*sx~{ZL;~yL
z6ih>EaL>bQa(<zOdRn1178R0>f1s?eI0=>{*`bWs>w6*zZNinqRz8!tH#|hVQwMbA
za#@38pS7FSfBihj$Z2A7*MZi9F%$bsLTGHTC+2v|x|QWV8R%OASuoN$*N?z0EtoO(
zB}kFF=mLXNRh0)rO29~Em>S~iNiNy#B1<RZAUbHPi{<(Dm4l=+;1$bvcpPMs4uRs`
zJ&zyCSe=4P3vnbdpcE^|5*2rE&P#lKwNKco7(VxDqTH)t*!9*}*4Qa1ve8g8SX7?S
zfA+mb7aK-yxLEa3cKD#eRMo%V;>;_lSd(LnhbTCvIm1HeCX1ZgQ*bYE7lBZv>apxv
zfWehw377TwEtD*MaWp$S3+r3L9~jeR_VZ)u@pFRuq`LH6u(dcyk^yqI)kgHKt*547
zR&aQ+>j~VPY#4N5uCRuwh_^CANpG!Byir0)Mhdn@?Pan?g1_q4m#-~DP{Axu*c{5~
zc`#1O1()UuakA@I2O^utL0C&Fz|QA8vKJe|S+g_^byrGwToQfMhRPzqiKaC(ROU&=
zgCh|ovGXt$yh|EO9}gc?eHKD6PHvY@avic6hw=h|_Ku0rAC)0oQ)Rboqco6WC@EDe
zM^vXRG0g`vr|p%m6&YpE7<%=Hgw!CBifDJMaKW0XV_f$q>}ZKOqN}wAMKjKk?Ohu7
zr<AnK)YbYJ979wVUQYLGJZ(h?S;?iyYW{_)0|msC_VP{I4(Lh1#&pqb1BL4Dn)+YE
zM0cLA9vWPp?g9pw>Im?z=*r<b=xtG*>J3&!+%d~&?B7nKGB{jZTu9Zg*cOw19pJL)
z_k|fqYOy@|Au$pR+^S7gMLZ`w_?NIwlKa@(+vlw>Bn2TtL7Z^(ymD&)sZN_7pPrUY
zD64O`95BV9ku3mhiO&Zh1L$XG@TbwqDjtjUxmY0A_>#0t@L*zKNJ!&hc!L<8U0%+4
zmSsg;D3B7;_X?GnJp!g!5C79+8ceg<CGra6q7~3+UMn^Nh_x=dHs7hZ8U~>)(yPf#
zi`s9Q*$j$_NDai8q!y3BpAiXuPi5bDXt+2&7D2o8oKRmQoJx9F{LRj=#uy#UbH{?8
zNWu^loWBdJipdwZq$rJqX}O-5vb>C{9j^QuIUT|jAn&nymy=D?Eo2c?6iQ^jLc&Bd
zTtx?+o%ybM@Miah!mNmbQdoeS3Z6rK>AU>h1V>l<ifWcHZE*5(vpZVj!tQ>a(6JuV
z3%nv8QPu(es+j~@niD?I?{xI)F(I2J)$YGC{5<l0q`Zc#CV^KCYY}s=O#OZ71)ci=
zU|2v{uBbB>5laeTy|WLZ7(l9hR|Rv<LVvp#^6GL>`+C(n<!%kk#&unjAkcWK^~JsP
z8m?z#CAO}9ymz~%eC7zlLuzy&7ay^(|4|L3v#+OKq4;5%!x2JRF|;I|DNlu^wLY7}
z2=x({le%8Wi3c$vd#iO!STR*^b-tGj$2(Fom09;TQacyJnwE1#uJUSv6U`$8?}3ks
zHbYWSDMdtrYGvo%jEnw351D9KcY0)Ud&Y|H`z*>lzC7~pAk6%sWS}w-y1(8CP5<O_
z6effKb3C$4QZe6&dk=DitjeI4X8xs5s>At@VzCy|L*%=L&d29lviMGze#oSawEeDn
zlko`=KIy+JA<V`c@Ec1RNyG6r_{fCZ_(-WUmSCB&st^F$Z0^uWL<5r%)`+Au)%d-H
z>6)*FXrYM<NpI;A)~y<<g1DjmmmRizKYuou<)zoin=~p*rFLAer>B(Ol`gpXHVT9y
zl;yacsxY@z^a|@ZqPIl?OZbMntKlj0UG~ux2Lo2o&uKe*{CYsXYu@1O4d0P{3WP()
z_WI5-!K$ej7S|6=;oOP=&`{a6{&y&{5Gh1Y*|`dj2z!wVzWz4wF68&ntcRyp*?-z1
zZ-)#OXA$`}N|yb6Shcu8MTH&k_4Slkf&k=>7rx}^E`9QGPFhT7HP3VR_^H!mCkaaS
z(eqcOcz&p8QJA|UFSST4h@8wYl%ss1*&lN9N&;f}dVa|np79>d2OZ%VhL@`dH0dzh
zjD*qC_P*iV@c=sY{1%ye&2FlMebeY#y+7bPN->tw1i|Fr1VnXSe$1-9t$(_`=ALU(
zZ&bvv8+H}5H{OiwP5=#qR(D#7(o5(>&dkcLxh1fvch62l`U3#hG{Wl1I3uJT8CdN$
z$pc;-9eNBR_fDcG54TpGxM4&v%<8|$uOM8g+vmuz=ZUx;;0fV!#c+h|zJ^~!knQFR
z^O><`dT%3#sv@j*sQrL8;z*(fGtusFnP$7G4iXFKkuqDZ4?rtmwODOLd9~ORB3Nu8
zRS2*0ZDEgky4IU=JGt6+yba$jd?KEIdH)w%<4kvP`r3YS^c?4oM!kj%N;@_g!mD-@
z^9@tYb+tBB>)KwuAjk|UsHNu}D>@y=k12JUi<V=3&28RF?=4xUn#(97h5$XTi&HG$
zkhoLLH+w|9K>71%^8=M3D-|9xWdOzV%3_ztBDhPEobKQwy?85Kk-0C~16^ccyU6L}
z#pOV5{*>iem?<5+0<*`(8IyueeEVIRsW*Qxic-zwgb)Xpx#8zgy)3v+rCmD91A2zw
zZ+`ZatRK7}ud<-a1HWJ@of+$oPHqt7P^!n`diAaQghTTbu2x0-1}0WE%W-l%%g|7%
z)B0DfXMonoZpX1I>3<Glk}wxiq7Zi~50r=|^sG*v(`L7j8qI%FUWVAQHyRPdlqP0V
zE`styfYvh>^&zgN9m@be_ZC`7?93Qg^K<A5!7`OLXwi2nVRCXgAjZ4S#MhcJKBmnM
z@_CocS6r9_c~bW8?h5J6?uEj)?va)+xq^I*NDl-L4WxZN02sIZfMkb@*}WLhc#Sr;
z`qbN9u48hPrR<_*hUV>f6VTUp4dMo#W17=$XMrcv7}0xcKEXp;sx91c{@8E|Cl%BD
zLt-*h%GQi(?Ol)7Och}BcJnlb#FUb{o%^^sC?5G>`Zi)g16|sn>nVlof!o)1Pgk9n
zsujq<FKfVN!@L-t9x0qrC+G^oNukm3Z!uVa7bJrNLnEtlcLJ!Yn9(1R(<5xmfE9Z@
zg~ogbpG@@)a)65+$-BP(okRwEOgexP0Tq!*HYdqWTHMKYp8l>eA!kPanZ-1zFTGnT
z%`Mn9<mP>K1;f-j+P^JVh7g4*jyhKye33r<?(SKPc!@WN9D1!_=Y8s;?C~OSS;^yM
zB=N=4&FI9&>-r#!KCjtzlm+Q<*kjozEl9yFo)EA7zGgL6X1p6*pFxNKta^L(IXt#B
z8jK~nC8idjW59)g%TPnt>L@5-1lsZY;&7#WQ1`=dd~ms)cvgRGU=fkgh2{1B0peyE
zihB}w3!x~9#gl;BUSXJ8gV))DzI~UfO^Ah>i-msRTt+yMN1Kyl5u$IV4t3Q<XXVDW
zo6H!GnM5={8ak-fE4&*&!D@?G-X{&((_Y;1iVEHLh;n=^J-Xd!(i~4BnvTi-s()PK
zV2-jMZVD^izfFMqb)|4yWeU|Y)#Qxc<T}`6C{)<0K-BwbK&zd?h{D@$G~{k&Zo1%w
z$Jx9h*cZDe5*`YIE0j6Vh|c*yIG%RL{b22i31@v?{U@VedY~n5e+F%20a*J}2LzjR
z9X0QW8&9kKQYs)`qOLh#taCyyjlK?2$z~@e?*)fGTg8`Hzvv0=0XPT-C%lv&5$<7y
z68ZuaT3t+FbHr${+=7LZI`Fqk;ve;jLNU!Y8t3`^1P4svDRA+u1;2m=2&aN3Z<0M_
z!H5y2N*`RXTRuft0PskI58d+?k{w+}@D>?u-br04LzNDNY406M2{$iR7}3h$m~>rY
z1tBntATC+M*<Ylgg&FRE>iUJVCVFVAo%;TeB<YMZ^@FvM5q>VO%*8TI{3kj}O*c;a
z>)vqId--c4$W7nfP1GQgRt0T&$lN-5=Vxc@j(lMS0+lR-J!n&E*UtSeWllSr>bL?;
z8fZ*L=t1)!R6L{zABDM5YRjR5)>I>V`wy!$=)J#+C5s}$cBT<!l%Yl&e}LV~-x21~
zK9+Il_37QtX;GQ4cLLH@iDv8W|Bc}F0Kk!9RcK7cdy-%*Uk%(Xw&@RD#|_jEHJ&2!
z0w9Sw3%#!~J6|kdt!tkK4SX<qhX>ZbuI~I9)-5=xHSl3|wcd%KT02T>*p;Eq;!J{t
za3L>1lC~GtYg@}`#s~EP4gCSfp$9e{N5qbj@|Tn6OLL^Nn(d(rb?WlP;W=}6!Y!RC
z&FABx`fzm?<DUUnKVx&u@;pUD2=$HrP)^MW=lL+qJ6eWF6y^J4XXgj(`fOlbMsG}v
z-9HT!CU0aO)XJw5^c{RACdU{wOlZB+0yDCo2+yofXfuCo{~|3~A~IJ5V}2GQESzK6
zH$tUraLI2|A(sum&4oVlYqX;LXkgA@|9C#bD+Z>9l{VkiKPC)jhIBwar)W5RnQne{
z6aqeMUNrn_$xsB7YHP$ot1VebOcYHiAOrjY5tfW#Bhqf3I_p%c)$7~DLl{)s#NYd^
zd;!mP^4t$@&m??!&BHFZp%8a__j=ilW+1XbgonqMRFeJgE>Yri-Hw>&*0ZmasoQSD
zt*@`{dXyb6jCgn#lhKkIqmVt?!;uubT(m+}9lyZLOyWpo1fIMZGv##R8@eVEp7|8#
zJg%ZjNzrx>)5eV2!-Li4&w~Deq?{d?l6r^7g4MDXX0E)OhP(Sh&g@NwTVq!nd<%2r
zxiEy8gau5;oezB}rMmdYcp65D)eZnU13TaoNO=<c6+dA25ty_)=!2Pba101ZIP_t*
z;~C_zY$nX_A?{_|X4C{ob6T@Kgk~lqDXH~bqU&Et8m#$BDi9fHsUdl(LOg7suVF>u
ztF17q5SO%WcL?nmjGB@;&_d9c5Y%F>)cM9Uo>eSP<_mDxtHHL6?zwH<C|QysCL61-
zFdkX1s`e(fMZ;i!K=#|ObMX&01xlzW{e|V!=di0Hr!%;vqVB=>{CY;LPS<PU`(*D)
z_ivL)UuR+&ZOb!k#ZXzDj>6__3nwhxrMafOrUHO(<*nvYwc1x4UQfnty=PLvj2@%j
z9D_~ix$;n0$6;tW1aZ0>lw9vXemE?4&xMQSg%nbTrP)#@?YP^p+cPpedtC-Wg1aWC
zhk{glJ<lN5l16uoGfT)^Tp@a&d-JjM>QDo{tZq*IWvPkV$5mfMpvuKYes-Q@o-CT$
z{^p|y`(2~BQ=!%DjdrQl;4c?oBAoEM$hMr6mYP#GU(A%=MsQT+h>wNM(Fs)~m8F<P
z#5vklH$LyrJIL2|O?x1%SWFn7$1Ao!HrY03?rMNPw+yEX{V*A#$KV7ue8dme`j-B&
z`3RHrLrr0b*iz0gS8;NxzJbrEDysq%RbC(PlRhQ{qK`K+5ZV}37!wOyT=3I0=5$#k
z<7d)nh`0g#pk;1^I6yu;Z`2iKJoHE2b1+gVG$Zt$g=!8&%471R`B^`l9-S@3gFh2@
zTaa0m@wvIR+ihRH(8AZkC4E~Z{(m1$=7mP1qUz*Fe&{0Ui%_@i+zP<88ZTn@e>k-7
z)|9^P(IkB=P(@!(qn_n@!i(jiMTf_>PEi?=6MJKa_7R+8+hXp;x*^N86U(Pr;6sAt
zS0m@4k3$I!2Th7g4bRI2<ef7EWALUs^J7=jp^##JL=fgJ4Jx0_j-(ekqjSCyc)#D&
z9&N3nZg{hzD5P5VhSJsDHI=@6;7}#zg_ZnGA7XxR5(X|0JZ}~@20{@D5s)5geGpnf
z(lgSv4oHd9EI*nyf;`bIk<i8fpHYR|l-jl_*l8$k#h7h1ZhkJ*!J!qElq?Dk-IZvT
zcm5qrSCRX*y0vFZ2l!EdTq8G<jyj#Bvj9AyHa4`m=*$(c+4mxJ-`x+0-3@j=C`|LG
zUg4&Nl7Rv1sy)oe{gka_GFSl?fZ7z=F46ut0(w4UM^c8c_~w4S${@Vz{l@+eRqq&_
zY0zyAPi))v#I`Z9ZQI7gwrx9^*tYN3w(aE2^PF?)tFNyAU3GQs-MxG5wbx4T>8}d+
zq*KOu*IG0%ck^A5hf^MW(S%9uhKTh_(nuU8k4m|Uzl%*{Wen*Utb&^L4O-_NsQSaw
zTHcY+N|MYSe4ZUpI4t$?g%qu|)Uh3F0=5461#0qPm)F}xXz(-6@7ovLn8Yltpeiwf
zVg)YpSTNA{{a2p&YMoO|fW5`lFR*&(8~^74BnZ-VDx1qiBRbsT<mlhg@X7B-&Yny~
zsI=oN3Z&8h)Kk#8Q7a9U4vY+@ZEiI<$?~j>WZ=H`&H`4@UdqtnW8CNrYmR_v{|<ME
z&ID!*{Xs!#e?8jxjdG9z;X$vI*Z!MeE;L3mA5r?`b0xViIQUUP){<#&hIHOY7Nmy7
z*mn6%_75Mnz5TN)Zj{MnVFq|eL7m7qk@WoDu5+@qWC-ZW+qzhmgk-YecALj5<B+;9
zrY<X+n#xpnQjpQ0g7}QIq>@Rmx*nMa7RRJDDl2T}T%nm9cI-B3N&jMwEzhV_PuPd#
zu;`tAqT|P=I*8)I*W`vbX2yE&#O7g2#l(fPDaqJmqNAs$N9)$Vt*N({2CFtTy1Y6~
zl$<Nugwm_r#nkHw)VTj_$=@Qs$-2#0Iho<t8hOHR!>lB3#-2_jSLq8}f_v@@SeDy?
zW4pb!Vm%2TSx*-{K0THrg6C~{od8kh(%sD&<yW-DUwS?^oLjF4%skTzG^~d|-o|_8
z-jC;hA8k%smV2RIEH=$xP5)eXl_;tu1g95<kTl6cTvu;~YwUaObOq1foMq77M5hIO
zb_p-4d;{z>`pAaO&tnFP@!~N%uwqJ<Px+HsU(T{u)1H@FCQCK@FujLQ-e+N6-h@3J
zm?&(VECxeV=nang52caRhSLJbA4qkA>{6zHNhm({6%#U}LPK3g!ry8*99}Ryt-sp*
zzxl6}!3mWFO8lh#zk$FGRxf=8oZBY65`h!OYzoIK8=07aj_2>f%;Ba*vXc-^v-HIr
z)O?s+lF1}E{zkQ_pu{Dsxlj3>RY=+s6XB1b$P(sqn%b#0|9$4$B5f$CbMB|HTKZuL
zW6#K)#r_L0p7b{5nr1);ynddOnNE@Dle&%!8hpp-&BpKkdb0Zjr(tLAl8FS2^P@&$
z@Cbrd-Xh(fU9LCc)1(vPPJ-Tit<(2sr86)5xDLInuC7uVt^m7GnL6KOWoe7W&KRV{
zhD)2F`_YOwq)~^>4cZyr<|g7s9_xN!Hi<R6pKrSDOu!=c)aVYXn;$O_7H{u8ptu`c
zX;CgP3>Pfx29{Ryu~n&u$%H1<mQ%=DVzJXvaECIsTgJs_1SBo|E|-<@KthfkA>z9w
zg`QCMx3?Pq$N1ynd;%bY>_B!5r>NZ?x7rQKIe__3ri`MtepAl!L~i@GPGC-;who{o
zX8nO<w#F>z<UoLs)79TufF(DPHF$zjDnU0ig%mTH;lhX%%+F4bZK4r+=?TmwNb&xt
z4w4!U2f+kTAPNc!8hZloF1K+n*>btk=0qp2d<>*^miS}U{*A&YjS>u%C35$AjCC(7
z#jtFUGy2RCDG5<1wy8I*AbM7vK3R3+=zc%L>3lnrf;6WEbZcvo^R-|Ke{RO3e{+ZM
zJz(BdvfdnAup?b<pJhb+*gnM&4#%AFK3OC&9GSZGiNZpiM#UHiI}o)fkI$X&Zi0~u
zU3$Whmz5L*IK=p|`SUWKpPJp?<mp}%=A6!0)|}Fi{l%b5S|T>Q5$U|^hf(Kp0wy_A
zHF8s$ok~eYVXGDz>5YMe!|{{F<Jx;X?Af~u|2*05APH!9CXxZ!C0KyLam_X1q8fHK
zeEK!xD#%b!Bx_6^ANildiV5s%3N_BG&G&vjdBk-cwXD)cg!`NDg^A;8uIskdnGL8d
z3X;Fb%#MnwgUzYt>*FwV1#iT7I!d5>?@)tsdaU=Xi9auDZZVaQ9fg~c7aH#s(o_~Z
zrV0is?GrFzoRe{{MoBXfmm_kTl0qW(c)1l-m{O0rpr|b&H!gCXS7XmOJDkr;z$j3P
z!No}Z+9Lh5Vbse3d$vaW%NzyNMzTX!?+F?t)G{v$K;2RUayy>oFm;m|vjHr;QzcHd
zQ*+6Y*yk>Is}N>7yRMoec=PmNeDG~oZ}EA2W6*!_W;JlC7ks!thgle~M)>y}0rF}K
z4~G8>pS;>DPtSh6(q&N4B1SUe_@u%Sw$2hdNJC|eCpfBO>E8m?L|kG{FiE}F?hZ;&
zFI$N^$0yVUNi{^2FYf#>TyJs_N!sHbvNF!fUg7mJBi^#*QQd+N@4oq%=+6o8v$Nl(
z(4%bD-$$i1v6szMgiAgsT2hTo4!zw;<`;ZBQP467&JVZ4Zd&Y&pOPeEGwQJF?gi2V
zkfoUEx;J>9&>*Ns+WmG8lkdmKQHz!Q!Zd}@FR!45>N6SP${B4aNRX<%20^SxmR+th
z#(A@e_BB*A!O6#z7hxMAZmL!N2BzF$vFkLSzMqfFw^tQ#QKR?{123@7Q)$LpU`l<U
zx5R^EkD|+i>G6l5L~q%TD-F!(u2>MH7x<X$DO5))#W|~`b_Gyf&=r*X#DIv1G|foh
z22Jw#T1)+yN!%>SX@7`$*m5bGWNN%P@cZQmVqonEfP7}CiBxXi@MgI4g?xY4x_s2L
ziUL*MHs;0WrPqQP{y-<zpSoN45sX|PU>FldF6Wc!gQH0!iLtyJ$X8~b;^_na|H=0k
z4Ede4#XbC=`3AyjS>jJQ`3_o+3nkDFWqMVi#XB{J*6tk8V|41`9&Y@(P(QEA@8$g)
zxA#}MmU%{hJAKe;Mvs@$ZMy)kRM$EuMKV2f<mPC--y?f!TZ1^xh#aZ9uu@DU0dNY?
zV(7b$egCHg5QUrD)`d6UeiINvM9%k$TEfo+PEPBHZ!ve%tzxw{&T33}q$~-e$WF{g
zC&tzC)F}Qo#z9(gWH5bBuzzwZQliKeAu7iQ8okD3z2RQn5MaI_uM^aEe^jV^Lai~4
zx9R^n(VY@g`_1gWf+>#}>eEv@_@uM0Z;s+uzl&F^+5wg8_L##Fwtfdwka*AFIE;)N
z#pjnSWy%oy<Wco4n>-+=vpOr13{%I%tmgCQjdh_x1U|hxu~e4vX@yD*Y=+QjY;db{
zeYz4SsywE;ro1o!yUx+kFMLIldXmB7h&hezFX)5H$2OcI7gXzq`2WVK5cEa^Y$o`n
z!E}yvZ@N<|R?u5+K2=mYO{F={Cxz&Pl8U0Ak$6mDV>>=JoC*h$FY4(e&8t~_Qt(1i
zL8o>ykJidO1EeW&G@v13{JZfoH_zp<Ssws>UqkrTD>yhfxHFqC92Om&{CCL1c`~1S
zZF@21+X$jblGgbG^;cJc@*s0)agUwa%1Px`UwZ_w$mauzq@_+B?;A(AUU%9xg;KjY
z3lm%lP!$^V(U5enf6&Be2O>;Q^VI_YH+17i34>ck_~C>-O}Tnt9VS=w;MS?^H~nyI
zWy)S<^qgNet(b_j&`0wl=KU;3RH2%QZZLW0+IxZ02phmuNU1MLe3>^@#!7c&#yRe1
zFb8AXryW*oP15`QjV6r8<FGx$PfLIj{H0BQJ7;PIH8Gfv1bkpoh-|YX-*G;;a{<(Q
zd~lB&0bh*sazsQyv7Ow|V&SZ;nIprv4H_W#=h0OJF9hyh5qj(F;B|nqgxx~fxpQH<
zqMG8Urw!d~Cadq1+3fb7qE<jIQ7quMX3~#q?ukY5Y_F&!214${P;#Od7S|w};6O=1
zm28FMJip?e<KOGYB!=<-J7&<KwfT>?=NzCcV&A?mfzU6LS{<ptEY$9lk!#4+dD^IT
z+VM@LP7~j9B+i{qjeo-r;+ypwTvjG9JA79pMKFjWU0P8~{)axPtjaDRtPvTBG0luC
z*ajV1!gc0a(7g~-?sPT|T^GwHm~K4V*y_hheQwWr3G8@ER#roCrn{{Q+{=H)B~(Ch
zRyMQvyx2obZ>ZwJYH6;fqL>z2)L?cJt}eN#3}-o-wzL4Fqu_*OpD}A4uqxe?`AAe#
z?qD5qx6NUxycEcpO*XvV<Rk8>S}}aN%nF$yy+S8h9RfdjVN)I{HN26&KUX;dGFnqL
zlI&Do#%$l;_%q`RNRG(gm1bRNqn9oHDO}=ysWbCPIL-C0P+$;MRU$;670ywN64cmU
zVcri$QkKsRMPZ=lg?7*eh((D}AV>{f>j<wisjYBx7!K}Bz2IvZ4X%_gGgzx3yX~ZN
zUQ6msdV2s3%XmTWhdK+{9GXbye&Iq>*B;ulVAa};rsbPc)|P&zvWdmu&qv|M22nTt
zD+n1ott_uoPHvd%*%_nA{pp{a;Lf)2Yo{B3E-yOmF0SFB<bL~AsB6J`)bT4CDnFuk
zwIEl6^fQw7g4}X16=Y}9p#T2H3W>2{c=AU~OHUt|P8qwfu`#eU1tv>ej8qgI%b-M;
zy<~842d$7wOiRm-f!GY$5z++rd_Iwe%2Ez?r#@8~w<`e4QF+Bc+M7eS`z%XPt*{*T
zHTfx};;8I>l?1G=HrnX7qlqAg3qqttbae1kL@Pi?*^Llww_5a>u;Vfu{nxFX+#6j5
zbYxf|k+Gv)D5-yw3ah{b=jbZsNi$&?vs6%z%PVUKWUP6foSZTJ?Dxu=rg3qx1dxE1
zLQ}z%Cvl6ukua~Mq~yt>Y7E!f;>j5`DdwVyXlq&u9QzC#1HeYWaa=TQt*yVWU)|9C
z42v(Xs0j0CEH<gaTrgEPP?A_xLo@82s=UtLKBT;xj-?5$uE{B=IyfEGSvdhYf#^Sy
z6&6_O984Ys)w4i<*kp`*L7g-dbcJ3X;17I)!$^pnMPx*O7laHS*}J)gc7$?IQavJ7
z6!~rKLf$-vWM}hAKXAe~t6&)HD{c2CbtnB=OrXp7Kzm6|R%7C91BS-4v2Z|t1S=#T
zRufq-lBCNZc4$Xu=57%XgnP>QMk^Prs;bKK!GT)AdCgH(R-O;*#^@LJ5{zYWe1PvY
zisgYMk@U4}gquC~S4d-^4q%~9EGkDTEHyB0#ki=pnIme&0f+PbmGV}k9*CS$y>WAM
z;NkAGt0W&6LmSyYi(4qp^NYsF#{8U8-*)UNo6G2{@_H|rV)&L5NDMs&lh65AHss6i
z2O0gL2Pq)IeE0o8gxk^Hyp$dDbyrL@F7y-bJA+9d@88ZZzkPf@FhSKpo>Go(E|GyV
z$sdc_4QRx@n7-joP#K}+cz8g;X#;L8<B+J$R$`Yn+l}<iAs?{9Qt5fd&s`AFB~Lec
z^G`Mx2@X|Q<uNh)T9hz;dt3|iU>*r~FahcXA$EP<2uT?bH-)|Ig_XdA!#TN};fDck
zd?GVXH9yX#U(|mZBEZ3fgx~WEYhm;xY@9DqfQ-QSz5f=n)#RkH?2~n}cp>-fmzZ|y
zPG7gm#Oh+sa$_bOwdJFqrZ(&ntU+warl{>sK>TlY@SW$k!yVDKl$lm0ZE>ZX>qeGp
z&Ppbb{E&tcmC;UFM$N>;l#mAe*rfFh4PFJ_(PAwc=uZRw04IXXJCg8kyiC_Z01879
zXnkV~ud5xRKdvITNM!AuR41VbD4?FP*}mXmfZ#T?Fg_<+u0$9GT1V*t8YVEk02$(W
zgs`+xC_xeOw^q}w=<+ZABok62FJoL!1YB6|LTu|VAMPx!2a&u|6i2#T@rQVKWhmA-
zeIrc4E&ei`$)?Eq?;VE_A41`x>OfW7zmTT~VLBbeyC*2X{A%3flheby!l6{vRtc>Z
zXT1}(C|vGdc_oB+UWM?2BeRf0#wpmX_JZOBKz*BYCCSNWA6$kO32ij32~pYcp|dW%
z46W;!#N>_?|IT3%k=B%&dKHU1e2?kO)!X{!buk!2<pgsDWhQ8-ScyIxAERc&VcI$Z
zEfpq+c#yDq6r*CFWvaD))N%FG&Mcg|I(=8zZa<irnRgEl$r!Vj<F9gf(1u@pOI&*>
zkW%9lsBQ>~1h%_<^2Po8(in{x{(iW7KX1CJ_vE-1YlAe~ZoUx|h4CDuptjmMhC_#I
zf*G-d0~8C$Ib{0=p-L{VQOWp&I<t7(8=u7`><|vLxuSoxG~-S$!PEx0vI_8`(qXP$
z?t~P?py6>NM$#8lZxA4Zrt5`AYXE}s$G_AWxIWqnA>wqk1FyRJ_3cdk8g3amk{yxw
zE<4Gn)}vn>xNEC~Hg4S)sD95;upoM3FLIzZVNi`7BQ4P&_5n48@uol`Fd5j&#w6{i
zD9I@OA(v&~U*vG51jibBJV6HFxSB#|#c+oV4lpvXw)m0g+*eRbDQMOTEa&)`>+3|O
zeZD(<ZFuzm%a=ju`m`0P7($brWkIud{3opVU~zz&(m&7#EZW97N}XqxUCYaI)*!E|
z2@1#5%lrNiAf!RJ>&!upo)Y*b*h5Fa7;0$2cNo5v?X93Q`C<fN_#=OxR>6&3$PP`e
zLgy9<%+%o8LP;}_Ol5yeRp)dpYmtoto2kDr2(JEt%@k6oZ4A9Z3td*_b&crUmj}gK
z7H8jRyaej*K$pgrPmM-BwoWg3lDVE|Gy*>vUIyory2Ro0hReHGk#A6tcP167u;&z)
zV*rgKx%~FjP#iaoiEb*!z&b0;r$Xxr-#lBO3D~OU_2d9%I|`wsH82O3WH0K?^zB7s
z1-O=X`Tk<TWa|^C6pTQo7ZR{nSJcGkwxXd*D@{*^`#lw<Ahno**&y$uigrlSQHPlm
zC3d~J7Ea(s0&IbioY(_bp2}42+7L(T7qIH&_OCcX8482jDT}teNHTIC{ooB`1C$mA
za(-zpxsg+f)q;zs40>EvPPot?P5ZK1-kUR#P0SNAFJgRbIBJbn${D__|A{w=1wFaH
zj0vV#Mbms=KM=Yin6>Q7sg7A#QViVU0)&~^f&b5{?e}Mb)_*R;AFQfYNr1sD*ZU4i
zTU(psxMX~CO^+g5``%7*Cx*!yI5fp__S^wEDk~!$rKd${G`4rP*YCE5g$ymfoxtF`
zn4wunZEY=!!vlPz9N305(b(8>OrX%8ft^)()x4g6PE4v5Zx){J^#E#+Q7kD&NX?OM
zc0oRvpp{eB_~fNFhRR2Fm`uPN*5%RJ;zSR@$7s!+wGZ6}tYI;s9tk#EUpX00v#y>k
z@nRFyskquq0Ebg2*#>{z!qR+TWAGPT!n|MJ{1ju`p^9THS7W53Tm4XY)C48nE~z6K
z27L9}KpLzq(JdekdRZb?(gYw~78V^9oiARPOI-r2xB!{i37#d(F&;Xq8^%7BSEk8I
zB+CL^+O?I-7~L``(@pe0aF#C-SXOp+u>w?y3>_2L6&u(U#{fC(vYiTPI0|Rly2%o$
zyRkm#Jqc#G6*T>ls!CpkY-9xh(mVl+W^`&0sp1(~HY=pihrT@fL`%v&d?{t;WUjDm
zwpmPF#4HUPhwyw4>Vi9m?$2P2|E4o>kue&W28SmpJev)7VM8ng>}VYs{z}Ls7g4sA
zEt!XUbEiOOutFO+i4VHG%Bh7Nopnn&S#<#|?mXe?Y+Y_v+|Eo*gOnZk8%Asr=*7j6
z|2&4#39n}gerWUwpdAfM5e;H#G-wmenWyfMSrLHK6hVE4?U)PAMNNr)+M8b-Yn#7Y
z#{@{ep_-Zzven>?IuW^T$ywDK)T$x>?|%FjHu(W?8NqC)bUqzAw6@T4f&)0)yTicr
zIPgDsT}~cnGp3=G%9yOip^>`WFk*6~3r0%GrKQW8i<V0@iAmpTh?P>)lZC-W-DRl5
zBk@s{3sVlvnCy=|$RE*nnQEp2%dS*l#aE7?#?lyA&~g&fQxoE{bP50D2B}q?RK+vg
znX{{^OVZDfBU4hnGO@H2Wh`MH%MB6*Z&{%|Q1br$4gZQJ+347WVfd%KtDXNem1El$
z3BYSa<Hezgz4tIS?_AeZno2!D26<bA32JkSykh4H#H(=M5FeKo1`bZrR0zEcSc`G>
zNNxn<iKUi&wXBqkcmIukti)W*q16%@sjc@vugCwz=bTVm3z6AamB^jn`}+j4BEJLt
zQ6|?ev5X_!^&2w*iVl1kQ8whO>8#N@y$i;p;N$1|#wHNHJ<Siuy#84WPKu-OKMW@_
zgDu#;RY(*VsRcc*z)vp(Kyx+1TB9quQ)(2gR*l50w2VxiR(z;ZRO{AQqS%*^B&7?D
zy?&3eyR>=c(S>2`!Jzu^hUAWqO`5tUF+DvV#k7tfhMQ4ZI_BQwt-54Q(#hPMt|bj{
zc)*i>c8Bv&e%gRD`3eZ$FezgApbsW=-@qJnQ?MH5(Ege@QKt+TzKr+wRBme?kj26z
zVd9czyS<B3eA<|5<2}lg9rac%lBTgDE0saiMq4%pPTs--nXZn$0cn5a3K2&c2_A*4
zzSk02h+KX(k?<c-h&SQXgE;r`Od}$_|FjMM0~G%^lCFMIN>UxczrmgkQIV>z4yrsu
zf5o<zg$dD`bun};$&yNbhQk{6daw>v`jiBkOpVyDicKYgI0aJ!dYFO6NGuSWsxbt}
zNEoXw+xVRPjOnf|46e4eR!*!8$s}r%6xf;CT*}nY*blHL#H9Mhz_uXDN@mmUS%BZg
zzAC#2v0uH&tZrigm0m4|iJ9K(r?3JODVb+x3~f|_W)*G($H}OmrzW^wSJKRtbWm=X
zwV2n~i0Tp*St3`mv=W9dS`?eWxGR#&m9%96V;WzabEb$yAS>};JJeXdwg@;C+@UsH
zwh#zyl#q=QoE)=;#bo-0F1<sGxk)p28^+^|^a&x#K&C)jagMD&%7{5fBy55}nZ}>j
zUVv+YX59S8&1g7o&TNgWsVgsN#pg!6)9G1DJ@(zNiYekh!M70vY`BHy6!UWnmQmSn
z2R+J@{7!335tOp~4qo!h>6RF!bk7h2?_W$*+|UjdCLin-7`iE|v4{g=EF|iJ264Eg
zE+jf*8cxSf8PzbiHU*+8!aEO_o7w<q4)NS-O8_r^O8C@;gq76@mZt`njTCg-*%*=F
z!H9!EiL>&L-B-TUclU}$Hd~{sPF)5=E1?>Yn9UZ*Ib4R^Mno>7$<X4(q<j2cP1XM~
z--9vlaYg#`XROYtki9xSM{<qw&uWrl6d|1C-Q<*tCBVvjkP+J1dF<p2t0K((^7EW4
zRqlV@Y&Qg@ewrOb%r@V*7`xvVFUx1USN5frB}dl*Hmlu-_1IgF%b-f4TZbiwA?*jU
znyNM)->M_P?otTyb91!kx^8khEk7y~GCDOqe?QyWx0-qa;;q|-7`5@pV$!iz8Qktf
z{Pb`t9Lt{$Y=ES4v5<K-bj({y@BVe6c{_ZnKG$4o@g@E@XnTD#femYt(wn}YxNp8W
z-#W(YK7HX2dbUyz?DcJ8`9Q!cF4ls62x^%q0A49AwTFLBiKISE!cTg>S_ilP(;gBi
z>HQP~N;l}(&RNObp|L(B{j=}#2%5MwJJ_q^CdK#vPY(y^vfmrm4x}azUtD0ur>lCU
z$=XW)mpnfKK#v-S)%<?=XUu*4zZd$?>b#=<jg2f&1drFe!C6t0Ju$#c15dSHMR$Jx
z=_dU5*0)v4D<}Z|QAZn$BN8ssbD+aW2X;#Y{s*_dSyTh7^?&PsxuAxHh5144E5~57
zLZeW~4z4v>73(3HIW5=de7E0@gS4|#+AjkiZ{Z9i*1ymz3as32{*YI|2S;!POdXPw
z41_ZKVuJ6*K<3j}XD5~lyXfy`vVwm~4sGiq$iFQzYg{GoT&PZ<i?Gzy#y1C^KQz(F
zOGH%6(X4+haI%*2dMW{BAP(jjsFSEh6|KR(2niL7!SlBghFnZY;tEnfZjrR-;kA%K
zHphF>zjBva;JP~rQ9}3V^Q~HBC8AbgXlnJ{IW;!eviN`2QVK~c8!$&%z;i8m^HqMl
z-ZpxQHDY9BsJj=@GBd*6aKp^W4m7Zvc8~KdL^adttxp1exIhOTvN_`#>_Bz8!CV6e
z|Jg{s=V4FWur&xJFT0l}hYuXg?e?+Np9$VG^#Uo1S}nD=MDEo|vHSZYos$(GhIX*l
z?MBz1h7UYmM5vtvf;p<5n71QP`!lRDTZ&dNMh{h*72Qz@*{-q}nP;%Gp{`lmDC)~G
zYO9vNlbut>%P~ki(N7DAf@)Sh^pPgT@acjx?Q;Vb7Jr4Ha3p3V>-g9Zz4nsF9kf<9
zH>#|m+!yCF;sXYg`3)#4_k{!fx2E3@?R_XOEawF6i*VZP;G4FUjPsb$^@DPdfp;yN
zvV+ZM;C5y>Yqf#F^M()>_m(hc|HW)7BiN4Z;!{h<IBPZ5!Kh@H*a)<{M<2Nvx9z26
z=R=|JZ0|P@zXwxH>EWkBlh)R|=a7}V)zq8TmfB`n-#I-`IGPoSf?iHI1->_Ahunux
zdnxW}7}ZQy;J-Eg(<ky48b`&Omy^)CXIQ7tuf>9@e!!~SUc;k;Z_^O%Iji!K(e1pP
zK21Yu*xmfQRNch{fvv{3oE_x^<MCL1+V@&VYh1k7#2HztoDtx}fg?jT!fB3wcQ-Uw
zTrimn^N=?4b2l30y?X%Vo=<FwALKsNXO!IpdIJi2lzNU^P!wzUQw|7D=eO=7%#p&~
zqI!Dx-)<uF#}!5I`V%6mxVo5spqUtySnimkGh+f8$;j~4S$XS8=c<T#MT7{!#b^vh
zTN+OLIK?`Kyk$qZW_nt|8b<AmzM073b2tnR{l+{zo8SsKssgb$=am!or;6<o+(0c$
zbd#a$+7UlhMzR{H5{wncism0d?&OM_(F)0NPt??;zTQDp=p)t2a!N5(TO`=1DSaao
zx<v)H1x8j466YqI_~dj5D+mbu$|u`czISST&pXk6o8F61q4>NXf!FQ7LSuo*YtYFD
z6*d1*Qvrbdax+kN_G7CeWU~J#7LA40x3Ow+u1I`Zn3okL6JOT`BuLrd$)FmW<&_n{
z%TCkH&Re9!l&xp}$Qh3b8iQGgcvvv9po%dpD1{T@SklOAlmd|m2Uc3F!~WK}nR>dc
zv$CNtj;l1S(G{GSoU}HNk9jIeZVx+7)l&yoIwEXtVKe%~zSwx8p~G?OV~&j><qO!0
z9vz!B&S<t&Us>x5@CZ<W3JIqntC<u7m66ofx^jncY>?N~fRMuBPQwgS_KsHc<cj~Q
zq0Ed*?q;l-%uuYqvF(_JT3K=>okXn~*_eR#5l+H5NT6G+t9SDAx4loCnUEC!>wxv!
z`oh4<0-Q)*@wwKzOw_~$<TT%t@3CnSaL;<smS?S^fdnl{V_;D+a$H3?y;o78oOD2v
z+W6xD5m4;GZ0oXk*y>0I0;lQeJ?ssUnJEGHV>5Vj-=YVMhcDDaXFI#=mN&xUigq|O
zIz|=L)`T}HlhNaUx95F;R!`vcG#>zN$z%DSzMpQuNX}oB{ZLS;)Z`|W4|qUW;Arf{
z@N>GHK;i9KYvwi$8mbB0d8w{ePr@m*D7=Xd7;`^EoV$k!Yr{CEKqP{E5ptE)tUzl1
zd_89o{u^$g1Vve4W#n1}@&S5M?<4@;blB69MIk9Qu)-5=WsPY7P6^GD$t&6&-KD8%
za(~h-^ZSrkX~$L}@6g++<t=V^9JLjJvUkCBn4E!`+2oAQiOEoN^4StxNl8hUIq?n<
z;ayFmml4uC?GJf&5zF^kO4K0|CXQWyJHfttz8@K9t24L64@uL#?laFAiE0?q=)-6V
z&uY|v#b=M4LYp4kN_&pv+Xk6VQ8-(xM%WJlFC@}J2Z_gpRnA$ATxE047m}+7@o=^X
z^Ouj$-Gz)yNLr4ZxH|Hqsi~L~lev}sjqir=wqo$qr-ztj1wuzyXy^PgnnLd#Qza-V
zz7A$n$cv=FmjgH;bVs`xy8A>V_H=7<lGC=tcAi~dR+~;2y(m0Ay)DU&?ec^!==mb5
z8w8?IZdu>~>lKvlI9ck&=KC)g*ZZ5{%?%Rd!~IaAlv+WC8>kbBJt{1M$B)IzQNxKe
ztNk)v_FTiZd6pD?!kXQuE2l~gA103>D6`9p{xD9ZLZs*KTxN89o&NYFwcw0?n6Q&Q
zfAQS!G`9>X83%A(cVl8?W+?|wTN+@mkU~3kJ5Vq;e>pFLNv&>OMF-!O53(0G(yt%8
zz-@ZO+)woI+-)DU%;)UE`t6>f3wC}%8xzJOnTuF>psHnh*voa7zO&qCL?5(j6(bAm
zM3x%ODvx)M#^+N%TOyrVx;pN^8|eZEXN*?kkbJSb=GW)32t6B1Q4FzkgI^)ydhVH=
z(UmtF2S_K(=9mH8Zbu!9P<==waiqMdVpTd{Ox~X##m86s=b<V+7l%e_y9N5w`yhJs
zLZden3Tq;9o4GUMqhVNO1_Tr>zM*k`&5*FLLdW<Zh`AXsI(TSG^>&}7Cu`-rLPG5h
zQI~b@k8;T8xrvUjKEhskUM~U<XUJiKNinAAYHa(udLeByyumP{F6y`aq#up^;ZNGb
zVX+@byaAs`fF_vj`KuLlCqc`G&}&iqQddQOzRR`!V*0<L!ptoAiw0j8rHGkX;Xf>t
zq0;RU!s~Gj*ekSvA7l4>PFL|0zd4R<4bb>h4H;h`A<yTw)zR*xFhSb0P&n*JCymuK
zRu9VIDV?7OX4jXCyT`l!fS|t`$q^45F!S~sE=3`m;o06HGERr#(*DWFbpgb7=1!h~
z^UZazj<}LW4^ZW{H_+cp@7GT^F?Vy&fDRY&3(=!ITgu@udA&)GXXbK(*H~%)4$=RV
zby`WuyIU=&i0MQ@EYd4=<&kxfmDN=Ojv<`go4DaFG`fRxU3v!F=`7kYuW+%vuhhf5
zU9c3$`*l0{zb4aJpd2u4YjTv1<5UK&Fp<HP0+EaK_#!#y$%#bQ3ABh2_MY{6gpT4}
z((dofw0n^m9L5_?INvmIxm{uJOGEY-J*4cpx-g;XwhleY)0qB(!spNqMaV7pg0H4A
zydkYP`+(L%QQRDA(eIp-HQX-dkeVmn@;JR9GBxScyMCIP8+kEj^28s>B$r6b1h<d#
zOs0KM)?k7et#_MSf4wpniTOmo*7`<wE*QC6-_4&q-7tsoAqFSY&kUwUn(bBMl~QgZ
z0?5&s*dJ9)S`!pPW_-6|@G`rFw#ui{TAbnjDaPmnlFVlB<2Ax!BKj%lr+dv{Om`;m
zju}j@kWWg)c7r`?cQ1#W5PgPz-J9|fAEKx1+{uv?OKZT^%WKeFfZ)VAKm5AjdK~%N
z?^%_L!S{9}Riw)mN_M|J1WC6OPJvRdFQiscye)nsQqk-6Mie)>zgLPcI37Qx-gJwq
zTC*PU62uX8Z5tlj{gRR{%tC4r(JpsOQ^a_Sv$S(6s;9rDwN1?U#ejch7*W1oLYN(8
z?J;d40vNt|edZrR*(cFtD}HDIwor5YV+Mz6RziF`=<)mAmW0i>0TxTVc_($0RQu0H
zNcjwHU(l-EZQF>Up@`LFb`$F95bLCQ0TJVGR+He-Novx+)HjPfGt*RJ8n)OuX<Q(h
zwuSY~j`XGo=l-2pz);8ijYjSV@yD}1{f4;w@nJ1Fo{+Wt%y3=_|LS%(*^%_D!^>8T
zR$3mtNE2_r|7saBUulM<eeWT+YT+0H3fvf4Be~DcaO}@S*vM(Wa3P*Qz`2X|CiMP_
zs@@s!Fj>$EQP2wVylZgTkm~waQoH7umya(FZ+I9Nb!{>p4jra3OhUlq65i`ng>E-r
z_tiw7&)IV!&tv@Ug%fC4P!I~kA)I=1{GIcKDVuV-@3yr4dX7-WTaUu5rx7S?qeWtA
zMM_OIwN=lGt#Mk;G3damY)TTr=C^gpEv%su)#$v~qN$b?+7(}V^U|*pw(&*+J3hVh
zPP-mg=le6a@(LpD^GYIewFQYW;5|r2URY2ObKS(&{s<pht9EXRJtqDG8~}sWc)ec>
zA$<QT@}zi_3+&rM$EBlI{45cDcU_Zo86sY0F(r~g;%@Ve_~s|f-*|vm6eut5RidX8
zXo<1$Z!S48zRxK7T6gf|u7I_f8y3ZZfFJDNh=)<%)WqEh!r!4=@bpzo(spiiiA(eZ
zjz5;X*{Y=<7?}dv`Q}U%-~arCaBvq#t7zh>GvBr5Sf{*s_-NVPqJn1=TQe`K?AuQi
z&nFfRw{f6AI=Bpa+2-p_-{X3Cz7^1RMok(<x1X&X%7KGmbZ$q9lGZesx<i;7xUa?e
zKGx;&FN;)pF?^i3ajl2Y4%t~1$L~GcR|wn6iR5DT?QC}kx{zUE_$Xh+{BgFs*hCKe
zie0Nrvj1Q^D>KY|0B}Q|?}-<@?50DJ)N>Kxhq|T|^cA42&jfbGgNyO;LIn0`MsH?5
z8Ld$mZ}EAffRs#+sM0cbzE7cpdX_CzPbDqJ;gSXQR>oTzM5+co0=!$(&v)jajBX#N
zSt)C6f@Y(xUY?9N@=-U%_yW^T;q6`PN=4=%i-%L{nAw9xXZ1h2$FPdYEMBhec_rG@
z5PaTUD;QbaC>itCqFL3S-_f_+g0uf%!HW=tHk7hU!l)4vy+Wsp+eGDdLOPMhn6D~w
zq2C9iGbe^|7BnkhpycR8eK}9&{X^aSOetU>0TG{XnIFriAk$1VsD|mho5ptLPXh+I
zJn9_74$2QGJQK>IL2c*2zz9Ye%2;_qB6HSNz45sv^X}O-Gv%2R>EC)BU1IR-h(v=Y
z;P}<0O2<%1+yAvmvAb{R4>+Jzf0|y0JjV)=d57;E8xsZ7{y6Mh8XrOv^M1a_)>68w
z5P-YKbi?C<my13nS@iM)?CL0Qj$FL}d1Q#0Z;s=JuEcgX&`4K6BQ{YWfqcBgNCi`i
zJ<%&~#MI<4*p3eSr!l8BIMM@miuBN_Gq~ZB_cRc+G53?Ym?{ZV!RZ+cdx(tWjBLm~
z=O?y*Wih5b?f(7!b^&Ex>yGX~F*93Fh-b6z@$X83)MZ{=H5v*0;Z}UNIa}>iO-(H{
z%puljtyR7}5^0m0gpL~{l>OS@CKM@+eV-`oawM|$ci->{RfP=R2zxBR>gT1|x{lgv
zhQ)R@<UoE)n$(_hbL)CYTD5h&&G*N$f?7e2PEt>ArSoP7T~yjRdBY%^FBP1=0$&={
zMM8oHOe(e6zL_ombi8^U`aSH&Y<VpoQ{Gzc-%<+E?t#WitH;0`-~?fP3mEV9j#mWe
z4jVD2kWRJ)S+(CwIdw@O!<)X+9HpdOA($4&Hw1hesUAEQhaagL?;E&5%)I;$R9O{6
z5F?tRCic;d^S>@GM;s%X6BhLRszz9rUjhEzXNil9uDu|Ixbku6p=)PcOxQVPEgX@x
zzH4D$**SX!6)-k*lOwKnf=oJyRD*)EI}Q&)PWfFja2S+N%SG57Ypc1q%Cqo)@{Pb^
z(f9w6{aqW!-BW|tlEYBPY9J}6G#@bzELcm4kg~Kd?{8|cY^G>nZw@J7Om($Hv%ZF=
zVX~?yAZem6N1-;m8&OuU0Cd--L^;gRT`H^CKBmrytS`M*Ol2x6ne-UzZ({4&Zbh(f
z>4Z1sb_SEtqY<^v*smG-5HlJH{iBvtJaCovab&}`(JJiHqFJzDn`QeGz3h?=aB9?~
zL{1)Bx!IRXdSJDW%5Z;~E3ac^FQBL+w>Hmw8VSzi!s8uNm8}?Q3kp&5PCZjlRRyAz
zqFKu+C&XO+(E@{%ODe+aX-7&r62nf1GF3s9VNy11P*=?oM{6O$waKuaXL*!R(wY{9
z%L03Rxw6#XzV6wp15fAgZUh<Ti-ND7VyM{W9$j=Eyk2+J-^8fQGqd!6R;wLI>&{le
zyQ#gwM&AxfNMKbM+&DQa_!p0Q%=N+6IOtuTPvL{&<@+AI9a)jvw@)DE*HT=zq)qBR
z={tE{5p&-Z;*Ye^mBFhqRdqq7weM-aiTXQjYwe8M92=1HFFFJ0XZTM|qv4BX!-sod
zUKZoLXT|SBTZc(==Er;0>SjVtO@F(by^|JgWrlB2)Vd~HE4^GUpAfHUa6?x`%1hBL
zTmywY+Jeqt$ZLwWmMtFP2P|WS4!hjcq1iK1{O;+J72zfW%+o3QB>19*_zj`Zg=tg1
ze!o#EODisKqlo2|Qy4iAvf)Sb*xJs+iYxV+Al+D*%V&GjfhDuTWtm%+i~SL_{nO?w
zr*mvcaORq!Sw=H4(yg-|ucACXmJLHnu^#ona^OUiaHIM-8>OeDb?T_JjqLrnQqxge
zL-GA(M>VUcNxc*!*6oziNCE&@1tWB;$L9Ws^5}WD1}WlbwXU+$>o4n9uQtBj85#_8
zb_#WrFA)tOEfvyKoB`_JN5@Le;8vU{k-?X=oj0@OQ+<HSPr(3PMP=7Jo8+hz^OCK9
zW(T<SKK-6kq(|D>kN1xYEgDCZ>>1~Vv()(e<pxiWuldCxm<XP(s>ep5s2Ft61|z(1
zh8BjA7Ms-Sj!)7{RFhWl)?i3<-JJi4oP`^4_!O(Rt0iX!e7?{0&ke{ps>{16>FI=H
zO2VoX11V4-2&A$(J;k6~`=XiwRGyrZSE*pt5<tb}<T5yt4f>+Yc4nJ-y=m_lK2L+o
zJ{pn}WYMC}7PI#k001%BaR*Ncu{{|kg3@U+qx-Yqu(wZ~HLk-y+huW%5&ujtEsa;)
zL?7bKKR)KUf?RHdSlzt)M?XV8@pFsO*0I!`dsEMsZ(qNI5cE9IV^}2JEY}XGw91xL
z_PfXQ_#(vWD?2saC%>vjJJqy#qN{)n;=ys%pV2ROLr4mXa->@<w*YgjqP*$MyR*dO
z@vSTivs459TTo<V81@Xi3C>;Q>}Y1Px%<PyS~r0U2Uxq&XnMDwFHrndn#0eFNYz=@
zb*_(=E3Oxj+3$w-r{1_cGUN4ME!(7+Q@$_Y@il8d?SqNOZE!C{@|24SRJ&?zn#cRi
zakpK|V~NmgQ&Z_p-4AHYwGi^zDw>3%#WOE%3#+oaAO2$ZUWPc~**Olja6<_s1j2Ad
zrO}9;SH6(}gcUbNP-356!x<bZ7pS3tIR{pCgS*WTeHi353Fl;)9*T<*>ptBylrG{A
ztP~=_g&w#;9=otFPVA5l;8;wRE{%_H{EMR;`@^Q|)hQCVA9o1lF0ZW(eWB;0M4JCo
zIwtYt+KzNNx+@_QB#uDjkYFhw=s@KbwBbLGsd?cY3>TKxF+LGNby#sknh%4bgyM;2
zkr&ZXTalp|ap5oNX^4f0KtyGc7b>TqKxNq`ypWHPT3#PNI0<zm`9LEREHh#mBFkXe
zq-`%bF<!3vt1CLHb)HE-tAfkZLZvW-pz4OHqNe6h#5BlOnc@Un-nJhvD{hNw)yzNv
z>Rq{iHZ0`$VGlVnB4JX;MF!9L5tWjjj=0M6v^zdt_rAc1J1Ft|iy8VRySl8bs8k2$
z6tPxiE~L8Kf}L*bJYw8YS(%3Mr4P#9`yB=rhgJ5@{{3>|kVEY(YUG&BYpfhmv7o&G
zmY|0Vfx_2H6sLq~kYFpaQ;eqS+Y(>1joZ+&Cr175!Dx0gC;A@@#Lek7#!X+y3?g6z
z9>`{U@E{a_@W5errS6FLq?Hd+4MJ&8p>GP3!EqcI*2p}<VxK@%`=I4y`PGJp&y^Bx
zZG`ymGP$=8B^dWGKb(mN-iX?eTdPHI4_K4sU`t`XA*u)(4!f^(_|4EB7K(iC*Kg?Q
ztD#gcrkk;nv6D3w3|-ah-Q8W1+lPm_mCvc;(R#<>h44*<%uck!voCDwn|%oSeobZw
zPm?kAE>184n-Ad40Jz;-08^B&K50${A2N53ZlE^~yL9dXj9$+tY<IZyF#U*Z-{qaH
zGcF@sBtL9F_l#^(w-=NTlc-7~lojH(k}xkBv0=A7+G$o!YDN~qQmt;pCsgX~i!f2x
zmko_`b|+Of%a1Y~QTO&24%-D@z>{uG*-94yLFX&{xWz~J*||;Gzq|fv5U9q*f>7Ga
zgCHLxQ4daD@TS|9eWkj)4v5>{l~YW_y^tn?u1L-Iue6>~zk8tV!t<gi8FM7LX&f1M
z)x;%3I>l7%X%dse#S=CM=q$Z=-2IWLp)z{{@2}l;`_mpswvu*AlkX;PaUCwu!k4{w
zck6L!cbrs%*I2K-^(#Slu%LZ^S@<+I51xOyIFTy^%lp!{RN$)1c@uu+=5`(62(kDf
z<pb{qBklC{v{E4Zro6F}P7rnaTNJGiYu=cPdSa5ESi>HAG>Z!hjDGQ^yh}b0<ZmyX
za`8CF>YkDnk?wAiIODTMKLE`Auo@=+9gs9WdW_8m$HlnXPT%oSc_rIt1&<{dtc(#m
z&*<}0GDeADEgN1$fRg)rs(I(rV{Kg?jTzPm?baqZ9}LkdtBdsjB2VD$-3CRTRwDdm
zCyKk<zQOO$J8{WDmRU0axz2~fYe;ygyya4uPTsYh-dE6|hbyv2+NA(VfCws4HOhVK
z4@^s(BfK&{uU}`0C<f;Xx#{z}{_1=tZ=vzPZG^0`8<IqryU*qY=EeOh@vP*oR@$Fi
z7O1+->A2gwG+#B*1Id5i^7R%f(=Q_f`%lmh*{1K|<7cX+8C+XhwxpsL)`llL&hdjV
zx^!koQIaWPx|ERYm4^wMx~;)2C?^HkY(I8qC*KH`JuU>M%89c9^9f!xj2m^Rl@F|}
zvb?uA606RoDAH3H%7&HLf%p^`08otg{^AL0$W1KdWlay3XiEZ9`{7Y4vh3i#Gu1o!
zCl*uvkj@5jd=w;P+a$);MYH6(L2W=_SX51jn9eA529rmpTLb=K<8iE?5?OBZE#R#6
zZUI2if;Bkm?C6navcxqlsi#qFt4sJUtg96!FcrN>NPb44v$=N~oJ}Y$V9Mpw)cZm#
z(fV*l51%LrxA<u)wt`r8n_<RubTlI24GeDFN~=?p2Llu%{dDu~>kz5Q9dtuwc|G&8
zTj<|HAxKW$S@uv8cXrlcDph^_*q*2#El_^Z;YF7bA)J_-4C-)SMm@kHaTx=r_|(A)
z+5`^@!tj!S_vbN158pA4QZM#0+j$424|FiG1T%uqd0je=LuGL!1~l`E?d(6N^v1Jk
zqG?+R2@mKCFKX!5v5((H?jWItSj5JNIgDe8;1!P)q?2svv_XG<2K#gLh|@X+g+AvE
z?x{ZHH>Phz+HT>U{y8aKo0R`O-*GK)lB7fWH#A-=KUl-gH;Mw>EhMI!4E*6T5XLNK
z|7OlzQds+Dtd!-=)@CGHi#BO31@d|x4*Kk=KNN20wQx>?-m+IIlE3#Mo=6@u>?vP@
z4<%H+dAY%LV0<w*Kd=yq*q1--CR|ScZdSMM{wcH}oz0Pkbv6+{z5iSpwNF50nR<?_
z5n-~ejOK9)Nz97@$yHRM0|#rt<s`6>q1EjdGCV==T<d<B%F6y_?8&O6*lKYy$UxIU
zZ*PS3eUf;-k|$7TEGcpf_m;a65UNRA9jVdI;cl2Kp3v;pd<c#pnUIjzK&1~wP{<1*
zohiR;c2}5dmzcqnxD?i`D#GDm@(tXH|C7yya#-^V4JMcj3U^TOi&ITih@1e!nmm9q
z!hLzo1y)Qzyj#m))1K`XGJ&p$<iNlDMgP<~PH#U%2xN0WXm@d%z!v?j)%}ZwT0h{`
zDc3)=1>@}jQjA~hptj2qI&}1c%M~XmJP@LHria<vyOZH36t($~LWQA9_4lqqldV+q
z6Ek_c2)q(*$5M}KoiP3}Is>dHGx>Hib{aFFjaIO*h&l*yY`C6-B7^ZS)?NxgY<`>r
zO)24ZFXuYM*<oR?!yAJNIg;G5O>MaD+WtmN+b*vYItoukH~H$TH8wK~$JYHdhMaI<
zIQvy|zzDVgQ#-rm@S{c?zs!1;r?zbm@MAJARE2~)kKo(=G$>OD34AZKC+h*8nI$?t
z4JC-f^mGb2l2^4dczJ=cZ(t6th9Wba)?svz_6_+vN4T#Bq9fIRx;Js%jXceVSIdRC
zaJvz|?IuFtiI<quW^o*+lph^G5V|X^&4cgrX0fJC9haGjK>w`|PU@OCO#l6ArzCL0
zH#9V)$QH%@C!9OyRDi*pn0Mq+lmXAv)00K{(D1QTRASPy&TB%I1+&$W7-29yO(%@c
z1uW+yjSCRR6>1rfW@Ls0u%pzDKC3%zp=EHm9EDu9QOFW>k(_jBb=ebH9Y-x~<uF#E
zM%*Z7uCh?}z8b{`Upcs{b+Z$rS{~7$Yoq{FGCGeEnxmH*oaY$5@ITc6GelIL=d^ZE
zi2Q-f2-<-njRS?dx`Gcb5S6S)r_yX}MSb3}?V}A6;32xQ&AhO6{eCwsOlqDbcuQug
zh3nwHo=RlyV1Cx&Y+;>4PqR$fxp<u@+r0=UXMJ?Iz0g3V#_VrUQM&s@H5|Cku25wP
ze!V0UkA~qNDyQ4;|F_YVb@Io>ueS{*)nIcLCffSZ;T!-qc>JeT-d;(^q|@UIl?c^v
z`=2m|dIhS(7qKB4No%}@w3b5HJL$%s#%c*fb5TCjhu&AI$rtcL$hzyb5i>4I{!HIb
zYDE1^!mZ04dOFsQ^U=u~-?<xpz0X-Y=8$PVzb=fKzD-%2%A=^^2$Xtv6lai<GvCJ3
z*O`HS`Wpnq7wvR-zEk$-dms`UY%hJ)H=8llK|bd4M9xabl4*YR69W7ayvB?gByH`i
zyuy-SXf!yWUGReV>8J-TN#UWANSvo*Vd0BGjIVSrjn@L*yqdE_{Zck}w|_8b2GSZe
zppEGmTWS&Dq^MvUlYg3_f`5gJNeRE&j^re9rQx(Q<JhawlgP-7Q>IFq;sQCVr9_j5
zSr~Q-Qk^9x@+%9Wkkb8DGTH>d9hYRM#)AVZF>q}rIU8j5k7VK!T%jBo!|O;Pw9lZP
zWZ?{q#A41GRcTOogASOOp{g?{bvg&1LbqYN1H^ask#>Tc5PG99mc|7u=F4ccWuAIl
zJU~to{8Wi+W6-Rc@A@@41wPLC19~aYR#u`axvaZ8fXPRbVVo`=ji8-i7v<HC)#uXX
z)L%J%b18)rFK%cx_gChzLwY}jWf>fXo$3(OL}v=6t~9sRoAbEB8@1A*p^>oMpw%x%
z{#h|pkRDW&nUnU_miSdH3B*_f5zJE>reyd?P89bVTc!wh-s8x}^i^@!z2f9wuP;Rk
z&A_xk)PuGcUNFS)<N~*6kId-A$eKbiqN-y!V)iJ_^)BH)9=fmR0qXwWkB<?!oz-#|
z(SbxvOay5;7qkQ&wbw`;OXe*+biZRC$(<fJS6ly`nSfPxUj%t_1lnq2@{j&L+t9W3
z8^;tLr|+@Sin@~_JB2E>aS6rlZJ@aO;~U&>T1}_pde`5I(lw-^B=~5QnTYdVDCSn>
zL{v<OEqbK(*!9o(q~Z#BU<Z{y3Ghq$oJ|ykX{@50a`$jkN}|A=#a7pZVw_l_Qaa(N
zdK8c<Une4FijO-vdK?X?lo%~<4Ld<&p&XAuezu2h{FhhzEaT5VOw#+`?}lGQKu{r>
ziEQDWVA_x1%}RV{=F-m>1n;PHIH=GK1_h85e*0lGnZM{_zsO(z#n~4tolXX}>hAsw
zo&yS==%FMum#Jy;`pW|Uf!~UPFrSWyF};6NG%G|ZUg$R58$@I577`kogt<5^a>dha
z>w;M;y7hv`gsF?ET9=2@DRjil9)9t6zfuVrji{z1Q@T_*b0sV=I-oXRyblD`9Z|Ls
zVwW)~H}3A4*Xs>6J$Ud{m|QUfF_RRh;$P=`+rJRsk^lXb|NPKRGSST+R%>Yn!}vUG
zRN@&*mKC$75m1hl#5la~8=+UE@O_CY%0wzO$~Czh7M;W3*AS|IWlG5HEaA%a`A)o`
zA>Dn4E0D;3VTBT+DACvpha9D8dKwne45GNa0_#s(Wh(RFa)HD@%mrW<3h@U*PkFSW
z-N#J!A4k0Yxxb^v(~c1cRE=;l`ofd<3W9P-1o#q8@koIsC1gaDzwxIos36E*Yl6Y~
zNHh`hRD_*mISx&0%R+{yv;?Fzd&Ixk!_`yG{iP0f7h16_GjIgbR0a>he`DOOV53RU
zjJ#}&A9UZD+}H8||9_tz5pXV#WFxNd(fm*VY+CPd8Cn|QbG_&&Fs4LciO|uA;#uU!
z^=a3?Dx9;_xnPFA5He6xY&tRB(HCb-pc1b7$Vz|*(>9Z()c>RH9lIm>!oJZ-$4)x7
zZQJI=wr$&XI+-LB+n9-M+nm^wiLI0Wea>^Q=L?)w?{@9As$cY~+SiXN=(qN!g0}Kd
z^rJIH^?s<zbSQaAP~qFhN5ZnSjtm?aXPVL@(IdIVCBU;fKLi>``hz)dQqoqnvV*Nk
zSrB*<_pX|BQJDz7jR~tWYY*ozc$vH(_~Efj2o`Kc33`fwup1gFoQ6^n`9>B#G9DRo
znv*Fl%dJ(WzM8!K#L5J`J<;Qo@ivd3?A<=|zV0o|)&E?6xDbMxpc6~9)zx2BS(0mF
zccyaB&zo(<Hzpx+O98DuXDywU4{c{WJ+``se(4y&)^l2T4__jLJIRM!+VPnhPACE<
zs=34IqK{R}VK9j@jku|>k(in4nP1_bOK;;N2U)5;m$fa`cpryMC`Q~jfDOZ-LCybt
zJSK$TkKP9vg~H3)&a7`Y4u{ZwwH^T&ePwTpHur8x{sE7xL@jBs+8FnfiPhC=7e!~j
zl;K@Jr_0WcZR{)R9{=0$I((4OW!ZIT|Ex&}_P<wf9X#0d(Al{TYmd(VF8+5rm<b-t
z!07c?EtZh(|8*m{4&}dPI40g6v;TYf|KHugGvfmf<|2JF=~6q};X&op(4LoqVZ!tg
zVZTg4vf{Js%u=xyQw0?_k2i)<F~6K|m(jS}TEa5_jTFbcy4uCKE;!wspmxSYMRxw8
z#cj5U%q7qX-ZHvbK->AG2ND`MzyvxIxkNP0&i3ui@V(jClz6$ka+1GrTKzNA^<Pp!
zCERR7^ykA`Y-X)A7zx}%-9ddiL)qc5Gu)y$#(FCuR!Sla2YdH5K3JvEdRb7R*KbAH
z;%gM4t22O!|Ng2wF{%JNl3(zCMNN9`nDg14s$!a3B)5@{&Fcya=qJ5i{G^3?@hLh#
zFh@Zla+l2zia^K?YHif}tKEabrzj9;$VKG#_v8WN$@pTr$BM46W}&R!d%~hKPWC0X
zIZ#94J)0+<p~peQ$?mH<>@9Fnros5$<gcL1@uR;qgx34M9)1tb!z=FxOyal1Ud_mF
zb;hq}j66L%Opsu*{_rFREVe^P@|XKa6~*Wx$co0Zy}Q`_a|n-$juEu)A#!l8C>R9L
zJQ#?Jjdiexv>WwtAPDj@bCHo=Yz@p(P)Iy)+WSl&F)Dm=S}Ht)zJIxrqJfA3B~XQ}
zptb}WUNuuAvWbSCro@K^h_+y4VJ+kBru|_seni699|B8uO)rDQ^-oaP_J@vJJ-Q|5
zXBgr3<j6GR)~vo^S_C;F35X?dN>Cbv*y_3_B+-T=UHoiqbvm%Qn8as5ODmGB1aLR!
zAs<XNs;EXf$F%^(wm^6~7z`Hi!%t>$L+F4mAKxVi9m(=`MwT{M^yW|*Ii|L^|1u@Y
zqF{VL$gS8(#i-cR<Cx$4uzbsbask<Dt80Vt;EYL=7A!B$<G$$FfF2dW&zp%NvT`90
zX&5OLs_@kg<-Ww|2oxL&i_CS|iRG=|U}0rYWH5{sSEN+a4js}9>%VMZ3&IvEfI$_C
zlamu+Io&S1ER_RQMl;Cqvg+xkPrl#BGrRx&jml8UU2H$gBHn)P&x%Db@dG|7A@)SU
zoezfz%;3fI>~-jmYqHuY7Z(@vYYU<+>?2Js3a!1IPq7V#Ey+HH5WQM#;u7>bib5mt
z`1z2<+*}yB^4MNi3W8JNJN^B3HuD8B9e5F_shxQo(?Dv(ql#a~H-@=}W8&gNEV8RJ
zWiR%cNDabVr&>)cQ_S}eQrR#(A}5?F0sh(28mz4LM`3Xtks+T{nS36%eU7ibNpiGh
zt@vy}dtzP;N9<9rq#TY3?BQ97JN0;UL%^6@HQ#*{-{)!g_H1Re9e>%2JIlw&6m@A<
zMj6)J>K6D#XV+|qd<!G{<EicAZhwM1x6=pgpH0EYv2CWh(YXnCjfd|B7PO*bVspNG
zqHY%lh|#T$h3(W-;E$Jo2Aj@XQ1i0YowK`=;bKv)o&;<Ew8oFFa*Inyh-p;@&Her{
z(2_$XJ4UXrCmiCeM&3U_mPCi5kxhj22Edxm8+k7ac2it4j>f)rBtt<(4L4~(*QQ}<
zbv>sH={M1i=&+GU3oEge;>xeEMQeO;k}AS9Xni4%a6;dWTuXI6Fd#4dM-*;5!FlCy
z0rr^wuiUT)?8shl`aTt3F~lX-!pU|6R`3tQ>|__iKM1OY!Wb5BFD@_le}FPc2kg@g
zjM}NrD_$N$4}&Nny)(|<v5rotx^>81p(~g-In*ajcsqLS_K*;Ma?tT_kV7Z1{d$6q
z+DT^Pv&8GBDeR;7|6~CyyvU+ZOCyQYc?h1Y{(=6jLHJx<l`cznyZI|P`)5l;f)63k
zRP3v(in{oub$7jMq}64YnAIS6@Gk{lGVUz`*~pCO$nGu56D<ln)w9V^h&hbnX!x&R
zK$jFU=1xOoh(Wmq(?<jBn0=P7aFf-hpJ6}x3b;Ezpz(DC@q8V_M56;-QJHc{4C@3F
z^46fG&}w4tG0n_Hzm%I(Ka(tKY?K%K?!qVLhNi$olQXJ}eQW>5$sb@w5sxAa)d%nI
zu0HE_!ody&tGhNhjv?T;5`3Zf-r~@Lp~<egn}KgI3(&2`=j&gsIUG=-yj))#G?T`3
z-ZXmn(s-Jf?pz22iXl)w`<%0HjV>|2vSP9cwk-gd`)`Wb`UP06{ULzM+hM#PJfWxW
zphEuAY!7)!7|LR~jDAC5`^~dO14b4E>t5paIY%DY!*(7Jl<F$xcFBi}ylny4^P|uE
zgX~cAy1PQq!R+AV*?7qbl+l(*N<T1JnvA}BunEn5hw3kjhlWBpi&V^^B<1O852_<J
z45@E)o80h@nH*bDmP3z(-KG~-Zh%-j#TjLyF7P#^Aq6Kabl4E_lFo>;I}eKgQgT6@
zvHffzZdye8K+fAg9N?QBM;eG${UE=hArs;tM9z&gzE0QIYB7cVWeV=}a0KtL)$*M{
z1de^@Pq76D{xkA_N3Tysh>s>p<z_OhG<0H8cI>%^Xll%ug6dK*TV3D9TJ!HmIIO=q
zJJjDjO(ti~grbCDGxJS;{~mpz5)p(I`LrU@tq3UurkEP^3AMxE%`gfxz_S|aJQ=ND
z8E6Gwf)VO7gh`ih9tChgT0q5Q+-=EnvwOpuGDu8!a@v?Vf{I7?b$0MtSAXudZ5xLj
z%k9|O#_;`M5+yBzGc_l1$m>q5-Ji^_u#dMtU(OHDQM@miFOB(#1iT*SkYd6r%dR(9
za@^e96d$OHET&FGp??#oj(5JDmypI-GA>pV6*NWOVH1aL=g6)%yY^c>qboA}1baFh
zO{7*=2`valS}f*eURtQ-)bSZKjl<z1(6_7^=#TbCdD$U<LCON~u%e1)ggR0xhNN%6
z;BU3U_|O9X>IuRxP%;Of@k}%2#BW@S>a}_hAXdjaSxm6XYyE-@0cIMNh?nlzmT{6W
zT?v-H)k7@|-$kOve?AT3(*JRS+<33e*R5)oM)D2wu;(>8T=sY}4-l$e4a9vO;N2hH
zqWVg?VsZ1}l(I7+jAO6b_J9mgxg+F<9N6GETxJj4m3GT<Lc;L|tk<)?ofv4+h9u|U
z1!V9c9+}PIbLVpfbhyKudYd3*v;dkqB6dy>(W1y}40xw>(>U8F$!XEYO`kHnGiIv<
z{4ooDc7QA92*$3xXYH@9*<PJ-LV5U@1suZv_kHgn3_kNr_|C6iN<zm(M5Q<9odWFi
z@`5(LZmX}chNe?cKPWESIo$UhMT?sI<t)&SlX?`KrE#IlSqfs~Q%hii_P*Ilo>$Zs
z6(!_jltM;Yj<UWqlX%!MzRav2b?}h?O;Qp`#`gn*Q*o(bHC49TB)+=NMK`jViSoP4
z@vmDmf>DFEKdaoGv)WKYSdS(~3owx${|4iGArOd!PKa^>7tgV%>E}b5v%?@L^j9-A
zB~fr~&ctL=B11X>qt>Uw>Jmq`rN!1UNI4rMbPqgXX8lb~9wN~v7#{fCP<eS}^H}N_
zvP#0UT|cA9wpn1`>-l{UBg-NQ#0vq`<5gmzoHCb~>Iw=lV?7Mqlo<ASTIw2DmPYws
z%7HtbFh>D(+C<mOlSkq*07V7B;CWk^y-io<v}LyR5~k7GS`4p=of<bov}3YPwjb92
zZ?15U;Y+-8kK9?=ncbeW7A?Ee5VGs=KvV?V87F49{+p5teMloUA`Om7b?!Z4T%(yQ
z4v#n7vORa)3hEpTOtffE0sL%XuKWUf#$-MsA5uh3Jc6b<tHK{%9~3ys=~W>w;<$VE
zHucU{f*=)0*mOm_5DE0LiLff5y8QvxFJWk&=`aT6#lb;HJeE#>*MIn8s{cyXg;apF
z@$PhW1xU};G;}l?Ju9>8X>qo~Ic=rN$>XWkKR?K>@u(i&;&|wg^F{V8>Z^?b66PG0
z$y>2n+q{*BfJ`71(pfax@0p#C_hv8L>|k@c_Ho{W&%^%?B`aiCYx0FA?ZFrr7zOq9
zC|?-glA~ZC7(7~O*z=mS?3nNr)YQ&WJBFS<UO{{!*V%jmKO-fs_mH?dF^S~~sR#y%
zG@J-(ye8?9gBAd{Cv1{M!dv?w>1U9gPgDazfQ+$V3L08+a+(+bAFcLa^ng|z?0%>b
zU_BNsEh7_}<oErc*u<=~jN~ibUml&bmf@%1Pcqlx>B;=|12eOu16Sm>n{K$+)vTe>
zacL>ccwJ%cC>f_z0ke!Nt#RXlNd~`X04j08pR#Qjdc)>#2^v0m?qDiFt#LUWI~2^?
zO*pAUgDaaQ0Kk~PmLGw>3NzXIj+b45-dKA9NFjsjg_k$I)YaV$o$yd|O({r3i+lFu
zy-iZB&5ARkF*VXK;#g2pBHIJ$Ew9}Q6^TUDpWLNu<Y@N|oQ@8-Z?!KPX!rZpfyL7b
zhKbMLPOA~7!J2iOdiiM4al`5DgN&P_K4Oz^+j%(_2%7=~a+NY@M-JF^>i;yd&4(6~
zqvMrLFuL1FO?M2cjH4@10A>5R*AU=+*B3(;EkuTeD<X!Z-P<%1kLaXGE$7vSk_kdh
z-&rd%s!e!D!@~`dpBFzpP1&g`iu+M8BmGHESNP@@1{F?LCv7o~A*;r0J|sAKSsnS&
z<+EqsZkO{?{Jy|i5leRLxceM??B%pg#O1Kr+v)s1?qk9jDm%NpQ1kTG%_SQ{y6OMV
zkmbYv#+`0%xuh2?ZQK{H!#OIWUS}D+%lMJl*_apUVl5Jh?8nY>liX^Lr2sw0Aqj<{
zL`wf@VyzxVs?ROb`))pA;^onF=;9wlf}eaK_tBpJ=Igf&)F*me&S2qQSX=cb<?-?H
z+2Sqkjc^TtkCAU<;y?La(5Fd_rNtC7J#s2H8C8T-zbV92j!VOg<Q%hHS)YUZE3}I!
zW4{e_aFLYR!{?<Zc==s&-VD0kk}l9%{vpmoqLX7QE+a3{QiEf89@1X%5S=KU9*v9b
z-zqbnT~-oTbO5_HkfHvSATJ^-N?vyC1V}H;LfRD2Es7|>y!ox-lvudO3NM#0jLYp@
zft`+oSk8oHMyYBz$Y-8kCEKsZi!fPDJSrPj6AO*I#99WOhOc5m<`hdvT(jOJg$O=H
zyWS=w8CLf^j*<^ulTS>9hdJH5u#bs?c}R8@Ep(%9yR&+BsWdPRvCqdboKi7BtoVfK
zo$T3gt^?%E!->btm9)~iv_!bvfFF2m?5o(q%h&a!wwr3Sx>XYP!GZOO%MJa<muSQ<
zkt5jS3zL&oJDeeyb2W9<?d5z=p8!F*dz7)3WD#TKN<vK7>SA4R!%JO>XFN8Zb~5jY
zuam^~rc_8W7VjTVV21RU^BNlArXs%O0}SK%2Rb}44Sk5|t-+PY2M(F9=imWJ*Y&}T
zb+%V(LI>J$A$#yJ+H6Fb9X9NHbL+LtHx^QnqtjE{Rp&jx@ZCdAMpTV0pV!hWsz2YW
z(clgtOt&|VCqPW8K9KCC@lO;i8<fdWae=fC8{jC*1nAOSm_Fmx%E!~|)z9trR{*lx
zpKV8Z8=(1}P|U0V^KGMfDBRT7dEpb*8s5_6I!vFtTovtt*R6N*GTOxafL!bE;}F+=
zS;2QcP4eOJzRSPnciHVou9576FA5#bE1xWlK#d~uR?Nxsmcg*#9GP#m2CL}|C;f_d
zM73c$K0v$8ok&N{cPMZI_4Y)}`QhX+bJl2$5%I7P0N4SD-AHEu_*h3Y^nKz6#qAN{
zUw4AodbmC|UpbHE2V-qi*f(~00vhfToPd`LxM7A|1hOViOI3e|H>&@@lt5$v+;7Vn
zgFBisGGGH<G<{4Qn?TA#%mQ!PuY53A9{!2!piejXc2&A$GFKVpuZ{>Znt9rkMtkeg
zsR^=)c+P5usRDUHTyO0P^tm)7UufuZwgqJC#zN5nVvYIm&>Yl4QPHGyU5H}~LaVdC
z(ttm@oeJaP_CJoSmNp^x_<4m`@R~gys2RqEt(+j(<7#%dhEw14iuD>Z#ka8k{INHZ
zOIS`u-AyXT?pxL)BKiJ~nnOXUNKeFWua)=&%ZiHmL*i&73k9o~jGi4J3Pj1#(^KA_
z!(EGRkfyRU)#bCDjza}rp+Cc|qsMFhEIb}3QV5KJGkivcIXFHZn4Lw55zo9D!hE@y
zMZ@8|^H)_?4o^=YT))Q;c0boFGFGtARSmN2n4ZO?*zX%C8>Lkqic7;|sdY7_rnW6`
z9eI#0?G39h_u}?`9EebdH!4(6{waPr+wN|AGr%hR8}nW{+wj}#a1D!x77@%I=`}Mm
zcBO@fR*N}a=eh2Jg*XHxhpCr$2Wr~z<u$vjn~3H%=cvMWQ7<iQxMEstA$J-Lri^bC
zIw2q{LG&esQNu~ZNutSauy@M8HFI+<WHBaW*C*=Ci}W_e?{ynH+9N5PDx}mlIDHE>
zsA}k|!|`s;Hg{`P7-#Dn#6SF?Iqno@3zJndhjEqEmc+{(x|Jrsi;By`>20`6^*GoU
zkkUvFVCJ4|c5&IKFJAriMoD3FnRD(Hw<8wfRDg40Zt|3PT~?5;!W5n>%0yqB#nI)g
zi_D2e$`$N{cGq`xJ3oV`Gqt~I0>8UQ%(u7tqMrm$mX@GT9S!%~z364p*_nM_0C9Lb
z@X8{zj0U$-HN1-TtZHSw!K5b{Is-MvTQNL80-3^#*Kh5%2~vuc!sgzsP8NAGxB|XK
zmz9uLr}bAjyRPEe3d^h@)coWLEuFOYQE!~wUHXIOFoj1(LYh(gRR!JoYWi=`VN`lT
zWUG|HxV9`9s+M6_YoXPS+nf4$Xt#x~uHI(LXBB&5vg6Qo_kS3Sk53qwaM6Q<17Y2c
z_PUGD7R$D{xVZ0>49tCT0@RtXpsv7{deb=QDC@P4%F)y{F%g3p&>;696*(Cl9Xt-Y
zv4&`ef@;UQ)y48xjj^NCzB2l{=NSw*LuSOqdbnJY)mlN3roP@aA96)4!B!kzvbC!0
z2hR`G^dgw;1VN=TJV!sTZw`WqVm}zWsTGm?(mMLAR@&I;r9(BOkJ8|O)D<{PB$PXv
z0-~vjux9kbO3lR@9sUNzEs7tcNf(sW1b1%Q4bCF6QNo|Bw}Ho~h&tUb!?WA2z}}CB
zO~~`j)e-GZ$6`00&!=Tq!MEnLhO5#wmOBnuzkI+UcYh3^8sTmh7n5`I@}}h9)_yKV
zJ`S`Tpgu8?5K}0ao7kZTWN~9Bs%7mZZ(CgTBz(?e9If0qiUf^`u&}Vy*VjJ@$L>W=
zy*+LmBJ*7$>#Fl!e|E$ACjAnkY<<tv2BE!;9%N*zBH-EDX6Pi5v0k)?4@tlv7SG-%
z8Hum0_eJ?}S7IGS=ysK(cw$sMj1Q+45p<J6!qtnh5+%hDS{cL?4;f8&1LvW}k1D=l
znB&yIG}Xq172Qe<g?pi)go(0pl>?>H^(vB<)dOD1ES)&?u}`g1nJFn367ZAb*G13O
zx%YsoU`_lcL7I^{B{XI3)q<uUXkRnQ*Hls_mCr5&nd<Ac>yZnFl$$*SZ<|MG(k(?8
zJQLGPg|(WY`bmUA8TFo4KRj*je_%ne|1W1n>2GnU4#(YT27tZsepjmsv!D7`RhWF8
znJ&4g9I*C8$ODON41JFA*E)irWZ>v}_d@PL>sdJL&q7iDzy|=SyQ|xkH39>o`e0;N
z?^dr_rbY6!aomkvO|=l_QfZ;Na47@X;1|ghb^?FLKyRF1Bf0y+I&yRtdX@M8(QOQX
z7+#B2k7tr%+IHrp&&JZM?|iD=T>rh(A4!xHn!OD}69q~uWv#6;@^2K4ap{hF9!QRq
zFyk$Z%#g$sXr7b!g{|E9k9*S7(IbzU3=5?d<HHCTZoaDo<D;rcO7uuLI3O8xc?B=h
z$3Prf@t6e=Udo4}{i`IbqD@lwpILuXgdgQFvLz!m1op3TmlQwCDMa;E<$p=lN~6@^
zTD`X0=;vpK{}58F$wbLclNoa9rf_NB5g7izzyAXa;)Kvl6ilhJ{sGx&3b~K$3J2w>
z7?+cBhgun%FBZz&jqoqqt0@5gmSTQ(_9>r&xtpDXz_iisFoEj3;oe*qA3k44*ktUD
z?3vYkA%%nnaHCy1Hw1nX1@$hj|1OQXCl@LX!7W-1L@G9hP*FSxF({h}GM7=>>)$dr
z0q*OnlA=-nE*hVkitDON;y6X*GaMeH{K*MFXSvldN<Wgt>GePfr^!g=WPf)Tm!Fj$
z!sQsU`=u{0Ril``)9E&{pj~ETDZ>xO9Zj(*ibxi;OlPP&{(71Gkr37bDV)arD~jrV
z1j@#%(V~hh^y2@U8hbXZx$%Af=N<T<E$(m7agD;rAixv(MGd}^xC50@|7~@KSF5N$
zJvAN`woJ^(1>i+U&1~mO5@4}cSZW45g&Mk2ufM$P!#sI7AUE0IJC%6t1){}>SM2Ic
z?1jGW;{{~Gh@%=idnEvQea550t7=J4<_OR$v+~>IE-E9RAHSd(83;k^SrPTHjG%r}
z$u+vzMbnVY5lo9CdJ2O^zd}wFAYx=^2q|o+jyP21;Qd6V<{0_-*%+=YY%vGTUP_}O
zkTQx!SUefm4ftF$7J{F_Sq<`9$;iW{qu+{+Qam8lJQau?RXO@9qr*`Z-_?z|)0WJp
zEBP2jn0PS_A&3r>Ku6S-9|1*YsE8?~jmo-GcdDn6YNXM=FsyLU&TbA3t+l%S1G@dy
z+nrlYmTS3h$hf-r#06`Xd18VfFhd)&XDCYtfo~#krc0vyKqsN+2Y4u6I3JvN?2)rS
z+cN*LPDXvlZo+FBNuc{ayT9e8a@qKvlt`iNIG1%|M~IerUmzEJa(Sxdkp()D^fBFq
zlGPCMCPT8zek0jZw?*@FCDMuC4$TkJWnQ8Fq)<ky_-5*>3{n27XP2!kbD?~3(DN*!
zmmQk=HBK~%6ZpS824@<07v3eFE9s?#szxFy3$>qc)nmmqO}y(0)#e3?oohbU?fp52
z@p3<lUB46XGaQqH9SFOIXLkCSxw1F8?WPQTUHyRUswbNSe2j3u)h33Erve@Kqqin3
z-fI(tzG&MX(VbXWUTWwlSlvnfaX8<gkDUH60Up`DBDp*8!|?l|gx~%5asW_sEum_P
zdYqWN;~k;W5h;ZErM535usfq%Ly+hQtE^IGnA+f8pvgFk10yTYTemb~|D`Bljis5?
z9Z1L_jW*(6YO2HgQtkQARidYwi5C;^0auyDF_}S4)Ra$-5hbMZsh{jB5@z-ffRsmK
z(x44(;k8w{u>r!7FsHOpT#UtRk96~PLpF;Fg+U6FG<rT*%Vbv=oy&X-u{9tQPejEA
z(+wfsSk8@mvL%Jb``0!+T}dI(3>e&)5KL0yt14`)$O}|qEvT)5mUGP%rY_)o22Ba8
zD~m!bS~Hgk6LYMiq+vm3m8&U*ER4*k!`Kb+G;n*~<F15-bkWI5%975ry5^UbK;zM6
zeV2$wXGz{2r9tms9FI`>ZapU{gG!4&OGZB~MlKOEQDvhX0R{hJUum-2?w>?8P5^-9
z@qQM6s|p4^dCf}#II36QXgQK-U>g=4VG$G<jLL71bppH#p?sV_Ih%=kf}q4Vu00`}
z=Ye3(UtL6sJ+@9Z`x1Z+Uln|{>i6w;N)mb$*RrW$zpm0i>Ux?OIh3~(!a3?O>Kwtt
z81ymLua7`>+gfJScln6g0!W*T@zF}E>P?6SR><_ZcP=I&WSg_B(ZWlu1Yww1+~rxd
zR2sPA5{d&M{6tYwAui4qa#=i_92r#m2aM?aR$@AWH2|zzbcBfJj|_zI?u_tf9?+C1
z&iYy4cc)Jf_m_nUW>iff4>nTP`1q6M+dInkNWH-t8LTw=wf14AlJb4Wbw!=$hPu7#
zy}<c_n4qS;Du;~c(*ES6PSVd<Aa#*5JXXd@Win>cjFXacLH8^dOCK1F%&6o-I)ick
z2iRLkplObL>||lm1eZ{J7nJc-;g1tRZ)AgEhEVTiHUw-ABv4^W>o<6#z4-)bW3IkG
zdRS!-)x%-h6RV1l6rkA0pAvY?O;p!G&PM?lg-CHyJqBCJq;n%QJ#3?12a(FE-4ZHb
z)@8BbCl6DPtF2zR6ri4v2U9Gu?_#+SVk{1V9q~|@X*?1XG2_gQO<x(xSTqgKY8j|Q
z(?2_YprlzwNHWHa#4m2&P4G23gLUiQ(JhYJizH<t&VVg6*lzh*MY~?@H?nB?-$AKK
zqkwF1OwR*^*h#0FsOj+i{koD+@}xfsL=kekfIpAohbxInMVpoo=r0`;yQkKJTv$n-
z6u6~U_3N|)pK{g_{1I82KiKi$m+^@Wq$r}I4?GXg?6KDdF1j>HSvYaqKr60&l^igE
z?@0kghf~FOJl{|o#+aF##Ko}6Y($-bnE{585@MlI%?xpk`GvLcY^H40o6Q&nB=N2C
z;F;p!piEU^ni7z)rKMOc4*6GD;NIGAOX=~+(0DO@?v;u$MCwBRCS?|9^rqVAtmgDV
zDx9d6!I`7gUK|ZdJJqLL(U0HGj;6%LczRIgHpxn$b{=ylnCLjEfl>yeaXo42R)uI^
zxsgI*YIWj(X3Bc@Y6L-Qj05H2h;L>XX@#X-1QOj}BCe^d6LuHC<|BcmNB~sspAN|2
zPNXa@_i&fB1u{Mk9GNzkRp$?Un<cuHdH@Bac9ep2B&E5J5q?I+8U_0g3+Bai`-3%F
z7q%2D`5QS#by4silJ%Ug?=R?S>L?#40G(#;(7V6<Fa_aXsL#k?_n#;GYdi8)FQtFW
z%Ge7%XnQdnNth22wWg?(c#XrEs?f#}^77b=1V0QY#6msT!bu6L*B|I2UYZ9jUjF2e
z#j);-D%+gKY(`<*aeEN@ZxWD9CWu%*YFP1lAZi3`JPPFBMtVVfXhYDp6ny?|HC(cy
ze^)0U?Xf%F4{dKAoal$QHGI3D`Hm!6_aJz(*g#-W!+oQ@qN@I63C_cHUmS-IIao~;
zce*b{wl#~!MaVyJKOvR;x{mxC>r!}pqYRtF8L2%%J1T!gM2okHPJ=;51Yp5v9g~)n
zh8<!2?z7`wN$PR2g$%BYAAx`kKQg_o;#1~?zuk%c)y>)W=bVIGkDB=95FRE@&-rW<
zj5}+7pr=q;S*0>+*?(AsZl8lu0O{C9F`E~j%F~hEnVp;qB4&qitoP`UPiAL5Zg$1d
z$!!5&Z?y}0tc`S&yB$Z!t|OtOV}|r(NX$z&n%cMD23;1Ul!PDe1By7OfkdAoI11O-
z^&lfN4Dur_nVhopO9YbE#!JYT;xKLng!$81?C!=3c%@}TACEK}zZ8aQ{kld+eSzBD
zP<(i@Sj84E)+n7dNllBnxw@U~6Ia>*2t-Y;ENwx5FM>Fr6<POmG1cPkq|#|Tjja*?
z%l9kL(#sP+B;yym-bnLXltpd)^+h%$NWC9R(H$=d$BQa5xHwFYb(BjZROR~=!2(XL
zLY8U2rx0mm*fIY2{QPePTLeNOf>#emDda><?5+b%^o1ifwtp0q@%S;E{~S&>%J6i2
zJqPkXwwMF1DbpLzyCif{5-}FO@=9&R5C~ZS`d_YtybdbLMBE5Lvr4lNJ)0B%r`ZM`
zc#YIqA#jGy4pQdeP405D!A?m{WG=TeA-LOPzgP=J#M$;HuKsyxQ_AGfEIk$t1-zi^
z)SiJ}#$0TEOFZ+5q_iq252L5qKCA5}E(ho`5CP;Ls6WETNCxE>O7QQ}CwM{@FzXNa
zVF>euziw`hM7)~qg4<%bjLv!c8ycV=@;VHi1D^3LE~KLphLg0bP_UoS#Wu7}UIuBR
zrqF~zKNN5^vdHX3Z&XZBe`F_y{&3vy4{nO`bwm9@I81!EOQYwf9k;+mL`KeyvXuj>
zzepll>1t(0{`g>GHX7D>y3h*EI>X@(cmZfWzFfO+#?lH`E&n@I{ckM(D1*5IYzRU0
z{4JQkAE9f$_?#VmW6lEyLv;pFCM|;s!IZ?2qXT~>6=uXXD|)}eJ^q2Kw>$M)O||GR
zFvj!a>%=mM<nK2f|DpkE;@8-y`c_A=(JX3vaeSh1Y*U%cWmqH=|Hh+n6*lab6J=97
zQ620`h@;CY4TutH&b*LB1AO8@;jOMmV6tPohH@jgJ+;p`HMlGLzv9&N>%!jTr=|$z
zx-)T}1D{2N$7Y!H0^zp*`RB{(;KEu59?*!5{*yc2Rn^4c<8<gxmU|o(Qp12N0qC`P
z6EG6Ao5&`nGglZVa&*in6+R@JAv2O*$oo&eJ5btWWENS@<j#`cT4BQ4(XZ>};;6wQ
zNGK3Y>UN<Z+GrQ(Uv`&Q6@@RxA!L6Mb>rwKMLM`r;!BzZ)^-VnZ$=PdR2n&g4j1}~
zM9qH&D?^X3PEOI}|89fffZ(;lAvSbhmrb9eM^-O9F)iQUobLN^4kGn>3*957mHa{+
zE$Kz_+N!RfKJ+)+0$>$2B0zktO3Om9s4A=&wfg+fD<&BAhqFA{e2wArA~Ytqg_&31
zmHPTjsTv|7jufgaO;%EHxIf9^C?6PhJYP`kK=UY18W25ro>zOPuGN_`8A{91)z$K5
z78;*uw5Li5YZ&#aErWAaEo1B#aT;4xdv|k)FddH&W8Nm?3p!YIoNpo83sgpDT&e}Y
zTi_2u7BJnICD)#z34nrLkNZ!E3}`J5U-lasEVf$$%4KJmF}>C18Trj_PdvWm>A|MZ
z$YcXzG$P-H;hmcbf2Ua*(w;-v<oO1P@3M0eD~%RpdYvxtTr+<q9A+8#5x!I1>++U<
z&wxuE26v8WG=fGV8h~+BmB$f4i+(;V%tw%HsK>rvN9vta7BDigiO*y^7A+!&RF+vg
zAX3-{@6W6ep)QM_W5X))28U+1-5{t%I+Bj@fiLqIa6apmB=2eszpq-^S5Tu|1exmy
zrt`JStjs+H>@jomavK}1Ahn))0-r&l>z60at2`}{p5TJ@5*`#!fuAcdej2GKpFYlS
zPyB#9crgDBN$yTtE{AT}-g@Uy!4+n`p1;m&P2x}jWt}POUn+NINFM!hWE(AIdtsT`
zH1am;VmDP6o%MsFirys}8x@=K2m2&6B4K1h)W6mrLn&XX-A`sejqhYVoa#yl?4m@k
zWZIb!h(0jQr+hJu@F1Ibb|pCR5>)|}-zL(ERw=5>B6SAuv!5fjtpV}`uqwcMKV0Jr
zW#IBCR!vX{T4@|!$Q1&t9v)W&?{gfj5_3uzAQ+Bj3Dj+H5rf2Fcb2rH5i|OVs>IF_
z%IUgTL|WjQ!SmxFa$NK>lX5alg{whD)<d53br(1dFGEz4uN3!_yp@I3P9lboNWg=X
zKAv`}?Qb?8=yIWE<XfB_RjlZn$27m5pmz#;XbDUJYTWV`bpB6W{bh6xn>G{im1b^y
z+_2FVa&jxq!MNyR{o>sw8{WRl2k?W`;bb~?O=DxhX#(z$2*H8b4pX`E-xDMZ{Z$##
zDN<}KK`Ocp*~14nav!QX(%)weQ#Pt>%SARuVTAr}#Y(!<hRT@$n2IDif(OND@Iv0@
z!epMDS1{t77s4WFGtFzNjp`g>?W@}Be>a75U~MrDU4!#62cAkUI-E&T`gx-(4R(>b
zg2Y*JBL_`JPu!gv>iXRIZTfIq?{VSz*jO`TZiz{SSS}wf3Q8&xvfOh<^R9WF4Sr2g
z=}X-pE*G>_p>(Uq;_EZ1k1H(4G}<+nwg(xAeGzG8_p;P@2-XrszeuQg0mv;y^8b#)
zbQxr2(p9w(;NghrnCyPr<~wTj)m13+<lLX|4PkTB!8IjUmW%!HV`&q0O-<F@i<%+I
z<BkH`o{UuPl60!H7W>FVe>db*=d8sf(`2H{fkGG#sS$I^osZdSB?@xb=L-GaqLYC1
z`O+g9gthvyq8UW=2`?dxWZ)k$zkQt79X4rmNO5RS9H7;J;m-fs8#`$=)Q{78w?l!u
z(OgO?s(0N3#h~h_wcIEwqXJQAvS6e=10ka6S#Z88u=+a?R*ikJ!Q~PxD$ial@p^k-
zy3WCg0%!@F$w=k@$;Qi_Dj8gek2OWs!vQbnL*7#=MfN_D>kz0Ujt-hF_Vl!xdB^#U
zDUqK%@@=tr^QU~#Bx#K)pibGQ89~pNAWowx4#mx$ZrboEe2=`**u*}R?So~M;xG=0
z!F{0`l^e4rB3`vK<3ycjFE7rJFlrFj^>;CJJFGdQvWjbOssC%f9P-IQ((8ey2W~0I
zr`BeUYL|Fe2;cg-gn3y-7y)+BF%?otQ!|utDf~~tTalWjq&vMR2RAEv7RXk8WfdFH
zr`rirg3caq-^#e(FP6l}5fUFxV~vp(ohwZQJwrJ1;LSGcx~h`B+Vd^z#^#`^4328X
zfV;_+=Lb_$#v3x)UaFA|-7Q!u)wC?;X>F0}*4kFRq<}0^Pi9z}>~0jc;cRg<M-5-_
zkua`Qdlg%cp`_^`phS&ERKL3s#kb``e4}sT>U`W7<#<>*;Q%Sgg<Xo=>6CWYdlv0X
zGd;VTnhv%uDrIPP985BcUL_Z*;6qE9_*5k!#2DLM*;~2z*`+(#JlNuJL_4gTempm!
zKA-7EO0`f3!yWNORb*S+mc=m)`Is^#FDC&s>9?x<Z>cg|Vzs9rUL0TzYnv4Dq~41-
zh!$DWP%G*FX^~Z^CjY61KCVc{IJg|@Td-P9l&k-iCT4Hr=?RgN+0w~ObaG=Nb_&qt
ztPVDJ?GcmA6<qdk)HN9Dxq*3`LEV9D{(Pp`q548Fpkb0yTZ0N$mzgpmq@*UPb$)%T
z%iW3;9>5*Z2!w{$HI@Ini7uo_0HwUiH5z|6l8Z;P>SKYR<Aq%)5vqQmxdcAo(=>eQ
z|I_$@9ngHFLrqN|6xAptAn6xrz=xD7_P`ut#UC?0wPGZHiIl<K$Yh`=6pQ9K?`+%8
zFU=|quR%?`TXoZ?!D0$Tz&<uX&D2(pKg+jQg|_4WQk|`^%4o!xkbYUQU{n|ec*WaN
z;}M0J`Z&P7vw7No_$A)dAGV-jvv@%?U;K-7@RuyiYyxuHbB8%D6BYXPn4qJ>ngOuy
zDGREJA=!~B<3Q*ObZk8=aaM0PZ4JG7fWi$_m_uf}zuad%c)adJ5efeuxZlp9Mzvq}
zpxrZhs{IfJM&brv$OLu{58<~t6I#7)s0(QvubC#A_g<Cv^F7<Yv~ccHD<1Kv*LzTJ
zgonnDZOP?ZgXm=Z^en}mSaG<k;1bb&+-`TIly&Rj9#i)9#=8LigwcLIEabO#XWp|$
zoX`hIRIRrye)&vp%pB<H-r~#~CznRi(S5$wYi{hH$oi7@%G4gY4+HyLuuspgIQ1O!
z5oKS|=nnhx{C?>tTaLodi*$w*605(w7yzb*Chya#N=4<Pu9hA}mK&Ez=}!ojwcEis
z603jO8<Dr^(1iYk|86Bh2}!ZH-BEVLIGWBz*zRWA(anxJLW*eh+rw7DVA$O*fhWun
zjIv}hAbD&toZI$?O}JQ#KX@uzb^Z&aY;^5izu)-kCBR?`No{am^V|Hr9Qi#_*@^S3
z+r7dU21|0!IWKq=raS2MyP-&<HNz$s!_bwpK>gjTHVP$DSafBWAM<xIMWbjs&o`qY
zO_@+ql3jYT8`zhJzlqILH8NM5@`9<`1DTB;RB&+0Dy0tSO8LR^=OaeRDG#+#jia(w
zYAd)SfgRD1@IOeSZ={I2-_Tt!DZJ3RvjHaJ)E3<lhZ5R&V$h9ZmyXN%+IiYeO=MHV
zU-0$^1q}6Mu7K}cj~U||yBCBY4j>MCWOg=b|J$2c&c^~lvW$X=G6qNVt8C6B=j7%>
z#UpjKehb{Rhq$#!J5!=ZP63t7KoJ$#D4MO&@(dnJX)4{pSlHo41^7G~87fXHgys#{
z%U6B3u_$UbkTvkj(FSY^7R+kr2+9a6%!=n{_V6;CA0OHoJ6Ez=bn0zq=qXgtmx~&M
zR?r?muh~E`uB()vP(gxRs2rU@RgeFUx7ffQ2KgL!ioG<HVJuL=a7~>OQKQjCd1ZAG
ztfK)1<9!d8Dbd>kuhIWIf$$n+ZPXh?VzvDXNi@`egyVaZ@izTnXLJ{LAcHyS?1R<6
zaq9wVgKU+~25)vM#58>T9K0f=dm74LxuuPSVhZEGL_f#S5XDT9k+~N=MEU9{VSJy_
zljowXR-1(a-pyI$|Llq{urx`PH9JU`N)N|v0`G7HATP4k#J=f2J^TwVARjy`2`8mz
z1*?o`*6J{)<5d!vAlNLBGMxW|K}yb!uVOARsojjbPotw;+X#~wb<{uJhIW4ercj8i
zqBa+j+)i43#wCfDmvH6b7?uA6Y!D{{pnuM*)p$n*ygMVNID*Vgy6u+xtzjmb=7iea
z+=N@?F(tcT#q)ttcOdsgQ$TUvpZAVV#x#oGOK;PPqLE53E2sD7TL{GAabiDTlSC;@
zMQCmtXUs1Ac$pT<k#w+<1S7Q<z*A+Xw?<>Tne7xKnm?!!Mf7(c4C@X_NhYwHbenCo
zHXT%Dw;{m78c(zXx3mS{>~R0_Yo@$Vo9_EbD!raO03@a#Bfo@7$}SVP-t6IIwFt3y
z(4xfE5R6kY>O!V+*G$l!pU?&Y#uS<?i`vL&-@ad#7a**ldQs`4eiMvdQ2P_Pnq30M
z4=of^f5c>9{%h`_l%jNEvBP5*@6zGC(+9^2w^7K_Z|63f*U0}yfP8nlKsZ`p$KE%`
z+-Mz);Z`duLRoFY6&9KX`xm!0-&o)kj{4pTk*}F(sF9*-wliT;Tu*tdXBYM98${S3
z*iW(GuPi{cTbc<=vgvnF>cQ(C>Jv6Z#_7Kv;p|ry+oO$}|3o%{s7b^eG=#63OudzI
zb1;4$@D{jf7TceWmv7I8$N)op=YK1%)=z2wZT|1_dxn8&aC-2<7yLw@@FYA8Z({lk
z`8d|-wO##i{Q)vWsWaa10sl{lN|YFczLtqYjXBXbS<HI#vj4g}^R$lopFQH0E67mj
ze+a-Y3eZwq7|91pGOr=9+m<l+lL+7kI{8Ev`mp=r03(9xnen(BpHu_nQF#o|PFW=y
zt#L92wrVKcxJBy{iFC9w!mCyY^9!W#v`#*~4W<%LyO`;4Mvw@_jl}WM)fQ*#)%or&
z_7HF2kKw-_B|=QvOSH=~j=r|>*Yh3vPfs+dJ6ofb*0HDi+kfU3jQ?CLDs}imm!JHA
zaGW`8{#GXRMtUP#bBJ^$esXpYDcHu|XhTl9<Lx!<(5(s?v)uvlUvisJLIqoYAVO+U
zu95KN2gtnug<!oon4Aw4Z@G5p&)oL@-7r!9JyFv7V2B+)pHot-%>`FE(d2!lYq&pk
zl8LOl`&%#AnG`a3#ND(0;92CuKnplwwq9foYWgL{s-nF?tat}!XYX*J@`vhwut4CM
z%T4Sv6G^Z1$<W}k;Qnz=#@t8_85UxI9~Aft;&2jd?9~oFg-V%WJuw&fu5v?Ck=bq&
zK0$PNH!vLZ)FLfE5mH+KYooJ59N|gYZ4_vp#nhk_6gP=~qVhtkPRheDs#xL|hci1n
zAK6rbv!Yy4j{OW^S&~D=%7c^R(=A7>prcb!COJwZiq5C!*z5`<aJc`ws;sx#4agap
z8fZo$VEGL_K};+m??pX-8)IZ+4K0Tz@J}ni0SSGvF^ZE6bq!=XKfDY!J})Z%``~!c
z%F)(*x`~cF3)7rbS0Of0L@^m=+2dih`q!))FJWE^5&<|G_p0_B&o33djL?%4Y|>Vx
z2>+UO&|61}6DJKL?i!?MVPAbvgMmBi*3IpN;bD{t`N^2SUD4nUqu|A7bFYT1b-IB-
zYb-&4X0%NS1FT)3=#sJ^_vecN1bXzSrn*Ar+w?qYUXuK_F}zkLo|8RQHMxti`8+Wi
zlObbClIqf|sD=yw<5q>SIXHv6d2Nn3z3}7)H#%mlv7G}f8aNK37>P3kZFxmLF&oAj
zfX2LFHln+m(EKe)fkKE29teqXVimy4aPNyXMs$E$9wMBk>zh{e_MeR^xJP{F;{4bv
zH7Wk6hTo{1#P{3Vp$ySl&~<hNifIok%h>Pv+22AG|B!@NWIC=`9e5^L35&MNucc|o
z!D4{gc)ZU$SGf%3>SD+vp0$I6Yjnil5pF|FNGO?JAQybOl33=^76ObV@n7!##;{}W
zPOh;@cLl-~mCB3BCIiLAJvO}O`R$&aDd)j!^S4gIXP5HHuN>u^&z}j{>yt`6Wsw3y
ziabSGEH~0vjpL_Okh;mJOie9d?G)UIQ4frUzTkWBznGJVcUHA7PsY!<@_0wF6spjB
zvc)Lg*Snxu0pxq!7K-^5Zit9sQDHv=R}K4tO=SY+5>2!)xoQ+VO!=^KKn7p?{z=1o
z`PB0BIjj874j^sm(I|=H@7lrr=KB%HWUPAxf2cTdEgKSaYUm2@cMWboGvvPtY7NfU
zZuEMd*tB=OSd}<C$Lbp_l|T4?zFo@dxsl(*$gy}n%Z7Eg&t#UF$CJar`X!96nqg<?
z^eruwWYuS*;KZ#MI~EvApB7SggjALiPAW{+`<+{K!a9h*qma<gNf#fhFzW2N{r0R6
z1<F9A?D_Er+@OzTde>K|BiG*Jx9*C&@rOXTLaHlpD^bRdu7E`;PD<KaerXpzno|Ar
z2Jt#!1K}Bfc9RI~1-0hi*i8LvFZF;KdC=XYk-ij*t`0D^KtDKE6_oE4zlzBh2PsPX
zyFKiS#Un*3tz*&^aD!kwp9gt#2R5;3U}4G8>H2C*1xm_kBkR%Yz;j8m!u(9(bz9rn
z^Z6Ui-GL+_fLt<KL4r~a8{z2g<AnR1s5-@EVk!p0?|D7q$`!!uFGXcdxI7BoWo8$x
zis0-l^zrPkAsMqH%zW{};1WDfBbPv;zpuu;K-=cw2=5~17_aL+$TR6g1QEvM^Q@)Y
z!8Nu>V@idQjE^lR2JWx4=Q)cKEqEcv?TFnRUE_tuIc_YR$VqOUI(IU&1@}$2J<^v}
zzQVBi>Ss<*saTmFqr=5O;w70SiQCH_n=i=!ry&Qz+nzUsAX4yKG1tjbH$%IdO`<j(
zlK<uy(b~%vNC`2kIi%SF3~0J-v>w(lTA-%ZLL^X@ok^vP?gF;WuqJ}MOoh$nP3WVj
zC)+Q=tTA~K?JlQD!c7u6k3mC1MuIK&;wGh4%KPw7=$pSWeFPG2;>(t$@>vOW_IfjZ
zna0e>zp6f^QauohNHB^nd-!(AK)Jn6MLg~37^$ch1-reOp}%^JP6odxs^1pA^Zga&
z<hC>T#6!-&zGWhdqm$|+z7TBPpHdOMr0}o|ueT#l$jFuH$j_-%lnw9w-Te{ltz{hF
z2LcLG4OkbIJ(LGdqO#hpkuJP4WuPy(Yrtmk6G~v*=aKJS_BEQpED!YZ<j7o}#a?kB
zGo!;=m?e%*>mxl1Q=S3zo}rS-9Wg&&1HtbA-Uy71Y0{XmN*sLx7W2U`&>vk*H&h%H
zYQFF?P*TC?<9;1p)q$KVj_KMaS0bVP6yU_w`iju|<qBi5P}1~r#}3O-19q3=uh+v&
z;c*PaLB=w>2xD<C*#=4AdAhil^aFue7}QcFDBJO;al=!aEZ!e32XJ!97(_7+;sE}=
zpKIK28-#Z^ZX=@-y2Qjp!;`JTery)pox1G>o->SBHd4jip}xlR^EDuqvzZv|*A>5+
zDa+-MA<%n2)--z_QQ+1@&fVLjL2HXu#ASe1Y`iUILGo`tkKDFME|7D6Q461r&$H3|
zYO<3@WnzITRlZc&G)VR@#>3~YZ&O(u5)&HYahrWuHJd;CJI<L0OI44e-_#~gwoq&M
zkcMjYJGgIlAGRdPNaTb~W9m&FobGUWz>lYM2Ft<pcaOHfjICM!8t83DYA|eFgPUiq
zHaJ7-uwVBI3Vm)fB-vY}n3yozd@#Yl`2_D0*t59Ks|_B(p7^H4z5z_EO4)TFt(~O{
zrv@5qADy1Bn56w&aQ?&m59V<6kdyZ|bB<x)5k+SrXji=t@VOMNl?DF^d4(Iha_+s=
zx;xF1t3I5<>*>!HRe53SBFu0y1aeV*e4T}k#lN5<L8^AY?N4n8aWh%@!bauE1C<n6
z<cPrf*(A`6axnIF=oN7(gb+g}w63ZCqT5aH;%?U!<sA#5VMmzCeR~FnJwE~>0<*`k
zOSZrrynIs{acQGsk<?w^=|;n9zybSne<tz4E`>Oztg%U9^erfzy0ji0YFzXw&p${-
z#mDM&)#$u3&54T2fg-%J1u@fGy?b+52NIg(c@tKeyUk^vGV2AYx0sP3U!jeIO0lR>
zr?SmUy!sv(&ARTHm!QGuzI%2EE8wp`nZXI$3^Ht#$!S+A%}$gz!Vn?oqQ11=U*~jk
zyB@p~@khbIh>}`i5+3X1Ir^R_4?Eg4=X@vbW@DD{$^~w$Hjxd{F_Ix<3-$IdEEVSl
zuJqnI0^E{GbZHggCPW%v$eFORosxPSSwz^(ByA0x%d>7Eh2XLNV^xCR`vXB0%2QIq
znZ=qv&DnIDx0)9(Xq!<lXgiaw)ng1<Vpp@?YKx>;LZClxZGzcpmzTfo68ZC7lX@tb
z#sw~>?E{uYwn{yO1Kx7iA_VTo-s$FU4RbO5{!h&5!2vZye14Y@h(3YUMjy(Dr1abV
zRO*b?j%16IFUX%2C7U|(w&nf$#{1jy6rqGRNf?M*uxs5=#|Mfcnn|L+N;iYY6GQT&
z5hu}F(6i1kEH$3xW^|H)UV5l_Y++~CoYmn^ci8QZI@39BWIs7TwaCw4?ETXSgMsdm
zlGKg-qT<AX<J#V`0**H#ag(DIb0?*-@N|D<V13^HblSow!dI=+`QzSQ^U|sd9qvf2
z-Y||(|8YMoxqwiD`OgGYC{aD`KqC9~#G%Tj9;44%!?`*st`pVLnE8Hm`8;L<%&CZ-
z!Rz-`&nuV+-=D^38QRkHD4HFDCag>=j$BdfP5MS=df;ppe$a@@w1ug^Xa=GIWiq8<
z7AWJ^#&>ZNR(dN)3Z3mrA-?eBshOK?TQJ$HEtrl(2E#K#HHAT$2;;fLa=Mh5uyc(Y
z*poP1*bf|dM*j!@Cq*q$=L^n4<SSJ0&zul$lDQ`O8sf<S7~|(N+)&#biM@eHVE#WP
zx!Wz7{v!aA8bSrnUot2QY@)sH<8EBfgnvNLK=Kf1{lryMJ5S#JkwOj~4l-3%RE-6?
zsglvg;DYwXswiC03`M0sc$;iFMH)8Y?f$ra`(taFL>U4sQLU^hKTb?m6alE<E|h&@
zH`?rfYoPuytXx9AhcTemsk|^BQZF92GB;+mkw5Q=5aM=cyM@XrU?HZa0+9Qig>g(x
zTQv}rlJI*}6E@SQiDra?jucfO$-3eO1Q(0pOmiB)I!_Z`k)1-?$kW4B8zZlkb#R`p
z;4KdMrJo3LkU$6`ZEU<(5*_g$VHh;<R(;Cp36t1XfEvr!>bM{#KL{+#*9z%qxfCX4
zEIGJ?!{*z?)54jU?EHlq)bW_x-!<|L;ofGDAdA%&i7}TOsX;9cWqe?*-8b-w)BWIV
z@&Ye~W(r=a-;nGk9)grX(~r-Aoqh2eV#mu>$NM+P67v?_ehsaR#9OI^fhAw;_Gk98
z&WgqOVwAeE$^VC`vy5u1Y1i<JltL*^aSg%U-QC^Y-QA13yBBxY;O<UwYjJm{z)9cl
zob{c|TFGAXV|MmrR_2-OeuSc=N%D=dUrh#-x+lT5w7e)xmLa|`p<Pr`@&(_Rgl4Pp
zGhK7^cxhxSJ$-@bdH`Nn`q?^wR8ajBHD#EYGKf9?h_&x${lI8g+=20>kXG?$m$ya9
zSM&(H046ng{Li%0spa8@yJQAa2T9>lQ~3{C42(@;2opGE<+e!N-rPTz*hS!`WFu-K
zYRV}OXfr-p8{bH>JPgjy;WK6}SrsIO$U%knPpqb96|xpr;G8X>ss}<H-7<V7WQCqk
zpAmcux|M`0`F>#QEd(gisn2i>kD4ZSej@g0!!PNq|B6ZMawiin4OtsfVm6eSK~yV$
zyl8Uz>8DEb5An<it2HqzlH$uOL|d)4e#3Fp<%!+CIo~68Q;5l&tiIJPn6-AWkMz0d
z5sQVD%1fy$4g)NF3*yjo<$Ig!2Wh)J*~eVPYigwCwLN%26GHw`zqmD=c>I$mCV-gB
z3l768xHPcWdlUR9PtzSQKxz}BY%S0;=)0*dTQ5QC<k9+}ffW|@sF%E$#CCeYYLTTm
zFus*}6DSt%uS%tk>EZd=YPD6&!3ToVpwf6Kcf0POw49^M4gxW;MMPUXhalDoi`^aj
z;iCnq$5vll=Ca~v+9%VKqA-HjINqTxO0$O=i&F!Uh-rTT7biQ>bH$rN?%O@ij7h73
z&QL}Io{oSsrcaWvT}b)85FI$7O#XH5FK?R^HqU$F-vl`YO+~}C=`V#6ps}6D8*%Wj
zkZX+^KouJ+1{>{|Fy7+Scq<R^H!SCl8<(g%Mnb=j%OaGEt{I68<t3*GaNREZ0-#>&
zZ4O{>s+EEx^okjJxtM2{`qz7r$L*=IJXC(6&2Pa<z$%9kz*P{->k)I-%J3NUtBJs}
zxHjio+sH^>7GBXjRok@R+5gNE=!8qMyxNl#E-jg8QccUxc|qq5qZ5O$lqIf3R3&BQ
zXugOUp@+QYqJWhr;QQ6&uA8~I^I~*J#q?WMy9ADkuy=GGPP^4^WE!8lF6ebV!j_w@
zP#3I=Ssmw>F+k1;?Tlw7eXLVMFZd*@vJg>H4Gz54Ql9_<b7z|YhT%*7ETuPl>f(-6
zMU@2zfr&hDX;RsB!;>+ho}f18%Y-u>N8*c5!F}m%lQKseKR!c@nqVlX1%qH?zXTz2
zUN9$>1qWA7kyBuIe(>rLB|YEnX4PG;7+WZGeUVHVFs~h{T&^Aai5>3kZoj*ipHs(L
z6+aH5`({B<OSmQIQ*-vx>Enlg?Nmfs0;|`8T}B~eQFyO{u9XBib-z6Dnt#BDJY%Qd
zSCg~;OTYv~S~N#XuiA6TCRZ)dp##M~l@ZhWDfDP_v$PZYW1QqFj#!~(|8-<|_w&EG
zEfk<fA1H|$PhT!eclwB#VWYkv-~AyL;d0|>@nV}Ct6~LJ;->m?f9+ox8;$7<>uQ~^
zJ3qtv63h_XaclLJguj`Xm-lz8KlP-}Nbj@`?sL&5iqiZU!GL+;%)>xBhXWSm1-`gC
zyLI&OBEfEi9pKjsXExl-FzviRa!G`O08Zt61yWxFD>zEYU~Hyxu6f3S#oanq(AS%Y
z{sQ5F0Q7xJIjz7Qmt2GzVKDSOXtw!r_QUv+rnit|nayWp6W<;DqC_li>*zqI7~0(Y
zd(kmO6psvx>@NS{Z!QeGlscf#VLRi4Y2#+b=WFJ6kfHvZ??bmlmnj%<0_dVnPLXZk
z(^Xuj6fKklP)VKTZN(N!926L%vlhgbRT#Y9NV-ILN7#i^TO)bbIgC(^tGfR9ehWyD
zU@a0~7Q@?aOXW~BbhS`Sg}P;1DBY&%Bt#n0<Nv-+U_S^4PRvfVXuNp<^V4!Am21DT
z(e&9U+KI)eplol8UUtaN`n`orrCKYlJ;mA4W(KhnDkz=V6J@vke$Y-|`DF2(Ia<d2
z|8fBYgtA86?mbW<ZiSm|KFRIT?#rZ6WmqnELge__$TY2hBgb8{AsUwzI%F^o-grW-
z<Akwv+aRSezM|f2#$+bs%HTaSzrDJY3ZC}4;Qq)rnEopCWybNLgj~86kHq|pMD1d2
zqB*Qv2A?&YW@l8P+3+)t8g(E@7bcU%{`viG+gHBHP9W^Y`MEq|vUCwC_?gGxb!*{k
zR!?r`x2##+uZR8@?<9Kc>qe!7q%F?YWwSS!RognI1ILYn?P6avkL7wNaBVicb$}Xh
z1u%NDX>897i!tU8bq{TM_5ypiVc8vznX2pU3Z&LRYb%x#y`15nH9D}%mEs)xmc6MV
zy1~ywb(X7NbB{03%D3fFVGgkCVNy+IPQtrw-4d=?4HK*A*E(2Zhb6PQTH?|iGdStk
zTr+G%M4noJWA~^>u0g4?+Dg?bWNcL$V)trj6h|ggYM|Ji9kim7P%K9l2?eGB>nIy|
z!5CS#A13cKXKN0DD8}Sh<F|<1a$AsT9yJ^1ME7WeZc02<N>TZw_*%<Fo;|C{wyc2#
zn%(EpS|@cU`riT`QD$-Ze4c_I-OILBq2Cc;Dar-U&d-NZ_X+>V0bUq{NtB(WI>CA_
z^%;JS#cTzxv)RlK0}N6867eCe`}$=#jJWn!5lb2@K5LX5YfQoA*=(5mQ`A2%*fWFD
zwZT|}GkI({;?7Wt^qGpF29Fl-VbSGT$YN)AOs@(6PDBH^j-hYeAc)FjqQAwUFLuiP
zN`WMXHsPXDuB0Yp=~IE}I;|N$9AhQrkw65Oa1{*=<;a1>6JlA|KKfNuDTR`sbz*-=
zxQHuPkDh`i^hnw~wofhagDP&W6C8BIp47E;FgiP!Sdmg`ah~B4QpUMIDw+Whs!*d_
zTw~?LenQJM=>Pt^@p!HQ05i<SQl=iI&PTxGaz9AyZJ0`{DTIj09hp`g-53&@wOqUV
zN|j8=g=peY+p@xKUMzR7q(whr&i5WDYn?ic9akudgRS5Pr8do3rrrpEsPzHvNdT(b
zk&4tZvIkGs6l*on9M{Uob6X<OZ^4QfX9o4|5>0~c60w`7td@~E^2qLpyr_fOjKy{2
z`Bp_NIE2{Y_CU1(qgs9w=NltCOYi8<FXY5g8Stq;q?);e3Z#CK%{Q~ZL#&unj}DG0
zms2K6`8#s8(YmP(O{gWfacQMkwrr4&<xDANTwG%4LMfkoDX*W8IjHAIKGNi1vU}0t
zVz160>eNAS^cgiB4+<j)79pSSJViEp+X#|yyn~fsBNK0NL8nwqbx{jlF`E(`^8q!v
z#gIl~{5rc1`qSw_LdN)xwRT|o()s+8HccGXL@blFMsmd(sXDF9wgi$!qa``=6EiG~
z<c)lq3tjBf^GkS|4df<_Y=Q0Wywk92nL;7)GxLelN5E&n1jgjDt!PT+;e;v5sa4Sq
z4G<l?YL%?ngvs^reX&rI-eeYsfY5Y!vP_ZH>KAkp`{~Jot>r?Ev3V0Gg|!JrPW}*Z
zO(xG<t|PIR$fCK=hj`yI_$*;x=7>$EwWD=zvL+PEC`4~c%5SP;SgN$@V~BgE3siE^
zS>G=MYY3k5#EA4R%JcK{0dVqgXt(MC`3I<PmGLUC&+9}#%9#HA`7@fs-HH|N|AhR$
zE~At)nnr?*E3lae8e8)H9QCUDapPt+Wgq$dG^DG^W-(#wwpBqdT=q94rPaDU*O7nm
zt%+XOmEq=O{UrDC1Q@$GF5%$6tCJNXz90z*Op(4IaY&w^t3s<lcSArLIhzo-$PSBH
zK8S7`pf^u^Ktm{66YzOKA9j**wz)wZo;lY!JnP`4NKAjUqteS!cdfYXu`Q_EE03-9
zT>N==#we0ndFMQo$~nda{E%AdMlSQ0VU6+V3XRHKma$oVj|u)o=nUXXFT3Ghz&W7y
z7hNoS6l_aFs(9aJ?+0!f=oBEvf+IkKwN#+ru^?3YA4Z<a#Q%P|_h#551G5?&&yP*H
zT2#A(-FRmIR?c_T+j`Vmz2-95KdmSV`syF+<^uToqQBgc!=qpgX1bG-QAPr3Vkw6!
zaU^e>>@WTLU2MuV+1Sl%JLZ0cy=X}3P>PNd&&=BEp_faIbKp!zea?$jHiYxZI{)Cc
zlUcz<B;X+?@EJ2o&XqATf@GV{C|9iJQrr1)#Y#%{GmiH&T{yd`u+Ds7vt@^r_K5yx
zEtwVTB`K4Sb)+s4fCW$!)oS6O^hE<3cQhTRCWmi)LIfUXxgs9tCJK5iv(A1-&?&7_
zw6AJfhtn}!0G}I2!lwnvj7)D}S?<haeeSgBk~<KvI=@rrOUX8Nt%%3j7S}rp9r0X6
zENQfjt;wZSsOFk&JHHd_Yw0i5wbw?0h_@jhyTdwK>l*qjuT|;#@9&BZ!HT$^1}I)q
zMtPcs75Vf!Tk4Nw=hYR{OGuJWq{Uu1CjaJ%UoNfFD?BW(8NEkuJ`zcJ_v#tCbb6B|
z$4r?C$E)3F5QXY39d>Sg*tl<@^|kh6X2sAxcedPFTr4hYxc&ZAqr(Xld}txCI*#CR
zb#|}rihuN~prr0PvPu6m@NoV6>*>!#gs@BhwvUhc`~F)DRnp@5?{iT=Ll0DlL_${u
z_lPw0R+O0_<p#qljXUbXL%UzL5?tpNjDmcq)jj0ibl#S&>NL575@Q%wZ2jvU*rGiT
zMcPRZc%TEp4R6DtE!C$$ddazf#N}pQC~;YnYG^;b9yit??&boM)rzy8RHk=Kms`P<
z!7}w|!j&MX<@udyUj@NU1r!C8Cuw8_xOIKV!nKIVUUmV2L5+4J%%aj@vV`8k!r&^|
zb@!+YR4oIMWiOLSeOYiJ!d@}<Sn0HBhm-zKkOPHVvU|mkXcrq@BT?*@CZs$-iA0?d
z=^Z=z3tk6ODm9>{BTAdpcO@ix`vi#Ml&c@hi7!VOj|A-~l$O!Ss3?0Qpu*2>L<#SO
z#%NgF*0lWY<u5e}wZP9kF2|@BiA8_-=>T%`SeXnq(^_(P{Cyd>X>Be(%sAV|E(8qN
zV?8yrj*5mno$l)Wj64YfrI#^@cwy@U-a6e*G3o*KK~GW^=${5u#*C}>!hN1^KE2m=
za{BK5qkicvrSg{C9P-lh>!dhpqy6%wW_xeYLr4f986G*PI_z`wuy<R;!I;VT)^Wu#
z9?8sJTW3At^?=7UmO^6fkdiF#yhM-?5ecmVd51%F>uJ9hsiml2@ODaNiI7}SOZ~yu
z&Kl)Hdvy<A0BpOMz3x%isdhPkHg>0zy3%y7J*2eVXC`J#Gyow2grGd`Ms;m!=cg-T
zp;KigW{YiWC9`=v1C<lcf8X3UavXQ%>z3+uMk*PlNzM)KdOc!b(u1=^`fCZ8>?{1D
zCalrv9)x12r!D`PRMsB(rgics#pJpci0$JcBc-pHAF$Em{W*?&>oVM`K|($#C`d9q
z&H8eVM5u5lxn{8d@B;w$6Dp&c<NrsTw+L`04(qYeKB#*sQ1P=OXhEE@^Sx}--$_QE
z;EL-y|Id64e<M;ygTW@>i)&fc`Of};a}!o`z*ciqz276LWLJ@N&s<M~?VL%fJoaE2
zb`}F0D*%TiG&W;mg-<q}N>I*y8;+Q5Hf?m)q2Yiw2xRxqh5Q>(!uG50$c)+euNocx
zy4;617-<<+X}B$1Qf#EiI`3_<2kG9eN_wL?eYQl;)de(9b8N-u4#pmR-lb{$fp~ok
zLkk-~d85%Wn-dqa_(Ob?ntr!YNGDb#)tmt8G<C7V5QYr4a|DJk+wIXJdN$y4wm{T9
z_bIF(30=Ho2Vte#k28a|0BfV=lXi_1i!U=2px$JzAxCAD=84i52OEt7q<+d`5uH<H
zCS{M;U-;c4SLRYapNEse+9MC63+&3?W>+5oQADqqRgJ4=i02d2(EJ)N=Tyg+^frf*
zpkl?F90NaMWST5ivBd-G>t2Y%>fXWn_QhmwT9?>j$Vy6XavOD4mi&5z@5g|BWzoB&
zX>vpLAmFtPDB5MHk!QyfhiKeXBs9@>$-oze!D#kEWkYKF6IY)f2Pu2>M*rpd=qDKt
zl6GwU4`j5w0O{7)1Vy8=;%|MzGgtV-oL`d7p3m|qHEZd~?YtIR%CLRcn|`q;w3*g1
zjnEH&r*y`cZ!|@iuF4ZHWlV~Yn<deMoL94B4~;?7wqOPvVN1Z~jH<iXYh{t-V{<gP
zQ@1}N&J|1v1O~^GN?yzW0!I$MIWv6e7Vn~xopWdWoiC4fim3a;u|C>TS*52OwhY!M
zP+$%JFiH3X@f*aqfNf!-KSNMjEM+5cQ&|i)<0adb4<Bo_JZ-L`p^U}y++;TVk&VzF
zXR~}ERh0PT<YYH%^x<0guk(ejt~Y75Q}dR)ZH@N4K_m7iI|aNv-Vf=XP`Fp8@!cDk
z%|=cx903r-HoPv8z7wTRr)!RPw~J|e2d!8uMF8#A3sOCsEH^uC@sfGnw#%3Fj<nc<
zQ}+mxRv#<|M}lw8T5}e?GBC}xRKB00g1<oW%*?qzsc^+*$7OZkHi|cy9N&5Jz)2{6
zdM6jK;6>WDj_=X%l>GcH<YR(7+G;z-<8^$)^Vit9beN>W_ROH>>6K&Gq*J|WR?jZ*
zq6W!Qb2L_#yCt$nMm~@n_v+7_DbB|%bd0T_<YrT9$ZeVeFzHhcIZdIiC@z=#X_#~h
zfljAe(85T|Z+~z4Bn$~UX<l9*-;Fxjt!Ql|f_n2Ik=W|&(RST(%LXN~m*GcBI5M(i
z`YiPh5`e&tTea2@&e$_{xp@MBR5jLTd`OAwDM_A}nY@HH@y^KYp=#4N-lZ=Mo5Kwv
z$gK8Yc+uJ>ohx}Nalv`HxD-ob=l0OfeN4H7ISi?mq-+1xgx2*3OL<lUc^Gt*EIE*l
zf+ev!%HMP!q@K9)&ZAD+D7GESiM?hH%YLbo_I=cNRNWu;adYF@b`BQNHhl;r-i?I|
zFNx?S^RaZldTc#CEL%BdP9RyE*PfJb@)^$NbZEaY%frbD8-DqGM4;1GpZAe;iHcu5
z7OzMxz@;2b`J)27lKvn<Rs^5Be^+#`g#Cj8DVexN$)F~gOcA=?XTK=n|MM4h9O<Bl
z;{baA0WVj*+mP0<+<I@I;<>U{Qdp1BiOkd_X+aBiXbDUrac^=;+DtqUL{|uP*<iE}
z1s9Q@0DbPK<9jDF&xfthEN4G16~CZRDRFjIeY{-BoH1WoDlwgH<9{cDige6iG)z^a
z10sQTNGxmM5m~GVN|1P!sX7Bvwh$bsAtr`zC`|C*k@gh5?kgW@eaqLsd|1&qnfLsq
za+B&jq6t(kC;bycE-WU8o???|Lg8RGpFL)h*cs=qhQ8}TD)@AoMu6wFM}l(hy4qtL
zL{!_iwiaCZNSCmYk7<TF=`wy5uu-cXR3dDySZCm8<XbBxRqL?UWKRrQ#0UKb2?DmF
zpu}xxO31ucRyvSRyfNb(m}6rv$R#I8S3y`a?q&KZUG8?sivZk%#513xD}uI_)nD`N
z<gDiOJ9AL%8E(h!%JPwMXin9A0xCgL5g6uSx*aVEM9%I#z67UVc*|6~+fcvjC${-h
z2rC1>e~EidFSFv7dP8<C?+W526C%oC=D2pq+Y_16&g#y|G$ww>Lg;wR@BbsZk(~YG
zIZC46<5g%9pFi7XN&lcKA0?%-C{r8_b2#5w-EyU#9YMMTy8nE^AGy-~&tRYM=c@%q
z<Hf5Bj&&{N)+yv^^IDNm7d9-QD1)<svm|ZF$d0mmS?0v2nbTL$6HV~Lz0pdyWeg1i
zgmS`DZij17079dIf#JxgWa3G=#L`dI3jcp?>VN)P*q?uug{eUMAwgtKimo)eayuW=
znvM^$^{AhJH0u)s$GpU3^jcC)C)Aj$Y*{g4afdG^E(q@`d5)6y{ZF9y^=^o8;5={r
zUeMXq-Tw&PV{_R6LmEKwL@kO38OlZ2aDaT}@IX1INCfqQqObD_yEyd$nc#v@{0LZm
ztTTrzoS<JO_C#>aDTYbSMZ!r9`Aw-GiFu4vI5EiL!o>DcicZlO^r~N@9(PM5BZ-um
znQ8l2lA!OTjIL+Ch4gmn>)7j(&`k@D=5da}6hxwBal5<A*U#Mi@VL)AqIza*#Hi}c
z*bOVw1>lmi*Zc}=XSIAhwK6iD1Twl%tG8ij(gteQc{xihGx>+`z{wL!8QEZCukBhS
zrM`@cB^E@1(yC-gteFPJc~qrH$7ZHvw(@cxI%1^B6!Ax#4}UwKw<yOlo$-1kgKL{F
zG>B=|3(64RV*?RXB{Z5wWfvj=lreLQuqbl)B<Cxy+leWh6R{?qn&GJ53XNl<Vcq2@
z+l5MGr%ZXJ@DaS)$&UQD)-G&=kQn_=96$T#m@sj{&ml#THcDrD%?s>oYaU@E6QI(}
zb9)MUWaY|;&!nRcN&O;<I6~V&8;h?^EKAE-<uFF6XPPqsA>K#dMZ_nYUf2=vpk}qU
z7fjocSWdDu!0>{WzJ`QXii!$|{+jq}_on?WT2exJf`!1BTDF_)h2S0g;}|;-XZ7yS
z_AM+367@uoSd7Gsw%Ddb;w8$l&Av>cd`rqX`90~|!S#{_Z%#-`nY1l7rzxLwszkxf
zyDco@73Nr41Y2@YYI!F+We9W;hHgT^rx(wLrzcV`dEJ5780#lb2TaLyS|z$dbfE-b
zk%0QoXiCu|!3MfmO=h&mdDZA`<xbAp%M5wMgl>;+#iDr1p?OB`TTEK>`-&8rZ`>VU
z0r;<N6wZ?Koup_DC8duujAjQ^QmlU><^kWDB9|4)gm5uvbbjb+(|Hr83yoh8e#C^V
z*D@IQIoXB3*h)odWv`I^W(4d2Z9+Ji)v66|j;3w0SrT(1*^7|jLjIvl>~L9iLjCrZ
zZmhoL)j<a1{51Y)-h3)DLWlzp)OK)Eonw^_Z0Yg(V01gq=1cc#&mJmEoXXVfd5?TN
zb>PH|B<?1NvnM!gEj$cqD>6{0@)z@=$1{0c9JyR0d^=~?Be$fW^3?7rvS4{Bnz4yG
zE#7VGj+|xle7@pRzu+a;zOXr>S`PdpPkNPit_*7=HTUadGKDe7Z>U^A_9U4qJf@H{
zYzB|y!8XRa^zm0#89g}vcd(CWq!mX<GGB*dJP+rM<H2ufM~wO(uQTvZw!b~>@U;8>
zY{%~YibrJ5kV+Z$)o8OImd2Rr+ai*(!Ep_KqP&sFDCy7qk3lT@*C3`3l&l6D#BV4H
zKUEYJ6^%$z0Xg*!lS4ZpQ532@%;zxjCYoveTH*mF#8$^P_@HL1&&q0l#E=w`==2m*
zP8O{cTdf4;E>=VuoK+KuG*L)Gck02%NXqgzYG@hCYez?s$e@6bYG%`hjC$+ez=B%)
z-SKB<9t1e!=j=~S6x?X!+SCuUIOJ~Pi1XqA6oBr8KIofj<W!+;VLMBOYM^lkds3wm
zKNGi))Ob^n?}2cJyo(5Q5{!$<r4P5Fso2i-5gl1ZB(wdCfK84q_ErbV+lb5WsfE1o
z$F7l<pk+-^D?S^W{0fIX9v|P93T=AsIXRtj&Aj|dcqR)KRU${iQPag6Jnr&kfq6%6
zaz}$GP?)SLiz}T;6NBl8Ae@+sb-?3do`>Hnhk2LGN=FTp7+1}XTgGU*oh@jy?#rVb
z9&n{39Oy^?(f8#mZFUBqF-(mAi6F?yv`oJP$B~$R5dM~@1W^t!6usyrp?1RZ-3b?Q
zw#3dgmZesD<J25=;0)T8ORmU8E+pMrL>rf68ZysImI|6#sV1zg&11azNc!Tr!$PT)
zfHq6@*K9k&N?Q4Foa@c)-Kb<aCN=Oqh|-E3{WwdEM_`!_kIY(=Zjeu{sLl@cbvmKB
zqr}kAMk3E{b7j4V{62F~nJcV$FhyH%D$i`8NKlzhO|!R`ZVI&2hLeVPF~s7o8o7_$
z>?Fc6r+B?*zmh>L%f{4T&0ewDGx&q;8`gZ`r^i|r@?Y<su{sZC<_jo+Be>^UiTvzi
z@}<=mir`~5GW1<25+R?UsF3Kd?a=RuID=bTdS9nMK$pPwc9<2;l0u{Bn-$F>WWuy;
zQHl)yB<S(x0)e@HlbM7dR8jbN?X#K5uLzC~lJY}Rix#tWWC`yxaIn$Hk_OZmlbJ*h
znkDJ!S;}=1j80~CNe-AVE8J4P$J@gjSjK3~4F?nAtMkR>I_1!Y_FKrr5ItIMI8t#f
zuCwy93N2Emk^58hY!>Y%W9rETpBj>S3=EyjrzC=25F{eu$W&B<7Bk(=*Pa42-adm!
z?+1@I$5usOCMAcXGe&cnF=@HMm1&dVOx)F&@Q)NKv~+KZnD>v-z{R&F2FuEwEtMN7
zmX2=~3r+ldItg#*`O^zjwV6)S`Z%;QBBa<0IiQk<m4I=k6PSJTlj$2F(#kCc5D7RZ
z@r@Fs?QWJ)IeNgjJf4xCjO=KbbVYLYlhEBhlP9)28S9mw8HpiGXmnCR&gP07x21yC
z3;VP}yTi=_{aVnUV2o)XEISaNLg0kk6FHsPZVtyo>oa)4^$Q1vD6l_%5JgwzkiuRd
z`{A#`I}f0b6_l5g7E7h&*GWulsq0V?3)+ZUsdhG%5uYzC{IH|#hk65h!y$YcUp7gY
zq|Sl<yu``?6mEe`rdC#fj<|gM0c&_)=jK3Uzttb;DAr&yMLbx=%X}z@(J_n;r{AtK
zRIbN{)V;L@9Xza5d#g|qa}=3TkHU(>GB{0?s1A{UUb~hJVjfP=vw@^NpI2^>v1D4&
zR4CBlw6U2QjR*Z>+tEbcrHML|>t&orOpg|Fw@jNNY*ARFQ;AKft$6YtLG`rlX0Nn-
zdnr!D$Co=ht58oX2j}swUabMfoa)5o54Wv?0*Z}K&(8_m?sn19z@Oj2oUt1fBF|f#
zQl*)7<ibNy>}R~y-?a*cLd?+Js&tBrq31L4>T#8SZSNVt4|>MmV37iNpdG38;*SCA
z`kM-p3i87h`W^IA@WJJB0!Ec!Sa}XxG@+~5z`HT$)$+c+Tu~$ccelNa`3|O|TZiH~
zIg#HZd;L)$@Zr)7i5bs-{zVXA2(c|DKx*@G&io^`7I4K4J17cWrw>^qMh29Sp+<<1
zyw>0}D=@pyT=8Y|db@PF+p;U3$?1?+=+=X3pnx#>C_sH#6X#)Ab`&3@FE5mj{bOpm
zT>}c{sec|oK?UZ&ZQ;LCDz;K;;`7Nz>+ynS$~*X2tT+Biii<wt-v$j9qg@J<mTZKP
zJ?7Qsv^?5!U$^`6qh~)3RN{5G=;LYJHDSXiZ)Cuss?$pDENhxiN`o`?JxLcvkd8Qe
zd=TK>s{IhTxU*b%owuKVAKiLe*`pB55Yp^!O40iF@$F;3TMaz0^9!Eby}P4?Bl^k3
z>FHu~8<J(U+L+zG+`HJXCoAn+IW7!5R(_9wy(-x5&D}^~QT12#d_SUDoJcd9-7^iA
z?xf3UQ#gpd5Y4zz<#_#dOo*6-j6GQ}mPDGXF?+dm+gTUGH&B9{h=X<JZe4;0>v<i2
zFqP?i>8UmU%5Pb~i+ARnWj24&7d4Ai@ygdZj1z(1>NZ6+jCd;l8mp_>WK=wuq&=h;
zp-!&zQcIi3u|%IWa$Pyo4W?rp7;*$d2fS%LHC<~`e}7T?i0@Q}uiCj7u1Zvps0q@8
z!egi>1s_fOUoAD|B4Q_YJ4T+%J(brUQ~xOzUncULj)3(V5*~XlH#U+C5DM822~%M3
zx!8}Lk@mOAnNQ+(cdPy>sSbHjA{D=54DdWB3>I#`OUF7wJGqQnzGc_Y;EtyjH#@hK
zh>RoSP@4aO4cxuIBVD~cNI(Wqw#M$QFo?OFO;f*p)#>ieQu1W7T=ziW6>KCtSpZ#H
zT;x8*>@oOf<TaaoWk?MnMZ-Ia%Po%y4jLU?gZk_^noK1rHF&?p3+I6=UxEi31Jp0O
zh*p%4SB(AS4Ex-LaZ@6Ea3?n?0=-M6c(=<6vqz~QfeYwYU-EfcG1T(nCH04q%mSj;
zAIkFr(L>r+*E!;~`>iSLE8r66h*{V)6N^T6&rjv|Cc^MI-GZ0q>FnD9myl>_Y3b&e
znGcEAt{O|V2!(NB&PRKGXM+%$2|L)G-*$O#T}UM$@7qnrsq*QnOra6_q>d1srS<rI
zqXUX=8{!=(LQz`=wwI&o(oJq8!qH`AkaP9;u(a2uJ<$8)XQDMH*bHs<0SctZ$mo&H
zMFidtdl4qc$j7GB8|mQSmAgc=g6k^}ArBKgIqb%G(yn0K1kV#m17lItClKndLy}Y9
znEVV<PUrpMp9)M%WP_44%^s8cc-|g-VovdjMEY{Ha*m3>2cv$nP*O#MgE9?vlLO8&
zborK>+y7nlxPTw1E%vZAYxh0a5D0ecbdg0=3Qo>TL!$GyK2Zhn&`?lNccd_2>3%}H
zfp1|1sZg&~bmKZBVj#+y<#GuV&YgOa7J9debhX8k_fz9)qusj(OpJDTeR(+>kzFYY
z^ApI|GUB2(C_kU^cP)YRS<}nl`ku*UF8;<wS7ME@I9jfal#U26g&Wc6trHG<n^$nr
zjRc68Ruj)nGQGhg-FGLY!vfAg7vbwpa62(PaXFgV!0%n3DU-#J2-Ah(w7i+K|Au3*
zZNzx{x|9OjMeJg)k{Nxj#@s4Q;KgRs`)jkbJO>=SmE&i$TAw9ka~HA1Zrb+}w8zRa
zn@DPmhEG7CFK-+%rPevZbI?pH6op}Xov2e2I%k+}LIX^!JC-?T6$<=kgt<%_*C~f<
zs+hHh!R|Mm&B7|m!DFZsZP?ZNyyKJJhU9s7Bja2Q2~YqDvrEDD>Q{iSA7Fj#HhJ`<
zj7D^4@z{{!BgKfqL|uKfFk!GW$)A!`G4KuXa%@sHjIou0OzOr~F0(ta+m?!{$QsSA
zOR8U6DHs8tJqwea-T7J)8pU1@nX)hZHl<8Rrwo%`|Fd-Lq6Zm`#z_3bJ=Rh!^U&Ii
zk%B6`AB7%%Od%BgAIR`8@G0rm_#&#^&`B1A?QHhFj;;TU85z<zZn8vYG{zg^pLFJ|
zjQF#FYXrpTp_N!W_lLrS#54M<x}9$YA3S4Iv0%}xl7ID}qbw`vCn?+VL+_y_7%EpS
z#A-T$3`I3z2g)1}6q2lxr!o{+@5X&rX#H2tA%?7wy2A~ubbGrLB|7^H60791)MT;w
zJQvt?k4BEYZ_p{Dialv+eF&K9^!4v<SP%Q}wX=I1U`alxqcfYLF$vO+_-&|i#HI%}
z2XaKw)*8Jo06O}?21GIgGpB5{nJfSediX3h+d-Ne#+(j>e5u1R9>0UBYg%cJMk6X}
zB>r9r*j;IPB%4UKy}gXhJy*#_U-+wAvF*`>n_?%wK*8LCVn*f&GysZ_jthD{V>vbp
zX{NtQu*hASEooLzJhCn?e(ZZo{3`cFy~t?RYaurawb?+nXcVkGGG(enGTpf@Nd~l6
zLiM7?QuOI$c{6nzzQyp6_M^ws5mg3@-x=p)=%*gql<z4RG~1nFovDmAI_}AH@a{K*
zi%B^XVvaAZ=baJAxa`CO^t=R#U0&RB`h3%&)wlKW0%;R$7ey9kukuTUXA+Bk-Fb?~
zd*dJ(EvM9P+|xU6lSy#4(o7BR^toMMh$VsFFZ@twwteFRHvNcnh^-u9@Oa%rrWV2+
zpErna*p3FyJ6bK3*)X%*@xDn`0OR7~zhc%$B-*oP^kUXBIF%25(>xr`7y!B1LD|&`
zU1I=z-y`V4=r;Nm7LwlY!Co$phPJOr3llxMQcCE!t@fo}9T9Eq{J+<(Z96?3vbE)d
z;$;*&eU1eWsPI9TC*#vY#+-E~kn6Et5|PzF0)D5`)0Izc?R*9zVK<32HVp2*1AI{l
z?aF`mCa`)87GM!-tZF};pc9jlU_G<=B+yc&M7n1RQlPh`5GU2QkU-~YlQ)Y&lJ>@k
zY^2AVC6tZRTL&-Y&@8E+j@BD_)l$8hPH(9};~r986+l$u!sD%dah80uY%h;gJi3;R
zjgHjAxv`xM<Z-Jp{tC(1J{9)d%COqm26Gsiss<+WevL?z=UGM~PDw_Z1%L7YFTwy5
z$5aK1*zPi|Z%%jJfpX%EXa3rnno)8>H0INJ#U4RkO|^O=-X_D5n;y?2$gdXczjHAy
z=5A<0Lr$H1ryVAX>YZcnfZaNhGqLAoTIFO(YWC!LW!5CVwN}MOOD#+3E5*id0r(po
zAK{9^NIUOWU%V3G1mx4zvpEnnG!IRuX9mW0Ee4}JkicoZst0wIQIq^N=jvVqCGvod
zf8bl0Y23J_>&mPP`*}f!`{GK8e75U|MXm^nmL%2@%te}~eS0%xt5j4eedE)ye7ah@
zJ2v8dG8v#ZC2ZCZ8LB6W!!;3=ViIyBqNFI^7H}@F)1#25Zo~qgV#3vSGLpwQTjNt6
zb~+uuXv=H#vt&I!O0NTOM!SsD<qIa)JBba#4ph3mIfbQ)qOOJ}XS31x=@o5F#YS6s
zsws`Y)4~xBEV5mtIs#q)iXf0oh5Dr+jrPKKaz8=zv2=jtn+c6;*k9XHKejh*E9Lzr
zU=b1QTQdf`VnWrwWy?(p_xz<q&gND&tsp+<G3vD1T4ZSDH&Mixt1FF!dEUcp69bd5
zzRhMqA@I1pD3ggn;yL0JXI-I8LU6KJwo{@-YOh?(FAdsEn#s*Jfkgv`OKkADXLw=)
zm)_og?G9hA5+-Dbgh>(A4R<VvSG7Bt4Oe@FCUO1doB5@8_xkhja@exq?~M*ey_+9v
z31eHKMT0<>K{YB<8e(gJs8<hAvS#M!ib0Yvr9`X6T|&MuTT>JbEOzr%ve?KZo?<WA
zag^F>6%HsooUceAekNI>%N3fkO3`S$u3PCG^DYx8DKh->0Fql*o66wurp!+?qqcs?
zPV~_6@_{eUt*O7uX2K3>q9DDmb=!sKLlu#-Fftr;&O7Asyh(<|Hy4Y>7LRpd0|Ji?
zDn8WQsot!CT}dIx^u<6}vT>dy({m|FDXG;ZyCOf>y-=s=s!8P+2`MQIuPPF3p08~U
zrU+A7Ek^f!jYpZQ3Dg}y$h&dhWzWUmheNu}p5m&H{@kkYybX+HvsT74Yj#EF?_ser
zFboJWMyf={5|EWhr6Q9)mcba;k4ZN#F0jV4m<3k9T+ITC{lEeeJM_=(4fh}|{3CF!
zFGNynwj%v)I};c5<0W>Q2>ZM~oP-lk{`SGLF=-0GvtXqvow&{)=ZD<x2e&&5#9W?e
z+0e7S(X<>7es&$go>_tpkUue}vr6B&C~)|IOh%(UnzJC0yVC}>Qm(_u+MF8c0+{KF
zO9OP_gD;IGru)STw?kp@qfi#R#@E5Wb5iCLwE}M|zH=zje)qEV`ES`M{}Q92is+oK
z2q{`_1qyF7xCld;UT4Dd>t(%~jjL$Xj!yKYqPrS<6Pb1!&Nli7hk$F!LK(tYF(7Xc
z(6Iw%!iIFE$rSz#C(R&xZ}aX3$#|guc*7%Obe^^6S_2OOC(Z5P>RNb^{B&F=VWaH8
zW1Fjw1l#R2p^-+LBaCdHISGr9+R9LLrxbY>U8o?s449`r8Wmu|{&Z6yOy<mNnH>w)
zcu;3C=kxNWlB7=m)`W=hWmWOz?MG*={M)bIOIwMygvVE8$lBTn)7@^{BXrBbp+fHr
zR^u<z0PHBqMD6yK72ldp52u`MJ3h0u@f;hC=43rve<CWS(KevZGA5;VFh{74yKjx{
z$)#tQc1_|3b52yeD{ml=-LKueof7ZEHR4V*)Oz)z_J2>9Pj;|A?`dzFq3WNN{vJ1V
zq4$XKak2ZN^EWx#Cj)}hEeJX`M>u?m)usr@^a5JGTB{~G3a_Evl#%?Nsj0uWVmU=}
zPZQa2`$@x{_8@yQSEfcOcfKxlK?OCI(3f}>4!eW8Q@-qlY%40d^ile-(dGD^(0Z@X
zd)F%4QY9=bP2QPLA&sqvBXQ4NKO4gcc#$sTz()gP7CWicrqXZdl2~*-WC^62g5Bok
zar7>$*65aHOLYB8p-=(b#f;f6{c#GG$$L-RG!pnI*=zs^(dgdQBD`E~XT#%*G3A=C
zpTBe*HQKHl4%cjj)o+mk3U(yXEm!KsZdVf<Idoy<OQkbJhLMgYm}g!&vVt96O6X&T
zRfgC4m9mlhvFA(4Nx0SeBpwk+UfjvMEFll&@JVI9o*dR}2xaNu6ciYRd@Zh;n4HHT
zan!?F>tR1tuO$jgx(|y=scu`*U~ErgyTm`<C?(8#U@38GCM;8+A^F^515jR_UWw$@
zX)@{{M;%WtAQqc8>;z~g6(C=gl~LGEa+q?fy~M`GD0g>PlNXM%BGbAm)vK!%B_t#O
z!_{p<c04us&f`}I9svE9lp`|{dy99R9Z2kR!)H-3^4Q|*`92(NCi&l)Y2HjJ9$UDa
zE+#d%g2R~1$A!%9X=~c1m^zK6>6R$z2}WNdW>f-}5WYCtH$OFYIuvJsA)z`D-@DbW
zSZdcVc|2h!Ibp5mMg8Bc9PoqP=jjS=+YPqa{ae6g-1kJEWiUGfa(`^Nqv|Raa~4ks
zMD%-(Ws_2KIv?hXzVgZB+`xlGHpvRm$Cs<*-L!QTjrm4qxsoKB4;C7f^jr{R%E6Vo
z+9eZ$#mSYbHPuUE2*Yzgd&4f{BF_!Q^(aQlElQM%QJV4129jJ&)*;0!HN4(vG6(&p
z8Lb9<#SNSh?iCQn%!m0ps|D%Z2;|rA*si0Qab~nQktg!P1_nQ%AE#uO_1?<#83|8Y
zFTgp(3Cp#sspv3vp0U$pcoW)PPp?QsBfpVlMd7PGOrz6k2Fk47F8oll?1zM$#nN2x
zUJ-c-ZyKK+4U_@FD^w`()jvC-Flk8$DW)&9E4xeWyY)-s0s4(yEVo=?2fY4-gFvjD
zjYXJ?r4aX8t_4c<I!`?q1HPwU|L}NXsD3g3XCgY8S}}cc^%ic9Cb+&VR+jWkES3g)
z5b9@o;{LdCwJKb9j}ilOD^Xtj43p?>r!tBbmwBn*CRK2!7u|1G)UwqEZf8IIz?5>n
z12wl~8r|3`?DHZLe41)oO0`aCY*LH*?f{fyX0zp7cxPj%<Ml|Mp-3eLd$w|O;klh5
zQ7`L|m_i*WQ>lo<s(_W1V`<pb=wur0P$|{QUq-p3xCv}#)EY6G3&T4!#%5!x-*<-K
z6$?zT8%*kaTmK=ECZ|f7lCSgs9<Pt)g@_|R0khAr#7<%jgXV_E)7Q(_6^@92>OEpL
znZq2DEtkr})swU^Q+2f2otnMvV8wDVb_WMlhc5ruRSvwHL<;!$@Z{&Cib?3Ly^j}=
zu&>DLXMK#L{OktvFlNX|obj2NxDAkVRP~I1!Pd((+8ZGj9R&~_7uR}m>)76}hPU=I
z-=oV;$KyyA<q%0Vr=z5)_;H%U$NrLtHF0d)hx6nPjKL~lDIlTj?d|7F<>{q@dt!~s
zYb8Dw7b*~I09Th{y>g?OTJP_$N7(7V_Kw2k3U*ds4H+An`uivmMF*_XQDZL#zMQ1~
zHD}xf1ybsKG1C_XyUG9R-`)k)vG?`@0&vP`BrTp~s3w|^B(;0MdRt|ogAD9a&#QOb
zrK%c1(O=rce~sX84OTsWIUShP?ZQ&jUrkO9uHQ3@%J+K|iM>8e8oH+adlMl6gwyMs
z?`mQH0f2uY;J+YH3tFZBp?S3Y{4d-4Z|g>b1j8RWfy#lubNb)rL;JU1YwxGqfA0Bz
z@7r(?;D;dpv1s_;G5%h4WBl!>b+Y0HJBR$Y1zZM$abY*w><PpFjqsmO{iwhF7@W<2
zDdK-yue%VK9&W=~xMKakQNZpdwW8pD{iy6UIq-kUf7>r^VlbJwgl^)B{(qx@CwuuX
zv8WZ5vn~CXO8zC2|I*2vzha>~q!zx|{~HB-(6B}U_b&rVTa^EI!v1&K<Y3E!&$%J0
z5pN&GiKu4NTr1V;e2$e;Y4j!oKf!B)96#3z8+Ci#WClyL)M)gwx^MHJk<gtXfGrNA
zr({tP@;Af983LKeD1(tq*A4F%u~=&f85yAF?P`T3H>>4+qLJ`wlLIG#AF<`gN5D2}
zLC{L46)9f;iazV>UXe&*V&X^Bc~|4es_PL?y(00S7Ax8~{g8LdtVik%zUDYtZ^YYc
ziDmf<^N%s<OZB%`zh&U>^J77mes!HXeNaVkn*&eYlV9Mvy4#~|7Afh~<U&&VVBE~j
zB~n&$y1)*mj(^X#@LIwZ`;11t2TE;!A!m<2cWKR*JonSbGuh*}{r7@|*D$Sa`oGJe
z+oQ7ZEd~Yl+IR3fA8&fM6Z1$M;bCt#{@2sFSgDk?8y=#UO0ya?!s!jgT@JU`W5O2x
zR!7da5gGtc@N*7-)$?<ZB%`1VAy;~#dtMUyLo|jguJhdP;vsd<Chqa2pmVwVzT`jc
zaKCB(n4%-;LBAVj^}O~yg(HJa;fcl{SGAcZf%>1BjUFoaZN1$VoXF@lBuqxF$-d%D
zrttT@>>|$C>J8i#b3dh@=xlW)<%rAq>b%*5&Rrb|o2}o&-6hW4v$k8xNh}uaaU{Q}
z&koibzJoKy5{$1zID6s~JWd^=;GT@^!4+b2`M|=nU65TPiTOC3v7aoR3JBPsw$5A_
z&8{eJEOslr`4y5DzKp+^`8w(T@r&B#M?Kgbe)^5(iGwv(UVX~xb3A;h{*DwoIO<!d
zn?#n~e)>q*q*VF-4fg2cTTYoT7{pT}&&~;N&wiJ@O}kbef@}aHJjU7NyA--*x1WzA
zJ?r-VMCI0oKX=+K1bBQy4v>by{Cdw{q{%100S6n?w>k}LOk(`iWnn8O*NbPT8Tm`t
zo#tr9YRF)lMD8;Wx%4|~^w}l`8t*Y5B}S|G1$3y0K^h&Jr?VLbpp^J(5#B|{w!V>R
zVVYi`#dQj=F7Z9)>)jmYYS5*zdu$$`oU1y!l&N#?%GE+1h>R01Z^RCd-!*Wp<^t?d
z{k^=Nv3+cgr`<g%Tm#=}e<H3rq~5K1JS=S;YAaamcRDdOClgoKW^LcXJs-W^C!_Q9
z2%}HV-Iav+7~z$##xBv5#kD>fSXA(@P0&xCw|nJP1EbM8o;QZZhQVS$UHdI)16%9R
zjx2J-jN3%L?$=kozKLZ*cy02V!?AZb5NrL!U<I$Y!}N)W57<*IAwmNSxcj^U@2gCG
zvp+#{D3l@0WQTNdb0Qo5D=Ve{xd8<YV=zSe(8CfX!v83aLrXgmoiO5*1WAa*$YDG^
zMn`kO67xrGZCHLT0T&mS*2evwJy@&0z9JAraV(lh%%P!suzwU53FnXN$~E36T283p
z8-{_oj4k%FWcFg3a*39}IG(iD?1^dSl;`1zSj39ww&$af-Lfz2`$!=i3q5ek(X{N4
zh>q*OlqHI#%V0>gp1<wG_u1RvD4LN;_ycNkHQMWh79~yE8d5w!n)}^=Uruby^|?O~
zvUfIov^NcU7+aY_eo3A|F2foCu80h<zK7X!Q>hsOSB4SFWA-1=%amUW41jEvC~*0T
z8WHC)@IZ@eIS*o<P8HjB0gN$~<kzw2$7$Pi;R!vu$?mg1W)wu2zMpZTTg-;a9KhTF
zF#7B(my;UL<k81cU)G<Sa^y^q>#t+;2%hG7$Kaf{9Z2Pj!}V0~$i&2eq$jiX2TG{X
zd)=f;bKnq)bS;gm$xZx@=vB!}1KA&WNb;TfMrP*%xt*NKSE|Fw?-!fhvH}|D8I6Zz
z=Bam2e4c~HN#v9pH*ov=xfVuc6SpIAS3VC)HRpHel!^N5e8g;_Kk6K4WLzB{ePTf=
zyoj-}D_WUW>S&nw!&$!^vKLHy71-||Z;RpIwyPdjt<U|@zPK(@L0S+RT-xD}jRAoo
zW49A31Y4mpCu_mfVndug_LQNJOYIp!*gf}*?snOOtAP8`BEz>p$2(l+&+ydR#7;25
z6S9^0JR713z2N$Q*xcT@sY_<T<5`cr^--3ZM3Iuzt-FM2BBk%ftF1OXyKC%b3!+H#
zoU2zmqFCo)?~|Q*9rHb=pC<j%C&mqBi#uRnnknK`lSpYU)gke9d3Of%nMxi#jEqsA
zO$9J-_IRXY0yFqIn<Elxu@|hN9qZv_z{ldMp6bM`lF+=4Rw5pb%%gCIY^R?GPZ3il
zb&Cw%F7|$!b-2{H&iy+qU-4Mu;Gi<=oyLiVC$|HeoADv+|5$S0VPeFbMm+{8v)FIp
zZ`WzKBo)+8DW~Y-swc5WO?`IeY_)~Mhlv>+osSr;Q;0slZ9JT{yU`4uYqt?C2>$B9
z18;cnz`W<<nLRx)jACyf>tcbG!i8uwkPW9{nYTr`ISlhUTdk){mfIPS^hiwQmKhvW
zPC)z{1^V-+1*6fgOMm8rK*nB-uJ;h09vTx+H0c4%nDOL$#3OW|q@veoeT;90W_brL
zwn|yXc0wLDGS}Yt6Tc`MGiF~$<RzkGW9tNDfx9oRMi(zhfnk(}5im084cUD;R=0P*
zMRC}l6ViT5rhidfKr>3IQOZK9Q($ZP!<DT~_N>9NBaV|+B~Z{s@*Y487=tHMKhEQD
zF`z^g`bQ};G^DV-ZfrBq8?)7z68ijTJfi92o?-bycdz%)ZyBw&5SP`)>zy&>lLzdX
z_G4iVkQa-ud+5#8AGhR*hr#iLuPgXtyVBa4AGZRj`fai*v(8LQxWgH$XnfKVdc0f{
zOQ(8OT<r+^<A{Fu=re~9Cex{(x#96IHvEEX>ft=$(R+1X`{O4I*VWq`N5ICxokkW`
zB8k2uQ-{Xw;9ECOTj5wLIen;OUpB8lg7CV_&oV6tw6`YAoLz0q+j*X}?4(G_iDhPR
z>g3-|aK8OX-k9-ur{bam1KMdI-)$%~ZA>b)itt9Ap7Q;WWfD5wu9%u~R#1bvh_Q)m
z!iJ`VT=dB9yY2-DgcgNjO07=r9*VwWOGVE%KqmWpYc+-?%i}ufl&JZ#ls&d?n>HMO
zg3HSNTg_@FYH`cNC9M$bn{8lW;%F{+-iEr;sGX1u@bO}+)Zz491rs&p#R`oOt?$h{
zj-jQ2m~9YAU7kNOxmqZH<5)S&>ye$3E&BHxSEI`*oJ}<iBV+ujp59J$jEe?K9Xv|0
zpUJ~_vL<V_B+NOOCy(bkhXLXn?2fsDH;Tml_UM?%B9}Kh8y!A0+&2Z7`?KCmUCg><
z%vM;CzHBCE7WMie3Oeq{WWFzD>LYSJX4;(VJZiQsI8oU%d?Y;B9oLCC0cl2|R#80~
z|IQ=DB1Y7ShE5dM*=j=O{6#GW({?z4$Zm@#wD7v4<D%ofOrKAb=zRI=n9(&ZviAcW
zQj0iZ<DUHPROrp?z6`+rBo))11QH>wNTCvmDQO0|zEIfFlZ4QO)O)WBN-fsJEO0l#
z)Nax-89b@1A!PNvg(0Og6|p8n)MJfi)vPCMV{w||E~w)VFE3{`_qZ4g&k~53gLTOO
zd<wN1ve%_a!1y7V_ytV;{?RuAkQbBvC=%XEPo4#_OT@L~AiSXzB@U{QaYWMFc#?2J
zCbp)j$wdjN*4X4mGj~}g|E~E=et;;KEw8mT{6Y1);C-MbEPPDwY&}ex9sjSr2hk@U
zp5A8j+O`gJUSsnM^S+WKrb}}g+{MJ>!q3jn2ePR$`mzhZZ#@C??dR}e&Nd^&KKea|
zDq#di<~0)}aiupu_`;q~o&WHdj)^-*n16KVpjWadivuFOJ?^1HA=o*cw=sP^6~aDu
z66?@+NkGgfO>m~m@ro^&Tmf=<ANTiKinDbYV^qT~{Z>lJGzqvA0X}o#JW63idE`G&
znX<#;2yU$7w9Yn~(n|F%XmUCt?3C4_1}B1ClR6@De$!dq5r{^u4N-0vkuZln_P=hy
z)x2Oi?Cs!hZ00dksG_)C@Fy~DiO*m{84FKWXHG;fF0a&mFm?0k$((CN)I+^o%K-Iy
zVzDHeL<#8hdZvzraYKHNf?gdC)~bOCQiH=o`IUvld(9HGjjVg2Jaw(pgcF+++MYy3
z6xB!bWtzHwF7SR=WEH&2ncUU{?Nz-)Db|ExGrJ<}rrPc=-CNt_@yGHqi`C!mD1W_!
zE<A#+7nC}tl!TSCap`muCMPCfe?0t}Tc3c>4C9|#MVWY53~!bQ60)|!lmm5d)SeZ}
z-CNOYyD5(5B5x%?m1$MdrEQ>RNpUbdVxIgwANGwSx5;En#bLE-I4wxSo2&CbrSfXB
z6FcW(E&Cs;&N({r=h^$a+3d!)ZENCWH=NkEZ6_1kwl=ml_Qtkt+fJT*f4KKP|IeJ$
zpFY*q)m5*0mtsAAo)^AUQKeS%abm-K{vrFQW=AM|d+>HX+AoXNIj>$Q?UK%r+4i(v
zO0Oe^eb~7)+sjcmWl3C-=IcaGdzL=dt=+=Z1ZtH~GZ=Ihk5^mqBzoc6E{D2OU^X{}
z>1s9ANdvClMB0*K$y$g917Dq7MD)k%k_4WX_UQgtq3+qZ;&3W8UHnF2o9-CqY!DZ5
z&BbB^TEVdL)?~rJvIvqd-)K6kFMuDQcX<j|f`^2)JM!pdMWx>KMQS-x_w0|DVufb3
z1HRc}zA|5<3EIs<cFe|+*ZD^Kukhoiy>%3dPOuuK$WU^6?eUs6)!rZN#6W|IuK0uE
zY|(6bydSa^W8iIV*$!8i*yrcj6aDQ6yM2ym;f;{a+%lJ{bzo~Jdxl%nd9Tc#<XFPF
z+)i)G&}lpcH^o@2cntw3_WYkxBvkD8bOwD<3Ygf~!xG~(8R2Z(x3PJWr)tp_11_8Q
zB8m%FzLtEpLEBDVh<^&FV`d#5O}v%z-(iXF9zS5gmLXDjLPnG;si$MeS#8#WyuNW=
zKd)02GH{RvoKZ}lbQ(W2dw@4-?S;AEo_Sl|b!ptcjZgspQ2&j2Z?CRxD0E8hKy|7X
zrQpn(Szw4WHSa#5FiGX}gpUUKh04J0CM6TxEAL;ETLuJ%B4J&t=&khkJ!<p*^*Ps4
zYd_%;$yHY5@XPh{$fg0cRjkI)2`7HeqvVCLpt)UF=<~8AE+CNLtfU!8bpMeXH^~Ml
z7^u!Nw6Dw2O{Lzgt?S+34^dcPAaaKTtw|5J9c;fdM?5ZKtlmN8m@;`dkK#+Wj=w>&
z()>NzNoNf894A^hSX34H<JAY6AM~FXRL$0?WDj}T95Np)PNgx^pyQ4gg)Ml9v1@}8
zRCFWOk(CZAwrz>d`gPR(<ob3<%+S}tpgF65V=Q^FtA!Bj+3T>gSdWlYU`d%mDNJ&V
zn|``?xRS>^uRK4CglvsXm2!d|&!0_Z;e`h*vi1iKYNjd#C+$!k{3MzeA@5HKGv|?M
zHYTP@>8|j{Ia;Y_X_a0Z=;e?S$ioxjOJK>RnD+NfrZ+IP@>_{~lf($kw6UdSl9S=|
z-uvvM%9^$ttlC9Ga~<zaG*iff#wJ?HM%{ZI{xEd2W2~t$S!D3Et!d2l8|5u4VX_g(
z<ujFUl4pSq1K;^Or4Z2Wd@$-{;|`5w%kK?dBmj3f--0iayInq4L$i0Y=<v`&(;c*-
zm+zQl4_Ba@M92UhXi=Zzy;Aszz<V(&ABz+}SOG3P1~<QYt|PTDN4m@9S;`R$IT^=y
z;HS}v|5pouvDLY<s5(BV_z;z*N&{nJOEsUg{rT4D{5UZJkI9F42`^y^i`5$6pjBz7
zCT6^ACdu}~mxg^J>$hYBtJC$~w-Y-ApiDHuNxt+B!pAy)y8`4oAG#%P_dVPR2k8D&
z4JZziS)c1yRU0PXp$c_f>fjR$#@?%@zUd7#W^ccR)%5fM{aAURgXvN}x)gS!(85Y0
z3<BuGw(S9-!?~4qVb~$)_T+utMk$z7ZmM;c`cpB5_^#C}l>oZi=a)f%qFMD=N;Vus
z6l1QESxC6oLZ(#^DB?4@j1J$o<g$-RF_A%9Wd(aM4!X@HrlZH@{Mm3_akN?t-EdET
zd%T1|;i!Pix~{DfM)ebvi{&ZItX6OMwXL0C6C07ie7%S^g(cqq;C#6K8~s{q*PQ{y
zkbL>~3iHIjv#Uu^Hw}NR`c!dyaRqf|e**vwt~^bWaau&N#~;P*-e_g>aV>o}_HXOo
z>?DERqtv`418?G4qemrog50MlIu6&{Y+37_!{4$wKFNqj>x$!Keo;cD=$iw!Iqc6o
z91JAnmf372jg<JVYvXdrz`~-7X?yXP#+f>Gz45apF)oIh$YD7@>b^f6Wkn#dFfqjX
zEH>j3n@IN{)wD39R3HcyL5RdbE-{pgL9^rJWQEaqltX+MU8%brwTfmB?)bfCjn#Sq
zqm_8CM5~2T7{+*~+~&_bjRXmTeI_aiZH<52GO^|-LT*4M>~{De_f(yQ|6{tUwmq~V
zbXu9VZW3)ffzW{sy&D}HIZULj=k^W{lf{{bEF86P3{YdF_JLy}omr^U7|CHsGkzRM
zGKG<toV7ap_V!IIp@SN5>Sr*nf1$`bOc*-V6=5}#Ha5|1D&JbD?0F9aT3u^QMGKHe
z253@}iRDG-L_xL0ZnYsn<wfD1a5=(~4P#8>f1C#2=1~AR``xK73dFF9$cTLv@?&W3
zv-Eljtui>>(z5X8<M?DarSVomv*h>aO4_R3(CB_dQiwjKDN?EXbi2*m01sGvX#6Ge
zglZ6&(b8*Uej|R4)@EXy=%3i3h#gr{XN-Z!FbK;`m0z0{m?xI6<EIYFo&LipA?HmV
zT9lJD`mw`q`K=6=wMrqC?L}ICs5jCzK4Z2bE&FXCuV!L9VyN|pzJrM=F$4Ut6Xilo
zu}tEKC{+vg)AhQdWbeMbno+5`w8l|;w3WoZL1GzzKVj_2x~fvQysRjCU85YX0HH$5
z1R5d#F6KQ0moaPDNWyG|!)Qb%R6R`8p8Tv?aW-bG)j3aM$9#E5?T@k70{gaEyY9KW
zx+9Jl`iY{G?ef-y=Z*IhY&r<eRIRb;zS=jC#EOgEV53-q=i#25wkyHQb0tKpKvO5E
zK@#cCwNqBk#~e9@$qM&o0XM%N0j`D#wMq)c;<ip3J{#v~#xs3?g2dpef0j0BtKEO7
z_h@l4XT_G8i*ms?v5nSIPjF?Z4Y4Sa2i~4HM9g3A*yg1@$v()IRy9pO71aR@XV`Gu
z*LRV_OB2~3t{RoQcUHmLRG*juzvZIxpzfJ@d?h}c5LpS2M36}3>M?vQ{~G0J(F0t#
zEcsyl`t49HrTt`Lb~&`%ef}_rXZF4%)`E(Q7S=(5f_6+^G!f&cXN|AokNAy%j&iY!
zvwEZW3dTE$J%f!(6ikzwE^-S_YIN@lo+2sPw|j2L{M=XW;JLNWgJuDFh=_+rH{nDC
zyxy2N;Y%h60UzZ{M-Nf1(6~OlB`>7^h)knf(Wkg4y1;;-5Ean0v3qK0b#9#K!CAeA
z6Opl8VjjjZ(=VrL7m+d=&rpL!NpCWd!8forrkxl`XidBJ=K<L>e7z6k^gRADQzS{+
z8jiPRC%`HxS&xkGeSumZ)wv*8*%EAUnUxvsEZZzcZ78`x*!N{+<ASs5o8Nl&{)+jK
zKtO`Ke(b~juXOQkdFqk!UJkza`if$0y2Fnf*0VMU=i=xG76SdZwIg0v9yV@RBtP4v
z5r|LexjW)@Vl{iD?eun8LF3Vku8gHxTR;e*kX&;Igi3WbcNzVf(O@~8rD{z`2VNR7
zdThR@Pd*=+ydXqMs8p1G$VRb(x3Prx%m6ImW(fvU5PEj`i9a53J7Uy*<>9cK>z<vM
z<z?Yi+r$Jer-K~NVd0JHtnRvR7Zoy+a4(_JNRAdMM)5?mAa^RW8CZkyzEJ4bha%zr
zNfyFzAZh&e85Sq!_oB+kk?_(*7!Oej+K}zr^>0*CY)rVF&cWb#U2h2Cw=@R_6XLbw
zXHae4F;lr<73-yN<NfYUhBYWS^&~u(Xt4#T7u*=lw59vFZnXyH#uBF%Is$dliBPzl
z6e7n%W<rP2{SoL0T?OgVQx2*+MBNt?l0*-o;6X(Z7_Y0rD(?d4flV}f=M^Teix$ie
z=W7S|6*Pvs-&vHcT?bI^_MTbTB$~B1E|i|UK4zWiJx->IS{JRn3Mu2va>6mg$284r
zVk`iYC(OxOZ|mpc`?INKhn!(st+gc2TwA#O&V2P;jSSi7pDf<CEB5&L8N?y0V+k-A
zBb>Umak2d<r|eZ^okm3eqJSiBGuj0A{uRE=MJMlKQahihloj=WBoioiL4XE<Y{Z=!
z4#6;J!^PdOZ`OV|bRpsuBOd6|Cwn>>VAi>!jGJ<s=t+?1NKgDZ2qmV-rUy~0)Afgq
zU5lKy03WT{LSlPl+a#oK)p9;Yt?`86eL`&Scb@nqtT-|m^z~N)kA<(QN=}`f?AIdq
z>rg~`KOk97+kgF(T}83LQ#vVKnOCb<u2?pjTV8%YF|SaraN7PU{PoxUx>^A3pBwFU
zkB<wN^H#M8a3PB;-1dugkMq<G&$gSr#_=?n>K7j(vbQ(71HIXVGT8xszJQ1&;3SLt
zy~xly!(~?~Z)x~)ccN=F^{Y0oS@3}Vb@I=X2P$wAO%T2E`->URWw5uwRv-pp+<np4
z_f~r9MX7<T`{|u~gLxOfzg;$3JGn@Y9mIb>Ever>oq-RhQ{p#Q2)}r1LwPV=2?KuT
z+W>T8mx9bMga@t1w#mqF>2y0pdAHh${<bTbZDQ>E4n7ZjWv^#!YSZ5|_a?RD&6xh)
zFBp=kjOa5Iu)PCSA9&-VN5GtgS@qI^V;t-`uq1vC1mBJI=<so#>@4lQ$IEyb*(t*T
zl!=b$E)??Z<(KnrzhQ<Nk2hx2KT!h|*D+tr&06;gu)BXTOk<Yn+O&opkC}K!evU2)
z@++UIdF(4%7LyX_$wfM|=%!QA4tpH%7MGv@ov+7C^%PrCQ6WqR7dg?siOlmHe88l)
z3NDGYf<e&s>>_lKB_McaiCW=?!a^?H<5m>epB9bYGv~=D5{(_5Ud4%rvE~33*3j`y
z=gPh9`JIdBGqt(0g@%^>DY9?N<FNs^_@eAmuKN5v%-rHKJ)1uuRYt2Kq!tUM;-hKC
z?s%7?<}lw*mBRvB*}DZ($IZZQ$=|8~li8O4*o=b?U@35U?3W@wK)h96QX*=qh}*#6
zfi^>qzIod$SpB-zh`45h+d|e)%uD~(8+2avc$YAR$!`w%{#g6b(|kZL(DM!k>b+9Z
zVBhL<p*McvGqOO}^=9iWnKI}KRMCzs(n*urxyQm}qx@#`{zi72<x0g&iS#r@$KU^?
zvJv4%%9C_l;p%WCa+}VZgNJXwgM<S}4}KisF%8EcwY(niZ$luMz*88n9>UDViSqWW
zLEz`N@O9^Tzb%V>=(XT*TV^f26WQYbc))FuO7ov7y#LjAJY`Dz`h9;iEz&yY&h@}Q
z(bm=u9e)b5?sL*kupPl)e(x7b^O<YA{?RVHumIijMZTuXoE5p&mv5+`Cr-f3kBcr3
zg6>@mf_~$;0dDOMglrwhukQV-#qedlB{!mfRTKiUwLD1HbD`^s-M*JLcnTwIc0BG?
zd4*vXB_gk>^IUJ*Fui9;#HQ<G9;V|hBv|&GIrcAUG!sZDpY^g~WJS4(2hcZN(@SQ8
z0OL5XDj9CmilZs4$cf)quGX*V9@%!N3tb3&POMvC7qq?cl{?vS=s&*FYQHiS>bxS-
z!$FBUPdL7A5S;%#pY!hFDy?Oo;`nHESq*4A_ZHH>!)Q9o`RM83#W^~Z4O5V2DB5ww
zJ#YCS+LaZ*=doHS_cW7ds;T0Xbb7zN=<K2xVb6Q@*U?>7E)DKlG|jf@#+zsh5pwy`
z+57<j{V~Rwr+b3rZacAa-}~Wy58qYci0pc}K2Yt}=f!jPY=&vN=GQ6LeoB9@yFHsT
zI1y!Wbg)Zf(_N*L8K@Rtq%WzB&~`IFa``N%#M4i1)I%=MDc*N%I<e38DJBps)l=Yb
zZF|)0P@U3g!ktXlf6R+c+vc0KiJ=`S`p%43TPWExi685FHutePt@DZp1qBtdOF-zN
z?FO~ewia3&RIp9F{NN?zG0d>;ja5HoP<>cuc4_Ga!}bb)ldUg-&1ppMF1!(n_L66J
zOf{qE#e!F09ChknvcT^vTG?J*P~O3T`E@0deckn-Yl%zra~^QyPbn$50{tt+4W~C7
zWbPhu$C06~N#Aditu8vZMwDSkH{-nw_)Q4kKIc3}0907#+g^x|TV--F_SIe`+Igh`
zL8>WiCh$TfiZhc!bNggXx33CJlne-|SZho+?_v>ovcFdF8TzNvk5v%Xqk3&2G`Hjq
zd36zA&U`c81*aHjkkRT?#7{Ug<V#;BY3P1XVe#7CyP4#8fH*W7xAJG`d!xNv@y`aY
zV=_^rduL%Ia9MDvhK>%i)BOi8ZDH}4emK7qS~Em<bHbR^)s*CrQ)V=nH}e)d!weuM
zovbt>{5Uuu2}0(FDUck(Qezz*7ZouE?2l)|d7pX3i4%~Ib^3URZuH6`+oedYQ1go!
zLG>8q%k4dF`Xl7(h!FpXtAj0!obJfg?=8CPK11N~V<~FT**)vEC&o}<5KG(W54``Q
zVSD6Oi)8FV<b4agJzes@!4gYPl@;e${S?N<-#+z1B`6l%kc+><#2EOMTH!2xO-?(H
zNLpZGhu@P>q}izL$ym<cgL+xz32`>j@^Bmsr9iQhz{xVHsuVW;rZjl`sfoe=_{IJ(
zcBRZlr&l&Dd8!>ln*YX<zS~)Ga;E;^?+~p61+#%*>|Fe@-16KW9A4PFr#oSVhD!t{
z=V#+eJEO_CBCBFj_fEb3{ZjHy7k8Did1D(A%8~CP+@4Xv;3%Fix6KQa2;78dwk6cU
zbXqqR)-WC`DsOFVh_?&u77uX-Q3Tkw?h7X-lRF0)b48BwY{n5?v(pgw;^|lyiHpv!
zq2xg7Q}9n%CEff$Jb@)(^s?mUa?$^RD3(Y;f5u&Z^l!)O4>pp-i_<J_>;A!5L5>bf
zq26A-$q=N$u^~&m1h>7io^R27QAdg=QaA}#`wbZ{k(lAyR7?o~F5BVUk!ss>S3`;i
z0WUB5g2C9q5dxu`FEDfnR;sq|XpdL9-(Mega!4yNd4I_CbLgiGR)1O`$fU;}3()6R
z+HP_6!rvh|aU2};>vV<eT~1zIUHqjgD}~8}{tt_MLeaL*mLOIxDN^kOm*8AUo}jR~
zGX1&hB@!(rKah>d^3+ihH%kg^!>1|1x@kMe!*0fiLV?<FAm9oG(fID~@qTA2O=Vy7
zcuF+57yA#momNOa)rc^z+jD+!hoWd<=7J)u)YQR)T1MQzywUIYMOtqP5oas!2%+lk
zT15}|5f+s#U}`l0p`yFLa4xIS4l>v!{R&zw2wz1pgCetoj&`nNQ({7_*X)^GW!c{~
z8V#6vjbCohg7bmw+YZlqkJVo>0gjBh0vcrANOo8$Y)-^Ib&6d!2tCm@O;|8bo})N1
z!3hb5w*+y~)@EV}jK=z;AD#uIlk`c)BUBF3BI@~p)N<~`2a$bmuP$u4D#!u`@=PB6
zia`S<ev#hb+Mu`0rv1+x`c~(P=DT#z%)QfL02ar^>JucwY+lUzJa3R>pMUfR*qef>
z=!o~g+7maI-$q5XE-)Lh;pVAqqG#HHt9=Hel%KF~9RQ%h%M*zf{^30!9k83@FRG-3
zMoi_zpEV?}tUMp|fj?0gZKE;F2r!kTr3(lDtu*Tndf}2&w_xgke^2zv9WASM8+^zu
zE)Ll(VvoGjn1jolJ2`c;>hl6!U8Qqm-y88ib-LJ{4fRJ`ncTgXO;G)6eaN`k%=iPz
z{%Sk#?L^sfvlIOj#YO#bdnVd;$}PP5@|=ImSK@%+Lt0%u|G?ac3~mUkQlz9+9Uo+X
z;U)6UFRK-vvY2919=$WqSdg1oCleVG#d(O(yfZ)WVJld#^isWh#%{Y#wy?E+u+d{w
zd-D-&;;@?&{#SRQQVS>{!ClEyaIzgt5`BT=VUEmFLnCiJq!|$y(qt-IVu|6`AHT8q
z<$VAfy{%VuMU*X7KKpXLzf*U268zz$eKa$>(>L79k;XmK4URs`2vf$p9lbMf8J(NH
z>EqWjtC1&6<`I2|6}Y%_Wp8u1SHS5Oi`^P$ZRgfG-7w1~&UwDpjlRPp|F3z&**gC4
z&?f@Iq%*|#d+T`yZwUUTeP>C&9sLaMvtBZb4bt2VF{pH6Gv*V*CrWDC-mtw9DmJS8
z(6C=W?cH~O^9#2lb1o&2rXJWJS6`T~kk=$$&Bd)<&`{}tDn*Py^t;Nl{?|Q4U?49Q
z3cHMcGF1=?GN2~3w8Y{kN8jq%X+`u*lM@TJZ=NvWri}>O*>!g}3DK0S<1{2l1u4c;
z-r{pySl5P(g$B3J#j#Ike^W<1azg_$PCTvCsD;Ny;**4%TQWYj9u0{qHXMW2H4`pt
z171dEUcTt{Cq4<*rXd?rgF-<~GKlDYw&)h(c=VD4?%}}l*}e)^{`%@5;#ZX`N;K#D
zT2__xqX^KSn8s+uH9d_rmHs95su^|NN^xw1{WQwBL)jfnM7ZH$lPm4HrCemwl|(mZ
zObONM{GWv`AR)>;6;r;wJUOk;FqH_639pOzTZb+fy3#|zG5YbPeM9C)jUO!G=_`Hu
zB|jhMx&lBgPTbAWz0kHi;4_g|$rpxWs}IQw0N!)mx?;h`e--16fT+)_{!*q=E_>XO
zaO-%Rr{`j-x`?FY%?utd)PSSG*lD0W!r^9@Z(=p#w71+li7PR{B^s|Ib5XO_>f$ib
zWDKgmmcSleW@NSTac7^7DjEvE(*W$uL?`P~Mh*uqh8^-TQ;Uz47_?QAjNRDoFrTCx
zMBPk1V1JGD5&22-8)*^}mm6$AXfe%<KuIcYlJ@*`m7*rr#AH%h9Np4k3Z2+QdjxT=
z_P1vury-P2i68wn?r&D0WySm3RB*LicM>iRO``0CZYo;>y0Aimx?nUjduVzF8Kfa(
z_6u-3$?G1=A3lgMQ^ae!N>)G^=1G%mD>Of7I5pJ`FEscUI~=o#HV#@r(ksUA@b;wy
z4j%9o6Xj}%q?nIU=Fvn5;~>NI?`~7}R7<!r8X1am4y#=U)Dy0{vuxQ8ggW$E!yJI`
zu>DxS3{=EdipilE8>F3_>cbXD0>=8Ac$KmHtTkKFonSpSf17L;Gpz<QldG4c7MQWr
zM+93n;w85vd2#Pb@VePJ;}^bV?ABM%JaCzTvx5C+b8IakanbbRzpHMST7DeU(0ZO&
zi3n=?Q~ubE(0%ly6nDZE=ui~_rcjoU@g>a0=B4h2QSj9=DkmU)6B%|D<1csINOISv
z8Zh;+Tg4eCK#KYi$I8Ehm&k<ebXuP3h|(Z<Z+jz;ajs`smg}-ETpvRarhYOqTz%?K
zraDmJjoF%N6{}Lsn@u?)2L8l<Q*OGs2;u>np}L`b2>`i?8J~haHFR*Ws>A@(4KQCx
zu8@fJcQlVv7;dFr;oE5!dbyClj*y+z#){zESA{@V1@=CwiTK4r+b9r`r!askCF*Gy
zcZ})`vq(g$2*V~{0l8VFw`e)Zw@02-{d<9P1tT9p6&kUq7}2OLDGRc1Skgmk2tkIX
zhNvfyaf^s?_1AAN%?Jg_IAGk0Jf)d!Rk`YFU~%d|+lo_(xClkkqUq#Yx@nF(_&uTl
z$_IfE;eyh2mJwhF5U^t=gE?fCLQG6t!j+#Ul692-X@;i%-uS-@BAdmK8hE^H7#}xi
zr!Q~unA);ov_z<yZSB99$tC!b-C2OmL}U6{v@7<I7_kWG2>Vc7a?Ne*gHi7ELS;>w
ziLn4WHLB{k{LtfZVU2Qf@mY9TcUDUoD0|Eo;RYcjebjDj<p!zdtmBnam6k+OaB0fq
zREC2FF%jaGZA`KNVl1)9E>J%pAS2ZZ2vwUAD@u%MxoD{~&Nm-pM}^!2AeGtm5zq?U
z9jd=I-NkvJGk{A{c@36gt>tO729SDzlB7e^vR}U26ChewfX$9&`2DbE6ZoqdrvZb6
zGxE;dgu(L1S@2ulg2q(vS7qM^**=r$O1bGn6<}TT%6>8Ep2C2FSHVCb2SZH<EMXWF
z&;*6`00mW0x|}^1>A@J)d$?2^lQ@@YI7J9Lm8AHeb8HG8h2%?*1RxS8Hd1>(Dl&cC
zsZD994S5OVtj^5;9h2p-r`aY}!~qV|ttt)lM?@s33iJt~mK%=?Kzs^pyi|`e?h}BO
zC!9bt+j4*^6tzQUSGqUQkwW`(q%{p3O0OeBTBEs7{9V|AzK1@I5!E%^{?aQZehibN
zkJ8`8RBT}u|B<>AQ@bmHOiU5mH<$V#FeyY`m~|rv7i&U9XK&EZWllGdAF(PCcVJ&N
z{)%dt&rYI~Z!ciJCv6+oQ2@JQWft>ftN|i77cr9o#@$*+C@kl(M%<l&$a{x|D?&6K
zr;BsfbkKIbHj7ysp~Ll#$&KhnuO2W5#R-}%cLNsy2D;|jrQFW??y)~is;U!eXuA6k
zm|@vumK>wR&VnhQR=N6y2{WC@lpf8Ws9$|?AY|HKkwtd0pxN6MHU7%g-v<B3C;nrM
zqW(XVA=8VG+Y-zZY2Ojw9+DWr>hUf-j;n_@@*%(O<U;h|g3I=xt^KyH$R``*RUaTL
z<BR{LzRa&w7c@bq$O%nR?O>n|!ydEVXou2`skSDSXtLKKuSl0y`%4SX95@T6s3P8k
zAl6klr&g(Pf#5~YTgDt#jM*!;9AjAeb)`WsNoC@RNJwIMNDT>@6C!>WW<=hEMFA~d
zS(V3iuwHG%RiB6DCg77Ep!!snsh&vUS``4^8=~Z@HCkW{hlR(cBti2l<)azxE!KG9
zg<%=ah{+0nr_NVi29VrIaF<pA3=*!wMbxao@ImzXDj_wIH?<`Ps|!&Nal|F!QZNC!
zK@&mRCym=S2>hkpm9Ti$y|fm=fpWs$=Kt#@C%=P_*56kPqhW2$gk3|Ep09>qK9hrl
zX_$x<+yEHEr0|Gj{KJZ;)fKqszPTpHIbuA!{iHO<U!kx(vE=UXA2?_j{7LxWBWYAf
z$_)twuuv6C-hjBM{PJk<4^s`n@J9K6NN+4xo!-roE?fZ?X-{+y`@#nY&X|sr^m%Ah
z>6|2awEUrof%0r84VjBq>o3IwfB=9AJgU`l#Nf2ObtZ8fm!LRBVnNoWCg+GA`Aufo
z{hWipAC8e9*%-8?Ox!8}@Vyg58A8M^J+Ybep*4w4G}`M8Q4EJ&EUk_T^Zyt{6tu52
zRC*nG_?7QBr4S=mIHth|*`WPG=y9p(O<i0<3Na1N0)YOZ4bXB~A+$1LQ1b(Udc-*p
z*f;4q+^P?!6!<lO`Li$&|Lv=I)-qy{|M3r&(J9>Xr^Z<C#V0($17nT-=6a}7a<S#r
z1fON)3gM}iyWw@Z3~BsTofKIliEX3pobfIkma2NXo#Dg0JF^p|mpJ(-zTDg8?_rck
znkN=QL35Fwj@B`rbLF?Xb7KFx;s51YeGLSEO9V)zHN=B+xP^RearGYtJIgbaP&9yo
zr95t!OjqEcdg>LBFPOC$02KOL)DY|`{_MH;3Ar{MB#$GOTXG_Es!&u>e<q+5)FdVD
zEUqvRD@>f76b+L?t0e<kBd~>6>d#i<+B`ld&IBx?hZQkCWNy0jg?&4v@y8>((Qcqf
zat|i)2*!>cpZTx1_YwJx_K(j}Gws1L?m@;6A~&j|e-G~mqdjJ6j?(Q2Xe|CcTNc+V
zm2VX>Z?}qWCYL2X2$$FboQ>$-=#<&(6BnaA_IE`B8{$3>y;vAA79LCOog}eKs2Rc#
z4{7@oP0}oF8%!jG3mkn9-1`6S89Aa!vTpM7kuBTb%BOivkQzeWbH-bVWU6iaWFc0_
zXT#lMtKwpq<|TgdO&0q3UYc>uhXl#}(w8C~zshG{$U*qne*@*hk_R6uofizV1z`4m
zmqGTFGved(3MsV#63d2`q24QIX8!Z7zBZ7)l}G?*`W&*hgj_LOH8H$Bwm+!p(+#po
zL-}cSaSf7tJUk#*o&qcLFV8!jem-pn#vLH)4y1t#A>vLHX=K2R+%Ly`fpuXx>f`Gl
z{XsV+3=k~4<?;X5Wkvp6fW*-f5bid%<HjP0bT+KJ<6m7an>VIk6gb&76Ga>UuEir(
z*1MURYE@trY_U^pV&|uF2#osBm`St?fmS3f33YsqNwHS$uplzE+9*gsfx_9~Xj>Jb
z{cFGRglgK~spE={6W*MO(YbT&i6ARZ+iK5x!(+T}hB?P@qmdmH{WZ_?`XahjNfF($
z_r}IEw043MX6pQdzHkf<;&Qu|LH}=g;GywGaA$ix^g)&fIdNt`f#aD^F5F%j!#moP
zC%OK1Oonqbyi@Jd4Z>v+{~KK39e$I39Ft2I*k~%N_*)@vDQMvu^E^o7aEP1+$<gOZ
zDS6Y^1OKO#KK^;jIdN0#y~JXDr6bk9ZpKSE!pZt<s>=R9TCvGYQ-)0O*}KXo#r~p3
z^y`0OTAP}R;+lj*6u`tZzC}(6OHo^;2=($1tWGbC#M(JpuHdHE(N07;+9bu+lGa+9
zSfv?pCn-caJ~FPH#;l#sTNcq6ttg$^lH83oaPb`9Di0=epbJgn)5Y2_M93>D<SsjF
z+S6TR&f?=|eIvCrPcPF&uo`h*K5A6|jaA0)iD6SkV+3mE0$pD*2NW6V+jeSSx~Ih~
zdQW=?R`WizwpP0~e)D#JG%2QA3ZQs@L^h`5c<Yo|JRZ3mNw@9|#LBaE9|rJTjq)?v
zY#jxYTdrfjZe^XsIB)52ky$eEKYgieJ9bWR1s$^wh_=oZdB0#*cI*)Gyv~#*<iDqM
zppVrz?U#o><}-e~@O*{dPA|ROCh!Vx$GWlYNel-rcC>Dc8l+WK{u7{O*g`r+R@<c}
z1D~Z{X*Px&RJ@l*`!vR<>YShp9!xn4&=N_l$3|I!=~HQ{{PiN}C>e0(Q?a^(?YQz1
z@I=UQyUU|0$DGK*oZ-LPQmddFs3;z;M<x4#%XK{vbQ4QS#V?BdT^7!haV8B!a^oCQ
ziB;z5aK-&kU0lYnYzmRZ`thk&;z~!!4<cxL);acj+Iv@)<TvX)F0^{8iCE1QMx)E4
z2*#yEEHAP~0mVa@J8q=1f5;om@CwW;=&r-|&PexGal_NcAs&d)PDjU=(cYt0RW+OT
z78o|s;n#I^BCgcj4xO(&UC+-Q)H_6(r}0h}bZ5qSLn36lE?;wQ`+094*{ifd&pg7A
zk~4gB{BH~w7!w<+bRx$hOfVB;hMxryyFoUBaACt1NO<UekvM>_<BYJl9EeH%=Cp6G
z3ZOqDzFIHCvCB5l+V0MT(|Ko$I+{K{+}KWi+%+cNXw$6^0@5PL?Y`;Nt-m2dsg59b
z_-gSkj1bc~8uagzGp6u79eR@+Z|d~!pij4*9j{6<CVqcCe)ubvt_)LP656bAHJ$x~
zh-&qbbE(mUM%iW&+C&KV2OLfqr8HlFK@9|1g_jLogUv>Gb+2T8Klas=A^0A5@=kxc
zR~T{?9LD-Hp_l!;nCjCxOw(>D_thd^V@z?DAJ(^N*(N8nb?r9PxyY}#*o>Gg<dMok
zl{qcAC+rsjmIAcm&NhAH-Qu@{cz#>{?zyfb?&VLXG?u0GJ;!q=Om4E!)*h!WmjTAa
z(@1}##!lqszVwQy)_nf<bjuEt-I`~cIJ20V>hJzqAdpBqwIsB-in^<1tQAQ@V1tAu
zFm6!<bls(IxuoPbYt75(erqZe=yX+7?{Me@_3!8x@$goqPt~wF!lC9acuFAwrvfKH
zsA43u+Z6fB6)vihI`c`etT1&e3297kXeJ6<xw%{d+$0&*_1|lOe$t;+!!ZzXK=6Q3
z%5FjfX8VG#1`(wG<V>;?DK^%I^hU2;e2V$r;^B%|^RZ82@@H`gX@=r=6Cku6TA=ct
zIzS>>mSno2*(rIq%;TPfn_=+BdH;Ih54!{{$N(fUtekc}_ZezUG8z2uFLzVtRRtTH
zk4DmCmf5_;&BGkuDGXMqo0GT=Uj2#^l5w%pZ*#J)KidZ9bdhnFGKSfgWiR|>#;&i|
zNi)I&PC}4hgx6{0%>h&Uv`*l{ZuC0kUoadgGT~=M?yZJBRT!YY#n-?kYia<cm7?4c
z|LS-<aaX=9832#xAdFT3IS1u1m)kR)0_IJsr>R5HMP6<!m7OP0LIc7M$)U`nox94f
zPg@#St9gxE&)oPXZyk%BPAKjZY60FnH<&y)$-1*c$;9N$xNP;Ssruefh3}gHO&$*H
ziO#F<$L-3i_nTFA4@)GBCvl=zN88?8?2TFxonGpY5K8fIS?*kqLfbYUPha8{sF{pM
z9bez)WNhud7!=VfyHchown7(@^w%d@d0b}-nhqL21T+Omht1P%`(*ID-`F#Yz;x1C
zOueo9t1jB{8+k5a^>_4T$DcBs#wM;F;b7)k8|=92JS{f*Mn|&u=bdcy7do@LOH|e*
zJr)>UEr86TnV~M(tumf61(v@{U>9gJqWEo`wh~p|m!hgYpVloF<>n$f;wSoTyuI)Q
zIAgrpy-VM#U+hKUx=R{0-;ZZFcBW~nYZc#dV+?!L7S?@D2%f0!%e^pA3N-^J2W4GL
zEo9H`2zwKKHu&Gbl;2OBY0F}~&pd3`&62m@8VLpr*ma`MQYrM_+pd}(o?)&QTmU4#
zLS=QO;&0?|_&48Zy*{YQ9|x)!caBBv?lLDfW3#n=tg<_U<S4YF6skJDP4L^YRd(v)
z<9lowuwg%8a_tMWy)L61qK~|JI!*s8pc;VsCp<l-XzFHfZeonxU7R!T|1O38LJu!A
zFF^E5U^ssUHLgAjPy}5^!=LwSNvWtJ^(}SxZ<|etD`u$Z$c>;DcmcunpruSCyQ;EQ
zBNa)TaGaWQ1!Wx4>B?xbyD|6is<Ea0g$cJ+wgieiyDp15V>VVn3d1RbYR_rj-uh^a
zc$_PPn(wBByd$luNG2*2(_rFiII2`gQX34B|MBPv*s?R*l^W$pI_dnWU-SwYiw+>F
z5s8$cz~XakMnZpGs%tCu#u!fgD>fvy0qxQyQDy6qSBCe6g6n1rOwC>V0+Z9e01vY@
z0Ka8BKPeQo^5x6I#xo;*>xJ5?=bf4B$x>_0;XKCWc%9~|;|fE~VOG)Qjm7xDezbPq
ztXk1dO-a$_ajf)g0;>LcuIN=bj<*lHmkS9x?<F$+^Ag76)iA>4Gdg$HbKe=|+qDxb
zt1UN&n~K!ks#>>S^2QVRlHObjpF65H=*~g1gF2a7vwscdJw4Hd+&A1xnp?T!+GO>r
zjQwhthG4sm^V`++g>{#jicawNBFTY4Z816rQ;(XPkw&{6yv{DT==P8m`qXfhtTwdd
z^*ahpw{b=B(FkwIX(fet1hyCF&C)U(q5TwsEuD#1*gl;%7=r_CzlG#12n;gI`otBx
znJ1TRne;Q)t84~6@r~UEt(@F^<uwEXM&($xogB0SO*e?~Ehz^lqCzbf7U%QEo&8|%
z;3M81+qe4U?I)eJz|fnCUf9x&w=uZl+WTG>2EG8g3!X6UELRj8&@<n8>l+d1^@!B6
z7}#U;aZ3|Ng@J80qrA}@vU+Xf>pjTofx~z`+iKT0bkuY_JyLyqgHdhtK|<=;o9_Jx
z-gK5GejAYdf@qG*=e}hoJbzu39VL3+_QSjR<p<B*eD+oE4UFvv+D*juv%<ggkPzU@
zlQBJw<owUCQX(jDHJ%CBp+&{7K#BDl@}=7~((nDvJMD-e{s>1irwcp;Cz$X`GQeOl
z9(X4!zWA2?n<$g7O7OLoE46CM$LU6+wLI~koGG_Ox(QK}eF(LD5-ex9T&Er8kN548
zlFzq=X87Chbh?(O4go4UXcD_PLEK-&DHNilH+inTu|FwP1!G1@`u2aiUxsXNlX^OT
zKS^RfRgv@qMU0_$3oGXPe4LowTu1AL5`+-w{DCCOP&w~?Qe|u=n5TdGvo_m6uLGvz
zs-xL<2-}1!odMdSQ@wr<zdTou`k67?DLZ$;zlS=Soe<7OP!*6I?yahhU)i!99HL*|
zbERNRoc3}HV6|I-KF_qs%V$mi<oCOX@;%wazSK+eyg|cW#D_jcykjP32QPOEEGOZY
zyQ8O1AtGP&jU*Ezp7$o9eRQuqtcIhdhaV}*1sUPEG^Pu#q>t%<z%@<@H9_wsw)T8Q
zI`$BJUI#XVA$HWERciAhRhQd%Cp9(8{@JUS-+F7Z-wkAXrpXBO?l&zLIkFEfT5&r;
zM=Y9GwGfQ0-YshNdzSssy9);~C598mppIJHHIcDyyoI+f@%ve!G!xv(MxLry@6_)(
z1`6JqlKgIb<C=_cCYer2zF6M1&--w~%D5lGY6gt%v$g@;%?i*KX<Afbb-eie?Kjkt
zsUCbm2&Y3u*D$l!75nwELdf((!~Eq96)U-w7UK8YB@`b%W8eFZy?UM*X4Sm^{lMJ`
z{JB7C*|nZ_NVeSDH=K}M_twRo_EoH%{9Q5Zv&2SmW2(+^HG<zJ>Bx7`U^;v^RX^2H
zM{9_T-~4N~Hq&LTGC*!U*Ao9sx+tzR4aT6=??aGXDpEUuqMwksJQ1{fW^Ev4!xCNC
zFH-8Kwc0aBX#!<OLPdtPa+HOcgc^Q1sZ4qbGPVUPUF<Q~EbJADlPMV&YuiO2bHaV4
z56lP<>HF@1uH-h^pg7F3kYK(n)~ggfieaPTVhApV-L8WJsunfe9_POJ<#pjdq)@HL
z3IKd1UAzA+*TF^#OJ!E#NL^z2(2gj-sHig_XM4htEDI7t&nGSXd%oS^bn84eh!dR^
zJLh_S@US)DFhImMOly)5B^IHGp;P&U80kCm1QEOn*gi-w_4?E2ua*EloeL&isyw#w
zyVzEL5Y?3U{Pjj?A0I<+bU<+6JIi;&MuaUL+O3DH?cWS+k#MI}A;@%K6%3y5^ACpN
zNfpTHz^r+tl3Gy6LR<b|%4Y$zo6+?dtW?74kXOHLc!A(wY4lB3qREzL+#KN>h_cXo
zApVo@wqLGS3;aXTCDJnTT+you=2$UJUIoeQRCG&_PaBF_@N%Va90h|KeC%SVxH^0d
zo@H~=t1i}^wj15&i`b+FRo+eWvNbM0p^nUnN8j{3x6^bIP(^dsS!NX1N|tBaV-ISI
zkp3z;_ub<1`9&vZA;#-0C?g}&e}7s^wb?j*Sm%DYDmI-PF0sM(bmj3opJs>Bp30fp
zCmf*@sV(>-=QqT!MT%LESPw5&vK><Rq^*u$Yx+}Pu}%skN?(Mtl`v|xVFq+pZht{9
zEi*?VoEZuWr&zMx+CI7H|JK=rketngWwB5x?3w~ImsqgaQu{No-E_s!TpB(NdO>gQ
zS&Q0Z2nHcnCfjVWp~{zAbub+emwlg7bF`*c;CbvpP$`%C0`T<nt$TPGpunLbb~cz7
zZrpjIAP|0Qc(A+q*2z@XkP$4I9gL3zU#|6vpy~XEr`m3fhu?8RzWQE<aWxKc!W1F@
zXI;+P^5vA5=WSSYu}1HEmg~LIe52mx;;-sZDa!a|168g1583<lgxfPJT0PgaO&ir#
z;@tbwOL*54$Z+L?^`}#Q)kZVkEd4>GL@?!EQY?>M@>^WVqt!LcnD_ucKQQqPAk~}p
z>0$>S8r!Y$<iC?mASrNlZ@cKpm?x5bg#fAd2DaH`Jg?=bNxv)LFpl>J#H0UF5%G?x
z#$jFfh0)h<DqZu0;$fgrY)Qqqgk@DXcv-GVNgNJ@Xc2t4uG&@ho5Zl*{^3udlR#^t
z926pd6``Lz1VWfmK6T}8+qauJ&}#|RcsY+Q7f2McDjLB*9B5dhswW;<s&(ZNH0yN9
z>09riB{R7&#(0CaOT!E6alFr)0y(VEm2zQB<j7opNVo0+VAB9NHxtdc6p=&yfj31s
zcSV^IKQBO<Zd<ObY^=W<I(~8b01dv1vz;7*Hp%YJk}|>)FFM7d`%Pv&J^g`klsVRx
zKl2)!3v6Of=cYQwuu{XAnqwcAqQ`r?11WYO_+P%KsaEDpMK>Sl_;oP}r!YFRj=yaQ
zWAg4Oo|c9RDeI%+cOF3B;ya*+nX9iP^g~E<qTG-hZMDS<_kDtxE!)-+S>Dv{g`!(u
z;9i8W4~upy3k$Kumi%oO`Y3j4R>lXYOtJz?YA5{i9xx?GF8q(vxRT6%N=`tz#!%06
z^4YRvkw96bZ`THIO>OY_fV-RXy_B^wng0Fqy8HQG&xoELZ&%E`;JuxD4;!Bzl`w)#
zW+dL{y`A>@R>u2$2fOvUuXPs|ieqf7*bXsvP|A@~2?r~yx0|Cuop#>}qq3vNUd+|9
zF4RbK<qLE0ef!;wMyMiLudzFRxTf(OvfGnC3vpJTk9F$*+<150KdZ`zG`Bcry78l7
z^mLVZeK~54iA{<MuWCYK=&XSjJ8GX2+U9E!)!}&_hE~%4kAJW7_c`mwv1zNV{Si<-
z1V-!483cO%Zi%K;TpNPiA5-Y4+<E2@d(2wHd-X>$x23<!<Ed-*=nx5UH2^q7bRpnY
z5SQ`fsvw1|d|0PT6D?I&ueNd8MO}qaR_;}vV{Hm&l{SCHTfXOpQgVYI{JoDJ=U#zi
zcMr$zQVm6H-HQux@#v5FGDb~$4>=ophm0CMirGvZKgsvC{j7j$j?(kR^~O|lb8|!j
z0vV-sIkUGpM7me)LX*3{DMJQRyqqF?OU2L`ye@pXtLTb~vxF{>;5^Tlf`_TdE7t0O
zQcjZzPOKWe+n)_wOgEz=wigxr^7y}N53(c^ab(rx!o5hyx0&WAq(l7XwnU=&nlZV4
zvu7ys1~qk0<=Nl|!Ho%azQ4t!#rV*QpZ|ax6`bH}$HJ*(k5f=!G91)3{62t@oe-qg
zBT880f!!~eE{*dCSSq<=Hx&7>?bjSX#m|5cDu$KPs7sF<AvQ0W#Amfd%;R_w83Khi
zamEGeu%|$O+q4V_uA6pfC4qI|I5!>V)`jV7yQ%!Eb;}xQyA(U$4j~dXF3Q|vx_f&x
zVt3b<a^w)RKnHyX+sx$H4SK!y<&F_kvX>W;fh9<cw$8Azey22anh+2XXLp>CG!53N
z^3AioE{6h&4fX!*@@KM|$6fXM=;83_H&v>fs20QIw?|}Vu8rl_hm~%>6m9xAPe+tM
zkZ+|y<!pa3=&u_Z91byYOaR^<@_wl;lo56o;R@P~{^dN;(Uu({M-rT?lC7P><P8Yg
z+n2S<9Dk5H2-j-{K}4{n#Q8Fz6dBxJ=D?1{1yZ4i5VuZz8O><@!vD5JhndLl_a-S|
z)6l5<4tATH*7V@x`$-S+;XmJzkdBo&KGx)EI5RY`KvOYQY)LFjsc!rej8Nc$Z67KL
z+uRHSdq#I$r6&JDT#m%4w<v@v?uJBJ+d6g*Y^|5WJT(UcK|}V7X5YG|#5v{q=4Aa4
z1-b!)=eb)R>65qv7RnT^+<tk)qOYW&y7sNCOc0C_&qd+c?E13^syuT;;ID3I)9UlQ
z+0p(<+=c{jAz@L%jA>R1UJjf`?J~;5k`)bT9lQcE;#kvrqJ<sdhJk3vW!f-QR)6Gh
zAdwZQP|-!yb%z=7yq1HZbuw?Smw7qK5Hs7(eNw-S;yF_#`u>-anp)suo%Cm2&P<5|
zxVG1^S6d4g_{8fo#cSh|o12!ve@YDSkv@>H&S%Skb#-<AW3=#E1rp6#$owIWQeHh;
z))?l7H3xo_$IP+ExDv=WrgB|kl694F?FL5&LKP&BYNVPFaMc#Yamymoe^Sk}rRqx5
zES&zPV~%ZR3St`8VaUrXAY$M|LiRt}2euTG7lb7o%ZD<Nhn*Q$>69!8eOFOZinJG(
zc{rv2`!ceiyU~zoT3OQf(}Km`6qr5qh+hM`a;};Pxp0Q`=_?fn=4arLjrzIHdX7xj
z3&Kj6IQjj3<iybLZw^f>ck+w(D*snO`dtIkF|<0>AH__V3@$Q~|8F1mSQB%$i!(rC
zq&XBP&Ykp<mdq-x&M7E^s1J2@mykjbjZFJQY*u-CcArFl36&r`eqXY?4aq+yD>bOM
zmm{D>u$iJTfEkg5Eq9a)nN+2KFf>ks$XZ~yK$3;`FpYAY_pUBpR$fx@mX5pH@kqR_
z{*;C^DJhR&<x~(JeP#6G>qx0Bq)50(?JFsnVn9a{_=b#rC6oq^Pe)!d6cyFRRP2%7
ze-Q@4&jLpwx&!?oGWguYn^2_i$D&zMv2c3RqJ+;}-Y#fkq>&s5BZa;`_w!F(RKS@6
zSC;2!L~l(jhs(0<E&^Wk=xqn22`<By_8&oC)tVPlVtS>_xFZDD!OULSj34vV)zE@<
zi`z@it}vDI3&Q$YaTy_X2|}=#lNj-4BlUVc=xs0eqK}t(6Ez)m$WL`x#}eF>D&N+S
zfo)3qMn)Hd^934=qrTwkfJ|j|t|^TF%cP)zX%Sl*hf9|>9f}l_>ercblUI_RaBzOL
z%G-_M&WsB1A<S3&O={+G$WxtyRi!Y7$=&Z;D+4XK9s`+A_TAJ*x!+U!1UQMAEFNOZ
z_?@!LFoxRI)8pu_DKc&h4|YvfI!;LjM+ic5UK2YtdMhiX#25`tTfiAexM9G<a84wi
zcWs9vqWe>uKr)RBz0>XbJ5QrC2{~5<=Gfr{Q<gEA8Ou5i9{OTYajVv6Ru{PVNeKPx
z74i>PvuQzO>lhFjhd~gzD6D?tR6b#-hY?tM>O3h<*D=o{Jvi(aIhkqPQNSPw=324j
z2PX#@<=F_eQxJ@eK^73$&AIu@^@t6FWQ`C5iX`ufUz8nAix4Uen^4JVaD&25hv_ws
z44yRdxAl1KYil4`=JJOp(mQUiW3=m_#PVMjO*}YEF_lbXg>LuQ+vHzuye{Z$_bdG)
zE}1VVNZm-zteDSid>%jCk}JTE<jlD_`=9jD=l=io{w&9#0OZ1l!A_B;MM_}u1aTFZ
z6^#=r?S8SF`u~ECDyc!Kixbm7Lyel7y15aw-|d`yVexQ>tmIsZ)PBpfWz-CIy<qm?
zd8$Q|dWTl^wAlQ!C#z0QEgkegsD_fOeCC<GLLg@74j7an8vSuhE67&DE{mJcB*yE1
zSVD})N6MFi*nS&fnBi~^<~SifuoKN2xzKRYCmG~6sQ*_PW<*u2x6fiuDzP{Kn@K5G
zyna1L%Cqc$`H`OokdCR<VhYkC6%TecJzvPEotNoK)-)uYr`&Yt$Oa#P%#sXpIS2!j
zKnV+q{XkRXGT{8WuI|dhDj<S?A<)c05GmbM1-WY9I5cvg`9}7T%FGBQ6yt1GF^T~H
zgI;*Cjnw*w8cMejIf~2D152FMl>aZXA%0EftS8L%p1zCj-l04yr||BH3pd!0^=h=6
zLosa8Zes&><dwAo$n?*qzoF$V#<{2evGzmUuSm^~oPmQPUa)YVjM)@P#Ytuz<uC_7
zT)q&eiMS3|$#uIM?XJY2I@`CUcYn<G?l0vIRggVHCP5_hv82i4*xNF;l&{}lPr9nh
zcz|)QkqIqlxd|2hgpSa^+{~_rBL&+81<PR{^iHImOet?#ff-9~KiwYH866kDyq=C*
z=$*w2zHl*w8FEv5@f%9eP`LCnKGf}2NdM0oKPfSie@-MZo}2`4<XU<OGMbC9oX61h
zdLLPbkt^LERp?b*%;4L?rWf5=79@sW;G*{&i~W&><0*({I!K`sz9)gx8v9b=JN0-L
zsYd^bX>?jl9ijv*9@HVGfMP|0?s5}WL*QpUh|tVFsR(wbi>HVUU+zBDb_If2C7?ny
z?*PCf5a^14yNbZR?oL+PQnbTs|LiUj265L+bW4ej1GszRMD0oFI{ZH@(a)lP{C9m_
zxA1}>o64uE&(Md^v_qYkX%LsG%ifOuIx@zoDGpcHFivk`e#H9k@F(T<O|LKt9jq`h
zmNino1fcwwDYA*dG5H)CnCO9)2Cmftv)HU35!a{GAOKPC9>f70Jx%z%bfl=;C^W;u
z3WY>Of^?x70C|8qZ{{S=fvsx9BhV}?&SmL}Pv3bhfcrblF?}TL+m<y4mc9^VdQvVv
zT<Irh_-_!;6dYdU_XxmpKX>J?ZZW>N>?tu5l=xBrBd*mSd8_$ybddjFyl)TO%k-Ty
zd*212LRv?${@##sqIhq1_p0TDm5b4`5sAj3{*qU@*4teIj<3$+L)OFnhGrH|j4L8)
zAQjTsXY{5lNJaY;3;86~$FQZ8Of_Rx#c+aMSYw={5`>m1HsD&>z)_kuwv)zIuFe%E
zh$sNiyuiiNjBw6-lKQ;t|K2U1OSW|dk4me4!iE2TR9$65T-&k?2?_4*F!<maoG`fC
z;O_3O!QI^nJ`C;_Ah-p05AGV=^77=Kd*2V(U)EZ^ySuuoi<+Qlze0`AJ*AMl0KUG(
zl+r6GewT$xN&;2*C)RUhf*L;wvJ5fI_g{5}KaLdSc<EF0)3y<;r565L5}Of9TPDFv
zK1!eJ-VukaNKU!S70%0cNq;RTY?4qZ94wO8OFkqJ8&8=dU?R#tM)}Brdi&i@%St}z
z`l<C*4c|j2Bj|opC+HUWx6wg0ygPIfWx(T^?@8f5h!542Q)a0UdLx(Fgf&o-nYQSN
zvF)%|`$jqA6?c*V!t2z6!_{A8NO=^I1hb?xeC~1G`urUm9qi727zKA6#pgqWl{8-h
zu`yq>?R%@xWEclZ+a1W;>3}+R?D@M`a$8J6FDkpy*Mfxf&-4!J6V6fw`+_X-86mo#
z5^~p34stwz*5!Rwl{K@bXAv1k;r|5HA>sS|<IScS#yx<M>a*yzb|R0~pLmK$(_uya
zW|K;PWI=zAiip@Z=1-k|w4+gMzXA9eX?d+c^Qf5R;=XI>?h3gzstqhi^wX5pFKj*(
z<iZu@9F!GIjt!{k!sm-|mm%Leu4EF7s5Z)83DT3Tt24u#X7)R}-HF51N;{PicMI=0
zz8rUCG9h#fi~`NuJ(;<MIm=WCLY9!tzxX}B@G*FRsgNarxP(}*g9Vq&FrzicmB~rw
z)_|qPK<jfD<a~*c7seU^#pc`2*$|fyG7lFfrNjWBe*)inT)s+|iARy4M9;k<S^;*X
zQFe@0ndrx}m{95>ooN*%0+Raajp<hDMG54$-+&&5`tMHc`Y`mqzsuY+{8-hhKS+P?
zT@Id(zcIZthnQafM*P<<00FO|KiTwVveNQ{F;+Wu#(OfStKIo^E5_i2O@;6Rq<=E;
z-&ZOH+b*~Ca|Htf15!YeEe>*q2r`VDtujtGHQ2tppw_WcXKyyKDY6mt^N@{n1%^!E
z@e_30N{5i($?>7AtN213^rcrhWtuGUO2HGz);4=vjio>2C;vJjeLg8kP|B>EjZ3W@
zfj@i^saN0gLvkA*qf@Rh$-4ngLLc&wq<(S#uExZOyQ)$^p*q>mD}m9k_&n?ZR9URO
zRN6&3j{dy)g#Xd!j-0lGf7O^kXz@Q8J4KS;#zN$Ab+qh7`#??sRH9V2pryElAbHDx
zIm{mI538n@Y^hX#o||)!O2@$z)mD(9A6_PGrkAi{Y?qZNk;vX1Y1xezlr+rVuI9?n
zw1QrDc;$vf2!ei4abny@-tw_2;M)f(8!|^pSPGkZ;Xo>@Ngl?VYuo0zZ!^F72#E-=
zTf8_YzfiUmT(d>gU^j5=XU!UguMP}5*z@-ioPHJ*%-o%jteKV{o}4_mr;%%_6#j=j
z`wfG~`+ttUlq98^%h`cm_$<{|Bo(5>D+(}4JASdXASuDbS*M$=Q;M7Lc|1=`&_a5s
zx0+MI%p0NnL`h8_x1|DVjeMqSeJ}VJ^6WgrJuabEJP)!!Q{gK2Xw)Pl{3s&u#cD%B
zW})j>2NlvzXQ35nA~Z&|S3_q<^3fj-$N*AOt;3V&TAe<0a$(VI7jTsQ#22W7eprST
zNoI8ZZoBAAN&$5*Be1d2o{n)%-dUptK3i(DG39K^LG<7sirX(Kcw!Qx9S|udX3!^@
zCG7F-Lffe-N;juN3lMUD%KA_!Y0T&!KRH~?rWtP*LLW0gg9mp`e{-gj0Ar)73qVxF
zSc&e#-j3*8v6hwMh7nfQd!Gl?W3S2kAGQpcX{n}F^}RuzKA<`mAHq?FFmmc5;d&o)
z02?pqmMa}RhBSFM+%@TIqxg-tAEcss=xqjQ3tWny5u9JrO9~v^*T%+Hr=X$9GmX`&
zMU!8F&-!=P=0W`L3s`}QRTY3oBDHVukFusd7FgoS9EUWHyxub*<iVtqgmy_F6E2Wt
z9+e})1y41Wm<PoXgJR<}lA8Z6SO2U;t=(_4{Fto5J{a_y^HZ%|1=5MS#q5<4AS`Bh
z=yc6KA~HHCm>)mFqh_g+KDG668|;EhMJ-t*$@2GuJBjr`KDiuL^z6lp!5JL0l+oqs
z4$1e0g<@RZ0tdbO|1O$;AjEx1N63y8r5hoPO{Jqwd=*1UhjCfw9wR=oWuCX*qQxlC
zJ@`uFmQ%)?Zju==cYD1g3p-OkgHD1Yf=Xpc9F^mjn}^E9XF^jr%6&&b9Y_<*yy`G;
z%wke!w1XX!%Zbt_aVsHbn~@X|*_PEG`kO(mJW|Y2_ooY_50uL6r$utZA|D0PHirER
zrSvqDJYTJJYnU9I17ZjlkTNq7WL8QeR|_^`|IJ<d(E}fmaSBnfw8VdL6@XXbqls>)
zGtEZwT+B}L2FPDW_3!gjIVEOhglEMbURio7USWOs<btNgYuZ80wt+|r<HfwU@@={r
zWnSqdTmb7Ak$}*tdBE~;2u~{s1tMBQ?840ET<TKtbV1;A{K^?KREWg$<W>k`_dvn?
z-4~;Df>f?t8<qqqCZP3wl!}>i9)LhC{7WBY3Yk&=j}Z$1FG>U)8-l)@Jmq{rNrWu&
zK>0yzC>IS(O?L|n(Pvz^1EAFZE0!$aiE~3@k(?uJ<#9%TwZ+_7Q*Xgr5AmIpt-G)Z
zrPq@Bf8{8V14kheZ1?`LW8SoT#)ML5Pen@>mp`e&itm0+QoKqY7}SHc+{F3Ti7P;=
z!lA-UVarIzt&7W!eJl44p?Ps8ycW->%q}V8jEmb_>BPBL{wV9T>KM&iubKW1MGs2g
z@`*Ww|H)_^y63r<ij7R*g=_wkAoOraNoMxNT3_ABlqp1em<vmImr>o(UdRIxJEfMs
zau<fprkLR<3x)c@)(mECf-i^Dfu}StC7#Q`e(0;v%8z%Q{=2t|Cdz6e+W(Id*+)KQ
z)@zPQ;KX;yj+;HHP~?J%7hl;jlz?4D5oxtA!dFDaF*GHYUV+~j&?z%y7m?Y6CpI|r
zhv%<5OlC~k@=0Ke^#0IU;VJ4|IFFL-k+xtYv}G9yX#|)WDj=opJMQ@O-O-Vm!k^_{
zqKW-iWv-78rvBZ*Z)YrK3KQT*m>qlpWFL%a1|$rpX-1mIA$arJy&}QL@s+$P4A0lp
zX?$LL#?o<uo>y5tOKVI_AZ(I9l$hI#i`uR~1gOjx2Nh5*kZ^MO*b#e?;Bup?vb1)p
z+&@lgY{U}}@NG|3>2G~|c<A#;$ZJB{8QeFTy3AWc=?T2wc#LwZI!w>DPS7$s{eOyw
z|4EiB3)N*ZbE4OPRQW6?#<8k|FQU{d&9^&#<B5s*5r{J&kl9vKsHtj9bJjq|w5XzV
zQY9Z|<%g6EwdGuhQ6?eOzrwRRE?U%2L3qye24trD{@B<=NnJA{ORyw@`aQyix7fTo
zpt7BKYrZ4`$|z!Mf>qeo1jc@jF7js0yBhEPkTM$Ss(_zU+fRNKEfXVZ$zw$pNfG^3
zR+>AsrNH$olfIuHT38%O_((&T^2(l=czJ$EEYzBh3|<-QPR2srO$vev>TPud2e&gu
zB>3Q7B`lq<HKB<=LzNeIsl6JE6qQk+h4mPuI5MdYm@;<@g}w$@Yl#Ji^R&q!OVRN{
z2JyA54DDuA^$y&n|H-cm7yG8#TY86tqRv$#+S>>7NruaIDTr#9ZaIu`QeCF-#q?dF
zc*^t6q=wkIv<ii_E_?jo)2B}-O+`tjC2Lz^)YOKliHVSJ_a<7}+@mhnN*PI^gAlsb
zLh0f{%wNbz;j=h0<>--c((1_fFRqm@@A>rzVqVFjqCTA?|KO!dCC`itb=qURdAV7f
z@7*hx{FJY_(Td&hxk`+)CHopl!MYHPkX+28*GNhEsCId^<B6Ug$KzfMilXz$y1LsY
zailFP+)NPgc562(BAgRf#}#Mak9*e_GpvA|LrQH9TEQ+eHlcA!z6iFILqcRw?q`A!
z>W(bw6Md1kBIrv(uc?J^mA3XNrYiKXeplCDQ-_P(Yg5o)#Sa{-sPmmy7n5wqz!^t<
zWa1(Hjpna+`|o0g7Wq9K26u8wCI{!mcqkb8TvU3gl7h3#f}%ubSIf%}k$)Sp8b0`N
z3LA+{hws65$K{ISOo|ni*^80a6q8t%iQ1|o*FJ?emoBodpjZc2#(Uq$!JE6p41vo0
z3O+i@EW|&F9kam}lednR!<@#V^xKVWZLOnz*Wf2uI*R&-LyQp%Txazjk-L@pso=EO
zq&dgMcbEetTg;}5DFt57e4;H<^97MekLb48CUvDzR=DU~rsyamC)O$tBXA7Tf;$O{
zJqtW7cCx24>Q&4=?SevbS-j{?sfqC5XAB~%kA7r_0_4Rp7s_+rzVA<HA*a|hGC-9u
zD(H<0e&)`AJ}>KC<d81uolB^@zROgO%)vw7Z=}e1E)E+k1#nIGgyq0*d9L->eg7G!
z|LRh=n+vopz&rZ&os~~mYUe*gbP5Be13;mh6PkcPfW^K=OK)YLRu#T$*@;`^Nrn(E
zP~*fl%pk23jQ&x*fz1($f2Lz4#*&SvX}P&?K{TpYYf|$akI=}>fYd7AU1{6Ml1BW?
zuEdJfI5(Nc5%D*_wA>IAd1K7C#$USN15{B>PHJ-u<ro>vFjq{T$hn$`v=|9DU>y2)
z`1ACVJDI(z!jv8W0Oe*@U*7S`smuTB9Q&H)7Br%eF=<(69c0x1CFTVHyz4nC$xHmr
zHIfCf2t8FJg$(?q&-Vi}AC`whrBa5&H0x(g(-L`Wp}yCmRC&IDoy5dsrI8X0e)$NB
z=Sth&XEI!4sW<c_s93SsM|APmeHfXcsL>IAUf((cEXI&E3>i_Ck^P-Q%a$P}>z~$M
zpK)dB+StapS*ut5m&G<<B*8h(a`aV|lDFqv8Qfi;3ys%&Cui_Vpw9$3=^Yzr1oLQP
zn|fh$yZFT=gYJA5djIOjIp1$e!k*5nrAFm=Ni+Am)Fhtx$p^!!HMv0w5bK%?61NDf
zm31`2`ACH}9G1F*k(~K-&#{@0g<4One?gYeXx01+z#L%-W&_Es#nb#VJ)xT^Gj6a;
z6VBrTQchsZD2nMn;%d+clzi#+cWQ1TZF;q)2ei@nFAabAR&qm8vLiBtKJeleX(jSW
zA0kkgf1+1S`DsXDt1Xq87*d|G*uy~<<zW->TLmCNZEZ~QCdphln%q7W7`Q4m9mn)V
z^d;f-W37rjFwGTI7Lvi`!ZMMYIPx&MfpyMuXKbKF$(~e{keb<Vmjg&$ELX{QKh(D`
zA(9r8PBiT;w!N}`$b+KJ6-8}vW_?(rO*!6tkUGyyz#Jk0#@JOApSIr)IMVc!Q?&8-
z+9?$G!+jZNG=`+6SdFBFG)hawn;Vy&KYsZZ;W(SeM3=5Mb=fy$QBZ(uYWhIn+46pM
zA@y5xIa;AAyOQdGh~}$*zvQiWYjzy2K49Q(r;v$mMdlihEWR~{=X66S=79&Af0SS-
z<6;)~pRw?x>0Z&{dpz`*FhvbKO*$6+A&w5b+IvKBw4YaiDkHrHztks<384GFwUGu8
z8XFE^Y1U4}U_iP1fWqYpR~f)1fQ<p>;#SU@d%jRKw&%sO#w>f+3FN0qL|m5oNfnkE
zGH2KaDl#nCRoF|Umf}IFV1-9RS*Gt%rK*+}1?h%xW*l(GW78*GQ=l~6nA-t*Ft7WS
za8#t&P!?1z{9!Lv7lh}UVzizRBX(nsWw}VL5_TsO=B~8&0m$K|<3md%{+Qej@*h#B
zSi3VfO2vY$L7!zJrpx*)03LVLkOJMa$0j0-$7Mp~iRHlQ;D&_c+1!4*5KMWBinHXk
z3Qb2-Awce`s%D&C=yP4eH_Q?)<+c12;K-#X=at}oyT^9r2y_3Cq*E&xW6`_T){KB1
z4!KZI8x~V~;qYArZ17BUV^t0^9b-y)#*&Playp;b+5%1Fl#*1&m^fVY61=Ge^5Bm*
zvxmi@4yEIg_GRgs*#M&Kma~!%ApEo22R{J!jJgW4lBSiYdw!ng;~V0xDHnh@lti}d
zKW}L&DB!gm2;By?!_YH}=YZFkFww>9eQ#{BXDHYDRV6!$C1j*qC#eN#bK|I1d_&2p
z01_nJN$5m<#!E+6n$14^whrB}2DdOPUQV}yutv#TTDD6mE2+);0IlD%=v@n2AU9K3
zJg>Mw;PO<KHx-ZNq2j!5fC{~MlIQxuZ&k~%#xjrve6V5t)H_+{s^_R_T^-T#eA8xH
zBIqw=U#YR6a8^VUjrVPw=dtEXT{jq}e1%IliM8`dbGWShAxUjKaij9v9m^LYdiMfU
zG{rsRD4QnRs#8ko@dMfFhU3u}#uJBr_#EauB^e6hD=~M{b4zgvO)JONm8<P|6>Yb(
z$3aS*5;x+$qu64mR7&e7fMqNzT!iB{8E+@T)@7}>)`xe;%LbZY#Lt-?<iI)d>`&Gb
zEY=d&1xr=Cb;t)|)^^yI!9|vxp(-l4aA+iqP{{VWDtNF<oO9@Y@IqEkg<0SGf@5xe
z(d1>RAm#3=L*hL?o=H!2;k(`k5@)e?B^`r44=FaX)kPKV57w{c|Dfd}KkU&^Xc4wj
z%fbR3kCrX3l(n~u?+bO#NRH4=UWUaqMJc6*Piy}!eg>^kd0}1|&?Pc12#f(HK5odE
zQ-NAP$^3PYN*Z``lumJtO#wubWK30bT1i_9+;jHFk%hC~8OR<@pPP-<UCe(i@(`iu
zec6^DxsxJis@y3#%P<&*Unj_A=hlCg!cNi4ODVF;iM0kHiOLhl7nk;hiRD^TY_Wnn
zdmh;o2dVkL(De=`>%wIbO3fi#6~vppqyW98w%t{|4<lj<`eT1<982)`_L{Id4pW^n
z$PF26JRu#IXXOdm#avV2Wb;z1QJV96oDYQO*Yt(2_M+zreJp?M+;UabkdDmzjwIeF
zHY|zLBA!DCAxvdU1R1S1BT`{mlyP8AyWXKVWi(jFC+tR<YoA$?SIuxw^j?HPg0tzb
zY{^UA-1MPi*-FZ4vGt?cP`9yK8w-kNjkd%k2juOeehT~nni7tv5wRDW5ub=+Z0@g`
zq!vcu(SAd-(gme~&k5%JCPUTlsi?&$bBYcAQ_QK2QEM@zEVzeSmQqP%OC_z2NkKHP
zj)^Ebz=$;?;@n%JGmjZW(=MhJG0>&Il;_>+Gtv-+LWr_T6q1p^N(@98FtUP**<C6J
zQQhf&Y`bC4`An2oEXJvpV$y$!AvHo4)?R0FWn|CH{q`b)Om2ll{b*_2F~5}v*^WbU
zGYuCa)aA7~NhE|wQW3SlN@urn^NIgO+}5{Fdr-N$`u0XLV%tU=LmQju>Cr-l5d_S+
z9o~ceR#LQ+7fn^R1Ask2Xi896iY`WmDxh4kP^6r-xdRlHWl&i7?ZZ9(YgAIRQ6=pS
zcR<rg%NE%mt!O`^q69%>Y-v(z6=Q}W?h=eyJ&}lP*m@MtiU$SE6g@*hwT)E|HOe{<
zZt64zu>?G2&7t=F0J9gWH4vZlg)gxW33ZN|+U=5oL@F;^bs2V59_H9+l(oz(p_1zA
zH{<HFY7a{82BP}<zZ3`qk5>GliI)wfZxN6OSg;3C)E`EzI9JTU#v9H+q^mmDAiBR>
zyoGR1xN(dOgUJ#T*~whwp8j_#{J#j7pw}=@^>2VkqIeQg6CW0S;uQSmwvjDazfDub
zwP+NAdlgxa&4{TnhO!k<$O4=FdeuJ(dx_2r6QD+TF7f(M_ux8d?|V5^raY0MFZ?*7
z=s2&YLBY+9i)A4<6m8%ax~};4Q45@%7E6ej(}cbrhFUaKhJ=&SU!_;~z9Y{IH@Nv6
z6xE-LUO(IhVXAGl2^7g1RzS@(HD;&J3r_z#0+_=d=Y;@Leqm(1`)~%eRep^W!7WjM
zIfi2@STmPh3cFGCsd-1jW}CttRTTI`mY2Xom0Y7@y=LyGxyN9wW*(mLDOvss$!+jN
z4?lyxxP&=|_swA(%E{-Q$r=Yyaz9e%b~N%jXF9H0bY2ry2?llqg06IHTRf(f9CsNh
z>B5ua?AnU}vXMBc{pIondjmxQDZdSg6^@0%+SVAcN^GBd+=2w)1c^8b-AzajAx7-s
zp%fooF+~vDsjhUR4iS1>*UfjF+cJ3p%)`rXIec<!o_DHzSz^zFiY=8x8bmFWyu5KH
z&VZO85vMnJr?3k0(NT`n;Crh<^Da5Rg@27>-%%PkQly$HebmoDqQ;XS&<avq&6~T$
z5DK|xjR;kVbpA}KG(m~|zR~V;nj<DxR03TOW#q4Fgbv9#F;@lLwAb@ZOH)gD1p0c{
zBNay7RwayPsX@Ond_hE=G)D1{q84KLPKb8RfM4{CKYme&CQJ(=y?(kG$}TT|IF9qd
zXfF#8u@1F%iiW(KFGe=BN&aRGP{5>5%TY^WPm-#BSo@Yi%sLhUR*>GOlK{iY7i+4-
zG+X3B*%g%TR8dMCqtEKmM7QX$Q(cOrMz#xHGooR9vX75)kJV6dxs$$o-<i-BAY5_w
zs%nf^i_O!!&3%~*H{7#`X_>Qst*tbKTd?1$Mw~YCbQ$3$_rp}F|E(Ehs=;RMf?9Q}
zhH3zkSEE;pp>Pb38pnt9?kar1hzZ??4~`CttTLJ`9x_kC)-Zf+7S!x6e@BE!s4P+z
z0?A<PH$@Z8hf&5SZ+5y-s!fWJSrbg21JaD1;|PH->KRH=ceeY`7tW?Dgqv;kLY0G`
z0o)VgH88(Jm!2R1l#>2bOl68I0Nb3qEuz$G!9U3e$Cv?L)G_d^c7l{iqFyt4T~#ps
z43T+e?I@xE6f&im@CE1ZHc(+N&o)0*QI+@Je;hFcsI;Z&M-CNIS2pxI2mk==HgND@
zzmgpteXFOW!FPC+n}?UAndX)aZ=``Wz;WFW+0e2@{y2UUs$3Q;jH1FH?19Pe0dz<v
zMbij?5bGZEBubxvyuw~>snRU^60EYQcQqqThxk8ylG^u6wQ*F(6`l9XXd&@NkFTVk
zMyR(6ok&lS(HVd{r5}((PU1u2Rj9>J554G<IJw^$5R9pi*i!S>afS8hG=A^_NwG(M
zpfva)4!{?|r1LE+wM5!JX=C_8XOcD|Abt1(2*c{_C0>r^?6{Z0KK+B%rP+o0@lFIe
zbvj*YCQb1svMNT~x`k#xx*^!&k3{hvJNQ#D%-GrqfpMRFug$@o&h}Zkfd8^;z=g$Z
z9N_!?0P{KcmxQLS5WA#U5uB)PMARy|0Xs7$gI5o`5N`#Q368Tki-F1Eez3a*J@aN@
zYd`o@`;Gc8mGm1SXWr&VXO9J}kt~LvfngF|aD$i_M-~4DmZ#wH;qkYdc4ESozRbH|
zFw+{z{xW8cD|DCfg&a{PA{5+BMPC<t-n8G+#0b4|R%$gxK|#XRop;(dN3)U`&9e&p
zDD?F7)}|dEXCS8$p?(hd^S~%}#>WQ}Zy|0rb$pY|v$aTXZ!$!qXhX5Z*1XPNC3#Fr
z>y-k)BaeW=*Bk8hhG3}7%Dl20JwJ|T+n=)h85Xv=mMEr7mAyLD0R?We*&(}BOjW6=
zkjANuP2ApwXfrzq)5bWDo5B)cR!Sd2O5FnQh>ZE=^Os4jW5AK^kF)aOPXkhas<s-g
zv}_SEmki|mn)nFslZVxC`daLmjJH+rWrFjvtEEC_n#Zj<OcQ0e2=gP7sz#PNeR%=S
z9m<F}((ZlIByp7(4vGF}3``&eOBi<5Pw1`$<e@?G;PE8*$X%H$iY_cK@R!NyKb2-b
zJ0Sw+C(^XoSKR3HOwSlS#o)9*sHw%3=qogQmGFzM&PXihe;gxbJ}tWpS7SA6Vrzg4
z(K-{vs~Ft<wp{_o;Kb@EIQxJL8QCS&(AIw;(}5S1?>FI%uzZ-7X;n`XTICqFi;G#o
z;!nEnwvOTC7f&{<QN@fw`jAfVyC0IWY2=|{hv^3XyoIJLiYujR>g?5;R`j?m`Y}1A
zf&_0AAXC{4K_Bi7&m9z*s8f7a!*`SyMEariOB!j|ebY<BDC_0kyI&ixLEoIovPPrm
z^`caE8L21;jLI{ke6^(F`bR+D6++7*T&KuI1!OUC3zL3^umhC8I@_zu9KPIqQQMV1
zMkK(Lkl|-WA|RF}|6$`GAV_5uzaKjyMuGAmEA`M%Go=W!*z&J@-U@B<WFR(Gazg$h
zP<-InPi+QAZ3j+Q>76Ie3zkWT+bW=PA(kaNvvRbpqNT8rPeDvOe?aDt7z9uR&hTTh
zT&u(xB(afE+wC^x*B!azV%5}gVh*yJeWjh@NW9E6)0u<@{tB0xhe+8Ox2A`ImI#Pj
z@~jW{YfVEW$`V7^^7LzK(zI<gZI9j~(>e#_l>n9-orVw)^lfKEO7^)Nw1LM+|Eoy+
z`&aYr#^8AiiH)w3cPBtcQ%dA?a>9LIOvQEsuO~jE!fOKbR?G>3_x9pe9w5NNie@X4
z*!jITrlboF=`W@#!DKMWh!FHan)=+rA~7{#$D;PFquF67NL8UH<u3|ARsHqPTVt%T
zC2~^WZ8o<NQe;lBN-Jp4CAx@Ha<0Y*flB^E7zH1vdLo|Jo{V=<L?p!{TLgiXOacmm
zpiO$n0Q};X(cE6=Qg0$WJsb9c#GU9-7DUXdTVhqfZT!=~&+$QYlF^2gE!Md>IH7Gy
z{WicrJ<rszBi^%>%l;KN#2M<)6MMXT*~)2_a$!h^ikOd@jSO6f>17&Y1v;^W?W59e
zQF4RX5Z_Q&s-)NWDI5jZ;zf&(8^24~o+3*OO_Mgix}z=S)wIE6r*}qCu!-}y^hi5~
zh3>pgavQsqkezFKlgt*ie29V~9JN%(K@}0ydWo;NaczCUYWyH6LLFP=)mw<eKl8@R
zPVrw4Sll41f^po|%O?U{0J&HI)fXyZe#+jfW<kt@7=rLqdxDfLc-~*VEYR6qD!F_i
ztbu14rS@*{facg~UhG!U(98n8g7oZ6TVL-%zJC~3#iHS1LJv5RX6koc-1Hlo;m%;J
z=j-DEMvEP-G2Ip4m!sHpF>#P(t2FWJc;R*tRKY90S;jSmEsZsTyveeJp-RJ-PL)+S
zCaG7fn6yMxW|Ssg+>cJ=Pz+3q)BhGtt9&K>!WEssw{jjy9v5bYtS<S?BXeom;H6wH
zp$gn{W|s>;q?d*k*XNwZIWC!qN6~SrT%)Dp(}X&>Ox~fu(|f~VO%j(nCO_B>uDwvT
zQdm}&$&+1OI-<+$jnsMJGbo%s_7DE--%=86+$T_({jm4(;X1#&pYTEm`Fs<LR{5IO
z=KDt*gAD{l&G(@7`VP?QRTPJKfXG)H={b~rdZ5N%xI@H$b?LCcIvZ-<Q)Jh)5O<sU
z4`Zb(9iCXDmu9T<5`p2YlX2SVGKoi8mlZBk?BiLgx=v2S#q5XR>uYchGtQD4a)uN(
z6{Irwxb8HE*z|r_8RcWhL&EoA4wgQPR=UJ&K@Zfo$NTObhe^TklwIsS7%g!hNO$Lh
z$FA*4l-G@^>ok{I@n_7|mb8%mQ9<R`nE6tk0K(#@glXX4DTC{)>J=v@v6CVCOzE9Y
z8Af+VnG%4H4L#X{or`A66%l_=gy2-?0r7yEUqDGrYL)2|llezD>fmD0Yb9Wl^xyNN
zS!|`!Dgw4R9&m$geX)cE%F*V3uBUP;V9>-VM;LjwVxcrOzW!b)nilnyGN%6Jn9+x3
zKr)|944FEa7*0axS2p2x9%DkXySB#9t_tA}6Qbw?W*+>i;v2yWKGu_&mho_6S$PvY
zbOPSRP+9knTiq6%2S_d96N+{I7Hyht7WAw7S2+}Tf%bkVwHCp)SH3c(R?CX<q9m~^
zG`cms*vdkT4)j+k-qIzA&zTBTWF8#{2w^(+B`1(;72-th^lnH=r$7cn`suUT^q(yq
zaES2YT_(EUiTm7tE3S>mj{Qs#%5BBl7W|9ZK`h`o9Xh^UB7#Y!-1I8!a{)tp;HKx5
z2d$pqJ&5>3$Qw-FLp)IY1*nz86hA~dxndIQaaL#H?(Y6ID|7wTYv?*ga6-gHhf=FK
zl}=d>fRIEUkrRk&$=N>5dq51e{&SB*2>XRq3f3~wSMjtOTGQp(rRZ5U*?GT)u2v`;
zr@Ks`KV*bwBQVNFyrKC<w1~a8Vra<5ZgF8pt+TkXES@xEw%R(*tp638OKD5%&Zx}@
zPs3g3`#K9eeX&PvJg%DJSJCcEN2t5K!47CtLYt(3Q)R?HX_!oo#)A1fPdP9A<*C5<
zV)9N(Ch`2suaNDklaD;z6!)i4Ro2va6_gUweTKSLiB;gj(S9yJCqGBYVjQ<6MfuNL
z+1Pbue)hg|w(fn}L*7-jnw*<hx^M(SA{g{)FC!;HBy0xm+9v;;llZfZKX>q+umbN%
zVd8(l5d@wnEXBCBMUCFbW#yWvia7h{)6=^_tnsVT(r|XpLiNHipnLhzSdB$EjB%oF
zSy?m%`Ck0#j*uqx`r5*in0E-$LH$+5gsx`eh+TbSvHQ0}3f#xw`+&jHq134Hu<2lG
z=TSMMsBo#DiMtnJbyWP-C_@>ZP4Q#IMvwf@Zzz<_Nepto_-#}ic1M}a_&wh4dSq0Y
zcK_~&vO&|VoFN%gR)LRNcD~%e0CpL3>9}2=V#MxgFnIaB4cPeiA?P;!;G>15|9PmQ
z`0DcXv-7W|%`n(UCmsrwdV%}eq26bhLz=&{a}z`j<QHOxti61cmm6T9CF*W@;S?u?
z!<nGEkxMP>An)6S8ci)3+lX>2YI0FmNPQN(TU}A-DWn(;ia!%7=o8G8VTJ+-bKZHx
zZtc1Eg(+|6uOCc6V=nE@#1V?wi?_B|!#b4ZV^AUO#F!aB{em-A{hD?jw=gdMb=dC&
zw$=j;vDk%6;g`{Nd#+nRA=Fs)E+kriyWk5d*GzR4gmS*ZaxKu;o6eY4J6k^!n7T9K
zwpy(Ek*wFd<Vo)MkKw$RI&NFLbFj_C`(+aK-$MnIFBlb>q%>KCKNHEu<7D;BP$FYE
zQboRIb)||8GaG8%`9^5DerZ%HIepy|hOyW*s%m;*V;?+m_F)cB$%W=-W3Ud<@L)(9
zofgLqf7y`ZYP^UEY|D>c9DZZIN{{yPtBciK@A{G8A^Y2?MDRBr;f1B+Lv45qK13Jd
z@}bYqI=u4rWqt1{)!?PjzUxdRSNQX{-%NPK%F&MNAN=|Zc`JTa%B<i2I3qkI3;dxl
zMG^GE25#Q&)x{Z#wL<k>$8jQYM{q|=W9buG^;m#&GdGq)>dTEnnyhf{(>s>w(%a<8
zt9;$DNzrZ|(DKnu>=?WyD4jJa;(L6VUGZA=R;!{r*pRs?)$mo()Wh>uQ%kJ4;RI{(
z-{}~<==|F5zW&$g|A0da^eC+*C<yTA52GjJ&b~I;;xBbN$PP8e*2)s)>^<*|G0(iI
z%0CSK5!9ZU!EvOQnWGso=AT6gWA7umvJ}r2C>z}G3Z&#{sGrv~sF8SC0FI4u3h|1t
z^(LrSL5tpF^bT>?jlYj78%W%1al4D<-O!AzPYD3xaRcD%kdWPM?2BbbWroO5=24O?
z#0KRY>}bbuaYYu;l+>(Xr!e>^?a$#-WA=OlS+X$%yJ&egQp8l3PT3hRerkDXP6q}K
zfK&@BG0FFB%<+cVrAl{f=p5r9b#v3Il{`QtN{w7!@$mX+&etUepkViCsHWW*!>9W`
z@Nmzx5m&yKe!g~exQ?UpWcNc-v+Z)_+2_pylW=zi78a!Vc5(Uf{)+l`g^!PqzX<0&
z^7)F&uY~0L52jmlH%daSR`k<LzVdkMOS`5@$;r?<TpD-M73{K(W;CrM_SL4DOQsTi
zE|9Nq=EO-a3@h-YHpi|&ZyL{wrn{dYO&<%VPr9?s5x#D$$DBA^SQV=J86&4{Akx}H
z&n8eFcqeUk4%vSElG%`b5-$0J^4I?bOgegNQf-?Ty98%UMCLUPlKe8B#7}ZQu)p>}
z05uflK#Ioz|73ByzqPP|;~^<Fv52#BAXA!&E4Ntrp*TyasyCWquh<NVSi+R&r=6D-
z3OlsK97?l=5Q35(uG|Ap#SjP_<vLlgzR1%!D)3rK%wxJi9sfDuOd(dpD>9s*mY;+o
ziDM-eTQ&hw+E>ey(g>on`}W|^O)04-8hpI@J7+ta5HgtKVYCuK?}iQHiAEZ8Fwu;r
zJBdT*WH&EHzQ!4P_WWrrnt)GfSK!IVlfx_ahBp91(D+@3lL*nUKb|q*uPYR9v2a=-
z$#YcSDx(y@FCoFcQiH*C;#;SuT%Q-h3})$tMSxqq=GPq?#Y0o8-2IDZz(8?=oQJ_0
z{q@)!a86=Hn~VE&;eeYKsOs|M@#p-HlEK$*p{uL-<IR^l2L{RtP06FUgxv6?(5U8v
z`I>TA%569@f3f?uE|r=bdsTCV%%`wxOCOxMb~gq!{}=IGxT5W>`Ez`A`D5>b8C^!~
zJY}uXLTmMsib_*zKQYyLL0s^drr1qNnMQ?=@#zdR5nIW`MBD4GzZ=O@ssB~9aK(7S
z=;OyUH}RA-lIh2NT)X9fBPWGI2Hl8P5yxfw7oGTk|GQ=1VT@L(r5KTb5K2q*SaR#k
zL}-bXxH*NTYH}8}qIG0Kra7BHXbO`^^Po0`)X=>RhRKQ?_oO+kI657lEszM6Q(AKR
zw;2Pt%N@&0{ngs;Ol|!Kt2(i#V*$v`-MvF%+pMG{j*%&RItL)y^TppNk<{~$!ntNJ
z1+h+cNNKTLlNBFnejH1mgd`tK_H27XAm)W+#aX5f2W_T{LetEU*rP!9bYc6+RQe7u
z!G|-YGmBAg#y;AmTjV4Ofuw~bNLU7Rv3@QPzw73Sw&v;jQP<A7yjdOD<1If;O#xpJ
zW1dc*l~qKSnv20uD>ddEVu!KE{B8s(!3K}?sOVWFZOkh8Y{ZSfjFbJxEd?#T;Vv_8
z;OK%lb^Y+E@UWrk$W|Fw?YaAahJ(t~d1!}7-D)H3^eOLG&3pr_g`$?tV&SKYua$ut
z`n5l2k`>>+#LotEQFDn(qTOvLs+V-X{1%?+p&ZgplvH;wbzk$1@45??z)5Ll=%PYm
zNaaz}FhA_!Upy9mZ8>NJxTxDKf;%o761OU2u$|YVD6Ak330v@b@Rb10c-NMdwE)5=
zNZqeB`H($o_tFF<BnC;q?_+`6tO<eNZhkM6@y^0zB@YzhOm^6UOWa$^O`JEDizY-V
zd3ncoW6UrAB*6g5U+l0Tr;Kt!<)|rFemR!$fpV*Hlv_G>K1kb}g1oEVl&!F7$yF`8
zW(yRmt#<QT38h;+%p^677x@A2p-p=QJDf$`v)WG*^p2ztSXfvn!NoPNsc=KrO&<Jd
zCu4Jlg_D6Lzg9={!)vgD+1U6<+i9ccSl7=61}>)DNCA>0!vYmb=DY3)ZRVRpaGzK1
z3BKwWYY0W7TFcu^Ux>u4a_1#e(RxbezB8W!wJT%qQb=c8Kd_pQip=h!u7{!ZGJj0A
z!GtKYLE>5#ogE2nV)7fELVQxRxN_fIYpH}c*M=W1<q9)Xf-4!yuRF966tsI_&^FGu
zz0^eUe(DX2OCj+qh^o=cv`p>rFgYV(Ejn|5^{+K$6qH5=mClXwh`QORavM>>+;;jF
zgLq-bbjl{TlLZK*F~lAG3Z*Y%VOU2AlN_{M>I#Lf_+Ed)Q>t;M$JXqxb;lKF(&~N~
zLGj*l<gnH%Z~ug7bwa%oH2>ED>oX**;UE=L;~SHXMxj4VKh%rY!X~w;(NZn<#ZkDj
z)W}Ww3sMN{YAYO1*^(W{hN8coQUi8?E>E4#fx(lkpzq}R(<z=%QE!m$^|{hKU&;4+
z@myYa?GA2p#|e6Uy^d?AoBaPNDgQgV9T5Vj`VDD2x#4g`1hZ^~%i#Md;g#XtxI6ma
z#IT`aG`odR=hPbQqM2hLPO%xJy;!R1LqZitY?NeZ{qCPuFHj6RS9TK~Jj-2CFC$7U
z@ULod)nNt1^ZUC(E-&==flgB%dim{bqd>JtTz*=b%q^{vgo)Hx@M}gA7Lw*5ZWwuN
z?wR1zLY}@}MoF&90uA9%*%#7El9W_@)}>H0!-1s7^&weK#yk4vm8P#m>${lDf0D!(
z$hgETu~?A0bcG~+xUPF0SlK}>ut$i$8@~8dhGsgAE8P9&7>w^ETj+P}kf@#4EIa{`
z<H%!DGdlrQul(@l;<bkc6|AzUQiy(dF7T1)0&H@E%agSl#=Um~?SO!OE4v>;cXjci
ztuu4cqvj+O)@_QDe@5~l(E6a9ZndXvylzO%j*iD{v)xLQ4PMoE71tp<8@FrI4njrZ
z*><Lu@+Jm78>LD6Zojh9GV`0=`#fbGn=<$Fm2;q5Z0JV{>$G%>`(d>q(8^50#}@T(
z@b6_W#FUaXU1H=FDt1mk>hU~g(M)_b$bX(Qd3xB%2g8`!xdJK&_aW>^g~#XC^K(Cn
zx!1lU%%C>^eI<`1mluNn-6j0@m0lJ|kk4K9{VA6k@+xT}QQhwi;$HJlS6Nhtd}a{w
zy7{5o?NlKn3*{6~dght4O8Z_7PP(Yt@^&3MJGQo2d>KiW>1*1o&(KxrbR+n7X~-V3
zbvBn11}CAs@N}u3ZIX1Z;vv~#-{nOs@#mowru+7NEQb}%pj>q;Mfw2;Zxhl-XgSVy
zvSxX2j=(7;BW;}gFZt5$HY1iX0ovx>`b`a`y0J8a$Gh!3W2AMs-hSd883m)g_juBP
z3((D9ce1jxTQ_5CL+p|%=eu68W|);A4$apIZBS^BN#t4+E5#BkuMOV0riyU5RDT>5
zDkvS?h1)daJIzQ=NGVMTaYL(-QkPeYq_mO9t4v*_75+^y%=D_7*hzRy)OgXP!PBs+
z$NUS=|L(7TIv5QUHLJTc$83$N#`@VpV)OBsf_kdfe?Ci(&xb<ZMuY0OApD}|$7e|Q
z+wuKeZ`Xo@R+Y7sA?c_d=2_#m^1Cy4Ud@M8sij69JB6#=E3U#k_gua*ET1@fVSD}V
z+mr5co%42atC4a-BD4yadR*!hKKTf*O@`a2w)pvS2whs)0VxbWukb(d_zR=;ec+UX
zeU<80t>%61s+l`GB6_Nf1yx1i3cHSTWwUW$Y*KB0aGAE3dD>IPZdoRTi9(n+{<yau
zh*Gm!*zkOBdHwaR32?@<B)YJT%P5B%_G{dV+TT!|_mR*0u(95my(ucEaz|3(s4IT0
zW^GNktbPvzHI^3a8QShXU<E=Yr=jSz<xo{U#xGm?LD;OroJy^zmvzLFROc}`Qq9-9
z>eq<$b%!smv2_3)V`5rr?}Sp~aLpVWkxJ8GzPNGh&V+&GPk+*#osP~nP%^jO{Snpf
zkCD7_1)C_#1Q<MO2C@;eOU&49+jnWa@Q&Pli?_CQ#pS9OJvn4lR#rCZa5u>tT|Mx>
zp>(@#DHx_cnkzUs)Do_GD`p}j7@xn3Eq@vgzON{4SJ`}9@wkl@esuuWtU^aewaxZR
z+tA(MU3M)~SoubeIlDZPlT`_+s8$`ni+m(FdeZ2=32^^5k&2Dy$mT@YOWtxM@E$Pz
z+p$q{=#F?=@`6!$ee}I#h<wjY-#^7IX`l@ydKT@GA4cjyHNU+&?;U}`<LHIe3Df=I
zR=gkRwoI|2qd|5r6i0@VGb_A4O?uBH<g#cFnt7hA4lX^FBwc*Wd9U|yOlDJ8pnv2T
z6R|fa&z$&OUvhIwJJ-fj+heUMF=~X`@AbrBHgCP=@W6iyZ<trMC;benbl5bJ>bH_3
z#LicGE)8xHyPkdUo%Y?<)_K8V^r1Xz6>Bkco~YhNsmLH1CK@U^WA-=8FG8PVM5MnX
z5h&>`{#doyIDmu46VG9**napn<#-&S4&Jx^y+3blZ$De`p{6$-1g$Q2;?YsF6P_<F
zBgzJ==ojEr9MAog6i$?;Lp}<Yykc=#+cPebbO4(Q`3wx6Jh}@NZv`g&Cl4>jBpd&T
z15FXkBtL|(Qi7Y?eVYIg4?w%1m#^0*_s*5p!=7osBSpo)9>TogXVHiy+VfWVacBJ1
zxkOQoezLKuu<6nVM9P=4|MC1;VL@MCExOAL{wx}(sHv625%X8atQp%;EYdTlK-dvK
zv2zSJ0E$102v0C#E+!wL@hQTy5blQ)m$q3EUl?Jvta-NpA;$t9hVc?#AN=H7T59h-
zW49+(@>!+e9T6B}yiO^4N9CbY4T|T3yKd?3>;68KfLrS@=i67O%E9Y(2~I5T)MGb>
zgbIz<@>gGJgzwkLo98noHah2;U!==3k5RD8&wdI)T~?d0VUaQ_Lba2R5ZY~QVxweD
z+U%NcuyQj5iZt{+W%Mc*pb5{(pohnYNUXIiSZWhPTW5VMtx&{h8BQU-;)!ZizS?`U
zT!){tqbq=vHkp?-=epkzrL$w4$~TTRALA+A==CHqP;uHph8(K4jI+R&N|fk>IWdl-
zD`%xkl`^7eX)Ru+%2RJZT-QSJv%}^Wh6+B73`5g#tY(IMxIZKRJYo$>^rz3=SKZLc
zQe2xb5w~%1t254`;F`|TJ9S1fy7#r;%YOc}6=zF6J3Z?)HVIK$g`W?am1~V)EX&S0
zZrW1KSLF`*<~t^jXc*<aujr3P`x1~vxH7jXRJs;~oy+SribHLRS9W5n)A@Fl{pU+Y
z6{uuS({U>9FiT~2fTLMD_q#t3xehl{1;HBbPb~_#o##B*xdN<4G%fEYo?r-6H&T#Z
z%A*n;WYo1QcVEB-zLUV+X9k|C^c|U4^Kpys*#;5nFheZ&B=ExYf2h_p6a_QA--Ybi
zxUHM_W<cCRS`>46z9rM%@%HASI!&@L_iY5P@nKI>*~){^ugUj&a3>m-YSmuDn7$@%
zNArSPw=nn!kQ+9?v*HY5prDDTCbL(cR`NKLmysC7NY>r{XZ*KFkaOZ8%mlkgjg+WC
zm%d}6u^)}pd{xT~*>GQXinnRrh;XV(Y%J*UFN4fgY8JR+r}AW_hU@z)sM5I%sbZ@6
z-wX1+jXTf<3VowbGfBmEsWOoC*ELrN)AzkI>-Dse)*Whzp?WFH^HexlteKsBZOH%Y
zQ=F#4=;P8fU@M5rCG>$nL=OognzAUmqC@@5RTazAy0497hYDSEZYalq-)DY*$<?es
zx=N8+C0Ux5eYjLG@r{+5ni+dov$NRfQ@F?=oRjJ=s&4RLFRgMJBqSx#vPRC&iqB=R
zv7b1IUG+$EpL*`|r`~T?b(|Q@EC2igpu`^%LDT?#xXu+p)0~~HWLgq{b@0qs0BeSb
z4I4E0n1_r%rO{~1vd0O^=WPK(m}t}2hOQYS2w<~c1a%hNyFy>u4%DI$TLXQ%opBZ@
z(1kr{Yhdq4D7H2Jjq`-V1S(Mo8PI!)%e_e}kc@1)(c(lfa4sws1?Dj$!lIU!{SK;k
zsXr2^&5IJsa_8uYo5iKa*HcPB5JcIYdfD}um&fN!jGBf$rJgCrWZG<$E-%4p6dhF}
zC^j<ohs9K?uHSa%%CS^durBw1cr7bes_awPW~T9%%8=$-#FyBW3(ZC{;U)@6z*p|L
zgDx&TJu$M^n>XV|gPp?I+G7jpG8c6O5FX~Rc|Kk~5g)DiI2DK0B&jxVayJxvF@oi+
zIJ^1AOo(zbRDeda-)}h2m2<)n$P{A~A@KaMu(k5yOik`aogYjPXUoaqqBjx~jl3Ht
zETMQraZ*wCt4`^NeJ00er*r6S_B&Wu37owfnt>U#I>0<nD=pp$8<yPHP`Rs}jF*Gq
z=ETnx>St%?TSCf~iC;d};^?$y<ETk^e=1lYj6#=C+w{Z*X_V|%g3G?I@KujzmIvp3
z*L$Y8l>NV|@Rw-h7t3*|+XSx3puk*hNiC~}gqD)u!Vbn})l8B=3DtT~omJi#@87hr
z(B&tY`xC6!p^gE+L5`CbxZt9__B)C_vlUA&v4FoPNmYy8HSYSyL>#GezT^A_X_L@_
z+&IjWjyk06thMWI@oN!gjDd}fhN_4qj9`&O4H~7B$f;Nw<D5AzX##fk<YvffXV;dS
zuZ4xFAXn9yx~Y}!6-L8BhRXp*enR=K+*9#j+1jNGd!aRzQ`F_H%3RhW*84r7<%)8h
z4+)K?!>Nyp^Pd|bt#tWQ+#!*ZVH%>c;cr_becH;OccFp|&<c{fgG1eE|NV%&`RZ9g
zkFz;z{T-`wQW3lC{LI4p!&cP^8e9P1%39I+>*UF~jzejZXQ-;|nLp#ysI{|kk^*`%
z#Iet_V)}Q`&c4#eoS)BD;Kjlh(AiR*XxSuZ0?VRwS(G|<FK0Cn26Om{uB-G%R}m=X
z#PjQG^*@R1ayI76nk3nC8;j0!$(&eL!_LtB?0j_*HY#Vnkksrg$Zq}nG(CVob4&Pj
zj^mgVf7;GNxY&oxS5A$~jj#~kXpb2YRp?sTt$3=tp+=EjQ$X``KoK^<&yPu5{LK)5
zZOM`{>a7i7NCSH7Oq8$R=~ejQTuKR<;4?8X6BLDLacd-PpAU&g!kxg`NlKH$6@^E0
zQ_<qDcnIEH|01#1Jd8*dV$FkG0jL)B0RKGfVOnnYL$Ov~NZE(WIvU{>2M~N}g(yi#
zILxtrv~joBwwk@w?oI-rgPCn`aKuG8l4j@ECl$#`TS(ALO{<D8$pb+ceJ*j&SN$A5
zZbpuuwt1n_0_%k#LW?!)-`d;NP8$p)??|W1-;~G2lDR^&c!?3L-UGOZ@(aohOWVWn
z+_vYenn=CGZQw0%r^puU`#CA*!=5;-p*06h`hJ3)V0;g2N6R1d_NC`2D6UiQD`p7p
z-EUp#D9(_bx9m}3F9wUML}yK4UY;Z_53=I~KPa_&POMLH&b;kF?30s|cPF-H;S&Gj
z$9{qH9!acZaBxtUZ~9h%X5d?-L7e0~kcnP>cKMUwpHr++IfSIjF7a6xSx*}j<Jzpy
z$%W##E3)pg!YFO*Oy}#&G)?Z(=0WdNJZ!78r}0tkZfRAsR6=`R29fG4tIfI3++{xJ
z9l^jp8R(~@!Y@+xi7#cay0;!@?UBdI!@7$ZsOOty^)kL~@bOteuD7suA$HcrVl}zv
zi@qR{pWp5T$!+5*3o5PJCGWxVM>{QQB7Ce>d(0VxT7fvDVeQW15?OOI9O4J>rQS!r
zem<Uysg<975VU(rS*QV0fu&cOCk9eJSG@cjROq|@fHb0|qt^0%9;KTT%Ec(g$Ie~Q
z{d^~DNGi@H4_18E>bxE$_0FOJGIR&n!Fx=iNa4lNu?T(Z>4NdQ&s<N~b>UlfR0ucV
zubkcV0?i)W9pUn6*siq4zHl;X@dVNguM~(%lI!d?JAEgu1o6@7)*{Y0@+j~=QoiIY
z4!_&F$!q{t3zpU6l%=S07RQ`g;T$YNDjoUTk_kdACFi`hf+W0tedyO#CBKqb5HRY<
z`?Gle{C|lekSOp+EWoxv$DvzwnW~yh*p2u(oVLm3;4ffVul8D$jF`-@u(442^4->X
z5pg6?riTxZnI>hH#rj)4X-uPP`I{IJ`v5*O)hub%^`O%m$0uUsFI5!hXWYr0ZM+N+
z5hA2prZv~v-k!=A=45YUL-eV$W5gj}nebT8k+b;1_h409-r%Qvb~DH`CQO%j(Ep*1
zb@Tmxtvb^&IDPNJVTl0_v3K6m{;T51U(x#anZ%K@e18czRANWT&fgRKZU-bDhi@GY
zs;i$3luk4Yw#msZp+wlEB_DA|-U1Jk#vY?dhNo(QD-a~Xg)04{2__J8CWe8|5Dvwc
zv_3j(7!V|?FN(57`=iV}-KS2LbAAZ8QiL7B0xzvbMM6bNxg8^AUbrR-<s>CtRc1H`
zQK?yaWJ!j<7U1zy**k5*8LcWflrk(~9z8W*-I7%<F-k3lW{QKW`yq(kdB5?%GTmNp
zxjg8aA{`FCOv5+eyI5)=X6clnka9)C45xu$O=+n*iEw+og>BI&19S<^NHs<5-wo@f
zktq2&-q%N2gY%*4qNAT8f=`zpR+{a?+n)wmcPFE7pOBSaC9?~SDQ&@F?uHXtVt>Ze
zLZ)QKuB<3w1W8${(ev~X=(t2ua&CH!Zw(t))}0hgYX6I=vtX-ZTe@{ZaDqc{cXzko
z?kr%jaCdhN?jGFT-JReP+}+*X;qu*QpR><T=x28KtWoujQDw_>I0;E<MNx2C%Wk6x
z<hR+_Cm^S7nY01O!C3fsr;l$Bdb1uVbJl*7hwc)qMmdU{;?O<}pG(PXgOEV>Oe63c
zb+2Lw%5}#3KLG8na)_VW?rYy&{~E*5#`}s-+2?)$If_db9?97L<%W}b^F8XZ8ID`S
zrZ8bwsQ+XEG$f4lM}O~e_%=TAIC40Y4Vx>wT;CeOSWI>b>O-A2rbRZk=o?06`xd;X
zN~zb|<4+>|#_janUUnFvfEfoeBbouH`+i?qT`C2Lxl^h%2@0FxWRapD$chZQ>P1B(
z*Ck@+XNx>uE>g9}!kI`{{U)$hY$k?TM5!&2?@E?=*@}*zj{?Tf+ent;k&wXyL%wu;
z)ZOP|g@K0(&9ozqf+3+|{wh`w)adZMRO}EVGrkdq6$X2g5T8_7XOdPOpR&z0OuTDp
zRinSKLw_vm{S<SU_GJgd<DYplyy&JFm8BgQR;Z4g3^BO-j4UMu@E9vy!QQ=6`Uj%O
ze#tQ$GJkk5ZRAWav$8{-GPlz;IAmk5%=7Tb$hZ=>RhdwGv~Wkw$nck~Mg)|3c>)1H
zsU$z@IGGy3EQ@7r4b{_fqWgAx8AJj5VCy!Eveb!2p)YE=yXeQkpB?Z7)>NGiXL!_`
zld)C*&rEfz`K@PsI&z^!1zT%yBKJ4?I2NN_Q%i}o8}SAwC$4l-xsB)frh1PD>-HmN
z7@{Ag6&12&YE@$Bt07kXeh3X?n}=CdBG~;p7dLg)Ccn1Bt%Xt=usSrlTDO&?t1v^E
zh<l@vIY`)&LLyhD_x$1EBai1gf;AUed)&>?zTRe9h%8CXh<k5k(Gd6<J=s><j73KL
z+!w;82;laIU6`{ItXQ<KpC-%6d-FT-)8o?@4ydN%wS2Or4~{nJ9&%!@7_6<mVbmbc
z6yWve236)>+W}_p1y7Nlz*N!)Z1Ow?#L)<#I)_rue{(s(ooIXjly$<xZ&vNZ#mG%X
zbT*^zobx|r+d`J%$M`?8ZJh_)8ch#w&Ew*Ydo+J#R-ke_-_uwzLP1i3VO(yGR~4B;
zKGOl+YaWH#A3xSYVSc`<Wa?@sSW#M|m|e5#dYSFfJb@-<;9z(PTxqsoB%v%p1aVr|
zRg(`5*D&9Bvs)({Bhv?q*q=|_5H_$<Vx`e$9#z0q@a3LBNzRx%A*3#*k)k0|s)w2y
zsaIWfk<?lrfO{;ZAG4m2sBGNVN4K{J`F*90=X^SynX)hh5i14S@9P41P72X?(?o35
zsbo1!rl@;)<(c^OSU@%QRQuO!Y>$T5>Y7;mg2WudoQQtgO-qJYmLFPdr=ArF>MMbA
zc>GJb2^J;i1y8TMfI>Zkgqr{%2bzR9h%3k)QR*P&L+?rZ%E0zsCb|K#TzmxT07MYi
zu^Ds4fQ+P8_Qh|#?e7jGc4%Bk%ln*quyTLv=n_2ZNv|j3IK?bRzjsJ_IGymZjC70B
z(`)4BH_u7IR47vpISiU5=dCfDj|NzVBDpeSZq!<YYp-}jIB=IWoUq&C+BAF2S=|%-
zr;z>@@w3=OH>@+>g}SC$-9LV(bmOKRzr~1WUCZtHP2iCSK0@wf+ykHVHbwgJB>(<=
zt?bp0mhXOX5YNc{KE-72@e~ozWS2I-?$iZK$t__tJt5>v9jFiyfZ>?arcB^*D|oir
zAgl8}(N%>VvaF>pG@E5T`San|v}7WI->hu3ti@ee#WH+J+ev1UX(Zt56m-7?1gw0>
zYfC^kt)YLT`ha3H(<tieU8}gNA<{2LOeSV})UBT^EDrR2NxxC5JkDD{4DFY^0e75+
zWZA*^?h;LF?lcEjlSg$KNGWW^GV_>k?io`jFHHRt$uF<EWy~|xCtq|ho>>Xk4Hp|0
zpPE>keuhPt<atD#qaPtns4PcL?PdE+qT?FsLD;_^A{QtEQ=*vJL;Q@r8IT(}up2~>
zCA*b2A|~?+QxvT!iNe5=pjFGEw8eA}s=uZXS*8Xih@<FTQ^7)^C}=v|D9tXj=O&Du
z)PJrz&Wu(H_?dT4M5pMwEkXA3{Y!eCGjISgA_;npye9gLXa1-FBRY3^uQ?Gontv`!
zzsB%CybPr8<Qu^oYZyR8*w80B0?{JBN-a;=Uy6v-`EruU>o#6zwu8X!*QHvM#svE@
zYSxQe$Lq25^Yg}A$NL_`yC46}BgNdC&AUs6>vo$tf31AeM^Bac-8|k%E`}M5lroFd
zI2gEvIb<M$1ytH5hxJnN8HnR><3mShs;3(ZP(hn(ZzspYZbQV{2B`C4%g4y_5o}s_
zhLU?M`z!Q!&kPu)DP$<4oQEehPURw2shZ=;7i5P|A~MNl$wFSw$do@Dp^29Jz2Q#Q
zA{ll;rB$H3m-mrI=P7Jdhb6AYYK1*PQP1Ly3$bD5q^?#1CI<WDi>(*bcgSmIw)v{|
ze#ku&{_a6_=;cHmi$(nt`pXgNs-wR5Z`4EbGeK+(umwq`hSkz$F?pq)%5$&^Ff44M
zM#c*z%CLe_%;j_FBdUmcL!v($PeQXTqar8KN!;dR89%|KbhbLfnv2NlvGH-CK4NMr
zjU0&egY4xB?G9C|vom)movffB@wK{oF9+zfB*O)^KM_u-LqKVw13DTOc;?V(f*c(Z
z-x|GyemFFde8qaDO80l$q49BN^Mi)U6^5IC84!41g~6w~5o&6Ocxy;NrWqN4`{$o-
zx|rA=Kg-!@2uso*35lr{Rya*GFyGc@<Cx!uFJ7~_T{p9>^Q3C433b@eV0fjI>(A!J
z02SH=NGn)GL%r_?#09@JtLQu0UjVWZe`6l`_ibgM3l3wm+SF)Ne;>N|TnNyR@oDo6
z7o1RtyuA3_wk@|E7y;DO6jRJ#UXd{>N5_5wj?E_>-8=mPX^3D#PvNvqDProukl;tp
znR^VVWA_fm<PpsD%9R6QlwlR&v62KcmnAy2xt4RGws#aT;Is-(N)sBa(}35<QN9Zs
z0v<|#+Cd4aDTCK1vh$~~k-tS}r<_&iL?zGH7nfFyx?pr1z)MRiWCtHQ3SX?XqM7Up
zwE5X8Tk<U>+^R;EHCwECe$Y^1=U*E7=KA@0T0kQ{37w?|pVH+V(jgHy1YJ~~0ZbJG
z3j!+{vvCBPb%#n-lQeUDOLSY%U}=Lxpjx>V2jUc$l{67&!(e%LSj&<S8ju3<=I-gr
z4uLDu2LbxCJ)~px2==RF<w~%e3$Wv(vu&7(g@r(LONfd(Y@C(DP2GO#6y5EAkr4hz
z=)S-Mj4s~LDmAQ}zklmx_7W0v;%JMXW+lnuie@)9gk8&GF3NsOQI5<ui`dW97C&2Z
zdf^^CYZ}ey7o)Pw)lYZ}(p)sFWgJYP&ga_fc6MM}@>E3tXp)Ddot`C7@xX@CU?*bh
z*9#hh=+{1CdFqY5Dzx3V&}UQ809D0*ddq^P29&c2=JqQ<nyzEGH*}|qa4Dk_{V)RD
zd0SUzVc37gh?fFq)5mwcwO$5VY$;H?Mu%Ox6tXF!k~0Q!4eO<6-egBo1*$*``=&Jb
z26?fX+_2zO#6xo_`*QFGudUFMOoQ)CXif7`_#N)M5t)lCIe~s!BUC^bw_2oaP<mg3
z{Fzl^t@yZ0tnE%_(TA#w&2T@IRUU~U^7$Z}u)pR33aQ1#dN1{G*h0`8AnMZjZsJhr
zf>QL;Crnv68)Vhg@`3~Q!iv_v9fnR#SrTMgkY`Ru#e}3v#3vXI-DRwgui4`L?V&ct
ze4T0!9i0jh%tG6O>#=!ne=jetAofCh@%QWCm#x#57T_`{QrU_JO0X{uLOSlT&vC83
zL9A(`6$?yN4C0Wq5s#+cZPa<3s~B}qzD*A1DUdQfhMi;wK^cvM#;@7{Q9&zRJa!}v
z5c!<z-{hA6y714S(N-9#Sy2?qF8Y1C%KNFGz*~(qX}a_{VMO>yJ#<c3NeVlsj9nI$
z91j~;fv8l2`v-nFCH`0P9q9On&Z5quzyUEMwu~9Ka`N$<&J0WI*`;{#A%QX_zPT)u
z<#8$^1~}qI*arICX#V$Ku;KO%5B<HVeJ2&wXec34bDp_sI|lLCn1?PE<tW=qW)+S>
z=2HNThSqUkY`=hr$!k+rPr0;`k?-TTrDa7>HtZ^xB)Y|Z_o$>Qrir*>hO5yeCSnWO
zzaEo5^Xhs@tgX}ATXNu1@l2KMG^?yZYS~&G8zMErbWy0o+yWs`E4-w>wp#YiDdPwb
zj*pIQsT$9Yxo$rhGO;I*uE2~IPL-UssXT(qf%a?gn9h7&7}%_ik5#uR;x?*hBiPUi
zw31n)?dIzIKqQ-bZ?A)u2@5T&SaayPak?PIrgEBIPH!tov>;0bU3_%-25L5nB<d|q
zYDQEQfYwQv*ubFJP)ZsxZF(u%Z0%#F9Gzmp5)13;xe@lRB{ohX7PnDyhXgd)?CDLq
z28?3ewm(<unEYhrh){vUD^ZNHg3w@~s1-=3v~)zj6+b2^#OiNN-d%AJ+2`cPw;dqN
z8eN=q>B;pJ6^bF5rj?KGg873&p1rKL7V;!!wycuxehRhGqGub!{XfD%Y*P%maq=6Y
zk0zPS{DjW~NCT)XE5tq4T5<~NaPE-9^_ERzFP}4;Z5&{s_#G_O2+oB`vT<tZ(_{?N
zKoie<5KEp!hVG7Cn=pffC;%&iCXrneUJK|cmb0`{B*e#wNN2_#T3{L`pLs9U7Bza>
zC1E?9{L@QaLGOr%B!_QBO8cXaI$%9Mo`u`(6<ie2g{zALwGvj*NqgN#XpUxKRK{Xd
zBh~Rygb%%p$`Pyk<NF;sJ$`f}VL~eXuG`f(W~_ScdsckFlW_wpOGMg7x++FdiSZ!y
z-(RB%eimJKwcia4^aQNCgY<){i2y2b@@lH#vJm-*4Mm)PPH8z2DsuFnRBd$SFc9CZ
zwe^oRk{$S+E~(ZUEDGk!b9^X@O!T(P=Gb^FP7rjT48N&YrSr}dwT9tV6sIV=e1vGU
z2A53#_5Zcgl_-U%@;X=gLma)UP-SPzl}#tPaHc!pq;PV@ZQU$Tu_rfgsU<A88o?lu
zH;@5jY#fy95HAHiVd`wAeN$Y2b+uHSEf{G~$P+{+F-euB?iJHys&{t!>L@EaUdBn0
zeOyZH5)~dZ)ZUJJDL?x(Z*0jsogh8cJK=fm@O&fiq1<XY8$a4S7F)k(!Cn^4d0s(P
zohaUn%kITN`C|1iPw?5wEWVr6qh?V%QjlwmO6SdPz-goork==*k|Xzy8#L=MbjJ7c
zSLI~P`x0QSr!Q3jg=lK#sB(r8UmOJ8RiM`p^VKeVTK;yA;$1L5Dt_?C6eeBevqDb~
z3k>!lju2B>4gk<HZ=;cC5G=17v79@|fA@*qydTSdh~cm=P*GsmPqO8Fqoj-W+;0E0
zs^CPu?J=f65y9m3`WL&hp^=pXBqbqors=W&HksMxf4g8c^P|6#juB^xY)~+#?qj0C
z0!0}Lc_Jm}#%Y8I##(q7?vh7@mQnp8M_ziKhoy<?d%%PU-wTV~hZGdDl8$)l1wxq3
zmS{$iuT{TTF6)|%!i;5li1FaNr!yM*-cYtZ7vHBSAK>~|!mA5->4cYEJ64zIbnFCg
zC0x~`)6DR~CTWeX>i>qkyplT0FieBiHdXPCYcuxJZCjZz!}m*r5tP0-oWuq6vACYe
z-ru2ekNI87Q8Msg>FbEEgQBp<8%tVT#AX62DTo{)3L5Amc%qFYCS$cv)yc)3j@9$t
z-)y`f!x68^vCgkx<Vvb*wdCJ^-5V~3l9K;!?eQNZ`1tMoaVV+M#H_-x?5lXIdx9g$
zBBTGDyAt`a_aDsJ7m*b#$KfD#SP(YH(6Ft&aF*1*J=cM|-bJ9(^0uPfX0}WPp>o|x
z01$VCot`pVHZhZW)aFx#zDq{OG(3Sso-x47ArWF33%LWg>xy2-`*Y6>d^G6s3zzI;
zk*prc)iKSB;_5P+h&o*etZ@$4sI<LoXQ(N{#COxXXL+RS)pC}>@uR>F`NQ2B1I!s~
zKN(VPKY)z&%+Tc*XLMy1+U=W!IJvlI?9U6`0TAmzn*~a?%i%J166*#OX}ExoHifyB
z0&@gqus{LL>grRo)Fj~SNKfFj*3Cwq7l$|m^bEEk75I5hH4RleHc>_`x(>>{?q`8r
z3mrVA4F)gnMcP3m;pd)7(Z&aQhGSv|%Hj8){p_PaqP;y-KT_VMWezCFeY3`Vpe4t%
z2h{K7<$QYj+PK`Wb$7|K;|si8hQ82zx{3=jSm9~MfMni2#cHgeMdRdY$Q2fw);Tn$
z{9I??%+p=5HwL7<g{dRhN+hxPe9#L|w>dIx1zzG(tpe94@t5}?*-926)LHk1uQc>Y
zIgGTU{B;@v{<~9gc6PD{UO@X)UE=<YmsjtiE1Cm_&fpR(5<P*l{OLRJrM3mw_8`{z
z_FrVL8|s^HOkk2+7Vr78kk|Q5*8D&N&D@GWHZFGOXIj1Z8HK#X8%fsW@>!Fqsi%m5
z`}K<Zd6`c+HnbY|esRYlyUN-}2>!>R!7gcq3V|rB&nwS|pjPk$O$N;DY>bF!ePW_<
z{Y@nsw(dsoLxzH}Gi<zDfO!{;=2g+%sq#b{=|jsA>(Ju&euTGq^<VinDr{`&bI?SM
zU@{=#Q=7X~w&$&z7lXnMbS%qY#N;)^-vzGR-${*U{_=jQ(Vg16aYtj|cxm75$+)+o
z&3AQEk5zWw5+kuRdz{7=t*)<MC;@}3d^VJ}?qiHY4diXWeeF~VMmYBU1lnPtVZ?_C
z>QAa2wD9leEAukN&U9V|X0S7(igFvicqC?@Fr=mkqSHPZ-ozYIg1cKg3$0O%AGf^o
z@1Y)#TNM{caSW1O7n$Vi`lbE!2Bwmm$<DbftnI=HJrcT?#9T{`x=BlJdGFRvh~5bm
z7aH%Qv&BW(*@l1x3SO_BuF6)Vi`v!Qgu{(dbMOfcMrAoo{5jx%fu=U|EBtZ4^T1xx
z9>;j#Ba^UqQhi2P4-c#;E#G!kxlk%G*FyX5(H3QPy&v%#OR-MPW4y4aNR!gV(ezj0
z!(m&}xBBnDeeV7%i(Zg?CtC_3=Vs@RJA?TvA>6(AB~58O?zquaD(APg%wSjVe@Qj2
z<^O>@xLbYbDo{qlF3$^Xlg;)jwny|l;&6H($<p_us893*TDuiAt~qBdpG+vsah_<N
z4|6I(1<){k>dx)&&|uC)lte{x^~J5J_!;Vg>728_Qqh9ry%Xhdx%Qt`<Yp#n8_hdd
z7CR=F#b}CA#4}4RR85UfVR{-dRHW`o$#QT$MPB^F-uB3~{h$?XQKTd<d$i7gvwoWP
zv(<_%b$~n_YnWL%TwrR?y*7e@p`tBsG0Vh9jraMLR;$~=k3(2$6be^1EGGMzxw*2B
zt2-0crr%(yz{-|qFg<N$W~(=qFsSKaJ{IW+yAXTKo#nVyW+UNQ89w;<aAT_~U5$Vq
zSw3kOn2#S|85so`D*ACe-mvDHh>e728GIUwz{1SVuXt9+fz|!3h?w4bmRiIC!h;kP
zS|Apd%Se+K$L|S)6x)uElXh!%JhHnqd5)UDR%;Yh<y0twkBQ=EV5geqW|_;twA9n>
ze~{`woCax^I_msHXS+6D!2;qC5Qv7h{gkd|oIrhwW>Niet-a3RL;GKxdX*Dg$YS0~
zWi1H)nA1+BPUoXgjJeKCG9iRoNWIRyfV#|Lw*3Nd_LT8ad<92WDyWEKKx~zR+GF)G
zn&fz4!e2F<>D}@A`gP5nLQfej*?CBdH)k>?wkSN_8mx+fN*kKi=+Hsuk(JA^1r3hX
zf@f@VMp@Y0%zQ2?jia{x=LGK)Z@fz)|Mj8PabNWVXyYY|du4X_IRnzH$WZP9#9pB+
zEltv5YXSX&J{ShRsjG&XlBHtE#GRCZf^Mb42BYU;bMUU7a3CRHr~Q6UVCG@fi2roh
zfjKBtI)vVyYQD@ifg0w0J)BgmjVDG{kyo3rp1EkDemGgmHkR9K|6C|uG#mar7wja(
z{jw60AofF)Ld-D<I&wS>wuy0&hAZ5Q1Zn;Y(Jm+2IMMA;G0NaTB)M6{g3s&vjRsIl
z%HWX;K8nE>asQA&<1c$a^Hq6TTKFWVH~t;%S0{J?B9^1GA?{qH<|lxd!R;VuR90=|
ziwQ!8(jE(wKApK;#q4WeT^o%WN2n<7Sxu^LL9S+8m~_rbYj4DcHGK5<vmn67SCU`g
zN=Put`L6u^PZ-OtZ0CZ@*}&Vz?8VYQ?OFa)XmDl8YylaIl3t%{9k#`}%E>2kyyv<N
zHINtIR*h$d+no{KE5ip6%gTy6mv8R&v>m%fzxiOnTlj(RnTifc8wckz5Vgk^Anm>-
zzOgXuUquaG2F+xr@ksyW>yRH(eU^<XOVmS00FQ~{5ellYWYmSpb=Ksfiom-zu(a3F
z#n}6ML8SsBuWgp~dV@c218KtywOJ6jYf%~F)`tCxl{t^}o%x$&2)N9bgtJz7XCw5`
z!s@+kY&*P%*ZU%9<HAJQ=)2=Z2OWT1KH%dtJnN5UbE-8MhH#hKSwFObxOmn36^Nm@
zl~f1oXg5zUkBN`(C?qMP%ZZNhdfB}arfylaNGkDnA`P-KNV#@fVe9WMds?DWU_hoU
z6&+R6{`IgU1?J4=W^wCs+ni&oHbpeP8pE;1#AJjv*JAd5l$~sB61zw<4?gNTqoG$Q
zaa6#r%!0#Q`Vp)Hi-P<OKs%<)aC>Zj?0(~YQ`~*8-}tY>G~N|#5V4d5*20r86x-^O
z=wiM60VtK|H`e&dn92l9&jH;5w~AI^0aVylUta(=PSngOdvBm3-jT?gSBG>DK=&#7
zANjh8>`Fk4<bEgr@iX+yYD72(hO{82j5Y6?4&-$54Y9PNM!U`D;zN}k)r68qI%8MB
z31zzVMdzL7to=d{UB5m}EEo7EF-?U-AP>V?Ag}Aa_v16Ljv9uHRE8%9b1laxo{GrT
zJwY#Kd37>-yiwJtXg_Acc~y3x#SA_9PFq*`lyIN<$|n!X%p*962o@%1S3L(zZ_W|z
zC(e><PvC+0?e@&ZJS_HD(r+Qt;>C9SUTB0@lpWm?)^By|HN`&^mLgEKvq;*PfCFLQ
zjVWq&T(4|c=bm%DZ*+XLo7Ovf@fIb9=3sL(VoFTM4wj)429!UeE~s^AZN{Ruf3v8x
z0DET67RzLWZ2xx8pDMx*%h$b)*-cb5{03+Z%rec=MzL{o=d+iC$SDS4*y2!=GLG!0
zpD)Ehx&$lEtGOt=FViKs{0`Rv+iu=UN;AV;I60g|(c6Kd6*}Q&%;p-*0sN|T*iHx2
zU~U9h$&(HfPNr{(%tCoUT(9(M&b~{AuF}5)Kh8uG%7BV8_@ET!u~YZdG|;e>j4FbU
zO!I_E8etx?3AzF7Hm>2>?iD1pnOX-jO;h0iRIm>OV0I_*ah;ZPzx1xd3vH*Pr=v_W
z4exxHsLno?b*KY+^i&ar10>Q2tvEi8t4=zjy)^bxFe~(HQ)LcEBb<CL{cVnH-gjxj
z99^itfeC(7ocyJWN&Z?Jv_*mjr80xV%JjQ*dz;u~ZOSP}r;U)bX|)CbrNbv^S|-28
z*6->ot7!R)SiC<kk@H=m%K3D)(mrld*38U;ud3^*tZU|7O-E7m4i*+k)gco`4%pJ3
zdWpA&!Xs&*e{NW{N*p+@_IPV<dB44|pnfny=j|tdzQ|-`l{l|{$KWG-_R^K3^KKG-
zyhG4NK*s!MucC#e`So$ra@W$=qcQk+<xePCk6(fuU)|*X_I56bw(+Y4pD1XY-5geP
z%(Bs#?BT25o&=%H=hiY4Xk9u2+t4$O)HFs$emGJ^Kq7i+YpteeAjC*fov5g2p#4xF
z4i;7rT0e3e{ZFPe!f2+*_Z*f0vbvHVnN!4X2GZ5vYIy6hg_14iD}5((-UabzriTjB
z&S#eHxf1fu6AX6Zgo@jmFyNAlpjc%HRty%yc<<|?`)Pj?CVulLVf7Kn$KzNNJ0}6p
zKsvw5gHmZL{cT{(U2yq0#lmfW+Fn{}&a_6i1KiTP`j@@CKnCOZ%lUBraoaXt;*B&7
z__&Uqb>0oJH#Ov+v=uW8*q32TAxiNqtrf|7pZk#Ip^_UKuw@G&X5nEg=^aFvq(6c=
z^El$_X95-}l(ZNogow>28?Mn1LJ(pcvM=(-z%?Y7%fI~{TNLa&8S=d;1=VH#P$|33
z@Nrc<QCm2M(|OHDI2FjJ=(=k^o}Z#FVU(Bey3}%Vap3{e>)ZQ##3B{3e-xE=G4qE{
zKnVzFuwHgT%#RE@6vJF=P7UpVp=on(2nRW|N=b*A%PM|h;Id!ZSLmjvkQqJc7+u)w
zdpc5-3DJ3PjpDrvem?xhag-B$9;7K)st{GaJUt#P9Sy$@`YfhaCt|YZ!v#_Ui7|>-
zBL}PJ(ddE&)I}5)A)nn9M#vfAGu61y@~5dttDR&r>OO4=V55k2o=x8Kc!3cq8fssG
zGzBdku`RT-fD<P3vp;{~to8L(82Dba&=cNM8?9Gz%rb*z>~YW1GvC%ZR75fju=$J~
zZtN9r7v<f!q)bcT7RFID7>I6{1!i&<-uGjs<pAbu{v2j@#Zntl>1t-8vEC;f-jZn?
zvvzpuX-GmFH>>zV77>;M4%RFxf%Np_Q}#4stVJdId`{Qt_-?y9l|CgU;oko^n?HR<
z{=a^jzRYJ}llCQuQ(D}0J+i&^zxpf?ib5vrveOB*lM`B{fNZ8SqP<k-aM+31Vr|%Y
zbJyn`xIJwV*$FljQ3{(an3-oIxAii0h@`(5(B8nMvHKUZyCFsRCe~>T#g7ZY&d6A$
zWGQ{?hu#uB<s*mso&E`RjNrP<B$idvCLPbU5s@QzIBo*9nkS`ZuD_N-Ce=Uec}dB@
z>vpzDPPAVJyr0{AMDQnKl~&|MCSWaVvjN*2n8po62EFN`%LM9HD=ezYCwyWie}$ov
zU=y*LuebhKcIfR`WN6e~Du_-}N0-+B=%05XSk<WVF$R9|U$61yXX|`yGGBjd3h;kX
zi5vuKh+((r?pD~*(W9BCE$6Jxiv^9b_iKM9LGKgC;<8#y@&~uJFv=S^tA5Y14y4`M
zkYHWt_!X8K3id<3t;kJietvz#em~++1HITS*{Pw)PUpuE&!~N=26l^n*+RJ(uuLQ;
z&Cz_dyBi6-TuQdscAmSmuo0ma!@1K=3-8Re1fA2SgIPjj?Rd_dte%@Yj1A5_eQ!8}
zB6^(n%1`VvmgxntvE&S3zjp{~wK_3=d#&=spWr%43iBIsxLd7bI5{NnmTg*dYcfv7
zMi(i8ujv5%<@Ov3sLRa1y8S6zv`~R8|3B!6pdg{+<;RN;+qAc~vVRA)Mu(t_K{R75
zX4NB={;y*C+$r}TPgYb=_az<^(#N_=>|{l6lNPDJc-PVrD|f$BOPhsh8zVeBf~ouc
z>Kj6cXZnHsIOC6z!>)~yqKk?V>~!z*8b}QHwPHNq<Y1$z1YKXz@96k-s@VDCDSg09
zEoOQx7eS?q@-In}cb-+7&U9VOA1u#~<;)e?elwAS;Ros*;%b8nY4<3v2g}uC=n<5I
z!;lnYDg+y;tXP~f`RZLSoW@l&^1-u5*g<HQ!o;q<po$4l-F-4Rf(XUfO$L=jV~}FK
z5qkK!iX4o6A3Vyov$e-=hn^me`r|bJ;Lt+<L%=r@&c~)E6a@a~^64X|RFtgZsk(!P
z2agHvX@fz#-pW9N;EI*#3{d(HB38ZUYPtIei|<v;Bt3ST3t*TL$Rn9KKzI2;w?IO@
zD+lFWDmluZ(_JObg{87U0A;cUrK8_V*AODSS^}6`DlTUCb8oA($n4B~A^wmX@op53
zT>nvZ9M?n6IYL8xopEpKRF(~A1@O~zht1(%%F)ArdbherSrvbrbM26xS>1?`4nhrA
zqCn5}7ZqH)U9@sPok1*v?HMn~&7S(Wed2rW{Ww5usB_Vj-tdv4P}D&s@cdcuuvV~@
zqd0WTD}vnB)B=%^q$u&#H$Bt1=zsnI-~4`V21ewXrc;qrClaDw@uEJ0#oHo*q3_**
z)$J4K>xV8d#@EDVXTQ|k35OZHLC1H*hM;)^or<Xx@;h-jrqf9*W!ld>0yos95;lpW
zo{@jo5$@9WyduhPVdNvA)R=}L4u&uTCuWpJs3ZeAh>_ym()x)6u8J+~Vv4H0f?i1T
zN$aAa17f_m#d?{Rg46Dnx;c|8MtqROo&T8ZKT7*YS0VB*nhY+u`ft#Khww6xcz7B(
zPINYnoy`T|jaEJ!@7*tXpSJDw_G?>tG46p}_%{iHk8IE^A{ccQ3`-#7Y~4I~bXJ1l
zR|YBvgU&`J4p6|YV_!^3XKNd`6|zFyYRM0z75{*-<5}aZDCRzmPHmvxtZ**N5~b9j
zS_%w#r1_};wbS(Ce{#<J92G-n>Hdq|_q$ajapeTJbe%MEO_}gC#m$XgvsGkcN)I}n
z%JnJ~X2kE5EN_)AcYo|k3*~?<6e=C-QKJ)tvFipY5Pio6c<y2FQf)h53>6YHqaRG$
zM-2Q#NW(gxvfkTJJYHb>DQLXBB~K0&Vl!g${{R5oLl6SDqgnH7h#S(BE?<~AE5<<9
z#8CE1WwbhRH<$l&b)$pDL!)BQZ=y=WPNE}sxVVAk@F)y1ZrYpA1qS?zVgv@UTs7${
zY3mYe{b~+`DftY@^!J4<g|GdN%G(z*%#Jlj&dR@&Xe2*jhI%pcWDT6F?U5B{<eVZS
z*L$%9rvx*rYwcs)CDfM*GXPZr!1cwJvQ~5qofZG=_F*3V6h-bw7JP}K+qry)&3+ak
za`_sCAt3LHH2q`KGqP`yfh2T(_DhAVYL$6bq$L&>^EFCYxT8g#Sj5nky`&k-wn1+r
zlOlb$(aN%zU&IimVl6VrxJnaoG;)#qdSIdPoH@4cG6Vi0?V&Ma?;Z=w`JN(N<+#>9
zz)~P?z;vOn>?O)+X=om?#j6&P1mM}2^(B7^K|j;X`ISs=-dYhYVR*LfFs{Tt6u~5~
zODqb*N_w`bc#UU;0~SNKmd~a<xHMz89Qh~ovkC@*J|}(dAszfy{J_<Y;&;^YmoH+C
zde~zt)efYga*E6TOCk5)TTTL%>v$7&Od~f3TVmM9omx5Nvp!Y_Z-;~*n!R)8!$vvZ
zE)SdU`5QnRuT?$;t?zns$omn(e<Fo$=_0tHRJq1(la2Q7tGuP5%q+7s)GB=S>d;zh
zt&;GT5&zq_XwO21hM=2=!eUV@4G*>5a&V+m*D68|LmEh#j0|A(X_H)Vm!LmTS(>$+
z3op#i-wLroxIefjP<VRCQl{4ivL9iWguAdbzc|^kN1xF^VvnxLj8l+63qpt0<eBBE
zS^GLs9(2G%2Xz?bM%BQu8``^k+tw8i$?XK+w}PrdTp2wvc!~$TY;P~N^f&+Z`gDTp
zEH{8|9@R|~ATT&|*4^D~YMcyoR+wFm8o7D2-Yu)dG}lbLm$=#WrDY-mNFgT4N*o)U
zIBAJ?!c7d|=n>lVU4mX~%Ni#H!-SfhtXq($$cAFHqDcl~1eWbu-*g&r#7|d!AIITe
z;=IIQK9+$?OsC6{&A{fV;Ye%I`+j!kRjx~dpQ35vW=?aZmL|K8D3T@~CVPKc8wCbo
z6qm&?jOXOnHLmei?g;o_irKC6-DlC1<d&~dLE}v)L-B2Fk1iVv43QJmP_?SCM}Grl
zz+ydAUv%>i1M1iP^4af9o9}Q+tLUaeOR25a+-T^=+H0M!oS!iMIg`gPgx#~F5vPk^
zTZ{v$rfs{Tbz4&dOB1uA7ZPH*elr+=&r?%(lV%9nw~Y?!`>~xs8$d}?GO)<3&zz3N
zB0acU1<>33TlknsM_SQFkFF2=sM&-crKh*o(b^dee_@_R!bz$^_3$~nXg=L@Xz`5S
zTWen{+j8%3etatJw`n^Wo$oq5L-%lw7)qqAvb~xMd33@W{XXL?7P1<$<h#tQwO9i{
zhHl%N8q4mazbxmJ=crtR#V=n=-dh8%>m-}(-A);#V&l!?6`McsyH`nt4SDV0%9`Pk
zw7b8~^>RN}6ahSUBhGz)7zddCM1+~xc^chWGO&r70hv%MbH+zz%|H+l+|gI$2)|&1
zoQ^9!8r%-#Tvku)&%7!AtMeZz#B_l=TdZKaGW{i4Qk|(IunAS_TlR5@fLu=Uwb&^|
z@mc0#Xr~bv)Iu)-dFyGy6<NVU+VUf4bkyTCyFd=myL?2y6VK}kO0|n!K2FPpi@k>P
zE1_GU^6J6Bu@qp<3&RqQCdOAV?)=AZT_T5}q*y8thaqV=Qt?w)!>tpIQfAeJ&(Tfm
z-u_tSiyz=-d<WU3vPG66Yon~O%1aF-c1R>G!Ea{ld)cZmzx^9lvi`t0g+n8=V96^P
zXm6O9E-*WX`?`M|10GGVSd~x@a_Gmi-1(QdSigYQB(?kj=I<Iy`F{*%_?aJ->HPj6
zIiH6OYQdf^@GeKTHj!p;2sew4RYOyKS12zr+PHKaD&u#@T;xZ$4$s4?P*q`R<ct9;
zUR5V`L<}mlu!cAA3t+xsAa{|7f@TGs;&oGe!c@0jw(Gj=LkLuJw#j5CwaPfxJ*dN-
zE&TELTS`7-PPosm4kp_8XV3N23^SqU5AP07Ok~HtsUORA1HoUqh|w|(D`=;XI?SFN
zpUB@k{>hhc1z%r)*8JQuLJG|!-5*Uig))pasy6{qdY4FOw!dxxSvqgJx_UzQch6XR
zo-I5CtrQ`zm`dz}|1!Uy=vMEoe+JAfZOcs}&(sLw-Ew|n7P_6T>A*M<44Gw}4YA29
z7}1={TCwYHr7M&IL{}CA2h(DnlQHj0p`-G_ku^I$Wd=~XMB%6_#toB{avevBoMSp&
zYJYaK_mOC}Vc_>e;(3uK>L^$Lv}ch@nMdExfwWe;yZ+TLkVLk5xjYy!IH)+V5G6Y@
zwWQ80im8D?WEn2bP9<r^XW=sAg~jS=rKI+AC@C?cRKT&ZLU`oS9YR}nMFxtL4MN;k
zYaeW+pQ0?%i6YSMs>X?VqHw!KOAZDP8>P-#5OgvpGQ#oqxa)a3PtyVm=0m9|s~TMs
zYYgWL?>62#4dOVrgj?e(r9QngHzU0}1!%R6mT(5YPt2E%z(3Q7{Q{({7EM6Iuv$F<
zYGu^YYYx2ORzp2PmUy84e}C_*rr^dQ^lKr=B$kB{*$SkS$0nYhnrF#*+qq#FY6=wC
z*oRC~F9hU@IP6quFYR~F>6=ACopJFp5m;Ewqbm`i)BA%^cwh4*RA4BO!S-6JV+vSM
zgCb<Fzsqh-uurhC{HeRWURS$29K@e3ls&;4W_EJE7!AH{=yDgDiyT{yAWjSO8U>pt
z<wB~?EgM=+BRY~u<p~dm#XU|9JT4lu<>LC9%bxfA%u?K0a-Pzm=yTP+^z^j%AK&|y
zNO!L6K9_q(Fo|W&Fhh3$)?{cDLQ+=Z-##ox7KX<pD)Z5?J}W;tG5FztY}sC7`Dt>~
zP@|L*18gj8`%GQIgQKm`mAg)$0Qw84v*I2$r|BG8*uY>s+u0BDvM4R}P*!>YJTt@h
z50TcP*-TLxfnaR^1R^NeKwSQ0Qkvp6Fxp4O|IdZRk!$>DB&!n#LBUv0HWT;byqZN}
zZxZ5*A<$xm($enK#5OyDIN5d0bJQx}iO;MJm*!*rpRTesE!Zg6`@#)n5*mA56=k}*
zLUV^STwoyUgxr8IJQ;jhpiEC@0a*d11!kENp6Q#=3v|3vQ80}cH+(+^D{{7r5vWKh
zx!j*LYGv1L@3%Xj{K~~i)_33V>BJ88EkQ&+1@S|MG_gN_cqam5IbKGICHe~iwyF!$
zIP45KWC#=Nf1R?t+@oRb;h>AisSt!$2}d;0{1SS4<3?_b&DZ*c+mFbWA8gcv&(`d{
zQ^3+QQz|RZ`Av9s>`&GmZQkMjTPwWYl59e!0hX|OsRumH66c-S&@jyVzdf`VZ)XIE
z&(x?>(oxlT+Cz%9784rJFv<dsAZ46UhfH{!4r5B?I7$Mnp-5X>=)o6SJy!yOCM}H1
z4XT%;-p|OtO8Rf=SXqmsD)ASr^uL3Wz)3WDaT0lczzJR}EWscAVS<aQtkk}9ilnCL
z_<2`x0Dv84{^+C>h0F;zJj>8*e`C_+vM=mkvf&BwV71~hjC`bh$qNUAt+tSuF!>*K
z>Mgc8Eo02bU%~Y}W-z1i;crrqs7i(`RcrM2=5>5@GS~gH%VQ(Fm0ij^PBuuDj8pnt
zVdSRDlq9m5g^Isg`?n3dWo?Fmmxc1);0xN<a~tjnQ6o^B?zvQ8_ClgsbE(3pA_xd7
zOKZHC9OJQ>KmFT2ps*>kmztWa<fiCre;5`U6$fHx6$AlIG30ajm<7gB^-iz>ZJy1Q
zX!D)lQJO`>Ax@l;J|q5MSN15M9{%$kc#9DJK-v2%Ys6AOLPQ5#G0x)-z(#2YQVRol
zM7RD-UWSw*IoSc{3CM06+|Ia@+8iru6!&hu|B^3^*)=o~8Vn%CC+8cC<*!G_cr{Nf
z9RUkN$okAYHj;x*CQ46lvJ{Ps3WCJNa5;w^dl=IYN1Y<*A?FrYiZ6|+BaXxrVv@>E
z&$TNA9F@3s)8MNaPNcb``z+vx*CkU6Nt`hp))FtoWK4uR3fPT}bJW&w>x!H2gGjyU
z31+(fVT?XoLLEYzD0+3@AS0}DQh^hLoaGp&H}kS-M@x9qUmzfi3v@d~te7il>8A$R
zEYib}n||Sa1GvL9@_lGkcxrkx-Di*`zg)eGcE{%RSBJ%IH(YNrWdK1%U?E;8ofiJR
z!rTUPDfClWa^Sp(MRFX+`=F-M>}-XM;1BI4e2ZD~-&K-5*}bu3nKZ4I)ic1?rD?F5
zqMeFNq@rZOMg0$u>i*xqDg1?!y~o&3IoP1>yU90~pV(%3_o_S|AM21l`~Nu%BB4##
z9^(bP?#bEfC1Z*K^!#6hUBwbj8}{MS>-b`TwBAah@EBDwjZ_kA`m7Mm9JHbIJ@_|u
zy9z|)$&0yy<+ooXEx3P1quoe2rIGx!N4_E=!doB{+n8IfhVG2FF=XcYf61rC)mC^b
zA#cz*R03GluvZPK0KCevS!;j6LY-;s`m$6CjCK<LNha9bJ9rOz(2TgFY0zwt_Q797
zz`Th?#`8xqF7Q-!b0f1(XhQN_V}DQj@5SuBjO_YNkL2qZ8!w`Zqgl{;jv{oLTQ%@=
zrY++*7GHrv6Rc83Oy*)1^^mjfO}5=(q&KI|{3!oo<WoI9A(0B7M?0&@y*He=bYPTg
zJiFhjF;wfI+&q0LCmmECSaU_$FY#o;e}xIi%hN~}&LO+a__+|_6&zLCxt0CtvZQ%9
z7me&dQ@A1xgiBXxrLy96h^n?5P>s=tt;%=-!JABa9388pLSfVJVOr*7XgooB9WU_b
zoSxDq$sh48uER=xWc>3i?F2}lPZFM6%`{P(-2yO?Pghkk3xz#`;u2<d`(TuUjn|)+
zXb(HW!;1Fm1(r(0%g@tTm}~eVz29n&yG~rR#WIs{8~V2xtdw=sf%I~Vygp+P6PI32
zIC7<a0%d>w4X$wx?cFZOZ&n8afyd`34y2W}^?%Vxcsm{t0UcDO<#XZK<#5I3J|aiF
zUL|&zOguQr#XlC40u?sSNh2fZ<7XE~Ec<-!2Zh>eZ@Y!F)VM^E8Ykl$PF$MaGXHUw
zZe}6)a-gu2cYF!c(9-nd)>+OozL_trRAMC2VhIpwtG1WWYLLP^7&rT&Q}G-mwzk5P
zZTX4XaJ9>(FZiP^23VHH5ZFY2iD}cz|BJ?6WZyFz;W{{^@qP5fPN$L+XE6aCW>@!&
zNif*=wcV5Vk@)!VR7qN%1G1Gx#TOFbd!3j&W^T1qX5~U*x@+=emZ3TV4VzB$IYCP>
zHib4CRmD@oJ%T4ltg?85BQd`3q8-mM7Dexe427Lx9{ab{@I?B*v#1N5)OgJg+P;lF
z7i@U%MRcUcoHukUks`7xK_lsNxzqFG&W?B|@-kP{h^$SN0BZrHXh$>k=3C7Z9Ld}}
zQg-0Cz5cxD4XOC#mj<=9=!vStb|d;0AMOoY20Od(Lzek90d|zdxrqpP-g^Mi>Zxk#
zNnlT&!LGpg_+RrN^#fWHB_*Yt#6q%)Wi*xTRFS(%Qi1CRO1GHwv=uBK&*0v7dRzZ9
z`VJFcs&H_9tu7_CF-srM<i5lIsk{%M+kLB-?$n(qx#0^71uH`3r_FovW5<bvRKIDk
zLPSb3#@-2CJ!+B(!92dZ$FlLfgBy<h&SiBe$GocE^KNGYV@1sad$_aRVn);`q!nAP
zJo$wLL3C91WcIR-=m={>SLO_nbH#aA--LYr-3;?2YS=%xppGuJ&}r_n@;ksvYJSKI
zCbc9>4UB(OPok?vl4oMip<~`{0NOMnnJ(CeL1$tLa82$1+CJw^zcJAD@GngA)z<=r
zoySgm`S2|yI@qBqS{M=rxZFCH+U~Le0uhlf?}gsFYgV7pzzLZ~9>{9dO?bESfhEOf
zoM>oX{s?X~NR3O7g?>}s`UQ!QG2OkToa%>FDI*y)n>TyTRj%^>WvH)p=ZTV!ACy<R
zD#B*s<oCRDkieoxw7SS*_^?u(xN?z(yO0URQ%GW{#)m6*O*c3V4;Sn1bSA5C8~z{5
z&0A1+8VY+`jC4FPYJN(Zb}9i~@7uQR39U~vLRF&xT$T34n|84BO<OZ0*tl)V0g3OW
z6P9snL9w}_N<;T9Zy)}?*Z~~bv=w1<e(MngpPQZ_3(K(7xb&<pEL}NwHjw<yt~b7f
z6aLEmh^uYj%2E-W*jNkx6pKl!tGzSO)5OiWSnvP$wjRHbY_?+xbT7Dc(4SGf<;^vQ
zBOP6Hez>|252c$du2HV8$5m^2m3rg1W5>EYED`$-0M=<lPuDWe(rm0I0+HRvfN>v6
zv=n2iO&`4zD~RAxlWxdmw0ENQoOnvc<~7UGn+|l}ic55VfhGO%x7J&0!qKA`uBjVU
zYw)Vm{d%)bnIHKv*uG}{`hT~5_Y3sbG;oY!F`dlsNje+iNtd4)Zp=Uyl-TaB@C(C5
zc4;(=l*k3<&e5t1!xzLG?oro45~ck7{8c1MZ`vMb;qgsuo(@m^&VdDjWKq5C;d!(-
zf5ysYlO#K`rgWYA)R6*Xx_la{R<R=(9JY*R@f+W-e;xd#4hX_n-}T%mOc&3sI!2?-
zF6gSpo<qQ>v;Kd096u#Ardc(Azofe4QgkemJn8!LIks=L_XZ2*O4?S(*1dD@(DLqX
zzP*D(LX@m>`kTk`Adgsg=9J#)#CPG|3-@RjW&!OBgXcFb5ki>Sd*$I|n;|@A<{w3W
z1Eh>7_=LPy+#v=G(4p?-h44SVP;?0A8r?HheHeJfrne|5+iyNX4LILCKXB~ozsh~S
zL%t74zM|ikBW?4iug8Z{2`;{WCDFvf!isXm!tyB71E2Wake-fvP;fN749amjyFjs%
zqRiQe)-#(ptvz-=Yw&q3cpv__VsZc_j~Kw5Cvxl!^8EZ_Z{A`81AKbT1LZscLjdv&
zX!N<f_6zopZWM@lTll@aiM@^KSH?uZ6Ef`RTY}eL#fcYR09|3?o5H@os6^SZI#&ex
zEWxzipA^2hToJ?b^j=m#2kezEadQY^Ju~WAEtq4bE<1M&28(aDj1Q$8q%1{~-YjI^
z_1+3LH$f(YDUMx#dZ>UoD9R{vbMtc3OL6wDI=E5FuS(^vn;Dy!`vhy!36L0w7Pxft
zWLp`hTNM*?J|~~>=c^-;uE^OMrA4C^xX;kilA8%Fey)*r?&wLYX2r)<<<hGZ!|1zh
z38o$H;JaIxdgfUhu2?o$W0y+{!OE(Zz>7zlUclKJwT1M}%<<9Dj1Z}u8${rUl)QIa
z?|a_{Lymqdl(6Am#%s$5D#8BX`Xr+#kLb<dIu(v<&wYIM0Q<cU$x99O@X7VZCwR`g
zj+h2fOwB02r#A%rGeQk3E{x6TB4~t0suF~v#h{dDadAsP4q9*zZH0gTxUYoZ9<P-V
zV39N?A0~~LOe2?_E|g9E-S}IYMuDdM<lOJXZei431soZ@D!6VFc9iP`=*Z`)3Y3D_
z3(*om5?zCUu$!yZZiQ2Cm4Is?lfAH7UX7O|Ptl}EIlb|W7sx1-OtXlW>0&Tp{<v%7
z{SerA@Vt2OzTlZ<NcDJ{7{qL<HAp*_@#Nn$KQTpaRzOM~xkyQe${EnWt*8{_!0W1W
z&?Sh4^%)oXO~)V@lti=QX89WW=3O2g3qr_l@HfVj)6d$KlN1(Ign_*QL;X859I)}1
zLTtLu=R<Ed;kSVz;abe!02=ZJt{Qf^!Vqmsujd!n$C?k3;tpka!7z$%7wzxHtM5l?
zv1b|FCFY!sh{4Bgc5^{aLG8RBmwb!!o!A@C*Wwh)TUc!-h1HD#R&miX&T3pUtS>2s
z==&2^j`=)Dct2fx&3CoxanG#qy2GpVKF34G4&>BM`>w;O*mQH|uNP?GSLgS?;a5sn
zoJWauKOYo1CZM$8iuC@R2inJ$iCXF=R&0H84SAr3WKcn}=A$4<l`s-7CdH%7W@}I~
z&OS1M+f4oZ9zrp_>z5a1fz>T&S-}Mb>fu6MY<~~hI3GS3M&_?WO!!#P6VWJh{6vlr
z>*U}|EhYw>BO!HzZ)q>!)_Upax?Koyyubb~7;!s_fiFPdW7DenK=?vTY=lsI`T6_#
z$AB8rvGdNSxjwU2Jb**z73=)%GxvUfAsQ3fJ`pXina+d0hl#|gHo!_uw;_caS^}MV
zr#{B>q2rAj92QQY#Q{-joijiapCF%FMJ|~l?(eaNn`Pk|NPk*Cpf8H)Dt)aHS{<C8
z5nLh&GLMhb`;?Q{7fiF=m`qD(#DQdoV5XWsLykbFiaSbSPzh~!vO18Wm7532SR~P#
z8%+KHELfLtrI`x5Az1(Y{pY7{fe5N@DM=l@D$*M~ftnPR)MjMCSFd529tZem%rf_x
z8k`8rF+$-7-G1(ExD%gRT@J(7&Jtp?BBX%AitwjRE$)=j9J@8Ep%ltt|6cfv^!NVe
zu$XQ8YDp3g{^hb;c%vUw*@cSe^CrjL5na@fq>13-LDKor<52vz8eBt4lVF|Evsm+H
zgj;4INM4YxX0;lU8_3nJhXi%s?wjmGl$&GTezi|z2>xT+YT*?N*1pcx^a5wmX_NH1
zb>*t3@ocf$n{U4Sg=QDtFtsOD4!3*w2gbFh)?;raAEt!l;4-|Lft4ix#9*}##|^>{
zy*Z_`8(=U_jm3mwdFQG9?(^O~Y1o3!Qq+jBr%tUO?ZX+RCS%i3HksxAl<fINiQD4t
zc^A^TeGO{({rAnw+%K<Xs+b+#CpJxaysIz_FSvP1nT$w<I4mykE+AunV%NZeT)`EY
z(0mF_fQP?mH!&j(bjZ15EN(y>q=Kpjcr?>k$V#B1OrWke)BFqArLlRnb529cj|4#Q
zraq?_!?5P(r{*6xT3uQm5SO!+NuEQ;JK(8b|DxnWvQqtK`Q;0WuB3>d3QkL7Bm1)Q
z6k^hXL5M0y8SkEXLdAxATHTv;I`p(1MYGl%%gVJ)5daL`zqfwG!YZsvQcP0zRIj^7
zF}%_sn@M7F-q?CeD28{^e;S$7%r*kI+JDu2a=9GKC=LU+U7+JYh-WLZZhGBWxWtgf
zQ~#ammpPBU>hyAOxuQj3H#K5p%I}7m0UW*DbZOi?+k1Lk+OOIYZ;K}6NRCWD{Zjhy
zxd)wQJ(_^uS)lRlmWubLhbF}FTiUq~_=C?0i1XIp<4R<#VDb5IZL#CbZ1sMwNb%=2
zhB}%E=#6RCUHa-4kzjC7y7n@!YRx~<iDP@K&4w9ZQTj~6e^XPXdo$q^>QZ^VQ{&P3
z3(EV7dSo;)x8NSLv!(zyn*SNEoNC-DmHA|&PHZuKLEv3uoExDLjOEvtg2&U>Rnr5P
z-ZpmqwGkB7{}(9{*6!9cV8L&8AlThQ5kI>@vr=IEh3maB`Rd<@q=g`E8lQ4vYC20x
z+C~6mcP#=J5(4Z8`srv_v4#EV^g$+7A|>-JjSc9DlDP3t#`q~d+K8bKM-Lx{H;|8u
zSC<><TSE<1ru&bhF_4R*MOkMoBvAj=R8x&eOT9r=gsn5ufrX39=op;Qwg(3gY6&4@
zK_LlRxgmik4)3L8Da`U*XsfG6Q(F&KUve21QG(Rl*@idw>_ua9EBpnN8nGjb(N^w2
z)j>42^Ewi_MLB*Wshew$F+xmpasybJe<ry}r<AOMAEoDhuo=JnV*|eV<WKOoS5_c&
zq7t9{=uLRw-YvNL$uCm^>gGz-EZq0Vlens)7_a?&3vRjRN&Klgj8A>}J}fB-VAInL
z_}O#cKsIfm_mkMB(&R=dHPwS|M%lUPuKV%nzq<m>NB$4*fB&u6xvPqV?Mg~D)2I$V
zHEw8uh?mDayzkJf|Ahyhe+Bn^`#<pEYgVGG<v2ce(+BWxTb{)e_uk5<H8;|%5jMqr
z<Qr)W2j>P9wieTl0N?T$e^AX-dwN%vBF0r&jlX{t6>Z(fNaqs$KIusv>OTI``(;;R
z>^M%TM3sxw2q`osR!3~f+W7IbS6T#;8G*#Por{F6t)&sIk*HC1Mj~A(saT7}*)eqX
zx===vkWO`_qN(KN7a~|wgLbMk3l~W>c6whWTeM6{feID|O@E{Pa7z=K8){LvKqQX@
zrmP$bSVpL^j?%senj1qTi2-UB2GH6TK}Iki3xgzsl+t<9vvBcc>%n!J<dvMza_iW^
zedytROUl<6Qa8Z(-E%Rys45v?KR+<a1iZhm8*Sk(1amX-@{TI3`O6O(vZi+AE?JGw
z-TYqs(-VI{h<46{F@`X_`n`s%>HN~=74UJKXqC@S1SzGYnwc6DEnHJF!+_b6(}4jL
zSFFPI@43PpS(smff<+#*c7=wn82yX94OKgLP`Kbh_0IpsL$Cb`sT`}KgQ+;N;{~)u
zZ$;42@s6Iwc{@6-ge|_vnX{I0R9}XZak4vCxa&A7Z7-QP0{x;<3@KCFfJ4vy7J1)$
z9);lu?KSud(9+QfB<D?02P`+d+E464wLL(?Uz;of76FTZItLBBif!CMJz9`<N-++?
zr7PE(L4UBn3$MSn%S`Yz9>q9vr%@W`O!l;3LDIPxiP&gKWFaFv2ZcpN#)eG-h@yf#
z?B2DLc4=*fur;1Ij-$0r@cFZlLwmTKfS)Q*=Ej?&oOpV;Fu}!b^<BzOt5=Q9n&K9+
zFH23!AtCgjzUCzI^A;eG9$&~XT772oSWbQsdg_~T=x{AAE+{>%DwQukgWEPek4GN;
zHhS37+(oBL;W8<G6L*M`a0!PcB@2e{AE4AyxH`7U&a=^VBa_Z$dY2$$h}8^|1Z!^Z
z+^g%|L#pQZwkG#VilPx=9P3mx)twj~msYKR2R7y{out{0$#~lTjfY!}yU-{BlUiyt
zFh^$MAxn1P8hOs{CkX=lvAAi!wlwC(;vfGCS^xY^tZHbceFw>!78;D_MHvMO#R`?_
z@W|V>uOIE1XGY1y9<m5n1d<v7^#$qv94z2MfD^}#(e{b5E0Hks0i|7aXy-9Whtkr#
z@W`;AHfS!Y<x=?R>x$6ktj9R)9T!j>{k5<_8UPoi5d+aK)Ya7@x2OznS${cJt|+6e
z8VMvbbJ6usrY8-N5EmR!DkZ;NZjPRZ_WcP*PBs~m5p$(s$?`H>M0KifunPwd9|wh4
zLnLEdH9Bt>m9M!Hs~1P{$TuHFOK(EY+#AMY-+c-Z&ZCP-)K)DBqVlERqrS(vW&qoN
z|1yay$*7OmsQ=d3aF!&yXeyk?NMqmIPn=KIwhrHSqWTb8Se|RpjiO~2!JQVwZC|_(
zn>KASpKI0?V<0<^(Rqe%ne~lnm9V98AXSR9)>&_xt-vfJU?gDbG}(b|XzpT1MT$<F
zwiqRA6I~ga*pz-|EV6I%Pdvc`3UX{C9VCKcw=Dt}Dgqpg>F04-*$V95yAOZjD#79<
zh47`NAl%f5dP>2_lqiLvq$}Nz0@`04J#r9k8u@3ZyHHzw6a!vA@~Pe=ix>sOL4-ri
zI6A0+^cwf5x(hWS+~dM(-eZU%C3Njnlh$XZ&_*qc<JFB^Sl~r#dl&K+7ofVSii;8s
zU|B&f!VPt(Z|=m(;w<JR*B>f#kYpyCizZ62XWtPVugyVeG3~+5L25>+?2I1r<(1*{
zcYhwAx$8dMcw-Gde)ESA^!DM|r=G+M|67AE{`=#|A@1+G<s;Z~)9v`=C+@;$ZoUo&
zw*M4cw!VVTe)Vx=vj6VsjT+UaQ&~NmUfLl#u1s967|Hi5cyP;8`0xj>H<(K@rxfFJ
z>x)WcG?e&I`uciJ^adR%zoZb~``(lI_GOE)sILKA9^8ybj4M*<z<t9te}l4z9>=FX
z`Vsv7XKz8|_#WK*z$19yotw=#<77G8-zi`6X8+4{RYC)(J~mkd90c?}=;tK$LVS7p
z#NBu}dFfkSSTp~7_^V9Q>VlypUq&^YDK}lV7Hc-X6`6FPYm-I5B9I&iC@y10M#gFC
zt#P%CgSIEbPdl*yqTRG1YYv%}oPCt~mz1tRfKGEgK0o|^AF=~E>{GZ<fFvv&?m${*
z4l2qkkS(d$FbhzroGg+|Deh(;-EnkxcMpHkm{;kFa^%r2%|*9EKDy|Lw1*HPIqZ#6
zl2f!8iUiQ__R<|lAp$Hn(i&pG@K*HE)??X<3KY<l#2{6Hk<Kn;(d|XLCxtFX{BT8k
z(ZNU!LAoSK(Cm!~gQE)6w;~uQRFWpNXG>~}0>3-=p6%L^=So+t$Hq%npla_fytr)}
z{;>U3#L^eyi~qU_H(a;QaD!lBIW}BgPS;K^;eTFy3Duz(ZvDcS@aYd+YuZ#(RSDnn
z)!1;!3X^@TuLJw5>+#lW{~AkzKKL0IwW)3&Uazdf#&=wYl<*OBWG=_GZ@n1d<{C70
zW#YPPuN<<CAHcq<{aCsFZCJCs7|T|#Mc0WcY-8OjtDEqi8*fBjAQM;6eMbq^+E-t_
z4##)BhF|~gci2-^kN182PW;0s-UHuwz#aicPfw3|C(@^R9CGz%6`l4fjwsjeS_Gzq
zfa0xoaF(PHUOshnQ_2lcbhfJgUSv^$kV&<JI#RvBDeRPXu(REF%MG~x^S85u4o<No
zd%H!zA~07F5II`7aN%i0Lh7^eCJ_)bd6Wwd-lS+KvZ0P=K{cEX@)}M2jI&(sYm%wn
zWvp^cp1l6dM0>a)378>1%-q;)4^3JVo$<<mUei!ruWc1M@?NKvrasJTton?sheNvb
zEwa{5|8kl1EjQNvI^NRKf{KcY({LV{?|Almd%CF_1~TccWUM3!V!ZuhT`@DqwZKEq
zf2^eQQdy7oWXHN^<Z-!o5tc!YLu27R@}BYRPgx}@iHC%cQc=YfqT?ynUUQ)!AZNBR
zSMcy#9pY3IyDP>F9a^yB^kmFb*=sR^Ru8Fza(*OEr#01b?fn)3i@^LvK>dNb3nS@Q
zGq`_-R?!?A>Qva5#8r}Gx7p;Wj^`{Xu^$@kdZ&zdKP94fDl_L^=ZK;y%$MY)tCX?r
z%;K$>4YH<^&qmh9b3R`C+4(<Zj-{W0W)Jb7!|XJ|mO6J4@N(9e&)G^Qzo$aioNm!{
zS!PyxdYi=s^^x(eC26N)WA`iq^Bn>Grll6OzwOCA$v)bFohzujgRRtgHcbryNrY2r
zzc}4#$~j7KD0P%g7J<<a(3>%~@OiX5MnC4fVP@9J2|`?5p`#9!qbh-$apTle$41Z1
z9<>Nq1m+6@A`%+>q|%dpm5ljqIyV9i0Ta;`fshU0NU2?7F1lVeZnd?wC@n3u<Tw$W
z32b+Db)l8v#`5y=&WiU0vK+p2%7kq=C%cg}2#D@T%`GxMSGq>k$<Q-xkgzfM6#pC=
zXAXhk|LC_!9u7|(=Z;Ml0gJ#qMnEJ(L_&60jg5_vA-AMOXCoi;xVh6-brCR;H7z6%
ze&>>~3D2yoEY#Q6WAEO*Cf@3~7AZ_yWs@YMNF-v&nrzq7I2KL!J8B7AlDsI>*$hM2
zB*o$ney$KUwa;)haxv9wBqft%t)HtzeLkO=f$N8&>uj<JSOk&-0l(jGNSg-5M8o~$
zXx+@TLXt@l-0>1G^_ltk`DP_;Lqmg!{XE^IV`f@9`?*T;>-Bog;+V57?wCqVEn%Aq
zdP#b(NSbWVCQH^Nos)w{&nSe?kU^fGtn^L`4jeV8=$Q86-&%}7gHm=-mZ%XFn=ArJ
zhJb$8nvm&ZCuHY-xRb?5#6zm*T)GcYvV`s2SnG=OG45ExHoj+Z!Cf_3vL>MVNvgW|
zNu?hm*{_LIIZ1&=<mMxT-l`dndBRCVaL`E35~OE_!~s!C*rXD5$77yNIB$D{MZh93
zKM*({gX8=_V(eN@1*1fgHkEwFuAMzI83g7GVbh@QELzr3><q_o=}Ek4&M{r<Y{$>o
z|8ofeN#{I#Kq7sKWKDI{F%O^KWEUbx!lu}JZj!U%w}1prOWx_#2VN33Ef-fOV>=ol
zZj(j8B481)2qXgnbAqsmsL7q7hG40+i~xn(vQ$cx^f)9<*Xg)(&e`W7n`RjSJqtZ2
z=UI)cj)<CnlB>LwcfTQGdh!V+@PvG@4N|h^9kO8?S+3o;2v`Ix0u}*_z<fqvP7pQ+
zKn=(mhmCs%L*L91BPnsnnTBa;z(nd2?Vxm}&e=4(2#9=-pi|RYArX5?*c?*tWUlAm
z$2TB#$Z@W7+<sdGECLn*i-1KS84z%5po?+<l%cq`^{v>C+CHC2ZdHv>Hx?=rq*RW`
z4oQ<fJ?@-0UL(guiQ#dL8g(WK!uiBtzL%wUrkCMHWT!S$NoAb5Ml}Au_ER0|p@;31
zQ5@^eRDEo|76FTZMZh9p5jY<Rq)I9!!lr>Rog_&H<C0#)3DhaI<4jh@A!d@!XfSpR
z)urZ=id1zIIWxqKl~bK{jR>B$ZJIj>=()_~Gtq*B6uuC8N6m|o&~#S{msL|G>T(!;
z!a2KX5wHkY1S|p;f%%MpQHlC!QzTNPF;E8M+Kz|Foynp1OxPUart;(U;o!_Fh^#Rj
zt5KDTv}w?GuCda!GjW`)BhLFXljRR6U@+eSrTG7NX)1fr_`&g5Pv~(-?0<`ZMZh9p
z5lA8g3}JJKlG82?ev+`wR#M4M=}ui#M@igtM)JTop*wY*&e)XP2<VwhHSW9{YORh*
zpr#d~{q*LYO2>s}g{V&2WD&3kSOhEr7J(!|U`{PMI2)#?lS)e4cyZ#ueYSh;x#U4W
zgw1XAq4733?|_7EZl4$4bVWKKsUIMPOSmq15U?$=2v`Ix0v3S_5dnAeV60JgNAoRN
zRp@+sVpFTHL(F2vKF!%1lC+AL@sq~j#y&1OkRLXiECLn*i-1MIB9IISC=P5W6l!$8
z9P9msQ7a`wt85#R9sw64B#fkEdVeKNbNd+J*f`FO?<YMNwt*G_i-1MIB9PPwC{&nY
z=WgG={TJ?AyFx$N8H;Y^pf@-lC2dLlq>`j@aucJ^RFjBV|3E*CFPg;63}a&i1xnal
za>}cHn=Aqr0gHe|z#=e@5fE9UFk*1`?%iAOxZ{qWxWf$X`0mco=4S@FpJ<?ZbRM_O
zR(*~lpcThXB#Wt3Q9R6Wvk|sw@m;D#Jq%057d$Zz-c-u7_gVxj0u}*_fJI<75YRZ*
q+}zyw?6c24al;KaYz~LR9sdvX)I`R;=MWeG0000<MNUMnLSTZ|?*^Ix

literal 0
HcmV?d00001

diff --git a/docs/installation/images/mac_docker_host.svg b/docs/installation/images/mac_docker_host.svg
new file mode 100644
index 00000000..a885a32c
--- /dev/null
+++ b/docs/installation/images/mac_docker_host.svg
@@ -0,0 +1,1243 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   width="88.900002mm"
+   height="112.88889mm"
+   viewBox="0 0 315.00001 399.99999"
+   id="svg2"
+   version="1.1"
+   inkscape:version="0.91 r13725"
+   sodipodi:docname="mac_docker_host.svg">
+  <defs
+     id="defs4">
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="marker8148"
+       style="overflow:visible;"
+       inkscape:isstock="true">
+      <path
+         id="path8150"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round;stroke:#000000;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="scale(1.1) rotate(180) translate(1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="marker6352"
+       style="overflow:visible;"
+       inkscape:isstock="true">
+      <path
+         id="path6354"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round;stroke:#000000;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="scale(1.1) rotate(180) translate(1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="marker6148"
+       style="overflow:visible;"
+       inkscape:isstock="true"
+       inkscape:collect="always">
+      <path
+         id="path6150"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round;stroke:#000000;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="scale(1.1) rotate(180) translate(1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="marker5920"
+       style="overflow:visible;"
+       inkscape:isstock="true">
+      <path
+         id="path5922"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round;stroke:#000000;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="scale(1.1) rotate(180) translate(1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="marker5886"
+       style="overflow:visible;"
+       inkscape:isstock="true">
+      <path
+         id="path5888"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round;stroke:#000000;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="scale(1.1) rotate(180) translate(1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="Arrow2Lend"
+       style="overflow:visible;"
+       inkscape:isstock="true">
+      <path
+         id="path5368"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round;stroke:#000000;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="scale(1.1) rotate(180) translate(1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow1Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="Arrow1Lend"
+       style="overflow:visible;"
+       inkscape:isstock="true">
+      <path
+         id="path5350"
+         d="M 0.0,0.0 L 5.0,-5.0 L -12.5,0.0 L 5.0,5.0 L 0.0,0.0 z "
+         style="fill-rule:evenodd;stroke:#000000;stroke-width:1pt;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         transform="scale(0.8) rotate(180) translate(12.5,0)" />
+    </marker>
+  </defs>
+  <sodipodi:namedview
+     id="base"
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:pageopacity="0.0"
+     inkscape:pageshadow="2"
+     inkscape:zoom="2.9893238"
+     inkscape:cx="83.5"
+     inkscape:cy="75.5"
+     inkscape:document-units="px"
+     inkscape:current-layer="g4485"
+     showgrid="false"
+     fit-margin-top="0"
+     fit-margin-left="0"
+     fit-margin-right="0"
+     fit-margin-bottom="0"
+     inkscape:window-width="1680"
+     inkscape:window-height="1005"
+     inkscape:window-x="4"
+     inkscape:window-y="0"
+     inkscape:window-maximized="0"
+     inkscape:showpageshadow="false" />
+  <metadata
+     id="metadata7">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+        <dc:title></dc:title>
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     inkscape:groupmode="layer"
+     id="layer2"
+     inkscape:label="host"
+     style="display:inline" />
+  <g
+     inkscape:groupmode="layer"
+     id="layer4"
+     inkscape:label="arrows" />
+  <g
+     inkscape:groupmode="layer"
+     id="layer3"
+     inkscape:label="containers">
+    <g
+       id="g4485"
+       transform="translate(-0.29443947,0)">
+      <rect
+         style="display:inline;opacity:1;fill:#949da7;fill-opacity:1;stroke:#005976;stroke-width:3.64635539;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         id="rect5262"
+         width="310.02628"
+         height="374.55676"
+         x="2.8077147"
+         y="23.505817"
+         rx="0"
+         ry="0" />
+      <rect
+         rx="6.8984389"
+         ry="10.232184"
+         y="1.5027902"
+         x="240.35112"
+         height="39.570198"
+         width="73.907631"
+         id="rect5280"
+         style="opacity:1;fill:#394d54;fill-opacity:1;stroke:#005976;stroke-width:2.49513435;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+      <g
+         transform="matrix(0.62086873,0,0,0.60736447,133.55565,-15.720889)"
+         style="font-style:normal;font-weight:normal;font-size:40px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#dbdde0;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+         id="flowRoot5284">
+        <path
+           d="m 190.17742,60.953398 q 0,-2.16 0.56,-4.24 0.56,-2.12 1.76,-3.8 1.2,-1.68 3.08,-2.68 1.88,-1.04 4.48,-1.04 2.6,0 4.48,1.04 1.88,1 3.08,2.68 1.2,1.68 1.76,3.8 0.56,2.08 0.56,4.24 0,2.16 -0.56,4.28 -0.56,2.08 -1.76,3.76 -1.2,1.68 -3.08,2.72 -1.88,1 -4.48,1 -2.6,0 -4.48,-1 -1.88,-1.04 -3.08,-2.72 -1.2,-1.68 -1.76,-3.76 -0.56,-2.12 -0.56,-4.28 z m -3.8,0 q 0,2.92 0.84,5.64 0.88,2.68 2.6,4.76 1.72,2.08 4.28,3.32 2.56,1.2 5.96,1.2 3.4,0 5.96,-1.2 2.56,-1.24 4.28,-3.32 1.72,-2.08 2.56,-4.76 0.88,-2.72 0.88,-5.64 0,-2.92 -0.88,-5.6 -0.84,-2.72 -2.56,-4.8 -1.72,-2.08 -4.28,-3.32 -2.56,-1.24 -5.96,-1.24 -3.4,0 -5.96,1.24 -2.56,1.24 -4.28,3.32 -1.72,2.08 -2.6,4.8 -0.84,2.68 -0.84,5.6 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path7763" />
+        <path
+           d="m 234.80992,55.033398 3.6,0 q -0.08,-2.36 -0.92,-4.04 -0.8,-1.72 -2.24,-2.84 -1.4,-1.12 -3.28,-1.64 -1.88,-0.52 -4.08,-0.52 -1.96,0 -3.84,0.52 -1.84,0.48 -3.32,1.52 -1.44,1 -2.32,2.6 -0.88,1.56 -0.88,3.72 0,1.96 0.76,3.28 0.8,1.28 2.08,2.12 1.32,0.8 2.96,1.32 1.64,0.48 3.32,0.88 1.72,0.36 3.36,0.72 1.64,0.36 2.92,0.96 1.32,0.56 2.08,1.48 0.8,0.92 0.8,2.4 0,1.56 -0.64,2.56 -0.64,1 -1.68,1.6 -1.04,0.56 -2.36,0.8 -1.28,0.24 -2.56,0.24 -1.6,0 -3.12,-0.4 -1.52,-0.4 -2.68,-1.24 -1.12,-0.84 -1.84,-2.12 -0.68,-1.32 -0.68,-3.12 l -3.6,0 q 0,2.6 0.92,4.52 0.96,1.88 2.56,3.12 1.64,1.2 3.76,1.8 2.16,0.6 4.56,0.6 1.96,0 3.92,-0.48 2,-0.44 3.6,-1.44 1.6,-1.04 2.6,-2.64 1.04,-1.64 1.04,-3.92 0,-2.12 -0.8,-3.52 -0.76,-1.4 -2.08,-2.32 -1.28,-0.92 -2.92,-1.44 -1.64,-0.56 -3.36,-0.96 -1.68,-0.4 -3.32,-0.72 -1.64,-0.36 -2.96,-0.88 -1.28,-0.52 -2.08,-1.32 -0.76,-0.84 -0.76,-2.16 0,-1.4 0.52,-2.32 0.56,-0.96 1.44,-1.52 0.92,-0.56 2.08,-0.8 1.16,-0.24 2.36,-0.24 2.96,0 4.84,1.4 1.92,1.36 2.24,4.44 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path7765" />
+        <path
+           d="m 262.12117,60.553398 -9.92,14.68 4.24,0 7.92,-11.8 7.68,11.8 4.64,0 -10.04,-14.68 9.44,-13.88 -4.24,0 -7.44,11.16 -7.12,-11.16 -4.56,0 9.4,13.88 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path7767" />
+      </g>
+      <rect
+         ry="0"
+         rx="0"
+         y="168.52252"
+         x="70.247932"
+         height="230.32341"
+         width="243.59302"
+         id="rect4394"
+         style="display:inline;opacity:1;fill:#ade5f9;fill-opacity:1;stroke:#005976;stroke-width:2.07964277;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+      <rect
+         rx="7.8990598"
+         ry="7.8990588"
+         y="152.22887"
+         x="70.381065"
+         height="30.547466"
+         width="136.82939"
+         id="rect4345"
+         style="opacity:1;fill:#fcfcfc;fill-opacity:1;stroke:#005976;stroke-width:2.34590101;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+      <g
+         transform="matrix(0.48549887,0,0,0.47493898,-15.603306,139.61046)"
+         style="font-style:normal;font-weight:normal;font-size:40px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+         id="flowRoot4337">
+        <path
+           d="m 187.88477,72.829407 0,-30.3125 7.1875,0 q 4.96093,0 7.36328,1.738282 2.42187,1.71875 3.63281,5.214843 1.21094,3.496094 1.21094,8.28125 0,4.53125 -1.28907,7.96875 -1.26953,3.417969 -3.61328,5.273438 -2.34375,1.835937 -7.30468,1.835937 l -7.1875,0 z m 3.94531,-3.339843 2.63672,0 q 4.0039,0 5.70312,-1.425782 1.71875,-1.425781 2.44141,-3.945312 0.74219,-2.539063 0.74219,-6.992188 0,-4.355468 -0.85938,-6.699218 -0.85937,-2.34375 -2.46094,-3.59375 -1.60156,-1.269532 -5.2539,-1.269532 l -2.94922,0 0,23.925782 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7740" />
+        <path
+           d="m 220.91211,73.747376 q -5.15625,0 -7.89063,-4.335937 -2.71484,-4.355469 -2.71484,-11.738282 0,-7.363281 2.71484,-11.699218 2.73438,-4.355469 7.89063,-4.355469 5.17578,0 7.89062,4.355469 2.71485,4.335937 2.71485,11.699218 0,7.382813 -2.71485,11.738282 -2.71484,4.335937 -7.89062,4.335937 z m 0,-3.046875 q 2.85156,0 4.74609,-3.222656 1.91407,-3.242188 1.91407,-9.804688 0,-6.5625 -1.91407,-9.785156 -1.89453,-3.242187 -4.74609,-3.242187 -2.85156,0 -4.76563,3.242187 -1.89453,3.222656 -1.89453,9.785156 0,6.5625 1.89453,9.804688 1.91407,3.222656 4.76563,3.222656 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7742" />
+        <path
+           d="m 254.23242,72.477845 q -3.39844,1.269531 -6.09375,1.269531 -3.55469,0 -6.54297,-1.894531 -2.98828,-1.914063 -4.64843,-5.664063 -1.66016,-3.769531 -1.66016,-8.515625 0,-4.707031 1.64062,-8.457031 1.64063,-3.75 4.62891,-5.683594 2.98828,-1.933593 6.58203,-1.933593 2.69531,0 6.09375,1.269531 l 0,3.59375 q -3.14453,-1.816406 -6.25,-1.816406 -2.34375,0 -4.29687,1.601562 -1.9336,1.601563 -3.125,4.707031 -1.19141,3.085938 -1.19141,6.71875 0,3.691407 1.23047,6.816407 1.23047,3.125 3.14453,4.6875 1.91406,1.542968 4.23828,1.542968 3.08594,0 6.25,-1.816406 l 0,3.574219 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7744" />
+        <path
+           d="m 260.0332,72.829407 0,-30.3125 3.94532,0 0,14.863282 11.26953,-14.863282 4.17968,0 -10.8789,14.394532 12.40234,15.917968 -4.9414,0 -12.03125,-15.449218 0,15.449218 -3.94532,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7746" />
+        <path
+           d="m 301.2832,69.489564 0,3.339843 -16.36718,0 0,-30.3125 16.05468,0 0,3.046875 -12.10937,0 0,10.292969 10.89844,0 0,3.027344 -10.89844,0 0,10.605469 12.42187,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7748" />
+        <path
+           d="m 311.86914,59.958314 0,12.871093 -3.94531,0 0,-30.3125 8.10547,0 q 3.96484,0 5.83984,0.820313 1.875,0.800781 2.89063,2.441406 1.03515,1.640625 1.03515,3.535156 0,1.757813 -0.68359,3.535157 -0.6836,1.777343 -1.89453,3.183593 -1.19141,1.386719 -3.45703,2.636719 l 8.76953,14.160156 -4.6875,0 -8.02735,-12.871093 -3.94531,0 z m 0,-3.046875 5.52734,0 q 1.85547,-1.015625 2.75391,-2.070313 0.91797,-1.054687 1.38672,-2.246094 0.46875,-1.191406 0.46875,-2.382812 0,-2.128906 -1.5625,-3.378906 -1.54297,-1.269532 -5.625,-1.269532 l -2.94922,0 0,11.347657 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7750" />
+        <path
+           d="m 330.38477,75.856751 0,-3.027344 21.21093,0 0,3.027344 -21.21093,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7752" />
+        <path
+           d="m 355.52148,72.829407 0,-30.3125 3.94532,0 0,13.046875 11.21093,0 0,-13.046875 3.92579,0 0,30.3125 -3.92579,0 0,-14.238281 -11.21093,0 0,14.238281 -3.94532,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7754" />
+        <path
+           d="m 389.03711,73.747376 q -5.15625,0 -7.89063,-4.335937 -2.71484,-4.355469 -2.71484,-11.738282 0,-7.363281 2.71484,-11.699218 2.73438,-4.355469 7.89063,-4.355469 5.17578,0 7.89062,4.355469 2.71485,4.335937 2.71485,11.699218 0,7.382813 -2.71485,11.738282 -2.71484,4.335937 -7.89062,4.335937 z m 0,-3.046875 q 2.85156,0 4.74609,-3.222656 1.91407,-3.242188 1.91407,-9.804688 0,-6.5625 -1.91407,-9.785156 -1.89453,-3.242187 -4.74609,-3.242187 -2.85156,0 -4.76563,3.242187 -1.89453,3.222656 -1.89453,9.785156 0,6.5625 1.89453,9.804688 1.91407,3.222656 4.76563,3.222656 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7756" />
+        <path
+           d="m 404.17383,72.184876 0,-3.710937 q 4.6875,2.226562 8.51562,2.226562 1.60157,0 3.06641,-0.605469 1.46484,-0.625 2.20703,-1.777343 0.76172,-1.152344 0.76172,-2.5 0,-1.582032 -1.03516,-2.949219 -1.03515,-1.386719 -3.88672,-3.046875 l -1.99218,-1.152344 -2.01172,-1.152344 q -5.3125,-3.144531 -5.3125,-7.8125 0,-3.417968 2.36328,-5.742187 2.38281,-2.34375 7.42187,-2.34375 3.24219,0 6.26954,0.9375 l 0,3.378906 q -3.33985,-1.289062 -6.50391,-1.289062 -2.51953,0 -4.08203,1.328125 -1.54297,1.328125 -1.54297,3.203125 0,1.855468 1.19141,3.085937 1.1914,1.230469 3.04687,2.265625 l 1.52344,0.917969 1.89453,1.152344 1.60156,0.9375 q 4.98047,3.046875 4.98047,7.65625 0,3.515625 -2.55859,6.035156 -2.5586,2.519531 -8.20313,2.519531 -1.79687,0 -3.4375,-0.3125 -1.62109,-0.292969 -4.27734,-1.25 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7758" />
+        <path
+           d="m 435.11133,72.829407 0,-26.972656 -9.08203,0 0,-3.339844 22.1289,0 0,3.339844 -9.10156,0 0,26.972656 -3.94531,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7760" />
+      </g>
+      <path
+         sodipodi:nodetypes="cc"
+         inkscape:connector-curvature="0"
+         id="path8146"
+         d="m 157.79863,229.50628 c 37.00058,23.19886 12.85818,26.81485 7.03771,31.08319"
+         style="display:inline;fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.78196704px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#marker8148)" />
+      <path
+         sodipodi:nodetypes="cc"
+         inkscape:connector-curvature="0"
+         id="path6142"
+         d="m 222.83291,217.48299 c 67.7606,4.04815 33.91703,32.0024 23.64644,43.35694"
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.78196704px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#marker6352)" />
+      <path
+         sodipodi:nodetypes="cc"
+         inkscape:connector-curvature="0"
+         id="path6144"
+         d="M 157.27071,230.12149 C 45.405744,253.79288 92.109064,307.60128 124.18114,326.55296"
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.78196704px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#marker6148)" />
+      <rect
+         style="opacity:1;fill:#f2f2f2;fill-opacity:1;stroke:#005976;stroke-width:2.34590101;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         id="rect4484"
+         width="118.45418"
+         height="24.487085"
+         x="101.69627"
+         y="204.32883" />
+      <g
+         transform="matrix(0.86243158,0,0,0.86574923,-54.246575,175.8598)"
+         style="font-style:normal;font-weight:normal;font-size:40px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+         id="flowRoot4486">
+        <path
+           d="m 187.98859,51.93976 0,-10.026972 2.89587,0 q 1.19455,0 2.00902,0.343886 0.81446,0.325786 1.32124,0.977358 0.52488,0.633473 0.74207,1.556533 0.23529,0.904962 0.23529,2.063312 0,1.194549 -0.25339,2.045213 -0.23529,0.832565 -0.61537,1.393641 -0.38009,0.561076 -0.86876,0.886862 -0.47058,0.325786 -0.95926,0.506778 -0.48868,0.162893 -0.92306,0.217191 -0.43439,0.0362 -0.72397,0.0362 l -2.85968,0 z m -1.71943,-11.47491 0,12.922849 4.43431,0 q 1.61083,0 2.78728,-0.452481 1.17645,-0.452481 1.93662,-1.303144 0.76017,-0.868763 1.12215,-2.11761 0.36199,-1.266946 0.36199,-2.895877 0,-3.113067 -1.61083,-4.633402 -1.61083,-1.520335 -4.59721,-1.520335 l -4.43431,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7700" />
+        <path
+           d="m 199.86394,48.718098 q 0,-0.850664 0.2172,-1.502236 0.23529,-0.669671 0.63347,-1.122152 0.39818,-0.452481 0.92306,-0.687771 0.54298,-0.23529 1.14025,-0.23529 0.59727,0 1.12215,0.23529 0.54298,0.23529 0.94116,0.687771 0.39819,0.452481 0.61538,1.122152 0.23529,0.651572 0.23529,1.502236 0,0.850664 -0.23529,1.520335 -0.21719,0.651572 -0.61538,1.104053 -0.39818,0.434381 -0.94116,0.669671 -0.52488,0.23529 -1.12215,0.23529 -0.59727,0 -1.14025,-0.23529 -0.52488,-0.23529 -0.92306,-0.669671 -0.39818,-0.452481 -0.63347,-1.104053 -0.2172,-0.669671 -0.2172,-1.520335 z m -1.62893,0 q 0,1.031656 0.28959,1.918518 0.28959,0.886862 0.86876,1.556534 0.57918,0.651572 1.42984,1.031656 0.85067,0.361984 1.95472,0.361984 1.12215,0 1.95472,-0.361984 0.85066,-0.380084 1.42984,-1.031656 0.57917,-0.669672 0.86876,-1.556534 0.28959,-0.886862 0.28959,-1.918518 0,-1.031656 -0.28959,-1.918518 -0.28959,-0.904962 -0.86876,-1.556534 -0.57918,-0.669671 -1.42984,-1.049755 -0.83257,-0.380084 -1.95472,-0.380084 -1.10405,0 -1.95472,0.380084 -0.85066,0.380084 -1.42984,1.049755 -0.57917,0.651572 -0.86876,1.556534 -0.28959,0.886862 -0.28959,1.918518 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7702" />
+        <path
+           d="m 215.45219,47.03487 1.59273,0 q -0.0905,-0.832565 -0.43438,-1.429839 -0.34389,-0.615374 -0.88686,-1.013557 -0.52488,-0.398183 -1.23075,-0.579175 -0.68777,-0.199092 -1.48414,-0.199092 -1.10405,0 -1.93662,0.398183 -0.83256,0.380084 -1.39364,1.067855 -0.54297,0.669671 -0.81446,1.592732 -0.27149,0.904961 -0.27149,1.954716 0,1.049756 0.27149,1.936618 0.28959,0.868763 0.83256,1.502236 0.56108,0.633473 1.37554,0.977358 0.83257,0.343885 1.90042,0.343885 1.79183,0 2.82348,-0.94116 1.04976,-0.941159 1.30315,-2.678685 l -1.57464,0 q -0.14479,1.085953 -0.79636,1.683228 -0.63347,0.597274 -1.77373,0.597274 -0.72397,0 -1.24884,-0.289587 -0.52488,-0.289588 -0.85067,-0.760168 -0.32578,-0.488679 -0.48868,-1.104053 -0.14479,-0.615374 -0.14479,-1.266946 0,-0.70587 0.14479,-1.357442 0.1448,-0.669671 0.47058,-1.17645 0.34389,-0.506778 0.90497,-0.814465 0.56107,-0.307687 1.39364,-0.307687 0.97735,0 1.55653,0.488679 0.57917,0.48868 0.76017,1.375542 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7704" />
+        <path
+           d="m 218.91112,40.46485 0,12.922849 1.53843,0 0,-3.547449 1.44794,-1.339343 3.20357,4.886792 1.95471,0 -3.98183,-5.954646 3.71034,-3.402655 -2.06331,0 -4.27142,4.090425 0,-7.655973 -1.53843,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7706" />
+        <path
+           d="m 234.72136,47.813137 -5.37547,0 q 0.0362,-0.542977 0.23529,-1.013557 0.19909,-0.488679 0.54298,-0.850664 0.34388,-0.361985 0.81446,-0.561076 0.48868,-0.217191 1.08596,-0.217191 0.57917,0 1.04975,0.217191 0.48868,0.199091 0.83257,0.561076 0.36198,0.343885 0.56107,0.832565 0.21719,0.488679 0.25339,1.031656 z m 1.48414,2.606288 -1.52034,0 q -0.19909,0.923061 -0.83256,1.375542 -0.61538,0.45248 -1.59273,0.45248 -0.76017,0 -1.32125,-0.253389 -0.56107,-0.253389 -0.92306,-0.669671 -0.36198,-0.434382 -0.52488,-0.977359 -0.16289,-0.561076 -0.14479,-1.176449 l 7.0044,0 q 0.0362,-0.850664 -0.16289,-1.791824 -0.18099,-0.94116 -0.68777,-1.737526 -0.48868,-0.796366 -1.32125,-1.303144 -0.81446,-0.524878 -2.06331,-0.524878 -0.95926,0 -1.77372,0.361985 -0.79637,0.361984 -1.39364,1.013556 -0.57918,0.651573 -0.90496,1.538435 -0.32579,0.886862 -0.32579,1.954716 0.0362,1.067855 0.30769,1.972816 0.28958,0.904962 0.85066,1.556534 0.56108,0.651572 1.37554,1.013557 0.83257,0.361984 1.95472,0.361984 1.59273,0 2.64249,-0.796366 1.04975,-0.796366 1.35744,-2.370999 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7708" />
+        <path
+           d="m 237.8907,44.030398 0,9.357301 1.53844,0 0,-4.162823 q 0,-0.904961 0.18099,-1.592732 0.18099,-0.70587 0.57918,-1.194549 0.39818,-0.488679 1.04975,-0.742068 0.65157,-0.253389 1.57463,-0.253389 l 0,-1.628931 q -1.24884,-0.0362 -2.06331,0.506779 -0.81446,0.542976 -1.37554,1.683228 l -0.0362,0 0,-1.972816 -1.44794,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7710" />
+        <path
+           d="m 250.13172,48.790495 q 0,-0.687771 0.1448,-1.339343 0.14479,-0.651572 0.47058,-1.158351 0.32578,-0.506778 0.86876,-0.814465 0.54298,-0.307687 1.32124,-0.307687 0.79637,0 1.35744,0.307687 0.56108,0.289588 0.90497,0.778267 0.36198,0.488679 0.52487,1.140251 0.1629,0.633473 0.1629,1.321244 0,0.651572 -0.1629,1.285045 -0.14479,0.633473 -0.48868,1.140251 -0.34388,0.48868 -0.88686,0.796366 -0.54297,0.307687 -1.32124,0.307687 -0.74207,0 -1.30315,-0.289587 -0.54297,-0.289588 -0.90496,-0.778267 -0.34388,-0.488679 -0.52488,-1.104053 -0.16289,-0.633473 -0.16289,-1.285045 z m 7.23969,4.597204 0,-12.922849 -1.53843,0 0,4.814395 -0.0362,0 q -0.25339,-0.416283 -0.63347,-0.687771 -0.36199,-0.289588 -0.77827,-0.452481 -0.41628,-0.180992 -0.83256,-0.253389 -0.41629,-0.0724 -0.77827,-0.0724 -1.06786,0 -1.88232,0.398183 -0.79637,0.380084 -1.33934,1.049755 -0.52488,0.651573 -0.79637,1.538435 -0.25339,0.886862 -0.25339,1.882319 0,0.995458 0.27149,1.88232 0.27149,0.886862 0.79637,1.556534 0.54297,0.669671 1.33934,1.067854 0.81446,0.398183 1.90042,0.398183 0.97736,0 1.79182,-0.343885 0.81447,-0.343885 1.19455,-1.122152 l 0.0362,0 0,1.266946 1.53843,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7712" />
+        <path
+           d="m 268.01008,53.3515 q -0.39818,0.23529 -1.10405,0.23529 -0.59727,0 -0.95926,-0.325786 -0.34388,-0.343885 -0.34388,-1.104053 -0.63348,0.760168 -1.48414,1.104053 -0.83257,0.325786 -1.80992,0.325786 -0.63348,0 -1.21265,-0.144794 -0.56108,-0.144793 -0.97736,-0.45248 -0.41628,-0.307687 -0.66967,-0.796366 -0.23529,-0.506779 -0.23529,-1.212649 0,-0.796366 0.27149,-1.303144 0.27149,-0.506778 0.70587,-0.814465 0.45248,-0.325786 1.01355,-0.488679 0.57918,-0.162893 1.17645,-0.271489 0.63348,-0.126694 1.19455,-0.180992 0.57918,-0.0724 1.01356,-0.180992 0.43438,-0.126695 0.68777,-0.343886 0.25339,-0.23529 0.25339,-0.669671 0,-0.506779 -0.19909,-0.814465 -0.18099,-0.307687 -0.48868,-0.47058 -0.28959,-0.162893 -0.66967,-0.217191 -0.36199,-0.0543 -0.72397,-0.0543 -0.97736,0 -1.62893,0.380084 -0.65157,0.361985 -0.70587,1.393641 l -1.53844,0 q 0.0362,-0.868763 0.36199,-1.466038 0.32578,-0.597274 0.86876,-0.959259 0.54298,-0.380084 1.23075,-0.542977 0.70587,-0.162893 1.50223,-0.162893 0.63348,0 1.24885,0.0905 0.63347,0.0905 1.14025,0.380084 0.50678,0.271488 0.81447,0.778267 0.30768,0.506778 0.30768,1.321244 l 0,4.814394 q 0,0.542977 0.0543,0.796366 0.0724,0.253389 0.43438,0.253389 0.19909,0 0.47058,-0.0905 l 0,1.194549 z m -2.49769,-4.796295 q -0.28959,0.217191 -0.76017,0.325786 -0.47058,0.0905 -0.99546,0.162893 -0.50677,0.0543 -1.03165,0.144794 -0.52488,0.0724 -0.94116,0.253389 -0.41628,0.180992 -0.68777,0.524878 -0.25339,0.325786 -0.25339,0.904961 0,0.380084 0.14479,0.651572 0.1629,0.253389 0.39819,0.416282 0.25339,0.162894 0.57917,0.23529 0.32579,0.0724 0.68777,0.0724 0.76017,0 1.30315,-0.199091 0.54297,-0.217191 0.88686,-0.524878 0.34388,-0.325786 0.50678,-0.68777 0.16289,-0.380084 0.16289,-0.70587 l 0,-1.574633 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7714" />
+        <path
+           d="m 275.93952,47.813137 -5.37547,0 q 0.0362,-0.542977 0.23529,-1.013557 0.19909,-0.488679 0.54298,-0.850664 0.34388,-0.361985 0.81446,-0.561076 0.48868,-0.217191 1.08595,-0.217191 0.57918,0 1.04976,0.217191 0.48868,0.199091 0.83256,0.561076 0.36199,0.343885 0.56108,0.832565 0.21719,0.488679 0.25339,1.031656 z m 1.48414,2.606288 -1.52034,0 q -0.19909,0.923061 -0.83256,1.375542 -0.61538,0.45248 -1.59274,0.45248 -0.76016,0 -1.32124,-0.253389 -0.56107,-0.253389 -0.92306,-0.669671 -0.36198,-0.434382 -0.52488,-0.977359 -0.16289,-0.561076 -0.14479,-1.176449 l 7.0044,0 q 0.0362,-0.850664 -0.16289,-1.791824 -0.18099,-0.94116 -0.68777,-1.737526 -0.48868,-0.796366 -1.32125,-1.303144 -0.81446,-0.524878 -2.06331,-0.524878 -0.95926,0 -1.77372,0.361985 -0.79637,0.361984 -1.39364,1.013556 -0.57918,0.651573 -0.90497,1.538435 -0.32578,0.886862 -0.32578,1.954716 0.0362,1.067855 0.30769,1.972816 0.28958,0.904962 0.85066,1.556534 0.56108,0.651572 1.37554,1.013557 0.83257,0.361984 1.95472,0.361984 1.59273,0 2.64248,-0.796366 1.04976,-0.796366 1.35745,-2.370999 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7716" />
+        <path
+           d="m 279.16316,44.030398 0,9.357301 1.53844,0 0,-5.827952 q 0,-0.271488 0.12669,-0.669671 0.1448,-0.416282 0.43439,-0.796366 0.30768,-0.380084 0.77826,-0.651572 0.48868,-0.271489 1.15835,-0.271489 0.52488,0 0.85067,0.162893 0.34388,0.144794 0.54297,0.434382 0.19909,0.271488 0.27149,0.651572 0.0905,0.380084 0.0905,0.832564 l 0,6.135639 1.53843,0 0,-5.827952 q 0,-1.085953 0.65157,-1.737526 0.65158,-0.651572 1.79183,-0.651572 0.56107,0 0.90496,0.162893 0.36198,0.162893 0.56108,0.452481 0.19909,0.271488 0.27148,0.651572 0.0724,0.380084 0.0724,0.814465 l 0,6.135639 1.53843,0 0,-6.859608 q 0,-0.723969 -0.23528,-1.230747 -0.2172,-0.524878 -0.63348,-0.850664 -0.39818,-0.325786 -0.97736,-0.47058 -0.56107,-0.162893 -1.26694,-0.162893 -0.92306,0 -1.70133,0.416282 -0.76017,0.416283 -1.23075,1.17645 -0.28958,-0.868763 -0.99545,-1.230747 -0.70587,-0.361985 -1.57464,-0.361985 -1.97281,0 -3.02257,1.592732 l -0.0362,0 0,-1.375541 -1.44794,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7718" />
+        <path
+           d="m 295.73329,48.718098 q 0,-0.850664 0.21719,-1.502236 0.23529,-0.669671 0.63348,-1.122152 0.39818,-0.452481 0.92306,-0.687771 0.54297,-0.23529 1.14025,-0.23529 0.59727,0 1.12215,0.23529 0.54298,0.23529 0.94116,0.687771 0.39818,0.452481 0.61537,1.122152 0.23529,0.651572 0.23529,1.502236 0,0.850664 -0.23529,1.520335 -0.21719,0.651572 -0.61537,1.104053 -0.39818,0.434381 -0.94116,0.669671 -0.52488,0.23529 -1.12215,0.23529 -0.59728,0 -1.14025,-0.23529 -0.52488,-0.23529 -0.92306,-0.669671 -0.39819,-0.452481 -0.63348,-1.104053 -0.21719,-0.669671 -0.21719,-1.520335 z m -1.62893,0 q 0,1.031656 0.28959,1.918518 0.28959,0.886862 0.86876,1.556534 0.57918,0.651572 1.42984,1.031656 0.85066,0.361984 1.95472,0.361984 1.12215,0 1.95471,-0.361984 0.85067,-0.380084 1.42984,-1.031656 0.57918,-0.669672 0.86877,-1.556534 0.28958,-0.886862 0.28958,-1.918518 0,-1.031656 -0.28958,-1.918518 -0.28959,-0.904962 -0.86877,-1.556534 -0.57917,-0.669671 -1.42984,-1.049755 -0.83256,-0.380084 -1.95471,-0.380084 -1.10406,0 -1.95472,0.380084 -0.85066,0.380084 -1.42984,1.049755 -0.57917,0.651572 -0.86876,1.556534 -0.28959,0.886862 -0.28959,1.918518 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7720" />
+        <path
+           d="m 304.96871,44.030398 0,9.357301 1.53843,0 0,-5.284975 q 0,-0.633473 0.16289,-1.15835 0.181,-0.542977 0.52488,-0.94116 0.34389,-0.398183 0.85067,-0.615374 0.52487,-0.217191 1.23074,-0.217191 0.88687,0 1.39364,0.506779 0.50678,0.506778 0.50678,1.375541 l 0,6.33473 1.53844,0 0,-6.153738 q 0,-0.760167 -0.1629,-1.375541 -0.14479,-0.633473 -0.52487,-1.085954 -0.38009,-0.45248 -0.99546,-0.70587 -0.61538,-0.253389 -1.53844,-0.253389 -2.08141,0 -3.04067,1.701328 l -0.0362,0 0,-1.484137 -1.44793,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7722" />
+      </g>
+      <g
+         transform="matrix(0.59683756,0,0,0.62856206,116.41511,253.93191)"
+         id="g5083">
+        <g
+           id="Isolation_Mode-6">
+          <polygon
+             style="clip-rule:evenodd;fill:#394d54;fill-rule:evenodd"
+             points="122.005,77.57 122.005,22.429 32.038,0.183 0,19.314 0,72.66 92.65,101.222 "
+             id="polygon4984" />
+          <polygon
+             style="clip-rule:evenodd;fill:#a5eaf2;fill-rule:evenodd"
+             points="5,23.314 92.65,45.131 92.65,94.222 5,67.66 "
+             id="polygon4986" />
+          <g
+             id="g4988">
+            <g
+               id="g4990">
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="7.917,29.184 7.917,66.177 11.364,66.906 11.364,30.067 "
+                 id="polygon4992" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="14.134,30.801 14.134,68.013 17.598,68.765 17.598,31.68 "
+                 id="polygon4994" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="20.353,32.418 20.353,69.848 23.831,70.624 23.831,33.292 "
+                 id="polygon4996" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="26.569,34.035 26.569,71.684 30.063,72.483 30.063,34.905 "
+                 id="polygon4998" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="32.789,35.652 32.789,73.519 36.298,74.341 36.298,36.518 "
+                 id="polygon5000" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="39.007,37.27 39.007,75.354 42.532,76.201 42.532,38.13 "
+                 id="polygon5002" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="45.224,38.887 45.224,77.19 48.765,78.06 48.765,39.743 "
+                 id="polygon5004" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="51.442,40.504 51.442,79.025 54.999,79.919 54.999,41.356 "
+                 id="polygon5006" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="57.661,42.122 57.661,80.86 61.231,81.777 61.231,42.968 "
+                 id="polygon5008" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="63.878,43.737 63.878,82.697 67.466,83.637 67.466,44.581 "
+                 id="polygon5010" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="70.097,45.355 70.097,84.532 73.699,85.496 73.699,46.193 "
+                 id="polygon5012" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="76.313,46.973 76.313,86.367 79.933,87.354 79.933,47.806 "
+                 id="polygon5014" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="86.165,49.418 82.532,48.589 82.532,88.203 86.165,89.213 "
+                 id="polygon5016" />
+            </g>
+            <g
+               id="g5018">
+              <polygon
+                 style="fill:#394d54"
+                 points="7.917,29.184 7.917,66.177 11.364,66.906 11.364,30.067 "
+                 id="polygon5020" />
+              <polygon
+                 style="fill:#394d54"
+                 points="14.134,30.801 14.134,68.013 17.598,68.765 17.598,31.68 "
+                 id="polygon5022" />
+              <polygon
+                 style="fill:#394d54"
+                 points="20.353,32.418 20.353,69.848 23.831,70.624 23.831,33.292 "
+                 id="polygon5024" />
+              <polygon
+                 style="fill:#394d54"
+                 points="26.569,34.035 26.569,71.684 30.063,72.483 30.063,34.905 "
+                 id="polygon5026" />
+              <polygon
+                 style="fill:#394d54"
+                 points="32.789,35.652 32.789,73.519 36.298,74.341 36.298,36.518 "
+                 id="polygon5028" />
+              <polygon
+                 style="fill:#394d54"
+                 points="39.007,37.27 39.007,75.354 42.532,76.201 42.532,38.13 "
+                 id="polygon5030" />
+              <polygon
+                 style="fill:#394d54"
+                 points="45.224,38.887 45.224,77.19 48.765,78.06 48.765,39.743 "
+                 id="polygon5032" />
+              <polygon
+                 style="fill:#394d54"
+                 points="51.442,40.504 51.442,79.025 54.999,79.919 54.999,41.356 "
+                 id="polygon5034" />
+              <polygon
+                 style="fill:#394d54"
+                 points="57.661,42.122 57.661,80.86 61.231,81.777 61.231,42.968 "
+                 id="polygon5036" />
+              <polygon
+                 style="fill:#394d54"
+                 points="63.878,43.737 63.878,82.697 67.466,83.637 67.466,44.581 "
+                 id="polygon5038" />
+              <polygon
+                 style="fill:#394d54"
+                 points="70.097,45.355 70.097,84.532 73.699,85.496 73.699,46.193 "
+                 id="polygon5040" />
+              <polygon
+                 style="fill:#394d54"
+                 points="76.313,46.973 76.313,86.367 79.933,87.354 79.933,47.806 "
+                 id="polygon5042" />
+              <polygon
+                 style="fill:#394d54"
+                 points="86.165,49.418 82.532,48.589 82.532,88.203 86.165,89.213 "
+                 id="polygon5044" />
+            </g>
+          </g>
+          <polygon
+             style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+             points="92.65,46.469 117.005,29.184 117.005,75.212 92.65,94.398 "
+             id="polygon5046" />
+          <polygon
+             style="clip-rule:evenodd;fill:#ffffff;fill-rule:evenodd"
+             points="5,23.314 32.538,6.683 117.005,27.429 92.65,45.131 "
+             id="polygon5048" />
+          <rect
+             style="fill:#394d54"
+             x="46.075001"
+             y="-12.046"
+             transform="matrix(0.241,-0.9705,0.9705,0.241,3.2084,72.3107)"
+             width="3.5250001"
+             height="92.299004"
+             id="rect5050" />
+          <rect
+             style="fill:#394d54"
+             x="103.715"
+             y="18.122"
+             transform="matrix(0.5701,0.8215,-0.8215,0.5701,74.5518,-71.3707)"
+             width="3.5250001"
+             height="34.868999"
+             id="rect5052" />
+          <rect
+             style="fill:#394d54"
+             x="90.234001"
+             y="44.498001"
+             transform="matrix(1,-0.0022,0.0022,1,-0.1552,0.2041)"
+             width="3.523"
+             height="51.174"
+             id="rect5054" />
+        </g>
+        <g
+           style="display:none"
+           id="Layer_2-0"
+           display="none">
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="-77.349998"
+             y1="-49.362"
+             x2="-1830.454"
+             y2="-492.659"
+             id="line5063" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="-77.349998"
+             y1="-46.612"
+             x2="-1830.454"
+             y2="-492.659"
+             id="line5065" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="-77.349998"
+             y1="-4.362"
+             x2="-1830.454"
+             y2="-492.659"
+             id="line5067" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="-52.994999"
+             y1="-67.064003"
+             x2="-1830.454"
+             y2="-492.659"
+             id="line5069" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="532.88"
+             y1="-492.659"
+             x2="-76.915001"
+             y2="-49.472"
+             id="line5071" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="532.88"
+             y1="-492.659"
+             x2="-165"
+             y2="-71.179001"
+             id="line5073" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="532.88"
+             y1="-492.659"
+             x2="-77.349998"
+             y2="-0.271"
+             id="line5075" />
+        </g>
+      </g>
+      <g
+         id="g5133"
+         transform="matrix(0.59683756,0,0,0.62856206,194.85661,253.93191)">
+        <g
+           id="g5135">
+          <polygon
+             id="polygon5137"
+             points="32.038,0.183 0,19.314 0,72.66 92.65,101.222 122.005,77.57 122.005,22.429 "
+             style="clip-rule:evenodd;fill:#394d54;fill-rule:evenodd" />
+          <polygon
+             id="polygon5139"
+             points="92.65,94.222 5,67.66 5,23.314 92.65,45.131 "
+             style="clip-rule:evenodd;fill:#a5eaf2;fill-rule:evenodd" />
+          <g
+             id="g5141">
+            <g
+               id="g5143">
+              <polygon
+                 id="polygon5145"
+                 points="11.364,66.906 11.364,30.067 7.917,29.184 7.917,66.177 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5147"
+                 points="17.598,68.765 17.598,31.68 14.134,30.801 14.134,68.013 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5149"
+                 points="23.831,70.624 23.831,33.292 20.353,32.418 20.353,69.848 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5151"
+                 points="30.063,72.483 30.063,34.905 26.569,34.035 26.569,71.684 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5153"
+                 points="36.298,74.341 36.298,36.518 32.789,35.652 32.789,73.519 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5155"
+                 points="42.532,76.201 42.532,38.13 39.007,37.27 39.007,75.354 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5157"
+                 points="48.765,78.06 48.765,39.743 45.224,38.887 45.224,77.19 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5159"
+                 points="54.999,79.919 54.999,41.356 51.442,40.504 51.442,79.025 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5161"
+                 points="61.231,81.777 61.231,42.968 57.661,42.122 57.661,80.86 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5163"
+                 points="67.466,83.637 67.466,44.581 63.878,43.737 63.878,82.697 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5165"
+                 points="73.699,85.496 73.699,46.193 70.097,45.355 70.097,84.532 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5167"
+                 points="79.933,87.354 79.933,47.806 76.313,46.973 76.313,86.367 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5169"
+                 points="82.532,88.203 86.165,89.213 86.165,49.418 82.532,48.589 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            </g>
+            <g
+               id="g5171">
+              <polygon
+                 id="polygon5173"
+                 points="11.364,66.906 11.364,30.067 7.917,29.184 7.917,66.177 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5175"
+                 points="17.598,68.765 17.598,31.68 14.134,30.801 14.134,68.013 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5177"
+                 points="23.831,70.624 23.831,33.292 20.353,32.418 20.353,69.848 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5179"
+                 points="30.063,72.483 30.063,34.905 26.569,34.035 26.569,71.684 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5181"
+                 points="36.298,74.341 36.298,36.518 32.789,35.652 32.789,73.519 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5183"
+                 points="42.532,76.201 42.532,38.13 39.007,37.27 39.007,75.354 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5185"
+                 points="48.765,78.06 48.765,39.743 45.224,38.887 45.224,77.19 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5187"
+                 points="54.999,79.919 54.999,41.356 51.442,40.504 51.442,79.025 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5189"
+                 points="61.231,81.777 61.231,42.968 57.661,42.122 57.661,80.86 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5191"
+                 points="67.466,83.637 67.466,44.581 63.878,43.737 63.878,82.697 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5193"
+                 points="73.699,85.496 73.699,46.193 70.097,45.355 70.097,84.532 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5195"
+                 points="79.933,87.354 79.933,47.806 76.313,46.973 76.313,86.367 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5197"
+                 points="82.532,88.203 86.165,89.213 86.165,49.418 82.532,48.589 "
+                 style="fill:#394d54" />
+            </g>
+          </g>
+          <polygon
+             id="polygon5199"
+             points="117.005,75.212 92.65,94.398 92.65,46.469 117.005,29.184 "
+             style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+          <polygon
+             id="polygon5201"
+             points="117.005,27.429 92.65,45.131 5,23.314 32.538,6.683 "
+             style="clip-rule:evenodd;fill:#ffffff;fill-rule:evenodd" />
+          <rect
+             id="rect5203"
+             height="92.299004"
+             width="3.5250001"
+             transform="matrix(0.241,-0.9705,0.9705,0.241,3.2084,72.3107)"
+             y="-12.046"
+             x="46.075001"
+             style="fill:#394d54" />
+          <rect
+             id="rect5205"
+             height="34.868999"
+             width="3.5250001"
+             transform="matrix(0.5701,0.8215,-0.8215,0.5701,74.5518,-71.3707)"
+             y="18.122"
+             x="103.715"
+             style="fill:#394d54" />
+          <rect
+             id="rect5207"
+             height="51.174"
+             width="3.523"
+             transform="matrix(1,-0.0022,0.0022,1,-0.1552,0.2041)"
+             y="44.498001"
+             x="90.234001"
+             style="fill:#394d54" />
+        </g>
+        <g
+           display="none"
+           id="g5209"
+           style="display:none">
+          <line
+             id="line5211"
+             y2="-492.659"
+             x2="-1830.454"
+             y1="-49.362"
+             x1="-77.349998"
+             stroke-miterlimit="10"
+             display="inline"
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+          <line
+             id="line5213"
+             y2="-492.659"
+             x2="-1830.454"
+             y1="-46.612"
+             x1="-77.349998"
+             stroke-miterlimit="10"
+             display="inline"
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+          <line
+             id="line5215"
+             y2="-492.659"
+             x2="-1830.454"
+             y1="-4.362"
+             x1="-77.349998"
+             stroke-miterlimit="10"
+             display="inline"
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+          <line
+             id="line5217"
+             y2="-492.659"
+             x2="-1830.454"
+             y1="-67.064003"
+             x1="-52.994999"
+             stroke-miterlimit="10"
+             display="inline"
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+          <line
+             id="line5219"
+             y2="-49.472"
+             x2="-76.915001"
+             y1="-492.659"
+             x1="532.88"
+             stroke-miterlimit="10"
+             display="inline"
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+          <line
+             id="line5221"
+             y2="-71.179001"
+             x2="-165"
+             y1="-492.659"
+             x1="532.88"
+             stroke-miterlimit="10"
+             display="inline"
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+          <line
+             id="line5223"
+             y2="-0.271"
+             x2="-77.349998"
+             y1="-492.659"
+             x1="532.88"
+             stroke-miterlimit="10"
+             display="inline"
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        </g>
+      </g>
+      <g
+         transform="matrix(0.59683756,0,0,0.62856206,116.41511,318.58401)"
+         id="g5225">
+        <g
+           id="g5227">
+          <polygon
+             style="clip-rule:evenodd;fill:#394d54;fill-rule:evenodd"
+             points="0,19.314 0,72.66 92.65,101.222 122.005,77.57 122.005,22.429 32.038,0.183 "
+             id="polygon5229" />
+          <polygon
+             style="clip-rule:evenodd;fill:#a5eaf2;fill-rule:evenodd"
+             points="5,67.66 5,23.314 92.65,45.131 92.65,94.222 "
+             id="polygon5231" />
+          <g
+             id="g5233">
+            <g
+               id="g5235">
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="11.364,30.067 7.917,29.184 7.917,66.177 11.364,66.906 "
+                 id="polygon5237" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="17.598,31.68 14.134,30.801 14.134,68.013 17.598,68.765 "
+                 id="polygon5239" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="23.831,33.292 20.353,32.418 20.353,69.848 23.831,70.624 "
+                 id="polygon5241" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="30.063,34.905 26.569,34.035 26.569,71.684 30.063,72.483 "
+                 id="polygon5243" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="36.298,36.518 32.789,35.652 32.789,73.519 36.298,74.341 "
+                 id="polygon5245" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="42.532,38.13 39.007,37.27 39.007,75.354 42.532,76.201 "
+                 id="polygon5247" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="48.765,39.743 45.224,38.887 45.224,77.19 48.765,78.06 "
+                 id="polygon5249" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="54.999,41.356 51.442,40.504 51.442,79.025 54.999,79.919 "
+                 id="polygon5251" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="61.231,42.968 57.661,42.122 57.661,80.86 61.231,81.777 "
+                 id="polygon5253" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="67.466,44.581 63.878,43.737 63.878,82.697 67.466,83.637 "
+                 id="polygon5255" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="73.699,46.193 70.097,45.355 70.097,84.532 73.699,85.496 "
+                 id="polygon5257" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="79.933,47.806 76.313,46.973 76.313,86.367 79.933,87.354 "
+                 id="polygon5259" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="86.165,89.213 86.165,49.418 82.532,48.589 82.532,88.203 "
+                 id="polygon5261" />
+            </g>
+            <g
+               id="g5263">
+              <polygon
+                 style="fill:#394d54"
+                 points="11.364,30.067 7.917,29.184 7.917,66.177 11.364,66.906 "
+                 id="polygon5265" />
+              <polygon
+                 style="fill:#394d54"
+                 points="17.598,31.68 14.134,30.801 14.134,68.013 17.598,68.765 "
+                 id="polygon5267" />
+              <polygon
+                 style="fill:#394d54"
+                 points="23.831,33.292 20.353,32.418 20.353,69.848 23.831,70.624 "
+                 id="polygon5269" />
+              <polygon
+                 style="fill:#394d54"
+                 points="30.063,34.905 26.569,34.035 26.569,71.684 30.063,72.483 "
+                 id="polygon5271" />
+              <polygon
+                 style="fill:#394d54"
+                 points="36.298,36.518 32.789,35.652 32.789,73.519 36.298,74.341 "
+                 id="polygon5273" />
+              <polygon
+                 style="fill:#394d54"
+                 points="42.532,38.13 39.007,37.27 39.007,75.354 42.532,76.201 "
+                 id="polygon5275" />
+              <polygon
+                 style="fill:#394d54"
+                 points="48.765,39.743 45.224,38.887 45.224,77.19 48.765,78.06 "
+                 id="polygon5277" />
+              <polygon
+                 style="fill:#394d54"
+                 points="54.999,41.356 51.442,40.504 51.442,79.025 54.999,79.919 "
+                 id="polygon5279" />
+              <polygon
+                 style="fill:#394d54"
+                 points="61.231,42.968 57.661,42.122 57.661,80.86 61.231,81.777 "
+                 id="polygon5281" />
+              <polygon
+                 style="fill:#394d54"
+                 points="67.466,44.581 63.878,43.737 63.878,82.697 67.466,83.637 "
+                 id="polygon5283" />
+              <polygon
+                 style="fill:#394d54"
+                 points="73.699,46.193 70.097,45.355 70.097,84.532 73.699,85.496 "
+                 id="polygon5285" />
+              <polygon
+                 style="fill:#394d54"
+                 points="79.933,47.806 76.313,46.973 76.313,86.367 79.933,87.354 "
+                 id="polygon5287" />
+              <polygon
+                 style="fill:#394d54"
+                 points="86.165,89.213 86.165,49.418 82.532,48.589 82.532,88.203 "
+                 id="polygon5289" />
+            </g>
+          </g>
+          <polygon
+             style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+             points="92.65,94.398 92.65,46.469 117.005,29.184 117.005,75.212 "
+             id="polygon5291" />
+          <polygon
+             style="clip-rule:evenodd;fill:#ffffff;fill-rule:evenodd"
+             points="92.65,45.131 5,23.314 32.538,6.683 117.005,27.429 "
+             id="polygon5293" />
+          <rect
+             style="fill:#394d54"
+             x="46.075001"
+             y="-12.046"
+             transform="matrix(0.241,-0.9705,0.9705,0.241,3.2084,72.3107)"
+             width="3.5250001"
+             height="92.299004"
+             id="rect5295" />
+          <rect
+             style="fill:#394d54"
+             x="103.715"
+             y="18.122"
+             transform="matrix(0.5701,0.8215,-0.8215,0.5701,74.5518,-71.3707)"
+             width="3.5250001"
+             height="34.868999"
+             id="rect5297" />
+          <rect
+             style="fill:#394d54"
+             x="90.234001"
+             y="44.498001"
+             transform="matrix(1,-0.0022,0.0022,1,-0.1552,0.2041)"
+             width="3.523"
+             height="51.174"
+             id="rect5299" />
+        </g>
+        <g
+           style="display:none"
+           id="g5301"
+           display="none">
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="-77.349998"
+             y1="-49.362"
+             x2="-1830.454"
+             y2="-492.659"
+             id="line5303" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="-77.349998"
+             y1="-46.612"
+             x2="-1830.454"
+             y2="-492.659"
+             id="line5305" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="-77.349998"
+             y1="-4.362"
+             x2="-1830.454"
+             y2="-492.659"
+             id="line5307" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="-52.994999"
+             y1="-67.064003"
+             x2="-1830.454"
+             y2="-492.659"
+             id="line5309" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="532.88"
+             y1="-492.659"
+             x2="-76.915001"
+             y2="-49.472"
+             id="line5311" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="532.88"
+             y1="-492.659"
+             x2="-165"
+             y2="-71.179001"
+             id="line5313" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="532.88"
+             y1="-492.659"
+             x2="-77.349998"
+             y2="-0.271"
+             id="line5315" />
+        </g>
+      </g>
+      <rect
+         style="opacity:1;fill:#394d54;fill-opacity:1;stroke:#005976;stroke-width:1.95111275;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         id="rect5078"
+         width="93.442245"
+         height="30.942587"
+         x="220.62865"
+         y="152.03131"
+         ry="8.0012312"
+         rx="5.394352" />
+      <g
+         transform="matrix(0.48549887,0,0,0.47493898,137.13218,138.44897)"
+         style="font-style:normal;font-weight:normal;font-size:40px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#dbdde0;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+         id="flowRoot6134">
+        <path
+           d="m 187.97742,46.673398 0,28.56 18.92,0 0,-3.2 -15.12,0 0,-25.36 -3.8,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path7725" />
+        <path
+           d="m 213.28305,50.833398 0,-4.16 -3.4,0 0,4.16 3.4,0 z m -3.4,3.72 0,20.68 3.4,0 0,-20.68 -3.4,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path7727" />
+        <path
+           d="m 218.5893,54.553398 0,20.68 3.4,0 0,-11.68 q 0,-1.4 0.36,-2.56 0.4,-1.2 1.16,-2.08 0.76,-0.88 1.88,-1.36 1.16,-0.48 2.72,-0.48 1.96,0 3.08,1.12 1.12,1.12 1.12,3.04 l 0,14 3.4,0 0,-13.6 q 0,-1.68 -0.36,-3.04 -0.32,-1.4 -1.16,-2.4 -0.84,-1 -2.2,-1.56 -1.36,-0.56 -3.4,-0.56 -4.6,0 -6.72,3.76 l -0.08,0 0,-3.28 -3.2,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path7729" />
+        <path
+           d="m 257.97492,75.233398 0,-20.68 -3.4,0 0,11.68 q 0,1.4 -0.4,2.6 -0.36,1.16 -1.12,2.04 -0.76,0.88 -1.92,1.36 -1.12,0.48 -2.68,0.48 -1.96,0 -3.08,-1.12 -1.12,-1.12 -1.12,-3.04 l 0,-14 -3.4,0 0,13.6 q 0,1.68 0.32,3.08 0.36,1.36 1.2,2.36 0.84,1 2.2,1.56 1.36,0.52 3.4,0.52 2.28,0 3.96,-0.88 1.68,-0.92 2.76,-2.84 l 0.08,0 0,3.28 3.2,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path7731" />
+        <path
+           d="m 268.68055,64.353398 -7.76,10.88 4.12,0 5.76,-8.56 5.76,8.56 4.36,0 -8,-11.16 7.12,-9.52 -4.08,0 -5.16,7.24 -4.96,-7.24 -4.36,0 7.2,9.8 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path7733" />
+        <path
+           d="m 306.71742,75.233398 10.16,-28.56 -3.96,0 -8.24,24.76 -0.08,0 -8.16,-24.76 -4.08,0 10.04,28.56 4.32,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path7735" />
+        <path
+           d="m 320.01055,46.673398 0,28.56 3.6,0 0,-23.76 0.08,0 8.92,23.76 3.24,0 8.92,-23.76 0.08,0 0,23.76 3.6,0 0,-28.56 -5.2,0 -9.04,24 -9,-24 -5.2,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path7737" />
+      </g>
+    </g>
+  </g>
+  <g
+     inkscape:label="default"
+     inkscape:groupmode="layer"
+     id="layer1"
+     transform="translate(-73.928551,-292.36218)">
+    <flowRoot
+       xml:space="preserve"
+       id="flowRoot4362"
+       style="fill:black;stroke:none;stroke-opacity:1;stroke-width:1px;stroke-linejoin:miter;stroke-linecap:butt;fill-opacity:1;font-family:sans-serif;font-style:normal;font-weight:normal;font-size:40px;line-height:125%;letter-spacing:0px;word-spacing:0px"><flowRegion
+         id="flowRegion4364"><rect
+           id="rect4366"
+           width="95.964493"
+           height="43.436558"
+           x="171.72594"
+           y="102.005" /></flowRegion><flowPara
+         id="flowPara4368" /></flowRoot>    <g
+       style="display:none"
+       id="Layer_2"
+       display="none"
+       transform="translate(862.40058,602.59637)">
+      <line
+         style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10"
+         display="inline"
+         stroke-miterlimit="10"
+         x1="-77.349998"
+         y1="-49.362"
+         x2="-1830.454"
+         y2="-492.659"
+         id="line4716" />
+      <line
+         style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10"
+         display="inline"
+         stroke-miterlimit="10"
+         x1="-77.349998"
+         y1="-46.612"
+         x2="-1830.454"
+         y2="-492.659"
+         id="line4718" />
+      <line
+         style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10"
+         display="inline"
+         stroke-miterlimit="10"
+         x1="-77.349998"
+         y1="-4.362"
+         x2="-1830.454"
+         y2="-492.659"
+         id="line4720" />
+      <line
+         style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10"
+         display="inline"
+         stroke-miterlimit="10"
+         x1="-52.994999"
+         y1="-67.064003"
+         x2="-1830.454"
+         y2="-492.659"
+         id="line4722" />
+      <line
+         style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10"
+         display="inline"
+         stroke-miterlimit="10"
+         x1="532.88"
+         y1="-492.659"
+         x2="-76.915001"
+         y2="-49.472"
+         id="line4724" />
+      <line
+         style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10"
+         display="inline"
+         stroke-miterlimit="10"
+         x1="532.88"
+         y1="-492.659"
+         x2="-165"
+         y2="-71.179001"
+         id="line4726" />
+      <line
+         style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10"
+         display="inline"
+         stroke-miterlimit="10"
+         x1="532.88"
+         y1="-492.659"
+         x2="-77.349998"
+         y2="-0.271"
+         id="line4728" />
+    </g>
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#marker5920)"
+       d="M 187.77436,389.79113 C 131.26725,402.59092 53.961508,490.55977 172.27674,510.09709"
+       id="path5884"
+       inkscape:connector-curvature="0"
+       sodipodi:nodetypes="cc" />
+    <rect
+       style="opacity:1;fill:#f2f2f2;fill-opacity:1;stroke:#005976;stroke-width:3;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       id="rect4461"
+       width="151.48232"
+       height="31.31473"
+       x="107.04051"
+       y="357.65875" />
+    <g
+       transform="matrix(1.1029002,0,0,1.1071429,-80.18049,321.25181)"
+       style="font-style:normal;font-weight:normal;font-size:40px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       id="flowRoot4354">
+      <path
+         d="m 187.98859,51.93976 0,-10.026972 2.89587,0 q 1.19455,0 2.00902,0.343886 0.81446,0.325786 1.32124,0.977358 0.52488,0.633473 0.74207,1.556533 0.23529,0.904962 0.23529,2.063312 0,1.194549 -0.25339,2.045213 -0.23529,0.832565 -0.61537,1.393641 -0.38009,0.561076 -0.86876,0.886862 -0.47058,0.325786 -0.95926,0.506778 -0.48868,0.162893 -0.92306,0.217191 -0.43439,0.0362 -0.72397,0.0362 l -2.85968,0 z m -1.71943,-11.47491 0,12.922849 4.43431,0 q 1.61083,0 2.78728,-0.452481 1.17645,-0.452481 1.93662,-1.303144 0.76017,-0.868763 1.12215,-2.11761 0.36199,-1.266946 0.36199,-2.895877 0,-3.113067 -1.61083,-4.633402 -1.61083,-1.520335 -4.59721,-1.520335 l -4.43431,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path6983"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 199.86394,48.718098 q 0,-0.850664 0.2172,-1.502236 0.23529,-0.669671 0.63347,-1.122152 0.39818,-0.452481 0.92306,-0.687771 0.54298,-0.23529 1.14025,-0.23529 0.59727,0 1.12215,0.23529 0.54298,0.23529 0.94116,0.687771 0.39819,0.452481 0.61538,1.122152 0.23529,0.651572 0.23529,1.502236 0,0.850664 -0.23529,1.520335 -0.21719,0.651572 -0.61538,1.104053 -0.39818,0.434381 -0.94116,0.669671 -0.52488,0.23529 -1.12215,0.23529 -0.59727,0 -1.14025,-0.23529 -0.52488,-0.23529 -0.92306,-0.669671 -0.39818,-0.452481 -0.63347,-1.104053 -0.2172,-0.669671 -0.2172,-1.520335 z m -1.62893,0 q 0,1.031656 0.28959,1.918518 0.28959,0.886862 0.86876,1.556534 0.57918,0.651572 1.42984,1.031656 0.85067,0.361984 1.95472,0.361984 1.12215,0 1.95472,-0.361984 0.85066,-0.380084 1.42984,-1.031656 0.57917,-0.669672 0.86876,-1.556534 0.28959,-0.886862 0.28959,-1.918518 0,-1.031656 -0.28959,-1.918518 -0.28959,-0.904962 -0.86876,-1.556534 -0.57918,-0.669671 -1.42984,-1.049755 -0.83257,-0.380084 -1.95472,-0.380084 -1.10405,0 -1.95472,0.380084 -0.85066,0.380084 -1.42984,1.049755 -0.57917,0.651572 -0.86876,1.556534 -0.28959,0.886862 -0.28959,1.918518 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path6985"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 215.45219,47.03487 1.59273,0 q -0.0905,-0.832565 -0.43438,-1.429839 -0.34389,-0.615374 -0.88686,-1.013557 -0.52488,-0.398183 -1.23075,-0.579175 -0.68777,-0.199092 -1.48414,-0.199092 -1.10405,0 -1.93662,0.398183 -0.83256,0.380084 -1.39364,1.067855 -0.54297,0.669671 -0.81446,1.592732 -0.27149,0.904961 -0.27149,1.954716 0,1.049756 0.27149,1.936618 0.28959,0.868763 0.83256,1.502236 0.56108,0.633473 1.37554,0.977358 0.83257,0.343885 1.90042,0.343885 1.79183,0 2.82348,-0.94116 1.04976,-0.941159 1.30315,-2.678685 l -1.57464,0 q -0.14479,1.085953 -0.79636,1.683228 -0.63347,0.597274 -1.77373,0.597274 -0.72397,0 -1.24884,-0.289587 -0.52488,-0.289588 -0.85067,-0.760168 -0.32578,-0.488679 -0.48868,-1.104053 -0.14479,-0.615374 -0.14479,-1.266946 0,-0.70587 0.14479,-1.357442 0.1448,-0.669671 0.47058,-1.17645 0.34389,-0.506778 0.90497,-0.814465 0.56107,-0.307687 1.39364,-0.307687 0.97735,0 1.55653,0.488679 0.57917,0.48868 0.76017,1.375542 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path6987"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 218.91112,40.46485 0,12.922849 1.53843,0 0,-3.547449 1.44794,-1.339343 3.20357,4.886792 1.95471,0 -3.98183,-5.954646 3.71034,-3.402655 -2.06331,0 -4.27142,4.090425 0,-7.655973 -1.53843,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path6989"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 234.72136,47.813137 -5.37547,0 q 0.0362,-0.542977 0.23529,-1.013557 0.19909,-0.488679 0.54298,-0.850664 0.34388,-0.361985 0.81446,-0.561076 0.48868,-0.217191 1.08596,-0.217191 0.57917,0 1.04975,0.217191 0.48868,0.199091 0.83257,0.561076 0.36198,0.343885 0.56107,0.832565 0.21719,0.488679 0.25339,1.031656 z m 1.48414,2.606288 -1.52034,0 q -0.19909,0.923061 -0.83256,1.375542 -0.61538,0.45248 -1.59273,0.45248 -0.76017,0 -1.32125,-0.253389 -0.56107,-0.253389 -0.92306,-0.669671 -0.36198,-0.434382 -0.52488,-0.977359 -0.16289,-0.561076 -0.14479,-1.176449 l 7.0044,0 q 0.0362,-0.850664 -0.16289,-1.791824 -0.18099,-0.94116 -0.68777,-1.737526 -0.48868,-0.796366 -1.32125,-1.303144 -0.81446,-0.524878 -2.06331,-0.524878 -0.95926,0 -1.77372,0.361985 -0.79637,0.361984 -1.39364,1.013556 -0.57918,0.651573 -0.90496,1.538435 -0.32579,0.886862 -0.32579,1.954716 0.0362,1.067855 0.30769,1.972816 0.28958,0.904962 0.85066,1.556534 0.56108,0.651572 1.37554,1.013557 0.83257,0.361984 1.95472,0.361984 1.59273,0 2.64249,-0.796366 1.04975,-0.796366 1.35744,-2.370999 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path6991"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 237.8907,44.030398 0,9.357301 1.53844,0 0,-4.162823 q 0,-0.904961 0.18099,-1.592732 0.18099,-0.70587 0.57918,-1.194549 0.39818,-0.488679 1.04975,-0.742068 0.65157,-0.253389 1.57463,-0.253389 l 0,-1.628931 q -1.24884,-0.0362 -2.06331,0.506779 -0.81446,0.542976 -1.37554,1.683228 l -0.0362,0 0,-1.972816 -1.44794,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path6993"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 255.3624,47.03487 1.59273,0 q -0.0905,-0.832565 -0.43438,-1.429839 -0.34389,-0.615374 -0.88686,-1.013557 -0.52488,-0.398183 -1.23075,-0.579175 -0.68777,-0.199092 -1.48414,-0.199092 -1.10405,0 -1.93661,0.398183 -0.83257,0.380084 -1.39364,1.067855 -0.54298,0.669671 -0.81447,1.592732 -0.27149,0.904961 -0.27149,1.954716 0,1.049756 0.27149,1.936618 0.28959,0.868763 0.83256,1.502236 0.56108,0.633473 1.37555,0.977358 0.83256,0.343885 1.90041,0.343885 1.79183,0 2.82348,-0.94116 1.04976,-0.941159 1.30315,-2.678685 l -1.57463,0 q -0.1448,1.085953 -0.79637,1.683228 -0.63347,0.597274 -1.77372,0.597274 -0.72397,0 -1.24885,-0.289587 -0.52488,-0.289588 -0.85067,-0.760168 -0.32578,-0.488679 -0.48867,-1.104053 -0.1448,-0.615374 -0.1448,-1.266946 0,-0.70587 0.1448,-1.357442 0.14479,-0.669671 0.47058,-1.17645 0.34388,-0.506778 0.90496,-0.814465 0.56107,-0.307687 1.39364,-0.307687 0.97736,0 1.55653,0.488679 0.57918,0.48868 0.76017,1.375542 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path6995"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 258.82133,40.46485 0,12.922849 1.53844,0 0,-12.922849 -1.53844,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path6997"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 264.38967,42.34717 0,-1.88232 -1.53844,0 0,1.88232 1.53844,0 z m -1.53844,1.683228 0,9.357301 1.53844,0 0,-9.357301 -1.53844,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path6999"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 273.28827,47.813137 -5.37547,0 q 0.0362,-0.542977 0.23529,-1.013557 0.19909,-0.488679 0.54297,-0.850664 0.34389,-0.361985 0.81447,-0.561076 0.48868,-0.217191 1.08595,-0.217191 0.57918,0 1.04976,0.217191 0.48868,0.199091 0.83256,0.561076 0.36199,0.343885 0.56108,0.832565 0.21719,0.488679 0.25339,1.031656 z m 1.48413,2.606288 -1.52033,0 q -0.19909,0.923061 -0.83257,1.375542 -0.61537,0.45248 -1.59273,0.45248 -0.76017,0 -1.32124,-0.253389 -0.56108,-0.253389 -0.92306,-0.669671 -0.36199,-0.434382 -0.52488,-0.977359 -0.16289,-0.561076 -0.14479,-1.176449 l 7.0044,0 q 0.0362,-0.850664 -0.1629,-1.791824 -0.18099,-0.94116 -0.68777,-1.737526 -0.48868,-0.796366 -1.32124,-1.303144 -0.81446,-0.524878 -2.06331,-0.524878 -0.95926,0 -1.77373,0.361985 -0.79636,0.361984 -1.39364,1.013556 -0.57917,0.651573 -0.90496,1.538435 -0.32578,0.886862 -0.32578,1.954716 0.0362,1.067855 0.30768,1.972816 0.28959,0.904962 0.85067,1.556534 0.56107,0.651572 1.37554,1.013557 0.83256,0.361984 1.95471,0.361984 1.59274,0 2.64249,-0.796366 1.04976,-0.796366 1.35744,-2.370999 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path7001"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 276.51191,44.030398 0,9.357301 1.53844,0 0,-5.284975 q 0,-0.633473 0.16289,-1.15835 0.18099,-0.542977 0.52488,-0.94116 0.34388,-0.398183 0.85066,-0.615374 0.52488,-0.217191 1.23075,-0.217191 0.88686,0 1.39364,0.506779 0.50678,0.506778 0.50678,1.375541 l 0,6.33473 1.53843,0 0,-6.153738 q 0,-0.760167 -0.16289,-1.375541 -0.1448,-0.633473 -0.52488,-1.085954 -0.38008,-0.45248 -0.99546,-0.70587 -0.61537,-0.253389 -1.53843,-0.253389 -2.08141,0 -3.04067,1.701328 l -0.0362,0 0,-1.484137 -1.44794,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path7003"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 288.72239,44.030398 0,-2.80538 -1.53844,0 0,2.80538 -1.59273,0 0,1.357442 1.59273,0 0,5.954646 q 0,0.651572 0.1267,1.049755 0.12669,0.398183 0.38008,0.615374 0.27149,0.217191 0.68777,0.307687 0.43439,0.0724 1.03166,0.0724 l 1.17645,0 0,-1.357442 -0.70587,0 q -0.36199,0 -0.59727,-0.0181 -0.2172,-0.0362 -0.34389,-0.126694 -0.12669,-0.0905 -0.18099,-0.253389 -0.0362,-0.162893 -0.0362,-0.434382 l 0,-5.809852 1.86422,0 0,-1.357442 -1.86422,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path7005"
+         inkscape:connector-curvature="0" />
+    </g>
+  </g>
+</svg>
diff --git a/docs/installation/images/my-docker-vm.png b/docs/installation/images/my-docker-vm.png
new file mode 100644
index 0000000000000000000000000000000000000000..f7073eebfe85f932b9fd82af0b3bedb80902894a
GIT binary patch
literal 136985
zcmZs?b9g6R*Cia=NyoNrJHMD6+qRu_Y}@YGwr$(C-P6zg+%xmecYS|WU3IFC_S$=`
zbt+szP68eV8wLmn2woB(ssscC3IYTK91jKY_s;Shm^Tm*+z$&85d}#R5kdt=J5vj5
z6CfZ!c(NL#y7Cx$j+PP>G#wH!RX&H1XYw}Be4jV~BnU->uxvG6416Up0xBY+I;^Y}
zT@d{TatHD1M_^b)Jw3X0S*Ik(=|k7o_KRG1`p3y6m)W<|_2ic+P+W@%G+25W2$067
zwn0%31`9t?yyQD--Yo^FbpTgnHpy*N7!>dy${Rai(a%m>`k1E~*FQhexHfUwfdF8G
zV_CSa=z|hKy-RB#2J}Eda%C%-i8M$DZb&q+L_$De#!Pa_hVV>sDTdPFvd%>ugZw~o
zziCq#e*kegc$?z${1}c$6|^2ZxqU^l3tf%Q9^Mz+gug4QtXxByP$puR`zDe*?-`Q8
zj~z2Cjxn;JM<M#Sbp%VV^!Q`O_1$7@5;1%{8yuZM4i|=Y0(a3&VdPqiDRK>f72u-9
zH6#n0dEi9xV(LyMhY7=KBG5l^AIJcP@Mp*zxQ7nGTt+boV>aZKsAH3+ybFFd$7JAO
z^hBe8HIs-LmUw98>Q*%3jK;xa#&!Z1V6lc%E57{%Aqt^^=S#>%$D=q3Z$7y*93V{j
z)yhIaLhZizt>~NKwwe~LfJSv(iFnt6makW|2%$VRjx_<>px;1>t3vcVDjSIq_ilK%
zne`gSWQ$uJTayGjymxOT&Shlp;vp9Ejt<RCB7RjzZCm13)HuD`m(^Luv}4s~A0T<*
z&nIUFE(Ulrx&d!Po>Q{rL=g7pxCNFW45Y)FggEnGVVdOx`Xedv2?PrzM7<00pg5H#
zk!2i&_(2(m_#GGq>p1+?Nm{5K2l=Eo(loz~TLch)AjQYpr5e;|<-QK-*d?lc@t?wW
z8_XX5OuIK~K=BFZ9|S5Om^03T#HpVSl7({r^ZVmk(p~D5n3sH$)EV_UP@i)=m@5+N
zeuO0wT%J@>{Ljq(4=6vwX|Vh}ocFhA(^R;wj}dEok<oR8mwp{0zfnB1-Sb}Dmf&>v
z{cA=Jp0cm_eDkcK7tL?p+_arou9)*9nWIZ_4bs?$7yOoYu80>zw*6kS+nJPAm`g@i
z1fF1>Ud>wZ-a$D-*;SLvR?OI%Ac}-!Ms}^DAT5Zf0i1@q%7)99&wGM~25~GXvKyR3
z$CKj-j-VIoK3*aQHoDX^=$=t+Q^H&urf>@z3lm8H*AMzH?@kjy_XgC#zMGCK4UpWB
zLi)ST$UNxosxr{&P0z*ScJEaay8l78bv&bd`M?k!u!2ADCYGfj>?yEOS|VF5Bz-UF
zYak&KLV*xS8gxYtL_OgJmp-sMOoSk`IxKr2OfCE+m{+f_Jrrvox;;!5c&Z>pEA;h1
z(;TF3pwKNo90`=LusIZ-qDUh$=pbC3I4&~BAO^G$aXc6)w4~T;7?g%Tt%y{dQW3~n
zz#?%E$w-{?D0mTUTjV3**C@^*OGLhk3f7V+{M=X>$$2<L;oK=4>yIh%hdE(qHq98-
z!jD;qM>J39u5i~vhB+cQ{d!E$g}zB9iAfyT5tKSKnJ~Kkh&tv<Y#x8M0XHAKi(!ab
zc~0cg1DQ?S>KPzj2(yE=S7PrUx&b$RIJd5!+}pnp_jmpd2BI%&R|bl75LF4<2}&%8
zx!<;5u^+3o@Ez(VT$K2ixu~<h7fV2zT$a4H*rrq^MKelASl1vCN_detGf7)Qza*^^
z{qL~G^u}1{1n1~QiFZH>nN?!dnD3z|bFQ`^J;@DOE}<TY014s*<tXMT=S0wiz47r_
zW&9f10<F`}5_!|K0svD%t5N~gSyFM5<2dj*);Q?6mWGCgjt0fr?|R-fvihTXNRyd~
z=TYARYDL-K+lyx^$S!P6A?s3I(mv9Kb8r^;jiQ?LHf&WXt{Kl^&x$ehW<(g2Bk@|a
zYE&zPZnD?Ool%_uou!{LZ{BarZv*#gN04a7XmCF|f2hMmqEY{dq1sf%R4Ss;qza)i
zrK(oitZ)~)YeSJ7Qy5bVFH|XOR6c7|V!$iBnCm*TerJBCf5-C7Wma4Ra4B%<w26B3
zIELQmMI=O2NmY((Crc$CP;bFS8H_?18#6C6A~4x9@ypL<?Q#Y17#szGqE^ek=5Z@7
zi6mEOR%+IGDnB(~D^ID>iP&Uo7Oso9Xm6?bl)vLXQ9rSqgQ6x=w96RF)8@FF@AJW{
z45*MO8FdfKMNeRhWN2o5XMjviWt6f(HezbxYo2N1G|HJjSuHeeHF~V$G|F4{=$A9{
zrKe9in({a)NQh7fN)$DSl!}<CuK+m2TLfElU-I$AW)vC3?0)HHZs&D3`<8u!d~tty
zK`=waKv+Oz!cAj&GqN&Av1r?_n!j!WmMCW_cgm(u1DK{(w>URi*Iz@R=LY9U2aGEu
zOQ|d^%`!|iEj*Xt*cvzv(rwr-GDOo3S;GZ>d(PW9mA938<alIz#DWhH4;J(m%<V53
ze~pDFuE_Fpyk!<=o0J^UPkg9KsS2rrt4^ufRmxVaEhjH?Sevu^vParvSnF<NtU20L
zSl_J9T?t>MY&5O;G`ZDctP|AUxXro&99Q@4Hx$>H`W=!FJSYMaQx^<N(M#p0pQqcV
zL$m(4GP#Y}uU*`GN6evJC+R4A>bU4=RP$(eY^B*s+HP#MZ@Fx0TrXY6@;&l$;&<@n
zcx1SjcwIkuADNtyJ#wEv^=+(q<-1iN9v|E&UoPxb9O4{k?R|{OuP`jtOxw-wO#5~F
zSpg9da_Z~!UI|VKy6W5P>c@%9_UAq8TiUDGi`^a|Eg%^HoG7ue(c1YRh0=sD1uB_v
zgCIj{5dAO>(Bkp#MpX6}!+s|#=Zb5J(TDM3h{b07XyQ2cX;gd6IQ?K6W-3T)R)1SP
zt81zw*!SL-I%q$j7-5L&Ny^LVl{S|mB^xHcmcz|B=CL_w>^^f{h%DL3Fkm&hj)G-b
zGBcg#<(KwFw_4sK6;{%o-!5XPv{z-bqU2)qkiI9}$m|OLN;v3S>peSZca(0MQPNhH
zQqC!DFR7Nll6R7)k;d8ec%XK#Spc1HDfSzMnkgH@9E+N$oFO(NGr>Ecxnp^~YG^W@
z$=)JkL`8#cZ^&-oFhzv<72M$zmxaY8+cth%=A>av`!2Sac#@)){^B5anKj__<K+HC
zH^+?I?x@r3&G)TmYUHHhq=jx)qt;nyMtCNe2c0M~0i%g-SxdXM)h_%`0-rRMG)syu
zRV^(goqG$dt%g&+>0Uzrw%(`TZ<+)e6!b0K>w51E7;kVpu@R}v<V-bRnqxFQ+B#Y)
znz#ChuJipG)t;0;-1XchE+g0<Y(K5St=_Ecs+{y%N>%Dudm7z*PTxb|C*g;1wr#SS
z?u65A)|zFLWD8`sj);zAGoLtWwmyrAtM*Nc)l9z7qv>c`yjRE9JgdeF&wJUYY{)kF
z?M`fZ8V39%M4Aj-*5vl5JG158hOW6^G7s#UI+om0FTXVhYR<M%+e*8Z^P633hPT;V
z%(Kg?{dOLGvOj#DIq(<-Y727|^&F9K(eS+QyykCO5Wop6c`n^wdy#*UXvNIOqH_?!
zKVU=PEMRwJqGYtkfa6(NxmxhQhYk_2(Q(rykNk|O;S%CfbT>RS{vOL$6}ssCy{Oz}
z)3AP>8zbOT=ws<MlD^AwGV`9z=QI7VIrdO}qD9ZC$LTtEXLvyNAq}5;MNiOW=yqft
z>LW4mGqgfBTP}M_N4Z^2+o{L(ynW`Wfdj-&yB*85;X-w?il?P?=em2K?cvk*cx&b5
z{u+Kq@8175?=`=Fpk4wyw)_w4TSNCo_lJ9|{LImaV(iUJy_X*Un8$r_%`MfH#Tv_%
zS<_5aZp-7xlUsM%bHPpV?$NE_oL+>VjfctS`RES5pB{b`!KD|SH{ZSKl2%g-+l}>3
z6TBE4pJ(oq@2kk2L{qF6KbJ4}3)l5S!ycC&KySP!!`tQ?{qw31usj;(Pi8C`1A=L7
zE(HT*X9<)?*4qHuIih%2^uiEMIL}iE7U0)E&yyi~30!suL}&^PM06Xa1fB^zsPc+N
z&{N0<WNE~*Elx%;G^~jo31i0;6iY&4#|BKu273FGlbN~G#rW`o9`H;LRJAtmm8%|h
z8`Y!Z-2$TanDQ(4NN=Ll3d>#5RSyVA5J*x~NW~ravI|mQdnujIx5UzvwQ$>HErIMs
zw-+3$>j5%Bke$e6VdJ{Q#@Co*Ek_DOl0AqOfDT1O1Pv@aqTj2p-Mf`QR`H@+V(~ut
z$J_4FSR=&-OS&2Nx+!;ilICU0>pJtL`=QASX!p?2`_IQt&%3nV`@9)CgYGAN$Chpy
zfD~@CIzm{GC=W>iiV_SB1O_<R|L>(e0*O8&CQ5){UPF1g<wUIC=Yih$9-`ms)b*g)
zs{BESmB4EsqAvvti<2!YwiqwIKxjvKM)m*ulK;FjO03tMwcncE$lkto&#mWUYsCV{
zefe=N*4G(S;FFbsp@tR>CLqPX?xbwy-*5kquJm%n_>aEUsl%O}ou!+Ym{@(hzq@Am
zem~^;wG<TW3ljmC|Bp`p?}mOIP+>2z3ulv*)YSD@5D*aScnA`6#+w1BdaOj$b}JE#
z3m2KS4VH!f-*NBaiVJQAg@lIkz`@~$$&)jx2R-XELgmhc0!RzmkkVzySFPC%e#Fg`
z3PTm~>*DzK{3(0KEUR3ifal$MA4HV0+xflhh7en2*)F`BB_@~yJ3<L%K7J@-srg={
z6U&xs`E}2`2YR0N@c2wYI&E3RaF3gLs!_5;w30(eZl&}T+h|bGUW!fos}BlP{C&a~
zt4&6Q{Cq-mBzwMj?&9wK&gcdd)FEz}6vY7x<>$YvrJn$Go1M%U2QPCzH`WUxYmO11
z=NB*r3-FFU^m27&S5i_U_ui9T#MdMa3O5Jamsw0rOa!f1;y!zpT{LZy{k!&Q{9uP%
zNYL+d3tQ2^Er?9~=}OraqZ1Pn?Gya@z24ka$QsKmtFii<L7SH{vb6#pK4_sv2F}hd
z1H;WGW<{|%6r_ZwF9m+H(U*b3q=Ed8@U43?Gs33r52t4G#KXSNgfOTdsjv--7?tp0
zBf_VbmjPSJF_lq`g%>X#vmA$FuDbZ2pgxQ|4RL!}uWc2mU=}N9Xk0$EJs3=d@M{`p
zVGy0CX9V*>j#t>cy~agKluJXt?X3Ow+$%ii+RJ!kF??OW7>i4Y1QOj7<4(m!$MpRW
zz56)pogQ`p$iYe7YE?h}yR~<Xp%kiI_K6vgiGYb4Bl8$U1^wzqBejC8G+1_l_UzrA
zckV2cor1x_*z}p7@M`dVK8!CeuCA775#K#5tN!ljNn9||gUc6$-KlIIMVD5rcualv
z!MP=+*lZrRyzIa{bKemRe!1bKBDTFUS)-SG{jW8$OtFfsjirc?Wmi)7uR4=U2cwn=
zv-mYH&5PA(^61LbmBcHZs;9C_+k)a=AUit@1YAyk5tk`mIe~}}kY|$7ZdLr%*z$31
zutI1i{3vt_HF+z#3p-=J!c31XFz$_Whq90-Mc{>HXUuFLety4^tjU4mtH#oTw_Bk_
z4!3A(+n7b?eR;?4xhr7qjm+7_xuNDvq-Xd&1rxFi%?*G$_uSle%y5Wi%z~WZn%5*J
z*#%E~G=*(ne3zr`C<h=5A@5!v9%Sw{zS%*KmN)7g6w)ED9Oim2Z24ubp~)BbPdkO>
zO8B$nSN)&YqtlPe)q~bQtI?K`{{$E(4HWLzGtLT_$LiTN4|=57f_XRuV6x|3lm7y7
zDnCEpferWTXN^2y$oPV14%Dsu@5h_YGyj7^rbv0Z9QcC<FkauScoj2xu}c-HMr#p2
z)q4!^?z13N@X7)?>_ul$_j?lo*JGHkSttga__3DbVU)R&?a7Mkx!(K%BO%BoT7|xy
z&9TC7>Kqtc^4c<@zlpAejV>e&h4Qx&0yV^jpxQq6o<keoHK+{Z37bAaN9iX+7i^cR
zjhZudan1+w7#KbAkmtQDo@UoAB-@)vFH(9sOSr&?Dg{ol^6YWsaz^;Y2Z&Ho`;5O3
zaE=+YqU-xvHIYcS8sfr>fNI)o@4fUn{rCKL3s?9<ewt^-d{;kZuS)KaWc2zJ*#y2&
z$_2IzMUc@f>wmSosE?Qoyt`0NH|7_2ff{h7K2g+3M=fG3L4nAdU^yfwJX>BNmA!_$
z6KoOtP}JBkli=GI+RaY5lIm&I<DXvya^Q-<j7&Kf)gOK#MU#%iTU+vKB-|)&!|vJN
z`vRJ!*ZcSz@cR^=CA}J(qgll+7EZq$ind5Pn)oTiuSM!)aJ_WedJ4iUjY@Khm;Zs}
z-Af{U{<Y$vP`yeZCDGRvj5m5jz#F|-Ogu&yErnxWddxd1x?sdMdzb9N21R=OA#hD1
z(iQ2G#9w6Ltbhs&+1yz8#qS36kWwRP8}cg<1za6Hax3@^7NgMa1HaJ?!O*}0qWl>@
zDE*rKdz)SKYE8YV2&C#MbZ%~8#>}5LRc4f)dLXb~7{(Co{1YFSUppEYk)=>^v|)b8
z_`5TBbgUL{$xgBIrJ1dux-Glk8jidH+-V#`UsVX5OX8l3f<gg7R9p_9wrR>)14~d&
z6ZzCcQY{<Uz2AX$^29~R1bU`UQ`vxRWOivSbn_7f0?Z%ei_y~)VsCO>Se=(8R;8**
z;yq4?1H;KCQq`}yf>A>tJd`4#x8M^5lghf8W3exR1LFvsesM*G2&ptuVNhhHh_J>&
zn2<H9wF8((#J5tL9r4QLXV|(UQ*7%f8R#{>N*&@uN~K`PR8Y*YCTlYVbOc}ki|b9D
zvj(IYdQogYfkfC=iSd|o4YzhJyfpO(ssz?T{<a)$wUsC%O0tlUrz-yORE_@@rr6Ur
z=q<K#o#PnD>g%g5pLVdS8>VzBU2x*z86^NJEPQalfC+iTc5-}Tm&`rhJqSIVzi2*~
zn)Y{1Q^RV#xxZ@S04e<S;g>#Zq5d<k%H;IGtsrDMPWzq=Q-Pa3py70t#j)0X&ikre
zxVzlyV)qWRsg6-gS)ooJ`9?BzxyDyB&hp%%ZvV?bvd+p@qb~?_0$r_F7<QR5q|=X%
z*X{aKjB-@2bRshqJ$hh0?ZvIRKjCNK57-ILYT<nq#eb>}GsFOB{5uH_aj=sj)042g
zDuR62&388qX{iF#<lmL@)eKK(*f`lxrz?IuR|_*gt^O7%yOV^y>SS;qA!o3MqH-yy
zb?ymZqe};9W!BTq#vPNlAELE|B^!KU;xOOP6{t?8KlJkou|hMs6*xO^CsOFed{aQH
z;NfqTm1+A8U5@yj;Rh*`=mz(}A1Esk^mhU*gUFx^ibh$cWew|k$`PhJHPpMku^i{G
zoCDTk@!f92*t13=hX{xEgmq1+-#xupImnSez24T$jkH*l*sKDfCTckqwc}<ExRJw1
z>3(bn*t#2;PSTGS5n}Rap5p!9Io7upEisb$V!CRWt6m{6+lOekhA6Wrjl+Y1EBsxD
z{|gvYYFtWDlO2a%lPt?(ElpXe7Zc3<I(s0XmV8#K1+|WHFhY8U^fk2IzP1FRy3>$W
zs~OHjOyktnMz|+61<n9)06UUjQ-Nw@V`FY-x4?LPi7&i%sR1B@hW7NTOYQef`qFE4
zhaNvcD~vsGu5Cw#PJ|C0^0;+oE9frPS~yqZXeK1-K>E$DnKPm%-Q5t|V205runIn7
z53o{>qnDcR-cK+@LA)XyrpBE8%Qv|{6q()dZ$imNoipZCR`S~Pht^KIw-KB@3d__R
z!5)sM14}b~2*+5J;%X}R{R0F+9svBQakyzD{H%@6_wS^tq;ek!s(t6<{Rzbr3P~ms
zT2?e6=2yu33mZZ$j0r85`%1JF`3~{gczGWydFu7<Gp~>z3R-%xXgPXG6h;CD@)YM?
z>m~nGp(XGEiJD-CLp-Vt)h(hs)qbf>)`>@=V%p(@o{ZnE=}J4{>($Rxe@kBFSbr!{
zWSC26^)ks^!P7%B*<mnY==9sT87$wKlG<*^Atm)_2e@=Y^>%Nvh<hi>mr!K;A_bm{
z1I2wk{vdpLq#x2N2Cj-F&zp6Mg4dVN=JafZY9w!`=a>Fud^jeg829?L>B=GB-5hgk
zbCI7>YqN_Zo7F$s%MV$?+Pc~`P-Pmdq1(aXi7WDOUFXbWc_EKHQpK)(ot!Ax7JZYB
zi|@Jl08^u4mJvr~m_S|UBu^N52llW!1^uIq!?Ut9!mfS1t7mdav%H!KwzOjpC;-Wc
zV(BHRBF!o6KFlJ2oF<dJT0wiscE&TQ#6vF0=<Z!R^52?(J@%fsWq6p0y12+0iw4s#
z&gXEshyh<0mqrVr>3RWijx55a!+b$U{*3MzInlU?C20(j0oy%=!(KG_eL)|Z&ZCC-
zY`s7+C%!UE&LH|28&wCc<J9BCR@q7-3|>4e4***WxkDKxaowpu5gF(jsWp7Yka#`z
z(BAm;(ETJanyK0B7X?`AKtvAk+%1KdVS&|3!O-HOS@FFm*6EdXA#7zT7%NU&!?;2b
zxIPb(>27<n<{v_N)PlJQ{=O`sz*;DT3S^JP$B!<4XX#XrKh18l^Kn{XYr$=rQQ{UF
zSnu2GRT_TtFqfSaaFoOvI^AX3IJx1>gk&RPUqAl~JO}}aD8R_;M<(RhEIR5dD@K`A
z444|u90heB!@lSo_+OuQ7j+}DCH!2+Di;e?I7T(a{4{?z&0oX<^BbWmLBrhtwOBo3
zurg?`^I23Tw?{83*37jueG=EW5H`69q7DElKm)QtTW;ULsV%HiMb#zqXSK~^ob(h+
zV<8S+v&Pl*ui|wQmG1Tr<V^1^d*%|F^5#S{CcI>PzS?Gk5vMc_B*C8z^pTJReThIy
z&B=tdvLW$&57C#GHn-)GhIL#+glT9;&mJk}WIok2EX9$=xYq$c#eU3>N`ZAMkVuu4
zs44YBYAJ}~HRUd}ieAj!kLbf;%1aXFBglI<D70!bHWeoaS8-xa%xopUV?3+j?U7eG
z#Dra7ANi%T+GND@b@w(ID+ZX3K``W3f^117rPXbN&_JsvOCc7b-MFwkbyXH&jt@4_
zw5&SAn%p;9-s}`L${BvflFg1<2)o0jq2qL#+gt~BO9OFqfSz=|kBzRI$8EzGxWgu|
zfER1SGC#fU-_%HlOS%@3n=@<|l3Waq2@hB~{F+sWJzmFdcS}dgk3;<BRK%Tt-++gZ
zAOzhi*M1y!72*I77u3u`B<^GL!_r)qxo%1~mw-N|VUtF8JBSJkt23uDaqT`#Ib$mT
z9|gFNMtq)$cQcZ&1ER@FG7_bcbP(Xb56!by8Jr#sKyj}b3ag_2r{2*gC$v{0CiM8?
z!;dB3orwI2vHdiB0n*WFefSW*4|<3@c5(CM*>oVMnhSMh*3RFh_YX11!UCf_=o@3r
z8Wsgz@A!z*(3KIQDTl5n9))*#nb#o+yuUBv3FhUP+@!D1Z9QaN!4-|<k)yj2Hg44h
zfVI~-$tybw1lNEiI)|K<+7_8=0wiX6f?{+zOy{D-7*I$p_v@xB;b?Uf#9Odn!g-f(
zTn5tmlhQ~@Bz_?0*vMIC>zrQPgap%b9WTNebBR4j3wczUh<GnX-q*F1gwj(Bk)DDi
zr(TJ+wtSRPkND07Ib}v_T2Vl#_k`DhX@1ERQh&tIb#})Cj~9YC+(VuHdd^zvPQW$)
zFu{p6&Ml%R0l$qI=3ZoVS%@}^PeECVVsyP+o%$NlrD`Lyph{`X7hWWFZ_R53YFdm4
zJ+n&czhau^Apxmry?{av3nLKd!I6dgCd<Dtw-~hV7rsvr1l2LEpHG=hVCjaGsAfn{
zbBu&h+)<1!2@!{Y&Sd0Zh%`FD=L%afxE$Oo|2mCbuMO+|I-6DjgUqaJX}<x8$*h$>
zu=*56`2|@>y<G7CNyssw|3n)|KNmD=S`@=zxlZK|=JlOoG$!*G7Wg!Xq4-@92lZ<%
zkhWcQih+)pY4>YjoUhaGvXK$fynpUmD<SkixST`$zf`doOH^>72Jgo6J^>&ryHpAM
z?hX7NY4WM*{iNd!oeMaie;PY9a=bP^Pc$m6?@nyGapx?%`n!L6ABhNU$r0KQlNc#m
znwn9bY;+po6twpr3~NjAywcg{_s1m^g+fZUmcf1_TS&3a4FC(^%2{qTG@Rz*i&)`o
zDN%+=Rt99>fvXxtF@ej%X&$kgK3kMkh>PF^+e;M|YWiB*vamGlUfukP^?g}y2z>iQ
z#50VmV>nCng#$smeRz1l@?Wn4Upro)BMnZtbQh9mJwDTTv&Z}_v#}_xRWGu*ra(U(
z(H1*5^A70gft9`Da~7kXZJevT<}~?4Fa<L76ET!S78aap+t?Z*G&HR;AaqccrlF(W
z99j?TLz;w}oSqsh7T*foenuZ=ofR|Z1)i^&ln$mmMPy+YVxD-zH1=xk4!DEJ8e|%Z
zkeQx9dU|5=v4FhD(@M1ia)Fm+<f%U`PXs|UB1d3r&Mz{AUar&*67-`%;Fy0B$Lx2A
zK*H!?$>jfozPP+RAg7ierGnFRB_S6#sVLM;MMo!{i4*t?#EQx@Ht)o&mep#EMI1h6
zOz2L2Vh8mRI=iugScd}*JvKHa9OPqp*hTW9CNBYNB#)^jNNmEY5ucnB0&My#!MWD)
z&!7mu%H8)JM4|)km}-p0WxQ#H{C_!5C6T>Sq<`!CsIdXFynkowaQk<dAVUh!7#eAi
z5WX*kSKHVdbK8o_GR4)!O==X;*t2BE;lt`P^zSs8kLh(l87vLhb{|w2tk_#W+2Rd>
zsLhdXBP%ECRc$U6<JH;YTZvwCc82j-J0*xg{Vj)_0avK+Rr2G~PIFUkhMMgG%P^*y
zuLn$|RVs_1yDk@~0Zy%r7J*Bj1DFv6t#*CVn&s=~{@r~gk^yr~5!w(w2g3DwfG35|
zAXZX_FmQK}P#1LDZ7cB%znLn1*0Cm>7$=ju5WA0P43y`X8BtGzuXF_H8yYEO2qfj^
zf)C(A<erPIdVQ`&sfR}Syk<Z_1<?2UE;f)$>qz%4pj6h^ypUYp)P`@Ti0ZeUQB0}N
zUO4>~TI=+IvuN6&Ku3?79)9DgYD=EcVOeXmfwM_IBZrE4?*D#15EZK~Ssynj+2cP5
zrgF70M4g}_rELUfibIV~U)%w=Rc}2+$?#OreU0SvmWjE*C?g#PDxJavlxoxv`hcX)
z9C@~%D18qBfr^n|{*6@6qSIK<8H>K&)Ez%sn+?H2hv*z@dGmmTXsT)`;cf!&R_6*h
zU&`tS!8H{xt`f;^6a>g*463**EUZS{)2_!A@pqBTvsC%k-EzhyT1epC^h}GRz-fX+
zIcq#Pw-mO~Av$^Zsmv13_P$|p<6ylAqRB#Nnm111FjjPeh<y93PIxd}lJWqX;!7FP
zit<;9-^GEo6L=v;vy1rrS3)&|4v?Ipr3Gn%`mk-uTrW0eOylJ>>7cc+u*fL!tM{3`
zNR0ZSRD;&VUk4P{OCR`QJn{NoL{C+(QzIYmKUVNNMj0v#5A5)T+Ll~*2FV+(K-5~Q
zu9)~&hAM1RHF58lZ*D6(ca~<vq_MOILar>ZWw)69L>{|aT6%E7;=Jj-_ILo)Yv=9k
zpImvmqLN}|8k>cnL7*z=xz+$%!r$JyfF~yRS8bU2ev1PAOrcb=JDrtWDpVrWziX<n
z8TH7zoKMh;h-^7drW`jRRzXb@3kG@{*%Z(KCryqIz5C>d4?>aaHa{E=+d%5TzGrl9
zCjY667$qZruKzt{kc;Th4pBUBrkCjG(dEuMIVsFf+R8UIWW~&rn00_-icV^nIPDt5
zSsFQYRxoQvSUu*mf1Dtv_X_9@-9s|FEOr$boN*YoElSWfzamdrcaLIU7u+YZk(^5s
zF*J+2@BmbTz!9dTfnYeaEUXg(ciP6r_B&!<T6gePp^~E5a*QM&T;(Cj_DWdAND7EM
z?5o?Gnqf_-VBEm=DSp0SHCmla4y%@6Ci8ydbBr)fdSqfD#>MB1fBf?OK!;?Z(pdF_
zK(cZtWnh|I%R_a(aNx$25QZJ!jg!bc=$oEY_&xc_(#u-(yBaQ}z5&l!u|a)uQWe95
z2hUl0BbKOWuk!~in<H6TN9g7x;74%!N}`wIuxkB}w^i}Jb;r*>{Huod|LWA!XdsEi
zAoG}4WK&I0*9pWbx={sNsac=({Bx0x1=F}S{5~c74LUobHmVzcmEM3e3Bk`X32;kY
zxyE*hLE$_6_(Aaf9p554BOR!twRrDtK%VtI;ajzUlX1_t_gr&B28nPLC1Q-W&u3Gt
z_T4B&S64wFfmXtb@z%jQqbKeLDVV|I$7<q;x7@N{5yLzE8a*ND2aU`=pr_GD{5<ul
z&<68YRZOC<PZxosEeb)O%zAFrAM7oD%^KI_IRQtx`_4Jp##LOb36hUQOoBK15&1@&
zqMZ1PvnyOa*GZrJE!4uDk?4G10ed=;{P<cXBeFYSZdaolRCq0mbpPI=g{`2gj&i0*
z3v*cWHq4UDB_fE(RC?`TkE}vLs~t}3m`0DoZakX<z|Nx7KmJ6P2^hI7*rTf@qSzPg
z$^pTrk*n<aflQ5^Qnmu*f0*2VvhNNnNRjoavA>ga=p-J|;b_oiKT5mc532_3*u7%E
z1<tbR|2*lZ1(n5&{JL@8eIEUPTmbS=e|3CPlDJ84n<Cg`;~MOWr(A8ibIN}l5k@B@
zPK(;xNsDsJ@c+|d8Xu(nBer!g;v$Y1*vyW0G5N2|9PnF65INv?pW;%%zkbLK5}4cy
z*)twU;(5t`WK9G@LPe$jKj-3x5eyC4Jrut6{2Cc-7_yvTt&soUf&Iso$wPYGkl2lC
zgOC*GPq);~WO~FM`Z+%-Mq(g2@1}wnm9=PYJ>FO7nlqpmBX{HGEFl`kp9*dP{RkTZ
zI+;72bu{Vr|C&7kZrC6T!eEVS)Zxa~q<+obH5br^T3wJW*&`a<RGiZB)?3Vq3PB@G
z*OsOjFx@-^U-|6mF=Lhl7JO=xX85<yhJ8l_BG;8L&lV+ahlh;Prcr%;LU3?!<`1G#
zFQGp`2p=R5j~$nl<vv}jkwIuEl({#Zp!~L-5SP*Qf~7IEN4)M&ac?OkB=Pe9ovZ(5
z-%WA-@o<0h@7!&Hpf)aYT6(GCIQc22;DZsw*1AHnFtRr2O3I17$rSRzw8*!)tzYVF
zG~i@wS>-x~5M~4l=^Dz7f7Xk{vYM2nq7uu*Ktx(!2U-TQ3=dK$F_7O;-7jj~3QMc7
z*2J9HDnd)>DAusN_z`(ar5G_qg@l03h9_s4jiSgvnFF-7v@+SPEXvtQDiqqC3ZbCO
z&dLXAo?`b{QoVo75PZ_*tP%9OOzc#Q_O>wvl_&qx{r}o&GRPpx_#}kFe;(NQKb<d-
za<&&hGnqnGE;`p6?*v+l(Ry~Sgh<hP{TZSNY_5lHUfvb9`p<SGz^<vzS2n7Ljhpq$
z8jx%FUg4b=2@aj(Ol1%7B7@34<!8Z1;YD3R0_b{gO+|fXNDghpIWcD|vBgnKa}h&p
zALMr=o|Z?DrL%a1@7-rf*>Wa{@nC`*#YO{Y`EwBi1b4HfvnfdP+8+pYtG(a|wEtKf
zwnnv@Y#p7(c88lie}RX*CjG%37Af!k57YfWBT8d}%4$9&@%=+(I#5Qwi5f-1G8DvP
zM>Wz7jC$=^4ewXXw(C>Tz{EfS-o}OXdIyX5dN<+IYOR65?`430-qD3d%_Rh@BRBYS
zbo_l<oGHEP)UHP4DFu@0&nL}n?Gy6ijR!a@FrmynN_2?%SRSloD<o7?B2;59<0e9+
z1Ex?<Y!*?lt?;kayU-ir9&6zJK35eRkH;)>P+>4*WHmw}Fm9~4o0A0TI5`mA-(I)`
z+qYPpm$r`-x+8gY5FC2;RGvl~x3ptGXjq&$0(>sA{{;5GXbb{UdW3CUu)Dp8F}OEv
zKuasrS1E(D`OP?qz%p+w?tRdX!uu-DF#g8HFcp{sWq;rS{yJa<?fn)ZeAq$jZmmZU
z0>DS9gYsrVwe0w14{5lnz892EPia<ePMTMRzErav%eLZ!V&S1Nnwc1|g6|6iO1A_B
z-$X=Whma|fnm39R4pfC1Z(y%0iH2@cX!8-d`eBWf)BH=_an6g;>qz|hH*iPJHy^bm
zL`vsHS60aPW&{C}TOOv_Y?LT5HWm_W0KOpY#!NCX>8`>Fu=Q^*5Q6UAhT66FIUGOG
z>p`GE!Zw!2gLPQ?-Ucnb0jCdtE45CEHt1}cUlr@W|8Ma1Zix3X^74K*7c19+b*giP
z>0RF&O2+(fh0uP61Fvi4#UWTri~UB@Ct0dh>f0HZ;UAA7UnjgzFB1#=#TO4&zQNmi
zGlpGBCvU_n1oN3y-&N{_B;YAeboslwWvfn^OVJPnf(Hixg5P^?B@pn)3jrFsZOH0`
zySGQHV&el#Hc>79e97#(&(_<M`XLEXFtA9tARMO|6=#BX{;W#kH7$iUsWtfJOb~&n
zm^ay9eWEMcUk3xbvXdt(=|^qDgEJykYj0*ovDJo)mSK~D6Bh@J{Ov+a7%+$;K<EJG
z_$fn29&=?d3}$WfN@H6{MmV$_iJ#yf;EovXPcQ(zo#t%jgsn}<I6YEQwGn65iL_Fs
z#01LXBJ;E3e+C0KnA`+0Qa&8700X#m{jb;DOsP2m+<|XZf#ah!M$s!jf>gqzO3L7G
z#@OP`8f5=!LY*5)geW)!R}*fBjiZOU*4_}YH+Ehxd!&!hjzmZ~Sps>@NXC4hnay7&
zsoK&gf+_oc+0oZVzXoI&)*_SDY<H0_!%k{0k#qw4@#*>T2Vxklki2aGl59p}!#|x#
z>hD|4uyi(Oz6>nqwQB8cxOBZw4UEy~MDI3(PgG2a>Oi1?XIHq9|3-)~6Shp5fwo}C
zfS}Ss;Poj2+$;(s(u*PGv^pdTuq5OK3ml0x+`)bH$-z*S*6m~tShbD|tlhj*VeU!4
zdKo+Q|Ahs{1|&{8VnSg92UVELu>AOhp4LB=>8T+Go-@u$;@2k`y8KXzDJaZHI7A=`
zxB%x-({Bd_qYiyth+h!_BG*W|s~Z8*kyDGCCFcC6j?riI)(GPat?*tPUogL`A&R&P
z86l`nM^>RNWA^L{UHomOpj|2DTt!j|#d)3l(#&F<$5#X$XD8(5GJ0Xij1)*YCwny+
zwmq95hA%4&q-V(N!ul9N*-i_V2xvBAhjcK$M`}i5B2%css|}4VFgyNO`^4BsRqNjC
z^45Q;y$&7o*pIb~VGc5e?1obC%Miz9Vf0%PTCj+w-?Nv*2c!nUT|!iARgLzpVe`1?
z{15yn!2n+1=)Q~o!@VS}u)WZ@zAcEBea+as4A<A6lo8zK+W2=i3cNSvJ=SE~)+UDJ
znF)jZ^MRlgZP5)0rPZ6A_$Wu5L}Eil^|g3Z(KGfOi|4CGp<uUSjkyCY;AP0x02A54
z3WI@PGoJ`#CTF#nfs9aCVWY%>J+!0{@q&(1y#~i<WK8-LMFECbNQQ)m0V9LIbm2O@
z>Q0)dA4isrz;$BknORP;oi#TvR6;H1M<QwBiol!HX|b1eYt%kyH=J7tk?&oY2{nFQ
zy7G*S6=$E^xi_{!8tVq6tICjaMZ&5bC@3>*TYG_Xf&ac82F=h?2s@<jXNqzRhxQ<0
zf*Sbs(@Aw#f5O$-d7=MjZ4d|Hi29FzXNa>DX*OBqM5WM7(5Uq1aR%@gk6MO3`S4zn
z5g2L3jI!7J-C+O`T8XBCgC--zNC+%VnjQaA2>W=SFwm#A=qN@ip|8yN_(2>-1yDud
zEPT;zWW4X`RWvB$Y_VyXKp22kj*BO7qlQXQRkQqbyR->2?djxcX9qmh0dZNU8x7Nv
zd;gon(zh$@mLagG*}iZ%st8n@^N&B;+$RTz^X}0VLgmM5tb&S)KN`(eh^fAXjm?rK
zS-+2i1JnHc{OtC2^$?W$nrY9D05)SKDsZ|zEd_-HkM4Z<^W&p=kRUCr(nxv?PMGKz
zue`$H2-?Ba>n+YpLEkH<YIUYarl5)wJPHWmkZ6T`L?2w~T!^+bx>Qx<-Tku8D2rYt
zEht5=>Xp(zf;7ty;4yoO8}>0@iW`QXe=AabvWQ-mFZx{Vi)}24@J(VPLMb&xV)>OX
zukmvW2Y9_WyP*Y0|C(*>7`Tr37@=OEqgqV?6SHc*q)#mRJc}<jH^OU-;<s1gf~L_~
zWO`xDtVMCXdUApWF1^%=q+TC}=Kd`f(LLJn2d=F&T;3rua)iXO{{3*weq9cDplr&X
zchn>ptF=>Z6kt~X>mL#^)F7%u3UTklBZ-10X)BzK(w6vs6JH^S`})n>mu5o6xQe%R
zoF)(GqIzhcIR?j&<@xK95^~vH1}dsK*7xY>Xi6Fy9Gie;J;RzBmzBS~!3RUyKhFRD
z-m$2tD6hF0U6{70o8=A&SuH2DWorUXS+zZrOcE2)pz*7az}WnC$hNTfx80AZuiy5E
z&xUFAy24<qc=I5`BADh_`f;s~EcgQc((KiwSngOemj#)#*hl275vBi<E>lL3dtX$L
zUDu8#x5spMf+>AYxi$;oJW`@CQuz3nE^0G;;CK;In~qV9zekQ1$d$9}#RT(eF;Q0=
zYj83xMOweMe%z8xX3!{b@EJk00$d3lKoeSl+Wh2PVZ;5&`vweu)G9(b&DtC&m|(P9
zZQMTLz{I7h0ZlZTFGR1ton}X!JuTe#jx}&1t9x$KT6^Dk1w2EVubUHR=1U`0p(Md1
z{$_nUfO3=r?s3CJ&=kz7W@Tn~a`Z1MoX4UPhN4w%d@j*n@ug8>F=jVGu<VTtPW6TX
zcfxp>O(aUJv~2%o=isoCaayj_$Qai1z5L54HGT#A93LH7T-2chXG6ik!&@Lid913c
zsF;t0!^ZPk2g{5;b2%NGUz}O?Oln+}ek`MU`G&^oJv$Vf9TWeFp{q~c{~iTtgm^Jb
zy`gfJct5QkjsgfnxMzUXW&#jwAYjMLVeTu_DWx@{)V5b6y&p_keXEE;M+z#M|2do$
zkRI&cIrIMU!AA6a6$j)I8qTiD;JM8E^|AA=2{t=9DI*3peJ?oSL+O~lIkO+ZhgWo&
zL<bTmNouPvp6rclY1KQEV>eKxmSm_v3#>gz1^@`ADJ_Yr`X3ljkHA>y`(m>;de%8f
zz+QWDIK7=5_sax$a!V!A1NQtOG5k(xWS))k^5~U#c^F@rd3q~__CZK9{3J8S$odJy
z)zk#GH?PEcnITI~kyL4+^ylXHNjH!&P`_8Y?Qg@-4&aaT4nbgIm%U*!6>;6q+)mB8
zqc-Qo)(<Tfn9Ak@6Mt->5RwY|-u8csjbf+~I$UwN-x4~8cQx9576_=2#ppksFJ;uu
zur{v0IqLjYt^^TgEy;u%eZmwIE@~+d=nTC!e|$UPJiX?x*Nb=z*ypcOQAAl{++-s7
zwcdrRhCh+XK>f8?<{t-K2N#FwI9Vu+WP#<r5<=$gvO&)Kg^q>=5HA1zCnE=7MGDTB
z;|NHl<;oa|y{0-1B?FQ)>(LD=%gO+#5l3GXA2Z7xUd%q63nNhEMv@ER)eNm&3xK8Y
zTh2B9K54hPoNBM@q;P+YAQN_LrzIrr&faqm_EFJZVIWd1g}C~L*0)o7A&QH`)i3B}
z60R?s7!@>hQv+okT&_1oG#<*F2HpFh-*lIuYnH#3w);W|j44+0k(7TSuqZ2}r2wIT
zPhk^^`Xm0b*T=Mr2P>+4WmdIrjkz1J#dW{jQB=v$C#(%VxpgN(6o#VAv5YKD-@rfA
z25n<xMpdF!4^Q&|CQ34jF~=!sHlnDusU#E3rBg?QO2LuU_WpaIv9ijf=UXt@=bhLA
z?CtGsoj)6Fl%Go#ALf2Gi4&9vOc>7j-hMx&E4#~3EuV~JPspq&($+!<qC^6qDmLJE
z7!&U$y-oq*7nYtIa(2x&>5^u}r=Tv7LjoAr*GDI6hj!pKB1Now6|&Y=i&<$F2sm-Y
zu|FEm)K6$s``=u?H%eF#%<W5uZ7pPsOG#9ce4H_zrnII8aUzvLLPP}g`DQ0J8i&IY
zhTh{P+@5^Jy%d88C@{J6LOv*zpPZRP(Zb?4xn5YOeLb-Tx{0xz3$MKDP0{m14x@e4
z%rm8Y?q`zdUQ(EUd>*dt%R!xv&!bxXL9U&yf2A|*vtxozI5Z|a0=Z?WA^a?)sIM}#
zl=a&iy|%{&48#V)?now2UCC<nh1$_vPo@Cx*DjT&RrhziT!O#IrGKob|C)bblzR%B
zPH-8*EG<ZqJ@PFia$}OgTQEl+Aq6T`43~Y&X5jYh#i$e+a+rM#utol|$M)_%4%tpu
zr2wxWh`w+V3mOT>TW@*+y-YiHTl(P$waN44+9mnNfLM?Z5r`*avNt+2q19UH3`yP}
zBojITQ$8r^ooZBwx4wzCeN7cTy&68oqrTq)<`i4IWB8-buT+&U37zovcg%&#X&|3-
zFH-lJaM9|p1=@$0bVf)5(s1LixgF{dgTzS4sr1hy2X2MN)$sD&x3IKS{D@@1WY&9g
zYU$RAOAi0C*uN@H+{;0xUH9)c0{}Xo$4j!3J{=9s!v4wg^;SjK%iz!F+r5ES|Ax5<
zFNJMC3hH(s+7W;Zv0iLO|E1{3=}3gq-C&b+w&Z*w@5$&%;*!9R4{#O-vg+Tz=j`WA
zpfsfCs%W^yiAlmJ`buOo?Z?Pc3E7e*^<#eJE;Do&`q(1w^e7gs;sH!L0}W8pWW;ug
zVla0;pkvZCO#AtQiCe?0J?iUtf~iZNW|fIS0*AWEIi6WRZfmmMR`wb9^LRq4<Kk0*
zex)F&OrSVpcX22vT|9}^4G@TTN6QgR9^S7$BWNqcmm>#INr=n~OO4C7L)}65vI)eJ
z0X0J0$|dX3e>LFN&LZ;d;|1BchChQozAWWCKMldzmX*ju)4@8@+Np5)IwMDd*c}F8
z0&%wZKa-~2$7FR1zadNA#;Sw0x3@RG0(q>43o=C7RwrhvgL!-b7oq}l>G?L+r#u{v
z(2tytjJf*6FNcW<Qv7ht!R5dcBSci{xH0ft39$FSK<Xh75D8j_{1z2^T|xKdza9t^
zC6uA{p44BOgjAZyf!fyc<(bDj<E7xY@yS5QQpx^z?d)kmh-<r_mbEhU{SKlzECag-
zF~Ur=6AZ#?KHFU`8k?-Wj*``G=cO6;$}6hp_YY#K;%hv*aYDCzI5%g-1Je3Yca+83
zxy()ui3B)UsAy!IiCe<6Hzp3rsGe2iET!@t`wv95@Whm*Vecc#3{E;Z>9%Yq>GQ$)
z&kA|>G?d#Ex6hWAmay50MZ&C!iUbYej<y&s+MG@-9Ro*U>j4ptW8AHFJN(fyvX9rv
zo`pm`#|4+L;sz#sz|?dNW!_raeec6X56effM(<?zAyAO0Ne4NJjeO>2Vb%-V&QP{a
z2r1Ka%f>+mO;4k)G1|02$0@eP$3OZ_TB63$M|zII;CTl!<-(yvPj4Q!pFGsl%m#nW
zs1fPQ^u4<jKYEVMZUz{a7>vtG2ET4xhCyWm$0Bx=uOnZd4n4urzV?4a#O;wj_-4A`
z|6w(l0VeIIgF<-fJw@zAGwr3}F-*cSpCn#J3LS`fm~q;jD(#N`Zl^)QG&e4nZD*p>
zo;qFNc)P&kk{BHbQ=qk_NQeip&N;OI6ti$id-uid2|aiL<oG!(A^#O`&RnLtKL!7i
zZjQ=Ns7GRsHd^9C={Y-3jfpzX_%Ef<MY6s@C3ISKptj@HgU5qXOFED@`$>32GcQ-j
zPy57C@Uwds-2sLb>E;wf1@Y3{N?GR5`BF-=H2i|I2Dctyzn)zI`?ZJ)EJ|B}vp3}>
zfuFJeYO*p6AjEm&JhGeGq$1L;uFWajTC_m-a*6I79(obUTG}C^w?87^!$CL;8|4s3
zXw|#(WD=<gRFs<7TY3-R^|v>PWrt_A_1w1x!*;1}@JNgnH8r&qIL&|^v&hGPdap#x
z%Whk4GThL6aD+E=^U!ceqOT73GM;cH5Z~C-zw>A=*UL!EC5H(Em6w;ZDiPlJdE7|H
zT`X5=)!FX}U%e9(j1pfD3O5!Z&ZpklB--#*HDSVG*11k;7L}wiEiMFfeIORnuwXRY
zYxAmIl!$XiIa6WO7r&(T-giyq{hT{qKs9RgU8bq#7gi!2iwt+{jgLy=4b>oqSK-fe
zk4d6TjznRgJdr4yWYd~le+w*%3PtCU+LX9RNGuCNqX}oD!>~Z`jHrbl!R3%OB1-k+
zIr^JVwEgor)Ok5DcBmu=_~hC2AC}oSU9HI5e*;#6bcjhWTC@h8m$y)Rck@+0Uz@#?
zrs#u`sR(3^gOqim$j@KAG;ilc><D=mAw6%cIMj!%>s^qsntX3#D?LE(Vg%Pd+eS5A
zfjuG9RjtlY(55Q%rx#04(HCb9+|86uQ+ZhX@<O1%=X1J=7CGRF0LsvIB#(2q3U#9I
zj-viK=f2rx{B8L|J$hh|BB2OGG&IsqTk!;?&-#15Uqme3IdcT4ZliUcbAF>rp`X1$
zSCJuNzMqbCb1<V!3(8TAqEC6L$HULta*ubw2SnGvL?Ec2t3iMN3B|3Qe;T7sEVYPT
z4%Z^T12)j)hk$rzvY!o;r~4+S*K+z{mg{QnlkrO1^z$G8ff8(*4D8US*?0_v_s{18
zB^}*T&JA%T3~-!JJ%C!tBX#UUb~`&&$2I+U-Lc*`V=@If6&?9F+kTyP)vXpHN06SG
ziqaF}eRfMg@CK5^u}o~*acypENfL!QiXNHL?8m@SWB<f~=R2e%%ziD;f}(od2%H-<
zN&?bWQnuzW&lTT<noU+v;je31U&{sA6f`t6bi(A7?9*)b`sZBho<%Cozwl)6_5QTl
z?bA^*h7tYes%58I15A`LrBw(|Iv!P2H_nM734Rq4`4HZehN;E;UQbsMI%Sw@wRCnU
z1GO2SUt5|1cHCYBzx^XaL8%U@I5-`OX}O{O9O*NwPW9MHYJ#f20NiPh;8YO)#FZEZ
zN@0(Nv^?nq?Zk}u6lXte*?i*wP5%MrL|=Evnp#wrw+6Pu%_ZS6Sl{KyaIC<?UR{=y
z{EAb1NA$&zc(C!d_yIkik_9}ORAeBEqKc~)@%YC?JPN*WlPfNCtajqakCP(V3H2=N
z%9xfvHj*piFdicOsLBi_yMLKDfekJzG(w6P1?Wh}u4D^~xc*!qNZM%sOQTnvGn3C~
z+PDLEM7)K9+U9M|sjXdbIz7(-K8NdN8$rYAdp0%lEOY<ooWo#(BM*l`E&Lgm9dVa8
zI1BLHROyY$Fwi1XiGLzx9FwKu6tPO8Mu^7Awxs|BEPq6QoAl}Wp<we=O#l2_#+lqc
z(X=Wu-Ee_eWFusTcS;&i*J$jMvB@W>*fiGysUYh&vt%Y!O5_SVd>=uEM3pqIMJIH&
zB)Xdlhv+HBv))1rM&t_9F=_0X1ecL>*2ySRES*D)K^UU?oMvmq<m+X<-TwSi1X$D%
zz(@5TiQt4Aq@Z#AZ`v`hcCAZtb9OfGzT6k4ac~hvFz$fr++WdERV|rHC#hz{VYlWy
z|KdW%U;jv8z#3CBld4ljHW^|JcGg;qK3?WWOLf@JRtK_)eqv0fs5&hulXBsDi(z4L
z3&)9;y`tQAxk_5kILFbi>!5VkoZHxlMpHxQ{7O)bT6A<{W$QJwcjV9YhN;Xpx4!5{
zfoYbkIvx#BZcK3NfqDvzM(a}wEGK)|&HeLf=KWNmx3n1wCcq`9C+GYIwzIbe-Y~bU
z7HwnK8RJZi#?nyVBop%YY)_E4&uQsI3SABEgzBW2ycVA(wiaefYH;;1_N)HLee#d6
zRxgLVc4*saE8~I>dj>i#;?EhHNg;VJK1+n3#B@G<|BI?~46m%&)^_Z4Y}@YGHaoU$
z+qP{d9ox2TJLz<c6@Pj6-sgO0|6TK1HC0ukYK-T8W|vMi=3Q2u=QMKg8J^PSLO|dF
zF<o`{F2+!{iS!<`c%7La>uYGF!ck<SpNa$x{b*sK_Jixs{LBwoozBo2jbY5YP|DL3
zB9i6k31N6f&indeZ}e(h7jrucQQsM*$`H}O46NhtO;SLERr2S;bN5oL)-EgL59a)*
zAFsZ{q$R28zeU!#9%rCQ6DRZhSicJ4|Ck;gV;~slny{}h&>cLH)KHh{zTM7JQtJhJ
zm)@Zo%o*43#{?sUWfF{Ts5DYOxWzEyAVsfJ$!Z>T)P~N_%aVcw%Nu(@!~9@0QV56D
zpuKj+920?j<vg^t=A-X=VHukoUzw66jz%sh(zc7;?Ks~qN&<fApD<(cnuycHxO;pY
z*CaX}6BdxEEM!6oWco<;H~uZtMa1tu&p)?>xfJL`zC?ecV8b1DF2Cs)1goYUp6E!y
z=JJtHA(Hgs5khF+$~KirrXLLE{zK#T1#K6b2zY$`BT-G&?|-lwJ7D1X&)&3q$Z_u4
z)>gNl5uwH~i9a_Eq_m`%2}dIcy*^(~t*+ZB^1PLtg6JqIF@5ZEF%c~LJb>^F0ZNg-
z{4WbqGn|m-lL-4Inf_)=G^ecufS0^T7^L?9?4T@B$7(dQ&o`V0(FCG21^dXPB)+Dl
zIym9#Q9s*2E@XD$NDr+F)EG-JqCET#zsFz>NXQ|D>T>uVM@aBA3E(31b0%Q@a(r<q
zEaa9+OXpMcLoa_8m^gk)&`cqQe31WKVblM-TSgs%ubcZ->`fo?_W>1i@a62vN?(DA
z!ZC*zfvrQrBMhQ#4krl2A{ifh=`B&+<Stt&kqR{X_<nw|GwSd(EUBi)!4%Kh(pt>b
z6asxNizo#}3%;(JQ?!vO3T1#99L5nBzNrsv|IxnG(uxaxDhn0|a@ZtKUOqJk^XOg4
z>AvAiXbDEm6T+I*TL?Gnt#e*RS`2~?1{OvK_c}uu1nlb<ISBfz0dGqYXzgkTQyC?^
zJi&!v{0WYi96G3JMYmar5LjaCnTRmYEgRElIOFOr3skQcriu(OmN9lA0q=UC-W)s?
z$@VZxT=zaj&0o|O7+}KDx*Ks0nWwWqRU?Hoy+9mi_t$^rU|#M(7r4mql0?T~))`o#
zlNnhL0-<yQgOQR*Z|PUx#~QG>6Si6X`$s@2GhAX!!Q)eNWTpGuje~(`bvl%dt{ddX
z{GlFS<G#h&{PJJ){N~?j624Sq371j{{}qS>yM~*v^cmd7Q7R!2u=`z`7tWJZ45Pn^
z&F&q4ZD**b_UwO{MVHcglv~0=XM+hL%pvdnmh0!Q`9!Cmrv;7#!-dps*7&z5U=b?Z
ze`6qDD*|#ZMAd;L<p|r5iISF9L{2W&6c3S^aG)Bh$B>Dyg!r1+L94{uNZw$M_Bcf0
zr$2B}8(}?pSk%V#lA@r-POlK&5#R(}?!iJfV6y)^q*2FF{1|@Wo204sZ?47g0qu5X
zfa$xM5ID!x#FNut=JvR5Vr$4jR;xFg#h=DITQ|#F-il@Deo%@*g~~u~7oq?Te7-e-
z9bspL>Zs{}sOduPK%Exy1rBnF5PZzVGyi)g^a%oUg3Ka#D}9k{Yq3Byt|IRS8&t|W
zHZ~#XS&8EMJL@f}p=e%$og|T1@mq`pOK609%FSP-|3g(v8xHQ;2u>W-2u@bL$FdpS
zjObpPj0NcY!aM<u@)PU4h14aYOB{oklYRyOlweZAyTGpt;e@V4Ug+iEXNQ1o?!m~(
zTxU4UoXEH0<>)>;hEyg4Mtr$`;fT>=4P8(l^l7z2`NR%q^prVFskbkJVM0SSw3p09
z)f=Es8Q4L$+-B{H+t~1zGTltnK+d;;euW~44^I?q*q+gUmEe<JRp-%nN;4B)dGT5=
zO6D}=SS$%CMNEps9VMx7k->UMiYO<ge>HYLbGJmUY%##9#^oSn^-4t8^v4Ok&LDM3
zVus2{B5=D0g*3zw<adS*BxnW(Ivp(9&<}~_kU+OHt%{G}PipmG=~Z4Km3{aiRVMUH
zJvjwh)GaU_X?`Ad#(pNMx52cV1V~LWx?qC8q(JqLf5RrHxFB~mscw6Rar`yBUkttP
zjy)KOnpO@D2}+upmEb**Ks4tJ!yn&xlfR+Ib532IFOnu1u%r-(Bo-Jh3nyjq2BOrl
zafPX6g*2>&DDDTU;~@mnq<a;)_ze$Cmaq?=4F6TWmpqo6=w8XP5Qgoj-ljl%Nm*mo
z4tBe<7F8(@{3&-OPq2UiQudN#;|3L7U>?*9vP`$vvn^fxYuEkE;*IB7LD*005K;+0
zFcwbLz^V{^S#3&wq}q5ppufTf9Dk$s^}U0j))Qwor}_+}^ia@2<Ica~j-9F(b&--?
zLLJw_#EHbh%%;U}-J#kpq3Nl~!1gxymp!IytgsV&(yn?#o%uL3X`rpOj}gU|F2U&-
z*OQdcG_ET*ae!yjGu-zJg$Tu5WV$?^>WyAz40jQ~B1nMDNVuB|pf*lZj#r=BcbH!5
z=}oQ2VRGaXqY2;Q0G*&h0d9|oY`~+O$P9@}#kf0(-4ByzHCjJ_b9T}W(IFe+l>n<d
z{Grxx>S%NpwUtwW8*e>BWIyRilS)TRKG<N%9voc=chH0e;c4x4#Lr|mO`KeFgwXJj
zCPTC_P42)r{+hwBL;^g3-|T8%NHxPYd_uZOIyw$26zuJ&Q9bQQGU>5mz`x^yRCm5!
zJDB3Zu;`s~)0M#lFuGkD?+XBhY+^!Uw&z*ldxE43_{EX}Ch<iJ_w)7s4+7Cq`5;6G
zm<>LFDl;go=>?P+mu38-cp9xQ>=z~KoP@wx9jG49btg8oJtZ>Z6Pse*zv5osE-DCd
zdW}Y-7%X~fa{e7X>ZHH<`|z}AuzH4?K(Lyk_c*c8<>RVeZ9Dw<oBU1$3R(ijzz#63
zX{2ld3Nf)X<K}^PX<xGPIp>n=>I!TAMI8a#1RB0wJhWtbRj^<Q+XUh?GAv^)?hgpa
zu#OGR`iyvJQ({9#`{G`NkPJ~&idb!}U}er#<9xC1(oD@4XOS~0;{xf(X=Ywhfhsbg
z=pk^iF@OEX*FUvZ=@J_%yk6hZh%MXJ(Ap^zQWN6Kv$BA@7g$6NdnoQ!yQ0Yi&Wy!f
zDQ0C&84c;JqFB{R%g1<;W7CegC4~sx5uo%l1d*lros}5onO)LzK~1aQZQ)VNj18u0
zgkd{ix%%XpGzdj`fgJ%tJl0rM6nLP*&MElw&lfgmM7s$Iagpns<-fOrR=8l%#)*v6
zR0+8U<t9ZDe}rnQ{@sSZzew3K9o(PTHm@+^!XAk=HN{~3089}9FED^kYl~kIuRFqs
z+B(i3>^{1q@Bw;E+^crNPI?e+$fw2<scW!NFbf}kD~6(vkn;bmU7huAS1o3$D>U%K
z`J^9>de&=3gb)js&NvgBca@nZVES|Ed*wS6nm777nNbk_T@};Medl8c9mntF+8Udc
zIR+(8IT|X=h<cEooTgKJGk{6p{qW61&KaAszik~$)_YfU?4VzA_EhBdCYtGe)PfTr
z>d%l<Dq_F1so}*(2!<OQRCxbzX3mcbsCp!5iU-QjQPhq)0-R6(czEJ6J`%2PZ$v_{
z{UX1EypR$5A1{E_2Vyw{7WUJM8|KnMaT@`D;GKQO#hQ6y()ECW<_f^Vi(5RHw%|w&
zEwCMei%aUiavmIBP~q0ZAf0VjV_xURqF`PbGBR75WSco%pu^x2Gt1yUL=bnMNk(Mh
z>Q$rcTlPUuI)41Iy>i)Cw7##ut*(fzlR~h(ah?Anp%rG6{EZeJgj0S}(q|pW7)b|m
zQqqre>Wn+xC^wO-Pv<D8h~xX3(iX<B=01dY&)!=~xmsf0)TpXTlG4a<pB#B^S;Dzd
z^flNj9Q&5LK1iR6y4+fMb5p$1f1n8N^h<WduJTuZD3{x;H-M+4q+pXb$VO(9Gz5NX
z^h^>vh9K51|5md)66Dqo<S&$oNw{(6@QZUVl;GFKCBR{M8j{!vrQ+V;m<`OpOS%pa
z2oD~Y>`z2TvAjRdRxX2OdVLr@A3=F^De9OHN}-_+FUg}HPUh6eBQI%~?)S&w<3CoL
zfRh`sS(D@oR6ZJ!pue<k%%|8TOG*HIPP#E1lO+UH!vUo!-(3>UmJLc!j=hDgK(tVV
zfXT$d-hMLOYM%!k6>_H3&(SF!RI=e6H--C$uwUj5g0`7y5um5G)p^L{c=PHS(<QIF
zVGInOhl*}yX3NT3vmA)Y^Ly5a3ZTq!ZF(uRdJu$|K~y3W#!{>5L+!quDXDXgnN<#%
z53jvE_&~Mn#z@o8gd~tt@t-oSy{rIX3rQ#7+l^K(P*OCGogmP!yE;HdGLCvvObgqs
zgv?oKf|)getJN|kE^z>g;0hah2v{R%>R)}nN{+8vnSdm|3bHGDawc4gZ3fnk1u12G
ztFq$X!;eFgnU*B`8cZflX`$!d=z9Dg=^oqu3^NS2SAzcFL*@O1B1kkWguCCz79nV+
zndidjY0ymo!eej#&n}c0<PP79TO_};Q%ky<4%?OpiAJ?*ZpV(<&c7ILxp^m%`qxez
z`?hmZORC%9PzWCgayhq>vw`|oP4&8}4kxAN)qJH`%O92{sXSvWFS-{V*G<6eosNiH
zOgOH~e3D-V98$by;;McRD$GgX%bLwbnuFhwyCPxkQVF%jJSE$m3#~7)8h$+t6x;X*
zvHnFmMZF;|(Wn6Pn=)%#y}=<h%)$8WLWI<vlBD;juK0CU><iQGu(XIAW>`Hg#pKyq
z4E`vIWNfTktGSBojaf&8|2fVsV8l<>ep}KeQ6Pe=6tLw}hxY=3V5@u37jmyOf56J*
zW=-G0J7{imN%RKOFL@s&Vhek3!?h)9FeOF~@9YM5@SZH_{Wnv4%4zO6l+(auAS_0@
zVI21{SUt&d#sZJ@TjxJ)d2)RmOthIN9J(E5!;M+3dxK;Rc)RZ7djrActAn3ZJs~&4
zFBPB#rMCVQz@x~bexuO7dEO1?bi;D({iJ5j3Cg~ml|{BkQ~la*7X)zz5(Qv5l^4sR
z{0)28KZY#Q0wGn9QvYZd04bI?q@SJ{8%fN5biZw0Wf}_iC82<TPJ{|?5mSmBwp_eP
zf!`e^vq~lt=tWr4{P%h~3Mw3t{F(+yZn)(6dphYh)ciwcG&jl6TV)YR)~6CV)%;6K
z>-X|6UEP}Rvd!CVBu&j+V1&#5jr;0ch?-7%_8G@V`t93D9?Rz&;BeGWeudlj&rwg*
zjYS#5doh@+D%EI&wta)Bg#Q>?5*-)Y=+g(_pvhP64x3bnNBM+AVzRh&SImZQ^lk0c
z_<m?JZgVB!u$`+ESLN%>0R`86Dr3|(zGH}(tYO_bIcalB&VHGZWM`FrY-pl^4BKB-
ztm)Znz`e2q{D%=#*fT4!>UJ=ttX4=P^EnKvptK3B(%G}>=5knr%RR@UEuyH**H1rN
zqEz~Z!%$dGEdubLEYoaeO^D`9OgVlZqjgc%w-p#YVN)u410z;^GyeH9M^5M4ys!~l
z-k9b>h0~F+kSTDwhKi9BX~g^tX`IG(C)24>(+D3Zv>Nvo&;UD4kVsB{mQ7?vbgTCB
zBf(bh7e|TLpD*<My6s3V(tR?nkl33TAB|I2+L}tCe%&V&fTzW;;2zFp#zj2YtpGz8
z3&3g2?&z=;eVK(~JLq|OMf1O=efKg#!Xd#Euz2t1yHAwAPrqw>xVZBCDSPO90EXdq
zoo$m)is^9U?qz#!$$Q*~T(Vf9_~e`q>VDiS30SK+RJL;#NWd0RjNC~%z8bUx(N4@V
z57Utc>t??h%X(4tUe<8G#edOizqR(K+y*8D5<B@+BL{V$-w&FD&W@tjL@|oZKQ)n2
z^iB8ZDdxGkO@iU7dR_;|@_KVUtnU-VcHMrfD9Jf+S+Zo5qzDe30I^Kh?LW}PIlwq%
zFma@;z_Q%OGh?Bh)Nc7VUGm>1L2GcrEpUcO`2ToUXC`C;i!>EzAcOjY5y<$<2;|{O
zzG-EwuZsD76aIP6FZUJlCzq~x7g-po|CN9c2#3*4g*i2ON9cdh-)}k-BVZ9piiVo{
z=W&|(kXp57N&7_P4TE64Qms08@XvBbTOvZE(XUfu&YU+7W;{L{V#X)p1$7pm_eNUi
zDK?Lr0)!cHHm7Ufa>`IV1l*B=4tj6HkenCmiVwX55m8Bmp06@Z)Fb0Wk?bvR_9xB7
zrwpIEIUD1d_hIEHC*(+^#=>#q(x_j!n|c)@hW_oL-BaYKg)}H}=eP|<^&b-WUgK%X
z9Gx<-q2%lfPzz1XZrC)bx2V(M0LiP3X6eBL?MATZFmV#lVW%5{uib4p$1i#9o_#Ux
zE~y0nTaJqBf0e}cw8aE=wj0L0E{(6ajovC?UmR<|e*6(i?^$_{;}!o-7s_COI9^L>
zm(oYcjk?Iur~};L@9bS!Sr*kaFeT}*jcJ67^W3Yk5bP=k@$$6&ySjL$^`sM{J$(k@
zDCHFHuk^(!uGw9?tmIFhS~{qmTYg$mQHb`X<)c!eYr;vLFo?U_;?qI01kah%Wp(f;
z%E>-sWk;+B$aR-ZA@@OF24jvnUnh;zI$W$OnEl77r*B<A0E}`xkm9;#(ZlSVREPq^
ztcbzvFw?WH4osqV@zs~@Cig5eurnU0J&ue+=YXNqh_*BYD%_p6vFU=J@CD!SQ@eF^
zv?AL^voENJVcnyCl{Dny=o#xZO*IO$kx=$0qL5{9J>GUL)<)c-dFsQ5U3Xj=a2(hF
zB=Jq5K<;{w(^QcxQ^>!TAVk3wc-7sBGftN*e~I_vfq}WT+mT5CL@cy-<+hDxGmwe(
ziKG*>tB6jjmZOfOS#dah*gnom%(0y#s+SQsq^%qTk>TsWUX+SWI?pd=J%C6n-`z#Q
zcI%JCdM1I!sg%^B1x1ArO)WW9aT1L)E<qqi%7@t`@OMxI7+G}|YlktB|8D&H^~ao!
z+!VZSj#bu|16yMs6Bd|tu6lApxz%7NZ*gaIex)4Yf9jwuNbzm~P|cB0*{>3mAodsO
zvd37C*Om@#(Ze}2^&GOqgfAK-?&r0BA)DE8S$1v7DBxpY=;X?Oy^-L1w6*=#VO}Q|
z(|jRNGmc=1*mD7s1ob{{Xv7dWs@Z--w(T#T95OO-oB__28Z02rdQ$048F7c%STpiz
z$XO&QD1IV0Q+Z#JckpS3f|6Hoq@bjX5r{u7x5I!njf}ah3TQOiht=EMiEy*iNjTOb
zcv<Px8@$o9vwh!1g3p{o6`<6|7K1>$Rt8LH_M2q?#(eMAdrOf00EdU=Hs^s!8Cmo_
z2fS^si6)rl9R3)t%ZC?MwZhn(d(Mxy&Nqsu|Iwa)Q<nKuVWqX6Dvd(=nuzIgAo=Wo
zpLiSaOXT9WVRj$feD;4JZ>O%rX4=H6X@hL^{O$zbpKJ3B*$6Z6(pfGXPPmy^*3$=7
zf~`oJo2W?ghP4Sx5ym@6M1#31%q(Fy^`Q>EzFw)kUw3_@%R|=v3xfcy^4>st?@zPM
z>jy`I1}0Ag)j3NK(%d%I_bAUF6rZ=T;>~R25D16Yd=HYimvDoY5r@O0xuU<)!ZJdX
ze)12YJ_)mwDY8^!oX1%=I^`AbHz5;Hp_fW5w>ag2X~_E^NsB?%@_b<Gy1U?9Tv#b;
z`5?x9eDZDGN4?D*mXH~_BYH`qf+Pg9ks~h>MR~~N>JhoVx-O1kN@|h$Ywp&><>1ns
zO68f*HG)nsscOa)?$Gnxo}rxK!7Ri`&E;eo>Wh`_*MI`%Vpb2;{5(Q3GGXSPPNdzR
zT~_xH?3RjpPte|<-Fo8ogJYg?uLWC79xjYVv)6NqHH0ve8d;>?5}$+Bv5Uuiyp~=z
zRR3k~@(=N5$_$c;rbqi?sfd{^{M?rTkd+l&Ap~`*Eh8FT4)XiD@H5(W`U*1)gZe~m
zb4J#e+M7=M3e*YXO3-RRW!H8?>Y5I#i$ig+>2l_!Rb<HZ*%wV_;72eK%`mUn4!TGM
zqwjPkgPWRQAqxSqSXvDU`|JSK>%2$u{`k0FsPtJa6x#Cr5<cttxTlniG1`psD-G?!
zdHL3&hFY-~e)egty<gZ~{&?IkS;gqrX$MVFdAohMm)D<xtQmdddpAIx9v42Y!IN0a
z<^ZhVoDo2*=s9wxs!SE?kDrg>R3!M`!UyN9t83~;yGyaLIcEM5?rb@T*@jH0D?S*I
zt{DpC<oszMr|2gxSoDSheusv!6&$DCs>%}g#HO~No3|B1k>>|b(C$meW~(0evlA;w
zr@FkxN+8%Y=sgi8nWZx+BJfT?4c5{Ur|D+}*)c3*SvX2H<5){~J$4LTjs)XhD~EHQ
zDZ25)OP}eR(O-yeZvBvu6Vi?fK6QygZQ$!v+4woZ7BHOtE7C++bZ=~jvb~^Mx*otZ
zP9Y*YvC(dN;k&%I-y+{Z=mjM@jyfln+=}0VGgTgKCy`P5De1B9h+4T`xGC`6V^q|m
ztgG74L1lOhf2&7dV{rBx#OiGp@9SnXBU0{RnC4VtwwrU--1j^64}Ew8kStI=9tHnX
z8T~hWB_p=iWQvY%Q=txq-+R5<c7&2AK6(<Sh(bL8kHNBiG%2q?tB=m-Gzkuve(njK
z^}EN1dwf2S?|p&BF2YjRKkuu~17K)>Jm&>f+d$H{A89^d<itJqSYchgzQ+KJ8es`K
z&xwc5H`!T3Y-Og5A1;e}M^aZU_a_Jy_rXwp(|3Th?l|+pFe^Fiy7h$mz0NS~UtRZ;
z^nU6&lQJjZ+YT}K-D^F-yRSuaJaxBYc_An}5mOVeX*=@yKDGM^Zg^lEHtYGK=Y2fu
z6}A-Nq}1|<coFzuv2S_egl4rIj^Nn#w`965U3tK}?cDnO)W9&b@r1SQIZiS+?Y856
z!+3w+mu-96ZY5@jX#~h+IA=6LU3&Y_ScAjXb#?jQA|e%^G7>bDVZCL&)wPkL`1u}y
zPf^VblRSUHJnGoOe8RgMESk=g)WNjuo4#L`@e4b}K?ZF<x;rddjpeoC?muk<*1Hh~
zrpI@K&$=31_*1KOqeggV4|*U!gF)YDkYd5>{w&M7-z%ViT-jc()uZHw!{gAe`NPSf
zGpUd>%<n-$Y~23Q`#{I@;aki8(RPV7bT8cI_+bdfMeXn`?;C{Srczi|g8uw<NiPz~
zeh|6rbW_dXgWT$Osw-#C8!k@pipF*g&zxgUZrgQB!g2kIpkLESfT3%T^uxJi-^kAm
z93QaXdk_ohwx5*ePB3-Lf~dyC%HCTk`d=O88zm~WQfT12&2mev8F}t~t93t{@f%F7
zlv}GZg|N`vv)vBjz5<~10PLO*Yvn)D5Z=$E0r#_h{`-l|>1jyAHM}b2e9l1Rav$2Q
zkF0>MziY~9gS)+_mg&g9L_yZ%AYunn<GlRt5mnR3ZgT9rq0_XRfH8DEL0c}*1Ik|L
z-uGrkZ@xZHTdhx%zWXA7T$t~xPqOYU=X-D5uD=QUJIS{RDgO|I?}N=$W-F@O=Y@fG
zn>+fpghXf?DKXKM-ZP)IuLp{*&%R>%8<%}~DO%j;1*E{bi@VPox^;nq_vC~J;|N@N
z%~sq>9om<}sQk@=^z5F`s&3y+BuW3uX!H`QZT!#tnkgPlNDd<GKPeAoJ3Y3}N^5#f
z`^$i()823#1|7&>Jkd4`Jg~x_%-+XVdZTH*j@<N`d>A@8-I(OS>V7YDfV;HbXoRj)
zPj!&)Gb7x<48eB8eZUw-PiRWx;yj~q-)YYS1K>cdCp4?J3kZ6L<`-Ta4#`u=>27qG
z?=9W~o;OzB*IYHnSJ!geapSIlIN=Z2pcVKQkgbm_aY=jK5e$AuIyU}hcsfY-L$x@b
zAZ`M0<g8pj;MuQp-AliVu(fTwVVB<vx9=@dO$0m=xXcQ>Jp?+o2(C%W+xDB{`wNCr
zrS=NSD*su${D-z;1o^dxoowx3&*2}%cZ&d6y2kHM>wVw{%!$>br|(~13t;*HK4yDk
z%Rb{gJdq97WY00NXNF|cQVxePT7H#pMZ|p#n$>*?z_al_!^l)*thKoU7ba9VB_-&q
zeCZ=}l?w6Pl$q@rbY56m-K^R5M9pqLF})wf&N70}0r|cq)$TL&l3M6<<CW4ju|GPJ
z8$k9t;z<7#)4SzpewsoRVeqiYdY7D=Hii!|%TT2?cbI$5Yj@-Pb0c5|O5b*SD8Zui
z&RTjn;HDQD_ALv)*d`ba)7^=Y?|qiSq_b#y;w2E4>#%{T1}>82J_#BU0))PvF_UKG
zz-8lchIZYVwB03gb-fOKtldS!4<AQ4fL4>I1nDNz^@7k#!}ZsJUw^KdHAk$xaw$2~
z-EnTcR98o%g%b+Qm>TNLo8vm2(3ij}Bk68mi}9HmPt7_IPu0`briVFiep0!WCAbI0
zri#(F-F&P)1k4t67XYWEc-`{rePQ!Gy)a(AO=+Ss&<;l42^k`Vk&s}VtbjpqUnDf@
z!_)WLqp`q*DAYe0YIpOXKyC)MJyrg`ot&0GJXRoQ>$--$QSFVzv+D}x<<$V3mrOR(
zqK*RnX8SJ>PL43dbY|jwi!FoxRlmDl_s0XP+v#oSD(_jp{;53~D_7v2*T0<(FNxZg
zxj45&Cpqa_nL+PXw*8=b0JKaUIqyHKdg9MJUt!!=?HHm~c0*g2s3IT%R6z@4eOm<`
zHf@iCdc*SgKHzFK=`ojGhS{x*2!0+{rVpN=b;r{qt37TA^qTSDcJjQr?k4OfO22hb
z_N#13fP0|pY3E`M6Htqnett_V@F~dpA5spUh>r$`)FUb<ux(RrmMAUV)CSU31Fmv)
zz4w0Y_P6?_hfL(u9xS%{U{jGf-3HC>_zN(SF3VUX5UN4%HP^}R>_Av=YD8%K-hnSu
zDKr9Rps1qMZ9w|+UiRAiYdd_{>xUTqr$nz8`ZItJ84qHdnd9}C!WW^|ir)JzPdum|
zmEdFPEdkkbbo-en|51&)vBcEELW3-QjrT~55LG;N8!T@&ijWAIw6vjkuJCs0+Apv(
z&&g<V65-o6qoAd&D+Vx^!_bGLEee875Ya19ig8TYZ|OF_U4f(HOhHZWLbSFSC|r$S
zHD<rpaICiPh2V$w{M>eP`_+cCEq^t<?Y14zH9T48Zp+6aBD>wqnWA3a@qais1t=Nx
z04fJ~n2^BmXql!I?q_fBKm1?NK_5XkOw*=UUHA2Yf~js>4v@OuF0j6zz5IPTz3w3B
zrsf(g`#OC$zRHk?>g|SD^qQ%mcswVsS@etVwG^8X<G2*<pRnjTagl+j-gh7D2jcvl
z2nai0INleHdPDK`Kx$p5s<hOSX54=M(^|U2@_z1+pU*vIoDo4e_2AG;SMKP3p0Ds7
z-S#^`@-+CLkKN{$I7=sp;miakq_`py2oGe?-wBX7MuDeF1aD+7KR=9~yKA?DPQ5pt
ztCxH9VpC2B^S7k7^HR6NeG1(|J?=mCT=B=5xmfSUvHqpP+&7mj^85AtpXhEMHx!t4
z$$OPFD?#w$(L=-XM1X+2-56OdSHrnKi^VRTB(O9qRU*?kvwQVrZ2M#*%<nFXf9l#7
z^kqa4;a}(1HN#GGeR2nyaHgkaQ6G$=|L9Yz{+M_l{_UTO&GY^yeludlupcMW%!QiH
zMH9z&mCy#9rtM0_(}_Pg-Rgt><@N>I_MA&_koR>guI~LQcEsquO>jgzKteIry>}YD
zQessrW}%6gXNX?@=Jy7~cYiKlFy92HR;v-L-L7Wn<8HJ1HM^q%q^i+<ZRW7LJ?`0e
zc6Ei0s3>C%j5I8O3d;0JP97Nm98OG`?_capxoyp8hy%N_{dM|5zl&*23m}r=g}mzF
z+Ko8fahiF{ZB3kS5hZCVo?L9Ua?96fMY3-|RBQD7dr|)XG16~;zPyOOFLT-{S%*rK
z;_Nt4fyE!@h-XFMh`)E6u&Nf7_Lr;ZJezD{`FJ}B&(8?H&DD4vX?ZH5zVI_4;?tWP
zgIy%KKr|6X;%8zEZ0bblBknq{a79&;t^QtjqncLP&Gi9O%5X*<lj^#?H$$S^61iU&
zJ<qcdL-BUHh-~#YtG65=psu~{=d|vYFja%%W@p=9?CCu~h=48;@fu|1Me20^DDnui
zt<#UMguvtOtGway&T<w@(kGAtjdb8+1Eu436Z(TrHwNWl2+BKKoY7t&N@6#J=CPkr
zHafWe6HPkxBa#;~&S<P#UjIG4Uzv@%r<Chq2}B4V`mL*r7Mp{DBuwjWf12B1sXS}%
z&`>xf9oN`#w1+IC!ShP>;ii#*LM|`Fshb@0XF0o2;Kks0Wx7%fD2E##3f}7v@i<pm
z%&0!B2s8OT%x<`Lz_NH-911h6)c)xytQ9u~*nCiYOcG?EMX>iBfGC^C>j$6U{>|zA
zEBv5=k%jNHaxke}h<G>D!}SKTcxzSv1$<Wh*A4Vf0vCcEuX9N$TBUdm!<Z|b^YhVf
z%j4mSI!7o0w@OF&vqf;GuvMesjcP_0_~AE#8IeXpjO5I@=HEqFxD~{#jsk9N8(Q=F
zTewC9ZFpC%s|)#Wd7KXAs{e--znK-^^Mm^q>IiuMjY2a21YgFCP_>%I^K)Rz$WqI%
zC=S2&F6xMe290LA4hbK;qnEWw$jTZ`2YslQ_xlU((N6i9<*Gex-e)Z+e1a_2nxfx_
ze4n3g!=S$@>Qd^>9ko6K((=nL?JVu|WMQO#L+Xz^QH<9#7Dj$}Ld5jgP<k?|Qk?Em
z(3+psQ{IOr&mR--x}V6`J~uGdP6xMrbVc(I2^j$U1ql*&>~%Zk)bTVOD=Cy3m&7%w
z!rt1HDgMG8<slu11hDW?JXlbsGIk;-v7l7#1}9rnF(1Dt`5s8nH;GBZoe~UUDRG#L
zRpkS)x+%k!)#xWACDRDw6W$1BI(I4NQ#Z>AHz_GHA^dHZJ6&Kh3BS?Uj)0G3Hnax2
zQe~4wJ_((|731-1&bUg`zyPMa_Y**O{p`Zmgl`tQvXv3ihL<70c6?WssP_-?%YJ$B
ze~m7J*gjSRFw4jQ%nDtav;@}bd#RTP%Al0yQ_bdIffgpEqz8bAMf=-_Knq3u#Ki`r
z9YPS-l~Cq`BnmO&52={$nP<^Rg#-d5wPLm1nTg4FFD}((H?I=x+GRK2lDlP}{{y$8
zg1Ep3{F#7SYM#-Hdm4-F6e&SV%V{X0?>uP0`Et8_*Ngis=lZXxK?(MW2c^wjEBN(;
zr^bUp3Ja?}f3Gm0Y6L<1UQ;>XzgC0ae+<|lvX||GSgw&u(fYp|g@3zVw9P|NitUN{
zfmZtd*HwMD(g!afzy!h$<g8Ni9|idTE=KmmNb)fQa6aJ6U;m?0`~NoQ>_EUy+sg;=
z<ytELhkgI|*%Y9*2*IXMP*4~uI+%N3(~K1`{yCA0_?}~^PR!z;PqcEF|84Ll?)zuY
z0a9*mt-$Kae_qj&BABD2V|;RQaB?!Lx`syo_;^IZ?`o?pP3RMHCR!P+Jvp-PyV%PM
z^B1wjIO#RaAI*FgMfdyob>FHi_s@|LB8A9AWUObEr1LxNk(TP}YS*RB-ze{|P6fbH
zQqfKkM+x^^TiWTHYinoM<^Q;tD?lQ}3tHRS!o3iIZt64kEiBw60{fMiPWGieH#R!O
z=jQgOqk}KYQL9l)Z>xRhY-$)ln0M%CY4y#_Mn!kTaPAx2SJ}?N1XNYoP6Mq`nafM2
zV5$Fc9&ted#%fGWWq$hG9K)XhTl4ejxQ7SBQ#Us8=;NE*8yX!Y`4(gs;b`mV?C<Xv
z@Fv|d1lY2^7TOBsYnFUJjWa0a7JW5W`B?^WpZ&O)n8EW!rf*~MWhj_$6r+bxK6$og
z=KEm=a7Fslu7HDwBtvKx>hkitdwHeATwi3;-uokdFe3~N4HbMdY$Q-qQ&W{*D!l*P
zf-NBkR{{N@8XE`*$ou})RcZ6t-J@RbO56ZkI7ENF(P-0cEeoV011~Qg5fPEelz&$d
zG3;(1gQiL~B7hr_@e0g%f3JUVY<6}v9Ma9r?TT96A`#q23BY}!YVuE(arFnVMsbMy
z?6(cNp&@c%p<H}De-ybavA&(1-!Pt#ML<Rdl?u!+d%z8n%{+$C!1A(a5;+V>{z-t<
zGjB!WcLUhK>&I#J43*rcGi2s}+KY-nu~{w4E1>iwxd{KpPX{fQ$y>?z&w+X-Iw`Vz
zbJM|TX=$nQxf%9_ig$u|WG>23OM+k`Rc=>XoX8*%nc;KO(|?hX^k2v)1?1)AhIhK(
z_Rh}(>go_>k@MxTE!)z>rE_S&F8DyW`st0dTp>wF<Q2B^{7<H{EQ7oGS|*=G()}CF
zj2w=}n7|+*9og&gu|OM{M+B!qkLQ(6VFJEupwT`Fds*q}i9}<IBaL&Q)taoU#bB>%
zX+=ja_V#n>zKYOX_Im;$a+3Jte+~`;!^5F$_>gc!$dJl`QaTC{0cOPdmX<;}eYBVB
zjR=B*j{xW;i0(`3e@$NREJ$+^t{QzISmtYWJ>=U-4m&M2R`j1~QV^u_LPE%7z@tCM
z1FWIOIxX=5X1-sQ%U?QR-yxw<SLzPV_%q9Vs;@@JYre+^$0q685T8VjtG;#?Bc*@>
zIq0rJQ%nFRNe8OvMes$9CO2z7UlChTTieU1^sYn_>*Pc#te%JbLYqhd4}|&Z+g@D+
z&kz9&0z$d-CJMMAx;c|H1Cl<E$MP<BqUgKVYIB1b&!^Q>a=&|ccx<?11PTz0I-;@?
zE5gDdAe1Q2bx(K*+^veqN}K>y=>2OnzY;5GTR*@l_xfUzeL{|%5iA!6t`?%HFoVof
z$m<`5KGu~jH$c1L9Osd8u~4hE-qvh!`&^*H+%=SY9ewh9kRlFJe)-!!obxMW6;G&?
z%KbAaq!8nE1Qfv$YXyji1efVogcL-?#E9cw!-|QiscsMG#%V4j4r~PebpazJ3Q9^c
zDS3pKYquB&2QwC~0u4xn!5`yE^O-n;dU|%uz-d?SIy;W*M<_u9nanSIe0-U2h8ZZz
z|A6QJ%m-J--`|I+b2_D;CRFDE{-~YuNQv%iq05>py9NRPUQ-`csZk4y8c_Y{e?<Ac
zqgQ8!^y?cS#uhw9{ES$tH`&z9=EMug-;3W!E7(zhdLKoMXL5S7jut~q&%&wHSu<h3
zoyuT2n=24bk${dO9Ffv$u@$}E>1K^1QIiH610z4T-2IlW`~4F}Vu{Q{zYavtrZO-A
zudn7{fgF$$5)#FqcA$Sds6hltfh#I1GNb+>>{L1FO^(PH#_YdaI@@Uet=fV;dJ$HR
z*!BrE*49{Ge-hdmc7mjU8SurbG7hEA?4B?KX1&#h1dC2P2NfVr;Dh>YK(D#|JrY;j
z5;IuL1|~NlPavdG?bG_RduD1a3-`dx7}fi>r=d9?d}<Q^nQK`=g!H3;6UxEb+S@H<
z1YC^dU4e9PFXQ!ZMzeL=>zFYk9wx1r=g#bf8og05&@8C~3+0q`*3;66=%wk}m=vT;
zMV}yyNeaT9MCMIABhz}_NNT1zpE1i*)s@x#2P|EG*@?XUL%rbvV+}Iz6cx!^9qRD}
z6ql6zinOg<hgUX3A(RPB-aozy)LG|KcOoW0KS4VM9$^U#%fT7}WGNh<<v+zTBC+N`
z%1logP~ilnksW3$Ijg*dq@lUoCW@sX8->jOI%A?kSa3~21^HqFGrsh6Z?ke0czFT;
zYNYl_iT1C7A>EPU`+9eh$zp>S6cpUB^#`Jv3b;fJ2X}lSMW4B=XqNDIikA@<S~Fjq
z55XI{Gx>dQ6%IrpNi;3vj=EfXN5xGC{DzP#pfB>vy>l(auXyGUCJ3|ckc4_*oJ3uH
zr7Q4b=_Ik7jZv{F+JSK<mNhNS#?ctIrGaVSyAX+RO*hH)xT`UI5@!&R3B{=4dgL+(
zt`AK6F!{|RtU&E&5aP*c>5F)+fuf%mn-j7^*pv0(j<6z>)dsi?_M1|((7Eu}-@e~4
zH88+fVFT&X-T~3kv>e>rPGS7AumYr0t}gffe7WNVBt%6}6pQdFwonSJSm1<C-u>tP
zpSrRqzy=`5MbC!YEy8Jt??MD%Y?cu%vVRs=3&7YrsiEjSBqwNRB!_GHYeh06=scfs
zfG}td?BOSRiiuqc5Zn5p#@5i?_JoL~{RJo}Mm4J^)7X2Z!~|w>@$jnK8MIrhGfp}I
zEt|HBuHWCR*@xtLzZq0-FpkJop_EFuZxv7jZ3E;VWTb|ngha?_ZaL8I(;G-K@n)l<
z7o=;)O8GH>IC%LEhi~QudUfWi-#m`i(fzK0%Ip1!^@~p<T;6vx(Ce*<-m6gV0w07q
zRs=gA=R-vtNCKfrG#l2K3VQp1C$?2e)lh>!Y8)zA;khk&NXP~XsA4d?(;phLMSo#1
z&S3j?(eXEJH@_GD&g;!DI7=J})4sE1iPwT@XlrT7_NTMwu?EK-Cg!TN=lV;X6@}0B
zVYiq>sBVOY<NUPYSc{=RaI--)exF!&Glt=Gi`~LsQJ%?x%GE|XD?~1Zh;6`7Q2llz
ztjfxPN6)m>ehox~6<k6(1m6T|!NYHkxNn<c%iaMfR1L;BiHG#o_p%Q9tV}G#?o$LA
z&-Z2+jp@JI_NQwYHxo{+{UR$q4KU1?tjk6=GIxPaffWkecgh#5Gt^&3QXNH<EI;gc
z9ywxBJM|x*bnS~&gQjdSP9e|5RZ5g~TRMItmP<p8VJ6E0Nrn`snS_t6wQneshzYz$
zOPv|cBYl3$H<`?4aBbWKTnS9(B8T?ABiqgMv$&)w1We-0AUP!>xthI}d0_>Hy`!YO
zpzoFjD%pr5F=esD4r*!1B`PI-v~-x{Z~W#9H3MJzh6X1CsYg<AFA@zJuxLdtMHfYo
zDzTr8TDEfNj*hVU7AElAT2_Zq-t<EeY?8NfVw%{rRe$v@2p63KI3%TIzs(fjFKw!u
z+>SPu^uZyyag4B3-sw!f7Fn1%=Q9RpcH{;Ny`QS0f1)O*4-AhBcGB6*lefZVI5sfH
zYbn4%QkY>rw0CJ|Nk`r#q~?OtXhE*2V+}Wfw^wj@KTvva1rZ&|eM9l+44ToqYP5q}
z*XSg9&y~5J49Yb>*l~eBo_~LZS}hPJK%*wiO&2NmHI*OG61z!FVghR<#lSksPNc#I
zBxaM!c)5aP_+z%c1RJ~`q9B>;MQadr#pQ%OADmM$6g?&~?3+$I%yJU(bEBMVtk=~w
zgd`R5vct49_3hS`GmJUSYf2Q!IYmTpW@qD(Sw=o-pA-}Z@)VmG$4A!fu~1002bVKd
z@}<WsAg6>iB`e2@$69#BiX-D^WSozkrq?&5dO3&dD^)QuEbzn1J{E}as$`&ou)_h{
z!0)vsyU3+$5v@#OZfQ1EGU}ZGry3M6;A7~WFbef}M6j)JkZ5}=6g4WPXJ}b+{?#GA
zxr9C3(@%_}`;&TDMrL*Uc={FQ%l<4B$B0p5N50{iIpd%?;D&pS-rPhPrxfd)>^Q~k
zsQqgv0%QSgBa=QWwn3;~GEkUlRe=T4uj}c!Rf3_xzqXq*1IRT(Y23T!{5&}`Q)|QC
z)`9Twm%kx17`AUFF_ME34J#@GqDn(e8gm?9>q>bib&}8?7g2ug=<8bT$6D9g95xdO
z@{W38Jge18bf^ThdZQ`)ke9zbX%sr$Km-a!o$WT)me2Ec-5!W_k2h5Vw@Vm2Xl}Zr
z;X;xGjIsW4Hb-O^iI=`cHe_1pzP&X83@iqY`WlWt`Ol^ltUFgRhdNzvHHM-FBMU+F
z9`|R_sdqyrrG`6wA*1n?Zrc&9U!w=@qxgLVi+$qv=!I(1ZaiF$U@N$>BfqX^`ny3l
zjGkB!_PR^5?7tq?F;~eD7jwPP`Kx#Qd9IYOX{+Z8C-uE=uKv`?uLl&6j1Cr^BZ|0}
z9c&V)?(I|Hj}Yw63I|97y-VcPZg(N9w9vO5U)7IswBSdnULQ2$g~s~eezCiNSW}C3
zg5jLZj3n9lg{KFjy3T^h=>n$%rr>zItr#M?l9+rhk^ru^md2;(g~Gl45>Y#GLZ=V_
zlYKY)Db9%1+^kT}$rX!ee?M~)8J|O==nM3KU0-*CB)wNuyw``}0@>dV<b3cg^uF#_
zG2h>I@BkCO_QhSVx;>hCG)JAo-}U{X&-Hq8z~#<Sg>a&i=xuOY8jlg$JFwMpp^G1u
zRh>H+Kt=`<H3p;ZA(Hl`f<8O=y$1br?)0``S-Q?p98RWc>-LpG?~Z*veP51lt}=jt
zocHU8qeN3#;<uYl^U%aKfBz<dci1A;d0m4;Umw%q&6Lq|Kj{mh*zOA>EpOnyjasy9
zmTMAltJq?V(alw~`2M$H%1$-S?Ml|Q;cPt%s<3*2Xe*KXM+ucZHCIg5C=XCre9M{A
zEUJ^QW(<<NcW{JGHj~M#)mqOpVg$_XtaZ>2AMwK&3<A1MpJYiD#s&LIsF;o-#BvlU
zOusy4B?j`txth<`-(Ni$C<9POrViX^QqlhV7o;Gbcne%KI0Vs{tf7Z%xUJhukY)&O
z!zW|3xEs$Hz8>c;xRVxvz}wz8({8X1i+~Eu&0z!v{x66YyjbEOJAuZhZbqAt-;BKN
z$VL>s@U3$#0L!P%n<m;mt6%toiPMVi#tVyU-Iq4F<4=8~bQ=pT{r<Zcv;9*DW``o$
z%y27mXHNIL>3j}9b#s{Uah^sF_RDsMK#MjH|BlD)zwv(#?0FH4!X94tMaG%!4cDR<
z-It5sTo}128VR<He6NF-;K6E+H<YO?G*_l!mGeaiQEEIFiY1psr}_Z5hgj=XDXD)^
zbwYdIt~#+%2-)G}*r2RdksbJxu<GhV@O-ec#-~KCc=?IYHMCUw`<H<Qg*ylN{5w5O
zw}xp5_cajZkp%JMXZln7b9$0V`&tgJL^L)hazt!2V<l&MU|Cwl-1jra*II0W(f!`=
zr!IMs3~eGr#n}zdV?ocv5MXK8Yekg}fqk{_C`O)a!tH!@LyHpDp=#6+c6<1Muf3b$
zkVro%V$K4G^}6Fs?)d`cI|JOi&6woy`9rJW7Vco5e}Ley1*up76UX5Xo?jZ3ua=`_
zf&ujZ&hWb550@ES??P>BvG!f}+6{>_@Wu6fKp0AN?m1So<&xuS$8leKfSFC>F<DGB
z)=9raQKRthk5@40&&AuWJ)PgXAAi&u{J{+e_Te(zeGLhZo(#4Mri&a0lJ$B(@A~+l
zZ#rMWFvwj|Z*a!4#o>i9@Usz=^GrO!mfIS1x#R=-EKvkled(p&Za7c9@%x6w2qUG%
z!%0J$HC@dE=K>q!tJ(;v%CYU_@nAcxh^m>_b||_bl~Vx|^3I`~BLlsFlO?0h+p~Wu
z8467f@}~|!K?%<cJc@Rcqr_9Wt;*x`OK%$z)_FiW+iK)N#AJl?I$?9#AJ6PbZymGr
zt*%4hq|OWsCYko_9mnB!dmfJERs-&;%@i%K11koF&VJmIE<6zgMVa|{l3MvU|6wC>
z{p>trccgsvAlu7*8zG`!h4Jxn6Yp;)QSY{AD?>z?@_aJQ=0c14dGT&%%<T;-yk|@~
z#624~c+fmLU-LzWoAe2IU6j9FRI@9zc-F1U50+Q5saw)j_}&10XQvL+lOq{y*O#2L
zFJ6vDbF;L9A0CKNRR^HPZrpyJ0(v9i0~)y21`Z09hlX=S3sk6nRDZ!!7&S;Ra`es5
zpfXVu)tx>#T&@GREyD^rNTK3mbE9?6pysRXeo~Hy_ivcoJA`tp!J2NtHV!SWAti<L
zD*l?A=Eb6EzsjM65faEp@m=#ne7oyX&^HY2wmLPq1egI~)a3Dc?$fHEo%-G&PnoN4
z_btQgiB%8QZhj4=^AWAp`LGriCf-iga^D_x3*Sy&sC4lK5YhKAveOCn$iRFjlrEq^
zm|JR8Die_q<w*;@%&n}V5cmKBTJhUkTdad%-M|3>0qIOep{^OytU>Rnj@ze)h;t)g
zZ>tL3#XF>xh3fV-RDw^TWaf;Xn3sdu0bS~voY^H)2}y!PSU?6Kk&<lTHH46Oj$?#N
z3TOpT?U|NQ6&Ao!=c?yD5x*QJ*R;XH*u*vrP^R8ZNIo?i@%_Nrg|!Xq*-S?8UO^#U
z!}d`rP-;hf<_j|TXN-5^G~gi$Bu8^^S|-GnQcc#J31e@O4iqgfBp*Rs7l)8)r$2un
z#GXZ57SS*^#%EFX$le@I$eNouLBwRX4)3d@ct32<w*A&3ygFZi+O>`yYEO0_5-Bwp
zue8bJQ0fuc-6KESpha9X^ASrZ#qe~o3nKAT-@E6GijU6}J(uQ5rBff5qGLQvx@J6I
znc?WU;C9CKOd~&tUT=lC_uGN@s)dsA`9%Bq&>ZM7q2b+W%6>w>9z3&Uk+RhB)vexp
zAZ?8M2};NHFjSFLroUUv-jkUT5l>FCx7@^w?(>mLjt!pO<o3Q@sb;poT*>bO6L1G>
z=K^0;h$GZh#n>fUPo7Be;<Zjg&ZxjTCf9UGA3cnnCf}TM?~$SD(UbdBM;>64DGqTz
z{%vld#$3fIH!VYZv-OsDNJ*xpQ9|BkwKV7sc+v&jx4yVLzCr?QZi%D+-g1oMsQ^{+
z-t4#DGq#mLl1F1jU#nh^)|azTt~Vk(P_3J9d!gofz7ieftjCT)<_*Li_Zobi(bpA1
zB1JARx-M|L-z5apG1CpJW<f)pWdxz;cnuT~Lg4u7M3)DfSF-1ZeSx#`6UAC?txhWZ
zN`ndb6XO3a#vm&enor)V^RcajJVgg$6F=OnyX3@>2PwtDwtYEW4s1XFR7-v=-D$j?
zhA#D63B}F8z4t2H<*eBMf-e!<?IHqS7PL;{PbjCDY<gr`UK>KzsZ4(vMI++814pjs
z9W-iAoX}<cEyw35GwzHx>IbA--z|7nz0E0~JJ`^nxg}NR5B%^_;F>LcMo;{o$wzy?
zU-$zz{4hBWzU`9C2n$;v^tX=O>YaCp;j(?XFZte(!dk3H1BzskJf_x4r;;}7pZk2X
zIUJ!*Vgt_R+uKch%MVLfwLcW0w)DT_)^)v<7$F}$`hCv_a)ALnVJL@TbULP=+~WE&
z<J<`@Q%6xV9~yKK!e23k1$rrj1__4Kem)Yk^LaD<ZOZIW31`_8fsYr)i_c<$Qet1~
z44?!E#(YJl5+Fl)frEh5h-}s|sJXL>QmQ6dKN;^Mxv8&PaUR}J-yXYwIx)JNv!zxC
zz11ElM-Sl9SnGknV+YD7n1Ot@T=mCQ2k#Dj&Y9!XgVG)0JyDn9`&3T#&yQ6=@2Z}l
zrY?j_<ajZo!|P&flUb<U;)?rTERj8#Bls3wis{?S3*lDSl2QV%%gs7J4n{Df`z;>m
zK;W5!S)-!-Z7n>%(LgYkrp8^F&9&s&*CdMs&nrdG%U=W@(Kv+h_H)XKgQ_u@$i_va
z6p{l89Fd=J3p=ppOF&y9qU1Usq`49T_->9YhjE9o2HhfOLcWnL@T9(m2aAfxme#F$
z_qN7l>ZIMx97@<INt)3@S74_{Css+$7Lp02#KyJDgns3EvS{=vpB7L{(e5d?nHd=o
z!s5i7HPiFUVyHs^?y}0f8aK+0k-LOHI-8LW^trvPv62aJE5;zyCvo$esc`(img?P$
zP0<yC?P5!f8(?{q>V1Z<!}skNlU#qEQYN4r81+-I)SXSLwVye@H|Ek-(waEz<i`?D
zZ4FX2I|(aBP+cfaKrw@Ww|huLO3z)awL0*HK5C8C&+fVwKv&T+YfxY%D0MKqT1I+Z
z<NUy=ghox9L$4skn(X-kCh)zX2anGflT2z46-yIRPC-&-9aQ@LuP#Lh7HxF9(5`uP
zo_CR%l9(7cR!$iVQBv3lziLSCGy^?CCjW31)!ZNxB~$OCMV@H>MIkt5$%T+?7uFsE
zON`CB(iAro%RpL)cGY=}-<Ce&gh#h;nhtr@W(4Q0Qx%UW`Radu)^d!=32@t>uvamx
z6M=Ptw5>!lnDg%e==YOX>2&`Xo^ddylbO#$7PLyxW~>F^(H83n+<A~VeEng!GaPoi
zz5y=5cSf@Qe@wk&bfj&xtsUF8Z6_VuPCB-Yj&0jX$4STO*tYGCZL{L9-u<1k$N63L
zqn@Y6jkVUC*HrUFVgikuEA8Rq8X+FoKcaWqp1|#X;~XKrK;HH7CgR0044os|YVSXm
z&N$sPThjUSMFVjT1$H#L^1V(L51^-ZbVP;#w3Cs)rb?nj?%aIrXp&p48D;(v2Zyz^
z>dufZ%9E^t{BdfQ9$}O%nn~eoJUbDjuY!jg0f8YE>VgpygdCB~0`g-iZ1#s^Din;{
zUse#k4;fD@^6l6VZK?u#?yF>KOVgPmg;i1<r%`dOLrSBWGUDBfu&Ub;eCGX{t*X;3
z3WS?l-cV-6Yte)FVy7KKfqI*NVwn%-7#?r-tiDFvXdtwnW*_2qf{8&=hVLlojyEw9
z#QbrzHy>IW8S;`yTu_RsBf7lPMv~#ekxr_(>wjnwncIzgwaHdw<zI7#cwc(aC)1l3
zai~!n-y%3h*YkV(*l+wnzp=pYt~6^0W}V_wHkEUVu%Y46RQEL8*McbQ*6Z;7vR_SJ
z@^zEMzsAEc*L~Ji%d!OX@LL83+6@O|5JXkwIpQToi&Q$9c)CB^G(65AXQ@jXs^}5Z
zsBp7O1S~^1B>O!JzrNH^6L(A%sGyBcO-)U$9~RYJKrb&Ys#sqU@i+?TMOhbuEIycn
zqA7sX8SuQkymdY#B&3lYPfij{%yhEqpX_U_f+7R+i~x&0G<hOE0_2`sSZ~KqOtIA(
zQfh_c5c#TNZ0IFgba~Gwf!I@&pvx%?0zN#*HLv-Lh^%>O6&&=hcsaQr=B!LX6l!1T
zf34IRDr|dYJdGz%FjW3ti7&DKIl`NZyp|cpSr476wR6RCsbV?URFU^SHXk~fQ{0W?
zX03Js_x)HX&g}eE>#U`RgUuWNOI?OkSre7zOOd`s@%vN5_t#xK%j^CrIRy_+HkYHM
zuy7z3awJ`y9oCqO3cZ4&;tCg1PEHO-XWzrg?BK>mr{qK6wji!Ve2v2GT~7OLfsHcl
zXw4eV#AdQwnz5IIBs2EPW<4E=%<dt%uBLEAlE-eE)J+hqK8{q1vCPDj)Vs1K0I#DU
zDuEH{yB>rZVYtp6N%Tc=T3OZUZQx##+}xY7aqiE)McYLZxAW@sbcI!7{Mf;01=nF<
zA4tz)5AI4pBdp<U9=zsDc-uouXPwWh*2m-Y3C%A5VyCXpn$BDp8#lsFU~NSCKeZ7h
zxzR`v3L09q0vwny=oW_g&36Bm_4Q+J+#Vqk68rV;VkG9{dSS(DWTg`7XFPkRl(j_?
z7Ek1RG{uL@X;KJ$+jDFx!!ksZhwHu}mfok{1g0h=r@T}P(;y?Vywt&S>wd8ZRS|hH
z#SA4m$yXZVT7>@~^xk0FcZ8h-(~9jjxF27uL_sI$Xv+OAmgMJA3#z(Ow3K(vk~O&F
zIu=EapuFGv^axhs+(|X{_doFim5x6<i%xBG8dsCXf&yo*;;gVf+`Uc+$7Q~}_Yw0_
zohf0|IaATM7YQ*=>3l>^h5JyH@Z?g610J20CL^Y;Cc_^rIXu2NXG;MsrK=%<7W#7?
zQP>*SJ0V{1SVh#!**yUl3e|t|4uYGv&IF|K#{X~+c>Y}3RFyUSQ;`JyVtW3Vm3g}>
z0CUe)33aBue76%3s7Nsu%$y`Kj9kwGt)gc|d4?W~@>zsO6C1pVUMd`*K}aVtg+JFo
zO@z0Mcr*14&Tg0)d8MmSTv&zcuiJnSrA>BLL``x%;8vjD_i^=5=X-}-ZW#ct==epL
z&ukEcR7^cTQ<_n)xZ+5l!S)qvxw#>=8c%4%>O$IbV-W9_?Pom36O>@-2OFZ~G39kb
z%GNVQkMITwn*jlrQmHUau;*|RngabbRC*;9w^fLjDhn6%4F~Kahwftg^a22$akm*g
z#6NzChX@l}K0lUIiu)8x##y<z$Yw*^gd`atLDw8dYpu+oRU*hJi`<=3%7i!hio<D(
zM;R?TfbRnORWA*C(W<h!1Lgd|ECM+2D;yB(>Sm1`h#(4G$~1WDoQg|T2<B^%@tjV2
zZgb{iP@wq*kbf8nXS4vku0X4`l$sAoTyppta2tE|W5aW=2X9pd=j$Dbwfq~y9|&;M
z>bOqVx@hqtI!qVuC~%~qUC%b-^J3ae3zJ264P%9Y<BdmMsCop&s~kRvSA>p~0C#ML
z#)I;GF$)qg_h;JRvOPL;XNpH!gF~iXhA!<ND>Rg>q$vud%c0d*<3|}z%27{#Sro#O
zy;ES=e?ZrR{r2)SY@Y(W6MR9C|GvW;vfewtFsUPx1YHoUB@zXe4*a(D*<kuaJ$w^X
zEKM!aY(1{Kt4QEN?T_5_#31BF7AYvcOkOOW`^$mm|DY@H=Za%TptpOlSELXhc9uoM
z@lbpo3R?oYzq+<YrPcw*dEgKP1Ku>GkA&axgB>+^e?S3Ukh>76bQlub##`fatzC}T
z72z98*JDcLgz4eTVxHImsYRN?G%YVLrZ7Qibo9~aaWdRbdYX3ls#VFTFLgF?JZmy|
zJ6iBJC;ZFSH-$y-D;O}=iQN`@lYP$`!HzK6@HrU?jkXWcqfoU>Pwri|oNNzm2`YD;
zyN?Y`^ri=Z=KVsfG6G}unyLA+SKX>fc)<oHN!D(+*Db1c)b2Y3RqprxoQ4Kizd0Uw
zAD{qA)5Tm!t9yOIiYB*8sgqT~M-+VEOIsH2o{(+p{a#J%ERlRX3|()~<*|cxla!+V
zZFvZZaJM*THd+Z#U1`;(&DWVz%eTE~$X22?-I<Dl6V87wzf)b&?}KeMT}*qPWtnFF
zxUlW|m@-}Ota&24J#9R&ieykpY;PP#j8tWVKr0^FCP(o=K9AInX*IbYEH=J46b<jg
zq&hoM7Jdn)WD{&+C0ksOC@t0-U8)c*m?1GDK-OcPr1XnDH!ayLmQy@xuf8g}U+wns
zP&hhCM(CmuLLTGwPrWXsJae<c{`ryQd+d5s6-Qf>pqihA%F<&-29*94SF}S;!NuBI
zqn?E%VtwAN#2m1G=GNZ5Jt$dcMZTRH{a+S<zF#oQ-MlkQ;inGM0U-kZ67tSR6Ks2F
zI?h}tw%wF$qR5TtF;+SYDXwawVI*j)(m)%!48WpaRX(pxgPuAP-|8SAPpmfV6~ShO
zh%uP3o}3q)aDzLnDg#-EGogUHI1a{U4l*uei$iZs9ykRA7Jug>9`<;X&Ynm4fDcC@
zYU8aAJ2skQ@kC*L-ka*>Ti7zxZB#a}arLL9Ex&(f*fZLXKCeQ2h=8hcR(W70?H}}%
z*t5s&eMJ*2#eQB(A*m)Ryd`iwV=W)Zg13NR40b3M(xX3G5wYe>^_#;%tMMzbPQd??
zCOLT#NW&iFW5IahXS#G)EIG?!FDqA4BK-Casw?Rbp<Di)yl~dDG?@^}z451nj6lE%
z<>bt9r+*p#sY@?WI#-(BmJQOtoyX-ILH_KZE3da!@+4z!>~+a{n_NsefhbB|TWQle
z+^0;iBtTdIPx?1m*f!!!8D?Mh+v_uzr1QxUp{!E$@O=3q%`pWQ0h;Xhh4t73V|YRU
zh=xBq;!bUp<okB3>3|=&v+I@SDd!>SS}Q^HR(3{Tn#6HQ{%Fz|`j~|gjplQiF)&V9
zg6e=HM~(-X&%+VGqZSs7lWX!0Cp)E*aMf7UBkthMhFDtBGraY$AkoOg^bm1&G`EO;
z1<dnxxtKRqMgQ>Lz3Sp3BoO8DWF~iU2(aRsdv<(WihA@$X1_TtBy(^t&T;IC>g@AV
z=HvQivpoe>`YLh66UY09rnl4tHkj}x^kj_@rkZ3JnY{e8wUa!ki7SSQ$$^Tp4b)Dc
z5rp>-k~dd`9Dd(j(Gks-Cq+r31FiAkpmV3fy{A1Zx$hmX_Q<FxiTZZV4?n9qB_@7O
zN>th@%bRmpWa?{;hL6leY7`$P?MHZ?+0cOmQz0R4d`p^kh9kh^%k$Dcij$_Onkm0G
z2U=EBnX~cdHBx%c$O10IeA-Adq_oU*XbAptG7s}oX)PvitpiXaW&vSlN5t!jaeeIo
z)PxA)KKJ72Z^qgPKG|>}SL=7Cb2<1geJU;d3I55cc^nl2jcjuldYJn=7SXFL@KFT8
z-fL>g9_Qy~iXzy=>Hz#YNN%x!iQoZ@bUWEN7N-V$$dCQmoS`h2C<@xCJvHXYgUoY(
zvaG`gRW<}xOH&nb$$`OD<YzO0oL2f8*D<CHgo_Zb2unuh7>^ejT-5m4@07TLx;GC0
zmL(1XGc{&X!T9X-S9QdD^H@+@v-x@{uq$x;T)n-ceevYb$0*=2$r~QXa@^^0bJB)f
zc3u-PVitp8cnqPvicG*$U_X%I*b*ycJVJQJStXM~g_lC_JW!bgGj^S+qNxm5d@gvo
z?lzRAq{&V*CbAYpCn7<HSfHa!x~vT_+<d`E#!rZ6C9z#n1}N9grH0DLe8BQNUrSd$
zr6w8gUgwm4k;?~Cp&IS+l9R}bFsg_AvER4k=`uzSwZ+c(+!I$}COJ&bp2>UKz4RJq
zG{`I#Njc8gbp7Q{+lhqK+2jg~g+-uqO>}Vwi@-F=OwB|D`l0u$Y9Nf9y1@NIPhOH-
zuHF5Yb1~iUxAEQnFyPkBk%DrFbY~%pNsrn}KJc*qm#bLJio-8&nFbHnAm0fzRyYJW
z#?Dl9TPaPB!;|~NWAw;qN`pK({Z&o~Gv^uyU`s)G=yL#J%u6Bp5S{7|)lmks64=o=
z*v<6a2{uNl0NtK1$;c_*;-rg$MBszGQwSAI8f2ay&GCn_u(>fh+OtSMo4c1%QU1LE
zHMUY)qB8a}*SMzq&mYX+C;*5$-yYq8_o4*~`Jko3Uiw9NcJ`S_PCRbM{`NREBu81l
znVM_<Xq_Nfy)h#z^Hmi5ziQ_RqPtKe%Kx-ZX0_iHG@q+|(U008;I>-qv(tM&8tHQ<
zse*kEx6UUr*eDYE7qAKou}2G=ZcO$eR}~D;FW>`|<!|uGq7GsR2E&{l5JMyKt1BeW
zB!XgXWqch(X+;Y(m`3Zl%Et6YI5QDK4AQ5N$&TO=>?3!b4mQcW9)7e+qoE5bIR<!I
zyMUgcuQ*;DMk!;@Fy|mwZm7@0sr;YDFrd?nMc<9S(inoLdd$s={y2=z4tJj2c1>*U
zWeXv6;|dz_LnMko3Im!P7bFQHN4{ks%fS?frkb1pXPEirl!)i`N587of~N{8+Bm2o
ziishXE-s)!RxbZAhnk>)zjDdvF$KV0M|u2x3$Hjr)kj+ZDw#kKmUo3m?}P!CL29Iz
zQ>9xld?6(*9a;KrxEQABj%HR?SQ<M>iFlC7w9k{_7kn=R<1QeRE!VcFNqXnMXAaSx
z1YpirBcqt4aMi9n)E`%o9oG*6V04L+<rV;MWyC?k=0ky->}<_HYYR;t$e%$G@wv>t
zDj&{`#`sB|!J4z6&AQTvFTAy}6Etyp|A5jFu3{T39mh@{LlqJ-1&n6aCbu7n{*Wjt
z)nodZV>lt8UItu^!NLlob_&0B8Oe=);gTDPpl$sX!9lwTfPByRgxM&cb{dN=@h3)%
zvX08XM2qjzh3>Dn$M;m#vrf+r3nt${@wL?SMvE>I2rBK8ssI@Wi-S$HNPeIyGfd2t
zk|aY8({AU%7Q3_H-n*z}$}J$ht#@gEBoZY)OO<%*#6j6J1@DBfWY*L?kMpXM>CE%Y
zB?ca}t8k!M;;zUd&9o0Xih|7*nn(XdQP&87vE@n70mWa(f$Ie&_jLcs_<-s$v#&T_
z$zMg(a4>e|S|^zDgb%=B1LHB(kTQ3>7C(rxTi?KB$hmO5Q>kpCwjz~k`mDrQ-%4Fm
zp^7uuR`~Hky717iRFKF!0}D~Qnf&pgS9v~3@Dk&A`^;k{0Eb^Tv@>;K3oRWfb}yl9
znL#Hm*{RZ^hWbJKKU4+37sJ&YF&Ad|&7}c_m>A`ahM)dn!upcJTu)|6HD{vwi@t8{
zvz7M1;(!fo<jw#UloMHfNPJ5L<|7-Wt<689c(%471o#X~u$5ylb!4onbtS(8DcvA*
zaopNScp^L8T_r|*pjc-})e>FIu-Tp+MdlKponWZ;@;$@RK-bad{+176NGAv-u)oh7
z=#_Hc4~7pmh=^&i9<~-!hWKgek{*oB+YCiv`gDDoQME`|7-{Kx;9N2|rT;W<JO@LQ
zMw)3k-M<O#hMqmxO0#4sOdt+H!llC^^MGr-olGv_V49dih(1h*-AeS1;2bV6$TgC&
zD6c6?iSRH5hTp`tSsRtGg559d-z^pm18i?Z%&=Jo>^vdD<8h)Q3u402Wk!*W`Wto<
zZ4HqRPWzA6(hciv76n6FiNlk+vsc_;zCy05vTWu8P;i#b!}@yBK*?F1Ds&QNAoM6O
zzS8tHb5&tJ%1~M2A8f%zIAa5oK(NAh7tAQ$;-I=YpwM!4y~}B(WklV{1bqJt_2n73
z2VdX7hPaVs1va{}%QA}~Jgdn^318-^@enC&1dW&)V{b#$H1X9@-#HHNib9<e>uBqe
z1sSN?uqWlpP7Ie8Ter1l5G&4^3jcv2F6a7~f5<QRwg=zcp^3DBrE)T-=s$p#XR+L}
z=3ije;`Ov%J*;HGRHI55jN-s=vcVv+iI9#Fh%>cJVR0Im1l)C3)cwV3j~+Id<qP<D
z<IKx$#RsP|hEOH*FrJFkt*5#t@P0g(IIe=oXUs~_+<wI&4tN2-K9hJ4S<vh9e7DcU
z*NjB<*o?~r4={REAU7ghL2YeoQHkw)`e3uw(zK@p<7Ch<R|77Na~iNTbZ`?bU6*kq
z!mHml|ADWRA;Bcy01FC%bPbxX<+8st5JJpezJEyy2M3zvmhv&7Wv9EETS;Q4mtw`j
zNn@uuC=eK*tim0;H$jdS%<g&WAjePyio`_Y+`k{Dqeo8Jz)gyn?n-6&D?YcRf+&|n
zE<mb{&?NFQ;(+PZ*rudk%aq>udJq&d@4r~ohUP}_;XN4@q_#bbP1B2iyz*DSd86`f
z@uN71IIPu?LgoUeTQcRE!!~0CnXC}rC#<t3SJdc$u2d%8#oJfg1mguh_WG;-_qom}
z=M#QDcEZ=#qH_`zY|gyk5!oicL?b)%%an54+w-FEH0L5N6FE{?=kX$XF&`;QExp^n
zR7nw>?+7b-NqI=Ne9#@ne=evy7!+p5EQZ9PJKnl5iU+y~rV)P^$FSSk{WX@;n_Mq=
zY2bmMm2U&j-bVn~Zz(=r;1mkTME!`~aKsIddfAGJ=i?$<VkEXyU0|`8VDNoAMaj{c
zHDWsc0yuzz3qUSz70UukgqYsHyvq#BIRB3f|D5H&eQM!)0tfVNFT2Z`Hdx9n%+HU{
zq1#e<ODZ^21-mRUG{68MByJvyBx5S@dAwLEQBT}4LDEbGdJVZdH++cc@t<w245)ZX
zIe)*6C_aQSjLq+vyxFjz*vOI;Oe`j$a5p*b-Mo|0d8M`$&_gv*Wl<S1F30M33sxw8
zUMwgjP07Q!MX>P5+K1>URb(h~HmD`GAVhHFEq-5|((dNOpq~50e7rd9d|%+)Y)4jb
z9H<gOyxWf;HZjvR+}vtqo_jNx@;UHNJ*M1E4-!+>aRl)PyqR|xO^+UCLzC1mg99AS
zr5RDy`0{5goh;bU^FTe17He5^`umQ1UO3Xr00TnK<UQ}7{Qf%)Xs^&Gru*oQr0J5&
zlq>O`m+hJ?uQkAE;{upozc;2lUmvVxUs;X}ThQ1XJC&&O#eccBxNZO%sub;oEReI#
z7(;O1ul{VS^*ak+!2l*QO}{WVOEja*FOromr6=YQKWVw?K1P9!-4MuLBhU9=4r=tl
zW!HL^5JNE$At3^v5ztGr$?mz?6_x+3of=ZG2E~zisov{hsdyqHA{Yb&^@l#rA#KbO
zlyY03Ofeyrf85z1YP3s-tAz~?kW5AqFYFZ+2n&1ObPyq9cHA$RSQH2lqj<(umUsQe
zt%G}fnx=vLNMs$u<}O5IE<mY&S2{3rVCO+<L*F)VFasknvKAp0N1GQ@{Q)bboqKeR
z%l`9=n~n+pYbKpXvVZUmGkd<l5}F6%&9*DDTy8Ah57iW+iI5dza{CqKt_){$XazSy
zF}Z-c*n|>mIPK2>nm6mj_%hWJ!TC}z_l2C9j`zUmG~6OFad=it{N8ke5HMj2x{J+?
z&4Eymp!0h(3Mp=r)$fe|PZw|^X2TrP^$|7YQp%I^#P-34Y%<?LnCZHjt@XK#p9xsk
z^nA@#;(#5*pH&(WXx)m_;9DgZ5`cx@egiR9SU-rOO(<gd^+Pf?FS5qeVmC#q!*sf9
z_4Xe8rO3Z{r98hE*ObT$O5i#t+>#n`@cO5a$-)vh>b9R#m;s@XH$;0l2*T-d%>a8Z
z*4Es}PK-PFo#)Y6MdXGDv#%tJ&BHDdPqW{Tyx*_vREmC}(_mZlT~!X7o)Dqd*u*>k
z<G=VOgm4{i*fw>3s5%BEL<Cv_K73Hir^CH|(x?x@s2AZ4Z9T+-Z|u#J0jHGpo3CYT
z{#=w`Xs2QXPBD&7KV)-2eo!|i=Ou=YSy5~4xKjIeZS9G2;=$uV8aA95UJuBthmMg%
ziYh3mYB-Rx$*(c7fx$jD@6?&<{*i49h9{Ce`=^dBuf=wo4#6xVlrOm&<uEptS|9-l
zR5Y!a3_oAxe8b`W{mPV=g@rqX;tZ-$7!`QO#akcUOE-Kr+P{EjxvSY*pM*bdCoA%j
zk_6q3f|l9}qRm$r>PN4jS?|QA<T9?~&5s@&HBEB2z+Yepnd{XjDSgTh8QF3eF5k9~
zQll*u{G?ey?8cYlz6ugp4z$xBtlwS5v^ukoNyx*AMwlJ(bX|bq(M~lv^i#VV?0N#+
zXH%XUH^XV53f#S(Ebh$&&R*%Xh>9L!P4TJDd;Ajo8H1w=Tbi1zE=@u45alKFi<S2U
zCzeD~1JPz468!B&q-)Zv>v0+H5%(8+aChbFKXn?dt^YsV`+to~z_p_;H;?-RiF}^s
z1d;>5D9;NT5o9mDCxx2@QV)tk8wdfD!syAUjFa$TC`#L3;a5Rp%?WDo^f3;>lMF-M
zJkik9l}1ALG}il@$~J@+P3D104S(FoG~y4yjE9qhOXeIkPdqaSAsmsJEJfACLPp?S
zR4WzBdb+%t2(|-byM@}KhbKxkUUbiL_n0v77_~5Rs~hDNBe==&U(w~yh(MU8`@6yG
zF*TSjKO8(S%>C9lzTF;M^bWyW41RaN$e+3%q#uvop{@k6EUT(HW8-3n9bq_YK#wfN
zuM9G+f9)jfoapHYiAx149&xZJBnPv3WILE~oep>;1vaN<sXBwqw76x_MJTGZWg`%$
zh;WYcxFr$pXBp;F+<a1**k<I62{yV;44ur>B|jdMQ}e+ioP-RHZ1W0+7^^9w?zJXZ
zVn@c}m%r?qJeG+6p9AGTJ6K1Ia2iJL-1$D2no<!~Dn22soD_SeZsNJ15|pqVh&W_<
zEMT=fz&=8^{PNKy7TstaglT%Cf4o1QD5#pV+vk{#4cvS0DBgsk3V$NK({FguTYdST
zD-U5od$4Bl@mi~cK$mV)NJSc_H$MlFyW(>JBNLM2+K?yI3JZ%bpnVbd^ioT71FVw!
zXL5AA*bU)4GSF7~_jXAq(mIAre01bNyWqKtLI5<WV*GSpc7J_0dhb)ms6VIONk$;-
zUC1FpHRIFM<tu?F)fr_lKU>_?4BvARs{cE$jOD#um$sXxNI_JPt9mQ8RR8yG!r(AM
z`i$~5gMKEN4>vJ{WT?^8f)eg{d*VEyLcPZYRi?6Ro#i#vP;R^g7yE|6ZoaBXyk@lH
z=X36!Lq;fb4*=<N+eg;6^UHEExg9{y1%LBmGp&1=_dni_{|puX=k)?s$&{mRrtbYp
z;9%_`CIm~N4o5}@RtA3$2`vZRTVV??<4rRO;{;6#sUs#E8J8k<_J`%!+2QspKa{HV
zOv%m+OZL%3(d?wt=SRG)7e@+yvp3%FZgdGCJTqxM%u7WIpoNj4(^CwU?9GPBIoloZ
za^MJKX7huyDGe9+v@tR;{-vYMJZDX{!-(ooqa3F!7g%q;AKaJ~3RZYeAj`T|$@h7t
zC6H<Cn{!ZqFvjDs<0$f&8eCzZ=WxUedj7j{aGAejsuqn1<z_uj&~hqN4X?rchQOzo
z7f}^M{#^3`hAeoG5f=n+q_|vgFG;fX{vvkS!<pIYicFxdpXB)qo5=Ijzghq_!9Yxk
z<asv#ZeqhFF*z?tX!R@fJG(p7od7e7V03pS^LZDB;rA;7RWC1m*-QxuJ0mPT_SDd+
z^DMdVoIu-OP4<=qGK{3_RJms76P;^Lw@RRE=zpDu|6|B2S0y94>h`r16k>%!5~0X@
z7=yt`R9=Y<8i#O#)_;e&qw!|q$H2xSVH_oLH&!sB=DXuC>+0%~Wkp@hCW|jOMr$o5
z*YVz6o>pOjkSLgstatTjN8mg5mvKu+v)A1EJ>(L@cOBMGk1-!%GB-_&OPI}BJT6Q*
zlGeoS#MK&_3;r{cP7Vs%_wmk--)WWt;d%uYsRinfx$fS-gkvLN`hcsr@Z65#o?3P|
zQ9QDtG_+KUzo@&`$YR;oR)>}xvN-RT*=v6HM6tMQxDJX)j}5=0I`e(;1@K<UldrhA
zsR!LioAEzDw)47>nH72<^LzG0XMxNnZYu^N;%&@ruB+Salns`nFe#Sr;*4eztD0-l
zy3(ZrvS=z#&k+I)ZQi}*R^m|);_eCG5@|&RiI=^D+h-rgz?lpVs=ibQ69r}*myCNW
z3x$zjt*ZZPe*IR2VA{EzuYEe`ZCtI?gbV7$2F)#9PEgf-eduj{u9U0IL#2^QjInLl
z-{jC*yKCmJ+*fw&`Xw2t2l9Plc|^9efbWpk6T5E<dS{_rJj82jN={<lVsjca&sqTh
z?1E;#g_76JT6wl!C`d{Epm?4(+S?W719cI<5(ts>8ogW77jZJ7IFL<AgZ9^M#H31P
z(4&3jI*Xue0_DNN49oHDuzP?NEy%akc6S+7{^&4gj-DbYtVf^O)2g=@l0Ew?y;Iie
z@;BlKyyk9Ju~d@eYAF+uAPh1W8=43ICs8<dDtkFs;~;>$XQU3gl!Pm4WX4W+Fw#lO
zDixTsz5Rw2LX;W(C)Jgw!)I`GnF!aFT_=i=L!N=~_B586^}Ns$71IyPD~#&)8D4ns
zO~h5gn>1_fVDRUK@%3rV)~&4@dyC^KxZ}+P1<jk>IUqqeaOB2I{RF+4hn-PzY*@pV
zi=<0)gNF!PPTA585j2Sb%c-WtsBh%gqSxQw+5=X%keiQ5z`U9?+oz6+4`g9s7{A;#
z<^ZM(|JU~g%+ELCImTsipe<KSnELUl*b_h(z;qxDbY*fE)&FD%qhKr9GY`q@{3=n0
zWovb3sf3)5Y>{U?MT-Jy2kFVqkca|`zU^GCg%vbORS@Y69TAgox2Oq_G*ke$3B4%#
z`*3QchtmXO2pFW_b_7$ZGsXpmSR*@lvA1<bY*d=(J+%BE7e95Yf<(IUxY0TDCsHB|
zU)kh$e`;rO=sC<ut2;9(#Mk6yWZmQCzlU)I8jh8CJyjLlLcuIBdp3E{d8mw6WCYM`
zVCamax0}N$eFrvJ9&0?Cxzc$w>ZHr$evqS#{Rkk~@<tAiGvxkgIF;kM=+d`F$|GEc
zq%C|gp6NXJLiJOLt0oEprxzMrYvnQ>c6=bw$<<6LYW<ANCh`K3(l!F!gEZHK+kXcy
z^8q~-etsFnzODnknem*Dwx4-<Qt|(D^V5_RroKF)AucR&lN1(Ot(`pS{uLFllR~dD
zpcB{rXp<r)^wxq<N~!x%8jEUVkOMBK3ri-s0ph*IikGH}IVK(%;BOY3Slk9u65k!x
zNPT&AW&OuiY`p>4TlqasMP1gn(_fq}z}+9nWNfuDhiLoFA7?)rPbQdUZ`54ab9}lm
z3ptIyVu@jd%~di{v)W*grcZi1D^k$(2gK6UB(d(BzUx_AsOxEs5gX4?HbHk@x}g{y
zB<+h6=8!7Cf4q_P_wn(vdu8G_mZGGT8ccN#j2>gS+nqpe0khIAJa|Ds^y!f3%u#t}
zPzM09l51H4Vgmj7C<|mhnzd|^@O7-+Hx!qqma(|kN8tS@C8wTH5v%{3HSEX5s||sI
ziU=v%K?6!>TB;kK$9rSjm0=&5I37ud@cQ0B67P|<jH2{-@%N`fwvk*$A?G>Ck1}~E
zh_Qk_$5jK(wYM55QcZ5lO}4;%f5;}af(xbS5lZj6te{G+Sn~hck-c$&uv3ioC<OcA
z$cElnV((AF8Bmg#EJ?{S1jsVLP$aGTL#az%Uo0vpTXBx7(83U2+icLu03EpAW5znu
zC&$Q=o$bhULfncD)^w)K2y_{37^^h|a@@Yzy<pgxo;dn?lSM_01<zi;@50l?h9Hg6
zYlX>r?iP&JSR5F>;=F8k!_Rha2)M@N+esy%-P;PYwlGd}6tOwyJ_(;PwTSPb<ee2#
zPCjB#R7M<DKbA|xoXM={h8ffGS)qN9T$D8@@=_r}R1U<a`C|v|E*=3}T1F-``1Bf)
zgBHKJc5|BU!Q8%qFrfpxUtC@I%>$WxA%Lyy-P4sP>3XNIGHp12g9mDd9uERAeP%ia
z2mKd(vc@Y`3u(<a=@j)?#NJOZpiI_@SzcJL5VW*CYOT&3n_%;k)n-XLXQLIBzV#|B
zuAA>Ip#w7RGp<+v%I&Fa1?E&fQ1K(?;?mb)|7adJlHiE^<?$rh@O!C)?I~DvS12%0
z@!}l#oyQn(>{qQtpHj+Yh9f=XFAwspAUfP2BtkxNhHAkE3dO)kZa}SI_kAix(puSD
zd<&hP77pFJgG9#CpVUwu4|E<k_4JZ`0Sk1|p~;Ohgo5ZS8_&^H-Z=z>Qt5BJ{gQ@H
zDU<>!hK?FSp)37re;+a`K`z8>|91?NH&c0nr4q<Y_Z_RQr%4Ofvjud@iZYg~_Ke$^
zqBu_zE0C|7J)iojr9c+6WTuje%&!GGojPIa9h9YF=&cMxf6##Lb{JwIPOwQqKQs?{
z09st9YoPXua~I(40<hn?-1bts0@xcoxjnwIIGwK*!Ug42eRABjNr3!!*XFZC!tn1G
z+SchC;G^gU#fu8Gd?&?Sr|<daj>+0-gpsUhr$V5BpyvTl9rDJ4<@W+K;w3w6j0FMQ
zPH0^(7I0xBTKAS$E%ry<vQZq2Kb&#KgiG`Oh3$z&9B8FOr+@HbRFt(C-v(woajjxc
z<98YzcQPA~FVF&xI#=tzHvW0uB$(33@WkuYvOMBFkbq6PG1+{YY(9+OHSxIMDB$w2
za{ox4UzR$U@z5YU9BXZR8HBurg%fLJ39!@V19zPAOj<Da;jmRD4zSk?Y3<z!^}|0I
zT<n<YsL(q*Z=!>6HR<6eCjkWp8vi<tB_p)9wq94Ugm66z%<HXeSY{9F3m^pgE+^Q*
zL~kdhGC?dYEqPe$YH|siZJ8*>b@OoNZVVGl|1AWROl)p$k^a|BhYJco1~d7vzFGij
z-0?!+`@HVwGu(;AzPTxMQ*NB4ofyhj8P9wkhT{*Aqn7<lW-ZY6`|!$~ABu?aivx}0
zP3ZrfZ_(dF0s1*0>eOMtZKowbT%%Fa)*FC+x!r+geHX{_`Y*xh1m5Lt9-h1L!%n{2
z55*w!i#Htk0~Wa(fD0vH5tz_Tc33l9YrC;OTW55{I;Gu=`|@ZVKk&HN=AxzaK_C~h
zHwDr41%Oy<#t9Qj_lFGl<-dX58#Y6pKeEX;TKMyg?W5_O=lJhNG^+p}IrAA$xcgZ`
zn(YdCQ+Lq59r!*H!{~z=HF<vvH5XHU7z;6em*<N<kNE-;-}48UkmU&Xs~=Vef-lr0
zRYFKrBOzJBRez%+bKfE|QcyABPw`1r+Hk>Jl1<B*Vdg52;xm2yx_~WaX@<WMe3EV>
zGiN&kO9SwR%sN2^3g>$pmN$KC-04PpEpa&Wf*3%36QbWu0C*YN!Y;0-`6!b4az%<P
zDoPshzpD)WZ@m#n*%IjX|3pEgPA)DXe5(Qfx|eVxWZ_k~|Ff{ulaYw`{JFfev$q=_
z8L>&`!c{xEf^Z!XnGF~QtGx@c!40z2%coNWLO;sMVK7)aTu&1_Sq`?nJioGJaMo=(
zyCJg*Q}2Z2aWEXWUv^Bkj{jzU-P4I*??lIqE;`{yi6}rPR*DXe#D;Zqg{;kAqzdG0
zAd;gSQJjk5bB`3NmGHPcDh(}I_w5bJvHEZ7TqkDkot|+FUH=F}cLqw$%Nc_&V2HlM
zE$rTGg$RB>kBn_kH(%orfZxsuv>H8qU-iENaH{zr<+BB4Ou;C`-m{5Bb|PEr9p5F<
z0z3EqxzmKZIaYVu9udXoe{V*pvcnHu0Z<{e&)Qsu{yru{O?`N=Wr0)zFsMv#z65AE
zLid}k(P=+Rf~<|98f4k({k9C6{!}J77WaEP+*_Fu>4nUrTNEUE*Oy2@!d&s9<@esx
zNP5^uhQ;`gxR^m4e>Wja1L;6KemIT=HnJ&9A@gzaffU~$d~Hh?kxY!D%@-uR+I20>
zbLv9P_~%N0QRh5ffENguG@#&64W0!4>0&hk7=kW;U-93S`oj?>l0$f8X*`A68AzE>
z5G6Sm>6i`_oH_Iq$O0V(e!f%XtqVN%C3Xk)1<#g|Zx?@4dG4R#-f~#Z38B4vos~Jw
z7KrdD?+5qjcNT9XvPN!pM$kz}1`BiXOt~o#{Zsj~UeJHE?@$}Xf-psH6NKd|adC4h
zyqXf5I=!mvb{=s|NMqgfb8)u$>kcCsrM13!2r@0;ucvMO`>r-^Zy6b0DQ>kZw@R1H
z2CXii90sPv9)EY=kG6J0CmB0CZDW6|Xk2cIC1LmqG~UA?85+S4e1l9jSh0@3!Yp1v
z`()?<-nRbVHkrf6lq}6pBPl6m1!{{Ve;Anq4V^&#j4;q+Kc4Ow>h6ZNAy}<MdrUjM
z6O!L9drEQ&v0>qR5DjjzTiT>eIt~vEV7N*Ymh6+IE4+ib930~r9^FW(tN-kvg9u$q
zOkhGqX(j;<KU7tBkB%TUN48OEgJl21#x#ovFI|N8A;Z8Fh~=0mydCfE7RYS6S_o&L
z=w;*CYDDWq*@mY~l%N1>bEAWw#Esit;QAx{GBSan<k?!}-Y+*=E;OJ*Hycr)3Ki~2
z9!NV~&k(ZrL$<L=fCUd`S0mY&$t%3%J{l^ObNm^7-AOWzoBmyoR=7QAyRTQ5DLqU`
zYAJfNKNNFT%@93;209$}-3)GByb$a2{e!WyJwxH2&ZnzO5n+cWcN1>X%&x(W+1NTi
zQg<^T;cv$Z&hVW5-Cty@x4p2Glul#c9&w)bxO+`kqcEC~_dN2lLw(*`A}(&vJWHwL
zHZJY%mL6)!Nc>=aw_b+9stNTwHs%S#EDxBl1>YX?-QZo-H_YtMK<5SaZ=g2xr6!(c
z7{*yz$;oFeG>DGsJoSRd=~?WJTjogs^}Yx<+eHksN4>1K+*Am`=@W_*4OJ;RWF!DM
zH7bbc8JI|gz)Kyt5a4x9nAFK0HIbECyf-EW-o(U&!;QZlGm(|%g?`FwwdGA#PAyir
zq^>+0cvi52<wX9nM$sBOUG}!|c<_|heq%RybzuL+{;+qxfuj*l!2f*+ae1XdY@6{J
zI-O)4smqTqHM$~Y?7vNUb8^?wlw&(CDoHpyP8aOcZQ;2;^Xz&29K_S~WZ<b|VRQ`L
zI3KV%Syw!_`(!D3@buGyr^^EqEY}S+WSh>dnh|Wv0XK%Lv1ddf#K&~sua*3@kN14d
z5i<B~U}Ty&0chXn7P^P?J{c-f60`icU5;?F-i~pHxZ2IJ4hzr!h*S}S+Wq1S-|LH(
z06b~2Vj*9FFE0K3J>v;<kMomz?_XgPjS$W%j97wq8t<ze+?mco&sRvHg+JLw8wUK2
z2{~cB&1q$CIXngu<RlU#(w;_l31asIbWP7sdQA?|iOKrr+Zbe=_+Wj@%1mS#8eASG
zDIkglsKWnJMw8BwRz9gjBE7<(7Wu#@7vpel!vz0XAyj4t>Ue^HgM?&ODy|;`fs>i&
z;d&nPKHZ&W&uEKJHR{V{z>Q{!05pq6+){JsnayjBg(`x;jZhSoGMcA1lJ6E2RMPLf
zQkJ`fR{}KZQ?dJvWKAxC*D_wio^Qe4QE(k-y}9o8DbNn2p2^{jKW#jja|VR8-K6J@
zNymxBD0c7JI7C})`QYu8Z3h_mvw~$eOI5Kj|2?<!#&dZ<l+1AdJ6}Hw1JMcA`Eq5f
zmtYr5^g^)x`yPg2T0Suc2N{U@##v}(uf`x&US8EGw!~^-!eOlznp!Awz7?jBC%8Dc
zyYnEA?0gpBZ54~*(x3mU&7yd@6LY%uVD;}sW9khc0MVhv{?>sUj(i?h{YUyz$cf<i
z8r1VWWtOGRt*$g8Uw1zg^z*%Md?c{+YJISX1oEt828Z?D9pRA4|1qhX2g57+TC8*L
zVb-FszLvdVVR0909VJ(X8&#p6zSKy_(M(nH?p6%BI4^?L$=KL}N-r4TkUcWuA!n_-
zdl(_8uN#CX_Io{RsQPlNlR3x!(ep~Pdf)JU7syYUUd)S#;Pb#S-P<*)#RX_A8|Q+~
zm4K2#qLj)agdL${VEmb8{h3yn_aE&^Ga|71AKT23qA)+qzx8#S8gbhyA`DEo;Oz(k
z&Kohd(&2K$39QxLsHiA&j^J(CLR^Y`%w;hF0Rhetu}l>7?Ip;+-Uh%S1#o7I0yY3K
z7D@`P%gu#mAq<>O9ch`FVL%56>iYrl692O|20#T(XSXI<aZ43TBG%h)C<5NR$;pb0
z(>^oI4S}?U6p=`%e`Y8HhmU8AC<#<R1?loJo&=FPY_T_x@InV+HXUyfI3nQlTp$tx
zb$fS53Vu^ye-E3)gb;-CxLkrsui^YKo6jX6S!6Jg*f9Kb1Iz%UOC{w9iS?0^lH#yl
z5Kj>wg9=ndtVFVY()(ZT*taT#YpL)b@Q%=ejv6?TLPv4+3{4<&>H{0Kd}c&)B)9zV
z>_AZyz5{it)db=zrdN5{@_+l+D4?YLj|nK`%cv}1zfZYhC`A6l^AwPQ4N$~@I{gG4
zFq?u!CmF>bhmgL&Bv-!UQ}_7a2JLMvu;%}oBzB_`zSgIW@>`fMmU12?^sow@O1rOk
z2MR6dz|cZWuQ%I&FI898Qvmd4Ak;IyZ~D|(!2+NwE9L+9S1dV0xE6`U9|<jU>bkQX
z?C)1jmgdnze5Jrd+RpthpE)yC6s8OC?-r>_M@5MN1}0X@pn*f5`8xk-4dwK@x#w36
zPy4ydbix!MrT-t;uUU$OnjF*8^gvn52Fa1wu#NZMa!;b|horR(>M|0X@i0wn4qS~j
z-NfX;zf2yp#mS`XPU<fHQ|52O)S(g!rnr&mX~wg#eN}FG%Hg53YaYhxYGViQxS+pq
zVrX%YAJP!hHs~9M!Z(_n<GMOI5eHIA1Kdr5mki8TRZHX->Fxbss|{5p64eh{9KM4C
z#vZsmNAFY}y%r5b>Al*cvtcOnDT=A7y_#QHIWg-YED-<GLdhT_F)i+3Rrj|`6Y6dH
zbK&xnk{reBgNDm-UHU~_F-P9Izk1dthxw6K%&^=X>4#Tvp4=}s9D=cw*(ZYL8)-po
zdg5Lb1RQ?(#=IIo*mK1H{z+K~xL>zVo$R**(1s+PfiYecu=3M(&KIGyp08Oz7#!j2
zZSds-;H%91bkmVX^mNAcfV=kKnVZY_As!RPwNiTb=f7GyA_sj|Y$btLhIr~@6@tmv
zD3^5w55W*_Lmz^gm1Q5R^6JyjF@3<*>|&eOk`qrV@`<kY@r4uf)1^bx`41=$p>IqB
zyp5w|Jf+W9cJIwMp5yBEu)Mvz4E}drCfUZj#hfg_>F13z8zti34x}OU6hrZh^qw?z
z&EO;Wo<2TDzu2)q7#t3(*t4^qkc1a<%1slCUulN>r6<S6Tf`Sk#t<_E1`*ba+XEd!
z$a~-aI^p_g;+a0ShPU*iP>RBKufvM^DTlYZrDMcm)S@%?k%nPa^~CCgonV|rH?PP%
zfX#G0G?G(8Su0B;7ayO_#>Snk8Nt_WAIX-P({)pv@E1qqtKPjb3{N{o-WdS;$xOa~
z6`9ko2QYapZ$xUQtFV%p9jAo_=I=)P&jrzO%TAVUR;hwmQe}<nW)C{BRq&cZ^NSW1
zPDXz#7W&DJYED>K*tJem@Jdh30^icgV97_?Hg=~P05lmt14g{!O#T9-P&j!XswX`d
z<Qk6)%iC8MdbgC~KqTl+N@8l<Am3MC=$RO58eM;$MDd-{cr%#{0TeP(q}O|;u{yk;
zRd(k<Sqhe`kO~j;RYS_4<6xPtkQV1<SctA<zr1cZ_=e_w#J__=V?!c($!4ajx)+C-
z?vn_Somz=ptgFH*n(^E1V!<7xg<!o<iBNLd2L<Muo-}w~w{rwOzv)@-Ks15;%{q|W
z_gT?=XLi<8d^v_pF3i6l`DC{%usk^B8EfcmZzptb{*ndnYt}f*!?5sF@gkiw6`mM%
z(BbDLwAQa$PwyI@%U7ZkCeDWK)=8&}h3KNG{Hy`<WDt293F9H1BIAc}R86(_6F-FB
z;uw(WR~^KL-vo@ybUR83h<zakN9Dy+o2cl6r|_i$fp3cD0j5h0)#%40rfgq@T3MaP
zjX@zwe<UjT?j-~ET$y|p*&(q(w|BF0x}J=-#C0-d>uH${9|O+#m@@K@fBf_!S>KR%
zp#E+!6i|kPLnXTN#sCvLJ+2n3j|0ovz!n~KF^k!OVSoL-Xlx#LJ_sbL-)+C1@a~83
z%GaAHbynX>Pcz4;Tk9>qRVXZv2D^VLG`+kc$%}WmfARc^+bqNiz%O&4GCDl{lJ<AU
z^-0hZR`upWD4+PNbTU&nFFm^6oK3q^&o=YXPUOG~zI(M7-tmujP92l<F<$7pTRJ2x
z9l_s{S){rqX2iaupe3T4B|LbFf?%za&?9f8uWy^MId=*r%^<MFzQ<1@DGIqeA@<T&
zK35RDnSSE$6uQM{bYh=vq@O?W-piEp#5b(3Z|8uPoFJp*PG`_Tkcyd#LqsIKrPJ*P
zrJ1x@9sNyMjs80MU64@A8>Fx{E&4?|qvVaC->!pgWL?B6(Ao?82kmpLO2@v*@rlvg
zoaA7nqIhhjC4yprIO9gVZ*v@8f1PtAuJ?IQM;QWPig2!3ms%_Pbgu2g`TR|w>GVUu
z4na`T347j?2HGv@z2&qjIJ!fyQlkROUct?52<l)rjJo{PB$gaHfmF9N+U6;{_~+mR
z&6pyoJn}(ysr{Z^A+_u6?LDse;YC4s6|4IdAL#7wzbc){aku}n$bC>$jbaV#@q>CA
z2B`W+rgc>cy@aZDIpRjZmlzx)?-6~SANJsRmfY1ZVGb>gUXv-yulO*tv1Tz^xSiMs
zmkeLX7}+B*g1Bpi7$2c#4B|%i&-4x27l1mt+k~-U5ml0&Cl-m9nZM2_1J)4wonT$1
zF#M&qygot@_8owM-z@1ClqM%DTXofX_=r^)-y@jd3jY3x*kJp&8?(6>*#>^oGE^nr
z3>;lH{XFsq%d>Dh0$r|nC&Z!sWmU`!Pn^n$BHMLWK1OQIOy@p6>E80%n*h>}lLj6K
zL8|yZp`gB1_kdIj8`_bIxgu0_^pNRn?hx3|-p^-z0>Yydz}aFMDgnU<l#;SI(@TQB
z)*Zxak-8^?fC@%e@jmKZb1y0=Zb`H$CZ&tZgDgt>z4O78bG24If$geee@Y~v_b#@p
zsv)p1SIsh!fxZ8<zIz8pu~wwms4Ok+Gb04W_Y4N=@f0`=e%t%_3*F}FioVWK9X711
z1TzYJ43Opv&c5&vOQ)A(bKjjF$hVm{F#sdsS{+VLH(#N|hQpfI2cAPpoo=InTJ@F-
zLch|r>FcJm)v^nM0R_c=E%`fSiO}h~_NF%g0rb7Kz;-7}Ivp%Q@k(k#V|u=HRC%-G
z1!rTGQDV{2&*|Ho$}E}U@x?wQuh@blu_4n=pAGS;Lgzm8)iz0NG~KSFR0C!4#_#zy
zY0YOJtmq(l%%mzj4H~S@x}WE;M9QeIfN0H?t?rfucZJ~%R87;aUmwqB@R+gweNBSD
z%@6b7-Bo;*)aCZ$jQo<%1^UMjzR;Bij*<!c?d^cUQsqV>MksLSaVOH(Y3<t$+o(`N
zeXhwB`{`_Jav3}AiQ<Zg{^k)>R>dc&^iG&SygjnX`Z?#bi2&Mr5z&&AVTM90GET{S
z@U4^J<%-$Uv*mPS4wWo=U0|7^@%ZW1mu2hWbUmljWWNm&;UF%|5Y?{)4t;QckXiJg
zzu5(L5MUsc<HJcnYTT`okrz3Uygz?8Z6zA5J@>%VB^!)dtddQX$x+@~08tnJOGY^z
z6;eS$p`_f<*hiHjk6*FS#FI#?-U(|Y7B@m)Go{}1igyjay8@!l^x0k)zTQ%dgGxzk
z++uG9Wb`AxP!ZCU*N_VA`D)+*1{U+mtFbRV`WI4ZJWgcKfj{Vbd-b~)P7m=1d9q84
z00QOvm&=7txhJ=zn3C7iWpaM~Q=FWCU#_~#hhPBP5L-Id?UMiqrZbj50T;+;fEJ1G
ztnCScWJ3R9VzTDjkDbdP$2}M)2p%vXJnlvV0&W%)3yaDOX06?YI-OBBd}&D?NEkH!
z{`$mWGaIWa8OuTw4ni|Q+t1Q?Y>|*h)iY@!hCfy{O)0>Eq)0rrG+z+=f%vL^me@KQ
zBm8(pUM`!LizNU}9+NAZ9%49xD7;0*$YL@ijc~mKzl_f{oX?#XupM-}{jCB)rnawA
z-~h?K#SI>^j5uvnUKBs{j+$6enF6ScjiPtootppTxgicDUf1Y*Bo2^NH(@(g_yA3R
zdfT_?gCzLjkM*wk73%k3K}N%m>Mec|<&6^iV?*g+B<iPhyeCK}Zx2kH8>G({f8^ho
zaPs?q;E{~<#ydT^bKG;oV}>g!yK7KIU0_z_Do18$e}F9<D~q|&;Av>*!#+Vh{uXFn
z>jdYkad`d@Tlf}&j*y=|vwe==f_mLf2%NbH)`}`#!?II-oF4XpPrcu8X@?+aGueZS
zfBAdv9HPA@Jydt=5EMCo7wZ!0UT(F(Vz35v9iH%bK5{`NzOa*?!kMtk^ldy+BfaGg
z?CH}NinypZyMNZ1&Kni6XfN<67Wql&fAH8a=;_4w{jIXxds&6N)ZvHXvrrs7I5q2_
z0wx2f56?GRI<MVuNV+)&x@I9F<+ca<nWY)Bw9qr@BZ%|=5XFDNkBPyqO^z6RbbPmu
z99JVbY{5D<FfXT}FZ}+K#^d*a!jvNvVPp0oBomz|{S#3q6<k-l0&rI#yUes~9pENL
zUoF&uk9Bv#+O{f;K)?x_#;4HFkJqW1#2tvJ4GBIvE3TB!I{+vqGL+0GO))z8B0O*F
z!6Q%1%8L|_*4E}V2KnM~g=HouGJY$svHE9@v0$)zTF!0lPS$eW1+#PAUHDY_49bXS
z7y{*1m`VVaPq%HgRKaZWq&HVDfoM!X`OULp6_q<#y0=tX@+gonv^E^UYJcS3RC}cQ
zi`%%HgdS<bLtg}$*U~z+8Ra`SlkFSg_@f@}$aQ!O-9*^{RQz<b-5uY~kPUKlm3bgA
ziJawn)ikr&0(xB|!)I-Whjph9br-lC1lhrE{y@>rOv|D)2JR{5@&cK_A!}{U#Xu>z
zcCeQ9eFn4P{_Dd@aG9{Itf+%40>>nuh<FxyDD^Mc$;e%{LTI!`$rGyK`5x4<gaBB|
z39Q1RN_pfIFjXQrl6b|SavQZ_6v0zYb^**YTx|-Na#V#V2ryncZcWjEv;tYmwSQV>
z9Hsoc+~_RQ3ZzxB7+&qKhjGe9eP*v}ltAxQmUg>x@g*KqI0lV^K%E^yds9A|07cp`
z8^zFwh`tmtgL7!+sq%ygt%>PD;h$1SQ#6~gow&73PrMi?`PgkGB8!!(!&DBu1UA=4
z*TRxJI%rN>K`gWiw5h3B(&<?-Pys7-nJ85rg=F-DBn6TDw{XchhNiaqSR@9Yu;0J&
zDE^s2$}5II#c3N#skP-*%hS;k<3?>_Gbbs@YK_I2YPI>Ir=A&i9Iiq}@^>LVeEok+
zy@OY!@B2Mor<#nDZQHipNt10&m~3mZZCjIVyCzL`O`eQj^Ll?jYyJL!XPxz&=e{rO
zYhQcw$E*rXN!%9V<-Jvq#MZ>O)B?c;3U<Pe3EihG8Fk^-rw6ep2pFDWd;CdYYX;W2
z5)4Wjz+vSJ>+g@TA%FLT_*2yjo1+XP;E4CI0dG`t<}c~tG%iAB?bSjnww{fpGuQg-
z1>Z*EnSFt0M>7)6YLL?eTR*%VC8*~%h|wB}Fmb+&YQK8YjZTC_ODQzfTvB+OnxBQk
z-Qi6a8cQD8Z-!V6g&wao6<np4XnA-aEx^z*9d&IYy3__U`bYvVJFz@iauaWyaHL*i
zcBO72@df-4OYdukx4YkFZI31S6~-klpoD^{bqaJUpFv%zFjRXkmim>Xr(92%f6o>N
zI*SwY<zyVx((8ldd!p8o60t*VV)qQoobd+25X42gu@i!!N2d`2K7t(j#i9Oo+eta&
zJ#|%^7{e$PjJmI&EHCo&XXm;2Ur5Z0)7#<8SUGs#^1hca(6c4R)IfONTT$LoFE@rH
zYVe@X@(%(=4D2WC25?mq(o}w0z00%XvlGa2a(vQEoh`dO!s~>zoa?-%NaeFwv2b&?
zjJKAPnLQLdXYzTT&6**X){y(I_2l|?ZDwrWfeO#Bk>4MN^X=4iJPbnoi1gM%URF;v
z*Sint*5$gDIqHVyv%Rjv%S88v75eI|<Q#1OM4>KHJZ)|vWrvQn)a+v2_%FZt(w89F
zDK}&m{Czoc+f~ltTz*kwS}V~UQ$!lcGg6)PJa=}!YnD9zb9M)$Lmlh{O!C#NsJ^cm
zFCx4;tP{bf)Cvb}3K@>)*&F;0=-K-(V|@?<hA4C0vecB6km;E!5);ujHa4WUqeB7$
zz@43)M+2Qvfk5D=C?}SuVPO5~iOFcEBbo~8BUB{HoUeG)vshqd6yalf>?P^bsH=2s
zwtsmJLQQnn_FOsTMu&Qs&I~TKP#)uXMu+HgfR%LdYWbtfsiAvoQt5TuK(V(6`yb}G
z;ACNEOYP`kJy@!5p>vN7EO`oOJG{&I-K0@&L!&u&o4_9*<nQ*T%wOCn^y!O3zq`3X
z(80|umLlg!l#*Uw<19M6NXq3JVRMx6>C&q87Hl0BC{tK0mT4f{_1J(}q{2D4-S*cJ
zl@vl>n-PTg>dv|C0*ZQYI;gU8X%MKE86_o@+|(Rgf-33s2DsGg-3xPx%MQ#3jW_%i
z%eD{UsKT5qcNd_RB6_sn_zVUU4w%^vfx|wRWV&cCzO?Gq(F#=iccF!RnDF)Z*)Mkz
z6ii(Ceq1vZnr&2IB1s~}-!gZkOO+uF_z<x=D$-<Rg;~cyE`0L6pQ<S=UQYn-bQ{v+
zNTG|cQjD0?9`8ReD}20SN%wK?Cw=z1vWstL?xLH5spE<$iQ*NavPE#e7a~hUz3nK>
zaBj#wP~u5?Cx;0=c|DnDf00akDaaFY0h4VNgja=(j0`p0(-2<#vLjOnp5ghuRl_2W
zH}e@5#oO44;zrd*^Ff`o(?j~JoD2+0q&945HEFsOq;4VsQDt`IW?iUBV^PS(O#?bu
zg)@)^CYC1)Z|XP#&@ug+Vx@KFhhVyV-Uu^$<YlWhc;^Va^=?8Q+%bfOd7un<grsdy
zEgIt%46)#|u;u=c@urd(s3QWIkU}m`EiE%a55V><d=$^<n~l<VGd>#Kuje%R^ho|H
zgm|U#j)W@gNpF=!4$FR1?79;9NGOHG4-nabL=n`_{_Di-?79>$hY)a-(Op!+fL4Ck
zDYYR6UNQ;hxbXRc>nj=gYiNpPCl%w_4i~n&w0fl9B}`!-ZDfzbeVv1ZH|jn<Xe-oK
zc{1y+fvCOB%QidkI*1q>enA<U{t7*pqScshJGPIM*@w#p&~?sBzWZotj5+$~w=DSI
zpMMT5WmBOf>PMc^jfvZuMl#1)%;XUBM&rcj+dnx^|1Mkb1jGMpz%g4VkgG2cxDZeT
zNw^kJGL=yv_W>&%1uy)|)y`oDNHbB}l0`o#UJR#`t76`rb~iu$^epl!@E<Dh$Pd%`
zQm<+`X4v0TQ^OdFh$s2&)kjpKuP+GtA2ON7Yy>#{Rm)^+BBnN{9HdHRZ@DEHQzfM|
zx;A1dS_B!V68A!iPXo;*LdOFj)Eg5Jsz9s4)e>3fO=JZExj2qk;=GB%VT0LOf<3(+
zuF&K7JG>DRkE$dh7g2>~bRszwX!p+FUDDc5$@wQ0P;fkmqyQIWOcyMU*>5L4<Vg5!
zGMfRW=iI)Ln-;ylSHX1-V+YrMhZ*U#(O@#YLnZ&=aJ-+ToZR}J?hV%#?gNzZK2(3S
zd-F}>@dQOmu;_yfT59zB_Q)yNYtAEz(j2NtbIz{ARtMXv!=eVUZFQNUExrk=B0MDj
zO3V9xEM&`{Gi+`$xR}f0VW~q7xit{WW<f?uhU}H1G@KyxUId+q)9!p3IGD%Q>hl29
zAEe9^PKb;U>o6R<7rUzX4cXP+BIbQeaCiMD3eQMpbVBjdhUBtDp{^$5Y99Xov;aV8
z$s4xUtgj@P^cg|60$%L)APoA(mgagWZMWM15hL$R4Hqt>sPPicD^^xgJ2GH7jl9|R
zpDllXsYcGSi>gSiy<y_VVqIdRU&%7Me;m>Lf=37O-ZH+Dg6jmYY~!tXz3b1J5v{ht
zpODhEc6<#EtEY6HXft^agwkwvAfbG)iIJKK%(u%^5T&S08$BQSB-%(i&3tL)I{wjv
zWY@P}F9zEDni|OV9m<BLu?$`oYzkP+fde~R)l(p8e<ML#rku~80Kv3VYhzoJcTEMk
zw^F~b|Hq`~R3nr6iGp+P()YzN!$6kZrGO*?iiv1S?|B+~B_F4m9{UGD*k#_O|0dwl
zXGXSRn^7QKkj%F~#z)G*e9O8>uq(J@1`Wz6y;znq42)g=eA}uDeBcHHHZcT1Y0^_0
z3$2tZ@(Uy<t@Z4weULC7yNjC+mA>Q#<3T9eHx`1Of_)oS#kzKIR_(ycRG$v}K@q_4
zE}f7ZgvFGwkJqs4IQQ`dZuG}^oR6yqmZ#DqVj@=c(1W_#oIOZLyeLk6H<@y%y}Z!j
z%9m78|B7mShxiyv3N>*)DXgpxr87#2q&=QvW4v;g9VZT*^tw8c3Pl0ubYmjDbKb^t
z-wwZo_(-sex4S{_n)3dgB&zsGt(Q&0R)R4nSVBZTM~%S+IG?x+L`4m);%`%_3*qO}
znI19x6Z2=*(-R;z%$T44zLbLNi6+G)B(;@8p#PS4mHpF;%yvt*+)C<GpZL<Nz$dYN
zc9uF!QLlYqQxm=|NrjJ`9J2hxDT-6&d~A9G_R(jAvrLdXk|fxSMzBg{W{At_vqQuW
z=)nt^&+QDckfE9&E`+kOwl;<}a|w^}l~KciutYIXo3pjEV|h5r4QatKrAQ*D5ayx8
zZC(<G;q?OJIT(gx$HLKiU}GW*@v2pvZCWa#(nF8C&uZnv5g(nR9N-oJ+*rX;rgB_k
z9)CyWH+U$gReWBnl&3MMtB|=-Maj-U$h{0JuzN6apuLm{Y^25fL$Z?&$gJgaSB=Y4
zb8nRrDlqKEn}+!j8MMU30Gb-WU8WytcBA6fs1m8#Cx6t5{~O5<%S5_2s`E`UON+OD
z1x2pqT;yZfCH`g`26Mh{$(GjmD1PB;878dM0%Ic<)#&L^;P~qVAp~ygF0!Y?P%$Nl
zGamAj;TOR8gIeYeteN358uO=Ko#`#6^b+FO{AJ{eMIudQSor;nq_-`?>wR`%VukU2
z#T52(4X)@6m&DJ*!4dTZ;r;A|6~A*r=gHs9&c~JkPI15+u=VLL#xFZ^mY}rV8p%u%
zZbwUw`CR=Hddj~*99&q2mgl55WAs;~+^{w&^(q}!h)POVU|cdy<Y3%Skep%^so4d`
z?9+NJCO8IxO_jkl-<t0h(NF7T;TFbhqr9Y;!WYgRqd-c`iw!tB0yBP7OygwvD9YG{
zx1767Ip3(I%zKmVC^LtKdf|`U;R3NO8Ou9X7)0GEM~8JM^7N+Aka$Mr;D$Id#wL;<
zOWViFKrd+=?01OY%Q7?dF28(D%_8d^M|@vbx^U0KwI9x+SeP-ULP(S^8)!_h(Ufnc
zu_tNM1)?r8Z6nFXKR1P}GxaUCP3XL3+=Z5|`S?4XP~T@7wvFFP!1L=bLF{WgVZPO8
zd+2&UDuZzP1E)>a^Cyl4pRu^p#~He^Js&7?-02GH*~KzF4?-?igykUCQ<Ox{Ckz)0
zJa#uC24<U`LQ=Z~*}tDhl%U5bzj+!h&zoVhe5dC{#11jvX#q`)fxU2kNPahTON$>N
z53~Fvuo-uF3PPP8fv%Y(CQ6@}*!b`&isEv0xsmn!v||R`athNkLyS`&dJ<B_X~%{I
zck_E%4JGc#+j{9#mqgzxYS@QldymiLQD(-+F_$s2Wsf(;)drw4D6h&)gJ}w%Rm_W!
z++C-UM=m7$8?#_!m~sbNr2M!!PsKKK1ElQ_!}m57uHLSmuGYB`c|&+C;O7hK>_!Op
zan$-Zmu~BWYLcfsj9moebKcmh;6>*q|KhbGW(IWqpfp(=g?&s}&a|M)YyQdGOs^9i
zxfLT0(cjUkJpSu%59v&?Ag;$crafc**TxA;_bTqll<Ev4%LmTzcAumu0XJr=RZQ#z
z(gxQ<_o(+bn3`a5k+U5_gp5wOpd-71-fzE+(ENxPBo+EzdG#O5-Q@ai#ifn5o{Qt+
z>$d6&)Faq1YH?RP^7$AdG2eQ@ZaMkI9s~t?H4R04=|IJA;`FOt1PU&n64Z-ZEVgrs
z2*=A9pZYgVI1dn*OV@)%mzh{Os&i<52me*{xkLe<L!5dRrh2<uA_oV0gS0s*dWVVC
zAn{G?xv;Ub8|(h~*o$7C9ZIc-M&kLY07Xeu7193u6RiM100n4iA+Q9IApRy?lh?F9
z9_6<<2ynb3*7;d717VXfQ6Y&ve)kt~A7$1~qu+6u^&8r*)<ZPXe6ZVmMIyvzF{6?6
zePF<kUZSBJQnwYl2^4e?U&l@1_CCS+`iDOdn^&Q<#LiH5`7OK(##XNl0lC1KIR1c?
zLY=Tq-Xkhla22JR&a+S|Y*^GW!+CA;vGZ#YGj|&5439=4;V%2F4Q@eJF$)1%U>72d
zz@pk%hU>2nW=f?ThE5AVYfe1q++p%p1OCuzDn=3kHoTL0+kNx-zj!o-{`4~Wfq8kb
zM@~0kamA`Ub?n<G;?d#A3SeH}ECvN7a;F&}yJRGheI-|A<;R27lzeHww`2rz*V-6C
z5s2xHCKMI9$;hC@!Rs^x^0!G;gr^es=qHe(%%HRJYQHN?yzKe)_(Ia6_<i&*!5Lcl
z*>A!VuSKGEW+L`i<coo-19e9elodT)Zjk8HSBX+-7C_BvIN!O>2Uc?aK!Ihr;RW^F
zRoA(m363A%A|UqUM$Q#V4rr=k{OmqMusDzn5iU18-*5rVYlnNyT!;-Ug7YEg`ft@B
z?$b;ACp2@UR2zg;hs}^AayxG(pY4UQEYFe+t+#25A*lQ%hWpV;7hi$Yj(`KlBt@o@
zGgWU=OXO<51?N}5!*M1EJ5_<-*9R(K?<#?}#O3L|+~<MA)(>jb__pVy#_W7IRd0SK
za(BE^K)qBJ?M309ZrxX{hm4Jt(_~e9&0Ss@rr<SA!W<WvL&q_+;X<}8NeHxB!rTYX
z3i^SZqpBMp%u1rr@92Z~TEE8(AS%jx@^8ZyFh;*yQlBf+Q!29j%J6*6ZnXw1DIb!=
zkb79e=Ili<Z4C|5FuOYufI%9j-#i}3j8W#1ClUa}pCma4C@6*~6qP8jfGsgQ?UQq>
zP!j5?vl1d)A{X|nmD9&mNE{J@7^DCU%AuImThKqC<gVF|8M886M{>S(q2yZ!q|Oi)
z7^4{=WV2^RLHeginb^MVah=~Ii+F2uI+ximn<j}j|9&6?#Use1pA2n^n-$Y%9Kz>S
z<;TVdcn#FJA{u>ALQw4$MeuN<h8&4l!g<b66k8t~-jF7}lHSH?8b*$htq0vLs$>SJ
zOWe?B_1$bOZyRkZlv%bJE_6R#Q9#8_SzmCR=Go^!*;1qIIEe#1k#oav$b3S&yYb%9
zQc4a<5*qgB?qKr0!3CfbiZIhy6A(1*d9`E-f--6tz965&x%91*2If~&c|QCJs=z?F
z+Li@8$Lji94RpYbG!t@Q$g$o)k?AlhyjX{*+LsgDM&pCWfJtq$5ew^k7&X)WJhRJO
z?w{L4I5{!>SqfX>Pe{*`lrdFbh%6q}j)wMy90;92P0b1mg|5oWiRZG56a;DcmtI^z
zK}7mb8?(J`?CX7cobD##jIWEo8gB|DSc3Zj92nYrgn>@eY_QiE2?k?j14<5IO>s>1
z{xFqWP4CD3_mvLy;BIalJPn4S)2T4S^HqPsFBZ(dM(}>T2IebDB=VoRj5Os(&(@n5
zNYgxX#0E|`e_;4uASx&?6as1lCi@4?&REu3U|s3+s*vDa^AA>{SLV0SF9;d(bsBj9
zj09nVJ3t>BB3g|z7=ks|H&(ksVVO(WO_(Uw{$xIIQ{dvzXZe=ayoa>>s3&4!55M7o
zPD!mEbzx|A8A*lpt3cuM#G!1HaD90yjHiFDRr!1HVf)T<Hk#&KISJ<`TuD-R$JH%2
zk?vXtq@53yXom{?dB)z4m}+klr}7B07q>obov7oZSm_nGFsW#Jpyyv?XB=)kyAiwI
zJ_#RU1>_(s8dhY~YRAkZ&L3q0S7pnH=F#3)+mqnu27=%Ol8mAPxe=`nhJ*=3*&)z+
zI$7;}-&EEH?djp$#3=fX&T<JpZFUeyh=mv#W2m8VMZ1s=i_rj=C+AgJPizJI%x6x&
z+kbvEUuWs^!rC2W4J?d;F;nSl+4NyG7p7m*Pp-P8vA(ww)4alEEPjJoM{0C%SS^ah
zWt968myr;aIl?($ag3VP`W@K?A3>-BxtmRDTaMV_sX@r>LbaroQzLSzLot*FJ~G+s
z;d`RMy%sBMiXd+$zsN~Z6$K?FDSZ_GHj{pydgWIDS|0ng|I!mI9GqyQ`P8N~!8=7w
zZf+tOXc^_|?k+etmxv;drYi^2%e)bi4;&m^bfdbsxHv8@%*@4P#{FwkYVm@f0iW+H
z)5_{<@5V;dphdaxj)hNYQPK8hmzVurpXrxoq8~42CX*8;IXm>S%C|AYt#8fE%Yc#G
zKPhqn?&(Q(15*LEBBo%ah)%Szxas5H$C{=s1yQwc8iZ9~P1RPy%&LJmadCVG>GMa*
zKXKQ>=*7{CDDVe5!HOVY$PGns3@^TDuRKFHqoCfu++`|a)-FG~>_~I#timi4F)-LQ
zoQBUe>Cw^i@TT7QK)7xq&K4=EuVf~q5;H=VFfM^gt)XzgBQ%__u7s4EPdGe0^As>;
zrNj!S7x`v<)?b6d=xS6(iQbt}8`qJPW<+p&qb<~wDx4>{X{lmj+Oo}jRIpsu)*jZQ
zF|qw$Xe-cDgdsRc`8q>Mc%PpQC#s(`x$E(e?CZt$zwfr7nu-0egmm3nlwufHaSR9G
zq%ssDpzANMG&;jhhnA`mK8BiN6pN^+M&(;}Ie62z#^=AWA9IE(>ig>}*c4>N<1!NJ
z$Gnrlp}0M8D_7ruwn}ky8Cp?$uU?oq)EQ)P%0=c_&WGo`kJPRu4C|?6W!F#f=6ci_
zCfR>UYOA0|>17&IDt{Ghj<{jHG8qY7aTP!(keZZKsDbpR5BB!^j6DB1507v__lE^N
z#*YSX)c)cz>9Q2+1yn~g>s6+)1|kXm5AilbC1e#5@Vs5#B6FC23s27Ca`LGlE6z6b
z*OGFvd~=oE2GAF{d6a#2;$gOg#IFan{hm9`$dFC2W-z#3e+hlJ+KKG6@v(Gg4r?~k
z*laSk&1<z=aCGTY$jD_vOAu*AvgZ+&--n@$u!su31-aHO8DUumI(G3HFEZh=c+Ee|
zE^|rp;C+|vN>_wa_yTpdCaR|z?G%t$LYZ1CQ$H8b-i*5_<Auhl94QJx`d9%J2sbVY
zDUly3Q_hBTk$hz+Ub0z9h}=EzTV3ayd+mUzqdkJuQ573R5iBp)di=JcRyCEpJ9<D|
zWd38W#slko?VfIaG@($mDeA!HUHBr;ai!jq#1-_B@mzw<@<i2CaUKrgmK?m8Ps=Xp
zfd+fI`e@p~kIl0zjMl%mec+`jU=QSV>H6`r64UrGEjL`OI~)m^Zyj{;=(3i?HGhHO
zI%@Df1he?$i*Vt)PL$G4G#c?3Ru5Wc89<e_=X=~C>y(!+d5NjQPwo!*N}}{u7%G-j
zcum(_P%92gsGlQ>KPN>n<97I8Rr#4fdNsm(J21f8iBk*=L_|O(F6Gf|sNV>K)S-5p
z4+rN(b^TJjcysCBl5R6chsn3mZo@c7%K5~WhC`jsRl5R?9gacuM5Nsd{YhZWv)zHD
z!nKpKdPV4Ue~sy0UL4ftI7W6|I#>=%LFDAcD!77(Y1-?`)+#)?eZ6f+j2j;GS0@Vc
zQ!DC5t2wG^=_CO)@e!R~@vNV0gOF#vVPY1B#0KxQ{{A%4(8R=iSwIgkIj`rQJT3B1
znOF-5$n0Vx?lEA6hhaEx)K!+bGqV6b%7`+sD6d~-HCRA)%tMA8N_pOC&-p!dEeVPY
zjATbSE>hjl#6roXYd$_%6^u-k;9OsT&};fjA!G3b9$Oh=pkh^D1%(zfy@k9QRqt#E
z4w6At$dS>Gv%DaJ0)vr-8EsY>1(Xmp*BLybj}sFJ4Grt%v2A^{5IwX6eIc)6-`~y`
zi^iWfAW48iQxhoklnI0>+d=|XeE~pW^YZeEiiIa&wr~5ri@}sxp7u@a*V-Dem?6_%
zUO;(hUVgBs-T0=ESsS%|6vF#b|98dyP2IXVAvX(Q>N@AEh$D4x)Jcu>Iy@D`s{|DS
z?NOYy%ul>;AYqz_6W&i43O^O;KW;5KOjTrM<$P{n;#_nvu>f6%F4Q^1!S`fHNbsg;
z=-|A0MOec52;PQ>0mi*Ub<N+4irwX|Ghir7YRxxiOE#9)o`<|fe~H%>_gb!_W^(-0
zl+Nl**U_T;8ln-8dVtVE-==^-)~GR4D2C}-;deJ(Qf?vsRl2Q?@mw0J2mRbsj?Y53
zqY2>mb|58^`2`TGm5!eKUMQuCiQv&Pj?3%d_}6_8A6J{VuB5muex!eLqv4oAM|p0M
z(nzVMiCS=$tMQAD`~QX+_yHe;fGEWZP5qwd1hs`<LVK4ypNNYw<faR9a`DTtKqMFx
zDQa~Xdq4r*!t#QM`HKk5+ACX@n!QRW3T?0$tH3RQ`Pq-x10b64^Qyo~=~$zZ5|YAH
zIi3{4%cSgdL6L=?)87N>W=jon6iDp;h1v$C@@WDOV>usS-U6UCdDtX_@xp-?(7|%P
zu?joQiNPoQFZzLK0kBNe_CDQ6_<!~ZXS{EgS=WE?nlX9mOcbB)(xWsDI)9AUv?Yx(
zaK&P{FHoBi;W$wv$(Iz-&QkqADtauph$RvonM67arHDe6;Jd>3znGc;)2RV8#0Zd^
zex|)kVs>JLKIu(wy>tW1h-DI{Vn8*9!=FY!BUx<%IITDN`wm4ib8!TOvj@Fea2YN&
z3R=M`MMw@(i_=T`=g3CAla0P4O(!^M%TfE7Q>vd$7US<Q6(oUbeCq)>EW{Xb8ap(}
zzkP5MqxY-43wq;<b0?23zGg7b8Y@p5Xnen^3LvuDiT(`r+c2HT;4(Mgo$VH|KdD%K
zD=`(CJ(i5V>)k}KR!?QWD%gB;1TYRJ^)beo&b1>&*c5jklf^{){pY9aEvDTkxszl3
z;WI^ep!97}5iWJ%%Nh0R+^%C=g)w{+hs>|6RM5DPss}>Xd*k&c@~+>-v1|WMZ2gC>
zeMYGx@$KwLutG>!nkaoXpw+zBcO5#*yVJ0w)M^y8T<Ih~S-c9#fO<+v=DDR$OB8T%
z8dzz;HZ(=Sr3ecmh(XL@H0D?^*fS{8Vp*^B;MQ<@a`O`s0`t*doM8>!I0bhLJJe)m
zJ7ntvSX$iI+{wdv03|tw)A)Ic_{>`~YevPK9|3p=N0*vI;?gbm@p`wvKaU`IjPNIa
zb$htjU3WV$NT9;#tVr;<XA)V}{58;?K7sjDT<UIOZqPu-9KAS74yh+#hiqiWsv@;_
z*?S%8u#{2-<VvZw2?DGDD=b&muu%6R`*%9H=!eVMnN%RHl>>enr5Tj7xDpWg3o>jK
zF?av*_V!v8&!bny9j6raR>Kddh5rW%oU6#HLauP8RH{Wc92_eP-s+B<j8|P%RdvA~
zC}13bfa$$-ar|xIrT0JcO(dN2xM>fQWvs-sw3Q2>iaW!_9)F_`O54U8<RdQ9ri7&g
zkSx;B#ZsF69CLq6!~a553Zv_t5!rhs?_6ON32-qJkGmyd$y7;GiEHF7?y0gU4tqgH
ztG{xGl=QPfoN8$syPdB$Ib!ULk|WXJR!%F6C_|=8m9_lUKvVWAoNljl@w|5vWa+)t
z1(AI3(P%apqIxj%yH(_AzVT+z!NFDRh4D9N^(VI|>GP(G?WP;d>N66yP!-oj_G*yH
z(Pi&XMGNn(ikr;r8-{<`3rj*c10zgmnMm@Ma3VjQFd$dsPl>!GG_#vCn~^T1C*=xZ
z9L(44v=Zx^=@Jv?4`t9z6~ryojq|8|2N)+bZDoRp*#qH5mmH<9y4|Av5>TNM^lawz
zXKkee1QZi{b#ceK5d0x!ZBCq0wGr~^PgNjBhD>kJLHJvT{y?H}^9%FV^nbjFZZN>5
z%VNWrfw)LXEtBkcl4N2h7_AzMW{~V!C3&a+-5f(v?(f*7z0AA_%T{D-0KqM}3P6;4
z$`URvS;P@i3kKdj2JhD*$^k13?w^tV3Ui1RJ|0jr9-C%nX7BtY<QGph@KiI@=Uz<w
z%n-bph1tdcC{ok$)+8`~lDECmYdQxuX2_jE$@bJQmV7uQsv5{=)4>akXAF^&`f%n7
z+5R*=Rf8vN7M48GzwwsyEIQ0B+1zR8Lp&jfxa*jj){_(Yt`=U4<1}d8T~Hj6YqmSI
zU6?&j`BjpNK&sP2?+S9tjf!Gb_Z{l3-!V%bjw3>JVn}Hi5a&cJw%5n7N^78C;pQs^
zZruLe3oT*dj3_29(uBEY7rQ~hjv!48Rrhss<HLPeY!+*N(wnLJ`y)pXI{N0vi>+?N
z+z`=^66N1O5C7x!8Zmjot-IOAD*_fmx18Xe*MP0LP7wuLUSBb8)2GR~v>sn7Lg=Tx
zr^eDz`N+XBw4*qYTeC2v>g(5WSpFZyGU;6ZFOE{P!E`Q=fy5C>Jr%|%NmW&zZ%4vQ
zX|r(E=Hz9Psm0ak<wvBEwU?svtc>6(#(QEHU(m7Q;6P?-AYv_jN!~yvfsxzSidoAA
zsAcl2GaH+DXkjrJ6*SdA-$Oe?a2wmF+2O^ILbrt3h6<Vsvxqv&1EXV|jDbcOj*67D
z$gB-O0h8I@%4G+rMb0K|4R_$fnDkU2T8tu9qwy8ys7PK$mbRkow;5o%3YXG$oQ%SJ
z?{yBF--e?m20zq%D-C`<5p6e4;pfiZ=&1ZLxDsUt-4t>x+6rq4sID7qjL3QX3iLy+
zR8$IDB}&TJNc{J^B=I5(nLG<iglbVHDEN!Q*KE*NT48Tp)M7Rc(tvDhZqpJH8VU&O
z&%yE{!?fk#mqeNIuiBEF2=elI`Ngmd{ePG2V_e7O1|D|=fJs(SJ&gL|U9tzkXQScB
zVoLqyuf4uyetU5Eh>a-ODFM@kho5^4MErt3;ZAVx)!y8>PPxzEMy`bZoq$zQ;@3GB
z);!JLr8Sr_u3ZwDA469;5Xyxj5SC*qb-OJT+#F_z%~J&7sShzm=Sd7{-#3UDC4r-b
zi!+f3j#Vqfg=!5CRfeQ;WDF+h8%}EV=cCF9R=ZGE%W`)%T6l?+4B{h_>mjmDtNRq#
zPYd+?Ug+W9arC*JETQ5<Ew!B~?E~0xl}LBDueFtj8bXMP5dYV(*ppo8$AY0v8W?E$
z+wT?^I-G7o9zd%Fm{?dO*;v8e(iS0LkBHK|5u*Hs2`_E+H@$%=DxDJ}gCKd&hf%f$
z>-y?rB!=;WK_QwZML3s`xCo}K0_AtOrNrH~GCk3=dT?S~ZMov!qVm9|Dzd}hMUFHy
zJ(}$F0hzLye0eO^0+xE+Ckw7ivV0vl3^tRjPAny-j;v?ZwKj1Id{p`=b9mbFnrH;m
zq9YZIZ7S@!pA@vM9tE-o_S*+~$T~Anb7)L>T@hI8X6Ll|ayS_JHX1W{f&!GVtLo*_
zV4*G5VL7+1%30!^DT+kk$Zl?G<tjKin@jb3HxN6m)jx&{2Oit7m#cYn%ZzXKj^%aN
zdeE1C3xJBPF<RX{jfPLNZv;v5!MaWy+*~Bgo+mrB8EkpHqa(w*%H>0#vWDN~NYd&Y
z9OF@Y70c|5W7XxbgvqW+e7CwW{^<PdO%KPm&78}vkXtVhc_50<!VW?DOSdyarxeU`
z^M8kemm3^Pl9M^ln2JYBjUgM3-<7Zt#*g3)4f<8lWUh63rNfqoFbpW*^a!bT!iL%X
zbDSgym1ER0bdrj<L_Q_<NeDrh;RbiPQUlrLlw&ZYltt}(7uZ*f%t9#>rk#SJ3`}fR
zXRwBxmp!N@du7^dcBArSE&Q~8l>AzIq#wF0gu#iGDgVC+k(AahN0itZ16D~vY%pj_
zqlD}$uI_r9XQmL=Lmu!!0UN5^Bo3|WIZLeqw(C!xaitoLB(CmZCQcBEfFNZl!g0)X
z_JywC0~-$)29unm#6JlU^#dLQ?8!qqkSf3Zj-{)cW8drx{oUeKa25)dqOQcj@XvfJ
zvjFECQ8riL-arGXcJg|YxcnphU~qSELMSC+cam^|LI7kjdr6dZnYNRP6PyP|0ucBL
zCiF30wVP7MqCTKR)^0Rlz;!*55zT$_Kt-#4kmpu<4--W%yq6Kv>Tb-1deRxOpM%`~
z0Hy(8BF-w4X`2(dy6p-3qQ0@yV$NAowGta4$F=u*Vp3+Hj~vu}866jlFHK>^-RaHC
zC{De11SLfBa1C_6cp|HCd4)Y<${soQb*Xb-G{o=3428zJ&wF^(DqAu~P|OziG4`gt
zx4Zfy5aaT%oY(ywY=ipwT+u})zTfv5?J{G#(2fUG7MlxzdnVpaN4H76&xk8M_7;)0
z=V4mA15QP1s+XAlWoFOOzdnZ^Fs|~%KYpm_Lq=8MT@&G|r;UzS;d9nJs~p{z+!*Gt
zzbgj$<^ma=$u7EnF%X~TfcL40HE0k3EK}=XX?H%0oX+Me{H|fZopGi*Y{8mWrn=-D
z;;htFQBk?jsV6)}I;sOAzi;%=5cHV%Xn=G?uapQ<VX)Gp!No9mT0=3Mk=pz>&-H`;
zM{}%?$o7DcRlLfh?X!A-F#I|eLoLJ<{*o(QE8m|C(gWMwV0&QkQeTA4gBF!_#t$S@
z$Xlw>$;T2#t}xBlkf-Rc+(pb*h>({f^<0Z1_y__`PfknGs((==lOWD<`qS~NI>6MJ
zY>X{weDr`}M!TZGL^`z~Sgk?d$}$Z#nle`wcVF~PJv7=uk>duWyCn#pL-lo5RY4X<
zsWFZcX!3gJLS2g!@_Xdc<gOp$cwPTJ?suo7z&B6zk!dz??74itVJ4!eJPX)SWCTd(
z-+2lckwk*g!cM_L^Xyr(t&xb73L8i*+J9zyCy?5pSP=*p(Zbdr2IA!c3^_)fCk5(W
zW<^@@Dvef;Q%0K|g6v~?N2jJGx|)M_IuBtu?RbJiaZB@#R--oFg?i%<94{DEfsP;a
zoKV27<DV%8#73dK;V_9@xC$4aR`4>3@SrwNu@y_3yeu2_#cEY7MOvd-T}Skvc$`7e
zu-U=??quF1iQ&OF*n_0+;zUXP4Z2XrhX*@(TQW^|$0SjIleQd9$E%dfhg(*fEwFH8
zZlIK`b`#;<ah<;CdENyih5+%qI>ZR|b-g24Z&pGLgy4GcjE>coas)?*rWw3Q=H0?V
z@^geKXxB0+aY%77EGT6?Biu1)#@Ex(|MY8oe)j+H^a-*nLJ5CJNs-%Bxf5FfE;a}c
z*!<a_wX(9kY;CB$4dBWI;Q5STiL6>aVE3{g@NhRMzDyVm6+VXFOrRiq^u`gyJ#005
zLcSLMGBT6}D<`hC_dWAcP-oedMwTJp>!x))GBFqw+e+>PLocGF#Bw3j8e6$iL7kTt
zBKg(Q@I_@_8k`ub)xo3qZZh($^_PuUfD4**;b>tPuA%gj>%_Xw&QP_$Xt8GSIN^na
zl(km!2-o4)Ry=(0%$z?oF6HP_OmY3rFQ~W(_{a-*6ArsK46VVr5>LE#pN^Vh)I+HJ
zJq}=h*0U+~f@F?Zk8!ks!>jE2G`h5l7)fAXOgDZ=n|8qr^w#`2SeZ}%zIeBj6dy6#
z3R=<OKurQ0@*ns38g?E-dZkg1!Mx1r4`&7^Q<R1%T>A*2ooH4<%twVLiD7%34GDGk
zR@YQl#lpXW9pVm63VZdn8O4yWqh&+U%qGv9Jr@JqYbFCU0)Pw=A83oDDvA9TtDNWs
z^f}_agWs()p8&the8!_~YwOL#l#oN>7-%x%n#=b><~~lX8>e>7(~!hVkVTs-)q~eP
zJq>D_1uG!l96aB0ga50=%Em^L?-BU(CiGCV-VfOmk!5K7U}4k|AEtg1g|S%|hywPE
z_rZJ#|D$&Ae~qm-9N<z7GA(X0a1cEj3f3ZoKcu}I6>1@YSf<l21u2P}-H8b-F(sY7
z00dbUw0KNTUeP)*S_yaO(v+_VUS%9|SM9Ezm3O6{N8&R$Xl_vua4Rx~VgqqVxY_D;
z4>?Jv9u%3viHk@8uHY1Fkyvo`=_yclW+^h%i$7;XQ&!7_!H-s(t?xboIEc!^&C@o!
z<Puz7<Opui7R(8e0{lD=nYsOZikk%~dTR76&({B*p~CPsbZWNH*oJI50aUYv^4;xx
z@a;~@Qpkps=WCOp!X|8oppfCj`DRgGoQg_Z#OH$OUgjDhw_mNl8i`pSRsSNX4;$V}
zJD+lXjsl1RN-{mN=qZ;6Hoc81u-QO#@ux!(@V!0cSylHK;`wINn_I0+9r@5xMzhgV
zpj(II=P2C(<L=^SbSpu2G>1av9N*39)%_B2o-AS2;$l;+d8c<?E;P96$hhUPdGOoI
z+id<gF+%zaG{Sks_EpH4G)lSgSf~&7>H2f>OHQ=7)&%N6*x$ey5M}q>NT6HeVcMl8
zQH<y6%8?rms|#J#(=FteCOdHf>A9L;)Y9^_uvmwD?^NWc+Qgj6Q%0=#eBN-=h}wOt
zS(H|r?_VKrMt6%VCmf0`nC$;|smXxUKEq6>!Q!9*T=K16K(CX&q{xI?P_Q2=Z`nS7
zdL%p#w>)^>0fvNdXz(Zkb=xu)T$GiSHSAyL$acR8IKHD12NVJZE7VTx0JS$;O&?W^
zxrZQ!=a#MQ<$maPOipRVaFOGm6XBiTA(me5q^z4!SqDhx>e@IRbx*W6ElpvmctL`N
ze97|&<4eL_xCeEXH^OT4EkRWuYiUAu>^bJAh8{tu{Xm8_=i&1uACmf-K>JQw(8am6
zJ4-%aPP&JQ2f<foDKrK?&i=A3zYv4UQ%n6-@X}@`@hw<B2lhIeB$;rFRbKRJ#~+w!
z_2vLyoewO@2fHY$UrGg1xtqrwH{9)y&b^E35LbIu7-{@X@HtTU157rt{i7YlyH^Do
z1Rb(z994MFQ|Y07o~PIXvsj;Yr>(~=I1rLk!5Skw$BX_Ryz|Ge^x1}U`GHb-gX_D<
zk87U|xNKxgb2Dc@HCU4JZ|pxYEg#eX+IDPKcVh3)1(sAH#9$~2o?~89eum3ov5`fn
z?}zAKFtY0%#@`L<(trF!5|A9#h<uNn^O;>Ka0_+4NMmt}xDw>MAau<_9z1sWK_i)G
ziPe3>MckX@k8lIGzP=v!7CkfV2T{}sAJglH6!1U|i0V_dG&Y}&Q%e*33veb_97F3x
z2S-i9`3N0?s*@=zA{DlW50A}BsFrJc5y%ru4@jb+IEIFO6#X5D>}Sk8l&`AJHp!2L
zQ0(-rY<mITC^cs9e)Es$Ut=7PPc9O}_HQq+K}lDbE}{tg=tSj#N>Uo$VqxO10c|CW
z2nZZ<A0pH?doAjC%uSb;&Q_ag^SQKQq#T1;E;@5}cyc?~sTqhn2Zl%yL0I?*)C4p%
z)YGmdpz3+Z8q6DCuQz6*2eL1Q4oBv*bMvI1r$ll}KPL2I*<G^L#u8m;rnBelNAd#E
z?#L=c-IE4`sp&z1@-G(bts2584jaS2cRJWDrl|MTnb0^xax1)^qFROANQL_$cRBCS
zMH!N5ZMK;2x;@y|vaF{{ftQ~0gPk61d35_Pi6YURTon}|ge0_>rTI#c_{Gcz)wU$P
z=$v{Lhg14{yQqeC3?GOo)yg+>uc|PMe|WJGTmFoU|AA()5bp3hZL$}bsS!#MYiVHe
z&ZJ!oZ@Cy3dX$FT-9wWGr}mGDd42yF9gzF2_YKTglKAQ7S<!y|{n_`E6uaFM=`T9%
zv)*;n{Ko*UR;6fLBdnm6xcRe8FIuHh10^6$$dK5B(SUo1lX!>$i5dK95R-b?G=8HF
zo2Q5l8Dc`dibO-Y-Cvqyq&C8Oc1rivwgeIXq({zt7G$nmi*quNgRBijg}sj&LU-Xq
z-<&s$I^IR_fhe3;$~TV`I|6_qX3q<iR+k){8C|Yc!bFGX@dBWjIe&(xJ6^xb^4@cw
z5(NV&7)W9{@9-T-w*|v9)duT+%{KN%R)<}QX;Q1Okux(F1X^Pb_w#ruJ|kw|$~dY-
z2^R%ys%jLd_e6vj8(MJeKJ%^UU`eW2=3PcDS<d;fqN>i9ANteCBeFy7bZaJqoW*O=
z$>!W{>@B$rN&EW?X$(P-Z16TojT}syGDSa<OPPRX!h}+WdOy*=>08T;D_apJ?G8My
zrHc5gKQ|Yx;lvUNg<_aZ(t2$9rUS1VeOVyY{?>VJ!4{czr_*oCMU|WNXjux)gYgd0
zFEFu0`TgceXTCn3L)+=rz#JF<_?|j?l<J3M<NLYIc_g|0I}%JLUz7wVpg`1~x-nWU
zL6K&^EKf}_pUc1akVXNR_nU%zqkr}*HTE!Ng+?d*Wjkv_C>xzn=CNSO6Fc#aJ{x3D
zPJ2jc+m|>iyabo5Q|MXj+lBu8lxI|ei33AW<_)#RbPOP3%k_!$7^g?5OrfX(3A*&g
zo?y4qC)^NZohw`S)6KIGnL*DdDPa<3IHkF%v%aIQZ(|MfaCs=V+$w2V?E2`-FnXtg
z+)4DXjj{G!d_p9peDu~X3C-G%T5lT2l`dl&o1jV!h)=&oI4P+xCJuDpO;&&Z5~N}a
z#%4M1IbeE5@~2$!T>NW?A|WoWq@zf=gPYsivBg0TJghIrXR7G^2<lxYH_D$mud*#F
zO$=ELhaE~v_lLB`fU{IDCe~#QTA)k`N?;I8s*C#@>H*Na$NQ=$DZWUe4#DQ6V=bnT
z7(9v^FwzgZ`5e{&HZ)Y2)wrtj;JyxxSi#fV(aFNN8RP%4XDF_!=*!VAOGTx=c+DP|
z*@)33Gs=hq`PSV1=o-`eD-cW-@^im%=kP0di~Uvzrt;Ke`6<`GRMy*r9I&#&z0vLh
zos;ve-)Ckw`2USbaszw$Fu;+S?9bQzAis+97}5yb(vbK8Fm~X2k`Rg#sE8Bir4Qpz
z3}94@or!S)pO`V-pWF<?NK+Zgf|=Yf%3_2!VmDHkR1t|$ay7)2zH0@!r!d_j#$sx_
zrBR4#T$S+&z<8p<9$GwVze>dXc$jnF!w!tM%cn}O#q{DL<iP~r?tF2jTJ@UFmA8)z
z)(sI+U6RU+`Q=vhYbmmFToMe$cR9<ZKQQV_9+Ej9-25L;6UfN1y?@VIw$IPO*w|D(
zyB#UEg+2<m!5kppks&wBVbsdM5==8<#7R8mADFs~Ul>%fDBDTTTa*ih9Q?7cxFf7j
za=KDw^en*}<p^%MtX+|i_qISoLu*+3$QA7f=e{4O-CkULFq{^8|3%yz43GpGrw4u8
zLJ}7jC)d@}Gqkn6``A+Yz)c!I4B3~G5O&%@AlI0lNMuGwY9!`I$LV1RUW=OxWbHka
zX!edXDz??9C0ddq?Y%e~93&^9^!J$f{hO}0zdwr(oG5~9EBl{b0@^=N-q!6?<HgA1
z7StW`PZ{6`40C?KT;Sc`zgMpw*o+4EVeRd>2#AQ(Xc$Y^kA4{E4eoOWCuychH1cG3
zG);lu#NH$x`D#gxM$Gwbv*?Q=m&hxM$HUBxyew*82O6TlI#L@O8{?Cb<Yk`8O^Mkg
ztF@O-1iv213TwUZKCW;B41j=3b;#}ln;o%#1VT8VAs`rc?mF!tP8lX4Q8k!?hDIiD
z+%fN8!!7>70_Oop+=d2C<tH2y&8n#;?p$6fZ4#Ii1g9yFYYNmLc!Pa2xMi#|u4`}S
zRen8}iT{Pg??X=*{(Gy_@qheh2=E%1R|4uAL2iH<3OFTmU5HjpdRXuHc*25A_tk?M
z3NFG)@%OmRHW?m_{opZV0u|CF{;>%Y38Z3XR#sxD*oLB$Ge1!LFtPyjR_!@S@5N4F
zAVB2t2u^tQ#rHA%^Og7jy1>V^9uYy`m|h(eLwu)ZW|F{S9C<l8Do+u{7Rqj@+L@nP
zNvZJJaiz@eC@??w#dp}zjsDKrDald>Cg#B7EX^;lg<LKyE+Tw5BR$0uatm!I0u9*(
zQxKyt5KJT>w7O720zbyGZy^3R-hqW|B?SQxy2pW!EyTT$;rtcP1Q>q-@$sKWB2Q+i
zi>LNA_a$^mCDHKl6*fwYP$WX#@MADVgguUfW)&tuI^;1%UUoAsB}KA4n~g@nHsvbY
z*Z9|K9cv62+H+#UO&O;&w$FpC=#m2-9^DS#(PjYa`@!{&BV;$~=PzF+dn<dV;Rhf~
z_|t%ojg7UsUFH*W^YX5tB@c!_4$<~|<=7pH#lJqjnUXh6<nTk*==-0~y(yI#vw$;e
z()MGdqXrfw-D^q_P_~oyJ=<GaQkw==XwD^8jB7hdZ144y)E>gz^BDq!R8O^*iNA`|
zv$95>Lbt;AedMa*xMv;(*d6`rkKBa-1``5<7y%D{souz+jDa99Re-Vat~6{bvX_?*
z$tWly@}*uISKjh5D{w#qV%`F~jGhgmVEq@#eGiN>+>%!QJq?@&=a^;-oOmmUSdxGL
zBvC8HoaN03o%kztOz~H9cz9B?CZ^3#mTlc-&d^gGFNu-Sj+#6@3L)V|lIUX8*22eo
zZLR@{)OI6jFGj!&9MfeM+0_imXGxfpgsuW0%o7c{5p`fjL%%I2<+jg-4M=5@e(Zr{
zfqyUF4ar^8S3ymyB!7jDLyeOY6;dTlyPD}%{fZU{`$nJ4rV92+&Ohn+36LWhzu&`L
zQ<8W)<EhzqJKqK=K7N8ASwqNmO})B(AD-QEf-0ZG4KaT@fY~3soxRWS2LO;GC-mkr
zQG>g>E|XJh!(7Up$wsK4R@BjY5$)}izLz_&+`tJQ=FLyP|Ft)1`;b7s5RIt%Fs23E
zmsk5!V?M}S^~g`CruRQHVZCdCsO3J!`N8DD4Hp?pAnQV^&rVM<l>=qrB64{#eK&pu
zfpyF<FieF!10F7g#HTWrMs)@!%zXv6h>2*V@;=KqjDUu}K38*}i@LDj@zU}EeafZ;
zn0?dJ_tpAf6rVO1XtyYLqJX8?I08);M;#vucdZKL8`;x+p%qi{C*W4+mxD76;sRc<
z+_m}e5*Gy!SW=vJI7Q=YV~Db_<{X!uogFqdHVg-Zyn@2msSUMhj8P=`Eef;5j%t}y
zF0Z+-?y9K2$CD<Mqa;LBWMpVi&~G7L;rI0yshvZrmvNNGwF~4L7;iHnW<lK;VJjGB
zIFt#L!A@{`$~^z{OSw-$BvMGp!`{IS^a@<-z~r9&Z{&pu{xWhA(dRyru7ZjizAzfJ
z=EX%7*YVEik}fnCSCx&1Vf<t}9~IkB)Q&hqSa$(7MuW5M;&8oo1z<9;DED>LG9N~w
zf^ukM^zT)c*p2Uvyx_KYg<tBUl;pKQ{HEQ!_(CXD-Rof_y}t0SuADH)vE;?Q8NNhL
zwew*FQxCiUQDvMUH!ETGK_0jGw07?#$ifs2=JjJIA8>{yfiTKgX%bQY@T=`N80J1^
z0Rgd5`u@j$d06+%xKT(SiiVS;NOhF7GTDvY-S^dsHp;jhcvIl-Y}aC6OTQcZeRGUi
z{x}Gl>+PYYYr8kB2TB7p<#92N21Bg<qq#Oyka2%i)bse;opVN&h3k|pu;H%LcfMy&
zK(F%g!j9xogNEfj(QA^T3Lx_+l*=UQY;?txDUY%2C;4IYouKf8I@qrSrtSgmOz0N1
z?hWIQSiQ#ijKN1XOkFG3A&2KXzgp`@bQHozHr9A;<mY{Vtoo;8<9>G~_*$zAq*s&Y
zwzz{RL6J^(21zrQR0lrA31kK43Q9<NqMq9_K!NWrNHUTIkYSY^-dp}z$Pb5pvGTbt
z<OY2BenKi~@$n)_K#l<Io0?vcr)s%mSs7{zmO%=P0Nr^=TWO$sf^4ABSoU*;e?Bit
zg5)*$Cl@2eXr$5WO)OZsK7p0Iy#DdF_uEE05v@Ch{J&Q0k*}#rJ%V@Yql`IZ_mkss
zK1sj7;J(Q5Gf)2e!q$?wBMZvbRhY^)Vt6^qN@=q@?z%ead+lt3*e#`vF)mf%U0n#&
zGpk%r;QK(;hi$gw2M$NL)`#4@pCII=5&@mi#hJMO8>OZ#m?~vDN$=p`@mVK|p!L76
z`-AjKQDXbP8t>|4R%W}jLAimr_|u%6tLm>jiy`BM+PG%J_cLC#zpiMMrAnUeurtm$
zHIG{&?wZtDSrdNB{*Plk00RiXXBus2$g+56jLjk*O}t|w%NNSUl*vCZNFJ*&eTp6Z
zGOw9H;%P7h*@`CdGUqkSj#_mYBHR0NVRr~Ssu0mXD&ph#*#BFD<n_%>{@sH^^1+(M
z9nO>;o0D;QKgG8sZxrqq4o0X?|9ox&Kr|HE%<79T;UX&ZMUl}{uCL{xkr?5Zc9gYv
z8i{k2l`OR)l=?qSqa%~|`A8?XfPRs08+lJ>V-VrgFR@OR%zUd<9LpbM{im$Tei!jr
z!mXIRSbSV)r#LOSG+>e228ZB=@P!}DwP0w+X@7J7R9apRXw?(>z1frY`qIhcj82)!
zo^6$)d~nU}YfJ$j?f?CS!eU~L(y-i~chpFP{M4<LVaP;CpVGxUeZ1c`xQj|kjNhLB
z&K5#v7(x}v$jE3FU-i9Q_g0iq4+tATC*Y5b5KYEz!@NQRK`?EXJ<h0@(s|~~&XgNo
zz)XMTA3?jt(mj5d$l?71kfsDJlH8b80k){N9HVq`QnkAY7eNnM(&@pQd2(UfQnLOl
zE5Nhmn$VW)FUvF8;TX_0yT8=WW}CGXux;Yvs!G6@L@T?4108NHZ9mCMp!fqa62TOH
zSRRn_LU4IHPPBSxRTBbv>9Fe15_?f`iSj*qhP@^j!wnD*P2uH8RA&aIWLP}W_*Wv8
zh^HdsVz>p<cq%ccAkbR-xvq#*?<sXg)OinA?LBsTi(bVTAdTFX#w2N+&pe!jSOUX5
zA-MOzCXx&L3b$hr{}e{^MP9@Z4s1P_E2ejZtT#!wJ>BDf6scVQf3<(emLM-LZinli
z{@175kk_Ti+bnKJKz)6E;18Yp=q}dE4Jm=e<0mRVNX&P2{28Js3ZsKF{D22y;?ncZ
ziAZ{HN(L~KXJ$DemH^^u@P>sOVqa&3)29>nt9=}NJK92755$IU2sgBFTJgXdZKHGW
zvpv0|IOGKMA4v$2l6miA)WrFTC)lY2qgL?w_ANxr%zZ=)FNPl>BUd<WFt<|A#2hz-
z?N81U(#<%&20buToRfVQiCi*PMuZT+3a+!zT&jm*B?7+fe)wIwIY^F*2{-OvM_7}&
zcLawYj}Xm7+#v`ugiQ(r%(j#6Q8=?0$TPP7m&e6*4$l5gm=UKDTG-n=Ux@hF%0B)-
zrv53g@iy86g=@R1ZQC}c*0i14_Dt>6wr$%srq*=YscoA%efR$McTUz-Zjy`S|2%8`
zv`Bs`P<|<fojR26^L$QauEFLQniklh15|x*Kf=u4jlcHiJQ$+CPXYoGe;&NCrBF<Q
zT%Z7O<Nh2Wmz*QgpA-M1=@5npbZ3AFAqoi#L#%+$_><RB_x5l`BX}N5$Ortg?;^^H
z&-3Atq*{Sbk&i|L9J30cqymM4p?TWj7WCkY`BvjGShVD_?iRw!-~9!Pqeh3mNCpr(
z)K^X()V(`=@;Qg}O+q4C)@1cN`7YjKkB%tN&BY6QkQj<Qsru+K`R`_cgLy*m<0QFQ
z+NJq->i8yql6<&*^&{r*wne~C8^K7==mLG+fvE);t}`ylp0B5-!&E?TgD^~FT)^pd
zAH5jGI*tZB&57ZjYJ#UcW?0wXc%%2OzG@Cmee}%))cT#*)rmqg^{4b*Z4O$?1FB%m
zZ>f!|e>-c^wc2d<yvygjh;=YEs(nECi!Q`FYSgfbCLH>S+xV1BAi{5WT=gdU>_5U*
z{}>*$l9d0>Sc%}sf_pHVQ&J9wU#pYvg?yc`K%a~U!-S7Av+KIAcK|Rc@4rtaD`9;u
zP;wHYek_g3`_jz|k1xsgk>1_STNc)9!Uu%!xL;!~5%`Gj{i|!Q{oC2whx(PsaYVXe
zMvykMZ7CQbuM-#nw;ft!Mt#^1J;F&-!VsA_;(<SZu+$<k<0U1<la|G5KeU7(qj%&n
zu{#DzJYU9Ryd%2P5@==f!Gsb3m8bjUIPwLI^Z~a~fc#N+k`M_O@paJ3f0=!?wcd@+
z8*t8vqyxaNuNQV(;g^hEJ4&LUS%r3C_fjfSH-L16s$DALO)l|cHfuT*j4oJ1_>}{d
zT0r3TaC$X?;b=3eJ(!YqicvduLw_PEHyKxXenfKjFw(t_n+nfHhnwjn5r^ffSp!*3
zR*apkB_O1OZY+EBCpi(>H)KS$qHH}qW2FfPuT1Q3-{^{IwTA{Z!t#&E>YbfTX03~<
z((knSp<u%XR|a8n9VoTRDz7<dlT90dWnoohhT{ZBrpJGS5mNDHg?M=xn^5&_5OSe!
z1m3PaYU0wzorZ7q6cw0^XBjD4Q=`v|4^z^Up(spU5||XxMt>#Z-=^pb3L0flwdk4X
zAr(Fg+=K<x^gt4(uyAmeR3@TLtuIj@wq85ACtKmNvIVtZy^s~&@E{|@OCeCm6Xoa|
zIhxWjEvqG9^6GG`urcvr7obNtSw5(9lvX9L^@a6!5wnWN<Dd_cYin!2%)+R{lR~om
zuniusH<Ao%Qe$2Ws%$yAMzyd5O92z}MTe;0UMG0P$#b-=DBf#-`7?ZKZ`<JUf}hRn
ziai^YXY_Z}u*CW!6pS(B5BLb7|6q>%k<;0yX|{;3!YwJM!xFest5)$PCdP}M=QC6d
zKdR)Ba`ldGJ8vY;uYOmMq6XCNoa4FV(y!?LG)SfEPIu`pH+$8N07y=Bcl7oTB<72i
z*w9`Zy^DV^DA<RN1h=|>N6_kiHoxZ`CR<$_E~t>@1_GBUjz!4l{)&RozxI&?KN!yW
z?{9Cl4KmbCQ9)dFqW)a1>CTD{i0+pO7L5gf-?(6EGNU3S8yFby`hN-{;4m}xK+UpN
zseFxQwfbGubP$ICUM3|XF>+|ds><)i3Ok(YfZ~A6T2-=>S1Bu!&Crq#h)eUxp;{aB
z^i?+bP-rY@%uKrJmqsB_0DA{1c6V0^m6Yk@u<G;9-woMfFbdw865E!6I1U-(-FV{X
zJ!5*mj|)~E4d)@6>9gJK7@73?Uj))EburKqT_%sQNw_^uh@szIN6IK<Opb1Tit807
zjNnpLagRh|$?s&M1?W6@lPmvDr9H<FL0&^KoeEYhW?__R?BNl#`^D?|$z44z<giu)
zyL**8oQwJQc>_k#J7%!4BPqXmT$22*c(C?LCaCnoXnzONy^1rt+av5tH~G)?Dq=-o
z?0W4tff@<ZYxKZ^C#G>pZ2x_o$k^`pwe;PDK|I*gj6S48Mi7?$<XZl>9Dca(YlZ1?
z7_g|h<ShR%Lg<@E9u-9j0;2F*{dtH?59|0AeE%;C02DmlZWc>M#I5AX<}yg=!}X={
zuFa7I4dm@ErHEQB)XW!KORaai;F+IAkIZlxlE0piJev&TXpi}Y<fpgglTc6T28z|t
z8~;81fqQ!pXSGozBL2>^{rr<ByXzOBc~3RR?DyQ4GIWo&76Xj^5c2*rX<7*M?hQ#}
zwh-tO#t~h0&nl&lcnx9-TgiBKN<yDOwz0KTFAJSmEO6+nd;*+zbi$&6{MpjIs&D-3
zsNFGJ+%*H4M6lOm6)Ei)o6t47OZ_=qGWA~5N>C&pkO*%OR_pbQkviDJ`MId|arZ-4
zmVWZv(c9<x0MowA2yss)4thfM3{@I+Px!EL=}P&i!Sy<6*+?ZtWgI&jP1J|!iWR6E
zD3=N-!EGV8NM8LN$+B<MA2PIHgPknLBI4lVHXk^%^5~eP$&eDK%0Xh1*z2Ds-rIYp
zhW<i5`gEXnw1inrX;JBIUv!Ty@_4eg*O!-plt3>a3}y9~0ifM#zHp%-m`7B*tMk_h
zxi3!xcZlOyBix!ZZUeVlJ=1sb2?3=V@XE5MgkL+n*|$d_GFQv>PKP^-Md_WA@$q!&
z)N21^O&=kp@Ns@-aFxUpHotwsUQYvC>L05`8TN4Ccsq$Fm+gj|->Fo8^N672iiG!o
z^USdtB0)G9h?x~*dq3$9hHFyQAFNnQj)EOT;tXVZe$=~NsV-Tq;pDm1ggqdZnau7m
zrFXRmU~_VP8PWllgg-(S?-7#gG!SziHN#^g2lr@HS!@0P^zjb{Qhfn7ewnCG7%g*k
zmb!N9^+dYZ(^6$K`g6U~2|P2>GLzPJ3IOq;A|uT*JboS{lD9aMKf71ks*T*Qk9I+d
zXKki?s7>=#%8uz9s{wR~S_54wL{oX}P?nF?gA3EJthTQZoNH_ufolyO_uIsYyOXBd
z0R}6L#uT-=+CdL8u*Oy=W=JF=SU0i4&lWpA>0z&?@5y;L)775G>#h9Map!SC;HWB<
zZt_b^C$Wlswc;L$Fum}_b_oK)js7&%0=IBXo%dpFJc!l1uLC_@`R4~wdUfJ}hG+8~
zyA{690-Xz&ddylt$A>K(97PZ1ao>mz3p`49m=p|g0^4|CY_ar9U{4?dt?iQxop--9
z?<lRd2#o+sLY_D}+Q1-r=gM540oY5EI;L3T`Ol4~XTL={4SR0fs#GQEKb<i<S}R0H
zvAKf}$C8wZCX3CU9E^JYP+e)W#g2+ma!g$X?PWyFdA!hd<S94majNyQ6d}iNd@C-;
zg3FHjaY~97X81S@$F@zz7f_gczi4YBciXHfRQ6vK)921o)=J6!{L!-Z1fN*RKAPZP
z<HkQJa$SLIj&Pq?@BRZHJahg?%l-{HV$V2leMBq`A?s#Pn<U^LAJ3m}zrDxd{wrKG
zk1BG~;ECX1sNX$8w#$sea}zAphCnq_E6=;bk?0JLk~-(#^yNhqM&fdjT2j!3%9p^(
ze3l+~>_k@)zHRqp!Z{*r2LM_UP!v8LL6p1%i5_g~5Pabmt*RP&J`E|K7)u~7%6+Ob
zh1dJY89yBzK<g5wP`c^TYQ+I8@-<~NYBDvw<&(6QSO6FRJU}1*Cz`B^CKvTl5+Gi@
zDcN78z@TycGt7OfuA$ck)dPzO`ll;yvYXsV`Obi9Gfd~8HsSC>2Jngb-dYD*^{<;T
zOqj!tI`Ns?xzx9)vUbfvLI**u?XZ-yxq?I-z-*-PNrR{)jr875i~6(c8QC{cG*qXp
z#1@sldc5&Sp!p|)8p((v@s3TzZ9A47P^zz5W(^^i)k_U(QfYnY?i#JRdKn>$dq1Q`
zUD!iC0YT81Cdb=Fj`f6}afNc!YBxNO+g`e>5?Xam5XH1_E4HeQxWDm->HE}yjVVDg
z?P&~yjKgB(w{>ly)6YM5yxt#Vj2jase@5+T&m2N+UXqXBSM?Tx8PR>-a34v$p#<76
zj+aXWx^on6&J#tr-?oNBzg8s=MPg88Whs9@7ixzzN9>R#rm!w}KN=DbFyP-oS5a@r
zX@OAMf-UqUidrFb)au`mgk_((CXaN6Tn}Zh2WVGgUX~GZc~wSFseH+r88>|pjviU0
z)|lf|n~HI2v!BwE!3bstX;WsQq3vx83hOA8HexJhsjcQJ`I7J9HU+)WFmddI3`aDd
z?KCWDzr|rr=dK2%Q(;vkS|mn7H<b=n|B$G*`2#SYvNLkMYi`ze_*{>R8M98Oh}RGi
z3&T)^yL$!1P-hJEg|36d!O`x3pA>?Sp-Xu`u)us-ZVmCk|9=&TiW%5O50S7BsxxeY
z*c67QTRM5E2d*hAf=PSbQOwF+e}*)ugvEDhsWP5oFj+KTu2mSN0fLTYl#RasiwpJR
znmRvWb}y(Wxl6W|D~Br2c#)VKJ{Uyo=ky=km1XZWKsVyr%WfU~u50oyxk0<djR{*J
zi}vF1*Z^#(PbZv3fLojlhXHDnFRZ02cW8JLhsnmncx}g9yV;Lt&@;U@Mu$8u105o$
zZaWMQ(U~P%96lr=_?fbT#nc$Xe9<L*(|j`Dw8=(oJ%HCe!E<DB2+trkS&7pknk?VU
z`~XfFCsT9v*6Wz>eo)-w?3PR+Pgq}v`E$v^KKOM@!=iz@AqVmH-yN^b=(lifXaXD$
z-ZL!p*=S(^QneB_vdu;#iPI&1g*u>BO-h9;i@eAxp;&fxKcp?Kt9d;Lz&s!97t-uO
zxYhte5SN|A*lm-far=tbvSS3?KUO(4<4-@DhSVY>YCL$jNf5>YAW`H=CNWEXoR8=u
zU9JXVBtCCoC311{sY2$Y7`Rlf7vfCdI43<Of!^2P_M`DBO`xEj6ycuTkK-}#iaX?^
zNN!q@ib`_ZcuhiF`VV$BaoP^wmeA2$k?FZlB3~Bw>aAX2))9Gw*DNc_6WufleH4B8
zKWza&X+lQ-Vbx^u6p+`0Pjny5b(^qJQd-Zq&X%>`@B)cDd~uhK0*c!KwHi1@VfV%e
zsvJw!n|PX)rpHDJ!KdAAV*L6JndLlASqXEK%!d7?YsTdp?eOcKSC(mSTSgx^c`%*D
zUq~S>VkosP2w8SK55x)aYO4r3|0s*2dSam<rML$D&;N}0l9^U*91}hQN%Y{QOwHua
z`3B?`Gm#NMjKk#EG!tWpjz|snJ551!LnezV!b1WeA2Z3gBt}A8GWZ??2Pk|82TqRw
zq60K1ef!uEF6=C)ghzxH)g}yyAJp6FT*}rW>hb-+V9fTp*?Zl)ZvHk}7j?MPRg%?k
ze$)XVj4k@!QkdRy#=R`u8O{FSRiIqvwbInU!(F|@mrgrh`i+U02chU&RtKPbAldwk
zwN%FU{dF2FI=hAKE)54F0s4gb2O;?aKlB&_`0!1XKl!ezj6;JJ5J;AZ7Jb@$9u^Ql
zomir$t(7B$IKX?JPHFYc7a?AXWLLBh)wmTaiv5*Uwb*2Fef}${7o#&SJ+MPvW_xpn
zs(i~mdqr=nSXlN0&Dvn)-Ufe6QR*v68(F*EnI!VhWdu{zVL#akO66ah@G?qmfdeK<
zxi~)m1zldx9T*+0+tGoZuzOz>)?e3Z3kHbo$>l(aKKrn?95&*Ob_LWa%;XAHX!kh7
z)K)Il2{v#HG*FPpZX^2NnKdZY2BpcfQ#y5T>7>5d_IIs+RHN}xx+<InNO0z2oLoI_
zwVV*Rul{Rn_ukjMQ<aOQN3u)y^F%u=<ndE>lA6Vcon79d*7gzQ`J&Y#E>JRfx)eGO
zr4KtPV~IC#boDcPK^-Es{pt0r!!)I`4a`clm-Q4OtQW_|zvN_P{+?pphfR!ZL2asA
zo?!5eu#K`ysM+keSgC7+bI{*XYiKqee)1H90C}O?hGM7~gM9<9AO}GgHd#*`yg+x-
z{63PchJ<dNuV(S9U1Wmm{*I3Joo8cxeLI2d#fBD+lJ8%BIc$yL;PBKGKcls5L|_u%
zbQtikXg66d4vgvbgi$q9PQ4JooSm&8&x4vKjT#WzOak-5wh;GWMhljBEe|h=As$Rx
zjRV|bf1LVG<_^L7z6gI!uZQ~6(ifqmq-H55krM(jwnr>WGrj4o(QJN3s~6?;PkFdc
zZE8DaE<~G2iE0f*&0$4Bv)5@!?r=U1Z?ii`YBfJ8kpxY&FJT^9`~qbzXWvhC)nO?{
zOid|?q{<9@O1cK!QO|IjIycYTLiVz1CR)nx__j)~vT3n2;7}>tx!`HA^>!odE>%>J
zJxet^&!J>^P=K2Z3l&DIQ(uJx>(%AF8_rB`0o$GUK2CnF@}P=hRaaY0tV<<sIDcYh
za{;+M$Lzm#C^lNxgO~DUY@Q2W*76javq2IkVREcD7VahWL|))881%^t|F8f9Ru501
zUSSL-tYP3iD>RIrBwOj}bo`y+)_Kg;ZsOw|+fmB|tC4|x=-Fuuauf5mn~gARwOul;
z(Ge+;{5egnD)Lp)bNpMnpfSwzen65t`u*iXZUekc#T6$$#KOzFv+FD(kJo;5u2A4=
zFB2=W8T2;elh*Rkf!QbCRiOI)x&GX(pAkFQd@!q{u{kma{bVZAbqm$U{MTH(?$5@O
zNQL_~CaY*`g1G=&yQf8BL}M?9{Eg5;&p;%{I+tqF+aP2JP}SR=FSt(?d43v(<ex#L
z0U$OjSJh`_?jl58Aq}Z8t}NO>FW{W2RwTq5CPrNQjt-2bSX-h@V*z3Y<Jft=zLn~L
zGDi*)8chg`RstSvkUd1NM@Dq&r&nB>Z_gv-%>#)$UAv>yEc2%tkAZoW>El!dBQBIi
z`8-_7Ez4*TEm6~Ha^MeQ!=+knjDa!;)jBcQeJp9a9K>G2b<8{^-M|ozP-AFBVl3ks
zm#+OTM)72zhB^T)(FHDraSq*mrVhX8$#8&`ErXB-0%rTae?v0^sQ|d1aC0U8WFk}K
zYNp1v<g9SvmAXXVIWYN(U|$t0uhA)yQH-6uWuMZg=BB2wlnx=CM}oK*nK0AY$SWtK
z7Ou!9)<l_H9L|kQ(aEJyxAniw8@YHQC7V_|OJ!V~1vEu&8_QNY&WN#Wtp)07zT<|)
zPzc@~WYKR_Rna#uPx1w>Ibi}%d4nr6&?P-gY`)7T{PyYO^XuqQTD8FWx!Iewe|hyu
zB56f3!ahQ_5Shu31Itmbd)gcUIu0NPsCx*n!;j2q*5-Q+tjAU{GOwZqXd0%mm=<A=
z6ozO;Dly@)E@z1XD0zcEMuC%Or1~f35UI&j(JBs!1dNh|t)YZff2c6UtzR}+3JzNV
zBP8Ig#x~pQ+)Q~i<Y%*NuKc-pK!3V-#6Sb>2k0Ids2BQ|YIZXa`m+CxknMqCLr*~u
zvgr`_ZCP}`NKC*d|CEOaXc0E)Ee$;${n<aFe+>&f*G2Oz4IbJnM;To*dkeY_W4{;C
zTy*y}X_un?6L`czOXqXN!HvyQ9o0XzmNnozDvRU?(N?IWmllFT89pWsk0#zn`5xt|
z6#7Ca?qHV#yTz<G&6&>e%{@HL<?M*;qkkq*&zswPppw_~fEe1G=sf*j+yZy+mJjZt
zTJw~5-O)~zMgft`tjxuXskSy9d@G9Qww)sbv^+u9oSc<yAmS5=suE9-eJI|a4sCsF
zJj{<FCBpG_thG3Ohy!E<^w;%wio**DkacyXoS1Oep-#6jvyf5Wxx~Mr1){FlCe#J2
zWIWC+RYVk{ZH32zW=n(5UAT5tL}LY4GaKu%OlW3Vi<)3gdNer!f^&gSShWhZ6@~{0
z&#KG39n~yj)~4pbniM{_9KpDwYQ=ntkAa~fOnxs54aQG1+meCnK#J?_5ERHUMainu
zk$R^k8kL))`Wxq@(90i{#BPL7mcq|Qlu4R9$LBCO^lXJKmwYG>YbZe-Ej9Q0pLaXt
zqz*h3x93gcEqwUZXh9%maBYu8#$;xzmG+EZ=bUO#>Qep4S>*f}hg!^o@BE7q2yv#&
zx}14bpI=Ct1zJz;dO6PL2*-5%o8i~*F5agC_TRiV75_oQ@IjL{6z`t&^;7?EJsY8W
zgprG;2^wa?@Z_^W|5}qvx$*g}y0XiDE;R$<R11U}2^*xOQu(5Nmq4%usj?QY3d$u!
z0P+d$TlnN&t_ohkaTVO*-mkG$9ec-64e43G+Iu#2Yy{F|qIOj^eCFR&&ACx-%+0?M
z3KqRayJK1Kfw^-c!<i^^X$`0I9~$T896;o_A}#QHd8V3_`l(GkQu}y&62{wyR$)6L
zeKKkZb$(uai-P^$A6XgDQH9RzoE!_K2-p+k)me+WWHky>BM@@cKl)I{P_If-k~{YQ
z=<GA-z#GOcA=;X7P+%L}&1lWd=^vKyaUe!~a{viI1%EO^J!He3@vR=_31bpPJyl4Z
zl5?Yn+r2&uGiF3C-_Q3<S<bx0ie>*5a`Q|?=>M*C9u9gzGL;d3#u0lHAIDjpg*q5p
zUHzd3g*4Dd&MgWD`hiSJ0-<>o71aGP78uaZJ>m;;=ke`Z6_MY6+qsg~y}SZ3K=`}W
z;a=9E9&~RNz{P*EG|pd}({uT0ul*yf7$RNQ=0b#a!k$ScpALrTr%OQ)6%+!G!$^U%
zUxtl6n3SjEO{&caF%{EF|EEd@w<kR~A@dq9iNgx_xob^LYy~8zG%xn_ml73`eQ~@*
zV;u-^)GQJ&+FWV9VyzI@0Wj&qGwHU3h7~bxAE7Mzd)K+E2Yp_k_uP5>{#M`aikzy&
z+@F3DSz_U_+5Ph<jezowkK6+^mhta&#P*(~01WOmuKwPV>67XUaus6u7&E#@69TPD
zydS6@@Zkl5n7&%ydy+Y*&$cou68-;L6T|=P<pIM{)3+wv2i@v^EXOd4qdAa$JM%Sr
z^%1_K9>z?G3g_rYhha-fiaRQeyn5F55>tr9LcI{Pn=R#3P>D*Ez>pI$G)}MxjNzsd
zbCn@R33}{WxyV0G20@l&qt`V#1p(bOr1%R-m%%05e(4BoQwferwY~;2901Gs;;O`m
zyMsp>I9iofX-MnWB;@@O5>^QDH0;23wf<*VK_xa$%;n+w_6co@Q7~G`!2rEhG%pn8
zgx8<3Nzz_Q@TdX8Pkr^Dh=_gT_Y{nuFrWU*6MZHGK@T8_riFbB49~VWIB@405GHY8
zwrKiy>zUt=x7_RyB#0287Vo{9$N*kEG31GRxN9wdCwFza`rODO7WRf0>7^8=q|6wr
zASsq~agsJ4tF~sh$4f;NoY?w&4ee3^zk;H8x=k{6A0UA#oERK|u|flG7f7CwBOPPa
zf{7916K`__qYkSTTsm4%uhfpeS*P!t8cy+qvHd%-qNK+z|4=(*1|6eplpF;2OpkS}
zH=kiG`fvkz^|!0LCAvQ>DxlqvYUBfws8AN(&h3f226SYMkCA+)TB>^6G2=m!@NraI
zEOE^@qE}Y9DYLw7XncY5?yvehiT2LW4MF};c8%dPu6=+{=s6aL0N#V~rkc~})5s3N
z4&l!M;rJbDxS=?W%CNqU8@g$GZes=^Tkh7r#ZyT3<S$!MIGbU;1{Q92rpG64vvO^L
zN|{c*n?(vaJ+!QXQ79SK&vRS!4@N>|2TD@G8nA_o%!P$D9Ji?j<C(PPloGx~2iV>=
z^Skj2?R8{Du{ay%dnMdGx*Sv%jP%&}z=qTri?2B9sQxat^d1o2D5r(10nDt$T6*Ts
zg9$@)LhR}H6EAZ~rx&596qz(Prfs7FWr6gIUXt-a-83b30TncudsC_-yHNn<FH{Dt
zx}lOPo`h;uQh#HSU+2q+TobPr4j=csbc|cwkaV%V>6~t8%om11LNY8xW*Y{_TfHua
zZnsk)VsLaHTT9C*pO@Q@E7-e#a0`V+`Fy_Fi)<ep+bs`#ADN<YW6+vSa7Omm9_skC
z<&zB7<!H0C#;Z6dLdb)C+n-TO|J|Ug{*tfCVyKBh{y!sIyEpuy1LNbbpZv5wwPqBF
z%l;!kMB+qI0N`Zzy_Ilq(uE1K_IL!4A#%{_r4UPOLgn0{QbFVr`SQ`hL3Ir4uslZg
z^_ChC;(@%_L=+^vTy*Hl%z^_$IJvS+TLi5N^K^|HE805sR`GlaF^WcFQl!Zl)|+8P
z1h`+3SF>NHATa~IlHME2Pz`V|$V1;p3Y{lw$UL=PSyc|(_&7+l-wLlU*Xq&sKU5H&
zeIYIAA%0paSs*CmEY<00MCyn8J)&8b`9^W+iws>cj+U5F?V@(%h_oVeEE|f|*#QFM
z8OG)+&2gYgaf=ksG_M;J!a$ByH$w|4&#`pcW6gD=>hc50%C9DdI>h%EhDgRdv4!q&
zpVu{u#J%6s$u%8F2q6Y3NTD`RORTLww1`BYm>>f{2>v^GO-4DUSQlqg(J3=O0Y}z}
z&b8w0IO4teZ*T=$BO}nYwY7<`qO{QBeB*MU7nS;iF*1s4cQVpT*pA=-gJbSv|A!Rq
zf>SW=)X_sUzb_6F`(IHPqSS_zgb74jYxA_ShWHX&OwsMY%cnuC$8qLApH*{+R_J*^
zs3qnfyl*7MT@SazRO`A2coQF<wzibQigs5&)OtB9-0X56u(|w$l5qh&&^DLvM@};8
z2_C&&jPG4UEW}iik_kiOFTjaYs9mq^wv_*=;acy}cRo?2tbz+GD9k&`3PTqUt-z~n
z#U1etl{=H#ymP%9&41GB+dglfx6(;njnLL$;-rM4+ouuW?;6adla}h1&=V(D_`%aZ
zp@8b>Le9ZJCt2(A!DpR_Sx{iUI4b8@6^Dc>Eg03rx9=PRc?JkC)uf`(H~tN@!vC_A
z^=F)@Fj+w>hR2GUDL^o4v-EGg{6P|9LpKgL&kjkdB4E@`>(6ZO{fwNmHevJfAo+xW
zc3Ss`rN`d$4Bs0GDRlgsn$B7*g0F!j>h}f}OjR{!@yx40v`iQ%<0l>I3a*gx#&P=0
z_w8-m-wet?Msy69)HOgvLk5*xDB7T3k2@wGgqyL;h!rr$7}6JQ{lQcG30U_>zqUpD
z48alg!TGwTNXPH<^nff^)L-b!e|0@idaWrXnxCKl{o}h-KuE~=Rh)1WYHttz&_r0I
zID5@UVSIXOQYdi%?kM=2Iw>?vS$tlR8b!>@DM_{`uuL;%TcuA(FFSe4brz6Y4ACPl
zQV2#$M|x#^;PFn5=eFF8t&?SZHgnc~?vM9Tx@0ECF>!D%Gh#>Hde5ECHull*eQiFG
z6GvT(hOiee7(q(Ey!kz1fs7sBoRfkcrp0#IOlKAg>8Gre__%8{AtyxF%({`3np$DC
z5S#P-EbdY}uduZ?a%JO3ga3)uaUyWOQ<|yx$T4Ee-49h=pB<*HJg^<#wBA=uK!HF6
zB5L_O0l-Wl@9op%L-EQ(8^-l>%)~YvQ&3#VD60?QGcAsM_nsW7EQ})eD0ym%HfU6F
z=)S>s)e>P@A!`_D)W@n6gst`_c<q9v5w3*=?MxpxOElUWK&r6bF02lZHaVSg`RsSe
zNLaB#IJsOm5ER7V{QiSBy6kam(=&BWB_S$8UiyvSyuoZt>{q3#!Z|e$9yokp^PEw+
z5@G1;6kWt;nyz-Chkjlegj2#(v78yBDdsHf&IuZ@=j*1G?}K~CO7&-pc&Q%gGkaBb
zm`{89zgG2m1<j+3oD>?-vVkFLqR_dmc8<IzD1`v}AYN4G&H9G=iR2`D6EmTsus$6Q
z4jYs2v6GW2_u~ejjP++{uAV|L`vjge?+4Tc-g>5jPx)A`c<o?(<9!L?=knG8n|fkr
zqs@)J7o-vie;5L?&0sVj(BqV1P&c1?+Ayh9G~-aQ-un?ESg16>_9$B5X-TEYraojk
zD>49AE0P|YtbnmsDuk4d8kggUQ4-j~)2%<n>Zi?P*M$~`Mc|&_9Y<8^$3_^`<tn;5
z`FFlh3@>`ElL);+1M1RnWWzfSEzJi-xtzsw%y1}S5|!23=g0ZGGloSqUua2{TY;am
z*3`QVl=Q<3R0|7iKd)lQkjSiLhnIc5*{Vvp<Ar3K7{{FHx=S>H9)S#x!r1jqkxHqW
zJwPjOxc}SToas5a0`4k;R;=9!jl}3+l}!|nllS$tu-epZf!o1?WA)F+s_;hQ+ICj~
zlqi2~@sJYaTQ?A4o@-@LSebkN){<-b-CbSz$<f1T?=3J66+Ge1(EFlM67;R-C&ynf
zID~EA1-}_paJc<4StZg-5#tXW@t(j>)A2XQYp`%Iqa7@?jKJW;YqI%57v#|HqOYs#
zf2+SQyk7tih*TgLMcyB7G`!Ub_Qbwf`~h`_2urC7p_Sy3Cr!1T643(ooEQg>FgB#(
zzS4Z9K-CYA@+e0S4(NSp<Z%jnIh_@>hvo=?6C+jU8`n$vP-vvbat4s@md8nk$P`Lm
z*o2#RKrn?R<&J8DpHk5+sVh`x{Qin|dOr5h*6tuD`!?yCX%}QY&DSeW&@1&46h$RP
z8ncPgl0Zd0tqpD%b+qDoPdv)F9;OsyD<7oOdTyCbrwX1Gmpit?ox^t8_1W(B1g%!5
z7dTjfM7V3>basg;DS|8tR5V^<I*Vm1YAdiB!M^_4Chp`x$nR<w6e9q$*S46p6aI^~
zXTo@|b(+@B5eS{f9k|>?o5{@t%r6_buG)lu$>BD+__tAR>5DsKp1IexI+R}=L=B=b
zz23eBX9NXBuGlgODGt5b-*?6{r|7G*9dimX6Zw_U59KUTT|rQ()Y|d2S2zwXOkf<)
ze-9H-Z<x5)lOh!oj!gw&s*s38-{WGV{5F?Aq<V(ES_4}+ENs#Sjr9CS@&S9%o<j}{
zX~BS>rnH~t`JnKNga12G|L0WwgzJ_-&#z`y4Z3Icy6OBAf0c*-0o5v;QVz8a8H^D>
zj0;9)k4PWGsS2Lo60gRypvI-<Mp`rhxjpIu0qeaGI7KImZ?G9U%V?TbiN_(zS~mSp
zA<!uWMYR|rV{Mh<-V>KFG9{T1gBm-v+O;%36o&wP>}F2F*k)wK9GUU=QJU4aRYKXJ
zJG#|+M9o<OWmK6;N<jhMuAxaLRN&_dl6@q)92Q-2M_Gt1c(U2|y{x#P?fEvyi8-s@
zBM-3kx@_@{z@i<O9q)I)Q;bMqfk=}UouYsslv!=(m-*G6<3D@By|MU+6&)Vf!N4(W
zXXFq>t)yfyhzQx+8g*cvvBs9cI(Lo@=3*iJ#&&XQ<o3}lZ>?7%h7qpHX5m3W*K^p8
z?O|C{4rWl-Ub<pLA6|0C<cNZoI48!*hBE^-<0pPNXN>i^A!p6?`E}c$Nc#DBEO7Yb
zxO3&xJ=o??lF-A!A3cM4lXs{)AGo4tpzlgLn;`LcEhh|Y-yJFdbT5)82>G5w;#C>_
zouL)|siqoi{}%TDJJ^qlZhws+@$*=CfnFxw6rEd1-=G_Ru^z~09lDFbV?Yls0Z>9{
zNWVy0q?vUQZc2PMY^oiNLc#M4qVa48pNLn}d<b(S%Cj&ug!=~gA8DU2K3}V73A-?$
zO?CTwG@#dc-wD=#VExUuhCD+i8eo*PNR-(g-Jz&2<QZI=M;<^eQr%+HZxpon+f<(^
z@T?&gQ8<NvuhZ1x9vC5o?;zq4?e^#Po9!QTWv8TpPQ{HoRu`QJw`m5`mkC3oEC8?}
zPXnm*165tCX6&KZ`#%qMLvvu<Ae3;A$XF^LBs|H@;;`{st1qqYA5@y!(uV%V>qt1<
znC;_SRL`iFLD0UmHvPi4tht?)P5n8~<bj%)vigT5ieWX2vO7^5vZuNT5@it8<W?b<
zP17hug@_2V*kZ~eUgLY?#aca~mc*au6tU%ZF~i#UqfbM!eA9Su1qH^sj{B)D71}M$
zR)wY)9baU0%DN6*us;n!vfi(}e|f{JPOz)uvr8~ulK=L^N)0bnQ<w~{5ZHQU2D@&3
zjZf8|axj~^Yy9MO%6|LKDi#a=p9;>i5B;BE0;k70>edUzQ_?@e$jXx&ZWMTpERYFC
zg?j!ipp#(2qBoh@7AZ4cpL%_?K~Xc-n+S$DbI%48KjTtXEv9FaqBgO7ZShdbik9tE
zpJuEnXl?+8W^C>zCZ4ooDU<uEUkhz-Z;y8(hf>`hfq0;hMjjeJFGGI<Ce5hU147^F
zD6Ws-%-liYHONnY^R8a5YCXeNbI55cL^Ck=Ak_we#up~v3Q}^x(9swL!O58e0EE`;
z9#FJqbMLX^N55GgtEO?n)Ee*cIE2d0Zf5^o+1>&Dl26#i!HHis?2QI-3>ECy1?5u1
zYApQ-KX<$ZJ3X)(RN+0`p6F(3f5ergStmGdVmCw}P>T4*dP(7xiN*~OC~6NvgMJKu
zZE{Y2p)W92H1v5g7daR7!$!T*AG_Wex>4B+c6*?g_vW-;g%|tlzE}AVqeLECI^`A%
z-OC<_nTBq@ICJ|*x6r(edZo<^Tl4BkM&TaOPKOiR7uGlM+KkC?d$2+ri9=^7mFar-
z)K4L&3!X*0|6(aH=6InB^_@f}U$rYXyrY#Q&zFlJE>~zQa9W=A<7f+S_}$_>sKt_Q
zif{u~#y=xaSz2M>U@Z>qeqVU`la+WwW?Hg@IImD&vEbc`YBp#`96Rqs+{uRy6*rXH
z|8opYHljW1G#Z^wZ3?wSE=BxzB9&@$J<B_;W24I(^fx})D38GX3j%Zj2i`<K{Y+ab
z($v3`#?<e5=4LT52n=6P++a8N4z!!yYOsFTjOfX3tau1Q!LO5ra+LyziInlM5kpj&
zNlkla4mk=sI2e|Gf27kk6!#~fv(>64lx*dcU0dvhS+uI+Gd6uRM)A?~t0%>kq%UHx
zH=*x8&X7DuV*rx@!cgBcxN-4K&!&=HCTgEa%rz;y?QCcbXF6LW<P9_M0M-E)+rsbi
z`G(=74VU`^)_Qe>i9==TFV2X3vM8Ma4V8SVsF))Or!@%PK_qT`T{$=5|3F7a^7ucb
z*%x@-g)iy|8Zs~vCzH)-bQ(~_M%zeIqTO-9$+Xl3NZ0=On2%!>=SF9`*%j;$FWrVG
zENc`lWG{n!|Cmkv#SBmNR*5iCH^Ni{cWD<IVRLf?fM?!qNrOd+08{}M$K)#kTz&!6
zudRpxruAKw3bP-zlQ0mb9M8P_fjw3Fj})A(qref{d;-qUkQSZ9N>TIQ>yUR^j*=U@
z4hzD)-)%U!Do~eR=t)JY@CeeXgE6GKjWi43Bim0GLmzQDAfJGH*XAIU^r>CDZD*P(
z!@y1j>(~BaV1^1IN1S1$v14_*FNxvIE0S(1TM>e>qp%aXu&q`U^h~A6!8rl0kR|qG
zjqbQZwQ8dR6)qc=wVQMovmq1s*M1+*&p5008=5bDj3STtoAH*(E6<)W(><&gg<X2q
zM&u@79zdAalSQE*JCwNQPXJ!|3ob5N>Yz4>wZ`A~HwW6?F5aOMah$7RoWvr{w2|{u
z=cmEUL51*_ByIn*?>8=3LWlhNEX)_A_o-XF%3c-#6ERCdwlRU3LZ31*^#Quy=O*mH
zpGqg()Vg|M96xXZwQT&VplkOyM4HLt3++(H9%yuPKXImW&?v}vy;^|&oy*i<vC-D<
zWd#2pvxBl(!d9Ql0rTrTm_Uc*UA9R2czO?)$B%ON#8{uh)#&iKh{SOC8r>8f!|+`>
z<q<$F8*aLh#$?N5tkRUo@-6)o*G{`F>umS<xFjKriHQq7qS&AL^?-Du9!4I&2kU8;
zxMbcKW3=O7$WcVmufzY4b|3Hm#2p|6h}ACxJBm=1Xs!~th!9n(HLrC8PBJMSNBlL6
z3SxXPC`~TF1F?kFzwF;al$hU?ZQj6{Z_AU&3pG^OlTQzTVLN!he3$KG39I;!38IZ&
zaYwHedrT@KBNCX9fwkzT2G;3;+QO7)ESW`KU*s*YW^oDBr_qM`t-w-m*%o8^DW`q+
z_ANLpM3q)KtS1Rk{{(Qzk;&GC_~G^lV+&p{o2hM)M$(tp2Tk<G8Q|cs7riRtIMD7W
zk&v!1S=K|5eg50g<m}^5+;OUsnCvU{XL`}yN{7|*(@)8<c~?hsM0XqsVSkQaA3nsH
zk8eOOq(oyy=)u6HNI<FmbgG~zc+KQ^hSeW;!Y1+_BWWrM-UbvP!<ncVH-+x|uXChH
zl4BuiPX;#=o#kbPt@IdJs-HBThkZc-=<9cBqA#~t@k*~@hkBfHT9&Of0G$NLZw!-C
zrai*9pNjQ+o@h!On$j}#@!kXC*OO^lh1(J5!e3PNo}?O(F=yM%J~-fx=Vqket-csY
zdRkz=)q_<!<G@P(Ft?q6L0k!W=0DInWEnsDir>QjD7sb3g--GdF^cD{$jj5wu9&=b
zx3lxYyQo_p1Dokb-2N{PjmkfSL9fk;k?}VLQs$mqK_9cC({ELJ52LtqeVEl1TbsPE
z1hrDdMaf;UbibYw>CNNVxz_S^v+%t*o8g~5M<Lp|Pk<)YaW|8frpE%W@&M;amoEgb
zZE2sDF;4`ijbbn1QdZdl`*el~^fBdAIvlt-sah5enaNWbDIbPtJX^a_Oqe<tNRXg?
zL=w>Y2XO&m4o>We*>v%1%u+><&()~JjXvifOij@p{P-8exYEO4{>x<d!~mcbcRqZu
z&7v}(?s)Ct;YSiH9AV-Us+j8gLTQomn3z(T4@~pxnn<Z4>-XnD5rR+X#$w6ysw0;9
z{J&=VdWYg#>8@6M&W*AvTO0vf@h@fnQsQofEY1X&T4p#q0Gu8YgGkoL1#bjQF%d>O
z)*u6V2<fByO#K$_8u~>IZX7QjxpIGOz0~0vzEci=+FTM!MpZ?N;{FH5V%lcNYoZ9u
zKI%xb@W}Sw-ViU89FhM5V@A#JEm!Y7L6(cZ7OL{&!9yg5(TdW&aZbpdEmg1Oq9w5!
z#qGh}Zw-jy&%;#Beb~O2$QD<pP~~2qAIV@t^SC72l*=#i>h_4H*k+g^DF*ZyENvW9
zKN5m2blYjIp`;AHLlh%NkI!3}YbI<&D2h3T<RHKK>V_?(-sXWIAeLH;2|P&>CUMAK
zn+jw%o2BcZ_D!x)cXu1EJqa!7?O5OB!2E<fP^_g7Sxr=4e+Rue9eqO*6cWOFH^4QY
zNEZ82R;xB@i<MqX$Dx08?#6Mvp=X<r(;-$~udTF#*u9X5WT^(ydlBas8cbYBn$P&)
z=|{JUN7f}l+{iZ@|2R}eV2md$gXY^$Sc}vDQS2Y$-8-nlem{GV045-F7W`%Hc9gLb
zBpUZqyV*Osm@hpN4K6vR6&%}b64RfzIOePczswPcoF57;lA7G)bw2{H)%zE=gV`&^
zi3k&k?XyTiQK}%#h!^xUOEi?t_w$-n4Qk`4JL8|1$<4A5uk$Y8)x9zbP~c(ST*gD9
z0)8ujeii*nGTdaA<Kl788-EgyXgcsdVx{p<z|<CNP$HKVrJsAztnu{?o)_mT*w7*_
zj18G>kS|Mrv3yarNlZ)QS5$wb;ur__yzye4?Y4Rc*QqA6Bte`g<xi}^JP|1m58S~)
z@g097CX_rx$)ZkItK9hi6!!m>s3ue+{#+9?NaYB5^u%r~ZOX)mjg8Iem+O%i(G=}-
z*1~r?3-cibF&~0cD|?)z`%Y}f9L6LSVq6KM!((#zVheyB)un%{jF)dgLULc96Pxq;
zlP#8<m$4_fjGj?Ly}Y{w8gUN9@|*bQ;9<GO5+d|n*Uf=7&3wpaou#Mk7quh|!Eezo
z*X0aLaH=6Ql8y)lIx3AYde!AO)l*6TS~URqXR%t9lMW%RRzxyGhe@SP&6s`wyWPiw
zCf2Yg#CYhfFgz_w<3-B@x^N*#_A8vpE30<A&5ntixINs_>(B5>4*{C7Dq4@t_x>4@
z=0u3h`+IU~|2C{WKmGtmn7>C(T(rXVOox6vBoApw@yE7BhfHJp1rO*yw@3_1@V`R)
zLY{A`T1D3(_3r3kLAGR8TBO97ek)PnTg(H>hN!7ZUB)Hw$DAhAu`&4LVCD>x(&`P*
zCp<oU`E<lNtKlxlue;YHG{<^EA}DrS5Mw6D^OZJa>CZ6(HKlp|V}JKPwu@jasI3C*
zUW?&b+;QBnaFl7xoEgOj@{L;LAid+nak)C<{Y+gMvHb)f`riFeMI7{~4z9g?j5&I9
zTM+M13`N1s(bQ=;nsD<5R=J4sR+k-!%ePALO6~Q6hUaUH(LrFk+Ce2_%}gH6wh+1I
z=d`;WYIt+&W#9GF=k+OauWzC))k^qH9X2XgU0GQE|A-ta*%!8&Z*p+D(qT)|aoWs(
z6GE!yI2v5MdpN)w0Ny4`b|WcY*32sOEs6Ih+bpWiJ*Fum+N?J4?d>rM-)sU$eP-%6
z-S6M^jSVtlFck--KiGApFD9gT=Q#$>DZOSPurSe4<A>Px58H2rzlb$@h?533l{{gX
zKfjCSMn(!vh#_mvKcutAR}$2#DOeB6MRGaHH!@y6Ha6}C>)KfsiY_?<wfTX$Tf+m#
zGE-1yf$hiIl%c0aNoAx60H>5j$Oz7Y2p{6`DY3^(s<~c!EIXYZY|Jjr!Oju^)sh_}
zfRiN>c*qY^i*op0cj$Sf$kirK?AptmS??9xSz>5%!8r(Ji6Uz&+HlR9d$HG11)(o|
zBE2(a;#hf#A2kxE7+t)~NJOE`c7O0!j}W_Zr(&7`?ezos^Oh%2XR35xwVXH<)e4+L
zm_Aa|J`^V8*61VC{#ef(*R8S8EvR;DK(+Xvvr7m`S>M92DZ4GEi?@dYIUIu>hr&gu
zWvSW5k@1xQZ?LL_%---K<&<s*(NL#G2>l@*4Du@m7hem*USz#@n`du@tR@w@gnD}T
z6yy&A)av=ne5tKX+@^dE=FPaEhmIN#!Ze(VOwExgMV2JW@Z<q<W~<N28rri1QXzQ?
zapIk|Z-zydvwrPv4kEX!lYW8K*AsXD@qO$NAS$TMO1Na&9|+J0uM57@7(J93aBQ39
zQZmI+CK}@TsnkO!ku7!H2@p%+gde{wP`yYp<5c)1vF7_Wj}g$8O8Yhw)`Oz^{V~8V
zAk}tbiGYXfiXaSg7WcB7fQgqvg17<(E$~!11`X?VT;b|YBC*c#ny60?4D7I2*C>^M
zR_Pji*MzN&Z*qp#LxsO8PEcqK0&;n&kyznc7ieiWZ15x&Yh<*h9Qoka+^R>&N+0yQ
zn;8@q9ONFM8gj-tEi87!50SG5H)a%c9BkIpv4)6t3OLO@Fsy?s@F>YG{;`_~p(HU9
za#ITw8BJLx#BvfYqx?SCW;}c(kEoPwqH8qaYdr0MCLvJc_$gT@M#TC&<_pJb0G1{`
z-OysY7oFk{3QHkMDH@k8{eE!wM-Q|l7ZDk}&>L|7(0_V0Z+VO}{<mB}$uT_=A*82R
zEO;HI|HM{#8@~_Xk8-t?iw`e3IdHz{yQ#vDPWYTEEFaT)a+S3jD=tnZ<1kl-Gzn*S
zSo&Ybp}=VOxk!(?sZ#%C9CMS91!24fH1ml;37k;53z<D@Nk*)|zEU)EV!8i!1pABr
zpFm%lBJwSq?nx1ad0NQrHkTdZDlQ=Qd+#3{TqN)04p2~DpFb>~cR3yImRkBQ;fcuD
zrQyIySHiL0*ZKPDUVfo{(5Yk|@%VK9PF5{=4H%(c4qki|a=NPttCML<t_FGgXM{kH
zF&BWw!4o&O9|npmxoEXp_-p{L*<xKq8J}(7_^Cf-CLXF5N(T{7el!!FD<tLDn@&va
zAQvC3r74UIB0j0Mi9`Ozd-3Y4!zC_vDlV}}_*;iP#tOsW_alOSD>m6}wfhoBFhVQ8
z)DXNJa<MqM2j;A6CI4HP@-|zL0npemU$!Q+Tumj<i1bkkj#wC3%C9fcX$k}O{*`z0
z$b09uq#(i|JSJ>rFY56-+N5?FQD2Vqf!{_(>kEwV0j>^*`ElX5AOpISBb{dIM-pL$
zkf=>%X(UMz!6;+H+OcDnvi!<A`9}#OXlGWrLifB!D<Lm-h8TwWcNH1tNnxq_RO`Zr
zbTv<PDx<%jK`H~#D9io_8}T1=`z8PT6tP2eNQerSDQ55+C{+0P_nP=j9;*Qkr~ZAV
z^_XpF=l+i{%L$z|#<ZZE=`8<I1UzSdWO75h$Qo+%?wrmdyBEe56_vL68yviMAg4Y4
zrJxTIDt6&N|3gZ(@AFRX&BGhEN2=YLJk3^rh_S`W*nDnD*L&*`XRyDmw7#*zDCk4I
z{XI2_D75&-s6iF1mCj!vpT)f*aAV17{YSqtK1Y<rM6EDVtjb2)BY8AgwTA6}(T&%?
zoQ_ZtbLC1EDeDd~n>LJ^G7-X*)nqZVMsD{>p{f<-H=PDK?v>ez0rp+*akz3>?BIt;
z?7#>o^x6}l%w0p1YF9j_+x%GqxlNIoHFs{we1jsFf=(;RPs`e{AEDki<B^`nyvE>u
zU5|uJatG6mGBcKo8BSz;2j;465Lj!4GD9P{TWwg(R}P^9;4;@!m4M}#(@;bKi*2&K
z#_HHh$*{XFs;ZvxUCpmmq&@<bB&W;%c*<D1!wA-UZAF?z)Yoq8?K}pt@`{XVORq-T
zI@4YK=Hq&luiVm26CoX{_?UxK5>n8LoI4+i#y1TEL|H@gqtTmbza+ziM?Ug-kuqBW
ze#K6|FZLuz1$K7#B*cVG@d8m%!3*Hv#0=|g28V`DRQ+F2(9VY4Rh!ivSLWjkHKByN
zw^WG}qD5oT<I9=c9fvNi!L^0_k^UHl2X^EZ4p4Crtn;u1E%$&$rp=R6(}ny7*Hf)g
z^6iH6f)H?bY<5`6`r+xYN46+~ud7{Te0F&(w%HR_gaxCZ8z+v{W&}EspF35!o{XKH
zuQ9i$#_(-fJz|Q;_(?-yNZeyyD3v$=yxB>b>FP*nUw%&?%eOTxfyaVAX%y|ZRV@+d
zlGU&ULPhwBYUr^Q>})NE{=QE!l_`KFtn}(<ce_6Z{Bfu9Pk;hua0TIGY!+x;uzM~O
z2(HeZFT09ze$<^T{OcfecCJL8!rF(5z<oH`<afPCh+3WKNnwcgYL_7YGE1H(hWTkr
z|9QqHZ4Qrn19oB2qkh;>6*nfU87<Ce>f>_+UWm=Syz|8;BH&yQ&A!tYC}+^xZdl4@
zG3{cMAc2+Cgx5@*ui`g5#fE1wb<xdcI*Q}u_vbjN;UBJks1HnwFWpI3j20c^j}J^v
zVyYcGDkZ(JO^V*o2{Dp%y=p(ysjLezb5TVqQGdOV2BOO4+9)qBxyfdE$m1_X<bN%1
zKP)gnW$Er<lExECa*#wdTaytpgzxTX7F9r?OA7!_VFS&wMNcyRZG7lI4V_1XsEG-=
zxP-*b?g-+y#aW4{ZYpT*B6)CD1YYE#^y4&wz9YgWt6hYjAlUj=NvI$vDNIx(^fC&)
zDDtO14=cDcU{n<1*D`t1SjSnDpX5R{v?vyX0h^#W?7`t<SwU34Xfh(5fr=3iJCKqx
zjhAxx!L&Klrz+I@$Lx&(m)O_WI$f?qm!7(Y<ry}#5vzAUF5+?&mjctoQB}poAqoo%
zulIjrLP0|pu$cw~e`gc85naEEBNh@5f<dMf+pB?1)S7_v35H8%(#7s_zxrH!lh8gG
z5&Cs7fwfuXcb$K<ajk^)l!LZ1BJiw#(H|(G_UgsMqxEeC=gMZNOWOwlS`-kjP}-)u
z-X>R~)>${=GC#~As`FF}`TNWq$_z@F5K6%?c;NipnbyG|2>pbk!+xjv;49P4FM|yX
zUznA0CogXooQhbSoLN?oGkA^#0H$RD>*C@v;S-NbtPvWf<S=$acIEywPTfo>44q0m
zQg3CKhw52=yJGhB@&8-w=xB1?9wGw#jVerA8!#oC*BKpTmS#38nw<NdUr#047i+n7
z{^<G)^*lt+F8G&1VJ~Qh+tJhb!=F;^q%i_EgpCRH%QLj>Z+w8W>_0#T80>onpkjP+
zoz*y+A=%pWE<)p|R%3}wUVFbfN}Y@bL}Uc`XdfY8t@jK5*YY+Fw+{v$^k8WBY8fi<
z4PS+W^?W8rv=jb2`w<6h|3ua}+&cxF3N4EYX`flh|HITfa97#}OQ69{vSZuUOl;c|
z+nm_8ZEIp<qKR$Wwr%6)JLjIe?%HeZKk)S1U0q#Wjrma`DlX`KO2tAM)6GWBxD+Zw
z^l?NI{B>9VIb@2Kj?&xi|4FJH-&;gg2`O~_y>b^ME<gqO?P!D+%<mbt@1all9P?YX
zvC@PDs?TSeKaq#$|M;&iKfgkth`9LP>)*EPVZETsz^>`c_KNR?=>Wf5>btu&E`fp3
z6<=}GTleuuJF|ILg%wV`^1aZ!4u|;KOsA`ZTM#*HJn2UU8+lNPk_2Lad+;@gd@1I-
zk0r(?YI}d>J>mC=SIS==K_tpg9)ph!f+*E)tZfA7#R43j3W_}}Ns+rJ6%bGaILSbp
zT33jC?iOKbUnBo%@QU~riGhL^l-e!ZzJq4WCdVra@7FF_PWc`jluj3SKU~6dWOGFZ
zJ*R2M%J$W27hKaje1-mo{zShg6g)$|C(y#RoXqT<8Htzj`?n8WgXu)%D#x+5_VFz}
z{3QhjcC{|1F2a-KuB}jSra-ktO4$`N&_kjp(lgito$|Z-h<uba=xa5mNA7a(v!FzR
znMs@v!{*2F2NT5c8@$jE%p~%U$>07w?;j2eVJ7pD5^1&hZGW97X&_3-`nP4b@kK-^
z|4r9%N1)TfSl+FFBAkSUhxvu8OvZk_x?8A(heb#S84+Nnb?E-$92+#(MAsD=>{UGh
z;#Q=(ThGnahY>-hxIEVUn`ApsOwrwBtq_I_wEgw-T>p+>>AuY)d1>r_BuDQXz~k`V
za}^*n$)mg~;L|4T;Pbx`)IzVpgb>yI2t%6#WV|ys(ZsxVT}I|~0A0|<lldThfC080
z7DlREkAE4l<C<<w-DR!u&r8K-1(Uol;8|DAdE~d0@8mnSi_&3?I@9{+bIofQj8=3!
zpcUP%V3z`(9eRb}u2g87`r;myhM<fNU8QHrm+X>g)4Uf}D&E)&zK-;Eb>-oHjB7jx
z)r)8y^`_OEVZXA{r55Z_hHMBX<4oLqJSLiHQ0T=xz96y94h9*F9`C3(I}`qp;8&~(
zQ&X%%`1u+=*sGz}^Gj;)<uRVG<(^v=uQil0C)%$d9RroGEHbmv+1_v?zv=3k(y~Dz
zcBWn#zdo%CJ+W2oBk`{;9bd<eDO|=gd_aMc{$v!ZrZbH8ZF1i@`PfWVMydF9OmX;-
z+}&Y!n;_x0pbFNxpI4b)86DquIkv20)BFA0qs!HT6z4H30N>OmHzKz4TFYfEc!N7Q
zf5B6KGy)uJZO24vIq6zpo>md{Z<j_ecEOr)lVwcmNrKRHkvTpKRulFf*WtOxr2Wxt
z$p3;jUsAB@eM*#&i6zPt^?=N4db!@g*H`uZD<+DsGt2JZTR3SUd^-yxmG_$PGL!g1
z>JmsKy?yFo)WIjs_sJStY?DqlMjm%0Nwmd%CvWyOFdP6;x+IXi_ALY6ssl|UFYJQB
zE9x?N+9+n`FW_nH_Q%`vvjp|%Xfkc+cOd2~hxbb8d;4YZQfv>;ka9Te10T=Vg`^TN
zNcr)j+YDONBmi_2C(vokt{AeL?!=v)GXYiS!e=hLafT`=Z?W0E9dA!|kIz?BXGOwa
z2-eqY10}ZSi5p-_qBy&#yM<`xD}TR;Qi~{!R%>F?YF{}zv)k~X>jzu^&kJD525R?l
zVoaUM643a?f$TjrY48#38q4!|!#SSLfmv%&`xl!FAw5cgSJY&Coi$5VSWcN|UYTlZ
z;Sx_PxN!rjuTvi!j}yIn>xxd6U>%-4Q659jGVtFM$>st?=%0{Zk;O(|d6~0~Fw&G!
zuP%@oOH|L7-e1PBI<4_ZkV>gVlR_?;Fo<p>b0!vUgukt28ljvG!Hf<ZuEC8r7&F~T
zjqp+O_52!^_y3nvy%r>mGw)0S*dnl=k;Ykpb>cmDD;FK3`@8;$sIBEI2tx|_ltM*=
z#pNc4zzHsddr$7%_x`T8bb#^d?BIpqf@&wzw;@R$3DT|2K@73_&djuQ>7IsatE8I&
zDn^2o)R?~4cLS`UBfcm8=pl}r-$BeL6k+)xbeEXH&1!CVJs+6wKJf?Q*B_#Xgz=wB
z0MJM`kUYG?!HD_-F}u4P;S<FoW-&DwHd5PNfs&RmNwnD_h+aayzJ%a0dv+F-#YguU
zqig+n>a&Wi?0~&Z=PtvcojLg;?1FFXg~e3~g|_3$U~tObZi~KLX9kl5O*-9Vc@brF
zEu0!rbZ1ID+QNZwxe}FcgE7nXR<}@NfA)KxP6zMbZ+f9V=fv92H__7hR`eKa^#G34
zx@Qjw*GjEUB=PrZfu3EhUpT6V%p`Znkj_FJs&t>ord1oEEq_rx5OMoHy^x>YAu+yO
z(5)@dhjvA!HKJXKcvw^Ih#2q_`3S*^+-(XNbhA}uj|lX5!d7rU7(F&!q6oj|c<kc$
zuTD&}Cz3D5yFZ>|FQJy=Kq`4X2}SXK+27xDTBxOzu5?mDHkJpDLAmN5j)F5N_U~3G
z<QSe~>fNmGAsO8>{fqzlTu^U#phBSz$Dq?e7luOg%bfjlO{u>TkrTdSVx}SXvrEq%
zj*ttFuHB``EzUJdLKEh2JOiAx3v#*fL(OgZ)LQaU<<#IQCc0F<5$upoGxis=r{T_@
z;2L^Gyx1wcfr3(z<`<Rzv>oAX>v%tGJ=yL=V<V9(-KZB`7_ZeLg4}Q;R&#IBz2!K8
z9~$kzB|@?8SvEv2UnW3wMRJ@NWx3E-jTJA+Zi0S+li^GQv6*gLkZ}ddQCxvob^3LR
ziS;hG@NsaUj0KnKq;BK)K~nAZaOJ@jG-@4uVaUh8NF6TKYIV@5x`&(lc?xYf*TLSC
zKzrjmLn~f8g0jIBv-x^HTQTmzePi!}-@F+-|E-^X%O4Ghu5W*i9wqlgP=`=#R=ZYz
z_=kn2?(AI*q{i@>$pi68@Z*<NS%QVW=Ftu=Z8zFwt1LKRUJeW76W*Zo9qM3k=6FhH
zz9|!Gb?lfT{`_|}vF$B!0eQD`m!H0S-HVd746Pqf0qeK%j^`lUvH`w1th(LzE8yx`
z{D8<zQ2F=Z^{=UVbB-$6Ay!hQV~L?SG?2~MfS5x1a}yYPdiwBBBYBV@CVeUr!{Lvd
zKV$)Z(MW`-0W~%9g^KoaQ82ydIg6ye7hF^cOBg#(u>~4|sz3#|e9KUbW;-XuQ`?P@
z2Tz0oX?VRKpXI1xQ>)PwIv#y%V$qTXo(B97*Z6au#GJRBvl4kyl9ED-qZKPLvx$1!
z$D0*qEOs8nDEc4^vm=;&9<G94tVc*F=>89PM@ElRw8-g6QJ^_*hJ(`xY4z`DTu&De
zZ}&jBb9S_FoUEWGI&zc_P1eDi5*(+iX_QpCbJ2o9al7q(PBb}>sPx1k{i0bkYV*m`
z>1KLaCHZXMVY~uyXwhzl0N>BM+jynv6-<#YzKJak_0a4<M*CIGbHwIA4`fOP%U-Xv
z=C^#?qeh8lUzosER)P834YTv~h@qXE?E^mmMx<mRrNz|gmHkXR4d0G!gXaUB6E*`V
zdZx2zvR9)z?}ySkj{}71)6bsQGH(XsL52JCE!ZjwX!Y9%v!LQ-{S{1ja>3VV!Hz}&
z{0}r!IbM+?P9^4KkUok>zJr<AuAY0;&#)+qpoY7yfe8^KWy=NZg}XJwy(c5P=eTcr
zTEnk2jVg#CD><19Iv$!@BHSm&mj8SI?(8%#BNihXm$g5TOzZx9876k}LNJmGxAt)v
zg2l-*AmjnJx5|#W-b@_^w98t!WJ3IAsPBw{ak53ov`|9a39b4|p507o&W)Zr4h01+
zFXZ@Y!%2p40TeZLORP(9BX_>NdwmLuRNFc@hr+2Z8(tcj!IW=T7<D>-isMH*Bg$U!
z51~X^?;Xp6f&RP><Vq${&pA9A3P_{_x&ML1{=V4$sSzNEKSW#upC{)JfSz99ysa+9
z4N8Q56f|++G(iD2aSi4yI3qBce?6Ql-<+XGlkS6CAhy1bO>PeaE`P0~2l4nuc?Cz1
z=(tq>4%W*4YC_h3_!asK)}S)k4a*j<!^sM%F<qUQi3HCbi^cr60W|6?;*aW_f`>1p
zaUp`PS~*$FFzGL`RxokJ`sU=qgdiVS*c6zlZ@nFiU(F|N@~c$W!B}c456CyjHw3$f
z>CJ5U`bm|0{&B<n{PoHTNF-574oZ6_yMH#s`tt)V?QTv8Q0%dDzLH3Fu?MGeZdPBa
zgW!1d8Mf;Fraz0=HWL~!RX5UCsAR6afcO_mrZ2oFu*T|u>6}LczGG;zzvS;|r$c$h
zz8lYxBzl9Br%B6Bq$q(a(J`Lk?tG<N99;4*Z0+kUn4$f%VLb;HvB{MXh`sxi`&abA
zyrI%7{a&oV$Tl^Dp<p0hs~fcQ$9mo`tmsD8vAs5T+8Qrq^1^>oc0G@CHRhj3cJ)jH
zkrBAldzMPgT1VP$EKxVrULj;+qzm)Oqfkc7x|YRoimZFK__$brtO`!+IT!U-bNbf>
znqE_L6faM<?x^Y`{q28=>aWg3-y*V5h%wc?ngRsws0nN+!*CX79*kcZp%K=SZ>v1f
zg~Yku4|P~vj?4iCh9|@fef8wDj0Sd|RmA8NyL<%VJo)yNrW|BSH}FMJ!!tBfmIX_`
z4R%gqryp-&a<ai?gIFq_F++K*bNUktA8V>Y!CW7;JIkhNU5A+34`2A?+}<JBeQSdF
zKB%e~i#3fbeJ8B^JH7bZ&(TJudq;yxgyGo}+}oEInN%h6dD;cK&+Z!*9C!OR>{R|V
z7oo(0MZvsVxSSU2lR|kt`BR<-3&y|aQP@FJi<rYWV9FTc4Xx@WWL&#raoP0UOg(6G
z#g+@sfRSFk?nbJQi$pY{;izh|1(il%qZm{ni=-HaX936wLJLKb)XKI`=$oQSqcd&?
z(f`{Ne+mM0RRGUCEW?+(D`uh*{({iU&Gw`*_}mm4xZk#WP<ncLBg_oO!$_sdG?ls?
zn)&!x@dcHOX2f8W@GHujuJ66QC#Cg*G=C%T#17LoO9*#n^j{qdmGTVIgSzI&hjo!8
zsaTT0HR3gF2(iH)yFS3?Fa>=*76)ck7^0(-(EO83W4FC`kj|^#`qD6N)*Cr=pA|2C
zHNT9~X2{bq>*V9$zir2_=>gsf@6zgDDm1JRf|f~C3PP=jTgh*F$>qWYpIe59evq@?
zmBoHfZ>_;;EVe&rmT1B$E48)%x)6R#p^o$ouEIaFxDAJkp_*OD{ho{o?#~xV@9s02
zu3|`Xrb55|zL{wai~4TCSoT^@B(a+iWFgO*#ZOeF7naA{(9WhZ`K2kRUXl*=Eh&Xp
zcuv*Ic{*Lr6FD{w*0a!-ROP0M23Gj{OB5yCTnx)GWJV#{cR_}PbRYMy_LC=vG|VQl
zWb`DU5OLX!WD@$y?JkY)?3)eF^#9?^QY><+s=m_i4~@(f&fr`FN0Z`}ninX+Q3exX
zt`l481h2I_GIc{K1EW5+I+<mjmB&=<A+f)SpR(g*Lf>n1O-KT%RXK<Wv@h$^CqC=l
zi)>l0vq0xNS;$(l1jgVa3jE899{9~^aR?Vxve~mGhtrMwmd0cQ8G`^Pq((HM7=Ec^
zCNa8PZg){ts^`OGqti7^?!!P~O>u#ah~1%eV)3lk0iDx2A)hSeXC}6IsqVTPbx*LJ
z{9TlOr*XCu_U;<mKRAFWYbv18hf4V!$I)}Dv|@|N>IQs9M@rlCijCJKV|k$e#eEVh
zH+E+lI#N2+pR2BzDLImA2l|HWncCzDCuiq_4<cjbDa8_(?w-Zuo~a?1HV$B3Xc~K{
z(6F1uI=mDM-W~oV5+nLv75M)7BSQMihzjs5!Y5*7vE<xT`aYgxKVGbbLcn53XdCq%
zyI!n9{0w&P;htOtTnJq0PPEQ5OhGlekz!{Qx*OwB8Ku|Lvm;~A|BD%^8EfMc-A!pr
zjnQ9g<Q-P){7(6mKdAv%tMqLTgJL*V8Vs2JJ+)@s+jn0^S2WudG;7bk8ymQ|1>Y`(
zO0B{I0BF%w03bO|SwKjtwXF@e5E~vB_w2j<I9kuLXBUzedFHwL$nxC1IQny!T|$U9
ze3Fk0J_SDib;2q=bHeX?T=Wlh>m43N_}i}raI3wV?hn^qKMTuLO-{BKmCj0sS|)AO
zc1wqaax!Z7Aqge`=Hu?>M)k+{28;})l~OJMT|`pZUw7cC%Z?^%-7#N2PY9coT8Dxi
zgPz`R&$POCh9f*7VEoF2DV|LMImuPX=>uKX!sCMF+fXhk01Fl}TldP{(l0)lHsa8A
zaAu<d>CJ@O*d-1%)LM(ZuR~t4nNzd3dl^Vqg&>6}mef4lN^Bv69S%t7wc2)8LRgrg
z#ms235(RLCn?z4HE1)iO9Qc(9G9imXai}Xwz0jAm2S>)i@*{eFpWtiCfMAY39G%I!
zF6ehQOXum{!N1>4i9+kpijyJZ{uyndLsqCvA+3s40!+<m>K2kCCnu+i5*ukUXSs~o
zj6U7gZinYPp9i&;!YJ^V0s@e<7PR7-qp8orTa4KD9~%0r{+=<s_GRoxpA{9#pL5h8
zwv0N31U7KC?2swnb5geJjj)KZDN3Np${Y@Qrm_w&^(E~s*}hFS-1+^5qO(m4bP4Pd
zkCg3@uQnHUvQWUzf{dD2?a#?BQMlbr=cUi_&D!u+mT+MA3ls>@F5FKOs4r8(1zqGj
zo^3?u!nlHnobNQIIbnEHp6prCJW7|CkLVW~Qun3tl2LlW>SWUYa_YBj^5fAvO=&QF
zSQ+!s;a(!j6(nK?=-yYgAA20G+FnKFM3qPug51KZv9liS^o2Hizp)L*62>Bvifzvn
zhy!6@6x*ZkFE_LVRp;wObdnrj1Wc?(Sy!>*GLyuNNf^n1H?f2y@w*-`mAF{pvJXnQ
zfP=lk*Vf?U6SsN$4l{Zb9T>7>I^<@@1EiG6%ouA!^<hgzaSRjAlwY0v8f)&louKg%
zdt;`xf2o_V2nETcmtshG7cGS^v{q9J>nFU$I0;Ng=R%p+Mpy{ShAf!~R+8BE8N7Wg
zRw|D)jta8)J!AEtD8xXY47yA}iNB7@0P%b6(8!}d-|lA9rTg#5IpVAWcJip7{cZH=
zW*8I*Sd!o9XS^YHo^Edy$?U&{IsdWb=yC#_4*T*zaN@x)8JOIy3Zxb45s}C6%5cmA
zvWT{r>WwhZyqV#|K!DJTCP%v^ag6Sgq!0<%2ZPa#)c%+f7Wvp>UOzov*JQfrXC>WV
zbskKgow8Cz4)(Pocx22(GVdR%7wgM78+=#(YoUv~kyl5&59J9cv7(9M2Ae+o_ZKTr
zvWsF8l7yMc6RNpC;$IlXGyiE@LtCcM3%RM2DPl9{DcA1SI|2o=VIFR7hP<!suP(3o
z|3QRSZ<S=^Q*Vh+D%o@<%wAtVn*8B#OvlrD&=mXkbu3sLGNHhm1JQZ>#z?pB@n>eK
z?`-I1hUjzy(>BTl{T8W8%+2e9;m{iSl2ge74r59O2wu{DZO=kFLq64*`@!U+L8Trf
z(bOT$mSivSZSn|<l*-qj<2YC#cG1XTe*?y**DTzW!+bq3EjN?vWe~Ip1k3tmZ#~1P
zlN9po`ZP$$;e5%JaDPlU!d!3H6Z)~bJD-8=gx;!(9jYxS9nqVlAYA(ri{!OgL3@4@
zvPHy)@;%lNmuMB+DB7r~JrV+exzoK779gRFp32c5vyduKsKU0G?tY_y&wu*knQPq7
z-x(9bTA@GM`*Yc09|TXDrLT8IX}ZBkIt@aUh>a$GFG=6M)n#8R0qp@mDVH7el}Oca
zWBMp$c0y@jG2#T@A|LvyH<)c1%jmXl1&2FN*bs3fw7g-rnkE5%5@vM7Og_S@1)5YN
zmj`-7(qGu;^)(pG@x~Bx12+p*lr;az0yIOKCc3^9BoZdcMfmBBuf#`x%Bt`&A{Znb
z=I4C2XwVY?5s~>lm~*RAAfp%QO=mVGdL5DSrt7c68Z#^_ypNUHF9Vn8^dVTZ(S@@z
z7L&uw141MCyN{gKP^;rX?$exxK`kE1SyW_J<zaro-V)+%%h|gE@zy(zJ4BBJ`=UZJ
zXG0hlf=IvuktDz<qJu*Jh0_1Q9}fdLd5wET_V<Ugxevl4W^Q&f2`%`E45WK6KAcTS
z?lnjMRsqB@^vk37bx)%p&^6|6PzZs8A&FE~BDb{Y@^#h}QYHj71A=DLrjke;r2i?e
zclcnsoG<k(3K63jvzaSfhQSoTia4ZMU7S#d>q`?WVu(Gt4DJWuV3QH?5kogBgF<_H
z5$@cV@0_2&vYW#4G#`Wlv$<P661c6Z`~BnC8t$Kn^#!_)C&x;<<A!hflL=7WSLDF9
zB_gO>njuA)N)1J5<la9kI==>{)#AK3F=e~lKu}zBdtcO$ed96O>zdHg;gA`?am=eS
zIk0@zD3JUM%SD_3RU7xh{t?#4>BT5NNXKivUQ}7i6|+M!7wm491=nTo`%mf3g||<l
zB}v=1_u@(AU*5m{+sO?24!zB;SDs3>*1^SQsHw~hqU-}(i4ShnqmGw&P=S_>cz$Ic
zbOy&uytSTtC`mMF;E2@(eV=npGZw>u`zzfnkDVuEOjKc3_;0JRxDEh?&n5z4>`5T^
zQB&_o*erM}!7maqJh>yVU|eT`NSv+$lL@9$y(YH&tDK&^yPdQS6C4>uI#Mn!+1lV~
zcrtXQP}ko657p))S0JA+BcxifWXEoJSu{JwxK2chPHVnYOG2qi1;!60Qak-A)m4b3
z!9V14f;eG<gJA-iWV;oJ{N4UID)DGe@N2PpL$Qu2z2TM`&6w6DyI1+bbC7AzXFRGB
z0(eVgMoQvv_)kAIpYUR67U)T<{~<S4uSI0!$ciS<iYhEF!SVa75@52c^>#Q?+V7m=
zlfBXR&1#aHZ)fEa9o3P<oNnQaU7`&J!dC1gkT<HfZ5G&nR1%8$&cd9fE(#)-4?SmX
z#geAx<PJ4+9#5B2p#)a-_K(0FxlW2cSfnbDgn~EPZUuNXXysZu-c;nk<*awA3vr`g
zzhH0u{V_xssJ_}ee}2nZ{&PLT1->FzFsr=T$Bf+u_n>b|Cu8rlZZ7TPO=jLaK|r)t
z0&hz$nX!D^oBLHQ%El1Ep2a{!XOepeBiHK#^x0<w8SYG;?QR2kAty;4h4I$JEhFfr
zpEAb6CA`LYD%3DL1nWgX`uwjp3cDQMz(E_RgjOfknkH*e5GN?~iE=`CAYw=iLCB<c
zm)Hw8rF{PY@Xf_a4cH*!9X>o)RZj{Jh67*$wlgCQivUYeK(Vtb<IA6glo5ltssBjM
z{Oa_4qN7nR^#dX4a=^pKj}{=Au^_Pxk*JGdwIMQ8rJK)#BQl<9<%En0Nw2`dMeUJ_
z7Gvq)UDvKd%8N&~qteT2tuBK>CI<N1z_r$vTJzi5_9E{2qbo63%wv)4<uNomh+VdK
zo`?=qNa46l=7f#x`SfSyA|13^W;;CZXHq}s>bhgq6!1z98I8K`nR8Iu;GbyL>O;Wc
zu)_bcMEhkM3h)mmzsy;V_9t{1yqNy(?Jc1BUYgn1Ca}WG5>5MZ)+H4rsWdylJG1$4
z5n^5Qq$6W$#*}iZ-oR>ouZZC^?67oj)beA>6w#=65U0B|Sf3$4_fqDRqz`zO-`C8%
zI9+JUUD8D8?i|K-9C2P?Fngo#N{}-RC7NOf6p9P!UH<Bc+7Q4$@i^#TCq0-cb|9%V
zFojg$zrzDL{=T78<jHY1`WBSQs07n`GY(+Ag}v()&lJ(HqKa&WiBtsF=JkGHZur{2
zP``fNZiWkXVx7Sn5H*7Ck|@XjF|qhqko|G~Z_l*#&`V;eTXNSUL{izu0fQ>0wZXEd
zC*rE=mxk4{D;O<CwfuVM;TacjVy#I$oQJF9VzLjD$hG!x+2I)AJ%y|9Gn8jG*N9*?
zG~T+xV0l4fwc(4>;$W<_I(2Vq82CAtn(r0)sNS^)5+IZ>->wM@_ufg3vqUx26noX4
z4h|`o7UostSg6J-7&{Xg_g4fJkHZC{j4Z*^hYLlpsVc7~l^1UOye18_^_ygkU{<^A
z=1|k}dXpAcCUZ^K6=k%)b-gCPsgw>eTXm-L!b$IW`H2fF{k1~NK9F5dQsXcHquu=J
zS6Twj_hy5j*<=n+XliK^W^N3r?ylThhaG6QyNyhCFcPj?fL&RkNlngg+VU;2uwtCt
z^Z~GYTGkU@<69J;1~joAv%o?9!|Z;&5Jyf-i;x`i$k#bLtRYG?SQ*?<Z}vhJ%HLHm
zIp!FrF$+z$eC*kngW8hG3Gh<6t@8$Fv6zM9R^yRxAEL%T{hImS^NM6E`2E(fT=&Ew
z)N7=W=cDFzCk;DamFp;;+3n23wutvJI3d7T;MwfNjuzON6K#XP+N%;?ZyBMWgi)}c
z(or*c1h0gP=*8~+El|7<PVazav)+n47)#k+?U3I;Wdyn4auz417f(9oM-ZbMuzQ^S
zRdt7e#dt}%&e4wCq}aYKEV*)D_AhR11~25LBG>7Lhao}IRFZC!oWXMyE~z?=Rw<^%
z(Zypj1MEss)W9YY)w1clJArl0{P|CircrTTp)1a!6&IuyF0B{KKCb!;4>^P8(<{u1
zBYJnSP6<-Z@2H$MpNQq@w_&YWZY9Fia7fVqa>6Dn5D7|F8ut2Ws3*~v$o9np?c^+k
zN~9<GgLb;eNDBfQxq*nEpFfzJ^PBv5eto5Z_|R}Y98bq${vGAOXS&FuOr?c%XlzXx
z97=S#s8Yz&4u3`CyscZn*L5wDlGrB+Kte6fuBB2f?g#ALM!AQLsbIzoNcBYxf2&`X
zkgnumT3|5TsY^1;=YehRSUQ>WgMl?H^H&T=E!w-a#*a=S{ou(SlRd*21oPz9G6mA?
z^{=J;-kExRvk=m8yJ?7yP1$~q!-7sEsgx`O*nd5JVaB@e)SDexb)J%YGk85~nvL8m
z`7k5$wxR~AR!HqH?SFJsjQ1irpifzU4;%>*f~>1{kCz)LZE`jvzR$tsE3eU)32R{x
zvRO-|I=<Iya_6x?XAzK66nL21o{pYw|Ja|E<2}`%eBChP+IRh47{?&RMeofhaJ`wR
zD*)=O!Op2=1(zk#uezRxIaVBP=ku3A3VT8#pN8iC!wtvM5sAm)Wpo|DON&Dq9zU9W
zDER2&0$9ad`OP&3SL^PeONrfea3vWELHkh)Nm5Cp>}wH&Nc_-J*C0t29MG<eR;X1J
z4F*ASCc60~1-P406`2wfO9kn-(8UL+2nmGUXYL<H_Sk*zC+QlnXvVwZgIRW7M9Ml=
z?e=_l6DfWDED@2xnnzHx!Zo~X;$=QL?K&0MJ%K2#k%Mr`=z`jE@rq#RviRuIy4-nz
zH)Ga^EdHqxIBTo4f9DGIiFr!M=M{w_Y_!Ua)?I5vStfKW*w6z;Z!Niq7Jp0`M@pUz
zQb6UO@*s-knGd7gWTO+jLUd3^5icOc8ULHSg0QYKxZd&GZqEQHaV@(L^60J~XZx7N
z?fNau;S?QMnwwL4S%jUFOY<tPxH?)`=xVfHleGZ4De*4<Qn>q0vJsfasY<a6JP#cy
ztO8h3a^zqU06z)iS5LVRp7>ZKk)Y6?$xTo_pO>OK{b8bqL>U2cu-^WXhrl&pn=jhp
zV+;c+)W%OW-DVbBcqMUe7|_djAdxs<dgp*ByYfjS0b$tl(V0A~sn13Pmd72#USU6o
z(qO*LtM@74KN`AhJ{b}sP<Pt<es-ln+I*|AAP||fhKzF7?v=hwWU>5Qu_yYQi)J4N
zgSf2z?lJZD3%r;=Jn%U~T1ca5<|=L8{<eeO5%qCEw|#p5Z8PpPrKmsUL^eHXET^QW
zm&JK#oDaew&iULUEO=`*NcJMP5eI+2&wY3sAZvyA%r@=5_gpk9up>rOhF@#A@3d_-
z=9xc`EHiq-g-np+%_;>q3d?smYyF@gwz~mFLsVl7N;<Gudr1{ojgTzYNe$In&)brS
zdC#D9t%>gKrj=36RPuMen6ubaPK759@fFhB`^xA4T1Y5)lD`mM`;JN(!p(rb81nC^
zl#|*t*sk^#`IKXNR;!a3ebyeEii7oco35>?F?<L0<lx}!i@OR6jRrMFMjpu|ddo*4
zqqiU{=q#td$#E((`63kP9!&1p{$niwkJf7IxrWLlvPV!b!;Q)N_C8P*E%RghWKSw&
zTF+|RR`uV*kC+!&Owz9}PULI$o<f!X_yK`HKLTO_eV}f(EL5D5B=7vS{11(5+CMtH
zXqQDq42nWU6ll*15LCgh10lat!lJ^(UT|3D%K`jE^T=#<g_AL9dgMwQ6xlI(Cn^Dk
zU^e}&qW45u3dtdtg8GNsz#K)JW^V_2t4t^P4Ar567|E8j1G(FTS@=mj*rXtI=Z`W9
zm?^LP*?$>EzXZ{ah)4KbUBdbj0gvgKgDFJBNWu-pNMC1CoobsryL33v#V%%Rrex9R
z=5&5k4zh)*^KgB`o~EwdQ(g48Z8+N__>;jWy`Nil566a&;)Dy6EBcq)Qg4A|!FN{*
z%|MzY`h0<_(;esKnh&0Mu8n(Z=?2lj!-t*32@Lj6j-Jw-E@C1c<RTnz5JL7uxWF+l
z&W^ZlcWliynva#{HyTIAe~rd)>XNO)bu{Bi(yLpRg55-HI8_zJD8x(1detf#)pjUl
zOG^8nu%LF7ze1s*QEVmJut^=}#>dC0L2D@dFMytum>isKJ>jii(DB4}jNwW=U?*oE
zmH<BjyD!qv2L4wROfIq>3g)eYpA(x{5clmT@5!>i@Ei@-R{k-tjGQZ6R@XnMoi4Zj
zHbsN{Y5v`e{`ZF6IfC0|B7Wo#EmtHrj;@ZPMJOxC==g8iHie+h8GUkuem#M0!y86`
za~<oG(YRs$=&d-ZNnfuY(RIhtSq2yJ<Cc<10J1Sw!!?*XQL8ipehJZQ76dx-yPcht
zjwl%^wXl=4y3e$1cI@5L8m0wrE3nCnp2SkV>*DL3#o)b@foT0cBKCxU&*lJ;Jqm`%
z$e|)5E?Yb{HWwDU$)WWRmZ-KUvN<sZIM{AA@U|V*I8HH{bXi<*g#!lBw;ojF8f&gc
zz0L5Gy%PP~q#e77zRoG|UwoM%Q`r7YF*7u==ihEZ%%*PKbI&n$EG4grWZ|aMr)#XG
z+$_5OC2ltMw`BH)rZKAv72AUeKh+=C;8W^_vO*rPlcdU0J}CiMJt;Ok>0+dk3R@_`
zat&!<v?(baDY}SYLhG&7nGlI#+e;PCe`dKQK`MVqQBFxHM8d?0;IfqjjYsg^Uf}=v
zHcEsM$AnC&a}8+t2_NwHFVZ7bw10#UdhNDj#sb|(D3QLI)ugHL6I@5m9NYH4$zXNq
z|2l*JAq!-Mi2{+3))h94`?<6e!f4=wv;H`TITfcPDab_;&7$0bh<4#18hMiRk06G>
zEBWeJfdqjNImk&Hbnrs^85{OduO}gd5#h!oF;J{U_WMJ3+%+4U&QIZ{#u-k9C1?yL
zm3`f#GHoa{YyToYj@xQs#ajJ~UdN4Xc((diDqN(M>4(Zc*7f3v-uUFbYmHHSb@8pi
z$B$I~3k5Kh(NupO2@-AJ^vJ%7K|}dfd@Mz4vnhY!YpPY8mG<EkHImVcJj1NV>(cEA
z$BQ+CuY{}GVqI`$%Na~*Ro}2*%v}NrU+(=Iys;OaPkCl{J5&z}?xN*!LNfsY^^QW5
zd~n8v1+Yms(7Yml2u#jchu*iErl)_PKek9ImM7>jzW<63Gm{A@h2c?7b>8jM@kgwN
zWlS0kNphqf`z2is1=>cMY2bZ#ex~9fcmg9Psh(;kCYZ_??;+;Z(3tlc3x1A&a<?^r
zk3a?{f}?M4BD|D>5s}p0KMxG~VJo0Q^8bAze*Z5rg9I=EK~H2jM(U`CT6MUNxIRQ|
zDL4Ikr||r>T1LshhFheFD7oW<1V}i`@2USHfx;Z+q<KVqiuJ21z>@R|Cliq?sEE(U
z%pQC96F1Qk%ssP?MD&Zly3I45IOo_?xz(98?mj#0TD7v^#Yl@B(`mNlSv`o|*Ezz-
z!pZEbwBroQ=0xfZ#^%d@d5Jx+_`9|YVlg=I-2Ns7P5evOnaKskFNYOOdUiO|QA#Z}
zZxi~d_X(twMqPGq?d{3wi7L%Z?9!xlq9DG0E7nnGwL~dryxmWO_J4jUDO;{L!x7y%
zq*}^l=KHvHR2TgKg(~-2mWZQ_Q4a&Hjh!raBXLsboOM<xRu|OvK#Edy<|4{WWLyZq
z5*}iue;5ihu=y>e7U9=WL^`!noE1!>%t&;zzr8!^{>pPf`a$p;M3UQ$8ZdsT6L`0Y
zPXF_cD?O%tg<M9_E<M}&eE8$(y0}fPbzS)~^KVB!1{olr6uQiU|MhC~?7k@3yNig(
zhLR8pl9mw#Z8sZ*4;2>It(DV6hAh2G2RyLv1Y<eNzel&wI47iLdq{$*-mjv-TTJKT
zyGH%*<9)Z<2mmHju*$OCxKrIDNEX=C1ocR}!bHNYK<~d&{dR=$Aln%9Zwx44B=AU+
z{I$A0^8=}MHJ#`(Y0H%?bd8`Pr;PLruO<4!sst_!kzG+iVG>wee9`3Bb&}y@<3bB-
zyGPdWNV0(@sM4OxYZ^+-;fvEE&AX-X%I&)BG6k_tj6T2Lm6lP`8|(C&85Wb3>wH|_
zwOinOdwb&s{bchS4Qzxw!C@FZzS?mK6Rd5eF0GyZfO5s?2BeVgCZB|@$}PzDDby(t
zicIG!0YRap<Yk~&3i~b6e2>|V%mK`g#B;tjBv^1*Jr3*Tb5i@tq~9(9Xv6`kq-wb<
zab#&}8q?YS34z7nwT(W6k47PGvs$t*I0m3^3}iPXGb$@dDZ1cbA&l|Y>det}##=x3
zEwIS9Tf<S$sUU_AGjR!4u(Sd!1S#&FX|n^EfPVM2oyRk7(Pd_$Ti`$up4PCsgHw`-
z9p8x-2?>$IQe$D|iVa|aSgcSB7+<rmOJbewUk(>oco_E%eN{=Uxe{tR4Yl6Mt>X6F
zC>M?Y-z(vP$w7k}lDuk5LNH3Q+o9<^%7mAUz%l)fLxXj6SdSN=_OrSn14A)~%`F8-
z?!(yEgR@45_B$^^j|TvKwNajCS?(Z^jeaO%Wui(pnbcr>dDaY@B$>-dC1buz>NB9y
zYBkTKsb+<?khgru1o+MUWDoS#=p7M03J?wvSvtp-jENqv+}<s#DA+GSg%&GT-pYkc
ztgk3NP7G66OR+>j?VevnsLDqjb8IO_!unH!-O($NU`a2XU@K#+*Fj7(qc760z&4WF
zIY8I<CzGrQu88I^rB%~+acJ!Ii~g_(IXBzVw3{rW+{%^%okc3xviuU1*^q@BTFP`(
zKpYz&ka8q=sgojY>n5V<cm)O^>$PY2z-hu_!Pj%G3NohCR-@1E4r0{Hv+0;y_C6+p
zIj9I4Nh~Sg_&Dt1P+(<d)Uf}0-euB^`M<z7LvrH;D7W7Q7X^8yCnF*44WZSQz{AfT
z<A?qE;9vyEvO{8+`yJ0$s7LG1lOV@A5`!fD>fbm4fG#*W(FpA)z##rfz4)g=<bH)-
zsDe(jvyeEelCo>)_#^KK!dx}(C&Gc~iRjA|(ekWnidf-Q<x=4=v-7|CIeu^571Ju-
z>Z>E?%B>ogcWq!A<QwVADroKIivb=109CBjr-SmcW#YGXWfDrbw?cea1h8PJgkwNm
z{T<5kgdYx+Proj^)oows^Bn?B0F6!&PDT1q?1rR)!Ts>+*<HX}!Yb8_<duYCqs5Ib
z#cB(2ut6v$fPAKUi*oqVsvIeq#$ZGg6V_Cwf2C~%>t({OdF40_;>$q7Qt1nd`1-!(
z4T^gvWAPgZZT}VcuheQQZWNlLH=z~k^-LZZdZ0MxB`s5l1=bs2Fk0RK$TFKD(4*E8
zUO$TW+m)a+iNR3Zctf<8L@pN|$47XZZuQ;V9Xg`=xgq}oQ2OFAoN*gB5g4HPb9Ru$
z@grBiDlUUT!hS`GikzdmaT%+@x#~4ksa}2&f`wPDTsONDN@-$2uyVnCx_+CC&}pMy
zZ3Q@Mli`_7?~EU<1p}&47nbpweX|ht-TRG9jj4nJ!FQx^L8YZC$b7o*X7#)WbCyzE
zE;d31%1eKpk~e{=%(T1s{Asbr7JTw%{C(d<wNyn<f<Pzqj}Ba+%TaFM5dz~ER)h{E
z!Or~Q2uxt#v;@+pu?)^EbRgwr_tU@MeIqnR8cSz_-1Gm7_Wuj0DIuacOyTA!8YoRs
znQU5Q{kVc4aaV)0%&ecqs9;i7Ala*Ks4YzbI1eT$q<d&`R1|D1LCmiD`e450h>UeL
z=u`L(3F<YuKLzk6piv}X)B462<DEo##xI0+(&ixJ$!P9}?$59FyhO>tWY_<QBERYc
zi8u+wpC6zHu3;{DWC*KW$+4#GJ8%gkj3mEN22zi@>IB3|j)VN{zy}tRF}D(sYwsZM
z0QGBH<VpEby_glLM^GM!Tb|67?U{4SGfCs=O#4`Z1?-ANLztlfrYOKk$g-L-Au9E_
z5IP*p2;3e)Agnu>77hY#$r{i&Yemm{@?T>?R#!C=LqK3ErqI>EoNQPXJGQ~>{5;ZA
zl`aKmIy^Yv2N<iAM}bjf$g}sE&a2+GkO=yKG83l{);i?YkLEB4+{b*&xr8fPka~N|
z|3ltgApYY)AW*p|AR@kLPJ(evWsnL>-&bZw_Nx8}#bjquL*&xP*L`O>$D&lUQ~vFl
z5nK+oH;`V!klxu%6j7}t!Mqf7ef>SLR)0bUT)7n1o&l3LyWcZ(ID<@fF{#Wra+ip-
zwVb)K4NAIdL9k%O>=Y&v)z_3F0(j)0q196&X9?&#d)n}cF7Gn^bm*dvs$QIo-K~(&
z25IckjNk<P3IPG(onb^4-?GlqtwSTU(Zp!NGc~MXOAO@SHzN;o_OCuLtzPfcW@CTs
z`E~zM|9!R;AX2fRBUd@BKeBVU3koh`b*>JNQ}E?ZPtt>-=3k*ieTg8ad}53Jm<<QS
zQ<Q=}Mo|gc8G>+A5~E2FwZ(DNFi8k08*>Qd0D4y@q)&uNU`&7c9&k>rhPZt43HvFQ
z#p!b_9~296QcLh9N<x>F&eucGymt~r(_)H!<`>Bq%b+`b6=IH`j0pU}#M5qsgW|AG
z^=eS~mm&sepOWi-V|zqXcv(pJpI8<Uh<>`48RYgLW+oP}60swZ9E}Mpl>nHHR<u!l
ziEM+bP8Bp|{HYlh3*vi6L;-a&CDjeU0*Lp|gC1S=^{f$eqC4!aM<jB*p79yeCPO`P
zQmqwR%AHDVf5y{tFj@0PH2(Epe;At`<jAnO4}*@(V??GgY8^`w9R9|9y!ic*vHcW8
z{<ScVI@v+8PS&U22ao*fzxNQ@fU4*35avz8Md*eC6s0n^oYstxy(tI$r1K1v<!Ur#
zNJtXVLo-E6wcZm<UQNd!qv#XGjv-`dN*>(1K*{yT;W9IU@C}fLQncgn!K7tb=>$tA
z$^{?681jhPdG~!+j3K$8TvBLIbGg-FO}Ya97XDev#3UtXj05$S@{bM}fXKo`?=0ly
zCg<_ZNHj_zAf!z~`B9QbmP{eeJkbjUT2hEAjzdC{5=BvhOyq{+Pf#B`K?NXy6aI`8
zYlABS1qv4uiFubhNo7DH8}XsDb2P1i>53DuU$iJ)`<YtfzC}p&U_h^)cG6xn!hERO
z%*95?5e{pLus6M<q~2kOf$>+TkJXSrt1A9_TnRF<>jNpU^=W`oPqsH?B<HMp(Sz44
z6bGP-4;Epm<&!qgD$`Z0o%k>|F%b=yFivChdQfllO=_tCIXF0|t|sp`3H`%geL85b
zM~DE*JR*+?08aFA#Tj$iIq!Nh7lCEM5-gTy0xu6AQPvy~6wti&em=h-kZ4lDDIRj}
zB!g~!Hfw_raZ|$Xuh>wLjFnt0n9K+rf8r_|E@*CB%%pQoHEK)M<<JjgrDFS{bNHx!
z35`(PGNauS$3zJbb#3ZuFFp9<qJeG#MA8`Ig%Oaag!dDad8`ME!=A;BIe#rks)UMw
z7%VrNNJx=InfPi=dN1adSdw$3AnxmN0<YyxVg!8d=-HPnBorKJXGBU-H8qb|7=*kt
zMXj`SECza<Mi&=g=TYczng~a;NoYl6G+5|0Wlv3wqcPw>+zkZ>QX0zD%>x;<sHRXe
zl~BIU1Z8|hSAF_!EdHdD6hz{hr`a3Vejks^bPO65#klNnF^aW&)fck<X!5PgT_M|^
zS?q%~k54@#E2fVgbXA0vDpABwqLTz)J{*J?<G*j2=ol5goJ9}_@nR-LD22VqD*bPt
zIT0HfZTOoP@49;rUy~=s3*Lrnbp<c*aPIr7&MkAbf*^JyjwYa<hCNH6kA#sW*|(@N
zr%+(<-$`#c^3#9k1xOyhWrcQb(WlG$h8UV%F|x#bqV;g+#jjd}Ke_$pf4_<m6IrUL
zQiv`h0A5^OU5CE!X4d^SKl-nOMgr><kVAQx;Ft7$too3AU{A>s1WH5(@RS1!TQQ9c
z0-b~e)EDzg5WCxacwcKvXylEFR<7<b$i%vPv5^A&%K1ZF>OphqKf}%h-FBa_vPHf1
zb2fCue^6Q3tRjSpD54RBM}HI(pW0Jt!<vXs&};UrCSS5eV<)plhxDE7DGc4VYrtai
zQtc8~t*=2EJyJ{BRnDU^kFPbL{yjq%%@D^S7~=ISkYqVs91hR&EFoGzq)KQD=w0wF
z-f)T<CsIMw*vso^qF3RLI{7`1*7W#uXvyek=ZzI==YohKqNm<wVQ2P+^1k#Sy61u~
zmnI(S-Bxc8966MQnI0~u1DRFIq%W5DbUQnpH=kf#2#zr2_*uCgw-Y4i-XaVhHPrCp
zM1EYe6_PpG0U^w5d&nXD2UI;_El5WzyMWBJung`d_8UUhQQEkH#TmrEQt{H;6|nmg
zMLGM_*YWmxSo$D8&~PQvJc>E;AByrts|y`Gai_I>-$urrLJUZ?s2kRt80P*`SQ4F#
z7ZyLTB$xfBx?Z(SaiVz6(&@}7zhaRXwkOzgp~?md-nRD@Df_1j=J!HDB^d9zliVY*
z*t?;dV#yeOOZ>n_AEeT5rjm_54W2!q%af4B{KMmewmD#tugxcS9uX~w_Y+9gK=_Qm
zXtnG=)#@zR;0P7BHSzj|?6vymlNi_z1Dd<lkknK^-?F>dRfYdQ1vt=e8>Tu#_vyoP
z!9}k@`?ru^!+hS^BNr}cJe-7-tW+_h?T<?DEJ={*Yj)xwEi~q1I^}zaa3Hk_wlXa>
z1q4)ayis=u&3&01djVWo@~}%kPKpOonbp|%ARaoDw_n(s|1!S|gpCb<Fv<q)Ke&Z}
z<?JZIjl!=Z@_5MS&~<_2^+~G3v%sKvDu@{r3!;Twq+UfZJ7OP9l9Lvy44QAo61r4l
z0=Dhxm*39cJgT&R?~WbN*opuo3_Ik|#;b1t$}ust++_mY`|~#6;$T*yr4AChK3QIw
zYZfX64Kp$=4G^>9ClW(QqUdNeze{Sz2;YC)$a0(62B|XUBMT)R-|WK;N9wB^SQos`
zXelCYrF~Dj>S89*+)o;FG1{JJL~3^-%hCDl{&N(~X<&Q@zs7#Yt=@VIq|N6t)H>AG
zXn#D5YKU#|{h8WF%N`P4^tQL~O%0);s|&{8=`!u|#J3SSnMz*Qjh94lGFTqz#NW=_
zgnp@?O`s6r*2?1PNW<+Dvuc?^@%deYpOk?u20)rjC+YWkNE_f_GS;&eojsqnew#Wp
z#e7tdTk(_U_P&4SLsz})gCh`|qQI@F)oh^^p69}PdS~uRVapE=gF;wZ?Y-R%BE^;~
zrr)h<Xc`C#!LYg|O`JOw@1<ibqVc4=+L}`KAL%(p6!(xd=S!%kdiCpwmmCn54g@95
zBy+B&N0!(Ng*CsaKPdVozylwIZVple^34cDEe8-XQJzlT-EYgSA-R!*zz;TtTApa{
z4k;0X%~I(w<eo<5Q9sn-SMKPL6KWH1ZuirxhCvrcDnOS>Z(xEaBTeHb+8C#QCEF)B
z{<g>nq8x0yW_Tn<5#7lyRRyz#?=@$6Cu4-U*`K9Qa_6HX1}Y@Mq5a5?__+qvGw21~
zzV7&2=omtpIsYu1Tikc3SsFK~QL!up6@wta>!C|T@b%{IEiecXnM<;jakxyjl14C4
z5#DOX<(MjoDkbrSQ=!O!^}O{JD2b=ZWT5gGxML<?U75eORU;^km-EbRNTnXnR)lY!
zcn>xDPy3_QglRM@tsMsWUf`eUk-f4tZ-#Y}!f_2kU{~KFFSo>eoZl;I8g<~}=Ozfi
z>51lp(XE*GMZP>UgPKHm)A)d(Y$>V3V@g-V*_fs>tNj~0H-38$Y<lZ)dC^kZ-shLc
zWx%9bf~?dPk2+_XwC=~3@bKX(^Ubkdhy->=66N|--#^vyjkKivM}$6`66bcho^qFb
z|9$3M@H(Dh2Z7um1xr(VN}lRsTeXUG$Jv7>B+eocx{2OECSl0+XW>~1t|l9cV&?6;
zWv4e_`daZswzEt}Lx=Y+pohl)^Dxj}^T0rqeaU-ly4ca-VwauVh>mn@BITmOt2JP}
z{?XeECIsw{xVfp21fcyTM_{A7pqqrs>05{k4I`hW-(%1J1^$tWLTw7dLSnLuPmzHV
z?UyEg-Gu_yH2=uJTCW@i;@sI99)_Vr0>knKgF19y^c2I=dS3{7d)||FeOJxldZV-)
z87oIoMrjO%Kj2p=>w#iKBhInLttcwuDw&UgEAN$e-*?k|bgg(^A^H|(j4V_4qf?4A
z#dS)sHv*pjr>R6gKTc1O+~zu;gwY#X)wDrk7D|WeA(eCT>#1G+M;AEgrqae+VvFa+
zrg2E9OYwh!-vtF~61}TQ4h*-_obL0z(lz7#Y9b=K%6Q!@yV~gj^@kG@;G#rG?<q?%
zl4O!7TmxdEGBylrLB~E;3da=xm!^CDg8Yb)ZEtGnUZ-|XDcGXK>MtLGoiA8|`vI_O
z^MCy)g@OG<Ohj<h$}`lfRbcsG!uBpBpu49brSnbS@BcFE=2tE@Q_oGrt&Jbcg<&F~
z@!3Do7M%XG5s&lxaF0>Yz)S%w=WPh&V3?#=K)?Wx!I6QGqyP)@p|OZa$j<k0X<zyx
znCl?4d$Wi9AB(^$CWoD=v6*a#jr2fuS6(<e4eMFRi{sH=-WUF|LOPEIkci~L2|l*j
zPhdR;=ubQ4d@5w<BsBtpi}ERjgIM^>nT|v!-YDx_h-0Xghn)W-ZNMBU4FRgCN?9T>
zuZ5TASCrksGIgO-HGMrMShb#*lUa}h;(TLaXUZljaG2LuE~Fe@>6^py{~`ne!SYc+
zDC$j6_R0M1{eEB}O8gI<-|h|!^HgA@NO_t_gL6qHdTt8)ulYNwAR%q-uw#jyJpdJn
z3OC?VD+lk=i|sYLBX(0Bo-pf%W{}yX7<QEb!u|Lu|M0K1biJ!8fQ**NIG3E%1DR&6
zgGS1=Ld-~O75Z9pB0d^BfG8uBx}JDjUP7Jd8aW*FbU1P1r;&UU<_3&H&W$}S3~Yh<
zeRq#N5;FUKnk^rXkoP%ksX`^d1wfZudyQKD7_{?Qq>sk<iWN-*?;jXhA<u>FIC&g+
zH-F+X=LiQygxe6MZ@4El*#?mvB+@s!6fQQITI)3;R9~eB(4v4FD(D7!gc^8O(#H!Y
zdz?g%Myq*E-f6$nmoO-0W!l{&Z>x+;7fB1u(5Lb!+|3+akJ-aS*G6Og`D;^AjKytE
zQv9(SX#s&>yB#VBEO<>;Xq^{4wLJL<@N=2ktbQwsRt@ZaLjd(A5kNv=W@d(9goc3$
z=;-)(<Kwk{|5i_M0*AR%C886zxAh0Mb;&z}u~OT8NlhpKVc|$i$_cG%R7v;oBekrg
zx*m;ha8DTTVOU?N*FP=<mm&uvM7pW^3B}678R{EKe${Y71LKi~`>9mI3bf=~_gR>V
zX6$5Y5Kh?9ZMet6E~Tlg5ro`%0}lERi4;m~$oAxi68NG_T}3{1bjnow$u`InxSCy^
znOhg=!f0=}k+440L0>och2&=|32{{aAEMqlJg)cq0&Q&DR%4@SY}>Zkm=jx#ZL_g6
zaoX68ZQHr?>GyZ<{d1n@Xx{UlwfEXsn-I~*5+_v2%U~5+;((Ir*TC;N>6r=5VWGwD
z$P|jM#(m%fJI&S&kj84Y9cgibAZRyQKB3#mJef%e@<3!yNo?!rLbMY~mHhrJY?rOo
zx%f_ag*~J@8s^NdI+-7>1vg83U}ixcuk#3|vu&AfFs2)$1n+oXjB_--R+va%KiSBl
zS?~i-xdK^Bz>?>oBy&2}h-mMoj9wFbE5)c(NcPpo5(EoG-1}}`me3_gV*j?cBrNTw
z8xz;p8!{g<$U%$*-(3>^{Iu_qlKz_d&pEU0Y99e1!CW**;EovJCq5pR8{fsm#QOe3
z3rkE)e7aQ#L6arKg_}8z?CT|YHcKtpf#$)K6I{xX^dCJ_5ua~F$m%Wv7lY7PzsnmP
z+kwqpIi>4l(EHDgWgUu8@F^vKMcw8`rTnX=7Q5V`g(*wZ&y~i~y(1>bn)4;0yBwNT
zcRhL1@Foo~-53<p;JYE5-dsSk79C1P%K-1e1o;#8C>}aR3bGB9?a!qYTCse`#IW>j
ze`?c06m%P?(DMLt%PKe-Q(6ivfa~{Y$CN?@S-;tS`6g+Jt0ew4^h%~k&FJmqJ7t(0
zyB(y>eQppwLt3^`;KuD^gS{$cF#*=o;#nA+`ZrZMNVRh=uoOP_Zws*90jpCGKVw{Y
zZTuqO7CL72t?(ZhUx-<;OIR<rc+y>a$TYc%E^AAiZk>KpMtZ`HHdT8dg8L3`ct=IT
zi#l0Rc6D_h`=?zV2&T}oB6{D!hEbO05FL>}k;oJX$0ryWA*0}Qu=tOt;FoxPpu8Cy
zUm{Arj<ZBqz9o;uh?4&)kU@lZNu^E_Gbe_QkvoUel|3Qrk%+qKjV@YxS1z&<pB98r
z#TOwK5JFTZ>R!)gEAF;V7K6U}DDH#*`^%Y;VpmvDTBxi3N{WZ4{U@(+T>X}iSj3(N
zWmZ>f|DE&A)lO?*^fH19We#D;T$Ub}qX!$`9ehL2=R3>~z*(Q=fCjUuN4iKj3JOFn
z?Kr`=N*fDG895Ty@zRz!r>4fqwl^*m^kXn4S_b0W+}e!8J1&@O?ichyv0Qd#dDO|`
zatK~tUNSyD{4#|c5m15jGryT?x{iv5{L9D*r+wXjCQTJK!Xm;SJ&2Es3!B?vEf5ua
za&ofXw3;pjHQ`aIC17{`Hz}l9-%GaHGpTe^p8@nS6J3gHE!2VS(Qfnqs|66_dwjBk
zcw2gorq{vO&zvWGRD;0M=89qA{AgsGH8|RjU4NYqM!y~wmDqsRz8hv8Q!aDSj63o5
z%*k3)>tH8V>W8lwJZfE|Kj&6^A@%^d_EtsAsd>PxokHHueBCD$L41Ierk_8pH6JQc
zm9GMM;E9ml^hdS4XrdmAIU`8!rM4~eur-=B8OcbL079D>%ahfl+Sj%uj#a!`M6LWD
zi4F;kLv|ABZ<v2BE=N}SwFZk~Pzzd}B6C_hQZwNMiP89$ac}HtP$SJESy>sL!lfQq
zRTrmnrI<4QkJFRJZ;ai{s9W7>ub=L!<UObBu!1$b!87!6Mq0PCpIVRB4FD^{T5uP{
z?8tV}tgZ%s_v)N*_74f%#X5q`ZcN{$G_cPk*{!D+sNbDW!+hQlNF_rsy8|6ViF!TE
z?o9Yq+&vs`e5KrBpB+exh;}p&8t65AVN4PrMR%iND6$k`^bv-?q4Bnd0X2yXW_n5O
zOLk6OI^rb;cSW-0I&Fj(t2hG{bFYb;+O3mRq3aTVlFY9pqi~Q7_~VlP-l5(!iNzdk
zp!VAL2G$*%4~!!3U%zYmvDj}bENjU+@xy!K5df)m!4L^qP$9hC)SkX;!*sZAv>x$!
z6S?cPh5T+OWd9Xhdm+*=OOpRNKJnCHI}vkwB0ODFM5|K@=aP0D_<i*dXuxeIlL0YP
zVxf%r;l$*RKO@8V;r;r=B8Sh7?S+3YG3VlCP{$-oqIHMm&4@T0D%v~1G`Douob{sl
z6?T>k6cK?C3t~hEQ-(u--wzD@k}cqee>jz=Su4vct&Nr)V7{eO2C`8Yu;mfmU8*20
zQutrYV9%6ntu-|@BCzEx;Fr*3LVcBOuy7b+Vk2ZBGxj<B-FGfOrdwHB^T}$kcv-n3
z#*U+x+aw}N$|<OiSWO)CMcOv4we$q#nKaO|U6=cpXM#u&$@|{&>5K!R7_qChV8Q&K
zFe?JfAroz>lK|gX<K`)UDMgi=dgr_{iG;23Mi;UkY^}t;(;7Aror$57g2u~p+!cyw
z*CGgCttFS}l`1qINJE@};<y3wy$}cN8d$$Qh{8#Jr2&sIMo@_erXmJ^DwmnVwEfNe
znm=DxNYqP$I^BEkXgavft!T{K?SrQxXg~2b^wgwnoiO|vt`db#LLt4+(p6wENwOLz
z{ff>K6!HZJyNQ4Wn-gOw`Ey-1Oyk08x{Xgjw;r!mv`3hjhR8#Z>IF@MSwH>;31;ii
z(VI5ne&F`obp7oiE=XpLPkmC97><a^(>$O?no4|a=oixKv{%1-Is#76@zt<;8`_`z
zc-FE8yCJfem*N(tU|VMwUvh{H{h=s(N#$Rfe(P=@;cGlGNUI8@0)UOB*`>}w9zH`S
z`uJD^i@rn@c~7S=8qAq-WF#K_IT32(xGTJ(EBRb%&C=|+C^W8NprCHRtWtMOca<h7
z<pLg(ZR%KCX#nY^I9rZN_PQX6;G})TrJ!}ipVAy{^t!6tzjvoyHw|9!i{rT=Y^e*M
z=wu1lB+_lg(e8%ra~?(cq_i&~fut1uIhYHi!Vmj;5#Y+ksBi#WR9Q9Szm$d)up6<j
z<*_^KA%Riz2#GZ^t6~cZ8+2q}KvfLlggR#~l!lu|PxezsbSS}9HCy|?q|uq;WdSx%
z_6x{u-)8TraAGZg>S1u=Mb$lrqV8(22FWWliYG~$50-gRJiqWRLle-U1yi{PlC{H=
zqfIvt2OKLUK&bQextk=(p=LDl!h1f`9)M3hyxM3E)>urQQEg?_KuXdXvas&?HFsS8
zpqnJiFae;u>41jIEy6QWg=9@DiO5<Xe-HUWGS&KS<zT>t!s?L1dfBLR#Ct|V*!c`q
zc~~+ir(%MLJ@E>q`#>m~1b~xCag6zZ-~*<z3MHThhmNmyXinJncg1yd&3jhoe8Zr3
zC)#1R8P>wlpYC;o5XZNmjR>!G8w`ClU7R1|@%@07t09_h{#2T0)<s1_VKSLL0R`5(
zVM`Tr04lN2`HIo~T0FM+E$4z`fdJ^MF<tOHq@(!gZ-*ueajtjEDG?Xly~B^YlH_+Y
zervKW%0_fR6wS$uST~=z`dl;_wd!#H_f8<-B+|0A4%8I{7<EVqN?CoF`Lc;W(Sa=F
zGrTY4OG_Q|1WheYzcY7n&OV$iaM#<wF7y+-hV_SwW%YL_v;mzXN)~?__pS5*HjBHn
zNbu($de&8=wr?!B{i`%6H+vJ0a(NZb+vztGtr3$NkQ6X?fed>zTnvMS-*H%c$33oE
z8V8Sw=$!}JP*)b13##%6<Ju9h3s@KU5Qa(m--de8o$HWn#lfX<#*zgvAKiuy%>P`A
zx4v}cb=YL3GKs{LU=UI|nGJ)>T$-1<(<-qD>eDsq_4v|iR<Owxoo<CU6ixT~$nJT}
zsO}o0Ep=hdw3)b9>$DPYK3K!bk|`un)LZOoU|P@PiFe!oAhLMYOi-c!ruOwXG_MCg
ztkkWlK!n(`BpEqFoxa%QaV0dp*92il6;Y``1LN*|9ZKWuaAtu$oy(f9mR%#3>bzOU
zjU;f`e2w*`amtx{5p}zYdI#nZ67ljc`t}Dm%Y7Lg&*dX*%Vh48=O|8j0&~`E<Y%mE
zI-5PT1AkPIWr54+$P=4HDYHhnisVD>g}RAQ3T!!S4=F1-8LHS25D0dCcSl1g|5t4U
zhm9r{*HiPdnyWSd0sL!i^``?|A#)b$N})eZ61Q6&{t*IMzTu;NoFFJEOewZ*_ND*%
zdR!e<!JvH%&Zs&tE%s}Ul+y3wPr9^0uD}zv{yRksF+-K%a50a}>(3^(@ir$*_A>Yx
z*(l5T*Pjq2-&!Q)M_c2p-p8gt47h;O1FoRzq9<F_2$cT9&80$@KQmSfMNmDTFS-nR
zT|^5bKa71M(>dy~!Y24)+)3^O<Fzq|5zm7#9xqML_t4V0>Z!se1%e)A3@C>Yk7ItK
zq(9C%y}gKABH{;N>I)ph7ezGU&NsmI2XSq$#>>)QHhPlD%EC$<mfky2_I+7jY3*x=
z$eL~w7PVUo05?}9F*;c`*5Zl1?5#klY~t$gC-EtG#UYqE-;GaL<wLur35e}f+?grM
zg-I#`FISM<8A>1*s)Rn*<Am|SKqzobOHIGhW{=74Az<{m1Jr3F4kMq6H)9H(>2n~X
zOpy#sqX`1P1xWv}Tfi-QtPw5KU`#xmC86CV4Cd^e2$feg+9IHW3?wYEDUuLCuruf;
z4wi<E*fTjTjjbOu03%7BN^xfXDPBBAx$!4A4ROMLO99Ms1n}MXP!~K$rnu0)%wcrq
zN|$Fw0-*x#$$lGt-fjlN0Dc&0?Rz6h))bWSMvMXN^D>bj11_N3@@=N6nx>PqYH$?&
zT;Lf|(2tckoQYqgXx2cgq_ue{`e7@0kz~97<XLLgu$K;59Tx@95Y4pdbQ)W*hA3k7
zhh9PoYG5MgN{dZM$$-Z0+WK{Q@*J@+x1tfsd20{;EI4zMzfs;;GUX$|ErP|PEnowp
zcc@{4-KfNu9g?pjI7PKrtaV$kz$-02ah;Zs;`M%z1gO^e(gfDQWgXLr-9Fvprmwfw
zO~`0#KU|qZkZ6-0Mbi)yEWKJg$RXO%)Dt<}Y_r=?!o0#=0m!ipkgV~haekT>-ec{E
z>u@_I3p)Q{JqNoKUp=_?Zn>>gk;Mb_ar{a89yE=>nos`VB2R@pI1p(^4u=}=flqd|
zv0-Ds<p>7;GTKFm5Cr-Lz(w@_P(uRFLSYlSyKHYJ$4VCi5JV@A$W7tW=zk5L*4^$<
zZ)!o0o!iqWw|m7eEw&;t)$~3RfopGc2YB<Pq1gA&=!R*{g}$s|D_CvTex<I>j_<4M
z=<EMv=+W)Mc&Dx&Oa}6C#;Ei#rTg80IT#888e~0+1aGNP910K{DR2G14|P?Ius94u
zBjz*{6?re18L+vmwhViymTeWa^eW?9eZfF~I^<#ohOv_^d!2CDVBU$j+|gL+7g3hV
zWyeAdRFS2GRY0wL1g889?_1=6nv2ge9cRA163<(-`#A$7F$5ND`IK*ZBQoXjM$m<;
zu=pHkr8^IyI+`z1b9wrna!5>VOz<*n@pOLOtsWx{llO@mx-f<?k}lFvHDzYdYJ}oM
z=%9G<SH)ydA);a46wL?=t$%sLO4nMYPeLrYA$S3Gv5LQPG0xZyQ?DVBgz8xUv>Lr}
zYywz_YmZ@HZ#$x5<BEriA-_`gD}*czFG3Ru5JY20P8!emF=?I1En`~+mALi<QtkeN
zG~|sTD(kN|a#_7Qn5}o8;pdr&D_6%;OsC=$rJM3kXaDp-2N%Uu<ICU+|9h(`KGDT~
zwL0rY3HgHdcRdiJ02+6(gmsc3@4l<Ryu(7aTk{$j2MukcEy3HAdd$?;H28$%N6<*U
zVFTbqIOSz=WP|e$nqy+xsK=Pxx!HH=l8KNKRe?9QV@XWAHH4oyt;1>h@bp7szq9cV
z<1a@PB*PP%gr6%rUAj#ie14FyBj<69hU&Hw7p?R;UJYGsu#h~!`4e&@#cAZ?a{KVb
zovj6e0DJq?AhyA7UXlmnB#`~JB|pCtDeUn);>7%q(MFP6d9wExO>iQow-bfrd-JRD
zVz8s-d~_}-Rm?2mWHX}YPM_L%r}Bv27>(Mh!=U2w6QQqU`7%gqh1=^n1zc>P%r7$J
z9+Ao>vsYRODyo^`x>}*ocTG4zfMt{3ulsM<gRgjduNeq0od0EsK^{3K<i<u-YLxn)
zR5EHRWL3!rpvg&~-p8&$|IvieDw?1g=S#3NyWY$}@Cu%)E%y;j)9&AWBKD*6G%v>7
zgJu#?;)MNjwj~cu=KVJ1ws$yjfAczu?EB1`$g;dC{}oD^HEMed;;8fW0TSih>Tk_?
z8cR<!air^qZpj#7mr!?UEF<eIq=A=5QZylD;?<*v<5n#$4<@vul!zGEVL))W(nB!u
zI7NkU7+@JUvJQ;hxQ-ofrtKkdlb5N-Veg9|Cwa|gHIYkz0Gwp)y11JQuWwYEL<aa>
z;INtXWf0*(s#r^jFooyqfl}=!Mu1ypD@ekxL@VHpdSyAMKZC~lsmr$U(A}Ig7YrSI
zrrRGP8zF9gv^>c)hv2lOPT0VbKBnkoZbJmh`KFdkBYOiJMK{$_=lvCYIkh}4%F9in
z-I>fkz1QIzc><C?pL+<}LTT<G^=^O5eH+O;Z<iQO@*0jPJ<g9)H4;V|2GOhK_<CR9
z<)}de>+eI?BCy83gMB&y1~t4Q@e|V@w$sRmV-7T#$flhl%U!Nizbu(!!xrF;7Q*gv
z*BjwA99P1kYJ4a(J7#YF=qN@+O9CX;Sxe{OeL2gS@l$mnRG~F6=~T_8iJn3S$zC4u
z%Ke<++84v5U~fg`_C)z*ocaO<CRkotfy=^J`7T(03jB*6%9S?4p+`_gC(695JhhDY
z+-{lBgGdS;!w-CKq_pshxBR6j?P{}y^>)5Lso4gii$F@TIg7nYVAWeX-!*Q^>qkEB
z7>d7{*9Rq(AG%b7ib$bQtpiCvT^OV(ATe320`MVo0f91*QemjzC#C3+mB~WuvOV+4
zt(N$2;mk)Ms}YGP($lFk`>zyDRA}QnMCI)FaLj;R(?~B*us@3=!p$1?%ISb>$_t70
z4x~hMUlN2-GNuL51XEU6-xW8pX$ZXz0%X?)wE%;S9F|I(>7%jaQRUOP(TigCJ8m{9
zanB|w-|TTLU2<*9!Q<#6P2wLXA7l)O%P2H?Nz268?i(C7C1h1#NEPF5Dx>qusCRaH
zC^SVi(}x2NwCcZb?ZbP98(@icN@J9?h4SJ!V~3|CW*zX|GR3Piazm=Jr3!)BuyIBX
z7GmUBhzd?d<UlrkuKReJDe@Gh-g=ma8hv<*kyR%qDYt^1jj40)SRl5sS+Jr+oN%#;
zm3;9^(zV>I{-NG_FN%kW{IMINR)a5=PTC7$1&4q^%gz_RfJO;GGl#Fuu8y9cT_~|y
zO#>IXh$MIs$SOXWFRIur`w_p}uF}2J%(&{tYJA^%Ft;Dq>mnpT$re4l9O+M8k$9O3
z=3B1bjB&GFqF`D;Xm{C@5X5UN4{<>*U95F#T=a9`Q-ZP`+k#r|>}876j~hO^)WJCR
zPoeY}h0T*s4|02r-fc`2Bn6zvg(WB9&aGxrbvG>7%-~_&{-w9DL|<#5*qy_iNJK&!
z1_=`OEIHpzgPpB5BfVQAIPv<Dl|ELLobvdQV}~?o0%ngEYuMrBUP5=jWh{4mUu(n}
zOohUc7NWAmw>8OT@_ws|`Os&ehzKXW`?Vw~v8R=QDf|+O3#zuDt3v;B@}Zxd#zhT+
zIW9=GVuJwY%jB2Zib22`RmJ{CtTR1*<F94$aI(7-<@NCEP29-EGEi!Q4KgB-S}e4`
z?=bH%px19#<w=~+`1%QtHfy)y^S%pPtfP!k*r*P#o(o|h+fcJ;=ZSdUTWWZ|P7rt}
z+LxGO*tbThHCA=C8!oevT=!x!Oa_s?#skfS%?c}fl}|8w@O%9&hYKniSwQ#|c_F!(
zif#h7L^fIE#}#}VHbXr2zDuJXf0&0uQ2v>`a?YB)@+aC7FsV@V!ep0M5HX`2Nwjlm
zFO(*o`w47^zmfhKT5K)p7)!`lqs;VY|N1?h9uc)fLHaZMA&)bqoKylsIyc5+q5P2m
zJI+q+X<L>Ig?GR&Tv^;}*O7RLmJ3>gh?%+jo6W%jKqS#hONsZiqN~#kE!zF-XEl49
zpTllQa068(m))J5!*VymkzCG)PR>Yy?K4l)2^S%I)siUIfM1)<UhJlBan)+^^p(#H
z!(RCcVXs`)of={`I^Y`&xA8~e=1jMYAQVu(WCTpLb;nAr4tCgoCF?|4eEOHLbusmZ
ze`!DgViI~%f{>UX6CeCH9J!HY?W`HIElSMs3or_YDcSw37Li<L|Ng@~WXU8&sQJ3|
zc+&Wh3{W%6uuz=%O@iuYlG(liEIai_pbZf;MdYYIXAuWq(P(g&Ln*AZoOoL8dh*JM
zrhFd_{bN3)J@d*VVOXN;QlU>Ca800e^%T7A$2B?HdI#kfUKE)TN_8exL<~BrG0k>?
zuY1M9E-IuQT=rqvHIjv1_wecK9@vY-&xAGf`vrsBTnE*EC)%($H=fuF5f7N(;8YR|
zJKVj8UVgLZ8EA-06cb?`Yd)%oiGM7-)4La7&5>T^1qZ$uRQP}e3e468FnGP}@4cxf
z`BGCYE^UghVTlNVN2pb)Wk!306ZoZEG_(C{fVYM%27=`pn6y1ll{7t}j_2~AK%KUf
zMGdHu3wc+63e%^@X~!)1h+Gepkrcij`M0^bf3H>vs=qzL@)dNYy21V$-QdT!y?gz>
z<zbP-bcuWGuN_L*9=+XZoO87up}^Bng`X{FdZc{>DUip4gRC(e5g8>xsK0(tu@0Ss
z&n!IRy{`<aNE#IAi1@j*%WCOLkzTAP{6j6fe<p=ho2|pWreER7+DWpKSRJ@qh2wnw
zpf9G6G*Gw7R3vs0<jHT%V6$`)fpqF$a##&HNIg8W?@T85+VM>Q{{yNvX9WRgj>m4(
z6~Cq@JLYRUVSOsF-lW1NDUlW}BDO$Q&YKEdJ-argvhUZBBu|I;gJ96!g3VuaI*PI_
zu<Ypu`Slp%a+r!e{*j>>{UUF&KLWfDaL{fxfLH9H2DdYsQRBRr_%z49GX0Yxj>t~@
z`xlC=6sh#UaGXbz>yJ*{m(#T}u|PB2L{jTH=$zi1=-_t(m-qOhQ)A`Vd^C^FgLH)o
zk(vwpge(VzpFt|9qG<(@#}eZ^`;31b=}*+Yj<mtR!6G3FY005?i`@^5J9__g{M<1+
z&LwHK#TrV+3ZHRbCiT4j8xi1(WM8Ew-Y_LGcl1^@o+5oVH1pZwS*!}`f%IebeE0V4
zePh|#r7bC>v|08rEZCJ4Rk}N}*mLF@2Ksd>H@~W3j%yMca9tm*w6Ps%Rs=57JUU(J
z5K_lii%v-{jwW)$V9Vi46_O*X3Oo}wFI|YNM^Py?x<CmyhHvAXMWp=vT~w)PJ^$%P
zwDK!QoU@Aj>NlNU+chk8D4m}Q%mecU6mM%ii{{$hM~d+g1^LU!*V(#@PnlI6A`pza
z!Iobpci?y)k@Pb8CXIf<h|GzM#C`5{I3M4yAb$498ePl(U;aERH1O#vbxS~4SUBnr
zYorwI#mKz4*kCNT<IBvDA$X-)#og?r>W;|u>dwNbb`O&c_Wgujs`svK1%^X<4Q=KU
zefay22Cu6ps1AtI*J&O3nQEKsyBq1{R(lBK93x`NI=oDEy42h>334L{cVb>q6!ss^
zx;111sGnD3tXjRERBOMNghRpq9`Vw`6D-vZX3)19n^{DMF|HKK2^$Xbw@0gIDHKU(
z9XQEoQo;2EK=szGMbMx%j4IbtR$_UKWHxsy7rVpEGs_g`!fpo(t)SnX1nOG44+w4m
zn5h5I?}9?M2=0X6#UBg8XjOhuXL8q!qd`1Q5&|n;XRJPizeDjV$j0=)lvE{FS+HZ?
zvkk0xMH^>UQO0WhDV;h+x;(OQTm3EGW_c9r@T1NqHxvxx`H4%zVI?+mVuhmYw9$cc
z==}sVyE36yjbgq$T@_DHt52T6upJLfk$k#(q>MIYz@Yu(X_3y36m7mq-(v+;X+)A)
z{AF`^HujrRfezyuuNz|M36~_X$F~TXMRfd8?CN#M64zM)QYJ+Dv})nnlUQZ0_-{<a
zE3pFsdPUrL$}?<%oJCY=Usb`x5%#_5(DL2=9^*xqy^m1Ttmd()etjbg1$2Y5`mur8
zNcEmOhc>L{d8pU8^ow@l3)D5+r#G0`iGbDyvk7-h=FKlyvIk1P4fq;x2t0^I<V^74
z(<&lTV^6;VCrk#2P0npPRJ(CXA+724yU9+}87k+!oX+`MF8E-x)~Kcngs~_kpp6$Q
zQ`)>~zF@a7J>|<wVipT`6+gia`)V~1F8z%QhS4v@b{VRH9j>#|ASl(oC{WpEd?OO@
zl@o@B#~ck0M|sC<z7sfEs;gqX-vB>rX5xT-(?x|vKo|i)ge%wT(G5`~#)$4<lzRei
zhf5ABta{7eq?=4*Q9X&9nruOI2UHR#EwV+FnaYKU1dfLq5$_w)Lg}r8m>X3aJG)D4
zwr2yw92_VEyEm1WMsm+XDCm#AP^lhPR5YpdX71L^|Bo{%!s>N-!T|sPTK$gVoxidP
zZ@n_G#kLDQd4basHK4@Yzs{>mLCBbiGZy0qM|@D{utSN{^Z3NX*4|zOy=LuaY-&^G
zKO^u5HGy`s)o~LLKXscU*LAVXDYE58R+{pEZN|_5Zg?<LcH6y)tkc+*XG1%=2*6sq
z>(2G=NL#??b^sdWN;W6#+otH&T04RoN=smLv}@S6&0covSk$L)({m>_|5tJkD$($O
z1QqsZX=w?aK`G?&$AXmVHWL%A2mWh@-I5pDnl1Tr^@t+0-M?deIY9|pGIpnVotgi?
z|KXDla`0zFSs9GW{!Iz%HW}zK9t}x;a((%4O+JVrlai90PUi9SdN0D!siNp0dr?0e
z$>}acH^oGC2>!pmP8Zl>>Y-hM@0}4@3hU&Pq1lPfIqQu;ppHn*`+YJhQB>d-kLRl=
zYt*fw<DogHXb?CmF;*5?Tq<w6&g#I@9H(mY^p;SF_;5dWICF4kN#~p~OKV{G<M9S3
z6@@~GigequyTa(f14o#|QBD<)Gc!6?^nrww7NlOcYoE>(qoRxm;>9xzaA<-^S&^6&
zQ0w7pw&eAo41@j@s9d8uktn%!O&%|Ri2rc(@qO6NHK_CF<ewx5Il4C2S1yxdriE<4
zZ~kA;eY2G8O2H5p6!586P3%Jhfi(4QKLF9eH7kBE0$70f3v#|0RD%rxM2occSccHe
z<qA{?UKg{ni9jf^*ex#oizwEHa&)OcmVd35R~Mo}i%U<Q{_N!k9`7&mL*LRp;eP%4
z^;;`=bC7{U1oV28ZAJgLt?Ir2oIayzH9N4;<S?|f(`i5QO#6?c*c9nvvIG!vY|9<A
z3=0|<#JLpT(TObd`g3$)wyiU$Zjo|6uGC57^xF{JTNY!E5U3nPJ-f(s{Mf+RN07sU
zNl(YNkCuLsYY-vyJH9gKt9JOP4hjlymX_4tYOqxwe`p{DQIK?sOuQJqW-A{jCd{$C
zpMotrYQPz)NeLAR2(oVUAu{04(VJoe{KJnkTM)1vc|)RmAAsd09u2#9Wb+Kg(F5Ba
zHV~ESpI=g5-=nAm?|d6%=az+jRH>uJ)eIXAf#%+>D)zMjNsRBtClF^B2~Q7efF1}Q
zTXXLFY%hv&ULhLl(ZHVL)~DJA3Yn!-z}vmR@C?$NQAPOa2!BT)9~FHc^8y~sl%a$*
zvp(cuOxOny0*>L};sPE9=357*U%nH@&_X>a+K!JNPQ(!jVc=rZf87uPc;F)A(aQCn
zNF40!qLbM@S65D|Yr!%bS#qE#A$37TbIHGt8jvO&DCH=o$EJgl5vQzQMVoycXnS}y
zlmNh8c7#01-GJndP7B@jcHRv=b?Z9=cXoOs@v#IW8M+_5-qgR?VS+@t02r~tq6Wcu
zls)COVAAQx&|%VIrWJ<nTwGir1A`!A(I4mDr!LUIg66pT_ytDJ&jsEu%pDK9z1W$<
z;642SC~bwxG@@Cn2;W+#Lc1doPl~ndba|i#Xi!4SG?DHc4e;V8FGe;n6!Y_~pPK)0
z7j!?8(%G=`R+Z-4H(c2~KpZ6IGb@Riu)<-E%Nsk;4|$*pR*^$A9FJll>bByhdX$RR
zD4RaF<!x_{qS&t?L~0j*F|cWd=WB<0dFO(%^-vev{Gf1lza-aE5o#mx_CwK6<V)u&
z#1KzOjWT;DxtFd|m%Vr_Milw#Pq2*CE4LY9h*LeFm{YkkRx7_;Z%^=&M4sSod6Bao
zZu*E`-(*0MzC$bCy0~@nanIv(iu06O8ZkIEH^W(lhFTC5$q4oRm80s(TD^C!la?id
z{tHNsFcC5`Bm{DBM0Jb*q|R9UB&Tv)PA(Ac?GNPO=)l86%N}|YEdwLtELLE^&SfeV
zAmI7H#T9gb?+~OEEfyr+S&p6*3%lnSok|<51dO5Z`vyomJU`s)%}*|i4GqU3T(p)$
zRNOHD@vQ)ZAz5OYM#6aV?3l;t1RgUL*=ntx8k|WGxV0(KCq)$8*&0lCWMgt(i04_#
z5V4m(z~j#ftDz9e>U2b^_SM>n+hcc`>5bJ9t`I}5Tnac?-R$hdqzyxqX*TZNd%=W9
zXRlN(ro1eW79}g66@`T9d-jmx^Mwxl5B7L?u%x71r6b_7bP8BAvsw5f?obx97*_im
zuWYWpf#zpoYyd_73;`1V&9+P+d<!<zn0zj_s1J%*Ge%azpMI8ork9DuL{!I=RU}vH
z&o~>RaFc^y*!3uX<JQ5Hmp!exTy%Ta*JPUX*i<48*mPp>riqFy9D#!+1gyo4z4JpB
zNVcY<J8o?_oajSDh&qcPJ#gd1I`or8+7L^a2jF4{YBd9Tz3;ikQ{1rwZYCF4z~wSj
znJ?4qIPv<^64EotcV>9x9a&6<v$Hdvo<2dDEP6}uyf~qiO^21&va08yOg2W79#4QE
zD;RYjWO|>VsE|eW@l2KK_TJFxbmp>1B0hlW{?zy+%#~KP0v>*OjK$l@LvHg2fG;U1
zQU86$aZqHBQ3JVMZWnYCj$CdBVkAD8=A*;NCA%hhikyhTrFLwOzOKpbj8mIW8@bUX
zVbcjOA{}M)#`gyJX1bu8W=VWcHTR*1P}A$(D?_K7xAj&Ojbw8ywuDe=?+%}9aN@xV
zBV&6QvSYHv3xP1|O%BmcgLR`ksl>w8T$w3)3S*Ak2fVd*4-}9EPc>+DfFl3OHIyKk
z6$ACBwLm-Ey`D@=C(5^iV=D45`=`*(LJcmfy_dIs28!>>XCNApAL}ni7({$_lJ)Q@
z;aeMVHcPMbh8Vl-ACYLdw-j_>>>8%yg%igzfm-F(W$u`8uV4=sC<!O16G850d|@y4
z-zZ>0D;AGN=f@f-U)(Cg?N2qx8HVcZKJQM1v)iy^H#XfvDzYC!x>{g9H=vwDg<`0G
zGh6g+0?s~(P(KaCskZVIy2!5-F%DibzF-)EA48fo8LP#g-%5~~^<rc|gCznVo$ki5
zI6fVyZxZfKl{(;4kzOET|Lg}*A22bItcEAhVwqg#_0QYmu=-z<AyPGx3&p=#$Y0I%
zcQ)C{-L%i*VpEr*G8#*5NC4pF8(gP!mb1W`5p)aOrxswNrH3~ICIHHK0cV@NcyS!c
zo88t}$#wJT7DMdPkH_zR*Fp}(ArGJlgSIR1)Dj$X)$+h=QJ8$U+K84KKPQu2k~We&
zn4GNn@Qg-qq?2S|p?UPR>7!14p#uKg!NLFm4$$(G5BAu-Rt7Pv0SaPOUE*rLo5xkN
zFLg2OuV;fBqdg+i&N{TJ|9YgO1hQ}^wwn?#gz{=!+9Jv^fG|W*<4M#$0|(-zWy1G9
zcBIszbeZ1+y#<#pUyauJe9`_$iF+M!w8YnKo@qZqzO!XJyd{M!6G|T*3c7Xts7NOV
zc5^Y9#a@BkP7p03w^`N%BX+ezOn#m|g`|;lh5G@(%=X{T|DXrYC@uM@Vsh#PffNg%
zE<BKQl9a$!sa^_gtWnlH&l@Bm#h$8gjv$+*hs&CeqrglQY$2ajWU+3+<IEii>1)d0
z?uSkN`^{>;@0OQ=*VndfK&8TO=tQhYBmbABJV<Yw{g74-@&FsY9GwC*1qW+IYE?@G
ze9*RCroE^u8g9a_*Y7|Yl`}4xcF%20^nwndP-!OV$^S@;@LLZ=$}RoX(oL+C`jCld
zU5nLRDJL?d*v@g}M3XWXB&E4%PEwGKz4!L~u_}+-?<+p98`_?0W=3}?*^d{5XJ3K=
z#@>`W-g7~$jAajE4!HZ@bXR_@+YwTUiN7c+`K_g6GgM3aBYcnkEF`A$GoPjeH?3uC
z4ry~^5Li~Pc;UJRoChLdyqdoJ#yHkC8-B1_?P8j|&<@`!R<qk^14|w9-99}?%9X5J
zAop-qoWG$9<TRr$p`N5)$`zSwAu@I>NXG2B8}|hv%omJN2}n<IQi65F3wY3WH{=5Y
z`wGP6{Pr0Zxw+_TUT+Krv!z)B=dxrI%_P54U{{fiJKv5sdIJNWS+jUznwU^o=n{r^
z9kPeXmX|0^56-MX9Zc@0ko7<nA&Zi1wpW>4S-?lm_UlwVLUB>nAdpSL!jJN3UJ0`@
zTAICdS6rD0wzC7lM`2B(@xo6jC>399sL%?yro|h;m0G<4|9Nv>V(uXOO%jty>nH_!
ze&*47@%?L04m+LSu9FV+_x9)H#K`F;?Vn1MtpwEL9N|zCTV*9h^kqgnQKGn=nRYi2
zsRfVa!sX|u(GLRRv%k6?^iv8&x+nc+N)^;$)uT->FW7O{dTF}8BM($bDOBinr=A=0
zI)CS~=Zg@9nJO|5x2~T$3;mgTdB11TWLcJab=e9{pH|@{Ya0wzV=K~j_h`F%fbegZ
zerA5DgMC}_2wb%Um)inOC5_tCi3OTY{((U0a3)k#!+!ExvAa83f%jr)_QXtqbu$Bp
zZ(9gS6u`edWC#r#pZ+-zH0th8l$5AVK2e^C=)op1op_WpGT0AhUNztMF+uOV?T?$Y
zV7ip&>cmG0_4^PA174Ril&GpHeDPr@trGjgAm!yZRkdCZF6-~vbUt(HVUS{=^v{pJ
zWw^PSc4s#`gLYhDW9K9qvK$@JEX##iXq}nwxkog*@&<MacKR`>Fq#~-s%)zJ%y9)F
zir?h$mT~`lWJX&y&1hTO1r5@G9SJxgcHut`1#;a_yNzC!tBm6cK0K2Uk64e6Sbv=)
z<c+EFAU3aj91<P6{Z7E<N;9s<f&#VUSmbjEfK}vb$}1}7w&}#_BN0UDdq#y?X{mlU
zfx3&#CMZyO=b|-v|Kj)Z9(UuW3tae{j#<bc)T5HA$np;n2*9gh-?-P>)j{ykBLdEb
zKFnFc5&fBoWW-cb1)StSW<1ppzoq`TvVTMBM{m*+^uP^@i82B%6ECwglkiu)^sSDd
zNRmhltSx3*Je!-z=0#zmR}RU8fBjXZsB8|K@69GDBPUlHJ1Fz3<P*+dGO^sS1l+eu
zUHoyz)yUddf{7m~*KZi*EJ7zof-DtsHSMR+y{+^P6(}A-sV;~5k=YB^%;y1!o`}ZL
zZFPjxKZ2?zRmE$ch3x#y1^m9aC|9dcd8zu7&zjC+Nr2CN3QOZ6o0<BfDJe0%__vu3
zh3Hfsb%8e?4eW`hm8uELFG<TaMJM36c9AhiPnC-)o!uI|-+^%O(?3%jY=k(!#!>#Q
z#YtSJIb*|IN*deC{AqtuyAt1GoG4niOta`wagM440iM3e{vf(6{<6P9Pu~;!4{Uzv
zl1+I$T~c3NJ!8xPr;U*KA*ghLv0Z*4F^S>@e5v;!*YX6B<bNRS299T2_31sgMhZd(
zxvf)jqnskhMJDYaasdZzWd8Un66A{wz&gz&Mao0k13nvZ%Zn1>cQ+*JrtKz|=)C%+
zA}l7o9=J|^abqk$;+zrUpqRbosEHon&5d+Dn?~X3*0mHXW9CK}``@}L!z&mUooSm8
zCDcaE%i&o1Lo1A5_y%+I#!6*esG~gwauYgD{RN!yVn07LRi*?ewigV*R@1P_AlvCc
zgI{4ES7J*herF(nKm)l7hc>ZMPFjt=0UU`WOjH!jhn*(8i^((f54L{}zNJ8{%l+#X
zbJg&ub;=ALhAs|+b_3Y!)OxTjF+#cS{cw+RZh5jG1)Gz$O8$cb=fEzlEPfih4rf)Q
zB^&<RpRsYYqJx?c?H+h$J?nWlRCld?QL93vniyE6S^tpC92iqT34x5-U65C)-vSfX
ziP6Sdp;Hoh<k+<R6A#a86KF8Kc?qBX*ZJYXPy~>h8~tEtl_L1RP3{NI<|2Q$vvS(I
z3FD9mGJM>qsFoO_pud2I2F8xQ2oiraR%mQ3BynSnoDsR)=$53${`&N!<|Qicd+bV`
z@N&lWJGDFne)BD4YydPe=uTilg*&WL&Q))X2d6Y6WR5%5b-R26xBd#1%i%9#Ykzya
z#RKgf$t^dRL0jm-zN@jxCzt2e8e#zQWwLb|Fw16qV@YK<H(z}&&WhWPYh}r8Vk750
za3hDuStkk;6!TFYV?2UU1B!zz$x{qm1Tu=4SKrDCpFY#54UaXOXy!6=M}oY9Lg~9%
zHs}!0HX>ccU~&5zCTRH)2OOa3Grbi#lD?)_n#BoFc)!m{`Qn^l|AIL1{O57H+3WkS
zBGxbk`=CS)`i**D|Bgz@s>@FyrZjTH5OmTwO=FXAYlJiv)JE_fNrnFq7>qh0@(ajy
zFuEf9cdJ+Qgd+Fw9v(?*p+x1G=|6H?*)%j(K7Bq^r`b>qMyp_Ag3&_Ye_M3_?gw_q
z8V7t4Clw-dv3;SU3ay}`14}iWP4Hy+2knXyfmi^=uq1jDaM16!TTmRUCLzm!B+abe
z!=-d-WTC(0pSvixbxYl65G-){I?@d?0{@=rpP4lRClL$OgcN`!!1;HHF3|8}YA6&E
z0W!^>-gIr)UXL^$c@j>)b4cPAq3gb18lJwUDA9~;D?35D>@&m4{tP&w5sIH4LCI%t
z7T+L5{^2Y5{`BshrS9-ugcwHH(S~LrM;%#U<Uf;c1b!(2y4OZ5#^Jwv`Emf-5^S%2
zFvrUfZ(Nm(w)X68_PG3Iqdhf13Lt5_o4N0mg^Fjgm&98_=kfZ~PW`LNlpPX@u+)PY
z$MC1xk*8ufq4wj+{mhO|vG-wN`aO-#arE;*cIlCE0EL2@B2}+aL~7{K-go+R>DZBJ
zQ1kzmq6Sh6&6A#d^4|hH{eVQL^;EwFuseYUVPp%q;=i`ki8`CpLf^f^8ILi)EPei{
zv6xRTYhq4i)D4AyJ_ET5e0;7yXbv3nmmxDIyFUwJH29Ci0po-7pRG_&?YgUvbq8LN
z=`b`6MmOZe5uRoTxIFG;{wIqs!Kb@H|66<`(ksOp1a`y!=oHA=2@0eoUFF>aM9YF5
z+W^6#SWjle=TE!Al_R~=ht`Mo1c!G`j3C8#IRBAd;%Tgd6)QQS???-)90RFPKglqw
zLRmMPhu)4c8ZMux%At7MF=`@!!QrB4E|9x)vyPuLs>=O;w^$GN4ycyh>7h28YlCEQ
znDa#@hLyy!2SRGNr>j*Q#$Rrk%ac=KdE8*8RC4oOr)F>kI|#59Go$$ST;?0o8|ODE
z=nr>I3OS)49ANZScr4^{qKYiR^Qkb(`px-SociKvkKXvpfwx*XkF|zje0Audjx;+o
zI#f#00N>+Gx}hN@{BPTbn*pK@=9r}lnL)dUwX$wl&iDOS#)3N!aa6dSN2qkz+eZuS
z^usX(@sfb0gly5c$`o3r!2F>}b&%lf%Xg__tKZ^Z)qwHuy^_K-wvaG{!}D%w+sbQ*
zRZC}qIu?kVVMNotmI$=8Qn)n#=<1RJXxsHXIDU!G17TM{PM}-{+Pmy@>DEzu)pXKC
zCmSbW&gsIy8PSr`-!g2O1FnImJa5yL1KGW0c07WEN#R>)#`?QHx8;>g)8Q$iX^$s<
zOxpdpuluq_t7p!*92V3JM1=L;A0iAoUTZ8|`s4=+&u}yjAtG4MU*<~Xfkn$|lp%tH
zG0vjX)qXT<o|p)hFekxG*zoKKDjE#=va$Vqm4_Nmc6>#B6g~}}?_lVC_qa=SRM7F-
zfI{={+s8VPwxx0X%yZbP2BylBWoD=?t#t+wNUw3C))vSxKHoqB68#wuVs_e1umO&|
z;6(GdORZ30ak`;}`(0bgr7Rlqc+zf+fQlTVq#rI;_rn|(-$o&kS`yiQUH3^>8us-^
zzR%R(qDa;Mj<-pXG1`1fEMLv%4ElK&fzlpbVHzM7-_xjE9mIW;Avlom**p+605Cb^
z`4<f6@dgL+(uDvh-2XoCPhv2<@nmni9Cq;dM;>8Cz<QBLkkgLu7oE>5nw#aX2~~y6
z8i?6nKG`Of#G!W9fcmhJQlvPa?O*K4tD_c1w$Ej^?I;Gu6GvD~pW*M$g@C{xU-`S;
zpj%Ce`vg8oe>m!3e`~E9x`a5T*alJ&c4Y@P>~;c0oI}Y~b^9VL2KV7jt%@jSjLy)<
ziDp6vL7G0kUmhf|Mq=QC^JBZ9Owl*6B=B4%;4v`L=Va-Rj1IKG5tic1T71hL$J)G(
zX-#%S4T07sHeqTMc-eYuEanG!v-e0p!%RvtkQS?72%zj@@_*0*#0jViZFj$NjOB$8
z;KY-j{l)O)Jc@+_j!gSr(aEKAVR?-&%sZYy)KHhB2eZ2F5I#NT1WnAr2uX9c)}Dsl
z2;?-F{Gn<Zw}i(~MHts<2Gc)DgH-$ObQ(j?l-m>P_$Jdet0(~c4;!9VV9of~ds`B3
zJ^$g?Cm2|_28=EOMY4;V_*fFvwrVF_YV~^D(9hn`P&Wm{=N5#x@lU*1d@g`t_W_7?
zqFG3ASc=L78`%XbY@$$731R+CIl4PnvT`I5YaEVMDvKjYz2rx7RaNbvmdtYBBt5zl
zSc{PxeqPTi_^nGE+YK*NGr1g2demIsKp#ZX(E=KqgchzLnHxiU*A*65F{YV>S(>W>
zVdg^B;l~X-W633RzErD^pc|i%WNdLGlaZ#Fy~zfpA0{W!>t#FL6-JwomH%zw{%r5%
zuA_yd6B>ctnPHyDM1lZ0pL&kO8B0ixtsTuI4{A4c7}{QkBQg2QwJ+MGMfveTOrI`J
z0T~7*fvw4zx?Gpogx0`cDsD6H=56-Rseg<08}2HqPxAw6YnvU6`pOX<H6J~>eCAj)
z=6v^6W}sl{0a&M_ifJ_sx7qXzZ7##NJAxcL<}^(DhMy>%m{S8hFeD-ga&NZXNfZ~p
zJHJL+ThnWBmk@+3M-p*()`?Y`wc}W1T#tPkpi!>c;C3pcyM4kb_5o->pBd%;Rg3hd
zf`8p%NVNLROidvkMmM*+2Wb^^RuF|G{zr!sZC4L_)7?7W#lf7#;|I!MB@#gh5|!cm
zCs18QuOlw-Gq4?Zu{}3g80!{w;@yUvHJ)H$0eSy-3b0yvJt5g3jmIAk?la?{){3x@
z&8T=G2_z|1zf_T!TrQyiB`%wq*bfdBBjsG6jGIi?T~Mp(Gi>?K>Kc*&<P;a`9IyCI
z{=s3dybz{nb7ghtJ`A@axt3`pYk-_+n!<#XlcL0QBjk~(ic}mYf9<_@uqQDITF85=
z=ydxhkMC+D!q@g?ilcsrVk;z>;08bA$|CHK%vlry1%V;%^{ifta%)y3#I$|2Zkdvx
zC=F<_P@$BhK-shlDV$wmgMprR8d4h9g3;+t9(O_X?(ny`jrDH@dQ1rXJ;ZYTKAA69
zCax|z3lTmpFhn};5&}~fPqum}Npo(~iAKa&gb_bc3TG^jE{_&!F!XXJuJ^oQ7tC>^
zg=`|@*1{_1zgEuIUkWLjpSxm*Niso|PNauUn<Z8RLR6LROn2j|-MECK)p$<x!N2bg
z{?8fFMl%v8rT^+12j^=6X~xETH!F8&xp-Yy-N}}ju~=L>eXv|DJ_laAux&&fkKNoo
zGuq4amU-XTXa;tQ6Vun;r({)8-Bu?gw>ZgEuDeKV+G~p(z=m{lb3O2PnpSVQ0W81)
zE}xK%!+HsSy8x(^dMAEA%Uj}7$g8BHQu#x_Zf?3E>Li&-`cs`j3-J-TCdjeIA%b->
zwnP4_(eJ*8^7Bp91zS#GAt!!&NhyG6t;iLlaqRXwenG*qe{)CM2Lt}dA``F!VrjHG
z!s3Jznw?VJ=IfCBPvg@VIvzh}NJU3t;oueZ?freIOB**QvK7K+SzXmLFj4&t&Xa8o
zHN?1D?U-g7;=+U~n!8AVmEIqe5l6_MH3^x?SV)-E?zp_>;QeuoL7ko4C(qCMUYE}0
zo7P`emcAmZ+n}RcS7)gIoZmB3p=BE{Vw3prB94qI;J=j_JLE;Y;QY@Ppn+uw9ShoI
zWtoFm8WAidH8nX02PTLzuoNLB#l^)n{hiaxtig(o7U`QS1HvNsgy}Tf6z2tmSMvVp
zl@m%skG9WpFU<EKYQy^R``5j08H(v;#Vto8vuFway>S@=#bfr;Otro4+IN3U@gqHB
zOWO*&`MFiCRxgx73>BrpW;XulRii%-rnIL^@I4OCWaStQehU)I$u~l79y8b^QgLv=
z#qVXxWzwqYlmf$X!2qk}E@W{$u5pBt;ZW1Z4Znz(R-x6&3FBnUFnQahU1c?J_>_Ag
zyp`owEmQCSLFN#_wm78K2Qn_{Sahr|C9+;{U5^~$l(6%B6cnLKZ2_BBOoiDn%V~IV
zCO?iigHEIx4f(pmo%Tf5lU6H)KZ7t@okL2RV^JHld1;v8>xWwl^%VRv%iGHjIc-?z
zq23d^WRzQ&92!tcHEi}@N-=-D6S|*$j}p^~r9IPuizRph#)M%=R$+I>L*orwGSpI9
zIeQ)|q$k29m1RY%J-B`-zC8<gUctKTIf?c7dReoPHvYcljgNVq1O@Rs(NRAyh8A>f
zZBMyBK4f1z%V#+n3?+SlN!BJIpn1(y6VK^=0b*PBQGrh*ISC07f70p-4Z2rYQn;c&
zBy;vHK<4Oa2{wXSuhZjF^7*E={?{*=Pr&CAUmp_4HMq*dc+wINln?&6)g2`Q@eE0!
z`3puy#(X7ORP>w5)8Y8499a-ZC+Ne4goFSi9^ya=?|SqEeMj`iXgD)hP+Z0AmSAw*
z6#P;|hy&$!8Z(N+Iy~i6ykXq?ZD&l*Ehzk&7^qNI*88|RyV*_tQ?slt5h^|d<l&*v
z^hNcBH|{2ZSRE>A8uabn7^6LIkN>+x%Q22e$bUXySl>ieD`kn{TPIEm_&<^cKq33@
zETvsGIZ^_27B;q^DqA{G<{ahmVtp#?`ySJO|A`KEt(PQZwe?ae;IdGf^ndPUIQkaN
zXn4}DiyUbd8mcCgon18@?oWDq!k)0fK}vK?nV(3`5-jC*i{=-||B)bJA&%Eh=Ur-W
zh)ZeVB|AI2Wz}h)tKDi4Gw6~5@j1<mD?I9}zv!qbU^Fx^Hx&k8U|`&6goHsmL($|O
z7i)Xo^LMeeLjtS9t|J+JIC4Tipc9gkzVd>@B6d;0eWcK9CM5e`U*=$dZYH;73R_Qp
z#d_DqfH4{dDYh+iM{{<pt&L9Xu-Sv)ycvk=BUGWLvIZt<1`;N6yFdq>lK~qc49<y<
z^!%bw(5nx1b1)(518|Y9@~wt610M<pJ*F=Um<FT(E)k9y_}{cZTFQuPs6kTE9gF_r
zVzVgD1fdzNg*}S|OSHzzoZVbj03x`_pc4j$X%w0fT{|pRcW`9DD(G4)I}{*$BoGIp
z#v~*0vg`mmc~W_@`j(cUoSX^QIZ^|((M9gqZzGViaInQ~1mpnxLI8YI;fRm_?DZ8G
z##0cS*~hA4H1wMyVj3uQ81!{%4DuHkn6tQ$Z=?kjsB`r$O5CP0$`Ydy*uBm4FOmVW
zhn_@WGh^XxbyJg**bfixES#JLn-0z<ffmpL&L-kp7!dm>=|b+Lq?xFcR8)xsGo)hT
zLsAD&EiGL2&COJ=CZMN6evEkiKlUs~N)K*gmyn!{dCaX>wb1|fFJ35odxD73%NWhA
z7TV|u@)a-j6&?m^N?@5{FqPmgGBT)+yMO^CRGTOb$nJ*r8-7gb1bvSGdC!I@V9pPQ
z9G6&{x4}WgJ9o#RY+5O%7xa&};@_Y}GMw^=l6=8JMGf`429QA$epM|k=7=U0kQ+=p
z3eNubw*L|Pt7lYH`Cw2g?`m%hL$BRMUIp4^|M&A)@_#Qa?-Kkm8LlfaFfoy^pkTWg
zl3(cg#(b=HIydx_8+|wW|BVg&;s!KHcfCE|3dc|~bwJ=eqC}MT{6Ad1b97|O_dXmu
z6Wg|J+Y{TG*tTtZVkZ-4VjB}<l5{+=jko9C`}wZ*d;7ocv%1cyI#qi=``IcO2*IWU
zTYLR*xy<b2LqX<(EH9~WygjsoBi0bl7C=6SYm&9jiEQe8D08u<gLjx1T={2We+Lax
zQWAbsz|sUmMN5&!X@_KD@)+NLG}Q&Jxhbr(7iA(MOyt1(-l&pQdS5Id`iz4fta7DV
zWPH58!zDN;C+An?AGXYT7hr!k_21#@;{)4yl?#RaL&GGbF+rYh4$8J)69$22c=USj
zmprj9kfMSU6&qA;wlY3Rhz)(K2?>u%3IhiNE769ql;WFsW|R^3O@;$z<A>HeAktJ-
zw)6Hy{UvMu<pn%oBM(KqZV!`lgMlGEuf=$l5<A5x&XDpuy%fau$nh~TDHcz|ea7FX
zcTOSPuDc|wMTVo(8il4XovMyNV+`0J*4;tE^ujGl*-K#b%EyLit(O39_m*{(47644
zI!QcH<}J7!&HIE3^0KC?Ul~C-hPmhFTd-U#8J}NFRTxxgQ<L9I6sv<J#oPj<CF&i5
z>nR<8B}74lL1e^5)c)@|XJI3&!FCS;<w{~D+#+RVBX>EUfZxDX9b9vgp-g0ei41PF
zVzaWfC7oXGwZ2Ux?^^&DE7jPW^Wz|GDI2q)=}XOrU=osMZ{B=j7YY1I6Jf~M!miQi
zyMC$=k^#)Jecu5aQOJrAr=@L?gA^|<^&GCUTAw45xaASa!A%G&hTb((MtynX$4rAi
zl-5MvQu~}-iA|GS?e>D@JmZf)neGwG2)Ab+sd<#{(n}Wtiu`{USPv$$x15raGMUej
zWjPSrHrC%<sQtAD#+R9waSY-I5@?(x9V8qY<T*PMxc0pw>X?LaJ}Elx{6tWgUIHZ~
zWUg0X5UXk-3!=Wqq-m&K+kK=e9Zj!s8i@j|G}>9yH!)tR37Kzt<eUzh;i(w~O1f<(
z;{(H)?<=TJX)dC3(=ps`G?=w$UrV5K^z85W4}(O4=91P@@?Yrlu>{EeSaXUi%E5dG
zBc~PEbtB6P%+XXd*=V(Epx(gOKR770kCdyhrbFGu7DuDi))DX~Xk@LC9g9O}{+@=E
z7r*|!(d8eG>o51G4;z^jF--nmHtzt?4M^E$M%IAX0*PQ^37QQH1dv=^v@(~#2^TLX
z1=bD^N`r2IFE;#`^29Is28o?wQYg11s_^3nb!6{lYzVcZDzbP<m5b3^jSO}E0=`GR
z;ZQS<3(CVjreu6JSR2Q}oY$Dy({P0{YXMo-?HDr73k;I=I9pT~vGy8oky_L)Ggmqp
zDL=&Q_dP%^AC)N4mXw+vob&#8!mb2-GDhMTxb;tBN{SY`RzwmUE-N8%Ggo{XWXcAQ
znXp|6IAYc_*zcxj#tLqHM-6B#h~g1Kl4iE7XU_ZK#c{(@0&1m-R{{SMARi=Pcd9g{
z2`V7JI@7Nw3*5uE{{jYi*skBUQodHwq5|XhCu#(+&%9&Ob6n{QUyDh_l8_JluZt__
zD>%ZlJg#%K1kdj&rJ44Vw7)0&V5rfWMPzf>6gw)yyS_bOLF8}8R6kxAAGHf=IkCdY
zJroE}J?kH{*dhcEe76o0Eo?owvR;Rbv5f0~p$IUVx^ttJzfie^-b%~nYH<>u{YYW%
z3>b{P7~7v43Nv!8zicqtX2DJhE?lrOvi%cy8Id3bJFRf{;RYr9>Nb*Yu4+^l)pvC<
z-SBRLJ;JaNW#BfMbTeQffg}7J`LERYfd+cb^`J@tl(HBybrG;{qY$j{C-tYY*@28b
zHZmx4i5?^burD&#W~^k9V7*qOO0r<%{kR;{P1V#$Yfq=+p^|svsU2^p>&Ua^2W<OA
zOVI0Pxw5UXIwJ9K`Ado0>-Zif$;c=v!qG5UXOSPX&6TT-Hi#Dy;@`Dr3+C(HB&M>M
z!6KB-2a@RYt=Ssd(P?+Ci#-tt1aKxQZZkPu7%UWU!=XOX3XwfHRZ%se?DN;-I7VlS
zLVXxwiTF?fmMewZV;x!z7Hq8wr{I>8Ywb?nO!m+T!XG8o+^!4|7G89PI?pC0zE-6l
za%tE9_o{#3{J#@70|#S*+o^Y_KJR?0BOwt|DGh2$gYERjO_7NO>o~`VRGb4?H)BGc
z1?_2a%qep~DT(8NeQXelhP$(_D>-C@`gaUqYkdFn1@``Hx3yfZ*^a3_qrEp+yuB{G
z{(z}k)h(iquO=L!`K{@^{~*0zNS%<8^ygM01;=1YHCMykvD=vt5zOmRbf89Fw5UN`
zgJ%)j_hj}+Z%2Z1CMaR0^NPI`<CJppY&Dm`H+?Lpt7DARg<SDuN#XbG59-Xp;JYNX
zN~AZU|EZcY=^eY?{>ueR;JJ;!JTeDc%kJBlb}xy5rUBjcp<VkNr5w9H4OdH@u?vk?
zXHcHgfFeVUMuMU+?YHNMjg2$1wiXA%1f0Q<b@rkU1?pcnB?>xY)(ds*9phs|*g+Zg
zJBp&HMrKe{e78qAF5?K&R8lKMqoSsb*g5VOgZcN94R(k|Ib=e>rb;4pB8Y4soE`dw
zniQgmS;QXKU?m)SQu1b`XZd&v(K*p#mw6*khEjl&Jx6YyqtJm|4Ze!O<olEX)O)<8
zLD8=e@fS~cBJEO|Q}YcncG%YAwbnZ2+w8(UBmaUB`5htB#0R`rnrxuLQ&ryQ%@pP&
zCZ4Ew@Zm1e#|m@C@}Zbg7#B;3h49PHGxViKp&8!~irBX+jRK>%NeKvG9c7{Xqh0B#
z0*id=rJB56#5+t5^9|xRVyIUY#`i%&KpV?mqHs0J^Tg}-W;uJ?az8k;L<m1;bd8yf
zXrnA1O#4;v>ir084rho~qMqPxpStg<SpX-u&jBa$M_Z8MA?SARiyw>Oat1m*?bgS|
zjY)()?&l+=K1w?)AC_+de#C?XhH>7ty&=blGVJd(x}}U0yt4zP#XgQv-^L8fK&v`2
z3$fvOql(mMKL7Je{6+kp8xB{mu2~pCk43{?Kv*p-yh;CdH%|68`}-@Zx5Q)i_g57R
zy9x|*4;5d{L@*<h8u^5A41(;pE&pdoRA6leszUe?kG$+I;h9xhrtmLMpo;9O^%^lF
zQn)${%o0!UDOx?Jn2ZKrL`^S6+aGsm^iztZqkIz~^U{Mu^EO|wbR@Sz8fhV@>LCW{
zGw@ElQ~ToO!nL4zQ6Hvb<4PaEl!*Fst#!_H+7M()93p8G4C=#5RYBRU^bj>MFA{Im
zZB~&LH6)eiX<`2{Oa1|r@Ic7dlg>B2_XY>k^_yM#j^}K5H~4g=o{XPgFB-ju1X5T@
z)W@sshMlY~Ej18m$dPh#e$mj-NR~+m2?2-0q^D+)*H!mKQ=VVxjVcw0&Y+ENH**@<
zPL!9YSKg|oeFLTjskf1qK#-FfUPn`-KB6C5EFZIZV<xAiG#+hI(8KX7iKx=g7k>)7
z+9?ypl-B^e)<?VHrF?b732LOF)~&?#$L5C%%cD2i+leKWi0)fn28%oO7#eqZbo_YG
zr`NtgKA`pKpL&BbNpo+0&e9N=I#X%WP>|Q{0;i#To-4`cvdh-E{U*E~x9jmQvKVWH
z5Il$ujHUIt#SLg3?jtY-GlUKr8WIl;4<{uh1+%cQaCCJoQD`~*6ZAuzt-$9oSh^uW
zIE$5H8(UePoU#t2g67B7dW%gGlcAu@oQJb>a{NMYO60kK@00Qb9x7_^x1}l>pjF&1
z4L^6U@$!B8LoNZUu||}nj{TSdEwA~bL?FDR&tQL6EjG2LY;J_I%%Y)znc}g`Tb}5X
zjPk7mg&;sXJW8N?S6dBiik{wB(n5YW8dzd&Su9xqH8M|rGuKw8nh2d<-gos+G8v1{
z4ZU8w6Cu^?wxrB<{Oa2y1oo*qlLwben(x$qhxRYr4T&)5bVa0)!whM1`7(YT-qLc9
z7f`U^|8v3LVR)x_e0+QdBgocCt^-YeX8{@cvv1*J446absUO>}+v#d8E+r)wJ-9cT
zaJ|zH{)dFr0E>wAdoT&%(Rd2<$gG0h5bw4|fcH<ehXe9-^=fsd+!?(B#p<FtqeOHN
zRW`9^@fKM`9!PXH%Al=ahyXN}s~|m48yh;B-Nydr<1kv9^#&_@2rVsbxrs=PyC7K^
z1okp2uF`Uk%b|lzv;CRNX#d}x{d$T)3)GRg|F?tJ@&W-Kw+n9;jiiacFF79*V7u6Y
z+H#=G>#BU8ZyfXmq$imKUBxvEJ~bw4@FVT2s2j2Zs<$fCs=;$z4$3njPLAf|w>QZ|
zVwDnUq6*9{;xijeIFi+MxDO^G@V}&+k(w*xvzi}>{kwIHz}AxcCVP{J7G!{0Je)AY
z9ISu^RHZ>lm)3WKd5dFv<K%hnwD}V&zT<X~r#?3oi-CrMh!;(?Ou?A~4xL7FD|t*l
z5*?f&i`eOZ`0t7X)ktE;rt6gdkSRIPDvE3d)psH*_zXf;3NK42ZLAJM0NCB>Kd0;!
z4(ixbUO7%}f;<ojlM6G>0FiLeBOBs`;QL|z|3E*GM3C)c{_|MZv7MWM5yW*1sFvSp
zA|bAWi98hiEMxez1drgG_@6wFA-yW1{J|s&d<qG|w<uWORtRw>At3U;>;ipiBB1uj
z{m<&@)07v!JEQ6mlmMC!|A_v+0C{2LJM_0n)aToy&jg==>HooZAiu{Rl*0vXt+X@h
zbNkAEG9)CRQwQ{~{Ri*=v(l9Q5*kX;DRid)P4GXvxd8gFF`Do?)NS_vyO0XBbPLd_
zH2<fL{_|A}A^`~@U&6;IpYi|Z^}h==e@CKGtc(4B@9j$n0qi_-<W$g}@prq=RXXj-
zf=uDxeou_Kg?FPA58qRqL(|g27I83%L6v~pUCIIjO}N|+U*?8}J8<zVdK>kH@xqSW
zv4jOy-@><@PGthZTi<Y-Hll%Fg3!@e&i$j%Y5_&wA6H1Ik@23<QvI_=b}49K@COq=
zN*6;d+Z7*I7&QgaXL4>!`FSCJcScv3;mCHThg32G>6}Z^;w2F#$+=>3P3oQ8He@~L
z^<K4fp??BgGW#}Qx?cD`TTy-UfQIgDMxY?9kVkEVq=3KZgq#R$hT<EhI-bYy9MO95
zxrbQc<hN8&IR6U`A~H;(nUfRfd^DhYfvEkb=E$X-VXeo?_oxcJHG=K{+#I(8!3K54
z2PD)vn?~O^X0@6f(BAcyQlAa;IqsoK!*>k<{-2117Z+DHeAtcISg)yfceJ>kn&Cf{
z5H};GMbGwbuWqUkdc8lamVQv^G+PDn_6Snzj)SYF6Ag~~Ec!S4ef&eNKmCFQl1`=D
z#)L#@WAeh*5gG)#JBLx=?GMy~@6m!32zV>!VIJ?xncOxUhaV4U2Dupl`RW!39g2`-
z9V*^yN>0QXc$ickH3ng3c9L<yw3yWy_KAwr)X}8%P-YF|Gg5%IgyQX4Gyp&d#&RZq
zxXVeP!DND(e%ohn$$m1n<Z``Ob;IfH*8)}@kxn;mP@^|Bx@7ng%?ntCarh+_{phe9
zmJ?tXGFQ+Io#Td<*>?^*l;Q{N6`1hHKO5BZuj1SSi)3O8Vu}+!51%%!_KSA&Q7lI~
z@9*&AzEz8JC&(tdx+6Rj@Ly+sRTTYPe>PQ_Y~!ucs16e8Rgg$s#<%tkWaPkg8AXtY
z`zCl*X@E9p!5~t#OdM;iN_u^i38>KS#;y7lYhMs#dd<v9(LEgt9waZYPpvlxZoKlv
z`12mY_zDo_xB5vQL`r!Ss+hr<Q!^Z&7VzDE`lRCP5_C6IY+o@1hB}qeS}Y4T#{tvZ
zn;4a+kEY1rgI~kzm@&d@9WX!ts1tExuWv0UyzCy=R+kg){@qulR93zD<b_}cQZT(v
zVoM-SknFQBDTEJLYDZx4+95_T<YTO)1V)S3oZ3JC2R4d`=6shn+tjubg{idRvx=`8
zGwL+MoTZirI-MSNEw8Hti76X|6jhg~<lL!|sV+jP9(|+Py?1BKYzil+oX3S|{`X;H
z`|pJ?+2OalKf6^4_s0OSdOR*k<B5E{uRdb=$gpXg-L5(eZ~yUN4#Yqf2XE(!g7S(2
z)sYquCrQZDXt_7ydRzFLueFamfTFqLE7;K&`{A<g2$GrS`W!ZVf}T%|8H(<?MmMos
zLq15p8R-5YEj^|=W0PJ^Y<^>SU%X}!0SBxp+)YF=sv5FaI|Bdr0-={rPRKfSn<8yL
zhZ@5typy)`nB!DUOFIr)g3T&+QE)B_Os3xt_&);`=rTx@*4C}miqRKw^A^kV;75ww
zE{mvlE+RM;PK`#B|5*JtC1>}>vCrF%U<vWweIxT}F8|otY=J=ZwE=9B!Mk28qOz>C
z7Of=Cr)nnLyGRwvv=NcCtBD_R#-X@>!#G*GkrK9IWp_f+5_F;0@wkYVj^mI$U>SL<
zEOxrms95B3b48|%&k1Jk1~;n&aQnQluMLdyUvl*x&>aNPKHFaDe-bsCAKAZg+rp4q
zDai^X4Al3b9RD;i(MNvo<QVCnuD)iTF(SIVI}yxn#|?3KZH}l+V$>H&oV;uI*rT7x
z7l>OJ@_X&1z;5y6Iss-}c5xQCm!71}+`#_Tj(u2?fn4wb#$2fpgAiM?!uC;|c6>$$
zi7ham*$^H_X11%2foFB2eKS)qtYIwj3e$xeqkFUC0Y$Q>h7Be&Ov&1ccmYVMHOfTZ
z-C!~avnK1T*>(jU$b)<@!1f`=wTeaW;PCT}t>6~5KO;%lR!sB?Fu!JWP3}vySiCpv
zZ5p}O8StxeNrVtF#MaczmnrDFW;MX|@AXJ9o`ct{dqdRvYeNIh$YIPxzpIZL-?V34
zoxadn#N&ZL-dCA`!aubT#i_Qvidvh6?q1k6I_)87{aRoE03hYJ2ol`zu=?g9#`4~<
z8OjX@79x$NUi>(#Jl=3Nuo9BxRdp6tC(^5;gs=#P9Hys%Dbd1tpbL#>EB1+0kb8IO
zc3O?!sBqu6z(J*2ccU1EUYhSiR2eDi^m{>F=yK#uUpkR6FypDUsD<KfU-7`}h$L52
zUK<#{VkwqkY6m9GdoX|+DD;ZVSXVdv*-?L6?Ly^b)CbG?<zJyc0GaaZ5p&F#cE#lW
z4rR5aFH{2-0+^UbLd%KL(=1Djh6S<ePY*xh8~s=PC31iQ`RQ!<0&_4!_MoZ{h8^-y
zqrIX@7z&r%+aliP*Rm+%DRTL7GiUPQh&`QPe8G>F1#`Ne!D-6n&4_od0`$jF$uh#a
z?9b4i-tB{f3(yN(1;VnPz!F3Pkfvl(>{XgndBx@RLb9v6fU`WQKS!)Y6>4C<y3G+X
zwjd9=?Ge>JZ2(1I`(~RH@HicCoO2ZESVXd%YxG=wJ|y*Se!vAF=rSNrAzFqMEM(wV
zKk8Q<VKOT5axK|#p<^X~0~Lj^e8=s^;6&_6RQ%AAnd+j=FLFPoP<=p^)vhi&(q%p=
zFp_Pe45a6?thAr=Hz|_$T}1+T&I)n722-p3X7Dfn564NM&X(WVIR;^4H3XOuH#h+M
zaQV!-$s0DouYlD779S8Be4HV~sAk5U#p(+e1{wqLa2IJp+?uJx@5q~-r)k)2HekPK
z!08yvl2uDZZ)vTQIYvDIQ%R*?A!Z5&_k$Q%UNg3|++IX<B>n#lrwj5R?(5aN1c_>5
z25O8zg&;U9jTZKJ2YuM1KDAZMYN*~DNCWJ$U<f@I5hMkZuVuG7;-i0d#KUndFg28M
zH;O+C4V78TOUY|sv&lon@ro*z{3_gNq@`8LGt|q;i508EYdf@GI;Nn#YoRa|OXpf8
zVd?Yk`DUo=ifsqesZVSnYZaNMKWNh^8`5cZw%kB?pE1JX<$d?r5#R2NVXD&I`VHyE
zYfDH|{-8`_$BdBvaV}xkrJo~&Cd*8`%EB*Lv(OK-L;*?&8|V(bnibT;W*H6!j*B@+
zG7I;ilkV4sKSKm>4$HQc7tN<{`69&Z`y{p#&wBxOC&G*U6DxK>oeCDFv&GQJhynSh
z<~WeYg4R}K-j6fq4JCu@Qw7yxg+>WswKl?74Xk8D1W`T^wzkfF<1`U~t|qpZIP5T|
zCXZc0KP2VS9r)*G@PDb7u6$tRdRIQ8p)r^tBWM;X!$$K+3wZVQXcuC|#t*WyI0_nV
z+$P}*A_hC>!Cqej`T`C}E>T3n@c8;yw4V-=1Ci(uN2nKLrfGrjnkGA%ZHy;N)iE38
z?k22uPp*|}L=Wk(nXCZKp=8#=l@g<oMH$az+wg4rVZ%Xn^cC~txfTLoiQ3rSR*1q$
zE&_!2BDvkNuP!<KSI*O6)u0(WhkH_X%OP&Nh_PAh1eMJuS2y4aH7dU5iY5Z?JbKF8
zOE|Y>3Vrv=DmZh1<813yPagDqe-2}L_fxQG{g^T;>+y~fru9YY_=1-QkrFX4_Ih>6
z&Q$zc^c<_+;R9XrQ0HVAEo~m+i$mkHfF2gUn;D5*0asWa>yXP+i-P9nPPK_Pp3R#P
zqrN$s3gtG8iGAkq@YKEx)vtO8ySux{cz7{ab4K*oLWnFSE|>u{oFkJ5Pi+6Kt@O^p
z_B2-g&0kxqM+<B#F1t^KFyacEV!f>@Pf#&V60s#ZlquVbh}#LSW>0Cb$yq|J{zN9n
zbySRIMWj@bBIiRillMdFENg?Pbh2ZxDVgpZb~V^xy(LKQBRNyZnw!xfGXf5SZg8QS
zG+bdlG=HzW*!#~BTgM-UWI1Vd+OKL*y+!uq2pW#ceLs}V*(<*$JHxsPKvq^(q6^4I
z5m6~feCxwZrBM%m*$)cWA2;;NtE0}J1f{7QmsYogiDzY{`C2KSAR1n>V4awnjF7o*
zbiA0=5W@p~DT^^yoCuBU@ebLt?jO^`Ku5yCgEKx}(pQ3kzI{M>yjhK5LMSBqzFwQO
zv3d1`(CdcEFjoHFm8Z#e^ih@Y{`w%XFp+MhJBp`XwIVF>c;acRgWmga{yae&ZO}zE
zPJ1lfk(zZNddho$91m}`(V3R2$yB#F_l^u6ISz@Fx{fYSu=?eIE;S-22XCS?y}!>3
zZ@y)loBfggM&0G8{~s%AD<d%0qKmbxYpad@=x=HU5mjPlX5`$Q^525wQ&R}Q7zt)B
zE-F6%L4+QZtd7lYp9BbV3}4@>E~x<5c2`>@!pd{y-ZCz`0d{o6E_Xr{nzE~F$23KL
zA76skFZpS<dvZzDk}gBS7i#!v(Ff^u+ugo!QnQ9(lFEHcgIManSwkBOtB?Myn^(9x
zqkG&3*L(b-f1%oWc}|f|JPOv72+_<swfsV|K1R4i`%~t*zCb9NI*+2tOC$Ax4tNu2
zA0z@P+aFMnF+ac88DdzMJ->vhN`Lp}r^TKUBiw2arHTTp^2VMR4&NFX#{*o|s^m@i
z2OjUduKMgyn@Ates+ORiJgI}*kqA4>!^G!z##H$WHpqgD33xd=3+Un9jixVXs#K>I
zFSey-GN19eLs8Ibh+TK#|K>c0sve*D+zA5rL`Fqq)0KK!u8IJgskg6CjP#7$!y+v9
zKCfy}o=8G|0Fjz8lxkVOH#V&j=GPZ;zu>J}tbxbVX8m#@BpNinxUZOw4*i0M{Mdv}
ztNjII5?#S2`>&@0=#J$N`u+2<f0%;E`OvlO-N{=^SGRl;QX5fF!9p7CRU%_^mmHoB
zOnZLU1xO&GJRPA2*|Lw>Zei5Yf|e`h4+T4cJE{K(art>PNI#fNoAa3e^FO}P5I0Dv
z6sBuN?^bSac+dE+1?<Zllv)9e&AkInZslTn_{&fW_Q@z&FY#Za7U){gfcUZSd#C5G
zl4pR`I-m_PEoYp^gmlToy<M)d^-5`1{nztywe>f=*}+WjUneQZT2YR!@)XE_f#|@a
zP7KE1au4}ip73vC)&IOTe;wnRe<L~TO1O#8o<w1emt@+V&!N7m<I)gkaMRCwWTuII
zNu|?&!!UeXb6Vw9|IQAD(E+`rvZ@`#Pl>I&UL?Qvqe0DIKH=UI+Y<wp6)%-WgIeJG
z&FJEjpm_+<=D=DL778H-(oel-l@4bN^cl-XL3Oj3uIzm+J=k`{77e*AdW6T(sS(&Z
zbGcHVa#R5}{oYq}iiz}ymOroC>;!%ZOop97xnZ)T4qvJ@NAl1Kg7F@QU+DT?1d0Wz
zBq7PJWJo8{=)OQYzy*Xc6#R{SnEV^kk>SGRMJ~US2U8-xE%na3gi_8T_JvQ5#wy)F
zPQ|Slb*^gzWGd$x&sKqz^rT0%lql1BFIk4$l_-<bf|+%g&Bw-0W)@5(N6)9MFM7lX
zbbiGb8+KM=QmyZJo2poy;jwKw$qh=N4Cyp_;RhUdxAiq$bYFI_|7c}-S?0@W;0n~p
zMCVpp9)_duFhcV)KochY!LgY|YAD4=IR|4nTHzFMslIE6VOD*rk}zAGtwcagk8kW?
z2Sp$e_a%<9zcZO@L<K+cCBGEK)gF!i{dL#M2*MYRuiN8OJ?U}odlgeBgFvJT0ly&)
zk*fup@5YzmkLrXS{W(C|sROT*^F6lf(<#nH{x-zV#}$<=H4ejnxEM1!Fk9TzT6<`Z
zaM(9^h_T1c<J(@DUh8(>XH-W0&d?YvMkDvn87;m5(q)3~XC~KyIq|vk7_IKx3T)-4
z_hfb`3LV63yJMj^z<$s)wJBcAvI3s*Ybn*GrlGezPAod5GPe1<RhP#eKQJTrdR$YX
z8MYt$VNV*pVjVK0UQbN8&rOfNo2ZojVsE3UmrN#Ot3Tj!r&x4qtS~(b@Dp}2f4d-t
zyVZpvchO_6#K|<b^A$mYU)T8Z;+;BU;~`{({AGw!h1$sETe`Vd)+RPw80yXAyS<8?
zY&3gqB3}373hQM2mCRq$MVON^@xET4^MctU?r$W5a9}9E3%t+Yu<7w}Sf1N`safOq
z9V^RV>Ff@Sh1!LUxjGRBPfyQ*`Xw%I=eV*9n!Jr4=<fme;jpFw!5I<IRjP&My({*k
zZ%%_d=LfI_CmbwJ&x|FIPl((-X(yEm^I-zY#TIC9-R}^?aggas1mR&e2_%0$wAroZ
zz#ogprl>ej*(ARdO7|LEReePaDQA+5eh7Q&`ARhODbBMrHK2hj7LU&ZFev3ruhWY9
zI$<@H#b!8xb<GU&{<AG8qa3>Gd3j{}r=qM~j0J@p<y-6tdf@cn0^T&=!$`+Qks9S*
z5;cMKE{nS~QS<2?!^r0^BstDJQN115MTbQ^BvbZ4gSfaD%3=);qN-8&Y2L??tek|B
zRwcV9c!r<%{gEQ?%EOcJTk6%OSBt~a%U!(ri$mBDl2yu6zwvm^5p$An)9?B-uhDi?
z8HKWhRMHlgUwSF~+jKBIy}gQ80#VTE6%?>sGlk62E$sP2w<8|H6Ab0p?N*^;9wDXQ
zkw1N$y@=LZE`oeizF8%UUXLbTMmCl&mb1XG$Ue&AeWDL~`^OYV0Q-@m86xC$AoO!7
z4Q%(KXb|+I8La#yls>f32*1p1a<PYlS;nr`WC(H5L&mIM3qMXIt}*CFHIAaSQr){c
ziUhr?JW(*M4sI2I+8Nois;o52ekOYH<5DZVOwaJZXujk@ZX2_e5(&CX#dOXUXu!8S
zSqbLzQ^Iro_;Pd^YPL2Ey`ofP`E%sz&N0G4AK0NOssCu?PoC9wNtr7Wp8NBc2nTUh
zVrv7qF;wybAeFfjLz;M9{V0JL13d^dnekxfY^!ARB1=lhfgfVhJDS5;eQE!jIDiJP
zP;mW)$h)^4im@7)--~OQ`6^0t#Ri;5v6{4}FA`gs;?NI$thrJjE-fkn@wV1D7VAkK
z*W)cbNIMSf<<kHd7`fs1+f$W#162r0y17~prTw-zskTEz=73SJ_RcgZLOh1parez)
zSspE#ugn)48c$y9f=_KH(PbPl##;@9*sR8J<Xx5=gia2^hh~R*P>A2s28*c@kmXRU
zb-5}M{Mz>BT0Dr*C#_>I7;=nnJEYnhj0HOpKf&!evI{*j(mg$0ak5+RVBnbPr-|`s
z6be<Tj2s^+u?1YHa9gb*w`mE->}rE5^}l#}W`wnLAXHl*icA^^^>?KrEiK@(?0VX~
z?u|5&4?+AM80kGSKCHX7+UlS>(U^(R4*6NU-7ZldJGx22mHm1!^lRI@P@+6vtI;05
zZnHh^q&A>0TD!MjhsNmq4&`|BlPk4)4Lwii)%0~2$7;ieod(u<livqq(7SD*riBWi
z(TJK%nBSM{6(b|TToPA}WpsH!%$@z`%B8Ig`{xdOcIzqVC+#y!kprK+o^Rqv?Z6fX
z-CUOpl^#MykrqHyIu3p$jV=R)&|3KmTa$l=Da*R~p_ySOI_vB}JKh~~68e(Y!HIe#
z#jw?7P2-dQoA1+8Tj}LjF}+oGwA#*uFpc7oF~MmTzcm^5ZwnauIxl;xCu`VzmNZ7T
zP^u)bx|p*OKjb-fx8Z>1UZL?|I!yG^uh<@A8sR$Tvdc3J_L>D`P^ZJ=rE(<veJ88m
z?XdA%@sh4{DvNe=_$#LLbG4dG=)>UhxotSOWTrp{!1wkk6Da7IQb59R4}p{{Pyh-C
zcRC);5CDdv&<2KMu)?Gg2w`XQ1<**z$VxTk<zpQ$HoX9=jcAwb(L)V3qV`mD{l7@c
zm1{g%ilmcBMeFce!PdlJ5TRz0POw)7mBzGN<FB}BwUw)vM2FtlL_u9tjdy~<2j;zc
z;V@f=!{n6EO1d(*K1j5%*Wi7?2TEsW>n^eIYvRHPGA>|x@2eQN)9z4$_te9CtaroG
z1tG&w{q;*`7XmKG_pfakt&Uaqr~QKSqLP^XpPfX+?7l6I4>W(&Ld5v0hmBtAh&>;D
zjtX>BYiVV|3w*9#4|rV<RtVmQ4)mOd-Lpx-%T|L8jBgbE!cI074NJf93SHNiguyFE
zEWd}KGG04W74`ig>FIph#q4o`OTwYffMCDJpjM@C_|((gW^|?}x$1Xl?2U&8)rJYD
zW<z&;9Lsr~q|6iXwPMM%D{=Yfv5!=kuWZNFAdzmE09!abTv$p212KK~TLCy8Y*{Nt
zXd$-SOGk6a(3sCai6Io6xhy({^XdkSb5@e_Om}C4)sc)y3OarJQ3I;Zmu!lXZ;R}N
zagJ8Qp8cz<2HZH<^awV4B$-$h^bn!A7vm2dVh~|=uz(S^-MVPxZ<ucA-tV0TFugsx
z4QjMuSvic@*wv_^1?$gn@#ea)BubYs2MTeaRSeK@GP6I+RVd(D=I4WD^Ed~Zw|brh
z?w0*U%Gl9H=!NdTO4iO5Tbmc@-HHqxywgG8@!<hXw7MGF4Rt$-!a}ECnPA6h^N>9O
zk<0=88X{@Q)Nefgkqy^Z=9T$FtIS0*_pG7|{-&Xe$FHI?9Z7ScnI)xHHXEV%&M>AQ
zf)twqooWrOO&E+3R4{aszGRuan#lJ2ap^tq*8q<&S_#`wMxj{@%-Cak>Kgs9901L1
zwF>MuM?JY#M=P3%VYh;{!ZqJtkh&v8(O|P;02qnO5mi%5B}c0OmhXS2{IIaR|7FD<
z{3QD`Jvo^)?O=Mqu*`q7*aXahyl@$|Lb)FNh4YquO3?<j(RV^RccTr-*ool!uAe|$
zKv8sWUC=C9^mZbcu>TvV64SOsRW;!=JeC+B7YYp%a#|zjkUlcF0|Ad!;SAr{)*h0f
zmYcuJjo{+qJ#k}Vb&e<uWBr9o@<>7xS#0T>+a1wTeQ7nxqXVhBm<1!+i_xIk^*p(l
zt33BtQ9ESJtXN--dhc*Aw?ywD0mLH2A;oqqLIed-?vIr!!LexZ>_12W_+NCZBOHl%
z5b_@I`yS7~nP|noQL9&>dLt4-P-KNrE66(;f7<I&P9n=4$&O_SnUYmYR)brEDys};
zuTn#l=orZthf8nh*lDifA=;q#hxk|~eie`CGVk8eUFYe}ano%cjfDIhT(D$mc1|XH
z@1o^_t^9$H&F&2c_0EgZj}+o~FvT*J{Q}?VaR#!n#CAok9TG8FHh6kv(n-KN9t$Tu
z@LLLHNF|83CFlFpt<TqDW1D>(Uhq>SsGR_cV5f&H1k;~feG5%&g}<zs{nWVL1SG%A
z&j{vnQw(ACH)WEKO`pwGT6$y(wMDDU)%;}W7S#VmEXa>Pb3kuYL;TH5sO0OP`I1Ku
zE8k~IUe3E<v3yZ#{dKhMxI)DJGR!N7bySx!`H>nGrQ_=4V0bM1!l-gsj3qI}{O{T9
z6**ho_;oGHO9Dg}+dm=fMEG8y#)((Tc25?RD+Vr${KSNK$>uyn63S6vnFCy*snkiv
zPF2AroHGUMN3j*Eei{#ktZHi5|H9h^|CjC-1-dSo_9btaGy7hV=aQIpSEsQU#urH$
zFxun;r4~fmpQ#bbnga@Bbvfh-euqGKvo;aS@ZOD^a%0?wU!0j7%fO_ZElX&}Z;B0M
za%xztr^;9oXG|J@qm}agYO90x%ST)u!tRPa2o{I(muob6Y_!BQy<H)@d*4pMNRgQ$
zd?#gyAO~mysVntyY6~-MF(+%e7HXdaVC6DGaLg1FL@MJ4wv>hZAuD1_v9O*Q_1%bK
zgY!hlxLlj*ep3W@zz6CwV~$iA>Ah1fC&45nqH{*ABqfj7e7Tp)-3x#UUzdxZY*EHZ
z@B0-!+=n+Ar2IIZqKU1ZBvz<eXvA=Tb0#>8Pxw%U)jFCm+^~xP^@TPz`#1Q^<UcBh
zu8;fQn*RtP%01>vmijJ_sWxQZ-8j;LWK1YH9jVacr<GOQ^a89ji-}=BhT;$c2%#a1
zzg6<LSD+Y`O)00+-?o2uW6;Fk?1V~h+fykN6;PY8iO<ojjqGNVjLi-NYaL-HT<6Y5
z582UD-T$E?Dw$Kl@T)m+ir}qpFXK|_Y8ZUg=YplPtxg)x5AjekSP{{DCRwZ9U+8=A
zrSzle+JLsz<`a4Rg+Uak!pT61DEJ$<6*rCTFpIH~+)&Df*7N5EA5wco-C4qCIF3=c
z0i*;31iG@yA7W`Nj`U;PVj9X3c74-{&T&aqE{moS+g(aZ$%T6&x*RK1Q!!zY=-_A!
zNbwTs%c(x*!T0S)N9D!LW2&_!fS%A^m-n{7_N(hm$78OKr;rsNpQrq!`lY5N-ieLQ
zd_u1j6e?my!XtKoN3EA=dr+5>W>+sZ)FyKB74hEs4Xf6}<It>OuBfJJ(`p+p%PH<U
zkLhnhKQvHMVTij7;Y&l6_p}spGBEKSTCiZzYHKVog?e;j0e3cdSe=$|m;?kd|1A~i
znl5B4Ea>_m=dSKE4tyK?J-E%5PrIx2P&l77#<AF1WPC0hYazerp+)>_TfjBA*0mR@
zAyELm=1fOppZ?f}y6j?W)eb*BjH1Q#*i@akxIDdyX>npsZX^a?YhT~-I!nw2bZZ-X
zaZwRr8ix7U)*~8WHb0*FuMf}N@il&K9^|+KDwQq!q0?wFvqU~rA^mUy9;$}>JuYOy
zd)TqO_p83mXHT0yCfF^SMV&oaOm3C^Mh*^yseCBaLR!ItQAE2$r>a8_lb$~6vJ@w}
z8^+%*gQLg@uEt+K`>vh)vFC`b-{E`%zQY*<6QifnPS%s<yYByZm@wP>nBr*E>A^4b
z4+0JyC9JV%-5m*nWd+H8>>p?<tNpHBb*I*Cu-oIL-XO;oWCZ~gbRXl%jsuV+btyfK
zxl2G9_;^q}nqM0Hmc%Bxq(LQ{%4frh2zUXT6nZ91v7E)o;B&i13?krC{^4?pf<wm~
z-`8{5+h0|XLd<bkeD;>maM4@Wtbt_=O#J0m(JJM0mD`>uqihUdOfwW;kFU+-xJR)%
z>$*BVb22*la^0eG<z}kceM3GX@J4#pJz_MI5_7d~m>=BSfer~tm8e-faOO2@yuN?k
zu<PeaS`9Nzi`cxW%)Z~GSgp|$@m7Vo#mL}Z`-=S<gNuxRGK=AFoF64J7>j~|5q{$m
zF=w)g)cEH21<xXZ=@~%_4v9XWhXoUBp>1d3l8qR-hE6axf%778U3g}ioK`##1{qX<
z>PpDX@p}Yt!(CNF_+Mg!QY4@>uqOYA$naY^U9-a&%?xV{6=>b%Tb@@NBE;v*&C0qn
zH3k?@ZEdB;MZcp}Td6b>Od1;14en;nOba-?{*-4iV&~IcIhWc}a}U+l!EG86lc?!#
z3>3iU3eLjLX(*gSwlKBt&kdpcA%=xFWO?~&!jmFvKDFe7PgkSbSW<6b{NT)X$TF4i
zoN#Bt%I5R%5uVq*PIK0LWx09-Y9}UU!#QS-+|<@$Vlm*yPiVX_o3(qdpI3Y4pfqa+
z$HsPug+J1zXPXrw2O`I-Jw0Q2X+)@KQL{~~#7P<3Hn|)QNj_z<#31{y$u5M+ZBAHl
zyd$wNlAm=kOHRpnCT)!-_i;uv71*}oHzcm1w>_>%v_9OW|H{HP+D}jJi0%-Qs^GoP
zvpf<4<L~RilA@Ez#y9$5TM__si^Cs?vxaE)*>)<~h>!cQfW`FVBVBT;q!$k!k1agz
z>c$8v9P_NvQiJVcV)*7)8=Ddp-SVs(H9S1-bj`H+8DO|to2p>T%Xia?^ZhzOqQfnq
z5>HMmGA@=0>0nq<^Ym?-!*)YzmW57??eGAvPZH_TY=m>>>@;spUNs;dk&VT4`%I|1
zIyi5uTc-hT^%v7G@A&uhxT-hu5dyo+fuVRr-2JIDPx`>Dfn2Wyc_X3n0`zL`mRB~5
zq3sy4+|$Oq(=}mTvBUj~=>gG@%&atwn9cx_>I!-j)!^K$&4F|_SW_{5z090qNH%tY
zJ`KN)uxCCTmY*N-wuyX}sAr?G=+5q!XffJ&0T@abZ>cyp9;DSJN!IIlt6i_VSpx&n
zz&v&1kk=d*u1jq9iuNdLzLT{soO${0%FLgM%!gasK}{UShs756U3<L}7M<b1ElPT|
zO@8Gw3?m&XdD>Acwu=(<Gg}xKY4(@3Iyw19jSjcEw$=}f_j6T2fk?SQ0R#t&Hn({Y
z2Qx)H+l0AQIWkiqwr=@fxwoEn<hs!|3ejLlKGea$Uj<2OC;0t*bY97&%ybcY2@UmJ
z&6HO05hSvt)p@$f4>DO^YVCx>=l4P}9SAo5Mh##?oR*fE9E$97<kra&t^Ou@l24vn
zUlozH1R_2<Ixye4L8Lq8oST-`Zwi8KGBP?4y<(V}5qC#M^(0+~Fc?yd%s<sq9@mLj
zra?+}4|1Xw3@?QRft3n6bAipd32mWCCAMcTsQvnQjnG=ktd>c}>d&u7(794u&&U(C
ze^+dE(8H$@KNA@r6<%A3V3|N9S-cF^UmOvgU{foQupdITgNBcYq>J+lsjRqc9)tyU
zzClfT-mwx}X8ezpT4g_m_R!6|rKw<Q*ZH}G=ab7v>^ad6utk6}o7hu)RB-R8a31!G
zUj`Pw*f+^9RbI~QXl!%{L;_HzU_UoV^z>A{zsS6@&42%OqYZC36b^l*ViS%Q!CJ)O
z)L#Km>^|X7$q9#R;V}`Fy2t%3=(A7Envf@gRlsuvpD;|VMAgG<4gaOgVt|bsEI$2r
zot9mTx%BkR;8h<?`(4wq`s1{FbCpF&X<4yMZMeo65l!yzaOdp+CTd2di;C>3#B@I>
z65l`S@Ez#pkUXmeZg8|c7d3e)cqYYU#xo+E8W^Utf(98?XkwBO&TTB=0yI(pJY0sC
z_YFkC=vyhI-M3PU)t_F*zVhvv-CAo}QFnuuD7>7xD}#9*?6M^na-#jiveZ-O$Xx#X
z0YVC$!^gHFCtJU%>1_hjLii-T*8?|@A`u7>KV*T;)q$dO(+R@;ViOz-%aWUy_bO|X
z5tz<+cMQq(t!8JL7Cmph{(!|>R&Y=uyf4mbo`uvA8s(`QF^Er^z1v=PHwT{ibdNtZ
zjWE>oG7+RZJtq{X;ep~fNGQMW(i}$b)bn+;EjM2nA`%4U7#t!u{EJ9tFD@$Ks?TX<
z$}0#lYSQ0xAq??x1TlvERNw*1@mH4nkt6e-^5AEdCL|}x|0CT=3z;D5^gqN5_eptx
zLlOUTlfQoierbmVWreT@i%>-Q?}z`c`cVkiiM*^gkz=8>qk!5$$D1AWl@!o*J;}0Y
zW{gy^=1%m2xVYdnJLARP;RK&b!C^-$9u=tyf*6F<n~ijL=5K6Uj0vU3i}6@0Z!gD#
zGG1V#p}<mYTp*0J88ZET-li-(q*FY&k?%j5QOx&@x1`!33QH4^jJpXNKQPQ|?PT50
zV+cwxM6TJ-P{r966>ISwt{jZGVeT{KhT<{k{hp-t*%5=y$qSQyqx)KEQ`Zs6Mp1k9
zc-!x0&1PQ|=SuT;o;!+Ej_;Rmd0Qsmh=AYQlmaUoZ2Q&Zy_{iFSLpHIriHMGA3mNv
z@9SMyjyfp#1r`wDRCn*oDFJbA(Dsfu4@hp;L&}%*{^<TiNuF*zvkk9HN1iYJe_&vu
zfFUmnZHCted|ZAHNK=L{jGkZyw4ab*ZdfiT7&t*P3zwr^UJ1q*n>>*)NMh3B2>$$@
zdbT1?Go1FvVSD1w>RCY!MRo)&VVO8M5loN2pWdk_*5g;5uDRX*R87tHHh#n^Ofoxd
zeQn;nBI<Xj31$3ecWgoeUv@h%l091*!k-I_m2OkW5)+O!#i`~g8f>|=rY`{X(fF(c
z`syS5b7#_HyAN^HieiLcjA0gc$_48!-+Y0p-gLZ|b9Z)<Ye#F#317e+zeAe_o06&D
z4@n>*`fv+(P2v6-uSAk&Mkshl0LM4(K-bRglIqX0Vb7Az%lbWPev2@f`c76r-Dnb-
z)bkMx>w|4r(>`gLLRRoy)6x}8UetbxS*-Jqi?DL8YlCv{a~K<wNkl}F438uJ9oQZ3
zJg!9C{;@e2sFjE3C7ev3-y}8lzx@J_mO_fumgyb`I5K`Q{(XDGOfZQgg;>9(MUjKH
z6^SqMtsDMS^`#fEdE3)Yt;dNS;PPM1b#r%G!nc0plFz`vjF0vhbf5!B`e6{h3<qay
zOS(niLuH%?Dw<<#1w7+~LO_#778u@Ld~2@!nda_hL$T%atQ`soO~T9!kuYT#?b1>!
zFuQ1Hr8{wb?NdPZ6ol32J5R5b<C;TkPd3o-7J>w@*^d9U4%N)1xidYiM5b23L=B^Q
z5rB|I#Td2Z+jQeb?|JA(pUambL<eFFP|@nPMp9~l^zC?q^ljxpoVHv@Vg@+n(se{;
z5c<Px{D^T?5MD1+x_<k0uzO$7`-!VzyBXK^`NBOwIVIJd4e&g{l#huLHWDWOZpj}E
zPBk0zNVwUBx%X6Y3xMYkaGRIp0u`y`Jdl~MsjW4(ybRoFM7ug~JKb5-2(IUJkkZ!%
z?Rh(ax8J`majcT8@pU2*6$|yCz-A-Vk3_@zHXOZPH46wUCzO;{Ccb<$+T`*;QA}fx
z8L23$guwaPJ8<_z-RQ7uDHJuuR?2l2JkZ6?&udBw1_q9Tk`g%mnsBe@!T%1u=`pMI
zaV8uaup@IOpaLGU;i!31naKH%sPXtKUoMj4zgwUNZN~(jCo0Rsx(!@hq86Q<)ZHHy
z^h69Wz$}P{?^?YOo^2L@imYs30ZgV|PvJbnwnHTJaOgH$F!@}fjcv)PPxCgXtthv&
z(t?Eqnn9YVo&h;rAF;y@4m;Xk_!{q`V6|>OEF*JS(Gmo>VSPCL0;AZDiZ#}JTzgyh
z5pHmKnOzR=PEAnX_6S8Kmq8(rS_dNJ2#0iu>_+#qZm*{Hkcu<uj+mHqN#GI-nvkkB
z-wC7`-FCB%3L@H4U@@oi;{)Cuu|Gse99#YbZ?+1NntDB$R>D~ey+;nnX<CR^%^n)R
z)`iSnt<M|~_EiVuhbf^pwO{Wg?A|e82h0}Ftw!uV9~A_9nZuPSWX9bherx7j-q~CW
zCft*<MR;El6CQK-a%*&k-;peZhKrF?)>MhD)ouHpWl6a84AAxTAJ)X?GG)XRbSF}L
zYleE9)(xLg<S@t*LagRGGCCx?y}rxE8B^2?Y10e<w<rnBZ2^or^n^+XgXQ~qe@T_%
zGMOmBp|(8^1sqg@fM=m(%Q>^q7{kFWwtA-b5-FAucp9B_OY`VQbPkwp^}Z3N5n%Ga
z;`?H32I~JL_y$gvjndwEYn203G2P^jHYjS|QGubPV1BWIL9iDE_sGlL4PU%UYhli}
zM}7nQb#NUJ5UN>&L`@-&j5t>;DQLa-^NI^RQ3?iJnxp($^bGJ!h~A6tL8!(0aeZCp
z+SSa76LWzCkX?`;%Raeg)tn-fX&7C%qiWbsvGX+DBER11D~gB7d1LpVGKlV&HxQWP
z_{Oo%3LB2l{D;T=Jscv$_xttm;mY+`w~8|73aP0BX}rgBOa`ta+Q2d&Le!_s5Qr+x
zp(9yg={NQsy%x-vN8fNCN_(k!P{ee4f3P3RsAIAFzT(dl+>xo1HOv<pZ)ThL%njJF
zc{s0tjco)uB7`tN14NDfEu}3wROAg&aG?t9lbH){`mAp3UK3XTVlG&A{bds#LDE3z
zEHXQXha)uG#d@)_@C3#~r>wEXC@5Jtq>=BUl|6kZ@wpaSrUv+BqV?+CnY=u~Y0TjZ
z+*^Yiff_;Fcf5qEDC70rgQu6g=iNcdP%op<OM%sfb7n$EF4P1Z9GR=Z2_zL#r%{jU
zPec!3SNAx0NiT8Yo~;HPV|sWFC_(A9AFyKQPXb7@`%OxKrx)ANIEX^if3QF|sc?9p
zfg2U97=%Aw5X+-{#Gv8UV8FwH$y|f;z6P5wpNI3~^k%6TDT}bKDu-faiB=}^l4@mG
z6Vt9Q{oL@Zram`fS|_}XSEAGI>+cKxIE9wE#Yd?v06n(MISUEpk0XQ6NT;hGjeUTD
zWP|X)MdfgJ!r>f4odlVWI)N2<Ji8^VhU?b?6kaFH-KUE4-i-Rb)yMRKzCw5@muIU_
zHHT|&H>&o@QSo^gWF$vZOC4W)_Zp!H3qk7Id8?-h4jos=wURd%JCyyUv@aaUXaZvF
zV1;(#f1X9vFfdGfU9sCChX}@7D*hxFzG;z^gf})YvoHUa-R_kYjw_px<&I?yNs682
zar!KZ|H5#Q_le*Se3Ar(m_UgDEKeV3Q@}4QV{$H$w@?|a`>l<qm1JjwpST@7<;)z5
zncM4-;4U`u`N%7`YOlugFi7qr&)<vZ5Lyq*!Xcot-SO)yM5PXRrn0dI6PO9P`jl0c
z;8J2F#*W(|j;^E;Fk?X)u}xUHcw5n(OpD7c*8c%p$5cQOdDmnpLrdzY3U(MG2~bKR
zOKg4roMY+*ci)<iym9;EmcabYegwl%-E=Z-uLf=D9+%r0V?6XV01tO#r&Ke;G!%{N
zOZ#$(or5GS7cKvEOyM&1{8$Dk<kavhpAOz!;YDC=)}OSOr}VfcK0O7F)mC%x59fL!
z&BeOZT%w*~G^O5X0vyn%$u67<N9?#2LvO@Ezi^YmUQ8ngjFojSmPFU0x<)<&VGj>G
zF$SRH$asnl9i0~#$?V<X+#jINEbMwf>T#`deLG-XM|p!2JxTV4N`_5a1Hj_Pq%#0q
zh~()=dr_213^zQ&Ed5s8?iCjP4o}(P+jBQZcqXV8O=St~I5NGfQg$91RLiGfw>oa=
zG($#pMBStP>LCBq1NW<kf6P(2Vxabw+S`2^*Up{*go6+tfx_ku+s=FG`LVE@!edRM
z7LK7`RqGFo_t>+iXT_}yQ7Jj&K}3P0B$cPfs@{HKPeLS!I@)d!cqyc}w`Usrt_O`5
zn-kAXQ3s?}!^Ffd|1fSB_F$Uf{TKE;75Bh1vxy3dV=<K*r8=H-#b`)D4d{t5`Yli~
zYlE`vx6(Id0zwJhY4RR1=~Pk@Pqad6{r<Y@R+gSn<xy0ii43LPN_sEM0yY{eVP=N?
z!^3Wf@04?Z!ie<jx#PfrK|-MkHE&bc^ReKvu;w>@BhdN%tuiSM50k+c1e&XE;5!m$
zagn;?xDj_wN-Wlv-Xx6IJqQS#;on*SUuGK<`d8+$p`+=%V*68`7WN_TQrO8{9#xuK
zZ6MW=Mx4p;*M6elxtmA1WfaJdW;?X@uP|w`LzL)Ms?uyIk8Y4ANza$s4Sxt^@lSwO
z%m{@}<9YN2{)GAy&Ad*JDcHnJ$%^f@#$$w;uP2$m(x(@vX{Z~WGU2X<k=ys;cB=BV
zd=YrAG*PVVDx~b}5GNQh$;>yPrgC4XGeeLF^M-#<E}olg)3l$?RB0ASzMWwi@o<AQ
z9nFkxV@~fe>S0jR^2VX*(eygZfXNdQK}+mO;PYt(QkFvDZe53GYt+0L4Ifa5a;#q8
zN30rd2JWzY=mD@u1+fiTm$Bzr0Myg7;%*ros}cSe7EgD18A<<NS63bn<@Ux6BPL|e
z&bY{uER8FBOp&pRP)$=*=89w~+-sW|%Mc~1nZc#8#ax;z6o$fBr^ecZo3X1T!cP*$
zbYJ@1Px`%|_pkRn=Q+>kd(Qiu=X}rSJSXNU@0#oF69FCjD;%68`DV(6s+am}j~007
zEMC5c(%64hVtbAA8P9WmU&dY_z>GA&5(xW&^_wXnKffm|Jp42Q0V$_Ye4jjdGF4ho
zfPFio=u4pl)T$@_wPB<Xq&DmKMRz^Ox%ZiV_r8nIA)^0NbW4|3boP6${M4zxH;JD=
z-48fM$z%;<ENkY?mp5i^Tr)T!8UD_gMZ6_%l_-~OUU^?3GWGpQV@@7$mxaH}Clqt2
zGY=v1Xc$)h^ssa9U20I-*}#7sGh8nwOUQ+<D)zu}oa}mJ58F<&^4{H3=>Y(P0%^@=
z`Lyuj60(W82UkKu0XE4$Xnn)z={#kb$sWiO36XE+#o>J79VOq*D|8OroNL3Y$8uc{
z++C(Ulk^F_Dzq8J;KRu??7-kE)kZ34aF7Y(SPe4%MwytVIOkMXm4?2U^9b@v6otVa
zqgzyMm~T3Al3emz=T2QAd|gYzDbeGY2S3*58_Slz81MXAnD10j>B}czW~gv5+&|cl
z@%wmd1Ui4ec;48G94srh>R5^M{MURDX8RavHByO=OW=?wCDLiJOQ$0!f03MpZuoZi
z59(@}q=<xu`YOA4Ir-0ZS#89?gk-hQ`x@iWM@09}9L<u`kqYYIG#P5dGh7zVv`(jX
zpN>GNy^1iZDn+|q*em4tPDYlARCLPjObOLpgTp?aJW^Q-q^eJa_t^38G4$??WA?mA
zKb@Z6F3)1+ZqJ5T^SjNrl^XuZhOJjnsa`CInVA{s%p-2QD;ljSX+;b4)RAtgy^R1b
zf9|YMMWkT3z*xW9UgAh}J9kcmUzA!?T|KR*f1t2D4f+U+1?lMM6*M+VEHC$4cE;x&
zmvQkgEv$GY(eKMOcy4htitD6&W#p|O%_3|(gu<gO5Y|VJt;cVCJ%+Wj4-#k{>b8kF
z&iH^-v<SPI(db~P3*`lkCH$d$ju8Ln1M}Pa9)T?I{J*eztKYL%70xJjJ9IvtF72-v
zXpX}ObZE5EdkUkAQLjCdiem-bh6?G>-pQqvnvStzU15l9n)5YwMoolh%*F;hA3q^=
zX|GWFt<+YY+~C?`y(bcQQFIXvlyWlzmtCwxiH<BNehAqb#ruMLouUhDlKRN*Ceia^
zX2N*}VZ-;CFXi*Kk7#JiU4C+?^7?gKWDu~Y-Rr)(9;0aKjU_)8w|tq8()S)WFT8rq
z#{Z84IrTyrgunNy*9nSTUrnqfYNqS!TaJt&Z>6)t1%-u@Opp46a%BgqU00$q^@fE*
zY+1u0q-Cm173Y&<x3y%vrUibp<t0`%AYM6H-~_pdCL7T>Hr1#r<!!vOP>_-#ERMz|
zu4$~;tK#VJ3kNJb%jqpFDXDv2$AW_sNMA!|(W;A|6rB|YJiZi`Rfv1-OE9F5?vcr*
z864=7NhXdmHc<LmZQGun0<JrpVHuq@ISm672m}lNn=N$u)WfE4xabPE>sOk*%9Bnq
z&<uuHokv6V8(T09!pTvEa;Ad=J;KK4)a>n3-rMo2q%B;0yZ(V|LY7Nrs|>ChG7w0>
z?QC;6f#55FAMf-CoP{6b`(4&^ZT7{2Jg<~m-_V$HmiMBd;NUYdM?pcMsHVngac1)d
zmNsF=l2Kdl5^Rs;njNCyzSBLx^dzH)oPqJY<3x^^p%cGFXwa&HIu-`4*8mb{2`?d5
z5j&|?#{*FreIA_S8dVn(vvk2*N=m9_bX0_`!WF&xD(_T1C_nanxp_H)CI8(xC~rIu
zsD+PQQK49LB4eUy3m4aXoCvi!Qg=qb?n^%{+-wLs*%*>BPfrpWLOE`3<7ESmvKHNb
z-6~Dydiiir;)=Ah-sa|q9323ZiSnA_l9JZ$?o*L<t}!2dkXtIq2V#FFs_*bmSS#BJ
z76oQ8i8jy4&FyEg+Fp$;ndnkQNjW*FQW>^zx|kYtRx<0?z(KdlrEdFvQ-D1a>(i#u
z9<uExrK#dp^!UA=Kj^G2b!ZfbgKAop2zCZog9nQcgzYxyJ0X_Xw&Rb>#5fg+XHngD
zn7f@%-^<DR;&--C9zwAYd4|K!bv{M#UJ_(4SlTaW?pVF8XQxuF4MrF{g0ZXJrDxlt
zG~{9C?aDLQ3vl<%)ZMKEwdzbkz#7U_#mw>NMm}fpbPLX2uFY}-K;5N}d<4`YX-|x_
zA0|Mu+sk&9?1+)a!HJhH!R;n%YK)?yqZ9nWpBtJGX8&3ET^F<mT=x3P{Ahy={W#|S
zeQ7N_3`+QC5ppLO97*o!aRCDEuoMk-_2$05JAksfUWCzZNvxHVbqb#t8w*y0YHLGq
z;s(KNldemLL%lG5;Eko1HibLU(|?%H>VsMY0qHLbBSRO#f*m$tVTY52<=`;hjgeJ#
zIdSL@K&{WKlXD?r={z<cWc+!jrl;Gl<+%g-GZ4wv=VMIm{dZdd+R`AWLF(QJiWN(<
z6ToV!#>P+0?Jxw<*W*OY_7>?62xrfNuN#82wY8^&t&vD%uM?(6@Qy=?9~)BvoHoGe
zs~B064wK<OcScI{D8iZq0SrIs;nAM?jYN`NK1-4Vj2q=*`2>Ld%JZrRwX}vO78jd*
z#E9wGhU!<8*SlJU^2X+3dX#?q#@#9$P*GAkH1`GP4!u`arWJbLfEQduuBr-4Xk#z}
zx`4bk1QB_o-}W@w!Kv_H4sN9F?tS3@`V|Z&k`n|(;Uy<i9h&ZFT6aO&V`F304>B`V
z=V9L7Lv1pss7dJnN5?dGAiqH}9*=*+WHQ^ky1J&QnI!rD8_X#flNb8Lm+hBr>aFx|
xa{*72wn?uw7#{EMcc*&l9F5K(ayT5qHvwIK^ru?eaW)U|AZ%TZQ{fkI{{lx(`9uH!

literal 0
HcmV?d00001

diff --git a/docs/installation/images/newsite_view.png b/docs/installation/images/newsite_view.png
new file mode 100644
index 0000000000000000000000000000000000000000..27b6b1a4dd63330e4f57883d75c7719ae6f3acf0
GIT binary patch
literal 21403
zcmXVXb9iRI^LDl6R$Cieb8FkSZQHhO+qP|E`_%5%w(-3Ee1C8L$aQkA<VxnA$z;yl
zIT7-*V(_roupl5H@Dk#}iXb3h`QOjO&|u&7TrtEm2#AuQgs_0JJLtuFgXJJU?$|B(
zt;Pk{>Ac#>6*cM`EQYwig?y$6#K2JP!pJ~@=*-9_k|691_=8?qk{}m^5x|$P$iD9s
zQ4fp?1mwodg)_&tZR7fR=+CA#tBOhw&=UlNKe5N{u*jpQ!|MvZu<AVHPGT!;$Ur02
zBbV!#5d>uZ*DS|GoA3v#_bGgCvRv<0RN?sdAS;Q<LoVId=4GhwE{=#zEq67lRp1~X
z<{d8ClzAV?U?BdfN%_=z-?C*Ul0-0=a^vr;5YCwhmo6x!!El3sq|Y4#P8T_zRfD+G
z5=IPfb#`r(KtTG<nI+?_;ZGB!*OVsHn16tPKnU3PRz&^4|Hj6yM#eHJfdH%zSm)Zc
z<=Uk~m!^O^L4Y1e55n=21Ciqw2O3AZj}1tE3-1nU0I=E%cPwdQ7&FOFo+FGM8bkpV
z{Mv72$?pv}5<=R9=^76wb!)GZg-elE+(Z%;Y@s#kOmR6v60akNc#F-ij#A|^oJ;9Q
zSS_7va2av-q_gv1bA`_;R~ANBBUNOY;2eb50?I%}e1;&R*E|XybYy;@pKR59GfW0a
z1$0dOS!!-c5lmpPJ{XY%=??_X)8Z<bp1A1blWngW9RgbR`5hmkg-}lkl@dJh9hbQc
zx4f38PW!<<o2#z0$@b<VIvY2)Yr8n$tQCzl8tZfs@^8`T7e33IdvGI9Go$lMlq|lF
zzd?5RM)7|_xWnBXfwM=4ZG77A19`H(K>~xQcZAy;&$hsi1^V8mx2?LKSE`_3%7c#+
z%+B{195&V~>v`1X{lo>L+0>@rQ%6cHNEwn6NI9(&%9ZvdlQY#N@`D_lCbHR6s~6MN
z<-Z8hf`hv{seaLc<7o!bIzT&Vto>a}2^2jEDW>64&X8X!rbBa5ap4G(_ccr?N``+-
zl)_0nx{`BqV`F8l)$5yW&FI4wjmBgMto<0o?sclw=@R9>C{g8&S{tZ$IepIJdp*^Q
z!`tw^Z1L;;;{0AJ$-;e4p0)PdO%K7`wuZ;Ym!#jHpTA1u#pj-N+aEWsKhNH&$MiHb
zKF`v8KmU`BWZ^=5*XnI=DC~GHZ)a_7<I2WlQsK09QAgp50?peP(U@3>Id3vDR{9rW
zHB)fTKg%D+uq|AiQ%enhLX+u8Ot*ySR8)@$DSm_1pqHeKiz-rv${)pd(NrZsk;PzA
zOiW9<x0B~kH9~PLp3Rw9>@Qqg_H5y?{@e(iVZvcB91c(GUteFp=R6|MyUFXy<@UIH
zx!o6bOb^mKn}_%Hd`F1U-uYVY+jig20F4kHV7y)yYqL1;^SGY!!cfb_iWf(vxv$;P
zA?SRssO!GFTFLwG6>iNyU0vNyms=cxe$%BRf>`NNrMQ}^Xo%$6z;G0?OGzkyZbdLT
zn`&k7?@lmX8-X-z#Y6kaAQ;_*Qc;+7mPL{HsiEfaU1bv&l4C_zVbttSrmZzfnga-x
z_4X!Ck`?{v=KRI|1>UieOIy1pgH=|eAcAjUfXxGX-R`%;5hztvRc3R!q=`eg4FhtB
z{(OCpQnt$$$L|Ovu&EvdAA2=xT+R2NP``dmb=!SinQc}BW}orIQKb<PuZHNf+v8Pi
zJ36Vw(F~@jVs|c}iY=)C8XB|{6|;e2lw$n+iK+U<su<N&7iWt|g^A!;TBa(T!J6Sh
zCHeU*!eFHo%3Ud|HR3KK{bnVEw6u4{e+~;R9aOKnn&T^pz1Srj*(LWEblaJ+8dh0{
zWIoLL{SNzgs$ce}_Rf~7*zC5uy`HZg;QYTgPd1mEZANoTi-;bd%NZ*22YDFZZVAHH
zuE*vq;@uQB_kZi>w)Ok?T7ZoERt|mK#;bs@Mvz#czNfe}8A`82opwiKTa#MKq^fDE
zO$jye@1&J7;O)-t4n`tpOLC?B0WoDt*Fk_9568NRB-bI~zBF_N985tWb`}>C8lFn&
zY9Q1+<JDyTaHM#Nq%=U)RV-84RmGSynKb=J!j*rmiIh`&CUT+_RY+LzXi1N~1(#P|
zqs=O}b-}69{1#tt--I`BjvT(gO$M^r{Ti+%Z{Bo<G&$4w>%Sx5U+*V#P7h&59O5(m
z_mi)&hZn6jTX>BB6p7J1fQWZCoxxNlm&f~#dayY*L{KsyhXA5mv0w1s_<zFIEj~g?
z;rtJSZpAU7XA^k*h`<S=0ld}2skB#c{vLqpx``B4rFOLJ%KCa2v&)3sXcD9xSRE`W
zjVxG()Ru-xNaZiyVe^V8LpF$vE}lhGL5dj~ZDYpTNN8fELPiEMi4yqpXoRR{l!l_s
z$?#FtrCP>>1bl7uV-qQqpm>Y=c6p&yEc~>mj}n__gzqgigr3R$gKY<ql?^yk`+81>
zD5UUlxZY5?*k*YBa|;QaOHLk=^Wduq2Hq!VRpnveBj;Q?C6l6>8OkVY--}j5@O46s
zNWs9!1YyunKxUDvFy9g>6%1~uWSkf_qJqK!8e4j>f|upE?)me}o;~|ov&nP@EJaMU
zZG(35&c_Fz=g7X)?h*WE20{k(L;ec2AMsEY)Y~cQ#ypmxcIEv1G0_Q_4TTEp`NnCJ
z1zNUrcB$51WB?<~e~znAQ$!g+vYW0%w&!*ZfIt~#OJ?j1A;ufT6C<t6r*iqMTK}W(
zwx%=u($lbM&9f4boFh8!;@R>-!sbJR^cYngcHrnRnjRW=^l0uUg~t&RP3wAdWNmf7
z!;Q_F=i2;n?YL&m${_lYkXhLC`*lb;WKH-7I219H;_m>PY2^WoB7QQGfwGi@3J(%o
z(!EI<u=~6j+qSCn&I}f-<xk5F?bvGkI5B-3Z9N+F6NWG*pQ<cSf;_!ZsRwAx$r@F;
zeNs<|pNG8Nys>E~$oAB`z$UlaIR))gJYL{<sUmAbP70rijLov{Ezz3H<gRk!Bdy9r
z=$3NhHoHbzK#QBf%JPhOAehu3CR{wO`ZX9N&Yxd{f<+tRg3~QtqH4v+(=vjYygr>`
zzgqO}vu(2yi{N%Ey&3MaPBQ?<+0Q)pvTg21JU#(c`_e=0P2CrGGb!66+KE_3Ic8KA
zUdom>pYc}Z86r=4$#K<4HMKPy|JD^P?Hl@kAQ3HH_M<CoX9PIfBb?mSp8Skp?gNP-
z3vtF;{Y$-amh0KvIJb1Oe;PA`(|n6e8h~DO0_v_%J@;&ltOa$1VKG*M55dMCE2mhD
z6KlO$jkT`4)1kzZ<o<|#b1XjBGDKX&6~aExcJ3qWReC)<Wdhdo;(1>F!N^Q{DLlor
zV>P)APm5FSdutJp>s#bwIDkm&SP7=|Fj-LLG3M((fAUX~_jLt&X2;ShEELPGR><7S
zmSuzLCp<hlLvid%p=2f`{_>_})Rdd_kTFIloO|OvKj9x<hJvPBWE5qg$KruWigdZe
zp&{?z7MT)E5)2H3hGg^Q5_Z4d6_VJ3c78aE%SvxzV&g`O7FC3)kftbuaWAZdeILIN
z1{A1;(lfx{yLJ~fJ1-<$oYiJr%MEV(Nf#&exi%vqlQD9QMM7r+!nVWOVU3RohB(md
zNFo4!V$u|NR%`$Hg@rdikiI(!YJB}5YM#!M&Dg@+DHTWisMR|U-LeMu1@6JVv?M{e
zXzdDvi6L4^eWv>B3K=v3mEsNx78MG^0&67Y;;N@A1M$Suq$(r|46VS_&<wHyQT!In
ze<{5S`>C2t%>|Z3+qgIKrwuZ<5H<N#H>Xu#cqcQr2{pG&$$G#)>ESJx#m!ww^A{Nd
zM%Pz#02-(pUvsASKHA~gI8j^K+-;GeukL1m4vQeS2XT5jCZ~wX*6sy(Fyur*MNzM)
z`Io8|HM5=Q0Nop&svQg2VVxeq_I=h)b6eY*=Q|pGi_UtJ8Jk91*RraX_F#k|hGvHG
zy%;9=E(1V(I40O2{r9c$LO3}J%&N`s9_zV#bk=RK0h#m=bBr;!?a4BxN%XH<_du54
z3DVJIqOT+IR29XE_^SO(V&ekcx3><zo*Cqnl$7*PZUD~(6$1qk7`nRGj2xNY3b-uh
zFwgb&?U_0-FC6l01-}h2i{ozFHgRPBYw*@P;%1y_DkcVXe_tz0+Jic?42+k82C-(A
zOs0++i^Y2e?R%5psZrnH7qskbw=FpTTnS!Is#E*yl;&PZp+rAioY<O!liQ%?mHDex
z5u&`4YnF$kxv>o=y<m~=dtVy)jp15HpL8<Y^G>k&5b&N_J~FqCJE_UW%h!Hv?m5SH
zjVK*Q{E?4*_*rlLjEe(p0_{=y;UI#C@6E7!Qf@)ld=FsvDvQ6<%jc*S8VBsUc^H0L
z)*yHLApa+JjnGBMb9gWYBx=3#ZjtWZ@`3|7_T2du$1?3%K>HK?0vJih4p-5?7g{9K
zg^w1;GGj^61s7pT<cm#T{vgfj<HXIGsOb3hyfGXnH=HtUW(r7RxF59^IK$OW9I~Q2
zZ(coAp}gLDax%`*v2v%1r`OrCmFm}2)-~sJT5)!39vIb%!57K4dX6Q)jxXhhx{)>4
z+p?5=F0Mat{n2S@X-U_nbJf16tD=K<f<V*Jsk4wphuT8kZP~>4<&dEhju)|Iv5o@c
z_6HMU8i^BfbbxhHv|hJ}w}7B|m>Foqz+_7TpH2`2oX;hljRX0)%ZFEHC(R%=hZuO8
zC`omSQ@Omn%yKRR;C4Ftc|RNz6Qd34x7!b@i-V0Fi_bHe;&}7rs~wS&*~ur9+XphP
zwsR6HnaSFU*X4>IU)TE=K84xF+Kbg4;r};ec*0*?YqdKDUuUACrhZ9_=ll>vt%y*7
zAlJ<_9ZEhrD%u=ycA!;|t1?Y$Y&axcdJUD;f+|ICy!FZK-tcs+Y&w$*erc;UW<}!y
zCL;O0Z@X+{)Rx{Jlb6}ek<#~wG}w$@*6n<31^G<GwrTKea>cYgEbYMF%Hbt7-7^{d
z+9&WcuMDxxr_1#y`dnYV?C57D`npidD?M)F2?GjnyM}vr7HP(zVM>@4VPKwzg@s0C
z$e#Gt^O4q^KI@@oQN3G}yBKmsyq^9&oet#L_^a;G?6g310dx0A`+5I*bRD(xwAENL
z`LxV`HP8LWWvB*7BmBA)E!&HikH0Qg${UrkKdZ|{p=xe71~0Z{Nuj6kIOq#VB>X#9
z%wphz|Fgq@?$2_)DjgzE)&QV^B_aynGYWe^L>iT4vZO6<-L89yq{sT=<n$$oG2Zz$
z7J0_<P}QlI-MQ|Qo|e|3MAHT@ZoPMVyQIXVB7XlLf8VZ5<9t?$y7oT^4_6Y`vaWYD
zKd)>$3^qfD-}q6ZC=5({Y4D8hfSY+)7Q_?$n4u?OX6&FV(MA7zhg5YM<P!b(p)f%M
z+1b4R{6TMlrG<rtjzsD9=H~Q_O=e~$yVKWA+CN4POg%NVv8DA7D<?TMJ*XRVM}7Od
z98QF`_qNKCeyWsbBQArV(Yn52LziDQmX!69ho7sEMgwhgYWD40eJZp+R4cMQkr>J*
zqsJ<g%2LzPBELlbwt}O7+}9BXj>Z(JmGd|rfFs^WRpl)LG@Ti4C=H%feWWg~2G)PT
zp%4sA@zb@*g|E;hAxW`2HC^`Y8M<CsW>9n`gX>|NbYxUW`#O~0)`gVyaiF%Om}=C2
zaS2*iRn}EiS8cVZ=(9Uz?O&PXl|;S)&^;$bJp6RYN7|q)&1I^7E`ExP(cXyBFk$!!
znAj5S&6K5Gm-9I`P-izdn+Ltw_xm6G_DHAgG<S|eLfdM?Wzl-JQTWSs45sY1`JQoi
zuuO0M>892sqK2Y&2(|M!z`Z=HM>PE3)|bU{qK(}`4bZjL07o0B56e6kxBE(uh+w5C
zxq=9vDkTQ4*OVT3E;qfO-S0hYMJTm}EN?{|q=x-D?{3|_)QgR+S}V%#+uZ@~S-oi)
zEX3zmwO7_vmBm*%S~^;LRa@Aq;tgx<F@!^~vSTT$Acs#wOW*LjfvZ7D#^Yb?_bFW9
zj$1fZC>rg|jSYU&AWjncVBI|dS0c<^%H&nK-;j<>G!mECiBm0#qB}7>vATLP5{2=o
zcPCWz?H53EBl_Ro-b!7BWfAu~(w_!E{Py>dfZBJDB1H*@B_?An#i8&~aNOcVw3Dq>
zO{`Jg^7y<TUy%M~ORDq3rSz^oDm&lN%+AP9&1vs{CEaVBv2K3335!(ZK96acfHi9A
z!RJ{6FpBDgfISN-1m=$v_tH1SG2Nj`o)VaazH6?3AwC#%**rc^7adLHvcB9T_n<!7
zeBhbMDNs*`Iu`on3oHFLKFbr=M%A;?g_4!t&$3iyIfLH3dF{(jx?2eFZ!2>c$!B$2
z-KUqlS{g46C1hH)*R;1Pc$m|xmb_`141!xaK@kxH;L?A|d*;L0nB-*$+pI+%GW27R
z`f$@En_A}8=q77T0k|o^wGJ$`do5kN7r5JVe^!;$#6`lM(SK)bhr5e+_102&nLo-c
z26GxgDob>zEBfg8n!RjWQVJBx%nfFo3^l5!QnX|YVsT`EhVLb<Jzmd{@9*z#?^e&t
zI-Q%QOz8yJR}}i?xCdd7yPsNsCZ(+#V@y#mFRqm_5q{5M|9|?rLfn?3lp=)<^;i-2
ze}<aJWK@S1mGH{sm~oG>iULS+BVwb^hi<a-{ECVbCEv(ksp@Ktw`09OSKo+J$kW=(
zs2dcM5W~_x*}a~u3*_aaI0c-n@j2y!Nw5)X7d<LWz`@K1FUJ2<UMe<|dO=3ijn|Y}
zM0b&5-}{`{1FFwx=kUYZ{?ZWJy%UoV;d4Td&m^PkA2mHMlWo^h&xuYEFVUw(zQ=K{
z6&<g=gKz)6-PM+i{TYn<QMScKOL>3n`gvL!>7NZCU)GrrpvhwN2Xfm;O-;VHyBv<>
zcvf36y=rrcJ1E)I|5*qGIz@07glK;0hM#GrZYlL?bUTu<bmjYzeSEDFc#;*Tkp0NX
zO`q6~R!NP>%V7l3G^j?~U_yaYlx?#%BQDHQUd~!f?a<{hi+3_;Q0$;KezEiA=B77$
zM_@<-R(9kE{v>+(Syt1511b$XbTg{8v0@ZdneoV<?M#I3rp{uK;_RF$sSe{09__NC
zoN{q7>qM@#+HtBng_P1<RCwzATRb)#Rt0TysA|NYjgE&=y|SqM==@BBj**tSd9|He
zSvfiXSf41)HH?O!qcwz&82LAHL~y{+&9E%<;c#X_OfW%yHC%L1VIKb<8-KK6wlz;R
z5yG3$Uy2kWepw|7><9%c7^QH`zZ5mbA2fg4b2sB|q6`}Ur`fabluZ@2MDL@YVQ;T_
z$sCUkkF)=AvG5&bDbMw0hmh%!iO+%*CehE1%+O#*_dR&Sb{Uy4kk<vx!dz7~3H(;y
z0Nf5aHz2?J+r3$vML&}sFGiJ*#*61aJ)AKT<>ZbVhy0WC86^Wz-13c&t<L;Fm8O6+
z2($7LTsE)Tx3IyL{VvFbSf-VkX76KKHGz(ep8j4Y_<`y*E0%w^K3Iy|-tAXc>Kiy?
zu)(eNEyyQtRDA1c#Ld<x;Ef*Arr9(ocX7D5%MFQ%mXW52sZrnq+*{fy!0IQ0kh(G}
zL#KtpyrY6FtZL-A%c&um98c<d!N)D4%rHgRNV?&3y^n>5l(<qIv9O~rdM~p!>^8LF
z+vl)fn_a#BdHpY=@`BLKRdqH-*j)4Io9;cjc^Mo{7J$@;%D%ou#5y8_C<{8)O!F2e
z(IO6fk~@HTT&!rNT+opUL|MeGcj@Hjt%7ABHymWp!K!)Wiv@DSoPyIw<D2TTR|T?`
z)uwBlrm2eMh!ntC+CnKsiSZ~_Y%6e^`&?Bl#yKU^v%u={B)9MD3rG04_}`)@3v6Ao
z2|{)(RgYbk>l(|SUhrKTxZA9e`2}oa^*~_nH3qn36m<`q4&wEzuD=_Rul_IG(K9DA
z;1W&Kv}3xzU-t#*%aj~{d9$pXoZri>S0r;>CULMT(ZfmWpLJE`3ao@HF|oWpujjFM
z^w!bf7|b<PZ@cT-I<=}sG;rlI*%7lf?a$_36=4HI<|VG$LEC5$5X#eykl*W$>!A>l
zHmv7MZ?&E3X_%{i#Q;^W-8zL6qEeG$4d}wG$Hyg^HHn&PRkf_Ht;IysQmy6Y2UHKG
z9u!3n;~Yh5w)1nXFXxg{e_ev&Qa-(TZ5^E+)-35g<D>@99^#?r5>X^>pps?!GrOf%
zX{*y>>7uVkQ%_#zQDI%H*LUlS$5Ps1tQr<|En73~7tit_gyfr#50T~X#bY7Fjg4H*
z9xQClK=+M>d6)i1&@=aD9_2Bq74RsNo$^jUhp$TjeO_)(j?OIO6b%&lrX3I{cnR|L
zZ(al?BsY&KiF-e9zb?<Jr(H!#s6tgr#R1)1!+45ZE|#}Dx&EJuHtcWVbPv?j$Qjsz
zkYw>r%5vM>2%Vp>?_Kq%sW-0l0R$%~@J+&|l57vsg_AU^>QwcUr-NUm(9JyD)yc#V
zS4o;J`U+4=Xn4q@m6-5_S~*G^<SaDPhEozF6(caN46sZ~PIwbR_DFc~^zCSUNUiUt
zYt8()Q_2;HGIJ*V^K3lLV@*(>nuy@*%ID8pQTI-@m~;rTrWq#a_`1hmoBR7n!SaaF
zdAPe+-Tm>T+b<ehqR#3S2CCDWw2>wv^Hzi-QmDPu`mj;<PvM0rNQ(9gw$`(#PCwyP
zQPc}j<HVhM!wt!h#<dEXtHx7Cl#mqL_KYYBi|UJBh|wFi02U}_%>M+0Me6(6*Z&5_
zxKz>}FY-EC+WGlTbs4a?e1URLPE5eqWqW;nP(#;v-E6TX-(pLy+#&`y;h!Qdr`6-e
z82YWXuJ@bm0v_9$?s{K4jWjo-f|4{$GeSC;+r9lr_OUjkkgo21pl|3Ab<%N@E5L16
zvZU<^wT%Um6fMzy42L8t$hcOO1efe3+n(y1-u+6dEC{7gBBcb2ARw*xO7DgVwHXAn
z4TeS@DTSw$k1#q}wb;kB7ClBOoPyvKsit#^6g3hf+Z9IMsz$dS%>UOhQ{i*4xNU9J
z(|fqMz<vLGu-0TYHa51&_WsXdkf}}v(9O-BVUnuhPWm&*-TmdVNesFR<s0X~Yml$5
zAoQ>M!+`<5HLjuq_C%cUZ6KIe*dyLD`Ayj67Lz+{2F!!{uZ})n7Gj}NKis`f%rIpQ
zC4R7RQ8r@HzYM5r_xE#tZ+GufjHecDn`%#1);f|xwY{7ZwS^WsC?>VHwX%&osk;mA
z7pvh(aP&I%Npt00v|gnxhqo*X^JkVLWWA==Y?m<WK^F;@;hV)0vUJjMJF`C>s_j93
z5woKG>by(-J8Rz8*Lz2lMSyV2`hK}{gW>z{D@-712LYj14A&m#sO=wcKrEOK1fdM3
z=Bwxx(J^Sp&8>GSC{F3af-sI+VM--|_4G<Tpe&It0JYbuxI$V%L`9whuU$~x!paaz
zOk5NB5W>*IwbHfqH=x#FR=l(la;=sV4fKFSJpuVws*xM&9aE(Yo7r=FRkA26SHry=
z)@Af)R%D;%UIAP8%oESo1p9Y+aSsAMzW)G<OhVCo4Zj{9Hmz@g)yi(@u$&U}xE?sK
zJTO}?qAAQ2M@BA5P+x)YF_sYH8n#ftu(3F-oz%>jrXit8P7H{4Wj9yAr=q2YmkAT8
z2kL8AUhzZi8lN@p2O^t|qUHR}Wn4eJA-(PUxI3=P+kXw|(#wks`YwoUFL}LsHx%r>
zRY}Ky>Egxx>2|3lG%&XX8*&t^(pV}(6)7rJdE1yZyeYak{aK2M?aQqN0~T+j(0ooN
zRhcpqwhVSGWYwj4H{3$YpA<1wQ;8D|Mr8>B6|=L7jgffRNE5Y8>nLJfWqsaX56^vH
zF~{2<57xNf#k+l=ulvUNDUF_fqY3nD>X<FIDAHhH=jr_S>su{oeb3I1YPHM-$V2Ld
zo{3)C=Dg=pn5z``clgaN1A$%}PoJ(o6!=i>2v4ooVF0&0kh{6_q^_b!6|a)i-O9nG
zNS!t6xSD(&3BHF%x(#HJ{rD<1Nw~&sTUNX~>x8tlNvpN_Z3oI$aIbWCI5tYgbuXg9
zRGmjx2CV|ijIBdr=|9x7fnG|AX3b@BsVBa`;rGkFUZTEzKP$6lrgf}KpmFmzdg7`T
z>u0h1m6ogPrfTaJDiC_5ovM`8GEL`8wpe7^Y9S(ob@4I3p4Ufh1=Tof>55G4N?K03
z@CBMTO1p9#t<OkbJcFfvq!JQ`oI37FZq-VzR9?yR7Ug`K@c+#dhJ85%?@Jn2HC`#+
zQE_&(HJ^&nkSbjt9hvw`tl_Nnk5s1x?TXB7DqW2ht(iiB_kE20ebzGx)xUCO2co4I
zY_RKlbjzg;kK3r(wv^3fO%sZe1y|H3g@BDpF>0s6F=`cw<o^VUb`|CNp4YehFYo5A
zTP$EK+e(WT&V#+YIx#)B6U*EHZmaRIk~EOG+eDA91!p2rVi-+I8tEnG<S*yL-Q8qv
zaBFr(W=bU?t#d5Jjv|h(^Cr9nH3k}2b=|&`X5(aU;hUs<e?@sU(1SUJ>8jZ2`r)&)
zUjOF#UBobS7!RMA5dfWlJj2ZFLptnq?c4pN@LYf^Xy3y&{4ew_Bv7a}DqqO8HF-TK
zKG-O<wz`*boKoM7j`;*3Iu_|{C55@QEw&et1C;%L*Z~c%qa8Oo11KtKz4$!kpfhXp
zWwfVQ5?jR;oIyo#U(%RRRjfe29Om}k|F-$}LV}Si@*{i)g>LwQ{f&FxddnXpNV+>!
zTk&chuZUJz_xUtdu%hg(7lwdJaS=TC0<xUI-}+nC$V>J?lr{MrO-VFWqHI#>{*d<s
z(4Es4R{5<`YEZbpIBjM{KGU^DmALwx{FReV44|@a8^9{CQ*LWvTHB71bxdO<M?W`?
z<*v7Z>~jFy?aNj`>gvpWV`kZ<u<JT9z;^wr_1^Z#PF5!>eV`+gtSwuP33{S+KEUz!
z{sD{@3d-RH&G91oq8Bk2rXySpyBgV{{nB9v<46Zm{#mmBqjgNV#z#GCHN4eMN{bs`
zH}K=st+qu~Z@G_X?9h*8nf2HK`iue&Pc^t$<O62+PQ>sxxFe6V$R)oLEVUW*Ap2p!
zCHon;GepUQu#Ad!urDI+7(;?|5HCYwwFM?9r6@@gM~#p&8SR?Vw7EcnK8*klDkt9k
zONh#oNj%(?$+B*28NHwP>kVLTr<XTH@s2O{Kk}QR#M{U7&ED&MCC{%7FvZDs(Ed@k
zuztk7i%cg-+h{grSymfBqCzZ9zzw^ujDjX$oDgL~k@(t-P9<QdCNs57l==n{ZP3t*
z6$y}%2KN`r5EDa}P-w|a+Kvwhz4U>6bDK<2U_U!aDuVdQ!dTxijh#2Ov*mNpm+R%@
z<D*6TKl&Q(`1SR5pT5mIyl)nsgAQ2L+{%F{3@Ru9DFO<5&~KrxQrj}kE_(iR9#6tC
z7!HBDCE`*@zE&_4Ebj_=7yU6?MJ|AH(8Xv94sj8R499r_ms#IREJZQCfC+x4Fpfuq
zv~0$k?#2?|CpOx%lA~)Hd&h2r@4|!M?i&Kk21EPHO}>xG70mOUcr~a0nb`>l`#89S
zrR3lsHEc);TC#~byCiys7NrHSyhL@IRI_fGNj*dq@{2vcx%gcco5jHT&18m>7DO<4
z_xq{{^1SG}Fqa9kTFBp@_~K3V0UX6HH$-$GXqu#G;+@mjz|N=Vcfjcb>o>oRObxj*
z`#FTi7xV156(1KD$HvA6Y;-%)Q!rV}JucI&0*2~-N<E*gT)U_&H&;?uovUyxC8s2D
zR8Y!RSim9>T5#r5%7zPZ2BPdjP!thEP!KW-LnILgM+ZtXKuwhUXXp!Pey%-Bx)c2*
z+^Jl8LTuO{j&XYCFw5(i8~Ee_^!PrlnNjm)Q6}UmGC6-47qqUwjXrc2Hfy;lHr*$>
za7c7+9!zH+Om8MvZ&<9kE!b{LbSG>rZhpwQebLg^?BKp04I%P<>;@sC)2P>bKAvT7
zZURASGjMIlvG34#x?a47CfHyRXBYB59<E-;!(LrlQ-K8bGjdYO+Y+EI+(afKwJ4~i
z3v{sh<Sc~H3WkJjgoRNDw(Og*7*@m1X5<PMzsUunhcrVvkx41Vhfrawq==PeY-G!-
zqzu*h$<E4H^!1@*_KjDA2-7hoctyw-2&W5CZHP-qsV$3m7rG9Szy&eYZ!eDkr>rqd
zFwtwJe`3IEUPXTJ`UCysc<&P8VDI4AQ}~<^U(0)blX03}uDcNUecXP$UVqnORx7nJ
z5izzF7PtS1Ztum%K0CN`fTc27s<D8|6ed#1nfcd!R|$y;n(k~J+#J_)!O_botTy_x
zW1ZRYn7L`0@o|~OE!i%WbcZq$qQ_7a7QEUFE?|Ys&?`A<39WX!{^>$Vm+K`g9Gq68
zF-!tMh?QxVk($gA&IlB+=EUF3zwcZ?RIKbVFU~5r)FaHAkG6oN<#!AN<gapMK)iqj
zs33b`F>xgBT{6MqZ_goe6qQKHV#mF8n1XssX$+Yl$IT&<2;vhFMK)=wLqXj46pWwa
zvSH~HJZe<(qF$Dt=~v0nZj)3{MU<}!ZZgK!!F!CbgVBi#k>5$5H~J^P>z?P2&(G(p
zEj3-;Wl}Tz1OSS|F5whql5|l__PDbGlh@7X50M|-{P%GY%$%H_hbqi}{_NgM{s-(A
zrLw&IIKVB5yBG|b5oMSt5Y84cBQd+tes6G&PY(^Lp6t&be)!?NemMz=+ykOl`=~l0
zs@QG7YhB?1#2YRo0jXqs-Q<et9;4IowY|C#qhjo+2?2K&zALlAT*FI`0!){jE<6{0
z-?_5)_*eP-kXfv*_`1)9wOE*k<}sfWpug<q6L~6)9%^xDXo$^r6T06{y-(o$qinP#
z3}Ncy&fMSo>_$L?nS;m6#!@>89`sPbl~7ecsCG4?<PMpMq$MoRg2;=wpR3oz-=71a
ztSBlGp<*XuCft7BaMQs>KK*OG(PgU6@AJG!ES3rm!9IK3mA&^99mcZCzcG4;B-{X%
zbliQYf`l-hV6xvypXR4!f`zMsfq~+JicmwZ7*<R?+?rzlK>CQl5Ig1q$S7*DdYbS&
z&h4V~uN0;Fk{+J#=yZl{=VPA$_;S^CJ)6guci!#c<oC_7S+9MhELrn-K8)A-K2p2V
zG?x}+6vqGDLmJz^4*4OH3o<7Kg7T}@oMXoi$V2}XaysNr@H#FAM5UslI>0)Yz*qFH
zP*QbY${;0-2#b!4et6dFcD30p7z&%5oTOpJ0bq7*sj8}ap4=F`6pM<8bnuXTWrR-!
z7@+}Uem^>Y<<;rdK(aXusr6KP`>N!!&PiwcMLjBHbljx!T-~)HD<I11R*S>Nz&*x!
z+nt8E@pirK9Ua7UxJk;6l>E5nKyQ9GAKxyztVzY<{N4~+&Gvg`dA^<Ie+OO8SD+vv
z@wr@o!fmTjkdO$Ue^?mXwVOJvqbm<f58mma66Bh2-%5S%Nqopr8QQR>nbpYzSY06F
zvOAkUU99<~^Ea7V{Bt^<{pN;DbPO!Vp8&r!8p1~vyaLW}Pl}uKz(wXk@DI80aM(hp
zbGYI}J&tqS4*q&xV4%#aQ6()WaB44}_5U0mcMmCbix*dQlwi?;7E6!fJ}BA~FW!v7
z=_C#kD4SZqK%*SOSS)N$ERBXlmMIc<A%^(uJQ1{Q2#+--9WiXEuemGZ14i^3BZu~J
zj+$#n47~#KzFxlGuV=E@uI>EZag1==ETZ4%L+hG@;;Wt={1gNj?DAg5gac6s^73(A
z@l?R+!6A3|`tuk@-O$dWKZ~$Ozqz(8upC)6_cr|AP{_>SJgaKkK)xR_t~+zgt#SwO
z)FzbH3&|l{DmFCA#;u5bnydC&N;&|k#`Y$TtV%~p4Rh;r{8t4?!Ozrn!4mr#C-cBP
z`eX}i5@7P;eSLF&^`ps%k(}n))!E~lmkTYpQ4*8eGFlq%MaDSJsr+4927clW4zMLD
z&Re;h{@{}hAAccW%n8~x0JU+*{ZsR7p+qXZ?)dolUjB&$aiaVB>C#(qBFXbI^Wr5k
z4}AyjC6I}6F7SNsqfh-e0hr#SP%`y_tfQGc0DAu0f{IFfPdu)hj^)nBBp?0cX#G+%
zSiLW5&Vi2@W<Wq6`R6gIh0}O?8U32a$Hye?yPzvUqk0XK!xtcPlnktXWOB6A<y;;+
z+6*!Glwf6k-bV8nQQC8;<qrU!Hn^_5Tl??U(=);7aMI_EkV>A1&7+D<s18|<S>3>G
zpw*^Jz>Zzt=abj=X-(U<p+RV94tC>bv$31R)T)Kw9l$ULfs4;SH(fLty=V<LyZGfk
z4=61~tJO+FM)szqVIhF}8@W+oq2SjDC5_BceG-}V`dWdhBWH>4VW_n%m#Y-L^ZMH3
zpNvX)($L9CSe;N=yLkZNxGU%U1|4!sA1*YZ^I*y+TnXHT>lfZQO0*WM9cZ@#qBcDZ
zMe>RmJi={h`9~m^fPerEalpgL^>ttHvWg7&HUoUb@C%@THNEH4CnO{Uq?Np1uNPPB
zV2!;46rb3F409*9Wn}L97%gc3Ic^I4qq(_4RR-I;ecw#;%TcI}?c-ERQ!*6rNgvR}
z;(aBY0V|2fLN1NeLDD)Uw5;wGxFfs}#S6Y7^c9xs(OT#h3Mn`vfzxdAe6WfNZq@q$
zP}E0*bT8_Sl=og5ZN|9dl6Q(O5oi06?fIZ=B&fHP+uy$%3<*EwN$G6(g<SWsBE@@$
zJR6o~E_)Zx*o3+{s4?W)+RUrjVEEeUV&&xM*vXGHBJ}lG=VyR0r1BVVJTo&vipZgr
zsnwBIqvLS*@1b3!we0?wK-FI`0LkGhSOC}4Apv5q>mJsLY_{(zVS@9e{4?xr@LG|o
zcW#L%CKm6*)Avp8codlS+UW-~?oI%3d?e+H6|P(FHUrcKsY-1~X9Jr{FIRi<ZaCd<
zc3W*W_~+wz-@=_-wS!o#%RBXIT)v>)No$wZGyN*p-1ruqtu9^>Q+n_W9<i#f#x5=9
zL2vlDfqO4S8&}*1bqs7)UhrEZ*j?u-?W2str%Y!3btT&oi^avl$8B3mLalkJ;t6q0
zD2+;zrOnAMl8?r&lH@jTjwtZWk_9Ix=DL?Bg*teXKh-&2!UDA~b~+b*OD^}QYD!kk
z+*Wfa2GvICZeHc1PD-t_`@stcxXVo<zH~)A(C^)a8t%pkDk#L_3UE3unp3tc+`?7w
z3W5}Jj8)6$<A3J}3=CXsKDa&CTMI~3?)^xlv8pEnpRUtui+xHef^}VNHo|@cKz)?t
zmnQ1yij~td{zO3V1mnKWCuU^4lZFTRkbqC%<UF&X;?(}tV|MzH_X6Xi{wVll{)BDo
z=UY-6hGX^D!S>6(Jh7ef%x+i?(`H!5jUM_>T`z~kL%4{a`}?Q|iNN(p=MwGf5s>iS
zvPEign@jZHamF}SING9~u0B@bwy8emtBM@CT(T6g{M;@sHa_kJMq)(^wO!MqUxgzk
zljkDx#L7_yCNzACU;a<B=^;kTSJU2;et&Rqg*(F*%qzx-fIhz0eks6XX=p97T@$sC
zg4?uxGK0IgtP~$x&U2#pI+eYwHiipxpcVy9$C}R9KniW5UIyTKQR>SsvhQ)yujb%4
z0oDVgZZgk=(7%G=tbvv&y`vuY>V7fdi!q5#9uloRA|jlQ?}w46>o`JkyG17laBMJ0
z#sWw^2;=V<v9skoxZTk@4pEI1!NEmr34$g5`#xQ^pN^EwzW(9&HMPQPC8pe59;SNI
zJBb_e4!(D-Ge0f)8vy(ofq|xMfx|`tATK1?=STm>41m**(A*L*IW-lB%V*olHJ8T+
z%oWTQ-E6bFuGz#@Qh6jfMnvfQwSur>(v{$)aY#DP(>lYijZ?Vsp#QNj8D)!5(%b_{
zT*M;8)_gzABK;4vHbCI@rcVihKZpwEd}4lncXxh12~@X=o5eWD%2%_Hpgv+C5>q4@
zaa=5m(o+6n%E8&pA!t8Sc~^0#?>F>?<AjhMJ!Z0NXE7UtFkYp6i8C9)n;;c(EB9Dk
zx0wGDx@{-)9XkR2+Bu6##^luG<P^1Yr*zN&#oTk#uz&$Jzm9|gXbwBZ6@w&)CI&L{
zz#BJ6URv519N4(XZW#8eg8_@FjlTYTX#V5*3cW_BGS!$Ms!KV>Z~?mvjURKjwq~6l
zOaDEjl*ze|I{Z&O`B6M^le}%5ehd*?EtEzc68$Hs4;+^3oBQ{bo{}qWMhu{ySm)PY
zzsOh*HWS>xVo3ud8f9<fpx*B>EK)1hJ8e2h&dcomaV(J15K?M61BBq=yr3@{F!aVx
zo5k}3krNw8j|zRHbAMD2oD?K}?DvQ5uXEGEBuRLG=cnO=L(k-rUL`liqqG1Flv*}?
zkD+;az!-;wm?`07Ny9nLJGZdl+^L54!`9MkW7`~G1{(b=up6V<^nU+cIF>8Z@hEka
zc7_IwEa?ofI8hNXu@G}m-|C#xFID($w>IT0&9|OAJ?iiH?Ty&S&yF4`f=^MqiBVxl
z3PyZ)Ajcn*NkRTmRshsV&|m2>o~ZwQR3Ak5oQR`QY<AwJpj|It*qt%Yu^fK^@M_mD
z;&@{{6l&<xP>ERkIlb0oZB)^=E9>put+g?<<6VTF9&ul1!I;83ON}oBfFI5FXnZ}`
z&ma2Cd&l^CGupzLlG@%>Zifam-bJ<IhHGOt``lj%;o-Gf<nRrJQ%ZMv+#h8)9eWZ)
z6;-wC^*9~Nx|n>uG#J%6e-VdS_InHPVJe~pqN@yd8gzAcT?+K2gqy8u`0YQ3?q6;E
zFlkuVb%I`Xa_I1qvBG|Ig~N8OqVL>;)K((MJO0f#2?!0QB-9#diC}W?(xGa(J#SpI
znOr3JVJ-cRjNWNe6?x^%O^%BBKAp>w<z(5HF5dTXSjXNM`fH(&wK~5cKKLJ97UnQo
zhAXoGxlsf!DJ3Zb2Ll5KB`F6b11SR~L&AQ31{Ri^?M?-wO6E5)Iwj?jfmKpcf_d0j
z5Km#&))9Z<U%ZBNJc!Gg1ZjXdarYj1IAtMZf;v(6;giGRlj-DoGM7hle4Re*L@3Ph
z6hL^8fJjLp)kHC4+VuSNh>C#*4-fAF_VId;k;~`zwN(YpThZvmM;gNd?tVXdD+luB
zH<_$c^7q`z_-*Q~wPjuY?~{AC^nMznSX|jWbp^*&oiEV!OXO_a=f>B_d4bK!RN*9s
zV~P%|hTfjj6ghidN<>CxNdXinDe@yJ?b9T<pumG1mNPlfP6pxyI^$D~FJqa%oY%Hs
z_w!~7=99aGh8kjs*uHsZ&GYld5X%OWvjbSm5|iOvAK4Z7+}1wR>|-|f#Yw21GXU3b
zrMf!?n=ub{Q9){xorKqEstrbrt=<qPJ=f*wj8iBmh<GBMv;E3@_t&a)u&}V#m*Yn?
zippOd(@I#`aRzIHwLbOFR}8&s--mJyfuCt-MAs_H_38-yRy+qqsj7~N1aq<Mf27Wd
zcyj#yprTgik{uxvp$pr<g5GGWV8G@nH%h3MfPfyBx_p(ER%U&sT}O}Vct5!;y5YqB
ztmgbMKCE2Wp{0J^v660b#Q|fGNmHxm_-F@q)@ZpB{BcwN9@n4E2C&~RD>8b|^`(y;
z|7&xF(`moQ?X{ZceFt-lLcq-I&gsX#u(*kg6yYA0|3UCDrab*6@pmAhp^w1bJ?f=-
zPv#TZrj8QYPAtD`rMZ-WGlCtHDD0veu-W0XN+70V7hm%)GcOf)RaAyV-k-N1!}^5y
zoa^EPcu4Q}YJDgv>LMU8@N+SJ_&$9gF{0W1*6@j`UxDK#u2nI`yc${%w>*~n)GJG8
zd(rK4{gL=fHyW~N03;X(p7a+bQ*v6`W>u$Er`}`!nShCkiADqiHFcCg=u8Mm*|$S7
zRPSGc;RGZhSR3mP>9P8aBE_YJgBeog&{Tm1H6AeB1V6@-e<0!M>lZ)e*Px^zML8k_
z3Xw1cT{E1;Opow@@{*CE6B1y1o?-1Kankl9E?M2$vE%XM=~c9*W@mKw(rRdGEQits
z>g$&C9?7uv$2FIAubTS-r^Zi&rrHxSJnI_wy@%w4q~FNp)Wo#FQMLIhsHqlpG)0p=
zvqGyi&Ldv(Xz)}K9vIf;L46@18$tUNtrDX7m`%dIcQDJ}vxb1)-m-nKgEELItMJzC
z)t~){6vVK<jU#lQ<uwY~bii{#Uq;hr?jJ-?u%8z{GI;V}dW_e6s7OC0g~dT`Upjs5
zyb1bWP97B-{*D9WT?NF*Og|#k62;3Ppwzm+QOVh@RULQRl@TYpECK^r|HQ3$ii7aa
z(6EQ%mO(psiOU_&QGpET|GC-5AQm^0L9N-f54kx}tJ8I{l7e(Z_Rp}$@rx?Cl=U*r
z<RKgFy$}CwUS_hkol9y(b!<zoo2%(lP|y-9&GwxyUiVq$yQ#A2LR7y@{dSJ}*B00k
zF^E}imoV3t=Ry<Np|M&j@Gue+YKcnzxs=&`u&Mc^+9i@ucLsN?IA~27`M>RRC=*_!
z16x<L3u|LMH+xE1;ES`E+-94@F3@ST`<b_KjH^mtEh4xV*uAj|I4YvgF6!G0#&7q>
z)M~WRAiAMoV8Uy^zticckoQqd22&u&QQX%zEma`Vg(Ea<48hox1^7M5Uux*-7H|e$
ze(}EjOZ=y36j6X#OwWLMwNuBavel=jQ$o+WsLZE7ufHE8%SydqLDm@>7v$T_S>s#|
zkbJj?j33IbUdW;~4O_BokyxgbZYsj0wRKrHCn8}AFAQIbz3I)pDl`O7a+LGubECs1
zG_xCK>L-5`1M8+~0w2&+G`pc{Ny}DHl0#i>&w=TW@*d~w1&aJ&0X@6$yZGU*$H;i*
z=g#wiXUpB%1GRp3w!R7QT$#D8aS&Vln9$6v$%N@I+R#D)?Hz@`5ghvbDJs(mu3UV@
zXl`E3$Vu^M*D=k}NOlLNKdwC8h8irZg@nnS9;A*A2I8WR<3=z*ta=*iqH}FOBo33{
z^@K%Hp`o{~3(*Y<^AGru(a_%s#Uhm>U;px%*-EbT&-z;;I{X&}9+K-^qg<!Df3?d(
z%WSOiNgw>-s2H_2u!tQJL`8qYi<I|4xS=Aqvg>-+lhf0~bF+Hai%Ff+mtU1Ax3K}0
zR_BiJq-nKfA!8Raoq4q^mzh_p;;RE9de)n*R((sRx!)a!0nMdHVP0~%l9jeFRn4Eb
znuj0LXE>b~>2Megtwlk&rrmu2L0<^<=Gh&KqV|i}smLB>{Sp~**STGoxlz$)Hd8sU
zJGpC}-DW%ki9?agpSo7qXcAVx*SD;&0qUR}K4;8k7p27}G;T}?8Q3cy&A}@67JiPu
zMufleaaG+JrT?Y;!6g8n6L71~23Ug2<@%cmNk>6N{P|5rhP1K*kRnP8@`om2OhhRV
zR~t_7FIYX@1@(R9OZG~qdUi}Om!ogv9@W#)QBqV@)zPR}Nn2c8z8loVdQi9cg$=9q
zVi@L3uALw)H?KZhTV5`ndZOXgk(oU%0jGH4+Gf!xUdYW7;8|&*N?s8Ur-5WW*8chF
z!y_tmOAY!pozVpHx<B^q40tQ}(04;Z@kF;;hNmJzS<@(O3p{<{ZMS>dQkt&BELDbc
zu==Z%4tDaa?2TF*AMrPAX86_RW4+Ki=`CxaN@FJnJ5-xqI<5rz&EL1Oho{n*VrEnU
zAsKVK8J|vCf3JDxa*0i-vz*iDF_?LlZSUoDJ6~$anB~o%ujEgD6xwk=8J6-cm@Hr%
zm>#NbcxE;}|9~9kH1GuJ_M-GXe`K|x+IR(@!`7R5CW?;JrAEUz_lO@WX;;7?tgvp4
z+<>&|hZ%{vBc|UrEt;Af)Y;HhT@nI2nBL78v*IxhrHjfwDC1^gU8>s;Q$ajE{a~}(
zvnZbFoR((pu>azAD7~wxsUamLO-^W@$x2F06epF`eFUEweuX>YB2CQ9z)4Egv#FGu
z8;|QrO!3%IS69_=>>E|yNl#5^vOT{NsS0Yn=2|qc$y<Ik0+Ik$w|P)qAf0zKmY=wE
zKFdzsjFJ?M=ylAkJPusHcH_@J0>o?XF(M?%gsC)xCLMtmuTwlPjaSQOyiw>|eBC(r
z9|UuH*|ymD&i8zDaZ3-_fh7s@OIuc&fO$xEZ^j!;BoCUgGk#6N)RSGKJ?Qnjjjau?
zAI4SfM`ffM<;c|I2aS;}ji&s(oZ*AoU0q(k(V~x=NxW|M-Ukz;7%dnBiP>7%i~TDr
zXC@E_=QUozO(JQEM38NiM(s!>y4EU07o9jJpj{Y?=H{ll^gMRdt^X{gySv67{-QiF
z)~1k&VTQe-9-ZeO7O{cox>DOZMh--yR`q@v2y0<!Srn69Vs^EZRzY;9G8`b!Yv%Pl
zV2#nNzztD3f8E~=a`pM_303?}-*5}@0w|jUIr#jH;{o?p^t<@wv;5?jhnLO6iO{*z
zU67lqrq=rTWX$V`k<HM*LQ`aXa(OE}=4<<z6y|mHN9v1vhIRJ3kdC&$%M92B-?N`}
z`Q|bC)3-cV=_;V5=!(|QWy!}>3U%gqBtB3Ve*3+IWs+jpE^Aw-lH$V+pD{1FjJ&M4
zj9=Tx)y_E6mw|MSgV8X2yOVZ-oi+E;Qk=gZ*|rDdW4s7FAi!!?r5(O+SlS18iTr&s
z4!)eUC`N$#U*{YU*)aZ4HtnCZ4n~o}VXfZj&hTg&x+GdsdYImC!T)taYNlzK31&(s
zyq9jmSo5MNciacR-kCB#e`A<9zXfn&WK8T)_Gb1@OiD`HL&2G&p2p(ziy8{Fcnujj
zZ@YZ;zR#r}ip!A{?<=Hkw_r|La^r4(EH&M^)kC@H<9s>yag6lUJdV?@v1oI&&Es`q
zE!yrb8vF>Weq-tE5;LUF>A@`fmpQVRe(-@@;POS%`)eh3<-jt}|9IfJsU}1-8kn=U
zI)X4n;?Jj=RdvZyhBl#WT4E}vouuQA)F<V^Yxe=lnRchTL3cRe#$h1`xvC`C>U8%r
z*L(Vw))}%=zeuJ=b{U<9B)p}Y<jVL!LRWVBCO&QWa;<4h!qiwx{TQj{RWn%u=`dk{
zIQ)l!c<2jJp3bRvlnS1=`rhw=N93*{!=}b91?xY?CybchXgHCTRh8^=<ME@DcaRzs
zQTzgi#Nuko!l*gZF+cXQo00%`*@efTV{JPgTtq~*Jw-V^s7-6QZnt-OUvFx$uy@!2
zRx5Q(tPWYCeo6t%9EJ&|0$4a3PuYb8`1nr{FXiP*ARJ-G|7UVPdv!qXcAY$IQrFw#
z{fK-E!C;Q;HJWsDJyz7yxnxJ*_8flt9&duzfz<Jmjj`_;tLiAZXpa+w+nM~UCGNSX
z+p)5&3|Dv&$iUk_-u2C0XC1`<NR!NU>Uch@baI_e$)c7Ks$QzHf^o}QztY)}Nd^rD
zdj`L~Um}0##xBPvf#?QYv9jUN&;Fh?0wa8T0@8)*(OFtnb@{rt7_X)CaP}7ByXx#}
zNF80&ZAm>mZ4MnoNYl4<Xf_rFMvyNd46J~8-yDn`fW;MKYI5S6irJ9*wl=SD?TGPu
z<_xbDZ|81*lN9oxYBc-;!|TiIlg4<$aZytCUgO`tP~HmTs<nkh%Y`eIJsu%64Iuyu
zW&LPniB%`vIf0iO8uT0ZojH1j@xS&|4=EdN-_tC#&8|KaFj%fs)J%^LLP7|%k=qkq
z-zxKK_<hY^5?Zp{=+qlbMRwD~e$N?VkCeH5*#clAud<^#U8)AUw-$M>J(nh@yTWG2
z^4JN=Mq2LP!jRcu+eS>>Azw;ZWa@@ll)M0Q%yR=x!ib|g*Gyq-rcDHMkGghTbK?&E
z+weDbsCeG<Px2d9tUu<=Bh>z3fA%xQG<i7Xxc$F2t^=s4ty>2{P<k^UH58F5Nben_
zBS8Tp5Sj>tCS5`g(tGcbCelTEks=@<O%UnCAiad%k?`Vw@7y=<zJKP-+OyC3&RXBD
zv(H(3uPl+5BQx$V@y<)x=Jd6T<^*iINH;yS7F3%O<{Y{oYlYOyEyxWm&BR079i?1u
z7DznIP7)0k<|`3}L_IXML0i+28+)dAM*2Axs627vcYQw);>)=gb7S3^TVRZiPNC^q
zk(>$y6|kfcDIzKzQ3~*!P<!!2l}i*Tmh(W$t46?M?&HefOe7L_mJ#Qac#eAB=XtU%
z<?16Hcg2Ba=gNHNQJ_Nl!Homr{<*lW&c?>3hX&2TQ3yE5%ab1kASdqPwRx3EJH*Xl
zt6Bw5ip01xGtj=2wXT_z_bJW%N-fztJH%c+K&8?iz`dK%+NqoK@QPMHBA@M5Bp*wF
zfnOqg!2kV~QPAaMfQCz58DtVFvu=C69PL9SE756K?~VV%op5lTJ&?f!&16VsOvK9j
zsqrC7_TpgLuc>O-Z2s!Q{NToMhKP(bziZBedHXjKx6$2P8tcRO9eq4tV};e+T@Kby
z=Hu@DRn;y@;XQ-TdKLIYEYW=qeEp;NBXok;lqr|@EFW9bD@Pu*mxYJw^S&lNbQzrQ
zy`598Oe;aw=WytOh3-z*EWzYWZwv0+BG#PG?fj8TcTqF))4|@w(UH3;8G8Cwyrb!?
zCo|)1r3|o=)a2|LdR(jvkFn8Jo&+;Qn=x|Usyhdl6)ta(t82I(9Vlik`6&~4Z{w_)
zB-z!;c)XI)GwmztWgZ@Or|3D#HTGJKaC%an3_5-sL38}8{)>9Bm+c93YT-lRREh2M
zA*j1{Dq)>$%C4l@os0P++#4LD;$?9+`Qks_$fy<($tOM|h2*m4tj%4d>;N9+=frm2
zB=ZU0ZeF*Gn=otl8<^A#m{oe9g~+J1b>^oPK2$+GZ?ZzxrA`;-oP~1SOb{p@u45#I
zq$03S-#M6rpPLy9xa8x#eiKVCoM>Fv$=O;*d+<Jz<o5WPA4a*3emN$}Mg&`X53B7X
zC!nwDx{{+XXk<{LH&CNe(*0djl6)+MM00fqn@9a=KNS%8t7l*h75N13j8%Wze-Qq{
z$9Wt1sGo_;CxR(03$1VFmEoADcKL?z+Io|em<;}8xpYX!-Z7MjnUGNZi)~(DsF1kW
zpUGl4^l(ui2j^w>G0FV!*)lDRkyb-nR~N5CDy^4eh^MsFQ%tPW*5AxY%i*Bqcnh73
zJ0rANS8hXd8e{6mV>K);441wZV!1=X5jvoDMLhu*)7*L5KHq#eI)Co|mFzo1cJ|!d
zoV)Yd8ZB*$E}ux+y>}m=ETgor)sdf0kh93|L@vu6nOA#=t<!POXC>AJa<5`DeIb`i
zp=klQ;qk<!Y0}E+vdQnDb^S;0>#Cjb^?>sE05I^o17>f#p2sy-Ps;Oxc5OW)+QI&I
zk)_!u-#4j$%>}@$IlZW9i_{7mFUhmidSLVPLn_#9H{!Ra`<;r$`i)5uVaxT&2!8Ts
z!xsGPmHM`tDUy?WDl9E1;z1p8nL8HJK*Ri-S3wISdgp>3K0&%Y;AS<p0JQ=Y0#M9B
z5-6!=h^w-QAFWYKm8|sG#U;?+-^|q1^sL>VpIMD50__uMZEfx1A`wl8(lMNh`+zsY
z-^8e`B_+9edyj~miIn2!t^kv)kKHN&H^6W|C-aH~`4&6(IVm<M6S^Li(okn_vh4@8
zO{Gb=mkW)On4IrgHJ5!O@A$Asez%?lto8Lh-Wc$0=lAp7*?Kq~R6f)=smLzrOCfG6
z3MP%*`i1TWVpZmpp=vEXlsP(5PshcsCS|_ddCSf_n=sShvQIKlD=)5@KKT`&_`NHz
z@8o$j9gJ~n`h9LFO!2JOH@#7DleTH{8|olnrrDk~7T&R~V+O0md5dFVIz6wE!%G1|
zMab*T?MOdle|%1Zq27!fwqrYY494`7_RBTv#?L}5nfy$n(VHS#2TH36Is+)=8<CiW
z?s(|CtewfCdfQ&B8M_Aekxcj$*x!|rk^n)0Z65$nSCwxltC;KzNWypJex8qbv*%<B
z%ZMPlx`L(#u6EPpK6ZtJ-{K3zT<9cFdrs`6+<qg%rGSWO-38C>g;?pt5EAQqYVe!#
zP|H%P1Jx5%AfTe8jDF%W#NA_I3h$S{GM~EnL~Zw!aIw0b_3OBuEWZzvK@6AiQO*S2
zDw-UUaSH4sjBl17Nhg@;iH9;k*MH79<CYL{9lGRZwnp(Y$(}->XxzHjQF_VQ67ubp
zjLlxAk+Crl2pq}tPi0h)5-~SB2d9_a_vmjqS#}s(8V=mY^fsTLO9gybJTD!~0VumN
zNH=9)WDNgIc3PPEbaIRtgjGhf`eP6H)=<rDZ8h$@wa3|Tihz$=u_<S~j!~-}?ai;R
z${BHcn6{=|o&YaDA^T3n8um`ToyLPtJ5KBUt4F-kMjfv%FVWDZ^Ho^xiutBoyuZ`0
z>-rjhrz7Yd6^J9uc#AoJmh$aw3ymT^${avc^!WMS?71SWka%^7AS$8IIY5Gbi~o3E
zD1?_&o`8lyo!jJiBAk*m#2pE}uPAE+WZdY@Pvs{oBBcr<0R$<z6@^|bx}<*F&{{H!
zoi7|ERKUvnoa`b7!f^X!HY!YNta@kX1llJKb(n?ShF2badZj%o`UBCj(ed3=L*zLG
z(z2H_JPOTloPVS{Q7e9Z;+=b1<>!kX|Ap&_DGk@1dhgC_-*jB+p01zmk1cf}1LZQ^
z&~hW~UX4>`ZH@cmC*kv~fwo)JYjoc7CchUUeJ6U|?cyK1TDuold0q>V!?3m%jUosg
zAN}8J(l2QrS1&F0k&$j>`YNKAK|-OEk&h8XL>tT=Jyc0(9r-U7Lm64!Wo=R_T1rU+
z4CQAjbYJLKy}1`d2x`FFAG&U^%cxrrZa*}$Hw|n0;k?1%hbv%I?%Of1*+z&g>#~Pe
z|6Mz*<D!ex4hu5|B}hSm^$}j_l)=B8?I#q}<UZ+NkJO<`BFLa}bOq6dO7^P){XA)k
z3bJh8_EVuV$USXo6mKxd{)Y4+w5=j6<Z|2+>}P@vh2Q5Cr`199)Pq(Y`)J%t0IXG5
z51|c&rx`Tk0!==96z_8e&v|>DX=m&Xr^XrLsy+E31G#?cqSJFzghDQ}8)25h^RwRa
zN=+iv-RUXy>aM8=xwnNg;!>n1(PF*91QVTvoNWi&`IHj0*@<ydB5ASQvPLhPI<?8%
zHOW<1%Jf2w@I;lRKt%KgQ{<m%?Px<B4L<8rbCelmB&({gC`TmSS|7-NAt|!_>&ZQ-
zcYLww$Md_Wj&k^Z;8M9)ARV7k#k9LPge*Q~!|&S3yZUmgFubHzWkm5X@M`IYyK$AC
zH0sR8iSVR;47T^dsQ)q99koPpUdhLuZXY6qfBVt9(=XQn?ngps@e6Lh=cF&ek5kP^
z8{0}UH#U;$x^qzwsrqDPwc<vFa(-lucEn`xL#G>5KhG#>Yzy)|ByUJ+s*Dl%Cg^6V
z;#w~8!gS~&+`smb5-2Ko&mYs)-vFF6|NP*v@y!a&s5Q#VO0a;0@$=B5D0^xXpZJH{
zKWO<#4HoE?NZ<D7d2xd4NYn;iD06pmMz1GzQ*(q0GrC<+LYxr~#eo`tdmOxV!YU4W
z*>8oLV{hozI1*>;Jmwu>pEb%3&hl2-`bMLyWC{HJbnL_qUMDx(;t&H@u-Qd6A!iZ-
zn|`NnVSHMc(r_-ffbXnLuxcXg0BVL)iVWZ2?1(A6uoG`W0c-+}^S{|n5w2EdQWI<?
zYCQ-(-8!v}lrW?b%`8=fv2{A?iK!AkORvn?P6P!R91TSVrw$x|M19HVTh#5n&|%Ja
zgs6T*d7l<{qOiY#Drqz<N>pKdIN#DrMdFg`s9cj}fihTMCkh!BQpelkP^DPReZTvv
zZ)~p{S)SAPDtD^aKX3H#wH&fUp`y?8bsNdivq}?!Km%KjgFHH(G-kE3ylpq7Uh*Th
zNLg{{d_`V7QssuZoP}VBO4nSP1A6z@_dAs3olp+t%x_%^cbp#0jd_WxcN}6Ef389=
zLw^HUvCz%^jl<pRWai`Qt1}7|%ti3*>)VXDO_^_Trc4%Wu)E**XY4}BIgBixRjM;=
zTWN%(<^Y6y8k%Fi#@M#p;ER^Am>5(plVmr&amR!#u12p%S2z1sDd$98QYvKp9hE%q
z`a&*PQGiq7NgeZl2>eOl@Gg<Cs0X6a%C96`S2I2QJiL`Fd9xEm=_*HVR#z3O2o?j4
zYdza+N$DMK!j6_ddp;0S3hUQ--09n-ZNngip}7xu%yjb9+Cy<6vM684zyX+`VJ-h2
zKjLZcxA3TjLX4fvY}}v3MbO7V;E*2A%A-^y>weopp}G*qJH}HG*>hXffOYM;h_HKg
zi}_@dxZ@ijD1hTD{puZEOHO9m44)T|WwoYlnCux=Z?cmUq^OWcW4h87LdT#zjK3Bi
zI$c>*lg9!Gl>xWFrxMXIF{;$sx9<itA`I{AW{KKM6l*2}zdyqRM3fo>00A;SfKD_X
z073NUB4q&x{hhCtI4mUuAfU_Ey8!{Sk_D1M9SX(i1)!U7L4z{MfeU?&RIrMn)oGq+
zkrsoy^JY?6jUrD9Ct8};k*1zaV<o%{EtcB32!Qb}O43<B2s1ZvV>lJfeQjRJ0ee%%
zvVZE%u-l%wk13aEMb8e(vop+LALTLN;>+DSTat)AZO`GB`B+-hnD`T>fxAiYdxOo(
zTGiU++pq{O%3G(z$=Ab;*7Pcc24WrrEyvReDR_AehzH3z6<Ss*aB_3VPL#S?9`Y0!
zKedz?@meZP!A>LoJ@DgFjRi=mL)a?GZGY<~Ted0>Jlw>E-5YciVo983YhmG6X_O_}
zFQi+$_I<1jGIudX3g*r~^+!V3=x;q50^~CDmct92pJyu7zSIi$^-M4k(nx1{QVbql
zXjRNg?BBjMV~Jyn2hHkmq1^JfojdOW)nM<<IomGtH})1E^{E~?VRL0*%ZRFpI6vh3
zcZF<LnN~a!zp1En#n$w43Q=ou#Jl61JQCNGJ0YTj;hU+Z9nUM6dn17q%a;uGcfoYb
zx%1s}iB9<=Ylj?-%BTv+A`!c<9fpK$f;b-EL#(zNdMU!*vTp^&#p?5zrMfZ=<rc;4
zH6^tw)0)$PWdeSDUHD?ex*^<d$jS-vv}v6cth|`59<Irv=i0<NkATzqG(;NSn9qY+
zgxb3qE6evYm*1gE4pNjy-#ES!q+S?q`(Z5u1v<@@hGb4Q9YsV?&)k8{Wa&dWFp&wl
zxWIUndm;F!;R(nhUqOI`Qm-?TZn_1g&?nc(>#MbZxjUcs5jAfse&2JR7g&C)$|Qn%
z3{!R~-zH-oJ$@DI-5x(ZL#Mr>KIi4Mq;(O+J7`i#c6gFc0068n2d#DQeW2T0H0o@X
z^Y*r~d~x=hS-xC>4gIOvZ%l5@#eJyqr0GR3etO^tS2JcLi|J6lXGgUzdphH4Cp2hH
zB?9~L2-i9ww069oj1QNQvuEO$o7XjnwOU_>j6>Tt7Wr$})@EBVJ=_;Hm_-hR>7ICw
zOvPmK<bnA{7<LT(kU_|meal5gv!wk=DTc+q6P&hO#=Utg17q9~ODuf2<@DoRX3x8$
zLj5JF7oWZ|YF|2Bz2xF~`6K$m>ml7PyYDZJRhE+PE|tcZn5TV#FE;alvUwzw_pT2x
zXa#*Iql!|x;wj5<!T?|UxpSX{Ej$1~ng^|B`HP_jwH)H4d$(tV{8>YBLE>F&#z6RS
zq4T>2n(%T<E4jvWh<o?zJE#$0pbgzQ1x7Z!qtUz+*V;?5S0jY$Zv3{JyA2po^5|qs
z2jY^Wsq%P24HDg{A6h3dN<&xL3W2zioIR32!H-ou&lPShO2$#jOZ@(V4fQ&3>L9zq
z@c^OYiD$Om#`GSoJJ|l|T%Go}&b|Pf+pD#4?@HcdZkw)^NULNI$hm{dD~KPuz&$~@
zz>7fu{=iL1hmIaRKo>qBgcT1ELIfb7_*>p$0Z_^UKt2G)y}xA;ZZi4<B>G$8p#OmW
zf&K;hU+6!ef1o&hxW|9V|D)+2=zll*|C#;E=zn4MFQYhf|7P|tqyL53UzPHYCQvmX
a=tf^iKJiFReE_aL0h(%hs#VGsA^!uE&_J^Q

literal 0
HcmV?d00001

diff --git a/docs/installation/images/nginx-webserver.png b/docs/installation/images/nginx-webserver.png
new file mode 100644
index 0000000000000000000000000000000000000000..941fdaaf639ed2fcc38ef9314e44ff2eaa38f57f
GIT binary patch
literal 82642
zcmZs@Wl-FGvjn<}Ed+<)4uKGy1b3I<!QFzpJ1h{~g1ZNIcUaur-JQjPTW;#sIq$j8
z``nrj|Em2s)zj0{zpf2al$S((NB9l^0H8`siG2eAVD<n2-~}SW-(QF$MtJ{zfKJ~e
zMF5o(#K!=D5I|Z?Sj8Q9mWc$`6;FIq=-Q|YIrGQBA}<FffH4%8;czhfd?Y0^2}t@}
zOy{nuzU+qc*dCFiFy(Uvh7M5<<-wUC1HYqE{5X5gnwUBDdi~>Dq}S1TaeFHNQN%f}
zbkAkJ;x<Fs#m>j&yrh-=?yx0oouRXB-?gqqg+ZG9zsf)e>xfjbawFBXDFaH!vXS`m
zdf>B5w7F#GnKbBfx`4`M*QoREBhrU|)Y&Q){uk3Ru>W<#qF!5FJFm>-J1>X_=$$ht
zuF5jY64E9J=C@g?FTMTVQii)xZ!v3|Sf-{PE`ufYk9s&wh7840flxf_*2c00yCxmy
z0p5Z_9h07)p-{HT386ElB6XO{ua~;0_V@6GO*X5Ib$4Id3k~9g{<~a|PzXN%qGPE<
zIH3o6QA=IG=BQT)ippglzXCUaMYo`yIshMXJAL<Ev%{`uLzB<*ot^_hAs;QpIh%q>
zs&nRtpZ}=pdnqCOI)!SY7Ggek`zk)Gh4N1kqXBmeijy!mK=AKc9^+^6E=w(a16QFd
zP4cYyAL_8%ngG&nH|nj4fYXJAg;KWqh6dHBDgzE(ntycf1JYSOmbs;6={xWA^mLi4
zL~;R`I|iv3fDidrd-y{8oSHc2O?VZ8ZCSsP!Y5xdAwJ6<D#R+dt$DB;t~ojhPyHM&
zYEx5FvM%<=+}m&}ftC;c|12M6m~VG?Fl|v$Q6>)BO}31>l3RMH#p*COU+p)N7usP`
zl2=NPVrw5Pa~eNap78`+SrT3`U{oRW<S+0BTp+gBfq7w|(b3W0+LrCVO9apt3^wom
z3j}Rg7z+%rtx|cpxw-H0dNsF5fnIPYnm<V!jx_BBFbwp7BNX{!uy~Fpi<*k*s3GON
z)8Ue{37uf~xgW57!0ki;@g+&O>kZY^`Pmu6G*x#(4@Qz)#1B^&m&E<Bt6_zIU_}aR
ziI-YYU0of)db_r>vy(v{zuuW-meM{3Kq44$!yp98kc4t?d6Pr<tc>-5V=~U)J$rXg
zK4ZeZlNjeRXvYeTkm_Y3CeNBYwCXDtC)cBWZ~1`@H2wp)wO3M6;R3Fh4=xg~USD5_
zE@FL+y4I%NO4=F$G{f<cKPeafv%eqwJCtF1lGmRSQ(&u+zZkupLDW-bUW@k;%3)`M
zq~(_4+t)GouxU`q(O4vfWr-JS;c}zW$~#)BYYYcq)FuM1u~=W>YI8V<?j#<t<x~)7
zh4i(q5c{Ts<2hj*#+34Ch%urOh^J7MF}-0Mfg7045zF7W29!QtJ#az15pQ1-r#$;_
ze-$eJ*AzfDD1qBUdW2@5JY^ifzlW^gmLFKNScLcsft^%Bl7VOs2O$T<72Gt80H+f%
zD^m6Y@HOJ)?tuc>12@5pZJ#<Vy#CQ;?x#A;^2n*40biTp7vupdj2J=(Z~sGL0WEtW
zt`)n=E8sF0gy)9?i9Zj3NRkhrvz3t}ZC|PRQI`LqIfb-xX7gX&QiTx@Jv!TWY{8ns
zA-$>IVSsV=2DJNbNrCozvTQf7s)9Z##kuXmRs#=vvdxE)_kbC&EBO^IkS3%Aq7_H~
z>$nu)K5aGp2qW@H1OcRiS_|jy6wx$aVdEQ@<sd!#F4%#?Mh$jHGpadd5?GnfkzvKQ
z0k(a?N3e$Nym|ySQ%%vx68{j-Zr72-+ue1!j)#l;N8O<!iA|BTz`J8dUp)}~JU85V
zh{YqT;Lb_cM?u!d1#Br<O|a**e>2vT)7Fzy&YF%B)x%8y@!E)+0xLu63^Kk=o3;zG
zFwr=gw?1N4!tH34BmlS#!EA#2E`Z9!=)q|{xFgmmuInA_keCPvzfM7yG|WHiISmeu
zUIxG!U<c-KB#&xFgoIH=e&$P;$gnq|fN|{U$uJ+5f#}?F(SlO2qfHrn{IA{FjOG%|
zggnCZVrNO@)N(44%hn*vc=&iq+(NZ8PD`QKxXLLddwmQBt8!|9HLx=)-J6r1L=;^s
zO-R+}ANdk%y?uCoS+RVrOt3qw(GPq7Y)Ty59SIU53+%5<LqMZF?N=Ru9bCscOrmcT
z^V*V}fRN`^s}S*GX%Tt3mXK2=IX>>zdFQn|)gI14e|dk5N&>?AZdqzIigUi%99#0E
zCe&T+3tEvSUl9VgaDU8axX3ySY!)UU*Or==eBVKW1SvW!q~94S#VKll_p~h1Y6KHt
zcs*;XL{5rVbu}E{L6f2L-+1q&0vbw#HpDT`2_2db)9O>ACHROWHSlM<-4{NRnOr)I
z9Fmiaa~pojMoy{8p}=EeGU&-;yMDk7v%Y)J<oYw3k>`MZSuRVpe$U5hDBqQDHFGHn
zw)Poj7i>Rs>97L?M-w3H04qr{VCx&MFZrH!37uzdezOQ^n~;Ea&3dP>XK^Mm*&SGg
zK?yy3GED!yT`v;A_6Be}8cI1(R~EFXVB>A^&4iMiK*#GrE(5wNI@kwSb}oQ6&FqiF
zdDUHC0MY_Ut610>xwgh4XYfogm~+H($4OI;d*tLSHgpeOTXGhsvJMSEBwYUNV==f(
zBM)dKgiA@b80a^U#?~vr!84AYsuRlK;ufDbP(NRBsze%ePXXD(*5{M$8U(m|&s@g;
z_YPia`asTb3?N29J=8&_3MgIwK>gG=+>)fDMsn^X$2Cx9t@k(z=63kCo7cz}+)`Qi
z36z1H;5JBw=~hTxWht69AC3ITyA<`YR0{P%f9?Gh^%orA(PtK>DLtZw9m=`x=1`aH
zcB7HrIL*1V#qgS9l8+>S^UfatjSz$;M$iu@X;O6Z$1HL2=C6MLno1-jMD!%EJ4!w^
z2<$YjfQBO185i~yWpol-%@@p_qSjB6jHi;sGGZvyl1)roZPU|AH?x~pm~nApo?m3R
zF&-Q0m{N5)En8H>%;=#iB!6tqE6-(B`q}wtiZGf3PN>db*%v92UMB*9gbcM6v8un4
zSny4SguK1+$V-p))Fspqbflv!*hw5mo`r+%B0k<cs~D+}<_H)2PbfkJ{t~YUsHG>;
z1e{@2Py?EllZC5BdM9$X6pT$ns*e_r3fjlYOwZne9mAP4q(&RKO2kt<e<li2l8HNT
z7yFd|s?F0g5{%R&)GR)W^M1u4(5ys}MiF6%RejiUa2QWcRfEK!6o$fb4p@)qqKvKh
z#gq;+(uom)<VWuZLsli2{bgtNZI3I5o%HdnbL_$n45-1HoVtoWo6;5A(Fgfx1IK@|
zjWo<N81Ba_<pV+jG8zwuTSfCF)nY(gx3l>14;i5hHs5fNeLllP8H%9?H)yx^5}>~W
zI0LKFIp{AXGrM7pH*m^ogj+?+J1f3(#ZBVi@Qn+GwL*5%Hgzfz7t#y<p6}XjUJ279
z3C&_xy~;;rmBFNSV{Ab*dfYCgWuZnmfm@Ry*C9`@=Xs?Bgg7Xule81rW5{c=%5hYw
zd+1nIw(1hLy6QjXECX9#zDq`9#QhVue^HC!&(sO)U?_%;%=^@^L*kCCO;@^wsOtc*
z10D9{fb9TH#`614it=pkY&;}VFmH_hj*w<RQ{WY4^!^^spU*x8$6wiiRe98)$-9hN
zEKVo7+P&}<hptM~Qc4Livnfm1iTu>BxRDV;)1>vgSRy1_+Bh(M{0y7I+_xB2*|1Lg
zF1b>O=k%ljNW2(>MHY{kkzOgM|E5qRB(5V|y~q;>(C!W~8I<#QnvHrT4Ey448|=6(
z4chA|f6)C3+mg@d#>hfW^gt(Ghm_#d6CUVjs4v(cZel*l8LyUBi4j9@WI2gvGzQsF
zk|AZ^V;#2{Yyk|9p7%%1)C6K0>a_7Ug*r~5kRx!xjztK97L~rB;j3ryJXVsZH`E^*
z5O-0Yfps3I>m@PH2dinb7ny@eB4?9!@?N6{g^?YGssCG|5@BJ`I0Kl@@Edjk#t;r^
zv;k@)0QaMJQ6WoyE#6e9WZM-MhB^mJWuRk0GTM90q<wsG(0+XZ+hXJ_nxMZk+eIl)
zN~M(aI^!1{K>KPO?8ffFL>~250<H`AAq&9o_uleqhBe^V2s#ec1Bec4YY8GM9(17Q
z8Nr#C9Pdj?4j2B%@&}&%f(p-9z)k^MWxo{MNrEIs<)@Do?sCL7Fk`x3vTl)f69oS)
zf5l*Wz-U9j9<HrCmZHH=XM~R8uv6=5I!3?@UJUh&Ku2A-<085>6?hi3Lb!(HG3A7T
zkYM5j`l>*S6=3Kr$KBpT>1@rH2Td1@i--Cnx4@d+F#4~|EuV#=W4U=n91;)cET<ZF
zVGb&B@GvW>2UW!B5rmrb={JO1u3<+=BK`L1^;7%l{1f4M6|VlpxKdaTR<YpfdY7RO
zCcSBDt9N@m&oLKzwjbqv)A_aj?9KuX#TmKW*Sa~E)P<v;m{Kb-f|kQsSPIwHm*Qk(
z&H(~ejo&<83<=0%V20Dmz<c6i%L-A?4TR3hScq{xas(K76qWGm%RG=~#Op6aH67FE
zvr8)fl00#6Z<Zfej8r<Jc%R9=bfI31er|0zjqf4#l@xff(|qtc=R!K9Uyp4Kb*$AC
z<C5$5Qpybsdw`z+_vVe?hOL=}ve?zTWeb{9XUA1<EEE@`XHy6vvhY-Hi;?sb>PS-q
z3iSra=Q%pkYHS|em4kkXKYpG5OBu?*^!)JoJg2Uuf29{&dV2So=A$MP97hk26pGum
zkZo{;<!x8>zKHL$t;MJMl~Ggqn*K~H2DkKdJ>{a>C#A3l^I_H?2Vw@<u`ovNPi63a
z$PZ|p-5mxN?~LEclZcl?fBl^t;PuGwLFw;bis)`c$AOzU-VGNyI*q$;sa{~NEn-TQ
zzOWu0@$HAQS<nw}bvl<)KD~dlWeQv^7fWz{3@rjy<(N8_A*N9)-ge=OJ!6g>*eW#z
z8^PU6!<T{#?0(ti!bq;IZ`>PgUY)jT#YOOQW-0d>oxHNz*kD_)2|rf<X9d^PlFjfV
zxNyWjxvhIH*X5P5mGZ7oPf%hiMmH?%VW~MsYY>oG<(Ov)igY?d=Gc3Af4D^y(7vB%
zsuSRh%Dr;+F#3*jRsP?Xc?T8%R_z&y>MlIS;o&uiUoPjb!g&-~qKIl0)hLQac2=*a
zRw1qaq|y8U%XE4pV&HmQ)ZCqqpk#(S%QK<sao-J5l0oB$<{}tFaYYafEa;vyuwrp-
zY}&2arAFlrBkrxWUj8h2&SH8{EPAFJen5vdA}%JhO-WfsqE5i69eW|R6Cow59v(TU
z6`%c&lltd}YGx^N@Fv6p1%0ka#bl#=%t(u4qPNnG$w)uwb*9E`Dms3U`6^M4W~;wW
zRfLaPx~j~j7^O05#eqR+r-ZSieorF-@qVE?6}z02wI19O4lhZZ;`R3O$hKXH@^f(L
zNHQI-QuvXwus*e}IKa(-bpDPK0&K3OUyk|a@9(=BYC|pfFNqch0H^9Zv+9gj;YzmP
z>l57ZM5x}^Z`Je*hL6)=REA!|qJ@F{d3}?Uh{@zyyjO51OcZ{>I#ySH+f5ea=1`L6
zVOA2-p`rJs%w=)1a4MQvH(_;&9DP#lcI5LTes)lSE<wb|=3)r-61nh`FG`=vnRj$W
znX;ddl981Ee~5P<i?$bx7A)KaJc`5Zovy;go8_x}>*KrP39ufVEf@+1SlV;j#R}$H
z#2^dlbQ{6jl2kh9s@usxTLLs8#N^S}spv?F+xnHj{TCK(Oo^&)TRtOm-RF%lcTx}Y
z=0j%ia=N68yz||QgSFmVHI=W*1>nkEu2*LlZbsLHxu7|{JclI2KovBtDlBM2jrW0^
zpyrA0HBKiEP7e|3C@T^@X#>3uFRxq0>_2iG`~mV3cse;*Xwv(d`1>orD543g>nFy%
zGb|XqwJ3u8Dn3#bEQ6Hlz#SuM1I_6l!Nj2vpBe)lw+#lnzN_=N|Gl_!h~YVw2!dSu
zM!}9c^;DDIHFb8?C;@mq_W{d-GimoTKk3(zuu#vfTyi)%R4e0AJ=DNBhQpD@_SWNR
z>@?|=nGTv5EX-u@Ow>*AO3SZXH3Z9egkQoJN_Fp)ggLCbH0iKLndnPsWf+u3st@(#
zyg{)E(j{ji$BB#7pU&I6xDhRmrVKe;&op-T@*g1dYO(GA$5w~BFanF_=P;N*{s?o6
ziT>(uG0)jnocMEX_K^v43J#{Ep_Bi0En-;{o>DGziT%#S9JiVV_UpmtNaTa4=47@W
z^Ff@0A0pMY0sEE3B+M}kdWjZQ+;~dqTv56?@4S-Szat}()yMQoNQAv96ECec>|utA
zCd~ZB39v4lmV;9$=H*HfbBgf#cmFWp6wGJ0IQ+}Lcu=8?K!e0N^p7(C+|GwkT<9u^
z20ZU@kd9iFp3Pt1r{M~lW(gRNh6sJ2RkRW}AYCbRai_z=I<0JH8W62P_pLPS&|t$w
zUZb7CF6JG0zj{2p)Ha?q_D(5eM2u(d_f^~w3JxWe&R~*G&W7ZYnG(|ijya+#?s3?y
zWGh`&#FYtSsrg=;Mua1d=<|oox7IPWN*zPvfyjpK-Vm9CA*%n+YQ~d*L91uKfAa2a
zC+@YJm<|7}h$2a5N!Kg8jk)@Bp(`RK@G}f*M$QgAB^Xg1?R_y<p@*{&!xo#b<tS@K
zE!aW^l40KmdH8xy1|hECav;W@Xn-^~VF+Tt9jI|}tT~~z9F{)xBGH%jaXK5J!;%*P
z3H!FOLA1#Tn@B&JDYr4gj^8cjQqi4Mc}j2WkCvO>y{e@=C%D+@*tH<Rln#=Zt$%Fq
zvy_M`3@OEhhP^kp)ih_fx~T0b3@LB3Nt{O!=yS|B)4ESd*0h~k@;wE!W+EFSH!{}p
za!%B8GsdixM$fxS&8qOabR{pPQt4Y76AmUIh%2<gqEmEMtTqyoI3H2WT2ECATVv9q
z;iCee1VdK9xUwLuN^wWboVtn}31oInwnvO>V!9LKTnJ>kRMxmC$Ju?@Wmw${K8gYt
zJC_g_r+jcOc*F?0DJKA&hY3tN-!HOSNi>YR{+9lBFh5V(b9%gxT=rhk>g!P>AF@>c
zyyL(};m@(Uhh7V`>UvSf9r9a}1n*q7(`wgv<{xOH=J+Q#E1pQv9@Mz1o*e+*z099q
zMt{rcmuh?K1ig{AY)TRFe6MEItNoz>Sj`a*MDVrqyeJa<zheS6S*Q>E0LC?SMlTDu
z)&jdyFb<ggHXH3*FxF{5zY>05I%+6`2;#$zmAw>?Zli2<AfAnfHG<_g(0(PJEd>W&
z8xbF@rrpl#TzyO%IUC}BFYdn7bxgJ2*rX0sNDbyor#MF_p!By<fZ5I`0VPNlv3-Pr
zA(!{iu~ER!VG?{lp|+vW{5&mLeiwXd-PfwRu*A1iUeevV$kar_$yA->;Z*S)u&6zr
z5E$eR!0#X-(bC{tJxS6tq&oX#Ma(y38N8^OyGyZJbKtvL`-n+Te4{stnoT2I$KBYJ
zAMM4-Z?LI<yUEey8y2|l>7UF^@*CPIr?AwkP1=M`d@0XsJ(LSGK7V?oYvmF7-I!5Z
z%lamTmBadh<<xv}1PS9Kc?DCGh<XvkV55~sxPgwImC~HNDsUrB9yA5m$N*DXfOR3<
z>QCS@Jz78#aKZ)6^f$L&HXJ$BT^o{llL2<946L1t$;J*nol&@@H71_gz?IaX%M84+
z80>C68uc2jp4xXH(Nb(i3g6hEZE`7%%lHnT<mUR}JE!Hzn3wOv!u5D7-NQNVX2XtB
z8|_?h^ZU)hAXu>5p?8@)t7?=TBbBNdd*^)kNWuf|E5El4j~~;f)a3HdKJ(B{|BLpg
zw!)$=s!flp@%&#IcDFHas!+Qpb$;xJg(Vdte=_)EyW7p7*yrUD)v`6Quk>z*s=E4)
zmv7!}on&c~ZZajE|I4CX97rsn2R^{qc6Ox$Yv<tolHS#FJ8NVNvTD#1+w5_621~#o
zq8FS2srO7S`9pUEYb#xnTI)f#B6`g^OP9oSWZZI%E$bQCn-Usm`)fqwo^J)89+%N^
zXoYCvzMmJ+QC=ggaW|#pCqImR59N@J@%s<s?0e>e6pD+~ER|N^=D|-oSe-kiyqN11
z>c<UTj}1{4%ip=#w!yZ0-#CX5IN7ydohFxBwe2|Cj$Ub~mVRbcprT$jQmeI{g>W=l
z`0uAlenJnxL$oCRE}GU>(YcS_XloIVgZAgwi7E+>DNBHPqxm3Ko6-EF&GyfEjzSCP
zYO-(aw{kFdmTqdJy$kiV!vg&Ky$d>Ju)DW*>cn8P!Dy0NyvbGH84cG1c;DL?t%uV>
zqBvV1rbyQUA6C5;FSWrw(pIV`V4NF4&tY%wlOo2?BHngdA&sMQZCVT{r=?Z!Cxg^e
zt!t$w&v!O-iV8A9RqEQf&eR{VGB_kUPJm~?(AOy+i)Ct@2C}2c5+%mo4D|2PnI5mX
z76csdmqnHd>!*M@$xh_&l$`-~47J34xQ~U^0&2W~PVxMQ(gDthpL*U@c<!szor(Hl
z=qYw#*vpSb0|nzf<U=i-n>X<%=lxBsVlL$6datOAS}Ee41Y}H`Mt;3+l3r~j_7GsB
z`<2n`fX!?nw&ya*J)J}3xUSPwyvrNnd-gn~2+b8R-igBh8fONZv47d*>XEE+n~Ycq
zTJ%1fo^IB2#C@nJeuP`xM1&*T4~E5zhEmNS?<h8C)Sbk1TO%1O+{yZv0yk9_V`_OH
z*SL)>FDcI4TqKNk=k6h8@SQR;l@Q1(KFbAd=+U|8Oylbn@oZ0QNFozq$t;HavAcPX
zk2s`((CH`X>>j$TC=;XiJyp!o<$M_fr_m3^2m`SiQQ~nV>qVJ#PUkm1E6tV}$Jt-o
zGztqAF_!mFAZzz~ol$mFc%)LaSWP%j%1J_m`Q<6bd(F{C6E)szse;5VfnsHnd+RhC
zg?Xl0OgXBXW0iS|pVBzrroX0t0<#u(pD$mBGOpLGMH9OIa#5L!r7qD*K^stk7g}1H
zGS4KL83`V58$lyaE)x7JloxVT=QR|G$yd8IFb(|OZ{>S{xuQ0ZUqb3|-xID*=G3BQ
z-jxC_rAQn0c4G~Lxg*e}ENU!Zf8(u$Fce9?fDDkgOm#+>1H`oqFuOx(5wjLAJ2XEg
zC+)*wIEkxN#0>Minz!?#H6Jl6<w(e1#o7_@dZe%6jTE@U18!OFMK0xt+Qyppa32x+
z1ggA4BoP6=ZjYwr7CveVo9*LU6_KP^Xq}p1DktAFv!zCt^mj*Hm7>{GtUAv)6rO9(
zGz0FwPf6~RsN)o3{MMB7gZ*rk_`LtIAI|8p0HSaP$b(z(zRUK1RdlYb!rRY-g3tRc
zOx!0Zv(b_zKbXS6fN_O)Pkaad7~^dF^*;;!^nxjCh`YD`s!G>yG8)NNEY%sthBM(F
z3`Pe=k8z-Zg&-NQ6bsj42ix8UQ<8xrI-Qv~GfrnZ{b6r-@@Q<svF5)ftC%O~`zaJ>
zK}^^En$^mHVrvG7M2BaH7Y$CCIcc=5eJRB;4IyJvM35cjnvdPI?_y^|>i;I6!#G#K
zH__UsyK3Ol!l<^?xnwCpx?YARyM3|xlEaQNkM!lI;;;Uz&j4{qZAs&F<D7MEf5oWv
zQ*}PEhFS5Fg<=(xj%ajJE%_{l`Y22&$&g6h+o-YmCFka}#pt44?Nh535pz_l8vJJq
zr8Jd!^RZa;Kq=7=@0}k?WhhPqglsBS8GcImA{65?#YLfAIlPg4aH?Q1Z@O*m)jl6M
zPk*^7Zk-RI%aJWa2e`7e&507!pP27!GUU99)1TAh``d)WI%5_)-?yR(LOB$5g6;ND
zdF72YzH`}?w#j=NeO3NBj_kT#4YgnfYzDnOxbloVn%-hJY)q1ET8h3Fd=w(syhORk
z?Lu-tl)?|Mn%T6iniOH5-E6@6yn6_d2CdLBf`Owc1;C^xq@SFZ9HqH>3OJ=j%I=H)
z5C?{LE*0+PKNF*#B3ZG=^1b=K$#-epa(BMd9$mm)9E(}A6PzYHy?!^F{l9CZLjz{a
z1SrGG3C2m0?h(VR42$Su@k^-m+80&KMf2`*Wd0EbqhVH9o>hH_=9dx#A$qy`6n58<
za=<A5tWVucEd)u6wo2T?r7+O7uR3xTiq;Q{QPRu*d%nWT+?xr?lbZf6js7xZ40A|3
zV6W0!N4XUeE`U|QhInVSUu28OoEYVDbL>{Hj-xXalc0(-qycVJSZwIX=Anh>hUpG+
z9CvT*BncvUT@W^NLkfc%e}F7U*i3yQcHy#|qZK?*q}9x!H_z}N1sD-S0p8jxE70qZ
ztOl!WJqz9ytwc(C#|m!9at;lL$`k0<`)+cyK$$$pa+;hEEKpoA80(aF*clUGLG?9E
z24-31qq?XbXcA`p!?5=cvK33rLSUH{J0v~O7FSE;)KInPC2w$?TF5ajMt#>X)x-d=
zs@?tsu(=AC=OhTI$C;UApTiI%`s!3fp(5m@52@6X{%WA|DDjOE?cEc+WPnH>He{LN
za)J^#-r0qT;SUe~fK$eJR@d;X0xi}()V_Hy$6ntz735nE{gBK=HUKmj5LZO~tVj|X
zELTM#Bj_Dr`jDrepnbiS#C*rekbK3c86j^TXt+oB`F$Zjt{O$woi2I%!W0n(T~U`N
zo^rOOI`8HB?B>*R;zhNRu|$gmu^jj9Wp81-%)NT@fO*mRpto1ii+sm)>}Da?Yb(!c
zd0j&<&-=ysWfPK-&C={cEA=e-f|3`sL_6gTw0S}6A(mC9FBQ$BIvF35|Hq7|j*$YF
z&`o?1u){gbz>w5>32GVIO`RIOKGt$r_H3`L<(iz1|5%uKaw2^%A${*xLnT5aJE&RY
z8tR~fe9-Uj5q3z(K<vP}PpL+e(LbeWEvL1h)WZ80McYS`M2?l*Ce$24`F-MoSnvH?
zb~2^Br)8TZxqO0vA|TnMYn&WmsJJ7XRseR%UP*FCnXFbT&bew8+gJ-lh_+kN2}E_F
zw?Qa#8H4qg^0$Pp+Gr+=a&)^inhNI}s(K~^<zKK+o1$x!W76-&ClbgnH{jHf)>2&=
znuVDeqj(xQN0xK@DG%Tje9oxED2)ZZ-|wO#=q%^!bmx~-%;(<PhQ^W()qDzY4<ihx
z+objppad;}Zo1mAO8dsy)uz79*E>kpYgcrE`dOE4#_Djxn#^OAn`5`UX=Sm>Z){~Q
z2;3bohO?qRUW3g1*1G<7LsJGjXCXWo@RR6Q$CPQ=p`IO{{tNx==YGeT89UvZ9G_>@
zss?3+6vIE)nPoPbM6k^UBtdGcEElHFQ-Uu&jb&urG3P3pKxmiwF6vO4psq1l=Z*H=
zQYlke)p2!^?Mr8e@j#gC0K8r8Dyg>ZO3c~gvd}UkcfGBa!RFHtyz7aKe6@o2@gPT+
zYN0>_3CHu(pL(ZBu60wLOT)H<PP3qFqVi6sj`hoq$ra6_OrtNGkIb%%Yf-+)$N1#c
z4G`-P#?C{_=eEUcgD;b<5MS3xrv<J2s9tE<S&{xr^Ej77p|1P1I<zH8t;{B2?Lfzj
z%<~n6_i=1-N#V~!`S6aGh^E!z%b?&&gaY62gx7Pj_1i&3Z9JOVcDbPE?}{L}-3=2a
za=n7C?#0MtrkM}SxXAGGOG<o(@@v4M5bqP-`9#nUdc9F3&zUSAi31%X&UfW9tBfKX
z)+^?tNsOT0=NL}H%##fmml6h__CIeR4ZfX(8g30!Y8!?p{0llMC|@T&%4Pq6mQjt6
zk?^8s<hTWJ;PuBb&aUEef+lss$Ev8-v-rQUi04MAr8=~%^G4>glredfKO4ebENf1x
zXpGMv)}kN2=!*rcLf%(o9z!}`>64-s`CWeSr8$IG7ReR|1gPLx7Rq<2*#_}#?Di!7
z8K3)gsz|1RD_iEdh6P79M&!V3k}xr*e%(E0V76ngDNAA$`Ph`82ebF#q?fJWM@njD
zE^A~q{Jw)Y22y}f=s`?Io~|Shi%|5!bBeKb893_9_(z5qp&;1*dFEyK+_O#3WA!hO
zuk(oiDzE#%2DvLvUTQ=mp(s|CAok~er%dwjv_CDs3N#I*@pv2I0jz$E$uJy;-p+uL
zrG|fqXN0146n@nC2wqyY1UbhvNsm7xXQ=1q$5oE8uSfx=njMS_xX%!Gh4>uT^qXb?
zFOQY&{5NY@ZEq#;uItx~uDjQ`+MmYv;u=n^?*a<Y%sI}FYW*~SHkBPzG`3iAXr!M_
z8P?c5e{OqA*RP)ZbE@9J-JphC!eg~rJ5>3yM%}o-uV0hi=@Yzum&&{XMX#z)8{qjn
z0EX&*r{CJ1Cl1T?V9}jyAsO=J3D?d2r0uVS&mnGpJ+}ItO88}Z_RjG>(7NQ6TI>zO
z#mze_Ui%HsvpUX-dWr^{yDi<WTJ)|{<Gb`AD;M){To?vgU}PLwp@7J9qYsqtc|pC)
z#xJF-cl^VO+C+_l&-UWooz+EswvTh6&tZrlrs73{2U^+_4^iCe_pbIcZH}UIcGuge
z#TANEKg)~fk=I6-WrnsJub9;~L8qwKlTFhVKkuVW>w*W5y=3)OlS!01yBE_W-Mdng
zyZ9;r^S|mh{kacDyS8%tdi8Mi@XvwFUEbt|g`4kgl<Ts|W=-3HUA>v@Q=YExq{j0;
z<Ki+sy7yYA>wH6Fr%R2`BmZVStKYM7+j)dt^=RiCYTI^=%iUUqexuzc>riFOmAY$p
z?r$i)x{i$%kIBvlTmpK{PT|V6Jj2<t@7=vQbDJ<VIVPZ%>x2QuS;l22<CB5_biXH@
zTQBh7U*9pB?bY202(W`5)k>22joG&SMq6z*iMO8NShBP2>?eJUm&f@=mh)*ag}4sa
zgN}KNf${O-YS+3q7<FwiJl^6buKgLA#iCCSBV02L<K!wlZnbAy-^$2lWiga+y;Rpz
z86pBxN3v1td}@P$tPOS(79#1AS-BSe9E3#H_0C3h!|Rxb?;)Nzj(7%N%Gkh;2v$~W
zBHk49pz2bY>o>F5=gs~b(oL!e6Q8fYU}`-#jMiHb9e;nQT0Y%T7(1=e@e+=?ug6es
zXDY-#Ty9>tDMuo-9wp-j9a>Hba~tp(8GV*4m&I2PD+nv=TN`^eiH02=rF8a3m2GtF
zVUz8Y0`v(n^r^nlotAl`l5@QvuJY`DSY22#UH^PMB})ov23z{B;#!s1RYRHi*Ddd6
zk3WrUjsjsMh>f*_^$b?ERN4c_Ektl^=_}Ns6^xAqE(tbduMz||kxIelCsWGG$zx=C
zY<u`^)mO5o8*7G)nXBc<<oR|K4am9HD>cgl)<mXu1g@1)iAf#EL_c-y0ddp$lB1n!
zEHYb&9drj+A`URULRA5b*q3ibykxari#Bzy&cu3FqX<M4Ih<avXwQ4lI_PjgS-I}#
zV{_|TKdm(rbw0MuMj5Z@RB`#DPU5>-r?YzGiMrOiipnnQ_4=hG2JRVw-`!uJm&$?$
z7d)N?j2f*fuPdha8xL|`j+#+&f=`H6tB6}7Ug5zRiW7I~_T@g8yN63ZD{4j6kRM4Z
zIQDyF&N}RP<{KHZ?8*p(m$qIJN-{H|i22ulN1NN&V;mG?Et`w=+WJUFtUE3za!l%3
ze<bGDc`dh1=pH5b^T6)a-weH*qqI39>Bz>#yfxe{k<ie7b|vC?WP6@k-7p*^@lD8d
zesNfMTEkskVPARMj<~2(jy|h>R48v$+C{I=opIc3GKeCfRph-Nu(I~OZ@CM)$gl`p
zU05~Ie`J2XCBxIowGbrw;`6hCG1b^9>8v_T6s<be#l!1n0dy9i&@~yI=J=~)|HaAW
z!#+>C;Gu6@(XmL|-uxHqCxWV`)I2L_KoQhm+icb9?UA3uXJz^>crnw;Mtfl?Z+`Xr
zp?vbmK$Kfz&r;i>bi+6l1<Z76hZICb@_0y~f-(BOe(b1V-GU-?jh`%$_Ke3$J(0f4
zh>OyxT2^ktw}06;ZFs%wx#QJgfq_WC=vSue%CQ#cn3xz+^Mu3Lw(5O)2d`1b>>uyD
zG!{m+S#8*B9Wqd2Ya5)uf|s*MsYI)DObG)sCjiKl!9~{NtPh!&oc5O1oX<(WQw;78
z$8A`H{lBA;2<y^9#1Akkus-}zC+(RJ_Lw53sNebBP!Jos2iJf{kWNC2qM*_SLZ>?R
z$#r@C{&7w4hI&@jLlM@ZBkBSC^Yy6F&ewL7;E4tCX2ONa))Hmctb%;>x<rHO=wMEs
zP>2Ibw>!${$Bo(4J<Ln_Og)R$vdOwz<H6Nv&_&bAUpHAhy&JHVsa&LaTEg74hPfiP
zJo}}itlZ`^?<HfSEmVxC{+MIb##61>F6w7U{c@mubz|7!sZ_slCTabTd7Ziw_rpHU
zWgyYV6}!d_li#a&E3G{=t6i?`nN!~F9lkg8P%faKyT~(_Vo0%CxrQM#_mx;h5`fE`
zpZY_643>HzTc$$AvUxIJ>vWQ=PYD{>q6r7aMhn$K34l>n!_jabrYhP{qVjZB$$pn^
z9K4LV8(s5?z)s(>N*EH^l>9EG!q?oN5n|ovub7W>Qgj?Dv3%pozT&?NT0RJF=jT17
zc|PyRht60D8fFVT`;~X!KNvA@91AgL6IsqGa4qu;Ff=~NaF+U}lCniMMQpP7^DIm@
zWUs%0+U`61UC+uIHO*eld9`S$*|Bl8cas+_af%v+w+Z1<;H<OAT5joGCC6pk&ck7$
zqUsZOK{G>vlhu=CGnSKl-fiP)w>dUHD;$I)Xay0!wYwhBtfUJ(*p|gNKGojq8zl>B
z+x>ZgCa=8B4lM0awLy>D>>9mnyG9Qh6sjjk*cVc?4HOv48;qm5RvQI;DtvZw<)5eB
zHZ8MXuR#^I5BQ@<^)c3VHAHqV6%{0neM#0?M(m<4D5hQ&QAApY2RP$Y!P?L**UZcf
z8&r;!leYJybLR2f`;y*!yeHN>TL`CdKDS%15*nGZ#jW3Wele14sCxh>huoTZ;Yw<h
z+!9?C{6aPc5kDb*g4nZdluEY4_IZR~PTKUa%ey<fBSqnyP!*~{_t~=sq6o~GdCtXM
zL+bae<pmBCoNmM?rfr)lwnZi8%RYA+D3;MNW83>s+zENT)C|6iX0DZ8;rGc4VrQ{d
z<`I^a)8hZm9O?ZAj`wS2EmI=Qk7pYovO_Fh?QRz0J2t;wbzTtoSW&Luwc(6ghWPbA
zuA5ylI6eDGherM?!q9_%@!hkD8h)P#->0^1+JUu0-*!ZoU<*!dW&-+*yq-e&yWfut
zCn;(zfbC06oawauUW>pH^-{Po27A5MXdp`?n(`3GxwI;f`;&J;T^db<u}*@H1h*I_
zXlqZQo#}vnw5++41O+Y0=l&CO15}dKq|u}9%%x#kSs%N6dQjG~nxyFXO^C(fRum3p
zvXO);2CrC`S%?YhkO>f))fi<zlIqW#0}hdvzEqLEzT<URim=fgM6gQqxv5^s<!E%M
zk18iCA%qit%Fhpw`5p*;K=kLAuig@6>5deJ41kJGL{CdPtzx-H2(7ztvXiA{<qL@n
zg@irj!4fZ0r_azp%d-s8fn^RGJ+USzx%_tHgsVkYgGGbCKXd9kMOWwX2He!`z2N$#
zIGomv&hhhyslzi)dW6+Gan6-&Qf)h@s<CCm!Ole*R6B#Jd@G^fD+!AWoxSX30VWF#
zhPkhv3tGI6Pt&fsvYIqel?~{6SFqYH8=TgWW1$a_*mNfIGs`|6#626KT$e1LM<>Br
z!8yV2GQM5QS$b`~jSI51u|;gFd28FQcM%iyet!<kdGFWt>p^5bE79D~TxB>z<t0^h
zHlw7qF?uiDW&B&;pL>!wOw1IBOe3<gY^+v-S91q54YMCsRLUOrg6<wQCzr3F%4g$t
z?qxm)JISl9Ey_@6)g!aEu6q}Wz%99rP<aib!lqRdgJ<CDL)V}FLJo$SdAlc0uanrp
z3eDFR@fAO?_31!Eqi)gTo+Zr)oM%J>P++xj)yam@H*L&)S=?@EA-D3VktBU#wQ)TC
z1&Xj@C>Ss^D2{)(=1?iVAeq`MM?8Z2Oq3I40AIoW3uhn+E{CxNXzo*PCHnw{uU371
z>sOhlT4$qDOkA|6QL~r3?-7r%zB^lX9qI-lvmHV^pU>4@xYJo|^BhatNl`kxaoF2e
z5(_$u<87KI5Eoz1wHyIo&`1BiORmza`+1AeR(WBJ^NiTJ?_~=bY>$r{+`y|9?+gE`
z&C@VW7wZp4caOWuT<zwp1&LW?^eUv+C;o5Z53<1k97lR9Mi&tFyQ3Fs*Z<w*j=B34
zi$ZkTB!IQlPEfX2;P7TbOpaC5!&2d^f>mNOZn?~-oktwz4oYw{Oy9H19r{w5D0*p&
z0FXO1Xv+sjv4Xq|sB)t@@13+&Ji=@_5qMdqszNYm84%_ZDPSjP>n(+&jHUtLfdzJ_
z#3D9p{pKnoU=wyBCqhE7KiLOTzVdcLkiMr*aZTLWrR5NU1<hZ74elKp6#n6%Q(i3B
zGzO75Rzo6)i;^E$-dE?%!VPf&_qH$t&lstG-;MA8wmzFOwP4}3R*LG>ct<%iz}5Lp
zllgaoA7AmnhU;2Qqc}PCmKqft^Z~CGF6{#=J4`k^hxr4L!{txnUH<0VFbzouq*9Zk
zn<>pZH1p=Q?Cg61=MmyijQ5KK@AFN(%}WlU*Lk;QW3g3fCc9HDAjNW#M)O1hVLXrr
z>euC#DCY(BI=k4g4`tM@9|&$DEgDbT`C4zNFeahyGc)3ND_5(pZ`s7(JXbi$)hFOH
zKYr&>V#b^Fx*_2Ds^hghwrituj_dVDaKj?L>NP`dtx<wVHpFWC%h-w<ziHipb<-Dp
zk5FBo{{2QMIC;5<$s;|=@~GYgrWYE+Z?yR`PwBO(E@%;Aqi=YMhf<sWF?2F4isP`P
z4O-H#Z2fp)wp_T)Ts!ST1dVB0GmBD=Zus;xG<P@PWert>!kVuc5j9GwJz}~pEr%?B
z6mTo+*lp%qS+66lMG{r07A@*pLaXxVTIYKfX*0MXPXEaJCz;H>S<Y{st?dk%b5&b`
z(6-KOyoNQfXnD_pM?o(FuLJuhw$T1Q`1=+_RX2I`h7+A+&(h_@>q+-$J|^f_%&n<#
z2+230&iZW>llA*ZRJL8Tlf=o*(qaWJi(uv&TdQ@;`;BMG)O3`lc!jJI9$x6g=DG>`
z+C8}AB(cg!xv?oR+0c{m8AnC_^d0D-;WIo@*|W`K_<m*g0Y#5eXyhW(a-mmxJ*-VV
zs%~om%n+VUE%rTY(Q_WIuQz)U1^u%J=(t@~F*D(8hSI9IGb>`<6J}39W9ENc+72xk
z&ljtOOTjb+7@n(9qm&z?&wBP0URRVxgiI0cXk<Y#R(_$(iF+c^-hQ1<p5o-8L~BGf
z6_$nm->9}WL&NH{t{LDBPR?9Rn)QX`O|A9A6K{|vC@?_67-YJCgO)lR0)_X-${@tc
zNeB7CY;{ntse1j^YwW0l9abzV0pDEAUhhy6`b~3^&JikDh2H7jGc~Jyw_h0=x-Da~
z^XnCg@aduJ_3|AsU5hBru1=JQ7YZAK-sGguCr8yCn^m2jLzGSv6bDck@;nNCweA|A
z$m`NJ#R0883qDCd&kb&vn!P*fxPHxUQqN+MBVuhk6SCMzUmaMAt=gbaPLuv@HN5(=
zELeNG;4?JgvHU*O#GIT1y#ZF?uescKhRQwm_SpMz*^KG+Bk$oe3CH(7D=4pe$7-<6
zVLNK3?mEjD&E$K#CECT~o4E0qmC3h5!#4Nuvo3u;Q9HU{)0tD2RU16r(Sr8nQ6#UP
z&qp5Fwf7lbt$<xbuU^S6^TUoCax0G;%eE6U8K`(sWK;Awz0LW09hCq6MTd=T#jxt3
z{q;e{uDb60so3YP$EjRSYirT>lIU&&Pp-ao_@co|@S4?Ymfp`+?lbe#iz-?2fp4JC
z_DZ_VibuZn(_>Ygo%f#f^H91Tbqi{v)8?~>S3cxnD*BIEmER5Yt~6QSkgBkKi0O48
z-MS~V`)*l=xwc8qG1sTdG_>Q*uFJAYz##xt;NZ{lDw%Ic$K6f#(v<YzQh|Qg5DmM1
zYt*^?El>!LyrN_2#3|L~Ay`eQ`AOP1XZ2Ydk}_-k;Un8lB>^bqG;Q$%@nR@KI_vIz
zG;WFYuRUO2%XN^f-zn2=U9Z^$pZMKYzDrsd#I16Ag6|Y%+3KR2#sb1^6k7uc);(7|
zIa{FIh^bfk9T<YzaK67ypJ{!z=O57MEi-Dmm{iw-T}Na-BZHr~s9>C8B0}OKjXXgF
zTYvNxidC_J#z#A*lz!&0^&{1j5x`-+X6?NRfW9#C6Fs#Jf7AM(XcR<06VAI630uM9
zjRGT2Bq!x8mNXby!RQ+WLJ_yjb}c<<pJKf3X9OiR9&?_4s@{kOW=^6a%@o;~a&0Q4
zgR9^^EGAzSi40bRbs;;yVa=i_Gl}SnscbY!HcxbwS`m2fyS*Mg)U870)CFdb_U#0I
z0(g0AnLX*gV8uR_!xxp-PV|0}HZLu&%9+4P8`~lKX|AXfQS`YKc8x)^y-y;BB!3qT
zJpq>h*@An~7omDbO9n{n5)#t^<!xLoMJ2K+8>97QW_0e&p>Tb9z;x{a=9f$7=y{Ij
zak1+EEL2IhB`QZ|i%rp+EA2!BeG4x`C-jhAbODDYKmlT?Hb81iOY5Oya~^iaOEJA}
zQ;WavZSYv!4h8Z_U(GqY{Tbj`+P01PJuHm4BUVOBvI3$pzK^-oizWin0hWPd^6ljV
z;B@Jsu{=FUos0>$E=|#m=j%(eVCv#tLD)X5d;?5m%EsPFTDiZ|7=;QH@B8`eG{qCq
zJT6$B^8=Z}hzxIxv_!l-f#tj&NFKS{I^Z?b1y$=t>O2#s`<6TPT#9$Sz;!8o&7VP~
zQtk85DI3v|gRwcdkVA|^Dmvo~u`7cHhM_`<uTbcrp`HRz@u!*r3s?#ldYQGLuS&jc
z7`{V>NhydPM>$m(c~0^tj2LM4oq5?lBgcI9Paaj#Ok&8LJHfC0>cCgeTkVe}L&6Rl
zjn@yyv~#K_c2{NJ7d4&qzc%jl;4*6MnT0zE2t?OiCo^eV?heW;>N)(XQK8>LjlY5C
z*qiFv!J=+S!_c)R7q=Zsa22bn)HT)OifdAPt#$d$aVtDQBcH&HiX8W!{Q2G2ziEpf
z#-6EeHwwQ&ewTR{_%#gjB_@km+}P^v15Sqx{m75~Elpf*!Q4tUW6Awwsm5HV${adY
zBQwO~7o+-b*Jke*3n|~I7}8ert31j@Q<`;C@V(yK2xCKHnc<UFT%MdIt*rFG?J^$M
zJxd;jXFathqu1ZOT~1{(gEZ?*kqDrLqU>bz_m)d$e%>wX<qj8&0}@MUJ`5&9Io)XA
z@V}eW$ELy3M^Wh=TOra)Uxix}u368feQX)Hr4Au01?DR2C1l|hpJ4!QCI^wHV#yfG
z-2evy(eJoj(M~}a+5j*L>IIFi8`2q)bg9n(l1YO{E$kHNr?NomCn?r**l)$77B&|s
z286T76Mg4PxiP&t>o{1u<U~Q=3n{>b%9bnI+rp~K*+S+a93T<$hxcdw(;g!S9snDF
zwX9Qn<P0#Hosz2xk;SUWdWRSO(#JgPBd9i<8IkYHHEU)Li+43(iQ)?>fJ5>g2si(u
zVU&sN3;M(PTslHYVIrj>6Iq+}36ps|jXw-gvI{IFk!%JJoc-{62}>TVHSRm8feg@S
znu!}xKwDla?XE)rQZ<taJWPL6Bb^rMYOB@u(EI`Tt|~muC;s}0J8l?{(DP>tKewgD
z58#*nw*i{9AQ~0<Hcu>fPjkur#HRFqgmQ>}VHc~@)teHZ*&pLFK`Afx#!B5&K<YC-
z^wvJJxz@MW)Ah%wylw=>@MJ%&)=vj{JC*NZID3-1PxDuxZ?Q<%IX(m7Ptj}arTOy6
ztw~9Y@96FR6NUDwfJ<q72=d6qKd60wh>b8@z(>LS8@5JMP=}Swk|S5FCNHbym!nqL
zZ`m7Bir0!U4cQ~ARuu*WNc&s>^VE3?zBPj)Y28^|*DAQZN{yTW3(230%^>`=Y)Fq}
z60lTj5+REu@fa+BRtC)Vw&e2`W;Jgj&_UsgNycrG2*qiRy!%`wFp1p#_){fC;nhGn
z5?NHyFEIxFX^Vvl1I;n@SsK4|(Wwj-!elTz{sAto{Rb><;y0eh7h>yNX@E&}i#k(K
zjmyNa0KP7-mfkBS5Foxk+d%&1Q%|cU2=K`uEKCAimZ$&te3%}~SP8%Mj;9n$nfS<G
zLidwgj=Xn>)mE*D&n2qvOFrK+U)7H1!@@WN?h;~~Q>SVt-ez7<Yrkojo%#8SZl?=u
z#6|l_ag=wN|4>uD0lQ?nW@oH;V^{AE!yRWiebZB6h#j3$$>&b^godGAu_PRN^``@Q
zd0}CC7S}Vb)#4b`ibQ^oGCykEmg&-`_%{RMEs+FuImN&rV$$*63XKna$7x@NKgwq0
zIE*WWZ^$J4-!0D^4{)-12zsR4=_VCqktKE8i;4eQaDn}fAmTxs`x$0o?(b3z0i-bS
zh-|lhtV}piO4}8C@ATe1>5Mk-Dxxdp)#EDLP3Wy%u>nt2MAA`fycucN<Sw_$=wx<>
zD;OKHpzsZI=tj=Z+%M>mg<A-_MCvWjriXhDMJUK$8%2j>ESF>gN!G9xkb_K1xD_VB
zEo8WvBCScM{F<<X->+3-x}G6yC@_x31T*EIRn1-43Mhx^a2c6p%vm3A{y?;%t$G{*
zYth3Rn@em3Uq9_JU-i8R)&Ox@s7iO6cZKiE)BLwEyO2Mxmr#3*r_#&u78;R&O4ajz
z&d0>FbjEqgo4*+)mfP%M&Qs(k-js5#8&ZtTl!K|wMDH(IMt;e^D_m<|8J9UYIG;lN
zcaUi3K(vQz-eZ2Dew{i_PVw1pS&)a{)YB>o|L+Ee=oi7UB@XeaU=v}Nwz1?}4WOv^
zyocY;I;&afkL;)1e>Bz_W}Yv@H;HPIIp#$*Kls7-YFHVcw3;a1rZg?DeZnjXv-c`}
zI4PU&G#y=+>x5!fGI}ulrUd)H{{^t*U+bxvgyjg+G^3K|aQ1CO3(N&818IjK5id#7
zG9PEy0t1X@bL`-#$r_JRWLTa6zh{^Ze;F3&+JXZVd0dAo3lJDA&GYBQ!icO>Zz-s?
za+LZ{ySDfV&G((E3tLsV7neTePlN6kTPa$u{jJ3Da@H*1mquUwnVs_14~lu&ifxPJ
zh3D&ez4O;i9G<+dp!(@&5q9pFl%|+EnRdexD~=Bb(m?x#Y|>8Zt_<elEKq07VR9s>
zhtp@UQ2WAeI?yHjKL24)F2ZUU=cKNS9pSGH_Qho6y_c+6oN;Flx)2)6A-<UJWRr0@
z&3~TZ@4o{0dLl>ubP|)nS<iJ=ch!qZ_r-YFDYWs!40-H#Xh*krCYxZ<xOdaoIVMM3
zAmj$<Sys5o030|5<T82YPttEF2!Ny)#{T^ENyK;|1d@yZ9f)dH{aBv9DtF3B90Jkh
z8H0Z@d?k*W^x|jZ39u=#BD%qTHhDFyxVNDTXelL35$V0rA6e|;9oE2H;#+R?@ZEeS
ze-1({o7SFlyktC9fZ_=fGF;Mo7;E!IcoEg86{S*uO%pf+`#fvMTt&#&?P1`+9pYU^
zAX}}e(QfY@fj(R+QS0sdnB;sUiPyxVX5JoWrzV#1GF#SF=ZyzKef_ZpTG)(B<$y-x
z^Yozc*w->@w)O=hft_|nknaov6h2~!fKGI{2xD`%nDEHVzodHmtZ$|=wBfGdbjo;O
zZz6h3-rWCQlP^IBvB-Y)_=ENO%J-We;3}huwaFCD|E%*&e`-f|ZMX&+`GC59*;Zb+
zO@UeV3AGxCpt5lI|8R9yL2*UhwnhR3ch`hq!3nMbf)fbA9RfjuG_H-iLvVL@ZM1QB
z2riAgYh%sfuXFCLd+yVI+qG*|tv%;hYm9F~I^jq{dfwJovr<Q0pR6#w#-mQm%T>E(
zGY&JS|J319RQ8aajApDr|4=%T!dQk{WbN%~Yg1`GOc0B&MG!elGi!v%h@SUoCjY>X
zOzmv1Mzu%gs|#0)$U%2C=?B{KQl&IX5oBVVhyT}orhEJI!&f~^qu+oY`!7fCsjZBi
zCKl6vE{XYvaF=jSXyxkFqvH$|k>$T1EZR#)4{1Oas10Q-i8Dno6>M~@E*}Um9&5Z|
z0R>VvIc`$oXbv=Ch;D@<?UC!cxI~F{0?Tz9xY%!9*}?rp4%PDzQZR1Oy@)#@BeZHd
z3ueYSt?2_g?p2CsP_7dfWCm{LNi}(|395f|ADJ%hPkZqw_M!PmP??p;&CuZCaJwk0
zz}P(6U#__fI5A8({~L)1ahl0GJlD5I$&<KOqn0TYt;o_N(j9q9J~-b`J?9#5aZuS2
z8lwnxR9=UKooC)C$*wQ)Q~#jrSA6>8bN)@*^IdG`R>c>}Pw*EMU2t>ZG??wdmWVkl
ziudB9x+m;(pTX}Lr>h005Trhn0B9?ar&fLryp~~fb&oSroW$i(pdD+u5;}|2S@d8V
z%D<E4TCV|U)PZ_=zTyf2mU|t)O04*bUT)mruumb_IfD}v!WI2gG7a)*;a7B=mr*{I
z{L1`93YYl#lL&VaS_VCUrUAa|C+niABL<2u`42Qo*`c{CJgQ>noZ+HJqY3}&k6V~J
ziwz~d9}{VD3KfvPiERkgFh{lFe4%z$@rT9HFtnK}YjVe~%U!xn2Tbh_p##91s-oi`
zsFdQw>!V8FnQz^WyISBT={0pgv2JK>sY!J(;I3Xhpjal4)xm%$rZeIJ+Lx$d90rJN
zb0G}*;(iV?<SwJT-nh+>QR28ws@Q+|Rr8Tw(_Bub+Q&F|-!&R7=?rj&NM!f9Rp_42
z6Q{Y6M(6uuRv`EsuzNL@cn=zpsJ2+JQ1^<Y>T&QEi<Q>4rF$_xaTqsTmd5enh4>-w
zyrUGhDM@rG6Im#`s`S3m4gCv?{7Jd$Sytc!c28nbri1hmy6+0TS3?(Ro8bF>0~-rt
zz5^Xe2y8$!e-yr4eox==ZPDLMuR;sRuZFShr<>#NZ)_t^fC_T$&jHsr3!T1-V$D;p
zc)%~weUhEq&(*PjzN(O~Bo8-Vi#q4nZ#v93aSbW<F=Vp`6SmA;;s8<ZSx+L@d|bKg
zcOSuYh*=9>SCw)D-@m$s0i<o9#C?-IJu=VX)Ls1h?)dA`=R2^wiPb3Bx)j)5_?l(M
zef|FB<@suyln}J)fX>>PV;ci^WmEac7_CS)_0QP#L{^-_!2t=eN1WDWSTq2xiN9F4
z02SC`rtUJV$b#`H1kR%lnWGfGFg=xA-RlUSDxR6I5+JN*o2oYIkQ7pSr4oY1!I>v_
zx2#4KRh_*%=KIU;M`=$P{lps8q?rOlRxWM18>}I)i(pq|)9*pG$5gEpPqoo6gT+cT
zDkwhEy^8i_y#VIst}oQgPNgkVam~66NBj??h(1)nuh%E2))Se-ezwPzUmn*Zfe^Df
ze2R)LC8DkQfhQpN_!oJ&c|I)><IpG_%8+Wxt>ngv)lV;fm-iaUH<(S^#?z8QWs+e-
zbKSWl#T9Il@MdQpAt^?T#fELX;79=Or{vw0-&#?C=?+~WEx}9m2x$4i5o-3a@-za#
za|Dp%K6~0C|AGIg`_hYG1%hI2r@$r>A9Z=|d-;mtYg2aCO~+<CBgG$A;E8D^o5XMU
z><gcCy}D?&F|pI#4xa3MW;-Xs2axt>y10Q6LN+zK0vi#^radBo>>i~1L$Y&Itv&y=
z+dE13k3d;Z>Gl(g^wf<wL|*+*LXkgz-70U-^4&<ZXT)4@@v9{&U0-+erRTh)GSr@k
zLj1B=ARbOfXO3kN_pSmEJaM?e_gF10+{j&^(GGc^*_gL?+<>we1O;dL!UthV8SZC-
zzNg6m-0H_GC0(DFwO&5NpnV-uNF?P;#LM{mT`|BTzy8R>{GvTheLajVTFA$nYevoW
z*)ClSrGsj^*X%;1kB{>Bdi~WH+!5i$b=cO~Um%9E<)t~yclozn4AJ8;oup;$43KR}
z$sG95me={>J$%Ra=|G@Rph@E;HzZ_vz8AG%{<x*6?YnzxziUcNOLnuadle@yk6Ehk
zEz8~mpAlF+X+JH-kuZEa!zwFobLUHt6y97L@Ma;q^Uumku2;Wb9P$XCZ-xNJ6=qTi
z)3(rRFGsxsFygDGyhfzsL7>M#^u4PX@QX`xr?Hz6ke2Y0w)zAX{lY4ZP7%a%Y5L%T
zuUC8=^inSa*D|VrEl02I>J;dMug4J)&qcEOGoHUjLsYuim1Qj#{vapwO|<OoBL7Iq
z_?yp*HZOQ!Z&db;n+=0sFdZ|}=`%Ty^B+SL+q9;EaMo1@F9OsYr(B%+z3JuSoWTJ_
z;<gFL=WJEFs~rmpRXFDyM+T}C47E6AoxX0(3I+d?;UJS2ioh-qvXHs+EHVf!U|k%k
za6|lZDl&-zPQ1S$Bq(Z&06G21-gP9T2of`nuQ1f1@sLY|X1`WpdPD82+sk<~5wTp1
zc?S2O_!VsACk%U-kWeYMI&$#cX`Fs9{P}xSOH1SxO|tC=x>i)9H;Jm0a@im4N)z@?
zB^ox*bGjXWcDaMQJM{gPV)gSdkK-IPSWtGE5^UMZ4o+-p1753-i$0iTMD%xoLaTZ}
zc>1AaTZntQwA!~HWd$zZ(Wqbk^r8L!o2iLe*`1<G;|^p_`~5{mKOw*K(CQp;Yi{)Q
zWjw`S?drhW3H(6^lkiEGX}y}IX;^ow?Y&)&U--fKFPr6p)n3qbKW6S{(tSlvq}OG}
zd%k<ejkY9vwM2mWF|apmM3Sn=I1Z2iN2d9?%vxxZ-0Ytc9VF6m9YYH2CEFYQ*!579
zAt5S@G6YiX1ub#`L#iw8#`(rCYB|pUY1E7mup2UCNhriQ@kM`2D6(`B(l)^7gtYv0
z1_+(+Gu&D61E(DHgC0dzAPK*ev2J@oVm>?P6`gOA&NK9qZm)4`Ut7K-@*4b5^gYUP
zM@nG8$v(@tLSr}mktCb_Jp?bz?ft9AfV&~k5&Kc3ksNru(&3H$pjYU9;n|{PND5iC
z`dG*T2lld6dEE|y?JaHhl&wR^K&uNzdtI&v*!1o(3tl6xxG9}+sLH>vSl?fRM#2oX
z+`*-Ew;<>b&@KhY7xAO5ifCN7NmvFvsHDBBi}lkyBRioApEH83`!@nNIDvy7fju?x
znxrhq8QgQ-nz6$OMHjg{GN`k>*X`1IM?2cPfJsY2!6C-JVaLoi8ckXcIXq>sCT5Y|
z0|y6~w91GoG#dD&_~wFDyWDo)UGsrRjH17t87O4Hc%}c&rtR%R1Hez@?v~b}sd$hv
zjhjs>yH-jAH)0Ko)%V7BoWHgLkE-<rT+_w#2^kOm#!Kk6eJ*XLkMLtXgdS2Jx!iWl
z@O(W`G)wab6P3b`2h7xel<O#p%*hDLirL&iq;k)s8j~U^xTxmNPI0C^NMpOk^b>|7
z>03uO`b(aWu8NrIhh1Biy!`@4gQdl@_>wOszbjqT#07T$Q38fN5Gm)uUp$Vjnp@8;
z-+sikDLl~BbBzN~@vf$LV{=_cxOH}BGAtL}a@3KS+V*_RCg5J+KicUgVk9)wc^Ie%
zhtcWdK4L=>Bn5K~c82KH>Y&pZrawqLEEcHWt6{KHv1{iE(4sNulw^;`<#t9is07Sh
z374odyqp3Ry1eV#bASrLkDwKxBzxNH+D3ZT%|gH=Erd<@Rx10YQWV3J#6Syt=m=oA
z14;X3_w;f=(J#i+5vYCsyab(`Q-S9)vW}}5W&=krriL_qtWM4gI*0csOW{``LdWN?
zqrhv7=}fxepnY`gM5tZ_@ERF4b#R}|-I>p-;?&z`mcH`Q(T3svK6?)0ae^4j{N$;8
z9R+tyX4UaP<b@*{F1!bV3ZF*+uC_b|1SU21hTuL^4&C<i>C?NnAtzu>P41h((Z&0J
zbXkUc{O8B3T84w*T&wcpEBCb0ty+XEoFl+A0rB=AQhui%GlND$CF)HCz3UGsjzHcd
zdYzEL1?6yWRw~D!+R}W%UJTZ-*j!(D-e^3`cX0n2P}PM$(tQl}jiT^H`AweC%VkCz
zUHDBm1<ZrXmCfZ-&dBoki@*^0NN$})+J7}BXN#IclGShFj|ds-oSH^~d`3w^0Qr6}
z-~iJR8@gR6s--vo0iuJ&*nt81&>k03$lo?y+bLpgu)FsOJV*vkfLWrp^z5J0r^;9e
z&94+oIj%Tnmj-DJX8xB2y<t>ZQEMJMH<~>jH!V4&njOTH_9Jowg|-Vd)u=IDEt?iz
zz0`IOIz&YM(VhV5x<WI)OSqj<{i8YR#&W!m@{raWVQ`qrDV`(~HAdQ3cS=Hy=6?kt
z=pc$nt`-S~)lyd5y0y(VgJtMG5!+NthI_jER@i*ScNbyc|ALV$I-|nX2!y+BI-=Y3
zAE`IJLQ#9LGt-Kv{n2zee7+<L(N90Kb`8kPzFSI+DWtTJniVDq67FOCXhhbJN)w=~
zXUV_<&jm-()?EU;JA>2oCI1>#(-k*q-;F@OgNPs0VInS$7;M*1*c`;Ijx#o>2EYZq
z!xy$gQSd%0#wDEU8El-iICmOPPS?iq{qCf)qsw|w#}1w|-B9-<P5>n5zc=3e04}?X
znvY+%cSozf9p~f60WP6H+AC+YNZvz6_J9f)?9D5*zIrBl%zT&ZD#7_MoaVq`Uu117
z)8NEvl6&z_;6r!Tc%XBnag8m8k5x|hnMs(qT;}RmAeel-R-*#LbhqFm=0{)Q88wDc
zds-+zozkm_!S3o^I60ovB*|WkMkd(kqD^w)Gx?uOjFJ3DL}^WU9SmY?nk(|ZN99-J
zb~El%FBkeo?j?NxPW9jHcN?X=m%cAje=I0P|Nqs#5DB`Ac3G*b?RUWE$qpcaTT!fy
z76_yuAi8smVr_Nce&k6Bb)(-z_tO#6SFCsMB7i66mo<VBd2dF{@!vQZwA4g2(Y#yD
zYjxl{j%*I%qm9D!H}OT*{3eZoZ;=~^3{M3~FKn+GB8ZAEEwDWQ7dK*r7mD0+q4CD|
zut2eAg#UPBXxwmwWq>>c8hJGMGKZS-R++3Rjk5Jszo04dRPJ@l0|x_waLq9f)_iA2
z$Q_a?bE5CGgkueXphoA<a!$0w7i7je1?@K~&R|5l^LW7A*3HcV<gEr)Co0n32d;ea
z)niT-&Kz!zg~DxB$l|7AJB6(@uD%~u`643M`iOW@rnH$zd;C$c8E$PPtiM=8JRCpg
zo-o@M4mqN8?`LcEXZ>glIJowih)go%kedzp>TTzDh-x=X5!F;2mYc}`sL$OrbTcII
z>cT`ZF?ev1qe=2J*x^G%zVzEm2F`IMN`tjIZYDuG>h*sNxh!mLHOM{9I7*iO@AbkP
z8%ziFf^cB3$joZEF;r$x<Ko@5$N|>)XGd;Fk!z5IXz`aNE8FTyP_Up^`v5NISM|lB
zsa(K~W%NSGqn>!l)f!hm<{op(@cS`D;shjo)IC=Y99c>sm)F*Mo#(Z4AAmv<t20i-
z1)_n&RkIo;7FQ0-C!&sF6e^1^$^z>A@KiUB!uc$DDkaiTMmRT|&~2h4f9Z#pt4cMC
zlIjIbW_6hma5<Oh0nO_&e-ZP=uIKoMBwVVX6&Em{ajhn|x2nZCcPy}vVLTpX{g!x`
zSo>!?o(OAA(Wm0-(%SiT@9yruaWmbj;V5DPJq+?<4ISFx!}PUn-P>u1)MHLp<4GRD
z%7e(}-Fq4o?k8k44Q_;%zsw(h3m*|iW1|+%ihK%;zWioLXFMFFY8Hhhm>|AIPAt+n
zG8p}n=#TMj9~y_RqdsDVWvs1(ky6zU;*B*FB%3fI+YF;<yswSf);aCAE8m_f&e{Pa
zQ`UN>DaYB-Ujn5GAkGLgEQ};Z7+PX3N<)VCAoi<8Qx#PU%{Rj4&PsA(SvnumGlI<3
z|Dw*6Bz*PsY<oF#?W})edaelUXV`2H##E2ZJS}%4)Yn{uH4MO^?*XJP4Ed#uy1Fa3
zc#`wEfmdOJr*R?Fwa&*2%>tIHlJS%d2i?4mdy3>d4hid9<&k?Qwtn76aJ10c^q=oq
zf2k}O;XvYpTr^&x61yU<Yc?R*9jM7`5G(r<Q9=bt$lfAtU-UM?ByU#Pvt_;P*lKMG
zJ4=PE87cJesgEX#`!^1nqXj%<2j2k8@~RHV$H%i|5+iEd`TCN%<=zoR#xuhP-odLB
z(J~EXn4>GH6hwds>O|1rAbv`>S%{mgr_!Q36@ywVWDM2i1{|N9R*R@1&B+`gk|0&*
zx`!}85t*N068*h=o=^nH=OSUHG}Gv}a3_?gqsMCMARI8lWVNCD@XZY;MAGM+&+aJ8
z?(O)-WD>L4iItCE-QSKT+$hxC_t6UDT~+p3cr>q<tc-u9O-1rENfTb&-)Ba#U3E=a
zQM`O)q~ZpntG_0`<&pR4ws3a*SH&6Uc=K`0V76;o&Ab|(8nwh~!MT=(UTI9hwPO_|
zi_x&rh$@}NL3`V>8Nd(Z_vJ!qTO`e_>AEM_KF|OW7}TVx@OK0zwcu)Wmgt(2&<i(t
zDfYWYkn7<<+Y%f9t1xSFW8PcG*Ze|AOd~pkg0*cXjHFOiUq5TxcG~o@`p3sdDHI3q
zhfzZ_TIooZ-S7VoF0?}%;d*}(RH%@=q#{FE*m7?_-bi~(dN&}dZ6-RHMLzgEPHwZn
z$eiVKg5oGreq~4huV|e7)Lip*RijGlLlkFm65QrHew%a~pk2V4E5yrXnbdr7)X<}q
z`@p|#20SM#d9oql?8MYr#`X)1Y|f`Yfb(dVUAJk>rJ+gQ5wdd|EG8a-@!7tsJA2By
zBqt@_VN@NgwETn>U3RO8AS$(rpw+L_WslDPL5-f8V6K<%9ElPC0l9iSQ)uC=`5G&c
zeG%Y{<=P=?^IGK!9t~CiS6vX;c0a-+bhCOJ1!sSg9Pd&2MaJq%6x-I+F6&tsqSXde
zq17O~bAYo{)c=>nT`T`X=t?iOjF-dX;usCQ@_WQ2(@6Ou4cbQ`AxiO+`eh<`#be#=
zN97S+H2_XisH%~DONRIQ4E3!;X^Ab0E##hmPjt$aqw96f=NmY-)f;0l`?;hE+@0lh
zC-8I!>ioR|vH|(LEKIKK$f0P5G%6guS92#l!9bY9w{BCbmUht^L%8QOQ4xJPK#SJ;
z$3Gi1GF7D^(;n=8)?#k+aJ9?pGNzU8a`3@Bz{RqKaN@kGk<IUSb%KObnP7!NN6cY3
zqETZhnRDAw3d54dn&a!s-E}tX-~7>WZ~zMCPnm_KWge@O=|QSSq4VbP^_R1V6H*a=
zZ=VHygq{76^rSMW>dwz9j$}RIIODeUM9`r93Q6+Vg&ePOs|i*qSJYKQ$8ny!F2wrN
zKzyYsc^5S%n|*l9pR8sMRa8TJ6S^`o-A9f7)k<LlZK9xPmM3Q}qFKkDqZ=CLav6p}
zrxJGZM;3M~&*4@j?1W4~o3X<w|MK=K+ogGD?aBj)Hs+eg+R$;IhbCbHDCs=G%b-de
zyZy?o3Qb>dQ)YK$<uo(qQK-SbSRA{7i<Hp{TrLUR^T#xnn)aV@EBeRBeY2IT;B+Z#
z6RY<>KfOg_I^U0fF1Px5e~*Z}oYW33f9G2>Wo2dMH5*G2?T25SF;SniEpqV_{EnmF
zgAY^|Pmabf@Ke<RRj$`8d*98L+sqC`x%9=!EQSf1ZpKPtH5NV6YqpB;@57H@#w?xA
z*nzCqe^m>;I;Zuh*TT{0torJ937`c~?dE7#BCX~zCb(O8dDR!~hx&9;ew4ixNK!H2
z2uZ&qV!$IJs^a)Z@m^JbgT<H*u2z!O7?s!MN(6(5%-7Uy&<$DldWa7nBLaDJVJU5{
z{B#BKCREd1Qf$_nyUoVaen%v+)Y8TX%kMEn8U31uvsDqw!^YTdmU0wK8RogF`6@}e
zu&QNF+_~Sc!}6P6m2+oGQH5C(0D5gP&azqg&|a*wnV4_6X~5v(wiY@+`HdL2K*5zw
zCvYJgxWLD|(q6p3ya0A7jR~l^_-Kx!^}h5qi1mkofzz~<%h9M(;~nMVrh;f0%99Ht
zhKvLAJW9|<10#@(nFDgCRSPNQdu5C#^T7y&`^+AM)A8?7yst|ScO9c(^EX@HrbK3k
zw$5Gvw=6$6eLaeI2?IgHL4|h06Fpj~FFM?_YceWvr^9B~w7tYIabN>8zd+K+2I~Fv
zV3qeU$yOs-L|GA?)RCaG#VFc|tER2=HO58jYt51`t-luL7RhJ0#wF~D+R@H?5yM1k
z#~Y^=Lvqd#EON7zHww-!v*vPLp~8vh>w}12wST9Q2~RK+cJXktNHQ{?BuxfMz9v)D
zDyjGAjAH8O^#{V~09K0StBnSxZ)AS6%3{4{lUbGI`|rs`Je;&!z-&})PxQL8{NodX
zhjwRjEw;MXCx|Y+n4OKq8rC4x5NZIxYxLOW%C7R$7u#Nwg+-rNQFCIiohaTqsNK+~
zWPfD{)TFKBn(?U%i9x%*lXheUzaB7)cw(yyZk#BhaBuI}YF}8yHL1IGT~P(;TVh)a
zuf0VI+v|=dZR*Lvo-LImuF)?q>BUbr3$-xPw!7qomHf$y+FX3BCe4mB1kcM{6zF#i
z1J(5LmM4w2?W(0FuuUwb%PNM@Zbkjc!E|0>&9v>yF8gWLlCth#&L!`4;{J*@yTEGj
zqyFq4<>xcayW_VY&h3NoT^{NFQqVp%pqGppNu{Q7Qp7Sw^s=FH@t>JVF@?<+Gm78a
z!Ls;yC<k>6`-{Df#EZf6(&=0_tsOgkwALJ4e_7Wb=^RgEutm+%b*!xOW|Z76?Rn9V
z<X6nn#qK#hZw{qqrnpzSWvBszl<uLJv(g*?(_!B6pjK$r&P<3t5%O9u{$Pp|wC)&V
zeni|!>-MU09B&R#V_FVWbwi(6#prui<>b<|!paBvWu;kNd(ADA2^?V(Jr{*R@kQ^W
z6H-T(%(G2oD7_k9jx-lmB(cXY-R~Q|C}EG#h+~U!z6<)m|89|n!cRL0FHojIrm9UP
z<(uc$y9%oyb_xRYAJ>@peprmtVjLkO;q+!C7T2E%G?`i1(Z18TL}7Kkhcno#hv5=&
z;C~O}OD+C^0*!E|`uzn(=VnVc%xb=}$<V+vvoWu6LA0r|hqK+;Z8jZZ{XHPPpdT4s
z{9Bj!)JHcqJT;QE8$|P#Ej63Xp@6NcMcToo95Z_6OU54<ozr+m|AtuaBGUJf*44Z=
z<Zr{3O#SplJ$h{$&+q6HWTff9g*0keQAe+pIthuL_I6zIK3zYAngFvaL4|(|U$8pX
zm9!Y)Cj<<HQ0xLrMK<m*XozWHt>XSpatdQ2Ua0v<5Yt+_ZiKcg6wPH`RLf_mJ?zo)
zD1pfXGk|_7q~I~TTW%k&>#!J3$BTz?vv#?B7x}tMO%(H_9hn)i7yBT2qgRgIEZ&Le
z@QBB%lIGN8G^w)5s9QqlW<zpLAhz$1Vs+8CdH{vG*B>4GBN}DR_T?+70A%Ln!w-_d
zi{g3rJ=g3tw8hk{D>c&a7fPNx(_%~PKK7NJf6MSg?=&sRFsx^cBvDMhO3t9XLrf$5
zu<WLFA+GEYWWuqT7sKK*1UpGJ-wW$&U-LMwylY+1XG}xZOo&W&*X234f0~W=sW}He
zI0!w8K<d6A4cXh2Q@<7CE|e1nE14yCnR9d3muGTb^Q^9WK8R`IvQAd*q}NS{%WeGr
zl9edS*NHcgc++aJHe+txWPJwqxfEOK(ezql^Ee&$kMS4>ZHRi_udvt7qt2eByqSiN
z_o$bgl`Cq<!S=OLLx4u9qY#Gk)+M&5nCiuO(uGrkSTWaG;**YK;A|0W4fjqQ-htV=
z>HPHx<z!~Xb+L3%u`y{0w20|CUQey}z>{tdM{v_j*!hsF4^2|Ad5+w+9`UxhD}QZS
zrEkAxcDW~B|2=7NNhfr!%D2co;Z}=j>C;!$3Nw3p+|^u?DpsoRzklw6!Su5m-!flK
z_W!Yf8a@S8c5L(A4c8Yv4n?pwRD1SR!MX{XZ2OE|E}D_so|dzh+noWmooyR*^NmN|
zPt%EFwRecopi)VVrA9GeSJINq$=Vm}hDzqFhU}LGpOw}Rsy0U@wzu88O{Tplr(XM%
zCJ|?y{a~Lp3Ub#2W8N8!<y%crBP+<2vFA&v>d105_ox2`@fiVP;jSt7D6MYx1SY(E
zrS{t8;^_q<RJl>a=%a3%Y*x54(fZ{4cw_+;*aAB^R^jv?(l}JSFC{%sR0UPbycen4
z_M|T(h}rDxqqd_(CX@spOtWKzmW58mI$uSy0n<s;oTnzdF8@e`&Q~2zWyD}{B3DDb
zE@PatHqaW}Xx%`(@MiTPsrZh`r$5uR*~LLfUzHYpLH`(+YNqMg_Xt>U_+cqlU3}m2
zruqN`138h14*kyPpq!nE=AhN89ei7R0yg#x&T6;nvQVoHa>WngJ2z%NH=!yn!y#hU
zuh*Tg%nJVdCp+=VbqnA-VB5jkIj(3oi?p7c3&BNxSvPBs&IVCV1Utf~Z}#QF-F_-=
z+uq~fl_S^-OGU;sCsG8K24X0;059jBZY?%z^C~?e6NSEYe_R#!MUb*Tlk@B=@u6w&
z>lW8JH7v!+P_RV=x>{jayG9}-O&DMc7z}Q72NWKp8B^8?`f7+lCEaUkHPQP59njAI
z)4jS^a(7o{&NKS4LXaY<bcTqcc;K8TG6Y0ZNF(u`c@GpTzZu>hIsW$fw-GQKL$4Oo
zx)zJ9X_aoke$e4>wN80}9$JnomV|Q3i!kSFj8ilGH>Po?^*F#q*BtoePcSxR(PMg}
zgpO^m%ua<A-(CHroT{jEII>$n^$++yB_6)Nq2@t{<O=HS&L+w(gCh6P^77$$h7~Kr
zYqIpJIR`7N^hVHWjZz1K=iZ@t#dqfM?(u;3_&9iKs;h~;fuB;VU&&loP4Xy|%e6&t
z+Hv(Y1wo^lpO_UX9E8rAw{ODD%Bcj$2d0%2lG&WUx0sha=YKE6UcXRnJA%oa9P%Iu
zwOBSEbcd~nc-!#31;nyfJ&QXweFb&x_d6GB0Z*=N_a@c#^$fLj`Zn3nko#p?p26h}
zW0RK#a`v>B*_Jh`r#1FdF#t4vd}Y-b1=|LToKfu+5u^{`iJxpVT!pfxvjx81U}iTZ
zdu^fILCx8kl6i!!#9phJPmL{uvw>B^(H@$we;|~OuPf_M_w}a*j>>hc;?6dwlj}x?
zuZI#(CsFr{kZi#v>p51JEddBfCTm#@en{vv9PnHmC31Xz8f^F+|6NV>{^i2t?vnjw
zhzR&>{WP)Q{RaRYV?Xf`yL7N`>R*4ZqdiH2h!_F*?VDc~WWZLmVom{TH-}#`j_>uK
z^mRY?er{MFrS2Sr@mH(ryw+D<52IKIVb-}CTp0^#w2N}>Jh|+iFj%i0$}HDG)_>WU
zOw`4A?Nsu%=B`CU9~N$FT4yK3E-Rbd*1ejVZR@<AO^8=MrAmmtteh_=-mjXWD+^4W
zdEVHQzx=&Ep<Z_n#w675eA-+%z4P=jFYes&;w|&B|Lw^b^xp_@n6exk4QvInzL(Cp
zO|e+verqw_a(lbEiQ@LI!DRU@FdE<y&>;m_GoQf7NpoKtH|06Z-HA`rx^6AfMM_0+
zH`Zs4pL?Qeo*am#v>ME|Yv&nJ%l}U1$VK5aC7!nJDr+SyFW=?wT-NpGZo9p^{<ahk
zv5Gk&eL?H6v?1ij_^MSe*kyQoZDv^ckfEF}kUCIfw-LqHIjbZ#9-Zl3(J-YCrp5$v
zn+#wWDzfM`Pd%g}NaJF6KJPj=ISv0*$JF?d`ST+}unJjSHI|I-2iYN73Jre9h}M>_
zLrMJb#rDs<?n$B7JCP>Sho37Amhs;+_@~#OlR*CR?+z^Cn#tVY;^B3gi|lv8mpCry
z78z-$Hv}7Nz9K5kD`}&*?>^I7FHRX9zn1G}*IL=0Oh>D-Voiz_4CP6zPU%}L!^80W
zU?sa45G2+v=`+5W^}8m}um}8&H2p5Tsk=>rYQ~81W7~H#X&W-;k)yi{aB<v6UyUnf
zQ6mj~aMzooz(J4-o<=#j*4mHXm)f&PXYE@=5?e#|^UmN*pzEJP?j&$y+c|jUZI>yn
zfW6w#*MxNaPyY^(3e|!-Zclk7a^jVzzO>WXP={^`t1L@w$WOx=mQzlTCc}L0CJ?_?
z=NUXr-Wkkz%6<rZhbI{L5htABP)bcL9O*`<g*QRD`k?W+(HAYxe?|dL+#?EA?jV+G
zhM6h7sl#XT%f1)iN`2e#nZjT5ziVC)$Gx$!S3buHce4qfy^37^d5<JPT<5<(uj=T^
z23cNLDbNPiOM^1x+Hn<<SqF!3^R=<3X))A+S|!<q*!b+)wRmGcr~W`AmIBn2%lXy}
z2coDa<1V<UN~M2>48GoyWO<%FY|K_>Rd^g9HV6o>Z(bffmGT@P5{Ml1f~K}oED!Lx
zUgjkZK8%>%VQ9y8xt=T{A~I)oUGI%!$E@fG@mecP^zD>)hS7?3Ai2J55ihD4;7RS`
zDJdKpOk4Gl@~8gNGajlX-b#5EsxAHIEotety8`K+C669p2lHVWKFlzGP>L`lb?4v9
zW8a#uKjt_dP`F5MKvS!|a@3laWP8Lr6J|$2F;zEtxdPcuQmRf>pAT}j`j!?@gqBx7
zQB^6G_0ftw;GJpb&reA+>iSN4pBAUMy#VawA2Oj28H@%;UBl1?)tF6R$&g%!V;y17
z$<A8NYWCphA)BNhToaG;*!IsGw9{gGqvbV;3}!0T)-HJHmr)_vU*}80N~%8(oV>0^
zFV#P7ZZA-USL}SO@aQB8!B`F@7xg46syYlP2R~x!x%80eXof{utq*K}vEnekvLx~B
z;x`q(q%srXL-)dB?K)P_%zK3u)9`&kwbIn2^;vu$ZcoUJXd;avakf%kYpcsN&#oT@
zFBvWIy4YS|jE^mO7ikH!I!3O_){VMkhzb>{+)yQr9{42IK}C3)^T({YGtCz@rHe}D
z>qlMMtpF5kwELBLjHwsp{LQEU<mVl4T<kcS*-X`Yqa%C+q26C;Gfa4H&vBwt6dag#
znETGHbwyn7_dUYr;*|xFu)n+e)=7>8^6{>R9LLW{fR)8w2zY1Dbyf-qdUX3!<KM;J
zNVt_vKHm@+4$7pe4so5MI=PCxG|XO(eVL?*$bZ~-@C9J%8}Klkh_@<#mbC!GmXEb+
zjJ)keWpk^3v^oT!GDl8v8c@N{u#&yRe532UaMV(ignbGpANeFC=j&c<_wR8{;QW{4
zp@u2eXzw^^HPVEEG9<>pgK2hOQ6PMS%pJ?ZmU1bO4!$&>dy{jBz@{jCTGSbtyAGoD
zE~MvLlm2C>T!8Z^r`GFo+HnBsK5=1PCxA(rHGE{Uu1^x$w<XVB`UPh!w`pY)F&Aix
zbsD-<Ib6xCQ894p`pgJ@IUbgb?}Dm0{|n-E8ty0F?y@&gQI+x<YA@6b0IFqCj3q`#
z9M#BuUb`xkdFNijK~}oZ;Lu8k`9VpYiu@-U!%d|@3)#wpo8{t<M`+Pc(%PBZ_u>k0
z{hr-^IngFDdvn^=TmMv*H@PH(N{sr;;lE+}M+JHBl(Dd?7SMV9g+dE0w#}qa0d0|=
z08SrErpr(gCld93@-uyn`Gbaz-tu#VR|AeY<f&)p{lIK5abd0lO6~*&U9dA(d3@}E
zgSj2Ip{32jw;sE_LWiy0mKzbFWJ2;>4FTs!`ur<petQJ;BtC&Lx8H$w6|ip%mR3CM
zY=1(JHiIG}X4EAx{$%`_y_~+TsqL>e-MJ?Z1fq3YKL#G|grT&u$IBS>sgcjtbH?ha
zS{got4_*cg&Tp2#-gl-5hyTiOzZAA5b^E(_dp3!ym!o{Hwo@xy_f`P0$dKGY)joIW
z%{#i-cAwfwP+$wS2a*%A69YLPmJ~q*!W3G#l!dhE?_4O(URGUe3Lu2g2lZm3GwRpA
zHQen4|4shqgUyn~XJk?5)j^I93z6VVN6Ncn$UprcjbAgQ#C5V2qh)wwDGvDHyKx5l
zp<<tqxTRFtEVp;?#M{G$8By#o`wtqJ{Fo*KSdv$d+9@Ds5!h{hw$V%>b$=L-@}>;6
z5T*hQ#$wxk@gq{~;q&v+h0gN$oxUfWblqI%%T|EagU)B(Y2wS2nEPF+&?)|{zkCiB
z0ool8fpk13luvQiRv9=2cZ)bP^|Ad9M_W1OQKd&AL0xW^tAmpT`$h=#MhKp)es5CH
zXr{o#?!4oE)0FMnwF@3)>NI!Sxh{1#otM!5>xsZ)60u!v04@1hVtWGDj~H38ixJWm
ztLrbFR{mbGwG__tzfi-|##NwXN;NSNtH}o5oXy<?4!hi}p*eCsr37UHSJg#SC5gwO
zFct0sJ3|u2oflT9^)()wp+(DIM(PeiJ?~WqA4(n%rwgBjPx2!6*}$ve#WCDJBA4Kl
z9(x!t+|EUo{*tMy+bN>suqfT1T;akmi6-a63E8{J01G*ZL&UvY{eKi`=EXdXJVTX*
zB>}wVE!<koDe=6T)&>E$0xO&^O`i74&D-`cfqhlUX{>cXpFEi?o5<r^VAeGyo<Vko
z^}~>Df4uirh?#h6flszI@MIP7urRheETbQK{Nh-0UxpZ9Hl3>S>F;sx5$jm|?_@(h
zbu23mC*}n08eM?=_erJxE5gx>d0jwlw3B&ca=GQmjGWcd5-Fzx0oGQI1|e~YkwY$9
z54qZ$-!y$wz!a{9hZ_iJ)kb$daMB~sSjIxeP;wMS=a|qArVp~ER43s~`^sNeAwzpr
ztFb*3mYkeStQ0zxr$xnMCo-@E;P;ANl+*xxhi&m#tLJu?#9ame!~bRD^?79d2tdZp
zje#ajh4wJz1ov%y>q%2!aln(sWKNi7`jyJJtxzIUUKtoAtkIz`pG1Zd6Q#uA{aayj
zd>Hei7K0L#5E0&sb=~tI*B46Gv26Ldw6Sb5@Q28KYMEnHNeM#*POgrjPJP}w0%7BZ
zf4@FewA3f!pjs>syV;9ZS!{lqM(xFZY`^Y`ufLSbH?VQ8{kc3H$@B<PHCnK7f8zu7
zVyie_Ev4}1y>m35+$`z!csyp6t`4}9u_do$Qrxh?In{e8$bjjbblqeFX{o#(J1=%@
z_%_IW9_e9rFa_vd!Q$U2kE?E=D?wf@-R<JVd`I)<=KbZ87)8`y!t?3LN`gZ2J!4q7
zq<z;EP*i89J<tGUo0m<d(chlE<Hi#@T7bQ2zK{_<fUbZFYr0?WIqiJKvNiQE2R^^r
z%~CJ<{i-ggXdoiZAhvt-5eq8a@ARwo+4}i>q3pU9TaD4Pd}6?VrQp*yyFfYV??oy(
z$q&!BdV^6VbpGRJf~}9{j;YUXqSw{f+Y3wS<$#di-I_kj>mu82b7GL=(${<Qqjo<i
zwqMeH`0ht`?%AJ18JR51#z~g}vwY;iyWD8=XGYtPMKypydLJ%$d=9^kXy3m3%R%ax
z&3|w@kDC5RefY{dz{-o1+OUo*uW0lYRV9I-U&^jft*P&td=3Umbf-7(ghM&jl-;A|
zjB-C2&@*t$I}#8BwoRom2`=SFUp*Yy<Ah;dmnDU<3VR~D0gNjk0+fYRj8^XhOE;~4
zDT$;f=Wz|H$N@jHb#tbTZSSdDiZD#koquwzu)#IWEp&bho@QM@M^GB0nA>~ds{>lM
zr%KR6LuNT(8e5kg7b9MP9C_aDdcla&2CItcS^kvbjD3buj_hI@-{XiZ%DY;pk&M0L
zg_?zVF>v85GdPCIfsIYz_2=I>(I0xtUu&7=a{F0JCIZghR~PMT9uisNwcv!rdF&}1
zQd<@c@G(<WM-PT5lZEADQAz;(|2&_9U29#u>=ihbl+fgrSN-SXhW2?a>p3hF_~gR8
zMH+wnfXxu=@SLC2PyXtVx_;j?Vb+<D#l2^LvZ1b$jATzuQYuvfhSI%Pa8I~bw2+iI
zT_1BMD^ao7#h)wLse>IQ)3alcala$hcjBb-+QGGES(fF@2%iS-IEgag?hx-xFO;Nl
z&K<vHs5$i{0iKrH{2Knrjkq4)^?*NYVoSg9l1EK|K4mGo2ell`CQB%*skd0O9O;&V
z7~v~rB#uz6ZbY&P{{f5)c@Z>1H8fF!_H(V<|2PT89RE|D{kXqcdMk}h;t5Ah&H5hy
zyTNXLLA<gs>Th6q;<rW}WgRm?h7guskJbqarwzY$w>}7X_@*TrH3;2bkm6`g8fial
zhUOPxv1Mq)!TdY-PXlwZh&x3nXD8$`SLh)a{dXhkjC-3Mzt5$WCMuZwQ!`rHf2*K2
znND`S>WNW1pLYh{YbI_!ExcfXR$oyl<|gDLx)pcz4I@ckAIaC5`EfNf-T7s@Wj63N
zz0hM`pMSN3UC?QrOfhdiRp{vZuWpiGUL}xoZckfR0KJj-G+DZ1&Pn|s8Jf{z>#F|j
z5Idg7yR#6~VsD~BiYEpZZ4g3YL)iL9Oyj4S{mYJF!>+O1{7aBbcGrUpM%bN=J4z>X
zH=qCd7}8$=FF?Wz`=;mGhuZ8m{73Chl!#h>;_Lk4bgk1Br-vKw&m@ZhV1D1yz`9`v
zrR9rKSI}S-sy#dZp&g6C4S*nV+L@`4Y<D!t;i;qsFdN=jQZ@8VT0`*aaW~&oRU2oy
zbxw_#wU>7tqi#uDcJ%u|QeE@AePDRrE~Bx~F1{2BJ_kJh;xQ@)Id4J$OY+9u3IH3n
zUD@$o*8e5NB)S_{=0eWAK1ZCTGKJ`Dvt1dvvTCK#_5!2T`REY(V;w!2O}}RjvfjHX
zLoor*g9bR89R=<rUE%3liCw3@^d7Id4-TBTJNBr$JY=G9$`})OM17fICwtn`7qh^D
zZ5m>}n{m}cNXm>#q$o`4Y}QjpJAl6s)i-O<k`&dno()uT{=D;-*2g`}B@9X+%9%Jc
zSH{A^Rlj=;TpE0eficM}sT1o3r7~Q{5Bvy`1TS8FbK9HS=lp$p&8XXgnN00KCF(xR
z5EzW1r86KWpYObi^RrMIl}jokfr#Oc^e=5lp)NG@QSK_lF#X+O5~9rg0FwC$bzsx;
zfH}DTiRxuoU0SYBZI`e*Bo^h|hQg^5Gaz|JUNHgp7C{EHfAmcDSjt6Hl^TnJ0}hgB
zRjE;lT3*cIpAsq%HT8;9@X%zt6p44#sK)uLSR(VwQkh>LV^&2tHLg%iI_xHtCI)Vb
z<_dja=7+d?kX2w?Sp@>EOiT}hn7aU#+krTXZY#wr?7s6sqe7s0FU=}eGj?*sh}KNX
zszJL)^q-@wOl6u=^9OD?f6dq6TY|nimpMlbC#E&oJdp}v+kd~Fb(?H<`UZD_6p6!V
z#kx{TRFBv@pD>-R=4MUfcw#B(eGX~~@YP#4WukmZ9r&V!w`AKdAIY_vtVz$d^Bc%`
zLrnx|brm=g6B0Iei4A)6@2?6GPIkS604;)tJHr)rl#|F^4k6QaF!iL(XIus%F5#J9
z0=npe@SmD>(XK3X^%6iX)@>^XD6U<(gCFiIt2cdoTm-zI5>=YF+d8E<mHOlcsRI<K
zyofX%{uYtB9{xqKqhe57zX2U{vQcZ@?Nnbrxjt=@zuux^SaR!C6}9WjCfffLl-KMC
zI0ru2o37fUPh`dh`@CL`y0HpjLdXPiw5PXFq|%w2KM(VHdy7TC{=034_Gb5)gk<=k
z%_)1)8MN=FHy@rxT$Wq$PutH`Lf<F?Q9KzG&-KhP{YS*--4V0lcI!*D0)hrn=C&|i
zgF_!e*#1l$bl0^rSZp`T*Bl1JkDM&;`^Dyynz}$PiO$8jKLOb`1ek4S33Uegf3MyE
zsTy`2sM4E!?Y5xs(i8NCwUKk2c4eFN%_rN>Zr5{eUi0P9w4jZecZTloEo^7RWcc|>
zI;dP8k-Kf4BHH&|I4Ndc5+xDd4=%L?kvR9r3O^lS2;ZK;_{)r#voap2{z_+sY+Cc(
z=3`4-I#wGk>ke)m<j%R>7y=xAPK%QaGDsc^81J^oP!EbrvJY~w^x`YCZ#sk*drFws
z&u>@%r*CG5Z?Uzogajw5rlo$4t15<6BB6@Pv#oFS);ozh?O?E>t#go-r*ohz-#p5r
zJ_<ORnIJ<rx!$h9FSy%-&nk4f>DsZs(L&m>i)U_K;E4fKXw1F$<k6QXlw<95159{y
zt)&Y5T@>7*foS)EzbqTH@9o@?ENC3MCD<08x)6;&9zNdl*#*At)=)I)*>XdaX!l~o
zVEpqJNKzi3aiX_r(oT%ISonN)$SR(G;UvxA&aiTx_IQQM%8*H6<hkHO(yu^muYT~f
zjK3z^uox(O5RgRmeNts@ep7xnXB)iZOH#=>YBs9EN|ep@lto5U;>TgyZr*F_6Pk_D
z(A_lpopyyG!{OkhXR9Pw)sk^t!!N5nQQVuF>U1n(<K*@lV$HazvjLb`^37x26?Z*s
zw#cHWFF1?${v>A;jayKRL>dC17_a)>QCk0&j+TDDJ$IdYabxZva8nFOFmfjgSDQ?<
zL$ezxEjGHy=~j%nvm{9Ps1LsHMiD*uS5g_M*!G|q^Zx2$=v$N&hn#f1(=L0Zx6DBY
zj)j!Az~jw%M1;UkZ|dab(!HM{I`Kdx;%Bi)k=a(A2@QI=u*+t{zaF*;hpQtu5>^DP
zGxTaAma;#Qf>=)=9FsN6=*n3A$|jQzy}|bZ<Y81xJ7$iiKsbhkx{S@szhr-vXm~i1
z(vh$bw5TOpQrR4Ld09&naG(3mp@Wn+ub+GLUDv`Gpc>4q0VOiJy1W46mCD`{mHb1|
zFQJE)H)*>+BxlTF#<hzSDO{ta231O$JX3BlnTF|s&;wU1|BQXAS<Rb^@?m?{&Z*tv
zv>5jWGt2jKBo0GM&}m|-UcOEr(&)}=9CXe5f!C+eD3Z)k;&;1PQsO6G=!HCp+It8F
zzQ~fZbP%so_~*;B7yDgxYMYNkyG4@iWu(E18BPx%yZ%|?EzfLz{LX^x+u*sx<||^p
z&3qIdmNJrX1Ks4{kw~a4$Ah)uK;!CbWCFGqDz#XiSa6gPJ58YA7<od!;2L#+2WQl3
z`9&MK=4Slswfoq!0y}{tR(EqbIHuY_5S3JJ*X<=vY%AJ0o@wZ5`_y^2MEB(r*zJ<p
zY0kJhYXgh_68QYmWVp2edPZ0<xVFg<c@Q;C=!_XtA>Jl7Y<d534dwF7h7kY^E)AP+
z#<Uqrw1WJ%tGlwRQpchVSb15qql$}?wxPps>}zwqNI7y?ILaCH3rtexk!R(v{j*ed
zmmlI)T$(FewC6FA;=^$^2W>fp)bL4y1FNIQvB_fh;N}=D(N<U|B=Rt*E4VVK`DQtW
zCOL*tS@@cprR{-g^?D!T*w9H)SZZ>4=%_5=@s59>&quNAoubh>9f#-L$%PVj3*~_*
z|C=vQX-~J?)m{;6g@+49U^t)OIj*nMLqmT4glF76o``6uv#xbN&Ve=dR5wE*Y=ncd
z8r^fFSu`!RN1EY0PwJ#UjEWd^B`}uI_E`py%%X>vbzyb$n37NbA^CUN=10QTPseN&
zJJ>#QBnrLn)_QQ|I!u3Xs!>IGTP3_jD}z!d8O}aO>iul8@6>agnQ4yX>d#AZ`UjV{
zC4Vu0m4(08R(dhR{x-JbAd_{5z~Mgj4DH-@)5ajbQydulB=yrxU~5phjilJif=dW*
z`yfwJysS=j@r`vDQYT|>LgK7|b{$c%N$r&<TDtl({Jyw7%o`${nV*3-&=AKf=UHk!
z!*watDLpuN4nd&}kx}mcA^<sSpKTm-`X;Bd{}NTG)ln6gh4=e}CMX~^X`~|KRvF_#
zK``ufC!1aOM$E&+lXc&?)}-D7p2~e^^T+vj9yM9<Aha|^pD&97&>aRga}+<aFOlJ&
zCI3bgR?=>HC|tIEc`N_b@r&Cm+)=h6d=fJT;_66oCME1)F06!$AtLLeY)>Rq8CN(E
zk4C~5<a_jvg&!@#2Gyt2`Dnv-Q8eWtrR&Ag<-7Z=uk7lX^HkWFafe4XY919TthkCp
zf9Q0|N?fzoH^+6{DdH&p0pL{4X!r8*c`OpYk27cFuoRF5nJot+4-DX3p%p6UrBwD0
zspLcDmzbMj_xO5~KvZgT8)+34+!zHk^kb{KfhF_Ipck1KG=R0~Roq%P5ifTUlU&73
zfKRhW-H6_$4r-%Q|1=UUd-cP}2Wti4TAtc(A?Lz3{c{i)XPN4?1S~xJ?;Q62%L#kR
z#nSF#SEBkA3Px{=3ZjX>hfH`XEqm8L;)xx>)ztw9YS?ZF$Lk0;#woro*(ah~=((sb
z>M#-}d(|)%H<noIxqx1yHKu%7yvmgM`#W+TlC=FroS%;N-3x%;VP_o=IyCM4iNURh
z!MxaAOR~RqBkDd~xj7E%vdn!_hEUFRf!kTeWu4##puxL=lbH3?5gJ6pW)mvW)Us))
z;;P5}_01P%Oy@jFLM{jNgR)+w6&cY0A@hvLT`S&PQC94Ld-AAmuY4s*NG<VZ3^w(M
z*Re``T0nR2{ouyB14VUl#Mr*wb*;4_Q1_?K2&10cE}z}Zo(-dUqM7MV{q_R+VcE&E
zF?4ais+UPhS70XF|G5Wz01=WG6Y<1R>UdNj0omebzo)-uQelrqmSVY*p$aPpkOW1g
zgX;T>@?*=NZa!Q8OO3<DqBo*Fd2aeYEC2-hnq<7GgNC!}H<mkE{stM(`j{U(>qt%^
zoU+iVS|kbQ-*StauzB45zg^$`Z7ZL{+A4=c#1U<n#6#tjFN7Kqs7ba9;+3{S-8c;&
zuRmw|vv<eIP)12&rw;iww{w)-Pp-U%NktHGK6qp}jFb{IZug>@PakkJB2+&a>mSD!
zT@`|jMB{AZtU}g5eYeSXH=|%2+d{Kw&6eN3ARaBLtD$+8x9@SACV<f>wlJN^=XHPo
z-mYda#)WY;EV}nqzdMkT?I@tUQhFzm1c^ic*LudQk{!OlPK{(hrm<RfW~ACtQJM|G
zfR#dyu1Drx=V6U>ZWg*og+XJOj$&Ivx%VQxk-)Ae)p{{rL^VtKfyl+g^L;Och)t4c
zI0F+X{d@Z8;aRylbW4{sEPvhEAwUIqR4<6tSH_&!b9I>QPi4_}TD2V?_BN@?o)sF_
zy;eND>W3rrNEcOn-$21(#=?`Kmoyym5XfUvGOG1HDO<p9gL|Z7x_j-W_U+92hD@F3
z^KFKjzIDMLExc(0dKJKT37vSV@?NsP3kHrhI4eBBoljb2R85sM2Xo}6=~x}3HDpNS
z%5JwnJ7(i=Xa7tv$D7q3dHxiPq-Y;tW(Z0iF<Ly?bH4f!Y*nDCIXJ0de$EJeE;#7^
z9XN=5kIU<lY4m5|&pWvctzvxoD}}AFuHd}Fq^g!Xoz~^{h(d)V2d8$7mWLJ+0f$dm
zd$cU9Th+*^V-CEv=?r045ot-*#sa@{1W9TQer-Q$ny_x;2kF|jBo1;KMEsZ>v{Y|r
z%$)zFJc`N0cv8Nrm=?TKVL&3{C-$9>?;%OTUZBo6A?>PZ0VncLKaz0UIY(9B8n@{!
zRd@h&)-31Ly#pmkU1!Vw?~DV7$G;)yg0xS3>`H_JGVii~gLULvP%YB3ofW9`He)cK
zOn43ja|t^@r!Nd3E0t|*(yI(q*zOF{W8M1!<HiJ<{BeOt=H}w31rZ}(7B|Mmt&sOZ
zXLV%9#|AIrE{ox!ObTd<YYd^5?Q_}R|5M%!X>vTvr8^pN`fd)Ze}obT?!q;e4P*#7
z9vuA_dtbp7N7JpF5L|=1h2ZY)2`&MGySuwvaCd?RcXtMNcXxM};BW_$_dVyk@(b=+
ztJkdVp6RMxTb?abReg@s6RzHC-vLu$vD|nT9^Rvt`9K13QZM5Z*FgX)(!VUAO04AD
zmSfPLYs8swInS`aaF6HSpYD00%yn@VyT+5rum=}^Ki>CPZ=JGLpvro>Isx7;{~7j-
z-0|dB=?qHsXLwnXUV9k(NKmgX+pWvudj9YL!K<Qm7HRX3P+<B<#6PJtG5qN)nf6fo
zA4DvtyX?h3ZgTxNVLABtgH=Ozj^`yE{k)@gb}Wx91~)}=9W1QoAeJtb?p=T7>|{;0
zo3BDz%x4R%Er!l%W}j3n95`C9@7n#6Ae<9S<Mj7DhT4cb)M=Q(D@-|i*a$GC^yE~k
zk4kWrvi)G%#V#@7vG)t~AH{jF>~iuaWRiZdn{|2ApZDN{s}gxslj{*0-J^6*la!<p
zMZhY!=+(KP!xE0VG=3-`LM4P>1Y9bPLfWW&1b6!YI*qyxW-rls$6H?^;$;K)Hg%>M
z{Fs0tj#Hg3kC)SKq`iTontso~VeHdJQqdOr&`I)}iJ70l4g@mxIEuV{wnwNtA_JIh
z=PEltb__&xaoQSw5*^~~k}s3!KTLLU<%(f?m)?~|#cbavT~*{8ffiGcEy%bVw9(fY
z(Uz@CLJv|DduKd6Y{C+4L{bL3(f+tPXAvg~$8j|hTadZ0HxX{YkM0d~N8xlAQ#11r
zGkiau)uiQV8pI?%srjlUuZki~FqV92RE@OQ<a|k|-2sZ@ak~!JJ>x1?t+zHvD-9RI
zY$P9#=6xd{MAguE5Ci~qsz1IUq-dtjr@j^RCb@yxXKct+>tfX`QwR8;e1_?K5Gy3d
zy8<6WBofxaQB)Ppg7N=k`Yoc)#st~qLoT*4{&sH{GtwZSiOGwE$3#mOMhJF8+)trI
zdDxq!MLF6<(1t89g9I#sg~7OI4si>MQgMzWH&sotB6VOQ;Dvs<!$w5>FqMj5M%2*C
z7cF#OZVr2%(L2gFARq^K8woj18NB>6RcjN}K>a~twcI7&p_0Ti@~DBsAg*v4Ok7-L
z%zllDTono?>0Hm=fMn6KC;+UXFI+%LN7f|_^FmdkOop^VZlcS=q?F=2XtRQJb1nmP
zevfX>EYln&!x(rl`#fUVY2V4mRN;L1PX48_rwkzS?KM`w6;=e-W>>$<UoQwKWF$PO
z5R$1j%b-xq>eM0i(w@h?K;Y)QUbCyT0^o)G(EkC#K~h#F5mz{FlZskV#ovr8Umnbt
zibJ8`xoug>JN`rFS$=Q>TvBVSA1V45-R}BQUr)w&vJSyhX=F)d<#tl>xE_Xr1eJDl
z$f-$ua>#2f*2!@mlFZti(htdGlg1XTRqHI<_%0PDV*_={kp#2ifuH*pp*ITp;jBx|
zyDuGHi(apFuSrM|qdJOO<3KgV5#E<32gzuWsV6SKn@55<9T&lYFFwj2Y(?VGGG^Ao
z04Z7d?hP)z`-1+xJ89=>Qc;CLSxIdLd0P`SNnglHGTJ%G!3(C1zNlblyCu?I2i1xu
z82QzmLr7|+i7LH3KZK49*=_FPcgq*oI|R0fI*N#j;L8lzp8K4uv8Y%SB1N=M3kCH4
zXs`>Rns#H|_g-5mx{!%Xw_m_yJ1Eck)<+7Zy&kH?I!Faj21iS9sX^PWQA7KtZ-S;5
zHXuZg6c>Y^v*^3*HkIB!ZNy_|$1Ak}D;SoEXa+-a0f}44+s^#?D5NF8{4sF^RWT9c
z8iQN}0jyaFn~jaaoa8-b1I8c^g_wnDdGeiUTW!N~6hiX^67M)1n32q?_PptdtYO&v
zmB=0<Ki)eLsH)t9IW|zq$gCbgt)r4J5f1gre0Q`e&k^TJz8Q=}>1p3EC5XD#$(XV2
zw**Iaaz7})=ivAGr6{N{8{Ee17)}2Z13PgCGPo7VK)ECHH-AP^G^Ti5>1M~dnI1=I
z4dTq<)N{VQ7189ki^tLd9enRr6dC9gXIn$3$1WipDL0<p=rEJ@1H{8GCdQ6*giJ=b
zS*%v_-{uafe}(x9brTQZzFPO&!6E!BQ=m+2wvT*Q^?VHX<}?u_&m!^+(uMEFYI)1~
zA^u}=KD98MW(ZYk<_nV9IzDf&dyTJ1R8NMG495iah0ILj8dfz-qhAvL2k!}Ld6Wk%
z{n-bl4uYf$9TzMK1PX;aN=}mia7T<B;^q!WdAn=*AHV27H#s-K!W1o3;8ZeFA@_|^
zRY*Yb%B#7TCTLh>$8C445l;p#N|L##d>iKPh^7c<2_Uk24FC0Mz+k^jgpwXNo;_60
z)-YY8;C5phf==83=O~^>cjf+TYL1N`!)44>Y$c>aQOY9~HpSe0)G}9K@y|fD`0Z2R
z8)sJdc^$?qM49R1dVS{td>ALkxRFMc+^fDk3a9pvAzgDLx_pTo3{d;HwM$en!~xmC
z{+qr{CPE@C1YpGF2}vP(pnP^$79OG6u}S<4M?>s_)78fjHRZ+R%-5pIA6ld{PZ8az
z+{1(^+)OBMH8%M8F)aI#Hma)qE793di2nCym0-GT)C)twZvh0=Y+;s^<WHNqx0b0&
zkGX79cT~uex!l^OzRN@60x1v_VdYh*0DH8liibkQ-O`MgWTD1urNVO~$C#!p+JWX6
zLI*8u;hMU-W_R<?vv#(EAm<3fFDzkrFKFGtPvN*afK5Ax->f6`*G|XB=9Zd=1<Z?u
zpeP;e*;pZY7%$krYj07H!=A#wE@vI6qWRhMLa%B$!pJ3?1u74jkE054nmZzYId%)G
zvfvhTbzNMXbulS1gA3}C3w|*t*2t2SDaLKB8N6PG{06{x9AU!~yty}DthHvY4(nTg
zs?o4*&wua37yD`JMP;STzAO$r@MM)fm9W)drHNU#nANlgOvK4&^kToI6dlGt0Z+{G
z%+p<>4wPSv`xp8<a5yq{L_6_Fw~SI#6Y@f4Ez$N*PahxWJCTMY0_ijJ&Or#5GuwsZ
zL#&w@hJaH!8k;~%I*73gw0v&ixZmxd&Qe#vM9V@YNf5OUMQ)pz)S-1o-WTfstec6Y
z*i;Z?P*jAn{E9BlU}9D`@J&il!`?M}G`mPpbPImSjOe;VFL|E2r4XH1$Q%Dg0Ma2w
zw44)?uUm#AwT`nC3i}{=K|=pip%R4Tevh5;N3(%^SHTEKo0<bU6-iIrJE8*mD$EM#
zy~*sJwqQj;gr}%q1`R>)zW+37K1emPkK>T?nED}deLtlyPrR>N;=)>NUh57nA1O<!
z#**!%yN%9bHB*9>Mo{&Bus0}Kpu0$R%1S<k085FI1NV^q?vq~$*#WWNJycCjxC#cd
zq0~JN9w9xqJ;$fksy!JI7=W=W!?Dq#MSO&_qSf)023T`N7%je&CE{#eym}X6#Tvvy
zi74z6lG4{OMF-Oavu)8&cn9ys`pWmX2lH4X!CvSq!ZZWB{P)R+^QRv1((ve*b2CbX
z?J~3lma?Os#w2BFnYZ|p?VC2}31@=W&Xk5x*38UL#x<uM_uMIH*nddL>=6%wPpf`+
z;g*f5OZK2FIs5EKZWKgh5qM<q)!IwY52|;64#8)6{d@;vz@pZ+66vXQrfx(qwMzSY
zX4w5n<T8ctLa5ke#=U_c)OCr_-2A=8s6`Dbw}5$T>M1-x-@LxVvE8C1@YiLI?Xlag
zLja{J=dPpSu|f=iXic>L<--SK*0N2Nb8%l<;Qnm^VP&S~3&R{^PWh!@WjGPia>PE(
z;VwjPlsEitT4wq>tCva!H){+0Bb$GQIX(y0Qg3P4;SdMyOPIuo1wcP+LGIB7@1XF`
zJ#;77bNASQ8%YumqTc3iX7FIZW+fLm3BhJeQirM@Pzk!ulZ#Ent^i!lCHg})wsC(y
zg6YHYEWfrNe4NlMGjV2o+m*u}8t$iAhy%2pJTh$>oHCdR4nmLeWGM0K-V^)BHdory
zjAChZm}(a_J8s35Aw^GtJOQxX3YCE<>r98zQ;BfiiFdL;gFiVJA39?YNSXIq^hoxv
z!<<3eR9IjuV(Dsx`L-B*vxCE9@tGx?AFfWC8@83?DDYbjo#6-M%&JtWCPfI@XhIwt
zXq#fz`7KN2I=dG!q8uczF(u-tB=Ozwy?Qa~&AeJ{bpnBIf1&=#@V04Wd3h6Zf@}E0
z`Fy5pemF&H5wGv#+9lStTWbNMLOC(<Q4PWorngZeTNzQ8ZivFn62p4&N`~q2=6vUI
zu^eEJeWO@GQaT<S^3}31$Z-0iV&g>6c%vdqoyP+KtIlR6DKkIgX)u_F1WTkcxzyOE
zOy#iPNQ*A^>z6sSi8r<%zV`?HYOZI})f`6ApN~y9gA_dkp<;QTyH(*Mmf!a1<4%!h
z7NI0ISGbG6;lGK(+gR=2c}saU)QO&pKeC}z$fY1n{R!ZkovAL<{8dqCCr7C0ek(mv
zxKA3l(8$-~$3-%XK0MgAAzl`I;ID4{>95<nwUKzoxvA?QxY07099nf$x=rO%24upH
zb0r|%gY#1-R^346&!ef=0}Sd4MM@~Nrbs;?FY%M+aUJqmZg~s)N2cq9^fS3)J&tU@
zy;HAKHJc&<$gV=wsFJ3Q02CG)%wz!yajeF>nWSD7wM&SAtVUT*(o-vViuX0E>cywu
zVx68CpA<$;Nv=z9eEXNR>qgws_?L8c9fgnJsq7iiB7}Aw0mn^I%S}F2;fdBF{G5G)
zzC2-zcQlKV8UndZI>%}_UwN>cmj#a$bQO|Aej=a19oJqeb@ezf`dKZH*?ZQ_)ZH@V
z2d*~-)*YV7mk=G9l(aCPN?5*>PI1vP=O~=4%5*9|L@ZziRAWRr5<2KH^Px++>GcNO
zyz~hx--*S5@*?hxmQ`r>Ur{S^CSb&p!CIj4*U^<u=sn2&v@;G8@=-Q{KLEx3CB<IG
zc>rl+jFy}6m~BhOmZ*VI9}OP0Gsb&>R&!E5Wqb5YHJ&7aZ8}E|qawDgm6AGNl0cjT
ze;T5ZfahJ9up3>&piQXDe_hyL3buO=m+LlxALlKz;V_t!sBdCiXS1qZXOW@JZH+g#
zbn=bge6D0fRQPBHn@7-{WlplzhB#9SHc6<hUOJ52Ng_X^vL&Z(OQ+<1Cd9|((^V(|
zx?2rPQsR(*_Ce&jneuuz6tzqoE;6eNP6p!E7$?+up#QkN&Hj1tij6X<OdGW}D93k+
z?{|&$MdJYp5BWaRbC~jBq{?B;Zi>oG!EN9Jo`v6Y%0g@kDZ+Y5{h*S?gdZ@(fjeJ{
z3CDFhEuoZzU{b{BZ+WQu$b;t;$*gN(^O`cF%^XV|!$(8_=R1(%!N?EP%*V`UKt{;x
zNOZ|Q3h*E~h^4oh5--eCBH$v%Ma>sUkh^eYOF_Zl%pEwzQ=tS}@N;Nn!O0ZJE1IF{
z<R-~}i5F}zQd4X8wkkgG0)U`f$ONmTiLj=8bF2WTk~7gw{ZxWo=#M)vl9d&bG_htL
zQcHfUg?$M_YoYbCQ<rI81lwW$B+^mUp@`ck-i-(VMOB?lGgo4(LL2(4UAy^vm{`8#
zSSGH+q(+!WwXq}TbqSUXL?sYRn*9~gdk>SrpsIT1?@YYT?{^gKH3TW;18AqLi(9bg
zOOp99Wc1j7UWMP!u(z`;H?`PP{D{g@I0{euQ~_xM0adPgtolJfy*62m31r3^042ds
z8hVg3>2RsG302H!p?Cmjw@6jQVb51|5BNRaet&`n==VLQ_fVhIg01T+H8o$v<=!#G
zKIG#>aDZuExC2scTDMSI3MNCEB)?$7X=nhwAUabr>!^4%<D56XhgX|CYg^N-RfknE
zatA+$8~@9ct<_oL$Ytg3{)7i$KOAQkm{t!gi}srAxC<|4ab}zdoy)9#ZoctNkhU08
zc$QlO$0K4||J_|O?oJiz+Y9b%XBi8=PS2Ilsa9uotjF=A|43(6{siXSj@KZ1K*Cvu
zjl|X__ke%lE1c$yV@@H+bY*cU+9dTO-+5Wiirp&0&20X!af6+rwuv9WJP>*{ce%Ju
zrNtcCFs$7x0taI|!!<t|Dqw(wB&WY@AR$xprorfAC~<bUEZ*@Vbv)Gv2qD4f;UoBM
z)9w>GgfhS7qqOoNfEnvx*8R*eLp`Hk^mq#%B=@Jj$w|geNtI7uhiU4i%XiVScvYo7
zk3e~k8XV3|%0`GabI2QDeARUikpEUMNwjG4gvAcc5FN${>1Z))ROG_a_%U}X7l|zB
zU`vMx`gzxk%IyU@0c6{O1&`ZD@lrx3jY5zb86hGjF;oh0h9#eBoPqN=JP<zeYfmqj
zxbqQHQ{MnitacAhPFtY{USHW^+Tt2dP{wyzLK^c>Z(5Sdg0=O~m=Bt$wmKOkkeM1H
zGS}hqOvnL7Qx2dkEYZ5@a5>$=#h1EWzucIeM-SJ4UC>hV+wJ@6W6}N2^BPju6Wq0A
zm7XeFhO^oCRiM^P<133rR97c+>)e6=xL@IRfN-z|Olt@}7cz#sls7ZgaaPClI20}W
zvEV|*<+o)0&c0U^Ce>IyNE!E1;<Qv-%^pyvKH52NG^(oQ&|+PT7vfB+vmG%9W`QPI
zCTW$bER_m?Zj1P4g-^u%4u_ee2lL}2i{+}b<lN_``Id+>YIv&-?zZ^ar}?L3W#3i-
zI(48B*q%na2UOr5Oj+Ib)C#~|qjrl+P1hTTUxOaB#*7w66V@>4oy7{Kk01FeQzs9W
zEm_N)lgel00ruR|V$&PrO$^Y=M=p2@T7fl}rE?|NwEYJibN<U*0Z_sTw~bOYmwR~V
zUw%DCD6jT6mimP-9BSMYz)v}rtA0Q+%ah2F2VkeKh8=PuRl9w{^{SvA7Yc(eYFVsF
zp8b4oWZ{URzSAw%<gnD6q&e%5wTy&mK8L#`Z-*bEKDy~p1o!2Gb;;Z?Oy+`f%zZ8k
z)UKnEH0P02Mv?JjV{NC!LXTLWowzN)9$$-dofq!YK??je_3uK~WqJE`1D@g^R=Cg%
zUdLke8@rDAr{Dl*yvp_cdlbvvc8i5X3P1t9!(0iKu`Bc`*zln%>wGFArPbhrlB&aH
zOF8Fp__X7@h2d5^4?9;Uqk&G)>>Z4xcf3{fX9+I&>vp@VW2&&Onf^uC3P!SzIe3jy
z9?Y~)a-m98&tX2b6nhuBZgZf5RH<bAp=Y$C*H+aYlv0lvxahKQ){bUjHlf5_7e6Q&
zki&&xjQhZk<t)ZMiSr^P<X%uHpTiaf8O9yl@75Nmb(Q9{Si{Esh-wQM9YSpKLq_H#
zH8#*l`)H{`X!`Cy`rYP{?VJ>!p44%gpqmg;xo0_)Qjbeh^+0r6poxFo7vWTNuU1*5
zSM?QjO<JzxVS3JY(2@N1<(8JCRlm+`vaDye#tQVX-qxWPDL8r(9TA4T#z8$~*;Vjp
zEVl!39JnRsV^^4Y#7MEjf^$=g`~l0c!p}@wS!cU`3u~xZ3_SdiQzZczoBPT`hX5bH
z?8Nxsd3yl%!fy+pQYxscI2t%=6>S8#{My@Cg`ajrn8Q6muui)NF0N3V7xd10Qm^2w
zSL-?oKcM44$C`tTs6@;naX4&>x!BTZpE>Edp+_ah$#{B1dfJUAt5#Sg#LTJdoh!+#
zY;tW_E>xM`3BNx92MFRVKNJar-hD+^$EXr$%e)k5#pbybyv32x5B29>uixuHP5n{v
z1H;eSE|c|(`Rzw@liNZr`{dxv14p~bjnz5Pxkv-53bIxsQ?{Ec`ZT`I)q3iMF$N|*
ze24DMgF%S46D^5N2H_lY6UQMRa92!Tv*5)E8Nen|yF-X3-<%gs51R(+!YDX;&CFcS
zGSDLPPrs!pDQ5~-J!YPs>-e>Dj-)%$W50w6ht+m(3aMiMJ{P=gLZ4qw^ezt3lut@u
zCDh0}-jRWu%>@re?DQ`?=Sq&Tobl*5nd5&%W`e1+uW89z+GyR>51g?4UQH&Tcw}Kz
z1Xtj$b!4HIxva4Y+_8nMXYu<|<Qc0*z&VHc9V=e5>O#XY$=TkQAbH^<(@B>g&yW{$
z74ZtJjdcG@SIe@~o^qG2lg~q`;=K13@Ia^zfX7`JHehr9Tb%n_qGN>GgUa`XN(3&)
z`1j!RfmDhlg>0%~ek<es`6b<Z#Bu^h&VMf6TJZ)&DkqR8a5FT2oh$zDfwpDw;opnb
zlSn=gv@NI~r^SB@!+)zsK1=5R)RF#FlaNH(e7L;NQfvMjF<wwgkpQ^=A`VC;9|-Us
z>Bp8Tmj9p+#-{E+u8~Cu-ospgb~w)b2QgawCoKPsSm1Y1pSAeY_-;oQ{uZ_V5JT0s
z4E}GO>-B`d8<eUK8FE!Q`Cm@Go`5wh{>L@c=SVLwXOMMH)BoT!ka^hu!@U1t-hY|N
z|7hNuJ^YW^{(pseB9dAwe~|V!G)P>{^_;A70BbM>y{9TQOWbT`ekGb}(SeM-W<)mk
z(tt}mFE=@q-@fQxOq5THGC77~qz}=(-Y-QV1_s&Rb}%=<veh}zsr+^VIv7_s)P;Az
z<q%&G=M>}v9777vPnox!n)9KznNe0<D_GPO2`8A}-*kT8S1urCtCZ&8VfYM#{E(eN
zu#BLNJdKuG23(SuCfVlWHd@M?umS}9_n;;R2j^&hw}O=7^!Db&2Qe{`VuT~S4-(&c
z1*O3?G&F+>z8{dnkF<4n+FD`wIUlru>ZBJ~W1E1GjHLp-1t6w$66mDn4k3%Fi@J|b
z<JQQb&j%JbvQIZpunq#fU^UbfgA`f5Z%RO4Quc1?SUC)6DBiI2y*i@C5TF}zjIwV8
z;)E-%w>`>cYhp8Q6^lGr>zQ2yDC<;((q4bNZV_d9Mkf4fT4V%2+BTfqWBco~3q)E0
zt-tr2(qA2E7o^$Nm*LeR>K=(;Yjw7pbMJG7MZd(rFpQwMMD{<P^(e&)>}~{;-5<yT
z9;siUrQ~(ZiowQ*l)u?E&qoxR@v!>Bz7{`=8R-037e+G11N5!G@0@@<^MYE7+SYe6
zlXp%mCQC35_ze{pMdI)rGSoHlMvTNScc65RFV8iA!f{V&ORB_L0#v)DtMKbP$~OoN
zc1ywj{X=PiM2mlg1^bl#)sH{w^Fy&H&K{rB-iUsYH_28z>Kgmoo;k2R^Qv>aKkY5L
z&5x=k7qxc_;xvlz9d(_h4$G@cv<LhIy5+VNX`nn$%XC$ZfFk({GRgW~3ud*4d=@64
z6!9Y`eaeVv8gQo1D=3#BmlIf~hSUL9rXFpAR<rf_nAha5Es~Y=0#<-;a)sTE$w61!
z=Mcs>2F?X?1pasxa5y^y?8Gjr?O+0{Y1F>DdBq9+Jqw2fY`3h$-yx|0BP7fIF4fln
z;+<;Iq0CTv_UDL*Qxn^df)yxoZ|ei-yyJnoqRMcN_8Kwp8B5|0?CWa3oU2>H>X60j
z9Q=t^#-f4xAWpKP^GYmPQGqa+Cl^o4VHp4at2cSIvQa!VKpA0RP9n!2F;@d4ot5aI
zx<6NcKlvgMMUE>{Qlef(c|-(S$c{7=_soH^rJ1_&Uf7;kvHJ^P!!LCJIQ!iBNQ{Fa
z-&zHiVJzx(L~WoBz_t2rd4V`@lHrizd!7im5$&z-V48B|i!CEBYWJK`tN}D-Mn@U(
z+KQ04<T#$R=i1$-P){cUYOs>zevU9hN@K?cy;tr}_4rUQk<@FqvYyP!sio4J!Jhj@
z(I${NH|OA5mq0^zp!J4@UMY(h?euUiz(v|J9W<#hdr&A|=UA@bKOzB(K8uTdetbV)
zZ`Eq1$M7@~sBQmog{H8BcGs+TU_u3URIJ?-KLvflI9djxwV0})y@s*&N5Yfc*+*f<
zx8QLO3aHnq?=CD}MX?9_KImY*p#axLP^QtHF-9gb>c{kU$?m6{gh8R5wF$)eKC$Da
zJtwYizs16eg32@>UZ};w!*VNE=J2B!#MR}3RzX`?)nhh03Pj;Q!K#tKFH^-E64Bd`
z*Rdt?>4M;1<ImCuFD?Yu)ryAV&$Hqx9;Hv})6<~GJSfK6;-1~Fp;h^HJR)3*l^15$
zT1Rm{HZa!Ov&jfE0SN}$6VPyZR^FMl0F@mg#_Pvvq7RcABMZ7aL!(0hO<{4Td5BoK
z_X%B6Xu&VU$FGYfR+Ep%`PGf#zi#VZN%)+|H(PoEMN?hH`r2OePcJ(g-o{EbP8JAc
z*Br<G@6>nhqZ6_cs+#lV9l=P^Gznzs6&28<#pI_~T_ZH8JrJ*U<^@$P-saP!&b0!x
z4lNLFalTRtXJgTN4*{O=)Aaf6p;Han;D`7){uqg52q>Forpw$rVkdn;{mbQNi?@(y
ztP?0^SB(0qS2=j6BHn^5e-A%itr1NSbDilCTLLr{FEbD3OxD@>>`GpSR1{Vl7=FF*
zc#E;UEnf9H%qq3|l@hyHFQFdOJwqE}QY#NVB?n;yQ$$PD1med{AEZ7{H$!x%67!bm
z7*0>lIt+a*2FE{9xd^0ps(Kl+ESVt?ytP0cki6?LS_2P5HCY&vc~;e{T7rF^cfh(+
zs+E`Nf@}@RbLh%uS>)GGPvh)vk25*NCm;SKH^6_yLlT}w^f%^!tpJY_<VcLN9jX!E
zJA+Xm#E*G4nI`B<Zn*h`{FGk(Rp(KAg>A`wV^l;E#nV)YGg?++M4NQ;hoyGN?^`kQ
zliN6y-;@#Zz38qlS&uYUVt<^xEQgIqk@d>Fnx7{X&8FV4OL(}WRHSLNA-TH3^8hhY
zz;?D4&fw->=&%KCWI>s<-L{o_C8}Hzc`Wc2y?0xCf<|IPjlcCgeRL(9S)Vx-ZPU75
zCC`ohso#^^k&{J!s+;xU4dD~{5I&X@oWAcH>3H)mpMFhCH6G+<GF^j@tPWH51W%|K
zMemgUU;=J)Jue#;pb(oO;6e2lS-Ay(sv%6riTpMUJP_K_qPFC(^0;YT^BUxzcjd?q
zYWy37mj5EAi$4(OMy(uZUP&FJ2E8}<tm_z|e+Wb&j)fKK9uAq;X6D3!IpApys%aGv
zgnq+;AiL&e@sj$U(8!dcYF^1^J}axIYc*O%*2TSz_yL&Fp7O*?^}kZ@lETN4IyQ=t
z611>Pj}TL+VX@aM6S->?pZ6yb=8Je8E8@^d*Xyqv1H5Q9u*Rhp;B>cC7_7fJKnrcT
zd|f&zpw4^Kl>g>8fIAupYC+Dz<B!&KHpJf2_?h7G2J5(yP1^p^u|0O6<KpgJV1Jb_
zU){&P99Q7XZpLp}v-S@3dwo=mt$R6q#(;V^9rTd3PGH{>TIs}E{4Jvj&2T{LoKuC&
zmgU3m=}(<UnNpA2QgLwOQ(y=`Np7jrs=$34XD^WQRo%h?u-DYxyA}#|qmV4%x2Ui^
zI;rE#q^BF?Q!m06WW(Qajsl(2sq)Im@E;`SD<vH*F5ojJP3d^B+3!TY&$F$G8;OWI
z3{08Q!&#)AJd8N4cK8GJ4!l5|Tppbwf7{4`1`+7~*`J%rG0H3pkE}Rs9(aBcz%}1x
z{u(i{fe#m?{lMYjwJgs8yM*{^C0eY&j#tCzQe$83^@zgTS+(f=raMPTQ6oedo0Fz5
z?$kq#P+!RcT2Xa>iOd<P`>~I!q;z8&-m&J{t?A9k{eW7cn16@yrc>Y`s)Yw<56<0W
zh50a9OCceqGT)UK*HfS;V=8#RIvZ;4cQ*WDGxnPK*V;jW<bV0*nD(Y*p<YYfma5-<
z*l`FG=%m)muNx~>nyMNam4|+};!V@~T2PXw+Nh4(1oTe4Ed7Z=2<U-uh1|K^@H&1z
zWDwetqPEQ|+=RLyH4!G0<}?dROEi0_NO2{EtqVU~b+fO}JHpllozFiV6pdvGpWmD~
zH?Z8%1fk7I`8o!pu(pW}lgGHM%{VpKrgKi`EvT02Y^-h<KLZF~1#$Lzbj_1V{ukuC
z<a9PVMmrFWM8B**FmYr6)G7dGe#{$kj(m)S^t7=Di$|HQb`s28No<H-T%|4Amx#Xo
z_|(pM5ls*lev{=o2ny}=H~8oR7Ivg@TzAc0;VS<ZK{_A@i##l#M_27rT^t7$Wy$dr
zHXFiWj5m+kvy~x#)~1a$xyYjPQfkij(<}S5K-5XsimYbm??m1#Qy;`es34QhVzBcI
z$CG5Ku*OPI0%*=fqV9v?QMK8HVtSY8FJ+FlzkJkw<)i-!=4(-<Z3N0_>+w31!mQ}v
z_98&+y36~RR=3aFIdm;)JL{7BC-B{vYZz}LYX&|BNGOwgb6V=32<qbEh-;L}!#uXI
zq)xTQR5^RM@@g6$wNX*;f<7?Nf9A~bCFe+b)tp2=N8o@@X)2{=-_#!2TQ5BNuq1W*
zf_`6X?8g`aoP_0dNvar0su*u^&!=>Zzij&PTI(Y7Fnn`YoTLQkr$4a^J3z-$d&6~%
z^qvx1Fx8&v3cA}GNo?V_`)<hqMRq88n}00*)y@=}q?X<~O!ew14=FsLORzjYlE6re
z^Xa_LwvKJum$|@Sjd<P^tUBghi4ARids64M66X)FeKTh%<iy&RO1WN?Y*N2z1(WJE
zC#pTTG<F;t-g-rsn1qkrH~)b3C@?%db>0~nf9;S%k}vwcB-7+OGtw-l_-DTpicR(g
zIS@4gwTy85`wM-(-YfA4mOs%zB45XAZLJAf4VXy*10W3VFw`3USVt-c6w@yn6g@UI
zaR-T!vp6H;&g2;487F`I%UL^t7XNd5K19MF??6nzYtuY!3l6ki2{IAs+;@3pYyor3
z18M#9X~LH|{9>bjgumv?-{$k^D}zAe2Nb@>mtTyOP!1#(%*&DnmZbtU2Ko+kB2K0{
zhOI+-d*w^jpG$dLfUk6~jdL>`SX97T`5QRI0+B!t@7ds069HfNOx-NW%HTE>L7WVE
zyT8xpOkd+-Rpg4Zu_#Pw&*ToAb)=`}lssL0-|wAPxR{8(Yrwlh*=i_=Vms|S58Iq7
z7c6hA&K*vGJ4Rx|e=~^(y7y(yH3*6=lCK#21WHlh<;huwf$WmQzu{)6jS6-$FtGq%
z;*>eQPp$TRh94qcq30_3@qtrZ^Dt_3MK<gj<)YyGmFeJt)uoTlRlmr|x4Vsf)9mJW
z-ZG0qA2Yi@&SB0SsM3!3;(2<n1JS;^jf0CzTxchTCQh8>+=KWeQ%vV-3b(Sfbk5v=
ztwY${AU7`}vD#W(tUVn^)*b$&@QiegqxCnMnG1Vuj7Wl1|FyAC1m}yXrimh2d1C#J
zgnRj+G<b`CM{a?C%mD(@DJAPeBu@9Mviy7eNBYU+ZP#dEw@Y?|2bTxqhYn1J|IlnC
z3PdnsWXrdNP0yA&TH@Z{>3*Y>6`UUB|M8>oQI(b%TxIg^`UO$~e;xANzd-^uQ19yW
zHmF~%+e@Hjoq@O3q0agU%iHMba;wd5R`z22^{aBnSJ%OLIIRG*kE2iC8SLa3k*Ljl
zhUhU1y9l#`eqI09)Qf;hovoID*+!K<f(AMArG81iOLma||B@B)5m=eMz+ORHP=Zg$
zgSZsrVFc&=^_GV~ma6V<l)O=xb#I_0P{!n>RtL<$j=H{4{gdyJ0wYllbjvq`<y)&9
zpYNM4qQ`Cg0!&Q*&-C>@a$A?ie!ZC<OW`)`@fbOX4vB-#-XEhHV*$FT+IgplS1Eyl
zB*=dEaIyj~-2QkxMhK!~-}4JLF!e8G4?xNmcQ>2gDC3e6Yx?cQg(J#q6n3u?U$;!w
zB^26qkW}I9t-e^%-1{bCKHw9}@UO!D^#K&z7Vg**FC{>boxj50XVQ0@IwL4(E-*?d
z=;xmffVd0{pHiZ9-{6y=T+@Q0g_9m1KbO)!eyX&R!qNy+hmb^vNJwY<FYWXoEjkXN
zF}iOcMnIP$aOp1yZMCpQ!BtraTUJ~K8XbK*k?fBA%^vr-w5<311B2D`85J<b_^|JW
z82NWty}(`_Q{r^rTr2@WyYogHY$&Bf_aS!C+0+7bll=E?L|cN=uLa{bjn{+wVV{n1
z1*l(gtB`FZTJ2KU*^q@VEL$Z2`CsfF7vF$T7^tnbO*n5CSdb!KY0OkGy>cl)yy#3$
zel0=40Yl!5za^-zV1T>`baCIjssNe9v>!Z}<a^0KL#@FI*iw*L9}J0!JT=|9#>SBT
zR9qawfO%Ny`Q@9EegrM}vcLB@MK{j~`$;aa7d++$OCUp+U%RyR0)2Io6U$Yyd+sAJ
zK;upWK82_0#{v|@ny&yK2=hthr&gOk9tQ}&klyZgShB)nY~gRF3Upp?huv%Nbz*pg
z^RKnONmBB)ERuN+|BBrI9(x|ZyUU|<e+xZ-8c5_zepQ(-n{QF$ADIC^$DV+90qGUC
z|33YC;?44Enn69B|JmEat8{pE|JH;4X~P_7o|edAj(_|4LowgYt3UGS`CAYA2W1vs
zvo;c})Bo)4<kf<nLjUUaKSQp5MH)$_7426%`}bG|R(F~nFggEW*q@e+Vt^hY*{G@W
zzt9XwdSg29?hT{EU%dI-#uy2Zl`P{<0sk9=y{Aq_J6?HKE%d9U7AXg{Mnr(yF^`Cp
zw4}yp<;~Z;wosn%S_m4XoZE4?f<h_#8IbPwz^as-?B@b~8N=g<%j3SmAG`BkT|OWI
zyK^t7y^&EBXQAq8O-~M=xM!M*C()j`L)Yr?D$Zp(Fs-=dmEO4fx)_x#A7pMUX#E_(
z`-9N$r{reMO-U*IpoS;jXww5vbd<LsaQ8Fe(EX6^N&K!s7z#F|wBYj?sSbJwI05L%
ze#~;-5uV*|k7uNgTJAzfXfL-G68F6~R%dNTXbooS%*YYkj0p1A1sHVaN)kLKur|>u
zUpoC8CeOQyC?lg4LV^!aVDTM6MiQBtzIJUhrgcyG6@5#H4{F3B0L&_-c&;EC3FUNK
zyKeh8>NGuW$tg9qz}DE$v+Z<T(q}{fz5;4WDaFrzU!k8bT$JROk++GWrv+C$**KV@
z0VpdP%|qz7EB47s#ROE^=~C=Q^k4_))C*48_ovJ~@gunJ7=j0iqGB0<yJ@&F++Y9D
z$*1b5Lf{FyF*S)yS-}o)+k?g7vcoU-;?66m&jtkXNvCK43i73TKpTa$1}pvQPaRox
z<%L*e4`RycUOqk^=x!!|R#2?~zj?f^b1F_@^*&%gNx9Qcu{YTLqO5+6#&rWoUz^dF
z&!-vgoE5_PK}6oSyJFAze1F37Jyw77(!FQR2-?OkHk2#nHi&jDfE@F7rtF08+~4rL
z6#*}zRoxY>QZ~8pIF1p&1OJ5wMm}zv?RWtM$5HRlr^#cH)9Lo)p&|n$zoe9}HRzK5
zpbcL~Vm*BSlYRH#S%T+EFzJd?K=GB{ls;S+*z5~<>YmGwi&N@W6V~DG*awe@gq>MJ
zR#pgiX`V?RE`<j9Ma7M0-jxuzpQ3YVJXi_pR^UBwCryzw>a7?NPX_@`MlgQz+a4I!
z7ZvzQ{4LMNoYsrDquQPE6i1G?P#B&IE#!T(tq;&A_now78s;o6sCXd=qLDXkqMEJx
zEEX*{QpJn)aQzRs;YGcvI{YgimQufNKpoYKleSRNcthF2c(>~cYjw3dlTnrkNJ^p_
z@OF&THkh+QcT=u*#B9sUR*<ce-OnQn=~#J?N=IZf=^1Pj(w4pRYo3gZL)4FsRu5ZP
zz}ivogy-iL9>w;{HcL6HpgixFb_2~4j^LX(l%sQ0wa<ba??pMdOj=lo6moZ04|zI=
z`w;$s!c+S~_x(FV*w*LbBz9Z`-WPb`8D09@&sx7>q}St&#iNF_?+Xh}LRVe{+?+4I
zg|D3!5n^NhY?e_<9Bn-G3(Y2Bt}YXRa+v)NT&)tp<HLE{fN-<&LNjBrwHZtEBYVqE
z&+xLTZ&Z+f6-6(*2U`yv>F`7_`r#8NY5H--NA{o2ZlyJr{#&sUTU(VQ&^D2?$<i<`
z2Ov>Np(Z@$Q`ZbXJ#YH+93Bi}7I#Zl6w8<&+`3Q2-^oG?Yq#=45N=NIi-?VW+5Wvt
zXS*!V=5Ez=H>=xzDV^0)ik6=hIgB4MP6VGlDQe0uka^81Cu>3?b$jrl^D<$QJ$9&f
zn@=CAjGb#%8$S_l-f+8N|ALU-Xo6iRXFJAOW=nL*IWeBcm2%^2dcG&G+3l)YHOEiZ
zu8y!2A{ViUFAS@br?<()bv7qRHZZgnRthig2eAP&tNEk0hil%GPxf$!WtiptDu-Ha
zZ4p&02f62Gn${h_Eg9$c>FI_<x+ZF@sHp29wt~E0bY(6()9Vy_W{*zIHSJ`aq(ock
z#SD?sQVI`d8~w~L$t#u^JRNy-q%#Rw97X8DTn|hU6I-qUhw;MpBo;9e3%AjpYtFa7
z9mDxdRN!Uz7_7DUu@QOmlR4pjn1@mqJ7W*xd!n@5`o0L-2w|Go1ZW379xXuO4%cR#
zFZ2%pB(%yte^mVJnq$o}0Qw0;neB3IJ(0&8e1#GsIHYcUTo`@riWUdwxKt&4F<rAA
z(I{NNwCh$-kWO1*72JtAIew!(Aa`weJDF{wWZc*#(Dt+26@A|N1OmSA<E?U6)L~{f
z?dBa=w*)DKp@$tEc=+M!hR|#z-2mO;KDm?2f<WxF7^3wR7keBC8JuqqUclf;dgy!S
zVau4{X^%ckC#sg4ZkV%%(<hi3XG{_IQ}V~h1k$yU^fYf{&lhq$=jI<oUIqCSMcrRl
zZ_&ancL*MyRpqQ7<m4*!O^q=M#Kc5}Tn;?gHlr`CFEXM4VPfUK;{wjc#4WYmC0Xuq
z>}Xm%&VTs(n5#0N)^RbxEe6NXnJfiZZIepzU0)<v9meh}wNir-k$Qlp^Dx4^++L<8
z)|G-{f*Ef5ACeN~{VakvDJoy%b=*j&E#^}{@wWTP2A*vAj7>YFikv8lz6;CyUQyix
zP3U*9;*Ve%zk-*h52LLBjP83e#T<U!-pxQnu*Az9z+9h0q$V3;`oqE<nI1P)(hbK>
z$=nFM1WBb(SX;)E$r<=A3fJuwXP*dmm^hC+152|TewtFfACY5?TVrJK(zEae<E+LH
z?ISl->ZBmRi8CyAOl4$rQg|m#J@{@!LUd8j<jsm7rfou2S_J#W!|z_O^d}IZx?TM5
zb*Qww3}B-z&9JE3ars$M#{0&5%m+$tkI_{XnjVuZG8N94c#WqPL+bLug$Gzu#8oX5
zRaRp%yBi&s@WQ1>2pJd=FL&@wwGKo!5EVS5X`v0HQtgK@Gs4ZK+23KYZP{oZy1Fr9
z<$T!@mi+@(QUY?!+WVIh<S$vCpLg-s_gD7Wb`Q$d0^6PQsWn3$o~;pfN*02}c-jj#
zrJ?6P=b>-ZBWU_uhT~(}l$KF+Cpk;&E);Tno`wICK8o<wqgAizVTspzwR$>#kP|XN
z(+NeP^$Ie#rS3hdJr}x><4GX$`Mh+xcSeKc^xDE~dUvXHs}J0wxQt@nh=6P&t@U^g
zetY>6MtY@v;{DVIr-S29*}M3@WzVyphg^@+Z)dTKzNxrkly0-zoaM*khUztz4JTbg
zFIs@zhtJ_R-?YMZGE1m7!;Nyg@#c;w_lK)87dkbIXgBK_7_8sg^7=8tW1?wWY~Bo@
zpLRV>qHDW~(c)PDo@Q&XqItfk6E4rqMr)RCg-*w<0%LvI?4~2L+EPx~DApytFb+d1
z>g{P@JRfyU>oN$(Lr8zLcH7CWm}`8*U2<O(RO%(w4oG)~0!A~wocQiw-NdLF$Z<*W
z5eS+ts8ZZ^R%9~sNe%T6BY=uxCfpCCsS#De@@p*s{NDIrim8i&Zz?L_;XJz(YFx%&
z0yQ-o-&biquqq^E6R^5c^@IYK=jz)X19oYKl$C=+`Fl5l83VKqni1C28*lcI;*)wz
zXS*)Xx+8F>?f7&TZI)~Yo1OBEC<~S9Oo$-T9a#L$RJ|~{5-2Gct=6<-tna#oSw~@K
z`u^Dqz}<)J(9xkCCg++KdF~R5sm1pg_&Q$@WFz0U=PTvohbtzk#3!D;p|ER9?ualp
zw%af9RH^=`+xksG)8|5q=tP$hU1M_u*S~Yh)*7)bdpf?JX5`04e6#o6iV%vee7S^P
z@c>3WyG7}}AA=dFb#G@{U%Wks3i<4n3H|YHp-IB9=UjrEY+GNjSG#dxc6GKF%yERv
zvdVu=<=w`uNsoG9UMkY`z-byTpnPCPc?XS^I;@?t)5v^eb{iLJ9m5+o$jb#&*QEC2
zC{&Fq>6z8-@;;&BarkTB(9Rs&)7C?(6LBfqla~;#zY5pOEbm&nTv|smin)Cw@_~Vf
z>!C^2*-jH?;{Etb4;+3nhDDMp+DKOn0<X_kR6mS{lQ9w>xAj=pv$5vMiUOt&y=fEJ
ziXxGgi2<bet{CDhGZ{D4taO|GOhfLD?`svO2rk#4>RU1%!+53?b&r?Otxi8&M#Xc(
zT&_65qM9b?NLmwrRbp`dhMLpr?>IZXPCJ|K>w#oppG<#!-ns$7%KbwUrTThHUOFM;
z>L=rwnguwEtWm5?&ds5s{~&Rn`0UzU@9B=-lFrt6j?U0sdLBVp#{^iF)u?*}At``&
zMg5j)K!Lhz;20&v1XNEh`5tSggtEKL^Nw84aAv(mF}?Rnf4fgYynWHMcC$R$Gqj^&
z(rP!|vZn}WUg`1SQM+mZqt%YnB}(C%j~66d509|Livt>hTy(9mOS5zVsX3!7XRU0`
ze6f8qUn4eqR#yXlmW{U82KQv8TqoWSa5`O<$XP94Yj%{6rBR;sFiL9=bfET)(&|B6
zJEN2+g-Ui$i{wb!BZ-YlclQL_JgyBUtabOM_Xw6z=Ohm60;Ks>jwy!Rtm#eW8Zhlw
zYA{rJu<M@Jgq^hdq0RC*6V(drG(J~t%Jla4GHSY`inlzwy8)~F-_)DlPvYHUKUc8f
zipoQ*)kk=M>OSP^ZUaWwPaYBoh<2H&oHk`*i&aAHxkf*i3oaWph2LSvSRXp_g!;gy
zV#_-{p0ZvhlF~Uo8BCQAnPd$iVlu9@Rip223b)=dz#k3bNpC9*rC)zOakgWwv^CV;
z?|_i0*29Z8ClfMmg;kTamP)aRX(gu2UH5)C?SA;GkKumR&vw8CbunDO-OH;BVTUzi
zwhaomK=D4QV<dtGN^Vs-$dUHN((TfRUUI_ZQGYU}z{zajyIDSEo2Qbd978aj>k30G
zV}@XlnwR+<%pTg+yX74U8Ri3wlu!J4NMyYNX&*crPWfvIwRF;BteL@_&wI9=E?OQc
z;-vuw&D;phlVWt9<eZ9BQ3G8qh%0HWA2C~>K1g9`cnu5}opli1=qQ-uxis@&zx0=M
z`+yA!LWI{Vzt|@-d!mYYoKdRLSFqNWX?O{rHsD?c&##|wW1@RrgItx)h3?aG0b~5)
z%`a!H^p+-Q3e;*psO|ejpzIX_rZ7XwGcF!(_fa9f?pV5`@;>gDINkqbtw=Q&M$HXh
zymH(nsIy_5Q7{vpzn4f+VTVlrMX=i)ZeJ$j3hkz`S6P+p(3AP)X%X}{4~Rqj(!;?N
zT8#jK{@NFuY1elbWNXneloi&DmLefUQ4b@!jNfWXLLJLF^iEhoiKKZ6i+yA@TQFEx
z&P<zF4Cx0BCZZCOLu3MQd}Ka=XA)3;uqRGFyYQ`Brz!pNZ2%Bpry|6Ff4IAKMhat$
zGi*X_bhxlzw-&ElrY$MMK0%fku>-ky)AB-{LhteMqKYv}MeavJdXl&EsX3hJ6&6>x
zC-H)7hG+XP1w|#}6h#Vr`gG6sJS$N5odzM03AvTt>ix-zLWUTfq%2o?i1n(3)BtVg
z^JI1Inbv1mi`Gr4rUnm61_lNhI<1etc@I8@;zWj|aA|E8-Z?#nr*G8G1`8<k<H!sS
z<d)3O_wDp~Y<^Skl)06-|7D|TU{Fm<?&onGnx3$T&zw_qexe$}o*5tF;{&oaYx7;+
zaSe?yh_Xj7%8=xOQLNmiU)HQ(w5wdZGcr9P<cR7yJ65~D%CmdXlt^K4CB;A4!+|&0
z$e83Xv)mCslygJmN_#m$-Ufw>Ie~Kjtp2EatYU1>S;+q)&@75AE?+dqot?cpHLH7Y
zRrSX(IoKYz9puGaM*oJilnK2->m`|nl0tB?w(#a*LR#SYRm4d4a?y(Oht|h^+}qvF
z8(o@iPYn%te>iUR*1Me?GPB^qsP4G>mmALxB81ki@Gsnx>-3!gn`^%CpL(gXXDxb<
z_Gve3)1Ti*t6wLtc1wGDlBOkBypvA}iHuvu&Jqf54@CUXM~p2`d}PGM0oM97FBr(x
zYHX;0)@@9~=~bh2x1#f%_@>jN`98x-+;V42j|h&~=^#h(ZYmSQuhU=mXf9)2?Hl1C
zd1ck_<iHOIJlGIdrQN2ZkMNF7&52p_qGtHMR=;;!{DH6e5yP3`4InDqCtIn;xOp@O
zSKJ?K3i|BueIg2bBrG&vj;IHxKjNSkV-THodyn26j|Ih<N<4pY3yI3@o@HnUnhnWD
z+>qN()v^V`mIalFni2g2cxcbMSyn?ec|#-U>99NK>hpT5Od*KrRKhVEsUd;Q#Ngb|
zpPk`?(CMLDMCl<RHiVfh0w!yDzazUFw|>zMtUAMv+Dy3#V)}V{cuH_>nmmqPr+3ps
zzzP`%aj-PsP^2Z>P_8VE2}LiZ2sk#F<^CMb5errvZC?yo5jL^VJ}Z(Q)D!mG6}CI>
z<9AWn6aubzNy`;|NpG%u7r9wq6|lNCLdD1kr8rTFLEVq08m(W8-0MKIJH~qsMw7s1
zm#_s;qp|b${p^4fV>Ta6UD>4L54O(0csX)J=T_!|W{?v{rJvg6&}epib!Dfh*qo`z
zYqCOlHd(~2t6*gO#Ush<9jpUWX0ASD20v6F0*bq;w8Rxo)%NYGqj<IeIh#<o)0yFm
z;uT9)WeYN46k%XiuHfkNrwc5j;<gn{T)#NS{CS?1*yj+2yGrhy`Ow5*kNw`TGFo9J
zXL+Jn!YGlz5MqNPRVHIuIOa9k6Y=~!@$j*a&CkilPN!%3N{I<+FPYIX^u$CT2GSgq
zP^Ct2ha!$kE-_1OKQf01$o0Vq(6NpMMb*iYips~l^g+5&eN0TGccUsKQ4|nr!}fl+
z)XV}!sIBu;CNr-YVpsaRO;}m)$^hP#D!J|^NGb|yko_fh1t`U;^ZSG(6@G70wMG%Q
zbBIyh-OJYAk!8;gTU7?~90l<aW7<|bq*;^xMzSE(=v-COQLq}j!mF@Af$vUiXqF4X
z>Cb0}P8;jeYpb45Wr?2xxwvVTDJsrflnQw$Qn~_>M7|QZP4j1c-rpI`g!b&mT6%ez
zX&>&RiglNjEY|tCOsA@*^fHuHZ>WJ(fgx4vkTS67I|!b%X%q_?nii1G{erdfxVpL-
z#{0w?F9{X*c_Q2*x@q+^c8IS>5-$tW`9h8%qGCuGkKsbpW*go|06EB&_xkJOtmhMK
z>;1Vu_OQGVO#)Al@8bI!P571vP0x-Kb<6c`e2@2-6dZ%m97fByMth8H!y>HRU=K1T
zB=ia#8Rwcm(jTAg&0d~fD)3(LbN!6y^|C2+aPH9kT1!DRM$v+O-XXQ(M?vDbyOMfb
z9$}e$*~>rNndvd_?Di*IDHR&YYYC@@F><9EqQ(%TkC44r{EZqDSTVZqbAE^KhQ{dA
z6cj%z=wxKx5UlIxOjlSPE#`S}VR)Wbx6(C8+v26kQw5qqA@&f&FKAB4DhaRVaV!aZ
z4@D-5%!fE0a0K_=y19l;)TXB${PQ^GtDjn~rr*KU>RmwZBy}#?XLMKqFzfr`XN!uO
zooT+V=YwUI1oS%SBo9pX7~>0tZJVnPm}xJ|t#T1x%)JJovn-fBZkN+z^j;_{$<<3J
z&Auwxe9G+TINxf0hU9&|m~^`M>Df`2<_f+}BFlj!!Re?>B;Cy3k;$D;45j9U|1?@;
zwupQC<jCublA~^-8U}z1TcQJmmGrru>QBjH73FmC=nk@;v9NNLalL$6dF-wdx!A7t
zJ#&bEd@uafJ*S;4&18#L)1u2aGP(+$_jaH5JnzK=OBvIfi&q9qQ+EAv$!7c05J^?6
zzLVW&o;!pH-NnxI-piLuU{cKaVV^u`=?j_6ENT7`HPS<LM^~SaH{my7iB37qN7lz3
z^wxHST0I$Y>&u59EJkhxJ*B8FP<5)Kd*Uy_jtDJ&sg}>IJPjO(3fQTA^Q;RrHQ&nC
zraQZZzU=!BQIBfR0#3D056iTUoAmCh76YSvcv#{vJ|-+3c~4~dS%xA($>De5uPpdB
zTeb$%mi7CmNu7gyPAI`F(Mh~XShxGiK4f<wUoS5*=!`^b;rW4cWiEX6@lxp4hLN<R
zG+dmgJrGredS)&mdBf_78iwIS;VvY!O&HTVxeOkETcuw=0WtBNcb8xC#~n|+;}6T<
z;A^zKScbW`5%)5)d%CB4OCW`m9!atfyN4A}fE##8(hMu%Q0R@S20xsRTs2h(e6hLC
zYYp;+NNZE(>{nRUXSx|{;ks7%y+H(ak*|a9;TLT{2`4Xsri3B+tMw5p$-mgBkSoOC
z0=b<SW$7~+mw;PzoKn{}pVdJ~8t?TCqMyt6a+p4VQw`r{*YI_nq7aAf&mc_h<K0wk
z&4&s;xouhfGn2kEpM*4IVESXxl3On9siYv|J!X6K)<dwXzAal}3^So(GVNwfJS#hW
zm2C=N3pe0Ae=k}rjv06z;R&<)cr+1I_H(Vc^MA4TO<kHqO_yD^Z9Qe%wr$(CZQHh8
zT{gRH+qSE^rr%jJ7vFm`e_+<W&dhZpGV?^l*%8}nAjurRKPtz>ia21(GrGak7`N`m
ziuC;mZg|S<N_?o)h@vC938l}w@0kU?BvkPMCd8a(Xj>Yi(B@MSma<eVZ;uisKdS4L
zT7#QJ=)>{G7lG)8!nPXbGNV4ou4PCPE7H98-c!f+2mitP!$Zk}r6RAK$8F+pcPvd)
zkwjhYZCz0{TyFGSt@4XfGG?fGb~~P8LI$M!N7KgoMRfX?WT8CfQkY)OEv`VgE)*#%
zqU1TkUOt-~o?oR3EdJ*yz0v82eL*5ySI_i!O4zHB<X}We;!O99gv@L^!K39LLZunr
zc!Ldk_(Fjv_AIChi3re4l2~lgC6l!)0-iBAa27?6w{&{r;#f~OO^c#Ij=v-6hD=T%
z4*S@)xs~??P?#|`s7ZCN(r#_nP4v7$rHh9pZMhvDjBIt=vH3T)=|av)(*tYsfd|H0
z0Sd)OPM}7bRp6}Y&<5ot8rMsN6l9<`QpF~_JwG0_Z9Ifrq2wLg-~dy9@V<}TawI0F
z2R43D1(JM7|20kU{lj@>{n-5PM|H*TJvI|k(Y?j|9}Gar=z@;bl-5s~CJHorWK)v!
zIC<|g!Q0?NBHzA{?R2~Dfoya8Jp}jh+~wWVC@Ew?3%(+AqssuVhxM&JqsVoV&{*u7
zD|_Xddf!I}D<sD1Ct$A;ERv#EDaH#%JI54tb+?Jd$any5x6?d-cu9dV?a5<r-*cRn
zYOqx->xsc}7F5`m1e~j@vS!W+{;=%cTAny@!7Z_g;ENc&&l~M?Qmgc~*gs`pJj%h)
zzjzK@Ca{4oDLJNp7X)}Uez7l{Ytr@0Ta?fPT5V)Lud_9~ErYIQNq>+)-=!$Itq6L*
zWi-?OuQ2CO^eW<p7p7PAOD<iQAPl6|@iFcg>l8cYW3vl~CL!)u=RB{3xZLUZftPi_
zh*0_cV!_K7Sc<A@aakvFXefq)e9-aUAUZZOVf%4=$r3nW(3OrTR6X6-%S4I)gOiPB
z7c^@<0f_I|UP1Hr#q(tYAXe;FZ-UEYn9xx%p`z0gxrxv=#Y{?l#C$r4jt~KpWw2l4
zTD2CQ<^jF%d~7^ky$uDwv%L{gI(AeSVVe&N<Ej6AfrynyfY?T96d)yc>d{y<zR5(f
zp*;IC-d|*bfc1(h5}E_bKMcyHAX)g5Taw~ZuYl9ykH%JqQZ|n3bD4<C^F|;pspJVp
zI(c#?et!&cvcTvz$Q>r%Id6$s^vwp<Mu0~k%udKWTx|!C&HubX=w><_j4Twa`a%QH
zN}Z+0tl=Q&9}ooFAUBE$R$POJeWBunaLD%=4WP1^&ykPCoSYVUNqAvPmJ3BFkMvz8
zRm@nRQ8cPP4px`X6cx20n~IiFR8j~r=YF<m@o!Xo3JrAb>K$OB*y12@kddO>N=v>;
zAhR8aDHBvdEGgW_YEWGh{yl}zAEFN>Z<8?b=i_rRDEscr1ioKsu65wgIeVA=z|(j~
zz`4nYiPk>%3wR6Nf~2z<!f|;Zr52aB=G1$uCuoe3dkZZ!9;hl^Yx=;i(a3u4z5l|i
zQ8!be!p9*!G#<g_R8pj&kGQubol&fE$x?DeIg(7tT--87?HRaaCT@3GfPaK0DcyT^
z&r-oPKHoQ%Yc!(qLV!{9gTNEJCI+n@gy33Mi4*_l0v>8y>IJm%+V;N_T%hD1{ho<9
z7`|5?r*oI|seO}>J~4=xSOWybR1>O+NbOj_TsA%)V0si*hIjC2TvbwcQk=fP?`=|r
zgmCjT{b`mYB1<F_=$xKu%{WkNn3O1TD){16*}R@t-3c6>37>}q2N2xwh6yDrmhQ^W
z+ywD98PR6}_+OFps2&sTN5W%+oG}M;ad(c<d+pI=Uqyo(Xy+c!bDFSing!7@LMIEU
z#=}-e_=-LAR7%<mPJTzqT9&-#qOv_5?S#@ZJ5o=Fc49R50H?HUG7MSXuU5kr-QIIj
zl&^mCb|XY#Z)bXZ$3s_|@&qZEN7&LPBwaPJ{e)gmx@#L}qX;ujAuo4w%YSkb=xrF@
zGj2_=Q@Sp=AE*`(@&^j%Juy4UOkzo79_{TuDIxD2M4=ZiE_~-!D0uOu6#P?*>Y|pk
z{y6WRN6s{x_hrO0^VI88!x97s!R?vGi6NsmT_cI=<qdbCf<LdN_51IGQj)-z4VH<m
z9w0Z_nLxt&ly3L3>0E_r?Xe{VfbHWbai4~th7kXQY|s*t`zKwK32C;i$usI+7ba35
z)BJ_`4#hWH4k$kf;#LVjRo<{{7&mC9;URk=3cqPkvrhxD4PEb}{ZFK-cGR4Tc2spb
z{ho#%7CV%dRfm>?*Qzv!Z^f_tpY)&M)0^0QLX>)CXxbLPbM|dq$kXu+co0k)FrXxt
zjNr(`bh|Vic#MNnk%jO*vdQ=7T;aXc1VOlU*}A^<;L%)+Fs4We$R1bxJk6y=c%OJi
z_M9#BI42K?tV>Ssh%mhLGZr3Z2t$lN@0m`Me2h12|2ww84b+Y=i}yG_I+%pii5D2o
zQOzjZiJVlUCf#&#N{YZrhufGDvtNrCS1dvg@ZdUwip*Zv2@UKm#vIncCh$mFUkm;s
z#<_O4#5RN%$Hc2t0Z86vQ)q&III#4gveD*l;sRy#9T@uDYHK6PoeHNmW1G7l9e5QY
z=}t84Q~v~((xDBuvb;Nd#*mEs_Nv<+_<+NZ9RNYYxVuc27a$BmCfT<lAk<_nEGQzF
zJQP1;opX4mnpy&eB)gRVOfcapQ^dTMoLbyoCE^V7lv|ruBM%}?=+u`72UOJ;Ui&U_
zKy5!CXTEVy6H3t7k2@V1ttejN1hiL1IxN2ml(X*1+aDQU*Qkg@yg8Pc;nvZJS0}S=
zxN|&KQgHU>s<eHddYmqqt|X1p0An1Kva%YC$@|BRDEr0bjAz@Dqe7OR+Ei?ae)`xU
zY{C~9?MWWRun7L3eQhHA1az+GZ4i_jO)lyS@Z`Sxgz$oGE_!?*PsvXg_?dFRwH3_K
zl#Fc^D0Cgjp9(fk;#7tb`f}asE|2@Nf1<KSL9%Jh{$hM(-@_bY`T%`rDpKJ3d)}2l
z)I(iP5(A&yn*O?fwMjn5J;Qi!hUGou{OMSoX4-MSiijCy2?f8T=nSS!EUf4UFReUS
z0vFc6-u8rG&~H)_8k2-1kW}EXgut)z^g|&6x@A}#-4&S}g%ifLk-!e8QTT{3Q1mQs
zaM<&DsI04N(VY^V|IL`5t=Ja09M*Z^x8njMME3zox?a^Dl5Iybl5viMNRNy|$0zK+
z;nh{r<Z+!9?tg@(SC8?Ry4ZZ@M__->o6YCe|D3iC5nP*Hevq6zf{*jBp`Zghr$IsH
zUNm>zfqH%(?KaD}Lk$F`VU*L|eP%=Nz$3v>{Q?anEL5o^LGHD^sR93AyZ7vW(J*@8
zrP!c&8@|(kDX1L`P^drh3VoT1S4bx8ZfRNa;`ilnw2v4vso!HVB`?Okr*6BN2fjT%
zRoH|{QAjIZ_}{l%iiY{jIHFF}b7w^9Q<>BRp4ctFX8FdAjjnkay+g7I=Z9kwBFp9k
zR07eWOCjE32^K{Y0C8NquZ3|P5@)Bw6Z!1k<L(<<?|ZBHed+GCXziWyC-b6+=~7sz
zl2MkJlei|8tnthDLpjIhTsYCn>YPr*?g@HfDiReY21wvv&J3Z6+|+If2PZ@7Ep`{U
z&3F~2(JrLc^56e7x(`Ekg<xr)K;8M?WmFy*5krpDk1=AF-mBXqi#kH2;`1J74=uUK
zdwaj--(H;chbE%X&w}jeY;h-TzmQDZ59MX<rWJY#_`S&ydf<~t*qY=0e+kQ3?UjAk
zROW_!h<_Tki?S)Uh{weg52u0-o7fD^`aN)U#)!269ftqxgXwT&hc`V)xwyAH*4E8u
zU}61Ha0hI;MA+2$X3zGH{+@y#kT@OV|9<P6-?2}4fG%_4=VXo{#b>)kG{yM7L^r*!
z!#5;NYgx1__H~e?<m&32pI;ATTaguAIfj)J_-L_=Fdl|)?SVkUh%b(ATr1_1Ih9|v
zwKdzRx5Y~4VL?`QTBuYsvf!1)@%vc;dtz8BR+FCkkiJVM@CTdqIj4SmSnZ4Mp>65F
zS{+#19R>gG{%q$vWmNerg?jCU#{co+{Pt(HH}cm1M-^7dnAP@=%~osT{Vi6g$dw1$
z0npQ;$F2x?ZGp*mn8+l2U~3f4^U9V^&YyY%ZEUQjC&acsk1+e>+`YVg8N1)K;`x%b
zTeV08JrC#*zh?wFtg8+!LGW>A8;Wz(F|D4TF8PN~{XWFIU%dVNE>|s@5$5R)uaJr&
zKcMr+em*bw4?FDrVdQx~dB42mzt_MX5@Y(uFoEg|?-=V!by%?ikw8(oj%+#+HnvtR
zaBdP`po)s%H)1@AGuqYvwBIsoJlT=HJeJa7yBz%VzQV$nmGm#IN75}KO7;ZLI8yO^
zFIkzCFD!*Nj`S>wOs1l0Yof&CB5y!*b)Bo?aU_4{zXiI%7=cIMZv-|oC^glP0V&O|
zw^U~*F@`vy%thbOW$CZcDli;nGdLHHPklQ6_N76pxvXCiF&;Un&5(|K5H+;f@x{{r
zd?JC2jt(g9h%3B&qe-F{RRLe|-**JPuTCZUwG2yr3ZQht<Zk%(&L84d8RO3NZBZvz
z#D<@B`!4?Lv<pVYmyz6qoUhx0^OJ55kZdYEKhu7jU^J3iA<mh^1kXAOSVfM&;XKbp
zK|`v8PqX`a_-%h+G))MFR(desd~e_PO*#0d?eJeV2r^|eyJGF%PycFiu({bp7L#<C
z-3IASs~<~UPhf~CT=4K_fA`j^Ub=P`+X`o6Yp8w|ow-Ob@CC_tcpu)-Pz3Egt0HW8
z-hY$tgJrH?U|hTzf&U@eJ`r(MCm^<{84u=YRMi&?cjy{RB6NKIkNwU4HVDW^?|z7`
zH~g$u^?2wwWyn5-(Sc1j=bYhKG)vjxh45XCJGgE>9u7E4B)U#vU7a&58+O*w&xL%w
z#P``&zem><6`)D8`2a0){sFPA(H`2@KTJ0N8?f}|(ZWn)%D%a1*i2043xb~~3o#iO
zDYoZ|)px6Y5AAL+)9r8;k262xaVZ*VzvnE!Y%p2IqO+A9U2V&Yi%nM{1ac<t>AYCx
zSlXdSEa3BnnZ~MSDHy&<fNe_Z_nbSs7Y}=FiFp<rt3`M3RN?5^aJA~6-@rA55g9*!
zDULwaZ5)*BFPD8!<bwab#p^sb`qHr>${XH;gyHr@K-U29y2-F{K~@8ILRESvV_PcH
zptCFc^y-?oZejE>{dHI?zc<Gq2z9K?1We!xY9jPk(O$6Q%RM3h7|C)nvDhD9{Opvh
z2Qjp<Q=PX96e;TxvQC~U?{n2(=qLUMf|NAXr!XcrpA;b49cSg(cgIn)<3NC~*%c$W
z+@9bd*q9v}vM}-6;3EOn)20y*J+FANWMUj_oM`5qQS40zwbubrl-6e;wl>Ya@skq6
z6%3h)8EF*5gXQs<<b()=Br5~3P|={oByZU|X%?25sALC7Vh;~=@{nw@XITJWw<&|X
z>GXo%#bz{T&HFo*Ja^@T;2C?p&>B`Jx033X7lW3Q!-vBe?*k@3d!G<DZmQj2V+wb%
zW3+^fE>XzvxCqpj;UZ<PN<mpmgf11P`E<6kO@}i{bmur^ax%$pr)N^HFVTc+CaFYm
zK{sVDh62@=+m0FQQ(W;!a=$m+;R40!Zr%Tfe$D?Ix$f>d8}<YoV(1QRPDa4ILR3<d
z7aR}3{)Cs{M6%v2aV=(v$4W~4lr7<wJ^iSYj_~;6SBGNO7M-BS<qAt#*--HD#?9gK
zge#Nv%Wg-g@g$Jm(3Qqp^o+|!vk9UezjkD9@7K%s%jWnWAGl4km^Z4Jl`se{pM%GI
zQTESq?{N9zN^{5)Go;3%RGUySX{5?_>v<=iXKrg=x7Gp8w^5AzgV8&<oSD8LzBXIs
z#qqMa*u8Ps8oeHH{jZO-eYk+2H}3|O$HmdVTv-`?ni8w;3pGTsnP#AQyFOosj=O1C
z?QLDCc)>1IWNgrObYFwW_v3Bn72CRTY#`SUlko@a>Ija(C*dV2pcz`2jA8U|fz=@3
z)cjbXBT~-D^DjQCB;F<c8MfB1DPy*WlP#l$Q)je8wwER)Sodx!FAOF$I`QTCl><0k
z@CCg+`p}|li`zr_5*ofk35l#Y`d>TbXTNBzMtN+8u1gws3eZs0Wm2|SGBJ}_;9>$q
zSP`S+hHGaJBB3F6IJ}TcSuU$+d86`mxn)LxWNj%>5e!U{ZL<kR`RgJwDWuPHVzVt1
zZxN?OWwxf`<)K5yriV`1WCmuPJ398jH8RkkV#68wGV#j=T_v%=BT7Bj(ncgJn*)94
z##Oh5*;~9?%TNa$B)&%7mfI=3%$*!<yhaJ`&GCBbF>riQPAN#rA(AJU*|uQ~DROa)
zzCIN9d2-7}d`7#s?RrI5s8JkyG_iNh-l99K-hMBA{ssFPjU9P>+OfIDHs~wHfWs3Q
z!lGKxazq!E1)sr#ef)zMPAoZ#mL(yUi>>51<!$X&LVd*l?~|1W9d0Sr>2NA#A|@7^
z5G>n+VOR0>_5G8OfQSas{l~1i^4W_rBxrQs0TQ^Lh-jXntTE00W#M5hoO?4-e*4b-
z&yPh>h04Eqcc0t0e#5s;Nl0%BgnMop3f|`&q}nly(m_Ne_UqIua}y5TAwDe)Cw9G|
zjfiN|F*8C;2gICn_oaYFWpm?!sUt;gg@2ptOrpuFQr7V5#H?-;<iz}6i>cX>WB6=<
zX%4SH(E<uZ(XrE-jtg}8<VL##lo##bROG6-x$v@HXqH`A5{aPXtX=@t#Joir<z%WH
zU5ZYKFG{)b{*(-8EL~DDY3^M=p8`o`AB3!rcBwyN8Dog?1?_<$j&_w}6usj4Z83U)
z7AWaNFc$}W^Xb&s(%Yp_*S)NFxqPm;vo%8L!4iuCQ&vVR=K4JqDr%Yo%D$M03|Si8
zpMpbkFgf%G)fXNN+_W&#$?{kucEf=YNxrVy4`BWJ?V(NxLhlKl5-|krheuHc))7y@
zHdzt|yBUpMXp98!wePIq>ps(P7?pv%MntUin@unj5#xUQ*Wl}Y&+hg9<tPXe@Ac%`
z=RxqCmX`w&Jwfd^d=~k;;lM>|!~*9#Q-P7rk@doIi~h8h7rT;h_-A-A#wneSAOtHK
zRWE?lcSh$8PKCIyCAjS#pmbqTv%#RhQ4&doY5nMscWqO|HZn7gs%Yul=<_j6T1h-C
z`F!kyy4;fRrcn{<_$Zr}(rY#|pv!5=&e73<<qP1yrMcL^dXRreFxEdXBXRx1GnI{Z
zd)#k5)QV!Rz%D@Tn)PCGLNl7Ozm`sC<xYpo6->t^y}??j(P9B~aQ;R~DrWgF?}b;r
zhV7te3t9>~+Uh~4{EMEF!yg>9p?3zt+Q8K7?O+1R#H?gkL2Vu(BQ<^=!*N=t8lj%;
zaqYMS%UDAuOjoCo9PA(_ZAr%;?(;$2PC1eP+lMa+Q%^yv4M+tYqo`tD#1<)`HRLUx
z%e0dMsc(>dY^5mue!_NeDk_GNi4EkRHo34$f5STDrHZCb0P$#~`XiXc<O-cg#+c>s
zV@&o}s|)JkaH&^@<Y+Jn3WL2P8*mtuAM>P&!p=C{G2&(@j#n>-#H_3YO>Ps0Z1e#|
zujfTAPkc}nyq%V7%x+$6SCd`LpQDp(hWZ@dSnHPBwq%oPmp}=b++a>iK8gd}rAdZ#
z!$owX_Y{kaH@SfBMKDA`72w5Fqji>zQfVoE_D&qCME6Qqx1jRasll+&iH29^xX)0S
zvo@tqbhg+s?{gQZ1gfyVRlulfY(xFARr&(NH(I>W_Q2I+9YK?4r%m;XWei-4GH+`l
z`jf^P>ihgdZaQ7R28PVI;&!ZZI#dK7S;?PRR{v;rLMQTpUwPURO#dr7%sVynnS<O&
zJsNXpvJS52ZRYzT_RUxi7ck>z<9oyNe_!y#?Ae!ECJCbjq*$(xOX4|}wR849&@%!1
zOM>!!uFv{~ziW?sho%e*)man0nif>g%m3lnQhU(D>1gIa=QixpszvXz?^?HUTj-t<
zytx95xg{BQWo2dM_*7<gRaZ~C9t=ZK3e?DqN2cYNfSQ2v!9!}iy)5k>EY8}V!dSnh
zjlR9VE&S85n{Gy)cRZ%(eY_?(bRr)jUSKEujNIKr$e;bop`uk69Md0;0;JB(_j7LE
zF;IW3&HkO(WP;QCLH`qx;{Ybt_XhKIG@{d@J#Ih9bU(c67ioTbKm76Ipe9DQyvq#i
z4<|&IUGv5J%FuE1?{~=!>cil>0c(?c(Vxi1PV?;fHu5`fWHQie4cvQvMbcPRs++aS
z^DX?d%<syIUR^?LPdN0~?*84`AmoyYYGJY&<FUEhK{l&7lFYHRy)(?mTM~f$8?lUx
zZVZI_h5`08ysF5_&;*n$K0s!iJiag|I40oV3c!IrAZ7HU?Y|NdrT!kiQec$vmjSgT
z#Z<Fsfrf?+=5}N5{#;-*GMKSQ?1h&-ISKwVm>y(B;{o#zeCbR1+xyKV=23Kz3~z3W
zZTU6zZaX$|h44`k#9gyFfpE==G2i2TRi6$HR^X<%0NK&+_*9?L|2$V52#6~}bap4?
z$J3GYx}REcb0gG`s}L+)jD*pb%Jxmz-tzKOv7$&v3@b1m8W>uZFzsgu;a_hLIaRgQ
z+|u&U+<QxCe1y1?7#H%O{Xy5GVr7Aj99AF#Bv598zktA>^>N65C)MqU3Jd#8tkl^*
zd^*QT(j+8zuMq)pjz{LSM}2)`e<oeiklNuu?T%6XaDGpw|L2nbh79<>8_I+8zUyHD
z{TBiyi3w32B!MY*=|~9w3k+EQ0#-h(rz3CEf3Mj81X<*NJOEYT)Ai31{}cTthzU^d
zCUeQRsYnU`g$w{N6Hz`O;NhAH_`i`X_|Le>g7UrUVgmmKgCxlD5TB%9e|}H?|Hb_u
z5B@(qx0KwW+51`_5U>f?H4R<v{iX>GhRWme*ezj4QMhbXpcK{YpLx`<xu<4Tpw_wH
zz+JdtarZYK<+yF&9Qanbzf?i6SZ(mULE6(&#lPbrPB@T*^U954DS2r8*ri|cXqhTC
z<fq;IZW2<AK&5AkjvN;rW64JQl;Q91KiWF>?(Kyu752rpqv?7_w@MYIFIYd5yBFCO
z%m>#_f`tnLlYY+R6W4B%wl^-(jYM||Vz6Vd1qpGtfZvgIXz$Svl2}s4vjcH;W&|jr
zt&M#hqWX%~@0%j8Kkug^+UxH$rAoBR*JhmCP5e=e_dqei?3-iz?c47LH6=#y2^(U?
z*xZzHYvHxSs#BImbx6)LwI5$^**{6U9O;pqA-;-JrvBMS2R;`eO0{`kI=5~O@tyzp
zL;L8D*kh3=A8j7_Qk`pI@Ql4TcfB}GuH1&rjnim0&UMu8y)^ASug(<EHY@~t0nSa+
zct-HZ#@Fc2sMh!S-1QQVZD)^0zBv{*Cpu&wc^THII^HQ?@#&4<9J>;$KeZo+aI}>9
zZ@&-`nTv=yIW_lBPs<zDZK4Va2unwd6wjW$NV&5X&RwWjv12vVROr&BKTJ-QDO07;
z{MGL@5<U{;pYPlq?VddT?akHix^n*D!0<`;B=tQ3AQ*Iq52=$J{x>``In=|c2gEuw
zH2v=fW+J1d#5@9z=0|?qzd0PATGbsya|1NQVcPoqAO{xBiI(QW7CQOfARvUChlr2E
z3X5UwyT7R5^=$&XPH^E<))`4SK{0kbu`puqGZHZ!xDoQ7SmOfWk9u1{MguA%;FkYp
zzOO4Nx*(EU)ksLjjK+4fJ6MfXQ#6PedinH+gnY{pY-#F-=zh+UkXds<>wS_y>qcf^
zUAiyYOvRFVSl)_?001OwuUtjW+q%L%xfQnz{p|e+C7%=?pYa^)c%kc*f~&gkzdx)-
z_j&CPYI(yI7*PW~Gm+d?5QVkjc0BjpJuW?HmC8zqhUH_+4yY;Yu>yAJF?;!bkDjg|
zI2#w-L+|W#z}(_<h7L}Oo}G7wt-9leak3yqUWk3|kKl25Rsu)0uS-CG>|u6nt_1pS
z>JQwYj9@lhBxYiJCKq)&d_Ai>Odv&{H~wXR5>FoqK(Y54-Jkk*z@0a$)cyB_F+^@!
zC}LJNifQ1y`nEUlH(gc&Gp}FDUZ)LNO72E{`b(~u^luPbunvkwGDEE(WK}fR0DD3o
zd%-9&kEs&5b+1dsc`HGO3Vs#LVVwG&D7!unK=^jVX$ihd7rVAr<6~=2!>2e&m}!QL
zQ(NvR!Eb$$k13C(950w~x=luNF<dQb>bc_uqBVJM;e5vp*$UeFz-fNWza=2F=59vb
zy-3aFajpCL%4F7$SYH?J+zxFmP<;2z1Lu!3NnJqn{C#*3a=IcIMvTno!C6CF?G2x*
z-Mv2)R2yg++|2jjG9vl5H55XY!u(%Bz=fwLKQl=%xo}_}fBW<Y?zwOll#!7t2>99I
zRxtKjue%)gwUDf`ClysrhOa{8x*rxOLCH&<?7AFTJDZut)pzNDKVNV8N3HRWdf@LR
z>!|s1_3~%-Z{_qz;wa-nqIEPsTsUy;Ql&_HyCxd9kJfGm1_XbrRfkTPIIXV!BbT&5
zF#2<TvmzlboUOlZMZ>aH#*fBUi^mtX^P^_7nI_A0v^T#9x@6qYYXGEL*IOyNgVYEj
zOysbEjP9?i`|pF(3w%zhGr0WV_v4{qS#^YdlL2Y}wh=VhHHCEzlStBraQ`6g>r*?J
zL86mlpb*FuQIf!hN*sez#hX!Gnvk;`g-GQnpoAh-8>S}agxe_4mhZlTT6q4gJYRUD
zX2U-hQJ%jMQ({n>VfdDV5XT{h4?<1@4^gUYw^rl6qltUvzp<xL5;7`qTO2%SJ220C
zTcm>%E-zX}Oyj^r+OoGbLS13QN=(QFWSJNUsRB<($(i^5(QnD*RKro}NLaSu<I{}q
zd}^xDqAPk`fUvUl8?70|zDE-2d!C5*XY`bUQWVwr!0qEttb2U!{r$i8%TthVyjo&A
z%;}Vx_^Pjr{Gp&pakqT~NA@J=n*rg;WXI<ipg0BnzZ?O{<xWTqZ<ahvkMyK2nAMBp
zi9J2PI?7`qWxcWI?*xsckbyzg(#7cBto@-U>NCd3*b^m7)f(-i-bZ9LwG>Q<lYoOt
zA5%R~9rbu2cD-z7;98a2uQ{4-DT35R_vS+lQ>voh!<5*cj}RT32t>w4g!c&o1GMEG
z*;6FB3KP@>6%ybg$z*+&^Bq^fnx{t^r!tpiuE#++DQd)0@;0K2ryD)OTp^$Pf^{oX
z^5;Oa7y%nW8`F`a#^=jguonxB*E{cXFKLAv<8a~D0oUXwBM1e|G79wXOS|xa+*wjT
zZX;ixzD+`vLN-PV6u)A7`BXGV30XNKsUqeV9pImfI_t2&sm~)eAQZdF`HswzP^q;p
zF6VcIANrwaIjHc@9Set&<6vxCRV}Uw4oa$pbfg|CxMso^M%J5|3vR5%O>OCI=+LU_
zb%XW)F~5jM4$dWc;ZiBA+xqook?k(RsCdxUzjTLy<FkcoKq_i2Me5f_nJ$r1`<cSM
zO8Q4<%$8bR285K#=D~=VnM0AAHVI?paIC7S=DAIZp_StyPs-7v*T<8ugDWcS1o9`0
zxlpo`BHIn*N&t(#wXqBzB1A+w{5mM)T9-HlkuhZ8QdNOhXBKsW_U8N(ao9wPjuMeD
z1mX*#$?ZAdORB5|s}`Y3htU~JEW<k{t&W=z3e(o2o+?)QBIM-_JR~?Y>=@W!No8h(
z_<NMen}%Ypo@gJmZWO9oR^mz#-^15Db4rn6Kxj(J%6s*X1_tN10;ak+K03Y?G}NKH
zS1g8OKp2jeRkVWI^{G_~iYG3^pdMuqzqf<3s;HhCb5({}xbmK%aQfcXXn8AYZNqhs
zqf0_SLEoz8*EM3{lVJo0kR)Q@151D7!RdbMjC?2Lr2QgjQ`L1v1E)b{LDcU{peO-|
zAZyzBXy^o%ZnKTQ&<y?BR4#lLSMp*KYQaykzAz-PybjLw71_GQ!HsMgmH-76H4uAI
zap@e~KfMsuw1lYPvpO>{$D2f|!8m>mw{5^{mAx`%fm5n*iI9{LR@s{_7x_IDHuGU^
zad~CxuR2K10KN`$I<UI|$&$HlC#ax3ykg<ggwv_Gx&)tWzyJ^=0z60p9+aFg71cLG
zfapGmDI<J&HmPOU^Tu(wwK>$hA|erdazU=NiI(2l=hf81+xX&CtC~OtjT8TTct2uW
zMmcaQ=&J_Wy@-b@Mc<u4PViW^<gEBDEwM;mQ;!<5oW`{y^0&+8R$QwQvgw3&W~qgY
zkdyqemYaVMH&9E1Ch}tU(#|qm`5gG;^ny9!u|mX10+NU#aVJ(r3&v_~SB^FEuby_N
zg|Ki^JNE4^A3SO*zA?4lP;FaLUl+VAHn^Y=bP>Q(LN40RxD?*`L1qbCA)+rUAqp${
zw6eq2lBqI>oZp5IBCFRD5hX8Du@RB=;ii!z^%gEhL`xb*!PGH*g#dSk%OH6;75;6e
zCB}1g9h>B`C7Il{a6naYaLB-GjIJWso5#6eE9|Taw*gBAkH;!hoRollO4LfMeQR=I
zE9NSUQ3J@6ip6)V%#46n7_hk#G>-?9N{7<r4R)wpqbKedIOL%r9Ye&vxR_@hXCq0Q
z-{-@<HG-ATsrk;Wu(TOL{LI)Ohm4e*fW*P?t1F~SS#2|jAfwlkT2toeQK&jSkB($!
zSgsQER)*t}MUU$uLsbnYrlm#dC4n39>@2FmmP-W*OJizzI#r;NIE0!BuYFEEL)36y
z3L`CP)Q5=;lCX1GRxgh1i?j|NOiswebQ0coRm{xDI{{%2<!$t0UL}1IZZkAV;s4m+
zHau8UvHD8LO9bvSgqu)sC$ZB0DB)b=pA)eOB^-vq=|YNylhpy?7;Db^J20PvL0r({
zQq&aq+IaX0Hbz3ZfuL&}dv?LBw1FBl)so?8T~*$YgTr~swxnM8dv|!u0x3BsP9hg7
z6|MEm{i1M@drn1tfRPnUu?lFZHM`)D>$*vk!Nly-@*6Qd=a;BH%4r|b1SlB?85Skd
z)}CW0k_VLHW&2S}LAa^)6_Wr?T0o&7$(K<X(c;MS{5rc`oTFx^qT(`a@iJH{-!IB@
zEccQ|>{p%l$z9Zcyh}d+MWYFXd`uvs^}QqE^TGt07zy$zT2c;|FH|~rN(Nq1=<nKC
z3x4z<af02bsftTg4{+2Rj<Ca1D#W}@sNF(0m1C}k8x#a%J0-xM_}hU(X;naBC8R4(
zf;%Mvyc{?bfH3UFtou`s2x9}3MZYp={zy!8pY)6+Q7>dGu(L?IeSzawbS;5-^dN)y
zcASqeP2L)dw$|J*8OVwm?gX!pYAMiS8R`6RDf~1!$zA2xjqtDnl-o(3csvz!r6C=Q
z!~B%}R>YXvv`Bym4Y}Bu>BZ2p@~x5lJYmw|(Ef?YGAX*nZ*c04y@8bw_gB23)IWkr
zTcB%Q+74GL_-ebaznl(06ulmJmqhFb%hkxe@cS=cd()#^T;qvy+qPmcW{cVMW7|VC
zEUs(U{1G*}y;xW1a}Fvo$o;D;3CeeN;wE$D0M1C~_0+-dPQ)uVo`}psW63nxl~|v8
zyWtl=5DWj*-ISH#jRgTKd{3Cfr6US!L|u;eb3`s?wgYXjq%&9EC>R^460-6kwXLw%
zHxxAb-UKJ_F*SL4Me6z6(LL|W{|Y2QPfw_`l2WQ4*-?r5T2eS7U{UnCLMl=`EmB#K
zDY#=hUc5$!!E*{q5UNKiJReUzkR*=n9zOIt)h$vmX_ci>S@9}c&1QH`N~1CsHN$_;
zHo4~yp!-L~35Jqn@ZkHp2uyX&05bW}<@h?mNzCMl-mTbthRk<I$v_m`Z}2lIt^EQ;
zw`I9y`UapUQ~H6i?xkK42=^@Pr-!jxB;eEVc2ho<Nz5?uybZ{HVMg5#FPbf`k$z%K
z(%!cG$W=9>?#8Uu+5S(UR=SiCE*6cqDroF(E%dGkds~UW6>WWSwGSa24t)47vb+t5
z6%{Qr-CbzZ?ED~|jl|eY4nH%u=c0pzJ1VZ11?8RQ)RW`gxjq=^3t`5h;TXb1NB}W>
z;6t*7C9)lvM}|K;Jrwpgq(ld1nb{Tn2^=<SZCK7pPaGZo1T*O?0|t!>Bn1X|--u}3
zaId_b@KC+ROPxKPs2Ea`?NfF+GxUQ&p@9~Ze8EHI*ocW~p#J2Nu0xDdI=#?1>L%V_
zkP;zVYA8~2w<Fx@UWhn21Ad#qE6!GD+t7d#2N{iQhqr#DoO;Z`rOHT#mes=0!@EfF
z-^2rIK|Nj6d*$wh9n*2NHtP05d~@pozPGwV8}j@?C(YyutE>|I;CQl@gLCs5;UuBc
z9v_8Wh-fTL1Gq!Vh??o!0mj}t0*1+OlkB`<rOd@VS}e#nFc1g^gg$IvpL9j;2_lVQ
z&QbD&NrR~iyq?!oeB|JxW_G=<nHqh5BnRB|hds^93>&HuQgMN`wLrQzzd(ne;n=AM
zqV#mC8;#$$aT?4FdFt@_V}?$x5xHnV1mpDVq_XB4&K-wc)AzSh&DL<Gbf)RWFgFW7
z28lpvw_>`If)pEGU32Qr#cf7WE4-}dES8LC{?uylTX(Mv&QJ4oK5~5E3T7mt2XrQB
zwF6Jy-6>}W%phN_B_e==lkm}HIV-YeO&4l3?hDe$JMTRu`f}*4#fHRKa7+tho-sRb
zypE(mNpv*cW5eTf#xWTamMwx-*4BZO6Fc2S*1i%VFMB-Z7FS#=5OVT@=E`C?s#zQ7
z$A|r~6+Ju-&Z#DD2f7p&-Tk#*2p5{p0$F}yJp3>{zZ&s12y^D7Ran~-wxNj?Q93ua
z?Tgm+g8H}tx)N^kxF%}j_uw}b11q+@zP*;Kj$rFSOuUU(aXCFygQng1FM-z}-%D)m
zK_#C>AH+(66>Z?hmhX$6gmViKe=F)M#!-7wMjLbcIH2_~cz2=Lq}y8t!I<0Ng#44o
zVg9BFLUz^tjH`V$dt!$>vmGCOOpD2&NlF_)Fl~cgyBmeJ_|)#hf^obp21+_RtQ%ck
z@O0;=;)Xy(Y);Lzmd}GStAS*xD{w`9KboyRKO0*XWz5B72fk7pKP;Ek%;D2AR}IVI
z`oxR6#NqJ!*7S-RCq%El^k57ixxTE$OKe=chi@S)U9b6vgn<eFmG6T=Y}mk99+$6(
zRYc#L^}_qZkf1Zj#~Pwc456^oo+?kL7+=pmVpoCJt*4DZR@h2L5<ys36Xn6E%xLov
z2Z`6OqhlZGArgV$Uup2?u5|)0Z9Hm_I^Cgz8#dqP4Id!#He_c(a?cR}VqT5d;Yb(c
zYHU*5cLhy{mO^AaG^D}I3xq9|Tz7;=%vdY(Ahn~e6@TZc-RSDaL~84%lFJ*gCB3cU
z7;OY~N`_%%HZ$_Yfuc7-I}-Hy+X(!6d@Ko?S-mdQf3J%}nIKwxg;vOZKu_ay7_A7`
zD9E+=V?h;FhuQFv9Dgtdv`PSumc!SAUQV@zcuYr@GLjzuTRf{P!J;kw#8~`B)MZwh
zgouD7(0CSAoX*8P{qXLXuV&qczloEx!&WRM-xGp6dh2e!Q_*vuIEqSU?QO|80~=qW
zX(4{-wtE`t3wQy)E4n111JZEPq6h>J161;Fk%MAV(Lm4U3W>QCjY>*Txnk4r`aNi~
zX_-<J$%)W`z@4f?imL^q{ZWVp9^PMVg}7IK=dwq+bb~RqdQ}E=#LMRK1zr--sR;aG
zHc}xr!pe<@rQhRyOA)mb#>fPczmA%Us<Ze&uBDPVjl_(l%PslhZ2X~2)ukAnD;sP{
zv5ss>$K3YkTG5Bi?T5oe&+nGuPesQH?_x&QOdiMToN3$57pY{RUWZi6@%U7*=)3%x
z%apYZviyMPue!pj*idl8tT}YdMm|1o%40ntuRwA+daWVo^m>M;cb%kic_r%+#$Y!J
zeyd<BELx7{^s_xFJ=7{XpfDH+<QL+}mH{b|pbZ`%GmgXcPaKF50`Ok#G=JHSk>XBO
z52RA7BPOGYooXtYxp8esk)GBFR@I@9&*})ff1}~j=LcE>K&Al!e;dy|92R*S^hi58
z7XmsLq${HHK%$pt+5mwOx?$nBvcrOQ!y77r8Xm9MCbFvgM_r*6R*b|np7=NVIZ+3T
z;)**O@rU9t42So}C~u;_vicdO%y;d0{orYR*+k5@Lyt2P&;IO6+agb}sm=~bC?|<A
z$v`=qZcFM|UxoUA(by0bo>6f{CW}sUxD`f~A!4Vnwe}Z1jZB%o8a}IF?C?57EIc98
z-AE(mqmjj8209qMAoF0_48EYy@$}l_(df2%e4Fq#vD*$bSw?QzC`3D6qwa9(1=O79
z?*Lc--&p`x@x$^HeB2Bgp~7Hz8l84H=yK5|A}c|i-M%e9cn4%C6`dYvp`_@RxN`9b
z$0uExhYkdCPPle)#g@@Szmk7+eC{9DA<Mw`J^(Tp!x?VL?HaJXYaf}PiAW`53eHe^
zzL%I*A5MsZLVQut;{n|0>8)@OyB&Y-*MN7IaAopuhz|3<(2^D_xd`#A(-OD(-tnK9
ze;a&XF(gep<AM;ab(_Lnhf217HaT8hvpZJ4Q3)9>;i8aD?R-hnNJj@mVi$p2RhMOM
zHXPT{AUlH`?0Dm)UsN^Nl%b8VrbcK#|6-dxEK7MqJ0=)B@02^*Y6V6B$GY<>1j51B
zidNwzJwDAz>KHc|^316t7<}p?802M^q`Ma8=(|KiJ=Gno(!AtJa+fEabD<?D@$$G*
z)<zWP2VZ>h>F(}I&?12-qSVEAIBPT<5u3_I9&n-`3{=+_)ivd9qR677IU7u}-E83C
zjRMXfO3~+v(+%(B>>WFCnl+}$`JpdfONk)I@4$g7<ioV76S&zCrZ^uLvYr-Yaed$a
z>)(zr@fW*Ik@uy~Im9^m*-*_+?uyRz7dnkTwDOoXg=*rIZ3c*cJ-BkHslj5;z}oYL
z9;iYzBR?hXHr^7bChhpf3m^@0;&&++xBl)3oIJt(g{Yk$iBMVnK(M=Me>iq%QgN39
z@eiP>nLsc`eMe3zv9_gN$>9Jk$vQMcoYNc=)`~`>8R;cVNT-Oct*r^G%oD2JrwEaj
zm+VaPX_Y2FJg>-^!tyFGc|)DG;=bV5k&hyYPH*Gd9pPztFEK8sW>oVSJt3<V%4H*>
zEVtayn%+pP1qtgUI-v_X8~vZ73<5ijdIX|hC^KJ`%xMN?l|Z5?BCoD0#p;c~@ixx;
zQ}@XgrEON{7oHL_5~F(^z*bC<;i`e0(P=~5YGS*oelD!7#5{)3H!}eA(pJFx5)=EY
z@%^;TN$L{uj9#oKT2DoEM(`&(S;6HWJr&Pd`N7K0lOsnKZs5lKNZSmtX0gR0rtYS1
z7CH2`!^F@-c7DC(Bn18vNSQe>{u0vEXjVpG7BmYx`>~}Fm;@Quas)ikuc0If<Yq%l
zn}EbBzgv~vwOBoKP^Dm&Gs|0{-2k`&!N!6aWYzRK1!APYRB0weiPY?wRRT@wQxX;y
zfhJDW_lRSG)9P|wQc{$Eof9gFvF=IA0;dF!xe?$3s@4JZaVDvWhGN5E-QveZQjOIx
zbr~$6))vHz3$gzua<wr!T2$Hw3yYcyj}XG+@<dZ*0p7~Z4hj11D3FInr;NHU0eHzi
zP|8@UG<XALBLnK?#ZLfSEY3;95z(=08(~h>g1_sN3?yth@ElrPtYSu%YE-}w6^ad7
zBUTJ*a*33aG%9&TGsIN_M=|RuCgjb%T5oS*M9!l+B8f|{SW`J6XiHigl!X=n{t}q~
zi2s5X_5%f~u`wceumFV~B|%>QEfv-D6dcNJoglFLfu{p?<<_hy2!c+8%hR#BQ8$|t
zw6zWkIz?gc!HRZEWX6?yuf76@t;ahOjV>M->?$|blwWxpuS`3%HKJ=Vu^xMMm0SHD
zw;df8j>0HM^`wl4k6+(d10kN=m2UBQftpAzbIWgp6pVpwtJqJ^@CEgi*i~}|S)T3l
zlADkCSqQ@=p#{Io@xDWB0F_THs+oC`ozpKRo?@(}fy6?ANr^yHV$2uOlME)<2kxv3
zWy8g(7kW6;rC-3$!(||1<cenejqq;CA}Rx=Csm_h8{|wl2(_94p_AywR^aTKfL_;Q
zTN^4deIjslD_eMif~5_lpb_h~gUE1pqAVP~--L9;(z=kyi;Mf^|N1zk<df5}Bt*!;
zV`!qoW~^DH*<M^5YyOEzHf3%|DcYj}9!CL1HX@|}k{mPIqT25@e`aN)i5^jc`={i@
zu9Pe36Td9ErB(&n+Cupv1lb}j!@>|9$tiD1@Xrd*g)<HC4TV*7yrDeh<A@oJkTL#e
z$(l@b;^(f!uND@F`{j9?Kq}{XzhDs81_zy~%&fRyJ($&k8BC_|W{RP^8>{j*oUP13
zqXNcYIY^8dnW++z?4+M8+|t><fg6kDJHSgF&(IGQWFKkbhWxU@3l}&{vNLQ{#vqKh
z(^4a%APW&DV<$t;vcK{-$k~I+X^+6^BYY*I_r@JUKsy;IL}jrmNAAd5ZRMmQs?WMP
zO?PavK2`R<Qmqn4G>poMe7}HwM|Q%l&tUv(@p!M|3t1+imOADK{;u6B%ym<N@^0g$
z7&s{(rN>+iQ^Y9}fP#NC|AZUJS@9549<MmnL7##zonr?L(ZgA<@Q=zWFvM)@0tV44
z>Me`QM8Wj^jjqL=ftjfJ@vS}WN?b4N)Es=ujYZwMkA}-%VFs0~*4XSdIA&BNQ~+)_
zW;VKgz(6^-S=bj29VJLAPYE1R9fP3;QnJitqf7*FV3=3sL|>uUlWDzX94O6<)T~f`
zM);2iLr+sQfVae!I9V9{8XDi>!fazEY^!pp>FwMGg-w*yz3{RXXdN3SVxJWynPc3#
z#RWrV8>%!jk-40N5UoAhjd<gURrX(gHRVczaB=~+9E)(FV&Q~#O(E6gX$yLIt-{bV
z;!*vT8Y#GxsrvHQY6=p+V0G+aV~;V5RJcQN$dvstv@DQO<<6TIcOpAyE~yBS9OlEt
z5Yd;NNbK%=G`c+aSOq7M3QO3<^dVq_mn$wXHW~;^WOd_6o0}UfH=RPj-XGv!%$ZNC
z)40|m8khotD*v)o@>^H>IzKHJx0OSD41=x7Tu0nJHZ1H89Ypnax=L4iW_s8f>cE7A
znC<O6Pd56Uy9|e3atv|K^A(h>TVNM`hakkEPw?c)2?nh}a<88jGnX42R~@&zdt#5p
z-dPs*8@=~v^!Py)84HmP$dj`p8=cAIaHylW(}q$?wP_ddj|FPvci%X4$Wqj@5;D*r
z8KSzju+Fo{BLxD~N~^2XWb&OpB8c{SwETyo=rGiU1R`7{IamRDJ0J`RC`!L3J`jsr
z5>{e@N(+ZIi?N40jKu-mx{k>~a(sn`^A4Dop1LeToPjZ9N%&r1@qTC!3nDj2nbOE<
zj{NZYd++OAB0K7yLL40sRSriE)gs-)^+L~>*r>rJqBs&<GkYSIByzp#f(J%|f4W=O
zB%qAv8onFc?G_lP8L!Nw<i3gv9@Ul;`xAZ|rcxjyf7%Na9LCXhl7%^BS-!qv&rYNy
zF-ySyJVv*h)$9!B5HbnPf;l~@TS(fGw2D>1#U|yJWYCO|4NE9zBtyI=BEqfeSCSyj
z1(Nv{&!Rn6WdZagiO)jWf{Kjxq_sAkL0qPCkCAf5yS)5t*x^(!XXNP0K%OlYM~LU-
zg+HgATC$T!C$=;qdBu~~llzU@;qU-Oe}35?S86!%NYbRR(S?m6^g)E_B5#LI#8%89
z+97*zY_v+CTArlTP>TqAV?9`=Tb3gTnfPFGX?tT5S^P4qN?7Kz+(LX;NR+FQ@VN4&
zrC@iHfN`?Wz_cBe99%n{QX)r@6$lc~X@?653sJhD`J#2jB6STDuDE3z5a@bKiepPb
z!ziw?#Jb5u;acb}+7F+ku|uN;Y^3DZU?>K6G$Voa)SykcSpcqOIw0e=`=#sUm5d{O
zGAJgx)?4v&JW>g<zZe!#kF3c1oPv?@(15B#dkI;nHTW?&24m9<Eh4mjtXf!A3L6+;
zFY*0BVNgb;OGw3K_!6{X+VDP^r@=*Z#gaDU-wZ3}<y1SAoEA*SS?q#bdJ6&n8k8Hy
zhm3`&c%VYM`jEpBT4VGG0pI&En8ihp8CpmaV172ZF?ufBfoB(g6$kW64LLO(=herg
zIDC>VwDS>Z*1sreBHasV=3-WNxCbMUfHb&Lk@x2T3QvgQm9x-`peK}5Dsco>X7{`l
z(QdIZaACP*R(2mq7GYzx?czF&TF?8vgo6g1Qz>O>xg+yQ@Ne($!eek1%flUsrD#J!
zj67_^PZzv<!#Wh5#lJ%{<P87^7RM~Tc`ka_^<$CW=5ytD=10f`FTO;nFH?(lY3uQR
z=)FUs$rodhl7fWSY|LAN0C&A=W{_-2B3AK2EKUQUP=k{C4{WE+KfK?G&(2+I7?7sC
z(>Oyy-K-fb=_g?ko$-mdV*I6v#0<y<vGuUCo(-ro1;mkiDRx#dJgrC=Fyv;lhueTI
zx@s)b(>SLb?;8|nO9=_k(u+ZLBbSA}`{9Xj4=BMnL>Gm3;#6@-Bf6J$qZ+Gqb&-0N
zk9qSDf!27`ELRL)5#FWP10y2fLVKvO?6eajVwb`>Ls8Qb0nf6;zQ*{b>p|eL!yy8(
zWRI4t5Do#09FF%m3kn@zgumnBjnPpZ!#E7c4&cUj`@G$Pz@d)k1!l(88g7nyDZVA~
zv3xc`AQSIuUTF~Sx6&fKuDy0yFDgXt{yiq6RDSAJz=#8k)Cu^^UXQ)Xe198=_gIhk
zYeZ8fU8O<W`=c{AiE(eb>2M1?1@h@)PM{CNOM)+yva{#O_}+ivDYs)f6F0)U>{~7W
z5{d!WDGpYoU$)Ib;Eimn6<Rpq-S*%W%VOy1+ns65=+%kQuZhh6H(N{xlmH1WB3W8r
z9fYb=QtaPhoP<`0JiP{(vOaayA3Bm(5xP3lVFODej$8b^!XAQAFlph)-o(N`A_j3t
zpW>;LGL=Bhr%KgD%IQJF;g|Ck7bP1G26F_8I=I}N_mmdBj9C(9C80^=A^mL~u8?Mf
z0|qckO^ZbJ%jf~;e}SG-Fko;oNa@N79W_0!8ol@E(WU7`g5g+x&PXU<z3RsM$$WrP
z%q%T&-z%wpXtZ2Y+CbyPb$m!v3yiT#O?dE$uyjYt6`4@OuK-o=sfjIteyHnNOkZ}N
zjJO==@!~79f_vj52Zbb(651upCU3*Bm(5EjMvl+X(qrWK+o1l9$%cYqT<0y53I;^0
zP^rMdLKgM-K_5|aNkXKh)$<zd037n2weT6gB)_Ebz4gU26LAJfGf|qWgqHPo^BtKJ
z+0&IKDXuh2L_wof8VRQ4&Fy%>HgiH!figj4Ss+l1mB2K;VG|P~uH0w>nu=~0BvacZ
zwH8z&exuCtSTJEsN#Z6@cSN_9a6GvU>JAB+L-Y9)FEtJ?t}MWqbTv2V{>S}Vyon=u
zz7o7q_*m~XaYuCSbnIXYrWS|GqGT)jwp^U7H~Une;&>L?FSu5!V3&+8rw&+N7hqoR
zPIws1>%p$b(Y)Cmp~{@35~b^PQ7L{-8Z(yFO(fnS3}GKS*I!Th&tr(o4^Ke&*AP}*
zF`6FvK@0rpb2Wgeu|)(LfLYL1q@zZBlO1ny`J89WJgZ#^urVo?{}J5VoBpWpA+u^C
zr-lG!odKD0)2gB2vNVUs9p>N=zQ746*_ROs30Ho$F`3f|GEc7;d@j7Gze$AZ|7!2N
z1KIAr$KRnvTUxbh7p+-5HEL7TC`IiVipCz55F$oti`rGAwo(*DYX_mN5d^7G(TXS$
z5hF&B665Fh9iOMq@9*EAPyWkIa_@bgd+#}~+<VTsxdN7#mssvGzBigu?=ZdEe5jrY
zZN1A{VHYyG-~kaSC}j79LwI4_Y7yb@=ou)_HecrP%HF;xAm_@cbk8{k%w+$;RvnY*
z{WCD^SozXY#r#nX>J_&M(np^?@)+6u=;I@Cqx)I18elJJ%-G9O^}l|x@LoC|3FS>6
z-Zp^i1-QYKl|61s+ZwUHV8aP7^3tC~*ROb}GZEOa5653|&y}{kA<5kqlDwv_4EhYU
z<aQIDMMhkxUpd!L2aauZv@|7f#%G>nRVGcawN0Tj<jvYF$6{OGzj^_5>|+hz9CWm_
z-yeMWK>qS@ZLE@>7{}AnBKxa-i=3l<dLLav-91Y^=8wLQS1Nogt}KtCyuA8JzQ%G~
za0~k-9A|WoF{Y~P8c{}6Fi^cT%WPVlcf24-#ndoCkhxpA)49d^n~1YHAZcix)l#2Z
zcYRh-v<*BD=Dp|$zV+;a_xG&%O5<^5bUc++Y}7J{i_dUh**Ls3d{-ywb4}Q{xYjAq
zs2<A(BQj&^ntY+ML7t;wUQXEkQ>px@iW)^k&9gq!rzANymPH+puce%~4T5EKpZBZQ
zbH>%(xgPH>9lfMOj&4}Gy6>jSw}Vqno^)aj*>z(56v}YF%}9xHcU<St<f<r3`&iMP
zZ?7IIu*;f23vK}JgjnM@Z~!qcH@X*J@u8HR7Ef2#=K%({uDS`m#S7sV=6!Bky3uOS
zD%mXho%(v_;RU{ejO3>&<|h|By?dVdyrtzdlDY7%;y^`SN(IG>rfwN%SZ~D<tEN++
zpcJ|<kw0()5*g|EXn4uLE#drGk4HYLDT|A@@8uPDIli;h_{(w;Kk>q+*qwJI+B#n?
zjEzGDsGFX1fxR*Gw(b}<XQ^7Ux3WVb>;8R*UeGEoB;Ev!SI4tAvN$$g=SaR;5x8Ke
zUg5);YiK(6nG`NRjWilQH)`V*k){&Gu`hWsu;YE9w_S0?zAR3|_UW>}%FVHiZkB7Q
zo`x>+qu{{V+#gGb@N4=Ps&1S?qx4_D=?7$#aC@d-AM4k?6Bey>o%HbcZ(*T8k&H$!
z4R8%VWZtv*Z~<393yeP0wRh|AH{Xjh4>oZaasl%IpQy-oyQK|%OK=qjjk-g2SCzau
zwhe}I8Pyemh-8IruYR3Kr_=Zq;+*%*Qt#ifR|0Wg&W(=Q$1CD~Cbr;Io-UV1N~@?0
z6|yEa*LR2d(etI5aumNbvC{_KTz)Gukn(mp%J#E(4PJY2q49OT%09{A6D#uP*()+b
z5KoCQ0GP{zav^X|n}38zv>20S!?6m@TaCZGe9q&_4%_`(DV=jJ1_q|j5?;xuNF<s)
zw2cqfz;EYJ-YY5<*EhS$L|lUq`E}-+B;JrbC5N1QM8wi|v8)`={E$lA2Jxo4chT&;
zO6jTmdXT^|r^6waKEIGyq39B`rnKU5HbJ#O>96}$PY%KvFWoB6Yd%2EswP1KKQP|4
z4rgOCKBp93Ss0^nb1mM>0TpPAebDua=g0dBkici>b3|rRui=o<{nts~9hzNp+t_Kl
zt2$-TN=bK4m(|>=hIeI~*_`20_ZA7O%m2c)FQ8<L`_e428sQ^wXqKyVRGU}&4wUdp
zVN9YhCNW^X%)wO#ub;kH0WQg*JG{czLEFF96o-o`VY;Sx?d)0CXVMqCqgGP~E-sGc
zv|Xd60$wd%bGwKPA$zg4*w*?;d#_Fva_dboxIO0f2~lSr`_j<h!2qZ^d(~?vqmL$Y
zzXZj}_$lc9YG=HTNA1|V7>m(ItSJR*UyN(R^8eCmv*1kW+3=Jn@aekn8DCc-Hd+Nb
zg@QGg+k&=v7|Le9n&nIRWJ?F!(o8P3@k$+LuyeZx8~i1r6`V^?x~tAFgRaY$`yIob
zIB-3JZ?39vw(lqbt}CEPKey<VuN-)_MkGDZL11KYjFYrvHDD6Hx~!_~3ft>(^A}PK
zY^)4;cX==cvF?g=s2J7kF%T(9-Vuy{yKy~jch6OQK&B(U<7@ayd=EdT4@~UiM<bJh
z7sGl>Vrp;NJq2$LT$orWx=U8h4cX0fp-I-w5n5793U))apFyi{$R~}VrZdjxD?_fd
zlNuCc*BR(UwKuKzW_|=@?0}gDa(H6;>Mttw4yRnl7g+60y@p*QAb1t~q!$FHQq*#z
z!(Qf)S8s29kFuhB%(&;wP9D&FFx3g2=DcX<HJN@A<QPiN$-J&Nd^74zoATZgesiNl
zyzwHhX65gjkMU$+#8lw+B_{$3)@UMp6D0isk^0&*RBW<l;0w=s{uiDIg^jWrLYk@A
zS1+U(L&bHkbd~hD;>za&HiHc?>Z2z|+`dBaZ4>P>>6z}=7wX((h5ND~f?*@FA3Rqc
zXT%@gu=x@svJySYmq355R$4_rv38C2DFDNxgy!UDg6!PQ?qrkmL@wW%xSa%GnlN)>
zP9J;5&X6+lxhiw~BW)-$$ogA!vPr>tn=9rzABz8CF|$Jjh9FNl3k5!PuMQVcIGgoZ
z-nS#~USV^`0EIZWIwCi<vwtckBWd;RTfPrp4YiHFcK1q%I41v02ZzEJFUVi2`7ZbF
zYkE!f6+=00&b9M=mO99T<F$exuW#4{#|7-j`cQ|qKWO8%p5Dm%ESPqU>ryjU+N;mM
znCv3K&u4#&9xQQc?tL-s$l2h|l0u#5f}R%l<=T*V@%)oi(no7~+Jg{u5OsTTcHOct
z|HJa~q=DFz<}K8l+@TKm3~i=rxz41ZBX}haCAzLuW69gJ@}m?8-A(GO47GtDcdEt-
zaj4I{rw)M7Idx)EM47>hrs#~l2AS-EmZ;Y7#b?~XS~{%feOiViYPVDK{Ao|%>%v6T
z?7>bqfp%QJ%{=o6y7P@Tcve%Gv2(-k`<%UcCnZpqWgU8Cb@(c@1RG4-++t3)PaAL4
zxW{`f>XX_&XOyjV)XwQ2_+aJbb$sNcqIh-NX-YvzmWAfqh_2ly(7DR)+Y4AA(B=3m
zLO`lrF+3l`Ku4eI(_a&iDIj*4_Iqux1%qH%Zw-#xs|YBN!pp6Tw@7GOb%|R?t{w_V
zYF6Ym@I&Www$>}0<54DLbz768ZBZ1TD04>FQF-J|Q|(5JD5a?40E5Ep)1m!c(<X%y
zn$VR`_4s~tc4{FFv`0LSC{x?KyuT@4cIJUt{mxu!WJ!mO_?6=mf6B{#@Po-|=4_(;
z!5j*G=mCcuNJoG-D8R!}nQT$#1Apbi5{>XBAn4Z=4J8x4|2T&~eBeg&k)yMs!$wx{
z(UG$=W6??WoCe2xbu1Cj<^nVhM4y1lv60kDP&P=n$a3VjqBF?S=xXRv0RdOE|J3|~
z$RIItSsVI$WmbANYMF<itS=CJ@G1lc(5Si0$5ZvzZv;RE?(#xy;OlPdl2J!Jnpv9P
zRzh3I_gnu8slo14(on+|?SoM(l3}U%&XC0{5E_lMJKFwKw+y8{{!tbXEdAj@<}~w2
zcD2p6irU_71oKY#Ax$PbyQ{SEBpX8Jrh`UQ3t2cPLU#=-q-Ki{cplp7<Rz?S2&%vg
z-8CzEw6M<H8TWEv&H?2SNx~D1qJG=%?K>N1<h>|4J_>x#i@~fPADO0R#d&C&YaCa$
zqvASC^PG-%-)<eejzcxU6M>Nje1z<%T^-<ZS65ZQU5F#6pw*CK!JS?)f7cALt~GT{
zClj^O%Og=cL_$~RCrQ2Tsfb^@vcdb6TTLD~2aS`fIQlXNDgDn<GhP%OJslI>pA8zq
z9(>vQVcKENKRUJK9Ja|d^Yn>zsTKmDyb!{K=nTnv-DdY&>zrQXx)D12Wp&%;#?&;*
zn4Uu(vNM}mAn=_jWVzp6pzbB6-v4R7by39pLc6@-m>VI4{kmA&rkSaD8N2rab3{Df
zn+!?>rZP1fe3Bf5pSD$$5g;&SAzjpE8>UYd6EKh5fBOkGI3q*SdH-{7CTgadXSOb@
z#jAf<xy&?2_c)?0Y9ue9P#Tp!rAb2>5pd3XWm|5^Xhl4$1)*np5~X-dkR)t6kY$iN
zk&R9f8?`H?#HX5%jmes3WW>4-!BhZRa_~}bK4-G!X<a@*QgaXPoHS7w7A0d@$9Z_h
zCA=79Z++ZE@PKQ4An9OQanad_r!BmE1P*#CP)0-n3DeH7O0`mfz7^v&%&d5XQSn>Z
z9e*?C*?m@mhe@X+KWr;%u<MY5QhC;S`ezN>N192dFtN+x=yxS?docf2O9v58z@^Tb
z^J5U|9!D#gTSG0K*8VE{g}<AIfEBq*&IdI+K6b%L#5AX($P}7QSnwCwx3u@T-CcZH
z1+{KmM$JL`q`?br$B579!#7pCHC40u7s}5geOizC1&@Aqeh9cgt9!lJ@HVOyQtNCp
z+*KJV@MM2j)g-bCySLR%SV>j0?4-T}{YH0~_nGG3DjJ=|6Hw^P<HJ-B!}X<^w$u_8
zfd*^V4Y^0F6O|Tj`YF6zc|}F*1xkUgj%G2Ra&mG4gZEn_5n$~uv4!l#cZK&je&3I%
zQLc<9G3!P{JfRgr50z)FYG_7>fc+j0icI8YVpnBwxnlI^k}*RLjA*7?O<oFj-7G=(
za&mBI{&(9-)pBaKupE7+k=ixBI+?n;YH75ygl4Ff^X4u@pS(JHXkpcJ&+P5R>_PZN
z;-CW4&EVH1eyZ|L+ihEA)Zac&lC9c}#JOJ&67w*|UWxovNH+LJo^u+>*lOn_Q4!F7
z#}SZ^dHC3VQsY%X&1Q22WTj7uY2Z$EKc<?vIQYiDRRyx0_OpyP0P)?ip#1|+(@2J0
znZ~Nkj5{-*8TWAO(WxTo%SU7#AV!}oL!FIi^f#COPy>+6M(0aaDBPjEJE`G=b9Bzb
z?NC=Du2tO6So|iZ3`tLH=A%;W=5Q)$vEl6Z4N#}clijb-rbBJJ9HoaTyraWe`=@S~
zTfVu^#L~P_7p5RW<%;-aH!cv@jbug+*O<Va-;7_*@yvIby$7!qfGLHTTtYjGz2>g|
zArQnI-~E1|Yj^Q*q*6mQ$Zf)GtsU)~l`Y>hQ}3_#efU150ciEAS-dF<;QXafGomfO
z{X-D<_ha|(E?w_1ZjaI4w<zi`1sp8$W^I`5*siguWQAFjOVvOnkBz&Ggm$O-F5jdg
zJEpeh_uP1!{{usdH{Y+J@a;jR+5Qst;}pU{wWgRyFnIF!g2qfnkilWwbX3Eg2P^Ys
zRF=cjR_^h?X<l>0n7XpAq_9HIp5*1v!3EUxg}Jc~J+R$ur3TKX+zL~0V$2doKD{GO
zwsr>F+T~)v4rrglP4&>FN9x`~O_Jb*MX3ywt7aw7or-OGkarhoWQX@nfrV4o(T0hS
zt^9HRZhhf1@Ssb}Bk}|^f4n^u*gWLZ^#iV}Zc`r2`m3=pYG34@q7v*zQXk4_Z9>3w
z0DY8G3Pe92E7>j;9C1@9(%nJFL?&SCE=IkUQ|!7nx;V4{6GxqJa`@I1{EVopyVbXi
zEmB@sSzYVG4c)C&qIh?g9QB(ROS-n}^UA_owL$@1SxZX<jmtZWAS&ERv~KzAN`ezI
zE|pJ0?!>7XutvmJk+a{7{a!Iqg@;?$y}U@-7rMV!7Pr%}i+mu5!p!wvybWnV-mZ0y
zleAGdqP6t}+W>fW`g^Sa#|fRlO>mIzx)JI-MYDND`A!9o2QtLe@Ar%0VO;lPWgvO0
zL&H*n`dvn%%zyPelc3RZh2$W7({@viepezUqRep&)(uB-Yx^UQjwoj6Y6W%l;*PO_
znqqKkQKHQbHuu{~NX1w_HV(C%cy6Yr!xTNMs~$B{gc+_j)X6jN8d>5*TL-6P4pi1V
zdl^xxQ0b2YsQk&AwHScuy5OeI+w?`Fu;D`GiuZ_4U@NKrE$E?Q5wnJKkn+yjIbAH;
zN4}U5!NJU@UL4?+l~GmhQSJ|M{tosWL_a%K9&o&^)+SPkt)M0ZBaUe6$%cSY%2IjG
z;b!MjK=!`h%V*2SS#0pmVjc(dN?x`)Y#SFmt~Ikd9cAidmM4>snLV$LrV5ykG)A(1
z5q@E^(!yjtfh)5@m>g)VQSr)5qGB5KJDshiKduifq>o*fS&48#HjdTEi|ob3W(NUi
zQE~fqKiCfkW-F)`H@{`t0Vo|fqdHHqAvgUU{!oLu;kLfR7YgbXGO+M)g7y03qtlXM
z1=6Hpw>YP>kzJJGZJPt^*sPl7y88auSibpq#u#2k#$A3Zb%iuxbeT(~j5A-~KZg^A
z>P!VbP}`B}|8mGZa!)Hm8Bwv^{(woZ7?a~qXKQIc|JD3B?<-#$z1v=bIYTh(QsaJa
zx3RQAXN2=NjbrBLN6aH$?NJ~7D)t}ONq2m3+_Rf$>@2~MpQ9^JjacohJdaHCwI@n)
zcVpKaF!YH>v@caZg%`c?JtOKWNbj5it40I-ar<SF*v{q+AD|r?)`Ifo*on5d&6KQN
z%2R8FJc3Q<>z!&ZCT@Md_VCw7@_G(Vol7gTTE$6qS%f$j0EknG`Hs1<@j@niPO)+P
z1n}0c4eqb(a1c6;lJ^wqP_Vjz0>r9}NS3IG$Tre6K>gyy>V2ybb~vSq7iN`$*qu+5
zsr7#HVyD3aU8{cd8z0u9)&JtDSNoMWn$*Tv2&@uI*+YvZOdceD0@&YGpMLQ9Ds{r<
zxHufo9&yc61HntmeIvczNht)a7d*oox4_jWn9f{zdWtSG^o-^O!8&bM&2XUdS-MCz
zx^m`Ov&gk*)kwDNd2YTNzYJyyifB6^5Bh17*Mg@`Gu-`kocj5FfY9-=clSwZp_77B
z|5elVZ@14dK#?l>i`xHFaPnDW;wf!h?NRZa|J&B}|Nb(c@YA%A58YnU|66e7>D_jQ
z>kDhkm%Y#aTit&P^IzGWI`i*D`FB<Pt5N<{pa0s5e+}dRKd4|0fWTk~T-yj&>W+6<
zL*19X|KXDVLX?ft>mQq&oBg|tkvop#d0`|)UO{I703g7_;}Bq7U$vBHuVr%nZ%R28
zeTT(Bi;9)@6>a9}8dd46Wq`|A-*1u8*vhTVxO1;pt&U%qT6X0>R{eyQ{6x~WYE)vw
zRn=<iUs*Lv!Zb~VL#EzsD7*-Fb#*=b+2kWQkH_PMO<$XVY>MGJk*=OupDz8`=9+df
z%elI0-af#g4JWhIEg2akKZNwwn8&*1ft{VL?bJ3MS8koqV&MD%-5k6kKcH3O+#dvX
zW$HX#uE})J%!f9VY^EwImgu0|M4ge>jwB3bzLNEyroI5ucADxz(of3d9M``u&lx}X
z$Iq?lR^e4o4&Te_7?yVUqX!2QtU^D(2IJlR*VcrE7uq3f+~W97gF<;`>%s>&XUkqS
zUqv}l7oe1DS$`7aM*xF-!5ze;Y#|CVw>{@O{!z|j&pid9)i2}J(W+HkKr1=eY{R0U
zqF%8}02Z5DrG#Oqb&T@g;CPCznKin6e6hYjQMZHC)7_~i5fz@{bD3dpV!~2thS3`Y
z0u|qqSulK;q^OJ4+GI%9f1*}`FO72>xcFDxe~|QqKw*pq!8!pxNIniqkgK8~Ksirt
zbxc|SLbmVsaCbl7Gp)Kl^{G^vVju~PzJwxTGeNo*Lsp%OvS_I#4Nlg7bcyG5yYIMP
z90Id;Uvvas@PnN1=cf{!r7+XZv4wp@DNqfW6t%OrugcCdCnxT+Y9+Kb?`Ucmj0E#1
zhQ>n+U;jT3c=}@NGLMsk?jYYgX5>zo9x_k1aLq?0XuJjt8>zdTnSN7;(%ajcwmBqR
zmp&nE<Jj(g6(&WfN?PU!Jbd4}E2yo}lVSBAPCpgxr*mCaqv}Iyd=}NJMYE^n#f*9F
z<h{ve;;y?XcfrT0G6K@!&Yfm{Wzdaxs#GijM*SR?1?$(5Q8gr+o{sbc^)BZr1GH?0
zE(eU0tD$P(zw18D;462g8uD{{x_sphU<#FUKYc_EJK};gp`R^Yfl<jdKs5@$cMqEV
zUS=^-$-Gc-->^eih)k#&<Je3}zl@0s{zql>XXYBNZe5|ctT*vYzg+8sJg#duGmbK;
zfI!Ea5M-}sY1BlcoV>im*9z;Gns#Weg&rAL_6=d-d5OASNA@jQmaXT5ynnC0N9`=O
zP2=V9)4|ohz)DZfzaLK>&un-_8Y4~G;qn7=bjZ$ZW2Y8-MYjq{m`7nhI4ABe$4Qa~
zGOHzcMg!S_868mLf6iek2Fu9ys$XEbT%OMMa<NdcC+zHXGgG)#S^d77tH5e!lKk`2
zg47L36)i7j+s=<4uaG1(-WE*D`cp8USlBV)!$p_W(59Da-*@jzfC(?tF4Fxmn?COf
zKg!OWj>TA~@Qg?v*YHhAuimez4p?eTqs5xQ8b(-{THGXoW%6-q+p)$L)^})L=%M6K
zZ;<*i5)$MKi`}lZVB%T9ROw%uf6F!6&)~B(kJI!ejS6ZQdBES7adtI!WElHX?bbr`
z-qvaZy6<3{G=4iI2Wb@a80#g$uRl6K>U?9|1$BvAIehXW=#9n=u{*P9J}UABdr>0e
z-|{_mW;*#Up?<EJ)C$3EI~%ngPWk8W;UVtr4SYYPXLz5f0aRxk)F$=y`Xi_w%&7U-
zkAEgmTn;vLDPL<JQr^DSYfI>+RsFgkE;+sCr62K!x=6n}?j>2r_rw|Y<b2f{l7z|v
zsWt+B66+mOxm|jv^)A2_L%nfK-rdxfhn|sVHb57kRs;L2&oy;Dd04hIOpg9o?^Et{
ztMw3j)2cAF)ecgZI6g-!z0)^jr2I~S3M!Wpou|U5Qg>c#-J{UQbe7$_A;i2*bQ;0u
z$QgVi+?W%r4O>j4>Bl&lB}R_4WE{BzZDaq`B@PT9YV877P7W<TUS&tdZp;R`WZU%>
ze4X!aRa52-3w@qhSy{QG*JdcM@ObYFy}$=1T-k`<CZO0vBVh3rO^7Qt`yJ+0pv~tZ
zw%p4V)eAbA35lBm|4=a(qffFY@1<+3K*xg-zVsso@EIlbA0w*_@Mk|EUaCzqDimbH
zA?a7}wn|i+T*!tRrQdJ&PDIfZ=ePTqaQaHgxq+ff^|FPMVf-!;#}zx7>k;d);qm%^
zn3+k|--9;%;*cL~4yyj+(6!IXKa$t_#qkhgQc8t|A`dob-M$|j$IE&9^@tqt=D78V
zUt|=zptUd)1k5es4(e>JwCI(T>DbVQlFG8Tt`7Y%n%BR1pGno&S0qp)k5dx>lcRxF
zkn21><UD>~QGb<s3&h%p|D(2`w%|5M!{%A#1^5@Zlsy^v(@?K3_$@Es=2m}oLVq_*
z9IqY$TB;n|{C31lp=E2J#!WTX1b8J{W*~XO>rnB<Kkb(1xoAQr0koJ&A;1GVEF)J!
zBHKH{_8T2{4<)le_gje7Dd|4S3s~vZ0qNEL){d4)+cEHriIkvBrdxpL%F{H(fTf_6
zMCOD%RlnWl@Hhf{$~x)H(Y<e!9rj$RBN^e%ID38Zr*(z^*bwaOV~$LL*|AgGbXM^?
zsFa_nD`x1Xh#?F(huCI<2AdXo<TT4^{k>Nb^!#bQtbgIEq)WdGT{1$NZr9w)^}xjB
zz&ZuB9pA|6m&jt#s2)d3vGjquzk83}@5G~8x{mMlw^IEQTG6EYS34#2oh<HQ&*t6h
z!9o|DAQ@N`h_IAASmOrIshy8GEtsmlU8F;zP$=qglXBQv9}XGC(uK}9<!r7|<_ytP
zN8Fk-LjnUl^?N7t9_{LpjJ=Dp%`*{+hl0N}ENM{X$zaEXRt~ox7|NX@nFYs0oM`PD
zNaPQ_(xP!1>c#-i|7#J{Q&N9rv+7m}#)*UJVrW7GL3I*P>!$rxA;j)oMZc;K7iN=1
zkh&Z035!QG*C>ZLTJW*7%uB=rEcu1m!T|n!DK(UUH+LA|Cs!U)+h=Ed%4-b1C2FuM
z-JT(dMpS2AvLT7HNZFKz9cBEIR7xPrvjf!LVFklYPh5Si!;|Xx(&Xz-j6h51^tR3*
zqINCvdAtuICC#TLV<UdjN8rz1r(8+njdLDkjGzFeh~AM(6{tqvkmNXa3tduCQ<_hE
zw$2dP4r~;v*C(7HjRZ8U+YkEv%0+e;t^$i3PLtwOU_tDv8&BE{6^2?(q9UqZV7qJ8
zHa?#fZ~cUP@^kRy!n)0uz~7yB<6A?5BC00XQT5bM8T#bbGRNuR?sC3%+7%mni+3M9
zivq189{_P*fIowWRF!mZqU0_(p_>44+ofA7{>9|ZD}UMrhuo*^4OxLr@^lDg%&vVO
zAw_(NWhN_Tmr`5Z-;#3ic6OXMrYY@-PgM}ODScCn(&t{4aMO|YK}t$WnV>2}Fxi7V
zoVJhy+`O>u%nV)HVFTIJa{QDqB(L>)Np^CL3x*UZjalcnl??99?c07my#JYY&pu&N
zXRv8F&9%NCW}XA?TQQaJFGdADxc9Y5!(G|NF20qS@icYUv39Yx5Tf7D6!W)b2ugk`
z|BabPJ2GN2d#h6=Hpyc_O=xP@MzS&`(_b$r<hpqwkRy<o?9&z64_xVQ9YIJ?0hzS0
zkcv=;Rh=I7371UO!qLs&X}>Zy<^<?K1%P8VkW5^qq@mMDp}GSKo_sX*$xUz`r(Y?y
zQXh3O_<?^Mrvz6j1AI`(1502}GWckN7tXI+6D0T-Cv>cykBx_sD^=<^VH`n4sOc)`
zLQQ)=#vD5FrGg6ib9S`cIZZ11E(^paGi^fNiqOC8wy8c<kIL8Nr``_xK~NDPbd1nr
zpmKa={KmaB5BLbnv?Nz58+$-VhNIcGLPgbY6@Hi_CSKsI`9uf#((Jb%Nhz@Ir)e0N
zx8TX*gEw4g(4U%t{?%P63C)*w3fHeBbhLHL3(ePNhz`#@F$x~BVq@Giu`^SJ1zTcK
zDmTWgC*E9nV$`-vt)D~I*R283!ATx}@;RU2b;TsH2DRHlqq|x%?T#oew&sUMTsj{R
z&J2yzQQ^l};CEr6MGjv+)~&UOppgd_1O1`--Lzx_tCvfy;~g_hdH0YA@$y&N{$R8i
zobu=vq14=_(a(5#%kg$gl4?Y65d(HZ!b-RLlSa8Iv$w?pp>^malsWWXzZIEB7wK3l
zUb2w27T)T3%XNkm3<Z;ce+txug@KgG83uaVd^E#r7O$N>AcydMnF143$8_s(#>P9$
zHx(sV<878Cos-`(MdUa4Zp03sD7nn`+8;0V%c`bcuZ{iS>F(xphsI{mFLuJ^USNf5
z#UyYI8Ir+e6}&mO57|6T$M{fJg9CUh+-{AzRb|AfS@P7HCS)NKxXsa$w=eHCKZoVL
zP<?@&FF1p9g!DFGQD-uOL&6>)R{j1IWq|P+jwRn5HQ6je%<X$EDDV%;V*QOa4p3tA
z3oKB@IldL8M!@dP4G&x;Kcz5mQ8(gVRS8i6K9Ao_!0|dH3A^KKVSi1_{uQ7%0M^0x
znB5Rhop|m3&T&sxoe}060xb9{6rJJ;cY$wZ1zhaN6294Mz9!4Z<|QWG666Co*!RLG
z%U&+KHV;_C*WGjl5MQor{Q&}>9rB)HZ*zP8*o`^(R>&n(xPr@?R=B)bI~kEQaeF~^
zQT&H=^)6R@f}|%eza%Evg{cXbl!TEbZ~LFCRx}{Fj|O6bm4LnU)LfnG?$YoONQRn)
z4d`07i+IZ|p9`n6#j4d05BNmkM#ab=3r{o)SYgtfynaqC650>1TZ?P%#ZF6*n%~F8
z!)8!fPjsjmuKbb*^nd?V{l;}>>x+HlT7iEn3S?K!L3&`fxf?q5RcbCJ66Qa*TQ5An
zHJKKWy`m=FJRMt1bHug0Dwn;EhX9qq@2V~lQxyFdKdh|oGhc+Gmc>gKjKys-IzlJd
zFTa?|0L_>!3$Sht=WjmK(s-%=_)`H-Jik*=54KX;W!d{716<KFM5f{mZNq*Dv3e%4
z?Nq2iZyG3@@uAeBlSj<oytc#<9UG2JwX?1<B{jh?SN*ds|H7=87%|#mKvKjJvH=Sf
zs-WBBnBv2d3M9UO{Q%~apO74|<CU3gT2;MOs;|TX*G*G#>V4n6!qjw7s#)!*&B4pB
zu4J)Ro@+7cw-&R&irSY^Py@Iykt3)8$3k)3C72K8?ad1=;ogJ4i{JWZf0&~UYgf)s
z7bDWaGW&w)B!Sk9sJ^zc=~qwCYc+)uENIU#sd)~tdVa~gb8YI{(Ogl@V{Gt7Mx{jZ
zQfQP8{+Mk#pI9EI9)%cJgzld=T~AYlhW$_st2%M!YXc+k?xruHrrljih+bEIMX3FR
z6{(QO5vV_5(XUSJCK_o`K{{jf@20<!*9v(B*JU;}|0d77oQ$?_8fHL)VamW6Fsg;R
zS$__T;@DsVq1D6R5}8F*&B^e4IImlR^Zah%axB!nTdQ23A+ZA@vQ8K@(z7aHc{{dz
zin%UsW~HasypVH?OHUUy^C+>kZ2AmYPicRRH)wX7bpMxY?b?y|TaF;9xQzB8R3S~J
z@Yc#<SwB-%cEiw_BGjKGiEE=X|2U(q-=%KXd~@QHFUk7Xoh-h?tkBq}?T-B1C%wbE
zS7J0+4tI@nc5RB#u4KROftxVZqtT){Hg;z*KDapEEPCbGFD)>@`+_f6`EoTX_Z28$
zXzmKacNFptiyHQXV+!PONpISR>dA2g>`E3yAAO<<*aD3rz%!`ATo6uXF6s{sl4kuV
zuQ<K#*@BV66%yNoXPwYut=X9*maG0O)HVx?T$aFW1zqe)jtm)yYSqP}6t8hnYY)Sq
zq@4#j7UYYDgDW}!lHm~EMn!7A>P;DJrt%iYMuyMDR?V^{3;hh5MMCP%fccmkea%X%
zs~u<lzP*N1YS_$0@r|=DKK$>2+{qbI2axgIBagFd+2Yf7?j#6YRKHC<gbsT$a-}PU
zJ^~d@6Es^gB1#Xz#}d-xDE^}<UQ!o$U4jfQPlD~~RYb0xr}9hl*b1a%(7w6*!!dEf
zi_#7G4nqiEJ1X`S7+nxRhKmvlVE)l3ZzZ56r%s)Dc>kW3r3D!73<6-m1%GU1+-+f0
z8dQI9T^J{g2GXa4HTAzBR<S3S&zF`HxtOT+`lg%VN<!rNqy(5UFuaE;Kd^&ZSsuM(
z9|o>oEFJ8COPh*^xEz&KWb40#qw+|%oLWxefxK+T09hqupsBITdbT4c)zO3b5B1}B
z#(31^syG&2IKQ@29!`Yle??$3p48D|jnQ(h8iqZH2!lTQp6Tgoui_34Jl1|V;Qc{U
z50<zUf2+{LFd;kc+zhZ#?`2pNYUfz4EfVqk=HJ77n!!;ttt0~Ru500aNLE=WasT7f
z_Hf&;0LU{TGGN6AT6Wt{Z1zD%#1K<}PXhchFS|krbP%4M7en632$CVbGgWr@E(q~4
z4ChDwu|-j=N*7BAvqV|6=1u3vj5(T~4zbhwis;CB4x4^>5375Y7^LOK4PR?|P7My2
zH5>utJn-?d^u0TgN9Z2IVf$qNUaqI;{4?%aH0L4ZdsR_+XUO$KOz1V?8`wO(K?r}t
z_g&0YvKlgZRS{I=qD5uQW7+PwJEG4B^Pl#{C3OZg2~7X7HHzb=(;L`MZuGTn%|l*7
zwY2yN{labAUyanEC1rRDzz4R&c4tAeW+j~i3N38Ehg07E@l2=Al+wZEBpl*H_(8&F
zj@qa*=D8GKhoRY}&4BGzsj9Dk0K#d8gKu<BsX>Y|yLzdT$Mk0w&e<np6|S5*dEM7F
LxmT<GDCYkFLPgKU

literal 0
HcmV?d00001

diff --git a/docs/installation/images/ocean_click_api.png b/docs/installation/images/ocean_click_api.png
new file mode 100644
index 0000000000000000000000000000000000000000..0dc11ac546e304285aef897f445dd4d06cb38305
GIT binary patch
literal 37127
zcmYhiWl&sA*EWi~6Wk#Qgy8P(E(xx|gAA^NyF&;T+#$I8;O_1W?lQQ;A@}osRj2ol
zUA3!g_0`K)_uAnqO48^k#3)cuQ0THU5^7LTFkmPs=x8K__b)^FWCc)AapSTQqTk%1
zPcmTR^mNHXpO(0OthinVSdjE_%2}^8xS6cDvbD@?FZQ3%5x?HOrL_ohF0YNBfzThH
z{(|}yAJ>sTKOD{S?n`a3LBCUl>Kv^If2gnYK3z^>Hy>@nz<wXBQ{`)e^~=1|DbeI*
zWGj3*srrqsr_0AP)6;fw&CSi+{j2rX3yR?%so%$sQ}P(j8qcNCBe>>2kA?$oglqMI
zx&(`j0PxuB<NWC8=t{of!L4E%*BUnamoJA(67Qq8bWQ8+Z>WiFnUV%`X_|GY`wJ8R
zYrQ)D3?e?)RgU`<ezw}=ur2udXdvv`ag8cS_Y&!j^dC0tC{BA%&qvswKW?h|wA;(<
zG=xj@Ot33JG4SqrH0zJy^mkQT=W<F)Am+BtJfE(C7p<9c-A1lE6Gk<4b=}7&jj(?s
zJo{0Tj5Jy*&5MFtURKr$$MsVD$o!_3Pe-u4qCybHfEHvO+W1!=zVcvvaL`?$nhZ|V
zx-rnOs#e(TCerz8LGYPf@E;&-T+y4#P&c<5`^7%8XK#|erWWm&vKS5J1q=w^MLF?8
zRg+h(oIZt0yM=`X_tX#<V10E7e0RAIeLP=IvL!48><K~7d%iiiIbMhr{l^>yxVet?
zQRVw9Bwu0Yo1-~c&2pVNi=`T~wP$y)|3j!@SXw)`5^?sYdHt{BoyHv#UaQc-&ARJI
z5~JXAFW({VNHVjp`QdZ{^H`SfTXZlg0jS=nE5PmLK~MqiKR%v-8|Qki_Qt%-=F7C1
zN7H$)h7M<nVhM$Po}vD45sartgd5jhil2q)K`Vu;70vX-YztwH-7EhT2a1x3gHxBR
zJX1rnv~q6g=#)=gsryv*>|23#Ok?36%ijMtD}eIgJd%aKq-bvL$l9gBlYa|y?t(1M
zF}L}PPI*aRBFNVmpvcMkAI&hg9j_F8v%f{{l@u4MkXCQ5A;zQAFyYx=H}|V_ulkH^
z4cng%1$*u!|4r`=cDo^rJqNw68t9jUG%OZ+8$bIV&!=p5J*^ckb4j-Tv2-Z-Pt8Tz
zE?(*yuPGG;Ro~%~L<8<z*GgztXIe`eaIX{7EB_z8(7P-0b@BGv*5Xn;@X-mvMY-2(
zXyb@Y&i6md9V#ox#Q$5jb>s3ACS>#I5W<v#Ne7x+!S*eV0oeNDL;}{>W=?a^d+TF!
z{%>JaCc|6kGwc@BLWKIcg?}_pal6l*DNxRJ!Rl_1DXFc0<_!gPG5+Agi4+h|JnE|Z
z>UM$tzm>S(U!B!8)VeAuwzVj^cKvUvQJMUvZ^-)-S&hGb{gVHwtxa^{{U7^CnO<6>
z7jK**;V7zQmJ#13wqTbGtCrwZTL~i~Bg?b1H+~Jc`S^hJo9zAXV+h_U`yIj`lCM+L
z$Xw%|(Y}FyK(I+#uJ-Yn6B83%FLz{1|NgC!SG2M!$q@49bJ*fPU(`-ZcU<*pJIeO<
zTJm`sNy<xdDDI`-e(w2)_TJj3M#?CBL*DFhpzP`PT(|Apw{LWyQ%A~Yor>3c4QF4^
zaXXTStKyq`yTA2sQorgSbbh(KDMduzYtIU?dKbYXMx28Gu?@n#_4JN4_Efk@Z#(VY
zprf`^>W#Xm#lv#M!Z*$A{FzaCIiX{`u3~OL-S$9v+Scy+cVF?Z@AVx2aBQXBzZPME
zN!$pQv0{HlyLLPl>81U0?7oc2tj-HA(6Fyq#URkDDrkPVoj1HJJ8o1j+rLw@P3<7~
z@)UW}e&I2_exs6wozC)q#O&a<o=jy^+i&+tk6+h5kld9jJZ(L<-!3(KoeY#>EM2w%
zSG<qf5|cDj2ZeR*vQird5MFqy7G6_K`UvQ4#%^Jb&uF%4(n24Y=SkWAe?&3UV&3h<
z^TF~Kk|lY%aExhv)+n|TF|N5-ovX&Lt7F9~C(yKSo?deyJHWUiJwULZJ}=WWp3}T}
zJ5nF|Pec6fKZA}%ftuemmZS?$tC+xY)zHEyHd6L%F}9YYLToOf=ucL&>$g^))zy?2
z<$VVm_I;AgCLRPXkjZy*hyRa4IACi9gW&ga`oWi#s?te=H>V1hd-Ix?z;-9U7&G0+
z`_^0U2HTYe7hAHGfA3S=l}sL9?)07eC*K=g@Jj7x4<F`?9sW}5a%4|ez--0YOX<-c
z!9Z6t60J8UQ;^TLFT)+bWLCq6gsh23S~(@VrU*vnwx+!ZH92CAPBry@at17`FE+|e
zRDTs<-FE3(@Lc7L0mGxC3S|7QQ3NOiB=wE?kTK<V&-H`m@%A$(CufWOX24?hs|Mcf
zYh9$2zlexZg<%KNUQ2eih%J?wnOQ`1G#+=PeU30MFYix4w~OQJv&Yg{v20dkWMrR<
z)APN<g`9!{n)is7lvKzG`R?IsrInS{a;sbAfw*x_R`*^nfg$kz%$#zmKKd3FvwrQ@
zY3t*wVGs8)?5L`)?s3l@IJn=MoAX6WL^y+lnR+b&1Mi^7Y3rsyc50c(@S##_q&!CK
zW-+})_33huNV5rQJByv=t$I$Es7=YkW#xCy9eQhadG)%Nx(!x``53Xw>GJnH>Dax3
zu0X`vZ1(t{$R%ZEvsK1Dzq7I`eLt3Jl&g7qw&<wa3m~8oZU_c7R0mGAx&fj|d4B;m
zad6NOIL${1$$0EV-ek76w(7i}T<hyL&=me~AP*>PIvz|?*{-#GKUKWEylj%1E!XAt
z(^Y~xOE&b;&XbDXDllmGw0gMQ<q^=+)M<0CriCbG9Q*}<LB#y7Wl~XuIsUMS^k2Tn
z+J4dlM-dH-zw^dQ{66NijDOqnh-^swra#~Rwj*%!?P$c}b(fD^=Ag9kBRYQN)7F!H
z1=$;5+3n_bst5VyRmg8fc==~21RW83$3*dE6VtaigWv6MPFFznr%(1Nm|&&B6@;WU
zjR4_vydw0e-JB1<!rGE9beP~Pt;YJ)pqD#^;?H4+Du2$0i%IS-e956Jb~gyVp)Uh%
zAp>Di<&zkYJ<JNFp{*rm;#ODn5|fi*`*SLp;5BGyXv|tLMLn&ozJy44P_I3cv9(Z%
zhXiequ*fPY;h%o{{yjK1=;iTdrp4tLjsb>XHZXJ$@OT*9<Qk5Gn@W2m*D<!(%i3=(
zHLyrzfuzSP1&)Y_*a<@YA|zxW;Y{S@>e>K{4RS#-+3PlWR-`UEpy%XF+|KOcR=J;+
zXSV8#z{^#>#?xBu@a+iXeH=;Wkq&Ck5!ju?J#T%0*_y)JXXRF0r}-QGN{IXDw43UC
z9c&Ozt(?N*f5)3uvq*SutWLF2z_k2%OMy(OI243)T41m@DzDw)(;k9J5d%BZ%gf_=
zT^xczMqD#7Q>1*HsA+)Br`PIQj?bvGgA8Q%<r#j@4sg5Ef5fi3J6MK=@q29%w&cf-
z5;cT_s-<n#$1oR&Jp0JMfJw`E#~;r4?72EgS>IY+PrIQzU%jF3`jWW<02>$TR@?PQ
z)9{j<JI7)y(&BQiuob?v#A~M%<l8P@dYCUP)-mge0%&n>t@{^SFPXu*iIZBzS2s(`
z`U%-*!7JBs(9MB&Z~2(%E7eAU{mEo(ooDyl!_M%xHwh;mEi@pD)&Rh~ACrDdvBg9t
zoWu1B_*G*<_)Xv>NBHew0^<L!A{x@aFLPuf-KDM9hp2bI86d=bx2hsFJEZhTW@;Sf
zw(yw{$s*7tQ4%7Bz=5C{HdaIf0@1T0C7myKh9u@WY?nFkz5T>rp6(Dc!+u%6=U=ll
zGu)Atdt+(R-x9;vHsF3k(?KDNK(VMG9MC=v!C*`ls~0K#rXen;k&c<H;IduLFHtXY
z9A&>ZXAogg6{ilrw%zItkAiQv98c#ZMTDBdewptMM&)$cQy7O=u-D;mJJY*4oRO}z
zn3%u6*q(y6?`a|`(x}iYdAQn#HP!prnb#jpGC;^_J<pI%HnGv_b$3>mM=t0I6(+(A
zK>)IU?nD-Zjk+eIh0gvV#1neJ?U{o?HA-ND*qQDG-vn*22)7NRLBwne?a3q;`LfZJ
zgS)={1+}495tc+u`5O7<vKLMtlb9pyc8bJ)ToLst--lFk$-8rg7V%)SHyn4l5kO(`
zDF8bF@H#+c!Vq;FOke;Z1x>-;_K&4kZ<DsTR+;UEc!;{U_<K)vyyuA~$p<)OKlT^t
zu5fGg_uws}i*S(^sBaw7tpmc)yS1#cwigi>zM`T|`JCZ`?ziNRySX>+Uw>oEHS6Vm
z*O*8~qxMazm7zUmzll5v_M`-Ht6H^BQQj~;kr;XFUfQ?Qnnj)M`NFQQpw)qYbI4H0
zlK^%@RHOinm#kedE^PPh3)Dw-SD*QB*JrC|7vTQ-pFiLg)pu}d8;+#>HQZ;K?+Xzq
z_qoYEi#{*#!u2ExyW0jX=eMo@RC%kIow^lzbF1HOzh3TroqwflXE*zO*2ooRsmuad
z*T4lldZad#o%bBHW-Nr>-4wN%aozs#?i_D!&yWOZPx#rL4ZuYssR&+;vag1|nO6nW
zCu&}ql+`ve0AZJW4gQRhul=#!Sex#ypgX}Mw~Du&R*0+R<&@}1lV~(yTpp{SZ(Cfp
zzXm;P1Om{4`ci_Ips8_3c3|fOF8B0Aka)K5&emF?zvFvEA!knqz@rY@!We}8#1Vuo
z*6T&%F|ICT%8g*SzlPn&Wy&V0jJp#I1?0~Aedr(IfyROgY-qOk`vNyfb*TvUBT&O6
z^c{#H6IXpqpjF<g+HlW?B_CinaPD+Cnu{Uhhx(Qq=ZE8Yg+}gAz03=|XX%u%W4juD
zyAJ1tZ#tx@>T9z9eXsjo78)thjimpru2xkqR4`WJ4JDu)6@WEb#N{(uhcdBa<6(m0
zxKU3Y&)}CP=@foMl3bY@nl6z4LbKe7oX_N}q%WYK<74#eHHY2km!kpl%K$!<++KLv
zCk(WJo?cvd=OG?Gw=;%x_S}h5&B|Le5O(H=jbeL2W3L0~m&*@+)(c(S7_gJk6)D2$
zWX{8iq@iJ~EW)!ryw?O|CTXKo3qh^x;l(EMbv^Y_Osl+$(B77L6Uz5nk(glCj5*#a
z`1@DX4{k7@(Ivc&FuZ(ChlKRe_N<(~mkAkftaceaeq)g@LL1-L%$(~%sHRX(E2gP0
z+0uGUWb^*&)Z&R}r`n_F^~1Y)vD5jNPkL>qpOCop@pOGVpAtZkSdO3SK2z604)v?j
z4CtmLP{^3l(5GC9LXN1E0EXoEtXBRS!j!}TKOEO|%$$C12L2~s^(`oGey5~qrevM9
z>ftsuJIbuwMxwIVnpeQz7|xfr{C(JYx8t6n7KX@6!@3V?#<y;T!~lbtBYEun)(xII
zUSO?K2CtJ88K3jydouQc$-dKRLU5pEK>#uRh8SVX=V;#H6)^&!f4>)LAI9<a!yq8S
zx*`Hou_3>g@SE??(YJyc4joU_%hjWA?G^_fr~4!Bq(H<Yaj$?Y|FL+lD}g|OAFYC)
zA-*9cv5aF?SGUso*UYpu8+;=u_<M{{%Gb|-h7ozR7ySjI&=%o|^*$077m#hFN$)ec
zK!^GXO$w<lYWM@FYdb$7VCuolAz?`h6QTOa?!?hCiXdm>Tu5T3A2X5qeQ@98-iI=Y
zN<E+^pt0SUg|hwKbpb&EdF)7LO|owcr+94gU|k><`$<`#j&^tri+Uh>UE{j<<WRc6
z4TN8Xg=`f=|6El`ht$D!BFt97XMdnNiY0?C{VhrgyfTGL*}i{Iq{MHb=wJ^0J~r$H
zk^ItxM0=a$buxHwBSW|3Dk6e;;1?MeMBej15}GVy$OlkHwp%*x3DVQnvV`U$eE^0-
zwjUt#XSNsZD6KMUmEpcU6;JHwC$7L~r&H=hhBp)T(Ju>;PEkFTSq)f*z>66rC@?Pd
zFi^Kv&obLl?a-L4Om+(KSI8lMD*JEK&ZqBBFLse1vN+;=sC}c?(^*uQcPr;G*(`p_
z?s_o(70BbJ#rPH^`h<G>%8y>RO$_5n?^`c=XT;dyY>+S<GbzObTxqrtKcoh*WFs_D
z3~3j}AY4jx3;$wMGh~^ZXw@kJ>o~u*<C}rCGbl-e&UGW?=Mz!9$JgKD5@9<-f1k|x
z<!0y@;+4B;Q%n=f+o07-`ZlD(PO?_XcGMjB08Mh%69n4U@-wRJgdTPh9&Z~v7|&8S
zyS;DjI^NoSAb}KNUiR$9-kZp@ch2+11ICR^z^sY#Del7lFhKTbg{94fzBF6e_`XI_
z$z213el=a|ig4ThJVVB4nZ^$X6>W{rMK!7~Zl<N+TbrBe8r>iC0{#Ge8zUGRXges9
z>_JIy?cdr_Yg;4K69MS6#w-$Qvh7e((4RkN1yiIT>~vFuXORi3iq#343p!y{kg{QG
z2(eUoI}-;U>M%bvpa5~3VfhY8Ae+<repAsT+z|)lyHj{CANk}Z2-~r};j)R|k{ESY
z5lNxH`K38c5}EAjkrHM9x`lGe{gq$ojsV_S;*a|@tvF6p@*#?>$uuVQ>*H>2;V9w@
z3?13QWqu$njl@kVdpgG6OhE)x>8P+WG@bl!G60!AFAJ>36b-iKbr1$Nr4T8|3Xy6n
zdJU4sfjTa_zesi^ag;z1z~pC}omhRb1t3Lq4tkvwb;@}&=;o%3W<L<(?n-A<t_zPz
z!L><zkjTOS$zqH8l3LK>lOozAc~I(y@%9+lGeJ95DEi=5Z<69;s->hDzV3N;C1GbG
zIApZSxLZdugYK<pGv+>3X@^Jmc|w>=h)KO{#eCOHN=Vhwehnn+j62Upda_n2&2bag
zRrAdoIN-Y|P2+leog1UPb!O4rMhl1~jALeR+FMn}H-7b)7x3ovj-ant2)E==Jz$)>
zAl7LM6*%r7diX54GvcZ=7o9C+&9XLh*`=u?#D{$WCUU0b_;BQtI~zYyQtHnee@$UA
zF|%ZpG`Aq0-qDl0bA`6|gm*gm=P%t0rS<#QY+L*<U`th?&o&G2t92nY@nu;@`=NZR
zAAm68iGH=$bE8)<afe-O)z>(?<5L;y>V$_5aAY5dd-^(c;$BU0M-?ei8B4EjJp{^^
z-x_fvudhqC=C*4Xwxji<;OAoL5+Q8v?8HH(OBl+Hfu^*J?~Bv29D;^VFGjS7iGWP{
z@#EWyK!uqbBmQP#p~N?$#zE17^+obSN1NoD`abT)TkMyo2|=HoLNp4lhV5bM-rra$
zh=HQ10H2AwOSn$qb{q;nZc#fyV4_sW*PyaHv3_tJUH9=yq)s)zmrp|NGdYoJmxNKy
zFhTD@y}&nL1p<<<hR#kU$<2l0;~nF{LQ)yfV^a#^HD@60K?pl>BCk@s26u7C`#J}#
zL%HqwafLIq*5O`9DUkv5boV=<_7>?|@)>Q0VWE$z^|^)Mkj!kZqX*&6x!wL82rDrv
zrO`S?um>e5@S%Bca#Kdt`YBDJ4pcGbPGNvj4V?#OU`dfqW^Li+1bH;|7I>t_4eT>{
zLdu=m+1<wdw>)#&?Tca_s~_gyYr6|45ZEq$<9EMW;Gx9JH05nyKs}#&mYM1n?;kx+
z3H6Z}6uQ^C0$|+Pg<2OMzeN}*jd#Sc^eGHe27?=d;8~=#R9`7|#3ZlFYvzK+xUTq;
z)bgv+p#bqZDM&Plnl0h^^mF{V2Ld?X@0rRCxl;iJxwCv_jOf6iPX8D^TNc^F`Vz~l
zQXw$X?T{9~F9roa4khoLSdYN4az4v3S?3!tN3LQ{%XFowYZ>t#Y#M+6jXxGN6MC)<
zKIgoDE0nybWsrOI2z*{iXP;DZ1R*a!A4m)TSfeSHP*Li5y{VMte~?~bsr6}EJ=diG
z$@ZKze~Q#ssyk4qmdvPq*puV^QrRjO(~y+TI29BKFHy+3t(DU-povqiv9^2ssJv_c
z6K@6M@Ae~_e!EZYLql+;V1sLOt^z59Na#Xho|GdP7Rh7fx0@ITsR(?W3~r8r1(w8c
zy2bvbA~b)@m9SWAC&>nC)kSeITW69c496zvB=<&8HJf>I?dX$To1MTJtFTG7z>90V
z4JEn$pVQ_wfz`!HWaj?;YccI37!AuAcEm^zv7$|}v`r^PB1cam>3h9qeVa+t$86Gp
z45mL|LU$eLbbc)7DjD7*`!|05R*(w8ey(-UWrgpoIMHJtt4*Mfu{96N>ZkzL<024v
zO_a9N=i-m<bOJEYjOvrm@y(aQ))sYBI!In&MDWV1Jir)0ahC$<S&s|JQvFc1=TBxS
z+`}LpX#Sku#EZ6o+R(LXMEft**FABa{!XDtWD-Z5cM#%7O>)Wk*R+GY=D^Vq7A$m|
zi&iOpnRIC59iv33HBl+h$K~_rI?uqLRBo2kQq%v)R=7jiymO@4rp~GX)?_cl9-7~5
z;mD}6y#Fi@>tQ%N_?Z_B8|jMU-PnM7UsZ&lJB(yB(Ui$yVf16kc-Rr6H9_ksHKMA9
zeK_`*Jkr%y*bAf6?$po}4gW@{{ORP`E;x;|e2XW>Uvi8fO+3!ldvF#7_Gv-q=LpGZ
zectCT(hxd%7otJJ74-K!3wi^N4RqIjjt%+9BZkEwptX7KileSVuxzyx|7mEMSTiSo
zE4z>k{Xp{y_ok#88%UX;XXA4PGk>!yJ9Shg^y0h3kGk7G{}nZqJ=G&FbqMm284Kt)
zX=Z2szhTGTyI{k;#-%@Eqs>4@MrI}X6>sU2Zp*2w+X~~&<6qargUR!bnB=6}4(@{_
zVY`c)$0BqsX8SInDC&)C;F;H|@O3tx{|taCppl?ZXHwFaAcr!4Wayb;Ph=+A%xC^s
zdh*LY0SVs-D{b<R%U0|UVCOE}7vRtW-RPHobuy}1Qwvhbj|60FcdeS?T@DUn35V3e
zU(@>UeryRo0_Co6z5qwV60uB!KM0-qoEi?}%&+b}dFMSjU2qPV#J0w23eeLJx@8Y)
zhWdWVBKH!k*fE-L#Z5@>S^54muJ@XB3^|Elhk5Oz|6$>0{<|z5$m{FRlVQ8=zbokX
z+nI7`{I77j>^4n$Q?f-QjelG337@Y1u%0ZMJo{J^N%Fkf%0m0JmwYf$66|}J##n5p
zvOj4BQn7@#HPAq{PQZOFot)asRr0-dNL!JZce2o%OTdUl-t$Kk$8H;&gwJEYtq=?S
z?NK)h&OQFRu7|3>-r2NH+2Bf<SoMc^bFB`>+zOj|6O!$ExYMS<VE|;DKM_TWXFA;-
zz=Sw$8(uiU3Ts9f?uAs^wFmkhX`bEQe><`tdSdZ42C5oj)+ZMo2!5LkFbOUntaRBt
z+h!si1#}f6MyI%xAfQ&v8B1&6j(=$MKizk-*5e`d_C2xU+Wykj!TbfTk4N(1Pb>Q1
zbHD#GhOpf?mmj)PG+b+q##gW;T2gUy3ix{Eu*YGzmB#*0`R;Cy;xgVrSRh;Ljpw5Y
zw5GzCptr3rL43;yaU@JZarYYeLHB3EIAG`e;}huBa1=YPWn-Va)e%lD61*wr9=ClC
z6J<Mgjc1y3uh9~VQOtq1uk}2{c*jJ_WU8C1<F+XS(Qh#k5W@<l?yOslAFuT~q+cxi
z`Z`+oZx2{c=!%_K8%cMg4Njs^9{aeD>~qR8s7Xs=vATa+<sO`o^sEP3Z#%+)m_!z9
zAWGElc#__q7$}>!aZ;PYNEQnI!(8cxU~VyEu1V2^o^03{YrKrXQiq&5yr3QmvDC31
zM}IBXT5>~juc)b_%pW^LMTBm9ME%l%-QKR>iqFS?nh&Frg0QAhse-iikQRC?=~{3@
zOoox%nbL!nrZNNUny|#Sbl)GZFxGM;9larvn<iNN^r>u~eTx|is-USQ|JylKlK}o^
z5|9-<Oo60hPw+d_WPtKORI1)mjv?dl&edq^Nv@Oj^ADS71GDiEJpuIEs{)cmB&v@f
zJRC3%SPUugWjn&nHCdq9grB}2s1*OQMfggtr>jAwVo)~xQA`H-^&{vLC>SfZW4G|Y
zr?$=Ty1!p3yNT6{o)7dW-yy-%!|Kf;kUZX5=SD4vB}Q6BP!&Fkg`yIE{^n7`N7mQa
z+lVFB%NJ53B+!~(Gxv6(NCGjPrM(dI>V1Ng84SwMbw7ZtkBJHKKE30Yaj<Lpd(ks}
zw#OAn7O^#T@3iKh+!8y`!rX!We($;zVX&o(lv5~Lo%Ar}MW{qB9Md{O+r2Jt>c!0@
zec<rvxd@|&b2GA64A@WTUYQ=aWEP4=eFF&%Oj!Wp*~Gpo@2cmrx?qW4tn9BqMlHP#
zIR$K3WEMQ=0;4e)M}FPoi-o<m(4M%PH?DM5WN_Q9c9yu5UI2Hb9k!M^U!CAkov>IH
z;jU^ov^j-KNY2(9@TJUBSM90PqL8TVb)b0|-Y7%6!-80_+_MTGWZi@ZKY-x?svtf4
z22X&crHGv!Qw)VrR8)z{=E0{5Z+>pd69>1((z`4H8RJZ?unAJs^ZF|mGJP3%>Kv@H
z2K*rM@0|?8(k$Gt{edeicKV_l!`g7;<biMZKKB?Wet-oj_r|gii_;(ONfW_dn;cCR
zv7y$(NIV1H2tLTh5LUx&uV*yj5!)ulyDo2stX1yVE|ZHC0j>%E{cfkNW@IV}V(JUV
zpvfN!d)OM^zf*Zq^c*IRs0eTMxDx<}?NfI91Xof;RTw-q#^tv{e4*}QZdm?)4XM*J
z?ybSH1Hh_V1}xoSH@TyL+I2+<z?`-p(tCbHDuF>8%@?E|6#^ES{FVL--PT+6$W%f9
z6d}JD^~|+Z)zC2Z<iv(_rGuh5LFxuO2qfN$g$%dVSnn-Qn;Zl9fz4|z0OV%sa^{14
z&i+c_sTXWCE)K_(5dxs-yMbvcj16JeSP(!DT<EvnslWW=aY_ms13w_~PpyNosNwbO
znF_<#pY0zm&C>O2pc*#M2U<7S2dJ;>TF!5~DEla87;uumn%douqqC5I$5=#<Wm%}M
zhVF`Lg`9#h?$X06$MkRQ3=t!=-r@x}#MJr5{ErEYSKDKZ=Dp!iYmAfdslMsQOmZu~
zpXwo&))Q?q@ly*i&qxpgM;GqNg?lC(N$f_v?G0CH@5W3ZS^}SA$DG`4D+C5YOiTsZ
zU}J~|l>P^G>pkriCul1yL?9v};%TtJjOfQarqOvR!VHXL#TBjI7jEHhCK0lL0Z!>z
zjGT76iBef>{0^w7aC=eX8Sr_$-10n<VG-<abVG$9P*Qs?6ftno6XKgl-5<B!sE7P9
z&`EbX5jalrGZ|vtT}1hx4BFuBIlU>dp!iLal9IOG&vTpV>@jq_3LKjDl|#N82AWEs
z!H%lmGNffJqFdPApDD7W&>L%S1Sp{>g1a*8C(>qxRf*OR@6K0hiTtl<u}0fa`NlM?
zb(nQ_>Mw{r%G=Bh_y_z<x>yev7Mu5!g6=vo2vhHPZUfV^n1itX`5f%z5HW()LuYDF
zaL@a3wS&z7*YD_;T(=TYjZ^nc7?IMPm_t1Kn1_$mgrpC~9dI;X!&w9azl(`YWZk-e
z;Rk{anMi43@CM2ZO-2mq1xS)qqiD8nME>zK6zZR~b$};suiIp|PL^t$_$>IAz3PkZ
z7&72X3y_(qf508gcGsGk3+tWUH5=Y5lNyaV1o88;u)qz(m<(3$q&V6bUPlIa&7i<t
zvSDM~Q~kp%?uR9IdYC2T9l`H*wsD`NSWLe5wa9B$T2Eo|{2IQn>>l&{%(X{9A+&4c
z_J*68=K6${z(K4Ho2P-)B!+V!-6ZQ<7{8P^5~jSgkG@}(mDoS9h}cv?%QGuBTp#f9
zw`PYDngpHL_`Je7C;mt>@2W||_{>-IPf~ZEmb0Ac$^Xflu(#jb1C_JT%cT}!QoRQx
z@{d7SKb7C^FHBb3JaB2b%KB<mv#v`jy5RjwB7@vFmOb7@Dx3L-?Lyu?=0p^7NW(b)
z;oYUbhle!Ru66@vViFS7l*I6WT~yCV_Fc;&WSjh6wa_!|?O&)DR(Tt(uFy$xged=6
z)z+9%b2=nbu>V_75bEvh;-?p+IUwv?iFjG|F9F8gQB}CslXnOHpL{R)klgCJd~GNQ
zv~C&Uc{Wj*a!m;o!mfi2%NB<-eXU=|p28sU6x}ZNv{B}1693|y7bOyv#Nuhd+n^m!
zXh(8(#seJJpzQjhRK80O#p@|A;$zch`q!rh>dB?9nnWxyq<6O}AspAlW@o6l$dq~0
zGFEw&_=B1Uk%s_h-u|5U3Yj!{oO0tvE(rA<e!{yD%_Wgnoj%{<tyvS)*7M>}!R;gL
z%ba_dWC<a}JlklDs`5qri?>KrKY}ta-rcHPoB>;W0IAqDVr?7GW^&^=XXJ)m4b=w}
z*>{o`jPGtUZsqjP_4hU-;yWUB<=-=m2D;0?1RvW3kD;G^gyl82GTw#!J`D?dCg`oV
zONi;yR~`H60{8EAM#)Ykch5i9tFiS@PgxYN*6h3f$2jA9uAX-LpXqcz822ahP>?S8
zHq(#vY1?f33G2Qk&A=}NC{Rt4{EH|^bAqAPTgeVT23uV?yUDqO++pqQ9Af(R{bL{C
zT$YIJoApNF-(w$R{Ci9*rVn-+rCoywi*|}aY-B}3>T1ScC@XR5MRa#P#o^=Q`-UwU
zcKzSxM{@-l{9})mhHf_lqf|y7o0wAdd)CEo!h0;Oto)4$aW>vFq<=PSj8D+bd%`T(
z?X^s&HO7SoFJ^z{fZ^I$6f3nf6<D=og9HcjJ~{G#lf88@_YY#de!5Mh1y!}<28I%t
zkMp{7R|JGQ+<y$<RJz6zE9Rkj)UmiT0cEA!+m3R<GK)9mz)2|~h~27yUlRAb=??Jv
z5|Ky_x^4toUJS7tC=Ia3MaTQjKK$N1&)ewc<>273rz(VV|4IE{q}g59n~}alI$zpG
zbTclvAYHc-;M!(yD!iHXaU~l+#ozZeITuKok(p+Bu6#yh%5oZ4U8Y1uv~?}}PA^ZQ
z@+rNkcTc~lTehLB)*j=#quNr9-mn;#9<rBIlu<8QTTx}GIeuVgyvl3lUyXpAv>a?@
zZss-IYwig~C=`yzB^TW0>R1os1HvWzg~ZVjQfKW3HCRDQKbh6Lunxsl%{c$V0SSHd
zx){+9DbFq|$;qpTtR>3BPN#47c)%j1q#{3dw4Tc`7Bqk>j@`1Eyy*>bN*)azDKWK+
z#@c2B)5kc8JDO=5S$Ag{W!dUSb%L<_1Ip33nAOFBHWpC|o16+sg$e4t%ru!4J{&$g
z^!}Ty^5cd2h+A4upK&Vin#$K=#Wgw}*EJ7jX3k<|HSq6P#fd$X=et$jsHiA=gf^fN
zVG<z3n6UjcpD`^_zIPrBZ&v($w!8&E9XN?sEH;dog=<CDQiQy`E2>2|>HD|dVkAv4
zESN2rj8ME+AJrukmla(*ob0c^S~Yq+S7Q@nxzh=}>AHw1;_3aNs6a9>&Bu~Ie{tsJ
zD422<zPy>9^Gf*4YJy0cl^@gOIiY^5WmCL7jNEa#c8&$>7$V{_=(O2ysxo2V25J~;
z*|F)!L%>}?jBIA~Ubes)_iZLiX3`g9A^ebb!GflKR0VwJpF=|3X?q@R%m)y9hMoL3
zuR4OPzNCxT{4i<VUk*gE1ge!YEy7vPQ4&Wfc2ozrLqx8pEfh-^GztS;Pf*uC^qyBE
zdarDGW~0Fggg2rE#|`&>>6d~bVWpq()Kjxv57smU@xG^6UQy8_V!If8bWCS93&o8W
zw<}#o@e;w}uN!M=TZ$gE!kjhLPf%t*9$(;UWg^I3@Sfb^|3K#R0re=arUQXKc`Fq5
z=`ff$M<uK=kJ*+mWH-&2@bl%GDF1%DcWqeqhd+zT-^Ff!5F03gb|>=6Wgpt$!>2U9
zn!2jV8%%8XNvKWI^1-IW^uFYC+#OJUUi&_OT3oeK)q`W^B8{F{2W*jQ%%F9pE-(<B
zMeXLX9ddP^^;>)We9<VAl_?l|X5S_8YXh%X4Rm8_vvWsu7dPPvRK7Ex&1kia_`X1E
zml7AHefNfoxg{ATt7@3I|Gc$#cQL};vGINpG0CCWuS^(X{9sNP@}&#Sc315SE1R8~
z{U}CJnDPOY=_gUK0+N~GM#fQM8?=ucWUiTd_?S2;7_gp^pQbm(4J7z=PE*$#x||<g
zO-Z_$bP_*l>)9O$nowR2H?AlCGW#(t9&nD&W=-MC^K@~!D86=>>fyoUX?oj+{AVSR
zK~W_?u4v&MsE)aQ(B|4_MESnxtihWOZiasU7UrqtWjT4Q2t{`}j1Xfj5K)M6Zm3U{
zg-r%J9ljc2&jReANGtsJ3JtalAf`t`Z7(rfT+K;wm%DzViy<>&9Qv0uIdg36r2Fe?
z+@Y_7jWIGAQG;!r7v{{}VqvXDd8iK>J0cQwjrg}4ow7Je+NYYo&##aBBN)Iqrz?-M
z+cP@);joApMn{sw5xJD)v3dDM|C6oMOIu4*?K;j);iq;CS~OgoRKp}3zH*?v>Kq@Q
z%xFwu-C{U38yGsM?`16{CCM8>$O%DzTwz2jO#l4ruv>pr&9k4ys07MY%U7?HUQ!7j
zZ)6DvuWhvy>6LQ-(OuR>I4lQV>}Ha|Vt&n)lNR7%u3<6}|CienH{V^h+4=dc#cGp-
z^YhS(W4cfOC%eY822F&eIwkY=$dJwQ`sM9n$+}w9>P#ky)s<hqPCcWE4<W)|<~YM{
z?~T_1!GA9NM=I(R8mFgYoPV1ptsvtbetc|G*+GM(#R1fP;;t+Rsm3Bw2El<5Hg9zS
z{D(?XCT&8!o_51GQzeRQMU3N;J7<(zT?Psqm5JwQrn4E9wvHRvLf)w6bbhjcgwfdK
zUYyifH#6Z^^IBM@WYm9^*n5`&&(jzS0~in^Lg`ns()X@^)fN-vz^Bv3`-=gJi-Rc|
zmeH%pOWh*nEGc<;)Z4SQ$dd6WM@mwR?dOLp9*;{?ot!7fo1^avg8RLD#Jd<~-zGBn
zH6iIguOYEttWxh63_ei6vRYep)aACcv5bw{uxBP8O?@S7jK#&Nj5XK&Iq7%ycQ~pf
zsA3U25)EdOl+E)JVTS}EcgUuB3j|L+zo*b~9`m_Z4522E@@UE2u(5(mP%hV%>RI;D
zW0udecHw=a<{}mKne=~K$&h~|yl=6!?YvS_U!N?7LYQg(mCL|QWQYZA<nH}yJIIn*
zt4iee_fiexu|J$!Pg{MFtnaNCC+qDbfq{XP!;)3~0|Q-cWX}51CMGm{;~9~$!mosB
z+<^Y~u8XOal}L7r@wiTWu~#enqk`REj~AD_BdqVO7#H5}UAHAQrb9TM7-1c6`@(P7
z6VZ+Z<>lz_jkCD>2a3jj%-5YNnnAL%BRe<pbVLg1d&LxcaTE^U2S##e$k8at)l@LT
z&^;9vElpTL5sae{F71*l!8hWRF%*GG@!MQjn2*K?196jAa~W@rEsQ_Yh^AHKRKSTZ
z_iDRxz}qE@`-P6z;F5*C1(NiCanAdEU9e2I5ySU+o1zbG?^|F{6Anj9kv8BlR2&9m
zIYs^6@Pl5UL>-UCUJV9bp{F#$+6rAHcRa(tA1+dET{NXw6*QVzjHXZ_H~~mJv7fgh
znGeE)l8udwpsw~Oq{YPp2|o$|?^S-Eo!Kb}PV}B=sH@}djiv?`$R`gA8M>wmdL<zc
z0=|K)Mr`@^xdH3F&Osz6sp{LR+$oo$fcV;_Mxz+lk@}H7rtEX#e~JmxtVYvqu<@Tc
z>`nZt3AsL0kIDQex38ks$-j&y8Qcu~n_Z6aHOjR7BO*|$H$}dPQ_BQw*z<I@k<q=~
zZ-!D#H;=myY#vPIiJ61BK0bb&`atD@_psjKE9}TBAP{xB(zre0`^xUU_?KbV>-J>n
z9o?Zrfg8f|$_gvlk@R^{{wJYZVHUHXW%x0j=1<!5!}TLz-s1D&E0#KA<iDk*|H|z5
z2A|D~?E&VFLyVqx)A=w&>5;n#H8hAS@@8-Oxs5^U`Clj0e7Wws9?`wY6r@c0#r;qv
zU^W1LdMI?0zQm4}s&?8}`XgGHdf{dOdU|~9ZG{%f!ko!zv#31Jpqp@sCsKbC_PX07
z8HnF?cz$!d-P7Me^-`5b44%mZY7t)(@$Ey2Ll=$8*M>KUc1xpJ7}!tlrRUk)!^s>=
zFiND=Njl141nO~9TwhmxKR87GSgx%vY-AL<rmkO7)NwvnX+X<6`9^V7(402Dz4T~t
zzTUp+k4TPmvtLt2yVl_ds+*Sky160`YX^GRW8vaz_~H?Y{<Gt8t`a6Mu+{;6w(V-1
zpNflD?a)7#j31xeV+Y$2e`=(mByG@8uV+tL&0m_ro8ucj9u{5}B1-pr(*doRaxJ-1
zmeA?;Kuv-3=8{Dgy2#~Zj<~U-<Mgy=BguD3FMb_t_uWLzYv_Gi?!O1NKbHqR;&kyL
z^^UIi1O&EmjI*CsNa4D-j+-@z+h+kcym%NCLZs>7;R9esQOtV@iS{l~WL#X_uKjnT
zR%C1%RMCrh$R<y+o;gmV<$^OmeXm@*z+<sRnV$4fF);|!#afS$=c@@s`A!Wx3~~X&
z*-aAgeF&f37hsV~5xi!Rd&TSHLWi9k;F^Ya{9WLpKhK2VTm)Q>euwf{MK*7Yc?4rf
zy+~7$0e%rqaeJ|>!tPLLP<Vy_u8vbJGF1y7Dh+Rx&*=S3-kvAk$|mOYvx?qN*9YCK
z7QA<KtBziu&M}pRU+O5oJ%Rtc^SeCgoN)O$3=Iv<FI;hm-$pD44^f?KEj;2Ojm`rt
z!)?t)(_T^jf&BUi>gQSOxe(L}4ta(&K*<RaM<lLB;#88VMpcgQT))*7e!wrZK#W4=
zH)rQnVkJ<rIR;kHY=y&8J7W||!R62QZa33#t5(s;dWoI6!~!MM?C%yLrQRFEZ!^os
zUpMg6gbG^=MQzNWbe(xzg={|0hIUT7FWC$lhfhR4p+SxeNgkleUU9Hta?lRE_t>+l
zmzXn8x>h$NqNAdMgkQIXF)D<Ggw|IFEd;K&CnvEG$5K+%`;jKOGDwJRd}))XU*B7G
z-C2ewP3!=?Kz58j-q;R%6c~}#X|PXs=a|cuQL-&R2HW>Dz3L==)2x>d!AD><@p8p+
zCw(>g1vc)^r}ws}G0eLxpK}z@%?v@uz2r+avu&pBxbGGGj>Ue*WAoeDyM{tal)dRs
zonmr5RDXixThBPbd#z);XC!xSniJ#yF&vN$xrp@@03OO4F4r{>+xtm$QbjPq97zvV
z&$bbvl|eW1P-EOO9K&`T9v<>cqo6z=gsXhL`b)=0_i|k%jNV@ZhK3b^Kk?JEM?I^-
zc8s@!LehKTM}?@3^M0OQcM$gbI7wZzGVDjoQqLF1iP0l1bcr3`%OLQ#agdIV02%RI
z7ak0y1(&c*)6E1MW=$X$K|0fsd$19ku)%NjhTqi~-S&9B?sZ=82tCjH!3wNftwM1V
z{WR|e?ZY=-VHOjP6sQ?@2o^eOVuYakbT!HV=cgG&-y_+hs&Jb4QAV_ZHAz+UfT%0s
z9agrYX55da1*!cowy*rClNwc)(_<DUGuXi6qB=dLlGjmkc2^K>_dt!e9bPxkajj|M
ziGM}bs^BK`bf?wrtzbVL%zW3puZj#VNYv<dyCY!)G;Jb`?4|_+un-t@q|Ts{EK@Dr
zO3~>zL_VUUdBj<aAj+|`vr|n#HHDQA8rt|7<TFi3+(@9IX5&!?(#PM$aKC*?=q<o&
zTFyt(tMOB;M9Wml6d=+`K@U#<G<DAy2rzP4v2BcBy5>0R)XnE;(14(e%;9~68EiwU
zyijwE^yqyE15nyV-VCh3fb#`4tVFE)d47}9DyhkjH6gkRAY2GE5Q`1>#D{OLynKIi
zKq?<SisefQ%;;?7HD<Ur{7RFz#UP2puw;B4$h+i_d4AmeS3T$UrKNZOaX}<GDPjLf
z*!65tZ>RM?hp5|&1&oxbRUB6GQy&SVdEs=2GL%Hnc{{3nrT>*x$BFHhow5I6r>n8J
z2?@a>yPRXdLsEtGc<hA-w!DqPOx2r3c|S8g=RkPb*<SlwLrd7sSFci2+M0#y8V?O`
z845pVxRFyDaBi!I6r!S3_teoW4{*6ZeAWE^vq$_dbvV8dlW{Zo0i2C>&*O3to)1Kf
z?bSO`l1j)d+-JdQMPpRsaTjy}fL+T_uR<A(J}XMp8nIvXPW$8jfaMz@-ySnB-KTl`
z6pFKx0w#(!o%jcuvTx$^a=KY4k+GN|M~&-93kiLICLnNMKW!SAtf6D|2?$FGIrZ<r
zgD7%MvHg(!u|c&yzV3aekMnC4iGs4I`8)n1_Mv=zqbaUPi}?NLN+@2kf}%Wr1fdKV
zdTl5x7;i5djx{#(CLjDkXqE>Betw57IHS6FK<Ng_iH{`&U2KTdrr74w@kV;e*G`Ne
zC#6St&`<$SDD^8VFhQX{<t<;nzc@qvOLv*lS-~nEG|Q@;kCvdL0W>hsf~_z{jdpq?
zVTSPBZX-?q^=X2;%j|}`<3RbI98AJ=P7=A<x>5eitLG;i_!F>W-W_)Drr?y@V&=hX
z^Gvw5<A?f^(!1NO!vP5%$YMZkYIJf#4FzLTLXoyHP6n<z>aU01rhnW{(zP2({OZT0
zf)J8{`6!Wcs3aNqLg|VG9!}Vm3_(*pNODm#RCQ79rY3V^puqC~C^<;{#oy6Sw;{`q
zqnw#YfuF`2${{^L*z~@T$j*4#T#wiIqk!|-BLah=)BPTY6+ycNH^f$)y1engx%GEQ
ze~&@1!N!UY^z=ukDkRVtqVM(~{#wGGbPLsNeQWS}fv;~NGV>gb@~zoyD^Z3p&$Rm(
zkaM;l)8_f*VzY`(e<T=CnQmAt4cwnu$XO`tR{OMMdDIp>RmuH{-WpsP^spJO@-#1#
zvXcBe!-pBn6uNAgM=l;4TmWb%{3{(Bw98#eQaJ)hDtJva7wqW+gg$t-TX#ITYPlOx
ze%bb?G5&PL_kg+n+||#z`*t6Vo}{rbY^qg~e15;x{1ZZazZ-AUF?;N2_c_c{lLFGX
zQ)|BmM6$WHDJEZC8O0S6&Sgd!J{K>2-Nqer73^?Ayl1+4SGMK7vLFDa<)a$rjcpJB
z2a~xa9vbE#4!`c%55O#l%{gv|cB7w-=(jDyD~q&oAmu7XfC_pEYcW^Nm`$}Yx3jC*
zo{i+%ftFT1wUHo&#69&+8QdVso+{*La;0C{w|BeI_r>!{>+s`XQrgurA&&K&>2z^R
zpZAjhKF%GXfJ7_iaPP!gg+3WN2;abfACGTW002aAI?vV2%hXxsZ;eTuR@Ose&_dxl
zO0wIlHdv}-!B+r#FLc(Hh2dL&w~j62YzQu821ROF;H6fIwcquy4FYHZw^K1j5MN_o
z<g`Eqz8lKfnT;WugYtPJ5{kbp2J_Kv`(BGoA>nvb5tOvxWc*->a$sW23h$Zy__zAI
zfsW57hISU5SxJ74y+M<HHl;p$Erpy1|8P%zzq`oj?Wdlt)FHkg?xP#;uk1@LFjp_e
z58ZlK<;lwpKy!xCbNPzK79QNBkc_NnuZsb7s#ycnE7^{@kvCT@a&HFS*ZchA{ojVC
z$HjMEZZB5u_6uvKzG+@PW>)_^Ja@v%!e>S{KidGn9u+3N=R-~n5f*TWb@lQw7kh0`
zNrcV{$$b$+z6+x+U!{+C<HT>EO%eDJ_EdpbeAxry^v-dc$H>*d1hY|z^a^O;jBJ{P
z+NDEpO8{WXj16;KD}D$^0++e{2Q!3`8gNzpJ&F3>wWBl^J#kHUA2PPbPBOpuwt4=j
z^wiG9E8{v%=vPU5GYaDX`)$8}0s(@~VqMAA=>?9L`k=>gCu6@p9lR{HWPx)~u2{)w
z?C~Y~GQedwCUYzmsp4>vdAkPZzJk+~oQ7ne=cF;ArNiDpkOT}~gz8|UM)9UBD_`io
z6y0|CSZ0xX5(xzidoD!2O>NZC=$YPz)w~%&>?rX&4taeMSgg34ddRO}{#exxbYQIL
zcnu#uS1xaC{xiNp;PzTy%-!B-kuj&1sx<vn_VwMjOv~LP)Is$Iwy*tiPybo*^&Vdk
z7K(gXpZMi#v#jdQ(%DtTMp{yeE5VLU=pl_Ga&wjK^2ZD4JnEuqUOO|9Zw1j)>oD#l
z?6nZZ2DRcf0@ib{dpkgdBm(rHu+9B#=k88^nq;d#pyXL%)RxEg&cukpY-wo4Uc0Gz
zgmoG}tt(0q8`zp$mqBXYy6Lssz64p{cjFK>f9O!U(+pzId%$Onf#!pn@kahwq>|>d
zH=zKZ6fH49Mussb_rk7*j4F;kGzMUbyfr{?^K+%60L^$Zbfh|b`)L8qeZO8ju#Ko!
zdI8;t9LG;S#QW<wGD`FKRF%0VMNVg7^P^gOB~FFuxc-=PppVwWyhJeu1=1BJ$Ii#`
z60YMyMxseg4Gm`Dcs@*r2XBi#OTPY&O6m5FDr*aM$1UzKG$jOvJMI5e(T#aelo>a$
zpsrzLi+m$i@HPdp&51t*0I{OcZ`F*44YPzrErA{qHJ-)#-4FnX9~R)jm&8{EB>TgY
z-o5|*i&Fw0YD(w4QSQ9G1Cvi194|8^cT><8UBGS1o6lOVKoL=V%MXnFhzC{3x}D#2
z8wwAmUhkhkiT9E)bU_6_2F{q);zMllHuur?cEcNq2u|=pF5mx3{=)TMm;Ebhf_W_o
zi5T@>hXIurJMV;ngn2>G<^00dvK_*kPh&$OS$b*cL}|!#NFdoyYD>X`0DKViMfcQB
zLZ@wR-?#y7@OhsG#Jd6-JVVr!_GE?&>hkzIXF#Y_=>{jWU`7Gp=r~^`1ZnQCBcXy?
z0aXwB6ysuv*M&*Ejl9?DIe%inu(82M2NGJuL^jaide7ei(Yf4=x<$p$uL)@>d51u6
z&;9-B;zml$RO+SNrxLfJ_q6Wa!W%<{ilGU(Ji|{ObZu_<{Pc9JbX4MI$w7HzM%1Aq
zp8*f)4QUAcA&8HFILbBcm;z>4=;dY|-4Te#DfSC~>gUjly)FSuD5haLIp{?uMUv)l
zzGC00=0^?w%iO%j^;qG~NGg=7Bj15JcBX|89T7y&CsL3sz$O4bs~Lk7v0rcOPYsWS
z!PzV<aK$8UAI|ai;L0|R^G(26ozZ0hGS*gyOd9!vq}ClxR{e*zqU()x66qZxWGv8_
z<d5WDnUM<=I2|h9@y-v}*L-Cdr0gufqz-l{G^04`O)8y(oaNowLfwOXn92-+t#2Do
z-4g6-YjsD;xK*US=puIc#BD68b-M=(+#5+~G`M30sD?a$U~Kmx=oJZ`O_Osq_>ez?
zCYE&;H4oX{(~$V8>ooa3h`wTl{98tSJ$qsm%OmVf<R*_(yF5u(GzBI=qO#OtMrc^i
zTG$piGoO()tn~N+G$!lBo>A1%_B7Fxso%=;tU>!SKZLd8RyTUC|1ZG;M2Dx#dhCm$
z6N}QaTwD?h3)J;fPMeoAjKW|{V*qj(0x-cP3j}oGAL-K20?$Z$<NfIZ5%^+^BCDo~
z9WfYORv-xU8I`0epVy4+ehM$C*TGx<M7121;~EtIjb0-WEBb38#k#i6c6r5`?+c~N
zj3W0JVFa+Ag@{)=>SDWNMo%u_8J*5S<r3|qqYV#E?rL`UtTYLf?H`M^v=6l!CEp}i
zyg~rmITaU8ffm_Tz$*i>ow1~H4b)LVCuqy*ClY|Iin6xtwfgf`#`X6*j$1?wQY>`L
z(^2=7V+~vc1cZvm6y?2^?LGR?y3VLHK7w)I0UjESFLm*_Io_{d>Ft0~>Pkd@8BS6Q
zm6)U7OU8L>9>H!e`dmo@2Z%S#80d&S^hqG6Sh^Xxlvh{fV?+pfr4$sV$W}|b97aO*
z*Pl;M>VQ!BCoad&6XzYYdfF)+w-CWUep{ENXXRg1H+R7MM_Bw`nfNUwD>1bhv-DoL
zGOv9KNHb7)vl`t;*9uy~cP?r%5<hF!$$+6ZANkN#l6{?o%3gjjEZe8bNh2Iry+}2&
z=~wP|`6H}qpl*5<$R)H369ryS1l=^JR$X@6(`$!MDB7GM4qa>#^emqgR6V}Ln@c4Z
zIQ@Toy>(a|P4F&?yA#|YND|y#5(2>?!QBb&?hq_kf;&Wj1b1g~7I#^6aS86S$Q|;1
z-+6xL+;cB~%s#`+^z>ABS66jcy)SppnBT&kkfwy8(sQQWwnC1G3oRo>-qSY>tMcjr
zZE1}kl?(3gnw!NbP&|)p3P_%<R1|hrM-VzF|6_eShJDqBlfgB`^_39)9jBi3O63-Q
zQL^mF9l`ng&;;_!4>iQRh)i>m7;TThmaghE9P_cZ+dyOdv|r3lkxJb-S%u{w)LX81
zLGSRSl@SHAP`#wSq8X_WZ`w0O?Ya?#AiXuHnT!{2zc~Hok>Lk-DBP>iW)mu|1fx{#
zDZjYlCb^%)^eZm*i9)&w5RI1(m9sEi(ZKb^#>m1`Grrgs{TPp$dowFv1s^xee5OJ3
z(NR`tvvdW{%Jsz=mqf6r+<WG@)W*@TyT53JBnM^->@GhE-e%RWPUs^;Zut)==8Vs^
zqNmATAsPlk-;3ufx+<&3ODi-|zCR18)=DDaK5%va$ZX^cy+0CYqh4-=Ra3w{tdMjj
z&!s!DvBmZ=;oDCnIwHyeyWa*VxJ=wRv5@)eG=$4}AGAHPcbD)ddD*4&5TPkLzv?-o
zf!9^zTCz0F<iEB@3NlW&3U5o#hJAW7j%xew|1i8im^W$U_Hs9fS4LQuG066n%+wya
zLHs5xjP;9R-eFD$CBZBir9D^3#r+0`^J#jnw&4!M={lybxF>8d>n%~WcUZ94-3sn_
zrs$-SHV9}}U3BPzX<lf=(KnD%CPBxu$h~<f+QOaAns15OyCZWGm!A_N-$h?vuAt?&
zFS+Yo?717C_hw%Pd;eSt<P=uCa0{$80s;NC`^;=m@#eNAQ&E=cs?jy+zPW#L^&Tr}
z82esH`|)1Ap+K`(*4EZ`PU6!=wBx5*fx^yY-FgdyvOv$5C8LHotr=PKwLC`UT}9F5
z7JQRRX;yIt>19T?J_Ux4)LScy`9205VXs_kM@Dk*B`!xogyM>KJ0;iy>2lMpEc4UY
zURm@H4bk%OMD*jufjBeMb%val{Rj9)KB{wf`S|A)QG{Ar9UdIU#Oe9NmfJwBe1^7W
zsLi!!+t;?LzOtnx)gD6uOj>l8ksX56QN#J;lAo?ZT?iA@o~K=-a&sxNQkb!VlyC?<
zMOTp@&eI9ZCe~mVVS%*H(vML~3vL|akIgpMlFpQ^SfVWJw0etP+^-B@EW9&^44(z3
zF<h<*wj>UFam1r^cV^~>RHa5L%liFb@^HOTr80}@ssGlxsOQ+qXk!^$dHrz2Y?D-e
z5AtnxkQIA)rNFXZ+RGu43NNpHIj+X&Ogj9UPit4mB$ChcQ0lkbn9>;m*-^t{LMu<p
zV3dxjKs{%#wjTw*Qx$q#tdLvb%H}<9DMqZE=YbU7M%eWh^XsJfG3J{HF%kFbJS}k3
zriJSS1(%X-bPjGfguXX{%ad=X;Kg`e&GD8o2frU-ad*j}QcV9_RuDD?#_mK%GzGqL
zM3hxe+Uco_@WaM%d<#C;e!20R(|XjaJ-_dm7(a?wex#TM?s}VIalN%;G&|59Gssu_
z!pdioD3V!u6BtLzsL9q6+pqCd;+U73$b$XQI_7bC75z4Nf?fm5r#Y0f2->1+Kds?I
z977i#nQv}~Z%c#Xf3Ezj$3O|9FIWFuUP-WKuv6rbvv+NQ)C^wv1@^(hN8g*(7M&*I
zi+8oZ_R4!lCDfbaPx)2QxZdpJz3ESDB5<1wfn6+B9v2KV9Vl6o$+Hq9b{B-zbKQjX
z)N}QA^Q};p^+<{N&Xi9cbs<Q<k5Ciy_>}Q@s}vu~)s4ZG825vw)9~fzPE-q~tbA2<
zb?LUi5dvD2sJF9T6p2tk<Yuhx*5LjQSxSuVZxX%*%2RW{w3tuSc^p6MKHPuk{RwXx
zN-75)-p!L0UQkL$zgWuhQyjwg?WV2#xN5H$V0L03!*ybvNjcy3BF`;dyWXdEnS;ED
z!sKd%-tP}7-{bqTOM!<p$2VAbnBCIC%4MiaHGKPpoh*O89Bd(3HKD0lzAnLc?WX4X
z7}Fof3X0`os<lq9%g(}U_B=9V%jMBC!p3&Pm74xdY0;1Y5;{eh`9$FtcN7)urjPe3
zH>{QK<yr1doNcp$f&u`nf`G5rO<E}fRL~Knmo(bZEJiN*n^T_L+qYrL*~0liTEER?
zfs(Gcdle2Y_0I*VdS%n-M2x-q63xM=z-;W%Ggbld-q~wWD%9>?W)qs&s1RjFrXvuH
z9aR%wq5E0o+ZcRXb{;OE0iT+1$5vS;VG{W__<kc%r5j$;l}ULlA{5a;CHh!8_xRQz
zbIRqgMlm3W<HUNgP(-W@`&Qxr7nZPlNZYi#Am(%aQ7N4}3<7i(M$^v_`Ku8DU<~L1
zO_GINh*MusAd|)WF1;PtGpsf3!5GfsRfB~~3)8rjp~uU*_p9<zLVnM@N<H^6IVJ;j
zMHt*%E#^7QQ(sP2sC%QQA8NZ1zUs!Re1rA3-WD;H*LBzYy=f6{(objxK(_N+1wkYY
z9i8+7<?JFxhKSv2MF}54PquF6IL$6u)G3d>0vEzi$76iZpMm)6w21_=RY@dI7X}M`
z!%n%bZWON9C3rmDaU$uYfQE_X+L9A6p9oFYUBV<`kF?uDrSYSc$Jm+H=eCSV!Fn<E
zRT0WQ_@0z+QeoO_#|-l%3vW^27+HLG!YC=362sTlK~NPLy@M(>C5DviwOJL286^_g
zGz3B`6G>zm4&nNzDZS<KsjWIW44QsI17J#1XAX-EYHn3&yw(ZwpQAPS1%Ehx7jK#l
z`(>sci=ol%mqRY$Z^Tv@SKQhtx79PYJoPEIl8+yJX>g02>rZt#v*rW`Zui7n3`NB)
za7EW~@QWQi5#y3%#UpesSojV!?^D+vZKlj`YSPszH`KVyei4T%;j|L8vnuMiEb46M
zwYx)K>d*Y%drHp}h3=4=n_Ensr&Rhvg#Xtr_-NW=yDkSO^q_*SuDbwoX;KFk$a<|q
zj59ViwIw$oAC65?u(oFE_u27;3)H)PokL1XtZ!%<<4yL|vs$<kafm&SmZy87N#1Hj
zmxFHQVV4KZP)3UpN~JVTsdbsyse(>PiSSlx-He38y!XwfAaV(qB%76TQEQ`40U`ux
z!I;4=`B3q6EFs|$*T=>HV#M&BldWNWIPn^XW=-LLy?B}8MJyLFw3qbkrTqJyC4DWe
zLSVZma@ZsA?j%C6pA#lNU8GUW>w9Sjr1B}hefu_pyFqo22hp8n|3{*fC!qRZ<KMX^
zKTNUAmg>+8yYTw^Yg5`U`>gwj(_DAWYctqd43|(*7-QO<zH2tov%7mcrf1vrK%Tn;
z&L&>GMxj}K<rjW*Ob6;Nye6huxAk*~`CFYthT7HI+FAevA_YijX0{2zr4cUywqK(7
z-6&f^`WTw!shm%~bm*p`*KqtP%ni+H!nXp`cz#+^*U-<)&>>W>_xO$XE2|sgvhT=G
zvITfT4ntoXxvjQF$h9$TP3=|8G3_F-ufqNLBq)F3r?bp`d;X%XQcS#^<QfUO!r&J+
zdQ2tWom#fZ|1>k1DVC+?JLO?~j};%Kta8~JA~S5i1@>$|_32ex#sbI=Kht@vJ`<qw
zp8+@^@4Koxo&Ja*&!>_7>N26pK3vqgd(rLv&Bjti)qW0Px>T>=w$xUm&9|By=kWbH
zGwQV0H6fqBue6dxK;afNaOCr9o3xzlUj7;V*`lVi)`7cwqy<Xb_R%%@tP@-AYV~5M
zud~YGFpn4U=*C=9Bqzz%v*^7-YRH!A7yyX!knv7a<d1&6k|%*peI*-z?+k=;VI9#g
zSmhX7yi@BM3%dHo&pL*yJRQ&oq?pe0qm@Fq&YqY1I)5TG3=QLse-xx0lIhmjr2{+k
zgC=Y*+1T=*tp%jU(uMMs(@xEQgd=mILigRP&tpb?*fDJR#)FG$YZhCQ%$GQBNO(DG
zS2eG8T~Wec*A)&S$TZcniz%%Xssp25Bjm17_$9@M{5!TrBCAc}FWt~2Zr{*I1Z0u$
zQoxe@XKjFvZg)8eMEUMAFVTr8Gm(6i)AW3&=@!Qp$;(0b(SFJZ)(H|OIG;I^QZYbl
z`b{6v!{=%iH<T>I<2l1AK>jm<Mb%{Lx83vf@m`c&pc<W)5F83q1-sAom0WebTM%j*
z!7lq4@5ydp0@aSGj*2gNwTWZ5-|Vvax$4M-yZRQ`>OQ~O&b0+LZs#jZ5Xtlb?5^Ai
z^r|K_<>aKKF#=qC`56+mdAY1n4zwD29@XNmhxsp53qJzp2`?u*D&oaQaQGP~wlijY
zr<5Ma&c`bAnnx_b`FRxCx^5h=QpoOd+SYCLyK4QyM_q6ad&C+AMptx16RiM4>!Snj
zab*u*C|@Q2OrNd}k1ZGlf{<xUVfU%Dg6w|?l&$WcL2HKh$!`Bgm_fw;H84D>&B4_i
zPX0i6Ns{uH>9<Zc0JNEIy#rMy%5RH;p|x*oS$59v^T459=A@C(4M{vO;@6>fpDkt9
zGS0WxVNAJ161k0{>iX5hGu{7l;1XEXR%&n;$Ff!Keu%O+1LhK--&lc<mYQXEk#r1@
zn8^&E;DPGAZh@c{A*6yt!R??l?JQSgEVc{0`Xp<`On&Uj;{HTt*F3DXRCZbb%ZAl7
z?Z?!MJxR(B3Z-g4Wa$3Cg~EfnMG$Sfl?KFrhW$^ebm{;#d9s1hNSJ%gq?9#DI^@Dh
zPUL88_;Fm&6oEK$dNbCMeqtIiAN2?vs_%-SW)t|$K9BcTLLFa~qUKwD>pcz^e*-8=
z)&Lxfo#yj1#R$Ax<KmK%n2w_x5l}Cm{-D)0>(z?kVxsRER!$F(H@~Yfdu4-VTy{5~
zt%*`eEMJx8%+S2qw_#3Tf;xKE!n>P#yA~b+{GsX?ciU)a5N(na{rW{K5)+y4SPQ@+
zl>umQ3{JZiO7*z9`@2)WKL~rDKHsD;PrCqsRd$Zr9yKpBkvh|sXOlcxV6kr`?#~HB
z(*OTzGZfXxCA&3{l`djy%vQ3SKR?#h)%D}sx77<`D4L_;ch>Ozu&4Tfi^;6NjzsqO
zh~j}Nom6l>opj0E-d>CM`+`RmqW@4<eFbiUCbpE1m6w-aTdrer%sp0`LCw(+jp3w|
zO>p!`jq_Q8lEZQytfGU?Pjf!QaNyu9%hD0n0Km5H`fC(8Nxx`EIJi1FKSTfvix_}Q
zqy@qM`_I4E;huoh*7W{f25{C+*nrD;(7%rZ&}xy6e=q;<h2i}zrRVQuxPNc{`<$d7
z;#dy{+nP_HtePhL-`61uLk%kzXx5zqkp8~q$Ghm4HkXH;jis!6#Md<EprdisNn;+|
zGesUA*Mx$fT{t{o=LV4>JDKzYQpQ2rLDQ7O*1elDa*a%$xNPV5j`u~%I_X?Y*n5Y|
zR!8Q&osTLL;ZcOKba!U{Q~{|Ug4vA_=;^s*pMhiv@hjoZWw9GV$rLqM?dg+vx$qrX
z!g$;fBlEF_o(&?L>UBYM$T|lG?;AV~Ux?2w#Hja%L`KFG01NZn!^ua|^PTF`z6mTl
zF=pS1|GXihzB`I9&#M&qoIY`=Wcr~Jw^4&`|9716B|b^Og9VqerY{{mePZ6Rn5(oj
zcR>%W1ile(Y}F+#fi)oyT?TIjR~ya3Kxkhv2HhzBYX=LoQ3r>1$CRWW-x<0Mk7q!n
zdTI#c=NEqE^z`3>8qh}+p;X+xm+%njglG`0&3&Niz5Na^TGfDXHT0?{H$`jp2D|op
z;U(%rWfOV1eK9x-kxkpLh3aNFz#J=DZ2g~7Tm~_ixsTsYG^l03)~-*rNj%h%sylqO
z;d0&kqKy1BVp@AzoqPy)&U?qls5+u-IO+^M)}up9Ax0CJvyuq1FU8(b5Cf2lt9sHK
z1^9C2c%Q9~k61q9a4s&xwX8JW=?kP79@CEEQxk#CiXZ_YfeygpxWY?L+eeL!tey5E
z9%VbhBU1=_!=G*aV-J-WT#SF~Rc&nHHD1Zz(o~xRKtQ%%$yq2aqJeGiu6K-?>#Aon
zgMEkoT%AT!FN&2vQz<X*$XPSof4S39G@0$?sKsEotRK-<?y(ZZH|^zaOXY(oXGn<+
z#s*+3JL@C+VyfUMS@*gICbKz}_QK<Ec-b(?5+lAzq_3{--R202i;o506#9l=_{5X6
zLx*g8-e3->9>viQ)>P%resZOaJH5o~Ji)>!M}fQ~R7hvB#VjIv`;Q1_%(=8(KVw)q
zf!`B%q7w!;1P7;e+-&%pP@m)E9OB_xr8Fauxnbw<J7Qp}G@Xnr^V_jr#uxd-PX|=h
z^0p7AIv#$Mj^G#`%@w<xJ?~Ncl$d25mjs`qJs~L@cvoPc;TYT&kB6Tw9Oj7sl?>P8
zYf?W~=xkTbmr_mF5+hy<`ZUhfN3HftX)G@?A8$N)QnXV@xl;G!%uZru@k;ydE!?X)
zBdWdEIc6<mVokSVS3fBv?!TjDmY?S_+kIb3m0EzqHS&ajbAu<vJ;rb?_fg?;f`0`Y
zFPig-_8)b1DsC@3O>A8Gv<Ax1(_=vC=><?xj=He%lbY5NF%~Op!ajap6@q0rRv*xZ
zBWpJVEOk8FqWsgn(5zQk&@S@Q&!`yTVXD{X&c_;=+;{B`v=2uSnTa*)(RYZ!9TYDP
zGGV3|x}n97JX>9pFbK2U!FjI8;v3yJ^};VYa_CnK`qcUJRji-Pb13k2*4i_%yNFQ3
zjgGx$-Q)iHY=|atTEnKf+eK#ab|7E<v$Ob`_}gVA%(({_6ju?5&ks9a6Nm>2Y4`Zy
zIvH_qb^waY`6uoE?Jn8NtJM^Se+Ct{7?)o~TbF~->f1q+RUZQQyV#bL4miWk!PLjH
z8f#P+&HmNcj1r$_ggMRR)xyLG6Uux1&}sMPw)+C+e~Kuua4x%^;92r=^?bFwv=GjB
zv%H^_*iTva+m8KYeO5@ri@823cY#=i>|MdITrK1$*5&su8UdXXpl(go!J@DXFp+U4
z25io;Y54LVDeG=bPEqx6$x3WdIrJ<vm#t-s*^B1-Ex^}hRX}}DtsIq*j40im&o*yR
z0GsTEXk#6Dx!rH@R<wb>0F*@0l$*6ec*M#6D!4gRrcO&#4}BEHCEU$%%GegO>yeL?
zc<fN&<V+bAA3w|y=verd?^5egE7#PSbD-Lxs9ULPsJR>K%ij53Jmq0Tjv{{X87|y6
ze*|X7A052;a-ixFMI)RKH7x|50fvz@0V(mhLoeHnG&M~+#`&ijI!QTbe7j!QHSN3>
zG>IAK83j4VskkABhaJ(C&oPXggcDjEOZTo_>F>)M%S%f?0}+AVN-u(tE|bq)1~-;m
z6-XNbxr_1Ij0~e@>u1;3@9nXc=c@O=Tgk7AEWpH$%mo52Ex2$r&KXDtSJY!kjQkfu
zm}jReUOohp-YFc<*ZDlFMUr7#aE1{=Jm!W|l5I80y5ugSy2wbI$(N}HXcNdqKIy^9
za`jpjIqCz$7&gO9KQTelb;n@u<tHapJnT92qT4Z5)42ZxNB`H=H;%Lr=B(b5H`yg#
zR$cW=)x&sV*xPe#vDfy>j0lxjRRq=!b=?CWltt@)QPz*LZ}=Twon@%H@xf&>Cv`?N
zXI9*QrbvwJE-{6zS=LGTZLCh@Zn%Zn{VV*hA1B)5UM*c;Bw*Y@RZev*0=yNdl+}I7
z8X`0U&*X2bQ(4K{CGJO}vWYsZ(U*N~I<;NOJdgKMjrWqNV|s+X7*h<bM-Se#iVL=3
zHAnkYo|uw6T!FQYJGXQ%?Ttob931W37)5=Bc(STEiJrRG(=fIh_u{C>uODWo+^=Ns
zgf(Y4fgIpobalTwSbi=Jt0Q!*{$n3;q&Xxu9=kYT{oAM7ozW9WV4R&^bu6YlmgON;
zQE<e{J+$8n?HmQM^!lI4J73NAl#Hpszgo?y;L;?@a_uco-lH1fY!mqJL)B98wyA7-
z;;o2Q9vtPJe=UZ(^^$w~^u>J-X!!~*5{Pe|=H7lyb1D;0n)UwZ>U(wT^=@hp#OP1s
zR$mt|E$u6`?M2hySy(WF36;U8dG98qN%YjhwL0#(2nmG@M1m6PXv6XG)vh(KiSdQB
zB!U*UpSgVQ&zGTLnxJ~Ox*kg9<vaT2xOLm;thKn1&F^eOBkZL6R`||BgAav19lhw1
z2_&>=sq%L9rU!WMhsEgKgdy#$fC;V^gb`~N9+iJoe#+Mo?X2ggiF08P=eby0A=Sek
zy~jTnBbUB`09qJDwBMxm&6Y`;kxyAX8)IWwE2%;zb2#p4hSNd`!kvi@BfsI!8lz$}
z$s*sEcDMetABYXF(pG;G{U;@KvJ_-J+KgVPmXOm`?Q9bRsQ~9*vk9T{_3gT&NM-)i
zsNunGsbBRYg^JxTu#u*^^Zv@1%~fL){GGEmQNXdactC3dC1WW(Dbw*x9ExG*MmHhm
zWSCU*E5VlgZW10^Kxvge88oXCS(}Bz;|D6V_G#C4Mm(|@>>_i)QCVfU<{UbfxC<(l
zR4%5zZ@-v$&+_KBPUEwRPKFu<7=#?$lnn8>wE^?={Zc52w2*E^Ek}4sbuD5R;lsq1
z@FzktMTWWztZd|E!hvHcnJ1wE#)3IyQ)=?|!TpUV5?NQsfqY^vp)$&Xh&CJbtBL|{
zV$JNMt+#_;S7B#A%B*phym1Vhx<MIe^@a}tjfjEzYW+RJZ5eu<1D8iGFDu)AdTwx2
zjobz}Ns*D9oTDVBDU-Q+T`Uk8@1X}e&Stxs&h;w~!2uFIB4eU2a^T@ym=q2{cReoU
zvy)R~wOBFMq0y?;gPX~9otri_Z1J<Or5c&?=E9Ss8{AY`{Q-0otE0%{)@C9jsv}d?
z99`ci|IRy6U)xTICUrYtgZKq>hgtCptbiN`AcJDs-?k}Fd%z-Nf1*sVvfNI0zPsGr
z4br=zCiG$S@c50r`>Cj?naTk_D@n<J_2u}WrmNnXD=5&p0-0uuPpNhKUsGbsQa4K}
zR&sHr>HJVN+={mMVjF9{&LfcgP!;8OOjP_8?|P4td&#qfky)6amM`bZ>7DmmBJl-i
zjN_na->cm&+eR&&-2f{`ie(DXqa)kx1!OCqiZ=evl@{NuYOpxg41UfMPPn^fZGAFw
z#cxPN&$iD=$Ad@s0hGPGvlW`O7B`37;Hpe_n4=XUOQLnUmOq%<E<G=L(otd9iJA6>
zhIU@exvuy;;(c1lB;UQ@>T&y4RK+IJ0SL>d69sDz=0rm+D)0#~xvqu?@rSqL@>#up
zpfrVGeR8@bL(@4JN&8W}3eKc&Sfq|%%j$EI8vd|nqq>QO2*<&<MeMe|d%;IJcNMB~
zTFv&N!O8)hT1Pz&TJE$`ZfkSA5$=Ox;XB`7h3T*DF&^q3hN!K@d0W!3(J^u6pXOOb
zVMOJ5W`@!wDvSQWR5<alct<XA-+~6H<935wlC{;ho7W5Tx-HcauH9r)d$$P<DQu~W
z4fdLJH0*2Eh&sd#J%j~eay)F&V9T^135VkjrsPVeuE<Chzfn<qwJ?zk?r|Ev6&&&s
zkjFLTAt?A)#|#0cS#|rEpqn^fVfg;gQSVWz##&}qX~R547+VUj>N<v*ry6d(!LmeK
z((3j0;&YvD;xEmDTFqbD9;Rm*pF9j|10X=0BwqLueCF?vYtUC2H23*(6l7en9X0^n
zQ0E#7bjqVTQ*n3o@N!_B9X3m4=$<8+H?80lujdGED=F!W7k|~>Z^IF8a}>|8?S)D(
ztK0r$);taGBA19nrb1i6d#pvQ<uY3E5}iG#K0_8azOrswNmCh`<x$(`Cxbcm;Nnsm
z|5Cw9F}k{40s;-!^59)h2PU_L4DvhYFvPZz-`!o&uYftZwI;#w2v(3J<-6hSrG`vR
z<CiN@QqpUrIlFSxF?x1eR@_ozt<^0+44Vt6s^*Sd!l^5)K)q`YM=SD86r3dJ85zKf
z<CW>fg!&m@-x*_uUcJ)W!<Qo^{bQF+!eLipF*uCf3p(@h{M6=|_@t%85~ZbCgHoB6
zq)-m`BSn<w(7K1!6bya3m~J~!$_Pm&_u2P5iWmN%`W6Tod|F^ITAV?;^g6Po5Iyh{
z^SbtV*rm2(!!$Olj6YyB%f1Lhgy^rKf>CFrtHf5Y=DkI~sr|rkMODFGP&9rl!GfaN
zc9|J`G#`7ggK8}DHwR&QXm`+<Op`H#U+AWBi=zpJTE~R8ZrP3qGB<A-0&2}SJTj6~
z+m~L3-)SMD9M-vhMNYvqs$MBDFN6n{iy(<-XYKl-@Y0)%TV&I`FM-N1Y4O9bLK4>0
z4_podWe-HA1;vp%8GJ=jkBiJz*n)8Qks2=6(V>lb53B<@zhQ9)jJ9v_IC=UqsSbsU
zO230w&zOn)AT8a`wee|;DdOSF{gk!)aBg+Ir`q``?2!d!0hL6vVnR&w+R&>&K%~{Y
z2^aA?4g<6)v_wh8?|b(#A2m={t!J0DZSZ${7z$0VOGOPXheOe(bi%GNJSS0^RSwYM
zqazhHMC~g}f3Cw;hA~sR^b{i%%*7X%hE9A020DKncsWT4fwAU)Aj^*2JluZDoIaqy
zZ^4}kS6hiOGg3-xE8CZIu~Bfgg)6r&1yfZwZW0`A^L6gVnz1fDJb!4K2wsm1NGp+l
z^Y6rfgatXoCvtS0`eYFc{c+ztZ!;y>RdGYVyL-s9wbcs)tkDYtw*4E>2?e`1#Pa?A
zXV-4%NdakHGU`coSA-C%t{~NBL@u$Dyn;i3K)rk18LVGt^Af{fkJZA(H0H?x1YAJ0
zSBq3{LOq8XEc5wu)?j%ZRGVq7d{)_M${N{pi(>Ui9Cn-egKGB7xzv9)WCldRZe^*s
z3k)bXXR}w`Cv%?J*LxYdal&`~C9joLb-arbGntv^PlX=eQEaE7nv#VdYR>~J1^>LN
zxTb97s-syX%_Qi~lh0jN=%o`|mjH7R@X}!Bw9aRoi;os>iDZ$gPQ~c`0s-eE$E~wn
zw6>jUz@cNKcQAk3M|(5C&ROX2wgpY%p#-i?M>nbmEIc+t(uJgro*URe^r-(Kwz!oG
zvS$4Om|Fj_pd(kE-Zi5OuqYGMYg+1Y@*C}}z0YhbaWkHIC>B&-2Fq7kC_T8W-nz2a
z`Lv|Ze)a_KzzhTWLzm+Ek?g4rr#61$@U)ML?e-3eWHdT~4Od*jS+9Y4%oOF(on&$6
zoXH7$(MIS<wODL2(_ToYqoIT7?mufX(w_$84MZe<aBiB3mH=jx@~xDWz(Bt++qJ;f
zp9rIlB|V=%WH&%o-V_Sp1oFme5420`-hTHoHz9kdsUkm$wGp%KAptM0huMi}SBIG!
zDIvjZ81A5Tsi>rNsaboQ+Z6g*qwc3|rW~H)fc206&{BnQv|&Kymn%+Lg5FW#1mI%x
zF3-)iUtGTl_2KT~yQ}!m&Oy)wtx~?fImE0^^_A~*MocC5>k}I9kUw6*@EYj?*?ZI#
z>33shUSix}lQcOsbcPPbimQus?d-%e;0@Dea2o6Rj`Y($`Z!=(1+=v}UeCS%170St
zi!~?N<uorJzH*7)oCPmkpEoNz)cLu*5u?`856*Q~^2gU2Ua;Mw(R&}|>B+aQ8irci
z>Z~kMnR-xj^S&YF^CfN0f_C(kC!Z;8mQ0F8Wh!-L67s(`AU?Mu&>0LHHi9J_jGI2K
zlhs`IIMq1>r4kt}sz-o{wN`Sx8LxLq-d=Yw-&~jDvb!p5h`A~>yf_7nbFA&lg26(-
zAL70r>vSngrEw<xl{=>%FHv3wKU!pS=b@8)|Ikw5J!{<laAI}S;O`Mk)kL;IW1t^w
zB_LotW5S$bbiVRhA&uxza-#ELp0h3mS#2XmMey5CaBg=e!vWx_xa>EqQS&8m;R)zm
z5dUj%ll9UFM1(u$tYGVwnCTL8Sj;rhFPb-=x-p9{%?{<=Z_L}=i5G^@-5qwc-v^3=
zLLOmq;;D03mtU*d%qvJTzhzs!Lx$DqAkTGu@qfJIz7sC|T*^3VXVXs6$d=|0iORzC
zhZs`V%nsn@aI)8dO>A+03e7GUmbrd^A-v2eHzEiP=oy~LxboopW^vA__^|Ab8e7Rx
z_8CxVuK=Z11QqKlhWd%&-H#&o)tERNHrUd}0TZE(fr-AuX(iRBq%}th<xw}_%A6E8
z=C`2TT-5^0X&JiVd)sxqtAl0+X}+Dqn<AK_=f*wx0d}mX&T=E5`6Ipe;f_5Uf4s`<
zMqQnX8FBbNHR=YiOd`y;I>&vugZ;5-sjkNFDeX|(yJU;T<zB=nQb_sF1g8#vYemab
zgz)5*W^kLB$Z$apIS!wepN{+1Tv{rl#a1p!Utb1r2tfyzkG@KYj5;60rYyV)DG6U7
zI{HSU3=4Td>FIUSTZeMzZb7s>Y~P)1`Ix3B!Nar?MT)g7hkT^>^{+}FYX5wb*D)q`
zdj1yc`2?|LMi*HxR8ymp&7uOjkaIH(_W&$Su?j8?M<;kEE`02-?->ykP{ZM~dekUO
zl+d1u;8(#~k9vM!Q{Tb%?L}87+h4n0+8pK8N{L53EIi@}#|WhiZaZkyseQx8xA`J8
zm7hjiHIAg7Z@qMh&CAh|LKbOD)7cq^<XBPl!17ppo>VGAf^Tb6UWFwLaDfFO9&1sg
zcdfh8=3ltz{u7Xpb>i7?vL>*w@?~h|yPrzh#FhxY<D*kJkYsDXZZ{4PdZ;PN_@F2*
z42jZ6g$ac_eOy`A=?6I&mWVD8yzw_W_0g5S4qA&&cS62~ab3@^yq(a?eNxoGqF_`$
zt6}$$VLPQEx)s{?BTZ!HerQhA9hpixiw!#MwzSC8WChz!T?0AF3)vixGbXoWc~>w6
zMcZ>FxigOKsxW-v<mz7&gGyxZj+1O1p*{{uIzrMw4-Ws0<4J_qmpd){yh-?l>o6O^
zP-{UG?k^+lNn&LU<*u?$Wh2ooAr2)%>)kU72Ks@4+0*Wq9k6v2-==C@DlxiH|7BpM
z^&jo-pqeQwXz@*C2v67n&+4t{7bz8p@t!<?j9$Zy4jgRm4SM3ji)vg-z!rycyA@h)
zb*w#BdXn_TmWYr_l6ZMLS0@h+4PAFe&8>EG={Zhu4iSzBX^`7t1Zw_<wRypH3bcob
zo^sHLL4H#gr<#cDb<hSJwONsl+BeHiV%5zlu{&sHjc_paZ3&$%dSeUeR!a=kGnZGk
z%=nZ%f3@9oW-nH@wE&L?;y{ud@urE}>LHZiKcsr&typTY#KW-+;n*(lm92(Q4@Kko
zX@5FvN$2VERvTSvExQ^tGar*6PX>=<K0nj<9ud9j72_cIV_RG<Q9oDSbP0zBg-f+z
z_v7XO^SK=Q?sXV9pMBzdh_tVQwdlAHR+Gc3KZ=`e)?Ea6$CSjPHl5(AKNvX}As_0*
z6v`;TeR2$XMc+IkyY9W8GgUoF_Uq_~vpiQy%yzaFXW`~GUGwT3*(kgClK_$h^jJ+r
zU&%_IR(@Il3*9=`i?n{d_!M`|Gke&zbXJ1(DCC&Kf#PE5uRfef!m|j}OaQsv&5&I;
zQK6Y8<}`h^8q#Rcy52lpx>Z9{GP1g4e_Q{m%l$Andmrm|^l{%As0|#qw1hr<J2Ju3
zrpq-D{|tu*3Iq0I@c!4iB(O&lG)eD=Skb4uQFXcL+KCH3(^sq3F0JzCjUM4qKk}dg
z<O}Mu5xOaP3+MEvO8}0n3N_K?_ib+nZ^~`rb*<QE$NKP-xj%Ahxn($?Z_O?6Xe4C)
zGm>GN;2WF!=K(fxYtZHAGgnNN25e%v#U==}eu(;dWL~aO*G3sXu3he*i|dnjqiXo4
z)rv;OD>t5|UFB@w=W}O0R`A6<-X@YN62k`_V>=y`94W20=1a9)wXI`yk5YdhrTx<O
z*e2C-26euhC)X*X20o@Cz=axCekj<yta9j;Yl7Nx7_zNBFgmPu9#{Cc6#HyN;!2*h
zo<E1rA9iBaVWlR1pcI~Yq4jJH<gNUsst@-Yw<|gJuF&}6^$o5wh!E^v&-dBmUi=SN
z-q`gM(HMV3ppOVBTdrVrl0|x|SdNQj^vpc)YI-ugEw!_HM<Z6rtv<WpxUclt3_#ow
z5zt~sfLjH2utvg<fvv92`oBkD^9l{x2^{~=bD(Uv<2#_`{$DNie{H#K=BJ&rW46D?
z|BC-V&w=iCEL}avT31(R>gg#k(rL~eCG$hgkH?2Bx`*DU)$km4|8D(6P&ixJ`A+@O
z$iZ`Zb7Abj<IG;TcD+`&6as|?ZjDA+R+9m{fzFc~FqSszBA?@XkF8Vxob91e+o!Iz
zN)DuRM{61R^EoUvxifXRdwUB#Wz2aUJ?>|$XKufH7WP<SL9y;3G0Zhjy-+7+zd#Bw
z)!bAqi)CKDIo*%9owfE%(5rXIPY__9p3aB<c#3WTqOvASbgDny-rhbVAt?mt9lq29
zkx2vm@NthG<Fg?l2ueAkH@Juc5Qz3LfPgTyz2Mk3J^n-1{r=Y7n{b7OhNirz=;b~1
ziErhtjLd2N@v##&jkrDlQ&#l*_c*|>@>@c0#$Ua^zrV@zC?_Bah#sQb3m@wG1)#@Z
z`B7Xyr1tf-drC?M0c;RAh3!|vnF2)Q<V7<xGf?cGH#avg+1ZJ`b!W-#ms@nMj-Vu*
z{dEBC(<74KBx(=`GxIiX=nasXZv)UzAWU4Z1%Ct(3r?AqS+K~srStRiZ`-T^N)uCY
zAWK^I;Nalpt5+Y?)V_+}pMPM}u2@k)b+Vx*BFYB>Z+22Y0t_YcDk=h3{eg*pYsSyb
zeN074`U`+nxcTImLR(W?3y&h~w)4fXE#RPvDy^Cw#V(a^7T%2H8V3_|-D~b?S6Nw*
zgt=XZSvhMANauZu>WBuv^2~MM47$I+f}YtJ-rwIh)a*No^x*hOcpby7cv4C~1RgF5
z&9@tz@7`9qg{?>0Mql>LHKhpgHF+G6JFpy9jO2*fZYzqMM?4C_T<8vWcTe^#0lu1K
zZJUoD^8$kEU0hu)qOTk7rqXmzWjcr@y^dF;bY@NB7&$c5)mJ`asF_i#3#McU2nek2
zzZ4P46vtmc1Oa>V@}*fVk>Jn~6?XvtZhB_MW_u(%26@)zR*`)w8fsvgAaL=P)%CkQ
zh08r#<+lfbajVcMi<z91bY+>=ydLavYHMfrGq=g><hz)13nQICs?SNALMnT|K?^(v
zI{J851g^n682|BlJwA#}8r0g_>T|iD4)89>z?8*f#A?l0$q4l>8y%KJ$s}wB8h2a_
z;b7zA<Lt-&SBC~8atBMzsdf9VS(#PbJUm2%gm3J%mp2<$YuapQ*?Zs8i2IGTNz2Hf
zfUx~2$jGiyDhLP(`96-(#**>K05nMh0|N*JSwg~ABa}hNsB!tU4Mpt*n0|=bXvaUq
zC}n8T(&#J=4XKSJX~4H(j?$u(?r@PU_SZ5&m_mgG1qjdWW&y19$k;b!&g;F_kP4G|
zfVO54xuzN`!UsZ+0tT8y4{fEJtl)_>iB)B6zScIF{?9jbLZ+1z1pC*LbPg|#H<bX)
zi77bRnZB<Kd_dG;ipZ~uim}Eo9QqBa9UUE0q>%5uqQ_|PH5(yj!XEqDDQs|`<>ln)
zJo9ir{s@=MCm<kr_UxJT@_rZJ3?eAXVml!zNm}&2Z^U3l(B&=sv!w~nNnsh%<=1KH
z=?rK*ktqClh69mwi{meLQ>Pf4BW?_Tqhei*AHbFa>+0lq-j#tNgk^L*cR+h&+QOtB
z3*peeSk&WAsqK}wzkU&OabCaYb@y_g%+_?NWN)=ALf}cgSnJP=1l(P_JsNl}@s-|G
znt=;IUu`$}0D_k6S#pF>G2crxl$n8gK1Aa~{e?SSv*0fQA19ZucYeg5_lR>U+j8E%
zjak|rhU|udGZoJED$Vtb8{UJES!QPLAkAe0h9Z|gW)mLfaiudMnJV|{pEsdEOvc^C
zu});<hR99aJCH?<9Kjp|!^0!&s4bD-amO|G<s6;aVX8%<8Y9+o<(W8Ryg#`Cx7Gn=
zb>{jOhwspSBi=BYSS20-BtV28b;fi+K!8WUC?j<ui#5eOBa1oFm$%Pl|9pdQAg*MH
z-$JR1>t*?J{H7(U5~_5|c(xZ%h>+travtUvdW>N>G)-_os9&|?yrsIO4(t6y6L4*k
zV3e+Y<r^p2(<B(i>4}t{C7eITY(~5H2`fmvf4)il8?*B*R(n%p?!FMblbFsF5a>AY
zX|(o^yL{RF_<T}@;)hVGH<8^Ce5!cD8yB3AqBg6Mthsgwk35U!s?X2&dI*%WbQQg^
zK#aG$u7XaW|2>ejS<3<2JLyi2jJu#M%~`+MW`%kkcc9kVihe-RqqwC{!$X6thh#j_
zSxK}6{;nob7qUJf-D3(G)3SZ><|u%fDsw{*c9{##AZcH&ctrY;^EmZEWo~a~Nqe|-
zwkONk6Wf*ue>T{U8H(R8@Rcz+ZZVing4<>z9c%C>0huKKEdW3AA^fZ2;2#2N1dma%
zE5!-8gVw8M-{;N)wBi64%p2oTJy3r|Otr3cJt0nm%A?%ZiD*x#zvr#@ekJ(b=<_Xw
zNb0Y5TbYjhD^2t6Z21VcwlQ#IXI^ve_s_MrUqa<^%#SU2;1gtI<V4NK`(O4WCh2}L
zu@K(M@zZ@HS&+&?u%ZF|Wx_TjP*JqstquR(f2BRRu_eTu&>=+mx`r)ijOOg;C<1`N
z)0h%gcWFNEqlfBhi7TjdLZ{+dCrzBzZS$8CN*iMI!5D7VcO@8=zrX1+=~ufj&Nrst
zRp8$6v#*XiwmJc4R#3E;{hWDa%l4PlD*>>#a8`ED7f?fij6kfRdI39l#GA_|=Rf9I
zmwzDj<*k<)_x2;({MjHhbIF0&QF~?Dm?hXp>F3aX&u%^@XqCIdRQ152(0kO#<RLzI
z+NhsX_|3B~IO8^=+P^ryr_U6wa)Y~}U6hte88z$A@EDN=EwQUQW!nCF5dlNX<ia3F
zW7t(kS@j_6WJJK4bDdSkk?b|+lZuOZn+xCe(SiZJ2CDN0REsTzMaNx6WGXj;gr+xe
z#c~6O#BUDK$Gu6RLp~qXXR+3yom2!xEu@^5K1ZYdI-mHP>b^RsYG^CtV<zG$_L+q~
z0@=Ml?pAWc00fh%Mq=g-6j^q|&zW0N8`)PG4v7$fb+1tl<WGnr8GtOZK@ma|9Q>H*
zaL;?B*I)0C*)ER%9G(6^$9F-T)37~<{$Ac6Zj=Z2)<J?a+7|9O(7%fP)+(TeV+G$B
zUAR~OW<mc&dhp`{1%jkx$`a}?i>m_>U$s0xZ2YhP^ucdT4I5zSa!Kn$k~E7Itr9J_
zbmaa@D6V*#`CCoGFZs_2t0K6YpN9$J;ZMlg+?$5L?kOIam^b7l00E-sV6_Mv`7^{n
zVACKZOR0yzH-K{8@hm!-7G6aEQb!zc=xaTJLz=yaqC1~#`KrXC#wlwPnA%X57s^5=
z(N`W6?iP&HEIuB7Vgqf#FfUns53=a3|Khk-V!oQSxzNyGZ^t^$BM?F+89tqXi6I#y
zNB3eDHvtDGU!bLvpeVjF{CSF<uIiKK42ddYS+8HV->Y5HQ|!K&%ny5}{zI#pr=>0L
zj7o9G`H2ge%_(L~UqA;!M8hQ!tIo@qBdckU)Ro_tz$005Kg`hl*#G3Gr)Q=`jnwW-
zFA0iO*rJF&iV#5EFcOiEL1K!!o_?Niv>`%ot`rrcYlpzhAQ$78PqWGtCmmZO$nGhj
zlVlLOJ$RnLMaKUK5Rhz|zd;Y$8=R7A41W~iXT}nLzRO~?Ww48|%fMR94V8{-2~tm>
znLX3K`uegDvd2Ki>==OlQh`gxf}<*gyRzGy3Tg6eT36%`YGia!7ioVb*Iu>rbr>eX
z_M3nZv;%yBwOb&Dv;2-JUX7>h(!hXA$aRetFIcFKdPd6EVHSiNkYPq(`+zP)%fclw
zK&4sx!c|E%Tafe>+?g!tFs>vwK%6VC@Y6U#T?GBhG*O;+oC{Wae<u)&d{Eek-Ip_X
zh_QB_-i_(B2<oPO=0uk3Xh3Fv0BsAzAXvG*MTEE_$ZxU+`P+%h*gpuLdqY9~AE56_
z+r;8&b49&fJ~)}tP;eOECr9@2V{(>|dDqp;a@vkI7^zy79{8VG(sb3gX_F+_Wy|QK
z-2V~2tfcWJ7q>N0yaYMVDQvwl-hAGXQ<Yo8!NN)G>YN<;4wMLNEn=FYeTk{1d4CKj
zH=l#y3sBsY93K9~g+1ImUOL8%jW=WnbSPgL5Po7iFsoI0SGn0lpyPToz7mHNE-`LM
zF{MZb{pvp-C}`elh_8_J4MBd5K(IaEo5vQSxID9(@!WtZaR{C^cO$nUfi*aMpT~HJ
zJK+blu2B{%Uadw0b<_lhf6BM3U{wh?Z$`^`9`JzhIeu@!#@ir7ZHBWSGQLE&=A{=O
z0#oy;Z}$+3f(SAET{GaNV!>YwI}+@8h15sj@!t7QbNC}0D<6oAlBo7&m5W3jW52kJ
zzW*k(_~2qNX9g+0d}eGAJ17tacR4C(QqeYJVra0isBHxQ4aBzn?(x8O-2jwx-jg<z
zYS&Q5rR-t8n!V`NdOfZpDPxdnNWtkyy(hFKpE>ia;;4n`0CR6s2?}y1keq0B$kvpC
zv#^`tq)#}ql>sr(qlpGH*nCQZGoW6RA1Wnx?<}&^+Z~<8a?2LP+kM5Ub+8b*_vT6N
zXq$94CCRJ5?pp)U-AAh0l{u3v`<@wL6Q>__lLr578Z@XyDd_4}A_rH;ag!9}qqaLT
zE$#gkx8$~^J5~-*(SW6hkKgZkO7%Z~zxv5O@en^L@TXttf3E)3OTcaa{Q{5ub2a<F
z+n>t#r?5u=fvGq5vD%eH+=Wts68zZD$<rE?4*Zds*A0<cT2`1@;<&cL-o3PTHGCsj
zJf$+<+MJ$q_~(!FQN4`~;47Rgc|yZdp@BD>sUMLmC-+8oB4~6q^56efe|gQGEYFsg
z8~7k(Ih2MESQl|XByUe7K7%RX1UUovUk!!;r6fC$ctaFe5O8+_76gpTyW=igXFjp3
zMc45<_+H0xfH`XoK&t9J=Gl2divzqeLFcvZK+C0@E5O5x4b<H~rn{j~f0-<g3@!cr
z{x_0?@A(eCh{t~96Bps-!2$`85c}oc0jajwGG?~ih{knm=mh2-YE*4z_#1$e>jvzF
zj$@5-gH|7Rz`<k+h&J?E4I4WGqLF_92^P1!M!~2w8!eQNODY5z?{eG7z8JWQJ-|vY
zZzT!r{BCy(hhYx~DioBkVUODd;d=jH_i7?#dp=-2T|fpa%@-OkiTtkiW>ruccH3YU
zgDL%y;GuLL!l|`H74awlXRQ|?U<>B(ibtjPqFweoQ`$C9A^dC##AT1y$@RzWG0b1)
zk&63yvFg^a4C;NicSH!`GHwroG&nPOxr;yHETwUpgtSJm^~P|S^>&}{P7)5p9uWbM
zd2zTBcbxA5h%2}K#YUbCYrumZuhZ%UzHtoz-H6#7OdUK21E#9u{xx7|n++tr$Wx_>
zdpmG9Q)WQ%f-F${eHlQ$dXgp)7!X4#G*LOURW+K%<$1WMU2BspPG9SL<xu`H$*v~I
zavxI3Wj*l|4{sb`q``lsS%UUJ!EOGo1uzGtMpQES*-9pXc321MR_S%JHkJb!%>n#(
zX&Zpg(RtRuGb~^z`+lEy3kY|<DSWXn4%@G$d&f1CBj(##SvQ(hQ3j+8#nePN-i$Wh
z9aoD3FoJOa$!RaZxYwC>+i*~~&?%Ob?)6YRvgLNX(oq1%rfpsf+X7fM(I=pQJKfc4
zY-g4&5h&g_%BYa?DPWH280aje<snD!e^0r*_Ze^Xy@KOv$I0ts3Z<n*G!DXuJe)30
z9UfwO7B7DLF-Qgv>t#op(qRvY5!P7JG4=+)uugQ_0DN4Rx8(G<HxXWYrS%A;2=#y)
ziMn$Dd_|u)qPmW?*?5ch8A2Z!4O~@pEYO~qv(?DzWLlErz`WsgwdDCDz1?hKi)=&!
zpzt!;uhDuO8SFM}aH4Df=KP*EuFZUla3lC9|2jBc3*iTDfFh{{CMhrT!EldP2(Bwq
zQ>vI8z)xbuk3-JOa>p)-kc~hl_1X4dkT%H(NPv0<cs<zLH?rXpCZvn=;14sBWBFof
z$lD<(K_hLzsthI`l%>vXAHpSBBN>Bz2!N*g%2<xy$T}I@C!eOhGQxwl02cEh*?nQ@
zRtLw7l2a$~88>rBhXqZ}?P_A(Xrr+L;DU$Zc3c4il`y0Y$eTO$z8s{<({CH8)`GG8
zC*Mu=W9*^!94uZ4l0A1592sRkkk*8fgMc?EE?}t!FW7oMp<vTTXjzNcYmD|uMxL0G
z6kcM^V&&x-#$r%8HsKfrO?R+39&XE&HzK<~`2uEEh~zQqJY*o;5+Qv>RS*8HZ(tf`
z1L8%m14jiLrV5;9`Urr1_Y6Rd^r|^%+&8mz+nqqZ4)$Ile?B;*d>Nu&$14vjGiWAX
z5Z>Vk#e-G26D-2HsbC<%=SW^Jak*lwy?J0b2zL1q#Qc$D2MvLHM^0!~oPmRsN5&W4
z952h*E_?2fF`8}CUesQ)oOVDZPpN7=C+@h_eW}VK+IC4{2Hg1Z*)I=q<e4ScGSrKJ
z1lXJ|x-O*v&E-wM3|Jxm{a*1(v-->0ByI)PR|_mUMzl$DDqpeyt^f*ny-S^80gEjW
zMvCm?B>?f$h$^**j~$|3MaS?GPZea^24Ap3P$7QW$3UxBr!I$HF+hO4&P-{8NLh>7
zMDDjofhLehi})#&A71iDyT{|heFt41?gSKYeqMRWQCQ3d=bcnZKSxYpjfD$6ScQH-
z&gb0v#bJLP6fY)sY=R&@m(l@Wft(SPO9Nl)zNsK#5IC2E;{&W^m6!4z`~FOV@rF7+
z*c*N3cH2>96p^wc{*)%M(0VPy3FdFxo<vsBefMRh!S|#CmF9edaoZv1u)`=8>;V4Y
z$C$P*a^_@&M}hPz<Z}c~K-#FQ{bJ!oy5`GT5C%vgKSjfTwaPlSyveG)Fbf{bVi#e@
zjeS)Qg~C|4&`rAT{Y?lr5-n5pf#W9mi=e|3iI0=i(muhuV?`XQs3CJ`C><3sl?24;
zmI-3Ww&pRg!{$-<`CUNc-ly(ojaCtmx!3l_S}<45aQ9t`>R4@OKHzfw>8W0ZXwzy*
z!apSWJRcgs3SH?<z}>{Jy6gRjTRot0or--+w2ya;0<qg5IcEC^e}{lBZWihiQ&Qiy
z9w%bnd*Q3IMR6XYJyv8SzC{RvucQU3Z5b<Go<-fd*fLbJu`uLeRdujQpp{*Bh?>vN
zZFP-3{_0{UU~P;*f``j>teqv%n;&fLE8PFUZ7#Y_F*->u5oL5<Xr#hjWhY1b%YUR_
z5ST$OG>#2kChJPIW9}QAV5a6N${}(hP9phP;1lk&bHXJC&*UmT&zs?BPq;|-p4O7L
z?kFw?72(<k{hBxC>qL)V(QktrM0we~>u6v7OiGhfQbs<g9mi#fP({>vZVR)sy|R*G
zZ<?@V4rRu?z(T&(mP0DE#52S&jv38_q2XNMg&KTbEJBRDREAuxAM(#(BD;cI3;*E8
z_t7PosoyNiy?Fzq)O(jx$>5!MUihBycKT%0yHCb*4V9<I<WI?bF=quiQ_-rRw<8HY
zz~tc(A&h5Z63sVD^Iu`@glO<#dF?{3sZ^*Z2NsI9-J`wuSOrjmI&@=9ymwA(gT-a5
z%vbRNNU1sGN%Hw2M^7sIJeL6Pmf?Uh6+QVk%I}S%yZ0;5{JraPvW{OX(!Ceur$iL(
z>|O$ofhQR$N`I%|zvC^-JSDikDn5zz&*NM(n09dV9Cy9^N~6Tt?k`dL(&yO9;TZb`
z{`iBV$K~dxdX(bF5x0qHcmJZCj`Z9Fr7A7xMV7cYa;b<PhW+XR;fC&pp4I+Q#E~b;
z6OBDekb%t}?$6(QG@FlBqT7#F^Vo3R0#7+BKwb)PfICqFR_1|J7+|Fz$a*1s`X4PQ
z3Rv9-vSEO97a+mqDb?j~QVfs=0~83H{9m4d`?tuy<^12CiTtNXCSYIZzxVua&q(?m
z*}#1nNPadt6V@XSd6|Utx1M>R7tiu9d3c0jsTDYn!ao^6H<%=Yj{<_X3ttQmX|y;s
z2!Idi76|e&w`ka@^py0LR4NK7X{vY`I^V{c#{p*2i2vt<(yF<RzRlLW>??X>do+sR
zQ)Z-pf%W%`B>iYq4N2BBuLB<98{mvd7(hU3jwL?ypKm`IrhhvBN1FfMUk!ZCUn%~3
z0II+Wi0Mf#v>+Wo27qk;3iIzF@+h3>;bbRZNhVn&u$AfYzA~Wge()Zk5~fx+YkO4Y
zXj2aTY;ctYJohAEKoV|w)YorSuRNo7xBIO%;*@tkYpU@TK^h_A`^8^yZvIH*SXEMu
z5tTCB`sfd6>N;X8?@SQm<DO<mI!Ro0LK%F%8NH71vmVuITzBP%(f{gd!?_v#xA>s>
z7)RWRP&QFLB^6uupTCr=dB~f1i#NZ0clby$9bh4K0P~iFr67y;vVFY2s`HaKB&@#N
z_9$sP9B+X!!{75W{_sR$t{vSD;JD$M-gcmB_tmKYIdo7BCQbPpYKEq4)N~#`p7i~s
znawlJv^ut02A8j2otu%vY#(45v-d4v-yS}1B|}+lV}X)iLcOUf5S0hI6172B;jM){
zqrU<Gx}mDx$pQSm>Qx#)^XH}l`>8h&dUa2axZQoD&ZathX`}zAt80&Ex^3f~ypmT)
zQ9LYpgb*E2j&J3VkPy)xmP3SCL}D|Z5_?-&J|1Tp5h0^2OR|+59x~?{mQ4-~!;Bpq
zHhX`g_w#<<u0MW%{qF0&?!$F|ug`to-}`#vG~<wW2@;lo;NaDTr*&RhDF$+R&q{LL
zS0_C&PjM8*o8;(l4~9UQcLxH}4T&f$%rk8kyzjQvB-2yNmDBsu=t<_;q2uc$btxzB
zEWUPKB6l77BuikLg-@M!0N%D~EsLrWZVa)`EAoP6JoCwI8m`9Vy)%=b3u_U6msms5
z{}{5EyN~&3)px4YUXh+MQjM-%Mr3C%1+Coh?7*xyu!A*gHKVgL2FtCIr?y`fPY%Gd
zUOigj>2T5MeQK|b&uz55-ObZRltLZL|FDOEOP&iutu1b!6n>q=g$IMka(P#*$XeL+
zge4?-IbK1nZnSbIysPwqE%xu>Sl@Un^)N<YRAUP~YuGEp3u%HKGA5K&cdzr5U`H|G
z=(@YQwp!d8iKwO>tJfM>XNix<FoZ|3$0WDTi5wKJJ@n4?Lt(5nc%Kb=37xE^{|$8v
zPhri^va2-oac14^(<xFqqdmqI2<h6m=zpCz5T^BH2Dq@OLbPy@co^Wxi9K)IfGhmk
zuJ~$h&C9d05R@}SrV<}#PBmDdp43A|$5tW-ZBUlna5Ign^3Y|q35HPd%~;o~mH}Lx
z*Fk5`0{*;e<B#>fsQ7n!GK%J<U}tCW8HPD7Y;8WR(H*{?^wBrAhkuKDPu@M%J{FFK
z6!3%22+L{)tx*I!0TdM8TiocE`%b;u0c?xY^Tf^E^Moa+adcJ}Z=SX2)y1+amrO-?
zq-1@3#8|gsgwy4nN+KaD3F*vm7M_@-1W~0neJ=4jinX(2$A_2xSJR^G(Yz<jLWA?B
z3+vBl2eW%5h<5O|7Jgn`^k?^7P{={+$BF~?-W1~sGgBK2AEI(-QG<E48)DB)zr4MZ
z50h#)Ksh1=qsB@zw(AeOUP;M0L~r$D%ybOO6Mqb*Ls7S6m;4FRt9i%2@Eot<_Q2q1
z?<uzk)#b2@l}$D<eQcwp%*tOdK}G)YaCvt8tdcQ$#i)VQzH(ZWrglQ)H`a;yG9srt
zeA>J`lxlq&>@YyQRdch~r^kz!G>|P`KLGa$IRt&r!Gtx<xy=_j+_mg|PAo4(=?7ru
znd$x*YZL6E{xQXN35*^-?|I#Q8D={zf>cNGd3OV9qEUQ^7YZ{rGoC7fyRE-!`{><|
z$3*33ke|-K2)QB@z^>O2EKV2s*(>|Iv4>TpuLm<40~vGv2|R1e`_k9C(}lC`@YU%O
z#oNbMc<C*FzF;veML;GFUtG7~HB@IfUwcLhhLvn+gNHtzXYu04`sYmPPaK9%0r{Hr
ze;BnbQ2fI^%D{yt0o_~cVdBVRsO;kGyjB*DGc<U?!q1e;sDX$kL0^pALS(rQ^_rlp
z{bb#p`#z8m!1`DSJy2gA+KGSlZQyh1NZ1PmNg?dPhG+HrlsDcG$_TTXhh`GOPoRBd
zMYAwWAisf%WhaiVr*@qv;D!#3n@^vB_sRNt-(+}LJ*2a2rPmm9h%Ef$5e}_%iKMZi
z>KZ<O5HLWh0R$VDRZq|;FPKQb3%l27dUydkjbkN_^9eZjW}<G#iMiFSvA9BIdn=47
zHXumCFtTH!iu)Q9?A#&D-YM|3>dq3;vOq+xB*SwoJl^pWg_p)`%ankJMJGU>;^UL6
zs;8={OZq2IQIrH`MMFk{cSjLePy?x!@;Y|~dc{RZX{uA$!Xo%bLBfdX1ZaA~ZSf&-
za$-u1T8Y=u&>i2(hTXS7X|b%u1SQ5Yl`U}FMCwh1+jQlh9{{`li*Q>&2=G=vVN+Q`
zW&kj^y2Z%IT021BW(ajV_w-nZ<;yhpYlD^;3Bd#ts1s`k!~#WE?M<SQYbDVJ9tB=)
zaFxDKHeTDevAw&2nlpFpIi`{^0E}2%^kJsK9~;EaDi8N1@kMXI3?L!aIXRo&L&^5X
zAKWa_?bCmE=uAJ`$2~~FiSsAwf5h5f2)TfPKiRv#5OOzTjLn}96aJr&3v|d9d-qq?
zuN++@j&Vl$LIRda2%~BSi8F0x`lu#<r?D-%mkkKiy3qz~!)&Km`l@Cq>#Z?*U*9_S
zN6m;gsB&I{CuYUrkT~R#qf;b-xJk?p2I||Q7K=^oa!C!X!nk%&q_=N7Gh!zF?R~xB
zwm9*fq%0~1&@tk3^xD4-|M?>FOTL7r<lioJbZdmm8O1MM7i*`vkB#Ei1bQv6t{zLU
zNlb95@_?Wh3GV~p%j%FwIY~a38?UNMmt`Iiiz_m+UJ#@gkf0`yFvwjyZw`9;gI4=H
zA@%}%SyQqFz0lghR{~C!MHFd(oePLOjp%gwGD5kM9@E;|dc1jAe%$OiK9F4_M_)~`
zYr4xWrW*KsT)~x<F<2jv`vJCwb^hvx&h@q8-HYHTZgX?<_iVl4Mmf5ZlT+UPFDde4
zDdV4Nry^HvoB1igc`lJ6E@E9W-N85c-q1^-OvH7Z;&3b2std}>%BBa4waWZBle0iB
z0eUbLDk?g@Y1JcS=Ef6}L&wxo#xyg%mn>;(XBUG-vg+&WRU^Jn2~xE><E?;WR-e#N
zrc(6gKBA84y(Kjbtxi~Nj#Ru;5YR1Q?c?ew|4Scz+Z28favaLZA!QS_OcIF%8u;1x
z-afu3H!wFTO<^s!E4A8Kf#!Kh$@^s7zJ;>BprD{`+a#i*)#NT#ZIT*2US(tdMwjui
zRm)`2s|rAjA8??Af-z{UQbJzL5-cfZMOoF!xt|<7nMCUv->ziq3|tbqXDHV-XELEB
zcorEnlRuoXI4YPWIS&(`$u!qLM2ppgXj~NaedgQ&(tor;d%i}U5<1%T_eU93(j0So
zsMax&3J%|cd3jT8fn?jkbH0I^AZ6lnXkKK>TSlO{z)NG(mP?x|Xf2ePfVdo&^hNDW
zOE^Xas+n)^U(DQnr@~y~K0&hs5$L{jb2<HXRuke;em?4Cy~<I1F?5%^SY{xm*=k*F
zIOqO$&dJeEiOeX@_+n{oRxAI-Fm&%l4eicExB2{}FxNBcN&%6l)GE|gi*2unOBxv&
zS~x0ocXs|(lJ1`tXZazA9XRm&qZk_Hr6E|2?s-W=JNQ68$Za7Xsc_`n^T|5S(?W66
zXUF%JqTKHEf7SUgGu@&~^G!B?9Vm4++ZFQLxcxob-~h35cQ+M-z2R%IE>ZrOaEWAd
W8FZ^wT`=IX+w5&FTVv1Pc<>(!6x!JU

literal 0
HcmV?d00001

diff --git a/docs/installation/images/ocean_droplet.png b/docs/installation/images/ocean_droplet.png
new file mode 100644
index 0000000000000000000000000000000000000000..32edd5ce3538af7e21dd832ad27a62b0a9dc3982
GIT binary patch
literal 26453
zcmb^Ybyyrt@GcB5!Ck{ba0wpVCAhmw77rfWo#5`8;2Io)E*{+7f(8!|-2EG#-}%lt
z@B8;V*Tpik+f!XV(_LM6)m;%PO48^k?@&M>5W1|4gc=A03kJ^5kr04SVNu?A5Xgd9
zRzg(61LofneC(D8Ua&C>$A8C#uTwU$2|=b3u?Ad}^pI9%i*`l^k<N>Zp?be<t-(Iu
z_ZJ=lG<;2ll)gD@*NAy}DQW36y@Dy7)XRsb9Y8#2*p?TT7nhfemzI}>mq$W35g%1d
z5(T^E^G=Sizm|1p%glZSTUK>LX=$nJf9-o*{SpseGBPqW$Kizi9(CA=IYY&y%uxd+
zQQrD3g74t@ms$Dvpt5`48`iAH%$>jcts9WO-U-?JZu6{H*;urEWM|!=M|2@*m=h?4
zLRgxV@J4Fam{+IQA9AF!A+jOw-M)s=Zsd++oU;pCS67GVdPY&ca2PfM14s$5@d=3t
zs=7;oy>3`O5*mhUB^F%yqGE6hX5U;;90?U5$UsCyZQ@p|IfYfCrwGpKm}HrH_E5zu
zahcK`+k4B-{I>{vwOr)%s?wi#h7B+9JAuv=!5rU|@g*H+jeF1$f8%#r>j@CEK8K;&
z`w)C0KHRcUZq3r$G{eBv=31Y9uA0B$5@yd5Vn%$GQFZo~oir5dc*M4{dgMJKdKelH
z*}35QM!*I}C=s5WMzeQ<=c$wyzwe+qBC0#%CcJjC!SUaJ5#t6{FG?(rKc2uxoz_p4
z#ILfN$5|pb>#UzJmpT*n_`P%QLIvJAt-$o;$nJj$BEtKYc4zZrG>GTSAxK^3i)ZHZ
z$eK_HG*v<sG``qBve;<5Ty47CXuIM)&}ge1-56y4CF@dG{XxO(OLlg}%fr07`+4S-
z=8=Ae!Y&LJHgF_Jsj+UuiDOW28;O}2@U??Z6`}D*Dqem6y4h<eY$e{tTqO-{n@)!R
zcK|Kzc=z8cM~&!&j2aBu(uHxNS-ty7B3GTICuJD6<l^FTscR|m-{B-FXU@8PDb^@6
z^lfQ(j!xQnP3&D*MP`aF>TkHBpRSzme39S1s(_tvfGSY>g()g$R;Dk}=|R>`)b|tf
zB}ys0%Y}|?X!9JR8(LUTwI~(k>yb!dKliqA(#AS1m6pj*g?XDmJeK1!^@nC*#E-yQ
zd1@R_lGpA(6S>yGXwydz%#aFxbK~G1MEy;EU+(xw7;2oW!9bBS@v=vchw?+KymN2c
zgiKeR@x*9wB}CAaLVQ&VYH1glDAd3{`T=vN^h?>tdT(B0Kio!<SGi_&v4}~ACbg4L
z2ai}SzF`Do^Q)|YF)#bC<plj?s?`e#L!aZv%y+_`{7LBvN;QTV1UjXvOINjo%i1eO
zZ4YTbm^TfF46o#=SW-Ya-tUN!j>K=p%21!<fBE|Qi2Gv%xeuX)7$;{Ax5|yG>7H*&
z{#-7i-nJ{u)cf`BIq@yZR%(f}XFOJZJ%-)R6Y?DTM7pY_3rQ7!Dunz{t4(gR&pS~$
zDl%tV>&G+sCgR@~&4S?UQAZWx-lBFYbuRPvF#X`QBdKU&t;04PjCEx02gk9|A}5{g
zT44?5Z?p(*)0UiAaRdG~yPM>Icy6gurk74euo}bKq1;w*iFfV8s^}M=cEoc1<KB1L
zytO-u2E<PO0(M?3p|ucnbwc2c)<P=QJl~FlD30`PBn*^zL5-kv^Y5DP+UdAEr=sRG
zGIS0Zz>O`x!;b8(OqW0T>b&UjXth5wR=CFyJ*+Q;vLHC!!o0riRMgO&z@2;(h0REw
z9xX>5?VYauqvo9;f{*(nKX4NI2HFV~UcTVb3eE*7+MkxaI2xA-yt%ceLsTu}I<=;Y
zC=tT-klX1Kd9$DRzvbok4Ts<%(!V9r-}^;BacQztQqX)egWWctDzT@7t#}n0;odsE
zcvJ<NZ=Q}2IzgsLEu~bgFns{jJc_KYn2GsdcX=@JI&o_utW4k!>df7xDA&ybbUWP)
z@DD5C?hKa8tvr^2(>o)KY)hDD9hf_7SjF)?VrCyRtP<e`L~Y(UkGxo+6Aa^?!<EH9
zdOU6|LIKBTIIpiohnXNX3ZDV&6e7FJ__^35>U*2VIN8f;PU}%m`Y<anY?B3nzyt40
zoeMeIM(FPWCsANlGJ(-XBpFkp%Ge^J3`lyHv|B4gk7-x7Zrd@u3rAYsH8e8NOdxKi
zU;n17@}@P}8IKE_;!u_1RIgLw3bq<ESD^gFt-_&zr8+`IX#zFUVeT+LVG7uiYCL{P
z&&arIH#0XkUuzo0c-?W5deGLs@M3(=;Ooy|TXxL6=<FPJdwNpzHN<DwQnYq0*C<HP
ztE6cdhnBRub|ghbF40I*Kg{~t7HbhRPA$u;yCx(=f%j-5_}-E&tU)r%<ioN_5gLT%
zs?Ez6lg3JTu4##WHG6HVy4F5m**ry<U#+GWeeaiKJNr~=<v8&Da_#<I`_D2x`-;-}
z#V1#OwaL$SbGi+~q3Z9N3zXOfCWzT?K9pJS-f+}DKKhJ(<B~TsGrMmiFg$`Ze#rnV
zWby8<x$$HFz<|wEzNF7zDGT<G<2~BK`(5LWTwGiU%tveO0?q1)S7b}gj#M{uP|L!o
zSm(7iPd%tpk+rq;isR1Cj@9uB^c$~Zet#TU_3t{1!>+HeW!2RsZ4IA?aE{hH4f8k;
zc;CO5oGDRW2*;+9@T!Q@($~-WXya^{RFpm8elf}s2MN{{yk_e#wZ|oU5hgM^p2muF
zX%;;9eojK2x&fYdAWWAeDfG4;KgF<eZ|{A?TsAqv4>aWoCA@8ue~6y<)cpr4GuL?5
z_iJKiDGQ8?H2+2y`ta=^GzsHT=Ln&eo$QJ)?>uBi_be5cQ`deNqE}CTvMHalQ*X%D
zHz@Ltxv|<_<DcW%uh7+1th38}JGooW0XxUEF1sq!qy~L9_r*uZ^*gL=`h298gIF-b
z=l9s$;(k))zV53Hg4|5nuXpH^2)GGSEmE(HX9>UzQ9K0FI>Jr{ouF>$G+58^p^E6g
zTld&PZ?Ij~3d10A$~8bnMz&t4%Ic3Mgsq+YJ5_MC=6zzd+Tt3I<+?vDDWArSZq+{1
z51klHpyKj>_KA7NCD-nCrDkn?V6jHyS&B}?9nCU);KMy3crn=LeQ&KGpdT-&u}~5-
zM}~W^muYMPADlyjeB$fUoZfgZrGWTE>lt1pM^ZGR9(u@g)(*Yig1ppjzPKq!KM8o&
zbYQP;yo?jwP>$`<LCJ|@#d`L5vpJ2s;Z}WbR(W%iQ&RfQl&5LEw<)V~rQDUmjgj!k
z24)I4HXFF6N^}zjT$gVxKbXnP>elCr6y#r&k(`N)spwgej4Uuz7Aln&jNtiIBp2D}
zrpRgLK4R$xCq%8sRH(Ra(HrxAU7+PUm?&VZp9>cWqUXMdojbHNPD<_Prpvo6tSKnA
zLt9iWH*QtjAGCK`ur_vSUsJZJw|O^fYZKG>=}|}5w$3htWD;Ls4=*x?KIY)9YC%MT
zYuOKhqIdG*>qiau%Zn&i(LXdRN*Q9@UR-5k+#X$;^A9EyF+|n{PTC4qRv?1sOD(SD
ziAhNfeotNjOqi(^d9aV4V<6+xGcye)eJE|6{2r&d>Y&-l$$&k5RD32C1qC#tq{Ee<
zKDG}AZRxkG7N=+P7e<VNg2Zt=j$xS)5W^4;b-|Ax;r07Lm>*U4#<M8E!Rp4wdE8$X
z$=eR%SrJvvyxb3FWs~Q!g}f!6vu->Ws`TaL<ZyN`?j#8O=*bR=>m4@4V176|IR#JM
z9WB<16A}_qG7CP=6f5HX0T*nESCWs{*K;1NwrVpo52u<Y(>_$;N}!Vy-$X`7Yq+>@
zlHSKNlCF@MNZcc$zbnk(u!wYW-9K7tD7UnTl~BxJmlO|0!@im-kj9)XjK?86KoA>x
zV$~j)C32N`nmH4Ir=g@2o5i%+)w>~9A=A{<q$Fk`A6M<K$6fk3p(-!d<1E%%j7I!>
zGb3Pesa5o(^QD74$#$t8d&3fTFUNB?Lz=nc%d+H9PkpbyMh1G3oE@E(n0}rY*micI
zU>T+{2<G|453OeH+(UuriL<J8>21~IdJ@7rBmcdZw$!62{AU(f*!pT3{om+2a-}R<
zKE8RoDP+@zxQJNU-pz)Me;%Hz2Uf1lsK9B3(HatFKc6!vmFWn6Er``rDG(O9!81~j
z6ASMRhIm^DUrvg99h8<_cB8WVZCEgvxtI{Hrp@*UG{r)TgZL0{3E&-R6-GrYHxd2P
zG3)A>?h+JFCqQv+D^nd!u>7!vy6%%1XK!BfcqBfvsoTJ?y}jvyI=S}Q)8AIHp~bdb
zwU(sQ-A{z)`@!kjz4iN)Ogy-apY$Jv+AGv1LbUe}to*1@XoFYH;Wk4F{ak;m6@=ky
z9SGz4EPY?4_J5-1b26T?IsfG))Yv?YB;MZ5t#Oz#r#Z|$x4C+yc|Vel(%x7mhm}qt
zVAJ<xL1v{ArpWcpXya25gdCQg6UCmLR6|A_uqm7_e^tgZIHXMnV&5A0io7i}nl6-m
zW9eAs`*7VYk8b&fIwT|{;zGSd>8%mQX%z6PWML7|u>QQ80Eyt8qD{W}SFKwY$_vxy
zf<o~gTp09#Mk=UN2wQ_X7zU}q{98y2x{GJ(7NsQr2nc-ZiJ;&V%T7rak9UsxBb1db
zy43w-EuZ5nuS)h-e+=$M1Z<!x1i}RDvCaWZe=_S~)XoZ7qr=(v3_MmNh_E90MRd3~
zi+w(2JG+Wxr?ME5syT_SiU%~akiT<9WLH&F+Z=>1gK<?P%J-olrz1$lq{ei@p1u_Q
zR?2e>pAeF+x)4jPqAiHY%u<-s_y+k8VcxN26PCQ6CtHGYHsKQ1=LoMq8GkaPg6^ei
z_vb6WBTWcFh0Xe$CEL}s1$pX8!gue?vpshcqFA5UJHoW!@?C$>d|D`uoj+0d;KA&j
z-R(O-4)50S-M0O5Z(CG~oBuE4l<k%KawofMg<n#@Pb`}7UvZl)`zCl{vuyVneRp$<
zZY@-%iLvv$e`DH;?z6GqhL4irJVe;MWG)&qqsKxXdo)7Qmjv7GHvCDJ`!tdrm+)m~
z8_TGlC_73z><9dE78kC)7w6>-e;)c-Kctn!OsyX+*?&7flZ-lXY4*EUSM%35_q<OD
z34uV29|oA7I|+5~)Ml6OWqsWBjpfEV)k0C`wrL&p=L#IMVrRGiPH%7Am+f3Zi1GUb
z4#s%aw^su=!f$X-Q0^`6KWE1La>PX#P#IB$`*&ebu>Rtc7*)8b2eYZmfNz400;@na
zQm!W96rw^$T&hc^%{&`1U54w_-^6A|KxDShS0*1yvf)iwsl=?bWH)hRbEV)>bPhY#
z;;SSwgOPv`9(H*<E!S@HXFUVG^rxw2nSe2zNvdH`G?vWvSu%n7+?ou`1)Uw26Lx~5
z*vjEBy<f-x7sJRxg{8V=RnGpx{3Wg&qi`u>@qLP2=VEzz`PF2;+|kg-Jd>!PhbDYz
z?i6hD3M+OOseu>TA2b<POpGox`ws?M-Jnnk+5mcyDs}4n%YCXr_(+6Yv}zVijvf(E
zT0D-o11S3+Y$Gy}(@wts%X6SYyuV<-N9LU}|6hecSOeGLqTF1OfQyZuu&DYxsTyTz
zQ7A}`9#xQB$om?PJXtA}9VU4Cmt$saCcz8LQ#|tK@j^A(LgVFMXVOHG-)bxYn$P0Q
zivvVT_vGXdaSs^;>M$=Sk*qe54u#n3nu_p3kf~E9f!+MX@BuCAjgffa-)1XDyEXWS
zLcZCaMoZIpuIcMx#%jy+?V)@jkpp6=gG6rv>MU7uN@OGol$U&ImLwAUE{}A@hp;=p
zSCuxNb_vbwjbrhcIG&Yqympndvncr@9UU;Sf8PQ2*LvBO5I4ozx^HzqNfoSD23suX
zGQ~hes_N>gM-<*bAt`>THZFElJw7>JhG$!)Fu5~Cbt#U@b9t*JIsciyh1oD3CRAsP
zUO4yLE&@sE*j$Vh-SJ3zG3LJ(eNC(D?-hvuUebaF`>?5~;>^bC>)R;C^%K~|q>t`j
zmV6Dz^?yLrxwP(M55`vBOW{lX4LZOx<4mUOs1oUkq`Hh+tn%vXHseXPaV8g~Pi^Xv
z!k3xoD~8m(@K7m&b)c2k(l$*+X7;WvUifyC`un(V&9-|MAmzF{4>7E+MNH#_PNJRi
zWaF&*vnV}#AJ#2+aXqC^N%w@-+3oHfGG*-6XingX<Jul5NOF{&*l2&sjFx-YszzF)
zopPY<eIasWr+>t3$Fy8*gh2CDd59uzZ8~B36F*g^ZU>s#XWWRk9A^<PGi>J<7DM}b
zugzEaSaR2-Smnx;lLBoCW4cwyc@cj*a0|DH{=mTsZ{0=UZ0LikJ{(*ICnU6Wz0iVx
zkonhmci8pj_3XaOlW8-e4&G3vFDe<5l>04fobh(-;AewW(>JH?E9W?_`gc$eR`(i=
z-r`b&4ZKJ<IR@x+IO4x-UlGR7FkOSJbemnysI1Niya*bO7!DC7sbLv5FrI>4(NJ1a
z5$;?}^3htAMAYLx2Rsl(B=SB@<u)o-#2axv8Cs%%92aK{Cm7aky#OlDKwhlaafF7T
zJ0e&_47}hF3=CEjtiI;)K2cq97joNJ$e+GqrA0bargTWnL?(=TtV3Z!o9HGv<1w*;
zQ-D9+5IhOZm3%g#9Ku~*^bi#Z!*-wx8*%LT!oAe=!JyXQkfaJxt`Nu9O!nQ5w$J3?
z!lX3#qm=~I?mXZjtI#RMn}-hP$v_32Fy?+G&>RfUkvX1EWA(;az&MHeI<C;ak4Iff
zv&i;zdrpX|UcT0uXDTA#eK9rZ%=L(d^t#U-h(zOS5l@rhdJ*!H6~juAACG6+89dt^
zsML>-li<nqp-Yiw4}Qy&<}kPPw=F)Jm|Dk0w9<C{M%v*0$ekC*4Yzrzx5oZ7nH;hg
z!z7_WgM0-GT2F)s+HG_?{2QAYj)Zw^=gN4eM{Epd`jwstzJ-5G1GjZgY~8rBI(mUj
zVXm3SInpG0QSeLeHuT>eKP0OlDq00%6l|F#thFWQcA%#&hM{F~IGw!lPP;{%W0>m0
zhgBE-CAcHjpU&?68tuvLUE%8AcADZk2;RCW(SzGs9VrbwcTxf+{$PFa6gt_Z&GAv=
zS@S6968qIJ0JleR!kH=lV+QTvc?BctTVsg`TEsyU8<CN{NT-~|GJ(OIuYU1yCP9Jj
zL)5lb@xf1i@oHwdc{VDrX9ofsb=hL$P4^7kZ%?y4Pt=9a4uad;l+gMJ*@a?aR?bpA
zg@agnYqg>TWDz0U+ANfd?qLQYX#MoLgIq_8`u)kUoKRDKB=R4rH;)I{s*Jl1xn6=T
z&1&(mvnbNc1lCt4jvuKgTm#!`@-#R(v()mj<3<$c!r8fkymt^P&gL=$XIW3W@nS(Y
zR+>&Q9^If-5IG_#%v#MwDybhSz6c%@X*FK}asIE5n2fzW3GkZ;+dmmFh`M4BGcf{g
zVeI4413nH**~Fuwov=yl?W7sv=O(;>J_}CLag4tI^KKeVr$oG4T)AaP_$;1B=FOe?
zU(^LB%wf=kU{8(tXu2q0?l|j8#Lqv13#ynOXk7~AKoEN8E?ZWp!@~zn*n`LiXL}8_
zY5DuJVo<KQ6f+&{E-fo{wBS}&*k{l@J@{an9_H88lHPWAB|?7`2&9}fIiAoCWpRCT
zDs7dgFAn#K0bFm&!xC{H!n8R?Nn98JMt2>N4?hq4oU5Q3H;YVEnB*43|4XQpWq3RR
z_2Aoe*UQD2;Ke8qBXKFG2U|%o6LepO6xd^@p?~nwUXR%?%pv-!b0BPO@YHaBP}`)q
znx6knJw}RPx}lO?@>97Q=X&^n>%M8jT6oVpb)H>KVihs{gzV98<%Tqu^{lcj^uBL;
za$O!JQYdZe8XDMju{BGV%ojKm7}6nvnS4Fd=aC&aSFu$}B$7T}wDwSgVffn;c9_*r
zN!OX!0}a=@df$!H^81V@!=oszfj}-PtX-QJ?8s^z(oR!jf$i#fFaOL^&Lr2aL3rGL
z_fMp1L~@G0vXmcE$3L$o@oB~p@GYrjSl*rZjE_Od(N5gf^o_{<vY^-~bnh;2f>F7p
zSv}G&FnDlI@3Nh1xoX8;*qo;NL>{m4a_0L}vwT5_GS=2w`lcKggm_;z2IO4E22H)(
zlqd}!v}~4kXQiGTRG@a5`-qPm(%l+JovD3XNI?#)B__Ud1(`<^LV4d~BvyE;)i9ZU
z%%Zy;#VYXZbx&Mb*X4a<Z2=`ZwISo=m#2R>zUkQ|u3XS8R;fX=`=rjyZ(sE_`1h02
zek>nMsMtPi6t39W>`yuLCC!qORMy@yy*y6A!5TLaI?&-!)4KU1l(lUFq>i@vb&oJK
zRvXO1wWf{O4XRsA{qTuE558tQk1F%K^RFH`oyCttMp0p8V!wKjksU{ZDFs5KAs`eA
z(ZYtJv^OAG(tVwkOjN=7`1gZ|S%_Vj69RBZMQ=cHi9IN?0g{`60WkH1I6;o+iHtWc
z7au_D9wYS5vFexvH^rl>vMRh<)duK)`wEmilSp}bLw%*0K|c!<Y(RsBnEAbI2b6`*
z%rYEi@bRI<d<A1F>sZQzxDv35*k9u1mXHsW0V|GsK_?#$0~dZ7ZypZv%(b(Gon<tW
zC!E$&q4=SE0G|?R>{5^1<V5g75j@MYp%S?wh_S?VHRk)nVl%(P@}XCnxJprs`P5H!
zVK41Jtam#4!rf5<b4GxNylNELwT^>$@H^A<n?a-Yi|o66_-FA0^?Ff5_FR9_VWju7
z;C#8i<*K%}%u;0PtX_ZnFC*m2gsX%JRd0*16IZ!Py%@Z!{LIRF#}710AePc*WlMy&
zFIo!TL{4)(joGQ!+#kXu_jPQmmbR-WJENloO{h&<6F{LKp7`>r$NF^M)Ecjaq3a&x
z6Pi8LmokX@H#C!Ra>4IximEebPh^+$NU1T)lNQU{F5`tSq;Hb6+>7sQvX2b7v~sVI
z6_I_9JkLsJzAsok`JP&}_jA`u*){ap($n<g5VTnjFIICG(sns5&#ScW-{5&+PUC)I
zAdE}+$179r@@g&k_}{tLDnGMcQ*7M)K{~suUdpfO8f&Ys_cTW%NS69vpvCFaY&<`a
z)bbTtufHsI_w+TY&0z}(3S|#%TPreho!6|+!qMo}F&%9@(j*6`inq9sPsHjrr>1V%
z%!h8{>gB8qN_;7?7D3~*Rwi+#uBUGNg_n@TOe)zJjtChDwhh&&RIpSr?~~;dZ%2v~
z_8m2JAD(s<LuFd&$fVIqR-;2V3X=vaGlQZKM-+{^Z4NciM5ubZg(^Vog4Y2ig9zKb
zF#1(63Qj^@DDb_6BE%x0JZnSoE8m;>##cgA;sj`O3JI&lYx2J${#Kms?m?#~*C%%0
zc@seEAD|hVV6mGkg2#G8c8*0XY~U~$L8Z+6VKxZ%SF+*Ad7<B5P(+TCyHWB}DoJ5E
z<MhN;A$ER{N#MZ8<gTpxW==#hT67OTa{OOe?eZ*pmY8{@81Nf;F`|*58o8Rp@UF%j
zhre;=Y2=cNO3^7VeV|VAa%NQF3+!H@I2gue+AKs@T_2sv9ba)=Lb&SdU}Q8<smGl5
z`1lR*D9R;6e)k^1eA8?+yo>SEK<k^sFSFTr2fN69GVZU_9s{WnJajh^IGB5Mpu&+H
zZDob0l+`YZX+oZ9Z<tDsB0+fEd%$2U8xP$hfZnQB@YSRBazxzwsly*nq?e^H`H++i
zu_eZrm2g-HfH0voE@&npbSd1L^yLX}3*<N(TzK|pnxcc-GMY35gsH&_lO3nxoAKux
zDB7@5O@B*jv#zYi#i|w>G4~)6S{Cev65x{9?X`QGX_3^zoi>w0l<2n4mJU-|G_Hq<
zv)FR=j~{L%YnR^c3zQ7PpE%v`mgM-o8z?jIIg`|iopzoO3Y$R+6wUcpiGOt#&_&-N
z@C)2<b@>lYh(jPDV!n(GenZ6VeNTo<T>@t6kM`bOQ3&f_R%Z&AxxoTA!AN^!%iRvj
z_uz%nr7C3ZsAsAV>kGN7`!FQqr6^k5OeAAy;ORRf>Zg`{zZiE$e$UVa{Ay;AsJIKZ
z&%K|Ximyf$8A4TZjs8$rq>q;no9_~`z_#heZ~p<Od;+|l$g~XLeeC+~1#So%a#TOD
zD3aWM|LU--;zQq3X={A{b<Fd&3dRk5Est>EpS8Gv_cftd;j%VQ^N0fB-tP+!5a-N<
z5><4=sq8g(*!D#EnQs4SEyk#6nVG=#T7raQ-`nEIiH5z%x~OpeTUys?>um6@!I@pi
zUrrE?Dz6MVDJ1*OzS&*JK6_&#u%9y|e)YZgWAI#)tv82zDP>vWRa)<})<^L#29nyT
z{d3w(e$xni8%t#A)-a-X^5;fTB~c_)=(aITS5qg6_t?jo>dcv2cosOZ<Wg{g=Yv#s
z4N^daoC-{~kiK_%zlo>+@gJSx-h7~VpO=knSrxn3*Kemv9^bmP3QI?p&>HkJs@zkH
z4!)K;`XI$oXkL3u@I*(bc?&dAR4M41T{&sZERNnVZC4A`QL6s2PiCQ0FwPZ~bbIt+
zJMCTcbzRDE70Wj6ei%N**V-^v<BSXzv=MS<K%kC`*f?gK&Gz-uMA!*|M^q^d9M4l>
zTbX$H*$6!SZAwd2=TE1#aU{&Qw}jnU^yn5y?z{COItGK;C4C(|Qk?t<{yPuq#dj-|
z;9tYs&Mf3_bGikczNTpA{OR%hRy#r6%9Ww#(ySw`AR9hZtyOP}J@nBw@+OZtT~2kR
zi3Kl1(`qB?^0eMVpKUXonKS>F+r+kxD<q}LR`zXKnXpxF-q$-~I%*VQJ(B@n{?BJ$
zWPeOjQn5erm|biLYR<QANd7$aOReUb%h%1x0=AgfDU)GA3O(h<izUm5JeOAg*zvfZ
z66U;zx|+um2Qg}$d5j0`YFp-gea4W&%FamoVX;SZFr<s@^~F3e`&*V}=b6`VtUE`F
z>GM~UBc&S~NsZEbyHT3VDxSAN##(3vEjDTup|&Ga$7r1i$qbeC4h8EIGr1prADC`f
zoUpLxtD)A4lunLobcTKz3W2an$i2dBsL}slug01<LmEK8L3qZuY)r@@CYx1nJ_x9x
zO=?3#8=QR6zYN#KP$(tn!W^+vzJVd^q%vHcH_JDoW3Nj*T{4w0nLd8gpqo%!5)-__
zMiIJWclEN^iby*&&K%Hlm-xtb$7oX5R<tNZKLlRpj;uXOUT8czQ*e)aN9$`h>Uxs(
zd#{w=CVKsb=jI4n(jZPn)^m1Wf7GX4bnl|-enx)IV{t-9+T=K}cer&%#?v=#JD1)C
z0y!G@hA@IXgRSi2C|ouBP4BMt1kkK&%gR#?y{?<Kv}{^JO?U5qQOc}kEocTyk8>P_
z-x>L7V{@W5Y2-KYlaj!K$eDXXn&~<dyg1&O@lM12&ou}n0wHjuU<QGDL$JY{Z-7hU
zhJPK2{UOcG4*9?hAW&|(YE0dH2XWX~`*diBMv^;5C;jpIv+ci#w*CFCE)mDN8TP?H
zLnWov)%HIJ;6b1m%l?(6VqUwkI>+tD!!3VLT<GKTpO~TVw;wv*S1mt^Ud}Ss(y}vz
zhK8QYiLQCJ;w2fgef-D_D1iZA8UBM?+SJ?khfvVnlPGar!AAo9E4k>#g9jJ9QiJL=
z6Lycp=EW0$bl_NP1JEh}1wp+)r{uuh|L4RJpj;$p{D1$OOZ5Me$qJ+pf`Wo@{i4~5
z)k=H+{{7Jm3Q)3X(Caf1WM#zyNGsiOZ2g}hm)F-)m0Gx9(4=gP6je)WYt&#m6R5wx
z|J?NZ>m6kahqcao<LO^OIlTJ^2RPu@fdJzPM+E_6*nA@b0nV_%z!~uE>tG#WUPtN(
zqhPtYIY8zgjY#T2e%yM}(Y%-K?f3oh4wa=1i_G^@wLYh`P5q!yum0o9<Auk?7>}us
zkKlijOoTnIe_L!dZ^cHTGB=Y~b=)5`pAR!eK{q2AH`^}8qnyY2Xk+<y)0>~~54T2G
zI-?U35{4Yyd!tKyvM~lP>P-3~7h7Cy08InLW1D#&{?(c8j%KKqYM5AB($Q9H;E^pZ
zRDRNitTyi#e~%n&-bwxBv?aK)MOi(+;;|L;AjJF)NZw|!zt8sAi~#YYI!;+PMAGN1
zXE$d0KJx^q;etI~^Pk{OoW!%GBb0=$W}CMY<xK`+NzNvEB|D<ehmj@;!=qLl_5xQ8
z?4t_W7`3aSzkdA++krjtVhW^PTCeJNW>Rd965q?40C|+Y^;P|Xf`VF~yK|j3563h6
z3WIk3g$;=F^}~oS5Cc~&pL2tX4mVup%y(&)YxM!i*3G#4hlhgp6KpABxn4=Xt|byr
z&VyiFrNJ?0yV1TrVcxB1j?KI<Qj}Z{EO2{!JDX{Lv`NAG%nYv0e8o`LqJLcZvgG8y
zgCr$r?YJxVi;t8jX-*cmt)8Qak^6Se$e#U3>IdOk`*~~ZJ`p@W2jXE@s~T{ZZ-U)w
zmBtN>L$#go>D~iPv-)_=FiplSAFY@Vtx_O)z@WI+^II}(QKX#e;g~MZI9}B%sR9bC
zZ}+G5W_XhJeeoF?5vaIeod!Ku=|a+xGxIlQ=avn6ey)KhJ5IW>v9a4it<BBxm6aa=
z8VNf;Kf~`YTGkEklBP=-c^@7g5~(8$`Ic5zk~1<035kf3pisVZ(2qx12uLfu)TEXU
z7Z>+ubF)kfF_AY9Q`-8%!oun}{EhbF{_n*_2lDfkLGYC-LyAvET3XtA){n8#(NP76
zkK#GS$)7PBg-xD5bgk`Q=ni4)oM@l3^kI6DqyxDGr2}*wE#4YvADoH5qot)i_UGZ@
ziFX`)V<qxD^x(bu=4ApI0WR?N7I7du?Mab8JnEOxA4kOtg3!DX)E(-q2cS)0-XrFh
zH$hlbk^0++oq~M#3ZApVW)e(yCq~;BUQ~+D;DK5fev+%F7RaMgdwez+jQMXhB$fn<
zgYc(hm_4+PVE1#+D4JS2-^l1_o3U4-pk(iXcW0{H!5ML8yUXr8OM}vc)v|t7Qu3iY
z^vk-Z`=I2y%kIZ}aW`M`x<>K6K}r(1OXZy8f(ICB$|1=_)Rzrf#cvu}Lf&rSXQr1*
zIUn_pR-kp<dPqH&`!nUbb>^Bme)sz|UxC?2G`9kEKC}T6%5&F8%ZKl^w{@ExjBRB;
z{i>L)x0<oG$T3b1cm`t48lM`!lxBHF{8cYjD8(S=?IO5VWF`>iU`brr8~a|ONS&Li
zY6!qhp=hLA?_YuN4aB%K3h@JK3x@TU*nw=p3brfFwcq%hi-XVk-%#h6?N1j?l`PfJ
z;6zBA3=YDp8JXvZN1^rp%qIBGJ3y?x!`o0RG2pS8&0#CJK|u7#x4E?S_;aWqeT$kl
zjbpS{bHS{QmD%Z-Z*tpCl9|auOlwxv(0i?@%3>QivFn$+VInGqN0&1@;~~jM#rqI-
zyEf70=z;s=Z1t)N_nEi4DQWJqh?i9)UQX+?MAFaCPY;)}Vd3bjXjEWIhP6_Xop0OS
z?HzxG^)0`TZs$7(OXmCyc>X{!gLxDWKkHsSMovF$<1LaP<CL%+C~ilS13N~*h2Fd)
zQm$25mSewEU)th&h%YY8gmVUDR5XBGo1{dr>-T;&mjJ42U#Zp)P!S9)BwIFC7<S+D
zAzCCXlRqaNgMC1D)F3ITCk%5zstUP3ada^5SMG23&{%ArW9Z&x&eRnq9Rgp_n<sMh
z=#!fGCcn{iwt{B`YMh9*gl)=ybcpG=q;&^u@pTKBq=H5l0MW{x`*(WJkXftmgmLVc
z;-XcfKH<0%R-D^N{-dpKs$+rK=f1`MU+#{Xd<Vq7PM-F>&l@V@JWdoX-Bxj4_h{R*
zG<RLj7(%}Vw=#(eHVJVg-S3IE#d5xTaimUvWye0E$KDoOb_wUbB^knY3cPL*z1eoF
z7R*R-q(IN7x!=#YUpo?*7?fy??_2zsD?<&Hae~S5fA+juG>v166({~O6%F`n#a<6b
zP0R0tDR9qmMprlpY%TJ%svz`ET{>yoZ_cpZPHGKs2xj}74;=uz!RJgb3NQkwx6e*_
zxZ%C_XK4t*J<h!wkO?UZ_9NHWwnn^1%TJb}#*t;dmu7lk<LmR>ad3|OedAEWSMrbN
z`-s)f=yxQJAhK2(N*H38tuSuhUqDEF%i^&T{e*7kOi9VnnRr9yuwbwDG7MIk^yx&3
znbPx}DxGYE)BWgOXgDdI&6lm{8AU-VBFa32cvMrZQl1m_e((A`J4PpCVpKJ$l7q-(
ziO->S*i<*e4`^A4&>G5sHHty_-&enYsHr^njVv<)u`F{UBz@KYa!Q)8)i@z)XC$p@
zGy`eic{GD#P!ubvvDy8^puP9+)6KfQEb|($Z&kJ0NCb!E9Rkt73!ULUa<?}<QudcB
z7?gt{*Ll>;PMTE)PukCy5fYTZlvF>qUh-F}By=%Fkp4*1M(N*8`^nBqsZE_P)>W1{
znj+x>%eI+}9(w8*>+KUJ=#kU7*{ZcICUknN!yinYye($Pdojf`AxTqzM4Eu~)St*O
z-gf;xAxg_@W`Z0%84KY|vs;Ba58PnCk0|P+ke}EV>%7DGJS%<57a1=3pAqVBm1Q1X
zbeBsuuV6xTLTNtF>dK`+aKa&oO@xHUx&*bwzNXd_j^vodxM`Da-tfJ3qVakUjxGof
z^SZpgi7}>3045AlN%jTF9bP{t$4Wn8n)kY+7GLWUMv3q_C+}#gIy}^pIp}<dZvg{w
zRcKR<If|XgaCf^ek=kvYgT1UrH#UOz$hqZZU*xvxEwrX$_(2kLcJEfYN)!w32}zgo
zcV=6{cZ$RfeHZL|a&@MWe0L`bYuhV?LD(mc9DW$vPbg-Y7!r6Pc3Vy79p>BJ?s*rx
zKk24$!{6I1Eg(Kc7M?85^CS>B07gJeDacGUT1}RjTC0f)Y);Jk;3j<lf6h%U%V9}H
z0X7%iR$hdbqC#28b*0RPz^0={4ebQF$bXk6PYed(k-X)3(=a#jTm)1J7489G_xcj^
zGvhZaoMiasMbYwwOc5<+EjZr%QjN`wlCi#S@8s**abmP3$A6y3C~4l8Nh*K~OBc^m
zPO!mZ=e*#;LcD<=+{!v=oxQ0_45)vM-KtU&oDr6g%AxxG-3RLqeHcWTLVs0!B3d;#
z57#aU71{nGvJH(NaUV{qoaGZLL)_um;uWH#+ddWiZ-B_FjXqiYt_-kKU?{8j*`zq;
z90zNA7k6cy#e}(wv;+|5AIbdqc-m97-CY58qL?uK{nLyRjf6!&8t{Rl9RFoN0?r%P
zi)eklH$uRV2!2sW#<VyQaMVzOC!|f>PhHQ_YZl0FO9T^S9xZ^ei%*~RM&Q~CM5$a#
zGE4AF2xiJpq4J*KG>z3n2SbpuoUXG(r(z)FlySn(%|FoiLLdSL=6(_a1P6YDlF-WP
zACc#jO!=HkN`P^E!K8-P5D$5n(7XtL<y{v4Ob&E{7{8q_5KAU((0;oal`uL7hUTiY
zvdJEp|KW#0#&TV(F@~k$rF5d8e=IG@J{Na=4@O}B*?u+uN%Q4z4kVd1i8^va0sRON
zFOe7pye@*dZOWk#q<|xh9+;Cf2sv`*-rdC>6|#N-1|{`5&N~%MD22GT^vmPjg<B@O
z{7ecYe$0s_Yy%nm5;i2s1nZo;_ID|k8<_KnkpB_NPXBM&zOxcw%h?Z5VLXQq!Y{G~
z^-Lsam8^3Ae7HWM`b4ayEyYY+zmNc@(;1oB2KdVeWp>+?ek!glIN+<`n&o)ZR+)x>
zNx{cTSW}K2VUX0XfTpiz80di-oDauO4DKN<ah3~pbL-n4N-76<YCPt1(hAJ=M>Rqt
zDVdtT_U*a@Hrt{dxB4}OA5X<ca9grIw*wyd!DOCzt*gHC0=fXJY-(e}7i!rX3Fdln
z+O?z6sPlMX+Y!E6_1WXq)&|Xw;Jcb+#ztJUH)g_4EyX>l_Y`$A?JR~JkR}e5|Iy@s
zj27(EX%A+U3^}GaGjhKZXq%!!uVL7#ge1#AiPK^ozdUOYo*a+N=k)82VxxJba_{rs
zg1FIJ?;HrK?D|<pY67Yff7mK}ehd+h)=Aq%EC<8N@<Gbz2P$@?uRT}uRr>PdsZX~D
z<<-`F_{<Qxf!^!-@c18!ih9@oewzv`rJg6iI;u%gceAq!1pK|=S@$VeZHak$xY0KB
ze`=5?Y*DdbbwB;T^xd4V{6uV&5WH(Pgd?4mbX0+a;jWDGuoWjfyI(5Et1<B4_HXfP
zayZgpEnS+J=yI@K#H16W1S%GSCvJGup!|2ysLag!SSRZ=Chwc$Ic7o|{inx^iEuIL
zyV)5s2}CPvn!>1hat1^U;#)*-_pd9gXd%X@&tZOUd-mz2<cnGKVRtr6^kLs;vJ|`6
zv(0!GZfXBRX{QoS(9`jr=4PEjy6<dHq0xLpRz9Li@|4>fb~vP<M{x*%?_#$$UtY1?
zE5;Ui{lYOpH-()BF2Fb^K>8aWrV$U3jg6z|e83?2--=e4E(e^qgkfnJ*X-qnCuARe
zZch_xe`R2EZh3r)MlG}c_hJcy6x}Pi_UrEx;J%Q3{JAq`htBDE#`ubq0W=K2NT8c~
zOwcO^{6Dby|H99DK-tFsv;uAc@aC&l|8s%`{s8;`0@we+?f>LPr2^7loBwaQ|NEp@
za^(NfJ8<!TI><Nszts3o-2aC0j#DjWy7Ogv7Al%!S^fcK{Ljy~TMbXb9u*S<<^Eey
zS#_t5p9RuxJI}-dS)I?jGnxLUss#8P|2KJlY^GywzP##2v}D&hExfuo9le`a-&R76
z$w`XoGpBi#bz$8#B4coG=H2n<JuEC0^BSk4<3=|;Iw8A6s@cBlK!t7{r}y<2$pTfg
zvtNj0uPl!i&x>L-;K*)*ZaGIu#k?!})MU3mltlaOqi+j9VJR?Z_p+MI71gUVM_<+?
zRVz()J6bCG3X6CEkZj-NxUIyJ2-LeB>7|4mwk&n{ww|9Ga7A(q%Cy*&a9vp{TrGrY
z`Uh1)OH5kG{Ja>b_GNj*tt3}jN^t&3NR6z?TCT%uBiIu}H?wYT-kxpU9~!=tNym}4
zUsJC&+J1W4Vey{|MJGz`%M%Zq%@u|9eLNdrXJuveSc`y1kPbn4yPXsdaDNK`y-NYc
zs@UgfVm>v1?mC^$W(v4!8u;O{N?H8-C;l(3SX8w-3Oiq&OBBBs{|Z7(YsCyQ0~p8b
z9u2|pm`|?ry7z}_^5PhhT=iX3C-}P7wI3>sm@a0IRh=t~n(Rw1&9F{S)=jGme$#FN
z8f<Q&<AQ0GGAD(f&oJTNzzF%=sxWF*V14GXUlSDN4v)>xrxg7N%va_V4-qZmfwRmT
zV0dYIkb3)dgA_(>Er1EV^D+&Of`S5<k;CVVkiUm1!C^5zyI5-)k~F|QzS`zl7a0}R
zU^asPN|g-9HsCNHodjT&d;<T1xqvKkRUr@>_*D{tnq#j~s`frh03gLinU8(jQ49Xe
zUJBs-QrRRLGaKZ+1Hk^4sTPC+5GqENGG`@OQjnB(ZW2(Z!G8TCVAGU(LeWQ#fI1Z-
z*Q^QRf+G2}L=(%K<5fr+wFH10KHf|L`%Qz#nTa*kgVT-0sC+7uD3U7KZz*;(3l-Q6
zEPbexq%s-8S@Nu{GMsVVp{O!>Rsyronak<VsAiStokFd4qJ>}bRTvN#E7j?pfD+mF
zZ0Lf2Ehp}Re<De6=-n%c3EfC>{_L768pzJC;w+n-inD;9vvrrCwWEQCt+nr2iPf^0
zpOcV4j~SxE89(?6<cWH!e(<NQvhyYxdm?re6<BBx(QAFGr50>g0$xscIO<Y9dHlg#
zdAVVyA65{+bB<x`@2U5?Ij$^L{7xwnelk~MEZ$%>gYZ)|j#P-8SHHvOt_UCeL9f0G
zc@`i;W8<~>zjOe6*xPrBvq6ZMmg18?%|<v~4>Tl@3Yof~@gD>8To325_<}1UaA_%Z
z$RWphK(jJ{2dUTT*N)GmlMAd9-_le@*w=*!7<6fdJe!3o)w<a-O-5^bXhaXN&$*tg
z2?2j3FkM{O$Ucff7Qzj3SBDGIkeawKzXPH`SSm@NlRk1aY8=(|4qrmp2i90Drc=<B
z!blp6HbCmt)X@q5CE?p+M2TKp#g0)4fhKy%mZ$8FXN|OPduC@dqa801J~=~+ko#hX
z#VOyT3vB-l;|Q{D8=60Mt{N9Qe=O{o|Iz(pH!Cv9%W_6qa8~})c=N$O)NtJa)3Vkz
ztswNqs*kcZ;r=mXcboaEjWu#rw62#@a+=x?Hy<Lbm!_J_s?Vx@*LL2$)BXF`!dVOn
z&vohT)CoAW{?BDe6lySvX<6<3^v#o_(nlQA6@+TS*QE}?sDNawx1dCum1Z^xaZFas
zg%<Cds(=^q;9dhSM;K$Vek@)IRKm^i4U|Mk0KnTn1X$=T9%q!Yi2Ko?J+XOmVPV6o
zgE{d`k#CRD<l4U*(UHZwkWf~e9mVxq-R8POP|b{tP9=?c;b|}`Rgh5NL;xRCMtWqP
z<A8+*GgQh>NfL-umC7UGy8c^CxKF{Q96c0)zy*n-;Q$m?+V3VRhqBCA;8_l9ont}0
zpNj~HDqCziths<Sfu}Vp{5xGFj}q2{1dgWf7bTJW!pbe=o1XgPB2KV31V1y@x22iR
zLBq4?J!AI9hT&GEX<5Vg=GW{CD_yl7^hU8-G}*9geHTrS_oXCzkS8~Ta6Abf@n_#u
z-9r4xqQck?OUsV;3P1DeFon=Zoo7wTD~a;Z1}OO9NcjjGmhh!|eXLE+&R~_%xtH#T
z3u*8BlLP$zMy3CzHE~*rMl+xy0D|i9pHp229qOf`2`E6aB3{oEaB6{>$$dx5P1x_N
zgPYS?jm4^5BYI)jK%$g1GGyO)>|;TBV*%SzNi>Q$0Zfj#Foh8uh+k(KLB`@W)MSE4
zB5jZ$4cO^^Y))3z+kDo|Ktzum_a9B^cnqiq7@-JU(fo@10Z6wK{?7&N-ZzQN>IJOI
zPDzcj8KryL)duffrINSd;A|D^c_^^b6~?(hp~%jB&G=W*_YpE1diB$ZkCcKxz5{$<
zql)?gN{#d_sa4LQK90bYcpwonYvrzEmLNC7{XT}yW%hHDq5xjE$Wde1)qo@gI`7{f
zH-6HqH@pW;!eU~1s*<X6I;K|lQ|Umc(~nc&2Wp&<KDx*Kz`1g-ByWQ1Dmr(*l<$+N
z*OBwAtGfghY5@Z@b-GhqXUTi*tw_bCkdEIcyokQL0joJZ`@_Q|*!%HlWrOu^q?2)b
za9lew(QHI*O8=RdOcszXI@w1EC=G4;!k@GrB|&4-bR-jvxK3LM0`kguxhxT;Kq7}|
zB?h8Vh^=r3OVc|h=v#$AY2)dsQHH3<vA|dyvhaJS&KurUBR*(=r3hkK!td*OviKV2
zXN``4WLpaGJ_|oYUeok~xH6w+?G>;Nco^l3gX!>4rpANmHf*jb=qwS(B2jnsx7E<C
zY3Na`m>%vF?tev9%L-T~hy{>)u<EiF5Kz(c(6d~f?st=Cq-wR{E-3E?*WW({>rfoT
zrp!O8J5H@hII&KH(PDU(&ZlvP`nIWJpF2j+af6a&IP8L_y|AtgmGt~|zgUeuI3~~$
zw`R{)?}qrm{Mpy*npuBz#(+5OP#0BsQ<l|q<Lre#+Cb2~ytZ@vm(P<>{k?O1u_>57
zcAS*{qIpnHLhXN<l)cz|T!}j2Tkq-$kJ2UpHvBnYi}n^}uh3GfHIWoW15pOXg9;I4
z9on{dP3*){7&IL!c|!?aiooFCT0fXPCMt&C)KXRG@I|??BofltS$HSHT(JLrkD#En
z&5MNVIMwO@0^t`e2UVgJf_Z)a^=xneUIU#ngw^WXT(;#HwPWr$yWxg<z@6wpz^|Uq
z|J1AyxFX*vJuoCefj}F>l0fMW5~ej*Kk^m2_z%D%N~a=Vs`oWV$2ra+B16@7AT~#h
zVB(6A2yv_<NeIjfY&I77ph+z6jprKAM-`r2f(c72TduCrnGMFt&)bZQfA-HS$`~-A
zgc4-#{kZ0r508qbh7;|HX)LSwIkzXGF~$?7>CyLg0An;NQZp}|imjf!>_iFk-d34j
zD8jrKr|GSho{3%GC--zJfO@@jaAa7pGhd^$rZ99xJ^pl75%2G#^W|miaq@e!Uh-FL
zuoNU-M+658qul3DK6W1Li_nb4_o#7fGGa`Jqr2=dr=?&I2kC&e(Jn%!Ws`s&L{G|e
z(22#%^V6fkEk6&TfWU?TquebiyLA02$0on-X+T%7bSiYmFJ~Ud2si>RPH?fg=(H_L
zt8+sC`Jh^JakYLCk}gy!$3hql$;DS4ak_#)Q?gm*n#o)vZPdzHBbxn79}@f~<>VB%
z1bg2MB#tH;nU1Qw)SZMy{HgHhBe;A1{VM>UYANlUxpm2ZYHo+tz)qlCCd)IOVa`N?
zLB)fsbj-ph&p{yN`??Wr;Zqvqh=1=O=plQp^<n7awE=2z!-@aGuD2SFR^gH#cOK?R
z5uW@{%|g;=&+Kc6%hkqHa@Fm?dgBXFqbo7=HAIzo-99XYAgi8adE9}+?aQ)WKj3j5
zekNRQOcL+~$FSv>9lxApE;CfC@vM7aWgq5%l2LETs{XOHq`{imC+{j=+Q0#h|8U4a
zFRAFm%tuOoW@H14!`fTnv*ezapdGOdGb!NuW$d*o*#LJqWTDdh^Jie?(qkdf5uizZ
zd3;0xGymg)R>Z|{0!?xu9_pWXiM13I6f_C}mrhPWA-XrI5da~eVaYtPko;l@FW{S{
zPC$WgKq63&eU;bLAZQqV2LLI+?f+c{q)9_h&8<(|Zzmq8h=+j$BG7b@9w_!gW>7C4
z6;2Joc`x_F<81T!_kxAft8f)&CtCcua_uzCrNg=MG!s+Pm+KZT>sb{bbgx-&sS0=?
zihxDe8cKYR>h)jWbYNx#An=@$#pf)gS*GC_F$f(s>#<PwklPSr^LzAwhI<48t~Dy)
zUrBXTeEI#8PaW%p6bz<akMmcOlN)}{`mf{d0jCYh_{_`-0N2?JC)4vg{0Tt7BxM34
z?g8~N3jnZ4zM|%`nP>97n$vcIf%-l)0$8Bf@9BPMU7xjBDT@J&4UR{~r5U_Q0$iOJ
zp+k6Uz^%3h(gCQb|2>mI`<;B9T9bpt+5%wXE<$<BU<s7F4SNaR{fv%AGZUhR;=TIg
zK(<01NUt?GZb_N7gXXFY4Vj5wi>xko$6Pmikv)f!X~|w~RMWa&Igk+>RF4HX(l))}
z*h@9WL27Dh5bJaK|Mg(}f=>2(fqchKgk+uh7^lM@5x^Z$%vSLM5|zVV3Yrx<s=tg>
z@>FELiil*(F#(~9la7Zf2s4CKu=4aN8mO^b3#+x5AoV0006@yl&!0f`m+f++BCv&O
z0=TA4kfAdf0KA|8rwy@5z=gd-?<~Q{R^tU~Us6i2(cf`S0>1j(PcwN>sCuPd!#4Zo
zj{4z3by`$E5dLlW@|!)R$Jq7nq-eIzzt_4gf;H1x{};cpEP;h2RF;VI;2v)d$d_ks
zz_px7qE$ws2*wgaqW>Ea>$LG+)u3!!RuX_(uW-XtZevF|o48rQgMFj>5Bo+wkfAFD
zD#;Eu`=Snjln@XH`2k>%p_?7WWoD|5(HUfLEZ_vcx^d@EOnUV)K<w@!8&#S4nVVSv
zz#7g||8+%C*tH8}Or}(sAL*5{l|1tQSbbf;^k&}>!ZyH9Nlm3uChT}Tmv;pU*MMAb
z!egs^@6EbDi~V(#c6IiR!8TLfxv!_8)b)uH;Ks~0*k}ub!32iaaZsn7NZ_e~B&I@-
z|G}R5`KN}YDVU|fD!=z3p?z?A8EYC-y0*PAU}-h_3|u&Vjd+gBe_cCtU{##|wTN<G
zqXvKt_<vlg1~>sF8viu}utRvG(}r?-Wc~kIS6){KMU;|}x9Hv)c&Pprm6(580klnt
z1T+_c@_Jua_&uIU7Zn#Xu(6#LZNgsq^!J^he0|v+F}Q!;+T7G=u-3F)Ytx;`5!Qx#
zU8!{7>+K=j)mHbDqBv5+4j-uU$+f7*$JOPtLeaMj8k0a~XszpP*Zx%>z&>!KGV7P!
z-g+oA5~r{j8UWKk`|GPMQepNpJ7LOQ*6I+<1WJk5J_rHzt-w*tuAUA>`^v69yb_wh
z*Z5xkr^9Yjfp^)(biMqYdW%JebALn_r=M2b-bmKrjejU50kCj-09G`xQr$#e!+$`?
z68Hxt;4as$E-p|J#%w<9QWvZFL}WCd9iZ!u<K~Sk$c1*i$g90U{FjF}AAi8%lwh)e
ztrrsO4AZkwZ_p1jxA}L5k9QpAf5|F@WIlLU!%dOcOoCrv`9FH$px?xaU1@d(9oYC|
z#$e{ejVtGf`k%uQNDp^i(v5SOU<~klM`IGQGUdIrMq{a-{r}bV)j@Ft-_|$_i|itc
z23Rb(1W0fvED0Wh6D+t}a9?0?i9mqhA-E*CyM^Euf@G1P!50?)Hox~?)mQcE%|BB$
z)zi~;yX*FybI(0p)A*ymx$92=VKu}7k->PW${*CS64r}BYX9pKp2y!JKME^1R;vsK
zCKsG%%Bi5X#r2Y7m1ZvsOx?>8C~fo@dG7hi>J4r=B;^8`uJRwb|FJCU6}M;(v-Obf
zl#VO9<-`%M_h=%q>x!<c=Ovl9<yp`>Wa&CDF~>q(?BR&3NXw&7-LtW0KMKUGf1=~2
zGai?iC7hT2-cp*wZe<gd$ncelgqBg{yOp1_n%=0YQ;`^X|FQjk-d?V(+}4c1e-Cw2
zairfUe_iXA`>l59x?GwxnnK6FgR4W^)UV7`eq85{d2Op{RdIHERe4ixApf8tRMk%n
zlHp)kq$~FuiDD(a*euUzn(a~ozASnmikz<W2x`+D{3Jn~V^U?Q`Zh8wIwj^p-=Rs$
zppHM@Dl{uz;5~A{8Q+AVl=%_)N3?xq(&H!vVTt0y1mvX+eU1@5DIQ+C<RD>z*3=5^
zE8eMX!#N8{z3AazB+~WlaWn?XwPvF~#NFF|^-Gm|FPY^1PK_dd(<pvax^rQl6JZTO
zg?iTVRM{xW<GimCjQ-_C)%LOg*~(AgI?mDDbt5CZ^r_nFL?72Twk6%b-kwYZPw}0{
zL|-sI4-=1GY5)ttuXXVS<W&7OR|c*+$a<Q5;D6@ypP}e#?D5)<R|~J!R#i4L6cnK$
z`iQMf)@L3k=E|3L$E|{t7s*fUJt%s<znD0huzz>|g3(d%(hGi)*3D1JM*1C>$)sYf
zWfb5^mX*=6+?9bA@=P-HR^COWm2_Tms-d+3U9&sjcNc!|a*u{sseS*H4^g<>{gJys
z#8z?jYWyUABPz9EXty3GiqG-#@o-mT7O8Zz-seJ?ztx?IC#(1jvOslRTu?ZHkoYD0
zUlBDd0+I63E*bo?6vFhXS~Of`GUD?l#5TRZrem(yXXQho_AOE~{Z(&kxfma&R%BA8
z3<P?=2x0to<aVlv4vANAI@)SyOWx?|e4LooJS~52N%>@pi>kj?#=@vM5lF$7@wHce
zB!rTNGb)vfUFBQ&mvoim%YX;*eM`O@JSDrQ|G)7ZguW}A4~Rl3Sc!!{6ydyQrw;K}
zl<q_eYKLCq+lTz&5tV&|?<jEp@a(h3Q+aze&JopHSsr-MjOmFgfL|S7d=L<!jEpD}
zisPyHZAg*xie6;^`u6egy*Mu%_pbn6-B}><OZ8<-i_omd`wSXImFk#oZ?1&Lo6JCP
zGZ%M6!7~QgN^o@f6dM&Cchy%NzFoI5UAX%;AdAtUSf!?l6Co`WXH~SHj5Pcb-&V*e
z@SJqLJW+CPW`Rl=z)B_OESyp^s63zm+yW|0Iw!Gx5@;`WP3-<sG?H&W64re*`jtyX
z1CSyL7=|`?WiJa$x4;(>E{SA!F0Qoi+nI8x*F!)~<QetfL5jr_s6}edqUYT<++gRD
zdJlsC@^S3C0!60EzOM4i8u###Np^@HPv7C@{RwYL^NFCaHm%kwWHb6286A*c!L598
z=4+|X2wyggO(HrZYDSYvD!vrvAtSv=iZ=3LWQ&b_KqjCTYvI&RIfVa8fVH`6n2F|I
z@}YVf_z0cG)v^5A!r*PB&S{VLYljlkrHs$o>}v%Z09~?-qf&^MDNog@ZESRNt2LEJ
zM(uZbhxdt^iR+mOfCkYCdYI`7-`vrg*rz%~*ta+CiJS$j;GjB9r7t5#LyFXg6;m~}
zW8J=4q;atAv1HH5!s$hLia0x{U9u3>sZ$2Ec!_fGRM0_S-49KdTv}qNowdp;ZJ?a6
z(MZnC4{(yCkWWbC+PnBDbr-jHp3wjCQ&xbS;)2t{hYCcCGzd>*X;55z2*a|-it1px
zAggJ%>hNOK6uA~%n4LX9P)lXJ?#ZOgv5lVj8DXBVcfyDk);;yv*ga%PR7e-lFRnuM
zN-(LQVYM)u7_5?Ktq^D5%4X0{!{DuV5nyO!iKKv%FzhleE?uh@bu1Q5H+{7wBwRH0
zeo9w0uA9O=;8x+gjh+~@WoY?ve56S2mhO0#ewWhCt=emo7eoT3@iyIc-lx1Jt8YD`
z)%F|hp)S3f<TI$?Q1@K>rdHuFdh<<HK;J-$O5@nPd?+?gEOuV4ne(uE(%nR07=O6;
zJ;n#ri<j)29_<7?F!(%~J@e*;K3<@)DdVB1hh0a+lV_sFZv|xpD-+U0Wxm4l+bI9D
zMY5-P(Q?x;*&&1pIem|(<#|n#Tb%9~-`ROgmfpnOqczUZp1&o9l0M|45?d#ahk^D1
zcTA!(!88HIq1fwvAsO|9CGDrb<~?+kC3wcJg?A_Yw(R?Ok}U8PVrLD$aC_Hn)vs|K
zjJ)95>e*6m+}ct^oCDsUMRF1;xI1qTi~<r{W!WOup2a^t^W7-ta`Nbw5b|#gH}RsP
z0NpoDug4d%GdIRN1=Sd<&frKEc)ueyVPGVQ!Zp;fME-Hczkrmna{-foy|du=WahFu
z@=Sf|6<hd%s#$z)b1kk8z+nX3Zkjd2=h=*eTQgQ8?yM<$MCbSV=?^GRqe(K8PoA%U
zd<=@Yo211e%zlssVFH1Nd)^e)PE)r4b-e^jL$ggpy$UQtl)+CW;nu31ARYN7Oqta(
zA-|=C-rwJ!mX<be3xz@rjgPD9>qEYN`&R1wtARA~SbF^40=QVZv9XbtpO2mGb@eeP
zC&V}l?c8f&I^U0p%b~J+EO~ow3pLmn{j9V5m%9fCPv!X_y_kR=%*>pu5)a9*t|qsO
z`SZEMip=;+vP0%Vode~c@!VvL)B$4LgoHe{Y7ava<i&*j+f1e9<x2AG6x|qDen*B+
zK%n@-y@@tj;i5QHi;QqgVi_nW$DU7H81(!eXdzCBqfWChWAQ@si>sGB>t;dEe$TXq
z1bY3%?U<aJQm8cW0f8xLZ<I*%-ONr2(=Bg^EB*rq$xB}kd;eRg<Q?7^n0rKZwm&qE
zG89_0&Rp_)V|6h9{NQ_@Gk0|ItYKnwOjW^aH_VEbF8i}4C-3J#@RUBTf3o-yEgAFG
z%i6Oxv(IjUJs^9LRYprH>fc!6gg=mvKuowUqYuulas11BxO$M|@lfkAg7rL<7@U?P
zjZ!qpQ^MZGN}5`;fN1;i#V?}t@I_ie%fK^IJ*rB;qWG5p<F_8WVx^o6tTpnvV`|Y6
z^_gF;2*sJWrjDl-SX0j~F4o^_$#%ccl8IVeG!7Mcn$_#O;!lWyUX^roz%CTzjN)P4
z;z^Mh4U8ZRcaw{o`}lftyrJQ7DB0prC>j~l?dMotR;CzcV`SLq`hY0}ZAn2F%JwlM
z1JUfYl}5|X&i=cyaYfPEx=@hd>?X^tBfs9}_3MelyQd$-%>rQXS0R@+_g8hAzZ!H5
z4PoO36^06XA%E-Vwe|H0hVK)92j_}9Pz+~*U@Zng(0Z3Fc2A77jA3Vp3`UHjRAb4Y
z7mS+*feM}7k*j9*x5M_XFIkXS^aQl7-xGiD*zjDDK5ojnYl5L9d&h}mu!Upp8=XW;
zZ)xJ*#Y>jcSeF;G9Bi8)q|TX282y1-n0hb^NHp$r;Wm0-LN5_wg=BWRN?)anI35J>
zKgaE|U|fmK%o<1&)zeLTLLH}_jouTVS@xx__#he9y!|~p{v`D3rMYg27AmSUAxSVN
zN}2UCH+3knU}0f8`fjhfGa4<g$U=kR(Os@4d@kt&;WVQKpS;QT!U%y`EY>-o&wsgb
zJFX?~?C+m#k+PE36;Dm+QY2ig1d?O8o}dX%ePw2QTq(Rbd-V(<Y<zrt^vQQY2U)Xu
z2az_6z>I~oiqOV@mtU$ttziCrbU6E1rda$&s#j7~Rn>HXig_@KdU$i<T4@NNB8JI)
zD}jXuJz$D&4wlrs@KWP5Gc$jO<X<Z(KY}s!%Lt2~KmdT-vqD=L85zT7Pmbj$R=u0m
zZ|7!bX5joL4Jmwt*2*%mh>Y~P!m`~^4qhq;N*#t48eCD0Ud#_-sfKBKmEauHja2?#
ze6!jI@vZyn%>v=kqYVn`#z_Yv289_+T>Y0BRa`g~Okdbhh9Bo%QChoQei3X+P^V05
z+>>yk+gdO~6G!A+>RZ#YsK|zrp&STr!6p~+9hj)f{yFF#M!g9!JEXaJ3~TnQ{T%k1
z^<d#TawPCfq%ibJbmXu3r~$&kf|J!yqRQ%3ppP|Cz<Owx{DHb(0M+sfIgZ#Pn}`$c
z2+zq<_+coTl!U4{e2-_Q@^eWGT1)#lcmETvJBJ2M^yw`o?H0A#V0KrBq31TZ95z0k
zTlsPD8ocVfzaiOjD5u3?_S63F-xt)&IXgSe!LFOZSJ~62^_lC^KSC-8FmMNkm<ufd
z8Da34myV7+ic4MirD})}I1?7OGs_sgX?Kpe2P+FU3(EpXtC)NdWOWvfUduL41<Hrj
zW#R)Nh*R}W1gwB2VR-!*5bjVwOF%YPVN{4wYZ(C;ol34_!9dx;S7+dA;T#NOf%29m
z0OvK9)>1XoP(^ALf$7oRT&77Eb|)6-W2Z@FQ&YwerI$Rr8U{LA_Z9g<FKQ3+il&{%
zq`F9lDEy}|UN%+{?9%H-3SSdJgQ^{tnmjxiW4MUHJn(jGtRSq_BJ!Z*Z5kmgXGaVK
z5eB-$O_{?129eWpP^fM=AN}rLV!Ob}#vSP*Nrn7VDMItlzb5&YvA8|)#}I3Jy@0fc
z>(?~IlFp|N=<d9Q@U;1%w(X|&T`@=X@OabE&jkCYPOrVS<Hw_BY`&OFnYpu2;)?st
zCc3LjL$se+MwKW$@Zide+UjAgbevcT8!LV<mia*p<%dZ0a>S1A)MNeIwo^=j`$%hw
z&ot=IE&!LZzEhyVAU%uW(5;?tx{yKcwj`_POyY7}AN!fVX7SgD7y1(tpX-=hHiL?J
ze(V_Il273ZQQTis+a%kU)g9c=)iZaf&Nxqyh4~rZDqu|i&9?IR9VHyhN+N8lp8+;P
z_*~?^#YjB~6i{H0X~i4ph<$neRf3T6Mx{xkCO`};Y}O=6%KxND()XYOlUXK)&KGMi
z^c8~j>sdhr0w9kWMfX?n5PoH2NU*RhoX%RYOUDb_k7beM%)RP5^aa4|#c8+j05K34
z1;9Xc9Ho*)uVpM`JH&8P|Dk>g3gI6K@sf|?|K&}KofJ5t^9Th>y7NgpEmqLWd#E(W
z81aWK*c<dI{aQ_&UYdVN9gMn2K}JA<r^!tGtU&o6N66k|=-q%hErSkz(%_dPgCOdr
zZoBQQ5Of*g^ciUiP6?Z85|x8bRSm8yTKXdZ7>dg#&(}#wBwVi^G=|8LZgfx8(=OGN
z3M#ODx6C>IC7pNi_R}Xm@`vfME@$7`z_ova$IWC@$uvhq#qu?teBgQln(Ql7(2#}b
zHAU3fJM{O1P@jw3UUcp}6@2E;`9W>H%4s&M58juQQDlz`nF%_XSY`0n>bG0z>A!GG
zaKjUjEYZ4ZxQ>jk(Cfe5rEEEFColKA2v9+9fe*O?pP5HdR&!O-xMRaav1pv7uIrx+
zPoI$Un2H!lylvTCOkN>(pXpNhzFO{qfdDhbvdE(3Rr{c1;A4cpZY)Tx?uDs~JYN2w
zBVSMHL7AB1q_QGHw<aRqPpJr6rv3|~hh*e$tJ0*?Bs6c`pU&!r$AdH0g}sjFi6|0s
z)sF?cJgvcaSISgk@rj2QeV29Eifse8nC?Fnb!~T#KJCELV##+U2A?{!L;?)WnpjxF
z7YHC>cm>$mgfMy!O(`7`%4RGp;ky9?Y>gyB0odn9?&0J(lpY=)qawF!y+yD|@-8Jj
zyoJ7WafrE<`VIT84p2ax`3TFn<e?>_JPsIqkZ26OSw?d^_$PeAIPs4iXmt<Sj@!0g
ze1^^=cZ;0&VoUgu99v3~S^8D3Zs-l}1bbu@=<lPa?Ka=}UyWH`z?dd@Nzk+b6I!p8
z;>Tme?$w8)lFJAwwg`D=GisYj#%~=Pf0Rqum3Kva;>xA?=3dKkPs@S~@u^UYZJBt*
z?0dCm%A#^%O^q+{%zyKttFhj@wfi%=&lgUb!i~g_`Spq_^d!Ei?w)L|RxG&9YsOm{
za1Y81UXBFnwUO5#jp$l^P_2iBZz8R|Kh>2$I$x~+n<yuJ+O!^cm(?uo<Z_W3C9%8F
zqzx*=o1E<&gFF^vg2%T`=Db(oFg$kkTtFpMDH@A9j4(LkF<d&8v@4&<6oir&(lvE0
zAVP@ge*k~V@L#S2`(WFS8a8n{@GnvRh9d%RQS)lmYdN4i`Tk07vojB7DX@{!1lt67
zfpc?s6f8#A_Qf^_!^<0Id;*{;lJOYBd{s@Nh0Ro`G2@b<scSs!b<p%oBo=mK5B^;^
zIaV&3YsW9)t>8`Sn+`18ptxFW-hm^JgLGI9o!mTD6|BBzOM<4*O}Cg<P6sTHEB7Rq
zZP9N$$G6EM@V2SVvms+kLjM_m*+lahPt(xR(~|B9Z5ru?jVQ@@ARTo;@Qc`~XFQ@P
zWo=%;sHpdPU(`?wo7P@*jzSAEX>~kRz9ziHDx#8-+pkv3(QU*sDz->gZKE>R9R^fK
z#(_M3UjFz1+0=)%jBDR6ZF!@}Mcs)XnmR2vJ6vX$H&X9gUw>syeHN8g&AT%z_x*D1
zxjb(FV$krV<2x%^>d)`y?)8mAJ^)!QZ8Ww8w}5V**pVd!VaE^~GPf_SBA9ItBNhc>
zE9;7@REt+kU|Rw0BV^#R1!ORmP9`0glmqX^99sv%6{M3#&Pq_Hv;Ca;OzTd<WpZ+|
zf|jiXp<Ls_T|m-J@VkbU#2rgCE;bfvyiviX3-%7f#b4|KZl$(F4OP@nse}1>XH9Wa
zzc&}H3CZf`NWIw~qJ8~$r7?y>@~pA*mh_12Ssx>>fB;!nua;q@UD8LlKicUS<du-7
zr~>*mky*#7yG=M*SqcldsMc&nhHas{FLXB`7e@LA655pvx<XS-Qr+N8U`fLQ*D_5B
znb+M42%Q08<oyE!Q#2j64U=Lu7F97?YhGyTRQjuan#=tZ)_$4w(<PA*)gm|y|B#wR
zIgaY0%j4`~sYgZe)n{YZ^Ib>RX3$0O#ibahB+DBQ$&bbYtVBOoM#{D<nn67cH`f%;
zX6>}(y)<K#i>xXFZzwK&zOmV=>o;e*oj6?f*Jv*B%@aJVSlDlkSJcxx{BZg1V-)Z-
zA)YjfMpVf9OSH}3smm}`ax3sWF7SiqY@*xz{>erV_cOKo+t{91O&?{ethEpnzC><t
z`mb{cjpz#Bn|CL5x4Ae5nzecy_sxZI*SGU{-XJ8F&{_x@OzmdQ|DOqcV=%D$_x@)q
zA+5<AA90uU(|_{0zsN9|In14xHjsWi<Z#jPK*Id0vPk!%9je{8dZS3o;1*TRv+U$T
z9YO2l;>nrv_=9;7*-y_lLu>FziU5=!kd@&xNCY~13ji1N1n?^3c_?!l#SkSSKvtYc
z18L&L_+(Wq=u1S32%Z*<L{QagY18|t0k2l?d50K*_;_Kyo7W@PKz_|xDS;(6sLBEO
zWK;_2Uwe4){2<?JX#8FS$M+t5y79A#x$0ucPalDs+g1*DhnZh~vR4y`oM6Z4Jym1z
zEB^6*8?^)i4<vR?K#;!e5`od9^Gp5@23WEIpmo2hv)<FSfPBNgBw3kXZTvZ%8;`+^
zSCC9QrfVK;G^x~w-EztkEqM^tz0o(r7fv+9!|B<T#*}V&Zc&cfZdX650*<wOXXfwP
zV`!9YxG!mX;V!pB%O&YIuVWfesd9f`aohdce&U^68@OBTb0kw`^kV+q!&+97JFm~*
zW|8ATupbYCVJ??H=l4qHr7Ir?@155Fk*Tf_I}A{9x&Eu=c(E_%_&r(HoI&n%Kym}w
zSQTo%x$ocG*s*&wxYTgY_@=9jcRAg7FC@uYBC<{*U)FOOlY1apRfT=sAVRhB^oS0e
zKHKR!mi#(EsdOH2^XT*BvB&DzWx};wt<2OpRi&VSAMGmhU(J1EmkP_JvFys~NqbRx
zJ0=8v4?-Sl>o@85=tjd;)Yvq8*f2A<T+A&<;fLuSBSmd&<oiZ%^SvOSg%?cPF)}*`
z^_ySJ`3+xXlpAN4NBy9DJ}~&oe6amG%4exHN9Nesv<3cB<AI>2ZB=m9BD$Y^_GE3B
z)yVXSFVrf_NXpPDY?DKu?xm)o$~&Fc*z}b87%8f3DBb28h}I~5uhkIBkwl+bzvDRm
ztD$LM2Em{1MNfT$suZrl2&z6~8^Qfg&4UjFZ+avvr9O<*`oz}1i<$~qoS%`I&t2y;
z;`<C;@AdQ0=T$4La6ISOYU)ObL`!&7=7N?U?oB@F`#Ko0`Kl<CTD9rd?OXaew<m7;
zP3%02H1};w)?0>K>?19QR~svGr+rq1llI=+uR_zKmWCB{`bVyX=o29{cHlP}_l0B~
ztBG-g;Y~+iPE_@Gt&o+C9-n;^b3>ERbJXJH{Oa6T=S|sM+u{5A^V{mO%R~l8kF6x*
z>)OVd&?^5sRzCI^=JV}eb4y^tYRT%TtDjb?sp{|?6(y_utCO{Oqk>c$D7LI37&HiF
zr0mT03{|9J{{-!|Qfu~ZMxe&|`JClD!<8S|V5gdHh(xF?m5Wd3Qx80pFG+P@@4s?u
zV{yr5rtq=8F8rQGnZFURg18~;U>iT@)ZW!HZLGg4)JSnq1)(*?n+Zyv%xN34KQ(1I
zZovE43?@{LS|4g{GEkNlG8bMRptcR)aC$qH-It7FkDWFADR|r*j!IIA?_kx7Rtv_n
zlP2rS$1^zyW*y3*&^oBLivb}QA4&%|GVL`otwjJ=L^!0oZ|D=B7J5MZelz^Dp0FMo
zJ^W-Z@0a=H^CSId;}o>>4<Bt<W)~J$1>a@nZ0PvutaMhp=fwW@)8uzu)&1VuFq@g&
z=D;c-VEDp7+T?-fYSzq{+<nN)yIQ1h%KpHk2fS_K>KpoLNLsieAe80j50BS$DQ2-=
zA*ww_RbaynvrfLd4nk$1aN#1plhj%q6<Y<}^9uX4(=&2_5O4FH9}a>gC$dkG;kj<^
zo3Sl?!%~H@_>=~CatCXG;=ltbD8fPP@gprpmOruJM&BgWBG}XV9N}!Gfl5*bU;aHg
zFy#U-_4AZ#)3^0TZ)Kpm0LDQ1E(GP{P?xpfXOEmLDi;?|5kP%@oCvI$oF*2keg73_
zX8{VpU-Kj|_qq@1pvV1>{v6SNR+_Z;s9lW(f_myU1I<fu-2x?W3X7}d{J!*~+Jv-r
zeh!ZhtI{q0{G}mH?-ru};G%(MX1`MK#XSe#f$#L<d26nvYx#-IOT}a>ovm;{xXL5&
z4HQ1eGPJ$~)c0opByRE1cJiq=*sHTOdN%W+^4GN{%_mOn{xxHi5(5fpQBy3#d}l)f
z<ucHSragnuq|yM(sw4*|Q;0V^9a43S=mFj@!_w;q&x0tG>*?eJ+3)bm(?E~LD3$Q2
z!f~!16IkMx$}8b1+k+^H+*tG2BaD*+<w<rz`2-MM`828~5q)>NszdK2evub3ry3|u
zGEvA?5vApguvvzr9C5C3t^h6+XHx-^OcYMj)e-~cR)Ur!TSQuFac#5%7&rCLK5JH;
zR5UdSMYkJ!J`2{a<|6ZQz8e0}6(2&yUb~cZVW0Qk=0gSLB;KG-=fGM`)_-r--5mWL
zP%Uh!%UIY?)3A>j<A9d@Fq!HBT3GElUico^sPj73;*|b~Hq4y`vY)br00sjKCu!WU
zs<9p=At-qeRW;lYFO1YUMMPF63cy!TNzST}TV_$Sugb+T3=_)7S)|lQH1C0Tp((cT
zpai`)wXcL^t+Y}$Zx+1r(*VM0#E<asDcr`1c=GjnC5XZ$p&t2iNZ4F*o9axn>K_$T
z3Af~zDmol+1TAYb6&T;z!&2iQ+-F;4ek;oQoB)yG7pAG+_h%&_M3eSEYXsw;_aA0R
z?M^JBn=fXN$xS{F{JzJ}?<bC_S<H+cuk~E)FnlT}YnkQXELan$-`UG8Yqm}*nN4V`
z|IjZ3|EMCv%2MARHHc;s#8Q-i3l(kvOR$q(Uu&|1X!wp{d|%^P*eVp?;H(hLxgWiK
z*tZ0F!_J8GQQuD9W5pTe=D0}%rcfkTTnr@IVOyRr8!D@^(BSQ;Y{#&?+K5rk#+!3!
zhsQN9kZ*iEf<A_e5rLmQ3bM$-Bgx;O{|gXi!uFb2xdRcMYcPkOAMZ9L{r>vKidFE+
zlRT>aC-4<*a8_<M{k7db=Cp-J^P_{=i8SI{9ZpUH$J-?zU00MmER&&Dv0KCKV#R@n
z60C~|p25*^(>j;`tdCmai8U)RKjA;mxqnv5UE5ar?|JPa>}2wi0uGe)Wyk%sEB)u6
zJN**ud~vGEr1w2gEzz?NB7suK0H1A`9Wk<;!16PZu%>ZwJs6te1m?ZX)=b()G9<)W
zb|4Ov<h>S$N=IO2$G=}fRcwWAoV)@NNgUGOvaRBQ3N-YN2tX?Euwy?9!}+&0>Uemt
zx~U)-3WPw5&kUme6v=qH$(#d_njr)p%0<vaYmhPCTbYe^g@eEE#TKn^!8)Fd2sq0%
zPjY|#mFiMAs*N6wpAXYMUJ|b+U;XCl<rBKD#$qwB=hf-2Q}_HHPGgCC{{A<cQ1m?A
zc>6Kq@dVn8Svgt)_<o&xvf<ypo;ctrA0Pj8{fzyKGWOKy3!yPKiAi70o8<OuaV#zz
z9Ik~>yI<7jS6)dX55#35r`ERLoSJS`Qb;}|U`jnaunC9W!lnC%%tHUwZ#X|b7ZLwI
zi#0Gjj){l=OGRP-KaV`X;P;<e<v+0j3d9+G|8va)|5~nv&f~?KC{4E3*n4lVd@{h$
zo{z3A+P1Kg%XY<#n_hIUy{qy)kq&)}p;KVxK?l$aqXPQnv$(_%hI=3lhI9Vua%cLB
ze$#}9BKL;=2b<~_m^u>-frD3CSHB5ly;L1mt1$nW7~<8^6D7+x5%bcx$!t*g*4ylT
zeC<C{85ZdX@x|<p_t@xp$o08PWYu$NQ@^T=BTU&7cV=Zqe$1t$KF@3CL}8{$ErYLo
z3>yF5nXs^JWDr?w_30FV*BDmnd^15R4klnu4H?56*6|(X`RzihpLV>|Q}`WL9fnS#
z-P}~Rp7HVTQ7!RHen@>!REL&+O~!!|?TX-M>vqWDadUhD*Oe~Azpe>d#;-MXMt~;t
zpR|BMqXpCgLFk_8=r2i_<3l9jH5$z1+@@{nr2m>)*bcUHjBN1-ec?I`I}rvRA~KIK
zMEv1TO3OShd~WK&hdkd;931~O4FmOrR2!phwO?gV2oFl-x7iEl>z1lJj+vnenTPE6
z>Fb9nV?(4XYCMb&1@@LTWLCw#5e9_ZRJXV4x9||;2?Yoo9OyzxU$KgD-1NL%eaIRw
z(VhEy6r-5K*6eb=KZL%_QWb50s$uH?eeMF5_YGniW5yd49r*C#k(c7-w}wtg-I8XG
zXAYJoGnykA$vdTDrVlwR{HS^r5`{0Fp1>qxghTE&Y8qoijwH>~*wxZpY6dQnqV{ZK
z$jRKu59ij9r52WrZ+%Y~D<_P(c;7+d-Jv$<D7lJzWE_FDy8E~Ve>8k8y#4qh-D$yZ
zU7wq|jubN*wTfdgs+C$0*W6cRsR)D^fo!m_oS(ib>UXf|ub~uxa9iiJgM>tBU6UWd
z;*oL2l!?R4tr{bJ#-w=3E-*|7R*8os4Pu=I-BDVuQC~?%=zuD4#kC6ysMe@^_n6?H
zbFN0!%W(oCx^rD3dQQs6DTYDv|Hl8fW^6EX)wTFGBs91ky`x&<KA;E{j*LoE%%O#J
zuO){GH^P3TAoDIVp9y4;Py-@V|NAXMr%*iNj~3Cy{>X~~E5jr5dr~?AT7;VX_P^nL
mb?LMVqvP6uuPWjLg9w$hsx6~p`U3w=vYLvfa+RV*#Qy{50Cw&G

literal 0
HcmV?d00001

diff --git a/docs/installation/images/ocean_droplet_ubuntu.png b/docs/installation/images/ocean_droplet_ubuntu.png
new file mode 100644
index 0000000000000000000000000000000000000000..668de5b5558459d48025aa61960534ff7f517dc3
GIT binary patch
literal 26811
zcma&N1yEf<w=M`F0fM``p9FVzcTRvnaCdiia&ULIAi>?;H9&yi?k>S)cK&<cn|W1t
zrlyOc`kd3dW$o3g*Xr+EVake9$Or@oP*70FGScE;C@2^ZP=A1j1^!dEd;WofG7ppy
z7g2SGKFJD-X0U*QeOhWf^;&4Ov8!(EAe_1$|Ez6Q&Q`ZqaO0bFBb0p~tR|D?>gL!x
zx?W;hP<iYz5FH);@Mm$cMZb2Dv$*U(WtK3ol1|Yw+OqWvj%;EgJdfY&b8kREfW-Y6
zQy2Z~aaC6`R-MhE_J6fjJcIMhum6yxLh<AMn06d%RliIahT_WHTtoSsWkvVrua)IT
zhliR`EwTS;f0UW*noBAB<rl8AWLPrB=L9hm+1$i9Oq5S5@w*%a1qH{ftK97D^`K*}
zn5Zb5p3ctBivOM#!$hp~qNvm_OogxIplMOJ#JHr9JXYTbT*4CkQJUGLzP>&y9u>uL
znI^N=&&Rj7cX#Jgk1#<&L2zpSDf{uZxuge>@pBS<{6!JHU-&n$tJ60_hMt8hk7}1+
zY%d?ryWWz)99Sp=m~KDpZ+DHqV}2TP%CmB;J+3`RPU~VhwoR}6&tyJz2y^{Hb$%}(
z@)eB%-(pe1?icY5Tprl=CH(r6Wzou(#7MOfn`dotQ`4P&W7gKY%SLy%<nyUUxNWgC
zKjYT_TG7qBRbe42*|U-7Q-$VC3iShITf_pPgILF7TpzH*IWD4uhql->Ggd+`&(+g;
zmrz2Gp3-W&*Jf{s5~FVWy~#7@wUF_n(X$24e=X3@x^+{FmjeCjaIwy8UC3!~JR{97
zX^l+v0M+)z($g5-2h379(~e<nBB{t}pMyt9hcx!vMp*n`30}+PbMFsE$&)(3cr4t4
z#?F?o&_!=7^5A}@YI2+V->u9WzR@0{@&=RS$sHt=tsJ>LT<yBF4}9h$-hxgE9`$h{
zL__~q^0*FA9)p1HMj7<5h1v_a`#vAzTgprmjkRjA`PAFOQ2eLdNX`-u9iVvzGo}%N
z=&h|uQibr($0wEk?*Vi9wq$szY%?)H{Dr-vXJ=;}?R}|VgH0Y<T9G0DDZdDv;a)_(
z|Dse#p)X^tOZ_0IHYN5sO?T|YVDTa3|7g_%w{wWzO2t@tzxg?4u{tek0(bX(3YzKv
zIots%Fx(G0Q*nfxl9+{JOOjz|rl*CMsZIepzW8nxJf*qhTbcRBiJ2|zd7|aPrA8Y<
zHcaQorABl&&v>>6)G?=t^RF(9+l)TYG%&zE)$cG^HFz-~7A+iS0Y2)kEmYN5`mi5h
z;h4+{O0A=$l&&k8(|fOfrHE6e$H_QbJgr_9D+F3b5`kOF)tmeZFju}~LsoSD2+RtY
z4)u5lH*vN9&=vYIJ#5T+bbMSVtjtf6bNlbHZ4Z*TcTiCNait?S2mSd22;!uw-9Et+
zsRG7B;$8h^>;yRPOI2mrWLVQw{rrUDSmRnl1$Y=(UNqTC^ghAWR~cy71mRD700u8Q
zMEQ_^hxvicA<pY&K)FV;psh`7(OR7?Y~RDR4U!n9ypS>TcuwH5|Ffv|#6il;8u@TX
zK}4tib3UIgXfEB3aHo-m{RtWhieeW!P(M_1G({XC&hX0PaCt^>^-;8jUS4q#>-Rt#
zvCdy(RnDiySJ%Ph*h-(Jxu-nF-78=fWMI5F(L(uXrWIYC$JBzl#t@gjI*D)B3PHYf
z$FpyL#U9&Sm2<cSzTKK+Rr-u3W$pFqpm%gs$qoKF6pXq(V7vSEsV)A$J7T2~mzD7n
z{VH&HbYerkxZJLL-=<Ubyqp(9vFez<E&J4BRBR)6@ETL*V!Bz6^9hG_?-li@%hjF_
zuZx^=F|O%8DF+}GiV$>=c=-N){qq>_;!n!kmV}I)&odpQ>W67U%Qs&h{4?j90~J_Y
zhH6LmuUU!vvKwE1mrDs&&W*jf4AVcBtM8v89S8QB{Ml`9DgFX<D2_l0h9s(39VjgC
zE6_7KpG8;uFzfamzVK%2Z&znO{8Wf}Tgw+f7W2F)uzaGA=;+O_L-d;10$!27v;iPd
z)^DVtZ7#2q7tptp@3^CPtosa1_jXd#(pc1Fq8G>iyRa6d(kIh5nq200pT7yXWPj59
z?s9o_BJ`xLaC#=}H07=2w_4Xa1yz&-9bTOOO-~Z@&g8JMht~PUf199*OYU>uq-Fmk
z8$r!+q~zitZ*uz#!tRp#0D{+MLkk%cgxh|Ut|T`Q;nRQq!Gn4j;6WnNmjq<NX318~
z&;x-+9t1Vpks`7s*+jUNJ5D4%nhG3DqaA%pAC>X#y1^D??;^Q#R5W)zEo2jQGqA^Q
zsw0FGtITM`&3`pIdpxU^eNK8}DtRMm`etiiy7=hWY2_vxGU}a@lb9^=$bKDshqzwo
zy5=LoD7Uac&U-PM^x5V4-r<Gmus;klUC8g1+OKTquP2AuBvH|iA4k`!Iyx0wTU-9C
z&yG$`4c3dSNy*7&Kkg@9+uQkdN(~7P^2ENgyBw)fQ&a1JP21eg=j$zI*-b{V9K2s1
z|Bg;gx!Km{3x4|i8CzOqNUO<qE|tZI-JtjV=~9E-^X5WQ?$wp!e$3E6f&3%}_bwk0
z8Za#0zjEN;*^HoCY+PRz2VL}Py>$g9UR>BS=(eYtNuYr{6|<PCl&hjjTm8gKYzZAj
zSLcgL`i_iOEoSS}85ES$?#6;(W;-<Wg?Omsq`t_hX~n^Ulp>LFbK}2k;ifxLeQh6X
zo?S9lQ&n5g>0F&_b#lym?I=_|ZA$zZ7BDLCC0xx<A<a>i$&Q!T#_3QD@h*a_XfD)|
zA?E7v7>&5bY%2R(jbX^^*I@Dv(+L8f`_1p^0$z<qct%uZG6^)i9#@5eO5MF1JwZvC
zndQQCEG#NIt<I%BlrSaiR`c{(JWi5d%d{C&9&Zi{2BQdJs2s)dl`^^G8YR;bP+d-!
z)Bw?Kle#w;^uYomk0)$?M=fjtoE}FjEp>Yn8E~;>Uy2p|No_>+n*8epyl($#RBJ2w
zhrXAmxU3ufEpvf*cEzr!voI0AwC>^$7nem)yTvLxE=s-9GkI+ok_TU>SD}-~V1>IH
zy;sq=q}RjE-*_x+2V5n@Mq8Zr@tSwMU5@7!rUdRXQAqfQg$aN4UVnxMxs+14Q6Eb}
zVFV?9@m%63aEjTnkc-4WpDmd4b4vG4N}1Akdnkj#UL&IMoBKfiT9f@1n>PEexsvGR
zP!)Y+)B<TSjyntjh)aR)cd~dF5jD2zVNKeAWy1({Jzt9`;nvHN6-jc|Eip9nY_!+h
z6hD&|=5twdYE0~Jgo^N6iyWWZ#od`_<*N21qJ&m!x6-vGR-SOauSIciD+B~v>gI|?
zzhv8PH}MBN{Y=st_2j>pyB0|<dIa6IV8;>O$L+3lcx@}7^E&Q8%3rR+E+uKz6cwZA
zE3}46*kFs4H8s;*&sIu95OFPMe<-9xK1xYRv0>zOc-@UYhKP!a5>YBIE-q%GVi`m(
zuy^BI&?;{24Pw|!Tg;UurE^&QV9;tD4#4u&BE_LVc27;F*QB_TU1M=(DOs+!pp4Xx
zKL1lAruaI7`QUoxb@GR0lUmqakJE0A{t5*ia7so%RRvNp;ZqO@JT(;+gpis`vA+ec
z3fNZ^jDj+V>ujv7^*&FoDnj0FiP_nVM~SttKW<N#X|Hh27dw<YJpaxFen5PWq`Zz&
z7)i*bSU7^dyHcscry}@U<aoXUkh)-w(r-eOU3euFn<*JooApw@C2|*0fy?gjs3>fc
zPUl1LKz~2HL*!$0ObqTzP-A>@va3v{d-5M8;$L=|joo(bt~aQaMWoS0Jm7lJj6KIc
z6Baw8K1HhlmiDLxdz&Tg2>hf|YSfiUgEg*pK*^bW;JB+h|8kd5Nw^L7Q|Zj~g}IFF
zN$~m`r~b}m;pJ!<9oC`r&EDsgtWuQ+ufGMuQ!Q%`I+$gGyW0APFE<0<)UXg@YtFw^
z+7v8&**`d~Zz1Y3BsZBWQ}euCG*j#H_3^oxmNJZu5*hb<Io5mL(<BN`Z2f)G$HOUb
zTu4GdTsGatmh|-qSGo5$JroV+6oc<VQhNG+=vO=;RvP)37(^~*9$aPVmPIlXg>oeh
zj^o0wN|PX!faAabh@6`|<BZhL(R#tjs`e|y$AvAhfIzXv#Kf_~TfHGPLCLvoiY>8T
zAx>jgo`-^MmPX-P+lt|#!U938BYz#Zik=RAqvv+C7b67Uf1H1lMM*JEH(M`%H_kT%
zKbK#y?vMT;<<>#<K+(Iq5Z)lHNGc>_Nf$UIJhINIOr9^1-bUiAOa9Ei&Bjy7k<QLm
z+pMPZC3^jZd>-qUn(UbPk)8G@u?^TfqnVSxBjHmZac&WE+vnmH<<3SEaL7isvtgUf
z6w1{4Vk=7n8_{TpH9tB}eu<fmDIl@IYQgg6V49+;FzgwM5^n<vWdR1&=jj%ESF|}%
z?RsxwKq2aaP7FyIX%jH+2vg7`A4XmN9?j*COCws4@ke?Kf8UmnkmxlZ-0r4@bs35#
z{@{;=g#~YiXb?{_!)*SG3|&`NHk{6B>s?_9;t}K+2DJ5~JylY|x76!O0~0L$Ih1#~
z(Po)WY6<BA$6gwm&b+Rl&Ev`#8nrvH;BdAWktqfSUj8GDwEOV1dH~ZB)UJ#`tnHP&
zjzeanxX%}+Zn#U8*KUGK6_P|~AC%ZU#mBpIrbhx)nch5-0L9*pB`j5C5owE`e*L#!
z%esVrM)bNUoIt(s{D^_wvt5V`4C<}B-2c=0s3Xs$LntKfuI+2yZLig9zna568SRD+
z`^v>oE;M*MEf8ijfyufwd02S9^eUMqmt<hDo%Imy!PIH99ECIa0!!Hy)$&^lMw~x|
zU!u}7Cq&?zUxT}zTvmm%Uce7*qFSqE2jt5GyX3tb2^ZQIS6!i1v&&ZjTYnf@S6!x=
z@(e}Pxz#Wu>Ee)ed4<XH-`TaZ!U)3oU4I%-HNI7b5e~aNCWW*VUKFb1gkqdwBZ5|{
z^gMR4v-SAfJOo)Z3K#VJh%<KCicPM|D;aJt%aKJ#zhWWIt*2u5EjO{-Tft@{e-PD_
z5Ij|&10STZ^6+MY^G%8;Kdq6K{2*WyoLKI6?g|*~gZ*UHdrSi6q`r4K|4l)SrHXId
zd{aeTq^>Udjc9Y$2NnZ=KuuKcl<P}BtDGP#0aV`*`D`;Ki2!fi`>6=eQ)e;>C{!!`
zL|xSi_GMmcm(mR4J5}xOi2TL90Fk!%msYD<k7Pq{SspzJ0;p`>phSbdPy@(EmTxP0
zVsMd$<VXxd2mR8p%m=ZN?=fMWo>)X#&Qi6`@gDJv@O1DX-SEVz$V^C*gs=>f9J*Lr
zj*=NL$e@0Obm+RxzVF*C;0PRsgA1s49{Z95$RC2RwiA?)w2)-s3jIHiMpm;M_QU_+
zQ=!THNh07`o%0trSW1^T24=IS^F0hU<pPLpH1QbEqF5V$8aIC&zApf)GeNzdb`u@<
zOFH+SyBic;FCu$ktgZj34Ab9;X_Ru6w|Y|jNS~dELmhwUAx_&BJacK0-=AZVexVCh
zi|BZh7si?n!2lb>f6{Gqb%f0Z_g5}T3GEW*%lpd=SEr3`=pQF4wC?6RkOtoFZ^|Mc
zT#`g(-R1sHEazjb^Sq#&!`t~x_jS)pzA^U+O>V)1<oewglqmTuuUcMswX^e$D%lwt
ze1y1SA2Of^2!e=i%^ndsF0COVVtyelQ^Rg~U_RNco1p{2qvVcgC+A##89upfmpW*~
zOP<&(>nmgIuPxB%WWBcyy+8Bl{o*P)V)5Kut1x^Xmeer{XfcP5C4vZM6bUfLudi$$
zy@T>xaoz;mnU`!FcGMCrbsU;I?fidlj60svMa{ZV@*agGjx5<dESW9KeC5ri?67jc
zR!v@1uk7(y1_gaa0lO>4kP7J{6R>Zzlo4#TL`j9<e{3+LV3zY25j{KSFn}h6^8W~E
z?OaVg7-z7~oLB=s6}o-Hy|ePzPu^}KEU92m4)bryniPA-{O2%2`tW_V0e=J%><Sb_
z{=)L8HY~6w9y7nobi$0!cRA$wq><^^7uz|#FN}J-AIOFGYBUFUW7YElymUP6B+`h8
z$I5>T!17)03x;Mr;*#$kwovcMfYefK7@;Jh7Lu%f>7qvL1z_>>h|=fgIIdV_Cxe5s
z3|*R>liZId6GY*hI{7HCq8-MhS%#R$nM;_@4%_h#BUz2?jqdr#f>L`W?g3+p0Lvdr
zMkx7tP{2a}8}h<C_TUJ!0!Dt&P6#1_6(+N62B%H<LLeb7EC*scKJrk4_#-wx{zrIy
z>vs;K-S2e~BX#&e&p+fLL095CDTL{iy=2}<USuKl+=k)AB(R)F`o+(n^`%%*Vjh2C
zVyJJ?cm3!lBQ?Te2(SXSj#qs*47pg8S*;T88YM=#VHrHLOGI=%T57nlTaeq~8*UOs
zd1xaB<XF)~o_s|jX=uxmuTt`6g_Y1E`au>^(Is9>oHife%XrlMIiXgJO-*N*O03A?
zwkma{KYl79D};i*Mu<7A{#-G?6w?TW7@N=j=Fu?mtzuo=_1E#C6ZX+$^-B=4Vyneh
z&3sQ|yI)M>UoL-m2<XbE7kVBdCfS9)+Kne%ep{l?y4}O?znKjRGdl6A^kAgfh?;i3
zj;8<2FTvkH{^2}|jd*OsICf>uSHP4cCJYwzoxY+;!#z{XUBI#F02N0!q8xjaGxgz%
zyq*G2o8ECa#fg`aKsvX23pRCfr$?EaDZYPDisW~sL;|yl_qsQ>gQ8h<O0#;WOQriL
z=88S&8^_@{h0GhyL&R<ymz5p2!2!|&4?78-J8@E(UeCpW2%JHSuSi$C{usfDRb?+S
z5}v=?v8yH`RUSR6qKi{Lq0wACmRx%}I2Q7jE4J>a4V+KK7_Ejm$~}*QE?Fw%`&^AT
z6jTbRi#6-3V*9uJMMoK6L5O`FpKi6gxAQcM+gmNX^CXEbAR@mfmq&@4g}>qMHx1lM
zgilr_F7uPJDS4(|6=l|1@`F5mZEJcIIQ;VrVA;DRDv6IZ`x36A1IGQv`4Tj>kyAIQ
zHxvGT_FRZo;N3$%M}?BEWl-?0UE76~TbLdn<qg4#q#J4;fa>Fxg!%wW2g^EGJZph3
z;mQxIJ%)wD%LGeQaOe-G?>~)Ds88<{IXV7_U`yfr4N0PR?}v!C3pA+w)Ls}y*y48y
zIv3GQ!1TB$%nSrB*f~Kx8XA=O-9ct4%fco&2pXwgKeski1Y%(={1HtgjZI-((@iuD
zTACv-5M<<TlxiA!d6KANBkiD%5|nda`dQNN0)x2-66Z6s(QTR=?Di4$oyVX63RTUt
z;>9O>BUt!hD~37zLa4&ud?ped*Mw7~7KM{gDo|-Jzj^cn-C}C14tX4|Wc4<<)+m=g
zu7mtW(~UGWHFv^Zdss-^Gshk&`9bygGmak%H!2L$HU1e|4pCXTzigC31A0)-PzZ|d
zk8vIf7rOl(HmyFrbUxdvMlMr}g}t9r8dI|7QI=8KW;m$q+5)<{`EkE#xNAosDiN5w
z-$Wdod9r%s=ksemsvCQCWOGVoA0f1HityPWf|OV&1s`Y0LJq&VdyN0Gt3;i_Eg9Zw
zpZj5}z~!%Dyy>@X46}+Rq~R`bCXHv%b&QBMT1tmwvDxm+qt*X+hoz8S2F9_8ppbq}
zJt%Qm5%r5^67B}elx(|y1+(0~UA~v4>KbFz)Vf$}rL^>B%diu4jLd{fR`f)W4wS$5
zU|kqAZ8qw7X!qI2N|^_{f&3dYTFC=FwtQrb@P-3-eI#66p_ALMen(5m2i7UCJRGAq
zC*MD_7s$JS^xu*7EMLw9VgyA|tXg%m=vQf(2!3o>Q~lBOHCfjY+3wBLS+eG+g0arR
zV1U5u52cyHs0}9KoTFIFnx<}<)ex5Dj!2X8^2Dy^u^~5Y-KW2q9$(hD$P6ZAVGwE0
ztdoAlqQ#KZR(t5MAYSO{XykW#t+W%5ccy&mX#SKN+iNcHMIS8`zo38efM1f9Ilv!D
zGPwm-3=1aR<Hgx{vafnuTk@18m*;GJ7jTg|_PEHzy@lU7=-(I+v9d-v!0qVg!eM|R
zIUrsCI3p^<>dw10FT=w1v@%%lI3eMHf!oOXSidX(yzri|)Ui=dobGOX1v7M#LArO2
z8WE!IP#<?ga1qd%D4C-(T?DjY`jwMc#92H8Q1_;4Nw?Fl#OPNB3B|ovoMli+-gQHv
zD(8}iID238z_}|}_Q6@emP^BVy!`%)lgOZ(DlCd{<|&+Ov)s6qC&~vy6u|r5e4`_O
zbp}U<%cn;(;hjDVYxf5e1sy&s@Bu1Of$w6;XR{7;7X^V|Qy0ST#D9}_m2wp;%#irw
zEfFukVyh~DU3RW&Y^C;vu#Rih79JGZa#al=JG{*G=^N+bKX5J9XapsG#~ebC_84oY
zI)r6!8brmk8*W_`>_VSc&#L1(viGR<4+O$~0`umZ&usTOoYFE^yT_<39e<^_-1!L_
z?ZP{;*F+YEkf&pyDQ8q*z_Lj8+3a>>r?Av-iWz1bDwZ2g+Us>rrrSOsga-HY)Z!n-
z6#QvN8Ep!Fktg};nm-eFnXs}GN6f_PJGsH`;B01dgHhbr9e406$+Dix8NJK+V($6(
zriF8($AhNE%@+KuCN0D%(pe=6KE1fuEhMDZ>zucp*N7gbY_oBAkIfL=YCU&G9|L~t
zo{;Mlk#Z3WV_n1_Un>y!iWPq*B&i&9U@@N%tqnG?RZ2hmjgE`)ED`zWsw^_%EWF))
zNY`Y9+6{;+zS#Ng@rqjb)m$rHPYd&9DMy{Woqz+|iX`FUo84UR@jGGqh$|5N5D(1{
zXZ*}W5Nj1Ug3<@@7%UvLk%q{q$|bq+CFZ`NZ)55b;mkZSk@ObS(#%)&;U~em$m9R~
z6==WyR^x^uoXjAC_5uVn|LZTKfMclfH0@6P?{)ucbh8yI#V5+gQV$k4UcR4Y*aq~W
z6l_yjS!r}3*iaDh`|<bLb9(9l(3tvHfi`}kqVH%F<(pGAu9@Nes^!(wQfnWPE<d`y
zmN3Yls1O~bG>(WF=nvo%`W#JMA4n3x{Qys^S<%FZF9fm&put1U1+hqtyW%k!A%AA_
zj>(3BhaST1{C*ww*w0gNZXYRc{y>r?ujH^+D&-?Tt_<z|>oRR!l=zX7DVAbs!vHZ(
zd~vgR4_(<Bk8(Rb5U(2HL%^=!rbe-&jS5+b&=l={tb8Tr0@OO%pm<I|b;6L(#0&Z>
z&ONajJO|Q~Q6=9`Gm)$SD97lQ{gH?@T5Z2q=o#GU9&<$dtY+QJoZ*)MRIL5H9LYOJ
zZvIx>@SZaYazD9MI?`F=ff`t&cYeX%?DJFcO0r}i3iPqz^5ce3tRQ!)u*7FNYGZT|
z4c})WDN`N2hC*2de8a!nODbX)YSVb1BOAGr!v0jSB7Y8Fz;_|%ST+-~Rmn+wxz?+$
z{OHgJSESJo5>mH9RedRMv}GH7Xnf3;1~WE3NYJ6+l**i!DVNprCke>xnIo18NF$6+
z3LW9P?0)tJ{~mg{l6mOB&PhC0y`%2aw$}HGGw5~ooNlwcV@)gRus}9iK7DBQdn!~y
z=;nW@?n7ad9xW}-wj3hyDz7;hPJX|i>4fq&CD8g+X)ET0#^|fZ@5t-*sm3;6y4qBt
zqwAyAlihv<zQ;LL3cs4~2nOLY6j*&W>-&Y>bmEr<tWyLu-|zP-K@+j2p?&Ob(G7{c
zIC7&Y_)&sV0ar7jxSm2i4B;Ct&r%}Dj{2Q}q;Qx5`B(-=171@-&?80z*(HW0Fm!@+
zc!HN%ryY9S-|xRF%mpJAy>~pe=YHp%lUM|{!vT5x;hZw{!;tP#Ys?+5hr~Aw9~_G{
z>-lu{aH_QEIA*J_WpQ?4Vdr~Q(6|`xXBJ;zPw(?ZN$dXBlu^7mE`9E`g!yaY^U#8Z
zZ;hO0cB%CnHMB&_szk7p`S?>_@-J61#MD@ZsXwZmRHN3ke@z?SvQBZ8TbhpIPeEzc
z=nYm{#8X?PTzEG0<naypqj1<^m*??M^@Df0SGMd+TGB)Es?{7%_RdT=QGp;%b@=Zj
zo^(^rIC0e|2IONhvPyvhf)}U;Dffs%qcv`D>dQVtxP+ab?&GxSx?+EJ4zqE7Yk&Re
z-F9`&&v%+7A5>EP^SKdh;F=Wl^gz1vhp#L{cahwYwI?v`tLB#`Z$(2+fqK`N4ACBo
zV-l+me|6?#gdv6xCE_uCw9edbqN?vSH_4}+?3o<~wNbA5E1`di^9K{xy(xuw5hPKE
z=O*fBhb-;db7vNc%ZRc|_~nE-vR!)JJgK!$opApc&QSD##KMQa+faQ)dnBKD*2v#|
ze2u<Nz06O4ioWhZmT$#yqz!%F`FB~=3zYZHMJ%{rRdTHSb4%`kuY8h)qRLMbb(e1e
zs>yj*qz~5a6}KEC5*Fy1_^=k_;8dN*u;FO=zN6(K4FxN0oBCxd8Egt+wcCvG!BDKG
zMIoMv+n^<H4cYOGC5KKrQE5lZ))OTVe}#^Zh=c<-5z6<zO{#&}Z(t*JrLMaDr!$Xu
zjF5!HHCTjUCVXTBxfR3p=*lKIUr;04`h@Ce?U(h*YRvkaQIMz5;RKTC$K^S_oiKM*
z5t@_z8(6Qa7*@Xh7ka*p5S7&6#d%cZ2A^zV6D~h3eW4!<V<Me8r(8>8ACqo}tEgRz
z$49eY+A^7kQ@u44Fnk$Hc+Vl@^|CUDnD+l`T3`N1tjUBYBxb{)ToBhdaH@7vSB<cc
z#6vy!SEHpj*Mo54krM*rQx~jrVoDmmCVV=*Jx4e_>>8y*ov!JjAm;wFUba4kW5M&h
ztNKufRM(MBV(`^3n@K1|_Q_K<>m^p*ZoPPZHhOenxT)y(87|A?=i-sU763op{5J<$
zP<CcvbA0dFwapcB8u7+Tw$`jg+FVw0#qZxN^H7sFv6(8nr?*v*i8~4!rief7bl;!%
zF$+^6<GGbc4>3MZlCA_ueayV7^#0M&t8rpdrqJafD>LADixHK{Mk-pJ!=QBrp0U>b
z@%DzgqM^+PcHO9CXaLreFN7ot*{aQD2yMeaL9j4E6abnPca=f|76+IP6a(Vn($G*F
z(==d|kAcaOqiS&!0P(>!1NW!OiJy0#&H9f&9h5b9J*CZG_#<*yNMejQGbAz!kJ-}X
z|2;2cT3ot4zvDpU?g+YF5qh<teSJD{Kk;&=VKi$pnp3@GJ8E4EmaSTdpdWjEn)xfe
zK&w-g^KS^ev&2hZfrjMrue&Nzm|gi6=_O@l9C8b^hwA^}SO^vrl<@ytab^V`2e7<<
zpymHq;l=;Q+xWLmwEv+(4A43L^$zt9y!{_58?>rw*dEzK&b+ISX=z1wb$>k>z)<=b
zFecnYgVvl8`E-rGrlue;Y>)_jiX70*G9B^wms}`k8O`KF7`%U9nDb`YqU=HG)PAd=
z7-I##q4*$N2n+^H2$+{Rg1<C6=->2#RRG`qlR2<hNTOe<MLJXE@r=#;|9njLxZE0$
zx;^XRNuUpZci+X?C{Ra$707D14C?<cPk}dsZR}5H7oJ|*V~3L#GaFk_XQ!aEi%XNY
zhL%>})D$WJH{cNv^t#lx*y>wZMfCKDz>^2Z#!>{MVSpLqMn`2=I=pa6g?xi+Yp;@l
zn-<@Vm#4dCpC?Y=hh1EE50AX2Cfo%PXJ>ZZPVcb2J=4raU;uV@_Te~!|J_e?L0K8X
z-Px*`vND>fnOT$fMcm7Yz1<{cd3pK0-~ICgTX;l-!yJGOY)oWunOj)&SZt%yg?7%(
zsR5JWUXQKq?3|>SHW6xg?C(Ppm6mQnC#U}O>8Lx)S3v=})8{F4D2B8kH&<A6lq51T
z@?vKs!3hZ@3QtaMVq)^4qN2ijL0L;HVscWEo`E6D<6;9JmW_?=&(zWqL3(<6_hH%3
zpD;q6o}SU{KJ-M6YxheNf^bVqOWh{UOB#hI2M65pQdSGDwgv_P0}8&Y4#_>;-B7{Y
z7#~3xU<yh~2fWqQ)s5*yJ--*1n5?K^EZyzvlSQ_FGtY_b6(xW{P%<DPCLS0bhDWqA
zTT^ss=kIW{wnlm~FzYNSf%F8=4jmd6zq1bFiR{zI`vd}Q9(xE-i=lq^ILgWj3;U?5
zs=7g@y_Ok$iuVTt0|W0z<G7ZQ(ROK53m}QO*jfp7b)0(wL_|dEp(8m%Lkhwazt6M)
zGsE7=sn2$AZ!b1G8wCyyuH@%WF(oBbK|#Td<J&J98W2EIem~84cz8B$fSq;qn_btb
zm-rz}6oHEZWnpm<9}rD-eZ9E0HW6XC4q@5OjxnPY-KS4i=9r>lV(2(Hg9iG1oKUy7
zx4)*RHx&??BV#i%A_fK|;K^;<g%;cFh+ArC5V~Wi&pUuf>AYji*k~8r=$r8OY+Y!^
zh)$Kh1Ntjz0E|8NNp^NXFE3P&#Z`LiTvQovd26O-zBGc+MhKnH&^mIwkni*GUQ<tP
z7mVxIdFn-6qoR(KK{Bj&Zuaw}EDr1Uf`0cGBI}U?(%?i{TBrCLM`VxbA8oGUKM`$)
z|9o%^F1aWgIr4tIk<rSDI<&iT-Djo^G(cgcB&w8PG`1^WI|w0tB|1*ETe{mL5&ir6
z@<bzCHje3YaSe&A@tI1C=sf(=D18fmSmT%IYf|`5a4i+(m<cPq5KG3w;q}=g<FHsj
zLImaZY;~D{SX>`ab5<rB<~6tiQ0{t-k(5`b-<z)!0BxAQy}sDcYyk>>ipvxH9hEdb
zk0TU<ta;M`KyFR|Ol$gddpZHYD0shk;;`%l*ybyB+Lk<q&#y1HheoWjz7U0XjZ_iY
z0!Z5g00k~J8oL9%Vo8N(#-48tM9B6<+MqCjm|@e()|!>+#@|T*rvLur`-h5m8n>>p
z%uIC@xj6Tqq#PAP{JZ}M2&xEY9-psuIN@|7u03Euw_biY^-iqwt&9^PbV7~C3gFR<
z6oECWyBq%A-JX$!-hU$#&VeLwg8;g${+vb(?Nf^z=y&X>#1|ms7$mNNn?>&N=q!Uk
zEMZqEW%rn|;O;yd(n!uUasxbPCH;Md)p1%+8Yio53iU});92~~_<rWAbmTguA-?IQ
z0t-O`9A4=C@^@jP)?|#IAx#pDmH+_Y<RqLsY}vEf^~{-pFF|mqw`|CfKjJ}l#0dua
z>~J#Sxw>r&ReEfOUm#E|0Av_=!W>^m0m_7Ji6!2)$3yFb7+Wva7Cl@JkrodR`fC-B
z5C2fe*cxuNN(qxmHbEF+frIhBJ<+rp%M20CQ>HSxdLcil^v_wvbsl;}FpPuJ#DwF^
z@z0skUnU+7Z}iZhhM)Q~A{ohWH>2p!cz+g`XiRdiQ#-;=C5AbZ?+5QMY)TPt*zx?M
zbJZHzaI3DRhes2)m0HR>wa)8Ob2@+%qINT%1l^K5D|pky+3JvkG~c@(TG(t>c`tKK
zU4WI9Q6(q1vVA=A38uhqhqciwL^Lju0%X(maJ}Eu<BKcw_RMyb&o7&7VjPxI4i~>Q
zGD>GgnNaKfaJBaa6fzkR!}l+g-P{zctT>Uc;#46uUs!4CL|#>dS*@c<<KG4%aEGVK
zriDe%R$ACxji|men_(e@h;{_xUFxs%oV`CMiT-Fz9B3jg(H%i#KK6>xUPs#Z^2Z&z
z)Aa>hndlW#2=%UaAITKlnlWPXA>PFSZ#{iPiX=6xFm}E99f=<$+~7MwdgFr6gkXJ=
z9m$;T=Vv8&B)qC(uAL~wL)j;hc+nq`HViw8n)nA+zMcsxd2mz`G!kw1MlV-{_Ay9H
z7Uyl#T#gO3|D_PjYlygvH(g&I)37vQm3Riv;51ttO|I|O{ig0|FsZ+=vcCAQzhW1u
zvGruf7RjZI&dZB~UmuT|9?iduZ~L3aS(QYd0<x1H-Oy4pHnUx8U-ahrx8OLeTlHT|
z)gkW>15fUG?fSOlL=A6PI-AsJa&fvTL4g-2GBV29WQ6a>9w*WY4+`o*3*%-e{jxNs
zL^9+t4WB$j#mmQtbmHUV8Be=4Ifv40D`p8W*yBEYJT?Z4ZajLj`Q2`fOM`DjKJnY%
z5c@xkP+S)8Q7%wX4K#Nu<%~?fFd~FdfF!_6v>*UkvRv!*A*6)XHL)g@a;sZW#u4Y4
z6IT*A;nM8#73gD+D!eyKVDq1icc{VlqlnK}JqFIVio9%S&fjCOEQOc}Sc~Mx54X#9
zT4ow_!19>t9CYnJU*N!Bi@e)@KW)u>)xC#k+kj3~{CnPIS8Sy7W~>9s;n)11><voh
zJqfJV+m&|X^8_p^;ajqdUzDi$-QOBMqT^G5NScefx^=aVAt<pJ`^K90lZmBqv-^wz
zBCRW8l93}hl&Hptn+L}Vdbu!nkFPUk#>3C6R=Tc6nYJ_^;tKbT!4ziF;dn(_XC}Uo
zNWp}$=67A9dD60RiSxPi8r8Yf)W0Y}NJAy8j8#nPXB=T7ai!?L*=(K2L7Cwb$FkMq
zT+xNG3R=4cJ8pKrdwwl51r?g}u>dc?@0Kn>92K5$)hlpN1siyu24`O2_j4Y6szQY1
zMgb7`$PY`a#TS)h)(6|tu`4<294`|F{J&sX;3FA?&&QIvTzO*C+v7e<Yo`1As_KhL
zzGO|zo(nloxbL{2fX^iK=EX<^>4L*iLT`TP4K66=awKvbH6qrtsl%%}Z?-;+pSM9K
zeST2d^a#Ab+zs#iTKE3%ooZ@05RQ#>R4$Fsw>zP(l+B-Jo-OoxFZPh?urChgP6WtF
zJa{z@R3X-D^ro|I*5TkfmG59S!s|E!p~x^9S)?jj;U!`L&-x@IfV>1;{H)8m(5qmD
z>LD4jVl4j5(4{=@NQ~R)_zsVXDopicT=4h<VZo)nee&_=hJJ=%kbIS<SCx){_kFeX
z6)Jf!BvG(?GowIx66ZlNlPc{+lNwAeUMOD3?fnK2STmvAzP4h3I=@m~0;~|;^x@97
zw$I3NZ?Z}h16eqFT&%2HjPi1EhC;#Lbun?8ry4wXYC796K)bJho@9sMDGdiWPDlYK
zi(()kM3`K?leUNw3+^q3;@=36H4Zp&B$ifmkUMZhlG~>nMMHwx(wB6_!&}wX^=>B<
zDT=Iz?{bXpoSDF*9iQH|h#I;$$%E12Fht?eLFgd+;-SsX1JI#jAsUzO5Ah^U#-L%{
zT{Zf{?3s?l2xKIrL`C^8agNT;s%I5uafVZ?`5<skMCmI7;C4Y0(L^EAVbTU4GmJkc
zMZlA*|B8@CXDG)N8`0p2DAbl)mn-OSAPNl)9nDT<H4y)pgsTur9ERo6N|X+;%NphG
z<Jo7FOVB}&-~Jp@n|Nr9Jl&oDJ;4%V6$4gVg!=J6LQJLI%FpuS!MB#6Uukoz!ui0Y
z*IAxW^6RHGbg?LVwF~iW7+JTUtfxw%MH-zQQ<Qjk-}7>l-Kh@oxdl&3gE)qu`$ewq
z_WgbH&#-GlVr0w2D>Y6Q&t<>Nh=_=}b-%aO3y*aF^KUJU)qd+zbZH4&JQ23^SvVH#
zfT<T!QEQX-k%0$h5{yOxrT`bpgT50G5mBj6b{+6d*H=D6uJdq<Y;r<mPCAD+yNGjy
z{3^Y^gns{iTwfIx6=mt@SnF!Vjc#OQr0^C5J}bhC#559ZcNrWS`nkJng1LI!89kQ5
zgh|&g*VjofJvc$LCU>%Rqp=TACkU1$P>ze^pnm+8@AK-5XJmvpR#`1nsyR71Y2(8*
zDqi0!)HPMYz7!P|9c^snrl+QorEBlAQVRW>sVMx5gt)9Y!jOTlZ)bXTcBQGQDPubj
z2iUXU$Ux3d|D-wOrueLVBnp|BP)Jzj!8LSmq4hO&5>aKJ9CKS=TcaT>-*oElk*V_$
zL#q6yqhs^%J^0!{XW~g4pJ}h+<m9B;mO*Yiu_TRNDHly?uPjq<fgroMs>Vz-qC4K?
zEduSIe*H($61l@Z+RAM^GgS_b2$!5=EF2UODu#j^o`Sxi+&uP9`cSgKzgNNH|KzsW
zow2=1dzE)m(q>5^Azs#m0>p;TWO2O(($N3nFsy&^*}upwWcVea@|Y9Ka`bXlo*c>}
zj`J?zrzC>MyXNz!3M!~8ciHS-rIH<`m;E6;BS%!8fOxMliXuAPi8q)H4RI@mD(=^3
zJR^A=-N}G|A+Ue`|3?t}@23mPe?jbj!r=dpN)^rj90va%o&W#qD&${0{Gaju-ztzq
z7o8>tq9zl~#-lxt$tJ<)*Js#^k9>Ul-Nqxy5}Tx~Ox%r8|LYoiS>Rl4nXavJg5v@C
zs-ev)e|0}%IAXk=_Ix7z&r^BFZK(#m=@5;f3Kd2TS9Ax8;FyOU#<7R*3rk<IBtQ9w
z0vU;I(%EOx@ctrkAl&YOByMd3%u@ReVa+a`96n$-t9SXn7{5$>*l=uNci0jq7V^~w
z+Fg)q0OU&3iF9gi&zq8e97#r<))Ij6NWkx2jY7nI0Y=}td*blEw@1cj6@Pem@Wc-Z
z2_fKfEe9wbg=QlY6LZZD+lk4^Ka>z*fV(zJRbsbCRf7;I1ul<<TT6|AgXJ%<A+LpJ
zxPuW4oQ@qI|1Rw>oIW=r!3Lp&1_lqE%K)d17qHWUZUEV`Sm@<Y2_OVUWsQ5-&X=dn
zSLrbY_2}QDk%{xVp3rHuI2KthR8|0dNsFm$0Rkc4c7RfQHzPU<gubdZh7xLJsxo|T
zXTQgWM@CctUMIk$QWKE#^lT;Iw5I#abTr%JZ~Dhxp!{6P&Agkui*p^`YW^YDmvbyn
zWeCP@qDS~fRqM2;0)%5x+5Fl*T;ycI@}h@_Bv}Yhz8woZ;eg#e7luh&@A=m<3XesU
z%We&eajZ}#LA-$p4{0f>iN|Tr{NPt!?O6f0>){Nw&p2?r3!984szecRh|k5(!<I!b
ze5?NzicI+a?tC5BFjS`R`QduNK|ip&5SoR{aYq^eHWa9QCbM{5$^af3tv?VRS>B#3
z5&%ab5Li8ps`CQ!Ad3dLlZ!Z@3aut}GPLSdTWxH^i@H;d_92%Za@}V8yrl*!v!*B!
zOUtq!@@W);5gP!c9Cu2!U9ypl)&()cvV!=frKK5`1C}j<zx%HRpBNJQ?A~P7PvH7s
znQ;;b{RUps*vyUqzU(`qwB50kh?jnare%h{W!k=^UrhVl9Jk`aHNn=5W&?@wn3xnF
zrfW}4#jhDdo!NvG5tCh4!b_%fyB<&P4n1wPyI-s7j0jw*aygef(miSDR#N#sILv8p
zPb-=7aO`O)hr9;of3z5js%|~KwdkMrx7FH*T44(Rc_-NQNP1zVCaXc6-0C8@{g-0*
zPeF<6YS^&8I|?N@Qkuv0BsEn&fljNzvPdEVrxbWQ`K^-FF*0sRpVXX>euF~#4E~-j
ze+8mL%qLp;RI))be4lYL-lO@7pFj{*2E;_X&IhsPccO*XE6pnPU&z{}dm+g{XoMj0
z4np9&{f}L3`J2vx2^N`vDj0Qt+O{VcI-pnF;Bcl05Hapu!qE@(Pq0CoQ4$C&A6Vj&
zlBf+CL$KfX)seB=>nLXPgNWiS=gJl-`Zw(%e+EMjaw~8bo&h3huZSdkgWbAr|06UE
zEF?9wdE>hMY`!7`jQ}1!oMi_l7=<O)2+RIn5umwZ)g)S>-HGPK+W$nSJIUeqsJ%zF
zBkg;AQhBit6>~#0WYQ@H8-~gG>73NQ57Udua;WIT*4&;xN~|``L@rrzY(m57(E$6P
zK630jD_=9g{(bt8Ovgj=OH4}pFQ@yBlN^!)FSe=*S?NgeyE22Q9*w>jjj9FD#BBw-
z^&I7aB-<pt&H3O2=!T`eIn?rVH=gS`3X_FXh%f(`#YgfK*KbwGp}2<P;piYhd9kgy
zHUO2TfM$*RuG`@mS1;}89V(mA@vF|`dhc7E>4X#$_~>`3SW(;&d6k2tbV*}^C^Z__
zM{+Sk(^@FikB6w=^YbZGT&N6SDh%bB@!SR@@sEDx1%bg}=iO24xcW4B`y9RRJ^IWP
zA>84qWVf|yCCVaL;%LNEqAQlaas%vnA$|QNEJlOy5T$yz%}_B($xw(#J8dVqcWqsr
zO-)}5KPA|5z8v%(W25|cnVMYlZhymUvC@}eQUB@~Lu?6>Zv!V1Z}5~vB=a*HtzCpj
z8MeWHf3`3Rxc2|0u>bnn`KM^4IOujM{%VW?+8`_n@sLGl7*e`q*(6Df2tWBllH*QP
znUA5kXdSw%tnwCKUGL+^OLFR@Q<;ONYwdJbn!@XOJSh_K5IRji0s73?oC((>0~Kxm
z?uR~6+y&1=&-8|`y^m|o-#ghB^QwMu)2nR%jvphZHeqgu`lt2e58VK3`gfrWrdHuE
zurQb+EKdB;2sZcA-A4#keCJCWIx3a>3ic8)0s?~hPkqsDFLC@Ko48)DjXJ7BN~vi0
zM%z`(2&|=k^HSmR=c<W7S&F+07d#|bO0asxw<2K6ZwoSC4rLYX9);8pO2KRfw24Gg
z=w52}!}SJm4|w={_0}9OR7Du|TjxxfA)+I&zF~s;Wr(nHS8>0GHV?Z%teQt4*pmkI
z{pb#;wCVi4ZZv0`wf4kIChLNsiJ8rv>Dq-ss1%;@=Gq7Y@uG!^-?nD*<;X?K*edm=
zT*?M;szQmbtTsftTF)=74u!;eO-ie03T(Z+zg_<Io6l9%-o>GRqM-_g&)>>8Nwrt|
zX8YGNmSYggDw46yd&!BbOd>_>Q_DDm6dC#OP5<ARB1Upk-Tu<wslI&cMWhps;Vg^x
zs=j8Y%P;Sw1^_)8fMAtb18NA~CdwT^H1mHiZCE%Lu@hR*D^3cxg^31wR$S&N)$M4N
zO{61Vp`>{asRE8u1T<r%@WgBZuO%BSDm`tyKeZ+i4B%A#Ulc=l<?DH#GFtr^hRk^K
zZMa+ShHllA#SNo~9X>+$NRo%C&nskbeq4ZY5a}7%zC0LDW6O_<;C8#*k}xC|g&0BL
zS1{(&|4@Xy_&09~FjSQ@kdxX27ZOwTkm*ltz#W+b$-w8zo)*aG_eeH%cBDZ<@v1Q$
zzAqMea<n8;A!9v$GnNe##bL#PhNsepMT`v1co@y1ALn$=RnA`ocONjWLK0fjaB=hZ
z4*DSG#70PXp4_>z&9pnciD+AWwug_~?^4jXC-uS6!r(iEZNQ^QC{^)sOYd_u>~+)}
zLRpD9z)ikrzKC}PF5pq9ccb`gLK3btwEmPgaN)%niX%j@0oj%GWrqH3{`%0z*^ncG
zeJGzX2$p`Hz`M{9-i~4Uy|i+_aeCc$4M-_%53)$%#cJuN+w*ljc#h0iAa7uKf0iV4
z?43M`eJYxhFm;>@9R%Z3MERyj3A4wBuOlfkU~)~Wb%XKVjU_WscDC0lgg1W5)Y)Qk
z*q1TqG7&RY*3Q$3yz93^0ArbHe3g#e#@m8-2+Hk|$x~<m405A1^lKWzf+5i>BK|R2
z3nL?Ig-*Z1V4eid0$xvl3sxf}V^GG!ZRZJtz<sz%Z_*W^<|?B_kz;8GdkbcNn+Y*1
z-ARzj|7VNC^p)ED(ve1B(JoFE+K2kUxo`U_4IH+}JQ&Io4J1ign>ft#=lgBqPhZQ}
z@-Soax2}`aTLwBwyq>S53hn7j{c7BBm>qXC@Nj0QxAeKw?6HWz_jnQprre!~PPOBa
z1{&G+wc|(zD*#}DJiM@;kX>l0@I4y#RjIc1=aQ?y*La<`zd|XrKJF~W{H`;TcjJ6k
zlkkZ9A#^;_g%^9Y+0mEAVb8kR;H2TegkQNLFxj1p4hb|0?z}^8UNiG0DwIcm9Msj-
z&4KH|rn+s<zek$OfJ^oL<ivVV%W!BZUn1gHwSkyWW2QA2>+0%ioY=uEtSKpO%OA1#
zi>O~Z#A=7I>T;gwmG;cW-SYqi`R&>i{j(CtLkmTTC<KiHy?HiUa7+yC^(l}o1Kv*t
z?sRLTOAUhj$`^tsl6a9DeEobkE`gi_kMSynk3uRqZufhi{}f&Hl4Wa9c^zyNAaV7~
z75!b?duD#fKOty2=nr6t)?sjin(Ter+1A&NLi(UrT(zSMSngnmRxplys|AEk_;i9(
zp`B#c7UM}f7c)p*GwJF%sJo}Q+4W8)o49;?vcJ@{YF+p3*Ern_HEe)=;nxSnKYBHt
z#AL0zw*Mj`C6`45vO3kuzBO2u(&6Ld=K+;h0o5wqtaI0BqpGh3lE_aLvPqvdleKJX
z;u90GeDC{6LrLH6hccO_x2ar7V{rSi13$!31k=p|Q8>^Ua4<H=H~_cRW5y!gg~i3+
zfrkX~tx8D{TjoR|wUIz9Mjj_Rs+xua0`wCBNE+Cil`ADiL_s@527U?#pq|2##9+~-
z6!GwXZG&T_RpO-4|ML?D2m|y9;~&TaG^5xhKy36dN+x~MYP{chev{b|--5)XfUOC)
z{&M+KA23b3b1P{bt(s@n7n}!op~w7pf6XXV;8gLq$AzxO4vAE0r*U6u>+)eUQ&So{
zcq5TVKXLmN=@(v?qv{b{ukdDj{W$)oA82|t6qH<CDFRY>s6%nDf8;_G`kQGl7xJHP
ziiMDgd7X3DT!uzDnw3txrv{ByXk+H8Mqb&0YyXu0p7}zMI6`kQa^s(ixDMV_I?8v3
z4r#*oPwQ_aYwp{~8Qx#ZR7aj1hbUNk_A(>T5$t|mom+Qu`##?*1KB7?5=0U1ZhcQ_
zfJ3CPv?vtJ+dqVIWNnJqruREcyGyUj7l+H{-q_6WJVoOVej0Me-c*i~R#$RZB#?ys
z9q_CE3>p)1TI;8{`bM~!Q=Gwvc-@>ftvf1MJzeynX2f3c#_(T3Y;<pbiJ>|~Q^Ywk
z0OAE?ERMjJE_A;UL?fCy{&wcpRj2U50ah}GgcyK!1eUQofSav6%{o&WJOVCTYeU#3
z80fw`z@uE6ywI)#%sw{(jbdtQ3^Ct4&85%d4U3AuSCBqAXC^__zQd~D+e>4{Md_Df
zQ6SGFty}Aj)c2m;Fz`j3!WK3fwbyuWJPl`Aj;R9+$Yip<L}O~3X3}aLU-G#cp+%1q
z)#`sAEw$R}(g#QC-Ca3^E=5I43nwD#LwHU4dI9HT1=(M9TW>h;x*uTrbC}Hu|7oj{
z#csKgK|YIDjRF9xfc0rJVSw6PPZ3c0FZ?60<cdVe$kanohzWq5Nd)9rVF2-%T_vJu
z5#VW)<G2lvj@E{~;Ocp!!=e!30ooz%r~XzqC0NG^k3sVaz!v}VW;iZ`Faz!NF$V$v
zF9cWDy(bG%E{=fRTp3T$n>)e#xDL1}R5t_iZ8iY`a@6z$uYZ8P+|VF%=ays!yy&lJ
zAiK^7Q}^e~p}tHWr{4V>KN56AZ?h8!n(M*aS=+h%iT&CD3`>=6$C4pFo2k6}ewG^=
zm8%_^evH7ahWlB|z9;|`osv)_+H0J3KApv;q~HSYg9g~0|K6wV`!K9bL|jn$vV9yY
zkiI~(U%pV?iH3|xtB3?7`|Y&zz(W$%eyWEEy**6jdEK4e4831FqNIUE!b1ZxVeBka
zA#nXr`wn{X2?>46c3n|)WH`9U5R4Us$J)On5EvpX!?xqfwqC$dKx6w|T&ZIOpkL)L
z!igKve>kKsMa?TT>jvi=+kxBq&7W1BtXx#SEUyVlg7`o#Af&m6BfLMzUwCI@();b@
zjwT#(4j5+|PhFqCbJZ@#>X<a#f)LDLe3bFt5JY@Z3w;dG!hhKT!1xm;cx2zuQd6hZ
z1#~xiKh%CqP$`hy6lFGOT9<iAXE6#5OVr4eA5L@M7Tgd8lA4)q5fdCUar+S|V92*E
z47Fz;yG|RIdjUkP@8)o}MN*tS);C0YGXZZhi|>0-fU+=AwP}bIT1ti5zc{Rgt+cds
z50=~*7L~;Ml8D>ByB|#yR_gmrWqm!nxaLlU-VGO!jaeCRAASNm)zNOh`7ZD~r*=dt
z9^rO%1KWoWAM(Cd>B1AwOi6z*B95#mz-Kjv{4e7~LIp-6=BDLFq35Jkh;XK#kBoI3
zc%RXv%kn@|6h3g%OqeN^xWOBHD;|zB1VMMxKx6fL7}GPivtqL+1&p@|g~`rv9F2xO
z4G<24%cTu!r<PEbPzgE5D-}i;MiOYll5THe?l->`rlAuC_Df*>HMjcP`LIX0LiQ-G
zO4f)b$4%eNsEuhL;(hiTEyZV_p9%f`pdf~RH`0mJ@0sP$5}t29>yM8xS=?hNT~C-O
z)n+5JYZ%tQEd}pDe1P3w{#mnHA6n_z23^2HQ@(X}b~de9>l-en6U~|YuuO(17TJ3=
z61fz{q9}&&q3QdZStXx}a0c+(HtC!BP@$#|fCv^EZ?0@OYiRZNV=D2ZGl5foXJ}Zi
zcM8;Kv}{N7rQUCw#(t9Yribi*gU2^C$&XRaCw_??G_|p7*~MAG)yDt73j6A)sJp0L
zB_xHRksfM5S`>zM=<co&kWd<=lnxnSNRblBp#*8^?nXemyBWIUj_>=f?|y&XyVsh(
z=KRjt>(oAbpXb?UcXQf0ef^qqt-BX!5+QjD?_A9!oMV`nkCBya?oghg+P3!IT$u8l
z<0??kL{oh_*_8~`!57>}VGQx@<NMFNupIY6H7lpAgX2Nz87CXuQOP~4QJy{z-(BxN
z^B{*OP1P?C?47Itg5nz1ZPC;aqwwmZ6`!MLLP)+Vk43o<XGUFptTs@0s@k6fTaqu)
z=|~uRF~wqnK;>E4O_G=l{H9B6W$NaHm=?Mc2%D~ar`0n&4EnBuqQLztA#IxY31sm+
zvBcE{%fEc1Nz-GXa+%yLtw)22=GTZ@wbd&%IA*Nm4z(W+&s{|0jesWQqc&c{FkE1e
zAp=M}QIiaqi}|tT#>r84(;oKvqvHmT|KS&ZvGl=#qSWN%@2Yw5uXS?aIug(ev_~zI
zjl~}~LQnp}Ur5-;(NPh<BoqkfQLH)R`co8eCTDDW?lod+Rw8)(?w?Ze4V7tXTPOKT
zT*ziA*fTT1yXo+(p4I4evfFi+XOAAK@5&o+lJimGXHD+PRL?d}uVdaiItCxVHa86#
z4vIq+Kd$p>UW}f$BNs%0ZerU|frGrfJa`=Z%Y`j+-(4hk?436159x6A+UDlrl9I2`
zhxfk>QD~#=7k^PcQ^<>}@%$I+pWDr}3I0NVX7|tUE~x*q@=<C_;|}kA$8?&Nr|3T6
z<LCeT8{*^tnjDp^nOnL10tE#T4BO{*eXqn?cKUGMSSC^&Ez~%@IKXf7i@|_@oX1h`
zj1%3xlvXx}{^)KNuvm{{*lVgk=;oCDTy(PYNRjs-%hY*!Ia|ujFpGP}oGuE>jv^nY
z7M4QyVOGkmXZd3FNtiTatUNO@J3BF`h@sq>-OzL|@H(_aa{ZT|%o4n$-OunzANM8S
z`vWjuWTS(e)3H3|tDHkSyl(1{8#hr=3EcKpxi05`#EEXc58s{;eovpskC?TRE-mYm
zbdHGpmKU;Y>&o!Ag})8Ojb1s^cAVSGjJ1TSJNF`&9@L(oG2Vh;U?Cz<*rnqWZ$A>`
z!}XK*4kFZ<(?X?EwB0hYkP*=iE<%I)4|8BH{Pr#l(s?QU;9VfueR23cP-9Zb8(AUx
znIbr!*&{M#jyo>+DWTj-cU6u7U36=y&;l8il=|wOW)7@M<KZ;<=+VLONsS3xZ#k(s
z>m<Zts*~mFxo$%8)S}I50}WZI5si2*Y#B)VK5-{`sH__a#PQ4HQ~XzXc?81Sy(agG
z+X%Dvf)k_n13B@r1WIiNJ|PyOu;I>!%yJ~7(*)1*4M$i%;cxJkS<>07ts<JRdQU4A
znoTwB5qk|%wXhnuCrY@B@zGPo%jKe&dKAG&U96EgK^fmJ6DK;I-W7-2;_AQ`icba~
z{J-)wR00Xi^%^5@tmI06O_*!+%;v2I2ocSR%2fUm8fuel;5?@<fBw0fLb~k7oaFNq
zl@)|@qllIC;Y=6!LQ1PI&4jvrP^-NLEZ4f*@EsEkUAN<~j&k?)k*`-%pJfWBl|oC)
z*A@NZbmeZ6Zp>O--NbL;-)~pZfb2XaV@|u3*xbbFd2}zMaJ#$S<5er;MYv|JlwlHG
z&e9%~6oR2AO3HwKG}bg@%JnjZ|JzHfo*(h$a6f17rKY!aqcN_K62#x?p>EK!nqij}
zutlqk(>Mu6umsjjCasO{84i#O8mbmQF7c5c{^P|5*)%9ccbJ8g{+giY%-GMd_8J)s
zg-#<$X4UkJH!{h+f=h|(g*|gWG(HDfF0Y7^MRcA&)nR4b7X*yzYu4B~W(P&M>L}0s
zbk(&8818tgrEOPGwq#oo@*((W<r)kN-H>yR+OqC4L$~LnD6k{HNq?c*n)}}9k83_{
z!ne<*5ja`<E4oIo&@jJfd~=^1%)ngxc?rQbpF!~3C1@7BON;EoVfqLVpGdPRd#LNs
zo=TODqAevDks6z`B&1Q*I6>}`yIRs7G&S}n^A;8~RxZgbGH3Nb#^-E@i?@)1i%0R6
zBgwm^MaF#Aycy@e<rfwoKaB6TP7`l(Nj;QtX`l-J5=fkK;I_e|?mU>B@3W`)$Gw({
zOfN0`y6K`#H`@QV_YI(Ct(on<F#lw@B%|!%t~9zbn;%l{d~(WbO&15BEvP_j33xsy
zov#G-F6OO<qkW}FN|(@p9EhVA)Nu29>fm1tMLFqa-NbE;Y`+yt=x~}W;?1Sw<yC=6
zRd;F_r{uL9$!juFa;~uonY^DPcv^xTkj#G0@xDyKU3wn-GY;fAN!#lfKqEWCEGA#@
zEF<hBgl&LJ;I*-YLFZ|^tV>GLmR#qkCJ9Ff{MK3<Tg8k*TB)NmXT?*Og`YhuJxdoW
z*uhIORa;ryhQXsGO6f!=fhmi1ZOKp4eWIK+AZPs|86s{v9Q5x76(+6NXB}jq7nV}b
zLmJrX(iW#F8ORvi?$Jj0J7t<s*6oohGrnAe6c3MN|LlBbaS}lVtN;02^|HtvMZEJe
zzVcF~BNNz?Q+UjTQ)RR6ogw9LE=>NM4#>{m#>uNk`hycsfsF$)9j^$)-BeZA7Z{z)
z7p)c;dIsyqBQuteQ7IZZ?9eX8F8)T`6>K70F1@xtE^`hE-F9Nd94-k9*n;6)O(8NL
zjw$;C_RE#u3=l+CFl}zKVONU8k1v%K74j;e2K7bBT0X)__p?p37pE>Wd%tuluPnsq
zkIL!#$}y=zEt}qY6%N%2W>!hy-IM6E9}3UYc><X?5oN%l;?gBg<~JI*w$cDKPWb52
ze>>{mO-Ue{@}Or>dZ`&2g6vp3<u-IZe)Y0>1f5pMF+<1|P!vV3Zy(9Y;V!-04XBRX
z3$4l&Q+HlpRKHE^nE9&3?^&mR#+BESf1J&K6c`gu(j5%8Ez9g{d-X*pjeFg*C23z+
zm6oEd!8}ODAH(cYfc7(&w7DzIrZT>nLu|k=GV-p2-(Ha0malxLhUDw-j68<$v%58$
zoGH#!(nfz}bi8)$=uBn&LjRy73g!v4*6TiW`2B&qFXK1kMbMytDzU}9cBfXc)9fiP
zCzg%6Nh)`jkRXtK5+^e$fswtE+p-K0-<J_YB7L{epFO2vyLzVLe5>XSHE}3IqzZ^L
zmn&-Q6>Yw_)q)KlJi&9zx~m}8YV8op;*7D;GV9GeasRayo!e(3Xt3@k_>U3#$J#lG
zQtZ2v{$zYP*#YV-Vwc$$+YF%S!)s*|N}fpb#yq=22GQCDWmjgK9s1<^Y#C}Vy0Y|@
zh+w%z&!bsh*^!fHv-<zuv%4I=eH#9d+|!mC6VQUQNIL5}l57+9(eu3-X`VH^=NpIM
z3babzIhRL+Xx5zEy;{y@#etAQ^VDZR?RgnBAj9Tcjx1%e>1gl@IZt4B4=ojT$`7}9
zO>Kda`;CnT?VVoXJ&M83!$sJNh9-c<;Fk?7JI&NOKrF&=XA`EK-)(1lot})JK|8`V
z&hL|g72zCFg?K_nXe;+ZW&;;T*5r92!JJ$i{6b^=`xycJAU00!VLV7Zq_V7FhVj`-
z5wU%}yQV&NMB6m=EGC4JwJXD=YF)RCUg2r)M5I=me%h9YNe;`-54K$=lnocB<?NR<
zGXtU=cfvL|6HcQl{A}6Cw#%bcKKDI+RNf5&6rfd}g(}h<<rh<meSDcX=KCkgewHC0
zK9f<7x&d%9P*TFv%oG5rrNMJ^S&KckegoGwHe4EC*-pIH(P3ui;n@^l@IFyNMIw{B
z?@V6`3R+wqE+5|9$!i)IgcTKWHXL<PqplJmQc~#R!o+prTgIbEg=Wk~tRM&=YBi&#
zh7#qtQ1Y2$B=A6^)Y*cgmF(@g6crT@o%vM0te!|oj*UZ&DK<e~xx}x;;4{S*4zW0>
zy;m(#m>(wo)b;2~R^HLic64VgOLF&4+d~Cd5%lwMg`dxdJB1PY7wXPu3ctOvUU#_L
z%Xa>HXkUgNXL$`Jk=~i^eH!H%d9mUJ=EF>*lN;-AR6m_8Y4;$GAdsl5aqh`JtfUks
zF*V=+yv*F37v~M<T_77jj9Y2*e0L^B$cd$}LT)W+WAyR+1ucEAET=tw-O~k!`gcCL
zlNV9*xzo37W{A}s8WLJp;V7))%^Z8B#n9_7^33T3g?c4jVi$8k)@fcFTag<mhc*0f
zUIdhbz3PHX{P{!c)?%{+%ExMxEPFrx+-{~a%+XwISSp%MOdqV-Pbve6J3n{FrxT_0
zn0KS_7N>vz{{7*c>u{NWkx6|*zp3XkW<p|kIPQn-QA|{pxPVJRQl7?BVwAhyb%&5z
z1wm@p6O3vW*YwjpS8x*IBdG<=r%KJX78*sOm$QMHt_qv!z89#_PU)%G&0dA~0yQ;t
zEj&2U7x_0vA@vzQpm_HZTm)^V!z1Tx=??Mrt4k1<U>4c2zjb{Jv-Uzr5_VqQz!-){
zFFC`$(RJP=*pfHl%PVY`GJ%`DnO~fHK)PDfmcYNsnu*)WFGygD-NAZ9;Qdc*nV2V_
zdo-4ZYqFHZEv#W!`}-fV>$DV0hxBo3*DG>>lTSyB?7pz2Q#-&>mKdAZ1CnjoE*u-k
zK{k2&%-xo0f&Q;y#z1>a{CMc&??D!b=4-(;lsnjY12G^Xrmo{t36;+AKrXOxadmzw
zb6HnRh(cYi9YGh_`H3SsV-Q6}@XoC4?4Sq3^yK6)=4B^JRO~|9$cTD0^P6GcoN^NH
zW2FSn#}L0rdax5ibVNo|o!f4g3-i_1bl9Ig?6A#tLWzNC-ge%McQbsGJ=xLX;n&w6
z0R@4mV!A^gEUm3ACW}pOXNSLwP*hkCZ!D(f7Z-2rQI)xFswRx1B0I4Rv42=|!YtWw
z&R7o0F0Y@xv;jb~Kb`MAhLlT>ilXoa#0+(Gaoy6Iofet9X;DDh84pzQ6YWF{AtBjZ
z6e!-y%S+Uqihp131{Cc!QDl&6lC^u-KQv(&LEqtO8G!5e4PCNYEbUrVtCPJy4#BuJ
zDs1>MBW7yy$ui5m5}IFqJ3qgT6_#_&bZd`26{dvGX=6q*^(mAh_$9?Q#wvFmtbG2d
zKof?%!n5fraUiHMD)P?68L9#l=YD#JTm!l2EV{6^6;enV2;lup_A#5#V`y*|^7eb6
z3x9|uB_&eOAksLk$NwYhPF>XXd@Bb_!)^E~_1zI@A~)XjkV)g*@BHAgV#(Wmw8LM2
z$%)kM1GruPf;;%lm}+_>2i@aT7al}8{Cu=7Ff7h~G)`=*rXxw!+^mr^jygXTUz4HI
zx{xx&&k^$v$}bexAIt#QQIj~DmkXf*(_x4;j;ND|pz$={x-g=(D!qLv#4awy=A%o2
zA<zC|3c!wo8W!2-VZ@T{_+py*oNvn^x2Q{N(zL=*to@qRsN<y-Crc`O7ULliWW#IH
zalM5O#nv(O<=2Pn+|SU|*tT3VKXqvnAU}O~n+S6q788UMNp^vmjKeG?A9-8RpiMfI
zG@h><cqJ%}VH2&bF+24IpQt490!5i3JsfDfHv5V^6TKq~Wrd8ZfKs0UdrwEc1i|<m
zU^%FXC3=op;=DsRq=5!aG;(K~XvFNn-xfJmWM;u3gyNTPPA$O`Zz}p^rmwn&oQ%<?
zc&#Jx62D{06}{FXL*vF+@Onpqzl&qGNvO+>k6(k}N)5BpqK%~?R57I)vaCoRvQ)tf
z!cGSJbxMZhJ9m8(uC&x(%X+y7sO$boJ5ttjM<Et2e|2%`TEo^K5#Rc)L(q^gJTLs{
z&X0VM-q&kDd>0{~<hBz~wv>x!ez3kNGbRUh1o}v2AR^?;(DipcOewUg?xmEckJ9;e
zCh6fs;}r@B`1O&<b3rTbzhg#PL<5^fF%hZ!<AHkq#>r%|hr#_xk6Ez+^)&MAzyMgv
zcUf7%Ij438hL~z}0&vSFj2exNaIKO%9?;O`BdwYLyCncUh$P4#t!>-d%toI1aruOy
z?fTnM&RQ2LX7yP>doU{bO1G|&Jz1X=W9)8V9+u>o$TI2MLjoKM;756lKadu{_pUI!
zWi@2D`qIZ*M>rMqHH=xKPwc4Tm)rt}SxQ7avkTZQ^;djJoub8_%cDrFz`nZYyCpUJ
zeJ064(l*r4t|+J0s;Vm9jiP1+UaRV9t8WY$w+Gl_%1d+w)nzl)GKz9@Mncag3JsyV
zyzc`$335dirie<tSQu;AaE1b@oeYeyb)d-d^DaYek<0^a96D<R5tZwYU4N1Km93k4
zbITa32wM^J6WbXnPrXkp#&$gxt3Ya!Ga}O1^8GcA=aBLvT$w(eZW>xOG7^DHlb3#b
zIeeDYXXZzH&&r%;I+C2%R7Zp^hx&ACnNuXLg&8fqK%Hn;&(~}R=$pt-O2jzGjXm7q
zcNdej+|fep5+98?Q;nq+ArMGwAA>S(uiVT48xy?nXO$s#4x|gf83<es=P1U08{uC-
zQcd$t1?Nu~C6UDw;ZW;1`QBDDK8qpC<#2ywN6Zb3H88oJU()XW{-Rlse3z*w4f32w
zGfT<yn>(<m&41v7#4A#U3u82lMR0z5WB95kp|q6=f|BE@27GPNeb)Z*f`$ttjI<aB
zTZvhIRKL_F-E}j~BRQt6%0CFg`?&kJ{_0*%zkV4osA{Supu#4VQqK($BX6!qnW-+l
zTX{<`ZNmuhl_pP&lD{xGICTz&A(}Wf?EuVkeYFllekAwnHX;1<`wld{hr>GyQeQq*
ze3$*SirnNXHGL&e|AUEc=|}LZDkU1#!GN&UgA&R1gF=j9`|n@-M=RbxHd&VfJT1ad
zdr+FSxaflbO|Jpr^3O(I2`x-kM!2y}r^H9Dew7l4#@i4hRwEm`m<Jm+pZ3{Y%@ms7
zwm>^;e4E4Gg&t5g(&A-V^!SV%4_+AY(hov!prB3yQ`NNex{C?3e6AE>zWbBB5}k-m
z6sFP8B-{7&TnEgKIy_-wPJDp%%4O`ed_YnBU3r4tfQdcn^Yxlr<dSlTOAo0A0A&vd
zf_~sw)=7S>Y{r}R&fBVrCR0V?6KfdhG8mhlFP5Q-o=AF6RIO%>*`uGU`sJ7Cfx17n
zBXktYEOvu?HP7tuYSz(bY;x)Oe2>{m`Kc}fvqRt@=1@j@YZQemx-|%^L=!=2v~8lF
zcPuR(?xwXM1PQnV0f>4PmJfT-Yj_uG`E2JX9XrB~zDXzCjP{6xT7yBoD)G9e?ys~G
zA}JZZN+Bq1=NfMLSJmqy*HMELtm7<A)3cWpa#mtP2xyW4x8%BkES=Qw8yZyVrVuV-
z2kE6?e;a24ng9zDU@`2wM2MRh9b!J$Ma@0GBkrlsHD$PbK*XjvRl5CjJu#>sqpv>H
zkwR{$0p&Ss`7NJt3$w`j>~oD6*Rpi<{H|_hX0@v`<V+LfNciB<RVn2jmOI?QE$e;D
zl4ekaH<bq^Zhs!|;@SfmIkbF%HPE<Hv{O;d<!S=v`U<;3&Pc!)o~H-?6;Kl%v1U33
z#)_qT3J2p{mmT<+t%1d!#qQ|k3v2SZf%0T~GwuVXVk|n(jNw>m=6K3jtYdb+h#j#>
zY;>tdIT9$FB_s?>6BT1p<AzT=>?+1+nu$H`NGK$5P)w28YyhZZXJ6~*`M-6IPou$w
zb@|<{(vOrtC6Ik}1QZbSvbqZ^xYHsWxbjk1M1%=zWW@v&Yo6-V>;HyqX0yqO%K{6o
zMnDOmpdpl;n2JeshHL?{74ZAN%(jmJVUeIK=XtonDqVcLTP=!g72^0zP$Trny2y2-
z=G6?(p0Xcc;CiKQw|Fd}i}k5ElOie@zT5$L?(?iV%7hf1+rC2I)KmBN`1H#8ZcFAd
zLCV7M%(;Ikh$rekv9kNB{o_g&k=V$?ia^8ywXNpC6>>$sG{$#7VrJ!3?h_3GZRq^i
zI?XRoP5qC;;Vc+wQiF|y@hd-RV{u1){OuG<HHz;+$cVD$OHU?5zd#2U)Kh9e=;2a-
zrXEZ_oJ2|@a4YrFZ{z#;*@j|KLme>#GW>}8UQC#-Zr&_rL@bx({sc+ytg&WBy+V04
zo!B|h?h%m_K_P?M;vlUg=)^n;;^{&HOm=*{tqj4KF)A2@d>9UR0sa}&WWD$vbmf+V
zFy3cvE%=}MsFO+GcdBTp;`%K&IZ3UBV)sdax_i<(Z#z^2lRxOu?$~un1Ta7tiQcd2
zB&$7T(T*_+So*ZdjpU5PIr!{*P7wLDt%_hc_s9z0Gd<YRg&jtDu`V+ZxH%?Lkq}n;
zN__MgSo+DbBHPt7?_!6Gc@L<?EiT1cLVoj^me)5p58moJG}Ij-K%!|ZXCZobZ&PvX
z0~-269}kRNWZK``O&V$HI4~e@2$IU8Hq*7Ry0{i1mK`>%3Ys+d8Zj!GEl7+=A1{09
zg8zMn8l<N>@Gkm;Ugn#KEWLY78H6bH)^|aX+yhZI!_kS>@y=Jzt|HXB0!2!~qU4a_
zy`SuCCQFjEXlKByQ;in)gL=X$;u}yuhXHZ7Xv*e=5{r&JQ+5ov{Bljl7JUQ946+Gm
zDt|~{E)jp<QhPjQ!XLa%m~24jmnsGgO&*LdZralR_-^XY@vwE#&Tt>r@v+IUU}YnL
z{fMJmP2SJKKylu}JbSO3U1Ua6BjSU2iP6#Z)GtOhshMEV=*8K~`|pwj-ovqrTA?o!
zT=GlKpQGrT85v8pPkmPV0H)Fco528XHa5m}8TdIW9IvtHMd4hg{C3K;#_*BEjt4ZV
z%=V7Wimn-}8-stfSo`6i7^B}=hiz(tZx@bkZrn`Y0UK`6uCv_cXyy0nf0bSB18InP
z!>TY>JS|-j_pU2iWna9_-o0}#L;Xorg@pSV7v1!Lv~u7yOMR@TZc=bapjD{;0_U#q
zw2p3hRqN(9plVY@z_gM0om|cI%5~omn^jBPYu+!p(YIJ{a(@zdC1H*cS{)56r2J&T
zJ&icOR)&5X{~5}=rB>m*5HKx(Wc5j~+ISDR;V#h$*Y-+Q=^wLk73Y6vH9ZAj1ga1_
zS}g{XZc!lnz@xriRD@Pf$MyV@e{xi`|1}lEw8{=wHypR{*GCT#VFiJKjGCq$`lDlH
zS{E~-DIA$2r#aoh;po(%dc}P;ul%US3Oi3vxW(8}2Ln}Q3D5eZhTXam{&&W&Z<gw_
z&$`p2h|-Hkea>0<&a2ZSqvQ_Y6jU)5Ktk*i1E=8RpZn1%A^tE{mvC&RENoDDvJ_2m
zk`spL<IF0Oum*rJd4)uRopm5W^+)GAv9L6RSezWRk$1&dV-@&^FZQk1b16zJqBj#g
zjo!J7ZQA?&KfT}OjOAhs%YTzvoEl{Dlf5l%lDy|ikzQG6=`!Xl_nT$>`luH&$8eaY
z$E{>4!S)5F<#9zK-s5{uALbDwo$Y-FYK@x#?mcSYLDQ;lZIky&#?YHzk5Toi?RV~a
zW_>xVd`C45P#Yy?X~XtsEAuI=6rU9LDWm}k?yw^|MJ8pDqbGm6@voqk$x}`m!RM?5
z*FG=(+EU`WtEkQ$XK@96_AEzEuO?;tDHip)Qv77#Ci^!dVpjU=KR$Hc?hZvKAia5I
zz4Kk5O&7~a9^+R;N*`A-Ka)P#y<y0)>Ls!X{<9)pA0$mM9G*D{<kEZ0hn4lnYm=Pe
z$I6?WSc<Z2<&IaOnA!4zj~~g`U<O*9YCW?$5|ZfQcH!Pgq*ScWabh)=7YHm7y%?ks
zVveXs-v)sB*2x!GK^P-LCRi7>xYC{B8Tf4hU*42uTA%p-@J)2-ZVT*LV+I&T(gtG_
zhJGTV=t%f5gFL}-NVp%^wQ6;m5tE&3Ffkj2Ku3cxv#wLMBx8Qq64Z}ub<-?J?f7js
z6f(m`fgdo~&DQD6tVVK$e-@>~(Y>6KPzcI@BwXGrWs7dy80V{mUQ}QI{)!CZrD|gJ
z0%Dtg{EU4uEHSa`^30EHj9^Zn>-M^0M0+1!;QAA?q^(6YA_otebpAXs$mX>j$+B90
z1S$V{T7d|LI|-lEkR{QAg){wQe_p1VzEZt<10QKxgP*g5eJedZQdC)T!e@N^(RQ=s
zakKtKBwVoC=}&7(^{aG(opusskUtD#;-J(RhmLd$DbAW`C#LB%z0apO*kY|Q#$m$P
zY-cK2iuA0P)iHS(lA%sYcljne1(7>hsvRUNj`ccsNkQ^N1PMW<K+cdcXYSL`Ya0$C
zjJDxQNO~=lg78}HVPgK(L4;^dqH0qIDfVQ=VVqLj&W6uV`~^Isl(vWe)iX~@ZDtTj
z&Qn8t8zA~{auFXP$i33Tr<iP{3bZJ=Pp%M&Eb+Zx<FN2<PM5v0pVY57&Jw!CHIV(Y
z%h<_@y6W&ibxJVpNcB(93l$pxd#{25hPeH#&7Ca4dhWgyk=q(=?Yb(%84ZzFQW!;A
z$1C;XPfK3KkMx=42LRB5reoPS90GHH{l{&gEkGL>f(FC?;{=eaTUKNZYezbjCBOQ5
zT@|-F;1Ebqso*tJ7+oVVO+~We@2Ow#WyL@>-1`(qLq5qVt1^@W<M`J)bAT>%OO4k?
z@Q+ORF$`=Umyn^!3efSQr()X4GAWdt(ba1DcM1Koh|u*%r^#tOOz5>d4(KiX&bBGf
z1_iavOdoi3jqmTiCUzy!H}G_ooHr)9p7V|H`zkm54lpJ`#|SrYLkI-y2J|pC5zz7n
z9n@YAh*UGu#>gU^bO2W7Ax_I|3}<r~6~|WdyQ%?q%OL~>(I<}q=Ic1!j2Jb%^36_6
zUTpm{*l27adMuDkPDWYN;9y}AzKLmsJJHj38o*Gge8Z+gX!0nwN8hs7nFr1<O?vw?
zT4zvr5kIhUC(~tTw@Dmw`YW12T>>qJKQkIkkC9ed@2!FxyY9*@H*=D<wVIJ%=pC<s
z{qBo^OE{Qop$s5+rWT``uSdIJREHD;2=%F+X*_vcIKO1#^ckD(OiR34*^|~ROX4)z
zLt%jYAK#diRJ5HjC&S}Db&KZuHH%~vyx>zYz1F#Y$#oM%dEQ=q0BoLTQ~#53+``CW
zJ1c~T>H;H^RQPQIwU?^=r+%h8t3I(H<w-(TsbV5C2Jsro9#`QKe<L#iItb_q>}mR@
zx~w5~bOU-^guImDKy(9B9d@}(tcUs&EHs3|N?S$W8aBgRfr+tygB>&K*j`KG#>Nz4
z>Ffa`b5pVh;TrFl%KgZ@_WUdYp)A0AoEg2QP}9SYWtNTf8L|X=!q6EEPtivZenrzj
z&enQH8ciqwA18P)e2x&QVu~Zc@mnI8+Uf0%t<~+f!W@Z8uJLGnX772eCSMb>`;x}`
zmalWlEo_GEq9j&B!6?RsmqcTlsWd-7c92rRZMCJ+IN9e7R|K*Q8kWN`Yx!uYjal=J
zjM+$X(Al@u&CUAMVO%j32*8CrKoU_Q@cr!n!#F}^>iA1WTJm7}f6<(}9K^jZ4}(_y
z6A5UAPkWF5Ciut~+=;r*Cb&{X!0$fYj;yZ|I#8w4Q?i__<flX@=AlZwZq)GjL$4KT
zY?_#gdKiGmZ~NQPRr!3q$Kp%z#cIdJrp@lh^qguakb(cl?1OxXT!LD=ow#PsYhKl#
zx3(yLePUFJBc-3`FnB5X=uD*l?;`^l3;7~D(ZUG20wvY(cnz+^z3Gb0x}&@AtI_oI
zpX_lSJ#xbRL+vJarxE&x2_(~pN&|4uSBze7<Lz@+Be3@{Z{~+0+fXE+s>=IUKR0<X
z&A<AgK!y)j-%!A@8&u@?Xz?H)`LT36zMn)1rJmORYIf&K=jB~`7va6Yyn<gZTZ-+E
zWK;%n@luROkHDBak#*Vk`BFQvbqH|-6hY)j?Suuodh+liX|+2VDnU@!h|ZC!+6f;n
zQ4_58{yiI_g0#JzzW(=VgPoANOy7K_ov;Fqw0!>ms@hO$M74-w|J+ZpfBlg|tyAT=
z=zCP-yxvEUZ<p(F^U-GS=;&;0Y?h>XDoF36Bmy;Ml9Q*e|EIFLtfv2|>>s_hT}mY2
zcLndasY+EVPD90%E%#E2iM}~l)w<T{tvB`MfuznEQOrV=>=sh&e7-i@fr;#fUuO;d
zH{=C!J8{=<M?&9QzS7Q(yK<cTtda*U7I#_e`8BTkPzjPe-?~0psYX5AfRdjjruo!6
zp~6{d`5ZeD!r7?t(?!qWPG-uv%d~CYP~X;8nhbXP4aPiKTp-w+Dzl(aBlK=4+IiRL
z|Ihc+*Be&(^gFPRS;hH0J8;xQNkX^WiIsqJZO994!xbk32g@|42U<skY55&d5Xc7<
zKm{d6i|+*oxHR<sP`IZ4p)Isl?;_ug9lhu6R%EH5;yme!xE=qe)Au$Vet|Z43j}pn
e5L_ERc(<9Ve1-*CnW*{kNI^zbx>)i};Qs;L*fk>n

literal 0
HcmV?d00001

diff --git a/docs/installation/images/ocean_gen_token.png b/docs/installation/images/ocean_gen_token.png
new file mode 100644
index 0000000000000000000000000000000000000000..044c26acc02f5849a51efe366ec6c8725875acb7
GIT binary patch
literal 42803
zcmZs?1ymeOvp>AJEfxsw1PiugaVL0!69Nfti#r4e9yGWG7Iz5{2*KTgW^oNpkj35g
zTk<^b{oZ@-e-3Bq)6-K`Q(aTl{j2KFYAW)$*c8|R0037}K}G`rKmh{)NC}weh#o3d
zB_{x&@LEwu>Wv4|?gENq85T*%N~GOft=*iQ)!stqY^~jafvG4_6SYBF<?obqF~jYH
za!bO6p~a6`CEP0V1$Dm9a73sPv;dIW*VcxYounU>?S|5Yns|E1Oe1-EW?UUS+<`lB
zWk>wyQC)vz@gb0=^^J{vn$I%lBi7c|=Sp^yC0btp8U2R8nMY$G2c4&iFd$FmN|gsp
z%+rM;hu><y(AaXf?!*54`T6*5#IE6+H?ES_=H})YDy|4FkF1icvH9dm1SV*#32OQd
zzmrq*GQMPXd&Ybjl;b}dcpXTkqod;y*5+N@w&yt5))$xRha&$Uwq{A&;W`{2f`p|9
zbI#QQi)AOCStq=iD1N6Q1>OjY6jyjkOgt*JzP=uchVNVESGjs;$C8wkl)395!bF9a
zwOx_LpYks)XzEKl!kAvw^9?~ZV(bip>RxqgLcY(lGEup2$$f*Esli>+a%lM!8b6;s
z`MgTZJ!*OCx+HYpJ#+yly(X>iGi?1S0UzuC_oaF!h-qGsmhya>66`gU=yLz@UPd{W
zUp)_qpXv%Lwsq~3gXe$!c-rwir=+BW=v1=1yBmJ9lYDhzb9{Vke|WK^r>5qZ*5)nm
z>wBM(K>j!*2wi<;YnHXYfY)8_2tX_>3~#1%9rTZ8Z7THF93*uA(l6F>9Y~p##Z72^
zD;KP(q47i2kqoZj6Q4Yia$o!UR_e^ZuI>JM=c4U;yEKN&p!ssE;B~TilUaW}>Frg-
zzrypUpeY}vQ<#qC%Ek<*2^_36xWE@rhW+kOk|gerVy24~Cz!2?Yr-82Ya%F^eZt>4
zzOKG=Gf2gQZ&tqujx@)7G^@>Hk_^s5IrY-wcN1LJ&{H-@$G2g;H%FTk<ZXu=qSSGf
zKqSO4e@otvHGh??URA6=0g~oP5blOWz>WN_$f&=Jb_)vEz#hrbxyVE8$CQyj$qC5~
z=6+D`$~R@cw19@9*BOe>xqm7DmmJ_AUPKI1{wA+jYl6c%IR~n!e@olE;<)s=kty{+
zSbx{ykyva4v_aJ_S95UUxpfjD&#GHhk%M0g<7L(h(rb*RP4}lB120e?2a1}}Xry_R
z>Se!ul&<He5(kOM%LkwFEW@>fX4yJJ{>MRm^SA(-v+M?;`qJP1)+7j>$nk((bvJTz
zb5UH~0T1n(fjGAIlVVw%(vQR2SJ!!{EstUwbTAAaW#r+>dnntY^+-L?c*vhSRkh`C
zc^u|A2qO|6$wlF6)%;BU*zpti_)CEB0ssJLl?UbV|KGl;Grrl*saI*^PfohQ!X#j^
z7<Y#s{bW>B)tQ+zJDZ!(r{fp72cMw`b+=dJxPPm|N%mRzk$X^C)+gd~FtDa`C?NP_
zdz`;WNO&dI%EqP&@rAr20$&@PiYa@I{AK7dTqu<E^eFbT-^fMI?-wLKS^AZ?BK(B?
zW@FnsI~H1kn_i<A`3F(Zet%qLF_Og*``_%ToYToO6UKx3igS<hi?;69B|Y^KI0DU)
z-1ukcouH+KwYG|vmX=oimRm|_t)mWuvgu7))26iz(A>%v=%4HrXWXnii#)Kee^|XR
zIp007*~Jh_v-R?7yOTh?y@$!d0mKSM04|#Fj)SI<nG_0K)!vmERV^%!I;#+XrhNpg
z1$-q6V=G^`5!P0<y@4cqi`m9JG!DF)szyj8DMtwY3FMK6o#F#$>y~D-jVdErNq&U-
zy)$3(HVs@avz&^f_+_wYE5SW)a&UEn-E=)i*fb-t5l!3u&DJhWQT1W&{JmWQr^3YC
zCyy4+Z`Nyxya=)|kVyzM#nbQk5`y(FAKFX!s~fjb{-w8G1&#gIb?)z8Wyudy(r{kf
z@*2Z^3+DH4-UZuP?$=E1=Pz8X2GNePjgL~|XBKPO?}HF}GYKICgF~Rd$7XlrO`h-l
zsR-ShJ&@ToZhO1I=%W3*0=w@0eF+JUon_rj51!2q`S--J8oTq)vNpRY4?17R2g?fB
zt?;kl`uBt1^*5wkckox=wiJvb2#1l&!C+)28|&M0P0OY9O)zO0`8W4ZX6;b|&keWU
z{K#5!m@1oD-B`?ed%2olQ9}<wJjBx#Ms5Pxc-Hd1^>RSCX`~{c;aY_7#;2eE#<1n4
z;@4ht1*^f!^I@Hq@~@Q@&5Z_C2Nn)L*5{h+Y;@cBJ}}!kf_xH?b~dR;wyY76>`_^e
zmtiUAnSPb-c#=Pu<|tYbA?$o6)3Y9bHO2HXp4EQqsn)V<YML$Hce$@?g{BcsibV@*
z)eSe*FnoA32{AF>fB5yqOS_aSU&{)XqqN75xk64(bNz5Ii6z=sQD-AoSFk;;*=6^6
zWb`L?jb2+v1gg$uxmGfcCs8W;p0ajn#*_secwMJ<U!Ne4ljIJoa2*b}8BFDS-{|@^
ziQBNeD-@rdkx}~Fw{MLpQxg;UVqWL0Vq*FZkm(9TIIVHRy~H=;Z-#9K2q%86UD?wk
zw>MX(I@QDKC-iGzV64$?=Z&G^LsEvBva)jfedNxc?g-%zyU<x(4UH$_>tplugL59z
znnQe+6a62xc;{oQI#YL29UG;@@F%|ZwhH44>J@#fR4%!wjNyfw1WvV#<xA=s8|U!b
z&F25EvKYr_6&9xOQ#<6myp!yENg{*Oq4Y*oMBDvl_h|TrNM)@3?A@iW%lOLB)dM<2
z5VAA%?FFuHX}c08<VnQ#*;t_&%{iQ$T$!)_GK){KJ+hE?cuJ%arE>kf2Y;6AS0-F*
zhu1@-o1_U{lU>;uP%C~Yc{Pi&1cjgSFV1ixrHGiA>DSyX`Bx`!o8LdoQ~7L?K3?oc
zDKvk@d#kNoq@E|YHSmS~Be=A<cq9mm=#84B5bBcuw{rcafz_i;!)`#_(Q5B1hOqm7
zdipyQE%;D|*1LCK1;92Vsp38#+wZ&G_hxHS!4}c8x*i^abHc9j9?auK2ZLWH1T4PT
zXe#BUGbPt<3q-J=T^3rSq`nucs*+pE(#+v0+Lm=Z@2Jt*uC99<z`N~sx;aWAV4n_1
zK?JiBzlZz%o~Pb8z7hmKVuLxBLF2mZT>?Zso2p-{&hqj<f5hK$2-$RZJmtTD$1wY4
zywGo}T%W^QJ>B1I1@tKg0*}wP>T?{@1*Y1@qK5Hsz`$pS$^R^6H@?#NaDT&R)DDQ2
zB|7}AZp@4dW@9@0vuCQrc5`=%Dc1N*1>?`JZrxw|)tCbzHnIW&6o2eAbl%p8cH?%I
z&xL(><<ue@+-$Ot<6*F_S12}WF7sg?2OZf23k&Px)p~L_D{IfDFhiwoo&6u8UU9$s
zX2;!9?TY6jBDy*%D$xKMxzle$Yp`vVw_h6_S3dDOES5o`WX6&EG2~#m^e#TK^SM@^
zrf4c522?&1kLhy#?cY^J{I)aMFqqQ0Y4yxrXdjj!%=KVVf2|*WvUR#O{z_SS5-~@z
z28t|%0U09h;mzs><)V00g4t1&0^xZ6uBMS3nk2flwmE@Dl)W{dxu8osBRSH~+1V4o
zLv`*42I@3yY-~uODW8d0!i5i}D`?$zDM|q%7+~*AVYgS26ZN988?q53Usbcjg+HDa
z`)e_<4PD}bnl|SVPpk<`mrJ*3luz)<rQF<5nk2oDwQRymadA``*xdbH)hS3r@N00e
zz+RyUv5-nvMbVo;x@X(5y`(-2!_$<zp)Q}qX|g`c(k(eVji%tMnYTm%w?|hIvTUE$
zJvDf$JF#&TrM3No`#VVb#_RqHKIbpu_R=gQ_(#F5{!PLB5faHjs&hX6Oq*X@vq1%j
zA(g6E=t%#T;=%c?fq@F@NKF?1Ui5XLnB(pKLetzS3O&xdK6@$X=k0GXKk-H`bMs!=
zJWndBRM=83m{p@G9PY-g^7%-=dq;vHVeg}hbkLS*Dza`nMMTc-Pw`;7ba+{_{z3J~
z^Na14f)&Tq7DbHx3Cu-uH7lu3kakI5_?^zQHmUXa>6;B~zz$#U4{ve%AUP7634uTI
zRjtyUK#HAUQiG8MRq_5iDel(G+)UqVtJa-Nul*JAS;9wK6fJ$>YAB3<y@Q8BN^{Iz
zal*qC8TR=YC>kG5LCjHFcCpop#&dmArhVF*68F*DDt+u11u`DEprF7x<Wl#C8CG76
zWOSiY%F8#hIHX)MW(+30uA6F8Ha(H#6fev$ml<ux@)d2z5uZF^pNuEL5$11xkjn;)
zTsc#eeDtMESRaAPpu5p0%((c31VU*Fkq;bM?<-BvZZOawmu26+X)U$-^cTJT_P%>F
zs8BggP8gch#mbLMJ6hHqK?-Jy@UEg6RT5&Doha4jJ}*)tyh|(v$%qgV%Ft@wLWa^m
zv&zKU{0t*R?0zVhB~u)u{5yep%Q8ZJ?4GF4$#O6the+r2!kw-%W54b(-xso}4~u;~
zUH0&g9`!}#M%F>Wz*`e+4|p+|Efq-6cS$gJNUNM7tc7s@7_)~&x1Cp%?Z~iY+C&yj
zz~^TGbpXx{mWb!^vvr`3y1@ixEGy6{l2!x5mQvIMbf!r2RN>dT!8AVn?WUx2l}h2w
zY1P%2aBh1m6tD<U>YH&_>GiYev*S#Pg_g#F>nzHT9GIZMEOio&ON#Y_0aOVpA?N(g
z&Q7Xo<i=`0l37eQdCxH}R$Y6AYPZ@WO2Zr)fO@uptgP&%$X?2xUb5A<33fNdx%LZ%
z*J-|hP3(7lFF)*bz?yKMG;Y{xn%iV#{+i8pcosQE{q@9cNai7d{MXsnnSg8WTTGws
zT>h*uN^I1bgO%$7i^A3~yo&*W;soPMKW|X)o|`ANTHhcm8h&3Lnk=;Tk%fv=f&l>)
zsz33jhBYDE82t&Sz9K!ek~6-!%!;9<L}#2RUujvCNB@ku3|K#(c8D+9@fr2mo6kFA
zd)+(zq{lf@+!B6iJZ7d_xVielK0CD9`}grt!=>?uZ{*i<e{@=IXhEx1&qv4K?S!>D
za`bK$v5lXO&PeGQUgUGB*}DYaGrD{c-yNGqDoSy}_g#yVuXlImUKSio6Hvt$zobKH
zaS)Ww%gOonc3nW20TnFepK>}TcV{K{tU?*xj2P4OP`ou;1+LM8r!+Bhyq#sWAI+uZ
z6s0=!$~u*kg818#a>QB+rC2rVTdRVOP{bmMFeQu(6*I4bEBBKo_#0-xC;H{z$$i)i
zq(@tFe+XY-5>cQspgRTiq4@(S%70mca*0Qb%}6_T<V*>#!nE7b9VKnia3BPSVMYwn
zWOQg{qlXFto<?aR(QzBi&7uRLt|C&KGJNZ@EIE^<+6nmn!Ets&!Qb<D0aU2;o$ATl
zhH`*0dQ{ODtJ_d#3z_ud*a#TFO(wYyXLvN$K!(*#P8=Xm%ae+K8Oyz#q!M|sM(&T~
zO3;3ZHG*2UY?Fv1{?mc3ub`Ve7L$N51tm-oMK0fer}1DSG*DdbbfLzdJ*eiyFdHWe
zSk29eXEU<&_G19iJD2IDB(Ivw_krJu15=i`kG55RHGg!KuJN@oIw1<oc)AkRNn=3k
z0d*QpLBk;dBt*6&5nY1Bk3v9!6*uySmT59){`B6Y{!RkQ3~}vZHzP%$k(JzbQH*W}
zjKWLoB_6upXa9IhS?JccVd!#<P2Y6bCltHfr<i_2B401b)Su|{vNmx0RQhI$PUbT8
z3p;#2dF2yr09)*H@}3pn3NIdJ{*l-AaiiGpo@TO^pPY4aha9EAfzp4sII{X~jM%(4
znp3n4f7Xo(<hWpp*vgySG_&Ut8Rf>vU5ppZ0tY$7zaEftn9nxEyzREpx-$3a&t-l6
zi;K0QA)Yn*{B8H9%@N}n4hr$u_i4(!%Mj!*)o<p`rk#A5-W%M{4eXlo-0`-pMP`WT
zubjPmukS0nByc&i8kKY)$L?9xtWx=6b2P^YeK3TJ5xc8Br_IS>Z>#_(u>ADI+F_Fs
z-F6g-ENkBV9qp$Sx^^I-tL<E(P5kqgo@jPOnq7L;$p*2H1x!m>G@hxfY^ul$F2Cbt
zTCt@e=SB&oe~GGhXKh_iqeo0c43(0(9Ouo=z(mH|rTghesTr6~-$=;Nj?OS?7{>6C
zuqu5i1A`}00a8tE91~j*K({s*LH1MBB<Y0l72&szAac2k6i5htA)#-W!vLBwZhI``
zSkATQHqjLsT*h*}Eb$`1NM32&|91~2pE`1`SRxWN7H*mik`t!uIR+~tHk6MWzoIsI
zN`SUetj(YlnV+Dt9if6_X-at(bLckG&A%OqW|*yM7K8!#;M>)}%5DK5bOXZT9pDal
zN@2H$w|MK=vCTBF`UA2!QKJxNX%LFWkOEPLEuC>;j%?$vT#mYLWn<1LiA>WJxbI6`
z;U&)}1(wvT-<A3{<!j`rOxmbwRN)oyvey=C4bi+OrGg%1-FNp<j1q1`E#_HOvnTA_
zL0x@RhpX2>0P%M>O{L!(w@)9)_-)DN01Do6L;lRUR@H8WF31}Dh3L17vmheGlF%qb
zL0<NC291(okLRrI>P2;Y0y=8&b%q5xA$~-)2XEyjbdh$!@M4C?2_0vNSK-R)*i0;=
zLC#MpGbe8nYxWI!PK?aOkAu(e-+oY}1v#}f@8;Hi%sU;023)7eDgjdGG~hgF-*92J
z-@IiH!go7`v*mW!yWC3nyNygg9pmZ=uiH<<_oz^g-PwoXlicw|TNvngaUWW*Ncyj&
zIz85TlTkp|KV&^fzGSjwTr2H5cF)2S$k|UdhM0rNJ$!y6T>1~pCss829tv%@7?@&-
zwKK;vbzRC}X@`Xmb9Nm2H1j>1bAIPlSx(%R51q8WE`CK>aNiD}prtbW4keHgWO7}b
zwujb}E<vLIjhTwFq!Hxu9!MvPGrWOS`l1Hx=$@KskXC%SOYxNQC#VItZ>zRD4?e}T
zMLsv>E}we*JPlzRN^q%mI<>Gey3Lff=!7d({4So90qJKUcZA<Dm4crCiDi=y)4`<e
z7!DJjyUPh%CFl=(_Y=<qa|OSj(S+bC^4OU(+Voj+aGbsjXd1{2^AM%MfB?uq(i3Qw
z#zDwD!<*opFjRo3Kdu#o)*shN-e93?DlrD->B9>;2irXGGTD%7e$Yp33RtYfcBE&O
z>w8;_A7oA#yTwG=D27NJ9&#Zn(P#F&na<Kbf6(INYT!*!uZJU1v_H9G%5wEiOo>=t
zaqx{J_eYh2v1kq~VnXzKKRc`>aJ}zyWh$4Z2;e*>Rf7s`TTS7^wJ2a7XZ`{GC^n_8
z$pNrBh}NcUp{kX6g$mg8I;9Pb2omP#RFy-+hBM3LCL=aN!e*1pl1RTtIN}sXeoJj=
zl$Q3sN1Uq!v$(#Py6tyQ&7tQlHEogD3gabWnVi-6vCQXjx3chwBpe2vVL2YFFv15&
z@%~KOzy99Q=>>e@pK_<gqbHpeO<l-fSd+^c@6yctyS*z96D4ek9143bRPfquOXgMB
zsb%tX^k)x6uaaE8noCqQlf(GZiNY5sq0geVBKIzg&<Q3V4YRfn*!v@slu+;MuZh`k
z_I98;SsFk8P;FZo-@0}H!E1L5l3W2{gN!mm7G<qZQaEvRQxB71ZL~pyJ36cQT#DmU
z%WDmQyg9lPMycZK@J<fes#n9C>`shdCUlAonN$lngsEU7Szx;EW%>(6zg2^1W+PC7
zS1)CYsK13ZS=gV1r5p>$CsZ(t=5tR2Ih2e1oob&YQr$vHvWgEIer6tWMJ;;~Y~yw=
zxu+5~PqfsRa*Zhd1co+|J(ZVX&><vKx^cw67pC6=26QNJEO%NyN5<?3uf#KcU5&J&
zk_QMUV7rGKKbwj=WqkWP%ZDHx(<WC!MhwP6(5mFc5RRmPcG_WwN`afCY7}$|mhFk!
zBodR_MWMw6=W=0+4&cuG32+|>slJx@)gerW5r;ot{~}w76(t)zK>6M?6V?COfec?U
zsX-1kD`VC^Ikg3*%Gmr@O_tgO!|i}ZV+qNiW^B{^Om9NBTvHQ21_zm~O{y(a!cM)w
zA6<u7x4?&-a<<n4R0zm^X;T!52!nG1%RFdA?y#|#d@19w+t8n^y!VY{Es{unoazv{
z8g#3&?QNT$&hHI3SaV^D<)EKK#oL!oIK$(XhQ~YZf85DX#hR+*0(fV6%yFS=`1Ah7
zM6=X#@6_!t*+B|sz*whYSiMCo8MK|2RTYC@#;BfLLpwe6W4i!=<Tm`oNq>8!gXJzb
zkQ`&?ltsxMh}h<c;dH>fY{`?_RJ&WBi^Vl)7}hBa(u!797cji^11Y4ac`IR*nk-C!
z0|WFp`Hij|T_sR*Rzz7$<C3Ig6i&U*(E}q%YZfTK>I2lwSoW%h%}L_uuYYtgaLEH{
z#EHN&g`T*h?nErkL;L{8YG$cWpjzuwfzEOX{e)L4r6n~6e&?_cAe6+JhNcqLMZERP
z=N!*@yW7oy<K5LGW9NZESOc|vFhAY=O_$0*z9l-e`m3@6fgbU!J{|ks{WsR8Y*ybb
zoX}^4Saw>HSQtcQAp5HN#qRQF`;MShba2D;2?==rY<_8Ldi0t5lFx;%cvqhol=SrQ
zGa44;B`87ncYYHhESGzZ&N|S6`?3o=+Pjvv_uM@`@Hvo-Z~qFOC3{<@*>7O3&ASbm
zsqNG7e-*>^nMpX$h@z9IQu1dI8&jB!+^ajqjAFpftfp`tJWNH-ID=k^@JtY49*0i2
zKOaN|8+%u!c2DSp;6@psi=^jM^!tjm3?y;gn@)65J1K$3ii-`*odbib@{S2AL6lcg
zYa*C`><p+P)Z|Yayusl}rv#m{%XOZVnCsHyv4({c^)8IO?^Gv3f8ZeuXS;<O<fMNr
zEx+m=T#Pe5(ig){x*Wfn!rUi(EJ>~wV=p49kWwunp-z3Q@Vm7<%P5g{edmEhbRbG4
zR%JZnmyf&Kx<E+`cN}DZOww%oy=0DHZnmtp^ZSWK2D`idQ-~+7bJ)P4AGpGTw90$8
zRFYDid>dMeovvYjFZr6%{cLrX)(s1KoOZn`2*>efoSVV$bBxn@@SFyE*9%Mu<=Ht#
z`eoGn`osJ0V_IAQ<t`DqhgAqnP=2_Ur{r(CD{N1XlBb;fgYZs9%dg_M@l_CC@cKhW
z4gDk;6Vq$3J27aCS~|iVi|(lNje2<VD}lG3V@I)#+&zNlrpboN%Uy6^vlM#&Y=ELM
z`&j3PQ`Xt%nM+6~`k&RbiA`HYJ|8PbcPgpI39J%<#`qm@Gl>YEQ1kwfPM{!JUWx3O
z3@_(%hSZ|HDHhbh)h)pB)S`J70r$4g=m*J|e~Bo)1A^C5=eZ=!13bzL#`+Ih*t1uV
z(JQv(aiB+_pwXsAydW8s;a9C~IX~X4!8khX2KM!Y1~s-MZAU)Y{h7a+Kyl3Y!45}J
z#~a$|IZDKL?e75INvJmP_}!h6;{Uuq9ap_vPd1z}e%Nn1uspodD1$H?hiI4;b`v}H
z-nS)h9$uJGH-XpkS#hMvT17|=hcs3KKfm+v(qj(ISEr?zy?1Rye&C!merJuvbWVgi
zDgCtw{ml)o!84sZy~Z<-;8MKf)*c3I7U85rCfOXmiNsj(WlR&xwKVZ5?(}@j`u@Az
zB^2lBK3S6sscj`M%{Wu(_ID1ll)^m#MkXev8<?5<nzbRmP3W?@vm`37UhibDup`-Q
zODYoIP{CddO!Fw-n8RNE0z%dxHHlJ@%KV3~OHeeQTIT79hr|M$?M`Q&<$ScJF5+ZK
zK)Hv#=X3q*as1?IZ_;xA^L$^y%%|<gQ2zkkt@}_)eT}oK(3(I`&rAKwdv3CxW%E_R
zBd!**kBj_~p$(k@F+W`v35Pvj3Q%cNeef?Hn^i8!^d8>PS~x1H-{%}B9-?mC2I(x6
zQqxI7knP``)jumu83oYc+Kx$b;=Z~+?7}COl~xz#ZI?mOegff|6bBasJg?TXTH7{W
zgT<b_Y<PYUJ=|I6GGW;;5LRoWyjeT?>3l~i9rkc$`!o<&ia=lf3M9t=u2O!7zPB)>
zG=Zg-O@2crH=W#JkO0huuC`ff?Mi!aD#hql=77-vNVJhg>?3a(--lzX#Of-vVI<<e
zwC{SiW~?yk=SqyM$mqe>ZI4Zxr^kxG*Ra4Q!cxOYD!dt+&DZCXGk$+gwtYg0&U1xE
zn?{cL?#S{(_B>Ps($l|COs6}?P|Ui2<sB4tnm`YB%&J4u!2-jjQ1P0o?Kza5%W)$y
zMZ~|3HNlsBNARhUHPSKx|K?2GY(3b>Ik9V()s)5jgEyhT@BD33RDp_U6$`+2(`1N3
z9;vw&hERaS>}D5i2HCdHnc-C#`>}Mh9(S$$UVnFptwoe~ibn*km5|hju>5~7E-qN#
z7J5k%giKi$IP~j|TNI|}p$HWk&c(aE!KHaNhm8D!YO`*#XR_y>WV`~W=F%w>y^VY9
z_`2=&DOq(_^yC)av)Nm3Uq7dN{F90K!{cs3E8-;PcDZ21xGRMpH#w}BJk61F$uT)1
zdqB}D(+DzXUxQO<Nn9$?@@i8J%^Q7&6?2V$t|ySSi7lPs^w+qMXD|h5PV|E~5^-YF
z3(iKsuklyk4G&f{2Kn95R6p>fWUPl(T@n}{8aX**1-`1_d<*-`ZGx#m8bWA#Y+O<=
z-^9m!+b9{KTF5q2lQY8m9I1u3233UD{=+BB2C0=bFWmdAmZlM>o!xT~m+-U`S1xQm
zk<A<e*#LpTE-8qM5&|i7yH&6dFF4q>o2fhz+CE7rt4^qF>4=+J+6hjE%hU<L(ex=5
z<DYd!;&(+F7h2n<_CLF4fSz=6JpdJNY_6D-jPOF%!L;xTrZh5s5{IPD(Y1<Xxh0K}
zmC+{Rpu)uaEJ<lglj5{zit)xhp~gL+6T>R2xuF^L?bCcj9}p}K1c#6#IFLimPaf|x
z{^f>fm_p;8DQe6KnF7Je6p;Ii>GKfsu1Lf)$D-AnvL9L;-i6G_SBbW^@Xf-gC~9UJ
zTrA3TDj6=T0#a9@Kydss#rL&7K6>KrCbz@*7bCcbqr@>HfBM?4d%1N<WWOO$YbB3t
z$}wX6=wMT8%)gZR_hv~>YQIJQo_ovR-PK#7Q&r^wn5i_y=xR*;(^1*}S2)GL;wrv?
zDIi!p|M`FW{<#xxEQh#{c)`ctaGt-T|5x8Xcg!B&@=?Et-+Yt*+xO2MgmxZB_5Wq|
zmEiB_|JC=;o&PP`|3lpWhiLz*|9?ID0!H?i-+#DPd0p&#Y!xKu%E!<gAqoPz?@c;B
zq47Ac^<8ciWiiy)OqZ*<Akca83vT<iyYu?}#+^Tvy)+SH5+vd=qnIZfgAw<4H@(H`
zc_s^uZt77>zBioc_%u{L*QcKsTfFK%Mp6oJiQiwY>NL7qnf<P|B7&10wBFb=iYFkn
z7m|WN?z;<;4Ja^ZJdEZ&R--CE?9I;5CYEcbd+j$I{fXd4_fG*^^u*Fj*JF(W-&Pn<
zBk<tQh|q0L(v-lg9IkEP$yDpGMDsvW;D_lnsioa5OR7(df({HD&6Dp%!51YcN_WQY
z5Z;cW<N2^VBY3$SxQf6SO0LBg5!@`t3zhX8JJ6iEa0PyzO&dOBVIb`ym`0n%i180e
zJb3%oO^WH&SZk%b3<-_aIV>S8Mjl}t<dE&i&i&%N=s#&kg8TKWmxV&-7)yQ+KGg`x
zw2Xy~JA(u_vjcNAi&RE|g{oOJ(|Rt-unZ9ajT87Ve71K|+i>A0{g3;VeT2%RUUM}B
zo#6Y^9j+y)KB2nIC@xz6mE7wI&mg^6^7Bh~>LI@+M<i^%J%=6MASg!h*-Sa=J$Mql
z5xgI3Tdm)#o%_?r7!x_xw)ECG<YI5SBJ0sW5i;7X_C$4nXoX)Cn1)vki>DDtk{Y++
zg4y4eVG2_N*{#t{dm^#Q*{So0(QZR&eHD_o48g#!r!n*@;#X@P`wegg+2kmD$~H~a
z=KWE5TIwuBJ^)C;%c>%>#~Tu>^%OEBdIEcuK^2m6<Pc`cvi#Syj3I_-pBSSB84%fn
zt?U^S-*zmP^!D$?ch6zGRfv>~#>l;29J{a|f}zI-NHS!e5EC+-NqyD{zuri5z-u&g
z)xN(y8P2BU_r3K%Hq$cRKqMu?UM(WD+XzNwdHg_Lz;<y|MUQ0EYzYkzaa96!DHROQ
zrxM1d^*)rkJ?f<m;MA@CDRR(E1jF5&`lhRv=zBJ)UFiZJnwQ0Z3UnN(seRi2dAQP*
zhcNGs{H=>cuNaf>8=x)%y67l0<mbx!h1q)u>vi24V}jNl-5j*Z3sK=$4E}T&N;tgO
zF0JSZ!KM5mj(T)H=YTN{{p4}H)_;T$zDJ(chd5oLKDuBS(5vy`&kZ718+ftO>gWUg
zd5>6UK}c4&+;r+4jg1iBO^1vtw#|?`BH!>-gf5+Q+I_h_pqU#!=wm!HW#9&ZhQ<%M
znLrmf>*hNNsvAk}T}?eC%Bjf=&NuU7(6chWuxn3o!fp{p+i?puX!%GEp-_IDbZA$H
zH(+BxjX3brMYPDi(c;VBLR7cZ30Z82)Vm8}AA%Nv2~teGqF352#N3^!WbA5v(Z<Pg
z333l;gS$bcJ6y=iyH3bc-S%pxd$`+fHC{t=bT($ltdl4e1i1{d;3rXH38PmIzWn9`
ziFD~m*#O`3-xh%`YaK52D#?bvLh$~FI*M8uqh)tbW#m7Ixg$$o&2V2-?6bkbX~r`S
z$TAO+dkGv~Pe%ZdwD)P#E$~dQ`k02CfQvl3BFc^f1JCs@sOZtjc$gPipN~+#!r(3v
zo(|DRE1|S_i&<V>ClWWiRWG{;ubLefJjDEmB}4J3J-Csb^|iN6XP$Kpc<B2tE0YG>
z=vIKbK+2s;!<k~Z;3(!tf9>6*8kfP<tE3(LG%M5Z{;IFbks28v&H3hhFVK_zbrJ`b
zzeDpCdByOWrLP1o*gH^JeI5~euvHov9-zOZwO7K~%fqUMgd>(U?4T=f;@Df!lX{^I
zO;s^IG01(|5J9gJM((5<Psoyb@lYxsJEmW@&W0csXPKj{I^N+D@jmL)@cChh2hq*%
zhu}<%PMEU5g3NcDr;vKNc}5a*%jt6J9P?qVkxg3y4op_psTURarM84`5&m+Y)o1^n
zP>uZj!?eCTTCnd{*Q|A?Xh;0j8{iePp#5TmS1%v)v!@+=^a?zlnJQ0><1ZK`C%vxh
z%L$D|aNi{Be|RTHTI>N`(Ss(Rz`(=2pvS014q@G9Yh?=>=R%bg>=uxf$Vi<Z0tUZW
z%1>sOB%hKA=(Scu1^9PHBgdHArBq1ArPm2yN(I=X_Qumfo<F2tWb1auGBPhDQzrd%
z6afIY7^>H(S^WI|d}cxKb_mb0<&?hC2qNEbapW8Wb!D>m()x)S#|^3Nk1+3}WDp^%
zI8$Q+QG4d?F{FY`GC*kl{a3E`$BicQug@=5sx(n^qCrY(1zs{9YcARjK?ECcM^(*q
zaL1R}cWf{MD)mB5MbMum+?=YoM}OB3l16fe@${lfm%R8+Pv_;kMp6|-kBpLr^)^+v
zE1fVzrc#kX(zw@a<V!XtcVIzMLW@**F!@k07ivcK$2@|frgo}S;$UGkPU;NnF5vXq
zqSwJXUxWSA3VfufE1`GP&qI2@NYnWs{0j;o3#Sv7<#+!()+b8mQ_4PBgzAWoHEKC0
zQXr_8IYr3D9kV`Y;)gK=k=SfDxHd9)GTmTq1?kjeOok*q`Y*LNJX;wrxg6p}gC(e+
zZfG8IdK*BEQ|7QYEf4nurBlX?Auw8Fg?9yil0U^`U3fi(kiGnHy;U@RG*gP4vf`MI
zvto94eTEcn-Y8FHD%J^1IA@FYv`3@Dhs!GbYR233(ZD+~q4~I(<Er_(Tu7?A{I%W#
z!mFb4hTy+23~qQ$CGue8++>z+NI1{fIaX~o{-O(8!jz2qB<3>G+^7Q`8MMIoiSQ)q
zJ<YtpKKnt38zcZ@gMjbvDuWzC_WoyVF(U3;pg#qbZN<sc<PezN%OKuhUs?-|W2qDD
z%7zOD#*`311m!lwzDtXuS+0P(<_Sai)QzUXvOClmg%$OPLg0kRm>^f4&CEl0Hym)8
zqa46YP!DaMJtUP7$W~}$(3t9?fS8GN0vY${A>8TclYGrCG1gCTXIk>bzVxS#+)(ze
zqauCDMjE|38nKTugk?H%?w@xIAVTJynA63!(3M#{GLZjGH9WAKtRfCb&--ZgT}sj{
z_h8aMJTz97aSXCrnH+h-HUZ<1Lzzlp+nMhS#^~PcLxD@2PauLUZ&mU@6*Xi<-z`Y}
zHni0ys;r;lP^rbb<gqzpy(ix0AW%yNb&Y_8Enu&|B6p=@GQk##Uqg`uAwx0yXeUx+
zTnb^UV5zVYlIi9G%04(3^}cN1Jb2CjV)^d!j>2i))f<y{USd(=M9Rp-yynyeiU(#4
zI}x7G6Qlhs_jfhg1?&cQQxbKhRCW4t0oz{Dpwct~i4TJ?H(H4iIws1cGb8lRH4ZUW
z<WOjLBHo96CkCMjov2&4ml&cx#r9p4C{?p4M_phU`pRV-5=;agmkBLI&g>Oq8gaCD
z!vzE2%HK`6X&Q++<|TWBytHw{uXoCuxGp)&jlQlWeeV+@NED=9ELC6$8|Lfn1HE|r
z?bmH&71br8Mnj0pH+e_Po3E-T^l_Qr1(YRUiq=f8vcNnch0<k+UJCiC()WNUH@Faz
z+D7)@QYMvi5<{RdodOrT(w`7QUoifxMAqS)Q4OYE{XGH3hpP=6LtLxy#7@<iGqtO3
zLHd{>Xd0IS&tPVI4P9!oA-P&jMTGj5r`P!%0n=vW)*B6nLgrcx6r*-IzoZ5K3_E8X
zB}rWAzm2jPdt6YPL35xc#ZReG!)0E+EWl`L(KPyj4-9tB0d>_ayOOh7jw2cePm?ap
z>nVddbBroFfjER9jG*bS-8&U+G@(?^m^nGN%O%7ROjfNB@^WtJCNgF%CqdE^VL@(T
zLrYgE(l0ZYR@4}4P*IqtocH|zU9%I{?p7Dy*RSje`xl)9&RX6*?><N45lAIBa1Rnc
zuDyZatrBhG#7Pqm^<U)&#3xqJ90H3>xlF`5ckH*Z!jpvY3m|y+B+h;YI*FD&Vm5@!
zuCk{EHNJd;CP*JJ*?IiklUbIv{l%0k1XD|>9$m@I!axB6HD(ZYu`9s^XZshjT2%d_
zN+$}4EytKHvNsN4$hu<p#LNbg=jpy(hld$|a-A74@CrF~^1~C}%%<CYl4{*?<GMHd
zMaa0ub$Ju@h$>{1Pxo>A@&X3(Old#~rT#$HRfugT+LvVo_jj0kXOOI-8g7zmEDF=4
zpUBr|I4{n@w2*j;Z6D1;&Gpl{YuA4m)s`3&ycIvL^t{M_I9+czR&XP0#0eSmc@W))
z$fBl1t?y5!$Vz^S<`au_5-}`&-1!E;<oePHlnTzc+0rn>g)=mNcYWb?I3gw8(g|GP
z<!4`as}e;xv5uRuy%G|UyK!SvOZqfOA#`)tB7A39k3{&>u6);7h4~+eVMa5;OdCvU
zJ@$}-qu=(0|JuS_d)*&b{L85p5{^Mc01@UT{<y5#$g~SSL97`u{4SOQ@zK5Pl+p!x
z$Y^8<`|hb+`N_C~T%o`9-4|rrmm6HkpoxQOjQlV1znd#iEu|I(i*IfcJi!$H;+IK0
zNJTmwsMWWbeprtP*n*Jze4H=))x$zhT4%gMT};M=;lrKCN`frAAS!MbMH6Idk;M~n
z;@OJk<5&JZ*7Yo9pOW07fx~|;8t{U|7t>U5sp-lkf?uEsl(dMmZA6anDT+MfeErVF
zFa${c1X$;Vhz5aPvhq>Jdaf_6JJbXX5=`OuCm+k4<+E33PYnESk1#rF3v^#*GuCVI
ztwoMF9(G`8Q~wx)zetZQNJ2XAq^~Aaz%iN>DSvuVXY|ixt3?ulSle+1YjWr|be&(S
zPo<MLQUMQg0z0<VP?3{Pm8GSokO4rZJe;n&qcU+>OCwA24u6Le7f@S(3MOe&Nmh|Q
zZV0jZ&l5Y*UYOTdORjGG1=aaRPW{FO7OAV*jC`mIUD#-4-%F2`c@G+-a6AICa#?~u
z2W-nO<xew^8bQQ2oV^2;j)pd^;#kpX1gTf8RHPYoNiGmeavWTOY{5kaO!gqHp@3=I
zEg<1o{FjYQ1;Ub&j}o1DEAeVC!-}6SNH0d<QB<G_N2AK`YZH1WU8cKGW0n5hY%<4&
zko&8kNZYWYpR89v<XE!_)`xupkQ3;-d9>%umuIegGIe+IJu|g=QT<J_rj0NsTYuK9
z_%vvr`6`FR-PQfwsB69pC`e&KG|3_VZ0dnv4gpv*6yeVlM`1|+-~k~ia<2tGo4J*D
zx@hU#C(EKiF&O?nU8TwrO!NvnSES2^cy?X?p?65kQGTq@iR?l0=IJ?^&B0>@Ypor#
z>9CCHT;}H}4R<Yft-HDdc)nNS^p=^^-B1I@x1!E|J~Tu<t^Z?HHloP)@l*%kziPVw
zt@AFV{O`VhMunwpVIT(ouP4L)PldST->P{i>VH>_OTyCs){y@<&4232|9PJ7vBDQY
z_^ZU@|DQm$=U?8i5);dg661A&fQUa+i9qvra<E$}$@pi-K7JG-#$=CwN2036WY33P
zOg4&;v4cPP&?}FV5+Eo%REqNRpSzq75r8F$Ww{=ygE&KPh`<Tm5iZ^9dPO)1^MhuJ
zU@O)EJ^}~@*BS-QL)Ajk`qEuGRvpq`$r0t*u=$M5(Ika}H+&?NbzH!jhSIYB7X%xP
ze(&;iH$oe~(~mGk1=y#OHqP~gH!wSUuue)3#tr>dsXvq+B8T0;Wq-=&qMBRMl-$^-
zmT5Dl!$D1{=w>E3iF<-9HbJ~~=(uhF%URh{-te7;-zv_37%N$7YQOV)=+vxBwpu@m
zAG)3$H-g%L22N)ibL~@UH?O{+)x;FOIIoZ4?>$b?+t_q0sS_YJ-`H24sAr#IFO8U;
z(w&l_v5!98nEg~Dhtsh5-f)5w=cQPS=vZdJ8;FJBJ2>BEiS_&!%X1Ic-?c4T?@kH_
zTrx{Ui%dDb{GQ9&UgfN8ou}D}4*qg8%Me9;GCOx=rn|P7san_bJki+%@(Q6*#B}As
zwPhQ<-)7@bde>01HHfjfbK#vHZ-0u8Y4jNVQiUR0pof8>xgf|rqL$b{vtpS%bZVYy
zU@#)lcB(hx;Z*)vbcT4Vh7T>p8L}huv5aZ#C{D?6FU(CUuxN#Kd@<n15N%9KMQv}R
z_1o-LI?c-TCh67I`OLnE0?(T#3ze*{brnJeQw|ao<FJLwxuFOOAFpzp<kt}N_dd;Q
zcs5nbTW8?^5tcC`vCU^?tDGsvSyAMp=H0rBYPUvtNmbj?#E0s9Y3Z-_nSKnATGub^
z^lze46b>9XO148yAntyJ5?WJiiRSaO2qVzTo-wv0<-PvsU|MDax!M1O1d%ti9{yUE
z*7$oNd5hN2b9OP!dc889#y&i8y+k&4FRBvSU~gY6LK^)3BWvYN5%BLvU{W|lqeHTN
zr!1TDwD+|zT-T7L$yz1*w-*sLRZPlCr-$BYqFc8j&q;sMrF?JX9-GiXwHu91)M<CL
z&Yo$C@7ZkF(EY4C{48kI*gUlJ?z%<2&V4;FO15r#bI?uJEz<nG`sZ)*sSMrbLbxKP
zVxtuOkt8mBy9%y1xoV_*m%=X+pMW)yAHO!GjD<Fi2`|cs7h+O{ZN4iFV!VYe9OJa&
zC-aN(T-@VmxUF81DGltEZPO+jtAi5aklg_*zw)xG);x~!Rf{hkN7Xe=yHnSDESdWG
z?HN@r7f;+L`ReXz#i>QEtZizfdv*yLLRG_49Ng1qz~kbnU$=X%0wBAu!cy2CJ&{SF
z%Dz6u_5!YK3P*A(KGVKvY8nY@qix{<*Q#yZoahK~gLKor!ISOQf;cYQL$lqWn;8CX
z2?FIf1ATq9$#7F9FCX3BjAT=<(6QYK9Kg&KsE!l+Z0PcwkNWwRp`q6~mAhMYMP2Uz
zlRMdb;4hV*FoD(3lwig3-uKvzAMBT>+RTlM7yVrzg(L`Z!cv4Q#pry~cg#Ml|4_~_
zcW0_fkX0<tXffa0<Ng)l;@;U>nXnTm_|W0DE3~mD#$H>rKBEAsTzh6^Afno%6MLF<
z>Ml}dt1sWrMQn62ncG_)odjpe1iy#b?7XM5J5XFOEhPEJ2zvfGM}zP+|2WnE)1ZTd
zk^jB**!b%)|EGaCL4xwP=dtnELH}3duM;K!|5S>9_B{C)QEP(THvO=R?(`iVVx<4a
z{vVOX%&AsaLW$6?fr#Q$OT?LjSL1KAx=qwMIXSoY_O!&PBz*M{sFzz?AR<s?(>yp)
z$i{_)gpffxj}ZRX<P$W-m4pjXiR-GaS!2?T{Y|go2UoXsMT1%YlL+#g7A~7du^q{V
zmzU`zs=-S_=U0RwIfY0(;NQ0RFhu?IQ`7)q5fMI%Au3t*wZb2j*7o*O2xx50Gc!`m
z9#M?Huf_uw7A_g!AD|NTP(#2h<2_N7lS@k#<GA?vP1ALJoR+%@{cp0G5Ov;OELMmU
z0OwwNY67~$pGuEgD{pM0-eaDfp4MMl+u7C3Ef_H0KJ*|$kYYRm7>3^stG*MJflUN-
z_ab1n8lw*6n!36<k?C$Jb4E@R4(457ci+LjzOdBPR74muyS~1zwj5<haod?{0L>x_
zvi}H*n^wRO!PYvo=9_*~Es4}5{Qa`4tLqF)ikGriWTnJhj>Gw9iw*?b$}y)hS7kP5
zUf0z3!|mITBflqzb5sQ2$KyXb`8q+>H8uS}Ah6!(`&{Y9VA_Sl`TooPxU|nGm#>5Q
zVd+$0_$3$Y@1=7(ih_#Ml`h)teUnzQ7+(`|c5L2MT4)=?7ca-?e$m$Nj}Ge69Y=xy
z!U4|=y^myvWBGj!^Ro|!WF*SbQq{a45Qwp{!kz~LjMpW~UwF8`keEgm7Ue(k(fE`S
zET{N*VL^@+KnVpY!PaO5D|cknRcu=b_?HNq#0XswYZ*bj6>*5K{O%-Q^kUwnnNw71
zuXI=ffzi*@EP0<O6RpvsyaC`;zz*6T7Ez<hiG~RsVh*CLe4~RmQxri7iGMF6<``5k
z79=Qu-X9PPcoQ3XhX6naVvcA=Mwy@IVyW(I>$712;!p9v185Bb@P$B5--Lb!qLmS|
z9R7A=Qb4wceS!BuScg%Ral)R!o*|OGhzr`!*rD`^Tnok!8r&P$8`O)2NjShn+wF-l
zLLc|A^l)Fd)6))g__e9b$M+jl(Ryu-aTsQTJalq?I0fLmjtIASIYThQh&p7<k>we(
zwl3KFdX>O_!+Y!&9jq#G=jwu}(H9^!^mcL?l_eFLy+G7u)OnYEFywG;Tu;(XwaD~@
z6x)zd?l+$deXt`(CSh2SA~o<Z?rm*ci+@e!G;}><BfST{T~D<sSCp3281pVb1$#b&
zDuPf@FOQ~;r1!(oDrk@^q6PtKGK&!xqw))_7MIB<q8xb_Kuk74x{AU)G0E;#<Wp#j
z)2B$>)0xB}mO(#|O9vV$FC!!4AOfpSqZawVE8@OyTWkA!j6=7!Ob9VCX^7ouYX<yf
zA>z1YZTJN!e|y<DlzM8n?csj#w?$S9U4R(MFN7)goKGS?urvhvo-4FhJ)Uk810E90
zTQKz)lu=aJMd0uw$IT5zh~(+NVuP0yzEov)qj*>o(_UJreIkE*jHr~4sft7?<=8;%
zeicp-$3r<cAL!p#L6lt(=SNiQTd)I~U$A7jYPkG1Pxi#+-uhICu#?tzKg<+ehQ%(F
zzGfvGeEceOcRD_Ie9ZU%PihJ(nD}>Ql7;~t4b+dA3A%OOoMEa=iv7mxWEV;39p2u@
z`&AdLc#mVunje1Cny10$XN)&0n@q9ahV9py85Oj|rcbMuO${XOPKiR6-QKqYzYmw9
z0iVY@AuvB)e6iD!_6PkRq-%LsG0Ze$G-eCc<L+(ZJQfeC1#PXF^agLPK1}&r)R3~t
z<w~r6jP8ox@h9IIV-X!D%dEPP4kRC@eJGjkem`Szp5`M&ebc*mg#et(C>`7)QxNw4
zueHZ-pfEvm)(k#w6%1aV?T8S+_S8+|x3fmf+q7?;^<>G$*P_gAKm!y7=hkgne>(EM
zILOK>)L8v`R<sO}OGCy6Xx`lSP&%N#?+GZBr}4~x*Xr%*b%!|cFlY0akizT98@8!v
zsckqOV4sul7CUG@nZ4qCU#-xWeono}G|=*gJWar1N@a=IEIat61QX~40qWrtSxXO&
zAaY7}Q46}mhbj%P5g8s!c;&}4>m6fXYMYV_zDX6z-bcs0=IW0lxrs0tK8InJ%mnA%
zRbu;Wh5BTtvx09mn#4b^(Fy9WHqxR>Y4=3I>$7`tR!HFUU#l?^`&X&2n+I0GF`xa(
z8+fOFzE2vS^=aa^vEHA>)T+W@Zt(+%TuE+xRoyY6{_@qG`+vNU5wjH@TNf<Wo9&7r
z{+qOw)?vUWcLa!CnW=fpn*J^R<D6ZcF}i8zP6(yF<(C%3**8t%;8J4>jx}c*0ChJr
zadme6uTr(I6)2ALeh+uE$F{7`>G8X~)AN*KqT~aL{IR#<^NxQKsaEf?wI=Gg+#@Pk
zQt4i?Fr6V#^OHp+)_Q}^wkuU^7!<tzwp;-q`Q`2rUILVt#@6BO_qIH5TmjIOv6cFr
zz8)1no6!6gd^KQLRqjtSJV2&d2=lU66~D@dkH4ivB~}qyPu%DxHMISNNnqo$kz!FR
z*?!IX$5<6$v?15;{_U#e_V`z`X!BD*A-qK9HnAhp>C|E`818Am;dHZCSGU@VnAMF@
zQkV|d#${Yt0Lh11QZ9NZFGgIr*6^vzclbfeg~1(Oi=QaY4HD}QhlOMljPt<;cxGCI
z=zp9#LY@3<9YFJ#7r<sgos0nVSC5&wy*ucOSM-I?rezum57oa*d#H2NXggIrdux9;
zm5FVm{^_~Vdi`qjxUZfHcJL)aS^0YIta-#<ITB24LMo$LXBC(Q`RN~&xdaLul+j@T
zua__yuieUM0-;P`|2`DbLehhBYW-&v`v58Ue#SIL%h-PYz1j$hw|e`xZ*aA79PZ{3
zByZLW3|enT-SC!YHdlzuWiJ@%z34CdFN8H2&!I@D#IH9S(E%9#^f48r(74_r+(W&O
zKRkM>Q4Fk+7xhp!ahv?gqWEaO5GgA+e?*v16$<1K(A?~u!D#NS(!0-3+Iwh+2ozAo
zSF;!$k*H^gykB~Jzb0YmaM?6*?{|YLm}c>vRf!96yC4XKUbh)&+WGoR2_kRXd-LA&
zX-M}mo|;ZzW4r&bD4~DQPSb`1mD_|m#{u=g<~xgw$%$uX19t$_8vid@Nd5r44P$!@
zDo6k3<eUzmoJaRlZC;ivZ|BnbWY=D5cSNM&K2R@y^6NoTEqj*A(Q2rL6_9W3N>(NQ
zD==629mWj7GIrm<XJlJelvypG<9Z~t#4CE24fH^An;x6aU&cdxDU7kOz_)?q?W7)6
zs-DH$dQe@5mdP6Dn(Z1;(jE3Du*GjTLBHt(R?QkAL)dBqB0dh{L9qgf0|^}XTIDL!
zaPSFQS>a<l-T-vx%fpsTqi#=8!)m~4<S-WGF`VvI8Of;tnQl5TXo*$UmOWRH+JPcv
zXD|Idq*<dAAwpbEmr9?Pn%o`yDUCutZHo5>o2VNF6f(w$#^)~j7V_r4G)Arc$kd_9
zJcxyYZJyY<G}%SJTLJ*bH`Nqi;^4k;SPoZv(-8$CBY}P2q{P775yr>_?3lI2?GEj%
z(A*FfWN6rnVbr*&IxAQ2oks>WU2(N1!a0_@TmY_REbZ&$XoO?VnL*x2Rn49VFBg5s
zV-7NP0BCCKyJ-#IQtmk1>IfM1xG;tVP~3z)Q4chJu<3fuY*t}_kxdy(^uzK1*yP8G
ze9nT8dyscuR$!5un8;gY)N>H2O;d4}mQ>WY93X(i+gg;Jz-SiCNPPY${X#PCgvk1U
zsz5;8>)@kkyv2+kvT%{UkQ^?_cI5#7nfp*T6zR{v`MTIoiyx6Wp-PVBRK2s7!>hJ?
zf4C*8qkOkLwcyR$EQl3K%9XStIYh4GnJu~}HGn3Z(mejf4I&xbOaBZe1azf?Vj+_S
zeJ6ZLY!zM<o1>Gq(B!VE;H9-4pT+>RvII%17yZ<@UO#}cI|P1c&xkGR_a`^j@Fy4!
zODDo^?DCpMiRzhfpAXD;8qTIop<K`CoR3)x2cY)|kPa7!i{`0^XlsX`ENO(JV+Nzx
z0-~Sj>43YD0hrjR70}v!^H)YaElAHr-}gv9Wv#r=jDS<oymUb|^QbM0@@BOAwc{@X
zm|HBnDACSj&arHc?D~`fm^cnC<HLW3U*rkt-^|Y^M+N&DHp76b$5j6xQ(qYsR}*YI
zI0Sch8!WiHThNf;5@c`*1oz<XG6Z)^aCf&s5(w_@?)oO*yYH<#Yt6qtr~7nQRabS@
z-tFl)g8HmAUy5^{?7ZsQ4%>A>im$Qm)nz98k!UIyuEJ@5QSzi?(_PAAgxqZGWNTrH
zFeu#x&0;rra+nRF-az|1Ln!-~E*jMH_gtSyufop^DlqSu&ouSd;J!Zc7_Wh~mxDSl
z8lj+Q4x!Bj38ZyXhv<}K<MuIMj^p&M_D`}t?Ov+)?YAOx?Z&$fJ|am-kWAu^Xs`)G
z59GPHuoCnc7m-l}Eh#79oCF!9l-n<~jVXc;6W&f7AdT?TVGdVkH@}vIM2>hsU`IkB
zxk_<<DiDc6fG7QeY@D15m#_F-(o-hny~!Tbo}h&+Jqn9+d{bT%fq7Zf7)7Dlg5yh~
zdJ4$hYygOP;R^!7J?MiyJ|IAJf`B?x`0&-=VA(LmpPhnWAv*H1aLbIcy#{!3KokWx
zwjEO}s3o0|NUTN*-l2l}LE}W}8z^6fyQ?l(jeNU=zx3tBb9XXr_m~9w0|0p5&T`1i
zeZ(P@lwT<X4i}7sH-@({EMB2l%nPOW>zK(t6n-M#efkToE7$|NVLYODZUJ<W{Q_~0
z&4k_IUk;$31OORC5wdX648>`nDZqaAxW=D^;UNkNNCgl$YY{hG!x6!-Ee>Dwu@Dz*
ztB|Pu#yJ}Bj=|LDzYCBjT_f2a@?51D6g=AXo*NXUhkCSiXX={Yi6bpMkZo96Cz<tC
z;34YoIj1u6ML0om0Q@`^R=JdtUNWf-3O(Y#;%ZnHO$-FhK^Q_-RvbYWanaEx&!WWn
zB9wWc;B4NA3jkG~FR#mAOA$iYxZa66%_@XEg7uKFfwx60=!uACuryvb0`0LLq$ktk
z=Q3)AF*;8)QZDxEAec2>5)Uhz!q%i6$E2DJHoN;Hn0qVpiK!y$f+WKw{_Yl8@@JLT
zD_$T}g(z5#K+B0h&Th0FY9=OYXr!PEZypZcjTC@1>gOSkCriEb41)8x|IlJdS1`<-
z!8tX8($C`Y$-8lnn7V@LtW&!OcX<6}CySSI4i4pBq&pXr0{i)$V~-;&r2qL`CMOUr
zl)8P;7lz{3fboci$@mK~sse3WJ+(N1n+hlq@(R(NuMphIlfcbJLPH6Ig9K2l_giK&
z%yBVi2xDSQnW9}$!vR<*SYFosJ>EMZo&THXB%YFFlhA?C8!s9YhIVcMqB0I9oNPuB
za^IHVlo~SoEb9h8Z+Zm0gA`I9eZ0;<X2FyuYu~g4mCPz!NcK|JUlgE|eY|b-K*uUu
zASp8KdA>3Ar&H-N(^D_0a0}!4wDv?Ci25Q*xgQ;wDiN3?%n0w(yazsTuZVx3Ay_H+
z4Ex)q`8KHkMYhcJ>qIu(hP=WkF|}4cc~7ahR6G`_rhd25GnnigyIY=!z{JWvknyOe
z4tFwU9p`i?a##;oAHYFKfCyBF4ZVQK=$?5Q0<lkHoLn8VxxX9;;?C29X*oW^vi44i
zh*s2+5Pzw}gk5Z3sdFv3hM%HvdjkY_I|0dO$GN9V8VWf6?Q&%4*dzl^GAKwKWPa{=
zz9Ix`bOjy+!ziO|k>P085-=RnpEua<nRhZ-$z~|T2YwLy)L&(DB2J=kNN2}u0O0!&
z)qCq;fypLv-iQ)8BceViRwn8&B-dwpB58T>-2l^J)Vn>g5m@^J?48GSmjGguuy$0A
zt&C>zXN-B6{b4K@y0OZF7F$L<G70WqH31S^NihGm)a#;QK?Nla?&;v)8ta^;5%HA5
zvSfWR;?&;&?}<nUc+%mNRSn-05=Tv`t1!RLXz;QGAol(AN5vaNUfFEnG?ps*93CU9
zTNTj_s0SYJEdHRZih_m5`!XsNl7`=jR&>=xTb^)31shkZ_J!|FGCHi6?Q<L6HJ*np
zwtogwCED<n;R9pwEZgjuWFSLw<;R7br}*joNe{Wxv})!K>q?iwKP7y#^L2&QLsuZz
zZxedfxVCcLm;=u@)~w&#NT=XT@La1Av+JB^gFX2r(9=JS+)D8uGj;Rdmpo`7M%!W@
zOn<3Lk2?!n6@M)L29VyN{0b}Gy%G&&0U`jL>u(X~h0DK3f`jXesR2H9V+4_kNjbn^
zNWee9WZtVht!zatV%T9)an!2sHuS-re;ceq-k}i=K;jCbMxmNwa0a!9A|c+ROrkkr
zR_7r{O%5V8*3(x(V5+|Q1EM(CePUpK0`NNFbk4m+COQCyXzxWtCBlc1UlMfhg>!p{
z&B-eZjxJQ}&po{&T|raST`?%v=X}s8QUwJ>^`%r`%$Fe@Jc;*3Ir(@5=S~151gr|(
zv}YxtiQM~!Emyhb3H<_2YDncst{ePrFwVFx>rdipZlE?I(ZJLbhmX_}nPv0=DJ?V<
zoK~0}doF1(mRNbE54Q|SglZ3b?#2dIHk!aWgZgp|uEmeQciDvNfcqXeqTpcL7K-_G
z`zgw^(e7Ih%8=|!Os(@yj(j5AT<6thG=pd}K!E4PYVzOFbG^AuS21p}-%sbpgSbXS
zb6yA{=a$(g>4Y7UMCn+^UWPYF0RToon#(LgbCd|h7C;Ap=V><4ndA*O1+bWfp)zHy
z%Z^sr$b;<-pfCci{WBiZDlK(AI+PVklF&1s#Q%Oc5Il=Wm>3|r0rSm;p>C(ZgeT>i
zO0#b=D3;Gc&}^^3r;he<|MTGd-7mH=inh-7l1ttR?X8Dp-2H=(OZjh|cND(fRlcHk
zUa>pRxKMw)4CP&DW}a_~(C9!zS#Y+*f@xPs{k1UrFCK%C<^0OJFDm9t;T~R?oXj#P
z!hxL~IZmc$Zwtam3~d=e!0X6lqkX~oLZf}?!2AdlSf5!~!NqRt-Bz*N;j7)|>c|J4
z=&7V1jSdeF=i=7DNUe1&8*+hMRy91kX#26gJ+W|)qLuOB0j|_*OgdHbd&GLv%W?!{
z%YuQHD-#dfHpLXj!KB0i!&D!b?CIF9WnO`e<1N9Y+FV)k$;8;$8Xz(Z3lQoUnrD=Z
zcA^ZHAhkB`FgkseGmVQq<EGRQdOr8|coL@49n&Ex7Jh%oJ|^xV-il(>Z~`~ezd;TE
z(E#aXWaPhG-4(DsMgPf%*!hAt7-+Z@5Di&18BrH+5>90^h!9La=2i56Sh7YK79tNv
zMKH@$n+a9Gm@DW`P3D6~q=u#8B9s3@Ow&*=rK<swk&#IT-#UuLOpvn2PUy48HLm%s
zi>Egocc_Dsi7#<=Z3FQ*3gJ*TvQ$Y61Ah|*VBpU56}A#mh-f4eH{rT|(I}ZIim;mO
zCm{_+44=nZkaV6G&wD8&_xktA*cPC&f>J7>v(EQeByv|*adMw#iG?(oc}F3$NyPbd
z^=8={Nc5VCx)CIj)ZhE~WDw)C%a%NWJaANhq$S1Yieo6SA~pnQgk(%KW6+1Net!`b
zpX8#b1ai~R(9A-}Rw=XijWe(_8kedfH;w&GPGt+_z#5>&Xb4A5QMSb(0uQ6ihvp3;
z(M!p17855TL^NVNFzNTX%?wLrMS1JuJ$D;~QNG3LO#j|D3b|xFbQSmiVa~wKZ0y6J
z<l>TEU=MjJfIz$Zw*Wxs`fH@ure$X_@Wk9LW68F?GP;C1!&?07Qw9wETn!N4EY*uR
zKMPAaMJH}V#4m5h@KZ~Q?W6tXgG8YB*$t4Ljou7ow!#8^2HF}r`(VzP^2SEKS`3Qt
zP~j?B)BLk(ceC}oGwvH6*SKY3S)@Cc<-u0t(P%E(e8@k^G)oXhP04w9%du*E;DTpB
zynCgjm3{bqbAI9zdkbB_M8~e&s1q-Kq<;&DZ6PNkL&r;Q(_l;J${DU??tA6QFknZ=
z&NBG)n17bkv@jT6zDE(0$X(L((FKr7u;9T}0D*ofbUwb>TEw*7-rm}a$0ya+)&f1Y
zWcx#0txW4{s7>~VU-#RuNE+p@TJARe-#%Dd>OW+2Q0C*F$)yoP`}{W<*bGxV2&G=9
z*!}daIj!P@PfxIediwc$JE&QchpYayLV6j3mI#c``4Co^|Hdg3kCXq2x2Q<N|BX#S
z`MUGPG&(0o{YvcoE$6rA*v@fOahOBg;73M<0lhcHrvE?Acj(TVo|hi=%Wm|4aNxRp
zDRGH^vPPXUo>>^zuleZCyqx3XIv&PLB@<ihvU*!?kjd9ty!cxO@tJg4fbQElKY;%G
z5s7nia|f9-j6iHkK>|Oz>g!6h4pWEXcz@yk&im~8dG!asa*_ApGUT-oI}z+7#_kex
zbojS|i?G9Cx%tbQahKo9<0p*ly_&XBcFA23_O2t*lao75=l01*Z>e;pA}DJQ?F)kk
zHv8f8R^|j)`{pW>rY!#%h)2)fS2LI}fuAz&AADB)(%1UkxsyqmNH{Hf`&%tv1><k=
z>=p=NAu0QnR~B$KE=zl=sKk@B4R!FWq~<$W_7LjrU2!lLb#vHd*Z%40i5oXS0rd#<
z3@n~j`lWL|O=ypC@-xldq2So3)xwe*j56{eJRWk+V|DPSD1+n6_g43_U#V>RHlxW*
z8JuRJ*&?3#&K&+68RGt85q3#$do>;xrda}CrE-MID=JRf{aAJ4g{-Ei5}y$1zCsz8
z9_crrX@-9+P~FhTlGkpY<Aovpt5DIKA^CK-FN*5|fp*<rjd9T=O$Np&mdVS*j-`)$
z#&$dlIc_v%L3eeqPp2T)D~m12?!;01BiL_^4i$FDw)WA>@B?|H2T7}Vp4*Qt5?{JJ
zGP^^}Xk1>wmxD|p^u@iAI6(&0w+^oIS8trdmg(s?WBk9YxN00j&zT-PWmwc1Bp%Jf
zyU6Zo9gM8@U0Sa_q6i5cK1MYTZ1z9+Pr80juPouk4V^sXkV$djCW5i3!Cx==Y{sA~
zs`%kzs1q<m&HLL*3uD(&5?bc&Y93l5bt7iUO4mYmwMJ(p|7Xlp{_!U0glNGlaS{&b
zowS?YwqX+H^5Xkv^-cJe*fJgh$>3F%k0q<&=ji+jcJr%_0h;wtbc+vSYn6wG)Jcm2
zwPOPPb?!f83eFib2e8@w89Wm|A%eRoh>@mmgRs4DtGY#ez1ZyV_amCT+!^C_KV8P0
zC^#Y%#v<rs$%EG5_ZMZem#AiGLjQ*g0~npS(*Tkf&#CvmSXHA#EJKAgN8^S^_hj%j
z{BM{%APAB7PYJun>w_TC<3%&c>LaWd&QoV1Kj4?7OOIl!a9IuQoV}ZcI1LrCK?gBS
zIzygA>4{FHgLW-_Z4TxE;ZO8nw#7*YQs+w=qv}zNZOfga`V-vTV<!xosH45XigqFU
zn5Eme@rySD?7x@FOdY&pQ;a9V4p%&9c1nI?SASSai{DqtH0t<gMqCbU9k~07UX{_^
z$EYoQzvj^7;3HKd@jAVn>A8OtXDPVBD~K3M3WfJ_%hceGoyK%|d>X)B@k)VG&76jk
zE0mVe$Ta)%-pyv9(6Z`A+}agL6{<?&<zst(9D1%7?B3S!y1Hh%E01JGKXRPcqH=!<
z<tm9~?r?9@T;c~de2qyIfB(t(!H1q;BA(wn@xZ%&b1MueR-0oQ)XFkj5|qE9&-CX)
zSXR$}BI=H8i+gb@)kPppY(GlufRuE;m!a_j#`v6xjvJ~>P*bo*!RN4CicKpwya7FX
z|6D}OYm@xR;k|JutJ6Qapd2ysUK8IOKKl$P(G-=$4`^wf&GY@mt?U7bfahf)gIYG)
zms+)YDCWf;_j9%7B!z9*Ei?^kC-F^P4TC}ih}2kH$i{!7oc7)tS|U#ezBaBMdVRrV
zRK;`h`?5se77Ky=;Kwut*<YWnQKpp3SP|j6LCdmWN9rtOqkRV=@uNFr9I93RjH)<|
zB+|RFMms_a{u>RkcIATD7ERJ_`&+O3DZleNEDP9uywuiIWl+fowzqXWU++;BtbpR{
zq0oc|C=f=|pyp(d2g(Mv(&@Xjcsi9Aqz8q8{7VoC#r1~@+#bzMK1#QH-5%@4;l(ez
zkV7+-kO5q&p5}ARH}K@Tcyujim;aleqGUhxS!rJ9ZH3L<;jiZca|rO2b{|F!9k0=u
zen835Iwo2iAmXqOl1zqBO0OFzroa{o=4m9WgXWH($ItJ+?Dahx1F;WYp6+ld2j3~O
zD#y!_sah=zJj#@eVrBU264XRI1vMeuto;CDhe|%-+B7iz`YNAD;v!&;te{uOiaJ^H
zEuXJKw5jg#Nfui<Ty<{un(p(If^>ST-QD#~m1#U#GFj63-gr&3=|Mg{=Zd?R)HBNC
z#ostivnDHhyY|%2^3u#6=<`P@qs@&g5UcZ7_rqazX(}rA^~M^`OA{%>wIw50K{ls7
zm7YZ-FKUY!;AFXkCB=>w1{T{)nl1a~p_#&XRrw$1bf4b-b%kDSAx2(({D!aTzCvZ#
zgKptiDlI;D5iNTnr*jK9Dfgu?%%D2vu<M?c$i}D9M(@83McL$wjAy;XMVKd_Z2D~I
z2|j519Ot?l4=!ACFTQAWoTIFrV;f%xx_IQ&eo9OBzf>6b#{5rQA0CjQ0*g+{mpqJC
zE)ho|`tAPwi$f)y4PCnkFC%p^S_~hZUo2gGf1*gzed?&Qf|qA+Co~_PXcUfY#zwzO
zmk6b>+cI#VqMJn@hCnI%4oZ@vH8<rFKX5_muDpNjC(UcZ&J-yV`UK<YypaRxgT6ha
z5FRIVPh^Y!V7w6-C=s8<Y6;FRxr?U!Bkimv{1`Id+&@2nrYVC~Bgv&=r(i=0gtcF+
z|D7itc1~O?mH6TELuNRon{uH&6q3>p#^D$RL@>>vD)L`cSP^P=Pq#o5e%a3Ki3gfK
z7b{HYbT^O{C~=>Gsqt3|FyY`56e49hAR>iB0_29^&LIz3_X#K-Qo~$hMuZ?wF@&2y
zh)GQ<`@i4+W-Ltf)Ba^}AU@I1+X8W2NXKehzX?@~zxq`18HJ+}nz%>Yp~ND5q{hgc
zYqZzjjT0j#rCTwy#bViwxeCYbe`ib*4=#e?3K~6sX-!xC3t~ICx3m9Xa^DjyM2v%_
zLU<!$#6veUeQ$;mh#gve+zh79<Cme$YxtB}FA=VzW{OWfJmOy&u7?oDRrjlyeKz%a
zA!}-s#Tp^d>+(%o-gT^A)ba72QW|d`j&#VT_H3?l`-8YRcDg-37Zx5K)o`?RPTdK+
z`1nyys+^YP;OCd#c;2h*hWDk+z>h%oo$5bWxnkb!nhyrH(%bEJ8YYp{-1cbLLeAn9
z9ija<T;?SU89*BX3wLU;^(8Vt{Cc*Y_e(~$`|~QpON4Bl77E=<O<sqX0$Kh~w6FWC
zi-`sO%S=kYj7*37n2Q>JYI{xcNeA2lT{f$0_f(m@cfLFGm#4J3>p#dhjCOexOReZX
z6=e??#1ftf4qDddvF$m%_njj2{lm{!9in2l1=qPg9rkki9Aw((rQZ;iwc<Qiq4j}Y
z`oFC?hL(<-E(Hs&%V4F+(HI%dpNCIyXGBn~Bk-d!u!Guqdqj9gzr*{kQIT_qN&;i4
z$&pcGr&!W-BFR4SsP^cal{A-%l-g#5aq{^TlG?yaRIQ@jMV5KJc9oIeTD5U1go6PI
z5BHeEA$D4PJA(1Gls=%}9g1jx?GNY#iz}dT2A4{}Qj5oj<T3}nVcZAh!-J_M9sZW5
z#8QYVQPK_2z1R(^)5PDSsjHu7$#i5I%EKCz5t@AHAB>6k!<Fdr$aBZ7Yz3e<-Py%{
zJ5RYHqoRm!Gx4OdKj=$<d(QpV3zLF)iI=%&0?|+d@P#V_c4BdHO%3=M;-j4BNbRYN
z?`12k3E_h?{l0I(0eSn8C1P7X6QRC1|I8)3P`m6iFV3Bep>gh^d%}ufk12-{)5rZw
zozyIB*O@TeT!2!M5zX~-+@69>WWRdWnS~ut87-8o6_=I$*+5Ae1Uz9*AfCzYLBi2<
z68lL-qbLpfJaFBOl_F^QaqzRIB&$%4W{Le*JZfq4)s9yei)3eBTg&-Cy7D*;$J$3s
zm-bn*Hiuz|`;nP*fL)CdBeK%0AIHh8wk2y|1t;@garT(QOl!>I><@=$1hPawd{snJ
z>&r3Izp+B?QHGcS`23|HOo<e>@a{yNUgCY?(P!XnRZ@FIUy6>1ei_?QvY_8ERx~rd
zkyw-c>wJLPeQ4Z$<mCMX5s`A?c-oF)Yy`^M$QD~hS+YjS{K-$EcE>Pt2I#A$xTF)0
zM{ApF68C>}Av{5|%)W!umdHW$1Ob!4Pn!p#k?`!X7c)LkvlSnJXg&xfuO4M+qRXQ@
zlZ<b_s`tG+U7`P8Z81h54*tF`z$FbPj`(G~Ql<b>5FiJ3Y+AQ{#N3Z^Az;;6Hx1H+
zi3luAz$+*{$IE8C0U}@l1}D_C3Tn*<>Bp|eJ*c>&e{eA*f+oT~NYGKy-m5*UlN&s%
zzbC1SLRWylK!V_!<+C3rLZr#U;c8^QxQt4*cy2RbK1kAEq$MMaeBfvagP5e{bkjda
z5wN{Wbw)6o;2mrTD<`C5ONqs0pQ)<lv_AHt6*I8BM^AY7-L?uAoQHWQ%(>aR-rCC-
z{Ej}N#a0L8#$=eou`+VFmL`9EYB*;+%gFt72HL6q8xO9r7)G<OX!Gq4C2Y(3BtCh>
zP9Sp)d<T9ggV^;oMC;jw=dI54MJ#513fH;gdipS$+K9k87oX|)fmADRe2#k&WP}tQ
zcaT}R_}#0QgbaC1oHZhup1V|R?c5u1taZ!CeK@ml-3LN|yY+bVzdGXa=+b89CbbwO
zkx>9i@wmp%LyNYwoyTzo<S|RrASJUupXn6IZ9|>!PJu3$;fWOl3k`z5`HXq!1VH*n
z^QEu-u|zmyYB7*ta|Y-eJidSM#O|g{<i_C)(39L8`sj$`tN`zSPWPA2p`Ov2ftVh~
zeTzoXJ%Y--ABG;lC5;n}UINIwPxgjYTPx*;!Vt+L%oOo+w<BD+1A<dDSw{mDY8AJc
z%6buH0H3IvL7{~tPZ;w7km}Dtj5nnyu>z7HGIcbCd*ZO8u@l%Z-!zV^RZPDj%cjtv
zaXfW1tEilQGMo(pi1a(a2*-sB3a6U}cDO!$+j2T|gK~@2Iu|a4!Lr;<5L4LHkPgRG
z^eyrXHqnTbH?9u>{N_^t0sjV}Z6Te6cd%@ks-6c4JV{ua6s3P04B;9UCou&m2DCem
zr;1KA;73P138NZ0#`EvOz#eV(3RMD#gogy@)Mm-RUzKu~p1W`4+sBw=<G~}0nr>0M
z%t_mINyJg}x?!-t#3m1}?kqsbsxQ?WhTw$)1&yElL%Q(BG#pFR9A^>ZkB9X{6h&4n
z?@JKWm0zvPKFL#Y+X1>az4cXZPg+a8POj$>V*aozD~K86az~>2YBHqOp`I^@k>oz-
zwj21RPFq%(rB(uFe@lGsZVILPSv88>&gb@OFDt|Adh4PbK&GzOxp@chI#W`w1(^l-
z+Szl$pPr@3%!dQ=wGyhUlNQdM-~zBz;0Lru=~fx-P(IZwUxm_t24cMkv(%V`vI}Ac
z=EL<Uo~_B+g=5#)V2PWO<nU@7Ob<o4LWPP8cQZ{D1a(_wVRhJB=)iQ=(h*eD-^$U8
z<eq!3z5}a=mwn}&6*Xg(V0)ZUXpRiX1SW)FCm17k$!5vU>)ZdNPS%H2#%~M9n{Sb-
z?JGhwQ~)SEYP*WeiaIrc`B-$^_0$Onr)5Hss4_vETyDsiYTLTQC)!>*-Wxcdo3JRM
z937=PKt@TfEgWAwsuF<ucbR1ah+x{}{lS_}4_mSOMPJuDx0Yfe7T*G`=8IatP#wu&
zk32t)&+@D3V{&^5ViC0Pp`2Lan-iJv?mxB`^U%+z6|m3-Wpl9TpD*%i(zzYP`s9<T
zw8$6JgfSLMiEy9Mj2xpQG$j`$AuFzU@bIzooEX2Lh>EvNA=vF<>g}8hTqHgsWYdk1
z<X0OFnYTJ28@%+=$1~Oa&7{g)-E{`k8+Q-bk;+P;ULgXvLsQ0j#j_De<+LJsdm6sL
zBbDvw2u*T|q$=xI6ZvYUVm8!^oB`Bw&mSe2%AjtRDuqk6wRS4(O8>GuU;ZC4->*Wb
zKN}N?x1B{Vxln!3|7Cd`3b$5eX}j0_vP$Mu&S$BhX&@T&hB{Gv-9gQ7rvOMe{PKL^
z$TPKa*G6kp%A3510D~fpVk$Zg`KXxE*XzPGE&$dF$MUZ<=|Ebe-Wtyg$WRx5IGxp8
zy{>VKQEYsyjYLtS_M-^L=cIM(=U8lzmEHk83KT{6epF!iFUU8B#`+(L=?W;>Pz%=M
z>0S+*+2TmyMouQOgjxO)Xh)tn*4~L-eRrf3&1q*2yb(DCjnMcflgzwZXOvsk@i%MR
z*{eHF4;Qat7LTJ8H;%Q_%8rYR6CBboA`xHp_`rNWnThoSGdAMN4`cb4O&5BuT(t+K
z`IY7z`PZK<iNEfP(jDAuD?LA^ZKq)d`RSS%qu7-|XkMx29l$?}f^y6+fBA-EQR}d(
zfs-v055lWtA{!_#ID?M8(tF1U-(4&raMCySr|Yyeb0gK1nI#MPDIiRujzG=`pxYfT
z?B9TreUS&b1FOSa^T?lJx|rXcCCaqS_$RTb=ZT|N+JqeA>S9B=Se2=yf{`zVe&RuK
z@Ne^NNQT0_z{o8}T`1C{4V{#+!9KLX-XPoi*oA9loVjxZo)__LjTZ9we%9pd&)`lf
z=`1(Lr^;s2>;rrz_8*P@u&uMLyREl@Og5v%)qZ6u?=u_iY*8%`@3$-v9q@jgW();p
zzuP~EHnOy}et2b9m8kM+*cOkIo;3mZ9^t40GA48OQKAWy5m6!K2%m-hN7;Iw9dps@
z3*^D@kt(0JD(2Yh9;fBKgaf&f&~pD_LF^mYe;OVWrhgIrKpWc7tx5XShcYTh%*0}`
zn>}Bd>6n7#e&fYyff#NHhC))thcGLfz4DAr2d|qBU&(jzFA12`L8Gd~ts>lGyE+FG
zDk&tRXjpMvP$K^N{hDUyPH0n%>cbvG&U6Vxi&EB<G8SHCknX{)>wgW$|253OJhc)^
zg*HU5Kim+_&;eb*T9n(R)UfbIfpiXbKmFG-=3mQptuTCT2s*2ICB;ff2Pc7}`rxP@
zxJ|RpBQ#~LL!&GY0@z@KR`BM2-3#^JDdqT5{Wq4<iF5}SZq#7m2+ij`Pr;+!;icz^
z;74fNU?d>4?RwCjuIrkcJAY@rHT_z@gr$UKPgYdwPyI@kls~oRG2e<I0ss1beH%97
zFS4_8UrBI(D}@z86~YxF&3QMzJTiN^U6cLC%Ad>vF&PTDIe&8-+-Aglde&Pg%p>Wt
zds7_|t95^GWKZU~_{!++qLz*uM805-qjFwDylZ-HWOAoNmsHTAQ+HcZ3CD<<t)n_f
zh>n8Q-J{z51)oORB)S@pF8V{$Orp}t-<Mw%6`x9O^45REgYWM$ud)l2-CfHJRS&-!
zE@o1MaL&i&D|{pR`w9JBXUO3-8tV#dG*7yRz0N#2>g+N+giQJ>?`O-6NgI?bMR+Mb
z;~sJ{{dGbSgq%qHoeKFol^$xFv&M^U+q_pxk=n5(3rB1J41EIMzTu%K<5U5+6X)*A
z-QagbOX_^1v)I5yAfr$mQtveI2H{I|)rPf6Oqd38T#vQXie9i4t<8_qliR)O+c#C(
zoXI|(@zm(u1V{iCm>Sv-^7k0S)XS+?GG^MnWnS)|eG)Bdk;<Ie0R_w{a-I@OD)a+@
z)BwLXS8ENpW|(ZHzFm)M$Z{H;FE9|PH_74QQ5{DO&Xx}F(}hTN>}WRl<`eCn%+lAl
z%GAkc6jD;sQY~h079Kio_z^ToEO<#QpBKJ*Y4#TK--iu~^_j_dOrp+k!o!mi?(~*F
zjX=))>SV})7DRL;^Xlv~Rud9<plsfFFk3Qh$CS4eN6cdaW`TS*OOee$n;-0;ghUJx
ze!f}TJG>lH*}RHz(MADh;*^AVN1lQ2f)pXEx)o;df5|=;aJ{y=tZuh90Dim47+#)C
zZaoea=;-U?zO;Af%1d)e$3y;&41S~f-McQIv6J9bae<hUKvBk$=#*5n<4|Kz<^YiA
zjJI2zIGOxKiYHWwl}`BHu+J$OLI-07^rV#-v?FmnXG`vrR73j?j5yQ9LAdh;6y3u!
z^XeW(^(^eTTZvL9%hOC1`2Z8R<Xd;{;INa~WjoG-N)G`!_&9WHgtUFtIxa`E%rc}n
zHwp+w($CXs)vc|}k6z=HdDLKP1<-#>1$@!gQR;SF4K(|F!NU;->%h3ebAHZM$5UyJ
z2p-GkffR(|pScP@e(FmCTcOdbc__K)@_-N!G$w{4S+^4Lf|Uj@Q<m5V98-8RCyHG|
zdo~h&1R5m~rzTgu*t%chUalHn{vt$;v<8h=>7!!XE7a3##8s^deuwhcoBH~aM{`1@
z(;UQJ>P%&f$fu0=E<`F%M88G&AtX7Vn`Ip=?4fsl5ihI~x$_%qh-01ONZw*lm&}2q
z)~tt9XT^&Q49r}yP>d<mDv+wBseW<QCHXXG?{TV7>&F(KxmkQzadXob9^BD<nFl|l
zWedtMXd<9pOuQW&b1;1My5vvK$mreOWndkn`8OjO5hosRoLxCS&_SpJlP!T|=vMMZ
zNznSZdo(rdzrWchKs9h?6s^lK$3qqj_*Zgt(SxLb>u~HOs&~H5z7d>RzR2J&n%`Rw
zcY6I-gzn!({({gwBeZfApwlNiSsQi$LkDK3X{fbrl<I76xTcR=8z_DkZ>Nr*Oqy+D
zb`3$<tn;k(xSQ-5{*9&?&JHio6u(-)L=%YjZig79$m2GycI#<KQpEL|R8vPtx>^9w
zCM)7Nmp_^K&DKoyD(3cjPKA3Ks&u+|E5E@G>F6EuF~2<KFh<P;@qGA}J(vlNlPtn4
z4@X&M;OV#-LhQXz-<fM*gsB@1^TmT1W=@!B7gI|oul2*6UY|W#+1dF$U(iO-@~FU^
zg6h6<|7Ha*a+Q|wMZaRrOx$Fk9pN~uqZC4K@}6Ej_M3N(Y`42UcThbelcZMapY^D;
zyt8=#6-*!rH8EKqMzcX$J~~?8D5=e2>XTT>!)Q$JplW#n9}{a0O1d)tjEl>51Fr^V
zQ|wL%?|ch>GUDQ)Trz~3379hQ4fpW&8rxoZ=4;WGY^IRwy9*DpgKs2%ZBop4FQ}lQ
zCI~u1AyQ>_N3}`5_xJ*tX8tBU(PJy!&%gUPhnXMEK_dZmLV8WAgCmgK+=(R3ey*5C
zP-Ay53_bRZPAOXB$QA9XP^w31r)t&<#}xrdK_1RYs8C~7lS3BjHGHI|lUDQv{@ZZm
zBB;eCcf{3JG~eDDrp0Zy|M&Y$F<+9q5V(wD(bawETuE|4)&Ji-DLot=Im2&=d)J(;
zBYH5fQHGasi;$qXy+;+U+E8>N3hK)Xs6oiq3rZO|Wj2Ev@Odec_ool~9LbQ<Et9=J
z>n&^oXu@Bd>w<P?P7Y`n)2(bbB!pG7MIxdI**Bq%SX>h^;D7h`Re-tarsEtte76VD
zwt($w9bD*D3^lgrl{Aa#%}9hx#sf8GLr&0hXS$@3p`~)Lc_`Figa3{7UD1@g!LPK3
zQ-4VwY*85L)AZdU718NkUD<lhuk1KTM%_z}T`|z=U}NO){U^~!E$)9>8)_c<pG2HY
zDLWud&+=k<11v8W1Tq~$tjzL%uK2#>{9agy2n>YrfdV+1z3<-JEkOnQR-BIeKQ*5k
zMw6uF4#T7zgz^hHZS*2EI6&Vxe-{t=H=+<JTM)7y_Z774e*OMpOThh<>{K{(F&{eW
zdB^|Pqz#N6yf}W`5u4M(<#N5Rktyhc*yOMRRc1ZR5w!ob_&O7uYEsx!?AX0am7#i+
z!+qr@FB}7b#wFu{|8M+h;%P^q&t38r)q{P&;Gy;P9)YL?Im|dZ50auzs^|;eWB1Cx
z7ELj1lpYjFm=uM)(7oq_3)TNjozpJnCCZ~enM_5s9PE@(7^NyGH8hVLxtmAgenWBp
zG)N$6{w%zaesMkpjvW=8w*o;<1n)}xkCX^r!PWOwwPuYUZtEz^S@bu^Tn7RLkN|LY
zg_MU^ogC$Yv+AHs2wJ4CBp%J`Fotpg*}?4udaeLZadDyUG&WvufytJ}epaoWtC2KM
zHFXsQ)Xc;ghjJ20(OXEE_Gno|Jj!c{CV(aK*wGp}0!`I^uof@|+pJ2VGx8R6x{T!*
zN~6C&B#FoqqDXOWF$ai5Db4sBOO>+P!-$|4$ony9Mpt#y=LB$KsZTaC$^7lG((z-#
zvR5)-cV8F$=3c)AO;TKELdBuj^M95lU(Js}cq~x6o7=rQ4SF96UaO3yaJZ>C5kXyd
zue~NuK4<mCm;LN?tt&C`h9=Rrdk2RrssuqOBf&r((Wr)+4dVMg7?W7|9q+rRFGO&c
zLSC#9Sx_yV4YnkrXHsxbiXvH0)n*a@epytiokmqIw9bn0M8_7bsUqbix6w@FvhdVN
zTI7K?Kv88htqUms#bvlsT6t&^bl8-KLn)W{(P)y@K9B4dIi-v>A9^+2yH#J70Y-J=
z!<4nVfps3%wQi$-dqk)K%T-uxPJ{-rdk5tIYmOqv;Q2gsdxsvh{$DXpP7gWuexnw?
z?D9m4)g3T09r%9A!<`06Z~tY?(H`3+mUwQ?fZVtr@xf9d=Fj;-ytjd8iew6T8cvUM
zYGPb1Nyu<7)(!@Jbx^eXc-}*6Z8C(zQBV6DMdWjE<x>&9uG-x*X{km`q(-8jPG%k#
zl?)AhED4E{s1$4H#=T4#Pg+R7L`&7r(@p_YY$i`cKxOXwY5~6PoU*17Gx3<QzpMZA
zP800!P#Jxkx#u65MhtQm%S<3fwd{T<YADC2<9{2icXecT4%_ih1Jnx-FY7$FI3It4
zHE2nc6tv{KJ}QMVqA-Vekl@e*rjYtLXzp-ha_8yexCwYTN%G*OP^7e_!5TNEg{(jw
z*j7gFathy<OFf6jJjEW3wWkutks~AxUY_LEc59~wmx3>XiGPR#PlRX9&-3zx#NN>^
z$4RM4#Pp|!mj8HU)6871#hdt3n#gJVz$RHw{q^JwvprxUi2N4>9u~%3YZrP)O*1>$
z6wk>>NqWNnS`EChPlXN!Lmjb%+mB$|q@M|3Er{V-&*gay!q!_F_?H9kc)1M_tnpog
zEIFZ;YOeOaik4H|hL!tJC?yjiM6AkOZZy{5NE2=D7oqb&Ax~TJ1mTd9&-eVQy!}XJ
z^(+>e?J=j4#fR8W?~_9{lA5!Ph@=aE@<A~ch-f=vyrTu@e@Bd8vuPJ&n@?v0_s*AM
z=l)*Tns9_ebK}$$akN>g{AS9aL}DrEvFrb}03=xp?~|Rp_u-moTUY*bn%C!VS4Sa-
zr6h_PMEvIRzH|p}!+&QX6`Tt#lw?;UQh-m02wb>83?)eqc(6vTDJxNYskNOH;>@?^
z&1(X@;e0ZTy!QANLlD|m!xq26IQ%%MwSYrHH<vSHk0QCX(~0@jtx)O>@9M|@0Rw?>
zXiTFjbvW9JC4bz`8^^8jg_pPEc$|OjTS;1$xIe|%*jWDBT)hVI|2Fx_6=Xj=(bwJ{
z;+mmWU;#{V&t_*&I^Iu~NPaeIN+O{btv7t9tSj(<-;yfx%X^{b2XPd9;WvmqObe&u
zHVrIy6GA7?F57p^z$^JA;&a|A3P~-3&nDyObB=(3MXegDQB>P%7ZxCTy=Se-F*CPR
zf2FcBUKs}$+%LyGFQ&@k(!Z3b5n{Amn8u+glf9X-<>X7Fr?DWG%O;HfTnr^J)Wry7
zH%hgQZq2VIO<6OSA;q?ro!MA@$-IhyB+$xFO-~0|@kBy_S*_D!0(<Jm?9k{Xk(e|f
zC@V)8Adp>Yhtd7n;`w?LP@U<Y`Iyo8Sm&3o6K}y=pqhGR?wYR-tS6T6GQ*vF+oOG6
zKanXyTKcl0C*z_{i)hn7pr|q&+oJSiIZrue`CblBM-wG#0Om9a1MHyv9lm(pD)*>|
zt6+Gt!f;ULT~No(_k6~gj7&YKlVL1+GzZbCaS+t&-ELq>F!41+GOMQMTrqq4@)enc
zYz@&2c>FHXfRxtF*fwcRR)jh->~QStI1JoGlC~xzvxH?YW5DgYF8HiJbfje7F9a@-
zkE0>OFtf3F_v6P8o8NDpNziZ*oM17&dQZYV_p3s+#d<6{MvbP%L%H4WxHf65Lg)Tg
zIKB4RKUejwkDS}}M0xpvx=AfW?(au>?>mY?#*%CuvCpsBy`n2v7Ghsl97_JAXLcek
zSsOSWR=y<H@?Wau;VGf9G|he8VJED<zjEU}i8gGVYA=(71oW}KA+3XXb;@|`Zc8n!
z*TFm<Mtx>|btV^_>7Iz)msNrZ&V|+g&;5yuF0kz3)}0sfZr-}O^azvg)mia%>G#G!
zh-N#VA*uX8;2mRyny(VxNPRl3jbtQKU0@gy?eV7z3k(H`5<=5f1CNibi;<pPqiB-x
z5Wqb{O}NB5hXY$xZ>ag{E^O?#&WNQW>lr6Ny4#ljMpI@MEywpbvz+yyw^uA2*J$QG
zW4A5mZEuWE#<G2?2|`AB6Q6EAyIT7=FnAMEW<FsJa0Tt~wEtqRxZ75Q`0*l<mfNM@
zp1L;F9JwbN%86w@nvtyXV-QOoZ<gGfK9az%F{C*i-+w(P_b)CdLs-+zCi&@o=6=@J
z^}~#@_+{PuMBLHG^j(+eZ`5vo%0hF09%qUGW=yv&uZq&Osq@x2r!~qAm$8Kh@2o-l
zF@F_f?}V=u&vzd>s@}LS(%QVqN#{QL{;H;Yb}#<&qwZqMA4vsi*cL(N)dx|prgD+6
z2%LAry-7JG_HfO`5cdYVRP~lb7ID7<$V?2(A+cHfY$-nfhlEv7ML7oWS2~=JYVo@j
zZod6<(aR??ArE!7TS9#fcX#(T%%OJYop;c?-u?=KecyA#OHM-s*4<XUz5GJnRhYKv
z4Az`F7<69pBfn<1291;vH_;k!+UxKwPYmBx*lzmV`TDg5XnDawoDa=+pNBXzpPYy)
znjFn+c9jcHpL2y2=s{onr~@Yl850bQz8=*y{M@?rl1na#)mL+*>PQHJGcn_i1G86c
zEgowFlauXcWHbHmvSS|{aqcf4wKp3CRArKnV);})j5l|UeLEB`gYaC;jcH$e<_Kpm
z{?!BIK5Nxa2Y19)?R9C);qPVbAN8g2cZS00-ZrhVwY*6;SQxHghaDMDw(U8|Pn;3l
zQ8hKZ_#bD5xZo?!47_!|AkE_6?T4;o-L2!`kZlH{zxRZ9|1SM}QNx+3G90yb_S{Ng
z=vkFotCm+>0U~7JX1iNm6)l<Uz-@Cmg9*smI~bcJ-wDn^mmO@TtRj#Usv&mK@ZXxJ
zj92J_1a=j43k>Z4t(a?c{%ga+%v5vgG@sq*rqk*ZmBl_vIlpOUzI-#Dp|1aH6a+bH
zIOaQ;rKh~UZs}@jbhkcrJkj-LoE&XDTX}TcZ*?shIE^CWc6>DbS?av^gI(`lHV&!k
zdO`Sn6uZ(JlR^*p?f2&@T~cYiM~kzcOKv)PdKs=PZaRc_OKrWgJ{Ps3*7kRkgB5|0
zqtNir3R_}tZF586uLv4{TdSDgJ1m9eg)=H-3H>fwYpZ>#c8G0#x`+F_|86^5&?(2&
zM1ND)t<~%eEvDIzhGhGqjt|waIox+MAoXKzxa@PE=q=8x3FUd`>On8V{QS^dSkIT)
z<2j|ubNAN|dgz>TBI{=Ynxo6QNt?F}FHVzh(H&%(nWCP%$NMj`%h>*31~y94P5dyo
z<&P!E_P@?bpqUwq?*{Bjpk3DaF9lr_YA#PqkL)cJUmd#hsIPuM>bfyitC3$6>Wi!a
zJylT6JzDxYzCU685~{k5xuivR>3RVccKyv>EL$~$L;7Sgtv7Wp*vW`kt&#I*R0;G3
z6LBHKKuz5<`^(T4db{xK^0M8A)BHxe;u~kg+nhOrl_csgTEKTT1CTjLw=Y4CWqQQg
zO*J;=zzS)q#^#1Z*r{~%9cq-Fyl%^2rZbh@!X<uoy#z<2-4X>{x3zp+PJPSOZUifN
zEx9m@ouU-%c7GuB*2%l8*pChb?23S47-nL%_2U>M9Tx3h&V?lnKUbWcuPPf~t5ePv
z?GZ92^#kucu#kF8*uu)o+4LtZ_qGM6C=+UKPnR4KWMv!Q)~Uyahii+c5HM>GkpA>!
zzNT~bxt*-C<dR^o``fT+SAjZV=a+cHe7tXVJ19{@U~}8OCyiLxR!oAVDP?W4t(Ofd
zYz0_<oYdct@<jqL%HG2Dr9ZpH{#a{`{;<?p@L@|$6289J6q#zv#QSszC<@rm&&OF!
zdC^{6eL-qI8y?zaTgs%g9#YNRgf|GjY8n3_JgKSq5#}N`0D1}a^uyOUyM#ubl~^7M
z*DFla@Lx$QZl8~9xgKm*TG70JZ~0i@x7`ZJmb9Dl2c$em7Xv!HI(rxJe@y<>sgkv$
zt#t<v0$JGIUpFoLk+(#!*VR;%`zG3l$V`*LDA^i5U#@iPK-S}PFibRHOI8+^p@gmF
zcAtv!GF-*<^kP*>bHsx*Pv+H8e8&iA@+c&Jf5yILw{3~faRo%mZ|@eo(|^F7+Ue7B
z;#Q-<%3B({M_$S}IFI{-&oLp#jVqKESCFL3=ztYJG9hS@RAkco#|@c{xyILs@a2zc
zR0?@pufIf}=EX%YM?(6o?YG=YYexqLdPZ&ZE7D7U+O881BbxIlv8rq2%txkFWW~6#
zP`o9R>nh9Nxny6MiE2IL+pvYr7=u1Hz8d7uy95soK&vK?=G`xq`8bPwg_WX5e<3_R
zNb<8Q;5>ykq$U4ycQdZBNzr~#W$Lhq8hqtxG8<AmT=*#$wH9P>{L^rew(I#3RqT)7
z{k^yp=sSzLl|bpbQ;c-g<E68A`?>p-iT?;Cf#7HM0O4nRX5Ot`{i$=#&cVIaH+M@v
zM`g>&=(0E{+_z>KDioEKJPGfPj*jXS=r-}e?7<LtHmjaFNO5%128R843!mBGhoj$R
z>?NmHu905Kx%lV(Wp<j*k-{AgNBg^z+4Z^0$?wnxl86Jix+h@DB2eVDNa85msS=ZH
zRP&x5pX|GaG1j9#Vg<~A>!=G1JN!OUd4b`407d}3Zd59G4<uGy10~42gq$v(!TI}U
zxYe>z{}Z&gum%wiJ5+-AQut0s9ZVcxs_Ll2P014Cb!|FY>BDYPQhY9hPSYZQXHZPE
zn$0mb(l(4meKh1l8NmH#ZR_C55GeCQl~G4(l4Rf`XEH3zfQs9$0rHbTZdk39B(>Xz
zRB}OG!gIXt&j|-%nDJ0j$}L4k#^qSF>+9PEi@$=BK#dUrU-m!+^f<3JxY-BCi()o?
zglAjcDn;+>%D)6`Mw_ZPL-maxOD1(&A9E9g218cVOR3=Xo6Z8@g(TYaC43ZQVg{Sz
zaUZ+++1J`#+{C{gM*9d1EK`xiYx>376o_o|bRxn*$w6FlrafWq%MV6BTxa|tiH-Px
zhl7h{vctt*k3^GtkMYTVV!0*W=1f=%R{=AasF#!DJW+6%zk#p($(qKDmxk;fTlhxd
z<cQP*9VQ6PYbVIVgXzY4Arc>mk1@41*AOW_``hEV*}~jH5$v(`{GbYNqm`tf@`8(_
zSUHVp9m)9=C0JC%=6WGN#ty{mv8F@ZP8!H$sGBU6H&qp>x@o}e%I4t6!Hbd3bXcnC
zQ<CLEL_#vd`@JuuE{w4MIw&`f;rbE2DC?s_%wHA%`>?lI#h#YUN7;i7vC(NKIvR1K
zA%{~jI;O(p?vO?4{{D-klFDx{h~oUidS4aGesA7UHRfdpHU|k@t|h*WEP~hHA)|XI
zHQTqmDIm$jxB<<6ie^4Vd1}_(yGQZNGT-bM_<mxuy2o4FG&?&Z_&bO<SjJhHQdCmX
z_DJN{_6GHrkD&*#e0+Sn5fDN-(079R^=SytOmNl?z8q}`VlR%0=LRg*#~_#~*xdU&
zfuDx#RAllXfxo-(^LxuKiTWkDCkekfvqmYgT6AMZHzjz?rWK}jSw5La?KAQ7$JMiI
z>Z!W|=4UjVU@`?#Vi~!O*zyuy<+`x&1`#Cwq*Ii*`}kd4OgE-$70$-K?=IKMk?f|B
zm@ZNLnujIfWCdh_+&oeG0c6_l6q_El;)qLiA=7bDo3O)>adszbVV>cUKSc)sl?34u
zrQei%*ty4XFg{zgNNx<|@ku9<E8gn7>a+^zxYf(o5fEer3K#g`!8+d4!nGp8gRG+K
zF+HBR5}_4$|0cXZ(4Q)g*xh8fk<-HJJiG*&>#~~HiaCcxj~ND4CKljjIo!LTWZIt(
z;UCqjrAdyCeak*pYiY){i<W^SXt^OspVVZU)0g7W)v`UqLVw0m2yfUI=G7n^0{F}^
zuuPJ1vBT$RYEd;3J#qx{G}sY!Lo4qEO7bcr_VYD4+!v}=Yw_gg@$-Wsdowjw6qwA$
zRq{Y-y=hr#CCx)~L7WZj@i58kcum=_X*5jM{k&x+@$YjS2A}tzt```vv)(`NKr!(2
zubaep^(5ml1UY<>IlA5nw+a@YVm@vu)X?6%7Z#q28yHB`h*mFVVB1A?0hR+3m+#8*
zXymZiF$m_H{2b!d@W>YTZr3G}>7<C>2yLL2^4^YHiPM!Qa*ly~B3V~gue<^B>bW>q
z=T|qJa9CAP%upK9lXgGzbQi1eLGoJJVmj&>7Z<lkz3OY%LRVQ?#3K=h;qzV^92agq
zdkum)BK}TykF-WnG3t6R|1%6X7JfI8u^=wk(;*^4@f1E<u6%TF7_Bhm&iY3Yj+3b}
ziH50WqN>$Xi;5ol0mpB$7tW&DN?1suDO{e@;b8j%s=&zX{0bJvdx`QY$@R!8v%Cp7
zs*ntrdAf1rZj~Sj$lN0p_4EkZIv!VFdf_0z#&M-(h-6vT3o|$vQDSnEo$ga~GM(xL
zwW8{ZX;#+n7UxIRtkEBLL0<f8MajRb*?c8Zt!hhF4`2<X0%qnoZ1Wq#?qF6`u{AzY
zssZ|Aze!>cQ9cbN5hGKU8SRclBMn_|^jwf&69NuO5OomhlSq)jJ$@JFp>CJgx`FpQ
z0q$>L$8b`*7@o4miT8K{W$>axCzO&|>v(HR+}~c;Mm`jTE7jQeS^>UjN!dw|rV6Fy
z-nX&p`&^Qvn^v3dDDA<KjKY|c7+*?8l~O|G%yB<W;QH<XdlUga0I$iaU2^@!$fUX2
zMw6sobyqTT>i#aNM2&o;2m^W_9xYtFssbWiRb@Nu_n_Lamvq`m38MX^KKMcW2<6*>
zTQ*FJfq1YD_J9YMc;%g<cCgI!qjBe_)>S*gvv?`fU2-!OefBHrRk=Zi{iU_N_3wDR
zr)n*{cS_hl_WrP{WeX}p9(vzAxNw`0E~veUx%#?1_xyLFTzl|me&-r}gwi)as6Tez
z4y7iWw{d69us;8#K~Ld(P*Zoh4B_<&Jv-04V>D(Odm_Y<wnys{4_!Mn{`AR$-(k5r
zJDY-(g5vgu69$a3n6?7T1?N$8ORL8!j?xV?tSO@EMI`Z#N=gs!208OuGaB6kZXK@Q
zbQmoXa6{0#(?d@ch3l-)d!yg<v#TrT5l?lo!_?`xU-1db26ayvcd7#ONG4!FJEdHX
zenu(m_s)qJj)>U1rJL1SyA^$(Ml@W?U3CqiIxT@>YqqYVk_;Bn^U?*BeT}|u=1`cD
z@GAQ<%w2Tiw3rEW^1O0GeSw2OxeEG%Eh6{rKkCg|X}OyIDnyY?6^KEa$%B}iTj)ip
z&Rb_f80qPSO?+gTL`x?4MkstsHB<*kNGNUs;%0=j=jhfIRoN*CC3vM)4$!&)*Gerd
z46wi7eK}{wV>~K6&%2H<rpGxLL1Q8USlY$1>)z3dx~S!Pw#*_5t_%L@ov?DqA(@1U
zR>XgP*n?scZUb4F90pzA5UefYbz_z)zV(p4myL4Mxx4R%?auU~8z!UU&W7-0b?wiH
zYbI9fXDiV5(>;sWxz@tS5IS><u9j|58%BCwqoYa0my!2s-v<-9C@rgCBmY@aNE`jQ
zoJh0qd&Pb)BO?M+lLqE6z{Ll-1-nIT<G6o_R&`k1Uw$s6HJm2Y3yza`s<|KEHcq+7
zRLxqYjL-Jg&erpO*s3z7zOwvKZ!^*B{VqxbeDK#?34?e(xs!<JG>C`-x3p^{BX?o@
zfu)5iFO)Uz>(LAJ<`2bjTG!v$rWmZPy<ZgG^U=PBOKZsw*rvCV{OL_zor@AJ!U^$M
zWfCovGF7`3HI{5&y6k2$fS~^PE!Kpj@j#TLLpt+Vs{DUCJMXBbo+$AL5KuvS?}!2d
zQVhL?CWwNlC?EnsN~nr-Fa%JfHvt7AO+{%+?@9+l3mpl)6F^D`K}e|k(C>cFo;|yJ
ze&_e!%e*`H-kHpsm(0w)A1&U)tYgdj&8(j?O7-+r;KWaFS*&xvX*tX13Que(4c+Kj
z$GPT-w(9nZ+wZo*4^GBjhPiDqHnccowxRbEW;mIXZnHhGQH@mc+j=j)?e^q}x08K#
zcD8z<gaBCcpyiPUOn_F;%Vt_4n31wSoz0V+_8H6jsaePj+6gn(@9(Qc-~U84@a6M!
zc1NjNc7w?vNi?#Nf;>OuLwxzN)=g@2z0%rXiwn7vffn~FLCEwl0^i;W_ZDS;i0TI{
zE&1-k8>HCJ>+g%Cg{@0&<K73<nA5xn3|5;>kiB}3L3qA{!6kc?b6%raHTX@1;O${S
zI6A1srv0Paub4ZTc?$38f88hgkzFymaPLhjL}V}hC56O8b`7>*y4mca@LHM8FvGNb
zxmjeYly{}GL}0HXODqnfiXZ5x`65FmdQYe|D?faW*IBxRy@|d5CL*!gGo|Bflbo}5
zgDTc|xi{Tq8yehNou`iur%BXr6t!xjs?xNan;Gu2j;E&2dUi3sQK0m>I?wNgOZkr&
zIC9SnD&#vRxd%2We1bCazqZ?_`~>D(r0~dTpGW9f(z*oKt&HQ&aqfmcV<`U`|D0hx
z#9Y_;@~^YUi2biqGg9%WKog%T(47bw0n<FI7|rp|Lbp|e^mUlFb(Fal8up<1(fVY@
zt`8ENMJPi@z4wS>9KZEN6Ng`t##tqIIjcg`@A+Q;#lF|)sGjnf$FMvto|)yA&ADw&
zo{zl=<Dt+|8e+)rGGBejg8HjVV3qLaqRuT5hMUnKNV5?!!R$k3ck!390=7XKJeC5)
zppGRV)jCp^?!e=QQjFJ*lj^@%$ML9r4BBp@73#Ewh1tu3i&K`Zk;rudiK8Cv3Ns&y
zhNj&5d{4LYGX7rC_g|c{`+4@Mro}JdYZY+XE7R(->oJgc^wj<WmN#wqO|t1nc@-Kp
z_XG|f`De0_R=ZUyv}L`()cnksd_3pY!!6|2*l1s5-`9z=t!!>gAzfWJ)7k)DM0l)p
zK1#8*OFi&fc2166*w&_6Da)t52*S5iJ-65;0o(K`0((eI7SyM3nX7SqD*A^~?{s6i
zL}A?~4{n1R&X<e-2EV#IdAJ^6C`mmPe^g)i2DIsa)>n%DfDit4k5JO*d@!-<u(#JO
zP}jG5JpH{dW~jZnU8>b-`p72Po^Dw+^H^|QuD-W)@!Mvm@4$lc>@lauk?O?3_VJhv
z{ybaM`)#&$B?(HUiEEQEs7M`rW3++(Sfyn4+tcC=JWq-RramisBEA{((Ca9!-bnP#
z@VYJIyC^Z&4ymT1Gc;;2#jpTLn{rPztYlW};EMEgZ2kadM+t$uBpo2HrpxgzR`gPv
zPHUNjLZqg<yG%hr0mIod>Y_~9cDg-JZo;NL^$sgnKt^AWQY%-taL30}=>W;z6M*C4
z5DpL(-0YbDK_47F4$a-xV2!bVn_nPP{cCFf7jOEWP^gyvg`fI~@48Lh?rgB#Gd8>b
za&p+Kf_T9zX;hIVZGhF_sZ{giXRsNN(PaD`7vkp3VEay`p|uHXsxX)<|I1?N(t)k5
z?Zz)VfRY7}&ls6n?{x#OK?WwUqT-6M%uU$vuzJ9?>^q|B6*_idoX&&aweWL^T-af0
zsMOXHCa=(~4O=*o0KM}ny~0cOz|adh$06$)sv({E*rvdT8fL_c3c%q`9^1<nYUpMS
z`0fZIR(Gx<rtDvR7>LolnZ86TWE;<+RglQW#&)wf6@}9Mx&`v`@wp}fyQ&|P$SHRj
zd=mz2S|@UZ&WDJ|p_Odqj7(VU?$Q>>N!ld6&~1#o4JMb$XhXe-Y>_pn{;3}^+>(7@
zX4M~-yhDc2%<5Ozxhp+0kedNh{MEy8>CuUfwJT*<tu(-JDoxs#vZ{+<^#}$6-yS<U
zb{N_KCj|1ZAn%^;lF#Eboy{!5uHP{04=p@%!?icF@zM{Y^fuwEYRo?(&pDRZxDUp(
zx#^yzx{N_l28jw+vshziCF@ALRBU|H4qD&u59|klGb0@qIQ>mBkq)`^lYt+KSIUiH
zXSmRgi;u#})5{F40aThRd3iz84W}g_xJ+Li4aAU`=_lg4%`(vXf804z>x}tx7{Gkc
zzw-QNL)X#Zq|2jymNgP>IYl4N0sm^>@TA3{T`%Q+5|j}<mv+eJgOsVU)0vHvYD+kn
zdkLXsro3{`#_zc=Gt7vmCC#nq@!W0}FdhyBSa~-i;R}4VrkhCkGN&I~=9STht0CWY
z&q{L6joRxz&Rz<cDVtmjJ$LxAp+toC))<%?24pdHbarMU_atrGf33?+(M<vRunE98
zJz+(K@Q5Mr8XKRE7N7%}xW(ipCN?k0FH2b^@TBD=%fB%-iFP)&DC1MAC4HQ{bUF9p
zRduq@$&n#2S>@Pghfc3%KljnyC4`YUQQ!sX+RC#-Jr7dPt)tcxK)^U^o(we}bXhXo
z^G2VHhLC20P%Rr)cXimHs;n)7zxsA$&z)^9_Kz*b^G$cl@N_FFvM(=AT7<Z`8y5Ab
zJ(G$nu$lI=4+ygoI+LNxK@NN4HD^?6px|EWX?4%o__}{*U!Q|R;9V#XVLUK0g5u%u
zS*<=t%bMERsejiR=HMWsth_%XTX+A@B&Pf4Y{zAJ34Fj_v#pcXVNdl;v@_xNobAeJ
zxzQVL`Q^zP|1Wt8565b6=o{+U+&e$docMZuFT3N~T^O++rn6AO7%8sH5h$azHA>_W
zVk+Bx`~p5dU8A@8TO4}HJYYan!S=2z=Zz}n-yzKGVKJp%9#5YZ<w*iDxAxP~qEbNa
z*j8ZYTnF*k_jr2RN;U8>_43;%<O}z$vCGRc^71)$x`u}T44kNw<WYm3-dp(K<^*>^
z1$sV+Hf{q>TuqsAuP^7$?X%LD?bddjsO0`x`FpgXoOVs&sjlW@nKI99o#w|8To2M;
zwb?Q8zL?1h<`Jixkf68#quu4YdzK?X>-lXCMn#8L3uRI~3Ng|<93O~IltEu-tEA4*
zBeE98&RZR*w?^Qv{EuHt=erBKv{fAHcAUZnU^<kTL3g~P5MODsp~=~>$jI@QJ2GOD
z{{H@hd-g!AsHnKOHUgpMgPV@k4yT)I38ewT%u!uw{+$T_-F4*a6g=KNEIy&c@6~JI
z@%?uQ+Vphx>`cBCRmf%@TH)vVF~nZ%j+<jXoQ6M&I#+T?z$ZCeQhkEitao&D)_h>d
zd$U`-^od@+sM6&%g~WAfi&&E4$CcOXcYeAv@wM=0iAE4aMoZ@BGX(Gg={m2T%`B(4
zW@2jDFj&4C_RTATSGiZmNLnU9D6Z(uTTV{-UQ@+izG&aNMYFp(B|c~4(3_r6*7;T0
z=V14Vs{i(xVrU~Qk7LF(a=WagWD7@t{+HQD3;*;dHyg9H<M`T($EyCvH(Q2AC&C1s
z(T%IWj_Fd0EZ8qEZw)YO`S{?b;;|z>!^3hnZuiCwdUSS=l{iJ`sa#U~u_j+~MM`_@
zQ<u3_prHQiJayzlrAyi$k3Z$uzYb<Ne1{=&;pXajT1(SIJl${i_Q=(+Vct~MQg4RB
z3tS!bJlg{W#YJwXGkgwZMVU;8fcru}*bEXv=WKw*yOyo3l2<W3Jw3G#QcgPlI_|&s
z_jpm~g|wCNGvViZiNjy>6lslx2K;x+=;JdR7|J{ey@<oz<*Vl&u5FUYOpAT>2VNxQ
z_RWn(4k>!9U!vnxij!(oZ@D9%Usi?F0Ks>88GeR;cydWQwx=-9%@yY4MAnFvYe2#M
zq}rcJEYDh`CwY2aDEc8+E5FxN|IEk|GSkvmzZd$o<eM23%72cgwT);MslR{U!gXG2
zzLe@g`(IZ{8h;+(P$u56f-$@BC^}CMvy0!{p1tx{qP1l94*wLcq`b$kW-pp1duaDr
zE>Qrxap+EndsTh3-)?v}IFPhq^nW|jr;F`}2-;DeSocXjn=s2(jN1%ieyFK=pDCHM
z6^%BqCGAcby(^&YTvQUu5IW*J!&O3k{Pe+t3-rlZU|3VC(_?_Apz<&-<M~#AWn9*C
z5W+I<!^}==J0_@iFDUTHdkrVlm|K}0kukJ#&X!8D<qxm|7K6k-{zI|?qi8u!d5owS
znIZUpUQwV<*^4r^XjyvOQ$kd#3}ES$Y66SljNv>j;sgT~LS#HSO5t4Y_l`~gL<4Vz
z-dF5VgbYCn5JEn!PFL)D|4@AefUD`R=`rT=+M-gMQ%QPL9Z7mPt5`r=!SfoS7*5AA
zAXRo#DoITm02Khrscfl0pg*#w#bm&zCcymZP3b?@{}nnd1_b^ei$S(IN7AsW>S|kS
zYk||%PcJW7AYaJ5a$bR0a!Lx}%+NmbVoQsbMWrfPUvDpJana68IU^@1OgA%|Kp>E6
zl9vxxSDlV)NgOHFl^TI35QI7(56|KRw-TFzf<pF&iHV8%5xF5B#M9Fgf;iaO@iH(p
zv?OwLFCUGLnx&_w2Ot8LCc2dT934g3*x3nw4T&>LBO@mH`lRwj8N@mNsoGH-%byO&
zX>5dS&NM=)dV=~0HHZVBX=|(KnQmZNv@3SryRxBy56F3pS0Noi{I&#&%++CiS&%;N
zO;li2!0q9n-Ge>cLfN)|vV!`;!opIRbdUlN03sRh&Aqr66cE5Ob3nw~)~?ol4Uj|-
zw*<#GSBG-#X)At?jXj*KhbuHB^^K{bwo4nfKz%a97|h<%=uQ9QMt=gV4!&2UnzHTE
z7<lw;(gH|4xDNb81cvC5-=cL_@ze_Gv5n2e_|@pi;J5CW4Ijd|XX%;%2Qa`;2Ggnt
zgnKs)I!VOnSF~%xU>5rqDTVa#@bIO#^#Q-7PY%}NN&9Zzz;?E+pI^;kVVlG5Cb?ds
z#kmFI5l)7twW3wjyr$i@uDPZ7Q{&=!`}}YGA=+Zzu|srK3(@HHOgd`Jl)s4u=6h1`
z3mcb)TpBDzY!)Pl%1@-fq(LRsftvAsa62yO1Wq|vf<u8ALkS-(u|r5JuO|AVeN3ZC
z-k3X;_13-MEH${#yO5QbViMhTofF{jLdH~OZw}-bAMf>EVVV>XG!{W`Sx%p)v>L9b
zZioVU+6c%94n6rr2bsx93QEIq1-<U%A4|;$j#EsxJ7pI`)cm(~>b4YDx$u;;PkI6h
zUaK8~&)ryXlTVz>ek>=CDBorx=<6wgJC*U$)WmN&5N;C2`&fwIt!!|H>#!}?9e-_x
zn%+M$NL`%H^`U3BAN=AkE&-J^-8JF9?FSNtKZfc&#AfjEid&jWRq~D464qjUueOxJ
zhUz^$D#ZdH9W#+cL>v;`<-vtZMuf$APH9v;VoXp$MPzi0qX9UD(6GJ{*HF4`#dkTx
zqOP0dABPkV>aZ<VJp`7bdUqVwhH{OJdafV8rXiLoeT=s#GhJ2i+yx5XvBl!YGK28*
zp`=a^<8%DmIa1MTV>YQh>q>+yCBGoz)?6-t{>&t9A4ys3@xW+*ym0F#9d-!Y+BCam
zAbP1W9a~DO;TZ7u=lu`iC&!3NYDigO55FDBE?#N9Jaf9;NLt~^cn|t1Onw7~5;k#_
zla;T`(Jj4ye^S%*4v0L|MDW3#$<PND=(|m<Vw8+ECUqcJfgZ*8IeB8PBUcJgtYuL7
zEbmMk5Y&!W9&Fc-v6#J=a9u+Nu}UTZQuO+HBh^SAL_NzhMwwc(R=^-mTyIayj2*C-
z2REiujzkHik>cvtXS0SBc^R_onfXCte&xKy^Uad#&wSa8+JrG^jMr=aIUxL2r3$36
zZtc=^)HZP#&?W_ns}XECQ?$}<6ks4<!sJJJhjHR7>myq)y@qbyx-rM2OFjb>^z!{_
zx0^VE%-m>GCD<}~x{`u#%X;dn>IsEZ69?WJsD7=@gVd8UrWVVuHzd9Ye)z3}`}j0V
zGcDoD9W-V)Y;F7c(|!s8X6}F$eJRopllRDCizJb9<lKRFW&ld~aFH=H;>lqL-F{+s
zyx+2r`rBNTTp_U+lOL1N2^mT3<bUT|w<HvV6xSQo^!4%Uk|y)puaS&LRI`r>vajf}
zH^}Ph5js9mKQm<an25&?#7eEU8)ewf$K_fi^4mq^<9h)b5LvJ!m5m|WOvz(;@Dio}
zP7-*8P;0h$(p!Qo2i4_-Ud1BI<-r?HwQUfT3k=pX>#|#_7t`H}B|r8XL3fzSZ^a`z
z0_DGljg-^5`Nxfh8r8O7$Iubc{(8&Ok1|9KrFOU5td^sJL%+l52q8<73D4I;tCBt0
zEY)K+xH9KVg_8pKJ94Zd4QVVx0uZAt)*AZm#uhBJ+&UljR-b;kn3v~`Q3N$n2{fC7
z>M&2qUHwG;>XRuuK-xf3a-x{oj$jIuE{*f#Y0=B&1v&vvUaj+aI5`!@BbJ{|DN3%l
z+<ctMR=W6`xOhdb43e}GF5Dk}15#ff5_RO+YT?Fnt31E=__jc&IZJR3%^eC=iYtD6
zKNulr97}|(&s3Oc^Pd!Teo!IV%mkDXd%b6cRVa!;*JVD?G!hJBIp?Js8i&y!$l(L<
z&=+9gerM@mH>|D=EVeh2elFnpPA)e*s$NcE0D60%RJS;XGMGtdQN%hvWsS?c!O~Ns
z4n7{zSnJ9Jy$0(=i-1Xi+je01sHiW+^BY1*yoag0FK$(lSINyDinVX0`5u$1*X9{O
zy;(M}^j`J5aOcZS6XOwvhr#rg>yYDesdegFr>v1YfxzSmInBHrcKX95<~uDYE_hk_
zEy>7E)%G?fXq)g!rX8d|L4BL*<hOnl!dN>%$E(i>Tk`hy_I$TgV+ADmdFdhqLkAuE
zqPb!lTl!nh_!}qA^|gy!+4lSKR-^U3Bp%yCp+2HEui5et^5{^bny6wL-#fR?EadN;
zg{4@&n%TkG7B4sMA~_Z^;+)uJT)T`O|My$w1a;}&c}6}?COB)@Z2F4q9OZRJI#*L!
zOJhZ{J5{27L`ne`#n1$aH5V9&>l&Uyi{%-FwJ*9SMrL0$uD<MX2L9m|8T<bAl=WX%
z!c@YdM2_HB^K%WN4i@bje&0xdL3JQ5EXUB^MCMT$jAp(7MZ`{S2z`C9;w-at#OQmn
zJVpxT(Jlx$&g=T({S^v-KeTXouiU+%z5p?GGG}*2@zNMjSCa^m;)dlDm~7IzCwqGQ
zkC+VCoh!Oi7vhNw0_L8&bVgg~6Y+thI+uOI<s<TpqR%J$<21Z-Ixb*sOvDLDTj@Mc
zv62X61<jst<T;Es$kebENDc($eh1=8-toMGWG=}}yCQa07_H4VJ1P91V@2wgxch^E
ziRkIYioG9ENAoY+&(Gr3U127V5F!}lps~<)TX;MfO_{}74hY#)l!^}_j(u;~JI|ap
zrTCs%-6JICMkW%YWYPd+o+$O!HMkf)L&_y35QUBS3|a^PMFADE;h{m%8npZ3H<#Yb
zlJA9u$KZv@4^X4K&M;Z@4?gGu$-MQ&p#+^>Cp%<`eyXd_`Q_w0!kE4YVZn*79;>u|
zxXdi$HI-SxKRP=71^EG7>mhf|6rJ(N%T^>2Zqw*A^c3a;E(f0GsJS_*SLBjWcYcJ#
zy<l<?12UxdMCxiZ8`rRCgwpbdQk#+Ujliga0$4Sy8EWYk?<-Pw_+YLfcc_M6obS<k
z|9R#LSpn#V{EpS$2g@C=LMl!CCy3IH?&7eW&UxjM7c3?k{QUbMLyfn%;Pdd{GgX4$
z5*Q!)?x+}y43Y)g8~a}Fj5c51R5@>f6%wGP-^Reg+<0bPL9-N^0pt~tBHNY{<U38e
zMnx-HQrAXcs5<@no7yHlv<$}C-R&+RyhuGO9f$p|N<-skjV@%vUIqqklLh-41~piu
zagr=H$?VS3H>of@1TVl@USmByI-wh6M7Z;qC1Uo8JUA&=cY+TMo4t1|Btz5RRaprj
zqCv<$vN;gJHD-ye|6xOEdA+uzje@#Y`vf0OY8VMgLt2e_PO17&;TjjAK4+ZC4i+OS
z4;_42QkV34IKPuHqX4;MF8zGRLVP?=-YNqI{Ak61T}Mh)1Yb`i(5R7;0}gHnIDk1n
zhg&T8Hf$yJdQ1hb`NBTh41KY^3u+w2RFpKEIZ$V8t*Z(-1mHR=h~1?jgcU#a6K{3d
z_IBcPx`QhtY7d`C9+3)7&meGNQFW_McMbW})qACUF4hi1zpvB&Gf$HspQq3}PY*wB
z22wl<j>WM)cew-Nd}ccOT<#;)b(sgB#Oy|p#-;ZI;P#r2DXLi92rS_D0idhj$eBjS
z=UA-+Iw?LDW(WD+9J9V4?d8axv6>fAMgiR?%R_-!g3mT`s$5%*EyjlOqFC00FY+o&
zP^d)Jsia{EP>u5uFk2lx%1Lj^$$fv3dT+A(vz%wGZ>bj`7elZdQdaAq6fAjGTq(7J
zvjcIk`sgQ;$JmQKdKZ#q@L4*(&v&A`n{FyGq>6l@x+O8z$ItvVwHk|dm1Ugmq$j=}
z;@7Onfj|d~>%{g}ZTJEMgxnrI8oId2h&(j(RV`eA!iCdTXN;AD?``&><|7<}c3x~W
z<sjs<x*~b|Go?VCR>jP2f!0Z?(0tQm@(DSMjU!e^ZiSh>z}&@^BLBu*d#Rl_1!_0r
zeg`zu@5a>MZ`e~dx7~i#7rS(_ouqCfZiE3xT|g}vx?3W8sId`@LFJE`W~v*~6h`_Z
z>sC*09MT_)zNCu1I^W#e3JZGzRzI?e3|RfC>?!Bs>J=*$E28H)!he5OudQ!~m4g49
znRsy*H^C($Z6?cRGvM_EK7CnwV&ikKtAkZwZnpdW7_L`P>2B{_h+CuSLp}jQ#u#d8
za%U>X5O@{$pmUD0U`0(R;l}4@@7rOCPZo)j&z^3>D11bRQe6~EZ{4ly@&vv0aylN~
z*lkb|CIE{Sli~rz<Gu2`7E#TRwC$dmB=8R$e;y>TymtTld`d?3Wo5^x6O)1u-!%M^
z+_?i&uzS%bV{pgttRd*Um#WX2=X$}_qM?nd+AZ9BB*wItf5CJ^3ailbqc?o*8*f&1
z?1|bkJ8$4q9N%k+&UsO~_)}Qm1j@=;oOOM(!1?O?C$?mjp`{KU$II8JqvSpM_ZuRH
zo^vd)D?m-CY;@5AuwyVtY2ZdbD1uW4ph78rTqm?KX`mxGPq}q}1OS>?Oez_`wi1A~
z(VjA?WQ1U+jH<uvs((Znz&2EXNN_46_>}$!h-d&|;(v95{!w>&^ArjQsM7>){;Td3
zboJjX{-f?x<R5i^EuOjvfR=2i0Pp_O*1zgzp<9GLi0@3`!IO{JpiE#vABi|Q+RHuy
z5}4Ug(U}}KlYpH}4`l+R?-ahobPZr)>am};=+sxhSrEwj<h0qrfRR7Q#D6b9HZYF=
zBKC)^cq;$rLI4&9$p8OU1Ym9dYemKX%OVh3{=ZcO8pHth*UC&~m$0bWTH9m*yvx&0
zrWbe2oT>9CAXu+qa5Au8A`VM0R0WODG{8~m?tg`Tl`Pdpy@P)-F8YF#y8Rv9W)S!q
z+Cky3RX>}#j|bDRNf5uP=m0GjvzxXABI3Z_qaJ%e#>Qem{O0%JJ&`_uJ=c+rq;|#(
z(`*)~DFq!L#w!DTs{Ltyv8O_xvM0moEr7nUO7-FVfgT+lJx9_E{O}R`^7-IT?`xj$
zqw(ydq$Heo(+3LBtQ~e~T<E7r^-qVx;+y5`Y~U{@g~|xh_R=zD$=-DMGfZJQ4hEco
zDfR^%3cvBYv;62n*V6*s+B);4x{B`GGGH||g!$Cj+4RW)iLA8F&#-cbzQ6{c?-X@B
zewazhbT8X`w3f-<8n?&K{}ACdjpxteuTXin#8q+iQI!R92#Lqz+g1MYemcEt@qC$u
zO)^aX`>?i1oQ<#oS;wluM$CBal}rFs1GT*Cd8=MjDo~<b<@cy~rGg7?iOuOqEepbT
z4ajQ>2A9iT4?0-#Js9!(>=v)be68})ps>@MiksitBrYU<N5)FZbpz@u0#b#uGCG%F
z{&&Sh+m(+@Cj&k;CN+U;F`f-<h7C2?*QX;JiTr$Jkj*J(oEhOcnMI`^{Yn3?vfK89
zl1{0w41BcWoW>m-JiLY=q(lpk<h7xF`pL<W8K#ZR`}Z1ZV1e4&f0M2z=iGSoNoIef
z=ITZQRp)2>%IKj#UcI}#aZg1(1!>=2J%nVFJ=*B)?eTUxO6XmxWi{X2NLT1JB>#me
zE}nV8{TF5yCSjORb;EXt-@Eo2ph`b_k>bQDiC0^Aqs$hK4)Dpz=)XU@*y->oc$=!0
z(tKJ%;cN#x#z4@X6r1{|MHe2fMak-#+X7SAa<1Ah0eco1QjCG*RTse_g>Jl4DzB}u
zN`s}x$Ze<Xmiu?6FS#XOel~9M)y%!>PxZ0a8>4K63WI!3ui0b(!$x+4lJF?xI+0B-
zKa;mLr!Y`E_phO&G?)5P+on(Y=52N=Royd#Vx|ROBVfS82+-uN-_|M8vVQp=0(col

literal 0
HcmV?d00001

diff --git a/docs/installation/images/ocean_save_token.png b/docs/installation/images/ocean_save_token.png
new file mode 100644
index 0000000000000000000000000000000000000000..a479058d02283f031a905a084d54092fad297516
GIT binary patch
literal 51520
zcmb@tRa9I}w=RsQf#4e4=>S0k1aDk|bV7o=ySq0I!QEYgyIX=g!QCymyZz1ky?c-S
z?{jf(PK~~(vASwjtyxo6Jx^5#SY8qhg$M-(1_n)9O6)5P3_K792DTi41byP}OGOF;
zGw?=QO!%7%>|r{5C5<YPgt_Hnz2zc$xuv_&479?vu<d3hv>2dVZhb-!Js;iXfmgOa
zXHO;nZZZSsr7gLLCT7%l^*o^=?ZtidVFi&!b8XD~`2vw6c{o5%QbK~cl@#lr68mAj
z-bTNXbBV+%vj5v*6|rp+P43p8Y*B)D<m4TH%Qah=m6-5Zbh{EY*q!<!NE2m3gI`OM
zMPMWK60Q|0w*<QqcD9{HRvJr2QnxO)<UodiJ9GNjE{i%tJadEd$qJ+YZbj12cDX^<
zg|hsAdK2FGF8)SaPq0yJ{IH=CB1)U_vpd>uX{(#XX8Klc9W4>P$KKUj*yYhIKxCar
zR8(|!q0Rlqu`5WMo8PO=f!FgX@1I!&TOo4${kNngLMt@xpv5k<n6$h+kLWO*NZse>
zn+|Q};*639(VF=~w5|*8<p%5351m(KB8ba$9_yA}iL2=UD1xm>{rAY4Q!vp+ffY(a
z0C88@`i_k|4YfErZer-Hw`=!C=oxC)-)#nFQtx0P*83d3phahl6~3i*>)WV@fZdbG
z|LA3^Y|Y4quaR;I`+taO6kejT!fucrJZRHk(t3km&azqcV-+)WxA)7{5-skiXXlll
zUnGG1G3hir5+hQ8a>*N;>b2;7ZSYO~eY6&6^I1&JmVi4@y=!Fs+Qv`pgB>MQTrMub
z=h~s?bF!vJvquS7sP(|Wq!}y`S)n%s5qE#sptDWQ<Ch6Rzi~7r2%8NMKj=QriGBM|
zGoODYHHt6MSjB#8Z5;}FIv;gQ44VydMaca>8f_SAz1J3_*J<^b`)Mb4QW?or#V<ww
z?jKPw4S}g$N9#zoKN_VYP~-m6gv~}oEI49V8;wi9S~LvIuYZ*Js)atpQ0{#H14cJA
z6^GIdclW+FdG`MZ`Dg8@&7v43<m|G)HQMT~o(+8UsPD7!Bqpz!3qr(sZI;HWd36~Z
z?tARDCfa=5pXz7Lv$>Ia<<pf3)-{(9xSGOPwo*PgI8akj`SbYr_|DnXRJu-0&KT#v
zr8h}0(Y@C`oU7XWx*|ZH9`jr;SQQ$n$@D7ylkPP)zC-xBef(e>#q9<JOZ#U_fQiQ5
zw<(N>Si7cDt%^e7tZ6e-N5}6YMvBI$|C-wdzHRK|=PduwCa+Vc@p<x0n*Rv%YU3&X
zc6}$at<9^GBf1UJ|MIjp5VC0y_46A;^?&zf2ScjAS?wA37`Cm`OJ0UmgztUHWZp|&
zzlZP0{Hj}!<5t25mFH6<1kR9r`!=VE;EEKerNn9SNuGb25-jf{(NaQAkZ{#KhIZg|
zB6CoGB7ZP*vPAEm>U=bLv>H33xtckBAlmqL<U1l%4k(KPB9fJcZ8j3IazA9d%q$kt
zHtEjcwlFK<I64;bH(W>{hrs(L>-cFs?HH44TZvMI>~y@<iEJJ$TQm7Rf1Jlipj&?R
z^$jtBQdyY5wl(8t!2{`#E-{6>!6dJ*Dl?Ft6#OB%z902!nj_`hSJ6Up2VUd@2MH&D
z=<}*pi5+ux?Iq5_AkXTbk{-o>%~{?k{tt0`1J%b@*`>#~84h#SU#FUc$Y&Y7ZB(r9
zwi~_Tw6EK7EUoHD*(JOMYRmgPouqE=b(AUq6&&Ob7qwP5$DYlb?vu?=?$>*ALd44d
zLoCbVDC{z&e?TF9Muf*9%Op`oiCO-{*QS;6M<YdIN-*zoh91A>os-d*)e&Yhr`+{{
z(3_wBpn==w7tpI;QGlaBl;B?FeYdr~b4oCK^TV6!doL&H#q5vj)B1wy6Hh`Zv*zA*
zV&wOmwKw^<UcqT;D^ID?uYLccr$s%tvh1q66fd^g9CvTv?h`#FdjUV~xYHb;)=c_p
z;`qo)yYkp$Z&EM5`JjA!d@>UwDM@n4{+l~mPurVTBkmM-jsv+TApiB^`1kLrn(6X8
zJ39`Sf4`K>&#Q70p{1j6adCYV5GWJw6C(fd<Hx;sX9pJ!4vtyFV(8h~1U)^yClzhF
zv<Ei*i*t7eORRCvRfS@k)+|NMw<8Ab#Tkj*LYmkEO}rgm1_?6FBcM^+ilS+IuKdmA
zBfRa}FIZAuhre?boG>s@^C>MWOMmnx0K`4>G=IH`Zn_Lsh`+q72zQ;xZfO_Fb@yUD
zXro(Te$hE$^4aV^WA++`7LTFfVOd?H*FqPR%wvnq!BJz}tM8Q7s?af5*jzu`w0w1J
zaMbMeU2~G6XnI0B<>oT6xvOUI@~~4%;3J=`X9Hc^QJH3sA*ai?%Mz?z2fBPQ9qn&b
zUe*XBel?wO+a(j>-BU%1({<*`jwdUcp7)pIf5&s{oKLi-XJ+>Ox_|q<;dDBjbH;bs
z9Xr?>h`q05wcnBbpw+7K^7)h9Rxq#Qex7I$`ZN~I)5FayG|jGj0g-&Nfq~?LV8;1P
z{$w?TsJDmmnN0x$0s@MPI!*Ym<`fIG<v+~CDdLg9v(1cqYbQUmc9nFDUjJn=YB6nB
z){poOI8^vKv%2Gg#fd_rr>FPP<JM+DFck@%L`st@B+_;KO`3qa60=65$uV3$Dmnhv
zY}1Qy-q1|&=}A<i&rV;U={;NkOWOtc(2Izx>s=5nSObEc^2H3lLGl!d`N`~-r>*v*
zT1})OTixf#5j5q5hW%w_v!m~>gDliy-@dAr+`n8g6_Zyn#?Rs~3U-K4e44IEDAB|E
z=whR?O6C3iLx+c-IHWs@QuL#K?^`^4d=aEN<1sSFgBdyXdW$Lq+)e+=;?h!C{4_=e
zhOgq{0ZfFDUH%TBb>aHaN}Iah8;o*wd|KK(VNpzqvL^dov%$FcgjVTTUY*g2ApK5%
z<Y3%Xa*4l9EV+Qkg~wA1c`8Yj!6<Xb(HaHS)6zIp!@sSgt{e00HVG`d$mAx6s~y_b
z?RN#d&d0+h&3Hf(^R7U&QS={f6l0G3^3b~IQk3#wKqFkRhVk?J&%11nvQ2g?a0<wV
z(nN8>5)w$)!7$aPRPq4&Nepm(9K9)4(1U%tjpM$L8)fMTP6tGycsKOf(!VeLM{Bbq
zgkUTf4`|lbQ&Bh@hbghw&Y0p+Ez-d%LiedgqGhw>YE!z$Uped71+_fk$I4uT#Rluy
z^{$}wD{voK5q*obWpd+Ozz5?|TUk$=a2xq3q??WAfFt!o7DsV%R`+X*i0#gRA3F@-
z=D!!~ZBumm>0B<%CXQ#W0*S3Endk>+?UPSmUC2E-?ABUnE=jL+CP+Ro@aKQ0!>Bor
z+@GG>zIW>e^*=ulyiMf&DR-|HyHkCD5*3+pq)ykN&3b253>P5ivE1xv!}&qGT_aNP
z{wJBs8tey^N}m^3B<sCNO^97Cf=qdb8Vj-Td7|y_W^=cnNEQk+qy1EdZY6cRpA>K~
z@)%dObBPg;=ZzfGcuRjMx73|2;C{^l>HYnatyXIioi^9(SmJhbjP~VEGKVn*>O!M!
z?o5R?#vNEggQQym9_j6$+p|qPJUm*ReMua8`KkTs5=tS$CRtKs3XjG_S{lr3=~z0`
zrAAw|W{39%f#d4^Kbsx)M2MnrM%TC3z5M-17^5f@FsUnDFN{V~I6s#tm35~6dUCwK
zG!+XoDW#;OgsZBm64^Q%4!gdv;HNf3+&h>qNd$^cP<k@nMvw_Gj7GlW2&|=ismBWD
zx5+e}EO^huqYCM6_k0lZRLrE7jKD?6j6fM9x<WrcKNlk_V%dM}4#Dx=f;t`8Mcc({
z5Y<-F6$Sx;j7Qzre6}2q3!xJAxaaTNv3^`?P%?ORi5m!%0>nZ;Y*DgBT+3B!B;u$y
z!ka0{#8S>hWNjl_F%ylmIC`k(8mzV1h`OJew9U+l;lkfbI4rev7s4Y?OZ;@H<tbKE
z%Bn>^KaivT%9OMbFl*o`7Jr>`DwK-t0`ZlbEKgdIe#Z-0%i}Lg(rU8HuQUXuv#8h0
z#_`mTwBvc#`q6$)0PsQMS<r24jj3YLoX}0rj-Q_&A|_M!rdJ-1_p=8-?<L|K1g~}E
zE%eRcw(WJ>>c;J*rN0NHD7#Dm{5cq!H43zn)hXubp01<Z5&V%?!?j1NY?ni$U;H--
z#`=2d&5Xsyl(d1n$h%S%>GLOGdh#^#s2a^}<>HU4!Ey0Dzfs<gfo)Wqy+}C28uRo|
zbOo65w)u@GH_|vVxB38;;19r0rkgWp1ZEMU%_gbz8rB8nYaX$<z{~Z^`GzICA5e>;
zY@~d7I9hDjCGoU>`u)vj8A5}UCpC!&4DSx3PQIU<(^=;E@a-Yz$9M9mko|=c*gIYU
zGVJ!;4FvLl$ETk<XJ4e+zY6W?Nc=)X@$W+JC!TDRokz*(l;VYh$3T@p*Y&p$L8r`*
ziu3h_6P{bFGpCoLo0THi7~+)JD+586sI&;nj1e*<Kq@o1vYCRKm}{k_Ou{D6^ahi>
z-M;na+@lKtB^T-G{z}onATJ4Nx=LSCILejFpD+&vuJ7Bsf?QTKWNgVhP*!re1PKDF
zZSW9V?j&>*A%aP941|{=4bMah|3g{&L2-~WD$5E>V=Lr7h1)u#pPI&YvOo?lm^K)A
zg-Jxju+RSfy)-|8W5~~KBHezzGc4>fwK{CEIP|yH%g{jDoq{d)H-ePUAMFpUUHJWK
zop~ar#2o70*<l<#m1R#T9ub?KKSfut@n9tX<UsVB!{A4iRPoa<+|aEe-d?me0?Hm`
zH9WHS^ml>Ur9wgX&xk8aTeBAjG7dd+sBO|gNBPa>RSKV(mCT;+P}-`;D}+WbfnDz6
zEt_yG;7aucoU3rTujP+ys?lL@@T?2)-T+Jo$uXVIw+3?Fnx;B|AeDKN#PU*7n3J`b
z?`2Q&Mh^ibvzR@X#8W~}5kB3=m<_>S55wIjcB5u@5DAzyAaK$r8BMD5oPtm9ok|7m
zvcsiLPR<k^>>mxD7>we2w@JYrhn7Z*rsZ|h7e$|ISBP`aj9Tb*11UCE!%6b6n%wKk
zXk<!$u<S?Dm8~W<uH&hmPbHYk9(#E%1*a}z7nrG@xl*f9U79V}iTz$gkg;>jo|6Q7
zQ0HV`-{#bo{w-}MTv2bUX(+buMG7BX4l-f8AuK}_FRblaa@H9|_ndL@6*S}*>ax4}
z={{pr_K_@GuAOx`opm{HR^ou4GDX=&WGnemjzcTuh|Y>U_IOuzDZ#YlyGN5o_I9!x
zvmx7h$`&rmr?(sox0&@mV=B*+Q6OE4<d?Af$(nWWqjC#eK9-I!FY3JNA3+P{VmQQ^
z{Iz`31}^!P^C7s;^1FnQa>4i33eooXvp?HR?=O<fE4X$JE)~&@S8O0~dwwdQ2uk-T
zAyj?<ChA*!9gQ#*Q3(Kssec+=KdnC^HoSBd93t#5L7ISZODR+YJpF(vkuaFRkzfIT
zfE|J>1YsEn5owz9lyH4_7mx-o@fZ2C7e)I=vGY+5;X~6U646?V3`+etMl!@;p|P+}
z6zFgPc7gqDY9nns!^wW9*`k0(P&RteXE8i~vgiT(KYJjG0d7Z_aY?Z#Wq$(45tC16
zFn8iQXOD3h8-6ZPU&UB*_wvFu=ib}Lec0P9>mvJUjVeZdEx~jC0|qt@$5nz~kNZ%+
zp`IiE5tDO{Ws5)|v`)H}3xW@%pESEn-6NysGTSO@EWX=i2ngDey*Gp~^L@S=G9_EC
z>o)ceRaPiv9)Ip8f}~eL2!QwiugO9bK1mab)++8p;?(;3AG63UVoYmzUFb|E9o@NP
zCNH&)s2e(c09zy$LKm1kQ2~x$!cU6c!P2PrFbn>u1S5FmpuIc++Ak8U{?vl|vJD%z
zJN~A{t!lZXJNKK?_E#2zB8Z9k$mbExG>!an9l=Ca{(}y3BYb)IMU0M9<Q0C;pFI15
z6ExeU@|6e<0=8)Hm6vGJSw4SXymX{`POhdAh_3bF|AZKdteqG6j;)L5{8Vg^%Jz77
zoLWwc8c#jB#7kB9-tiKc&LlUrKJf{yf1$Xsn16)nlM%m2n?n`9X5#P+t$tg-f`(zn
zDQ+2OMvf}ourl?%nYVOp?=I<-Co)If*x}9C0^RlGa9h2bsH5Ve0fI&>4)9TV#dS9w
zt-Nbn2x5K;->B+|f%4R9--`%8@>c$wd;=v;f}%??pMF>JZ-I28!>7?)J!-OI_{yD4
zml%Z(5?lG!<&t08)T~c7fhs2xUYf0GgiZ9{y-7%!x{=9U(ma5ta6P7Bm^{He8SugI
zVhB{0kl(_%O-5*??Vze|96M7)6tQs>Tz-s?2mt26RPFxvikTF(gv|l8wJrpWEMmJz
zD7dKvQoLh3xWF)~%`+W?B%3H>3G!1I(4RAQ;gt_Ofw-dgrc1KM*%m-;btFvj1BPwE
zuxmy6kN3n>V2Tn4x+Q|@g=R<dvor@TlFjTavZFwlEPLI3+zc!}GZ7xP3Amyjq$CM{
zDcyz0t1L>T(o+!&aKjvotL{EQ<({wwWli^dlYJrW%oQSv;-JNDFhF-7JA;LvZZ7W%
zJ*LA41-Chht#9xuemtPrxJu#X!&L|;aFs|oPd8`?alzv1pia)Klh;-h5oLP|x1)AF
z;e-0u`l*&0(ha;KYH+10>S5=5a3vZl-<r>@4no8|0@MJheab*pitts!1^Z2K`L107
zjNt3L+`4gMv&kY3yaRk{FeZXf1ewza{Ce9@#e8YA_@*yqVf55Z#ZrFZyBk3+U^}N8
zYlL54Xo+LSaNqNj^@Rsh9AWjAU@0b>Z&*>4V*v*iw$RoW91&4=Gd{x6zSxC$k#Z~q
zhXU(ZJO5Ju{@`G|A&ZxEArwwVc|ODI86H!Naw!m-$YJ>2Og|#z1=U_4zZe`zH!^#^
zftr%yt<sRPJ6L-5)B4ydHnC3a1o?}DVT2&wf@t4Uh{T*lWoOX<GVc9dVWyXwP1e1R
z<)D6~Krf7epB7f*k90G%NM5hUMkWo&1OPWtv$y8Ao=bsq)wMqci`S{xui%)n^?(J^
z?|FkMjBtBB@w}$~Lw8fyBSOh#>n&d$KK?Gr>qJSHx!#ivRVa-8+<l`02M7yC`}*62
zP7IzMMb#ljc{i9bcQ=ZF;d2yD_ggJkDNchJZlNj+h%pT@yn#WQ%M2>KsXzaO2}MI#
zC44`d0dDn}31eTF8^;m6uS`2!n-rOyL7~fhU?^yv2TK=5Pn=pTi-HQ1+J{}&4a>Dx
zzw`d>AOIFlx6mR4zN**!m+PR<t}nkRp)_%|96gAHHyq?kKnP;OLV?K!AbTFw%^niL
zWW<liABf0CD`y0_N%(*SldT8Y6kAG@*4`zJ$+Rs7Tm^F!;8JQep{w@DCtU{!@CpFq
zC~pj9us0&BON4rUcs@w51amt{k{kwpiZVDvi}oiJ$wF|jeatj=n{xI}zNY>5gOm2L
zy=lH;k-$BEvm>Wo{d4lnbQWkH3+Gn+{4x2@Xp%(0T-FoEM!=i|m;>nJsW%27SYXtH
z2P<1lkshVoXP<x^{z#m;O~_*&)FSSargk#V1qb=`AeqoBJyPqz?6HC&mEs8Yhn?aV
zetbP8L0E5jpjn*D=wnW&1*u~T<>^Z>DGNU^I$rf&`qJiD-(NQAlUG-icm1wn;sJMW
zO;zb_nmqBko%V(UHB1DstXaiH_ukNY7MU7+>MzSmmT;JY-Db!S?Dk}H43PHbb#+Mv
z>3#rAb_kM>ujZwe)@A6dUwtykXvoLHC2#ukwIR8Yhg0i`$!Loc5>q7+B9Z06ZFlO8
zAS31egbn%nL=Iu^0mSizHNGz^`?`9V?nZ4{rzNjm6coFAFe#Chc1h1^3W3AKALGAx
z`&7%c#y%$W!Vj-JdlftfYlzgk?jYX?&DCp*bm?5(2Nn7(CIiVNGw#3(Uh6}>GJy3q
z14GFd)9+<xwH~bADO%LQ8A$}$ndm$vroAP0xxZVjB~s6<Kq{XCeR#w1;Pw!xCo$3Z
z8Ka2$GiZ0C99yKws{O#QP%ynlj2J!$6ALLv^!_6ZECBh=2Q2cDvdSNFnKcY=IUI}}
zoP_t8|3`XYH-|cQz^-3lf6X64SNwi5+tU<KXIURI2K?SaBE}!!5tVDkG`9F4DLaxh
zJ^CI+48=SI!LjQpJ(tSK5*Y!vQqaFuhkojf;uIzjrV8$N-bJ;c-!EYs)kx$sOjdjV
zYd0%bca95j!k#cd%(zg7=M)u4+!>4CF^9I5__&DWQs816_5s!(?b`2&va!k;!8Qw1
z5nQr}?}n$X!bm@As5R5E<L=0{Ssh5qpj^>rh~{;$C1n?WthJ#i4WrEw_H_0YbubDR
zu#W*7x;r+*JzEL80HdXVL{_P=@8{*~CQ@5-9PAWQN%^5%mF0aW-bp-OL3j3O6$azA
z>di(e3uxu9kO_C*!Rv0iUaI{^yI!!6VpS3n=ZBXlqh0dv%~*tO)xHj?SR@0}h(>PH
zfaBcRNo9rs5@(K_9b3^`cVkP=jV!-}cd)kAAAkE3mw$16_@<#A2+}1=vSWFWopWtw
z)D6sGsNv*t?jVy%%Z1GIUB*|oJL1=4j4bCbl+>kIiH)A;)P(*V{t`C-Ou`qz$;7Lf
zkmr<4JS?D|+TeaQX=^{`_pEX?vgBJR$$?rScP7G=&PkOY+a#pey1{sHbyvBvuo3>J
zvs3ZDAjG{hGpkObl0VAk14~CJS$-t@b{S2|p7y=-l2~j-K?70`I{LE1q@3GX55YR!
z<&E2Rys`?-*fU?dT%9iLCNy8`KJ|D!xoT9dsNt1B78O4psL)lQ;Df?W%VOsHYNo8s
zs~5^cc8TftYXya=oeE7`&O*hE5{pSH`X4ZXqD}>W>$cfEN~?bNT*~2wWz1IaKa5(0
z-KM{dA9w2HGFj8GZ+F9IUyA#EQOzUV<rh2&n5Q@eU}U`cq}{U!e#c5QJ_YjR1QVp0
zTQni^cerSrK7PrFvH-C6F&iBC)IXLle7ZVJ+t{u(ocL`Y(2p?tIrh_ul2}!f&3euq
zGVX!+dR;SoIJa&Mi%4qQx>;&FzHpXyZ`eflqhG5VK?TzKmDvJ{C5Nw3%X~9Yc4una
zGbW$Jk8lFRT>5T6Tw98o4eok2xj6cGT8?7MSDWFb+{9z)q@wT@OdM_*YWtfM@zbX=
zkno?sA#sRmyKQ-LE8sF9`pjBd`u*NZ$L}9KCw{|cnjtl(mp1YpKi=iOqdOv{Yop|8
zxlFFikO;n<NS-hlVcVT`VNTgao^0D`2V|8?^w)OQ=pA46B~__?b5LuM$&n*ds5HrN
z7=ZtAJ5A-uxt@{-%C<KClT=qQCiqZ#+;Spl^p#bm+dB8<Kogqw*52(k(MEF{?XhhR
z{B2~`N@SPe+y)0~sgU&OIX-z^x<2)2?2f2;6MI8EpKN6-y*SSKQJ1I9982*tN56Pz
z^(^v#OdPqE2l=nX7roT8wikX?n)Z0kdWU5=h0}Q?684q@#j<ex3zti(!{(arXyh07
zL9#K74TRac9}*BD`qnSOQAibE+Fc|y8*SE6;_fSu>r?Sq^2QvA6U@<qHXEte=l2VT
z+BflfX1xybhI+4lSSDBZu;}i0?4fR);3{8D9OSVODoER?7O%*tixZ71)8G_5*F=+b
zkSy}g8Jpv4$MmIk*4}_zt280!%wQF@TtQ)Jq9%H|1C}k~-&lo-iDKqk$KNc`-|IxT
zp!c~u3ieds7<n6uMF$>AjobgAavX~Le18>eA55^!$MH>*iv}~{W5ALWWBJs49CpuE
z0^_23&qubIY?UuL7TWR5M8dT!3yPA%G<e^Dyg?_18kX`~0d>IRv@<vA+tPg9l$oGO
zOwBbOXab+?PwL&t8PBrR?{g6*YL$4{O+kI#mY%O$Xu>5N7eZ}I=h|tROelQw*G@h%
z0Jn7maya(-8W5W~UH><$;yk#!-%SFw-E%@!ewEukOit-5#voaI9v{|ER&%FRklbiP
zVe5pe>P&6OP$di@K(a<%{l0#rlVVTxnP5UD?zm{Gyx-hZK_D(4`GMo3o^lG3wZiv`
zkq|Xo=CO7GSyS<NrWx)%d}@`g&VbjcHQJ0LAcVH8qah~&%oyNkVQdg(HYE|0<sB)P
zE2eiZKCS>_uv)%OExLR!AQ}CWwyB!pPNjYkrt;3PTk1wG#H@oWqYk)lih$I)2?~>>
z$8G}<)v3H2nqqCQ$VsKsocjDZ_oJJ23YP{GYfhnx<OV;lRVNbhS<Gfh=c4Z$as8Y8
zWSb)1gf+#ZmvS!K^?zpt*R!kv*>D3VIpJx8f2+5~DSsWgWNaluYrp$(u{}Mz^4GA?
z#uE8`H+=5TH1_R>l6b=j9?XOBuw2#sYPK(tqv3x(f6lq;4JEA8!YOn**qC0iXcf0O
zjllgN7@x~A@Y1&;aJw*V1WOXJ<DEk2m^xK|bX~God2g{OVM$$Vd7##_ozm{Ek}2<~
zaC|{i(kt#<?X|l+!aVjo>G2E?gAj@Zgv<ZZ_)RTceCR2!kw@8%QJ!FVct^z45e5c;
zOASVVQtxo$SpZxJ9F*A!17ShwcR-v65rhg11EZpDd)a{@jEfj<(%Z9oEgyz69dPyu
z%7o)PIy#Og<?R}6U+P#xd;ZE#nYewZQl5MtYARdf{_T?Q!SUPFYG_}yJcEpkO!XTU
zC1vG~Q)!GUW@hHmr}tNIh%i1++|0fHKRU!KYP44}Dzt8sSoC|hX}^Hg&%9T^eg}j9
z0O@+9QQ|cKxKQQ@ItX;W|Ch>n7?fm!iiT2q(3by~3dIZj|MQlhEPi(=K?y1<DhkP!
zjO-1;q0eb=7d#h+689QScC@4Ee2Hx%Tbb3>)pKp`&K7f(l=arDWCSc)Va9upcNey|
zr|Um|{tVWbnx4*IjnyQEej2stPei8kIx>X*_)+8i1H<lWfBKW_xxrGaD~BBdbj`Rd
z7jQ}WoWh{8`ylXdsL1nvx;-2<=+Bg@-Y|KajtfAE9W{~*U1<gKi_7Pab*K~)VT4#v
z)G<=f^Ij~GSu@A|=J>1&L#Vq3tfodJ8u&KE>1d$`x^qcUoJvSc>}z$sm{?3I59cdT
zER-KFQ*R*rWTPXS&dX_~oog#}((&STZ5}}`L<ZG3ZC`BgKrFrF5Bv|+s;w@zD+q&7
zPtk`W-nN^);e7bxwYN@x|4^c!plpbjl$H)BOhLu<J~63OQb2J*GViA=<&SuKdF4>(
zd48Aq!||S2Ze=B_me<|3$$Yip;c^RiM!nGUEwx&m86Fhd8-dHs%cCiDNn_O&xjb6r
zet2ZkZhsW2(d!Alz1z*4?D&1?X$mC;JZ_eqZ^X_RD_UbVg!r0Zp*$pyRK-f6a{Oct
zr~CC`t!%z}A(YGfDw~gZ9sw#UE*`{R-kU5muJGwFF+Gz<J>1RoCcC+Kx>@am!p{1;
zqv_+{nAB>4sQr_L3Vkm!!pVY4+MZX_iULo?<>e93W$*QYh2Q8S_YQ*s`T1-8Jm3jr
zX-i8>eknJhKy=cSo-rt#x#8V*y<k4S_a~ZK5)Nv!TNEEIOsiyWrYh7MnEAx-Hh!?2
zbAe-OWeYN`-@Y!tdSd(I`H)K#?sqwHlt?lGw>%%&2GwO81k-T^dU*v7@b$?mx#dD_
z2!_xj>w`+6dU+rkF@A&9^5A=Lfo$@5zjms;?*#Hlt?6Vn1vc=P&|HhTv1GXw+NO8>
zP+0PNE)I{k&q?#q$;rt<P?|C#O=BmOcP2fv7?(tKpZaQid$%Y?VCH8FcWuc`%dFc?
z1eTZ>TmVG*spBg#Z1&pGR;)sX$AS9l*Ob~a&?)h(aOEA#%Q=hU<h{`IrqH04g*nKn
z?Ez-6CMo9S_~cn$N5Lcv8we-Xj%&Hd4D%G^eH%2O{c@#!QC4b@F++DWC1F{&UvV;Y
zzq`_k!oBPe`|x0~m*{2E;r=#T=;it3#mb}3F&~?D*5hhgS$)AE!szDD3!Z<L`K4&)
zmF9yp4Y<`_=xI-(gN`bB%#b_7btgF-g(@R9H-gtJWe?^gCZ<$b+tX1W4srGA*qPoq
z%{K6ih#LHQ+yooQP8USx_BX)?%t|k{^wK(j$&V+~iSQe)nz6i5ghKEN6Zr07)VV$P
zn<S`xD(JLN=sCK{g#k$Bx`kD;pw#TjUTW7;m>x5O4fNfGN;0uqcAWiy#(+34;{jkB
z<J(EnH;5>(^t#_GBtRjC>y%d<jIE8eRf}Tevm4=@m3@Hs*##}~cb&-dY{%_+U-WrA
zp7p770dFrdU-<FRhFqYVYPyb>rxRDof|5(Y-3<3~J6bCHqA0yjiJX7P_4X$|v&6S0
zX<28~24r^LvWSqo7z8Wjdxx!u?Hr5BhV``Kyk9`a%oF>;UMiPB=*AuX#NvH7w8sZ;
z$-PRT?ZGx){~n@879Nd8G=m3xJs5<HE8Mnluc#p4IAqoeQaWV-kTS&TVdA@>W+2+~
zGd(O0ukoWbvvfS37yY?|o;I@Hb{mJ0^=ooJZZami)OHvbkM(@GmaFiFdgHr@r?#~S
zA2rpiTP?7h#jRH~>&6|0FGA#k3@iW3<HbEI+Db*+wOXh7XXJ$M&QDb(lTgm7;K*S)
zH&T$ng`nGd9#+mM(5G=bL7k31!)3#v^iJ-${o(k7o`0~-(=$)zF!h75Npht2;|4+f
z=9NZHL{wVD3(szve#uHe`;U&tZI;P1`rgaCKw_(;)|(ag*r$_tFNMA|kmvQhG5y6Y
zT4pdB?r;@0Xf+uXmM@p*3lEaWNk4UDS|~MUml(ON2){*)W{cC_<|7?q@8rX_=V}~?
zt=GS<bfFoJ_SJ$Q=RE}4vgmw=tf~=rzcO_&e_~{OKAY2zl#BSZ5p1eD#COuFPwOVQ
zNddqYyC5EZY0FZ>7tyf}$`8=%yu*UC=`|I8ssz1zCadOIVC<rv%e0Ptp^HJd8k~aJ
zv{?@zFe`ju8UC1N(}`Tq?-W_b53CkoS2$)1G9Si@u3-i3l-XDdpLx&)fYw>4iZ7Fs
zQX~hG&IRWQ^#G^4tB*U}y}G(Z8TG7BI6C@&xI`2rf`h4?3^)+3Q@b_#Z!rb$QG9fG
zwxUD<N#OuoI7KCi0we!7|9LaL2gPkUxDs*3C9~_3wwo17h#sED;@3)5BoNPhD~J*|
zP7+ObS_?UWLUVpX1(Gu?&C0OWVAt`s14n1{O>_4MCcAuhoMsEmtu<9=FZ=-jcS9D*
zZ_llNOq2wh(x2`N;IE(UsRga%5JmGaCncguO*K%J$%074A0T-83%=0P<8C{Ve(qzn
zIJ=<?;%*dYTpcBU8@(T#_}+X}W{8ln(%|k3DGhjr;vY{Qj5J`ue-}?lf#3N4Ma?Kd
zd4a~9BA8gD@<8>G0R}(}As*|)?EY<`uC@{#4HxhWQ*6{zXvO7-Lx}8N^sR+RR=*df
zjZAZ3W%bMA>hp}i@FG4W$3V_BnN1Zbw^25Uo&Q%_i#$?Kqb2s@DSM221AkY`*^>R(
zhmqR9nN?&Ertov#<N|SflTm<@r5Xd+LSdLiv~+-QL~!S*e$guRaUH`uDMFx1;gAwi
zO$PO}Xi(LHm7!~8>-J8nwNkYRhzSn}XTo^0cs63~6-zI+_h%L%G^Y4yuEqIeYt0X1
zhk)<{_z*-(xb6B5a_G<gJ{kLluF)cBC{tL>H1{hl<T(N{bWK%f_>a|az36GFhBPKW
z3;0&{)->TaH;pK#@p<Cec|<>o>zlZyvyH>ce0svT_+$*<P-{Oa)wlu0!0kJI*^3pt
ze8^x;0x}6P>*)({<RVoZuIH-vH%W5eU8F2dcE!_iG$;gm^bcVWV9#Ggaf|1J7GKsM
z1?Y}fI+DsdeU}Cezi=a8;Kb*{zI$!UQX__bcc2xAJNcr8WaQLNqTeSrM&8LSEQM(=
z^XJkS2Tr^o*x9#H1yPH9lbX2tJp|4^w?n2sj)g5@h>Uf(B6T_`{@a<~oGR+6#!1eF
z!mSs~N!oDoNuNQhg@MiOdXPe&5nuy~a*t}q2vb(J35oR{>bDPHJ<idAXI||X8|dVd
zawI_u#4-7B3lJ%@Qa`(HAw|aZ6;2MDsAhxfd4J%6?Ymb6Cw}b*!s@R0kzRsu7Pfxz
z4s9Fk>r`?jn2HJP{kG#nL1-|_(S6$?4S`d|A!eAXlPmDa?B~-BGXyD#y-QrK#YaIp
z@x^{`<YnYdh~fL^*z6!jb8s>a(QP%v&+z2-Fbp@x{x6Lym17cujF^}h4OqeujxZ20
zw3=EeB1jM+c!H8vOli0e1y?xZyNOpIbY@(QZ%7@YV$z^<laNZD`&njNmZSbeFOeYZ
zV^Q4w`5NRiQn)_0sLOmg!thdnIM})x@O!xzsXTfed|!`JPH8c`ULE#k-J*~C9Zhn}
z{IR;ZUaDD+-><6p(?5Lj-Tk%wDz1rrM;r0~E~txrt52A!MwS(Qd3IzqT`~qFN5?W+
zT5E3<lO3HMRcRHm<^rxKLQS->_l{KQ7%@s8G1T1Bd}xa4uQnc}oy{J+0rPf(7zg-A
ze&sFf6U;py$CUfb4&oqaZNxj9$s7-$@B8bPsq4WgBfU*zI1DS6RhgY#=7h}q@yv47
zeqM~$j{OUA9MrgOS!f`g6wK7;(2pZ|B{7%}?rhp-)Rj1MD4!bIGUiu02-5vJD~0@r
zgVxk5KM;~Lf&rxMSnAY_52|>25;{j7sH%BbaE4Pnz(+0*aySi3Z8%s_ATOa};9-Ys
z7LcCrxN%cSP-UDBj@^0iD)3a0#O4=lwd7=#I>Dy!7H~)nkFVmLc}updH}-2%Jktij
ziB~fFQBdcMdVfbKX9o<XAq@J&o5Ip(B4AYoL$jfskxznjG67I&pw4uUtD+UbR|2*W
z216ea<&ea1I<rGRxpIQ}cl#Qy&N(;IeGPzC8l6kSAVxXIV7Q|7e6S7yB@X;vNUc6L
z1x8B<Szxz72kIJ1Vf231#<2b=Y+TMIp@2=j_T=Nl1jNB&9*3Ae9J}n4J2s>Si<idf
zhp1<|r4fSnCUEo+Z0Lkv@MypWAd5tXznX7gg|vNQ-UZQ(Cc2yz0te>X+#4v8Z>x$&
zx%Kcgu6^irbXoUL%G>YF_};(oThF!;_`OL4SszZ5Cpl8d`jzeDf$Sg4#V*6BNQGH?
zZXTPZ#Rv1dPP0F$5t*<v1m=`D2=@7I%$v>)KY0t8gDQg6uB<)T<7i1K%OtTLQ?gf8
z{m5tgn`h?+@#<|LQ*Z6^TpVbeMZ_1(I<}LJIc^Qhuis>D5HJH-m3klVN-Gmj;+9aO
zW$}?h(TD``qS}+)`hKmcWX)N=hr8jp1%3FzgApBHE(_{G-QLW|xP~%fJ~~QK{AL7<
z8@+oM7j&+@ww=Bq8d)P1R22FyJA7EO@JTmWn8?1`CEL%bn4j*pV#~7l{wTm$_IM@V
zh!_Q7zI*f{6OmCeFv__mG1RyRx>x^g#Zad~y$)gT{H02!^nh5=8wXOS0cVvC%neZt
zBVew>wdf=NBtXW!P5%(4Y3{)vJ4Z=~oCyWhJ(8UR32DjRAfl`Wc;NtHh8ZdKJor;>
zY+MR?xP-)_jZ0gk{qEwvPzxI9w6gT}-nx_F2%b(UD#-2jyNeB51d%SZI#&ysi-civ
zi*ef47^doO>p^4a%|H_EKVPg6IFOIEqw25iF%|C0Z@mTt<*tw%5&)bjt+3JnVzzH<
zc9xYF0ZXSZ0f+}@TrWQZO!$ifapL~t;}iC{1V4{SbYqmNEn#*$v#2)-43K#H=D9Q+
zvy^yMeAYbZ8PJG0E|cc*=EfoY`t3;OD!?wB;3eq6b>|N!W0;>Ucf;pJ%TYs53!KuY
zow*ZdUnkQJ4%5Sx9-J)!H9C^G0n=S4!q58V8ofHDmm?aW7f){Dt}4&;HUg+kVj;(k
zu)C$MA0Z4%ye1H63X%EGHxv~l=AQ@zeG;mfNEmYm-}}oMw05{qXZ~u;uRTeBgP-pY
zDk8aPIH(uRW|W%$dH$bF6dWw|Y7WryuQ;lIeBia)Kf^%B`R8Ane-!wd5&l<ai;RET
z{g;&gYWJ^{{~F|9DgQOdzf%5dkpI;g?thK_s7?L<n-uh<D0AGR)cL0fp|Q5^6?hVk
z|CAv8x3TZT1cUUAVhqs6OpNZGkIQ2iwpy}g93P&(J&7(v3*VMyT*JXYe2u@WCNPBN
zjC8TSef<&Y1L788RTBm-_@@sX19b_Zzk(5*zO$ofku0BhoQGdhF=DP69RD<CwM_dc
zx9naekt>|FgpLsE=~GJ%#Zpds0JuJ{$A4XBuz(mkv>)#e0>sQi#*ZWz1DwM0WbAY4
zw=ZSO$<cf7=R@*1g?KVdY^t-v9kho&DzYHHA~8N7S9AoKFEW`+1pBF;(J8*ef78?3
z>%$G)Vwgt>?w6Ch#RoY$Dh?z?tDaq$ZP%-#8ys(W1>;d)5vpG=@NnC(vSsmZdqM(e
zay!+}Hq7IT&JQwnMfk*|q}G4`n1~Ju7cE96-^i%;N^MSyOwaxNBE_wY>OLR1&UO&*
zHiEB>>Qz)wH}})JHM@<Q{R84oJLD_T-jc?#ApOv@mjTmc#+AO+%aT<Y{_%;E;m%r_
zETe8wL5NyWxp~n&9T5tL=qsp{<q3#;V+_Alx9D-DHFg>5?aB-?I>=vH#`{Z9i2Zae
zo8#<s+g$yv|9;?1#k(V^fAI6(qGxnOxbg9~DrL*FrQ+e$!);=O@sfty<NGr4j;S~9
za8CxnnUk>sH_4z1Z<d`h5D!oKP&FfqwgC2kLO9>`rn~6V#n<|0*Svch>n!u3fKq2?
zgnN)eR)@CCRWf|GV6B&G?$o^_zMHmlR>lF^)1yI-P^JPP?i#vaFp%@LuxKv_{+SCe
zHOB|R(lPS4SLx3x0k%*+(ipp~VaVD0`8POENZSN4wB3njV!cXsy1#KcI=W|x>_!{j
zaFo&TY2P8I;!2!BhR6F;=3h@uNNK|&UfiCBcXQN!%^T5%2|dp<n=QTGUYVqKPxhat
z`>q4aKzmIYMIWu|B&-+r%yZOChHRRj@7`EB(lZ+5=9m2g<zWIb>Lh7q%^Tdx&@L*L
z*UfDhlqci2MOa=E3xBRFfiGtl;kFMXshyj@(=uFTM1Y2}qibxl8o{g*R(0EJCItlt
zB>`HO3JNoPEgo&T)PFcS)F-F6H4@m4?d?n6d-EplM;=_XK~ypYF`I$+V1=KGlTD>+
z2A2bE>-SXw_<mnASIFn5i5hly&c6z0StvoZg@6KKZ;e`<Y+PapzG}|^dACOu7agb-
za35cOk2`i?Y{=2WleiyTSIU~h3)>Nld1><13%e|Pmg*2l{W)+f>bi;E;TSqwcpY^8
zk(mHrOONK}1k%1tZthm*Ahc~>t<>B`mme)SNBU6#)n0pu{yMO^I<92EYsp(f_Hriu
z*=RXP<kikFfe3>EcN!I|JEoi;tC8sJ+FXMwy7bY|WOv*im{-L^4R4BD?S2$;)HLx{
z7`Z)@?^|IEnyKu|EqZ>qmmsbpp4PtQ9_tBkG|m2_?u4}9%rQBz7r0Wt=sauM=G0R7
zd!W@(ZFUzu5QRNAS0AlSx20lPnFEbwXF)J#f5Gnk0cp$AOyG-*$tC3YS6RZG+^x4@
zrkTOO^G&i~J<B&!vDZmvS-v`hGS!l)Iu}gJVX7N3q7z=%b8Tq>Ypj<CzZ3DF7YD)d
za>k<aimhXnmWB0v3F0ELUd!f+9tpX=LLw{CmgQTk&B8qv0-SIq8P&S(Mo)IdI+29%
zxX2^aCAJQ})SnrIsxL(HoJt=I1CniDgc1=u9Q1FdJj}FzlE3XGDzgbCfKFr~2n73&
zNx=nxU|*qP7&ya8xc^iTDWFI;6g!4Pe2pYfa9i%5kOF=3Pe7vp18|{K@aw$>t`GlK
z{(+8tptl_U!I6DH^B(_JTy1Pg%nc00q+|X%K`+zHR%m-OSnGwe5s{Kk&&?%0Tui=p
z{dJ&87<kTqlA)Uf3|)8;j03rzs{B1Tn1n*3({YB$P?YWjZrc>#3xeKcv&RX{&iME`
z@NIjAOn%Pv^t5}R?xAPy(TONBRJ)ATxw)dy6i^))6r`E8<$A27R8Uaxk&VsvA^dN9
z(KTeXw!VHxNk23PT&L!kI5IYN;8m{Cl+zW2(W3g|HWjzqBrv0Sb9>uJM^C@pp?ckX
zv}<}I3k3xyIy*a$qPLGtu2*+=c9z1Qm&CJRU{1-ek40u}4UpkaiOc>n53~Q9e>f&t
znK?LOZQku5JBhbns22a6JWr#s-+7zwH6Wwckh-*2+)>;t$DPF?>#!9a6r5cofgL9e
zgPhE5twrqiin1o?P$00h-|E%Syd=~@(bJ!=2r)dl_oMB_2>0qGZ}OX+L~SqAXDG^g
z{XDDfO^UVWL1Di;Djv9S+0OR{fSGeS%6C$GbAH(0=h&?eJ&HFXN$xqNrCzBctj+@7
zZCLeE?@w~8%hV620fvZCMN6qRG&7F5(g;iYc1~2%RP6kILvDfR<#JHgkOD<WE8CE?
zJ<h~0pg<X?4^X8AJH0heUJ5-Dbpq1w(0g?jI-DugflMKO44>CuN66Gl$6+*VBESY1
zDXC~*z^1r;IO#}*;==78FtYEUn{fY#qR(#Nm@FFX5HUSRN$fa&Xk8dNpS%fx?ZfnV
zy=X1>%WsQxJh@+18oc6uA|M7|gh^IEmDE0~<z6Q6e78#;#LA)-Lnd5wA}-VZ^8ApH
zMIkKG54V2~RYp;w13FpU%tfq}Z;TXlh-ngO@Hw=OfT#<?jC$(=1w`Cw5K7Nf8f~)W
zEd_v?-p{TM>@2+?-wk2@n<e|sUVm$zJV*2*n@Cpnj3}*kex_DtKqzZD1+ahka&K~x
zlM!|olO6#WjX)a>9l#tWCTj~?7XShvma{%L-D()9TV({o@>GvQyclF}*Oi5yE)_2>
zClx+#YGn}6<f2pJPz9!){sBjjwxbf)^ddH4)#t-A`6g<4=6xX$3*;70mIC-vuR6(v
zlJ;RT-B7&``JS2uBrn>=yLi_ZV|#RmghgsjICd{axCuO64QVIovuqt9*nvetd&1ld
zOPn=!9o-@7@`deD<Fg+}5rHnRZwyq+G(dh#{Px839(&ynDC|1MWgvf7<dO|T;jb<n
zX_ACM<SV~QeS+<pK>OgJHv!OF7F%d!Yw6kFDA)&UcM!5+O@YL(mn;G<ge$R2ScTb~
z3gl8}EUE|SMvPJ|cT760D}N)62tFK6F1eqy>31M<o@}@slo7lnXWPyjCf0ejT#WKH
z&=@aK9NND;-B@!inB=xs)t&VcbEjH0o1QG;t6PkZa&-CH8bPhxn#}#MiVmt@;Q?x7
z8SJ<-msoz^?$48^Z1_6?Su`_meSM|A=8!`n<duq*-{ww39~x>=w(}FUi1c-tAf<}M
zu3~`!F9Y&?M^lGYePl<wn~_2*VZ^f6{H<YRy>VlT@;v$T_G1F?*xmGxpzMRiZkjIT
zm}SFqz3ce^eJa!^5NIQ5fYRVz|EyCFmBoqtI257HqB9VVIg+rd^RlC5%pcW`AI!}^
z=e-_|%Ix=>N8P#XQV&*pQ^zQASE5(B%->>+cTAjdF?0KNUgWJ>40u9eY3^5~oRv)6
zk~s7&N*gg<x*+lSyQ0;s_6f;Y%93833KZRso%UqOSq>{DV-lnl3;XRM6bg>=G}!+d
zF>Mt|G(t~G9`kTAM-aOSwZEXag2`%G!^(n&$63z^sq+%$+e)R=0C=?_gEF5J+(9y|
z38RcpS}CY3t(8qs5N#@3ivy9aY$n(F>1y_7P_g~Fqzzwz|4i(m`YW+C|HUxJ2%fUW
z_!9ISiAZqVd{h37D2Bk429#JDnO4@e6iBowmBzxQw3Q^W6|?WB3<B3i<9QNVp7=YN
zchn=JDbhP0xFwgMF<G_W8SSZ!5%>v*&(Ul)AC#LjH*H}rCZzsJVFt{$LY+4Hjpt!9
z@>ucgI)(Z@$9~@s*SSl_nlEa~)AgdlbGoNaSvqf@eSI5mHrrd_Gk$@R!VI@!Yq=rs
zm#0}lZ%?|_mXr3yX2QJ#kL{vJSEn%Y%}zo*Ep;5cY$JaC``J0RYpO@Ce=TUx;MH3Z
z0`z7PQRbW$EhXoVrjy~Mg!2x+L{&8J7aIkUI-RP!-`5xHh-bBuI?d^dxVwq%Lf(*>
zoIs&)d$pd3^G0a&;WSQnRLZmqvG~+5t)yOOn*Yj9l&WWeuHPpEeCjyjWK2f|ZZsUf
zdS{!>NL;z1PMJ3>JDHDu+6>!)hGYwQ-n~4o<pKK4Va3K_gdQrJt4Zf7FAHd#RZ1K+
zKH4rEoa*Hm<FA>O@GK3#Cy6TGjNmJ`jBL;P1U2<&k^ZRAcFYm;ine;q2VWch`@gvp
zEs=IB%5U;a5;dJnFQSjjTaL{lc=vzqK;vwIPtfcXk7q!f+5@G~x_NJ>9VIY>V<UH!
zpWD;sa$J&I-KvS!cb5l)1}K$u8I0zOZ*bpBY;EDRWGi{+P6w#sqAvG@L*`kq=|YRH
ztUtUM6Vg^QRAtoH^&&4?ggUvpHKv_0Ke5ol&K*5=2o3O`1QMe%Dusbk!hv}83m&6Z
zrTxnHSE*_Z(A~*8_wi~$Sa;F$X8A!1UIf$>`{uKY{}5Q>{SfYNsRJC?O7*mlzo_lI
z(73_B0!a4h4F`f^WcM&OrWi4zK_*dfd)qz5;g4W&I((*-^c~!{SR7isFD_6LA~7VZ
z-%o@oQi{bplqWwavGCZK22OQS;^y-Szcu;<;zF1dB{DzbKKWjhnB|+@t-`h$kH0KY
zT8o!0Tz=-AW9UMUr|sdG9=klE4j^rpogNXVJ5@=&plWFx+}&`*G1cY$ddd$OHTIea
zJ+26HnV(rYDCnI?;wl6$S}tLDty|;A=6#=`;ccu&5ks;?0_k1LPKr5|wf?{hRfaK-
zSB@n#(d{Fn<R{Edu0KTGZ0mB+-Up4nh8HDinwYFgq8hatgc>D2|9P<8d*99y5!-FV
zDwB59IN?wYf734}@9U-HNUOJ7J@Pb(`~#|j7kOI(A6(u=2wbb6n8o!?SSB{REh8W%
zv9C0Fb#g=@d6;n=+*f1bI_@;B^<)Fy_~Vv!Jm25vC~JeL4o&h;=zIw>t!hTN;3wyM
zFl^nS5O69=?>lP(M2+Rg8TwXwoMUjoOC55^QSTN21q0j87D|&l2M(RhoRVOXX(9wD
zM-(1sxF7Ff0YJs!$}8c_E)u;8VaP`{e1v*h6(d-^j{8N0^`1yx)W8gFs%RA+gn+6a
z(Z3%10qa5?F;XZz)y0@JPa8?VaGp7<sx7tG<P_3fEDZ*(2KNZRA)RvLL;th}v(5nc
zoLOx>0xKR>ZT$og!3<gzu>daOO4(#6_ZXwCi{V;jYsVSU{LDymF;y8;t!x2h;~9wp
zA&#sQibO4~L;yKyu!|>fc;*Lqs_utfad_$WkO<htDX)wh5A;+1(>g-7BJN5%r{I3+
z67sK9s#VAd>iW^zyVFBG_47|I{Fn-}x#;(E)`Rsnbc5|Tz<8Bb7dGEtL)5rv5KgPh
z1E@o_QuB-U{+U>a_*8j`D7=m=0-jQSK^7>PjXRZ^CreSzKSu2cxP2!ir8x!vCB|FM
zCSdqZK`ix&<ucjrVh)*<L%xnJT1r+xn2p>eq>e}Ywv^LB&{a|sHGn(r>RiKBP^!o0
z5`CBCs_pFDoMzzexRqC`dtzd0mlSdRZ>hEhwRx!`O~Xb;^C<ekVR`GhjJ;~yu6>eM
zaIG}BfJ_>U{cdABKLeNT4Xu`o93tCo+&2_D!|<=<Z?;phe;}yTk|G4aNg^Lx@Rbl`
zi<quD&T6W&b2uL_X?d%x{<1qk%qIoeVKR1`QV3%)C}HF3YL_1Lhnxaq>jc5%WVE4=
zKM{JG-<V?q%i}C@I@)#e&*do{F-5+Wf63xUecEtMhQZZYp&<)^AiNJ=4WZANy9@Im
zK*!2bQ6Hn4`t0r2D<vhp13=gPc7FO8{mG!GCYee2i}4Dte--NZi!g}?5rLD0qV^VI
zQ|SO?*Gw+PSmP$Z?`ErZQvM<g2^-hHjt1yMNWDF?OTjC=f_x%I#pZ|*Fd^%7_riXj
zl<Eq3$K<aXh;5xAsX`b=s5Y!0CXBvb1VHo~#@riO7YT|N=lK}PVI{R0YrLS*OD$Xe
znUTe?u~6ynNXrh9Yqai!NutB(&}v#gke20~=9so3j=GIkJ@apisNfbsZW{ZP_$p9R
zv!Cdq<B>4GpWgH_A@bzj9}*PCrCfre5bwmW$m#e^3;X}0?5(5fW}>g*i)(Rrcc-|!
z6n865ad&rjr^Vgf-Mv780>ui&i@VDg`utw`?^`cxT~>0Fd*;mKWF|SY_nws0U?9NP
zhAWW_jN41Pz|m9*Uf1fwj7dbw-AmBGcL{M*TnE6ar0OiPN&bRYa+)ns@X(2%B86Z`
zXcy1XB74TmDm7_(V4@8;)f!BSMPMT*pXY%P@;K3u&;!F|2w~$Q^J-GuAMgx<bCj1d
zH>!>D%jg>cK97Vj57rHSZ!*yFckkCse->7Y<xA_I3nu$+JraW(QSrE#AM%JHBBDlh
zjIabu@Z8)EPi!@dBH4;3NK=%=<dL9@a=kEbXJtcA9;JB8b~t>_0l$KPh<_{f9Q%Sd
zAmytPGkJ~p!ORQ)%dfUzhOJo+DR@+~AD0{Z0!HU7#43m5vJVsVZuhFaN(a7|w<Ktn
z%{@PuA{Sp0WiH(X3lLBcT#=IU2uApCO!P!!)+z}RBlqYo)w)wEYeO891uiAU6R>Zj
zxD!YpGNW;`Cpy>*LIY)qW{GQ{WMqLydb3^NIW3gzOLq`q9JE#>3>wDoFgz;BMepC>
z!mu>`Az=-l+9YQ=lm~$*-RU^%d2$PrQ}#&@&C3Gjt})DI*(-f~QS2V$*%Zp4{x%YY
zvsA2F=naLG%Zt{-7AhE%GM1TCow4>ncN2^It0_?-$AoTPtj^*Zmm+KLQ;8_SQobxU
zPktpF@{rY{-o^tDgryU@q*O{oFfBrqXV-{Dy&?XEU5JA5vbfOOB|9NUfu{ONiDo6m
z>`%q(oiyy6VNEG_rYbJ;_j-PeJ(LOVZH(Pjz47_jqVt3dU2=gWr4mi7ha#J$F+ArE
zHd{pWP86~aJ*tPH*_S@j`*>Rc;wg|&fh>y3uZgHjDU?2`^)ZRlSu*+wGHxSH^)Lnb
z9}YuISr}6Pd~q`|l~#+p9#BF>yGeWl2H?`EOJ#F2SZ~VoYJ;Ed{On^1A0s~5u*XyU
z#eON2U&(}|gqx6+AcKRi+fhQ2|4zk+Uc;I3ET>;31px=Yn}TL;Toi!D5&>>3+Rlj^
z22T57jx;5V%x1vsCDPW8_7v!3wTiVm;exnJ2?wAO5>bJ%59`8E;!2NNkDQDdyl5?O
zg2$F&{T4F#E>@fuT=6L@x`)Ixgs1LDsu?T{xrNq@)^ZW$@s3QNcrS@M!&^wc3uH($
zT}1xyg>Xc}Ih-R&j0am$yaVeC7j6)^G@<d>9JcLz=~!q7%8wh)!9z{2KOwnr=ok$s
zzLJip;3a3*)tpwrEjVH$b2N~YZaD0M1dnt6B%)Ly6*8GXqysOIV6c%J7_L|NxK04j
zBpIyct3AynQWQ@?kVD&&|Dv9e0tF0A2{rL|(i-K>aU@a|{w`CT2PusVlY|e>^mBuK
zlKP8~p{S8IA9Gi#6K4^5qE0SSMeN!)){OOAuP6p%+9x^(zdudTbxB>EGCGmLhPTk@
zu8-m8;Ipj~jFlCfOe{+7{uSG`u53Dt%;PRS8@GK4`$-}46%TkTrw|e0UevL!hTX@V
zh&D#Ua*ij-2$6RfDE3L)31|*C>q1&*{rU}(HV11D9iHK~iyFf{SzKGc>mcDW93*Z2
z0viZ<<E=!K%OS%0&^Q#%c9Q&KGnIr!YjfLqrOC3o4o=IVZJPJU#S4DIeXt6^T0yuk
z7i3sRyK;qKpb$XDUt!qTivOg!WbnZ-X7N1Y^3}NwZ6-G}K#^q#todt@#<YVNNT&9a
zbPn|(r!d$s=B^5*YlI4=%JH`j(qDdiTa;-22@mt}`H^qO56C10W3~0gwi8#~L_*S`
zN<bX+SA?VBe;U!^_kN(8&p`baFjm&<7!C_PRD&>+>@TmhwazP|q(x~<gKA_aU0`0~
zk8(#V2Hg3>dJ+8hXAl03*X#^R6XO(bBJlj4L24PD#UjvI$#KS0ov20%=*6WwnaH7m
z%7^Rwc)Ntk`S;1Vq6WeItcGKwKGBFNH^@PvUr1&5+DP!E;R+Ma4$+RJ$E?^icx`vv
zjXsikPq5It{vjou#Cc6I`n~%wOXZ~avLnJtLNsAYpc3b)jtd*jOCq%*+d|4PF;{Y4
z6@w3CQH%qI?NC%B#nCX(k&hB(%rP?Z7(gFM8}~?{7`P}0R8ATZQpB)uz{8xRS$|S<
zWI2C`WTU<MPSYznM7VU5r-Y_OW$u|eB=IYipD{sG(^7k3qM3*kv0C>a$h#;#Y)%OF
zP^53c5)KgvdJO-8e26Y8NW5Bz_yv_*LNIcnpin3|Vlp2N53wEc?0c)A7!`f+NEP#$
z@vF<V5ULp1GzE&5O6Hrw7Fv^m{i=<hp_sK{`!@Vf1`D<r=8OiuQU{B^`NXj>4@=uK
zSL$4@43RAjLlup(k3t8fv=Z;{#wpsec%hlIAs2zhQ+Zq8Jj1r8@KJXHyG+gtLXxrf
zyu|zc@ny8FysY`ZBkvJR^d>M;j8e~px$I%(z{v6$_aB5jv)Hxu>I4@cUa<uYWQ707
zP@R(Rsyp1(cW&q)<3p5+k@aJjW&M^BJOOo|NPJ0E%|CT=>ROimfOw(o@6`Y2TLhGI
z*$*C9O{pB;ha=>i0}`70%>6c0;87B~OeE2sLgBysk2qS2U1(av_cpO{NfJ?QWYIre
zM<OUi?)rE{(7*L^Pw`U(FHKF2K~DC1$vI$>UY?}Tm!f`Il}D%gcSGHNQn-IyjfSG1
z38$sHf8ttRXz!n7ovVg@C6PF+^sDF7UU%Er-S1@k*;&=;m2#4xuW!;6t%-(__6f@}
z&CsT$1=?iv0tT&w?Vt;W$iGAdHLbS)kccSLLmE0?D6D_qoeWMENYGGd&{Bw$i<S_O
z>*EW&1bm#9FF4+HvtR4gdm=UXnE?rvh_b=(9Pp(0OB&>f@=5|J28*LfwcE1Y6}LBn
z9u*j35i?vnhhS9ap(c&MMWdO29f4RYZ{Ls0nJpc}cJrPG1KNRKWBEOqf>9(+;4-8d
z9lPWS8{H-vLblax;;kH=H*vMq=_x&=6CL{V@0`vWgCYc2{vS%mDS=CD#fY6Y&9Bqc
z|0V5!05FsLmmP6QfYRj0?IP=<^?QnQ`6XYblMyB7l7oF|_NN3&4K`k)cubK2!|nHC
z13xW4)mTKESP?YpR%GJ;sy2|;7`c8=&J9lsxCII09UE@XD+r)AnAyU!p+>ZlyJxpn
zhInV+tp_$q$HxTlClarI$0eXtZXl1%_AQcs?;3%ck-<%P5Xt}<MJ;S&dhSk6B`v~%
zn&WQ)O}~23mg^QO)^Qoau;VD@_dUf!_9+HBLcEq$6up82V21I~_lxV*v(^Vav^-R*
zL{K@?0B8QEwJ!MH(~=^>7!g`OnOVfRy^yDa+)1^5e~Z=Yo0}#l7wyd2j}<W_Q#6&(
ziQYoR6qY;wV{6p?dFW>`!khU%Ll(Z~H^x^k0UD3*F_VbtxM=`b6!^nE^IK+MXQ%oy
z>gc5ZcDUGvvFa@pHg%+097X==TMm)g-Sba&C!V}EJ*M=@-GI3=P8bXrjPyyc;a#V8
zJtUf*hrNKUfGsCs$M*L#z=pa0Uyj#2K6-uMSNx{B;WLQ*qOb!P`k$gw$4#&IrtrJH
zZYn&01RUtr{b^6@{}f!~BNz|Iu<Uac>kYw^$DP+kp!Cl{r}nkzcMC`~@9zHd5ZHuC
zaoTm;^SP9gL44kEzkM_P&fwv*AwhgFS<AFk>&EQS%hTARFtJzs&8OQhowlk{Q^wmf
zno?C)QO;k9OrvFPEs=}Xnibs}<)y);11Jb03L@&r7dizH=CJr#ri{nqRP=av#_Weg
zET|WbL`Y}d7vcVJx!d7>mh;<vz1v&!Q#w=Xj`Kh+zvm@=Ki)&9>rq<N&GlbZu#Q-X
zXWt&5hX&APCZ{dh-Arx8s{P^ha9T*miCo2gO-LBA+~2Wog1rt9B0YVhSI)g<tM6z{
z;~!ZK8g12D>Wf?=v6{{<vdT&3OZXLcK0qZw<<a;m-qEJv=!G-@z8%Mz!nU3gUwC3$
zE4$-Z`ta#QCQ-<E!<C#Gsr{az)=_GHV)uVFRLvcx5)r>g9srKEp2-ogT5Vwza=qM<
zx$T|*j)cP^oSK^I1vJ~^?Mda^nJfj`;d<v??Ikk%!#1%DX0-PXpetj=uyw+gOsxp5
z0&<tnVEME3h|hghrt#KRrUQeBbh}nHJG5=dp-nVjHE&5u2QhzqwO)}+6*^Jc{Ow6h
z@*w4N<I-u7pDfPZt9LT57Z-KY(-(!e?k=6iX;YWQX&8l->R9XB<?m<RXpUE|Iavpa
z<~<9$`<_r>np2uX&95pN;nl>AjJLg+2F2*eR<1uuYEKTiACiGs;K}RS57@fopcy&`
zFy@sN6%~Pjxg6GMU#7Flul8rKL1sVlL>j#H50)Fvb-KM=|8zxTGg}@0EVs#GPEjaz
z1q7tB0huENEQZZaQK+yp0Bm1eZ!&6iu{GRfrKBw2bsbT<up=V^VEYztj+R1?&*G0P
zZ;zKdocH5`T5OgJ_Gfajow@)h?ZBDHHCV8G*7j)p(nKn~CsYZF;u|s%e;KREh@qtG
z-#N<HKXU+70yBCT!{z2solw9_?O-?>TP>YiiqGxXV?W~*kQf4Z3VT`r!9W(^8d#&C
z^W?Ib!RI3IP)h~$6-Y$iE8N=02OTUmm`z$}^0}Yxc;rV#!EYw(vG^UE6MS^s5`UcJ
z7!z7j1N1yN{9m63xRcOVz6$#CnpEU@@YeuJEhs`S8o7eL7NuZ)M1nqAfUXTW(IvUd
z)2(eyEg(?C`o*l$dD$lIzO98y{#(&xIx~Gl*1Qy*kM&{|ScRXH5Kn%G7~&4o4#ihF
zCuWD<3xQ2imy;EaNBEEfAY1%lYx|W{3UHsyT`hbp_V#pr5(kamWMNaiVkgVQG8iY?
zb;U4m_%Q70tY`daBVEm;AymWQ`=M)v{=wm77xby3<yc^fpNC%Mum+To*RSA1-jgn6
zG0M=WpjRIS%#rNBIvHMZn%Ju|&1IrWxVUZ1<=c18vf9JDLg^zemqrT8-Li|7!%-R2
zLgknR*=GBVZrLGJ1fNv<X@q|QO(TpNP>c<C8|`-d*o<d&;n&KTFVN~#fXy;!6&-s^
zl`Cz19#}+Yu}%2Ri>;crMPBHuvO#4M<mU!I-!BU}6)xRDk_57r0f9@joo-JY|GFcv
zVX)x^8W0rA{c+=rhbTjc%+X3S{Q`zuQ-|wOSUm=~5=&0TgWt=e(ft9;sO3-uYKP|)
zRai#3aR6jV!ZyqB@#v;84Qnip)h4)DIS@yVA0$HmnjdNhAg>(H6(bmid|l`ZgfR1W
z?t^?{9S{W~k|x8$DLRpAFAt;&P)&XU<wSe}<gP{{;8D3)BrpvDF{+)QH4A{}vC?9j
ziSm{J#tecUA!3gKvdlcrdno~!13&$N?)N%bUcmd7f>{(q@IbB*U;zj#9iu-2<iLz5
zsjLkBM+k9NyALar>6u*iSOo^TK9_J8P6WOK-`P3f0?3dA{GKydH30Gju0hSX;z)S8
zE_f7<l;FHU49`gBJ<c6)Ct(U>%o^0Z%}NoY!tiXnk3fqlKF3hkmutl=0YsGY-(W#&
z&d;_W<!iz|Qm*S<R!zE8y3Slq2w_J?rv}#}4P$bumCc?49aud_L=(j)8$jZT{Dh9~
za#Eo01>ONf`AnEVd@1}E5$<gZWEzC|9OOHPM2TfV#Sax)<Bw7OUk;_dElV<Lj%L7r
z(ba!zWPnb|0IMC2IWqWQiUy4{iukc-<(m?NZY^%<oK;H!UWW3TpLvC9sJa%*iLJ)4
z>w#T0N`TXrh=LG1_q~0kQXO=OR$*Mx2idak=RC!~p-K0N_M7j`wQX5wNKbh*+B2NU
z3ZK-46xg>jTA@D#OdwXiW;Gr`=)Tocl(0jqf1J1U&GG=F;G-&ZgGT?$<`;0UtMeU%
zC=4kr(0WAHcNF{q?sKc3hWVlEQ?t67#z<2UnON_?G4Oq8s;mct7eb|C!*Lukmt%EA
z!sm=>rq8gH^T;PY-sj!~gNTrUko1t9ss|$qKm~z2X!rUFKqGBOMSAb^!o-OQ!zum&
z11~`}LJ2Ort|N`{$51LuF*Kf3S1O=Nu?~Z}#<7>P0l~=eejze}*PG4N@Afj%V%^A!
z<|%pWLuOTSM1gk<Ig~{SOE0~RxGG0-6yyPq34ky*;%}qc;_HiXC2#t~pa1z$ymLtE
zRkK=0ea`$*+^&r(ET;=XnE%0?fc0o-?56EB3X{GKDK8(uVkW^4C@NgQ2jJu-O$@EI
zJ7W%AZ1}$kY#Us*_W26uf=nO%-d=r4L;)@jCMd6rd+(^Wm#N*p4d$=d7~D2aN!=`R
zUK0Ng1Mw^nbSk5ht^%0X7|%9Xkwj%wAJM)F?oJMg-6doZ3IfVgG-%>uC63{>awP|=
z0GqSmi<)Gv?r;Dbq?dI`S0t_z2&!;K2Wto~&A!SQ)#c4Ln-h<l<%3n1x*(RiDSUv_
zTnzvGq)v5QWmbvSf^iraEa==GS`4}JD5`?N)vALGiQyn0Y@*Sln-|aLxJR8Fl3!`u
zh;CIAYyMJpv00kfE&_r{bm&b8S{fu>A5k3}C}~)F)<W6*V5M=eQrY!tY1DkfA!8;%
ztkqd1L8|e12s|^j6DR@KJ{D0)zt=AoY#x|UpKQX0GO}Pz%@F_o8z6<`zmv`KAd+wY
zmgX9_e5DI5-<9F`(r9?fa-R<$6j`z%cVq;QlnR%Vk<0BUIy@k393ln<VFG(yhfIzW
z(mwhVIv6n_gg~{Q7KSF{nnal58Oa08^p;EB2S@2q_O0ATDK;-2YFplb^+63f<95)!
z4{a32XpFUTHVUF|7=yzp?qT2gqrWgb54dQV4#{Tx1eoG0SfA60lK?2RTv9|0`G6P`
zjZPuM`%y|ShD$Q{DdAA+BNClV*GDknf@+K006LOVt@TcK<~97GxCi8dxxsr7vhr*=
zh(CW|@E%+Zq@7r%m$I&S6Xo5^P5nG7M%>P++7*$=O0CIdx0W|I;470_2I&=m?1bdt
zAfzl38ArZ=`6zZAL!L^vvbPUV<;Ik?g=t%6iS1*oUzg>;lyZg;ageo&4;*x87{cuJ
zp_P!n^1Q87pdTzA@zSAiLeWpU(7WpA)*VWLDRCno{19TUVUi<9Fm}^zC6oz{&9dum
zKAeiu8u!Ae_~_5tD$A~jJNAonvVv3$xu|@C1?m&w;z;wYahfZsFl<19Ud}5ee82$5
zI2b05S{BS=5<`8)GN?(BYgFB2({XCW&U#76g<4A2%}+3Z=;{Bu(KVDj=HgjDY_ZS#
z1wD-38@sT220-AknZi;rf8Ri!cP?`i2ZMqgfCZ-`P~|4#&i{buSswsiG7ZAhOD>mI
z;|K^R*@R?|3ZSXM&c=dvc)`d!7Z-e1@Wy$piy){2$)Y@!Z-LZ|7(Y<qT`6!t&B8nq
zVxmZK1k%cgfS?t(QEkr&??lIlZLjzw`Qd4H;2OU-aew!)NUs3xlY&CE3Rwcnk?VhG
zBJ%cuRVB<j=zWx|8Fl@N1fB64=%KF@yV9UA5cx2%LzG9?q(qX|9H%Vo4#*ece^42U
z`Hl0Pf9gfuRy2$9smpz0?#LBPLKl>B9`GHRu^2|&+-*w`>PzQt(~JTOePSF^LQ)z-
zHUZxRGZ!&3^5qd0@fmEQDKULnnzQPbTf_wI27bL$|8lAeqTmp%@JU<pXQqcr35KRI
zxcusUZ57K~9Zhes71@N9Ll1&i9SrH&NUNhY`8(i+R6(Fyvj7tI!mBl@NPV3m*?XQ}
z8PM%3%V9~4egR3NI64cmu>HuRJ9r|5D>1-?fFA`awb=7~5@hvzvzQi(>qzPTx%H~T
z<wCo<rgs9riXuWx`QK~K`>T>BIRu8>PZ(k!B^JXf^8T_5jO-8dvQXfK!>V@Qeai?y
zR5+GBF#5m3Sx0u91Rh7PnQL$jVNIfOcgFck2u&tby-WBL(bc-#3IUBmkTeDhOFcu}
z$icj1M!_H+bjiv&M)vSsRXt64o>JtW43fo=kd1PH)Bz&lq(cN#VkxNV&f5^d(G!Mn
z0R8r`(ziQAPYB~Fy%b#oVXMZWT+C8of-Ye&j4#Jw7P1nYAEj5-$j10iz(M)zAjAML
zOu(WTiyH|1#drlH`XCSjk@JL&3desWu`3Z~B$1UIDKFeRu*=Ede6Q6h06YP_T`$@j
zv}xjtygl&HXDhy@sfS)i!D&pnkK@}%%kbU2g7~HQ8w5$}`pk=@!ZNYbfYv<p(jFyb
z3~eeJoy<<+_BfAk0lYL(0r(a-v@{jf;s@3n2G~A`l7STQ&G-v5SzKSHJFHrv9PMI}
zFFP>DikDFazAd!<eo!xGQC90L?5|YA;P)Y3$Fi3#jIm8t6aF}3AeyR+`!PA84$INk
z)g-#iMfJfI^yU_L$mms1s55G}@6W_+qP}j_u0w`Y4By`ze6!#~seXyN8x|L;Q&00(
zF{-J8C`c@Nz>pADTk-np{A1On1%II|=~dpJQ&ksZYWD@S+FVevELO6pPd;93KjMOl
zw>v_n1(`rmuh!blr^{+hWshfyiO85oe3M|z@MRyR|C(avmztG?owVL+ZJzy~J|3iW
zUx<j1U#O0`s8<KZ(l5={OjAWnVwb}iUiyb%G})3fhG5hgQ88_h^*Qb<fFXWn@d|*S
zAN!pOv-f(H##+HV{1k}23EoH);<*dQ1&xtMvbSZ)cTLJG5kvj=kGt`<PX$YW`o)7B
zAAMXX=U2927pm#qdnaQ$lu<B#wXA{#`0xBjn4+%{<U3h<q4i|BO?Rp%Y<_C-1$TG}
zgO8*m-&kRJ3O9BVvqHFW(Bq10hft;vB#Aw?_@`;H+W&YB;W~Y44)cxC=3%`J5dXNp
z#-8Z*l?~^2*=_O@PyFqej7v9MJ$T&p2NDYE>sY-6=L(CVSEdMan=$&MPX#Yj*s~MF
zOJ5#|Kw~%<(Uv+mH)7B@!Xw4|&6FkIWJP#2nTH<XH+QcG362<k{-h(o@xdBxj1W9n
zOU{ZD8oMAIG2pA&_wZ#oFThqKkVCGx%qk@j4!4HjWEj|I)Zf)N@9OWN)-XoyuyC~R
z__olq$`LAY9AT-oT5Ve)poyrZUoyt7I&;~CO(#WQ{-Pn%n>+mJPw-J=OXyX*g1r7P
znW8YEYLB1y|4uz%%pgO5<$zFA{Ot~Aq(;gzWkd*@`?<zF@~?raVi6cR9i$q&M|JIM
ze0Spy$72h;1NJ?zfp@WCcy?y?E4z$jKySDt#{R|GYdcYLBVq9srog#KqpL@4-JM{e
zeZe+5A|j|DFCwS`iG}IGl2;9ylaJq3N-4u{=p$)PT{Od}4b!JySEr5H*|zN;7CN8U
z9uxt1eWH?*I0nW$Y92~L1o*te>4E)!8>WMRJsKK-X+;Jf6$E_VvGl<Hzm2gl;CyAJ
z|IUY!_|FEg|8FDlLv#=s@Z*2y!$<vR<9{2&#{$fYyqBr0gn{v&4PgJj4NeBYe9(KD
z1$i_y|JeZc|J$(9`d_|@ivXwpv+?fhzm4UD|K;0%4e@RR@O8`!_J16IcjWiz^71l=
zrJglq1H<HK(_XAK&~7v|?}r+Y5@O<GV#M9u-CbN=t7VS<{*A1!uQz)ufrf!ucK@tn
zZ*MQBs2Cm*QN_&Oh-$*F9V2hxk(t3Km_9sb+8$9J88Ln_u=2g>-(?^hHZ(RSgNBBl
z^VOp-Q@OsoW2OZgV&~<>JA!f~rHui25>?2Bs_kW`*|EKR2-cLJ8)x}bqW!VzQ(`Lo
zG<A0lC&)B)b+oLj;%r>rYYPvwF)k5N$+vo@B|>82_~E>$z@aMaBjVtQh>u8nNrowI
zn2RVFD`P*&g4kGz+E*H`s%yIHMtF4aU!(tX>HR8_k#YD&Nc;&BeX>??fu_brO{q^D
zTSy_p8Mc(?fS-5+8aikoyb++~%cIj_$;->L-f2fRm(<qABcFf4#CQ)34B$TyE1?{i
zwE(v$B{fx|9w0K>cL4w?dj0elt<E~MaAaZyv}QDb{UybJIYw^HM8jY#HAY8A=P@Pv
z*koX4MtN2&365-23Fs_LPfvrA9v2rEU3_e98Kc(`urL-2KXP)GSOcXy`n{fN(GNUX
z2KuY3V=n2{Rkyc)wMID$8u11sEV>j%e=aRKcgr&XQ3@{$SDg{0qTBNP^e<c|WD{c2
z($bRhs6_s7j59>nN7fb=l7m)OR(>fMcap$;5rQ;1y<*9A7zC6Twr`dUkU>2+@cks?
z#czGR@2uE&m4>9$ViF^N0Ew~<@RoHPe7C5mDyTrtxx;M$R1AA40~;c*;R=9vqB<)>
z?E;buQ2?cQ7+?!!6-D=OeEc{BC~vDsn4i9(&(6)UF|%Jo{hf&J2eL(5fNHNJkQDj_
zD6*<)YLa7PGtgYedqgBZ-2<%SqI$z;;9&CU((TFWHUO%P1hl+|*WTvmxX(6vb7k=^
zN?zQ~eoqOmnLmp9*odic)&n;i4GpC;xXOBZ^y90ZG9=XO7_SaiYI0RKt<zL9{KVz^
z-IQSS+kM0LV%a=*Sl7NA6Oge*P`sH>z5uXWobR%V+^&aeAh;_4m6veq3m^{nH>k_^
z2#EdejovBNj!U22DVITLt6aZ5$OGsGqM3Ve0AcM&t_>e{%KZqGx1Oyi`d?{Dx5b+>
zLQm_!gzg1^1%`0|(j0>LKr%pv|K)n#5y1U=ig<1Y!ho-=u5Oo?=4^GRaFfel9|5r3
zsCS))cG_=w&*y{4w2m;42V;rkG9yR?+yUpL%2#M^r)xZq{r9A<&xGf^%qq|6Pr)&I
zb$KKLLjf4dH-=p(D#m=ik1kOkNWme)>i-Zt-JX0J1%DAy2yiC<NFZf!{}eh!{T?gu
zPC*$iF*^m`4BHt4P{sLl#&)`#KRT5ZI#$TEv^G>q^B7`*E)RYo0T7*Fdwsr|!9Xx}
zni068K+XFMpbq(8_Qf*M<}&SjaDn9=u6JGl8u})jz&O`@c|vqbh6-vMKx*<-QN%RT
zR|44Wa6_R{pchH$`-H>;G8Fz;^VNp!o6AY&QfD-D)-{jqSc*lxbW`H~t#N<ZK4Pzf
zd<v*|p;r&t3LY-iUKH%xKmcXU3P789it;TmF^0k+iQ5e;uuMk0N8^bV!3Ta;jE|2~
zK&a72L~bW=w2-SMq|=TxCveb2;09fsv~HAm%Ww0-BHZ0gGWW*3=Y1BdbyXQ+KA6by
z_tmR~T(Zt$(=lWPUzq4|rT+`0F`3W)OfUMf8y;A@>k{9#hCkMfd>b1XB|AEkF%Zjg
zZOKVbUi50Ar}<O}^cSK7vK-(6Mc80@bAb#AV-V*l*|rpgAi4YkV+TOhpN<*<?I*y?
z45q%JXi)nky@N_rf^b2kc!LU2f|=-W#Y=ffA9(D*-~&KEv%E#NrZMV#o?$UwyaAyw
z@Botp7Go+T$V~u$y)TF%p(OpQT#f|nI#!(Uf_(3}wiCkl1-Lrp1tczGVEbamC`=<?
zFAA+f`7z08)D&^tw@CGef{td*A*1dh!|R2!5=x38LwnV4O`>pK@@*U5$FiWHte>|t
zBiF|d#HLk;jJIT-6rmfOxN$b7G$)zOoNdr%X79t4G{1fKjRxARrwHlS8R~mjSkM9-
z9jZ@2;9nsCOo?yJAl-uv3xC8{mX~0$4;5;y=QK_kA>!B1p^leiR6!s&ualZrmlJvf
zCi78s3RL!yghCDKU{C`4b4rqBNJtdC50GDjg_{#bJeEpQ5dDlHV)OxK4mtv+ASoU7
zQQ<fSH%a&=!ZhdaXSvWquYR|p5R-B%5^SZ2JQD5*Ty?y>j^H}b%l<dvwJOFxekjOy
zh}=jQ6A17}THHA}f0@r{fw0dMQ@Zy}83FV2VKsK)jgGPlDIN<-%3WMoM@{&E%tTN9
zU&k2~x-GYAjLPAdkfpL~XvDd(Bhi4|*OUtg9wZ+MucVt0`J9Ug{*b#U&=J{+b)X>i
z1Yn!{r8M>DMEc$*92G2C^e3Y$&}g<>hA*&iY+H>40LI1cUH^hW%sAdq8IFu9$)RS_
z14x*vI|gKUPQA+2iYlQnp}9XsRSB~~hPGKeEDcE%D9%l%@Zy2@;jjpTd^|z>CjPe~
zryj`gm>8R0*Vx=S&}wpRR4CN-tbS{`KCU5xbJ%$e!LV!}VwtJOG*viz{)O_@e23Hf
zV6Aq$w_9|NnNn5BVeIqK=|ny;HlAgD^1m7%=0){CqGGlC10V~2LUSu+*&QIS^a29W
zeW=1WGAIfb$3(%v%4|F!L^UK8U<1h+iK+xpq=#Pnm|!1?B@m!#8^Ys)56ydxnAS^z
z%P&AU7NCKTK`mfUj}N#fnF#X>-fsqj^2mfaV6-r1ZcrKGinq4T^6vS7i}L0wVx+V5
zy?4HY&inESLtDve^6fK<5SBKAwZh)5Wkp<!|DEg9iE948=b`5}u`NY2hz15-_1^S=
z;d`G?I0a34tP)WY7sEwAC?4N_bt3H0rO|)}`KF-Bird7r7a{mfA(la>mjv0evHivP
z)0-^ik+%{(wTGLeUdhiK^XuRedCv@>K(t<ejZ(d4T7zir2Xka3s~CC;<g*<$f%x@~
z9&K*_?U(syPlG%_u`XOV@&*GHrPEc*)F+sabDmY{6|24NLuFIj3!U8*9(rem>u0W+
z_`kEOJ$uM~m?`*gGrwzjmM4>U&OZBdagoVNy4`i)`cnhqRp4f4zH8Zs?&xQ&zsPvV
ziffL@RMpk1sFztlWO`d>Q5n(x23}-2TV`1uNzlR%!e5b+v!N!gwSvi%P-rkBQ`(YL
z)YTIs&oiR>d(MQII+z9J=OfSqa<}tFE(49RnFE6W(j#OPAd3YK1<;8AnXLC8f<XQn
zo#-?d{(3L=X-Asmfpg9EB(K}X_u2B##Ba}E5m0D~NdeZ8{)~#>^`(3dCqP(zX}>T{
z%Uz_6XJVB5`{Fi$Y%f)IZ1d`w;XE#kLbLmRy2{F53?HgpxPN>kbf8p`yrC-v+7G(B
zBe;0ZU;sl2s4!)asjDkTE}y&I{R6PtfG6<GgAMaPhZJ7*wY0|4nGJ~a<AABCePHd5
zbpM2ZZU+fRs*Y=FXoTes0uw%$!1^EI=>5?U0M87lSVLDAe;4AP*O#XUV7weW``_O;
zHC?Oc5eWKt2m+OVFMcs^=v#7ptBZioJxeZ+^OyS<y?1U^V32K?kSr~xpEkgtd-waD
zPW8^2dOrlTpm5$h*XmzcfLIu0AUMF163&Cg_@_Sh&dUk_TKJv7MfD#U3y7$9))orQ
z`~Uwj$RhH88wn78fFn_Q?3t0D$1#av9r^CsQ8TIiZc_I1(%@BX#l-v9U+fxtdS1O@
z{(oHp<j?+}U6PZg{V?OrnK^t#M3myYv0rl(X1VIdj{fFWi2Ks}tpqny{>9(+yPH8v
z>#;9X@-}bXje*zO=Ik9jK&1Nj$8@Ft<x3C3U?T*=;3hW`51{w@txUtYqI!p|O5N3J
zq-E{UZd@Z5*2bn1&0%_GdwLKX%d%q=e_hBFnY2n(E0@Iu_ec6>jjM)K_EV#+XMm2q
z(X!2_<}1$fB_rX{gfs0k#9Wx&w~ptSfQ_<sr|i6SaD5&I#c*T#amY45Uhkglo@0bD
z#KP`c(N`)Vkd8N8%4ARBK3_~y_+_ndT8)SMHesAQPeLjG%eJb5l2cGpX;xm|T9bY&
zav=gs5=EkMJ&hxQE=GW8|7$FJz%!PN@tHfDPg_?4l(_QFATz{+`Vc7f#FXvhOCENi
zbVtV(Q{EPcXg}Lm&kd!>na}r^{$gT31v1UUV*_#OqfyzTH*d%U#IHD|Y{pACs1{q_
znxE{bLvn<;9YViu5px?~g!f&CY*~w<f49i^)vbf;wQAd@j7ccj9Xz<*e76nXablU?
zb^OdD)Yv<YZAIv)->aAFQ6C$#c{NWI$g8p1GJmxprE-}9RAUE{Qjtf*ac9W2?|>$M
zbZsr``}Fh#urLqjch?=T1pnzZu3FF%$YAgKx@q|5&lHF_$EoDM>q{L=qcNqq$x`Px
zAz68TjryM4XE0NOdgoBy<}%?VSsPig`r1|T_S-hzLQf(j5c}FSNVk<prQ!55)D3z>
z>A2VF%-%URr1%M%H`N9+Rk^{b`=;Q>-qk0n-Hy0b^sS8UYdvvgQ{Jztu7TY}iaStU
zM651m!X-K|*^3<L)PCkJmp;xfEDh3l4^hvbHrceoa?_7Z1`bybjx(*6O9eKL4bqpu
z_hI!)5$%?Kpm+S~K9P=6RPrN~7+1}?OhLyOSDjb$^L>ga()CYUaW{~;X+$o*{Ee^T
zXIq`J#E?2Ssrc#gdQipZo+<LIM|mr=Heo=0|C7tCC7b_ZJ)8f;pIhcQN1~-f<OfIM
z({O^ZV7)OZ9vbA`0-tfXD01o+bji{1O^ob=p`nnN*!W3+7s)a*<w-oo$I3&S%!HDU
zgq!hk32cYZetaER$l-XceI9J|wkvrY2d2wul%GcdYtrPa0`g*{t)rX8&<K>#*dXV_
zuU!}NUq@BR$!07Hm)yPc8&Vp1e}lxwnmKvf)xr^(GH)Ds?*mgciE1iuI7=1;7KBbO
zAav-Lu7EiVpSpN%nmxl@2#Zo@X+I6zANGkaI}n<qDF!#V!M>wj_Z@XpHuhuwr2e8z
z=)$=PA<sY~j!k;8@q-tnE@15-PzU>*?ovMelH72gE+PEshwJzByWS)`*Wf1lifeEl
zy@Pu$;*Rt8hDSUzkwoGK->zlJ&y-xZ;yDiObSFChrxdl!IS%D?d6V+*shL}I9%~6j
zU*h>13Y9D;LfZFdWPVuYcS*8S)9{Eq1gkdcCAsMKstLVGPgJH$U*z)@JM6Y2KyL4d
zy|Lx_9Dw=eVP6O5{BTz!qsgEOFxdLBoIfuK6RF?~ysNOWv602h&dv_AJS1Re*KREH
zG8|TY(36VwCbjqQ_+^xjm;|@!Ph4}1syOoFM}iHYpa(Mz)^_T0w+r6G50mBG(q=e8
z4HnnO^OPlD5l54LVpAJ`ioYlimJD~FwR3obJGUO_y4P3X?0?`IW}?@4N$Y^m4*GMo
zT9P`O)HtTNMwFTte{<t{dkqnE5^*TnN-X^1<fqvan7+~cmiKlp)Jkj(lZXIQ%eW~x
z)g$NqIn#M(mK^NsOyJ6`?x=#fx?&&S9`DuUMW8d@GaK6xkrHeT#B_emnETf=JQ#wf
z2Uy!xb$oE-t&l`QxjPjpWxw8(QtDo&Nf~Pdr(NC1tT!u$Qu~Nv`wk|5({Bu%W+#hL
z&)=?f+@}ukCn@bQcIUXzdHh^OexFvt&$*saUG7R-MfMHbW0`$~2ZpsLYp3m}$Y<@p
z`}JyeFLe~5R{vd<Y&s4m>6KN=h4|m8bC>(Y9%oZ%pPit``h-6Gz<(S>`UTNxxY3)G
zx4FdS;&iW$M99i3<&tqA3<C{~W#r)SBalz$)HKjAVVBo#%=kf}1i6>rJ-4&9wpP*0
z+q<~5bTnK5X4A{xUug0RPe5*XFgy0ghd>pn{?=q<!Yrl$#+j@9$<>X9@xYrqAHtCN
zP*;cZlZCz>(l_DTtxKBosf6%`1>V8>M)W&pZ#)hM+i+iatxT;^g@`;&bKJ*=6X}~^
zWGmeOv;?nRy1TL))U>~S6k)624~&R4$VhpO(j2Y+Fg2N|#Zx*zkfGOl8iIT(q77d<
zpXKa$YBx^XeDCW7uX30PU^e7`mKZ8(ys&!q^T7(G<<0cb!24M=SS$Ov10%y|FWqGR
zC-MhJO}eYyP=h;z`yMiSF7@H|_9RX--em!{Ks9@YJQe$i829Q~aleaX0hobJV*f_+
z)WI|<HchJ)6L%tV9%af-zh0IdlU!_a&%#zKX@$W(|H@jbR)4i5tIvr2bQ3Va<v7hd
zle6Cz5WGsD+os)Yjw>c4>@ljRRrm0&P1p0uB`vu{kWM278vaaFEMTwlTbuUvZs2t?
zd$Swi^8tPSIGilIOwsL0dJ_L#hB$WaE4?HOQt|-iK7-t(*N&Y`j;EIFr<}w~9l1#z
z>eRc9rb4{tv);5O>*S)~7nP0n&v=dOa}1PoRZADxqulXFW8u$j$ai8$J0eUwg#;<#
zPRg&$i@0tBzYn<#`d<B^MEVcl_6)YMd0c!BNM7=C`};p>^hqiOyZ1IOnesXqPJx-a
zySHYTD*@;p<9b|w-M)vK8m65K2>HHNN5>zV%R}O!{*<l#(P#&Dg(NFWn1;T;hz=0f
zeP2H7kC_$>Z-R0r_b!+B2@EYoeu1Fo^{570XP3>7tgpWG)*RmmN{w~hic^T*&?XXU
z#`hbvmgkfSgs!4CPb!^PJmGG7YjIw3F9&GCh@ZM1oS@u>{Aup=t3bZvPZm-)M)K$|
zKNQ%!<g5E&qym3XwBpZ9dqzUF0a_ijt(o+f6fgkO&vfx@x`nh5MCujO6^A+_i8(c_
z&?Fdr{aBlo_Z(-*W;Y=cmgUn*j;Rp$5pnwGZV56P&)tGnjZdcqgiTTPwrl%vmj6L?
z5}_-Pi5P>>u^tJ}QnzN(>_bOela;f2&O;3YQy_)j?HA?O?L_TQ3}2E<vaN1NOuN5G
zN+23()t8gGR(yecX=}OOmo4eR#tFKdZBa|8@hY{5?AsqKU%U2`A>uGSu8OVCYR)Ig
zjCqx=y;0lESb*|;K5EG75KN2KS2SHc9%xos`M6K-l%ELKo%X5*HZH=}vbg(rhsHBM
zHh6$OA^hk9OHL8F_NFcKo25ZSBZn*GEQAB<D4kD;X?)in)5!k)32Dx=A|C0}ZtM-(
zhGX{k+?78V)$?&F1I^g77xmu7T}H)fy|3TLaFf1N)A<{TKKy`q6lOkv5y-cfa_fH`
zI9ZbY+uWQKhxk$m2R|WU9v*<7UATeD&NdE@is^a?@upM#{0$%ek-+O~mPg<zz*Q!2
zK(qj(`XOkcDLsK?f6DV*9E-$*&r>%}MwG*Z(U$yL-4$14VVHYEv+K1B6KqT609xo)
zz~d1bcj!>^<<ZU7=fy>UiN3EyjWk3#`g^(pEJUk}i<Ps!E)LRLRq+LP;1d^|nGsi5
z5uy)JKoqkTfh&ppSit{=dl%&K_Qr6DO;NM9crPHfw2;WyO(0cr<M#9QWqZ=*OstmZ
zL7U3rHB@1x3`g;1h!0k^n`Mfgn#SMo(aYPaRCbD@Lx`2lp`pFUOLgJ(ZP|eihM9hB
zy39ysiu4o07xBU{>oBDhv)*)aS`CRB7V*9IGrDSJ=tOc2jGg_@Hxi~>SBYv!21G`{
z!ahBJx(nbo(PK1lRDLFGBU*ac=g~<E*7pnOQXLjhk<q{~#C{i$_iXNrdSa0^g_~p(
zbI7w+vzy55R_C#hp;%9LO@Nkjhgco}v<dWH?2KL4v@NvAF1L^o+<Z-ZS{DwKts|<~
zOb^RaLl-0DB#=0F{fr}IXYb8|d44aYaPV%_kqgHAX{TKw=0`gRC84Ld9Z9i}C3c;A
zJSiu!$0y#GOj3G2l6JCm-wrOR5U*NF@xIEyJ&M{NAoCd_9|!r0JWUzD+_y^=Kdx(@
zuL>pQJr|&+^hv`faJ)<!QJjA&fj-mRaqAu7b4VBtEKumllK-QO;fq=&v^(6FsWAw~
zaa5R$q3GYYJB4>~o)1;5y%TXl`L&G*8YUrN&Q6P%(!sf-9CA1pX;(3n9Dls^m>GPz
zJwn)a9Eqm0?6eF?9a1_|Hc36Zyhg0W;m3@hu>shcM#izFDmo)ggdMxF>|<gaV?r-4
zDNTTal1stl1MZ)F*-8Vd?Nb;GJP|Mt$k0+xvuda-DWxx0s3}4peOuX6=a)v=bgd%N
zgduNr(Uz4V(iQZuCm(And<4EtG@ntx{viA-{KGzS@(x-HJLuX=QGVK!604>m=Who=
zZwX1<(D9WDg|BMojmJ1j;E|B@&?gd=u(qKvxgtW;l;E@zDw?G(Rg83&&qpZEwnySt
zrQx41_fD<(3c?6%Y<~0S7`qH9&^p73L+(J8yH_xA;fcDQbV_L3P7@oRihz^0uh1V^
zITIGrzT%}!UeW6Fh|H?^j+UwYUZc7A%#|@4LLMZ-<2F5TAjbQPT3)sMZ4dIvkoq`u
zowT>lK9sLEeeURpa$WGUm5N5o@GsVwNj4O(kbdhAH$1qR%>B@okN!HDy{9m_ydDaj
zf}xR#5`rKpA7}y$C#dX<ESC-lEN0m~5aUO9RHUJSn|=y%an97go*lh#fBJX`gpYP2
zB?VGEAM8}2^+!$NnvKmJ@KEY(m9nw+cU+t^3j*3z2NoX=@`#jLbv>r`!6{U2A*vK<
zh+9*C1o`TpZC~3<1*JYthOr4mmquIi&Ob6NO6g*kPH0|(u3M03&M0#uo{oI@H?tt(
zF8unN^mKxgn3LYf-A;LZJo{@FHbY#gh2n~-#+aoKLxs$37{<O;V?J1Y<R~PHRMWkx
zJBJZ@qZZRh`>-R#DgI|*Df%*s6gI0xZjmvve;s!5j&tXWhnu?yy<bfRYARVoywLC@
z<Xa@}FimBrS12sJq=nwV$0l-395mx&@6OsUrF!ijHCQ0cEc@eHvMg=-ba2x-?W$Lt
zi*@D|5WN46HV{&3cem5M-K}+z)1)=Eg;+Yq`!+}9WjMc&=26%_CIT`(M+<*AaQ3rl
z#?kLS-9*P1D@T|rD%27C1qf}X=WPh@^gPPp-8^nMCHfGIW=zH)Art1d-0Mm$HuuG8
z;dat`g2l$2fc~a5_hketyLM;`n<GJM`Tt&s{$tM({cN&wsw%#<0-68q11||N>=+pj
zh90y#ccH<kj6F%6MdwS|*Pg!5tE5P8jf$(w<wrmLOylz=%xxgJ4ZIyT&kloRe5q2V
z@K#!=edQwygqV5vy}(3}g|<7#WlQ`ZUwD+IY=357rL6C-NmJ)Bp0*mccjWqpaF)Y1
z72o1J-P`_tz&j(cu|bnSmF$1(``mRIlHG))O*G#5!tqI*CG~GhJeu~avwBo>i8deV
zsw<wfR;%M?l5~sIhX+4%x~CqDz@aAas|rG>eq)CsWN7QljhX4m&|1usp9~7V^B+2;
zd%i`<!yejOos>Y~W^CQK`Kxo=W>>8~>EHL*lp0OpZ~CtxCxu)Ri15^L3?n>>o&7GC
zw5BMcd&)FPh+gu>y8g}D>u>@k=BKcVvT7aguig*>>qlEkMqNWYmXu3ZvKE&5GRUMG
zx1Qs9hV71?V$B}}-fL(&j*3<l4CWbq^||ZTCMc*}I@Mi2`JkbZE%<04HeJSZ-AU%j
z`&v1Pzn}RW`5DsR?9mCSGq}56WX||I;h2Gh(vNy03@8ey-NJe2Kn~Z0<zG-uZ*ijM
zPlzk-Bn~z+U_W5aum4m>6Gql=2IxL;MupzWV?$pn^^^niB-_Yu7p?dnpET5ocb`z3
zvaL`KuNwmhYN&~uUaY_Po<V|luyFtSVmuaTk3}n<4cU_W;VIT<#<n}QEAG$~rq6Rl
z?4=|cxduNVSF;9N!k$Udza~J*J5V9;toEEs>mJuoDD-BB6Wh=49<SB$HeDb2kN3hI
zY)yFU`ra&+X4uB`LvZ>tBSx3W<yqdd3>-P47Qf%GsIe;6$YTu31e7AiZCAbpxcPbo
zE#0~yh`&e5d;;H5g2m%FOt%t>6T5_zbgz9A-@LpOa-M3c7O^G89NuV;5VTV4q&Vuz
z2#@$#8iJI=tv>&}Uby{f$Lh0F0e;<Fh?k)g=2YX!SAV3N5XaTPA`2Phbl4F@DJ)gP
zfD@#eFr(x7n}gzD$F;s)qsiJVj%A4pKQplolcfbx@Qb=B-29+H+VBae<+wCzoOszb
z_Ux(2W=Aq8WPRA~jpjnKV2DU;rcpm~7rGGQdJJxYNLC4NUR6csA?bUrF9FmnbSW|I
z`1aijGCt?tK80d0f4}`X@iVM{L;QZsMj_>lw5tzd_PBwp(qT38xTcQyu%A4Uf%@rD
z;=%e7rPm(n*UmlguW$DPkehgU?o?zi2vao-pnb<~MiQ7YI`_Dqwd%m$7F)1o9nWgE
zzX(eTZ^Ja{#m8Wyr{C-g=W}nsjyW36kf9!eeC1!EGeTUEUWk5Tk~hB47_d_3s^}i9
z!9<@>diwKr-J-y(6vrXCF0C4r&U`#772FV>>v?g`cH}!CkX@zlXKNF1fAw)7R3a*7
z@^j`hHyG^ASQ*}d9GgGOoeO*6jHJYp-(3-3yKY4u+486osUHF_#K5ur^Vfug!&mj@
znC*y)*p{6?^&=nr??miEY8=~gF6>-)`JpU#T{!&D(P<d5*xytxkA?NuRILrY(#;Fq
z2|2A+5esb&bnSmN_;_Yz+55gY1vOBkV)#U$s3tWLwgED@Ntch9{vg`%arkHWH!HqC
zi7!XnD)!jCI8sWlXoS{6e)PM|lXV{&W%Z(wU;S^V2P-380R8t}tX1292xAdPOcMx%
zO^NdwF1tvkOh&cVI;_)zyP$3pT?seT$tY->uj5UoN&M;iA-EaI+S=lQ8F%i}?sC~a
z@-I1_x*Sg<d(g(but6lSK?#gXh_x(^>))`N=eG<Ena<InCRjfN!KUE43mH?@Xx&ix
zW7qV_Vv+lFTKYpxGw*-BIyrl7t_D|pTY{Qr`Ryij5GT1L7^N<BC;0Y?=^GK=`y#sp
z*@69oLry#j`MrodYBmYNmnx|54z8ACl4~Pb0cp`jj8Gzw6EXdrTMV)X?wdQ=mqR!7
z>^@@{+#6Z$)4jDQTDssT17Eqm6iZ7Iv1jBC(|u)H9{<i+d|T%vpwP;(4anvU<%@;0
zbhL^j4hX{ks|r2^u~1Mj3Aovaj5X`x**W94v8Y1^CGIC!J(!ws1IMv_Z+8)YUeWXl
zAx1TodK@&ant@}B;KjPZai-gqlWD2R*+r%BurO#K+l3CWU&<;g#iXQQGP1)oFho!w
zMNsxQW1?eibzxpNrZbCB#Phy~Er@G>PDv%oxPU58XD0d1)5fHi%K+$kUq8&}Y#Xvr
zyv@l`OnD@DL)5*l!U;5CABJK2>v;T_VrVgeC<rCK@A0>lAQgnGl9G^s(x}ysO{Lci
zvOQU8E-Nq3r=*mEi~`z^1om)`W7~Y-(l~?JfcwUIC|MG6LQYHm_6s5B1Kx(WZ^*L#
zp!ADE*KsG*_OT2OqXAh9dw|7-kC5Y^%xB@%M)W<!6X|EC*hn;s<_k>f^r*L>Z*yoV
zX=%p5at&I*BF6w!T^knw4Tk`*|Ge&Q!tU<wt*un@e*yA3EO^##d?ut#k@B~iR!zJp
zLfDg!qULj0gIB%z)ohfgwd^#hN424<g$ri1ZEe8C3E0p~wy4uR9KpSo(7C;VkyE_|
zSPM3`@puv?4HMH|E(SG`(cH>P6tGT3JujOz{yB5)b8s5OztR@gQ*ZqJmwMs>00FL2
z(T^lDpg5Bv*Vu3c;>z(+9y<=yE=TcK`OmG0kLKQngnZynr?t{g&!Muh;(7k4*Yb?M
z^$vn9m@g0jo#)FHCKV$iV-1T@Kg;|_=P`iz3^b<bWxwGf?xx5ExKFdc&;e$@n5S%%
zW3;d*I?EXCq?HPlMzZ_tw*lAKv{%fPQ(MDkFP-ly6+xPbc(`G|?<0FzXfwi3YEh^V
zqufK_<on3voUq@6Lz+6dr{>SP8Rh-!(-|uZOP|M5*If)sAe(&EcJ{JH^2{657e}<;
z<9Kxbg2_vbs0RjqhnWiZD*gP&=crWgYe<j8;(s=B0ti^BRPW(@j+Ae=k??uNu*tX4
z8NZ{mb9mts<ivGE?lW_jMzSb{7qjq~y~<3^!2MyP5C#<=H7eEA)D)Q<5T}rT2!}1K
zu3fQ-wYoqCMBD+Dnzf?JDbKDqXn~iHz~vEdI`?%~WzAHjD<ShoRhglc6TGV~b}Dut
zs)&Bg*&h&pk9No$(si6gd9w(n&pU!bEnc`<qJ|C*DEu%x^kho<!9%;wIf!yq@Hw0=
zJ6u5q5|6)wJj-ZZLgCn*Jws%CeY@%99-p2r0NUGQP816&U@*iz#dPN)1Pv0Zs&G%x
zUvQ<TW*sgE0g%kQT70kD&v{sHJ@=oC))c=(U|lZox#qEa0zON;onul33WG4H0HhE%
zKxHC=L;rU-;!IXByk&ZSF-)7$nxeXU$leNt<>K4|no&ueqZb?yQ<BRbVqQXJ%-Jso
z&rvBr32~tte%U;YH7~T){Ielqq@tn%uHj$G@-C@NFL%1uo*e#P%|o<4r+R;hFyI%f
zjH2$;++RuMb~!*fUGE$Pk0VohMh!H++YoIs?Qi4OHi-H;x$l4ic?xriU=9GwT2{8e
zQ_|B5TUxL-e6Butd3jyxW&8{6J{72G&wh&+_@Tq&42Qxi-;g7>Kr?7bNy&y81TrP@
zJc@9?J4hB<>rZ`h@_w*M{n1Z@%k+a#XWJW@;1<@_gU!}U2a4a!|Hs89%ODN3r)kC^
z=BzNH6+WU#y~gF65ktMktH;3tPaM5w9P*=d@(v@Yl=!rcn_m{TMh#T2<NFhbWHd)<
zBI|ANhl|Y-C$J<f*7Qwbgg=7bAU_!%7#s&*xWY<W<6ubd<p<aK2@bv185|QoeWeGN
zfQ)J>U0G*f7|S5=1HUJST_esJ$X=2~`2PxftEjl5Em{z_;1VFXy9F)WT>}AvJHg#O
zSa5guAi<L0?oNQDaCa}<p%1zDjlQG%<JAYFJ~%bDEIWJ8HD}j`!q`NK)q=o=0^{pM
zVUnn6@=&`^S|e_o)oY(;po?fwpMD5^{c9i8VjQ|l+i0k+iPuGO_W(-=_G)<dFzWx~
zg&1+L*U8D3m~L>?X|h!Gb%CEYSP4?B&%4QK#W0&x1g*X;Rx}2m=*N+XNDGpN{|k%F
zVhaso>s_!dUJzZ#z%QM;C8wu6_f0oCljpgS*<IhwTM$Mz#>AV!Zm$hrr8ijgNjQrJ
z90nB6qL>azm%o*?%O<<{PiMW2^gA&=-x#}Hb!pn(CV2mTb2tK3Dt~YymA?DHKI=4)
z_QtW3&!@~`m@-710uZ@^p3D=;D`GWx^-}Wcg@{8fBhou)*QgJ?HC~)=V`$!p;#X;3
zNq>HD@BMra<N6~q@8lX!@+jEvf%YiKA5u!!i}r!4SGL_Z=w~%W&evd8<9$zJD;9)~
ziJQCTt*6%7fL2)lyjeLtVT?$`w*;2*riUUT-GY}S0eMeG0ds8EaZlOT+91P`(!bdv
z6I2iEa-Tzxk{J@3T){cE_qTPJtBcfF&xh1eq~hnA1in@JaXkR&Ebk3vXnDft4Ttdf
z9_B<}xb_NEog2US;ej;RP$D5hP{-3Z)M%-KO8iaLSLYW?Cz&pVewY>3etF1nA{5N$
zOx^tT9Z3<VD&PY~Q8N~JiVRD{2j=>iDBmbQe~4nv@H*>hmyeG$HfnQ|&v4PZ55P~k
zbbwB?1FD08(PdsVLD`3eUe}y~>$r-!dEV@=N2$_FRtt)IZyY|26WS<u!W$+d9Tixn
zGe%rvODbd~3@|4i!46h&T?HxfcMu0Y49rUeOI_4j-q^Qzk2^}Ezm78A8R~j@wW|vP
zR4S5D!s*lNnPB+i&4uW{n>~coWI|@dVSTHD-a~h5ZI1qYD(ab9)xq*p=jsBp;fK^P
z+jyQ8-i%Do!WRd#Ey$tbTd83Yd@xdI;aG2?8J<Liup`kD1<9nDmx8&5IMdfh&Yb>)
z<xJioCBK(c2xe~;KiU0w!`~-eD1ch>r&$x}%=itp7e6YED)f^t93dCPBc+1e_RXic
zvaIDpNd+dOrN}@q4hwsSv8g_6AUD+a3T$Z)I+N|9&Ut^Ao?Fix%s*>l+Bo+mVX;1v
zn&%^8-?p>MIw`>`$UoY1-)0iFzv+J3jIQ+i`+<EK0!Tv@9Nz1qrsKcvmeXux9v}Ks
z((=She-e*>Z1?&=BO>N0NE)AMm-R&h^YD+T$Zp)l&|UWQqs_yCk-G<lw}UENq=$);
zg@z+tREM{jJDmI<t^8UBG-CoKZd1x_^6C7_w=5LK#iAbHq64QE1dQAPIzpEcieg`Q
z`Ti!p&(>j@x-i0;0{3mFvtdTWXqMF<Rl}NKRAs-JPU5_c=O-JxtSQI;B)I4JVDIih
z&O<9d79M8|H;PHp8teZ&HAl=RUK-NV!zmoe=#a;``ElSry9L`BK6@&cFrd_smm|sX
zh3|=&@evA*o14%7kuO)!3udu_0;wkpn6TV-R+BrSAZ{g*rm{DIW@8of%+q^`j~hE5
z%N=-OuQvE5vmGV`b^|_4)%$}k9j>YTudru%Yv55}y#={drX%{Yap<jm*hGodKB&S9
zfTli<eo-6c_(Q($-w12{5fk}14nERpRy@q|cXn?Z_l`H-N$BWBuA)dRx@V|*J|z|0
z2m@t(U7Y3@FsjRtbePQV3Pz(9^RoBiGFD`eu^?>M@06RHS#!JomZAw~!V<v-%EmaZ
zgK_Jesup7TjxUN;G3T3+G@os4`(lWAF{AqXBL5X9HOTtWW4)^vtWU+=M<bag>_JM8
zj|{~c@I6(%Zfo9-`c1+~2&<LcS;oZo=+~zh=PLQ1ecW4;#4d0%Y+$5LXWLFb{j~VJ
z0_!VyL>&2o@{0m#)0b=-5<crFsf>Uo?X|;x8W~sd?sLJKcG30#lg@@xtW*&knEla<
zz1yw20^2)0D`AX~Ghk+Ld|V|Ta&wR%>7KW2^XmrM|8$alNoJyn4VOg{z_#!U2%G^b
zTMU_O@UMP|{tH}3rOG6d$>s9)4PHF~MQC(9(U+vdezz><qV#$<;1cUQ_BfzOk<8|V
zFv*PIqLvT2Vh&1#py0-DU2Xn;$4JZkxug?5bd|}YLxyWFR<xO$R&|64>kXJ3+@%S?
z!JZ!dR78k_u(cqAs5jk6v#m~4whJjkOn})M=JUn*-A8XhnZRc>r8qIG=1W=vt4szm
zZP$W812D*N0AmyUcN+i~GySWm6%*U&owi|qw*RX6nfy(6#Q3Kl+5^~a5LS9ft;v6k
zdf;lSrDMAOyv8~mf08mqwk->W=KCSehc}ZF{260vLFcH_wb%n8u6^zv?E#S+!{`qZ
zgWae7$|AjdSOneP1hZ7+`>iCVlon&wIG?XQ&JNJU(DH&tFATmt3bJry&K__G1v!&(
z81Q-`ptp7KzhN~9dHDJ;Jg;k`pdiL1ucd`gnef%@68qJ)$+S0n1s_S0>nT@z8D{Pd
z^LPUH9o47OFjqb`b?8}^3hcBzoQ8i4{rWVAq8o9(b1Fcknw~UY)FW4ogj*A(h3joa
zi_q^4LA9cRsVs+ay{XSNwT6LLgKz}&HUVUc>(G0q(E9`Wc6z9|8sy!eqi>EI>b@qb
z?@z6k{ba4w=4LTs{jP=MiQhET*o8gmW#x)y#8Z=lr-CJ4q&^e(9s#;QYA@XVp-6Br
zpRKIA*Vghi(r#W;qbx!-7J*XCYyIehX)c7;qH-}%AMfF~-2A+R*zvGwJ}geZK8Y14
zSgJbg7i8l0a)hpo;U{<lH?kZ&&q0q1hl}`@EUmd(r(Bn$Eo}C3-WAKrZ2c~G)tGEV
zsc)oxcDe;|ARupYnX4CT51My04d13qiSDRD6p1GsmdK)4`(R78h7*yv(olr%l(Ue%
z7iVd)g0Wz%P;}kj`F^_T)`6al4RN_m`i5C?CggR*TLR??NZLVyI_dglk_>ENcM@+B
z6X-DE5MRr?lQ`zO9zWcw;C}hXa*Y!dT+K#Tg#M8Xkje*%^KQSnB9@Z5bW)xVy>aox
z{$W2ut-23uRfg9;H!wCZ7bm5=8y+(W)mDqZ$WCWv*z&CTJ6~&Bu8UXcHDd$Pe*JsT
za6i0|U*Ati@t;hcOj{%#N?}WFFg8^Ug2<iZm*_h7qYPP}G1)rjF)p^>prkC}&@-=}
zqS87Q;ftS`aPy_+8c>Jd=WChgW??XoAuOp(tQ@f1VgjxDGWz-?$~pX@fPmp+UVE!!
zER`G>>RHR6YwDFY+NDcC&w`!vM_LB+k9M;}Dboi{w~MG5e8ykJWpmufv{bZQ2i5Y`
z6Kq7KF38h0-g4*D6U!SHSF?7@bi*{Zo%}m2w@E3tzgx{|Te4dLO+aVJ+Hj}Ve5-xm
zx#Vyn(NMSB=}P<H)6ukw$P;z$?frxYaGachvUSID&s*Nu*m$(s*-6X>a{B%EZ;A<z
zd3kGVEARsTL(%-T<@_;!=-X9?--A1y*U`iBAgah6>#5B>Ah<LF+^UW2jAtnjsU!p4
z@pzX2>bZ%fkr-o`&W5F~JC1ZvVrTdE_v-3PE4X$u0^=OPp(Uq+x2;i=nRQt!n-fLj
zTG-nIbl*?6-S{D#pW0zdg|iG@&)WjTe%e0$j-b}QR5{prZ<^CY^3Lt0W4fSR!Cv98
z{h^SNW0Ky_pXG=v!8elCXYyI1c`H$21c1S7y=Bqi+5kZB2Qj=W^Z>Hd@9a~9ZASP$
zUB3beG<2v>JvNyifT6|FPnf=iwxw(TguRG!r9Le>e(<;QEQRSv@We80$siqpK-Q&_
zq66q|{+NLx`Qp&|)W9V-1M{1d4Y~x_&Af9qjlcA;i|QGv%%2Jw9C+fDA$<NL%d5+6
zLVzaQZQNR&<9bhz<vR_f5r8LEEAW~{w;>rgSRlQLfIdV$p8ru+yY4w$*L6nW^#HUX
zJX%1^$B*XfipXQ~OlOBXa}LX<T~^17^4OYRQk|;~Z)Y8W<%!!;=N!CV_E*|pStt?K
zWlHK4+wV9U+Xv^n?umSVKew2*I6$iu><q|1r!6{kwzmO{q*7`~NFQABdgBX04l8Yi
zd)l%nSzi!TVJhB&feruz+z&=G^FN}`I0vBXBAZ|utp8TvlD6fLXr#9-cd%Md91vpU
zGZb#}&<AohGig@Q3xix@FrdmIHHMuXTc~AEC~X5#dVj2c$-7#-X@#lcv7J-3omDM%
zY?$@@)M&4N!CcVn?<s29rR6(<Xg0OnpoWIh*+&Z%BIpiFd4`2K#(VT|yBViYJq^Lq
zpQ96|aJIb=SAI4h1iCroA43f%&M$H}T>IFlrOz1jV;*igU-XAK@#E%9bNRNdiO<sl
z=EqkDqG$7K)t-k^xaiN&@&<UJhzNaWsGn=~{iia<m9VwW;%z*wqBHMzt#O{_k%$+{
z_Tw*XkyT5|v?B>$Xll+NIYOWCFW)Oy(@48w+3*ae`Hl{5%{dr=Ep|Xon7LcwWo{;{
z4;xheMP+Tq;n`Orex`_tWX=oW$4Z5>z>BWT*86~SWPi`mqCLjOz98YFB1@%#45pfW
z8<7C`wdr1WP-0ukn_I#|J_+IZ`JFj)zr>ii%r+dGJ6VV8?YW+lTfBhB+cd!zkpI_S
zK-pAgEBUOU{ca~~Cwhpg?NE?1&Ed9H?mSB5?qhXGHg3h>sM4LRp_4<RZ<Nxdtgv<~
z#r0H_p`rhsIsYfq4YRyvTUPoD5}6?jpY!1}#?5(F^dm=KOvJM&!=&BE&w0N{R}+~g
zxvi>E%cTIYIP0fo{*0w0jID&6Ut={}7l?PA&2obE#!4X9VZ*<DSZssB^;Y^Ip+CB@
z)qa(i-YH)uFKSY$^utS$(HFFIqS8`}9(2u16WbCE-8zmtAu8L0cR#k9vU4*UJ>9-Z
zjO(_swn2KFH)D8H(+s@j#L)RvxA0H`S3E?&0h}a*Ffa$Wa#H9`P~K1yT6)Z=F1Vzk
z(#D#^(8#OYAkiesBbtQB_%o<>lbwJ?JX*ows~mfC;E*74Asr26%~-Lk>WgL7M#_)e
zEk^e(5GV2_eTOad3Dn?RN%{b*X$-9AQffb0Al#>Bq2Z=@N(EXkSE#W-x(0?zl%Hq5
z@TvqDU)O?p1H}xV3vobJ1oKL?jzMHOV^_TJLXtdw{Rv9G6toOSp7AVie^`uD;?&|;
z2EugF|FE3g(RvsHL@&*T@i;hA1Gvm~l3;&AqnN~bh+?n!F59X?N~s_eslIu3x0!Ky
zP51T!x_iPX5E!OM^3?N~@7!kssv#Kqcc6Ql>G2{Fp(0LyXG;I~VXU&TJ1E8Juv%bb
z1L&!9pzLJn@MS~{?429N0HXzz%EjY=v$)k3yYYQh=md}H1kjk;`&S6ABhs3ta!^-~
z>4+fIGwD^IHn(iw-DCRQW`8$H(VeU^JWtAcv=R`hpAvk8)X1S{jFRo>XxWO}LgZ{A
z5RsRugy&B;o`6-!Sa!JDikt121%bfH9Il+R#5RJBOdaPVOgp+Rv2p_$yXpo3Pj23^
z+NJ{|bWn=~hiXULp{K59y+Df-4Nno&Pr)RufsCX!@tuoGUu?2wSrvZ=9(oftwqrUn
zmA1QX4o)+H#VVXfZX(Y```kI58{aJ--_e(&;x~k#@|5O*Mb<{=r827azCiukx+#C(
zTM?Vlx&#d8=&=YU@ADsRBX*7*Sxg4bOYVn(sEc&e&(^yJtE+j0SENxvAcvIhBAF2@
z3XwIJW61K`<=I@0B`z=S9*we<xQbcDF}*}X*dMFJSEM=Zam%{bXn!>iEu@90R}0Yp
zVhm4;?5ey=eoRd3!Ge5K<!dc<gcU)_=rIz2D#d&dkwQn}WbNnGlE59yj)4Eel8ybr
z_e1hf`6MljGKi>pT@@)vNeYeZ!3IWn$OO<<q=U!#YMoohg>F<etR2ej4o%_-2`^Nn
z<G;=8xMjSLbi4o)na-6!X7I_@X#CM+dC6|!5T>=ENRNtxF`5He3?dyKE6FdQ+s|$S
zpfu@YXan(9ZYehBQhsF5laiBLh{7215<wYFLgQj^SiTYH6HKn8d5rM*YS(qEjfO%5
z{Z1H08;Ys}nY=IVdj!@K)Pm|IegHW!ggP$nKoGig2nAkr_!s7Cy2@M7*P1}D&Hf<P
zU(Xa!3okp7b-yUcZn@lR<H)9m>ScVVvvo0?5$p1V-E!9n^K*YCYp-tyG!u%xk)%a$
zeox_Vw$>~2DQ{S)BaMjrEKAQ6)_)5UPONb9sRm4-`bID;(A6c=reDuV0k)6s=t8J|
zPZqyp-Q#e{zfT#YVBY{;>C5`Eoe<Z&zDqSL-YidBQ)!{v)^EO~+h&qR3}BH4X9R4#
zm`76RgySFF{HOcRQpX>uYg~L|o(pcj#JIjUK;0@cm6cW8V$0bQvz4_Uw0F1OnM=;b
z49|x8Hn?ct*#r^}p?fwlBB9li@MVbw%U8pVAoA4LWGEaVOX0VTM|D=w*w|CPBi?h!
zL+bF`f`#zvYsT6wI`dEY?2~y*|FS&WHD}M#wd)jimCn`A+0at$sP-ppkT_RbiTV7&
zzPaM)WMM;lE&cah#ya{qaYcZ|E!pm~+Y&;5kfHGy3o%7#&oL@W5M>PkljOj56$nLE
z)d<%L9u2Ajr9`}Vh?@vEN+AfQ0s_bHtED|?r@E&OYyZdv-#o2`BVZ?kGoOMe7xa-l
z8+FlHAQ1*Nn`_d35k2sn%5mM{8an2=9)|$BdM;|NM6FQbGGF%{E);pFfN(7uePbT$
z_`n-JQO`Q)x`J!1A5IjUP(SC9&W`~DdFGY{>`K^c=r-aV?sa-EZx{OF22p<Vb<EN?
z2Fu=UQcNn#TXM<MY_V!&q|I<lp=qNC^>f1C<_gu3(O0OEbE9=m?{J-O|Gpe?<W&t(
zg`-7q6VchK27Vv|<uQFS83kJeV?$yMbMx5aR)nYe2fg3W@Iq-g-$jo}2b<_$AcBU4
zB;$~YaQOk_l03TYZQyGAYRgZMmYpO3R;}if)QZXfWm0V#=XUBTAyS8$K^4BAgb=Fl
zJC^oh7@W8hjP|Irt7bnhFR@JRJa>A)>BGgSjC#gm5?9*W^xG3HQgEHK?mFl6yXl$Z
zm@N;zFA-U>n6ZR20omeSimwro;f0tGDH+d>wgE3am@F@I)^-enxvG~?td)tKd^)g(
zRY>%Zg@$7I!>tgX^?FJ7=~5*7D$a5=f5DC4YVeDA+DYdpDzt@8^jZgA*5Uq@Y43~f
z^-3lW5v|zAKa8IpCr73)e!G|(9alNuP8U3>w0(@7UtaOJP0f;jDSMDM_|^PSG2QAp
zs*Tw~tbb+=%C6*3YZx4V`Sv+?j~&w3y71C?IDO%Pw(qRAznE?rcAg3UFxFmvIquLV
zQNv(&Tv_5HYq|N*`B)c%;89hXyDL;g>|brCUNdXJ{Q1!Gs6dV93U%Jhev(B(tEjrY
z^3q{za9HeI`T6f%(?d(t=uMvgMw9Kahru5{imMaW@4pTgkPBp$Wg=sa#i__j8UC_a
zx1BEi7-;WTQ1b$q-|_Y>#6G&tjM1Y)%R#R|Q$?Cq)6x@1MsIv`+|~r*B6*7!ycG1f
zL=iv<yj#;>))dpiSV)kFNWgG!JA7<#Nu7ocEfV?tv^qMz05d5n{8+fze1ONj^h_<<
z?t-^*D8yE)_CgV34K}+L$Ec*Nhg4OiF&lJ~gZkV}H~Ba>aSHt%%AS<j5>dAwgTC@>
z^<ygMS#u$|@H^GVdETAxh67nP%y$FZsgZqPkNdihRnr92nj53a*M&>Y8tNx^H4bMR
zY-_U~b$w(a_fe+4rU5_Hw&~8IkDtMPFV2aAAPW)9cdd4u7!J<crcmTvnFutZ%#(a)
zl}*i8p`8c1ZO&P!8#3hb_P=`{w}^@EaP~$pSZ){FKBB33k>mz8VXW??ihzujBEt!2
z2bz}|(c}Y3$+kX0J>E5@S_zUxF!(_~FCoY&4@71yU3MbKDMHc^kG@C5Dx+@k#qY{a
z%hnHiECTF&B3k5k6EDtx`Q8u7Y#<!bX`LyI^@UG3Gc;;P;;)XXwUjY5#E}j(lPE>o
zB(j}-|3&|Di{4qqYq|%fZYx9-^6Tra<E4Y`tC72`*R;kqwUJt>PqXFUMNtO}5mjN-
zZ+}0#OhWur7HidDu3t;0a)Fg|a0U)N8_*WmP^vz*y6iKsKTGHY`{m}Ch;-iNhRF-M
zWK+>Ka_G>VYaHEuC9{>duEa3g;hXX;Us)HZA%aHGjoL{b7VY%EZEQ2Nrwq~7naoj(
z7J7WFn%0>@xRMy}PI&5No4(%nG8ZG1rE)pG*q&|sdVd0+89hW&X7$Ze=(6#Bt%=ya
zpKP!ZGl`GF3yT%)38SBba1BL;L0^u?h*f+po1c|NX1%z8g}JRRxN4fS&&NomatnT8
z#b&nA(`r9p`;4M}!Tr+zS>z#4oBwE3CEV^EvGrqH8L;o{tGT~KQimnaYbQqawQ>wQ
zKG$H_OxAf!bJ4$5OTN@y3Pw*Y%RqqlMOhK>wC#5}R`x0H=c|h`tUp6_=*>%|jyqU&
z?|f{#81RubfOhffoX;=zQgg(`?GoddC{)$>z#L@0DJ{sQ5axwK)fE)@-iQkBa~VC8
zktY-hieS65f})aDh%Xd(3lyPn2a|ndW<ROXnj$BpfE;0Luo`MakS-r-hnYfmFEr0i
zR5U5@cc3OeEPEG%quwe)TJs}-)m{^&1x2!B7UU0h-nnH#N~1bms~NPYFm-R^$DyF|
zc7<J9$VCHd4mlGaH3moh*FsL9v6149s6>P5-Xl2FCsA#X$Sc?OyYobvS9kRBHise@
zo~;wL&1tE>>v;@>jb9*^SnccOGh(!Kwd*BYLrYJK8^*~0O6m!<i-eg(<t&qH-q!5Q
z-B>S)PP8$~#b!25bG8{EysOZ5VT$_;?VLw2NEj4;t|;l6cp<!jDKITMM7H@P<vD_J
zaS`uH-?BJ(BYe(2scvq&k)gLUqc{H5LEOrD+hhYv|2#X??>0&f{7nUnusFuq5Zibb
zi+Gmh*?&3}6R^$OMb-&!NLN5#i)(B{CP3dt5tSu1A0G<xCgF;B=_{nIAEuT;J#)Z@
z*nQ_>5Lq+I+vE+{CXl78+re?yVX{Kn&sd5@o6;Xk#JPP(rE+-I@dIm{I{J!e(K)+b
zc*s@o$GC@gW-xEgT+XIajshr%Lgki5t8sjkLrT#Fe%vYF>u>34=TT0C3yxO9z{@ax
z>hK0~JvnXU6RxI+<&XMx+&aRq*x6wt^ileu*-}4h`49wfvUC1A3EFle5HeE+rKbM*
z(0D1N+!CjABR8i!Ui9bfuGZfq#h*()ZYsS`_qK@P8cy#)=ryXO1-${7<|Ly(_>7~H
z=JbkgX!zA}@aFfTr)9JHRTz3UYrp2NnqX9w?v{z^&e2ooT=NCm^Y)^L7=Q8&a~7m_
zRaR7-cX<b@^k0RAi}Xr{Q$&o6qP5-lEzwSIFavFh{>cy#<;^!WR8V0QeAW#8lKu=i
zGXXt11P~t0<mH{a#x{$K^qY86iGN-y6oDNA3sC^n_M@vhZTkrpQD@w{`s_vevWS}I
zUngRgrFiXi#ohaO+?E?j0rEkA(Tw%*IN-)nWItdINqpasE~VFS|4<!*4c;R6A<Hz@
zg61B}M55Q@TuYP|7B%U@qnGZ{5bv`l4Ye`7?%m<Ef^vnF!9D))!~`F4ol_ZaA@Big
zN=|Si?z^jm=N1sY9|;3q1Sf~%5=(q$-^uRgaL1yNOEX&{O_;wdsfxTOb_UB>3TP4R
z<GX&8q)>7xb|G=rA>h|fs6CEB{`{@WC0?J={l2E%;dij8H@zrjKM{=7>P@K+m6BgX
zYSJxqbC4K8lybJ|Min+jdXzFR7PJ*^Py3K`sp@wRmDo!v9Cy9wa>6}WH>c19WNfit
z+9OBT{seErHn7$wb;`KSei6tgVg2Pk=$Pfc4MJkJ2|dFN65mvz!bhR3RLUP2wtlx<
z9NQh&l*etwy3Rq6gcVz`HR**=PxUO+arG1dCx0OwgFyzIF|&$1sAj36h;L6|PwU6c
zK0h=0@}bsr_fXy}f0#MYBFyyJVy<{oM=MT?tdB)6c1|lOO28~uc8a3X?JOy2-0c~t
zMYosh(en<a4)Pu*bkLXr*G2rNCWGqNK4O#vF<}XixOD{hs8k3QjWXbp;2ieKAfC_p
zvgKOBPDu(|8Z79ne4@yzXr6Vf5cm1_FST?8K{<-|db+0$IfszDf}3F*SyD0YuS?!R
zA0Bsi<&{pXo1-;*tkY3PmoNQs2jVDBi5EEQD#uM|@EU1|KJyFOwI1`;S^J{&W6?=-
z;F^9MGp(@y9eC`_EOWO*A>pPM<fgqE0~*#B+ZrO^WQrby>4%|70y*V8(OW7$l%hN8
zS)zu@))2v#kA)hLg$n;(f24JRK$(d|YS|ZGFxbx5!wU%s@j0$RHP3<c{-Grn!g>b7
zmtaq##8e}UCll_vg<aqfjCEA$WqgPP$>p2cpMy8K(@hJC+6+KA)uSZq7bqzl1_Mc5
zAX-1uZ#~_a>rR@u^sfG<Drmhf4(~R&%PDjX<w0(5KglG|uN&&qo39xa=7(6-r5_Y>
zlD&B3QhgUAvC)&T4<W7a!LC=SR|nv|tCOl3&L}h`5Lxf|C7mGgjHmrvCHtzavraGZ
z<s{>TTBBa$Xjzf^k+6&1?5zD(8XAg9M>)D88`Zg;TT*vJM$`A^yk=1j3+4hpvg*j&
z$@&fk-t?sBY>3cX_l)oh4V|hBkFqLezNv{?E5miY@P@7@Yba@QAc67k{Lme>`Fj!O
z^)hHJd*!<d`1zT0*JADCn05fmew(KS!nOjZ{U2%3;E$&)kgGyZs|fKt`m!&Rlx}k8
z?d)$8Yc1lYyrjo_wX+@J7pE#eqtkVtidh*WgMV3VW&f^FOfQs4#ixHH&zjKaS8&pJ
zTe`p0q=+8buI%TGjwgh6(UZ>EdAIP1DZm>&rB5(2A^##Pq}eg4zI18dv-ifLXr}hP
zTykup_GT^5smb$ufbO}c5&Z!XfgU$6>!m?6AM^fJM2}7WX6D<Dn*$PV-#%pAd^cOU
zOpYtmp)?2?)BYSg+l)o?v?9O2N%Jken7cWTjNePe;3ks*se|X21i}qI=@@%W{|{m=
z>u$}wysK?2VMk#{;j>pkoxwe=!0C2qM~865fjDx5?WJAN>vaQx;q%Osz*C7Ggok!y
zQ)d|z0xyPol_2ytl))_J##PnJaJwpXy}pGRI~ghICzW*zpGFk}I77{iR0q!c>!eU4
zDYGi;{)8Z1e0iRwVSMjd7H@emh~aeB=)m1xfmQWpweeIeH#E!r?LnsZ;rZ8QVrSK-
zl>!1rh_G3W;4amqT{i^6j{iHqb`Fe!n<TGtvUD(@BrS6ORg_|yo+O5RQERqdMDUj)
zv8l)i!+Be+7!iF4E<Q=zk1wLgJSez++%V>UH`SWb)mhoTCRU>)yAH*e{!FUost~D0
zq7ZiqXdtL3S}CgRxbhr0ErYO*h;##7Dsp%_3#?)WfSq8TpQ5!S(9^|rUpT52_BZLL
z)0^gl5UTpU(l1G2qZ5NaD6w?w=vilyWn(ycKA;d-WhyKSqH4UqCo@!#AGH2Py}^#Z
zV@xxxn(q|wlKWGKudAoxo5j)U7jT^>xsUncllMguQmFVJx|oWWDcEgbl98OFf3$Mv
z&gnEhbpF!G=ZgvCO1~QS>><e}njYHVkeTvu`kKPTBYUiK<wdnVfLWt}5ZCJz9-x<B
z<u1s|sfcW#r<*0Bz!8t2x934nkMq5aQFX{*$bK$t<?N+-M`-?+4SuMHS|VdgmR%*B
z*Q+-SU7x!4wpKq99i#6~r@C^LI9p}<B-YYNK<LeCY+FShcvNMD(MbhmKepeFf%$`a
zJ}Q53v(J58cRUoLk3gP1PM=cylpWMztG{2Yeh_o0S-JjkKS(V-;wKT)@ag&pUIEfb
z1RrWO{ZtteZU<J{*~(=hACaMP+W@0M7<il7i^gi4JIxf75aMP9^C|Z5XB!hR<T-Z>
ze%?eric@3&S~lz>?zYcRns9`A{O=yDIM1)*+QWz@NxD@cV$V7~2?hUhSd!jyZWQTt
z$O;{9#8={eU%pM^NVWge%#Rlz$$c2UDs-(5{spm#iq6GrjQH?JbM54BXpb#+%s1ri
z`7^IS>ZD{EopiN`+sVj<PTA!3+!TG|;n!V1e}6roFrFN$-<*2)H`3IFS^P69H)&GR
zZ|qp!uZd@kJ_`BqIq~ff-<w<Bzio7Xgr0*jg!2asG};x~=t!kr%_s;!2^I`20J5c&
zg;VsQUQ@xZTYVCn{m!#rNyFQpv#QVT=ex-LB5koG6Ji$Ta9vtu87gn=)C-~ULAf4z
z8n0-PSYuv3onud?0aIt<Vh@T3asjJ7pPrJ?RqsQVgF?j|kKv9rrPupdG4VDy<g>z&
zO59Ac2ua7gbMp}itM8)5Y?1!QC?~=fP18griH~Txblkz>8WICmg%`iEhFFtx=@ha^
zd*AqzA>)2n(`bJ4%Jl<K4B?lQx(iSMu>k2VSVBIrjl8O#`mTnbj1C}cSZolR;o|S?
zW{(EH!Tn+~?*HKb&ZE)RRbl5CJ>QuPo^4ZeU?Z0j11IPx=;({x*2L4H(#s6B@=y~N
zDgp-=S4ep|13;fE!|3sPulT`28&govf^YgR*#jO$jULzWsZVX`s>Z{ise?445|_^)
z;i$lZX!v1PH%DbwycH%0%D`(Ij~L_}vJ`Bl^19A&R)6M7_b%86%8V?=-bRyzJKZB{
zFeAMf7Y*2Vu0~N9RN&L3$OGqTR86{RkJ)}+M2yYEAu{+20rjvA5r3X+hE5}sEc5){
z0szzEwpZGyB$8k4H~;eICB~}9qyig)n%!<`pC<90D(3x`;MW7&VzBD{3#`lgXj@O1
zk5zCn-<!V^g?yB_mUAEB@%edy%s=Y&Ud|v0cjmipqvLaLZ_}=elsxOts9fB&Dal;S
zsplUoOUsu8=(jIbUvVlHu7Eqm4S<7+@*$!63|N&ODzUq3$`hf@YgnM>iEil6l-Rim
zn{y%m<L~?eDqZ|wEcFMB)?>{e8J5ESwCqoov)!g;(e$ZDus>(H%?oE2ovg3DrM|J5
z_g;0_oI;TQxBpDX543opHZ3}3S*Iigc4G9+KjrFXyk;WDc?4{)JH2$7>7tfhd3jad
zaGAU3=VsY+R>>Wd7$X^fc<6ZFj8>S<(XD}Bx;)!(Qv_Llgl(sLT+RqWI=ZMsr)n8|
zIxS$AM=mNCEoW8!SLuOB38-SffOTy?CJ<$a_B#_9TS^!c;Fl(QrG21XAgEX9SLO~t
z+{N@MQQI8h)veQhg`7D0-;$VfWEjznSa!-RQvDX5@o(KQn+Xs*Jo*-abKp_$va3wY
z=NKrDlGGl*{FUz&ze&nKZ@o6LSi`VO12~CYXo@7oSb><>R%g^K9EyHM0TK#TZ2BIN
z1Rk|=(+3T<^G%K|;-Dmf_CLinO9b_c$EOokMeJxe(oMZsqChoTG{k38lw5&B|5nzK
zujWc%<1?~%7oiPxn0Ox+BkbUj*Eo3GhdkO>GQ&ea{Cdb{XGC8f-H9Hz2cS3>Th}Ls
z-xLb!p$tvT#((?Pk)loI6R!T<&C7I$7ek_h_`_oDZotQWWcQ=FAOQT4BoKcTawOFk
z0i<2XkXpHh<0+Vh`Pf$zkAdzv_IiV{-t}9Y!AJ47`l%mABUJjzNj9+k(5-~O;Avyp
z7BO3)Io}pzvSDgx*LDi<gujbj8<w=pt_x<jAaTNWtZddPLp*kDwUL&PaIg*>znF-A
zget{d_bOT@7tlCz1~&#_Z|*B<`OFCl3PwM8!`z%KQ~6w1h^k4Ul$W2rcq2772%`VZ
z+K{<hiu+6ix1h41WuAx6^SyU5$6Xs=pII3ohzmbEbE?O{qWfpFr&6EVoC(iJbpIl@
zgs%cG29ml)V|*ZbPE{9GSN84C@gcDC-tX>?l|575hAC@NM<1P<h)cl7Brg-=o;!b|
z42D<kBF!7z0ZNyehg^ff%HB=up((xWkmv2)826x~*dvv@9M*fD{K3`opWy)SADePE
zUy!HZ#0rkX8{D@He{4?yI=ue0fT;CBJ6)o7h6R6(D`GG+%rV)qY43`%t8i@YxIfKq
zNFVYQKM25X&4+TC;=Y=Y*KM1t*A8X1gVv<{{K~G8LFYmTj5*J;<8L<0orDMdXt;zo
zr(*U)9kR@Oo#Bq($yMK)Xq3E>MscGqcrgsBZ^xhSGG%7P4N63B-dv!RD<V$a-u+%g
zLheJ=s(u8ia-hmxJgSLEIytd#yI!y%AR_85QAoQL+;t0@)+_#9a5<x8I50keR>8Y{
z$9=4XRWp1MV}Qd-H5R7G5vd`c-qRwP{pzFQrmbPF{4r6M6KlI2yMM#|vv~7wZ#XnY
zX{tWC%H&J#0wrLJy^resfNC75nu7Oz%z-><vW;mBP4pF+r|-K(7EWIli<bcjoD*Vt
zt^UB#4P0l526k)9Ao1&ukGjc6N_Cw{IdP_yhIn*OPfxd7Nh*$pD)GzC+tt6QRQWm*
z(Ti{=I6<I@xG;>3#ob4xHU>m+GOtt{E#kXtNb#wY^9#cr?G{WiTm_&ZKJ%PJ5-;?p
zpW$C4gi$8#6-<$}Y`U)xRK&#90qin~KE0nv40nY2ZhkSMv~lUBImSIT@mNv2a_k6K
zl_GXYk?{lX*K8@y5vt3116<2ZsEr21u;-T&8Vz+VhJeru*>@G5ggR*~pC_n;`a+T}
zs|&Jads?`}E*dV3nXC9txl!iv=F?0ZfXcu#t@o0|X?kV`mVYLJk3xXPho+SVoGGg2
z{K0;;Bj#aqeMUt@>M{i%^QMxKW#)-1GB2jk`IHrIQtUzeLE@qKXc29dAN4OGhmX>?
z!Qr(v@?+j(f#c4tfBVw&o{}a*aRW$ew;K?ON1sad5ly>gsEY;jDi%fD@a$ioE$2rI
zcAWdX#R>~;p#ozI-)hVX<4VAf*LD1WNA;1ec%vR$yH*LSArzfohZh&lp@l<H3a@SX
zhZrvt2brjFzD>z|#RjFGs)Pp45Z{-mwsjbG_f_Y-sHn&+&#a7D8C)%DoFKkTGmPiD
zJ%X1l=!H#2>Wi`J#_O#<oyGel(WQ!LcFGxU0dWCiAuX((|L^>gjrd6?K<+pNMA?~+
zndcgE<$slg<Oo1=?sT>x<qJ@?-^#2iFKs|>TNGA_#P4=5v=ubUS2IFCs*f`RHLy61
zsgV>a$;aN1C}<le(j9T)lo#_;=Il*bZ~A8$(#%-_P6MCby})@7OB7DdT>**oSG}KZ
zTg1!bn!^_B_k@E^b9DwE)2vF@<#g@KY2378!om0v9;ZWxWo%oPaNfbsaBc_6mmV3%
z7P4czjyoUhD%@g7g>)(^E2k7LXWr2*uZo_9`>spvf*soqsOKJQ_zbIkP96NM&_4E0
z`=9SMF3&Np5v{C?Xs~MKh?r%k%}<phJ4<y85qjCkrimA*(&Oq6$$8zKm*};)4r{b$
z3wb5lo}{s;h(D9f;-e=v_z7$uBl1L}z~2Yu=Cg^Bh}T#zbM50e^5IN>R8{Sgir%BR
z|7x(1os>5$x_`@M4j#*>r}v1@9+5|0#+==~N^8i;>a<Txhw)!0?2y=YT#`%V$gtYr
zkIl`b$3+PhKTC1(WLWnGlwCg6n?)!-v}#-raBhFPe0rH=LmVtFvB+ricQnLBd2<Qf
zE-LbcKbX|cL)|QWw{6#PVthPhWJLZF{Ye7j3DhT25QOcY+0%E{LUj5NLIG>8!mOVQ
zq9E(?SF<YDXLT?T#P3go_3dGLL;%U43uK!yoE2_(<w{awUEuYGSff)(N7t6o4ymaq
zy^gEkRvcabB#nIK1+eO!iHHp3@ROz<-}!W$6q$+B^(i`YFO%#RC8g<$e9@C3G9jdy
zxNziNvtLP!&7Z2x;Cq@8Fi4q8N=o(!@55FK0`>~r_+B0nB44;diRjN-92Ogtb|&*2
zsv6Fh3hG(u)K9|wpiJeax!ivKJf43h9Ef~J13`>~5N;8y94=`P-mfO)32`_P%iLe?
z2OEFMj>mVF@E<yRllPxRETAxqiHUK(Inh@aDzC0qrd7#hHox;acUVeTjQxI#_qoo@
zDw9WZ;rjFd+J|O&hQe|yW~uiQTIkb3X?v1@Em~3#ETX)c8kTpce}Uy5k@qgf{s9O<
z9>TQ^=m{mJ(;15=b8zB6Jf-B(jrw>we-FkW|6V{nOKjZU;;gn3=5>Mxff0eg8Im|7
zPrg}lW!?5t2}0hcoGh-Y8cRku_+b%4%<nq1WOu$dMTL_!_xm>l9*|lBlm=%?zjt)3
zP}BXeGRq4wb(|`c+Tl5ETkkcu7F4)y89q;b*(UjUUq~_C=3LOm?;*d^&=^(t0CPtn
zvlXEykO;aDG*E=Rry1O}Z79&oPRA@10eVp?s<9{fQ!tNqAJKPnZStXH^BJKy><Jk0
zS@q%p-yQ`-El{2Mkw@*_SBXK#p}Jwu&izU=gBfP|yjN@`h{0FAu)c7ku;HmGSzA)y
zRv^m$a;iZ9H5@CzxXNL^Q*GGE`r7f3P*<O@3~;Z!&O#}R=Xn<UyQnf$*hnmiz-{N4
z`4DY^mt<#0Jv$SnC9(Ql<z{LUWsK=dDmbQc`zlBGd{ZLmKl@0Q$abE0TB;Cmy3Ec>
zl&fOSY9CAo-2pVK^uk$kN;|S=E1=<a7W6n_(=qn7>$iL3ZJ-7L`cS-X>6Hj*@p$uU
zpaWXBBbNN;P6dg5_9VlzgM;n7XV=iHI%V)^i%4-B1R+2H8zuV`^vup$*+nha&D*96
zFHJfGe@9M-w)^4L5jO-RbAL88m{hHuS-{F_z)qpjK6-BrC42za#8rKj+R~<@WBQpE
zY%<N|Q~#4>>B5xH18)f0iyVJz<}P<ajxvPFRVDmK20QB|%u}rz`ySeTFlm9xUP|aY
z`kX%f1&p=vEM6tWB|!ehY$6+kX?srY{BV`RFkfwZJ-t<WAwx$RtkIJ-rnJXmQ&I9X
zN8#o7V(-DJm(F%!@mv*rRm%##>Avcnq~-lc+k`bT++Nld;&gSoy1J9r#p&BC@Td#V
z<9zoFgfqZ*(eMOULIRyCdW7&ohS_u*#<p<Q%&571K6m=Rr&vsJGsx6C*>deqWwX!Z
zR@34ABlobsdA@U}uI9_##U|Lx+twQZV8&x@mNf_u&E*{?4;@v)AE#jdMWEj}m+<Xk
z0bjx*-qGt<nL#J?8RiQ6WwKKxmG#uo4r%~-pBIE3&~IAL%tSf3Os$JtH8VgHa&-r*
z)WcVXq4)4|4~{t{DH^^V3%+A#+ZhzhIF<Pxbw#E?&t66yYM@aMa~6K)NnH7EWetOL
z9milDKX;vIr8n;JUsO_kWH&w!2~5E82C|&o(S_O5{Z+kDHw+=KeRlbT*^Rtc`^I}Z
zCUtiohG!GWoUq@#8gJz<Hs(v^lZPMdtg!kAVLR5)p4YI1*RM=(Wt3Z&a5J_oRJ-V1
zRb;TJTFWF>hDh#;5cgocgZ%U9_5cdVGK3NQd#J=RXCNc?#6r%q%s8rg0UaxxaFE#$
zCSfM#pFg%T4W8xBqq)_tCCve{PY~gqo}K}@j{_A_1v=0A%q%uG#cqe*R*S6?3vnb|
z!}1|o?HwL6D}p|msy!CU{I?^MkGY)}#FH1Kr!yE&Q*2M1=$jm@6xRB=7vp=U_47&`
zchr8pEY_^6L1dm^*gS(pJVR7GLs#=*m|hp<ELZ{!kI3(fOTzTa*5%1!qYAiM-{yH%
z1z^s9JY{2M=4wWIy1!02_f*uhFn3&?9~AKTzMi<K@QzMHR^jS{mB7z5J>(xZ`@=?0
z5Gb<ONcIQMAOZGV`=nHkLD}MTc|(fFHA;xYSu%GB?~d{{cqWK=2MXuo8&U`wq9v~(
z)|Qln)>3`l4O6gZ+ue(lhtqo}i&yI*h#=w9U-Eu231lD%riSyMQ%WTQyZj!12N?CA
z`dlEXXW-KiR?Mhl-v;8}2GQMq;k^x(xed`8XWRdeE$3Fi-N=X7IjnZ*13CW{>Gt0L
z(Gw6)3!r9Wo5bxWTq<jvXBr=k975pzsN5t+<~M?^*vG59at@>Z+~74YXr*sx8F>SQ
zP91~Q_T}XhYvYcwth*oR;NBK(vO}}>s@74xZoueo^d^t?zm>i_Fr$?r041n=S&Aq7
z&wLSXT-PToxK%rb5iu*{Kll>sCqP_)M$q|Ij~Y3c`ZA{N?d`<8yvcp&w`Cv{&TW@X
z(7DH05}`q#-c9GEQYzB~+4-XY5k>T*U^>P{=81)D#G(2^AWaNMkGFQ35RGwr)naa9
z7h+o%hF~{-Teo4;f3~&YHse|zx0RwXIqDWTh#M;LEqyl^O~`3>xi<wg37R<LJKEP%
zSU7M{(&-MEOPQBvu?j5VHm^NeC7p`YnA4$VEE!CzraFkvXQhpCl%ccOJad1n)M>Pf
zZ&=nXv3s$%5^)w?P$5au+EvL?EeHBg2!q$hH^Z0U6WPh%ZQJ<}VKMt|Tl!C~dd2Q~
z#og?OKkubI6NaA=q@86TUKksU#d-Ok=&Zk4S&M`CoXglYX?_cye@A_tiMaK}Hy-C)
z+<piHM5(fMAAGd`M-*A$Q-M3@$I@Ej;Q~lrwc{pecr|(KdqoAM(^pdtmzF>&YczZp
zTQC!AKZlC6Iq3b=C>O$*An&q<T$hpdZt)OUvS{Gam~J@Pjmj#5y)t~_lz?D|N#w%k
zdBR0-(x**D<Wi>dQU%7RB#Qw)mkMOiMDeBPy@<_Mc88rwer=3H6ThmYt9uo>HCTf+
z#N5kb$=B*HGS|E+9@kDqtBG+9U^Y$8pz+FNBCT>sbEG)Yp^!<bb>tZ?eTVCV@dG1b
zu!MeRSc6U7dWj1J$qT;0B048s(iRZ}_D<1>%EB;hdAI}pzX5BV45UrRc`l|r^ro3Y
z#7F*%9;^>Pw`$AOK1wRB86kzKANbFoc!G()&$dTu2(jZ$ACn?A37|B@yCS86Y$Xb8
zd#9y_Z6)?U(;L;!ci!bSrq<g%JN?hnzc<_&fBb}aXsllq=XSsl@voMRRL*I|?Om_N
zJL$>q!BJK^5j0h)Gwwyed8^#Rt%VWqtJDE&ycrUPRcEZCd-VKS)V*PAP_X>6@crMY
zArk=T)m&cRE0=1joH*Yla%5qAJ(lLh8369~*2X_H&7l$++<Ec;jagSl31n0VQXT}Q
z6N0)5L4WyACJfGw*FsbVT&3l3KayJ;^F4SMIR8>K4~CPWb&tdR2Bg5O!{;<sefjp!
z0MctY|B;nKod8L@fw<9_-Dn?MITSi*dz6Hd09U(*o&o{E@GfKZ!XtOnYh}~#zCh%@
zBw%2jE5wN~&x@UGr~fgX?!tU!EYGc$6l{)$EkpyH9==9Hxe5Kq?b@=YfEQs3N!vuF
z&`IDWCqseqY|o{D2ZZT)HyBMwWo~W`?zTb0S4LQII=?4reX2K2#J?!+i5fBEm3Z5-
zPs`E9Kc)GE|Gl1J3Mp#gn0geNPA-;uVOUb&@R1=cTVzY8a9R1M&(!J`GR66n;kcIn
z&dp=au4nFzXP*CFod15F6G7a+q2@XBs!MyKuU{2}$*_;Doa$LDgE8ySE&ey&-G*A;
zhI!n|pfAr4S0Tvbiv)r{i>+xFBCW1W%i~opHacWQAp;GbaaY!idO#<>0ssf61uDow
z+blIkRD{GN&1$^}Xye#*pr}^)idROo^e2MyJSFc=C}0-^z@b*k$nJ{_?=6W3O!WpV
zNyoyyI7D`=Qc{6HXcO(*@ZW%=`WkD$s$)g^B4XD8fOdOEsT@A1FBNKf>P94OM;>zz
zj-f$r=k;Q{eSzcr5i5K)PD===84%eNqo4BR)-+t+fP8ENd@kDIWUTq%$#00!f48Uq
zUYqXFe7TB@v?`d;e+~Knq+mS%V4oJ%Z$X7*(x_0eGhZ)!?k~#){T~Tnp+~`6u15bg
z3Mb$=yUGw1MVVJtc98P_@AH#<(SuDuc=abJ`S{NU3cQ$k-iP{)0PXgQ+Rbi|dT7fR
ziJ#&BhOQI5u%P4OUF*0mjziHSom=b1b1fNHJJp!L*x%p({28yOkR9bwjVXCyyO@%o
z{R;<Hw8=Us_eSQ&Z?dQRA{~NR=>~Q(qQ5<Y8UJr>W|=cum37q{?8e@UAvo_x^5~cF
zh{dgX2`kqtS}PrGM^A_lVn=TfKK_#ZQF+mJRr8b8GTQ4~mMZ<9ZUvae)!|Wu930r5
zX}QaRPf?pZWASG)6-H2)cH(Dbs4(_YhQPaFgfxYv=}MbdwuWO2%*Sfm%SgM&vC}(&
z$uq&zGvOy-bkic6?71TKG=KhQ;U6c=!7s4<>3>E4;~oX7-_EdIAshK<@7{-iK1mEn
zSHu&a#A#A6qZD<K{pz8a$<}}?()#9!_rKFF{5Ngw-rzfUGz>7-fsy88XM5|29rK$a
zb{*7lKq^Kb_;WGr`Tna(Q!K84{K~uVjps(USl1a;1_Ol!<H5;1R%C#rnKj=g#Ahfv
zjo`BaF>rp&gdEW+lvE-my?XoP?b$S-1@JyY0c^?u!!z)uECFDC2AG_o0FLMX`<E_F
z9N<6yJ^lK~|LqH(%`1a6xvI6tq{WZ219%6evKfaR;5l99?+H7yKE-1G`1HR<58|q8
zM4BpvMLywOSm2G%x&VV=Nd?Qg6btDD>*djYf|E}fJ@Hk~s}XQJ_@jSycLs2D%pSrU
zjsYWX(AJ?EPq_Y!=B#g%xEv)~F2R_lOq*nLcqnjyLG~TL?So;!dqgOxITNcGE|~=?
zw8Xb^Nwz4-jHxzZ#!cTl0=_-piXOLvprE?mD%cc*rb(^he-4$3g1pYRp66}dKl=Gy
z92^|@HD~(s=X7xVe}9P?X8U)6L@RKiljbJ^$XehvdkgOd{*qu}`=7zd1{X_BQ(Gn3
zT|MMn1-Bnp+}TuE*vkzo(k9XE{_k>3Q(7hd9Bu%rot!7GntNY!6bn<+&1>%|STExP
z+Hj+Ti-%*AR5oYbTKCh9Q@|vE&wv6`G2t}2)z_brHj((#1pl4pw92V`maVRi&O(9&
z14F7_x--z~QyFgD#K9)}_h+lOkiLMbVds*)*rNq$RbrV)tfj^4Csk9HvzTNW(<*{X
zYJoB);omMylUpTl$t_TqdD_*m#1?L~)esvDlkFHY{L*zc&~EkIE^xOS*(}c$yy9?p
zpZj|Ll<`T2Vm#jcGuoMICZ%1%fb9QSS=mf#yLzPL<Pp9PI{kVH7u^fSX<4&iu)Wg$
zR^E<PoENoU`<>9{zu(9x!J9_43g?p4p;Ss}kToslo+jSplS{f39d6k5ts!Lq^(9_(
zofjGtR1ev8f@f!I>@i&0So@Q<(FXp*;C<L0?=CA*Of!vZ6~!eD7|PUU@voulpK=(<
zN-`gupS3VjG?d~}n8S_lW64DP?>zslfyJhUti&a~obDyNoJ(|E_9g3Z_*uh^s$74x
xX-UnBS=_(T&5L|G{pyrl%q?x4Xm|L4XWr0+AgQOA4(unCoRqR;wYbrj{|BzZiGctB

literal 0
HcmV?d00001

diff --git a/docs/installation/images/ocean_token_create.png b/docs/installation/images/ocean_token_create.png
new file mode 100644
index 0000000000000000000000000000000000000000..95ce3e880a8dd836f598badc658e5fb41f16fe07
GIT binary patch
literal 57138
zcmbTdWmMZ=@HZHwKycS$!Hc_lfB-E}q_`9*?(SOLf|lYGX^Xo%#oZl>ySr}s`|tDY
z?wdV(b`E(#ax-^k?q}rA<Qt))B!_`YiV6S#FytX%RR9112mrthq9DQEfp{Rd0|2Y{
z@?c4I54fXDgm_v@BAL0mn95`Ar8@qzr8-;PL)#eJniUf=TisLtdWLFa8+G>#JjcAG
z<XRl=W^a3+wILB8CMk>=0Kie5DBXVBdYXw#N=D{w^@#HyxsP57Z$Bm8>}1)WsH3`Y
zaSOYiEH@UJefg5bmdd8@CA)VpQ#=O#M?HHkyGIl|o@U<MXi?JnJV!;eM~ukAL<pHa
z&kxt;_m|EW7Z;<+FEqP!^z>Pj-@kwNf&+n!ufoH_KY!A6!*XunYOQMJdKvxt`8KaY
zQ4&QHGl;#003mZ)*{QSZD;oRFZt9(Ps{AXIIsX+wk3=8zkBq;~RaaNDYx-%XXclVL
zY4&Q)YVKeS1vN=%;ooRUj!Rk*NlrCzu(BRcu5ZoV#p&;!uEZxKI3>2bJIl(-GWf5M
z{HN#-MKf2kn~aQ%bdjO8Z&_J>zVZ9z>i@&d4I{JdGEyp^_DBzVnq`_x9n;C#xm<&(
ze{k?%<K~L;a5L`t3HjmiGVmo+5~fagII;e_VsA;}oFfX;yR4U{V(&z*wkp30-MyB~
zC>WogoE8z1-ig!nE)}G`8-Jq8=OPjk5+3djJ6{BxR$DylA9meYv?|u^{QXX!?k`WJ
z|Hr<n+AG{IqAwmr?QOO<M+-l`jC|*HS*)>qetxDHd>DM{+~{ar^vYMtvBOT2QE`SS
zDTxVdxiv@`UW87JtdZ?8%m7c*#C#uU)QXgRt)A}A+23afoEHG`=vxlr%BlY|rwfVc
zb!zfTUkuspdmo=CJV!@ItlplU<@;G(`xteYZ8dK+ksZbyl{NXpZFo`Hpe|WA43_tj
zOHu0B=>Gvp=q)Mbcp0^szbn8M&K2G@xc}3SbyWz_Pk9TZPGmAK>o=YMt;^~D8wF33
zbf5e@12_F<8aR!ys36ra)1TfW^YUa>3bL4&)Qv_52!UX$I~2N(N$oJJUS|&AJMTL8
zp$XW_w8shSTt%YGf4@s|{Ks(5!DF?3OtFjO|J*vLE&&^p71>^IXEjHWw($pVzRiE@
z#&Hz8x(A;Yo$@i)4eAu-&t@G$y|ctnP9ny~u-Zn7a<lpW7e7f4y|gu93B&(X2@+KZ
zvRf!=uCkn55N}aS73BT5On^3J+O8IP?rFx(;6e2Ek(j`5>_qp{{Iz=FOPGS9VpMW+
zvbLXJo9$ZLbBL~%mPKuCt(=L&Jrg^sJEEpwlf1q}W{0RWUGDKkQA9+<uJv#2dV5SH
z;*-f*4UB&qV1B>Y(P_4wIX%ihifhj9`gwu(Vt(oUOtO%h6QrW8ZCP4cN{GS3$EPDN
zAHmDR^LBszVoHa2TtBT=W!)fGsX|VEoP6%7WAudTb#kQ%7z_tv+96q8mOJ0QS9F}8
zF=mASTb%5fgd9~zGMw-C@84U{QCgAWuW+o`4Vg+7@>-gD=BI_bOGJ3H^HHzbR?1Jl
zmA)6<$v5pu$91#f)^?V)H~%D6!4;Dsj{8(C?%Gc$sp}JqlN3_5NdIWQ!Pk80F35LQ
zL^Auzus?g+C;WDO4EdF%`{c<s_W8@r7v|qqHJJavqk<csAR#}mrD{*<>;Dxs5aYo!
zH0DVo#rG&U`6lMv`q+ANb}{{wrT%k!zq)5do8PdtJ!|!K+iz^uwQ1uSj1e5Nbls9n
zco?fB#C%#6T>JxZlIp>SC&m%k7cRx6Xq%fzRa@bzjo-4x);5)cO<#1YN*CLN>`IBk
z-ya_L{bsbdmh>^-5c0k&_q^#hBw8@BlX8RBO2ZfiBm^WODg^bS8CRp$NEu1{XIZk}
zqj%Mdp81Q})jm7z(5F|`^n4<i)%hT;xOL|~d2xKQwmZLPXug!aW6yd13rlk$C%a&2
zJ^RsfxnA|6l>Gk^Q=ypb7}~yLx!Muh5clv-LeDL*l;vk_!gqS+a_g$nZH!MEYc_uy
zoQlP@8w!`h($Q>u44?#$f@0*=R(*mk7U<4v3bv_q{|=TB2$9dB9oE&b3l4I4?Z|dw
zwX|&{N7wn_amViIc1!7WEY7raq-Zibe=Iib6NV+aw(a*#+u|4n_T3y>D!Ragin@wX
zzNF~|Ln50>>P|xHQq;FB{@<FlHN~s4#NSu1Jzf&r^QN@rs_OLiDhw^?nVp*9YrVgD
zT@Xh5DO6>KVdxH{_RW)%6H=NJicpV!T5R`JMXHk%JcOWT#fo5Qlt#7kwpP2+H0geC
z5<xwWsXqrZVJEAfYTa*NHIG;H5Av{4=D@v4P8j7MZPgIAx3(Hs+1ZtU7Z=lEJH0%4
zGBGm7H#G@aj&+5}UR++T$cc$D2HC<wvgP9&N&_Yq7MI;u-7Y!9!NI|v-OJiV_j_zb
zZ^AZ*2s=-4URzE<@0*es;epXnH{V#3l)|4sQJ(7~{FsD!d6Uog2XA`tlts=VL2|fP
z_Z`*!Ssy6m=d%syMCbB{Mm|?^8LOpSO`&uc_GZN+@AO2Kw`sF!XgNE~MGG|2iOl+n
z=N4qBfI6i1iW#z<rjq0LA1}81x?>f_!g&O}%Z@3g<>DxkDMY;>V_BjF?x(9<#yu!$
z!tP}VUrvkEH8kWQkno?>uVd`+2dPytB{hu};!?<b-^8$kY>}`iSnwE>uBIM$M$*k-
zv0Ijc?Oj@0T9x%2o28u{CQ6`om1#tYVY`9O;LY)pS#LCn8-jIe-Yq?UT_`%qhMWr(
zCf~`t*YyD%9{qcVfY!FQ)#usAR76!+x;NXOEGV-fdz~s$w#TAeK5xcyaXIh7i=#z^
zrrJKe`fU&0upQt8G*##)v;_&F%daoI^wY$hm0Ux*3LBg<aq(H(fnxOSZ?8kqSK^sE
z)18-@KRkj9o9l`7e^2vgy00lP&cxKy)F#y=AnmsaeLyN5a<L|h|2ePf>Eag@V!f67
zJ6HQ)wC#FudIum&2+M6WzK=J_`T4ZSn1J){FsxKgliu|L*Y{Pqxo{P-_yMhf{2c|9
z0b4o%%vDJAsAqFl*h`LNFxYl$_rn_jX!*9hC_tHsi76%J@TX!rn0j0;Tg-PjSZT=;
z%joMxsaQ>nMX=$LCCzc=CjDNBvyWFs&C!Ru58nxcL#pJZ1-Hl@B#<CJHw)(E7Bv@n
zd3k$iei9hoYKAn3HLkF_ipyyW!o<odW9WCh>EBE!nuqq7Eqd&&yY&1(HkVf}=)4mi
z>&*Gr3&56T|A2O{N>6r8tvp(f*i(~uxiv6LSY<H*LiigCNi#Jy?Po4;>GE*cWMgAf
zdbmAhhvjD1XY{<LFC(PD{I}wMdP1%TAwN16c*MjEzKmu>1OqZvv0yRtDA0F2HwMk+
zfS;{2&KYADGBwF9L)j&p&(E2zCCGY;kmWHc`G*ELp}(yuUp~;ly+oVGrPG_ez}7zf
zx@NsfIeT2}7`(+@^r(l+@d|#=zMo0Sgf<k{-*VB-RpSu+L_?=8Mz|zB=I%Wf@SJ`g
zZ02(Q=|1#?T^3OcXGyV*LL4GSI`v~E0r6x>B#MwtkFmV<=DVKX{q~7=t<$yw3{p{y
zfY)^>V&UsDG2y0Iq}$`w6mAQhT&&p~#7jFkosH+z;bXejEyGcNG8^+${?KopeG2HP
zPIy3&affh62jbaRO&nz|tmm^c2O*Tz4+u2@l#_5@&hFq)1x`eonLm}pkB_VD&y{DF
z7_^c~z%e?kPMh?_0=sykw5z`iG&pW%APZAd2UZZm%EkUUPmSuTsw1H^9?Jv-tiYsJ
z?^{*-fb?{vi-*H<gjqd&)1&!HFzMTP3IT^4SiJ?X(tEVn-JAH4sq|$m%eG_DGa)!Q
zSbym}{Krr*GS>I3m0FL(1(rd0YMolEWNY^0)f!8@^>;b6a1yeQ^HZ{>$BVTA{&R!?
za^E+)6G}%|0zGzndDe4fWwuvoW<x0?ACoMn3L9M@Iy&Fqr*ZwcuD!T$(ylOqdvJPK
zs4_$IMFChok0gI3hxz-iOAMfJ0?kX*X)Bx=4ST?Tu#4}9Y>d;K#1-}tWR0A|C}5$Z
zmUY~if64W5wy|zf>A;FM*Lio;?(Mhnu||s4iO~Lj2r&O>t$i(~76BPkz?+JmkFb)U
z%O$^}f`dPnns1K?SHAsA39QsZ2_kQ>JKy+|;e6b2B8xcwrY{VWJo4Bk!vU+)?~2*x
z)Sc3Z)Km`tUzn8QZ)7=k9T3ue=Y23q+u~AwR6Y`a7YcvxX<Xs6r_Qh<RLx&5)^5A$
zPec0fTI^OD=(V6i!VqUVx=H-H<T*4}PLUmROe1$#McY`ZCEtaktx3ROKB}Qu0spAn
zceCZiEbZ@3P3|2FrF32Yw&rS|dC1cKX+v#Vov9sy>NwX>!?30>bnOozVScn$-M%b(
z{8;2BkK5rfCVHE(?9h#IazD(SXnwxpzQ$U=>=eaV*S0skIE#o5^xGe&&0RWBuMb_%
zZ3N<KYB8`DNCKs(W`PZHC7IisRxh67jU3PiMoYoJVv~d<YJ?66Dypg=dpwHC_o5vh
zU{ZiPfG0h#qnk`N!V$n{XN8FM^tn5<F-(*~qJv%nB_1sv>Fs(eA__bY9Epogz?*%5
zGv9MWO%lfXH*tS41FOMco*JOM1m(cMfJXqFHGuqJPvmg%e4OkWv7@05Cl=xCZ_HOC
zxDJ6>yYo@_DojeTql={`S7uup9qH9QfM_0NI6@QRxKu(vo(fF3fJ`a}Y>@+t>i}96
z&4btx+Y=$R$p%7QsrYe>4sx;yzt|t*{Rqe42F$8Am3eXT{117)d$@T4L}`%GrAIQe
z3C(fg5YyX}l^_RE)1)W2qj^b+D@t=_iM@;MA$es(w{0m7YU3@ebCen*^TD7ixV#Cp
zhf0o<;_|iwmn!=;F}WZZ0Y>A?`KW>O;hZlUQS5n|E=uA&xTgmuSjqGAS`Ss$L!+6(
zg1fz_&v1D|q5;le#Xa$8!_kS`fpk93FXM2&KwXZMJ!BLE<|DbREA~lUu`3`9XZb&%
zAyn6sw+Y`ueTXFQhyz}?6i?>K)2g?d&%3t<Y{+l#akvx$9|#oa+lZG8WeM$}yr}Ea
zJQrta4KJ8RhKYO{gr8cd4~sX<Dr5m-MH9iP&Z$x5jRvtZyZxeR)q48Ds36+Bcb~o_
zktbx+N9SV_#fLy;(tm~_oYtET$G;ode7JJBS6!A!)2h<-A}E0xeErDQE?4VU%xq%z
z>ok8ko}$pQsoy@Kuiqjj6rEA;^gvM7-(T<Wawy+u!2V)jESW_D`()rd4f8wY0aU{p
zJ*bd&n?qB1$xPEsmVJ`UVv7AA?Vj9cDB>CNC{NS_*(aZaUq#E#jl6%gdwpBqWWkfU
z+9bs5PcZU-?Q629wuxj<l^ECwLFLc1nBK9GJfgAYe;)%yd5tSRr>=W#al6jfqwrFg
z?X44(uRs>Sve+p`*h1F=_?(G7eE0>JmcWG|&+`NZ!e8wp1{g_vhqIKxUdP1kOhOO9
zHwCB~U&H-`mk3t@w4BS<QOoCy?m!DMZT!?+0KMq6JHrSmfHIHL^JsWCl&Lg^<UpyO
z07(SM(Q2#kM^u-NByuGB_6aOLN%xwymPR-R;5?Ey!YYGu7P`@&GD7MuJWL5>6shHg
z*gD~HWSksdS$x+VW5WQU5bQC*01D9w3L7gNf)FN|j3TzZ<p;7X_dzM5E8&iON)(1k
zY4UN(Rolxi67YNNV9=g&JThK~LykQBN1TJ`)(IwlgT?o{*!?F%?Cryxi&3o;1V&9G
zAYh?kKhdgpuV=m8N;syZAGw8`Kgw397b(tqJ#Z7DTzvEEizGPGht;b`5CuW)m&Fg@
zy%AaXTPX68eb;>DV*mpzm!3o5EnhQ4KB10k4Em-y1GZ%;&VDyvex~#8ac@)V#kWsf
zqYLeCsiLW>+4#1cBBuXIBO|Gz$~Tr4{oOKSr%ZZ*p<mL_Y1+{rC%HwJ0rA~LUevDF
zpW6}?Zl4&2^hvnQCe!q*J_7$R7<(H^;4%)?4nc`Ck#rJSy3zOt;&2V|Ol>uymw#-*
zZAfTy4`KEXPa^z|<GQ!L@MvVCdH;RYCS~93(ad84iD|+DF(kAfh4wEpkS1yRJ=DZ?
z;X-}Xct5FGA=aX?U7ms=vDScYgqI7vblEudyhJV!KoEJk+jQz9cMp(e`^FbDb$YX8
zU%y+CefAcP=Bz}nBV1sw!-d?dX<~E>wb5si>6UIQXt3IjT$0LkG#7Ng8sB|!w(P;V
z-vZL`6WaL6Vs*X}QpA(cF<m77%8-CfunvJ=2Vk4PYZY+=T3Fx#XZ#6(Z-2VYjg1n1
zp?IXjh0_E0X@DN?Gi)wk0AH4c1SeSsNkwOnQb&%Vd1xcNF+>?30Wg_D3)c~}PGBYt
zXu>Az5VHh$*F@d?75sWPP7y%$kpQia)53yzJ>uTC5Fr-sJ0l)7D;OasLJ7`1kRAy3
z#0HSx^yv=g^tk~<uIxjQ?78^iY~VbDX#vqV{kZFyO;bt%)U*f}0b$>NvF?SV;2P(w
zLg2Tx{DT1!QoksDqr(CG#j_Cjo?Zy;{a?Di*!je!@A32<v~ajaLOp&q*s{7E(G(Tp
zO?D&QYlO6L4kvOFB<=A8g-w#URF!;~)R;sx!1o`z#5|x4+2eh-(K<aLenwOM?;8l0
zjFchpZk*J=EpFld1w5045dZx5D(iaG?(g<`o9$==*N%#kkCGi$s4z;@`b9OVyLo?~
zMau#WG~qj4sAkERzlnV)Ja`@3Wl7$=ZshtD_|j+W)&F<#y{BZHBtU6)d$8-`$9K1a
zE5`7o!5yzg{i%<$e<1MIh;Hf(QtxV>I1|dZb!m;tWN8Rf+o>r(KX?Bs^U|++|89Y9
z&Js-BR;kjK#sQ|mWmgQ}Au4)()svSsQ2V-r2g)^f8(RIY?n!T7Fl+vG>)_nr-g>L5
zMn&F+G0C0*z2M1>e+9+3gZpsR`_y&9qz4h1aIAtM+b5y__Rr)dZP)$4<r<1qA3bow
zlh^5b%fi#auH~f+LyL#HAYbxRCJS`sml$UR`!u$XRe`QEho^g%ZdAPP#NI6AEu?(9
zQ~}dWUEa}EO+u2>2!O>7zzz-P$5BBJ2MB1<b_TGmzu|!UX!IM=D6Pf=3McJ?$%}hA
z1t$eCih=-M_G~<I(}FPo$c%8r7!E38*LgM_jO2iIQ|DxAHaNq6TiQS&wZ0T6Vh2Ii
zCkgBj0Kf*VQTr%Z%=R~002UUrmkA(`c`+c2oC+-m5g)D&r)5<SfvQ_k*|&i{o)(TO
z%=Uc+`6aGx6V468L+}X6-82r!<oeCHV=&;Ys`*8*Kn}t~7aDtuM9A0Iedz!fm!aA#
zEEnKi3zgFwIHM+<XWZwFG=>8Jbs((-dPC@1JUR_9KXBdw(;*Tw;=+jNLD(7*o|aG6
zrU^YiEk>+kn&Lsolo(5Ry^%K|U=^Xwfy7t(E^Y8D28kgy*#jInmUEP|L;NF2ub^*&
z+j!jmtq5dXxF^=H=dMz0R4@Y(OjId+Opj&r)pua6pY-NW3cVX8mAHKqlp)Jym=~BG
zxldO_fX`kmKusCpwk07}u=*@KY2Hsn@Fa~bMUcZCvwKU5!KlIhXiA5`{%+j=Q|EOn
zEJxcPv?80{vgxq%7kx<Hd+?zHE^Xs+if&uj7UG7{U2HeJ;1+FzKlS#beLwO1@M?4e
zYIz876i>j;qYb(EIkZCR`t#ZS$8x5iqF=m#f>TXK_Cb~#o~V|VThi6ZgY8U&f}Wc+
zZW8|15I-)Ga016~k0?s{yAP8VsW%?_u`LO=?4BPZx;7O|{Ys&s#Z!d>31_7@^0?9H
zXGc4N=!KWgNaC=|?#@-q&w%u!H^h)I24Dg22PbQflJuKu=06N3^}BU1>vO;GSq#eT
zL{3-5dW62-TBmglER)`L)~$uTO*L7VnGA)e>OfNp>kvjkLlhy#E=mNPgtOhbf(WY}
zMAwPe&Fp`}Edx5JP(6VAS}b~&X;|x|4sgE!;NnsnN1Bd6AGl19070y?FW*tfd2%i<
z;S>YhC2&7;AJ`y7F(Q${Yjq99%6+T*$bSG?IS+?V!0tza;*VBZOcCyb^4}1{<q3=$
z>yVl5#ko}@gORzsq@FA3az+uorNS-H5Qx{K>M5FyOl*+HWxgc@jgAu>*M=v=ei)*}
zmiMwT@7rV8>Z_g4=3?Jtc#H58o@GQ@`98o7Lh!Id+W)R6pe=MAgTcR=U>73i65526
zK+7RU#T{Ue*MoxQ8*XW}7jjdRko96}i^(Y1BOBn#7ZvbP`6#4}3THmp0^57i!QaS6
zI%JQZF9thzZ7O?$z3<+30yjOSkMjtVGXR^~qp+d?nBR4R5K<|e<*^YVhYRtKgZJ$a
zzdT1K1P=(UAnf@UWj$)67IrJ%IA(fXdn>4$mDp%-_~}0I(4h`(4<@Pb#}ut+jD1+S
z|JdaqSV|kn*d6wxdC=~9wp_#bthfi8#QRH8#_zG@Fs|LfU~T7Zc{*U-{5(X;#W$;m
zXRDE)Mdl%|K#PVzkvW$6?;dsg_(Kxk+#oytQT6&AeT*N6uZ7P!W}3s7u&w>mAvOAe
znSHf_1E1FSEDKDc7oVD$<nfY3o>ZqaEFLK7ViI(deDZlyAn^$yWK&)F)~oOCf6i{Q
zGi?@Vm7f;&wL5r8H0vdHT#|7)Y{u~8QtxPQWg)QWwH^E}b~w@>yd`+?Z(Rv@h4;C$
z$-oWCnXx4Oz=)Ta_nZFu=F#*bON69>O)X15fhCR|k|YKt;c~SP6i(HcWjvKhh&<Sy
zN&a>5G-)c&R+gGFnU9vSlndyef096kHTaN!ZcF+zkt3En3}N<i-k^9o>I)M})C5|#
zo5WL#oa_NBLi$>3IVg5@BU{;OM1gLWe+Z`&k5{g81L|=kMz2Uv7%8keIKU%#?Q;or
zvfv5rp-pT!lz{7x?U&eOZ!zX)3=$Wm*sfRC-6{7PHX;~SnN?n)TptNF-X<Q;4A{Ni
zCdqq=^s|cjDYYKmJO@!S0#TS(*q5vl%o<Pg_0ohE$o=J8&zE>?E%pu4wB1y)1`Up8
z1w;~BCHR<rdFcEAf(b*3Y-e8+lfpAn<f?X>xoje*7)-neEMg?U`;E04j$HLm9Q#*#
z%9_3IHAmXpVOzTA()yY5mm#=`jIAk$+J_Qp{H7s_EeRRt3b=e$3u+3t1Lhk@77w{x
za+kCU5`OGkY>60Ne#Nsz?vnXFdPA?#xXIXbj6=*nlA{rw^_yvcB5RH)e<iv)Jr~SU
zaX#;)0o%GgA3MF@SY@4-DDf*eP%1UMf691_UmRH0k)t@tCTI62_FeXUI>Kskv|w2R
z-lm(h&m6~+6cyO3hk|8O4LEpz?mwk>t-Zc*;J1Z!%%!q>MB%RKuCqd5^%c;gJwnN2
z0|K7|l#sc@v}d&ka7c~IZUA!#<7!&-2-*2_<`dn;KLCB}kX9oIabyDZU_Qh^A%Es=
z`?Ga$`XZ)oE@rV-@@7zFX{q?b{YchTN@%MsYuTY`-xGgqw$IlXADxsDPVrN*-DBR;
zr!W3$y)L(?bL@XGa$erjd>FcNYn|!4*ditqvN)wwqd^_3(aO77?VC16J6P8J+I6!%
z^h6_barXrFw2=&oUPz%K+Z-}8k5qOmQXhPYeperBv{1=CX(<!AEJ&kNgqj&|7~|E=
z%GD+(-@8{T=%jO5Y$?KCce4(*i`i1=5gIpKyRyGsRP%oGZX&WfZN>@0k0+KxXsFJR
zW`;qIieJq*g@E#s<zBeSal0%wK3lf|grXKo;(T1Mt)h_kwwDSCaP)&Z3!sUdw!`Xn
z+P|VcwgP*tg&6%vXRoZ~60EEAhS7)0+P0e6bqqj0-f!kV<#6MNt7NquH=;vMnd5(;
z&MR-v42CvvrMXt9$TDm1wbD!9HgY|xK)qR+4w03%ru#28&GXH{P0L)YpZtoaQv8ab
z$a%Q$DI>$#l6y9U22?8Aue2)PFJ!Xk3SXKHX8Dj*a_WZK_ouW$_fMk6=-&%QMl&UE
zes>r4nD&Al*1xFt@5Jf=fLFKoxbH<0I(V{u41c`s|Cw?h7Da1nT?cEd()r?dgq;jH
zA7XVSiBwS5h^aM|DkTynAzs~SHlb^!GokT5RPfiT*3oG+)L;!eP9<&4b@pvNFil)c
zR^iL>&Gse@)Pb{)6pKxr?bVH`T|R3h3iDej*1cbb9>#kAFF9Z~>s%5^I5VULg8P^c
z)9LQtw|ZkRsRdY#X4$)nN~m3?pB&4IwNf}_tLw1~C;H+#{>Fzl+UG4t(k|_js@v-4
zj!M}26vHDTBtF6FcT&Tp(Nv<4T&BP`k9^3BhDoG&^jhIgr0s|(0SMiki#ilKaYIzX
znR9i*t2<vG5AKE_g_gxfdOHZ6KCTwiEv|4sb4y&0?UXaY0c;SVRJh=-gQ0d_4{ht-
z{&IJ+ElS4rpS;dlL?guC?aXtMD$fA`a1aC=HYgAOw;BMz27)AM0cY9&-WFiM1;Yb6
z9uCsd!;e=|`ES;Izpo8{ouBcgi<?lzmw`T(@Im!#bjs&s-~kc@(?qL(Dzm(^>rk_G
zGN#gv-`hpLIM`eevtEb#I5}|<MUIY)*xvD^k1QW#3@w7CU=u<7OKwNsb;~19XJ<z{
z+el9S&4Z3a5k5tY6thsN(oa!&jC?-5y}evopCo8uAsGZ4+WeC>00R35CK}+M!~iJl
z6^;l1{J$+xvHkz^t^Wt(+=u^<dv$DWnO<F8^>lSfvB>!Q`{T>tXlSOGp`)XN?d?z5
z%^e&#4z9gQ*mX)jWtqU{@x@NjeZ9RGBKAC_os0U4o12^WzN3e`YYdcOpYm4h$|vs=
zU|MHQQ;K@wd*2*I^u<y3i4W!oIBtMlTwS*xe^xa%HVXK^_`DTzVZ@{mxm$TF;6N2i
zAxe6>(2PvKkif39p1t84-!58b3+u=K&tHvQvv>Q`AMnc00f8ci<|c*{??#Z-xT{ju
zaAul@wXNxK!)EN~68qNcPs13f^NXb3>w(C|g?opGQJL<m3qHMXi1e_lgM(mGSb@`)
zOXC?0%@`l{1;fMAdV_5-UFQ+r&5I%SxU}^tW$~EOy2al_hXpzRC>)Uy^mo~LET;YS
z`LuFUfmx=?vkw$lF>ewlO6UdcKxphGweATevm>6<ch~pO_dc$@G$b<c_<U45XHYrJ
zHPmxZTuy-{dZmItEH;^iWqnk)WEYjTF(F48LzkijY6)*M^t-1+^}@<V8xwyO3F|(+
z8IR##C6=S`G<`ZWe2s+7tT-=3-9~ulLhiGGVt4DoTAtg<-jxRb$(Iuz0>T{?e|^&O
zIsap_UyvFLYlf;eNywQ7+}fYE-oE(D(jGORwoRZ~PV^S0+eJ3?_EGx3t&R%PH1wSz
zjS@a-FzL1Sxm|IOW38J9DTzN{X*vEO*!;INsPPX?oCxmgU7z^Tk8c?Hrx>7BuLz3V
z|1nGmt~|EP`pBlG=*~A2>|GG9Rm&2rH{<ixu?MHp0Vda+fj4W4u3e+Rc9L3Nd%NM_
z$D^jhvI4%(vFB&qSa`rTKqN#<OXVMdrEq}EB^6Rnun!zzqnW<fm)rJ+?G#-vdfcri
zEOd0pxy10Y?h<{Mn4sW7o#<R0%}d!~EoA(a+-+Xcz;(#)T~ji0IkB^gOU)0x6TNRt
zDYHsQ$CkQ1VfxjNi{f(4J5pqe_6Tmnw!Z|XFPG||W2a|l9O)jF+Zo{@iOOPWkZ-4*
zVw=(2#<0W>GrtE-6XMdo@MC2wr>nD}$>>Gx)bpyP_}IyzTP&${_mH0FDkVK`iFIDt
zXKs^&K**WrABsi$$D>g4<tfyiDbbOe3-sG`cQ;l>MlHsV|LNDV**2U3_;IJKAp89r
zNd%(lO_ujb1Ok=_2R@6!)WVl^+l^^8<rw}oA8scq_&y46n`NKNk&npFup`=(YIb!{
zjdY{%IqS@dLY%j6f0jDo{+Nuw6d%_*#MX@X=y43gmE(jA(O0~rgMj%Ahb~~C4VBE|
zyvJtDW`^^qWb6)JZ&9|N5X`#STJ9^Z!J;!C-#T=_o!BcjLAl+aTxNbTlANdd?kh7~
za<7rhW$_7ouV7~1MbpF&@aObw1sD0xRv)IzILCGd*8Coi5ukXDi!cGDD-YttUj(c{
zoo_2?J{M7*y*!@w<wddm4rnyNefmRW7_x}JS*Mx5!_**pTr;%+!=kk({I_5@z9k#(
zF4Gs^kSHnLZ|AE6XD7|4y)d^RC$p`=(bZ+1rO}<slHEDgH1IV0hR0V=S-0Z0B(R^K
zC}Phh11~iq|2exd*|ku4whWTxsb>W3DBFShiaqT8P;j&tztc0}Kh~}eF?$G#6#BU>
z1nYox%UfjSVobdAe$Sf7YoUy1gGP=DqeuuN2u>S;;uEbBCVxUL73goeeH#!_PS`xl
z^9$pR#<&N}i;%cZPW#nP$iZJSETlQq|H3+Gaj#Fi;(vuG+TKwK_aDM;`s2>f05Fe|
z)SxKTk~6H0#`WQBD^a<(dQ6P$VhzZCd-wW|amRG5H$tqR6h6|YqMXPn*c7w`5$x(I
zQ%aohm)Sy8#dLGRsFJD3_r>oCee2j|`l}!XmG%LK&xm(Njk{U7$`7#|)UjE`Sc@0+
zbg6n=@f~klDp4x$slK2{+={}Kj6osfvdSEZgfzUqJZ{2b7JKJi^S#*BxO8U6)C5i&
z%+C$?kS8Hp#LZHBFyNry%K?}#j}{OHWbjvtuwd;e#40;`&#~|O3#)L>rtHn5zO&)3
zjLGo=SCe6S{ofD{KTVX2c~a#0jY}f$w?9TqYZC!yb6jmob@*q0UK?Wwd>$4OJ}jv|
z>MoNB+DpY7oF8lI7q1UTLdM57y@@if4(7GPY8cy9POhlwJC@`Vhq-+B?nY_-D(OQR
z`J;E`A40UlSQ?{Tuq2FdfHJfIE{5Z9<dIYzeh?g!3>zseqkndv@JRIoat}2T+(QtH
z=FN3QH>UKLtz_Ym{0maV2qJ=rgIb8kZl=4(U!2tpi}M2-E)B503!qV!=Ur5mXE+dW
zd%4`)mKIH1?9JYKHTnB~{dlHG;gqrJ_SFAX7&}?dr*eXOOeB~C&mcKVi9&xXI-aWK
zV)wG@vI39q-ut1p6NyZqv$v^#7xnYDrH0Bf?Cc?tP1xq1oG<?pLk|LI4i&<m@E%3*
zu|0A;su$a(k>5XA;}dXW(BB-}*GTiy4%4g3eYkX&I!^<XPUX}!4x3|T7MY~^TbE3R
zBC<n&WLGoc#(RKLEa+@X3iKQzjqmlGbX18zk}g5|NBZ#PCkr7tq$z`sK<)`DYX)S;
zZReo@?W5$S><&<W1Z9^=uFU_kAW9muk%1{x#)G372Pk6Swx>%`bl_*8nl-<pPW0C+
zBndKMr&JQ}e|qloU>urJ@|d@4dsOG(`TBet_etUfs$@z5wV+>wl<~Da-z=q=U)$HO
zxb;V#?}9pkY8qR}9;;BD{F-e&uWjF1_RA!^)C?Y)EEFZojR^Pa*4x!6A?(C5&X*SD
zhh;Y3DE_PuUNFU+4{u>Zq|v3iSs)osmJXJn6q{9#->e4tMH9An5f0Gkm9!z2ac^Pu
zv$=JTj%EFB`YfBHg|Cax7)u1A^%{i*)AIcLMJP&=ODQH8K1kUkEpBj4#Yj1u?!IkQ
zvSz+HL@R5tXiQ8R_(ba9W7;mK_Ak#=U`N8zrNoQ)DTngAuGt94I&^biu3@Qw;cR%v
z@Bq@$iA>2dwnF5nWGaL0@wGtw?CIQPXRe=r_xx0W_H0=J?yuR1;hdp=D<j}Muw%cR
zli&Nk0GA5Yb^sqY+~o@tmkE3nF+NSv9@*2-PDXXwQiS5nTp=9S&^UCgL>vLCfe$j*
zLrZ8^qG}{sI4OWg(8sjeu~x(|hVrVt$?^$G-fbi6*Jn^FNsk@49=?rz9yG`!C7;u2
zzznRbJAM`4bNSKxOYO#Gsd7nJ<l?||F#-`3i8AAsiEPM9*t`%NBGGK#%(oVn=bANf
z;N175wL7c-4+fo5thkX7K;vO}5)X0K86OCaB)O^M$Ls`<CGrs;#E-za`!T6^^5_p<
znWh8E0lf&aww2u&kth~(*Gvo~p57<}BKvaj)-+L*WTGGV4T3gld~{5u8iaz2zY>mE
z$B>aPOhwWgGh9!T+uyp@CJ`b;J+r7;0n1f5@r3d8g|FehbT}F;EE*wUD<Xq`Z}`vL
zZx2k$!9n4no{4LA`qS8AhX$CQ1>^+~`Kc<*W;i&-aqS<OCOh6?nKPx~DAX@48#j_<
z8^xc3%(J8cP`Q$bUO@ujjua(IFJC-gL0ynsdopDGeT5tJHsxCW<dVi-bxkOsrmH0z
z98|lgN{iQt!KwNm1S+EbL4cyg__OCgnLQmYK4PQ@m4TmzhDGbeR|xgz{zjkEr&Kj4
zongy};B(7!IMSI22)Jl@g91XFRJ{5{23;3>h8zw@?XC_PZ<E;33C)jvBd1)l8@7p%
z06l1cI-PZJ4co^$F!Shou!BZ6KY&dot~}U0RfQ{&$M`vE=}ZD;q_WBab4a=2e_}9n
zK$4+d;10+o6>0RZFp%Vnz{FhHjzsQnb49el#}S%17aebX%EsTAQt9M5sos4Vmleeb
z)HN|NzQ<&TMRb9wU436d@_4)5tn`kq7YKoo-7&3+jf9p|FC`epOhiDXuNU_c;9rIn
zWxAbSM4Y&+F1DE~t@HZgmt(DVU@2j0b(OQJmR}x^j{_dhOKS#(Si?40elz?8(k4@!
z>34kB=R;Q+jXkEMxWcWs-KH)V$*(Kx>OK!craUGhycg$V7`n<m4DIj#fTuXb9$nvs
zGUOq>k)g$hWkZ^xaHeukW@rElDC8o;Q*ee?y$y`mg8faAt&!HBqP%fWhPzWD(qkii
zN*#Nw_mUtDv<`WJfBr^lTtg*s7L#_H!rwOY?Kxc^tk^^V1UOYf-{s4yOZ~<R>XY?E
zMXsdtEykm=K#6a=R-lE<K=aIEB7C-Z=|$EqYM=)cuo^2G@KJ!}U6+9dJ1qqXLx2pQ
z6X^H&()X$IvZ;)C7r9lp*tFBk<)yN_)D@Y8eDU)DJZ0B>LtjMrI21fb5H9!!UZ4-(
za3O?>uvD}N!4=@0Ol6_OPm6nG0+K(-@WKNPOjMR4;x^*}XFY3IxR;tkzfsYeOVi@x
zXS_Z^O1#Yc-+H{N966t=*tkteyuF-v7$!61$ZLOGkv<>ZEloSoUHi~WLm9))p>25E
z^rCh7{pHTj;v}RiLK&maF%GLQ7i%QyQJgsH6R~3E^2<%9)<uFL@H^nH%ARYswNBiv
z$%OHy-JX%J-IBwt!GxpjARBdluQ$+xdjaXc(kAzh;Q2+0FYxk8IvIjJD>q6i#{<&M
zY;n5NhZ~cs0Zh1hDRXy1QNPkE>cSaVg+Q9Xr~ZzO1;_>;^OGWC`;MB*WTcR6zj1&4
zjp~mx{3XHI0Do5@QEGfiqO#s~z2*l=M95Ktmb3A&tI4{c`D<EKNQqxJ+CaVCp+U?~
zbjd{<@49LvAV*)d8v-rCUyZ#LIIlMMi)UN${$wIv9DS9HRm{oNa7MX6Tu&te?(Axq
zLs~6K=LH-~JmLNUD`)YUw(gZbfS!rWstbMnh}8%L2vB4me?C4hc|%oH95(Q}EB$d%
z+GF#dg+<8A{kU;n8*|tV?yNu^nkQrXry`psB>vlPUa4`ev(<RujjDB#HYVcw5R4pb
zgnH9Y$dpqJ9wt#Fai4!o!Ep$2#$5H~wAXg1Wq;_oNWK2^sUE$T{51AWhkDZovWF|*
z18YN4<?0IJO!QN4cBCrva33Gt^V=_2ud@8;`QAmFowRnbKBii_AH(JnFy@-=sAk*!
zsMvfQX#rru*_I~pRRtX2&5KBF^PiF6U#*^SLx!uA<@w&Z|J~viGl=3$&n_OjWU8E?
z9m2zp{hNGvkn_JxTc5Z7f^RMo{h!EzZYM45wsU7UoqCaoTPNACPYek-`bNDVYVpWK
zxh(TGZ3wm8jyz)FijWFN)KAM|B2ZulH-nO&6^)YDr$nP8)kbW8%MYrVi>=YRI+32k
zQ!4Rt{-^M>fj2@Uj;H6VmaOk0_&ySP7pXynK`CIvFN(BU&b=pBId0=vkI4>!A_-I&
zm5t?-aaU_iM!~;%#Gr(=R4YGjLAg2WTMS{FcYV8W0C{Z}8tpjRJr4((awcQm9<9h5
z9mt`oUXv~~ADCA7-wH2_;R`d^-_@4KA=!8yN{HMHcyyo{D)qqKjy>vIjrTGA`I3qM
zMvDgsy;Q|V5c}XSeAVe$xuh>$X?Rf~{@!%jXbk^X!`WA8!)0sb)p9O)7GdK@c9HQI
ztq7a1Cy$%LGc^d?D}J`xr0HgPSGLQ0X;p}L%%2nIY&9;?@vi$)715LfQ^EIcuV|qE
z^Y9_Vq`xLE9kRFp{;i+Nnz-@ybdl^vQc>9E-?(1m6&FfLIB?ekQ^FYy8J~<3pK=%K
zCnX$mP$|a$+#cdp`dFHfBjl)RCzi9W5JNP?F5%%9F3r{i=ExUH-jhg_0SOqU&rpRC
zd|^eg7r=L<b;6kmH~Me9G$!=osyT0}CN4jw--MsvHi9StsTCU-i@|F@nYRO>^(YLF
zY&^P>EB1K8QNL9uOjFeVD|&)0ayuEbJogc?$nW%u!VeIOygDxw!Wh!!v#$tqpd)vt
z7~8nTH+f%C5)I}%aemGQdcDKM+$>)d4oSOaH`W1nQAWduxCsz8p3Tkgmw~hJ0u7E2
z0vir$C%$Dw5|ivUQYz=)@UuUr@W0+r93_Wze~!?L;)0}lqEIVS;pUUIK3#)t5+=<J
z@S**ASgHAtuC`lDB>SeC!WjFv(Zy=bmkDyO3*gm=@LT_klCwSK-UH3s%Z_ILXMWY=
zruf1{k#pbug-uQY!gGg%F{jjP<iHC_(95f$$#hZf)hhXE^q=3FSAF~lYK~h!E;k<d
z<q$+J(SqoMQHB&Wul|USKF`dP8t34GXBU6Hf>Zj3dYRzQU8<;kZWIsvagFK=cFA^=
z<pWrq<qen5dM!E>{^g@_!AJ=9L24aUSZY0C<)m!ZcUmF?FYK=AE`+fq9Yq7Oc8jPS
zFC~2|pj5B)0Y85Hksu*3K%x?vOI48(N&v;lFV=-pCCmHyXClv^NA_o5Vc!fN$`7Yr
zl{5*`Va8h{+7^PSi&=37elouhKqvji!0?<~`J^Aq>-teY#~8lTpIVK7=|WrKN?mK=
ziBh{=ah=l-FX7c|rns6IkSaU<vs&qYttl#%c}B?l@yI4KkoOnWoY?O`zp6k=xT97`
zf5^K^`pM6tngAdJZAO9_yLx2EZ<8RPxwYOq+~)20D#l1z)9Mcx%gm}g#s3^K315Dm
z%X5YD!>T{UMPj1GJZHq4E&xv3_VL8}U-8#Q=+<_2s>s@pK%Vjhlw)K9u;1Yl(q__h
zuhsrDgBW=^VUvAKA%1#pKx+F-%pJc!?`i5}c9~oTw_ai%f$*9j@v}S?I)fv1m*en{
z?n{}jLZ(GHj+B;L-6BWPggjizLgT*}iAI)6wi~tnOrnp4{C!eM>or^Vn(s5D6_R%K
zUIs0WJc=NHAlO2W%l!HM&Bit+m7}%K;AFALclko0xqyu?3yP1%mr2GoidKq)Gb00S
zla>E&?77bP(0G3m#Y#&;pdj^G0kivjWo{k-C70dbuwUx&q8w^vT6H6+q$8<<|9;N%
ze7l8a4^{AQ95!&0*rNxEZHl<?McIVUjn;4kF@fqiR~NdzMJ9ODj{{;8MUZzA_2yIk
z`aAaXGwcSxWkHjj#flNm5pQkJ4eDPUeVj?`GRq&-nGo-*tE#=0;$eLE1&=`y2bY@w
z7*6$($*WUrMdDq0c+^zh1*N(g_h$@+bYnx><>l`tu4p&0t{JbYmDh|hGA;oeNlK>6
zJ5e66pC7ipm{+;y?=b;1E0}|NR!_K*a0rX+({^`2w$C3CZP2Z(!)Z6buccU^-lo5n
z*?+zx0yZM`1wg~%!b_VE_T<F%o64p8Wqyt%(Hbsc{S}mlO1GfA5|hh6en&=SK#pU)
z4VVuMyERR44y3O}$Kd6*ZLUmsybPVsGj7kcUj{b?@6Vs#bP7B+;_UN_Y()4d%fyx@
zK(vHB`|96=??Cr=1Pz>?CvjA`xcSc|-p3uMBA2ROC_!J)<K!aWqxb5}q4#t$9q;E{
zEec%QRz~@0sO1m~K~KL>V^``Q3`sL>he77=+~GmSGt;lTYC`xe*}d*|3XdPveVh+;
zxkn@xHQ#>>nHbo=tMY#b{2e$i9D(GDNJ4i0D*qEb^m~N#B=MEnl^GQ6G3Yrw<a&}D
z%see`>QeZx{}~Cfh+ncp<?&5Z6qe$s{g~Pt_*OwfVmW{FE=W!Y+nY)1zEx22a#NwL
zLDy5x*Yowd+<#kN-w2vB?(*-~q?N2t?q70{)JoFoN*eyjy!eWD0`h&ltS#RliQz!p
zf)7ROR6JRK9v7XSj&>o+&Vdk6&Vk@?^AAvg-E_xWnk-v2i7P`&XDU4~D)kq!2+Yed
zin2L&YY-j~RiT#YVe<StEg>-OjXa6;I@sjGSHkBm+1|~>+l@wcUiB44z}c|2ES%vG
zAgHM~ig`i<AMcv=WN<<bud)^1AZxK=KEl)6JCr2{Mv<LBoLjP9tf!BjT1*%k6XSl<
zdA=+DDu|C)AH@4vzq*!FI5RxnlpC>`O=ED?=|l1LhJhPLs!c|)M}^qJnClIJ@SP7;
zQbZl<H%05*8G93KV3}pQpQefg>~gEP27Px4R*1Pjebe5%nH|l*{-kB&y#!F^r!^L5
zAB9l3hxnC0=95tm;zWj=dit{%MS=59{rs2L^2z8VIS2*qyuDdGCM26CWFwx|;>!?d
zJxhxd0r!^gzEj6oq-}lGJf-?7-`cHcSYWMYHI`f+{agObPvJNX1^bT{bpfSsX1FNy
zto+hHhCd-b;8Cq7q#sIOfUPr#zkE0QP3q)J=SKhJ*7IpxeS11egW&b^>)U5Fz4JlH
z)_4&e+X>p(r@Lq42Y+9En(On(X*tm6m8-QZ-9TE|e*xp~tMggKxe$njysK6T>+iOW
zw*qSU8mztDg%GJSP`^`p6z+1F1riJYfProO3%lhW?fps2*WC&tiwyc7DP8hhBL*v^
z#6{|On>Ohubga@|X!bl#AdQ~2r9fX1X{)402_GDft%5i61^SrHd^ICWdd<C8cqB3#
z@th_|r<MM7FEs@pY~7n;OKacI)%5<P1WT5Z&yQCAItsgLDkAsj&LrLzbN+&L7A?(w
zt7ONYSLs;S9<J1UZOcy6h?wn1n!THrYS7_vq=r+02_~CVz7zZ=F_`FTk5P~RxKqC3
zMGYTQyd(6CpUmOsMg-?5inHWoSf}%9WZ&G|#Lj5(^->Mz3`BJO1~k;nX0|)1PDxeJ
zI{==v%BR7>Yc5pJ9x|vq*;-ZZYuj(VE<26GNRTt^<T&yhGZIP7Ls-8Bfaxx3^2Z(v
zO^&xdic>}4SqfSqftmO|%qieBUFv^aKWf-j*YgbtmkTXcHFz!i^-Y^rlC@)BIj#rk
z7iNb?IF83-*jgT3tlJ7l>+YR8*kI+)@o98eVw4+XY>lS&((hBldk($F2d$D68=A-p
zdt83^c7BSbe8x9{6VZ4HF<?n9Namy;E->+zg%{Pdl&OUfeC<Eye=)-UKWTlVzse#o
z^>tLfYEyZ8?$Lfu`ttneh+LYI`P`Nz@5sIcqSU2xK4*;5Y&NMn@+q$s?$d3YG-@6K
zl?*mLO4$7vN6MG*FAZ{rhY}pm>)(I%Hi*<Wi*>mm&*48A-kfX%1Y)D)SiEA`<$v9x
zFig8_Qe16T?F@sX|2NnRhlIzi{|3|c{4x7C^z+}km*1?-z2W`;Hv#;=&+?*h{=W<n
zL2!`vwIla-v+P4A^HY)KJfVl1SIy_LqITue)_G$P5+T8#AY(}uxR{_fJV;Buj7->u
z74h(d=zKPwGmP&x5O82-G#y$nI9Xerb0Wl~;+y~zo{YJUY*+1OqzQ66&z}13JZ4I+
zcahx1sds8#x1W7#!8#4|USDWN$Xe0;Y_kOTVZplmhWYQPA?jQti$LmVAombbUxuYa
zzOwO#xnG}&NZ9TLslkxQH=;|^RhD40KZ8%iEa|RB`dSRsA=pw7S`_Lw8W0;pS1Bus
zK_iO4EpN-?TClk}=d%4ySDGju<`S*IBz^Sn>2yAvSQ+kho#qTzvrKLGRfN;8w}}6n
zMd;7DV3kdbJL});3m*~ZE<7EEeZI=xetX}_UD%Pvoq9Xyz0+EaK?U0qB_iabA`j{F
zXhMQ&&#rXEKB14CcwnV9T87}|c=|)Oy{&^VQDJv0A9C-_$XUwi*V8k<yJD>KV^R1b
zD;xoTq|PBC9Giwnm8lOQCww%^eppaB{cr&<%M2P)RL*nm_D#;LZf8%7ax;qIC{Hf?
zl+G$G`k^o6TB-KFlr{);U(>6x<itOdRhG(rT!TH;#KaWg$b<`~#SQG+4D9~vK`k%;
ztG)=ib*?P$wpw~`MLT+R`*J__@~GGO3#wi*Vds1m#p<nF_wBwU;%H{xUnS|RP*GX3
z61>A+p{lYH?!!^<_13ejwur;Y#BUBBRX@UQ`|C{8+d|sZRbk{LlzDdD+JdvGK#Nj7
zH-rrEYp3iqQjy=+EeQDB@%YEH;dp8NoAC1j`UXkjUoR6*kw-U>!-atFEzb2l$ES#g
zmKM2H=F_y>Q9h5tI^%R9ciXSKlY({Ex6|bc{|FxiA1zk}MGEv;uTvW_b?6Os8`H<Q
zz>fPV4h6nW==njoEL(7lK6CZ@!X@7mgB7+_W3UBB4j($wJfRI<9mdk0HA1zw`G>F8
zOGtMI${=H6Y$>056i+=BS``kI2*e0P>MVHQ+h<p~&o&0!8@dkWH!N)AsIL>s4euHA
z{3v_4J7Ho~9?yr`3>Be;UdcPy4hQqob9J>UpS8jOfD4oYNrGTcc29M-qO2RF3U83v
z%|*UBBWE;OXE%U7dpKBUMi%!L5e9(O18Edtuk$V(7-$fwp;S;RM1J5Vl5woITDH}<
zra2aqc(yJqVHn%_SsUlN=czZ{!<y@U_WVKmnW%Mm|Dd)j_upn`!EPQmN$96aNn*g0
z7|*l0S*ppYnA9jE$_n;*hNJYq%h0#N^&LwO1g}4W|6%l>noz1XoWISi=TxRk<J$@=
z_lh_Ix?$l<F&`t0)+*xWHKqSZv4}DmAls|`=n4AgOE7PWKs>(=v0F2xx;Q%llYOG`
z*dzrzb&8p+VH`%PSD<DcYT{sq{d1dtV!_s<{f&K8#*pP(eJAm=5eWMAnX-yK?0A#G
zQ*r(Nw;&tge?IyjUmO8v_}J)Q(l=b|3F&_yZHd)TZkQfZd~FC&xr=g|A2|3m-j*9n
zqEOS~(&C1IgVxL1v-EXKHjH-gJ=T`K_Ww|dwnTjV<~t%*9~~G*b~&*!5i3EJGZX*6
zg^8~3Fx4E@i*oEI_uF@)?aeGEd0gcpY$BW=cl`U-AFo&1q56NT`B(gf<SloJeVix^
zpQI@3+nW++UGjJA{Gdolf%L!P-asgaERihpQ=bxO3!Pg2^O`fd)=HdBqQhx->k}4E
zu8M`t=sOf@n55vKcu2fA)ZSwKAj1+xucYs1X9Ii@35RdvlFn=T&HODB3bDt2$brK8
zyI(T+C7PBkZF6rSP6C7i^eiU%CLb_`PHQ_)Z{v7#|AW_m0ONQuI>Q|J!FJQJ2GGol
z^+dUcQZ1@eJhCBlPEg^#<67@$k((|dGB^4DWJ3Sx^BLx-`y7j$t}YpRH!-v1h!o0y
zaDy50^^%70$Jpb97+9J*e&QYOw~QM_Wdh(tofq*viSKS<hlXkdb{sU;tHJ4VUGUQz
zcRSRvz#)TRm7#*3wb*6csC6U12$KcRGXo3X0~V<~zpn)-yeWN`?5yPR?l?gRD{)W9
zXN%4r(YFA1ZPt}SS?0H7Z)s9EojrAN?AF>wUa1oG8UMGLuydP7QV47s@<uGaf;#1c
zn-5U`55C?qEXuC^9;Q2n9zt3`X$A@D21!9>kOpDkriLE6yG6Q1z(7Je1cpW$6=@hi
zLTU)<crSeJ_<i^v@4?q$*zD`tXRNi(wJ%HP_s{E3qhiD1?gg3sq3cloRvVT53*Pcg
zcg*{H;;WjEEU97p?w!FWua295`Nf`5mk*m#`CqyD&TWlHysU&!#A$GwzCo|qL5f!4
z!t&(_sA;D7;5%jNH&m*&=7Ba((dlc@Uk|fUP~p9gQt64i(+P~?&K;W`Tp#rQJ1egv
z8AtBcTo?*{F%Gp8lK7<(TJxHoK)g3XzVuECk{vl}eGgsF79v;x!6>;}KM3Sykf(gj
z-jLfzc-bRe5Ojg!eQ`m}MnZ)z-L${*nB?x0G!<`-4*f}*Oq@X;I1z{l8&#u1Tdkzn
zx2)K?NYiN-X&qtR%OvLnF+=vTq!qt=7gM1&KwJFZJ1`ausjt`z3d_&3>Sc`&OwpUf
zuwt01u-=KTfBJkr!8aTA;eJGm1o?=gd%6WY7eki|uXUQ5B|(VrSvTnw4=!e98DsKi
z96SU27?na2E(u4iP|JZF2q|V*f%~~F{ZQ);yrz|t&}%IdH6`3PUgsnB#Ly6;s(>8&
zH(tGzA!9@Qq*ND)!5M2DO=!V9`}K&5oo(jXcR4A26C7PnQt4dMe&!dAiyoP0dIUm?
zMUjDxG|p>jS-9RBm~%b*%GL{2862xYswo|x@M6N3FjAKKbyw%PRksN|&QfsT+tA*L
z@$ZAK=STK{)+c1JnCSLI0q02_q!H?8Z5G7Td99!PhKlgb){A9X9$Gs@)O#NndIE`Y
zwP>s5*_iM)>v%S>`bOrR-A}%2C;sdq1;A|j`KAP+w=gcjOT0w38kV-)2c&y#7Xnst
za~nH5PyK;dcN@FZIip_$fA}gPQpy$I+@G5NhK7(6YEwa?+|{yJw&-3@ky7#O^ij>Z
z$@@nj5yeFyeRv23_0oLf*xptxY{t2qHS)#nqTm~h9d({_WO>YqLlT=iBWuVb6>2(9
zApZRr*OZPe%h4f`&0Sh1w&e2rhsTc}BWaROXW1G!{{1J5^TzUe1HE%?veX&C$wLnf
zA9OzAj^Dn{!U2X5U<Z3`uS_wLn!4X!5xwS5o0Pyb;CvzqB|THN_=H*TS=TP}T_X_%
ziSDVQhSlcNn*?Q}XOFv@&oL?6Oq>UD`oOihj&Q!LlPaHGN5_R$`huWq$@xUl9M*7P
zdnpMi39V{ZE{^0oGY_}tL#ks~QWCww{g{Me+<Nka+8#WHad+Oyi<Y<=)oTrTD;Eyy
z-IJdxcX`=a{UY(h6+}NdCnpY=Qmw76Wd#w)-^T4fu@Kw?&iTO^-_+4$fS@2i-hNoq
z-k=JOQrw<vqN-+bLZ2x8_u&%dGmiBAzk;MYiv?N<!k3^TeNSP(aE5ZE=yJrII<p`!
z^y&ar&)xriqX#OcM_f0Di~}ap+zqTu>fY#d=SsR)0VC4>=bL348yjP8Z~uLPRU!E@
zcL}XW%mWAnvDhTihg?0So$iZ>h*bHXx&5E7Rma1EZBh2-KEC8K!%+k_ZRM{Fe%u<{
z;ZDGj1t~+-NPXYig7%-UO~&c>o)d-v?HziKpr?5#kYBhWeP%*FrOIPd|5bYW>v!)o
zAcTu#|2$?P66}lPoi3@pR_sz4zhj}h*K5N05K5EOD}e3pIy+q759pk?@!pw<0IUp1
zBCn^Uytd^XO{{8{prR1VvGEN5Im_CvpkqpQ%T^2OB)GUIyX{aWW;5eQlO{^QQpC>5
z>3dM_e}4~gv_Wxw+|Z6{XuskQJZV`((Y2rAW}ap(UI9P`?kIiCR7VHPH5%V>`V;OV
zH#J1=Y(N)X8FWSLy*o!Q9ld{Zy?E2L@YzrJIec$sqP=M5m!onRCZ|+UGiBqWzbJZs
zP<^(?7ndRiBXpESK}+CA@nux@mBH+65D3-Q<j1aR>%Q8enFh7nG<2KKPc6p1o2siR
z0GFW7Z|@AUfR*e|{isNG+nVIR{3#fO1Y~>Y07Xpn2lFc;xvNcG1v$sEul89sr{hV1
zI3w_QTE&n28+pPuT2Ak2-}eV|)Lc$0D^ht&j>wO7xU);|IqSw3_r0S+tNPx*or?#y
zG|cJ>cy#{EwK(tpIq%YPe7u0M!+^d3X#$5@BCDJn3otj{u{+<g`Ne{QFxM5#L&+o3
zNWHT8waiknfwclP^4)O3cZ+}SvmYJTkjqMMLZK@QqZ;(H?}J7^$EQ!f8!SeONF1KD
z-^g(3<VFMJ$~upLfUPMNJE~9ax>|)3-fInPhecZ}c?HIbSBt_%%W(V2-r{I;O@6u3
zYyaz(zrNo`Ure3$$!|<_`;86^AR|c`;lF=9l_oveAGMpxioqP#kcqQch^ncg-gg#R
zs^r<Yk!{Bb5xA)W!ti5q??76U<F+h<AgR`4CiKJnb%75%-rBz;2o3oJZ|YLv>!sbJ
z1N@4G+@cj>OIZum+ADmD>~>iYN2V>aO1ja6KP}X4wJ2*>s=fp>U>(~l*i|+t)xw;o
zzdkCHW8>#1H4pgxy^0-m{(B41^<85!2sk-8Suo?1F?9eUb?-6QLqS1u4~j>+x_!VH
zJ>~0ARhdD=)$bpcHPiA9+_Awxu9beuS!EV4vviKmefsv@JNjpwRm`oG1F76$k>BKQ
z&U7zFZ!XE}T^94Bhcl(T1)vK@n_rR5H*4bUm@su7GDJJzCcu!n4y=IcLvOB>HyQQ4
zucg}9D%7KAz}}PYBBYpd(|l@6Mx$-BAJ72BrMhY--F?)TwSX5$CqcD-me6)i=Z=;~
zAC@Y4qiRN%$d5=sgqC9)ds699g%F%VpiXGjp1Um+j$<M^8I%<aOAatY-{9m=w22LU
zT-|rY?j!2cYR?&elK4IR14Y3{z=guS)gcLJAa9e^>29)mVYRlBKdLjLkZl-WM2tti
zC^;|BiGondd$;@Q;zU77`tIGkY#5DZQVDJ&%$XkE-d{h){NVg@2AoIIw$JM_hdWnA
zN>S)AmP?H9-@gMDT71sw=}OX>Si$cX)8*I^u_~PCkM~K>^YfX7T<ZA;%k(ULWDCe!
zSte6|9OO<x`vil|H2I9{NpfA6BuR)$Fsv?w_Rq`9`SJ@gQ<i>-Xr}X7W_4W`%4}{c
zuLrZ*0zGbY<Gi}6;!~r-77BGWr^~?i3@L>lxtymAMUP^_`A%Jq3B!k8cb6-kI#M9=
z8+yo7$Eq7aXzvJwlXSr+O(DWpw%u*K@;vdbn0*9&v69ZtW!jy&M@PyXB7IB+Wm9`1
zzJ7klYOepaOsE!l_7Im%`tBj|qjU*822N@`-F#`wIjjT+hH24kNlgpayANHLalqnw
zP$&Vzv6e^7Qd6#Qp`|uQ0egtEb~iPh+$D;9^B3f``qCqT@ERJvDAkAax!`Y(u{i0-
zm2z<yB@YIIdGXTQ%j-ZQ0%XwHxW0|Imoli4UA2&FX>kFMTuBPL<j7=M;efJSYd%K$
zS+;c{Kkb@dW6fhPQ{~1%K+RvHUvNmUa)r2De2kQJ?MT&FX=Ah8$Qke~50ICY-1p)U
z2(e5m(U+Q=-am|YNbIi5=d$j2U_^aqg&mY_9cJC_*fR2suwPpjG9S<LWRs|GJ!;uR
zvw-MNa_sbuQ^qolK8<W^Yh%VnG5!W#{ZTs?mv!H5YCO^W&5Ew?FZl+G4z%UMqG5o`
zM4Qce`w^-PUKJfaDtkfF?Ll$Q#U3Ic57<WZj0PS<hH}J{LPOY*)c50!3x!px<@c2=
zmBiWN)S-ZJ1WXGr7Kh=QHl;&kS}^x9N(&pN%|n7P*NSgiS|n$Y?S_wC#oE*|S5$$A
z6OS~|0lvXoi`-@Eb|0_|1rJUvFy@8u;=;F?8b!FFB>o1R5(mUf0=t@CM0irx4CgAH
z+I^rDkZA9b837X&6JvVyK|Oy2RtWM7(^mWqs&TERzq%yY=I`U7lcK()AA9t>fzRd3
z-N(aElkMW+G@J}yb7=}cU?<ozubAP6^L`wYFKZcJ6947#Rily7NChh_t35`Y)#HKH
zbiBBb3RaLZRE*R&4y99c2neJD8B^rF$wt!0en)q9E#C}}ULqL=^i~3D5?olOlGGsP
z)!^XXQh#Np&jZ|)&+k*YTvLHFmb8jn9&?ahUEkF+e!qNTY%=SDhIk>9aN>>ObdX8R
zmB*ZL5;z~US5@s74)ttl4pvCD1WD(*1gt~4?^U`?!2UmF2v%4mki+2gDhzD#3Kq$G
zYAgZD4eZU+dh*b8`GAX^1_itFOkv`3xdi7CCU|KGFL>PZU3q!D%lthdtrU4-5h$k+
zmnCOPhcrKXNOv#Sptv<9UxoS{Q$<q~eXda^U`x_7AKfdPk<7$Hi7*dS!5Z|xJQcQ!
zcdg@`%n1#HaN(0PYc)y*+@YqTHla&mM&_M~#R+c=ePRPTc2y~)2*WQ)^gJ-)M<%{C
z+Me@}V#hv`+dGurQ0RpxN4pG%z<mL4Y}2}ckbW<mmSzg)_YrYHWi)I|^|9eFSMk{6
z7?4XUCguAP>=nAuKu+9kKUlh_mWf7AyrXgUJ<w2=WG@@MG|76i2cMVtpDL%2b&2Sn
z)}^CjSYu&f@UEn2_U3CPCAt05Tmdo?@Y=*%E*csd4}(XihhIT3=F7x0A=d}2c$BGv
z?Uye<uw-?HjWuNBof%+f$ek`>w+*m7Q-(L#_3G<=1GSy4-&f%a`#|@&9KIIZODmoS
z1c8aS9wAmOIh_$Fzfn;vovT+Ti}-^tazJ>Z1`<_32bkn47FwY{iZxg=_-to?MIx^T
zq^o~pEll#6W{>07@Aze!#7EH4ZW4vs9ZnPMU!!|6bTbMPUoCtN_gu6HF!5NT1dXj}
zdBk`Gh8*zwIK$t&Ax5eqgKFPRu;1Spc|}q~w(YQY)8=B2pBVF{)=-#3W<FkF3GygI
zjL4nHERn5;?Vq=$(;I(LS%h?5O*bra_o1}x2AE|G=}ad2Jd<yIKTtxcqxJNpQ2MkZ
z37toi4wIC1%R?}m79z+m^Mek}5EVZc)V_ojM7iFzs)FooF;?F1@<;Hi;GU#Nv{qy6
zY^Hwfb+aY%$NvIyl@z|e&lr8KgxxORSWHt?@1=aXC@QG7J#$;vgVm~Bru()XG#3{&
zbD|Yzx2W+;<(C}ka0OK)`$+o8`jVGH|H51GceRSpOGs>?z+$UKGm}xRI&j=tKG6dC
z3G2ia*vhe^?M1;S7yOfxp4xlRWapYjI{xRi(H9<Lrb$3stBR#SAe^3Z+r<HG22rkO
z(FIM$vl8O(+#fQEB?G?bRSQ{*Nc%kk1x|&mDp&1IMQslvul%^3D7|L%lV!hsjusY*
z4?uxYP*i4$JV-I#^KVe7P>Sjzx5emdT6deDxGeN#gz;u22@P?5j8MIcYGWPlK!}BT
z_2`s$*u|mh%!^hVO^t45_;GN~8{yucfJomWm$VP3Pt~eRfh`=Y_BY^lwJ{zMUQIO@
z7sA-?T3nt-ypH-JWEC=SWh-#0_8zqB8~r%KqM*uUO0Da7{-#8`xA#bSF616r;|(VE
z=JW{@HWTq}2%OP2x_#c9l)W63gq<YWwydJwwG|&f;u^-zR9Rxz+rUuE@rL6$P{M)i
zTNu_GA=l~Ty{`{)^gG79u$q#!TFleT39Z|Fr__y!o!Z34a*-V{(zXs>f~w;T1BdLk
zDF!xlW%eq1CD<i-GfF2cWw7dC$8G<mBLKIP%IH!MYmJn+FJ0NOD0(xrcje{c&We5W
zh;tei3;HXls`A%_8S?#+=wPf0$)i$ZiVT#^;-{qPAKUK7GJU~wasT3I1cT*R8MZ$W
zOZjAT!HI2~bL~ZqjbMii!M=s*O^FOynk0R0X;UFS^)T3?4o;=H!ngIFL$;|%q(jDZ
zspD)}z0}33;|%rorxJ_&VOt9PIpM6FQ&))W@!gA80fVx(<~5_kHog(Jr6)<;ANUNq
zH2dQGjk~vLb0HiCa|ZW4b!qgvo+!tilI11!tbd0P3bn9UD(Cf<l|FVtv)qsr-7Kg+
z$#IpT0r1{vryeo)k5CId7V?~_<ASo!Sa|HC8Vy9)&D5@S?9OX_0D4(XKAo{`aLf<j
zhy1SpAuQ66Qs~C+uIjdrazKF0eO_LmZy|%<326Sv_q+<j*mksI{OCvHJ-UP+DXC7B
zCLidKhr3?kvu&M-yI-__?}~NZoIS3`oeg(7tlQ}mtI)_H!ebl#WnRRC(h>FEH6g-2
zCcTIb==pmAgsy0lKS<c0=SWEmly4@G0!`~)W)mhUFA{%<Hb-q$70AN|#bv^{Hq_a-
z`4tXvI*4{9(aOJ*qn0}!eRRy}8IQfi>@yLj=S~%Bo*Q=4--m8%Al|(!fe%&fY76W8
zW6mDv&3v%Ha61?34CbY_fx&9Xr|7n+{?Ag(TP6PBUVkvcBc*|aItjCl!G(#5&?!g^
z;44@7`ZZRI*G^||0;9r7dQTi3hl4ZM<me+cdtaizzM3I-zG)yt^dyF|A3Dw{zA0k_
z5a}50d7yw=5`Yqp?tVl+4J5c(R|8!h+<@A==^l4o9n5s?;B9p@SLu{9ZuK{R8cFnU
zw_Td1oQ-tquAhPBL_Vnhk&*)Ectn8R3)TZyB~0G};xZS(0Z3WPKVbDXgdg_MmjZZa
z{(##IynMR%no=#nOPMIQEKy}+V`B<GIECLc*VTTCR~Z?_fL$EwrSb{gdEff5mfDYC
zFdk9JMxpp@$RTX0UkkMl)1@~+nPigvn2>~jG$A<2wt>@CL;~%9{L6$w)JTW9%XCX2
z+un!w7$?-|g146cPd2JrEB)#tRR;H!%P(dB{D-(D?<%dFeu)nGUU|MLE#=aG{+z)P
zfZrj#9m|ip#cYjhhNq9Wv5#>t!UMWwt<3F*?%%tYFs|HX%FZ@@8!h22^N530!d#uQ
z3Gky!)Qfi6z)P@+>LJjfF1^fNA1%-&z-#*%*iwaYVteE=vGyg4xGhE;1shF#jf@n%
z(f;Le^PA94Jum!grLOAtErY7P-|rCa=N~fDL`VTUKm4yi%y)e(@6A4_3IiGfWGoGD
zmDkR502|73vM0i>7oN>_8mWi<Ar)3Ew*hWx^M(a7@`#<y=yrKa2eBsFDgxvy*3Z-B
z-Y^*+g|!FW$T}~!#zZw4UG*LU=(qP=lm@yt11^wjDO_PZ!DZ=G&@wDy%s^ya(A2sf
zIO`zsQjCV~YiV$WWZpYLU5qNn$q-M=JgE3&3c$;08x|pV6{#`e?-tI2uoIfRF-@a*
z@FvTRuy-xdzzB`?-oocX;>X(Bq*m<_jlRF{1HQpirH;mj{Mq@uY~6?mW+HzD_LSuE
z+t7|?D<$qeRSFHk8n;=rHKI-P<H^(v^p%@~bf1<Y^QKt}bKrHT98a!5+t(@D)_&LJ
zS^fDbi8h<|(5(Def8+a;vu1r<vmUK9no^GU5Pf2#CDl)8HPh;Uz$JE`KI!}N|9U5^
zA2*X`jk014`F<LiLuFPd=F%_e^nEa_#Dn33b*r3a#ab_RTcWRai<+AmOiEw5;?DI2
z?<(cqExZ5~JZ)bb6-yHWDMm|NCcILw0th2c%9j`@x$_tm40r?!<@v96IDdhQ=deaj
zH2bW_pzn?U*EYv#k#ge(G8GjSi`ztV>Kzy;3vSFwP3;ojpA(AjZM?^oiIAa6@QiB&
zC)<59o+w;NcepsHd4&`)68rB=x?w{`NXDMNt*xc@pnK@C0g_OXSLmRL<{@Y#8V5Y?
zBs4pqSVUOYWp6%{+@=aklRx33R{|ONA-(QK#_tjM?GP)9jrS&3+Ygs`!YO?kyUnNU
zf^_lI?O-R#h|O!ufXh?YTaZoyzJ$>jCNw(T<j#HiET1uIT&Rp(&eZ#~K3_A8mYO;k
zvt4xIjJCjM{pU{<khd`ww;}&O%qZPtjHmS-qaSf}f}s_P@hpWcAVcP6?>*)l>ta@m
z)<hMMUHTt@vKR6P^(3JRoU$}3>HjQ12Ve#8%3=EDAMLa0R#`GjjD91`V+3*tG%KlN
zo24$!>O|EV;@8H8JV32v=j0$w!x<SE5CTCa@?E(hpXZe0BhLXCWB+Wupt!!CmYT^w
z?gki_V>|W>1t5YNCa%CWZ|Polgg_;#ZYa!0Sa)q$1WG%2+tF`zKCE^w=h*tPKIlQS
zT+^YP!DjH!I&Xp0PDqD#!Kv4GEzwf5Zl#e{)uD`acpA?2g_A{~2UXEHY(e~x(FMMT
zRblpm2ooSNPs#RJJ~?ju{5Am1&bQ5yu>c7!uFdXv!H0u(DTi2K4Bs6MxsJ(avloS{
z^X!A&=it&cE|R4_cLL6umdOn}EZ~gT8&XnI$eSlT(lfKO^aMlV7h0D?dx-dTw24`l
zLl*v_RsK+pO%-4Iz$a~rj)xjJf2T9VxH>2Nvv=Fa5(f=Ocrf|8#c9<<)P+$3oB_U;
zV^cxxzB?zmCbgP7C66;3?r*S?cqZ(^kkxHM<{?c{qBrx(g#vq|++%QY9)R$QoEU7o
z!%~MyJHg*Hy_xaQpBC-k1{sgr5)s8!3H9Kn-V;$(Pj?^Q!e8h8Q?saZ`s=E53MC&-
zel!-HvFDtyC`PK&ku|$lwOu~$cxO;{D$ZijwpmgszIc4#a_Hae2LMbE^X6zF-L=v0
z)_{e1Dw?>Am{9I;NBD3#32RZ{>k`aZnEa4bba1VS%YV?ZxfJc^u4a|qb7(}isP(n+
zg<s}Lm)nr|lytAiX%>6*NwyY=>Bs(ThOb=KY5d<s{5m?!@h&DR3wC8ZW>K@g^)j;n
z=KXgC2Vg}>;<y+Brp?M6Id~i}8art>8gMKD!<2;k8p&1r8MeYoexz8^V=&skt*4A!
z3a?YT?eahqbe?huA@v;Lt70M|NJj?QZ@51TTi<62ER~{wactnZU!8kSl5_E8^hq!x
zn``{nMlaUSwD_Vtmp!GE*3k?L_<K=`VK%}pu{dT0d~#YLseJ|a$@1S^<FkyaBeyX%
zBi)W!rKEBckUYG+)&<q%R8~XE|991x+8on!GU?X~)R>}U_7?7FG=$W3vVgaDY&c3)
zBH^#Lh@kg5FYi&>g-={XN6G|Y*u6cBid2<0EI}Cuwe_q?u4Vte%=nq})9pC)CtA9*
z6(Q4u+d~AS;lY8D0~!w_-Tb}_YoA<|r7O_ap2#3bmgmpUiC&5gE}g>G2US=_PQAQS
zqEZ4RS|{uRcYxD4SfW7BsfF2FzXToMM(P1C!)@HZ{TYLnR%;g*xO}(I%yC(|$7J{B
zE2s=!s7W5gdP+M(qF6GUEC~?;f1U5Y)UwX+m8e`#!sx*=jXM?J8gd7gt=-;qB^7}^
z8{cPy|Ml%p*AYB)pphZo!Y95F->MO6jG=;c*ZT0q93Qk=w9Ukwn3HZ1AHmj!ac5CA
zW>2J~oF_B{9(b+Am!G3yDWB32Ku`skytbaL<=oDO4ow%PV1EPZ-#?YiE%@42wEhSp
z%52Z`RcQUUzx+K6L@wT4Tx?ROz*5#i*HISYUJSH<x)eCSZ;SA-80Fl{h>i;WvG3cq
zQzq=Prt*X3TD^*|MxdO|nobKU&Tu9jmC5@HZL*MLe{?9lHYzeK&4Y6)2-6<&t<qW(
z&IUvnK+Pke%p^U6prQGY?p}#a6y7~iI_H$>M+`U*yNX4e3>}Ychx}V53ekeb)p2@_
zah2xdp4nKRtZC1MWQGg?UJ;osAonieUGZdsFQo*4WZ`cbs1vLJ5YFHp7p`svm);L{
zb1lRz-g~M#I%L?Xl77J@ni+0UR=dhWQzRqx@LuH_{J(z_D@7gb5dC(M{Kw4CjbZax
z#<E{vSjSH-`plteY<Fu>JXZ*O_LFcnu(H3Y1tBpCg$Cj~J3DhL7>r_$OP@+}WtL!o
zxoJ>%!Z`3s0GoW9sD!vE)@;4|67O`S^BXt1QHZN{rEsV<dhlTn)d|l)C|xBfoShWV
zUsO&VKA<k%P_|*SbQ-tOElilArxrsWe~NK7yDbp?hDGoayXri2{9#)|uTJ%AH&d4~
zA^gXAq$5+pKfdtg6MG}?n-Lek;E--<=&W(!Zng14eYga*CGjo+ii6M_Z|0)P>$vD*
z!vI@A>u{UkRcR;*=kP-YbJ}=LRdX~8CIqirB0blCX;{-=2fGaz?t1DO7=%qh-Y1Ml
zvN4db&;14!_2S`-OpfzJ!4}B?wymSiUzUm9fPPl^y}pYUTq47!^RqB{zPIL*R4Ype
zgd5cCLyC&J6OD)U_jaK5lhvnMyagBaS5%PAV}|*IsfjodI42LlyMc{LLZmB|){AWc
z5*{04jhWg@NjwplR50@1!(O`-wLC!J5Oq?l-$?xIfL|_Qw>oRBL_`4h78ro<Qul<}
z{^_n1*-<SD>>*q0IW3e1oM_SqMf(F;817$1-OH?jNYF+U06o656lq72UBaf>*i7bq
z@zeFt#CfLoV2E^z2g7S;M&*Ql5_w>aoW>N`(!jLbjT~YjcfRgTn1;%wdN26k15i>r
z3#9(U;LF|1A?d~jtgR8*N7?ka_1Lpn1%1RGgM?;RSZzuy<7xOKK9xZZfWxq2#nU(o
zM<epR3$IhMbU*-wd72au+cB^r+PO&<zVw@y;K73Y+n?<O4Gpf5SSbtK(Z15rB0|zk
zs^7LO=Xs!3>vP4#6yCjwrhb3|0(Y%Pdee%UcZGE@^d!vNqV*}k55_oDuGH1+s61L$
ztQFIx2cM5PCBN^VO*a9OB)%11o7+<+BAnfc3!rHD`c~D|RT#)yQ4<sT3>$L;V28<a
z6eBRn-$=37ek03b$MF8vAQsR?W#Ug(m<~Glv{U0ltF3Thlu+?C73=&TudAw(9Zn74
z@Vub45P&`$WON?^8b)b)zz3t4kvhTGai*3K;1ezKsspcloezK^q*3N4&z^<Cy)7rx
ze(JZ97z&_>6nuPqP600k`pdzK<<E+({;y?O6dM?pDrLK;FeGYVGA;X#IXLUfB#l2R
zUr1xDU@YBS@`U~n;P7uxz`K6ix(M$JAR-2);|USlvtV*06u(za`r=Bk3i;Vnrj^Bz
zbqY@NI0^GM2mWE6M=yokG8U%5g@RHr!p1jT8Dp!$fxXBu{Ik-6-=!2uK(}&e!f<oT
z23?`<@mSPM!+{cl;aGI0$yrVXH^Da+XV*3!u*ZJv(XrzN2^xWpO|8QiPN-Rw0>Owo
zhG=_xdz8-{YkX&Lq;x`%<6>LhYs~OIz&AI33Zo2-1Qa0hI=K?UZ%ptm4tx!!&|sJj
z&r1m^b~7@Hh8$rWAuGHJ>$O)fk!Z;r3+j(0kB5!$l$%-H51WLWip*9u$W?Hx`KDA!
z(gW+K@n)4JtgX6?jl<x3RR1>k;PGL*wV|wZ1ZG<TObaUlW3kb_he`2AK4AB3WQD!K
z-aXt(fQy~rNEN8NuYj@y(E3%;N&7cJfZqaO*+G6<Ur?b%(qXfWiKn!Z_cL2gE7uh;
zL6O$78*`@;X1L6~yQI?vuwXUa;;p|Yjg`Lqbi~Ic*$e6HdvONX=mE`9_sN#xYNZsB
zwSlZ55ySYDO@}ZHzm;W2X=&N0`P!mY>9KMHk9iM1+yxQl{DgxTkLZKAJ4)t2xHE|b
z35X>ANv3E8EnVHR%Io9~8v{<E>)_h@dMjioE;X%Ckwc>Wl)I83!~B|(&W}3`*VJUC
z>IeY--kecFBK_~lX9~jDC9s9c)h+y7p9K#FQm#EUH6^7QdBF#ug%GglY12C}jFX3U
zsNS}`tLo>0S~P?n@P>V*jv$QWzdEG1+pf~~f3L9h{B!hR3OoE9r}N}_fn}sT+J{Ka
zPOb2o6FV2sjy^ol(psQI$Vvu}b&>sf0Jo@;GFAd1AW$uQ`!*VaLqe(g*I)PN6L=^a
z@q#*SfO=)|{A*Ofy4wSGpx~ccQ<4cd_h2|{m1ABZ!R^6^QA$vCOcRNUilQ0T2BxvE
z9q{B2`Q;W*4W5t~DW(ZL7M=5Pp%$VhB`GbnKz-5p`ST~M2b<NMe&8tIBZIp5pZ&~G
z`eIWkQUtdoi5z%&R};i|f!L2$*A-tOZj9=PR{d}>Y;v09AKwq?9>B_P8t|{F9+;S=
z?K9}Q+|U>ak)?ASp)q?U{!L$4{#~Q=nCDkt??hv^&DCX)-w*TQzaSe6E@RW-$ioWd
z#ifuP678gaF_adcNf#06Ly8@LHb&Kqx$iqdP-WsC8LTjHndk{7S)s`+qrd6M!s*ql
z;%gSIu2=;eY#zXHd0y}YHd>9V|8&C(!|GmEEXfR~YgfJp!)Ah%N<Zk&bQZauVPL2^
z-5uw0%gsXl($n2aU8s$LJ1vp~Z5dj7#610n2SBVDMXcXTb;b0rY9Am+#=%6>cpD?z
z*YljZdg<XM%na{B4C+Lmvzd{Z{EQi_VVD)`5O(;bSDk#$a^!4;zn9l5e7gN_A>nPt
z6>ui$z=~syFD(@t8TY_~1S?_UaU;&V=<@)AK-c_br>W@(ZpMY+^=DyTziHXeQvMfW
z78(5u`<jeHm+-85>pLw;wJJ=yhkKOWKy9;~(-Eki&So04Nz3Jv>RUO?{~$R+ML50w
zu7Oaw!a&`n62CX=OR8O=ooOTK?eekI*1JO44E(nW#akukZRQRy^!rk^b>JSg3ZFHN
zXQMX%RQ5vMe<1Z}0CBmGS)s^PEwn&!+j0Jp^hMk8bU!$aD%W3~{!9bNCc!z;{VM{9
zMaE|R?_CLJh`EK4yOC-|vqk^N70}3+>ZdvsbL|#rJktuBEP{r53xC$mJo2UIc~11$
zrbe4~?H-tsmUho9N!W2nPe(>{V!}C90A*$fIapk1CFtAbrDE#Kmp5^T8+FZe<8>Q;
zrXP7`zGJu;5zgIJfzR%sCruTnk}$(T&Hj`jwD@K`s#2G*Eea7uFky}V%}-lpVGNkV
z_Ic6o*jkg2z3scoonXZ`J4A;_J5B}?_zm$ObVH*cellrc{ShqpI}^u>8F1@NXF;!2
zs<NURJFrO>yNOyw@;x_-FJDe{;gh4Mu8#{pla+Ru8z<}mbn?sV1Be0MH*Vr<GJ|^(
z7U-6jnurwT%ITHY8`;>LPYkgPHTYkH<5?E`C+}fnT3gH?E_)7FGQblsb-h}z733m8
zRfkYQcE0wHv=wud;g{g2I3ooi*2fO%)#JGZVT^{AZfc&*+?+R%!Z&ZawI8*+dn?}7
z+dxV9l4LQ2oL{xjeUk~0VXs_p`qoIB1$q&N$^>>3viVP6woy}b$9UAT54oFhT4JN>
zkGmOf^i=SevVKOBdH-cfv4x|XngSwgQ>?i<IL8fXrw|A<ghCu;;a=?D#z{kI7hrgy
zsB!wK?dNs<BC2iA8;Afq^_9JRF)OM+kv0AS@B$Htnbd)UOyuN#38Sy9+VV!1XV2Jh
z20!639d?;N$5?UXg)uJ;HM9jJi9SW9<^2#p1SwWkP>&4B?i&E{Z!pPnvl++RlA;oj
zb+lXD=Tni8KAlUI#xs0c{FG$Xwx_2{8=G@RpGIyE%DdzenNoo7VoEwUUG2}y0BX}C
z^4`=?e*V{z=-}W;NM*_1dA)C=yTQ4#{`L&<M}(0wHYVbDw<<pEW_F(z=#sm{lVc73
zmlon_fW-rFbcdweM{`!{j{%Y&ew;GeadrWkIP)Y-@`US8c*+8=y0-$F7+n?7G<}O}
zQJwNt?A(Da5nhN7nntQ7juKHh13Wtr^c@28x8WZ~wfmg}S$c8b-r2>hP#G^hb&RSk
zp}^ZK-j40T9r!`<t3~Z=+I?(QQ{GUU+>bmeZ`O(8FXI~v0Y<)kILXdf+q`|X!@Znn
zckZ-qw<Zsfg*ZNHDUqqy?o65Z+~~PQ8xd+teM@isIg6Z9Ks&SB`Tfdeh;Br_`zMYM
zJv*|;cS;Z$?t;pjHiEC&BGU?}F2wQM#DY3U7mX%68V>ijVs)P{Y#2DA4?(E$uj1Hx
z^YO^BF>w_v!lyRl^BbE_1vFyfC|I4h%V=0h0(B`Y$`Bjw3ilNeg&+pdI*4gw;+wu?
z$9%ub=kyLt@(4w-(I6k?tH8!*eCqKz=|+{W-+y`uA-W{}M)~f4y&({3UeYfj-3FNn
zib``3_Fz}+?8tTvfUum4@G<!r-KT}Uz)q>&p<^wB&xVmQ=#{S~oFa67=L}b9`)<Iy
z;Kj!h@qCo!c$Za~HQ=^HugNIIk{ds~2i|p^RRrJ#>rR@1=aELTDp=%QNa-{2Ioo+n
zO`c#Ld63Vh)Puz^4(q?HE=^1%7=epwdH@wm(=UoYfXl6VGMba~8v>hbwmUp!{bCiv
z?0zn0RRzh5l9GdW>}-EAJN(-Ai!+anz6;7$EXLTiDrIMwLz~zIIHv^X`{t7yzRT;C
zo1=TEu+&O@Gkcl8t3aEwbn2S|a*mKnIC+`&Rw|WZ@T<^#ftd)<zwqr77L*$$oS*wj
z`yNH}RskXSZ$4061dx91B`Hm{MpmdHn!=X^bu_@6&q(kd$f<B9>wsG`=5nuDEhiq&
zu6HexQsr;)-wQo?zJ3^o<I&YGmas~Kll!cJ_0TVfye&%|O%8qdpuug7vf8V0@R!f^
z+Yal+bg-JCh&~#yt7bc90VQDcaR2wW#Y`mKsd`N}bU0M8*J2g4c7OSXKYUKn>P3l1
zx=S&apk5V=WeL~&#8Isla`K#)-E<gD-5U|z&;vH&<b3wzOURzBRK9AVsCEBAc{fRB
zse>MPl#6nx!`}O;|4N;nXTiq1w`x<<3G$vXoA)2Q_gWXbD1|t&PgWR(0eCF?aS&On
zS>-a-e=qfDtg7z$yt1vfibri@Bmj1EEsW&EM4r<$s(}cp!8-ZICd9-ek!)x5p2Ohy
z?@j|4gyupS3fc-C9aYK|J*0jDu)k=ShT`z9?t<dfEv^Y&Q@^uBJ09V>aEp0BmTF)|
zv#$ZYX}m!0G=%E+tdI*?z2kH!P=urQSNfjQKK);2<fK&o1ZsS;c+(r$^;f(qyG$N|
zcP+=<O2;9U;v3#{LqqY`f&P$7yw}$tGp@(nv#+Tr%2<ji0NyBO{|Fhs32kz_Yjv}?
z1l%Q|4*~@HKt8*D-(DaukWyEegHb0+(d$TaZ$9Dtk(pAf@z*L-bq;hD=ItYkw`dhm
z_bE~W**V<d`|E2&xbY9R?nBUSV*yzAjy;vI%YyVR*};3KsG-5om2idrpBL#*Te9<x
zN*Ff6RBqZr`{2O?#3{OHnX;GVPqe;85xhCryo-xt_C2_EXn?zVSjENZSOShHRw#RO
zg#TAV0O3V3WKa>|<)jf`cH;O|$YGL?&#V>fce2~FGuuGZDn0Vg|3knZazEUL@LTKA
z6X2_FmkkKXKm)PvMx~yR2W<K7kh-XMR6-mwGAQTTpqs!ZM#6vAs?IgH*E-+cG`031
zT9y5@lmJ!jq8VRIY;PcB-AjTiK>Y6qpM^Fsj7eE=n=f+XqqRZo@U?Io@r?$jufpzY
zTDJ@MyX;}la=qERxKhn`qEyrtPhkoNmGegNwp8wB8410wWQ`5HRnrY^OXcTb@BKW6
zJ*0K|5G5sEvIk{urF(vn<Y^j`QZW9*_8#2u8^^=t>T1o#D`o(Ypjugn&O8}m7h+b(
zdH3J)Z9_vanAiEW!M-CAkXzBhOpI7s-<FA8RAmL8s^y%-$(*P>dj_D{Xu4ay0%-et
zNxg$c)%$orf1S^;<L6sHg|8of#PF=AB53Fww$AcFGk*x_%cpXwdA~-Hl%VoDP|k#x
zma|ve`WNSrj&7NH$M$qhHE;`2_w}NsbZBUL#J_1^CCT%|aCjqM=A)c!k=@Q)Z*s!#
zG{_XwSb}o`@lK86*4LQ9*!hkO+bRSR6lLo#E*C218BtI={|Lu0_ROe`Rvzk4gA~8T
zJA1_Lf5xH;vS&82`OU%7HPuy9CYN8r>xt#&^e)CIJc5|cYA~H&!t)n3vs_>~;{QDH
z=*7Lhs~L_B?JM1Oy{URkVAg3|>(o|8+U72tZtZ9^{M7>tRiy$8yKec{ks)v0!>ui2
ziPusw8~!N!HReu7YdJ!_!1h<W+Pf2OIM16EggUFM0ab1=Y>!NnsZ+<82v?DvHUx7J
zkPInr-!LIQoAq$~7sXWVx|`;m=VqI}TU|<Kj3{h4LsU7CpUM$3_G1}SsE_y0o~OvG
zO4~M*jQ0!P3vQ9fkJpzX@sm^x#DKHvnGzW~s|FdT<>JtvK@R|41@p&ym2_b@X{Wyw
zS>Y<hG`!E20FATKwj3)1rYPQj)H~-r55i4=-8859*Z>Ymq&HZq{MftE8Jr;?-;@^3
z<;-e%dBS+nQ>PAOhyu2z3G|Wm4`w)5$e9&uk@anSrnuGk7u{jYlvv``2;r!qMgaqU
z$(R2YfUfL2Y06AkCn`&8_OlHx>#?f0s%XWTLfwDE)Ik@<S71|?4%)oO(qyNtKn!<t
zK)(^H8S3i1@`WF%Q0cyn_HzcDufDNUu4yUZ-9)yW6Lp#<pjUH{0~{>GPuJ046Pn)y
zQY{p3cXNs?$`uTq%;}$2TjR0cAr%@zM5H8I3h{9#{Z<=W^p=Z{;3;2jDvq@i!f@FX
z7=$8TJ;dDWHjU?VB``TS0`8V-47zCxP3xolH{djIoF}`hWUsKKt+dw|@bwls7;yoE
zj$qPo!3<;5;_VWlgA1JD2l&Cxh&V{OVp#?Ki&bkp|6{%_$49O-?5u1!_Ye5`Hg;D(
zPs<!sTM|6ei+{mpN0LuZFB2}s(oy$t)=k%2pW8Bx{{hOXn;wTKJTw%GN!A|>sK8M!
zh0CB`_J7t=bQ%s2+WwS~^AY}hhX?*nsZ0OsVi23BcW&eR@==a?w=Co2#pb4J;|IoZ
zq5c{ccdy=q-4_d8%*1td?9@^t4r;RL{>seW$cqJM30s}&qX5$x-hM6JhHloe9y<Wb
z01!uz^L#UI+1Gax;nlJK98(_I5XGXB5?tW2%u`2G*@s`bCiH4KtuJiDXLl9j^EzIP
z=2J>ca2uVU3D3t(lp4*&HO4-6b`}6oGdLgz7-7|8jZgonb9?M>vq^~Ts()CY$KHa>
zslTj071Zz=f7C{(-Gy1!zuy<ocr%tunVJgujwMN46o3AF2cX^iLguAhWgwo>dKMz}
z6>4vPk}11UI=kG?nKIQEDWV5!2cR<jp8?*47{Koo?CtN3<VtqIGTQyJ6~LtbgLyeA
z!QlRT*8m;0%q@3DNOgU+7i10Gh3i4%V_RT>$8fz&*S?g!hM<6}{87Y3-WV+2Kk#b{
z$Q5&92)tZjfmH9BnBO5KB`xkRFse{vg3Zs*HwIok>|=cNV+}P?PQCk1=n0?W7qyLJ
z?dVlj{|4ONS;i=uK=U`+3YO;p^RF})C+0jC{pHIelh3|sAHe&#U5!DuJ~tF<g4SN3
z)^prTPqqI+-!|yL+N53M+>#=2*#0xN_+f`zWrz2*e&aJ+WSs|@w^Wq-u7`wen<BC|
z=uEtQ-8H}O(C1DiOm-;gOe841>i{Y+2$O-bOgc#aPWl`2<JQUT&<#2_cvDseu>chW
zp5IGw{3HC{_PT)Fl%WCM6ooH$iWz}xhU0%B?RV_RXWn-CP7Y%(=C@({IgO(jqqwOe
z!2JUlOW$5{L4h36jZ*3bg{cM)XA+BCqG^klrSXXVx6#~4?yhLulk+r!T&bS#$wJMb
z$L-`u!I3VWKzFDsT-J$bvb5~EN!+RQXaO(*U|6wAS>|u%dU5P@%`GR8F8LGB4OJ0E
z@L*o~c5)dQ3Fe>G^p<J_oT1%a@t7b(-#b)cR##Bn$&BB&S3WGQEDLmdNhkNhl@(ud
z06lNVO=etN+!-D-ouFAQ*u9#pjBymykPlqIhMKCjwsUr_2crOq_bG}z$c}>0AEF+X
z+>24UlCz3Lld{k2A;=c558KW<%$q%8AUL9Yr}ThM8fnq^gdKMTm`mW7W5^A#b8zUA
zhl=f`SVc05(np4bjD0Vvs2~H7v+ns8Z+-!C85x<O)SCk^Ob{V=>Dp<r@vQ57jG$ET
zS{`BUXh<X+3#qv7s%LhQ`?YOdPj$g@oD<4#TwiE6O_>`X6TuuCVM#*8Pz=B{(QUQI
zl++F(hh-}@cr~SDo7^Krc^ZDWK3&maxWu$V$HAj~Uj_%yF40*l?h<SHm;xtXhOs5h
zKC`r9pPbXcNBr`fM4c)3GERmsU{X~wQv!b?N;D_%pLa+Yql;OtqT7(7z4ipw5{=d4
z4wauHgRTz?G9_HuZ^sYDp9U*hLxC;51a51JZNJ)a$rQ068ZG;P`P|spl9EwelvBbX
zr2YDL<>}dIkPaPA;HVpV(ER#k4c6(7OOPf-2(oI|Bgq%IS-}pj54QmG*x8jszYGix
zD!I70yxs)_*g;UTt(bOT2<7eDx9VWQ>goi!>-{9?0dR#W`7TeQe_YU;D;!zNuYN9z
zYYk?fa2aA=gsRZ8ugF7*8Ivt3G%Pq@BH0;IKChat*0R>nijAksi)f9wo8Kh9ogA{G
z#?)l^E>o7I3YiC<`FF_4wZU*!F~B^<{vhDJc5!x2$HWR7wU4XfuE-07j5q?HIp4dv
zb|GbvHK}YnzrS9z!^RlcZK9-1nbZaV_iJ$rd2+gCT-0w%gv8HScjuSOlqS}n9)0~9
zElS%x=%b6qdR%R1N#-iQfSHdSPcamfPtl4Wee6#l_~<+!cJWd_MVIUzwCPz}1Vnu*
z&^dI+SUOeM5PpFdLH>=$f0aW;hw0hs5TS}-?$e`RDm}j{?;Y=r(zJV0QI6Dv+%+HI
z{`d&@5_**Oi0f?drge0EyYHH*Z@*T_uU7LSH|o&UY(!UXW7M7aPH#_3VYsVRD_Fc&
z7n_>)87CB)V$qdQwdNzutS-oDRIHZ7)s64ac!8~>D6;DN^Gh0n>NG@+bt9ww^6sj%
z5@(fQ$3v1VE=~eL4BAs*5KMm<$4y>pRe@E)4tr3}hcvvfO3n-y0P+*BVywBf?!r0`
zfYBlfq9feU3V=;1KN3Ky5x@gL-mnEXX4xM=T&EC02sb+SlcWcozpHcj@zT6#X6E_H
zOyJd)xsq>xs{DrC`beJd&oo1VVM=&D{uOXSJM?4WV=H}02|OKs@>UX^!PTB}asW-g
zBK@W-Nj(`R%SPKMhoA-De78CDv~YWjUkz#rd`c@wH^41--))WR%uul8iBs8|N+iU@
zPp0@mWq&FgS-+&va`0XVa8x0q!mO;Tgm+gL$R8o8FMincLo|*LMzY5S_3|j3iXOUT
z+-pRcM*LMT`JzeY3HRAs`$FT{O_nQBHiM&rttH<^fr`=S0cMx@;+xM6^oG3|uIUjG
zG=#urlVGG+blO*~e#)eHb4OE(*1r?$RG53A02sU>Otuq?zNoV7V#UOQ4p9(7ci7e<
zm#Flu6GJfARS~529brh<Y4QLs9Yw?aFVXlo#8^1QGOPJ*mBtN;z!e|4Wnn!F1ceO?
zzQiGz3d0~BkneI?f_lfVpp7v$de#?2#KikxG;Rqn9M}rlwC?UwmV)+E;4(;g@i9~O
zVs<Jo+Kda(W=0LMC_YYfT72JoFDqSB(WFY&mSg`4JK}hUQ|EcnouIyhkKLc8ppR|F
zKO08v$C*i&jaBe-)_Q4dwB2Va{q_3Cljqw5>Z)SERwk>&(F(7h=^!=3Q5b9z8{L@J
zN}bN9W3p$9d=H-HG|x|siU(yY<qp!wy2)1yZdES>##&hhCW1ePe?!RP)hc^O>G$+@
z%%qvIZRYsO)vK!5krk;J@5(q)EH|fW1pJe}1mdg4xVX5<LHz=ZIM5HzJ}zs{MdKvG
zy4-Xd6I$eg285RaU{;nTupr>pZI9>rX(BNQJm2RNN7q*u(7o!7t<j)sh;kki&iROB
z8gV!Y>aP7?f4#(9&jI3DfTs%9MY3jcVw3y2TLP12>x1RktsyXnGF{qht(Ow{<lQ)C
z1j^KGX0-NJNcxLO?3UlwuC`d*Si$EP^!xkkIuG|o_i`Pz7*q~w6k9$}fA$U0Bfcn}
zId2?hXxmddGvput`onzdWfjGvqbyjs7oyir$Mtcf(9)SQn6=c0mcYoQJy52|H`=CE
zDH<DRsgMHy9lW2ufS1VmN`8U9XP)wTI4>6ali%Kop42X_D*6p>U0f{?*?6jzo<`xo
z`9xQZl*^nSyuUcVxCim^1+u4DSgM555MCx5go0id=uEPXCYyD>09f4!e2kanQRFNy
zJ-*=G<MwBjnTt-o(`ip&Y^5Yr<#H};!f2^pJK!qGe`z8$sUc0+UAc~BDF?kT$#n+`
z(aubQWbJc;1?9z{KhxkGGXuw*$&OiUlxWpAe&!Q0gb2>S{Wx=Y{<g4{w8+aQLLYW9
zMhYy{CuUq$b!i)V2m#iI->Qjsx_LX+y7hvPkA{=uWc&Q^zbtarhD;<rs+S(oOv3*0
z>XO1?7Y6N|?X-Rr>np0tnPkq(RPj*-H+wurXlXiA+=aOl!-YK(w~dA1&Z<=KdRUVz
zxEnK{+G>@s@>g@S-nfu5w;8XZ6O@0>_d|YAzDQy`_sW-3FZ$))t9{93F^|?~`xy<-
zTY!Ul8x~VKk|atL2^)~c@|pO;C&u-T$a6CK4x;EfmWhO(WFdM2jG%qIG1aJC9Caze
zeop3~Q&bdmhOnW?7qmmnDhr}Wc8$h;k)4a<hAY86>EAE=%*TLBnDOY2m5x4VKpECJ
zFkIQloVb!3&vsXz?GP$1N&ewRKQu*nO@i;jgmD!QOZP2Kz-U&gybY%^&W{N3;FlkQ
z;dhVOwh77cQ0jc>-fGa@UJ{Xr^<X$3UwLhmcVs}6Z$I&5Pg$xe41~2fA^AwUu}t|Z
zd9tq$ATrTl>Nh_92GOS>d-qX*VWpM1XphK`cE+NgrTQC)8b=**BXC|kMfW4EF^I0R
z2cs4d#by|dA${LTqcm-6)w~J1&{TQy{?(cctX$xsb$uUw%Xby)2mDb&9W|=?nE5gX
z@P5YWYHR$?;AGi04p5JDnLjtlDegG>5ryVxGp1?mmrds0v~IJPLB9_ykrFFs)^qeX
z0(+ym14I&*Zmwz@MnERAROuv+{OF9M5s4!oYqTCrN-VcZLmr07h7-P@Syg;<wRjT&
zZF%NazAbk#J<3X4LBJ}O6{`sHxX+Z*e+jtGH{pbKo4(B0hk_Qm&86`{f5~e>0@&U}
zNnAU!3a|>SvW~eZ6ER+K)b?RmD%x<lGgnvwLRRN!iU4-$fhS_G3vTC|!%|QhtWO9Y
zcR8H*G_u_%QMWCvB%o7F0CS9lEg@Sv5NsA`dDdhJ7AxzwQSDWT=Uz0g#`5p0j7-vx
zDvs<dMs(GF-guy`%Tb3Yh_CY-c@yIs<X?0wwR-Z`xVjAAYNM>P0nw_ls6oid!ecvF
z3G2^pW3^w21TRN?$-?(RQNxPx{n^Fn`y!k^p9p9aIcSpNC@bFSC7<MuW=9aj23;hm
z<3ymTeko>+Z=9vZ=1RXukB1Sl%<(_c__UGcGO)e=UgR)rz0xYACTt|L+!F`6&D4Zz
zdzraM;F+%>Z3Cvvtdu5~_KWsjdmuMK;O7>Mhq#pZ?(bH)lYCc)-u>B4eST=*i71?<
zk!3EU0ypeXhVpv3dDs#Nz@4!;yp(3F1l}n8f@H?>vuNyS-;vB9zO_}BDsoy^?Bg<z
zd*M?UFB3cquJ+lJUu8R4D!<U9kFLX4kJK@553XnB$W6U+3kleex){SlsUSd~I{a!?
z%t55N+!r%wQ4pR=^b=n>HkIU{14cAum5y@R7H6g&dm>7DP7QmP`)SSwH)D}mF6=G)
zc@jj@difrQeJj!QEOy_ofVXzFv@|qpwO&ep4UiXg^Ov~#B<Lv>?w^HfP#qypU3D0(
zpX|{m(#)5i=Xx_*|Mo$_@9f7<M83vKqw#}^3YQgHIf6NQi5>@MB>HnmJBKrhnD2+8
z?sa2WNaKYmfc3Db+18EqUiy`DB|R>*s)MlT#(mMD#ipBM*`+#(yGY*(l)aZ%y7X=(
z_R#nR5N!XK^jo!9$<Rcg=a&0(9kDv`{z(G@!UuHH97losQ0?$l+o#_`<|tW`>RMjE
zR($f4T|68v{Kdr?07TK?N2lz}tjO?)rcTTEO0U*+c_!cQN1V4Pl@hi{qCi^?Ba$};
z5?V=kg&2tKc#UFMCYmVM<NVRR3GGBfo2TQ@w1-%KeWJiN3JnH{S7g2M!J$DZMZW{!
zACPU|3`abR`yFIFT5U+b1H(FW03r`2!4iB*Tx2aNBlu*Du-y2bn+X~XC6R?MqDfp?
z+@I-WKYZ4fy%Q@YZnOtvl0R|MV&5&8CN241D~NU!-zve6K|txwbspJ1{{V#!&Ojbu
z!HAQQOTE0(B<CNZ@Ynns*8?qei?U{#1-{PZx4|kB^pfmP@?VoG<8_9Fo6JP2*RUx{
zEXEVA)H$}Q0WW_ph!Q_mb*oBgM9x+H+<sI&h1j)cx<YE!P-n5-Oa0QRFFUDWIjU2v
zx@&T^wQVo_YR*gcW`=_870qWe2@}J-6=?Nod`%t?LkWk@ML6!xe*8GudalDA%$i!e
z+()tTYK7LBdd;woXv}WVkKP9YX01>Yh;?r^XE-@qDZy2jLGXH#Fh@MWUg6>%%acwF
zP(I~cBiH(CTSP^_3M<JFyGzH_YMWb-yWnztU|nZ}^Ydzpf1ms*oKLajROHjfq2d$1
z#%}>b{^LS<nG(-jba)~!y%=<qc}Sk^0rzfX3JJSe5`>|$ge`>}!&@l?M=v<zIG7tV
z!UHG*RVk&M<kRiRb#ZXAk2M}~Z%3*is~R~T^@oIbP*u7phfh~c)ck*xeRWtI&(baq
zi@Q6EySuw5NFc#o6WrYiu7ThV3GNWwApsUi@Zj$5awqwnbG~z*@40{6*?)F+w|9EF
zx@)Sd-g;|Nr(SZIo3AR2HG8$*;v{W3+=l;2KPyv=5@r|2L@E;MKB_si(*;c*r4=rc
zx+;-ZT`fmMF_L1<4~eNiMe&^8H=fh%@D`d}t0+nk|CaKG^kOViDlURG|MSY~vvY3i
zN~?6@vQfU{kBy*LZa@C2fxk9c<S(Pt8#Hx-##^IbY12^+Zr_qwguS@Hf>r`p+HRC*
zp_qy3YQ>Ds5@qP{tw&5^IX8EboV`I$SOF=gVPNS`X95X!A)dyy;=?>9{46u_`p<wT
zq0yud0qa};_k~b)to6`@ZjzwX9P=k&YfEX4WLL0KK^52?I85VAdF9D6=Q-x%J1BPe
zgEJC)A&)gu{JjhM_<#T=xy+rRROm2C9yJklAPlUh@^B`VJ`!g)uhV;dn$*_eleGw5
z15847$>lN5m#+ikR<rgn=M&1F+np{i!u~4)CJL21>Lwz))ma=U%-H`}pS{5v$=M%6
zPF5JE?gonAHRhrA+OwQI4k)2J@vX`HT%#w-s-Y5rPVh;B+&S%DV2BnGI@^cBk|SL#
zVcEidraKJ35)hzYMy@ys<w<N&yT$(aj0BQ$2dXD26tgfnQJG`nV|v`H*%&(0)a+_*
z6PQ8<?Rx!hQL%bEwMN!;f!mWoCWjjD0VvgIM369${qof>(Xb?p&OS|eR0Y|sWwbQ4
zW5Mkyz{4WHsXF3l_GEWD5q_)7f#E!sSaRNcwfPX?8*w>w@sA<+clQT3TV>z8u1a1A
z6m<E5lS)z>Y9>hUO4orej_+D=iD?_jpIWXWFsYs-V%Lr?Cs7oQRB_V3chM(vi*4bG
zh3!dGGqo|F2ZN7S_owenFt3B6?Yaxpm&Di9?Ay0R#mp$Kw+Q2k(H4Slr}=hP^}$#;
z<T7rY_fokrNUK9rNYFTJDb;!A6&~B6qg?6rbPU(OtiFeb!Cz4ObT+6kYfZOKi%8Fu
z|7S_*UPjPDn!Ue}XA2ad?2Mao(tpU|AQ3?b#i7DSDx~ty*%#VdlhN(3@B4U9CKwtz
zf7@dk(ojznG+D^{L^!SHy*LkJTsD}E*z9n)D>~P%=84b3^6gZFQ(b6Vs?wmibWHW{
z)dtjAvH#BRKqxaRdS6Qbz4ZZAto9nf6fJc62^U+AAR2e6^?hVHv~BOK+xxs6l0=Oa
zu&k-8%VCtxzjv{lxM5*^e|@dKr~PN&5(NiLA{LgK7#u!n4c20L5HB@;E}=jE8O`Qk
z#d0Qd)^Km|udh$#X_lD6OqQ>I4fn3gYU#J}zo797Q3d#7tTp<K{MY|bKJ`!FM5r@h
zDRyc7mK3-I1MR6B>bXKDYE5r0dV7PtQpBo1uw<&2(X1%HVR*#-pDx@|@1SIV7X~jU
zxkg9ye7k1-CcQcO5tW)itlbD7pB;I$^z!a1KGngrKd-&cK(i+*G#~BH{8s=MTNilf
zEuDX(f<N}4%t-1Y01Clta230zn;Vg+{WR0<ckoZG_2w#P)YEOZ=BQp`vLAOp4{_6?
z*zlMm=BiL2%=pubP|E-fx0jFm-CZ=I%VN$=g=koQPXf@OQ5RjFyX1FHY-Pbu{;_ih
z(`A0Y9S-@Q&AOPX!@_iHYIaeuRmF#e-RvLMt$*w=;zfT4#wf&V;E~IvvemOC?qo^w
zt!Wg4ZechcNE+pj36B}2T-y0@-``GV#8c}d`G>>B{rKHcek|TQ&F>Dn6=D=WgGeUD
zMype14A5<6t+3weUc%?^zh|>49P~RMiT8e6Q==eeGp4J&)?4vK$p2BGRkLEkJ`8yB
zNhALG{|RiBz2ULQlsq<{lO`>Zuk7S<uJwZXkKqGl9b&~l`FTXttk0>sSXl01R(i41
zY6iq!($3*OvX3)5mk%Vhw_Qc)JN%S@xfmU7br_7twQGK59W+3CcSOSVZ$k_HMhe{T
z92rXT2D~X6ezf->(!LcLde#VB{c`N<0bQ~hVZPQfW<y}GzNWSxd093hG8;2M;z@P|
zKdE%=5SA4Bup~-r^fqiA>xwzuYLuV*W;sJxFO%QllXMJa(fsnCX$k1IKXUP8`RZ5%
zp$;-Dv+kpQYtR1p<CBbT^{jHHASAY2paX-Im9_u#^*t%6`ic+Az3huMjZY$HQ&7wr
zKy*GY$h29hvYW3!d7WlUjgTU1VbbWz!^h{0Ar!+3K{i{|d9{BEFxNbe2@u!`_&(q5
zjHZfJWAxNNa!DY;%{~D|bGC}ZxV_J^lz-|{Pz7MVw*KT|@XKf`2%rQ`dsVZKa0ObX
z8=z=XSapwesitTA^s0--Pc&`}N7R(}7GRCp1wg8MD_H+nB!70fA9b~2<7vh_P41+z
z2JR`b{cqP0vjtt`w4(FgbaF>f8nGXu5MU44cFfCQ!FT~)W+1jqg}x-_cnst#egE7h
zO6%0nSIct$tMoi~9F{hcy#Oj$ennS!^`N?|WF^E9EOJS!?K*LS6k?t$(+i~RT>|Ou
z-&dDfT`~Zg0A^Cmw?G6Q?}DC8gdV8!)x=Qwy_01woZ%1+6Atig<K6__{i(2J2VhaZ
zmX%?yAyi<hD)#3DPQbxotfs4G@^#>1Lp*Ddegn)iu15>JTO`4$c8kh6<f3KIGW*A}
z@Sjw@XL4cgn68=0IdERGe19<EI!Q%7TEM@5NJ(X0AWoB9SBh=dyseOU-e<a_oXL&~
zEsfHuwzjjH(FhwS*D+RY?e&1gjud%SR+j>y`laSmnxb;q&aNN*Ky+l(I=u`*Nj=w|
zVe)QL@+EJ_qx8{V`)c)+zw#ri6O$>`Gf!f^{79;*sy6f4BE;!SQrCV~Qgi$dyM<is
zuct?W_c){cE(TW7@^%11>Fd|88q(4scOQt}{d-=obHYiMNKh)?so7}>@AuswN)|zK
z;8-{kJjreOs!ks7E)qPXx4&d!*o@PSV%jasBW*T}bF0|{Ohx;SEJG4`l-mhD(}>p_
z(eP6zqg$67bNmm!kC561lj|)P1)K0;iOY#9XfuoD4G~h<&s&XOdSX3SuZ;0Q7#)hS
zO9#_++>&7%eiz`H`}20M3v(zz3U137-8m$Q$WoQh)FPlIk7JyRh&yP;9d;LEAZoOv
zLnGluffYD>(2zn^E>0ofD3MoJr%_y7+`HKSv_?L43`~nEK+tajDd>h_Ofeh~tD*g*
zYXnwO3*rwwZjKFH46h3*bYHmdd!MZ0mbwCRU22TNyEh5@!52%$dsD@c2BAow#@owx
zj#(MqKfYUUTioXd6K`Ei#ACxBs4;38EYDP@4ux&7xD}RUOH^09n!wzzds@HPy!zhs
zQp%$3Xk;Nww4A04?#DBnzHY6qlarKgqB`V1HRfaF*dk)AuF@|1+CbnZNl6-T?e)cl
zweei~+~z<kS;9Vd1X@x;Vx}Xi!baSvrAn@o@x2)qN)v<DnSH?E_V<tv4{5QwS70ms
zuPOGG9<u2Us$tX~H2dltE29ESH>lGj4(<7X<Mv#ym)lx84$$*|#2f|J4m-A7mXRY=
zZFWQ+>LV_v{p2Ncg+bl^qEAh=xBxn%?hipE!;T0el=8gTR^^97lp6EFq>AJv2SHH<
z^Gt518Tm7^h@`O_jngS5u(iWyUk5#%*-AX4-4#;UXC<3K6<q+HWf98DSbxchNX=rS
zigBB9Xy{R-{QUPw%+w**t>kaWN>=oRAC|tk*<nV)ZL4U^9uIMM$aEGVUqA31ctQnD
z>^Ra4R<^Xv8SJ?Nn3aWZZsmY6#^89l`?}Jw<DCdWf;Y=9;QPUH*#%S--sZhSz(b~7
zEHSMJbfj7&5I2QG%n1fO#vZqlCSn`;5{{0jeyh(`A$-m67q>f0FdEtbhBZmbU4q`(
zjk8rR<8jCMT8VGsmY1LXSK$GKOd2MK@mL1$LW@)396pP##A224Zy@_}cEFQTV#%=_
z0HuGtLox~Kr_?=%XS8Z>pB`+C4n_3%<q*j;yu<j4p%P`yBEfp6b81!((?tY!)*Q1k
z__XSk$eC8pTcl8A+R=#0+0CQT<Wo#+h}9KW<ZPv*tkk+xrUdABoa?Q~6zNF`J64zu
zSI*XvU*dEZS5>hbBNevN;<y{xBoquXD|141lO)0yc1+P^T(naP804O5h6#fguAVzg
zP!@^K(K9s8hm@9p*=(N`pJ%2R91$NkH#gs#MfjQjOarA%{|kn%*;gjN{oY_-xhu;&
z8oh7?r>(VOr%`?H_mDpKdM_16DT!%^gohy%ir5qQ3TjXj%Enwg6h091^M<O37n?ea
z6b#JrX9XxZ^V2Zc#0Xs&BpT{KF^O$~nN5ue`gWKs5@(b%MBP}yT<F=6ox_Oq)z0<Q
zz@@W=7&IwMj>u3S^`!eT_v&kZJU95>a$ZALF+2@0+k{nOcgy-rgtf~G5G)(;3rcXo
zpqvH5b*}JmGv0$qKG2L-A8KC!n7BS?D?kZ`<=@Y_RDHATqaGRSO37BDnz=n52Ew7+
zL=6#kS`Vc>&8w(T0YXJf(%W!S(42jwavTzL>FP@^<0B%nPzg|bVvD5pK(r_b;6bwk
za-K}bsbBztvSIxKip!4&n<Ad5r!D4@aNQ3vdSX;9`Af96i8v7tIt>kcO!|7XFB!$>
zQulj0M4L?pV9X5I1=e%gD6xB`WpqPWXKd$axD61}N^I$o8p(U=o&?X63}kqw?8>hi
z&sI+$-?N5;PB=^!h*Tic*csk?!z9L3rII6(X!CG!S;(<Yo@tn`1w^W9j^6lw+fcdr
z=|BoR;c+k5_JqEj`PpYjlty-r26E8p_i%euTl5n!2@#pG?OU*@S95Quzdo~69Nf?>
zY(3KUGg!j)x<tZ#A2RtEaVlX+xgm#3_(Swfz_8dFiSGvy5T<op$S4&m)EnPx?m(#R
zbMPu!puHO{HYN-bPNzL4*JY5|tug~9zUA;cq1qkMXZcYHl|78vUMEikR7~;5GQz~b
zxj-amRef=Z6iP>g5QWvD$Ni@k|HgsZC?m9k#;5mGa&nX+@d{A7`?UoZX1+k|!^sE;
z`HntHAYr=0t_@<xCpZp}Qpt_t4ZZ-?3bBWr#7ot4t1>c(UmrXI6&kUELs-d185P9y
zo(c-6sg&v@1*QOoKr<wv8xCm+N`)3kWRSY}lUATtOmmPgp#lPx=H8Iwd#JM>5gucs
zZQR)?dQ)JpFj(0ALM8*V)2*DO9+@M)huzqn(R|NIkw0@3;h@?YJQT;=f_>ogNr93S
zsVMoq4w$EmEJ#f@*oHalgWJuF2PQ~8t<n)rd2vSWmKpDToa=9b6S6x&ccqVyc*kd$
zUOTtM12o5-HZo5^Fyu5*pO{{C80CLWVv~`YeIj9@4!W~EzWcNeBO|=RDdIyI6mH0<
z1?)fmSb9_j4ECM)Z~WAPCT<*QkeWX(hNpiXu%VRJU8h=(1U*Y-QR#yTE^=&OgP`Xq
zlG6DM1!ZC0OHT>ofaql4lvz#Kz}a;apRDU8f6m1ytlsa5`@uyLND~U`WY9xvq_biR
z&_7Ja5n<eml{sUNFURerelN}NTiT>-Cj^!oB?9G9Bs<idoIrxYXx19}s<yFxy)29&
zNyUEqP&}geaU|R^L4S7Fe7?aFfiou55e*9_?!1YOC%dhk9X#a`(koavv>Xio3M9tw
z_@Gg|IICsi)wMh_8tkbZx(8|r#fDtK<8+a1XBr@a4hUd53P8y25I}n_Es;}*+caoA
zX=&5>+uP`Q#?Jc5=hu-(g}#wWr5tNKJivD7Dz#IWT8$12B<VGifjOE=iww-HI5dJC
z0kmWgR1VxZ4p((`mB#aa^ksFSf~O}FjTJPwTC2f_1cr#ZZ1MR@0W9;g+Bk=EWppW1
z@6buM_xfn@?sx4U>zWEMv;!+Y^aE~iI~tK@g>Gdi6RyBA$vRIU2<K}l<wdELU_<UJ
z6Rb!%Kx{Wmut`=fZr1Pb>m&^YjL$N{a0wQu!3w*mmUx=n5U#rxllPe)RGyVACP|JZ
zxI_R4yVJX%@?t~4%<<sF3WR@k>-P#l{8C7c1|`@yPpgC?_?}7#i3%L~a)TkKy)rOn
zQM9>W6Ydw#@4Me8{_@3CI=Gk=F=>O3@qxyNtpuURtFKqd{ZD%kbyu)V=@he`ghP9=
zTt-E>3QU$-oPuv@L@>RO@Ipa1=n2MXoTXh^$yrb|##lU&pyY~i|D}N5Q0tIZ`L;_U
zEGSIIJqRK-2usEjuUZvk<jk&O2t>}RhT6ApeM3B!anmXW9Q=!)12b_P^Cd^Ng^_h6
zLl@6c*MmIM`m<X6oMCR40uD2<$6}GSPXj(A=E-C>=9={x@i6&!&~ZDp5>25`R%=zX
z%6`-<U64WYLIAl<6Tqo|xm{{LDZpOFmyOqMxGMhI+1ClP9Q{65hg7G%QLz?9`@^pS
zOuRT1jhpYpI~Njw&eH%dS=%id`NY~PJRxj<Cc2P=aKuuG=Qz@YicrP*=IUwK%Jxo#
z;(-v}fcsUG&QY*I3DgSl(C;NGs8pad<cHB@5PMNS^O<(HBd!f`C*<sY=fw1>xTC`o
zAR~3CsEkBY5H=?}57#C*Pv<?RQ_OIuIxXqab>B<FB0cQmrIOku+1dUPH9^>qlv^ul
zNLAME&`yu3zp&%m5X~_X;)b1L1m;jnFqX0#?J$3&eBKu0vTS+6^6E}u*)nuS?S+~e
z%aWK#L^N*4(S>P^nBQSxWOQ1DU1D}7QLyH_LzJUTCxuG-T6>rbkqEFs<iPO4NbGr{
zM~#GFA~%G{COxlJa?C2^&d&xW(Du#<SOPF8PyDiP{r+^N!7snT0qqo?OXp}kWSI-n
ze%tCgOoS8aXcb%jOxG>i0dE>~$i7zSM1?L^hy;4F=B6Q+3((4h{6L-?s&w8onvn(l
zobmpOUK}RCI!5^nq9I+X{0WBlSRsJNtzsDw@mH-(3U8=qR~!cgkv<SGyfQeekizjo
z)iPt^Fq<@Zsq4N|(vL^oh{@x)LwSPUPIGwXX+9Z>mZQN|S?8h(KE7%F$Jd@{Jgev_
zNu5ss=G2iY_Y&W+GJw(;FFO9wYa=>eI-Qi!zJenGQ;XnIec?Q?^(k~P;P51kBL2|H
z@&FZ#NuyRbsi+IRC9fJubacJ{%xyLA9mHl=FRg$2W|L;!qw81lN18<!oMi*GtwR5|
zP^@>SLD-e*77563DN2{7YJ9>&{LN+M!tr^LKeII|czb`9?l78T9}R2Lss!8zrZkTT
zb}A}56h(YoeE-lkOY)H+bz4s5EI_LDp1+LAma}VA-)GZ4IvR!1JP-+>@>@G=0u*-j
z->|KEFC&>9Qrni=M#tRTi_s1By}GgnENQ3^niezjjDrX@?7h5IlJq$R{JncF`|sE<
z6>NDy=oKNM+-nxQASChL4IWI1aoC(PU)j^CQld|LK-~VjUixV^BQtKRoBSDxWn!&!
z#REP&)+jUgP!8_1>_ODvx-7>X5+T;<5?buQ&wqTNQK7mT1=~;JC*fD`m5YWJJ;txM
z`f310|D8b5Ca{kshtK$7kT1dMR8Hn33uBMMWBuE1!n5+tx0Si-D$cL8r7+)|*{h(@
zlRc))YULs!P@gq@bv7F<aMV>V#>a@HsGOVF0^EA9p3W^o`BRy<QwNmcE*Sm%k667`
zk>CI}Vq&Z}3OQH^^xK7i$h|QB_%EOmLtURF_1#wbz1y=L`B?fZdx}`jDMnIUTd2Oy
z=fd$kSxY#O9{8Je(UyjMbG`vkL?}BgwN@xE$z244i9F#TV!m(=ZtfJ=@KY}C3!%|b
z&d^cMoUR4pp+aO<l5rikWKT=5>~Dh{v2T73%|Ft+GLR+`@3#v+tK+n8A~ojTst!KN
zM$)V^7P7;@P<0r8US{PnFJejIb$xoukCP3qRj5(m7)+;vrA=(EGW?a@yEHmg_?^qm
zM_B2Cp7KLvZs(aR6Jh=mgAxjyJ7pn>kf{G$MXz2ix>uqx3pNXO3}?woYDlf&=6<d1
zZwOgh;#@6>>QM0o*ESxNA(uO+slGa@rX+63ELF`0kskguBs3cmDbB9jq_7*W3)Te_
zn#JJ2c<X1qY*`tw>?f~s_O96q>Yo*a+YMq;^n=clu*6s3X;Nq9DQm(w7fGk@vRSJ>
z3a1gh1z&3ZbN#^@-K?TOa(bgG-HL}=^OKPZ5jVrG0>VK|f_{0q_9c{X8y^93rwL}v
z-B_vk6aZzi9^>g^1Q!iwmS~)49K#7~(o924Q<reLdR-}$C>#{ZZuZ*cqQ`IFTbJD|
z5_UcRWZira(xZSUC+ST<GebEcm`%>WV+ZbxtPiToO#Js45=v_TiT5<b3zJAE*-0?J
z;QDY0P*fLZzifP$MH5B!A9`_eauh!cV2b9l!qE7VvKv-oI)Hq&DcFy9#*3M({-6Hj
zyf#+;4#59DR!u+5RL$&Vol#@O#D@<Q+rHchPilLdnx3-z53WF>LiUY|qD<=%T{Uw=
zeVUp+{8l2xQtwZ-!UV)38!Q{lIf%N+i~Lw+?(;q81gx$7W`DK9luSL&%QES<g+spb
zr0dJ^Aj0P!*ysN0c$B)_y_=Qb#CH^`T3k_FmKXpmNA~9O>sO}r2m$Jxb_9Ua{*S;=
z5n?!($y1*WfWvKjl&It7`C*~mtDX<PtAxF7@C%z{0U?Q?+0S-|2q6c9G@_PO@yAH<
z4Y9$K+|WW^ekDrObvul7QA)K)g7xrQs<`&CFaI9F^d7$QiMhElzzMkjaMDGf9-&kD
zu2@!<`%+F#s@c>Ie`;eSCMAQ}{mYX~<G01dp8=e=h~jJPkJl^#>pRkGx=lP|x*h<}
zICK9WOs$ioFD89IiqpnC?0?2q+T=~p!Z}3zMIRspD6l(je_P*RrSWMzltz&*SJYXq
z-03%VqyKaMw|!fSXO~mh=Wh1foz_lavY3f$>tN@CGLIQ3Ck~q_FyL+f_&Ee{E?{Hy
z!=J7F_a)xH2|{lLSepq(R)Ip!f4G0`0Ic%68si{7l}vyT-OTOeZ9PhDCkkuC_g_xW
z4d0%M?u?*?%^VKNPwX%$Zcly~r+gACEQ<6;tPt#8xg~qK*<|a71#ZXly89m?5Sop?
z%F<SdhR-21YIT-9^jo<wC?*qjw+2#&nOK>o7POj{)#9eZ@|rmp>xYWYY!~X@RZ?^m
z#?_bp{QZ;RVzwu44yVo3=<tzRe6^InkMkWlZ3>xeR2pur-fMti;CTRYOVYIwu%4$w
z>Uk}J4;rKf#7}6JrSj^Hl$0czP`0c1{VvVX?>3#ErJ7Md-QzsLWQ~Qi)QR{thF^pD
zBI0%;{;WE&B%jK+#zJggj_BQf{n~9MJPgUMA#m^WXK&>6@1|($J7bFKjUfuTWRnFb
zq_Lj+;%{-f){P!xy3T~3>CthA0R0gCXQ9TN9m0TQ0axAeatE_};~l{0D#Q34z^TY^
zR{|g?+rbzjrgSdZgL-K{!dL(+%hIQ8NlN?)^4dlF^FrsHel~yASD(nER>+g{%96Ny
zH~HL__WQ^Vaik$@Ri4*h=Io)1WsqPkQBQH6dmU~u#MjjyqXN#jp9fE>V`>#R@Ik-`
z5N>D`0elGt9p2g^ZqMgG*slgj9Lj)=HH))Bi(@_j9`Em+h5urIq^kCFXpJx%S+49@
zTNajvn9ZAqhlNRdV_Vy{iUsH4-b2(|;M9J0rexg5<CoKM!$Rjv#>1+A3;S{W!=}H{
zJl`Cak3Vh<em#7>=>f`=g-iu!H^wb&*DA$hXxAyppHZ5omHm%QMprbV`cL$+M*-sO
zT_AI%pcUU|SLe-}sHaPtZ?b|Y(I#F|qJpVYOBD)>NjO(;1m1`v(zwxgVBX`&Uo5|e
z;Bv6am;cmil4W%ueRW_(QFe3y`FXv;U!Ya`^pmr;rWw#*lk|BP&jxOyWjZ?2u%Jg5
z95cfmKe3@5!MF`UjGc}4tlR^~jv4h8g4vyy$rj7RoYC>wjS-yNfS0`>zZ#tD1!C2S
zLxxvxa0g_e>){WTLbGf6-G`oUp#xS49z$|Z3H<v4*cj{nJ<=DD)uO_}LTSLUPkonX
zUc4i$F1q4mx;P5>)2(N#3`~`O0W5<6bpCC@rp5i`UIAN9f0F>c@<9@aEM{=;z&M2s
zvG0oGtjmgid<2U~uhM;5()&SZ`N59Hu885pOGI?j!GHTI;Jstl68}vAC22YD8XTTn
z5GKso6qO~YhUB{MU+W{LqgMEO=s%;+g8CoTnjX*y{#ZKwvuSo_W*=Z07joNAvF`mt
zEgMCA3y}6l(k}rtZulQrdCvi=weJwfj^gc!dcS5X)0mpA4cDrox6tPjp3>$Zk^ufH
zqwfb#-V-CYN~Y;?@HG9`g$`k6TI6xlCDy^8WI%YbLC(pL95Q28N$+r|2V?rfu-`Ql
z?)^D)cn_vlhq1qF#evntM$7eQo<70+SueH5lvGqi`ODe;n?P{moBL75c&>Q0*-+db
z5KWyPq6kolZ3kRSjeZaA``e8GCEQr9c&=JkMkc>1uOIet(@7V$Yco%M3qK9f3kzvw
z-<oa*Mcm|2kG0?Y#YOWP!xL`IPlq0){ad#xtJD5xZ`1T+gg&iB?i_x*o&x~pdn+>J
zB(k&So0WFqLRK~8*7{uKD1s6R=znW(Z;$+Rs9j;^1bmnZDr5IRwxL6j{wFiU!ytni
z4EJ8cIkX3pp^F`ena*MKKl211;jjMrV=bt><XYtYEN*N}U6}<l^X!@aP*pPZgsB4Z
z13q#QbzF=KFLVWTeT^;=egBj1q;X|Hz7L0&h2cA3ZiJiVYJcimUGYOau|mbZ(R!mX
zos@W9@Jh3g<H=k+XSG!Rk@U>2DEXxYDo+FnTH+%nb>Lg*jI_zZK(Yu1f`UXMTIqk3
z2mF7_;8#8Tzj}wt7Q=~;p3;8`m$kCS^0mY7p{eTSHk&+5oq*3HOYloo#FaOfi+8w0
z8Pd=d-8pzSW&72qzI6kHt9$U~;kooQ$1;tgRS-K!SQsj?{Q@r6j0k+Wm*^jRb4QxH
zBM`SEk`;g9>|fP)1q5dby)L$G0MGC!+(fhlP&A-WL;)a=FJccuCl%<f2m~@vMS)Nu
zy=&_XfZ`ZFghGk2u?#1xL3HmCn;Qx4{%d>vnJGjW7E0h=v~q%L<RHL@`%BwJJ>IG)
z=M(HzjKSnBYLEmBMANJ3zDVr_NICk$^9TA9Hqm<hI^XZ%`t=aRN?~q~tD;h`IjQ>s
z*9c%#ngABVbV#mO_W$a23tM*dTl#JlsA5Sl${+G}7zqM4eF?al=>#AcQwVsvL_JRf
zPiig?p+1tjJI*KkHBSGiUbDQ7(T}C|@N14uM87uL%WfL)b80y=CiD<OC06&Izo#;L
z39T%`2Ew=hJV;J3>hygJ#A6D~Bftg#LYu}!2a?8HEF$D}4pwacT3$YnSLSibU40>z
zyKw=4(f@&=L)==(XFGtz?*q7W5GAJ>7H2&)5|kyJw`})Iy$8m`Q4uumK)iMvn&o?d
zDW`vArL4`p0eAv6z0Yh++&sF}TTI{Vbn$OYU7irr?yiyUHjYtnJdK2-rpipFtAh&c
zTJ)qV?F@O>*~ZfQ9J`;1cf0N6VzTZkkmm^gs=!k+m-5Bd_QPbNJXzs^LyIDN*ZsF|
z-uFB_TqTLMAhh^6lIsm|P63g7SXgPAeG1YyE8P?PqZ`-L0q1q%H`kqBM%NF#azot2
znZp^7y;(6U%AG?6V;PvlgnH47v(Tot8l4|mbCnkAFi?-#@6cQ4`@11t;x+Yr^N#G=
zm1~;6GW@kG@wAS@>o=D<tL{n-ss_;g-zk$l1$`3CPp&SeF(z7cZu-oRx|{r5p-B^j
z1(K0EQBcz}nkc`QDXnlNfLe8EFy7bfz>a>hr)=L^lr67nYmU;Xt=!i<+owvc5?01r
zq|?G_)u@Uq-4c9+^-4B6Z4BLLNiwkQ^y>bS*bNNT+S77H`yShv%jOCil;f+10dW!}
z_6PT0QwO()0vthkNh1=v4oytW>g9ayu}cqP^bU{GZ}-$X;~c^2-<0jLCpR|#-t+47
zA`LWDjqAB+2gUpYeb8x)0|sl|hyMPaq9op4CWC+~CJzB6H_hrapRSz?YD@`m#o9lk
zwR-obrK9Nuqc|v3{?UJ|xd#=m8o%bw0>&gnPW#xkV!vbseDlmc92Jm40N~$ERH=g$
zD6u0$PoSV?1lG0vuojLGgB(2==<F`gQ!9v`gfOX@7Hi&W3saQd6E%PL>sGGArocf0
zn!r&5qX?A{KW-zk4Ky)pcwI#{&1B#a9;Jhk@rq%wOk2AxtL*-B^N7nTa~*ar=6^M+
zeiPMIjA+&PS)#>$;o12PqB&2utp%s2VnNdU#dbDXTl_)I3*9?b0xD4gj0uWSfC`l2
zFgn*9v+vNa67<MGp;ga`dR2F=g@f{|Ew?1R^=8=R^q?*&_xuXxe_9w9cP8v4@N4rw
zS-LDDT9EL4@vVQ->e%^gYuyeJfhhS8&LRU-Oajb74Go1HmU^6Wb9(c0;xWPYk)X_W
zXJhOsyaaJm^zuCn^#A-Ukqm|oN&iT_EdR{ERVb&9B0&DlzDuXre@5h0o(iVt21SM@
zUd63ETyHMo-w`HEgzC;b*6=IPbmQ~*&S+J;ry*UZc?Hrtx7*%$Ihw6Ke{jH>HN2et
zD-Jk0FcfL`2S@jK>>IR$xrm6ZwgMv*vfr#H0jCf5w8A@3j|w<4XLaHar}KXo@kM<7
zpS8T$sa)4KFEGF9SKT(=$z1CF)$sT72Z%l7>}hIRu&rc&LJ$Y8>izC|{2EBhVwtuu
znW6A&tn&I8xfqic+6e}xz)+7z$a>4SAQ#G49G_JXK!09*sMsoW4-lZn3CR8$CH<RN
z#B1hy-IJ}?4jRZi6BW55>D*uC9F^V@mZn6!4%&XSUrts(P-mU}9wL^ke(E+BGE~l_
z_3LK;g6sxPA&wbT_`I1y=<h{$Vcuz&J9=gQo9rav!4&zPb=;WvLd`sAU=c<|H@Q!|
z5IZTYU4A>N;X9?E$ka?<-K#*vcRpoh5DSB`L{8y#+BYX>^FcQ@T%S>~?FqrSzd00u
zKAVP86x%ElLkh?Hi+qKuEg$#LUq5p3#G%*;+cun(=0E#+k_G?{_HDW<;vM0PHqUIl
z2oLYOTRRz2h-(b8)<ipnz%%dQkJ3l=rug-!d-P61OzHV_II&}bKCedVmX6QScX}{k
zsRV7ewxbR<`|I@E=d;5C<z&m`@*j~nc#g32-#~hZ`Qz1F$7^X#<|7nlA1rkBuU?VF
zTN+V8Gxr8<d%9mCi5=qf;ViMQ&~lCn#u*U>NSlpho*lK5c^!!59^p0y45`qCz>y$;
z2892NezLErp@TDWc^1^p=?=j!Cr2x8jOK|squGgp&%Xw=<T+i;0uf^D1Vv-d%3XN2
zuza~0!d0LeGE;lIY2VtPUzk?dG+<zgbA-F16E^Tf>wLSr{XEz;^oUBVu4u}=^DNBt
zv2?*_4s*<`IN8cKD{$3hYJnv~T{(Ykv#2{{vmTK_0e*cy92ta6MxPeZOp$xe5#SOy
za^OtZ>roZCd8VX8adYuJ^(ye;op+fq<Ck9%K3*qVY+@JV`PZRfp;0BX(XXUz;1-^>
zwkKD~>t3I?6)|uvpC2mhUq1brW&;9$MVPKa_l3BjfXc9ecfyWy@`7)tW?`gH74KAm
z1mnu4NPe2MYk^mZhHQYCz8fOFew$GeAf)<Gd_@`-qMaz=O@vM?9!>Z7O|B~4m-m3S
z5c{^w0~OY0J%Sao8k)p`z%r8e`>-M7=^ak;D1G<A?*h*-J5@c3yuKwKwe|WC$zDdS
z!Y_<0Ab4c4of&5iS1)`&f?_8R6dg**<@^WVn#Kqm<vwqF8#tGQoAw^RiY@OI^e8*@
zjTv*N532I35;qqgFam}q>61sy6JF`}QTBvO29KC0x!h0nlSC1mVve1A@zS)^w?<&t
zEER@^5(vpoI;mwKh)6gPA1<SC?{cxLLY>;=nGrS%MPJy;d%6w}1hYbmZMTOE#9KVV
zH`*-R<-BIDdq>Mal-!Tn8<Kvz0RlbQ%;-T>>;k0ZVI;wCCF0?2F4w#bT4x;kaHa?x
zUnyX&+CW75mws>-Xnw(;)<kB%X}-i%+FS#pgnokZXgd9Qs%~5nC>bASGiGr9DN6pm
zR4>Oild+4U0pgE7=;Z^81Y<5D@EnH%!;}f|_VaiVTh)f~CbFPh@@)N!!_DQSn?LcI
z473N2%NcF#&D1MHX4rGZd*Q_{!QF=*PL-k&@!SMQS}GGo1!ho0Oqaw48OuEWYHlLP
z27wOFoFg2{Ny>&$l%S~b?pAL6DbGVCrcLTcESka7S@64z8?gk+p_ESIvII&5Lm%3v
z!Sh2J1x)hw`x8h&Ax;I@b0Pi7GCn;pklZB6R{F|GaX#ewjRJcgVuxvkeJBuA_?TE;
zx3J;JNM+K9v--4*0HRBl3`PqHr6&LLR&lgC{W@GTNw<Z!n_8)JZMRj;`C2^Y!cO*b
zc<hl?aC9MM+7R~hjiG~4Il|7bq(Kt`*fh&iDXU!V;E*9@?n|Q3aEb^pM;hdTZG0E2
zaGQJT{>w{SXiAtK%#mc-=#oDP{?O7`5V>~J-7L>sJ%vP7F~}P?_E9g3SsS)BfRA=4
z%hDc+!$&g@589@pv$S~Vt1JRPuagtrPOL$8pAiktJJ~M~{T<Ge&!gpR8(WL<&*Vh%
z2XAf0WCNArWIKM+Mj<Z{nEYD>?)_DPQ+X^UH(5uiVaVD8z9)CA3Zc-%kC7saCgV38
z--WkHKeTs)NJ0j(aEM*U<6aIy#6DHDUL)_E{kEa69S3s+Ptuud@)i;!jvK#L(M;KS
zmFg?EOC%~(d2GHtgL>fkvtWT|LX<xtI9;WLTlN>m`JuwB(D!ui7ppF|noWj2j+hTL
z0`{;5NJDdIGJFX@iby|@zMbs!p6F&z{7HLB-tOJ8=uQw}e(|9}|BG<MEbE9ux598{
zBBf%IIoKFX2ucDg%E8D5|NDc{#DBm0-(SW4`>S?KutE};2t){y3kEADB?cxMgMFJ9
z22_%YipLag-~0WJgNuQq$>$Kt^smn8UwPDVe4PwdRG#90!J8J>i`aMjd+GYr6g9C-
zrGWPgrMczwSL_G)pTLS!km~2Bo06W(A^}an#-iy_xc%1iQE8td+rSm*tC?nM!xHe{
zJql1z-3lDo96-Tq;1n9L#{S=@`Oic^;p)G)2?b^R_uBuTr+@A=5en+hjT(cYpny{t
zIhg<Jv{3|`DOHI&K+LDx4ISuFPzDJI2M1?wtuJB^@V0!p&n~H|sygh~vuSo%8CQD*
ziZy95;7;ks#Kg3FJtZe6+jx6_+jhtRva&xWv-upw7HBaIa9)j=-P>UxpLz8M<VFaH
zeOPKqBzyQn*#8T~@UhEo`?1SqM@>~+cR=vEG1JAz$7lcWP~`{fc&<SFdW+uI8~m`A
z=YBV9&Zq%X(#83k`Kc-FA;W8rrpCtNc2`$dnX~MHo1`CCPL`H*4{88REIHc@$a#O>
zP2W2?Q7=`?R@&Iua1pZFfcV`DX+B^yn3<Wme7hO&6U1<O%mzp_+YoZZ{DdCP#xnUg
ze4`+IhVu1)MNg$x)8d#5WLvi-t^kCvY%{!0CIB<6gS#Y9<SqLmwn3k*6kvZU#>CKd
zqN%Vrdm<O{<RF(iC*u)Z@{9vQmSV2Ar)$+6ke1gS&z&wr!$4WM$V}(!mv*2M;zFaH
zj{9+Cjlidk#$T5TkuEIczFnKZcJl0Q`}|!&Pft$+?(s_3OR#9$%m>=Y9;nCX6HNPF
zMV##-*8`ymBHNpA2guzRX?SZsGsM=vRxVSY8u89Q%~EAt6{pPP_~*DfS$oP43oq>|
z577PTJ@p^Sy@Nm?wlVDz7#ZJ!MD6VCu17aN%74*{GWc1Qt2I3$u6{IK6!0!*EfXP>
zo}S*-cA|u@=ey4HKJ8k-lM(haJ1DCE?#}CAYs=!$&IB!x?s|J$&iR-QZv@tWsu9k5
zNRkImR?^egH&i_L^Gu0AXk7dr_BSi}Wy7rOY&;yA<Z9c-caN2zS6bO7-=Qh&k#mbB
zJ^lPxlMIJ+^yKB`E8kV}X_({Uqoupl^XxY_H*X>v1c%NWhOwm4-%pLM!;&P)6niE{
zw7V+2f#icKf(j~-R@+)zzYy(pYEzPQ_PmEtw1mtaT=_4KRk}EbcF950`KZKXSzw6N
zAKHnNwd&Rlf&IQ^<)iUOmzS6CI<9}=5VVru_YHnxX)<?-7F%cER7gH~E6_*pkhnYg
z);wElci7RxW5}JV6>R=pXvP8WwX^rZgf-7C)$ca_`d@8(m~;>fBWxZGj?%O5z0xds
z)9Q}h;ngmxZmj9S^E`YzS3`v^12`l-gAV7u>#{LNCnt99iI3qXlx({kd_0_%G~Z%l
zS9jxC1=eV2d?(xX+FmwT>CLy6va_?_lp+X9!!A|p@wse!K4A=W*3ZA3p4K#Wbf}`Q
zSWhO;HK(bWQq-NopAQ)g8e$(tgghRC*?OBbJtv3mmgnwQxdl#FjeNy9*$8OEH$9V0
zuPvh6MXyoytv%1O+c|r3<0gicb*`r?eScWG61DZ9$-5H&j;24qtmgB%$){;e1RLKz
zQJ8Mcj@nipmhak(`yxI@Xpz1ZrENqn%t6X~{cFVB+%p**?V34OBVJ4Xn|EL&di+9@
z3+H9@X+4^Kv=nDY_a;Cr04QppOtDjbYb@@(A2P>=pUmi!cVmiiH!1I0$SwZ;#ttg>
zvyr}{*k(0RT~6!c!PKWyU6DbLJFo3*`!umR3K3VY)cD<1tnS$O>COsRcE3dJZ=&bK
znPH1}dnmW#C;kxC-d;Y?A{dwSPhn3`0nF%UeOdxg>yPzaPP$i0gV+TpFcomD3YpVe
z%01Gj-00QaJ>9-KzDUEJD7`O3Bk)R|@B%>^lGi|$Pvt2b%1M?<(D)3#R;&)Lvg7R?
zk)do{zp1Fp;sF23F`94Er}ZBTc%Op>1@FKS$f!Mvd6x#KpLkZOh1*e<vC}!v&xukd
zMyBshH|E<1&s3g~^BfTz{VvA%)kjDxvGEprX~cY+OBz>wi;T`|KbdQ+6Q38wM=jex
zE)m(6$xg1xM^M!iu_?yst#rtT^=s`qPfmFdJCL<UhB^6S(63=iTen5+u`49;4+BL3
zI*6B|Sw`uGI*R*#`izQVN)Cz@F(cLR?NPd*rB&yp54kX?hA;K-os++KHh2-u%?!*u
zQ*X}(s^=>kOT_DFoU2wXBW^KBt;D0?JkLx;MJ6H)6g?|35a$zkMGSh(cN`xo%4liC
zPV^flX+@b9a6b-?T%|;BY=Yti^2$sgf#_?RMFt}jN7Fai$}7CnkA&!t)2vz6Wl*qu
z;C_;pJHpPB3^;*_kA^Lk5#r7?naqncCs3-pR?*f?IVZb6hStmpE(0Ntum*8>&2zyg
zgZ=C~1<;0<HKnGEM0Ks!_zn{U0oGD_5`3-#Jwn?suE{8rX&IcZLI}fAzQdpNZ*e<5
zD<9vEdQACrAMfIdUw+&sPUUXuJHkQpjdobAESb0)@OtjSFFlFowKk65en8p%?X|^p
zxiYUI7)0i3LBYy>q8qU^pnZvpIGTGGc}xzi*RTFc4HxH}z-11>i1s0a|M@83I!xUz
zKVEHFBDtnUwO6c#rN-I4=L?x{SaB^57)|n2#Wy%nqC67k5qb1f3#`ZiQv)ME#kG>|
z!bBN757sizdyOfbX<oLfAQpuqn?qSKm-vcS+-^LOI$crBI*|dF^)|8^Di(VkRm>V6
zymmc%oD_K2)@|tQsPD{8x2KX2GmN;3M*ganrS-Gf81sXt+&12ZIUE@8VptKo*3#Ki
zu?t&Ib|Or~!A1@-yVvEI<39JO(dVPbP<?cjC)h=ZuT+L4FNAzT;yCHJP-e@QOPatZ
zX>-Exg2N(GO@Q`?edstI39_sE-8(Mx6Ax7wVq7%5b=Syn8$EN!1$Hmyq+34kvyyIO
z9G&Ok4{deb{&c#{gozYz_G6p@xANt@(fqzM@2rh?GPnoeb4HK}BZfS0l$qaI_DCOZ
zPr8kD@CL3My|(lHzH*y-V&!6<MEbZ@Eh)Tsne-&rT(DoISVJz9QA$V?9aV4RvnTkf
zg+#eIs&CyyjQnH<b+vzpNO>MxsMjv5qK>&~yoo2oS}lAF_W66&DC2VHPjEtqlXG9h
zt#rhl7Z*glVz!c<mu95l&b+5-ZxhNlk0yYI-q&c*{Tna4LfRukz}|c@^U4m5!Tj3v
zZDvEwgLQzh^5t$a+lLGErz8WR4>|gMCzfK~C5nW11Mhg#&E?s48RS;Se7$thv6aux
zeLi60H!051N%j(_Q7tB#Bhii+(`hLdWDmnAjmUKayNvD}j9n_ZI0Iu`b2#O=XED`a
znb*m$ID<-VY_XXhCuwV$h9{;i4g__ec|+nugLZDe<iR>JnNA!FW9G#+{y^JirIuL7
ziJXoOjd(^>?bYO>SFRJZk?@FBxj_}5IALk8@MDC?s|Leh9MSIWO0=DQh_{KLaAgG0
z3RM1M;+dgULP73GK+@-mfns-CkvkNL^g)V=4z?|JhO*ibdEpVSx#ur1Aw4~x1)Hc2
z93$m&sbZi}V&8{)BcawS`MOEZEwg&XvX)9~&|HSuWj-_|?1iKbJf8VTnn3|XsM0_h
z=``p~15g44LI({wBxUtb?IkT`zrNN;UKM^k<dWbf)0*3g{*8aGk(@W_LW?RM*J18c
zuc&}vA2dGaD<+l^dfQ@;J-#^IpI?QYjzXV#GK808a-EWUUcW22)z?&sv$`VqJ7;}{
zYUe)L2Z-s+mf$Un``leLF493)7b>o%Sq~v*%}7Gt+vlpn%%2L{6=OW}`@OUeXth%r
znQ@nz+a0xI=mm##t)^w2x@3Cn_T6X>nZwSG%KP5T(@`13(*=!9c{M~D_;!;vO~LMW
z-B|r2)ck(Nw@e6d{E`M7nvTl8gWsMCdu1nI_2ROCBi#D{i(Lhv%uZ?%;L3ujaPq9Q
z>0H%%P3AiP^Uh#UXZ0sI4^7SZeG8oYNTmT|o6$DnZSbuA3cR6Y71`dg58mo2cy+zc
z*UUO$4s718Ym`*R!7*du=Q$zmJ_zT`B_f$euMSmhd`x<tsxrJNxZBR)n49F)HhhVY
z6>{y4N-OW&GT|`bdcE5M$Dn91f&)q8DQte|n~auomTHzknS)uZ`E=*_3#uoUo+~KC
zSHCk?c+uL!u(@Ia?OnFKSSjjW6pP%2FKr)8QNNEE>_)Omg+sPZqRAtKj;hTgtGeLF
z%VxJ6t^G*G(>j_e-u>XH%}_kVt$Za_oDV@fGj}YdrKe;!$Z(#8XoKKraHLkx?R4fs
z9?!wCKFD=d<i5($gv2);eY(SC-WH1gW&cgdhek>g*I6*?UE$HxP1{Y*i=G}!5A2dB
zZu~8yuOmVADamhh(#@6K0*HBE+@VZiF6r90ixr%Sw8w82sIi0U6dpO2y+W7sPY(lA
zANZZy?|5}j8w6pS=?>eE=p9EZb4`yzKd6qB%&SA>PL0HVS1Lby>wfaJTb_eAVBDYl
zftUo8&dgT%hG)$OaPPmNwZpfvw72SuduTv^9Ju%}&lP^X_i!uEym+D{_}lQe^GN3z
zwVM7scGsX$Cd}#Yt?WalT|SBpE3w{ExB6I+eV{6w=Ij9fwPK02ETZq&9&)~3_oxr-
zU-QGKEwP)*@g}fNh6KqoiZrP7j7>2&&5~9_@%0q8HC*Kd)xsb=fnwz<LOiFUn-qqg
zB7Sgj-n;y1zqT28TH+pRecJY5o7EOx<;U&D15^Jn)S42RU>)IfJh~($j5nW*M}}S;
znWu1JqtNR(5Oz?rW<G(pi{E=@p(rKc<fM8*BoeU7oSY0XNSAlhMkgmo6(bFgH$g+R
zW9Gm5LVgz*lYyEjS6t}u22Pvko&<6`vsY3}@-}l+AIe)oaB?e?v%Hrrx@p=}`9*O*
z(hXpWRMSacoQ}l7ti)QV|Av79+cn&WoOll7li}q#*0j3Qjf~C}i@Vz)3Qqk9{gA(}
zdyS$#K>X-icxSHEv?=)_nxzLDJbsuy+J><p@Gh=ZvMHNgkAw{Qy>p$IPiyMSrQdm(
zi5+5V>)=SC-aU*rv)Iov_`BMcMD#HW`2l+G!#nf_wZ+T{7oByNTIYL#SHn!$V|d&U
zT_ubeNX|%hNAE9fc(ILmKNXVkL6LSfHl08^F4nHR9zwA@bg|&e0>QoS^c@L07(TO<
z`62qgGYm;5d3`UuS~J&aj~~q1YNL+0uU*}s(6-fA=*3ssY`0&aU6)v0$Gs*$^{epw
z6@Fe<PQ1XyYr!b{`Bf;s1eTL^?WQPp&pR=q94;$6`Mws_zjo&#N!rlXYFIP-MOauE
zeAs6Msru%cyu=Cc(k$yD*gm=D^fe#Io$OvV^<TdU^LMf`n+P6b(qYq|e0&LgkNxL~
zV)CCO6Ziyp$mss-0KUo$4Ff*<*YVGffsg)m{AsTHU+w=k7b~Ibsn);k*uj8@i!*$M
zbD4Q+?FVyj@T>!}^>5QR_5l^lvdi7Rf8T}ia=mIu=XtaE&~bD{<XE+WapSY>@9_KN
zQ*xnGck^QaVh7$YhtI-8Ct(lm&|Tci4tqCxPyWPH4kZuo-MfTew*3uIj5eL`BUfzb
zx$7=|@OOy(@Hh#|Q@>B&=x7*i*>FAXKzu^*cQCrnfon3Y#K7~m>WhFe<q}nWdioTW
zdbNvI^Kmvop67-Q`2@+6k1ld;^6L9VA?G44#>8E@+YtK%cBEa0h-OS8gp|OnUETEW
za5O32VoEx#q9syjQB9M0!9p8toZ3(BZSf#q%|Z>J`<^WBdfLPWzghPycce{TKCLA5
ztYbJFYfCCigYuG0Y+hGtX=ZQFShbLv*^b`L<QXLxxEs5*AJEgBC+c{cY2;}$OA@8-
zDP*SQz&pd?)q~y2Y~Fq~>rqDu`QdcCn=u-5#>@3n#1lG&zm@pJLgzG~toyjVWnUV)
zF7sT&*VfWsnn;V%2YRl2c%$g8$tZbFEXeRuyYG47qVRRd63Hs>Kv&76_subxc-hGQ
z`^n96P;CxBX>tTmRWbkX1el{+bMsil(-42YEi@2OY~?3b9;AI*4rew&(Rkigi|buv
zz8DKqH~DoeoCT9{QQ<P8=kQz^dGNl`9SdG|r|IFqH%!K1GqlU8Yxc01ZFd5!QnNTk
zqV5+ll&K8iS4#T0uAe6#9lRUO-pQZ{8n)&d8n+Zyk5i7CA!yk!aAFG7`{8xQ=`l9x
z)LDzqcHlhfB46J8^bWD}ZpQdg(GgGgDaWfpudv`SMcLsu>uEt7zg-dv$!=75|H?RC
z+uqTj^$A*&XB2rI&&pghmx=Q3^Wy~sZ}ml)KNDPN9!KZ7Sd2c5OhJ3NZHqe*(dGIj
z@Vn(4sqeh-@A{2DrH}1V^+*D?o9Xm#XVZyu;bYckJR54=9@pAn&<%WHk59Mx%|Cj$
zOyRwoeE+;vW$O^8I+#Hki`;om0FODZ?b)NFi99?aWY3t9L`wmf3O=lcn{AG2=^KYc
z@iQp9N>noOn^!7_t^?339TsiPSkZRooX`&2$(+k1nVl87W)!Cx>Ys3S6S}5Qd=Ibn
zOK%m`U{5oT5<tJ}zfAL;Ivvz^`-)7(Z`6M_V}8m0@p1tqrs=i#7Ni~*-f-pc(EFbD
zr7ex<=-(dJLpEV*3;6l1%6<2#o~E1T8QNkko22D4&g_5cKlgvydndBqYzj{yEuIx{
zKb^Y?*Ki)OPU7>~K>=TQ=kbz_{GHhcaQ^E_wPsUh(e&uJWQPW=!xcjdNs@2A@Aw5)
zT9!mwR;|i$h7rk!CbSOO!eN{=V!jo|J|!ZyT|d!S|I21IVLC-YfT@*XAVet(PB?)H
z$+NBseH&CwiLGFnOc{wHHjcLnPfzJ3Ais{2P$9^^fjsD#q5>~H&OVO>7sVJfq1)yL
z(^$k>lm8kUCw(l{_~rSgOFf5H^+2~T115iyC1HcCGMI}@R~;I?YhyPJS2^YRl!0*-
zQEg~MBZ)7U<tRfb{fG-9!*Z7Y!#lV!6tOulCSYaKAHm-)u|7Q9u!IfF;#w5FO&CIu
zJtHIRy*n$kdkN}-L)39L#=v_UCDcUa#bjS0dA!>gE~ADJ*T`H_#$+O%@^Muieb=SR
z%T;#gc~zEw0qoq+E1Vhnx?&@O?A^4}fkKXX`dH1{ty%d@z7LP99j@0ZhN}ImMB2B>
zB!&~dUa4a(S8J9Yo;}Tt^SB-BAFC$HRzup>a|~oiUTSjO&bW@2oP6Jw>g7&&AG1u;
z`dDEc5@tJ2SzMRyem>tKxmC&O@R}u@hqKOgTDQ&8A5N!OO+BuRCck|KSQL|T-N*-I
zYx4_mS9l2zq1B(`ZvwOCHNWAbOt@_Q*sj6g5sGJtek&<UFEo!6K<TkVe3Q*;!1sR|
zyY6T>x314145Cj&C((t85}nZpi6G=6Iuk@s$mnhK5`^67gOCsjqKi62y?TgXbi#<<
zVw5rOll$Fwt#5s6z3=+=fBRYIoW0jM``PR4z0dib6K8cQsLJ=-e%;YSG8tP-j+y|f
z)N&@Y=p`XBB6bijrpO<pT;+^k!icr!Mt>l3iOr7&A$4tr_=IHdnk}R2Mx)JSgdc>o
zzs(P`p8lmLt;Bz``mL8_pK>6?j5Eb1e^@$W%N5ffKiB-oB}6J5s~B-Sa(Y19{?WKA
z_LwZ#lE!Ame<0<fNlV1Y>EvTC|KpHr?OQ!hrFtDDyDvO@9V0yk_rFc^7sT5Zg1M1E
zLSn?Pnn`T15Pm85<O@yqDKEzn5$p9orq{uq7HQ{m>K=i)*_ibOOraKE5yi_msG*xi
z#c!_t3S-I3oFqW6-oMW*Ixm(@@vy_<c6uhcXd{qvVA=zRUuN)k8ZYrJ4K3?o?!XHl
zXvBP%=U#kOx(K-!fe^C;tt98Hk2KCzQd`CwsmBTqWvn`LW=eaOXEkfO@Vi}neTms^
z5pmPgec%qiER@)LDe>`z7yd2^H(~dLU4TX=wMNn>&oOC!>}I?#1dj4U7vGabR<0+r
z<tX9`$5|f(kG%3M8mn_m^o^Y^6717SVh<PVon$qKNo?IAfF&W~W6^i*a=bC(PZjUS
z+yNsoK-Ob(^h+%PDO2-)r@aJPA8ot&2s$HrZ6i6wW&>us*iP-QO*XqVe%%_~ZNAB|
z&g1K*8h{FTsH4uOgLkCy531J_UQ10mJbiI&7*sm#B$rJ|F%pI7Sl_=g7)hUkZ=9ic
zT)8|~o4+xTz$i0jA|+6RzuJU)XtjaN+2IqiZDP@U7xGowdV+scI_LLhDpf_P*!C!T
zgt*njbrBvm*b_J3wc`GMDm_I@GyIz42HSRC;&((o^uV$@yIwzLZSPbMMo5HiIn4Yj
zw%F37IoBGv#kB9Hs#IjV|DIFF7BUh%aJE*(fn>@(oEFN_vh5x09eE{Yqb4caw%-k1
z(lTu8DOrE`)|2Z^P`z%+bi$feQ9`IsA1GChU5NX@P}N_gO<|$Q-=WAiSUYFMT4WCU
z;-AQxMTUF^nMIxH^BvbMsLsb{e7R{$Ok?0@k)II=nc}C4!6>im*|?<QmLTC@gr<fB
z)x$&H=`q+Xk!;Vh*Px%X90-7<o_K_*e4PFh+<(?D*b&$OMB$RujKc{w@jI<K<fIR)
z%%9<YMQ^DWrr0!rtc_FS+`i&E&eoQ#_tm(QUpUy@Aa)y|h$(^{xqyXNidknEfX-0J
z(|!#`kgb_&pBUSqU`K#ICf{fOFTp-TCIg)`7o?V~5aKQ_DaOKTk*t+)%<Ir#^+|-{
zplI3s=Yq3p7v(8Ahg}Y}rmWVb>V`_ruYR~I(;mgzwvH;9&uDjjX#bz&va&xwG22Rp
ze21U(FkYdv(zJNYNRSM8Jfku@3YiSeiQ1|F<Oa7~xuG!PR4rCfkhhx+sy!q_cIA&c
z@35I{&=OsM+=X2}slq-{<Z$_FzG^nPTRRYOen3pU>xB>y`fcO&`A?Yoa&z~?ZJvU*
zHxgf*dWHlV@;G!paq~tWPOE+XO57diXR&M+DEq+dzH@Zvj28Du`g9#eoX$pUh`K)u
zkL6tJVLWqA=e=LmzWPNj(d$`rPkL@A{B^o)OTst&G_aS=iAvc<-c&DNrvbw0Pv=_Y
zP+h8+x#e-sm{qa9;ZCjFCcJtNQ0ZKsP=P15mUox)colThAe9g&Q28NwIZ~V4P_MIb
z(fkI)NI=0&m&EgPma-X(Xqu?($D$4fZ+`BhrS=a(D3A5yB$UGBF4HZ=raPq$57L<J
z`i;V6;Z?HK4pNchipYgLY&lO4G>2Rr3t%Z_DTR4T<0h|n<Xf=_K;Exi-~DcmtG5I#
z3TjHpO(siznit9sUJlk43ih==1o9Q}vn*-ewUMFMhM@gj{_%|BYei!`r}C^Glg;i-
zqV726p|!VO@>7ltV=slWggZsMrkS`$ZEC18c5!?`Qch&PoSy404&`9yv!`^tmW>+}
zT;A2pM@wv~@`2oi%bgdM?U#x(eaFsH`N(9Lq959jNQofJsEaUE?S5^^Lq`<j$M@Dk
z&t&9`a2WOb>di#vHTmXy6(%XZr7oS6isd;50wo3VKXN@c3Qbn<jd4oe)h2Dr^0`OP
zHU^HqIE%6@<u_xJYlI}zpkpeqrIoF$wx)-O8FBW}Wh>;DhQ92Oc!M6`kcNXRe)&bk
zn3~Nb3z>6zxJ1>}oeS_nwsr8zb5DmjQunqP)=vS?v{?i3k}gGsYrF3JeK%p5M+-B*
z3fRP-X&ZbdPA6agwjJ13^gZBC)3Dqy_eU?yNGq(2g8i`J{8mKB*!~fXPhV79NcAE9
zbu*sI`T!<XBN(ROaa~20X9})>vAUdjm(HmYap}aZCKqrJaX=Ela`U6lnPi}lM}gHT
zqb!&P%fA&lfTZI;;hvWgETt|0CBXFb3WVcnx<JcAU#dYTr;E?@4D7wnH+fX{el}v<
zRn##7X{Oy_5vHlvZjXs%qUj}Ql2oD;6NN4c1_IMuj{ck=H<7_JCvkniV>mb=G@vrX
zW4cFo5vc0jRf_{&$8I`Kfu+yQ?DuOQQ|@87y283skB1ZrxwN0<HsJzNcECNA#gk-R
zE=Mp6{raB3(w44mA`?GniE7YocIbB5b7*LIeg?t;XkQR#2itqsu&OC!GICTYTysVB
zKKnG|c|tum3J#B-^y_ExRigX+Dc)U^c`I03M@Cx=%OBLZ&vdjX)zk!U^KnfshqrB2
z1YtJ5p6FRhWfsK!NSRb8BaGy`)aj_1&Cz>`8>J_%#Wy=AfojwAE^6tlnAaM8HWXp#
zDu!}ui-UV!zPjznJZkV@hK1=T4IrCSYgPNu=F5h*dnpL|MeVy6S9<#RcuE;J&82ik
zq8z*$4qk#=MFyAL#+Q>U_Kw};)*}ZH(aFIlQRs*Wxl89Qg+g;)vp6}NE2jZ&`;X%B
z%l<T;`<AUG#QFN7tl1d?%#n|9yeOrzLa}=(V@skk>63feWvJNR<gw)%8j7tEU~YO|
zLOD7jf1eIgvnm9y+eh|54f=%pl;E_Enz$w_B?|-VlRcTamxgMuovn0wi?8N>mcm1S
z?SSNx`IA;~dMBP1f{y0b8^gWqmeQtJsV*L!-IH{*JVzsR4Gq$zi*{|T$LlUr!&7<r
zG2))^0Txf`okoX3lrJIkLn0(6ynlj$DT=&thLh1OcPcrscr&0pqZ-{e%(W?JwoAfC
z%BKz#=+%H1)1t^pNTSGr52Syy3_!j9f3fB(2-i8G&sbF?&yStGui_Mzp>tRdBynxi
zMQP5bImpoVu|#a!S7a0Hmq*>4XMh6pm*-wTH-FBrwCX)?Ys&ZC4EhR;`&&?8#L%h*
zWZU3lO;uGDOUw5$m9-q*^)jaf;EE72G+^g(c9fH#QFi~F=ZAh5YV9nG;K~pEf!RjR
zf-Y{L8lkIzT7Y7O=ShB$LiFhvBswdiitSpCUQL!#&P(am>&+R#6wf@cBR0hpNgLK)
z0n&xYw*_k6k0OdwjqK-cp^Kh#=8t{u6<d>&lY<d~SLLPex^=v>(6fYZX3HfyvF2Im
zt<OIHQD`AZk3HGtc6(FB6N)diNXGV5D@&U=_s$+tlhoz2SvjvQqweyRWQhc|5JYbm
zPpep})|9{VnYj06Xm8q)Ft18R@_`mi1+L(ic@fO)^^nR;xnYhQyRbmKSO_DEYae}Y
z_aZHL93B2R&N$_`CUs2lL1}4hn?tkR*vPnOr*py?a6&|YVHH51KF0CTkp>?Be8^XH
zd|X!xm1j{4baWwjEwriR>bH5D6xw*>8Wm$+w+0-(`$d78k((%e)Apv_QS@k{Vst{5
zh9kD4q&|#D@avtbJ%L=R_?@1&1fN#>j33VEte5kS@78(26ut5ye^_mAZB4Wl8VnrN
zlac^{ah;-IFl77KJ&f?hOx|o%BHAy)4ggLUnFR{hFdj}$8Rb&+-fJ`E?-eNjn0Zqw
zTRh5xt4_qKmVi>%4s0qjw$GzJNZ4kfr6zsv7dFExK`lhMHS0@zyeud4enr@&cFX@f
z;R2<OeS)nSo?Lk9OR-ctIlg~Qiu!>qvE6UBPUV6FVx?F=Q&(YJAnMD)-9&9%pgXdC
zK}w>5O2vrAa(ru65zXWPnR@xP?m!wKThURW?+9hA?WpE_mG)Gl{SXUX7pkwnaTFLA
z%rxVhvW-$guqtBwrmOj^Oij<mKD#!H@190y|9Vfr1(aY}om_q1rjF(qosT_?o=*}z
zq5+G;xR}lezPiGuob+HWXGJ9NhX4j>|7TQG!g&R+Z*;+p&!|Q;UPD9MyA=odZfR)=
z*&#G*w1|;H2Ci~E>N#Y+egL3ACoHL28ikwNV2T*V0)KArPMx{tUEP0@$87XyvWX)t
zJz=ZDe{i&bdcT(5`Ww!wt_5S_6?!gDfw$PE0Y}GGsQS7C5N)cnr8nB2v(U2dn414I
zcg21xLETq03-K(HEq9CI_!io!ubIZ~IpNH#SPur*J>kKg3<qItC`cHX7?@^3bvN2k
zb!xX)woB~F%`4<9bt~a5%S|C=Q{}8}8g2CZ!=KO-PO7U|>-50jBL|7p+)#D7q>@D=
zMgZ%ZeH%^@DtaNdBi7>lG3=4w`Q*s_Eo!o>Fjp>$jC)n+C$`25X1$Z4W;mX9l(DyK
zQ1ok4{K$U&i<y$!-`cLlxndW#a_J>lS(@gya<Map1yAxm_@|To+Xwwt@V5{8$0hxD
z_CGr;`)~j6LH>gXU~T{H6aSAB{BJCt7!$=l@kvNI?D9gX#1L?*_^<N{yuH~m#*Ipm
zZrC=zit;KCN9k$(1W8#2thrkK?O%hi-SOj)_oedGXp>`^1F;`IKea1cQw!b*?-`Rv
zvkD3ddTOc3*SYJ)K`j+9;M_h6V?BJC5iv9LV!u~k7k@YcTPHjedHd>tJ^_IEiiskc
z8?)eVCy<T6%^SHdiHMfno6LjJ<f?m=blw_P-r}k-?BwLHfWk{j0&w3ADD?+x8Zj_3
zGQJEzq-dEN5ntTkZIM$}zHn!ute~T%%}qLKMWFn{+$H$6DC}t{Q7cb7{#<-NIXRh<
z7-n^aLX?^Y=*;+XA@sc5h`4dD)6)NviaMj8L{n2U=z*aBM^kHS>u$<R277zIT;E%w
zVAd6{6AliJ1t_5LZ?)a3()RSdp}|Dv$jC@|Kj^N8Mpzi}9U6_c9&_>qGU~%sOQnT{
zOD`P6|8B1@LYa|&mnLyI<^;yVW+#+or>>ismp6BvY!Ex`-DL$5hXbfUP!_lQ|1?*O
zb-Clf9YLXkAeB;w!+VR~%G<1I&U<S?zpk#XGM0e>EH?VYJ3_ywP~@#C{&Lfl5y$`L
zoA8vrV4P-(sRroFfGIO-sDm!8YjAL|ii&1^<%UG4n!=6bR`wQ1%gA5FwU)=szh{Bb
z!ea5;c=q^7T5Q;zfU|S*s6}No&#vK>zH%J|Sv|+YN6Dpv<Q!~&*vUrJ-;}svZ4^^r
zE7F)DSdjm?M6~@aCZ!@i4xqljK$XePz0H({g3vH#uaw^2&6U&rO9V+76#`UEN=jNL
zEVepLu77o7l~Bt)R`Ti!J6cyPts+eoKX!+^w)*#aGBUO(qPcd_$`{Q3fh{WHIvuLY
zu=#viwQIc0<d0`w6y$yYD+m`K!<BG``T}v9A9WmJMdh3tvuvG{!xoSJ($M-%dq4e=
zEkW!8@~Dzt?8-iyY0u#ZJrx3V%4hE>3!r$os5t0EAUdv^$9D}~cVB~l*X71&{&DTb
zZ%QL5&U4YjR8(4N3}N!}=3vS}-cg5FWEy{geiUfQXBsLraQ`R+v8G8hg5}6in(rDK
z{ILJXT?;}g2h&~gKj);|yEqi1QV086++&k}DI*EHjaXJssigZ`Jw#i^NC!zJ49ck{
aa>)AN2kw!J-c?N!fb_KQYgK62q5cI|r}umS

literal 0
HcmV?d00001

diff --git a/docs/installation/images/virtualization.png b/docs/installation/images/virtualization.png
new file mode 100644
index 0000000000000000000000000000000000000000..cd2ec08b42dba1525520b01b197307136fb0ac51
GIT binary patch
literal 59249
zcmcG$WpG?c4=x--Oi9dk%*@OjGcz+YGh-Yx<CvM*F~^KCGegWcW@fm~X0y9_zxsaM
zAGhk%@zl&Y-D;_&mh?ytk(Czt0D}SZ=FOWAVxofbZ{C1mzj*`F3I*}{jV%VI;_Dv}
z2YC_xHx;8;z&CGr--rqFDY}9jw!YIvo>_Q#>A_rkD@#N0g@lAJm`|>SSD#Y7ktjGz
z^}a;NJLg3Zc_=@BvB6YBLW5a}UnoYgO1G4n8bd-%P;Rdj+7*O6gl_>{Ha^vrPqC-u
zj%REkc{zC@d11lAnRRt)V>Io+f!o2^A%lI)L3%cY*+Lx}1f2KH9~YwF8dPz^w{L8G
zGr8*UZ$SQY`HDifJU^X?sOODbWIo)qFAd77sE7nD6yPELF~sYL8-j1dMbdb4F#hxU
z&!Id(WjPKT@lgMK9#0xP%drQVs08G{(}BQ$C4H0Mo$*ee?@tmp1bL6NQ3{)6KR|tc
z^Y2w_0SX2QdpZ3Q7ziPA$3Tpv%)ziNmV=A;2K3)cS3tLaN+#~H2BOf_qRsV(NZsVw
zdeFn3U#kb$Q3GNoZU4(l{gsBf)m0`lS>}CvBz9E6lnl?OXxxwg4)Qu+bTN2WxxTB`
zhmen%PAZz&@vw3XTk2mb{P%9o%!i6IieA59o3(Kzl-<<}!WKS1*~{fT+g*3OT@O0r
zx#LP}O1I@|eK_Wn<p8a<1^G#!H>ia%T%JazT^9W{h<Os@Fh0HJrL+4Xq(PC9IG9^;
z7p(}$h~_hE6ZcZZF*B3LTKT1<B*Vf?7~5Yw_BBMHqrh=b9gt_sYki%a+;v(`WMW1|
zhdQxhJ%V+1ignd<GX*l_=PJf=px>uXb%X}A@0xGORFPp+AzJ2`sMr)9RF1(Gn?4x4
z>sOJ5M~s5{HS#4v79|dW69WpY87&Pr_S>78sdpo|VqV$4BV}z**GuEBJ-_6T_udy&
znIh%b$A8vev^HItX9*cG?DrsqS*eO4TfGN{mpwI;6F+`P(zaeAS}oRwEVHVUQ&LI{
z+!S7M0!!XiF9@ztFWv#O;ggAJl{xso;(`9$EiDN1&uCAdUHB0mbgoVyqb8gU2AFI7
z%)oqjqmmJ?!u73*w@sGFP}DQz6ikgf8EefWw1pouFQArX7|jOBBw9)}pRbK8Czb&9
z)YXj%Hx0z4JiXqPZikRew$~VOcuU06CI;pLiF}gXk6x@OJ+FI<x0w+Bv7GL)9^9L!
z<%kV1I_^j;pv-ou1pA2w{pq~S(Q>6F+52M21Bm<L8oE6wFCJ88`(wyQk%szE3Qn6R
zp5|%OJ#IMQrc&u<)zc3Ei-h*$C!;=#fG(*tj2CTN27cF|WMQJ(1-?8n31_+v^*kx#
zKIoeQ;Z&Kyd<ZR!qvS%n?d!KOcIK^Fw75z>XQ=5ao6nZH2f_$zNiHPVSJ<1mWj0>1
z<aj(*f1;}oIc}#`b@_Ha_+ywgE}_)h0b4<RZ}wq?k|xJC+|5~$ZVc?s@dd3$e_P{g
zs67hqNaV;Q+>bA>B=HhJ<)wVdrTo}bjqf#Ec~vWDOE(K#DBK*{<jEq;bWh;0Ivi=1
z_bT<|z-h}Slbu@+GMd0vc~2lGXpO#@h@;u;NA$F`qq0|8*#@)K{q`@d{Okg{FgKQc
z0JcyAyeBsRKEGXZtusg}fZ9@!u20aLzY1)5{?@VeWHT2;2CH7&A##1CV0!rU&h*N;
zf;2T(tyt}JST$v`gEi``72iKGtVnm~6G-2s9_wh{7kX+cR&w?qLzUS|W5EW^d^>s$
zd%jg;<K-aev*Uy}al~U0E$WPcDi*4Z7zIXHP6oVzymFea+^>}YU3ZQT{TOdphZNG%
z^hJ+)6WM0uW0c33cprV{b&f~<Q;?^Jm!OvDk*pEQ+7?n|f!OLuF62w48aY-h&C*U+
zVYfKU%}+I2OaJViYvVbjLpP<v_MnfUWXrS6af*)dz`G}{)b^Gq%Os_D66{0ZK(j?n
z_ugbx!zAcPw&%mXNwL`>avewYazR?IruxcbnxzCeuGNw>lVq4PRl67F9a$z#9rD<y
zk;ye``5<%Y9{L6#iXO}jr4OqY!&<<Ij%eeT!NoHJhrL*gy?XqxKrl!1e&hsQmW@cu
zlPAk@K87FbrwsfF*KS1UQsL1Hr(4d?SXn-)bH{l$+&`ht`YQr6_ksjD1^Yw6$%E|e
z@OA<Im_Z9$?@1G-5EK-X&X+U<(@)_AvnM5o-e+ppLto3XSN~G;o|w<O09b?6oX?j)
z2Zo9I4}-;;JmBLebU0jCvV)%G*odZ7Q5L@}KOFcprcZ_{retot&E|~pAoIu3wv6Xl
zTl#?otamugG4q4s0gvQ9n<(bj9%vU}1bvKb!%8vr?$zcjXX2m_5{4R++q0#bEJ8|(
z-_92r6?w-}l!X*)s3DYk@S_ysf+7DpF-$c;uZK`r7=X=6V)BVJTEHn8xN*{ln<)`o
zFUf~%FHw&hZ{CxZ8ozogk3@C#dIg6Imc{D)fEDlN<nxOQD|12QzjiFID`+49=DO<J
zh^g^+P8A^cw)-b#hn&NM7vUCo#0}l@UAU*qhX}5V@K!K4y7n;5PDvUSnr*;_fioBB
zaVZc_NV&Ek*r92_F3qJZ1=~^C#SBaA*SR4^vgVdApiIwwzel)@ywY$&PV{n#7rEi&
zL_2kTv{Wn-g`+4h&%fN{G!=IS{nv>F{{bXJb(Qf#O}lvf5p_P%;10~dY#6kh!F%as
zlgTT$?@RI!(59Oo6Y=||FDm!bkIoyyyq>QTV&UItTDdui#Dx6ghT0VASS;P>F*T%n
zC|M04%yBS1G49Wkx%G7}d84~gaMxBO+As0m*9PExg30_vDmgEn#YhTs`S<VN^@NH`
zOLKdBg;`4X1#(5AV7Fe@{NPOcB3<sNA}fJ4W88&LE%#@4yE^0J*#f}YDd~5=wf_xN
z4?nN-hI;f+=*-nZm7-tuZ${v``|koGBQReCJgyJ(E8CxYiHsGdQum)<hp4rfqjB=;
zK@b^Vth2~=OcGs(_{&$oGY1`P5y$GQ$*ll=`^z6#jQnhpznP$6T@N_V2@724CH(D%
z<Pc|#euP$+vSZG%{f2FgW+g!e`4>l{--BiVA`PMZSpN2Uc%g#ZAr8=>evyXG-*IuQ
zgg&X`2=+e?%D}6GLWIti0`^}A#rInH)ywhl*w~}}*9&=75u)Tb@sUJeA`ZVs{rf(?
z0>uk7wUNPkdi%#9L`b&Ft%JK4#A;Yfzo`7jUx|(cf8Cwf-<_2>@}`Ry*dqgC{`u|q
zhZD=y9T<=ur3%+*sK3_u`v*LDN)R&aDnvoIUz+&OUFFpW(>%jN_@5;zzkaPx9DM!<
z(QiO2!1Wb5lqbtYTyhNFztDJR1r%+AG~MonnR4qOis3vhDkbb8sjMJU2r$(pZ$%b-
zxlM4hHYb(mikK1CDXgfaV=?Yv{)0VvsJ>_bSm5xTqf9s7{o}ir_L+tq#O)RF()L?c
zsqG<u$Yg(=3DfB8m|j}S_vvLzF#2-AvE&WqTs!>;1|(CZHms=xnHp`uBvI(en!O~@
zwqSoOJO&}yZxTVx?`&k5|H7v)?zAuhMw&*->ry*s>9}xrV@dVgV(36-m-fCe8<*1T
zE@yy<0}}L465siPlVc~KfD?W&>dH$sT-HyL#bk7Au`bRws$7)pa*!~4yo;#)Zn{z@
zFWL5ZbT5@4*lSlCtew9EVc(KOr6$!WS?!#oK^z97{(=LQ;`DYTOBDg5;ATu!m=?3M
zaKDd0y`rJ{JhRsHe4D9@%x|AiB+2l~0p+3$J~`q}DU&c7Qtc0~7Y_#1PL`uqteGVn
zPTKw`Z++mt!)M%e8SB6-XEg*)lxqF)+0f?u6~$ZXIMv=&giiz{x*w`x7?Pi)geSpt
z6sHWAxh&h9?syHK$Wge<lOydKdnv=)$TfGD5+6neGmII@yo`*tpBy#xoH~9Sf>_ic
zTrnq#_h!mOcprs;7AWC6&Hp4%sHwLLMq=|$aLD|zMZ^4=&(U35R4Vw-IKdU^RRVg~
zK-+Y~2Fq+=FC)JAcuLoF{33M0xdxS00*|_F&+fDoBhO3acKa@GOrBIrMNzC2rD_ai
zIsQSrbVjBK{jKe?7E?;fK_c@skxay(`VSM0`6?j=9bT5%)Md=``_R&wLJ7Upp<@n1
z3v=5holWM62obb(Ds%5gHh<fJUrMe|0uPx_D34AuHI*{eXwMC&rWc&WU3wRzt(dHZ
zBG0qLUMIP76%Ku?IJyT3L{JtmRH3~A;KChA-~w?Kn`5O0_9!T-j^d^bx|L{`y4vs}
zG@bLNzl*1w+LaIaY4(HuvHNhKiBy37M<M}-LI^ctN?8tvOwWug_)T4Vm>aBNIUdI5
zZE&%7GoRHE*zbJ7_or!?)SM28&XRAnz@>jQHaw@YEF&>RR4bo6X-k&P6C8$S4o>>F
zk|z_Y_$(N)J|<u&sWsZ<Z9A;mR}3}l_WwF5e(QV&)a&GU*SWIXC;^=g%=%8oICpqn
zqiy&qrrgARUme)0a03^cSU<0MQg|-4pWB9?Pr1q}hzd`lvDCqE#6rTH2I$Q8QZg0V
zZinS0GVau9VvfFNzo_TGPqxIzGJr=ay}0uk-H{#D1h~zX@+nX>+GzF^DASdPo)u@Y
z{YQm9tAMIm%$Au^)6mq9oLt=PO&?+{)n0~d0itq!Bnny48fK($f%xSAdF2gM9*3_>
zy-n`pqo)S_!Tvtk03~+4{r|?6cz)2l!2Y$MunOP*#D1T7Dd5=%Q2a&9-rM7dNCp`Z
zDRWK3{vjB2X}q#YyR{DA_adK<|9JP+V#o5T=I0s&<svR{??e38JcGdZ+k)x=B5Aam
z4B0>(;r_>HqJna|96M6OirA}giGu(6VlaSr9uTRDDY|<;lt3+Ea;6}CeYSaL>ID9e
zDTaUJ>n!qmh9rqZhS;O=;>2ZlxPb>){%eAxeZjdXv6GmL*QR9b6X^nD-(!vV^1>i>
zyh}&+W`qCmlN?0ej+#k)D;;-WJ~TYOQ>kX1xzavNVqk1t!`bE)0&tUR`7Y0$M_!A&
z;VgEvdg)5yBuWco<Ck(U#PJG>i&$7#7|Zik#`3?}?89~_I2F6{&TI0t&Lv7Wayj@o
z`S+ulZ=5R!A5Fq>ent%cT)e4>9pWOAw-&`*rST=8PVe&@+uTz!J_esU%V|if<!cU&
zH*S??O2?qy%!)4Uc4?^Jm_(C%%D3Vc(_}7@iJ2@c-v==L#S-6P($9d%q|Dcdw45jo
zWK}Z<eNIW<LC~psqYFkv?ZaG5Cya=oXf*nNq=1(TC79>f-@|dadcm~mkF@9C(T;E_
z8>ZEE85VXawky@{H#kd^?;}*;WXmXE#_OF|p0D#fUWJ5(G&Z(I&$Q{5dWJH*sl382
z)mzw|Wa$<x%$C0pd8KMpMO(=u*2m4o(|!7s!Z$`L$0Cw!X=r;AwCwOTti}X61WVej
zd&uMwo6}dAYZ|fr%oM{S=4MID**GDXUO$$-ZA|C{j{9$41<sd^4EwP!cr;(9y(#L|
z;S;HRPBFcX4=Va@EWg2oE;@6Y6vXF1jACRYmvFBlU01?SKR}UleojEGJzO(88U9E`
zQ8HbNqR>c1ar1F&vbS13^QEntWj=Dts$%+pWtu#H$Vu&%QMOoFggDjJtQulV_MAn*
zNbaj<R+5--t4+!0O&_dGMj300m6pf~j~W7c7)lAlCFfD8%fmJkU;$PkG>QytbA)8L
zWZ+2<?69)1G2=O8`K8LU^}vnAYN=c8wp$FV`a%x%ZVwsS$s!!E@+Th{zg8I`8o9gP
zeQ7s%xPAh_7-xzscTsfVxT*K4`#(7YmhHm9Go=)<${9okmMg4Ud2WBHi75{_fjmcx
zF1yvB%wE%6W;Q^hb!)VYYXs0<P?C+b$FLpW8F%-X&&0>rYF>_iUss{{HFkndH-rVD
zBAY=Q2#-|mzWttH+jyLpz9E+9+_GjyR$b6H$G7@jvEaHvKmbZBaco0Dc!_w;9>?VV
z&O;p|1(Q)wkzqDB^g2taw^fNl?~dK`wWN{YdVgU)l4nX;d95t-{%k{kCU6!o1|N|w
zuF!}0X$l8260^FT+x_W>Cx_IS!y<BueX+OSSP#Ot_~TtxvR#_u?D$nSOamgj?l;VS
zf2l=J#H&&TEn`w<9NY`6Q74^wql_GKhZ>J!2`x8|<tfD$8i7RYucV(my%<+al6IXh
z@V^sY$V(nHy_(;NsB4i!Z8ca|eNZ7c1mOAf@|H|IF{G>(Kv=yMD98J{+PgTyU0$8d
z)LEJAuUs(*m|$xc=8I=dKPJ<V@Xaa9N*b!}supzMrbRDAPU3B9vdL<2a-g+SRVhUm
z-gQCnJxI!DHl><+q*ZUK4?q6u-rIalT`S=p{&Z`GpYIUfpPhyven3|id)GJiMX8gX
z(cIVid?UfwGgAFPLu+4l=ksh8;nfRVsZHe+_U=VeTH|1)YjUr?3rwWWrYf#bt}7Pg
zlxl_&WAQ`L+rYNBMvmJTt@6qnCt0arPYL$d)#WMZkH_F!N^VytS$P@{d3NuU1TjwP
zEHs|^?yh$C7vY``kZ;qY&()z(Otvd$Y&Ob$Zl3Jl`lw(HrYufkI;dVv#zh#}3y;q`
zB+5oSW1<j*_3Ldfh+B{8`EDF$uL`r@s>5+uOcfrXoehpzm0|RKncnSS_YafMF4uAQ
zIsJ8Hj(bD(@B!C&=+1eLqQr*2z^F6a+GA9tmYwDujkMg=x}2N<5tH9&*+PDBwWnRZ
zXm@g%NPS@pee?<5hFg5A=yk{8gHibMj99EPs5rHKP|F}wFCQS;p*&K^3BhGHYVq--
zm|GCf<#9Lup6JSANhS9l@nBJ}YN1auuZ-kzVUhqKmLw`_2R5SauK%GR3Sr7*NW8>)
zrdMLrwyC8qMHzymgQ41WQfET^qV8<cy>DdE6*|s%%eriHAms8M`{D`a>()e{b^m;$
zzjynMSc<40kOtkOy<HG9OnP&UHp-`LPIe@UbTSqtC8z7COufpV<oR2geYm~Z+<hFK
z9rP9w`|QN_%tzTMoKH+bz0&o{O<OmME`nRy@_HLvi4v3LUJP{OOVi2ytufd>I#Q2U
zkBfyKJeG@cR}L+nfv1VCK__h#CbwEu)TJ|}10+^^of(X~tk;~f(kk+Yh6DBJgw|u7
zcyTMrnuZOSgp&#B!zq(Ew_31_%1-QnE`-e!htFoGYI|ege}|pPGI#{}-ROPpO%9?m
z`wKOs9~x^uXOy*)o5FU*)mITRZNjsFnQoYA0&i+lq?<#$8SFmY)t^1h?(QXDApuEQ
z&D^ef6_a(JK2>_B%}V&Dd15@?&M2OL?Tj3vp@}_rPd&RG=1hmEZV(>N8#KsQZ!}+y
z@&g3usGuuzb15Umjx;3C!ea9d>S&eg`fou+^f!l-ysrZa)Ox+M^2KdVQjQq!9Wo;d
z!*=1m{en*_bB{aS8)w&2gk^0ONFiu9ez4Zih2(~O|GryzyB3qPmtt$t>anCHu!`o0
zOIzSMqlK4Q%4LH3{#(N==JhjEQ*i<cM8+kn)^eP;Wsd>XLs!&{%U6@JQlOnd%NeI>
z=#9OB?#HfG3AZS>!&^=-7bO71th3Q47EJCX-NCVS&5CMOb30Gi1W$WR)&;BH;L>3T
zZ|z=lF7HgMrYN#sC+fApPo@Gt;1@S^dYF#k+>ugZbh5g8$1k?_&L~Fph<P{H@;(Z>
z^Usvm;oGD;3>F7&;^b*e3m)|8gX(=O+`m#?!D~1hDI!t#$0e?nJ<3kSwH=4$uxVD>
zrk(3(LmxyIzY9=Rk^M2qnFkooX=L&{|K76SG{Q7KB`$&^Rau$s%lO6XlrvUjj&;gG
zrA%eQ&!wX9$^~|UWGJV$f^=h`iQ)Su*K<}>VfmKD2HFvOV?O#4!!F|-x@Zk1=j`=U
za-*9Tj@6IFK?mq%dljUo48TS?+)GA^YE`wyHeDp6LTfL}rA5M7XEOvN&I^n<ud~?d
zJsm((YVpPp+l~d+n_cRT&4%b^r^WbL*{v>g#M5y>!+~rSFOH&=<onxr($XB~N2LIk
zRV@qL!$F9}E5_5Vg&!(<6tw(IcP)b(XYAmMp>c=4CVE(e+D6t+IHe%$Pam_#W{V@}
zo+eAWA^&oQcsU7P!;Eej%2ScC%f6M^gmjU&kFfREZ><PAe6mhFJP827=t?Z9v+upr
zjyJ_pifPIvMO$X2oflx#A4)r?dnzlg><hk;4IW(i<3e)XSv#@6kA9-xkKl@T1Js3I
zWoR%17-wxpFb7)6;4yCQ18To&SI$XbtFs?Vbnp)o5f(xsrWFG<!7^#5CpZ0kge+W6
z3YL9+EPyIpu#X0U`|6cxLrTfzlr!c@7_{cchw-TKi9*Ww;|0K#lv(kDDuclxr=|!U
z3vFvQkK64-^cTEO{bB5haAUCHV_8(*>`(H+G)D0n&ED&J?yjXc?SLnp*{QV_tWk@Y
zbkfrU$lW^>%<p2AW3glEkpSP8&X&cZ2K+Jquv?>;YHc)+JrN6*ZIsi{ZECnF<?>8g
zE?3g>OjUh%F};nG+vU3Jfz`I+vJVnI<gGRw3Qtq&yYDXJ@Ll9Pkx;yU3IWKjx>Oy>
zsa3F6Sb8XJ&{H}*Ou?r7Zm-X1A#k_yEOhgvCY<`0W9@q_vKGAMe1}+~`ap^CsrKWQ
z{0F!KopLR{#G(T%3Y{}><{J$0R`2yh^9`it;tj-BNxBRYZoXy-^Wr(?CIsmA56dGg
z@U){a5xH39QgGXG?{b$LuJw;LnQqVP9{t1dgM>A?lf2~~2zWd~a3$Z4C={#EYJ;rf
z8FcYzZ;et*O%g)E8Wb9CFgt#Tn$zh|GVo37tCZ4stiS1d+q#FbQN1I*Xy_c=M3mW%
zbbk|Y5sbAhuLhfJ)ST??v?_~1p_9>xWR|0@^tJQ?QKC_zDD6qcU2AH{CYCv7C?)iJ
z)EO~KnQY{&VLXfAx@Pt#DadE<m4p-P05RU6lUCxW!lkRrcW$#3m5(e(BmwHn2V*M~
zVSvK9-7ILsB^#M82*$>61ewP?66cimG>_-7FQomUbE~pg-kE-gn=pU*)>+ty{pvNw
zQWkc0RaSFe+_)dm=y>y~HR{7@T2A?wJd-i*&WC8HZqGIu>paAcR2(;Vg;Hh?xCafs
zGqK%GeRr0ax~P5H4XbgNvkD;_8?EkVi;H$&t?WlDwB~s{RM6sXkH3DAGFdosCwl6%
zDaA(b`5BV&-XqSpxG`?;E@e7vy<&?9<&L^)Twaj;6rwnHw|B~S_ux`q;jOk3j5`+H
z2UhQZZ3Q}$U^k)3lCJCoyGU)L^Y(&$Y*+Vs1=0KG$@$Ey`89_-8Ede=*3^pdd2(VU
z!xi(Ibssveddvm>2lYs{=tgdX+)R@G{q}w5<xtahJT-&6DU&%j&VD4hgnzg~JuZg7
zV&d45+Ur=>Py86aw0#FDSQOariM6L^j_}R@co}GzxRo$F+uEO9z0G--)$0gXJj}Md
z!0-KctY@n8)7?EyDEImh>3V~@*_Uqm{~KoUs*0Q!kg%g=KS8i@_U<l(5wia`J;iH`
zNJd5$JQ9NycRY-RHgJs6D_0$o`|01PQWOVdp>>cNYbPQ2S77y@z%&@}nw(UH&f)q`
z2=~hQ&p(re|2H{Ay@uiCb{`%m;N<r@M4~?;!q-Ti79{zCltDM2Fvd}i_0O5!@BusU
z{>T@Bz>AW-&JO)OZ19hq*PGX*tM2=MBh9~jYohp9`u#VAw*L*1|H^*Ia?nBiic|l&
zV?j%1axc@5Sn$tNJCvhXE!B@;1bD#ri-NMVvln=OZvtS|XRxgQg!=v(`ZF&E{5T5i
zU0GRKxcWvg0M-nc7bhLs#D@&->xlQ&Vy?mw9*N=KrSf(`?ZE`C@KS|B4wpKH{vFu-
zvou-oaF`&wfNnHgXbLjym~npXe<k$#kf{i`V}QU*c>RGaM-Fk2{U7Uz?gTFj4ZPxx
ztq=eP`=g%!JLyj?;lx|Z(`EY}BmkOEh=rf$_Zbp&Vv*Io2t)0kwe#W~z2-?oA4Gy-
zYnef`*2j64)NyLz{>_LK|IA&Nd_w4tQ~otoIR}{DzwF23`<d~EqAD5j1QmYUZMte2
zKIRFthyR;Zuh0@H{LK32^-|*dm0V1-i;S@rL#YQYFlnv??QeRri#K4{!I7UUZ2JpS
zyQ++aQ1|C5bsQtIe&H;?BpJ;sAt5ncx4W|wNS#WTFMu2wb=<^M_9i)c-JerMXdwc?
zR5!)uKCO5UQNqoZDQvGf^cYrbJIkR!@u4`YcSb?Xr<StNImb>>3UXHh+TqnK?DlBY
z{$wjHuJqaX#X8cziGoEWkR+A5i7C{893)DtGQIImzfPYB6hZFX9CC4Cyw(^BQ&be^
z6miNWQEMhlB3&i6OXNb=PuPDur$43hD}x_K+GbBtsSB^fghO-yDs()3$E2jw3l&41
zSimjMC*W#j$X*)>&+$h}R8;CUxgPthsc!nb990dNCZrh*2$OBRa}1PVh~@2w;l1FZ
z7#+-^3i8>mONg!8j&!@?;2%UQDWbk<P~xgwfIskD;HsQo)js1oSMF-0$@@ns@=#wj
zXTTeWx~|r886HDt<6GJ~ja*pN%2r+Ev)l1PGz=&RXw!K#Px?MsO!h~m8Rc?9rYPou
z5=G=N`_PuWI+7p1V%FCY4H;g?GP`nII7>UKo?W)}a4aP<n^A$ngab9d%BmGFEeWRZ
zDxY4&xUVc2F0W%KsUqJjrJ96Mk|RfkWBn}pH#p+!EQ6=ltdjq3p;(4>!pq=ZA&5|3
z@kO09a`W&_P5?eigyZ-EP+%-@3>;qcQrZ3tRSh}v5%^pekt2>fBjuotL#fsuD(Vlq
zB~_X`>uvcZKR$&bh0z8T@U0d>@2dZwv|cnHxV&S*QN&lW_d#vXvl_;!nzS|#Ng1vN
zq@V8hVN<8Ug~&6*oodTwzX<^(GzykWVJFSWuxP$UBja^EW5#h&VEHmkXvPl{cy;Es
z4SbaPK=u!kFb)fqS3X(wGE@oZ`nv5mmg_Ak!+e|#TpcI~uviTfa|@CD9K)2W4^^JZ
z%u2JgvU7#Yf4OI$+N3;b&;4dAkUo3YMUaHnz7W^fIE7X0VwJ2U?>n@XSAVW|07iB%
zwe1_3_D;}{zZDLT99&)-XsbTrdb8;VGv1te%afa}RO3dg<#8=G-8i+59CnUqw$!MA
zn;nWDHTg~Y<CN#n7m=aIVthO6t6k~Vbn7*0$37|Mlk8@D3S5r<QX<AIhi~gc!?imo
zwTc&Lw5gvW(jrP2Y997beycF=K7!~gBsrXk;fxK1Ur34B=B4AGC*~hltv}pyQ&U;g
zM=v60-C)q)KzomZWRSj6an}+t<B6wxh0av^6$uv+?NQ}h8IMqX)r@G0Pc+;IPlvSP
z3_F_?8JZiCkM>5OzB?!qby_8ZrkY|o9@CN<7<DW#4}6_sOxDxC4Uw5RUOoVpK0Eew
z(c?iNKG=olE|$ZE?aS5_O>p)3V&s#v7=^S7+m<nJRBo}|jY*^%QUaZQ8<5G~iQ#U)
zIM1damD7nCo9PGVP&PTeZ`_bt_L<^nqj28q38WKOKP;!ndk1|ie9<Dd<$}GQUS&+I
z*)3*kBkNUwAZzk{?MI@dN7-H!B&hi=f4CQ1p8gm?JLCFjZkJ6=rb8$t_KTAIGqCOk
z@DeB&;u-~r$S!myUWN2FT5pDH<zLl04Lu(jSK-^Q_c>%sx%Ro!*`GWU1$e7B<eG(b
zhlUuu6@BBYNE$s3fV{>eA7wa<tV=@N=ZM`ei=)ZR^hxN><L5D*I64)cgbQOboE!oM
z@$6@=KWC*hpU`M9xj8ky&q*nb;Y@w@H#W~jdn&^^(v>#JpgC-rUXK;wDO2z%*cr1m
zIr`S0KW+i(fdPk87cMo^)(z$;5w?nSF$)Qa@T5N<PVZ%z;ue_cUjjotCQ;d~6nG0F
zCM~7?P*n3FJlob_lFXYL06F*;uEXg$1AS<NBN<#?9XRi?M!Emv49e(!x==!dfdb*=
z>*U$;ROD_gt*CQ0M@9Gg{v*iQNVI+R+vA}nZhOPVpo>ek*-FQ)kVynTfhGgO*QJN!
z;qBUj`}9Bgpk36Vz~<O4of(6FQ9SU!J(5L0nW4=`q3LT-8L{JDZmrkn;Nf~ILlJ;<
zy8y`qY9?S%q-C5u!HY&!7o%EGf^PQX`EDBJJ;`bC&DE9b#HGk4#sbSQ`;JP}UHf~=
zYw2A_BP(NrGegYeQAncnvp=ag(a5MptPf`dY&A&(x06$PBcdqGIJOHX?>=eYcM#G}
z(icFK7N6L|%7d?>Tc~-n+3%SPljGpr_eTX8V|u%I0wOX-ea<Pp_TL$!jXl2K;*90z
zq$qgZ8Jlnxh)AzIx{Yn<{<PU+Ach>d6u6xf4`oNh)9hjr%N5o7%&o<eCDOqvFkC&#
z-pI)Obs)a&UeAbv5<8vq77(ea%;Ef1z@2L8ME#)e6O<trh}Gl<oA03O8>>0Kd^$;0
z$(o^kGxvaQw^Jh{#hs$~X?Z6A8CD8;hJ}i_sUD>aL73{@B^}Z^QL1^=s`Q{>Q}uA&
z6|eq}d!!=zvyWv^@yY}1DS9MV;)tX;kAdFOD3mvWGd(S4wMjQ66*^7)OZ1}>8GFqK
zPs#gMTNAb40cEHva&_IO(+(sDQwq2nEWHE|qe*C{OVO;>c5bP<6w!gKEMCK@EF*ch
zJ5s4qW!{ZZxX<3(7tKiQm(JNr7CR@RTB3#+)q`{~3a`88VF6z|Vvm=0)e|IQZ%!+j
zH-sO5uoFl6V5*Mr=_;jW@5+To4%lQ9C~hERG!?GTaa`05)`l&-YhPUG(ANzX<*)_(
zWcv2RcpEv~DE%A{2VCBl*W35{n!{RSelb&YC8Y@W(my32zY8f;38KA=PR|hsFuW0>
zrNq22cF;S)rYxSYNEN^|mMWlRRAW}(wrr;w<BG_h3h*moXBu;&*-~PmcOuUhP8Pj+
zxAZLm|NMDA<)}aOv)#5dBbdC6<Tgh%4$}z~efC+FXUKTnOb*p)cCudcUT?RE)Rhp?
z*b>^gunb+9quYQ174|^goQZicV<oN|j&?%Maf7}%k|)ct+m&LaSFmR|klNqd{b|%c
z;eE)Nu6tf@6L*Ch)>3+kAx__S{8b|dj!J8d-o{$|Qi}plRK_Owh1>|!75<2_dQ>(J
zl0~vb8Y}YTqqfxw%WV&{DU+ZxlMVd=qyZbb4#nwHE-fEtt^0IyG4gW9ehT5B?iyr9
z`b2duJ-nyWkO;-QNoNestU`Mt+BHCQqAGceR*~asIJTv`69XkSVqn^&QnFFV<~O#)
z17pQru2>t_73ea@!?>YnJZ=K{St)X8a(^gzQ$kR;`%d&oo5ncGq&WdFFxb-p6xt{C
z((;0m9O%5AEVo=U&`MsmRw>kc|3rQ&aWTd-2$LAj=iQH|$XP4P`klF!=3rmCFhU&x
zRI|@TV!jiSV#>DRjGOK(&?Pv9$!51Iq=wbeJgwupINyyhBm_tdv%$njngq)PN<$=g
zC#sV38qa0pD#sVar1tA}*NLN~P%?73xTm6<x}-4##ED+3Wx0DedL`3O&(rBq;OB@I
z(sIL%G1InERG22fy;D~)=%N@aIR??LDvQkAP?1I^V1s5#RW@CL{#ignDSVB+w*c14
z&6bRjdy)x#sRRsdsqK?+A@+$S$NSoYTy|QS>+LdfZ+iU>-2noP?jVZI9mxdF)DsuB
zdU?Obv2sO)-bd<H0|%U)u2Lpz%I?v2p)$pbb1A)ubvK!>mxK{EuR8IS0wPEE@iA7@
zUB6qJ0(X%Wy!klwjJ#4mI4a2h-MzD%vD$rob5mSnS;8Jn#8w<2{$uLRLW-)G+5-8I
z7<tS&6kap~xOndwTn6~ZsZ=5;%!N=1+k<6-T@?+nXpXB?S(`D^@Y#CO(cB57`QYzj
z2f9dp3y+YK@l@VmdF0eFj&t3q7PQp^xEjnMQO5aH1<%v+Z)JK0&G+9Up?hPtj_+M`
zmbwc!-cplku-KvJy2TrFAUn_W!8MdPB2MUgfo9)vppj6mxFXB*T<`~t#9hSp6{seW
z(T*|I!o2hhI8CCdlj+eTT;Uhc8w0-toxC42UAQ6MW8BRg$LzzDTd55Qq?b@+kXFXN
zLXmE_x4_8#0ZHHf4xBmCEvWN*U{!@=TJ36}XfJ!}41^A9{5X{v>5r18AnxiWBiYf5
zVlx&WlknB=ye2<r!ky?8x^ISc2G5^%L|y9DH43;Hebn^o+ol<}q5HmXH}ngu(dtdr
zeAV$`r6P|{m=q7fCfytiWY)SFaoyddEheq>6lF{G;xy#^5xD$Z!+q)S$#6TjIYH!n
zKzvZBaoJLZakl-2T#CCrDp#IhJNE<i1#N-!$Faf=bYIFsh|#5Q^S1U`gN5n4dR&mU
z+tbp9EiUl_Gn_L!TlNmnmFGzkXIev^P4l)ZqF-ew%}Pe_gL`7<`+}y!gM*<>d0gcy
zN@_>25DC@o5J<<|5!kv|Rpj$Ny|p^mWvY`iW}!jSP0m6~H!uQ4oym@2@p&(`*V<oT
z`PFEqgR7Wf25E<6|G9t3TDebatfI=A@yJ4dX1O5T4$#S@b}oYxLF+BmhQ{S2+Xj2@
z|D7>P7{+Gfgjfdc+pHn&m?Et~ifSk@jW$#)S37w-Zkr5Na#-Sy{aj<K!>cGcy4aD(
zYaB-SQ?KNQ3#o4>;ajY1Y7ad!Cii*pHKYRtE8z!TG)7XYaN50f7=4e36g)*g42|ws
z!Q|QqGkP1_`3@xTuQ+v94J}6V!}iLf9+!)z02j&_D%911ZuPzpmtnftT?|C3?W^h#
zBK7J`bz=oe!a-aWnm;m<<=yK{P;!_8F3FAvUXNGVpNFL&xRNKM`O0GHaCu%<g(O$Y
zwH9K45YL>!jjzD;g=)Kg4(pnseqD$P$LO(FTCRLfV$`Dp@kn~zsBAdt#^y?1s4%z5
zrY>_j{eke2qy1=uB^Psv16xVR@oYSD#@?#b4Abh>^ciZ34?QmTx3t@>bKA~Rt^{|%
zbuvxiO~4O=2fh;SP3n=(iP(<~V)$z=T^FoMN*F*mmo&lYw6`;%Lqxk;@p;U4=a&aq
zaxK15ao>Ql5ie^ZLtDOy8wYnj&TW__GUr&Xm6Y3y_()%S#Y6W+QJCrNyi;+sS-jto
z4?z?_6UtB-g62!9M#MSw?IKh@v$4RN@!RI)rnaN$jH9Y2l7YfVgmbk>nznA)0j+OM
z%*ia1xZVY=E!hfWn9{ltD1V$^5S3I3_crbYl#W9X?E7hRX&X=ty9nDzzYM1;_Z4tH
zKCwJ$hr+!}y-k+P9lRt!@We=dOL}AHC5@9;bz)%3w{Rp@WxGfw@PNbqd>o)`hJ-|0
z&!W@^pMS!nqEJ-+#qC}%JiC(!Rmv=XbIqqcKe7cBK@9#oA3vNQKfYacHGQDVx5=?9
zw#zG4OKqcyrO_Vo;je}OL1oFj4APZ(A$yX3XqO84%%(<VB8Gi8jh$5~ML9kJPy}vw
zhkn;1!SfiVoj|9{gxni=N+i}cp@wD)EX^8c+qFk}cgo1ji2*|U;T*;il_|w1MFDHQ
zt;f5ql6UOlzW%rHYs(6*L%c7|8K*W<JsETROlZwmT<A!<2GHj6W`&QpK9^6l$5cZv
z&#|{QpFiK~PhUs~c>7@`eZC`w+y7vuOPb3Ia>Snjwq$dGYm@xBO2i&n;_5N&7N4C{
z$Rmc@(Z1py|DnMgNqN(7c`<CwEB;CD`U+K{MmPUjMcRl<YDZ!|Mu$p<if6;O8pn;S
zJzX|mUaCN<?UUa5{LMJ=>=2_9xwV-5P69|Ao<WW=&Q=q+(J=0SQ>|C9eR#6qyPI@+
zBiJADRF@B8l9Mi$<13+aX!YLKE0bvbGUnld752%VTWP&j+F=Urx@G(5n-}PleMKc#
zm3wnRw`D@IYHaoDO8DL(RrYopRtQ?;xaTfEjEI-yiMDM<YL1bSTuw}MAe5<ELP<jX
zEUPROIWF1mkS{0}Ld3a^ZYT|+m10id4uzuHnh4>k=bEOPD8_c(erPO4)xR7PT(R#=
zeDG~S&^q1kh_G3fzKB>#*-999RTr)soHZw=_PK<>$TdDDH0!-JQY;!y>_u4S2Dlc;
z*ev7pg?I^`qq#52OAO5d?J+h8zcHmmI>mCkSAPu4^1V(`YQ>Ik_@Yji%!8J=@Euxi
z40(4fHUL?3r@kdyr2tf)Vja#{<AH4`26~1ZiOJ)F@j_adB^`wa_qm(d%q)9=Z-&Ig
zG@ij~eb=yBt==$9h($sv!#Woj#h?Kn)}3`xR!vCjq88vlfiyaxbl|^A&c3R<(O-&*
zGX%lj5B_b~(z$!gF!r`^c-E@5bqjiS4@faOrnm|^v#+V4F=`M77%fs>?Q$YY;1*=;
zb#!a-G`VcS&rBGob^22B>4BGCik!JT^6NqdkagJ%>%d@@{L@AiMl{86Kz>xqj8Nm1
zRogyTd$2t^n%flWL&JIG{Cf!`S}cv$k0gxSrfuEsLW_k+Hf}hNo<mLn3e}}E3=(%t
zZBp#{-QSpx5?5;}E{a5NLpSg=4nsE^a4y--?$|<ASbG%3mD#t}_$=TduU^v-@7UsB
z*0)_ir4Qtz4&#Z9)e#?`iFY+hPi<*S!7L-0x|>itN)e;JF3R;Iok*8yDnbH6e-xJj
z7GjfVMsR_w4KU=#*+vgkF+&C=CZaDLsZ&{?c2&k0B<yn&R5PT&#Ah3<PbEr-hZ@YO
zpO-t9>+R|50#k#b`n}K2S$<@B&I5L#jkcscoKXUL2ke_#CX^v#14tlOet38cSt;;w
zhRBnc-ltkwWL|{?#gT*BEK*>qO@PBKHK+ro9`m2m9W-%dEvwZyH@CUJJfoGwu?9U0
z^f~5pW+tG1t9+bKNM4)J@g@D}^jJ_G1LrXXH>0^<SH@?pzul^I#F96Ydt`0kPNaQ~
zcJST-`^BUrT??Pn2iOMvs5ZFc&E2i>NT+XCJ-s<XN><M;NY|TlJNoU4F)J%XiYE%+
z4ki%{425+evE$N!g3@>q;w{JAzFlDAr{@GitWvGSORmEyJ*)@%2#1DIw!Gwf(K|(5
z^p9%$Ej%t$?9N~}558#anCdUnci6&xZk+60)mI-WO3Jdouy>xEI<C0U&bBAkx74lX
z2s@#b&SorH(PBY1kLDX|{?&CA78Yiee{ttI-RxqsKbbFq=e1OC<v1xu`t~@T#{K2m
z=zgz4B0bh>bNetnZM7m>#hWSqyct)(WLZT-M%$x6z40q`bXGrQVhf*3VnzjWMrx*a
zoU$g*d|m$G>Qk!o^GQI3TX+ZqeR~W}_KbcM(K9?N;-_kNifxR_#?Ndaw77)gfmO9V
zI+AVZrNw#I`V`Zi{MJRVBPQhEBbSEEhC8zeatr&2qWU%ajkOEhzl%Lu@2`@PsPtO2
z3f;YraM`b{Qmn3UIa(C@nMvPau?)6X3bPm(8Oi_TaV^{K{UqtM@vCn8wQ~y(1^To^
zn4Z$)F$Zs<jn+ztaMo>fG@X;2XZ6_@(A2~M<2AFY{At^HJKhfZWbjzQlPn9oc?Jp)
z-SN^dwp-cSpi@VeXEXP$foOE|;C4Pwy5@`0NA2Nvn3nuPo49(k?|snNcOWntJc%i>
zA<F$o?_8#iYSl?D1{*z@cXusTK*EHp7nFKBPq=XExL%X45UKum^F)?;G_E}iwje87
z7FbGCd;%)D#SljS=Fi`N%SZ8wC#wLZ7tYy@C*0N9+BytL092k&9ykIv=Pb=mOFY>Z
zGSC(0J*7`~<{v3uXk;KU7h*g`-!h+z_w_$Anl4u_c3d}7Ch~|2-0z~NT<vpNlWn+?
zQ-06~Wsc2B6rnKjiG$I<C_Y^};|L`XkE<r}>s=p)BL5c&h;9Q%EOG1~m5Bjg7*&2G
zF|2NXS(^h{4H4ZB7Fl7OH`$!Qekj)41;KDPe^lYXGQwid!~lccOrK8mG5V5^Vyd@$
zX0&Ny+RVSemdL4$WyFu>cBu}K5oVrX^K0)-MTtssu9>`8^r|q7*pz$L$!aNE#QP_=
z{4*u|-q-)$(K1a<ve5Bp3w?IXqG7zrg(tfl*PBm3nq9lx(Uk^kH~iyy{Wqn}vD3U;
z!Tl)&6FE68P^gYVLJ(Ow;(xM@gNUNFG9vsc96hYv7~#zdYEvugfJpp8M`AlN-07uu
zfp}(_>SH5FDzC&6!@3aX|B8Ya4+)w`5jg*{?ISg;y>d;DThS0#f2#J;nGb6q$dns7
z>2wL<SI5gg)aT*)`cq)r!+fLXn)xPjXL)<QK#9#c@2e^OoY4KWh4eq2k9beeL`uM-
zg_cBbS7#gZt@P|NKFJbwc6r#V8k}R3kuZ-x(3>~Dm-x}L`36yX`MG*?Ap3TQa^~+A
zsUO;)@QDhPyqcZghlqgxUi;tZk~@-U(WD+zrMufh9}(oywiD;#Y@xvD&fe6*gR}}T
z0(-JS1XL}E`0`*DCnjg?pKV~qkC$DO^#tk1jeXDO(OBjfd=hx|9*#XXSLWjj`IcE1
zto|2XL2&i<h{GQ#!4x9K|57Td2MVpkvGQ~qEl<<dyoTcLwj|=~cTG~Q)0bO$OsD4-
z1&Cac<&c#8pBnmPUc7AazLhaJ@@;+5OqyCV;VOH?kEYuK50jbNOU0v`<M@N<*wq#&
z{{<$0LQ}>FYy>gOK-(TY$CDJROa2A70%Lb92jnL`OCOGd=R}~wN?pm<IlIg4xmEd9
z8ZW84|Ct#t`WYOtz|ry8)nA?re8SB~^+3GD?gj*)-DKKo(WWRB-$w9S?Tavf;rVu1
zt0qopUn;+0EN7iG)X`(_E|ges4tOIRg1L8wJ|<tut1ZUZi~icq7QtkCEQo;?D-*>!
zi+j9S{%mU$^BYI764f2MP_(<T#>jsrF}G*pl4eA;I$cd;Ox}^k+H0>5iF&kg#=K?@
zEI?w>@V3~AM(g31d#&76h2m<kgJ0%$K}{#)@gHLzw|%Z!x_Crf{A7+Qr3fQRRVT6F
z%Vbw^4Q5_4NWKz3&@I)ne>RT%cNf)XUPbUNqm^aFZrWRS1zLd*j|5f|*4{wYM4kJ)
z3$7KqL=xEAuuRGL)Aj|3iN#X}J#i7tYiOxgxJDKF>v@&o4Ot5FkCe4-ZDoAa7<V0q
zoA-;V?woTqbH+x3`!E%%X^mn!RuhY|Htz2CK3PTxfdVJITI>6){krO{6N{8bLd?w1
ztm4lcn>lKC0X;r{LlGSb9U)AfsFbMtHmkk5k%1Al>uGXKDo^AbF{4=1sVv7U-9YEF
zW~u$q5~70k1wMNDBbZ-6A{eM09-aQUaFd7dhdH7hrMZa<36{yCJto)+0cGr4sqleE
za~oB187%Iw9SUL*WH6S-$%KR_o^g52jm+G@b)@du)ze#o#Sxf6%_^k0d?4}IRPqnp
zcJrz@bJgsWp`k?ztC)7_W~ZdD{DfeC>sHUJ@Q#<Kn^nemsY$Q*g*aJ{jR;MeZ?zql
zvrIN`Svkio2en>-&_)qZUtT<C&`xL`5Bsk^eGZn&P9#2~P-hpxt>w1N!Cky@yVd(S
zZ*xDDQi)y+W%^dUL;6r_Ct!o&*qmUthR0ztQB!L+W;>!1fKrN}eiSP_7TY3gU#ajB
z;x|G#UJou0v~ea7BXS)2AqW%M^vY2#`0)hO?~&6dyYz`WE8M{>)tMslpp<A~rVL9}
z=H($>XO^_rta|LOS6gX$P`<){8$CQX@ae(c<1C@iZRhLAxY1?hFUFAIV#9CaBYSLx
z%JHH>!ROtqpic@AlFph#n4%%lyN$&mj10#v#wG(-{Pra0l%N_o7CgmK*~^YD7-~x7
zEwz_JAtxWJt$q+)f5pnvl(fGq?fflsJbZBX>zox#mTH75|4*+Sxt|~ga1{z&sWWfd
z7fN^+pCEUX%x?Pe=%8E)$4_sUTQmS{-^9>F2_;!_YxpV9+0L9Pwzb%dhsWba^-9T>
zZTLx^!%XEmVl>A#AIXiCauh9-vWrn$C4kpz`WSV=iqq`7Xv!Qv4shA*7_8Ddt3y&l
z&lQr3?i|<}qLBZ#UZzN(q_Bl*ac)LB4}K*qY;rbBX&c{(>8slptR^ebFh~BWPhsZH
zjB>v@meOi+gwC^Bs*jN70OoakqWO7h94^*{+1uMoYAt>3T=H;Jz&|2kWlg+3To8D=
zzp9ZC{;Ny!*O^gE?yI`X{#wtU_u7H5#63MTgD_lbIr0B#K+p!yVW^C4==i&7>>o3Y
zw-&(LBOWxf)gwXJ{|}J(t2JZX8@i*V<cZtk66;?``c>Gm{CFFH$UMTgy!^la7l3HM
z&t0HTAp5w+vDmU(leEvP_uHWR)|1k$^%xW%C*WJriiRWd0)r9oLj8Ct5a9zhbDL?L
zkgbLwGZor#`q&CcDM9R$#QY##lc1AM=(sz&B|AKW&SDz5q`x@;8Xe5sAumdpylmky
z{~%~G;I+KM(M>-3KhXIrIg>xDF8-fA&D&K!{4^C%YPz}uW)@1!P}K~_7Wuq7G`bWg
ztc+>z$Lk5ze;s0tui2!r;99^3%P4jF296Qr0=xJ3>KLL#C@gJk3NW6ux_)-vd!MhP
zOh_aM6Z@<l0fY0bGE^k*rVfhB3IM1HY{*s_BH!<(irdNp)v+1b<As=@=s+59Dek(r
z5;CYhM|VqNaQ)3L5FBIB9nNsLQ#vHkR?gP~f_28?6vn6&?8VCRBxyy(t>{qG-@^H;
z$VL?R73p8xR|5d#)Sl$k^-7(7VK-M+#Mp~}HvWBkEk{CNjgL`gitGi<Ovz)G=en(6
zl~ANg)w~lpK%ROnL!mm-p&wx+qpsV=($SVE;PRyHL{3zaexBET+Hv&x)TvnRNnbfU
zonT>=sL(i@L7%Bv+C)^z4Dwfd^6#dgqu5v3v3MR5*HDBMsHh@;Hde2SFS1uIstF=P
zxsxD`uB-#7Z|g|mON}*<!7Jr6g`hr6X;>76p9qOT_uds%7ln#58woa5?x$;uGP}2y
zrxnHwp`VjUUQLm=yQeAN@T;>`gcp@868KOn1-B0#n#IorT23(i$NS;khkq@-N*E)s
z!5E<_%`xAs7O;9NRS3<r$YEg8cg}8UuhckCmrR?Sj|`=7mm{vuB}J>*RZ2eD$&i8_
zJoGc8?O19T=0nUsGsJF=Dla=S@Cva~78jXEnh^`_7t?dpSsabgQ#U9opbY8eGS(5B
z)qeQ9*2Ri{?F#z=SVC+wj%0Ia8FxKF29*c%TIpc*NF=UGNyiaCr>wG2iFlhb-<_MG
z!s0kZaW_n=t*HCdsoSqOKUUint<wP`EC;fUd7nHtrrVIePn~PW7tx*hiuj<|dq{B$
z@JW2?p$-96Xm=Fqh!@|YO`%&P^2>(M{JUz0w;9iN@4yDAGR8V}#B4K_*VzhOrN*65
zyP4s;GyN!on_f#8{gv9`2t%Ubn*ijq#LQfIKHRGKnj2xYI-Ln3XS__VSx+f?M2mdY
zcnESOQ!R!HQQA2%Ew|00B}FQCAFWTuDv0+N867jR3@lUf_|KM^d#GLc&436Kj4iq;
z@Soe4ZdK1S4>GEE8FDXUX32EktWQA*2o&E-rP-6%9NiO(s$3OoSDWEy)f^9^!5p9Z
zk&X6hHHP0X`u^4|?08s6=N#MVm2(c15$<&9J(n^88lTHAhr60n%Sa3HA)k6{D9p_q
zK{y>GRV~}aqjh+NEM1kfhQx!Ml)73$ZWIgMQyXLn8`wI(3F>RaCD{Tdv7Cc5XQQM_
z=Rw*~ID)8)4Mm!sWC!4?G~BBV1F(!I*J9kcwydrqd~CArRMPmgIO>lwCBvhpF>wiE
z&Kmn&8$GU+-OUa}E>8h(<Cl(1<Hj48qY5?-H-W8BI+HDltJ&Wxt@4&=2C^+ikF5qj
zjzq{snhy4rzTcvYlSIKWE?(TJu=3%{J#=7D#^Z40juqx|R8|cj9HdDK1BB;RPqH%=
z7eyP-u@BD!Uius<sHqF>d}kt!Q&if%2-7m%x+Ph_`s^y65WRHzOK+f2q9RpIvZE+U
z>tpPElQf|E@>dtU=sVEY^qSv_F|pUqdBfhs38tjN6u&!EvLxt6GybNb<IC~ow3A6Q
z%knGMUV`T3&U@$TdIYP^?Pi-wSzp0Vhybon6#WWf#M#Fv2H**Itb`_xmx(KLm?m^4
zbJiLTbSal)Q&EhRz!0G--Op1|*5h5>!`#L@u563L$=g_T+-XKR-71pkAL{S}w!(HP
z!UY_He|EX~8p206%)Xmz6LIKEllEDvO?|Fj_iDOMi;J6JS`;M&)$!WAS&p8Ga7(;_
zQ(Lw@2(9qs+FcT9;F=NiY1@%(I1~l*ttE-3d+nWTAOvQEP<C|zXJ6Pb8VrjDO|CNg
zxwgBa{ts7Q85P&EZGA!r8r<DIKp+H%#@*c^xVvj`cMI+i+}+*XT^e`yhOcwZJ@0$>
z4H#qp>e{udR@Itoty#0kY%~b!HHO5rGALvcK3MQ#98~?%OV+J7nwOBkR45hZs2Vqk
zq0(wG4E)&q0h@uJxEEH+t0mN1afUH(b8LimaL9Z8@KHu|h9G%=CNZ3C=F*$z_d&I&
z(c`S}11X7Z?<U@n#Qi)>W6QS6LCEX*?J?KOQBM8E%($Se-DnsKvX~|WtRg2OSNdd-
ztCO1AS0byYh&Rt8^F&6oeW@P>0zn}#ES1>>cWv~QSej)av?Ad6$ybS-*qHoU<sn$s
z(l9>8K~cW%m(j}0vg&QoqVtSmJk&HabVu$4K~y#e+09{4K^k+zB$J>;FvgI}_E2w)
zsRTZHpn9+U;d23kqjwgAqxB}kSqx=M`Vr)c=ctz5%v+Xn|FJH6@R^hk_R%unp6<sx
z67TrbJj)lJ7pP(|a6E-+n|dYDb~0vs*3n^mc00pt{bEL>3a;q3?5D>k)a1Ar4;5>h
z@kJYe7c&n78enf6)S87q)>qNrE_<!b9-SEA8h|K@FY-{675o@@`hI=lsuaq}M_d3?
z*E|!ez(On~1etn(@iGZVQ<lS7`9_3N|8oqCWs1f0`uCAcUA@^-J#~oOecnkl8q8E_
z!*J@QYDTJak3P0IPl=N_4XqwhJ;ktX@;=ZP3&ItO_l1pnm^~Ef&eY4k2ID$Y*tR~h
zY@^7G86kKa?yLcOjc(EzcnJY5m*{(&+s(+#etfCOV!zy!Q*Vj%2l%?evqV47=b1)8
z8m93!A~UR)TXN452d5a9+$=e5Nv=FRsm^U*_Wm~7#B#ie;bn2?U!B_y=_OkUQlDUY
zJQ-MbT<tHKwj)4f6a2bX|0%lpy)k0|{Wkl7_lcP}^i~;3apFRfjou@EKazk?lquLS
zNa*GfNOv*)+k4$i?qY&vubAzKlXuQq&AKs$fl?zX28w`mMFH`N!PEKB;&`<n{+WS2
z1l!K>{7Q6oTGY7M|5IgyyyrTtr6i$9GjVWikdLO3L&QU?($dC8Yu!0Vj$_jeKP^l?
z{olC4e=8}oOhyp#+mYjzd?U!9B|(*Ax9tOuQY66NdMCrB&GN~NdvNR7LAFqrw=vM=
z6vyx+W&@LZ_skoZ`LS;2x!e6=E?{O!x7qsXkr))N>S=9KK%-7F&E1!8z8VZ|HiPua
z<;XL>+9C6Dpy>!nr&3c=5G*vB(};FnTfT=p3qC>SLCq8iBuih@neq8nl68F%^W6UI
zQuiIHT{lLMYWw{^n;}DUrRhpxv?<2lpb)If1onmoPWq_KFLAR82F*+x?({N^y`?&N
zQEk&9r?=k<v#CJfnzk~7vgOi+dTpe)l4ptXZOn@qR;EO0!ztO3BDde1!+ac@=~(Wf
zxHD91Fw!p%zwst;4##fhmG13!<z*yV_#*ldd+37;-sU@tftSl|hsce3Z=tEa@vo4-
z-lK%%gfpz9!DLlUUf&h_`%vnlm9Nayo1r^ybC%;&d!q;i+Q&C9x`uWh13rjWY?FEV
z1|58>^-9(e2Nni5DpyKr?obqIoo734-I;Sq(0fb+czg4uG0zm8-i(U_%nSE+U@{uA
zE<}w)^;<iLWjCRM1S34YKHi`?;bs12+|grv^%(ynPzLaciZG2iEV#_R?dA%rP1^b)
z=51McXxn<{mJSroioGnQuUM!VE>lqJK~!}7>M|;N+lr-WI+llb2xhZR_ffG?jCHH+
zsx_D)X@9@$i>VmHNs;A=;)v_(=1%GeQc52{$t7nyeTy($qoVEVB$GFkx6%B=Sf|`|
z8!Xb#v{Xe)47BP@qAgrp-QD5bXSptvx8D+Zd`@^5rptQC0o^EL%EzupDdyVlG8Vvg
z=xwC-P+or`r_Pn&8CMmL^b}~}KZD&RtuUFHf!)=lzOJrO7^x|-|E|RDg-X-ze`ASL
z)MyZL@QR_JGOQuUBC6QL{*KQ}D6c$RpY-K+I-o#9yF1D56IlC-7^3v?uUe8K{K+@G
zdmqkI{L%7KyykU3WA&C_#ksB_`nR*;_Kwv(-V(Zf`)@vZYu%$G`?<3+a`8(SHxqiZ
zZWO`^sZ^C5;W{l(o-1#);fGY4!z!gDp}!u(KRzvcan{=Z@PP{DUX@(>@mxZIci5F<
z(^E5i`?+Vd)E*Zeo})AG!A{iZHOj2|tHAOtiQaoMnb)qYqWF!e27zn?Runv)&rKUg
z8-W!ChPuPZGIn6?aHm<q!}IHW2&tl2t)O%IwT+LanqtxX$)t9TZ4St}$qn>72G>l|
zcAJ#g=q9W{2u(yWvya6lXCN1rMPof-s;S1^9F?BZ23Hy$U*VVRCz6cMN>quL3vJRY
znv3j8s1F{_B+`{t${rDcc3|j<3=L6lb7tTZg{Eaug1sJ%S+<%p7L~5Tc1mk%(Jx3D
zD@y2$J=_O~vprj;nr?{h$j0&{a%V8sT8}|1i=+csC+=1=4zsX=T7H<ls^SxRobj~m
zm+4rK&;I(rb40Z{o|CrRtu@x=Jw(T-4@LRj_gU(#AS@-_LUbqQ(eHxn*;?k+x!fL2
z+*zvBYz2=^k+-oS1_~mS{I5Tpe1mdL75G%+*`DbfjN$waTP?i-!qjg1!iH2_D^-ry
z;8(Ybq?2OWSqvfr|MA^Lj)bJ{k$%%uK1s7c1sU_=mXZj8)k}FrFOs`i^mui&B!v#<
zJz9!|sF3f7=BZYBue(@s^1vjy*>8F5O<<rA0{=n%2s`P7mnK;`2B5{uXVqNtV!c#u
zy#za#6gJ3H+BnU!QNog%Jyy1~t>MYkhtzu(0e^BFq{`Z&waIhlTE9bVtbGNiuW}EY
z2Jgm%!TGW~aXY%*Jo4G{%f%%HT*52bx35nw3m`^1#i|S5TZsW$;+ah_fo2*e+Ss+4
zmukHeXuMHIg1X1L;4DuFxg)(5;;I_*yd%uFaax-)yTe&A<^GuDQ{YD*p9`bKm<Fae
zl+i#g;D*6b>xQFshItyTP*5sAAB*xxPfq3@(aPe?*R9a-dVkW_%7)d6Rpa&@Z+P7s
zG1m}Okue{YR7bg<7AUv6ac;BB{B8m<j*7lOTuOg8Kk`a9mHr*+9PHrrDT(8as+nAv
zJDFICpLAZP<qQ%IEb?})Mo~cA$>9`vW%lW7&1B-M(~v)|ck4}NR$O>Vu6mme`mIV*
zFRJ|H64nzLcG-5Q2v>d2_c1<j3~Q^fkt(xB*bjF{ymUM=uJ`ZjxgbV^k}rlMTTNg2
z9+VLcUfP=&pRJ|&(a36Vyk;{e=b%2waK+=CNH$uiPowOO4v&3B0mWX-WqEgD!qIt^
zEuH6XCf?^|4z8s2P~>{e!9rXS+X`{h@)KN9O^w;yC(EcwIbA>WnRn!uD;=WUhG;B~
z)hM+)e>wrZ;mwr!>@ZFM9X@j)z`<1Zp_^dLCjAu9A2M!B@Qe?^tc?zuD^2e%R=ye6
zqxj99^>XaMtyk6HiHH$$O%aS@{zjkM^hjUc_hr;(N0~H{3=(FD)$4!d0LGQ}s&4_U
zrh1jY9d|<C=7Vl7j*q)7wX!P4-1b3()dW#6mRFvLSwtixor6pj2Of|X4js?OX*O=F
ztL?XoY|gXVWcJ!G#@t1{#UioNZ|jcyx+|b%l9i^Lzd$GB?JOqB@Lqiqe&D)mLZ-~?
z&B02NA_%o|lqp@-U$^Rf{r80Z*9FGUyUV=yAYb2>$RnA>7JQkb=WlKHS5Ul0tv+Lu
zBP&ru^v2q=o$+W7E#+3~7e?PLro{Iz1lS1|ICI-O{arjX*RM$;x3st3Oyn3_W^%t2
z9$$#oft+ZmyoEb;=A~3IGY?w?l3}?Oet38k9Uz;%qQqkIy%{23az!uRqzWeai1U9>
z)s@;U#gnF6Q=#n%Iba*D(PZB88xb`qzMj5h@x`hw&OJ)?33BN5evj(+en*^8VXlaf
zD78>G8#3V$FeCHc8>xWX<K|79RezG7*mKfC(jAS`pqPDJX(`cH6@Q6vc*%()(r>&q
zMDYiQWW{3!>#Z+GI^L}%o!hLEgzsEt2TM`Gv)h)&%~?o#t8I&wLV%8Kulc34S4xl~
zD{P$q@<5gwDX8;CrcklP`I<Z=o&D`{#pQ^R+bx0ZPFBmIP@~_D_6ypG*bDtrcrDQ4
z#wHQ?kbGA}#B+n0h5ttL4Tgtjy%;dydbLNrS4%vxLr~iWRf;dO7r?&><Z8+6-%(=K
zYI}rl?|hfkxIOl`CAK+98zVNEf4$i4_EiQ{a_>;&*=BU%VXuv@a&0QC3n6KDW5TUR
z=P12_LR2>k2(R#-udX9KZTE)BOC8@go~zGBWIeV~WE(;&;CTr`De>h&H6?OmTwIA$
z0`(5@4Yg<&sLD!8!*I~DHPVQ?+q8=(vo}v(^l;aA9w#QS<0a&*S@uh@BdOYk#f-UA
z&wiyy3gnf#B=d~gC~8&3<rTT4G)kKMvmYle7e@9rCfwHIWI2kVrF*^<H-WQ6As;_n
z$uId_p8Ot<&c)y#bM2etL;tuuF8(%bEpu%HX3W;-#sB&qni6hF$MqUrNs|RfWnz4#
zjocZ2!QCX2=$3QJ9e1YJ??|ET&wkEmu~a(oIkXTd8Z5eolIcz$&L!f&QFMSR?iHsh
z1?rPJ<JI9`e!IdN@#UG}%pE5RP5Du0<w~=dqWW%lI<enNQwbWStlt4ECZ-S?e*Qx(
zHBYm8(tex`@EsXEsu5kRg=it0ZOys|`Om}}M}MV+wzpF5x+t^Sv@=rZZ=Fk`rLyJ_
z6!fIW#B;8_esTPL!#lUo(oz{*-NB8^<7-;H>7aGrK%v{k#2qdHUY?vA9HnlOWb(?z
zN2kcZW;}1STJ_X-XgVQZ&ew^(k<^hzp}Rm3L@BihjqM*_O9Zjg=8j^MoEpZD9z-Mf
zTw-Np1VIUoG~aV{Xs}vl%O5R=tR>k1phC`%g0Ir~5mIY2JdYU>FY<e%t8V>3KB4v4
z*H?48?GZz63?#c9Oe%M~jb!BLS_M*H%Ay$2mR@!8JJD2CPf3-;j8ZUHM|+%<;A3pV
zV$xG2T=4X}1R{=?`3$kq1T`a}=gXRO_-YN(S^L@Td%yGv6*V2Mh^XaB`vS*?MuUvH
z(35n8B|(X@ip7)d1LCEcxT#hB4R-AFQgTnuFD6dex+w9s7A9$_Y{z$G1H>1014Q|s
zN{#hmwGPcf&lx*(SRS!MYTqir9)y&HxF{wZAW#CG@^cuF^6M?W5!<Wkjo|qWXmcqc
zj#R%Im%N^$&>ro49eT|Y?edxKpxhGcDowZ2*cjf;0{A{iNjnT9(ocqYU~e}-wBFfj
z--lI8DbG2Gb+07z+!^Ap=*5mXihDoRL!Rak7%x6!w7U0!Cprgbl#MQsQ^SFa(W+jU
zkSb6xSy=bU4G5B*ADJ}WP`7Fu=TCO`_H01-Q07>N@IbA(C*Ju>O<0|?xL-|P;|m?y
z^VK%2X<Gv~Ai_-r0#`VZcxnP>2y){H{aQ(w#O8hPCl6D5jNlz+6r-&ZtMt6L5NYyh
zHiag}`(>zfh35US(+K&w+Xlpwy|-j~nVu4NK1j^pTE&QGQRv)=>p-Y;59?d6;5&%5
zFk_JP%z^x=zw>CgbTW5O`o)yeX8X(Lx)jVdI-&tlIURu67+E10oFAQY!^EKq)kyhD
zu#dILkn|<tBW5I>@KrfcJ@{N|OzK#3h5({Su^`{Z^Qd#%BJWjJ720KImEhab2cGzr
zv(lIujOfy&Hk9cfE-JOObWY0{QezdU9Mee{ohYCd^)#7c5Ba9|uMGgMBo~FE!O=q4
zBYaYM_6QKV@a;kJ?i4sJNavF*6a{b4+T{F4^)>@Z0X)Tg+1hBA_Hb^kPzm}O$v1$$
zX`M04xB0q3`4&KXM|{Qp?A$78$PNitjxaL`ORDnn@E0eYsYZC7zScMj+PNy5sms?n
z70%lZT@Pm)C-*jXwb5qMBkWx8;kJ&Ekx9kHjPh6Qpc~9ywY#a|x^*f~&Xp)04Jh9L
z)R;4fb%7?w#+oZB@TQ+yJOEs71Z2}q9^y>nAnp_PJ5xEo6eG__M{Pz86>)fuxRcq?
zdm80DZFM4Ccu5Qr_Fv!wZFR)HOp2&by^WXz3?1z?YNrbZdLl+>o345N%-pPrCe*uO
zI&t{Aq09Tz%jK;(1y20~$DOOqD%EPe2^Q6Xz-#cNHp(|vgEV)YR(2lxlq?aBzRB&5
zQJEqxRqLFbHm{p}@}~<i9|I5p+6F-T3Ul4jTQ}~TZUiVSpeO+^c2oPQRqCLcsR>M9
zeSgHy$ZMJ~3{rE=@43If(*IOIrb8}|1e1^bcZmMMQBqb#6`XQ#EV+td^Izt6<4WEn
zZWNAz70f>{AQzZ$OaxB8f0N75Yk$0ZIAWvdo?XA#>4ocmCD&-U+P%8D*t;fi(VZ&8
zu$gs{;qtXUAQ<Ws5<}9*bO3@ARKC?81w3g^cOSpgY5Htsv?a;%s#cORWZ4tz!DgB0
z501%1HL>9SppdawlI0Z5II>&3p+A<2XCOf1x(mN^k@9x&R%s3N?$v}Cg;S~P9umx4
zt<vI^i&yQj_6Cz#iDm(2ofg&CG1bX5B-Lb$iqttof9g_Gh_Lx9_t|HcD1B>29HT!_
zi2ic@D7&_Y%)z8?w#9bu@Py!60?7o6_6<7)ISePlP5^tNY-9y`Ip<W@#w&Zm^4FNn
zFc3rM(kp+$KSb4QxZ<D)oYmrRZXl{P<ymK`W7O{5S1ragwA|<q=6y3cC^Dxr#KF2k
z%(aZ(y5T94sIWx6JRj68k;ZoRyrvlLbb0)Y&Et6Fh>mc&r~30&5CDB$d>g8?CA9np
z*tWrnthU`wzYtE!QWIR|hqnAFhZ6h4gaFHyHpueXe1{M2a`sN6ZRg_<9CbD;Sb`eS
zzE@D@OI(zp^<3;ZDF*))CV(m)1AG4`PiXXsN@3C<IxPRUm5#cVTeTa}y7rE1O@&pn
zQaJjzJipArKM7*__~q55X-?&Y=ptO_*>&#jj<>e>Bdp|oO7sl*;qkXK-1?`VU=Hcg
z3cppiC$r6vt@8y?Z0zo~>V0al&aHCO@X3X-;rAiivg4H^QfpO)V>-UQJ9lN7W8uxS
zBW!Drz7p&1rQ$O2&PAH@NpAifRYFvqw<j{;p9~ACV0O6-iL8{3+zIwZaf$3f)NP&#
z>kYqotn^O2_#`_?+x7**t*UcaG)o9$Z`qG!bGA}|u9vZx9nR{GmUbry?T)qepqfCN
zDj-g^L0?)}m_Fa(2dN<h9W-r6<NIiW9Ph6B(0#|?^|yG~hQ~2-x{x@!_ckbw59>rS
zcN#)_rK@jDUbp=|^V@-=YHmwiCZXsiF3OC5^$iN?K!(^`7Fi0-$>ACX&BQ_>!IJ)|
zXZ%EtVXFY_Tk&5Qc<c(v{#1BEw~q)qgc<64DoA4tsj!Wc6y_wU3!_5o!vM!$HPWqz
zZHg^W2@%N+&o1_;@rgIfs^S~QK9^6b6=*#emKBK%tt#pq?CV8-*GvxuXScgS+Kz(-
zMFn#-7cyhHkrz&u&??MP2N(leDeNa3PXQZx-)aDrn*|9BIR5qxF&#B1R+_~+h+qx^
zfMn=z0Zm+AQQh_K)$DVlgAs$n{oJ9A24OfRZ5fj2I^Cg7Z<ry&dyiAHnS$Qf5eA)v
zh_vM_e#*6lEmjil+wsOfl$8Zi96K9jUP7H#|BOp$syS7D6}DaE(Tjb2SvtzB_)9G6
z;>Ya12eG&MMsV&Mn8v7S#((c{=4TQ-A=(h`of{8cdsd=+Djb*<UeRyvXX;8FWuewF
z<>UyhuYHO&m9B9VMKO$eg9hLOu&NOHCADTEc6~dIgRnUjo<n$#cuA~Nx=UsBD4mQo
ze$S%^UgWD3gEilj`;ag`DfsdABt&U8YA2x*1RxVn>A?PXR3uGBC~LhYj+H(me5THr
z<x**#QwmLC44qnk;W@@t?^yWY3Z2}5SaW7X3pw<|8*VE$g<D9TE8NAb<*AtM=`>+>
zEF)rT;@ssly7DwTNE`aFk?f`4@m>T{U&yONl-$a77;p5U-#X2h(W+2CGk}Jmcu9Q-
z65=fM=PC#OHFP&Uk9s<I8?8e_T9&XEp6&RVSAd_-n%da$+JD)1T6kl@JNV-i=iUVM
z7lq7e#%qpDAfPFx_cgtntkzBHMW%ssbI-{6XHv!_DZ;`g(-SCeKEBp9e7OLCk8b89
ze=x`%iL2cM2PL~Du7>s-`=2x=Cd5P8hQwmJgMyw3mK&a%^992xbt_wvxwKLLgod+h
z%CloUb2)C3haU|A8+dNcg1ZPjP4gb3hbOeFA=Q^-YWXP<&ZTD=q{@gizS!ql+QWdQ
z3pmoJ;r`Sxg@pCM6zVJ5LFl@YG0&dsI(XTftOd)Q={5{=mhL92-%g@g)1X#p^mNl>
z5gc&s;Fgm34c})=ajVjM2QbnJOsL2pJ&(bcpkZVt?5OEla0BeX$^ZZJ`G073%)TSZ
z4YPL#S@=71G%~-aZkpk1R!~BBNDz;D-yd<$-ghhp3B3Bgd;qi7vc1q^Ze;qlUxErE
zZy7hHM@kKvErm!-Y&=0{jkmk=p>|?6o3fN%9!LdbURea>V2Na~hM`O;zI!8?_8D@Z
zASE&YWR2+cPzSs-|3?k00djXw<SB;t*abMb7(iHON>5IQ_fWA>IHKj@tk2p~)e!n}
zOY&D%)UBIJ3_2t!DKVN<z%Aw1cqEAQaT5gg_8$qb{B-ZKr-kj1#TRjFz#Lmw-#~8g
zP=|GaOEQk`(RprzZRJryLd)zY9h}d9Cr9Hv{d%@TO0=oKvbc-UL>ZHY5Tm%xCiV}^
z9X7dQf0C@^RCKL@L>O5T4`s{yNx}u|cb?xeR_e*L`-?V6|ByEL$RYb+J!dCAo@#Xr
zDvkZN95P$M$djew@WuN8E}?X_jYPri@DYE6d3EcR;cS$}8q6GO2r5P<4t}CJ<UUtB
z%7gvr5x8!`dl8T~JUFS~oNBiM^#snB9C~eJn2*FL_AC@h#?yKe#0dJ3zRCW>I?yH^
z9K798G~EwtZ0`QDQgh+pew+9($J*qQyiX?#obu^Jc<mrpKy-*+zhLH%Qd(kN%cyx!
zq9)i-C!vDL$MAgsa0qF05s33d^Uw-epYR@&;KZSS;26txBCHv?+Q!nI&UcVyHL-1a
z85Ul?U3@<+1n3f&JG5KQGOXNh^KXO}b_yO%nLY_-!1)}4KV|vnKQxFqCf<^PEdGMF
zPZecdZ(cjZtJ=kJB*D!G_bxHLnUb0VJ#8iQM|oDrV#L1TOU{7I19oybrNI*2&1zka
zuOr(EXEbB4i<&GZ0T2G~h7gx4tywYbnRvY=^e?9By*jLJhb9pNe{1;)31`bDNBv<1
zGUvrvKq7|(fFZP)DG4J?K8o+?^Fwyg%v_~l`j$^WFHGZNn=}=H3wkI(zymgy+WDd{
z_&sBdBbPyzhBMI6Lz`#FTpS#R9qFjBr{hoGwf!rj;VXppb0*fb=Qk1LN=R3XV(Uy2
zQU{FN%eu&ptF?*>TaaqI2m#V$ZcznSnm6Z{;J4Zv#kj|N<n!$_N+Y^8vEF)r8HHe&
z5%XaDS2lwu<5ZWYzv9~OQT||xKghZqtdC)OLiO{WpV$|&W0DI4WYqftYf0j*jHk-B
zuf35~_!&W_?I2=|YWe*8Y;R|y_ix14_;On^gql<maJz8RNLfolK6-(9gG@PZ+_4Mc
zuYVvH_#YVw%mLZqM{)Ye7lw+RxfyA`v5}lR^Qph4!g|-4i}TlzDl;t63>c;>y+_gT
z##;*=x$h=ExEWD#9a|5Z4~}XAay=wpmN{KTw3*=kB@skGR-F@)@u5TeDp3-9e|YJ9
zO!aJQ|Ka^$pdd3>*>Uw^-PVU@q`qE7izni1Qk^nipj>&wfd=mVkkMFL)FQY9EocQe
z8X(r{G^_`LeKkxn!qI<v9OL*$pCSq$!H>@#X2{tWHLSLEhG_9D8;|kO!dwl2)PtVV
zhbPZo$bCnNkuj4<D<Mn8tHxC|*cy+`R`Vpc48UFHNWB^4sG~soaizE3dfT=1;RjA%
z^J>)m5pa-6Fb<VC7>C96XK>2TCqy9G%^wiHXIwJ9$$u1*Ng(0JCxJHQ^Sc6XEo~&r
zJlBH}K65rZ3wk<<pvim~s^$DN{s`K?Eh~oJOJls0l#BN%u4Ay!;0n%aTySha<i^@y
z@TQse*&$qYGq+fjk|Bmn43XRK%P!o%G@jU0?lFb>aRP9B6U3$Q$u}Pb*&zc_)G*dE
zCzW<PsVMFD?Jc3FzPsUSPuS~@(p&8cJvlFO3UWTtpW^tQ;5eOp$`sq}zm(xWqveSD
z2<iKo(suc0=B*<zGvRO>oW@pQ<fQ=7Zm83x5<@FQGM<XNIPjz(_az$`c3Ll)(V`Jj
zKL2APTVljN_LUnKwD>MgZR{<VI7q_dmzuaDdy2K;4t-}-QAzEr+%OYaRpKhGarXkv
z`1cBM&9&7~DXHRC@qC#+x=+pfEDO0HBC&;`O71h-oaTcW**P+`kp%^RFftvHkADTn
zOMZf5%)<(sS0b=j+`kQzpZ7mhB{9iA6>*{M$AkIUGzYD>T|39#<<7inP|-}AYT;CZ
z!@-PvunS9f#=T{1OC|OjDd-_h@OB8V(XL}8#<NfWwhbkP40ik`jK;^^ODy(p*$&C;
z{HliZ8i`Vf8rS%olzohY*;|29KSjws^#b%V=@R<9)P+DpC4W-+d<eg7Qc8##&Z!~`
zXfPpp(DBE_71KP1)wZ(c{U5-1B#Q<mqA8r6emdhgNYTu4la*%nwCnKk>d4twIm*#P
zKL+a`zpnv7W2SRANe^$@TXAp{SngA3MZ^|xE4?Gb$r`NVZh`~SA6HwcdwD->mu(E#
zl{^X|)oC}iDp=_1{G%@*tFFGMWP#jfNOEvhHS&Xc2c$rQAE|USyL+jOTK&2ICRO{y
zG?R@+Xd79WHXH+S;p=BFbBbd7@B+>wMd@wFRP;guRgxHNCf`xldSEdtb2X|@T<fA`
zL7-|TO7)t|r`^80jSQ~B@$KLR@5563%e|_&Zl1qsQGArBVl)LnAmfAFVieC&dOSmc
z+ex9^A|lV>8Io@O9`EnPhdDUWi7S)oVr}TDjmgdW@nqguin^+K(M0fF2pZN(T&VLO
zb;^G!3JWKO(^NIZu|;C4V#<SNFbt>BJ`2n#^gHH`s0Y=<tLR))L?vRC8mWR$;C4SF
z)F+Igek$t8*TadkOZf|e?AfU(b=(6@uGS;*!rMN^+WT3$zK4Vk{pvGdua@gvyFJ5u
zB5JRAm-?b0T5a!A0M_lF9h5ncuV<_@_XByMf+*pFFT;td$cYQDZ1V0ak`<`0ZH8n-
zI6CiTW-C5uc81NT@|t(?y69H(sOnRK=&W(_^evcL6HRrO`#Ipzj0Ie@&D@5Ls5R{G
z`#~YZ2CQLAxdxY)P^8r?Sr10=cznYO!D<oXvzCdUO8!1}z6*~&n~0U=<=vi@x)#`m
znv0I6Vr!giB=1C@rh{{f#lyvGKt;TYsUdiOm0>!3auHvKN)FTt`xxAjlLo%JKo@bc
z0145v;7#4ACVn<`@a*k;#<OJg4R-zULFD;#YSB^t99C&$b@KiMW%)<Q@K(-4@0nJV
zn%kjO-!m-77-aWH?lH(Q7i^-fAC!6>;YOZ+HnjZ>A)jOgi9yv(PjOMg4d0eaxIqxv
zBDLtPu+3|w)dhLhZtT?AyUB%iHc+hcrmOO5>*f15@@Y%nf)DJtaM>hcWRZV)L{q6p
z4DXK^?|fOjCyY@)RiD~0{HQmnk2U<mK8m2C7lHKy$zYh+pqQ93J#2&F2rAxJ5;N-Y
zzw!n@L!u#z3hD*n^LAOs^s<Q|S8jN`mmF7s|Dap&4x!E`KRVC9H@(06D4WiezpQ&C
zTZwE9V>qSXyeFOtP`C+e;pS!p5S~VA$4)}h;J<Ed<N<!WG}PlnF385;kr)nteZcOB
z;OE>lssI9aGN>sM2fV%Y9<PaMkyrwgSv?U6SVtuD)mm@jwCiSTGx7sM7JdZFmN+@<
zD!uavM?4?hK}#Ho-RG>SA!#xs*bGdH*n+wh^H%O1#%mxvK@Z-aTEkS98*Z?w*Ey}Y
zxRkCRO9&=?%L&;CBY-x;F1zm}w2Qq(vyT_fR$UhfHUi6qOWvvu8AZKAqgT!47WAzW
z(1e)2wcN2zYQAXPkVte83*VXne?Mz2n*n8|sadsU3Y;wN^Fhd{_!!6gy(Cr4`t0$5
z%%<o>$+Bt?Te%y`#o94k<ml1IyQzz+j|J2*PPyc39gQ8lp8EJl6WdPt=}WZuA^-(O
zXAv6K9FbN39LaX-^{iduB%!3p%xtIfk&+p^l;2t&y%G^;WeO<_klw(8yT?XAo8P7^
zGZo|uk*7mfv<(8}SH~CF4k4r)-4`Mke}cK%;!F28lQ7GEKoCUF9D@p<w}%VL+ZA0}
zwblByn|96iC<#jG{vGqsuHR2$Vi*_*hX_7**aaLlZcU!^=wP=)gLtH>+^G^rR~4VQ
zLuE@`wZDW_zc{C$hfh_YQxqqAwrkre*Dt?le<l>h5YE#NB%A3ZC8u)yioLf>U|z$6
zJ+Rj;u~aeM(5YmM2Vs$fxfQ;e)r$mZN}HP5ASoRJ6bN~@zJoN)$4Ex3-}c|1-Heon
zSOdxI1%n{$&wZZD6k?XLb|rl_f{y_&IB$Le54_k}Vff5c2RoxoR9{EQ|I=;tAU+j!
z&H+lboDgaMs@`afc&d0LdQ6m7Zw`4j$Iv0^0`?s}DY@w~8Pg6z3Wn>Aitx{xrDygr
zf+A;5$f)ozcoq_6=THQtz_qW(25HLrVX*_vg4r#PZk{hQR<H3TXUE;Ewq57V?y~gy
zUGLaPnKD}|?IufACCHtUxB2^vydPB5?CYx_uAwWfl>vaxCuE;#A9$Z7o`~bPyGQ5(
z;iVP^yKscr(Ta6EXdj(UK!rDNOVQJ$rB?mttko8%N=tRgER|z)11gm$t#*II_5XZW
zF=>plEK2GO3MhD`ZFqWcvC6w2(;<<Q^$RJUs&%;eXa?N%GBMpJF7Lq`d$|!&G_J(p
zjEQ+($>{8ZIir%Ism74lhdfszL?u>Y1$AuRMPD6z^yo{*MUpQA6EiyL^^a+%!f3*6
zwA*4z=*6@fEe;17U)B=s(Mx?~rZY3&RX0DrXnATpG(Pq;IGN9O3eOeS=j&PKKwnul
z8jtPMdKur~ULw)`<>O$6?z8fO!a#2NwEfgjp<Q90`IR;8=-^xC{G&9S=-A%<66CWe
zAx%~?uYz@nb6GE)=Hhm(rWi`jWM_-3WKA?({w{!@4;dK}(zhQxn=}N@TeZFHFOFl%
zb`oO0uAU-)D_J(%)?mwJ^&Z@B2TWI#k#_kG^;f?`(m+*XAdx97kkp->OnU;v-bf@g
z)DBMUZmabUF2v|0>_9a57u3Fs{Tu*C_2<-}RYc$#FI*Zt{jmzQJ4WNpv*ZKU1V%GG
zhb$6=)VJsRoUjCfrrFxmr}!TBDg&PP{MqRX$yU}N);nPIIq-lC=}LFAT{!f!PpHZ4
zw@2@Fx*TT?aJN7F-Fr-U2=xNTh$ycBtR$Nny-w?8s4D-br0-nHpru`}FN|WDenu#`
zU`ct@H|ryS=m0%sJA&Np?<oyh<;?KR9l5}>Zel8Aa+O3C*N8ikO;h=()egx7tMq3V
z_JH|y4+wrDBXTMt6hT97-I$#W^i{CZMmCMO?-5Cnld~S%u!6;QOvfp}I{q>5=F3y&
zDOJU<ggUY=%m{+_{a~|XItWG4twhGoj27hBKg%6#WmTrgTb)PnIlF5NEO080kK^^D
zi@=RpzWu~N7OlITXTlm|a!Rr3-w_q8DA^H|Z*{lxwA5U#>A~(Q+&g#GQZoTS(P2*J
zvON?gwrPlTBjJjSGFnmDg>A9)J@wsD@g5j05LRcVt?m)^KQH|Iy?lizLnVjG@!t~g
zV-A&SX(X?ce&|zv$4!cz=jOx2qLG35N?)1~7h06`y*+*=HTk&@x)0W<80+6*29LHL
z2}z8y#GrPre6?UxGrC;RwRpU&=vHVuS+iRNz6th+8q>$Ez>~{UbR@D-_t%&XoQ>d+
z|J?u|@-H;VnoOMnPtMGs8%IM_j6xH;A8^SDOE5z6&H65lb%o3eq+&Avnc4q5>>+&1
zY8=-*P`g@;P7EN}L~w>xg$&6LKH!Ta_Z}50e0EQwCMeFPHu&_9LHy6J=^)gNj((-P
zh55ZMiMJ%opv1<mwG=F8;jmORf1c)gnI943CnkjW;Mj=oZxit1wq<24;Dkben9gtD
zk;U4Si&_5NXvJ;;1o-(aQri~qWTNG6*ze!geLoY&eDf)aU-kI2awHkYbeT=uIM0t*
zDqeOqNrjPzoFJhl@CAL`zG<YX&3=XB8ESkH|6oS(Nk~y*;&UCT#T}x-@-@xBGxP-x
z67ziX2<+A%3>K?NNLL?IDHyxTAeZj8Jz^YOY!RciXnL)b6Z%_Kb*%|J(HoL#-O^6R
zIle7DJ)gc2_dRi{R$Ovdew&J9=){7y7=wc@H_ImS!tj_XDG9G?UGw(_&@3A*c>A7X
z;ww_d!Ob-+@YM!Z?d1@Ri0D_xEX}7KkEvkV@~AVmSwDKF*7pOgMB<sdzZw_XVPO3J
z+HKlNsR+%1{;xII6Zk^D%N*>m)`F41r!I`ZQU&L~4t4|Zc~0JH$22*E80^4WQWUvp
z^aRjf(RU-ZGT61|gSOl6sQ1$`(HTpE>rrX^z_-;!JTvV;O|Y?=OZW|j?-!bPT?7vj
zO#IT`bvDS)`uP1<V$_H9hi36*)0spBs~+EPXW0^UN!5Y7EG-|6!Ycajyf7&OaJ0@Y
z<C&*NMj+EdWnB!|#w*8}A+oa2i4=@kN*3KdD_Mj|&#}))wwb%Xe5Zg2yhZt+ulVH4
zC*V`$V8piIWSmI$gjS<eMjer1#U0DLKu_s1;3kkM4Un{+Dsxu_Gbl(u22VR5qEbww
zMUtV^<wwJQaMxqBp`h^fHecsWKbKKT*??&*LOL^nlInq)lD&Rj!JA$h@+Kv_EX}sp
zl6@nsOalqjwOp^akSeM~g~fVneU`R4p0v93kEFNU(^F5f%fVPGr<tRM{*NmHKVtS^
z3=?OVSg&FdqP}AesljgL`)Vz9d)T{^mP8xz!BK(XLiLY5<C<TFsfFJoM*Z7OsqMP=
z>~l)2)O7E3SO^aJVCS2)ZoMC13g~UP0wfa}G?k*z8BX;HG~@|uloAqE^#bZ3jh3hC
zJ_Snb;$a|^kSej&=Ps`c!wujle2VCqI7~(D4I5i~_GK?0R!j4Q`?H1p*-@IK`SihK
z=a8kI=U63B-A8GUF`L0|Mx6Wt%#$Dfh_E!vAMP%dlypbeKwFS^M&%R35A8g1ypAUH
zbqK(lz>4pe<AT2UaCj%xK69udook1ktj>!j{F5HWOIyfy2I_N6iokRUYs>c0$s$JR
zUkvy0-}|b>goYSOcws6Bs|2bFen5hLI0SC2R&;#c!zk<+lf6sm{ee4MhEn62UYv+j
zZV_ghp!ko6`@m1Uh$6Og;aFky-NKVop9UT3_lN7|r7HVyJM$+gXnJ#dbNs+hl6KJv
zY2DL=r*74ljO9N4%(Bn2_xe5=SfY~%c^w@~q#ZYx@~52hf(uc!O^!u3rU2woWDXQa
zN5~O5#ntEmgUDS3p+GN&gj(nCspi9jex5u{)Ku2BT)`#Zxg2KM=Vg+D{B>@LxPnBa
zv(NP=FhevRL+uNWoi?LtQZ;VzoJL~X26n#Z7KT1E>LZ4eHLs`ULW%|cJ>Gw;VHF0Q
z;@X9it?}1)2~pBZy8+t?xlFMilKn)U70T+eV}sQL8+Z@Ea7}M`z~d#OQsV>Q?FgTm
zU?oh#MFRs7&OmqqC_1Gmg}CQDu~*GXYUTGAnVd=<hlObFwi3~?C>;E3k-)+82OpG%
zxNq)C)h9NpgCCnWPTx`N2suPeQDm-jG08CgHBUZkGUSH~M{8?Fi$i4@mCt*#{FpEd
z_?#|xs4o$F``%LX&u_u+7;J<(D!|8I^fbc>PC_Tom)^g|Gsl+lpKI*xm}iQ$(g)*v
z<T&B~HLJfHH~bC(wkr0Vx}-07mcCoL)M}$TRcE-%(OlItOq|ZrcRuMq9oT0}8p=J?
z?<$wHBIzC&N`SZTq6_eQUt|!06bRIJcU@y;xReK1Q6HsSZd~ge+ybP@L8EA)|MvbL
zEB52VMH#|%S0<gKai;dMTd(X}=hc*M(xQ+Qo*p?ncD20reU7->gbW<fR&P>qda5t)
zjBMn6PO_(Lbg+%4pz>bTNhhYdMnfc6PD$tH5D?}_RwSmQ`M)n=AdUGhF-XpHiM2}~
z8M=K4EPd?R_hNdnC8PUFmsHk$7krWD2&^o5)55C6=HOdURJoNd1&GI%HBd_qgRu+{
zA<_9?Oa2G4eG2K~>P5O*cRBC!xxiVQr0)l~I(_su5<P9Rher-dXiWHiTfzjV+S*3^
z48cGmY$z}}+kIQ)Bzfk=$zDu+u)NjNLDWC#B{E%l&NJ`Hp;jEKJU~fEEJnaCJJk6e
zNmL>$eKb`@Sv??;_OJc@4J5jH1oYe~Ll}JyaNp)!J`zPn0hbNsya?aZPFzh687Qf!
zn0R=~6$rkRWtbSVE$2B-3BHH*D9g7hb>Oz_bd5k}tzr}k^HAbwEj<7gPXN)Y28(t#
zvHMcIC5jcN1NH<jKCUXAre^y>zP^L0vLOZh{|66Xet|&BlFHeu1oTW+ayP64b?+YS
zfCC6?ojycpXlS{vOSy*SW4HzWwNVa`v_;HcpD7zEL5>2;L(32T@t<lG*`t95WTnmO
z9ULEsUwkd|`+n|U_t+y@15gTjBSP{2w<%V|pfqtlqx(GGAzi(VQ$?+|fo$O}+HMdx
zeBQm*njJ*Zkwo)*5WvQY9VXyvwvg9Y0m9(DxYD2_m{@u+;GsbAv|Bg1e9Op+y{@K9
zm|w&0aim2oczGKHC@QlJ&&b!=2Tzyrrs!a}ez~QEr?w~k7Z8A<Vi$z)*4YEmR`mNd
z?Ky8|ShFCOurL8Wz7l}Q>lTF&;2n{YlJd&{)5Bnanm`6C_p1*qCC$aa>SAa3qyn~P
zQH^)Majv473T*F#!Rm@^@p-0lR-c;CkQQ0+px&1BeDEZj@Jy-Nkt?Z0FxtKX<NtoO
z0H0paE8ANQ)z5ezkN8Zk<xw_gyC)CZhjZ<<HaA5Ox96i=Lex?WiA4fpFDFW~PN7J3
zG?WSH0Z=Gx`{l>(+EP9pL9AoRolp@jHYgT#c%&anfqBe`=gBc5Og0z?l>_r%FAPRh
zdi*4puAaE>=c|ib9uL5#7dR-BEnE=IHKBI@+#LGA;NaEnFxs9HVZI}bLOOWC7WBG>
zYK%%UdXng1&A*XQ+^+JCK#Jz9bT}u&d9-F6DklTH*@TMp_xv4P+ggmWMmXQnbT!NI
zhdHDwnycb&0!a1kf*fjl^v}r#|9h=Ahj!g@0Uyb(H=7*2zPv$E66IY=K*QN|mOt+w
z92gwU6sT3}e}aRD-_Gru{L>fHOhj+FcmK)y9)@N@z|i}k3$EZ96vc>Han{PETT!7L
z&*ZGjiN{wuYW%nRiTE`4xXyyd=dI4}zvN3)7}UcBJFi6_k2|u02UZC@CvG_3UJu44
ze*6%<A=-ScIKChBsZ<=U!XtC~?`|$fc1;Em?f{%-zwIb_!UvuV)1xELZ+^cMqQNS&
zt*WWE1Bx`QTbJpy<GQ(V+%Wj)Fi43^yS)r-W;+}LmaQXB#?R6b+F}x*T6+-J87rf0
zj$F^sI*Ss*#6AUrc$(T8fDZ{hSJy#|G0}tm)SQXyYkTLNvL25Pul};2Z;tUmw=<JB
zH4whnjgK6&S`_+!?@nuA^D&k40RiPb3vNUN;6yjtb+fldbZG+pG2k1_%d}fD!CE<j
z;^MFk*6U%)r7B>(*@Np=2CXLKvXYXTGgcNB$mqempY><RdDkwT%_)Q<^@d(dE%YIU
zi3y-ri%u^G{!?Mr?Fc?y-7E)#^du}@PZVFizqni^oL|`G#B2ZEvSOGZGr7|SVC^wG
zUFUh<gN$~zSgvhA$WISYO5f@5C6m5%w>X_7^vG*zMG$Z~>-7d9sC9U{P0W@mcunBo
z;K)n-`XmU-FDin@$x|H`Y$DiIpn@60fcVHhyY$J$0j(rFg5&J?wt<gLBkC?s>yGWt
zzj-6(Texiat9r!bT#WBGQ%kml;Ximg`-`FjO*5sX;37pHTG-_;n9Dm;QC(qr4U61L
z&+OJugPuPZuRYKevlo7qKX^b$%C?VkZvZobw{wS{JGNj?>sLd}0mT}$(MUN(9cm|g
zN<=gUO$f>q2#4Q~>7osO7ZLU!_Wf9tKgB)vB~idSm9v3~nQRu>T39zReK~i6JeTdu
z;AH0zaV&8d@^P1>K`XQUqS^5IWU*2;Ea=C!-lqT%XI~Z>L;f;aJMEi7K`?j>^N~Jy
ze>LTI;Y(IiiY!#A^+PS<Jr_VtAX1fq;=1(z!6i0rDoppz(z?B<V{BxrfRf<_<GOX_
z66k{^0FU40wkdY_rTAmfW>J2C*g+o(wuojTd_^r^29Q|cbAkYB{@C;%Bq*@@)y26a
z8aW?53K1WB=V~Ro@)k9Sv}M@rp7intiD)~Tvw}R|wkZ=z?y-AO01o=a=Bt<a&HlLS
z(_XT?ib{~I_jSDMb|99}w%AUb$y^axsFRrL-xj%#=_?Nq;kLG9F)o1aKR!%e7b*2*
z(1RR;Mh9UbAZTqK@&VNOXyvMZKD665s6;#yDnQDdx@;&MsHc~$R%-Iy=N_?7*+tbM
z7P*I$E0`mG&z>`>H$3Ip)|0P}NQ{3H`I*>v@p{VIA%z)r75X^*qV=#T*d0u;h5mEu
zUoC*4G(tsQT;umhS)b=wYI=I*IobwWvA&Ys3hRMG<zae3cd*atS|iC;lyL1ah`gjR
zhqXLZTO*N5T=I%7rYvOZ<fJg#k|OK*Oi@@|^(D8gFRt>CiWhr^)?72ETJ!elPt1mU
zHVls06n~KoD9kF3jL1)KM9r?ZlI@;Y{H7Q6X>AZ0#r<NzCSQa4`@yw6`#_UMJ?Q7l
z9nWp6E#b#`sCI^*=L~>0=!dS&MGOtA+x8BWb^5_6-HOdTsl^lfyyoG^8xnVeTTtJ_
z%gNj2h2rBI+<S*vW7`uq4o42f?1!_!1=H7K^G=KDnjVWS5~)%aZ-8RcprEUgLC11H
zZ!)xeb14m^)YXK-Z6-m_*V7aJ{9-vA-r%SWPW<XU%Ru*jZfxsP0dYZ_CfSVWgnV?!
zAc|r6&yZ@vTZc*)-j~!OjOC#>HoGsI0^Qp5CB@4={sjFgGDeR!U&q5%3&?|i5+~v7
z%xEI3{RNYdQ&^w0vE?38DpN;_$I!Y?8D5gcf*Xe`iA4I`RD+w5*>`vQbAcd)DvQwd
z(02fQ%R6rQFuYG|=&^7~$fRyX{k)1^pD2>QGrUA|)Z%i)^_zjIrDY$^D0v-}`vUiG
zQ`NCy_VQU9*R#`?+{$*$Lk0YLwY%+hLdbR=S+{jkVi33wZMjIG0UqQgG1U_MR<g{5
zyo)<<Y&G9gelFhv{i|Zp@ZqObOV(lLxrI%i8Gd>{4=+5&$AfK$+0nl;M6lnS*oMuM
zJh;z!l$+rx+^JNEe|28iD<7fLTOSGw!Y-!xv`uk~i3Jv4Oq;3m=Kh@Trh*gI8d5y_
zD&dXyo_eSROM|Z{EB`pH8;p)vs90^l9^AY4*Vk5;ivdZ-_JG`6Qe{TC!PAN;HBRH;
zv<Os4OnQiq$HOJxPi?L21}KFo37J0tUh}U{nSM(NS*$2-3%*k$C?UC#1D)Dq%TW&f
zvVJidp&<RdDiklvAi~v@FW)$g+d-*mn!-gqMvC6Qn;r>G2;^-*#z9j`m`&Tpz9VEr
zJYJ<K+3<&3FwQq5fH11`n09Kx^Q|$D$fOdslciga3c}1~T)fwz+N*EKLSJ;Q!su=)
zFUMn9mp#tB@3k^z5nl(^#?($D$m()wti@sq#+OO01C73$)<gHf$ugwhnZMy#zRST0
zweNEi>bO%xak0k*zaXbcI((^iab$Bz045+~KOQo5tT=s?&Fn8y+&;2G*Lgv_E+nKW
zm`?ZcCzG`gpuOMQ;>H&!k~pd{WN=qDAB~#^yWSXFh=j5sG!lLu>{j{AkzOty$9n&b
zR9qy~*QyFGgJc@q!J`myhus9i7DV?Ky9gbp;7v$83#6_Kwy39BAvUHGSj_|Xym(LJ
z?-0VR!wq)0SmKk155XAyQ>hMjIz=9>#r3J!iuC!|k<|UBOdCL`jFD_<97npM=P9QH
ze{hvX7@8p-en<!HWMqaa7A-7puV4{_|A#V#-$L1o<DFMTR3k)4);W?bPg8_n+Pdwh
zB6RIA3`7+Mc5O&Hywfieq3<dcTA_XrZnA)r@LVKxcjXe85m$a<Iuz<$Mu}Y6%QQ_d
zuaCF)&H)=Ec+UdYV7*7OeJae_Z>)+6pQ$3%dcxOs7xfBj9P>&mA@*u@)ykIBSD{*@
zQNkgb#KIq%5E`#zs|>1Fk~?_4&TtDx$T?L&AxH;zSo^-`3^}SPdZQJBHST95x}?`Y
z{-<+OBFI4x?e}(KcaoJ!p%sz1HPX&6*uGii-dam3+FTM(K82#J9z6Mcc$+ZbNUPT9
zH^nPK!Zl?aX4e8t2841Ad?MAPLK!VXhN;<Kh^J%-J;fW$$@{Jwa`tLOHfB<nLeX&)
zbtRBj5*@3x!#J;^688_0kmylcW1p{Id8pf_aTM6u-v@3c0nxIaJ7~0=7^21c@X(^=
zsDWfpCqLK(=2*Fu@@4+sPUcy9B@y!nah*t!r#(~CBB(s}s~Ypxcf|;8Mx{!3ptCzf
zKulu89t0Z<UWiD-&#>yM`omP5aCSqQrspExX{NcUk^HJ_Tu;O_J#YetD0C665Xch=
zfQb(bfGfAH`z#fkAh(XMRs(8WPrlf%wCg!KtMSr2c8_?Wy_3JI$=p7<!HW$mK#m-G
z7kVs}pZkY=x7VC&pO9HOyHu?5XI4;Tb#JweAglrF);R}aWL<*%9EB!p<a(AQ1`8*I
zU8AuU^9DuTxQ7n>Br_O)AI#a7sICjV(@4xuT)J9sX%SJO)_H<&{{?Z$v^@IICIHEn
z6e|fv-)YEf54HosWSl?~wM{jCia=^&BQl@U)Z@_w1n18tf#9n`&qjWv12{M_7V#dW
zw7O?V7$7R(aYn=lU5t;2VRo@0ij9vGB6geYyN|}5sITQJ%G4KVV95P{t^tR$DZFa&
zd><;Jx9JSGUAcJ)TyiQ*h{&=)Y?Op*uWamj?25&|6zaj3&XlRw8p}W1<Ugl>v%wh#
z>bQa1{yUZaKaVj~-;4Kk?brV3*I(jYzP)#sA9pto1#|-5p<XPjYPw~BX{=VL?~&>{
z;X*;M?X)Nf`O*JE#J?NiQz8D!@!ek$&=i=d%Nx>4D1-RR=cQ<f$V*e5E#egqd~1-h
z3W5szQnY_L0X}8&k%|Jd|4(Xyly2pGa7v7Cg0$<2Yk#em++;c~@PHJ;KKfusIsUr^
z%$f&xC?Mx_M^$7HD9Fsi|AwbM<l`AApxmq!P$Kpo3BJyV#s~3gGX%+`gh%K|41*u%
ze+OdVoyQI`NF;L$klq><EQ@xv*;M&rvxcC~u2QC!gZfr&)O)$97aqL3IrLbdh!!%#
z#Ku1Q<-cQvTA{6A{|DRs9(pONn2X7~!;&z$z0?#rIOyQEy{X37H#}5Cmn1BMq+X$;
zUlg{?Qh#bf|C386u7#13hQ4|SU1BnP-jFrTZR5Hi1zcjXvopWgRAKn%$y=?rD66wA
zjr@r@t~SMB#&4Zb3&`4C!&v@1C}1JJ+!{{ERYcfy$JJdKBNr~>jD8hO;LL;r1My^r
z$dS(OC-y!cGT!u*LlOy5N;!;_|MMXtTfJS1dtbeMENMGFkF?5nJ+V<EK~vor1p1T7
z+X>M&SSBPS{1#JAzm$Dt+v!ayCd_p-gj0{D`^Q{jKrli^rxoDYsHKUswPF2T;3P$5
z^!Wke54@Hx)k9%jglW6m@WMb%E>^w@JGpW~*8)H<j@8Dz4~!(zCB8!)Z0H5sO>|bf
z-<en01SdQR@=av{PK}KJ`B2{{A>ygXB<JjgdSykH!#0n<sM9hQVs~YP#Klpou-Aj9
zRh0dLW;o~i4=JRVqq|s)o?ZqtKR7;YN}Gat?GI${3rOP2Q-?}rO13N|<7sSkM*g)C
zweL`(<#Dfgu>7ghGB{uvKv!U71Ou;TK<EAcqv{(2GV9v5(^Qk2Y)!Up+qOBmX0mPD
z#$->NjH$`CZR^|J_w&5(`~B)yS6zFrb*}R~w3e(b^`-U=G1@PPeh`0OpTEG5KEoE0
z_i|XeME3jV*%d~1mlBZRv$J9QhnFkrnq&@{pAjlVK4lXgO@{T7Pwb7?nHHf#;PYnv
zR_C(YNMX;`I69T{XI7?YdF0*U_sqGn3w&kI_Bi9TS?|=P#N~E9f!<v=XiG|b6el#6
zf}+ON_q?5bT;Ig4^u14y++ti&3yKfc8y%sF8SQQTgv2=v4K~oR@7zUcdS7UH#KqmO
z?o)x;7IbWL2q!hS;Q)6#L-Kt_&fQ}20V_4CGY8*O_JJE0`&xuuTqk0aO(ls1q_$HZ
zm2~&(k!O$QDW^L;r^*L<e&?EbwiZ<^@h#vd;h-nxWV5p3a(H^|r@*zoCfopdyN0Gq
zkS3#sf@*-p;Ta;X@TZ~PJ=k|WbFW0^o3%4;kO4@Z6r4Y@vq-w3J@Iu4$StlOxcbF`
zJ_P*fkzM`6;uJte`A$@f)(iVwwLZbs`i6w6&80@2N!SsJe(6mrEQH8y25jQ#UTI-S
ztpSqY8x|J=OJZ)hY($H}JTIQhOYT;=l`xsvaN&vbiLMC)Se8YYf@^O}4YA-{W5Ubd
z^7Rx!f+IQiL)d4AD7cjIUJ+w~hqv3=tU&gw&U`4%^I<7m{v>XgkhT!XO@?EgO<i)w
zM0`)<@je)^OK2%BgupI-p?PcQL2CJ}%15JqRI(_M!u*r#KNRQu!2<(gnM77eY7&-&
zLA|o!V$_P&S{WS|&CR*o-9OWRPwKB#HY$2(U@<PCnM*5kXn=Cg#ax-`s?q+P?TFj^
zDf)@$!jTsilLIj)1Bh3rmnv?edeleK2!(#xxdMM#_i-a73hHHbMF}GCq%E|^d}L3R
zYqXxH%NI+g><=JOaoC}H>r9O2g$|vHgP+fD!52UBU6U4Gtijgo1ryD^wvU858b`0;
zQ`%?dHaP45tQ1Op$oNv4hcumWU4T5&w?=j}z3k^i^eq`RwSZjF?FH4*Pje6*>y}U+
zL`6+){OPFV)4E1|2F({i?c+Ex#<Zv)vbhG>uAk7evcX1q)c7Bb>z72FWcYmD(=tpy
zpTxh=IwJ29pYBAo#GG@V<O#s3zY>Xx3}gGn&|p_Cur%EpihK?ia4o>e?sRRiNROJ+
zPzzA2brb<1ErI>yhvjZ~mBI_^*?3GwR=mX>xxd;G>R++$Z~bIR@eZlYoGPZOr4{}$
z+buMG%c!#t?fv1pMhaA(eiy8PUBO&O^{`&6hUUK^Bx?rc?Dfb=OUqiPL?gT9{&$t7
zQR<0RYmkYtdv;AfGzJy417-9QopKiH3I?^-)46Rl%BQ1z4c#tkzaZ-dKSCBJmulDi
zAeSm=OEEHs>zuJ)CNllZnFNa+Qp;W(H%ZW)O)~k5wXN?(hPsoDnNfB`nhjH{gaVE2
zp|BtvH6lO{@##r;FIrQ=v@>Z?tjs_v$@Xw#B38^O-G9$6zbSwN&(MYOHcnX3z>koD
zjW24>PCwv$HD>!P^p*W;*r#A)4riy65oM(7@;59!#X5YGZTrjB=*177jZ)Pu27HVu
zw_`%7!FEBrbd3(vs@^zMf~kk7pFysh)TDFh{5#fm0wK}U+r@&%Q|pQ4jPONdQt*l_
zkYP&3N<2pQ4#|JGPe_**h%%=vOl0Qsn)mb)Y*1hvQyC$K<o)n9l6HFpt7+GU5tlnc
znVMX(Rh<izB9a+HM~NzeYb|t<^Fp?TPlRHH8_GM#L*<gE5<J^3SsCDc5OR)lD}<dJ
zi#efbdSDQ`QtcmxS>RdPk2yK8b1hWEnfjeR+1L6&;Ip?TVYF_N#YDuu3G!j-dbRBq
zSg?=qdWporz_ZZK1Y8BkmIe(Q<&D;z+hLazpsTXyr6m${<?J|dtS8%QrJ)KMY!cdE
zZ#%qfvh($AG}b<3q~i*2&e{>bztPWp|3ZzL=~GZz3QgZ}6Q8eqy3)#=XsClbur17$
z!^^ZM!IzUU64sj3@0UG(^E<l3BPwCh6T2aW2qnbZ4#lBeI&@n$5sQ1%O6F@(aAK(P
z;H07>>bDzTWyIp?zC)DlpX^;}@Z!}=5oAi9a;`dLUGW{9J32fWu<^9U3tvPVsMOdr
z%c7LfZ(PoJL3cAYfBvq@!_Pu5;+3h-$9A8iT?+wEg14|Z6zO=&U0a;;)oUB~ko<vT
ziR-z7a-2PcZZTCC&9ZI%tJpB}nD7ioH^j@yk9v~V!~b?JsfJhx;jp72IJ3?`^E<Ma
z+Fo!DrMws{w=?yU3bNHuOhFK(VtJGoefrG{p3Go*k;4wu)-<FTS9}W4Tgyl9MZN0n
zLR1aI+=rYQ=;=*HyY|Mlx9clbJBOKI5zSw!MA8jp?<gY;5ksuKZV<hlyvXuoM9P;q
z@?MhUpuEZQ1H-P(ut89O@TTJ%{M|0Ym0jq&7`m=SND(T>jI>KJ@<vEE5`6}Nj?~5x
z!#ruLZ=UoGS>jt#OX!jjZPJUDd-b2`aBN}pWQiaVMXSi>H5zs~0-VVK7-CA}qbT=t
z(wcjzNW%g9M;T<$-J8|X@l7(*89}nHOM)fQxY@CLBuXSTY7p(FgQLq=tA~9ouTZ0z
zZl_z3H3b9|I^Uz4ZEL6zB)Yh9zqYLUw=Bbm0_v-X9$TtqF5NT}X=wz_8k^=Xs>9Jc
zJJ9&5@@U~_D&OXXTwJ$X=yo9TUqplo@Jy0s8D>XP^CNMGgvqr?pPey@qinCRz(KEs
zVd=8Zb1(%=bWx_&yIvEPAMWJOzcw_rdvpoB4Iv6SQ{7E!)SE@+E7aEY00%Y!Fxo<o
zR~~-7DX(lnO?T-zisa4+N+UtULJkcr$tM10%|;!^cpU@syjcpZBy6^CU*h6Wx&ZC2
zr%<vK<QWiIi(Moqs<%BPIkJ_fDGDd<+{>w5a6lu&pFOr|y^+~n0*^Kl{nnQ}^Y?bk
z+U)Iewm(zi@qj{D+7<#bv=z$|5E1xsif<g&TcRPbBL|UiFv||V(d8QKcn}2z^sYIw
zP^q!Ny~8)zS86p%y|C}SSQWG70Sb>z_L2f9lF%FBquY|sz<Avoe5PUhG&$p7dgH(L
zRC0wAnfZhXq=6uscpUZuSrfTZ{rE+qdPdYii^TbwtkLRs`I`zS3Zqs$nmiis3W(d8
zIl?|QjqqhS9-NEoT!Rl(0+4CRn2M-qQtHGig|(q~D)N$LoP|NG2`Lz5MwHv1{6s^2
z-`AL56bI36^xbfM?v>?LoXcN+`C#NL*S<rVqp|}HaZtc<KhVM!F3t%jMpw2Fb9v=m
z`GTAO!hA+hiC1=&=Fs;KPd3(S$9KIioPSYE+rdZRr%5l9wJMy(>>uUNzkEVD6#kuW
zl95an;uHfCQn~9mg|mq?*6vxZ?wk?(sQ|^i)nnBgr;GS>Er9eZoirPo3q7{nxK>qo
z8;RjADOX{YrHvf^)cLH=mbAJlKMskr*4B!k+23*rEZN~n?=v+T=Fh;uaz}XaT^)Zj
zrqkimn+J*m#;!Y8_;19n=$8@_;5C#f<Hm)PDAxvU_haZoh*!o3`Z#QkEg|GPkIfe`
z3eA^8GbY;nOl-MMZXTNpLYvP~3hQbY6G^Lo&dXO!YhxtW?@(oXYLWU|YptIORfRiB
z>5kfbJiLM$^Zt;lR#IKG4Wh^>gNPM&;}>N!J+)&Wja+&jmirge8T<8Hi&(Sd7|a)s
z!zJ(*R&sHX1Ko%i1sluONo+xS=9=A!hV2TXI(19DVoypZkVL@>CJHAfh9Vgvpvi}Y
z@H>AyL0IZ^!jmUA+d3O^dFMsdIrNQSimJcOuc=XZwEO5|ch@#>aWj34SKD05Wq|@L
zl-`Kf7w3sjC+pyaNF2~BLKi@A^RpJO0SeDrCanY6Ye-)w=shygEOU97kXjV%IBcC<
z%a!pb=}1vb{@2O+w8TmwAncyXQjmNiKOs@}n01<jT#*4(dPc|VRZI>64U4*goEO>;
znNpzS7|$Mh9tXS00MRVQ4*Cm8n?^67qmvG)!;H7_G00a<TjO82Pty8lqHu=DmL1>V
zcUkY_?v2?p`T{qeOZYe7CFWU09~ec$fi$1FpW2kAlAm1_wz_VQ=V7y`=+av!1!?eF
z9kNW4`~@J934`K(f325~Rd4piO0b+vBNiq*{(02H!bBb-_KC}lMdnzU$OW$~U_fT^
zO%gqes<=GuFe0qVE%`w#bRPqzlk2KF@4(1)d`n^SfEe=6k&1<Cy}vBvXRrudzey+*
z4yiYsFbdpM_i+E1@nBR05@6uA0|stqs`0L#HymoUN~HIwPmXqBMaF(Q5{tovv0uPO
zh}?2uR&|WRevTkdp5*HvA{Mi8a^7X<ma3yFv40)>g3nc?x_7owc-gpKZZ^ClVT?dz
zKOHOHtH3gRBibPShkd9WyLeAhgol~fkp_6{0rU9V6<O>IcQl|}vk!Q*?*lu%vG0)7
z=l~P89?ba;sr)lguF?LCem)2m!(UZZwTT-W8(T?^2bk&`zs0CN4&c~rL{xWTSB&~w
zdOQ#E4_H@sG#T8H;M9ueR?9PkE;kQU?b1&P5azC}^qo=u{O?#Qa7Ord_MVZ;9qhAW
zi7p~t!G;;TP7kGNhXE`U`Mq(7!yET7ziqSj?)t_Gt`fjSsN^__iHRi^jo8le^76(~
zTZKddX*~aY91Sr9*g-MeRwuI8C_Zfh$1X%lyfL)>&{=#mc=66J&L%%xt+T!vxVP(j
z@r&(yf&pC@do#$#W}irZZhmDi_;+~kvJTVHWMEbehQ~<+zCMW(IzCvwGflfS75A5a
zCwd7~zYnJBaigl}WJB!EuKXAuq&(_c#8k4&O-ulG5&nuOAzl-L&zmKT|MASl)7gXP
zO=NmP;YR_iTTFF%XQcu_8Oe~oY(uM_^!7}aeGG=G^v>lEv3pjCid>GjBg1X`xS(v$
zQh><HF9;~c9CFq$;!&DC6y;)#sho~yLWs?HMMLPQs0AeZ$=S-VZ@W>9o<T3{zyuoI
zb!Ps3*zm<Jmi<xS(F`c1*LF3c0n8s0ur}9Rr6$Ry{dPgxH2{;Orbu%Ds=U*Kic-;v
zU3$Fv?>(z4UwtlU=0)vmyNSqwCmM?n0fsTjujI#T7DS>{XZx8kRUOR)d9t&q@tjlz
z#LLU}gOeMZY8I*pNNOt@*oMRYwPImg9(=$S=R0wgS#YS!<)2+VTKc8PIGJ#O;O;fz
z`y~edjWL<u-+Q+hK9RRux~uh6xJNtSoPq)1C8d$z&8{AotuADO=b*np^>_Ofj{oE3
zl!Mve1ytIMsPzdcyW&`GZ%INQ*xW;u5CALXti#}CemGM>rY4i9H0gi#HzE)DVfBy2
zH`7_a=evUTRy5h88#t{ta0;iKkO^7()I<<3;(S|4Npdh;*=leox!c&kqlc(8b<PlE
z!#>+%pZM3>o%!j=1f>R&{)Ml&O;$H3R6e*T0OcH6s`Y$y1X?2<2@Dx1MXtR|rR4L=
z{H_WdKPI<j)|eE*Vt|(S>yPXXB`9d{(T))AM&wUp5=ut;n4~W9_*uFGu2!EUX1_yt
z4PtLHUsO^+x&GQbv=)b@B$tIWuc#zD;WxTTn$RTamXzW~$P|)i48zQB#Kb!A?d}*%
zctG5@{eW;n@HdYLAMH?Acw#*39AgLaXmDNMa3=WQ+aK%#4YgUsfpccRXidVWdnJlv
zwS)U*aHt(Wq747<*pm${p%wc5HovVRz=YH=?uV>RJ#L7g*n6yAJT}zS;8$NlDK*P2
zG+nBsqZE@(=b|k9%tN<m)@+{sq1-We9F!sYu`~faSQa$usaR`BVkl_7Sbx3-DNo5G
z_g_qv;Nm%}r*a!X<L%HlUfYIYb1ozc%L7sR%2sPB3KW5w5<a{wjK;`KZFztm-xyZ$
z#3ef`hy^gqvmhGaNFkZ>382M~{{XRIYeOjTu02&pt*j>3e_#V#+$%@spC{IzHz4N+
z&v}%%ue&B!>TKS|0pnK<DRv|mkM~HjxxpG>eeAaUF@9E0!j-|?jkPj3T!O4B55uLb
zB0rZcUrK|fx_v5RCb`-N)PRooL%rQVs1SI>i+1BR5AE3f*Natxq2uNNpVa({iM`{3
zfs#~ZeO5df@hLr$N>ppT>TF)oOoK%xE4)18ZzOu=9aQOE`-5|8jpXeGa8H9ArqEDx
z!4Z<Z6e<FEoTks4{RO^axve3WcPD=fzOE>!XsP2L9%X=nwWz6v++Q&;ceq<O&<6m_
z)Z1MRByiEg)caA5;PfSLmTUqL-t7=+oqF$<irpdm$Oa1B8Imd<#P;gr>Zg&BFonOL
z-j+3rQ^66wiSS$`tbPrb6L6y39~)xTK)0$K_HNJF+98-pQC8`ILhGy=nslW5K=A~Q
zpc!V%7G({ca0JUk)Ksz&_zKVW&8o|yI$?)%de<n7Zg_*m0`&Wn4;-Jo?byFW)R6{u
zs`Qr#Luv8VA^Vjb5_aB^@Ov}Z)93B(uDW47`ZaIlui<8e|HQ<N8X5XHwKBiyys&@q
zcM|*#;Fvgcc8kXsu6QIRj&%k*I<<Kyu~TtBBwakWm?h=^Ii+oo3H9NN1s2f<*_4=s
z!gz1un!H9?VCytnfaf|Xaqi&2OL1A7s7ZVgYoX$E^viFQM1D&;HBE%i6l21N15m>K
zu5~_CO7aP~wzYqY0%QoKPIt$#FF2P(x(B>h=uePN#y%!n{0Bkn7j7G()XH824pFyw
z2WGF1&+0at->9M;3EC*E!i&b#vPC8O!swXY>GmX-D~XI+Y6lN4MU*iw{UZ6xA=-Yi
z5F`&>{`(yNmA_dEZoqJczi-a-%gAh|{s{F)<WBtE14wCdjo#sll{;>xq!&6onw7W!
z5R4vS+p?7lRyb6Ht8SNT3a2h$&0E1)tOK*yy?4is?KlNsJn>GOqIU|rS!RE)W3pXZ
zBOKK3U^$UJTMofZi0Z{t-G@$N6VLxt#K<3<pRwYxCL^r@$c?82-OQW+)rtE-ARTy}
z^Sxao+WLLKu+}GBFjdbR>G+6`cJ{ydfyU>1fEUMtkMZr%EU?k=QzI%@T{eFQ8K|NK
zxz$h#3kw5y1XWX=tkYOI``Qoi4}db&3teh^ng5MZ&*QW)s19#21RM+zpU2)pvXTo4
z+F*Y?E6gQX?|+W<VC2+18lUwa)V|lR-%-*j&u#eu(MaeEyZ;D4I}dPT&+h%nNU8&t
zim0gQ$Pv*auv%CuxNdK;-pq&TBhbd<;*d=@>u^?u+r?|07l{6U^$v{z1U~;ic<WXN
zj<Lgctjsi_o}UDS?{6OE)tg<HD^3$V<30h)MbKbz0EUJf7Ml70Y0`X=TfEJ2_2151
zR@^wSd{Po(6zxyBhX@GZfj&b*<)peN8Qv9hz0IYf?gx!#oe0q2lC)WPgih63(0AB)
z8j=WbDnx#bw<<`NkClD$4T2B&a|SuiLX6roGgC#{SBT3P&1o-_HSIVwUkYmr)5Fy~
z-*2f`^0a6>M>FBcqwU5d2h<%nh_e`3qty|iZI-f$96fJe{`WO#03Um{GdLl8w96D;
zyP1xC58h<3y<6WvYLzL8hgOx;4Huo)OpF%&K5W_>0p(YdpZA3(`)uH>*s64fIsz)N
zG%I<wL8%73s>uThKkA77U#+PL4%oW;GaFkaZC{GsV(i6~8AaGu^BR7C>vujm3z@YJ
z(480^!uP1OkERbJ_<ew!|55UTiI6-rAtaOv@e2fG%dnWBBt2XGAf}pnCt8DGo#S<^
z!0y#}fab}_?2!+_H!xxfrKP74Tx?1rT1rSL+8nO8{DAx*`P^{{askzl7+vnhTketd
zgI%R|Gu=*Ct=F@wX!X_$&c}(bbeKm3{H2x8{@wY)0v^5c4xy9t`^9j>tP}-2478}#
zZX$z1u=O?|C<5O{86R#26f#UB<8~&is&(;(<$ko+MsvR4!f)qIR%s|lgk<=E-m)mS
z+%Qa8-4^pYQCNJpkVe1^TH1f>_C{=T89EN0C=uoSye(|)yrSRtB>O7Bp5F$=NPxMZ
z`HOfieXMLroqxn!G)?+iD_-*+?1=jVm5&C;JSr2v1Y1gRqvj`apJ7(wXvut8Mt-rY
zt`?qbBc(D*)cw+#LBQXe6Z<Z<(G#c{`FgpNDpum|PF*-uGX{^t=8FaoRQo{(HGw{#
zUVNc47cqfE1aq50Q6vop=u(J?Y)6)mN?ekQUm29jb#Dx^Fd@I1&}1_`m3TQCbG3On
zED`-*cW0U@SyH(s!KWC#Tk;vD`mh=lghrU|-5ypFD?~p}ZQ|6FNt?Z7>IWe|v_V(Q
zsiDFHSp74g<4-Uuo<k1HfQK}Z3NN&G>CzKJCmW!Ntj}+clc67N?3a*D&3m_q$=oNG
z;!?c2;d<t^CyBZ}pRBXdz6h)3ALWr;;ZAnov^UC#<AIv%Fi2hqOAgk{z3TQ~j9V4^
zXq;4d<wgc`yxtMsHcN60p66txI2ow%y$E>va<T||I5fq#(B@J2DRI|>tgU1yaZd_*
z9@#k{=#<MifEl9#pb6#Fl73uEJOhEGiP8NYr>6U`_@LJTq+POX&rUxSI<?h_!Mq<1
zzg^>#Ec5bme6&>ht?U3c4c(}TiU1}Tg(aBt*wdJgyKov@QjJGj_?HEXrz(ogWjHeD
z`d9>U4a%i*WaM)i-2=Elnm_dyb{x0`YcbwPoXhcBD7Urx!H58^amZcSZxaXwk!Rc|
z=P231iJ*=)h-klfOU1CIr4p&kJP+s`SM(()@JwzS+38iHo#6d8n+m!ww@Xik8k5L7
z*R;Rq7(UD?kNQ4uKXNSdhj~o|Co!{YlLDH@%hQ~-o@O7%<*E6@ujgx|SL+X*{XPLn
zu;a4>Baqxt^;bPop*!pLLW)P*z;+Pl2`tn_8q$O~!KayS#R@<-PSy-2Q?h-a^)}vy
zCM~rSmDO}{UKPVnIQUWjV#D3E2(BHzBq*gvttq~s<jnP!f6Kn3wz7pdsu8nzLR8kj
zupwq4y3Q^6S=P?n^wKF8H+>0Jc6`2CoM;-g*<OUnV<eT=<&WiK+t`xhO|$j!XXPbl
zQO1hW_?wKM-sf)oamOBbZxZEXL+J~<Vov3PbivE^2UEy5EV^Q|U}{|6CUuUf=c&J@
zC$^!^b$hRN=NY!Cy4lyU2G@0EzrGK!T!Gu=Z=9`DI-KP6G*I^X1fU@xM2v1a^!xNi
zw%|@cf+}*E1*AtJL!f^F6ScjfB^(_9Q4D?f#Kx=OavSF&Ec#<9$}t8}ceT1;tVZWz
z?UqsTmWxhwR@OocRxU&qqGrz0iHunfBa4?n4)ens;~;#f3fhDUY63pRfMYrM=x3$W
zhq*^rL)(|jTt>&%;_#Y@QNr7&1-*@I?qk)0V%uhO?3J&*ZS*H2j?G<zO>wg_QP?^o
zh|F9w0);iM(hM1ShUF>C)V?n)?5YGcd-`DQTcB2S;Y$#u=bQ`o&yag#VHBBgszVlX
zyWR%Ay6i^rNqUkdu8L{H2E3zgKV@E)r>n}ZJHK-+NATC4^-{IaTK902wJ!%YSXZ!c
z`#VY=<Ni$U1Hz*pt0C>=>@;sU^z9d5t|tq~0EGtO3zSOuoSCmN0t1QB^LifecI}s9
zSJWdt$nENYALxu&AvoQPo->|3U-6qzeXIpU`ag=P^&fCiZQ#Cl=+l@eRVDKo7PRN&
z1keF$eRlOEWn%7lim?rxD402o-CPC=*IezogZ7c2*DATcjct6N=GBn+qNEl#*muwl
z=CNs2$iPXAS9m;=IZuh^w2V$Bn8rZae|Zct*&@iJei{pNOr?k#^GhEBa@p*jydr+F
z9vLgVjopYBC5S4$WzL<}WSbn=y0Ua@Xoyx#*m`QhYq>P(>0sh=!8PLv4f-h`P!=Qf
zB4nWpxV$Hc|9Eg-av(o3c6c0SD-z&vWx~#mE)Vo^Q;rb^noOTw;E*rV+Uha{A<roz
zjAbkez#v83F4MurqJ}Q?2jN}dd?RhPj5q`teGMZ+YsFn=G))hvZKdZ|u?S-vYrNUh
zFVNMb{x+b^U3fVL36=k#;lP}e5p!$0a0Xgf+L*s&TNJ0Ea@-M)%TSjP=a}_}FHy#c
zmpa4MgW-Nt5P4tjIpV}TVp&J;IZ-gP1Efjit8`cW7`pGeU719$WWF;ydAW(d^xtZa
zHp{>hp0$WCE!e-0Daye7QG2Y2lGuGVZFU*%(n1|K+TQtK#5$qW?Wq!djAzSLiQeH|
zvA_RX-Qc=hXNXOja3+jRK_DU){;#e8I4me&Gzb(CZt)HidmX(=sx3_T@`o+ILCVru
zor}uIo{(4(ixM$l;2fp5F24PMc*Stx46joMZA=~-XPiH+!S|Ax;c{6FKij*F%|}@a
zDWaRpj61GR7*@+kw!QLB_u>?kJog`%K;n#7$5$tEGN)&J7Fz?97!hGR3!$|)8*rqL
z*Ii-1Gjsv0(^6R`$4Imw@}cpU>*?=gT5XZdP`?6}Klpx;T3lvbG+6&*(i{5(wnt&t
z7kcfu!&<k&p@dNOCk)tGRVb_uY%{EgD{s?O9N_XjsNx=CN|nHF8pKQhnVl4ZWw!8z
zRGo^>wgmm^uT~txj`}OK%F#+RcfSLwP($-Lo)b3yU92aHZYM@pxp%?8CwdbYg*_AB
z2Y^dOgXEInTBg_yA#^b4bfDE#<M5_{L>qWYr{$$a>u*{`Qb-y)&^$jb2#esMz(7v`
zPKgwYNdtJ&b#S1&3#Wtla&>8OMV839zmaR1n8Kj{I6}NtD+^<KF>wA;jrNKBZN2Vi
zedX8hW4t{OMa6_h{<00IUFIqk^ITE#EdJOMF;Oie9~?7#G9~C!hN$8Ll4wxq6S4c7
z8vz<T*CC0l|H^1$LBPQGDI;lj^%W;az8ui&Lim{=KkP=;YEt9&Y{0?T#=k>S;^HEt
z(0(AV)5Wq>?~v2w52@F7sHj6EhIR8|PvjxKD~7|Hq#gfpa-y?>&8^^Qbz(Vf{Sk$a
zw&4SZ=GfhnFriAJMpV|mBRn6OSB&KcH><K)Zjz-0J~ja5Go5}XK&hdCDnAuQ0{R?E
zVG6MSXj#w^!Q|pPn1VnabvVTGM`tpL*|m{=T-jis!|}>ka#j^tGd9jfxZJNR$ZgSg
zz0^74n)@K!9V2n6N?nX>d__VkBKcfXSn=QQ`ym^03hI`p<L};ahQZ%?5(=Ph-YPqW
zO|*PTtFyHqa8TsfJE9ulfdu=)G%p~;_kZoF0FmXLC}0~clJfkcUmCOX7b+qFUthiX
z1cNY<Gtl=th52f5?S1){CjH+%^D*c{Abm9c>f(ba2WdZ25XmAY@83d395R`s>cKg=
zQ>Bq1_P{_}r}w~2)Bb0#ef-{6B#DwF5|*FT1m~XZSOMqypdk(f1O)0~Xu_wCgwQ5P
zpta5>NIJ;09|QJ(eNlDLGID=5PW9L1T{T|bl;uHSa=0%hF|)OAi8x5y6cyv1P(!XB
zE+k`SkdUOstsaIg1PPCk4|q<LCM6#b!=E@;EW7pq1qYVb%|v;V;d3W!RTD~x<%Hbd
z3)hh4@=6Z1#-7hveNPAlKdH8s`ZR@~4CGDE9yHSCEe(+0^&I0XW<$=_Lp@Yx2V2nh
z8b$CCGc84=zjtf>(QKYjNVk!DnqTlAGPB-S8Rt06q2t$eDw39?T24=?oxGQ*T;E-g
zHqlhAc|VGn-TUgoX6)OENMLxfc;ZRt&ph4zz}tfF4KjcFJ@)%H&lUdzB+S|~RdV~g
zxyIEbJLBPbFBE~NFMtkH62u%@Vv_)NUIqY3HNiAMriUIQ09y(ux;Me|?8#-y1FrL&
z$-0^9y*AWPi5c&;PhtTC;x`5I`gra*QXA>7`sa_!?q8U#5&QKrBN>Cy*!`gfL*P82
z2LaN5f#-y5rMdnS9#rtnasDtKmtI(c9>x}b?x2PZv21-NH*#g=^!NOtym>8CCv@#I
zy-euUF37hh^3?*Jqv)A}1u@(9^13US$Om!SRmi7j1x2~m{)qC)nWexZV(EHsBPGm}
z^n{-goa!`&$j7OTnHo+zQrbm__spRv9!{pKcgLR0$WT{@=G_U}_N%`Fd3+GBD35>i
z{I#TUJEzvT>aj%Cd#6iYIqQ!XKQ|uU`9?FGp@t4G2R0-%@cInk-dyE;<YZ)lW~M%r
zg=|qDdJi!M(L};nRp`F~r2OZzk8*@B_bK=r!O;Qu-yCMHsO-9wWN3U!@3TSpA+~oE
zLz=xc8<z_)j5U0vpbJN&mP(X~VE-ykNgR3dmLl>l9&yBPISfS_GkJYp&#n<*^#GCu
z7<M}F_Hlnw$c@UB^9{G63{V*%XN7E2JK2<ldcYI!Sd|p2TnCl$L>FJc+b&PnI)11+
zykm8R>A?@qD?pBMl_2~cg*L`}KkKyd6&EAM|L$<NM6%ZXUVE}huV8-+MbUC4i(1#e
zm15G`GUfL>&K7me3nR!_U6JDzNgC!l$+3sXK^+j^F~#!VuQ)BVIFRt*BR1KsM}Gh}
z+klsa5|(b_W67|5EE#OWIAF=3fB_14%RQ+RsxS?KOSwcb6~lAA1fwsuG;71W9uAfi
zI?cJ!N1jKgdJ}OJB0|e2HkO1CM>YIcJxxHAga`%n@D04I0VhQ;<Rj@A?~cQs90>KO
z+K~GmucTd$SLMzC#qbEL2$s|>%}-n@nMvD3kEg$O7I@&V2Ne_{#ZIX|p_eYxm}vnK
zdtr|2jUhy*vGbS;jgq#I3MJ`+`#1~Tx6H})g}_U!GlB!Qy}yGLk1WE8aQG<Zc;U8a
z+1eOrdUouJ!!zD8EX>6zjm{(nG_)oBE>_AonvO17*^A*86w~FjQ~BJe#Tn^?8XGkV
zO0sjt%3i9=rlYYUa@lfY8yDGs9@L?lw)Ni&FfO$Fy?<oK_ix>4Q?$IpqVoL;5|Z&P
zkf+scQ!z!|r%=iK<_X;EX#Z=K>NBA^E<GI`Bsn+@HMKBcW#YSUo!Erce*o)z=%?RG
zQrGMGkh5dx{SX{B!YzabOA`^m9cB)z8bXKILk5*K<S3(r%VWQ3$Q`c_mr`k-*5QnS
z%_=Fo&n66)TWJl+b8c>XWs^#Ki}hAgMhYKhi~FHp5@tMXkDXBEzTb+{JJOEezHpuW
zm81{pNP0Z4cg2KDPOplQ16~b*v>f`^DDT1jG>NMwGK-aJ6r*I{KJ?3(Swj=kdN{$u
zuMJza1NGp!FN`Amv=x@36<;c%j=ej^{F?eJtH>JEt_9APW3I4eKZPexilmKLgATg<
zeK6*0vDTjKBL+lSVtiloSQDmp)`g$*f@<?8y#b>JYuoQ4dY%$K_eq5<uv)@0hN798
z3#Hd0k{icO2(SCNtIcnM<{fjzXZ+>GkXPG;5p-!|EZZbeobDjPH+NmBXrb}K7R%;M
z&PT>lT=u>cDZDSLQgxb~i`x8wy<Dn|A$lqdF0t#+xcfw(lYbtk`1zz>Id2c3to-^e
zFPdgV8i3aoCBL1DhWKV!F>tjzI*Ukfji}At67`(!lWNq@k4wkS&#(V`kL<^{LT#&$
zih%9Sq=hsD#Lx<DS8#u>Zie|49Lb-$)N7ERh$?O^d3VP3hZ^TMsjH+tLtx^`*7t{i
z78(3qkBEdr>t>m|9!er9TwaFD>5<H2=kY&vp=zQHB}Cr-PFGFxrar+*z3klj2-h>B
zzefG0F_25w;Jenr@5P)d9v1+jq6q<iPwsB;D6doA?z-E0eN>6tz8H@%h^X&IN=*!)
zHmGU_kp$lGJ*Yen%rVd#;kBSB`O6cNlqcvYRx2tYe-2=dhS$9YdT~Xbb6#tet!=EI
z0$zk6#n=0!CkoP?!nL%gpy0_%%GWijs=>H6$V}7ef=Avz7p6~t&ijXB^My}u9Km$t
z@82k2)mvKLppUSlgTIoycRQ2c{n{W<W8(OYs?7*D8l0zsDJ53uXh=a;sZpcUqXwtO
zFqRWm1t`hE4ut?H!I_BC5yFo~#CLrM{xqNcTQYy72xT3I9S2S38zJ+2b|#igCmezo
z#t#=$RPjG<y~8(+d^a^7V4TVKsW~>8`;x8wSKUdSt=x#m;mQmyLEV-yS>}&|lfhSe
zEQD&j%9Zxm7{eNZuAgu-i}W@*K51hnzIDThfUMG%;Qb25mgun%|Msxy!^R}^d#4*6
zw8<d$ZcvczF5YZK&1I+w$NJBRzvPpMGo!Z3jhYhIl&XfLK@M!OWGy`;^_Ms`Sm9QK
z{@)68W8pyx#ZxY<B63_vNIB8YxfDzgew8A=l;Ass%XyO!4}UZnI0Cl=a63jQzZP~P
zZ~G;#tC8pDn(V$!*HGNDF$;1I->{0rvr7G<(_$$mNukif)MXY&Xl10s%fU*`DEm4R
zV?31GRA`)s%yeL=cuinem)9<OBYTiYsdjU*cm|%v#6lt<v^|!^_WP9R2~8WhrN%DQ
z72@AX8%yDXFEnBS?opx*PeRR7D{?2L4G=?X-7HoOd{LEfIF#y>%%-J+9VqGjY+O#z
z1{fuD!=C~T^FiuFnN{2;9pu<2%h+%}sXq>gLhcZP>d1qVX>qX{_I?vL78`(-#d7Fg
z2e&EGXtvFAd@);($m0IKm5}rD^}_-wo54mo3e{ZC52eim*Onxh0oV}0R5-J~Lok^g
z9=w?Uy4=9#t}`p9A&SZw-I+;zD##k4scz$s^5Z7hSiJdK>_0qMuJ`LFsz;Y6V-o3C
zo@BiB_JAA0g@h&TKIdV{ADdGS<H&!Bp%_&MJ*!a*IzxVd$!v4Z1bZd3eG5BUQ=pGW
zX$T#A9N)7ST0P{;v#T?C;<6z!Nwccij^&1vQg#_}I!><Tg87AuoJcK8J<|u5b4;iN
zJE?zHG(p^lN*y!B`GwUfR@qjRducdsMO_g6vl3GIy-KXUNI|iUiVBjhB)w^M@3ITr
zAhsnK;;cs`<g<LSYVGf-`O*qneERf^OcRl+UYdG1)<1ec;SzULm35}N+8>hKOLWtY
z9yH5A_~R(9Z#QmghZ0RdD;QSc$2Ff<HMP?Cr6>hq5*9=jWz&Nz{i0N~rh+OD<I`6m
zG=y*gdP_M43UiF0&b{i%k?p}@viZF45@!Ll7%~}K1a$c#Uqf<k#)Tk0e5aY2nGLV4
z01p$p#W5YxvNJmGJ(~2A3n5-}QYPL!JF)zJcJEK%{mxI$G1a=9W!DJFjaZ2Q3Atu}
zw(~cBOz-d)g~Ym$prb;4a^AM!(>Ux@ina(Aj1u%8LPZ^wj_rpb#X;&takitu*qqW#
z=-P;<L>~;LN4NLa`+X#S{hH|NE{7fxvtor7XFC;0%Jaao17n+WVddta9|sl6UDT8I
z{R4`x_<3}t@2&%VD@*K<p-<mI6@MBz1KAVAPRm9`KJts6`x;###OIvTd^Wr3OS5@=
zF{|G#Ow>95!>&lc_<djZV&_;U@a8k>=#eZj@De^yy}`IVI#0>7-`{6oV~wtztWZg4
zt^3Z;3v(wH(mS)ZrYIFy-zLk}0P%;jQ7&e_EdSd=dlrHVI{^c$n4;B<h?cVrgK2!c
zaWdr~EGlTRk%Qc)J&KU?gimdYUz-{+UZ^8_M%mu}#!Y6&AL96YF1p6lrFm>!^hbZo
z&g*hCTuL2*E$DDVfIP+Z+BQZ$%9}QzLOiK|xCvg`{U_@HAZx9Whun&ccb{krDLfOu
zbaQud`I?`<Vp7AhpqNSh-hx+~WR@dVYR1e*;-nH>9Ii)B%jaw_gU?}E<C*FlLZ<M8
zsYG?-r&I}ckV8(DHsqPNQUPp~Ch-wD1?nOmib#7FAx(MwAUO08EqrO6M4ZS_kX{s@
z*KeUe*Yjshw4!J>)^>th7OIglRsT0WMgq?-Q=LmGM4;Z8#_LfPNE*t<ln)ugWNHWz
ztPllcT9jdPe#)p?@`zoQ&<aG-@aF90D#MY)37A+}2@f(UnO}<&tDM3?I^6h*O!4p4
z8a3CZtS5swD3Uf$D!OW`c|hEf>suwLZWuI)I*NDnap!Z4F7LmDEZ5+d$9=xvwcs>!
zTWY5&<~Nt%_ofQ)M!x23hVPVAxg5oc*0-S;m4r*G`p+<T9VswQjVC>C+x_6>BgH@^
zJt!Wa(QLvx3{&`(`fbDLWSeEctPPUfS{c!^GB!2e>~8^aR~$N(pr=Yv2s{|7erHI5
zs$yH^m+-*fa-lEVyoUmL`JvQ%-eNwtSa~fAV@<ggsnMm5*@5;qMzOuiS}X|g{(VnZ
z_uYi;L~cusl$I2#H%-|x?nWq#mT!A<yKIb!#=Kh!RQV>A|Bln$nIy5(QiD-GZ#YBW
zcZpPwA%Gk*o@Qi3@`1e_Fw}Ey-;p&0OyozEvB#;b8;V@YufPz{z&;(`DTp4s*y$bZ
z9vbOg&qa=tED3ad+*KWhn+(aO^MifE=HA}<-Xg(6I?pq`gG&cUd07<v6baQrH2s8e
zo&C4GhFu}CD?`>O>3lz-DF0-Es3rGP?WWYR4JsFIjm(};2YJ(Lbtj<wL-e8}fN}nG
zrtvtu)@X9)9XKztJxpyq9)um8Gjcrf-mA8~<imy5WJ%TP50h#1^-LGa=T3LRy-ZaB
zE0zpgH@L>JguSL3iSx9@w_rld9s3{m(mzvotTgma!_?(TfcK7~%3o&<t}8a1o(^+F
zMn(*&kVSwf3s1xCzYP>Vv8bXUbb0=^6@b&Maf5TDVP_Skc*V&NU86)H`hU@a{!oE|
zcyKf9v5g%FwZwN`h?Jjli(EZ?cyH`))NEBh=%z;zhUwQd%Z2u{x!EPgOT}fvgV0^4
zJ?<FXs_N?PoTc((k^VPl?LR2Wly7$geP=2p<v6k9+!Q188|HS`3nh$t<-eb;{P?Mb
zpE;<uTh+W_YB67EA0Z#`>5>>3m)B&F%S)B6IB#Wrs_UDI`-CBwObD%kgxQ@ofbPuQ
zkBG$)FfhQ3SraLFFPX_&=+X9xN?z1t2Ao-?5kACq7<p5L0dCgp)*3FR%-=GUFWCtr
z?bwB@ev83L8_vqf;@?C#W-!hQ=N6b`1GmNMe1k_S89vEBhyk>C3C-1py(9a77EFL3
z8tjgP(?$nWbr^s~fJw^O><|6%&+CQoL;45<W67^2D21LK7MvqySP33|j@rQZFsZ{(
zBIBC1j+-|Gy<%%_a<oMd|1Bd#xJ*!UECn)V_Cj4U=Ot34KQlnl5;fMNQ);FXGE_tF
z&~#X(<96lfb_6Enyu#Nx^GJLaX>vAr=kFI*>M15?&MF~kS3%p{6M5kAY``Et0Ad~`
zqdtFk=24ooJi^O}E5$YcJQYs^#>~t-j1cz*Y-k30Xw<y6GPGHfZH{U2^pM08F<;`s
zpn!tIFhybNDiMe@Uo8sX(G7=8E=AlUv}50&q<RlXaPmf{Ri2F8_Gxf59w;c5c=YD}
z-Nb@~=1I}*tP{p=mPu_gkJ8DM=8kWfvWC)wXzMvf#+y<)l8j&GZ1z$Z|5Hg?LqW7f
zqI=l$e|F?Ip|Rc|SOd27rRSShm6`k`YSr5F>U6PRla6Ch=)0F}1!Zj#1YfGme@TC{
zh9612n*}%*W!4)#E&azFB+TDMYf2~Ti0_%pMHuj;bR%jaJD?*!3xwF6Y-t=TzOJGD
zl5+$P&J<$I;f@5j%NhLMuK3+JJ2M4T1Tp1s!i`XYaVoq7_7FygQ(l_YPGA$-s(c1h
zw_Vw6nbd$EnYvuQ{ZV5>dBLJ4Z;A3>KN}{ftlt5>otSmP?PM2ljXWy+S??RR?tym)
z+^p#Mt6+I>bp`I9pFb&#g7RN^Aj>6NH!cUC6xUW@SU)v3#)3<wWtd9W3g=$eB)2FV
z!&o5Wvlj3_8zP-r5h#}Z*ccW(F>*(xgpq0FnrWIKOM#=Lfyd^hzS6612LU06k`xhC
z(aM3QW=6dVigzDSkUBx9asgh02%)tXm-p4~Qfi((EIWqrqI7ksv>9N`_IO>GV!XSQ
zwaFZoUgS4vvW|85&x_y;6xbks5(fsD8i~}DD%`)r<b}0(!9C!$Prcyhf~!`FYI1jQ
z{4Xaf__^|G64A9ZPej+lp+2Y-6-1)qmAGa@f|M?tc4*I*3*`ATFBII7mF*^J3=2xQ
z?M3%fv8tI|Bwg?X&(^7UBT=?yInlZtRt{Y3PeUa@y-r0Ql9C=g*!ZOL*yAI3c>Y4o
zp-B(?qi=5$3M~#e$w$f2tlE60YudjDf!A>S4xPZw7ZkR+7C0y={_jQu73}sG@I6pC
zCB#;t)}&f!b6A?nd<l~)lk(mm#_oX`B-%hV?TlfQ)Uc;m#VQFXV$VvPDH#0zxhlSQ
z0Sk^hU%Ra=unS(nT{?b?)^SG!Nn-=rq^M|nNqapM)<ba8_3H3pw&nH9VRteDopg0j
z?+GcB+|z%+O&TSLaMyyB>5!_SAHNDrGA>$b;|vw&;PD7b-fB0f9eZV);!8Of;-{u$
zsiIJW1k7QvrFxTLwN)s7&rT+^DRYX4^0=wQ*o(r9P9~Ht69nKl-a`aOBmUN&6}v;t
zU;^@UQNx&)3|EV*fdv_X=~vm{yz(%tS-IGbvb{5NYI3+?vy(v5JEYz8g?iquf8k&@
zke)=jneYBt-*5AWtp->2H<FRLgJ-KX(}~ZPY=#0w1^=9qoDsfa`d5d?%^VJcD=6YE
z<w0GSnAo>H>40Gw5GeIBR^5D%UeFFlb`8s3$$7<#(g=H-oZZofyRKdscB>b=f>)Cq
zpHr@2=I#Gx4ulNF^j2_2D6@u)&r+zO5;-0)l{-T@Sqbo@z(qqJ{@M}x++U4#v?w_>
z#)l`<7*62&{Zfx;v6V2FXrs-3Q>dm~Dgq4c^T^-7NB{sfSEY-yh<g8W{Cs`EZElW1
zoH%H^a9cs~+`<2QU`jtGJ!1L({rP*hp;Le|3g*eHG-{IiHj2+Vf%t7>#m1#R*JGY&
zUh9uNeS`kL6O23Wq;DAob{b13CaK3}jq1BJ7ByZdEIHrtgGVd8DuVOvQ!(<R7ab=1
zNQ${g@}*Sfhr(N~7Lm^>IM=cCt8Av|^4Mi=f@JkP=9(lnTYcU(1g-MY!2Lj6&vy9L
zl>T#;{qtjp4&vXa7ePtMu+w69clTJAoAR*QXN@|h&iHHR3tE{tQWG=JNE$rtp{dKb
zQ!*0j67u|O`<f!)dV1}lXH?E&47#YpZhT5RwSBU2JL*es?TponL0LCx#1}n<KsY%u
z6IpN64oF9-LJM*!*KePmmQaREGa@~|4IG$APEyBV|94mXx7|HXjFwd50uI$E=`<ss
zXj0T3szoO6_3B^-mr)8o-D-p2c(68GZ{JyJeTB{MQB9Ga>6~3Wf{Lu=Q4D8tDCHa*
z&v~_S_ds+BQuyypmf+(*aSBGa(n_6iG{byS5|v?vvj3-30P>e=iDF#<ZwUD4oThR1
zvMy?qvy1`+H6740N@yuEFvVPZil%srB_rfpeWUF$S;H0h4crKVSVDq_WXu7@WZpQn
zQ>4~jKSR`~51|Esj@OCC?851Ek79L&C~VQ+g};^N2TIdDm02<CoTVm<5<zjFE;TTO
ztmOD0d>5<KmopConLg1n=;%K=ibtJLYolnD9Em;qPpJcb)EpqC29TfZFqoPW#!$#f
z4=wemP?yxb6ipZ(HtCjgrt#p#A?)8*-E0rO>Bmk9IS7EU*OVJrj=5#cCFt;SLN&1!
zwC7}kQ{FwLwak?76jq2Ri|O3IU9k*0?VCuV9&StU=AX*UxF!~$fB9q+D#Hk$7&`oy
zd*N`rN>&t)C<jRt2llsIjHK)R6n_@92nCf%lC{;hd=c}*OktD%2)Kdr(k&!zu$B}(
z^wrnKL8H@_M6puM*l}#p;rq#I7pYJ5V5-{{^yr*|m?L(I3}a$U2)j?1`f85aWOZ_)
z3SrCLr}TNvMM<;h1uxF{&wyZL({3Iurh(LR%8N^)siZo`ap{PZ_G<g9G*=NdN&hW}
z(tJfft@`vd$FHV%-BO-IR!z~!{*jLo{l7d;w~(NLUJ?Sy=iEFHhSC%5IPtmQAEu&@
z))cvYzB*SaU(a6tNJX{sv^{p#Ia5Gg#~~_kyv?j+J{r3_dHy{X)c28Kt;u4JmqU|m
zuEQ%dc`h(+Uv`$0>Xb@W35S$Q-WdzVh7@OPpf6@ql5-y#aexU4)H6j?3$}8B9RQgw
zYOookRii`yGwQ|hB|RHiGi_%qImQBOh4k-gzNtJ}D|%XZdXc%Bt<2XJ!Qdu3qyJ^e
z491aD)r)#1z$`evU!QTppotfR@0VO2{IN6IJ2d`;$(>DZm1R&A93i;cc5m2K=WMV0
zc9#;@<q&aozHuFi=KdF!fBiqkzM}Z>O(#%OWR42{9e_{)<*1=g-#~5M%Rl0^f0nbp
zE>iCNR#&)I<Ma#oS|RqGMH=5g1_cNJLZ)Ywh)-=tZHMO+I+khj6RryK3<pcPcTV7*
zA+`Z6Rj&59)k!{Hs!6GYWfVtLK;DogN#}K2Q50&T@hb(QsH(8gh`j|Rz_R_%E8&b1
z=<%$|P5^21**#w-yNlQ_sXdydC-S+ywt5UgHJVo--Z~vTFjr{CNA5TR-M@brr)O|_
zhD_#h4=rn)*b0;U*%2wUbG2+L3`6c=6z@r645ba>nOG8#`Li`J0T)XslW+8*tr>Pu
z?z{0lehHrnKkVb=a6FZwdl)TxhZV7&@xts%-k(IAKvz*BzinzIM&QnCNg{!fz8))z
zd$_vr4_%T^B1CDp$fq=ugSe>`Dl5<^^?luogkLIHFE@4&UOUz%Uk!yt-RcrZ+b9mn
z|M$yj26wkp;*CI&K(}8Q1(6N{){D6mPc_9#GaE-M%m-c$9~hkXTr|O}V+x&G$OQQ>
z*S!ph@WSH|k5QGci}y2@YsK;g?k81~i9Pb(0W0C@Ls$#@zt2qTCSxjL1;>A5)YsTl
z#O5E7DOoiLBFm~tI_xT=&xbbr^pKC8ZlUY9;NGn1)0O3=3d=Q}YH`wX|HwnO3FJ=v
ztVw{n0p-I!@+~PG<V9`I@HaE*8e`Ab)G*k@Y=41pXa><5*t5NZ4QOz4?8&NqJ6Rs-
zN1NpB_TWVc?Mh=V#9z7l<3Yw(I@8j0&wRL+aZIUB!HyZFWVlqFff|rncMcuZpY6RT
z&6vk#gb_aZ^+$ELPgZbP&9t2sDSlYm7D@uLhDl!OBc+qX?VjgPpY<b^d8d-<r`<|P
z@Wy2LlsN@br}|;WN8pzgG_L7YQ%G-a+FyoIv_~T}gMm=O#TWtP72ABixS$9)_;R?+
zd&9s=Si>Y|Kpb&9*DZPzqms+BlDbBV-YU6zh$5xxu83xtCgl4P^RnyiubPh;Oi`Ye
zF27S8+-;9TcfQ}(S{uJlmJZVVB`H8$HVz}Ii1DXp{T2=@$R`P`sr{nRsDL#M@90fM
z$FI;dY7l#}ha07e)@(_!U^Vc@eicM7Q3tAdFc|?a?VdIAAyl8F6YW9-2g4(SP4UOS
z85gM6_@lzR;+mJEh3sYVTvw|$zvQ1n+b$X66Ayl*Whkgk!_mj3MIT0QoqE%!(|Tj!
zx4f3HmYjd^AJ#H3VYR1BiR!Uezll<n!%t<<Il_y@{DtK9%7&Te$a4T=6B1#YA%|f_
z)GPzIa`+G`5}~`jSLmp=zitv+UA%;^ww6_br+QR1$(I^o%C#^hIH8p<co%V2g1$(p
z?CxmdQCjtfqEZkR@ZU$>xUMMW#q~Cs#P=^YWRR@AU%$_O8q>c9(<%I6^OlLhZ}-0L
zunYD6iT=I!9mTrIbHvdvN<wqOD<4;So(Hk1wC36k^f7>EeL;+qlrLh#n5(36CqW*i
zz)F)WHUSe_WV+7CIk~ujC^yJ-F3qJ$X|)>VmM(nX{8UR#*v?bd>-SBE1eJcKlY6W+
z(+}@C${iV`AtMN}O#+8vQrC}cY7uR3QQAqfVJ(YdGe568p%HHo*Vowt#qh7<Bm5C{
ze_J_@GV~B(juoW4B295o3rC~&$X3azBPKJRi{Lkv>?rTVTcE6v2{MF66_If!5GLJ3
z#LE|FogpYJ1<hYSuhPfGFW}=9)|`vm9~KI0h!rK``n8Y-6DETT62kboDRTkK_)gs?
zq7p%y(e>HN!tms{R%JrMmcuIq`!=BHF=&Ga@0bmP#BNb4vg=*h=4s4sgWShm<JRCv
zrEsbzu8yODZn}-{6*0p;V}Qba_UUJf$4M@Big?<el=hcTGVPC1LzKHZ|F$Fs$ixf)
zOXF=<ABCo%O!zdKK?zzht4LK@YW;@2TAiXOB)k7cm1nKanLa#U9f}t28vdmACwb6*
zh8>vE95AiIMTz@C{l<Is;P46j1FZ9UONWj+7WDV~7v+?=7W{utVmg47Nbt9s97;*r
zN$U`@BU0f)lbYDp-o$^vJb#f=o!pZIeYQ#!D|kr5*ZQ)De3mb;MBR)+>|Nn<+U~Nq
zS<_+04Q8ufNoKQ~J<(v;Qw*-nJ4X0>LxcOT;L=v&NK8A16w77$bJf4S`m8G$UuX07
z&s<E%^6n`7zv7<zpY87ZR-;;K6;-R04ysm(P1CBqDrTusT9nwUMvN*|YSY?#MH*^E
z9-CIFtyV;=+G51s<Qq@hr#^qdH$UW+*E{cf@44sPGhg?d^Lvj@oDC`uxvEAwttaPS
zN6YU74qKp`Lj$vb&S@;QO}Or7uy7@3FM9Ea{qqcm5AwxIrPm?sYuX`|<u|;5S1KOM
zwlZtYeEDH4HxG-fFu76PUaLNx?Nm<5+Eg2B-v9C154v$fKq6Gq{bvEZt(mdu9!LWa
zARpe4Vkmhjw6DTcCSzWENwaYVr9t)cw&@;JKGLwd_EJz#yVF520if;SfH6q{s_IQ*
z$d0&oM;tf^d+M(aXHB1tIvmrzG8%8pbwEx`wcr1yUFv?<w3>EF>WfI>!1Vpn;~9ZT
zXY|ES!#eMy>o#-<pck_B$9^?=&CX+yGc$hdQ~0Cr?j|sL05Oynty2(GCX9K<5hY3T
z$uVX2hG>YOc@tx&Yk@lrWnuhXhN_g^Z1c^i0tcanAISzk#Q`bgSuGF7Lvpm`dl6Z)
z++&Ir;d0_=<zu$M7N<LD3vUkeMJHlpEO=FFbS{vD(FRB$U9ZyT+d8-veAl&XNW2Cd
z+0um^eR1Fv2L=q(Z)3R~F#`CtX*yy=j{%snpxf?l)AF=Ynbcv+jc1Q#(C*7umU=*U
zyYrK^i7(M5Lv5M!y4rnas$`659$CdkPoC-o9sX8*pLc0a%4K*{Yh{^3YORSy14L;t
z3OrolEtD!dDj&!r$n)DBaqJf4;_^@nRTWk7d&YNZ!?F-%q?EaeG<FjcpDU`it}g(p
zzZKjEhn^RR&Zk-`TRRK^>D_EXH1RJBab;;~5KSY0+5}-$GVN4i3Ivaaek-x%Z1GXV
z4Efbf?&IgY&C|<^29@TiSxQGJ!nWOdi@_BfVFcXP?&NZHFMVG+!DNfrQpcba%D8g)
z(eGV+yy+KV=ITmw>Om7Ip5TDDH-k&!r6LHB27!>X{5NaJ9zwN*ayFDW8NGG0!AY3u
zZ|W>!*-v;9pVO(+^7HDVe&{Sj4N|^imS-L^%r3cUodsT{8B!g{5rL;h-HP)Udbdnt
z@VXJ;$Z?UzWJ#vGa_1?#>G;%vjo_~Lje{|lt_|rq33gM}Ilpv*OGFo&%tVeJ-%-oQ
z6y?P(K4&?uyZRkXYaJHLrCe;HtKU1A@>zwwvI6U))z4LX6UirKUvBqPW9|G|01as3
z7X5`hfl6vbdF(&+R%zDR&~6;r&yj+V*3qsf!z@5)`)ivvE8njavZg2<Q^p^4cXt|3
zbu=%8m2)4~u-2~!Mw8<AD}K&FTO4oYF;eMSO)r;aUnzuZD;SSglBIwBflBK*=crqy
z2b|R~*f_5soEco}A_*zf)sAau=_4EC6#PPZZ+i*TX9Nacj?b*EHSWvTM8CP%C{j=m
z<Rf~l@0oWEfp^*-E-wtkruEkP5ne~sV=`t<eN4mjj>GCcPakO6no4Z>;r4bv6}fxB
zX13UpN_MeHY~)~wksV=;`i|j24V~lA`4k;E)*d}$fsjObps0WZ6_;y!(WO*}Cd)0<
zJbfeN=xf;OLtF_~1Tn!&KH^e;i?GM_vqHn}IKUUZS)=W`Hg3P@G4c@&RUfmn_a1X`
zL#=r&UQCf<94|9F?5csoRf%;qH?W=VM690q7q!6`bG%afFc=t!W8cwKTRS#uP9S&B
zb#(I<_EYj?oYl2U^Qfm@2X0nq<c3vBHP~(C2=Azc9W3we>_?VCBQ?9O#^zG1f9~;~
zDV5#%cz-ZoUx1j$2AQG1`$1L)pQ9JVvRczB34O?vs_1rjoB9n(V>h^!0@yyicQaJl
ze!9Z(<`{?n8IlXXzx<0EqQYHkR!60U9XOE=!BB6R4)^DYR#53fpB=$PhEZh{sBrv@
zU~lwF{e|W0zea+p0N~oLcfeku=Pr`}T+l=-`nw0iL2hnH8ylPRuH6m?{;wgwHcZ@g
zFwB2^>;3q)LB5l5FWlVi_0ffqPbAyy-PMnZym!{Fo#5pJIsYUAIE!sL(R31wuOl9n
zbBBTG&+f4IK*Par)c=6npw2U4Laf@=ng)2FSnAx*vPLr2e+Pd*%j3Wigd5VydjI}?
zU3$!fw)@nA5vLm+4~ys0klXUnw#*#OGL&_W;XpiErfjj%LO=2Co04BR5Cj8i(83G<
zbX}jn%9GC8<)Q?rAw+GTiC&a*?g22{eQJB$@Z5i(e5VkFJ{Bn`tuzb}=kK9|B`aaR
zue9i+bdVZ^(T&v_Q5{Kjy&@x-`ExasQW}IY(!jWTp7w<C`ZKn_z#sWS5{(8%FTP8W
ze4xl_7$?sW>VH5zU#Gz1Y$56f>Gg6!KE+Hx&EhLxITUM^T$I*>;8yYazqZk&gOjv#
zvyPQ%on%Jvg+oTl(k7fB{^p8rNd`La@QZ4aSv>gnh?%`1{|7C$Vq1C%z}DKPMSV6B
zR7eO(%j?~)aFRnN>B82(hpipHC=^8h=)`)o3oI$+*mJ(%(&Ue?(l82Vc|J+<jdez;
zIjgjhiOt4vj-ZzLed8J1zeEZ!(&Au4O90qVleYt1m_Lx9cU}@3CD{sHik}I6FY!Dk
zY8JCNKdXn70$Y}6H2Id9zOWP+x>-_%o)gz-;q=`Lcg}H^ZIp`}Oxi>Y2RPHRnKAsP
z{v<ued<b2r`Gt|EB+E8Ht~0)>84Y=tkOh3W$BO@A0F$hPORAV;or$`Lh(U!c2`~OW
z6jARRqGVVF6T2RhodxvrK7L9QlHKTou*VJHLSohiDD^^%A-I+`_mYyaj+u}TvX%<Y
zU>SD2)2qneYyhJm9`CB_d>n#@0LkGFafKMwUn{1@;m+S~Wki1pkCDCNl%W$r_k$k(
zXVnx?bDE5|m#T_N)}XzE1Nv}pBYVYy>p#vqncR$&ie2^-h{G#bp2+G~7baX@|7E>1
zByx8^JwiD(A`zz_0@!@c|CScN=&3|{K{7b*V>7W!=O0!9`DX-npB{AK670-_mZ<e!
z@zd+mxUMpt8gwS$Is?c2Rj>)O;@_FhoPAA2yb63uCJ5$`0NCW(RHsfq1obppogM@T
z*747<Q1X1q`X5Zhzb{DcUOF|Ce?t`c`)i?t_YYU)mWPq5-a9J;2l#q{YFW?q=bcGF
zRbs+l72)_Gbt_X`)Q<C%SZY|ktYq8cG}FdlhbfiEq8!k~>ruK-o-6>EMJGN7yrl#|
zIM!FcQp2;d9>Vnyy$M1V!5_b0Sm_KvQ5EFo$}2{)4J7tivA$DIPtTDkn=3GT5I{`1
zQT$Am{}<U&pFqQ}BUV=IiN2bG$CziniO-rmF=MpCG#xVW%<l@HVGaYYo_OOsN)=K2
zk%F3<8s8UBl#R^@$45?N7xOhzdx@0|@*=xZ#r(3nZMRdH+E^TpeQ)ipEMX$urVa8<
z3dUiBgL-_#tU>KOHRamC^1nM2GzawF%l{hTIOK1!Hu<f~_IU#>?B$MkJ9huBm_i0o
zbDY#Qx}}j)P~4qTl&e}-m{pA*Opzj~f(}0A+wV=?*TbMUcRkwOR;Dy{Oicxh-je>M
zM8GT3-pj820|OFVtnSmC(ceCxxVS20+rw#3iaY~<ycb~@6Vk?i(4AjqCp;=<AIUea
zx9b^XBf$KM$Mf{Ze01qrG<!T&2!%ykZ5P4zY7P>2{ySI=o!n8*J<sNBh!@2>6YHZd
z`BO?mj$&_XHW!Q)6u!Uo;+3z8s9RHki;O$gH=di%cws0f#?j~{1pT%#&#d-fOo#zs
z$!panG9$amD0!fkYU%F2*qBTGa)!$f(d*sbA1k3E<%=!o_+jCSpA=YFuAstH1@a$6
za%bZ@S2dNVavy}{J6NF#rCX5Dg3uoWn`}~}d_i3^n3V!b50MJyaXq`xtztT)yY*Bn
z-5q6Qc;m1Y`ycSl0AMOfVhT-WJg>gZ$UjbX86L^5Z1vv;%eFjLMi%s&%4!XO%eA;=
z%3~2k*Ul14m&4R0j&*%F45f@-EH|V^+N?0n&R1ab3OA;m!k-+7wIxc*r$*`*&JB^Z
zwYBwjyc9-0U%PB9%Eg-BmD)G094q3|EP|=33!@YlH3fI}dB9ME$9ErpW2ai!C%sk)
zZSm#QbW4sb_<<_>3RNr$y)RCC^Yi>*@O~J~!xtw49Jpe=rGt&5bOv8C2jgk^elu7D
z-w7Gkh}AZ%KWBUyovTw2E<b=s-9_s+jOE&VxX2MFq(V4o#si_-PdoSW(_wRm615wh
z4mg_~#XLEtHddfYd%a0vYrRo%$5M%9jAxO{Tljo!ZH~HBweH><@9VazGuCc1uCTg|
zebYn6Ss3_Z|A#hf&?a52y%A$qTm?bMJjdD(g$rG({H;le$NQ@($4ti8vGZtIKd#}+
zOxBNzs@)(^tVVBG?1$+*6I}_$if~<~LUO-aHlbd#_G+o@{`i-Td1|`4@d>U)X5L5p
zvoP&a7-F2?bDMN=xS~xb-%^)Mja{w<c|?&PS_!?#=3!Q-_f|B1GoG3e?>GGhy=3Q<
zua=Zyt6z*eY+;w!5WNMR!!nz$zc7|vFB&_5x7-kJz2678`DE%AY;N*Vcx%_dn~Q#z
z>vC881JjlUx2HVsMAlTV^h@h@I0_ugjThiiFquaBPrlh48f}ruNiz}PH#m{)T)Qo}
za0XW<<@ThHLfQw3@#$ncEv#rjZ}-TQXK%@V{1${=kaL3V`h~h;ufaUoN@!$06t&bq
z$HSeR7j#4-$}*G~ol_c8UH1*=pd*FCZ*PU{rI_e!X@&<S_cCOw??{tvC-MCex}bDW
z+k=+9jX9w2;cnd(Ieg98U=RAQ)uV{#i&%GaflP{>o|=e>Z>Y)wYKVSNvikrBLQH=-
zcP73NPA$(CzGcHBI(`LD)pd4ZsMgq$Gf?8`W>urF2t3yet~^ty`?5X)BROC=M5DGg
zT(~^@u+umT$@tjLA#hJYGLBh~1%fCaRHqX@zztH%-p+9fEMydY)7SP;{U0**1!TTr
zmDh~$){vOSuwkSn8Y05QY_ZwO>+O1o_kBJrR;g>r<ee$Ul$Z^a<ZXGfa|Gnl*YlWg
z)<XQGC3A7Iy@#t9-h}5bbAOM1Odegid-M`@XQcnr?T&F_Y4)amiD*VO%)OV|ok#pl
zwTcwR;#hynbRI&#2r1o~&+ynd443F42Q%}44PH!uU^MuAIO8}i_lHU)#`?3vY!WT8
z$+ogmq7&jd%R6^Ndh5nLy}G~Ei9L9#g~E+i@`!#G#(oKi)0Worv%t*21~*aQ%>MEg
zI}lwpkp!vys}z6a=qjy}#C!;Y;6G>I9xxMo2?w+{lpf8wiZhP0+1WTL(n18mmd*5r
z*j!LRsL}BAukV}pujqb)f7W{Y1RoVHapyx~`{Vkmu7I$>7o1Yh7U|K}cHEa+O>2t;
zzP;$#=47_{L>}%sq!o2FOy*<Ny<G3f8tAGidcppMrKOFILY_vN?6b*;Ycu=?89bV@
zFBQbS+_o{2#=BFp(DlX#srJ>D`zbKhbmLgWVl`_$_XcA~>2zTOo6~1TRD7mcLkF*c
zK0UdThRHoYP0gOql}4SnM=B}uA`X_1GhS+EQdrS()8m)j73xyDc9Ajz9mzx9IfN9t
z{7+U*&Da)ht3f~QqC3ZT=@Wt!d<Wwd05-nRh4II)5ak^J87WP`{cg%zSG{^Da~{f@
zZ;P2!uU_vgh&nR5WH}+BsR=x3MgL3UMw9T6u@Q4|21_hjII(VnT<5~SyP;wb4p?Ph
zn2wyabER<WhyvGMyUw#Z>ao!u1^XY!`FN3w2pjy6T}9H?D(fb<TP!{V#-!*iN(xuY
zltsat-+#GOB~I7jjnw5$0o^oS(A`#^QjA~|JIADtbR6?Rma~Dok=KNAPU_lzyK*nO
z6A@U{A=rX~pp$J1A85kMyd;y`%v5eKb<5`0V2+<N@<c_stfgjq{>=C~`pi^)cz|qd
zOByIn*CUsGsSC9-cH~qi7Vu?oT{SKGvXOuaw(B{r`n`jo+v5J{@*Ne^LygX=r0BP!
zw{F@Uk@X=(??F3@uVMcfYyr<WP825lg<TxHm`a?X{tVZ!yU}<>Y=6vsO^Qx~0CgCy
ze%dyXZN#9&gpZ+J%`4p4LF*`3PpX4f4Yh{A*5~@#R%o~&Mc>>*Ns1!yEU*w%?Y16}
zkrALB1)=F5!C$E3-Ge9h+jGWUacLiRy-P|#-v7g?X{2cP4f)D$R$b|Q`~Fhz?JA!&
zZDXKEQPM#hoOx#z<vIZ1#84lWDKN@ptO#3ejd|l+2gB<Ul&7c_#)R%9<Ylifr0F2T
zpt0Gt8=$<|gnBEFM;SCnN^6i#0p!N@hcF|d;VuEb$KIYrh8hXV*vwKWkNT{+U-1E=
zo~b19r!qs?hQgsF9r>4iaMMFli_I5iE`vbDfn=#%@AZcZ=4s%-ZL~IjG)nG=C1*?i
z-QQYz<lf1t*%|dn-$)6kVC26MWWI=*a~*PzF;daRns5oLdN(vJ`LMVpP<Y*rZxgXc
z8{yOnbzdcXtuOL3RZBfDY?^adyu>?b@3<0A_0V@YzObfOIJ(9aVWWfaS0^+2Q5aOB
zAo&Gmz(lSi&|f7os*NJnGoz?WC}uSE)V>{Ahv=KFsFcw!hM_y~^R@2sOcIzb>6i|!
zY&QvEBSwCce%0A$uQ%2=UM%kO2U*GnCWdKU@il3tZS4rR#(gx8g9qJy82cr)lFt1&
z(70oS#44iYx-hMj2=TIO|B`n@qx<wryUM*+{h0n6=@l~F^cVZ*xD&`3?qW+N`pK-)
z-eDERK9etFty)lrSG2cbmA6(Gq|zspLN!eflS;4@`S517Q1+<8nSQ2E^?^X#sMTD=
z8!(o2!?k?DE`8^>5)lOdjiYQGVzF4D-|=C=K@Cf~=PZ*;Y&NeUv6P{Q%Tv4<(YzJ1
zXr5OVe(Qe|O0xYE8hHMErktCb8?3Hw?7iitO;`ET&LmmY$|+*G)Y3R1NmYp_n6}og
zdmG~Xi|Be^%wehkyr$;qiJhBSW;vbR_P$7ZxfWqh-l_G+#Ulomg2`EBeGCFXn?@Ib
zKw$2%BgotR#C&fIB-7QOOD6WPZ2W-Qf<Qm8aG3>?u{@eqXDvokv-a^iR4i;A;pay!
zjJ*g=PnM-tBizM~6$snyh&CZEb{H9}*sSzv6E&RfYHEZWHkw?@{F$O8gqR8QBDXn$
zZ4q0}XK^k9HRjb0vsx_6(dS6hqS^@&T_v`usa%>5f%fid30ql=v%jXcE%$(x#x}RJ
zdkGdr)1lN&{%|u<J2;+L*F(+g>+9vjg6g*u460mV*Swd67#J8NJaUsnUdD8#NKB2)
z*x<)%y;dscHs`Y=C1=XY%0}x}y#h%g88J$qV|+Y1p9TzvkYR6*Uj_c1Jh+nRlu&u6
ziTZzb5r%+Dh^2sUpD96oMV@_2DNQtW>^RKlXw=fAJrnwRWd4MePCPTEw;;nnDwLdP
zhC!us?#7h;)L+CC|5wNZwV^uL5+NzTKc?`Bh;HHq_0Sg6&z$x+Ie5;#j>s7*cyrpr
zTqCD(ZQ_-e_@5<J{4=<CMDP3#3;p{#sD|i0uBm8I{n4T)4rt6}j(MffaFsvC&B>cI
z#b+KU)_~*WPJsXIr3T~>UC0>o?92ZjAYNsI5B~i6)`H>L{nN{HOz;X?_t0Jd`0$pV
z`wJ@ZSBRqjX5p(i?!eP{Ql_ABy`ios|KFZ|y_msu?Pl9)*BI1G#FKKL7VYUNCuxaM
z5XE=*PU9)6+}~xVFfT7Jhb4pae*hCqXds+BAN07#OdEXV4Dq8Zukonpq1o&I1H?wC
Awg3PC

literal 0
HcmV?d00001

diff --git a/docs/installation/images/win-page-6.png b/docs/installation/images/win-page-6.png
new file mode 100644
index 0000000000000000000000000000000000000000..2420b497abb1788abdf60955928c65300832ec6b
GIT binary patch
literal 88115
zcmdRW^;2EVvUUOlcMZ<Q-GfVTcXxMphv06(-QC?GI2(6&myNrBdCxuf-19GdKdf3+
zT~jkXy?T0{e!6Rg%gc%(z~aDu`SJxpLR?t!%NMY}&(}$4$iEV$grmj3udhyuVuD|)
zC-F|ceEIoBLRdiA{VOO7N<UF#b=WUs17teqWk>4&1pv6)<R%UvO6DH(cyP@&>yqQ0
zsyJPd<sDmr+mN)I<qkq6f{7!T^^#))`c7rYgONHTcVQ!RymnuX^W5g#d>naXr_E^4
zV$z__mRG&K+gCl@=L`9%@w!3cGH~H1{Sy2M$VHZiri4HTOM&wDd3}gaOY@ivN5bPk
z#==Tr;mhgShN|a#y^ET9Tep3Y?fLqdVQZ@d0)edIhc6O;sHY{_aX#GU^G$eehzzR5
zV}QYa4gQ}=TRWlAF)@Fqr+ZGO-Cb<FX6AIwBjIG~TxBqSbLN8edy7vWkJ{5Xo-p+;
z(T$C+q8mJ0R7gs9eA`TVa?BLh2_IJ`_|IhW(AvDv?(Xi}=jT46{x~=|;<B=Qdn_rh
z#gjvjfekDd;7|retctbXoC_xw%kAwuOxCG!m1T*So58Xp^GS$D!iDQ1{qw`m0|oao
zs*b1W;*~b-vp3~$=wNDiU!`2AirT1*lbU85SG~4R4n*QQo+HMb+E}d1D+=ow1NYzB
z=j!X3R`<5&{27r**s8WU&U@jy_4CRZW9!QyoeA)-oU9*sTDRvXG3%;%a&|ju9ck96
zqIwa#w1^ZwVvZSv{43z*D9h#wobCp<1~Ds|!bd^x=&MhAr@IjuT_4sW@{br`SiwK#
z<&o2Y7t(p<<q?gIjV!#5E0-FQQsO?ZRi>y1Ox7G+UD^3fR&_{lB*%+urKtHS&(BBm
z##tR@H;OPm0r**fLHPs(!bf|K58<NJuSfWGSJsaA*H)*Ig4-#fKhY3en)V5n|D2{V
zT<svf?uj%COY4u`&v_Usido0#@s6boaao?>TKvKEYB+Bj=9a2Yd2!Xz1-sV!OndF7
z?HknH=b2<mXM7e$=G&ptO+^o@2n84InjoVWg9%mj8x7$-U_8*{nSZ@OE!!PXq0M@?
z<6D_wj<hMIDrg4=DVTP;HnXX3^xNZKGd5hD#T1-mhK${o$3!)K8YrZ*v}ZrwE<+<#
zB49pDdH&)&r1;KnNxH|yovr41Y7qQ~0pEXrNtf(xW^0erkaTm8Lf^)^Q1vbGx2}8k
zP<nb!;nNW-GpNR*@baa84~%bXhQO|4ui)(Z>|eVN{>c=oI$`{gzX6JIj}B%SAYjlP
zy>Pcg7(^ez$k|hydJ{>hPkg3fS=mG$Q$j)-`W%n_Y;-&CviSbac)3NmCV7@DG<0#`
z{j&T%{-lro=;w-5K<vZOps-y+H?-pTc;dm^;@lBpfj}oW)WskDi5_D%Fk<zz@TClp
zg)E}QjTd#qs+>*7?V|Vh#I-^|7j`|;Bjl6awwa=;gd)b@?ZUAx>ZT7mViD_h6!gRG
zm=1Y1b=}baskF*2vUTLz>H3`Bl-w=HWe|qM5Chn|5X+}aib|pky5N6jX=k6Dq+nId
z@^USiu`D_#n3Z+Fp_`X7t3mY(tk|NYM<WZw7CYISoOBg~GZq`pR%$&$(DUAOPqFJc
z^Z#t@br)-GR@$!ktdH&ul6d8&E)O){x^E^2f$)pgC)NDECI-R!e+ob}VmRA^YmUbs
zZtD|&TtS5Deo)A`lys12!?>@KDFRG!JxACegYRWX)!1gH-tWYCwYo$=2$DiBWYp3J
z4&P8}+4ZNj7&UQb3ewbNrwO@-=Va)M92%Z%_W+28<}4&$+CCkOPik`~d*pn<XPZU~
zr}wlQS|a{G{QVYe`}59R-V6juV4NNmPnMEu1vXAfpCNuM<k74QWll+65zIxF9)F3#
zcEDS2is5L<NG;U*^QaXYr=pD{yA$L_IC78HvF*B&$7JYuM^P!}S1hMJ{(>Qace<5U
zEm+t|dKnVIbK^FCICmecyx1&VUdgB6e8Q5s1__x-s^c;W*=)P=C&I_Dj~j<e&N~Q&
zspJL1qPWX&w<l{b1RN623*K;fz#PnSz|Q6f%e%fhZdcN#sgA~<>HRya0mp_;V`t<F
z@1<0ICznEop2SHt{3w{G<Ae}Ncw9$Gtf}KQo}kGr^P+8p(OzCea>+epdb{+&#Y}vV
zR}Rr?v>`F=#xrM5gty4VjsHRe8op=De)dl9Q5>2wzHWcS`E{jiTqpd4dRM5!D_s{1
zT2H5uP)!j}#=4EuvoK>#Q)8oCg&zEjPl%(GpI@a+bmGNRX4~2M6~TP$*Z2ObqU_ar
zXV=NM#2>Z^ZMNd*8(^|_Q%9tQp2ztp)0wUOFUJK9#ZFVakH|PUo{LAmCrA(*zEA{#
zq4FO3{3hIPhOqDhkE_5S-aE!LJzohO-3yG++>L8v6aQc^fI<<os7Y9{h1N+K_&Tuu
zFygii7S>-69c<`JfZ#jya!Yg-oY~$AYj&Lu-r%@Xy_#}DQOM{(k@x!^z_H4;^|{@!
zoVtL`49lq-y=14u%iwZ5rlSH)cGptf)TMuJ4GzmJfrHU3uHJ+~L`U2Hv<ihvpjHAT
ztr8lhl_evr%#kNpSUH%6x5<-JLxW=uqDNZs+O<MgbR`Xcayel2XmfNU?4kM6Ll8I<
zUCXy|^?nE~^6db9@zlOdg2L&Dy8GjSh-_!ay#q&hOi4(<0oBX5(lBO6(-yQwtmkq{
zzQ~|8bqEho@b!JtEb7F7qNJ>oS8%%Fm?PEf%sgk&XuTjhIJCV(KTnnMpkKMJNNu7G
z^>mZt!4JMlK2&P;<A%#vx9=f~_@aZM;ZU($K9&dM#FI0#<Ke}NwaTW4C@mMNP;WDb
z>yQdoe|>@Vur35@3d|;Zc+(tonA)@I3{Y(-W(!?pCyl42{q$9b;_;SAEh}oJO#-jz
zIfC1}A4jH@4oO&3uu7vwU8-#&mKINd>qhPAZcZ#jU`fN>{v#vQJ`J3c_Hn=|TT{D!
z4=^4j>AOx+krD0X>Dm6$p{geFvSjZg$8d+}If__K);~#*Lgd$*|7(3iDy@x=u;q*u
zLHpIQF<HW=hX>kR3z=5EcDpiME`#m79=WWulgAYnz^PPPQ&Xbg9q&7;Z|~ga)d#^N
z7F|s2%is}-HC9`v_r~TklOgRMjk{%iF_v<+fPJE-JntGlAD>>lSD|b@u;#2MvL;;C
zJu`Z02se0B7V!5v3;x9}pzwaIk}7kvI5?h0$1wR(Z8(bBhqfPF({PxpE$5@c)p0aw
z5NQCpH1)l&mR@%`g<$t8B$(&*P`X(LG*q~ZE$vXB7skr=<L)rVD-<p44qNAeQ^+)a
z!8uqXl#1Y!wFetj{Fl{_w2U6J9i$BPmwQZ6x327;4M}4kx`_+SPf#evUh>d69Memx
z3hCV`Sz~N<V~qY{zTENOv94+IGb`!%!@RXpA8nvXf_U7a!GLGoMnau18Jlx$uammY
z=H*xj>!!_EBh029IF2#Iv+_!^o126hq}R7y<jkJ4;vs{r@;R-+E|E*MgKt(J-dcLZ
zyyK~kEw#HHN#lB5iCKF=`)w_xiW<v7da-;__)7_tM{xKBjde9)0|$}I>8G(<sn^n3
z>(N9SY}4jIgSC#S>&f&icP~k=>y|t|iul&xisf}y|4`d3aXUT0v@*1Z#$^5TSSlxX
zVsG6Z3=eobHBd$biz^d`M2v~2FFF0UkhRz4r@IeOwEf9*cW+lfX4H09^@3=V$A4>s
z#h+5+yMA$06vEb3;M4uYCm<EjCANq1BmTM{^@)!uaG+HvNE8#L$C|xO$9H0bqyYMs
zD^G$Ow(F%e0J^oKgT)oJ+;Dh&=z8KZsat>3Dm!j~lg6!eJe>zl4xr^%nQs13ixsUs
z*zNAv{jSQ|9GWgN!z!=QV48<T<KN61@ZeD-)FEt{-V?7CAidnOs(ovp1TRUBzZ#^C
z`#Vao_C^Hlhlf?$IBAtRtSbgOSPv=0c&`t(vk(z}LGn#a&xFy%1(>Cw?NR%6L2Gjg
z|0d$WJm%&8YcQrD!Q-Fm?!?MKGBAN3WUlmg&RdgtfzisIXXz7qSb@>e1%!y;eq-Py
z;P!6Q?bR#-GrY%cq$yp5z|p<{3uz>dB=H}!%km-yngmJpHWFi*iZ4wK73PxK`-5Iz
z1@LOCP`5OoRakzMO%bzjCT)a*w_fnig<;$pOSMlzxSk1of|wtCzRPL9yN9rW3~vv$
zE59yH`w0_rnI9_RlBmWS+&xSim)VjlM!PJa6K(=;bZTlx9()02d&h(q{()p^?<Y{|
zJ=iaNN1<d435~>b*(1C9Wb^L7f`swWUM!aOE!Amvvbc00!hZ`_GS@Fy8%?B(dRJr2
z?S`2H6f}Vd#|XagoffE8gi^V*CBJALW@=6GjEyqcmwX&aczFk3%3+8<UtA*${!D|h
zb+v{*r8BjTjZQoS04$k}LhsQ~7wR=vLFj!~+|_0$c1!WUS99*dBrOq38u&@#fOfiK
zQ5#HtyjTGpkNJA47@>!F`fl&)A*-IVK5sur$?f*HC%@5_xskH~;<PsLL|Zc^L@Z8L
z6ZCZW-5|JJK_eA4-JTaH^g9U(3JT_a{Gs|(REJkI3@ucaMk-`fcAcAtT{I4LI>b$F
zh5q!io{%1RI+(P3Lp5%ySAu3<#Q691`zw-RAO~V2mNXaD{UGdroI@G{6vTMnnUHd{
z6=OS$%X2rRz4^8cy~4iP_lXd^+NGsYAystUH2kDmQqa_r+Y1_CY;&ZFq9E7!O^CTo
zk-n>17T&(5Yufm+`0xfcT1KtWKkU{y5U~n5gCbEYI_uPju>QJ4b=Mw;gND&V&mD>9
zknWZYOq6kj<Sc6gH6xg2s$a@7PlkJ&&V2V^Cv_4|w2NNpSkb}>(E8Nx<7%urSQIXw
zTn1(bV$hBf41dzKC+lv?=I@|>)3s$233aW{x5o;hur<hbm5H=xZ4G`jl%{d#S>G54
zDxZ*NF#J`oK7GDA6eDTo*~-1WKTl0pW>=Al=^d3p$xu<qQx^Ubcw)^C!MLbL(o|L0
z;Pz*742J)V{>IT{*CQmnp(h1uGKP+{yv-aE5b@#vwAKv2(oWmULzmOlY!G#eLGKCw
z<y^`1;NgOt2Ny9RtDrz(q-nv2k=Lt|+~H7qQ)dhRGu&^x<}26rS8IF)AGN<(C_RM#
z->^R`2&W($VoIz+XWBtGh@cESx_nf*wiaVyhx~A+?uMf(jVM5FHHTo8ksjaZe9|V;
z^Qn&<Z#}QPq%J0_IMz!Sby(tVVQvg8Nv)BEuwmEbHe)&u8`^H2I2|~rxtjPU7VE&n
zSi|2FuM$ExKZu#20o@yXSp95&VEp?6Z6Xz!0Zf~k!!geyiz&O*O`L+FBwW+R|LPhr
zto1f+yS*cKSy+NxXk-Q3RM?2&W_m=vvL*RiBxnVpy)nQb_W>G{33_?8q_8RdC$-iF
zgZK-M)2EcGifw=E|JG26YRE=1!bkaZ>ccaxa9x05`1(d2o`VH8dn_~A8tg_i;sL(W
z#%Y|ihH`Kq!6=cB<1jqP`^7JsRYy85Np=4yjxHTp;R+AQ<%XMtJ!gpA=BOOAICpHS
zfP*fh%Tv$uS)D0!vA~3o6xV_IA)#lFN@qL;w!C8Z=^-on>CPv9Wc!OYKCHbxQv{^2
z>iI$BqQtnyunKAYl9Y`ET`;5!Uwr!vuH768Ee1wn5?uEA6I~j3et3AhzZMIh@x_^)
zzT1@D_cf9reJCi<M&?yZS^nk_l0QM(Wfm%Zol<4-*Sm-Qsn(p3Sxf3Bo$1)~R{DKq
zHOiQad-`RdBp3xD%YyC06Wd|fqJ%25Wrj6=f*c!MB~3Z0o-17}hSFu4Z2brgbzZ*Y
z+SOC(s^puxGn8As)OQm%b{53$NsdtqGy;U@U2S?EU8Bq4c|{eB`NTz~%E!ExMi^WR
z>h@V1>lH<*=)IrCQ7pgft@)%vKVl5{xCYepzWpU8wuzBB7VlT34WrGAvSmsS<-!*_
z;}ypO);*ICmTqk=ZEju8H^)M)V$iDD&=jyR!1&c5sF51jeUWHda;(`Zq$P+Oem0WE
zWV=JP8DY)m)NLfJu=ss*2z4Bw(|~hPPR27>tIygMGe>FJPtL6<?^V>Kr|%sOz?~%6
zP0Y%n=cDZt91trl=JFrZv!!TheJPbw8f%bAdQP;<7@QUMkXSTda+KIa8;)rO13@AZ
ziQ-K}r#J;DWk_9gV|c$TE_vJFkJonRIX~2)K~34e^#`0BqE5}aCCAIFFjx&Y%8S@4
z@<5@^TA)6+Tirav7ph@7$jhw{3?(_<bUvszG(4;BDpgQbnp6Gi)ooTjp3hO3vo#3N
zgLT-d*6-hRzQGr|f{jKFsEsAFqczl%NZQX2w!C3cTy8k|k{+6Vueh6wMM%H310P16
zr+?<zY%Q5@68;MWMJ`N!@rtqkEod8!yqLX3zmv<kuw~0Pxtr<+LruX$xjSGVeBe?%
z*LFlce}GreHPwQBo{Zj1%^UR<wlP3iLC52l2;qo9Wqe%_r2F0hfo$$Rmc{1S&7*3Z
z`V!F@Sd+ZKLw6S`-e@0JZqAczxT~z1VBaa3p<+`n;6bw*e?H?Y0aPll8?J@Pk9uvv
ze|>60WR5*;V;>Lj)ttWx$EO5@bp&v;C*fYpYJ{8eG_fF$*@DmmQRkSal3m9eR9A5_
zxtuYSz;DO9hKZHXw50anTwWskkTXhmIZ!1OV_CWmX56&!6@*lE@am!Z0C8{NSc#=0
zDva909PP6;xnCia&8iV3%^8*x$x-_~)`U6-Qmew;4@X>sJLmEdn-S+mTmsc5OvkKP
z7mcLi3xk1qX)n180$jIj@5D~2QX^i9l9sM$xDQ8{nY8{-GYyj^kP1D`ckV}n;}K^`
zHHO{S=am8MCJf`GMD#>?6D(jDir9fuRPIr!!Tx8hKR9l;zNrkWe|lLhZS>1Aa!6Zd
zEpR1O$36+eY-x)q<~66%Y^vT{1Hh4evFY=j?c&RcQ@7#ul2{m)Ok5yx*^MP9)>Iu$
zFE|4LQB#o%n>>q)MSoYEI+-l4{TbI36C%91R$+3820%BMa3#PS7IQT;Xx>NUt4TsZ
zu2}C*HP$_5k`rhi$NC%*N!4^RaBRT~6Q4D!wRB#FYGtca1msr#)PeK@RRoKh)RGIS
zz5-Qocmvk$nOAlR7gF;2>r2;L!)lK30K#u2(g7Y0y76&ulkkMt(SAy3&tBaIz+!Kl
zJ}*?>T8b>47=4_EERmWCLmM}S%-0}P+K*c5e;7=xkU!Yr^TA|ghEx!~0O;jc)MIMd
zj)e~O7FlVx;ea0zz3kD+M#5Yzaaav3296)=6UqFy8<;CgR3gpa;`AMnNZs$y*9SL?
zU05sR)Y=~=^NH*@GuUhZBy5>X3R%ajhg?G#3?}#GUB6>#WG9){-;O8daV4Q2op~<6
zjnDR@<%TT=&?k+oGE>KdzZoRSkQ<rUC7l^DY|yXc_&eN2>(?g4C1zE1=2X^~sO}RL
z^YevFDrPUjVwC){y=$M$`Vx!e?)1#oJXWWuX@AO^+D%ezq)GGq_Od?W?tsExquYDx
zQV%O5G<-T0Cg3=sdmL=XA+WHpEFSOdsip0?Ii46GjcLOp{o;=v5MZl6QW)CWv4h<m
zu?C#PyvK^ce?ea36%?;DcQEE>sFCf0e!TD7<57L=2)c`}!VM5<m|wjuZ=-}j>`pkL
z->SbGmZ{WCiD-UW9nv3g8!wRljwfB}1-IjT6+?8mDh3hR^88q@1LEPrb~&ETSdM46
zcd9`XRfW0~7YuehU61*#;-Kw_a3c3Pg2FK(u!2ElrJ+W95RZ}jpmbsS5~u&RZ*N4$
z0p(IMh3@vo!@oOWqP1N9tYf~^0blZ28!jF0D!LY0A<SB;(hVMdJ{PD9Fy%a%!R24U
z+<A#<;8awWYEo5;5dUFR^3moF5w*F=;l}Tfxj0zzG*_Ze@w$;kbxeyXb?fXQ=Yba3
z(nOgzg}$SGv2kLyKT$ddmG2Z@k*)9-bI6Jj`8_^X>Rd6wad-CjlsxYks^SFADJZI;
z|HEegNfIH_LX@`UE$ggrt62Y+?0;$Vw{a8>+to<t`MQQrY&JH|*Z?-WCvSqO3bFqp
z!sVgg@ctS0$_ZOztP1^BLnN=2EMpJ@Dl;aOvi^nNTqTS5q}Tg1N$FoyytWOrc`>g@
zVRf^n!p%Qk{cjTds^RC)XYqI1atWBSe>3*~XtxmY%aN@|(@GRr^j}hy*k8noYCafL
zU;j&yR!tOn;Zw^hY_gR9qW#r)!6L+U?o|pQl>b!*_}6mVmLh-RQc~QSMvM0q|4;lA
zaFsy3y}kXb!07eW`Y#QS!<dmFNANE3O(l)yzf_$gsim9})N~p1NaOEfRnrCYS}D0y
z^CyooY^bQL93VO>%8nPekRF?xyB(D(cl_^#%Z2o9RLPtqPiwf^suO=2^yLy<Irjo{
zg_PK`=qL%x8UTeC|Fu*uvN_aOk;2ulqB^Sot*1R31bRFduHb3+e{B`k-xXP2xEx=9
z-sIm!ivOv6m<jzv`TuR=KlaT~z7mg8NHs=!iqyf)20{1V1*4W2%AB#}lSi%Vl@Mzk
z{a_ZS{k4x$`Y#5YXEWZy!$5tx_DgW$$|C>x{r`A(8VchH(W-82PZmOTGZ*NNYk$_F
zms;%<rz(+69awEaTvr?)Q9MWRD#4)bLA;<WrXxZC4Chpqn33Byh|DVB{y@odPd7)K
zjufFb+R*C!%z3tUYz<!f^z9Zd&tAO&iy<{u3Zm%Ucyn-LG~kiTE5G?YGRctF`eL3i
zbJ7d=6=RUynraiThlOleN;yJ8QIra+#lYo^^hd<b>7fx8srE56rS<*5$G(3UMA#G6
zviX#3M_bVL-aCvQ-~KCIUg6&-B-aOml_fPYI_A3=Zt)ZL$)2TDsSsS+?3rwdVqadV
zxjAuDd$>*!f_IA2)aIz@O^~_{-OealSvu`abJsAh(dQr{E}AD4chn0xj%C*MIagXJ
zpGQ_lK~(CRK?y&;eVg&cM???2m;cIJdP+0zR1_ZoBD3TtFfx0uDYn~W6Om?N7TFrF
zv+nF3zG15)4JBTeBiqcAF17^av%jO$dr5n-b$tlR!q2p_0=r1AorqC|^nXib($E|*
z38&<wr_ttOg6B5VtqG#Zr|C`9HVGsN$Tiino`yQ`cP<SFmrxZN8rE%=tV(Lx;!Wk5
zL-a^DEh)AJj>6<xeD6UiA5DpBW>09%w-O=T-yJOPK@100OBtVIJq5$auRDIv?~h5#
zGVk18*|;KcE&U!=ExuH#rH=pW3ZIZ*_!FK4h%9pge}Uw^s_MZ~gPyg^0#1e{i8&Xw
zSYQmLf&S8KMi@G(YgbRaW8?sxl{v{!QqNriDpf`AR|++x&OQW)zW{Daek?wp`V?Zy
zR2<1?c(|eaC;=l>E3U4tsB90P=W|~e(yOH2WYU}O-I2ti3f^BJA$ylyNsO^L0sJ7%
z!TJ@X`_VQU!`0hC%^qL*m(x{|(HMd>_4z>0AroObOdC#PZbjQ!Bz>s*2w~q`78V>h
z@BG+xH}uA<OIU~7ZK?Hru%ayz_|O{AdK_R`Gay2{Y>hA5gIA_~W0#wf=GG1D?!Pn~
zYCLNLJQ#DCGj?o)_5%_$a+iQPUAVforqU8Qw<$=;^|TEHYTVqNEG!&_N$k6b*$Fp@
zC^jmClPk0t?~sJHb-dYf+dt$OS9xRBlk{q{EvYL^Z{C6sI!#%AYY`$2H|z6T9oYg3
zFhqNmviGv70<m2UTnF|%Dj5D9(sPkH)F6VmQH+}nN<+UoMD7O8Yx>eQ#xWF@_O9~9
zGl#8ON`)gj#2R}33jeT$WW!*mBz8f)a%q}hT9iN84YIXoZx7d)(ymV<>`w3hy`j49
zDYMrOeO)E_=5L1CIZVOS+bRp6FH|!l&E%YqE|4O~*7M1nVd^(Yti}!|qswZY)~{za
z)Udc`o87^N`tC2MQC}PfHb6MG7%%&Q={lh)J(|B0^v!d}jz@YoIhc0MCukc*fnybi
zbBOia2Mjs}M_3G?FnD9PC6RD~k1BKdN03>ydVhkUxnahejzKOw*SepkQum#_p^B}w
zV|}y~ks_)2obW&}bC)bSQ1=dpEgL3*d$)F5gik|rvM+C@75#$9<J!!-wK?^))T`C6
zR*U6_V|Y|yU|Y<<{6$c0B!m%r$QE<3?P1JaxTBaJUAOjw4kg;l(tI4v_xA)D7JifX
z4w`Ns*6Nyo{{((|elUU?TO`!z#Dw1Bl}jpFR>{{2+%nq?p(fN3NsodU7sJVpp{1}`
zAf(>2Q_5Y$+Kh2ig!f9%N8uXb@hyAZUB#ov?LllBwpzH!va+w=($7BY`+0IYGvI2K
zwH$|_iwIM&ND+FHiV@v%Z~Zxx1ib@*i1Jt1FHu-HxPzLY(RR@Yw1<S>$s)fiMb~;9
z5HspCPgo!5Z9C6xixJO%ipllPQwxvM{i<G)DeTap(im&5|ICdm9q%UvaS28nxsl7A
z1=Q@p5Fc#g3yVAR_tnLJa?RM?z}t3P@zmLJ7FNH9Ae?x5O1I~%`QB<>WbvhL4;iyr
ztM?;$-A>h@p1)tk;!iZO>kOyH=+j4&Jd0zCAzqSD0kZKeqUY6M2^38;!s74FFlB3W
zH;$1}gc$Qz>Z1+zt6FZ)Iz(sK+o2SCeS@BVjNFP$d{<pOqg-uC*}t=Pw3?D*y>I+K
zJEMQqx^_YRn6q{$M+GZ<&&m>R+BZdsR*{XyI9HMyR&7*Pi&QvB?K=>3Xe)JZFQ-*>
z+fPW%k?|Cw%qo#FvD`xZ4w3cN7>Gy30FayaaE0MsR-~1BhBldRl}{)3u`lNnev5^B
zIz0;>m$)v`3riCOD7uK18CW<FJeQp;ufELGSc&0Hkk5=}LaTC9z{eM)V!l&RWw_ci
z(#xw$p{~tN?B4m}lW<2aoa3Rhi3Fz^o0;tBZz<it^izg;hPn<e_^>=<laZPjOB8QX
zF!Qaki+M@YPwrCs)}Jr!uf)@Dc+Qd-&}1Ba2AUlTUELePc9~GKBQ`arS?c%_cc^*y
zrfgO1hdS$dLar*RZ-o^lrPWM?o#y|?M3X3A&zo>98+%2((}Y*%ZKp4+Rw>UH%2D#5
zp#r`6L$RuO7=UQRlP9781sTEO%zd3TiDo%yn_<#Ym>JS^`iVzs9iEk`q*{yXN%prw
z;qttG_=`^?=wuoGt3k0b3EdaIn#i_`nz^?@pOLWW=&wg3Gt!<{R3DB?smEHfLF)$$
zS1;qAHxiO=Lp;xbTiZv|g*gG9Ta(Bb`5G+TN|1~`2I<-9nTg7;_wbR4EfC{(Pp9(@
zpVX|bfIz9!<+WTADZ-&9H`&6L`SUjAni=EREa*kbBo$2!8Vs}i=60~iB7#5#yu*pA
zB0iCz+ouzB-e4=EE|{Cwu-DC1=w!th+BdkVBrPV62P1P_3ykxp#1$5P15;Z+a=s7x
zoC$l=`#D`6zOzctc{W9*l>eY#duA{ky9neTa~yVB08vl8AlfD@R)pU<Al#y=`8m81
zKMYFQy`$D>|K!*N4pmMm9*+&Snr)UG0E0{jq{rvcyrxE~+LXacV7auBY6{>V)3x#F
z7ChbC;WI5_I9_VKrhYDi2f1Yo>Ja2{aB(Wta>d|(typmtq72m1o(|p#Yw0l$kc@;4
z2B`<rE=(^c3aX~pPK{zF;^}lULO7%Uk>VsxFH6Ts;31i622-Fg9`pP2-Ee(3wZns=
ztv*d)38mos;#7+aYEi<f9bio}TShQD9UAsRFy+`F(FSO^SbqQJ^z;+)LR(}qo|Q{X
z*2vsCMU@k_u3;2M?m6LjB1aupg#JAA&HAGy%P+`9>-~l4D%%(IE<@EmF4t<aOGAr}
zTSuNkt}b=k6rml>8gBjV*&;C+9q1#o$%TWX1Qh?FP++rN^j~oi^((~;GVgk?ESodi
zZqds5B$K%o9>P6Oo&70Z0lr^l3rD7vpBWsE+!?VJ#oL)Z0(Uv9->DSgWY>HO-{l^a
zW<NQTb)O3lQ-0>?Z<kKb^QulgDlf_RcaIN;47g{woSozmS>XtyrU&+&L6Jg{%|Aic
zb0-ewBvLu)!X;t+Hx`!I&p2gq+tYRYJ|+AELV4fte2q}iAYF}a2vcr^-ma~Ky~W8O
z*2i7Yc*0;)&a&F~_#beD0gIwn!|dkJEj&2X>D6}6uXiZ$=kDCG@A{FCcTgU7=>!|&
zYuKyYAt!!YgLz?FPW|V*EEqnHicqE-6C|;lQ=dNFO37dZ`46|R$JZ5d8osTmqiiQy
zQg6Sj2ycdj`ZXEDPK8QlKKHe5qu+KusMcBCDdU*}TMyZwsHyq(AAQ>AXm$;{=a34=
zN`cPYS0wyAzH}S;p95-~KhT?hI@jx;{$GkUiT2gzUPn$%sG<3or$9G;IJjnJOl7On
z>*ZinUQJ$J|Nd^Cr?y7kyt25MBXDC)iPG&ve5v~DQ~S!Cd?x*HQkalSck!E3p3vn5
z1h=X}W-|5UUT~voK1ayFEa!66Un+AJwSL6TmD8zruqg4=(rZ1C8)dc^ZFrR@X5jMB
z-XoIwN*xBD=MCl<T`DM}7<|;|Iw8T`V^LPIV{_^}wr3#HNOrS+TfK8g6X2=gwUVw4
zSjDHSrud4_jSR92B)k2>tw<fi8_}glng{3&YR?&O9h)_|*D)n%BUW-kW;S!V5U<I#
zj4{Ugy|x{pXP=6vXH@hw&Gld!xxtywFHo#FdOOFNspZ6jRN(|MqXT~J)FMXFF?eJ~
zUdMf2Dmi&7rCv$l`eSgPaJ*QaarPwB!F7?*@ehge{w>?Idfd2c{Msp2KjReG?^$8C
z3JU*T{9^)lgS9{cEP0=Qr!xLI_+V}$yEUBkJ#%dkat72=ubguV4{oz>Db>xnU1e~C
zVyD$QNwg_hGgD+i;X;eadG#{!sfY~?4Kru=e_P8Mu~j<!4#Jf)^52B9s=zEyV0Awx
z2%pST!mqG<j!uT{j7q2ENMlD;|I;wX&jfZPRoH!UF5KAA{oL7^qkcD6zZ9k%VqJH&
zon7v<>2~TJKEHwxRT6$L)lLLjp<bIu%A8C*M$Q*S%<mvp=qZF%HThrt$HIOc?q~sG
z#E*_ye1W8#hwQ#=WU0-iHG<CM6QYGu$*(||cRMty^FR8JfN^)l57{A+_y5Yxw`rlx
zh0C=OF>F`TI&J23(?HtUB{l*?-J7fB9X}f`0w#W?hfpasb4(>IxYrlM$~o9C#bj96
zea(63bUm&MvtQ}^WQ%XNt}PGx4`*;SCiZjgNjY0!ufQUvIZ-_|hfWJwnJr?k#s5|C
z96F&2b+TB-60QqJ!Dr%k!Th1gk^;G9v4gH?_L(sS4dj}f+?;rm8-$FON9JWyh2g^H
zGi+7%KXsme$Mx;gpSkP#7KN+HMT(6A4GpKyq7RO%RBK3;l(mdXzE<3cdg9Au!=sf9
z^>OlR!p)^=u3_NMH{Ow{7pt;z9hx4H&-B6}N_&*i^JQVBTmOO8^3a)RU^sx;$?>^|
zV8<q29d;$<En&-w+dJ4`2OBhmg~xhg9q!Wu?|uRxjoNrnx`YCph~RIwk*`Cpzk6I;
zuge5T)H4ozfhLXTRKzaSr>8Cdxx&%Gj)H!*QrEQ=#`mkpObmBt;*_acds*c3a$!>M
zKl05;cjf51IR~B@xlNuoD6?v>+*35l4GNC45*Ho#aYb9L9JkAlX!{RzXbYf}jRk`~
z727eOmRq|rJsSwSpn|3!=(SUj<4&Cs$q#B7`omF{M1XBU!>%qpK_1#R5(^meaW1KY
zXExtin!~HKtf9kU6E<$UIPR|sDkSe#NsLL&YCU>*3(TDDs%dOWS}W*TM`1P(9LBYZ
zORSs|@NTO5^KbKN@SHEa7hozN6#r?gG`|xjp^6qXvOYkMRthYJF1Ijool~7sflC`j
zb98F|IG$fF`K*p_b*Y-2lTELR6Sg7kdI%`~HV3_R0LyPjtfD9E`y$|KEmQnNDL7g0
zVIo};H^<h;1M^dg^FTyw8PhH|6h5(<ynir<m=4^*NQ4@9*BUw&p-+qr$m2mXnLzqv
z@?OgGC;7)pV#j^%+%t07s<oox7*(}Xu~a2L;!%X84LQ)u^=f12r(v+T1w(tJFQ?Wh
zCC!MbSO6Vwi1VMpQhu-WWYh>pr*Ju@AHy>-lIB*T&O?SOWDQO|-zW(60)({dtS)z6
z1YwofZU>K=h22`N0zswxrFDw)YhTr^GEY4Do|;m`Y+|hKGsNFMNGR~H&X;^hb-17Q
z+yJi)lIa>STB)~9SiHgFI^H@9N*ZypHxG0JSUG&~xLG{c5jcHuj9#2P_jj-782Fr~
z5xW!K+)H5##qmO+&dR4o$CY8q9dSA;>^Rh=w4;V|1U^oB&Ma#;x4vyUD#zIh-_Lom
zh-r>QJx5WPR)KvbLCgRRDHEqDAIHTk%*_4xNyp_Y4m+a^oJytqoClVsc7K<2NXc<8
z%`4OdT|Ec=SeKd2y^=?d37~h|eh$%dif%D4vhSiz6)|u8xt`zTT7#>C@hlPDu<aj0
zk0(ra!PllPxUvWI8?dR3o}ixhjqDV!by0SJB9>2MEogaD9d#JYqgUp^t^eLHT>M9%
z=hx4~ON0K|KoBixz$hgETKgCDZ~-(G!{qXy+tv!&G&^*t6F@PaY*cP#BH){B5IlVE
zrl@K(p4=5)xA_r0W|isT@Ip}Z_aOu`VnrL$k_sS^gW6ZlZvqgyuy546D{m8KozGk6
z^AH`g>qUi8{zm0#Y%Z{SUY>gnGx$Z(0hvohn$(WMlNvSG4!_}di1kcu(L}|>)_L*l
zVL+lFn>u)CrX0d}E(YxRel>isrZ#j^`W*&_ba#tQn*nNKm%(!Jj2Z}_z(5OB#xb?o
zY8DPFA=O05iFj7g^RzzUbpZ~U8Hg9tAoRqWoLdZS(YsI**OHRDo{hUQG|i@!^Unx`
zUIKE1l2ZymkX0SKUPmxwMBdXQX7$x0;h}2Ftj@HJo1I~O$VLF?*V*$Wl#9D6(4SdV
z4TtXDQQe`d6t5|F*u1&loF=oW&i_SohUmvgWrJXh57U@0y5rX3qUz+#oNh=yxOI7n
zX5+h~1mgGPi6L4|Y6M4CX(z+wbbKZWO~DYYfEk3f?UT+Yw{W9+ku7;K8y{YmUFaoi
z_t^~lTK4>ukU2aN?#k9YfouWDH?C8WPpXyNmLCSJ;hCPC=B*0*HOc)U2O%ouql?A^
zq*6RCGMMEiU^dBj*3QxDmbmE$?CHVrV`FXI?F3mXq$i_PYw6Cb0AMtx<!Q{}Lhi6W
zbNHL%zEj3`?Amx9+IyGzc|y9{kl3sNCdn0Hq}h3*r!ebP9UYIRL?J{;OsWjw!}e9K
zbZObJQn7;s3=A2rJJio0hWye1GCL`sDjq$$dwGeX83M1s`DkcO2Hc>qdd#lgu&lsD
z5t?BMfg4n8E1EG%EWkd{^<eH)H(`Ua9+!1RWayMSUSZa1@nKcGYYh^4-V5h5u>s{=
zm`<6(q@tI28m9Yqx2*VY)gxEM;=PY3#2sf;u=^A~R51n@Di$&i&C%86b=gJ^(W<Pl
zD^)4FCKp9r8&T5NlojzdJmW9s=#@D8x-w1Ur8E@>oz(Gznqp1cEBRfRE^Uhhn&f&E
zB-^u*@p~i=DWo>IXQhd31{GK!;pnQYz^Vg-MiwdF5%7Sd#bnxvR!L^!z{N$-LGWDq
zn?~2m>{+vx`^|wB^vpEy<@eF0Ptqk#xkasCkd_gdty4#$FBzES`E04dTIE90mZRoR
zonRu0N7nfJ+3-``SQpf`X?ZCX8xk%VwzRI(Lj0^nF%zNh6?ZdS*MZY7qFI027`pJA
zA#vjuuzOO^+AiUq6ZS`*QYk()B(}Hn*4?FOhacyXKD3lPDm!O4ZHn+M-sK`m9xcB`
zCbN-qe7CM+i6|&{y>v%@Zt{$OP+466c1Ik@J7kJo=v#EYNI<AX+8s!qGZ4>Jz4Q_#
zvHJI5EZvk_{3%cIOmf&M?6Pfqpt0E?4vaY5FeqR*bY;y;;c#)mNv>MW!JD_Wx^#AY
zMZ0VAwTZ8*1X8}spe_vsLV6egrvr3{zG!K#dU_d&vyiW*lJ3P1&Jxv!9rxvuNno#?
z7U4%~2V?<d&mOA+dGttJv>1%?wHNV|rV1NImOVYw;5B{3yR<TJj58Cu>BNjITnv@;
zWU~GgwK$odP^>P~KAn&*90Js4*`Slju{j#q3{X5kF-;o1HL@&6;{0=jgmYEONn@!O
z)Fw-t<pFX!Rd+zsnb^fVUDZ^HU4(#+XxSSp<n=7$sQ8$T@}g$?$`@Zqh(_P)bF_u*
z`eC7$USv0LF<}yC`OHa@1Ijcj?`RvYkg>2iyh&xGRm9T*9)v{TlRUZ6hCGs%s7Kap
zOH6TrkGVy%6p77&>cZ(o(X;2xvV+BJXFypiFp}ukuf0(C$33;4=Fv6|#mdn@(#p3e
zii^)g_Y)$7Matr?D~gLwDx4NxtJKFSvz7LVc-)sB;Uxzn2ipjffveuP)9UW0h?7{5
z2G2tP-IDf}xT7Nqx0;QRUR$<FI2~k19RvNITY}NChxI<@oRrV1H^Eawd`3>XxbdL(
zq4yn(9WAie(y;_^`Z(_Q3Hbuq-uTq0Oh9aLrkU+m5i^6Yx8GkhJ00OHtn=t)>vtt#
z8%^8yn=2vI);%)%TT<WtE7Qkjhx=XH#nXk}fRA7E0q|3rVzDvUgJCe<{CuEssTxqu
zljiX_-nTdCb%Ko@l%tBfP-YC$1r~e?-@M>9s3Dn+kRaV;oIEJgza*Lwyq9Aa6c?M@
zdY;s*Gc_@wwDI5UsWCWS`YENK%~_t0-cRvQ+1V0^5*p#8W$+*6>Gcfj_BQK|rymfY
zwe4if?t`+X`qcCeu58vk4C4^G5nt8sS06#ru4Jb*v5Z9;M07xHw#l@?*{N<bhhqFl
zH4&88X*F+FcLY2Bd%i6jDZtcf@UcP5O$nzPv$$dAdfVv1_>s+<*^m%z82jj0Gn`Vk
zPYk!;kAQAsy~RZa_p4;Lj4>6fq`+#wPYAaS7lc4i1J&v++2h0$dq?3d++!}#4<4-q
z@u0aky7Mu{-|W+PrymKvb#ap7hZQ%CE4Bk-l<|#}mAmH`ibiIPaL`(#zgiFL)jAxe
zuFoK*-$n|ac#PROpB7J_m&3*u=1tT<nf8ZRwx1g|+-^i&yEB>lKJU0^2ZffNXS9pd
zjrhlEj9gDwxI+TDlhFZx>h+7jDeIBA6$HtpM^MK_*pOOamC7`Ro$(HqmW14l!?{cJ
z+dBjEALloyt;(AHZ4_Ltn9jhA&nu*h*fLw&sj2lBHX6jk2yE@J2rt@rqsya)B?>fB
zi|n`GJjvli7wlOSdQCT*AVbAP8$gc~bg_>fjIUio!H}TJ9&$0S2g4&jUxcl)yjoL;
zAA(2b^YejYL{UsN_zUW)%lr&P)v;^$=sN?b-}GwY?IBsV_59<mk?&>AVV2(QV!x-s
z2^;y1y2j6kJ9gYNu?)N)numNfjZcJoJYIvx>vfG*W;{>)<>6OZ%k7;P`<$F^xAD|r
z&ErQX;qL56iUYuPzKZAb1RXLv(G(z2k#f5m+fvUwqYM3$_0jvy&K4h2b~t3iI_(pN
zfrmTiol6S<RB}J;5KCiQ7F;zWWIP*VJtgqYKr($YN_hQI^KSd2hzTu?6e<eI#;4L^
z6KwN+&&#{XnL(`5(bQ~y;?3wl2!1lVUr(<lVdfLc@rJG5y#qxoN1nW^GrR=q<ciZ4
zye9W*o4VU)#{zMyJ1`WA8wHg4r`-*!)*&OC-mfE)D!InpeMrlCq{19q=%Ouh>zxVn
z6CAGXQba4;-3q5J-=~pbt+&0%>&YMi!EI~pkDf8;?EI09{{ouAeU_K!X}E46GiZtc
z^Yi`(--|ifnhCu99qeJc8r!Y&vYYqIn_p@Nxj&wj7}rC0aL*gj`{RgowjWva&3uya
zK3@KaA8Uc%yOtn-PT$!z;+?xQJyHy-e7hOA-uPOi*gI->f^U@!Jrw^9%4787(4juw
zmi6t?wHn2b7I2>r!OhoNXdQW|7dJ_Rm95WMd<WTeo;wU;yH9pGIY)sW8$^arD<%o9
zgn0vaB=2j)7FS8b{s2}syN$q>bIERXKeQTapWg}u500Z1ut$-<L~}=jr$;`|LvX>Q
z;jbC<pV`|+X_Q&M5~vB{MHel&biEb4ThM&@G4}>E@*N9go87d9ZA@?rFKhELueb-9
zpw28dOfa!NH=ZN04!NcEO{I%}6DBpf-Rp6;zR|=B;Rj}R<ij}5bxO~M>7fqCI_adc
zxzWo3F?>GAG0&w9hjG-%@6UiET9;-5Noii6JhGF}lDn^Vr)8)zvT%zxc7bsziV5T6
zIAvU!qJezBKje6avYL~QAG)XJ^t{I$%fxFW;wKo0Pl`}WB4$z3B#tT#XX?FSW!P_z
zINy)ubqBLKX-ezkd4!WqkMz@QG$j!g8~4N>bXX#fhBEA@wErw!AJBd}Q1MEW(LPUb
ztCw^Q!F6dnNb8QoKCgMW<+1ohCnNTFGkD~y03}yKL~?%CQN`gy(K<g&k(P}l#Yb0-
zC#64B@I>#*Y&q$JwBBsB#XN<V;#=IY*04OC3iR*%h*RkO0+CbQcRRIV@Mc0kT6%z)
zGdGH}7w4bpk5aQ59bUNAi_zmg7C)+Er;aw3$up@JnZ2kuB!Qhg8z(HeXj9djlN%es
zcP5txDbe^AI!0~7U7TeFpYF&kp0wcgUHj|D`nI06ga#iH<38JTHzb$4n|fj>s&z?O
z;cFfr@0+v<?M*ftx00iERjg=lcW&Oh`bEwY+~eyV{@;9=_grX98am%7B-#j))}utY
z)thJ%s-#j3PE#i%N{)<t^~q}nSGN^9!Y|b#T?HF0SEXB9mx)+Z;0`)^@=Di)AvYiW
z)=gxHt)?sqUa!20-Ec|LNnbJb$g2>~%BkoUcIP8&Zg|R}wnj$8boT|u_z*8QM)mlg
zLo$Sm?f9$*yrwTb4$5RXiVou1_=BA{NFg^o;b<hsurW8X9F(9?=%K=1SvyBle9DdE
zkar!-Ik)zY8uX2r-Eu|?(}mBdY?`$Z|5Vpd<{I}~ql$Kq3;Ep+vHM|+?a^p7nxhm1
zQ_+3g(<mc+pvCgz2)CZ=HlK6!g}~2@Hdp^{?mnB~2yy$<L!C1}yJ5{8_s4(O)S&YW
zP4@(VlkIb>LCml-h4p+REln_{=Nr?RvAMnSouV_VlH>c|-ZQQ~5CrG+>xlNpn>UKV
z(&qTK)mxoyisy546`y6Gl?$Fnc&J2ndzc%!$6Qeb!>r;YAW=c3JzmcC6YJnT=b%n3
z;Cf7N>~J2x^Uedp$yE93x~oQM`Ti@xlZ=_*C|kqcwyW+NV<wrAY$uF!+qcv#qhq%%
zmbb;?fKHRo{d2qI@JkajMI>62_uq#3LE^kvDq<hAEl=+Eh~9XwOa{y1H%_XzD;;_b
z9z*D`TN=^l+Y0dbOkt^eb`}7q0jAs7Pr!l!Eql*PX592U>7dQ_V~w5J^RgoKqpys>
zu{h-01B`7CciP*Al*jg-UFxa|xeubOm=4N7;tA$x?#{;3a0u@@`bOY(pAQJ5O2$wb
zs#ulo=)U7aX3phvH+b`cqnOsv<%4ZA!)`w~W&s@|qFa(Ral$CO_*+F;aiuf^PPL<C
z%Q*4L1x4#YTlU=v>U6{(%kKyEJ5_4oEhpo(DVGP=@@btBqEp<Cxcuw4cJ*(?4zFhn
zvn%zHPhD#sH&qvv-?d~#w87ZG?GBSq7WQqnMvn+-530qmu3T?kJL~-zv^qidW8=lm
z%i*<VJx0ZMRvAyR?l#w+$;<9&rv(L-ohlg^bk<4cl4Y1%nY9;D?R#GjlTwX;Qx!4{
z#ef)gfpjN8yQ58kFzE+p536VE9nXj8szM?Y3^B)vr}bOxoUL;a3bVTJnL=lZv5nEc
znjNbZj0DdiqQ8Gz8H11=V(mf(?1+~HgE4iztDEm+WO{xe+a`bH4|m_EZc&H0c6E7G
z5m<ecOBCT7%&iK%&zsRdJpL0$AFv0EJIt=8&`WVtuSRck<nj6ZvBB@v6I$vF?^P>h
z%O*6jGe-Ld2Ho^?y}tL0MebR<bI{X2+~F~X9lxNmaU2q_g4hBVda*9UC?Vmo1?9L;
zT6Jc_Ka5F|uszUKVdA-(ptx8SwUS47svv2zUKx)!QJfuI@_`EiBcc`hXF<I!gy12F
z2Ii^o#GD?W35jA_nxwt}O|~RN{n0`|)Wu<hQwc5h_lH_b5w0@u4kr6QJQ4e3>Av#N
z>R~h&4>E<;d_U*HNbnxu4AWC>WKqZTV<$V1d>|1_)YaHKaoOVS-Dzl+E`}^~qKfC|
zRLJXm+(;o@jYlZ+L<U2bpAIZ%53+wS#L!`)WgCid?Q07CZsJ$6!x^`qVO$xD^j)KO
zV8hxA14=<|_<|pQJmAb;!k0K~nWlsKj*-zwxTl(_JKVQhUtV^w<^6lg(7L?D(Bk-G
z-6V~|uvt^<j5<(=A#F0!wJ|3*2fDdCW<<DRMH4atv*O0K^<N~i;L+vjWY^R`V|l3e
z9_(|C0Q|Pv{s&{ALr3g##c;VR5=G^Y&Fb0`+b>FH@CL$h1Sz|UsHjR3e9f9W<~Qk!
zrACz;bV#^@jSGSO%^DmGQ>ZMzkedpoGG7c_FtEK46FJ_G4IL6!Z1`eu8_HNZ<dZUf
z_MxK1WO*_jq*HpjNMR*4V1L#kuXhcIl}j;ry2K7>c{forGq12&F;UGv(*?s=SDZ+?
z^OFpA+eGmV2Qe-i+=FOHRgEtI!sVp_mAe}t{y2c_olNCl@V7h@h`qs|n#<MISxE~T
z<-mNV%`psM8f{e4`z@yHPvX!7p2p<^O(Ha?jp-N`NJy5@>P*KiGT06JX*ZLLVCYVP
z#n~<}OSd7gkynL&u|DAxd!IKK<Pepyo?=S?wUU^3KVwt%att^rFo17w2G8Ph-~GPd
zi#&shgaKBTraVQZ9)yflDCr@B$jR+Ao-6Myf~&;qhoE&-WprsTwldC;{2>I%<Z7%I
zAbD1&deq>3VY)kfjKVAL#8Ec2rYdiu3mm6lrj%?PiQv;3U4L;pM<C89k&XeWUQh6&
z0i(hSJvIGaVyXcwCoD6bHh&g4z=6=S|NAe1FkEt^+@8wndDGnqfpM)w(r`Qd)>Kj`
z=8yDV=W?e%1%UWR;j=Wxk)Od*W_^Z@&8$HeTzbqhWv%o;%sH*I2Z~~9c0#aF_<}VX
zTwpg9UPlx@>vF63x;>srKtVKMNrqs&loClhsBquAE)pZ(L-Lf;XkWoW_O&+Ni-0%m
zoaO)*RaX4WUsyLNjN!Ogm_fSk{kzLKvf&2lH;t#CK<!Q1bLr4CNM_r7^QH=Ghf=wN
zF}I}#zf^zfB}C`gld0U^g?i;Kh^4>_XI$n)0RZ=tqaA*Ggs8^zS&USe+^zbW-b<5=
zF(wUGRWWf>h_zGboUl!sKJr{SuCD=eF&rS`oIgzcHJTJ}rSB%1^SkB4E}bw6_ST|p
zS*}wf|3OTzyIYig>D_|Ba3$<{VKsdY_E#I8`OH?4-mUfGRotTViB-Y;RX9zr`Sow7
zWL1Zsnm^>D3oITd-L}e-S&L4|WST5%@b|O843G2P7sjmFO<)+X$m*<5=n+SL?$Rc<
zOiraRssR9~dPmgYRzD%?n0!Zsu}>b32r}12T#kd?ZhsMzwD(lPvR41b&V1rGC$T&8
z7xmSgz(3)g30NUXSntcK^t7s3HtS$6uE>O&_pEBKD$Vu@3`1<}wN4B(g~F3IT^A-H
zPN0+Qe4XJO!F0&@v;Y5yd&f3Wf@Vu}w{6?qyKURHZQHhO+qP}nz1z0!o<1{k?tAVp
zn6FV8Sy?MrJWo|*tf*`19y)``S*p^pOTpOw_D{78nKOOWfzHWuLNKCoUK_+|SrBRN
z(!Eo+i3<L}-?Hs*Czzy1CKd%X!R%L0H7_r4?ihLA5n%B0a5H@04a{es-gu)S`)zfT
z5D#6i#i}$3Npd7Wjgt+3^!i3KgH~7-PPi$bdM(QzWUv_M!`*YzOF^!%OG4;lDgMuh
zvbglRs!u4yhtgE&f|h8Sw)I~H_1{RTGa&@TAGUY~PJQGBRANtRGajC2o^Lm1R0R#<
zdtoN|qnlN&mkdO{oAp3~?|i5D)KF=2n(?0QFjVU3HjO5{P2tY7oABHezT&kVob1dm
z+nHA$*BcqJJg^>(z)E;Ln0ahBsP-lHVY>5{dbi?bxlUUYNyTjXPFF*z*cAVhG<XjC
ztQpC*q5ayF__^JHL_Iy*i)hu7rF1qv^Ytm0K(m-zTt1^X2vZnhPS2?Vc1N@yMoAa)
zJAnotEVJ0mmG7APU>79LBN1g1<^9_gJ=;k2&*Ta(&qeC8;^_>oA%Jck5J3-)v*aFu
zjt|5$TH3jlBK1$xCJhTJF0qVRrua!%GW&sYBm*x8ysO1cQO}{U5+N1&^|x099DE*z
z(lE!7T$ue(MP<qQq*g&WN%!a)n>Gv_d!8(D6JfgGYi@`XmgD^9dQjEPpwkW<9zts>
zA+F6B(CXQX?u==(4iWAc|9rQ}3N1@}3=&Y=N1u412`DwP9^V)ST(=Y4qL!in#6mJ0
zK~B0dRq|Nw_Ou$=?P2c%V=L0+(S?;UvG&*Jb|<3s9VlIM!<OWjwhnP^JTbCWM2Tq2
zq&BM8-CE~Ni#u;82YzIRQbT=*L3Df*-;Yx9nKSWq4JZ#*Ru55*dAA{n`p35!e}Ua%
z>9kEQ%@O$YKe+QMp16r8OS0KjT95FA$i%RprBT+?)Ghnq>?w2{?Qet^78(J^No2+p
zj?w+P?|!k50D)FP`{#%LC*M*HSb}A)a6^OAO=dOG3^{MR7gy9JVg#o%0loPmB`AdP
zkFJTSwhxf=$Er24Z8mF~;|b3SI*Z?uuT6wXs`Az>lWC>;e-ml005AkgL5Jt4n-a8z
zO$b^Lg#IErQ#heLc4}1Ah>S%XN4oYHkx63r!zoYj$nM{iw0ETk+aE=`ScF$KLD65F
z{pC@{jOV}?(tK!zOm%#UvMz60kJGxa$k5X0z})N9+UpuAn<N<uF7YhlQ<_gkRnMR%
zl0U)VdTRrE@Ae$(SH`wA_Ja#YPMlAS4YyX|aK7MCiyz~UWMe{|gc1P#Gu@S+*uP46
z$5gG9$VRhrjFaC+ucpPUDY|4M;f#Fpn=^@MZNvy|(HUt5<pPt|pSZ=uTv(xdIHOH#
zcg8xtlXruJh)>Qnh21|WM!PX6P53ezb9qN#NW+|v{EH?!!(p55jsf#J@~RkLmlL({
z=M#qm=^!c8dfK7|*M*pk1zV9(lS7b2#C@LAW09aD@zsf&3f42AzkW1wwehvF+W_|A
z@L1jVSfjq2>B=|Jl()>>g@yI>ypD33On3Y8z9wNgA~<PTNq&*5j6?6_uST!#(Zl?D
zEx8Q1p`8<x_Gb)<&wZ&(*A*7!P`Ro}{~A<$6&s(A4@oiefUGfHRas>bp_o|0l+nzR
z+J#VvLOFEy?!n%gpRb*63GX-8V3F1Wnx;TMDht(2o;VX_`#_Ok(Z4JSVA+&w#Lt8n
zDykqq%bSu|OP;gIVWYcq*Gn__2#>`-UQOH7GygIKt+cgU;LEe8bj*%aCBH`w|7cz+
z@}5-FGK$&M*X8u`DU@?m2d5s&QF#lmkYrV%a9c(M7gg`@r^u-ZN)ZEuI86;h6dkf6
z5E6^3stBZ4mpyq0n@vVes<!4%4S)_D343Ift$*yH9*q*cnBFbKLj9wt8mNq9ljVFD
z!-HY(j!m&LD5k=1&&xvtbKxYCF$ObYHiS9KA0V%!5Nf6sVwwZP^JJVk`WR0f(OlUa
zDe^YArs5Mzy!2mG!CFMcUP1-;(V<yu@7$M{lMs;yO&^B8r0{VGZchR~xOHtnJI9Bj
zH6jsH*9Uu-vFM{GOD_1dNdn!-of9)}bnq0#rZ^y{p(+-8kC(KLrfU0JOgx1Km%bY&
zI?Il_LlyIlgW+Kak!$nizv&I|m^&9}L%?AEx6T|x@bEP%W`Wh3<jcXnrslyuQ9RVl
zGt%;qWRc-ponrV=g(eZcXfTW3tikiZd`(LFx2O?iV5d3ypb0H=#h3C$@$a|&umY*6
zHG+7v74u?0m@F2%(sR^Vi({kEvn*qpxgC9YNNdi({rNFOaEOeyc+ZmlQ#cQm@%+f6
z#haB~oG_}4&we4=@MEb>LeDCN_nq|QTDpVRWY&SJ(QKpO$3$7HE18_s_&T;ku%l?6
z1bAdgvc*NRTZz&_MdmAys+P2oe{jqB4SN0h-_bs3Wa`$=u1Y5BB?@;mi^6|&_DnbX
zWvLe(jR`E&IaK$Yolt}6z+9o8XiF`#1Y4B%V=Fl0R-5)|owlb7S-CW1@mYMb9HMVX
z3f;k%o6S?2bP%yU4O|+Y>6pgH2LwR*Rp<%LA_fv0zw+8}gMFlGVRiat81W$zP&uM+
ze3HzTc&!8KnK6dN*0G3&eQ4NU85DV?loMx5gRB%it1}FKQS=s>^ZxI_t8qtF9+ZJv
zu1(bU;uh1lH4W)J^+W)f`(PFZZl#&#B{$}o`~ys6>LxLT2R#(=6^S@zyuK4veFI`7
zKp{O(Q(A=0ivjqR0GT1q5yI^bwF&5#%;jh`GoZEc3Dq%PsDoC6>+Ms4z1vGXzu1TX
z43Vol###609du%U9dZ013B$k5j=;dTo*<#ny=x^gvpo}3TaK`CUC`<)`=8nEU+JB@
zmG@^aRh^Ss%C@JdJRh=WEQw2DNxFeY=XmPoW>ThuqRqs#G;{Z;kfBsT{qS~YSVY9*
z_D2I0mGR3*FVx?^BGOFp7gG<XG@UmyoDZ4zIqWA>7)8l;h)-s{@dN9)UnW05)`_|z
zM|GyV=y<R{ITLyoK$9aLO~^&~<gDPwE<Is3o>=3Zp#38gK_zX4Yzk_@BmWu^Mt=p=
ze~zwcwY3o%)<_d>HQNu+BLWP}P@_b=HfXY{)T2o#j|Ij({z+nDX2@S9Q?$K;={Y=U
zRPAJgO5!20RYb~ZR30H)Yc)PAP4GTre3cn7W8EH*>I#8)5HdKRlk!-BoiLZ1?H>aM
zZUQ_zhn_XsLz9E_Z1NvNE2oi6CdYh|W@NzPh*;<&onw<Quil6)fvX9F9F&y2*b$xq
zW1IUu*^UeQxZ|KG;=rtsXkvVQVpc*$YmuAUZF2-H>)Hfz*ujFvVnF)R5Dr|Z?wusF
z_UYpXR~{M}%~chMVTb!)50}|_;99QE244LUb=y!3{HNh>VSy-Rm9@)qX6r^l2B2$m
zkVpT>?-!0Kvw*HWOh4hm!7O4dJ(8`b9pSuZ+y1b)Gz@iDU8{d`9A3x5)L;7eH)h#v
zj>QnsVC$TI?v@nx8eO6~9e|)&)Lf?aw|1Isi14jxL=p1=Ii-kRcU38NfttJwlLv2m
zQ@ddOj(fsER_|?n&+c*~C_y(-4w)6paG>mNZ=cNFmceHWH9FOGJ0!4>H&3?&&8mDI
z`*?KAR6)AU5T=GdjOh(s6c$u3G7+e$0hxFaTGR8vJFJCAiuyemQbEf|K62~#+~l#;
z3q;u)*U#F32@pm4?|~Lt<p)M@jiIMmG5aC70(slyC>&oD7ZUC=nc22%ptL1Pm169!
znh31K44IgCVvr;D#=D`_xJzG&wNqIs=-N;djLXu3@F}m*dCy-pPBnY7ReEC6q`d18
z@zY8+FMXn@uiEkw@P9Z5>%?dHF`d8*M%Q6uA&AJS#fCrQOae@K`o0Vc6Uw(qCB8`J
zq9yD~OeZ+fvcZByI3FG~2mZ=>NAKTtSBv?vb$Yx^PS=Min1zxR>;A^I*dormd{geu
znEM@GB-=T;e#BzpG5cueoy6wpOOJn6C3Ma~ug{MKMBb+Y9J?Rm50NIR{>82{D<3IQ
zUR7BLQ^?}?Oso3)OI#cA#+pbdBrHAPCYYQ%l;}{4y{&#nI7j}(gqe~+_>IruwR*qO
z05!k}RE5K-YAd&0gvdRf?52jq6WH-w`+nkb4QIPo-1fJft@rBpzuNA4U9?6S3Y}b5
z(;jq$edzO#Qyh0(?5-QwXeB41Sof{Zw&?F^E_j#uu}lqSevs)Ibls>|q88Ha@53hQ
z@(i-#eMWe``VWM|&HGvnHRzeXW)TQECuvc5dnWM2$&W#t#+Lff^moxG+I{U@$XlXE
znEQId%Wfj~LzU(1%Alx+0M@Uv5%h&tYEmm7!ltOTQ~!bU9MkhGsTfYP9p#RqB@jzv
ziIv+P{dy3rk2^|w&meFEz;%DO*@QO>jx%=E^AhreAS#s!)^6lRH2)5Zg7KTAzL<0M
zLf1LA9Uzkl3bgt&;$kA}i{l12y32Ecz(EY}-*W=5fPLne(uN}X%oE5NN-fems;d7F
z%y;nOg(q}WXIiM70P<^OD|~fzIJ>*DiUWfzm3sKq`09vJh%3ssmjkjj79tQyTFRA6
zH5iL5#DMLBWV{A+C%tXYAMAF08p!^m&=P^65Kiad&k-w~oAgMN`&BV(3m)&4*Hu-*
zBgMtppre-MXSUHiLve3-D%v6MH<0X&6f@)??EC@U^}KBTkZ6YmDyjAZfzG!PLC-F1
zy*$#0e!){<8pcbKJ*CI(>AYP7Zcsl?M8FK8Q;!6@Q_oGi7i^s~dPM1tZuFYx$?lGb
zDc#CHa$JPOVzN1maxb`NpB_kEpY0iCOvTn;CS0d;!+#YkdmkuqJ@RAJ;9<p%Z?4qR
zM~ytq@<ffA4D%H`4m!(j#vU1t>bn%D5Mse|I}j7@m$szFgG77oDih1TajxK2itJM#
z(7()dG>)7Cxenv!kf!EbIEuKdPtCly`VPKRjP8Y_#O}qEzwGv$kZ)q_m({mp(e|(f
z=@V<*j=BDXh8}YVi~eL!^Q?rLymH>H->Z$?!{ts$s&par`gAmVPi6j-yZ#{a`Sf5L
z3F_=y8I2;13U+%ek?Z2W+ty2qOl2Xln=cyKX5}4d7%rCUX^HTLLw_3(nR@+@NTM4G
z**Gvnu%;?%B1Vtk-0sGs-Tu+-;yMG!KnXk*b))3r$pSa_p`dhb88s1&%mVQ9Wv~L|
z3N_GsBz=X26*2Q8c3MQf;)Rf<r5*07PqZK0SuUf8?oSHE9a40S3T~hQ{P8(<)N<TV
z<I<4OckKJ)_8!H@#yo{Mdo9(u{VTXb6QOOxA&>11Z`JWYgtPZIJvfg|$16TKYQ-J+
zi0$$>-RVl?L>Po;xpnDkWdvXW8BH&JRO8H+xoSKwOM4`&<nSx9O);D=c!q-sxwsu#
zXisD11hpxz%$M~|b8KR|_=BKW(w9Rz0$g6F(jylVJ%r<kJ8-p#`rFd(w_vx?#4zj)
z?e%0+u4{}zVjTVpuImeqChje>@q7%dy?!?PDfq5*zxM&&EbmcJ{Ujjau_~S^bO+@W
z-EiU$XGldIV<HwvsgNk6k0~E|v&_OpgMqkav1mpKj6AeAUH?C5?@KB7Zl?ZkmjqyX
z=4GQT&u!bE;}<W=%Ca&#w)v19ti+lelVFRC<RY?SdigKO&dzRXAaDEb>ct9qorz`A
z-bBn83OF`4xdQ=|;3)eX%!+%tntWob6Om?4!xA}8!gO9EB|*wxF`G@kM!h=`&j&-`
zO#F75_bQ(ae<~<3Gvv0!JC2xrI0vHZ$eCtaXK6ybCI(|+bj<WQM@`LZb5sdOa3Skv
zSqoS5LzQ8wlyNrnj8jECu_Z>Ub>(uDprGzwFp`7uIoYD7vXBf0b5oe<Fsjap^gDy7
z=DnKCE{?Iw<hqh@`TSD%U*;i>M;(g%5RmuIG~DgYFBA!5NF&HxyF^hgA?Ql1KPl^q
zDrOXApNbh36}=6tM0r(6o=NTGL<RuB8H2uSs4aTw4<-wEqfEyv?J%ZmYAynaL?jx6
za6&qkNGs{%ctHs6*!5+7m>NEh$+hJa&bFFW=GPRf*QC=|B;hi_G3SMpAi;diYP1h1
z&6y7TTg>l7jODazViHuEud%Dxgal(NKgAN&rEjnAv1q8|*?RUuU!PYM7-rEMBx;qi
z+~g;e{6e+GuJc>BWa4QjM`xz$V8T9y97*F*sk@$%74=d6jIl1xI~x`oZnLaGSWZGO
z+EGfZZSHQSXGuhcDoZbkh9u{8eMdo2T?iPR9h01CV^eWLbZNA{;qF)`R9dFbiOK4$
zADioFM>f7pU7(oA^3AkcEhHhs=(*D2fjmkmZV$$^Wr54iE2q-?z%;~Zo>v-TlYp5n
zkz1gjt*TGZ_zN>AG*^_}i7*LwY#{&8%yxSjx0u26-20xPp|mQ7*)g+ZEG2F|#wKsQ
zxvZ?A1#<>X?a|jClK}^o(Sp2yZf3Fu<g>bMT5Kl~)m>C~JbP#~I*qb)w-PT5q`9;Z
zgAKjjIQkbSggQ)Q13z>^`5k6d&eVR!%UI}Q;+!RIp~}p1lAg%hc9UOocFU1@j;;ie
z+X0;{%zCzk@qN!OD<xHhF$d*<x;|E2E|4M`YEmVpRRR(O`+b^;vhp9PNG|#KsAPTs
z=cED2aJu1-<!)Pfm0Y8*I7wshgd&6r*z_eEW=-0W4DOXa!&rAw1SXc{I9P=s(Xu*N
zN_R(=Bf9HOO9RRjvWwlFeGy&;W-{~A+&r|oAeeYLZ!3$XI!nm59!Alt^HvB_vnksv
z<VbIE-&$tLUI@gzT`FH4H#GMYLCgZSK<JB#Gem?%QJU<drT#4wyR_NyQi^>V`bR>-
zsyh0?xif0pB&92}<ab!J1^IeLkx?ODZX}+P(^Rctsp_J%fPtk=|J{YPZIz;Mv%iV&
zvn>?)3QluX_SJ^GuJ9mkmFDoDR<Pu@r}Fv7{e<;wAC2pnx<s}(enD*%35yL;?~g9S
zetHSV>TVLLqBJ9AX!HJhLj%ca0=ywT-Rg>ktn1lFa>o+Vz^ybm>zT%wB|R6FNau=U
zQoL>q@7FB!pX!H)%G;+DK};`Myy8gl+7LB;juVa>#UA97@8(CY6*~gXpEy*q=ITq<
z1-69zG{D7l@pmDIX^4E;DNpY;JhO$yJuoG;Y*z8krxrW1UBl7lvDC{Lv^2oe$Yxjc
zFD3Wf{e6QFrG2fU^M9Ar-aC~b<xocVqcoJ-F)uvRg7M~fn=i5P+ARP-^;SQrzSWiE
zqUW9QZi6NyHt89D`kNE$(^M~LDmvPB;9#jd{;n;Vj-5163K!tB;j0Fl(FgQ`_gX)A
zQqvg{S+CbFRGaG|3m!8(m>Jv!q4;<G?ro9|eMsf1NM_3_dqbUHcP;-!)9B6rj)bTy
z2Au_$J23iaxFGkIydQ+OmJY-!xA~bG(^j1(>mKe9iE$(8g|kPYq41gBLWwWTQ@av7
z`cJ?M+Dq8b?RkB=^#99HBX9j)aiGd$zY(#8{6w24w;<=Lrm-GrJcIe$5f!jRuKy`O
z;iIf$h!ss>=#2q1G48f|t~|a=NJ)J{p~U{mPIX(5*uIfWBqY8}S4dQ@`HCKO2s!vy
z45Ka6R?K(kI~G!2A^S*6pED$C2wz3bVc#@K`ZegOAD=)-oX*2LA>F>zcE2#~W&y5W
zr&}p3L8G4oeLj5YGI$+>yP0O+{olpLt#3YHLT%z9k#oLy1TpXYGPLD{AG9^rDY>0W
z!pu=*;jvFfCdNn`UB|buON5K5qfJ@ctwFYO2-F*&SrJW8LYoLYJTNc-KOcOX1o$Uz
z^wQRn$kw?f{|`x_|5t#RI6s@Jf?-qgaVz%qb|PVsWJ3Zo2`P%S8^DqfOhM(8TrxQq
z4O`mgub}76H>Gqi6q-kCq>GkGyUJYlcmAZRHktpPA0F6)7$2m&3q3k1DZFt2c;Svd
zeu;yGQHGx#XSO)nt?98pS0Kr$CWn|$yNa};(Jz5if+P0E!Lld_e_33s3lcEE4<8>K
z95A5ohEPtDAnaNOEt@#>8rUMc$TyXPc@a)>LE=e|xvQwPgRZtt(nB&n{r`;rFSk!x
z1Tkwf!?XaF5x)*Qr1hh!UV0gn)+F455=joKH-{2QT0otdg@`VY|H9&bL$Vt|BsXB~
z%8M##>ObbD5Q2PiM#w!#s~=tTsz~l^{px=-ZrV;`Ft~j~5e#4CgT``4^xv+0@TbK1
z*{!X$Ey*QJKq|@FukLQyy}e1b3+cWJ><i^2ixT=aG>(V?OU9s74QT&o1K@#cKmmuH
zE@@2oG;X0sD#;=6$}7v8g|+|3k`fT%1C~gJ$r+IT+XvXcGTaZosHS8E)fweKMo9@i
zaD`Ol(lM$3;9o-uC=l0?p`p2?{2wC?IRJr}wn7#m<9`<4mH`gVe{Nx6EwB1Nj77jf
z_|D??5mW!0F8>E23qpM0|96W_vtYt(YHrq+cK-i8yCb}u1s1~MrbmqJ&kL`LK*+>B
zDbtv-nT16_bMup}ibjj^B&wjh`<tx}aS!tUhZz9>t_9I=*Xw9MzdvP46}Xi;T3XQR
z=H})6<x0<P{;zWX0qqy`WWORa21dpYY5oZ%h6`p^R^93-q3-`|)h`9&{fLRg1D0$_
z6uWh3y^4Gy<6i$qG}K4{f(Gt&J)w3!&qRu8{cmRfUxM?^{zARXh;~>09|D5|o{;=v
z{XmF__8S8Kcc35s9OLiyJxvLFQT$hA{C9x3L;UVvSJ)89e_Q_R!lTqLCAb|Ca{m)a
ze)x7ezntKpCA9bdpSR*hf)7xd)fy`OpZ-~?zdZYYyVR1C?t)gGIfcOU21INbR?#1Q
zfI4Po|4%Jv^RdCZN6;qqGI;D`z)45#7gJxGIiPhaY%%k|?ukEv0A<T-gcK`KE50u3
zH6b6(%mu>PfjHu%;L%UPkqd|>Xo|MhEU=~LdNoe`e0h+lXb&5``|B;FO%;vNPcRUx
zg<V>pij-u)!5q5mhPw{-?Q`@yD}S`LYvSb(|M0T?)6~++eeFIneUq`1u~4>?f$R-q
zFDFGJCtI*%>%@e_BJo115ss<^h;Wqg>23Afcl||nPCV}gN`V^2tb&|L20J@BAevIE
ziXvZpC-#N6vH#%<IZio!VE7*Z>~jiR;{wAIft8ke2<ZtrTdri>eo#d<xv+}~d(#M3
z`7XjCEE-v6q_18}g}h?5aPtbF&bLGwBk#ZR0ax$B&?*zK6z|ojTQwjJ4L_uIAGcR2
z{)*<DH}kaIfH(GU5g+Y`9;urr4kpXWxOiK@8+<ag%rbfPn!uQX+|1JKdaKm48MGAY
z$<>899iG`gC{~9WN-9hR;<g~JCn8K})&pQS=?5{XCH>c40mvUgBHEz^4vMcqZ2b)`
zv?^bDA>O&bWj?j|&L(eEQ#0Lv*i@r4E9Dfnqg2|NwYGc%-7Rr4Bw6+bU#9IhwyM`!
zRbio8ecH}ifyucatjm~MYD0P7(k<kLeWDS0X+L^<yl00Gqh^cgd(D+GFmVF(&afc_
zn=!lsvh#MGw?+&ksWG8g^!GN7-F9J6K(i#{64Fjm3z`~oyuX|r9%KDW3qh)AB?wJ1
zitejvf<-U_HD^e~<Zo@uYK3*mv3saGgR>m_`k!8%-&8)`6kzaf{y;zF1b~<RAn->#
zSsQsfN*<21G#u`?Wr`2aK?*9i*V}TqQ|Q|kw!PLncAWX_aC$?nXHdk&n*y@ximqv-
z|GXK$dXu2_z5@YwJPq>3&FbDO3R2?D4U@CoElQ?&A4IqL|JWS%s{g2k!Lgj=B^M{$
z^%GaBh03DZ^gScXNcFZBMT3m(d|`aEn{t%sa00DPdmu%+m=qqm9+Fkc_HR4$9z?sk
zp!>=SFXBlwyce#GetthZ&qyZh;892^l3U1p2aV$X)^d<MnN=JB?WH=ab$y~&e9Mib
zo{n}%lr^sG51*_a2&JQTWNfKDd^vc%YcouA@(RrQ3R;sgxcmf}rm5;g;!>l1eB@mB
zfi-Y=QtQ00dSKHo=arXQ&OD@7nV_k7bz<w%a7Ro$XnD@-UQEcR-VuG@okC($R0tMw
zU}&n=4z}`^XuW%CJMGbYgEfq38DYPo*h(0NQs|n`ymE`HbmL6w_+q=xqy=6SyPt+!
z*dJ_SxaqsIEKokZ78-VqGT6&duyvu<cDJCkM^l^87wxX%G0dB}Q-3!b;iUMy@!*Cn
z4ytIBf6)?KoZZ8I2a)Bd1xi^%Wz1G7O5!{UPu}h~Qr0~fz1`$q%uc-+e3y_2sn&u1
zxEpgPJp2vPow6Nn?oR1TpGenHMwlLNR(qO8?5d~6w8irR3uMz4H)*eO#*)|Zg%&lY
zp&O&tyG`>q)nN*39=Lp|JgN?aXSjFida35V_L;|a?O_87_vYGLs|@=B33kSgNpC&R
zKUtU8xcWI7AHa!`XWc)T{R35lDoxv7bO&ZxW*2C982x&>_<XN@hl(*ukmjMdpS;+E
z7QUm06mmL$ht8t}Dw$r@8FFCoaE~2oiRTTzx`hhIYLRU`ymJu$bIq@#iv`^F(f3XG
zz<G1D;t!5_8R>fPN7B+l_jE$8q?tc66>>)A<g2-D*8!fc)P&=dw5u6jPAwzb_^S=O
z71{m!3D~0<UpZ?d;2l*~>t+86{Yno`^FB$*D*ix(sBHyfbRmX+MI>73O~b2h2>I^d
zfIco!X1rus?Q=ola(9TlI0#};PUSd2&(xyMqEWufl>E3?K7zfLCpbKw=C*FvLxD7O
zQwjh}GXwPKctkZaBv7rl030llanGP0QnIy`_6v0L8T2?RoIlP3sipQ4(YA_)Wm^=_
zjR?1g7j_2YqR#j(RxMZGA4y%8z-#+LEl({91uL<RQyT{Ta_^86-ciR57->C<_bd9R
z!p>^a!%C+M`eKnfF5`)0p!Nsud!84Evscr9xpP6@<~BgH&yDMK940Kk?w_~6Mr6l=
z_UrjEYke?{`cs$UX&Wb<^8z2RYE2&&Z51CVGj;WQe%jX|wv@~t3OMZ11!m^cn>&)8
ztpYypLg@Hao-p&p5qyQjsN|cT$OAIu-{jgbxU`gCpgY_9>w2Lq9(T%uRQm1%h{~n8
zpm{X3Kaovev*IX`OfOcgw|)%BY?N?bAqn!5k@at;qX>|7s*@7b#%fSC_Y?O6vLc_Q
zjlk(tXsY7|G|GvmdnI)lyYGD(M6C8{<T6t*pW+RLmRBX_bhM;y>uSF3fKCQiD%c<Z
zNyW!3BJ&3q;_3Wot=)jtC0SGdhX)RLSV&;;G8jqnX7K*gq6jUmkJ;hx$ksR4apPyH
zBDDkTRbR*K&R`EQ6jj<S$N-pdLB||i|N88my#r(m4oh%)F?9&{C(7~Y#$e;sAC~W1
z#-1-9+Iw?&7J7)`&DETNB03Z;PMnGiO8L}I9NGpi*5A0w(RMhUcqtI?gv;c3_}EBo
zbN2(XV(96I<E<S?;7$TXk?{MvXf`d7Z+#TK)Nlp|v#hS;bjN?!_QbnpP!IE^o)*vn
zan=G=1tyc}yX+h>+&zQL_9&$k=U-TFy?b?Szskk%ig){xPGfQW<24bZx2$=yzeW$m
z<rBHo1C-Yk#%H95Y@&q+&RH{}>+$J{U7k<AIR_?KlNs**0JNLd9O;~3=y#*K_S-ea
z21B|Rh}3XEI(C=i-87qayrO0Q1I~A7f|{(1-61q_m5uB1X!=yO9#xmtM!@h&W@%N0
z2rbcmHnTD6>$3@7BkYmdvhHyBroQ_kjn<hzjD%UlbE3{LliSAEgK1MbM(>I-*I~1W
zF!5`9ej4IS6h>5Wlr71)y1#Yu*}zj9zvg3u8vV+l<EMWJ`#6QA&NUB;-;i?J(OAs&
zK6Fz6;Hy5j-e{P?tD`td`KZYfd?e}wZ?NdQ=eC(bXrzT%?X#A|G?_MTnxb-&|19Sw
z+Hs*OHMeibjMYuTQNfVsK9*$f;Ao-Ee&E`)cj#RkV@y&b5GK@@Uu*!oWmv53F2>;;
zDwgU4JajU-4#Sz(Bt%}7P;#VTW2KMI7!`DAT&~p+gy+i%s-gXmzA1Wu`(`H$;rflO
zsUAMv!gi|2?^L2!8Y8{8w+ut)jvk$5saKoNYSAI*$n9eY7(x*V{zf-?saagDbrBM2
zJA3^3?{LkJO@NOb_GS{u*sC$Z_M37B8oMD@0Nq=CsGYSFQAA>6y}2j>Aa;tq4ZSE<
zr%12+tp0OQkKOD>U~_I)WRW0ho9jC(c={XFb;cC?mZ}C1tAKWT#8Yi|AQ4!#-M+sq
z0^7IC6y^q)ceCd0vt?!UgIcB!aE-4GO$`Pru<Z9lnpsSua#g>k?wNkchESs$)H!yk
zUjL#Xg0{%j(@w9bLOUkrbLZH+BE99eozSY)kmQeQ`25YRpjRG}(%-)EXwkZh55OR<
zv#4aebb}Eb!TC{gFwfNQDB)~F9n^sKTHfez8nSv%LyU7||2CHluqlS$J{>=meWx$S
z`h0QF#+C_js^)&H(+3F4>M}hO7H|d+4M%ECL4X{&ZlodeZl{@<^lOA5nkuP8)K_fT
ze`5?B-<jQBFW$nM=}^9#v|qJrTDvvkCTN=lZKB~qU>r{Lc)0V`|0X}8*#$($V~Q5k
zK(qfd0he3!>7j%eeZdxf7~`zRFZ*J}rEykM)%UBShf@b@tb4$M*|*J&;>lsDW8}`h
zQIF<Rc2GVi#g;YqAFukT+hu_ri^{EIJNpY;ULmLB0O*;ZP4Cn%6m&m|vC%lUzK)gx
zKmdLz$v><VJkAOyq!&cQbyP^VLW+&BtfaP@oR?5J8C<DI?{xY`OitMb3QQFC7L5K7
zY3ftF_VY%Fy%<dRxsHHNODSYOW7E~u#><n92~Jii6B;d|bc8*WQ>;tG=>t#_WM?ed
z96zyx(lGU;_A!Zj3c3@FCHOc;YCDooG+xKz?5Fz;khPW!(b$Q*JD3=tz71MMJ2BEy
z#1#a4U&I#=eqv~n=B5q!tLS0t>V*vkk-l}N91fQT({s6rM(5tbRvG53Z!G}7Xu%5-
z-C-!oQQ})%5V-;+gC4)B>_T=2sV=KYHk{;D(Bn2jELo$_%cmBxS4L_1$qFjt{BT6H
zM9YIw;gi(IsE}zX&}#vE3{@!@5egT4lfHdkEv)W9WN(KFn@ia@s=zpRuD^{63-S%Z
zwXl_q%0%n~GsopQ5=!PYLwt|1@4r1a6r-%@m$iJ>7sz!x=w8R0OR;-=6t&yLcT-*0
zd#^sckqdYtdnqg!N0R}%9tjA8JZ)e(DAaW!?4QLs%T$O{JPl|Aan;kZM1oc}UweAs
z0p4MQcj=G0g572kZncn%OR<1$&Ug}Ak90@}BNU<Q9g|=(wH^?qbk)xb1U#}dJD(FW
zxD3#1Gj|%>bVgr(|F*k90@*=!d|z_cpPK3iKZfKFx1@Kpp<Y@5>fr)9Gio#PgasYR
zTCUW$m;`gaq@t>;VD=%O<P6hhep^dG4D%G&MBp)^(;By(x&#QjvmBZabRMIf5fzsw
zU*UNHkpQyod)1RnL&FxZcmwe2Rgc}UUbJ_Z7D?OTL<1sQ*S8wx$EKkkJ(mupqu?4D
zYtFP?C^x8Q9b2f|3$(Rs8i4Xoyct4YG)OX$qx)ci&3&X5nfI6e+j1xRx_d#l$n6Iw
zCWtnzfaCB|HS81PzJ+1v!#&FN_m7zc)7Y3*fvqC@v)6>M9~CyiVu%5-cO(@ubzQ5H
zVe3@Tcf?1%g(QW;`4+sZG!@_mS(+kAvNCR8j`T&mN6^e(0<fG;WZXa2{>d!>71H=q
z#sy?3z%zaERABWHm(RGQaD23t4h!z*D=Cph@EP%b9LEGj9F|*tio&|2>>(I<-BqIJ
z74g#pW2lcA_V7#)OpD356q{(!8Or&>52CsW92=T%F>E9#+SosZaf{cz`Y^7^C@n{o
z^|T~#j6hcGBdz)%&gY6&m2zF~XbCQ;eGySM4>khR+q!p)$31pYiiH(b*zU?LI3-Le
zva0@{U8HGXOmkUV@oF%E*#Iz{G6lpu&?LuX^4ffk=9)}@6A2lT1`KLYY2>ZJ!C^&S
z>n`g0B4bb!^it|!C}mChR|`Pyqj1=Alt2=(ZU(7a>v0%WcTbQ;>ql2n7=gUu5p%(7
zxg@2!=>hWTzi;hNy@JyD^{)cP_5^olU_`t}hVfm}z>wKB>wPpC)<ZVKH3gu{IO_m9
z;YbEo<^fiPohz=2Oo1<&EV(g13*kBN0S3Ra^_AlThGnz-zD~{4Y^-5}OW=c-kJjp0
zkhTr~{?YtFBWGXjn;plH>A*HhH8L!0#}Q#l!sndEc8)e*>t>2}Orr#KigH&f)h}f_
zHf_mcX#`gW1%VVz?>|1(SW;&*&{bjd%4YssT_&O*P7TQMCQ;i!b*bF~?Fq-s&-^SC
z<)BjNal_%&+<~Wc04bN#fHLYh)mGLG!8-cZpUY#kg*L6th;&0s;y<I~M*i@*cwdpo
z$yaC>TKZ%Q&Z#Xyw0KNF-3Zvej!(SJh?dy3;Y&vOg%P@HHSAAqT~-Sb=)KRj$>I9<
zv(4iQnZ3hk@rznIwB_3Wlr!SZokh^43b?mN7s?vPm0uZ^=*JCbGvrN<4l4-YdL#ek
z)^DN<U>L#TmDOE;p^E%gKZf)Pc1(IYsG|(~DT6Qx6>V2fg@OX{^keR*e(vjdK{v(j
z`6y`M^Aj_DXUhJzTsPd;SiMhwlP)Tk9Wb8S%gp+3-~OyCfn^hG6}cFOE2+bM+1Pad
z43Wg6uM2F+`=lOibXUpXT8_N`()yn$Zws1|x3hex8Nqi}cdhD`1@_d$h(K0>(5XQs
zAJfFep&JW1T?HT{Pg&sM;ejJl#;5{Xb>B+vvgrvyADo9|`DN>~pg#XbJL@)-EJ^l%
zRFfm$p9W?h63%A?&2zIAkKilSn-GpP)!f=v`ipU~QIDiaP3whW0mx`qS3$@;c8bM)
zgE4?<k8xZzg0H}w*cDX*#wjtYO?m4vm?A5COM}6Q9j0~cPSks8bR^iY<~#e8k|bX5
zF{5b+`rsC8F)$Y{24u~K$hFZg7HCDtb*@hWe7S0FMQn0rS%G~K#ccPH+~-~gbY`Dc
z&@JSA-VP)@-?F%vZ1g7BY<|d)ArhS`ObhlZx|!jD7bvH^EYJkm0ZZxNQr3C*;e&nl
ztMt7BW(ky0Z{``+a$0IZ16m{nA;E^HhkVd?YoOiC!S{7?Zg=Fhbzvhz<AS>c)osf$
zaW~^a&dI3J%5P&7to)#81kT7sGuYe?!R%G-<b!ff*a_c4x;e3l%cy4dQ6W4t!B-o2
zGrXCGhehULt+D~6sT$eq9A%PN^+&(N-{B2h2LW3<ZrYE;W32c6vPYgu7}To?(%nSX
zLOOxH!6Y&2#pYKr0camVmp<f%R9Fa9$&UCUYiqz|LO(c;7R4KsFS3~#PQ9@eU7@s|
zONdwG14JB^9qOyWBn&4R^?I*|G_nMo!F}j#?=K2$m3P$k1lDvx&&y)KE);>~D@riR
zh>-U*pg%+jt=qTsUF(qR<gob@0u2@Nk$xyuJvI$}os(0y;s{`58j}%$$;2#Y=F+&o
zAM+38ZjT&7A-SC`!x0f=Z}U`6F6Q!`k9eCEEwOV-Ty)iTu&0`OZplFglL@wU3I~)I
zNgWPOw4Ak*$UuzgQ=x1NJZx|YW9idrsrqXev1XqBR*cs_@gtVN(+m2LGgT1vfx|1i
z>F?I0G@8kL8l5lANV|pHi8s0?4|j}}r!ecun~l25*I*D*sI;z-$E8Rkf8?hY<Yfti
z8w}HE{T92K;!*xwinpTvU^E}3Qu=s%eIYoC2#hLjjByFU$}#}%(z9kKFo6Z}2`V19
zlwxJw2@+(~k;Y#{E(CNWsMYM1tkq-uB;yOELkSI@;Nl34wr@N2^1e8GBzmq2Y_Ns%
z_<V?gwzn(C<P~0=(ViLp6h*oTa<O)&>OgW<(;(RXy70pJoti(wp{jb+CpeP2if-ip
zS{~;mB(0143Wt~-MGg1e6h9feq3yqO>?$ev18X334npESXbwIJ7mbL7F(2Nj<<>*{
z2icAnH%33x=I!ig{PJ@EwbJpl?llk?Ct=6imlWES3nH$n>YcB*Lo%?jC(ZZ+1%0Ku
z+-XAAlk;XC{`kD%WBi+OSh`a`+(q$MvzQ+7$YHPOR8i{cUHY%=LNT3nV6gh{n}t1O
zONU>~V6u;JA!0NO!RZFQem3B`R_J|}MU%&?!EToruxr{M8E@YhR?trTGB3{i#E85i
z-vD#QU=-KaIpifW;piyAkGjcnY!;^aV5~NUn~YR{BpR^Oy{BG-gB2ztW%~u@^3ale
z5E^MFLwn<m^}Ds3_eRH_RYw%f!8y1Xuh)0azD#|jsU{{A4$r|0J`P9?4TK>)ED-YJ
z+Ic1-Ssv_GMNU(4Ti>K{%yuM1ShJ^?0lz;oCS5vv!qza&j8DhZfA5?FlU4Dcp%+>|
zxc_nRm78(>Tq6eqNp*|JJ6l6ynS(afAJw2*I@LgVRw1=gv@ADTD^b^t$%qPKd}S0t
zNta<jxZ3#oo`=@hJ=Ev9kOGlCFq@6#`!P^LzwsUw>=}`0B+bl$y*8L!Wuz$bUc8S4
z6*O*$34w6*1yfqtv1SxUbK@zZr9f{QA6<#=pxCg7&LERYkhv*j>d$O>JC|T8nOV-o
zEo|<&*#_2uzgztypV=CS@lMyBEB`c7@FAU=UBN?u*yQ3r`A+EWETbncDA>XB7BAY!
zJ3g$glo4H+I9jVq%$PAbhksOlESA52=TKVo8h&~$CoXKXa(*TtuGR^B@}$5wf18sk
zRgVU}_n?;Uo!R=ZJ)zBP$7&e&lbEGH#WRwjhW$vS#G`xXQnNqGwxkg6KbWJ9%iuEK
zD{KsjZiaE>lw}zCEE8^Sz$^Idew+Kv-q!_B45RUgF31->gs3dzd4G8$xRt;UR~awC
zCb9nZ*m|Km?%d88AhlSC`<LNoeob?m6jU}t%zcR^X@;8eD|OJfgM2ux=S9aZbH?03
zd$_>>erfR-tMDBPgn})k+eE$}5Gb-*i^MU%^h9+sKY3Ltvz#BnL4S*eHLHWYc9)r`
z7KrSm1=Yq2#-9<tg7TXQ(B7={9|+`S4$NQXtnco_xp&sW+?-}<;0lMP5kT%i2)p0^
zoF@%sz{l2U*Wyyz5d1Bh_QSH@oYTU<RgDa6P%t`F8yKX@`qB(8n03i-kfmqZ7Sz+<
zikcu2Uu)4vYr(D#@&5vjmevwm>7UaBsE)?F?Dj^upmbMe_{V9trydJM-me~PHCMoY
z3>*meP$;4?F}qC$j(bEluQ5U2*V_rH0GbL6tnl~#C=0@xah-|zud7vv^szXT-Ak3d
zR=PVOQxYdJipnjX7m!r%@j}Bo>}cfghnH14n;+=lc}zl`%#(>ml4T|Pu_nhzm-R<l
zE1aL}uDk`cWPEaIU<(tnw+*D|^9Pw+ZGrpF1Q-KYtj$x3J*>PY=->(wa{e{wm?p9v
zbVPuv27$$rOqo4+X{0zYVKBV2ifY>?o>QhH?aMTc^EXZPa2+*IK(+V*Ji`*iLKZCy
zYPLpn3I|W!Ojmw6$U*s1BhX4g%0Q|r+TP?Y7d+5NN<ViMHZSc~faOgtq-{m?G)GV*
zV<X4Sj`flSF|5E)-*^_W%U&Zpt)9LMp47*o{#1T$d{r|HD2{869cO!$0}zj{8+1i`
z>pp?S!24+|k@YNX+YQcm>)t>@65cX}*|Cu&U1@Dd4LXd5O>9ZAoVdPFsU=_GL<%YB
z2;}*cLX98!a_>qAq>}kq;o$fb{>hN6a1X>Fu#)8l`x#bS;FK0DhPAH<K^0?cj!toC
zZVD1qa7PW?Sq=^N6NWF5rO|0n%ubVo^XiZ<2NKp8l~ukSUa)3vJD6Y_ik5o?V5yJy
zd31Im;7W_dVKE7jC{9ezgd1^7jR3cFEQ$=SUF7Xav#5-=t(V}Q!j6=G*GDPZbE?q*
zfsr|we5&Zpzh3485in&Y(Am>i4A)rxu)~9UQH4k-LX)jXen(3AoF+_Nu6x_hq*b)o
zD=*l@Vwa?IV$<w4D7nOLfLfm1nE2f8h!3!j{!$ytm1^#=8<!_JzYuJrOUhC_Rj88B
zSLTxTGkxVY;2Ua+!c=L|g!NSG<!W#8&GfO2JTof6=-)2rXX@4~LjGDNd{|$QvvmQ^
z$4lu1x@V~hNueI?M9mz?Q`DRuJ;WQCnf+bq`H)SIoeT4}<;h=J?yPG6>UlGN%UMhh
zEj|-92!p#YN~)Pnqu*>&71uzf8CXbz%?<;#F<D`=DRF18KzrHSoChGPC^@6FJFyYO
zqhlhcZJmV7u^r;|l;cB78oJf81qf7-LfUV(0`DYXG#0l<xoy=37nTyPQ=dvFPPVLN
zF#TTZQI_abc1Lem4HvwZbT}QXezw^mbZ(&)`a0ccSH8}n5{Vw{s(Y!ku*tnHu<~s4
zdWpYqxTn^9FqwlnXW)!#^8(XETs^#+%r55FBznhf{%ri%!POP)=0qF>>-dS{K{qz<
z&1?;eO;`k4$H849W2`+L@K{N|3_ZH;3?Zkg5Jiq|Cu*nB#^xMU%VXL`Rjv+xMdRIl
zsKiKepU^AnkXx3q%oy?@?`pEeGB4PU4GeTevQ&mft^NMn!U^FHJ(N?|%`Z{`EJLYN
zXY`H50`s`Z8(LbJ+eL-LF&{f>K88xU6yJDajwD7Nor@8a@n)Y<0ui&bsKW#*X^xCF
zGe9Gp1rb8V9=+lNwHZVUKR9%8VRx{yb1E-OQ0i%EF0uD8_1t73#6%hg^Ri0MhT_KE
zfAPp?|LTZH5BZ%|_c@jI<W>#i)2s3JXb{iPG7;8U+UxaR_c#P*t=R@h#*X1413G38
zTmf~k$Ano0X9=S=xyIJ~D9;eD6#^qxUvOmix}?-@v;Z4<r3F1uujQoQe`6$O60D|(
zC_zVaV}?7;xLKU7%@!-g#wMWH0{VLA5e7F)tdU=mi0R28ZOLLjK{-qdXEOgJ52naB
zuoltgINB+mLSSX@YtvcGHKGQEZPgRVSGQEyQ3k-_?T@v?Q;6)DESt+NZ~{Yyyrx#r
z)D)6f4mY$nbvgCv)aXcH1_jom<p*+P%c5XWNw#<+%Cu<%gBtD+z|PGAf1$O&UjCPu
z;oB6^SM;||wtChR1wEPU+np8i(rRH0kE}J~=8hD@n3FY~^tf=3N~A`MxbO&sksMI6
zVSiql%rp43S7uC8@fg*a87mH%;`Yf@mUZ`MUPF`U#k=zuCMWPriqGlJP8OUVQc`k8
zU*QF!5=CNDxL*%d^c%^N4O8I}>-ys*McpP02l|3z{B&q-Ng-agH%>5>scYNn4Zr)n
zixrPY#|?8mUbA?>xG<^uvPjjI)XCFVlrSnU8XT1mz{}{dg8PyHKvIC6IdfBR@!tes
zA)czEc|n9Db5KonB8qY5MADq9oNMwoz<-^69E7;`GBC)mnQ~s2bYDY|a#Y&0&&l!e
z<QuJO)Xlb@Z!juRr6#nYz9RykU4@_^C>%+}4KPQSyn%)DH&rR;9*#UoMj&gq3tC(s
zGjM9|T8{6M+q1jZK)DmjV!U?fAB)aR1S$9rhx$cRSTW#`<_YF6TH|@p!f`;OUQZTP
zm-<t#-!u3Sk~)I)Lk<u!*s_8Wzv`8<j5oP!w-okRcT86>lRi5G2%b%y{@GbG))9IO
zOY;z!jL>t7`7Up)7GSo*X@4JSrXNl)5Tc=!`na;K$&F5wa%2??^&Y-aM7E`>feE0}
z4`E44Gy+gaG=4*Rt2MXHN>4yn-_+oMbJPQ^W%cVwZ)d0rFx}X{$X!1)47fRwV#(at
z$}@KJ#d&*U9#!HC@_NgJt}m$Au}}exxmcf-7{>tzM7fSuNX^S{U@mi)y3#O`FK@~e
zk(RweYB<~>86g~IgzbAH+ZbP<j3WPhEb_^T*Vh_++u!@?)4ubbnJigYT254nj$Cty
zr>Uix6!B*Hb%3%b+ugVtA&QDi%{_2g8|HkMGqB<wLFft#e_}n$p7O(+cl&sXKpA$e
z(r5#GFI-ZPWw5Cb67EP<u8M4p)kQb5GF*xIccAFQhs)Ny;YB6dU7{e_1qX-eYyU+;
z+DQCc8ccHqhXz5>nY-Ew4bTTVBa=jn^LI#6&E(UjG>jU!{+isqT*=YBXF0$wDBlZ7
zy~47yGQxY`D=#Ct^7*n=mi2Nqhj2=)r?p;5<z>yRgGh6$WFExq3h5oDWvQVn%HKj}
zLSQ6&8l)0LS#hBZA+o+%&8xoW?DFxX>PeoGlp3tbgmeyPEqIMn26Z&1d$F-fX8`$G
z@(m9)T{NGML|f2G>iOd2dbmB=gfR~IFfBT$A^U3EJ{v3Iu3Y?~#37j6j@hc^3VHb<
z*S85CZCbq(5<(y7qSo8_VH<e)!hwta1ekB_8B{(mR2#-2`|%+KXbb!AUI0tj60D}{
z=O6iaqaY~9C(@wnQ-UAGga&XASS`@<P^kOAt%*ekRU>als#0&8`avja>D_+7uJa0a
zM$U|&T6Y09*_i<@@MQX&%t<8t<Q4Jy9xYAup8;WVdRb8i%L6RRZ(_%1M-3Llkd|($
z*s_N)ZlF<d>tN6$H%^H6d0lG;U*_-VY{T;u8wN2{bG{e(m|HB1SaZA%3AnrtfV+xF
zDsS;a$W8<KTuCmo4(?uMe?rM}yU<>G2T{;Z=mHrq^9ybIHD{w4uY1n45YR8pf#W*+
zTJjJLk+{#eXalP&an(6cD6o{nQe57gYtV}c*<b}X^SB@HJh0)ku)=PKggEj)a%eVf
zyBi?_O^pb=eUA6S^?3=chTxl$Li|>;8x!+sNqOuTr+73YXl){f1<Eo0HZ=urhNJzk
z0~vmFEH1h1iDxKDulU9Y^WqIPqLR`zx(2^IuHJzLMtQJB4fXYJ#Mi&dZ~A`8J?1*l
z9>33yOtw-BwTr-};_I$e7{D(KUO{i(?jC4P$`Q8eiF{IuSjWm*Awy5cKf)8ahM3kp
z=7wdO!VUS}=!TLY)Yr`|X2DB@zW51o-3!y>etbA>eloZ&FbC`PJ*^(hfNWaCC$0`|
zaqt%44|_)mpD}UQ!vK2!3n@)lT7zi28|J*d+nBt&u4=vInr3#HA-cPc;J2%$JxpF#
zRL%Vo8K&n2NLJq2XO4Nh>4<qVuoe1n<?$k3OkySFc4J-8b%Xoy_#rQ2x60<)if41?
z$ly?6;#WK_yxgj-yZ`dt!}xk|bH6tq*HUQ$sO0ek+wmEY17?B{%nSpOB+~=-wqLUT
z=})lL?LVx&%+E_9Gc)6&$~;{ZxTy=%U!8-qM$plPj~vE1!jjk#mriFLz|bA$p~Hq)
z<@KvxG}&ukk-gh>{z8~#KXfI*qGfv{GmzR*Xo9^fup5-XB&549xtKR-0ltZwS6%XI
zT7vDX-jPp>DeX;tf-C#HX57U1A*CuSkDsWqjgz|1zLZHF+C2tHQYRW3#EmD=aw9+A
zy)+L<#`?OW1!Z)8!W?SHhd9%0Zzs_KQM4H2eBjJYU)4kTlUm0%h0O>;EAtMr-MBMU
zxC+yM%QueNZzR&odE=hO=*+h5euwt?deNQ6Z2?^}qaB=j9WG25-&}S;_tmTxg*V{v
zZKBXW?uq?ff634F{2JYMz^lPzpFl5Wa(MS}caBsT^$>#vGWu?;4t{##hY+41rt8C@
zdaaS|_9IRA^9knV<4A@6^1PJhyO+C2UjtXWTA5dnx6bQdqS9dZK!<PKiIr3>5hT7|
zT{8|J82+*ay@j@Oz<B(E3v}JG4A;k9c{*Fl5mxmDqg{)7^CJY<5D)+uSba4twdZSa
zMzgD89sS5nE<PIHMN_H9!R0w;KfhRj@lTimcy5-A_kS_>m2Gh?Tek@zNN@`d!QGw4
z-QC??f;$8W?(VL^-91R-?(Xi|*d=G5oc;cU`)NH-b#+&*>XI?%9AnlxI3-U!uC+!E
z#jf+(2qR~60~uO|;H1fW3jdtd_A)brTtUzpGxI}#S5{2UDG8GxmCL;n8o{Yh41>@Q
zUrU6nZ<ZB6sT|w-y$bq*I`d=&E$F<ZBmMGRtcH@n)-VZ~@;a+zT`^JbmKKBf-7Fy)
zxD2WnP`9G!z?ub|s=ed)#=3xn_AjKIRECR^66CN|A;f(@8zy7#xt|`8C_3%;l2&7M
zn-ru)uL$Fn6wss$(+eU1e%oFVrS~#9y=oq3&y%z0+rKwGXRaZph(^aUH2qg`_45q9
zqFhRB1K3<%zkgOP5V5Q005da*D|ASy!1>&FLqT85BJ$3qHy6+z!=op~lRD6|Ffl;z
zkXcwki|i5L03*`YClMwoTr8;z$7)fba&=c1&~?WVy=K>EXeub+&NE5_bS?G3cigDf
ze4C%i`&^t0F=*x&H$pGN6KsHLV~Dww7W>B387dKPWT`hv26o1rlQQSf>cqhk{6!Sp
zm42wb0c@aFYGa)It|9#Por)}A$B!3^jj`re>cFhQpiswzlRr4P!mTzOQc?U%(o1$V
z429_h|JPM<_2wm|%1S%Y{BqBtFtjS02x`${Lw!y-0j<;q=7Er63`D}`8}y;dBYJ?M
zMg6UyS`~KsV|2`K>+kbAwS_BcJiNT0nmA%wV@{Tc;+Z;G_s9}fnI_UBhgaHFq<A@B
zrEFxbF`rcP)4;xPK3WV<%WEkGPnmFfDPnKUI%1^ky3^YbQ7@#RCNgUdQf~+btx@mo
z3$G`)aPH+*`44qq9<}B5bBYVss9gGz)oz!3z)|FZr_ZZ(v>wyRPnvWI9*9o1n+|F(
z=Wg>X)0fD~M-jb}r!u!%TuyIq-#E5~s|87<53({ev`6@1F@X$}RVKRC4L|bwaKdG|
zLNf6>^~9SSGGvHyE@m|Q>ERC-K{OVZMZTnvx`Vz25<l<*y<^g3;|QO^!b+{j_aeS#
z5`V8?kaY-S8P}ww+OJrHQdK)@+CDP+IAnoQmf)oNoto3#b&_8fg7=OEKsCqR_@njL
zfz&BVAk=*1PjS)5Q1uQG=+v21SSBRS=z$@69d%1#($Fv0CA)=Laa!=$=;(u~WgDBl
z<<|}AaYMx{W9+!}YN>JWS!S&Od&DRr!(*#y@a3|)4|ec&(R;+^1Nzo*HKFW<YR;vs
zoV4f)hP~0)XQ)P;5+>Br`#v>S{tNAHM46h_{`+g42n=)KStQa>Q}8>n0(YMecOb+K
zzV8--aq=&#^HtF5^9~D&h!dg3G8!&QYgj!@xCAh<EUl*fO2isbIG|o2^Ta?I4H%%c
z8`$q4v<!e~o!}kA8C7m3rx_8kVX05kzIL$5N;x`wPvIlPOI$K>^Kpd2>Sqbuz=wf&
zag^m)K!mJ)TZ&@s*WZlAWx!k}JNQz=^%3&jOHt?73&-u1X^qGmC6L)A)+epaVc|3Y
zTY0*@d^Q5k!kIY-#Dd)kXUT$Y!Sex|soops*sGSHbh3QnUb@lwRs<A9Y@1_5<gVm2
zqXC>3r5EO5=Q4)V)*i0ND_!<(&H#gKoVgtdrDU2u8j?YJX}%o#0LOZo!|T1%c@8g|
zYTk*GccJGiJ?aSG88T~$AZGpTsN>J*esVV5Fvk$6nTh>{*y|sm*Lt!gO-;#PZgptI
zZj~4=|M2N=@W4PKAiDAnNZFZ5pYKBW;kkk>Vo5=K)>p_@%RR;WDzaOv0RIg>8nMRr
zz+7|rpfch?JvgmUG$XB_hc%pV_d7>A`yOQ@(IsUcY6J?wNKOkV<q#;IcRznIRN|X~
z{%%KXlY;iy2RWVlwK)n<NRYtYNj~Pp93_mBexdo7=A4w)HCqy6u#)Z$XNWK<*p=u_
zrd_t5l-4+?`!7?wf)VV^Vb4x|*2MGe(17~+D4StpNqH_ax8+}I^9335Ll#PYez~<f
zgrQ|?u`8bs;U(3jN;%eGXh*MuENx%l&YiaVgb9)5y}|RTZRa=tNoY;Vxy`Wq#I4e-
zs0{cKSCTp5c=5l@KA=EDnO^fE-Jy9<nLpV|vNW2e@sH+F<s(8(u|AVZv-FD4cM)~Y
zEejFa5$9z%w0fMwCEE2h{2)*MhlR~YM=~+|nWBG2jMpzCtZ`FKG=4Q(4q&9LnJYcu
zN+HR*C8W_hMRStcO0UE@Uq%Zp3V-&yQq*F>=y_}-@*yP-X@BvDJ)T*5s?Jyw9c0xu
z27>zTUQXBMyrJAWBDhAvl@4U}RgpjWCS8Hv07RxgtDYEFpfDwdG8go4(g}-*kB#An
zkzn~eM0|9JPFhhOF)yLC4!pE`yxyGmG<AK+youfzp4U=0OuQla`4GjWwG(scfkffW
zhCM_OgrvMbHpA14#dU&K-1~V#Iv}9&V1uZJyBqG|`4gjqv&nT`9dS5vO?Mn`V+z8>
z#xMlyxx~6@p}M_L=-rwit$x984hRF>+_`@eLxA0ch<A0#zaVAP^~a!f5|Z_z@_Hpi
zhCgpYRac1ij@1tiHT)i^G$JJCM4l@TU)|RH7--);DToDL+@LQSs>NCTaqTjW{u>XT
zJbZYuc6_*Tm~&2WDnG?uTsIHuW;HYhwqf6ObkcSj?ry)DJcKd+Z<2mPA)HU2B)$tF
z|J4S#WBR_!#Fh7Pdt=H=tGCTQrD`t&OSxz!MmBs{cG1{#VwuD+KkZ+7mI-1&0X!^W
zcQ#w#oD#^Xwt@Pw`AXh6yjO@~#|!RCr;9;ZZ1DsJRpA367iOVXz3fXkUz%yg8x?T+
zyR%dbwvj%^b49Dn4Nfn+?F9Jxet5w&s?h7>$&XK9nBu6lrWRPGMcYw{{2sAw2d>R2
ztcfx%{)=||g+lD|gStQKCv*N!mr`n9?#fLjgdltzVVL=i^@+w4xkJ22^EN7Oe7zXX
zvuq+c)xnUpT=%s5oIN`Uuo-kFFCq?_KH{FHQAHVUt72DG_QeL_r{%DuiEhxd>$x(2
zvh{Ao6?Kr5qrxrks(r9Xm7W|z>Cbq&6uQ)4Np&)T<pDa}KXi;`3zimUW?fc|UfIu}
zHg0TG8_Wo+cP$ru;q^|5dJrcir(oc>RHu}g0q`4kn|1ke0lk2PW!z@KE~lyP)SqIe
ze6{uv&9K|%r@(cq9{$WClkws;xRfCM?J|LU#Qc^U#7mWb)>t+h(!s2s(w;94F|MV^
zLoNPR1y5{baA<0c@&mgQwDa->Y-!5))?yduVC-vzCC@v068{DPe;W3>y}E&_^Ru5-
z<fF_ZDngM$vYo-sX}<zR9aB1KM^F)nv0q|}s%h6jgi~hybJ(7e)pCL8Rw+Klxv_i$
z>YI)loFra)x>qq4cGAqZgI>*V8SuHqOM&OAMq3v$Y`+zvuUHbxUU*wC<T0#=iC8FS
z!pU`lm*RJuY*zJG4hx0TIAItECJ$VCUy{#MeiVMPHMnREl5>TNstK0;p~&*Hac8?&
z8rBb3Q7?x59lbE<s_sgrTvZb{4?+<`OQQR5_A!~g89#n;fC37aUwxDR`Kpo`oGvwL
zGhD<<*8^&~A<6KKPL#pmKrB4j2UnnW<ol@hHp6=kSezrbi(*BTxx}Tdkhd}6V)xH$
zzf6*?Df$tJV*QbvcYA$$!gh?ZUXe1NWg<qlTfdi;gAXSq5`x;5n@Y2w(~svjYK7ef
z=PxFf!B|w@wto1A;q}D(ew;X8gJ8)+)}3(k)5ZvG{JX1mB?x4z!YDijdKcHZ^upl^
zD3K}oAL~7M2<scM|14#N;JdgG$!>-|!MxH{jS0`=y;vz{n<LPa$@xL>GK*&;H}G(=
zQjgIj{A5V@^Ap}$HwruVreV%cMQykv>Xiu$mJf=c!&dwdxyrzX1V}LSSHG-x`1~rv
zNQ$)tp_gvzb1@S!Eq(={T=3hqrR$leiZv(9H{_}pxrh)fkcotds)m9I6*NE`E@uh~
z38E8lO9z*&+Bm%KhRWTnI+0^^o@o{6Fh+rh@<2P2nR=8d3yL4XJnQa7*|a&=?_(-7
z(|;+HJqkm_r&_?*_M?7uw|aL|YPjhnPHvPS2+u(Ih>`7o#%5~jdb9G^$7jH(-MWqL
zA?pF6oz1x~TtsgLLP*97uLMIvUKC@NxQKt1BK0qTD_gm_s9gw*a^uNeWNS3kTKN{B
zdF2{?C;9vB@3`_+5>33TEW-+DN|!=(c_akw1KDge9H8b~<cXA@xihr~9UhWXE@2xp
z8Fzs@v!Sd;emyF(Kw2E{IEc+rHqvXZ@09i7^T|CUJ-KP>vML~$H8=N9lzt{#K)5XZ
zXldvf^-{Zasy$S(aN0HQ-L=;g0t_8~>`nDM6c+K<XdjnP2Iuv@ijDp>r~13}NKsa}
zkxzEuozK^}T-SB*i9{&$+pMa|w;o{loxGp)DNEruh2fi1{QNW=f`S&CZGHIHXXbM|
z1pK#eI*$-fTb@VYbi9hTn+2yY@=p*unr}a@yytEje6sCZjf&t`N}}r1{Hs9AZbUS@
z|9wXDZabv&)EHTWsTiJ4!juL20w$~u98b}Ie(a8vTUyTHc%rw*K5Dg$9BV?5HT;>>
zPC__^KoruU7+&_Bb8)GAsSVya#j=Va4N`rHy=PJ$WD2Q?r?MoiFw4eY3L7ZO_bvB1
zzAEQ;!RUtg0f?2;CyNfai8P1af#*H=tVf`5-t;j>=1$J3oKxCH`lsc^t~1{AaNGbH
z*E79Ma~>~<oJu}Nv5RaQ`(%hdXiRBVUIg#JeA!No)|PIVS|lMA{yan2e1_kr2C>f(
zD+&HPx2?ThP+SlUMAk~sr#`Ny#xNsF%Ry1~J9y99<qwj_{K+p@)5*LMkim>gs%~~j
z68CidZ`!qpX@`J0=`feIv{0D8f;`{ONWRAXXI<6sb(j4OG1d4zi|U6*kM9BS8w#NZ
z=V4`EJjl7-2d7!Fx_O@DQb3qGFUy=48xCJkt<5F|Tg@ZKo(sAeKgjFf@g05fe7N_h
z?q2$U0$gmPgvb*dApEujz1_dRb&P(_|8-bj;3F_Qv@biRm%&L1@j=p%ksOkU_QD#Z
z(H^pYU#e$W7*vn|7hlep3ezfKip$Hs-M0e7ui&{1rq}&BCqDVTLD`XwX)3-bsZ{>q
zkjYh_!=cW~cdZA(_k~nnDHypL;jF(%mpdrQJ0C52z#sd>9|;El(KrI-pJxFZc;^PY
zoLIQ&dWNIL<odyY>k~cugRtk7E1q)@Ct>5lXNJgq*58;T+#A>@Vd{CY7ocebJs7V>
zR8HU`*9U@6PyDJ$5plL&{-P>VY81A7X~xW30(poQYXOBz2I&i$f#BN5%`E<=7l=Op
z6U+Iq{J{VeFHhO)Vz?6ZK@kMd#K{u#P{i!5J;J+SfWuFiUePB{h9}^d&%J)xTahdd
zXX(o+g1iJE{ALl69^M5^2KkjukxElKi%=P8o(6dg&X&*4JUkb>ylI$lVyn>vyI<7B
z;o+AUM*Iq>+Pt(kIMc8{EOYkYUwHUWeY{&4ombWeKmPC=0XvxVm^nS$L{i@pW<Q%g
zKo0O#tTe}}3A#+_OeBjuS)=<m1H59<Fw&0603WoJv<5RXrrajuhiRfihkSZ>d-3%;
zvSv7`1O^O-d_>VSjqKf`2H(qIaf|>cI*TbAtsh{HfxLQ{)+GtskwPdy*<n^#qIdGo
zaEwGTu9beTt2{jX3;kt7h?y}t6l4_rgTglIR_O;eN=EwtG@N|&S0=TfZ>*EJoRVy=
z?i$@MAPS6XMl@@8P-;Tbw{~S;Qb=3ZW_7)t31q|KFTidsOl}N@7lBRlBH?l$ustq~
zsPBL<=T0hby4b&(#P0<th(TX<^<Y?3c5~T}p&}JO#Kux@fACiRZP2wLG;+Rg@7w%b
zJ&aX?wA^O*X{{nTh%QSqAS|S;_3$Ff*hk!ZRZDlwRkPKuY2i19wm_l>YU?JX@>`6n
zWAHvnbI_pB|DZb)lvc)jQ=~PwKY<HRy)dq}Me=OFwcUv9w!?BT9?78P73z=b;G)$B
z8N8O{nua-@zv>i%Ue~O!scNEYuGHIFe9x{|JfXb6NY?=Hia!x=Jz_%Fq5silYITDL
zh#Y;f!I5YFyRGpdJ{&`71&jPjgBjOVRkAbv_k(xEH2xoTX9p_^$=AP76x^38;E&!n
zIuNn%zsl|Rhwqx`ySTHxa#SefUkU2Q7lL=iC{;dz5X0Xc;*aTt^senZw`7tx__w7d
zfj@%ZFXmA4u>Tewc>PhKJ}pVbtNk6FcZo9M9}TepmH_JZ+adtrfxNT~ftLwr6bsD1
zUxN|<5fD4!5tsV|t=dJ^WxnRA`D|%!)@gpNp}5t#&oB6gM8X;%037VF{hl>t#M2ba
z3{ehIZgB1CsZVOn{;YW%0D9%VUvWVDD9nc>2afttc%z3XJ7DJL{Yd;k=nukdC~~m(
z$M;M`Ie{ZCH^d>hzxDW#nl7LgbX{qE_U$}cLmKYx&f$w?|Ib%+kmxbeCl+-l?6)D^
zbS8+Xs492loN4cz(QoLzFFuyU{jJ;eQzE<9s?atI+_R0FZie8wcpbeB?DF!C)Jg9u
z3SLS3zn%E=;HC3TC}n$Y!+iy7*S-*tuq+ZTnx34Rx`NqI)TaE?)jze+c|Mk_gmvp3
zxF=~)Co<tp$a`Qhn_3-vvVHG{Darc*005%Al{){=OEW{MmCsd_TAxqV668lN0pQSS
z7bItYwZq&^QVjf`dP$`3gG2WMKIZg>Td#z+U*q5c-2fc#eH*u{04U%6t?By)2gYq;
zah^OdyC|WkO_QJ;k=&9&?+UT8xfeQ_v)n!XXvQ+VxF#k};tFcnFq)S!^bc_kgGaC>
zYMHKfy3r^d5l%a%C<P-^H4Tr<sAFrCpSKE<{Xx|L=}5{nl3FNeWVJA)Iqd27a61fz
z=3#o9<1(YDW6ghV)zyb7HA<tzW_AhZC`cBW6>=_$RI>iRv3``u78S{7zFk&-n)BD<
zHbeA>M0ma1SEZvfmhK27QtU2zlUf=!=epqO?AS(O-JhLOX!ZSx?>!<}X`AzWQ;yrw
zI~7^DgYq6CG3;1LmK8MQTu$`-ofkz{Bv!#*$<$evVK%gP*`v$5S8EF|KkxV>eAdBr
zqq`D#TsLv4m{R=oKF9tu)qG(By42xh(p3%bq(~31khrclFu?j4toxGMuA^L%-`wHK
z+19%YE=@ZqKaT55b+SePkz?$+HT_*qd%ME64p=n8S{Ld7n$AA(fPU9lk)UgVUtbZ_
zr57DKwRj<=W`q8jyj?%}vIjbj%beYD!aKl4g&d_#%|FrZE~PP#=&p~wIsr-|zYG*O
zex~E$$@01_uTy&w$6)$NQA?ZKDTt<QnYl-og{Gjh?mG)eAV3jiESJSy)_tOTx(8hC
zwCf@z%^@HZu^YT-iHld$-=k2y`0;F|X`jZ=nL&wX3^if0F*0OdVR)!{g<vvfmas|X
zbkat#RJQkKT4$V$=yY8fw?ki?M?}%amYzxUHd>IJx7Gc)g_J0%4Mdu?<(lWAPyhW3
zt?juZ11iyY=PP;@n{0rp7+9~(157P44STwnFOWI65QM$veF^Z0p)fd?MG=p;EfuMa
zG9LHrsu@+^8Ol!|UE3&q>k9bQd41()WlyzC3>-?UijUFqeA<O|pfb4CbXce_$((KN
z)Ei9&_Y-{DviM?n=hb^zso7ifrZM<y_4ACHKU66GuymB9?pCi4FET!0PENxu8aJp8
z!%Gm;a~MXuqm|X#U=nh9uwI1zBDEyn?bk>J%qB1Ckm&oLeeejbQl{qH+6s7ix<7yP
z=k7zgQzLL%dBFV?jJk=^Y)$6D<Q$_uC(t*2Xa>q><TDNOa`>$5^jP+0!Mz4#8S$z|
zeJTE!kCkCIYT2Jt7|baM)oo|jWbK@7tD);YpvF;G8ULx?Dd4k8?d>&9vMrvlQYaC$
zF<?P8b5!-1Q7jEDTv3kFKS+3b!Xj{p>r0wLN@GdD%%q5)d*4=b0m}JWHLRFpVNP3k
zJ7k>{1NP$Ume0a+w2)jUII>14d8y9$vE;KG15Z?Y*u0@w2obY8j$xa9Nip@-3ta;}
zC2PvJk~{B{UhAS-2mCNyM2`q@@THUbukt#rGADf(Ti~kBK3ANrM{RbJUp)wQVDVms
z+?F@X&Ih^(x`mjBjI^DQ3UHf8)Kv#B%tgQqh%T?Jdw8isXL!yWXA*1O8WS)dYMyn^
zt6B+Rvv#U)j>rpYoM|el!?*f=b1^1X<`EHw2kT5Fi844DyR|X75DE4w1~VnZC3Pe@
z)&=~+{So;@S^DWeJHRtCxJrc<aBnot&fY#26_e@{1ndLJ3i~;T>rUHat=T0JH`c&V
z23G~AG?aqU$^;m+eBtU!h$O-did3OwymO%MjOe)JbgroEaZ#f#Q4B=Z()=Mlv;t^`
z+~Bdm_$Y~+>^>`{!0p1=$(a@&+v{ynhxM#jxnF}y=SR7JJ+}|3=1d=D5<>ekZ~(c<
zhfYNj8@J`Fx_FZ8-I%8a89cH6Z#}<xHB2sJYIL|_!}F=~6W)c;0vkF>6&FPJduCEu
zDbgAnis4R;p=soD3Rf-r8JY~&yOv-(bOh4(Yu&A>I*m5TFlW-9Ht1-be44N<mmBW{
z&Qkm1#aTUu)h=fZUhiJrzfAk7)#M|;JW!?3dy{*$M+*58cV`x2fYoRo(z8tOO^A32
z(`YuDOuGWfw*m{1YH~7?t9w&;TH@MfEf?DgK1pxmb*Rq=?xUfkI06yf>&uLLx5gh<
z0cnG8Vd`H$2A?w+VsJR%lsF$6m8T5@-c}^rDPrJ@pxmQyeijK;_rRGx0<uRa{yDDF
zzkZAZ{*J^27|rR!)xRg#xL*p0FUN3R@9>fxR*`LMdTMPTi#%Uo048-CRd$!v8_cWm
zhe%TN4R`Ei3+1=eoRx11Azbtk48|c5ovO9kp=dsHnuW$5cK<-+BJl#{rzpdpnF$uX
zQy-BKOpyqzZJMyOFG|gNl^lXssrDG(YF|(r>L$%giiU6kS_N@uw{kAk=n&pWdPX%A
z1>L&9N&DSUP6)u{j{UR35MGyS7i6KzeYeFzugRo@qUtB1MO`W@%tufv;!!+il<*tS
zeP%M*yem4ut;ES{e?_k15;ZduR}JeVp~OPj+E9OUc;wm}Ulz5|W-`GlKECMZkQ$;K
z6t0mwe;@^m`t^m<Q#1zaShne*$mODE91y$_k%DssRk-MbDrhJWe1o)}hCAuzjzo~y
z(h+Urg<<EEMdUnNw|4ns7U@6diZ>ougSKEzP0hne?fAjL!MAVUKBQGql9TIA<_fa|
z04R8PkzNRE@ec!HZwSy7DCLizm4bsU!oHApl|TzVTb(_Pm*+o7F8b1vkTe;Qr1q`I
zOhFnpuexDpt-Qd#x&ID0Hm-dfjUx(fY@Y|@!}=9p#)bYmn^_(z9vj(;(LFVpYV)zz
zwLr{?pn9~QwCPw_KJ9@IQ;It^Q6#b-lqtjkV3}K<=L^<_6iidglRq+uflJ$P%VR0A
zg$;P0*i?>s{?^&o_ZW+0UjjxI<{azBJ5Oq9hxRK;OOAozwfdl!RK6xGiw+>Kw)iSb
zvR!8-td681sP??r{LFcveN$L;VbzcAu(~T#pqaNi%kDi0*71DgUk5CkSwur6qsD)?
zX9=}k1u5YF7p!=*g7x+FwY}UeYrkMdh!jet2q-I~NhZ-2)YQbXt-1R1z8uOnwPe<l
zsPZl^jH!r<?)EO$xV$b+p6I<g*w&u&G3hG~pzQr3aJ+XI(Oj2OZ*O~uVg+LV;$}}G
z;~`IU7o*U+d%k{N#}B0cofm%frFrb@;$n)Zxuu7y?{Hq@%Z4pvO4bp;_ame1?x|4$
zEm@c#Boq5gx#nm$;jiP=Vt|I5`2G)4`siT)H<Q&u0r+@xv&8(X^drw2S_#AAe!po1
zXZI8F(f~bZSi-FdOYOV6q|kQcYSo1CSMxj!WX{-2`12aNYs9C}77mmBA1vm~6fqSK
zm}ShUd(rJaY>+J}^F~SXnyY-HlZJQBYW}@Y!(Kt<n(#5ScN#-sKpM`jv9KUUImS(G
z?_y@NS$iJO9V9$2BX}yx)<^r94p8|&DEXomrRi}mO<YV&@8P@nZZgk{>G_-IY1P0x
z;HvikroUmST6+XmfYRnZKxlcwq0nKCc9A257ur4F)pOx_oLSg-Oa`du;;D?ID)dKe
zHHc?8cDR17U3bbJ9Sdi$VML+L94h9sRfl#(sx_6`8-3I4^=l$NSu!LhSXL?CAReVa
zOxlpEh)NraW9yWS1LCdI>oSAb3AJ|c%JE9e$kQ3`u-4ox86-O+2YTz19!~t*y}@1D
z+)?N{L2P(0O_^U)6s~1)`tY+(f+~piiE%S`s%9}gf{<1gjnB>To_3-P#$nz9<hgDf
zDep8qXj@*~YjnILiq_mh2f$NB)#w6suRkymnO;SCtnXf`K(_g}O*Z!<Ss#n!^&Pn|
zY>TdsL0+TVjUTCbdZ7prE{?(P_7~Z1MEJCityj8-?#Z~c2?SlvNPc2Sh1q!qZo6TH
zd~seV)F&aGEit*X%2!tWkAZ?tq!%W%D5NAOhuAP0Y)wN!5n@@{o+!)nxPyLu?0KlB
zsHSG-WLMojN!OOBD<@^B$mBl_nqF9VSp6WC5WlxmMVF_>=pM=HBH&JjL_*j<U06o^
zR#eLnMRQzRY!OF6wrniZ;TjY$0ay`uoytHRB3QQD?{e)S%nP}9>YAD)RdkYEP$x%G
zui!awT65(*zPPTn-}u2TUP91xbSkW;ET^=>r(7FTtcI?^gkIbGH6=#j7(!N7{dU7&
z{+!>_{#%3R(b6ZXg(O|kxOPa0JbVZM8!`w|-wbFtJ|~E(I*gj7lz4T4KxQrn#Z&%h
zB|VRbxJ%b8I!0KARa{9+#;qx;pg}I;ak_cPqzIR=%d(RQh-Kd(z6%rzwThdI9q-71
zq#(D=R(^GKyd|X9r+-ZdThz2Fl>dd#4y;l2pM)eU4_bgZyJ~-(&|tixBu?E6tWCp*
z|Jq0kKUN;Adt1(}s>R()9HIq^^>#MZxP*;)rshS*8Ifk5PpI+A%6PydRG}P{PO?XE
zMT|z3j?Pn1Y#7K({SV^a5B(wiZL#jhsrHiB^j2XZ>DAR$3!%KI@QggZ)uSRL0^SLy
zsU+9=TI7;ujU$@8e2x3^a_!S0%w8=`^IC(%<nZuu08dhU`~=g_8R(!=`2U%8p<N+R
zIA}cU=n7;lcS@1C_4l3M@?Tx-^JR8{rIvr~ia+KBI~<sVSOx^OQ^{Wo_K#V(3VpL+
zbbaRkOv0;KP#9aDE`S}0;i$0~xSMpdhkl^>#XVK(t2p0$Zrn=swDQ^NBL_5ZiJSXf
z8gXM<L5GlN5k!03S)CWx6MV)<?##;33E$W7t#5AL3i1NTucte;tCRJaWUcbJs(+^G
zdnZJ}W$xRZBUcWZO_n8{Yxna!nl}X(H41X53flMK@4$(sl`6Mt8}~1+d>R$J{jPbP
zi_4`NLLU#<Rvz>}3OhA`shW10AGy?cPX=*;et!x5{p@mEHRi2rYE<1GIwyE;cfN{W
zYx5G+209XbzK`Qp%8ZeBs{OCslY%IRR5D#KKj~+(uK9e2ZwZW5c55(!I}qGy!hRSi
zd)O{Jbh={)aMW0N5R{Wrc*xa82%nGdU-x-X9JXi(z$8wtfUc+m2ZnxiZ&RliK^i6K
znU+}5T^GqNDz8di%d;5^njlnmKZ9&}sJ-SRV@hU~SR1Ej%t5|>kfOFcuZ?-Aca99~
zmk}41Ht60?%MV8{bjkO#HleNBneNvxS`3Vt;OALYJ>!I>tjik3meIeiSFK)eqTo=i
zHGAf5UxUW4BP&TQV9!N6CC@hz3}x@lC5^_Zy+gB^Q%0Csmh|mj%(Z+#3o{w-*mfcg
zT1iQ1V$ItmEuE8-b8CCL{%adq9?02BLd+{{Yk=2r22G(&AO6j=5odKHMheR$x&SmG
zN2WX-)(|Jo#c<`~QjEpsqDAPzaAK=T(M0r7x5z@mvQCZbiNV|x)<&UR%fSpEX5UtT
z%^ES!<1y29IRW40e80VilJ24bnNhMm1dk*9Le3?nt&YVs9X1ENnUl$?7*{{D_2;nc
zTav=|Q6vLr2!X6^(L*A*UtNv0OnD&uJu0b8c;71J6KK}T;H5`ZZNdE$E(*ld{5@H4
zNv(uzlq4UW0_kY%Xa%6JGs5$^K7oEwkCS2&K{kpHjA(|`&lIhhvG9FroBrg})Lh1d
zDLGFPXQztH7!YacydF1X8;6{is#8Lb?eK(K<YBYh53kPu*&_ba#w;Egv>OBuv{_Iv
zs<Fc_Mc)^61(R>jgL1y=0n&wt%S449G=&F$fK%C*6L=!AKfEP^I*Nx<eN8KCr;E$|
z?!nsd*?_hzo>Q**1Q=#|<76&m_64Zb7`F;3Q9zqWHCAyM-pmuBC*Cy0vR~zLP3xSG
zE^phLpCGZb_9=x?NK)N5@U8_6IQc8*o!KK_3);+lBpG&&m(!s7TrPCu3eh)dYem_<
zFi;Z#r<Q78Y;Dzbf+=X`2s`%FVI*0Q7@ecaNZ*g|W9Sk?IQezlC{QM4DA=2SYca+I
zX}O1>Ry_<jn~3j}pOR)?DPszJK8+vjU?43)L7QsD2bPEjSR9)TKBta1Do@YMh0M|f
z>Ue?ZnfpG8`e1kR#wl}Vhyk!W5d{?8?G|tIpki^TrQdU_u0POO-WAmX=mQQm-8sVw
zvOWXy2@|Ad)rrKgW@TCDVS6Mgjp|wUY93e7aH1`;6tE;Men6KF5ycRN$e4$+F}gUh
z^y}Em#uLr;aF^+%P$-%;fYa#4_DAHpWT&{h$w1av7HD{pYSwOH@=!&Xl^pI;V?Q)~
zCSmBhBf1@87FKb_WsYMsVU8o~3qfElTB@3}IX8%*``ofr?i+A_CU}&r_S^@F-MI_X
z7^gW+jrW9tyq?BS)ZSreRhwg;Yw)I#*x4A8`p)9pANY|HCwAk|KdU8lx5jO?<S2IM
z5D%iAQxnnQ4mQg&p=3M%#xx)9)j1g+h4e_}RsP)a!P*FUQXC0f{MKvszk97r#1CYJ
zqJHs)z><QBwrE_Bm*gvua6UM@QwaI;DXqfk?43Uir$T2!rH-zz@v{|eNDVZFDNcqT
zCcQfVf0u>+_u)e5nu^;?{g5*~UU~h(ym6INpEKiJ0^;<*NDddbxT^3(voVik=fXfk
zE-R2G5#8IAl;nl5nMvkswJvy9_ryR@hU#w2+A%o8ng&<s$zt)w7!wVx!1Xhhd8|Pu
zuvTG0^^DAG-y4ZU!M?U01+o*YrcLnC;eeCJiyH>AQG<e$a(ULQm%bmCtl0!t)3~y0
z*Ga+p#hysVPT~1l(}XcG(Ent$D)!F4vSKS;p<gjHz9km5IVOr{ieWca1__My<CKV{
zH0_}-wdri&i_*|cy!x-U^GZbDBeUNdsw1FA9s~UdB8@PJxaQ;~cy0y?L#UacDchN^
zJTzw6bB}7?W+&AxMRq`%1k_iWtfO%49T9-S<71HLjj_K~AZ+1~cJN3+?|ceUpaQ&g
zdT-BXj`*-ars2+y@*$gqe7zHn4TdFv-wop(JEe}e?ON>&4K8x6&LpMIyLhx`OTUP8
ziIn%Jmx@<9;+kQ?@`KG_FrRRPo7q$7kra5>mdtHONG;cVc3vT{PJc&<aC;03Nr|}H
z7uezkeQg8o!&nr@hF^_+g<P>OEr!DzNLY<%R8ol1?01IlO-fWZODNg%>ZiBKzzNsw
zmY5sU?aR%eS-{@)P^gQjQNuSuaLVTPK*2^&lvg>BT=y_A)9egR7+$_iK@7HSgDN@m
zDjxr@W0F^l54r^Z_w=ceB@0}E@CkJ&@vLT8uZu<QvM?dW$?7E>Tzm;2Ws4Jer^;ml
z1(_}WC{_YXP=i=tMo7_`pt&Z`IZyl!q}h=EGHG~lY8vG+iN{%=`7q)cAsS1<sISvK
z{HD%t-Q%=!^RyT~X=^;6G|qI`45#&sPIJ8e5~#3VGUC0-S{NjzM0w0)^Bm_th#4}Y
zbRHi(!5(Yd7Dcrc1r?p+^4&!VE~1<iXt&e@$~b&}IbMCfRKXNc|MZc`d-$d!A>W55
z3w?f<Y4g^_t@eOU>nckM{%at^H`=@JLVc_j>ZgSin%(<^IDn{%!CKJvA(LN_j$Lf<
zw2QQ1N%oB#g#$hniFx;%T|}vr4={c{Npfg`^Ip=gFxB;*TesiKju#y+ysO40LFmVb
z_7mn($OLQ%uDFwV!i6QLK3?3cBIO9%Ns&arR)e<mN&L<$51rSj?Nf-D`Wv}y+0ww2
zF>OE}`o*n}s^P;n8yA3&ataU@kH(uwvo!eRVKKO*G(vXWmi#<qC306`G!H|y(AFI>
zIsTmDP1w)83*)*us(pf%g_C-97$1?0ThulHK+rTw%Q)|U^3S4XnMt(SSVt)DdYiR%
z)suqiShT&^s}b}BU5be4YE$heZoTfHuW(RgPHf#jm;q&YJlB)VYd=3BZKtMw<;o?c
zzxB1m$f3%<2?HcwPO`y<!k7-smoDhy^vsyz?Jo^V40SXmP<1Zx>sDTlq%#V#_UHi9
zWxrN^pOQP`86w*1UuW>lwt6ArQu>dT@D9J6{$M~(Dtd`JVqlOS0O=hyj(^34P6oc;
z$;M@WcOeN}o8-Hg5NGG2rUMPiU`eW8j<y~@o_7kl9)_!-_zbkZb;L7dwm#&3r`LZm
zNJ*vc8K9)IL9*@pn1sk%MfZt_=0LLz`k3Vh^Wrhxb&K8|NGf;yhf?70!P^G6UpAvy
zTnRk#pD^r{gn-N#1zDHR<(2fdk~Z^oNy>MlFc>&?u7LDpf}7CT%b(72$Qe=++VuVc
z%nO!;!FE*}moF}5B4kV=E*FFN9c=ZcHqnP=E^d`+bal+rDlwyLiT97+pCJijBAG39
zr)X28>N_FzJ$u$^V=^pwTC=DIqD-r_48n{j`)t8L1MmuHYZNg#6?vktI4@2M9MXcH
zq-%oowAZm8P7z^5ILakYL|4dK2dQ*>vFPv{04v?wg3PW5EpWv)bn0RAcEd+hZu;l`
z;YowBqRNHD&b9`?BjabHQ(I9$>;R)LcJ320Vzi%+1bGr%)psE#ACFN4Z!_yYrRA}l
zwa)!<!4)Xvs<9Zm-)2;UY7HUM$e2S%PIL&ccccQb`w@4OLL6vF%(j3u6G*Q#I}<pG
z`1Z<N@pwx|+%d)%&KMq9G|AuMf|<j7D^Da01md1d$Iy6OksafwMV?BGpG$x@xElPU
zIgm{@E6c<y_n+UwVH63EAn{W<Oa9p9T_Moq1WpFD1Ncs?TRYS-G3}*`O5Z=f#&F({
zDJc%Dhqj~4MaRHSw-X}8eG3gY#BjN<m+G|p=3R41=Pvu~W#nGku^jdSZW0L~CZy_Q
zN&c}dlfJ<xN`w3P+U+87mwlMDr;>{%jYbmdVeQnz&E*iff)_mqmhm&^1HszM6Kc=T
zU42h?oQSceW=qU!FXnr*yV{2kUi<O$73kI@N*gylE^+6YYKIG`K=w8X=>lG1xQ~N0
z1I*IG9LAZkU8j3u8w{p0mk3cj0SMRI{oR;cujkT2>(LTE;`lWnc!LSJY1hqp!B#ug
zjbE!&Zi+RKTNJ6h>$FVltsDFJq&AB+gMZh=LkYNy6XRCV(mBVyc>%Mp4~}7f!qwXO
zx{0+n8jGliYFfr<h1>N4jiNTL^03>J?D*B*inS3lUP!vw4nzoLz~=(RbuC%x+FC0u
z9I@mbIbmTDL^R^G7YX^kZM;C@I8CqT%kpOt)=O?a_iExOwi$)kI2lm#M<LQ8`h0O#
zDQfcE>{lWARGWuBw$kPpg&>{Zq`#-g7-IQML-J-Mf0r&B@1Nv#|5!5<<(ss>oBg?Q
zMkoJu`615_+TOBPsV3sHdc^~HKEtjm8>3q?<eK&8_`xsSEf2y-SXEj5dz`;oYmTDa
zDXVElZN73b1$~Kt`6#FeU2og9+qF-<P;k0L+;S%e(X3Om={WQO!j&_|>@}IrMcusW
zbi}hRM9l$SD)-IU#lhkFdPJ89`WY^=N!|FTi8<*aDN?5P>yjsYmn!&j$<aZcw&#;(
zBE+$lQvjZ4+AIK@!ggXpEnc#tJ|(r=>+pC}%5}`cYDHVpE+epT3+&6XWidv)7=FqE
zK)%x?#6ICvYuwkj`k_w<aXwwfuwP^je`ab?KiBh~6rNagV|SmzuPWeVgs{OjeD8Js
zoY)RHaI&H*z<(U&8PtLM1N7gB==b;^p<=ismwBDI3?MT4iz9U@Z$pYO9l)SPyP;}{
zpGhrJh6`6`qJ+3}`DY`WHHup=<lq-p@xePk#)(o};%gTrML7lGd>V|4Jn8%dL)(7Y
z5dH2#+lK?-si*NgVJW0`(?f-RfQVW$16NjaYsX#zZzY)$S?Si%HOB<2%2iy)y+WOX
z2-R&yU_bYG<Re{;Wi?WsHW3S4&Gvm1$Zii^&Du>jM}H)_IfUcwk!qYKnsUoM<e{k_
zaTyR$SH(5;#*lSl8*YZ9VQzOt#3`e~<6II*^b889)zgG~#I!VDYm6y6PIQu9U91Vj
z$$*UG;!5}!^4gT3Lhoz@k;U^QD&bd_d_{GL!ydW04S~2F-<zyI_WZOfN^#4pMZm>A
zk`O4O%Ir>L6XW0Hs6klSc?}JN6&QDb!k=|<TK4dS4@A~%Fu9d6bd*S&83W;MEA|=f
zN0#a`s;-l}Nn~~W9v(iO9E9H{P5FiG^!QDn&2mSJ9pC4c^G&O?w;~5G&V|^p;(*Gj
zU&V{8$<n3TYd|IR`s)Tc6=E8;Aclu9rFiu_gk;o6I@_hX^av`NNgtX)^s#2Vyegnp
zdquNMOq5?fXEc#^EHYZYZhL!__&#MnIYF<URQ!)OCA6yqxvKTN;|XtidCd%6ue8!O
zz9#@T0334Y+*Wy*13P4{`$w&AI5k~mes+`m7s7_=NdoB2vyb36_`n@<Hg&r>+8B6r
z0T8i7owx;r6AXS6=j_#JtORu=LCpxa@KsV<<ctpIR!uyd8H=PfW!47+gEqS(clp*$
z^s}D@%`r<u5~=lgt^tudfyW@E{QGYcs=1ifaPdjN8Er{!8s$DKM=8U(h3}r)pP-=Q
zjBg3f4(e;Tbk4(yoDlkEac9_4jD^!?m_jA<eAJ-4K%hZ2&%<|~ZpVsa%}ekncU2$c
z{Ii&DN<)i#0!p4_KK%V&BqZQ^O}T<qv<EUMV1oz=E2I_IreTG)gh|=<ilicmt)imi
z0rWF28CB4+44nlMUVfcmc@L@;9trKtS3fpw*O%0Rx1gp#Ml)!Kjs(uIYeNb2=wpe7
zzS(GRj)rSeB8x_Z)@F6T+~CacnQ>#NG#^}$ogj9=Bzj5Fn}Am7d_0%`$Wc8)Ay<C|
zG4LLyZ&=<w>zS(<$R*Z}3T=&!4S|2j%kCS@#~TZR*dp_jP1B|h0aXj--w-e;$y(d+
zuxP)CXMw&E5_!IhsbVO^eYQLvfwi2m<4*DXjq6y;E<HQaM(G#VEMItW;UhDJh#%!0
z=(F4@AeM5X2+TL+NTWgqH23+NzE_S@<yJI9#|eU0Q}i~u8ienZq?j{HLI<w#utWRQ
zmXwDX7R^Ch|3<ZGX=2-qbv;Mf2+6C6YZ0i{k1;D6fTC@+Kn(HydIXO;X?9C^v{eFo
zVNXImBVbbve=hde0q%i=RJ00_&GYVI<BKB8j=@As`&t}-FJ(Ias>tg#$eAJY+IqfZ
zOa}lU$jZ8;7gSyST(EMgx7ubHEE@{ZFf=4e?dcIH4I3Uuiery~F?FWy%uenvG=V6(
z9biqq?l8Z*I?RAEJ79|TW|Ji@@Tj?#b?hi{#Q#|^tHdJdm|qf`_$lq7bhY65I&_Wj
zLFReG$3V67**evcr`3a?-VS)v>c#jn2G*(TEjRS(pYV<wSOZ}yD@~Q{dIuBjpg9UI
ze?twQfh}-KITju%FsgATxA}u+`N&sx4vx*;S>=xxO-S+a@!5rUk-hft2x`JBuy3i<
z=pkH-&Pg1X4jeR)UsO6rj`3+sFTF!n2Jfh8@zAdyYK#Q5X-CMn5#ZNSg?g$;j5zA2
z?Gqnf^n8x;|9TWJh`{5cK}dY2Pma&V_lQ(fx6IB#*Vbb*-p>Vemo60Uk4CB~<RKE`
z(C==;o!Rt~&Fh=jrj$<7z4!YYWrIpq6#j7&Ht|7`6WlWKl9!{}bJ;kpVLoKfE>ea_
ze*Vc+Wk;~;-ted`W~kcnUoU975BS&~;N=-R<4Wuw!p=Wr3Wq-ilmnD%ipoE~`p)I?
z&6IvG%Y5;iJ^0r*x`BiI&g8-AQ7-(;Rrx5KZHgi%@XM4}mxc2`WBiZzGU)yFID@_?
znEzXLu=rkfv^cIBA@gtBV+0>b^2Z3Yj5Yo(b7y@obHBS*&igMI|I?lS@4EPe2WT7n
znra~d<WQ5Dj^XD72_f#B`)3U!z%Eb8cqp={KWg+CwA;-s8@e=nt5=QIT?z3og;`q@
zaWoySsLA^$>htF;?u7Ei!-`=v{Iw?AullypZCSa$hi$VFh+VOFmh`onI`1-wzcE1}
zgCpwc{KfBP$Yjaq;b@w(v_z{X?d{o*t^-(jS9hj_PW6|;6x#JDwgD-?w4c{nbPz`x
zv^uPEJsae#Rij6i1ff2$XuTIFTkbkL7lst2$ed66?<l_$xOTwZ3!{4kOoKks_y+Vf
zZS3jwWfF`u<)e6baMyj6t8*Zb<z`OuH>20=#kAWVweO(weq2_2xC%2eVz(bx#zzD=
z(%am%i;15Mlc*MLOfSA87^=)yx*O?wIZe%hvHB-FtL358^xn81C5>%eW$(-MwjPhb
zHgVmU+Uv!d)kjfe@~ZLC{#Fchb1ZxHia^ok3a?s(ap3|qxNa?7s4qti5@$HkQj!Wb
z!PLB#R${S)!gt41G+7@ln1tKvo#(praad4L5Y3y-dWe~BdafwNJat;=G{s*E^<IG$
zk(MC=-WKDNy%82O{pB^iQ`A6zUb_Zj15Gcgdzb0eP4^={LQ|$_Q6I|QE_J{VaJ?!?
z`J4sOV;}=Ij>y>w5=cIx|KyH9N)i-J?+D(3$w}K`g4phlz0gwOyHz71rR_<h_luYp
zK_C}U!WAuPmy-~$?qUaN!mOTk+3jbmwtE&nzGD_+-(Zr)??mK0!6$$)gZLF^m>!88
zX)Dq&4|m*V$jH+X?Bi|9Nx8LARCk=D^rL5u6`RiexWUl(Pk~brR*PAqJy9LsPH1i6
zpLuW_C#RcdW|0O84MHt{sRMi<+igP!TH9m&Myz1Hu*@6G+5bA;-dE^GI^sc!fP_$(
zuE3YxO6tCN8bK?K@d4Y)E-bES{Sd4Z_|uIvv}L>Ssyy|oB{n>x`vwcFlTVmDl%d71
zFBh3bh9fg6#K&_And)MPz>DS9EhMb|Y@jORZ!-bKnV$YMXN3f9F*i$CUzrB8Xlb!#
z#5J;*AJHaY3Xn{8R=S?cp(PGDzW1Lr$+NHoWPmcMrxC6QC!)!ApEQc}kVQuItn#sS
zZh6e!>eK01%MHd~*;Txozj{R{d=uAjNrYO?DTAkE`6WTW`ZpJV4eDxaK#&J7>FQ1-
zErkGxH)Z>%>F;Kn4V6yei$|H?#gdP2-jEfUSV2B%cwTNgTgZB1@f>Vtmfus2Isfw1
z8Vjr^bmV&W3W0Kpqv)Eps;H@n`X<m?I9{jLn;Y!BB;+LtGfHD{925|q7o0KiQOe9c
zWhE3<f_2{Td`Ga;mABY2AlsF&?Zhs2*GmOo*Hei3Co8&~_KxUJRWjN~j^tlB@J}a*
zd;;NgoDo_ltUtnR@V*;;v(Pwa&MI!v`nv_P8-o><W6LaF(YfU`r+`dQq)EB?c_7L{
z=C2M=2m)5x{pV^lhLHWC-mlb5Ogj6vXx7I+J-V34B~hlrJZhaxtpaR_HDNTYW|}6z
zFSjqttBzC&3zORMssws5vrU+t2lvYtuE+>AwtsR6+8t~kV?Wr&<a9vKDxxcNm!$U+
zy)RTPzR`H(UbeQbbJ8$lX+b{O3(b2ovvJ+A3G8><o@~c2U0IeFl=nu_aG_h_)}~Ld
z2f?jhi@*HGX#T^ae2zjnh}lJ8j%Z!1az`5P>`a@Ro2$rb@G}@979B!H=MNC1v3cU%
z%5yrMnZxH<Uot^%H{vHoO@$YiNy5qN=@&T?qA?$`G^e1=le1!Bn~Q6-L&LPM=)T*n
zb~Io}gTJ3%5nAq-wz>%E<{=G+YCISAXTCcK9WJ4&%r4Ug9oOYLFw<XLtxsP~YT3WQ
zvBMn-TFoaZa8)}_tSvb&yoF2EVA0@U(T8`3h`8^z{hqot#-Zf!?5MBLU{x%FYIkNX
zxOUwOgmg6?Q@NXSQ4M+9UUz2k{Cl2lP@^2+4YLmy`fxa?G>QqFuo^U8=z}`-*-wHw
z!ed<4$4@2&F|)(^?>it~T~&4a4_O>T=c>SUe~(z2I*hY;*@a;B(x`IvtXJyxc%b0#
z)nIUUwCd~@zRGUoyL>a5`If$X+Z48&8hTsivG2C$b3*<Ta9YJ0wUIhsVUoI|;ng|l
zH~WU%ANArlzu!54t4V8k1?RI-Eshu4$`U{Gn*|&pl$dlyxlDymlcNy#-2V6>smell
zB?Vcmb&JybsS6eP=9Y{7&E@&krSbdzHC$aVPJ=sX9Q&(?j;k3)cPEbf?0=(yKL{^)
zg|kJ!P}J!N<!cXF%if!Y#>26%q+f=`Dm$*puv=^gWBZ`XLTF7X-?mwT#(?N=+22-J
z2!q=4Fm78P!IdNoT4Zs21D!bsA_(gRBw)<yF}%Dc>#(8hSH_Zr#cvYPT(?c`dqs2A
z)n0<*6MQ-%TPjem4LhWrA&^bEe!uwtDxL>z;hvCAe~-=1tWNGbwS&D$u!lP{=vDbV
z(=C{*QQLg(I~mY?XotACNAvo#g(Ii-==-q)_dO3=;F5~se0*NK<Uk()9KSr?<sz-8
zQU}Yg-G`osc0DW<cRLy+_;>BefsY07y;CS^9z$zg*e4sZP^Rp9fK;LJG4f<wVg4w1
z)p;0>u92sMEcyX=oOkxp#t@wCWO(}3uvi>d@r3;SUBt-n^FjxVCN}1TwlAXW#9R`t
zO;7~O9Sp1lBz|JsU!||2bBNy~7-_Y%iUIGERh<&D5N-|#B(`q{YNoTg|L0JegT9d?
zaGK-Dn8==`NPjRQIxFW<SlJ+B1wcaKj*o0~5PxpXOQNQ6JbRDxFnI-Xd&gE+;7!RI
zmD>F8Odn(TcpJ%s($&un0UHHCfmt|?5R&!U65BZ$WKLg$JU7F)iQplcJ~H_`vEO~4
z1AoBVz>n%whQ>xYidIw)u{*a~r4O@*x9r%rv8k^x%nn4eP6}823ME#vSW+e)6ft^o
z@|C(9^2N0O1%|YqfBdJ%rVAQU#vno)Z?S>isI<ptCP1zNB*XPpM{N2l6C09K>eRUF
z-J<iBLYbp;Pe=OqGdFu=f~}#+y63D#s@aUc8~FF`Ke$r~U)zCI{doUsrZ>xuk2uII
zx_6Wk8%wq+9*~tRvYs~(`DmS1QEQMWkf{Rw5%;wkmt)E*?OPJvPKb}DSSDAnzJHIA
zf7-OwEkM1|otKK~rCD6%@$=v*866_2ut?{v@DR^}Cn)F4%Bf`N>&5&$^-U&o@MefK
z&Pr3zIGd~8Ko*(fDak{a(46<6snh>Z>_f^s26y_EEi5MnCvAZvYQJh5v{{+7m8yN;
zvW<zjgf_{ctT>=mG^_7~KUkNtfw|Kc^GkI=>&no_jGBgdc3wf@$g>HxCu;RO=YA_?
zfh5a=0!)sy0z?l*@CEUwB+%g{GJp)-s%Sc-Mdj~2ZKD6<nB*LnHvO$*!3~$?h%^ZS
zsjlympYp4CXmN1a@&waGSoe7+y@Dg?#tUsHVFqQfe5HF*v*U$EK-iFyj7>9FDV6aH
zynvkyg$+DlG1^Y8P$;TBGslY%+H6s9uOY#+y1nq&xpe(|p;TmdyB@m7JgtdKAXViv
zOWcA!8~vI-jpm(EZD+o6g;P%-RiwVEEKxzJ*<540i&s^h<mY>B{L8f^dy7;n?DZxT
zjP)#nxFEzLD%1O15~FiAMG$}C!y*iCN$qaMEm>P7ZzLQ*jnU=*QFWD3aUe@~6Cgkc
z?j8v4?h@P~xVyW%C4m5gGsxfs3GVLh?mD<TgF7F2o89-mzkQ}>&Z+6@s=9q|71aI@
zb~Y)*lJ>pl@Qh_pNF(8}HUoQI^%8Xv4P~BezyxJnj#M2J1^9cwdt<@}l<9x`1)J=(
zXprBnNWx=^KQf*mU~NT`7((+1EB`B-B)B1iXVTk>RF5==VDWwbV%k9C2SkA?zn|y>
z+F5?sL)hB5EWN_6hSVvu>S&z(=?63m6uCOkQs(-p1dD)D@E|8bUAe;Px3)w&!SWbA
zC@@@=E$0-?(p0r|L0Lg&=?vWiG{*#$V&Q?+fE~!zj3#WbKOCo>wSrPf35#dxAit<2
zvr)(m!=^vGct%*&fv!z~d1_@^SV96;E~17_#cb+}l8mV(7xk2G|J^0On$6zNS+%*A
zmN>Kp`8<l1*q4iy-i@0o2LRLNnvsOEB}|W}ri~eyuRT)V+^8C?9{WGOyVm(zVX)69
z=!~AbAxHPjg%7(_OJD0<QgL}gJX8)ar&QIRQli5rdO+hlwj`2|e#|-c-wfqE9}v`#
zQ&vR9U0{~=x;8VTfK|Nhc&PUDM8ivyeo^8V)9c_nJL(Ax)z+F)34imnufG&tKoJJ^
z#jkgsV0iY(lj1NEm{l*yMlGwhu3sz(Y^+7%37f6t$`0B-bguVzU=b-x7V@e6F+J4h
zplAj4kYKw$GO0!<w{&}3lZIpGouCQILDjz@55s2MDYLiToqZsCDP$nbB3d_Uun%!V
zSW=@~OKv!%YGQy!miYZY7v+_z{vpZ;{_O}oC?Sq(Equ?T@qO~g?1W_A55TDkmr3iA
z6)5-<!l8OH0D-31*{zH`a3wIf30selJGv=o&ab5Jp-Ov?(~?JzL4HqLx@jSH8ZzpZ
z?A*2!(DteztkG1l;$c4In-I(S!XR_C*o4hnKA1aXJHvLA(dFEB_cekAbHOBj1Q_v3
z;fM_#anj&CT=k2Ci?1n;>kL`YnGy`K(5HRpi(;7GAzD1&G3y;*3Evhf_0+kK`4Rp&
zLOj*yu>vz#Jtp6tx)Ax#-H*-ndX^dDU@aod)@EXH__O0evs9Zo>WPu-bUSP8UqWeN
z-S7i#F%1U#9=GRc$7LH+C|~%({Tgk~Z;Cfw^niG3%M3NX)79}`Y7Rw+>YXrs^*uA(
z-@QXyX-&eUWznR2L;k<Tz!vm$R#9vfcMEH!XE}RIG+Gt?29#?9Z2y3uXve-L_x?=s
z{qm9g>cFJ0`1fqa4fTxX;TlUsv<R!5R-s(n!{ohw+B{J@4LS-fA8&L_Lh)3a@T2(!
zY28t~YniV@3DSPDu_o?CHr-$pzQ8yS{m#ebaSoL)nm`f1Is|rZ)9G3EDF+v=FL@&9
zD4#7}q3;E??hYqJ`t6=Ab!;GSsbIk*NV)D|=C>T+KQg1AlxVN?q$-FC;S=Qj>5wY=
zbI(K6^4P8tM*C2YsAd}RNpID}w|R%aTqtYJr*&&O_}UU|o7_)cWK$yF;m%#!8GJZN
z+)g3jmWMsTb2L)lRg+Uv&AXd;e1>~@w#toh1+%9}<x!*+oX5u`@S))je?|{qM8GXr
z$h8VPz1FT8Nux!aHRmRPPQM%!e(CT5YoN3bs>GQ_eK~$GmE9gP*jQK2>YC*mwKb^y
zuxWP_pWKNqUHFHyeQEPMHXdAHcC4c>WXPBwKqh<{6&F`vK+z@?D_k)&nvQd?#1aV$
zD)^u;kEv<!AIcrBZ0I|LuzDk>HgJ!EFDCrh&*5|)m>nzQ$Ej%P=~0#rd~>Ms`iVd$
zy|QeZ=(e9%*CMG)(gGy1g#AQ%CnzVe6|f1f2Lcj3#JC&zP-Xo9ml<py$^y2xW-OTc
zSJ;S1DlQL?<)brxz@yhdzgv9oENqZp{MY4`;h<^uui=IuuY!a%EDX^sZ7#jYH}%#>
z<2c4RUJIhKO)>?uFlz^xfRtHeMmeS!*3wL^Du}}!)FWJotf7uHQ*w|Bg?=#!MfY;<
zn+_qTX41e_Q?EyY>gB5HNZ^-$RaD;)BEROAmyaK8Y&dmr+c|Univ{LYR6xEH1UUT*
z5Z(TQw;=E7%7wW;UXt)`q8HlE;|%Ed9Q}ygFtP&tRTL8XzN>HPA`kx&=Crt^q-S6N
zo{>=-{$NvEN@@VY%HOA-8~Gny+Mjoj*Xl5&-I1D=vQd)o-?Zs(6f6Ceq0+~yDDhte
z>@_<g|NZZwQMktZlb!tjp1xNQ?7)NKAmo1+^F&`EH0915hCg84-x4{G*ZqWJqJ)b7
zVr{SWc--$4LOO9;?7!*XPdEaF*ZrGG`JeuGF%|81po5QX{C^1E=I=|858YMtpZwrA
zW~NN~8V#rom9YODyua0We6RZ>&9nZW4IHF@r+nnH2c-YF*l$mZq<q~Ek)8gV8~?`$
z@_^s8oj@twoc|(Nq3w|0`_lnDS^v98jrwYoIHrQI|7XA7MqN&-1}Qr^@FHNDeWC25
zUmklR$k29LsPly_;@FzFb-v8I|Btc$h9_A`4gAI3GsZYm@bejmjBg_O4tf-d9=U=q
zDJb{?zeL4;XetTJ3YYWY8w(38fakJatB%W6%~7`|@vfq)zxPB(S^M5)$u!AEY%<qt
zGkItPz(b21vIH-&GQ{UiD}BE2kPmMafKI1qOYis`A^f)q*MvzO(8L@`5Z6UplP&0%
z`qCK%w|h7_luE0_Kw6IS4~U$)+-XIy-syX}RSw1Ia#!zH9-;tx=n_n}T5ng(I}TpL
z;Zd`a58{2!%<w0&gPkFlqCU^&@5<g4{%s@&613kSOl;T5_MygO1wZ!K((sW10#8$f
z&zT<W3S#YT9IRT{4|!*E^_;=bcO@<SZnfpAHx!K5qoeY4SVcN{LfI1rlyjEkN~U3s
znp@BE6~;{?Zt}G2v=IbV8e8=Z0Z2=p-1(Te?y~xBZcZfx*u1l)*2oVeoRa>*$FA<1
zXXg83J7KAUJlpv-bB1}St2V~_jbl66SiEWTb$50bOIYMpMA!P(lu=7Yy`=uu)htMk
zpPjdOA~fQMY(azEyhk<yi@nslBO4&wa5Y@Oto+f^0zsX0h7<ip?8r0VqzY1#R#g!T
zaa)M<+d8{Bsan8%b~2sAv6bcFWpam9-OW?q%=1N?;p<}y-hr<^^w2I(m`}R?xc{TS
zd#yaHP+yHyh>(FFiRASi$~H>~N#ntBz$GjM7S~CJ2u53AJ9D*FA-8#ww|FAF?T}N4
zec}n{Ecu+#V>`xOvzj|tnh#z+wH<Nn5wQP;!>~3M2DxpJQs34%W8MJ)U<7{hr+n=4
zFSoQM%wT+gJ*96<EdY&dd6lU?uG-oINwj`0<8}1opBl_wVKdJ+g!dMYZGp9q?3gDe
z7lgB&@hqn{q9ECa$Rk3vBX`m68R>mmsJ68nCkhu0CH4YMf__o%f=kkw-S**j%AQ+8
z`ph}5+{CRJVmqZJ)w9PWU3A8eZM$$Uw-h@k1wFp!T{`?VoUbZX&;2x=PId%MulDpH
z4$0<QqSEGTGX{9t?EP`W7dMWYDI+P<&XPHYDSDRU#ERr#y-6m%b4)B7i%(_3BGdf~
z!_CLYI_Rrkb8U#Co)73}cjms>Ba%5D{nBwibqT8T8#v9FiP^fqI-DAk9GgQ+WJ$Md
zd**e&957zLcrn;Kw-V5`S$h%#vDgi3<g&GN+S+fq0H|dW&ziSc?C=gHkMGMo4#pmE
zAMaUp2yELWR)2^+{aZudF1${!B{4<ppqxiC2i19OEFL$rT{7s^S8`4W$iJ-(Jeq0J
zge1hj!b0sePTi$uocKsvmBuycDDEkemZ1JVjvYRizeE;i9uK4yz*;iYv~<Qjf*_`~
zb-k^Z8?kHr2j)ljIftqccGv*aQ!4#%by-7KUwjc|FIFQXu1HgEpJyF(k#z6$qVCF4
zH{zvAnfb;`d>t=P#r=9zg{*h#gBS1GLPbD)%928~g`V6!w)0ji*4q=WnB8n-3G+uU
zRp9g3&Ac-4aP;bEZiWnVk9O;h{praTu}G0cKbL5VvAt3m-bne=kmt@T+B{N%?4W(x
zLpMxoa=ari-WaDCuO|;SX1stkcNlz1hQUWZziMu%*S8^k>OkI4y*EFRbNURbiE~9<
zx^(~~z4j%e(r!x}?jTJ)aqcSeK`cUMuW;#MdG|1XF>(wG-*lok*_`HRH@yAD5C3qd
znB2;U+!TMu*#DSbwvj(D<*=^m;xjh_c8R%{^!ukg1@hLcB%u~`T=veW(Nx);VTA3_
zwwF*c_?Y;T<*<p?P?{p*gaoa@3mOXx5EZC~)`ueSZ*9cy%hpfeEx)qldbs|ELGOx9
zC%3*{c`{=2&B0r(fFS0~Hlke}RJucsOh_5Y7mX!$^D5fq484FZM?90yQ<gxTv=6m5
z`XZ{EBz&DM4$P{`s*C;UI;?l@)#XNIl+VVKINXkK@OBcpX~l#V8`)>)?5G)WgFm6^
ze{fshjWxz=bm75asJoycE`j!?3|8NLf2y%5I_V0;HO9gI)mPOTTZyJ!d3V$LSA=HH
zX`RyPJV=qXk7at-!9V#PhOPwC&P@>kKh+1c0m)Su!oK)=p>sQ4Pjla`6VGM{WeYnn
zVP!v52JF2N!8I!|ya}GEo}QjKvHX0Buh6z`j6+8{sj(#Fw<BHq%ic^u7;ee>o(Td}
z3=ebbL{XL=NF}%~9{gzDNEG4C2vm|_Wf_2KD|8!7X6YXq`c+z-HiO^VL7)*<md7e@
z`wOGr*`ks|kxxn?Pn!-x{RxMeF7%9|WthXxWM<K6k?mcl5h>(6mY|@UO$nC!iyCMY
z?E65i#g{77Mm(1I^{*ox9fw)`iR+|pTYp?hhY%vp<rwobewPD<f8z6+4%%L(@cZyL
z@Rv1DiA&>KK0RR>=9NA@ZjVbX@U9$FTie1vx8~=Qd#Jw)K#@vGvl*551laT)9u{0U
z^saOer9IkK+_bZjr4Cd~c+_AhTAhe}2O&SdDlGu%zyiY91<{r=+76>Gj!))}AAYGj
z;W)yd?8#lR-6H3>=VNst)16MSffNnTVaFs%qeAjaPm=L0m_#?Rab!dCFq=3ez>i&U
z{Zv`G>|f0|^*fvSAZ}9=8|x7n8R(fO*IaIRj;<DQsbrR3=0`sKaIubiWE;j;*Ij+8
z!3y%+uI%e<x4AJGG!y)gv56sMMrR@<vG}-y$MIW43g+oI*b)_+Tj3o8U-LB2o3)Y)
zu5a4)j}{i@xo=SkHff)NH?m5gGuVuTBRqJ*ZucF!C)RvAb9{<M5i;uiWRrEf<gH2e
zop+<RQKV(9?7f0L)=-lMtNR(y4v7EBwAvYkf11B9h}0@PSj@L%MZ@3t&hAFh)-p%9
z>+LqBHz%8x!T9amDC23Z<%1K*vLTxt=~ZfBI`a--0N7y0VUpY;J1$%Z$4`;W-;4<f
z77NteCVgAuZHYyqyjs{XweLL<y~DvnCe$Q?Hgz09Y9I{De2DD-aYSU;tpM9|mLAwv
zZ3rWes5)J%#XMA;Ep@~WfU~@NRu?)AD)Pmmx5ZT9u!3{op3Kk_4WUliX~eTiX7|wM
zu_!3ZW#~sYmui2Oq85p`A|<b>uJ=Z>Dqoxbs91U+-ziFGY5QzxiZ?R#!?<dok(&;1
zpcOzndIFJcc)AIfKJR+SmyGLI>FQ{B+ylwqCdt;C_`;$F`ARm~qo~6WtWA0AZNy@#
zRoW#-Sf|29%59q*+jp~a!~2`_UP@#bbGlFeTco|7(Ax?3#fGCtorPI8^9tjsHwi}<
z>*)(py2}=W&Qw=UJ$WET=AaMnrPY|+_qT69R2x*c>>VR=4aKF?QN@n&6hEV0T6stC
zr+9B3?1xflbcfmgN)dJN@lhs6-qW`kd~cqe$9TP7=`_6ZCZGxXL@UYd^$k_bkO4O3
zlS5@4idsW-6!uuJ@kbBb?$$KfSX@`Gh6WV%ie&bt_YQ#Z?4>49ai`bdlah^|&r&fF
zfb4cSo24oA*WtUh7#A*}+1Uru`b}TAQ%9qj+*cYga!iXSqZq57NVU4aLak02u{Bog
z7T(MkEe)!o^=dAYBZ{sK;fwL-95MATsu$b{31gkc<){*n(`Y@l_egSNF{$WUwFih?
zAx_eEK0x*&#tz*nq13vFv;er-S>l2s^0%`qRF5qA41?=mg!qx}?tB{ZusIcOjL)9j
z10LR5>E<+xd7}Pk64;4px@Iw3*Vc(&6K+?m@D?7M7W(&IIC_0|5gt6ik}6-eI>LGm
zdLAQ&57t0WgzOp1;_!d})`;^s!v1)lYtlP(87oz<)oIT3F!&rEk+4rs#%Dq}O8C+o
z+qQf|<NthPPgPgp4(Rk9FS|R6kiqqR7&-Dhb4~Z#d2<q@oF3zw_&hC5M8Fq2fc`w>
z?7U(yI(S%rxu^-g2jSUeuz!{5b}G`bMobzepIaW@oXd4OBvxbEN|<P#o|Nw%@2JOr
z7rkMASnPdax>k*g(Q-|k-XQQJFDf<pewgP3RZwfyCvDE0f9TWg`UXo{UM&)7agB5-
z4-CmnoJ<cVv4iG82C_DL)Yf_M$yzPG#Ke+{^mH3d{qZ1V80{r_SR~PFtOV?9`Qb>Q
zBDyj@!Qq0illYa~+EmsQpwF+mph`}3`sR{|H2~Yb4pWOuDt0?w?FCmB?}dZWhw4!c
znUaL!T~ytPX@9I+;&$!XP{u|&br<fDs?e;|aDLan_r#dk=l>`MW44wNDz>pPrsk)I
z*Q%e{INVlMe#O=XSy>Iz=HIEwaBZBNM&$)>30c0<<_k0Pf8uE#GoFhl2jCN(ybEU`
zR$DcQ@(;o1Ng}0VEPUndv>cM#g%!?oKcEn8FnEe1sw50n>xj@2IyI#Q%p-?)sGs}E
z&Ty+t*N)S8s-C11c`UGhNmO^$5M8*RY><u{iv3FgmW_qqwY)yFXeTzHYRhB+*8!Lx
zS(kyJByrhfW|!647!*1fWWODga=B|9T?x-#8CsI737t7@1QdWWe$^)biaD@i#cM$)
zvU3C0O^ZtXs<qbflDaP~*l(Zo`Fg~k;_)npz$w5S^A~D7Pq>Gqsv9FQ;Iq`ZkGVGe
zkA`@q`_EQ<QfO@{QCsv<X>V+;(Z!U`+gE!#^$tEKrToywA2|l<Z`)(Ib*lG*Er6-i
zOH@Z`4lIr6dobJEEQq*kp+bzPt)ps5q_&y46G&|aH>J#Vs$uo9km~mc5)u-cs?_8d
zk<sJc&>NfkK}{=kV`sm6+;CAB6}|SjX=3GNUGhHtLH}CP$k>xoWuajh0m$*LWTr5b
zhq2iK82|uYL<_cx%}2>oB~T@Tjj8u(OI_0GaOXzhM*}Igl@wxL)>H4pi_tM|?i=un
z<*&jlnPyKRF8u1f?#y4If7ki#KhVpq@U?8e6&KTac`Lj)=y^y?c9Ol0PkeqBd9npp
z2b`T5@bR}YkQ_0x^<3CZgTdhw7TwFbe$As_3JVKw8QF72%e7qhtDv=5xvH&^{q^^I
zeHnGd%3ZBbt7@h(|90zdFHUa<qj@f%1c*fr+MKLUhq<O_#!#4UH;DPa{ZbFDvE?_s
zNqT?q{lDmg578S_NnfJ0muqjgm0NKy=Y~MOg8!+`vE@JGDq)Wv6<L!w!9ejxV5n*s
zgG4o^s3<pD8&}3wV%e{Y^yI0eKLB_0j4MW04u+QZ4}WGCB!fd^C*(_C>8Bw$`A?K@
zJ6gdg`j&?R+yfev6ZTHhQz9EZtp!t$(sRW;f6$bAgSXP2yFM{e8{m#-yG3m+3tULq
za-k<1hMaFJVMP9%x`M>>(&PQ;4Y$TD3r4uW#tF!u)(MGU_xRHeEonAz%KoPvFRi{$
z6lj%OTF##_EsgZsnW;E>KzUsrC|yq~#HZI!G_HywEgZ9Lb8-k&ZZd#Ibh`%K5TXB(
zN9XNYiLvXAWclNnhS?pMp<|!rxqW=#4Xy%^$i2n|fEB+5cZ6j){j3bg3|>mzRGq4i
zn9K0Zm{SkK=;A&oT>9hctGaIoKe@J!wN`yaCq+MN;#H3(|DM(*xWNp1Of=<u2{(1@
zQXj4BDr-xpc=6Tq@q>BMi1&43!Y5qD7Hl6Rw-w1?Cu}gW8#14<!uETbH-(lizr%(!
zTj156Erx3Gq;AyT_d1exo)u(K@9aIh)Rx|Co**Mtb&rK-$A+cK6I6N$sNP)&TH(2$
zukd2VA&NUL6UIU?KS?Xs0NcQ=_)neNboEy6s2L)rv5$8Fcd$v9L4w)>OwnwfZ?PFe
zc7}Hu1pH-P)&D_=xbR<3NLs{jURjugReNtzN3`|b=BfF*{dlImyz%L*$dSh*W8&#8
z{i+~&+}(ce3t%jQ_hqzAui)qCsnYY!%qj{=EE6&k@NV6%@!i!lKrLYaNA|XU0*qUT
zz7KWWfY~=zi&7+!uWa(c<x{ihr^8zI37u8B8H2wzjrq?eWq6Vq*TO5^EFB#?=f~e5
zvWqP0tvvZo6N6>5ZTWrEo~Aiv`rJriCRD_7`?-d%Qb!Ou2d`7BB;~_XW4+4$0h)YZ
zpyNnfNl<JN=Nr9ZnEc+N0tv=SdB3=%%Dz&lN7m(n6R|-d5*L0ezK#eI#dy+K{@*up
z%WrF`KlC_T%a=dwBhNcG$Gyj$8<-&*@C*=K!7B!L^_FPnxZkoqc(dZLmIq@KEe!*%
zi6)xPKl(g=FdL1cto{_RyIM!y>&(9o^9@?6a~;<?3qq_FHp4ngwQqjT^blnVZobpu
zV>akVH;!p`U(X6=Ht<gsnT-$y#9Pq~ZQqihgTxxM?YY|<=jt3k)@iw<5I7*qnvEi=
zGbsWE+MY6VCUN;b`zljw{sQ8UFGp?tYBN<dfr3e?bF#7LXyE6~w-S)-JUVRf%tCNN
z`7(JN=V;S~#nE~}@<4lJajVL1{gz=T7{Qim$vL{KZ_qNKrr|-}WZ!-VZJ{y)c{WUF
z)>qV}pwVJlVf&mn7ZHMA*<#ZL|6Vq4CO7B+3o-i&k49lWmT#aFHSdiS;xwSQ0o~b~
zm2fI|jaOrIT|~?0iC!eh-zjQ#{j~md9=Q#QC0*9ea(A)RKsUFFVr*0JT*j(YgRFOX
zQJ^tmb`l!bJ2`uPxgXvh`vde&3ZIsO9cA@cQgG43FSmEA4BG%=8-R-=uKr$3_QWny
zsdVBXWmg#7Q=*=$T$!_e?<iO8NTA{(H7V`0NB8i0Epa%Z7sE?JeSPL>(ET4S-I*%-
z7iJ~>p!|u9Gx$wh^z8u8Qz2>C_w#q1VMn|ZLZB5wZ)e2q23`+WeHbhm)`mlUl9JC(
z>kEy@0PluSP`Aml3_60)RJzP!qX+@d%IAzK3m|8@!Gp5p^d1>*Io!7f{G|f=LBpF-
z<LPMv!%Z0lh+;*E{{eYfnqr`E@SGtk>S*mIfjqWUz`O=f>8*mjxn=j^7QfktH>0DZ
zCDdwxA!ZzLyXC&S@QZXkN8ZODf1nwZ)I{!nyn9K$&}h5Q5AijtcnFwVNYayA{z-ZA
zj@hMf%G2+PnWpI-d0jecS_e_~*1WTuW3Q*ltNM!GEBj4$NJUb!FPw{e$8tlY@o7s>
zYq(W%H4)ch^;BwGlD{oub_+>x*Ws$sLkF7FhvV;I**T-QdQ0O)yer>;9t)}-J9VMV
z)AC|PITuNBA*%-1Q1QUEhF>v@z)fHPBU0WsG?wdahmF8Tnbpo6_7raL7N97Fmx$lf
zr}}~F;oOOOc&RIrb2bF^@LNF6y`wwo39wwN$TG9kf_O>a7bIevj*|wiu;%Vu`4qem
z&-lHZ{Re^PA<C}+tYifn%H2J;>m9Y2xp66PYid}I-6<{qK-*ISiacS_lfV)oG|f5_
zB5un#UnARtfIktpF5>ICr0)Wy8Jkq44k3f;kLg-M!>&OmpXXg923@Y8{#;j^`SPT;
zmg*>8w8#0gS;u#~k3e$gJm3a-kgNhGeS<yZm9Y?9H$A0xC_lbcFx&!0NcnWwa9Xhm
z&DR*H!M(imv3KGb%9LPXUJi`B#il7i-Ma;=!9gGBV7_l%pGbb*((pBl16h2Zyx}Yl
zod$UhA5vJ+i|a~gcszt_ft`!O%z$%x;xu@Eu6eg8k0m!fv8o$JedM;I!=It@#Ox&K
zmGVP@_~&}ADOsL81qCODKS<QByq7*=5C1VFi7#dvi`NS2{-Vm8fg<0WA6ZW~%J3dp
zv--$LX&9EP8RFUcQpOKH*M|RaTF}98kC)5P2E^Tvx_5DexV7iXN+`O)LuHnjXuhrI
zYEN+}>afy&9an*EYBWqi=Pp);4|&17Un*zkTI0R(^Fy)jy`KLBz7|GTg@NU^Q}1qd
z;mv(~(kqQ(HZJrJZsVW%nyVka{zy}M8U%=1=A9n(*%Knt&>rr98VwJ<A(gI531xuH
zo6d&hSw`bM2!vKz!Mj>#O_O}3y?55Esza0+RN2wxj}jH(qz^`xNlo(@5NP4L()@$5
zYm2>RA^O*jQs9_W)a=z{y<e>{gFk8OxjIr%+y~~(X}^O;1)z_3M8)MkKEPs?v(ZI6
z6rr-~Y?-8qqfwQ4(8OrotVj>`Kmsr0zRc^019ac*M`1xSp}!$Nt!a@0<lI0SWR%0}
zbIhMQa5G}W<7yP(110jh)F!LvWxgA>T#2q*y3d^b%<zh5|Dr8d!Vs2vGr7>L*B5<f
z2x(vG2u6ayBSO=Cv~;1$_Mz9{iJ12cc|)?SbA~Nhi_Pv@GkrU3`nXq~`FzB)3_%DX
z^*ThA2jfbntnyKGN06R;5RY@+x&D?}k9D23lp*8ogo)c*K{tDkW<{4JtS&Frgls#)
zniyx%@rC(&jm!t4?C(jRV4;F$DXq`gtJh~I<UykWCyMYo81~OOjox{w?~dHF_^nVu
zWJx8OI1|AV=!<bejtZPttiqD1YMqcmq~V@#w+eHLx>NFf6E2I&JOxqm(Jow2WTG|(
zSCND^Xf3c^m5zZCN#Dk>*Ue#m{*%RW2DQVyAo&@aJx3&l;9!#e7#A3qvvv7P2-r0?
zOX~M-=q#$PS!*@S(YVH*4E(UQ8{=HZZV0#|K9OGT)czr%QKxJal`DfDz<Ix=f3`I=
zgnLZAWY%TdC|xk1<LssoWV5RI7ywr|FXSrp_7{ED9GS#SP!LF<*ilKu8SlityNLV|
z_Hko2ERmHQ1GIh!L{LzM&=70v`jr~#o-`b2oN9YY%F*V<<_BqOmSspdx^)y7{{@P8
z;Nnu2Xz#{2N|hDuJ<hHwi|Im?2f8ywbF=iq_;!?B;1aFe?_9zjY7ekmJlUlEY}P6+
zGvdSV+1%Y)6|ub2lSWu3H@u?iMUpP<*<d?23V=%j(%d1#YCOBp4Ap2Jd2GQyv#-DO
zhiUY#A}^1q>>piL#WSe>dAhrGL&d2$g&Zf}avIep^SQNMQE0CWk-F@YzJ2lm4ErZ9
zKhX9UO^hpQiYqGP!hl9UvOC~ixRk{t=}MYyn~%VZdHQcfj@t}t(%#O+=v^{!1QI>K
z7G1k2kqgc2>XT*lvn0W+az@u#vfH<|hJlqMMxLGs{2rOzK$4FWlCeFrSTY819psEd
zZmJ}GGz=!qv1!(14bBqr{Ya_SSsS`lx3Fj$tw3W-?i`TSUIMxY`40*1auYoGYd2zi
zNAtrWv`~d|&Nq;TVviC6dj$xFRHY>+<ZUg%kipn>wu&s#r`+j=G)EDU5W}7P{Vw*0
zzaD67F2hDNXa`cAt!WFelHS4kvX<g9o(&Sw69Tsz1umF8)4lFvNpWc*Dt^qy<-XgP
z(&8}LH=z^)U{rHt1kJu`=!Y94<p&PNvXLDNp})}m9kAU6-C^g%6TT>wqNWv9(JSfx
z>49>~fl~kTrR&*NV|<RM@5G8{Qh!%{uDI7AJLZ@K_AwiXbJL|MOF;Xrzjpw9798ez
z@YLtwuq^W7dSU$|<*HqSHy;Hzq;74|lke_6jIZ*5nh29KuqY29n=&#}-EG!}usI~H
z?d$7c#PW+CPLGT8u=?$1O}<C4Lj41Ifk91_jyO69Z7kkcz&>8>Q@`X|kKlSxE9dRU
zV@1E~mOgo+r@8s@J@zPX;JqWJLdYeL3LRdBunk4!5eWO@{(<pg>{#I<aYoMQvIB!V
z<3)Foktn^&UzM&jR#F-)GcXH#w>gHyY&oG&ZykisA<}m(kLYwSc3*)z6ff8++3S^&
zcjA#o$zF+BfV_JmsL<JG7jYzdomT3*!^uOCX6t}79-Gb{g#TpYfFVbN@2>uimuDhD
zece;6{Y&)yU1A`X?Z*j7sRae`jzXQ@KvSh##%FYPTg5;NA9xucSKi^E=Vdx=gBV)k
z4F?yB)7>^*B6?`Yyi}9|RWcN8NYk*o%6J-t$$FoC(YbywSnyqc)l8y={u45hXJwMS
zcT%46Uw*NrJ2cFXvb&3J{H%Yus{Xmw@rBop+9Fq@;r)zr4M$|KIis{s&#@76GnWbP
z4oUT5Owf9}QEVztZf;Q=Cu(#`<??>kMlf(Q?qXu}b;H$>yhM%77ioN)gjvTt51=WL
zlb46?=|$hlAsLjZj?__3V(KFToe5McR&;wVcPs4|Nl*6&%OY@doZ{or_y%2MFI5LN
z;0of7vA#{{pp1kdFm!P+g*qI@cw3{245E=JeK0hV#1+Msd5p2M!zyj-{hD`m2`(<G
z7mbzQD!3!5(C|9_NWlMA!zn)Dt0W`$F{Kz|-imOZ(@+TqH21*-d`jX1$lw}@q^%EG
zP>^@w>V7`3B2hR5&w6a~FIaH*<8%mEsDGNaLBl)lC#j-)AFf25qHGwXeOdq@QyOjC
z^jV)-c}!3Cd4i0-F}{gHG8|ZhlwI7jk?{FkY|c2tB+R`SCm3(R%r&W9*xG-Cq%z@*
ziZZFIfRJYwV~75rXKh{PbNgSTG9x;t`aCLQ^kmR23t>ME{2zV8J@oB{YVN~HqLzM=
zCniz@x*s$w=M65ChfUkudf7UnK1)n&PWGY+PNi9ElSK}j%<M{=EOxr_S&3rmYt1*n
zpd`jQo%6D?CI6dM+mipJW@N16;^Fb5-PPBk=o{;SVzv~1e|&trI>??c^{?#Y#qzBd
zpsZ%`t)`~t<#nja5QvImLjCgQhWNmKGnX(h7<Q8yjcc`c5)7tmk|U)gn`AeqQB_r?
zL}pCe&u#qOiRK?z?e*RF4tjcaW%okS{U52(x6==Aw7GrQEaJQG(0Y1znlK*=J`^xQ
zOcmw+{m2W&+t$|B#1a<n!c@*T@Dr-rg5p2xBCpZyopu#gw?9i&LFf5bg^8c9*=pQz
zMDcrnP4=Ht(GDwEK7%zIOYNw(oVs0LC9XLAaE|&?x}R!IAa_9|;PGUe?z2DsMQPi4
zM*ZeLKXyxjI<DdR-1^;rHHY1I*;$dO;DX#nE{W80TF=jnm)z;(XbYDKF4+T@l~HT>
za&4V<cPVo^w%H?K`3eL3V1JL0i+Etj+1(E7*JZA5^X>dQq!bD!;}w@u*=sy2b1clO
zN7XhHu>mfi`LKbT^k3L6!$0+%HfA`#Ol*ac72KIvj;*hCymzwVulLYoNzZ70fDvR5
z$<NOz^{fr-KYdCZAj0bumq2mTqQ89G7_So)j1(WMdEC*tJ>X>b<&v#u&-13oxcY&D
z#mtZfBA<5Ywq1Td=LxNMDC$=rR9zsP$U`eUikWU6!^S4pnO`_}Q58N~g`g_;$HSLI
zK6~bj-e@9LPid+5K4-Vo2TP!#63SJRjoFSZ4hFfaRXiYsXr!NxW2=mjdM~Ak<q$KH
zT0gi|Mw%;*Q!7CO$LGKvUtO0b=Ns5T=Ywjk;D&I8k-^@;*dp2$y-4$TlUtQAXaA%4
zoIy;?9Mc9?*8wAjrt|l?-S->xTC&(WHoTV9bX$SNEe9%_wXZUBg2mwz0#rF$6mclv
zWj%=u8U;vs^^<rUi1wtkcT91-aZNM--JkRIVhSB6aUe{TpGF&09@g-@tBz_oX*}l^
z-cqD~zW#05W<Fkcl11>SDRdy3z+pRrbef7s*{;=)Og3UIM<GA5b6J8q-zrzNmwoTS
z0WB@_n_<(>Um-`$Ry6lIIPnBRUvuyl>R8qNrXPBm45Q2?F%&EO>aSGFPxG<t`)p_q
zOv6Jgvcx_8JFSf%I3iBo9MxOSKj~C4YVixCydw#02`EY~qKQ=eWg0xXShzK~=m^)P
z`x8w_zw<dvxlbwT3twMv#trC{@b09S9;?(^@6{C6oO*}(W)0iY3uK$4Y+843?U5P9
zVZFn<m``BlYa`O?iFUq3A~(78FanDXYU2<t#)_EA)ZsXb>xhoCSQT&KR9iWwF_cX2
zngT1Hn7H|&JZv=wzV=xtWgqXAl>t5H0MBuRwT&oBSl#Q^rCDpD$Z5x}8t=6850O5Z
z`W>O%WR^>0hnVst!<83gDea&$_G-w<e>xHR@+r^h5MQhkoQEwVhk0czzP>}6tadK=
zsx-|#M<+-C`>k99!^(AJGUz(^>5}^UslF3zadToK@#j%!J{TM-B5faz!}Nqe7P~$#
z6_`^+m|#MSN}!=1hPO5Vq55nj6A9=x@@p`N?6anN<9}iZrg|??Eog^3>QwJpVJi7#
zX}AoS_yOhnXXz96Cws;0okuZ3^Arm?{~QJV-zb<bZnZqTY^zS~)(6YxRySBvb=~l;
zXHE^smQbYB#$vi3C!cX{1=pi^>uFwgg9&<y9_IG>FwH?R^(*HHht-<`N{#kc86Y`;
zSF?#C);QNA;UO7^@A-{=OMSriNIkCyLb%lOuVJOK<f={aZO@s2X(>w+5E;<r7yn5H
zOHTAiQ8_d*Pt7t0@n~LeX$0ZnHM+nFg_c%oklOOxm(M4obDmbm)WmX4P%)g#1Lrc7
zOdXkD(H~Z~XJFldpT1|BRU`p(qq56J0&0Oq0$zf#gs?rL`}y6j6WL(Cp`cN)@HN3)
zxs4~Xf9#!HvP(30lE{iin@L=j(o~bHEooU{>g1}}%aj*)hTa7+@$7YCHm=(nFjI$V
ze+s)vx@B@cPfQPq)UA%)M8(sBmB9P9@Ml08o7r}`vp=S87FOAQ*!pC?ekItC_;7_P
z=W{p_B}i|O2YZcMP`;Z}Ov=Zi#?J$m8x_Yp_4|eZ9k9N>kt8J0kzzq@W?WBK#$5yX
z*tB6jQu}+;-ACfq)zIDnVMzn*GC^&zgDp0Q+QQ_FM)1_uQp1)Na_M`<Y>&+_zUQ&c
zYUvgJs)iq4Da_%B2ia{ciCMOcXP4Q1-70uL^QM9oL3CySYrgCvcgQ@yFZk~Is{7`|
zsLwiSE2X!R>7G=n@qFQI99ERC`om_-jYgXzGB3@$a&!^vabJd3skzvE?5?XJA9vN)
z67~0;_pL1OD@#r*oj9a(-Wt&ZdrNuJcx*JI`TN~0=ynsRBF@<|1dGpkv8HTE_moY1
zc;X*&0P)|JXln_<olPuEr_nlJSzl`!*R73FU$N?9SZ6tT7NaYba6cbMoXN@MA7b<o
zjcBsuw4TLsSR09g)18dm>7JTiZVX;sCLGvPE_@|ggdW!Kdk`1pSj^DcoL`%&&MbpL
z(_%9*vFXGQ4g)VYn^Lk(4fa&J;X7;k4UYEIuvOg;rYk+yH^}SP{qnQ2KpnSpxru4}
z*WnNun=Jwm3;KnT+LuGIsuw>7f9Bw9&)%rbEV2aY*cUoiLGXaRAAe|I?M$(Tb7CH6
z@p_>nL-S(*>4qA3tcLpAZEbFqzXVU2Kns8yJpqj_EZT+(O%O|Z11zRv?vQ<rsD9#m
zXC-XwcCm;|^m7(sRO<a~u5*$umfr0%;(PvAY(kB3!HRsIAy%y4CGRtyeT}??SADzC
z2Vrev;s<iIgW5d-nh^nLi6B(B`rz77pZDklRLgatYuw1jY<neDI5f$Tr0)(`3eqY-
z>L*0qPu=K`J0)t9le6d(x*dfNZm8$;ett1l!TNJNdOC{2iVA7n?%R;rF}2O7F(|O$
z5MiFN|0X1@&(pMp)<0!kPUTwu!0Ul}OdztO>ie5KW&++7Iivb5qUk^;J)>m-jhSG9
z=RCgaOFmLE%Jm8CbZn@};*BzS0lcgKAnM;<xPD(Gs!>1nn+a6eF(jTtOwplmw{1H*
zP{=HG-U57lVZH6%8_29)=@6jH>$HaudjN(eOazC@?9)0h{Tl#c>bWS()ZdP47JxRl
z^s{ugC=px5QyTYVC_LZu<5UWd_?Y^hfMT&=I3Nb2Iin(UU+PEmxhX!U7cR4vn&giU
zbxf(Dk&`Z4F%1yclcy2s%B{GdUu6N}FQ(ldH_qUW&wx#KFh|GtBhoYmEU92LK8kR$
z0hUs6;iE^Bh@j`pwd1My%h3%;Lzr0XGJJxMlf^PQW&~x7XUhk*ZRKL`j2h08%rUhv
zwYMh^UcL?pI;7emcyGIJaanTY-LE0|a<=R<=@;-s{NJXjSnvJJzXS7_AsuX?JDy+g
z>!Z0|DuzQU@DwxXk^H`S1omYv=mzFChqOFBLu)+3k)*tpL;c0?I32g#pHsn;dM~hJ
z<%st~W`nC#j(yW0Ej5qPFA^)9@YuyQDgQNZ$5G^{*D|gPiqdl%NYD>X2o1~_<o~3n
zw2FZ%v6av@eNsYkI;oP&;GLX&?Kc<-1xcWnVYDTlu?)s>Dc%;<Kq(ap2wd>*$A94w
z7t$sc^mjmwJ#9ufG7USe8d6sOLs)%=f}Zw|YNNZn=HMA=nf`IVMoDUBrtN*yeO`{a
zDPn9K7ICHTUe-NxDK#7ipEioM4A%vXAHb!b;N<EOlS;+gv9d|h9aU>E(eM+{23UP@
zqv#kF2fVAqLPv6I*@Hz6UFt>6)}sY{6EuH=rTw@WE16uLT78q2#4>`Uyfkp1T$}B4
z8QHCM%*48HU*-VHgR$*0)6+Qo`tY;cWI%7_E7=nJKE2UOI2DIib!CakIAFq{hF#QS
zM2+<$+8xX8)XdgY{~e&iR8G*qx&n`j=N)N+;{$RY3gMBLmG>YLZ!G8fWLKZx&#5%u
zN3$>T+*afa(u`LnL@ZKR7TF*j|Fp^oibhH^d~cV$6JPM&raK-bHi1p}ZSm^RIxZoO
zvALm3Ech$QFBe?v{vuF)@iP_hvKEIN>A+=TK5JsZSa4YQ=aR-88<lmf1#X--8Vlte
zj6xj>hm%4A?@#CG-5gvmc`a=~T4jhLn3B^Zyu6=*<seE?(SmeAFlnMTKxONcl63+r
zW15zk%R=LJ>7$Yzbv6@gfIEZc095Y6<JiTjd2<-V*%>u55#UwycL{OEj`k&J8uVRT
z=z7)`jY~J`uxAL)WsL0S0b!*RB`WEFU03p9zGbXGIuLMmNx5)MEj@%r74g2K=b)eh
zONuPq7fuQ!*PiWwT(fT`z$QnwGV#@ZQ*rV5l#FE}?dy81mF}-;lXM#|0e{5wfpFcU
zA0nv<RM-e^gn3$5b(7<Uxg$)Wv^%n9%>h4V(};~GuBR+dMRJU(SNN9};_DKNNQcof
zoCUJevLofgnK;n}O0@TCn)Ei}jc~}Fc~*@aF~`(WY=XC&qIKiLiz;Hh;1d{=+1}{)
z`ALt>#6(bzj{1pumaV6;V-YY`bgd`?#k?1O(lcz2&k_v-svwxOw>j%xkx1k(z%*UX
z6Y?aJIqkEHpp|nYnnUXX)*o4%t{bYA$;%7sk~*<5-v(J|Y<}2>lks!ll@s&6yO@o@
zI1u&fpiO7y5VO!t=1Sd{J`;tPJQWZ&%;Oz>HcmV^4lHemN<h9=(rJt1@@CE%-D%|Q
ztDdp_CsIbfMoNZ2Q+ovdU$B}GQK%EOve?^1uVk++vQ@5~QD8j<Ha)^_v2j=WjprwS
z%1B*Rw#x<9>%{?RNtXUQWw~Z=4?_DLBBQ(_7;o>0ewg_XPB9<3%!1*oQj@+Q7q?=(
z99s5h88dB-wsV-p>wQPILD6F<I5-#MOPD<>O%wca&fa^4#UYMG%RGQ$Z7f;z;wQ?8
z2*zs1&vu7Av;}ryAB9il9O{3pv<DRXZ7AZ2kQ-?8>A!iS^**KTR=wBg3a3HbX}_7>
zX7L)S%$#?V#5wve5}ohL^+#FxB)UaaJPSwJNnE255fW1xPi0<_^I>E?@CX${lxQc;
zahnN-v=AHQ8B|zvbK#8?&x0=*FU}E&3{Fbp@_c>)$0gH8MO_aG#G4<f(MJ31s`tQ<
z^BO~~OT87}9eDYEXUBt~ZP7G@YgD`X`+H{pMT*%nkA&GMmw6RTrDK86?z@TG#RWrv
zRPWAMkwdyab?KYu+beaYlakGB0#3Vnv~V}q)cMM=$$Oy&#ypswJ+~yLpf9|Hy;I2N
zHrA?he`@7tLg?1pvW+%lx78eG8$t)C8*=W)`qb~Si3EpWx>hos>W~7^7}>&sW<@vi
zDJ7@U)mY8Z(CDvrG+B*v3_m7bm;SF(jYm9Ag@PvPJ9^SN4PkYhfGP%~BWQY}Yp=&_
zY?j)2;hPSMgBs_C?Kw{6%RJ=%(LJK~Efw{>XkA?5!9gsRmGpKL%jU+W#Y7CsDB0-k
zt1`8?B^P|U-J+;aG#q|^wUu*q9*cQp8t~HIup`gFC3D48z&ioy+d*H?J`<SNINfI8
zbL-^cz8C+<z(4p;FMy~d78vhSl<%p0qSftMTXSHlmG}wYTUgDy2Iy}#@QsZ~ERMk8
zF{<8x>B>DF2;2vfiX|xQO$&zB3$wzP3bo73%Ko|)cesu^#zapeNp6iMLIxi5R51=i
zn^36AA##WcNqEz_ceT}QmD`0L(nk0MTi6nIc&B<GQ&%>5|MHZkQTwRgQFruvBF+en
zr3$hK?sXb%CoIrszAhz6!sXAOb5aSaQHN&NByOo-*^DeaJvAleoro5L2w2XKeBc1%
zn}*o3KU1ME+t#5EGq~Fox&8Lhi51TBCB+9=&*Kw|LwI?q?k`}sOfDyF0j8aS5IVeF
zTJ)oi4F+cA3HENXcPIy@?c>`Nd5q{i=s2>KAyLULud~Re`WeUYfyqoBfhdmqw&6Fm
z=*Fi<)++A*L_1$-w(ae0ED1=055A10CiyX8nrw2ku=hhb)?}R{xz*@D@JzdZ<X85{
z87l-0f0?#W9q+FHQe8yLPqj6YQ&O0vae|wg9&pX|RaMEEI}868+xZFSL-NXJxfh;S
z`ScHO?RSz*b|fnFU)jg+F4(t5&?@~0*qhh-ual4}f6Q^@#_G;~_ZEF`ysI-%-F^Y0
zysZ=7FZoql{ngd`YPgLDUZD&3?deMix>CR&(Tfi@JeA0SPllI2x*Yoq!RQRDn;DmU
z)}ZZ@%lFG+o%h=9v`pVe@s7v&v7N~q8gxJ4fXN5SZ^kXlE(muJW)4d-n~S9)2bN;F
z28e?reXer@-0KCuJ<DhCG`Q!Y79Yg2n>05?Lfy5nSzpb|8~~r+9O6D8u;skt*|TFX
zl}Jw5vNQxzX+Xb1E(OuuO`haVK!;v3Qn9K*ab=kf3HHknxL>_XpM4v?#qAr448)BM
z$t}*wI%~cw5_I^u9SW_pou7WslCi%~X#G#gO8Mq$$+^|V+bVx}r9*j)+fm<&DYpZQ
z=BCtqq|w)8t!s-K506!>#LJ0FetF+UTU`d!L}2>DiKCQUDqML@Y<gulk(9g_5a1)=
z^yM<1Aoc8(S0p_-HtrpLvuZ=J*H`C!fw?J#Vhk(#ZcRAM!Ln>|=)(VCt#+==I2A`J
zw|A33_l1bjo}G!^h=oMaND^_U{Neb+VycVB7-G&=G{WmrfoL=Kd!3nokbH&T5gBF*
z8%pGSvj(%oyl3goCCE1_1KgUZVlL&wtN*D_!WO3(#AmHr;<ATtX<>m@@<~GHNHo5&
zAa+Hl>ej<%95+0x(6)0FEGN_CVM@1rDKm%~p;xNu-0xC1MNLE!P!*i>19kiOn|vcr
z)7~B-AG<N(btwZdSu~)bDJ6ZB1GnnOeWTe?gtDez03wBVfJgSbz0>{NY_VQ}naR-(
z)r0x8!A!~m)%(SLu5=m4I;aVk$>n9yFtI2_PO9TZdGdbDfPPJ-%y~eriaoLJGVpLT
zH#U+;anCJ=jS5(0D%m|b8d8#@i>q1=$UX6EgjV;LqCTd-v*<*lE{TJXihe6B4f1mL
zwh2I&Bos^zLnALJFRqYNp|fGv1uB_;;WI+(HmALCaOx6z6`ltySJw?b-oImVpPu??
zeSp1PK$5XwfJ}JoRF<dDRu%}#`R;h_679k>DUJcQJ-);dRk1G5Q;)m}#VNc>@0HaL
z&QH>wx($)8ZzxJjU?_5z4=u^rjM+5?x~74Gk4$L)u3KKUXT0LSsbIJ5C4xK2g`5p9
zl*H=}3&<KSS9BCOGE{O)gJnb&o9+rxdAB{Fg@yw-OT^md7CSs;`__!z+@m%3p_iUW
zpm_IbSE5YW=IpBE2c-vIu%AD<UP}?T4mi;AKu#8bEcS51=utZ!@B{f|XV=-sVazXP
zSI;9xVpe@9+?05TV2qG9eeD6=b=qEMC<t3`BfyBa)}{q?D;8E>60()Nw8QLPi-@VM
zw+kT_=*272$b0Rl(>8LfE^k=bHUo{CU0{cROz#)6ysS0*vO!4X=_3$^rC_M(gX-UQ
z1;ZldQRQzyQulc1R+>VY@^uLbvK8u;8~7M6vDy-;t#=QvE+6*MA>W<zL#|0KqjxyV
z0Q39|{XldIzoR>04;W%sT$FDxegs<+4>V@Nqbx%j<S1Q>zv2L24f#F$WJFrz?Me-e
zn){d1`vI!zAJZ|x{EFe3i#2?ZAxckgZw6JCgoU**hJ8vAqs-*{tLC!@a}V2PMH)Dg
zk5<$#bx(OYv(0^iM8_m12V@LshM7K3W<*})QPwvrVuhK>)qR3F<b0v+CahOwPmG*`
z%52r4-xTZ4+S*<OhRh_+k5vS5wf;+kVMl-UwI6@YvP~_xg}1GK+*h(|4hY-%6}@Np
zNea+2#6~3rXtHI}_L0<W3@k2%7hRNaTwn+C<d!7{mob<gwJ12$)P0I9X&@M}GC3Vu
zf^Vx%Ir&8Ca5u7g8?X=8<c3i$I07g-@d~R8)8COetc@n*jlu=UG+f`XCf#iMEd*JM
z#6oD?b4^)EJ^}_<cbKvV(i5^*bY7gLK$C5t;Pkkht{rhF4xes_ujws+eUd9YW!*ul
zPZtD;!A=<#Mpdh@9=U7x>r4v2SDzaI*_5q5UhOU2t%Ps$|Ku;pHuXHA+??(o==u&B
zEv3?eb~O98Fv{bE#$55Qo6ajX2}B-kM3VKE;=y9$>N+w@tW&kJEg(WXSx-mNRKBJY
z{104SvJnFmJBIW`+WY-u%%F|5!yzBQ<k0Eb!D-J$8-H-W<k$uvzDPr$Bfz%JEBStH
z8+;AsQql>f9vEE%xI&@X$M@p<d!##oV8FN2FEJLeVtR{aCqB0y4@=z>bUZLGqpUKs
z#A^wQZZ_Ej5_E&v$RY}I8^^xd8Z-ZDT3T@SK)NYyN;QEvZkH{R>NTm6J<8!K<z<w3
z{ljIl{2d_KV#Xf8{9kJ;p~_Sgkap%!1zTgg*A&RuV`klev)u^hQqslFQDhX;up^M=
z4c!IFxr=Qsnc-+%eW;muaW*7)6<xEa1>S`EKv5|Kmd~D<Ny!N)XuXuuS(_Tob=8LZ
zhp{DXYBa31kdDO<G(8qmYy_0bpwGv2Qd!vhp<y7wQoA?ZWRju4&<`JYSd(i>-{Ya2
zj(F@aNRka0&wJoCNNU@V|B(3{PAt#BBjt-G<KysYUn14QA-QuKM8P7yh`1PGwq(rC
zmdHzmc-1K|AAqZj9&~~$&(kRHZbj>D@r+I}UR4$UE!2yq$*W*af=Qy5BtQ%Ki!H8<
zt|HgUCO_PHU1pO}eF0V&sN4KkIHoZ}(0Hjp<5IH2NdB+3Qb2eqnNeT3Y40Uj=ZG6n
z=@(k8CyK4en<U)|XnDfE;UuTBv3GqZvX}k~awn=`WZdU|i?Stg@zTHzA@vPxt}0gr
zEdKPK>G>rY8bbP$5^^>I-tOMrO`Io?n5?E9aCcV#<57T*_v(*i^EGoxel2bU<hCvZ
ztdAym`(nMGFbHb%9M__^R;x0)`7*{V*{C3VMsPK^KhOz@z6DpkA&e32^<3NE2L$I5
zL=*|0$fF@_8FYUn!drlg1$%QCSx7N(#T?JMZ^c|2)_Ry1?nB~hDFANgCuDRo&B{<v
zlKHnuGWM*tK(>ZC6yY=6h<sMg>@szuDA^B<uqX_kJH>9mm1X?7QLn|6C5uS6zR{5|
zD*GW^g+WV~|6}f*-!o5|H_!<tb|$tbwrx#pYvPG*+sVXFY}>YN+qRRFeRp^Ed;WlP
zUFX*is;jHI@2;w@>W+n`;Xs@i2s6Di%Ux%N!#232n?q(TPA-nLrO+rnx$GP$irU^X
zHQD{0X-5UL4i_sbYx{6_GKC@4sNNelPhg`d9pn5Q95kd2)2)Ev!!!@-m4;Meh!@zB
zm<mAp&F+9{V{bFiR+th9#Oj;#Y`UNlt$^w8Weh`avjtFX3To~JbA2t)hkzqq9#0;z
zvirU2<?xxnpy!Azd`*HZ&SR(Sy@gSt@{i+q@mB~<YY?q-+@HmoDT_STWKni_=j5Tv
ztpFB?@s)>&J~IY?A1J36LL9%QtqplxM21w`1*>MK?Fw_8cvV4IQhTY%FL}josiVRd
zHH5o)8%>3AYLd_C*)KQ#L<Y=x1e1wSMc48qR`v?f_p4($+Yx2eNep^97_85M`H!Qs
z-o=ydeEJLlan)1Wvu8|m(}dn(SCt^d6=!3g&*NJVcgUL$l%T4Qj{tzq!p$$IIIh8w
zCwqNbri#aXZbtSowLNvlN4q;Cs1g2doNU{Z%F?1GpiyCahm&jksiQ^W$lhwL5^!nk
zO!FjDljU7aGRL({)9Cv_L1onMS?9Y4@v@rP29xX|rsF)LOqL`SvRvWHR_Uq46pq29
z=P%+^_7eww8{8x|sxG&nt~-np;hJse=Kq=2#`u{qMT~sx8It8Y?E{8tUPe;;BI}1Z
z6F+pW;PkM~%wozI2HJ@fe;bK?X#$B+cOqS~Fr1hdMql=Ttm`LRQkUt3-6W(Qe_||)
zW6S5O!tGU<Rf?4k1QeUgaEhoUvU1NOTI|jOnm&ymxqCcl!IceRnGPJ(0y;uiL;G*1
zTRjdtHjhH#ztKr;k<P>Wx{zrT`Q2CUYh1@Pu><vU8H(Uy7IU59ecdQ07EgD=rmIMN
zdS^w_mlu5foc)c|8#pX#8=aHb?;qyuCz{bX@!+wk4_I;$3}&}cNUCJ;<Psdh*QDS4
zop5(l9qE;pb-}m^(JfpPOLKgFIk8OtjELdTmfB!eK{&%-375;M+GtMjY32YkqUx5B
z#$C=&c@hl-s`yTg`%D-bnW3u?$O>)TgyixjZ)EN`NK~C3{97q4VrBqZ`Qjgks6FSe
z)Z%q`ZA#H&2Xq))?Dgia0jxWgjREyuTwN^{yu(BW2gBS>O=Rl?4;Vkvn-c(N7klu$
zDT2j!v+JQ5b_3Ts*Ds=F1^2z<m*|qyr+r+`Ik=oTaH&~=gkhO8Sqmdq9w+GAOZ36|
z4G{}J<cZ$9R;D)`qDJmB;*hIs873zBaaHK0nWRI6NQ~)SH!>Q%h9tIk)1^d->-9T@
z3&wji6^4piXtxd7J&dU{xa!EzN)1eZ;#RY0U`6yAd_`n6pl3l!bXX`utGc}{YNMx0
zGUBdNVO4z4tp38&#j$MHzkPuz;y>qn%A9!x+o$?Y&~CY%SHr4z$Fj6|T!|b4e!^6G
zQdd`9iF(4VXK8F4HO~-p;#C*K`Tj~L!z~{v>dZzkR3lE0-aDS$dHrI!edLzD7l6lY
z{XDzQ>lhx#XR|~&`>4Niz+bo?-^=ENQGxh@fD_~tXd5x)<Nbw5*iHC-D=VXBGb;{A
zM~;=d=VAv*+?uB#+0C~6xZ<CbPp4S#{MOdh?Zd;zGEH|=wLBA02L@AtP!o_esFbH>
zWqk}?J}v<ZElkK^mLYNar?f<|Y;BAVjoVl-5*jgs`uIicDLEuT-O2(Bv4<iJ>Cz<+
z5m5<Ja*^1wG$3QS%v$NSuAyM*6<V?np@$*;HMrR<l%fFCCS!ZLLAR-VB%C6ek{wAZ
zxHNPG7zyqsW9C+>>a@9;C5aY)nWOM+3@olZqP&{PjWrSj`>^cUp=)s*@)KryRInBk
zQ)EGr+JZnB_7hjP78CBUNJXcNPY3(monriT7J^I%tVP4*3}r`l-judKTUkGiD!a>Y
zZe}_-A$|y7BLMRxgd36~(S=iNwLLz-p-q{ZIzo7MZcjUCkU_O+`PK;{%F^|Pq;pk7
zT2eh3x`beVUz=khmxx56il-o*W$K7wL=*dr-h^boxWX@x25aiE8X1-fk{MYftxT(+
zuKt%44cjm`C%aGK-<g0PXP~u6QRa1DOFQz6YF=5dB@?#ZSuB_Not^2@aW|w1lK1zG
z!mm@0X@a806+i1&J`K&}!NPwX)6h<*;Lgge9GD^*p4*$xxL_UU%@FP!+5h$NzxmAk
zHK{NI{<U=ecM3;m0ODUZ>(%qbJg!MjUj6Uea0(8R(xZ_J{SV{B9Fc$ANLkSKGtk+h
zwi^%MeI8emCo6>#Fef}wd!$Qhg1uV_UF|61Zf40#C#Rs*o7kU?^Kte>FLh87aJ336
z#6WXMT9&`#Omzl*&!`ALI&pD5R|4EJG=i(@1Arh~aitA@m9TDaZUv?GW@*TD{@+>|
z9a<mSTetT+=_9OVH)9|&9@hxG4}0b(TZxO@6laj+5}mCG-nYO4<%-P&ymmn&y9sfN
zf|wD6&(e%5sE(EsDVBT{f}ovt#VHtjF|P{Si9NeyW=ARmnYUD@Iryg+AS~BF>JnP!
zP_xqia$pV!Gr8ms2$|eBwB>W1!RVG=flT8iFX2#&yvIMI78XU0E&h37MmA?Km)7w)
zFFh7KcN8r)I;QlZtAiDu+#xpNo@|b&^09W|XgXd|)mP9EC>Er7L{IVC%4vVj1IZxx
zTrno_*+;&XF^*gE5R)-oAIEUyyFKnK;U6zW!kOT3(<hv5^*#Jj^Bnu4!Mc)pu`X$#
z055f~pyqD(B|@h4`|yh6xAm4tsU4(C+o+xidccSkW>6wbk;QTk=gG>{lMo$GeQL1<
z?M*{n!M9#&pYV@$`F)v54_jMTRxS_$h$yJ8y88I~ZT{*X*-|8R_R||Lw4Q_Yf_+S?
z?w2s><5KW6gvxP!3A}A0`KG`&HwRVtKkU<>c(yaVhKTPI8yK1UkuPf0d^51MJpP=s
z(th(l<kkVw2#;l?B_59VBP%{kIu@6*LFESFX#{W5HRT%idE-FUUY@wJ2*S9$BqXLu
z2K5@6%a8jx5TnO-v4D(?_PPHT(;o^I8K06wy94i1>`FmCXezLA(UtVgYV|Wx%0zBr
z;+QgwT^$BR+&&za8*@{(G_-tB!(Q2iAt;KqW<<1OJRs)Trhm_MhZ!WPMK2;n8UQvV
z*bo=A(0}u=1o!xLxzbJ)?r7T(n#H6@yCpRtc&L$cIYf1D5NOuzziIQx^_Mrm#gWl$
zY<}Twr%H8hwLfhi&r2=r5!)vuDwg>@WFfqeiehD4ZzjockL1TSDq~Rx%Gl}==;<`0
z*O0rBuu7%XnOrfZXf4K-veiYnf;AIjfSQ;)hmqVW4JF05z6+r2SKjhMjMJDe501;~
zBrg&f#GA~Gh?8?PP#f&OmgWNW&XH(d*0GVmr`f8H3@x3FX!DROh%K)klC*1l+6Fdu
z_AIS_NNs7_9w7C*nN)so6<tRK{aH)@T2diC191ZFV5G*kTRW<<*Kl*NJWTbG-Q08l
zbT9e@5ls2@8FUmBiQKv1=1D@IBkH|@?;Ev&Dk``ITJ=k#Z?KB0fDjnRg1L{K9cR>!
zu*Y=^G<r8%2pTQ2!KH>YUf#;&YG*8pwtRX<ieNfg=x1q_Ru2KlwRmy43qoJ+Sn;&>
zs2!QMA<2rb3}*#0Hc<t;Jj&~Z&>rf=?f<ScfWNjb4xu-RT@I0wZI^m}?p~0NF(fqM
zX8B77)_30=8SBd0qKhMG6_v!OfQ=U9L4&=x9pPaMEyPInCrGS&<V8JMS?U&bU?|K<
z;CfcQ*AxJWMv`AcbF@J|Wa}S8_ENE*J--mEqyaW-#5zDguGe*0iB~e?SM3}*(1tJ$
zqvGPyh}q6FC6AZFB3J;l&OaB9+y3V6uVYmK$==uefaDRi3U%aXX#nQ%vGICN(@40+
z;1FAW4GX%BV4Q}uhxvi{lV850D|B%YLLYfarIA)Y(DiXiQT@Ereb+bEnAtCkj@5I@
zPOtbbb0`2PZoH|T0W0P@B_>qE8Wwt(i%i{aN@d$yT^5Wy^=2%y@8mrFU3m)PEXOue
z*v31<uC5L>jW-93SDx2;>r{UATc!PYP9^JqP$jhU06`YFXu`*?U&ED~1v#Hi&OCwb
zJFl-_U&M@8e+r&XtwZN_!*5}vn%m`_m8HfLihNMlSj;Opr!iM7(IO0VEHOd1FIR9?
z{-ATwi(a&>qb{yu-JQG~-U;*H`@L3oCOM_1O1PfmRGbxCCF<MGk#2dCH@NM;BHnXY
zzV^&<eRNCUw(UdWR<dnxvLt-CnQ>W;C$~B+2<B=SAv-<k?|(&+vzJ0;)w+SOq%1c!
zD#Y3t$6m|u&H3vz`@iJ;9ry$6bIvu(4q|en4v<s5^nAaS^K@PsLQRW+*PgO#Izdwx
z@Ey~1YD0D6y&wQFEp&@$j6ZEnc7Iz-lHfRW3?W$@!Ce^gWZP|kSF%Z%@u)Xad42P^
zbcF3Y3-ao$xX$gF99lq2OJe1*<Nye-bgpUnH6$i$c%uE#5}hEokrf53_J~70bZWcW
zW7j10^+v1C2_$M(Il&qH$V3)dx|eL+1@lcKyo|i;UXzZp8H!j%&Lx>z^FI=BDSZAD
zsCP>G$8<8e3vqvu_%Ep6l4~X>{C6_nU!ivzfVXl<-~R&oV@BqkLy46CC#K(?=7uvi
zHijM{Vx!xbfheY=G>0bn<k-JHEBqfueXh+0po*1GPNzO4dw--D+NmPS*C*!TK&2$}
zAr6dM((Bh-Vp_YnXtqa{OYw)z1)0C<KzI$9yE}Zm^F2W(+LrzMdDAJ&r3G$<|4q05
zY{BtUCmcGxS|s1_Ry#Z1?+{&zc=z!}kUn#-UHZ$&z0h8G+#}JB6YV}KjF5PogYRg|
zw|lh63gg}#q|-rZpOBqie(ff|kpjoct8!`CUfeNHs#QmHtl9k@%vkHcjaHW~)#%~G
z%Y`=;G5tmS7GC?3;i4zxd^lm1ADb?s(2+c#-GIPo0JD?B@tp@S(obZmd2>@F2pKD5
z>~lo5+gtTxef_BSt|P@Ks?Y|`gJ8La-5x)KJ6WAZZE=Xw%Q>-p$;syKl~^7a2Hyq9
z{2Kmx0;T?SvmdCQt0M-4U8z=8sDpw_<Qf+4`Z1?|^?Fh12ZU|>O(4pyCHr`m6nFUh
z$zFIuJm7uX0kHWPgFTODySL0);9=`|(6Aj>2i9_g5J3|m`C%F}18rJ<{6`Hs{+&k~
zHMG-@oO4E%VUhRhktp>!%pE;j<UWMLy4~iL{@2@nrAu1kYEEC%K$cFOO|ia8o%>H{
zj}n86lX6XtzW40GP{9s#yil8k)nSK0kqIjZ-`}IL{i1a_$2J>Os|y1lQMWUqG0qpI
z@=HRR1~}Z-iTk$QFy{)Hb?GBv_<su%BWBCQLjWl#k39u=Ht+eUDb2~CiHpw6%kmo~
zV6CBsLHMPwBFw<lPAV#hYo{k*Fmke~FNfKzP)z&bSlfk>%}z_nn197Ma;#m-MZmh~
zn(DT^?Z=NbA`Sf^2$BQ#(LG-a37UjWoK?MxQc9goVNJ?tcp2m4lH$XnZs^I*{(1H6
z#!<+h%)ii1*0{gWez)l`t?EWhH(wO<sP9e)%-O(%N61AE3|3m)*-4{UtdP)7l(D%9
zI@x6gTmF>u@RVx6D-Jbi6JcL!akO~UEE10`us{Y^gT*Ac&433|kL2{#7`aV5WVF$g
zTmh#qngI>DaSBXkV1_4GX1ty|5rmUru*4*P##Qu!*j5QrlVj+|g|~8KrK7xxd}oMY
z3pv+TZ)ibkFm_FFGCi&{JK!J(ZH<bHly00TV|5!C`wbWpwhE3^IHzlyE;OV@VUX%7
zXN)AKDU5VyN^L}{0rYC|S!;K>L2jM`w^SNUpH{NdOKjlnr(LgoF(oy=%)W|sw~dJ>
z;{4OsI)&8azA9wq+8z9%6j6GQCskl#j7(`RKeeDp8>W(2Wx2lTqnxDoHycoRC-MrA
zGNs=K?!C+Q=EKJHxLTrd3^WP;)=s8b|I`tEW^K<QvQ6mBR9JReeMZ)BI5>4;_rY)O
zw+M^h?(9|26tt%VUmqdh%B#x9anRtY@1)eQx%Wdz@fH2)a@5?PhT=I%XnV<=;Mrev
z_HuNMtH&0sUx=+%v6pS^YYZz(yiaq$tM0;n%B#ZM(DESDi-(IM3$JYGpSgYAWxCCr
za+q8%$r&#9tIB#Sb(b8t%`*tjOi0mR(l2EWnVJ&`8?kS?p!sxJp1Eh3ukh5k!~kc~
zf@<`_OSp=SPw7S5N9G)EDulExsaKS^q#lAmcah@Zk&^q>nKI^ax6{fxL^mUx>>X$G
zPZ9kkx~xG?2iBR5$YBxGDP22?qyg5FzZ2U1@T%|L1W$)gI<p)4R%uo;uY6WdJ>|8v
zXEp?SLd+Pn-TdO~lra=c@Jjnn5Ba>&<+oQ9{s8gg@Lx6(u$<W`jI++IhX{9#57G?K
zume9jY$6?5z90;F$y5wqcCMq#UYk^FOpNHTuw;`lf8kHid%{koSg@9GG7^18r2&@e
ztxLlGw|n*2vr%*^`raSs`<uf~E;qDGpcBoJq6tD0obc{iKMqS*tk3jK?BNExYI#nv
zt6lbd?ry1{7<t>w;1tqo2A4mrDlT^YlhJK~-bO{&l)G=u&NdT_k`S?Xo-sj|A<e!Q
z$sYphhG=+3)JFCG5@~J0Xd?`PO_H#!A5reLjQI?%(p<P1tE#{E89J&IlGd{e__hbn
zUG61(!5Xe+t8r#U-7~OoTO!%}d$6@$@Ne+e2Yh+W#NAAx_h`_nPN!CydYMyw;XQkN
z58&utmf=c^fbY14zu{Tw-K0;g-oB@eJ~-t+pRt<WVWKZ{aJ>NLaQ<D9HoGCiVN{wf
z=QoB>m5KC_$n6}fpVA7JXwze&)rua&>5#S)cqfRg3gX@`Q8d@?>BwhjNuS==zOkz2
z{KjW9<k*U{>>9DbR*7IGij2=fsyYNZcVqS=nt1#DqNR;*_(~k>)shZEQdW!Y8A9e|
zLr+dl{v+KJapA+1%uO?q-cz6L3MeDkonvWf;gVH<7#N$m{P(XV>Y;d<eg%(pIv!8{
zq|-7;^YI!nKtg_VtVD*eP=t)WdlIpQqYW9GBNy_<OYmwdFa!4iB9|qX0^weI4kN!o
zKE0z9W`LB%?9gv2X_`g1`%GHThzt_$!N6i=_e5$khf~$=2|LW<e=dOfyxOAuFIT8N
zmq$)Uu-o@U45~fQ=6zcnlVnSP=prm3M%mntMVGLMbz`6z&1)3J%1g*olr=(LhNwz-
z{*lle>ttmsJH`>yoU>v|Nb5<|(V{KtWZJf{#5~J*v~Kmf6Z~|gAqvNQeZT3*uXe@U
z6l=<}F{9#ajye7)1n$QrXLkxw#>3oEOu*TG6F8W-)Kz~W`QDq7Y4wmZu5fr!+^^E`
z-1a*|h*;qtN+%zstNt^S%|Vvg^donA8q?bog%}Mt2OyvKey|1<e>8=j^l$X}QAWwS
z<Mx#NXFdcVJhtleKp!1&sw^N>2VZ>L!&z$c#GspR>zgCWiAn9CYO6a$3pODgmd5?;
zf-CoLUY_2kg!C)xnkF;%+^@)Yfxoa|>#P^lw_L=eV{=B>%g!4ZKx|tF^BaPN|DY3z
zz!X;e#nh$H&yd9vHGgen#u-!^I&tgrEYJd4o;WW@L>kQ8d~9EpUN~cZMa3rI8c~R;
z`p}<Ss}e6iuPRlS2)?f040w-ST;4&!^UH`rj<71*^PlCO`&qblnbCC)cg)f*Fjl+N
zORe26aKQlxW36KRu$Spkl4%e1S<)fAK|V3*oWZIHO#5xL7o${^)le32oc+Vrm=qZk
zTS#bxr?@66PA)&Iqa-Z_K(srCE|posZK;e^TH>2h417QLgpAA`(Z~A%#Ms?ZX<Cu<
zzG3FzX&Z7J_mAJ>Mdm|`M02wtzAd0)cu8h<S~R&AseBx?9LArsFcp8ra&d<Kvn-6*
z@BG4`a>DmRN@Xaj?WnY%pNd1n)pnt#C^K2hT&qt2qjQ?vcpg=Plb4mfg(Z6ty~<hI
z;0a*AzS`m&G^4VUW187sCHO6sG~|de8y)!a+J<!Y5^iFBLFoDSNfTEeIIl7Nk$w7O
zK!pA|z@6poj3;u)-eS*N*U1>(FFl3|faW94awUSAW=BkbxRZnwH_?K!4QYlrRtl@J
zR8ta8>hTp!3wdV1@%mXETto*=*re1Cv^67B$9EjQttsfY8z~|o4qS#{?cgg{n-&CX
z`EK$HCI+ViOAaYmjHf;s<;MkEszaK+SmtZ%iUQ<4$iR|X=}Jw;!@GJfjREVKAy~d9
ztB-7kVD1b7&cmd7%=mi2#@3@UC3B1lMEK7iviP3HHTt47vTc7NRy5w;V`)z7PokWh
zEzl;{V@1o$%hEbJygopl*UJxg(xcNd9b!;0i>`5O{dl6{g0{;Y`WVq}n66CP#8M$$
zC3VsL{UQ_^%}3{TUH$Ya0lbY#s#iZSN+U)+Zto>Gn{rsIay)uf5oJQPfrnEipFZx#
zLE49p-#;?kF6>n9*Zp9Ch3*j$5ad9=Dgqi+N|Y^d=IZC)f6c+Q%qqVvm|2vC&PPB&
zN#}oe8x~=JfD|9Zb>jV)XcDL6BPJ&P=`nHQ5a*V0z-8Pz(e&V+e({ukqlnEByvpE^
z2A4>WbD-_U6G#k7P$=&5XkLT_DQcUI<s#hootj3_Lzq5v#QaL?5Pj7ZS8KSf>X7$4
zB;=J1M0Ow5WHr2-EmviJIKQJjME5BLKh|j%LGXpKz<F`mcL!^Qk!RONUoid4Bjas`
z^LWEMSJ|z|uE`kkV5s_OxwXK~PTgLcoH2C`UI6!EP^(3rHP#peRD@6^3B(XaXMX5Z
zqqS|yhWs~FRH!iou>vQk;j1Ifg~d?<?Hz3udrf%xy_JJN<|k|bH$5!>s!s7O9}tCm
z7lZ^CH0v52n0UQ4ajrE^dJQVc)6@5dMcoJ<=!Feyj%naF>qY^D)CBKdI^@+B$L$qY
z@Z%GYU>*-tkKAf{I{9;~*EP|12p|G{&`82e&F{ZaWetiv7ge?k#Vj5df3L5%v9EeX
zx0e9jvuLh)WOHD{C5;(@f-?Q;^spZ)E-BF)oS0bf^D_-S^dVra_%g>_htBKxP0{dK
zy>Ph$(S-zVmW{ku;$A*@cT;%ftMf(R%=h$2S#1y4h*=eg|24bJ*J;8eU<$;X@a!&X
zr8E=hkD0@g_i#lf`Pdt#C?r}mX5y;-ot8Fe%~JGdE&~uY792L)WO@AMKt8c(vwvr~
zi_=b&)q$P?kZ@eO&#0Wr<`!$vl#zY!u6E*YDFzf^0lvQ)nnZ&b)D(rc+}moP>I`Fb
zZUSj81}#8fhW4nmmmA=2l*&8&=ffI^;OJwuGY274W(_*us22Kt#Hl?$1cZMHb%DaY
zNIF?J#{&L5!v}Tc211l?YY)lu{hJCt=&~puy9TXBJ&g7RVhh4Ea!GM<H=2$+P(d7J
z`m;3x!CVlQPB9IrzxQ8MHl0BwBqgg%rU*Yzf&g-Ga0tqw@TqgXGjo5v8X(MtQ;1>x
zm+t2eY@yyrvUUgKeUUhvjjVXA0{f_tC-Y@JzF(muLzh^2Lxqd2>RV>j{}!-6UkT`}
zr)<i6CC%AhqE7#OnMRfSlWj+^e5z&f7{!b0Coc<b-m^OYeBSwhASN!}rRB8NXWXv-
zO26)Q!QBxpkGH+EWApL$K=l1EI4H?OMxyPZ5~65*rC$CsXX5W}e1^@{07ytk)+5vn
z_#7OVb#-;`M{VzKF9zcPb_i%_ziRcny~zgijYJLY<3C*og(xiICIJ|Y144FpfBrN!
zHaMOw5|fhR_9=1m`nD8Z^UzQ=EBh~V;>hSc?rf`;4PF#ho!&rXY1&reeEy17rs73G
z|LDU<nv~9HG)a0q>wtt-!Hv6OEVuWM^!Qi_@CAxfnf$*A{zK9m;m`$CNbIhaB@PK1
z=-<Aq`FleYSxzI!!~FY1AoBq65M_Md%t<MAZ2sm@G9=)Cy5obeM+Sxq0%<OHikrR#
z=-)yS<XKbFlkoqcZ^8*gk_nJDUZMR>IZ5gN`}oT-e<;%5n*ZP6w5EUzj+!mXrFMb*
z!$4c;Cj;7Z0C|i*3~VYQArLrFm`ZB@*PRN&NlN!z>005>@$)8Au6#v}3jL`mnOpe~
zvcI(=kSU6A>DtC-z4^tRC!?cPPfrg57WNF$@FFDOlu@9#v=l}{jJ&|UPDy}|k5A?o
zEqTqqf>eeyNeL7Tf_uVaD8*$e^$jjkuBxLHs6dmKh*42d$tf%x?5I@;DI6RW6A~3|
zfKJjR{<lp|WV+-Z?-*#z?@Ee_j{|&l&1)u1glue$oM>&L31uoTVnx!5Dk?z$0QTod
zoN<xh>+9{k9qf-4_*VyPa=;-WA+j^B!yHNq3Vv@d4}vUfTym~txD_hU<Rsbmr=LkF
z>8ejc<mSIY|CN!451)VlaCUa~tCA9-*~9soERP}*M<ibbs{Al~vDe4Dr(M2)vaIap
zL)<Z&du;5#Jw2D?i*O?$A$bR0K68XYr~6`dEF&<0csM5@F$PXaAD^BMS270`HL!Cb
z3l5Ka%I5puua;u?yu2G1M0r%Q!>knS>`NW`TDV2?RS|O~0lx+EIKq$l%+zH<DDJ2T
z>SD7R8ygM8CCvU+U^5U93E(%01ba#eiW>m|f#=3%XJ@CSZ1cK`zjlXNMbS`qPtTi7
zowBC_#UOHd>foT)-(5Y70G(|t@I{h8CdsmcxWypIyA&1@delktlb8R4d3T_{;eV@F
zk!{T)9NsCo6@caJ68@tgK8RakV8YyI{SwKvf5$O|58PjqLy%5_@L&G?`E-asAJNt~
z&#L_y&xZ)WZQV<n7B-pbS!DkW^Fvo)57UZbT-w~@larW4oyog45efW1?P2qGp4s4C
zHL-dgP6-ST2O*sB;IufNokds>IUoW5-QZ*nWTDOSXb|bc{$!3h8X6kxUF?4pAbiU4
z@yGYI__eOT{qw^o@_zjbd9yL{kpAOY1>qCZP-aPF{v8$qng4r4nIcC)@P{G$zyAFH
zE3vVitIW^BaLVfhu0QJeT*WLPo!i!xNAl0sTF?Rl0?I^wL;UIXCy+^kPESuqCnvkC
zQkZ|%w4>AO_u3E*iT@G9r`DN)<KyGYl+_HpKf|WX*+T!WYoB7~(;<{qP?#}uU}pX}
zaBR_t_>TC0Kx#4(;?ccbxrDOhUR{{@|MiC9Q;^hlF**N-6_fZ+_)<m`|1&c`-_`#3
zMCuXE-NJun9ndFV>Lj1TOGyanzhQ&`OpW}hJ_a;)ia)A?@KJ^gjy6My`G2uH@(J5@
zqr#C;e-Zkd(@dq$LH++Zdz0!sRHFY=%UTehsVVs<wm*=|(vpk+_yIF&#8{6rU0I+R
z=oe`@uSaj08|b_O_@$(T@@X!uxTk4ay956P!7wmfp1F>Icq?hn%psCb=>XJ$o0^(D
z2@LDhWi0yJm{>C=f`*4B3Vnnji%?#uA1^f+p92otYWoY?)j5Y@8{I&cNpdA5BxGe}
zC&~TZi^!(9Z56wj7#V96l0u`8aV@CwK6RUk0$fy7B=+OSFOmcR4<hj0-JNQa?H;1s
z0Gabu=VA&`<WSH(^5c~;!C6O=iinVq?&W3|S$v@8D~^xD$-KuymfuE5^s#Q{|ID2<
zLB0it!bJZ#vPmRS;rhHCvJ4G8sjN?1s#bL3kaPRjI^(jq1o<Dm*$V>e#~cSn5DI_J
z@JvHs+n{xZ#Clwd7$WM=tQITtZKRGK2r)N%^kHc!F)I1AP!%M!&ku7T1~aGSh)Hlh
z^~w?Jt(wabo1aVa7gZBVpap_&Xz>IEi-9vDWIf|2E&Ff{AOP28^@s7ui*i0SaeBvH
z^rObJp8GSA-hw_t8dCHG>G2k{=~HKY2babA0Z3{#Byv;4N(Xni0%BoA`2x_IpP#76
zCyH>0s!T3}V@5H1eGA2wqC`Q*fG8&?2Vs6<BHMt*sa)14nbEhYk`o&}$^<($eHPw8
zZKDX{B{{%J<)y+7hx@%RYnY>v+<>Ycf*3AX7=h6w&U)6vy9MSY%pTPLD-m&T;04a$
zv29F^-q&<bwVs|1hpi@KYPOI4q9jZlP`e<dQadDhi>abBIhAmCsK@H#{<ozcMu%BL
z=;&w=sZCPU)0STXuPZLQu=XmABl-cJTfr7i5?XFs5BDAA)Cs%)GpX2O`3m5vM2!Yy
zINW(?xoG%m%;;E(Qj5z}KgPoz?*uROXrov`;RChq&@G#{Tr~j}CaDP5&uMX(*9v|G
zA6f?0X}1-9K+8HX@oop8Jy|5qH}D_5k~ge+9kj4-U^*eZ?vAYeHT@RT={#sK0XLVu
zcx~wPZcyVH2?2u_l-25cOW(!ZdD>Z-f|0#+p4-hiP9KMAepRJOH@pAbwCQfLp-Fc(
z`#j}{p&+Xxus7>`bz|oQoD83cBh$j8vCYuz7nX2w%}TDFDvM(4kxFJ8`Yy*`)0>Z$
zMArXREA?uB!<_CV1Ukly)r%G98wY|Zqh}B=Hw%cFF=d%EqPEM14`2>U7QkISu&(B0
zBzQb^u(hv){#nKvFt&&B*fo)FfG@0QEK}uRl;*0x%+ml8aIq2al2J!sIR3E}K^8=q
zhEhaJ`59Z%7Qq$4#|GM<m3Gt5<7^rw%;mtSB&Pjj<<l@2Z5h6hPzyZ6YYPpi1)Ns?
z=nTi3;457MEt^u$rBZ61f{EjXk*limoXW+q&EkqyF8RWF3f^FFQ!ug3da+Ax0Fgtc
zciX3;JAcYZPgM(br*v}ljPubst&T?F!r@^J2JBn&x^$w=TIoUK`F4Q~n(oPCG>RV7
zRq(6f3e0@W37g|FZEDyRjNm&lI#9W;|IHM+dKcI0kuYos5T2f!G*JB>24V~kaGaGp
z`od&Ek^2+!<3KCyVzfe!X~DY~uLtRQ8#(UA>rKaE<8TOVL%Uy;il(o44!D8h6V~Hd
z>uaFE$q>5RlTwm{k(eMBQ^{~qr6<$KdG5NSyO&eX2~FoS2@1OX5j@=$zy=)`>-1sd
z#s*|^a>WWvKyXw0&WelCi=Aghz3UnrAO9yEjmxg*kGis6QRosmPit;22lFat=ngbg
z&i;)ns&Z_UK>tkaU!Gn(>mL`!sv9OVm|ib6NpbOE7SKGMuM-VfmGo_4c<t~rDMkqF
zS}RMaMR8`q$~341b5Qu~)SoJOz~B7Hx}%I6r<55lh|+t<L^HFH3&!*UG7>S?AI(I6
z%ov{|&Ycz0Y{3Ix@C+R||ETU7D7Zy13mWas<-e+2!U-Pd!K&d#c{k<gc`sX3P4T0x
zC(hAvMVxQF<8maG=~+~Soz)74u*-VPL=#TOd<;$8?kjlsqP8@MjUM$q3{#h*y`36%
zQVKX{$Id(<yEy!#&p;c^y{>8T>c|!w;Lb5E8ZNB7Z28QCvU3KXu(hfRzwVXy<=nG}
z-p2XcD7g71)k=iG&X-&myzoOQOBi%O06lV`o-EQ=3-06-i4<EfS}(?VoYkPb6@8n)
z4wUxPX@#eZSpFB{l`@5A&X=TupG3-~VIup6reac1zEW4RpD?9|f#K;H*+_uSLyy3p
zd<$G!!spS2+j@B<4TF;!^g1V5HGmva3Yn<ysE@JwlCWJD)!rSv%l}=25&onBrHl0#
zX;j+sOZ0LDg2u+OFUUC?OnO>C)j3BaMQG(?UHqY!HtZV=R)Hhd$QCUh{0oslaS(IT
zw@=sJCz4b)>UkKu)WZYveu|)28D8`{nvwoKJZli<mnqY3r$Hv(ZzG>I%Y!#&@T_22
z6H9f~VzaH<sbeIZu;^!y@B4c^qV)Is7yKTwY}ccPkK2;4YVg_t&|r&*c>q6(dHuei
zuu5wu9&IlIknuw~wu5YO^mN>i$;fguRxuew3-o3zs2r@(;IZ^TyL{LI`~`|q&DXCy
zX&oR+%{XrLsM+HTUj!#IeB~4h+a5=SP4vX@IH4fJj)<7|s7BdXp|>>CRFu&DHk$>0
zGpO<2yt(OC9;2tsXRf6bugizAq@CP-#5<SqbRM-3hr?779J+CxTg1dbRDI(sp%hfo
zA~7?&H#iHml66<-)&zsi8X~fOzNMrmZ~WqrN<sH9gsq6`5?xac+LsTMWdC-T6gw%_
zY($W*UIWHCMi2}sBU;)Lx=e*;{=Gdv5>_D1k{><ie%BF^VD6-YU7r6F5F=$ezb57&
zxFwYFEvY5q8>n(Iya*Gmu3pQuY#gkndl%{vSwG~Uy{IfDkDzS@6x<Vhj5sV}VMWHu
z@brRbT=I{6lV~nM55m?HlcwU+i$`mLRj^SCMC=;lF6EvpB!5Mv<f+kJy`T{^`z2No
zT9`m3KVUp7XWX=1t~RL$yj_6LNrVK6Ep<nM^{XpOY#WL}2&OZMQDv*775mqRK6$v{
zGy+<JKTxgar17iu<XU{;;99s69_?q_dtFkL8Rs0qwxUchMa+df%NET`bwS8Slvd#Y
zNoWW@T``n!-0S<wZP60%XW&!qCw88XpCI!WCElWT-C8;k2m=JO*858s^uR-=Z!svM
z(b5sDh*M%r=z1mNf<8oF=acx+XNj|uTC=KQP!eo+@irs+u7OXlYw8IZDWO<WDflMf
zMTxkWndNbo3_82yL43PCDsRB^Op9-4zh%NUIl~r~GVoECRxQ~pDx)J{T=*q-<iF$1
zvJlUeWmju6*MYG$5|V!x6I~(z={E3?4U2A;(zs+@P_yE5i2y>RZ}WC(IR3(2L6^ob
zw>5y^8=XYnXmkGUm#ZF2x(k0#EPbNxbLkK|B8vZ@zwAeGb^b-m^OHR7U4v=pXDT_#
z4zskPl4V!35-yc{6&T}sQrHqCpY;?M*T*x^x27XO;WdQJ#2Xr&paE%7^N+-cBhY*T
zM<L+y7F}ddZZC3?uRjD89kGG22p{cEZh1=;3!tgezF}=L@802zf+f5&OlIerPo|kB
zy>4b$XL-;nznvJ4wpr0!zeo*uSgrXC9djgtYe%82t6Sn#>C?ZzG-EMpyTR7%u;pVr
zLw{IV(ibaI;*3{>Y&xCI+vhUAvl_X{i#s{HO@^8UOY~(P2Q0R`Fd!-DBcNK{S$*BQ
zaoze(>z8%T*n0iS;Vd%I8-<$`P?hj`M5GHc>qi%8&AG*95k*1%_P5piP)v(T%#tm;
zh0H)kUyd@Lcim~-P~5Pi88Y4Zy#k`VrDI^ht(C=aThgf-kKAUX(cEBxbQJj4-bfi%
zvsQz{_Ac39{izd6m!lh}s_nCpcprm-YuKwrysnPlXD*LEem%bRIR0Ay*(0U0SY_FP
zc(+!hJcn8DZrQ`lTSXAm9mOh$^vnj-VQu;fbP@g_Xyu7E(RRaB9;OlTwPCc2nfDn_
z*^cXyX+nWIM<pl73&9loNBdH+R0{OVHW30!FX!1QBOO5qNOOLU{R-*ndWPStx2nIe
zsBZX!cx%mai2VEI)5&B~dh&e2tYmusg&%G=xTNxS*jgRzLF&Pp&qdUkL<DdS$PHV5
z#H{xcAnii|WF)^aw9KcSD-fh&D**mpS5%vVbls8n-0PKNRC-8s9SBFe@0S(9@Nh{M
z*VOGKI_S@+K8z4;RjHrvW3Hz>(Lo>-6*)R%%Vp#f<BuEB7gfJkY;$);P(Y=y!X&Nk
z^!hrq`(83EyW9Kk%X#e~bUv<RREOr=42ybV5@LMA>F@w3hJ!kFps6P9#k`}{a*u`P
zSW!n)f^^@lky`^sDxKX7Huha~egSWXp>3}?oLt>$_f&bPYh9o%{wS)VO1tZzK3ze2
z@TZaw*hsl7iQ(VOuMA?%l<b)H3%e*BsMA!NDxbVuGhN7|*7?~R^Z>rIH{qkzG|)fz
z9FP2<ecavXX+cZ7k^s9JZ8Y;?V0Y+E6f~-OnH88e$D?UifNWzSHEqf_*MRzZZG&9y
zG3lds#MAN7e-&$59Musy5LP%|bnVf5t@LbtXF(%$pmEuWOgh@U7BE%d@+#d>MlzLt
zWA@P|@_N?PYF=K%tiM4D{eB$_#QPKma-`{E$gM3-!9?{w8czH0XgxEbDaNJSWtGmN
zw`xf9gKf<(dPj@$fFsiT+C$)5pystCm%AfP`<jY3%EN@{v{eC7(bGM6JZH?q6|ePP
z?*NvO$gxaMug1aV@rWp)&4<Ld<ct2gxD4MI9M+hU>(xjfbdkin!(E^xhn4upJwdch
zSLe-rE3^5+tl)60tqQ*wR6j&sSK!oh7Zkkn3Zb>R#GO#YE*zB(njb^5&yd>BCth?;
zU8uWFGnZotc9%69D{xWdV`2F-S86iBeph8Wn^_%r^1R#-Vi*xIj8+4*$a5^;5~o>@
z!CoKco>Xt=^3dma5p&w$E4kBeHB^v-es-&|A{eBQQCz%%h8uC})4p=PZ@OSlc-?*}
z_ZVN&jj0yRbX~M?<}@Ovk$FK`civNLy>$NK+jL~=?#Ke>9HF`9)Oy7TmSd#leXO$4
zGs4RSLd){LDfRRemgF%4Yd!jcK&$-$^<GXTua4iE%(^+zF#Bw^K4<yP%?^l;wzU)B
zh$;~+e=flqT74Q-Htdar#Y{k|-fHL2j2SacEU&U)HmERoWWIw)?k6u1BrSbg_Gfl;
z(6ns<rw>N~oQoLQv*JbiacPoo34$Gz_oU37`fte3ok$Zw*}@d&6>?}N@@_GuitgGw
zIwS-2?TI)$FBpf~>>OjYiS4F2**Qh+C*CeS@PGgS9BUJz3T#j9TjghLOeT3{TeVkR
z`qg`fC8EtXM@rg4d6UI9fRX3vqWqTG@roMA`e>7OUqtNma0pM@oF@?D?X|!UG-5gs
zkb+h356Ps+l%9YP{_9LnF{34KmM>q>s>Fr(6(QjRmbfqv*4~+7LorD~K#m$qFnSs}
zXtCu0z)X?Nh!0#G7%19!t*tys2Oy?>zAM8U6z4VHJW**L#kok6b`WCpZ#MGq#`FEw
zzbA--JLKl=hz^)v7;~G@k&ZS&7bz5zr#DIo>B2k@sM~DFM2Ja5d23zO6%a<So;~!N
z1~;hN9K8{s>-6+}8J)#O@;mfAg1CxOCqVb?19`mihniJYKtw?dt`xU9bgGPDcS>4-
z$qI&<Z@ghgKsMmxDtJ9_oC!|K{VrWm{~Ynlikb7YdHnQ3-I@z5-HFi>%Nap9KBC@p
z42s*54vDB6!RZ|b0#iN|`cOHm3I{lcEp#4?kg+Fd(FCMalMS&L-Awamj5W{s6UGW1
z3DQ<QBi+%p5OFw-umw@b;wk7)|8&2?OPHTB2T*(t0JsxZF^*~m@57Rmyal~mX$t`|
z;@sae;Xd;bGX>3bOg_qyu0++_)Rmt4{nhZJNwIrEKiUEfFVreMgJRrr4ugN(>(1jy
z-x_!vVt7m4P^s3b3-a);G>#fxis2o~Pa=dem#XFI^?B+}W0Q$kd%pT5jxBca=S7<K
z!C&ikQ?XWSk+wDs2CKF}zChW7!rkg$!>qTxC``q$WnX!aH+<$oqf}*0q#W@<O}sd0
zM<AZ;YgFmy?dvRMskJp8@_>VZo>b2GR_;kcqtedHZp%!BL0{Mrwq*GSeKea(JwEdS
zC8>1#Oy?2Zz_9kq*bs$DbSo5ZjeV$IS};$@^}_%T_1-Q0<rY1z8c|5%wAhTp!HZZx
z9Lre@)>uHEb@qD2IMh;RA2uxb#C;%z0gEd8M|~L>Q@j#AV6F%8(=wDSD}HjuoHiVN
zzvf&iwbk{z3HAf5X{E7Fx_a$#R@Rw!R_ef7Z-u_hOW94$mi4&v^#q-y{4S5ASD}M_
zw`}-k=9qN#lxS4CG=s2#{aMwIH*4^%Llk@=smdW4gYw3toH=>Yi!NS?9B-x*uTVB(
z`?Dm%BP(k$qY|y=+-AG>3sF7e#i}L|@FD&+%1LQ=ry3l9y*F%k-)*;0=UM_5dZSVo
z`m0!7k9W3yDB^n43&@1Wefd``C+6F#LPdC^_rVaRbf&5R)>ezYV+YcH@Y61ypECEG
zlhPplX(u8g41MW6!Ed$YG+O4pwKwimlsL*1;cP-cJK^`)A9S<=%2jaSFoSFxJ|Ti_
zVtI_K?NUZm?i=9(UIg~x?cuM}_P;Oa^=6cbwt=Not3$fu_a>6IyC0`;g`%ID;i(tv
zpdJT$fY1jo#?=t{hH&rg43`b*(B0W?z@@|URf|`1^=|ZSHwt$y2uOdz-gT<x8)yc@
zZ~aVanGcWRWyl%y%7dS=wA20WHEGL|TIsjZ1d$3k!opg4#yjQ%+0!-%!RuIgtF!L+
zVZYDkMTJUv%1=Ltx#XO0ddVChzX{Xj+#U%T-XjNoC76HZFuD{7g3TwAp0<81?iDAD
zZ#e7xagh*eKYTpe%E?SCi9H>7<)Ap06Ud4y>n_C)vA?4cD9Va0iN}j58fQjfAa;C&
zp1jOeMLbDT)`zf`v>u($Vrn*mYTz`<@1>EhsV?Qf-K41AzAR91NpL(jeY6{co}aEX
zE3oOP0LxFm8!Bm_OA*M5uIREFx;P5a9@#z_*?DS0jK`hHfN9)<)m>x~mlHO}pCR)@
z3@0r)O*zhn1|VKC(7a)?=v4v!vQejZg#-e1$o2CML#}orczR0vRo@@Y(7fz1RMNA7
z97WiK25QqaGQu+q^6TimA!fU}Wp@K$1DC%eiP=iy5*B=2zW>JNQXvZ1R^Gi2o@x87
zBYEnA3P(hJkl|%&>hiGK<HDHeo~lZJiI9;6dlqr@_V_;e>Y9!A9Q`8T$Q(L>dXumJ
z=|Q%fy?p6cmpPY{<VRrFP)6y<mkDX2_B}Bz(I%}PAEu0k+<5HMZZKKwx0OH{6%f>U
zxdJw-t+l*3;M-7ZkmCo_$M2$|OlA7Gc;K5TnC&(%(Gn0r9ai5=SLRI@)phy2g$GhQ
zCh5*;a2#&)tWnWp1cNStYvA9c7p|Tdl}q7&S;IN)n^jsTJA%119v`Albk8eO7~5(W
z0N$N{un)cXT(E9&hpu+gQ~O=plxL+o5xhTsW8f%@`pBx307wi-*ZZXc&vo4lGbkyE
zmF%`~Abk%_TVZw=mum|JW)0u3O({ctwF*b$#Wv|oprul+4&469m39YDuk)<mHUtYR
zDB#cwlP@D^Am@I{ntIr9_XNd}bfcOX|5OR5?M2J1f5QpuQ5x+ra7@3A&w9bhG#v*1
zNTJ=wBjVFq<9$cs)vy4{BLM}y&VV22ODzsbj#iNs?ebwk)E|Dgm4h}4kqy;g4))uU
zL2nL@w(N_D;xD5od&Wj*h;<I+dAnu@8TJ)z=5KwE@}Yg1HXLwM6ff(kq%g@@IoZBX
z)e)%9&IQ7VtO0K$!pf)Jg?bvZ*KJ{3IJNRmOV@7McytEmDz!=SgW%US`X@g*m0~Q;
z_^)51sTh-vfQaU=MRq0CRf)(=%-iXAEarz;zAZKY3{_3KGmCy|^pC0ry6`}cc1aUo
zzmO#eFvM8H_#}WI_H+mh^d^FQ#_ZjBeeNO2<8i&R%5I0F_SdY*%j6{AO?~g6z&)+w
zp^3CGm1!!s_Q|LludHaOQqB3F@X2WM1N0@3I!bF>@fSjcr5W!_84RGus_vQ4&Ra(U
z8a1JDpQ)XiJ*GqKs@;Qk`P$#jVMlZr4X%m4NdxLXue048hF)tmH|;^oP|%j#zl!9U
z^ppJ9?Su(UeSPw2+$3SlADEQyYIy^=su$vx44gWv!|j7_Z99!JDIC|*FoQ*g?yKXd
zu`X=+GSP;YoH-ve!<L|`()(xcM|7aaTy>~xvUY`C;wZm{nR+tF^ceCw>5uE2RPA75
zv3Pv_l|u)Wjm~``T8k~@DTDJJ_0Se_=aFM|=yn<|<qEh=3a^~Wz>61e{Rsm74Ia%X
z?LcIc6_bKZ4BU23Yrc-=cEh9>CyI^EG8&B^z)(zePsr5cuO7<MBSPs}FV$229gmwo
z5|#i&GwD}>gHbIaoO%ldtA@>-0BnP7X?VtAKSZdQU{fUC3^?Vv1|<tswo*_+cLi!n
zRYjn3EARY{yn2@e4@AG=H)UiKHHGdGKARXD7aY&HA@wrI&QfC&!>qfqd~q=w^=TE!
zfp<|U2<Jtg5*kOn-|-5yl4G}w*<TCR{atP`7}hpBsqHk;`*|7w9;f5RRE<xNXgqF9
zzQbG6n%4?sq$NBeQzvW2eFExc?X1|jAHxpPnoO}40+I_m8R*tWSPqTM1EC`s%!E+_
zE&Eva9euT(??WM3#YK&en@=j=9W4O1IfnC{yF^Cw+dc$<^>y8WvXA^a`wB!xT0+`q
z)-;ik<%x{a0X`0k<==fVZ={Cb`zZR#qJCBEOZD#cxF<<V?tO<k6nwK^{V)cXZ$dX<
zwW8U~kA9i<FLMdMQN<}gsaOQt&KJgHv4NV@9AL0!Hhm4Kdt`n?L0K`+$T=LR&r<iF
zePC$={BH-){+rJ|G&vkaZSPYV9_B?7Gy`{Iv|rgWZ}&J5Gy76l7q)l9YKcKpoPwq)
z4~!Cs=1paP@WE5ceK0cXw2KQqwWgsk=`O=~wp*DeS#O{?0)CvI6gjUmnKPZsZ}=k%
zM7bXmvibtzxoD68T&w{XZN?i3^rP<R7V5zch(*MG;oC3L1oEw>*q2EC&2)!w(4phE
z&jt3c%E;;-wc@zp`7*NjX?SI&b{ya@NTEY-N*vdsuGS;yc=`f^-XKPp)G{r~)6YV~
z$jDlado0kFFDM06?1uI$Yj;WC9KJ>E|6*e^BVu#tyVXxlKc7Y9hnA)&gEO-1;4=VS
zZ}Q7?#Z6*QR#36em6MUHFi!^yP~a{T(P=a6(ZOTZciL%^P-iX<Vtm`TnRENZB->4|
z4|2}^@x9NYoofwPM)pnxsre!pbqFw)AEw{?3{t@31}B8BP-Q%q8d7bnTj7OmaBst|
z^oQ~D^G6M@aC6m|c_xa~Wb;!6LNz#)CoqHw&;(gvQ@`1b|2}i-^!N1v(CjzyUjd|Z
z1wGAT(Uv;$GaE$*7-$00`*~O%4|(RP!VK2sdkw48kdRD|Bp>u4;-?EiEsF<9=8E03
zY6X<$lPdK~fGQ?xOK_|({UU#=FLV>O24j>NkiO)9U^keE)njR_e*`I2jP2a6cKmu=
z;AJOSNRn47M%?4wZ88d+$k&|p0vVB&o<i-sm}kEgW@1Qdl(U3!@AVCR=V4<bNv4w@
zu!myz3eJ(Ou?vd~lxaJzsLrnaC4Qtd$3+rv8j|zOY<BcW{<$qWy35vaPNt}FbV24{
zq#<NBO>RL8QwDQf&XEXWh@@}@9Z{bzfS15&1vY%Bar+#kNJ?QXAz5%Swt=>w@1V_G
z&(yx2p>nWs+_8lE4fe`ya)V9X44CcA!PW=Fxf&ThdSsdlT%T>t;lo>Z^~oITVTa9(
zNx9@Sy=HqYkE8sf7)-;qq{`u|@JVv*ZJjKHU>1hV$7-M!zvZhf&dx<?mf=)D2w;2r
zhf)TNYbm(#>Tx&O*z<NmD<+q71T=;Pf&9;|u&CwA=H;-Kh3K<&%wNyl0T{J>UmHkp
zLMZ><>s$-%q!$T6ro?$u;;GYnhbGNkRgBtI1etbJt8`($h^%Qv?<-1Q)l}D~xz$zW
zWi2lCS?pK{i)aD^#4Z0QV0-}O=-1W~DCu^DeizwDz&cX+E%K3~w6ZEDbw${2dK`vI
z-276@c~~3V`+Kp{j=C~dxlAplR-m*-cjgDJW&TWaNaXZzkogi^d4j|)3>>dj+E@|A
z`TB9r!&6p{FqEWxRcbq<B6^*%8-2=rHtm8!V<`inZEWOa8|mpDO*M)cN4QPXJrFIo
zQ7>pY;pnct+!_~U0!-0>+CYs&ouY;`nUbBv*%~a*DqWg}>}ytnCzJB&9*<;zy>~$j
z3>b$(qIE?H2PXMy77r+VrXPEmbr-;ha=l0ouK+cU%|^__{->@xcmX)_%Zv+m{5$ii
zIfYj$#)?T+){C@Y<_#-rdmsONp{W}f_j1so1hk`FR5Z!1)7LVA(2WGi)+CXWn2>}#
zFtVe3A@#=!d#18v@{&a-6BJ5pA$?)M`%dj1%NRIbnT+_#p-Fqc-y_WPbc~=hPeCiq
zy{=F(mf@*E)2Tt~4Qx{E>f*pGuk=X#x|9xOJ2M&sx3u|rW?GpV?XN7lh#<o6>XK3b
zUq;<09x}_Ey(4Q~JgYOBUOp3!7eSyE|MnwmTMp)gcheqrW~@%~rfzDZQ+wMfVTJ5l
zAG>oF>kF(Nr^x>Qr;~e+XL|qR0PeWcIc;UR?YMPpDJB(dCOgReu#`*K*peEKTdtkl
znUhOnA{N$!61nA0PVQ-8#OYKh_iJH8%;xg@_UrNZ{rvv@eg1ntKCj37@p=FKc|P76
z=R2|JfePegdYSJi&7>}fHx}||s!wOJJ_Z!G>=bbn0)gZ;&{F&kW3!|C-&KNa*2phT
zR81~lvmRTVB~3?!iBAtQ2K}&p{awwEV^gwlb>5zHZv#HO5nlWZN_8`1pcnd&!3$Au
zAFT|qxi0vNh7);@PZ{Y_-t65vrin^U>G?qvZ+d%e4^cC|rH2T&M2mr|Q*cVtuIKR=
z&j!~)D*{Z$l0%)?O;x`BC0^QHX0Ur{_iep8sv6tmBkVAdtk}KL@t3u!T=roEA}X?9
z6yuoPqw4u}5@Uj7ShU>TaQHCU^<llN_`csu+@|oA9~ef9uY@$Y`t>H`t>@TBC3Se~
zy?jqF=8D{B6g}`CrH`^1hAq;ViD4x*tk?V~e;yHZc2-3u%d;z`z#qj>=Xf|Ya8!QU
z3x^A&HuuVDpzTK%y!F?-Ktbq(Exa`WZ#{~%xa3o=>KRN<#l%dJcS1ys;$q_pMYqOP
zPx2sgCvkO;*d6B=xJY?y;0G?^!EczrLKBhDQ5uFByA>tTy2$ZWtz3$g?By<j796eP
z?A<j!8$31tO&YF$cPR5dywugZV-Hb#ls4O9P(`d7t&fix3f*yfUk2^tu6>06sAMcg
zS|0eZT84x-@LSkKaK}F>hhv}OmXM-W+X|PRugkH&rbs<esDH0D+(>V~fVi2o^n$#^
zc-8o;Sdrk=O;+oX%&eW>xOy2UPX9Fr8(bSWZ)%p%0PYH)hb2NQDnUDZDb2&g`$E4&
z$Oacnohh##Pu_dakszGP%?@ItS>6vE^RDi(nWcn8k(Dtea_u_Z*6>0;xX2OXCSN=8
z_e4t*CDM}#w^H=%Jn+R&oi!O6!&<Zd-G}=X^eS^nw#`1&p?rHC7ueW|(HXkKg{@0G
z*9RBq_Bq-yn|11#+Pf81{)`&s(!#5_k0C-;QOm7tmC<y6jzpzCzT^QPjzIjRDZ{6c
z55kBugCR#A7dB8|uB4GuU{r;!=TAb&G+B(A9yKll2!Qi9+ULpsMn)$xde$oV#kU<q
z%JHi*MrMOx(8~aeO@ne^*G#NobuR7oBWh0Q(?<(Gs~$c_!!lHKh+?UMZigch1U(ar
ziSlRB*UjLA3w(JYQTSlCVN^*P#A4K2ge40yy%Y_>X}q^JVkq1r2<&8e$W;v~O|Sk=
zc{LrtpTfdUN6v~1T_2Fozdk4rZw@N74w%%)eA|>gBFb(sZAq8Adfc0v0O8+69}m=R
zN_)C+GaWR*AiYF^?&@+W(|JxEW9&j%p>kevRk^k#8g`B~UMD11dJJJyP!UX&u0Pu|
zV`(e~BS@S4BkVkHH3K(3&2mqo#NZbdp?z&smZtN=F;dI3@ZK{Ck?5(0KEor_;S1gN
z$Tydh-P*>?V<2G#3mN_PcutKQJyfFX6vXber3^aS;UrqU$j0UmU7cH>QeCvXb=u96
zKMCxj<kOFnH{ML-u$a$^II?1%FxNk9lL}SQ_`uhkCLG0lri2+udVb|$un%;z^;so7
ze_<_X7>s^DL}FSJ=yxPEb9<iY)lk)!J@lKupdS<vE}l>r(ShBZKesf7iQQ&FFWfMQ
zQs@@0nk&!V)$GmDrcd&=KlEO{VOt7~do$eu)^tSajrLk6Q^fNfL673SOK$IUnJbkZ
zpg$ohjTn)9j~c0p^ab(KieFGWH}ujYG~9u$=miF;`7Hx%XfC_*ueJH^V3dARmbqkE
zvSxvl?nsB}vj>>Jqn#kW_&5Qf3VLMP2?o^DUFH?WRw-|5<Rih(dAxngk|NT6NuEbT
zm#2SKO;UvNNnk%!t97}YU?jao?Zo+ve&vyxTy+iPVDYF`=BXmib+TKKcs=Ce0pumK
z=UQ~^>IS|}s?4E!ZXQKZKXt|tq}MY(D~euEojaI<$?fw&^2}@!C|7pZWeP&p#q9sA
zCb4BJR;+*RICT3R9_e7W8>|+yJD~`mr)5KB6fKO#fjuOFwWjChK9}h@2G<^9M1HBa
zSij?JaU2j~253ZChnd>RNQv(jZa`5GSWsFyvedlg%dDn7ANm>P|E0Yw^YkT9O~m%Y
zso`knCaV-c{SL$nYc?k0$bda>m!_5it>zC1V?Df1-WxhV@VzV*vfm3U3ulWDTs4W^
z=jg}=VSror0_ilG{>N#81p&Kh*%Y%cHvA1s>$NejeSaR{Y5>Em0*m-JL;hX~E`1Z9
z^zrG_z%TQ+Ye68JK)s9kZzUcR0!ZYySpR_g`+94CHFmGZDgL73vLEyHNvK5>Djo`K
z&Wn#P?&ewU^M-(A&ju8t9&g|fqn7QDS#|y2iE;oHZI_eA6xsJ!4`pDaTl;hW??@i}
z%@rBReXYTQKB_kM_9A7?&CQf7dU%k_yNR_eqPF}MEm<ta&|?2oMO1_I$gMqs3&eeA
SvOq@wI2I;Y<8mWn?7slDCdUc@

literal 0
HcmV?d00001

diff --git a/docs/installation/images/win-welcome.png b/docs/installation/images/win-welcome.png
new file mode 100644
index 0000000000000000000000000000000000000000..0c1d3079bb69987de98bcf24cab451ea4c3c03c3
GIT binary patch
literal 94143
zcmYhDb981+v-V@#ww(zkHYc_-v28ndY}>YN+qSKV{mt`!=bZQXtJm6VcURT5do}7;
zYlq3pio?U;zyJXO!AnYrC;|b2=mG%&FGE56eNs#lQvJ69c2pD>0;-<II|Bj|0Fo3D
zRCWWt%!2e%R(TrnWl1yok+AJ)TZkkiaoY70SWx-W*jXn@r^9!my?x1fOGUoUK$MFl
zYnB*ENYX#(VcRn+{_NY)G#-gaAP5Qhdg{d3WZSdFd&m1Z%k{eL1ctzCpAcZq$OpS~
z%oFNF^8g3P=4ZJ7d|cV?OOWFWha^yUNMivC>;r1k_Gd9=xtr$x?u|T4K*GjGu*A*K
z-8ajPFUt*tI#!fQh1H;Dm2Y$s(4+Pb4(6N;>JsUYbg64s3?@c;k|T!aV(YDr5P-~+
z*Q+d&we*u^^dk_0iu8>{-gp?6YnHP_$`@uNaUg-36d88AggbSrWhy0NUYPfRrc!_c
zLkqNaO7))irRkw&#5hU^P1>?cs&8<BWuWQso5h|WWnCIc?SZC+Q?{jHg;RC`&RW%R
zF>E`NUpZl<X4PSI*@|?&vGn5lEk_3r!zrRn7N~2xZq}2mB0y5qOjDe%ODUd=SX8xS
zrbmGyXl7zUbHZ4*BakU|ba{Hpl)U7Ih{YIOrjw@d&hqnTNpVRq;JojAV4Z|?U>aQ!
zw-G6VIREWYTyJF`Q)i;Ws9dc@NrPIZJsAYpk{0BYRT;A#QRAX0%PFm6-QIMg$b0xc
z$~tXn+3mRwMu}VhD!7_<G7nQ-{&Ol4F7hhvsBe5>#bs6FiM@yb#@Uo0>%E=NiVnOM
z<99dzyaKms#ZqmeyzeZ2sSmz|nKDGGhE^ZeCs&4p>-<MV7?34wW8H;K`{_>zxQmii
zZ&P#gwH7$_wnm)w)dq1xi*Oy82>b%&)9PSdBVd;E1NEH2b;OREHScMkozvVEg&c{D
z;I`6>>2`zUVZOxal?Cq+8~R}#>3WeBmLy(oc#r+U!V?mE6zrQvT5?Hq1;X4SK7r9U
z1{YhW9YQB*sS(zPAPgnV#-4YVVn+65b|iY7{QhTtyx{@EN@RQjpbXvMya`OdEL$s%
z6#n37SfZp~%p5czGyKnV%{CkUrG0_Od}g!g26w`lK$N}Eb|8Nny9yLDzU&}CP>^ML
z_7G#FXic9Q{IMGEK|iVoZQwx=v|T#uYd<QtFB>asEK0cU@<51NuZtE*kUgrtu`xI|
zcZV*iwoQq|VE8)yIX1Z@ykx*JS=bN%i`%#Y2^n6)NSj<W-eB#p@o<ZI&9u+`P6joI
z?i|!zFb-f@zrT%-7MOBj7;19LXETg<(!6H;@wbBm8fv@I4{Y=G%genvRcIE)1|3^H
zi_W(<F|R*kYNI?Uu)#uMj%jNWzkU^eJ~B}fPfbr_EELNCQd&+PO-2qJ{|W4W;=9ct
z?gem)a%phm(BtQJ$Yziwt2;Z>KV9?sRcW>4Rp|gA30rXqvag}wp~aMyIWQP?Uo!j$
zV8{QzJpUO*z!!x`0lL4u@&_7VSkQ7i1$lP6!Bj|1SeWJMaxKQT`xW@+^Q4Bu<$)?Z
zLW)WMLmdq4B|*Ri=~vM_2ilq^jThtpy7SL?Eeycyyn-)Zvg9WGJm8ABXKX8pYfj$x
zQ#6&j4FunxH#^K^TsVAux>SrcB>Ga|a`PT_X$V%MaZ?Pt{{K~u!+#^r@0QS(-`~8N
z_5Bma)X&4C&2XsXcYbLpQcc$r4@5BH580@0*D(@2N$J76gR#)Cu;Eo^(!0l%ipT{`
zTk+Y>>HiAV3mw|YlQ{;Z>)-slH(x}*mmiiZl6g8(J>b{Qn0yCE-WVNHg+rQ{R2W7B
zQ|47HNn<ni!5Du`Ne(~CM8=&H0ENUpMF~l-unU{u{>obMn2`#JKk2{j+F<!lPD<kp
z(cCz`6^O@lUtV_eQ949qyU7s1YK@t%rgKF>hiO3xXwiO-E6wtYp7=-*N8*J9_2Vh~
z*5Op4c(RU24+6wcCPj2km}EBG)zDg~40Y-MGl~ArrQM%0ey_PS3=G$f`1||&Z(cUO
zIaKvcfg=InVlzeXkO%^61IEGFoG>muj>JKSmrZA*$fFSvZ`|({#jY{|D=JD?Jc5|a
zaFmK@5)`DK{+Lmw(b@VB`98WkODl;l?*A3)))K|e!6Bf6mUp5CsqwI>tG4zQ#&q*V
z*y;!?u8JN{JjQ>vALP;VNkBmp#L*LyBQ8)W2HZ8Do);bjrQ0WJ_9h^O)Vy}zx+A_R
z(BlbDx#D5;Oiwu0stlNb!(S`KPi!tAIh{ng@oDz(SJv+3J_zARwp9Hl4%`C`wh=rl
zOZ#>I(Xjee5Qd_98#vKySn|-Bf5Ep!wSQ+GMwNr+@c=at!Sc^$SB0jfys~Bxw)zQW
zF(YUeNLvvP&4j?yiA+cQBsJE=Tn$kvF^!Iah3QO_&<o-Ut`LYk%F8jrg1`qHc;}h|
zX`b^d(cX~}NGqtjU;doX^wiXC^VB~-Qj3eQhX{R*(AqO8q{)I~uyGIx0jx|&e29Et
zoX~)y9bZIa(VY<4_l8*=6vdvRGr0&4Z{EdnZeDD7DVx&8-6<h<gfY;6R-W9Z0cHHs
zF|P2yik)G#l9?HlWw4q4fMD0Xqc-Bkehos<D*Ls(W&dSAKV>1y@JHr#ft=#<DY4;V
z*W1N%u~o^k%&k8F0)rMkuqh98+nGl|R{}bnS=`cBl{m{EM4yNP(@`PkzIQkF>tPsO
z8P4}Q&npKn$MuKgN|k1zJj{jkOpIFAl1E{DP<?)L>SZ3bpk=Yk=W2B05H&sVFnX{$
z-(J{+%*czgEUkOiWl7!PN$Lb<!`MfG-#*!dly*v}R3AIO$Pb(McE#jg+NRU_O@Yp*
zrR74`8@7Vt*Hu1Mvo~D>oJ9x&sA)qf)Sc)g!L;=A<9}nfL^Tuo`dV6TCB;AM`yO~|
zF>J5UO3e00P(VF5kI{PGru9WeyBZ$$KH?~f>Z_0%*)P^T5j=;vS}c0`KxF1^^jM;j
z+6lD%{Q`RZWdQSayOofNatxqFRMbuztMOi>cOkxxNDma%RFYKW{~d%5&%$i}2XB)<
zyc&t#g^sl)C`q)(wW7ym$^9#{*EU&T%rr+xN|U37(~)>)M*RBs4j?-D@s&-u=K;wU
zQj%$_=s7J+7sdaMo@4Cz11EMSJBe7u{!<F=Gkw=>JF^!YOfy_TbupAe1*ljiDzNIx
zJ!&O)m3THTVQ>2;7FLn-Te!qOoePq4O)3@QY=*G?wR<iiNdm;OeZ<<Do;$)cEOr&#
z?T@f)tM>~v`!^3-cEoT$+v?Xbtq-9T8Cn>ziPp)hYT?#T(vgK^Ma%LQYeJ>H5_^!$
zUICQbPFH9=u{3}<d3QII&z<pM&ojeAxzrRXM7j1SiQB7W5Y{gnVw^<}wDAY5Jva0E
zY2IuuMdTGf_(kyJS2!f#GAI%jcsf?DRDbx_Ow1IzDn@(|3rU^8oR}lhn)EJrN&Opw
z=(^{fU^hrjkBd>$RbM9Lj+t=<+tJ~7d`f+EW<tj4d1B8`jZq#FBn}fOp;Va!U2wsB
z$;$U??CJ#ou|q8;-MC_0iVIj7!m~lO9&U4HsfcI-PA#<1Z0wvm2R9zVPrL~5!R2fy
zJT4U1sqL`AuC`G^PAFtDw>J6h^(W26EZqoOR9vD9rmi6DO%h}Req_X`r}kW@@caUf
zI4?9$mKp9YY}WUfR5b588B|;gE1}_IHjZ@ifX7+pR3=ZR&O{^Els}-|ob!GZ*cl4e
zh&QLmSS*$#fYrLrjM#2{bQ*1;IR#2#DNSt6E(7M1wK1sTf|Mtd#s);e<P5(7$uf@Q
z9UHC<X)y1XEH?uStN`s9*kdl7dMn9Sf*r+IoTwvGE%g(5utC}31XS<$SX3fLj-alR
zA9hR`e^4a#?XvtrZX$$<*3ey?yV9F!7BjVDY(w2ciWiQTNpS)XMh?2;vYBQ*y68)K
zM&3lETBEW36-Yt%5ZJghrQ+(}wD25KLtYO^kdK_rJ+GCBUnN&${IIKPwA=oapYgmN
zCfq(h_nf=8yg~CJ@`IGr9S}`$g)Aqcg?4rA`Hb*@@pYgbRj3N8Xx&#3wJ!4=1@vE6
ztmI|~Rb!klj7uaq*B|X8+yyKs2oFE;{N16^fMFS5UOang@5yAXe#4r6N=qZQ6ziA3
zR;54SkQ;G!)SU_NS->UR*|mhIZ-+;pvsP+}ip|Tx1ul*wM?bOG5-W|V27+el=;)c!
zQUqT8KqD{7W!^+!x0k*p3Gl#qjz1xN)I$#-4cwIrNXaY110VTmpwxlUPV5xFh<%Mg
zHmGt;av*{G!0_ZovTX=-n;~el=hyo})%vX*HvGoU>I9`%LMQ4z?qju{8FHLU)Vdxa
z5m6}Ot;8^m7i*Yxim=JDsmv#8kAi|aitLCDtwTUy_fy_`qd|VBQn2GszmJ%lX8*ZT
zMct<a!8(~jDEU=JZ54zH_In*g9*%{$DTh{q-=<;+z_FxO=LTrxon((Zwt&Q$Ulyu7
zuLVA!p^7#$tFnVlYX#(2b`RmZ3mIuwFqploD+;^wEbe+-MkjDanUCWzf*1$(p5=PE
zf};uHa@Dk$jvi3v=1^=ds7%$+C|4^uzdGIE)}RnwdoBJWos#D?ai$p}8Sw<dHQMj3
zxq!`rin{FynCEC%@zMsc^I{aVob?#`4VXC$JTTYvM`OXsi}Qw97kSyUnZAB?%v6oE
zJhmIAak`?~`#Um>$5P3isHHGxyVMz0uM|e{nICsIKLJ3FXSLQF%@q{gW^?(tByLN~
z%Ot^IskGotn(+8*il6C%M%JJ!8V$QV#x(0J)A=qZvghp6aa(2FlY<7Wld0x-K9vQZ
z;q~*tj21mmx=FvhpXmsQHC9ZTpBdE4oFVY6=5xdN+;_oj=s~J)!|?p|;Z>-3>QFD1
z=L1~|dEu+#{0<L5T(wMMs{oq1;SY}&v2^XYur~xD(0dHA&4&fMr!JjsR&27<(fymL
z9d*58p<;<dlDHw_KK#hrR(!R&<ujwKtQ)m?`9Lx(--t2M_kffxkfV_nz4v9Z%k9L-
zGGy32dgfgKzqmO&GLQGJVYWC3i44|hY(dcjogzwnEJb=SKOZ0NoQn~rC_^S~e2e01
ze4Ty+Aw^v6o(LFB%tvGawgJ?^bw6qhys)3H3{Lj}hl<=nKYdc^HCet&bKcV>@MZ3c
zGeZNj^R<z5XtBl;=NL!*JyJY5;%-(5fOJw4#9rpd(^n@VF5<P=I2;NLzD(FC&ciJh
zPRtpL0kXMgl{ebOJ5F4KDWoi#XTRaP^d=`G3?HkEP)XVFnA~@y970j=Qrdb%3DWsF
zUZKrS%)y(6+f(0Ks3WC6?iJbPrC|RsSf%boOdT`Jo;P@3MO!fz$ah#On>!2zM27HM
zW=uj(mp`HlzHn;?%jRWfF5NHj^X`Sw*vbB!?95<^bSPrtn+RiZ-+tA4sm<0U%!B>n
zergAH6WP(><jfz3g~tQ@mB`r8XQj}-KyuR2BDoXpGCGtVU(9}Bc=-6t-fs^T$EUlq
z-(1$1>1kE@dz=&>I`m**U;@%0(>3U+8Bo;bAL}eE@?GvM=0W#SqWU=1;cS+AVg*Q(
zTVU@WY(jtMP6Q9VT}}+vJi)X)?BQZq7`PteM<r|nk$+`0tIoY_<6K5Lu=L){-_rsu
za_kGjNb1lwRM=+J^LHKa#ll5iqz~4;scawq0MDMq5+J%5&1$XMe@9BTR=FjYq$UlC
zYSzj;M14eQbY?;Dn1%^qL<bQ!uL-hJj6b@B(z9<aeCxRR7Mll+l*ZD|g?y^B@^?^2
zCj&;O)2#WC8C6-Zv@H=nJgn32jr9bI;b?-z6{OMKO@TXWNg$T+ALlTMm>8s8y|DLc
zbV6|ODe3b~!LEz)k(Cyr$7<LTDl>y_);RQ>s-S@@c#)ZCF+l8Iw2gj!<{<l->KbTb
zeNrWgxn)G)p7URU_{Y9P`Zf?^5S)F#ltLYgG$eQs;JzCmS(}ci%#H3!=~N+Jw2X+k
z#r-r$SNYa)u>x~vXD^W2sgOY*t;Q2LoFpJyxXnr(=k-w9)u%+6P~G(&x*Y9af~^`=
zR|*28rQwX-Ig-!AUw1YG)lG5WO~CWMuk+@x*t!WMeR%`nj#xS7CzmI{6%Ki%bC?2x
z7#6G?!lDQ%`09~52>Ao@_v5JGlLa;8!yS#cQ(LU~^65J+;jebNjj+U&N8@@JV9(Ca
zuxzg*iCIpFN^Y_KC^qY-tYaLlZMWL4fq`*C)kwj*wf(vO^rl2YK@qwj{%*NJe!H6-
z9hIoPYC&S1lA(H;@$AA-p-jm;9YFNpWtZoE7ro`$t`u#J!XD;umTf5ZIrdL<>Ex9N
zXR>5T7qamqd`->k#yg?`H5(%S=gyGeM-HuC7qizDg(z(ICd~7`=Rx<LkD~It8S--&
z6yH>Cw>B56{kzL=3Iy0glRKP@JypQ-&5%i4ngIc%i$?-=i<C{VN9rtUZNZMS1He9-
zfw*@e{uR}QuetEU0Khajtr@xV?F|gjnLsZfh7?o*FE@|(qwn&9t{9is(GGNS{5_dF
zHwX&>Tjqr_FVSWJs~|bftE0j--Tcz0U&sgo>amjFKtesPXh%_l&s}b^8-?$xms$aD
zJ}V)pt`t1{fp%#v5qNs^Uh98lh|CozJj*0~;Xg7q=MQjN!@YHOlE;AuGpDrIG>OQI
zR;{f&i^I^d1%-ER)ga5OQUNq;^Dep<aghJ%caoz3d#1`-gh^&#zhx@SYX;~l*W4Oh
zOHMScX=Vg57%qvBse5<~ENm`z!P11fOX5$bLmB|M$EtOJRw=t4rSOOBmN9b6HG%M<
z4<JVBLh(J2I4jf+76yrLGe1ebuE~jThqIAiUH{%YTU9~+o-eO#W{Kv-jL<sKSR+$6
z3xhNHa%K__rjVeo@4g<DqgP-6BL`sB5kLzMBK-b6Uu(GhJ_&$7i%Jraxp@qrXRZ%Q
zw;gf>gD*g)II`S?sV&A*S~wOYQ6kS+>#qZ#w^InqvMjd`fH=2A6a91%e8*67G68MN
z>q&^JcDy2+K<23#a9x+H($3|^YOI(=aVk;gCIWmb5NFqvgI_LA5p@q6BS=ypDl3^%
z$!HmIRCP-UzRXV%A=zM;_@mXa?B*F*U)k40X>pK$BRZx0CnDyIDum+ce4^r(W-~1o
zFLXor`WEqA^tS7hpVs_34B3;mAwX;%b@X@vAiIX1Xew+=rDhExg%K=XaZ=@&;;Wn<
zeF@MSE2w4^IOpXGqUjilM9z@tp9~dcfwD6^A!%f=f;#l+zsl{FC-Db1;c}ZU7-0@W
zeo2Te5j5&J9j^N{3lqx?9m_@cS-<>7KE43=tng4@(})EGo3Jg%sYU=++EthiElUd8
zK;cPL`DmJ^(X01=nXPZkt&8z68oH9-;Y6N}4!PA{(pG-&3aj(IQWYaU2G%5@7b39V
zqK)Tac=*i*ZX+_nd|H7`vPM=D+}3hHT1SBVI6ms0DBy!`2!Qx;skYG<Zz8+eDw%5+
z+pnW0qe-8BHkO&`oD`GEU5;a1N?P;4%=+L}lq6$;n=!{=icrqIWMC9RIw~cIBbh6V
zM^@|563kXbv0qq4YUmOFp4PZi^c3GByp}JPkcPWoDg#wk2Bj%W!r2D;>tarwX#hkN
z8n@2#BZsL^1}HtF7xZt+NSo5XdgF#G0T>}}`C`fn{42hoH$)VFRkc7&C<`YC!xihf
z!SDv1ssp_7VmkJ3hfQfPBXEukdx&>g9gav!+Hp~LUUU7*tiAICD5;#dRK7waQ}%07
z3m>*L{f69t$~F{ARK-yQMPZZGVxm~uJacmv1_9gk10XHRA3`;><hXe8nxn&#WuwE>
zDkbs@g{O^UKeEbFmh!F+aW1FxLdxT>Dg^h^lrv?kLXJ)qLMaA3B5+@Y78L^1C%ayr
z3S?G|up*!bKAA_S;^8y{cd<_+s5;;-zsP{s9N4C+3<aapH{pzoQ-tJ>aQnwk*l`B>
z$B6hTp+}yK^E0zdSgZN{BMrcD)@9I<B*#QWPbH)^oCr<a(TJVzb@6z$!nrK@TVEg(
z1mePU2(JZ98ZsU91^wIWNirqJK^kgV9w;GM>IEHhLKWhsO8MhL4-2(Zi$!Aj*-^X{
zTP{VbQV2Ie%&BJkFd2Y}L+?34wkArwWE@7hCe(hX21hQe$w%SFNc>nKis4OxFVEza
zm>3l`;jIY8gVDfn@e+*q1`PG)ERQ<d!v*|2!ldAg;LW)bjs7KdPoZHZu5zqlbfVVF
zWC6D36Za%H8+jSnVHT<eRgubVH<HQ`=`h~E{z$1XUtV}d{P)U{+53oc+VY$-$WFgH
z{CCUOLP28BJJ*Imk)u+`5I;|!CYqQMsZ!y9kO>uT%|J^YCr<UbkzTZx7#z!zDdo73
z<!f4$kNd7kZ<gobs8#|!-W6?_t0$V`kEF+i<2XQ#ac5?L%0UA}dXtZCcH;0Ka|_oH
z?@feXI*kI2<kKp>p{3zUbQFrt?M1D|QwIc>Vu-dCTG!zPai54R(2e=PX_5yGh16Or
zA>&nYMfIA$7DhL#vPuOaxjxfH;)paLMX5fp4mis549hWyPW0ig*4M$5VORmO;HDm@
zVzmJJ^M%uYG$2V`#=#b?dBZCU`1P6`m^#;HjV+-U13#Jiu0OEy<P9J_)8ks~m}Qh-
zD3DE2&dnf>q~YwNMuM<4sC1r5U2MulAk5P%C2lR0X4}J;k#F(0V(`=zLCzJeA@mn7
z$IRqL#qREMYTLI%8soS$wd%0RMW>-~SkM9kb@WY%0il<Z6f@I;_tRSvFKrNMs)cz5
zN0t^s5lm=Gm_z+BJbTZb&6p{vX+=$F*<$-M#vG(7vAZe&VPjU@c<ltZM|;1hRlMxD
z0cIZ|aHA0yy@mE)FL9qKsi{Ag*ypACh@>-lu(CaP&!<0vbR?Z;A%+ZYPu1b-D}vnC
zsV`r4aPSEBK{nicU*dTg5&ucPUxB^J+_pcF+@@ys(hCTjBiMTWP*g448%4(XbqNEI
zi0pEup{HdTCA*ZcLYBC|WSHv=%t;ulQAKXk$R%=l0NgBs+ZEpNyC~sok{}_g`M<66
z{>_SuX-Fd#ivmcT*1aap)}sR7XB7FKYU`qg<4=+W=q<!z8=PC<6WXF^H-#{W+x0<Z
z3+Hd~%Q)Z;(O3aq8+4Ip{EQdUyY_a7!|J#w7K$F~w%DU38mm~FkMpc>`EL)(tE+CJ
z`m0{zZk*o!#-6hKX!I<@0WyC>&0!^s@JO5?{UVqoOK=<O>*8<=GC5=Bf{>HO5q>Wu
zi*AMN6VLODEhl4Q3DLPkp(|w^i8chMnxYAanK6jWc&E#r?FJAkDa9Hn*7R`^5ikn}
zNS>0@Bfly+LgNF7TroL5L2RL2eC`fm22xnnc<DzXRs5e<N9<CzOfLCigFeN>`zRV<
zMKSDhp72bf9)o)dBn6rr;Kd&BeaSEg4c&!s6uExuR)OpzvA8oQ!*TPUS{~s*_@XF)
zBV_f{W9zQHM-7hFO4jBFuWdvi97v!pg_w-~!sPMq7=G;!#8@!tTQ-H-$K>cAa3@bD
zCp!RZ0M&mVpforPT2p6Q#h66YWHC28x-LLQ<wqO%AZt`CrR5o&8tjj4Dz&=w3(%ou
zaKm1^^Ieha?O#G~7M^CTarvbFdZSj4@9C=m7u4|%6cof)6Lsel5*D7t{3bMAf57sb
zFGTCngiz!DN(})|7S&z1*P$oipZ?1dx=>4{b^-=Ax`&_q<Z8X*ATP<Zh3B}byHozj
zy!-o;%8SA}r6eWk+>&tFwcTg_4|VxZ(>euZWNIobQt--(34lj_*y5v|)bvY?Q?sMH
zhZVrV_xKLDe=YlO;=3360|PoJI9PD894&r#=o0AdT53C9TP!I4cIcnoYSRnMYRt!c
z(Ln7*DvPMgtZFo)rm<7xKLc#?fzgqpgtBV>@MJR_ZZ3u%ZjpO*m*M>9>{^sX*}3Lo
zsT#8q{vW4zSb^i)Q;);3TO8q+ZQp+V>Hja#>6MZ517ke?DIvPy>@nMYRxu7c`Y%$`
zTO%&OkT3^>3}T}ETS|+cG3)MPDdJ@E->=As=a!a2_3P0dSI<STUtgRQcL;R~{5MRy
z38c`_P(2(*RYD3Ud)ykW<MBV?|6yhSfkC}8;=PrQ&hdQcl}$}a%X|kcgzsPxIfMT-
z(Si?5OG~S+^?Pl`JZHs1nI=iXLVho^+%c<m1A(%Ji4rKX(D@Hw?Oxw~8{>aI2m=`r
z>3}=3dE?*pz+kMzCA6;c2(yyJQ$Ov6@h{tu+vUZCHfj6ibN{%D{y*&O^f!p6^^PhK
zi7U!K`^WzguU=?4Fkl8ZcrfE^$bVxe5kFYnPV9fb$s_>Qy2~bz>(2h~-gbQvE&rd*
z{f}=Dp+K0O5Kyc$fdA4Qj=vV}*#9HQ{}}ECLf#En0rEdy`?rZ+aK>$je@{9rA`tCc
z9HLns-2Wvv|4_iz-Jy+t1z-mP`j5AuVCkj<|J60~uN!W-|3?o0j;iMeW!GovCvb1|
zZxg!#n6{w*j_7ZW_pcsEX4&xn)<gSt-})ch|J&6cn4}lH1{h?jVekK*{ng>GXz>4z
z=&xuZpoxh85yJ)qMAMx#U20}mT{okSwR*1rdH(<g^Grs*b)y-|qr43Ty(EUXM%JIb
ziB$U&1etFU7omkdp*q}>$d*dnd>H$%DL%V*H!74_|JJ1m!nR%~lHt3|oLX4ao?tq0
zoCpbO7n=oM|5_0WXF9*N6iGBnQ9aZfiNza9doqZr$4l`;f*)l!K#jluP|_YGg*-P-
zczfM%o~!K)O$*VDd!u)G-U$|`k;bV}Ilog7ylNXr;xAA-1X9C=U3i56MSBD<wO$e^
z10GyPsCB*bOE|3OeDV;`N$_t}kvo|7J;I5R^Yp~j^)aI;27mD2+TkPub4rvVNASLd
z+TPHKiY$&x{aS5!nHYa(_7M0(=`L0RXfFaOs{A}F{d~lr)7jm#fz&DkpY-7N5q@ea
zINo&mxb4rmwc*0e)d+BP>G2OS2^#nY96rOME>Y*1S&GRx!*ac$Ex|lh%i1|L1B`Q~
zd%6?Qf<x*~8d`1_)yT=*pzT*MU)>yii0GnygKLs~gJMv+c6a{}b<_DkE>zOB?mBz7
zzT;)U>UxU}$sK}K2MRnw<NbcLmG(76jErgGR@2+Ug|&ZX`e~S74)8kkazrftWFd_D
z5nnmn<CpUFg7(!wHR!gfH@o-nXV2~K9V3$g5@N~+qQ~>Xu#;n-Yuu?roLqldZ#HnO
zjSebEs6bUf?`^H;8}dhuB~@E{8=B}2{orEHNnW|=lpYf7+o|jXkoV%Z{#r=Pem8WV
zU14DVJ!HpB`&D<NDT(nXOy})`tHf2Y=v6pQQk@1eWwH6WSWyn({rd?|*UOOtu<26k
z7Tf`4hg-vd@{xer8V6=2p|pD)Of^2>wveQpCrcq-!7RtQt_2&{`V-coX<0cu-J_9>
zHE;SwN;u068Xh||mz8GHOV9KImJxBG?Blx$*^HJq%(})+PePeWNEmasC`nSnwyn9b
z8beAoA^6j_)xZdD;sSy0(~Mu1?Kk~$jq9f4uwv)a0QKR~5iu<r^7}U)@b|FoT?=Hf
z!S>D0K*@;Bem^1^`-a&dqdQ{8{hz2xteTuJ9uy@ZnP5A3!oZOp+TONIo`t)Bn!7KS
z17yBf<3sl?C$QGxi{cKlPJtFOU|cy42r+$ardSmTwn-T=-8t<<MA)D#XKt=T^ier*
zr*zpzDM@_I3YmZuS_x1SDnWA$BHNPIYW-U%f*`6Dt@uShm0u;QLaJJF%?yw7rPlH*
z<sy(QE$zU9a>8Tv?G%Y<Y<YsjqSg&~zu5cT5+EFD#W~#HNU27VA*wLFuDS;&jv{XF
zqJI=xf8rS^y0&q21$5ZDLJLs=imG5c%`af+r%}{hHK9W3$ZDVA1mubI`0NfEbVT=Z
zep3HkUbYG`0hkvUq(lxuQ3d?{=7;j?A|T28aKC7A6-HR;j(<3@D(BV809Cp2<cnyO
zR!oREyAwFjnh=i*gR`O)G>RgEkLlSx2L;ApelRkjn2SA4J99YvfaI*&0>u>zeG3I|
zb+v#K17FnvFUJdCc9eKI@hB{HK5Z0Z8Lq2+_Pa@>ygjw!mY`3au7+`kL^#-OMjhqk
zj}-zj;1Hur4T44$)>9m1mMn%gx9slya&#_Dd?hwhM-!8)7ufdwi5p_7o&++y6?kVT
zMk1sf6n_Z+;`BR;`FG$1m2?^>M1nz=p7rL!V-0p&$Iso{Fgl|aZS5UyyXQmoNa*?-
zuGf4yPKzHgd%NW`wdbt4KWMON?L96^UTXCqm)*e!9AC6Me{9vT=t3*5P!ip_A)MiR
zf(g?Vf7{UP7x3(E8a@aAMlYS=4kk@paix^7Gf5I<o4(Wxiz!FcZwO(;J2>8*;=~*d
z$OVrYf~@s;RV5{*D8LS&FkBy0NJVwFx1p!vX+;;0F5b6V2&RL}TVQsbhmyuWbW?!v
z{-#FK5ZdR5fxXU-Nl433aIVKP4-2VdHlUyg5g!PP|8b-lmf00zXLdq;s5?tR!sIb$
z6p4!o_AFITFMj;=$<fJ=56*iq>n>Y&&tz^T!DufX)`*7JcLs`EN4h~a=O+8cixG(+
z63UX`p=?$$-Cx$UV;~odbWQ-$)W-~Db9aBcF72x%^w7g#O^SkwYTu|16DGq{%*Ts)
z4E=jgM3<K)Q;f*wQiO-;L##A)Eoo|`?}(qYt+iQcU@DwEk9b_a_5Cp|)S<b(^r}Hj
z+0XmNR>Z*=6=&^iSP$OO9`D-SkfPsu&^yPAC>K{CHmd8!R@BAR1L6e94KXJ$rPz53
zRL7k)m+PMFsd_W8F?(fVH%72vSbvze?)HYK$!N!OHCy^qle7tematV+didr#0@yN4
zsFBF`+k}jOJ227&SVR@!HuH&&Agm=Y@L@SczHN7DDf@+z(oPsURNwj{{MJkj>S<9)
z_OZ0uRzxWR0;d6D5z~lxL>puSIf7Z^9XVd{Z=z5wJb>iKnsag9aJ|r>g>$TeG$l&=
z$4943R$Vriz6Lw*C4%0_^F>@)ZBUvohgT8)Z0We2$CSPiWJ*Dv2Q(K(v|!?4Kcu5;
zl5tWg4M#Xzhl}0_B!7M^LAfxA8HisOc<QIz-}H+t=T0DbU2`mZ$)5aQLZ;gWO&Pr;
zz+%8I=5|g@#NCW9ImV%q7ECilA{~tzf~EE}XeoG|T~p`bNj#79frP?O5bP|xn;)CU
z@DsRW-cmnd+b^==4D0yUkxfl-`8C*+jg)X2EBFx?^5v$9VJD_!`taNF?rb&a>gxc6
z(KsDZ?%SKBN+CVnK-p4A9J+dV`#8BgBTfi%;FhO55Hl_we50mJ4CIeBra9ZFU*JjU
zPnKnyMrtADsH+}ch|OM|1g5lfMA7(xW{}`Zj~uEu{9)QE497bSSf~XdM3+D6;TvWa
zEEZ?w9XtSm5YdnA_wMHEy2Zd|F0n%N;|+2LyA<S^NibArZv>lJ0Fn{MQnRK0H5Ur8
zmtR!a;gl0Yb>5J57b7wf6~qvN!boOA1e53-qAPq8yolt+GPCsAp><@Pn%E0H&A!<K
zB}9|t*bK_u0e?`82)IHg#S55+0o(ZJiuSvUd{$o$q_SCNK{kidgPx~EL_Qm(GKGsq
z39~ZR23U6&^NXrEBK>3DFRu&m62Gj2O-4DS;h2-;b!!RJ07M+%uTL~?&dOPRV>&wq
zLzp{yQVexa>7gef3ZK~H(H4m(g+%%b2xOHzfb`TfsKy4rq*7qxGE+N>->{FZ6dX>Q
z!EFmdd$M9jQLm8pcAqd_4$>fHGF0^n5D{6lv58xL;i2MoJ)gT@n4QYj@@iy;k8xY8
zUvoHU8VCW7%3uLQ&SunO!|4Mf@}|Ed+Z?a^R^<uZP)*bQK}9uCe0ZeolWWA%7MR>b
zzy^LRN4@ofSaBu=d4w2Drr9$NgFP=lF?K&WlqO=Y-XH0^sjwAvaUz~ko0ic_>hrdt
zKgEaG?b!Vq2?)w7)-E)~>mPR3vb*gdW0mR5x%LEogfuPf;R@$Ps}XAjS`gpy-^*TH
zHt!e1#eTlo$O)OGz<i0U4xWhBqk}H6)b@e$WcLYU{D~*t+y@J6h;dLimgQoPiFt?d
zF$G?ub({Z(W-Ak{5^ocU&jh%W|0O&K8g%?ZV%NevcvC(wKGKj1HO=sFR0FGIGcbPN
z0<F1up7U|G?7?iD%O9l)2WFlz5(auWR^BABroiwoIQ_sQ?Ci#X%phUD2tK);pLY*+
zjV&nPg`SWl9HQjRsC`pH*`>3(o%gycvIB!@JSH64mir1!>6R>MSrC}?eEGf|-gkq0
zZVsxyM5~vh)QggUi>t*p_Usudnegp@V{r(QZO5GXyh8mTP6tS^@ByBRj?{acvBxJY
z6kbPwUbb$cVIO6uN*SvJ6~3%CpYI57X91A0@6*6!gqp#B9zZ$RuNmmvEvQv_u!2Ss
z?(3?kki$X@n5itV#5T`B<Jy7QM!I|Jf2tk`2y>Wxm{aR|T+70hyp<o0sV6(Y(N0?r
zug^$INjyG6WrYc*D6ioV%sDbWOVXw;*^Jzw%*q%11TcP(X1hDlh+%_M(LbD9BwFc4
z`})*EQkG9KpKqVsO;&t|koy!G=C)&`FbI>Z1*0dK&9yJ$_vBmwq@2SQaj>%^HRLvg
zwVzRCQ{ouJ_QLWUbNc5^j|~G9+=sx5_6b&skl93=s47weAys(-Q`?u^zO<>?3vY({
zviNS{LWg7DL5P+YB70DGb{ksM^i9hU#rVD`J73?tu`WcMDZK~9*If07?y^?@ut7IK
z(7K7nN9~c*c^G*%)gWx&I>q+JQ70Oy#A23UQF=sTEry;4CB3+<nOIFL6FaPfz8vf%
z?~PH#v$F6BjoeS%EgU1ttBS41^S=$8=q^*FE3_XtemoCct!m|p&mO+tuF~4>J%&m9
ziot9T+#Hk)%e$?{1qMPKRNsG>PGRD$`Cs8S>q|AG9qS4sf1YZ&nV4V&gqmtiGhco`
z8GbkpaV|n^2giK>;X4M`>KhBVq~iZV<ny?2v|4Qf@ugzzB|mqUhCao^WIfIW{89;?
z><YVWB-i&qLqfrchKhlGtU7^ptlE+2wVf0ie*W%{xJf`FwHx_JNijGxgk>J$!VHE?
zK5%-2sq{U8a)7zY^EF{UM#L1BcZ4YE@xhe(c7>yXC8YCta;NjwqZkfjiLJXJEzJ5v
z+39fsS_^&%cz(c(BpLXkg#_=iN+dB)!12|6#VKw@+rJIDIq;oe-&60$eCe8o7v|Rt
zp!$iPF82}1Mp!lI=}EJP#!letae>Oi0%k||JJ5AUCmM0tE9$7mg!s9Qs`ELK(95(l
ztRyRwc-A-k2zMr*@5<Ec&yseeH#b<7){5S9oOGr_Td(bd_U7~Cg`08x+4}Fc&X!??
zJX!IqpVpW3k^iunR)4TdJR)o^h<mz++JdiI0Nkl%M*7_Hc2Ih_M=CTu^67#9YTUx^
zHG$vpF?*uwO1{o^_(2Flo^V-Vf0US=08&55X@wxPyCcQ&mnFFD5_=vm4FsRh^evHR
zT{ukozOIyQd;u4c{=9$;Lpe-DtmB+~VqJ4ONFm-<gbJ+^5OSBQIBx{yF@Q8ahyjDF
z`z}=Hh2o242D<sUr1m(1SAt(fu-U}^7KaPbRivSzR4DLfurtr5unA;bHoGr-W@W!n
zRbXF#1}Qw1TI%+X=`%^T$+Y`|e1^K!_z1BHy9w_X*B8$QD1@BHz)zL}V9a@VjM!tw
z8mvd<-{kPY)xOV$nI!Km&7)XuuN{3272RygJ8>`)srMD>Jj$48ir${bpRnDyMzd5g
zdPDrKd6lKux0wNgb*N0#k@K~U;QNIAfx>4Vb1R!$kaey~AU_x?PZ>uq_mxPI_}_gx
zZ})UUi_(&X(i8Xe^=%gI*prk=_-P59A=sd|+EzdMOgUtQJd`BBHUqo%YK&I00V6b>
zd-xTB=nD)>=y`cWkSD46kL>}F+Fo?}KTItGe<}Sfc%z3)H>%XEgTyXd^4qX;8=CIR
z>`O$}`7OfOACOlaN{m`Me^9pC-~cLX$)zWc-+%HgC4d0WKVS$4h}7~E=L%*}6*+-s
z+#3sCuopiZ0*S%EFXFCqW-)(7$slrq3jRLi-y1nO*gKHEl2D6!@aC>_oX|(xSQln9
zK>?&K32KbAhU%Nx!pf<#H{tb94oJ|e<pqzGZS?`9L5BBSe_!_%Z@t&r?(pHM-@)kS
z9PN0E^>{Ha=9ND%C4W959m1rG;xuBB{;j*Z5H90>nZ3Q|`G^a`;YLYR>fZ7D3@cF(
zaHb`l+AR5&C4;9adlI@CS$#o*qqsuJG<#vS!RP{-^F$phr|d4oOhCn^(#Pqgg}_wb
zpzq!2_zF!UX0WR#3`^Zpz#^23)4U*Fe*|U6bjp>Dlf)V9Dm0%i5dt5eIVR>2U@5m=
zt-}2QePB4ilr+ArtR1f7`w1qFuIZ5nc6oqduw0p@j%6d;J%AJ2w2ynqupUmhQbbIt
z1{qPhhSgz2y`3%yf5;9Ek-kS)UQr+>iQg{y(k^2$T`>mzK?7EZG^b@DPe*My+6<*)
zB(S3$iDD00K0ZaXxWE(_gH5N?xo2t(x>Kx5RWVkoYZz>Be$%+fPn!5~-Map_7-e=2
zPGwAitPp0dx{%=M#Z=wroYsrx+-sr;S6eC|M$Gdlg+@?;0p?GGy&p4j9171MB7wnO
z(SYLQjSxAf(dDTCF84|wMsjxbt-(%IAFK^o<=T(Fl7J7KG8%bZYQMgg2A(Waor@5^
zrIu6xtK!t$c;r?*{{Ur4&oCzDlA34I+Y`0#JOj@7*bqn*JdHY-t0@WxUf)9`YpqxY
ze<#T37ES^z&cz%<1?bo)S?(M=k|1ed_X83_d_a9%6o1K=-_3M&-+IdQ#>lBe@0^ot
z{M9!Jr=S5c0LT`9viz5Vm~i7T`<@wMS%@Vigv(af-nAic`l6I|NpLn>QYn?9pnNxG
zhgmp7*bSL6r@*-wBi!XXI;iD{=<3&!F6&SBym$k!5b0jn8b+a52`Gy;Fj7$WHRD63
z#80ZAuMkLPhp5q0oWLvQS-bit0JA>l1M}!;bpzls=hUgd>hMZdc=YgK0xPT04dVd?
zS%{uK>Z(*k$&m#|%BZ%6)SCH<d3&xq+pezpe6e0Lj#L@(1rpe#j82vl2X|w3aU%kQ
z+bdY_Mu0uSMjC{!gdTtBi0qO}b%E~ECE?GUCQM!r;uf$@v$u_%Q&TW1>YsZw<s6d4
zWb9l6Mrs305k?APnF66B;fY$6dtP1ads66aO*1cy{k{&uzTbpUC8)MJxy9Y0hgV0?
zZQ9X)93ayEvs&AO(Mfio`q{IP+$u0Qw}G>njY$n?)GtU*H&OOT^xfVg3tgTg{6y)@
zw2YW_y2gr5f)gWlF2;#x^V-ixIzABvji!@-mI?q?Qpe@KX@$Id`Gmba<hao-Cjvw@
z&=!U}j&{CKK`VRw3MtZ;RjL62`6NPr#`8Ig%q@u=kBAjV)F}891YibZ?TF&lmB}la
zA@RslI#Mc;F*fve>j5igT$4IW1sWB)40L<&4|cQoFh0LH1i?Iz&pvzj{qVagpt}+%
zjg@S3nxwv6QIxULQY}2mEFmdB9*qx_!Yxi-MvPS~gW?H&&UNpa{CWTA8X8!~*f7Uv
z$LI!5En#u>zL)VsH!K|mT{DVL77H49GBrzsbB$0j!_26RSu9e;bv(<uzcp}OL>&0n
zS^?k^-C5aA)k)0(?egT8u;P|I!*g(!H-dW`zL*y0lN1qa0lO66NP9k0k5wgaLm&b$
zQ^q5W3lB@8RZ^sZ#)`(n*hiw|9)@(oPf1H**MnXNcU&|TG9txlG0s@ljA8a=9hg4}
z!^gE)!oWD`=jNf?S%6{MsOOqHpPpQqA3YX>?cA~q=Qy}?s|L$S5;^=)&#ac0!?`SV
zm1QDnl~ZI?4WCY}7jO%R3!lL4T8#iWwB)lqnB4n8Wrha5LFsN--#1(Qa9!;{y7cJ^
zP#L|}djz^nTtr5cblVa=Nya7;=FbKBm}wgfg1`CZT``nga?Z&rq#slu1{1$L>{JVy
zm@-U=mq`{j5j4~5*dvegHq_z7sHU`G;W)w{(pim4xbkAfuqCepYHEIJ<Kau&K4W4w
z4WKMf`#|C0Y(-SXof(0zHEC0yN&wMXSW(D8d*aP<h|lzTID2YN0~!sa=M4V{F5d@b
z?^x?GH~>h^xop%|^7G%gUP<&$V<Rp{J(3S_dKQ>Udi@)j$kgYPewcSLWF+F#(c|ff
z7c};0%4-Q&$g${zAavPJz_F?3wyQ*oEhAZL>!YIuo1q+w&``F9O-3eQMGBo86RRt{
zy9R(NU0@ZlE`&`vkf)E9=<Ec5>>ZT!MWTTpaSoNz$qlsM#OSSG81AhVJ)ZxPkVEu#
zK;6edk3!O74$JweP>VE>DUFyK&=}fGyOT6sOR`kXwzd*hbrqEW|BEVG;U#}&I}o?B
zs<1YGHXN%f$8N2wz8RvCHA%-UQ#ly{BYD{8Xq<F8nG7g?c+%g5#%01wrj&svkd!|w
zzin2>xk`LG+fX7JFQ|`r0NF|3rsaW=n1!&l$a0i+1bWj53~bR|(ojslb}*hGwy2Pf
zXd}b1NnTxQ7n2a2(ZjQa=md<<sODggmTX6^XjCqrdPNx#Js+9i5(2Shnm|TG7-d>8
z^ma+OU#w?*^uo=YJbZ0-ff1U)#*Um`i)v^tfkH@2JzNZ(p4ibI=MsH$gYfI2-lUPg
z1hTleDC?Nc1)QBWJel=J^b}`*e50oiAHe6{&W0#Y<q$2vuDpiaGhDUyP4(l?n+wKD
zCV>xvY$fbv5pJQOP>w)Q{I0P!YHieq%@`WRRmz-26*4`%5sgvMAp-87g=6>Nx*u_)
zAhHaLd-EP{pD1SefwR<T`g|bjEU&HQSk6P_qdoP9jyf7C_#45M>kjiS>jNxSSQLzz
zkx*L1lU|@m0xlj_LD-8Fi&a-yLY%0Sqky_#K>6vAKU^G99od10uSI3wp3$k?hj|SE
z>~nY>VnLpq`>Nib8gf+sZ1bJjSC$O$R!&sI8-dF28%7v!2CoQiZd7I7y0L}KC+k#R
zkDouO#GxejBqr80Z;VRt0=nEB8+)})G`?0EVQCXAU3QLkJLV&|5e_j=hci{P2T2L3
zDKt3)p=v{*N9r~#Pz+U%z*hBV421r%(A>CSdw8tXug89jS$u>x!fCh^^CKaztqd5R
z&8h_5dH@NBDuApPm4KbS7`u4!=PB;k7BoKjKAMClC25Y^a5H6a8WG%=k*=O%`h<L1
zGbXp1cTCd=%^VGmKX}b%AoQ0(X+27<`=^|G2W5{qp@H;m^7o2dS1<icm|86ADIv%M
zkeD9N{uce7$z16EKFHyrvM>#@p`9P%q{KphKtcp2bxJ2OY2ad}Qi;S6W6-n*n$YLi
z^r#V(&_RHa;SoW|Ys8pqbRapMrWw}Vt->Y05aJ#|kxFuwfPoOm6ZuJ=wtJb$#;)}C
z;+VX*2US#C>DecTDPy$JLgk=~QcJmcg^=^K!sUdTkTHJr9I4RWg=Ch4A$0ovLaf1L
zB-cy3lEjpyDD>lKGl35jJ|E296PcUNk$1PaLd}PY$i+q*;y|aUJ(S*~^>lyR0Bhit
z{G8|`Z&-oyPS=QrH)BrW>U?;RU)*3Ov$>$KBdq2|Dpv>ybd%7DnKUjYh^gnkqIdMB
z_2E9A=ek*#0^6(C_*_9Y0lTdK-XVn%RDe|^v*)L&AV`aCuljfduZh-Jlmu+LCL^-7
zXVk`pEQ{vpDm6j_#vt)vl$Tsnyy-)s$YpUz>Rs9zwxmWH0QDW!3}THl5eIx<SE*xP
zwhKT|e)wd#)vm)z+W>vM=tDWJ5%g|?5YXkfUZI0F90}zg!+j=*8$QY=%%zy785HFo
zuN9lP$u7^j>K;dg`x7KEQ&JHwJ)ljPch6K#NZp!%rhdV`@!?}gF`0stz69#^kr%t}
zf)#69e}LKePF<Qn+{L9_Y}E02w?Zz4xFk;7b~bWz6nTKjr1j_JQq^oS-mqMSEK!B*
za#hn}d`EnF<JOD)BVXZ)%LkWGS}-qOC!`@o8hB{h@6LTxDyqB`3KOc8IUx5T^UE<3
z8Co{+=TT%RL|DI)0@6(H0w(9ipHmDb_VKYwLJhyudJD)r73RP2NApg}j68-T1&x^6
z_G3SU`YOnAgTc{9iP&mV8`JYpeZ*0Jku_!;A^}7Yg+!Rb#;+dbPY6Uw%4!m&bFFzo
zHa}=G3wBVrF@vO20cNJ@Si&-0MYlvxHSY))Em<OUQQZB-d{L&qy^&|OIYHvGWk$K1
z@GH94gJewA1KYg&hd_5)<fi^1`oDvLI*vw3U-T?j4`E`Jrm_zWT0=&NNCwNacx?}^
zLDe+Dw1`NBRelT_5968)2<@8N!f#wVX!XuhKq=+8W8cGchrBG>AL6}YTLvFD`aR*z
z!>0;;e);YNMpZH4-cx0F?+}uSX=A|=KoJrCa?F+(s#7slNUOuBSQ#8>D?k_+`<+<N
z3avp6S-0(p&F+yf5x%n(#fo!My6uH>Rr1sD@wl$G2-_*3k?>9_9PjZE(wt{XLhIuN
zP9&X9oni7O-8YVq-lJC5{SDmEn_e~+F}Hx<u*vWBwH=f>>x>=G4U^Eu3POx0C`CwU
zZ=hK031za##SW2l$E15rg3_>Ya*+&=SAd=0K0B7<eHP8bLGSe(l*8x?b@Ba&e0n23
zZoiNo#ww8D+po%*#-L?Vlm&uLP**xEQB~R$L=q{>*5D}NLSKgU2HH4pc5Lxy_dcy-
zXjn=_5zpUzHaFrTe@mPVdFYG1#fhU%2!0K=EoQ0TcY`r>yT)br8wD;nIbri{h-lI{
zRNSuTO8jwM_O!sfQDKWi_Ck2IX{ZlQra)M{_DI7}PL55sW-_672YO~`10{{JkXz1%
zG`v=NCK@6V_*`BvlUWN`;*SY%W=*Rttm&64vtV6^?+@xQ(VHV(K+>P2gHR$&i$XOq
z7)6Np%WMVy{qojloIXZX<FmtGx5k86hf1mcHWXa2lTCW8Z-B7Ief5gOzc?XZ|HN(8
zv65qQBueD8C_PCL#!>T!vQXJX?|$Puuw><CmM5rDAFZW;B)Id&H~i!$_}*`5;aw}&
zG5k5H=+CZ*AgUT>x0kDsy2qQt)`tiE%x!+WjVp5b)#Lm_rm2q!*I?g9OcS0Ctc8)F
zfe>_JJ3Iofd!LVwXL_n%JAsE?1$)Ni0^Ds094)>-moZtmO^yHeUjQ9_G5eG5Uj))&
zumH88y9zXIne=)Kw8FyPFf#Is&YaqJGcMWjEF>Ne5CV@2pTPy#VDzTzIoRX8RIeCg
zA5XBWG|Rgwz)<Yq`JS@0tX0BzTmhoUW~QY2!{%0K(X$j=S0!2XE0Sdkfq(%^n+rBh
zM9B9aq<u-gmai?ILe*sA&l8qK)2jZAr);c`HxLoexe0XhPus`8g$Y`pF!yg;MqsI8
z6OeTWAp?vuVhMg`xw3Njg&We+IDM13+`{r;Btnpe=~vj7lvM$K&7ozaNc;PKuxPY}
zuYN0CZkC^2t@j;}wI3JotFaHnx|vV<YQKi%vUUu3P(&x-+RWrh>VmWIc`K>aBSeRb
zq$@!v43DLRnf`o%eOR6<TCIMuZ?F33a#K7;_t&0qa}SP&+`ZN7W1)*6P=0@avUhQT
zXGE68#S63GBYwVXeC(~=Wg)7&_`&5CHP<#Z`B#mnU#ifV$(a(>oT{?M^-foVx~QVy
z{J0ul$lPu<_m<)&w=!!^NgOwy+=?uun(@3nUiYlkTOxfqtzc7kHQ?0E{(qdkV|ZoF
z()c}-$pka8ZQGnAlZkEHwr$(CZQHhO@111FndqPUobx=-dB47&`nqbbUaP9Rx_hne
zU)65zq!v0Tnf5`%!;u_NQ(>xZxepi!{1{kQVY0pQnIWJ)v+$JMu>YtFZU3Mbbx%89
zg!jOs_Qr{bqVJ5LSGFD+zXPhSr6uq;LDf`xetlf1P5JoV_INWej=NuHvwwl^aJ>q7
zXvk&+t33Zuw8HST{eqt9wh)1_mXM%@X}J^`=T?G?f51;;YC1j~Z8g{*Uwqs^Q!3T_
zCf!+kBR#oxhr|2vitOoi<Iu?ly#4tj_c1%@d2a4-^1*)#{S_frmmXyU^R||G*4FNv
z%X6w3&%}&KXE5Z7Cv?c*mA<Jg!X3uvnFP-OjJKcMM<W21UZyX2x)owd^4CL8(bL=2
z2u8?qd%R=DGdxX>8@hAn?N{EHof(e1ZKU<~XfSUVsew{TMY?aa69!hoR)Y}kNhryN
z6QqI!{UK4qm5>hx7b}zE=LEcNHWdD2rLzt=RrA-nFhnC$1Aaa+gY!8^pf?E-(A#sN
zUae!mQt4V_`nP9N;x-9AI>sYC3E-me55_#8c^FUr{aHm?5bKmPsRzZ)cRhgyINCLZ
z=9WQAQ`X=y8)Cg1Lr=kkFWoy`Fdyq(I3N0L7&yArUI;cHuUN+4IpP-9r*+Z4q^Mo(
zj#g5-`n*P{b{%PTHXQ8~2SAv#w(<tMAZw4Xs8}2@SX+FKnOHtd=N@KmYiP5TRDYFG
zW#U?-dGC1&Ebrl-<G0PE01&h1D^KgkOwIx6c|yCutmfv2JBq%(%3hC4Pejf;)AtZ=
zcr3>OMj(jqK*`?kk4qF|VT~J%j^((ZJZe+LwH=h^9hElTnj3>Yn{hOke?7p{lD@)M
z|FHu@?<}g5U4&?`DaHmeOY9Ae51c7&@;7#PcsK$M4h$sZf#@5lQ(0MA-w0}NeX<7r
zIBC)eH;11z*j12tEz30%Rie&su@Xz64F60DCZAt-p{Q~rHWz}!BX<*vA{JwWrJ2jd
zBpGSbj#E{*dJ@B$$HRGb63h#+2qm)4zt=d`o%=A2D+@?%7Fi}lD@+9%%z#+#xeJQk
zSjUF&SjN>AD|6}ouvVwJdPK_g)dabOOb+VH1KNMA=_9|hB+2j}DL7>rzM?F|QyVT?
z2r;{~KVHnvt;29;{HbOS2@({CcZFU`3g%yAVri1Y9rNhGtg<jM6Y@?hjdbi)g(J;)
z6IMqIOH7s`gg@8<!_JyZ`MVw)>oW9clK#C!p&7%?)C{74F;y)V!SEaTF~S%I%c*HX
zTn}lIoxi||^k0GlZ%7MKQ3`-s_3a4#yK!!(`W#V#WBV;rNLmrBrsd?Qh#E2q)mBj?
zg$idIglxPG6m1;>GM@$$;5@CQIRIdZ^1~k7!!G+SV_%i&7=7r>t=MlWmc@QHJBM}s
z7W^U05|ApZFQz@|VIpqjA9;9Wc;%qSX!?vr_G_VuV~4CAiM$!usF>7wkk6rLxvx)J
zl-9f0j{>yHnxM@xp(`ZZfm46WP4X1R91uEUo<09UrADl7W|$h~u8kl%8`#E*BQ{_t
z4XeH~6*JXOtU?9n96Re}Y<_`0*m({gm5<5fY@<*YXsAw5=fqOIW!hfj5m6o78CG4B
zUTyQJC!89{j&9M;o|e1DTstnCIqZxTUU;$O6*{$OXlJR*|J}sy?oeK^=-13>d@xwm
z+EjIM>yLf!y`XdHuqsB%JoKDPjocTgHQ#d6)3&rtJ;y5pozo-Vt%Byy{2`IRxl!yn
zX@jE1zZhDR5m%JBZSn?>DEIgPjwxxQcTlF8ecY*fZUc;szpRpy5evGVz5RI;3&7RO
zizmv^wy#3vw<kIIEVkb}Qm4B_#?`^Up|>X>(rLx6kz?-oc4F(drJc*6W73oV<>CA?
za=tj^iqnybMvWPZUjH}$_enDgKtlnmf@}-T%C#0&ZA`6y+5I=;XRQE+hGsZIRwEOX
zCa|Iyu#pH}!}bZ}y&6NGn)MmD{d~r?U{d=LfolrOZQr3s+r7s6Jo%K7sjckD1>fWt
z+<`syr2ra*2lm9L;ghw={6zQMNeL7eiyqy5uMR(9S8P$=VzoM@bB`@+-R2(ec}rpC
z8TUu!{0f|_v8a4%(>=hqk2Jq)TYE$CjmaKhZ}+Cod3R5X{pP6`Duw7P6un#;vFh51
zPv}y~_{(nJn{Y}*$;>By$R6)2TR@i5|1V1a3!*OautXhjsjM}j(<>w>NUMJ8eZv}u
z;`CzO>6;?peZ1I_ues~dw{AL5PGI-r1}>9A@3LJgui%v>o;P)2isTd|Q+q?vHg^eg
z{=h}@#*DHcGH=g0XuTJKZ=l7t0`COc%lV`iZEukg&YVtoKHtoTjz|x|y$8V8$7f@2
zh`oC}`NCz$iC4Vn(6-rO9|zkMiVP21sJ~a_yh4?9uSXli@j}5y2R^bYwopEPiMDcw
z*TE?%QiJJBeHoXZjJ&;SSh=wnt-q2R%_x*D31s8LA3CImmTuIPd||lpvX-zQikGQb
z*US`M{my0iL;0DaDzC_MSLo+me2SIR_a8Fo1bi8TE6((;V^g}=SOJK7I(i%6&CWkK
zgYIL7a=Y72*^l}^{)Ox^=z<GE*b|KYiw-sglPaYa>zBFm3IckF=Pr8?IM3m1*17T?
z3p3H*94a;#P-ten)p>Y)&7?K`x@kcpFXF%%E<>vOne7G|3*zGizb`e_Lb9@_V9jk{
ziVwrCG1t)!_MT_0BvyeFec;dLp3PeLL-LQq;)l`3QV1#7MqLJAeZi4$Q#%ui5fbfj
z*Bm97_WL{3E%^q;8TcgZ6=ICf(Lb*JiAxapXaCe@KWo|>YEObPJ(tsn4+eHbaCIp_
z8n`Ml^n*!CJl5W0P0<c8T$V9Bfs_44J6twUL*s$@t9*F16MZNCJ>8={oIK_+I2T$~
z^5Q3#nwe}ymVW{yJV9AtpTUEoQ)BRkaAi$_6I7S~E<R$ASU1+;)kbupFd-L9HxxcI
zcmSlwJQDHYk-BzpVpB+*O!i^YLjVH@8Cabj9YaBo9kl}6zHMG?C-8;XycS&DikS9V
zYlMl&<pm4_j9k~blHL=yW_N98{+o1mcPI=Pn_|MmdGNs~EpcCXp`?!<wcB;IkQp&_
zq_rN@A3XDn>Ad=Uq$5K_M8l1*UJ{()<&&i_C@b6;m%N4dM6{}BX(RyN4NIDE`l<u;
z1F0kW@!qpW`P2t2c&!^5l4K&=*RIgpV$`qZGQ_ORkeEhYu(#{|2C^&=BO*k(Bm1~f
zY8|oZO5yp!H|Lk)_gLIepDBcFi=_jcS1@1-j3V~mEcvbX@+_wM-f>N2hdR?6;#DbU
zQ&j{f9B%)aR9cX~$~k8+t6QX(A{%+Xe1=nh4(~s|tNfJ9e9agp69qJeI1>}y2bM<A
z@fvL{RjzY*3oa@^ep_?$;gfgBtFJLVyI*LvD+-!cDur-mSypmMS}>aqbb@Wqeof*5
zeT(xKI1(}gQPj65NL*Qo=-to{-5R|$Pr)PWY=><t%mE%(X0HJ(60qfJPg_1Z{W+2T
zDKO#52C6N0l&__W1&mK}G+sb>D55@zdDY0qtL)+13(&{E5{V5h_kLtpvUNS;5qyX0
zdL&x%C&*WwHF*Ja>8^yFDgd4U;X%=;;AdSavxFqS-LH5$C^O!sw-BJ9sQ!Y-rQs8@
zw@hX}&un_k@Hia96fJqRoi{%`y<muKrV~tjJ+jrcfj|w&-c5qE*)8VJ|K*--wx?&Z
z$zv#YNr7ln@GzGmUJOH;tTGzU>J-HE`IWF7e>d2@5*5kPHC~?uDLN&(XKKz9pf9;N
z1`<?*86x>v#1S-+Kl0wadIB^!fS<8{%n)f3cQ~uCay_?KnS5cZHQY7^m0C2bN=SW8
zt0!<amc|qgps_+(3n}RznOoLb=8M$nW!HJ11b8(!{^Y77GIkrLldsQ&#^s2{#%l|(
z<5^$mFR(K!xpTS#osmmCTi1~L&2?eio*u1w|NXLqQy;r?E0*oC8gl8!RbKDXU^eAQ
z#>X2n0Jrz_{biJBOj@;kXxt=8{jCIw0u24<*Efq0NQCUh2#rc_GIWV1B_32i2gzPF
zwBHZ#MNQ0><;nH57pXjExG(U$Lp_(Cp%(^1(1;a?&eg8tT)}Y8^$g9G$)?q!WN!C9
zZ71t8t0ow|S~*=)A5n-o6fKg`l^Iish%z@z^(Jl9O};BTT^T-Ff1y53fI%mT8m^|@
zXwrGGDm*WoE?V2!&ibx?RN)KujZu7Y`>Ls&z9rS}{xRB(qz)S?n|9A6Y?VG)CQVCE
z0PCZ=2_jAf7RVZ3+4V=9h=mls(cQc!^P@vKDhtBo2>TRATWquXT;~-+WQ<G@B{#fE
zytbyewjN`0EmdS$NGQ5Mwj531!1~Z^by1|+GVn!6iv}+X(=+5@;Z>G)3HtVFw+Q}8
zR~iS?8wl#SB*i<o3aK~^3#wPn)M&BOWc^FU+XfnJJ<5&=2F;I9s}cOf=*jR2%v3?Y
zd0?m;XI(f!pl|F%F<U@?*e`?^q?g$K>()VJL8_3`kg?T3#=PIAw0!@yWBUOq!5Vw)
zs83||VL;?pqo;)f;ZieEF4XG)^eXspGhyDm5SlU18RZRpO>=oRk!>~fXsoKB&oCcG
zfK@{h5#0L|+e{=UTSuLhh<fC6Y7X+x=x3LtI6GUO+wH%BTJ};vRAh{GvEYWv;Z)tu
zSFU-R#!5bFt}kKOp?vWY>T7MKE3(%3Jn<I7!oCI+c#J9zSFWHwq@sAIh|rDp6j~-0
z*Wp9-K$R11O<Ho(fcP=BHk2e4Iqh^AZ)r4VXNY`_z&Vp$R@WEs1X^(wbw3(s&G?z*
z`v}Griwa*I@s8!a#>m*Iovdc2i?*0lb{lR?!8tBVnky+lSOATE73q~XJP0rl!+gJ<
znqUvGeWty$T*#7L%OI|QZM4fkLpUgO=nbh|&2TllM})%>Ct+laE5ww!9-W1F7@<8H
z5TiCC)Kzorm=f4zuIBDC08h@K`2!&DwkkO+d{+cV@$+H(+9jR64toPrm-+hqFjL)B
zo<(Fk4Si}0b^bfX!??cc5l7qg+G4pRoJp^`s9D{c#m!Ow$Hp6+Oe8X2F=Y$0H`F2C
z+KfBnDT^ul+4;w{YCmM>;c6+xVg^;L9PhK~JRO_H%$)SgMFOp}d)F%q1VvMWOY+{R
zEzARvq!7`wklUg8_BF3btl)`%fCWVyP|z%KEzIyxUNu`hy)N+8@*9K~j2z;w?t*`^
zwDgl9np|3nba`E3BS~4=G3uOr@P(%)h$8}{tb@-j`5Dp$X$RpqpmuKa{j~}Pr9qQe
zs?WxvcbhFsVB+L<X+ft>+=a#gx-B7vR6MVV3+;Te<TheS&%h#t|IjH}@8Dp$dlF?H
z9%vL+Ol|(dz5)%rW8AhP>LITJnYcvLWJ=|KW`!>2gNnk>3BrfxD|P@g9bwk#;n^_r
z)#FLBeZkUL`{5}>^V=Qb!ogvXb{4I-#!iFT<L`FCAU&J%d`aw>h0BFyVhrx)3XW)Y
z2Pkg3W^~&2W>R@L*2gYB?<e}r*)Y~=?bm5XE-R=8;a4GxvWkx;uq-=!GyWO=cZ~R-
zyS8jYlpd=ZS;Oy!HULkJIU=09c7{K=LZESJqAODzZUarR1k5NTzNFr4TvOCtT4XR&
zMRlK|*1zRM;q2W584HgMv|VT=bOD&Q_o~(B#}m*pbfP-kNkY^qb-GeN#>$dbwK(HK
zAl&zqyRvdjXpNtb3ql)BQY809b(GvD{j}F-`N`x~*Got5Ohn|es-RvCpjbu&g}dZC
z-Wh>qRQ7}jvteFCr0LozBKRrIL=CXG0aF~)*)w;rK^PVdqEq99)GH~;BQx=^C(DkQ
z_TLLSz=^5_OeEJ#e%-9#Fs!U7Xx8e`$gM97qMMMb43^$fkHLwM)2};QhHTgJciuBo
z@OsAHoa5|Ub=m@E<Erx!IcK9!m#e`qw?*vE@gDF)$%Kl(m_yVkTdD7zocZxLW267z
z60mb3RV=PH8t%wx(3klx<QIVHvb3bh-ifO>MXr;4WpJ?{G?~#9e!qkm2$R|C@VGhI
zDqYQiz8*(95Rvf_y6*&0w`eW&8?luGdU4`*emK8hOf$2p#@x#qIuuMc(<2eq;}$yv
zHY4e>T&+)db0CVxf|D)WG|R}c*{OeSE8}+>zloHHA(|oo_n@9~v(S&`K7JbUsUI9>
z3Sg=09D7u9G?tBdHGEm;Wfj!K_n|O-OXdQ$h^`)gcQ4*9FfVYkK;|1k%I<RghTD4W
zPeP<Pl=+Jr$UED(vy1ZFW7O>izJZYlBQKQ$IBRZ$Tm^GP=cXCT-L7pBGmACFRN~Ao
z^?J)Hp4~Jt_2y}t3^!!ecw0H%QwD!b-9q=1KBrFcW=jvD-8rE6`;vfXEsT#n!K@Sx
zASmP*-#E*NDgi2zDL@n3O;HR{7MzY3j4S~<gDLG3j#RL*tm1`4#|Kw35ZcW|h}CO6
z<oW3a%nAa8N|01Y2Ir=022GMh7Oep`RHy_T>lcUxJv0A6$Arcqe9yvMpFt(Z)M*gg
z8Elqfs-PFp-W~~TPBqFq@)z8HB#%$m;ZK4AwY9n;A<Sz}&*F3snsv$VJE$cQ0f{ir
znVvKTI9J!q(8}#2$%ut%1%Skr&BN)BSI(%&MHR&y*+6Jrq@dX$zT|5L=v&<^{<0*O
zV3PDatB`IOyM|q(1UgVJ5~;e^SL^BMMrc?r?>L>`5}UukC?>|^d&@gSmpSKk9VoLl
zTK6iVnBT?A%VJYCFOIMKDk4N{M=j@)S8N|S<l5I?-fyS^cp&BktI9Q{XkkfFmsycn
z;g<Fnb>wKNf4<(7?`$8e#K)dKz#s~(a0ycpJ}*dAP|Qs_BYkgHzIkhMgX+=p<r4U(
zT}i-{l$2Hhm5q5W9Z&#RDY{~GdDO(p@ZRr#e&aM*g-6S?z3~3MdquCI=bp^-r=p^!
zE}P^d`1%_ibWenvo+QBz5F3s@9gDR^_t$tlIuF4sY@r~r4i-F?d5>M&sW$0x&U#Hm
zEp%`^1|QaTCr>yA5^4MY;SA@b7WI$d!eUve4Y1sD3N1|Zq^giYVrb$=p%>{laG!|H
z<zZ`=A_*t8x_URKiin_;5F;PUPvB7NNgmW!Fep?XuNhAy^;z~F&|vzS`v>g}lftf(
z4tG9kRHtLpU2?oRNi7VQ)s2vuIROWndXMUd+JtP+fr<xY;O^z6keD2zn3$M8M8b(;
zj52r_z=Y-8OocslY_l=asG(aojUoeKBFg3iKcx|N@Bo9G+QSVh{oE)zKWCB))k4EJ
zt1)4+o~3%V|6Clpi}2)9n=2)&pW?Aq(WC(}*hiJ7iw-$S#YEV}6}ID`L2SArpX#~v
zsS+r3%>Aw(eYlpGJFWD&ApQ*bEhPo}*TU0Wt(7&*`&$P0FHMdl*?1~2bnve!Y=ZX~
zBMb1AhJZyLPrDh}V{wdc6$wTGFe_oj2KHEkUbnpa?R12V51hwCM<~*^A7PVXtqD;!
zj=J+M7S9h&Sv1czT~2J-&4(#%>dC}E+F~}0*0OA;>i3s}QYXmk38=F#-ZLcU9ijEE
z1HL%}YYY#i;BStks-QcbA-6@NkAm9B9=vYxvsHg3q5sOPg$9uWTAcurhAK=4-=R<c
zrhoMc01r-DOX8BF5$UdvFBx{q^B7I5w&>QWZnEOvA>_GUZP4o1HS3#FKRDp@?dD0(
zTB&Z3B!en}gj}WS00KxC2d}?2+N1AO7?)(VmvJ-Y97UvDZ@U9S+1NTFWNh$zB?EwB
z(N%DG-kQ8d$jFe+2j}cLL(>bG8|>)yoO`sFq0fuw0&Lgm)OB|3W9D((q%cEk<T(#2
z4996jt7^hGgEB8^Ja#NUwHb7=7m#dR(1pd4e;%H=XkgB0gF6NN^KvHz6&M(pd%<i}
zRTSV=T<L)JJ7ya9`tDcP8!tP1$|JL$dD+5_peJcCk?kdPCmwM08|}xcNcftfw2(BB
z$3i(t;6z!Cnug^aUZ9huL~O*nAcuc3)%bH!nTFUntDHBNL!tzST-?_u4=%Nk2`uxW
z{CJO1^<<|f`H7JsndA%T5`o&)aOsqsz|dMd$3dY6!!f%C1p-1QOANeIDnE&q26K5C
z>yKmA!@ncL%zy3eWckQ)*tpl(i_sDD8Mr=@FP7>oX!MiH$9P8h)tE{*OQixF`=s`r
zo8l?{N?BX2%bLE=vD7pDsAB$RbqA3-z&*#-i&$dtu9Cj57Vnk#h8ZRC_SAU(r?ep~
zyk9cfI0c^?c-Lb|%D1!JWx8h;5zrl<zv##$e<Q7KJj%_Xy3Bx1W@MB~GFmS1o1}}V
zQ7u#dXkuN&-I?$?>4BsD84(LxC>LW@`hJsPMNvM!J}b~OE3klrEFvOsskUWApwi8)
zeqx{MLOT2gK>pQn>1p6>LjtG-{yq&}-_Sr>olm>HUE*TD6pfC8lI!7UoN1((C<tOw
zT4<KSE^>X#(oh<6-iCg~9J=WI`9Tg&!7T=AkALBFi}$z!5Zi&2<iSzCey*CcP_NoU
z6ULe=zt;mp^lM+Ta>~MMK0BNOEZq0sMK3;4?iIqhwbT5YfJ#NgXRY0Qf?Ssyg4_jL
z;biR6$}|2B+Zi1f>mG{IQgNz(>e)VkCsOyVF)OHiey-tuHR&<^`>RpXo36dQ;s^CV
z7hLm^UXvGmdzUeiOQZbXCw<Ce$Z};QBnsNw)$?U4RL4I~la-Sc{;jF(=TvYj-b*o8
ze$UIxYZ|B6l&ekk-<3bTlocEXB24cT0H7iCGUP<UW<7se(N%8yms0<+$(MCHWxiQa
z=JR&{*#EC$7Y9)`e1#LNDqQZrq`xV(%i;g89X`#9hN2j{!0}Ta`fq723jGq~|K001
zB8Lcg;=WV#?+X3@mdb{woPYbDHvOk*Gl{{(L0lraN{s(4r5KX9|6jfSQEwXYYmsXf
z@oYK9|7iP<G;zP^?|=H|-^EF&uYBh;qN!5ke|MfZNZ#u|HvX&da}fNr>IABhO8DQF
z|NF-x*D~J!PnUBN<)YL$fUBbx{FftqK0p!w|6jA6&d728%K#2szjH+-c%ypqp{TqA
zu3gHL%#0espNYeu+jXwaSK3w4yfjWcO(rrl_&9zSF13$wuOyMx2Kt;uPuwgn)>^|l
zT4Ec3U~LC+a8LPWJ5%KIOX__C?Y9v}lF1p&m!9%Uz6_f+Yh^2@e3$0kOSllY4hFz_
zw5wS6Npa8X+K<u;)UQIhVV|a?i<a($_v(o5&gKbNZg)PTleTgs$7N~?c#4y334-Pm
zvk%IeeK#wA?JMA(v9+So+3(8q7+z49(nuNr;c$6~T<Z1JXyt%3t80DDUVDy+LlWB;
zQQ;|!0fPlciD^7xK$O5+yFTv|VK3C;d6Z@AmOO!-<fnFSf}u=aOa+d{TLf(Qv+IX4
zlVcd}^(gZQorHZQ4M{m+Fzgk)d{ui>j^qdzLzVT$E5XQOzf3D6wBb$QWQGBO<!_R&
zKI$MQ1sw&^`E*ji7`uX+OZ{&y4IXV=`XZf1blz!`=hLcRqsL1_t1oI$&~?`f^IzH{
z_KWUQ__oNU(Qa!#D)P_-=d@cCL`*Ma{l95_jQp^ne8wCyELuZYqwja$dEFPt&kGK|
z8K~4~kEx_WW^LWuDTf8RHxl=sIYO0}jmqfH^jnckY{}V#5jg+$SQmUzyGmKmvU_+5
zACsiYD;)eCVV$SkHp2_=G!*oEm*(pIXWnO45~1BIk>3iP-RTd|O-n%}#iKvT$I(?p
zxc!L&>Y8GByOc_bLpKjymo4u|)KTbxUe_f$^-f2MNBD-I8TbCH(!BQ-OO0X}xT_hW
zDHQ%Ee7Vl^@G?oQVQdAMUvFjfUEWflzg1+&qzncpEuHU!MCKYVdbLe`!ikKJY$@{}
z;wIJ@SVE;6Hbyrp_%-N56~2K-I=4VSuA6c3(Ft}rBWD7R&7UG&JhV3F;upH`a-Hwy
zYVX6(?4iO`;fH@&+3s#^M;?7jU6+yz<Kr3vlBk(DTnQpWgh2C`*c%D9q5hgl5|_hi
zlbOv4iRD=5lFm<#xP7`Kx|io?&p(A~n~8!FThk<cOqfLuCkopcVylZc+NM1SzIEYB
zkH5vd%4xVJ9s;arv{Pl|gkW5#hAv`sJ9Vq&!dJd8D2mViOzT~(Gr;7or+$X)K3E@t
z`So!Gdlz{(T;z&8fp)3;H=WCz`UgcN;*q%US0Ij-ont6TvknJs#|2iERI$Byg+&?j
z1T>rTDG=Arp^gtEk0{|kW;jgafrER0I?0-tl2+%Eu*b!X3tOyyK85Gn*cSiMY2H_4
zncS%xX)=7i9i?Z$Re)+z$}F#LgcwwUrBL;~AvN>vL7Ibu^T2e&SIv;RqB`ZxzP^eF
zE*g#_{enSRSzgB`x3MrZ{s+3{y?y7lVA1GW>K#XW+rHs*kko#PJ!jC~_M=(xWJj1O
zIXB>^3d2bi{L_1b3Pby6B7Xs3Evv-#(bD2##t>Dph>dNpP^EEHGFx0prTiiKcQN~x
zGU}po=@22oda}5R_0J8;09t9f{z-i#@1;etESmns={`ge@^8-lZJpw&s%oc2RalP~
zLB#<Y+`>Iw!E@@t&k@h|!-x+_&Bt+L#84JALX%Fc7}Vm7>F0%2f_{xoy-O2oR0Yx&
z1Lg%vaKO}QVeVtca3bA2{`KZ|#lI1XgUdvu+?-+=8wMo_?klY0RZDW}Fpwrvyl3$B
zJ?)dBYh$?RkQ#Xk<VH)f7R`OzO2KLwjqXz2RAv%cc#vm0?qlCMTiOfZu*oS0q}O*0
z3&l~Ag@?2(1kmMZuuCgg6{tO}oSHB!fOa6qKRP;5bE*Ml(p*u~Xc_^;m+u9xr*^e2
zEV>9nl@Eol0K13SZX;^9C6*)d`iZVQ(trkT>4$kZatnoJ10(K|+cS}dCsUO#aRT_e
zdKcRYAI$Q~v4ijmYzvq7SFYU!e2AD1&!^m&&e>hray%l)gejS)amF`~K;5fz*w&t&
zG$Ah`8%<Aoc$@8k{UyY^9<t*@c%rDBI{v?1#y6D--K(p?5L!H}^LCM}PEl_%^j@oL
z-%QRjhcx&Os~*uA*vnYGs?mln6yutDXzv%7Fp7MzNmXc}$z4ov8XroNx~<H6r;D-7
z&@6J6vk9f8qgQhV$0VhUIGwo6RDkbEYz<H!<3z;G_W0`;Q;SLxc=q_JFFBbf=RhJ-
zF%PUM)x)*}3j9bm^&EzuBjRy?hEJyKxigBoxgzc;%W5)Om?5&NF$F4m&wC8O)2&&*
z3;wgb68nt<x@g?iV=i&?!=j^)hd*9N>$@OV>z=6b+#LzaV2$Tbb_N0`+SOx3?%U!(
zpBecT46Wy}Db%Ofb9|;y+&B$a(B!>NnJ+K7(m3tT3>8NEf+C)*Z!BIh9!Xbp*b}na
zl6s1r^Nt>?l6Nc?)*7EBtlKXgczxKy_1^L;nKbP_uqS^J)FjtS&iCL=k#=opJc__|
z=Y;TS3~d)yO}c@028X&Pt%yCC-S=UNKhJJ!$h7r&=(*Zy=i*iv&PoK4sAW2jy<M1H
zVf8ly;O!?`ok_epLLJ@wSPW<MZkhy)IAl14ql`DR99Erw4OC5bpO_1au#fN9EJ{hP
z8Afz&REec<#605nq%gX4&&ZgOF5<nXzWjB}%V4e1+q}D@Q7$q{=(zY<-Qx^_&$AUo
z4Y|{|kYlrV4Px>h5q?K1=5eMKsC<Si-iduwrCqmbayHu&H|Asa(_61QeRsS7K}1Xl
z`B}gJSWuFUZ;qU)hAq<IuF6)q?tQ6P)h1fOW**ylKto<1oRym>SOV%>ZAub-hQ<7i
zJmGRNc^wJiP^YN5+=rd?xp%{B^P;+SNFU4UNu<a3i1_HNPwZOWB763My^8V7vPr=u
zDxisW%Hf?%QjU(YdK#ZMj4rl09HH+y-rLC8n+oBYXESEnF-dW7U6PROtaCBQaOsHb
zew^Gj9cRJwHid|2HjyQJuKEDP89X<UQ|+5|uO^69lkKRed(Ye~3wV$Gm1J@8Y)zwG
zn>w^=KI5?^`tW|_DVFNYWSe^UI4(}1_txee#OX;(*NKyqHir$%pf|A9k$V-CySduT
zP!-Ihq9N>gE?al*v+wr)uprxhLrAzf7pQr+Y52pXM!NBQymx`&QTcI?Wk;L99)?6N
zwa5NyRP22RVe_`5tDcpvv#^625~_0zcA%dhWCg=Wi+>!Ib09{)GgbVo<M2qU@B~ov
zX?IREuz&sZ<lgzh;)o1yle*)3Y}c2!Gn!iGb)@lIbddN<#*?EF7Uh}6^Lx?;M%fYm
zLPj*M&Ou2(mG}|y{z8k%^<Jb_)O}J6+I$J<)Qef|^Qak~FO%-xD=_8iOlpSLrlGPu
zI=q-@=}HGd7Oh5yK#m*b^AslckYG4dvEF8DIPwD9R`e<T(YdHWuOe*wGgvPfRew5j
z!l$Ht4w%f|R;56}1{p1{N-;o1WM2BJx`ZYJuh~eyQfWC)?O(c9hY_Ql2biiw*eFje
zUsn$=-!#+E5fBQ3X)#?c(~*F^39_E=-ge5@G?MGKKn$tQoah;8KS+6F=DRG@TYI%R
zW9v*Tt7+DKT{JmE*%clt-db!;md9U?o4D%9xuS-ZbhXFO>To9OUyHOh<>UI0;GLLi
zI(?8lc@7)^*wvNe_K;1{$BeDCWaaSjM$<jvarDMvu^;ce!xd@a?SWo4kmTC^tf1{A
z{}vKYT-_O*{hW#0JQlXbdZYpd45AexI~AXQiJ?cCkndwEo)Rlwd_%(XEc{tT-OP0V
zfb&--Yq|;#jw1zN@X}4iHmw<9^Px%AGP!>p>f+`qsnOnePrjQnpJg0Vya&|Zj>xec
zH2%Ww$&q#m2aU7V8S0_4Gd|vdwfb^y0;oA1UHb5f?!Fu=tj?NhxUwO(Z%tiImpA+V
zSDxEHM`wga<tOR|pRV*gnzv^8K(!FlM7CP!$U?+(WrXskq&LlW-(=1=x4IJo>zvH~
zgPPagY>8?TvkkN#xC3V&r>rm_t8q<lkNX0J6I4ZXpsviTX?t^G^IAuI5K!N(mp*2I
zIexIMhuMX`EkRj7Z{euwxME3TO~(d>uhZ!e{rBioj;dn|IW3kl=sD%y^*(bnWTs_+
znmDBp7JJMRDz|a|kJT3c@|5QIGVJ}Gs~4w&KGm4UD;hq{7QZb%vJ>XT*o+N<>#K6|
zCgnpD4?d`W+RKs~K|EwunfygC{FKdE-^|H5S<iC-TEe!WoYgvfh_)2=fVb6e1}~#`
zOTU?txdUPTfJu0pEtY`u>~Q8w9g+A#+Qs1bvMHAkI>sMaGq#~MAyFq8YoF&YrDC7#
zl+c&FmMNo4K^b*S`_-o#l4wEAv8Newka_Ksl6cR3_!q`){Q?Ih>I&v*xOCPtN6H|c
ziSCn-8aQN5H_n817TL}lp6>0QEK=u7!Q-oZ3d*2J&_=4a*0<<o6H$nZ7GQ~uqlag-
z$(c-z_m*0BMK&&UStNY*2!-3^Id^)EMp5lW0sX2H!dPjU4C5$y)}+#c>(Q-MBZj<S
zlre5qnay3z;%7E;r>b~sHEQMQ^hBq_WOroe5q8hpKzLf*JCiG9cg<m+_h9+X_h+k0
z^CuVb-O~__2we!+bAEas#;q41IY1Y){pQDcBYOS=iL*s6n+y9!H)x<kh+8-kE7-xV
z?tT`O6382V9h!xrVJ|vWKjgWng!AyGmXOUa_6IYm9YVbG4GQgIMU9*rlMDtRvh&_`
ziVTc)@uqueKr$jTWF&*c6c*p<Kd0wL1kJPFVW5W!2z-0Exh@LgVDG>%U8tkRRe#<m
zl3s#*usk~9)EN3hDz3Us=X}<WiFZkRIpsqTHqc%r%aAxWtF?{Ttaztu`?0Ob)XGXY
zq_miPQs;Py^$-PZ1j=J;Y%7Bd2zDeA&nP2U&eL~0J5~7HAS;X>glP|y5WX)~5ri$u
zK&#V6ky>b!^fYvx+fI}c59glt1D<lOB1-(`bAPxL>Y?)kf7M3E2O23=!tx03^VPx=
z(_e^TH&DMHZ>{pQ1qbGBThhh!Hb~*qb>)-eI`RtE2D#*HkM7YuB#zeRDfKzT?v>U4
zc7Hq*qX(f{*sk?0uPjimHN}9d;DXxyB0Gx7-vR^?Z~1z&V-!R;QU#Ak`32#7vNzaz
zre9lJ!t6H#^aLQ88y%o{r%Ix+I>Ugo{#kZMmYWH~QhpCOYF@t612qLjB5;r~)`n|0
zC^SlTPilh1aco<i71Vukc`O_ud+3<`xqe!wd*lKUN*=W+xcXQ9Tyj6S?SZBIjqs1X
z`W+MJE2YR5X5wMg#k~)jti_OBJmsa!BTNqQs`j2)rFL*b>{O|J--@cc<&$5~{149S
z$|{rlYWUJE%h=N?Ryh;Kt&v+<3Zq|X`5M?i5V)Bo+PXSMY)mZ41qz+!eT+hDi1^~(
zF1nAWgw&QV{E2u(>EVc4oopcBP9@o8FsJF&Cxf3Tz-r>(IXfX4t9!Ht#Y_~B;}t9g
zsx^FuqmiX=GE41LN9x&`N1NiZ_wao+1P_=6xs9(}d_$k)Cyh``Z0kn~G-TAPP_a+5
z1s|O33M^0T^Fy`-N`Y|uRQ`5hfGMK__gOXk-+4gwZ4dXKA{$)tg$)Oi`Wl)Vh>OLz
z-yp=jWK7-2mH6N6{69AWq-$k0!h4?ycXuNSY#6M-hHS(WddE;z0)ACyKp+myKt5hZ
zw)?O^iaRP=y@loMcV0tX4bCPED|A9bC8asAass4i6ZcA0xi;7Q5`kfg<i~OV+#o_S
z!EV8i)cvAcR0-Ky{#Oe@7Rcv6EiS!USAG_%KdXJ%V!Za<;_GxF(%AR|ozKR<)OoY|
z<R~~P!jMy|wXymAd1UybWfVEo6?zTM?C$1=>##Qm_4-cI&Cj~8BENSLZjv<l>-JPs
zw3d3GDM%{|`x36&6=#Z|;g3i<XYyBGyeD(<6%ffb6$CuMynfVfUJpr!vgWV&j|+3k
z1otL5=%miUc|zx*+0ifl0$$hkQ^WfUS);llnm#r2MM));+DWL2t%8VXyAr+}W)~Gh
zGBea)dJb8BNLUVnE&0d#{`NoIvavwX!R*m}g)@;g|B+uFR@}wxjvptq?VtV<-DT;a
zR$od*g**|3FWdt+7%nultsKH1JliQrDgU8=W0hrkwv;Xra_)MY=9GAcGYa)#`v)gx
zfTMd4Zz&^o;DyuOkr~=aj_Dg?B)<wc;(nr3W&m?DAz~vGEKf0w2t&7&M!T?z1I0G<
zim#~pvzgi$xt{|h#Ev5;o!C(#d6nK7q(+@n^ltq`%)NC1VnJ39MQD{NAwDKo1MM`w
z-qSIe9u2xhwgN)+yIj;WG_Rd`zktml3lV<G8#}w9ys+D{clXO$lyZ#LR4E+XqLaNr
zUwjwIU=^yxF0Es1%@=IMk4UlC!f_!&_Kq+oDKaUJR!AhQb<>KQd-L30VuTrATOt<H
zLhVi<71JnF3)%9-&mLwodJ`H+xWz@;0*8V=dVh?$?xy(6S1=GI&u^`|w0v6~oWrYw
z83Yp`ro7cX>5EXaHm=!8S5W(_Q|0yw@|HQDa5rXXN0e$UPQM*A6rte$`sy-9A?*N&
zJ6$@BQTFdn8Y;c!9}tTm%km@o_j244q|c4bGQq{qt*)IY-{S;LtALMHkF$#$iC6a9
z)Z4Qe%NxqxtMbdh@c6kyz6-?DU<u{#X&winEf<3fGjuSv>HONx?G)N|;KF0S!;kB4
z`NZ4Z>&j2Ppu3JRg@s8P9-?N_xNRUoNYZ^hD-7!sw#C(@{^p?WstQTNljH&%nlR(n
zjYr1Kfk3+xY7!Y#p+ARn+Z84$;-hOFF$H68sYXvEla$Cc^<IW2a4BL?H__GQxtoe&
zL8@S2T7qV^Tat2OX)rDRAq)*<X;8Y*cw<e-;j5`#5nCBqVVDSHaA$a~Z6XYJ%_bOF
z2YxOI5Nb&@mM1w(DEHh&XeI`R7?VX*e(|qxhY`q;C6el;6jLP(zeL9!&`Bx7>R&zW
zCwfK52PTEuP?~Q>wzN^UnNbX=rb|?DvO!5H?N+#OK_HUjb11}#5Fs+w#PEE}huE}4
z{TEXP^jL2WUp6oI*ad<;mihY8%YCugvLA&yG{A3647l1O>))0vm*9_}WlVl)3XR!<
zNXr%Ahk5L=y*e|XNxLncK_Oxm%@I_%yaLrH?G@t`tM#dFHZ(?F)lUld79mgO5nxxo
z0$ObMLS}{NV+cha0fA4W#iJ_$%hmD*XBGZuGvsNg9;PzTPISCX1*$ZSNn-#mj6c|r
zb;;*jP?yUwmmv}qT5gE~OrU};E2a&0#e+HC%v=O^94#w5_)!vW8Jfs^g7o;JY&s@r
z;@$|^8mM2ve7zF`F=1)9->%S%36{(xnex7%*F}ndP}9=p)yl8GksS4$4eC5w)uxQ$
zC9R^6*|FgF3kI+Mc}}%==oMhP{Z-LH9$0EkS7@nD54r&irFz4<2(Im$C&rYedof*b
zhTz!k-85Ad)e}Sz&4q5^z;LLf8!9)q;)SNd9=n%2%u|-z5awv~6z9E*XVL8oh=bZg
zv2~Q*zzAn$Ne5Ub(zv-J-?hF$UopiJws1H+#ZFqsqc`41c>>l>aMqC?v+P(b*M-*t
zDW5Q3uTL!}BBLO}!-1#kLW|f_i~ygc^Bc+u)xJi|JV^|o%<fSEM)ihZwyXbQgiT77
zcJO@o3X+d0pLQIR!3^`4D~L3`l%^Q3GuA|_Eg^X~7p_p&5;1hH0#hb~Ihui*5O_d>
z9vU}jPTcr0KMF_kHgAGh0P0Rh#^p`Xx#}t=p_4^D31FmS&3O!3nO)n7nfSA#JCz;H
zggqThH8nCU|0jUs-lE!C+w1D6IdF_-yUq6u)&OH=J*pZuLap8K7hTbfy;Dj8U=VUd
zTHD(M<(eJNG(1Iy#0t0D@CDCD8NxLpXzvSXLxHlxiKdEJ=*(7ia`>AxjSi+{)n~S~
zWpa7vtpma5&_A<<j1z!~^ms?4M_>aL=}^Z0*bfUSLzy(FT@;Z{GtQk4*KbUes1lpj
z@jL>y7g%DhN?ep3=*(8m2nHvb;&XRNg;g3;@|fe;J5#qP@0Z|#*w>Hax*(PP7MHcI
zr%<B9T|CKD2VT(rYqzc)ye8MUieK`eIX1;4tJb+|{b=3IJ<a<VEdIyu^$|z?UM~oo
zo((~-vPrU}1X{elzz#r?UX7!7{A;F$N^FNK`*$xJ!a^n5CCG>|-t0Xan?;qw*qm%(
zd*kNGLe>P=-CWfZb!64<uxFdgJd$?y10A49Y7BhWQ<{=Q%|P2`3>x6LH}1y`Y+dAC
z^)Q(iBL1&b;Sd#T<GUs;D9a=MjBZF(#*Z&n9jvl-#_(ss)s83<3pQ|);r1~)HV{G5
zMpJ&K$`SQuFiol^sP5nruN-Gj$M$KGvFXyn%@kSB&NzrYB3`yE@Ai^4P8=#zf6V(!
zbeZ|yS-@=K@=VY0m<k{fmiiJxZ!DKT*s>2yz@4xHKOVrTnyW`1%G4Yi8<NsS5e2y?
z4ZZwfB~%&*0U6?d$6dvTd8I34p#>CLG6pAIodLITYF%!L)@wrHln4cvGHduT6ON2l
zpNCKS=2l88w-UcIw5<w8bP;L_i(>@WObn<MUVwvr9b#P1f0i$-hTw($F-Bwf`@bU4
z)KwU7jT9u@3fj!?t(-s%^FHC@t^D%KAZM4cyki2FGc7df`AsQN$<5zPvh;mH_DX_V
z2e)be!>DFVm-s7sAx>AID+1!6{gNaEtxQ%Fh4i{zoE+Z!!-IRpyk3&R&!4%t36!T?
zFY16|?Y`DW!0cV`EOpNDrN=M>&142v3w7&3a7Wum9)2q04Q@5u*zkL=U^ReHk3q0i
z`e0aW6&n3j=u5({C;$l{C~9zl0V6%hNfIrKQY2W7Z}0f)hnZ)eMn0zZ4)W&9uv8?<
z1srV3_4VY4t7HGfuMcUYw&ZBX9sr!STTw?65H*H(aG85&FDd0JA*D@PySNI&`=U#q
zZgGqcch10?{A!nb^7#;%xBEnhH`M{2UB?@?rHdesiNr%<mjEIXYpC#ov{CSuZSjy>
zYyQd1$|JMFI0Y~isB%?wdiMDA)Q;{pkHoJV0qyBrTSGy|MU+EdU^wrS=6-;Z-2%S1
z=k@Js<dH0&3SXmx%fe??1((p|S+ZIi<lnUTclq&VzlVNr8nNz48Pee~@sD+PC8SE2
zzJeBCW`+*-K#y=oY?Be*mDU^FJw9H(LLfD*^_0nY2Y1@@vS<Furg)FS`7RQUUxf}n
zRm-y7V<W<^q8K8FXS%j~<2rlK!3GycqjK8?c`v|#q#K7|qIy})E6W4oGam!aTRpj(
z$B;JMxOPnHJB+6-m5gAeZdAh^AvP@^z1-jQ8|06+bdcoQdcrnsOf6eoB_<!GXa~EX
z7{XRt9gM{p`8)OcE3d+K#t?aheHHi0XNXG$Z{*3dYTK}Me}rgG5<=HgaMWSicehQ?
zGL99Q_}rr8<h!;#JiMow`@6+OHRvL}*!Sub|Hk$w=ToVYbV={al{m!x3q>vVbjV^S
z6ToaOauB<fSck?HwUnsE{5nsh1b$}<?xWOElnQ>*+9;Q&fxG?G#zpF)PNjRr$H2nX
z`=HAP*4CG0OVf$fM;A~$&TU;f7x9_>TGJ_(xZCb>^&R@<y_3rA;AXZa@2u$f{;xKl
z7`v76MMDH>v@?Y$T0_*sK_6?{LGl{%f%eY|+`Z$-?Y2t_F0$|Ike#HUV=}c@QpZ6j
z&r}L#`8O>yQsw?fUe^!}_g~Qks<PapUD!kc-Pvr-hvHf?celtxrBw^avr5X!>W3ov
zCgjMNm|-O)CuTE~Q&UH8lBw$E!0#nIB0xp(_cL(q80SO3WS{GwGQ6OvrX`ec%pI+W
zDH3?$tie}CvB}JGEX?s(uVs2d2Ua7d3t12SbEA+zr~U;I86oAkPEjMa{NK%}eE8&Y
z^_`iGA?~*%-SSFEkma3tT`)XtqxbFU_L$lWG;B;XgagEAVc!eKa<|UcD+`O$)SH~9
z3}@>TIe3zgX2d*0kG{ef9i`*YAyJFs9qW6Q$5S4#GA*9c43H%;bx35SP_V(>A(4+S
zEhz<)7t+|}vL}TjcO(`#+zpE9&>vX{_};X1{sIh^h?_JI45@im2@Z1Ey~JxVkr4kV
z5X5Y<kyme2l^OmK{==x>FOjfBJU;bLwRLN|1PmoL#2WS7O~lU$(&Gd)VhNnwrZj_n
z#e%jXvk~z@`0{ZqJ_!u*A>1K!;eL%hLIA8Y6SoAFniB0mK{XS=gdT3y%?QalzfYZ>
zWIH(kssvUcS@bkG;c(%GkChdaz@br%Br&<(yv{k_eMEYsDB4SEMk=S91xn5>UpLK>
zt}dfM{UF3#jx$xwPn=-1d$O+`eYdwePIfnEtRIh{mf?`vXxqQs^Urv~Sre@!caSPl
zvYvY0Bx-ASZ9h0RCV$Hn4`wVv><Sosl+sSzpHL>tql!fPmc37GVpKS`l4v-rALZCx
z&-AmJ|B^%0LrrIYnZpouUYN-(?@Tiw14ba6RDtVvmnzHFuk>?j#-ST=66=h?oCJp^
zwGg;@8!vzbMLe6cV-kh|#GdwCVve$Z!;{FEAjBE<FqPTk@pITD>HbTROKpnx%|u#+
zu|e4;H&dr2?#SZbRM=_WzSa#fAKE0-d*>*|ei;3z2GefO`ED|c7jYVvv!B-4)*NGy
z(8pADzs3T;?3E`Kq--nJfF@`Wb;zSC5(dlT^}NCy$O1aa$*a7M-mPNQTB?~)Twmdm
z-c{5!rHfdFlb1gP(Lh%Y=+|flj6+C1)qhnjk+H)-M~A3^C63_-_-6BXO~c|BJhP)(
zhSzcL^pD1GY1xF$5SoUrPpvRg@nmnKD?1|~CwC8C*GDe>LI?FF!K#^X0dKb;G-}C2
zX>9Z}x=VYXu{SfSgtggu6B6wl>Fz<8^(b|lkPOMw*-MQ&LJ2+_<(=Ysy8N9r{klco
z=FYB+n7*7Zxw!Nc6rYF#d1@)G&@MalE9KAyyMqe(zkrSF735LXzrP}!(G%v4krIZV
zUfafg_;j_ROG5XkfVkcfo%<Fgq09dddGJZ~wK%l>`@FnBEl8>5gR!5}Dod&D1D4&c
z_&@kW>nxP3;KK({>?^u@5gmbBM&}0|L0nSle={ALso;r27yXv(q)kNEC(xk|c6Mo#
zmWfK%SsC=rZzm4Qod4lTGW~q(U9-MMu7AS24bY=7y_q&?H~TQgw9*`i08oyWnG*NE
zAdqS9f0&R*GFdPRu#+%f$uf2cLANxin)v?^JD>PQFxJc`3^F++O^{RBb@AkVqsb=D
zLL#+d=CgDVc~1FN2A<A%I8v&9F?=%`_ATvteCZB;`d~NMb=iiOYQhy@EYY5=?b7o*
zBH(tlgFbscIfdzPyaL0p$FHRreb-{UHxEE{V<^?{>--J#*QIf_t;Wd40uX~Y58aB0
zBsjS;38RPIZ)hX4ZEueP&Wk5QD<fRB>4Ll&4`V2IFU77(2j{AjC1;=sNka_G)w$i1
zCPfD=D2K-QZL9^>5jK0`rd8Up&6|Zdc>K>Ix<^C#-+ysKw#omXHOak;XW_m0gt0ER
z=o%^SlKCPoTrG)uykW?gi1Jd)#ZfqGjVWL`){f9+C6+7d-5U5&9xF`sE<gfn1x#F#
z;n^b7?|hz2G2K>~pvPKbYMyNT<dC`c6bch&r=p6I|H%d5Jb(7L8NAt!h=eb@v5;r-
znaDS}#kkfx02f!-iAWr|y*e;|lGt+Va>`V#aD<v>5UX*CHTQd6RhKQ5l;K)uK<b85
ze$}Xng4%C8d$0^;mH90%$P42Uz0QKq@RztiaRMdU-4gNtc#4V0r`wv0Nc;nC6M~5#
zQ-8w3N!2ktLp|yib0ehK3lPUuQlxEE;S=v~C@aAdi}$GT_6L()IQ1^I!j3MFSE4)E
zH3p*PanFy&yN*+zf4jZ_@tGv(=~$PjsB2IocR8&z&V{L5gd*?A;_2)*NHVJ}((6FK
z%mN1F9X^RPqJARu()Z1@sVO|v?;EC16Y}!}+VyxO&r=s;@N&IoxPV$VMbQ37l8*Rj
z5)$i{e1r^sTulc#VNYA_KBZ7O-zQh|4@^|~51Pc~Ph<-Rb*QFKVOxLjv5upWE<oKN
znapk%+RsRq+^rv9A6F#jsoyb2wFhN{yH$1r(_bY-!uVc~62TaFom^##PxKRR!k!AR
zzECQ(**1FHw@ArFAIxZqWeWTVA<(B3ANM>uHfLwL9RYMzo?VxoJ}x<b2TkIA|9!(S
z3#sB;X%VbeKd{v4y03YO73OT$w?)3)8(rS%-vgwC_>*p0kdu2s@%v!>immo683V0G
zh7dt>S&Z4)m{ii#bWd~7T7R7PTGgOimT>>l_&v2r$mAmw2KJtXMYS}cY1@!e6oi?;
zdSHksSg|MJP*_vbQho3G>%v_vM0VOHR_Ke<wBFO5d*aE-wpe9l$B8Mb{B$LUV1F~|
z2t8*vVg1TjdMH^!CDiF$>$Kql>Bx*6_J90<98tCbOQt{XT^9Tu3k<Ox7d&O!a9VjT
zDBT$G@6(<_S3)`Pr)sUl!^%orn;U0GhtU24QEal0U}7SP{7><<%{u(IfOAHG6luwP
zC{2{4n>&*TJm65b!P7~kfif;{@Q>Q!`q*0FN43k7c~)BfxG{N_S%W8E$4S==&%lmJ
zRVJ~8+rQ!{J{7vg27jLwxwknigZmtRy_Dek?M-<M4#+iITPc2*_Og-!TGrm_abCl7
zJFm1kJKHH&T9&0_KMhVhw$9e*B6!rsN)GMQ`7Wqx!*Yfa4oq@g8V8!!b7t`dTwQOJ
z2A>pf2D@Tz9}ay$W<^0?F!LLoqDbb`qu?SwP+@ReV=;fC+xzq@!E_lixO8QXN6^C@
zxO>zkh7C>buY`C9tUI^?%q-Q?hbBnGwZc?aNoE$>6S9O2n<W03o&6$`KDps3eC(-K
zRlono-aAEC7Ij;r72CFL+qR7z+qTV$lZu^+ZQHg{vF+sMJLmlE{IB=zKHR6>_G){s
zJvByOZLHpB|La8q?4KN9EXc#H=Z1jLL8cv?VkIqY5dJh6#+48A*vCbkfy^pb3Z~~R
zKG(lRFk)C0!5pQKwvDCNTfF(62S=yv8ErbALm&Kc6Hhg~Virs((S^y>&13jgy?P*H
zP_gV11>L)*D>3t<qrRF3Lsehg|92P~?ae6fflPR~vHrf``_Z-PI$h99pLnxu8{v9;
z2o(N_x|oR*PMSSrC_o%hwhNw<Wg!7$&I2oln5B)#=D~{aDjajsV834D_g~rXhclQO
z5Zju5^208tyAyG8Vopd%@bL1=dHT1xsk=QB^0!#Nl&{+DhZqeKxKfDcnOA(UQ&>Li
z0uApo(G-v6VYmMH5Oddecuka%DE!}Z6esBB#@^iA?BVU5+kCZt+u6x$ddp3R*QA2f
ziU_&NZFG$_6(Hp0V_GG4$l*Z5`X^E8ry;!?@R^ox-SaQCZ<w@zK8%)8C0Vc2{;Hrv
z-T%IAY`~u-kGiJT^8brVn#J)S!lV6(THpVIqeI<)n3qG#`{mvL*TwDs@GLv?HNgI7
z*gx>tJ0$*-A2D>IE8hN>&DrbupGdwB(?_fPU(m+D`2j~g8@lSVivPWM9Qz-7B#xI_
z?f=pvb#49wCjZ~><O7CIsG9Fje%&Py&7+Qd@g1|_{?~W1(SAUp_O1s=8kU_$AlM&q
zjf?53zyNykx|j|rc7c#tNme?>mjBLI^2j>vgt7ELWk;{799(Vz^964n{PY>sug@Sz
z#ddtG+x-U`DWxCN-UhQxJaKI`pkkW(;iqdhNLGo)_b$5Yc6Qsduv21FACGS`?c_bY
zwG~ZBF_7`Tvm<pyt~I%&*chnLy|iE|N?}COl|athk=&GVNTYE-6{d>I_i^fVPZJXh
z#PQxRaU{(9j_`O5Q&%8uCbsK?EV<bfZK+biXgba#>uHO{b5HXZx!CZ!nRD4rzIb1C
zuUsW!2Ww>9bu2m8OZL+@NYFOt5v<wFw?4&iAd;k~TTMe&Y8WV$PC!<wD>SLPg06tm
z7Q*@Xim0?5y`gdFtJTA8<d~=?vq7eWc7ETz_U2e5c|3(8#o3MP(|)F!d;H24Vl7kA
z;mP$4Af@b?o~;A#bh9fIhs)Kw9vf?G@!Ive@-M;J147`#BcLDLa=`fYQb5_|>+HeX
zw1%dT)>=Tuk6%*h=V%#>YZHJn((sPA@BMv@RuOK5@mwOPG@TjtxLbqKSng<z=eGGe
zduE=GfVKK?(jN_>%ZzEBgD;zXjcW6eFw`hKpWCOq-l1RITUZP)5_mrmAyCexX8KhP
zD$R_d^?V?^?fcA=YA;>iJ!?&Ku-5E`B2dF?<x7=I>a9lw#?@9-l13cQnKDflxGoHx
z^w0V$smerkN$J^qoV_He(Ho_qXH6#I-+jvupHVjZi+&|)iIT;S1TeKK71#!Jzav)N
zkSO96Liw9Y!g-A5Z^>6>HJ@8ORSHQ5JM(jg@BE0Ut?hVC>)XuZmcY*r=_)xw)LA}K
zHr&YUAnzIP$@L6!tm;!su8Ai4n?D?#pQ460!xN|vvXR%aDSn!k)A=+d*T~GO=wFsT
zzONfqt|!Hv7&AnXY~aq<%zpP%x|J*C-y2-q*fXpyEMX0PD8N1&<PPqGb5~IK=*s5u
z1DU{Z@k_vR)+2+1Yf8uFg|gTSO`>#Y%Meq=v_8zQ9@$<4$t4untU9n-LM=U3(za}*
zc6WoHZha5mx7LuB57Sjqp<rN<$lBt&g>mZZZceW3^s>PoXIfe=biV6d8$;5wWDh0B
zvlCK!;Z840{3xfcs2g<<b?wrB3OA&jDCjH)&yHru+3xmOU0F~hc`e3JR@)(jjs!AC
zVCeMGbttPLr2$X?dS8>(GLV>le3S+UI1ue2Je8!f>&3dIxfB7Z)PPM>V*k9xx>_W7
zu8dHMpOaSO+-n8!wSCW}M`!3uRR5LL$dXf4Xwt%#!q;c~Wm8wAmaeHAk4zo})y0(w
z4aJiAVO*Zx_E*&Lw1GAEk1XMLXxHVSVI%>neV?s!FW^1Ge=1N$(ZvN>^+CAf(o?v6
z$%4TOocZ`qoU4{Qon~i6m3RHZR(vG4DRtOgv5`)H<Ljo;B?R`Y>5;^Z`jCbSfGi0B
z44qw<bxi7sdU*o^gLvLuaO{t2$r_7_YS!WLJ?B&d>P@O?sfx*Tw(FGKc8}yScd0FI
zAg2sXYC|Tbs5<X~U>Lk0ows*R!`0J277`ol&$K}p-Uyw(yti&m`P~H}xQ1oEn3_e?
zSAKpTUhTUk-j%<Nd(LQ_itM2mtmLX{ht#h_6g(hvwEcQgCg;=sL(5&_7i4X|dI|G{
z(dp7`C7to{^i0d-#P)~GY^N@_!glyON+Q69KgTn>wz^OMIX|)n9$Xw%Pi#3*AZ=yB
zs8Z@&JHD6Cp{%4HKBgKQJ0$5D3lW&W&l&w%JjOhys3K)*iJ#$wz)tS{w?-hxPFYI@
z4Qz<~g7#1q61HJ+VvOaNg1h;}6xzRWwkM+&dJe7MX32(ZdyA~qRSU+q7h@-m@QG;+
zKWZafv|>~<RNNMqj+Zd0?-cg(p8{Pd_yN_U6(z>GmLdHi8G0N!Zr}cL&Ys5l!QLhH
z=g5x(5K|kM9DxJ200A%VRC<Vxr5IgYvlwdf`Rw}28U-i=0!J2I>Eg;ZjDUawZ*foV
zW@pnp;1HizH&*D%H8=@}zYl2nI9mQ{C`h+$hdM@?25a2iVTeMMM_ul;8#K|GX6&)1
zgjOJfBn3a@U1wA#sas#e-uJ52!)x#SIwZe2YmygF{!N%V_6c*d$-6f|E@czvN2<tY
zH~-zqtLH!W?N<?<eSUxrw6$0>?YdUZE4E8a@p~YQt3i|Ln63M5_ZySX2)D&Qi3H);
zm^~p8jy8)aSYvxzu$@xxFCgCZCBUxHekW(u5P{`(g3~DzWm2ctACTEs6n^#Zbc5kI
z>ULpuQBlNp7*`)(AV|nb@BL{2(|bhKZ*rc#aWvSCrQy0QtfFdU-Fa-u{bt#Wq={<5
z^J%;fcJ^r`?sz#;0NI>+(BmJ>RhKiff&yl5O0ZGeS%N={>066zS2G?ScjNJ%{k$Y^
zXOtE}_f!|h_9TeL(0t*yV2-v|x+MajuL;Bmi{qB0n~St~1yvdEn+XB_M2f)rHO=`P
z##t*nRqU#|rq%Gnh2OK9Mk6+&Y1wmei-E~DK7wvMi_DjMCZ3BN(39DE|ClQ^TTTiM
ziskJ27?uFre8i>t(Y?JFE^BRDXW~1f)1o(qc&T|^f%W{4w^GY$1z(}K=yIp`*}l8)
zsda3Vu@+*bt1&_i>h5Oe4UJ%Xfl}f9>C(eOpE`UnMy=VLJy!wOETzHseY*bwTwf<a
z+DQ%ReTCL&kD{i*WlvPx^>X?J!QGj$#?qi9>%w>EX31B?)2%8L_?+{|PrdsS{F?U-
zOlCopYWp7F{qaH?!CGf?`rx|iFb~$Z#Qr-<=Zh`Pw?I!*EpWbyHk0J?dtJNn$hLYx
zlU8E&{(y#ewOZ=wiI<Zvr|XWnAxDeswaPmi>T-Q<N_+ZK_7C0&lBZC5{Zs8_7tQJ7
z-{2;{y0o5A9DyMfRnHKT3H>ARy;-S_lC33PCR>sY>9}CtZl&5c0bcKk0AruGS^rUE
zAHSl&MDD5&fQ)kVUDrkWC+fkv<!4J_ZT6^y5z}-ds<X#CH2TN0>vEM}9Frcm(-zM8
zYL2qh*_pfN!P9WN+xb%32!>Rq)xo3K`Ri${H)iqJMmG=M#?Cm84zy^UUf%;k$^AoD
z{LP&&2$sW`cO|k|M|p<D64klZ>l@n08R5!^{*-ZU6$SkzAy1l5uPq1fa8ahw>5|+;
z2j5B$XLM)>3RmqBiCx>5)R(V{&fBvEuiI2o?oGCfW^{?9bncSr)M2r?+3n{aQfWyN
z!=(;hbnk+yt2d9NhujRGkC$2FL-&+B`+tv1r$wr0_3lH$=)T;cV)q2c<JEd?dl{u|
zw@;QnEpL=$Xz#0B*BQniMR3NsyPvM%W3+42XZAfueH(zifzpk+CY3^)md>VRw!exg
z^?_<N0JqNWx<bIg!IBgzhw*%C#_(B-{n0YfpU&V`n~#dgso(avSZ`$JKm^<FYy*{@
z5R5JlFq5+Oy{omMHMt+@uM^z{Zx0f!-PdZc{wC;_e*rfqqd*S})A8B8dJObN@l^5k
z!2rjRDVCSr3?N<aweQ=15ICHq&w^)Grw#Mp?N-MvI1?lU)rKPsU>~7_$KDdQwwI9z
zNB49w)BvQ`R!C4LhyE$t@@pwcSJW0>FDSa9zQwKEf7eoauGpRsiJsn08u(g_vHE@Z
z$yJ&Xk<K}4x6qd0a%pdLq0_;b9y`aKxFmotwQ~=18|ZBPk0>a-pc|UBw9Dy%N&f>L
z@a~-qJOn;*ukT1+t~!n_5!w?ta_mVN58J_t6Z@QLbCCkbvA4h>Z#S0L146&f!5BM#
z=)f7@A@8sEwOR`tftvB%YL1q~-yhtCY1Jn7f_!LNp+=^d<G(xfcQb+snBMCAQEtvk
zJH0=-{noVy&Qb(s#bjM!M$(wyN@F`uE<<$Y*wt+)4Gu6WZV0p^rn+Y&b8cAdw+W<8
z_Jq4Peh=+~?J$<7(Cx%|!DZs~{5v3GYHZmV8-9eM-K0^6UGUN;NRxd(?%r*W>w8I~
zsP$hV>h?E=4;FYhe%IM4t~^%hd=mzEd6WLGb>^}E%v&?~L!m&-4f}7sG{<bKL!S3_
z8*?42ndyCL?G8Dj`1*4UHzzTk{t9lGR%<F}T3*zpEwW>~Ezz1h+OoP?Ij(DD%KPAS
zp&p|!Tz~8Yn&VF6^?p^S(Bc$JGC&g!JBf!VKO2kPjWWJweN<(u11Y^blTTj=wdqGq
z;=uo76#?<B(R||!sN=kPP0x^W^x<9UPpbMe@nOC3dXaNamieTyaGGhdeX&`#+L69|
zyE8N7QYv$>JG@lsV+q5wkoaOh18%k4H5RVLlg?2SR3TRUY4ioTz0(t*-^{Jtqa&KF
zflHIh{rlDw5&@52*qmyc-ku8Zoh-aL&nK#I5&~dJ@ClC!+Wut9VHr0tkV>RnhQVa=
zMJcSYtzKvC*nKerJ~y8+nIlFKF(Ww4taknP!I&U*-V$Z%fywcR-M1=%Et!7YhoUlq
zXsS&mJqSCW70z_h9sl~AX_;*QolMjH8VHgtvij!98~S$J>H5M~FobP9rakBkpeOoz
zqo!s~Q#P{{x&YZ&U0;U+c-L{_r-{&N(m^nNoF3wKw<uXIUuF#d8^m3{C_74wqJ|Z7
zYkXsld}LPY<@$ozPWKBDYoIPWwHD1aB=#95N(GO6d>f_Z&q|r<pXnL-5<fO08!f4h
z01>D%eI6fZOsD&-lrYxe@&wy2zaFaHGj9DtJ2hrQn;$80^4$b_6MNXNM>59LJCs`+
z{)O-5N|}Hr<8f+xy3{VpKBY4gc0GZ`drrCI#*y@SAgaGspPlC=0StY>h#tB0*=^z`
zuoI9?`KnMYYj|H?!*uSX)%uCeFW`gIB`PNS8-bQrT8s&F$4vQrU*)#PnVJLcTJlF@
zy<DR?tiv#6)Jp+W*~$ae!&Gzg$TJtBTAYYaFv2r4W!x)4(t3OOPW48bWY~S#`qYex
z>(s(*dvf2p&5?T=Ja8kEGw>1oJ+rOVyQY?P{oQtTewDh^%A*7<1Uv-OSBx6<k=Gci
z{L->$Nd>0eX#tso2uy_NzE6LCW#?Y=mCM!P-q5l3JERDeoh7%+JAQI9<28rtnD;r`
z{peya7XZ~?VXV31%TRC=q;b1CBW@t8j2ES0H}tLmv0qKXg*kS2TG2hYAtO_3I_6fi
z!wbE~H~!+Q!-^fN?BTm3A4NN}CM*b()FaSwYw^S(PDD>HeoD(z@`P(!+RSBW^8yV+
zAQyCLf6wH){d!Z#*1w{&CvyOo8PK>mmd?%&?l?@{c!)Q6m8hWfl2*l7zcD&U-`;M;
zr_G23W_tNjU;;iogBN#eob;P8hZ(Q9j88c%yJW&)?SVFCZ-AQB4D!zTyw>wn{UXaW
zh{cZ7f33vWp%O(5A~T^tW@vPeN)jG7Xmtqh;*XKLv?4FD@Q)?gjS%DloVZIK3<<OH
zZ+y*2z3{uWreV8;dTE=ncf<+&Z4m!p`1T)DwUkgIR#VX7+-n3<-N1|_W=12%mL)Sn
zrj58-y~aefwmQA!c=VP!k^{sg^}vtMVn$9X><M@y1cDMV|21IaTD8CSzD@A4S5lO;
z_Wkf%w6a(NxJkpLL<w6NbVK25LdzUwYh*@&bgZC14vlkAkrA%=0c2LNi8jWJ#=69b
zv3{%?u;LfQ5FJ=+hi8<-2}?3JZ#d_QyN2%CTZR|4qy_s~`6rUK{pgs`nE=fFL}a9?
z0atf~h5;cI<iJ_OLdU)u4Z`DUSk~(`$ihJNDU)Fv{-9tWf&N%$2t$h)DDrbio3$1M
zp5=?7uYXCnBFhel5Hg>023TRy=5-f9dXIElll0P2qHej%9OX*LZb;QVj7S+mKKd15
zB(L^l4?L3+)0%Hkhd!ZcS5l&@Fe^qcY-#-$>%p$k0s~QU6|*ig?bAvT4=v+kG9#)o
z$mO09IsGylj*vJzub49G_@beOShg3^)=lsduR|B=D(wjGIl<MB!%oQ?1Ear}E4d;i
zp&Ureo-78x$q7=Z(8@+hH}VkE>4YL=<b`cQp@vVSBqy>W{@N^zVe@ssEg*dh;WVba
zj?(DGrsz!Uu0PWQTUg#Trx}iHpJED7fXnrf{6=KQWf>kJ4xFm7SM0F%&=weQ_J0B8
zqHXBN2}XH1-k*=ISH!^wMVVRow<m=;cs`2B1V+OD4(mMutvH_uEHaNNi<=tM_=|31
zjucksl}h{hu&~ujvSy$RyFOu~QsS>2Ib9d81~0}|z9j;Cm1Ypf&US=wJAU33qMHsx
zzR@xx=YC}^cv$b5wXvA^Nt1m0FV*}`KFmuftXA=VBi&mkT7^i@nn2}M>Z_m1h>1uc
zFeSg~;){jI_g9+w3!Zu_YD&r6(e!;I^bQyR;d31NV8(*IOe7dxOaloSDUn2{QW20i
zLBj<$Az!8h($arwEB-l~e81CJU^Gl@E=^WzQ`Ezl6R$WT?XTHd!dwL8=w(JC1>UH;
z8>F3DZF2IU6naiUgdp_oUC6EW_&~VHF%F=)Q<cc$#w3UkBVExB<<I}vKb||$wwpK1
zf3ZF}{X>K8U#&P$6tmbd-zzr4c$)JTe8x(JNem#p@g>?_0__)Y#I^Gq4<6{$wHEOD
zVXDALY!*?aJA-{jc%d)i%6$Jt3|VhY&`Z_l`K&SuH(pGZ9TZ(VF((cZuvvy2Y{3)k
zqKNdPRDbiP<XOG!LsD|1`18qvh-DPQIB7x0zRC)oK5+_B5EZ(S`=yNQXTpqQSUZOh
z@dfBJ^P<(PywOl<oaF&|xM#%tK>J2%8bSa9@(R&zWMqz&stI2bBY=;`z8o`ln2woy
zu)TvTMi3$O<t|u!aEBQcw4scr$+CR}$9$=4)4M2e$sc0COUNfL_SqU(;cbL(+?c~<
zfh8$5AtYa~kx{MdPL(8WybK=@&ZX^#Lj6<xw_=*&^^i@hPk<8_X+QtM#CMAQrQ(!h
zFhTEJfIBFA!^#kw2cp6D!MLKO;K{l^uLhbRVF&jC6(04kGfK`-cfpv??CgxW18G<h
z<{p2Ukd6WNz6e_$d$Dz{fNz7xLba_)+Kd!5gEz>ZEI$X8O^HV<TD>8sd4*}~5E@2Y
zDOS@6h#+=COur{!R`yH-JbrYJ&#`!0g;0{2PpC}1F-&fyVD&ewGnNtK=?g=|H$fNd
z>8D|0SKQB!_WH22<B$b)S}#AUW_2tirdwUuxs`&y`;gEa&3$s=6dDBHg$#f1w)O<W
z*9pq=Fb6@MV7zN$cp-q`!uM?K3VXB#pvRD-^RBD|eu|{c_P2QlO|$rd1mg)~qv^@N
z93vx?b9orxP?V!?#pt^#JoH4LlE}309U|2G6ga)+xvb!)^8@BsLj{|{SHdU@ry=D8
zDf>O7QP2Mpd?I<uX=dZqcEBlu&DTT?)3xu<d1tLOh>hG!_KZLA>s39NTDf8yatsoc
z#GhzC_c2$R2~?Y2wAmOZSJ)UY>8S2(4&%CUF8V?DtX6-Z`o%(==9UUOJ21iq-sVkY
zIemF34HTT_eH*eSQWWhT?T8U?EW~9id|*#(Wnj85!OH$YlvEhN?_)sy>Qt(gp1lc=
zTG~hW=8pTaEkt7?2Faj8t^aFtAdSr8(hh49@h)K;&%4=q&ADj-Jt?djq2G4os_w73
z6r&-P%c};<`*j*|)lM-71uI{L_6K(EOPumj;Wp!Ln9x-9ZSHC10CA^9jH<KS-dr^G
zxRN-pfTTT%<1fAcrSVyHfuvGL)9iFB7KeGV;XRD~-lsczfx4~G-6m4RwJXL&f^K2p
zIKwX>E4uj-{lK<``2>^8b%k(%y)BJ$V{T!A6?FNZ10=#6QEcrMS{K-w?SRdFPf1gO
zlJ0zXSC>sY*(mYKi20u$cqx?zr*bSKc4289e}XzUe5^Jtq~H)Z4e{K+&1g^DDMf;*
z;R(6=LTHy+!Mb4ARQwf<B}b?J{sn6FD4FR)b~G(3;pFb?nO4IfWbui_TDu+V5>-EY
z+SOeTn&RVe@9Af=8!V_MH76|e9J?QRxYZS|qCE@j_EU>6ifV(R%bYktDY^DZkIcG+
z_pthtoKO*Dcr7TCN(aAigmZH-ABsEnCrpc_{&%0<-!NT{kBJro`?+|e%zjliwX!Ae
z-G~xFSLI#x#X>1023}D;G^?}nHMHbK9&cyNAUGaH?abJ$@r;N|YiPz<?tXfDkyrT(
z`fhL~r3<<$S~0fVB7JV^@YCR3-fyqXB=x8n|99eTy+-KjU(=@OX8D})LuC`!1G*)1
zGz#6@;p)lAp{MI|Q?=9WsA*fwAX;%Cqgqq+3sb(L5<5jk*-73RTT6{5?T)P<K7$g!
z=o*RD!s@y}U#So_+2Lz%)Y+V{!I)I{aDe?WH8od48ky2Px7gA#=Sl2d!&gI)O&2ZW
zt0XXZ#ud}`BC6VuTE8N_nZk*Oo6e<B=cE_x=`7}|{uv}3)hfc)d(=H!$Um@D{DYKb
z!xkoC+*~g`%&_=$L+hI)5QCUFCg!iF$xnYX)<C0P99SJbGA4%bZnUHC!+`Kw?G(c~
z_!UM@etMDj4>&aWZyV+|GX#7xV0Nm8dNPbvJ0x^?@|s(8h9M>U@lHnkUnmwQNAs^-
z{$_}c?ib{@N>S2SNzuVNGb6ILhR_vN8NPCsp<ju=Lag8<aak}hJ}ijq-=Noj9tlRy
z*Nem?54}t<^a6$UAq0Kd&UoD#NkxTPRUX=}Z+NjM(L)+G{Qj9f@A)+M@Z)3iRor*!
zruLtEdup5HgJTDlM~TZnc!IJm1+I2R>FFjVB8gZ_<ds8B7sP7T5g|W?<YVIYDLFk9
zpTbvbv!+%J@Gxl4IoMHFVu>(5=>8~i$xqg?&OQ2N%#Z%12QzZrf!P4M(9cqti$d?j
zYYxg9b}e8hFrzapzkBa&t#7#`8qu6Z69NlwDg&j`k#BLE{o1h4+A%}a>;`hY2yY|`
z69O;I2Su;g=ABSV`Umr>G@Cro8pYV(`08xHnXJZ_Ok+>T9bAM)l-%+kVqspA@4qWU
z3&YT(xZMJeQVWH6AkSt=W#RpiI##Op%6gcKXdX>5tQA2!Xd4)({mI}jRs~@c$P(Ax
zjAjCnwd3mJ(Dboc=xqEVYyokx=jweps)1+d7?r+a(Ucj1g{;PS7A0b}Ht*1tyQA$-
zeBp|VxbvqE)utTLsU-a8Cj-sYv0MBkj4>plwqb?RVhS`uM?=rT-hC(zlUZ@KNK_Hb
zjrBeBpoO11!x+~|bCAu^!5zPi4OaeT)nVH32Dw~%*=)Ch(*c=b!nhd_@Qvd58ZAgn
zF`#Kd$tY>JL*;g+fh(9D8*?pg7C_D-I#Wu-xf1F<lc9HYLAM(|+`f4cj1z|wSvSHB
zXDxYH*TKm-3mc}h0+D1s3#B1KR5S}=W!1f8t1<pmK6tUF5+V%KJc+Afvm1bG@iI@W
zIm$5QAtVy)_R5-ueUdLmB~mzEGeZ+8d)T7%l<hz{?ECiJHH27JL(31tXIbx{2NB}L
zi%OuH8rehHePhuom@Pc_Pn6*mPb_Kg3~#_|aoBuVnsL`76a*p!-wFEy4;#pc2WI3a
zHaI}(su=e6aMyG~!?tK@!<6tKo(W62fuR~n7e2tf#n5~U)dfFHX7ShJY_ugm!68Vd
z)I*AwOjqlz$f8`aPn^4liPR`37l>D@bV3olahI))HB1>LEb&)k$Y4C_!`yNz4BV8W
zns-<F1Ao~V)2!)jbRRQD=@9QCwm`!j_Y(VCUz*VZ(4yVcNF?^K_nH!N%R!5)bdo<F
zCKYZf2)GgIf-ODiX%Eo06dceC4FG8DRdoe^;8nQ|rG~QScB>X`B|@^W>wMVSca9$K
z;wP7FifLB^U(gu+)wyAlk{Bi8w1dO8=QkO{aZwifJJ{ObpC}%5;tzi|mnW>JP|>5Y
z5;ki08kS~N>nrL!DBv5dkzDp5i<}{2%FNsiGT};1dF8sGqtRWOwHjvgN+3mth6$-s
zNqjp<`~@(IZr=QIFto~n#0^G{fIDydkx`w?zU=KB4%}(3M>Z#+FxfoW;PKvYay$(<
zmKUhLLMKRg@Gh3f(@(>Z5bX{TFX3Mp-njhQGz&F{e~7-pICk6wD&AjKD-Pv>zoO8!
zsk!~}oG3dyq3!&?{CJ&4dT!@ChRXIXCnoF$Tb-{4H)iyLG6cGCbgsSe?Yo~azJxW1
zXq}n;9!4uXPEsIlCUm|c&9|#}Yo_<oJ=Wk}UgIG|^c*mWE}$9js49@R;@MMYayeAo
z4h5}M!aOoLWw&M&ie2EWRI|7R6)L3C<umRCiw(2WhXE)9f9aVWS74T2PT5?Zd{efN
z3v3LN7*9K$Z+ppPQN~$O^Ty%Q^x(m@X@Q4!K{hxyACL1}clQMLg8i3C5=s6P>{A%i
zc6d#ONwt0gp7-l=`QtS>`|Gv;ou-AI{1q7D`F=yH_BNrj^WQh^yqD$@R#rw7FySt7
zkcQ6>^x9gLyQr4V46vqu$HMpWfKgZYBbVE5m~M8+3NPJ3YPifnDGH(TPgQodC#oE7
zX8)K2`;@>;ba@D4L4gu8;RCIvnQTGYA%vvKFMMaS9=+m9KcYu}N-0l?4<GJ9OnBCy
zs5DL-*>@D#IOI<=A@w6K_vK2$9G}OBsrHZm2zz{?h<&FIb-$JIjsJ6ZytSV*gT9Ru
zvD+jjf98mx2jPrFjWq?P77N4v&jZI^gTV9%#J(<5miLA&t|xl5C`;(b>RyC@E&lU1
zBf+z?f4Db#_4fd#u9G3Esx^Gy>$GvJDN*ULL3;?zcfh;&<bdfI8Yk*(K<>8*zu!2k
zaI43@f5^GN6UkMFooH!1Tt^O)8_+bt2lm%3`^J+1SCga(DY#rl@ae_fBTMTVoLrs4
zMEu&t;RD)7U9V4EPBdyvhC5lQxd&dn05btcJ)fuE{mpK_(nBe-zKLN3J~OQI%qyCo
z-#d0C-#2jjMgwDvf?+7oLB*?xh-Jfie!5pUdbxjBka<peJO>y=>P(6!!Ixt$oRvW8
z$UaZcWV`w911!}T1e5SHB!2g;z<AE0^GvZvT!~op@<ubUs?8T-PwVZ}^g+A%e)~>N
zJWe%h;bGF0#d_PXo^Ds5#r^avDqJ~l9=jfX>~`A<B<yiZbQgK~0ikb(sFw%F1}fh1
zo6{OmUmhvh&mImYo>sgip07BFog)|MMo=?77o<cn9F{Z9Cm~5JPs9U`Z~UGvTd?K&
z&r{yNlMHCa(~%;1$F3ho7{mfi{nuYDt3v|y@b49wh`1Kq<5|y$J-;X_k$@QMth=9F
z<3@c78`z3BUvT}{TsXttXf;e|ssn$kzvX;A@^$t$9Km4)BVlaD9baQsLFQWfeXAsY
zpMiBgkFva!uG+_i84hlFJny6#LSBRU0jayxZYYU_NA})ewO(h3J3PmKNAz?_^@z+^
z$o5=`Z~B{(FRr=FAM*`L?yY-%4iUQc^XmHgqg?fP@?Vir7^XZ8>cv#pwILzg!lARq
z`PBrM7Z(prAl%*E{qE0HB0PpTV^CF9-CaZ8Jq=5GpgUneX_G^K2}F63DTfk}x#JSc
z_A%YOV0LlBbUe1#oOU0;DPaa+;F)Ge<-*}rxpw}Y=PuZ^>-u44o2jnc;U61m1YK*i
zNe^W5b!>TQ4P)*|jkwKTOUjrhPV2Bw9J}`QU14&ByGKKmdaRaZY!eQmJae7mUKzQk
ztWq5D&ey|oyUwuErg5f5C=f70Tsvqxf~Y$7OBee*u<T{2Qsd`d(etv~2S}5hY7AWV
z+soQuoU+N1oRNmjxnH4-<o94eKvN1qvbiNhy&*&Cbx`Vxilw(?CXux9@uI&ssy;j-
z-$!_+%MZPk4}zpVDvz(0$`^D~yR~3vq>T@}&Zhqedgmh>^%JVkIkSruzr0U#|K$(x
z7pj;<g(Gl5HdlHdzZ$M-iNnFraJCO}UGTOk!a(XTC%m)%kq5VXd#`;?6c*&<zsGgS
zB{bVo2ebKL1OH|LbLV%!s?PZnvpXF;D_2fI;^>p(-IsfK-_8ZdOxhV-nF=&rd>ucj
zKsadEEBLWVDY4EBdyQZ&7t3Bf>NKHVmpb;#0qL?ZrUh;3Xx&<QTD%xXdz>%lROz%p
z*s@G#nhB=Ntu}u@FpHO&6c}+HoeVXu>rdkMD}Z#l-fNzYm*DEr^YKpJA{i&2ZmEy8
zO*mGTsRm9+Gj(9`cg$Jrz9(J(tqk7W)NPyU=T4tGG!jSw>V<b+V}p2EKXcnLPBb07
zG1k`D{>IV~ztos5e~oi96CZT5YOO&OcN==4^3rtGH?2l<vpS*v(Zf+A#5_S~5|*lG
z4Xra5JLLoe-^o||Q4kw>wB68cW86v3)`$QN@4JyM@3Ig%yjbYdwZ6mj>Uyhk{}E{&
zWt-R0<+39pYJJ>9U7b?>Rx#u&M3tLI|KlIidUT3HT`h75ebiJk2c6Sx9r8@7Pul$s
zGs8U7)%sjJIjNPAq}Yb>vhUv9H|@RTc*Rp`Z4M>+>fNk`F10D(ap_6`pgMMcuc@q*
zZ3_om@UQM6eA3X+$W6!z{<=%sAO(`jg8*_ALCiG<wiorfJ?#+jjKJF}<A~0D;s709
zdBg}rVLgle#MLkv^4%vQuYBklaGY1{#cYRT+XtE_LA$@ZRLSx0))RhkahH3L8VJwn
zTVz225cAuFEZ>41hK<{HyWTP5Q*7Oy4-W2opmtKAsO}R96R@iI%Zh;qSwD9lWQptq
zhUBrO$9p$4IWsTn0lEf}N&v>1Mzq;|zEH2fx$sGdD4TFA9kNu;Cxl+nU6By3?aSId
z2(eSX{^(N;spO)k`mIwC_zP1$WR@tPTfM#2W<26}WgmYT)m{i+V7;C)Pzs=X<h<?B
zz2MoV6@Xd3g5>SAZpBvg6yCV75L6-h__{|E;ElI2&K5`UTW;>ausjDY8<IR{q<6pH
zA-(=4Ft1YVpKB)lqwfD`DyqNxsbYXWLPOyGm`i{#GyYKSmg^l+0#M98G_58!*6$fX
zycOH^+fLH#)8}n}cJkiA+y8TRt-o}R`^JoTdCh6NjB)7w@d>xsJyM)1mIV5<3I+j)
zvswe3-oretG_-h;`TgX?0|;RO84IGakiDN!xJ_fi&)n`u9;83e1h|m{scQs&T*4Aa
z=N=EraRgTO$aXAZ7LgJ}{tYUh6EJKbHdt2C^Xx}O0Vr&sB$x0F8;VpAa9su?rsPIc
zDR^I_;K*JAwSY(w`f2d<@BeA{^Re4ONEo`}E~JGog3P%9`ZC?G-rdN-Q<{3sU+7#>
z7<Qd?U>#zm-Q&6a_aLRv-ftwDqD2Pyr^ZJJm4yyO)hQ2?D@zOY5f9mj+n3)2<M0h4
z^Lu2@YWl3^X1#}h_<bVo;huOSiPG4b-ih5e03gr~3x?Z11mw*u`QLZ>z<`t_sQCs~
z%_t_l(L=cr*A4O}xOK=wI!=9KhiJKd#Aivo{QyNfrr3v^v`-3`C4u^{mJY)InF7Rw
zn4gY70i#i_cjMY`elx2(>=QHD&W>99hgXz<igdk;@Xn--9Yyu+=VY|r12_!KY@kXp
zDf{2(UL)#!Vp`N)<07%0?~{BC9k7Go9fw~rz60elV_F@TD@OnD$0kX@_j47>WhKu?
zt4)+Mv3|gH*8NcWrwiF0>cbt@Dp5hzF8UzOK^)%g&1j}K*V~(39H7kq9r65HSm4vV
ziv$;V{flDXS#roTlS<t353(754>g<#E4^<_-5ziHFCUJ^e)jS9fKm5Dt8U(2%>8!q
zk9KrqX2_shy2Se_f+bMyi0D7#?fpgavrNBu^6R;G6o89)nhgf#56f_!`KqN3Ky$Ld
zDXdx{*v<v|yW!Rp<y!GqhItfQPHB8vgBbAfH-gSS0fxsbbPfP#l<JN+%Q&Bq=awsB
zBi&#0F)<={5p@w%P5b@UBP1lP&;Z&hQK?Ayr$4+G+A5Gsmo2-AG+cizzm8vs-w~Hr
zwHfD?<3J$r5bbf4$@wnw>@|sYrjAt|(QP@Nt``cLmI4O=)uMYhdy;r8Kr6*Z`Sqj(
z-&(EU$0ZPi-)$OoU98BC4M)c00B>atFHnXmda>wq*vI!sK&teA_G92R+|Qos<|q|L
zHz7nBrTXQTCTiF((z0J}GW|?KK4zm69Gbh54;$<_m)&BduZn}M{ABnA<Lx+T79vr6
zz_YK+bg{YNAVzF!;%!xTWZB)?Rt|Th6p1Q^g498Qn6~4B2d>7@yA207sVZwcEhPhD
z^qc>HU3bhl1D?n6g{)h!r84olj7Mrb>w$^a8r}@Rjz-eOQ)|8?;gNl4Ro!H`<i<dI
zEIYD!er%M*g(1d+agelx>Oqmw6hr=B>$D~-xJ@&2)WC55m5o&PNS>eS>wuy>c+S}_
z?2PgU7K)M7)KHc8F;OD8S4adgEi?AW%D?fgl$g^JahRN`n^6HQj97MO`5dgFyVA>7
z$H-7FrvIO6x0}QTB&2Aql4c<)jz&${h|aCJyu?wS<X|)hfHgA@0ah4y=e2-}O3<$t
zQ&uKYLYeaUR&V<M#8?*Ze<C#}C58&h#~PTsQRv!IPy~k!b%&;)6D_O;ao%%%&$jRv
zim$&HgKm{vt<DQSZ#PZN%DLDZ5A)7rNdZV&Qd@Ro5i-N%fj7ZWnOMTGt^M))*Wepe
zd`Xca8%II2Tqw93&D*xlN`*x=`r=CCK;Op)@ke)dp??kRVbo8ykOT&a7JQDs4pgJl
z!jam27b6sUWHZ9v8RW@)71r&}TBgyb#lemH-JET))r=YKrU<I^E5+smxkJ2^Fde;O
z5JfG&4eyE%j506%Y<I#=fxHZxYi8w(_@9a^msVJL7vKP~N>hv?DV@RnJ|;IzOATU=
zTRCLYD~dx2!LMCp%Bl0SqV#6aSf;MSyHNLkQs52JZ*&F%s8>3u4-BXxIn3C%ay$<g
zKk6_|?kc&1YY$|NsaB*07yJF|m7;xD`Geg`oX}U8VPhw8qHcOCUc1Q7WtTx%s{T+E
zhT%_=9f_j{soJy>L%T{3Is5NEYn-SUDR^D?U8c>{r{+81ok67xhem|Hko2#Ghwbr=
zP<LXx*CF|jr$d3gkpuhyt-}x%Q&Gngz1rtE+Liyw(Qia~R+g5xcfmiz^P-|6LPo~g
zTnj-lF|ZsupdY2$S8Uf#h*KdcV*um_*-}U@nQwGPeU_X>CGB92UZ@2zf*}bs7Av;Y
z-o<{!)JT4?>83nLBL{Xyk}{&HrHHK-OveMQq%^|$MZGmce;_W$BvD^P)B}jNm11@m
zQpdz%t+=T0!IOkZ1h^Ns+tMOd0ynF&RB3%0QA-|(zVR>OfldpC_3$aK0@MIDT3Bwi
zU&0?QSz*AG)Mr`h#1s;-wVH3qp_+Nd&xSI-XitY$2~5=3%c(vWGxXw0Xn392_ljNy
ze13`UaBh4<r=-Atlzdu&=&S^w2Phe3u>NZbIB6i0Q&NNq=Lk79IY;nu2EWeEtR(kb
zX>r=bkU8lC?ddw>G7k{!CFagb>uh9*;5F*J8)D_(-Dv*!`#^kgQXv~2O}`HNc{C-G
zrT!P>JwRqv-X!Y9mX2tZq=HU!1LLRRJw2&UKa+io2O(i{Ahk@#B`sGqRFjQD|6pBj
z3(-&RZOJEJkOVeo3JlTe>E&yfHu_b6_TMlF4#ZV{%ep&O^j}~92iCHn{}XbdsWCMF
z4OjmOfW%%)#NYkr|Nl?_-_AfU7SXJJOk#HQ?W*xa!p1z%2#2Y550nf#eP2-gbN<uM
zi4DGqz5Ypp-bm0b{y`((J87fV&OXkWpZ2LDM?b;+3(CSjz%*4X71S>sRGVhb<Amnp
z^^?!Rvr`(clc|u&$pJEq$GOfi80p?_)@VW*1RM@8q%wvv{e5{+Kdy6NsI2bA&}zrG
z`!P;h)!csg{n{qj`wg$v$A**m)8!YK{#OEU<&JsZ>q?v`;eoY}rTk%sBZj)IRp1B%
zxG_0-Z;k!>GVjHXMi_`GP`c}>0jNVyxqa5P)s|9p*gS~lO$PX}9uF|n8L!QjcD$Jy
zDfy&i*tfe{9E)exkx}xsUSuiy<@NMZCL>Z3g<OB9VgA;}R|U+p8LP&j(SkS*y`$&e
zsVAcZn^iQz-shqAWS1Q&u`PJ*<L7fwDTu`j_BE{<iLnv)JaML?M;>Sg%m>r?UA{EW
zwW;Bc@$!AML0^Tn(ztTl3lt_VOcJ@=FxS|KuA{`nrBzs=7sd96YOoXryqHlDTv(y^
zVIrx+Jg8UGNRm7miS*B=rb2R9JR~vyMDDzO!@j7lkWdo=!G59IbpN&X4qqU=L?*`z
z-`F&NcIfo%m!3U7hwEBKwHg6d;~zD%qZ48q>RN_j)))t!jJq8+l#4IQr{T><t3dX>
zJn-T*1#h#i6qfomzZU(w%N!@wHzgMQ>N+|7Q|tr2nG0u5xf#vArwNZt4$onp{h-#p
zcYE(`C-q!My{qtz5x(*b6=r)apvy*pP4AM@e}&(KU|M{sW%4<O+?h46&VvS>b~SQd
zog(8qEjW!%R+qyT@5I4#w<)c_V8@O2a~~4h^JM$72Fdlcqwec+rmn3FNX>Phn>R?W
zqoM9waf<_EaY=Zu35}qu2c&I@E^jkQ2>C@Fv}ovD$1o|9G*E?P_IDSaH3maprWnRv
z4Z&6jlUJ<K6tz|lzG-o$Qr>C~>y5TDlU+SfKGD|)o2`V59G5gas=I(<@WZ1;txA!W
zhmSc9_gPdO+eTbj467(Orr}*iEiBM1x$MwMSg~fCJ8F;!Fw@*(=_IO==g)yQz#Ehj
z4~(y&MC^P(d&A&AMRBo0GHfCx!wAOve04x*7ReMOZq_e3AtbAcD5aI^p{GlA*5M)&
z65XAYHW0Zbv@-f>F;h>PX1f?sy$eMXaQ6KAJlGW1{Xo;8G4#k}B&MjLzt1%S{AC-~
zimgp5qL9`h08!)uVqnAOG@^IKHsYsFNK-9iL?qBv>r6%MH6VXurl<<FJhM=L7wQ5M
z5d&LWK~FpQKYt!qyG%(IPwOCMCB+NGAQbedo>09JO{fL6sxaKBL3K2FiHQdgcdNwQ
z>cAsU4Qo$W6?v#qD>i0LIEdKi5Wu~`;4f)}d^>{s`yqQ~DF;c12>+SL5;nG?9;f{1
z5hBf3e+5$kQxzT{?v{xv)#1=Xo3}K8R7Hs1)mnrqmD0NB*?n78YSshG=rHsVVCaS;
z{UaI0@Oea|X2UCM<`4p8#CC~QA$oz@nD#N<nivK)cj0^bo>{|1i<rm)6Ia=J@I695
zkHeP|Q`7d%MMOjjm9^kPJfjz8V0pFQMRQmGoeh0T)lNRH{ba?ewY~>$g@_mQg4}Qu
z0fUaVnj>Ft=g4x66N?ziO9mvXLg|0u8gxvS43(D*$v1;*0+S$Sjys*;C=R;Kp(cln
zjuO^i2|C-7LEq^haZ<t^l$0Ui=SxVKqLoKEDXPuIRGo7a(A!Zm6HnHjh{;q4&wYJr
zw#|l)RR9L#2Rx^nAZndVS$OT(akXc%rt}_*)z+upz=sBjxXCe7pTv_*kMrvK0zP?~
zd-vr;1EvYs8w8Ayfwg|BCDEP895Jj}e^u!hRhtEmtAt#mrMU<K>oOwZAPqBBtZ2To
zi$RNSxMdVNE1%qD@){+By}Y5XKAx-6C;c#T`J*y;v6!ZWYHf9g!xKQtqr_g`7r14+
zeYok<FU97@TW%ikY7C3(RB~i{o}^tCOBF|3cS{~g+~*cr_YodjKT}E_KmUP}!U&as
zf;6t1=yC(X-`TGvyi_?mSbg6IQ8Egyc8xk8M*VM2<A4`igArLCcsFkr4_aMs<b7Ut
zyEL(Uap>DGttMy6MW@qXZleK*`<)2*fu?&DtL;t@%}dyIZqKx`9rsk79;T`qN3NW$
zc4+LhW*N?tt9AB7VVn2pIk=tR*8-pT{MxzE*!HXi%Ex>8rais9negPfP4V%rEe*J)
z5IZAD7~fa`EH;bceazbf3CFD=<KGT1V!RI%WTPBqyA~Ni*12s6Em_Axhj(%wXG_Ym
zV_rZtK3DOnCF(_b_oQ}hk500#7sF{aUpNx=wjLkV?!TFQksqq}(tqOzK%wAzoIO8s
zx<9~pn1`aLEV+?pxfA&L3>>Cc>Bo8dn-AyiWX2Qaqo-rH7#>PM)Rqt;3HTe~3O~{I
z0<PW=*pu1w#_$6Bj`gC?3ECh8<QLp?bqFrEcTnrv8Z|$^<Y+bBex;N<fQA7A0M+ks
z^tK<c4E$Q5?SI%BN7)JmUGe;$#}pV7uqZjK6wsjSGk00xhHc{k;f{RF^66|aP`WJ`
z_5)Au1ifqu<^y!?4R~{y?&qJauWx;lv@gidpVdIl;(YP$8rD=F7ZC!_=B;nl5{@ga
z<c(_nK^S&#EUC-v1=>}@>z*yU<v4bO7sDDiH+nS(0h#-Yc;QeSU$7iAGr~5d*cVFB
zb*nMsn_HT<!#$2CztQ5i>wZ~s@Q1#adhKa`1Lb%*l0><hwVs>r=DYR`tC8#@mflO*
zGjv{&H(vP@%<$e|cXR8;dAVaIQs@Wad^s@KNq%C(_&HH5$NHe&+xK9mksldfQxNRV
z_|pu&D#Q*Y9zV7|bt^&A=?A+K^n^5pPpvk6(>3=z-#)ONj;i|Mp5!gB8nC_&l>ZgA
zjV5?lc9~2k8W)_~NDohRtvN`@?T+%5SK85(?fkOaba)oSTyTV($nnRAc;2Y}?gNv|
z<^^XTpfn+k8wvLR6YW8SUBN%(tk6v4S%!hF2FL&N4yAzZ{B{TkZ}Z8_Wb1|as`D0l
z5~tvtx77D!Y^fnQ0QE-{@0r^4L4ZP82|u`<sHuxV=LeN5YN*<@`aQ;MW9+WCAB2nh
zXLXIKtl}H^`%8ffTL-~#=MQ@4+lu6e@5n+rnuUnNPKB0rfcfTt$II-{s-I{$!(^}!
z2-0WOy2X}eXzB4W@oUTXU=WsNg!Ov7uMYcOje?J1YDMb*ISU{Ns|FCKlhcF2_MH|j
z991@hORq{>(~leV_nhUScGDe)8Wt@bl^u6whYO17Ek|HyfbpncLTNJr^7%^h<HO$h
zx5Z}IvH1s13JU(PJ$@Hx5+A_u^4R`hnS$MTy=G)?{)h!-&Z)_n3!U#3dXwSUaE%l}
zc*-XL3%d58YNhsOh&RTI4uU|=t<Y^w@8xi><~EWa_TcO(uaFj}7(v}|=>Y%b@)H98
zr4{;|9k*}tHOb+z#y@_jXMXQ?rMh2oft=Q(0hg`dyr~%RDoY{3_gcU669&d8`YX7H
zwt84&Vukp;^B}tjdoiVIq(KFm$#?;oHw!tcwq5SU=#_}}`xztsE<PG@q|#S8D4GwL
zj(Rm>#qSFjdf%@1+qW6hSyrdkc5KIS&KQT$&yPnH>^h(P4m#_5md}G;Mn*?F?F6}P
z@k(NP&kVOZVyH~AZg15f0zc64nRe)lXRywr`nfY`$F6#y^t}GIVOQ8Aj&?Y~+ifov
z@J3Yq;`(7L1$O?<RU&a#dt1#j`!LJj=_F6896YKgaX!^9=W&REz1e6jK(0)vRgt>)
z_)J~*`YAUHCFUUuDY&^y)q1x_aWiBe`{G{%2+gk((|o)E)aDbyYjozu>L^brw*Qpn
zUa!nxnKcntF4L9+nvYyx7KXquUypEJPRlq&*=l9H;U?Z&Qqo`VhFXuSAQU|*{2gon
z@d^_aN^J{~_dA~yc8op2k5O}Mr~}87!CidFbU1}K6Xx_n#PNp3p=~UKM6|<Ut&2VT
zPca&^ey0sD`^V0VJR-VS#iJW_ST)<neUCcNMg>YRI!jKSuR>hxbeo|G&oTY33cP_c
ze#Ikn3X=mx7SMGFceM>~n2_V(YH}d5+nh0e+ywrycY^Pa*N*1|9QzHkj79Jnp+uh)
zNjfvYz`piN=0Yi^Xk>xcIRO--1nVAd61R~)of2L%%74$|2wSKiQ<`NQE=_PgZ1uc1
z8fVq22kRC7)Y|?G({64n9c3TFUz;+{clBOU8$~?V9n8&VHD)tz>n6lGGpW3g6k=^E
zclQ9`7iaz<$Jn|tJ6@fSemykmZjG3EL!#^Yn&k1gP<r!TrG+VQEYF*27bH;SYDJP=
z+>{JTPE)B4!(;3P&bG+?^@js9e<jnfA>E*gR#^Wep3&z+F=nEksFMu}>jHb+%L1)g
zfDu`RvJ(};mpeB4Y7DOxs%5&F_>U`lq%>P|Z6*z{?S*`o?H{zhO?*yA;CTTCV|QH`
z_|g&*ixUf7mZdPps|5-&;%ViIm-n(o?Grh1?QfUb)sL57%Oa(x+#p95m<@KrYAV5q
z1a<*xXz`fZ$mi7Y*Wblf<}Ef_R8>UR2ho}A!uE?o$5z53dZ556HG)jhI0G|v$3Zw^
zI{;IlJK$qt*9!|-{Qf)c{ohO`oMGROG#9xTA?xWdOg{faW$}dTW>sdGxu%3}K;Ijz
z>2c>i@dIq5w^AP8`G;$+OG2d|)|=|y=XueNvpA4anC2K^yHg(F#C?jO*j;hY&jn4z
zu&^gOUkV<DHrc6wgN@d529xrOf5rX5Tg~c0B*^*xc~v!(hoo1n_7~G_T2i|pMDrA9
z6`qaTiAlJSDUpj#hHj~hJyx{0)-auCI*ibk(uT#H_&&9ZGJ_qI3{^h}3m5Mu8GpEM
zIllJgDrHu44Nj`3{Al=BSulMu*la*qa)sjno5C(2_dBq_o3>=C3k~7tpz8MdjUipQ
zs<`9yO9hJc+}zxG8h_L@>^`gphqc@m0~b0^H2R^29#6QQyUaiu`qBQ2IK7v43n2dX
zU70(i$6^9aHR!M`f+%QL@cFe=R&BmXb(~7GR0Z#kiZvX};NBQYS=nZyfF8QVq!Od7
zZzI)ZWybkz8%h6{xBcXEki;K^0J&=%m-gL()YP#ys2&xOhhwBn*NYwL0l1@Ytwp(|
z;mhkm3R9AMf%OPQ$We=1i1PDuuLe!jTV(Hw?0fWO`9PJF(hlO|`y2cDl>Rz75%m60
zoy^DyO-|mWzcnf8Q9=&GWM#ApW}@W799H1^l~;r>0#bl@#3GA#E%<4RVN_U%=OzM5
z5M*|v1syx^izM5C_K?lu)+3G^&~XYlc%USKCpi&W^mTTs(@DW+#n<8NFPjyWb5$33
z^Fiy|wvwn|2i3L)?Qc`?>^+NRv^Y^&1bBMcEnwy~hY@W8<e12riw$Pov@^WK&zmOi
zyt=d-;kXGjHhH1yh)haEAq533n3Y>E8mb<oDb!KXaXIr50@r4s1)yn~G$2SM%CvEy
z=k}k%2QYyJqQI>7jD!6N!K`Rt(LzTHEp{!>@z$Y#cbw96zV81&)O}-jrQ6bWY`bII
zwr$(CZLHWyr;~JS+w6|5j_r<Zzv;dAIcGmV;r+BetTFCUv*s+!x~^G;kjC%>lEX2u
zpw0|Z-Ik^Ibgvd<LBlLBbkbl}&A`vXZ(aU5rA_G~R;)HBY_+`}9hA4xe;Ph3eAS;F
zI?vW5t3w$1%WuGF^7_l;kd}(lAx~QT0s~UeDU1deRoGjIkzHZ!iDT_-2Mts+?`PK}
z7N@I}f&{GH8qHTA7~c=HLZ<KX1W_^LhL)I%d9~GF+&?4%k87}gPnlaf76_u6*O~yb
zy3qa;$F7N}_zg?(6K(|8^gYPCglNZ;^<?DYq6n317$H+->K%o(d~X6RiA3`{AuQLF
z3KiOuE=$Lm_{4Vrb7mKqZ|c&rjNpPU$|C|)e>fYFcnhL~KnJ!|ysQ{=hh0Bt$Ni-d
ztLmAk(&oE_44CkmgyKv)Do^yG0P%B8d+;Jk^xl;e7Ec*?PK^&j%@BXom;@Nnuy3YB
zHy6GL1zG;}Zpfpp7N2$S;It`PjG+ceuu8F`<*TG=Bo~2qDDmlPby&b0*my*3PoqCw
zbG8S3m<m#48L;Zzgk?+fuY!_~+<cS9igx5XYqp(%y5nzoi~(R#ClEbTlgxA93S4b5
za(q?_Fj!0o=`6MT+ZK&Y?%kji6dRG=`X(5EE$gZ1Mpl8R5{J=hA9WgF7z=5BCD5A=
z(tE=!aG?PQln0WWJ)ZF{hqHEQs12}LI(oo}IH+-zb57@Jrvk+iWVN0(LE$+Ao5#l&
zyHy?ZSefr=PJ+s83=s86lA0p)4P(t14HHf}0S!p(9#Bpx2nkIfabLCMHs=G0_01yN
z-6|UUiZGHAl5GG$dE9rqG}sA`@}wjUU7b*CmRsT{PkHJ(>N5*83mjiq7LCPgqdw<M
z4AYkiKXI7KP*7k|@w2E#*YbQ&_p3x8ajD@{ePitiEz5$!cfq5VQYZR3q~I#&@CdQJ
zPx^znX9_<22f^#gVqRs>FqL>QA#*LL9M_8?FD3dx1iiDtGNt!CFfi19>2N~KavD1c
zI#rjyD-@Mp1fEVKltM;K8D7w|{YFHViUmywobNK_rk#6h1-4*c(yzPKu6PoBSQ+ZN
z0#>xtY*bi4{Lh#Xwqb)d$o+heZx}0%?`Tk8ZcN5yW{4Ga3%h@o>1qQub*<>Ww?hz?
zeqY_Hv{DvVh_aLemr&fm{>e)_nhRy1yx&2Z^Bx)G7^>2GY^~^WiNya=2w!l{A0EO7
zhwDt-_xa`srlw(EcFg--0lFVPb};S8Xz8{m!;`KFHyyjlxqxn}B533n;PSRQ+(m<`
zYXJ-nrb2Wq?@sgi_~mdI3DK31xfLS?m&hz)xHrK`9gxBoL1CZ|bRs9vTZx=_YJKvN
z#6Anm$>hvn%*}3+YR-(r3pUG)X}DXw|JX_d`6B!zI5Ts^$qRoF!;$B@-|^_2fj~4{
z-HVrqzVxyt-Py>9inx&w38q3zd_<$>Z2E;?uUJCwSyNW>@M<Y{Q;krg>W-$)G7)_~
zy$<V}X1pDbhM|(r7k3|L#WWj<(<&9lVcCP{YVJO)py4Gf*@zDyf*;rXy6I@dzL($>
zp-z*vgoWSLji_39+PbV*BwFCVhd32bc2erb;WVlrP9zR9`w9K1$7&p44+1^OWqCmp
z6`&gFImHY_?is7wnT=N(_bR1TTdiwZg60VgCZmNqK%^NQERxw8hZimsSe{Wv$4U;9
zD(IymjjnyVTdX5fi%(Y)q3mpr%gg7R6ad{-7U&%%IjKF2#lW3Q&2=?^%@1IP4*}s&
z@q|8T*bS8=jl~N!A|qQG5yGtLPbG|23Pqyl(v8gJ1eMqlQz~?jIFIs}p>59@yWeu;
z3ROG3I(WD~4%wPY%*2cx9SA1~fE(f$XeMEh2!p8a;Dp)D=kH6c`2nc_ApsO+J~~rf
zmp8eqV>hy9h#=B_g;%MK9b2q)bqTxI#@mS}qwj+_uQXArr-Lx-r9r|)rJ8ObQ&#tl
zgh7Ov(P#KX^I=}Ob<~|GuG@SIO3%g=rZ|p?@Z+ZCa)3U7)WDsNyxh6=;7rZ)tUwYV
zZ-LmJ1pP5X{d<c4IIvhv^VSHdoTb==SR(&9n&^k?M$P!@X92SYP(WP8BKBsqmqCoo
z&kCQO7+M;q6U?yr2y`xs{wnIXOoo@m3q=B%zVw#<)4MCkjs|oa7k?zN)?PECdr;z{
z+%aMDE;|?(jRT>_aHhxVz}K9M?D2LTA+D#$?dB3+wco;M51>kVT(0D92(SMlhX=<Y
zCt8T6pLMYFIhob#aXXyAgA=#3rba?h5lOcAeASQvjE;`(u^oEJ7&EmEF6rm8l%abq
z!Y+uy8}>AKKOr+ewpJL!)tZY;oz=Rx?NTi;PuCj1G4CYe!;WDhyh<^)lCrIsvN*SR
zY(!{L0ZfH~*O%xo8vPE}G5{I$5Wo^;OlGFAL8YWB{|&7>SgeS$F_<v`6@$XtwydTv
z4<$gBn*+Yb6=mW2!NW5F_%{-&Gp<w`hYdA(+?~jzM$UG{6#qc#xX)Xh?x_{jz->C7
z=FKArYit`-!SBhQTTQx-0qLt>G-O!51CpXHoB_2KEY1&f1I!y}+Qbxw?%Ietu|#O%
zZeLbLH+p)-BouMI;qAMLG2nT)(0eJOYmGf<w5uAf4pCh@EeJN1c<}HZ?AQU*VD-Oq
zrVP1Ch&B71Q*0nfT&`(lC9V3u9~k^hip8m=3*e+r3*e_uL;Bg4qOG`$9dk9CjBdch
zR)x(aMx7>{pUB0VZrp>oy>W2aL($=sR<NXdj8!-=TSK!EbA1gYo6Q0Rto<#dGFn>C
zF&)yV_m-&foNj3BLo1H0V&T^h%CxDEJS-t6Hlt_FOcpvQoej-E1`WT^l;HJj>aSkL
zjAqVoCACX}(W*4W<P-e>sga1og}MAbs?6lw=RD^r^2*0UP~WzKFcKV#U5|h+q_Qp7
zFHdM4&~=iZuPBH8>6!c#iH%J{kWREG-EXPbua@%lPCxnM1t0V>`BPfk0#~OQ1}3}D
z@RUVOv({t%!>xv-q-jd(lk7}BNWq7;)lRB;tucBD-f_N}Ns)P9f|f3Sojf{ENLLzX
zgWF~5o30hLnwG<yWP2fuaa3tc4n2q1)w-w}YUh6`D*B{7y*5fr6)Zr&cO;2qehl`;
zyAw-@5j3RtA(xB{9k*=s|DuDeZE)p2_rDd6Q9w9WQs8@QAhyhc@6Q$^*d5y+yF?$W
z^S5AfUJ)7YgdfBA#lt&T4|HOg>Y2lOc5^C^4!uY<8SZ5Ky1$gb#*BOgEp@p#_fzSP
zeZxQA-;`*Uk(>&s2cwzw`Oyo96Mgjf;OcZo4yFTsH8Ub_{<Jf?!~_idFqf8Yfq(4T
z{&qff{k@Sn{!2!0840IZ#4efd{eb$ZQ;fK|Ih1mv&DAwcj!EC3Tqd^}Z}060+9Guv
z_eT6Y0bO5l*J{d5qyGnCX27ag8V3vd_6~McSx*m%cTB50+>UH}HT{XdeEZsM2+{P~
z8XQ~ItNDPbuWjAHdvh~;DP?J=u<HK){>&l?cu<fr|A~pne{kHx3wK9b-%mgjD+262
z$+~wc>G{Kn8R>-P#5D?xo73!IC7jWGUv|yoNL81IeFu#tVFnT`XhrSuF=YMG)&K<m
z_wXo~y7aL97YO#C`g&#r>QA_|wF9(EBXr;sFFk&T+`NsV()b5cmX8X|;Flu{{fzju
z$s~|{^3<_0q@Mt#1!mAYp710+M1Aw$&?Yj7HE7nr)CbP_90d_T{*gJe2<$b?Wm+1B
z;*^alM4+(ggw_snsH_=He+Za_<1b>6V>y^AHUh>LX|Ytvcf~;hO)%HbjyoZ!g%d7@
zSqm&`I8Vu^vWZ`x{sBt=`f&vLL*@ZWSfl$lTAEJ$iMyr~Q{5!~o3I4-r``-q*rxL@
z9#asD*k@kABBuQNA9m2+a4R&_Cr%6^=-l!b|KJ~Z)*|Xp$t<dHT;ks!K>dTvf(7o`
z|A!d$haWYG_6g!nqDiI4|N8?Je;8BHKqKq_2k)i&vjVClW`cizKwj`uEL5PR4zm9e
zt^`pyRsO6%h187y|9l|uQ!EM~QjdSwRe$TH_|FQ8B}aY#*}1<Fao|7LGLYo?UvTz+
zh+MMBpDXzPN3mz=qn{H9B+i_FF6c)8Ecdls`96(}9sazf$r+>Wsa6gg)OX_Evor&d
zH3W}%vNwIW#jFh>x^7DLA58>(fd5fLV*89$c+Z)rq7G<24ot$dGLW4M-?1Cs@T|Ae
zHjGF`PZUNKu=O3{RBq|DcV7PVFRs%F>oVca7I^X2neFRb@gj+C16FOfwfy-H!V{0E
z5*_i>{~WhT%Af{u&oVuEOG@$>c}P}PNw<~4PCdqW?NVQzXJz$fmiWuxFppl`NWW$R
zNiF!8L8%1C-%B-GdQ?+kKYnAYruQjY!iTOJhLt#omo%NzWKq^Qv{{5noNTWi-_zk9
z=*+tCRA~!qLNv`24bO)?h8e@%&GsnliWPK$is1#uVK8>ggi(hGVABB~<^r7vxTX|^
z-zlt{w0*ETSN!KpGS))Fd2Sb7dmGwVi8|_0ft*kq9$SVbz+l5*ieX<GETXiOx9`iA
zR9;b^7%xu*lq2vEW5XaHy8WzFAz~dyRGKNfY^`Es=jhXShU&3%SN$%$B{7yTgbRj9
zCrR8@LSs=!%P-MaXMA+nT_BTh+BNHTezHb>jU+?7F!S1v(XzDhR6>fh+J9h)bj5RW
zrl#V_rHv%sgI?fF*uNTwW&={`4T{}GH$7c{Ks6bZu^!vjE;t81*duhJ?{Uc8nDirR
zfggr$Mhu$XC-h2To$97jv9D;pN8V_~+Sr?Z>@QpXi*N`J2GM!R+{8}AWWn<*&Q{b`
zjD7qbBSIQ>yJ#3F3Z6*aH+Zkq@rrtZx^BJi4L=?dzXbK&Zk|zPyy+#pH-iZbZ-mNm
zHfmvE4G@@_1x3Xm-nbB<slwRV2-haY{d+rE&R9#!VvyLO35m>Ds2{0UObg>=Z7AMB
zt!T%;?w86MW6)CJ<5wz>8kIxW-$Q2SH?@_$$NN0y2hEdi_U7KdiAI0=cAa9+Q(@Ft
z1C%wrdx^Iqp+go;0f)h?%B|w3D-a>#pk1Re5IUr~Ve&Z)23%tL(%s`SP+UaqYuIdT
zSn;!FcsHd@hm6b9Xt*Ke!)SBiqJ32y?h7JPbRSZGGbTToRLMUBG4+wfAQ|mXhOpWK
zxM=U(EK6XJiG_wimAvvy(3pq;kf{R#b@aiS8qHU$6uN7=xl>%+AfN4Ip@dav=!Dh`
zbd<p+w*6|qru5|CyowFN;hX2~%{I}4#X0D-L>zNRTxjYkrQE*RskmR}B-K3r4wfVV
z`?gg4HD!}{nk`zrWYW&Kgp)mbGfTZ6`AQ5I8GtnBTyuzF8>b-Rr%m2y&T@M1zC<&c
zxB0+ktBtPwWl;{e=vpmb#i6Ilct2gkq9tFu&eO~42<2){?;Bl>G%RMQhMy!H!VvsW
z^$cb{5qZkaSngM$_rIvJe|#JSbr3LJCm@CT?GgfRY#opg#{HEi$eQRofN|@Knu-%t
z7g2xI1&OF+&Cdv8{RemC#GaWI1P>#8UY=$l2j)EY2lvBc>zPp#OF+F*J3XC<jnYB8
zBt`IrW|mFXM@Kzh`wmUo(#}|^M&V>B-^Yvl?C?Czt(MyH1`UXYXr}zxo>F&csEnRc
z)OQldZO684OKU+JC*bijeeQ+mNnscbcZsO{$PH10V$lsP4}Y4M{&)JYUZ7&!kj**!
zhzf4NWBpt0tjGD!wVYgig2AQ#kn=vbGxcX6hQ4(R4zwHDG)HPdim@aVuuVz3AmoHd
z@3TuU;m#eZ)XCmLy>FwftBBpSh?)|Rn@%{2#$E-+?-G0=WKzC`6fq@21J3mN$DMb~
z?v7eYu9ssQORHeNDFn_@neC?4ZF;)E(q<K?v1-EpuTb5rQRQf>?Z>;Q+QxdwmU<nx
zYsmegMsoXDnKx`OXE!r~bsUPtJ4mvo{}AO8z@AaCrh8=`IhHf+kX-Dcw@r-C+)klq
zo!U|m{dpEc6D}hG-HzQ>dU8a0c4pmpT&h~9*)G${b0WNvwhCC@{Q^d7A3|Vw0|gbG
zK-nuW)HH|^tlaIg>RF-4Zl^T*=y~%6`Y@2yG-*$Ctm)YYg09ps`Uu)k1uND@mr!gJ
zDEF!by8q)YV+n#mG+v^RW2i0aYVSD76F3YI$oS5B;M%Ez+PxNMDvHx(AA6zq3dwEf
zmU4?ZWm+R_emrUehtE3RV#aCgXRo4f5A+*nJYqdg3IE3Mk9OH26oKuUZ5^I|GSK?^
z@!uc=ENLhR%fKW(RaRgpR<JL!S;UzWEz#k*<zh{J*pB}$90+YCR50IC@9)M<5C3!F
zimqZ0RfjJ*x@}hWb;<IKIk`hW6AFT9>1WToG}EyX#DCHQ!(7xq3LQXpKl4T{VPO=k
zG1vH}2<CejjX-Av#d57PPH48p@+0MCrBx1!@pE;eN!z#3300Q|D9Q3mU@q0L$iHEO
ze?-s9N^a5<Ab(OA|H>E`6QJQNw~LC&1}3?hbYB&<@3`an^~6A9jDwK*C3+z%+hhW>
zlJ25~^J{8Urb3?L=3R8A%<@FM2a(748l^nux>x<Io(InyIvg?>SPZcDS6hhPnT<DF
zyIFTuF`FE4H}A8ZLU+3&jb)(d1^fX;brwh!#{DK4BZ&CgWJQn1QWEt4WH4}|AfVcw
zk*Evw8#JZcr6TmOA*o2(d?5;gP(K)qQjm89Ia4~mC}~=Vrlv8(9b)X}Fgtu(T4?a7
z<cV_-!Y#CE%aI$UPfUg4d+@N|W>?ZQFkEimb?%6$`P$c#vl;V?hoDXfQ2jW{jQSKu
zR@|z1jds<}{BVZ4X>8Ak{MDEer<HgolDD<mxBZ?*$)_LFB^+9vf5z;$vjPofvRkUi
z-eRu?eOrfl6XwhR&iNlV!_cYCrBtFqW2;4hFb5>vQjlRR${7@%6qg3oG&PR&W<FQM
z69*IJZ+sU^5=Rm2;B%mT5Kvcj;J;bFbh5h0lI0LEWtYW;7rQ9~c)GqovFvu``!P^|
zePws5jrjxvo3lg<NU!g((WB)+Njq#ucX3N^+hFSsl933BpctjSZz_)+AJPaZaN0}y
zZ;+pc`V8`9zMm5<JR=D!87W|hqiQFysGwd$AM^KRI!lzmax@QhPp)#V{4nzIbrd=&
z5f(@;P$>@4X!NAy$-OT){U-eQ?(b7AHtqNp{qFAUZv0^JGzJ5V^R;^>IHok>Meg)T
zLom8uX4Z4KPw-T#{~K-uJV8JWJe6GAmSV{OK?=B;hm}va2}sDjPcMKSAyY~ezl=+}
zS-%XEEOBfDCU6n6^bc?Qn>zHB>actnR$8LT=aV?}0VKUL;@I%uius+IOp-di{}}=y
zD%NGMj8iox217YmPRegl3RNf=qblT_^Xf)aGVHCFP)QWs{uY_q?Ut?Gd~S4=9O{!-
z4C9p9s{9~=M8P3W;h4yHq*~)23=y6EGEF)${=P#dQ+(Z6*Z;jDU}^rz9IQEBdV1PA
z0g^~P6!_eWac?!ECZt5I@`EiWOSll{7!=zPPsRg<4Y9iRh2K#efDWgvw?6YuRp_7!
z@f4Z92Zr`MC!X8`iE(KMB3YI^Y6nC^eCd{&z==mY>#o}??A8hK1=+tZ6}gaqPSGhh
zEVtzq3b8b@8Xt8)rx??Y0u(6Od*s)ZE9NhRtD!~GnyuJW->Dz<<nz=VSo78y(Bgg?
zmcD}K-aLd4%1RA9wa%S#v;Jx<b>rT)wF&7e`!W#=PgzqD-d>IHZNVFCR@B_2+xXtQ
z)U7t7^4E|}U?Zj${NElX$bp=3D>OA(_-8?$FDE!K86Y(cMF`m@>iO9`0@SHyS~UN?
zXistc0;U3(F0W2ejN&I2UTnm$qozo(A?$7VvUNz0VPKexbLkvDj5_)n*wSa)1sfY!
zZS0KCrl8@^_0+7XU-LUlv5L@(YS}o5180|-SAwZJA$(PEBPK)_r2baK78*3%V~Jk)
z%=i&0H=RDkn7AeDKtN>vuI;Q|{&^+)@e@P*=D_>yV$_^)GFnjXXAc-sd0|OWVp@L;
zELrly$3dH>1%&wWZz{5Lzm$hllUz`sW2v#N6|lgu3>NlWd*qQ9WKT5o#Mnl!qZHja
zao{DK71yW3elM7}uFIENQY9ysqO`;PbJGI-_9t<Y5BY)s!!V;qUdc&e_Gm21q>vJx
z7<!3f^@;f%TUmrwJY|iIyhjsL3eIw#_=dq6jgUpeOp2ODd;u=j)NXObtvf6>@dMv<
z@=9aq*gz~PN$A8r61|vuV3r5yb0CnL(7F_$$K+FUvLYoaZAZvQiFj!<!yuTGJP6{0
zd>@<EPJ-94#a_b@h+=Rm{+H*$|8r&lvn|mVwrK0-y#`WHWvJjeoT%Rju8@x)ypi1O
z$ugPM?;}z+BQwWrNs(B<pcH^WK-X)(t6vT5MEV{)ItJ&lbhV(IeNJ3(35Z0vU>}e^
zL@mdU4Ofxw7paINa}i3UH$1(bU#6|qo`5pqFcXyp3r5}9;#Ul|L+?<M?NTFPgQB+y
zL^FV4dQ$j%2Mu$PKkaj@=ofYGi7C0lU6!txr;-rmtkh-4#fiP|6~t&usRPf6mgI~Z
zVIW2gE#WCHp%Wz%?jRLWzp44!=63z;uO>+KiK0e)Y&02-iUXELA9s%_(+iV)SDxN&
z9kuSzc^O|(M(n$Y$Y^0ka7{`&qi;2cCVEfyW&t9)7@6kV{tO}i^@Fv4{NVn=$=4&&
zOf+<exMCI2d8tg1JVf7`0j_0Mio~-A=BQeU{f6#UF13JNO2nioP-d&MUpEum_~&Q@
z$o;0JQFl?)3uE@;B_(M&>+33RlunNdoz%m*UwRzw)$oS~50L|(m@?q7xOq{{VGZaT
zjUhA1cxLD;zmAY>r8F$V7XBx7gChh1-AEra*`f(~bh0XC8fbVYmCr`f7S4-2m%36~
z7-$B@66LVwr)f*cuW-wR{DSEoMQ^l!9X09!j0z{J8$zw;l&#@4kET8|U2!xvkhQbF
zv-9?iT#neb9fwP;pH|HCsr^fO<0c_k+R(nRvN7Cb7AqL4t-C13X<&16<>uoj^Z%dg
z(WS_zz0>LI%d2etas*MUigS^j*>gh~m5G2umP6Jz7P7?(6jH5<kz`L-t&P7Uv?5PP
zkU}2tQVbQ622|HfK4@4E-r#*RX;YISrN&~@Y7DkARE;&|jgtn18q-{VG(2p`IqPXP
zZ%XHA9hKL20>gkKqTJfnXPj9S8%$+*$=?)4CI}-xE94x93KMLFnr9b&>0(-+4U<y<
z0g%|DkNPBUSRA(~s0D$;S!R$+WrLcV{hr8p$nLObo{VaG(8pnB@4I2VNE}~7jsx-Z
z6y<q-ucZ^(YfLUFzAaeqY~IkD-pKN3<O(##c>f%*gJ^U)g%2DbDDjiz5>IeT=SO*y
z<e@$BW+US<Y4Q<p;$y!LEKV&h1Bt=rpwXf_G2js){>;TF>(xkQh)55b*dJ0!&|_IV
zU3b<|Qr+MZGogIemT2y<8Bw@D+iX><+f-7>9uyj_uF&uJo@HlWl|eYUAK|IkuEj{=
z(J}2BJ$}gb{j^bkjrwRZMeFRmvYe0gNF<J+chA5Jj2GlnvY#BdK@NOZFoK=fGo0U0
zm?S7^^^RuyHDWP1ckUPk9>X@z-;P$v)PQ#Q<4@Wui~Z9US?8mzcsnwG4IqfOR<`8t
z+lYlQh_w47jCdoTE{(vuAMacY__V~n$$~dHL1}R)LiXw5>+FrGEh8q+3r_NZtOLfr
zG}N31L|f>?C0Yht-KJ%yZO*N|s-e3SATf|~3j8J5Un-;fRGC62?c7pK(k}YZsse(5
zDR_?KO$;2C6bVX;0uulJ1OIj{-<4Aq?5b#BJ2)sjub1?JzILIv(=2ioeNLPC0uT~(
zHmSpj*>!vNzEcp;ZYhaWvC&yPqQUYD;-=QM-^7#mJa_8VV>^5vO`u7XZ|#@3CtAQ+
zVS5#SjLJ-3sWB&<UD(kJ=d?iX%`Vs5`TAJ7?rS7BAX1>v;>F@VfbWkM{}NVC^e<sO
zN|EC#LL<v#MMf{BIL43}BqP4m`0Iq}sf3)=A?;$<T$Bvn-cI=!qR!$(_0yLvcboB5
zC>3Tale*&j9a~|FHy(?+6tr9fNLKUXqgQy+dc14x-+vr2@{+0xO%m9B)WEP3_0K1l
ztFBs4`*lE11D~t0_JXw|n>|0LEO(VxNvBVOI)M|KZp^>$GCkyY|Gm+I7bKTe6#C}S
zGZErhMF5>wBD~rN1>ELnuEl^==T2+g4+PAnfvg&ZoayMzkG3#owk9H-s-GCs{d&Q^
zoQy$FN2S5*kHA`QjbCY?gs3Z4yw%7gHTo{i(^y17b!uYa%UW3~<o!Zi<Qg1QfvM#?
zG*uHyF6IV+o{abJBgB)28oN5n=*_EQX}k3`Lms!0FQGjDNEYP446^CHBL*s%bb@M)
zYTt<TJ+Vvyo7`EeJCQFyCn8m^S*4@3^sHEQ*p&5s4m>t4jxy@|TwaYahiOWrDlLTZ
zPxGSKZ=w#AzRyM@HxuU&RpA@Iy$B?3fORB{b@aKbwBI13#0`|m-x?w6haBq^rf(8m
zz#lqbT~{7M*tADu;7&FX;7)`&D%!+VJlyXaQQ|9-#Jw7d5B&cU@XzjU;Y9pw$@bL3
z(_=AqM<HEw2|)l$Q|MF^SG5h0sr^9HJwuIu7&>*lePu71;wjhdB%8-n%CRm3p5S$Y
zNLD4$A_w_JF$_QXTi!Y1rv;x*py)G9Jl(^9wV1XZS!3HZ!DpXLU6b7@>r8yn5Kz#x
z5^?m9TkwRw@8h|XUaP}NdZwe>>{1^TVQgJ`i+jCs<T85e)$^`CEk&`i(t0)iehWCe
z4-fw+6#p-yf!igIypyBGiB(wIomGT^Wn1Yk_FTS6<+A0!_hjVE3za-uE5_LF-3mM6
zz5g}W3c1Pkm_Ko~``Zf8(2L-PpnV{CX8R*<0@r0|Wy&_d5+cWumH&Ns#wZRtG&qF%
z;6Sl0X=Uxz=C0^NnT2J_+SXI_tyDeIGQuydL60K2A)%1$ezl3n|4M84&b@Mdsv@iA
zNSD0$%2gCJ^xFo_x5fl%YOtqkF9QNEl2^!oY-l<J%9kQSqi^j5n#~`V$?J9l3*O6+
z;!3Og@h~W^GazEcaa_dN3~UUaE+T^O`>Eu4n+&ysXp$>0T={w>jU*QRLfOu@c_jdY
zC}&s-T<bx|B4XC=a9fq+&+Crwyeoy$;81J`h=};hyV2fKE~kd_XTN5(4TR3L1JsYk
z0~XqD7>==0qK+)5xxCWPG%^w_lIv%%5lQsrfIeyc)G0Q)L?idFZ(H(GHW_kRh>&hZ
z-+!-sv8BX_E<cc2!I4y974lE3WBZo}gBRTD5b7j$!n8k4)9nZOunMEwFCJ_pgyMah
z>BEaI;0!kFhfyn;^tI;I2w_s|^(*gJE*G7p9%?A3cv&w<Jl3dNR`>VOvGXNNij6`!
z`;Nj|Dc@Wn-7-4bC^O2|;`$v%=v9G0c?y9la$iR)E)}^JVY^F_TFf6^yaZ#VVZ=|U
zFTKe9*NUc}zRj2gS{!dxLy7*(t*AKGp2~!0AVmplXobmz7f{H`o_p2g+2J|Jh5@Di
zm82w22UAMo;dO@@Ssdi;>0EAm?B}3B_B(&pO5Vlkeec(Q?DtOy0S<CtyMn<*io)R1
z|8_8MoX2s#FF8-KhKH&YQ_$q~ZekVb_oF`&_A-Q54*sSN8GT2Dn$(55$m>#9%FJs|
zmEvI(Uv5oSr!0m$5)R?Kqdnjxt{GdY$Qpfs2Yw)f?M|p$`7G)gM=TZ%^Y+K)iw_<P
z+39fR*_!)={89bM_DoR}qo}<G*v@rb=E*G3z*SrvAv&DSD*SqvN3iHKQC2!v$+oTd
zHuWA%5&ZUO*6gHBIL8B&%X6*olXFLrcUdtVS~a^VSJ?NI2{;?V^##XGdUiCX;4~#Z
zCUz*~3LBdO!6s|b6eJ_l8gINV`1hvIc)s=N!EPx*Hnn%=iMU3EU4Ttfu%n%!L(2Iy
zC1SugwYRV`V0tQPr-qlYaNC69DwhbtNT^>J1Qrc=Qpg$&zVMXs4CO3L4maNaDxkIq
zR~y@#3$$fZYU1|$LKSBw+^NuG8N*943PQ+KyzhFksbb_6J`z_dYFlkuIe=0?OS3^=
zsHOI?!1gxf5)e;CmBCe(C@xdn63%wXG%yyH$cS6#xio%yby+LwL834ix58S}9G>n2
zZX|xcJjBA*$C6vYalJxs&dTj1I|TW%{$z44d|#p$3Yb40PvlzGU6<u_EkIt_+A5vQ
zI$yM}D-e!tE3jm{wizudz$P6}YkVWpnaWI?J9QTV7fwb$Il#J6M@8I}`k4GnGoE1H
z$UzRISI4e|s<GVh<=ng;L|S@K!F;R6_EYl3<qggvLMu4Y?Xy3t2|ch=%d3?W0x74M
z;*zUutuudh5MlU}&`5;ijS0JaJ29(rIZcx<bCNX*P+<2vt<|IZ>~)u(>h?tOk^FrY
zb1u#dE#mGhd>AS@lr97Jev$1#*@yA8h9@-(wI01x1s}_zz(fs_W#C+h^9Cm*rm;3S
zkZeWQF1rKw+TLBbqHl^)MOVe+rnz^&e#aL>SnD`gu3=f#0B#=k*hIWRTz#yl{+>3V
zT#=$5^JkktIaCQ2L5!6%nz7|gL!@8-(ni_Qq_9lnX+klD3-*@;N@3T&Zgbxme2iYV
zwM3cPf-j39N>;`Ia?!Qilsmq4Em}&0DQl0K${EvS9~?F2bd=z%U;DNCX}GiNMRaHC
zHq_obO^Ed$C;vo9zF5I26b4vSccsd9IucEIiP{*)CL@t%JvUNR5|ZDeR-&*wMEo8#
zXUku4nzfebV7OLscnUhwiFi5tr2A``1eIWf_#tXu)q8wuYyhjSf);D=EITH;Klh2Q
z#%I(-xXY1fPEZ<RT%P&alW5K(Le6aZA{9HCn2iuu?ZK*h+h|ZrippkTTxp3irx1Sh
z^Ru5;y>$C{T&^I1DD|#Iwc<{>SKT}AZULE=OHg~IEEoNJ7k5;D{?*R=MnT>6xEOU#
zTh`&JHq++8+Wg+FZHPgMsU}W$tZ;GQb#{*4*sV2(ZPYsf(qDx^LILNDB}KEgF{1)t
z9}0ga<kS7=S&rvVKk3|$TF;^@Uy--!{9#~{&@>)&Q8qD>Xlx(Lwo^RpN<f&s=1yM*
zk7Lt>L%ObENvFEURRbdip5>`L=5uSWyGF!7SL{k%MLUEwW*k}9S)?ZEfiD|eJpA;(
zJOp1nmm(rH6tv2k!PKY<0^JU&2*X--Xjr^Tn%ONj9GTVxJ=bdLzL&1Cluf)|^ReLe
zHkvR?bDBz+liIe12*!vXF^3c03aW!qpGSPwwh{_El#g~TRju>ong4{#xghfqOp1{P
zQYLV7EMb`Msj?S!_7?lJyqme^`OPC`?BYN*@j}jq_>o`;>bi?E{t=j}ft^bzA}I72
zWV{Due7$z;5db{l3LrN$olTlMZI@eMo-|`ltmBB#XzeUPp|IeN^Q;<(w=%m1C!2ax
zop%<h8abH5<t{kB6B0|^P$D*%!!IsGE#RuEKFd``7c=;rL7iM~4YbKpSgshwH8kJT
zOJuMDanDXP8V_@H_MqFz7G1u;5vQP`UB)k5WN6U`ZKf-nabh`#b7_u`RlqJ;T9X{O
z(0`Dx?oh65qqwZODBfMRPVSCe8dL|DCxO;lanrFjrN;N+ihGT&#7wZ@YM{&Uv_9_4
zOBOTnFU4<&<#I$|iqdpCE4bP2cckQV@1xj;GZO8MQSpg$>k?zg4u<Zu!wi~Wf9ISO
z#&xGwkJ$5)XeQJ}hSD77lOzuJ1cyEVk5m93IY(%POpT3KO_lD!m=8G=criUk?&)uh
zMJ{g=mDGU9nPboEP&vq+ZBt=^v8$%~VAwP7x~JLa)HPzP8oY$NhhTDxLIT8gV2g4c
z@1_}%=--vY#^b+Hr5)e3UJ2eY8$(c?<!^DNOj$WM&p=@r@UJ0rQ7JRDPUFq=_<>*)
z3n%H;6Uj_dG=3SCEltLor5|}V-`q6No?dwa-**P}z92X1n!w_6G~s-Wr$)P=c;a_S
zSR6P9uis1`BDv({bt_g2=cTJ+L%w@<DvIww5Fnpyilkalq=X$Pz8)yQeyaDOSI4H-
z&?!#}TnO}?zxrBRYukmYOd?sW^9ya1^MMh7K3I#vAq}&+JaZN4FDD;M2@HulRs3~*
zO{H>0u@AK-{30^o;6I)vT+jijMq8_A^+Ivv+p5AllN&4>0Np3YQtL3mF<He!cE2~o
zFfBcY(+@%{G=ZpI8Y$nbe>5AfO_<6F_bhM?OV7zVov)1}fk?m6lhsI&PBLcSMQi7+
zM?;r$x*XmjyyVW>Qc&imqFnaua3|-jZScoK)OjxNddF3FdEU2$saL@fiX0_(U*)VW
zJiG2YpLzWci>%+i;+nyw?!(-j#*Xp_DsH7~%l%8gZSmGvUVdtxc2Vi+H3YO=e7^{e
zML6yMN}uXIrP5I?iC#ZyS-1S!Ze1#9rvm3?xBZKevq(Y#iTVw;H-gPh_pPSg=crve
zPe^YQSB;9hVE8Ai{k4?GTjokEc_C$thbHYBh=riQtKrA)+mFmyDD|>m>Ys0q&${`G
zUhd(QZ4#Jd0u8j5=Xbo7GJM$1Qn0CwR16$;H8&CRP@HwoF%b-PlhkyTJD|?%3KIq7
zdvsAqmltJ3w8I+LyBjKZXGx?73xRv%tjcjvDfM-$2>!`<w~!C5z%-A#-;MT&RY^}R
z_J~EA(e>3U@9lfs>Zn)kX=;%fO;jE=28aljx0!Z)C1{ZmhJ&3zeU3PLdzy#zij*)<
z<TZaQ?M+_-k$GwAV>ysLgEvp{S9C?1thDo$;BfFO29Q@MzcaAj?j>vcJcD<=&&4<O
zylyy%xn&M9Fm#uqCZo2qFc<N(I9PeR%%~|q5b6V87t#W-1s9HX@UaOYt7eG<Vl8|&
z-Mp-e9i7gQXl$}fzNk&CySdqjRp&Shy5KkE1DmLbcgsRoo|mc7S+cD_diC1}+e~UO
zeOcEctqlLZB!(UAxvYWO=F~+04hPa$I_B^uy}XBrp586V{Q8xoHVza&&`fc01aAxs
zc2Cu<HYB2Szc&k#2lsr)C7LTW(#>6RFy2H3Ia)hs2!UVMOs}J(z^4M;PO(hWZl;?m
zfqXAR5i1y-e3{1nnDk*r&3T1vIo4>2tR3fQL$TFTEtk@V<9y=eKww|iQ>h;s$E2*B
z^9K=Z!}I?Ffc~EVppgpR%HpOUL~~J^(JQwe5x)F=wLywA0fM;~F#@7SirryO+FDH-
z#(3b;D|}zK$q<uFScj*WR!DZZV{^((fIn|7=iR3$`=$F^+4mPAcg3Nhp}V(>AC=JA
zEenfHQYYUJSs1Kh5vG5<t^Sx9{#BptdkyV(5qh8&aL?7{avC#g6TJsuy6cV8u7I`P
z`<+lgsE5H1(DJp^htb&)Xh>izqr-|U4|&B1bcC2V94*Jhd)jmHY33|qLbdpimq**~
z3E=*~#42B4(kw~~T&uME+Bf(MQW}6dI+)~X981{?KIlU6mH)wI<!Mc^{)3AQTI##?
zW8fYxaATbd<hvG`Qnu}Vd{k`xk3?NqOl?UHTQ4`+7TL#(b7{F$joxxgS)sVZuud)c
zY?;9WAKlQG>O?x4LdAxDJBl9uG}Wcve8|2y0<-glAVa@oUPj?>K|tG*W4j@_;;jMy
zyHMvYA|Jx<gzn7X<EoT`a0#IY<KZSS2wOMr2*>CWcd0#a4OCQdllfLD>({ydSlw>`
zu{%-{x8_C)6%Pz&`)zc^;qicumSM8_5o-RvZeZp3yYLw!6^+c-{eF&04v(j}tBbFy
z#v%6r%<cLWJcY*0@4|<{%Gp^t85Om$$Er+`GHF&-6`wyLlmHy61Y-DR=Q4r1H&>IQ
zm6~^wfYX=L2C74S)jUr*0`n#O#tU4rVY=cmhC(&lZ_v0u8ue0@5cheo4s%Z8k;OPA
zD4`zX8+t{?n7kZ!U)`jLcK(czYH?u_s)FTK=nrM*Lsrws-R1r`I1=H3DmLA#1J>Aq
zzG=g6xXkjmN`2i9d(bF*!iAj^F7fIkE*0Y8L~?+@HV^rU`e<X^;!>^KR(Z~*+RJa`
zvvP7VM)a%lu!*uty|LjgE=uOz8hfopC@Jwym!5(UhzQ4Vryu_<TI6ydA42cUhk1s+
zglk3+As5>&gIqviUYspMVGicMxFdIp(^=;pH`4J+1$R9u;?eKqfSZp&pCBDui}=dg
zGR;_IgW4+a=auNcM-DRRs#43D5#&hZD|tiJFWs!=hAIHWJ~-iX?7YWr9`0UUrnq*@
zNVmIMHhxuYeyDF3d7*nbxHLrlgyM&(%5%yuwRJ2UEo3Ai;l-(_wRpfsaROwf?Vvj+
zAtke%gX*6z-$&LGfdC8P9h(lS)q9q0TcYmXL}^`k9An!EJ^vgJ%OcOlo8Jn}xl!XC
zK$vX$APRW0j-?)1SRl*FDL?54i##Q*Zb<ig@OW1&bJ^TU1D+Fx!D!X^hH36wt8SxG
z6j6_9{9fw8PR4<dgSesH*x1;R|C0JH5Sux5e48vl_KLIkhLiEqKPK;WiO1qvrAGZq
zsyzu?DYes$j>gLM<6j=z4a_^(6I{-#w~bG7I5Er*30&O{2Sd8SXq#2%(yoI9<B~=F
zo_sz;{?gNwX!GM2#cR_A65`1Y%4RXj49dyaXaC(8tIO9}Y`y^fqaa`~a%v!#&wp5u
z#_qzr411=NZn<SkW+wr+bIUBF7h6mzveqsxDjoulf;T_jQzp;tS^*a*sWU;803ye2
z(r!(6Es5d&ZCL`O<UaWDDPJU4BeCwoYV=~`3wTr?EGyVN6zmYD`AVC35yeMbbSA^r
zl~lw@9Kx^59G-AZ(HHm#{44|IYRhVNyY1%6G~UkUg6XEJ=qP(U3AiMh$a59711N}L
zSyVtBh0|zB%Ze$A*6W2L=NbvZP^lf}Olw0ieKMsQj(MBfs;F!<7=>nvKrFh8!!roo
zABT>~+G`>91u-k=YOzVP)Y4k$wB-`NZ_;KT<^C4|p~3id`F;!@Y36hxh!SQtm5U3<
zilf8`E|uH%q2c=2nf4_zmm_H{W`yd!Bn<WVH(!)si7%Ww3dxL1v{~m-rg;63<8&bL
zkX6X!tLfP`QmuY7y+)#5{5hRakJ}-spSmALhJw-D2Mb5+9whp*A4*m%KY(vEyne=K
zM_+Xeo`KytXpPLHK0n+&7#`z+N6mSE-QziKwnUzB5)yw3G?;?RvESrpXdOS|b{^|D
z+1J@^YmnUH_!z%4y;+s$zwyOm_0$H~xek9k1islPTJ&x3+-`q`;4qX0I`;Rk$&BWx
z7WJV}WVtg~A?{=Z0v<CQ@ab`d2^P99CyMKu<hYz$ud~X?vPvG29K~V$yqE|4xbkcL
z=>pQ4tl>SjP%qK*!ipVG8HxOz{kFKe;<1_C-bOm<o<L;GWm!#u?zDxl`6=;)?k|v+
z|Eot&<3QblT`^P2-oeZaDMq^>flEs7Fr8V&1mTt%*)6H?{Rr(f4jLS)K0^Ez5En)y
zWg!ttg!Y@gS6}kJ8o7K`oKE|Kpa65CG)zLGR<xFvIwBG;)5vrLWx8rY9zJ;fH&?o>
z;rsH!;bE)uTgYWbxx0IFQ(JRU=sPm{!#Oo<P#_2A^=wt@_E)R{=kYhite1X%J}iLj
zneR)$noH_Q<MB_w;^A<NV%Hn)$Lg~Sw3-l|r!C{BHTOCbWC^*c?yB=GPCue>bZNwk
zoQo}_7YA7^8bzUzOq|8LK3Jj&S@=G;KF3ymOk*~IYGWqEws94`B~|<3Qc5n}QdK?G
zW=m2jU}22->P~id2sXa3MeXlTQ+C4R5b4Eo?g3aMF7KwA`hZn3=V3;7zwJ$`G|Llt
z{uAd;W2@nn?RP=NHC?5OTIuR_s3;xTr9dlik|kcz1}Vzhz5)XOF#(^ytLlLgxh+VC
zcst<fmI~R0ep7DBNl?!-*Mn4C;s`OCpRKh4yMk}^-C+~2?5hMuh|QsT>(~wk4G+!3
zB#CZ{X6>2+tWauAQmz-5YlI54Q<xZidj`nf(aB2$(F2_5+X~&5L(W{9NZ2aBdrM6_
z8q2f{s%M_VtY!B~W&zkHw67zkIXk?FadE<6&yCaYRtYY>8c>mHY6b@Cp(i%T+-C`}
z^Gx7Va&gekwj?<VK-g4~r9>l#0FFMa&w=dO4jCS)Bf1E%`rOxUj(Hg7B%g8rMLHFh
z;Cdy_A>_3h)uo0i7Eg>Ol;-V8AgFb^>Kcff=PQ**O4TZMslg151&{anh{~;`E!C`m
zY^mGac3oX_@mUp_^9!oBe*aD{N*iIN+q0qhGvrsiv}u`5nUjyFiSG;SW8CcQm5J}A
z&UtKhwhmNT6U=1tqfL;dx^QkpfNco!Qcbno2)g3zMSN0(S-4Otb4OzQ4$x>Ao{kl*
z&Vm_3sm*{VvEO0vQ20g-DecWkdpUWYP6PkSE=rIOzwFG1Qh`g5>!G+0?R()RpqPN$
zgR`Mnl>Mg{!0)a^1eH!(GIBI65v?O_$+JVX%kGeLb5w!~c0f@GqFO2vx|H<sH~0Bs
zWd_9+l?1yyYb{V0jyb}_&cKj2Mrp+{?WHY0wL&dd&TrvA!Bg0Jf7aVmtBpE$c>V}Y
zRZlm4VdaBHyvd3xN@{K<Gy`C_aFcEyWD^6#-?5@r=-I#YxQj>n$n1Fv0kz@Uq?qoF
z*^=FBCDg&$$WAQV^2D9FZFqPreBID8%eITy@Fy#V9r!*0wk;3WV<=BLnW2oe*Hu6$
zKKc_n^%<z&re1Gh>oXCuGZps%sEDX2aN}D9ry<ue`{A-ZOnv8{nI3=@P|ChEtaOkT
zDNxyK_<XiA2>-So@S>yF;VdTbJfiTkP~oPb0*MgY`rycmi#1>1<tCtlVlwvRPA0>4
z%EpVP09rU@Dogg{Vxu)*)AajBEY)HO6ZR=(=(Z+3-t3{Fuv{e(Hj+4t3fqHsMk;&<
z0EK#I^zMNbX=#>*A@dj3e8DCEL{+s_(8X!eg`29}>PPW^t6ca&8zNhjW>4A{2WXY9
z@<d<hU06K!f*g}bu$rIqf!f%Eicd9Bykh&0dm)+?5~wkb*hiM_umxI(Ozg0!Ia)Ll
z)1#!f?z7DwNM*bY-ISVS9H_&ZM7|<vfbENMb~_03x`z+4GBTEC$q9$zWN7Q?Xslm<
zQ_PLwZ7b)$hh>USOk^T^Nm4y;!li;1f;v#@!B~LNUZ%FH`>t}`%Yeo!aUoJ&65=Pq
znY{qDC+}2FO5}3hqlTUCLXBkoEp(&uxh|C2B67c)ij%Za2q))#hF^_PN$%cC+X(o;
zzHxLsk)21ChMg#_>P#!OW`U_bN-RvKHN24=<^-UDBORh<^wbW6({POM<7_|#(y?+M
zWvubu!QAjsYWtW*?K4%bT6xs}NC=}JY=cmyNqM-D#q$gV;{JP$%ehiMZ^x~%v9`Km
z(Y`dk_p`HiK(=oSGT+Bu=|*dN$;(Zt?yX&BHtxdg&_YuePlfDeDfy5%>vT?GlQ96`
zOD(R1EXS3(?T$4x=#s)NJeXp&)KypB6{_PJzcwSIpm4l1aI-=u-ZUtmy1>!2qF_@9
z_5=0*KpeRi5vfM##Elr(8R~{(C_Pfc?7?QE;bmNa&3m2m+MciYEQ;%^>Ng=C&?F0l
zz-DSnb>pS183q~xrlfL*H4G_=<RQ}NM}3ccd0pcAGqGZ1$dji#Gzn$FO(R5YJcCcW
zfSGR?>Ww}5_EL9B&1xe@^|d?Q)MC$Hj2KyNSbv!o7D|&`jCsI*Up=<0$yOqJDiqK5
zMwygE-xXS7gfL>c8>hG2OzJr%<03_TScJktge}6}KE6JUNK0h0$P$Dl^dUE>n6IAc
zO@fgrN5|n^q%*bVqaf1Z<SG>!Y%epfLYf%zk{5i98tN{|@>YuN*&T<?H>NNLv9z<E
z>@K?U`LTHTYxUNZ*5+!RCQ1QsH~H=9S{Sq~Gu!i+iX9y9svHd#psq3sA8&2zyLhJ(
z6O`KI$jz1YtK(vG{;kb!vE})7M2IiINu0xe5@lum*M>Lhe0-GBTrHur#^-P{aqhVV
z#*s(4&mp!d%Km<c%B{tbqH0r_>2skj6iP&pZUGI&HWd}^lWo`Eq9L7b`u?fG^MY)G
zfq7dGIM2tjV4@MlED2{ZDI2mw0SjBHqc3ezQiThnzz7BB!(*OHPjr=lK%dVWer;y6
zi><TF86p2V*!DKw7JY24m_cZ$B&mqHSw$xt*W_WKX8M$!?^eF8sHLsR1YpEu+ozIh
zT3dLgZ<Afc#wQ5XB_+TatS4W?Kwx2R>^74t76A}gea8#yN9LD-p9UH79Gj_|Vu-W%
zdbKezm4MuI$sF%?C>-C9(5fKn9KYnV;iyP!79NgCQzBXtrnAY7XnIQeQWjQ<Q5A!`
z$X%{M!BhS7^2l$;EWBZ8=LLJItt8J`V&bKx>FPNH`$<f@17P+-s1YP9UeJ2?F~Z=V
z*Kkn!SlD}Wty4oxLjLoyQa-a6fX--3z!F-u_yCn+UoJeby=I&2zgOba9dBjKS~7n}
zSB|`>wzf_Z%K*+K&+TlJY6F;EJI{D35AGl{BU~F2FLGg-{mvhECq`QERMlQBGQ1J=
zNQa168XO+_X8(WDv20>}gxbh2i$A8kIUooTiCpR__EJY{j*c9qDH^1TBy}%xj{(?2
zjS<&%8Cbn|d}UXLIt;fDM>~fJqogiB9$yjX2tP`sjXT?_IUvNXI@jXO`V*{wyht>u
zpH~Ret3-p{a}o(vtTaGOJ-x;)Xe>y67bw!T4;-8+cIR{EA!2J@!_i7J*ciymjvDqv
zxB^c(H#Cr0f7acdalymwzk)?;COm*LVmu~yyan@}%1Tx=T@+5)TC6Md{cRmysVRuq
zL?b!*g<b0f)Om?LhvB{fKV@B5r0GOMt<zCmC&WYVUAqgy{;G9waPX_(k&cd*sy)zv
z0^15w5v!B!AXOmrxlEDn!h{Y7Q4u)&eZjEWx%K^I+yVy6ckC&ri&8;RAzJ%`rmngk
zHbupscc+*p5V{_e4MkW)aLWSU7UonDg89S`nX1u++X!s2kIIj{x$~Ua#SVZk@Beku
zk-)s;Jl&w5B98}wM5%<TRib`RXUu$+cUYVI!IeGxlm}b{Wz}R!$rrD&a3`%ZuscPa
zusP@2k!vwb@Et2>jyKu|ax9!*ICKHfAuq3y;9D95H*(4F7I}@-^vY9H;e3{aO<Fia
z`*q~lA+H|kc$xNdHbV|yRY{It7`4PRxi;H|i8!h<=Z|*KA|g@iyqTek`!omtce!H!
zHm675Tg5?$Dl+7`)1HYYJGhpYZ4ZR(iO~u!&I0DbL<j+xWF7QPZME$|x!4^3qO<+L
z>qb17u!**AnSk?pYOG3qPJybbGmybLP2NBUfhQ+$-to~!sdl#$jJO-Ca}o6ptg&y>
zF4U*uO-;y!Bai;`mZULwP-1XR)TGF3w5B#su1>0r{$Fc*h<v*sM&eJJT~8*1M`PLL
znjdb3+RAK3pi?fjPTpyxoIbeU4E|!Y{Dp8*gCH*a)=$r6la5Qi%q9e|i&>tER+RoA
zse3W5t==uwV6sKz2FynBemozut>;Z`xsvD8islCt<UY0KOE1X+M#`SI?%^fUXo=P{
z=SB7~-5d<m;E6H$ZW>oAXv(M7-T766u>F+*h&QUcMWs8d<UQ}BMKs)Q?&2W~U3>jS
zB9qP$Df^~uX=Bgsdh4u;_(++3Q$L0+O5B&P()&So?vyAv(+)$P_&u*`ei(+s#pI~a
zaZ%b(0yxUVoSHoDqKE^YV9kWTNvId362lPeQOfhr_m5LnziVNB)6*lfu(6RR(><VD
zYi((f=@J%F@?CO=TAbX-8Ooq38!=H?(Ql1Ul8i{av}0eru;pP+Pk?2EFbd2gWQ$Ft
z-ku3#XZL7qjCocM7j=$Tu__lO^376KNv4v-Ue9NDNd`pvoKw8k2;J-am(=7KC^%K6
zjZBSd0Yih`vuhRAe{>`&84xaIUaKSe-Kta&<qf6q5QC`qW&gYX)2}gZmj6fFGd9-M
zblap!8yk(2#<m;VNn_i#(d5L9ZQHhOp4hg{o9BJ_2kzIs_spJ!nYCt-K9{Nes?Q%#
zzh}hUP+JH^p#;QL040I=Xev2V*&(QZysTVX)mlEg!sQ=7c-;+P#>K*){T7HoL<d2A
z&<hh*&OYC!4*m4n@dDyED<>r*6T^9Xao!)K9Qsl%j+_U5yBjLaT)j>3()6Rc{J2i^
z8AntUOz{F5*`3YHVdGnW@wZM)=bh9&X~gxV$+_<8eraiaUvbfhZ$>f4Wz+8TCR+N1
z3e@~HpA}Gz<ZVl7E`$WSmPoKw`d4|9yCvgo&eK{N6eEmL*d65v(bJX6C2c?NL*!5;
z|5WN}*N0WK0BE$rP$!C>+fyhb>se}kf?3z)PxXZ4j~L6OVdygc$^1Gp%}m8>XGZ#y
zd*FC8Bkx}i#&6yUMB1L>4!NmE6AAqt&CN}*>;2TTvI<iV_XPjOB6t?3x?lXay;b^8
zQwN#-Lp@O2&UJ(JjvjevYI2rfLm>Q)hy11aQNbk7m4FR1=fI0RDB{ZiUk^*2FKXo3
zt%+5nuWuK-W-OygxWKSf5+H|*BJ~k#$5Ywck@rgkk+1y^<--A@FciKY#U~Qn4^dAY
zw0l-qAl0cgHZ8tK3Q8PP4)F+mYRWA@?z$WmYn{6%*8rSl*z{A!!V2xNZvj{rA|tQW
z5!<K=6;0rEUN4@?sX9cAyef60ZHo&_irCZYWeNlmo=4{sg`vTwI4?@;!{+`Wlc0O~
zQqkMbm0O)<Ft=ukLyQG+zlhY=RQ)F?JiM{2>zbNe^NLik19en6NuXtt@s?=bG*Lqc
z)D#MxmQcWLQnLgV{D#WUfHag~+^}l+%*}*53wgC=g-{9=YQFz9bqW1(sMc+JQp9+p
ziq)#rZZ`uk%$#)u@2i3!&X5B1sx&P{;)K%N{IPS{-ZZ=TCDjq~-4(i52O1p;XhpPC
zgx&p+#jPtS6OMA?#=fm-M&^o3%`AeHmC<ZOh8GCNY0!;N(OJ{l4fq0Pt{y?beD)TY
zhO8zp9_!XSvJR8B-5$Tv)<o=b=t6d_*7iO@8RRIGK_693sBn{%-m7|j3gQcK3c-{?
z6JrwL<G+NCJV)t%KVm7K=3tkhp5h2(UoOI9#YHIfgVzj-_AHz1<Zq@fC0i<kYS&yY
zk8%X*W&o5LA0ACgpO%)gi9EyUs<*6t$}fmwL(S!M)gfe(SfB?yp$2Fm7WB<!hZP;B
zJK=YzyMxb<Or5avr_y@w7qdX1vWf_6EEC%gR|sS~+vHYcF*J7pq--_R)VAJAw}_Rx
z=k$ekk<8SL(H&t)-|=&6n#!+ZDh@x|o-!$UgXrCTK6}qai#$PVD&K`W1;~PrVU5H8
zd;TJUa*4F6F%@eSWa!XKuc3%-sekwcLQM#P6_)0=$l3AXAq|L_%=a-j?Mxk+yEvm<
zwkxdy*-mxHv!CLTT~+!qPi><!Er%Z1?LxjIgu)S2CmqIMc0QZ4r0}tqlz17#6+AQ0
zoC*~4_HKQ%o5MFLS47AfuIr<IJ=6B8Ais*umtFi$bh1phWr(YVx&(r8$zXSdh&_1v
zZu<UB*KA$_b7aTSs<PP172|putI*C;)8oig6I-Svg#FMcu77JPD&j{exm}r&zkU`b
zpIvingZM!Fqn9e9g<byAt*`wV?N%sSD6GK61#b<Qd$<~*NQt<B;Pn@1zcfWW5=hQF
zc>ZL3t+~P_DuN)a=3^`ROHiU(5Le1L{E(FnqRpOf8KlX?%q(aM*(%v!s%3n!n$_I7
zv_i~gMUnGc-M)8DL#JvQABBq7Mepbtm)Z7edh|H~ewRY#y3j}}Q;($U%HIWyiw5z9
zz$S`RtWDchfM4@MXcF|3EB0$8XtY=L68>XX5J5O-QXEq2K#^<1yrdJ%%+bj3Z^Xn5
z@X^f8jw(#ILZ_f<dgF+P$10>X57VR;o`%vvrH_F!hv}$TJ+<r;ovw)aS}Rn2$0E4N
z_9j0-e?K}s$-&B&2?sSw@u*W~h<!nzHKihGY8Tc|Ixu+tUAI+MZz>}C^ISnogVAlj
zx%JV6SJE_HepY^v>O)x=lOb$P$G73S_mWD5YAZ+0{c)WVgpvbb1MTtqQ%Z-e*zMf)
zCC_WYdtuWpj^#<V0-_OP_x(YoR;*$Or1-Kug%vfzmr?mxpM7*djp<$u@CUoSVjms#
zsV{APiJ1Xu9BH6MZEgN0oMlW1>Inx65Ci*X>YQLe#BJ3H-a%mO7Z=MiH`zEU7_m6L
z$cbnG_UB(e&Ith^x)x~lIKxvRCjE%oo0Z!B7Il}V=055zKW(o&?2pm1F-{{Nq-UZJ
z@dx{pemC}&Nqj<S{l$SEuE@;hs;vLe($DV5;_=fni;qG%ha=|jK%>2A8_V!D{}bd4
zKuL~!dG4|EKRe{pA3Fpl=9{8J>3Xscm?jb4!D%0AwR<i((oPFi_OS~8ipiIodlz?b
ztQ(fx7{~Y@IaFs?`E67Vl_7=Y<m~R??*#$n*ATq;6o7PTfyUAfUA)k{OXLD3=SvKs
zbytaHh5c25#}EPBqe88@!KG1!n$H*t)UCbvVDAt2@3}L^(naeOSA!rm9z^EO0`Ar#
zA?-oWrczB|6}`z=9NZrKLZZFy2{gxb^IFbM(0hz`%HFpbvH26a2>hnc0pWDCq2)lx
zjx*}j$+@-$MU@sYGQ^RuOQcDZ?OdbVl!9@_quu!c&{K{jrKuzWWvD(|MC1hrNIL~c
z^L@opMdNvbOkGh$UmNW&1s|bqiRlhmf)AvACzMvQeccgLbQb|A&^n@_dWM_Jo7)4-
zuT;e-W=gj4PC^d28{vgMS3nSR#;md|?109GIrQmb+_AYHC~V>W{xoy1JV9<vJgJr%
zbxh`w+KtL5P;V)v`Or_o0*+_y@pw}4(%|w%*<a3(eb;*4Ks{KHYt7uKxayjo|MjU>
z!2L=m(&~Lg!FMDV0DXMaP}*PfmcoNcCyrg1_SaBgL?~!UAs*}hdgI3{fSw;P8=x{8
z&FWB;=3}zs=zGUT3rkchnbECSy-o|PNiG4u-PtPkQg{s`$#_q%E|@SgcuD-yFI?x~
z9YxV<+4gW1TBuX<ElXH~tc>qX**~OB<$HKYeSyTe#x&cb-V7sSA(t+UGBTi<f`&bV
z`OO|4ns(`a?7S8{1u9BbT1P>^&yU0Xu5>(u2fpd}$bH=%F?(8}O7GO?z}^MmkW@L7
zN&m37I$!7Ys!TDRP_-;L<k#CPn=2{go6l#K$k?QcCeA#)jTyE)Y6)8Ce%sY3E;eFK
z81=T~tLHpVAX}&@T<l`N0GY<k{Lv=(f<28hVjnXmqoX62v*9ecGY=%T4+2meRG<tv
z7kX%|Y&whOgLa)`GhXEnTcJ(y;$Y;(BEfz?#bb9;qF&s@EHgHwuq0v)*`NP3P*NP3
zk&m}86Z`weSY4W28E0o|bE+}V^>_$THGs$4i6eU{jcc|JcGn!Ctr0x!_21~t`A}XN
zq>6a|-k>#q)k={|pQlS%rO-sTaX#GiL7bTxhqkrF(PNgO^$FhQ^wjj}?qT2Zik-Uf
z64z$6N%^86ue%e*<g~UNRf?VRnaM{QBB=Cyd+%p&6XVTtnz!5cd?E|tz$@f!fFi{m
zQf+3Hjj|Qn*R0G4!X{yIG&}i5BWbC_y{`?9Pb;Pn%io|BW>4{scYydm(1|6DhxWod
zJwl$%23YrW&7zu`8q8fO&`VV4e{Vr%OiwSRr?aI`XS^L|Y*5GBi5*VZN;RBWo0k2a
zqVj~6+N{1#x>8tD^>b*;DpT)}H$1He-EsCOU?4zRAE1vPi=Hvc>iVwRZW+BaV)$WN
z)GseX_!^RJCPXK0ImKD^c_>t!1}nxqi^gflu?Fyt2@JV=9UDubK)9lgflj~@H9xzv
zbUdgqMGfZ@m1R@Q*`hyIX#UhYPeIfpYH!4@`xVMg!@jU#%ZHmndc+XU%I}y?<G01_
zrZk@J8QR`&8=N>h=>}_uxbX3V?jl=fu6_mTOKx8gp%ADMCW^e>@I1D?5oAbe-a&MU
zl;rDPb3E<$`M=CM?Mh&7(JmO5MTBWg;)ZB5Ow>O8Os?08)VhdOj0*)dugFiAvzbW8
z*F+Yy#qC`AAZ}3UW3~97m&pisxXCNL6pBL&)pCgXoX^*0`rA<JJ~!sjwpOrTb!DGx
z_aj5gE7j&9p!%UAEh!IS9U}$QqzA?i07ZlhI8v18wWoV`a?jq*>a8?hd5y=@yUvdR
z=2<Zk2<_(O#j3%RUM2`zeBL6W{)9>q!#a^rY_Nh~s=>QX_`@TM*m&kcR82WBl*oPQ
z&DR^tX)Q0e$;brk9{mfn9MY8^l{8qDk}1H13tzD5(zg^!evsss=)`usv$%}rki?~B
znF1=;ZidL)UfTBMj)d#P>o&$x8Y)f6ep0JA4a<j^|FGRkBq1^RJ=hx`A757u)y1#N
z!0Of0HJIWL61Ko3TQW>Eq1{mh5qNY&gagjdSf0)iKQpZ*<S&k#ohXFC7&DtYOlEB9
zW|e=C)HKuI-!n^7EUHcofqD=7I7TmW%xtPFW3FT+IIqw|(QYM03A4e0HCD*d0NU)>
zB6OyWYF&{CEs<;~RFr5e&3Pklz2Rn^CBzT>Os*+ueMk|0Z?6N(X}|o6_m6hxp$TzA
zbZJ&~ai&^=-`awN5QqSMC0URUi+z${%t>LK&B0^OpLJcp{L#<gOv_VyKqhSl93?{5
zO!=OrsMk-hjOycpcW7Umg#ql{D;93pLnXoJSUWI*wV&w5^U4{W47!5|u9Nek036OK
zvC7ux+g5&5*+A=!K={_%a{|x8T5s~QGFg`5><IszmCJL*e_i+sq&^>5F@as8>^No|
zO1cVBQC7YxCpOta*Q-!y)ep+?UA>Ug>TVne<w^pL?@Y7SaHp@$?S7X0b}FF?C`#w(
z%n((flLgh`P>pg2CMkd?opmzde840=Nne?&<wSc?cN?pX(}2_G(q;fUHCW<7=+Qop
zyU>S6hxn>iZ)rgV`1Hh(8<@X+)25MKx$*K?aI=lqksY<kx7q>!OI=d|bf(76wPV2W
zd;H|!AYHHJ%5AlVrly~$V<B(p;V^Ru!iBi|<Dr;Hd~qCgco@36lfw3bj{zhBnjA`~
zA!ce!taX2(aJSw~V5zE~^=v6-uw^{YT;3Lg53*-$YYpAJ(OwZ6E_GHh#%1-knmU2~
z;Do_5Hi3j(6Xx!HG^wt)y}s&5BoJbAGM0HgKtZP9Gsmwdw5-W&j3H0W_l(Euzw&K9
zQi2F3Q+i9_Qv$n_t+w}Ld+bM+CQ~z#r(fzyD5wxQvJvmd;+zVq{1<XgCthwT7lZ*O
za~>L`)EdI>7$X>Jsd?p=dnidi>FWr{g8S6P*PeLqmqE&Qs^nds74yn;S#mSQq~-jS
z1m<>Jj}~&}9gBBy5=>;oJM8N-+9a;H!ZKOsSR9}CaN2IJ?(qc)x?OqzU-B-!esm66
zE_DtRD-bFNW0zXtOVZ4N-119xSEMCHJK&nkh(vo3Q6YU9O2WhzJ;RC$U}#o_K=6ew
z3THnsOS_h{#pqqET_xVc&Iu%Q!kSaAZWi&o0IE~av=_Ko@@*^J0>5L-QpK_cA$mk*
z`=Rt64{%8PKEw6rVqqPJYwX&wCu_l*yBaF;c<dTB$bd)$jwGzlw7EMoGclERX+WKr
z6V2Wq&kn^TrzZD8Wta8|5n5R)RFducZj{F{@dzd|HRqkSeODIk=3dkGM4)tF&l9%o
zUk~C3;K!m6CL*gL=q&)~fK(aKN^vLpA5{PYlwl<h>}wlVIH0ZPG=aPAKNH0Rn8e@*
zX9^<BZB5gUvFAkJ3+3lQJ)G~>V5wKMfl2nH*kU8U&Q(gwzoo$?f4lroj93NoANq_X
z_HhCPq}Jlf912ue*o^V`;n6Bqwjn+gFulCv87=fU2Gd7pwM@V%ejlX|ez;qnP=P00
z-qpn!=NMFUgau%>`((&$t*MAoXKaWsp{O}|>p*pCp;ihv5<&u-QRE?rQ5C5iJ<I{E
zo}?*Qut-qqqM=NyIRiuOU}StgEV{7Oojv|@mrV@f>Szo#?T2T8SF~8!W@*P~U2^%N
z`HdDM6*EFG<Pap^lb){x{^+VCIDr<1a!u9Yv5BRA1V7SMPezZ)zEo@C-Z@G%vX;QQ
zfcdJ5_=j<-b-d;~?X4+Qx8&?+v~;G*m^xanCPgoCYkb>mj3ktcUp9nF+znBMCOVEY
ziSv^Snp92x6%iiJ_Osq6As!=fd^8nba^WlaQhu?`Cx7ze!MVFTIB}IlMFO=!rljFQ
z5U+DB(y!KS!#h$0rSd_QaISDVHqhaPs{X6Z!^=zy0iPP6T8j0<)da@OY;1+4zCu)m
z!x}e^`^2-3ENxxGft894&MWGJ2CYInb_1OA1Vet*9+<0XncJ+YcIPsVS9d2DbUZ#)
z9Kf<4mGWjI==V^$@vebNF16lJuPuW_e6hdy*IulR3d$wcT3T(HQrv9LS;(opRuFCL
zBh--vHnhlSOhb`^HM@0N!ep!^j~JI9j;^r&kg11I?v_L{7J9GPn`8E}MY*)3GE>Lu
zT>;d7%>h+UF_TQ6u2S~OE;wj&i9y(HYtU9kb#|b9>QP0h%g-7)*Cb#wkxH>7bV5a_
z()(43&#mMq;0LIIFqOk`z21}Jy6klo9sce0e6&oI%u|HCO^Pqy6Uky;BmjpR=ZZrJ
z6B&yzZ)iXvOhzsIKw|(i!uH9yDwWp7$2DqeVItrvaCt-ItNr5ofJf8b+FM5*AChOQ
z`u9<{XxR<Gv(26$b~f|DpjH~-6^E|b<1v~>tMx#1UdHPR`KnelfOPSdtGq@c(OO^s
z^KP*(C`*3E+f6~ZgBtPfaYe`Go`r6oq1qc;jS3Y$417stZDodL#IB0vIa-}?&Iu`<
zOP#)@<=P}i@OcB7WRT9ToORTPL{vkuSBEA|zD|;Fo_?^{q-TkiFvpKkYWL0Ib^#uK
zLl_{a6a6-$s$;`lqB43tw%lOs`06BARP~;nx12&|Z=A&W=%iwaox+{9{u;pl`Nv@O
zB8ov+J%6G73dk4Hm}BOte#H*Wo*Jqm)Fq)V6wQa})2)Bw-!>!!Gf9J$A*va~3aOVf
zW_Hu^(L!tChiT2DbDs{8jcwC;^2PWKOPtT65GFvSAW9?_Owoz+Fj#Mc(nE+QSWT)u
z&QIrSFZN1`1<I>sxN~Z}uh5S&*vgHyJXAs4P|Blb6!sX|K*S-$P7^DX2;ho{>JJbI
z<TXb5JZ;kj?a<!({0$T26$l>R&raQoFCQTUNn?JSrO>T)PO^Q;VUNBm8ni$4$1Y>|
z)kiMvBzq4ZZ&;)i0Y|9H4uzKBJT`q3)#X7YWO2AuQ7gcW-j9L#ty8TYhiLN!*Huw<
zwulPw*<NK&jgD|eR^k03qC+^Z<s3p42el$(#M}R+Dr!pXc3=4BZuz|Fm6UWK4fAf4
zaiXzatPXQioQiR@7KpTh1$fse!3)=gTGDNgBfhwwDs|Jhj{v+NiJcXy#>>j6ups45
z*O&y~Y?!=hjeTR2<>mc+jr81y@5PK#+fqXo<(aZX$xIjEzv5U`k;x^8<6kOGY%n1E
znGu?2iA#Kk=J2E4$ay6RIC$Utuj4K^U!&FW$vDrlPo0spTe%%lB7RCtSye~nTE7!+
zM?bL}EjViUroNU>Pix@`0x7j4UKU=||I(En7!VG`won0iFr9SLB!o+18M8nVMQeoM
zPmt@^3;aa;`=|wG);<Q8#Ix}W;{oC|^9nFA0ynb~$&C-b#Vu4@9k1t0FB_Pl&SHm*
z`;JEm?|c)jR|QL&S^!C=+Rt*;6L*f(LFhX=o{qsURmf!Oat*7|XO{Hv+4WON2uQLs
zRon7Q*+cb3TIwk&9Q4e){NeK#RpLl2wRBntsCm$Gm4#WbgdkQwTx=UR2WyJ7T5+-`
z;dMm?$=`v6+b`{&?_4NY$;LTo{?zPgfLq}0t*0Fzn~@3PQop50)w598==tI-@0e&*
zz_&4;!qo)!>C;E1YYt5vgpAc8P<dTv&2(jZsOqBzrqvlf*i;}Q>Xc{<V)+-M83iWu
zI28XuFkgiqc4@ixO)J!d#!8cu!ov(#?7W-&95If7p`gsFi7$JNa}o3rNoKG@bSSx)
zQ6ar%h&5_KIf#eiVN~>^vQp$Q^no;JSi)D`3Os6k=D5mF&TFH`H}XNTW0w3GBV-!j
z<+NL(+Hp3vFpkq_UE*2guA|B|he2N08Z+AA{*DZOIFMNrh8&e5SS$O0iPtA(9;S}2
zzppGPe;AS%v$=ilf0irG!JxYCKL^rX^$LGNs#32wSmG*0s26<;aM?YaXkd4iIrZlp
z<aGx2AyXt{$=f=J$BkGQ->s#DljWtmC?UV^(cbP%co%JU(eEn9->zYG%%nMME5qu`
zeD2B)iGQxCYb)Y6mFbZ}T3|2O6(^<>vqTCwQM351YjyICime9-?k1G}BOH{KzR3F_
zP#bv;YU7f*C~K2GwvZ4o;&~nO-WfWmz76tNJOd1DpFv1~?@*@BK0;*`5=Xhtw2Nl1
zhs;ZQ?PF=u%9qCY$ZVl9zgT6;3uYp>4_IHOw1?d(<?}7YU}GsebHu14%b>klj3yM@
z6EX^kD$<NsHXN|BgX`%$lL?Z|QiQwHh1cx^haLP`)waJ^CB^3K<Lhtn?n9_49RFJi
zNyovy^2<)%OSxKP3q<BuGNek1K8kw=)FAR?pGm$uy+XqPt<?M6EcT!A-Q(Tm1N=E9
zD5@H65*&_8t$j{7Nuk-%YfYZeyP+>llEeOi)~EG#D?uh48o&(r`P&uz4q~L!^OM=S
zg%f#ZN#<QSA0EI`$JL*C#2<;B=;1!L;cJ*wH$%heNKCfE8B+$P66*!8qe@Pq>Nqg6
zhxCmN{y)J%$dR7(fCXW)yp9&&ONDZEu0h`fvpjY!6J&8X-)sBdPS(x#zVhUxNeUm|
zpPOFZ!M42~@tE)W-2=P%w<cd#I}iBJ?qo+W%a9AHO*A5Z>n0o1($F-mkP<>FEh-ZO
zfcXU*D<`R5PuqCe)3dd8?Z1!$*5_wypR~Fin7_EY32t&c%{|Oc-P@3{Zb&8*-9lhd
zn-{ns<kzMh>Ms;>L=Q?NbfEaaU|Lsh$I3<iPE2Gl3`uzYKAaUrwmiV^ZzOI0GPR~&
zV>YuR%ILhQfS$hHshhBBJ@jCpw^+5f4x=c=7edEw&TKHyAm~XLq6Cl?5UR0nVAuZA
zH-S4R>7jkd&{a)MXxM_VOlM#o6lszS`h}5mRp^xhAsj}RV2Xzg^iYrU8Qp2<+-wrd
z&LQ$GQ2;Z4y4utq;f&MO)5i6iBZ4}@lWI8?EjxUJ&~ICr4EDXjOW-22COJS6KjAo!
zMH8~W36IRmyEA+HUa?rDhwujclyvA#HeqF8{r&bIk|p@_${^Az+X{Or7se`^8-oj(
z%OnZ&#T@cUalK}T+>lt@q^!@-JC3|!c1BSCcB_$4PkR~8rhv9TDyJ%}sh5QBto}a3
zHp=tNHI~|z$pp}U9OF5lVHoP>v^LYfYwq45?E77X4db5FRiE|iqXv@xj0({v|L?{2
zNHh~FE<w-^|K?FAf=`>r0?f&TU0&!NRVfKY$wVODtR30++Rx~sS|M7I1)8`CoZ#MY
zkVvf{4EpM;(9a(Uo3HIp@%<ZZ6=;)MxSydYUa?s#!77H!vkkVK36kPJ8wpO9V*Ex)
zdNld`lDs37bf4J93aUSJ_N>d%ZoKa=2|i?6ZQ#8;QNQRn_JfRsx2w7`%X5G~sool(
z4<41S*9woQ?y%lhQ!4G<&v0K7QU<7ds1hGyn#UDlhE{P&3`A_h%&1WP7VSCewY{(d
z)~<^{el`L%U@^O=nR5jb{Ej>z-F!6Q<|?zZW9~}>@|ny;AhH5(zP+`v@FTMg>t26p
z7)Lq!PB!ccHkRe-$F#!h?4fB{%*p%FPeoP^`B>h5rs>3a{53sm?Y5Hjz2_S%3rWsk
zf`kL_pmy)Oe<}Ep?}<Q5sA)T!-z9|xjB9~fbC<czJEl0J-c<MBs%q)YP9{3URCbL;
zRk9%d9hsR<R498aP%pj_2Hg5)`%MrB%b#gzu7}LnZQogqxVO$`p9b=g6@_n#L+Dl~
zp@g*>gx2K(zf&}BwOP-8UIRDAQ)x|I!NL%yg1ltUZ$qJYCo$_v2ekS2&X?wWEb;86
zhlet_%Z#!kXN>3M02AnvR*>Pi+3(2-$vN}($QA^>xu{z9b7F1T=DKp;N?GAY{u)gb
zS@?M(BIPn}zb$vDw{oDMEuoS}Wrkn>@#}qk##F&;&r;KvPdxl$r+GsLB8^>*>^0nk
zc}P5=&hv}{!tT_rO&0%R4f}iwh<U991o8<VKj)8>X~i-n6o5w`ev8~4B;N}M=dv09
ziR5MV4+i<>Vl2vG9gAcmT#Wpftte73%q&@gE^JDpcC%b`!%(b=H**AyGg5og1SksL
z8>*Y-p?y?_l8^dIEVTNnQ%g#X*5G-Uzon7fOBpM)wbiFeZsn+rNSW3sCb=O=pebt9
z4a<loOy-xUaWpzUcfDW!LoH<=UYS3r73HRgPWv8{p3`+*)rU1~IZDygkPnec&|FhI
zxhAC&2*ly1Q)&EM`#}FrDjyXv1W&<B<YYpwkUrR)n#K_4q>D6JqWrcY$)OJDc~U8z
z5W<8C%a1eL%w40CDR|u!g{LLo=~*tyJnK%0=Qgy0KUyQ)Ohd0aH7{KyfMv7O6OZ-3
zHB)<~y-sE__TYELf%e}e|D?0N0o2B#wWGk06LT*0n~7qJaO)GJM)Z8gt04G-cIOw-
z=t+n$qHEW`^dn_I7B*!czrQ>!9ue|O3jDrR#eK&Z;=+0?NiqhzmhpPMxh*HB<8Nw>
z(6Nbtq+Z-`c>8pn0_=gdz+3<!lk)c$Gsr7gI4b~!ehAt+b6p8Pl1I=p8=bRe5s+PE
zLCs_BfGLg!#W9{gK#;neN-=m<Gg(>w(KIg1Hk`3Gv;mz!u35+YxL+|`S&;`ECW@>W
zXQ#<OTFHRMXa#e1al3&}f()f`w3l9r$5vRT&4zD4S~6-t_}iuP`N6rLv4gdTaGpXq
zKXmM1Jt~2062|XhffyS?O+2m3&A4ade=TlJe?-MslZ=sLs=sf9y%%fKbmSva-20Yx
zUBF(C%tAzba+M%L<l^la4CeaHitljfMpJ%txepu<&+N|3{-(PjFYi%GP?HzE+^5Fi
zg56PYGmXR5a?>t6l%=QK0D(onSzBoKOyu9gQLVRZ8Fj`K`m&05_ZFGx&!S^=Vvrpz
zHJtu^0Tobhyb2b98zbSkUZdZle=&fQav!)~Wp0;&!;N>c4WRGoo#j{_YVWM{g#Y^E
zw99sd+e2r+nw_h5yG!h32$uyeW7X@c_3u^;+#so)$x}S6C|f+jyQ*Vbzj>SiJ=;B6
z8Zuw_B-mb#tM)tVRkZ#p$Dr8FZwtkAGTqTDScFbuEx|;<Kr>D#)~k@2JCoe@&+Gx#
z^Hhi4?`)hWPP9Q+t|tI3k4p@$Yd>^{qi$0OwOF_>4b1mny9cece(vwS3t{>@@DEBv
zmeo1=h5%v1<l-VLSL%7iHG^{hO_h0|_#+3&Fhn^qwP>cXN=BbL(vaR6nj5SK?Ulgj
zFsKL7z~Zu@%kAXNA)4Ls@?ki&)}x#xw2hpLDCe4^x7d<hZ12Ttf&fMmdNS(a?s=Gx
zL?s0ehS1&VpeN9CL)y^Zt#Uq)cE$LG0P|jFA$6q{u6}_#aGm()VSptkk#K!in{$T8
z4c_v8mTl$cffHwhuCqf*8#hNr&H!8UDxD+Zkl*X6`yJhu0X%1Y6b~Wa8TOswa##P<
z=SA+XDJS}bUWVn*)1$7aUxXEm^?Q&m*&+C3oHa_2>pYk>I8z-3n-zhVEft5~?*}rO
z&BGMAOQK?V-0oDRI$o;B+aGEfRE!nmX3*&UR$Z<w>uA~v?6D-4PB`;d4~=VAd5WQ=
zMpy}7n``JQkOwX)mRAEV@?!6Mp$-1_&-|)D`h`oNg@CSf!>tfb7FtbRTi>{xZM8#W
zQPR-H!-4C%4iTje*gTpHj;Rf*8u4|hs#J!c4IogLvx|e<HnU8ey9*mJ)7=rfILgw;
z+td-6=>KTRxIA+XQ!&Ab+Xckg+i($qcaLS_K2r$nUEpTCYPFmoogfE)6u0xHl9|xh
zrPf#k0Q+Q1OXYo{Xcwxw_f$HZ6niWcghl5;8yt)cG~D){Ij*5#+i10Hp3g_e%ulCL
zPqms$2h*^Um&VM0+gs9VO@H;5nw6GRv7KKpF?O`9D@0H4_fft9vD~j+9%_DJOUd~!
z%OL#0GNFzBDWhB~ZAMx3LT?A#wjLWGykDOORCT`6ot*R#v>87BxH&bisT9%Bb4jJ(
zx{4h<t+LS=9A%4gmh5ByuEfQ*!}`=W;Cstne)2yMZ*KJ?TnxU-S5Xa={gQY)D6%i_
z$mt`azHASG6$yhHqq-lX_#OtX3`vgu(a^8TP)ke5^5TB)qR~nFDJj7FPChJyy@+LV
zr>_BD!@4c+sm@%yeAE=e(E<}a44c)VwmzTDRZmG#4EtxFXa+Z#zuZwXM@DB|I>iXM
z9Z=1dGw?qkn*9&N1T!LN#@nyK8-dH%k9wQj)#1w`@bKJBb-id-4m3#hBTKo(;~r(B
zwyT5jb*SQUa>n&wd}v$v%YZFnDvFl}J4BoNc=^O<51N#$v8l+GskzDK-#{V%;=vW(
zj_bARqcJ4G(w1}|6!}ix)GH|NDy)h2>>=$J{(<rF!pi1y&W^V<ii)=K8?Np?Av-X3
zFP;W_glR)ybfRjd;k&Ya?%GxB9_T}(<>`^6w?Yij(|RXz`9|=3g8TLB)L(V4HVDAn
z0$dhL$rv1<W~VUJq@$=;GMId+w)(gzw&M?qL|tsd&^U+{5E;)LJi+A}r-^{@u+;|x
z*-Rcrw$6|e84d>TkLbUAc7u{;ydn+Q<OxFavYoEnr9Z+<QujUQmZ&$k4aXnFN(ClM
zVo8xa%wMvl-yQ}y_-?n(wxY}5PuGiHW!^KV!lZ0jQTLUx{VXsxLvZLEsPu6lc~afO
z%tlXDq@g7!-R@RwrOFa!We`R90JMK^ua7&9GJqEzv4Tcy{%gseahr>}gTzQN)r2|t
zM8&t^1nQ&bP0AAEUS||TLr-(82vWOH2=;(_*2?0}w+;LBs~YLcmi7+f)0ApQZ%A#H
ztEN)zZ8WLT6a=H1APD=3Cjzael}}nao@Un8x{AM=C_<DscEs%NO+MEtPi|RjDZW>{
zX@^;T$X|Nol@2Bf<(my|+-QfIy~_S2_%FyNfWcde*bBcLT_=MGuS{m@9}8U_|2l3H
zBK}Ym89ne}*LJl%DT0s5SV}996_dI2TbFP!m0g~G&xx){XWIOc79LSVA@%eb&VXSl
z+i~pjR@HD2lB1agk1N;vwT}P+0IN$T6EWt9I?axL#5@9j%^)!uLoY7mPrQ7N2334*
z;YmaoT9aI4)pTJWn;yxhP}!De_z|F$YkYCpJ)0r@<ry#nV;`ocdb_h(xjrM{ms*YR
z%9X=32$zzLmix5;Rp~$VzA6wvnEWcdRp6u(`YMr#D+ZJ%342gr+&xY<I0Z_xj9Dv=
zXXmn?Ac-+IDG=L-x9zkxbfG<e|ENHeSD@qMYH=69P<O^-&qy0UI-`a<96<N;;Y;0<
z2^Zd*GBfS4o5JDXZCCF2V(%C3bIG_+VMTpnvhgM*75x$EbdRIP2|PfXTv?U3u$S77
zr=4(W5puF{Z(JXWayJU7F;dd)pq8jS&)J<3)fL+QBLMf%Mu+C%jijYz<8Q-ar*hzj
z%2yGoh(0abghtqVGx*y=?v<&>f{aAshm$f&LBZx_kv>%mh}&D-YR?H&DXR`gl&pg#
zUkr1%LVqPLqXksPU2DW+^ZG~iARp5@zk>NS(u(3tDyVq>=TaH{m?QaXHS>*aqh1$$
zv?&E!iT#8%M+3J7h`Hft@swp6ZCVh%hWtGdMVgutw&Zf-mk~C{gtISQYN|so%_Jcb
zZdDbzLt?Sj!?0!Z*Rv8oK@S7}s#fFz*3J*+_I>t10TPoo1$}<IaT1YWJ10w*Ub=Fr
z-?UVcKS5gCLutrGgOaJT{>{tpGkaKAM2Up7oSnP>TR8U7_5yIg^KPo<LCI6E(OZsA
z)}eSt#jb3cl<^ZJ9Dl9z;N?;te)srP7T)$lFW`%bG`DbQp?!;#(4(VTp5FVgC1&OX
z1xKuc6GPDwH3}0%(yL1uQhk3<^ijm#aUHu>tdaoo%@elO>0xkZ{o4({;N^|tYO?m^
z=@a7;R6&R0{fPGOzbh|sgL3h;!jM420*ijQTNF+$EMy@$#rkt~Ls{55d%ilcT!e_5
zx*at_Eqq~;RSfv@wTj_jzW>B>cNhyEZvMI9;5aF(?#WgbZ^KfSCz|;-iIk<&6J{od
z9y3$y?!k5mfw@isQP9WTy4PiE!4`a<Tb8J!C^s!3Moq+L<}t)--9x)hIUtT*dum*L
z=SJ~vD86Z9xkq$<Gh%VJ0uEPGzLqB04DJBMcDz71m$86SZRnl#^=>WJ%2}i?p+5fL
z->9;U5`hhyvZtf*hbZIkAnCF(NhwRo?hZe4eK9^i1a&=?DcCA|&aX|r61<GWm{LbY
zTArE${P|q%HBqsTGbqo<^hh5Q^*wvZ+mTanY&XRbq3*xt&bw4}ISzWmb3aPT)D9`2
z2r*2Wk+Cv~rYrHXo~_6wN`uOza#kP&-!0D%?QXqc8@leZjjX0vQ$*+i*_v|7Fn<56
zI1R)q<L(YhSd}TUsa-ZpFWQt<=D|EW>h;gf?+-u?PH=QToqqyaNLR4D{gn7TQL>ou
zD0zL)`A=@-MugBGsX<M13ELQTs;QQjKR9p|yTZNhCe2m&cqlKEo~=zD@hFN7zc>~v
zDW}cx6|p0or8tKD9AlG8q<>)-O}LEY@IJWqh(-Uw<Zs=B^-(86=W^i8pU?2TjN>xm
zdkMCI$$dOpx%M=b?k<JXUFbu(P-XPDp<GmwOKz`gO+)8>JPw)o_1*<HIbs%ToIo2-
zZ3@p$PaW<cV|dII#uoUmS;y@T(fzBCtE=W_?XolO>M}<^UlY{ExGMCzOEmF(cmJuB
zsqFv9d22qd5<vvCqkMa7HivEx6A4~;n;Uo!tGXuAEqwE*EVgl+IWY>JD_uSEv&l<V
z80LB_$!G+Ags(($c`pZU8VZh-1JC@Ts(3;iE*+oW=+C6KpYUo0*cws0WJ)5HvA0l{
zwPf*LF#;3T=S6R$>@QQ;r0IM6TWg<Dh)#TKQ~iIae;)MHy|%ai;i3&K$fW+exC&7@
z3k&$uQsw%WZL(2BA<{&#gv#>25po_th@06Xd67Jms3O0T81-#<NH|}hvD%FkWN@~J
zp-L$y)l$Af5`!MPxvNe_0`E7{-`%1?dY)(c7h~3=HU@j4txA=6JKSLN`*jVhGPM1L
zMi3w=zKLo?48K!N*35(>@!CZ6Jt{Kt!?2FYGzti`b}YiaUFv!1wp-r=t;(=kX+;>D
zF~3cToAcKp1eB!`;Yk-t{Omxr|F2m1{Oco4Mv7323>7CRft<#BR>!gqaQt<Ee(pvD
zPQ4sQXFbpH8M<Am$NC$PK2QXm1gSi+TU7qR=NsqUO`^RTXC{?m6yzWpXng$_kyx0>
z!imdplDTDS7A;^<UM(Wt6g7Vc$nnU3PD8g(zt&WvRH##`*m|M+K032j-Ol5d4taUN
zfx!%<qd0$rk4NdX)XRMD_aKE-9Z{OtXuthET%~$-$`Y&BvU|J;zv#una?&LAtwz9F
zRHhl5=q=*!;|T&Zqjts9aHe+64Yn9zS(l$LHLmWa>*6DhCqzcmz{W>ICc6Bq^KDH>
zP*?f%hbM{lt!N3D`y8gS<r%GA^{NH>b#x@1V-EXj`Aes9;HdZCj!QR~U+Dx|^>!?T
zZ1X%@Bv#PHBbOX13ho~vrWPFeTEHTthw<)D&u~Q9P==(aX7EKd?Rg+x*q<Zm?W?^Z
z(AR1or`UFHC|d;H1pi6Ee=q=Z3v{8Mhr7&&gE`3(nzc06W&U!9gX{E2^Xo;<rkyZR
z#n8-oC)Zbh+sw+s%wfB{U$*7xQ$M8oorjM<dG4I>AZ6Zq6kcG5<o|Bk7qI-91wqQt
zPKE>nB2E7Ct?hi7UgYxrih^OP*wvx5yF^@WvR(+_)d%XN(v%ELxldtO9LlB?&}bq#
z!GRU0_t%=FM_g{CueJY6o9J}L{ewB`b#N71u_rbn<Y{mX_1C-9okgkI?Gwh~b&T1H
zt}bI5SHGe*U6qH|jPd_wffES%YK>#ddOQ1WaCdq6cV2v^Gr|G&7I=*d*{>HJ;#-28
zwZ|?G97fZt&kI=WIs6nklS?6X4eJUSj{xjPPi#e@dsJF^Y51ard3tki>3_@!FXmuw
z1JYYMR#sC#7-ZBrEamD>Ka9X;q_vlE=??F)Z|6M_D(y-*B~edL%>hd1=4R+5PCM-j
zWgM-VXUyJI29|(TFV1nM`%Qr-=YQ#-hHyZ>Wk`?%H^g4=f{SBh@FoP$Iq%Hka4+Qd
zNQ^g;Yz|+#qGaJLK-f}q)NqYMpmj!l4$r!HzTahiV3TvY^B+-f1m+g%0wRo_*1daz
ztxDGcv*oz+;UxsmXzbbU*lX~*gb>8nnla~mVQ`A26Luuxwd#obN_2cNTTd;_;x)Jx
z^{<5b18E=YLW-r%4it~I#dB|TybC4a*S@)Q+fVl*H0Dncp0~fuDg1dw_RMW}4rdQ~
z%Bq)gdasWfcIqN-xlVC_^{9Rk^QVn--3Tn)<g50*VYOO-DLP>LK@PkJZRTzYR=bla
zE&C1}djM}MRG{;!iu;ab8GiG^cBeMn1jqGUt6G~g*{3QnB1AvpY<K-%A@gp1{^O&r
z?|9wo_?d-V0<k(xHPv$TF2(j*7*-dGAM7^>W?nLoXkG{cjW?!7)}|&gQG%wTNDYVt
z4G0|$z#eGha^oiGS^Wx;y5<u1yStI|P92pxr73Ym*?Ff+K`Q$$dkx3A*FL8)M=CEU
zB&}1cbRc<aHhE!t{m?iw$4`knndO!SB7$Hn8BjRx;5((-v7+>_%rIK@2FZd;s={1i
zFn|vN0w{kbEEv*9qo&QQ$Qek#V<zS^Z!ElqtoFS!@li1oJkT;rO6I*)%rt}Df~8qA
zWk>1K<kOk<=;A+y@<P;x@pePd*4dcJ!mE>)jx#lznUPV@5HtsdOZY~MGX2V5qIq)L
zevR+9_V6aV(oxBl@GO?+JF8_r?ROoj`g0D5U-d|$-!}6okZec@KRvk$xs84aBjPeq
zUvBC-n^&7uDoz7#6^8jCNlmrigjI;(m7I+36GvA(K`@MEj*aV@--3z#Z!r)c1d(iD
zNa8M!n>v9dTCtuU3!+&+2co<banhqQuVesrsZqlX_%rb)IK-jJZl9<(aU|-cRO=Nu
z!DHklq0OjFMX?F+|3nLp5dN?D7#-G8Ep=G-bQG6i?4M@E3Ebp%FEWWrC?r^#Ulhg7
zYwQ&I%(HLi3?D5deJVd@OyQV+P&!`lP(;8YOKwp+TsxQEwnKuWO!j~R`EzDb2v9dy
zSN4y#atJW}9E~&KyZIN@R9Z?jN`b|_6Ggs&6=eBOpJ=(n1o;%2jruqhQ(4j?40L2w
zF_;Pp1(-2-VM|mWlanLggC0WCYJ-8G-<~Z=dzs22C3|-8nzG~ZAdhGOY;pp=f8$p0
zd*-tTcj2kzS9>Kw^wygyWW}^1sA8G$JZ+^*%VKn6*~8wJ7DdC#X(moL+?4Z(9e>gK
zy>L{KI061^Fv(4zN3Hw-zRe8OA{oIg@^=gNu-!v;$16J_h!1psAd9yZ@&E$^!{(!n
zW^r+d^Aff6M8${qy5OL{o)zfH!Y0dlCb4)ZoMC2j7S6r670uNA%amNsFog50#7nCz
zv3%H6wKLXMNYgqvLOw@>V>PR<h8mSM5HpF_L5+ZTFxLJRQbt(aF3R2if85IZ(NURK
zV#RbTW}94oYQw$&KeJ`gH2s^HDcLcQj#O(?P7o!{p`A;*(3h?d{?-huZll1oC^WS}
zh+7dGk{%)GGp$6f2(%V+3H^@vmd$pN7B7mxB2mcS=yJl3Wa|!1v*C6Ao_V+@tG~^?
zh`D9%(T<bYn@$9sGfcSZeloa)Bd>~wg;fvwV^>C6WN;kaP~sm3<ORcAj32ic@;%}E
zj9nxDosxqnb|Hi&@g&0*H2*@6ywq3_hmulda&t=^K@ch9@=G-6pNQ;)1Va*aF`aC*
zYtt^%S{E#$3Y~|{OYpM~^vTOqQz0C=pFq+&nwg*;L@)npc+%j{MBMz>CS?6ZLL}{O
z?0R$qTLA5)M&XMn;15JE8K1Sw=DuCE+bt#0Auotm;D5AZ4xe!F&}bi#@$SMm9uog&
z)uMl#0ZA3kSr^4p!#=d%TNO5AXKIhQ;~?b2Pmso?LF0p1mZKC+UKW?sRJ%vqm=v1p
z98RH#@(A&v3+vHJR!INcHm8F4Rg$15WDyQyBC2k9vtRDJ$F&rLsd-RUxcU-fp2Pcp
z(ie*~IE`s>HIs&SntO=jsPC7`FgqBYs*mPu7yT$bp7RoDkHW&#a_tG)W2Ve*#tpW}
z%R(|&0VTBSc#`$yr&i4J#h5Q<oiJTd-p{^P90;2za#ySzSI^k2+4Rnt5Gt5Q5Q)o@
zTRTc_rsYsMB+Du-jhUKPY^K1Vl)mwtYi~wtOWJqkPvg|Aq{^a5A0C+4&n5Ew)H;OW
zP(Gj1_U>Rh!u;oEMF71diB#zhZM(bclD`zw#CU0m{~r2L*Qv}Yx2p>yqKJjZVN8Q7
zG|ggAV|hep!u;BO@fh<ZL(`h<Q<(Z-e=&x}*NlA&1-j%#>gAq{Vu5{jtO;_dER58z
z1C4v)Hx3BXg-E5$O$vcl{c`t-c~x(ac-IhSc@B<JhSpX`21M0JpT!*tWl&2eF64+T
z9l7oJcFS0<apOoQQp^FW$0T&+{0OJ*xz#@<)DuV43y-75R;uoD##81Mmwp%n%d%F&
zwu<zU47UoPNU&~)#;6#aN1474Onv{^C&$+(f0!~56=UQ{_&oPY;mcuYdDJf&8^c}Z
zZwD;E2n=><teJ-`#b)}<T%<WDRaXi2H%@{D@Us93VcjLU*7RtLrwd6uph>tiN5kne
z$CAEb<I~~}%no@cO#&;iybPe+@;XT*-)XjTFI(9i#KtibSd?*Epp;0hw$qXHjuuc1
z@>S$Z?ypk^K98NV&dASUp$?#YiF&=@`cdKZO<|xMECUIfKpuvIuW)+L8^v3k*PraD
zo1LCji}C#DF3XJ03PJ_t46OEYuIo{v5|Qni<=()kG+C&4*u4o~hwECV;egipFKPs|
z%p+VyqdxII`FTYMdx%ge;+0tZI(IXdbU|N~QgIIkEf;x52=t%&yQNRXZfeiPxC7fI
z*xv_23dBRvnUnVwumB7B^`DxOcWnXwi4;80dgI)+Q}mQS#T+A4Neq|djd-pTPfe<!
z(Piy_>Nd&Cp+SY3ew``G*Ph>B1Xp3S!=;dCz)A;EWPtpTn*ZDINWXabA!)&Lxyiv>
zt^>1cMZDR_zbH)L&Mq`n>nrl}I^Ix_f$+K-;s*MMyMCv#h`rDyEiW&5FLUp9Rs-$j
z&;z?&OA0#h$pDpv#80pHMIu)UTB?)w=SeDfk_o1jPc77lv(b^=4^Q~6k#ExlRQx#H
zhhP$V_HG3MDb4wI(CC6d?$l(C2})SKsIRGzX4kX)*FP7SdX;Z;Rk9`_DddnL#RZF)
z6o-$R+v@ub4CPD5?#}^)$=RVT6zNOZJ(qUawCWGd;t46_tqN&`_c2m~(&UCvv~?Aw
zQLRSxwDJXHj18hz$qbi8EbydeZzWe2Cf>l0cBfx5P{q$KG@W1_%Tch$5B#H3+Y1Xi
zGXG^TVf;-%0$<fnDT#n3j_+j0iAA6fx=VSpmAS6v%uS4laT)@$(*$<k)r1P=VH3y{
zzCR{qpoq^=!wxZ3<phYI4rBJ}$QF{x>8p)>XHB_APAsoRN_(k3ut|!oo0K-sqWCR7
zK@pf_GRvbhRi=m6fg(++f#JwPb)cY@FGh(Z7o3leY+A`J3|2&b(`{5mb{rd0Nadka
zz9|?U%H=4zDMVmANjh0=QS9!4;sC4-4`5?d`d8o*McQ<i<Pi9CS^*c;<13L{9>U2Y
zh_y>6RIU~HtC})%RR`t|c7ED^n)`uKFO%k>IsT^r@Ig3$0Yl1?IfF@^P{BdY`xUog
zChnjrkV6d~OLl8!+C<#`=Xvj71v>5Rcy`B=Q>UCwxrohRSyUDwkZWAK6W#Q;9GgQ#
z*aUJ|*(qZ~ByI%@w3Z>tRl(HsX9YzA{{Ey9>EMQ2%QlZZxGv}uddvpk%Xpc^jwqhQ
z_f1pqs@_<(e>gSJN2L|1fSSWlteY~<aky9_?@wWziH!8|7f3A4VyZun|Bn%=7@*%<
z$6=g@6#r5XKEMKi3A#9T3nx%O|D^>XfEow*Q0K1Y3{bzobur3A{O4-~(6nDZT1rX*
zPfu?09*zM}5;%X0{trCa<U<^=v$GeLl=uy7v&$Psdi>|*Bss)^RRh*9-i_P@B<GMN
z3F800`~}wA)c#plLg{a~0KEGo_}wM;4IQ&u|1OsIWBnWm^#*_I$Gi|9`2Kk0{48<$
z&vd`wh(1RCzfP9fko!~~iPyyES|=-!D7IoB>N5u2t~bKgKtWuG2>J&QzgUoEtwE}n
zPsj3SzHc%YS&?3a<65xD1>=K_D}p}J>vXA|YLunVO8g0(npmdwdOH~vmBrl|8e|2*
z=TJJQ*+C=ZIEa5R@<A*~FbYaa{bH+7KtlPkEG;npL&^I~_4)(<sk~BBW0!t2Cv~DO
z;C_4$uWvI%qzV7|V)79Jz@L>!L0yBX-%S+t-#1Plcw8En{rR`r@rU{-`N11~0I~0o
z|F8ys=IO_?y0om^|NQw^B1F(d2xN>P(*Gd;-^aYmkU<w_oC0Ee|4<JBl>US9QISc4
ziT+*nuX^MUHgyV!{(F!9F<S3Cem5nFB$C*F##)ko5cL#>82sb?-|Oxb<OL{8CK5&e
zwQc?wyCnVbY#Bow>OXi33ig4hNTd@Z`p?+fG@rFQBBH;hJD>t%!2?#cX*7qsG~Bzg
zf7EsPs-9}0sEArzQljpWv0~!}nv|3zDkjG6nX9A~XDvh7HDvieI**HPY`;pkHqHEM
zKNL1D^=g@QHE#-d7S2}eE~%|WAtok1B|%!s>xN7(M5^}p_do4d04V$NeERw0kJa#I
zBPK3T1_chx6RA~=FI{=OzTU9JaZyr2_XNP2%VXMI+k%?Um9l$H!nuDC2&9;Z{15Qi
z5+KRc6Lf?6D6K59zs64E+M0(s$%v*NFXL1hd`$Z{Q~aU>sd5>L`RfTaAun{8ii%o5
zX`8-;doAncLmn+!#Y0tW>^}oOxJV6D?~;QWw~6e}X-JWS{N$&Hf}NHa`56Q9E0#mY
zmfI$0s;3IH(N^eJq6_5&U5L#_M4SFM2c$SJq<<rvB{)}M1x?SJCn~Qr$W^t54JR8u
za;bonB6YYD=VXoyN$RMwIV`d_J6yt-PsR+@&H0^E$xKKOxIi>p%ZPr*GEQI5!0=6#
zI#!RqGoPraKt8UY-KVo`UYywGA5GPlu6IQ#F#XJ*o%rsZ26J+vQ8s~cxx{#XV6?M|
zAAgNotFEQe{Br%GlT}Oj;G?&FXi5luZ6H>C@kHfYkD|+!_Uc6&&zK0_mAO<wUYwVY
z@w>v88w~$rYphUQ(mKCiviL!=gFbr>onF(ocidA>Day|fv{21H=xdG>TM05$ojg2?
zIB4yMT(b9hc>0foF>;gCO^$kvd7^|{(@3wDq)tbmweTa`kHHc1wrJIVso=&Tyml-n
zpN+C?4r!})u3r~a=P8zzC?&MRPoa4_DI<6y6k`#yl=AJ$SJAHAZ8qYpH|EYy0s8&-
z7cawcDnpi+&@$T*OMwfa9N3)m6ssV&rehI-aAffY1b-4MSOR}dKz-ON3dVT)(`eg+
z{fq4?+>W6$A744<G>kkQ%y8E9{l&a?TS!DbHZObir1_-5=<}RZBG8jitN9#$Vfr0P
zvdsX~Xa~2ay)N`}|9$OORKyz0J|(U0ZudmhYD)O-ae?kjtNUf=%?Vj+(E)QcYq44V
zMp#MtfXuVDp9pSZ@Yeq|b=P50ecQvp>1IGd7=$4NlpaR9yAc!wk(BOE=^h$E=@tp8
zp}RYzq?=*r9J=A<-ut`v{hq(iUeB}tIr}_oefC<^zs;k;AMQ%IeKGDCwVDdif?zi+
z`F~RVpDj&%leVJcm`!!Ov=x^XykpJmJko!}IkI2lge-6h_yEhi&m?qL^&{$*%Ve+N
zH8_){y`9l++anCh&09oQC)>(ric8Uiu-2GQk6S(^(X)SEFW+P9>QrN=t#}Z^{K_e?
z>38&wbL|n5L(1J-;!`yu?D`*wWSjOQkXGa+@rD2TQmigAW(&5|yPYYIaazFta*Z3$
zpC_N(49&K6MZX*Q=vGekz$HwDcSm3^()uhjvkT(8%3r@1oAdJqDC*%$7;!Wr)6vhy
zcI&{!yJ13CRfcz)=#6E&rhJyiFaJ_In3{5FY{`eybd!N##F>w!EoQw$lnKZO;$oc`
zR}~5)^1CHz{=xU6DnGglGpKUD4zf`AN}0}xdD0_+`+bo3j-YpQJ|*7PrIfFI#8}ws
zxC<x+6Vps3lez~8VZ{6$LY-ZPcFwqPyzaHY>3yfauhRfrK%Zku^?tGWf#BAiz1P{E
zy{o^ugTK}ab=poecx;;$0tOS%wjD{>+-%8GAurp@zsdlQU_r1oVlvS>Qgn`@0O)Ao
z&PQ-3t9~il&VPP+#J3oTKTxLvp4f{n@BWMCiypfYzQ&)F0YEyph8L8_aGjxNS85PX
zfhM{M^%(kF#fqELkNYjoY@x#~WLy`mp$Wy0;cZ82KH3nD7Pu1A2=^*bfZ!{u7j3Ml
zzB8E88Lw}j)a3o-y9P(ve9f|sp%*V^HBT|8eOB|5fl(DzOv{4m2n-(_4VqO4Bl{>t
zH~Mo@uIGz$bMo$q;xM7mqDIBZ$^E|FSh23SoO5J_2-k_M(c(VX*h(9Bcly)noWX(Y
zMh=P_jJfBT(B~CzF0-?UYQNzH52Gm-8|Pp21xkJ{m!Cci9dxin)Zq6P{2Xxz9R8}Q
z(=<uXKn5E*lZkKqcVg&yoOtdCxBFs3|Gg1t@RC}>Rhz|}56h5>Rpzrc4@+HH7d)t1
z|F<V_&O61CjC%u+2zjnv&;m7W^TV_+p$UjQY{f)0N(-L#Lw74F-Bf!ds=6FDjM@uv
zx1Buj6JZOngxX|SZoF_)#H_y4TeZK%U+}+Cz6r_v1>99a_WUJ6b~I%f9hBi=xPb4@
zr{piGWTI)1X3^66ZKzDU61(~!ZB4#)E8hCz%b(p7*k$P*K$~!m*D#I05j$*st?1Ye
z>$%Up?P}xjLuB;eZpCQnlyt`-NjHfY+*BMB-{u*E8RjWUbC!dx1G7U1SqLQ(=MH$^
zf6k$6GRFZteAt%f8?SdZY_YQ9@$eS6Dhe=`<8j%c4vbV)?X1RJ5^FwxIcUvovXPGd
z2eBL$pG_P_kNOZDx%WPoCG|!JRuS~6OFrehL&vPE*4Yk6M4|6K+FKMTi6@Mr9-ejz
zvGo>P=RRzS^1O=XkRRHOW^2R0h;aIN(?lPwPHM~I=!Zh*M;xFIP{&*?hDpc_piU<E
z1)KXG<4v#Y2T-;O6V<64=CLd`TUaw1X`I(SwIqNZ22b<Q1QoCJCK673TX=(=BBHmc
zM)fpqL-iVB;d+EP^3xA$PgXjvfo^?ib|#9k@kXt??*>36DoR+)?BH&;C>G9Lrp0Dn
zli8v4KSEh0+snF^ZH3K7Gou8arpeOO_{uXprK7vCJTDv{EUzdkIMPG1a3}0D<3Tdy
z7mY|HUp#VI5HwW~<*^C2kfZW|tJ>Wi&L~`2I6iNE;Nfe{24?FEG<88hNB3RPG>=TU
zl+#U)dprtSRV$%4(nT6IG0`;jj*oncv+r{HX>^`H9jq37XwL$Eb;~!`hU%wea8CT8
z;(I}HE-~5sfK@BVk1<!pcTy)7vcY;`v>@>!@58doxbKD^%Xppx;IPq(I6mtu9ykGs
zP49=B_Vd>-f+^_Ghv}=<Pz3sH%L%iv;Js7SqdpFo-!U86-6ml1?eDFDuRMzrg#@L-
zG@5U0txLXpR9CX~O(=wv#rA2qha!&+9>`&>b<|C-ET?HiA~wYC!E7R$F;C~<7|j2{
zF@?^9mH)S4&nv()>{&6bBGy+wCR^g1W$TOxR6fV9b}(wyZ+Pg0HeO1O(%TzvrPgS*
zN(rSjH5y!_)i&4-*Xb;1BhK9W^gKX|mVLG<6v@d60da8$MP6#i{d``N7Z22#t*_Y|
zt-8{P%vR^)`i3kLG<@`L>nVra>&lwFsVBJ%vG%HDWFmP^K433<yvB`vtiy*IwY(9`
z{3JC+Mt;~LLNVkv&(B<c{bj1J#Q153!S%z)$^A%3kS}3C28Zy~xe42ivfMl8%UXD2
z>J@3n)4g56t7&aYH+EM<W>b852-!sc^N<1#>5!NZ@N2l3@2(`S%<GE=WEV94_(Bn+
zQP8SXh7(W~>Hi@Zw~C{EQAh4nDTAQN2k-FaUQb^CTuGSM?`^(vO5gzbl7B;NbD&;_
zDsp`|*3eqt?<~`ma5EYd@R=O@_*Ta^lJTi|mut(n<EI<N7ZQt)3HAuNBZqe|5=l%q
zw&g%Vnu67Mna9rfH?XcB%M|jW#ZVTNr=}JFn-~U{wmZJ7fhCR~ZRebJ49-3GfqQKc
z_Ae*m(wuq94(kZA9`4O_dry;=t~oPj4T1wC(gbdgCsQ`RoTU$q#gbKG)~UXo__*Wy
zI7LOea{Pi6sD!Lbqu(kR?d@L3>WXjK2tPM|oJ_F3P&78St>WV*?@(1g);GtQx$hj^
zX{T~3t~A^$5F`^Dk(qAQgIb3=01I7H^BYQZ9G2R{D0kz0>7ZjV^A(;Apkg;*{mCJU
zQ?jDApBP>fqsL{&%T?ugVm$tf%(=i+KIsh@R+qKZfE{5CsiC7mU1-<wR3A4La~<6m
zzAvN4h#Q^2{sWMpb-p=Yxz$kyaSs{P=~8{)tAXZ0!y{GM60;1>c>$+4u{Pef5i4ut
z2rKj9C-qBRSdS+TBS$@-8LxiT!z$s<;S_0($bnLABc^jsXFz&u@Ix^Qt~OzeuNphs
zWsV7FYsC)t_r{#L&Ah_#+0M8TC9N*M+zoFs9<l7}0{V9{Vz?I^()q;j#VFwI-%LPu
zP53h8%P~4wdQnPJdT~ohRg9$u@n)d-aobggs3B%awMXyrJv{6xs%eQeUv15z3#OdR
zX_6q0MnZQ&!6>POxC)G=9tGmAZ)rWB3&~f4CfDBT%JLB{ZAdD9y7*bc%*2M1<Hbi<
zHp$Wdp6Z+c@WLSKw#``TNOW#{Ei?G{Qx<k6`R$}E-m;H8nAGHt<O~NU@NF6w!_-$E
z_^TGN2>$TO1=kNdHFBmxOvCl~;El7~b0Wh<Oi_ZP7m`jbgfb!-4lR4_@iSD(AJ%15
zT4ESs{1tA+gb8<^rdybtTh!p2%D;jnT5av&FYeA;WBU$GzRVU9Td{GqKLZtOZeMwb
zah_{~WnT*Fd-VpC?gu}m0!KSgl`|22#91J4v$51AgOFPSP@aOcyIRS6wUUzn%Slf5
zV(4lYz4nk!6gUAsPiCc0Yb@^#<$*OJkJUiCb#aGyMu&AGz+^MpaI%Q#EdC0IoESB(
z7Fv$ST5_pB_lU<U>jSNa851@p)4pA<_xuB~;aqo2KeM#6mHY7hT#d|YDjkA3EfoE)
zZ{rl`uHXocA1bGY)3YciOD}6nUA_#P5u%r!8j%*b%uc~Lwc`|(_W7krppl(s@LOJj
z?IMJ_Cw=0$)n6ZZlw5O9NQ|FE(R3s7?3Iu~QwL=e2E@f1Mg4|y_O23L=##a_P11mt
za}LpWr|W`4{}{d*t-;y$S?grk8H8)Za`D`5J9ZX-xs?}xE4@Ilr9o+*h3^pn=JaLa
zId<aVMp*Mw3~E<l_aFhoB@Ufb0nk9vmu8pW=ryoA{k8>|YSTrw*<v0`IKV5ESTVvv
zkc#NI?vYr}lM6Sj(fN%y*vgod?@&7!ci6`1!G8rvZoYUJQYpC=zKe1lCR+Uq`#K(5
zH+LQ7bMq6Qb!L`=MqUx$u)i85#%_WWuH;L){(;KVW>$6YU~P(5*W*K&X<n{;2%#La
zNApr3&_SPghgA!T{t}Pl;>#eC_GITzoplSkecSHp4HpX#$dz?>L&3CS*XOD2<MnH{
z!a^j3W5|HB3mR^W*8l31$6oOG8gKPdOtF{N*FE3)!gI$>bW5kxhKD`)v~9Ns7*RZU
zF38KqaOsNW``u1%9EoDnN1!ZEl!H%k`1zo{ZP`hhEr(9mBMH0f8r$I#OQ`llC~2eC
zcp#K>0hQd7^Q$y5W+F-DXS-`T9BwK9(WCIryp*e9z1s0`At9PvwjN_#YCiKf7r3J~
z>oehg`%WLYLv=`Y&a?O#oixL1U4C6s1g7|usPChD0(#!tY4TUx3930e)gKon)V-*n
z7u8sr2db2)Qj%D^G<{b=_E=fFEDQgk3^_eXZA5WsfH}NZ=E1gMz6L`6M(jztt3++<
zTYz-36yz!X5`K*q`lx?MmXZ15p6xEG4QWL{7p|FtE1IraJeW$eJNsCQa?!Tm+bQ!>
zar<r^Z_dFYiO|$I@anLiHm20gaPEyDFYA;{zbM|m=S5z=OlY9_&~wm`Xr-~a9WnjR
zOx3Q;8&P99y<QJGx5QlyHT{U1%pe<&^BKTdhF!ZXzOLa4ZD90}+n_OJE!fF$KnURN
zIV=8hqIhAWor@%}-rR`zVnc=PYY=D!6`kVjx@2y(+qv1T&)>n^?DZZ3InPV!R%s5)
zO@|rwHN_g+B<xdhVXG;NZ1j4uUhi^Fk7p;d<=wU<1)isJyxeu)@vyE7u&Zvwl-w^D
zn?6nv3%=Vn<c??@wsx`kNhDP{(T=||1%anw?G}B0d`{^$f!f;rOmf8$OLWy?W&TGw
zSF?L8z&s)V?F8v)YSHtnR!v~^RCHs#-`PsdAJ@AL1ba_f5M}%FW522x_+b!&P`?6J
z+dU*mvRwwE1lnMWVU|K?5;lr=X-hM~l-n}T4wil*NFtCgNV`+GXQphN)@Y1_>V3Y2
zM$-sZSiI=@BdwysKj^)qbP+fla7KVG&=u$)6Y+e_xhm7woW@%j>Y1tJ2%(v#vk)EU
zweeuSivq1zA@F7$Jisy&g|yV0Zck%}A$YsCj3waf+aNcjhKUCv>!lMD(vuawfe;}T
zg|%9A%^uS=pZ`Mt{qaDdF|_h&=;`dsZj)3yR^D>&P;^UgK%lEziH~~Ug;Q<Ijg;bX
zYx3G#*T8_>>YLV+Ku}K-aFxv!Xp_r_cE>0;&KESA6kBqIlN)OLVaSK(tEUAf*W8Jh
z5tYO0oN0Bx+EoEktKz&eqo}|3g7a&uLL%m$Gk?P3>#hwFZHKD4@Ja8@_Q;a&Ui{^I
z^oej=AuI#&TB`=jL_>*wT)9;8hP#L3OMeVHV)_7nrVyZWyoKbdF8$a;r_wWofeX1g
zy9)w#@K(Et?0y_D!$a+TE=VJL?ZW2M6}{lQ(aqj=VK`8w@`LDN4NqI#>})eBEfKWu
z2nWH?7e4WqAD4&z@)cdYeMjTD@3?mRSVn*ON&gQE9$gyfaehNk)N>@jGFHvP5jd>5
z-;o5qG?rEh1qfi&S)j6GF{A398&K;?LaL9>Np&x((W{&-aC3MJ`7%Ve9?V5H&wrV&
zoqyCljt??ZN7VZPygta42K-#ub@<#yYs2~-+3hT-*$kJ2$c&we)#a?x)YMx#5$n}9
zBFXcw579uUG$(8G29w5ngmxtcST_0J6!Sb<wymp`pT;P}f_gBMfWfv#phHv7dw>v<
zq4cvohwB%=6=Ho)eBh}U&8F_U9G*`J%k1w02Th~#Xi)+!^DdECPfkMz;@?!AMZ(Xe
zWdlGpq+jO+$y=*F_igD(SqyF`h>k%m6{;ViDmtXBwKuTH%e-{@K%{&m1y_*xpX#i9
z$a6X2Z3!Bf>PpU3SYp4ay-;~^sAgx@G=fEYPSHTA%Nws^pn8!xC;vkfsjeQBhOAPv
zI3BX)UcENf_{kU-4EP>uB@hRP2*vxYcesAK;+*fHL-YXd?ku&#b`P|WIzsyf$Ez{c
zKK!wxi*nw*hxZvIb@zXvmsyTKor1|fiLUl=pGSRQz;<sy^0G@55I_SK)0&foB5Wm<
z<`G9$^}E-Ciwz4Q#gAXQ^zlwpN3ZVKe}!DOH3Q31Bfhgg+_^^>^FdK8uQ%9SP4u)Q
zp^*ZM50=jly(6Y)LA<(xNzI$LoIetqpuQTh5-w`4tdXy?(nPzM?U+NQOuR(=Ty%Z(
zajGnFLGL<zs$l`xewz}aZ?e2QXy}pZS3X94`7KeWS+4b#{zhqmIxFK9nNsmFf{6iD
zwqE-Bku(JODK_?ZBr-R4LPatj8I?O5|4u&BW?~4+dQ_17%p0#R+rE?0R|B?h?59uN
zfE4!qPfr4Yy#Oyn9f9}y#y6cd;?QCMM6je1KDx-^JsGKUcw$J*ZqWyrtAIK#UnfSg
z&QlxAXMf93r?_2NT}R1}2ITlDNs~{ED;_Wn1AdZ2_g*`s&v!I?MxW$diN3iQ#;i5N
z+97JEdlw;+0WyIdixRZ<g-dN=57WJ#V38`07v=GXoLMTuJDoYE8^n4fn0vM!SkP}}
zF&+A5iJkrq_=9Z3v};8T6!*w<OccwA+!r^x^&VrT3aL69_gX!b59Y(<xGCN8Z{z`a
zkd{N`QRK`1pCL?HnuOR%RoNBj;H56Ldy0COm(ai4INb@3DlUZuV?_lTR&!!YS3SnO
z-p>@;;x)hTK2sJG6su9)8qmfI`IIH!SvBgk#;ls6IUtFLrrosr5$hdBG@*K;M8zD~
z|M$9i!R(%buhgO2DzcjxaE_C0uR_d)#l>S9vqvE=mK4J=Zpl0`CJ_O5MAa2a?F2(@
zSm>WIN!Fmd{UBIF^1uiW2jIh2+W21BkacWQ+Dl5UHT+dcQRA+cV#ecNxt9yJSxtn_
z2lE&!{D^x#YUX-j=A8C47I{-tJ84YM9v{CZd~~-|n^bZmTp#yLN_inY0z^+bnd5$H
zeAL{pR2dLj`5nDjzbUCJ#Lp1{_FE@5WRTTpCETbx)&60~b7K~5%2d#=wCQe5=EH2O
zT+nABh9$Bq-Q!OzO!ex3XRzG{PmJp<yIg54{>^xJe=BiVfd7s4WTuo3gcP10;gs5T
z2$@o^38|J-E`0t<Z8qRnOQa-g=*?6s6l86`X@U1WaZ`aN-OC<5W}I*LaXE@DXNZnB
zs8y=%vsPq+S8)ZTvZXN_@ZADELL2Q@UPH$5m52qdqFus_x6Ak(eCz8mX9L^vo&*58
zLQRz%>gBh(>B$uBY0raytjf{cJlj4zWL55{%ERlU9Oos<9zL!hdr=bvxVxa^6IDG&
ztW0x0)V|c_@JW_r?1-yUp@=#}Rc@Ssy60y0M0;5y`w2x!tAqRL-aK3+Q?eEZ)!V<A
zJ1p$DA@ZpYCM&B>{6+8hpQ;-z94FnRKg<tz$Nn^v5+-ITm!-28mjugM*;2958ZcOq
zk%-zHo5&QYKGUUc|LSvJ=#+;9=}D9<<Qi)FP9C8oR+EDQVBowdqezmreESjhv+!NH
z$Ltqr_x(pC(yG=>F=Q;JsMfZe7LEhVuEq;iUzkhHoGUFiv=H4lN<sC}DmQL|p{z93
zj5-2oY)SNr!pq#TQs%lDeA4!}xzRF&_-e<PK7NJrR_0ic(CI?eX|?T=ayqY~01l!3
z*$$0B)=4B4!pRON^FfvJwR55=9Tc`pR$pFNPd%Y(er{D%Nwr+GNxU+Y6^cxlL)AV0
zu6={rP#&a2O!ccvEZSjgTUdXvrgzr@<Jdg-8}B#3dG$%2<LpsCFQ|!saxU%F1;Y>l
z!i!%wMaX~T=K73iP21p>SExLNjJA;`1U+M^p&SCJk`;MX5M@W_QtYyZUp8JDc2|}&
zrEt99VM<K?SJ1RzqiAje^5ZbSrg{`lRH(WUM5Sy5<)<1joE-MVq0_GOw9hxbFGBGo
z8zcWl<#vQ1UVMQX_2&`+%&HLa?&aN|;G_qiMExcLkR&e289)vN0dGYBRd#tG@Gf)I
z<j?R}wur^ILQo7I@9Lq*CW|>M9Pi$=+mPI6sU2H6!M2hH-W~$Y3mFft^!y*w|Il>?
zQG#YSHyB7*KinX{wv9RX+uTZzP_Ri&^Qr)~th<`h?&|ZxYy<`jPk#|Fgh@rGGfG}Q
z8H?;;j6{$Vyp?gfu5oz4^#<c&jOK@Wnf7o_U`#G0pPkM5y%QoFV|S0zvw{TNy~Fg-
z87XDos|kwr<C=0&{M5xlL8VFIP(_~ft{|6}TsB1&`_`}dpgZemL$Q0`<moIDqB+i?
zG+)%?9F2Y4i0W(enFxPWpC$ohMCWMz{uS@!5O&l|hZT5MaXpijezo`MuKswOI5VGd
z%N$mJZRV9Pvvs~Kg<gN)ebZA-7S9!yaz<G6bt%AaIV*xsjp^+LTGD;;ka9Ua4R=y!
zjHm)WwR}(0)AccEQvTy)YzOAq5S(&$SRA4*Wxm;WnC;A?dd(kQdW(S<9Vwt5XBMf`
z3PZ%UDfQ-#I!H&WtSh*1w4L3c5C|$hf@e(Tg@2F%@G3G}Kpu~-piyDC>}B8X@SJcQ
zRVoaG8Ikqy{?<1>SWbWaJ?*>bj*kElm5nI%R?POCYlv473G7jrg7wYKc%*HT_F8+}
zii(`m%kIjiDnNB3w`s@QN`WYCi@w1SJ8%06d`oU{{x{6;ggP$;()s<>V|h!RSIsZy
zAV!>^#=Y6u7~0o*vPZ~I86F2Zzpwl?Tjoc(m9L3Lq}l(Lds`FKAmSNo88}pr{Yg~I
zm&hybodw8t;A194`V;)<t`F{L9>*Z^hx%?zD~QDamfdX`k>2Mru-;DJ$~A$=Ima8B
z@;}UTbWyE?kxF(>Yh7)x;d*ugR4nI6QJw+j{Pu7H`uqytJeB5~FD#l9m#Ub#d?7+T
zu6kGH1Ac^j_fL~pl6eP1-&{BQ2xqKds*n|GAM_HnD%RTcv5hFYIGUAMvTv%rx()%H
z=}KqSHmP%lc4b0YQtC!{8@^>}sFbNEMdZ2sDPH(#*e^vL#f0U?78PLoo$<$a$yNRU
z3Lo$7zN5I{tLMPKHLjhk&?<<!+N^>?7;C`U*;#!)d4|?v$S15Mq57Qwlv1+vInzy(
zY<EW#gn*1MvAIbFYv-zfzHa;PJj&Mh>i2WM&+xwR`ec5@&f@Ke{CyUnn3Go!Xj#7#
zmYJdS=8}?|U@)&H_~A<~Q&Br3ZnFSt)Xy&hYc57!%sw$6eFx6ker_;_Kd^mTv5=xm
z0`nh?y+)A7Ogi9}vRj#eg;C72S3ZLCt4hiebVCESTyKVT-)2gN!Tu<u$`{zE9Mw72
z(naH-+{baG5Q|d_4Sm=*u`Xow+_I=YL^W**#}Q}z_}Y;IiZ=b7tN_C2$qC(?+=nZ_
zBVsgqCNpQEjdHNzX2LbX9r0a4S1{X)&n?qsdYmZLne^3$apvzcuGDr@`Xc|kR;;q7
zgjO?Ba<icP_f#=(28<D>Jq6Y|nNNS`rBL%r{3*~aHFBNZXz<Eup;q9VMxy!Gl#<mz
zz&ee(4t2-`#}l`uXu5r$X<Sg&Z5Q_Hm%F`SvNO(EzL0JIR>|L1u6u{So^{vXdQ;+U
zC~s^C**AmHZgd;Atv_<kLBSQUQT~34@M@Kjw(yy4@&r{mUp-s~!N>`5i<2gcS3MZ_
z(Zb&cGK;fQV}<=NUXminM~zz}(jq8vdA)FY(z78|k?2Ae8H#!JquH2;fhbwzls^3&
zmp=nXXJrLpB+n|D{mmwbR7CJw=6ttKDU?>IzV<S0H~n3)?Ech@Q{Hm<m#CCZBqGBG
zud3m6hkNwGL4EO(rpyo!LcOIcj%cacdYZ&M9=or0^=Hy~iFWGHEIR~-Uw3yXZkC1Q
z${(RL5lMJ8FucW;ASS$j_BG9!CS!(4aw1`rexW*@>;24l__9QzfYdc2WUVGysk$(n
z<=WUgc~}8e!E08fI%2qKy8ZpgNA@ow@mg4ZjVem?=nE#VlOPn|WZ=As*Apwz+7kpt
z1YBUaz%tmcmj3;E?q@XgMvQD;+;9n6c6LIm?+zElV^&sH1a`9x&TkBOwZk~{W^=ip
z0YG>}C_FRmQ&YUnm$0h2rlRn{A!a&<7?N#OrNgi|tLec1lVKKw0VgL;42+D&eV*!>
z<GKf1?WjKz6ElTBm-3{@tmNuv-(6j*S{p~iaNItz2?mq^R{M>3)>qBXvl)N=%ebWP
zVXTQxCXd2nRBH=SrT<6q{;dkeF}7vs|0zi%v+1AA$u7=dJoF#-LtZ>MNf_%N@MD|y
zUpfe<+Jyf9lL*vj`X>bcRb5Zj;OwA(MWP*xkN!s_X^#P}|3ef1Mjn7Cky0EauEhI~
z;1=U(MZ3{UzHQB#($tjyq6hz{E~H7`-^jPTEo>mJLaH5ExHPP5h!3MC?EP=;Q)zY8
zttqY4<4-3mBO|8Oe|^S(UKkTZ%a2XUw=8YaIsAvH@h1*T@qZW2@k}3b8Xxw*SWmSf
zo~JF9%D&<IuVa7O6s;TD;MkM*(~F&(V!fDT%>T#Ug2mBM)jj5Hc$wggUD1TPCUXB^
zHjZzys}swDla}oGNWiSDQnt3Xi(K&-|HD<NbYm&FA2l>mWI6PHgBhFOa&f`WJ%`@~
zKnUpRt_q!kCFz&~m^2%LEuJ&~SF=5>K|@RQRe1NV=Mj4jWplg?BCdz>^eD)vNS8@|
G3H*NnU$5B!

literal 0
HcmV?d00001

diff --git a/docs/installation/images/win_docker_host.svg b/docs/installation/images/win_docker_host.svg
new file mode 100644
index 00000000..eef284e7
--- /dev/null
+++ b/docs/installation/images/win_docker_host.svg
@@ -0,0 +1,1259 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   width="88.900002mm"
+   height="112.88889mm"
+   viewBox="0 0 315.00001 399.99999"
+   id="svg2"
+   version="1.1"
+   inkscape:version="0.91 r13725"
+   sodipodi:docname="win_docker_host.svg">
+  <defs
+     id="defs4">
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="marker8148"
+       style="overflow:visible;"
+       inkscape:isstock="true">
+      <path
+         id="path8150"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round;stroke:#000000;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="scale(1.1) rotate(180) translate(1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="marker6352"
+       style="overflow:visible;"
+       inkscape:isstock="true">
+      <path
+         id="path6354"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round;stroke:#000000;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="scale(1.1) rotate(180) translate(1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="marker6148"
+       style="overflow:visible;"
+       inkscape:isstock="true"
+       inkscape:collect="always">
+      <path
+         id="path6150"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round;stroke:#000000;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="scale(1.1) rotate(180) translate(1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="marker5920"
+       style="overflow:visible;"
+       inkscape:isstock="true">
+      <path
+         id="path5922"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round;stroke:#000000;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="scale(1.1) rotate(180) translate(1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="marker5886"
+       style="overflow:visible;"
+       inkscape:isstock="true">
+      <path
+         id="path5888"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round;stroke:#000000;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="scale(1.1) rotate(180) translate(1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="Arrow2Lend"
+       style="overflow:visible;"
+       inkscape:isstock="true">
+      <path
+         id="path5368"
+         style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round;stroke:#000000;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="scale(1.1) rotate(180) translate(1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow1Lend"
+       orient="auto"
+       refY="0.0"
+       refX="0.0"
+       id="Arrow1Lend"
+       style="overflow:visible;"
+       inkscape:isstock="true">
+      <path
+         id="path5350"
+         d="M 0.0,0.0 L 5.0,-5.0 L -12.5,0.0 L 5.0,5.0 L 0.0,0.0 z "
+         style="fill-rule:evenodd;stroke:#000000;stroke-width:1pt;stroke-opacity:1;fill:#000000;fill-opacity:1"
+         transform="scale(0.8) rotate(180) translate(12.5,0)" />
+    </marker>
+  </defs>
+  <sodipodi:namedview
+     id="base"
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:pageopacity="0.0"
+     inkscape:pageshadow="2"
+     inkscape:zoom="2.9893238"
+     inkscape:cx="190.2131"
+     inkscape:cy="316.35715"
+     inkscape:document-units="px"
+     inkscape:current-layer="g4485"
+     showgrid="false"
+     fit-margin-top="0"
+     fit-margin-left="0"
+     fit-margin-right="0"
+     fit-margin-bottom="0"
+     inkscape:window-width="1680"
+     inkscape:window-height="1005"
+     inkscape:window-x="4"
+     inkscape:window-y="0"
+     inkscape:window-maximized="0"
+     inkscape:showpageshadow="false" />
+  <metadata
+     id="metadata7">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+        <dc:title></dc:title>
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     inkscape:groupmode="layer"
+     id="layer2"
+     inkscape:label="host"
+     style="display:inline" />
+  <g
+     inkscape:groupmode="layer"
+     id="layer4"
+     inkscape:label="arrows" />
+  <g
+     inkscape:groupmode="layer"
+     id="layer3"
+     inkscape:label="containers">
+    <g
+       id="g4485"
+       transform="translate(-0.29443947,0)">
+      <rect
+         style="display:inline;opacity:1;fill:#949da7;fill-opacity:1;stroke:#005976;stroke-width:3.64635539;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         id="rect5262"
+         width="310.02628"
+         height="374.55676"
+         x="2.8077147"
+         y="23.505817"
+         rx="0"
+         ry="0" />
+      <rect
+         rx="6.8984389"
+         ry="10.232184"
+         y="1.5027902"
+         x="196.5285"
+         height="39.570198"
+         width="117.73026"
+         id="rect5280"
+         style="opacity:1;fill:#394d54;fill-opacity:1;stroke:#005976;stroke-width:2.49513435;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+      <rect
+         ry="0"
+         rx="0"
+         y="168.52252"
+         x="70.247932"
+         height="230.32341"
+         width="243.59302"
+         id="rect4394"
+         style="display:inline;opacity:1;fill:#ade5f9;fill-opacity:1;stroke:#005976;stroke-width:2.07964277;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+      <rect
+         rx="7.8990598"
+         ry="7.8990588"
+         y="152.22887"
+         x="70.381065"
+         height="30.547466"
+         width="136.82939"
+         id="rect4345"
+         style="opacity:1;fill:#fcfcfc;fill-opacity:1;stroke:#005976;stroke-width:2.34590101;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+      <g
+         transform="matrix(0.48549887,0,0,0.47493898,-15.603306,139.61046)"
+         style="font-style:normal;font-weight:normal;font-size:40px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+         id="flowRoot4337">
+        <path
+           d="m 187.88477,72.829407 0,-30.3125 7.1875,0 q 4.96093,0 7.36328,1.738282 2.42187,1.71875 3.63281,5.214843 1.21094,3.496094 1.21094,8.28125 0,4.53125 -1.28907,7.96875 -1.26953,3.417969 -3.61328,5.273438 -2.34375,1.835937 -7.30468,1.835937 l -7.1875,0 z m 3.94531,-3.339843 2.63672,0 q 4.0039,0 5.70312,-1.425782 1.71875,-1.425781 2.44141,-3.945312 0.74219,-2.539063 0.74219,-6.992188 0,-4.355468 -0.85938,-6.699218 -0.85937,-2.34375 -2.46094,-3.59375 -1.60156,-1.269532 -5.2539,-1.269532 l -2.94922,0 0,23.925782 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7740" />
+        <path
+           d="m 220.91211,73.747376 q -5.15625,0 -7.89063,-4.335937 -2.71484,-4.355469 -2.71484,-11.738282 0,-7.363281 2.71484,-11.699218 2.73438,-4.355469 7.89063,-4.355469 5.17578,0 7.89062,4.355469 2.71485,4.335937 2.71485,11.699218 0,7.382813 -2.71485,11.738282 -2.71484,4.335937 -7.89062,4.335937 z m 0,-3.046875 q 2.85156,0 4.74609,-3.222656 1.91407,-3.242188 1.91407,-9.804688 0,-6.5625 -1.91407,-9.785156 -1.89453,-3.242187 -4.74609,-3.242187 -2.85156,0 -4.76563,3.242187 -1.89453,3.222656 -1.89453,9.785156 0,6.5625 1.89453,9.804688 1.91407,3.222656 4.76563,3.222656 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7742" />
+        <path
+           d="m 254.23242,72.477845 q -3.39844,1.269531 -6.09375,1.269531 -3.55469,0 -6.54297,-1.894531 -2.98828,-1.914063 -4.64843,-5.664063 -1.66016,-3.769531 -1.66016,-8.515625 0,-4.707031 1.64062,-8.457031 1.64063,-3.75 4.62891,-5.683594 2.98828,-1.933593 6.58203,-1.933593 2.69531,0 6.09375,1.269531 l 0,3.59375 q -3.14453,-1.816406 -6.25,-1.816406 -2.34375,0 -4.29687,1.601562 -1.9336,1.601563 -3.125,4.707031 -1.19141,3.085938 -1.19141,6.71875 0,3.691407 1.23047,6.816407 1.23047,3.125 3.14453,4.6875 1.91406,1.542968 4.23828,1.542968 3.08594,0 6.25,-1.816406 l 0,3.574219 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7744" />
+        <path
+           d="m 260.0332,72.829407 0,-30.3125 3.94532,0 0,14.863282 11.26953,-14.863282 4.17968,0 -10.8789,14.394532 12.40234,15.917968 -4.9414,0 -12.03125,-15.449218 0,15.449218 -3.94532,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7746" />
+        <path
+           d="m 301.2832,69.489564 0,3.339843 -16.36718,0 0,-30.3125 16.05468,0 0,3.046875 -12.10937,0 0,10.292969 10.89844,0 0,3.027344 -10.89844,0 0,10.605469 12.42187,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7748" />
+        <path
+           d="m 311.86914,59.958314 0,12.871093 -3.94531,0 0,-30.3125 8.10547,0 q 3.96484,0 5.83984,0.820313 1.875,0.800781 2.89063,2.441406 1.03515,1.640625 1.03515,3.535156 0,1.757813 -0.68359,3.535157 -0.6836,1.777343 -1.89453,3.183593 -1.19141,1.386719 -3.45703,2.636719 l 8.76953,14.160156 -4.6875,0 -8.02735,-12.871093 -3.94531,0 z m 0,-3.046875 5.52734,0 q 1.85547,-1.015625 2.75391,-2.070313 0.91797,-1.054687 1.38672,-2.246094 0.46875,-1.191406 0.46875,-2.382812 0,-2.128906 -1.5625,-3.378906 -1.54297,-1.269532 -5.625,-1.269532 l -2.94922,0 0,11.347657 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7750" />
+        <path
+           d="m 330.38477,75.856751 0,-3.027344 21.21093,0 0,3.027344 -21.21093,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7752" />
+        <path
+           d="m 355.52148,72.829407 0,-30.3125 3.94532,0 0,13.046875 11.21093,0 0,-13.046875 3.92579,0 0,30.3125 -3.92579,0 0,-14.238281 -11.21093,0 0,14.238281 -3.94532,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7754" />
+        <path
+           d="m 389.03711,73.747376 q -5.15625,0 -7.89063,-4.335937 -2.71484,-4.355469 -2.71484,-11.738282 0,-7.363281 2.71484,-11.699218 2.73438,-4.355469 7.89063,-4.355469 5.17578,0 7.89062,4.355469 2.71485,4.335937 2.71485,11.699218 0,7.382813 -2.71485,11.738282 -2.71484,4.335937 -7.89062,4.335937 z m 0,-3.046875 q 2.85156,0 4.74609,-3.222656 1.91407,-3.242188 1.91407,-9.804688 0,-6.5625 -1.91407,-9.785156 -1.89453,-3.242187 -4.74609,-3.242187 -2.85156,0 -4.76563,3.242187 -1.89453,3.222656 -1.89453,9.785156 0,6.5625 1.89453,9.804688 1.91407,3.222656 4.76563,3.222656 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7756" />
+        <path
+           d="m 404.17383,72.184876 0,-3.710937 q 4.6875,2.226562 8.51562,2.226562 1.60157,0 3.06641,-0.605469 1.46484,-0.625 2.20703,-1.777343 0.76172,-1.152344 0.76172,-2.5 0,-1.582032 -1.03516,-2.949219 -1.03515,-1.386719 -3.88672,-3.046875 l -1.99218,-1.152344 -2.01172,-1.152344 q -5.3125,-3.144531 -5.3125,-7.8125 0,-3.417968 2.36328,-5.742187 2.38281,-2.34375 7.42187,-2.34375 3.24219,0 6.26954,0.9375 l 0,3.378906 q -3.33985,-1.289062 -6.50391,-1.289062 -2.51953,0 -4.08203,1.328125 -1.54297,1.328125 -1.54297,3.203125 0,1.855468 1.19141,3.085937 1.1914,1.230469 3.04687,2.265625 l 1.52344,0.917969 1.89453,1.152344 1.60156,0.9375 q 4.98047,3.046875 4.98047,7.65625 0,3.515625 -2.55859,6.035156 -2.5586,2.519531 -8.20313,2.519531 -1.79687,0 -3.4375,-0.3125 -1.62109,-0.292969 -4.27734,-1.25 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7758" />
+        <path
+           d="m 435.11133,72.829407 0,-26.972656 -9.08203,0 0,-3.339844 22.1289,0 0,3.339844 -9.10156,0 0,26.972656 -3.94531,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Monaco;-inkscape-font-specification:Monaco"
+           id="path7760" />
+      </g>
+      <path
+         sodipodi:nodetypes="cc"
+         inkscape:connector-curvature="0"
+         id="path8146"
+         d="m 157.79863,229.50628 c 37.00058,23.19886 12.85818,26.81485 7.03771,31.08319"
+         style="display:inline;fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.78196704px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#marker8148)" />
+      <path
+         sodipodi:nodetypes="cc"
+         inkscape:connector-curvature="0"
+         id="path6142"
+         d="m 222.83291,217.48299 c 67.7606,4.04815 33.91703,32.0024 23.64644,43.35694"
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.78196704px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#marker6352)" />
+      <path
+         sodipodi:nodetypes="cc"
+         inkscape:connector-curvature="0"
+         id="path6144"
+         d="M 157.27071,230.12149 C 45.405744,253.79288 92.109064,307.60128 124.18114,326.55296"
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.78196704px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#marker6148)" />
+      <rect
+         style="opacity:1;fill:#f2f2f2;fill-opacity:1;stroke:#005976;stroke-width:2.34590101;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         id="rect4484"
+         width="118.45418"
+         height="24.487085"
+         x="101.69627"
+         y="204.32883" />
+      <g
+         transform="matrix(0.86243158,0,0,0.86574923,-54.246575,175.8598)"
+         style="font-style:normal;font-weight:normal;font-size:40px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+         id="flowRoot4486">
+        <path
+           d="m 187.98859,51.93976 0,-10.026972 2.89587,0 q 1.19455,0 2.00902,0.343886 0.81446,0.325786 1.32124,0.977358 0.52488,0.633473 0.74207,1.556533 0.23529,0.904962 0.23529,2.063312 0,1.194549 -0.25339,2.045213 -0.23529,0.832565 -0.61537,1.393641 -0.38009,0.561076 -0.86876,0.886862 -0.47058,0.325786 -0.95926,0.506778 -0.48868,0.162893 -0.92306,0.217191 -0.43439,0.0362 -0.72397,0.0362 l -2.85968,0 z m -1.71943,-11.47491 0,12.922849 4.43431,0 q 1.61083,0 2.78728,-0.452481 1.17645,-0.452481 1.93662,-1.303144 0.76017,-0.868763 1.12215,-2.11761 0.36199,-1.266946 0.36199,-2.895877 0,-3.113067 -1.61083,-4.633402 -1.61083,-1.520335 -4.59721,-1.520335 l -4.43431,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7700" />
+        <path
+           d="m 199.86394,48.718098 q 0,-0.850664 0.2172,-1.502236 0.23529,-0.669671 0.63347,-1.122152 0.39818,-0.452481 0.92306,-0.687771 0.54298,-0.23529 1.14025,-0.23529 0.59727,0 1.12215,0.23529 0.54298,0.23529 0.94116,0.687771 0.39819,0.452481 0.61538,1.122152 0.23529,0.651572 0.23529,1.502236 0,0.850664 -0.23529,1.520335 -0.21719,0.651572 -0.61538,1.104053 -0.39818,0.434381 -0.94116,0.669671 -0.52488,0.23529 -1.12215,0.23529 -0.59727,0 -1.14025,-0.23529 -0.52488,-0.23529 -0.92306,-0.669671 -0.39818,-0.452481 -0.63347,-1.104053 -0.2172,-0.669671 -0.2172,-1.520335 z m -1.62893,0 q 0,1.031656 0.28959,1.918518 0.28959,0.886862 0.86876,1.556534 0.57918,0.651572 1.42984,1.031656 0.85067,0.361984 1.95472,0.361984 1.12215,0 1.95472,-0.361984 0.85066,-0.380084 1.42984,-1.031656 0.57917,-0.669672 0.86876,-1.556534 0.28959,-0.886862 0.28959,-1.918518 0,-1.031656 -0.28959,-1.918518 -0.28959,-0.904962 -0.86876,-1.556534 -0.57918,-0.669671 -1.42984,-1.049755 -0.83257,-0.380084 -1.95472,-0.380084 -1.10405,0 -1.95472,0.380084 -0.85066,0.380084 -1.42984,1.049755 -0.57917,0.651572 -0.86876,1.556534 -0.28959,0.886862 -0.28959,1.918518 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7702" />
+        <path
+           d="m 215.45219,47.03487 1.59273,0 q -0.0905,-0.832565 -0.43438,-1.429839 -0.34389,-0.615374 -0.88686,-1.013557 -0.52488,-0.398183 -1.23075,-0.579175 -0.68777,-0.199092 -1.48414,-0.199092 -1.10405,0 -1.93662,0.398183 -0.83256,0.380084 -1.39364,1.067855 -0.54297,0.669671 -0.81446,1.592732 -0.27149,0.904961 -0.27149,1.954716 0,1.049756 0.27149,1.936618 0.28959,0.868763 0.83256,1.502236 0.56108,0.633473 1.37554,0.977358 0.83257,0.343885 1.90042,0.343885 1.79183,0 2.82348,-0.94116 1.04976,-0.941159 1.30315,-2.678685 l -1.57464,0 q -0.14479,1.085953 -0.79636,1.683228 -0.63347,0.597274 -1.77373,0.597274 -0.72397,0 -1.24884,-0.289587 -0.52488,-0.289588 -0.85067,-0.760168 -0.32578,-0.488679 -0.48868,-1.104053 -0.14479,-0.615374 -0.14479,-1.266946 0,-0.70587 0.14479,-1.357442 0.1448,-0.669671 0.47058,-1.17645 0.34389,-0.506778 0.90497,-0.814465 0.56107,-0.307687 1.39364,-0.307687 0.97735,0 1.55653,0.488679 0.57917,0.48868 0.76017,1.375542 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7704" />
+        <path
+           d="m 218.91112,40.46485 0,12.922849 1.53843,0 0,-3.547449 1.44794,-1.339343 3.20357,4.886792 1.95471,0 -3.98183,-5.954646 3.71034,-3.402655 -2.06331,0 -4.27142,4.090425 0,-7.655973 -1.53843,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7706" />
+        <path
+           d="m 234.72136,47.813137 -5.37547,0 q 0.0362,-0.542977 0.23529,-1.013557 0.19909,-0.488679 0.54298,-0.850664 0.34388,-0.361985 0.81446,-0.561076 0.48868,-0.217191 1.08596,-0.217191 0.57917,0 1.04975,0.217191 0.48868,0.199091 0.83257,0.561076 0.36198,0.343885 0.56107,0.832565 0.21719,0.488679 0.25339,1.031656 z m 1.48414,2.606288 -1.52034,0 q -0.19909,0.923061 -0.83256,1.375542 -0.61538,0.45248 -1.59273,0.45248 -0.76017,0 -1.32125,-0.253389 -0.56107,-0.253389 -0.92306,-0.669671 -0.36198,-0.434382 -0.52488,-0.977359 -0.16289,-0.561076 -0.14479,-1.176449 l 7.0044,0 q 0.0362,-0.850664 -0.16289,-1.791824 -0.18099,-0.94116 -0.68777,-1.737526 -0.48868,-0.796366 -1.32125,-1.303144 -0.81446,-0.524878 -2.06331,-0.524878 -0.95926,0 -1.77372,0.361985 -0.79637,0.361984 -1.39364,1.013556 -0.57918,0.651573 -0.90496,1.538435 -0.32579,0.886862 -0.32579,1.954716 0.0362,1.067855 0.30769,1.972816 0.28958,0.904962 0.85066,1.556534 0.56108,0.651572 1.37554,1.013557 0.83257,0.361984 1.95472,0.361984 1.59273,0 2.64249,-0.796366 1.04975,-0.796366 1.35744,-2.370999 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7708" />
+        <path
+           d="m 237.8907,44.030398 0,9.357301 1.53844,0 0,-4.162823 q 0,-0.904961 0.18099,-1.592732 0.18099,-0.70587 0.57918,-1.194549 0.39818,-0.488679 1.04975,-0.742068 0.65157,-0.253389 1.57463,-0.253389 l 0,-1.628931 q -1.24884,-0.0362 -2.06331,0.506779 -0.81446,0.542976 -1.37554,1.683228 l -0.0362,0 0,-1.972816 -1.44794,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7710" />
+        <path
+           d="m 250.13172,48.790495 q 0,-0.687771 0.1448,-1.339343 0.14479,-0.651572 0.47058,-1.158351 0.32578,-0.506778 0.86876,-0.814465 0.54298,-0.307687 1.32124,-0.307687 0.79637,0 1.35744,0.307687 0.56108,0.289588 0.90497,0.778267 0.36198,0.488679 0.52487,1.140251 0.1629,0.633473 0.1629,1.321244 0,0.651572 -0.1629,1.285045 -0.14479,0.633473 -0.48868,1.140251 -0.34388,0.48868 -0.88686,0.796366 -0.54297,0.307687 -1.32124,0.307687 -0.74207,0 -1.30315,-0.289587 -0.54297,-0.289588 -0.90496,-0.778267 -0.34388,-0.488679 -0.52488,-1.104053 -0.16289,-0.633473 -0.16289,-1.285045 z m 7.23969,4.597204 0,-12.922849 -1.53843,0 0,4.814395 -0.0362,0 q -0.25339,-0.416283 -0.63347,-0.687771 -0.36199,-0.289588 -0.77827,-0.452481 -0.41628,-0.180992 -0.83256,-0.253389 -0.41629,-0.0724 -0.77827,-0.0724 -1.06786,0 -1.88232,0.398183 -0.79637,0.380084 -1.33934,1.049755 -0.52488,0.651573 -0.79637,1.538435 -0.25339,0.886862 -0.25339,1.882319 0,0.995458 0.27149,1.88232 0.27149,0.886862 0.79637,1.556534 0.54297,0.669671 1.33934,1.067854 0.81446,0.398183 1.90042,0.398183 0.97736,0 1.79182,-0.343885 0.81447,-0.343885 1.19455,-1.122152 l 0.0362,0 0,1.266946 1.53843,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7712" />
+        <path
+           d="m 268.01008,53.3515 q -0.39818,0.23529 -1.10405,0.23529 -0.59727,0 -0.95926,-0.325786 -0.34388,-0.343885 -0.34388,-1.104053 -0.63348,0.760168 -1.48414,1.104053 -0.83257,0.325786 -1.80992,0.325786 -0.63348,0 -1.21265,-0.144794 -0.56108,-0.144793 -0.97736,-0.45248 -0.41628,-0.307687 -0.66967,-0.796366 -0.23529,-0.506779 -0.23529,-1.212649 0,-0.796366 0.27149,-1.303144 0.27149,-0.506778 0.70587,-0.814465 0.45248,-0.325786 1.01355,-0.488679 0.57918,-0.162893 1.17645,-0.271489 0.63348,-0.126694 1.19455,-0.180992 0.57918,-0.0724 1.01356,-0.180992 0.43438,-0.126695 0.68777,-0.343886 0.25339,-0.23529 0.25339,-0.669671 0,-0.506779 -0.19909,-0.814465 -0.18099,-0.307687 -0.48868,-0.47058 -0.28959,-0.162893 -0.66967,-0.217191 -0.36199,-0.0543 -0.72397,-0.0543 -0.97736,0 -1.62893,0.380084 -0.65157,0.361985 -0.70587,1.393641 l -1.53844,0 q 0.0362,-0.868763 0.36199,-1.466038 0.32578,-0.597274 0.86876,-0.959259 0.54298,-0.380084 1.23075,-0.542977 0.70587,-0.162893 1.50223,-0.162893 0.63348,0 1.24885,0.0905 0.63347,0.0905 1.14025,0.380084 0.50678,0.271488 0.81447,0.778267 0.30768,0.506778 0.30768,1.321244 l 0,4.814394 q 0,0.542977 0.0543,0.796366 0.0724,0.253389 0.43438,0.253389 0.19909,0 0.47058,-0.0905 l 0,1.194549 z m -2.49769,-4.796295 q -0.28959,0.217191 -0.76017,0.325786 -0.47058,0.0905 -0.99546,0.162893 -0.50677,0.0543 -1.03165,0.144794 -0.52488,0.0724 -0.94116,0.253389 -0.41628,0.180992 -0.68777,0.524878 -0.25339,0.325786 -0.25339,0.904961 0,0.380084 0.14479,0.651572 0.1629,0.253389 0.39819,0.416282 0.25339,0.162894 0.57917,0.23529 0.32579,0.0724 0.68777,0.0724 0.76017,0 1.30315,-0.199091 0.54297,-0.217191 0.88686,-0.524878 0.34388,-0.325786 0.50678,-0.68777 0.16289,-0.380084 0.16289,-0.70587 l 0,-1.574633 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7714" />
+        <path
+           d="m 275.93952,47.813137 -5.37547,0 q 0.0362,-0.542977 0.23529,-1.013557 0.19909,-0.488679 0.54298,-0.850664 0.34388,-0.361985 0.81446,-0.561076 0.48868,-0.217191 1.08595,-0.217191 0.57918,0 1.04976,0.217191 0.48868,0.199091 0.83256,0.561076 0.36199,0.343885 0.56108,0.832565 0.21719,0.488679 0.25339,1.031656 z m 1.48414,2.606288 -1.52034,0 q -0.19909,0.923061 -0.83256,1.375542 -0.61538,0.45248 -1.59274,0.45248 -0.76016,0 -1.32124,-0.253389 -0.56107,-0.253389 -0.92306,-0.669671 -0.36198,-0.434382 -0.52488,-0.977359 -0.16289,-0.561076 -0.14479,-1.176449 l 7.0044,0 q 0.0362,-0.850664 -0.16289,-1.791824 -0.18099,-0.94116 -0.68777,-1.737526 -0.48868,-0.796366 -1.32125,-1.303144 -0.81446,-0.524878 -2.06331,-0.524878 -0.95926,0 -1.77372,0.361985 -0.79637,0.361984 -1.39364,1.013556 -0.57918,0.651573 -0.90497,1.538435 -0.32578,0.886862 -0.32578,1.954716 0.0362,1.067855 0.30769,1.972816 0.28958,0.904962 0.85066,1.556534 0.56108,0.651572 1.37554,1.013557 0.83257,0.361984 1.95472,0.361984 1.59273,0 2.64248,-0.796366 1.04976,-0.796366 1.35745,-2.370999 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7716" />
+        <path
+           d="m 279.16316,44.030398 0,9.357301 1.53844,0 0,-5.827952 q 0,-0.271488 0.12669,-0.669671 0.1448,-0.416282 0.43439,-0.796366 0.30768,-0.380084 0.77826,-0.651572 0.48868,-0.271489 1.15835,-0.271489 0.52488,0 0.85067,0.162893 0.34388,0.144794 0.54297,0.434382 0.19909,0.271488 0.27149,0.651572 0.0905,0.380084 0.0905,0.832564 l 0,6.135639 1.53843,0 0,-5.827952 q 0,-1.085953 0.65157,-1.737526 0.65158,-0.651572 1.79183,-0.651572 0.56107,0 0.90496,0.162893 0.36198,0.162893 0.56108,0.452481 0.19909,0.271488 0.27148,0.651572 0.0724,0.380084 0.0724,0.814465 l 0,6.135639 1.53843,0 0,-6.859608 q 0,-0.723969 -0.23528,-1.230747 -0.2172,-0.524878 -0.63348,-0.850664 -0.39818,-0.325786 -0.97736,-0.47058 -0.56107,-0.162893 -1.26694,-0.162893 -0.92306,0 -1.70133,0.416282 -0.76017,0.416283 -1.23075,1.17645 -0.28958,-0.868763 -0.99545,-1.230747 -0.70587,-0.361985 -1.57464,-0.361985 -1.97281,0 -3.02257,1.592732 l -0.0362,0 0,-1.375541 -1.44794,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7718" />
+        <path
+           d="m 295.73329,48.718098 q 0,-0.850664 0.21719,-1.502236 0.23529,-0.669671 0.63348,-1.122152 0.39818,-0.452481 0.92306,-0.687771 0.54297,-0.23529 1.14025,-0.23529 0.59727,0 1.12215,0.23529 0.54298,0.23529 0.94116,0.687771 0.39818,0.452481 0.61537,1.122152 0.23529,0.651572 0.23529,1.502236 0,0.850664 -0.23529,1.520335 -0.21719,0.651572 -0.61537,1.104053 -0.39818,0.434381 -0.94116,0.669671 -0.52488,0.23529 -1.12215,0.23529 -0.59728,0 -1.14025,-0.23529 -0.52488,-0.23529 -0.92306,-0.669671 -0.39819,-0.452481 -0.63348,-1.104053 -0.21719,-0.669671 -0.21719,-1.520335 z m -1.62893,0 q 0,1.031656 0.28959,1.918518 0.28959,0.886862 0.86876,1.556534 0.57918,0.651572 1.42984,1.031656 0.85066,0.361984 1.95472,0.361984 1.12215,0 1.95471,-0.361984 0.85067,-0.380084 1.42984,-1.031656 0.57918,-0.669672 0.86877,-1.556534 0.28958,-0.886862 0.28958,-1.918518 0,-1.031656 -0.28958,-1.918518 -0.28959,-0.904962 -0.86877,-1.556534 -0.57917,-0.669671 -1.42984,-1.049755 -0.83256,-0.380084 -1.95471,-0.380084 -1.10406,0 -1.95472,0.380084 -0.85066,0.380084 -1.42984,1.049755 -0.57917,0.651572 -0.86876,1.556534 -0.28959,0.886862 -0.28959,1.918518 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7720" />
+        <path
+           d="m 304.96871,44.030398 0,9.357301 1.53843,0 0,-5.284975 q 0,-0.633473 0.16289,-1.15835 0.181,-0.542977 0.52488,-0.94116 0.34389,-0.398183 0.85067,-0.615374 0.52487,-0.217191 1.23074,-0.217191 0.88687,0 1.39364,0.506779 0.50678,0.506778 0.50678,1.375541 l 0,6.33473 1.53844,0 0,-6.153738 q 0,-0.760167 -0.1629,-1.375541 -0.14479,-0.633473 -0.52487,-1.085954 -0.38009,-0.45248 -0.99546,-0.70587 -0.61538,-0.253389 -1.53844,-0.253389 -2.08141,0 -3.04067,1.701328 l -0.0362,0 0,-1.484137 -1.44793,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+           id="path7722" />
+      </g>
+      <g
+         transform="matrix(0.59683756,0,0,0.62856206,116.41511,253.93191)"
+         id="g5083">
+        <g
+           id="Isolation_Mode-6">
+          <polygon
+             style="clip-rule:evenodd;fill:#394d54;fill-rule:evenodd"
+             points="122.005,77.57 122.005,22.429 32.038,0.183 0,19.314 0,72.66 92.65,101.222 "
+             id="polygon4984" />
+          <polygon
+             style="clip-rule:evenodd;fill:#a5eaf2;fill-rule:evenodd"
+             points="5,23.314 92.65,45.131 92.65,94.222 5,67.66 "
+             id="polygon4986" />
+          <g
+             id="g4988">
+            <g
+               id="g4990">
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="7.917,29.184 7.917,66.177 11.364,66.906 11.364,30.067 "
+                 id="polygon4992" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="14.134,30.801 14.134,68.013 17.598,68.765 17.598,31.68 "
+                 id="polygon4994" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="20.353,32.418 20.353,69.848 23.831,70.624 23.831,33.292 "
+                 id="polygon4996" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="26.569,34.035 26.569,71.684 30.063,72.483 30.063,34.905 "
+                 id="polygon4998" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="32.789,35.652 32.789,73.519 36.298,74.341 36.298,36.518 "
+                 id="polygon5000" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="39.007,37.27 39.007,75.354 42.532,76.201 42.532,38.13 "
+                 id="polygon5002" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="45.224,38.887 45.224,77.19 48.765,78.06 48.765,39.743 "
+                 id="polygon5004" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="51.442,40.504 51.442,79.025 54.999,79.919 54.999,41.356 "
+                 id="polygon5006" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="57.661,42.122 57.661,80.86 61.231,81.777 61.231,42.968 "
+                 id="polygon5008" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="63.878,43.737 63.878,82.697 67.466,83.637 67.466,44.581 "
+                 id="polygon5010" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="70.097,45.355 70.097,84.532 73.699,85.496 73.699,46.193 "
+                 id="polygon5012" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="76.313,46.973 76.313,86.367 79.933,87.354 79.933,47.806 "
+                 id="polygon5014" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="86.165,49.418 82.532,48.589 82.532,88.203 86.165,89.213 "
+                 id="polygon5016" />
+            </g>
+            <g
+               id="g5018">
+              <polygon
+                 style="fill:#394d54"
+                 points="7.917,29.184 7.917,66.177 11.364,66.906 11.364,30.067 "
+                 id="polygon5020" />
+              <polygon
+                 style="fill:#394d54"
+                 points="14.134,30.801 14.134,68.013 17.598,68.765 17.598,31.68 "
+                 id="polygon5022" />
+              <polygon
+                 style="fill:#394d54"
+                 points="20.353,32.418 20.353,69.848 23.831,70.624 23.831,33.292 "
+                 id="polygon5024" />
+              <polygon
+                 style="fill:#394d54"
+                 points="26.569,34.035 26.569,71.684 30.063,72.483 30.063,34.905 "
+                 id="polygon5026" />
+              <polygon
+                 style="fill:#394d54"
+                 points="32.789,35.652 32.789,73.519 36.298,74.341 36.298,36.518 "
+                 id="polygon5028" />
+              <polygon
+                 style="fill:#394d54"
+                 points="39.007,37.27 39.007,75.354 42.532,76.201 42.532,38.13 "
+                 id="polygon5030" />
+              <polygon
+                 style="fill:#394d54"
+                 points="45.224,38.887 45.224,77.19 48.765,78.06 48.765,39.743 "
+                 id="polygon5032" />
+              <polygon
+                 style="fill:#394d54"
+                 points="51.442,40.504 51.442,79.025 54.999,79.919 54.999,41.356 "
+                 id="polygon5034" />
+              <polygon
+                 style="fill:#394d54"
+                 points="57.661,42.122 57.661,80.86 61.231,81.777 61.231,42.968 "
+                 id="polygon5036" />
+              <polygon
+                 style="fill:#394d54"
+                 points="63.878,43.737 63.878,82.697 67.466,83.637 67.466,44.581 "
+                 id="polygon5038" />
+              <polygon
+                 style="fill:#394d54"
+                 points="70.097,45.355 70.097,84.532 73.699,85.496 73.699,46.193 "
+                 id="polygon5040" />
+              <polygon
+                 style="fill:#394d54"
+                 points="76.313,46.973 76.313,86.367 79.933,87.354 79.933,47.806 "
+                 id="polygon5042" />
+              <polygon
+                 style="fill:#394d54"
+                 points="86.165,49.418 82.532,48.589 82.532,88.203 86.165,89.213 "
+                 id="polygon5044" />
+            </g>
+          </g>
+          <polygon
+             style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+             points="92.65,46.469 117.005,29.184 117.005,75.212 92.65,94.398 "
+             id="polygon5046" />
+          <polygon
+             style="clip-rule:evenodd;fill:#ffffff;fill-rule:evenodd"
+             points="5,23.314 32.538,6.683 117.005,27.429 92.65,45.131 "
+             id="polygon5048" />
+          <rect
+             style="fill:#394d54"
+             x="46.075001"
+             y="-12.046"
+             transform="matrix(0.241,-0.9705,0.9705,0.241,3.2084,72.3107)"
+             width="3.5250001"
+             height="92.299004"
+             id="rect5050" />
+          <rect
+             style="fill:#394d54"
+             x="103.715"
+             y="18.122"
+             transform="matrix(0.5701,0.8215,-0.8215,0.5701,74.5518,-71.3707)"
+             width="3.5250001"
+             height="34.868999"
+             id="rect5052" />
+          <rect
+             style="fill:#394d54"
+             x="90.234001"
+             y="44.498001"
+             transform="matrix(1,-0.0022,0.0022,1,-0.1552,0.2041)"
+             width="3.523"
+             height="51.174"
+             id="rect5054" />
+        </g>
+        <g
+           style="display:none"
+           id="Layer_2-0"
+           display="none">
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="-77.349998"
+             y1="-49.362"
+             x2="-1830.454"
+             y2="-492.659"
+             id="line5063" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="-77.349998"
+             y1="-46.612"
+             x2="-1830.454"
+             y2="-492.659"
+             id="line5065" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="-77.349998"
+             y1="-4.362"
+             x2="-1830.454"
+             y2="-492.659"
+             id="line5067" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="-52.994999"
+             y1="-67.064003"
+             x2="-1830.454"
+             y2="-492.659"
+             id="line5069" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="532.88"
+             y1="-492.659"
+             x2="-76.915001"
+             y2="-49.472"
+             id="line5071" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="532.88"
+             y1="-492.659"
+             x2="-165"
+             y2="-71.179001"
+             id="line5073" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="532.88"
+             y1="-492.659"
+             x2="-77.349998"
+             y2="-0.271"
+             id="line5075" />
+        </g>
+      </g>
+      <g
+         id="g5133"
+         transform="matrix(0.59683756,0,0,0.62856206,194.85661,253.93191)">
+        <g
+           id="g5135">
+          <polygon
+             id="polygon5137"
+             points="32.038,0.183 0,19.314 0,72.66 92.65,101.222 122.005,77.57 122.005,22.429 "
+             style="clip-rule:evenodd;fill:#394d54;fill-rule:evenodd" />
+          <polygon
+             id="polygon5139"
+             points="92.65,94.222 5,67.66 5,23.314 92.65,45.131 "
+             style="clip-rule:evenodd;fill:#a5eaf2;fill-rule:evenodd" />
+          <g
+             id="g5141">
+            <g
+               id="g5143">
+              <polygon
+                 id="polygon5145"
+                 points="11.364,66.906 11.364,30.067 7.917,29.184 7.917,66.177 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5147"
+                 points="17.598,68.765 17.598,31.68 14.134,30.801 14.134,68.013 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5149"
+                 points="23.831,70.624 23.831,33.292 20.353,32.418 20.353,69.848 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5151"
+                 points="30.063,72.483 30.063,34.905 26.569,34.035 26.569,71.684 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5153"
+                 points="36.298,74.341 36.298,36.518 32.789,35.652 32.789,73.519 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5155"
+                 points="42.532,76.201 42.532,38.13 39.007,37.27 39.007,75.354 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5157"
+                 points="48.765,78.06 48.765,39.743 45.224,38.887 45.224,77.19 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5159"
+                 points="54.999,79.919 54.999,41.356 51.442,40.504 51.442,79.025 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5161"
+                 points="61.231,81.777 61.231,42.968 57.661,42.122 57.661,80.86 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5163"
+                 points="67.466,83.637 67.466,44.581 63.878,43.737 63.878,82.697 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5165"
+                 points="73.699,85.496 73.699,46.193 70.097,45.355 70.097,84.532 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5167"
+                 points="79.933,87.354 79.933,47.806 76.313,46.973 76.313,86.367 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+              <polygon
+                 id="polygon5169"
+                 points="82.532,88.203 86.165,89.213 86.165,49.418 82.532,48.589 "
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+            </g>
+            <g
+               id="g5171">
+              <polygon
+                 id="polygon5173"
+                 points="11.364,66.906 11.364,30.067 7.917,29.184 7.917,66.177 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5175"
+                 points="17.598,68.765 17.598,31.68 14.134,30.801 14.134,68.013 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5177"
+                 points="23.831,70.624 23.831,33.292 20.353,32.418 20.353,69.848 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5179"
+                 points="30.063,72.483 30.063,34.905 26.569,34.035 26.569,71.684 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5181"
+                 points="36.298,74.341 36.298,36.518 32.789,35.652 32.789,73.519 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5183"
+                 points="42.532,76.201 42.532,38.13 39.007,37.27 39.007,75.354 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5185"
+                 points="48.765,78.06 48.765,39.743 45.224,38.887 45.224,77.19 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5187"
+                 points="54.999,79.919 54.999,41.356 51.442,40.504 51.442,79.025 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5189"
+                 points="61.231,81.777 61.231,42.968 57.661,42.122 57.661,80.86 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5191"
+                 points="67.466,83.637 67.466,44.581 63.878,43.737 63.878,82.697 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5193"
+                 points="73.699,85.496 73.699,46.193 70.097,45.355 70.097,84.532 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5195"
+                 points="79.933,87.354 79.933,47.806 76.313,46.973 76.313,86.367 "
+                 style="fill:#394d54" />
+              <polygon
+                 id="polygon5197"
+                 points="82.532,88.203 86.165,89.213 86.165,49.418 82.532,48.589 "
+                 style="fill:#394d54" />
+            </g>
+          </g>
+          <polygon
+             id="polygon5199"
+             points="117.005,75.212 92.65,94.398 92.65,46.469 117.005,29.184 "
+             style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd" />
+          <polygon
+             id="polygon5201"
+             points="117.005,27.429 92.65,45.131 5,23.314 32.538,6.683 "
+             style="clip-rule:evenodd;fill:#ffffff;fill-rule:evenodd" />
+          <rect
+             id="rect5203"
+             height="92.299004"
+             width="3.5250001"
+             transform="matrix(0.241,-0.9705,0.9705,0.241,3.2084,72.3107)"
+             y="-12.046"
+             x="46.075001"
+             style="fill:#394d54" />
+          <rect
+             id="rect5205"
+             height="34.868999"
+             width="3.5250001"
+             transform="matrix(0.5701,0.8215,-0.8215,0.5701,74.5518,-71.3707)"
+             y="18.122"
+             x="103.715"
+             style="fill:#394d54" />
+          <rect
+             id="rect5207"
+             height="51.174"
+             width="3.523"
+             transform="matrix(1,-0.0022,0.0022,1,-0.1552,0.2041)"
+             y="44.498001"
+             x="90.234001"
+             style="fill:#394d54" />
+        </g>
+        <g
+           display="none"
+           id="g5209"
+           style="display:none">
+          <line
+             id="line5211"
+             y2="-492.659"
+             x2="-1830.454"
+             y1="-49.362"
+             x1="-77.349998"
+             stroke-miterlimit="10"
+             display="inline"
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+          <line
+             id="line5213"
+             y2="-492.659"
+             x2="-1830.454"
+             y1="-46.612"
+             x1="-77.349998"
+             stroke-miterlimit="10"
+             display="inline"
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+          <line
+             id="line5215"
+             y2="-492.659"
+             x2="-1830.454"
+             y1="-4.362"
+             x1="-77.349998"
+             stroke-miterlimit="10"
+             display="inline"
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+          <line
+             id="line5217"
+             y2="-492.659"
+             x2="-1830.454"
+             y1="-67.064003"
+             x1="-52.994999"
+             stroke-miterlimit="10"
+             display="inline"
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+          <line
+             id="line5219"
+             y2="-49.472"
+             x2="-76.915001"
+             y1="-492.659"
+             x1="532.88"
+             stroke-miterlimit="10"
+             display="inline"
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+          <line
+             id="line5221"
+             y2="-71.179001"
+             x2="-165"
+             y1="-492.659"
+             x1="532.88"
+             stroke-miterlimit="10"
+             display="inline"
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+          <line
+             id="line5223"
+             y2="-0.271"
+             x2="-77.349998"
+             y1="-492.659"
+             x1="532.88"
+             stroke-miterlimit="10"
+             display="inline"
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10" />
+        </g>
+      </g>
+      <g
+         transform="matrix(0.59683756,0,0,0.62856206,116.41511,318.58401)"
+         id="g5225">
+        <g
+           id="g5227">
+          <polygon
+             style="clip-rule:evenodd;fill:#394d54;fill-rule:evenodd"
+             points="0,19.314 0,72.66 92.65,101.222 122.005,77.57 122.005,22.429 32.038,0.183 "
+             id="polygon5229" />
+          <polygon
+             style="clip-rule:evenodd;fill:#a5eaf2;fill-rule:evenodd"
+             points="5,67.66 5,23.314 92.65,45.131 92.65,94.222 "
+             id="polygon5231" />
+          <g
+             id="g5233">
+            <g
+               id="g5235">
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="11.364,30.067 7.917,29.184 7.917,66.177 11.364,66.906 "
+                 id="polygon5237" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="17.598,31.68 14.134,30.801 14.134,68.013 17.598,68.765 "
+                 id="polygon5239" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="23.831,33.292 20.353,32.418 20.353,69.848 23.831,70.624 "
+                 id="polygon5241" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="30.063,34.905 26.569,34.035 26.569,71.684 30.063,72.483 "
+                 id="polygon5243" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="36.298,36.518 32.789,35.652 32.789,73.519 36.298,74.341 "
+                 id="polygon5245" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="42.532,38.13 39.007,37.27 39.007,75.354 42.532,76.201 "
+                 id="polygon5247" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="48.765,39.743 45.224,38.887 45.224,77.19 48.765,78.06 "
+                 id="polygon5249" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="54.999,41.356 51.442,40.504 51.442,79.025 54.999,79.919 "
+                 id="polygon5251" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="61.231,42.968 57.661,42.122 57.661,80.86 61.231,81.777 "
+                 id="polygon5253" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="67.466,44.581 63.878,43.737 63.878,82.697 67.466,83.637 "
+                 id="polygon5255" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="73.699,46.193 70.097,45.355 70.097,84.532 73.699,85.496 "
+                 id="polygon5257" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="79.933,47.806 76.313,46.973 76.313,86.367 79.933,87.354 "
+                 id="polygon5259" />
+              <polygon
+                 style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+                 points="86.165,89.213 86.165,49.418 82.532,48.589 82.532,88.203 "
+                 id="polygon5261" />
+            </g>
+            <g
+               id="g5263">
+              <polygon
+                 style="fill:#394d54"
+                 points="11.364,30.067 7.917,29.184 7.917,66.177 11.364,66.906 "
+                 id="polygon5265" />
+              <polygon
+                 style="fill:#394d54"
+                 points="17.598,31.68 14.134,30.801 14.134,68.013 17.598,68.765 "
+                 id="polygon5267" />
+              <polygon
+                 style="fill:#394d54"
+                 points="23.831,33.292 20.353,32.418 20.353,69.848 23.831,70.624 "
+                 id="polygon5269" />
+              <polygon
+                 style="fill:#394d54"
+                 points="30.063,34.905 26.569,34.035 26.569,71.684 30.063,72.483 "
+                 id="polygon5271" />
+              <polygon
+                 style="fill:#394d54"
+                 points="36.298,36.518 32.789,35.652 32.789,73.519 36.298,74.341 "
+                 id="polygon5273" />
+              <polygon
+                 style="fill:#394d54"
+                 points="42.532,38.13 39.007,37.27 39.007,75.354 42.532,76.201 "
+                 id="polygon5275" />
+              <polygon
+                 style="fill:#394d54"
+                 points="48.765,39.743 45.224,38.887 45.224,77.19 48.765,78.06 "
+                 id="polygon5277" />
+              <polygon
+                 style="fill:#394d54"
+                 points="54.999,41.356 51.442,40.504 51.442,79.025 54.999,79.919 "
+                 id="polygon5279" />
+              <polygon
+                 style="fill:#394d54"
+                 points="61.231,42.968 57.661,42.122 57.661,80.86 61.231,81.777 "
+                 id="polygon5281" />
+              <polygon
+                 style="fill:#394d54"
+                 points="67.466,44.581 63.878,43.737 63.878,82.697 67.466,83.637 "
+                 id="polygon5283" />
+              <polygon
+                 style="fill:#394d54"
+                 points="73.699,46.193 70.097,45.355 70.097,84.532 73.699,85.496 "
+                 id="polygon5285" />
+              <polygon
+                 style="fill:#394d54"
+                 points="79.933,47.806 76.313,46.973 76.313,86.367 79.933,87.354 "
+                 id="polygon5287" />
+              <polygon
+                 style="fill:#394d54"
+                 points="86.165,89.213 86.165,49.418 82.532,48.589 82.532,88.203 "
+                 id="polygon5289" />
+            </g>
+          </g>
+          <polygon
+             style="clip-rule:evenodd;fill:#31b4d3;fill-rule:evenodd"
+             points="92.65,94.398 92.65,46.469 117.005,29.184 117.005,75.212 "
+             id="polygon5291" />
+          <polygon
+             style="clip-rule:evenodd;fill:#ffffff;fill-rule:evenodd"
+             points="92.65,45.131 5,23.314 32.538,6.683 117.005,27.429 "
+             id="polygon5293" />
+          <rect
+             style="fill:#394d54"
+             x="46.075001"
+             y="-12.046"
+             transform="matrix(0.241,-0.9705,0.9705,0.241,3.2084,72.3107)"
+             width="3.5250001"
+             height="92.299004"
+             id="rect5295" />
+          <rect
+             style="fill:#394d54"
+             x="103.715"
+             y="18.122"
+             transform="matrix(0.5701,0.8215,-0.8215,0.5701,74.5518,-71.3707)"
+             width="3.5250001"
+             height="34.868999"
+             id="rect5297" />
+          <rect
+             style="fill:#394d54"
+             x="90.234001"
+             y="44.498001"
+             transform="matrix(1,-0.0022,0.0022,1,-0.1552,0.2041)"
+             width="3.523"
+             height="51.174"
+             id="rect5299" />
+        </g>
+        <g
+           style="display:none"
+           id="g5301"
+           display="none">
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="-77.349998"
+             y1="-49.362"
+             x2="-1830.454"
+             y2="-492.659"
+             id="line5303" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="-77.349998"
+             y1="-46.612"
+             x2="-1830.454"
+             y2="-492.659"
+             id="line5305" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="-77.349998"
+             y1="-4.362"
+             x2="-1830.454"
+             y2="-492.659"
+             id="line5307" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="-52.994999"
+             y1="-67.064003"
+             x2="-1830.454"
+             y2="-492.659"
+             id="line5309" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="532.88"
+             y1="-492.659"
+             x2="-76.915001"
+             y2="-49.472"
+             id="line5311" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="532.88"
+             y1="-492.659"
+             x2="-165"
+             y2="-71.179001"
+             id="line5313" />
+          <line
+             style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.3191731;stroke-miterlimit:10"
+             display="inline"
+             stroke-miterlimit="10"
+             x1="532.88"
+             y1="-492.659"
+             x2="-77.349998"
+             y2="-0.271"
+             id="line5315" />
+        </g>
+      </g>
+      <rect
+         style="opacity:1;fill:#394d54;fill-opacity:1;stroke:#005976;stroke-width:1.95111275;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         id="rect5078"
+         width="93.442245"
+         height="30.942587"
+         x="220.62865"
+         y="152.03131"
+         ry="8.0012312"
+         rx="5.394352" />
+      <g
+         transform="matrix(0.48549887,0,0,0.47493898,137.13218,138.44897)"
+         style="font-style:normal;font-weight:normal;font-size:40px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#dbdde0;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+         id="flowRoot6134">
+        <path
+           d="m 187.97742,46.673398 0,28.56 18.92,0 0,-3.2 -15.12,0 0,-25.36 -3.8,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path7725" />
+        <path
+           d="m 213.28305,50.833398 0,-4.16 -3.4,0 0,4.16 3.4,0 z m -3.4,3.72 0,20.68 3.4,0 0,-20.68 -3.4,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path7727" />
+        <path
+           d="m 218.5893,54.553398 0,20.68 3.4,0 0,-11.68 q 0,-1.4 0.36,-2.56 0.4,-1.2 1.16,-2.08 0.76,-0.88 1.88,-1.36 1.16,-0.48 2.72,-0.48 1.96,0 3.08,1.12 1.12,1.12 1.12,3.04 l 0,14 3.4,0 0,-13.6 q 0,-1.68 -0.36,-3.04 -0.32,-1.4 -1.16,-2.4 -0.84,-1 -2.2,-1.56 -1.36,-0.56 -3.4,-0.56 -4.6,0 -6.72,3.76 l -0.08,0 0,-3.28 -3.2,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path7729" />
+        <path
+           d="m 257.97492,75.233398 0,-20.68 -3.4,0 0,11.68 q 0,1.4 -0.4,2.6 -0.36,1.16 -1.12,2.04 -0.76,0.88 -1.92,1.36 -1.12,0.48 -2.68,0.48 -1.96,0 -3.08,-1.12 -1.12,-1.12 -1.12,-3.04 l 0,-14 -3.4,0 0,13.6 q 0,1.68 0.32,3.08 0.36,1.36 1.2,2.36 0.84,1 2.2,1.56 1.36,0.52 3.4,0.52 2.28,0 3.96,-0.88 1.68,-0.92 2.76,-2.84 l 0.08,0 0,3.28 3.2,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path7731" />
+        <path
+           d="m 268.68055,64.353398 -7.76,10.88 4.12,0 5.76,-8.56 5.76,8.56 4.36,0 -8,-11.16 7.12,-9.52 -4.08,0 -5.16,7.24 -4.96,-7.24 -4.36,0 7.2,9.8 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path7733" />
+        <path
+           d="m 306.71742,75.233398 10.16,-28.56 -3.96,0 -8.24,24.76 -0.08,0 -8.16,-24.76 -4.08,0 10.04,28.56 4.32,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path7735" />
+        <path
+           d="m 320.01055,46.673398 0,28.56 3.6,0 0,-23.76 0.08,0 8.92,23.76 3.24,0 8.92,-23.76 0.08,0 0,23.76 3.6,0 0,-28.56 -5.2,0 -9.04,24 -9,-24 -5.2,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path7737" />
+      </g>
+      <g
+         transform="translate(-31.485323,51.85119)"
+         style="font-style:normal;font-weight:normal;font-size:25px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#dbdde0;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+         id="flowRoot4370">
+        <path
+           d="m 253.57891,-22.320679 4.775,-17.85 -2.375,0 -3.625,14.85 -0.05,0 -3.95,-14.85 -2.575,0 -4,14.85 -0.05,0 -3.5,-14.85 -2.425,0 4.575,17.85 2.475,0 4.125,-15 0.05,0 4.075,15 2.475,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:25px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path4398" />
+        <path
+           d="m 262.49844,-37.570679 0,-2.6 -2.125,0 0,2.6 2.125,0 z m -2.125,2.325 0,12.925 2.125,0 0,-12.925 -2.125,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:25px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path4400" />
+        <path
+           d="m 265.81484,-35.245679 0,12.925 2.125,0 0,-7.3 q 0,-0.875 0.225,-1.6 0.25,-0.75 0.725,-1.3 0.475,-0.55 1.175,-0.85 0.725,-0.3 1.7,-0.3 1.225,0 1.925,0.7 0.7,0.7 0.7,1.9 l 0,8.75 2.125,0 0,-8.5 q 0,-1.05 -0.225,-1.9 -0.2,-0.875 -0.725,-1.5 -0.525,-0.625 -1.375,-0.975 -0.85,-0.35 -2.125,-0.35 -2.875,0 -4.2,2.35 l -0.05,0 0,-2.05 -2,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:25px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path4402" />
+        <path
+           d="m 281.28086,-28.670679 q 0,-0.95 0.2,-1.85 0.2,-0.9 0.65,-1.6 0.45,-0.7 1.2,-1.125 0.75,-0.425 1.825,-0.425 1.1,0 1.875,0.425 0.775,0.4 1.25,1.075 0.5,0.675 0.725,1.575 0.225,0.875 0.225,1.825 0,0.9 -0.225,1.775 -0.2,0.875 -0.675,1.575 -0.475,0.675 -1.225,1.1 -0.75,0.425 -1.825,0.425 -1.025,0 -1.8,-0.4 -0.75,-0.4 -1.25,-1.075 -0.475,-0.675 -0.725,-1.525 -0.225,-0.875 -0.225,-1.775 z m 10,6.35 0,-17.85 -2.125,0 0,6.65 -0.05,0 q -0.35,-0.575 -0.875,-0.95 -0.5,-0.4 -1.075,-0.625 -0.575,-0.25 -1.15,-0.35 -0.575,-0.1 -1.075,-0.1 -1.475,0 -2.6,0.55 -1.1,0.525 -1.85,1.45 -0.725,0.9 -1.1,2.125 -0.35,1.225 -0.35,2.6 0,1.375 0.375,2.6 0.375,1.225 1.1,2.15 0.75,0.925 1.85,1.475 1.125,0.55 2.625,0.55 1.35,0 2.475,-0.475 1.125,-0.475 1.65,-1.55 l 0.05,0 0,1.75 2.125,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:25px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path4404" />
+        <path
+           d="m 296.07578,-28.770679 q 0,-1.175 0.3,-2.075 0.325,-0.925 0.875,-1.55 0.55,-0.625 1.275,-0.95 0.75,-0.325 1.575,-0.325 0.825,0 1.55,0.325 0.75,0.325 1.3,0.95 0.55,0.625 0.85,1.55 0.325,0.9 0.325,2.075 0,1.175 -0.325,2.1 -0.3,0.9 -0.85,1.525 -0.55,0.6 -1.3,0.925 -0.725,0.325 -1.55,0.325 -0.825,0 -1.575,-0.325 -0.725,-0.325 -1.275,-0.925 -0.55,-0.625 -0.875,-1.525 -0.3,-0.925 -0.3,-2.1 z m -2.25,0 q 0,1.425 0.4,2.65 0.4,1.225 1.2,2.15 0.8,0.9 1.975,1.425 1.175,0.5 2.7,0.5 1.55,0 2.7,-0.5 1.175,-0.525 1.975,-1.425 0.8,-0.925 1.2,-2.15 0.4,-1.225 0.4,-2.65 0,-1.425 -0.4,-2.65 -0.4,-1.25 -1.2,-2.15 -0.8,-0.925 -1.975,-1.45 -1.15,-0.525 -2.7,-0.525 -1.525,0 -2.7,0.525 -1.175,0.525 -1.975,1.45 -0.8,0.9 -1.2,2.15 -0.4,1.225 -0.4,2.65 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:25px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path4406" />
+        <path
+           d="m 321.63242,-22.320679 4.125,-12.925 -2.2,0 -2.9,10.575 -0.05,0 -2.7,-10.575 -2.325,0 -2.6,10.575 -0.05,0 -2.925,-10.575 -2.35,0 4.15,12.925 2.3,0 2.6,-10.275 0.05,0 2.625,10.275 2.25,0 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:25px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path4408" />
+        <path
+           d="m 329.07773,-26.395679 -2.125,0 q 0.05,1.2 0.5,2.05 0.45,0.825 1.2,1.35 0.75,0.5 1.725,0.725 0.975,0.225 2.05,0.225 0.975,0 1.95,-0.2 1,-0.175 1.775,-0.65 0.8,-0.475 1.275,-1.25 0.5,-0.775 0.5,-1.95 0,-0.925 -0.375,-1.55 -0.35,-0.625 -0.95,-1.025 -0.575,-0.425 -1.35,-0.675 -0.75,-0.25 -1.55,-0.425 -0.75,-0.175 -1.5,-0.325 -0.75,-0.175 -1.35,-0.4 -0.6,-0.25 -1,-0.6 -0.375,-0.375 -0.375,-0.925 0,-0.5 0.25,-0.8 0.25,-0.325 0.65,-0.5 0.4,-0.2 0.875,-0.275 0.5,-0.075 0.975,-0.075 0.525,0 1.025,0.125 0.525,0.1 0.95,0.35 0.425,0.25 0.7,0.675 0.275,0.4 0.325,1.025 l 2.125,0 q -0.075,-1.175 -0.5,-1.95 -0.425,-0.8 -1.15,-1.25 -0.7,-0.475 -1.625,-0.65 -0.925,-0.2 -2.025,-0.2 -0.85,0 -1.725,0.225 -0.85,0.2 -1.55,0.65 -0.675,0.425 -1.125,1.125 -0.425,0.7 -0.425,1.675 0,1.25 0.625,1.95 0.625,0.7 1.55,1.1 0.95,0.375 2.05,0.6 1.1,0.2 2.025,0.475 0.95,0.25 1.575,0.675 0.625,0.425 0.625,1.25 0,0.6 -0.3,1 -0.3,0.375 -0.775,0.575 -0.45,0.2 -1,0.275 -0.55,0.075 -1.05,0.075 -0.65,0 -1.275,-0.125 -0.6,-0.125 -1.1,-0.4 -0.475,-0.3 -0.775,-0.775 -0.3,-0.5 -0.325,-1.2 z"
+           style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:25px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue';fill:#dbdde0;fill-opacity:1"
+           id="path4410" />
+      </g>
+    </g>
+  </g>
+  <g
+     inkscape:label="default"
+     inkscape:groupmode="layer"
+     id="layer1"
+     transform="translate(-73.928551,-292.36218)">
+    <flowRoot
+       xml:space="preserve"
+       id="flowRoot4362"
+       style="fill:black;stroke:none;stroke-opacity:1;stroke-width:1px;stroke-linejoin:miter;stroke-linecap:butt;fill-opacity:1;font-family:sans-serif;font-style:normal;font-weight:normal;font-size:40px;line-height:125%;letter-spacing:0px;word-spacing:0px"><flowRegion
+         id="flowRegion4364"><rect
+           id="rect4366"
+           width="95.964493"
+           height="43.436558"
+           x="171.72594"
+           y="102.005" /></flowRegion><flowPara
+         id="flowPara4368" /></flowRoot>    <g
+       style="display:none"
+       id="Layer_2"
+       display="none"
+       transform="translate(862.40058,602.59637)">
+      <line
+         style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10"
+         display="inline"
+         stroke-miterlimit="10"
+         x1="-77.349998"
+         y1="-49.362"
+         x2="-1830.454"
+         y2="-492.659"
+         id="line4716" />
+      <line
+         style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10"
+         display="inline"
+         stroke-miterlimit="10"
+         x1="-77.349998"
+         y1="-46.612"
+         x2="-1830.454"
+         y2="-492.659"
+         id="line4718" />
+      <line
+         style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10"
+         display="inline"
+         stroke-miterlimit="10"
+         x1="-77.349998"
+         y1="-4.362"
+         x2="-1830.454"
+         y2="-492.659"
+         id="line4720" />
+      <line
+         style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10"
+         display="inline"
+         stroke-miterlimit="10"
+         x1="-52.994999"
+         y1="-67.064003"
+         x2="-1830.454"
+         y2="-492.659"
+         id="line4722" />
+      <line
+         style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10"
+         display="inline"
+         stroke-miterlimit="10"
+         x1="532.88"
+         y1="-492.659"
+         x2="-76.915001"
+         y2="-49.472"
+         id="line4724" />
+      <line
+         style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10"
+         display="inline"
+         stroke-miterlimit="10"
+         x1="532.88"
+         y1="-492.659"
+         x2="-165"
+         y2="-71.179001"
+         id="line4726" />
+      <line
+         style="display:inline;fill:none;stroke:#24b8eb;stroke-width:0.25;stroke-miterlimit:10"
+         display="inline"
+         stroke-miterlimit="10"
+         x1="532.88"
+         y1="-492.659"
+         x2="-77.349998"
+         y2="-0.271"
+         id="line4728" />
+    </g>
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#marker5920)"
+       d="M 187.77436,389.79113 C 131.26725,402.59092 53.961508,490.55977 172.27674,510.09709"
+       id="path5884"
+       inkscape:connector-curvature="0"
+       sodipodi:nodetypes="cc" />
+    <rect
+       style="opacity:1;fill:#f2f2f2;fill-opacity:1;stroke:#005976;stroke-width:3;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       id="rect4461"
+       width="151.48232"
+       height="31.31473"
+       x="107.04051"
+       y="357.65875" />
+    <g
+       transform="matrix(1.1029002,0,0,1.1071429,-80.18049,321.25181)"
+       style="font-style:normal;font-weight:normal;font-size:40px;line-height:125%;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       id="flowRoot4354">
+      <path
+         d="m 187.98859,51.93976 0,-10.026972 2.89587,0 q 1.19455,0 2.00902,0.343886 0.81446,0.325786 1.32124,0.977358 0.52488,0.633473 0.74207,1.556533 0.23529,0.904962 0.23529,2.063312 0,1.194549 -0.25339,2.045213 -0.23529,0.832565 -0.61537,1.393641 -0.38009,0.561076 -0.86876,0.886862 -0.47058,0.325786 -0.95926,0.506778 -0.48868,0.162893 -0.92306,0.217191 -0.43439,0.0362 -0.72397,0.0362 l -2.85968,0 z m -1.71943,-11.47491 0,12.922849 4.43431,0 q 1.61083,0 2.78728,-0.452481 1.17645,-0.452481 1.93662,-1.303144 0.76017,-0.868763 1.12215,-2.11761 0.36199,-1.266946 0.36199,-2.895877 0,-3.113067 -1.61083,-4.633402 -1.61083,-1.520335 -4.59721,-1.520335 l -4.43431,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path6983"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 199.86394,48.718098 q 0,-0.850664 0.2172,-1.502236 0.23529,-0.669671 0.63347,-1.122152 0.39818,-0.452481 0.92306,-0.687771 0.54298,-0.23529 1.14025,-0.23529 0.59727,0 1.12215,0.23529 0.54298,0.23529 0.94116,0.687771 0.39819,0.452481 0.61538,1.122152 0.23529,0.651572 0.23529,1.502236 0,0.850664 -0.23529,1.520335 -0.21719,0.651572 -0.61538,1.104053 -0.39818,0.434381 -0.94116,0.669671 -0.52488,0.23529 -1.12215,0.23529 -0.59727,0 -1.14025,-0.23529 -0.52488,-0.23529 -0.92306,-0.669671 -0.39818,-0.452481 -0.63347,-1.104053 -0.2172,-0.669671 -0.2172,-1.520335 z m -1.62893,0 q 0,1.031656 0.28959,1.918518 0.28959,0.886862 0.86876,1.556534 0.57918,0.651572 1.42984,1.031656 0.85067,0.361984 1.95472,0.361984 1.12215,0 1.95472,-0.361984 0.85066,-0.380084 1.42984,-1.031656 0.57917,-0.669672 0.86876,-1.556534 0.28959,-0.886862 0.28959,-1.918518 0,-1.031656 -0.28959,-1.918518 -0.28959,-0.904962 -0.86876,-1.556534 -0.57918,-0.669671 -1.42984,-1.049755 -0.83257,-0.380084 -1.95472,-0.380084 -1.10405,0 -1.95472,0.380084 -0.85066,0.380084 -1.42984,1.049755 -0.57917,0.651572 -0.86876,1.556534 -0.28959,0.886862 -0.28959,1.918518 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path6985"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 215.45219,47.03487 1.59273,0 q -0.0905,-0.832565 -0.43438,-1.429839 -0.34389,-0.615374 -0.88686,-1.013557 -0.52488,-0.398183 -1.23075,-0.579175 -0.68777,-0.199092 -1.48414,-0.199092 -1.10405,0 -1.93662,0.398183 -0.83256,0.380084 -1.39364,1.067855 -0.54297,0.669671 -0.81446,1.592732 -0.27149,0.904961 -0.27149,1.954716 0,1.049756 0.27149,1.936618 0.28959,0.868763 0.83256,1.502236 0.56108,0.633473 1.37554,0.977358 0.83257,0.343885 1.90042,0.343885 1.79183,0 2.82348,-0.94116 1.04976,-0.941159 1.30315,-2.678685 l -1.57464,0 q -0.14479,1.085953 -0.79636,1.683228 -0.63347,0.597274 -1.77373,0.597274 -0.72397,0 -1.24884,-0.289587 -0.52488,-0.289588 -0.85067,-0.760168 -0.32578,-0.488679 -0.48868,-1.104053 -0.14479,-0.615374 -0.14479,-1.266946 0,-0.70587 0.14479,-1.357442 0.1448,-0.669671 0.47058,-1.17645 0.34389,-0.506778 0.90497,-0.814465 0.56107,-0.307687 1.39364,-0.307687 0.97735,0 1.55653,0.488679 0.57917,0.48868 0.76017,1.375542 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path6987"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 218.91112,40.46485 0,12.922849 1.53843,0 0,-3.547449 1.44794,-1.339343 3.20357,4.886792 1.95471,0 -3.98183,-5.954646 3.71034,-3.402655 -2.06331,0 -4.27142,4.090425 0,-7.655973 -1.53843,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path6989"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 234.72136,47.813137 -5.37547,0 q 0.0362,-0.542977 0.23529,-1.013557 0.19909,-0.488679 0.54298,-0.850664 0.34388,-0.361985 0.81446,-0.561076 0.48868,-0.217191 1.08596,-0.217191 0.57917,0 1.04975,0.217191 0.48868,0.199091 0.83257,0.561076 0.36198,0.343885 0.56107,0.832565 0.21719,0.488679 0.25339,1.031656 z m 1.48414,2.606288 -1.52034,0 q -0.19909,0.923061 -0.83256,1.375542 -0.61538,0.45248 -1.59273,0.45248 -0.76017,0 -1.32125,-0.253389 -0.56107,-0.253389 -0.92306,-0.669671 -0.36198,-0.434382 -0.52488,-0.977359 -0.16289,-0.561076 -0.14479,-1.176449 l 7.0044,0 q 0.0362,-0.850664 -0.16289,-1.791824 -0.18099,-0.94116 -0.68777,-1.737526 -0.48868,-0.796366 -1.32125,-1.303144 -0.81446,-0.524878 -2.06331,-0.524878 -0.95926,0 -1.77372,0.361985 -0.79637,0.361984 -1.39364,1.013556 -0.57918,0.651573 -0.90496,1.538435 -0.32579,0.886862 -0.32579,1.954716 0.0362,1.067855 0.30769,1.972816 0.28958,0.904962 0.85066,1.556534 0.56108,0.651572 1.37554,1.013557 0.83257,0.361984 1.95472,0.361984 1.59273,0 2.64249,-0.796366 1.04975,-0.796366 1.35744,-2.370999 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path6991"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 237.8907,44.030398 0,9.357301 1.53844,0 0,-4.162823 q 0,-0.904961 0.18099,-1.592732 0.18099,-0.70587 0.57918,-1.194549 0.39818,-0.488679 1.04975,-0.742068 0.65157,-0.253389 1.57463,-0.253389 l 0,-1.628931 q -1.24884,-0.0362 -2.06331,0.506779 -0.81446,0.542976 -1.37554,1.683228 l -0.0362,0 0,-1.972816 -1.44794,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path6993"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 255.3624,47.03487 1.59273,0 q -0.0905,-0.832565 -0.43438,-1.429839 -0.34389,-0.615374 -0.88686,-1.013557 -0.52488,-0.398183 -1.23075,-0.579175 -0.68777,-0.199092 -1.48414,-0.199092 -1.10405,0 -1.93661,0.398183 -0.83257,0.380084 -1.39364,1.067855 -0.54298,0.669671 -0.81447,1.592732 -0.27149,0.904961 -0.27149,1.954716 0,1.049756 0.27149,1.936618 0.28959,0.868763 0.83256,1.502236 0.56108,0.633473 1.37555,0.977358 0.83256,0.343885 1.90041,0.343885 1.79183,0 2.82348,-0.94116 1.04976,-0.941159 1.30315,-2.678685 l -1.57463,0 q -0.1448,1.085953 -0.79637,1.683228 -0.63347,0.597274 -1.77372,0.597274 -0.72397,0 -1.24885,-0.289587 -0.52488,-0.289588 -0.85067,-0.760168 -0.32578,-0.488679 -0.48867,-1.104053 -0.1448,-0.615374 -0.1448,-1.266946 0,-0.70587 0.1448,-1.357442 0.14479,-0.669671 0.47058,-1.17645 0.34388,-0.506778 0.90496,-0.814465 0.56107,-0.307687 1.39364,-0.307687 0.97736,0 1.55653,0.488679 0.57918,0.48868 0.76017,1.375542 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path6995"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 258.82133,40.46485 0,12.922849 1.53844,0 0,-12.922849 -1.53844,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path6997"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 264.38967,42.34717 0,-1.88232 -1.53844,0 0,1.88232 1.53844,0 z m -1.53844,1.683228 0,9.357301 1.53844,0 0,-9.357301 -1.53844,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path6999"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 273.28827,47.813137 -5.37547,0 q 0.0362,-0.542977 0.23529,-1.013557 0.19909,-0.488679 0.54297,-0.850664 0.34389,-0.361985 0.81447,-0.561076 0.48868,-0.217191 1.08595,-0.217191 0.57918,0 1.04976,0.217191 0.48868,0.199091 0.83256,0.561076 0.36199,0.343885 0.56108,0.832565 0.21719,0.488679 0.25339,1.031656 z m 1.48413,2.606288 -1.52033,0 q -0.19909,0.923061 -0.83257,1.375542 -0.61537,0.45248 -1.59273,0.45248 -0.76017,0 -1.32124,-0.253389 -0.56108,-0.253389 -0.92306,-0.669671 -0.36199,-0.434382 -0.52488,-0.977359 -0.16289,-0.561076 -0.14479,-1.176449 l 7.0044,0 q 0.0362,-0.850664 -0.1629,-1.791824 -0.18099,-0.94116 -0.68777,-1.737526 -0.48868,-0.796366 -1.32124,-1.303144 -0.81446,-0.524878 -2.06331,-0.524878 -0.95926,0 -1.77373,0.361985 -0.79636,0.361984 -1.39364,1.013556 -0.57917,0.651573 -0.90496,1.538435 -0.32578,0.886862 -0.32578,1.954716 0.0362,1.067855 0.30768,1.972816 0.28959,0.904962 0.85067,1.556534 0.56107,0.651572 1.37554,1.013557 0.83256,0.361984 1.95471,0.361984 1.59274,0 2.64249,-0.796366 1.04976,-0.796366 1.35744,-2.370999 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path7001"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 276.51191,44.030398 0,9.357301 1.53844,0 0,-5.284975 q 0,-0.633473 0.16289,-1.15835 0.18099,-0.542977 0.52488,-0.94116 0.34388,-0.398183 0.85066,-0.615374 0.52488,-0.217191 1.23075,-0.217191 0.88686,0 1.39364,0.506779 0.50678,0.506778 0.50678,1.375541 l 0,6.33473 1.53843,0 0,-6.153738 q 0,-0.760167 -0.16289,-1.375541 -0.1448,-0.633473 -0.52488,-1.085954 -0.38008,-0.45248 -0.99546,-0.70587 -0.61537,-0.253389 -1.53843,-0.253389 -2.08141,0 -3.04067,1.701328 l -0.0362,0 0,-1.484137 -1.44794,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path7003"
+         inkscape:connector-curvature="0" />
+      <path
+         d="m 288.72239,44.030398 0,-2.80538 -1.53844,0 0,2.80538 -1.59273,0 0,1.357442 1.59273,0 0,5.954646 q 0,0.651572 0.1267,1.049755 0.12669,0.398183 0.38008,0.615374 0.27149,0.217191 0.68777,0.307687 0.43439,0.0724 1.03166,0.0724 l 1.17645,0 0,-1.357442 -0.70587,0 q -0.36199,0 -0.59727,-0.0181 -0.2172,-0.0362 -0.34389,-0.126694 -0.12669,-0.0905 -0.18099,-0.253389 -0.0362,-0.162893 -0.0362,-0.434382 l 0,-5.809852 1.86422,0 0,-1.357442 -1.86422,0 z"
+         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:18.09922791px;font-family:'Helvetica Neue';-inkscape-font-specification:'Helvetica Neue'"
+         id="path7005"
+         inkscape:connector-curvature="0" />
+    </g>
+  </g>
+</svg>
diff --git a/docs/installation/images/win_ver.png b/docs/installation/images/win_ver.png
new file mode 100644
index 0000000000000000000000000000000000000000..2a8fd9035b4028c7c1ea51cbcacd347d1112ce31
GIT binary patch
literal 50312
zcmZsD1ys~q`?Uf}gLF62NOwxBG)i~Z(9$6iLx+HXl(b4Cox%V^ch>+z*U%l`aJ~2a
zzt{I$>$jF`2`8Tud+%o-!c~>!G0{lT9zA-5`AR`X{m~=D@JEjxbD=zi|IY~1hB^G7
z$FAz~Qjbap$+sRol6>?^=H*+@$GaJ*zVFsD?y~IJOpu>EnIU>kTOIKZmA(3%oTT2Y
zt>tSG-D{h+Sv70cF`N6EeD*QSl5aekoBZx9&^*oWbn3$_+Ck_j-yVk`wbSZ-C=Y&y
zpmPUv-S=}G6ch3oP;z;dc@8~ggPr-bZaBGS9bY%YdbFFp-y<f<NFx3D{d(5T5OQ<l
z+xF}+&L5w`$6r@^j!HS2bDF6Kg%X#fs&C&0D?-RK@c-vmH{+1#aYa@wroPJl(ZsK;
z4>CCtL>UBslnKOoB}rQ$ZRn1v`)8kSP!;H}Tt{^N><_$=^a&-A)owoPfBz^DOKGXH
z??t5D4XowbL4R%bO?I%%$}$M(bTOPgJWXb7SYdrv<oHcqT6*by<ovA4#-M?7&-3Kq
zUOV|e8<(Nx4z$bk>gw^m<;g;2#ozMP&c>&pXTXh?^tA(ZsZOP)rY<oG)E3QH(y+3Q
z`PL0cwYK<`TMapccRXX?3;Tfb-(MbCptfPVXLIy-Qld_pCo~e8Of?0PtAd}tBwQqw
ztuDWDWmvAM*Er~O^v7!Tz5eOBox!EuV8iR*?7-_^v27|$tfr-v%%W)v?<e&D3Y$R#
z{>^Ar)=pU~B{+uS4G$~g`pu@i1j1f)Vu~ZUZLcF7PfcAN_q%8BkluASjAtENx~iqQ
z=17}a^23xMVXWJVyxylvkKAh+kEVx?Rs|q9I8V<a#JeTnhU;u($jVKPeVC!W#`mT`
z#-bvR%v$&yIWx5{y|-n;fKmPU^z?M^9?dqGcDM~?e0<#aY<K2j0p<^Ey}yMmjS2Ys
zUx27gkJks7bJgCyT|EKa>C*Xah(J)I*NpDgjGV6bYUK&+*iAHGi_M42*a5^llO=Ye
zO>2V~ed%+DP;jnLlx~`9LSXf1_~(@=^5chUp`AoVNM#}#O;b|muUx+sl|FPkT?DCE
zHLr93c9Qs|VthB_><vww%@_le!rrO<4KnsOxn%oX3>7Uz5<Wq<XLX0O34(rCyo79N
zQFvB@?<!tqc1+fN+?GbtP5qU1e`8e$Uh7K+`p+N9`1`jU+gP~j<~0ua?YqWUji?k?
zD*#L7B<?SV%x<qvm4YGr3yl?aQ!h9n8J7JifrA+$jVd+}prjA9@VaAzb|>+#S>-{P
z4C*$iKi4x$;gVhPfi(jI?t3^6PR9D8#7MfkyCv_BZJoC^e|kchHJX=^7-AQqgp4+0
zVB&9qZK-;kUtc^cc&EjvVrr)^b4r6yBKyI_;e>k8eGb4C5-vbKLGjeOSvcT&4nppj
zEzpr*0c$!|E;eW+#A8r&l0pGcL}-L=)`L!RPLt61eYLxuy(RnfTII*-qD~`ibmtkY
zhD%p)Cyqv1_1(KQ6j{CGx#J-Ts_N=$CJqjdEUdkR)HE)h>B8zHLl(Q%JxJ_N0OyzH
zV(|3`z#RWfOIpJ9)inQto`+72$)0(tXX+@{oW#!YON%`G$gC0~z&smt&<a9cYjnW~
z1`nI8&m4Nf3}%PUQf^A03>`w1*@i04V31bndB*(;J0m2SuVy&q5LkT8UPdTE$O*MB
zM~>JOsaY&DuFClf`N6RO*{Sc>N=P<h!tb|(f4;B&_DwK+e_<#mr%uBErY!g1r;#`i
zkw8e$sTlo?vd3LYX(*lRh3s>jXMyh0zd{oXy|?n!z#UYT`%Z7YyUz9(=2nqm=Pl=A
z^YEZ3U#vz8EQVdfS|OJ&2RNI+ls^49mc@N$X_*0cUN_rXt!N=zopZ@0S>5iN!`aG*
zD=Vg=cNfr@j4I&PhQxjS&+7X~Uc&XUE<U?S!S-019CV@=9aAl5d=R1Z6Ex*aQ4;)&
z{f=iKj)2R)7*9)|#giTt|51}&!m{0jkC}#5RQDI)brZ<gATg!aDo&v{{ovvBbsFS`
z!EKND#~Zbwo%5qU4iPB1kPAJf|Ak3eYBqG8JKu9ftaImO0r^G{wm7jZq!BNYst-&m
zaJ+EN=jFaN+Bx^G!wlBE^J3G3J;z|o5PtB7U3Uy9T+>n`&<?93(W0vPwB%n!kCzez
zX_8l_FVuR)Zx?L)D#lNj97)|Y?E+SlR9vrC(FzEF(Lm0hkG1YW4)$JUNJjU{T$$Q@
zXluxo<uFOcT_JK$%+PiEf^F{a6gYw&D8sHtg%Y<tI4<s`1R>a+OI^`qpkSPhyJ$+W
zSrT&4#^&>)Qht+NHC&J`AVcOVV$?i=4ei(7TrDWV#5>qNiyZw4>XQfpb9?Gh?c!+i
zR!sDKk3`zu2#2!AS_bdm;c2q*xUMV8Z{C6fZh+92u932{ul@0Z73YtpW3uh0N@D~*
zd1)DXSy+pTx)*xx<$tSHEKo`deT?`tShPQ$xc=Jag~s9=hk_;!hvrjF4<e<r+`~vd
zhjk5Vm;I9FG9mxUD1my|g6DQeLjlFIcsMYj_u+(8LD;`M_rLy5T5UAvzo9;1B)V7E
z4BS78A8hQ)vz1t9<!pjUtg>=o!M;oRx$|=mX)Z?^35FU<H=4L^ang~iq^5?=bZ@I~
z1?Rv1zsXX)c&n)yiWFX*zU;3E>@RX7R_`$vdp{U>N%e&GcrVt;XR-PHRCr;THK2a(
zc1tAy%|C@Wre|1^b=x!MWB>Xb_x$W?P2|R|Hq-d)H*XGShWsZ9F#*i{x450iMCHpD
zOl<SvUKk*Y6uM>)`!qwQn6Ve$AntUP9<$6sNpsH?d5J4Eu=EaKY(e}w3cRS6D_38X
zEgws%Ol87oMo!;1&Tj`}_EAi;_Nl@TH!61K$?A#NxAv3iJzk`X@0~dwDP`_+OT6wl
z8rJ;l3jKPD(t#iDput28#HI?J;6NrUSmu%l)G|nSitv`rZ)`b(BZENz0zT=?`eQXV
z8jlw-pJ)<Jc)jq%6l&*PBB7UN)^s6sPiCp^4v-y3!oVk$VyEL8YMo`Z+|rmc$jvbh
z6}Ek9n_TmU`;9R7bp&<JY2mR#6_0kk5)_Nu&PXDWwK`in2M33@KA$S4W(kIB>J^!r
zE~#^bdir7kvSb2fUV3>7Q{%Iy$8%6WQ}DNvhod@7atAMr#GyCD)_!~DCy{dcw~h)Z
zcp$waSJ3w&4An~5TyuUdsIqc_LDa6$D?%?6Fjr%?GpX*G#XIL-1qU^P0;t1?3Xa|P
zH$(R_<RA1D8qn3WxxJbt_PN9NYvqip(hRvnzv@<Wy_16~#oI@{gOJ&7YArSrN0vyx
zgktekzh|ZwvWm+tO{dyO{!~3xR-&+>8)3u7kuyap(5elMNrC}H2&6s(x*7`jA)zEb
zdrK8Q>7q67M{mWmOI|;0YH9?4G<AVOUUGR(4uXELWp`XQ0|qNq0)yYUV#<9TYS5Qe
zPXhP-`EZRw<>iK*Qjo+QR6_VoRlqX3(XR<DqXqt4^)h%Z>{1_S!%er6v<y-8qCaIE
zA~Q<h(_&1yarC#>`{<7cyLPQ$-kYbT6A=SqOj)i?1L8knQdo#<m8_=!^3<Rwqw+f$
zDHn=fJnIf`+O-p$h9P2$KGW<+6T92As$33F$Fr4I@>(<`+n-y-@^f=lo-~|uXqtP=
zS&dFnp%N1hjY%|p*pRKhHJ6imjv?({dmudT*8vAXR5IMpx4q7*joaYy;~!mw;fW{%
zegjS2WJ&nJRqJSEWr(p+Rfm`L$zf67UQ=){w2$LH&TDj$f>o>3&40YU&*tH>@xxh)
zRUe!(GYv~Kxa<p+I}+XKc7Cor7-%Nm=iI5>>ZJVn{7tcREYaLS%hO*5;sk#6bI1D{
z<ec^iu4qDpXn3XgUlekpsjjEN?VfSDr;2j6k?0Ak7piW<WL2h}5zicF+e6+qnH1|k
zvcA8&HGyg55!o*`d6`VL5575prWZHIcP)!$p%p;x&T2C(_r$s<j7hl3nL9xolXcCP
z7z=wdKMP$c-~%@#3T3=sA!>CJ9gg2U6oGlLYY)P{H0;z)U3ZAd?M42DGpk+%MokoH
z2~1O=`y1SE1c*ljA@>dFN8epsO~KFzbbeY^|5U+#91zFpT#5_HSK!F`^n1}Cqa0kH
zX8P<q%h*=IY&<wlzNwWTpW;=>d~3`+8%vffw)=5S?^l+=h6ji3fv)k7?)N+N>$=!6
z7J|&{zW-fGAI{hApD@KJd3tp=RqDzZB-1{F<Vky>OnBiuzOt|@+=s$3FR3l-Y{0+1
zszp3(H*Z|yuoob5v*)3!-1^SLUtgkzoOao2T>|8(;~&cHl_q!-K9oCCcqr#XUe!ha
zu*CoM4JSSVDXqP-@0GRslh1qw;l?TKmM0q`68*_I3g8?ijeCUT-{j#j&Sv=odD+dM
z`t>Jy`O5q_yrV$TP3}*YAj}r{4fcwSnR%<+nAhpg3a!hK<YFl)oUPSlY3-sZMEFfD
zEFR99e}CzENQ-b3^6e?>JTD8S#l!6U_a_OarH-GjD6N%a{rBLh5!B!WNv<<j@y~WQ
zwI2pDc{*wR=Rl}g-~;*QnaKQSRTPmQWK6*gi=@9#!~g1l%=2f*1jK4~tUP-t_H#At
zd-k7R{$CJ`QKLwBy7s%OCmhr2IKQhRGsbPU7HQY%>eFY6`4A#wQ+8~P6-w8*ZH+!b
ze2O8dtgO7L&*DK!O6s)UPcl9=1^hD5-!D_BoDmlvk0U%~=%MbHP^G0zn*7f!NYXuy
zsQ7$`8DG3)XVXZ^Y^{PcD2C8;*BHS+N{APZZ(Y`Ogf>~M6Er`sf3h_O#sT2l;X47b
zDB6Qj@eW2}{qe<o&Y~>M=Dpz1R?z!|DTZ8V1w|E2YS!f1TpGWy+2?%!nJJfp6AROy
zlkyUQofg+)cRH{z%b%1;-|6uKU|3yS<9pl^aPN;#K(O3~Ow|Ezl%j1qPZfbtIbARi
zUY+nq*NcPY&G~xQgxRE|q;KE8{ep8)=Mh<=2Y8~?TQ!9T#7crL1tMlI^L>4MQ`VAA
zdD6t~Y$s7)zrf|bJFV*VCx3LqKwu^c&(DX0zHmmT+tVpJ2?+_>PIQi@XAhSq9d$B?
zQA|UFu)g2v1WuoPpP>JZAQtgsndPZm`PeYoR4}$!G=3$1!ikG}uuR~^WN37D_Gn|T
zii3mJ&jBe-&4Np(v=D#4YvYYU?*HYll3<!R_4w{*qn=1PWE{;=7_zres{63xK@n^^
z`4~4V@VvzPZT!uos8z8OyRSyA{)0AXosk?Zb)D;SSEm%P`i)GVL1ynUC4o-8=cO)2
zm#-;p8&989HXzP4b8gugaI)=)ji(OJkDclWI@2OcTo<~?SAi$KqJ{sn4&Ag7inPkQ
zz!G<dSR($I`be{^fr%{$(4m04pHPyMV`_()$|q;gkXL0ZaO!*5&odOv&JShZ5VN$V
zmsT8-xW5To&d1<d1E(?J`<!lvz?X#Q&)J(41ZOy#8w5vmz9mU|zo=vG#utf_%3i6G
zJ>|S~&{lCV1E^2&+Y=wpr0l923oe!Bu6d`W1;xv{2<8z;bd|3kas|Y1>R4LuiNKoh
zCdG!Z$ptyh>0m^TspV*|C}p-Kde(C^bEh(!E|;gLJ$&Abc-EX<c(r1XaOcVHr<s@O
z+3_e$Do?;qS3v=krmO8D?Fv&_UE)4S>iN8D?D1tAw*MnxTwRumy{y|^tB3nd-@u6m
zY;?P=MRQ&E&^qnR;PI*@$=zJ*t=>HJjX8Pzl}cXpnf7OmjZE)t=9{DBRyXnajry9`
z%y{9A9x!)JE{l}!0&1H#a4_j2uCLw2p{DI}Is)f3t@aRCMwLvrj;K=%Z*=FtbT}p#
zq4Fkc4tHfhg)|@is8zJ1(hIb{&evAdWOB*RO*Zl;A>+5_9K$9{KNxL8{4w%;jtMj-
z7iTfPH2iX@%T7fY<3DUWTUIRmW?AtJay3~i<w{M&t{XgM6tI9LvJBugiE}b5MZ*tu
zY`v{9V{8@N7|fWnG@Z22RBv4Mhc%xIySiL{SSt&-wQFC=&lhCm`-;SxZ+e639u8Lv
zf*{fJ1&EDrITe7;^xhP24dD_=HPWK*vC_@HM=J=vL|iw{5n|EN(KY5?eJoKc7Q5d4
z8RO)0u?*z$IkN}H#~JgmtEboa!F(W~)t-cxa~GE<g%W^*vt7l8*3Y=Q`ei{Yas0{|
z!US;sW;CnV&w#l>Ufg}EezEjHIBYhUYX6v=j&F`OUy<Hnv5ACEF3L$tegQH2m)A~7
zZMsIqI<ukITGF5?|Nhm;8EPWUk9gcp=u%ryhJ8yYh!y`54Xf0xS15Wbt_fjeHnCWB
zmGAOA>!w{a$#a&M;DGW}qKq&(Mm$m=lRLTP|05EVc5Ky@mL8tcOk%;#fD$*^=WqMX
zywRDfKEE*7X45ujJ&-?nKV@KrJ?7#AS6)QURbRdOpr%Kfis9ouuvJ}q>@@Ub{k!@6
zVpo|Db&>~g7JglaB|oCtEY+><J>)!eM5EJ4sVjJ?S6~K?5yCM&JGG7aOd{s(ruSv_
zM9GmRWD-!jKv)xJ)-X+kIs8t`VC_cEfi)g?pyurJ`RE%CA>}Y<XxB2F&lVgniw6ks
zl(DP#%Fq(UWGlEa)=E~nVgtIrFSr<fRZ36OHZ-Kv`bH;4b3#9QZH<@pWBNe7(W2#)
z_X<_^g*nJOoc>NQ^5j(>g`-Zy%Yw_}4H3QbmH~8&jtbWX4<VP#JJtr}1xHbnQ>-Gm
zNMIQ<m9V*Z%f=FM4F%r|qe)z^xeBVr2O)wRjA8NiK#At^!#tUQZ|cTs#YV0Jd^l-^
zwLz4kWQ08jf($!t7jTx2+nf6)bAzLCm%Hiy?)qXFC>|`bUq|=$EYj%4l&P3oy%7g9
zJig7pIC|bH!aNty3y^jNiQ!qOtebZfs`Jm38}+4Z)DImPl_Kq8q29sn?_dn+I*X2q
zpAk1m=j?jiy_(s0_OJ8TUEo9<asjyaH#5#$GXty>?@nt2d;ILr_x!-u8QJ|s1L+j!
zVpl5nCn{Ka68pP6i{pl{Ku>U)3;Z%3L6y0R33C(owsWHGy6~H9_VK{S#}{k|=Iqi@
zU80De*AI36Sj@Qug<`rAa_Kj^0}}i<dvZOZOcM7w#~HJHx$$*-{1|q!p&)y`NivpR
zNI8G~+`1j4DI6hk5M`E#xqj|zbd8@~-veHa%h(Ot*y^+p3vC*8*P8@*<hj$$;OzMF
z8XA%T^c=|8RMH9obdQUG4o!!08%mhIV$@>wict~vk%_qR3T<6+ED@q<^9b=9o}jrn
zjq@|OvRCy^iZ)?|LvzLUn=i6yt;2$ptQXzvf%^GpiFx}YG}(x58K|FE!gapF#%-^h
z@CIR6O%y~ZjR-LJUs^?k^OLa%P?vPd%!i_T6M>p0t&e2^g~Tewq#;L$I@2Cs@y^Jx
znw|#PLzTksDwa)OPNuEx1x-cVOI|z&Uq@tT8ePv$Ntwjo<g8&kt{+l1!Xuu+u;_Pg
zpzqT2T=^1me|J78^tpK@f>rA9WMuYqcG=_R0vaolDR^!E>2?^)yXw+>BI2n8na~UW
zyF;pboPhglNQQUo-Dz1He_8^r$q?}QjmJv|d@+0`3|5nA4(K9aMSQ6FY}Srg*zKDc
zEBJB<&L0n4V)z+cj0JJ2s4G+&Q4+3aD_R7egC_g{LdyO`o(Yf(9fnb2rpXI$%2}nf
z%Vp={)fU**8DFGKYDY;L#r?3{O6F#f*DO@*S!Bf#90IN|F5Si)P=X=2<<3w!xL~`)
zlXZ!)+qWlV(0!MplvnaLc?}kEz27)=*}O%d8vs{t$>Tepy}qL`taZp36Qi0wBo85!
zme_+}`QKxc@^(9;s3P633$!{nePHX0^{Xc9t0;L8vFhNEfFc&V^NYYC#lj?LYryRC
zfslVp18DRgc~s63qA9J<h);Lbw%!6ZXaxIQ$rT+My~s-p*1@mI$*4|T_OJ`Ao0|At
z^lxNLsfu7RUxpx7Tc6Zvac`eO38VZk0bYZ9eu|S=Wz;8>jAIVGT*T}g>P9zeedYm6
zM@dA$^S8^x`(xdr{`f{W?aIXvr$=d#JE{%0_%#kCQWjnzbkw*w;k$J462f}54)0q8
zwTIH`p5e5{6&J?S#An^CGD@RkaKXqR7oi%_7M}gW{^4HkG4{pox7)|$0S99uJpont
zc{eLH5-ZG=o|!a5XMO4KX=fD3v<GYC4__`1&nKez%np`6iGZc@SP4tTliMJ7;!2#*
zjs<nA0$O0apR8is<;n1boJyIm&8hGY&%9+C-FuwYH0)>lJIal{ZEin7F6g4$yqjkX
zX?y%2vPDGUK2^f;N3(Nc&ur3#IS^>$$RA%*nAG-E;~vmgz93qy+%luOPFZ+=S5S^E
z-t8DEL(_%ahp&v!=%&hvkwk^|G6D=2G}(A>!!AX^M{H(z_nOnl?UQ)j!*3i-g$CKp
zTR~BUao~M-doN)oT6T5NQ8D;R@#eY{xK%^3uG2MgWo+=d+8u10ympHlQee>uLBAoh
ze&WDu=+8g;)ZgC6;mqI9W7XC74I&;<VC6`h`^#@KkefJ`7-p|0PXm~a(SsyD?2QpL
zwtqjxKLXQikb7$+zc7$0EG|ki!KlDBgD`vl`0+yuCP&U^o9OtBg{ZHhDCG!PhACk|
zbpw`6cHj<gk24DW{w%ELBujw;trHHWO-}m)Lu`tjFnr^YHI<JddSzx~lOMM>2?7H%
zYdxE|!>5OFEiQwy(3@0?8}OP#-EoM;n{RG5Bw&LvbweBhiyQks!$WC=6_2x`JZBn<
zTttiI%V^3FpX8p}9zmGzhs!Z!D=~5M1>)Mf($s|t%<H`Y5$|^?C8&fi;L!;+t4^{P
zhdq|q@2Q%~+z&MGDieku!*@s*3&tVY3zg>F5RzgdyG0thHf;t?p_++L;gGEpha;c#
zm5?13U-+qj9cjAasM$D-Df_HYzDg#CD5mxK=J%@Bc)gsgx79tZ_xdM5j0I*LL;u~|
zrjq>@;aTx&6p5LcnL$&&eOXa2v0dqd$@Nd%DzsWfCoeFhv#rID@gwzrh2{+3I%B7p
zmImD4#ay^%ozE3==BJztX8hy`ubs0-h~GPsi^jj&oGLrluQaM!bk|);iL&1wD=b4T
zD(T=l&TY+E`Gy)VYPudk*<NbkqpDdm7fiD+V`D>71DJCVjmRI=VAB(r<i~m1G(%!3
z&+)}aoUpaK9+wp)!lbzSx=?h;Pr@0u?}dl|kGc08AEjdPwBn+ZiZL~#I$5Yx{AqW4
zrqHPTNz_i9Gs*GpGt@DT&F%+g?}P%c0+A^>&pS1JSgMpxQ$DTrCY|nfI2^4}@i<2C
z-YJ-sWAipmMM8*thfSzN5ARNPhUQu!&b<5nYqx{dwLZTbql6jZyF>Ib%p>?*F#dCi
z(?R6NW!U%1N^Z`oN_O0P!a10!_ul5|iU*%8+Wq>>GYva3F@1bT{IC;3m)S(4O4=bk
zNLevNsAlM$(w1zl690(ito>eYnE8s=J~p~HVMfBM8;*&+uD(9Nk7^nn_x+mL9dStc
zFFq>I0h0CsWYlqi8>g&HXSlF6i=n>qDsLqH+G3&mM&1T5gf@iqNzN&YE=MlASuI;a
zH@XfWC2Nk=Y;NT<CF!+vjFIl5OH|Q@l4I-1{QEhOcyqA6Z?Kg2=CH{iI4068U@eJn
zP^l*^Hiv!obwy34M_NA>nRhAi{so-i^72w8vZl=nx!|+##~K<AE<>v$*PYG8L+GW2
zT2JyhLe^PyeNwX&8*5rT`U-{NX9EVtdvhj>;?<f!snnjKN$tJq8=09gA2~H^s`YY5
zG)abaHMSW)2QM*CBhEtzZveihkn7#owJ#A|&-;>&MM_E_xBDJ`_e%0)tq@{C{!pTX
zR0^^XKA6$<*C6|8M^Olk|L#rQ&jC*jpC;rLipE|zk?T<T03rAu=DXrScuy#Le{*b-
z9gQER|K>w0yZyAu&18N7{e7r27t!6i`O0-I^I*y*2{c{2WhgD&OWzt8`Rm|1ec9K|
z{o;9qXsCWAKrhP`5f8`treY{gbJn=oT7P_()#x&UPQAo$(z)%K_FYT4#qF-CIKY^R
z5q$hz#gC<!_&C8vpcrTBF;#jOsPA1TNl<lL<?+u6gF?DJ4Qg(-FW66sw*<|)qRO8L
z&3%y#)ye-s^T`^Dhqc&o$Pik}Wqt^kBLV82w<jG#3x@E-CR<`#K(Pb1c0#Bqqct5-
z$PzZEqp4z<l78oS8WZ)FbCpC)GyKZ3-=LlaG}Rm|gt>EHvX(Wi_@)}UjmRqZHvxhw
z4jbL~cwL{`4xm-Mi`gjsv5oIZ#c8hf-3)i>M-H6Z_X*)VozE;)6?Rr()SDgSo79$B
z(x+Lv!^G*a3~lFf2{Mhsb|Ik!qfnPx{6cQ3Ftj32p;~N7_znd~gK6U&kS;!??a-=H
z`@=<ECtCJ|YOd4(Iyj{=w8ko`HQKIB^unFFz!aEYVtd;b+T1>-LaZAkC?9Dk_kt`d
zOw!yBO?1+Vm@ex}T|yRT)#b_S!#C`d*l{JUr2qkkdGpUjFXRD$3#6l!6_1SUgYc|V
zmcuuhQ%bal`i;HcE0RsV-2_22onhZeI_sxi|22leW>)4%*{{%NOO11aeBGh5JXHy0
zl4iWI=kKg3fDv*m2;q2NCG%ozN+lJWHZE-Q-qLf|q#^pjg^%<LN7y`rL;{oIg)-R-
zldS%2G5pZCODAaD`lCa+n|sMHQ}Y|4)_$g#QLg9PFHguo=|blh8T>^dhA<yPMiI)#
zgJZ@Q^wP~FlYKz;*X%0P8FhsT?CdIrVsObV@8cuc9Dyb-g1sM@IGYMc>W6x*&%N^X
zX-4o)C(8UM!j(3VEWMxA>*n|nXml+-P(3%-qh<hxO7yx-)RPY@iKej$G4+*%jJ>0g
z-Ky$o#7|$Upl(pRWVypd_Zdq&Rs@Pqk7TnA4)UcDtaD!$;+?xy=10E(HvGpEaqvu`
zUcvlYza!8UU8pT-83p5czDUwaRD1OPy8=`^h9#r>QzMO)=FQ2Hw4bz$AO#YsS3|VT
zQ8g;ccloOMg<Khs<;@Qx_x~e?Mx#`PDXeM>)*irxo4TKs_#tFsp8O+Y;7-f=O!2g-
zboM#u>kJI|&MtW`UL)pBS}&FKTiyLffqBp*CCw4o8E^r~_>uU4o+iV#n)uDne(KNM
z->P*J#Qc}3gjx+@>xzulVDEKeS#RX8da19SvMconInC2HMgb#+UAfNxQ8?Y~5v~AZ
z6=kh*5Pl?5Eq9x=yNRNIq`&{PElG+Kr=XY{Nu%*UBP)Sxpf#ris`vk=N&Xgz<K*BX
z=-8%dH~ydUsI?seZaBd2$$0CZ4dvm$<x$=SVs6<#h2GgOaD7zI=<z8Wf&E*Awvmy9
zz54(5jhZkJ3XTP{j28QP;iiSCB>kzz!qX6O3id`*8o4-sYSflEs&zI$558Ca*+qKg
zrRvJpHw~NAcMWUS+G}LTS4%~gh)#P4lqMT`$8awVpG^_RzlR)%rLu(F=OKbH^0Dru
zUH@eJOUQ~}A^C{HvbIyFm$qA<lV0AtTHNrG2)&H|NN&GF<YtcGn#Cf$916lhhyY0h
zoZ_DBej<>Pg3-#-_o)irIbFr68rtnyE1TNIYfAhvH56YSNh_8}(xXKDLcXgZLTqis
z(&F$%PCL(Xky2u&Ol2b0VT|YX*q@h)xc;1^aMGER@J9`_ak>cje*0DK^2Ua=LwiEH
zW>QMALNoZW{9ZfL$NqY(&-NzE6h$}aaiQ6H+<z7xRzz5owVfZ}T1`Zs98Oa>wAQE+
zuED4^G}#n$PmZqUh$oJWdmu>vT2)`4pknNgk#NlWF~?|4eRL(nQ*wA&XFZam`u_ZK
zxJS?(-q?pc+W%=x9ch=PKtQx|=8&FYE|wt7J<VPOH@xSQhS<NO@fb(p@#7Y}3MUXw
zx}ZU_o83cql=Do&J7lcC7ynPZUoCYtiMQ}w_M#8Up1g_QuIrP-4TdM3cdqu{&|j&I
z2>nm(T#sKULX+!$Flz~%!V6p^DNP84cf5^%EAnTbpM^XEy}p&9A}U!1w@{7nw^bI8
z%`!Jui@Xi^^H+z}P;Z>Bo>^_~pHtnz^nhG-DutYmv`=!_=VpuParM&bt{!qk|MhJS
zBQf0xPQ^*Z!(OhY%cOa>l!%5+hVl}HUmt9q)Ti7l56>U+99|uf5Sx@ZPV5QyQ|O0r
z*%7Xkaw2;A(|iuKCyBUJ>J8>jtH3L{S8%_~a12HL!Se6@7l(_0L8ru@=yrX!_iB#Q
zWwkry{g{XHN{mGcx95u*zuaeQJ|DB>KeV<GyDF-osag+!az%3RU$I2Ca~eZ;&L1Dc
z3_}w=;u8&i{7-r*97jPT-dZ%wgF|)^hF-DhJ@rAZ|ChnOnU-e5ZcK{7hg2B;a+!Mg
zmdh)1;J@Q0iGVb!LBH>b*SDA&Y%_wC4YgsDyl)E}nvVl=ZL;g%I59c)uJ}C-$3$NU
zxlB;Xa4bR3Oas<KzF75&N4-NLsxYu*$kg;J8tIbEvZwnL-F61DN109XoLc5<pJkK8
zGvpX`o$Gc1n{uO)BVSa11uTEwR`_EbW1{92D$vIrN^`Q%64O;OAd5yTGi`rKopu3=
zM2(}g0j8d|zYUN;O(PVwKw5gIU1ddSNlQ$6_3K^Rq=!jgiepOUxiMO&-ncs*DSq#C
zMcuPE;0<UOPN0ScW%+Vt0jyn0>swJ)bg?v91ScJFi|(DzlE3_FXv4t_DjMYLH}o)(
zbI~4cDEBE95~Z1T*>d$s48lC>Up;<qmlj(u{QM!90EMqLrH|iCk^jQJvqIj#nea)u
zU&U%_{#l91u0HkmI*c<!svPShPv(Q|%6%8Yuw~Z@omr?L(&I!u*Hy_ym2R#zX3n$<
zE7WL1X)8mPT{@j2HPH@JPY~#=t;kMs2K|z}=9<G4$US7D9$gn<WLS>%(U06|vKIZ~
z(L~B-yNk9TXgV<@=VaelKJF<ZZGm2jIdKHZJ~-7=E#y=cU9VHTmH)^u(sX7VWwEkO
zG*Uw?5dd}j%knV#QPRK<(GcQI9wNIY==_7<e5~|nO#5V)(${bM$;EIvWp{tSn>Yyx
zNjCTF-v@nQj1091JF>_MT?*G?SPN0K2kfe<YS=6>OMyq0c*P4j%9@SW@OA09?fiS^
z=V(ga{0rgB6<cvP_HU3I&4V5m+Xdb?ft7>kPk7pA-a@^xS*IN4gW~Vp9^F>P=2{J9
zZZ0;9z`asPsGVVTi8Oz0n&B8!^MZ}(rz@q7NbQtl8-pZoqBp%0U9sgcq$myfXt}MM
zg#rRhqJ*LjF?c8T_NSwj`0XcCtw?}4FUd@SDP1F<*+2bot_}uF$^p`3jXQ6icVD#2
zfv*>fLsx$I;$!=npdL|4kZNt2qw!gZzM5KS#<|49kUvhnea)>|tCW!kPE&W)yUSGQ
zn!gHtTFkR@aDVG8^0|1P>>YLGtu&);h5xO${Xzo)+&a<)7f^<cXH_3^$M7#OMvhuc
zEW8PA3KDe0C(RiW**{&h(!>~#Z0Vn!3Y<<MI#><yS+swCe#WB6svX9`o%qw3vX{zf
z!&zd+y?GBQwyd?Y|1>Sq?rB;rQ%qKHDwHk}T?7C~iM&JqNYYXh`YyuRc&>^Ky0!+G
ztbtY!48l%6PdU4y9DwhuJ{74RbpW|~3uzds1iqTwIc4c*ypED2u?%ph=(=?wj1d2<
zt(2rJfq?H$=KgkNYYNN6NLFe7sb#uQC_J%3E=KD4Xf*!~(aHV-nU0Q*b8Ys=zt{CJ
zC5m~mVRHkGgapKc?fLWP#3Js+j+x5vEN~TPpw?Yzlp|$lPN8F4I?ZBB)VI_F1Y?<j
z6-^?(6VhAM5Df>}kv+er(2O+j39Y}o2%4`>;ZWRbssOZHt>~zWrLTKzfCV2~Qebq9
zAR8E2euW75S?_GW_3N7f@sqtdB4}4M2%aT%f~O{F7#YEYTjg`s{UU7m@B|zDN}P@R
z6^cprY2R<P`@vd41<z&g&B>{$;f%s%b-POC2uWnxg9@CK5F*u!Benj+hzc!tV^q17
zOHHCMim=vDZ)F_M#$w!|CV!MhtPJJ({VQGbJ)M~T1Q9hm!V)346%(FQ3HfO?#4^w8
z{N=~rixdk54(Ng+ztL1_A%M7G`z>9rRe1Sw^!%aeq-6sudnumhB`Kuj4Mv;ak5}*G
zBaFjaXkzn>bXtcsTU`uCm;H!G8txKk(w00oCQSg})T3@9$)xT4uH8k8=A=v7-nAUk
zFO~E`pMV@Yp%-LwdX%LN`&`AhySV-N7g#Z%jExg#4NuRq1eKx1U9_k>1_1i_6X_5o
zCa0c*TGDHbNleF|6&!`PVf_f14fT3Dy(fHaY~}>y(yz)nJf@vJsR|;%``U`+dQJC{
z)_R_82Q6Yy9$C=wKse_d0(72RWL|oIoVjr{So7SyY1#pc$nX@$cMB?3ac{h`Qhs;h
z+;rND?ip}vJ3f&*p$s$(E;AY<$`J98b8ry56NEAEX7OOR-pN3T$pEOqULs)e^AESR
zGumUjvh~1RSDU6Xyv9OOu_lxA)*VV@Tq_5dm_K94+`@$z$oaa$hV#DWZ=61wCHdur
ze!|_7c{WPb(?GSU=#Gw(xeDLfqS^%!wYq8!w9-iO?N>NU!Ou&xLZ15j&mg->TniL)
z4k+GsC@j@e4Elea;AZm~+zmO!6BO9Ni{B6_^;=b`qsYRja=h}qE7(g}*A*>1Swq8X
zA=!nj4{@Ml<vC-0HKRJtRb*L@9gy5C0l+lbj$-3bYN%RJYfqo{&o*G?2GvA0+!FGN
z`VlaElyI8ym)sP_pxQD+$}JlDL==ZZDqW6Ub2=JEjhw9DzyE}YYOGLbJx4IQzn}O8
zf4}~otmP!KYi3Fa?(y)i%RuF{oc?zd6u^a%l;AORa@m@a3OCO*C0KY}DnI|$jNK~d
zQg7_iz2EiI8_=|JIC{sdhG4~=jp*Uh5SQn$p|3?3@w`_blj4v0*n8hbN<?HV-YoRt
z=Y{BTIN+=vh4T-6SJvlF^ZK9a3azDzcUHK^tZL)y&le-l#PDppK@4t&e`78iCF+<~
ze;Yt+6kgz&l5saDzP|o)aQbZE=awc4I}Xb5Ev0qlr*DX3hdypZEnR-MYfFnYSVs9|
zQI^83OuXYRcwO8+{0^F=>y}WIwP5)e8wyClVNaj%{4no|Tj)Q7!k#=#{{ET~w5}cs
z_jld4bd$*;BG_#2z3|z4Wu+Gy(uF9vle}M_x(?jAQCI`9AY--LV|rSvxv(ACmSah$
zh#TZ!7Yt>6;SxV5q;!dN_qMnp#O79{!VW>j21lh?_bSX22~Q!96%vnZRMN5VWSQ^@
zC50`Za)<ZTl=BZDqMnPzhXItHPI~5;Lzr*Qd$Lo!Z5VeKj22RGz=lfi2?i;dqz1dL
z)v8Phy7b>a4oy8!Z`sa~k3Hr*9ZNP{r8IVJ6~&+sCeHXNLKaOtl+}ZBF4<kcbnZm^
zFuUY<IR?pb(Wv`^?(&zJsC-0`O5eV^|Hkd3VISI+eltDm*VNSX>!DK0v8I<SbSajQ
z6*P&{@mU=cDbWEiY6iwonzp4T;6_`rT+!!yKbtoXdH(u*2eX#(-~n2{0XYibNyw&>
z7Jq0=r~s5)iF{GyW;bq;*y?Jbax5JSZTdi!mr%e^v4DoE%TJ&L#5-&4e<7#aHo=_s
z@iN&^PaadiaJqzmiHm|a^ia6@$=wDg@5e#bPkvotkxB~XMYh%+Zm{widF(<W&Zc5B
z`EOFjjI=x|LJ$zru5wEF7UyTcBLDJwr_U!^A<6>rAQ6cotX5BNqQ&d4y{qoW%s7{C
zrT1*oeb1j1FK9%h$y?GwFJ6($aQK>AV|lynMTq-dE!`Xsfxo`gsk^D?Chw~!-pJ63
zE$-jFSWMWgFI8d-cgJRQ8i-pJBRFk9x-a3c5Sl~<?^{E7+7y7=_NJ$~zQ1o<ej2#v
zh+%r-J6yIi9^cb4ouqS2jT^%@!y>lbK9+8L<*Kytu|87Ju(|UjPt6VCiNqRqLrWK)
z!m=Cw961fC(D?Ym=X-zS(|6uXZzhqSl<-g$Rh*1pGMKyg8<!^WfCoKA=8v~Y-?%3>
zPxsHp$jr^uKqdJyMTLmRd@{HY4i%+PZ0&wH?;bSP9dz_f-^`0+WO3uBrjm3I@&{a1
z3g-@m5Sc38-?bf#2FfvM=2~sMHb339T7RAyrb5kNuI9r^e(O`v9IXj`KwJ-SD^u`G
zOoy}?K_D-^<d6|H{x~XMvyIGKxJi|y0$EG&J0y(QrFVE(D{7N>k%G}}0u^A<Y&LDW
zF4`dd^7f0io;%x3l}PZox3d26`ewz+n;31l-I2j0y>0X`3S73lo*p?~=o2+y11WPr
z=)d_PvZ33%F9?YAR-rf6tEks<|EvXF-Z)zVhgeJ-PSLHz-Exy|+s1iWQ(#Hl-k0wW
zOmxrtAi=QrVp*?9hfHEA>x@^aqju*}*L0}b;a1FWY`;zEC6}dJ6|3djesnH}x4Fpi
zHFX-VQVlSA{rJ25^D2Jo<~89j+NqVj89oUHll1HpGbOVBh5Vcxp2aDM3X~=k?=B&2
zUg|a4A`*^*h%C5BkQ4BFQQ0mnjkCWz68`yd`6jwl$g?>fTptrT5RtAC`UFIam|fBt
z3E_6d&+YfBnrdgu;kqX9F`m7T(diiv{w54_JGuM7dz|c0%Nki3A(VMrw*#)lYp|R<
zvWJq!7Am`9)17Wnnz>#dOvZNhCwc&Tyo*G@>=qv6HA1)Yjf^XmCD;tUM^bLyKFIzT
z<|G$`pkVb|9dk;5^o-Yc=re0}Tqig7<Tpzwh6}nOhq+Hpe|>mN%x8-)&g;dpz9@(v
z;Fp6d((fDqRoaE;`YCVk7@FLVgO~JYf3*UuW9_Z=S9?4`h0gJXG8%am#}M<prnifB
zBc+k4c762~6<sr{i;?CY)8~pgUmvU^a4~?|0EKCu*Pt|b_gSDde7dgJ(FYNDo-Ya+
zh@Wm|_)xC%Vc?M(k+f-9_M;|Y4!-wAvJ6aHnx{zsPrN<s7C!clRtX&_M1SYHr`UA;
zbd}xERFeWT(+wE;g(@x<(!9__Xc}J8P9K_a=aMJnVE=WxIOdDV6*he-+qPj!S0*;x
zIr(XMUG~WGy=q!J*lei4f$aNG=p30>eyPBiI(h#Ro8(F1ulJaPYbUeAwC-TDG%osW
zF_WX*nVNG2%uK)IXN#gj2%u04Pawf*-D1-Q=e2dkA!SQ=e}gTfVj}vWId=22sifWZ
zzKpIF`6&`-YfW|vUh6oXd#9t-o(uD3msLOC?>cR~!&ETl^V2m`u}IA)USkNZvB~p(
z__=$u&1xlRLs7i$cWLAV%XjW`xQn``@)f0T^r0v9=Yj>B5T5Xv@1wsF?v^yQ+3EHK
z=H=yO3t>`XqVeu@MT?j4KL*5s=jHd-n0K%Nkf+~{GcWzLb`TCw2V6tFGfdXaSypY_
zn<vQYiq+`0^)XY-^<e*gud5NSa2b9ZSI}X>oqKz$YpbhnAB2F>uvcznGU?Qo1i$^B
z3epI0Ym&k&i*m(p?0RP4jV&uH8^_3H)AZxF)h~`M@W{;SV7Eb9`?>`Oh*|^^HYZ;&
zm3j@~%#<#5Cw&HlgY`{YP1dz0=~7K$&JEtoA5AFtX9KT@CyJ62rnovxDz#)!|5lHv
zB_(OqJU;#<1V|R)2>PyI+&M0oG&QUdZ{y(uF;Cxji=Jgdh5C!dwx$(_XgW=PxlZ#?
zV<~BG{R&(-oNsLne{t?hnAN(3pg>+T`&?80_YCfRfJ=`ebz!7`Rh=giNS9<);d^V+
zRC&p?y^Z&?COdmE3{=uBej?00l<CBx=R95SYK5l>?>^BNEnTNUlT!$!U4A`n%3}UR
zXB;AwhZvm1(4~?8x9~+x2p2uIgA;!%n{m8>xs1_*zB`<nt!cr6#c+-(6OPL2HxLGb
z#$XycdoFryge<ytPrMP@;Do<RQM(_A;oRVywAcy~Qt5YL*Cr@x`bSdx*NpU{l1sdc
zB#<M&+snxPR`Q0ew5m-}9V1K{DkO^M`7T0_++{GE0C+-vL_p|wb@I}|q4cLUW*^Ic
z1W9@oNm?#1_aDEP&JvANdl;zILD00r<jLST0}U3d2a+g|Pd@!~iQw+|_k^F+(R$>g
zt_sfGowkA-sw=~;TyFn3JYT`R!HT%)KYrKEi!12WfW<06*~W7G>MeO?QdBRuIhB57
z{}+&QuK&vLpitFHT&8q5sLSr_KU$sw0esT_k<^ACqo)7(?i#$@8%-eS$KOU^gHaZh
z&=_aaVKTYp0;KGuk<gDTfUj0%?e7FYqLg>9g*M9J1_WFn#ev~i-0wK(#=^tAQ=zHy
z5cOdPl(%Hg7wvNd%GNfgspcKa4(84;zicC7;gt#QPL)v=3+8Q<J3?A;fqU!wBa(ju
zp$vEx4MsFG@I)vzf{n~l6;5!vW4El$4_jO!px|X74zSBryBR`~L;y^8wH5=O5WBo2
zbr9Nsk8b^E@qYw=$v!-|F74H|{qo^F9P~oqV@N!)I3`7J*@-*G##17B=Myc+Ta=V}
z_3QhW`1ru$VmA33HTYz25&|8DX!@A{6SFEx_%uzLm1I72a4DV6sb(?^WJ-rMMbQ<$
zP2aKn9r3ZVc6A?#NN0A2s{(emNO2;q+R8zCqpW%P?~Nov4@V+c96v(;lII4VOFCcl
zem3(Q3<H_Hs}2{?@*9Sq7mOal?@I)$O!D!ACSAMhftuvpMwy@v=c3TRWx2dhlCNb~
z;_2keUDjT|ef#zUhxGb&u|vzHrB&uDmS|1A-&>7c`U6Kxz-hDDMXLaI_KG?8N;$a>
za8dHJ7lbB3k6d>MzChs(IBA4~KG$d3zWZBn`$Q85H#Rxfc^z9OCMD5ua141ZbIHQZ
z-p|p{(Yah!6{5%l22ojGcPUK#)_<&Z5Z<3+YG2<u->gMT3#xnZ9}fP&rn^2!>lSPo
zzzH>U-aI2$C+F^eyTa+*|2H$HMksmtRfjgd-3jhl74$lyXHfbQ+{e*MemwaWN~{dM
z6E~6_GHi~PY#PFeRuR9<!&Bz<zwy+EKYc6V;)lN<d>G@iAjxJNV40&>j768L=cXs_
zN_jzha8gTPKb{=<mlp1iFrhpv_;M&!wiN^N7gxbw0v(Ze)xGF_@ZvupsT%rWw)hLU
ztq-nPP}SGh*V$O`yZk8PJZ|8+fJ~j4sFt~4w5&W^ga{(PLw@?jMdGEOUo&0|sUCeP
zXub`-VqA9p=$g=EVmGjq2X%K}JCr#glGAKJYMzfa&|4|u=^jf8@Cdoo_EV$Tp{V}P
zM=6k9|1Z2Hcn_VAQ%5*un1v1i7|Z)Tv9Kvc5<KS$V`=+5v3O!zsh$Dbp4hm!xcGKv
zpOQah+;r+fGv(k<0RQg!$wSYz_4Fd)PvMpuHe3%!mVZ4bIsttKoqj73k5sPTprhLm
z)^|U(-JNg1Tia;~%}ns$=zkZ5-Km;9og<hQc{g{{sndT37lD6>@t6`umi<!Izw@V|
zTyRd3cPa&e(CfS*!xvxFm>=4-Mnp(QD{rY94FkFC7AZ)PX9~qA!cTwUvrJT0K>EYM
zgdB>&O2KLT;W$&;8%sza!z3RU2ym*H$p3rQ(!Y9$x8D)6d=jdFtTI(o%Q=Slv>&bz
z_(y!|yXf6w1M6>%<kIr3AN*h*Dx)%*jcAdR{T-is%1n|Dmy~Se-hBV|#RIi`H^i^5
zZ*Ru;kdKW$B{((2M|~t@_OECr;x2idc2OjGuAfR@EGa0h0J4Mv`=xiH1m{gffu{_`
zyaz1ktXL$P+XTS<a&<2(Jo!@6-+P4?{@{x{ZH()Fb57!B$Abdw<MTtc^}g<qev+1F
zgO|nKp(FgZEN9zVz}%zMqhSR*DQ`3^*0}3J>+mMBZ5D%uLjS|v;D$+YySS)u^CMS)
zcx3Yh=aq_4D8*Msm(0VvnM_0r#P<g8zf{@u0Ug1<&5yj$Gr9d{&1Zd_u-5}_b$!}r
zO0Paw581a?zepjfvZ$zFx4uv8yp}q>*-5ca251m+pi{-Nmfagy8l#=?oa-GcN??mv
zok%<of>*{GI?vZ7bVB7n2gH?2+6!ug7yEJ06|Op)Q?bff$^{)qpm{&_IosXx#NcST
zF!hC-;=15kS-Na*C^pqTo8nltotC+k74S~kP4SAf`tOjX`yhRJj=M*7KfC>UoLo5M
zDrimc{TaTk(zIHTj!^TuCxbF&&#&x^>TW@@g(`}F{uV&m+KuWaTp>hbB6+;p&&4Kl
zNqKxJ=5%kmRO+bMK1!e&^|(m0DIyh;5_n(}h9Blyv8xe@@LuUwc4~~im7lCruWm%k
zL^n{cyd~VC8yvk%VbY8E^7^cwhf*%|+pMO$$z6?IP>o7EL-Nu|ne^OeTG)Bu8Krc*
zU5h1e<8QIwf4_pl&Ib!en@a@or&b-NVc-nOrRTTt_YR%*=H;qe(%t9l^%1g*r#3t;
z%bLB;Gxz}gkt5xnQ8(E7f&t@UE~Cd%_WfMY0#KRJ+yOL`&^_Nu`T*f|<RLb+SR}7s
zJ9j_nW5Rkc(_)bE_oH$o2`Zvgqy2uu6ec-~W35@otW{i8TH2NC=LmW~<tFctH8}W)
zr$1qR`TmsL)|O|OSp>0J*vj;vhx-N`Oqw2WcRBEZ6W@%f!+p1taJPN5=ShmA9xJC|
z)6A6VIt4%ddy33}0ET_9UxX+Q9>g!t2kGY<eT_Zk^7xmTiHiBwc6glc7rNef-C`u(
z72-HSn0QUA)V>OLZuT@mCyX(9z}$6UugK$8O8tv<Z!;b=HCv=r{Fs3<EC87VUaSF?
zwQ<KTLchK$v0#|Bz)zrQ7v|j=GRw~WmZI@?luk;G{S!i!3{uXYZe$S^gq?kFxU2@5
zHuSe@OcndnkfXjt<b(=siKegGlktK1UPOSObh9#l<hdztTK(c!R$a3z6kcc~61<1}
z1CP=aG{f?fdO$CRv)}rgE9Jh0rKJ$%%R!;tg~nPuO<|`c$perO@PujfXG#)*Cvl2X
z;gA0$s^c_~D$~p`WoaStf_F{F@zJ_&J$sMc#3OmY1HQ>oisSG1VqY{j<YfC`Vo{WK
zjO5C<6%M_6E<cai)f}T>j-GHJ52ZOCRB761k(#$@7mz1eu3poC9C+fGo$f*k9N9x#
zS6<#s1lPXcF+HhZFdYvDEj~6g%dUuD>_hfTLlx;MACcJ+#Jrf<!znhQ*jh@b<`l-p
zi>%GY*BH39PY>yX6WS44d`D(3`9YEt4JJ=fYT}`AuAXkf=LdJl?*`LBfNSOF^D5FM
zsq+5jh}^OEQlY3%oD1+$rgWSJX~cpI;isv8x@-65vv5$bbJ1@U4)=8M1@^CNd%*w3
z!`I?s3?V%K5WF?34?p2>#{O5D^(3$4)O_jYY$Ii}$8N{RR~h9VFhfRq=0kBnorNlX
z3~{h%ldY6uT4+#A9SxP|8MEk3F;3!sh=qM&TYa?Bww%qFCME=ncex~p>pmv`SE2am
z+o*@M2^1(Ov9^pde=yr3AHO|Z<MDZAdC9krA`+bpq=Z*9S8J7_D36d^ko!w?mor8>
z;Wfp}6ahbsE_R(zNqk$>nqmqdSB#uni1inJMz&KLya>{Cfpl1m+WU51#N+T|s#!vD
z7cI)2S*NLkVJ#0M-hto-;U{knRsFvjcr27-wa;czkjs}x$CWsw*&EF(gK(j*GDK!i
zmQSpXKZ*rcFIbD19-{CZ%!@K{<s1;Hz}klf7}Ww5oKw7<*j;LF2R)xnfkYQw4b@&c
zE8uh^`@lU>s3A#52DJ}w8*-#BC}l+Umgeahi~f^4zd_-BL(knGR@SzJ-45bIbo$YN
zg?U=v6^U{TqCrID_#t1b@osbKQt*YCM4#7eKf%Gun?_DZaKckU59W>(KKFfUJ7i6f
zPK0A!j7HCB1LCg3gXW0*Wc|60KH|-(u*S9H{&t?|_lS`TGB!M)+NK~MFQH1CKeC7|
zGUHvQhFcmv=p23X<n%Y_Cb?>E7yE0Q=zc+!dG4Jpzv<$-1GjA%n^B|MQ=ILV1+h$!
zvg4!1;JhnJr*m3vxz3d2bN?5Un<)RDu<z_V=@US*%&d@VSE8p+QgJkMH%#Y`F_jmg
za=|Z9-(e5gF>x98*#rv3VfY!CN*QICU$JMR;6EKNf-cJ}TAK|?^;4YtepUG?IkCbJ
zT5&6dpNMqj;7O^y6gG9>4+2znDRr7^m=H3U;_L|6h&Ex??gbLk9+vOb4%WcapelE_
zlD)!n{!93j+BN7BUbc*jJcb>?>ITtXNu4|JeXt9%oET+VIp}3A3nl>GUY~m`1~ECO
zJOdE?gV0<fB;8$0nolS74(A|ugc^l+2o`#+j*DrYXw3~1L3bUQFnj6bD@4zONFr0X
z&GG{NM2OtVL+--qWvX>PUCZ_VqwFiA;%c^FgF|p9xJz(%4HAMwaCd^cYY6VaJwR}G
zceepTa2ebO_d(ty_q+1mzqi(`nSXG)d!O#TYgbjrQ`TU3gv^=y^zsJ+9uPq?wzE8Y
zc42<4_#saF;H6&oRr8MFgrhX)1>kJU8`OSPe3T)s&~*-}8bRNQp!~<zRw;5W))}Ul
z2D4QZrlJQgX}xzrJZlrmu6tCEXplMf5>MuF3&qq#CN}2BwJ_Kokn$8t<F*F)rEz<R
z|A4auY%{G|4rZrcc>tN}N3aWY_4BG}#v@f6b1$4&v|@kp&+1cD(+atda_#IV|Dfly
z<e1<pes0t<5ejm#3&m{Rc=*V(<Xqb{W9uPQiRsDbRZFO(|Kf6tZn``4R*$`oPTFvh
z`!^d|1I>2`EN7Yync5Y>$>T6A1vksA_+L!eIvFa4*l!sN4@|WffPQimR{O-xxh{}2
z=)G|oy>0S8iqasLM6r4)$^fBN&+Qn`+a=43Ql)1^a5EumzfC}I;B#Ti$t9rWco~^E
z$n$EFS5TA-pdf!}e)GOw89-YfufX`)rND|vGMMp$Pd7m`TAPzNB3xxpomH!acsxqi
zNhBZp(YqbVk0h9R5H79RvrVN8S;a&sV~97rr(vXrlCuzfmuRyVuRglDE~0;GWNx1b
zFU&_YrpM;^8bVZTY(bKVE;w6K@byiJ7}iWSSw8smdv1=uFDfrP-QvZt!u7xmetk7D
zxGu6nODc0`VPSq_qKj9h-Ue0KLjWgo;^CW~Yba|+G0CcP5aHW}v9V8C{4UZiXqnT$
zk^V`lKQco}gMO-6H+|eO8j2-3j*gIU8cQN_T2E8jM&Cmiiom9;v7URcOuo!<$aU{B
zoYG?>xYupUyeGlEuIaNVWVeC~C6g61)X<7jj}mK(vrnVQxz0z`g5{^$(`Hj_ycx+K
z8_4Kq6@+bn<Oxc*)X{J13+MC3o+R#ulZ&>TnJFp|v-1XnkW1tzVcwGBn{G;|RT&v9
z!bGXKM9Mqbir8DqpL|XY>b=Dm;zCzj%Nerb8T4T<SSD>xNO>`-;@xb1HE6*`MXcay
zJCo!AxVF84X`AEAY4?AA<j-mQm~txYOgO&I_wA-IIU!O~2&n8aU-9{o#d*TFpT%u%
z<X~YIvBw~muh3(9%4Njml2}@@4CSA>vATnW=oVxnDC1plG%K`%Ag^jcR~Kn80=m0|
zyq7^KKWzTDJf33hIbj4u<!A-2Uolshm91H+h*YPPlQIpvPfZr~x#<OI?9Ba`Vc3(_
zrS;LQZ1M6r>0xP8A;wwQI7Lzv)w$cfSvF6hy>p+v^d`2y|1kEo+~yMOPay4&@6EZD
zq3R#X1aP<z#I&>5DfE^BLbr1)gdA!0=1TE%@F(3pMw=E5%_ZbLh*1Ja1|t>d9NmB<
zfboOF(E|K917VM4LzUp}4lhIpdqHDZ3zO2kF1&Pcr!*BJEl|?>r_g8}rxDywYmllt
z%zN0_Buo9@4o=Hd|B|Ec>}TSN`>D#xMhFFp=(&FSQ!a1ODEptFbTzvQ0)F!(d*RP@
zggSj_6J!iSd&e<=>40)2WObxW-1YKuK|Q#MXGZ3a{jM=+(3T#JL5$%Izf=z++JiUp
zTbZ|WlKV14<Knx2fQ7#wRT(3Qyh)aq2U2gJtTdw+$Yh2f_^GO>BzSe^{i9Tm!mwg9
zF6s{Wl3Oii76vAg{&Ci&upwv(ArD1u4=uGkRlcp@-m2*;EsC};@VfBZtG$bN8wu~P
z532dhh{o_{ZOaj&R0nKv&AZS$5s*|m|8xHRD1Z?8POLQbwjoqbD{km&TanN^QN(ZF
zk8U~(=5Iv!GJ<p3$7?S}9y~o9S~0^SDqWYSl_3@Dt^;{Jj~+2cbh1P|#VZP9;~${O
z8<z&{xhfLy9~9*y^%3dcat)8%@p?!5>8u>Vw8^(&ztOWXAKNiWY8yWs)neUaF9HGr
zLZG7bZAH;}NPP(bc<>E8^Qh1ePzc^c^rxkMfcwvEp+H4QuEGDQ<ffrvU(PT6Kj)Ul
zEjfSC*al;n;_<){^ksPY5;;fnP4I2g%kAI1yH&@-fq-+6CBGxSg~+VEDno?AE-*Cy
ztD=YeL72Z)x(W0jd_lonw&Oq~k|dT-NX1$xteUF6sE^_BmiYEyh6+bxY+BVDjRDP0
zi{XC|zHl)i2xs%(Og;>{ps^zzCcj;=tio-^6eknGx^V_HbV1yTKlmPY1z$tX2Szj(
z7nf}QFs!f(c8$Mf_uqMvh7desm>T}VV3V}x0~s(S6;(Fwg0|$_lIhx&*W6|~B0CNH
zkn{8L2Dx)Tp7EzMz!;)BqefGcFpT+!oGLa<15rJD?u=ko=(S?u;^G22-T|UoANDe5
zAR_NrIV~#4IdH%R%ag3Wg?hCG-Ybe8(}%!WBwF{OTk&KpAN$YLs`<>cN(YQxO3S<c
zDG<X0Y5rfZ2q|FeDIK!C;^5(ZWwj;dwa>chA9AnwtHg(lVUF9)^QrK8l2G*nq%Cr$
z7g}-Trzq&Z6>nS!0r7y9^iGRRJ7r9N;T_0&ZhZLv0*S8b4j>xZZ3v)q!!A|)Cq6b-
zY0kT)5S%K?nzUg?Mkb(~y~(#-L$~=GT+j~xd@-P{K>#A_|0T?o{tqey)Yf?}N?sZ%
zt?HXN9@+>nTnQ8J9Am$a{NNd|P5haJz-sIn_GYis07WK-8Ee7#bR$ITi12U%h;K4;
zQ-uw3^BCrkPuKhQ?hh3Z6XX^T@d9XIg+2>V4&fdgR^=#Zd(ouYH!HpB99z)TgAnNn
zgghOwr}74jKRK3T{u}OrB7>gP!R~Bo!t3<D=}W@*-aOh|W4prsP_z3H#=3keU+wf^
zWTX{0RX;lz8U9pqvaOn5u9g#pyNe6wY5^zTH}2udA1h`3f=y#kvo^huUU`3WhGf!~
z*2K*LoU@I|Sz{dsYa;18h7rU?<yh22+6~qv7viERayt!v6fw<4jL!QICXn}-s^=U*
zh1bfa0MR^=2c=>CvX=a3!;&P24zh@lY?7VPH1AWGboTc2J9}r#z#p1rIyW*=Chb1Y
zk{G}r8Y>c_!)4moeOx^#e<J=R3aJ^<)%EXAYl7kV*yv0w;LjsnI#4%tn;i&m#`iTI
zearjyguy9|Kq470sDZ+<jFiusa>mg9B}3y2C+#~*$SePX1j*Jd%*+DGif-Ctw>yQ^
zOMn5Zo>(>s=`Mu0g1lP;FPbWD4McT<nGUjvTX)m~gD|f?5cr5BH;%~ep5_Aw0{)Ng
zt6I{bA2O$dLmjQG(1LhV$SI6HNrP3z&&GB*f#y(6y=)8mX`)LFua#~=Fa2Z7FVNaS
zuV?)Qvz5Y4%!#u<bDE#S{2pC=@PffnWU>6A3{k1ALO(E1oH8r?AP|iO_M+1d!g3xs
z16$z9kRB?R>ru#Clt0C()7AhIoAn1-NUP2dsU>8CQzod@Cs6h*b78Rq&UFRx+K=d7
zQuc9~b^K2}_sIRwcEPHzuP1?^fBF#_I`tcUhwrll<bu+I;jc1_AehY2<m@@8rFDW6
z&p5-la_POQSjnX2=2tIzLx1&}3`|8pR;NTozLoEVvCNY~`lPMeey?wby~Jmkw5#Vc
z`koXpUV8jokYekLhfs)m{aG(gWbde4g5@56)s~P<Wa}vH!0!ndJqW*&tp&qW!UdY@
z#&WsgaIl!|6{|UB;=G)9<lA@e<$#T4+UF$;7+uaHJ2(rJJ4q6l!E^4SK3|Q?#;|vP
zEPhHUm30>aft@W=LieB4qc%ZVC;soyh<)J@(1_m{(hV#ao(pP1rsann;xv(#U5<x?
zFsiL6431_d!j8IF!UO%EBSp-IYP!OZSkJt=t&K45wi9(hf0m@xPe9O@gM*OmsXK?W
zj~ynvj&r))g%&=SsXsuzr1xPzmyGTMK$gqpN(}0bP(#=;8PkInv>3%Kjl#m6)Ai6)
z2u;<HWp*UQ0TbKLPLMCK7y2X3B^Eh5evZM2DADokrq|knbfXher3&?HS2lB`;kJsV
zek5jxO@(-+C9y|EBckTSSr^+0<y5|#U8sJGa~*5^Brk+V+#kLKm)81&O&Kti<JqQ~
z?yg`oc!I)|ITJXj24d4Ravy@;Nyae-lx(!()+f~3!V~V<eRw&Lz-hU%Z7k8v<ta#U
zu%HEHHw}C-+senn34!1GvcP~K1gs&*+w_T~_V(P+LLEW{g(l#;OC_g=`Bl^r;tnfq
z?UZuz>E=ej*Q<V!)}Y(|^wIui2EKmm@I~$U4@_V=lR+x%&37izFhdlvTz&~zom!-O
zq+ZL3jL+>;16Ac%e-GCjL^EDXHk=4wnXUUPfJ{@m+agUf!t?_ZfVi4nG@3(Yp;5H$
z`Y1B=6k<`>@(U?@i{liDhH8Vf-GTI!D=%NI;tePCS=><lUigr*Y47y(w9|W!r$?8@
zGbSERDuU%UWWcA2*v0Geh41e0c9-?TZ%tB{mO)yuMS!%BFXI{n2?R;9g)7R@jr0Zv
zk^JIL>TQ(-*jIZ{1x5KK#)=s*9A8~^*zuCN2omI+yah=!PO&;-Zwfu>1Gx5LGefi)
zNGGM9+ct7VyrGVcjvP-G*&+N){7fFZJ^+lM)6s8+eW7;Sz=)C&wi#UCPN^cy7@Sy(
z6^vB}HZP&!?P#W}ACsfVS><D-;m-&>#t<u{Sl)yLf=k+>dx^4EG?_q&^O^@=qi?x4
zh@TMMTUNwiAXRL*I60@Z|8Lu>7EOpZS{71wUxf3OozMKY?>VTR*qoD}2di53XBs_(
zz0VdS;1UJ+l?EV~VqJ;dqxmnnl;(}zp2z|!cnb9DE&sbGiSAD`0Js&;mq8;6Y<us3
zO=|foY*nOdUXxpi4u7Ds?NZm2C$*Z9Wd(ajJq|j;aE+;x@gm~~E$)dND?5g2Qw)Oa
zu!zAGWkO=R!%K;1-3CO9Mg|}FJ)E~iy3HmTrg<aTT7iMBYV4--%R_nJ<jF$#rBJQ3
zgs5C;=LB&ga6+;KN1h?xG?sIgEPNl%4C78)4`#TL*IcY;nCsuR-r$Z@3J0!c=#L1i
ze_c(?Oz`oga%MD;S@>WxeY1gl(B{D3cIq{>lv7dR`q#@;MNKVnwd3?Nx(+Bpj1WQs
zrr5ywN<+((6gBwd8ekOrgFF2SX4n>O0`uvJWh2ko>n$_UUz4mJEUT1{J3{YRN_x(V
z|8Iz<LGb^DXtbNMS%VaX^h113Ij=yc2B9P^e|ihBcoV41dssR~w5OpkcDC#;c-eyv
zS^Tl{oL;y^xUhR4;Fn_xL;(RPEI(Z)zxK8)TzE>CEi^ozzig3w`vUah{%C~aK?$sQ
zLnPmIyC`ob$P}b9s}d+dFq|h_7)w5pDFVNp!qop3;nTlCu%DJJWa#|n!C>_CX~2ew
z`a@9ko3USE@nizs%#MH;VDfNVJq$@uUbQ<}(cMs&ywtoC#~~aFQ|xY)O{Vmsr-sqe
zckQ%<GOb_AbQhrM_63NC3JRIXsu%i6i_><N9mH_ro(;4W#X6M6Zpvo;n?9PD{}%(V
z?IIh*q-DShVe5x@FdGD1rK?CflQz@x@AiN0(KK*9`i)eql<O`@-|P#7G)`Szp)G?Y
z9Q#WhDMms}>Ud!BB5Nhi+xJ?TLw@{IdpyB%XjB`l#pmXp=@$I_2@5gPxS6b{d$@jr
zsNtE5GBBFTDuKL8(@F)J&8BHJPrL+LesA@U(2ZvBSqC6(zUV*hkpR`xrm7|e>J6r@
zdZIfXq<#fsGV7x(x@kVv8N~W0yEIKM1e*G*TDu&iStcZaj4Lg(YRl3?<Z5mxO??h8
zDSts<-`*YE<%F52WtHjShX(>-d|KEf<J?WJ*!%h`;x)hY+e>^LBK*B=K$b+4li<Wl
zT1e1CLQEok=4J5@E|My4{`#*xT+9QU4d(AGemW}VgTmH7L^hX|y&s+(MzGWyOy6fX
zSOp91-x-tKdEK!edw`a4alYfE;KX_><rh}l`Ou0{c>d}TE}wvXPr{qi+f9sco7p^x
zlQH)pQ5IDb-dg2jlX@LbgZk@{Cgdc0##pTB6~dI`xCpxG@&mJZUt0n3A|oRwKKEJB
zc6A>Q5jhOhPl-e+`5nnDcDuccGz25VpRf*^r+N(OFBk+SGiq+_WjdsY+0q_c&1pXG
ztJ-oPFJ(~$eVqx-@4%zR$Vj!q`=-NT506)0Ewr7+dpdY%5t`3QHq-nXp~b~|P?Raq
zKXIlTXg4&@hl}!{_iZ>>yI^lMOxpz?R>yHq2+-%(D-@j(47QjY<dAL-l`t&MH`8W+
zd&(&SfE!m4u=FP1xp7(_{Rgj-(uxm-zHr}gqRQ7=zEI3~7dXRZ-c$4YCHHF#MNt;(
zM{!HhCVW!Pr7N7+2w$zZoX@wtN){IN&|($Z%aM>KiIJ6+ONh}j>L>U=hj|bGCvrht
zcU=dnkgX&J-mMPy+##}wI707tnw2`ch?2UrxX-1iSR3sa`z9}fDe(BCNL44+N?#bE
z4WPxHnkcIY>Mi)NW+d(K-XN!%wr)=ptXhZce2ZMSmoOYQl5>LEW6rTpI+92t*!(j8
zIivuSeOOy4EN3t}x=}$WBuh>9te}yPIuO(+RLO?20w<+Mxh~8|tPPBmSxK3^vS&bB
zLIA5`K}_7l&M<A`G}TQZe11Mnq@O1VTv8h(9;-nf>t4eb??tXAI2W7jGO<nG2Q6YX
z4~wmu`%|Z8dPu;FxGS2=T^I7KphA$M$w4k`tPD#k6lo`eExifUNf~*ghKhD~7CiWU
z!W5B)H*&Uad+Aj5Kdi~$O##17cl4_K;9>6YgNj5hBFY=yHeu3j31Qs-_Kl1&Hbd>(
zcPVTY`GrEp7(z}o8|0Wfc2E1kI+`KuF>&^W-+*FQ^^XPmZ-v3NTXE3wWB`X9y5SCo
z6f%J9PS`#*#_R#**k5TO8!SQB$qQm6Vgo)j!v(btfu8MV(~5n4*fNB~|C0pbUKWvN
z)8Q5qmF8@&Ou)}e72$!XIJmWMneKsW!MEj@ug&b1asdbbeUwq#Y!8JHB9>yKD7UCG
zp?^$z?^Ja`1iu;@D^s5~Od}5baZD0!F_f2nYvmW(^e{-jWU(h^K`=Nzz@G>x7do-7
z44QrXm#R_B8)MOOFZE^1s3%3~4!Y_%oz#6a@>VX;B@<X_pS3WNpm>Ug!p&;hGSHDk
z!E1h6cRO6OguKuoN==yX?^;#N2HWZo&io{woq0`(%YHu8$~=Gf0>Oc9N(YxU{Y~Uv
zc%|$ajFfszCr@!FkQn}62h*d@bk9ci{t?r|TG8;-ec2i4Bf50aRH$$ycutr_mazaF
z&{=Bf>2Tewr4Y+aYMa#Af7@`~$Ng)n(uHI$>fir45RofNEEZ{e<P2|pz*IVoCQ~t;
z_oxMqa^;Jn&+BgOE*%UJ^NMSk6Y$h2kCF!SBR3Sw*FglVT3AZ(uJtI>I0EsfO$eCK
z?*&ov{s;B=mD1A;|1EQfto0^HDyg4yi_iPjbyi}uNrtsp)A1!3i9sDJXrB5!`r$5q
zf>P@`P>w#-kRf8gkyPLx9m*dHL<5au<8b1~56uhImZxN~_X~nX>oVz9TOF(pTUo4`
zv^Q@;UF&3mK<F$eqVoxeTw!naJN(^cX7LE-efQqhXS8@}z87_~$ldR_qY9zyjQ<1$
zfh*du|MQfR8^jcB(^L&sw;72ML`r9-KOH;v6YujneqjrY)o9)2lcOXv6CreP^PIzE
zi!M(MdKpC|YQ)S_DsNC>FpA)$)sKUxisb93ygDG3%b)4}M-d0jgs+;OZ|jmj+Ole@
zZvO#E{(cTHU{_t9`Har=dOXP`ukdJRb39nKQvo*CZ~<9{2`kq!KC|BisGuV-&od3j
z5wK=RCC@2_Xw`<Y-H9B`>T<k11VP4zl(oWoQZawYLVpJFqaUNCQ0ZQoA3t97JGQKW
zL!RJuEXXO=xFf>vYPeBQVfL7Lm9GKV2fKdmIqM~Q6(m_9iOF9a;8|)WbhXLc5Lb}I
za_{|L;Kj<ys>f?TJ1o<o>)l$rhXYvy*W3Tp`IuIw(ESsF>m3nM(*supi}P3B$fC1?
zLQhF9DBE^Z4p3Rh&bCUBt@9Xr<C)lDOHgnvZ(&g6%4XZHTsT=S;^R-g)ebMtv9YoE
z)YPy)IXz`<T^&|PNC*MMZy91<90mb{8|mB$|0gyZ1fT%bTi~@8tWt$6Y=Y{NtI)mL
zN+*3gxga}AkQaVWo@HoW;io?oiH<uL-6bcMyA`H{kH#$!eN&c@7gi#zLf>wxVXPN~
z;*3)46p&k;Z&|%AO}@S#J_K=N!tw*(4&GmEI~^8U6qWpkmi4E0Q-ysQrNZiNN55Ch
zDi84%4zL{u7i9b$DJW#q$UbTVn@@*G<hOyg!XPz1D!&1~0YI?2V!%@&mjn9Y$CtBo
z(;lPk#w;Vev2<JLh5KdHyRZD4%!48(X`u4tK)*1m;UOtc)w!+(=(p~npO#<vNNJCe
z3Q~`qv3U;7G3e*+16Ws1Lo0o1Q-;1P-0|%tvg}3tzPUa2P*|eUB=zh6#?G1K(yc9=
ziq2=7MmOx)*y?_IEX^Xv_{RIj(_!8IwA6FB|0QD^m3W%TZD4&x#u_g))xaAG!Vevp
zoE%hOtWQwW4@qB$>3!{LLJ#&%Ha*7;JAWDCFA-pyP68tx9Uo^q{%(=nib5}VC8>sI
zQ0gPQTMcFa1$&Lhn*1+v#JrNM^B?a|D<Wtz-s+@t+82yF-RIxBfa3>KT^#t+0shdZ
zywjJ>Q$RD=Afe~#RMT+LdG)ez_jDkcu5&94dPX<4n%QXUzG`jR^@YlASLhR?Mr+Mf
zGpp5mF__Bx*IbFi7nnDLO}w>s9$*~a?hg9e+fF;xgZ0|_!*&`wenGtULS<&I?qf=Q
zprA*XPf9M2xv1$tfY71S)q9+-m);^nbhxgq`t$h7W?hab*Gk)W>twvCk8!iHllDN4
zsF7(R00Nu_xvKJI9!#}DLl_=@yFqhb7emu_r}Vm1>b3t=&)j$eK6|>IogK3`#M_X8
z^}27azukC`F4Sl|0sgl}u2k{rRYHObBTKsg0zS%WM24H;hlMKrY_{KNekup6P*f<$
zDuAgB3VJ_w3udJtw=_XdQqr|e{%rTK$;Mf=fB}>W2&A9po~r#f=lBzcZ;_PsTJbZD
zXRm(`e0qYi4@jzKS~1e)`8KByY$pg8oH}(7Fu#M=ZNit+3S9_43qPwSy0%vfI?&9N
zIJ+{x=pGA{u=rftEp}~_`-JrcxCZ|)wFVQtbi$goYQ6@>DJ2g0iQhF#bfTyP>D_f4
z4ukvUyyN;^h~nJ6*QXBk-BKmeD8DxiC&p$T_Y5Gw<st(ZIw)G+{Nk3TmXX7m!uiE>
z(c7Ex$p^=490C2b#xA8}0^6IU)qQ2pQNXY+*OSR1<)ayb-jAZOZ<&;I2-Ro8!OS$n
z@h%mF>DqH6fMxSb*5T=yVrAr1GQkvcL3h*HdkO;c@pqdp3pcl7y8qpNFoFby*K<6-
z1>MczpYn7_^oNQ`Q-N;!d|3hU3s!dCSM)q0Dp>w0>q20pDJ0^Huvf#cd71tXx5S-=
zI2`M9+UZKYHsFm81rHN2@Ttd-_ErRra<EYMXS+=;`bw_udCU0p_MKW>iD}mYSPFb_
z7?sTDf41l~aaD`;!GG-#51;C-!&_sAt(FslPWd%+bObo6sT($H^Y&T>jr`)dY|p9l
z^@t=sY44)7!@`+}kjA#-rsijhh=J&6l=J=u{{^Rx=Hj<E;5Z^B6J`z<#R8Lk>8!=q
z_hqr}AKdqQ)}&S5aq0&!TXfZ5zc%0T^f;+&wjC_=QuCx!-wwd9d}DK`MnF!dF#Gsb
zG8A8QoBW~AihRaz_vg7AM*=|!Is1=vZ*K39^qJ1)b!-%@R*avz-;Q;$E%Ucz@=V;=
zy8PM1o%?d1!{Z}#w48{?hcImEpfb;A9V-0*r|Xt?{KZp;WUVxnpzl-sU`tSAcc-p^
zVRhre5USs`x-zZ8W*6$D6)=7D%_5CkKlyDxgCMxW;#>)=*i_|aN`z)Kj+^9hT(3yg
zq}=8P5IG|~QEsiGvA1lB1}_2^^2};GZb*e)Ut2+SH(7PJy4s;DamA441)sNbx607r
zQ6q3}w%L%y<@g3Ol!aFNd9BGA6BZUqTnqyP7B(nSs>heXlBNIy27G{=sJF;cA#ahk
z2us7VEiyR(hL+2oe+QdjxCLy7J>X{r_fMS|d?~g$)TfW8uYD=^3r9&La1Rl#p<Nk9
zmwh3t^#3}NQyJ!Oq55Te@aLB&2}}9aFw%ute7@%kPtZV$YEwl<L}jzQ^`x2Z;{=D_
z6jbEX_fCho>ey$vpm%Pm`tp+lZ5MoAdfw4O204NNOJY}(@!QU7^E*oSU!J1&tsjot
z_L3_jPTt$l(w5o!am%t+BMrsvuTzi6>vU7gG@ES{(5QQ6@H*sBMx5n539tKum^)sN
zR61_Zv{6UP(uy43tczSgJ#984b=;PFBzW$lsC&Hlj(=Hf2FuO3)F3FtHMakZV`LtV
zY1WIi8@1$QcBjrA8q&?Eao+#1=qw(#o$=|kRQR~X4}oXP*VZd?RsF0jX&Hk-)#pYJ
ze;#49oBzX0xcoZm>Qq%Fx++;_rW1_4)6UG*dR3U7MEc=!C;PH+Bj!Qdilc*YV68e+
z@SUnNa7Fp*#|rNp$;w1kjnlQ+*TvXg8}G~L+28CXhWcUGWZg`Cd~SZN06f_5l>mI9
z$EX}h8xB`1i|0p!ZQg)7b-ya@Si0Q8(mD+@8l@l2A}iGasj>~1sY)*)X$O_XFGqQw
z(+;FMyU^#lqC>o&ZaUeNkq)P$#3`NIF%ouJGHA2r2*=Ys4A4(~XFrXthoK16bz$y?
zxN_G=?k#&-&Y$3vfr@=&`$l9?Y&9ij8v#=xb4@}SZI8(hhh|L-J2{3s>1G`d@Ahfd
zW3$GlI$i;B%1#&=KdyzBqb$F}Rt-}J%c7VX)47lC`lDfbH6W$yFZlZhtvcJOj{e*M
zilTm=Ew2@(wV!%s|FY?{@?4udLEF=W%RA;3AU<#D11u9JU4b4oHTL6oN(Y&Yh0R~_
zfd;nsd}-r|JEZB>l}5nWUN5Ib;1V#S7i*ycPPf~e`*TwAi;k<SUVP&52L8LJ!5(yt
zgZ14pL>wtBNE;(Ekxpr=OSF@eO4A?Nr}`CwrC!E)R^5;(w{H)Z_&>>LLHKfm%a;Dp
zx`r>79nZHbT6Jc!k~<MN_H?R+h{-lyrpVhp_Ng_(QF*DnTYGNQ_PcaW7h)cPgHs^;
zSBmH_<CMApdV0Y6#Rq$egwZpMr5(D{;1ToL<ne5d8($3UWsdzOM;2*8=ZMbAhc`o<
zHz@DQ&c<g(+MLHqkIl+ogRfU#QQ!?bh?^VRyx%E6J6zq$Jpu<{GgJ@wvfp36+KTm1
zFa#@n*?kX4@q3Y-bESx{nU=frEPBDPUg71Zjxk&&3ZkItpYVv7CZFC4VhT~uw(l+_
zjpoUK{Z*kA);7b^jLs<<aeA9zE3HlxI@@nmK4zhCMgpNBGk@SJ+T{7XOT`}9@!3?~
zw5P=muE|pS`nrs4F;j}R2*$Fn$ff~~x$BCwq$EIG_PUYn{7lvvE@(FPO}Ehsi;wX@
zkAJP@ag2ZMLNNQ95<jbLZh`(#+kFBFb9>scVqMAZ%JImzv4)RM0ipt%Kt^mPT6Bvo
zVK)`%rkcUXn~01>lZS<BPa94R`A_*9gWKyKdCkJ2PCf59xpg$yz{pVbEI>~9BJ)}5
ze4f0<m1VH{q?^l=zJpy3w&*WV<!-j&P>3w$6vH+N-375TMpjA0es(uOI0wFpIUv+q
zDp68|>LPzoPOMge{k0;_=q3N*T0u0TF!v5GEBGO5O2&I>$<uDegjmoWWjtljRfA5#
zEnxql3hqL6b=6B*`_0`Qs?kZt6#qc%(Fr-@#&gR`jnJb4x{Rz_rI)Wdo^-c&$c}>X
z)~>|zLnA|Rj{mdlx}LaEeskta+0U7U9@gIFGR-&;Q7EqQAy4HuLLBcydz)$Wxsp<s
zv&7&7hc92%eh0>qKAP5NgTAO+5z#{bUieAWx&Y5*#jjqjY?GW3=UP$5I6k8OjG4ez
zr}%0|VoljekKwfbJ64A>$&V05V?7vjNH%%+%jjzthNKIEK!)GmvnvD5v!Wn0ac^Cg
zsJGbe301Cb<p+l9y>b3=R4Vw}sOQT49qY^8IIpWy?>Vro$dU%VE`Gf|`<?CXMZLts
z=#%Af`!#vpm8nfPB{p?zI3ahfNQGw7^;<Yk_DYS_y<X8MnNMl-kJ=;h9vg+0-i@0g
z3cPX-4Chga>shbj8lO3xlv970B|6N$y&sSF3lzWnlsx4r<c)HF(sh8f<d+(Zw3M=R
zfMsDhng4MM4qq>DbW}F$0UtPc7W?aycbEwK8DAIr#1MW~;~QkWuDB3zKuFcNX!wUP
zG~-Fax|w~s22nPmWY@Q%UMFu@4BV=$8!yMaH)_Kir%Xq5z<OScy6qR7lu4%5)3z&L
zc3Vq&XG5b(_4DHQVF-NtK;w<q<`p4De9dQh+4i&`><*Wn8m7nJlWl!%A&jD7MNuY4
zWW|PR2(7t=i19S`6%kAhwui?O3X$Pib<l0|e3VQIi#fw~93iy{Iu(@1YXkT6M<}76
z8_V#hOoxUN*l>hlIh#!sWazY++B>Vt^a~CS*&>SVKu*kQEDvr%_}K!Ll_y0<IxNXj
zO4vKFb)>QWAX#4EBU3ZxGl94dcl+|KcaF=dIbD;f(N8!9TJeT3&<eU{-S9@N;OJ=+
zfKRBZD`B@r#t{!e#`3JC&TDy>6EUtLr?ZoSWkipePC?9R09Cyt-*5jKB$mT%g^bt}
z)?K|}wy`;p$d1RNw8Zylj8VhW()p<gE$Pd3rnV0khheG>u&rpqTR?hDubetpKfAHL
z&cUY|?WS}4liGvBErn56*405@cu;59$(7k=ZQ`N-nE46M!QJJAR}pUH@uipl?nhoJ
zH;JgcU<H345zM%T3%=L&Ff(ur5beA#rQBCTMU>xH<43kU#EJW^i7Gl2#LT7tsWrPZ
z#a6C%saduw-6(Urc0qiakYhJ_D+h@Z0e-8q#N9+<>U89(-;}$uNH2A`AJe}7V<WRm
zlPJCv7Cx&1iU@r09aZPcEx+gSj?c$#rEUtV1VCnL&!tjF9D4T+t;kCrc8lZaJHG8`
z&KfJsrG=|Pw|$c=7(hwjdysYaCK||Mv?>E%D8>$-%W?{8=M9hjc`~bO_I{h0L8P?v
z>jZpN-gAI8@JIcW%G?5!-Q^*+mcNMg5XtfGlJ%7Fw05i_(6nJe<;Djt*R<qVdM<Iz
zK~Q-%c@BuQW!lV}jC#CKL3if@7eq+wCa+~J=(omIiet>hD*IAcAWTwq!zN-4$dRC=
z4OTGwf?_I<YGr*mZ1f8h>?X|_E(1&L|4=m~=JI}9Iulp)>r6&v5>Uo_Hp-*XbVdzU
zyS20JC&g0C?J`BVpYk*Obz#^@nRXZ{<x0PuU5+KNc5W{4;zmjQ`CxgEfG=+33qDau
z#KA0qQQI4Y7^R5Iu`dU+hB(t&k4u9Kf>o<dI}7#MUE#`$XpKe#AFgk-D$4nr)rqW9
z5PqQi(r7%Ffkc{H=c7H%(({r;8>i#M!EtcV+44D}YF)>1v_{1XrA2sCMSb$RCff0V
znr6hpHsO$?CGsOD86p<<$0|T}Rc5^d*w?iAM)Y~gyBm_)dVkyfP9{|~pO>WR&);n5
zX%|ItH_STCQ+nmHZF;A+Vm|ATTaZ00AnC-wWOm|o%YSKn>RvbHZ1&aWEWJMXc9G*L
zCpGIZH8ayPx6=xNc+74ycbk{DX%5f?n<+V+G<Mue?Ol=hH^A&2bO}J6@we%jtEb13
z>jZbsGzu6XZU9t_>kle-{arE<hlF6PTDh`^rA<~XzBJVF?~;ZYILLjP-H+-hsHn!9
z8LtrivE|k@qr)c1^eh+@LFVT~9EC0v*IxZhKpODm#KprSeG&`P_N_g{-q!K%SM7is
zujSWPz95q<`+4B**tC6Nm2R1U5Bs+Lm|yz-+dZFKG~+piwe&8Z`9ls}_+6hz9xzP)
z;b>iF%fU+rsIm(N+<3&WWYBqSwIkqzL0~FJ*6#gYB3_V%HvC0$s5a1b?q@g#97m&G
zkcOf<QEMYd?H9rc_#d@L2gC4}h9n?o=sxQ9h{aNT6MbuaeL4N&YI`@U`4eXo;sQw!
z2cB?Uj(bz|^o%fdbsN0fbIkf1h#5IE?xjd<G#vJM$1{PcG6^RC+8AumcmB{8XV(o9
zbKFTm=*O=Vu%eZkVRA1-8Hk4}(Kb;Afu6&2uECsmkGU}sptZ-9pg?K<B_0ubxcTNP
z1f9aNCdG06r5<*9!|q1RqTs&KT8{D!<pvLR?WN}(*g5sf7$=CEPH>f*a73?)hn_g-
zDpuI?&3E=-%o@XAcA8?OgzZ8ZqfLD2=1oLpc1YW8x9h{str^aSPPdU#rQonTtukI*
z2}jU#mO%s{G1q)78v1B~mg!7XdpPGQnyJ&Gj=7f>lk0ftSRC8Qg_(WxlFGd)WM&<C
zv}LiXg(-^Jjaa>bm^wO6uoh{H5461#$SZF1^-k#0Kq-@cNO*Z*z>Q}OUja+>aVBo7
zth}nvG)_1aJ>W6d@m`W7)T1ld1x?9lGWQwJBfzedGTiXxGPTz&O7W!Zp^m7g$jX>f
z3?oerak{HFLwr~#iPA@*(Vcsu%@|Fhy8?0%iTLWzTaFCa8F$vkH6;Zk{yS7Zf?qpK
z#nY418Z^%3C%;$+#NFf)l+0|>5KlC0Ro5}Kd4FRe?$`c)mokGDJ`tJr#_MHB=_LOn
zaD_i8O!c5NiZ%ZpPmwJ@;nq5YAG^#NO)-h$!{D7V77|=#3?9Djg3fpmNQ_^^%>`%Q
zue)H3l7D6;WX9sEp0Lm_R%|p)3UP5*k&V5^aKKLW&fMlK4=D^3YTaJyy!I+S{5Gvr
z`8bWiwC$8`)WnPyjZ&@Z`WD>!y&!&kRYMU_JYr%~qzUBC%@UKm^|T!)Yi3)3Sy+%9
zGmvW<Oj}vTllEbyUU*>L_a4RHuPux%sH^(Xt=-`;9T(`_*%Gn4$WnBoL1<3KsH^0m
z_D!4fVt=?vBy-ngx6A7Lh*+gTC!waHUn6BC8UO2h-?l@a``qS=0if?K)nct_*!yjP
zL7Ka0G55LO2_K`d=_}!a_`}51brEVJZg~ocC3a3^Pd>P@f|jUA7dI^<)L5KFPD{t$
ze{ZynuVuBVz52kD&UH)ho#v;g;WYl+z*+66TWOlbMy>~>BB9i845?j#@89dfO|Xv;
zVis2U_t%Z&k1VHC4sngq)*#;Ww~eP<XpQLC%q(k4Ki}2OFu99TE%k_0;i_xPY>&vs
z7)!SIynm-{2XnSHa)(H<Fg&4xCk=I`KqF`P2^2F|RV}X-!_QGR+-2@3vz&*TC|~tx
ziag45UJ+yKewrPnHtl^qGOD(Kb9%CLB7G;u%%O4h<2KI}Jq^8{vo%)*(TXv?w4qfq
z<_Z+ZgRe{w@x!b=Zy8MdP`K*8z%(R)_fw|zQb}vTT3fPt#`#dqy7e_o%G++7?9Q?Z
zfzv1svQIK{Om%*#HH~VZP21y3^Ig&q&<7kx$dZsr^;!}v8(JNBt5o}ohgaQy{5`LD
z{dwim>(ypvWokZyh9Uw5EwN`ZllRZvm!HipW@N|)@9+7#E@B)?>b9U<;|9)KLh)D|
z9g&*aEjGXZEF@?1L*z@4$%JpjooThF1gE=1f2g9hrJ#0Cti3h^NSc)+f*P$q_o^*Y
zC-3t`9yz(T25DgJtfw`Ll>eF*|CUDsmdGm4$?V_WGUcnoV+fEV2l1+bG1e~1JM}s=
z6I6$8zE^5L(g^+Zk7enI`{l-deVkQM+!5fI6rS%aZpIXz=AfKCd>AHJ^#PP-dLdsT
z9DYh*MIE$Ve`9Vt6Kh>KOkjQN8dBpl5MMnQqUU9(pFK=Dl)SXt0H}Xuk(A7#{FQo3
z$iZ(p!8;Q>oFc@WWr7R?Y{aA;>5a%IG~dry_*R`2*yg{L?AA&4+$d1Sruo*|@L=&-
zAf@AzOrYT}P^w-c!99szFYARdgUmWvT_dO@%{JowkU&Z@lSiRgPZQQkif9uPhsx}z
ztIBSpnGU5LW1XFL1Naxm!<dcj_x$7)741m@puih*?dy8?jGMkw&_(SyQyi6I+xpwL
zW@l6}R5ne&6@(sk5)U6Ay@3}$RZFojg$ysgGaw>De+?wZAcAUwc5+=7`YF`3%0C^b
zZ(BY*UHX+^GUx(OL*cxU>P#z=^Hr@C?Bsp%YIwY1sH4Y1Hg6yLyuZQeE5=W^jxc2J
zFK{8}({=U6&P$%~fr(%7^@h!;OVY(Lo<1ylWwHBWzqQwXaq>**RkWDwIY4jq^2T)A
zI9B2A-Hr8~`LRyqMOvHW-1C#6XT$~>>nN6&`_1puba}*pk5`to?Qy)Ki7^IaDWbIQ
z0_o0fIlyG*c;BjmrTHq4@UNqb8n*4Rz<ObX6YDW3>n-YTFOFdnnR(YaVW%xg6@3K-
zg}k<9QLMr9bH|Gyo5){^gvftJO%56S?6)@vVq-0fifXyPV#wL_5f@Jj_G)38xJS^q
zwu%dwr&jl^#u=$ON(^(08PE6`@8v!VzjaGwY9Kkji8O}V*<Xfx3b5yZnRYDw0>u^g
zTBEPlY7bB$2*q7mjUpWWI+0@WV)9kiJl_1G&Jgd+d+agw{R4=OIr$`=oGz}uSDxVO
z0sX%gfgJIkVnaB!CgC<04Yggx__<6jhny`K(`Z4YyMQq*KFw#uGu%H&`XmoLy6qR+
zbo{>g&x5T2T}8mz+nR_@^>==cF}-IWW9dOpW=`waX1F|wBqP$PONOuqV%$Ojd;Y4T
z9x6FLoLl>GdcnzS^KnK;FTqtAOm)ezvPJ2OaPzTk)+yu9*OcVckcCcJ{|g$@V?iz3
zq~K}JT9FI*IA*_5ASRGGTZ^98u||UCM1=x-!lDV7bi3BunE!s(X%brBx617$a8Hsh
z+}ihu&5cpRS)26B6~B3Bli7i;Ey-F^neBiOv+2BYRJ^ii2y2DBF<$J7D#J?q&408(
z(webuDP`pzQ(jct-)r>@UBh#feqq*ZzFI*!N7kw}){p6<vLGig)^pt4|9HTbbL9*s
zWyqGSDO%|dxcP64b15XyPIy@nj~rYGt`@=bn`jb3!^p4vr1ObgQhYq^lu@_dcFWyi
z!Yakq%l1`)YZBx_=VeHW-PLk<2=viCC;0l2G*K<Fr~W3MIq3B+p#lXg7if!QL>AIJ
zKQ*i$MG3it5ASy~1KmlE+sVVX=Ai@GGnXVfaJ1q&E71an?^SiD@C8JB$wo^NvCd7Q
z^iQn){h9a(YkQ1|4YMN5K61IkYotrsUMcb^EG2U^I{M3==3}SA>Y`2xM}_UfwPl^T
zG$LyGD;eHiin}CrS{n^^$E)PdFZtJwRo}7BW+WlqAcX}}u-qH9uYNf2x(bs<QbmO`
zw)l7co9~=-cjjLscbmqzyJW<j^J&q3nYC>=x2wjmmZ2qUDSb4d0Yn~9|2y&^yMUPd
zp9kaRl@-@JMjyXg;Vqgok(-xqY`Vv6cEf>68P)0<z!XvFOR5$zHAAp5RwcZN7Hbl)
ze@RYFy42efM4qNSx9Fj;C&QEdo#R7-svbAj#C7D`<?Q;I)<EUgEB9_C?(nZlU5>on
zi?l;s$&!MD9z&Egm7vCGh4};mfdCf$5Nbf-QcCUHf4`hxdn%-Rnn=@wnFj<++Aq^D
zZEdo&H4g9OSMLwdIBU(%`+bPNZ|_%)m{mR--4Y;Vrlr-LfE_RnYxMQfN1kY;u2BT2
z;@yn$)wqvnz)U`8M^8R-UeUCpyxnZ!b$ESy>rGtC+vZz0WOoR<mR`2<-|dhMh~=73
z6OlltO2@?~$!;4Dm;I^TC>sTO8l6d%)n}gi6TewSuL(XmWoy2r&>3<F0PFs_R~MqD
z;-wc8BaFgl9fDj-86*0TC_1CQ^ZtJ(IFMYK7Ba;NOA2W>!xfh6VVw;DIZP3p{Li?p
zK^zerqu6mWxeTM?{;mS@K9?un^74SfE5rh7S`I-CsPc%UH2X67?^^KKfbOPM)urWw
z)FIYrQk4{{_+{_<33?j}tJ4B_(Jg;BAZ^NOH*nDt-8>IWy!3u-UWazwV$0vvP-tNs
zFd>q8b1i)QZg)aSKY+(jP68{Pxa<0tTv}F^q=Evf$Ynwt{r7t?@Rbw>2Il^Eu}H}B
zvX1Z5wn=;TWR&a>?SIEpj1ScmSTi`*G+m?dP$BA{aU~~+O^~>F;C-7Tl`X1PCBMqo
zM@y$*kwv#3pujRA<ToYBJfW|)z*!x=D`MU3FXZ7*0IYe@LYwMW6aaU4cQJ53iHy_{
zn=`{sKHtD~0QQN9uv-GO2t`tS3w_b3$dK}7yYzt$v6BMw9NMAO2v9mzA#}8%5L1%D
z?&p>6O~{=h1S}BQ`_uO6o#S(?nkT6B_@bBUwFHqeQM&3XnCwX`VYJUDDdm6PM?`32
z#QWBuOF6#8e2MS5E5@H~R4JYnEQu6wK*GV|0&GwL+f&<^+-i8()d6(KKS4*<^B3)w
z9dy>)cjXZ|42jI{Dhpq8b*<AHGr$jA35$GHE$!j=FOKG}*%P&kcZQGjJ(g_CDRS*O
z4-+olRxuco*w|f4|2~Ta4TXzU87d4E6sMpL1%VG}Eg)^n?2y;<d!a0^O9k7fUtaf{
zrwmV4yYN{ave2w&+TpxFomjZs7go>L=R5J|&9j%&Gid5Pi?f!-cZM<uvFmPM?2T#n
zwHtDI1J#w>wxxB<k`v#nSAUVTdL^GXWREV2%*^~UAl8QUuMKk~N^I+)Lp`!A{-t8J
zWA*tPL#Z2LxmqO0y5L>dUB~zPiDrpA?c`7EwH}=U7vfhu+MAu$bWCgb(-Hdc|MmhH
zy!MIu6{m^4A2Ix38o53;9O{UpX(w#{)sH3t-F>E^($n40$#u8(@*&zcXV*aBvA4nX
z%fiQ|Wp)Ne*Hcfkj@MH=DsrW)#tq&(mEjR_V*)vm`Mw5f4hAstBg5e0)1JzHEyM$~
z>){|)^9x8=rm7QR)K07Y#yOtYz0{mi7<)DXo2!QM*YDprW#tih;GdhD#sg1_UWFZy
zD}u(p-WTT8pG$Ep7}i{G6Zky)b@*J8_?}nLe9U^Fsd#uwyq{wY2q~C)VHWXzxJx1`
z)BH4ojTtRy*hNgl9tgfQ)G>x-lRT@#SI2s2aI4MH<S`!ZEvloUB>9^@{YfOg1_r;u
zjx1rlRAFOG?w}W7{}QdrDt{)ia>eH*O89!6g+KqHsbacI3py@YcK@|?BH^yTV)6Sr
zJJS0kL|o20As&UYf-UW_p!(C)tlg(1)l<C$buN#+H{1>{L0z<bSMpCM(`4)^0<oNN
zxdR9Qz6dW%Vsceac0jd1@>$=b4n1@qIF|sv>fx<@7d(Nl$$JUpQp*3nuK$gBWfW+s
zgaJuPsF%&_)gbIek8_2NfO}YNEZ`slKq!RQzY(EZ@QG_(=+<}w9B;aBq56(lVUsQn
zN<oulc#LtB<hItb2538CAHC1LZTqMV^cZ1I@AD(dnCY4=X}KcJ>NHkvG+$7!s`j_{
zo39*5sYY8}kh$Twl$SUf`ECAgN&3|?*8|=CfF<Us!k|sr&@SEBd&Nx~Xm8sOW!w67
zD1X@aI&*HAWCg&aQStiH6&qL!f4IN5e{Fp192aL_g=T%Z3MQ{WeK-cgXM3rDY*89=
zoN@mZ&1uYtH9pzY|1>+t#D36w%z9nzF?_#29R+TKJf>h3J0qIcjlX)*{@MY9ZzIq*
z{HV`|MZ2N~1T9P2uJ&b6MjKw=q2!a^Rh#_~38P(&$vts!)>n+M)vHD2Mn^Lm76`lc
z4YIcDbzb!x-{lj0VDg^l_aX53+ct#nG0|A(7V{y}CQZb3Htv*duff_RbQqcm=2csy
zr;N%Z>x-SwtR<CKTxR!FK##RA*6&Imc)k)5Jj#Vr%e?VZ(*k<ai&e{i*thu8e}n?n
zuiBs1qfBR-?f({Dgz~&Kf<NqEn^`=q8lFPKg15GvBsl(gLHzT=bIAJOpgh-*Z2voB
zX(8k?+uZ|;kM7qOgBiQvNe1qVxnV~2oPRPT3m$0Vmal7|YtoWY(O>Ia-l_L9NIhrw
zLFvLeGX{U##ADJMFoPw{u7|3BxIcH#hc^VRm%58S&!QU-DFFj6m9K%zB%;zc+oF9L
zuQ&AbB3GuXkC&p`pl0CEcN#fLx5JhUf5imBw;a*sBfGBSomDpukS>{i112xF_)bGz
zWBM&~+m|)-MZTJq#*;rywfY+z2Gx0qrh)WBUt5a45(uMGT)qY_D&i<Ab-PI;k=$A2
zrkdG{$>C~tQBZMyf~}MI5b(+<8WDxihFd#fhHwbd<eeSqMEWIzJG<C5yR%U;<la>W
zD5G?#D3b3M`2c1k+HXhi6EIVJz8+nONkX7<++jP?&6SaOeVR3vhh3;T`Q8c6cAD5>
zUqmc_c=zE9vpq03F0YZhWTN^-ew1?vm*=IX&KZT<$d9J`PDtl2gM{$$*w!8_94W0*
z0}$b8Jkj=_^ZDV)iYfDcr&C^@oc~~)jMa%!PDF|QhL4g`h7AXKhsh9wLkJR|e9VYA
z=CWqrM=Yrg8a$Dtdc5$jrXCT`^E}Rnv2n^6E}%M^H*6<f7omT??$~wQKAt&2lnhL|
zd#3<YlGFN@;^Q~B`6QMe>9`S3DoL|978(GEdb`!-4R5@8btLq9w7yH!hxo;0C(iR~
zGZh!6Zyx&%(Wy@Sqb4>53E>~5KH0P34}-4W@O+m_V$SXI2G8Fd56Y0$rQsz#J(@)^
zd|H$t9(=lX>Lw4Tl0L$Me(LiEvvUD2v{BmkF=@J+$r#?3y@d@o)IcxTizRHp^$Jxn
z!iU3+HvkHUrgT3uJ+iP!iiO159CD!C9Rd?^%S<U8W$dtd{FSsn2ZhWd8yKRdGD&PB
z4_mFZz9h&f8spHhx9#IB6B0Y5NAwpfH%CigvFMvkSmw2T6pRU^jTg{DO#G;58}wU+
z-H`5h+hOGGLp^VHc&No^DRu1^?Ejo*Dk%fVEG=&m6BGHaSi7QtB!$3{vuUzn50Re&
zyWtAR0G&WMWZ-b$bGO98F4+J?@>XMkN+S846|@>-XU1TLKU$EUOKRJC@C60*bBJ+D
zYBFlY5gn+u4CLLYMG^2JAnOy3%T8^CK7HlBHMo}Dm(tQk%x=nit)}MHJi1b(%*q*f
zrXm-WWQ{}d)>>MQ$#u(#tJNfa(C*CcOtbK7uhK3$Kc5{|V|WQJp8CN)jDHNIoXT>h
ziW7NJrRK#6Qab?UN`QdgqXzxF8u=6r`ZV|~VhU223!jEQxkkl_^*rjdy>aX2Pp<7z
zI^hpproH6jm#>{y7YG4eljvVrQrcICSEn_ci;Kw&?pQ_2lk%HT>ryO1KagsZyO|(U
z=VIgU6LYU=RQ;<U!G(>ajDX~=@MOWgy*35`VB!w9OW~hDx>pR!@T)zVnkVeD?S6;O
zh`4|QSQb5JcmUrv3X@J!fTh40RmVLc$hxfftG?pYFwe3BqF!VU0_$+oq#{NJk=5Cj
zw0=yr{AoCsUHe8|MWMr*W=%-R4*sI>^-8z&q?ASQ51-}jmQEOMeX|+Y;AOrbo08Y!
z5*aEW5_zHw>l*4Aoa?S%-Z*)k8GAbjdcK|CXEn@WO>SmU-UpR4$mZ+y49QRj{PjC7
z3tjv(m)~6<YOdz!%JfQ8#WzOSQHXWE6|t3PI>*dbm4FjIpT>Y^lr+BIt}x`T?F&UP
z>+ig@@E-S#*?VG-)<z53_+5T(3X$nLtlJ;?@=V&i?a$zK)aLb0R!_8CvnVc*=Y%xP
zsaoCiyvbu|H+DDtbimjB^y*kf@+r5@&r2T*syZ{D0Z8H?&FjvvdwD`2yhyY?5v^Yi
zGH@BTRiCaZmt8PVU5yj2ix#=glAHw|4a>xq8SnT!&Urt?0ueYtJPHd;>-L>LYSZ5n
zdY=<InR(XU9m&Lu3M|Td+iThkQhei<M6?O;pU`f<_IfACMOOYBpP&ffb<N>AdN@lz
ze)P^wA*5OkJ9f!?3RaaaQ;Z|RcY7+kzad@hGVe&9T=YSFE&qDq)-dPm!xdV(_(Rwg
zHPW9_OBoY!dh_=153Bvo($+TmYeFcUzzF*@>+2=!A%xahm`n6zEpYQ{kS+2!fj^tu
z@tk_d`t+Q0{pzmE(dluve!b=a%-(DJ-iPV=bk>z&??c%E$fEb#ow-iVJx~z+Kiz%x
zS6o@sE)WRr?ry=|0zn!N5?q731Sd!n+}+(>8h1;AySpYd+DPzV;dW-`o9~^u@BIfZ
zzp&2gb<U|>XYZ<APd!yzjPa$2Qqb$yDWFcXS2-@7is;?RGGne+muemRoK`&vjw9=H
zJGt7k?oy1dm+iI;&ZLP2yK1DVhfPHaM|UY#@s(%u4l6tSmO$<&A&U%;fDUuvQc^{u
z2ce=*s#&j3L@#KLhIWA4=#5fm-MW+a8|P{-S#skHx}Myc&Y>qxc8-dzaJxnDlt%Yd
z>qn(pG@BTDu>od{#`f*}$x@yT^lA~T*zRkjs=8%!i+WQNZgf?CnKfRI9VM_xLCjm6
zPs1ptPvkH?pD;zY7X_RzW>$<i&OW+u%{;w(-qV@r`I!5-m<;Xb$CQ|a7$C4IUxwM8
zqkLAVo&NkwPk7@7;&z|Jp;msg|NS}L@Eh`ePI&F}lfZ{EO0VlUn;fgfB%eQaE00*v
z1F%1Kq*LyBNsz_gnY>E{ShiC>9mqN_Xlj3}AEM|Bd-J3s=v#=<C$jZLD2%agZ^|#K
zv$q8=?#(a3p2uB|st)`w(JY$Cs{&qS#MWhM*V!+-J=QzfAQZ3BpC&TcF>*8>Ful4o
z(fQ<VYXDIcU7fWGx@arHQV&lu+^4P`iCgZl-g>D*p!Fu%Dg@L9M~|aByup?4g<#Uu
zx2r~rcU}!`=B%DFosw?Ic117ZnZ~lWhzh~d({USEpL(|J5_qIZ9V15wl?(1jE~-D?
z5Vf-nI;%9Ddz|w<e0z{HW6+HOdCE>2v@e>uvh^>#u~rs*Uf(@%s#(=UA8UY2Q^-y?
zCX)B$`VLu+j<NJrA9wEqBc7T#uzlhRo^dZ1?rRxt2Vqy!(pTaRpl6VV7*hnxr{})g
zquc7ZT2SZagX?;B7ShFs8aja}a>B(IO|CNfR4XVW1jDk{XJYzPkT=!(GQDEwgFZi7
zwYQ|#yexQ)WVB^%|G*o>&n*?=wQ5T_&63lZKt`YN32N_I9#vc<o;J?>!pKEDwvVc6
zLqY0+r<Mgs`{gmvGd#glWgQ#gphl<k0;yS|0|hd=p_tLiMz9_koZ<+1tN}Q^jt~BH
zM?aXFCU#RavL(vK*%t8Oq)f4AQOsdk>8vx~8JIda;OLo)t9^-##(aAiW$QXkJhX9R
z?x;$>TiTYlj<;`iED$w)j!t78r$jC7%Iz<`Od`lZZTk~H#eCdvht^cFY;tgJOBUl$
zU?)j&GI30~AOwlFta57FJ$zmDlhgyY{+`Md7HthPBazy6M>d6$l?8_fOir&yuj{uj
zJ=bF72r_Scw%}rW5no>;a=>R|U0k0%k5h-ec_V>O|EGC?MZ$BCpEonc`Q0qC>*x2V
zNLI1?gCZhI${~TCb9Cx(lH$)SXFxEO=*CKSc!0Z=UBI9?B1;3!(Bz_t3ZyMOnK$5u
zVD;g_fZhOS#p0BjwZsqfD6!gDj)NTn$|FssYOIA$DO*=Coy?>m%za^Abw(G*-0^T%
z85KRWMn<UxD`Q{}sA}X$-ZER7Nno5zW8gjKYo9;o@$w$i>}pop9Qb`-ortW^pYdo#
zzjM26*bL)<+R2ye8Z)u)F06F=1QZeh{$^bLLL-<(WY+st7@G8C>9k<D{SUgu!+mw@
zsbg8Rqh-c7Xi3xcGI>ec?uSKj=J+w6b+1AP=n~oDp)NE$Hp5%&#5dtHbkA__e}4yQ
zoZ_t-?*0QrE<+DU)WK=K@qPLIddaAka`!jvgCFYe!ezJz|7xakfzL2p%;Jk)aF0mp
z95yirwFF1cE1)0!toe!U{i7eR+IFVLt!`_K=fcHEiY6ajtB9~xpI!4jj{Amzp<B$l
zood$Zf!8s;MyoRHexk^6dxyno+v@NW&-una`PU0Cj~sLbSfHWH+xA1@n&rS$J0-Qn
zQVHSE{$}3uOQttl3HoX8x!8__uIev1Fi09TIeu^%`!*4LKcZ|Zz5m4@<xVdB(t(=A
z(-DQVcadw<do<-3j7J+ZvH~YuZiCHl&ic8U!}^I8MQ2IE+ez#YCtSWQ*K0r6Fm436
zF8>QM%a$DVhaRB5Bp*xe$6!A+$zUX?R*|d&3rt9O`)4rr7dZRpKV?ifJglbj*s{`6
zRl}OcY8NmXCT5ZOX{pdGz0`j|xqsheJV*@%r3aNVm{|Ysm{$A_3oB7a%wD?Tf5iAR
zBLCxx2LqNmg2!<bVDew&7!C7}@4ql%NksVjO@Gj2e_y3LBO%FWJF7FG{GBcMk04qM
zKA0{QQ$OLqi1RsGN?h)HbQbqJo&S3%0T<AL)cY<+n*SGZEXm*`aje#pBfkFcoBke3
zGA48&yM0=8|3w_m9jFEbcS_&l5&XFi{$Dg4RwCaQIuKUM78>3EA`bCy4G;@h6xRJ0
z-R(*lzrO<zGJ9>&wwY}cg5vqCd!F>F+0}|aT>?LXW6SEmrKCRw27d9;Y5$jJw+D(_
zB=#?TihMv6@BiTuMl^e=ayyfp97aEx(w^!(34qdD<#=y8Gh2<BHo`(P1Tkj*DWdTp
zm1@RmX>E6?_LOcQJ;~sJQ9oe_l`St=SQ`t<a0Swa6O|_H<!PV~COISK0qhDXx^bP?
z<bnUtZ9sdZxP=~$cI{wh0PO3lxrMebH?S5gJKdc>Dl@tI(D|6Q(pP|S>jBk>c07)~
zi<Y^yJ7u?9QHHTj)iyokm65Xi4R@jT?fCEtvEsI9wC;T6i-A?E(^@5z{{ncakdhGt
zMw{poji6`LZv~?obr5>4J0nt<Xsf4KKW}$)eEXW^ICKJz^!DNTF|T4&mYDC`n&G1h
ztXYdC0o@I#t13;rdiX`&ImvJ_+;BMbEuPhfaFXF``NaplsG=9Q`z?ICP@AKQ0#A}T
z%{?2dM8UHS?+wAV=3|RIPSo3qLcSlehzP!%%QR;(rM>40ys;gfi&>UDT$HEN`xfrP
z7CT~3tetmIGc{awd+;t2HWKZhno<DdbF)RDR1Ez5j^4TxH5w@kNT~5vd_VNAf%@0?
zO_4gqqV~}0fLcUwUnF1$In)(n(U$nW!yI{%8g=hU(Q#CdGv%1CO_G#+<oY_2ue0uq
z&(=I*$rP%m<d*?ZYLYtOu`<CLQ7?4%z^+_U-wG8cNWSBP>INO+!^~`k41U4@l*UvX
zmgB3LP63BwST2v=sU=4fwD7`OxrA$6OWw8*Tw4%hhnsP1D-&s;ud7wa6)=;F*WRHf
zeZ3xIo^>3d(Kh<&KUdGVDg3K+x{h*O=7-VMG^ev3AOJ^b%86?MR|+sIV3c;5GGfU<
zgwdHIW}Yg1JHLe9`YEAuQ-xq$o4j>)d~kUED3KN^nG%*Jq|c_Q{yMHYpeB+jF{IuZ
zYozBTifK~+wl${ky<AcR$^5lIVGl#dH>%$G2<K=V;$ueLevzE{S@7n3ft4L;x=3J6
zx<;dAkhe=-C#SLxX+)XAUl{CPt2KQ9NrORtU3TVenra=1MTHOf!+UT1eFHiBnA|A_
z((meTo)oM3Z(p&$KhFE0oK1|je+{HcXq#pgI3@ga{&GF|;T%gByM8sH`vWEUmoJL|
znk<#4K-Q=w5_GT@7Lx#66Q#4=6ilTds;R6>nu}D8453U`t1y(*idME}KsbZFba7CY
zZj`Js_i3S4$#L^?>P=o2v(SHP6A7*!`{%LM8`4fCAyTNYbfz~XC(>O~alYs$xEjSy
zT%Z!sfZHuaAN=NC=Cql;FZsS~a8=JZc6l9yw=R9Ii^dZ|8HvX+L*yxJspD$yd3uyC
z>Lon*85~euj7GwoU>?^jez9e!0~*7-Pbd>*RiZahd#Vd`$Or7zyq|loxyGqhKEz;g
z)5u$`7oyid?Q!i9A63zsqsen-R`SF>R#m6*pSDjND?Au#gaG($p*K|b=wIBCCzw%2
zr!?Gd1ub*0(Gf?SnYX^%F$>11)OuOi=|W*dg>dn{SJBS?#B2>AH>9?vvRZwUtMDWe
zUYU>zV9;Jhq=9NkX{rowgAa2nBjG}i24*`*_<=0NI;B=5q3Rz-^s|91)j2pxr4#~z
z0G;JZ)WD|9{5(cZbm~}w6G(LWxJ35fjiK$-un+$L-Trn##(LO-zcbfQzcbgF(J%dM
zK7J&^_l6J6>qumTx<6ugrg$Yn#A@uo^Z<b4|D-+tyj>v(YR_l4nbhC|Y$QL6q9(-E
zPbbKgRahO${KG;UJ5s3@_~7in{K>5#K_v!vnm}|;s(|_ra{wzrg#%|Q9}S<R@z06+
zhlZg~fVyPI@y2Mie?0lmIukjl&-wr2M$X#Vu=brrOJ8zwLGPuKbIpx6;n&(|MTZrR
z>uubAm)ivDZ6BmWTDlGv+pKB*TDp<xPiWd)ng6%u=Fbmfi4QlV0=u>D4(}72cNJ|X
zCdyX)OfWO`^$xYp9=6W(moKZn+!Dg1yVzcpaBk>@Djr;l5>5no<L+X2IUIJq^?4Qv
zaQ0_fCle23|1~y9Ng6hJP6vC+q1?*}Ms}&aB-wLId0XZwdya{<Z&s+fGWm}U{NFnW
zB)CSb0K#y3F>Wu`so`*Wl882%guy$ViD2g$IN#7^bM*QVd^f|<V>PueNE*EI>(Bk1
zP7`cx#GX5$jHOOykc&V>z06Q^iN_WxET6ZMa^_7<siU*jENcIpgYW@|lE#VQo1nh3
z&l;x;mX2Jrv`Ir|^B$GCg|Q5WZwA;H$>Bz{h86&Lb_DF7S1m4`iJv%alJPJDP&ShU
zL-Jm~<TY$3W2vo1r0{w9AZlioHf5O&%)OlJNn&%^SPp%$?1HenanHK2*M-p_*@3=-
za<I7Xabo`Dny6oUmK)s#1=2e>eK!6qsEA>Z7*7@U%oRKRf{{W>x20lbi$zoPw1_c#
zPSL6DMF3Aj6%VkZ2>|SsLAMXsnezA&R5Vce^o(lct6DlwT`qELal5aZ7_Rl2maO5f
zu?Z?Z_3H9zP+oTr8=i8xWkEM0GE>#ZF6$NN<x>@d^lOTfI*BzIQ%#60d5_fwm$%}A
zgTIznFU^leEcSRHr)g>A>g%1VISM_K$Mp<Y)6&D73L?L@W52rPh<^ZjY)TE~FM78)
ze!XqPt(N{Mk3=wcPOP36rKOhuJF@RuWczY=%@nR4mBdrEhpnw4Z$-(C6uYZ7q3YmS
z%#G+%BZM=(Ye1gW%z74LNmACWn`UvsP<a2j#|+%#t#jDlQ6Fo-z)S*{qKK0bUqGRK
zF4LQmCxsh&j;nODeT+=jRf;H!nYhOIbXDDnCyFRC%y<2}@ae+kh7*Un^Q$}VF29OH
z|FUI}ICnc)FEo#}y}P`29k2L<m5Sq@uCluNnD+LI4;6V%tQgXI26dL-#giLG8du8^
z!R+~-eVPj+Qom$AhG+%v>>;n3sQ3dzFX6rpTuB4fHkCMstYHzGHSx*C-9-V0d(WM`
zTWg#SlI4=MuxRk=jV<MO8(!p-G|1hxNs}yKqjHrqn?gqa2PKTU^_SbX{vEbzM?9I6
zhf@@&-NyX0QTV`I@@oF}<%fNNE1^6fXiaiwu@^No=p}xnL(5asFZPilb+1KTkLtq$
zf-8a0_~<~Z9u4#$HzgCzGLdIqlOhQ-Dqlzy;`H&aob6tGsb({|6oqb1A&aNzb~-Pt
zrkkL|=Y1LA$hQZfMsT+BF{@_jPD1-4g{eVKXWVw8EW<e;P1ss^vJ!=ev}5k2^GW2#
z)K0^&xT=<t#hh#N936qh1b2&^+l14vgnct0ox}rZ(qt0-Wh0rk;S2lrw3?t~gQ!gh
z=XI4^%CAIdEL82`n~T0MJH+4R!50hyf|DI%;r0~$fYR|pt*7VjwZNVjk1<V35PcF`
zYF6Ih?@}Zaz@3+QorPxN?@eRns_+aqxBp4|UW!^cA+al3K*Y%l@!!QF0kC<}n);BW
zJTky1RO~VFYLaPLjwbh~pn$E%eTZjaE9wC?aR3k|<dA@-Zo81~rL0dKpMTSCwDh;7
z;Fk+VFN6=GC_{j%es8-kOsWQy_RkW1h4J~*?v^qrSV%IhyJJm#86G#U4p#kNS{1-(
zR*6%}<^ce<>LRvbT}Gk2SJ&-!<7Fe!BbAbCoC)BbQsbB)F#(A?3i(E2ktuQfdJ>ve
zWem>7n{V=u`-Ehs){Cokfq`TFZfB3bdJYTh-xBHW3(w{ZeKyO;%~cAv90Z0W_FFlt
zEWtMHHCwH}=@p+MT0Z%(k;PuUQs^}^N3=@3_-*&6_EJYhb+!<}L|scqH6C{pYdZ?u
zJ1i%I_j>v(*Hcfa*}eD^ZKbR1TCgC+T>kqtkKPVHui~<@?v=6<%FbWO^9Zj{WYidm
z0+5+v+X_%Lo6!B!6(-Yc_{ek2@sIh3DQW^h@2=c}yPBNCG)boomf|Fgp6gye&3do$
zE=KgAf5~)}=iSKWOTYHJ*6&*sw)hrcmx)@_&rxLFe7Kk=;u`Z1ZDHz*=gzl4Os!dE
z%f+24sp?m1TAcNIStb#?8ON;RlTmQ<NUeHP`_&<>TMqHHSL{)ygrXsR9BS=hpUt=r
z@T`s6-!Y~E+71TvZDi`{X=#mgTkkj}7ueu7f%j2Pg(2;JD>fj3fY*lG22ZH99kTZ6
z@zjbw<B9aUbBLu0b8iDv9#`*_VQe9S1w7C(@Io{PJTR%gcKgM-TVUOH;u^eWde7rE
zwe2pI)aJNU+%S&N?#Q2r&lO7!4IOB;0CO&JvF=t7nz&s%ska1iX`N%ljJ@3Q-zPVg
z2Zt2W%^}8^E!Kg1iOtn4R`BcExltrU@NqX!8$!l91hnBWsXK%E?9hzDo}Y}ZT*Il^
z_k$a3MUKubwc$F8(MGE6AQ*l6@icN{_#!_25r>#wzS1{~3y(1khq=YK#OIWUwrIR|
zX>Gjs^NI+qT<gi9{_K85${t1C9>eZ=u8{lPkeiVgoY$Ac@#Z;V@IMidPosEx?dQ}%
zT=lR@Y%f=M*6=FZnQ6<6^vbg2s$xG2yf0d6>p%d$)G2OP?h})hx!rSkX0kQV?k!mL
zuve?*oz!`2BE24F3Q5U&=<L^j-%uteJdiWSv>KD&y$bZAw3qa5V{3$#Gk#sGHLU5r
z>`4*Be9CZy^HY)e`LrY^18lV8YVV5u*yA*URF-9I$U_%AwEZ~CPbz%t&Npo&Vt(Xv
zlb#77{XzLAibixeyf@|A{V@Suz^#bYi4``FYpa*My-$!$2)k~qn)XRrwUDckzj8Hn
zqc`aoV>7TIUq~1|XblL)<Ht(4CpkG&Pi@7TBSnm^&?g9^f$JR3^bBV8Eu%f(l#ea<
zCXYE0CZUbfObim2PV6TiDRVyOTV2pl!SBq@jdPIq5Tb8rfo5+)OJ<NIU71NnLU>8r
zWLkGwPM&`=aE%4De{6oqs^6@}+4b9)IQ5g!hK5;wq;0l_Eto{!La=UM;n##kya$u8
z8H`5ZVQ~YFQ338gY@yL<<ndDP8-IEGnr4$#Mt?}Qsg<)DLmHM#xNB*j^N3J)Xt=<Q
zc^a(@I3jT&w7+^ubv}j)QAhtWU0X19S!fxndRj&aJA~jA^zhvPfuEtpb3gMJ$uOl$
z)7T1P)^RBZwQwWH+BdzWFP!NXm7&)nGo2AV!^<RIm?o?n>DBQA^!q&dygZ9G%b7Pi
zF=#A$idHiFp$s%H?1`g=Qqjbv*Mm(U;S+v~uAkBX$AUo;e5<neGY36_h{UQF5bzbL
z9lL1deJ#(gjq;lh_w8a<aGB;tHzUbWGaVEMXN<`rpi{<!Tk~bTcMkH1Y|}e3l?V{K
zIuJ3=EUz_u)a=PRM9$;6Ks^sRDkJ)OV#RMqdqF;~=5&AU@xdewA%^~dXYaOEYNXo#
znZ~&67M7)93SRF7^X4d5gEWSvZy>EGbW`TxcF{49&gCPk8fRuR*ml$hr--4{Tq^96
z+y`4z@7p!6u6=R+MS5I+Oqcq{CHys)_w=?czd*1?7cC9Vq_R9Hu2AN?PLh|0W82A0
zXG4Z4;s!7@8~>vt%^3F)SHab5tKEuDaiK53kGo#GYr=?!hbbn9ba8>=bkIfgwR4M3
zt#LTzU`@p$f|rz6^>ZA*_l$-1B6d@}dqZtNkiU-CJ;biDVton*KHK;et@$UprmUk`
zG0A&|b+aM$#U7<)<ws}#+s*5Y>lddBW2S7vhPOTTHFbUg5-8zj5Dle(2K8JHnTFY9
zeHPOrOWrtORiImwv^9Tu;KR?@lB9J-#Jem~M6w|^P*6+u-M;L>cnwZyP3~O&7X3nb
zy@3BKIE^R<9}FI%x`lGms?fgo(M1Q~N~2kK%Y2!8$CC=}#f_K05~Jloq|?O#WYs<p
z0pgTCN1&eyjtsq03#ioTKGC6^9@gwou*A0ZyZ`Ek72~OtmG@h+6wmO(Jegk?AfeI*
z8+<!YK5D_Qi)^O%8JM=Lk4`V619Hmh&&7*7vB6$DcLO%bDmy1H9%6SuqC<5Yp&@bY
zCOfks^-b$ish!x706pf24b`(k(I_&T=F0}@<u;nlkFPAqN~Viw*dj`Z(ubjuSO5){
zDhFz*9hEfb*pn^l5l+UZKbfUsC1j0(ajT|pOQFpBh|?C}3q5T5+UBP3wt;a*27D!2
z1ym80tN1Wrcnfwz5$$<EV*Ut^opmE)nl!O`K~&n|v35y~S@5Jrg`-Z{0+V3D7*F*I
z-}HdsinuNe$4bdnzopXLfFQ!n?YgL>g5x9WXk}s0J!gce&f$p|)7B!#fe_wWzKn1$
zN|o)%s5L;@vg%we3Zt$FGSD?R%RFfCicfMeql7^p!ESAXsiA@^+L}=6+9FgxV;@*d
zzM2j#L~G8@-%4^`icBSRxjx8zOY#uFEUwm@w=j?FH~-#2r$q`(YyDU`A;<5ZVuz2m
z2|1XP&z(x&{}85fd7#UCyPCs);EJ1kc1XwIk=t?~;P#D!T)8oe`3w`hL-Ug;N)SFl
z_6w-g&P<k1R5M{n?Z>hZ$t$xjR&OQ;=;)l;Cp)5bv4*4kaZf%p&1{4f-H;p+y2s+|
zQz&gaW4f+R@8yiQI~<L7MT@Ax9jBHWTs>Y4@AW6JK0S;>F$h5=Bq*fyE=}s^@@^Bx
zli!RbiEz01%XZrfss_jC2te9u-u~?*Ugs9mPw;{gD)K$rfeSFEv$S38<Ur$LYZxKv
z=HfoaP!UmI)B3D-r*z~)8YoR1>ibQ8D%CIZU(KY!Tgx^-JQO5U4_5pLm_EaMdKfTj
zT^8QW8MB74YLlj+aU$=DT?q=r6!4o#lz3^#S_t;O5tw1$s2(eAWN`6QN!`88E3ms3
z?1%<BWi*?jtG1_GF5*G9!e??}T2DToH%<%B$2z$DA}D`4`F3enArbeNcd0=gMZRB$
z-__6Q|2k<q7I$p9s`A{l#)oK?b=n_b!`~*Wi#L1g&O$JNqSLo-C(>T8<??--KYGLf
z%|7Yl#R%iv^))zXCrPaW587SuM4d+Wp9oW+e+-QN{!i3g7e|M>hva=ztnCv|L!a34
zB5IVBK2Ry`Qq5;8Q!?Ne3DciUks0wH(=4nuxYzG9Lh8evgoZr6_eT`=tNcOw|5Q8m
z;|FJdq7Giy?7zYI^b8~?ClZeeaN~<8c{}Dp8?wM*py=zM*c{`qxygjSBm04N92iYG
zQ?5KD8<u}%9md7s1+B;3!3ra?;&@pgdhI#E2ty^xf^AM7w)%&|W;ZQxu27xIJGt*~
z^>Yeq{}UF%kAgYrd>d6|GoTz-wG6G{!^^f*L8ggf-}UD+myb^JAQy`rAxco+8D{s~
z*a#+0vKw^bXQYm3^zyK<|F@<BU=YjOV<%s*;>)kqxxuCmEJqDj`hMCPXV8h>SZZ+<
z&&m+RFw+IEqsWg30J#4hr>}&;;P!t=M5x!;OtgPvUu?$leHr^sE+S!vXKG>oJ-V#*
z8%8rB{fNSNfY0FWKf!ruhQtCXIg^U}HOufslcR3ei+xIJ$XWvNk*zHUau}2Hq(UJR
z-At|nG{XMpdo8iyx;}xD2>|F5s}`tryrIMiIXs@^>|(01r@c6!F202NU0P8~b(}=O
zEKBvlf3p~gkeu-5dYKENDhMX5X!+S=tfb8iWfZVjWg)7}+9%!}wHkh1_?(>75%`?Q
zg@OO6d#L(UZQ+wsq9$)yG~-FsdlwL-p{u{)DZZ3F#i=*Wz<Q-nP#-N)5{Jb^GXmpZ
z+7?H~&To6wX0w!#Nap&jY|-6~pGF_Ih=ISsf#XX?^t%TU^6Q@;qxEHDjrj$0wdmy6
zo$Yv5Ju}rGSXZYYpMeiCT{*Yg$NG5)H<+f~hL#$rJ=Y1u2JOQ*y*-Z?g>LHBolFhT
zmZJXw*aUvI7tgnw!WORUdHwL5PWE2$ozhM*6vN?;$UL!G>oIGyn>r_cGagA70U?EM
zlj*R<b8eu)B8Ksg2<Duir&_Z9fvQOat>1*z-*}Zeod6aMbJX8SuHXKnJrYKi`)P_J
zIgE<C)Q-9G@F?Ai79&B~mEOIZ^D=I*TrM#@C9i*ggEEkx?DUf<5nm2zz`4}vYUWoJ
ziWiw612OHz%xHBiCRjN6CI-C()_`JT>~&dDZ^pJzFUs|=`f75dwZRI0nFlqpg(+74
zLmA><f4*Buy%^D|Oj6%&nHcdTsS;Zk+P=A-G}lQ~d?>$i8^T#OYT)B}uacARt3MF&
zexCFr{gF>WsxE-Fx$T&&O{ntI^HfMsiDxd(o)uGZ%_%1RtO#xGc2?b#mQKdpH@BLS
zz%WL1Xj+dd2qsVJ<J##3HsJI?&xJ20X?fu)VI<=dzv(<zW7U~Mr`64`eiZtMKQWL2
z9CFFFqfys)JawcZ^T%Xge@5*WDClA;Rb}{W$%4xF`Kt1+fx3{Qoy^KhzHe@2`t3Es
z7VBD_o!*8<6FueRttM&OZ=oH2+8qo>u-QTDImg0P*HNVckg}o5^$#id^`vXV7ahAO
zuhj3`J31Psp#6Oahmb0vpp!Ut{4>3p|7Z|QLWt6f3At;&Hhjo*k^*f`Y2I&uLJtsf
z<QdbFZ_zYHzft-qJb$;xII|&^Sg|~vCVBapA@3&R)xcJK?vB!_;H*@+!!0CkQH7SX
z-|TuGd9-!jv`|yj-!g`9gt(Gi>XrJ$XYPfdcchAjQ#^>c2Q`dvf=EpVE)cy1{^Rku
zS&<kG%x{}>0WS;7?p9yDE16xJg}A*|9@7&he~~1H5TF|hBjW1O<J83(V9Tqah>E1c
z<JQ(CY_sv|a5TW)^5R$jC|!h3Y$Ym&u|WcWCb)b^lZ8Xt>{8;b(<U_VTl6Jfd;r1I
z$nK<lJNN=i2K?c2eBwP!4*>LomP0cUne#?Z8F4z;<~H>`t}0@P){c(@uG)Ikdd&!_
zcWy=rl<USIlVNqcff!{fi5rdVw1R`^hd=?RHxQ+#B8a0WW~sJ7?dIqE&g^qC(dB@c
z7cb`b)UJMrP7bA(l^=r?<q=c4q8a?O+F(30!9t;_YMM|88%4_4^Z{nN3s%!_f;2O{
zJlb@fE2e@(`3b{~_r;5~7`RrTLyd}`3)T}GfRzWRQBc!JaI#_1M5*0epmh0Oqo|a9
z&g(|zZ~*|0RDU7tZLkq^(a3ffi?mYeF^_>>GyzjvP&<{fUxB7kBUuwt0{WKo;;Uu4
zoSjh;`=qM{-1{iy5<qfG$(%@>>72%EbUT|&8JZ0!XiFS$b|!+ciK{)?WO4{s9e!wg
z|D$K6mv9EtH8(2b$Wp(6E@3!sGi^BdN1*E$8L9iVS|mNoH-%gFoI)KD5!fZ}Y1q0h
z5%gzvUDmXY9?0vXi<YlklU6T33X$-&7Xf2i`8w$qoPZk%uft3Aj{=5rskL?bc2gi|
zZhdCW^9{5{@@Hqf70wr8V{e~Lyc_K?wu@MU?M2b#Y<)o%2@pp=5+5E=C#(aVPb%%U
z-b<e+0~kY=2*~PECb%Q!U<hfos_`_gG|B{|Sd8gwuQ}3&N}|O>+uP&0UPf)ze$UXz
zy}UN-hIrM+Ny6QD8Za;{M+Mn99JX<wUwY>Psb;j(Xo=ROf6D`k_ZGx;5-j}U;)ZRM
z!Mea_CRHk^-y7M57f#;+N?DQl4ZJi%7|h)Yy&xpgD$u&tO1t4B!PBPO1*KMw0lq(4
zb&N*$B?xheMRsH!y+!<ARE1{it^LqvIn+#Uz`T0qLw>kbS(vJDN<;b{e`LIri);!$
zm!u&`jk|lpJ?k#_vv13rs#wQ@ya|mP9`N0Gdf&y<qbh<cTgLV7?`+O1xB&SJ=Po-H
zFJv0bCN9g*Bw`{?;2-PGe9eSXgcBpsHt|KK@`ameZ9#DJ_V!M4Tca!y`7v*Jx*xE$
zZI_m;xURT$d6&*FYex$2&|ap5B&7zT<n}F&bmE)Lfht#|UD&k}5N4C`oafjZb8)=W
zzxI!L<WBK)b~?WNl~NOg=u<av+BXMwY0b4$(jbsgLGVg<MZ!8HwHs{{iM9Tka4h3<
zqB=MMsx5#8f@zlFmP)4F)9eq%I*3}X9@+t!{<BdvhwOrYL6>Ij*vl0K@bGFREKQL_
z#MKF0i{&~G?s9NV`#n#=)k)OuU_!zION{~1^?OCxNo(|5(dci=F8Ji*YRzEdH+sTr
ztWgD&UM}(ixcd^BVJ1cBxM*#~^|miI(5aTvm;Fmq{meV~*V3^XEFAjXCU{X5ee&q?
zW_19sY@v{cd6ApiO%&{zZ#f4ik)ns)MB7y+`Ok>}T?&sgtRH)<QJ7WPY%CF*y3RtL
zLV22HGC!>5be@|^vB4x{S9ckM&B;7kBfs5T7m^b|$-|k|N>2&a?kJTldSL)Gq7FzL
zt<q)<DQ&-?h&;I8VwydEtBC&=CnMUSZ|Sha2|o*4s0Iv-SgWINq?{Rvy?WCMbS6Dr
zIh^0z5)hx==(qStBIQVY#@FR4u1}D*1D$SxcPFsXhL=JOSLc@!Xd4f9;-Yrc#qaF|
z{1&~$2H$6lT2_h-0X@cA5qZ9Rg!1#yeMH$CWv;Xs@;N%5!VbHimzI5I7<1CzEesxM
zz3JG&B~(WbHz0=(zjANeBc9txs6lv&xqFdYo=<+I2C9zs;>;mpL=+Fg<4ZJ5WR*8p
z_-bv4*+io0kP})}%$9VuafHKM@`2pzLk9zk`g49ya+@GG8U(*x1KRY#U(+LT!Sgxa
zZbs46iC2WeaP9dh(a~GCcC5+McGWS#{_T}3u>)1_#0)#5zhXm{oCAiCh1W6MQAY#+
zmDfmluPFjpn4kufi5IGrHw{O3$Im4PYE+5uZQ@LdqW=^SUn!x@@G()hEZm1-yV-AX
z<TdwLjpwu#-;YL{>gQ~}lUVwzOS9^d*HUSw(9~o4dw7qeilcz~3w`V*c76X6F6AC$
zTj(JJkKRfgtLHwQX?vEKvS%3*6)y6HG-mrR2+#chF-&KQ#Xgwrvle%tChfQzCdaj7
zc<=UrYJXx+b=8d3u!ENY?SZ#v8`&$D<*ex(mPHj8m&-8ixkm?;#L&c&Zvo`>`eMgx
z*^Fz?gpxSxL&EiKE~8Igw0?W_dpU8L&O<m}Evq6G512DP8`=%ry-#-Y=ByFXNs#xI
za7%(aQreyPU<O$w=p-Ai?L_apYUoZmb|VAM?I={7n|L<8rAowO%9RbC|NfHQnJvC&
zF&D{{Ml)lw=VRPPc|)}Fm4^wh^_EHeX7H_6Yq$CUvKY_o`<#fEdJ|u)S!pVcY*}dA
zzj+`e&Y7}WODJUBy~Pr!j}VBbvb|N?Q0UBfxeM_=8eOdN7Y)tzz7OE4;6d(YXL=kh
z?&fdkty-IMJ2<)3jd@(jhVg<$EY6=&X<t(F7fxh@1~gvS+q8tE4%Isj;W3Iky4bf^
zUgQ}stZ4VLsP@7PX@@Q~tI99D@JnJ!(De6WTfBKR^9fW4u=9gXDF6&U89pF$(b~?8
zb?y(7EshSOn=EPXc7*i5cO;Qmco^z~R`^|e$pmJj24ga;E*Yw<rVK56d_Ig#9gwrC
ze={F#aKAZ}X@H`Bur15Q2V==fWJ&{@n5iUv;T|RGKD7s(q>c5!+V|;e5pwU$<>qGl
z?`UHVlv@IXXp>ky1WxMLhP*J2s$htN<WXY3nw1frfqoIV-Q1zRdw40}UX&G?)!MPB
zq_R+rQ2M1TovpkXITEEKAh5Cc<0n&0wbF-*$WmP;Pzgwkctx2r0bnK~z42C;9pp%F
zQBxy<_@*JGqG~WP2U}}7#>MLxAZ%sO<q1ONV<t&z_?Xa~!q6UI4>G?hmMdBJuUYiF
zD}D9$Yp1H=Mx^GUzcHVsdo#tzY}J!GkHt6F_=>^PQN0g*3|1VpUW7w$OXk<;yQ?wJ
z+KZ#^h|hhs4mG}QPwj=H1kMlUNrd3m*gQ0n-`sI6slDYb?tq2@P}-LmuJaNvRy{u1
z0`Hz*f0%qLv86c68lYa<-P*<ESTx5%ohfeH%WJgccZj=30{50~n0#K|{@u2~+^f~+
z#c&xEgSkz~2mA-&={e1qBlzx<rFXm&U8#W8rSzi$Gqho086^!h7pA<}Pjb8r^HCoR
zRWRGJ)$pbZ)l`j~gKdey%2k>5B0EkP+LLnTOWnWe5X+nfLKP^-+#M181eJtW*)D0S
z_D2Y|5AT-jam5^s!aP>})6M)H^4qB%wKKqL$y32SEhBm2nb#;?R#jB@4++zXp<qrE
z`q(Tb`*RYPKsskj)DsE!dGygK{#}t>(~ehbxtDEmJ!p%uERBs#+3lktv|D6#8ogkh
zsZ4I*-NN}4OUkB0)0yTcnQ2o%?e$Z2D3BkbDl$j`XP!~oe`)Lr_$9-1&=|>GOaBRv
z{x?7EE0!_hAR<$sWqVC{bssc(GeuKTFTsU)5}%l%DWaCEhBcc=3VB^<$Pf0VPAP^j
zyUboJNFhJ(oO8W-gJZ(MG&S=A59o0cSyJ!BTF_AspwIQa7;yuNA_SkyS7@MAY1iH`
zC$Rp-p}>WWWfGFxN7#!OG>q7QSz(zoqn;1h?XcBWJv+zVJ*xS>o0}?B{!xSG6_Xt^
zjjEawR=O5^C==7TdnbdUWaU@9JQV{-2t>=+eY}X{yB>BNc2Xg=385|(W%_I42w#N5
zr-_9qC##Lw{O^h2q)NfJLB0WU-)WQVnZeoH{eq5Lb#Qh&_Qz;go=`-@Khb(cU0oeq
zlC<MdM1qNlY4)C%OHC1~6=-Zug$3&&3nlL8zgT~#DYEIaY!G*}sA(QC(Yyse%3esd
zqIUwQWc!Sw1!zrKyW$;}*bT&1;n7t*|B<*F_}Pu>vm5vUP+Hm-*_K)z;EYUThLxnQ
z_H?Hsak2<)z4!qn7P4kdNtskDIXjpcQvbkFoL2()DJJ!1sYa)KugDeblpn=5wa~)V
zz%cvsl_;`&^%XJB6I8DJKx|_O3U)pA&;S=Dq55gqoFIui-dElm0o;zvQ=xR^bimBJ
zMK!$S;#exqZloV~K~e}f<!zbo6+xwQIa*kKzQ!kN*{jmnYG$#QJiZ#T$kp!7gX6(J
zOBYbTP=L19@yX;4Oi0FRh6o7&9Xki=_8Ta%j(W$_#eWiecV+zHhR|G_w4C=@1!ifC
z{?yjzsLy>(y=)+nGHuDGvJ$d7hN+&f)`{PjOuxHZZAdyzXA3f){u&W%xLnwfBN+Iw
z2%lt|+bDa{R<Z{%6CMqrQ$~cI2J(+69|}v*z^7Z=7m51JCGfKv!n7RafchOlOQ7u^
z{4+RJ-VWnT)iZRmweBpsczsk4VhE&}7=e_AJL{Q}IIdg?WdGvr<eOp>3Hy>IVbj>A
zn!?1CWjLJ^K|ckN7n5BYn{Z8WD!zppP(J+HopNG>J+n_i847rKc>o0d^_b6++uwlZ
z3fZB>H#cli%G0AII3FUw!};%Ul2*eti^5sjCL`~@El!28tnX^TE#bYso>l!*M}Gqh
zP?ydyqT)Pte(20squ&DK{Jodcom|KTMfRY&kE(FcU5hn6Zp;+PQui?_j^uK4paTn)
zB4Svc48}SbLxe6R5ZApc^@e0nmDo#=#)GneR!q*3EaM9b+{wwwLBVC|310GtrN+Dv
zy4CRE#((Ry0O^=U()A;WfzpbLCmVK=pbchyE~G_eZ{x#~W-BX!yg4`iZh738^|SeU
zk#NU*!B~eTSx#2xAGxAj^@3#VIAIZTjbqG+9n6{y$kcBLGy6B1RKdkL|9TJS1ky1>
zV)|5}7D|d%qb7T4MijDrk3VY&d@3=mTK0!=d!%(N*JnC?i<QDO4qy!2et$rq`$pQ(
z>R54F4X8vpljz8<;39;MATqn@uR^vz*5z+4mSV&1;c<YeDNEECPq}d3VzkN%PSqvw
z6Ai|sj)HlN^kj-X9LArLSOpYd@*$>r56gul(x<3lDtq(`cY`%!O4{m4RGD`jj>%Q=
z{Y*^q<p27{+q|@&Q)`*PMLK-s+H-YE-tD4Y;vLX)diH*f4+tiDjd#-MJdmK)-JnY&
zQS{vpx|;w$UVMB%#z;GyojIgkX^t!TAf)_85@#o$-u+)R>VUc6&!}JzT}fqZ!AQyQ
z8CvXc?9RG|V?mqn@cjfNAI_cAJPk0<)}VwMv<A_{ielC5+Z}P_$IxBu3!&W|PK69!
zuK6WN3siYlJRuuKr13u(!*n>ODlCaS&S-_M(lqh*3y?}EZRb5cqc<d>{46BJK|`UC
zFJVnt^EW|QHG`Vk6{5R?Jij(-{wnp30krvU{yf@Y&(CkHMXS)5s8e}(HJVM41PN|{
z_H%+@8Li=%m2$t_yNGw>2&oY}wxdPlk=tJ@V~@fcZB$1lRNB%K<@v-aVmw3X^^FyC
zBI(1c<Kp|(rXq)N;a}my`q?-X8?_wr&ORnpe)(vhs&h(M>M~Y4Ka#QHeXjUPTWM5R
z`_QCGGh;`-uoKun9`0$h5c(~8{52#<USo&JTkVuYrEL1Os;ClRW_F^;vy1v+F&8_}
z$Y??|!@`gyHy12{l@3JWOk4J3{S=>KDm$6*dQ2jEIV5F@Gdk&JX0wM7WB&t`chc-k
z$HV3$2zS?IPFyF<aJMeaUhQm6Ic1YPTyyu1$pM`@qGUk57#S`l>VG)RB(sY4`ayp2
zRaB}>aPnxeH^x<I#FoKIR~`Wvj*^B9Wd;Jc2Pa3eWAXB8RnsjglhL+kxp!KZy61P(
zHB6E)Fz^)e011tn<YqMx9}~1Y>;;WebUC7zTdJr7mEBf@;IEY8nZAdMIT|t2`uNY>
z$BD$LIt$HQBaDct5e=Ub4V8A{r^+7~C(eIlEB7^J8p?DKCK4etRL~)f!~M;8z7_GV
z2dU&QG%+>s$+W)|wt)6m<{L>(l({m4KUo0lm6I~J3ZK}P8*Up^DI^*q<Zy#P>lhpR
z1_I*xejmae+b={f9^FQx?Fhy#=+UW#!hfxDx!DO=&ebIEnat@h-tz-A1XBz-R_@&P
zy}!Pv+$*HN!(HRzoDF1nh>EL3w+4|8v|YHf8E;^9n`<vGYPn=62|`35>=kbi{W{u#
z8BaHs8{LgNW*ZaExA&c!T95ln*=GBmvX;^JjoLTOaNtRFh{ZFzt2>|5l53Sh^yB@e
zb87<-Szoc;ZZO;IS5D<8ps?D`!M^qqM;smL&X1eJg(-@R*V^oGLlN@H5552ffc;67
zRCIRV!KJ>SP~BUy)5Es9Jt6z}E5lCvcgLT(x8mwPxgh9jkeZ$5MU${C7+55^z5ibS
z8n9gb#_(1WrwrBRP!>z@1c^6)%Ds22hcmvUq!HmMXoc_;Or>ikyr!D+8y<*<NT$me
zy=bMBL|q9^7BQmijhP#hxrWJX_SwRkPN6OUFpPvZr5NgmmB$Uj^P5!B#^uVoRExCu
zHn_b!EUn`Omw6BCHH~bb5|+-{<OQ!(h(oCo>wKIVRlVW)giA_I{KEE&1n?5mzDM^r
z_dgQs^hVuz+{wS_C|JQ?<F+`;aO(BhwPLQ@N#%K1l}t%}BCP2|>NrnhF;fzQ<UKgZ
zp2X9-vb;QqBI@l23Z6Em+}-iHmu|82NtJ8nIg?O!wqwqn;epilniE9?=B*~rxV7l4
zdx|Cz$B^_Cm32KPK3bF>-Y!@dZ3d0O*OI)LST)T0wB+&t^Yl3QJ*{ljYAK~vrPl9}
z&c>3eE^Zjmrd0FOxtc*ugYc3FITkB(YIUfX=eJQ7D<T78r_En*(Y%8jGtip;HS&|E
z|B*9r-|jq#R9*7>2xH#crKP0@e#H{*Pny6ndi8&~$v@1!@gB9RVa`f0_?;h=@O$}M
zXi-X4sw(sK|2D+=vuV{IX^C+h`2G#I)VIZG|D|9iKn=>xt;b{f7r*~6CMxppDw7ew
zDCa-ZGJjk#AwYjr3@H4aS^k@l{FgU3PW{dJ{eQnQzc9-sU0wcPS(CqH{``yy_z`x=
TRsx#{1O1biRtA71jRXG=3IsDK

literal 0
HcmV?d00001

diff --git a/docs/installation/images/windows-boot2docker-cmd.png b/docs/installation/images/windows-boot2docker-cmd.png
new file mode 100644
index 0000000000000000000000000000000000000000..09e3206ef97ecef230a24e13e9b25e106f7b576e
GIT binary patch
literal 37436
zcmd422T)V*w>BDo7DNO@5CjB7M3gEZy-86zNbexhd+&r;=)HxWAku5-9fI^;M0)Qf
z)KEf8a)bWQH|Kx8x!;_*_s-nI470O$cHaH2wcd9<>sf2<kPk}Ig!icK0RR9(Ss5u+
z0N|!10Pv6X-G6Xb%-!!Jafcf&s?rjGlEEiixRYBJ;)>z`Kv@*QmGN!dIliNejtc-l
z)OP)Uqst-B6aa`Bk(Clx_cYu^i$vPWSLB31mfkqFkITQ>vc9cv`$d9B?)eDmOKTs%
z?FXj#Qi}9n3TtGFsijES99gp3>5uOd4O~t1&)If_c6aw{ClB51qOeI$g`4jox^~0*
zAsaC4795R774bfE#PZGbqZuRYB^C+#fjhar7O)G#5M!4fO~;N|syqL=G-7F`$6Nrj
zme<Tw>G{`f*>?GP%>`^a5$_qLug9T^NT|;KaZylh%0mTy@^@_A>4ebj!vFI?mn6Gz
zAyX&X|2o{RbfsoFBkN!$+oQ4bQ{|;e=jQ+PFx<D_oOc<R1+1!FE4qj)84E}3wVbhu
z*cmLkr22mD-%0ueoSuWzDs@{l5=t7br;*EChecsGu!&XJ73?|I8k;B=`TjEP6pr4&
z8qNzrKq!X_gb}t2y9dW|V0o2>szH}gVS~Fl0#{uigYbQO;&rU-E*#TPzuXGH+Q8CR
zqIk{^LVWu#MlBcWdT!QhzZcrnWiG&*zU<?-!l?^Vu!>2?BCrV4%-GBk(PlI;c5R_g
zs7u`dd$NFz!nz$>E3Suz6Wh?K%L)sC^2;!2_?1K0;mD~2)`_)&%o=N8bc$VqUv-g4
z?DAlvnjhdyGTpQ*&s?Y5`JbeMD@o$a0CXKiU)H`kuK}GWZj7<x?PfBEY^-B{%MJ3P
z$+=T7jc@6E>GM`C#WG~SJSwk+*y7zJuE&|E#GHWN=jyFqIaLHs9}SunMz_yjxJh0*
zLH(?1eB~{weRE$I+&H?eN@EB=C!LMDt5Ja5#|h%gn4$X3UW|15%93jkgwiR<(-Gda
z|F-9VOjBbS#ZHK>Jv5l8c!(XYyC2f*oLXh_h6Mhh3gvq&kZFgOo?+5vmCV(jY8(4L
zVwhVs<6`0@G&Q~G-{Do6{X=l!^p{;tngdRUb1FS!2Pd`VY4@&W@8T_1Uv6zxcQ*5>
z_PHuz^DZ9s$>w_9(O$IL*<6w>NoNy90jboirJT+}!?6>fkfQ})(ay`HXRr2k;tfRE
zEFdWcA{ljc^%lI`?pDlZi5*dH1Sbwyq|wE4dWc^sCX<m=9pVivmRwfI9MS)ebq^_C
zeLtc}yo1%n>8~=%j;Thk*eX2rl~bkP#n4KwA6C$h#b~EGHg$nlF@H-x^_9+eiNLn`
zCga#Nxyho*vwH2+_@c>|n&ZMg_?zp`6lYTmW(qzekx%Gnys%U3VL`dGU&LN<6;yXv
zD3w}#qH(sMiZGv6RRL<?tg^c&H~6fxL+RSYwnFHRkOV~+E!xyd+j(;#KAzCC89DpN
zv3uY79o%9y*{WjimQ!i84h(NUW#wsyVwbreLaqE&%_A9yz}vPt9Cptaq<7s?O9E+r
zC`z3cuDp228egq8LOc$t^!@rv&O7H!$Terg@_OHCRpIv4{0SsYB<}-m-_y;!H>jFK
zts|nU5q$@riq--iOW!aK4atg~DTsCf&+ZOSzX|;)<%{{E>~b)bV~_S6sHjq_`u!_S
z_tmq+`hsdw{It;K2na$<_lHsH#mx56aPs@ih-!6pqp^gd_dXN*J@{i>_16j}w)g5N
z<u!T`FR{Jw9{s%G40J`IcXO^}wNtz*k)AECxKP_0?8xHkK*h&qsaql1u>?<fTS3W(
z&v!3hWN3a~r)MDhZi<ThL;goVYU*19OxpFBIk-;H&3{vCq}<;9KWmC_Y74z@H3ny@
zvFpe9z_@z%ma!Ok4Nvr|7qN0B2}BGf<D3<-!zKCE6Q*99=UoTB`l+DhOaZLVQIq<n
z`8J!C4HUiKlDs7^Z=H`_Gs1?Yt5Z7{J};+eW&DWgXbagiv#rJS@!WgC4-59=wz!>%
zTl1FH|Dob*iCK8(l9=2~<`MW+XV1)k-_ZE!n`sh?uf^u2Ly8i^6pr6|FRm<<!#?6p
zrh7u&mzNA$Uvci6^&S-Y^vZ~;Z9u_DS5rQDYv#d=y^ri4T@EOIaQ4ASN3t0a`xD0L
z-*t0>^Tio((z_SC7sNIcvb9;gnV#U8J2Q}VDsyK6X{|LnH(UhZW(AwUdD1sjyY+VG
z(>u<)uR&~4B}krMV;r|4-uq1b@%AMX(?hrNBXHmm<?z2CLd)*|{YNWC6ucQtCt8TE
zs_IzMu?s=s+sS@@pGi}*hJSB{%O8hWeo}hdl_QbNb*Bre*ZBFF>2OF4d$sQ&!H9=D
zJ$U$`=LYVm4^Avu^=m>OZJ-u*SG$lXBM>GAaXcaBFmP}=WaI#!KEy-5o#m1O`farY
zam>ML;Fv4>E-^fvc@U=ip%MmTFutJwHA;d#jTp^ps(NX6FnKaJ!Nf2s*8F7%fp8XC
z5yb;|-h-hbvkP#nuj4C^iJTw%7xfhh>%0NFs7c62b%~rU)6ls{pwR67_km-I9v*7C
zI)@wUE)V#!WkigFNFkQWA}RZilE6AveG!Qo4|6p!z;4E7l}wLzmsPm_f|J{9V=tuC
znrTAo73Palx#;0h>VlZMGvEO2d6-@z_X?$afCSDbx}h|k87L_&YhF&-zmtA)S~>o}
zjJnjNAX_!CFwd{9j4owJd^Y}BHc8jd%*lL0qIDm9+QJ^u`dGdFpeH)mrF@-;dJA=4
z5@XELiH5SvjLauKm_x$Vz~zR4@cy-wV(ErGvLxe&9ZBSN;=lwlyLT@<+4}l)dB08D
zdd!_wo$Th?Q<uz5bId6%8ZB4Jzd-@b=4^Z4rk*=7YM~iLNOY=yL=7-S>5;5V?Z5UH
zg4?KI2a*PAlw9;b6vCE8N+4gV<O|F31dlM3g0V|_qcKb6md=i@G+}<8Q4zsb`{oP#
z8=;U1zn*`p3ys)J_IN(HMGLSajE2UAtQl(CPzW3LO^I63QT`Nz>?;hV{F_f^2qQEC
zT!jGuI0Al47Qa2Z%Ecb1Pmgp8F$)yK%Q;44<&?VGB~NcGL76t~fA5}Z*Vf_dY^OFE
z^FhlB-(7Z5wc36Ge@rKMmHllk4mq`~=_)<jZX!jWZjw{MA<w%|O{zs=LV@K}JK0j%
z5h=Zp68uEx<Yw#kGVWo6ZfLGN$Fl}87M*?jn)8_z6Lhp^cT$7SEuJtJF>oRGxFSq_
ztHADz__?e{-=hRX;qr*x>$_@%V3s8`!&a4zI(vGPeuLi$?Af8j4L~Enn32g$KO5ph
z3tRp5V<&o*spvL#On=VGT??hekve)HFp2NJqggCux!}2@=eHm>{($jD&uF!vRHtCW
z!elFCOY$gx=N`&=;u&!(ga-oCDNHDZ54R=-kCmx>f&{2ML4C`3THZCPu3XX05EMGl
zUOr>+$vj14p>Y0bpH8+Z_;g+sz}6!#%H38h@vvaJJfW|#DC%B<`2^??_GDJK0p7IN
z>I`%^i$V|q4nFOG^;wn$2dq77V}+P|BKaR{H78cAWi&@3cwZa#27!AG-UT*J<pz6g
z&G2E^Yju(LRzAO2MvW+UGllzb*h>o!C1~?5I7UsRp~r=OMavR`I3ve`-Tc?c3(5^Z
z;pM9I`F`{WgWVuhg`k!RZMU<dm1`CHpY8e+mQRH>Yj=qDHcIa!C$zXxqG3w4qL;fO
zA$xQ}Q>hn&Vrl;XS_n$jor`^0ZtDw8ht_#$I1~FaG5H&<gPGaKMu9J<tXQRme!g$q
z-4#MqW9uHw+~NKe_f0!@|JguAx}U44&a6+2@DNA2nJf<!Hjl5e6gwnuy0M(}rED-3
ztL^Xi`u$v*d5%$!x5s7UTY=bq@gngA7s3Jp9;sgM!P<3oq(EM@zpeG&1^Y#+(#!Js
ze(1{OMo#k)=y)9uaAw&mR|2uk1qZPRcxlP)KHBSOH8!pWJ7c;EZk#sl@IH^Khxmze
z2#K3`bvRJ}s-IeY^uE*45>I4VdLyo*SjIKqpNReETM7Y`I%MaeElHa^?cU+nv#8{4
zk>PApL1V7u$g`+g=UG>8dy{xVir6i!^7%PGM=|0^6T(k?$+|{A%=TQqc6OB%-%F9#
z)N!c$0&gxbVUO^yK-nc(Kemru5WA$>yV&zP!Z96Kn_*8?<{&qVKn8}ta@nS01vXhZ
z(WtRvR2#<!+qqSIK2d_0o}b77b~Q~2U9vOUkCzM1>hw%4)lbE%7h;2OuCV4A(WfcW
zyOj5SogNdN$_RBiHn%q85u38JmEar4jf{8Y2xeR7D`KC@gSYiAA6FF}DdoUeUdP6a
z1GyR&>m{(hvNSVeus8_9RypkGuCYTPrC_L!V^H5)A4P;BkM6F3HlFe63mcpL^bgNR
zYfQS<?f^V_vc6m2p0=9T=n+v;ZThLDf}pP;0Nqz!5SJJDwEsMx+m`cibW$F>5j)-m
zjw*@HYXK}axIpBH41+Lp{fvloB;#n&YIW-#9`Z|-t<El;KGRKrFTc9;!Ajo3i^xvC
zCfz~5ehMvkCbsu303b}lEO3ofg?}N+Q6nq%5;S`g`~-KgrSR<^+;Y^&Tg9CMO78u=
ztdS9W6L(t6jC1$6Kdk^cBHUrI;9uzW=)a8k|LDihz-eR_9*17wSy&ASbA@Suq%ES-
z;q!h~D;z5mM%b%!L}V5rYLEi=WIuimgC6t=YF`W$&#PQ?4Xq~|9zxZPXa@NlwjB+e
zF4xNG`YR+rOJvu#KZP0eSm6NbLmH!zA<&hPsWS(Ajlt(EC7k)If2J!MrVLxnx{Emb
zq!3p9T~t1_`dLMST~%xxw%90j%DC<2K;-l;2n$UZpO*`gzB3*BjyY+|fw_*ggxq&d
z)YX<!9WU~g0+4|{KNKr-rhspDl;7teY$ODW0X;@(Uk3xC|KtbhesNFnP<Pe^nTfG0
zG7Hd<5>Mg%=E@%P$W|{1s^0$fHIqUz*`W4(?$^v+^*)G7Rnq>dDmqs0&Dc7ORHrxJ
z&pJx)P~D8U`Nd8iNYx<V=n;so3yKw={qW}r!OF$|$tS0gy&YExWsA_1BNV~}HaY6Y
zOqRbdy=lRih_F~5YmRsNI?7jGBB($6%=)&u8r5t`i$Z|+161|3ZH1$TidG}#${C0{
z!TW3Py&h{h=iJJFQ`2wApC@B2LYAP}8$EE6D2(?|9gfhwSN_9jH&X*|;Q4tZTjmSc
z0CD(6ga6*BK(PGvdOAq<b!SAicsNU(nHlCUkEfU10qdX6X`6GHKI+l!#5a_tvF?aN
z$U`$c378qb6C0CO2!H4ye2yo?n+EF}CCmA<>^NF;F|Jj=4VP+ES`CvZt5pZF+EvCZ
z0<T`Z#~mJ4p+cWm5L7&^u;tM-+a?Q2y{LLJJ7F9zK4yHY+@-8BH&(AR@Cba*xhVHZ
z!&O{u#<iHf57Kpe@K3rj9vP+5XgX(mklXig%*w811*qFK{~nge;x)1`bvG_>%io&S
z>$AKfQ<b_R*5C#fdwM4ppLROAJys*ib^o9ez#l_;WEWs%1qY!|a)|{ZsW)+>w{$(d
zt-&&^bW|d@=M=k5h`Y4d<&4|8xDNo~|MOl#UVvv0jhLqDCa`|}Mylt5*pyRJY{Wq>
z#>Et~%Z;15bQYBr&Tr5bt)4=DV<T$AYq|PRYf&Yu&ygWT`xe+EcpK6jv#yU8a-q|X
zoh|ZIpf7ARVH2&Yz4-mn<7i|`L>^nEMFLo4dZy=eJ<E@bH4}Cl%ymf|Gb;0O$DCY@
zxwAuzKU6IcN}~R$EC|iF%CyZ7)4fUHJCOn%(iSLI^n~F%z~}UC3N2?7t!SDb+z`3s
z(#deAVIN7XwcjPrvq^~Mqa*zH>SgX+rGgb&MGtL{=cfPRk>sm|J_0W|m>n;`7yPhX
zeF+bXEi~>={JdC@bA7HkGRpZ@S+G<3^^L%q$qOeM{+r4kapC+uQ^CgGs^wmk4Sn3f
zEIBm`JmyACBNT&L5mSQu+993&FMo@*gpAz?x;PZ<ejw|8zlfB7{087NOk%#P_^r^u
zH?aN`$;p@z3SZzs+vM}kobP&J3zx10Q>Wpa?iNQdpARlIO;m+6g#x5S>W`FZb~>ly
zc(b7Mksps<?MWJTqJOC>5!98pxx*eGJ|;33aa$~Q<JX_+r7{}o3wBy83YBgBC7BNc
zSDsI<ETa~^BR_t<U$t%=wXz*Uo1pA8){@<2_EG8hwf@FUDPI{kE_D1i?U?2ZVh@M`
z>I1|SB1r=PoJp((%-yRTZOn`vReW0zbGjnVdFyhpTFd`(^k-!Gxlh}ZtsUd|&vOn{
zX8`WLZ}CFQzp}zDshP58XHv<WbGhxFAMv=SCy5bgub^~FPFY*BCP6)~#pw3!O?|R@
z2c(+Xj30JD+jrOPH+7QQ@0rx@cQ1SY15+1!CtXV)H}fq*I^DQ~u&Eg5@6-EowVcc4
zH<h8TLJuTo+<VF29Qt(BXFeiwj~`f|?w1j$q%{2+DU!+q-YUDC|6yS&9a{Y4l%Gj`
ztYi4s(M{>;uz5j91Wz**5$v{jpoe$g)PDe$u}3gK|LC4hqn)>Wu=UXL=@$cKu`x&I
z=0ZJ%MesIVhSH;bDhtjgg1MEazv`xNyJ&-ce_!)EWPL=gWRDm=?;16%YJb(7=-$6;
zJj2ooT>B_Jb=CAUJibk~+^u+Lswjc-Y5&z@#jV{$>X$D#$|=cRT`QrY5Mz|N7=P>K
z(2cM;yt|C4LB6$^<il2~rN{eru?Oe<ma?<<d)~m>3BER<v>>%KZZ7HKcrzm-i=r{1
zhuRF(dvdres_2bZ#@9|9rS1&ER4(+7&}3k#6$EIhgJ?N?-qpg+47$s3Mw$&<wH$4d
zjgIJh$26?`&q8YaA*jFBz;y8Gd&Y~qB75^wf=O3lmu2;duWn8!kL1&!rGyd$$ll-U
zFn&K)_N5`pmpU#gH4)4~BjWr-tEeMGny&mkJkpLybU^g#aqd|6vGP*f-IHC{6Hk6t
z6Sf$o?3cIN_Ns0IT7cbsm5(fQy((i}8Upt2`VkZ-!M0PPem0#dI#gI-tkWeK6XwcT
zEvg@Jj3<+pUh41od~*w$dDnmcA@U?mPScFlU)#Qbc%wBzw<~N?Jkvrsqp*YX_x8%%
z$8Of66szeIk{`9ek5MJ*Kq-Es^qdGEfBfA$9`<2pt6EqYF&#XyF9ENWGpu+2eLA(V
zKAf)d<ued_Hd|Jl_j9E8b7af~r{=GYxBiJG#?F6&(=Nqh-cnv88HFTs(zVGi|2oOU
z!2f2zF`M`iiwQy7w4<hRyn9ia0W6O5Y?6#9rP+n2yi9+u=Hkw`EZNNAT9;K<9wI_D
zJGdtvtYpMqx{k{gX<7fhtLyr%*~>XSbKHbJ(+zECIjaWWy-bu7>nh2f%Im0XfXv!l
zf0Z6dMu~GTgy7lB-7#%Pv#BO`+<0drGFHRa8@b|7==6ExzZ+SV9EFM15?t$GC5}Y^
z%}{ewk6)xP(px|1j}A%#$<(i%SsPAU4v$#>Mqsmj7MjkgEVr?Qw@^F=9sFBKot3>0
zUe$ND=zfNb9j>K}Y>1`fhQ#T0JMmhtOL8S(MITNknF&K_Sts5!H(QkDyP2ZJ_2CcF
zUG5n>{IvMEyAN7@tr>GIPt*@?&+Q8KdOjg@h>5J(TBMqp$&9%k4i+B&XEK+}b%DPX
z_i~e+XvUg-5w1}>;dZwK!-7@y$^XWNwN$F(mH+I%QO;krrst8*&5M*1*(+Qvry3|c
z`*=MP#bO_GUAA-Ry;u1y@AI>}+Lpe@5)g2)n7(d)H&0xY^ZY*UrWS&y9dg%5WyzQu
z5NBLmqkwvuZq1W@b&f8)`Zo4SG;j42gz>bLxZ<Te>z|mkmQ1zi`nf~rN`F9i9{;};
z(1IsmtG!0|bg-s9H&7R#rwBUUbL+i+X)PoJ_MUtJ_LCQMg@)o%2i5a#kFR7R&a287
zuo!pVC}$6vOY_MroWT6(H8L#2jz+gYX2hQ-&RIcDnVN&zd{xJ#79`*F=wqvpWa}Er
zN8Vj#zSA_03-uzc!2Hg0$0q1Nmyrj+(`?mX0=IaCwR?8=_fd@_@Kv({{M1qq)~^99
z@up+!G+C|Arf0zgsQE*db`!1+wYI&WVy@HPuMHn+xCyNzqxZ<6T5mh?7Nql=yRis9
zUzRIret`HQNY<(6ti97>_2hVd7@o4=*Mq3}WYk(Xxis_Pk#o?qD)=I*#!oR9a(BFK
zt%9E?JjJtb>hX$CfufVZ{yA9=#uXM~k6gYuZJ@d=Q0fp-PL#`jCv(gq3njr5<gGOb
zY_V4)tZ{sFQhuYqeyUqXpYLOBYTfu3HA^F9@w8Rj_SYik_3xYljxJVQxh&QN=ls9<
z{!T`K%d>=)-U)*CY?UIDqY-@TAIF4K#F3crb(WlO!Z#LgMt2omJGIhS7UkOJH`_jn
zMC~7lr-kgHwM_74nQ2*z@VTk0LSGzyU!+)d>HUVhj*<;|C}W#kA~;GP_7UmY#b{b;
zpR8oumwQI+F~-Lwv73^zoe{LArVmu6DDV23R-)2`5q$cDByKAYD3cV|UosoIU9PWe
zzm53(wwYMNsNs(00xbo6v7W-5Hcoi2=_1D4iPOsGlti&PBI%34bC=jD@N2qnka2fs
zH6y%RNMPQ@bci0%NB^oEQ5CnE8Op39+L0w9diJ8QM4XjU;LZznazb^<nz%ifNyD)4
zc;>a7=iP1N{{nxl7F=kA`K_vS|8gcHX(Qx8GrlHM+xkACOIAgY$`h`GK<WO1M(Cyg
z*9U$j=C!ng&{V+)9*jh}=;%DLH>&&DfZ72N%osCfwlyg0I(}HQbJ-JkoYTC*Ix*B9
zhEBYHbab-!UX$2jsGz=6c}4UGom@Wl;jhxQipTY<+a7(*>9#Ts+d_lRXobefboVCr
zaJb6WN_|hE;6&%HOlzHM_`%~vX(E`O*FP<z=f`qNP#g510i7M^Z;Ezgf%aV=v|c+7
z3BOUk3Tl!B+Be#VqkydV#piYTmKJ8U3Zvi8VRC_QElP>?B>a&K1AfB|Cu)RY!N2_b
zpN35=7$jigr7Xq}_Q_2T)}}s)%_RHd*v1V~$}-kO)n%^~NoIAO22xbeam7jUr^^=V
zbJrf*xnC#h<-Y#0v0DnQ>lb~WL&9I4bu&V91+paUgHNLG>fI9=vL7AdKkW1t9ijb}
z-qrcT<VgGFX(~>FikL3gU(_sAK85iC>#O49uxc~32WuK-4^B@f-nHN~Z=Ur;33*F!
z+Yc9Ym^G|ZD7}N!Yi)k_XIUu|B!%UP9=V=+og44tHTm3EJ|g=e3Ztug@=EC;q{DZ#
zIsLKg@UIoO<D%2ti&3)-ukIkkkn_|t+p`#*S?S|ZPC}acsJSCf_9mAIZ=CKQ%h5J>
zAvSe(l}~c}B#xqqC(_r--|>I3+zLJ&QGC~2czf&oe)(0C$bk3aXu3sDHz`gCmzak+
z*Fq>WqBfK-2?>F-GsHR*S{-teJ_p{DS53yvpw*XARP;A@8fLIF8WFM0W#+@)Ttnp{
zlUZ(W<F|N6KTlfpbp>u4_-#J^MeJSU7YSue-+JS8aX3lh`Xh3lXVi&vY+i}0;o(}H
z08hAsVgV%UVwyxj6<8qe^jNZQvZbl^-D%GU)+g;vT1E}wNG0L%wH18@A|<`u-RBi7
zPNHFIZD$2-cEH_WatYsm{m63eH(NO!y)N2<B7(N6u&$Dtp+X`SuBaB(Bv)3e!j5)x
zd<o)K26!?fhpTbEJWA7fuUN&9>(ms)@P_W&5ogl?^xWqh^MhpkhBy(6doV}@3_Xrm
zbIFreNtW~#RO<C`%XnAm@}2uY(n9cDE8Ar5LVSOGh_*e*y)L=LT+EU7_-R~9VHM4$
zKY|s<_J&6J`MkrISe^lO?&UWRxE)Vsj2RPrDAnW}fQ&JQUq&}m{_<@MPIu^%>l7!L
zs?SDHu9>7!>zR_2g<(!6Y;t9$Ouc`X<fM!07!zu!Q;m8lO^EJ;rxUHtprr_PDBwV0
z_1xx~x|OUNhMy2-!d|0NyxGyWQOu3HqLf-aM`MeAm&w8)h>z?Y0IZj|WOWs6vEX%O
zBn|kC!_&`N8+cmICy#hC!fyh!zsKJ6bj$jBO$D2k|7LHj{!0SJ3oTc2#Wh0%$59t7
zp7S9{^lSu97q<=9hHiLvb@+_~ontN|5GSUFY;=G#Q&Cv#j1k|){N{EQJP(<uwS#^0
z+;PMGL64b-ZZ0}xf9Z94JkJQ~fg;xgs8~3_YizV}-ib2Z9dEYAKFZOkz)4geW^rUa
zK?4w_@S3Q?nT%M|`SS8o#Nn93tHQGNMG@9P*k4Lb-!5GM+>mf3GGW1(vib!hzn0&b
z1IvgFJBjQ&YZO{cmM3wxC@{v2miu=!Fh|Mi_DlwCo}_UjS6~NGTBrCvA-Yfp+s9Wt
z)EuK()>f0jyh`-W8Z@&DYe`WOA}I>$vv9J0%yXDf!P$vYPhEDNKYFEr-ZCVeTkSa6
z_24<xfQ0%$*}-yQ(VJSa!VE;NwvG+=zs#jj*)K6~o83%utB9$nwQq6cb1A-=JKPNY
z`j>_x-NKgdZJcy%nGW{5)#Kxx=W$Q4n8|vjg}P#9r_!Eq(@%gzhnxiQ$ESWU#G>rT
zv=s1;{`pMWZ8G{7*TGDhMmJ7?^mv~fIl{b_p{p04ESVsGcqnpU?sVHGlg2^CqgD6?
zqukRnv-)j?Al9!vqcn-pKkLl|1K84+#bz}Yy6;xmSQi9cv&$0^gKk;^=lb_27l_Y}
zQVKblr}W0St?JBD(B~{tmk+!7&$*~NaF<H^8k4>v43oSRkhQ37>Fth=tlcT;H|M;c
z?zqSF%bIJo`rdcfo#{~o(md!!Wo+9p*`Mq>9rl$>D8)uG7nq)t#hsolrWV!TDYLad
zJ$pJNBa+#puE9duHO3&qn!a4$PXMrIAXdH()FS1S=(gY>coo*Q`SEEk5M<@Ae7bFV
z?TjK_PhW>h-kCoL)&Wnrq<?tOIy82FqHW4WEw`-GNM_t(`cizKRwv8rUNfxxd3inS
zoIuE+ASMAQHWfYp+aqo5BH6PH8*A*>JU`dHy|kmFF>z*v^QDrnPK+d|s(r~N6ZO&d
zQ>Zw?Ek$6LPDy$Q#pP(pMC2hKGf<z;OJieN=9x(B#%>mq{4*2Fhc&4UKP_$mn9i=D
zObtzBK&Qd^8_&<{n4;AXtLbQqng95{*LeR!IyH=V1xP0^VdH1dJgq~?KKjNIQy5D>
zOu5sR@F3$#rh@L+9<AQ??8h5=?(XFikHl;-#u1&9dOdRvDKFmNL+&q(UC?GNQtw&&
zvg19W>(Tc##`oIM^k`dP&ZOwUdr<=}y&6{$Fe_a~mZ@M|X&r{^<1>bPqRt^3Rz&&H
z)SpD2w<bsoRm>c7D>aru`F=M#vJ3%ZBDGCz=LtIeTnqt@1YT*^995d7?jj50J({Z_
zFK{kawfn_@79CKES{%To5w3ALPWVe?{laOe<5bCcfSO9~-Xp=6OTC^&gY7H@L&6ZC
zq2J`S3ED=51M-Ft((KZqaZ(nX3zhp!cW5e)J!wP=(fJrx9ZOo|(nW=S^<8Q|Q*smu
z+Eqa^XwL-Y8!o@EpE+N?&lDINw0|h*t$C@2-YOp!UTr(EsIw(eda5h<1L&$2vu`c#
zE&7cWD~(j>y5*Vdm0+2cL;-lhz^HJ&f}nDHL+Pi~Iu~cvbmg?o;{G@RoEEOZO!>cn
z*_Z#RVAd**L9J8XF3d|xbm8LFd{VP98?=@Icq&fY`meNx=+Q3aSl1Y2N7?g;lb>#M
zW+xe*xX(dkO!Hv1^i$B;gyNR$!duaxdNQy;d+th>uNH-_ln|caO)=M;IFN?mc=7e3
z+Y$G*OibOfKE1giPRx~Gr#tgSsdiApoZ?hC!X>loar3iZiP_QHGy2j|G`cj^fZH~1
zqq8~&t+m8ksq_O~VQ1&=MW#<Gql@+Gp(>)Cb!G3!Ng6hdKuzwU@rpUpyVe(5agWA7
zyvsIDD?T@cng<`{%O`f|r)8F?;anTTs@HWH<1eN~WWb)IroGrtPq6p?Gp6~X1yQm0
z0it1a`aL}?L(NBL@UH;CKCYgySb<9b=mXajUakND*EFrgg5lAh6#)EOU67aj_tHc!
zLd$tAacb|3rrHNB79EB?`Wb}*CaPmQkiuO;?57obabdF#`Y@)rwIgd>bcA<ZTEOTE
zpx$f2&;jxAtWVfn`Y%E?-(=VuMg@13eHQ}Hvx-8RgDhj~Fg9zi`U|1!*FaP$wAk$C
z<A13dakS(ulDb+C*T*3^XLm!%Uq&*su(0oy3F?uTBjq(lgI4IDrz~4v_UF%5t?t)}
zvWz?@J~m=j=HUerg7u3$^gB1^ZVc&%MhmGCUXKUylr`c|2An-;u8l3^Nb&wo6mWP-
zNiO6_h1bM)3^PY_EL4hKI_q_u)?|qPWoZ1U8ms?58QQl?WdCwbo;1=h;<&>#S`5&5
z^RK_bW2r+vN64!h0#5MBB}MXJlrGEAgNxRG!!<<K|7=_<wB-Yz)f~+(r_htUtB$Jv
zW&#xX)rPFwAO=J+5dX>MUxV7o{{pp|x12+y^uEhl|5MmmlUEAVz}DiB@*64Ie(w(Y
zjUV8EAJ;R{b5yucj9_35ym+Q<h)-Y)1L^Vef*f8mtd)A?4Mj|Z9yUiYX7GsdJ=!h0
zpJ+w(2CLEYVDtW|v3&3czpSZiK2TsxqLLC#X?l3k(Dy4ncC*NPj;(^?hcNZFh0uQ>
zRl=I8oUpQsOaQZu$1*0`uUb^imd=wQojv*5ugE1teNg3s$WH2mC|}2r+@`B*KYA0S
z-c49W`_NcEV`Iwhf|6;zj!&7QjW|?$dFqNh6m5<H9K1v(T?dl5*#86{bCRQ6mf(y8
zk<WZ<Y<x)GI*-x4iwi0Kq=2DsrRN-QnONJ2tJeHHHPk(tct<l~O^fA6V;0asQ4X;k
z^mmV_B`c`J?~N0NM1~I89~DUs(<st!M7rLMk<c-WI;fuY4e_}nT8CZFpHPe|>@wI-
zFegJ2Rpukwne9=c;xL6GmF#Il{qG3K^ni_KM6^D?+oS4f6XQ2`X1W-GtkV$JZCnL6
z#UjLyk8TyWjOhOhvT4`Qm6yQ$!8l~&Da9p^eTTYLXn7>=OnUsl))Z1P0=WmipO`|;
zNXujqpI?sJ<=iM6N{AvHYq%Qb%(`~`PegP?N3E8RSIQVRrD&RLa#lVSG(k+=8GBt^
ztRF9=s0+!SR52uFU8pB6zYa_&`{LsiwiB13%^&OoYj&qxgLoG8b=4(3Nvoco!Nq^e
zzT~-qhZ;dMIBv)0fA+5*jnwDsnTknNUJS8QiCAm7Sn<6#5AZos548r#>$yhLt>>8W
zn4qBpDmZIBKsx@5sht=ML+6n8WlWcG3%>UUyN-E%*7w&g3EpYr-4ZC8q{r~6d;j8#
z8_HmRXGV0m#s6wyEP#Au@XKHeF=T7i2ps8#z-!VI^Laowy=GpYf^P8|{-$7EGVcDJ
zw4@?>DnLYeWp<M@5EguF_A2XwcVfgONHd7-?N8mgHy)aaulFP`%w>)apZPV@uu$T$
znIaNOEaIb_>}_M-wX<JL7{MUV%;L6G8dCf&Om9<c&kGY|vvgOp$L!WJa^)H1BJn;;
zM{oQ|JzXcT$N55<3%>GAR+PfVv=+yZJ+*RB*d5f&&}tK6mY{eh4Rz~t)EbVPA$u$K
zg)tn@09UqqUIeN=HyZDW;ru)72fo=8z}1I~z5`#o_l$T4%-xwYI6B~){x`k->;KDo
z`hS%7{|guV?^g0rf>-FvAu(KQS`W(sVmDn3j<sh>4`!EQ)Q<dh&S(WB6T7SjjVYeq
zcrsrD0MG?Ay8SEWJcm;IrW2meqhBIHzapE9j)chI?s19<nF{-JRw66jBL7SP*K8ch
zi5F!Pk8IA|wQep-KZRXgheAyYJ;1)ij;6TKtMuAT;^gusvHDpfpKMWAY2VHh?^`98
zy%Y1MbS**iHFN_t4O9TJuN3*Ky`7`{C~`7zqzZxCcA?w-$9u^J$w>JUJ$>qOC;o4<
z@OAEsp|uJ%vuRlo8WUT`^fg|XHKNOHF`Q<dLCKl-QxY`orTsfM-$?FDyMRpJf|gAy
z8a30>d>taR-9|=ljM9M1af8|234xs6$~bSq&dEj5Axm_}cod?AQm9}0Z(j4&iz4ce
zJM2SGOOodOCX&$1QO%Cc*8NbFPi=-;!;CCbH~jUkefYqFo2eka$0q+oXzIHykmmqk
zks)TI>N=M2X3X6WHg;m7yr7+ia6ynn<xIPT;HfZQ*R*zxYT3D`NZ5I$WiArGjNy?8
zM_K2W3g(_h@7Qe{#tPq1BQ56}4`XW|Jqk9jpNaFe7E}aLGTPU~x=3N{1NWXYjh?Ga
z%nfAYk(%c55c@pQiaIX!4K2LGF2a7(<wwvI+L2fzH^Tkry$0tr(BYFv>wQ5TT)wpP
zrl9k-1^0)tB4R)@xfjE=4<0I69Y-l*xVGA9^CS0@zHv7s@)<hKwu)=Xtb#m5ISao*
z5ocr2+eu`X9F*%fbIy-tzzS~8J7w!LQ#(4M^CLcUN`s_lFt4=O@U(K_rhVRB@R<0J
zn=jNN!Kn;1>xLo<k|p!GW@H%_#t&J-mzo*Ed{P-(m@7MnkVdZ!w;!IRjdBWquTZ)J
zC}|;3cSf8KXsItpZ=3EHw3n<0OvNx(-+{kd1v!Y~+oX7x+#HW?bD()0O(I?^oUZ<I
zJ<w;oX?oPRF*Dt-5+i*Jv*k@o(xHe{*Z`MyPPouSuh$Vh?hbyc4^?I+EBBl^PIxc|
z?byB90QD<aTJ_bcIr4-E8%hpQ)MI~{nVJtp3l8_xX>A;8-1rQWq+PjQ$9?d)(Hmc+
z3s!`3e9ea*$}E%Hzi4`JzL2WiT291(=nyp<_2RjP7%Nd5f9fnJmgH&kA>?7?JPSlp
zViCUXB**34i)`fXVx$vc!||`6F1bHB!1apv{GC3j&wWL?b+7efNVj(~;J6Soxc<V>
zg0P0VTxOeJ=o81umUWbcui=IWCt$JA^NZXdd?X9C-q7Bha6dV6Iu~_6eX4KLKs2JT
zc9JRhYJZTavuAVIZ~c?CwAe`G%NCgo{(jdA->X~pxF#-B>jsgYE}_UCvdW>f`R7Ov
z-UcWhu6GMMCD_GJNi#k4OSp>R-fPvDMBH<%bYfpplYHe;PP6*rBWVR9S;m)#Gl_LF
zjk>By)6MDTUy&#)wr%ayoxkqgQ!8D6IJY)hY8^88N@+V!FaG_mY&~ExECwZg&HHdP
z{3S<uZ(ZU$FW8&@;16BR?Y3wA?Al(aarxzYIZR&i-tIWch|iByoR}h_65$Ql9v)kM
zY%MZq#}JC>2*^pE3V2PI9;v7N^S%JsWi!3RVz9&|I@gIj@<<p7EJKKzJ`X449c6{*
z@~K7Os?Z|!ey1c$zQ7b-`;73zoTQhO9Wwz%Hj^vo-WG`}<btc5G^15BL#)IAUqNK!
zHN5Q?<C>%lBUB4!Uq;^B_Ut4EEV|&bai7x_FKM?;y>Jd50K1K=H??@-eDGow?kijk
z>woK^YE)&M@Y~m3GHQUQmZ#9wMh^XgXIG%Bf|(92F?8Uev9kokQ@)Oh7bp3MqxMEv
zC#sJ4B%*!asMSPf?Dust2^ZQ)ZaCHyyF1f~MM<-OD}?2-34@sq+rTuCnrI4^Y5&Q3
z@_B!0O<fa_SpZY|g`=1&*tIx4VU1#zNep>%UWd3UvW$rYiQSm})@ZDEUEcO%q7b`3
z+xY;w+28`tfVzYMmj_kkGAMWU7aY>b&hFPt{4B1i1)1j`wrF@G1JLc4SxCu+@97PL
zL!snbSHlE%m6yJP)4Zu}coZ-}GS;()M8cNGk|p2C1V%pAG`~oHpzK;MTnLnUe1pqp
zE3fvEB6>GCl)C0n3C;O(L?tlvQ+&=`uk>%*X<2brw+|0%BJUmzA(Q1KZK7CAF7G1X
zp1YR)?M%Uidk*lzrlBAH13SPE7XIEJX(X=XHg%|<206c3|7aShSjz)@uFNtbLq4L?
zF&*+#q4u`SkrjlLyDWT5EUoWWr;bxn$ZZVimM{tOG53wkM+S+e=rAuzZy^@a(*(bt
zXF>AD0{JGeW+KYpL>2`}Bx)Pu`Yw=^jZI}_V>YoEX&uis>@jIM|Ag$)7SPael5Ovb
z5kZ<Dk134t>F93;!bK(Ki~{_<t^dhWru!Jh{g6f^6j`*lo+V&*+G#F}Rvfgpr>)_K
z!My}e4Qm2jXwv4+{ez{Q9-x^&#>cajP}vtpX{aR9^D8I3=8h3rrqB1Ft;xa_lYVzu
zoN~F}8lHbqK!hri45YCpwYxDrRY^_k6T7}(YJHdQOu-#WzdanCs*s{wc0Y!cQX9nQ
zuFyHee6pVw>=hik_YXTh&iRjAIAHXk1k2p|3imV?()?ZEA{zx28_6ARW#p}vymX0r
zN?8?alvdE+LFs|B0@u}NEf5ov0zS8`#$%;s2BLJ6D-Fv?8XCjHcBzLD)*+wW2(}nC
z!I`}H(Ti*biaFOSh4ti`1%=8wEc$X+nQg88BVO9zLKlq%;%uJ&^rYf^D~8z1e=}fE
zN1qgajL4<px|HzHyQy#~ta_#6KT3jH+UMSs5Z$SSp-qmtS{PTA>{qzA+n-s9&ZFJ$
z%(o5Y1UEO;6-8dLFo3&))eLVE!m``Kp+PDMU8W|vbGIH|=}19yJCfYq#=5<koEaS8
z|0Te;;Bs*=T5Hb8_r~=1u&!Isr&Isc&AXDQC>Q-SF!ha3kT-t>k=y3@Q^7J_5P)%5
z8g&q=XhPO}Hx)vD8t1ru5C4^3l$ZOMXu0SP1z)ellQ)4z5e$#Ao)UdZ_uE!?%3zRs
z;o7_G?jts#%wu}W`}<=N_rcwb0X-@q!@2tg@l>cm8?e)ggT=;O?t2klqS9MZdDyQs
zAL{wOSr9mGREqT75-ePI)VnH9*U98QXH~P2Y{W#1-KCBr4qjod=n5zMY8e*n%s@}y
zJH4^B-r%T5=SStNcU|&^edysKp?s6Ac^mcema<Ifg)+rT`l_d%6a7dJvT<U5@<$fN
zncqn=k{{;qA)T?kU}fl}XsbQ+mBz+Isx_`#(q>9yyf(~Ost>8t6?Mb;JACh%hJOCj
zJ}bB6&Bd0T=r1wy<TapE4Ajaz9Z$(zP&05Y6}|XCtmT16(YW4`?wzv=fmF5oit?8I
zM~C>&zp+URXmTFb+9-(z_{gdnzLTbEZcEo-Dx2%pK6Kh(Wq2nr*)|_sMx1BiXW3Z4
zZE`2b@UYwD2dC)J)?u*d)f-cUJubgw_#?J3YAOBPhv=&h7h^B~$jbS_{1yDoXcH|l
z7S}Ajc)!L?A3AT4W<N=-7vFCbnYJLSgb=D$DH~K6D1t*FLzUgfLQ)l0Vy3(PPPxYG
z>1!rCRTk4HcqYt@*=bJ*ncB!jzDuQkyM!AkE}!~0ID7Q%m{}_S4BU<ci_YG+-9tZb
zLp+Wp$~0p59S40&$1|H2enG96>-JCXn97R1NPlj}{qfwCwCUI*Q+NKv-*5(^nJl;A
z2xEw6v%8^23FP?p%c454I0l_&9F$<o0Nmv~b=RJ?aOTv3>gWe4w{}9cGvcHKMdO3r
zgYb@*a_LbH*MR8Bs6|Whtw|`6X`NT_Ben6f$&IWt@?JP$C{(*E-pOcfRbUX%TkMr3
z=mebyiY`gJOS|-5)!Z<)kMlWc0uiSml4zZHy-FnQS6?wm*9w+GO`XPQ*Fe$A_$tYr
z*2Qw`jv+Qz#HA+VcfrQHAtzRwxNYb|^Q#o)<xzCJ6ngr`15QM5*cI(Q%L7YRG=B7^
z$%$1tHZEd>OYVqs-nqF%88ZE_wO6_(d{K!3+e1~Zdg~vbV8V}`zgG!Hz0(x73?lH=
zFqwO8A&Re}gmgL-_v3pdvvvfnLpCmP_GMjdw#3<Y{t_}9cYqQR4rk8-8f+mV0s;~@
zdK^B_F#fcOW0TJRM|Am%s3Dfg2;y-dm<;eG(<)v)-fBGdLAee04zMz^5KJs?2_1v6
zVhTwOCBt37AeTxE?3mo^0{G8?vpy`=#(@bsurZQYDM5*sxOmguGNy5L7t83?g;+3p
z0Xy=;e7?N3*by!LC%qT4|ECZ7^S`$rfnj;87Y?d-yWq2&G-#NB>1oi*PhtliZ6z4x
z6GI5otd?@qkP#hZ521LR+e|m;><9dXxNO^V`MklP{HHE5D7Uu<dYaG#_(jo%LupbV
z$GldLK@-u{*;Tr`(VSa4Xw0pS&wdq~g?G`Tzk)t+8(KL(sdEAv9U*V(f5o*b?|}>}
zNQBS#mx22j*o*+QEdU8eh++%8=BW9Q8(;j=SZ0U#N;nef7L5(FV%2Ocb_bvb-L#uK
z_AAAFO}Jh|dc#MTft43>@rf4Q{25P`Pkb*8c164?W2P>@4|cCT1tA=KW*Z}!s@T80
z#*;eg{jgvr+i8`T+4+i@du#6(eUM2w31R6k!niGcx^&&|93?$&$@H^SdFSnJIupf2
zHcSHCn;#>~AxxExNi?OfA>-N4I4ai*n#t0QJ8@c%?}l$XAYkSU)=JXMec|oww3!~1
zvy>*kAGbehOWyFF{zQXgZ?zb+mRM)9iM-%2&+xZxK7sSk-V1I+4U96}YvPnDiCV*1
z&&0EB#_pW0cYnKXx59PI)CIv*(#3b39PqGD3e0?30|ua*-F+<tp+6%D+-AedQQJ1z
zG!5FX1V5sjO*Uk`tU`Rx$<(6Ka4~U0BtbS&4U&UtpyNEPJ)AbL|8;#_(g1uddJ6~V
zJ)r){2&E9D2f`%E1bFfx5&4QdeLkh+gPE@O3`<v=%9yWt>L3Z%Y!tcr$H#NB667N#
zAtK~IYNbuR#u@FHREikwWtNRj^t3Z!L3jug?tJx(bzWRBJvNu7&NHAu+?RWN0i`{Z
z!i3gF4A%^2v`s;~52JtAcCvq&$)_&P`)T^@xu9Z>+mtN1I}PGfl!vlp$nwKmXPEA|
zv1{2ch3dwh4ednmy)&z_5d35$M%={~m>gN*konJevif+;T;HnR1+L8^8A#tVI=K<^
zY0$N0pvSXO^JfsDfo4t^W!kps5i<?<?~vNExEeOf-3xSukT(a@hr>YDfq~|&CnR|#
zD-|uIG$j7VH-`pZFd&D>qL$yAVyrr+M<Q>Y%$Z&VuvcD00GdsbCY&V4Okebmged(?
zpZh4K%ft45<cz>3Pyfg3If|}S!TF!Ah$R)7&vacl0#^gw1WK7z<qH0yPsjB*k+zHP
zbU8e5cwO#1DfGK5|CVhln03g0e?vsd+(DACQ*b5HalSE&6CB=m1M%E{tg@Ye(}mhZ
zjfTT=c2G+9E>a5|u>KH{Ix7$J(;cvj=bOA=*|o?$;~IH)y(&d%Yal!j5u3&3_N_KZ
z3L{#!<n);D>5203jO^ASJ9v)VYgdiRP<HljOUgyv2fXKk0X%1f?IJREgmaH5U;*Fx
z#&w=d#A`v`NhM<{xRviOZaj^Wz&UA`s{Pe%8~J;63m~jFsXQpmjTh+fdaHY>oe*Dz
zhA&Po!2-L3273Ny!2FV8;EvBd-GT^W7aEfdRGLul@_2mi){g&U^_Ra1dT-w6WHfT&
zy;ocKI-b3bt)TQR7wxXx(eUA)z~hmY2C0B<F}-vPOP1v3XBN|AqE9X__Q}nvA_0E|
zsCXRMCGkV8yVEonE>{)REA#y$8E_F?%r|;10Uu<HUILG1_0EB0bZpjj4#J&rBi+}_
zH*tgSvC8C5a^xhou?cK67p<xkX}^g}O{RCN#7jrsyDb?j?DL(rxxws|tFjQ`G)nm&
z;Ml%|m;1Q*ONEuc3@H14EW$)0N6=fJX3T8*WJhX{oFbF^M5L_QlOkZgLC!w2F@qRo
zeBvp~8VN0Zk-?vON1G<Hbj0olfyyjHxp3x*Kqz(WS?)z>+BW>f-Sx$wR}I;VxX8IO
z?zz3#=A27yq~h^S$k#C79m?jxiNLWH`pug#+ot45mr5nDNbg=nMTBY_Q2vG^a8=;C
z;R0&dgTM9#)*n<V9GAe$UO|wdRHez};+ePqe3yEF3!=Ic&6C+%diqwR(XW8MVuC(G
z3=WFeuc|lcST*uaY4GE*x?*ZOzhfRxFkUBbVbCLG(aDOvQ{s{DrBN%J1n0arM~gt+
z-f6lJxF5+o-ZzQh%55-|?t)5wrd<2#_I{X*ZsPosJyH2F>hqit8~YmN#Z!BkP0)9a
zczV3JM;9MCOz|fKLT0XW?Wf|RuGDFpZ~CM8YXX+{$!sr9MfLw7_Kj^l2ytt~lJ&bS
z)6dr`WSo|~|LhPceD69e$Ms<%e!%Wt1`bbX9Qb{^95yqf#Pz|_ev{jKqg$6OXV12?
zNTU4?*R+ay%jki(7It~#c6Y;OSP#kxM@^#`^sKHU4HuR_F9;=m{dd&Eb)M8dhtFd!
zjv8q6xP)-+m^G`pTFxG}S0L=k2AvLUem<oRc{#M>3~$BSOiMp?qJ?k3ZeoM0k*NKx
z#xrFf52aUL(@*9x=QdX>;jGFw4o->Z3GPR9UcRdIRRd)tQ;6RZnY<txv*H5u6{`f$
z*uPX&(r9|1qkj*Nz7PBPwQ`-IV%MzJsHZngt6P}c>1FT2uci7MfVX$Rvs;91TKM$~
z$22lgmw^QhFj#+QAY1N<_LU8z1?09!1h4rao$RzWrydVC?yVi=Lb!{TlY8P(n+(!8
ze$23Ub775n^0v;n%M*EIaVxuxXT`7HW5fZPZf#n-FPpe0CwVPBb~PWY=}N4(x?Xn<
z3mYoZ%gGc7ukFE2pykFwaqK8zJ{AOQVB8E`f&+$&D}AcnwF2Jo7MCkd&q+JyWmL=+
z3b20V$$p8~ptn#0;GNR!nM=2Lm$2tv{DD+Rd+1>kuU>$Reu&|&{OzYrQwlTTyyOip
zH!BlDI1mg?Dr61olx2R+pX?zueU+qI&Kt-YQ?L3p=JLyeJr{vmc8O|xJR7dB(8f`m
zX^_Rtbwv+jX+BNvmN|B<m)SMBjZS~#9q=to_)?xZfvqw<pP5r}Z>Gj~a6*_Tuj@=a
z=UCs<{?T9e`+*Pm=@FF^kBAYSrGq-BX<_`7&9Ok;+M7Csl5N2kMbXcbizUYHUvBLp
zw67{U8k0dSKLyE11PpSYgjh^uKZNPUt~&RWyWIqQzS(TRNMZN5UNYR^rvtM`{Hqyz
zbplqlZ>{&NW)|_PzD})-UrAF7eL67;e+AU4R?JCX*LgK%JrkM%3^5f6D(9_$?GH*=
zl9?L13+{2Pv1Z;$2ErdyPv_Y*gpXGBhJnE{Aoi7CGZW{hZu)z8aYF-FCZ`Hg6$@<T
zNcS6Vw?jo59VsvCX%MVhSC(@Cz|*A$w5yxFpNYH-bE=%C>8<DBS!C1K;WtOcdG^Wf
zVkJAOU@DnmAg8mVt=Bl3YhX09VXK-l-QY+2RKneaj^-T%XBEbhDX^b?hoW`%AskfP
zr{Rz>lYE~SZT4(Mox=$A+pXE_6``QJ!oh27JmZja!99_&11_ss7cW}aOi3mN6KjUJ
z0|4Op&VUY|&itAbAgcB+MF#6IXE_&?>k-l~ZAbDGkxwV+RI8>=4#<_<A>?6_hnie?
zK_fX~gUwQ0rQ|n?DW@DoEHJcMg0@ycrW1%wLH0-eUyoCG;0@uVxS1HwTyPLH6dw_m
z>zrLhX_LwQ(|3V)-u)6Z<3DRyqi6v~FJD_nve}N&qVU<&dc~YQ_S4gjM5^+E`-%dz
zX8xVqU%hSJ8A3Foq;IRC;C0C<X>8RG%P%-Zm5q0Tb)X4A@pf*uSl-qX{TzW(aN7FH
z276QCZ{Di+<}g#9=u%hkXp#3Y3+=Y;g}dGE*U6Iw>FkT!1`+7_;G9!!=;ejhY3)xp
z0sWfZAEfh4Q-3#5LG0+<4_lMzE8fNWQ^>1wSiG}w@Qx8vB|BXWIcHUbf&R0|B_3~)
zioq~!5kQVg-c{PLXKW=$40(JsU86i@G^FJ$QH#q<-d|}xn{MDRca7j`(7YoFudHVs
z-8<P>KCWh6`P6e9AizW2%5kE4v2)=L++plS!i1A@by`^M&EV{~W<J4l5#b;yHJpAR
z4wsN8jiTjtbl@y%RZf4SD^px&|7Qnc@DpE3+*|HAmsyH)qZ+4lR#stt-Dl;0$~TRq
z|F>^LUh(_QoqK4AruZD4Z!U239~-d^sa<(r5vK?vMC*FdohSd)z7%VUZCF_{!tAAB
zYi=VSJ~7xc)5cg@+c87~O}1Mw>w;%K&ZB-v9*T}8Wl*w%RSou{(8(R~Vayhp>{m8Z
zmW%0@d9y%<U&gUw;*>6tq#W4<nwRy&=3a0l<i5ttDSM9?WpLHH%+W43tH=4)8UiQ+
z<o1r+_C36dbuXx;qkN2W$5d-3{;%TRIxed3-TTJGKu{@BLP12jL0U=a?(XiAR-|Ld
zp$7y6qy?l)K)R)2=onxahOS}Y*@NHT`TfrKJm<d8^Lp<4od3{y&7QT_UVE)8KG*x|
zu~fO?q!rcqY=rl|=Tr2u^40c9q6zIh7-Sw!N_?LEGPq3Vv6kpB!_r7KpXPzq{xG^!
z<Tb9b4zy#&`)K(A-GR;k;^ViMIeP@gBg_*_O&X<&B>axF!rQW(eZlZs4vJ0M)HKXg
zQ=`@u_S7C-sk4ciC1mRFd*y`m#8+pYqpp)Oi_+d|<u-PnlnQ1CC!9e&M@$_lMuaYX
zN%7Usd+XdnKb-iwci3v$si{nP(?90bDD!E16H!Qs7Az|}LP>oa83i-wy16CGMavs*
zrb0K3aPt$szHZ>mK9Jh0pzm@1%B|hZZG`R-c!u~iz#>)A`+Wv)??>0$`T@6Dn^sL7
zh<Y_1nV0$aCu}$^sm`&>Y*tOH2YUIiY`@W?ITVomwKor~<(tF`xnpItRTr!rBuC6W
zJ$vF_FF>@_=J(k)uar4kz+wb?j?MPHiFLM~bFle#L09Th-!qyBRMN#MwG(?eb5o4c
z55J-_?Tf0cdtET?n4+UEt#qlKjmJ$&mu2Qju3av4D2{f&qP)#x&Gm@04t~zwxmV(c
z3`)yRCLZ^k>hyIA^-bGMYbA53jvlG(bMN0n2q)!<m0NvE;7QSD8e^_S#65lIO6fb?
zdZ^OBUZ?Kw+PgegD5O;Rty$8`a4;BNX|1*7Eyc!0tjct6i7WT^4v%-e6w~zREMKqv
z<nm&3B*p7d?3t#gbh0B2_lOU~@Ci*2{l8~EkO69&q}Wa$nalIXQ|d`f(ti6^&?ZsT
zMcHPeEBWcDT5y+!Ik)}q)WUM(3Z*JIpVFV3f~O7T7o9S6an$GP!Yq;4A`;NeRx^)#
zi|wvJZZy^7sS(5mvVTYnvKRKMxXZLyCRpqHN)N#nZrUVw`OCF*3!c#K^HwNc$xq0%
zHyv-nx=u{vvR3WX8GFalyE>y}JTb9qmnBi6n#7Cmw8PQHKH==wHuJAsTKSq|iqYzi
z4R5x*lqYlOmdC!>|Lkgs`Ev)M0~&^f$}sJzF}2=B+(*%a$G4@wwAHxJs!#FW|1@AA
zZSbHBN!dDiT24kisC<XHWMqEAZ;<`PILTf26hPib3Jq|TG!K&YoH@e@x`>6n^=InM
zS%G^v%z|xamjIQOIox>yUA40BT$)H>B+{L-p5I>!;~9O~XtRw)@v9n5jJNkDGS6i;
z3<ujj4ZIquEZ4>j2>@h4j^BsoMA?RD5*jtv3Nvp$;AH&s8Y-qv2oIB%irM<ss-aCG
z{i|`G6=+hCvO4ShC98ct;O&RE3)wXijP!_Gpk{WEV1aqXa{j=bC0?|}Nw+rTc=tGv
zgQ^JOouU>f&Bk^0aq_7i2qJRvk~_YY4{g|%n3&l4c+pQ!SvG)CQW?JtV2TNNa$_Hc
zyD)N61y1vkTHWnUpFCZv3H7V!nlZHK+5O<csYX0%y#F{xV_8;ZKIy5CN4S{BwEE|<
z!LB92T;_y0=3G{03BM7}9=2&>c!6JyNPx+H@q4w6uv6%k>u6<|_!Q@8&9J8#+$Pkg
z%DcmJ6FpuJ<&AoA3W{B&4H)?Wh|yP5h&V+27TF*%NnhO9ONW>OJglA$H?q2hwaNMr
z9w)2+$~#jJe$+M4&ZZ{VUOMv*>UCIYtxqAsKMrd<tcx@`$@O<8@_7)PBKvH?`9uwz
z#xHzE`K`ZMLMPGB(|lrAS(h&21zYuR;n|KKr!|KVrI`;6)JsqFvM1Q#4JU)@B9g|T
zP52!?GJXvd_C_$y$>4g2`ZhE;?cqRm7X21;m}xgp1E}EP)UAmzB!%p&x<p);+e{gC
zW#A*!#Q8IWLitLH?bn9s;HfbL_P~uqkrzcPY>+LF?yc5zn9Fvt7)4Y;NW>wn$=M>>
z7}>YUl1nPbSihZMI@?;)dgBar_9n(wfSxOZ#bUKnuapd2-c2fawF9B$a2E)CVJDt?
zj2RJyE2mZt&DVZb{4?jTZhEO0ScUS_aA4La#8lF|{jcQ#tAK$IyVRK0UydRdYhJd$
z)QdTFR$Qexbw}NKIk1gKcG!H~;PU<NB_Ra&rOD4&b4vuWY}L>4XV4qHhni)k+igzv
z7rYLWIj&O*5@JU+G#4L*Be$6VK;2LGPg2|Bi)_1oWoq!xdg7CmB8Aa*rG(ulg;l_@
z)84G+G_E<MtY4(^YhG0>W>Ai$@@s6xSv75CK4Zk(nf`(|!==EWMqbh7Iets8<$K9P
z_gVnS1r)6@p4x%ai0+~5({>vZS(-0)O%tp;31drF%&5y$xne~g2uP&`u6@5V9&e{A
zyos-B%m<^dWf;VP*_-WZT$t1I2#s5rg+#ro(tVCO?J?VW`MtNjHFnjV!V23aHi7Dl
zua3URI`30-z0D8UywoZ`w;iKY9qkVIoKFo-E9n+!Ptz4i-8Vi(dYJJF(^Dep1~9X{
zfZ9XQ)mjWDApB1Ap*webAQ8YFnabu^uH6d2i7yeb>-YPisHJ+@{vpo5N|HJ+-lme8
zI=)Rt*6A6oK!Tr6w-~R#o201z&ECVx3pi>1pKH$g*71gaRE&wgS486VEN~V@&lCB<
zkD4a%J<7BDyR@p+^LO#`s#<}7ZwOKotM(2^XwZ-A+?(I;bD^VQPs7+OKaW>uF2b?V
z<loe9lpmWnKc$H0Bax<7mzzO$pSBvsTPz!7syS7*eh-~33a}bdaE6sh*$u#>wc;4>
z3ME`Nf}z``l@QzBe+<c%o=5w^XgQVWtekJlGCfZ*d0j4P)U>d%>pKB1)tFxeoyD<*
z!^l%P>F;NqTZDtjQrlbp@q6o0m$a}yvj#TM>-=kE+Nw@UtX=7|Da^z=iKUOt)b#{j
z=fpmv>?M}ow|+rUJ#JMQc_#8NrlGE!A0tqZF5aB833DxopdY235#8?BFXUYo8o$&8
zLkr{ufU?bb5XQO#-hiLge+nxxGz(qu;l#N$-^I0E0q-Azz=sVK|EV#D`RacM7vpa_
zo*sHtC%?-Jstp1RBZFk|U5}OT0<Rz@<6BydbmCr@nfI-XWADRm#p~VLiG}*i+OsfU
zM$#-RZ)Z>*$)*o^od_bSPjI_Npnv6#`;iXFM+g&RPjU)$kWaz|BcyXa$+?Zrd#!&}
z`1oM#<n80B@7Sx)mo!mMU-zN+U5~x?J|ii>9s|?5;pVffSc7l5QvOo!v`1l~9tZGW
zbhuQ<+kMP%`D_V&y^3wWYx6|D58q?FiFAYiP<WQP1HJ!(9}c?q;Wly6%IL_Q8fAeE
z98PAR?Yjh}1Eh4qY%agPvyEH^e8`Gh)kILW-ie-)mS``w*tC~Wf!0L2Z$`Zf1+l3R
zWOE?Y1asF$<a(x_81Gv$&1uJI7{7g@9@I58v?;JzFZ=%6Bd+7tmWHEWbjfHzvjtPL
z{u-T<g|h+=lDd9F>QVK=2vVPFl~LB(`K=#YPp4{%+mh+bezmx2cDY)mXA5=jC-`QE
zRmOdK&~(&6W#sjxqF!=<b7})Yx*4)lr{P20(`(H1_0hdOmBH%yvAOKTN6C$Nn-My=
zd({_Jo&E5muUP4k&<~i{OdNgf;i4KS;}#}GY|Q=dQ^a-upHsxYJ{SrV3h#G8lHL-s
zjxK8Iknx$>sEpBcmDH-&r;DZ>)ffpdCZlmVk}@ic%$DR1hF0yj1}??bQvHO6jWg4E
zOQYACR<k>)Zt;m7N;=_J3rz01-VJrB;-~6QJ(F!`rIt`|SNi^lF;!rAD);4WKBm#T
z^Eb>uOlo1cla0_xkE{VYeIN-<1tg)Xa+Zbj+ltS7C7m4wvGo0+<^L}^;tKvU=dJaf
zFq&7f>n0v^*7i1`X}_n$bJE6{$!gbgm(AG*8_;f910uJphv7e&=z+BGS&rkO!_f!s
zNcE)5zW0W8d1v7Mp{_01?kB#&?Hw)NzIBfel=&*n2YmrcTR0wqM8@OSB;AG$?D<&P
zU;N&s%Il;$`!r*vsoWKy?gbdfhx-mtqoj>DC@wk!h@>gmRHIB&j=s=X^b~O{f20pN
z?V1cWG!5sc1f{ktCJ=TV3>}JA6tNy73!92dRwnP4{I4g69dmtuM(Yq;{ffgqJx3j<
z0vTauUk@lNn?xd)n~*>$Lr>^>=gaFGXABqPr4-@e&z{9>n%^~DIkkvt2}l(X97>7*
z9`c$SMzq1;fg2TkK+H<5KiDIfRX(juwh=vus9m=?n=>%E((V>d+5Kk$^7}vYUR3L0
zZss0X2S4VWvX$z4@|HIZV(7f^U3sU5;+p8co`#~5A5U7%3yHJ|?r(#SjmCCip5rb?
z?P;ntWhuc$r0b>Z-FAm?S%%e7o}!o6_?@rM`4r@yff;)8*CqP;NDH^$54xXJY`(0@
zPF7Ju7sGCA3VL#kgs7|g*c5fqlY7W;bijB7$cOcR#gCQuY*Wz{3XH{k-l?^~+{f>j
zw$Nvfvv^ysn|d4#&dmp#A9*a8<Qkh!HcsJ@f15JJ-l6TH!X!BwM5)y?z6$Lhlioab
zkc@ZC>KrTMw^01h>r&d;Ce%BO`=-s7EHTfWIPcj}2NCstA{ER%cH|6Xt5U?S%nmO#
zcQ>gEE_i}2n3DT-0Yel+mC8-Khl^`8vBK}J&Gw&>4$_CmPO5ILu;mLcSSpn`DPC9)
zm`3}Nv$Oe7EO2QGa&Zczx8O)KBr2OjmhV!MQAml_x7|3io(l`lPZ9iNAZl0v<X)mO
z!lk~kKX7hxB3O;d7H)}tIY|C37zxy~;vhCXp)NtjIe6SRQoV#6Pg<}t0-#ZtH)a{E
z(|Ad91Zqaz9lADi2fszoti4*{;(_MDP2SwTjQQqVzw~9CFVGZ;0({uUEIO6Cf-gmR
zt@*(n=TvAR674ml(|Hh5(d|s;L^=3NOq5T#K?{Dz`P(nYWvn@ON#DBp^a)Crk-69T
zshVU)mE+)V(DzOXp6bTp-}GM&(B1J6RGt%Tp7YavF~XO#_mH+8q_s9QGl71{JkI0T
zcrz}lje3F=u3R+MO-jDW*UeOkn<Pi;)|H}YssSVe^e`_HJi5a(Bj7YKea&u8x=riJ
z09Hl_)Dv@aUd?e{k1sqv2eaB&`8UmJOv0785~6B8cFIFxLQxIZm~J6SKH@DGfT3qv
zAA^Uv3pAzFj_TGc@dYjX_zTjSmP&Yfu=Q}~*s&-&4(V#Ew0Cj+$bBT~8}wehEJ<tH
z_K4X3lo)u7^Ar1pyb5N)Kc2s0FJk?(;{PM@5)%Ki1~~O^t2iNH+w&92&CE-|rboTX
zuX3H8nh(8?>wNCS{>~0;;|ppE9;}_0f{~5XPY8(xG#RPhXj(t>WgM&li5Yv%HPiFX
zl=?-r42sV!VeYP;t`>RX<h>&~5aiQFEOKt<w<a2gl3G^%UB6A{zCt|Pm*LzDwsz}0
zFuKG}cpo5#o2*{FSCpE+Uj)}qFxw;O$6KC*lPhu@SgjNC<{XMe{hoEC@`E5M>;*oe
zqKTz}I})L;-dTuCdw>dJz70{T-CF*loxwT0)AZPQ#NAN<Swq#lZszMSTW&bmfb$HG
zA!fySB08%6-k{RO5TUP_ORMQ>M+;-qx?&w4kXT-3Vs3bzq29fLZep?boAH2WYRuto
zbBro36L1b@xpXZ)sSwEGQ}eS>Lu-g<adI8<7D1k{c?I;FgC4<k_odFq9u{j?MkUY2
z4}Rm-)-Zi?tDXo`HrcY7pZI{KG@OO698)%#A^rQdT;_&dR#;qG<da;WMuPpZ(sJ;e
zJ$pfgdgmj<+jr1;jt|A=V?NQSnHiM`Q+F%(cML<OP0SO-YkB(?vEdEM_*OKZDS5<+
zTQ*f@tIwr_(?(TvBvJ-<RLjHJw?^vBtkDn@YW@ZjxF>?VL*QrV)HT!@X~%;ubS3N)
z?9oDK7bB*qo*&J}<8wP`81l>JVl6bxB_iB_Z3wg*Q9I14XE9`A6?Hh=`G&XTrB%L<
z2wC=N!m<~P@B}_AV^X5+%1x73K5J<>vtIj_{f1xc6rr=K2z0NMhWpU<?eqEIf>Pa^
zh4xY5^QPO?{d&t)X~&A0a{5_(4<YqIHZRKg4;?<F#PtcrkD2AUH4O0a3LcQOR1rWA
z5dy{8=_w!v3fIsjv!kAIYsy-D0sb0_?JVX>>hRRqRR@R0tL$+doUmPM={i4g?G21N
z&s^OJzVE)Yn8IY{0BB4j8r=F6s+SA=cHWqs={d;Sb91nvdN#S+EC(C+@16T#F;h$-
zO_SdeYxQv>{zd_CUM6y<Dh#fmQHFeLPGmX}t>Bp0*b3^f^dhQ$v<XdL30jA8u833S
zYV%E(?P~6)-{=`8o8T7F#Tl>vdT?Zh3|Dmwq916ppB(X)f<6cMV4AJ=Fsd}<jwV!^
zg*P%awvS$yVsWmB>QZL+H4{*yezlbMx1{ViA+@WhC%a_E%8)Hdua(8$FTgx3!x<%?
z-!unSXs*KD)H35vy!LStfx+LM2`u+m-6zB?|5p}({`k|u5mKehG+Hif&*T_4^6FSI
zAzS$+H(^LWoGS}h{?9^d?09Ge#!bnDP+!gUJAOA0k?Bmxw9x!e=y-XTz|6M{bYCmk
zsbU1LZ>#kwwJrs+rfyaO7`K-wOR42knOUz2(0QEen~3{6Ix9z*`Zm1<zS`}VB6-#Y
zar~C35Wb;IADdi1V@l0~3e93)cBp2c+!C@s`8-mS{CfaG*qRFfFND6sW)#qq7_{;$
z5Yi<|!H|a-5*b^`)`tYgd;2Ubp;AQX9|GYscU<jO2ww2IKd6lfK_;*xtSACGkvw0>
zx`V@6$mAZE$mF<L25c<M_G@N2zoH;}8u?($I{wf*V4uvrG>qyAq(k5{WMcRyX3Q0?
zHR{h690luRN9uhW8zHiGm&(U}BnPl4pHXEpffCRr8^Y7<)^<z8A=}z1#F46eJ+DFu
z;2q`>K27#3x0{>oJC;iWY0_6p?DuSi!Jje6Jy<Tptp@5yw4U$gGqoGyFdE-DULu+r
zH0S{4Ui7cIUse+)<Mgaf?TW4!hrT!2NKh_LE9zeTW<4q2p>W7Tw~1e@5hUNm5?J)r
zS)LEae6PD>`=~!F$ik-~+og}N?iq1*OuIm!?6!f=)yfZoJ3J&_s0H|O>PS>jJ(|xv
zqcE#NkS25>Lh~Y05xEz&AS<)hI(p2uCaD+9L1Rx~H;ESlgX7o9ZVIuN!`EhKy^%%*
z^h}?&e7m;%6|I#zYKM(+^dC8%=KcF}k*Hltb_(X@J-lVl>>XS$0`C3NBt3Kam}}0$
z!AXUxH8JKnD;2j{q;h+4i$~VW&6HY;Jv@*lnnrc}GnRBEWR67+A>0EVkc#`#PJ~FL
zj@iVGq;>8kGn4(t-ig|6EZf)Wo3&zH--O%;%KtAgO9|jY3*5gv2RzWX<Xi6Gn~A~P
z&#<7Ks`NZQGw7{jfuGd@QXn7)yS?NIPHTb@%(-ICKcwRUJkpx*LSGsTCkg9s5ILRd
zSo&t>P9e|tJk5d|$W?;S>&;bw?06@(iwT1jQ|O*;@w)8!z098(TL@hT5>X#Zm+Qb#
z&XYQ+?LS01_0<ac+Ea;o^H0jsfx{zwqc#Q4oeP2q^$kOG`NffJHS8VVSVQQ80Dq_X
zST1M(bS64-+4DU%1FeK(WLQl|=N*m)^L0j}ui4wH&5H_%SHZ#vI~s@uSpbRV&S$BK
z0t^NZDa-}MxQx3}a@Chjjj79Z=xW)y(FdOE1^D{dPX@&at?ZoN<|@zjORCa~g^?!6
zZyX8;EQOvEIzG#^&lCx+5QtfRk?$C(d%aqjTTAhCx9EG96d8DV9K#mxcsn^VJ?L>e
zH9)(>LW;TVV18*)N{-8?B5u%jo*1h`nop*(jNop4_sM--i^FHvygOM+mxBtrWs<V-
zA^t-3Eg?Uwv?8*0iN_UcMGfniLENqlpEt(avZH}3?wAOc#nPi1@`!FWsW`a$r^Tli
zr#y7iUU5}Oe(4BQOpnWRuET`MqSpz=7q}lDKd<C;QP*i8@}JW%chphVb0vCYdNw$~
z&k9`Y15x=ZMoKP!CTF)K9a#MMcZuGj#`ry|^4Eo~H{UNEeV!}MXlLOkdJGZfdL?qM
zTHvE1e*ISVADP3zQcZ5dMiK5K-u36)n5*5((CoIn`w+3+q@uBTlV{9N_F+7(cHkq8
zdsgJjoWX9fzYqYO1b3n=)c1?BL)qZ-wu#f}@1FcO|42d{LF4)55>q~IRf<+M_O!qi
z7l;5pVkN?R$j!5PLppik2-SFfhf<hgE07__Azvo{N``SZg?&0?>yS0VBC-S}3TsyW
zzHxbqw!Xmb@LBjIuk=K)40N2~Un|G|>scc0=-k-VV-c>pS^xr9))^N6ga2BbWxhNX
z<#myXTSK|ZoUlI6H7u06$C>DaHfDqL;S#Ui+UCak7<_65u(9IImcd&^@_wq!oBL5E
zcdG_nlY|gldy24amD|&}A~sDt^z@~ZDZivNDTuQ?n5SNI8_!GL&GfM0gVPWy!L?kk
zd+CCPG#mu>3o_EhzA^Vb6z_qm(oiNb5VAi9v<Pno9a@h~^MApK;0zUybs{Wg!(^4!
z+noWuMFY;BFh*^nR~0*QT-Fq{I?^0jxx5wRA|%(ib(hhTXIsGYcSX6}>OnE7{0lfk
zA8zL>5B^S7F}Gsg=}68jH6eotKS8R!gjVd^obM-DdaO#HUD}`O*MH}-<i6%;?>p0A
zWQ6ARX1yzSAaip!RA+05oy{_ROy_ptK)R#r-M(~uc*154h#~ximt7seoNnhXSn1II
z&~)-_I<BGlusK5Y0`H8WIHCIV%xPl3-(WQOvaS}V*=Aw`H{8JBTg3Yr$*uxQOa27&
z?5N9^9L0gAT#$5CNY}bXETiY{&GKYMH^q=~%OZVhBIUd{CohNP_xF9JpFUcO{p!Z<
zC!LT-kzf94=vAq&$1hQ8*^y*?3apRTRD3!ZtNizTclWEEqpEHB=|?tJ{mo}jDXO(=
z@N*){iP+1B#EaI-Vz$U4ryse{P>n+IAK7NC4HU%YvUBkh>W1BEb3n-~eMwoj8&8fr
zM;H-G*>imIc}JJrD9TONYsqip$ZK*4-aosgVLH$vBiSh$=N#g<;7oTJV)_LLhTJVw
zcy9OV(f42LFC{%IA|fXqU@iRadRC0lJxxi;ZD@B?k&t-G@1&O^-4GU?b2KKdmf6Pw
zd1CLmvUwFI-IK<LH$Fp7#baBuvVLtOfxl^+8{S`lf}T8vIJXJ6evy2|YZ!Of?VYIj
zxla#f?zQEid*GVpnWhg&p`Iqp{U!;BaB%<C*GboL+PRe+VirCO5_gy12bn%}iKlS*
zrp#_Z(?4PAV5bLw)gl{aFm(k0HvXoESanAJ;Y7`h$g8<6J(QS;U|bAnOkz;Xl46?D
z!Yb2@445p<A8(!FrL@$*334fUB2*0HU5K_&|5v>g(}Sz29%K;-CDcvgB>*VRy1&F_
zuEMGCBDRNLwR6o9cQErt(5B%9EuA61^u6$PrXM)G3m<0P$PV4Nmy8Azl>t&PW$83#
z3vCB5(4P{Ce|W@ndUY8cF}v}MlpHyBWeF~o@CBx+Hv?I!z#sFG{9W^XETbGnbOOyB
z@=>8`nw>e{zAQt(N55WA&}@_c0P&UK%FpiJJa;nP;Dn^KH}2~nChn(Cm*Y$on3z=T
zoKlp%j?W+1XUIsuU<HVzV^gpSje%PLDcQqB-xl*;HN?gd|7a>fbYym3<mm0Jt+wl#
z_%<StXSVW=Y<1cP>;mMVqpxpdLr>;QQbxVAZg2*lu@;6!e7o_RpOHz!Fyd0?h~p;b
z?fWaQiuRqDOou2}#R1>OG%lS%cWQ|a$V=IrsfjCFck20&f#LL~oJRwU2SAZkQBb<V
zm#<rn;ij4|=?N+}lT4E}l83HgErfMR*J4)Dm{dtaAI%yk<lvh})A=eVa&F61VW(t%
zOK%pbR_D&q5Kl(1s*IXRj#@a+vvS-U7EseG!w2ojWZ{nALcNsHGUMW!N(X2BtmDX;
zkbf&Xe9z3S!V0{`fspfacF(Gu2<$$X9ksc`y}Y`#b(ZfQ>$f`04-3g=&@Qd8+mofA
zpcP<h4<dOi1FY=WF8ZsLjX<ufR8lmyF2XWrjs%YVp}dPn=~I9ztcjeC=cELxjq#Fo
zqU_bX(Jn_6VuZd%VppVvd5WnOz}a~EXJbzMy9C-^vl~rzas2X{ox;WYzzZwLMb+YR
z^-v+&c!KXr-5_(Q&oJoRuxum*XdAi!ZG$J5yr+H(_d=?w)9Uzkg!YVPhHo$P=C-aW
z>RehTqfvZN0#dI`V!?+~cDhpJU*o>XJlEs6W%^M+c-rz7n@{CT8O4qsV<u<Eg;~Tn
zqnL|Zo_v=ORUeJ1?16x2T;HKSy}Y5`Ax9|yS;(8cc3eC|1x>U{!<&Flt%oI0k9jn!
zS?zRp3Cv@nNH)}Y$CYyfGhQpnrO{-0dg;YPjikrq0vno|c}`E!+~j=(X2HgB4V;}z
zKRSIBE)Tr=yA$0J1hGwf8AmwrYG}@0ybq-ylBmyyZh5w|PUAXYU@+7@G^<RoXQFZZ
zLw@=EW0MD*Do$k>Hj+CwzcZkFkiqC44sAL(@Ye1NeYRKWj;!|(9Ew~aRO(;S-H>nH
zQz^m=O}D?DEqJavDNg2VEs@8^;QuL;jnbBeRTGMRD7G#BGbnLhB}ZD&EnjuM7y9V3
z@he<y=!d`P(H3ZrnG({TZ#cT?6v^6@H%*Y}T&|_;S2rQb?cwNy0^~RO$^YkJN7qzV
zsxZQRy)!<Z+TQuO@$$EPv3WlHgdOJmA~T^%;+o+knif=Q`yU?t%f>!T1I?+8>+n%%
zmW6TY%@u&s-&<D}Yo>!P<;H97Pm@uX=On^1#2!W&Rs-lhyaF0-mwPQvp_dNoK2%hr
zCHeW}o*IJfW5+HpycoJRo{qswZ?ryQ1*#i^19-Z(dWyd>^&YO|HsRh`K`8*aUjq!m
z=zfWp;Tmf<Abp_7Cnk=oGN%|`nF%486l0@F*1fyWI%#S9Pmdl_GgjT%&Rnm@Cn;F)
zEp}B|X4=^Q#%m{MOl=Lbb~i0z@ljvDVB{^-7unK_q<j0cTHeBHiCoiyzrjR?NQ?Ei
zndYpPWDvp0Wc!!2UmYn%x$nD0Y(^}mh*6mFUN0N_VUkbUIiUb@-YEGd(_q(GV|gEb
znx>yTMc&H%k)$NJ0+uUh9ND~Jn!Eh{`171V`TKnWZ+%lq6IabT=f@D&b4HYJ`HRMU
z<eT0@_Fbb(>b7(5#`>7CwyBDOlHHM-sP$l_&E^0On^T4$rrNVv0L1g`cj_6aLPrRn
z`6y4flx*2v<*deTuK?@T)cijVo7(-E>LIi*cT`||>g;DVjum#24Go{^xGFr`M;w(3
z6`(tHaSU3|d8DWrYe$UFjMDDA1#HUXg6`KB7AJ7_j_l4$zBy%QxJ$7nG-2^Si20Mx
zxb~B~Xk|s5g8O0@f3^Rj#V$(4uN<T?Dxt%yF;F=FMq^!g8Yxb`VsG}uN~^pEZ?kk?
znkV}BL#?VGxRyj827i;dEna8G?MR#6GtcD0+hX#L@xLD<!69(c-F0yVh5SH0L4Mt<
znMOXIn|aVU=Jc>ih>f?$gO`NF%zbIYLOyIHKI9TnAlXmDtKj@CBj%Tnf<8m_b+yN*
zrVZh_MQ4S58z)F{n4Qt7UwwgPPG}9Os#%)ti0!22=0}6YDsV^$ptrF3Hn$oKdI2yp
z;IQ@Xy<|E3Jc=l?cQl*py6j}c%2yaa#q?AF<2U|wTC$*&tmWlcUL8R&>yL;B&~R;&
z44n4XE4fAQYveCuUBQ9&m4zRFn1L`1PqdU5Iz9oic=7A6FGY^a&QhWtWmRtRT|p&o
zsH`+ym3dXh(nn4Ff^JDh`3-d#Prv@`Ph(c$<$AfY$v(HE<fafWkFYlv^xw}YXz!N5
z`>tfXWqbzr&spyhD6_4>Bi4@&UK0AuhU!RnOYe$x`5>f$5c_u=z$5t<8^JLEl?f=V
zp9}uz?RVisecJzmojj^jjCf0<V-7T7@JjzHSg_Hn^#0JcB)b#07+3qFe`THJb`g^y
zH29!DdTm+k+?!904OgpcoKbi1HN`S?k}^C*_n@>{k58=U)kwA*C;FiKx_2{h4mUNU
z7O$PKKnHfO|C5Sz<HX}H?gRMh5dIn)d9t&4RJa7-rq3-*DljI`AC-pQ^}l&ZO{Ubx
z$0wifVab0vH^oAOh0wM?@vFxhfkrb}QG5M#wdH|s9YmW&^7C56uE%^ARfCs%&8NiI
z1t?s%<xIaISbnXgR%ofj3yQ~v2G_H8K5`L85rnVKo%c@@K(l0eLX2jX$zh(%RPUeb
z#_f@io&uo+e*CF`tKFh_#pQC;R#_0eoloXl=<^D2ZWjN=x#2jo=TD-&@@?!uO1e)F
z!Um5M80<1t!}|@=0o6ddN>Rnv+BCty%-Rq*!R7fyqYVEs5Yza;HUBO4S$*zSDXJqy
z<uRhUvh;w=eadH|Ut^H_vm(VsMQlD!b7l4j8Bxnm1(KMmIFXm<n@^Gg00{@uKGqkI
zh2)ENf@VzxaYI$hYuzEhT%-r9uwbI}(m>g&*!axMnYNSUt)X-CyF=aw4zK^!`%p~z
z*F(yxH7B`3{e6t2;;>g3!69;v3kE1B;-p*x$fwKzshOk#5I|{lFIXX%-J&<Mhja)d
zcLP7slFEd}5aWFw%ZZ#jJ|=oGd*b@#dpxr+eEpzhz?(|)bFu{uiz~;>$hEamXcj+a
zDzdUI632Hw4Rj<a(WIgz*NOm}Oz_!M=RdaPDUF#y85Ay}CoGh^zBSXL%be|Z*;#zn
z(gGikEaPYqmH+n3aH97hrS6b~AZivyivVpwVfkO?=NcDYN}+PACP5T$lLP?8Lf#IV
zj%RAS*H;i8kS%4D;<NZ1Q#FFCiP;w|xX%Bb4UeO-|M>byP^jBm$V}`Gpv;h@=8a^J
zdu;&%Ikzcorp*A5=%0C%C=HBbw**exDy%C`VO#tbo3xhm@HJcW+>vY(0onMLi4=Hf
z;NZiX>9{2h>LtH=E2aHV+)>g^3aa!%V*@S67Tnh!=ewtZS2Hp4hBY+mo$}xau>4Qn
zHz`u*p&DAYHYKB&amIze;M|k?+`m1BPAEzBZj+vRrzlw23^~0s;8#GD$9_vpVK<2b
zJPi?T6dQ92g{EG{g0$nkgIXE{lQ;*Jd+~tajf@EjgUZxH@$pRQPRRrFykPzhG&i7D
zKOUL#T~hbZazzcF0Sm_gyZml7aNz$5voT-$XD$i&@IRFD|MeRGA8Cj3H`&L3V<VRT
z%`am*uXv(hgUIHYyB}ZFbJv(-K<m5H^WA6w7=vx!3lxOJMih-NAk-`9fv}6kM>)K&
z1GD)!Kgfb6z1ekvs0*zYEqqy+14;dC)og2!?&~;@+jTF9xCKK^x<{qlAmu2r*&Qm=
z?I8R|G6`WM(W`!M)6Cy2qRLg4fTE8C&AUwEHFj87(Ui=67`GH3z>aC*RnbjRrXQp<
zi*&Cl9i?)WUm5dZ<N0Y#;AL79NZ{1s<jWfrZ3S$(>m5%O3n?5XjD(Oqq%TN<71ioZ
zs5Z_ME-UXF!Qg95+x^InSeO4&fCa#`cVXDa^Uw#EJ<RsIKEw|%Ev#R&q4=6ZTx^bU
zX2#O2S3lqlU+WN&4^Nm04_K^rbE#{ieDZ{j>bKkD@`3}x2EIXY3cnj*ZH@AEm&%l%
z>l*$9jc*(hhK+~=EqsmVz#1};rG+?Aq5eS>qortwbnJBhIiqH}@7JE&!l?~stB>%(
z9J1ze-oR71GxZLW9s(N7>=nq(k4@pmG|e4fvkK*scrb(MDF)z<$7XUXv29Z{xr(XQ
z<;1_$(&TT<zyF{rIYQ#BKAiJ}6{nj0*T7Q)ZfkL>5{OCWf%vE6P!%?>P&?j)kq?tg
zE?t}Su*3V`d(u89$AUs%!5&`zgsEIS0va4?vEi#_zJ<zA8iWo@#vYiFJS%;Mg+=<@
z{^}v^0-kXJ(pP|{{_Q(%(3B=u^6Xgf1Ggw=+G3CO+K4d%@4nnxcMhqPVYxA0UZ3ym
z!C@dVvCt7m=ZWoBqMx<2ZI#A#+~(9A<D#-Zep#E6aCU8R>dzPt!i|cTN0()ofJ%^m
z#8}jw){F_4|5SpsTS#Qr=XrFp-Qn%Qdo!9(@*{2y&i00z8Q}IuHt=Dl3+QfDtqN^v
zsj0(DMtrfAX??;f`<cgJN(Q7cGUQBBpAu|VM>zKA-7%A@#iy0^(e0{&A1=T7$(|aP
ziQCb}II|Ux`7+6^xw2^0C7e91-Gd#Ma@PO$@a?Goug6%hLSocCFuN$wDW=Tb`9w(w
z$|Gey!vm@c;H$b1=I|O$>Zf}F8?z^6aCw1nr%Jp7d6Z8cloF(x14~@nU>&A|*RTy4
z0yAW&Y;z(y@xz$Xhq{73#lD20F;}^w3v8r@UTw&$Vi2jKBbj3GzK~$JXIik&-<y}`
z*N1S`c0D>}NO1mi4a=9m91pYM;Q=YexkVo6{i^D^rbA^~u~pB@CQF=hH2qJyx)V=+
zjx9;Yl+E2{UC!j%JNSv&_le32x<YuL_m3?36Ly@iZ?)axyp8W1Y9%<3gQN8odPl^p
z)aG|w4!t&k7|IADJKtkrg_tZX&35w1De9Q34HW!6l{Pkne=j~>z^;rT+$7LQjjVzJ
zpB|qVIAcH!2bd?-3H0`A7=CskMuvEZkAOV;)UbC$zOeEAX^D?{!A-v8#kbj8?;;J<
zBImNJ1RIX3*(q91<;Rv>;`71kTSj6YuN1L&jq;xG#05V1J?6dODwQ*Vt)|Se-)Cp0
zZ7DaheZcKbqvfTWBr`ADALPKUN8~yo-xzmJAGO9KL25eX32}|H*Q%A<aHQqxi#D*r
z!g~0;^lEkMf}zV@zAe3I?aUds9}sgBcPw`xw{osiqTJo$zC3qTNT>E~g{kL)s<;(Q
z2eb+X42NUNRKKgVJ|>g%Z>=K#=TDEl-~a5vg~cDLUSGQ12Sd*LU3j3z<ODzdov_LL
zv2YLA{k!W|KU4Jck^A}#lR)_fk4_UaZ>}G_J&M%4inj|U+dVv%L$_=5fEsaj;0k=j
zZ*xoC_>Q2|VQZ<BFWmAvmjna<_h4z@$0!G{<Q<_v3n?d$IV!K<*j_RDvo0s7*TGkM
ztvshQHBer(D-kAqgX2xwZW)F8a<M_}w8z$SPjVg*(X>7=8Pl(5AZvap;M3vlJpQBy
zs8^AQm+#RX;0}4^@#Rv<qo8cV8t5g_xXdPq#Qm_Q6aY=OO2V7Czfj=qNlhcK-6`aH
z=Flncci=*ljILA`<*o7xLRbw{I-Nh&)^k}l{rcN&Wk;Kjch>L`4i5N{C0}UwlHfOH
zC+_Q94d=OZx_f2P#b<hJqUSD6x4`#rx{YPmh<(MlM_Q1zzq&2ZRHU7aG`_0q4u{Vm
zt-MjHowEPu+bv)TV%H)tHYRXncxITpdw6{D2S^j1N7t<G&ON2Jsh%-@p*pWQHj~}(
z9}bN-kyrD&x2NWMAgWbp+rOuFKIZqXp6Zh<S5)fXA~!(!N=;!?%p<FbQ58H4Bzn`U
zE?R(S#U*m{aN^oxNRo^MLZmg##BEhgC2`gBpDh$Pzn>k|oZOmdWZ6$zaYT+qjfRIy
z&QwHM?AiXp*`iDa8Z`u*KH2(F6_<L(`#c&cGBzOx-JDroO4KcdyrfW7>E5G#g<x&D
zCU~Rv6mzGY^tBgXXFG@EhBLClJa3l>7A4kG<#6H&B$lQ4M@?}YgTy7-Jqas8aui#A
znORhS?otWDs#CGvCL{5@DkXsdJY5<KvIN1rBBa$d2F>-Tvjqa=q5p(e@34(HUZIo!
z@6oG2%D+2m`;*rkfTG<US>)=sq%%q4S&dR|JO4y<x_{5jgt57C;>n(djFbTGfo{Rj
z^=?Hv%Weqy2=Q_)wGyOz)X~tra;)6UgWfmkfF$8<up<l_)XVW8<+8x!j>~P-cWTks
zLcg~#{KYXqizwTLQ~m)xYq}vX>7v%SoiKG@G5x_|#lNvUd!1<ibXx#d@;Umw2ddI(
ztMD3P<P-Y<$5@`aSK>8o^1w@*l4hKwt`PqyovStuD?u7~q2F_c_P4mu2P8n-LZ`ed
zv{u0id42mtaGe5qwM?l?l{q8n?3+#Pb$Kh}J~MFi{w6mrQC;*=eT;O#K!^&Sh^#cx
z@jJAuFD>>SIdk=9DO<KaY}KOe_vzfPK)GeDt?PlfQsobc3fXtVHreIPGZHC|fb#y%
z9S->yoBL-my)jEKhcz+knEyno5k!&P?jtHhHZqinniQZ|{>?Y>4I}KxTv_z`kI+#3
zkOYtg#jMIoy;chO&(0SpL(I|cK&`&LdoWB3nZo}r5MlIYt_h)BFc69)i-M@S>>hrw
zm;~ITv1PzLVsn1<ib;Z);YBFwOOuA(t)iEEy&s5WH4oL3XLdQwmzRMsPfyNuIc?L9
zsRXk&v%DMrckS8#N8>j+Lh{K=R2VGi4R72%C?-f61(aiYbUeLq(@$@@bvYC%F>Y8%
zOgq1tt~cU(u0mlE?=D7_q?&#Ftr)Kqjp&nbxKOTqLuO8=k<WU>ivCb`!(}CXk_#F<
zL#CFjyemB(DWJpj{pS7B>@mH62f#MI4Cq}`Mqol#=6FjY^-vl03W_&)p3##1W7D`U
zt*%6D_1|HZY0m^Yb_ipd7y?!1*LXd*hBm+7daY5Ix;C)+xWniDJdUNH-mk%GW9sEE
zftX$*5qqoyk&NXblVX==@Ji*cHf%tEYD7MR;b$<_vFl&9nj;h+cju)ZqN%ROXJG&2
z3Dh2I#|Aj`0k;xJL`!XFbzOo%HK^cQ$9t-dz<)k}%e4r+wSTp<qW({iaR2>&<Z2Fm
zt-d|bV-xMphZ#H8ptT>(G0<O=LZ@d|kwJ>BT<deSet*fN;6&y%UV&&{_dK>Cw<kvX
z{Vv3WIZ=}4@D5Ump}PoWh6JyDZfj+Sa5h@1Fxx1vv_hr!^Y_4HApLEeFd-NkH7C<&
zxLk`rC~H&s;&qsE1TCm^V=`%Uhk3yx)lU3@MHMW3q^Twg_zz_m(-E=lj6Xh>ll1Ll
z;x1vX2^@(d4`mU9$a(2jV3hO0013y%+4jVzW@{HU-hkW>q{K%a-Ix(*bK`_*@yu<z
ze%yTm4v?COX|qSHy9A4|u&9WCMXW>{tX_|cUQJ#^%l?j9ZKeUQPnOm9fldg(UNFEK
zb0GWbi-{7<DRyt9ry!c^xFsMc@%c&YZ`9M}2(=~~c>dWyK?$(I;!Sf@*l0-%K_V2K
z<&{Q+k{wtoO{(ZT<;$`!W@py^#9u%|R5LhsPKiL*#-BMSqf&PB6@$@8xNBTGWRs-k
z?7QAJD1My(K&NBdRd@u-_msN-+jHxy)PYDlU}s`ijM>OzCn-CJ?_Gs+Kv}web8}Ge
zlYDog+GIxHqV6I`jei{mh%<KwmXhsLGg!LV&p)0FGnLXf2XOV0wajFqhpwVSjnafb
z2*0lI)!kg8BqEMhMv6?DCH6m&vpgp@5s@c^fH$fAyx!=qWnRMg;k*5je@~8QPKE9K
z;(CYTe5;av#8lDaY=<Y<_jTW+X1l0`%|#1>GtJ(zRQ~*7m_?=lt9toY_{n&GLWeY5
zr@s;ti}R*8ng6T#Nvn^y0&m4*%DKj<Ds$}zq&BOY3Ac0|4g(`gJ4M>k3G(vEfj%{H
z$>A)HJaq=aAuu4!r>67$h7`G<chjH8#vv!un*G8VV@}iW=Y!L}q`Gt>J9B7ev(Rhg
z_G@ZhF?+gp+T6OGGw4s^v_wx^ik>z~*!q0<x8U){n-Qt+?_bI0xX~!uD^}`I9<Mcj
zT_&Q=Fk~qWP`w;22VMuAyHj&lR+6eyl(X**jJbY7qLX*UbHu^}L&c_ioiseA2l0fo
zD1gt>KiUicOZ~y0V3G7cqD%klO1u9XEp`7E$?1_+cLMkwr~4?Rn-g>M#Tjf+KkC87
z;n76KJmLv3@C8#3AX|KKfrc$AVT5Nuj+l@6Vnmg8^~&^rW!_Yjjk)QM$N``(P$|IG
zn>ANV8-T}&X~*2P=1*3#&y7W)&8KHy)1K7%sMuG<7T%D!tvnxciPlE1`Vm8LhT}))
zJ$3j5Qq5U_Xe1WaXG}MAzW%?rLDw>CtTaYJ(&8nu>wbG$6By=1gbQ=|6&D75nW*k8
z4k|1MkRvp|e~da66IpRl2yiW8E(SUsm11J-!IkuF)pF49?+&HS6sJ~~qUZCii43#N
zoK9qub2t+pR}Bu=4tPCt_raysqgTqefG=vC_DOAjd&#$CpmVBM0uJ`H>G`7Aoy-iQ
z%Z}EfEBNF)UxkKNB-o7!P8a>$K4oGoTnW(Xvs~`Qa8hd80Xgo!b?qKV@}cH#rU3x3
zabcT4aF+3!4{M^&)KQ6)opdRsAb~UR4TruzjcmKCt+fr;CZ%|ejmLssAM_Lv7%msS
z(JtFKww+B!b2y)mR`N#t<mD<TnN#i-kj4kT>iZniuQo@|`eb?wXol8U;c&k>8@~hZ
zZI0T$kcv;CoAR8hRk2#?pWd{YhlS-Y#^{T&>1uUF9o#Z#fGhk2{plYF2-Z8h3##uM
zHOFDFq#u&tDo*ovuJQ{XfI3S3KeBoLTYt+q{B02f!LO2Y$@#F;Y|5j-zC%A81>60M
z+Xq4-Mn2C{V=uj^UzufEnVo3|>{hRCqrL3U)ct~+4VH1ut|!vy!Hmd>zxG{p94bX5
z03Fe>TY~X*iTzAF9svDN`H;a@QyI$7luyJ5ht(hJ=r<3|R6d;yPtcQ)fP-9#=qHZv
z)^J8nXtDx*c++b^R@KD$LU~dI#OYxSHke%tz~z;|8bAO|ioUZQio7O}&$Rk}{o-gq
zVSL{o=WHL9criF#aSA(|#&39IW_5V7(n}r2Cr(5*;p5?dI$-KXgYd4`>&-g%wC>G0
za<;~$XmQfD6KdX9N{#E&8`@v>eW-krR)FRclE@e=4>>w>vvw?-;PoKSfp2-e8F3tc
zoCrrTxjev2aA;;~C7W<;49mV0*SV7Db>~EqpN~P2A!n!X;`y6!NJTomZISm@^}uEZ
z{1}I5l%D|F{lXFI<`gv~c4rL*J4V*^)$vRo3u}ij{SIEa|GQz)I{N-I#!IVh^?aSt
zg*tOL_Ntl#zAw{9upg&x2QIk&D9MsieNC@&oogcSm?(5?5i(fDylj(p;#k0BqPk2!
z5mmD6NhksI4c;LD^o-i2F2>x|+Fx9|G!c5pv_qXITJPq~dJpl~5cifEBtj&YaErFw
zpC^^3B|>V>o4wgD9W6RY8G=dfX2_MF)z|9EY}_gJG9&KDYz$6Olo=~LPIkN{K=FCO
zZv2pRG7#K8U(z?Q{(YjXV#WwEW;OCrVkkV3Shc0H4$fOLVSPl=8JM>d3Qp4-T(H_+
zbGv`QCnDHO#)^#S@!a0dX>?{^J)1UOpW>;IKMi59lNg-PDedE(cVp5%o=Lr^F&mgK
z0`MGeuRFpv*wUJB?%X`Ex+&e1+IcGq7?k{WupxNRXj8YN{tL_p2O3pWs6F_JY0E&@
zv2C4Ay+fySz%I-+Lh9XMZ4*+gv|M*p(pz^xzw^-Z^n#y>|CZ*J`l%ZX^}G?GZQvGv
zdD#RdK|xl)RdfBZa3n3^sE)udPN$IWWwqR`V*>~<M;mUaq-O09Rx52#esu|{_bVr|
ztg(4!sd|Gw#Vz!iYiHj!*t3)q1#@{&1hc)v{}D5!7M;m<)5hx$%+rBs(gvo9cjTjc
zwz`vMKcWumK{f%ejC$z*=W)@iJNg+^(*r7P$ctBK+2nrv`Z)dzQ0Tca`Y_$*+tde9
zrbpP0gxO~T8Zd35YBJ)K%%aR}Ty5f&HP=sr@0dh?oVOe@*&*2EQ(jb1%;MR;-HpGb
zCF`C2KF8(2T>iZmoSy_{oUk}yQ2(OnO?pv&0O#&@t!bj@s7i;s)*kbgs5>?f+$ve_
zd_IwfQ9jkg(wE+IChWEE?#fFEc1@q;69LW7CGZ(HDktnCK$>W0pBZC^Fs2O=&=OJd
z>+!(5C7&}4obQ}Z*XqY_B<c{KyzFsJp4d7$?Jq&i9)Bi#-nq=<D*QCTYZ($RmNxN4
zf8LRr;BbRx`yNg?d{Xl)P$L+Qim^#Ft!HxAmuM7kD~GGI@ipLk2>$W%dEPObbm|Q4
zeNlrpvZT-Q4$NNfh5VS+*iUEO3@k{2PsF`Tg!rSkI_jyT_;}Q6h!(wF>wIGmrO0%c
zTcj&@eOD6}cSt6s4aVnnO6>j&>Y2haai{0xZtTu;H$~LyI&qc~|E3j+e#rYbd~%A^
z2-4nj=)=5AC!YY{`{~M1HLzY!NSyA^VEf06y6Qlhjv+z=+wgy}ba*crAQT0gZt34C
z*X^ALZJPLHh=-z1dO0(sbWt9v==o;_joY#76cl^vB@jmS56YHr0A2A%icp&n%)tum
z@@2z`%`Y?tdyb%d2fu9AeX89A!3bu2Ex!|&p1u3%do^$>h@bDJ)#ZbOu#_N_XSohs
z_%2H)a47toP<3+FA5R(Bo@whxKv7&xs!oLuz3C3?#x8qmjY{R~bN5)8HF-{TXAgyN
zIN%Lyjje~kd8%=G2AH^2UU!ECQf%{QbaE6FX}D0OS-S6Q?;PGsg0q*DHJTa4FDspb
zFI$%z9<9X$!+}i7_Z?Gk+IEkr^2Cj1o@0a_8XI+CTj(!2i)g#HlX=ifpMh?zf*Uh6
z)LI}Eq-v|V(ekeH%<hYc^xc?WW$8+o#3;K8V^a?xlQ#R2O*7W=vq!F|IX63Hg01)m
zLdYN(JF^M;F1$u?``%#TD~a}L#u3|QYOb0l;E9B71!HE+xhXESudy*J)x}Zyay&a2
zKIsbeCwY+ZskXt%@_>77^DNOC_AN2z4dHPI%aa_^5@ukcq*a`9T%LKA^Ei4{I@5)$
z8qk<$U)pS~f|skS-Fy<@qs$Smr8u39)_J|aFP&THWya$FkhAVXOxcfnt_78XbsUqv
z_xrJJ?~R9NP8iVF%$T}v-%{@;nckTMSP47XF^pw@-ZIQt{n7kyhTZ=_a`0;`>T>SJ
zpQT**Hw*V)?Mxtv3mC)`7joM`0QvPQ=3kHX&hrYDdeHkvg%FvOa?D#{P`L8zH;6ZU
zbrzgPU`VDPVL41RYA!jfX5#-8NZMine8oeB!r^;klX6wci$37Aas8=8OG)ZPzsm$n
zIRVzmivV!icT&7L)$SazsTbYy8uz_9F?PC8Qcf(smPDQ=A2NRhBvnp@+W|(do)}?%
z)%TSbHO-Hv;t2dX?QQ`zmq7hBFdc~U>LVsYYMS@ze0vS>yuzHLo+dCKLtm8=h@ud4
zLndII4%9`v2yh0rPndP;msuhipya4PfQbj##({u=CC=CBMPJ*Q>4|w>JO6YQ{=E7?
zqhOGD_OJ!V)5xQHw)rFC()2t}Bd`8vI-HyCufKm3a{d4Qv#R+b@A8NO^Gle^Pgq|f
dgw8Lo{j_yiWp_Av2@DQPQcO;?MA*Rp{{ap%6e|D#

literal 0
HcmV?d00001

diff --git a/docs/installation/images/windows-boot2docker-powershell.png b/docs/installation/images/windows-boot2docker-powershell.png
new file mode 100644
index 0000000000000000000000000000000000000000..b1ef89672619b3dd7f4c1ee7d269f221bec3395d
GIT binary patch
literal 37945
zcmb@u2T)U8)GmzeRYXNaM5M$DN=HOGQIRH1L_jG)Ktwu74JEMwQX?R}M5zKol-@#=
zUW7;uJwWK8rU2=G(Dy6z&v)nk_n&)a7-t_3`|P#W-s@TGS?dt-z)<`6(ep<+I5>{$
z>fC$C!Es=ogJa*sk^SsDK)sAO_CNc)A8Oy_DD4$oW)BWJ-Z8kt!SNl&MYlb~9&>u?
zJn`n>IMKZKv#;Ib%QFs+gkIfycOC_R){wMvHv@l69!pQ+<qu2K+j^2jJ<|6ng5S}i
zHxIQ;EQX~*^sqUfGA@AjXP3Uez#DT=wt#fyl}f|?D|T00@7Ad5D(dQJzC5}A#h}jb
zKw*$^(HZIQ?Mvh5a@v=a7RT^6Fk{#Pb@HHvy&p_it<G`BpPc2AiCUmFGUVB7V_#3<
zA3&@wZkEa4VZ&|65*e@dG~4+$;=tamS9~#jJ(#9@L$5%G|2!gnJ|`U!8d0<ldE(C)
zbW=;ghKtAaK%mf{al?yf_r|j#MgNeL|BM6r&P@hO>OVTZ<ojprDH=>B0ZnRbeTbDZ
z#`2#q`}S`C$b9e)ya~TPAyWrd1EN_yl6YBT`Ko0yfX1{T8=%${SiY=&+&k2cWg~79
zO2r#!{+W%Vx98qRxCTNr_jWP@_T%2rNIoXvG0VURy0XI>MWc4m!P_=W(jt~t0Hh(I
z3(^ce;3Q=V&eX#aMWIr<ekP~>%=60I8;s2AxS_^!lyYNBJMsy`DgYADbOY2nkd*~w
zpqTjp3cPWVJ<S$t9zjn6u%cKCFnTDIp$%Eb?#97s$AKiifhZ^q#%kT5MxZu*v4qTg
zDGrX+RB33lIh3qGzu`iulcsap&)gu*7NfSiXZtTfXV)<2Sc|U?xUfQcJm_VTo@S5m
zdF8An4|*MfIa^(1=N+FQ-N4Xp$8d0bi?7(vuV??Vb7|pnK;vVhlrQH6NK|fSV>Ogj
zt;QJUW;LS-2cYXa^ko*AMWeu31JGp_9RpdCrgK4e9ij8w%vA*aHJp)X1f=1azghGR
z`VS*u@VJM(?>>&Fm|#4{nbYvDiQZICzsXBk<kUf_$^fO#-sRImbiz2@_%PeZo=&CN
znDWPHR;pe)+km&0$XKchw3!dU+C|Yxj?7NhEDk|G0NqA0H&_oNm$jL*Hk4WRi-AlV
z#xLM@5Oe`RL$l}#j7B(Rv5{_%qNs5H(Nmf<bcXBUBw<`yr^M-~>l`6a&1Ifzc~VB{
zH=g5_LwvL!ORm-IMxkQuGasTzuKvFk|Ac`KRkM;js7T;e43>d|Vrc+c9+n}>+S;Ib
z8?kUUhO%nRT14;~4bDu1ZWJ){Jt#b=Sry0%V7CgeJGDWn{PTW+JooYj!@%!Rs~(K8
z?SSataZh0VEDA91Nns#!1K+smP=cXs)-%o5ifRE&2OIiIsZaex0qVdUOEBc?q4nQ6
z+t~cGrjx@j))h@>P<mhL-aLV*Ru^&Asc^ii&-;3?8Ja(G|Ni{+-|Zi$^;+Fx*go6Y
z^*5gNqnfUbS_p#9Zcx^s?Duo4Gg`4sdnnDHseqd0rtbiE%-Q;6AecbZTs4GVWV4fl
znofr-!FSzQJs3J3OLT;8>iv;Ju<$|D!@={Dpghczh_ki24$mmtyFq71?=!0$Jw`Md
zucXPD#w$E*CY+;LqApZ=XdO)Iut)^~uy&=zUC)4Xb6hq%m6Bl+jfcTP3!<LIb)V|l
zzQD0%X~D%d+xhDd9?tj;WN<;&{GnU^tSuX#T_%EQ0Nv$dZ39@2kZDKAHfy(-HObnB
zhBR+byrGP0`mQ;WF@s{lSvfY;UO3gVky5X3&B0N#ug;n7U?Xwbq;YAn{jPSIt6N$;
zsbcHFg+hzmZ^%IxPNl3a=++uv<AXD9CH)NAx$i1I1!awzmenEu{1!rgP@o!(m@gF6
zR$6~EV7n2pOdZ97eJotaR9FZLK^^m;OhK1aAe($lOYBZHw4EEpDumODSsSdKAm*wg
zbjP1jjhe&KI#F8~)>3gboGHng1uzz&7$fFomQ<tbQH~nT`1j9-MvO9xV+Zd(S?Z9w
z86g7or5qFzt-kCQqWd1RAo=8BsxxLQmlYUwet3xt+#uDJ)oB*FuyBMrT)b6Yup%dc
zr!JK3L9Gt|^`76&5KznpbHQe7oH;Gc*amL;2af~j5pWuoNnlY}!9)Osh@yA1-59+Z
z&S(S@DbVc%_*Hevf)Q&JOSVU?PkP*BpV?`Vj{V<V@I~cA%>phY>V-JWGTB0cGPCed
zqZ52XZ1jFfE-RX+iLVCj)K{1uK@QBGxAldbFXMvvb8t)_`|F!yDgzld3>Y(00fmFn
z)mZC0OluYs%20vMIzpCd0A?$Sa+vvZW48}TS_HD<SToX4ES##krH7htmS%CYIyR`2
zth7Qd4i1HV5f}t*O!|IAXBQ#LLh+~&|5BgSW3IycefZ|9RgbpPK*VH|dMjp_bU;_i
zm{8?cX;1jT?Bi;gAv_6u!NxirzK0ysV*j-=0J8_nG(Zs#v#OwE|6nqLX$0v*FojT?
z7}dr=+Pn=(n#Dv=$iQ7a2m?S%M=isc$2}mMaQZf!u7a9J(YH2Orh6x2;-B2h1JH-}
z<4HGxu4P{_<+sg^a=##6Mh-aSH28XV&R{|eFvD1CWu>Hzl=l9e-Lvg=*bgf5J`LMa
zcK|{66P+M}?Bi^_r@FcSS|Az47)Pyf(_0V}Bi3dz69?Gsrvd2;3;?6wpV^Vzh}TAu
zGJ#up8}v?TBrAc{w6R-=B{2RyL)#jxia)B`zpO`D(z`3(ZC9v#V=$-Hlqn4~w&!)D
zpmiQPmmdCMXrW24VS0zI-kTO4wG)59BC3GyL1{)uwq$^%mP4Vsd+XBN+ggkMQ1AFv
z=p>4yc#&79RsUbG{L#lgynk`?Rri5^0sIH#^}o>m6!kCYb9}S;7neCkq}jgr&$Y_;
zFM@MybN!3$9JE9KqW&vJ8QTq$wgCV9eK<oPr&*vokbz(nAy6l{jo?7xuUk(9r$Pc)
zUFZGLq8mWQs`!TRKQvC=Lgp%N+$g*1O@r4Anx{H(NCxgP1({wC-X@KKln)ia(bYeT
zo7->HN6v3b8427SL+`JK^pA(TCn16Z18^g-^Vo~PeQ~TjvTX^grD-qfczOWHA_7^7
zF|5gakSN2aY)#c;JajzXfNw+v7oyxNP-v-LxeAx3E=a&{8!Ev)-anA;znvj}k#b-p
z&B$ggXY4_iW48>ewjuM1cI<|;n$WI|9Nc_?e@|M&_EvJ;#P=h$r0$#>-kpo&90^oK
zqHxeNhwHQt>Y`N)WwO$igvY)|4%hr%BNNg(?Bo7<bZ~m1<aWHKrmq4;AF1v(cidkc
z(1);=jiq%-)#P|9zbJg75S#k~U-O{kmexe&w8nKkKe@C7a-@4+R(9yPQkT9e)UaIr
zgSf|Dl=UqWzeKJBbiBP9SfWs_fOxK_8WmLgR$VYDw(-s7yqG~A6Kw?iIoz9*cvizS
zjG3j<dr*F6bpSFYraStj50xBzpX}${KncEw@@wtGt;hBjj?7y1J}aISwV$~;gD{^n
z$y?eC%qo@HZKV)ZJ9zi(oe_p#AqPJg93~y7wM6!yuYagg4r-KFYKgpN{kQ-Vm6@2J
zc&vD~GBJ0*T9qsWhgvLI#U^Iy+g^zzUdYmWkhV>(dvxpFGNKZzufDeU;nz9tob<D&
zMWsA4wHZZzbzUQ=_vMGN@lRJbP82G)^U$^kW^MD5yoN*N&4oU4TmEw=J1&Sn>I*!3
zF+%KP!h-X8{i{27uL4z^<or^A6Nd^-u0tF}d`Qs_@#6l$YCw0$EV%m~vo+Xk%UtwQ
zYE^@ZA6s=<-HBx74L2}ZTD-BEH%7t@GST(Lqb7UAHKhSn>QWu=kB?vuY*)oZF!OcZ
znSHYJ<IC9PgETUSnm?Z%aQZCvR*)0N`CvAG+Q<8<{gjv)W`%h^D9V;axzfG++B3Rf
zP>Al>K=>sC&w(r}npC;)H*OR;KAh>r2YbA9{R{wl2y!HT-ePQiyh>XI4Q#0#arpWv
zQY`4D#66p9RjE+!BJ~rOjGp`DErQl6W96##Sc`hSw}VP@33cVhI|BBvFUr073FXH=
z1kIJ$(eacE-s~`Z`kj?2g6L8U#)R~a3-N-9a&4x$B38AxRR%<cN)@WAJWM|#>v`*i
ze5?HAB8%jDEJJ-w^@Ml@wwD#NxPI=_LB`8@XqTUHnRuz*S>t?Px@FZi=sa0`C1?2&
zqSQlnWj|jO{aWDEiwBQ4O=auuBci+jB3d`?4Yc*ugCt{nUi>~px_R=!hB|GxaQ&1(
zt)#HO(pl%y6G+dNEty7l&DIn^I)CUE9Ou)9<dtF8HY7W;O;K>AACKLQ!9E5ZXJy_-
zRQEh~;}sfnDZn%1X2W!SHPDTIKDt6+Rg&cJs`qh6R&mKd9$h)~jQf|+CsQx$#KcK?
z0JMY7zK#adc!zv}OSE;O?*8tCz_U2V1A*$=j7Yl4k1~@%f3fGv<B>hHJ_M~vY$?VO
z{Qmh@&J+ge>5+|<w9m^wE$a)IF8e7ZA281_%@+p@50-q{N({{G@|J#7*G3O;<NV0V
zNL~MJ2>XdL0afp5`%F!sS_GMH14gh^CMnc+p=u%<rrPeuwsj&p)3N%x=N`Uu@;0Ci
z^aW-L<eg3MGFEs8PEfuLI9R8Y(T2NyC{p5u1UL5GnODCoTUW-upaypRQ_!d5za4y`
zR((jG?Pm-|H47|c3v8?;2t0E!VPvtu5Ciqv5_u&Lq~|KksPLjJ_RFL&6xQXV$}8u6
z{nsy_U|;VDS>P?XqzLHBr>*Do^nmO>c4D=us)YpQvfc3GR;Xh?KHUGVy%OzR=&hn}
z$Es)Dzu&79lk&1Gu3GzrKY%eXBq({EP+3X-p3aa!&U@fSBkk#N&`Mix!%NE_Qro=^
z=?#^|XrK++!#~L=&AP6j<(yGwI7kOVF{~St(qu%gKC#5C+?1O4#Y|k~7AFN(?lc$|
zjLfu>m8%t#f&-+x0uHR)P!zSeLdvE@5K^OfMI|MzLcP*Ea`m!h&<SQQm)<16^W5*V
z&S(kvD;*YV114|uW)8FE$l%DqMCmxDf<VXP8LokuH}BXFWuq-$YOMN!F|sPz7fdB&
zbC0*V>gYYQHkF}eyum#gK@YA^@#DCOA~<lM0W(OG*Li*6uBu}T+VVBwQ=mWF5huxS
z$#kK71U`C@D1v11bq`$&r$-0j0zGZRh!I$NHKwz}cA(@we@>ND4u(e=9xQ*@Y;^Ow
zwb;hHSUH79*vLG6?$rBn-;yuB=gU@a<e!Y1iSL1Ry~RXk0RdRyB9>PdKkIqJzm~8<
zf~Jmn5TWP+yv9MyMK`(c)F+yRlN*Q&E$H$1==vu*Vqm$LRnZI}8jkk<)ZA5&=6&Tg
znGw9(tJb)<&CT9;;OIbPLlJAT5CnjI{gGH$5bvKYF!s4pjdV3$_2n9RdX7jL5?#X$
zG%as*-+|}A_p4vGA?lJR@Vvts92_HZ>pKREtjP#A-s?Z$HlE((Wgo*DVQDP{(3Rz{
zZ@u))=kQ@;Z6N$x!tUR+Tp83$p{7>@47Uz8QON7F$<0UpMggyqf3oe0Z!OgxGHF;4
zwM&{OyO3!zdQ|ci?N!mi`nj%UdzSxXtt4x7*m4km2ddyL24ugDgQNO~FDY;+imp~g
zcp-rt9wYS>r-}$b9?i^r%e67`YJuEE)_+yOZBXtYH2!c9(+(d<RG1rOqax6H#jqcX
z_q~$&)u{16dr9;mPz<YVd01oTG*H}0c`&)@JAaQY>xBYT_d<iWPtmp2Y-8%{x#4?*
zrH~4d@FF4_`f17f<a{yQqLFdk9vuBbUvFk5c-Tg0u3<6}{D<(U0hE5lJSldFFuS*?
zOwp`!GmE#}Iv7&)<&4`Ud~0QybWrJe^I+HMU6&~F)zQR{v;)+Wlhlu3BHbJH59<=E
z@Y`zTIj)%kQnk60J>P8&Trwwh9L|bsR(A52_4uO!{}xlSGD`T$<-&?QxsAtXq~g*%
z^OUX+$`@I;!7u3cjP<?mFq0@t#(ZC|F!xPP|H#eYS`)v1NN3*P<DC?Oj?mH54uL!v
z5svYkR3#<&B{Tj^JHd_V!)tyFzx$ygN7X|3NXwGg!^z*?W@{E5&Wezd^d~A+e0f(i
zby_b41*-LB;;z~|1u7FfW?jE!#(P}xE%zUBn{zZIiU9rN`qrddC&qaLCp{EMf3)Hm
zZbhSz-(NLoYYM!y<XEG<+MbEnan#ZOQS$g1pxCFa*~414j}*8BzxQn*)8ZAi_zLYV
z*u~}mW=-AT%c0RyHJhDr^1tg8rS-90(X51-x}MMnZilxwCL&pnv@TimCKEIiyYH(d
zs3kuLZ5%|uJ|ZtT$}<=$%X<cP1YuX{x)!tq-07xnP|SIG=n)Pbj?$>u@SVH5=_l$K
ziCV$~nn>Zf<9oW8mKsd}i5?$Ii6ZaU`xU14eEX5dMYfMn72Kl9P!^xm7!Ms3pFSNO
z4J_l+wf<0t;;%>giN&3FTf|r0Uj-Ie&jS}577daegA_sg&O9bQ1s(!3659$ewSg<s
z71kK`VPq$p)-Sz~>i0Z_;sv9JRQK+1aH!1Wt@wgl*eJoiet^KW{}~^9%LQfvo=j~P
zU$E@<$X7Ek{2DmMOnQKBhbNSv+kpvDWOnw%UirP-2*BYG6Yn*nu8B+k#@@8){y;_v
zt$VgTgq)B&rDXJ5G^5ywna4+bE2?X!uHMI8OOlAds;Tls)g}4*vEq_)Pz_wjDaD;&
z^+c9;JLlfaJ$Ym*zJ2C#8fnS6pBPy;6Ks(1=}{IX=sP8xulRTFjr!ksQ%7QZG!E!<
z2O+nZg)SgK*A@5tz^B>@5Y&|AW=vi7F$?HvGWu3=d0eDuZlkQe?JncobdpEiH`b%t
z-|w3O9`|2b73Et$v%JbU5$IISdPI-EmABifokqG<o6SNM179SZCa-%@G-BasQ*Z}R
zM!HPlA#EN>Cj40Xpokvhb}U@9`3O{obE0g12FoSio8jKTCT*5ApDn;(pJZu^5S30X
z42VKA#OE$JG8wA7;H*F5y(;(ITErxzT=<-N^+?3qD@V#cg2|pA&_R!dWU`{;bC<??
z?YhdDI)v;B&GUIyS2Z8@hQ*wS@=9B%BS+WL2G^>34Nq=)W_*<D$CErb69+3XMcF^m
zi(#rut^y;lB`(t$kvFOztHLIZ0t>$h`T(mO=S|4sX&&zNuDMm$I=GFVl%c5ti%Rc`
zqP?YmIdYI&(GeTaAywTqKlp3Fo&ho<T$X%K3x@jxvZg{lS+mIYpNyl0)j~lVFTdFg
zQNvcnD>_ChzI%Gl4Oi5M2_Kk$ZLfDH{{@BBY1^eQR-TJFbO|n!^+edG>Uhc9)`#gA
z>XQ#|Z_Ir@^FqySi6AM=!@A)@y}Fo=mEv?i+m)MAc*XRyoiWrPBZ{Jb&b;(H#p95~
z1fTgpJ(Kqmw+N)O?C+}Lb1?}Au_P>!r0ljmACM9&#(h{>QmXI6BWi;&$;9E2s`unm
zw(2~6(!K6(^IAM}9W(oSqpzYqQjFhZ@=`;5Xm(z7$ga-RLvIn_36Q$N+#Sd9r!-SC
zepvNeW|Q3M@==x5TLhjv^Er@E%Cgp*qVT{F2PhvgRp#^aORSPtdic<cE2U7oR@Jz7
zkUd3to|P)a=n4i0?~L4A9H^Jl9S3JAF1kcVI+hCPgL8mmrtOV)qoNH2^t@f@h`0AH
z0wt|^;^Uk9s=f_yB>?n37!{z5h3{=^>4S%Cq`Ad}??`^Am-yq5U^4STsBFqYb<hN*
z4&xr}HGe*4T*<0tr<II)nWYo_2ci`Dk}>$NoCF9u?e<D;5%-dBrMY11<>F&01T843
z*sNHn5K|5>Qmm(DEM;*j$sr@oq^t);V&~dV&v_dN-^YuLpPvtBB(wRmldxBO+^Or@
zruq*iW&dGY$Qbp8esC=;P;CVfF_4P9d?QyY#Rwk0V`p(byp(l;yIi#%l9Dka+f=fb
zt#BNXLSXWQPg6gwD1`x1WCdyq0`4WQ7d-7UBAJ{$e$U<C*nD0r=c}XBkd;G@lfUHs
zJg;n@N7oGpu={{;7s7`~$%W6NF~&awz)uGQ=4BqKssirW`GTteap+Gr36xt^dS@Gz
zm&lJGtu@jM3C3&NAHyg<9YTeqX5TjQ#-eT7;)UL{m9#e8+TLnTTHQfxr1{qERYTaN
zfo={YlZ;Sza{Lhdp)fY`PsG4cBk~(hh0%5g{(8g_p8t>h!G0v<VBdzV2PM<>&+Hs#
z9LPrAv-4!fXDuiN{?Wg)D+(`>V}7GLt}z`3w$Zn>w&`d8t|jLc2z!Ka;LF`)BJi_O
zooZQf_1|d(50I!@o{fJ!vQ$SRNxA#UBIky{Hyq{Pf`rm14D6dW>HyDwyyLVg_aD&X
z_+L>Y@}%<U0FvOJ7pxvy@;&}9A2PyY-nZvHhOoxEgK)_LfPEZm?)P`qcJBXtfW5Ow
zIpJ{OsrMJA8s7X%y!^ls0w)>a)Sd{HzMG8VW^G%9T^f{Mjq(|q`d<1wIu)>XKa#Lr
zzs!y*|D#|MThmLai|Y%WwxY9BQ>M4(m3BSNVSJ}i5>vNw2h9-&IE~kg>V`rGnF4wL
z+Tf{z)gmpQkwM$~efP<hAQyhwDwJGznaa}$_)O+u)bfQ)!4_@*i1j0@CKiO4Yd2@-
zqvSeBm*x_=wESu*Knk0A(yHxD*uN_enym}8?shPDEcW&aYHYlNNGFoRw*G@!+HR3=
z^bpH>9f$ttsH>*q=`{CtTNAlX>%{5{Rn{<$ed>Cq7t+7SXs~w^m-lfbNLah`+P)IV
z(fqDJa*mV_vuA%`J|+Y>T-r+>jh{#(`u;~1$+VQAdhE|Ha$NZ5KS6f?e{x#2{K#Hd
z77Rr_T~<l24G4(m{%r#<+0sXedhWl(3X1Z+x<KQ`E1A-(Z(wCW1r8p#z05B6HUgfm
z-~n8{7~R$u&|9K+m!%Rl5d1``UkihQD(pQf`uy*sAFV79D29ydOQ%JZ^}~-}bT{;#
zZ3P}5eLS`?nIm0}9T?B?X+Gtu9I5hI%B$UF7HaM#!r1Y=R{n9Ez;c^ZTS6ItRo+|x
zUUXStdDoD)lzA70+58;`2G<{`cHO$(OBmVXI&{3?H5B#`@*_Y|Vr^%tFL`uhc`c7b
z&CjXfSvl?B@SM4Grr^?{vx1}RcUhT~FTP5^FkT`{X@VY*87T)-VXGDI<%DFeY|7$&
zm9w7@SxWe_T(mL1(jQTnDL*sf<@I}i@S7&SF%fLKTFD0R5t`*l8)(|BZGQ<yXitvw
zl1}eW!@#-P^a#}16U3_N_O_f1(P(J8f*5^<Vd;Dm+-n}hqmi){@PyUvMg2u5O%Hwa
zTulI9{T$gObzV(}!B^?>u;=rz*RMkXH$^EKu|XLM1=cQb8hpWVAh<aoV(a`xZfE}M
z)*aiOA&b7)DC~JtsL*rVJjq{Jlr2Ju6`ew^C>*$B4*KcjWh8LU&AI`Q%M0|dZ@p$O
zWYqNKe#7Au!Whs)W?pRVlY@)Zgt-o&M#b)8_3RPqBd=p1Qry(S{=s)^D!BHqw5x=(
zRNJtCc-A)k)#~#P)eRb=_Rd=a+(ux%Ueh-d&&@U5qgZz4^PHlF@Za1pCvt6*aLe^R
zlWwX+@?BO20Lblja$ay;ah=~Ic+wBHxv}Vo3l?X}f=*qx&o(YHR3B9u%F`l;n7b^i
z8nsO#v6q{+2(<b$dy=?WX&?sPKmvAVmW5d4ZSv)feGPzLXGtbY<aLzIkn-Er??xs8
zTuui}khp+4@xXMPaowFyJA-GTDb*cDKihJq>nN1h7d$Ee<=$hT@rPxk&bFjpV6WIf
zIE-$DJ97`BpTiEwr4iwZ0^2K!(6O2tCY$Zg<H-9Sbh#=v$hO1s_xdTO0p_T{qNULh
z;+ys;_p3>SRI{*EGJjT*+70TC^-jKJM4NS!z4<s{nbUSG;1I()nui_Cim*Z1X%ZTk
znM7_sAcPb=;Q=Hu^f!Xjs)+Jz3mByndLaX2yoMdZG^<LAW^SFADrp#$$EbJ9?&+UV
zi~%$+73AQqpPd1k%Q9W2niz_a<u&JD;&&As+7#6;0f#S=<03WLq;HIz9Oy<;8vHjZ
zqWq`d{p7fYo+;bvICyODxLrM-F>p2Wofff55gQGS#vC#2<k$Q8al~wC+9`{7uwA%7
z?%94^L7w=M^dHVLDGKj96*Q#=$;|^wQej3Lgs|!wcx7hg9n-n9#j^96j4*^2?EysP
z_Bf2wUY@#CeDn=Hsp;IrOV`SyiT<}#c~DV=0e)PeM=Llz0T3xS1$(Q=Gw0k<vTfuZ
zuDYan;1V#ukDaW+OqB=Qvm&FvraT~akx??SAC0c=g8_B|g0GG<(o5NyT3<n=HmyCN
z_R8X%*r6w_H?KPD9`*qEd!e+Kc4+~Jn3xuJnEq6a4G;|qb0u**ugZ)h)*am(*M6Iw
zGLxN;VL?pSP3JsIF)sW(x>t8}*067UOs$Gk_>uW*k|;=kw1v4)F2TOuc*+ha#0!&X
z4)JNvTW~7_(7aBA&MDbn<$mq{8!Ub{VevONs`TphDuQyEDBY)0%BB8=c>9IL#6@^z
zEd21TqDW3492u-HcA37rCXB;&qlYPN?Cs5!J063o92KiFG!`G^a-Ljyn!4yY;n2V2
z+XGCHyPR<*N)7~pnz!yrA<vfLWe6XwWfroqL@wjyor5GiF2>-^?rpwR))2ou5gMkJ
zWJ1djF+CG9=O(S<WP0t@!sxnZ5o%TrmQY;?4~y1TM1!ZlylLp!u@~*_n`&2M=^qw&
zJGk5c24_)Dfz93uj3O0HZJiK5uRP3gW_~5Y2Z{;5b~Ha$Q)*oFr!xG6Xk}1Qpyi@K
zn+vaCyv_;mLiKtG=CRy*)3x;-tE&Y%C+^3x`h=tlP~y0Qd$o1(C9-wS_J-VtDmCPg
zbt<xz$4lI6{rIoy<jziFhM+KUk0AKr^a{kHn!_th0O~!?i=K-=1w*Ve|NFBM#AACX
zWPT{nnkCB@4rQxjuXo~A@k@3FXzB~S>l0Tpk8agqxrJMQlh5+r7>HvbTWjNU;04P6
zGaOOiq32gIcJ``^!&g7EGFzRPCwQE4@OYF!s>eA5PkFT$yEVh}zElYYTZeidJYjOJ
z!U5zM6<7iRJa<C*!y11<j67id$F;vLUt51y*CK?7U|F}Ol5A)@<7|SaU26Li>(>0*
zkvH^rUsGA=nc;T)qgA&FcEptttA{7&`mD8qNw>T+8E>KW2LJ!C2pO}7MG1RYRKy$)
z^10VjRQ-5`iHR-6gHoX5BN@;1>_0<}d3IMb68+s9#kMVMRV7w+C0*^MJ;m)`594Fm
z$mbT5bn{+ByK4VsW{VA1IM{O29%tOk(}wC1;9Y=rhN>+VBO@;M1~hzS%`1jHhXigq
z-&fr3Y>0oLY0DSW&mCDUlI>?uq%^1;Tgw4kxB?&Wf)N)gT-Ll<19aCkk8{$ppv!Z2
zBroT2jjGpfG^_`0S<+N{6TxSHwPBq6r=;2N%m;<2xvlv8PBedJ@pYi>w&i}rhSMSR
z_+#0w$L$F+MW+$V`3>7>0j=8mDkh`n`F1$Rs-Fv(y0@Mp70#Y(Sh|etIrN2d+`kR>
zWJhmKlGJ=`>k4a)vTwBKf(N+Wplxur0FXsEn_hgdwx={~;w-DRw2Q|uL;W*Acwogl
zRPDV<c0m&PiBu?42?!A$yU?Xn<uxHUwOh9)JcC7}+bCvq`-V#o+wSE&$_y^^F4Bux
zp_LBzgVkv@htB}>f_DHF^@D6d0+#onXn)9mK@noPp%Hy{>A#>TLCs0({`1`9y5v|~
zUyyCA_VPdb<kwmN3z7trZ(G-D+#!$)9Rh2J)eOH0>b~fxLtY{sLmw;?!Y{H06c5D#
z240At9qq<n><vRI_rh;Ul|nP&TGwwotxml!!GX>Z&Q=7ygAP<SwNZw7ni{6JvMnR7
zzRXX&7!(p#-~fwehG3A(X1!|b`_x|R3t&G@wnFxC{NP%g4a^+&VlE;8+&&*)DmE~F
z?{FfCPGhnCDI0+NhH_|yUnozR(RS_&qNPTWK)Z&=n&}t{A2ul|6g#jh8x2ub&aykj
z^ybB(79=NZaulPAFILAwO`b;&Tqf8HJp>d!erAN2RFq@$V}%q>M!KSaYk?1c=lH6S
zp8#cfsX?-;ehO&aulwSrM-;JVw>=={L1M=DGx`y3p{1D%PsXcTb(5b(=AQ#fBJZ#%
z6%G!Wy(RBt`NIHC*NvifaRc=YGX~oc`r}Uoh>Yfs{@dJ*=hwt3YaDK(BGE%jInoyu
zPoHU<PO>jH{nAkWI(66jBfR&VQHWmpd|aSfq}(0$zHnyE`E|UFmAgQ&KkwFhiS{^8
zBV@I(qa%`29%04e!s$>Ro!;E_g0-8MO`?{^j$njBiUKO2(aCx*4ND(>AQQRS@Ph%l
zO<Wx_0<d)}&)CoLD*4wuSy{4W<!kFu=;b}&=?DA;o<!XB@rz0sc(O&?y@#D@4{6mG
z*ks*G?>&T5eHQ{S6*X*nxR5^L{;_(*NW1lNw<loIs}P*NihyLi<J0PW-1%0J%epQ1
zCMLe^e~mp+|2ymn{cqS~k-F#&3ledBc+*0ncbB?Wy28i7(eRX=EzbuU2)vq5aipc@
zV7kp7eWBg4Ede1cxqfo594m?T<U7Cp*l^7<?U6AluKN3GuIXovG{<`TLS`gd)o>~w
za{h+!jOya+oTG$WSer~m?I6GoT~5gL*uw(i!aR6Ed+y0`_h&n^k3#d1|0L+d6j921
zp@xVqIV_*?)B>(l7VJIdyV}jnq`PLaeY2^j&LyR}RBYXjHSQ%YtMhu|+Z2Xs9S&bn
zUuMHD&)C(z0b%8xS?ULz1O_ZIiKCXPr>ajcPW=cDO0`l$Uw>t<4re=^&DZ~8j-Yx^
z{GyiQkN-F3B>u%5(LK!ZI=hECoBDf+;&kprG|16(5`NP9nG3~x>o;`Vmd`b2af0SP
z2lenOom*NgG~{KK{8EU<IE{j{*e+j{dx`8#T##gyKX}WqaE)d^8?pp-^h!fD-%H!2
zQa7{~1lsT|R+4D;!lZt%Nkz*YzBpLW(a@@FyiNjUWydyYJ7{OAdo_o&eQnb7V4rbD
zH|I`}e}f3qpVzS;${l_~Zx40E{|D5`P}!Tcv^|d;_^{3or)mK@NF$}rVBHe{GQubH
zXh?sO!?tl?&~;?v@{#R#G^7ehjujMX61Sf#*46(rt7>lTND|Thu`CPT+ylcDDthmU
zWCdfRm^m3cm2=tI4B7f{C(+NxdMAZG-nMYX@;n#W{*`6pnq`AG(e!&bC(hP(!^2h}
z=(Qz3R|Uxbm->AVmx|nr_f;3-gttVQ7K*>d-v9()FSBHrZc|@mSb9>cN;Yc-$GqBb
z4h-q`WjW%&TXU19??wxW@5GMQzxW7w&>(;6{~!V4o2zZGj!Y0*;l8DDC2dqu8JyD2
z&B1YDb{35&Fv#3~+wgGUQdZT;F~fjKBk`aqi%8=(<*awci2)@F^Oevkoi5X{=B}`c
z8t4c0&4YKYR?oV6{O_Sh)bL;E8UDWvJue9j7Y*xw^@dlHT?DnUtcP^Ag@a2!W1MEx
z8)%!PSXLm78ixr4?KpB(PwKo(v<0}O5Za)qB84ku?dp8~h?ENB!l{UmipHL;Ym*l~
z<!A0TH)ukR-V#29>1lVpGxY-Nuvo!^;eKi*@&1o<OjA8Zfwx_MPfyXZ{N4cqaeLib
z9r9vUczH4K^qcqh-M8P-auwQX`cVC8@-jWWl=oI|b=Jv+LomL{`x5hVCC5hb#{S*H
z{0v%YkV%PajERbCPomvrHDi5&_8%;}JprutlA(}A=sI)jwzfog^Eh`1a6lz8f8!c&
z(dmr=HVz^F;844IPEQbTp}QbAveMj%RVv_D?W1UjYnP!eF9k$u?xIbjS!vat*qB)f
zwpUkX8l=h^!a88SIw84sacW3E+^^{5=)46{(w{O-zr&pIpE6BB4zX%vJ&@(2EBd*w
zL9$l?2f)eSHGSFkQ08hCZy=_V7^XOom&D`Oc(Q!iT+e<Qut$-^;{FqeB8;MFdq5PI
z;tS2)xWrrZa3|%I$<(O%u5$%;uKGYlPl}9L!nW9VInJMPpJe{27PKt6JD(ZT)3T9G
z_h}1Qu^hVx8^jxDaK4nEGoy)CYY6*f?E4q<+r@;88vi>K^{@QzplG8G3=$AE4$1d3
z<>j74sK>r$$#1d4?Q^vapn^jdnLlglJagB+3XPp^63cJc!XjR(I;dO;_eO%cQ*^{?
zwfjVpOC$As+p{qhG4mMi4NZK}+eZ*rg)Yn0f}GhnhZ@*=&0vGUwl&bOiR-fC*SR~f
zp;Gn_(_D1zm%?o@@n<Z-LZdv8I*a5=>xxAC55z7aI;{<TK)|&19UKi(7fCz?q5HwM
zHs&4i!S<|kh(nKMQM}ys)&G$UO<qI`%>MfA#@rg19*FgMDAB7(Wtz9L5AM@xLZEdi
zuA;9C>0JfqXY|aKR6N*;cyrx@-dzmtzPNiQ^K;^<^}Ef&-GvPO1hGhU!gf+-h1i+f
zL|6YCLpEEf?VaO;MjCCGGZs}nAKjT+pq270zSzKJLG$0n+*$FNYEVVf->Vk?j9CR`
z6n(3}JUv}#EDs%~pqEX-3$#mJ<G~a1A|8hIu_2?V1b7MYIIi;O3EeB<szl43Mwca3
zkBIVs>3HV{DH+O6XeJxGedvg206SivIT{#(`NE(b%UyGuIE3h!nvJMQRNVPzVZ3{;
z7A%5nTp7@GUP?h<WS@wteSgW|0+ryjq28I^w@QQt<)A3hS+m&*ffNtvgvGhq%r^q{
z2ln!EtAk6v3~ft6<~|OPnC?9Beht+ldM{S;JoSIvc=lhM-~W|9w*NjImLJ~0B9$W=
zg3hgCW}Ua#{cGEaXf6O2Vpj^;<7qLF;)YExXaJR7UVv!}NRaqt$yUYmkxv-^e@Jz&
z_rC(66o2E<S5o%K=pU#4P=>!xzz+hZQ0Fhzt5vQ4cBhyuU)lD4a||w)l{1<)M0O<y
z7wK353%cZJwMegU5SF`IK#ASDC~dA{17++cq5<4%Yii$o;ojZw`=Zx@9!vK9Uj1v2
zwgh{Izm_@{FPdo1Qk6`z65-?g{!3(rXMNlOjvtINabzzcTkv@4SOewrd$YVX*(`WA
zkeZjRc}e9my*MDuZ(gG~)QH=|g7UhCZoH*<2Dm;hgEmyJ1e}-uo~*JpNU)0ku%)fI
zR#iOrz~b48>*?75eRU%R(7hD&zUcbgR^ry$XS}bF{+WVnY+7*qG{|pcmPA$QA^!6f
zprmQJ&&7vuYgsxZ%*k)Qi_BB@6Wt&36RFOG-D0aI)&Urp>EBq#^Lr@I`n5v3ZF)3)
zE;HX9ZIxX8rK8lQJK&8ULntuJ5)!1UzN-D=)O{`wq-_=h!pSbiO*Ak9eCVB0cAK2U
zRIl=n=M0}=S}u3L%eqV_q%W3ih{g_Vm>;B_Qo?T3M4eNt8peietX=4AAFdde5-5~B
zN@zAoS}kX`fv2>#Ob8;>OI%;RQo&p_J;bD-7G!@FjsMcd97ww22-~uxRV_ri!5f9J
z<s`&5!Ei3zhD0z})AYju%k=aIqH5+9+IfCJ?(KilnENhWE9kqfy2-wx((udg+gnij
z8R%%v8e6$<Qo>Kf34$|83R>>&${wPS3B?WYM7<-*Mm`{Lty(WTVcy=_=*v;wD5}e>
z)i1|;-YM94fLgxDD^uJxS~o(-p`i`-tRAqpEneZv1(5Cvs>n=O3Zv{4#cSJq3ZB1>
z=3TwztZ*l}YSr7FQnEE?cllOtk-gbMLEo6XCFG3JoT%M*Ro>0Ou^S0b_+ejp!Lgp*
z+7#DAT2?^g3|D_@VpPmIV7;*aDcE^~$Pya5_}*{#FBtP}^UC@|?J!sOrKcx>He{-c
zvpnvX(Jv98k5i}-+l+j34w(oQn$I&BJ$(D~vgQOK9mgpH8M7RCA$_Y;l=sut!+y8V
z4VB>%<nDtL-|o9utCpF~DK$xYMCU6d|Aq-HX2#ZE-`Gh;hjok1{H@WgYgGU!t`XNR
zXe*s>|AN}@UYry`|N1oVU-7;1Xawx^#m$@@Orw$ZwiRZ)`>h{O#i79MBMAC-K=4O^
z^OuDyzsj+Qy&~N1R?4pV$;E_=;aP#_J`NWJJSs7X#%zP5yc|c|K>KRk$=4H_w=kwn
zZpm*JN0y4%2nWTf%1z9sxh|&Yxn@fjy-KTwOl33G8x$;1t%AFpifu5l{0`*V1a_SH
z!(jvlGTN-trp=EXzpfXfHEFL3>{C~pL{+jHY5%M_*RN&1HDP`U5G3@DJ^1+!>_^R;
zwN*Q{@On*z>HFto{l*uXTC}`WO$ZiN0JRVo)}n-V&N}x)vr$cy0hcoW*NS@;I|~fY
zioM#csj?GiUK*Lc3@(FfpOBWl|5)s)c2}q6AeNqOccRG}sIE;h_EQQae2B?pe~IMz
zyfmMk5<K<4^15CNc7Bo#O&l3Kd-ar#7TB9}fBdf1$-VK&kv$*%imMEW%mTzod=2<;
zMt?@zxWK4J9cDtY*|dktsq<^ML8}7Xqg8q|Ag^c#U()R;pTpi@gTR~<J*q8>w>fVA
zm?9}N)Ts08%8nd?Aty-G@|tGVIgi4uFD86F+}g|=sAEUjL|KhLJ82_I%jmQy>lF|2
zw_dF=jh%q${v7F%?)kpxlGeR)fVr%;0jX7v0zZIC=~->At2@hneguC&09k04Ju?R$
zCEcibmSt3_TMOC!)5{!fg%8f$=3NwIJkq;ZBNsafOQ4qxNYn;4eyYt-pGH?dyrV8C
z^@Wx6_}ANhK(ZQ#x}B^Nh3c&<lnPGOTe?aNE;?2Z={Uk(o##jlXwmn6Mziea(wDJu
zOFzRd9olvFddTO6JQ0Xuy3dGSy$f9HFexp`?&@DSMTwY|*q)NNhI}hV*}s3<MBubl
z&9x({In_hQOe_-@R5vwlin5D%gOCPwbm6nC=O1;mgog+j^pt?W8RsieUplU!!4N8V
z)5%sqMXstlm9oi{G$@)=;`=0WDX6d?SD2|R!Y$lt6f*8(S{by{7X~@*wP4u!Q&O?u
zz=7IC*>Ppf!ImrVaYFMER;6dw6}OoFz`^U-&%+oWzorqJs%pqp=XwZ};#Q+hThhAB
zT33An<Tl87hjnkNHR4+s^0B(|9sUH0p&jO!xTp}+SgP=?VLze2P276&T;0TV{L|}L
zU(a8~;Tn_H9ko_Q<2TaiH{lH_NgwiWL`Bf=d94tTB^^^T5s}?dDMWX#!Q1bc;~a-Z
z_6gyxn^(^()#e@a<5n9gdFAS_0V$h=dn{{a$smWDc`TC%pHA|iXREvSB|wi(vpsTr
zr^YiQU(7EeFZjq)U<qmxwha#+zA;WUWqhm^v+Fkan%>M?q%OfVQ9+jLEO>9L32B;G
zNKGAxZ_7J;G6_+Gd<+}MzOZVdkB@`FV>VBP>xeBL{--@<5NF$4XQ>gi`cWXqbYsor
zqV31S7TpA@gX$(h+r=j6r=P{fEmx-oz>&$-d!@rvuln=v*`lQpdZ5od&gne{Z5TbX
zQ8?+sC}vFk-1VAW_Ufg&=p6de*IdtSw4we01_G`?__+lL&3<AVzZB9w-1Mxq7E6_|
z3c1dGbn?ryekm1%T)~7$98%@VEVwZx{QddILDs?NS;xyfmXZnZPXW%pIA{JoMr@Wx
zq9R;?Xivuz2D=;qK-0_e;_%NOh7G@+LZSL<S}5i`U-OF3SWf>U%Jktrc5wbcOr{u!
z9qq>1c`@{9^*w(CoL|Jy(ln>KEL{0!>%QX2b?ap%DO^L0hKt*<#&v~}DK4IYSbc^f
zTf&l!IHawF9PrZ9^tO~lX6sOveuPPX%fReMT|<e5R95OvyT<*6g79WbGc@u?*KSV0
zQs}Wyz17c*(nE?`*F>VI8NUO+%W#rKBss@oe4c%k)|<>i&r=rWFJ_ZJE{Di61q5jG
ztxt;6ADBPL<g!1xcryz}Z0<<ubaQ`U4Q^U)4Sd7Y!r66q+aWgwx!McnSBbx218xe<
zm8v;CVChl*u5)%kb~7QBy+8RB7$E~IS0tU?^yGxc2nEA;rVjB{-Lz<Nd6(TlxEwcc
zev*A2Z?ZY9^$~$KcEC~h`th<&lY=YUrlTp2Vyvyn%WyYQQFc`*m#X{K)&DtcVSHdb
zIN#8y=@^{Hc?N8w6V$nR{!aZknOe7Js3Rtj#1IWsG(c>4R<_jax5X(fXk$sVqY`j{
zqF<8BpWgCB_>7$wvpP<GJMkd%tyk(iN;5wGX}R*tKJc~KV`GV)lUY20D!s+6Ui_Yn
zcZ{)h0Eef|L<I=l&CfvANPB{NO2!YY<<I-tY;=67y3HqMGuiI~Wu5#szMOTDlX1{X
z3m;I^csS`>!$ffnO8l^09xHsODgBpQtCsuDs-LfARylkkd9^*7c8X%W^=rZMdO{ae
zr~Knu6!_Z_;8E11j&>OJVe1dK2zB>PjaOUcFR&ws(;BhbZCYP-5n&CZPUx{-Y6MZK
z$Ea#>%Aw<JdNX7rmrw20x8OGXUDYVT3ATA|^gv@LzM@Yhr-Xwt?$npl1{)+LqNCm}
zimq;)Vu$qpt!$kmB94Clr_Z@k6XEC)$P(|~npWM=h^RQ<KW09R|6rDtv6-ZMJeB<D
za?zE1p$NwAo@5P;v?N_{V~fEe(;0Y5oG}o!n$ZE!Ib$Csnf1{x#8)G0NWHzhHJaA7
zi@z!@3~e;7cX)m@<TkIRtu(jrM5q=XF(Bm-CQu?5-j!>%=P)zoHXnA{6Q*tH5@Qj^
z8DbD&7qeP@@4STw{v8fkXQBD<=BzpIBzUmXPaq7@Yb5n_s)*3aThP1g1oADoeDxfy
z+t1Nzfx<oP2<TfHUHHsbfOUr$%kC6*!8-g@rPO2Ly3p!9Z^?sEwgK{107yf}Ga_3V
z+^^K0l6p8hib!WgS&sw@RFvyTf@cY+bTWlRWS5(yy4=_mc@M>Q5z-|vSyx3P(r}q$
zgnzNmmU4lZG$#Z<oNoX0=co_yCQHQv{+SKj3cV#OzEruJ41<%7KSVVc-+AG0ei(2F
z`B}fAZ@7oFsqW*LP{a)28(x{cR(vu{fi)bWw1A!gPn#7>Z$#Wy-Ff*uOATSDir(o3
z`3`Ye1I)^A0cUm_zk%7+DuLQ0P{EKA6JK&zk~F0(JgUIXgL;2<E(}F1P^MmkPzG5g
z7;))mS?pXwt27q_d;Bp+>@gPJ>`kJUI5MkdZ2)VP?C++mt5x~8CYp?`TqYF0D>f?h
zv6~ue*eQ^-z!KRq0vb|*S-}kZO%k5H0|6slVrU{~+jm3)*|8Jf9!ZYDQ#0)H=w~8!
zXpJ#1g#1@?0A(WvmrQd#OuH6EG;;(O>%-UYKjLd^E}9HwJ+>-(k2<fy$ctyEQ+XaP
zd3LoNiLlkT#IaD*EogAi$-qpgU3UK)pEzCd_XX)0kVBrj42_$$1#~xaw9&Hpbt@>N
zZXC}y`3$PPu+{x>%rAx&V08;E4iyx5<fVQs!X$=^2OWM9$VCx+-`!5pRm9!6Dy)qM
z!g6+F<$0$+EZ~-U6{OJvev`C1E9-ej7p5p9F-Anc-X8jvF0t#h#ch&y^l?r?c*`^7
zteMYYHXmCxil!(drhP;6tbcy3no?dL4FN7|PQ}zYQq5;ulb#!<5hHD?uTIHynVzzo
z@@@EX(8^x|*PiO1-yjX4&RqAHx!&86wbB@<_)HYMA(1(D5?W<4S$7!G3^;|dsf+$0
zyjd-?A2@+HD>@nq@?aQj&o}OF9j-k}H)_lK76_u?Mvi3rZtA%UCI_e=^mfvF$6rmq
z0yM7Q2ci6it{{$tMJCpTE-Q+#<ju>$DplRm9Vz$6Xn~e=N<Wnz&af`ede1aljZxh(
zNn2+)A46^uPoj-3RokhuH-_Y1E+Ww|T{Iu?b$09kuwp6Un+lub`>0b4ExX2=f=tMp
zpo(@l%Yux3TR>M+TRO*&t?8ff97SCY^4Ixhc9QCAO&=}wX%o}uv$9_^mwsw2<TQDV
z@giJapmlu?{KhH!Q+x5e=q5^4O07A1%f9q%i{dT%3$=;(whmi~*eC_S8~T-D?G#R&
z52JmJ`c*)CCOoWcK^3{~a3fz6r#*^PJ-pUNbo8cIEnhuL)q4+qF(xESF@6jTnKhOa
zDqqvQx!y-V$nlEyOd)VmYNA44T<z4FR+}(Ice|pdpa~XUAurO6Z<poxj{RWCruY~y
z`zKy)4IG(`-rfkXk@f|8yrbEjL9O}v-)OJtI>=Z#q!oB<u<)TGA%|vKE=%%1?oO9H
zASA`J3y<Z(In>aM&5>TNHGOq8S7GOp?{#Z&<v&p#TB9D3a|g3qJ01H=^&Y7cY>MVE
z*OlH9DT=qU*#d+S7dv(flw==(t5H*`H`iiQ=qJVLBR<EG(}YRR8Ebh3_Mw{)lAaIF
zv{6O&IIfVc{F;%3mnGYAmSZa-7mDn6vR8iR=N+^XdGB2hN@jMR+lVrzKTno)$VfS!
z&sExYbJ2tr|7J!#UY3v}*v7Da>y$0SFWt^sCI!mG9tT=*SLe$9Gr2X>Bwuv_7(qVu
zyh)LdSRUq!`=Tv+{F14zRsy{xSTJ$2+xz!=9nC@}0(%p=AA$P$cd=iI8k6RgZJ@8`
z{I_c#us;}d&qyZF*#vO+)Q6(r-42^uZk0*fIEd-0TI*tyaA#0|%@D;)i?$PNgXmQf
z_J{i77H_mNH>XzPG=5xmmu2t!UmT&yTK58@=nrzh9wPRGSkv9fXVrEh&-SynY6fq(
zEG8Zc10_S`zsxr27iZX6%~GZp!#9cixI}KEoD;@zNHMKX*Ml++H<Vt$jc^hKD^yZ}
z<2Y;@v>MgVi39~fQ|bDQ!P=f$i?l_E@B-e{-9f#XeV+6GWPF6o;U`U#UsRE^BO$<$
z4WFF|3Pb|2&~rhhy8fe4(rV1gaKxUbd%aaBdgQkX?0T}q%|6aX8#7keXaEfLC*4p!
zjx}<*NiKbEe-7b$aLXkq%lb7`j6YiM=dTX|R`+u31iil>G$k#dw0|QcaW^u#4Ix_f
z9ggoz)O%r)s7nHdltNbgB^7RdlN%}A(aDRStRrQzfR;FaLhY*oo0%&hBP~}EQ3wJ3
za4S!CsP>ic6H)F_+tyNZ!4e$1k<mR#e3@KtJCgUq_?RgBFI2FvSFb_XU&TgaPfoxM
zOO)I9%PrB5h1>r5FX7+#bYo~nXjiZ>=^Tf{X=u)$+w3wGyAgqX?R`l4Hu?3A+8(#V
z@rrQ(*=XE3ZzJpp4?mUsYlC;NK>Y@N^)R11_S>AJYn}C(QUm=l-w&t<7j-Iq>d!Od
zl6tR*PQ9gZ)5Uw!aSAc)&TCKA3|;c(ui5gAOO(Iej5TVXFy%KV@-f9zyr{7J)!aM9
z&j66Z&6%g<I(i)cy!J_|%_pXzRpmWqt@PMpx_LszgI{7!g%@82J)>*j2NZ)~UsB>X
z4pj1K{McJ2hr&;_72k)?nQ=wCMK8{RaWm`jCvGX1HOiOOWF{v}sxjOkOQA>lcRjAr
zzLaQ~;eGFiI>KbqRFLx@h51>5NU6k~Fx9_b&`xXB0+GTiz06+`aeY^gn~N(IUoL+Z
z?7<x!Wpvs3P%HYRTdqlHrb^kZ>7l?(<ubaL<^^w^i}Pl&(a<OmBJ&c^?c`8+#haoN
ze;OKJjn6Sj%6P*?9ZNmOhaP05qw!(remoqgeyB`^zWIUc+t;tQkAw36$zK)lS#(Ak
zev4lad6sx2q}MuFm>-3}gaSm7=>(3ylL^cl!fia95zD=ISWee#EjqsgJ`0uqR;31q
z?E2U;xVOLD{vm<{eg3v~m@|B=e$IsPefIrs2vR*_VB6)?-v-PH5r0OA$#Aggq24^=
z_dsN$JRy#|NOvQClDBb^JIbC>+tgRsG?h`jf1ma;*~(Q(bdKIktA<_ruHD9RMH;?r
z2sthOW#wN>8mt>4fDL?U(Yc;HZl8UIThBgFj?eQ`w@C7XNCHI_*G@q0Q*;W%RN!3*
z6>Crlo8Z6qy%NAVlHUJQyA4MC+sF&24d7QYOm%Nlf^YQ=rI(>ipBjGw*?M(WbOU(L
zPn7oM)VdR%(|K&c1Cde1m`c{yZsOumd#iVeJDaMo&4iS8k1+$!fqeQ8XQVpSA2s!7
zS9~*Br-D;x?L0Xx_bZVdwTwTl!LJVe&pfr~cmsq4@P@7a`Q7S6B;^_h^;1BG6#p9O
zkQt38!wC8@TU;#A7%Z_xU-alXQM#*F*V;In&e0#ijQ=jc+Fwlk)L4g{6{xeF3I^iL
zFW-9v*;~jfzN4hT|A)2rj%T~=`^I$_ZMD=c&QhbOy;sgs)UI7CcGWH#TXd<~wKr8o
z&6rgqX6>T(h*5%+7$u01#P1t=UiWq1&;5Hn_w&4-{N*3X@g2wU8SnA=P|aTL8xCc%
zKRgl|*vj6W*AXMq)P<=v2uwF0inj}CbL8mx74l!ejQ1R`1uDe+x^6M8yklr!CusVJ
z(6j`U?W-)@PTQ)!?8mwgCiHaDyW3p2ZEDsIwi_L4+c%Gw3NGP$(x-W}B0J>X_?a!J
zuGra61IgKo<a4|J<Clu}I3vP}E|_qW%Uf*dC6`}L@<#)^O(tyBf1n6|S@HNxr_KmE
zhplvMa;Mk0R^t&(F$Q-_Pid3;l06LmKKt?IwT6K~-%+^AB~_xdE!ekbZl~nA)0=tV
zOw`Cq4-LWPzuTe1sR{3@<Te67OD32UFpB;py_oyWX7KO@AT-wG|3#hWb7aQhP<Pvj
z{U%#K75w^rpm4Ug%*l?-E*kzQRqDnpM0<{I=k8ASPjIr7$%448SGO_8UQ%P7+V71%
z8AC}em!ZO}W1hxQeK(mzMrM|WYLD|KjK8X<#3d{oxY_}frxeKvY3>J_jY96g8d@Tj
ziM#dV!e__TmKk(<e*LX-P_B1_SS9A?uB@`n7!kAR@NWFjXMH9%??qJh$KkiW>KUsL
z-S4pmmHwHxo`lTa?T2JjfLx-hrZ&3L1IH#p3Iz#|yr<k~?_q0w1%hfF3wYgVSjU4|
zO%6fast`Gi{h9%d@W^=D?S>SoelxdXT%kwN&#<YlQht<#J8^u=4oQ;0x_;Vw1_OFH
z2J*Wv1XS`q{k2_TO84}>ep*1FP3%x)>0>&!wz=-`&>tU55u)Nk_LetF_u`$eZYN0f
zA&QDKa(5vp^cCDKj!~TZFS3hc%yEhkkm&>O!K&*aR7&5Wf;Mssh>OWIvW@w?t-HUw
zb2)l-kTF6Y{?>^1lMF%ct2B33aB3KJae5R<aOGPuvx-66Pta3WnaCI#YToR;d~}22
z_3okQz(lAH{rIs}3<ZN`1$*CH-_MhiSpM^g+WuwWn6`c7%?p8gZ^|Mg)-|$Nrs}z_
zyxfE7&$7h9_k40$``NC+bswkK=4D-EsSU=yd)%9j!P1~5dYOTr{OwtX-bx>SGQSTk
zJ$ENv?99>nA#hfEepwZ&Y<N|2l+*GZ6~5Vgd%gHU*0#Q(=}m{Ko1g1@!wS2vA-J;@
z9o;_noySdhl#Rj)Q)CljGgEj?OF7i&WR--v4hPwmOoa-MaJ<VovRE(L8*31j<D1L{
z(V=BBxB?H8{pJiwBzK5>Ld*`y?x4~9<oJrIzU;_kN$J!hqPnV4^msS48iOv9{`!4#
z^JhVVvG>c$(E3tayjUXF2EM*adTiSWHuxLUqi{*K>ybPaq1U)nPqV}PD*aSy7`Q+~
zzC2Z84{5D(+{Pa0$yR)+xQd%dBQua1q>;fTk(0=`t~DipT-9hF$>xuqjX6CblKTj&
zkYRzV912g5wu~E`boXgxCI$HgQoV7ximwsNZ5Fo6^*!m^I&YR)9LI!~^VDgyE>q#W
zl-nr^@A=DrFBkxYCL;q&a-V!Nxi-e2Z#nZYuwm8MUHKx%Hv#mjk;v^Jne8{k5yPQ3
z-wQrhRyNl(z7q}4o?>vw&aSN5F%k)b;Jf@H@DGp-D<>~S&deT02phxQ_70&dU4k!}
z$+*GtQT0UE@&W;n_RSMZ{pDp6qNtono1M&!=@;agp+xqn@l+%Khl$n*J9pH!8B!XH
z%IH3xTQparIQkm;?GIxGVEn98|APD$nL=PTnUT`90_21(er*ir%0n7U%j4N@fLabP
z#spr12Q~0(r3u*AP4nH^-Pe=zo2lB5-p?8PQlY(dze)%@N^&_FGoXkg`2vwqYUuH1
zHGbLkG27$yf~|(?V8NK!k$LjX8@Z0jbF6vH(JfKjZQpRW0ID0}ghsiU8LE`3J(F~t
zs}}GhIDN<a{C%k6`1fPfGc*!ty9b>04?-#w?4Qd~NX&$O$=g)I(+KGORJfJqCa}D`
za&tp6=lC7%hI$enMvzxs?)r@J95b97Zw`ys6JyK$&@8Iw`&ws201i(8`yj)FJQOZ@
z)+Ai&$XYb`9q8q-DzH1B)X3863BAHc(h=ac0Uj5NM-0G`JM``@l89XJ$uwDVq<daI
zMYU$eA&Kylp2~aYA_jV59I?-AUl8QRit=m_Z9pFLz}>L32}w&5bxf~oi7cQhIB4Dd
zEj;Rir`)g&BCl4QcokCw?5cyfO%35_Xy^CKC~{;rEtO?2vG8{&*1d3O=?@PEGk<6q
zJ>sxZa7mCm%)!zxTaQG)WL=VroE9%!d4!f)IV+bIAE@0WKaf6BRx?P@!BjamSvP+3
zje38nCNe?5F5vk*@Zc~&4yA1t(y+2)W0B-&nu(~?(AZzAG2FTYfkU&I44L(|)mnX-
z4Kbn*oC&hto859hJG>pdCqVWtK&~x~`aD@mx6O#2|2DN-Pt6vRq0-#UxG%8=xu&LS
zGo4pk*CM1x8w_5ib568_L6kt>uj}m0XR-aP&r6>Uj(BPLUbyC9HMD@A#gi5^u;`Sc
z-4R?-yz_>pK<8JexYi$40H*i<P!#|q$lMD+Krx-aQ0=~V!N83+;wb#V`lTz9*aJJs
z4n6)kezd}EAAZ-t(UycD;c4*=Cu0qwV<@6%0$0=PxBc^t0|6mL_{{4OocxfvblS)s
zzg(Kje7?0&Bxvgai4~)q<&u#nT&pEnj!DxgYU_A)%2)3>muPIC??Lg0ubw=ilyNn{
zP={Rnf56LBD*=&6G3sNLsw&4#=xadXBTYK+8!1L)5O=Jqp07##oxB*-@o4|`lOFWW
z5DMMy=0r*)U)WU4PO{#d{4`+}XMd$f$xGJ1ijGEQ<Z9^)_RTGkLV>LrM&RA9F)nnD
z!1VrScIH~lBgqFIbbz>l<v9O4LxJj2m&_*xy^8KEaD&H_PK{1I49%gWhs31zsz_Yz
ziN<hb$j{8h2OeDiDgMXPIXYDOcFZ<Y4zINB-4tqO0Mq(8GqZ=)^1D|S!F6w!cvih*
zcSX3hWNWW9HoZC!lcw!m$0AYBMo}^$PGmkwUejnd-g-|ouUb7^0{Q6Yq?Hq+*z%Zx
z{x99W&xOKf8ykcB@8|UxUYkX`T7yIUuJeF0g|iNmK(ovI(zqNc$MwM3>m-3jJAQ&V
zdp8Gp<qs!G!D#gnTL7;}rOn6H<{!sxQhExB=jEU?$n8WItb4sg8$>mmmvw^;xg3`f
zUwqTfqLN1!$dzAsdHVPh7T}Y&pGLVk3zvR+y<%lhabfgOo3^j)FCeZ6jGI4k@%gRa
zt9le#NjXbbnLpdTc>p_lRC@q8q0DtoW|$p!Qf<uZ-=p4>Y@gdD-g{`=!O2MO+K$^B
z_oH38y*r}2-7PZHbt?uCJ6L~Y#!Hb4MrKsRg<3VOHqu7)c>Q;58J-|2LY2fGrbWe2
zcmY+F9HVCchOK$l79W6{l9`_bbvnO%-mqP(Vb(Ez*D1vRekn=UuiZ^p-MeExTyHMK
z_XNDiXK{QtU@H4;FL;rbE?Kjo(NOHGMU~FdpMXV=ef`<O+F(EIxSne4?2S&Hm)?T5
zcS4^?vcydl^P?ectL{w+0r%2GKZUc)&8=3&8`+~9cQEBY3vMHC3}k~*Yj=6ML7$XY
z>aE-H+{ZWvnMsCE+Nl0M%=eh?Dr&vh*$92wq<tn$c5zdTs6iM3wOb??Pj(d}!R8ay
z0~}MfmZW|R8VD(+uau~JZV%$e;afl!hC7LII&<$;M$5b}mW^#rJw$wo<C=KlzWrcE
zJtN>81_*^MbU?N6*ShX@&3_O)fij|;^^cnEzjsvncP7ez)YT{D$N!B%)Bp7AfGX;g
z^%4m7^>;0M71bych{spOxPvP8^*wlxDWR-cn|30<ccECJNu_IBhZ}!kXr@{PrsOs?
zN-Veq#exUm1M3M5Cdp)E4M6Wd(>oTRm0XmSqW-lP<WcRG8xDrD%TCgAkE0P2J)(nb
zq?;hc2Pj5%%(*$nW#3W#^xSRgmQmCEqA?&KI##!u3qhpr(Mg$bS%6ey8v1VJs2FOG
zp_9o;J6aFGdI|jqsyW<s396qva&Rz&y1#x9)ELZ3nGxafw%IR{>r1!;<qtE|ib3jg
z!Y%nt0o6B5hSG*GOF*eg_ClkA89s27DivwRN(F!MDkQl{J^1}Sy-1*g3K1SVT1Iz;
zVa^_hNbV}J9>mSOR!+=QmfNA}Fj<E?*W;~>LmSvr$^#V{s0t?o>E}1I_rDnBNmJpk
z_xE(wUaApfjYaJkZNTKa0dV)><#;)Ru&rt{0u|=vp}hs?6I}Lw1aFpx`)c7_V-$`N
zIT(U-^#!SD;*YS&ui2<_WI1<Mzbj#quPc^mS9$1ugSuoCSr!8pmNn1v?B@C$Ui126
zzE#9PyKOE3P4ey8rfZjv`NkP-2>9<+oA<P`4EX6k?8F8=12>fOLg4~9G>|xFyiJ$4
zti8mn#ky@{8gh2y5C<^{*1(m$wgt=IDw_Ta<vH)#=d&{sxKnSbxVEA40Qyl1f}1n4
zb5D8Dv8?>v31ntfdMxqx8SlTle0#?@c4nq&Aq2lT@Y2i8EViu54tHa$<dn0S^on&{
z7tZn*z2UCPol4kS1dIIl&0Hh!lfnyw{8zEBj)k+&=*ksZZW3h4`Ma0ezD9n9K5v$Y
zY={_n@P1I`M?-59u8AkZHFHV~R3{{^ekRzrcUZ22aY}zy9AI%0T`V(x162UO8`h6u
z`Q`XX<69=G#`R&5X>fVw_zWjp;3vf7*As5fJn~z6jwERM6u<R7`fLo|k~{@)y{@5&
zYgTxv?OiDcf_Qge@8qu<QJtskx@}Zj3UZurD7%HV`wjWcX(iO}B&IZRdjyd)g3}Wp
z5v~liw<MNx;N9NgqV$xTUGEByd9trr%TaqAYp>*x7nXZ8ahikjEzw=G_AYIYzt&|X
zRs3xSIK*L<J01+s<`M;>lI;+97aCYuhP|oE{^tAZ7&|5W6zd=#uoo`W;_>xhzCI==
z$rtsF;}_%+6RVISvt6Tj^J$&X4Y-i-M)zn8O~KvyL)IzgP7w^p*)NWfCaad_8$Ah9
zoLX}Cv{RS9d1jee!_V}EL$dA!Oh4Bz1&~{4Wg~RSMz_Ibi?G*2Q`p6}WGSQb3#xkt
zRuCJ+sf*WzW*j(IjMMvpR7!T6yYH}KiT%&+4NBQnCazzxzf!@*g3`rEi%Q&BuA+UG
z%d`=jZRfKUp{Kda(@vl`ly!7#IdDAh!J0P#_p7`OMW8nUpi8?;D|o(IMlIrr?4%Iu
zbR_~j8m^(idv8%(Q5TGh?cU)#1=pR9f3IJ4S2aO7%>G@nE4UycVeCxE5E>kk^Yc$1
zytXPx46O}JWB9_1ldN7LJqjmQqv;8eRpW$gR#49e1*bUzL&d<ch_zg$Wh-F-5-_jz
zFeD0dZ{bjwAmgv#(8(3qAtp)pZatRGe_@V3F%b(R^}$`zvk`m#LOK%PV3_wmMbf)&
zl9A;DfUIC2p<qoYW@3hy{wYKNc2uv~xy*6>6pm$~FGpB!L|-Psu}2S1IRWd2b^jHP
z9q`_J;Fr}OzX%#5ynm9+Bl?B;5Y$LRQ-bd10Ywl#hR?k_@E(fbl=@OZc^@i8l+jtr
zu>LH&0*y?;S?a>6J2_Ac4jc#v%#T0tYS*qa;cJ7`Yu0{LxPC{CDpV>|dcZ(=hW>)r
z@moTTZS~gym$dAz)xEV0WKTtDSa#pdqs2p@L>&b5<?^s0>Z)Er{&}YTC*IMGpRNsH
z>a!p6Ia<`1(S`zW><|C`tEmw4|A1qURDmn&`y^+%nC}%_ll?A{xT@@}EyXt0NoOW^
zcjItPZRb{h{1<F7Jk?|RDk0quOi;yHKLM@_tP>RAW`Pn_sYSG5cH)u2CAp67@>po(
zJHioi`9>Fq4Cm(js+@seN=(CN@x_DF2ZX<mMR~Qt7N;fW>ECP)l{5zyN=eq7eGYws
ziC6c0uad0ly&(ri%^vhUw+SeF>@f~>L3~+HP}fgX66>2*oalYsa?9b%bP$MMWORi&
z9%}yX(mHdAC=h9*5##8M(QlKjHyRH=Ws>`$9DXKArMqRVA^B!vexPeFjxz!q@0A%~
zLg}D&*vB#OMEmVQL%Dw$*$eFtF)(kCB5a=Nu>*<Q=|=ENnJqVwT;h%t-N6lYLyvyU
zH`S?%7|RZssUBMpO}8zbnkwq2g{W$iVje=hx3B-!UO{z8w@TGxkKj9cC~~r&Hh|9j
zUG9W)(XWk&Sb}$59M~A;H^er-WeGF>=tn!5GXWEAnz-m6#4HHO0>I)<@m>E<3~p(;
z6KEc0Y%=GX?)bM*pHgR4l<S@D$H&;tx_g!v6k)3SD6a(6n7;)v=r6Bf2TyJBrgha0
zKWxmaN6Dc_L2bAvKQl@<>X-cjVdVhm3%>FL&As?*Po}q%U?1lH`~qCyUGw}!cvA-4
zR=O9{iP<A!0=ZWVkO90P$@7p?_rrET@$rm-%f}>1ze9muC;InC(9a|ezCnQbhKBw2
z4j{D6go`IvTVO2dHx~;e?-72pC07OgN^UsRS-)0AEZZ<PXqxt_xa|%Nmb4;t3j`2$
zHjuZAi|0Onl$=*+l79$it>NnuZq13t-LQDpDc_5EgZ?g=s<&{*W#V45r}-^C`Y*rS
zMJuf{5*Q)n_xSePkiN@1eMsgU!t<S<U-C+V+^V<JJ+P=4wiwx9#Q>qrZ+AcvgUqRe
zG_YB6-C&Y3C))$($SUz2P&HqkB;m2oA$)nWPl?#YFBP;;IhQ#_e(PiF%(K=NeZDM<
zPbKfCkH1$rTDVaEhTBq>uv2vdaj%N#_RH8HYok;Ehuz^i`Wm%Zuxqfyokq1SciVU*
za#h+kC`ltHcoX^4a*3NZDIE^llyUEw^JIRufqUXs{dM*gT-bI{KMqysDe~iU;f{62
z-E4LS-lUDzuT|OWc4G%BmqB#n$$@I$j1~pmwd6MO<cs7hI!|Gf9vRCH5^Up2Wu1Q1
zb1`SEn*nt>BFdw$%WqNw;9&k`1t6CUez<g3ZvW7H@ro_BEVhmJ<61egwY=vX`o*D#
zZa{6|084p6zj0ANvi&Jx_6O{9pjWqhdt(&AG;Dtm`c>90=5QHM?n&A17tKwW;d6rJ
zqoed*JW<A~oJS5UOGfsM0j1UTFJ>n5iwVzF-TUKs*}Bx6mE{LFOH=-;^UriQ>#Y4H
z8t2Bi(98_?nvcou6{sfLG20n5oSch*eDr;VqnYM=a;tDw2;{~pVVm|Ws&v+<g?f*#
zNpQxS`;A9EF?my!jO=lj+pf$#yWxj@GtVuOoU<pjI6(e6lJ#CWIXB9bkKAStO0((A
z_@;(}3eGA?aCx`a69s4zC-#NhgZL#D4;BD#gYflL@j40-2|!Rz7rX?t0<2`O7RO#b
z6_iW&BbHHSn2fM#*T|%9OhWuG2uQm=!Lp#W^rh|@#!pN>>d4;hMEg5jtbHFuG7qML
zmmFAi8m3nUXR?HlQvET}`Y}X*pb^ym8Cbskx^dO>BD30A@)PXVdRTyr%w@rQaDoOB
zuN`5FSYrqE-rkBX+nhN+agVq4VD*U3RY-LCJ}sP9u98`^g6?gYL+t0q$}T@y|Lk$-
z!H0?sFWqK2lC;kn`$)9XMsWjHc5HRa`Q?J(Eah@(&{cEnFs47!Wzx+hOio8S7mSL@
zG>~FU%))fSn;y$H-QZ%qs&&*=u=L|spAmSTzAT$|`<X>Sq_a<FP*S!Hn`*FpKKaDc
zwDk56=jKKH*A4B<$mf`H58%N0yG49gM$o!Ft<SW4^IiKU!{2@E1QrwD2>dQ2KGM~B
zruxhs*13p8)8}{0VP0O_taKZ6v9r{>KF-Z;JLnznU4?#Vk>)~E_r!pd_DYy6>@j**
z<m!-7bj~-nLx+B`gDt;Dv@{uIx4Ese&Xp<5fA8+xc$;KpzLH@G8$ke$Pep=M=aF-S
z66X2KG%=q#R0N$EfnEW91sf>qDe=MnTb8a4ywI0%t{Fe-YUUeQK2}&MW`vIoWsLx6
zFfU#d|Jq{@qOjLd|2=HJ&POk0DicaOgB@YgD&{TC(KyPc+A53^xRHO9v<A~vHrST-
zmtWWe*1ot?Oj>(pgBobCZM!%paz#l>r_qm-QX^pXtchMOFA+lY!Wy#rN`&irb;=J^
z4FVg1amulwse>)~f?guTUmj)NRx0?dN2&42>?5dAq<fio8}z|~DYz?@Wf<WStZD7F
zKv%Sy+!+=sGska3x)jmq2;4UCEL!Erw^TzNn?G(-Okefr)xlh^0dRbDT{IZPGN*fq
z>}RJMwL>PjSwFuX0Bl<{kYDy>GR-EHM95nD0mBs%w)erK7%&;5(7bhAYYfnM@1DSG
z=WB^_nozOpI_KY(^y_@4TEet;10fOkiadbV<3-~27?Am$`1XDklY~vUzes;nfAXI|
z{dV4;fd6L_fGw~TRH)c4y-Eal9aNKE!;yFk8lN64rKn(huL)ubaUdubjedxqr`ksZ
zX=uki>^E*OwO~0uK>nE1VWC_k_Nvh2&sH?whtlDz4=y=sUnm*sQBowFuPkdT{mC6f
zS`*p0*9G_hJFHt)FVzHY&uP4z&lCT=;76c=W}(iJ;Pa=Tp5QT9$%A4&a~DazAv;Y@
z5Xnll;YU9jIhcGA$4tGC1?+Ho&4(A2v7v<0E61;TMs*zPvBko>ZG-2Is)fZo`8rQ7
zpX?o=Euv=<9vZ#FC*73=u_j2OhS6Xy<SN80e=_RY6BEX2ji}0!JDlpJlJF*JC}NkI
zlE8UT6?)*a*C;|8&la*b0+ARS7Dj;2`~Ap{I9Y#-Xx&$^gT+DJE5i@D^m%jruy~bQ
zZ(u{YojUClKm4!Us%Bo><3O^tW&OQ8OVs-gw=i~y`7Z>H{(+NzcuR%(Q6PNbS4Wvh
z{L_5i9;r1@u4)vUeeJ8b@CzG&qn^9wqNEnA1r2kNRG?=Q#+jf(>tRk&@XI@YS!Yw)
zpROl?Pp(;;V)AM0o1sh<`}|t`hK_1VT3im)aM1D56&&P;TggPsyX;S;^m>sama70S
zOBJRH?R73hG8_CIwDueG`}f>ae_AuQylB$M3*b~<qVSh*?W)B$o^R!SmhVHO?#idx
zlM1!x&Kol2eCqRYg2oJKyc~6H-{X)kLk`Y$Y;HAf+4;nC5rssYYwoAh4e7q{2CO6H
z*L{s||5;`(B;yoPeS!X`9n!+|-=M3>vg3ejps)5}evaw_eCwil(!^$MhOO*Z!+qg-
zU|la_k4Djm=6Uk{F4kRrr)k2d<n-N#M?vO9au!+gn2d}pz{j;U5er`<2e8)g@;_K>
zTH|6aBt>$b>Ucj^@xk)SRgzM!1ze{J2k%=1HI*roS17W(v>Z^SNi-)9L$0(At2<v9
z=b06tnBd~tsDFBFkvpm}6%#%3FxvpktJu1#pSJvjqUGJa?fr}gp}&R&F6t^P?|-}?
zZDB|c(6$ozJ=!*OeqDJ$%v}?6a57_mo3hl!{FR6Jjz>GZ;D8$>|5ImfRK@Yty_MVF
z5fmU1ZtLlu&3+))CHpx&lLLkwwhW;i<V5v}Ci6?<i56?*{-x(P+gsNl)FXR=V&R}&
zHY@yrL-=sa_+uBp<>Fy|rP~&Uu!6TsWa0_%CrZ$r+dQE%gAg8B=jYFsvPHK-lGj}u
z6SSj#H`D>1a9)^lA$MBcId;(9w{uSuYM(WcUd4$O*1-wKc`a(|Ot7H05m}&2O5Z!B
z*2tu@<{E&XFB-sOd+s^EDtu}M+Esja5!sxx&i6cKTYt>(X2F=*x%|b{9ILh4Zuj?-
z+uf3-0`i(&18c4!i-~`iOG>6T1(_7A<%iKC$A05g7xJ<^N6^n5)L+HF6yFZ`UohF9
zr<kl;-N;sY+|!gbM_1S(mov*&WK{Sbhm5Mu<6{%O#@fXf;heP<PkEr#rfc5TjO(`=
zbB%9y>gXCP$#D+s*7M9hTm+2J{T_&E`;7mv)jya;5hWT3DG9K{dZFb9k-psJX3Bkj
zd|4XTT!Rb45pP2GvK=lHvf~S7vN(@SQJl)1J>dryni(tiYRB-SQii|3xtM1(hCr!%
z5_d%VNa$p_&ZYs3JDj5M$b+8KKl@1leXb(K`^%rz#o*EBonI0z-*2ZzZHIN-7yV*m
zB6c|-x2v#YTny@*VMSOnC9QJj%i3+#G|T<K%$&*2EIs-R;b9g=1NVnwiwm01<S2Cy
zgubm~**j^PoXVnMh3Z26ayvYLQ_TT~W(Igt;*NyCjAfMCoE*pzTC}ow0;V@Cm+c)Q
zbFvF|6gHmH+j9Hq0-fdrOYVirJ4PkJ!{|XN%jAOeVF7if0D~5*a9U~cZ%Q4V0uE;i
zcKgA*{-Z(7%^zRrtQGPh*^lBJRKJvwD_IfHx6#*n<_;TlV^*kA=bo1JBlL7$M<bd8
z9`G;sAF3^vB6v<fbZDIyTzhTdDSQ9{a^2|p%A*#QeK_7dm7m?cNl~~N`bHVnz)mz=
z{C-fl#v5K`LSbOB%B(N^hN(BShNVE(nZd@Y`kM1E;t5=f<o!Y;9zQ<tD5?J09h1ho
zt?^*u-;=M@W(SQE!Bn3AJG^#1S#}f+qcZ$}!t9lRs@>2G4MQ}m8vusYWs&WCHzWuD
zUgfTFUZ$mSX^XwehRDI)<wT1Q>p6343?MBFHQDA(4{ZqE6b@CdK40?8<#pzf9>=Yn
zc$jHkN_ZWUK&7Zr0mUypDwljMf^W)DbNS`$nXa|gwe_&$H_={C=BW$9w4N?g1n7GY
z9`n01B17l=v-|NUkLYOm+Mditt7Fw*b-xrJ*@dksmo3vb`<``Oe0w8|dvCTu;fkH_
zXyf!t!<lu;(i<6%A3UCmeQ;GDT*No@=J$J$u~-RN{af&a62GbO{!IVOeAlR!L|V>w
z3yIDInp)MS*`<P7_SdWAgQ7)=nh&$J<#LXn8;afTQZ_J|nl}Z1W9%4oiL4s*nlc$G
z(<(uN2F#YYnYvE*oOT@+WgWSl_cM%pak-Gj2x{au@UXrd`ohHiq&qDoh%KHt^U!4s
zJ(S}T_!!7t0L_sR0ODFy;R1m(6`+M#&QyRWj+^e1@#Ua$fFs<+=0C%`<o&6+tP-++
zTyVHU4|mr0D9FkKHuYh}TP&MS%;%0!Vn_3HSw8a&gLPP7e$Bw5d0mS6AFwy`77#$d
z7qOow`VR93C;aZA(Y}k-1zVlLKX!Mq*1pF-oCUVz|D4>N4>l-}Gr`l5Ar-=ovxkxa
z(*Iz-YOXL|TAefEvDls0I1e{&cN#sHTyvpq?3aNUW}P<xIsSdIb>xYgLH#ARYxbs|
zX2cl5AvrmxTRIHK`Hd|1-)FxUC%Ld4`ess4^jN~k$gtm7)*!=QKjCk|p`8#T9Q~U9
z)T)Eo8nG3$z|IjU^&^e1uTP7UbbMEQwCIUDu4zVn#xp>`W%a!X0OisP*M=+W(jbZS
zORg$wE7#M*nrk6v8hzOTQQ=GTd&~DL3Z!V|+-IknC<(Qk?yBV(Z0+H=<6CafM(y(<
zVr9l;F9MLjA>J2PuMMM@g{|LV)JWw$G*jdKk;gm1MC*XHoM)<=8tCgO!yBiu`QN6q
zB%R_i4`Y@ANVV%&*MD|1`R=_QS5NVa?gUw=K!tLMU*9tW+m|zfjuqP@h_p*<8mVvc
z_2pbE;dEtC9-*dBUV4$a*~0B@er*TXt%%yur#l(2eXh4sfcI<ud8>cC5|ZQltGYaR
zKYuKbP@(cvP~Au~@cIn7<#mR&UrnI^$%^WCoR~%t3vg3n^Fm;oMwRZ@rYh?6mGbof
z{37^LmeAxlr?}KsFfnxvfe`7XbVE>od-bs6n_iZ4KOP0y51KX}RZ;ASGn;mAyqb^8
zIm>H`p0DuwjZqG)m`$DC(>eO#4HwwS_*|H;tAAwQM!MOFj>(BBJW{jfe+`(u%^hZT
z<uV+V7XhwPVjkaOSH{C!mpEfn8n<5K_A8WeQH_YeoU8nAL1Tv8#pX#vzqYUu?%npZ
z{6lkVs>Os~ILDLbz(7oPsKh(ZXxCfVNXaI*2Gs*Brplv<7EqVJOAsF7G33r(&sfvT
zJ#0Eh)_9#1Pj)+hjQ59EVncNJx2qo*<)wfH`J>lWOF9~_$|+3sm)wkytYdYUcdV92
z?mJIf@H<bBl_lXv2C7NZ0TMBbt>lA;wH}AMnQ2n)8k4CUm`8Im_4ohQlEsWHmDAwv
zYC3pkRcCB?M5eh}p&;gIZkHD|N$<KQ>*q$^s=zM$|2y#5mINM$Py7o!#`asF0S~!S
zH$TBu%I!zrExP&uWB<~Q?aucVM2x@xF7B|L()9SXJnx6cE|Om^U65Ga^YBu?L)E|W
ztKU?U!L`}_!hm8%t-ao?OfEGS)ZZDV7jBvinPb?5ZQC*so<EoCV8^3)JA>hZinG@{
zOw6y^F8x2TnIom8K7jLs^Z=!EwHs4_SyyVc)Noo#<bc8_VJL}U;W%Y~Y?q99oO_g$
znLA-|BiO5q;;B(J^R&fr{_ESZ$1_?XPQW_`UH6v#`$A-}WaNdm#?rr*wbn}%pWXQ^
z``T>N_QYsG`g_6OxYfw*(OUdnVFyHyXos3t%f!|DB*TTs*!?Z-dn^urFLjAc1D1Ie
z>Y;~|`mwRJG_JFk34)Ov%lc|9$S!$S%O3CJd}j`GAHaKR2(WMy=#j2dzdxQALwx~$
zt)*|}8sG@6MEeUDI6KC6)z%&D8_+kuQ$bsoWC}}UGi~TIbVN-+VwXiKOTYi&Fj2y3
zPch{!#w;2feE_x6LXXXO^R^OFeC#?mM>lD^oVo+q#XMymAbA6UKi_$T+e6YGt$y~k
zW8Acj?gB1GXz1!c-atx1?vT0gjwR{cc9^qTcxhwwIyuOqv~OBqx>q=%DU@iEe&}bF
zTa@w}Gu7AiNu(`iep8qTCmHOlvmt9*%D1XdO&D1GSzge0u&nI?PMp*JrsGe^(Q;K;
zMizQ=*CIS`2gG|Ln_U$5<4mmm!rXng|Aj11Z2yBS2ald0%frr*OF!0MDTxFm_N_wN
zdd!*<sw4;E)r)xQd*XQkue#41{Z%aY#q(x895o4Ic5;9;7i})Dyu6gU8Byo<Z1L8H
zpIA>YG4-0n#ljIk%#Iv}V@GaoH2VJ%V-|cF5X{=iU`gS}!Km9X#Q4>yp@F+!g;T4n
z|6hg-K+ZWsPl~^jH2a?qrq}Ofy)z5*a<>A~_ZInoM)kEo>ulj=$3gmJS>*DV`sLKo
z(&dv%Qw|8Q0rN^{fBJpjlVm)S9Q<SQpYaOdUn+C2Vj$z17T>tF0}kErm$cH|cbkox
zCEF}}N2jAfzRw$Y%+ph<(L#7%MXs^o4X5w54{LZ0%Y!jz?p_53dPN80*PPy8iVhVm
zY#N(}>gJeaQHp1#Kdjih^X~p=DtYfo_2;s9ZO@<9321g884Gp<p-~!BYOjrY2K)_F
z4xT;ruTChSVl{lNvK>mK|10rs2xMs<w@@w#;~K7F;WgI4WlhCyQ<dr<*X2Ljs5fQ5
z*wkO!N{h-t-uELV9xq&HkU0O?=jdJkimGX({;>HIsm!sqSm(mCoxwrQb{?{V+zmUH
zjsU;=x?g9o(v+$zOQk6+{_Xzy4Hd6~+7gqP$l&rf9_k&9x2d>oN71A&B`f%;-R!Qu
z=vY)xW6|>*tC<jP9}pmm&E`Y~1XyVT5$A;I{UNS2xND#lmKd2nFrg0}@3X||zESKg
zy~TJ;2M5b4LuUpR<K&dYViAUaxZ`p&g<zfXax`^OqbpB<@taTe;R0Kx@s@&@jfy!;
zRullzcffmO6l=kO?}v59T1)2L#eY%0-<6r)CGSARZXfwu9C!>j+@<3FGnf&zaGL(_
zRmOSkey*T|4<t8MdDEjol>NDb6DFH5;t|<Y?%6ZxyZ#|<U)b*4a@vX;91r0@V)qX3
zXd_?|r*F{<%rlgKrokvM+oXdnti#Sc;YFuTkn<7;n?ZbVWkXx-k+sLnTG_j1Y2yoL
zqleLTla;)jC_tdqKh@XCfdr+43tkFv??x?e>YPrLZ1MZ51ScLoy5O&1Ik@H;0=`oX
z2JX15t8y7_c5u}wD~S6yx=7)5)mp30UD*0rdz3y-+zIj;3_xie<Ip=+?&{5~jGzJF
zWCq~i;W{Pw9NQPSkJ7p~KfM`C912!}Ib664@#6|$-u3rUc(~wVJS-Z~XVekJJ)t!h
z8O+Y_ZtCH&SHGW)0n%p%B)ig_#J_mp9eali1(Mb$Pdj>fE<04XGx-%adsw1VK&%%a
z`XhZpj{X^`HKXvSYex3J8I|=vWn%n4`8seUnB-5gZ51`R_<OVc$aws+Tc{W(Fsf%i
z9(L>u@;hDyIC@y2n_n-(*a-O?|LUjAunVG2s1=PSrboi3BoNq5ZM-m<dAR(qg3;=u
zLicL@_ugl@wE$Bc4(<XJ$l=MeM7KOA{Q4?{@7C?i!2Lvk`7zBYNxWc$df8PwZ5&vA
z4YP72-RRu;>RoR?iIPS3!WL+lO{CXOFRjx_eGYxuq(h@Ie0w7qZQuH)a%&9(LBI^D
zt<M2DeDzHwa&C|*U%ATaDQ$B?`DlwN58MlVo`L+Tq0A!{q>jl@JM*qbWq-NOhkBT-
zu3l@p<FBI6-QX3`g5rS<W2(?NPVKL$)Eu$LpJn<}{}A9W3WS5$!{Zn45_@#04&o(i
zbknRN{4Qg@w8eZ^OYyD@AaQue9xuxH!<}x-70kku?!lgzF-6D~o@2d6=?`R6tr8}C
zFM)8s0b%;sc(-Ac=04QU4`|3JY2OU~1!_6i9=w^C9pYh`cRA*@Vto-<=W5RxC!T=*
zxA-NcN7o=(=tthZS^Rc_JA<j%HjRA=uzG>Y!K^t=GhnmxIHfk6$2~Utrjol@ubI?I
ztBbR&cw(7Ygq`JV(-Lk6=AgtimLps#tcq{(pU&c<CCk3HBC_~MC^xT#p?Mof?xi){
zq_g#hT1aQyRni$}{EHP?P*lt_(BUCTJ9y=SK9vV$W%DiXhHq1R1XpA+guyb3t4NfY
zd*42@D4okF(zqSN7Lx4Wt5qOkn|tmqx%S2JZ(G*tdT)`nu^uu4)^p~ljO)TL+fPba
zRWEz^KtS-gtMYaUVl7Fc;~7Ys*2^oi1oXwV;to^3zbT@)DV8v18X6wf(s@vN%zt+d
zA@`_aNn$`}Tj_#9^?0)_>L&~QqYyN_o@w!}NB#sQvdIXBx-ld*YoZjRwcwL|gjnCV
z)oWTqD?0EFtQ!q^&V{4mln|ChixLag1Qes<G0Lte8fEsR6cfjev{S|laA{+b5Kd61
z3|?Ow2?6anMNrt1IxcmY^n9hFi`O8~dm*N?^z@vjb2p<rXbZ`Wnc{}S4Re*|b`VhW
zISJAfExi{qW(|zWW3hf5j~9WoTQ0%I1L~h)>Y|0L?Ia)9DHH#uzsT>-jf75NAa8A$
z1JnT+^P!L3Blzv1ccG%K+x!m}+OJp5M=<Cd6xGQz0R($7Om{B-zY*-eJ_{D-0w&6Q
z!WE`PU`Va`Tm6a6?o2Kp{W!AMy<Ym7Di<*Wnv0;s^CttcFb12+`a_dy;L-6_J!qz)
zDK+0XXm!sa1J*a9<w(yNCC_Um)DfP+w3uUKn_QT}h=u>!`+NiqRz8#clv-t<b1>S)
zg63_@;e^uozqt1z@FDY4?)?^aH6yRl1XS1vVLrW8S<awl)`};{nZIt{RI`gTO=7vo
zG{LEylAx+brHY2QC75b<Dyuo+M{93>`Ha}rPs#poTRc$>g$#;Uhc2sUY?fHRdpRUi
zl5^Cc*IX|ubYm(kP0iVXN5euYj(={(2Mr4T%cb?xCaPE+cBwA>@?L#(aCnq{my&TN
ze&j3vk>x=8c6=Lauj<JVpJ)e=KjF7qR2KS&0!z|@Q5%a4;8*#z^r|{x?<Jax8y6@a
z%Cgrt8I|?W9bk&dZXVj=d#SMUmWkd_3t8$V2Y^Az*YNk05`0V;npPj@4V^`1L?4k_
zK0Nnqd3WS0yf-zXo^|UqIiak1SDe0f4?ND~{h%Q)lzW#JD);@D<>NOxo3?vako|AL
zie1uG?qMU}R%W{YowZ*II%Vx6fk`zwvQN3MFEYhZ!ow#!;DpD+RGq^s^}5%FS!bAB
zwU+2;Z^f(%ZY)<is}r7g9z-4M-V{+Ok-`c8D~V-M8wL3M_0#~LpAreZ3NH(NTwS(a
zmtNN#Q<&}|rj**?5;>HB+28`fX&E(je6w^*?Gz86FOm}qia(M|3w-SDC64c~5AZ;r
z*k%M}^$mo3yV|fEdjNglA*r{g_jGB|Kj__0nNL>{pTkS<P_?=d&i?*Jv%ND)&IjU?
zbhu-|qwrV&aT<mF3jHluE6zO=Gu!ij&cn<$PJ#}8hG0DRWXQO!FgW1c2b$~>Kx_gL
zaCt<m)|toT@>Cl^l2$YUvN7{agLNR(10t3VrT%o_)?WEk;bL<l?(MdW^k}jJ4CrMz
zU_1vVbZ~*?hjR;MUxdqn*@(v*8-CcR?TmmeDnJD=kQmXkw>KX}GPdjiWQkU6=H@Vr
z{QN}2KJxY(9366J|3mPxonw$DdO)ojV$!^etKXRT&Br+S4e0b|5f!eWRAF_E*gwfF
zGffR&q}Q>dC|zggCkT38lhu2&xQjTYGao+<HssAZ>%=}dCbp1>q51AW6YP%0yVR5H
zo?Zflr`UFLvDAqC!84wbIK)nHVA#rnF4DK{K=QvBE<bum^uIv%^$sw@2_hfI8xBU-
zZ1opU4Yw?UDZYlb4<DugVa8L5DR~;Qd&oF3#pB+qEnO&mWryQGHI9Pg%AE~f?QozB
zo7Z^V0rI=rU70;PWv$2~%lEa6bAb{-8%v-i>8S5S!l1``6L8OL#f)ceH2erQ1GEc$
zIN_2Mzyo@v3;p2HLnLWQViRL%PYVusB{Y*gm9ry?<cxWz&=o*AtfFouBnXs@pgRWm
zWYs$L^23QnaTL3gq<0kP?)H0wSyu{hIrKK$0HM0K?Dg(rH=idycr$qxYdo4D5)<%W
zyGdsp6w(h?UHi}N<!LI8+|81h0#h1;ZZcR7OW*Ar8ceZXkh2EJksbdrbO3)_RsU=`
zF&Vj=id${%>sgsXO3@nVPAcbKlFrWkpSnG>&iatOkbee*EXqe<|K5))_aZo|vj)^X
z`Lf8=X~)7-yCZ(qd-M5G#u6dTGSYGWYP*uk>~s%!xy~{pYl#?{qq&ur0OsHU4QJ#1
z@Ue!-B6|sB`HdctIc0HNP31a)W*-bob7B&gJtQeRiZmNazCCDNT{-J9Cvt172<Ng`
zQ0v-+d)Z^IE8)pk*I~*z<vja?O7vSiz7}=KPO|2h?p*U<r(+6CWR`fL869InD*q-(
zm?-{Z4vi}KKQxEFMpjN!28avx%I^%VRoxj{i8zQHebaDdh(c;Y^KIp$@fuiJI<5Vd
zTL-mHX6bC?$F=Up8z=pyKY=f(U}!%Q0kih0C~*V;-yI!f<^R%d8tHdP4c!?Zx_Z`W
zIyIXsG_zaBS|%RzY1t*lcJ%o<Sr~HoxzcrqSHOO;+xdIhFm+j0fCeWV^~EL@-pIP>
zGFj}e{`r4m-)Y0*Y~KwwZaf`j;B%SmtAH`F$+4XM$F#vXN48ak*=gjo5KK5z$Psgi
zHyaz*be*bW2GVHW3)6r2|J#Bp$%_8Dw%Mr8nuZukuSpS_hR#!DgaFq?0|Mj=ca=-~
zWZbV{C;qd9VU9k>?H$S4Q`i%qE@GR(8q0=$e|R#0ZKE@lQIJuiU+32eDJ8G(;oOt0
zazwWdK<TQO-6O8XX)EUXnPs?l0`&PeMN5%+R_ZQ5L9m`p3cdF`c3*wYu~!xtF?$+H
zLGAt3K1BUSKIGoLE<fw2L;H1C76-lDQ5zANqxYQ$h3@Db)Aj20%3~qWEY-#>_-6P)
zx|iYKRUc=6Y#vIoTnWRY+;|OWfHsb8E#eHX6~4im|N4q6P?1pr=AWBa-0EUT!w~X=
zQgmLP4nx4{+YEe(cL<MPc>!ZS5tuM=Y|Lkx$_%{dj&ZD}jaau$ytY?Sz|O(PHC=z>
z(2_y5w;=9CS4@ChQ``nHe?sN!<}dw@T!L+*d7PJL;;Rx3Hckqle-l*228a4`+v!_6
zC_N=m^gZMAhtqs2UZk$Av3B(j`dQzjreNu_r`kS=keQp?sSR}L5QZ*?9%aGQWt+=b
z$ah5lpf!r_AtjEIm9oTuw?HK6$olrkw=!kV9sk2uOZ;2U<(;I3&qf0dQyggs++KUY
z5M|<d-ezdyKa&%_Z%g^*GjP?n#>D?_>t^KhyS!35U{;YL7YaRq+*7MaoQRcQC@6-Q
zAe7Cd-wtDc1cSR~<jQpchdJE(vaKHDLYF(1;TR14G9bAhvu$cM>0?^(nRe|$4ZzcA
zDVvN37l@Y$^J}s;z7by+ervvdrO+m<b*;{RN5<@_R)V-`+ja`^Pv^=ya{eG$I6~t|
z2xP~0u?G?_iOjy-Cs>BmZD{+vPIC-7{(ONwGW%@a1Vc~G!xG>c&9z}P+H*U38E|n-
z>QA*qz)W;Bc4aF1L)!4>SFux%Yy2vtEbF7^jwZIlTvEy-dS5PW3G|;wEU>yeb!~PO
zQfLHR<%(r0#W5CrBYOE8W?`6^ms}M#nc{&VE?rIQ^F6?Th_~CO7eepEDP`eG0|4#T
zehW}KUvGsx?8`9it&NwfPCV?eRxlSIb$d?INNoBM0~PN5hdC$!6q$gFfT5P-WMA#~
zC9>U@iET2^ZlwUw;WIUG**~rV$BhhdVmVHFk8`)#ouWlF#{pa`7hhi^N6IGL;*-6a
zh$|bR#Ewjd#ULv37bxM0dAm^>hLh<)zKlQuQ1#`Pjj`HwjBA^{AHkH6)j6DeO$V?d
zc^;==SxXQBY5jJIJpSN_iGl)kCSv<ij2nH3GfliV%Ud>`?oX!m7X61F4#!WfW6ItB
zt*gcL_((bAiJ!peb2s*m@%X<k>N;@oPytJNA&Ue`#x)6Cu^y7@A>2<q{;!hSPged?
z52cqq(m3{cM@eXq=)k{)@{vn1MfY<Ll#VIi_a?N->@-7W5ILSTpWb$F{FeroXvfsy
z<0|3ja;HBPfCL6HsjCd@Wohr+mgedB{I4jjkeQgItWH0^x@Y51(^c@P?)x*D;t=F%
zRcJCZ(ASO^Bf<7^B)}*4%QchIiQ1^64|OAESs>L;(Bn3#Je#@qq4C0NCo=oSE5Llr
z^rr7jJUvqok?wb2&bW2Zlo-yDOTCTSiTE~RpyS*Sw@Sc-#rCn63q#Q$jZUltl>vWU
z6h<Ha=nQS?-qxh_K~0=T4R~H`^9`Oy@!xF^HXUxOW!+Be-rzl9fV@cVC5_5VatfoR
zjYtm>-Ma5q#wEU>t`ujJZXkPUp3}e&@o0ZD$-sDM*}}O~7h*SeIjJs2=jD1dW&}B!
zZI%zHM=1cS2AjRFq84>})Zv4qhF1M=<R>3}R&COxd7x>eSGR-JIv1<%IYObX90+aH
zJSnc^;}XM1W4n|<=w+xhZIs0?NE1K}e4q3wWiLBq1<<(hV~vl4UaafBe4*tJuaw$M
z1-uffAPe1ptP;=w$(PjH6ihrlv7fBH3EBHtj`5(Xs?x)XmuZ9xt$z9RF?t+5!&8$I
z8A1I6IH{uomtH&Vu&osQdmByDDku0Ht(j5YiHCx8z?82Y-eCkS_CqZ9PTy?ysjWk!
z!G12_iy${U#eZ(3>aiPVV7Ju2ik=*b-N2@-_Gln9n8HTP#xuVxGBoeB2eFZwYtylR
zfnI0pfu}C?4ixM-kFEg>V8{&Pe*P{xb{lyL-3B=5_-EdHY#Z{lZ?Vw0V(s22+Pvc1
zd%GVhxWv7n9PwB)gJ*L2&7@|Vbf<KuJDy5U3ejJ1jT^+3WiII_N(?K<rwvM!fhUMw
ztkH}<-0py{#|GC|M}6o|pstAYlBgh64$p#tT}pMsJoHXq)?NR&(1^7!77JkyZStnU
zOEZA881Qj>n_M)pd_$J>H=wRvUOs&-$;kExBZkn3Y<<g+Al4vpjX|}OzB1W+UuhH?
z7$|?;@}WHKpN`tk4ANnsO*{Wr0@HM0A8`1f=RqdJ{U|A$&_9O_YKgRU4RFPQ?Sj_9
zW9i1C@PS1zv9qt;T1_&0;T-@roGc(C9=!%B^id0jO~9U4D&X#S28M%f`ic|#^1E);
zW4f-$3>_cr|F!2|g=mNF#c#}Qy~40j96FHeHXRl&BeHMOc^dXcJVIQe?e+7hT!~>g
z`PQG|<|eR+;K53sKJjBZ9Xf1P+)FSjTwRU3QVKjFa9e?QDMcAyqm1)-MWCvDymXs3
zsWc+vGN?}VV=ohYZkl%6<;WZmUjU!7zLR0IpLh$0fnl>qWe2CW#FbA^jSIbJpC28O
z?J2+8nd|?Vt9<uwUQ3?`$;QNqH^!@HgqFBN3lsnnA@F&T>9xF-e(`LAn6s?y{^bY1
z|BRKb(m8vx`Ny)Bj?ev!oXb5iL;X=nmpC#ZPzGR7MwrmDmTzfd@{vyU32kiV;sg{b
z|0-M!=WGpFp6-gyaO~Hh(9zf2Q1eFDy()ke-1{rbpoc%9cK@;kSiyE=L8J@1e)7o4
zlC4PfymrRk;i2CBdI|pa(l<ImKvtj!z3foqvW!ym{9Knv-409%%juJ++CM{kocl1P
z_QfqTwZeC}1vp0a#m?!N!1ZW(KqB81RrgqMNol+Hccbd3i8`CG1?!`&c01Hmu&gEb
zW4dH31H4J4<Y&jk&>1Xiv%nxgC_Yn%x21^5tTuSm(l2`Lq}NQgKkz5Wc}f^zuq{SG
zq%)t4%)3Wp488M?0O-z7I>cWofe6;@^@q{6dG;TY+dk#V=>z=7(XtFMx1mgf05lKY
z*dEMMW71!*y7CGJhbjMPR&)x!<8eSpec(2+2YYqb&b_k<pEvelwjb(tp|;s&J!q+R
z&B3p8+h!Lw^+QM*c~+o%?MRXd%dv7U(WFU7m{I$sXp?Rh{idpD^maW9uJs^`wP{uc
z@UW(i(I~8Ry>%3%?v6hES#1{aQr~(jcR>}CQU=2xIV-RUMH>Uck<3dC^EkD5mTBmt
zEic~OFM*K3+KKb7_mET~NhVSQchcS+s$MyF3{2T%KxO1uEO(W>^?9)h)Alr4@EmR2
zW`fodf6Kt5J1>}DX6>!Px{Gb9e!pZ9G8c_qCCsWOhhiF`L0R)L15$MBr^`#R<~}Tv
zgnj$vGNY5+35;$F@XoP##`N(>c`EnFc#^L@utf?SuYrazLET%$M_$#KHVyh6{~F<e
zy9P)slnEC4^JWXA_MrN|v^1OeFtrne#1=#n#E7{oZnPtoy=x7JujL${{|a5$dsfiq
z)F^dZ+imNfu4HE?>9%cPte1nrSGVOpZjXi0`e4Nt=A`Jpzab}B1?pUxRgFJC?O`3w
zrs|KtdR&>A62=weUhi#Y%oqEhY+1MyoyE9vu5&vL@cAxiW!=Kbktby4>k`EVnY}W-
zmtFZ*V1k8LCN^rAkdasL>3;Lqy|Z=)VqbT~fw69hW}VLqxKdSkEu3J8G3&;R3fqq!
zXOjPlN|4pK6i^qO>oKpuW}0ZTP`lcZIj>63WiQ?huHNk5RQ0(<Nhu>(Z5x<P&iN>C
zv*w@M#!I>JYUBgP5`ueXsV~f`uRAv;dV25penA{`S8$)!gP8I(9NTK_WtulQGxzeg
z2(Qf?>ZtHuWR75?QKDT`-<6H<qffL9biIg<T}g+;<7}C%`l+sNHW-x5>K*V%Un%@e
zxi13G^@v$FpJ)#DqCHlC&maA2>we=r8pQ1;V?U9M_u&63Gr0YFTmD>Qy=PXarrV6p
z1Q3yj1*EQu9OLWDlKg*~3PW`-b|5q}aW6a?StUK2!2FOH_l`zf0>7)%HRGsg&GSUW
zn@!HtCovQUS2m{CY^@}tR<(Pan4)z+fuF#XK`YV8qiDOOG3$WoR!23!m~XgMyFFoZ
z{^^Y5VCWcjHFH*#{s}{uN?(=Q*ZyE`hOQQB(pI>^<mSb{7(Kd;eCVDS-04W4ad9B{
z#s~q-y6Mc@c~}&c%=ooeYVm9&GOw-^gPtQxcf7r1nnsf+m+a@{4&2UOuZQe?F?~Tl
zK`Bkc0^-ZmN)4UCqcf$8Xh@v>hB9M~RilgIX9hUD_Q5Oz^A@n4+QCpGduX<ezg*1I
zKzp09dU`H7rmk1OG+egGEt8zUB7H+y0kf{yKJ<2Ye!N#2WtPUX*D2O(wdFipYpK?O
z;tXAVo{n(v*6{*s5+>3zBIa#rx&FjJLDROw?vC&nx;I#8t0uFt|B07F*+kuJ!{O}f
zzhRQoLLJDCK2<ZyB6%kIXSct}v&SOaV1B!~9v~ZqZeI4cvdu99G2NvPmQ6|mh6oJv
z6O0XRs!*XO?v>x#pMnyeGGp~s2h}KXf-w5&3kBBwLEm6~n<c%n{!bVzBaz~yK@CQZ
z)IZAJ7p6rPXiKQ*xjP2skUMbk(SG1m*iwpH=l(7Ds_<Ec6BJ#zMN{pJN2f0(c^nnT
zX(qT@iGXWTo+)$YdfZ@bsWS;WRzX6)1wJxtJKBYA<~lD%3ZkY=u=pd7)usXWWh)$M
zSzRTAhZ5Du%Ai~1MTU569O-Sh+SCUo6x7=YFXKu_McWT-ZozsW{~WVcSO15Anx`LJ
zdtQ)k-qHwk^r*?yt;xV`ZpEE1eg5jhH<rp>TcIcC{0lSEv5mj-ejKeFA{kOjiL%7f
z_|G2Avg_dwFVW5aYr1P~Pt9)qF=apO8e2SJFSq`%j2O_py4C>r%t*fR&%_6uIHCZV
zO$;DgD42Mzmt|i+ie44ZE=eyY%<DPA=m#b`P^XcQ%q;~lY9o$@|3GU+#0xub2LgNY
zynlVso_~;{d=9G~Dwz0wqvQ6;3dtmaU-qY)F^uryfuX$wapD>qo{3rSald2B1hQco
zdV8OyBY;^!q>o!PdUcPzH+v0HQp(u_rsPhY0|WhrItD1)i8O$0hIe8Vy@qc9T^SLC
z2fPnSwI>zo_}{OEr%w|tvf6gYp8v?mu2jQ~`R9kk1rCrX2as-}F$aOsS)g-be~q79
zL(5e!Ke!vm>Cch@<IYe2z1;Foge0336jXsBwyI9)=FiSGW?=Rt-9bM?Sx)~y>i=6|
z;oiLZ>#kWDpD*j3{xqx3dD-;%Uz!p!8^I<uM1y)=|4Nkq_B;knJg-`BZ@WkEAh7#&
z`L)hF@7QM#H+;F=Ymo$*zBNBq`qgTF<@DmhOZQLzkIQVWpBvjz>TGvZo(nkTc}1SH
z;017F1rU^-o%(gxkMHh3*ZeguJ|gG%s4mRt!t0oec4mhS*W`$U)iiV$h3-AKerdqD
zOEV)ZKHn>o&@b$}G4qdxO$emDdP5X68nvMR=gluSzq?OAcRk(0{Y~$hTm8RPzy>fJ
zIJxuN=huQEIp6LEh+PwQv_EW{bR05V&TvEV_eJ0e_(zfwA7iSIeBrU1|HwVw!xwmf
zgUx=Z8&A*sQdR5G7Fk+0kN>FlBbz#40g%+mxSt;q#${(9EtU)Jkn_nH-b}{Tn1<b0
z%<!8P+R|<Ki*4Q-*dy<~|D*S5=->P;u&69hbla=Px~p>b|7K`w`hnAqD%-#5ai{;o
zB6)|v<Ik^Mmt6nf75axAd@dbuLZG!^e}2@GUFz2^*Tb@E3`h9-<^Pp7&ijWj%cZLJ
zlRPX}i!<SMAFwKh_?_Wg@5P6`z;#cMfZm}5vw@<?`hD+j$N&G|v3HNO)~B1%Afr89
L{an^LB{Ts5%x)~E

literal 0
HcmV?d00001

diff --git a/docs/installation/images/windows-boot2docker-start.png b/docs/installation/images/windows-boot2docker-start.png
new file mode 100644
index 0000000000000000000000000000000000000000..1c13577e51a551e861f520914b6bb227018ebdc7
GIT binary patch
literal 75786
zcmV((K;XZLP)<h;3K|Lk000e1NJLTq00UV700Msq0{{R3y<O>^00093P)t-s0002{
zw*vja1pm7R{I~=8wE+IP1n|gd?#6EVwgLOU1Ny!K{ICT5xB&RB0r<24`?CT6|Nj61
z0q)3Y`>z7-$7lGh0QRm1_N)N<u>kq82=%Q6^sEE@u?6|C0Q9s2__zlE1OWWC0R6TC
z`@0Its#^KI0RR9i^Q!{#ssa141OK!K{;~%5uLpqC|M<KB_^JUb001h0)c3Ohx|UM?
zy$t`VRsFmH_PP%BssQ`53e<or`ndrA)PVoO2Km4k`MnVPzY_Mb0QR;8`MC&Hs{j7M
z61bUARR95iD*)}tWdFMY09C5>wFL390{^@S002~~RsaD43jqlN2LS=~rUT}t1OO|5
z{JH?;tOfqL0ROfOAi?nWuK@kM9L%a&|G5JHzaIU>9RL5T@uvXux&i911pmDQs{jA-
zw+*WQ)#0K85CsGO!xjYt82|s&`>F@*sRY#js`0G^0Du7S$YA=uA@9Xx1Q8Sbz$EO+
zX8XDs0TTiJ{`DRM1j(UP18V@ZnM~-P1=Ii3^#A_W{{Q~OCIBk{0!skpuo(ZsA@{cy
z3j;e#r}F&!=+k~T^}8MU(S{)t2Jfs-0}~`DCn+bT&zesGtXwHa2m&O8%lW8a2ARp`
z`1dV@s0a&OzKH~P&*&kz=sYVw&y)ssCkFvko1bn2Te15df11+CW&$d0XG#N~{m1>%
za080EDRzwV`Q9^VeDuj^N_JiGlsz_8VwBhZ`Qd(o*YhV=op;{<*VTYD1P^_~{nd9S
z8-3%9Lny|AElM#B`u@9&t!XG-Qzn<Y8?W1IlWB};11LjDT-xfx_Wh?=Rqx1Ck|GMN
z$Z5U4!u_aBe^>;vc?JF0oR|CKYAP@-dBG5etljDFzuDq}&a1CP3R<kst^Tji`I7E}
zA%26Ya#d~Q`?3lspM%rZbvF}0iPrwFKx}YG3`K>RyrmUZ%E|nu&G_ro@uutCZa>BN
zJCOMO!B+SDp8KqMpnxoZDleIweN~>9H!^|LfK|b_Y0!dR3DR^C00AV$Nkl<ZcmZ6Q
zv2HCPuZ0ibZD~ONGo+)X`jsZ4iFBK*qiLg4-6q=a{|47<Efa0U=L};EW?<wGvnPM7
zloHov?pCZh#fpdZzP*GVQbKe;dbHoI6nJ@SZuj%+<KzALe7=97d|uwl$H!Ovi!$UR
z@9&}VABE=Z^9~6M>YtAo>pj%+aLmHoTvEJwOt$f%VSf}@e<tYHeOtNxt>7Ll&8`dU
z!+&r0e=+ad?T#iaur!xgN(+sKcHg{3H$L*>I{j`Q1NvP;vnayzGK|>n7VTlVqf1mU
zBFFVs(d-zeZEL%F+?zX0w|ccUN3XSyIri=|wC^!j9jn)n;XdlFYt|ly9{0T$$`G{g
z=s4(KH_SDz?;h3>_TD?%<`{F%QP+rWJ$%NhQQ3H84S`#9jK`xH5`OO9p@lybj5C~1
zs(14jF^h(nnmeXz7V1cG!}!iodQ>1iWx&%}^=RMd1_|f2IMa!F$68}Rb9oMj%&>-i
za{4G@d3}_>b(S^4Z-k)uj!tyv`nkR_^v=S(cMo;f{XcwfSlWg_RV5zNE3`g)UrX<8
zOpMpDRIZv!l#~(mXu9hk!cmH+q;^}V5w*>nf-t_K+6<jrL~gr{QQoXXd6zF@C3Zpw
zl7Sj(sDqNE=Ql?m>hn&2wo=~rGpv}Lh$)=qozV(0+;6`**Ji>Tv=rd}BV^F+VGST)
zN!CJzv!Xi0wXNiG2#Qnerc&PAMKYm@vbf;RnSdzgWg@8E4ixRatX5zu_oj#5wLwU}
z)g89Q;2vd$j6TYU0<<BDqZzd+%oHZ0v&K3iutx_(M~{|G3hP>=L7|M8K=1&?FfWF0
z7eUaYR^dl<%tmG8qsc=UM1#zXTHWhtH{Ro|*X!*z2EIGpLd1vrjsd}rVN5>99R+cf
z;O^wM56fo`x>KjuHrBccJh$?>5b0qeIQw(<Qp7+A7o{RmJ?o6NiVIC(?d&YDVk~G}
z!3I@h2jHE)QK`ExZB!^7NCPa*3w1yi3$FgR@BPOp#ZnYHhGfN9P4Ei9Dr|RTw#Nmt
z-+p<y9Oah~N@kvjH|DIxO=AidbVv;n`UAT7f~fTo^7Vv%5VDu~a5`x(23s+bl^X-{
zZ;=<B=-{N1Nf?$#l64T|An4t~Mt0B=cc>uFWP(DZnY?9Ej~~&vKnbL^A~-jL5W@bb
zQKHHi?R)+$y>~`b1s0RB9$`a6$E`DvNZBL^eS~4s31E$mJ0pO(k9H3UYmggPrF-1Y
zo=gnrtg2EAf`uyiBZCgw{E*ePWL_kTU?ouy-dP_`=FB)62ShtAc2cqvMk(oz8&Vg<
zlPtM18v{myhslGgDX$8ddP|-84$`^4nj)o3(nJw8;fNd_WoVeT2;6*c6Ge#dVqzZ#
zwIhesYQsuxEy?nd2R&Cf+Jze|tX`KiXVsfug=B##D~#87obaAcAcJIt_f24y1Ul<1
zQwKw-i#l2)AEZo?%OHLsiiA-C?}dgWD?9&?<tT`xGiP}NgXQgz^>fNSWF;$CQ9@&)
z(ScMTq=@3=Bs$z?ylQhEC@a_jQ^xFNH411IwpS9>9W4D_ojd90Coxc{f3FjBf~pRt
zr@2WWwrB3y2gsfra)X^?EYM&gg~OmVhFJ>1y%pn~kvKBkk|=J=?g@w6;MgP!7c(?&
zNtV!3s7i7!ia-veigFQ4^fB+MNd(;q-?ex^)w2m$&m4jkVmccO?Tf~(6LlzB!r%_o
zU&uNMY9yic$T=jRgF%V_nrpaI3*kyntuk442Vhu>ju^eV|8d0>3aEg{g^(#+TjLE?
z1~mlrMj9`^+o(Q)6v#sP^?{gTCYq41j}=1o7inY)qPA}dd!sN#^b1+7y^?hS1(01*
z#GNNo5^9%ubmns4mt^rqMe^hF24t~5J+nngVHjmnV?&e9vmmZphCAoLl!QZdVt!b}
z1u>8n`s!osil~^MpM?Q=;xDdf+uEBq!yaT|V+|{OL>6k$;0D^zV}*$^9sOai&=835
z{5kN!%<lXF5%NP9;|7HT&k%&BfvhZk$Rb)lc-2Eu2CW~Ez$*`%=&R%fvM9sRhcOBw
zm>zPYSXGMm6lUN+Dl^hvO08!H*)(%)Ds(^`>*S{~waT2R*gM-<k|lOnP9N0kfz8L6
zZx>k-@6m`?bGKh)L9{W;Zso*+mn(yfEt%T<Ej(|(%)ThXE6{SYLTr+!*RK_?A|L(c
zdKJ~Y9I{@cKPJLdLi;VU(2u_alf~DZh55FUWM$hS>m(3rr!jL@vPu!sbUJAhQeGaV
z#*~{?lEqUf{V7UvxL`r2&<ruc!$wsMWDXishTG<SE`Ss_9Fho|$k4WmP|IEa41|IK
zAR>8ItY{)h5Je>GqmOlhNkA~r2k7EyFIllcsP>NH^)yJ=B<m$ElPq^yM3$B%vYb_t
z#dtNKmUHU6D@QZuhy;#Hvc_6{mIAuU!tAjc$;dn?0a=7%?liFR^;PHZtgv$2lfIV-
z%m>%sWI;2W29v;U7MBli{`)i-m!qOMg_`k!dV&Yz^(e64=QL=dLuiG9u|$^S<Ck2Q
z=*b^ga-`ui{!yZSBG?MG%nwMbmh_{*)PR@@CA6P!nCEv7PJ@Q#Lbu;vFbb;2K~);i
zPD>`s15u%?!=Rb8X1ua%rIiggIn&|kX8#7Ak45#a(TqbNQd1cW@`VJY!;Q`zTfgup
z$U2)VS|@I5%Jd@y!vs4A2pQ-avS5m)St-yd$YbfBNT1M5cLNf54pJ4!(jwekDf*Cr
z2c8I&I3{P{$)iZ#6t+aJx}or&ROeCck~{(j1M2Jvf;-nXOOUe49NJhqKpT`f$&p~E
zQ|7jOk1KySDQAUgcA}N_xy0|B=QL^X0`b32gS|r?hEAwb>2WW=zhDq9Vxv@+TYmnk
zXS9N>o7@$<OCwpW;k#Zya<Y(<tgtMd?T&ou_B(&c>xaZoZOT=^XQmQGqFsnVv=Ll(
z?1hGQ$Wq573lYxtSF$8Ymh*8)!pTy8K=*LhUCbTWP71oI=Y?uj58$kyUh=uqp|J#a
zM9#d<AZw2Ox%egTGa_m+;Y=Qu^vhq|bm-@+@jxT-V(UJis{0(+dKKY3`PX1IA_hwD
z-}%A*NdKM+zQOGn<Um8vD5=E&gLx~-(prC#bQ3KJHp(N4K?I-Cn**vJTN9W;-YCP7
zB8Gx`E#|7tF}aLH6GJSJb&_!p$QIn-2SnI%PN$QeAaqc;a|Mez=ac-$<|^QTC(rMh
zIm`5|Vu&otnf~a>JeKODb5ytd>VA33<5GGsW1L=bAx6(R?2W%{Z~?i;!-~VVwEM}g
z=}%>>=M!GaJ1MBV=xUQj0z>}&C*+kjKAN%IGE?Cy(41`y`J3FJ%DRYmqo5l*-ZG<T
z?S-sjlmc?BpbnV)trUIVqn*Tw<_8=|2&|z%T8J61>}E(#B$|KiqF@>9nmoeMnb3m1
zxeEUfHONO_8z-G$<NV1)r?$G!x4}bFo?Uk4uidM5Wqz6<S!gk<0bzKqKH;~gexad*
z65ijjfnM|(28wEe;;v+23~Uc!&Z|tpC!L!&%Xrh7?qos;Y>)&F%~9Y^(R`E2kvtCz
zE01P#sKdg@<t61Io<Bc-KK&(Gp{&m`D@oLWFSB)MF(3%*H1kh~$lXem*>AAq`&)QN
z>*QWf?0<iCADOfC<<x^L``f+LegAR09v64f$Kyh1Jao=;XDIVfcw^TUUkcU`*h3h?
z=+DF4b0c$s6NIHS$*T^c%>MK5fB%ss%D<5RgP?L~!}xZU`@gqe`OPHr44)1NFj-CQ
z&M8^~R`@q&<p%j0n<Soc=ddkf{SB(1VYZ4oZsZC6K_!oO1h83x$P8Db!!3YNRW@P*
zqi7yGe38dG{|+-08KF13tNCv1NMJUPE**faAP$j11{g{^bOkLC0W0HsbutADKOTO6
zN4Et`k=;f#&()XQHVy@t!>%|ZM)Tf?<o{>v{B>MMlBIu&DiI(FVIQH_Dwo!W^~!1B
za~cP92W^eh==XnvtBhYpm8NIs;wHBBhb)RZnhHi{WE8i#Gwgb1o&8xOB(_#Hh5wSb
zQ6Z%`QFTR7{*(zRSrV;aPLUup53iLmjLl5zbc#rCH$pp`ilVP4wCLMKzb<J`zmTcA
zE<1|LiH<6jh~MsPiyxP@>W2kl0a0OBNLzLx(_D<~LguFq{jSh1)b}G(&tCzoGU}FX
zEdm(nAvKJ0EGR;c*6DsC>-+opH;}aoSR)1x{fLJi1xtrVQq=`XUQ;Qsu)?=6_0*is
z12&AXgl=S6lwgR*B~G1b@-eqW2xF#ta+NJpy2^WNJpe4}hyiYd5zZYkVVvh#m;q={
zFUX3@YdN#14%s>AD^L*m-H~-iGJq%DbAyz^BRW)Mg%-m)06dzuP_|2TwnCuhSay~V
zmk&ei8dAD-YA~^Yh-KC>DbCa6Q8t{=TwR0cZRUJ|DPbv&08)Go$5j_&p3x~zES4UJ
z%B*h@*9>tk@KEQRle_;Wa@z5rbbWE5X2_UsX~j;NSS)oAz7EXqtxMQ``qx1iRd+!n
z&*N7Wa_YTg8)pM)n>ND^wU&EjLZ(XyVsKdxvi>6r#zfZozas1L&&cvP(liRXyO}bP
zm6Kfv&?`R)|MLalvR03-$N-RK6PLl5$W@9amb@-)N9ce<RdX&t@7B|HA)$gW-Rad&
zWR;3&U!tp^>WK^OT5n5T19SA5&t!-uWJw=0vKnR^)T+J*qI$5OIy=3mYv<tM>kyJO
z_Z9+eUx(|1q%iA)pS!Fx8!?BGm3msOD<qSgwXTe_+(+58A3~M@Y4?Rf<E@+o=&X?V
zBqG$lS9AjeyS4|%>KkXy7D%I@Y8oYG*TA-<0z`-<DHB8H+xvNvA$qrwo6!ZUy>)N!
z?_gx@fd5D^9<IaSU+1!QeLsIykaFLi5zvY#Nma_Ko<Ms(xRZ*ST<)5L#@H$xVH%vs
zGL95DE38`lcVunbUyzjm(P{5UDcfD#Gk{dB#*gaj1z5#gMY3n)RZnsgQEFTu2ml&c
zE6AGg2qfbl%yw3GOMAW1g=X(fu0_TQNb>_$TE=bP!{K(6Qgk_9i;!g%#BEh&B+{xW
z4f4MwfQS)5D5loQ^___lEz&R-E?=orhpaIv(qL6ab1;DbdZvOi!*gWa5-<QT>SrC6
z^y+S8QGlfSL5`@Im@`x3Eb_$$K3q7Q%{6<Dx<(0L97)kcSDcJ?(aUj3*mwP6lWLIa
zluWC+j5s!lcsAfDK=<=Gq~~ToS=UgQJ7bG3i)>i(PaJ%<U&!rSDcgPf{J51z#GfDE
zVX1g35&?$*MkalQTBrOgtCrRC&P`?KW`V4VufovUrqcdA!-M$qllXYlB0ibwhNZtm
zucH1$R!w*tSv7ZVCC8&|7+EvCfe$G}wYXnQIZg=)zK(iSf2GPBa6@%}MHT|b%Soxf
zH2VTlR?jE0bVNPerW%}q+Xg$rz8G1r*H#(-4rW?!=N?74W+jM0Z8l;^<^r$u!S>Wh
zj4Wqz8Q{r9lVGO5J!1taHLEm{5CDR<CbFbrR3j^K>MBk<#bM*0x<g&SM9QfMI$cfv
z-k~@wdLzYsQZ4@rp(I|Q+W-Is&qC@%Ry*M=kf$)R4E~mYG_tf2ku$FlQr)Fme+HmF
zq$zwpkrj{#WI;UcEJ0MWXyJh!QQO~)teO~d_?_bs!(#i-Y;fB^U?nm^+eq(>GAE<M
z4YGNPyV%;`DVsA^XM;bG#lgZQ$SMitt#W)x3$72@ZlgElJyysvlT)zG0dFM&muu;_
zda7yb(!9LSY;cigcs44jlip102`d|DXF5k^W&6*;mA>f`-S8qvW7Oc7H5^DtZ<apa
zx!Moc0TKZHr-+(aUnWCtmAX%jdj1>+XmxxHT<VJc@tO@rI2)`hBb}4Qu@WcUm}4_8
zB@YUIMZz1YZ2*EDB+*<H#OW%vT9#jEKDuCm`b_mKLxe;s<8Fs8P4Z?h{E<_|cQ&|W
z;;U>BWKpAUb^ZSMeB$ckQA&NjNNdC&62w84XQmB3DF|$_-5&C3NJy+W736Uu>F>z;
zfy9*nyT}aND1)YgQ4(NQFpR*GAoQOv2Id+gi|(!!8VwLgH?T<R_5)cV7cS_3w}txa
z65b3aV=IsGPiAw}g6E<g&bC^4w}K(GJ|CirkodIgVw}hl%)G|IibRi8@!Uz3;%ywa
zqyrZ<k%OPx)q&1VDWU)u{q`KKGg-kfqVjol%Cu(l+1cQpQTKQ!sO3Q*D`xl)1w&ya
zAdV3t5w4HP!C=ct*w+b=+{ry`myBN#=}x-36%3QDx?>Yri=E8*`OREJ^PQG_??-ah
zw4)eV#`k%EEGrmPSS!d{gGztV0Q%Rueg|EZ@5i>)ryBnLhZb7NtOT+IAqDkLt*en0
zjV~tPbi(3Q|9dZMBCC{FWaT)AIV*Ch2<wr|(`waybv|m<o$r}nrc7@M$Z~sZ)>-#e
zMbl<d;c@{ox2;|lBNUR|Z{>-)+Sl@XtJGU+%2cLN0&cC>BB`+7_&JO$(^_OUTJe)j
zej{s9fw#o&P%OUis0%5fT7*Ma$g=8wES+^(%K8qWQ5Nz1LsR6%(H9jEF;16vONE>+
zzEQX8&VNNCYhCTz+iD!KR%e4&Ft#<Iv9DgVw6Yp&c$TK>uBSRw_k>hmXaidzY*PeB
zu}I9t`}oZy;pk1Y%bS4J4}n8#x(*{Nz7+zCKF-cC!9!f0hG?%->p@r+D5x!!7mP{_
zcjnpH=cKakXgW(?KF;&khC?p0!9di<Q-^r+)}|#=DM`fN9mQgWJ8UG-f$l6r0hvL)
z{n7t}e;q#h&yV<gOk{bR&}F1m_~$leydMRbY0k*=Uire?w@OdA){;OoveclvgiTyc
zK*rKS!RTi&;Xy(f%+yfe$o(?^*;|RjwhK(&y@a~4Ufxjq#q**W-`=}sbs!)3UBPHt
zNf<czI?n?r1VY3%9mKFCFjxH1Cf@hn)78`tUzS}LkVj#SS2fRMGM6;z_4_Vr$SEvY
zt>lzk6LH{yl+V{}9RTvYtRn4y`|68*J$7xWD+d;*Rf?l78Im63)R;tiCS8l0$u>>e
zc4ASn?Yw1W=>Fw;a@)2_V>$gy3xax<Z^B7{Fa7i_51Y%h7XMpyDa2W?L+Q-NgW6;<
zP8g+;cC=rp>YE&ckIzS>g5S?Dn;2O!Ai@;kdIn_8SB|$9g0XWvo?fH=ZAHnC7(xXa
zoRO6rG<1?AA;BJxuJ>4az$oG5GJp`_t}@sW&Oqt5)o4zyHa2m}k<VfD0xCid$TF?g
zcuxAFB(1k)y>(WaTuSy-bsgz+bA>#UNIqe24NkI5;mLqao0h06c=wh2GMuETq3zTQ
zGw6-((w>DBA~vhi^2ubn4MItUFSYg|KjXdi#Gc5qo5+2sC6mi)Z#aYYAjCCYysyae
zQWpE9ys3HBMrMC~K@RPVURsXtiE<V!6IMrZbqND<TXwY;eoS+wB^)7*oY_e-9J<?{
zNHNH1wRf}ujjXLaO8NXV<MT5$g@G)i%GsXlnZ%Q)JQ-uqQB$L)nTG~qWE%7a$IJ%p
zZpt2#usU-n>yeWLtghq2uxD28a%mIA(n5YQtJ?PS1Bp;9ZgNmvHS`P&$S4#Bs-kZ7
zxfOH)+EvK%?#fradTsz&YhRZokQLLFo^nIM00OG)31f7}NzlER*ps8DM}7Y>{koLF
z*q^Hv?b4xQ(7-rQqM}qaF5)B0p(V5!#M5DMkSq<SAJ;3N-aaNH3*7OjtTA`Hr`6%L
zJ+CJEGbK)K+jW`N_zw9XHmIA>C_&Yr>KXx^0(J6WJ9mSUs!dLrMN4vJ$azdi7#%!=
zrBe$k;daQKr8+FrIluHhAl7O1*T`Q?RkXp+KR-V{{(QbD#nyEr%kYWENg5MbtC5$%
z>XHABtU%m9A<NrMj9{vke?}Gp!6Z_`UG95<N!efSb;U93Br^d9vcjHpqmoPS37;d~
zoUONnF(jz{0$Sy;tKtWY5U2HZ>2U!{88KZ^i7X{|O7mJ>8Q@rU0JP_AAmWt@=<`Gb
zHe}p+QvIbmB(b;;;EB$XP@+Z?vKs7?&&Sf6l1vWDiJB@npkQW+0*=>|i7>L%7!EY1
zy6CUB9`@W@_CUd~QekA7^US162U&@`#zaRsjTfCYGs+klNj^9N_MDfnVZ`^X4lq=?
z+%&QrXLR4=k?)BBBA*nxKa0l}ryYr_$ijbRgY}6lHMN4g{`|N-tw}lE%~?gU8Cjmm
zwmR8l;M&W``r~iNBG}~6SrmS@<_EG&9QNXu>aZ1LXp)XwVxam_Mbs9FVJY`F)2xk4
z1~O=?Tf8vpcp*U6|F>?%CsLMKjVu8x>N8bJt_qDTe?Jk|rP<Yj){QLZtv*$@YqT1l
z`T(s@Oq5;#w|oSirlv3Oa!V=;Fi;3MyiUnErp4|cgRmN6sv|%Iz;H6;dGGf>k+mkW
zpe^ro!`Q;P5GTGe$ozectllyDSz%cgkcIiL2eu@iyT7NsULyL!eRd(vt`!$1uW+2u
zqjLR;tV11))0warD4)~*h+;G@GUhHLtFA)UW0NuVNnEjx{uNnH0zJd;E==@D#4G1-
zLRKKiH;nO%^WW#cU)O7G+x<Q|$TM8ESq<d8KxrbYxcZw;LGSRLWY}ef+v34j2$pie
z6tuIfT-4u&hNYQe4@!C43}mff6bUZt1xZN@e7;}2oYL8#f4W8G)>^rQwsPcJD|eWE
zGm_?xRg0i<mf${VDz%E8rg0PcobV4Wnaq|AAcu>l(Jw+|qZcqW=gLf~%uKu0YjxUV
zTgTw6oXI$AU)&t&i!zNk!=oyxm4W%Fu-7=(Zz{rItbFi5I~{kL>UOEO1y-XUt&kS#
zcDt3GJ^dYat)t@4(~s*$k1qPjcE;=Te5Eqd^j+P|6L*2ETAU4jf8Rd-eBd*B%?5of
z^|jY|;Y8LZHd%>eq@Ud^a~6B1(mwiGuCo%d6^3y3XLytBnX;05j2|P87b1b&o0yb!
z4|cW27syIt<ZfzP0*c)r3vg{zWH-AyNH3i*)_z086@J#KU^twG+6UN3Q5F|jrnZyH
z9arI*YBF=<nEffGGlE=e65n?-nZxyZ78gcRM^mJ!<${AO2l%*ThfGXJ`<Sr1y|v!$
zAx?+(M3`yrpz!kdS#ww}@}Hb#1%pSeWR!i&R~f1(sRwdQY8*-gNF~cosiiW@!%XHf
z%r&7^4c`5%vxfJ@P7s@s?J==fGgg>Fz?H_<@<dj4VeebnLc!1j3WgZV$kH`l!hqE{
z6bvIPXHBX9j4a;$-;h<dlpYG@(%%#e?VW6eqj(M~@*0)0{(nY#XH_!D+7AQ{cA-p!
z%70zk?;?*s07Umt=pa38zf-SRZu%~_I?ob<@l{Q0R^4sHa5WW>!TpJhCm|8yQ$l%2
z&~5LMdZQllMSE9X-&%;kSy3EXk0kTlS6YD<$7#8_!$AURzGJQ?KpKlxT4O1#Ig0zC
zp`fs)mhohLGch!>>Y7zN{tRh@5ir)eiJ_DsbF@Fj^l8=IKE?AifO^VsAnB{IfjX<v
zV#awq8_Xuix>_S$1k*l;>$hn2^qTFzaF(G5XQG8V1<W)c4x@{R*SM(l9oMX1&c3$C
z$1^@3-=EtSH?r_T`dogW6SA%;79^sQF;s7D+j=vr_@118&M>lsE5hSaip)OO-HbSw
zL9JWCJ1bypb=88GQQz6VNI6uzP6{Uy_v^T=Tlx-BML0w!*tX|R0dBR%j*frl2n4`w
zGeR{|d}Yqd4JDgi65LtTbwRikU?X?Um5+&}uBKZBrtzW9Zc3o2_qOES&RE<R9Mzzg
zbeOWWht1;s6v&3ZZO_P7=&41J3#zrafb~vz2&}Q?>fUPPXlW9FqMyYIUzCMmH$19Y
zY%a<o>M%p;A-fDd5JO6584Mln{FosL#3cSY&1XiULNZU1iR;gHmJ^DRN}nU`ljO#O
zN#Vh8RBx^I1_QOc<n;JqdTiZ6UY_MV+2mV0ooI~N$d=|hkQHkYALah|{;u`o<00dP
zaK*Hr`H&&TMcKrWYv8SKh=V4k1e@1vP{Bq!b$PC}#%l{CLqrg=;%_)^Gv&*#bgis<
zk*n9RHx4ABv-a7aI7OI|7Zy=Z1(A+eGcwGzQWz2#>1khY3xWkeF|x)eBa3XYCNmAf
z6@uen#!qA=GWv;f(X2;kJ2jPOl`r{B7%dk$-aVDPUbpRF0DqlRpJNnX7K@E6-+jz2
ztVGthJCmK=HffCP$YEf4T~l&Un$L|aY>u4Xs0m)OOrk*3l)I$AC><a^53{Su$WkH@
z`;|MlSGiGR{AF@{&))|!gC0Rv)KvSKn!N}y+kKdX&&Ei@&0h&*(Yf8q<FowhiL5Z5
zZ%<??hcjmlcae33Y%&=DDUEMAZu8v9`6}HJA|YR!o(k~cBFfX9XSBh<1*a=iIRHbt
zcp<ji5L4{jO{)kn+v*i-yvp@Ma<PafQo1fsd6~Fu;IA~TqS0%_IMn+kOBJ|yPDS&^
zv3g)w%}vx*Y<1L#!C4p!djna?L1g@D=S0w#;pK^9*68sJPrGN7XI|fJ>)<_Tupf}F
zs$gYoDPGdOJq18q<nbIuS4q=_!2os+Cu8=4WDYj^cd!f~wX(*)MbkRrno5jPLL<v-
zu}3n?<Cl?zyRfyf3diH1mtEYw9D{da%}xB-sxtoleLtlTnzJHAd9dG?+V(6O`1%Tk
z6>z^ItJIJ0&-!d=J>|hijdU=O^#qlygUL~L1L;ZcomjD%Cq0|Yl+o3c1ga;|KvuSx
z^-N%u;)Q$CnuIat9>^-*oYEo38=<Q$?3&bOy<52lP!m{IIm}pUbzSSW*~>plwrc#p
zP@rE)>&wFf$nuIz4{yqadNe({7V}a{^Ou|96Io{|r}BCnwWbi+d%Rj72Y6yErp<F7
zmR&Z`>Y1`zAWJh1>(sHh{z}8&GZIu*Bea!y?~6QO@#+uyw3V%M-BPNA(;c|KRz5}+
zAVAK8JMay+&fqC%+Av~dnOx74?fH1_4seHo&~mv8OQpteAiB;T@8X9O{}8(&tt8v@
z><bN_bu2P>zMq*QvO+Ur0a;QGo`6!N6<MJckqA-W`3z)ome)DYEOL8;G2=OXi5o6F
z>yxtvvfQsSvMlytubsEB@M+6yqZTca^MI;i(19%HZnbj%d2RA{wW9CU#_LsoyMH#&
zU*<ao<#)1aa3S-fnBz|*bq&-YTUb>uRfp)kMNW{#gOSCoa)Wn2=Kb4I-vbr1ouzb9
ztL?MS9}SrNFWnYabmg^Q$T~q5ss&$uSy*FlWbH;4q8T1_C3An({@2|H7+J2R%$(kC
zi=mN)yl%;%4`jJpt(Z%R4<pO@+G!Wx&JW~BkIAmK#tX8HO<R|ZN$z@|8>cW6d0>1Y
zWYoOb+FUu>l)0W?XXfI_`kZTW*0Z>(wSGT}kd^o33}HdaU8&aPDBF2Cfdb;{P~#1^
zt8Afcn3T30{)#MflQ+VBkkDlXBVZPQfguqr%wDgx(tS&I6^WQnisbi83PyDrm<gfT
zRT<%$6y%P#t?O=sGoH{!s~x$)$SR2LKF%;RE|;!n2RnWs%S9DzVFlwj^g^6P;K(?*
zWbT@R%1E++;T0hBwO;c=$D#!4s!i5b_3}`Vr#VYYZ@b<@JXBv=O#%#JONNW7!-R8y
zNq4A5HmKlB2wB)~<ArVJ79Z{TcOpCpTWX)QQg^_FIFZhKJIc9aGl8+xk=#_cS!VCJ
zrg{LWPh=fmAS*leWUY4RzT93uy8`FgbE)$yvYwRnS<Cn1nGn{eLinf;)@#)os-ZdM
z2C}#tGc}2cM1O`<(9He*9FMd;I<#b1KeIt+k)EFvWlq<;a6Z(*I)H$hmIya~?z2uK
zI~)+_Ub+T0$n^=R2GJSKp^k(WcWk;=hXp>@V|QcRI=u<&;y80tzv7GceqCyL4fqxA
z09B1FuDP!Gz3KtqMwUVfJ(~#Vf2jjxK)L05xF^+UvNi}ppz^MOLQT_O%~@{~Ezb92
z8IY@W-)nW@wR-*Stg{F}Mn6lHf8Jm0hc@VX2~wizZ5Go@Woqt(i((WI7RO0QFtW({
zj#jcu;Y`$b!WURs=w@fJ#nhnCZe$&L)A+5@VZj3`N*k8xgIoc~w^wA9&!^b__<n>s
z7_UD*zMuGdE-BH<lFN&8%e~mU;4Ewtxs<%w=4f?+3_8(oRQ1m3{!2DE@=6}x;;Nqt
zq_vOowq4Hlq}WY%gNu}{*$&U{WY@A@byJ;Hy#^UvS#__s=P4)uZPx9w?poi1j`=o~
z2jzPPLcMFJW6<4_$TGoK_-L)G+Fm0`yf*HFRs4bFq`}`4S(fS!G~$CdRL@e)5B}@x
zJ(lnoyx1U^*<;hARC>D@xa)GN2`lTW^p5<_&|N{6SCM#4@xj&_0~iSq^bv4dt|~##
z2!4A-76}^kl=da&wo^NQW|&aq=m#H-<hYr@vc1)eER>5@PP!J8>z2&kaD#PsiqFo%
zEHQs;16hj|49sQ+>)MWUp~~Hl%o4cCO*cZ17i85(lvtlNB9=hb&tNMpDTy}M<%u<Q
zg8~U%SJ~=SSxUu<3{eC;_ExE}t{U1~eH%4P-R@J;$WN}kNW8phWqg)fiNKT!90(6F
zR=ftv^>j<tN)2Amq^tM%%F-+Abt{IUdk9xm+icUnH#thjMaS#+Ht%oY#r`F9d2`n~
zZfV`G+j2=eRVv(_4sJE9Pj&lUZxT$FT9-JB`3nW#cN{<8b*;3wTA2w8^ts4~BoWw)
zX{XuI4%V!*e?Jauf=X2&s+c=EL5dvOZ?)Ljoo}q^&h1)-42-8>ODh(w|3Rb1)g;kO
zC})H9cufW5o(edqT%te$Inb4)Lh;qR;O2JJah&|WMs%N1nkP$SgtC4dVmaTpaLJCk
zMT~eE1KsbNjR@`t`bC5I?8=;Xy!DYjX4}|Wp*#1!5zg6KX3-N_pP{!)8GQPjB8>`U
zJ>yeblx)4O&C0)+SHUUFP;J#DD=f+_Z-@<bG_*E3r+&C{y(M42zkd<uYrIGJjr(Eu
zXKZ(lo<lef+d1nwBN8eH?#9>GUvHfCN37UxZ(A{jth{XE*o$qY4$Uxy!u2LbbUo*G
zS$2kR`9szKQ&wYA7g^%b-qREj*G)xF?bvOT--jAl@o;?Y{cNde0K9`bn+~TY?!mz)
zpL;B<-fv%v?|Tu*s?~RhIZR&h#dlz#xv0xmY|Jfs$=#lLze+&#J*<=E_SOChbJiN)
zNBFj9B*hY&teh_TmOQ=(fmE2#5OH4SVvd%)sd4&I=xOoqWdV(X6_oojkY!kN+!2zW
z(3Qv<N)d6mza=DdQ#oZBOt6SoWGMsu5U#dhu7FsnK+EZs8=+3<yfD|ObMX?{QT-pv
z&S1xB7zo2!)E?3ZY2U!sQuXQ+(jK_^h@2x54`AOB?=SIxwlf+?ir`o6nfX2AjJuh*
zO`%;DzGIfjmQQbQub}tWT!o%Zsvg(n?Mhkw8+vTX*VpAsS}_dbz%nX}W4kCebEmJ=
z6FT|SXDIO=g&dIgdmO8L$yzS0j5{Xx&(H#WuQ>OwJy4){3RkG!boOO!d6M>#9NwvB
zySN~3x1Q~+7@aaeYDnw2ir1C@+FvW@l-!6U@B=FMG$ywC=+~Btr>m@ed?otw^0+-N
zkIUt;s&$Z*o+>3bYL}G&G5JLsPiCC_6h#b6LtGR?p!jazP~|sj5_M&9c0;06_d}Hw
z#k|A_q7vE5luAK9YLBbz#_Ea0n>8m^t)`*=S4EeSR_P3Cs#2@Mm={oOiq@Q5c`0Fr
zS8OJ&36U!24x>z()RYWm%Y1bnDuFfmSA%R?6c(k0P?@P8``CVNEcVw|L%|$X)@}Rx
zO))u?*ft@AZO2d02DWoFk2896BS?ddj|0K{?HIq?UOUFMQntoA@_R;<5K2Z1LXHI=
zG4FJ_z|qMOKh#MB42HHI9(kHj#>j9Ye1oHyrQ{mg#wii#9JVl(z#|0&ZAU`KoPMog
zLApRp4xNRPBZ<b+sc88MnWVaa0urH95uYe@7BE@N_z^K!!bd#DKqj4(Dyy{h9B{}N
zMlq<u5QC?8*gZxwKjdyY494;x1|X(Q1ID5mZ=*Hrl|>;@S=zHCrF>MWac@wNu8MLP
z?~f!grs%()uzyQ5+>%3U?fVma8~9;341u!{(}^+{22NmXJIv$_<cXuFT9X?ZYeI8?
za#^4pC-^_KX423Ex--`{9>z2<Vtn`^Zo>NmNn-``@%?eOw!@M|8ok>H6kw5)^4T<i
z;YR7O=yufux(i@YMwoG2zaEy`>9~V;d*<}#tHG~Sl*+5$$I!+#3TwW}qJHSz$5?8!
zlxQf@#*K#fi@h^;Z6wLU_%+iSO$Utw(XltU{R?K}3w93%B<#zMbt4!@J8ZZ?)1c(I
zaDrokVZ;PN+_jxZ9H{B-u`w5!#crAPp7BPD&&I(9dmtQ{0b_%?_topF?vmv5Xc(VY
zbM?tmRlTa}cF;dw^{eix&r16940<v{8>EHp?)1dSXeLRreAnl}AbBU3ewZsV<Y+zM
z&2H4PM5R3ri>>KFln}`JWa+a<g~HIQemkjfii&ns&0J+$Rpu!z%324Ms~#T<nMqaA
zugHhDs%m63lg6X&&wNWf^A6B3FeI>$@d+Eu{Nh$y@`J2g`O*>#vS8Xs-LHSLTqdhd
z@}#OQZ>qu&t*T0}<njtL4ltRDFNs^@T;hyXq{tOQJ@;dwjUmhE11n#B+G_Y5t3V_W
zH(bu@s^vatII9>D!eKElL>5Z|#4nWCj+z5zQT^gKWwL6x!l70nk5n6%r)#oC=Jix6
z&k2&W9=eoOcD?QVRU@NW$r9_zxO{&FvRpAHbbZSOT^28vh9{L)(j-YzOGr-504}*S
zg|ef{S=PyF5mll1Ytcsl22b+ARA(V&753YEY9&p|uNfJ=7g;t&f*`BGt5B0%7danV
zZQx1Ql_cwCvBgr4;qn}^oT)*=`v5KfahxnKB-L5$v+js24}b4U7FypOSw@B|5p}m+
z;3cMr$!mcva#-+Uc=BK+>GrxHOU)Wr7K?X`<r`H<rjx~BX=K$uG+C0bkiKQR@mWUq
zLl)75iDAdWj27a77zC2D5-U<ae*74ded|fL+l_PQBxDy8$Rx)pMdh7wvOJI_*gD9s
z*s6C|3PUe^*S5DeeSfly3|S2(OL!_G3to%e6_p=fj943S949t<K<n$jfA9y#5^Jec
zEKA;I$qB7RjjVufu7dtS|ML0(Ic5vLci^+2ar>?Pjn6W=lh`0gf~&Ig2nJjgR+{li
zOQT+|7n8qAC{5G@Or!MT;RETj<jx6F<7B<9_v>%3`<L;Pmk0e;5Gb<dL{+1iWyo^H
z*W#xz#4HxZg1%!lo{4u!7DsU}23au(%a@vb@I@B2SLFUxKudd{*mjo3eAc7j(<}0M
zJ6`qjEO<*)eavJT8M0gs0aEay;afJb<#Ut}BCIenT++$P=ZC*;N72P^)w{$N#P7?K
zVS#wm$ZEA}*D3Xm<IC_WySlE8-DTB&<*I%}di`ogqz6CkQejsaUhLxc%`4I_>}dLZ
zzbe|mnxa-zO1(jKsj$7LTPLO02h`yfy-w%cXHl%ZAv_f@Bb>+z*((>Mv^*N5@?RZd
zYh@Tk>B?8%EMjP=_T|o(pm8eB*l4hSeF-qTy{pTstE+1{XM7K28M43#NLo{5iEABX
z1>0+fV6Oj$QYwKtT>q~R$+%Yy{@JHA)xl7O;C8a~UdY};;9QdhHE^2+U&OmU`i^4>
zveq}4s$MKo%8*7&1kxv26desZok9H7Lm7H6q8JMmoviDftE_X>JIb<l*1Ouf4nxn7
zbzfwyff_(0$w~o>AnS#s;^o>7e!kn|EW~b1YjcQ16>cZ1==JfFWwC^#a&1eJMHU}g
zr+6Sy)$Jucj0h=1$!HNCDvqKd)cZn!<%s2J<+B*$KI>%I84R*)Fc=&i4cgI3SZ^7!
z?u)FHE@)i17m6%+D3AreBrp0D7F07S>LN!Ou%Q}1G(OzpLWwMl8h5yI2lk)V4q=kL
zUVirqev&G-VZ^^gM<J`Aj(ff4QEB=DP3M;^+voc#7ZOmdikSONWYNHHl!2^HZv>bm
zS;fkiV`Mdl+39JgLtu5HC_3?^%Q9r$16lAoNEBHjp&|&&B`Q-;f;y6{Lm6ZdhG2)R
zFE6=JkcIj;JMeDk7Hm_IO|lmn14R&oQ&9SX0D@8WVxlp0g>@cBgOV)Y$J$Lqmne`N
zF^82T3BF1wk49<IC92YNwEnevA)RDZEV<q9@)%iB`}DM(9Sw$2vq@yN?$2i#vT$|N
zpsXMZ*S#bQE`t)vQZw<l2OgB;0847LhDuq`$U+;O21eokV3G}GMpfXyz@cE2y|^W6
z807hj4GOmG238q_ID~=W;o?!JeUpY53LZUQ`T8MCMlco}2DMTdBP)uU`{#c--yedk
z=1I+vb&q7xA2=$J1xF#t5*IrzbaCzPp&*RkrJ{FU<ZkGo3I$o@jDX22A&zXoBpdR8
zPaK`Gfe}QZuk5AnvrsjMWcj{ZkoCJ~4U|caRq>ZQ#Lvwdc9Msdy^OJ75p}QRiwQ1N
zCP#z&f7{<b%_1E1q$VDIH&OTdAq(hi@07_x#E**X98jH)7O9O2Sb!omFhh?+wy6SK
z5R(NC*ABT-5eE|*qBRD5H;^TJ%{y7PQ^5!hFJi4C?9O_=KH3;z8f#-C>1J6sPB;^9
zP}<9~j0`j=yclhy7wbe4cDP1j$)&;kFPFY~QY~~sU8sN7j@uMq9G*O?)x6Nmz}^>G
z!S?9;ewi#Va=}F=3tsHsdoceUwUR8ZhtQj`PzC<wHo%N46<IK$i8}stvShDfG>9`l
znm7Fh-o_z;tX0G=AosLQ$|%x)bb~On6}MT><w}{Q9SmIiu})T}4MMXv#Xz!lbcQE%
z%g<oc-dA2BF5iAU<FhbOqn|Qah!yOzH{mNE@w*)u#P0~XRDy&QRG^oLU?{Hy7OBIV
zJ>Y~&Oo1Vrn?x4fsqGD9$zI?I|J9y2^Zb#;KvdkuD#$`a5M(ul;=!OZT?0}wY_gu)
zxWBUHTF@-I&(g>mg25ra8Qp1})q@}eSu8`=|C%fe$~3Zo1$!L6$$^IfWVp_eCu1sT
z6V*h+%Qe(;ds*Q69Zu7{G6hl6ls7~q{U)C!d*P(JA|6l49FkSx6$FVa3uHAKKueO<
zlVqL#tZ@Y;O{wR+OB|q5i&MMKqDEH#EZ51&*~!^ipDupPXc@BRnNO`Sd#@QZk7PL&
zu`!Od>RUvVtC5u@(rKNhWv-y4Tacx8;IP%sKhM6@M}yxIMq!w*_Yws48gxfwnFz++
z3m!%<%--uGCrj+3Z9Q~+7fWAQ+GsE$r!^pwj(XYY1Xxj-EV&<*jW5)&7gr|8;x|Wv
zgL+W+T2P5BZ@OxFI;j>5sVq<RU*pF$&${2~g>8fg21I0$&$4VE0$Hr=?8hIEkN@?H
zqKXwK&61wW6{z{WVj+8MG#Ge@S>z-rvg+?ZR;xyzcOwf84Oxb)Uk6#j#|W})Uq;<s
zki|;Qj-gXPrIf@&oh&=wG0Fm0IcG~>mB|7F9vEVt3ZE6yX9`(0`9VLA;L_`gPnj$b
z_+Dh;6#xBW$TFIhEVY-tSkRrmSQ)J;l_ftPL+yc5FUg{&MwVmcD)vIPoJH+EOTUiQ
z=&ep4CP7}?sK!T`Jn6HFx?0g*9}Ujrv$(%J*)1PKmeH(HcgulX8?r2ySM+R_)J=Y-
zA>l9CfM&6hByMY1$@?s|yS{n@^07`<ofX1g)mwFKESP_bCLxGJ3;d$C+{Tk_nKO9|
z{l*QFeK-qEp3l>d&Bv@y%8+F=Yiw}g^UptDsNlhN3y|^3of<jAEKZWEgcM^gN)wZ1
zQ#Tu1BwCexJm}g>I$2>!b(SgyK~S#c51}I4Q9T-adA*l+WqL?KJqXc3<b}{i92F^4
zoHM5=WT8hGh+}hmNVX;6<d7lDXy&N<!ootuL9iWiEEj6(iXzPMMmkjmSv2&^H$Am6
zJqEe<be{#mWofEUQK=>nzJvvPEw7LfjG$HcEG9`|sSeHwx^sWs|EYEp|C2nPA<Jk+
zvhq;550^z$IX>PecAAB@_M6Rf{B559u(>~#EbI}P?;lLRB&T9II$7F%4qx4xcvRP#
zRKXeg=qW^C9Z<gN$vQzI(}yy0y2=)D1W2`q#@gcahAgAm$$}cIuH`_hAj>L~wYj-<
zytR3}^~3o;_Rpu1#d~i9tp^s9T5-w|jHgeZ{^`#3*;x50+dhz<{-5hpqZuX1!qd2T
zK_7qR*kHT4b$)!je|)^Pwb|VN0ftGk)CQ1he=S>!U_AW~d*>4q$Cc;t*9v8+q;0kO
zDbgIHcj_AwFv5q%rw9oIN$9H5;z2$jSz5EuYGmiIJ^&Xthe#NY+g=kK@h5<dXN@D{
zRlt8_$7?JZp^zD^!I@cmH`xhRJQh2fk>gBeWUco5`&IqAS{341rls|zzHwK*KkwCR
zkNY#f_a5&{D`lc`Bif-Xtn#nQxJD_Z4MbUGP^u~K1{GY&V`<kfLkX90J4kD8=W?2w
zXuOb@e*7@aX-(sCbG2K=iX~+6{$TfOhq{xX>`=HjxOC<K&jz18!{yT(&sLXqAdC9f
z&??K1SwxoXU<g_I$7Fm}WF%3M!3%dqDJ9QRkWUTQ2y%X%);<-A3lvvsZqDg&6z(a{
z#fwMcJLR>C6{|Y35*)B>yMfO*`7vt-b`Ov>bLQSE=dp=#fXF&S>3g_Bt1~nkOr&T(
zkdEaBzbx01GZ;eFuBA!QED)${qJlOOlaLOsL5)1XQylMnfVkG97MzljN{$>ZHkJKj
z#oC>MfaUu~k_ju(g|O8%JiI>qkTo&!aAIj`at55i^*95v?kyddnM4|BtzKT5^mi~4
z5hbf9E4UL59_NrKd5YL_0w^3@otsD(RNg_(LqZ+Je+5?!Im&gB<vf#9aD+%o=tABr
zxL$z>QhDWZJAcp;H>guO?@0f@PO)OL<aae;N=OsJ;q`TbY62JhIk0+VX?5ue$0&G;
z&zxDhjEJ^$?*I|Uvq7*$N9N0f)pXf!S4WoPFawI#OFFM9=W0(kX9tXOm=R-~i|d2M
z;vbRBTuZ0#ws`qM`{3x}32)>^PV429`J-pkgM*`YRHinaPM;hK=7Q)qoGwnJ`=6-x
zt9hke?PQjV#nBVW31)@Qo+_Z){M0>*e$szmol?zds8OkUx@R-BNTLumfza|`iz+Kt
zOcuL|lStx@Jji<V#rAb*8-QW*w{#C65m^B1z$DEPFJE4rxdO15EZQ67Z>bYiP1e!8
z%4_Y>EY5MX(L?IAf{y=Ix$3B+{b<(txFw&tb@gUp`BcHZ{m<j(caK|j;TH>;4|7Ae
zpAO~qZ$6-yb2?L-Rhb*lB??kVdX`0nYTq}6yv{t!4r#<DCy12iL8<Ea{C!i=Uogtj
zwVu<e^H{5Y5w-V!#bm{bCEun>LMjoG_3&#Ui-01Um@EKxd1)2%z?lQ9li`V6h^@o~
zSk3OqYUY^GIh;lEU`wX<v(JnD=UiQ=oftgWqV?JA?Q}6~ZV#r1i=!V%C%5xITa>zZ
z>|Fc7mI39|j&=0pTu^5~R_75^soVDlC<Ya3KXKLBeM7VwV*$}SuE%6id-OAaSk`k+
zNAH-Y=?V4sT@<2!7Bt}vM#!QvqE3|g_m*}hE0!pp4MNP8AG?UGN7scc1gNDm;cRdf
z=_Q=Xtt3m#BkbDWvum=N8~H{5|BpY24}<gS_Q|@;huINz_UcW2cH-*L)UkiznB~a2
zN1KZvOOJebV)B=S#f8m_$69!|BD4JdtuZjA5OZ9e$Mdqfqi3^Dwib=n$FnYyAPca$
z?zhD;2PqciZ`~h2UwSE5aevj(1A?Mt0m%qTel}JtnY{&Q(Ow2b>#XYmSq~rHyMl$)
z<kGz}lQR^&t{{E+-eefF_$S1^?BENvcDIAk(c7vNN16Hu%UN2jj49o5skQSDEynA(
zbWWfBXb6GiSFUQl<0%oy`tKIyI5*~=J$1CoH)qd(H=g%EM&{E&wA03XJDQ#t9P=`@
z#q{8qqjb>G3&=7c3s>X1Sf731l=n`&_PgVm8+Z@5r9YNcIaNVcnhW^-<_NH~zYvSb
ziX}q43dl;5QWj4Lu{HQLVRe0b8+(LHOTU=$_X9x|?tVHX%ii-2CY2)pJNI`*R_AaU
z>Te~c_SMlfr_9usPtHH6GoC``?0v0AJO#2&$o`(hEC(^`>@SgXn!j)VZaj!tpY@KN
zu8di~RmVTbE29H;K-MP?$E-Ta8f8GogYojSGd=I~Of!sG98#k(i<n}bc8poEVzS__
zPb9j#5U|>kN!*hY>%)^o)}u$A!^0B?Uaq(J=U5P(y?6~r2WyZ`z4>>$j9IMu#^y$!
ztULk|KHW}!>e4x^cX)ARJfAF&$#Oi@dmgQ`uGTrUSPIrz8tbgz6Q|y7S|@3Zb&}h;
zo*VGAVhLFaWNCWVQB5<^CwU2o`R1qfr*P-~iu!~8T$C)y|1f67ie)UlWmwzI^F4gG
zg`$ND?oNT=?k&aLA-DvBQ;JKVxVsb&t^o>xws@hq1$QYfL5f4LC*R-yd7Ue}pP4x`
zJG(P`7MS52%r#teNivoG{V@7cVF_dQ-#>$(WEl6&T|>yp92U?iK(%aj5fk|K^`1M9
zn4QpGOaGIdyi4AIIH`KVFe{L@=Bd2pt;kpG?_>R&;R&lc>b4K+9UqRkBwVQfUB6U$
zx-!M9OBFad%F|qhC%RD7ut$%N`8xHs4q3Mx)U5*g0aK4R6L*T?{-F)c9gINnKA0gd
z&_{5=E7e($+QGqLv2)GEC_wR!)EpnqVn#6gWRY%DI)4)dC;g?_FzPV>3fPupuX|+J
zI*ut$R=lrc<jW}8+nef%srMu??>8_#xk?9pn(8YAg4{Syv|2Y_d|kiik{pmmQ1F-6
ztx(TxLlssgR(sb4i4VF3ezP}DAzH6qnckOWs!La-o>Nxr8$P)#zW`23SHHI#M8E^n
z0JVt=F_>@kW^-JRS6VySX2u)6Ps|Lju8&Pk4xbKCUQY~;7boTnUOTK?9KYSpIeQ~v
z!VKsdXJhDkTBA1RroG-j4ecATn%plVGTQW(<71bf3o)$H`oTQPi_|hCz8BjA#b@kk
z<r?pd6n}XHhH83J1p+wgE?&Dl4!m&q8AFU$j|*y-ORg&Ha$)#Rm(=u24Ya;0?Qrf*
zcpihV)LPajpZ~GpCI<qOT`1#T%hlur8iL7bX^e!mlnruAFNZL&@qT?tPyVvWP%Sg)
zpj_3YAgs)5`+8A)-Cjmi+I+OR3vB{dBegqcJbJt^LBXSyPDNDRU=Swo;h`9(HD}z?
z<?EYpmMem(2)X$52CeU`bht<VS-u*5S<QfyR=x*<t8Pm1+eP$PRPKBW)f;ky*#|cQ
zb&!8DA4+2zsTr^b!(Zm0Y#HJYHXsM;%)DClj}8k-m`D9@k>m7$`ojoaovHVgK?1LH
z`x>bjT^wMYO4D>s^eR*nZ}HeTh(BXhWx~7}#K~GowCL4eGi5Ra>M?}<+Heb|^i%oO
zH$|XlkYuZvBFOcYfM4Z-x^o0Ow3~N;Pa=D<$*Q*j63pIHRi-=jSQbHK8)0hd^}-9c
zrq;!&pOy2DRa$A`BKET*Y|fcw_^LfYh$X~}J-y*UM~x0qMc?opX@)+d!+xv9J`$U!
zau!HVs*<fkd{nA#MQ?y7x3MxgF_GD5%ApVY+h*?lTzbesabl1~?8wEt$<y1jbJqEf
zUWmT|dpLKVf8O=(Ga~L*AJ1*t&*gt@Lf`9lW_<U3k_66(aVQfrRWl&Y8<Vt8E4_!^
zSl&;m_muax?`se0mKu~6m27CwP@vah{S;qik8gt;b(Jb1#C*oghjZ@)>4wj!6D*W5
zs_s9_xqmcs4F)vsS0%tS15HxMjRvP`-yn+DeRFT%jW_U+_AZG#ILP&NUJtai(xxjj
zE>eC^0WomSpYSDAM#=*IrR`gVDCH_+3~{Ore7!!$T0aScF+i5ogn7v>L4ku0SAz%+
z!&rMK)ME5|^d;zGgDS(^c_yXwQ&7e%&8|t(i=YhT9bDiJE+6~uP0;Md1`gIEVEemt
zH5m#nMZtHr7pq_-;k~6@{jFJFm6pmNT$S@42y7bdsA<&*(aYboqtMt`8{61S_(B>)
z@@k%pY79F#)vrSbbME@5a_LP+Nl+uy=lPBPtqHlp&}}0b#gIt789i{2E8;!QGw!zg
zf9YE~8qq&wzmKX@hLEs?)ES2nomkI%Se`jlVD<w>XxF4nnxuy(eAl3uJw=ZIMaSH(
zihp2;Ky5G7^VK74_Y<ZXm<Rm>&s2138<+aMZH9*E7Lq*xH;BYaKNw<Md-g`)_ag0y
z4R5s+$Mrb0ck{G4-Xt8t0sB_0P3~4MOQU~Gdo-t7n=UVETPMqxkT%>*Lc==C!CW10
zvGE=gwwLl-84tt^kmb)_KTQzRxPRNIrijA?6gso(uEz(>@Bm-YRVxSSBfs9jiSB`+
z?|?dlLHd3dFSs+I<YI!=#g72QHTWU;0jPl`fDH<ob$#6!M-X7TnIJy1<d?7hp;=gH
zoN&cNH+$1NE~y&#vUmf_ao6JO^~@(;d3A!}WQFEf>DWz!)-@}ICw+JQ_ka7e8qjK`
zCG5r?<llk}h-i;Fi&7(JQo>J^e15vR`1$$Oo~&TJ3Fi-6`R=^n)1);@MWlQFLoUR?
zB=T-&2SpHCK@kYN_r#I4Y*;^n>g^)VT%_OM!KV`*0nCpur&4JS!Y?vGvuxW{%0U^l
zhg=M^`^l@bsGxseb=)%^fXv+qE6jbokG5@&A*YKttog><B7Fm_Mq{Gk-Yg&fz4c=!
zdVQ8IjR!k%WnME#gAF~hpP7tYe35~+5u#DB{b~@60n3qt<AXc4(Xl(BU4kX0GF<Uc
zrGghlG-XrL=67*bK?x3cfdD|WUHZ)Rl(qX5q##C1<+Z*O8%qO$!7hT&CTRBCA!5=d
zC?mr~>;i0mi3W5G3O;lNi(M;;?Y&r;-K1?z&}sR;-_psQkpCr4ghAoE6FF7SM_I&m
zXqIhO>2~*fX6AHn`f^s%+PLm<9j&$Zu&5Ib6L2A9URq|hgY?fsP*Gtv<1p+0kZT&T
z+2dyevJ@1&UZ`L0p50uwrS$@=D!m4JrHn7!pCe{}By8JO`rX{#FIy&U2Pw?bTrA{5
zUjVz5OdJViBe7H2R=X-zp`~bto6HKBhL%2QJOYR>!S;l_!#a%Zy9XM+Ln8gBss^3`
zfhqSu)r`$%`8@e<S`9p5tp?B#i#Pq(N0|p>Dv1L|`cJl=0fkxIL8#&=#i#ecn>9tc
z9Ww3|x9%@7uyv98$0s>Mw-IG^S87U*XV9j7(d^61)2+`miq0@+myy5~u^I6n4Got*
zP8~&o&eh&dmYkVvD0H#nvZ-_3wfX`~A94E#Gdly{0xHq=e;j^<xvsZFKL1~&sG~9i
z?^mkSOe69R$aT<8xoyWXyuU}@o4+wg|5G)i2LL2JYTV|+P^@yp`p#r~8#d%x5&a|S
zaYEZkQPDqG^m#_w6m~%TpkFU9o_}zTaeK|pE`amCIZA2$USehE$L!SpE@ciL-2BI1
z^9tQ;(^ZrCGi0a2%(9a!avJ6C;Lr2Z^Khc8+1v5$qp&nCa0UfmMqdg|o08r@`0;(=
zJV3O(2%7E4F}iyBEV64&0VRrCbV;>3$f``<--{W>7S#4kkK2D+G_dZiF{AOZ%!kb1
zC{_KB-LZ$KTDpaT8Q)nRKqrK~;@8EerFs7cS5Z*-W`$v$i%=#8Q1Ty1-Y}vT!Rf^5
z;&SSY5A9439}PDK%2lQ>EH0;+KOwiTg?5B({hxHj+k=1q;JZCNMEN^Tov=7zJB7PE
zR6PI_P7vC}kAPd>S-Ly8oh8vJ*mn!T_YeH)aU81m+g0aWwSTwM%6v{KJ0QM6T7?a=
z{*GrG$|3v5LL!p%1JF0;EIQ%XJnRv${4lV-8~(ad!Q16)u<u*I<$b_!mIv>{IkF$c
zy4xb!T&+iZ>M#Q(ebQclT8_KIhw++G=Z@`6*vXu<8Jp!dKg;zwbCri!#u_|FI;5o+
z=5U>W3}sm?Ue3u`exd1$hN^S$KK*D1M=_Pcew1|V`>Be;oL#Nfwr5yAY{ECx&CKa_
z{FoO}D0rhhhi=@K=|OpV=o69Y{!U?@(0zc3odl!x9j^+}%9q5Z;tlsuQzaG-xN2u*
zoo>ta8rN%JX}UslczilA256Ab7<S1)NeP!sq);g(RWLd$efv=au|$be&2ied&i(*Y
zHpuTqM}4*oF8`*a9SSi@jpd|@G@MiSq4Nh|w!cz+*<&q^pW^{DLRd`9EDZLILm%*j
z;k?l#lmKj$=#wdLgp|m+&^ey@+S>#Vu#eX666v-1#APXvfC|5h8fPC2qClKZMmSPW
z(-}U+XwctK^yWp8mWSp1?v#5@t(;3&RG{t1tFXb>B$XTya~+@1$SrNalY+5k)nIjG
zhQpCuqIP{;Yrj~tN6V4^qkcQbIC&}j;+%VO+`pnMBt4xpu$Sn}z2KDg+qL9JE!3^k
z$$X#3Ke=9KFJcgmf>w||`CEjhw#vVCFPWGD?(;Yyf=xEPX~cHG{3>3R#OTlWS^{1$
z!&V&z8`cHuH9_Id*AAatf@g(xMcbd9=5e3DHvt0Qmy_=7-c;*ex9Mz0n?!4}j9?}W
zvYNuX&;MyXFOjU|!^Nqj!dod&busF@F~1sH(`#Uqe7gI*y1RY%TflR7IM_C6{C9h1
zyi?}BO^Rho-wTdo9}qLeT}VM!v}K58z!S#iNHo4J<5CE*YLVT$EV+a<wZDpUgF_-o
zai6~zKF6apam_n`*K|<$mx>QqqaOCW<`TtrFECJ=o(I#$VB6X!7bYD2FTzeFe)o^?
zT?AAbkBgP`#9S76o^9U@j*rcLxR~1gI4te|RIk{Lm0sP>yDs+>iIsdjV<xtD*H(tU
z^`?22GOq0M`}uiGSHIwjidfC<eVgz_`5*rpm)9e~GgBNnP22-Ea4t%+?dtmhyyd$D
zrsx>_Q5Z=M^9&3_5zKkz7HntwtF_ln=8lE=8C7`24>oP{hKzTrM(yXHvYHU-lD}Gj
zN({K^qo8q?k(eqSOA(u{SpW{UbH!JtY#F&{7IZf0G6GY$a|VLQryy>4$P)yfB70z4
z*)VT$0Jjo6-jCqmB+)4ETGRRQf=%(Y{in=c7ZMYJI-(*gt{Ss4;7Xa<T~Hs4Y1HUH
zUKDcTc0S6X?!Ie^Fwk^v)I_4S;>$+{e38Ton0u=1r%$0>3@5gn#QNOcFRg`;ktgtt
zle^>+AovvbA8KafvR)+bxY4TbA2R4+A<`UObM3Jt|L`ocs6kd)Gr$o42p^v-+<J0U
zfI|t+<7D;Hn!g|?eCidsbvL2Z)18kM@dPs|?Zx;8HmC37qt06kYm*p0Z`!!hftA9@
zNGJUii=s6Pxm`Kuv8Y9e68KM1U-ERiigaCUWvAa&HR|%7_URsuOt0h0r}!^hzJ*(h
zmtSN>X|wz4YCsZ@BKvL%k`XqgV-J5uqE(d-`FEe1SZm%m^8;!oYv&eEe7kjGb#&C6
zgAw(m_+!O@ow_KgXN`Y$dI`|MUr=c=H^%UNUxZd{KPfcuCbqNLu8XPOR4I()Nsk}N
z*0aHc58>AECS4EN9GOJx(&624Irw$sf&kn~M??1ZwD+7)`u3-I{ni7iXYk!OS9!oB
z5jR8fn3Z}9rN!}!=mB6hF_XRi5}ARWE8Fb8{1jeSaPMZ_+S68@bjwnR((y_RU21j?
z3h?5!ttDVAW+V?AbXT2|vi18lTM8Hq#;yPSBXdNCs8H;WnRRwY6>rkq$^CsX^63I7
zhy)9k{2H^!rNl|HDuh3G|MuynjL|l}{Fi|O0k}*RPju`Lj#{A=Sj+Rr4PT4|0V(?c
zvScRDemvq3TUd0Vg61SW7963>7gG`ia9-Pgr4Q5JKfG`fN!@66%M`>))$I+T;CbuF
zHzp?v`HSu9pak$}?1W3BLZ#6=f|MTmO!0cr6+p?lN3dMnOJV2uTA|%<p-M$WIqKXB
zEvd&gJ%3rW`4Z!tf^+_7<IHDK)V8wn;HIx*5!sD;VR)SEGYz9D$FCXRjH-QA6u}$K
z(R6vI#hpp82xAIveI{aBp?NeTWtf|vkCQG(3~Q)-Z9&iG9i|ZSktjy?mzK<*0=D5u
zQDlAzP<?1wL|*CHi~X&wEs@U(<k5rgGyjaxxls^WDgAJdxfU7Vr)mT$J^!RAs4XS(
z&5{HhCMO(g*Y}1PXO*WS%f|3IN$I5P(!Btbh&A%ni(j(Nqn2_`6@H!`9v%UJsNkGt
zoKf}<CPS}hftaA=`DyJzDGpJ)9kObi|8&@SvFo}4FZz>HUbxU_D$@hyvx~>+U9_Tp
z8d0|am9q7C>tUcIp7d6Bg%v<IJ3CiapH(fNcFEogGh?yA9O2^kAO1bN6Zd5qwEWn`
zPEb2bq1vr0WY-US*QI82OA*f~dma;9%0g#ZgIyWRKD-MYwA7iugYgV^)%MNS7I(*h
z%Irnv6D+8BnrFTee&QfXoRXy<Ri1=(e3MJI7aE56IDV#*12V{x41EaZQ;Yni^%k=(
z6NMj{8bYv)26T}Kq+*;SB~OauOp`54+)xvgHib_-A(4>16$gKh@%(?F$Mx%M62!Cm
z9QRovyn)A2H&ZTW<SiTj$Zn2rVra=xyEKOq0Rkq^Mg(kO{MrI+M|_E-P?LTA7S=$m
zdL^Yw_Hx2mK-><V684TAS)|B;E#Ox4U$1l3uGh;KGJCpqw#kk-JCwD#lrSdyjPFKu
z#*6cUv8Cg<_EI8>;NU%oeg`&9QyMBwp6$5g(`|`}5*))gug;j_KYmtTN{wB?OwcbD
z+FWZ(I}9AYfmiB79P$~DQZsRE>LG`4Gw2<l;!{=4Xo2%+Q4Ypt#SxW4=JpOGl$<oj
zqwmuD7*4a?Dp<ajr*H|W_2xErO}uj(AXH4b23B9PzqO0}jB7>j!)Y|K^<F?BI4hV~
zCsVM3V}=(p1-qN$K$mD59nV;$A-A@@j)RQNMZoJ5)wQ6T^2=XK8msqODJBzu483UC
zT%4ttXAVu;gkA!n7=|TG^vzvb^_nBp!H%vj{~lM4TK7*PjkuR!3PD#>-z;WBQ5twk
zw2-UQ8rq=Sg_-{u(_#&F>FdV-ff%<dMJlu6B@kOJh|e2qMXyh$d6t{6`WX1@ywmUG
zPmvDZJ3qg><0G<VInfv$@by)$SJ5(JO}N?|>=L9o?7eBORb9k=Fn82Bg;Tj$N&~s)
zc9lX6esk?3?6Fk(A_%`S{3*r3qs23byKbpLC_;Z15sD9wV?M;Kw-UH9&h!*VefR&l
z$aC1G?sw<6B-og~>E0R`l5reET>QiTXBEvFmF*SMX({M}&dK2^hW5$Kq{!U+F>mbZ
zCwi{o)}XtS)5Lc4%9qXTl57;%#D(qT_Hwct@NUU~_TG{&)_qG!S6&Aw9iRmzW;u#q
zv{FE>G%jf3X}PRS9J#2K+*$v=Em-^BKDJELxjJ%-V3`e2e#%=}w|Eeq)p<IbGk^Lt
z+D4TkP@OjUC8W%sTaRu~F*cF1Xk{l{jc(Kbv*K4`HJ9jmg<~7I6@#^_{0R#5LAWr-
z6TD;+{kY>LURU0#Eo6E<x@ZPoGJ9$P9$B4xZhBv_%4{rSc^7%Bz-vErKLxH7uvf%n
zz1N~srBd>am3K*eF)B~+=WG4^-?Wv03A@j(0>YG@{_0@3S8FO+-{nQnA$$jUd3BQ~
zMG@z=9<Ty|TZtG}cf$tCfrHoJC6%Tp<?xXIqToQSPC>k#WI=aD+XHn9Y;J)?D#tV9
zOkz{n2i5COgtZ8J;p(+(53UtQPkw8UX4lz(_EnnV0T+GMvVKo<G;&xw{aOwByL_RZ
z%##3|w?D1OTYx(440wX7wl8sLLOdTZ___8=%w7~>0DR8R&S5IHy=g0{+)^FHf8hR|
zZF5r#Fy9+8CG5E=Q$b_jHQ23~``yvevIS`EcrK4<(Or^C6<({_;9%QDm+_TP*uv{&
z42;DBLfy99HDnhtYsQd3YxaYm(u^Rm#y`at$5KZaPwJ*brOp6ERA6cO&Pb5_=$QgA
zSwXN{jJtWwBBl6aSIzUveGEGxJOGkGXZqREl2e27u@nyY*!kt3pRW4p{G(M&&9f^I
zvgKFV^U6Ey$V+7|ew=m^D$IH|rl!=q8bpz>+zP2rrY*C5h9+;OXpeTq0^mbUd(QUj
zWxX<>cLuP}CU{vT_v7M!DsY1Ak`pcngZi~$S%X=9C)@fK2<~>Bx+zRIw2aNK`2B{F
z*Oh-D`8Y*^y6??6DhbS!vQ;rLQsrdO#5fXjU~4Fd5ahy}0Kc*c4}OI`lB>&)*U+VC
z{Qd+krj*@eH0RI0_}66xwwYR7EWFz8*2Y_(^e^9q6-zB$Q$;q@<~0=)$ujk;KKH^a
zm{30B%08md>xGz~e@PAfqW7QT#gwJihx_5(%O+%UkL6&s{1tGDO2Q9H{7UECs>D}E
zo(cafFjNpLOH+*-=RdYN;Ss-oTjxA<v$8#`Bm_rXyeCJeVb@11f`^^F93EMS&Vbbi
zLsvJj*<3PHT>@~U%`2(f)=_`EqyfN_6yCnMC^e7!=ehRFL3W-{lKFN7>QwqkAOv?e
zy#X$nx7rb}n!8zYHIj{3ljfd%7Ewi>3~j5jm3wR7+FsS;{i{^!4{wAQ9X-ytgblah
zU)utzEeGzH5^^4-XS3^mL;y|kZxS}zH|KY@qq~Taxp+)9SHu<bV72wEu*h*P)z8^*
z<IL?B-ujZyOfqOLqB@QW3S|Ba%-o898^z7p5ih=Wfv6PR=hbky@BIsa>Ls4+nhPP@
zpKfAVIkis%SHaA6xxiM9=;GQOJyBrNG)8~2P*j+>U9d2`0GBG<rT6ro@kmU<_8{p*
zrO9Ha4b4oi!D0HFj8PBbyW4N0F$uNY*YTc*N@qivf^WFw_~zuU`X&Z<1Y0OsI}NK$
zcqX09zSuE2Jb&lNPyM6CN#A>YjJe+Hu92sDg|Bz+@y)~i!(!%5W@3=$E7cT(Uf8TO
z<_d4djGrF1IzL6)>tC%(JcG-x4s!fjl%FYv60r^Bthwl)fLaVC9jsjv1NX1|e{Rrl
zIQZSU^jPZ#-T6)!TyCap>G5&c*>VcyJhOpxn31|MOcw$(F$b}hq{v?qC51iX>Y@ge
znj|2q2&NmwG~1)j5=7hE9o}H6u3ylj*RBJvr)k8~?D_FXKl31m-E7h19c-^rv2q8C
z(Z=O_N0kytg*y4&e}qg~p(>V;0Y@~tZ*puoLw^0N(vA+cV0VOmFVa+r8hZXy8+ZGU
z@s7*U3;ULJqf($!5<giid~;JfTx^w><F$aN4$GIpe-S0kTdRbhUAv!oL}G;UNpaYh
z0CPt7H}+QM)*zb|YOgW|D?acfx;CUS;K4sU`*Gev`~1lI`0a?Y@6DLTqxr6PpvQM~
zcAR6`dD<6WtYWJrLl>?Tn*5ld96fvUiAOnnr$`h#%BT#O&IIQ1E1M({I+8uY`XZb#
z$K>uBlODpx>K<3uD%S@Cd>dwPx4IP>6?2+|Q40TXTy(7RRnYiIEQAuWdu#bJC7dUj
zM^h8n^6?oDWZ~q=<qC+UmhE}Q0I&GUc_c1`lLnk_YSjFc#$=^E6ef}&@V`*8<>S6Q
z8iR1s|2+gEf%)p-6n_|!{S_T*y~^}r=Z~UV#A(6*;sZ#;-u7}v?c2x!wZ2MC4zb>p
zghbJ+U^xdaxoSdt{kI^fAj0IZEt2W2+6Qq+#<Tai*I&G&JQ8IomSu1MD*rDgjp82X
zFc-q`rWf{G%cSt=CWt6<fFYDbzpjbw^&2#@F%1PBS2v2%(!*kW>Bm){zaeRI6=(&~
z2qtI3N`R4S*-hIelcOQc?rQKI5^Faud<uoz<1xM+si+b<hL|!(p4b#(6?lq(BP(Ag
z;)s0i&`fYdmsjEStM5Bx)2fH=WZ6z}Q_1KEs=sU34<H`34cBUsClg3t#_-0vn;&mu
zPLdI>t^iD-bHM|%QQNLYxXX8&IyQFT;t2G%tr%an`x)kEN3-X`=<UQL%>If&L|+(>
zINEqTsf=s*RdBQG=p+VyYUKYJa`)vX$5o0}IMH)7nN?Eh1;c-M+0wQT@8_LJWZ4I#
zkl&Tmg;?Q0VFxFY*FtZM(Ug2P%+Yfw%HQ;4%$BpGpVdOxE%S=n+w#$$JKIBfLgS1-
z>0mm}18*=32fozeV_jBMn<5Q~O^#x;Oxj8xPZaxK=J{6O)^dtE%`jx;nl#np%fDo6
zdb-Jp`w+a)Z@dXb`1Hn@6vILF-W~K_)ZpwO%C)7#aNeW9H<_?J(2#9&Fw?7*#iMX%
zWUOkaUwNw59GiZuW!6{eI5z@?!!Vn>PuCAALbsDEGC`R%P5O)%A7jWYgULgfhZ_Xs
zdCYTRA3ntmIBg6v<<DbiZ1}u=>6HnAR-NY?|MY-$)KpAe9keM`k5yJ(Px~X<rRPLF
z4@55qjj|H5im9#1luUWyE{^d%8j`Qvw=xZ_<M;hRRi3osJSFU`Tt7b+eBHc;Fq;mO
z)rx^XsouzjJEzR#{T9QnT<N5R+hk0qec*XyJ7+%0Wc*;Y@J$~-3!6QXZwYdFx$ING
z_sQ$BhE^TbBCM~jfz>yEQqCkaYgle1*~AxjYiU~(#Jf1JIPCgU(z$rTs1F6JZucH}
zT6ziOf&PHDu>#@z*~e5s`II<n@>KE+>DU0{dDRp=ew7FirG?E92H3`Yhe`Ze!i)8>
zzX{+DcqGr6F(CbnJq>YfIk^5+G*o6MD7pB@akBMrB^FPV5SQ*eB<UC8xphA52LRJd
z|DrS)#@kiL>6xZ}`T;5^0Tj226>ZMdr*?bx#mS}8;$Q+tA?;nwLnfaQ3<YylYJW#=
zqp}PKMYCw>By{!J6#hgK%Pvc{x^@4~^EnWz7$ooK97vWvT(LO)vzR4FGRsWEc2aj0
z<5hB*+xhc3h`}b!d2r>#pRaPiIcAW;*W*O^D)Nz?rCQQQaL?SVRkLPPM35k-R@+JS
zj%LrF`|rxHiW6#O9cj+F>yBz#wNX_)M;WQ0-*e&+pRutgTdN0uSK5wVf!4M_55Bqk
z%I(u{`m-AQE2-@_qoSK!f#+aZ(u{tn^uC?@PT$QC{(|^0$5b=@7PoW|-AVofTv(p~
zS{%2s<7{P>Z)zqb2F$dwva#`HWVI4xj-}OZpm-s&2#)U(V@!PBpj~I~5(3zV7XXw7
zaUmoXEm%OEDQ3E<n`$Jy>^U%GRJWp-W3D&QsMb-YidGHBTPAx)rQO|QQ@s5gN!jVQ
zJ=^or{ANw4l`haAIj9v3L;+M{QRn88cV)%m3hpR7`r?I?-P`!>;dcJDwsc^N`_gwR
z_pZsq?KXeU+a;IB+tdu-b0L1P<H_A-Hswz|TnG>|bv?xxdN<xRV~7$WUzlG1cwuQp
zH&U(GZ6ZTG`u^2iROyo<$QlPYnVeKR8l~qal>o!+EMwFz<-M9Z`+$(yj)drT7bbgQ
zvWNvWvks>?<sYb<NZ)KUFPq)>zgXeGOF)<(a5e)!R=OS+tE9%da)QW#k(=i`r8L8C
z8GPQG;*TBG|Bmus2Z`OBnOOR|FTNIX_ur!>{51-tDZsx}?AjPfvoDBQ`6Fjwor#0(
zr7KCrGTR5qVB$=|-0;ZN?8i#xAU}u_TP@L7%`iK*q{je+e<udoLrVkoZo9k*zA{|u
z;A(}1-uUfaUxI>^2eO-QVo#@rH-(>o16EsLmn&?!zUmVb|LZxd0W%574u%!lHPNx<
zQ8in;1EG3esjnaSX#;L^ZIWz8dZ&gvlQthmeu-}m_XnHP#in-Q70>0pG9pa$t+IGS
zu6GiC2e4E+{vMD;cHAEjyyZyq-k)7FBEURF3V~aFQg9ONtfv3#K^u)n(#~+-G*%G$
zJ1=**)mAeJAQ^Doq$C@r&VHhSFI%Hz{_Byu8gIPUGU;PCUDfXj{n$GBN5?!^6O!I_
z9#i6NjkWnC%rA?&@QK}A<x0EsZTN5dcw!EW(Fcb={LUWy)x7U_GmxTdJ~=&$uR+mp
zeK51S0wKX)vVp9$#sb=dLiW{C%GiLD%vzv-Dg)Wj$BE??P`KwEWUV_NHk_(+f(P`v
zO7siUy5hi_9ics%*qAmq5tomhDb105%Aw5@xcWOx*-y}MvtDxEpV}bjy$LCLhh;uL
zK-l5aI0x}${2Am|RnU9i=e&!%kY6%FF7~nSu}%kKdwAdtJ$X}KBJ4jPvUy#(;cWNG
z<{rXclNDMhzzou}LC2Oejq`ML!!S!{$_#~1{&pnlzpyoI{N75$RpqKeI7IMr>I)>H
zG*CIiJW~btGc;W(^0I4taP)-80DaqX<KpIw4UFKLcY3rV(1?3Qp%Y@$Qg<wFA1zI0
zE`6Um=imM63_c?a8gRWAS-9Q4GzdIHfv)3Ew=Xw=vy$Rc9c=+Q@EHS*#5!n0HMpPm
zDpT)2GT<7L>D`?G#uYMEy=(C~Q7to4r_aE8@u@K#e;fCw(KGJ2VGf9qQR(70&qXri
zo-Slzp0p$I37*4KP#b%)2DO<Uh861#@qb~BT9{zqbmLCNH+VgP6ZcC0n`0XPHTpig
z<zRNM#_K~2IFLw#@fLG?qj$&Xnd?S3vG&|41MrZt0T>>Nd~=z!(<3R6Z2d$7>J`;;
zlOb_5t@U<2d<XJFOp`O=m2?H{tg@oJnZsZtvr0)b1{@7rcILmHd_xVL1pj)j=?lNo
z?Ef7cecqga3V(3v!cbs~9}U-z@b<h0sd`S|XlAGZpFL4H{Z7o%X%s1B<BebjxxLCQ
zEZCou3P$6{<B0mtnxSfj)5%c}$kX8t@N1onIjeIeZn=^t>}Dwy%^a3g-GJZ7(`!4l
zpq6`6Kk;g1_d6J0!SE{$Gsnx9pi;Y%iN1>7QYt`jMDwa?{4kH;m}z4KK$>7aqbd5&
z(3%@zc*6w^M?0chhx3pP$au7pha5ZnwHOmLqSs-wAf!cI<Wzqc5_g*Uo{gnAlMJHY
zYvW)DezYaFSBA0;@+qg0uuhbjOeYhAXMG*Ze#H9-nBQ%PSsS*j%!eMs7mGZ5Z1O00
za0Jr;hm{KR5%F@aTJKWd#MPa!1HF$}9&i^9=CZ3)w#*X@W###xriq0WzoS&Vk1Ag}
zxXb8+h89UcE1|NpRmldE;B>u;4p$XPO8+EAvP}M{JcUI%m0&gl?cR>FQUok1)S0<j
zXDrm!|L&ga8u+3!pjb4YA~MZ+<8P7F%cdqMIyI@}0p%=b=_zdg-F;tFjZww$6O=t=
zr#B&!c0tQ)#1>u1S>l~)!(Nn&5T@{V%C0W2q(^?tuKfhC@I_kKyAJAp%G!!Ac}R0{
z<QBZT9dl2Nko?y?GgD9{{i6;+5f~$3(8<exx9O_)fC)dU8jDfwBw(jH54afSHhCf$
z$_n8>Q~Ns7bN+n&n`JQ%F!>v#2kYB;L!xY+MQ66wPBC^9^$RgUc~1J><^fIx{xZV@
zM~OvVip`~u{_F0VQT;pgiPASb<x)p_5+dJ=D<lz*5U6)kpNGJ6(9v4w(_lMi{T_~i
zlBOikhT>j4@nGifKyeVyV)P)c`M|V?^5j1h?AA^Co9WRwGW9eUuZkD^TUnDc`%~R@
zTz&3c!XOf+$*`2Q1$;qFs?=P(z?fwj`Q_=n^~R5zVTS141}W-IYSy?X=;oVk;WdNQ
z&DGFZP9baIxdO91$9B(b8la|qKb=E#;ox|TT&08B+T^%lyxdLi*jlL3YvpxT?}$$K
zSpRlIcR#TA6H5%%X}HfoKLBxByWehkb9lJPCXoMj$V3SDu&iviy?%W}hyKUU#`=Ti
z8AAc@?|K>;+TniId3@5?Pgnz!(QmIGXuH_(i5_oFFm}30K)w)S4;@v}tm7G4l1EnR
zd?U;}V&4Z6;*5-pwy~Io5kxSzCRgtd)<7Xf!D193^<7$;zP43EzwSxziSrhz2K1A7
z7A8<s^wSt0X-{n9`>&vGJ{y(sSWc330+>_37LZ$^nX`mw+e(Uy(!+xM_Lpi@<R=LN
zI{Nqxwg3rf5v&N*>Gvj#6d8%W&xNNqS4q&2^xW$sqfaEq@Qa9Q4HEfjg`Z3+3TxH7
zz{EAR*|>uWT?4@qDLlgX)DD+bR%QLFry{nxx{WqUv>bd0HaxNFQ*E$dhgAQ0XY<CT
z@$5)#9qrL+y!OxVvvg1To;xl31P+KkubUr`1sHbm;Rg^^ShsJMMgMkX_GTX<iMtKx
z2LgdXsfUN2Y|;T^<aNk~k62zkWZtVk|18{Ua<|fLw>Jbtl=pozPZ4F>^0e5b%<7v-
z+@0a0DZzsES;v*?^}K*A5LWpB&TrG*8sQ}UQ&T>QYM!5q+$o<{@oua>uWmX<0qY`l
zrcN|EBZunfRia}C9A2b0A`W!R9`nH8%WaM%Uw}q6UQ{oT&uH0W38Cf1U<N%akAmqw
z3F;kG3x&GG_+D;{TH&Iqhke~VeY-9%jq%!>u0@SMnXU<gv>%TG9(R<wbB#BC6ThjJ
zs`mG?O&8+UsAYIS60&}47ze*`>p*pf@WYFi{Ej9;z!Qp5^h+-)9wBqK`iKq<$w%y#
z+NEg@PYX02m+_R^<%af(uT6Cy4Qyx|WzT%cAT)U&A^S1?(o!_Wy{S11LG1V&w~?CM
zcYkYrL=yTnd1hKi6S+rd9(SWLB~Jv*C;6KG?%K<zj+1DbqeVWkY|Kos^Kwa<P0_nF
z`3%|VlzKNhP5kXy!<FgX1e!bsuc}x(C1M6Vs_<kAJLm_MqR<U#n8OJRZN6W>sEmzI
zyLsT~`aI}8%bU3^9(P?4)ib$0&HA>RQLtvTA-K$Jvr_#r(k9;bBux;;&j+fNpnn?Y
zCM5IT*>;Z%^yPzZn26kT<pS?Mr|7R`4J+<&D!=bjmTdXV<o?*PV_v7aOCCGSTZi;J
z(GD)iE4)_UPKY<*6dPk-A-y~M=4vAm+se!kkk70lD^;tyQLi2766>?vMe2I%qlwt~
z>!`qIHLNAkA$h(kMXOO}mo6q!;Z_z*KIZTDMw&L2`0v!o#|Ijt2KE+*9mBBOFi%i=
zWy&QjG?)fBNMZjf<ud4LPr;qeQH;gf4x+D|AybN$pBteij39BZ%Mr5_@xT7YipN#Z
zX|yW5?`g!hD;aQZV9Qktc(O9}&?m21*M5)J`I<iDW(ArLqF&$OdjjuvN)L{y2T-z|
z_WTsR>ALJ&Zw9<md^P%nu$JaV`by6)qBwqLP!&q<wfIc++vBG;egf4!jwiN#xNb7b
za2M{!mKPz1P?K%&$w||Ex#vAy9^w<#0GwU~9wXc9$J<-zZF2jHkH`bBnS;{H#ePM-
zK0G+m_w7DmQR$3~%!VaTrqvp9F9-Q8JCuUb&tF01rS|-H5}^wmp#7V_`N6^?RH)QB
zlAWh*+8yl%wBbur-Dh+Ll`qZB>d0Q!sa+4T3CT7uYm@EO8G7i;WO$~GnV+rQdp47t
zGm`mg%4Qe*c@9iNn1T5MJyuZxp;E{b0>iz=0QL=T_Di#}`8HA3bi#*~!DY20q`l;=
zn~ipyl>OsB(NADy({C$nN1hfLkbr53BTMRo_O(qDl_Jfvl`P9!iK!kbuHo>WKj4=e
z>s>x&uM@>DSbcsfkS9)mtL~4}>JZ|8t+9TYYsZ#(@Hg$X<Owd`WFw;cThZF5DKMr^
zgB9L<I?`575S=IfORN4kLOCtvs0sDl%jrymKm23^E{%it=L=TBw+=EUzX%mC(b;+w
z+oW1_#a5=|=B0rGs{yMJ><ug=5P5K^>ZxC}lufjv&%5qvXv#p+Nh7*f&61}D(RaI2
zbm2B>`SHH8`SS(SrxRx9=JQBba+YQDtn*Dx<p@9dTK$L2wZoD6QRtZG`M6o%I^Zkp
z@SfTJCc%S<72{t;uI0r<WD)DI9q*%rWQ(^1>~uhLBktChNaHHIQK!$HH5#j?vXX#{
zr6;t+V2v9vK+7k~Sq#ZqMGAptlF~c;KkE)olK*T1(Hq=S>LND}k$Yi7H9txbXXN}u
zso^bE{mK{SL(V_^yligMi`z#UY?_~cx$nZgFi5R75OykEd)r_#?)t{Vhy&R#y7wJs
z5KQFCx#c@<(5weVj9{4?`eORQl8jPox)b%ylM2Q0C-ZKPZ#w3<wtv8OZx9cew5FN#
zi)mf$$JHH@Exbp{4FTd__U_vk9Q=*%Bddq9;=2m|q6A_IoFLTw?g_C!h0bP#WrbNz
z=YxG}^-ig#eFz}l_mhryeif{b5e?!T<#UPC{eM^>A?9z2c1=48@!xC&umk;2p4Ns9
z*-|RIe-c;ZG77c_wH-Y_Lz~bG<LjGKF9y4i=vTnuluYl=Ai&R;VjK!`^6ktsu37K4
z3gBO2SGgHUJq#@|zOJo!k7$h>uU8C^J}qlnCi4N2D!4;_J$64>m*iZ2C4K1+ljr=n
z8_w7oV*1jQ^veGumTe~4ks(Iheef5OPbOoDXp-PRQOG^sND)?u1Xqvsh7Ul7g@vh^
z|3}3}hK%wC{aXI%>GFv$mS=n^XeNtiTj?MT`xYWi+Tph==b3mFXIQ?%imYy}LR7_V
zX048lIm$7ZroFKyb`{xhK=hmxCzMS&G+!DkLbPu)8?<U%XYv~L7%MBGyL+1x*@Do}
z>TIgrJD;}VG84#-1FF66PhgJP+sn}J5wHQPCdC<dIj1H`Afv+~*!N(AqX!Iy{CIFO
zk6(5;sg<e@JoXU`5*p%jGQ2jG(||2d{7cxgs`p^=t-_BD+I)l1TRA|GU53cr$O=kc
zx#5SNk~wp~VRrP-Jzzv`+7I}BMw3Lq6hlkP*dK?)PL*-R0<j<TjUSzFwVzN2D`v4_
zulgw}Z%maBfib#?EzV!wO<=fgH6I9rRaGgkAnMBrSK3CkLkf9%wGS#(#faf?FB$&j
zCPegwIgez7%EsyChEF53YRFQ4P;JAlum8LNMz2yXR0?XcWCI#~ZP62(J&2lRN)mk8
z_s{Iw)F7EhC%p$$SsG)U5R_%ZE9z}PI50?@QAhbR^~&h<vM{AWuW9_$v|r=NqD22x
z<qbqnLb-8PaZI);ug`if7zkIdH$Oaehx#7Yms?JVf40`+g&8@PR283$*(EA&gqv{k
zvVDu|_f7}AJNbTP)Wd62){^aBwPa;&QqW~6a?4i}exwW4qX~^aUrmYBO=qOiA^DlN
z{NPrFrCt%%`(D?-a-*1wW~VAcU(eLTRDy7T;$3YTp!2Oy^ppiu@XT%*JV^WH(o}80
zuB#Z`YVe|t)k_cBTaSt!1ze~)e1!H^*;WNM%X{h<Qt5H`1k!g-+VryB|C;>Nr3@iS
ziua2*e-LRe#$nrtO*e^_phW?w6cUM%@XSdct9C>EzCTU{h_me&PFBBqc9uXM6f6Qz
zaG8amQyM_m6vm2!#+3)(^3Dm%7CiMMnq;lD6NXd{b_rrEYwuW9p}pha!k$d73t(x>
z&_}3Eo7C_}C}y5sC4#}A4#BYF5SGl3cD}kuibxvvNpKcmFT7bEDo3;rp9hsn#d1JM
zhEyQ4amk>GulThWz^HPVA#LITTvIC1XPyZKdru?s=!Js4Y!3sF4LmnK%7op-)Cqw4
z(0_A_WR}~jV{ceAe>{O=L-YwA-p(Ds(GNYoyabXH7fS5<@53D~G-InGV=jO@T#yWq
zZAZJDcm-lZ7OFQd1|cD=LBwnn^3f=;w5mY$dUeKm_u$J9NH|4<cEj}B2Kg#arK0lg
z^xL9>f7cwrD%<}u$kz!#M?a*HisRsT*R5G(mX8HBppm}<k-b%E2n`o$qpe&iMevob
zDm}y<z*Wb=Zt+sp6%$~$Dn!f>@)B4fEi2KNh60GL?o&^Kl@bE$P!J(MPUh;iw>@_9
z#+(c)9`|B(lH}qSp!lZJ3=lhTz%_{P0;sdyqHhM3qb)|XG}M<$;XQRmN;$guqhKbN
z21~PO2309!!2w(-B6b%F^L2*y6{BEs@sUmK&Ij;|0OU0V1R8Hv{T#VpCwbOX4y~fc
zyVk`4R%&<7TzQtJByjXGlC{<#p1(tzucF{1M89qtoM+q+$qvcbN5c6gKH5|vtSU5q
zpv9>~7_nah7tjz{j+PouM*;jkpa8b<{e!0{Ki&nmad0xu=`Ta5r@b)>Ai1`EO_4gY
z*Ob55fH;HbNCK<YDSA7NUI5UnFs*e6_RMcq5Rw5ajoA*fQiRbl5{|#|w?hg~UMdJr
zk_byu7yZah0$ORvWT|1T5`@(r{Iy0EV#65;*X4exX#dDvh_KR!WRR&yxGPEEx6gk@
z!S(_)%CCX(W-2XgnF)m50qTwUB!0!u8nj=1I~;cM=^A`m@{^T+sUVh!j&j3){>~$_
zbfLZI@h>ic1`H6Az+|cmAeJ?RBz1=s1t_VC+$cb7)La0MRZBawYbU_ulRj@D8MLHf
zQn6N$S;@@>WoWn$-$B3oQq<}9|4A$e67=J2FT?XzwN4z2SeuF_P3H>g(FtGl1mT1P
zVq5E0h56U4%z?GyrI1S>q0A8dc&XUIDk-EZ+EMjTu$<J~kA!+me(yQ_-lI|LWdFtU
z1N73eU23=o1y~#7K>-?a%A*c0f%X!Io6#4*YP1zh(0ku^ZW46<iV%H|jw#OxiuR0@
z(w)J{H<wYcgZ%1zSjOM!F6grTQI~F<MwrxajFjUFG9!xoT74%pecS&4?(+fK8=(vJ
z+{s4)gdmXFp|jD%2{1Le3{+6B4zXeN+-+aXbWBudAO0f>3k5*CbDFdWMBlHY`UF1V
zIFlM)|G~6gK~1bAdBS1zAq_VBp2ogu%Sw}MiP5e}!3zi__RvTYw=qkU{Rq{Y-iKqO
zTi_ma(V#jZMZ&4v%%SP@rHat>eiSSYFRfZ?xQb?ouM`DnO#KKgZK>3S5^o$J;X{Z`
zb)Ijhpa67WKr6%X<pr=Ihtt9T<<UyHRCU%}e$ou|h>Ikd`J{30oPRcA(rs&Vz<~{z
zvhlx%rWQ>h`s}cwOvT;&cj9TXrDco4hYtEjwj~Z#kqm~g&Z_skJ)vj|wp2r*1`#Ah
z)pKC<`FmR#ZvW|LQwgr@3(8S{0|<$@`Xx}6u!o{y@eObhoNf@x2pN1VZitksp0+Io
z#mDW<(AiojHnGZknL>$ixY)JvIn*v4xJch}iK+<1M$^PhrT8q7%5PudnaRbS{+DCl
z>{9NgaB5hU$m(2&+a4njUrz5>KHyM}B>I_ux2dfmu@kMbYlW>Y7DBJC?V6a<bccdX
z=Gq!;p}F0oJdLt4^h(Q!vY1e8Gv+JX{jj^1N2QUtsjCgLYR-hs^|(8?J1-rVBGFJK
ziGT6Ltnw>O%*=x&rvg9Tf%YY?KWHt0ZwJ*<n0@!s-!>Q(&s2!pzESSok|b-jpk0FY
zpsGp)DpPmt6U)V0%Jo|Zsmd>7b}znbT{s;iR_J5?ZV{jM)e4yMp=h8vTtx8#j~wJq
ze25sMK7AnJnG_8p1~LvDR{Ss&q0C*8CCm|=HEcY_7V1hf!(>6;RLFN?4k%B(iF=dw
zj5|qiLyt-0xJs(J<MI34(|g)g*Bf2|s*`7s{Ja=2((C8RTv9kOEv+vIBkoyhg{#8}
z;pV^MM2V2YFjzg^Qlx_6mIADO2??&We^|%<C}GqAk$wtrwr%a)Izr}a24QV3pd?(5
z<}wc=dX*)_GGloQnBJIpyeTN?(-?RgG<YGYU+&=)FVWG89zyT(r^@WrLlWSxWtULU
z;L@CA;UhsW{L+_d6@3oiteS7_DK9=L8Gq~iorq+X)<lDY!4ZQ6sH`77JHS;3Ej<bg
zsHsCrDqTU<3aDrBD$(J1`=Gq+wjp@at}3vq?cdSguSRB<&2WA*w$wh+#$&ce32|}+
z2?{o?ffQ_k4Gg(?jBl*1Pm?=iHGr_Fp5+IZ5Bi-D(@oZQ9XM#>|BH`@c#>WM7ZY|I
zA*Ls6dl4u<`pYRF%><k)`^bvhD&tArhl|eVkA~-3zNO&o<mf+wZUoi-G13V2K6tnk
z$0gon8KtSdlXa#u{k4WzSJ9LMa;BhM(Z4KME6(F6C0UEQ>o<+iBAw&h#s8ZnlZLi(
z%vz`O#(^h6N9|loZ%X%@fU!{grlYT(#2xp$DbN3Zf`tE@;B?A;aj$_PHMXM)F^MNy
zuM919+-3z;x(p}!V^kQW#6?U_D2V;v@O~bnbEv}Z6;P$Qat5l>UP`7Xq3m>51eT;+
zm~q`tF`;Oh`{y8k0|5^`rD{R9t6hG=CtJ4j0P+Ggj<3VstDK5|?){t?u3$LPo}SRA
z0BQ<jGq(YZxVt9)b@(iN3G4!%TboYwUje_T0Y=GN5ZPiT>moBJj3qdd_Y&+SZUlAz
zQw+iXQ_QEnY1QIk<vT#!vEE$JW6+|tp5r#2MK)#SP5QtO+CLwN?KC8SiH#ko%av(x
zxbDxUj@s+Al+r*yo*Cjw^D5yGJTAC^o^*TA$H#jgU9<fx+k02Zcz44UoikrAo_x*=
zU?uH3rHcm;2k77K^d`fuuE-2`zU11J7x>{-FJ$5oeb(QBL;*(Y4v>BtY`}x^)4f_$
zsUM@WfzIV0F0SIwS&b)xY~x?zgS=km;MxCAH!1(qjZ+~)`Js{3`G1PBrrty96*K!>
z7|3W&rj^79b(Vv|ORrz(-C(8D25k(Q&VVJqqUzVw=LrJxO=I7+G5Zs?TaH662o=O3
z4f3A})7yICZBMvM%KA3ejLxPlB4~aj^HolWzICgGU(;fe9(g|Du&EX-kVvRoriU8z
z;goD(l0sR(v8bD@>aPn&5+>)I%Rbzzi=y^(??RHGT}^@sp}gy_|D>s(y`t8{qRtMQ
zCEjVXHtTz=_iC}_l|LwL3s+H2dp>lvyLkujn}^l+d92V-xBqS|6C%1EUpZN;ZcK+`
zUdHfTowWe=E{u;Pt^F4{JJV(jiy7=;S;AzQxbDu^f!3~qLL#VvsPEf)D6wl(g-xyI
z7TP}$BUU4W;iXOUr|YM(#vp}w!K>G+;4XIR!THB}hn>l&P8!|b4A#odl&U8@M~NRa
zZyGF&V!HdEhChQ!9i`naR&ky9`BVBR?mSY$jo*7{I^R~$j-IIo!;(MfPy?+qd#mBl
zBGwUe>U_Yr)<^#Y!2XYp&EN&M_`{FjIn{Ti?!W%PX&_ue@1(IPawP@KC8^FXr)|rJ
zgLIx299%lcY)cPD+9pfN2#f3cFkZQ`|33JuF~V`~dHmOqBkxw%o*{S(U8#3B9}Fq;
zv1=Hh-psB1Yc)aa678=dX*BX@(x8vbQIvrrPXasS-@E?bbqBvbka*cw)s=k6)6FUY
z6`H8+vTgVp#Rma4RA=7#nEbnb1ze?g@z#%-Ea&TnUe9+lAsHu-XKkU-JN4B^9k>la
z-#<`2bEnz#WZ^d+?!R+b`iQ`jBjUEtZ6-l6@A9-&Gv)}>bsYW+B@=>Zsmgz-$p_q2
z?n@Emqsl>*Uq02`1rgk6R@C>2F&k{Vvp2oro^|;7LedkGF+0uM8!T1L-+)eg*o^(x
zY~fQ|1P>cv(jXoM!}1sxs+w7-vZwMO#wmHag@rkBj0H2x3wM0vV0V5MpvhzLuI!Nw
z_<`pm+abDn!B}DTT|<BY$r;F9HX6rXR=@HnL|PTu6mbI2eDKr4%qT)Pc|84eP2sF{
zdW{s*Yhb~4Wf3b4gDs@M{=wx*T(Wf=+X}Ro{Tg(K#U%$KFZ?SzQT9?o9ZwFK9Tmb~
zUIF7P&)lSaGzCKR9#X$=zhfRU=13~l^EAGz8wW!IDM4AW9GiyR2Xz&5lC9jVeRYeu
zzF0_^dd7tX)fplsXnGQ6lg}bJxFeAj&tvb$TGuw{fc6?#X)pyA%t*T2dQ>D%*^9X2
z&zI0DjUO^MG5=AL@-~7f9}Ohfm-hE6pp#sqoE?0m?sh{P<*ffuJ&kUaj`9h-TjJzK
zierzJfsdfQ@v}z5=iCY(irUH`nT%s$w3A+<0QfJg?7q8-sT*E?Tr{wcX$XV)%(OTs
z^^Sn*15-U`AMbYtL+iLKOe+A!ckw_7BMdA3AkC_QpyR(L*-G*3_`a9W#JgNgGY$Qf
z!d=3r|L95|FF}I;H#Y1+Luwyt>-)lBp7PHp07Mcjr;8%MH<Ts8-xs<A7^PoU&z6tg
zriX`&adUgvm{y!_s=Cb7UF$N5m3HlF)6vaR>mlG5%<}xf_-p$mpzw||qSMsugE;LV
zNd9F#==Ln4rY}TFWneKe9TF1W!Qq#xYFy~RrdO%lz@YM!)RZR`i~HrJqYkzE@}`7&
z-aMT@{%s#GF{a?`e7Po+8NGA*XQ4dk5UCWh4F_D91(q{$>?qsg`SU{lr1XxIJy-ql
zD&_e#aGs%ognZi28Y<IJvUVoY_|WtJQT5efQGHL`7NCGq(%k|}H_{=}B6&%HW$7-7
z1tp}rTUuZN*`-suTNb24x+Ip4cfY^){pWq2{d4a*6L;>Jne&+$9BcTO$>+FWi6uvy
zT%C%KAFH(`COdUuQB;mgpPH^iwuU{IuUC0rrD3dWe<iCVH=CO0c7jzq7>MGKYAxn<
zO?nVLp{Fa4-canU`&fYRw1EGti?xk`-lL6)_k~p>f7A%>3n8>wNQQuGyP!I0E`|gJ
z9Eni_!Snj1M@rqE%E&aN4Bu^(5lOkwfYaMwn16rHpb32EyI)$8>wjI^M>C~~Blz!Q
z+Z0s8N?_kwiUqtgZLW~gQuJ;ha6aJjj@u~+#1P}dy_H5;Msbsr**2E{+j>Xer-(L1
z+r3ll71;&g6~E!Z%E%mV>TOQR?`r)0jq#PRLACou1)x<{eXxf}s!W2#trbo3Fyl~E
zrh%L|7Ydcy5>QvHb){pIF49HAn7we&{9~wY&9@h~+Gzj0!Ys98!osHP8U)=h-qS0!
z5&ii3ySStJy3RxM9YlwfgjR2U!tX)!gXX-AJt<5(vhWBJkrd_7coNw!t8U7f@BM))
zv`tmHV@;2yof}Gmj%dmxhg{WJEbMk3qv-*m<h<v8{RFFxSflrFa4I%vS5_NBmDZMN
zO$O=QmoD31q2uGoI-;#Hb-TCG2Qd-dD&f2YJS;fPKYtn{a@q_UX95+#wRKZg1gHB=
zyNHIWF@v>_xe9ptx#+CD{|n_gli#GfO&?YO(~ip0UBvCNolderWyOzIAZC?2Eh&Ng
z=c{BCiVHC`hDDE~4-#r+bQ`1se<@ql4>>BNM3t}_F@tyRXYV~Rwu!n%J+{yxV-e0&
zH##dbZq-Qr+X{V(lkOmPZ$QIG(a4ZV)0#T`qMS!P<?nO=!jp@8c6=ykO?e>Vj!m@E
zXh&zy*p}))&rW)7v{GMAcl^oI=SnKye^!kJ@NP@aH3<V{Df{1PUR_-#;>qTExP+bo
zK2k;g=uWO%l@@w#Q-aFx-2~Kv@29ghr%~M-Q-jLHslAbqX(?3Vbb<*sN6QFHy#{)H
z#=(Z{Mff++$`?}8sHA$sgg3xRy%i3;tm*DTRO0w=-5D@6Zgq!y4I6q}K2~;wU@y{v
z<`yj!f_IoRi<KXZOWY<pOJul{`{<C~r$g_*JfKR#egr6!h|#@dxtE?(PmawIwB7P@
zihf+002_<CB4`VPNk=RM<xNr0?M_VQRJt2Ew9Zq=%=w=$zfw!#KmkU(2-qJRC^~jU
zvs1Q*_$_5ZTISzx{9?Rf=QXTB<Md#U(sq(!H+OT5-x?YsiV>NQ7ZN}T_Z;}%!#;qG
zaH)Qj633kS?HU&c;kHf?Jx37rsy_mvAko}2OIIF`4s*9qz<(}PsQSdTYQWFW#+<F~
znu7v5T<%Z(6w6+Zyvr03m{U~OuCz$&uSCh+7-+1IdkUDYBR#j#e7w*j27b2crxz~v
zE=W_`I87&RXhG8}FW)$Pg;j}*G65|(*Z;jR+PTRIMF%@B9>#C(6iU`f%f@6QPR1`3
z{#uK^3dXi3`_R3ouAs6vbFHR`0&_Sjo}v)8=+`#zadF`og#(W12l*6CB_-Ix%$9NT
z)dsW^WL$f`70NpF42opHfTrC2-9<>l48;B}>07V?Ch2%^p6i&B&d>EXORN{{Yz2ns
z$q9GMvr^JXy*6<spf@c}W}3<<a~qK+<pOqah!(U6T2ijPCtHzym|8m00lqu~_w3nW
zxMRMAQnA|sdl#Y1kt1B&2+s^yFNNLJ(qN{B<?b?V-P~ta+*VzVAE>tu%t}YC`FHXN
z;=y-0P;-6wy%f?)5ZMByK)%Z*CZQpLD^L7nRpG;Yef<IuOZ_>QA}4ttvf7VrnBl8|
zK0>JO6b9=~#9dlaB9VMCS^<lz;6yFptF7-E)InYCZo)Ak8Ogw?OVV@9l&eg+KU0Qn
zyRN0OKJUPxNauI-7p4DMs#)*(%|-391dD!UW>Hr1dCi=bd91|wERiowjbyo*a)1Dp
zMNiBp%z#;8B&%wFtX5iLQezBgs;bM#TR&zFX@^zkCk*tXisnpg4DtjLc|B`Feir!g
zz8z8PkNBaoPWe-$&A9#}TVUm2!SoA@U<W3$xi_iq`=&46;Z=9LV@Z3LvBPNs^v{68
zf@M7QW}S5_zV#z1*7QF_n`tjaPH+0M{w8fK9bMNy_v|RKjXK$F;fvQaSc$FSNgo+n
zKER^g{A&4|?Ld#e8+N7*jj8J!t?&CgD=)vDYi85uWNF}P_Nyu?w#UzJmpKJ1ECR&g
zTDi84Pb*$_`C-Cg&v%{;?kBaO_*^Dz$>R#w>A*Fm0)0zsTyX!wRW=2V>fweapa27I
zP7M?w*`8JT%!_ko%WQxG$7kWquNl^Lf#dS}-x>phv+f&gO}s1g>kB~M$f{~J8W*9G
z(8|8C#MQQRnjP?dT9x;!Yu|8=HnyU9fXV6@*0KrUkGS2)kz#jHq1=wGnbG%kBbXOG
zAC&ARH>^!%v|MKrI`}d8+b4%=Y!sYOZT*D6(l6`kw<X3Jp4Vd~KRbSMLfYJ^%gVeN
z+13;GsXjexKRNQYdTPGal8>>MIwx|uwWK#qlVk6F@%Y3wKfX{X6ICDhc(X>DdwG3_
zw%`xBmNYGrDtpWuN>9bMo>;5h4N1w*Mf<?>*O3~t)G4svcu0=0MqkhM;0`>iX#y`!
zPR>6IA7ucc8;ijo(xO_Ut!Nm9LFslJq!2Rb%7;cp48Kp`=gk+q<UaAGyy~INN+c0M
zY;8RI=9AKhPh}mCthD;(HkhJ6XAH7V@No|$IW3e>w7gsB)8paa)%+8~9O}t`;sU=u
zZe2&%_$kWyjUOq|hg?RjcJ|fpfe%7MM0blS$?)?uc9-446~NJET9p*7%hnw9IHj{k
z(DV8ks}U3m$i&k{1NbIS#Nf_;_NpTbL9nxioC|QT<KL3RBM*4U?wEkoF;VkRt}Xii
z!9{!Vatp4ORbc@~2VM2BbYl}Ku>s+fK2rlgO5qKuG370n24uTt^hW#0qE`HL3&o_u
z`t>x^A?5xXr$^N=UFF8{)Q!*dRmoLyvIhbEuu1Ak*H+f?UN&%L;uuv$#rtk<;@l^}
z)pKbE59Q-6B<N;wbrzML;MqH)A*!begGD)kDN3$w{K9aK)A4gr{zHVh(lzYIykjwp
zlGw+<<|)T|m{SF<sh`QTdromy`|(lh&#se<yXjkLW|bT6!kof*T{@hNJJEl0xgHE~
z=TOvdEk2ElQf}z+&^(<A3OK$74tp=q$*vLVajWT+nM4e%+unKxoGV_yKxt~QD&wW#
z!Gm@{@l`3U8Yfu5SCqRlX2|<W-QOR&u2;2?F}pqBJ%n^5-3XXMJlS$UV^)JjN5N@S
zleRUFn(AK)2b_YvO<48f?@^(ND!?`(OvDsw)<F)lI-e^t@wne|TFPe@>#*Z5w^}Zt
zfu6MuaV-=t{Xa--?caHe$@9ynrS0$2k^Gq@nnzWGBB|C|=I@qEjxhqJdbScT*Do)t
zxEb5Vt*T!hk1(`B6Aid;e)ZMs_ogCh-a4DK?gYrhs*j@a7e0cc>KVDqm406;KRw!_
zyx|S~i3o_5#u)xk{5nwNi=G^^VC)58daKcuh|b0GO<w~?;?C$mN@Z|w-~?e%0zEaT
zyf74Fl@zTs$d8H|z$UH^S3OJB^k2i`@Vn440)E{oINe)2ooc&m^jVom)`Jy@eu5z`
z7xeAJ7@>&+y)9l@d~)_nZ#OzmJ+a`G_B=b@#8yiD95$=S6>gRfP!Xl_qhZd8+ajeG
zBj2;Qs0LgikJtZ)zsU9WK1@qK8fx(>m0oB>Lolx1()c^gi3*|76@BRsCYs#2O~2QJ
zxUs(ymJEamInjJaqcI3+*W_*0kgf1fJv&BHZHa`rS)`X=jcB4YcB>T_Cuuavb5D;q
zo^I)={pj=(3vhR}rARv{yz(zil*D*-p)b40==!H#aZ@-M?49w>f|)lV7*-{5ai*1f
zw@>=5ZR~n+4^d-ckRyZ-Sz$NhH#|q5_yhKr{Z50ldM~C$1f)=>#Hkmkzo~uh{-#do
zpREDc{8@`-jc0He?i%>YlJK}$N@7Rx1(PM;aN)+uP>(lrAJOtV<pjQw&fGLOW#|@M
z^^>5$LvHLH)t2et>eel{*IlxqN=%LMlDPWsk!XvEIYzi%5q083&r}|b+9J!L*kB>`
zJJ8|i<%tV>n7NdY0#)uoUnoHodz&G}vgx^hjL&Va?8Po-2mZ1VIof1g?mN4;y<V*Z
z-#hkyj9i|oB*}3ztMm;J%q7TE<AVZwj_@3x>&7bR!9>Z0pC{!}zuFmqzPND3_C#me
zPzfj3l9Bmd^vqypC`pX(*kgB;RxOs$I-2?8#1_WCn@@oR^-<H^MUkaeSBb3pK-aB-
ze_JEo@He@wukr_zZfDcEg->YRC92-bL664%e`H1;6*M#}cUY>u-5F}q?`E}><7PeM
zxP(b;-?+S#QMgzS;j_TC@xz6WOaD>tB^)C5Q#Z|B^;&Hb;68RC&!r4=ItVlC7G^%K
zjvYH+&)my-DHjS+TYH;Iu%<Fr-WGucuU}>Z26YwH`tHT1_pHiLQ4*F#?BxPyx|c+D
zPk(YlZ6d2Xwl&R5|GOMI1OB|)M(bP6n-icTedaW6wc~=4RDlXAWL*>Z%_G9Gi{{kt
zgieCEX|j!y%b6MVWL%e}Q2rOYD44htxa8jagp8AfC?IjDai36=<%~Bpi7NN%a71bJ
zZ_8#+ZVr0{V!YKD4clNFy4vU|ZEx@ljCvbzNn+S}7bz;m#pDZJ2%U+_Qk6mqzjd=e
zEpc0<I)HGk<8#axw)VVrJ<)jnk6yAuu_a98j+%OYL`%D8pyruWx7FTSL9Ardx?%L1
zT<gA|jmDZq_|d4wmO5RV4}7yEK;Ys90}hglIKj+yRUer9nwzk3;P#+4D0MnZ8gPUo
zm#7dfX(v8y^#`kBY|_UD&3s0<GP>t-pALNTv3s;uZtl(oM4@4`#Q$`Cuj=+MYGAsY
zQiupH*&yC{MNL2C!K!XCJUp0KnT%RrfLi!@-!%yKZWy)H#;vDd*^FA5T%we=bfKdB
zwB6pVDIxBY8TQ2YOeMaSmRFlfk6rwh?NVJS2l@K~xGbQGVO+!b4l&%%^V^KkunuuR
z^>w{fYO$_*JD*%+xn*l<00ZxtHW44Djoz3tl}M#q@lkzz)!@Z_M0d$S$}w?D#EWRB
z7Ftt0)L#)atYgxIco}moa?I{FnkIYUCH$AJrI-N$i&Sl2r>#fA0eMnDb%Jaft!V;^
zym}0(eop%ojnH|$cMY&iTDjm|rSlh#AtZ}Pyd*CUNJj~X$x$i)152+FC0O8I6Xp{o
z#U}>*F_Lqz8g9OcQEJnmMm>L6R-&}8qLVcWBWF7gq=!UG$O)YyDmmH<`W9Y5a&X-^
zaV71|T*D$-Ol1HrlkVS%2MofX2W2Gdw6yk1;32m4^iKt2;~@`sf1AuxV!e^?bY;cO
z8S96S<Qi>zt0|DOfx?_P>5rLw{*uu!kw)W(IYg~Lijm{2rNbv<iZiC6(}-hz4j&rD
z;eO&2^z0wQ7(N}QtAEKZNi&-*ovZv*mSL{<O*@xW$5=_(byiu=Z**^lwVU#6k0Wee
zm{Cd>k08#QX+m`)h8YP+P-Qp@Fhm$d%@1B!Wb8Acoa*rOj-Q8Q#DynJrmqF@($ia3
zLmV;q0_(Nn`TSWB8crpCopAvK!|a|Bk;6}9XPk2OB!^%zS56N}u0LE3uJ;fpVg@s^
zLgmsP_j|+asq>MDa6a&hONEpC=O!I6QG?%3l7YN}SWXHbazobVO>&b5AjBIBu>K~U
z21HaO!P6y7gn98H2Ba~x*~wlv!hk69bEYzbQ#O#U`nsGyx#Q-|7f${50#{u<=I6D*
zPaAW>ob>Nc?puez!fH&J8xSyGy#$1fKLc0*Vy)kcTAM*5Eckd%oy>nv4>!#+^rs9g
zd`w_-n+1*I1>rAM18@xw!w80H(sauMM<KiQ0SKy9bCCn0;Iq}DM$7_jfXsCv)3|x;
zBzOIZmqs9#j=a1if(Hp|Hd_!EOs-5p>WMGFqG#V&5Y8~6(+mtYTfvfPX%Y_nRQkNd
zvi@x<Em^fwvulgAeXL0wC>gF`X+yR4!|;n_eWn&*zsHnWCK@S}Dm-o{|G)&(?MZm~
zIqL4;a~wwi&bE#zrM)cCzpW5LS*k`45jSe`aOP2#%hbq^DF&~3>>WwIDA*xhsi{Fc
zzShmQ3j1occ!OPs4f@T<bV@S5jbQsLL`JM-V$iTXDtYzI&ntzk)3e84PjTxK1a2LG
zSn`FbLZRBRg90xj1!D>{9hBmf*4Lf<i7bK^_I5)H3S_wIQX>=Ab!N=mKEL;!=CtY4
zBa_N)W=s6@9`Wt5au31t9%T2`pJY%=eUt3;y8Dum56kC523}VT1W#b~1bPFq%S5^A
z{ZA<$pUcdL$wo?-oaHbhX5W|-pgywc_mC+<82(m_5SkZ^41yzg+5yV9`qbYOUn8!A
za>c9!u{gxZJ_=o5+Ls4va=sGXEKL!W!h6SpFiU!?U<!)(hn#uiSwybZ>>uR!FEJn(
z5G+;LLU*2qP-!{(g_(xhlhiZ4;2rB90SiT&HIqeH^2U@&XuJG2ihkGgEUHrKvvo-2
zlu=N%ZLT=q0r+ormNw(>h}H7@f30dl9Eo4CaPeMxf}=W%<eLS&`rb{1eG)wbQ#>!A
z+Kv?63UO9p4Q6gJ6zw&<`Pa2TF>KGLnQyH--vLTX-2Tuwjj|RzSC~*kI7Lp1as-E(
z{$pRQ@K3YQg%oJ=BmT8rW&suC)2n8t!*=210I0RLFxiU%d$ZMR$xt(VVQkP|Aew%3
z*mn9l8!0b(;t+?y-)Ns<lAy|z^iO4ocZdaH+uHn}{*Z>8RP%JfsAQ6q^M!ni8be@D
zzTcMJOqb7vs?gBKhr}ha{a14>;8Q;eu@oXFj2t%TU^+_<)HPX2(qTlrC;4h%{@29W
znx7Z)QUVAG1wq9n4if-fD+C{9G&4fH<w+ri1x5?QM(|9Ee-<b5wBD`wUEvY6gpSRT
z2LUO5-?wGnt+eDn_U~WT+{u1%eZ?y4)^AR=qZ6LYfivKkhpkc(-^zT&en15Rd8Nd$
zrxlgo+3P|Q2^>R;zgLC?X@gU1Q|v87oV~5<h-O$1RV9k&VEJA*$#g9or25Tdr5^*Q
z4Y<nwd!(94hf~+Y`t0X($;rSl2;knc#x8|On@#}8YNUT*Ti!8b68D3%W-iVLKvm`6
zNo-zc!EuKPn<5}1*MI{(wZtCp3Rg>?TOqkIUDg;{8Wcj0<CUxvA_|iJ{UyC27!I_z
z<WXTjKy7u4u5hwEYC2X{=FmM3deVoBHO+>fyp)x3wU&AN<7)>lO-~qOsAM`u0-)fB
zZVP5=TMaxh7mXi5tBpdxgmd_3Owx&X;A(Y2D~Y`>J+}bP#q+#l9?ZQ&Koq?%r4w)e
zD>hKp3bmxm5N{-ncQk<P9VPDrQMUCH+_$26EvUAB>7(}6(1u%pe!(@fSwnj2rLj&`
zB%pHEzx^0FFqeE9Xqdn-7LoGDUREg4RJ7(=zLg7eV)Q_7RA<RhHY{Cp4+^;A;IGpj
zPxGB;P2_pG4Wo%;diM5lCi}rGHUrD7xwdSV1jbs!r~EgvOLVK`l9q#3q%lpjx%N={
zo%<nDZj+XUL9iod&N5~wi<zY!M}J;O7~?j*Q@DWEck)a(NcERnCplN`!F2B21Cv46
z)YJep43!}1=NxrPWbg8TQJwr<@wrb*)mAO);a5K+SuzPnRjr{Y!L#tjAcLvcVmGM9
z*J>IoPFc2|rsoQKmo!5%I!E}3N=K6OhHqoXL*YP!|Mi*<VsnN+JyY?y&`>z`Q(qn9
zkl~BLUJxs1oCd+jTrA``Dw}7>O&hW2f}`OX;yAN*EDp(LDE<{?QFEfM9&4Jl@@OWu
z8lxofhU&-VliQ5+kk6h=uq%}6=H^76Q6Zcobh|(lTjyp@)V=O(@`b-S1>*C)=Qgvi
zm6GDUFio(kTvjgs-fP~FeY!mS2z8UJthUeI!+n?CFPBR)KU3YoEPgyKg#+n^Sg<dz
zUP1nRz*Cie)7b^;E<pI}mQV-{{ZN0!^_s{q)#U5rCYFm$6kv}v{EJ4aaPpX~@C(f;
zl8y~^a+W0Dp(T=?i6NH=3=f^o1UTQ8FWa~JUUM6!538*{=k6ZNCl7Pf3GpkL&egs_
z>P-_iNz-7cW-W%_QJAG{)pzl_1bK4FgPb;&V3Lu<pQmBqUT;KQjA;&)g;${ADM8d!
z?Z>G!;wnXTe^h-*`ya9Ui;7If#F3NWm!gMD6Mee1`l8)jF$z>&!3I;DW+b;CRYZTa
zd`iNf)y=t;kI`zph(wQ%NZ3a4;tY>4nEfFB>_a&6Hm48P-6AN0F@bHi*V_-a|3ws|
zFS@F`>?x`4kXJ3!^+CDPJ_)|S#?$9p{+?U(U(lm5#><Kkc26rvs|fvLE*=i-<P6t_
z*tdq<)?PkO^2P(2V89BNp|A=Iy7{Ow4$b^}d|UF2_^++AHWdBm0rP4^E8>l{=~?iT
zj|QY8Yr=!hTH~>b!x<Z&vOa7#zJU}$s9ue#m*%3@l2pOR{}x{KRjQ<Ubb<MJgYwrL
zQ}C1jH7(6JI;5;1>H0vhB<UnGW{l~wcPT!L6z-pKZNq0N{LU>QX<s$dhb!KNt)wu=
zHw3zD{2LXiISl>=%yzQmZ&?yW<mj1FZ>aM{*4?U^w7*1rek3uU+&B{UYw(JvmzDix
zW6Sf|wD#W@Etug+?jHvE5%zw{(yG1?<dx=yN@qo1#qa@3X3tSoa43xqw2GwPn>6Yb
z#9R1`tl>>$ehK5rP#jRKZ%v9RvUVAQvU#=+<Uqv|Ep%bduREtZ?P3g;uG9KQdBb75
zSV{#!auV+YXPCK^so(K@(h74x|NX9oL<v$r9}Cip(*_X?k7xMT{IYB(gr&2V|NVd-
zw$nB7rA-%WFySD`Uxw#shA(C8#I`Iwy4R(m;DQI#vge^=SxaODv((d#1CWERU(;&e
z+yp&#sx|oV+WbUP#bONdBF}3~PtyONRIdGq_jR_Dneh5RK?Qdo7VUBUk~rFf!Go<6
z>+%d;H!&1+`$wC3HK`$OS{HzRlN9E<-z*>t;&9@Wuy;1s9Xy!!^Vws2_Z^ByEvKUe
z|9$!lf<ElcZ|lo&9zcuqUU>(%Y*NvemF0&`r~ceMrkNN*5EDHs-!R{gh?Z?`7N+jF
zTq#h@y_>J+qDAnf8{(u25iXgpb7s4+F`Ayd(!-FL!c)A9q56dEn3(AJ)x!iPnITLx
zprMo{5=rlajoq&%mf&q-YvM8@@Q3cNEv&z#VIsCC$D~$o@Q>~bZu}%<mx+W=Z|GSh
zm*?{NZ*wkNYi>|mM=N`L>C3`q*=FVCbox5+07b}6!yBrD5J~>>)Uke8kQrUor<72D
z#Dz1ghw^N`AEqP~X@3=~$X`w4Je;rpPAHB+<7$i+0{u4;^qDsI<}aRVMB&!ha(iw|
zkEYM7l(oU=xB-Z_>vLPRcRV#DSu5Ih3F`XBXF*1E1O-RDVzZgnNHHu%E?X>G?=K$?
z)kY#Zn2vXr{W>Ag^9$P37v#jzH`I|m7cN93$1jK+yzh7KZm2F3fW4z0#KP_{*nc@V
zUHD+#jLh7TPE?!3)}wyMz*1E+<%skCv$TV5`P}B=2V4)+!D2H+)+5PU8tAsuPFY$y
zhL!)F_bpCrz}01B3GK7Atuvw#Y=`<W|EpInGA&nU?NYt%P?SGkYE|LU2xRd!xkFy?
zVTLB>biYu%;NK66HP|(atFDH1e%l$o7AhJv>_RGo-;;?be7}-o*M6~Vx<B;QLhx)$
z+Dv!6>dr*W!efBgajx#7*Izfqz3<ODdM+lSZiB*s^r%-umjc_0#9_K{Rwh@@xSnTV
zZ~ZsLcIS!;5D)v5-J1rVl-k+tyTMLSB%AB<gR?D3;LCJ@18xZ@>p3E495tIESN=~D
z@00lFXh4JZmb5TqIhW?t^RD#|jFOSDOgWAkH8JslB-kiZ5Z6xtznFtq+Rj-(tzZsJ
z5(|9}SN^5(HEqMRVr&gLe}<RE<+o)zp?EEB(w^Ikx%1DPY|r<R2A997V0-M8!0-N<
z^$Q5XF)C_WJdn4u(7YsAO?uKh7Vkrw-d6|}r2vVVfXcSWAFX~5FBMWfTvP3-4D;@c
z3ROtr$^uJXGLyxerB#OXTzQ>g-3Xc0k-#d$3h^%spS;Sce8WJ>;5JymaTnTjf~xb%
z!G+{U8J3w*5ww=i_n(S@XJPqaLnSBU5>TpL#4IR%203Oglw)O8M)4=+#w<%BLr|zN
zJ#S1TrY07W9u7D(;+sjz_7#vkp&h}}J=FOF8)jLDeKUyOPgyq1@9~1@TD?PfR#;Xf
zX=)+x5k~sZ<dGATL_j4?r=>l!{5@YLZun!)Ui0bw*moUF=f!z-^qa5u!;o|t@j&7^
zoryc~q^^#BRrig4-iEybt2;d!G<h<24Nlp&mT#4bGUx*ZrD0TU6E13ED-M9V5E`eh
zIM4pNFZ>Mt6c%*fX$vh>9xj(?%g|v=kE$0xAAf(Sset%p-CtY0{z*_5^`mJcfzjY~
zxfw#lRCqY}+c{lq2cx4X@19kUk!J&{2O{C^P7PUYOajQpwovB0UiTg=ce9rFLww|8
z7D4&(5yNXn9W3T?tKH@VTjnXNs!{jv<KF$UBbd3UZeXaXI#L^1>y8MxXG#~`y2h!=
zxxcOFu{$ZgzS@`EvJ<}ye1L5kwImFn8#{>)y`Qv#SwYycx|nm+S<c&|Rt+7rO6B-e
z;?h2ZV-R<WQDUwx?n99!xl*|sbUnIe5yaIo5nMr7PI)wTG((b?W3joNu*P4f3peRv
z#~0oDnS5}*bm7gI6+xnmHX8^pM+_c?&>nuE+KB8h9~C02f_+b%zUCDKAY&;$Ld4O(
z<>%PfqSh@dhzK|_ZKAPrBuPudNc4}?zS>b^GGe|%*Q@zEKYKWeLzBw@lAFYR8UOAN
z`4Y#+ig`)xZzF5sxZj7Z=lp+~jZC9j_zXnkc@G`c6c?v*Q426_tK^fLd|>87tf27T
zDOMuKCF{e*Q0@cwy$jQQ&Q8E9!chKn;diWvFE)n63#<Gws%18*(cV2Eu^p^>?yTBT
z<RyhXXL;8fKT9dUrwF8nt{bAVh{g^=QrN+=*zL7WyH2{=AuyT%meb%(^maSkUnVeF
zu<8B&5eNB)q|9y?6H;N@6^sfef^z$1Jr)?fEq&2pHm+NBWHn+=l9uVgiPGOPN1mnw
zWaDWlL;?_7$)d|b)TH1qKTP2RJYp;QYFMUqDNvZr@Ui8I$ac{`qhhD*PesA%(>JG@
z7p#ct4nPV`O@^6M5zXG3KS@?6&DfgW$mse}+6^t#FQaGBh>*5(WR@dsT7@NJn#R-E
zYc}Ir@pYMVVXrNC2$xZXbq#xk_;E$cOOdx#$gS&gZ7Jf5(otL6XQS<Y5=c=*&Wfmh
zC(Ejkl+@d;s+>&XhvuEq%On0&hOwYk)U4OHVddboY1cx&&t4&NMDKy-)?naCPmHQj
z6`4qTE+SJX$3A7cz^G15O3=>yqp!7YMc!x2e6tCd*^jl^@BgCQQa%lwz0->a^O4B;
zAU)uk#^I94@gPiFL5nWh!mV%opJW9Xn|*)|Mmq_!nSYu({|os3=_Ufp9Ou&)=wUzV
zyl1YqBqux>cfJ-~PCvDY41x~ejJ4o_DgTJF6EjY_$FuychUmvKquSgQaqM*dltR!U
zwkG!s?@*Lirf16xXxg}Ft}CUI^C(8mqPJ{yDRsdm2SzB>6iUcVuw;!<n^h&;h)({1
zBH%m)=!Q*=cDk=Nt_uu2mU+5`TMW}Fh<msoLJHdRf~fvKjk_Q6ZWIc_IJXV@EaQyd
z{zV6!;KKbPat|%%k@w|1cm@+PJfB`0OO*4!lIF~zjULHwX3<e)FA^^iEnVH7+eJ9a
z-089e0T^lpY7_Z-mZ}=Bjh$`4zu^wHlDX-E#cWvy(<}T);$D$pR2HYl8Obgpj+$WE
zb=BjeA2({{dawRc9BFC1!R*2kbR6;Sg$@~EX}D9Qx6z%QDP_?6=ZffDjiyViVRoQq
zZ?La;NTT(|gkkAe)5BXB@qp8p++h1~#TnD~<Wa3kD2p3_EeEM><CG0s!)3Lh5Gr52
zWohUckrU!3$4Igr`BA4M$l&gQjTb6VqE3DHZ|wffiJo4?Sm4JCTC>!X>rY6J8K)w*
zTQ5eo;~R8{z^v)HO}UY*3VD1v^%JP3QXz-%k($|KCjg=Bo5b)C*{2bJ)LZ_&G8AxG
z{tiC50JE!FR^AG$&Go;x-rM_c1)B%QH)<AY%RI$apTF&VLe75A4vPyG<z?|F$7m3o
z{UMYizz#btfbgQL76H6}s`f9}BxxG%uPZ*sP|KPMakzQcwM%gQrk*%+v1Wk9kN+YS
z;)t^Q7wRD9q`OcAW8EN|eu*~nkGaIrK1qbGe_(t6QLsIqr_7g`+$hk+ol$hHB@{^=
zk4|Tq>CPYjc>C4ho=5L+4n|h8Mqx;Oh`(4jBWpdaVSz-~A?5SZbMb!uPbrh$yM2~?
zsT(WY=Y?lYJ71F&q^R(p#$LJ%GvvND3^E}DLLL-qal3BZ7r4A>N*V#Q7(1D7EyqTh
z&aW%nV<bsvEx9y=_DU4*l+$W~t_}j;U&Y@>81htY_r8__c^H49=<4vOw?xy;Aph<B
zouDQSR;O&_d#5X=INmaM15*{+W0hK(Cz2h=iTC|PwxTAmcj%ACH-CBZM3BF06VUiu
zFrHkug-&n@MYla1BZ7Q&4EsMJ*ZYnFE~=AkjzRp$q{R8-SvptuzGEGPc2*p|FEPuA
z!-n1ftjejinb<ouZL#^E4~xYxq7TbUfoR4n$(mrY_pIxS+%z6)VjS;XNV*kLRAT}Z
zWcSEikRI~Fb;xsf+sc$4G1|SxZ|@R_cC0sLvwZarq1$^D5VL1b`}3I*Opm+zD}2c&
zp1VY5gre>jt#zCCn@%C#+%+G%^u|HkLHs1xSONDad!${z{*74x&o1OSq%<c;XJX>j
zOZhhCi+6l>*^zm@V%@NK#lMW0de&7HIFP%49M-x?)(%9K=uZRbM+vIlf@Zu%?Cx&O
zh<CN2a2jR*dge%liKD2&(g&-fTiL%NCvTUY*on&UPiehwotigJ9uE77m~RbS9H6!i
zF~NMsr%Gj0OhlQ&f;Sj+{IWoV;X9U{sk*-*$0g{4-#cFa@m@NRh-||t?Z&Gf4SFxD
zQD>GHUR!??;;6C?M0!(IsQQl#CE9hoRJv@&)u?Rt_Of>lcgx7hH@m9##_IhA35y#@
z#4l-OW|fKh_y8B&3#p!_&@d2YWDG;aqa?96MZOAkFj#(($q{dBw~B)sT-6bFNG}h|
zndnd-!I4ISw~UC&!(gB<;}=idWz<s`;4MDsu&b+bngASP$XNiV1;*VlA!lFXzDQ6?
z7X=>H`o!N!S4$n{@)?te3_zEuJUel^=x4}I1y?>%@H`q;t`H2c4sA7B-{KPuqDLaC
z1x~8+-XJ!mb$R1EaPPTQA4d1*2}{?F9=5Uex(15US(}~9ds20E>xsEM#!xNF!wfan
ze*ZpPR3AS6t^nnfXJY5tVCy~PKd2K92Oi<1^|+XyFL1_N-U1I2v9-9E#7Ok2zcVN5
zLw>klCFfGJ!as|wFIPrY2Dp!yd*}ghAHa7&L^`6`eNyr_R#WUWDNSC#PC((1cSK&R
z-%VmxoIU60-lw3NLRk{-R*T%<cQ@tw`x?BwE|?Fb+=8G!AwRqwfdJZ@8Zs*0*@olZ
zQ`MAs#O*aNuf3?QuB8GUhyE}YoxZy|!r*mf6V@w_oz{D@<v)gz9e11=lt`vn;s$p5
zWJR9Of^;{9hs&lqO(QpzV=E792yCGEuzIb1DvtRJ$%m%<WZDDCc8C5as-^e^*{m9d
zm9RtYwBNo4L-XM3u`*-fQ^R1=9V7noohLw6wz@AJM^_l8N_zI1M3pR(?b%BcxBK!F
zy~mGx!9owDL0TlcdCUQ{iPL=GBF^Ih-javgb2{eXFEekbYjSSLa<$@<lcSm!>9l0N
zg7W3<*1hcuUazv@V4Gu0P|e|(AhW>6f(}H92dqCXa=79x{Y&=~uXV1<KlFwIccu-n
z2n&*cWe50o_wn{>$;*}X%=th)3z06TT&Vl(+@4o843?0Fe@s-j-uz6_zAh;|2=dEK
zf8Tz%XnQ#53uAwTu0ZVsS$EicctV@DOl>X(oSk>?{!ZuD7d*sudxLp8tc6lH8u-Sv
zT3BV`U}P)Mc0VJZ9&T1~+&dpzmz82Rq;5@Y$;^EGA@cEyq&`sG^efdiMTgnRXOwyq
zOWhaNl^s+I@n<<ztV!7AnRCqbk}ZwjqQW(H(R*wt-=2vCJ(SOlt>N!V-$LsLe6HR)
zRlS{O@EE;l_j3D->)GZ8kx-jjL`YF!TQxK9|MXSR9b|?Vg5oeRAhc1Bq6iG+ahuPM
zPh9iGO<uK+3x(1RWoYszDP_HHHwNN;J1?_mSv?-^%T8uj_V26MEP^OEjx2Ih@Ee`%
z1gIhwDd*QaR(|_hsTXVe<V`d<Z*KmQ)k)TQ0#B+^bDo<&#s#k`V1J-dWggm3lu?XR
zn4}>81zj#53sB$+%}LjZj_CouuqmA>#vrn*I>`=2I+YY-zVG?f5*=!TEs3w@4Atr)
zz}2qp$t8A=&AJsn+kEuRQ#;asOJ?)@j`PuGI;X2~)m=c1BR<t|C7T`3wN=T1FFlWy
zWlTlNn@h#uuD%2q%rAXsnh6sa?^eM*7NNgfU6syJ6uK+-({U^r0NZF0g~ui~NCdzK
z_b{!dYCM7{ukbB_VT}&aPJhDq+;#ng<YZR_=>08STATvtYnpQ9(RX>>@mB)py<dh4
zkHM722`=$W%GCZpjF>u=aKJ9)qncc}4$J_clso=m(gJ=0#e9l6Sn%LnC7-fmL0^E^
z(X&DGzAOHTE~p@6X$tQp5cf%n#FR`pd?n3;6b`c=#<tsiG4>q;P9mL>YVo9^vJ$fv
z5)V47{*nqDwXw#16MFx_$~9ix9h{u=Okr-#)y}U4J)}DU7=d=WdB@JX4hKHUZkuoT
z<YD}+k()R#`I#mB@NF*f9Mu0FL@#3UqNMgf#O82{!o2^3pHA8dT12YYM}J=&;eCE!
zKC~j<IEemP?|}*57O*>!R4;Dp1(O_xPBPccp_*?H{~~jtKU)?Y5AQ+v1}BLx4P$tY
zl|k+IJCW*Qgq@c)-`1Us99n)iC4x9Ob_jvPDsQzMR<5X*vU5Lr!PH3d<{CbzVHhCl
zX7DWyWFqoA^KdL98|K=4b%PL!(dolfd}<|*|96G~o+WT$(;>r0(e7<`R|y6HxY1RO
zSB&`w1f-vRz&Tm)wBa{yT_A+lx042FX@47UslQQsXc<5vRiSeVc2Tu3)qdDgq*#WY
z>=*dK>M|3hBBeqH*3RAiP?JSlGm5DJpIuY?35jw^+Kfe-`|1^l(F6-CC2`Q&<#6nK
z4QW2-CbSCpn})9ZwyK#+l<=^m>KjDu>ICSD>L$s(yeXe0op#ESbU7zgR6nhrb2PaJ
z-BYnd&f}ThEq!|5H*w{Dfg3-~Cs~0yz0(Na8<T9|hX6pMOJId?fYj-Ui`#RM8uH~y
zze07cPP7gF)=xV-n_HmCUpN5yTGn}hAZ(F^(v)HNQr|(CJAh<as3ZE&?Itz1Nr*z~
zo*v^(iBmsAE=m0KocEEkm_Np6oqjl6Op%Syr~Mu+UEk{WGjPyK?V){720Zoc@|RqW
zf}nxovb7&r@UnZDP4Lh52&m?TJd)}b_|eyC;N=)_SJ1m`YTa^IB^ze!qfdR5pi%yy
zD6H7EHzqXde;(?UU}>qqF>Uv|>%<slT{Vp>xUG*NA5p(@+;-5!lyk&>Ry&6y({`8m
zQ3>>x1Enmrml`MNJDd^vpV&k38YOyQ?kiE$ykz*m8u?`nS7(VJMT|UcP!KXpC!V;6
zW$jJkfCD_x00Gt361_m+XAI6U+8#;pTz%OVS4wh~Tinw@Pnv=cj+yUQnVbH0hc_(x
z-2%6w`z?RZ*Se1!x}>vWvhgI1X=5<=rwr7y?@PFINQp#29OcE8G9Oo=vbxCIg95=1
zJ%7Q4*akfoUzSo!+{`e(DbKaKX)N!InJ;S#YLNV=RkS-W=O}p(o7`IYIb#B%ZS*;w
zR2lu(82Qg)qQRG=h_$o&bLB*XOk1B!GJ1Is>rg5N+!olk!>cZT*OFGT_|kCdFTKgJ
z0@cuXbamBD(AHQ6mpq%*wvkXIM*R*(Zpyk5&8zIZ*~Bh5e3D5nMF<<a^KjBc8a$0B
z!Iup>w6OVUZBEiZxZBDt_2?d!-eb4mGMv1L^MVu5^<q|GXND#$L@)+$9FB)57t&tw
zEOX4f6c+C485vQpscU@gffQQ&z!ILs<)brO5&nsxl&9D(bx;luEa7|)V^iixCt`0@
zqI2t}4YuP@Az^qaa;(Iz`#I5lH8AV_6Ee2c6rtmKGA;shf`069@s*@EZ#sBgm}xKw
zYFiGwlB75``~Z<P`PVOq;@F5QYT~LLO?_2hEU%zz{U~074T>Li=1O`W3B|7x7HgA7
zH#Zp+DvO+>)y3GOjF=O-%^zdE?(3$Afd`#h)BC2~0#p%>xk>$NgytL@9GO|&3B<4j
z!Y9uHJ`<4pt75ciBr$V|xUrebysj3SK|bex@wj<hM>CDCjg5Sevvcs%X0qprI}K*|
zKylzoF}vrHmOJHI@TooUhal>WY`^mJ5~?@P7}=dmgPq+{kw~O8lHqOw=Z<Zv!&R<q
zwRf;c*iBZuQHi1TV@fWdh~iO}44_3Oo!{-`KL7NtiiR@0Ro~Luj$T)k)=xaY{PZ#w
z+bb%-?qQI9T(JF*xb3x$60ZE0lt|}i@PCzlQou9db#;CZa~ABe`1=qgw9_!^%IyMs
zO)cv^%aPDyH|w1rW|jZ*e*5y;9lp8Im5~kV(C`lGlk#&JALQ)aOfC*Wekf$)WNJx|
z@iJ-ryc0`J|8W#iYihZH@skI+)*bbjkR<FwrAii?d##_%$*aC!FTftMZnI23W#4$N
zS1@T(2eNgjrg)R!%3U}Q<c6Sdy*-01h;e@RJ~(Tqt0Qku!FPP{V0^~aC}*+Tb547<
zb$h(-UrJsd6{E05|B+jX%u2MWiyOOq8@>9NQ*p;u?m2E`W6Q0p+(<?#PsLDd<SeUS
zF-~kgF)2@giKRqFlvJqSYxvt8g8&q+^F#K<uOu#smkh3tNMDJ!U_P;wC)*k^4|q-d
zFc9y(IUs8>-gnSQEr~_j&6~1UG*mUU7RkZrw`4c-hC#H-#5&9S*zaMh%Jlls*J?RW
zjFdtz)~RF+YA4`sP(Z)+XRaNNZ7XOzB=9C-llMb@=Ic@>%?1+}B0aWt1STifw@5My
zBZDUZmr`S1gfX#-b8#5k%onyqm^{gY>`v&Abzc9YAp8z*gyT)kkEMkZu#3J}M;o`J
zmE=?53qNxsr}dI`UAwRq)IhUrT;$)gU!un&?iZ8E50}?(6)U6EZ{2zP)_c!K5mHym
z>j#R|g9y~<q2XQ^R9wtD*|J}3@|iZ5OwqO)GZ)uMHSX)CHZYr<`nK|OFIGk}>!)yS
zbK3?J8`BFSRTA@8qXaM(Bf1~XOCU`1QExa81>7Zy-OblAbgUzOX5nah{&FjEhd*tG
zqTSyzE+U0rT{9N`+o46ke}k+dB%n9%wRFjnua|RMz^1`oq9Mx|@{PxNISgLRLa9WO
z?u@~LD@8Z#Osqo77+^@B&GAw7ky-GQCqXZazwzmQ8xna@O~sf`5sJqT6s1{yV~DBZ
z7rLCtPZRAB6xb36`bAF=4^81TCg~vj5XPJCh8*Yn%8Ad9Ik0X5Bs*)SQRUH*FB$ek
z;uSK@;@IGp{XP$Kv);G0?bn|Ytn6rGTMVbg(o;RoQj*d-cRzgY{2rV@Xw)cAQq@D}
zj-QPGD@+Pw_xX<s?p}6X%{N5Egu0GN_C4~cl;EB#&~?$tHq92Z<R%Zn8IGm8h`@-j
z21)<*zEr?%<b}pkGAw$YH*)U<0~o7-=XZSPmz5LKCD&fMf4%3uI75n##t)&1j9X6O
zplefA4GGj}&VQzgeTDC?MI-?ydd#HMss9Z}+D}Zyyo<bFHa-8MTc^^FCz1DF)@Y?I
ziiv=QxS#zDp)QerQ+atDg~f#XEGxC)?^K3W4oKAv`r!U><5ZzH@T3vSkPS6A!sBqp
zGW8uGzZ+_AfA3=Lw_7W9vs+ry_H*%J^SZZrNU^Q<R`}tKC#5h_aV$RMLBnam{as^#
z9c?IxBhg77Yg?w`l3f$qp1kFCe}c3s+ZU?{ohQXcHarEVaoZ8e<O~8HVZ3gvVG)dE
z`^~aZoz>g;@95UhmntJ~HAu43N^<_5FK|6z(F6p=BnEKLG~YtjpByYQO;)wWy{hhC
z3+gRGJe(n)gYSAyGW))9XL`<?Us39D-+!7X$8~)`etO8a49Nz=RV`LJqZgO+QZ;^e
zL$cpqYd$yS`}0IEPC)-F?-Sg()m85J7s%Bn_ZKuuI`F~Hu{*ajvysX?o}=~bi>i$)
zMa(V%YP{-6a{>3sp;y3_q8zX1M^=Z45a$zdLlPMD06C^BHj?p-UtSmdBfk0x@R9kE
z5=9mrtwO{z{Aj{wAYz7Y`e3&F$oDFQRjSCR+g)Xck`nkWNMmVVFM}tcB(Fk<z7oZY
z>E5J)q6Nvi<Cl+#ycA>|_qPiBiOHP^#HmTg`)@VaLq@eL<&|;kh}5=i8ud?TCN0xp
zSUsU0crkshZJ@YdVTRZj;I;P^P;nvajams<|AD(-K+)6uHL~Lp#*xcs@wLPjo3mr_
z%6>!*359atuk=dE&)Ldg<`{)ct(raT0A7QuY#NM2@l94>G2FDA`F+FO7#OHvQG%D*
z5#%wA{QiebIXiy;!>B1D8j<!3;C<hy<R4Zqo36or`utnEd`#4FJmy+g%#1hs&;y-Y
zBvbcXaunb2I{CGkT81Pasx4Qk6(X!du8q?Vv&*@u_C4_23l6{f9F5zW<#tTd{h-b2
z$8nvYPShx;wnofH9VxcoWSXX-C&NS8IQGT@-ABgUdl}$OvA=y6<&1q$`853u7)%w-
zHCw8!hEn=fGf%m47S7IsLF7>Hd+@P!Q}Xn~+xP+zKmpyz(qJmCDE_^vl|0c8u`s=(
z1!XGdO3=qDJt^tm1b{K-=um#xsf|o!vwj$`KXl#FFDpUA^mlKvJ=85ml{Q`8qx_Gh
zh3-#-w;34Z+yC%AeS+~!<aJv~v!4P>GyuUGa74HGERqP$XB;<Y#L*2>#SEy-Z_#5$
z7va<ie2Ybq{EJhY4xfUQh9ytqmS<)t#tPld*}`IX>)x$A){pzvWXw=b>foKeDfv3*
zHR<l_sW4cJ$%>}RVzGW-0v{-@CsC7%ayB-^lw+xE16F#WhATdD4;pRmkt~0!$A9;a
ziKVW1^sU8aQ?Pmucds2u1tcjNXrsjk(n~Vwm^tDUT*_6dL>>V~o|Rr-u<?j3QXFkD
zanO})BscI`#U6jqxs1+Gc6jk3Hw?yOWfTk5RYfMTSupId>Qk7ugomg_1q^U|(rQiX
z*5&Fj!UG{B+fk+FsPB$m$^Ur47>|<`B+lAjO{{;S*Ko0^y5K_#(VUj}rrMQ4eHj?d
zaBXkmOPwiBouO1`jYK{nQ6B$`uu{Vm*ZsrYix(A>JS|bKyPigT`HdB`{Jrkor$=!2
zG;fn%E-?S?m5wITM}jRI4rw4M1Gc!HHqg1|S1cjruMw`IcGpmUTrhlA!($BmRlDU_
z%}<D8J@P~KK50;#&7Z;DrRm{~s^0Q${Vx+Zw7&S5jk;em&et-|Te_M`=cPFqHFYvt
zPrfUgOh3X<_GAa=(FW1-pZ=123Kio_Mieh^fy6He5bCF)Ctuz*=IWeB0zY98JrY6w
z_r8z5g)~^0z%s~-tZgwP%f`LuaYS-?XCPwbypcC5#Io0>*S!AlB3I<ujo;|eeu+7}
z7=`%tI_5`YfW}Tn`_r<^o`!ZyOTnkW!_X2r>|KJrRa(d4x5orUI11YGI!NGs=HL(5
zW0mo^>Cal@I9=mjKC6GijDX0F%)AN8Gp$QC+)c@#RR71md$qiE9a~cI0Uqqrwu=-V
zokp(%v?8Klsyc$(>+(4w0rELLflWV4h0_J(p6z_@E}q4BRItCus4~iJZUr`$-x(MN
zd+2z?g0A7)1#6~UFUYb(X##SMp+WcT*QGSfd(@R$%I^ssyD_@%(bxxn-qwf<QsTSx
zga~bF#DR4b+ZObv|Bq{9-H=b|4Ebc+P4b&O?Gt^ltJ@+yVPazVXhB)|TLCr;q_-0|
zq;4>xRr+Pp)89qf*L?7Q3_#hYz4qc6Tw9wdFA{UAm`Iz$W(n_$$Way#B##@7<HNh~
zd6t?EqI?;_Q#6s~V8RC|D6D)f==f9qG$-!KKbKY}1M0j~`}HQBM-zQ=$c+ulO+J$x
zBEjFyL9nZqI1DraHQCUBhVoZ4%HQOlfsSfMY_m7G#h66?BE<F-M%q*)&4+zfxf1g8
zhqaOW&0X0k)eqAn=L`zR9V)8Q!#%&7-pMYo%!EYLhR94?Epu~O25pBpJ_D?Vbix4z
z?razpTy{KzS(`7LgVF*X7?}q_X$4^6xwKBd#73YPrV@2-4Hepb;lJd62%*e`o*I(P
zSmsM6Ze-ax2}e1;!y}N3dSY`7XT=el{|ei>Ml`gOIQF@J%t`g(Zw-iqs)Fy3N^AMD
zx+d+Vdmmo@*bN4M{jQo)*EW)eT_DqFI>Hn<o_tCUoEoF-14u4r)~=5l4b~3+-gBN~
z)t)OTlqhR&84i>74ZX?MEO-J`vf|{a5W6k4mO0spyklq-YyU+@;N1~+Dgi`}py!G%
znBqhmE5eJ<ovLGx92CO;Tj1x0#Xh@Fcx}kXB&rHN?SUBJvCc~>M!z~ZsCQzKc(Z(D
z3_a}GC7^;A(7LIgRix)a7IL$T0qIHWxID@D^+wLTg7cXU%6SgZq)@IzYwyd?W~chk
zt!2c-5hLZ-TTZKEK0#dl`7#k;wVh>i+LyAXniD$-hdGgCXW!MrbkuDoJt?6z7I}Q1
zB!GtUG4nTu=KO~B9C81bV{;j<fsDEK9!W3N%Mo^VJ7MqSNSjPTT3ANK8?~~(hF*z*
zDn|NoB%F-pgz_A3UGA?x7U<!+9=kLf-QD^H=(4c%F^7TG4wlUyE~)g~o3MdLy?<<T
z{v7w)H^2W8B&068m+u6P*z6~K!w~)XZgCaG;dVePty?)f%`wVdhFILByhLjanFcGp
zGu)r&Cy9wr*Q4hU({v2<x)Vnan)jPW(&1P(%AC!zzSI*Yoz!{%Y`0qvwHxad;3tv!
zXV;nqR+iG*d#ZqXd5cy+B-lmL&h~-i=6OcD3%WU5TnMk}55ptr<Uv}iFgfQ<rWcZR
z4$e0Jf{F1$-x@1i+<77Frey}!vRr29i2~}3lA1bFVfnKSV%^U3KD-%paTp58r`X9%
zZ$p)%$E~)?o15Rl^2<A8agjx%HV$#WVoyH`>z~0bfp(^)NUDy`A(Y4AQa@o8bg0BD
zAtcQs?ax%oeb%2r{$r|`3S#p)Kb>}Wcmy`UC8KEsQTDUuz3zJ9J9x6DnmxjPu`Ve(
zTXv+sem9Nssxq~T)!jcKKHXhcVJZLd+*^h_Zv6wkyi6cbhq}YT;&_OEYb3sFbhCS?
z++B5LCFdzupGR&JLg7EVGGG&x!jF7L&<P4P6Ybhg@Ho4xQEPK>ax#>#{Wz=>>QTZQ
zRnQYA*4f0xTfVKpL2aR9z#6xqACI%De-<@F|FS12`pZv0OTz7zpuPAA-8{qp1FS$(
zzf~Wfof~9UeZu{Vi;AY-nXb8MoQdv5M6d038@(haS)j=UtJQGrZHV;j_hex%OQoIV
z@@_yD_w<;6tSR^0r%!8a7<+nOt)e0)k}M#Fw3T`tJn70(hGI^-OHu(Xj|6=aU1(jC
z2G3TEapw=o%8NJu&jhs$zuB*K_2xw17D@Y0koDBQT17=J6C<H^O?!LOh5=c4w2CAv
zrDmNH&b7g;kYKT41tG}dAu6DDyCGTp>!VNVx&A7O<|$r(g8wU*8jfRPF539O&l~%;
zP@?rOgBu>*SF5N9<2(FAU0{2gf_FLht}?PDiM|5JGO%zCrMu#TkJ}WvOEEN9$@6~9
zqAiy`sptEvD0JAI=Kn&l8<T}=a1ZYr4;w)#3woazjusWN@<0!{cSIwISwb915`Bf^
zV35^M4w0)#R{MT=5r<^qOtWO&U{BUh2sVf?-*SH}1`J+*ivJ6TW8qqS;^2FZ_lo4l
zKeew`Q6bAam(p4=ch&lytPnC;R*B(a3KrMIWg$%YI-t7ni!n=2a6aoumi?vDC-trT
zRX8`i{uKY$n2=%2;^&RX!g=2J^?kL9iUctT9xXZ6yXUDZFx4wH-k!yX6%=j*_tyeW
z6nFVKt2U$OERe-m@U8q+j9I+?1pgNgM`T%P{9`c-Z$lrR1goehFNK@dNwP-^k|d_j
z3s84y*vA#V^%3I!B~;%#ySKs&yt$c-?2~%7zls{6a)SSB{G7!QXDvT(<lAE0V*l}d
zwTg;7$wJz%SK2n_GyY7LBWZThBd_7zBV+~mx0cI~pN8{U@67K+pVagHRTQENu0P5D
z^>}XZ>i*}^r}YR~PwuN#RLFvC6bMO^j+Ava{$s4lS&cT&WDUt8TT!x>`@4y&n<kjg
zLh7$1`@We9Sq@}D;zFxZvK$(cmCYo%waC`qx^1J^kH|vT)_6aUve+*sC2N8j3=Zyq
z*K<`=B#wD^Va)Qf9+G82E0YD;I@G>NG3VsRWT}vYuXoeOtO@D{uW|~psOZ^3q&ikO
znGnI85vJmU7OtUUsC|kS-&{K8EJ&6rifmSQFWIeMRK!{)*SkdW&=4Jv#W}4cSvZc#
zgRCggw{k3RB3byM$NQJP4n|Q?OW&gpHlM{RCWbGgDK!bo$7`%Zs8==Hge+peJ|W{(
zPu6m|_*BSx!76f8Uw0uwgzNxsK>d3b(HbR7B&H@><)HI<7vt-hD%u)phl5{jMr1v2
zKP%k#m*&qZD$iLaZxKs+At)g#L2Z3ox51OFwHRkHiHpsEEJ$YG&kjab{pq1Ui-eq*
zEFaxBwLgpVT5limYmGMcdd!YeRC0q9!xb|csga;M`uG{jr0+X(laQ<fB(v{~to5$?
z^teCkRI*0*P4CaTdizzs7JXW*i+`Y^B4gy3dABMj?~I<db;!OW3!kl7R1#)8<RMwF
zUMpGE;cS7JHTGw*&=w&9M-*ckeNjLD*AIXA*I$19JGP_yCi7?Udyp*N$CiFA`n2%r
zUo7n{Dq>9P$zt6t;AtJaB{`A>FOH%~OLBFt3!!sS!Fr!#)-?#LYE(Ck{aK6^<50u;
zJNlx2{KJQLzy9|RAJ~rWo6MiZ??JM7A730s(x-(E;r@z>3R%aPWOB(NUfryvy=~o)
zEWF9JGDz0@yZ0a~ubb;PAHU$wdV~;k8G-0Fxq72mupQqwkw1&S9t2v9;(csM7JXWH
z$m5gO<0>j-Aud@H+C18`?mD?PucMo#7xftod(v_($m$MQj#|ljbqzK1FZi<_C5tvI
z`l6m9Ybt*he;qB2ypJu(qE8FI_}BmVYRoDsWF;V#y;`WR&?D*PeDG<T24pz|D|^O@
zTTu#+WW^b_P?$wueH=e$eU+@!V%8M?tkJJChIk*_e0Jp1!Uq%;jnyhcDi&hk2q1wb
zmCt=2Tx#x<g|m?KF-s1n>t5S+{b}saB3Tc|VjRuU7xfrfyl*Oh7QY8c<$Y{P7GoYy
zJWx?lTeo@K*UN`iCAOYmjm#hcS_^km0E7r@c-uQ>FlMvw5wA$re(?o=7X4NaCxWgl
zCr4k@n5^-A6Zy0FJ@hP^!F_D$*CJU=9TpXh)!u?ENnnZz__p>*GGky1=TS>IAZy^0
zbe_4v>jPd{^Bu_g{rj_uiY8J}vY54C-Jrj1b6oP7t^NYYe&U+J?j?CXt2;nPvM`_Z
z`}b!R6-_07T)Q)XA&Xz34t?$&(^ej2sk9Yi%L6;`6(d>)%SqRfEWD~}Q%y+L@4s%a
zs7QRC`E|)FS$XIetd?DXm1v8fF0b_|+KPul>&#W0{aPDk>-v>aWlvh~@9s9M>Lu5@
z7ZtU^*{IKB(yC5%Ykax1ZltvZ+_%ZXnCr<xEuo|qYf?A;j;jfKk;L=w|N1(UH9OoL
zmdirci&jxf@317*asG-=SL=jcVE)kKxE0W)<jLitS}u31<$k}r*{>F>)y;0dtLxoz
zv9DgVr?{vnxW1YRt#Eh!eps06+O;p%<vT7q%eG_jv(=_rDov~Xez{z%6tCT4v0Lu;
zi!oWJWc5%BG4*;EZ^pi_)3T3Wuf#1Xa%sI?r;OH-tX?3?!R07TCX4Smy7(2Rokpxh
zz1gdF)o!&~s8N5n->-&bv4))!MVyJE&FK-crpy6e{dr_PUU17&Ec^eA|06|3MoErQ
zPDQdD(eiajE~K_4TdG_I590Q#{fz>(SSnddkhNGKbnW)bYDgC98FF>(+mQw8>i-y3
z#$-)AZ#6!DvQ-OYDNi51xUW`G(Q!UFlOv;g_7rYI@~x08fw0$>Lq0>682MGzP6=Bs
zlq~(R*SNJ)yoO{UasU?w9@aqMoc`s~H${Jxp8lsFCfp~BWN}o;eYv;>uU6us$_iha
z_rJU68$;hdh`f*Y)ha3iK7eRU7I*&+HOO*!cM!9DUf2D6d9(WadTHao-3qx3BWtl(
z?RP`6uHN)v=bd2z*(m^HgDU!_jy^5DZo+-C_?y^rUoMgbO7ra`P|v^n>>I;p;JTmw
z@!xX^{CHojqN2Polfm^xvXmga9MzK*asGU}yxDCQ7!Yd80%U0f+bvcawAQQP{#oxx
z7Ge^PIo`X<_389YF$PS%Pu7?$ejZyr{cr#Lb~G;4^Q>dEUk$Q;d6OUI#`|g&6@ea>
zxj!V!Yhy2gTrXB;#LLZMd2_R@b~g(o2A9=hzuK%;o5fAD+JLNa%(7I(-~J7;!QZW&
z#s%!FCf_IPNwOH@tkZwsXR_$hSHkFeDP$GhSE~xF3w%fx^MQ2ovu~1%N@Enpf7RK1
z?yHS&w4I;nkJV;K7XIp(-NVR<lw}h1O_J4zrpfoodOBvkImTIj{Es8D%qacAKJ>x9
zT17<ws|_X(F?Znu-tjmFV@Vj-@<rx)l#6{;Zx)(wziHO%v$>yd4XyQhJ+Fpq<o@)_
zVBf5(erXm)gyFu#^l44HPuAmP;eMpgF~S2i{GK>QtR-2tFQjEK^mR3eZd6ebh-z&?
z!8XqVC+TS-Spm8itz67&<HpMy<STZ&<=&9;XWM43@1L!k#l5V1@4MolYUmKQfWSWe
zQB&`eMZXtYejdKyKm6~Xkg3rAF^hs@b>;u*NEWWMWFUTlHV?=uD$37NCJR$;ot$w6
z1;(!6e6OI&F-sNypS|;Gkt9d&aNc}L0*?t^siimKx>96nX%?>`wD@RjgAYDz^wK1W
zFTr3agR7W6_Ms?as`h*A(ci+iJ@~Nf2k=Mn`+GwfomnmqEOVG?hn}vG6bfZc!SL{g
zl=_oT*<r}S96Aw8%-T!Z?z@iTjaj#>Z*4!(byz>(@2pe`SLb3uqSzczd~Ft8n+1q;
zO_pPCl5;sr$l8ls+Rf^Y-QM5Ethx@XvNdc|P8^}dEb7#;b(~PmqUN<(>K<DkJ>CU#
zCTfp|Jq4I`6wPkUs_U>So5S{`>qrE(h)TKF`GjTKdm}ke0hPv%^BjYBS--_{6j%aQ
zh;2(6xqPT|-76b6%fcpWi&<9Eb;sPkS#0Zvt8bE*9QACSz?^dKC@=}juzS~4vnm_M
z4mMKPpeuy{1#b7fAYBJp?)uA#3h$P4^o?i6yo<!7qwOu}K*n)@G_kIHtZbR)Vis&_
z*0H~`E{m2L<UmbZSDT1goLzD*8PhHuEJ+Zwh}-Z`&8lpfVIVzog!*CWR|${|u2Eqe
z<7yV!rtB;Ovto8aGD*#nn6($bx|T!BHD*;dP19I4YrI;Y1+yrQC0<E7u4S}7Vgg1n
z%VB8Hxs10!xsZ0pmfC%N8?4mXP5rT#EXENtFu*Vjc3y2lzLv+>>--Br8ag3om({Gm
zVpNM#+jYLa4Q`%lRx>oCQg##+U>2ekAf=p{HAab94M4k$(F?;qiAw~rj+j0eXy0))
ztFmbppXg$c8UyS&Ue9KNeaJE1G4vMgFh1yv@t$Mw$Kzh#2B|yjRk3PTrJ7~MpLLcy
za>0&^Y1V2`8=IjoW?A&XidiC-NyevqLg%X6Q)~|%(SF~?YF4G1Rd&N25W7~xzI-EW
z`vKz?+J?leaURRbbf*+t=9qFg9J$?#Q!VYgR&pP!S(UAug$vsBjeRxyR=tB^Ys{jN
z<kI%<&gZCmq9x~ItE;mx*?qq!=0n=FS(S>0ti_Z+U(B*}VZ_`(+rT*OXQ2@-_xgb|
zPsSxq*>Pl;b!f#bfhebW%Vt$7qgC|W#^!9-6SHn&7HFu{V@#eR)H<JyaU65@yr(^W
zBCNtZjDy*9KdVx)ugn6l=Bl3+N79ugiip)656v7gAF9vU1#`+i9ozkp+BS+<g!zLT
z?`Ksi7Kl>k9&;+}610j(>-=}gO3h^uzQio&47=<&>BwL!sURVXLac9tmCc*gEazg0
zDMYrc(OS(Ss06c6!qXVzIF^2v_uggWjnQw3TiTPZDQ-E&8nY_Ztasx)_6S@{jB2|6
zx{uWet65+<+ZZt}gmlVmvY~yuKTvEVOMd96O}u5ZDiu|ypP%Ms_EIYuPS(E~ao06j
zbbX2fJQUtxc9Tm+N8P>TF6Wc?$-9%=Z#!mHDjI=$Tx6k^2o<phS~)Fiw5TqJ>6cy>
zTH^#Qn3ds{V7!rn%Pw-_<ig&Ex6FEc-hD6Y^Ut3?efqqsRK8mDJFB6wja&lh{Ybr@
z_Xy8OJR;p+@X9PJk6>1Ef@sB#z02NXsL&bb0{QqSnf3B=^&Db-mP-qdxPL~9=bwb#
ziZl_VZK<zRelplb%xRAESl<5xvLju#z=&3jqoIgZ%)+V0BxZ3+FpGop-Z{Jv8p+(r
z1vCEuvyh_>*W>3avrzx?=?$|=eWmhKL03J}X`Yu^PP(?ZhgmenS!fO#x*DSEG56-!
zL@Q=_Z&WQw3!EIgQ*JZgnDv5~0y7@*miPSf_~{u1)ITBxFIUesP-zAHx;6{(>`k*!
zU#a|5z?<DT_i_9p&OnQ0QCRlOwIe7EsGOf=`@T09r$TbZCzpJ5*`)0D*<YLWf|w$9
zh)@Vc&!3)OK7D@FGOm*7b9sp7=x04b9Y|Hps(f|KPvdEPnst8r^<IK=jA~P}e7A*|
zMuqkKtiDevL9XP~s=#u&?8U71^#}&+fEmc;2P!?jKnmz_`!*;_eSUcnQP2vvw`Rf6
z)hy-n>-t|m{{D}<zj*nNU8VA4fnJs!*E#KF&p}CmMGY#fmVuhJo~e~n^33c_cKPHY
z=M++sEc5NCyDIR%&05WPZPxDb^YbIJXFR$c!FahSbse)xec}1{|MK$3-Q$1mDwQ7#
z8pfGUBr(bAeu4;CbR5du3%MsXZ0HMD=j+2P1D_mT3EAgtICJD+az5P5br*^L@0bN{
z%@SecE%4>JnD=-av%p(#gI6G0A#7DDKN`B)DvnK|C;fg4qwNhmT2D;4u+DN?_Q=iI
z33wf3BR7(}lhmbGyP`?=Y4=9VLJHPbIXuUc-6zRjo*@+aPk*Xe;McoK<wv9$h5>yo
z3;`Ci;%MVM63#Ccv91?G!YtG%agNbBX6K9#F7Prpm&GipY5k2^&k}mxidpMx9134<
zrJwcbMNCxj(C%4d*Y}%Msr=N=B0*oPP+}BpqGFM?_T1R(x$lbHh3GPS=W;eVdJ}_V
zAG~3c^AB5745KQQubNSyVbp#WD62-$zbZhi9)%mTZ1Zk7i&-ui&L_^nq$xPgDVb>U
z>G*@p(gE~pSLJKQLaMT}MYBdJF{rVtSk^YTW|ce3=x4=fQcS_?vi&R=^t$+mn6<n;
z?kbh9m&VRd^Uy15R)Kn2ZL;HeDXnHLXB+d`<Wn{}31d0?QHuCUk?Owgm2G1QGjiA6
z(5#|wh)wYdvzaVpx;=B>if_FS$(x)wCufXv-pj2K-CW(fsj_iK%*Y*V9G6q|--}n5
zQ&o#s*yDZKtLeHQwj2QNqj&jqN)sby8IEEZ9Z$#ByYH%5m95XnB{3_Gz``sTg)t0U
zkej)`C{^e+=|gs5ipvalW}kH2y*+kq&evwu6N5KLr8{*x2RF__97$DL7dnnYjLm62
z477|N%A*cXfu5hmF(l`+Ga+)yhn54kZJW%ESwH*vH{X2otKGJ!)Kw(Kpg7v~^pR0C
z(rT&e_v3IKvuL5=5KY4HppOY5%Xr_l#LPtD=FG>R{rp!r8h=|<YCmfhr4#}xlvK`e
zDUQ^4Jq_Z~+Rs|Y48zP$mp*#$Ie6!M-0yMB50T+(vwrh$fBz4Ewc8Mt%4kOsYrMSq
zt-HKStu28}%7{?l)+~+~weZZwC76|+X}ja06Sdr{nDwuJsPBTCqH^&BX2n@pPW4&e
z5v69t&Q67^wZ+uf;2a0<*<=sDlFQi0vlX*Ue7YII_{BHh)S$IB>iR6gKaEiHH1<n>
z$`-SR)3J&3)0J6ZG3#ty_AtwxA~NqX5er1=_4!$U^I!k`*R`j$E$V9hVdz_;_ey_k
z#)4h4{z%y8b7ehWt8JQ=j>nb)9iz$FF?+`Gbb;G^`+XJ$-KDd&+X|IRoFn27#2SV7
zdS-EqC@-h_$lW?01Hi0x1hL&8x>nR`y-CS<@AoYrKIL1p{_(&6?iV#?ZHUS&#L+@5
z@LnvUGNwVz&>ec|WzjE(rKaqeTZS>jueQS}sx$?cn2j-N)?UoIjak3>clkQ&N~}K=
zc9qKiSK_=FBVtX{IO<xGafxHg>itn#^s_V>!McK9kQ!>+FcHi$%qAJHhZQrm{OSa7
z9dxf|ZHG#kFIdbHs2Rkp^8FPlagNf)u4eUL%nG6vh0wA$#xn;!mX4^6v6{7MDk_Vb
z1@KO&yXKM=M%<`I2X)NKt<aa4C2iWN)wAdhk&WRPgJ{)u$33|>&U~z9ZHS60f=TWQ
z(HKWu&GPkDw0%djeb<f4Xa)`IDlYK}Kl>IOFo40qC)DA)VwdV%_f1oQKz3Nn!dTxp
zM-5c~<>6pOuz3ItcFgVRa;jD<KW*1i+ftXaGv2rys1^2IjP;!2O;btPO%uBqqj=$b
z_TEIFrfIrw@2L$^_HhnL;}rG7k#r=n8Laq7k;Jry3Jv%&@9@Ll{#oIlc3Y!TaVbnw
z%AN%&Wgp`doWEDv5WF!V7^fo}eLr-oSy9XysfeYNl_gd<_u=8Lnzdmn&WGTW3+x4B
z(!?fsH+ABbge{6OFiZVBHp8Lohk=#>LRi&bnboXjDY>)NtW8s4Z;}ZUv~n)zFqv$U
zi}%7bwQY=1T5u?{bZKZVyQY=B-J3VevfLl5S=**EvG;fjbY2P^(aDNFn_^Z+#5(LZ
z^a6Iw=;2e-BL_FD_lsG*jpt)i`&pZ&;wK>(6Q<}5Pd*wKLkg3a6{dDi<N-GV%o2lM
z&mFwo^Ic<BWU|$)O;d3^O`P1MsY|+{bl@q3wv~&fKop}-Y7@RGE_}aPA;wtE+B6ki
zZto2Hq~{H1<HRz<EfK5=6SWjW%FDcWYu{Y8f3qqQYV|zYSk2lpm5Fu5VwgB*o&s~6
ze0JgFLZp35(=<Iz-Jvb}4H9V|tG_l2^|xjXho1d+bp&I}RDv<yn-n=rF(vPpGf}7P
zjA>yOVIp8VsX|Q;tHAXe;rW{WeC8mjt!8bTO7NaTV0LMmat>@vh#^dR{xAj&+kC_@
zp|xebRyPc4R<C7sYn4mHJND-=hqJY&nzd;v%n-|S&Yqp0rVwHb9Mr2giCHa)S>1Z@
z{z9{?-J*kK%Yp56%#td(xSF+TDn3lXC&!%NRg7|l5QB40cRM4x#{m3+tWXwct>>1E
z<1a_H(%Onq!18FtF1ZOIR<pKDC1AYW8y|xSbIc}0X0gk;q$3-MSfH%cw_+AuomULw
zIE1U1g-g`pI&W~>R79*Gc152|2q|Ou-A_@<9KsT_g!hx0g*i=EW}&2Sf2?L<9`0})
z`d+f$`0G_9Tcc9hd2gJV<|jxcg%IR6`aH*=Q*kLwnC5i<%cGdpcfI;Vg<_U~R0WfJ
zNpkNJ%-SlI%1#zMA|~A%`4^@sc#o(Rkuw`Nr7V^Alb)q89EJu^LBHEN12qebg0$;W
ztY&SSYSuKphglk#jPnL&nX+Mwq(<te_mhraG&;<Vm~}a?WEib>s}Q&t*yZpNigPuq
zQq7X_KOy*}X0htEe1i<F<ayFL7o<Bl*}kE2Ufq0{<9RsbzL+JoRv6<P<I`O=Yr9l1
zf`K6lq{)OS1ZWjFN}iH)%j0QkmJ@#n`#Ke~F!z11=c||{HyY1GEK~bgTc?_J4^$);
zkD_rd#J~txf^qL9pglb;W{tMFUZZ7Wa~w2YDX<LBD9)pEv6{7Ys#!9Mk(~+C#6E_U
zU5MT#ybW?l4&m(mq_K!3Ma;TjBVhysMy-B<F<S4dSzD&E<Dg{6SODobn4G34VtMvn
zt^oCpS!Xj1T@PzeI1Z)Hbr$*|p9WEjL%i$=??ZT~W^I?sPK{#t#q7N?flZiV4l!at
z!#N39_tHXRRx>o~UW8@OTq;v>^En2qEF&F`o%_qpQmO2MVK#o6jLU8c-pMToHV%gQ
zG);UDFoF?h3$rY(YqJ!hvXVbi(=U;%KMaX+2Kdv{@9yrNuDHWLseF2ayR}6rm%J28
z`mhwh2LTz9rT)Vm%7yX>+2vL$kpAxOLG$&wvbK7-)Rrfu-Ex(trSa{@%X8$K+&;js
z{Zg@(mRh|pH>iDhD9w<fs(e}!{3;ZI<ZJaqX;RuK4^sH{<K2gkr5+Vavz3n@H7!~B
zeexj`v<hgeQn=F#f1os$s=GT)KmJxef_C6xY5(oFcT&LhQGOx*5;Q?sTH~+6NA*98
zisi46--HJ!qE`6$255?>DEwA`aDz*b{I2B6-3O%LTO<lTe1o<re7q|Oa!?xI-h4kh
zmtr&~PR2VHvyxfH-JLP$b0skg<L*-rnaa*hFl#-5wQLKoZ-ye4o>O863Xu(m`0(LD
z(EkncBl(kD-^mXyp=8nq7j85yZAvXZt!Zg?^&uoi@AdjFX=S;UL?|h8eNY;&?Jgf)
z+Zpraxsg<hUI;Omhm`!o|1fp_DvrZI7{4dDb|4l=g$sE>Wk9%zjnqozH3tW`g~7$a
zx!L9(VVgYi{bmxgnU&|yeBXRZVHJsYv-%hv8(dU#A`b830U$D1R0xWq<j!3LaUvd4
zO3JqxS~Q$X60t$?$l4y(xz3DrbPKHhO6cm319x^$^W+WZn-<>V30z-{)~u$>pn0X7
zDy3-~9Ut0uY&#4T+t%~mw|(C>0yHX{$To#LjSP-)jR+;<cAb4>jP8Ie456$Sb<X=~
z9Sp+Rz;w=p%@leTH{-ujH9wiJ{Z9;Uroh)_d`;-z?|1O~=YA(;kv}txTo)Gv^~|WV
z<Qtz~=#yf(=vyjD+%iHE2mO`YILy(W6#q?cdSJdk-dmkdik~M;zZIT>KiGQ1AWZz1
zl4zgV3&(51Vq`@kw`aWIrW7Z;pE$#|)5HmfYUi9<X0dNTOpFbVOOo&&F1nd%I570!
z@&d(y%REohJOfWInc(^D0~7*xNW;Z;6MX?c<p(VRVId8j=s+1tGn#Rp6UTuRxg-fs
zWF&^s55D+8yqSn^rD@q3WecGp<(nZmr$8&E1Rr|{-G-=v*jZDkB{Z)$JG%I;GQF1&
zSfCgU-^<vKu|fhXwOE@U8}F=6f!EC%83+(Er6Ch2Ob&pE8LjwGL-E8yK-&O3JDQC;
zLc0gH-u#H3!KI>zURTZ-M)IN~z112Tq)^APmR3j3$+F}I$Yxhxu2<jD%i8BoCgQNl
z3|iMZhHFM~QD9XBjA3P=w5;n2l<^3xM7nhHzG(W#CPIa1{4Em!Rz_Gidbit>mz&wX
zQRwXcenZWq*+WTi-?^0d@7HhTvK~k3<70WwTfxFv_MfWrcWq=z_xI@Q?uOnqN8g~C
zI_s8J4#Xm@W$q*mJ_>ehEIN}MIT9<d5DN|jJIR1?Hh}^=nLqhH&s(0m_r9pBtLsO}
z9O~iozHiqVX^i>0-{0JPGU*OG*N`=uU*{7Th!+i^WRPWY@Pgl1{T+DB2mYS_wNB3r
zN|9vc7!39DR~6z{B$FGGe525q!#8GYxi8Z^9cJu!aB%OoNn=|tuji1mOozh-JDb6C
z&}$?44;M=@HKTH|y`Y0X6%Oo$z&Q=eW$VRyA^?8)vp|w)Tm}}SmJd~ExlTNCOp;Vh
z%g{_s(x}Fh<(Ac!%L|R$_2L|Bn(?qMhh;Hn+SD}6Xv*PmSl4AUEbGCbF3Xz!lxP|@
z&5$bflCFv!d@oQ_cBJ%_%xNeF<**sngL*T9rZqcOirl(fvE$bw;#OtPPBv56^s`=F
zvK&Tt21X9o>%c--`D@C_q%0>zHCb2HB<f{d@l09OMKK7Q)K%f|ntHv)>S9py^zd+2
z4F*meRMhHfupU$tEL;>t?Vscq->;^bpmo=+z);Yjdes3ICMgW)Zl~Sa{{olYlsk}4
zy1N^c1wb+YcOBzaPUzO%reh@l6*<kmDXTLMbMT69=sJ;kzUyy;9FRL6??COwsrQ{j
zGhPhq@2pdZVc$a#P0ukMbJ(69R_^(VXb7@k=SF~@c9O+|<?Zu+PX&7H`mVjay!;H#
zUQVF6=R;p)-MNga(5QK0C&Sw4k<FX`!L$G`UHuhb5cA)2|M-9P|MLIQr-MqSc>P8X
zuaZB=`l}i<Q&$9lVwTv_IzaP7dzf8A4-BxmBXNQyn4(TOU(&}%p@MZRfypRz1B_@J
zfeW;%CL`nqvcQJA|9*!`1r-p>#y=mA!NL2vUyvkgxm}KUvoO9oZ?4YM_-ah|)z#KP
zi}88m6t8r3mC|C-E@<+%RUnK0#Z}QX>@vWSA*d?qVL&BQz>>g3D?TWr(~C`6mQ^vC
zoYmz76RBdrr>vV`kI`pmld_o9Zsh?*QIu#%>Cl+)P;W{$cu5Z<+~6WmN&yv{2SrU!
zd~<1c+#zWVN$W}J-&mXt&dvm;jLFU};6<)1U~6KDomH$>7iXJw1!RMDRj&tU6m(YJ
zSrlUj1A{1ceYg47W!DAP@Fw9PlnFs}`pY$q3_!T14D0$Eoxs~5%gro34)5-}NiR%-
zCK-Uqm-LV%91frIEVtHOq3ipOB{cZpTmSU8|B@0B+5?+7ffts)jAl{HWc^=rncj&v
z$lI|$X3h|{{&;uXOU(ZD-SXy6t|Vx;6E1Y^_5Jnf^z@pE3$nB&I~EOTAKm<-)Lf5r
z;F93++>X(#zhdw+^VQWq$-@8kPk(oH{zn|ikgPv~te`E)6S@aQ*FwTw)j^3y7lt5i
zZ&ieF3>aE!?E%%44-mXwQb#>U2S^7keN`j{vLH@Cwy=oaB;C76xEvB+wcUodsK})A
zrfornX+f4k#utthB)vyyIUfT8bfsniS<QH{7&id5Xwo^2i>t+A0bn3S6#}_oWooK|
zD?rL*Aw2;}sa&;9J-{+q6b=itHk+y|H}$U#t*pUk8Zezvg*<J*;DfA<WK04f5kuO#
zVl=4=;4Hub2*E=nG7!>5PeDb>z~w_hQ5qV#d=f@L3it{Orx)=&h_$!^SrNl%eJG-T
zKs!iI)<p$b520pf0yhCA#cPcY-BUo6Y9(z^>nw1#=%E#FP}%^jUr%pVx2xyr-Sl~N
zv$~O>OT|xbaMj;-&;(JUz#YswOfI-$t-hN^FSJ3{@u+twp^pF4KmOmJAt}f@;vnwn
zfk2fDplAml#tKc4r9sBs?zm$RJRyE~bS`mw)b&K7?jY;yjZE!e$Ie^9+AC;imSjCW
z?OtD>c0m@>^~s+aF?_x-+`uDy%(g%&fB*`DtVEm@*>=3aKQJEtqW717V+;FCPsCgw
zu~!=9fQPt8sZzF*Y|wgrfvVxtxzU$^<FGV`<QVOP5CQ;GnFuJ^!J8QY%7;`sEKFW$
zB8oepW$D8YY@6{owdad*YO)S3ua`7`#A&d4HMXxw3tc?WQL1=^EJTd1^JYvH@~#jo
zks8wgY{S$H2F<W)8h8<{MzG3ZRg?lIF(D)H6l66ebq1k7)fvRZ#)g^1OqNJREjnej
zDNB`!Wxxr(0s|bec%r?e4dRM&qp($>HFCmySXD=$v4T4F6YK(C&<N-dn9La<=?gkQ
zUIr4V#c~1YWG%9C3S-sTnc5ZYwSPXkC0RvGF92&TN|1slJMH_GuIUs&Age&Fg0XP;
zM2m5Ba4~B-VOV!biH6w&5vvtsJ<!s@n<h))CuWl@NkX!KuY;%T-rZ3@N<nyYjEAhh
zQP=wSoA=}Xs78s|-3?XAa%Rl8YWXS`!m-=+PsiQsEr9rC8Cc1>J@z;Db3MK7pcE0a
z9`>@cIJtyi;YdDx0v=+VAG7Po1k5AGLa5Tb#TkST>S~smi_aJ=VZg(0Cd_|_roV6h
z4oOnyAq~jlhQR?eL{cD`zA&4he+OT4e75CsM1Q*88reDOplmJYhs2~gd^mX~BBnUN
zWxGx0KWr0D8X?c137V23H9HWvA-fQ}6u+xw)1F_TR~O@pg>uCprqY#M`|5nLpmQ_^
zE3rYFOerLQ93^mSMlHVJED2g-?3Dy^)u<BtRS1WYgV%}cH%!$4#B||4Br3wEn*Lz{
z8e}snwmt<8p3Ufs08kRO(LLDk%zg$Nm8(F%AQBcfw9-@qBbqm=2D44Q*(gHt2}`jW
zM1ma)K9q%AV%bluqzYUfKnG|+Qo<owzJodptwW5?h_?o36UKv6sFvU1AgyA^!vl1$
ziP{*0qS6%tqziZ1tybN1vPP54m0Z#cS;Sn^Rpc6;1?rL!J>A~B9`6sygUqQOrThTm
zfR!fw>JDjBsU)crJf?I?PJ}^p5QE-#K?s`EU#@~IF36($Pk+9=LwFP-?ETi662t{r
zQ9E)0+5UKB73>)%;N*RW?&#R5OJIAuxiNnGN)cqy{dU6XL$2<=Le|&aS6KZ1^qr~i
z-%qFA%NtmQeOfLLhje}T);|956w~70<k&g=4qmMXbjNbVB`uoH9x^3azx#eGKbghI
z7I)|xMOwjwQfW)xE;L87mUv?AoY0CC1v>T3Bw#xH$mtE>J6vqH0Euix(toy`9Z292
zjBRH~8q%bk5r;tms6ZIVjc7BEsSfHI3Z!0UQl36E&HNybAeQ~jB}BsV_F}o+Zh;iA
z^Z=*ZF)k$e34nvCX1u)$(#Bhq3x9D2hYPCHR2L=Lj09tY!4SycV^~##BwA__YE=}?
ztZLGrz-devkaY?9X%QfX0uCC3v3WreMC&wz!p1;mkb|{h3K^q7#ss0DQ`R<wOpt|(
zsA9<@=oOIp;SB;EhRD@?6^sJ4JV6`?F(UGQNDVQOYC^Y+7H2>c;`I<tB%6MHsb8j)
zolT*_i-BuL$5-Gk>bmt^qyxK+WU(+Ymo6fK7_=RUlQx(AWYW<}1;EI|bjSNuM}4v)
z?&|$aM2Lk*Z|DH(I<9f_o_j8I&zS08W;FWMWfy8fBSK_S;<5{JfXi8{XJVf0ow?<o
z_QyT|VxeO&6^RMZpqfn$Qrvn<#Z8|sYvfmW<*Q!rz|_Xm+so<a>qiD-_j<w={C@g=
z`U-E~>3KPwp6q=8WI$tTt`#7ldOSRSp%y=yl}3`qQzq-zyDTj{!9ViT|NgabOUZ)F
zx&9vlWJWya|6of;j-{=_0G=p2-P}f;S5&tGz-x;6w*xs9xNvF+U4pDF4l7h1%-^Yo
z=IFr$VE8WRLa|taI7~MZQ!^8HIaCIjBwt|Y%IX+1K`r4kMm%*cS&5)(i%jVNW(_mZ
zK|fV61FeJ{kQ9ha1S|m>e0dphAy}pl;9>@OwMh;$g=z@98y%}^8ynigcw!1&h~EHm
zXh#D9Th*{1ZnMG!Sz;z2x^PMx$^}++X{7cs+!TkiCgJEs;0Fgz2Sjg~tkooZH^|EQ
ziy8~HGRmU`RQNy)<egP!`gP}on~#4G23fEvoom>F2n-ZgQ#1FHqM-4)N6649q)RVw
zjX&7mD|Uebk|arjOoo%(gaMb$5lxxAi*0UT1a*Afkpx8F^O)nN<1|u*^z)U@K}p~W
zs37YVvVuR#;PLL*lj#flMV37hbo?O8KG~vBwDzw%{lIYZUIFQ87i6JsaQ5>3<@IeJ
z@z%?UYq#6;^y%@-c)<ati}~Zfw?Oo$D~O>Xt%u*o8LSVo@c%R^;t9Uu$UFAY#`6bV
zZhCVN5%!D_DQ=QFS9(UM5_qXolrvntxw&n%YKyP=Z3cYI2f_pew4y;ch$vXQgtysp
z%i5zL2YijkjL%?+3hO}1R??_$M+t+Z>rB=>6bytV(`%U>&Mi50bAyplJm(@%Yub^y
z!*B*08jZQQ7RF=^T2eQl)pD1rR2oe+tzK7c0LJE&DBI1!yPrjHAX!ZjFky6I^g*6e
z2at6pStylcRTaLU=>`-l%t3tUFqdH63(9j4=Ax0M$iNz#i8`}PK9<63NA<AIS@She
zX!q)z{$&AJ3Y2)MUMob+T`tcI6P{@mmI;(BMb89=o&D+_Jnnm4J48z`p$&NYHJ;$V
z)FByLuY04jDQNdhSwWhN<5SWPC1eO$f_r}tOV27(&gtbBR;y64o_c>1Ds=25%l;gn
zJ@24O+bLWW##B9p(U=hN0t*wIK3f(pa~6A)?v;*^EpqAB_J9RkUvDMr^$oJ@4YE$B
z)A#T1yZzhiPim)^pFh>Mr?*dH1U)|v|6WLzFRwHOCW0(JT$wD-H<?!dP%LXw^h>ic
zYnd!}t)ie<@zF=4$yH6q)2UxaY_x@l13Ybk$uYQtOA_yNgB~-$&*5IFg(V!v?Y!M8
zJFY8K5_rLC3esH7i}zU+AjLq<1Pv&%0`%tYUnX(HX9^Vz=>bNiIfpazg$h(82AfF4
zLmjPP=F2LQ7l@U*RV1J3Q^Ud?j7?lrsn8#+fKRYMhVc-i`}mQb^RkEmWks)~K%gZ=
zY&LbIN6fz0g*s_`r>KN3v5HG=Onu<<nMYLA!dt^6f{BrGXB8mxxvVCT#T7Uh5y_Em
zAaDo1Qe%U{<I5wL^QDs4TJkW4xO_2Hvy6Qp#EgVQ@wV6)tdF>9Dn<wvTBR;+Ryc+|
zR0mst)Wc%exj17~F+Q{+mO)l;mI5%iaQBq2DU4_lT*;bbO>cvaPRKTb1qx6_!KG?B
zhYJ#KKuUHbN3F6moW;G~pn(=JiB629a`O~~Qoki>ar(KlAAX)*pCC(_QnRSx8sZOr
zz1f{UjSz<eM%K;uQeU8h>k%m<r1D=6{QUXLABQi$$l|m+gUPOwTaPRIgPzWan$Q_*
zMSgD<Dq?!D1=Ci$n59H!@Pik~BJMiq+i~u%MO6-m>!mM@m8^IZhEg$Q#O9yPQK$B>
z+<u!cN0MScu)xoDiK3ZpoPp-N)lGy#Afq$Xuys7`fJ$(ss%7$UBYC8T9tnmi_IRO{
zi6XSpJEUk9kTq^0t4)$snER82f-((bKbmrr5ETltBGe*jm|Bx|AK5~}GBIhW3YPgr
z&Bw?gR!EiUz#vQbM1?X)BHhmNv_O$Plm=M(fBzwi@#Y}qUAItviPI)DdYSr@$v_10
zm`tK}8Hi?1gL$YGwRHz9W&mrTi<iM@5ad1Nk=4T)N=74qNS4_Q;;dEphLA<Va0OY=
zHJ$KX1YPo!$)a<mo&`$xN*A*yoyRs{odvt>Ch7xX<QO3cvM4AuQII*)94eLQpjlSY
zwf8%=Kg5Vu&WYP^ICaFY+}{WcC2VOSSa*yvGNYtZvwIJK&-CC9;^n<c*6Ys6JhAeN
z_C_w_4X*eA7Fi6)GF^SZ1sj0?CRdMSDe(IQWh79xNDm~<JruYdqf1cb6(`=q7?>+j
zAHh`Xswp%@2+$;Wn~gF8GrNeGzKu9lk+{Ci@Z%2GKMpXroEzuCV+atKEJ24nNMLAs
zz5V44UI!YZIoIJpykxjGW0(*lV{!gN$U~cW4xB*gTIGt97&?W^tuQT2)Jv8;r4a-*
zZ6w~CG)@d441+S%46>@Ssa2;6`Kg<sSd_krHTV!QohyPX2tvxxF2?czRn35URusvi
z2t)14>`qp~1(0wyl+*~XP$y46F;}9T4R?MYWYLF2ofYUE@&-nT)20$W24pd093h#P
znF(`&03%Rtcs4iMr3SHTWDG3|GVY+Y;<OT|+#BFIa1BNhCHTSCAUs6%Cdj()fE5^N
z07QG>gNAOi>NfZNBs|Y40@f>RiXEdU)IEl-J8^d@n|eJ$QR13H7d7*Bij;8{Fn}Fb
zf5-Rah)k@okf&@rBdvIkt0MLEsB;{q*uz)m>gK007--4VE<Ty7tX$e|2U%#==~ZuV
z_mn$X`Q0-Z-{0Q8zMf7T!oa>Wj(j|1DOjE&I{cu9kM{+R=Hx0eS)<S})#>kx-&D8X
zLzV3HJ#l_FY&*}vR<8TD$pGeBt)Qy8ouTBK+yY_~AsD#8LJL%(Eb{}2_xXrsSVT}1
zDR%#yezJt^77Ze?LDnK0nLyKn&f8w=y(W_DD3W*)Pl*y_(TruXX2GJV_we?3*+m!d
zOdBN%Vv+$B_)t9;qacf{p|>$ZrdJV=HG>>!HPGNrEpwzbjEz|uGlkPeW1?LbFuQ`H
zLLEK?3yYd$=}uxTryraHu{31>BO?(8R7#brhpz_7@uJE1T?63SlmJ#&6uwfHE@LcF
z78kFF+78gV&+m5EN&^oQ(Q@doY&-B6Lvcni(t`$XkQk?~#O}kJoq#8{o~T=rh1~eL
zcZ199ge^~~_Ky``CwN9*rbU!7;EEV-y*6VnUwjjDOf*WCXDfm%oj^KP(gj{|FbP$n
z{wyfq;*!B2b9ym_GEDG<3Zb!hIwDy4fK&K`T))t{>z}gQ7-X4!f5QGlmi>0WL6${s
zHAxa@n@Dc(J`2cB6ms|W9kMRAzs<2Yk_Qx$_2nQX7?}odUmioJkf-fJ6{BvV(05y$
zfB&UZc}}iJOcjUp;3`E{P_pp$crsfEJ%<t4E$2Ugn(zyF6eI2cHA3%_k^^bi;K%`U
zl7rhhVHkYyj$p2*$+~FW90pApqHACpA|%d!9i~8GJc~HbFbiHNPmmOxNR<aNxQz(2
zxScQPkgTf)z`#m>u^pW^j?+yn4To^|;HIWBD~1i(^`vkG6T>vhNscyEXZ3JEbHLRN
zhJc3*@uYc^C_^eKGtM%L7a2ZqRqSL%C(oQ9w%Nd=KBC0N;RuQi=|bKXgV;uLB&(9F
zvkD~8JJ2j_^X+bs%64C^C%hJ#a$}#{SmE6bCU}et9WaZbsEDD@O7M)MboxNMQs2&?
zc{&Y#HfWZhQjOe0pO0FQk?<TKO1AD-6Yw#C|LflMn~5YvMAc93VSIvap^`n!!5J&i
zD@!-VPv{szb+a+l0ySPQ0T`T6Ax+3KCMk3)d&&BrV^fm#j?ien!RlQNu;LW%FK2KM
zf!Ke%!R$XqpT<Fsy$zsrdgG1OYbK6??|6Wa^}c`G;Ri|<xBboO=O;ww@o?aOUO+wc
z41Yi8byoAkv+ZH(*O%r|Kai7yKTK2@Of`gGUku1T6M1D7%h^He)SAb~&+I~Ov(Fxa
z*qXZ286<o{C1EB(0%>xUE77V}fuXOVOqhRLrXMp<S4$7HY)7-mdi=OXlR$?K=!8am
zN3#-S6-l-qwzK)tp}aN*Gi7keTztg2J|~b}NFI0CY0tOk?MK3|UBDJNwTYJPmHCRs
zr>l5-OlJyf8dHUU#fxO~=PHGfPiiBM@{JV<c;9h>3($b+ux?ryOR4TUl!-y@2=@?R
zOa}&yfRuEupfv(8)lKyBxx&qaE|91PlEk+X<rL5*Fs16Tfi=j34fPTP^#*~_Kd)m|
z1__md1W{+Kbw)n#<21S&lvSsOy4r(Fni&cSEcz~|4!dGqGro%hzia!oDeQ2eFdwIH
zRV)ntG}LFBUsBz#CLl^^1<~t?SSeLZ-CPDgoHoW66fFKKs9bmbQSFhe{A%|e`ZlZS
z^X=_(TnH7PNXT;!vC~<M+y`vkLRRD|?shr#4g<UQ3(%0ZTb;>cz;zROjJ+`y12MJ9
z2`63(zdu1<Ky*9?cJDu5o_23UQaNw<_V)A?M{;o=pLSN{>J800ognMKxjJLlMzU;;
zKjEDQgBT};G)$FO6F87&ZFq^G$I15KMw!czBhiL7V!(l5n+FdTXB~84C;pS)@AsW6
z;kS3Js?xnx<qrBc-@V^C=eDumZ_EQ}YF1WLyCYcI-_%>}<Zk%oo3krL39e{Wvt^Xa
z7R{0@83QSd>!o1X(33djmT~Y7%?-_OYzbFV+}13P>*Y7{Fy??aEL|}PqctPi^jhVv
z*&xg7-n_)BZ0b!Up%1cn9qP2oM9?)C&w*r5S`#B#R3&$v9NWGpBz$Rl6UK$kI*#DL
z72kuA9z58An2J{D@#$1Kdih(-P3Bk3(V$SK`M}ai>CrNm4!uJbSa2kX9sgw-CnmNt
zrhcrZCTJbE!%4H_B`fo-WDklKr%W8VG~zpI-vg0xEDZ}zNslUyG!Ib}4t%N1z~+#P
z=^ct?MtX8-k7T)&yUk=UvgSj4`wig|LBF|{5g7-IESTX(pe$+8iZD1Pv*JZ#ourT%
z(n@KH3#&i`)L>-%Dre`20{YvA-@%~J0Y9_ELxwvz?s=urVwxu<NxDSE`zxoN_xdd4
z0gv{E#(Tkn65*(aN4eWT*3qWe6j|O_ghAGE)+bpTMi>U7uP?|}t-_!zWVy7Gv9bog
z^5x%<WnKl`6jzYd(kkAQ^~LF%dFm^NYJPZVuCw@Lj`*G|wylP&`<ZK*ZkB)XICR9<
zm>Zv#ikRl6u>*&-VUVQ}VPJTLy}ol*G%QVMysFh!vZVUtPC4J)>6kO&)a?T#0$xt`
z;P#r2>paLcRo+e$r+8l`i5#!(!#c^nrPqmKb@Rc{aPRe;%){gkN|tH4j38bfg)4Kx
zv#y7%e(q9-)Cq8k<1Q0@-zE39n}jUTN>pnSPuvDMMuz#}ei+~x#~nzke03fJ7c*sJ
zUzoZ+8Kp{7WTEE=R%Sk(@PK9pT|fYOrD<)Mb;yYiS<Dct<||;eG$g}b-V>x)WpU0r
zN^Mho><6HbHGxp?Rm+MCiQ`?ClyD(g)&H63mTuu%{P=3TOWj+mgz1RgNS}b33BQR9
zN><io8_5za{)`(&)-fjN(K#nE;?V>?IEiHasd)~%W>iTXiST<dfv7kWTJVO6#md+C
zq@Mbl<d{bIXBe!d)-%^HWns7++nBTqTY7&l5AhY_V7$EiTe1j7*VvB|upe*#3t2Pb
zQp+!c)WlHtLb5=uk@Y{ru+wEjv)r%qJz4PvXPG<xKe9RoU}_l&m<if!)<aS7G8ajO
zk|fP^)>a&J$%nGc;bzz&K^POt+dS_1AaN=iVK7`mNd!Mwfj*kmirm5ckTj=0wI+kk
zKD^CMjn@d&8f>+URj0+;(icfq#fW46d4L{G!phh+UAN*`Tcr!a;OLBxxfa+J@Bvjo
z^1&4rOle0Xb&w1w&`WYIO+SLG*bg2jU6o12$#C-McWnfq<zWVfPN0yeLk>JZIo0$2
zN_f|IXR-!XEx##Yuqs2Liln^C#JB9%JXHB&=vA>{IEb*tZP#m;(9^(Xl*zS|WJ!y2
z!In%&9LpisLng>-=s_AyQl(AgwC(W*<;Wg9c;!oyqDr{(ikL15-&kK2Swbe4YseA;
zgIO4hOb8(=9%03}o*!SIKgD%#l0`qOG|1Y6l>|}rQRx#H7{raA&Dt%w<H+Y=0fH55
zIpGr^*oep#S>EwL)GJxHlJojxzhr@IkrfAnb|mZVzhI;LWB29y3%)>+<?%?C`!SIf
zfg$I=lJ)!dY=?U!YX&vhmHOxZAnRugk13zoIeO)U(1VxQdC5eo%?x{eh^i^(g6}<1
zW0qg=(dS<0edwHpTRqp134yAYeu%lXW#xkhs+xjFL=T+$<Y6rPtgbNa(M38WOA2k*
z$3x(p+KdaktTLR%HE5aiWYkzk(C=Nqa@|F6n8lICA4&rWXP^fkXYl2R*_mK{U?91>
zS`~iG&5$Nh^dbMof=;rZ9P$Wo{ei5`uP~_q319f)KxYa*5UT}aC>haT@2XT>XObbW
zL{M05d}j{HYfd0bFw!KehM~2Q<+YEQ(8T&@<2nx-Afm|fQI|msm+8l;P>tFwSnk-M
zB{@{i4~=tOKo&zqO|8+e^}))FcNSN;?vkYsXme&*byW_H3_@0=pNB3?Z^+`Sl2x%|
zqR3Kbj>hxrN3xt^3WC)G6z&D8%D8O#av;kW`u%aQ#Fc62r`iL82y1WD4MWz)2Am3)
z)fGWxuVgEl_JU@~2U$zeteOqVRP*{c36_j4vjy%>uo&6RTx8iq>GzOT`4==bYq~_P
zmiN*W69dpLryUp#<|Fm->|8e83)--{*BcixfXO=Odn`oOOO_+6P`ZiBCHK+|A1a?Y
z7Q1-ua|}*!vnJpC3Qm;`3|Sxuv=DbS*Uu2-5;?EnwaSQlsF4^G;9YU)Qoxr<POPz*
z56&;Qx*E&{yBPGLiJ}qwyS|4Ww18P5U}(XkSynV^zMH3E;7ho81|`!Aw1*o&F0!MH
zx%L7Vvp6^ohuL7#o5o6<(7YQR9_0&e)GcnIbZh)DPH-`>-4QSVrrW~FHWl=ANc2F_
zPAEmGRTe*OHdu=*>8jaaj&vYOYRdYAG0Bof7kq7N0{ul<xY24<1uMf>|F57;ngzV5
zY?|!EgoO^Tf}Uug55NuO(5}CtXCbeV`B@lJl(lIJw$T;bC}ogU>n1BD;~~b+5E4(X
zS0DG-=O#BjsYTqIdMoe9&B_#H36Nw(3>nm<Cyj||V1Z?Oj-tK2$x+P)(+h;ML=Fbm
zidQ)pkMv4b7-?W-Z)uTAZ9dG=mM}$y{x7xy>+j#EGoQNO8B)GHFS6)&FAQ@CMM<hW
zRO=vX=FF>dam)R_;!0ysW25Tw%_USyc31P7&Iu5Sxn>-yHxaaJV5vFfb=F++wndx<
z^K8w+<s1**a!J#uKrRjjU@MLMCQt=Poyl5wIcZgvTvEZ9vShk@??F4TpSl3kq(`{G
zO-{_RsAbeyuh4X-1%~pJ8c65?p2~x7TE<AkEi=f@q{A>2z8LP0waVpS@H-^Sh;LSC
zALL204xwgK-I)rGC(ILZ5go8;XPBK4>G3e}s59aUO0pozzv>4E!*b!!R}My=p_y%@
zFs&{0iX%Z&a^Wf)1!yzq^CeO&qm}=(@B(TuCEP2f{@T*q!^MlydlgN%Qn}PU0bc85
zsDIFx`J^n_407%HMdHvZ7U_+Xz7JWtfv>NzGlUL_!W68v6>tF<g9eoqJjgN+!+Z<~
z4I@r7{ezhUMK|?XR_CXRIL(?!Jc>6>imxyB`hnT6fCX7!B@4*R9ej9se1@zNp5J$^
zxjRfqE6rMI83NYdqgiRCS=~F$ssZjK5!<-2tyD|0T;$Uri@&Z{3Ky`E{_b*0nxMmt
zE=>7LB|rGoc1Nbiqd@xUS69}WXeRFP1OdgO50L^!@PSL8giapcZ3%0wz=`nJZV6Sq
zf-zpT+6fg7{<i_$YNeI1mMXAb%EYiD#+mmGJ(}bXGSw?mj_7YNIb3RINE())VWSCd
zAnj}^2@{1Xsklja2ZZ@D3$D}T!q4X-Mt5d^cy}0uT>6YIc2GTorqUQuXgui;R&Ao5
zp?0A&zcx$!pfN~HYgkZGvaYhlhL;4iD&o>BaC4c)>CP%d<U&t8ZEdAL=3u$*Rm+^;
zJen~<e9BrZWsZ;Zm2m+-A_Zc+kJqUxEq0vHG5r^RJ$+gyjaH~W$(dR14x80fF)x;5
zJdCrk*T5%o49@X5s*pG}SuC@#L#(hjqP6(UK;+4MLS6+~lEQexTmS`Fd#d%(wO2er
zzV53y-`7FbDDTlXWy@4uUZ9a-H%O7BL6+cwtjz<(ku+w0Z;(X~hWmq6Bhjq47jkw*
z?9EJ!mzUR&bx&k?Oa8^Zjc>N1%PUx;68}<9u&An**`N!pc<sk#cGPT2XG-huldc|z
zoEaf)`VWCpZSF76XXn$^>V9Qt7*R@y*9Jit8)DYGlHz2}Mhp)cT^Vw!XQomXV{_$9
zryhnPMb|qgmJCZ7#aLjMq$Yh0>bbaY1&#jcbWb!TwGOjWM%(!597q0~Fx-}@phf@e
zq%mk^;9F#mmVq0XH_BYhjcrTOIPa2Y*wqeACOM2QR0isjdQyr$yPjC|w-;u>>uQ*>
z`_p<oanWVPWYVG_ZUP4&nYfnPS9Oz%rQj`SAB-1!!lZC*WL^`q&C#-b(l`zYP#B4h
zlI?W2z6*-jhy=tCql><0R>q&v+$If=(kTPWiA<wI3;gmM*;6r&z}$Fn&l`Y}0Fg79
z0~f-(GQX_CMI%cVlRzANl-E68Y#5BE$eWTk=$+h{AhbfI=yBljBqE8*<|9nWl0;J7
zzh>gNXLSbO)i$3&*5wtTYaJ#Z*BlLrd3@ZsfO<5KH{{WmAB#rz_DY+L>%F`&6a4t&
zDZ*3@@zZvXdFc7Yq;^pvHf&KAgLL!FhOUJyeTwq}DpNyIE3(>Aw4zx<><kGj2Lr&4
zT$OWCm$dsqdm`0|A*-V~IZQdC)$~*Kj2AX$QbGcY=0h>Li^Jgr(R^NB!`rwKsK8EO
zwwUuEXN+qQ)T-`>3b6u~op|`0958<>skxG>M51MAq)<6s<dQ#E?}G|h<v)>u+ap&n
z)tT~6?QtfF-3P64)FfH(ErM+FM)Xcoo?eqWhCaqN20-oTcRSL<g<T_8+2e_5^V~uc
zD@*1~BNHbIQcmBp9e`ljGp4)|j%>V?=WC&*1(-dWB#TL!D#HvCs+1hFb-k!48V^uR
za!1<V#5rD~wAF4bB=){Z+dqT9^z<5uk}NS=MCJ_esxwWRK7U&jLeAo3WaI;th?1k>
zEcZf%jqRE~$GpFA^d{b*keNMrOOK>^kr<hdJ7C0`kW2N&#~27q5DmHq7qXb)dIOL+
z7oZSXQ_0Htvs5JhN3F6_eG;pXCRUEnk%Ox*KS9e2!J>&33n>$EbuQjy=tp*#afs`H
z<sf9G*navi@^0CAaN2P$vN%9PkyHO_>adI>Z=YaQbXdcq)>y2!W{Ep<5T9YNbhmQV
zjlk*>t~4qvq6f1jKD_xC^y&N=HSSGnH@^?hJ*j_c5E5b)NM)}NqTt49sT0Y3aR5v$
z!*Il1T(7c^AZTsr#bu0>2)m+Z$$lyzc|lc|SUn<H?h3$BxDY8;R{a#R3~TjLgazNH
z_87uQjTbpiewVPeLygs2=$1<5U&fNII@`lfHaY{Ii8&jXf=L@s)-JSFt)q~XX2ng^
z2xRssGlf$X{)5l4IA6lx5y<@V)0hBp6>RC~*Hn;~82WOhb?0w0qbaTK4p}WNQJuO?
zJ}t+Jdu5_0X))0G*hbezdV_J&*|*IU_l4i-M6ZC(c<@*Sz|IJNli56^i?QJVs;Ny;
z=)4jv&U`Df%FN3OinCxfnE0Irxwsu2jJQ2*+R`jVACTlzKK{T$NydCl5ONmDcfU&A
zlLJN8lZVh0viuw|JJR+E$Pg&F;)s0J9cbB$Tph@AZ?lM19nr2sB}w<+&Ia9gnhe50
z|KbakAEC{eV0j(Mz^%PJC95>6Pkp|8IVT*J&Bo{?%TlZ9{S51Hu6egwnp6?X!L7?+
z35r&NBSA|oL5^x23Z@J(oZNLOU;yocEYlMe#1+r>YTR5jN#eaSr;xW4Lo3X9K-{{N
zvmn!#_0XeGDO%Z{&?lMPZS^gXBFU;!Ep&`rCCekVGxR*n#we9iuXxP4AU(%zGo5XD
zeN%N7cB&Bv2ZXI^jPjbO%ePdJI0clSmQ)x|<m@C~pyY%-NHeY#>s|4pm2{QA7sM)}
zmF{$TA9Rur#mSrzKL@fj6!lEBN30D|uomteBUxB~`J1eLS1GrC^+Rw<-`x>uGA4W@
zHltp~MM6}8<pxM>M47zD-3et^Kud%;aHPAS^+XdZ06<?vp_HX8L*7g>qIfHT;#C<L
zArq(GG~8@JXk$QM&@1kex60^+tO9ReWCgm7Hinoy{g9#~P}PJgr$<!Gz_8Q77qj4P
z*=(j7WB~$fWOgT1T)!i$@-aY%qg7bHU(R+_qYqfq)MP1R<~LPb3-O8{Xu;&*Mui+S
zCK^~>Pc!v>cHfzku0FZT6X#y!2Ft8sv}>D7Q>6>eYqMv@7_yaiW%E%oIs%?-napw6
zp(zsQz8iE5J|ofqYqGCSq7Gx0cg_Z@S}WBqvFuH~HRT=Iy6iiCbY#qboa)LWS-SLY
ziJ^_CP0y80Z8N&;R=2c~HH@t`!{und)R}pk>RzK_ZjPop>CmGkLMB;e9@ZXe1f>HN
zFoB8)7}RpN7&|rB9hag*;5jk|VEI<sR7q8ELs7}(W&{>NNmF3J$J!E(PRWFUMVRLp
zfKe4*>I1@4bg5yZiyfuR|9jlBu5!(^P~YNGcn&#1<KqoCFq|wX-(*hHW^KT$h>9Xr
zSS-y9Tes3JnTaE4V=}oR6KcbAwTZ4-gBA_@oHIi!A0;R_S<OiEJ6L(*>==|4uC*1K
zGe#i(1X<woR6KnWum2#c>K-%Y{K|iicGmzkTv=zKSw^aWL&1`!YGq%jS()msiY%8>
zW?KLe?dV>_Q1mLf7+gvgV1+CUhF&v4SHlNjK^vc;?z}hLD>F$(Z;nM3m_QR_vV+J0
zhnf`kP`#rmUcKoUl4bN+l#*Ft^a~m@^W%5%pk$^VOjgYdPHGi56}%ESKo);WuC6&b
zW9)P=3=AV!9m*B69cs4r&AV;l$&S+JUKt9S=3*yV*#~MAAb%vwIbpV!9>%P^e*1~m
zS-DkY)nY0U<qB?zlXc4p`7&Z|6A!9JMbaW0L7gC1pyvFJUM~61Tav5fP!%%@R@>if
zVQymbn=~Fi!%hB(>Wj!{y`wfc!;`7VttS!VuJD)Lse`~sUq)^UI6ZjaQhOu{Es-vt
zuc{AochR}PCdc3*X<QUZh>q^Pq|rn+J7xS;)gR(jfN_6-wiL_mD%M95!+Rpc%>T;o
zmn@A3-?101Hp6t;wFzF&0O1H)_vhD7IEl$`Kg<I2MZi2ayq<CfKvAn9v!pDGge<qD
zmaOISj}<hPY6*?4$f_I*m=UnbV-G_Ck*m6Pq~cta2T!x!AAjP$)mbr%QnZGo<(hA?
zLV&cq^*N--?PmPTp3T-FOD_^AbP6S_^au~pY^bH$)uO!1q!nfvW{;(huFb^GG%1rV
z*vnA+J$`#{x|AsS*fnh~PxAx^`kstj_m#m}SsfjWY2aebC0Rn_+G@J(pootel?oJ(
zS%R6nK?jGl3<tkDPutEKoq4#R<=n5z4YRPST?)zF@R+X<C30u1v)p*&u!GELP5h1y
z2B^qh$VwrJlSw(ORTl57yg;{EbCGsxqth-26em5xoJ3_|gtzj};h=OU8M)5>e7v$Z
zj1$wfIOM1coOt>5NC!`q8X+#+z<_08cJRX?mPUc)bWRvJWz21w)W9sYVm_q(`Pu2E
z5#y#hwKw6%krzPapPL8To-v<Ni(=^M{L!Uct$oP2meu=^^;``g%`$uy6v^?&riK++
zoIInVxvE}2F*jUv@uO%JS--@3w>7E+tGdcdKbNdxOI>Pc*+ZXPwcTax$*k{J|Iw`&
z23JnImgk+_Xp9ydHu&6>TLZgvNt)`RNcEok>;me@>WVQC+x4yTe{Km1gTNER!}pl3
z!LYx_FqQG;Ye|$W^^TEMGCSx@9GYLp57R<GOI<%^L=u>~;k?OC2T2^kil0uh7>GCF
z74ABbV0U$@Ox@zhtE{qGTKrs5rl%u;V=8hcP%-8b?S$<>WhvUiVbB{)h}X>bi8<<`
zL9RSOt^~X~-Sa{6Y@>5Ql&dsLV#eeZB6ysv+Bd#z&PMI{xv=qWpWs2uh1EWWXlDE>
zLNcP2Zc6N^9}%;zvf@kBxHN910=iGVPmClb-TlqP3GN;@7fspJ!seb!m$Idcu2Fsi
zFE<kF2<2SkSP4(clZ2^3ZAYh?ByxC)=RiP8l(@D||A`c)2#^K%7q#U~N+0*af@XQ4
zU@_NArn)^@T$v8V{jRDEUUBnl-9V8r8%XotKR-S_K0WetK+F#gN#Vp6GFGV65GS_O
zWz#`{YSv&fa{n+o6tdV9ty<s;TGhyL4@$P~vdh`;{CB9wvSqDRWKGMv8}9iF?40mQ
zzoMJ1SmX2o%EI~U%=An(hXwkKNwE-O$LqeYe*u9VGj`6+cE5_6E1|)}3#6yt4l4?{
zzSED?)ue97w2@x`y1ad<FK@UkvqWRWUO;T$QmbrzFJs-RqfH^-qJ1-%+>&r>Hk9HB
z$V-YM2R==aF1BS=0FLB{4{I`*Qjg*vI_wo5hqC8>);!dySia%3+GNgD5Akx<<w9$2
z!aG1@nPraA>a_NpVW4Av=zv}!k>_!kSgK_i@q}U$`fb*i{EZLME>(@6s+V*Rx0AcS
zk-7^|zy?^}dt%V*mQ6aX@sI}Rh+2S7Un{c^W)Q8>45p3oFC*cmKOLgPiq`3!&IMD%
zScd@Pddwg*99)d+^<NtGYqlNSx8<1`fg=m7zgW!49OF`?cIh9Q9O1?^q6>OR*I_?)
z6)F{45wVuj?x70wHy|UR`^`h$Y_5g#ysEsy3zR+vsFO@%94sjxA+b=TfGc<M8=4L1
z8Pf6%?~g%BAL(}g>7b{xPYrR3vsA3N?BP^o4L?hkxHOy!9a~QC+wA-uS*s!osp3?b
zx(XZrP6<%)H=N~^f2T1aDt^@)C)R4nJWi|Ji6DOfi}-19WmMUauWow$MY1j|fE-HO
zvN!v3hg|IR$dl7S@6uVGRrp)X5F7A>qg8EV*gNhvpMuPx!d7M;#zdU00#?U@Yg&0u
zybH2emVu!_8`<(RuN4=1<|#_l$qEN^<<nyq_kvXNd+F+yQ8BQbyIH95FAWTnc2Okq
z1fj>=_^xY~U{^as;l_iHX@+xVhm6ICASz{{vOCIHPM;taWAP1Z19!7DD!x@*ffwHp
z8ZbQdjIg=+`>i{E#xu#HkY@S4!P{D0sXG3>cc#bi+R~})o<_A7H>yhs7W2)gkv(Yg
zam{pwB*I-jqlY^7%`r3x&99I$D@FWG^p@iYFO|H$;RQ?t=@sFFb?0CsO5?D+L#}9^
zBac$UswyN(7DH9iXpV+PMeO)@O{h$ODza?)?w^j!Ec^H*7F?B%|CBtps1ZGq4{LWB
zKh-4bI2#nK9gQmsK!itv_(~3;a#W~wv*shZ4~ArAulHJG6<N*;A#0^m;F4#K3|U>M
zg;BL5fQ2!xH`pp6!3g2uN}+Sg$bY+U*}<J12stsfE7K5|tn>f2+g@iUc;|in%C(%Z
zC~SOGG091#<VveQ3$I$)@tI4Om+;4&b;fOW^tM5>!xw16b0J*yZs(IgEATF=DsQ*z
zo$@i0lsrpKoHf$36)EG!rW$g;r+;jF(mJ>qM3aMIHvAlrl!4Z2_cVXJEbVgFjWcSG
zYu9KI3=c-MMoWqtStt}erZ9~@sF!HUJDA<c8$`u7<g`ebDq!SnCT$XmaN7MziV;C!
z@nIRHmEq(KhG_0L?;cRV6dNPExG8;;2%bUZi#QpSOsPL~`gR3~VSVzdl2q?NEK@<L
zmAQ~5A=aTV*6L3jjLR=Q@3d<3#KFcXaQSO}N5aD##LxAX$rIUhn(j35tjICwL6l|s
zN|$88pj&(%CxTSsJINy-7iKE$wgfFle)f+HJLZq^Elx$2lfS~q7DD8TCOvM6){&fB
zfiA$Z(cj@1hAhuB|CJwoL&zfXC0R+4aB{~KuA{<u$uU;BeEeEYUmsU6RgiP1iv4wh
zxvq_H6<6P_g<M%e><zKyk+43g?U1#EMLF?RwU35Qqkypd(iD^>kaXjxxar$U{4KIL
z_qD$3W|HL<a^|1U3d$u{$?)}S+!5=MWevJiEH~1XFmd9)t~MsDd137VRdtdst}5Tx
z3+#`J%U*7TgniQ}NC`1n^57OauamSCYGq#xQ#3e#AQ8&CuG+OGPKE2H(-HMThKelr
zm0{VGL|@3tTB-uYPA=_j!R4eX;XHV0HDc{T26B?6Xo(%OGt$$|$zpn_^cX)t_3jQk
z&gk!*-rY@%uic*L*DXen7`5E>>+}^CBkQW{eCC>|iX%6w7R26;aWA|%d(A*&8f7Kp
zhF>q#f)GIi@59b9V!_!@CW>AwMJ+@ANzS+lx{5IkaxXXLIK>kzva0y2$nwX<mfO)B
z$of=dJr`M`l~!bVgTpk$>`0wty-8MU?-p5ZL0zc*3wrMVudDOvX(Zk5uxQ3e4dl8P
zXmCTdLH8odZn!EW3(W)}(sH%DvssPQk;M)oWx-;^GP_yyqO-|I&hz|^YnbFTl&ju)
z%f-E_XU<#a&pFp<qfZ#%RcHM?j;=qwk@aMkAN^YTj^kBk@uqo?g<@RA|C;XM%vMHQ
z8Q+ep4E5vUbAw7sO#K)k;DZI_?Wo4^PJbpSnAsHx($LKRQr$r$u=1#Uz8rJQhp9bX
z$4Ens0jJl5@oTgAKQgcF{G)R?|8ZRM5&7_uqqlLl&E9Y^{AvEW7|wf%UMYDS8C0Y>
zvb}-3LNpl8Jsb`e%}{pwV^8wE^Bu*}on7XZNZ-E<76iJ_7e5UbgFW}1!-<llq<Din
z7K<P<_agI`-~PUN$?jk=fA4rVxcfF(;b{AI*Rg+hH!%KhkdGB3oigymw{PD(jdZJD
zR$TUQcXkKCiG}wQ1tfoGE8CRpP$=WUJV}dkZr6g6#jDQh>;;5xD(^o59qnYlTek+}
zR$%<rR3X9ODuPh=@4--EaQ|S^w(aELX2SKrsQHoE72Omr<2aifC~e!VWJjs$oqo8d
zJ!9#Jkx;^?_~E`=MW7S`j#*tRg@Yy^7ff$L;Q)seQ3EVexCD%x;^a8~7N*{eg9sLl
zttH+#TkCiN7Du%vv`(62NsF~|$9-NgT)mow+@ydsghi#;rKIY@I|pgt>5*)&LaP~%
znA`AOQeqg@2yC#=XU>eYu<6YCo|CmPE5Q+E-swLXvUvU(CY_73H86rPXFHi49^)o-
zHEtxUBnZh)K6<=9xXp2q^<ngJ(Qr*8D?`O?|NOqe_P+Yi4d)ObIz^i-^fMQfaSBh)
zbj<nl#k{;&@Hl{>+{H`uYK11}3?Yo~<^<3Edwzy~3%BL?J=?Rhq3j^u$?x_)-jgr-
ziHSLqpVgUU4KxIXqCq51H}{2%-(ZIb-#4}r*;S&KMQ+Z5ffjlL>{m(jH+?ucB^nYt
z$y)OOYnWKwX#J2R(P>*bkxPyot=RY+!$-S6ne4w?v&-n@VnT5X=6A}uG6`AbgD#Ol
zzqyS#6|zb~k7SjU8VfdWSS{W56Z#o-S;aMFD?(clq7vaNwE9zNs%k`Tq9{;I)NBel
ziflPzk@w5%Kc0xNWuB+iT#|LTt>jtOz-p>5G1qD=^84#q4p}b9X1cTN6jYvOL{bz8
zl&tJKuB5o=-(al)p$&Qsz^pTfK7ttMj!*vh+tVMLr_t>==zPAN{xSRfIBkS7+0SU4
zaLdQ-=dphc4ZS7mbum}`^Y{lfW9G3P{e`T*15`<o_4mgSoxp_>GU{#U&xaUNkQ~TB
zv0)LULQt}bNNf>6v-9x&m4l>u3=mlx%3H3Mg2ihS{o)z7&fVLYH*-{7k@S8~b2)^{
z;+(&!X!ILA_G<6z$}fa-K_y&r1XYm%WGN~m*%{p717@pqm<eq-8M)&;8%5;er`~-q
z@mQ;dwufDUI+86(*0E1K*b3d(B1<oBm!5T#me0xL>(>^!f0?Y~OjnXQS-W1=K0i~r
zeP3(8q3!ybfu$NjS9He2t*giFagpg)bgK%{{8Gi*r6xKG@w37Y{p}^bVkZ@EJ$p_m
zYN{Pp&rSF$vfh5R61sJtUBU<<OFlx@l^p5FI?Otd1tD~ihs9CipGM^!#>m0X^%X0%
z>h&#J(MLa9y}HQa84fcussI29a%deIdK`cHdG;q+<44HJG#b^ZSw_?ig@g|bK3&?s
zZuEQe*<|7Abo2PcluJOGiQ8!N#9Hwr<QA1<@M*XoAJJ(ltj&1Fab(uW6i+JKPykp6
z-}R3VA0HdonR;2Ns*nEwC{~3m3nhy=<MG_5UPk;)QgG=c9@>2Rjf1c=+*`~RaHEFU
z;~I5Vaa1})QeIQx-9awqqFo8wlI5=}Iw_VI-NSo3{`GJ&FM_27=5`nCtzYMR^H*_o
zCCUHHS1cGp*t2hS08Yy8!@OhMr}XYy$CLd_*Lj3U+NzT>eph#_{Om6Ni$lL;X$Wr*
zC`!clK+)DGtjUk|3)DPJ-NSRR(mG)p36f`deM4%MEsWo_iE7&RKo_F0kQ{!d%i~&u
z#d7leyj(u-cZNZ!j>Hl@cL9_x8khI?XWK=hRRKb?$^W&|bSCpaL@7=%woBQv%!Mfj
zUmVewn0>rl`nWt-8cq+i`;t{gz?VNOQ9I_Rzk0SZwml<Rc){os{+*oSiehp#s6Q)_
zgEmfZEb?@H$YH3uM$B#WnQuzU8cqV&5uUE=s-VG?%!v+qJemHE{e7fx!XP4|2oEc=
zmQ`p|2~jadR8EKi6Sioq@=Th}jhBy65I-=6zL_>fBXKF2LCFh~hjsTFE~saiiTqi&
zn&zJj^~FA4`B^7Ox_+})RddVMcj}N~So*|l{;eC!Y%PAt@!xormi5i0S^Mb$ba;Vp
znKJMAtd5MkxFpzv+q1nYD~6)gV)F?HoQ;sFt40(r59`sT)<Jz{x|fgncX`Bj4u<AZ
zDzRngA5M<)a9f=kAedn>#AA&%mRU2<!b&$ojDAN|4dBQsY=$OUH+R>--kaSuk-J99
zYBA`_+WoaFf3s!MtogL7)e(LXcD0Svdy=t)>8Eg}p`o&iP1;%u&bfB^#AlSvkUytv
ze~wtZ9Y*YXwO*%e#d#4dITu~K->zCwSZNxxySdQxok-s8quy2r%X_(s9>n|(X6)F4
zf$@Fh-F+(5sM&;*Gk!=SpXCUS)A&DMh&+TAk+P?VRb+5&r98&3=4`3f+$>)h=9+$i
z2vorHKa%tX8^`w_{|!M~`EEgss*W3LJiSOl7u~fIgaKJGSA?iHfiZI*>i`=dyXqN5
zJ7KKt(-OgQnf56xvWFzIKlCY8i)mEzMn3g=Q>T0+i&%TMc60FpD}7eUzt`Q1VXp5<
zqEQ~ZofC{SoTlSGblEb9i<?unLZ#m~Vev-VyAq9YKLu&3xq?$bx|(N!d0)sW^=$+R
z%&-JjbqxEWGmG!MtSZ!(R-G|%pCBkR9!>9e=gJr<>u>1Hy5i|iPCpy7|Fs*kHJWgJ
z-W?uRHj3N<;YQEb#g#Rl%sED4@-S==QjUF>vgtTljGf_7n`1L2?=tnvbQx=w=Uf3e
z7^dU}Kp7kF>yW7@Y>ZLTs(!jk{?j@0E1VD@tV|Q4(23s0U=LstoK;`t%&Q5>pkm;P
zXMg1*95cL=T<Q&y2yMz^iKAHcN&);@9r1ZrN=zWswv%(nO1!&Tr`Cd!rDV1EeAZ47
z_0;5GzrDG+pRB5QhTI%5wtq9p8&^Er6-MmZQSpY)Y!IMMTPy{-<jSHmhFrJ_NXy=g
zNGAlcxQs9Kg1<Pl0LTESda-hAnZcOZsZdQ`)^}XU|5apV+~_9RQDJSP+^-RWX*ul4
zf-#Qr8iiz&xD2Hyi~KIul=`wx#>keeGEM-<Oml;Ec%84GR<cqb8YGO-Wf-jVY<ZQ=
zWWo6-8jZ}~-z;QNWLXg7G;z8R!?O&xkd~5XVuNTK2P>g;Y6^rB@8LOtt4Mdy$^j_2
z@mwy^TEA&dw8aM}!wVU=K24RMmMm13MF_W5o{pi$q>>Gs`W+0PqRk*rZ`a|eeZ+z9
zbb2Ub{HOn%#4aR>lpv{x>*{FpNqu7&M(6-1f32~>z|h<hv`;)#`od7TmzO(&0SW+?
zet2BU54EEh+(YyPOW%6BcSGot5fK^z6Rm5oyJAL`<=^85<J*&VqT@^Lqx5~TWK1KV
zk%S%k48>Q(B@Dy;azwkVD+{^^uvHsulZn5eiVj4_FYH==5_{`pKe>Tq_3ugTGl~}g
zZ!RV`_xt-3->s@zls*9%J=i}8d9DK|tL0iJbdlBa&$|Y%@^@9AVkr_R(NcBU3{sms
zXZR2u20==)3>5s8lzm`{K#tRm91K~N<Oo?mu()%O+MenAQ(%Rxr`Y^@byZSct-p-*
zo#^~bH-%Y=U}0UivKj<xmMgNRb<VAcA*a~+upk)71TjRw0up=4F~m<MQ983|-vAA0
z8r@UI0TNT;f-#}*I&qE2kVs~@UIPI}1z7i!%esn?*SQ5F|J=Y7)drj2Z~ML_hIV*c
z$rUzc3RcEWLzX2r_-Y0`N3m<yp|{p_vLEE}b{&^yT6lwXR09cs-1>9E0e`5a37G_5
zhCnIJp@l&0S;aA@)L|7DMQIJn#vA%>7=}y?%66zGQmQA(PL;;EIE3O2DbHKCGKi$t
z|6Y-`XJ|*>g1ml!E1AZqc1h6Fi>z*NDpy`s={CZk_6El3IzLrzGCC;xxD_dsQd%D2
zy8WGIsLO4QrgfbzvhZ+StS^#@*mbC)7dR^gVidX-jLC!{zH-vWPN?0yx0k2Fd=K8a
zO6&Q#Jy_izxN>Yudr3~kZtzw6lXE`9Q`^16lHX!<mn@`JSNf|g`L~8F)`CO`0#JNb
z1PbcJO8HL&u!K$QmN^!yzmS!vLdo)nUudcjK|B9Ik`<>tk)$nhjeD}xOIzs?bFA3%
zJ**;fQ_sD!MT)EFu4IuM>EAlSP(F$U+r?r{p<q0Hkje1Z=zStk$&U9O%LQRnNdoiC
z^#D9Ih3`xi+Q&c3yz5AIW4_faWzZ5Wh%ONVgC@92A1~-C$Eo1ioY=#dyyDZRjX>)L
z-T+II^5w787z4&zc$u!_*{uM2yAa3;=G{tE)^o?Ink&ijrRS4T9gJUD*HF0RMRNEx
z0z(dy%@0rPcVsh}WfIRZTNT?W>${D~l!)zuDx5tYVUSXRiP)RYI`++PDp_K;OYGB-
zt_;ri={`L^+a^M;O;|A%*_<!jNfnIrFj((w$<h#!(w~HAxOPnFu54LqW1C5Q-e)4(
z{7Q2l`~R^tddV|}8ajsqs0PZF?{Q4Fx3`s~*I$hStn~PEO$#^6MBm=Gs4Zzq#m-2#
z?!H{emZDW2Ik;cH9H6<nGuMQCvtXG4c7NeIP{R7@<?jkv6TmviKZUr!^~<WW!GiG?
zRnDR+dm442^SH815XllRx~JL&C_joMdDc{vA4Cm)Ppuh5vS5seK>!PJ)lbWF|Bo!?
zjVxvR9#$Ob<rOe2bRkNz3_G&pkF)enCHEL^lxY(Sde&f1n6J<*zsU(XyvI>P@b_Eg
z33IG!%Hu9}R-5L-fOw}w*V)}9ZL`!PwbbOiuWqj85LH>R)mY;CIN#M6e8^$N32sYI
zJ71z^PB-(i?(O=|LK-Tt909ImMPm_GJF~@>@qb7B93^szQ?R5e)Bs`}F6@9ETuIor
zZRFw4D6&K1<vI-^F>$28nih;r$dc=0jTEWjDJj@6%;vX}nM27d(SqXtU6=18S|cqL
zDkli_<Oij6l1rTCj{{0NJ)D^stnC{&l*+{pcY;{8b$1?w?LocAg&IZ*tx6qHtWLqk
z?s8-*R>NV2&|@|60<#M@^A?~|B{Z}xUPx6E^|?1nsQtPQ9@yVm>G^)8cq8_UD+s*r
zBuida_miv~ad7D+R%>yU+5M1JI*W@@X@aF*i_T)#3%>Xdp4Q7RbVR6h;w<@Wo<KJd
zVTtV!vQ%Ll|M*dC5%rtotF4Ls<=^@$)=V)YAIi{6$Pf3d<-YZ3VZh*o@q_;htXtly
TX9rPG00000NkvXXu0mjfw@a=a

literal 0
HcmV?d00001

diff --git a/docs/installation/images/windows-finish.png b/docs/installation/images/windows-finish.png
new file mode 100644
index 0000000000000000000000000000000000000000..f1a831d48979bb1a8395fbbcf4c10e21ea417ea8
GIT binary patch
literal 119402
zcmZ6zW0WY%vMt=UZQHi(?$x$!thR02wr$(CZLPMyweP#{oc+CDIY!mU%!pZ$RgrT>
zR=9$kI4l$v6aWAKtfYj9A^-r8HUI$N3Iy2SD+Rl1iGLeFCq;1~fSMVca{vGV07(%+
zWjDa9Y;b`j@%NwJNxI1!AnDs~2%-R}wO?1;YqAIF(k$WU#|e|9u4Ji>?MJyD=hvx*
z5!-9gYtUhNibWF1JDxiF2ChG|R|_ITKxOmk#wIVc%(GrQ=`Y?pW;yO+_MeX$(Gts1
zHIj=@qp}}60VnUKWds2|GC<zEWTMb0%d!X(MF^2kgiD<k1KO^FSg_;L`2M;-5aqup
z0bO)JsLswIoBot(vMQ8=DhR^^UHe8Mev~!)uD7U0<7F%n5s?Q7P%Pw(#`sBr)|X%^
z8c^G$1~3H+2$<EuUz_@#>m}%^p>ZFFAdlCyM_kF+3bL<*2FX#!=G5?Q{Bc&#&-X~2
zn~S>w;;IvNsorX;{JMRDkX?<`VYk_?ee&Ycm8D^g01J~KiPo(Cn0r=L1uT!+r~nM#
z5Ra+CndodT1{I2j@DR$Eo4G9Co#se6vbMBbn5ei0-jL3>QWLWDeSd#ndeod3deVO~
zu!)a17`^y~je?CKAo6q>J5)35tTS1OQlYvMUzJ3zBkk|kj0&hstBigTTJ^Lb)-iQ`
z-Bx|Qz;=DV(K2OOdF@>_uq3DMnSTl8T?T4c(W@{iu$iNQDU)Mm6Kd12%2tuD(2_jg
zQvDTMF9JXuNWB}YycClxMM|RBf&ZJNLN5`Cb{Y#J8YZ8&J65)x*y>wU+^-q*z3#H6
z^9&d`WV=+oH&KFQRTUtyvN@RVYJIW5D&kr;^14vFY*mOBNm$~A!$sckI`qkEWp@46
zU(OPB8~L1g1-<#DN;h(8NBG>0^@)3>8N(HLfpjCc{A#`Y7jmhX2OSc5d`s<13hA-v
zi=S!-_*uOt`Xx5*SKxE=LJyjU5VnGDQ+FZvBDxW=QJ7`L#op~9n32)pj@14K2cVoE
z@*c?lG-u5IBV9Zcbf%A-xjxf*HFoXe+S-J;S1U$j$H&L!=6R{VyHCV0u&@S(hKfdk
z-^Bjgbr0k{(yy!yBjZF`eC3_`Rx3FcQR5=ICQqEvq_U?cr^?S*?lAoSPV_(X>FYz7
zZ&N6L9XYWu5dG2S{FfoGPRIl=jAzXkiGlR;SpejHkoG|T+W-ss$#TynVorjQIOS0O
z`%ac$j9<?0Ju^qgm4A2HS_TnOi&=2wOtlUMyESIf={W>ziDE=GY;Jr7n>i}|&&XMQ
z(*$v8X<<B2hxXMLTWt<J7yYREI%-4xSWwT+^-af68alhC<#oiGYfsr@u_ylrv%jwR
zXA1cZ$4yL3beuE<1O(K)t$p(;2=uGLR#i2vQ&m>v-5_}cfRe7>6cQBCva%|$vOT-r
zt4-f_pwv{JjKKdd`2P&V9pM)o3|duP?OClvEvnJ$c5hfa3iB$bSdz9-Y-d=Z^CYUF
z0f|~2M3{%6VW^}OMq53nDUT?}Ez}3!CX$LWX9tzasZk|1!QH5&Nbyx*%Bq;L#zf2G
z0OZQ%k0#1m5y>2{w>a!b-RMW!ZNr)Fs>5|WvzKREBkt`^N0*|D*QFp&6PO>3y+v#O
zmO;nyUVB1oPC+jy3rss|un)#v`1~aPUK>=y$-0_S&_IGe{G?VEB>|M5PV99ZZT?nI
zjkCx)c==gFF)OCROnYr?4DE^Rt(hYd{XRgFbh$p5ghyk_bQ9*8E%CO$D%m$a4ryIh
z*E$s7X=-Nn;xguUyBN2ys;-cy(())f-E>S@SxH!QTuIX6V!W)F7amaK((DD>rl13L
zwiMT4-4$P3({#2HOANy;S6#Y4S`A9;_Eb<{g#9xBx#bRGZc}?ghN1^CS`TZt_u-V?
z=%dABX0(4$>}Ih;py_{wg<LJTUZk9#yt0`nX)#@E#dB?nzoMNG6|}oMbl9uXCnDzP
za)xP%vF0{l^gQWiltU~-3qx2Us_@Z@ry{}M0=Iu^<sXcHaGvL{(nh5eL-2di?DagW
z2hGXK2o}W>Sd&=^CY-PO*5U?kaeP+)@Nm%ldcdc%*hPC`3t7)VuLUQ-kNj@H82Z}7
zRT4XQ$n;z~jnx^-6prnJBgJ?BZ+Hm^@|iIyB0Wt{5w_GV)tFQi><@!sVVPLf>{Kk-
zxrP>rp^61B|6V%W4K%JR8CG&X0J*USN|xYn0Ni{YCY*UNy7D%16L)4lM4BV15W%#m
zKVRGUKo>NnXu+KsTwmFDdrQ|}d+~X#-llF8yKFMMyG9=DRKJgi!*)fu)O7=z?9GfI
z_t6b3-(frRW;j?;J+v&|1fdy;$aktQQgJn&YL&iId83iZVM6!ClvWEvBV1Wb?NivY
zYhA1iA9`^D%IZ^rV31A?Lc24CLT|KYjeELQrP7kw;@c+Nxr;LlQJH0i#VrE5*0Kw7
zIK_&VA6+FD>rX}MkmBC&{E-2vXpGC$@SiYcm&ru~Y42JbVCB%qP)5;hJH>Mhma5Rq
zBgqW}V~XDGc&Vcvb6Gd_$VZYi5b@TgOKrMN)>r5gs(KqjW6Sl5#^o08^O0nz;+3W6
z{+MkLls5(dezrhfi>rDQg2JGU$NbfO?3-d~&&lcE8Q}-`mKA=)^(8zjP|)l~>F8uv
zzOYOlJSkcciion4uU$Se?7=FQsh5*&l3E%qGeoQFsuJ0YO+}3?NMh~ZCJIWpHYZn_
zLBiPKRaVMnO6-y&C9a7GT}u>LUJW1c(||%eJ$8D3#LnSJ1CxIbOR-3DI9S5WfYSg#
zKch<MF3ods9n$Ch$pB->Cw*ZGQ8A<cFso9Rg9o9<4<6=Z6o=-C#Ay0rkfRUpB8p1T
zs|bnV*=MxIL6dU`oUJw}po_r>6Lq!EX9$xr^9F1Xsu<5_$`BGaFnj{nypo*vxJ6b4
zO)c)7cylambO@arpLn<G0GA3;G6o~AY|H^ix-e&;g~fBKA@h8D(>N4@LLFacL_9!0
z2h>13LTns^kApQ{OZTq!`MUup`N`U)nG)wq-01U462o+0qDEwEWjD_5IJjiNLwWS1
zV1y9BDK`g5e#7%^JBm$LxI&)S4;hh>BUx^yod)vnQlc3sT<qF6*e;K&G&gVHdPlD!
zexqvoGd~tujJ^d_qCZVyw%xAw)=GHD0hcY?S8q%uO%gc51p;3K5y1Th+p_DSWeNSu
z%M{v&=tP#b<GH;4A#`^vT%B<w2Ty=XIrjrpYk;H<j~~luv~3Vgie>qTz+;dLhrJUV
zn(WoEZ1DK{jq2cj`%A=+v+(C`5MFKCW;%n_-r2eP!ol?&5J^jm0iRAqm^b6%f*?tv
zDTS^)5I93hDo=I6`yQ<bySvm}lvjHtfJw2X;#@aHI;E0%dD|{1b)_sV>+GN9NC9LB
z&e6WnPk0Yg@N64U?15(biZOq;P^>F`ks`KK8g%edcuuh*p>Jvh6&QlWf;w#YV0ZNS
zX-;4qa>BsQ8p7Bvv|>J`Z(#$9+z!ZTcuK^~goVmS#sFssg^sAa_^K+*Wf+4xu(%3b
zQ)F*J^$_Raf$dXk6>N!tOVSurotD%ZpiGig6}&Nl5*yRh3Hcg~5I()f=SX4Qik??c
zg?20pl*V#GK>rTmvl|~m1rM*D88K$L6xJ}IoW;N4H(l`7=9(nOC#niE02j3Xn~qY;
z#iedp!TXXfuc`vnIXZR6Y{?jvhN~0MQ@$i$l?w&X*k-YkR?J`k(V9mAq_~}wCR&2A
zhECLdLE}m#v)?P29tQ+=ES58XLJ)Du5ng?w+Q7nK$zZ$#Q33W`+}=%(<e)+lur#v=
zRawF6A`Yt^mAlNxDe!Agc;<<=S(Jj$7bBCMq;P2)7Oe#=t^hKbRin+`8r=t#e#Ftx
zU{1Pds3Ykxtip->cmky5cTYn(R{1`5-Ecp`i|n0$YB9>hgtc)tZ-9;`UBSvCa0?5o
zuFRD5Bpt!CI`A<+dL(ca0Sih2*)@nGDN`E9I&vfv%4o2musY=w8bjnx@%5Y7+MSba
z769~go!M+orD>h<cmm+BHYo|o@R*pJW-n4oMk=g<&gAfE1(d}oDaJS3=7fe}Q_7YE
z=H7@;+Vv?BU@YCGxTxz!bi0-+Z^bq!tYzFr$Hy@%w)z^gV5#zjJ#`aks`I~jPhYlZ
zAC_ECA)>l&SmZBX{Rc9Sz8J=0LKelStSWtKvzQer3T#J&Rug6-(aCzZH;|xLbwSna
zn5esMx2Hu|4rVio6Ii{N;1Q290X8Ddz`Hr4#65{iJ3$4v=`l_7XMJ}cFe<a|02O4M
zef<i7opYVFPHv$5UU9>XxMBMwONPB!`HuVk9Z0!%iz18#5x){J<<lYJcL5MX(Z>6$
zL8m=CAs_iNQJ*8*1bQSb*EW47N=!77y@T;=2zdrS-8n^`4lV>+OHz$TxkKx8Od67C
z3QOXJ4fV)`*TOaN(^Spr{w8-NgabPu6Dbn8ZwH+Cg=Dvf+QK~>!eBuM61Z!gD4S6s
zMBc<CK_?xur(?^tXpC@7X5c;Q-g!@y&KDJe<2^nRll4K{cN&@wGm0$p_rQu`2(um^
zSUtShkY>_mbWdK2NJWIk7YMmZv%_=n6N0f66q}{^1SbUW7TmrN*%}BuKIoWk3T>5P
z4TLtifh$TS#&IS5Xq9u0hiT1EyC2HeHO+yMA)x4VhcHerILL){H`{6J*98!8O3OIx
z9^B6HTl-C0GZ}~sFz8**G}MGB9m;lzaLLe0S5PFlq5L&7QoQT~XxB=)No{P8?^7})
z26pz*C`{%W&4P4|pUt{z^Acxf&MfBQTg&n3X;?6@>%dzzZV!OxM8)AM4ViUII_k@?
z=3yGm>EhyzI7Au|5Tz+w(Tl`^<{{lER5`FXXGp`0c>#8MV8AtKzE0<GNknSW$ravT
z&5x!Pf<HmB-Kb@5=~)7^AVo8U3_j_^U~eG@gFm*zDQ!$F@BCq)jU|RYdAwDyR`bf3
z(K?=5dw*P^C6boM<SPrNP|6b02>L#078aGuTG7lyw>{{NH(D+**Zb|a2HhMZfTv(J
zUQ!0f?LfrPQHa06GbA-yK%{XysI{reG_e(ObOJn}P76H6i+yO>Nhc#AdGqWD;)&Zs
zW>OcUWh)0L9^zdYp&c;c)bEy&U`h>s>GU{qz~TBc2D3_h@&PhVXr!%SMJ|>`<~yWC
zGA4=-M8hs#gy+{o2*!aXisq}dDNjQwn~EIjUxBZc{(w+AFf)z}0)^0`$0s=f8kG9~
zs$I`7CV^i^z2Zq2RsdGJ2PG+mVDMzw6w}%c9UPpjgr7h&Dahy6I>f}`uL+p;!dl3>
z5}!b;Y!4Gdxn{WOap$-fVzP{wh?9?JVQIJEKsAa6<=>73$Ph7^0?GHa>HcJNF~lU=
z;ff6!IcF$MuTYaB+Vx~0HfEvJ>R8`bG(wm0FlQ9P=L?^zVjR1#5;qcqOK`+>m@S3g
zqqle=XYqfi6Ns9z6L>#?4pW-x6Y-XY$z(;RM3*O|^?-k-J|2^H8H$h>-ZKybB(5a^
z+4WI^fWcyc!1sQfm!+)qB<$(w(a+@<HZ&ki%T<*R*J#0dc<|hCUTk@i+~?9+hQc=@
z9MNi$O)dGDoH*m^VpIpSBPNsuUF{1t9Gc_Bai7MTn-KVCe?SHZNvR50dH>x4PRQ{B
zne%N7&G%IU5d2cpw-GL&<b@&!(UAB43VM~-T353ZMO4lxWG?Lsvw;zJzO~&SLo=)6
z$jlTHwG(&EI;^Iz7a3A<_<EoJVqaFCY%Q0>vICLU4HMhljo`1wQMo$(+X)%vq%h3Z
z&(Y(2fqF{xmn!4IV>V-=7%aVeFUebxv44YYcNh@UNjcOZg5EVyBjb#{>*c!T%!KNZ
z*rAsu?lbDl(1!N|qPdL>8Z#3F8hQZ{FIMP;5ut|#XiJ05RZxrZ31Zl}&YgN%=KLHj
zcIovXY(+6>z#21$8vQ7QlQ0Ih>v&{M>qrP0Vi>W4mQw77GHa3rCkM4-AB<<or%Sw?
zDMWZO;}uIi1!W1kGT91hLU%Igkr<bWv}aftij=4L+U2F~Wq_Aqj!uM|x9e0BX?C*}
z-_aF4GrOOO6&O?`h(bJ44I{i*Uzm}^dL5u%C~V+Y7W#clpr02?XU<sfKiP3K(plmF
zs^$)mo>9E&zT%v{fw2iS*4gbY687B%0p*SJ(XA-Ehrz46uOiS?!{HCbj>k0OrEi3&
z?vzFlY(60^?7GvE(*0N}ynaC@DQu=QS<6w7h@7yLvHuwc_2rf~a!-2Sm?2rt78h8h
zxoWZ8@O-F$5=tmGZT4Fl>M`Ny2>hZ>)t<g$XaM$f<?6$jb`TB<YWe&S8Hw|jW7W94
zEoP2JD;8jpMDuLEu|_>+h+=!jL14Wek29&hrI=6PWBf8!-}270D(KM-71GZP<Q5~y
zdyze3ZWWnnPl2(3oyE5!VGq77$e+T{&V0Prq9N{*?7IkUX21qjj4^|geK2x&4yee;
zI6Z3r+GNtKc&QRJr?fQgz8p$5Z%LL$m|{^1l1V7cC@w|juNhjpV5w;$-*XlyK?_K#
zMrcI(CegfTu%m%F+Fv-7ypAa?h4QVu?9YvG5g`~?uYXXi#kxW5%)ryIQu^maWYADE
ziq)l5X|TjD8QSBNtdvxcCq!lV5;RR<tpb6X=B^4dG!NWCd#TC;@jty&_x-nS>yLeN
z1sY6IO{47n8}kW`O-Jfht^5>c;ezlUb=PR08lC7HDKt0x<+6fSEI}_cl;58r{yGUY
zF>at|0R%Z6#?TTkWIz^JT@hBL&f=5^N@<lEyW(n9QzlL+8jmk0JoT=I_e(@l6!ij2
zUH_bo8RKmoVxa(0I^&dqnG(k4n4w^qpGH%9Tr%g;yX3evvmNVVPQ6;Bcn(Z(iR`hg
z9HL^DfT;m8TI{gSz62v3yoK=hffGbMqTdP5-Oyj!#G7Pp=gXEO^U(O%gH^+SRSD&l
zq!H3HBAG*>VrW%EcH`Q5_X9H;H)0(YeMtTY#8w>W2{TNdBX-b?9=E1)Rz_48Q$r_;
z#^Bl*E_@MV3d05Qv=vuK#sjfkt#K*py#gqU6G7G|hW1FeS~?&^tVww_!OF>#DR3(w
zYf{>2Y&4_^^^bw2GRa}=?o2_O;{1tIF}JFYUc?47He!Yl{GwP(H3s_Z=$^I=CduK*
zKrYV7u#Q;WZ?mVvUfE#^Ii4Wr+@F|T)_w@g<A{DXq=?W%Ku=dQ7*<JvvsCc7t-PXk
zM;g{V4pu<)1gAW*w-ClR>k-1aP@HQeBKr$_qCaZ}nx$_PB*v5qx}}wV5@PveT_gGz
z38-l{so`n3p$K@nfr`ZF>g^s0MDbx?xmUu5D!|DD2|&f|=^XeDfK!2Ti@7*KM@FXH
zkVf8>3TUVyV`0i?C0q(Ttcq@iF1SMBfzZ}l7Gtwhn5wpc2*#;FbMlfs6JSfN<7zJV
zKu9yBh3*3)uL)XUqC4$|mU5h7YeC8+DfJO70>69#KYF;s!EX2Mo$Er9+re?ldF(8B
z;C!4QD5tAg;1i0uP{>AzIeGCj>I=tPBdfdvs7UZP<%Qcl7;yOTA4b6qs)j+WHypv%
zS)*C51IhpLac9*2e7&tf%Pj%kZh!Y5Qa~Qb6fzNF>dM4Y3u8QsDHlq}zYNa;`w0c_
z>f;3$IAEA>GJ_YY4LBaeN&g($P?DidXXU@@3^(h#=?i5JPfq!prt0|7e1W*wEbnzK
zN^CK2LGdMa$J=vYhjX*(dv}m7(H8y2Ou&cZTnpQTF774rhSf;ajCVK0b|GB|s4hS<
zE=h0}Wx|L&d0(s=^^vKLo}1)~;q5gWn5vsb5uU_hU0%tPI`PjtZe(;}n5J6t7+s8-
z?k8q+kb<j-y&kNw2@XSS#B_QpqpB1N9Kuc{Zyh%~3im4~q}axdf!^;m6fVTaSw}FD
zWlQp*gJ3+zfnG|?=u0wPqtz8dM(}|ed;>0KA$CLy(TEipn}Qx&@51x_)b#^tputQS
zP^rvwhK~;EbJyl~)YpJKQ?=y5FgleH-1av%&fbZEHIXy+R-WGoRT-OU3L1SyynAR0
z310&s`a_(_L=LLr8+6b&V@QIPAQ~|)zPMKT)Wu*U37}2k=)G#SsbhHJqUwE*GvIP^
z&?O@XrA8NXx^N{1#mF=;4l@GwUiX3<98UOF#@`IzYe(k?{pN~^@Gy}8<$;M2C8_kO
zFE5>)l(QT2g;;F<1mU;a1^~lG>DT|*xb|`{mW5#o`X-^qk=RT34?${w2=ZQKzwI{v
zDI>QBM?laRTu8}@Pi^S%hXfY0g*=)*;5JiivKMBBl2eg$%fh?=Lu+SfMj|3IS#lqV
z0yB+!z<om~ZIJ{2G72k`5CbVGwjm)fEG$gq#vWeg<tbqG5j0H$Gr~yxpd3dDWAe-4
z=ix<|vLYa~_*ZCbLQg%bH5jeG@0+T~@EikfItvTRl+)|gx;jtSPeB2*=;+i6a{oxt
zl!)v7%z}ap)9t<b`^!0o%+tAL9-|9JL?7shecdZuE*?){V-pUB^oVXh2CF+@%J2AD
z+oSF@(VCkDqfq-RlIaek-z?8*JUK1n60r48eu+YWycG!oW$=l9AN6%K@E>v}1gAn|
zSy?Ft16`%}=9m2Sd}LVjTuxX~TVjT<4DyOD<5VK|b5&hH`vz8^k(Xf}`Ugx2LYf?j
z#TAuiX)RRtFuKvjWZVcIEI{INri9sSm*GQo+21^-;M{}D+NEh&nw|r`-;F~D&|WSC
zX!ADo)giWm7<?v}H}F?DTdYmbA=Kq1K#gq0DOq>2IwSf~FUA-P0q4%?<n|2-7sAZC
zCeZl93y?E)g`zbY3EZ%QW5FkNjh}$Icwr(a4=?(g-ed+cV>mRAiGjn6l|+%&f!7=`
z_?$rgbc&kei&!owbcXkNvJ_?J0RcMHHTD+k_rC9P0uqDYU?`<Ga#90$Ksv6qxdc3)
zNh6b12sNZWqi>q50kdaOyW7kiJG+(FL$6COf3R1cP6lI7|1ylY{tIn79QCK-SI!?u
zxwQ3x;YnH~Zkzu@N$;s5Q_#?e&;?hXy#skvnj9Se%~<}!#oLb}O32BXy1ZMx^!{N(
zBJhx*_cy2kj%NdSamJa2KmHFp4k))bE77;PnMtW_9WvQW3K{HkM^qg7&%3Ja3u0`X
z-{OkNs%?UX;Ibv<@S2=9HS8aiz`rxpPlU<@3LRgi%ae|?_B>lgz|at0{JA}mdi-+a
zA3dNiHwnN(Ys>J7yxT?F`oB`dYa#+caAhoF?GFj+v7zI?ZKj4`Sz2wpAM(*XI8a>*
zN*({Nu8`GdBSpZ>oJgt7qdIHj;oYYGFJHkCFqn)Xl-k<hS8?rW-BJH5n(VQW5?E`=
z7OCA^T3VXhFl{H4cH@n?{{Lo0M`9>Cj)<yh=z<RpKI3I&V<Rf)!jzo0xpaH-;n<yo
z+=>Sond5TtFY$W)is@?WQv9E(AN>V*Ifo+00+!8!BgYXIjs4^+YmJ;&`5<QGkN^2j
z-)c!RZfbgPM~s*p{2#d6f<ZL3YHfz`{_G$8KVl03q<ydz!TF!Af9os+K-&8U)Bn+b
z{=prPtPiyY5NxXPpYZq(sMOkBu>TcG0LU5oK-vaa`~2LW|BKRJktR5@^}l`oK1Q%K
z0JSzS42Id9e=9#V_V;Z6QgpKV0Fd{fRsn!d*8d$~eW-LhVE-}!8AJcCwOIOnJf8nC
z>+h&-1H+sD3Ce#)1(xxn)&_=2Gn@U_!~JW98}|Q1_5V7n@AnTLet-{G|Hfkv3f&I)
z-yXp*0M^*UGU(^<{#$AK3!2UU0~!I=-sk^-VV{bipsFomdLmkcLP3Bcy~p6i1*Qc_
zxOl4vFikoxF+C+{Dv2zj$SKo3qMy`=Vwj)j3w^P=g+d|45g8RArOc8(Fg1cIJkrr$
zp*Q);Y`PLrvSD~MoFi%(4Ny(x=>`TDP}ztX^&Pd`KF-wom(XP)hcsidY$n}=%MKHS
zJBeE=CS)guEH5^M*b6dP>^3kn2MElh!Kc4b{EJ^l68O(BBn*dtNd-@m+H!u&`JVz~
zwC6eo=HU9*Ki;h$DIL(Bb=ME@_ZurfV>CE*N1MO9cy*voeN@{l4^|FC<$e0h@`o9I
z{}G;>RK5|0t7GZXu`{#m_)Qx2*^7R6zk(5j{y}WMg4NagLn%|h%PuUtRHkBHJ}&O#
zPMo2c#=}bj?4+)dKA=tKUl+O!+*l5{+`hl|9Q$$a!jh*zJMh5Y6E&(99rDtL;^y66
zkvXre7d`L^Rd-X-ezDGkk)GZ^F$1ztiMROzoB?Hs(0s#5^G%_Xxt{eha5wSQZ!fhT
zGmZa^Y=_5EeEo9R`N&@1w+OZ3O`mW&2M*MFiCY1$a!~3B)Jh2$jb#}PhTg&x4d1gJ
zJ?-Fu@Y{Q1q33?~)6Wb~E4WzLb|&zZjT98NexZzY13b%*0P-<RrLzu*7vd>suF%HA
z18DB2Rn$-lR%al`q-PkZBGd9$+i|V>=M87p>@S5wqLQmc!c;KJTJpP#Osl&kMSgYU
z!_8o;(6H76X<;%Zc;CR#RPPv!g5`o_{|!<dbC+uR!!o?sc6r|DW<8qGGc7`T`iB;>
zKJPZ$%gMpuP9q2wHQ-X+!GQ9@y1i!NH62z=rJOHF@`Z)C6c<2?bN)Sif7>$c7uc2B
z%`hVqSD9(MG9vU9{wTAXd%spSh7wwD?92y$m%%8}y9f1;FUo_IkO%T-!!Ie%G)cQ0
z*^*Ky%F7A+_wD{P&J}1~-Nw52>T3=MY(3#i2kQH^*3xDerNl)0&+TxCAv&-7E1s#J
zN&fqp{69Gr?k_gXkA9<3t97ijxadvZtgxQDdSS)iTqurO@-#oaFe1Z^J~Fvc(XY=>
z>li*S@dvCuU_e^~&aiQ>gjoW)5G<($WH#_So^R|T!>EN*)<`$)KZHDu9$*1HGz9Y-
zA~ba;%<Qk$n^8oWmP@VA<wN{m<I}956yvk~!!lT7^%UZ;_vZLBh!ax={d}#zXjwB<
zSyD_0*s;fGkoya}&|oVzCHia&AWR(7*4qaL1HsbAGS1o#h<UUcu=H#q#jpCGtdVhS
zb_eyo>|M1w9)}RHH3t0ouFK~)AV!e3>3QohMqF&|oq=gguEp<q|KZcx29}x8dy<jQ
z*nwb8I5~bs&DQMM;FoE!+@{j~)0s;RvdEQM)D3~TQ|z&^f!fPaOe`UX9IxTtL(4HS
zAqok{#*(~HTI|3$-7SFXUyIW*PV|Ac_ovIKCHvE1`41F&@G?|{8TWho>y(d(+~rXe
z)j3&|S-jpfr!Xwx5)%#~;JL%UPAdWOQLsWW-CpU5_f2fdoNKDbIU`>SdksCiYO3B|
z&Ioz4vksItWY`sz%tLlVn;Xa9J}TtQppr_&2pwPKaHzYM>T2q-#o&$>>r4Z1m&<`p
zecqt3e<ViSZA>l|a<D_H?YjL)+QEQ&N!5?k{VJ}Evt-Ks^NWc?=-m;Wc&X!htZ-wp
zXa81r0B41~8vHRtHtuS~WW@5H`57^x83B<W@)m5tMQPT9BC@|*v$%>SW5$wZQ7*@0
z1oAmQFDt7SjrT&}5ew2k7Sc;Qk2(8ehinOzVE?{aTTh2WQEk>K6_3>dx%<V97+O6|
zh*ckj;S9HPF85cn7A0wk_o^@2Vp$N2p2Ud4!w>incS(eA9^-bxD22-vP}X2~vF%Ue
zZ~#JszYTPSYlaLrA~4-{f<Hj2jCWu_r;I1R+nh0<dW7|3l@*&?hnJ4SMfEStlq1NW
z)F)vHWboP$kx6Gy+G^}9B{I%}8LY=eY@2(+;hOqAh7y&H5yWQn>jn8&Dt>4XF~6Zz
zR?Y9rdTIvlHTc16joM!cjovXW)i@KNmd-}r9XwH0gpleXYNu`ea{{imCVvD);#nW{
zD}uxTvl*|$-xy-HgWHN^w3Fb5^B5cNmPke?jn8snF~hW9z~!=Mg|wgxttII$dLMGL
z{Q+E|8RRQxiY_1acdtjzk0w7p3wme!?8O&b_;%e@Yj;5~A%1SqwXG-RiCz78?Bi47
z)t8!ORSKEd;lO`d8z&K{j;rcJ8*kmFe1GHcY(h=I|A2)OB_QgFoJv>epE1J9^I$+=
zdlQN*nK~815q(Nv%qV7}LJZgCexuxA+rWz}{i-e48Rx#;$=DrNOJ2QZBT|U8R16sK
zjTI-<;L#kTJLI-z=;E!KTZFC;o-LD`l#K++7?7~$K#btcwG-;tz%2P5+@q}&5S9b-
z;r74^7E4d#_vIvmaS4r-WX7Uibg=y^rc<GnSz(5>MOa`QTEKKK&=`~C4)wHYMp3Ye
zjxbPjNLBv&B?9js#LVHqgKZLH!SLG?x{}PjKhZWK;=p+5<_#zJN*}&DerzQZfSc^M
z4PFEj5~5EH$T46t10r9*aw1PHPo+$JU{abyknOtcu}I;7FI87G%iJop*haXML=_)k
z<Pg+Y#)<wni&Ik*l|@Si7FD%mq?gGUdxeVR%;a>DeRIWpoHNv@tIaakw3Zv#!A?BA
zVTKkhQ%v>ficLL-$^k%XK62b92bRmU6w4AB@s&D`;!}Cmf$3T%eZPn+?pH_@F~nvo
zpq>p!7;w5!8ys}MvK=N%J9+(AYj@Z*jZpozv5fkD&>Jt6_9G3^n=<V*iK}NLu`h*+
zRpyk`hWNL6YFoZq9t%BMs4ughw-WP(WY68<y#!*8s1RYI9i<S@hNieTSHa*QLWco&
zfnr1+1`n97*wk;;u!l~0!f^t)Q)a4s*WKSTxTjEuE{L{!wNG~rcP=oYw2tx0no&W*
zzI&fa#0>q)0D~1IA|rT&WZZ~7A3#`SH2oBwutUZ39FAl_2Ib)t);eM5h2xge9*u0t
zBg8Z(3@)D{gO%WP1(rj<r!cG~(3k;HI7{P&8d;yTz4q;V+v}!_%O!Z;v3p)0ovfpX
zO_q(AR6Xf}GTuI@Cx4}21_pM*8Q#7aBjRzP!ljHb%-0GzT!0Q`(~5qVNu^QV3?8iW
z*|Vj_8+~JD?a0}@#ic!3ppz)!9-sP%TYHf$;GP&Y^oM<`{S^s*rx(<bM!nynXU1z=
zK^E={Vi;-zoA|)6;e-ptPyj!m(+-O4_TTAiqCdGS<m&D2oT_Ad>&9pL>BWlV&D{~5
z{L0NeJDhi~ZNo9xL?iu@9SDEgzq6(gR&pjwNJMgA%SKtLS7AZ<fl!TcnCoU(p5rAt
zCSkkX3Y?pD$#-0kf^mu;Xd(o4xF@fFFsG3sX-`9S#22e~C3c3saGW7H5CED%Suh67
z)mDFNKcxRQWuV~?OziX>Lf^d=j~c*PAx1yghderT6Xm>(!Tp=Xan~@{9@7#lgm+X}
zYjZ%KiKTTJ7?}VuCsslhi8#q}G5LCe|9o-)xyzoUeN7o1Df|GKY8mH~d@?tPd4*)(
zh7i&!g`AM99qjDgECNEuIkaFA2cjDc2QD%^tnyq%M~hCq`w}0g!H>}R0>;w9_HQ9N
zCgHxp7;yF;w(3ALPHdymm7M5+7`Kk&3{mCwO{h544OJu6d-jfE&-(gp@8=%U@;1z@
z^My&`LW!p;jkhSLH{f&ke!}V9RD^u5f#2PO+Zm!^8j}o=TzR~qdfiX!;_S@(shLyE
z@V;__RQZ5|$(|}GD2G)+aaL)Q?|--Q4^o*4$j~nqgTo!@uM*LH=tfQq2x*70jdt_<
z2KzO@x|tnwzrHDO%miy5XuZT^G>=49xv5C(d{gp$?qkFlWA`~9Fjcu7+jQ}TFQp8@
z+uyo8=lC>}_?ItI$avm(OHla;6KNb*VB72o!&j2)=|s0{8lf&CId&K;M^cgPaxzzY
z5mT`pe1Y$XKKUz!@tKF)@rW5Dg|ch#XDXm|g7$W`!e!1#?f1CB?!4bw$h4Zi4eysm
zh~FLW9CGyN`j3bKw}G@7a$x#)Y%X-5Y<;L9bE~Ig4rct3u&fY~HU%MS^e5Q0RL<QB
z%jMIGy_HkzqqN7%@&1zLVTFk+@r_mc{^Immdtl|8oD_L}*s=E>!aNyjxjUnOy=kO<
zrR{)w7IeB#_4NvJHPc)O0tc)p=o$P5f-a-&Xw^vQEyig#lP54dv|Dq_8Nf>OFg*LB
zH<<21gs?|R7{Co&%;fLSw96LgSQhen{QMdG^9$|~C_c2UdiS95_2;0}DEIIfhxG_=
z)<6=0H7jOGYUaj7g3|%(*^!+CyuE+i1Oq6GTV?`R{P|iMS`*7LuKV1(>-%rHV>#o%
zlDO*rxf%YbP^Q;X_7{+3c`ngoqJ5EB#N6Fup__dKj^V|F#%1}e?~-sX{}ZPna@p)p
zuf0vK8s8JZ$?urox`JD#mhc*3JGBC1<no3+^00KDpP)P5m!3F$@2I*8>wO=GsA()~
z0MYm0^_P?M_ZKTHVbx#vThjOk<@adzl)HiWz27*s-tCBbT?pZ?y`TqQqdNPn_n17!
zmZ0Hh$S6Me!39Y+uLnP91ZPkAakxAFgQ0T76*;EX@3O<)v)zH{=NprxT#<*ULEVS!
zi`SR7tDLv5R#Vh&T8Q>}b?_l^debO^!dA({<ahm*;tD#Fz;d>c2nZZF#M@;|j@%eA
z+7YE8l?JjQac$Au4o3`}0+%cubj`3M1?Xx<PezCP<jMUTE5$~+gIlS0XTX#7UR}IJ
zXe%4}1kZUhys3Uw4H32xV4n1uG2|(+gA)85gV^r<<LnsFr43hS-wuw{awJE@%`Ktg
z-Bj@VTCMwI<LXCRo5DyKVFW6C6Oj}mf<2H?xUdG-lIu&Ug6T5CF>eA&u@TtRmzs&(
zV6pA!Kkvu27}7+T>YM#yM4*cfRuSfH^v^&MEK=r4<n^9PJWPw`ICCy6UV*85@#ROD
zWJRF^b@Ld)=;euP%_-irqwW2kEaNYiff&-R`sJwO<kwVsND&get7S}x?_aYJ(qjVU
zmEcp}-TQ^cTTtglu$P2HX<Q2K$?j#6k^<I{I?;UFGu8UGW)k?Sp<qoFjlTrkTPTd`
zE?0%ac;aExV1tM6j@8j5v^5&<(gQJz&Z3E_RU8zt;6Cke<rbf;Z26*Lck%nu7u}Bn
z*#kl*Z%3IMtD737G;T}_SM`SvNYyddbmj^5+5!$aI_OcfgrxJyor30reD^L(1NLu)
zMk^-cu$)mk*{{Sqg0OtYU|uoV08pbM0jTORvw+J0SRvyPW1u;mDM$-{nH3O<PBT=!
z+GDTWaz_n@!XJ*o|MY`PgE`|Z;P0|5KNdIx;rF({7mGUkJ!rpz#|*f^Pi&1r9sGJR
zn6_^)RjjKY!u@bKiba-CRk8f|{IJ^m_#D7{?~+<QWxrl{e*29@cgu^Z1fLy>?&FOF
zE!H`pDu?z5(LaqdXU3Au7Tj0NT#D53LJ8654C2{V4#3z&;e$WCxX`%H;Dxfa9s&lY
zkN0MYYJ$4n_xgiFLory&(#rAY93owM)gg!v1_jFa^9~x0{CXfn=M(|E+HcJW=u@pL
zAQo+H>uCZlbDc`DoUT*)#pml)_b=Ik;RX}|Mga{SCr4T@2*|P4x23$p7DV7LaR#BL
zs5~^^RNI50!kSD`jnEg5>xrB&H3tGWb455zA|qr#37b9P(e{R(OU$3{ScE!n5U?om
zWz5;tOA=f{TdtWozhMSi$=iDQDlMGkff(vgm#=H)*}xFEv;tMczJ(`Q97OO#LUe#F
zSg+_$g>~}w;^Wr4oUEgiYB2SUrUmDnPY)J9Vxb`CBN7e8z(~Lz(9?*UHZ9@We624j
zm5~l=GgcAUz>2N0j#c(Y?m*oc)g51vDRIzmgWf8Ww+X>TBsD40NNXm)xE*8th|$c1
z8I8W@1Hfzg>9<35#X?+ShL}I!If^sr-3QjxE^$y?2&KltoI*{7=*QE__u>+SiVqzV
zi-&P3Nn}wrtIV|QxKbi1FqW#be`G0G0>!(AQb5LrW0EPg{$lg&=F7@y<ZthusrQ6_
zOPgo4w^4OlP;78DE~-pEhcRkP5n&fhs!GZo3>$wD{OUmMeG-ygzURyvE=MQkwYr)3
zu^X}SF?w_VfbQtIqhvv))IC6dAWr6;J~r!NZs=BF;loQ>mqiAvZ!E88klaSeqC90P
z!h)fmhkt}X_Fw_J395^8FzH}t-}YNgK1yxb;Ps=niO(L2dT=OjE<E+eZf3a!(GCr?
z!ldb=TMoZ$mbma?2cm~4w)j}2?(QdZ?fJ5?+Y(yScwqz{be>>Y_>U)oGzg-4M(cA)
zTdzi2$;XEA&!IDivSTuWJa$+;co4cx5!DPh7hPrs_j6&jx}h^+LlJn91{vp;@JYwc
z5LnVOiZbwXHJk9P>~&JQDZ!M29HCZ4Lz_A)ZW6<dT}^uxg_a@$=FkI`_*&dZ&e64u
zbd15oq);oP%#bRXX9cs<hAvSAYy}wxRW@lFK5Xx%9&M(K0fuYm&v%q&YU*-Z-_hPG
z7Rst^ZGD3=o*i39B2X2LIMItJ+kueh0qv1$of2zhC4~*5h*-9=x>P=S_j#`vwwUw{
zK0QTSr!RWQ4XZV|CfXex4aSJGVp=U~r20j?MLPUWxDDB+{Pdn7!qz-Y<2j<>NaKQ3
z{#d_YHxnJe2D~50)666m$RSjtlBt2Om(V`Z-tMaB&zqTEBw*k$b+i3{=vlA`Kh|zs
z55qM#{YeXtwo0X6imJkPrOLW?Q0TJk=;>(|)j%4*%Ty`b3c}FhB%=*P;L)_1yc~y-
z-@6Li%kfM|%WdA;5^rPUYd&`zRUz}~8A5TV0h&q<Uv1jh)wiFU;}l67{gLZCD>mg?
zm1^J2oDroet$t0gcqy7bS_laNP&z0^W70grHo?7VQm>*iC(WBzvBIV=q5v}SHJ5T_
zU?}KH4_dA!VeK<gVTi%PQiRDCpkf}}Kd6BtHn<RZO_3U7UnGoqfCR&&=nC&0T5gy|
zpEvxd`YfXhn;QyF#0hZo%qovjlS508vRuwZz5iWUPwqy8czRAX+9=n*SmtDg8m6RU
z8Iu;{a+R$F={tVQx9SmLB{=()LsAal-ndSgF+qm<!V1?YRyU3n0%;)r&1FX+qOiCi
z13Ql$*}s>-EPJr2XD+88w|Ib<(l*?Q-PYAP79Tylm5KSd5G7eg#BzjFix=9E!(urD
zQIZj1uCf?|V&-;M&jia9SmMoKrD+w)%|i%9&GHaYq~sXb^G&#EYJW~9XL`PuKt#Ps
zp&ZxJuY#wM*-$dahKfS}9M{-4v6pBl{8o47%uqx|P!nZ6(+Lb>ToxxnZ3F@%i#O3b
z+z%uKLvp+;S(=kbM7ijD+{2di@E}Ul;uI*_l|SKZxH6yW+PfhLp=_thXTe{_w2<ie
z1z4M}7;F|x$jP4lIT~efeiVD|n-0w14qzxw&M_fTZ{W_tCM;?P{Tp(VCWE!C)&eYg
zN|C74E}nc#8!*0<yz307M7>pUvzoxH&hp*o=_t@3G1aKQU>@T#Kd6BX*P(Y&X1I<A
zMOn!xRby~#1gypyQ3?x9Oc5nP3Z?8qr?B0l{>vMLlKvfz?k-=AwEDWb11=giqJ?i3
z=Y{&$@O$lwmkl^_JFK<2*dD2O&W6z{U#+TAE<I_E&U@Fg^NTy^g(bCuVjtDtng)Qa
zER(oSt-%Pg366$o7MwD1pR8o#^pyy4*X$7wP|IfYIlr1t`YhZ>!PHbF=od$*P~SH+
ze*AHPdJhg$o*odT&ndz#H=vJJn}JyFgr@6bDxDk?mr?TX1ou%rL*0HYSpn01m|aZy
z{e8-uItC;quMCB&UF?WL$YC2W%964rrK)27I?rwTHFpj$i)k{3hL^$5@fn7Mgo$MA
z=&33k<2rCU(P}j`k^MPP#~%V;5A0k5m}g87a?|||%yK^X;&w@nWWnJ0o?{kAsE`HZ
zxrw~LHQ?ZdLO^5dJ6I#pM^-7nfwX+11x<~pv9spLOia)gh=uEIPAN$e34?SK3~Wy2
z7{{&6eUURLU<7;!gU9j+D}1C;&?OGpFbM<AtHn!TQc&{QxUtWtgvJVdQqTx;g{11@
zcdaCa@*(7Eh|OOkd37ZnDk}@}51+AgrQx<?2tnaW1{vK|5$aj}tN5_p=MC1nBR`MN
z=3HhsOA<)3_$3X%;fD7L<gjm3=2<_B-l^#DMsKq7Axh_vu|o4PxG!~i8phyNS;Q!l
zJPnNd^xc?BpDw(XN)^L`4L$A}$<5tykQOK71S9<Ni*doCvmyAM07d>%Xk1gMfz{{v
zy6J%p&}R0p1py(L&VN|YhKLwRK_NxAF=0chHz{Pa8FCDlVFR3?EgaoH>hDJxhE7%T
z1y6ut4gAw^4xpTpfdYs;%Iw1bs$msj9dzYbl7uoFv9y_R2i9`1mcKQHH+M20#di^q
zuzja84+L%PhWrd8j*U%;k}WDGG|QkUb2J(-l9zU9x<ib{6!6>9COxkork76P$@Ml)
zv&YZBI}~Nf{xCD!$LOX6849<7*5=2dq}0_r1f<5oi^0_A(WwFd`hzHP%wCwHlXJmh
zY-U2t7W-FmA>0za@z2dhJo>FwF&!>4^z8g<vnWXt9=#{@#`~ug{r>7tI7`2{|JIT4
z>-8n<>#;T?mez*WwX>v`IPR8wt&uAVvM#1vo-bsW1y|FD*XP5uHAxS4gp-+(!@Dc0
z?6F<Y&LFWtAua>W!2FBeKn;nbgf16);?pq$D{f%ucO#VNPbc_1Vrl&EPXL$AG+~SM
z@C7BUd#ec8t1cVLutTJ&oCA603v-S#UsAitXkOCEcyZ?a8R<#|O*brZc$|?OB4Bm*
z=)ON{s)hxvz*9(`R9isbjj2X*@nE7V9|&qF!MoqzgjwL#f_0?RD@95dl-5K0I-YmJ
z6B1q6EO>B5jcFXO1B2VZa3_c?(#(jX&$z=d{;V)n6f4TYzC42I+jIEDx0vAu$D~D5
z#szUzk-j)jAtMnuD^9b7JsrBI6gx`I9X5-|;phFFfWq2z1f4-%If}CfNBPKiDjP!j
zH$cAPCE42YhPMN37~Z><Q<KaB!jp(3#<;^Ftx@}DjZlKdW_hC=6@|Y2CD%=U_4Z^t
z7+3(ViXG|G_m<_wB`Cob4jfiCV(%u@Qs3&4b}?)PG8d5+&?$!F6(5L(>p79|WVPx+
z&=X?DHhi$hZ`H5IFB%MR1edZCVpkDV;w?SoBQu#XCh~NB4A&Mt#>?5^945$8a7B41
zSEgR|Gw5&+RfI&OH3>pEK`XGqZ)e4BOFi9LGrcR{gmqcHP)@Bs*m~%d@vWZJ&$ETk
zdkj#-pX3J5fhJ*{ZJ1`zNcLxkwfZ)q`HUqVR<tY=5s_mXA80vSdoiWH?+}$VvNfCa
zT}lbqUu2>AUMQ+P_Xy9uoydp=k4U2TZ7y8v!Zx{~?`2QwxyF#f=+IE;^$1R;paapU
zCahqUJG#-`cDFZY51kwDUhC(y8+>+`qTb*4!ySBjdVWp1qQ+8km<@-AV+}IUiDvi%
z22g)IyB09yP+YHT?f8P~pTSVvmT`znW=0M=6h(ZT(yCN@4JTuU8Su>DRvUOZ+zx;W
zu(bEt-AT~CA8IjVJ<{t~VB<S`hD&I<9qL4+7(YMDdVGgDF8W$tPKY`gkoWm>gyz@v
z?mxlhFq&Kt$=oy)lD<3DuG>7VcC3hxxjFrP$n*s&hR>SSdmm~!9-o<CO$P~a)|32_
zGwEo}u8{2vhk+v*1wZNvEglc`MxXgh_Bu^!4^9Jj_X~}74~efSQDAj%bw8aBC)M}N
z<ol^K3=y+M8S+|n+rx2y{@BHbiE`;twyZU#3BjkOna3t2E=K_gS<TKPV+xqc2<Ljd
zo3oS{z((+Rm!D@+a)jQ0?GD^QbN02|Iz2v)^5$lZOdg(d3JyXi8?!RSr7K`Q#VJaF
z3V*SU`aI}w{Vl|Z%HYB4{C4Hn-T46j+juu6oPE!yDfmrLCNjj2urvuX1l|r-B&*D^
zr0iegwo80ElAicV68k>z^^t$e#wE;#hf5L%uQG%r-56S1Sj8`e;W@H2mFs^SALVVt
z^S@=zWwtYp8_Rsan!Mvmh3^Vu-zAu%!u0G4M26e-k5Zot4@O4>KQNSv<-tP73*}5q
z1uW~{##ndy5JrNDeFNk3Btm-m0DKq<*MCJTeA?c?O&`R@|Ea(gLHg6kO!kJ=F-g8O
zVK#JB_%&6q{wsyGdh)gZ??J6^I-idVz1Oo>k1jrM@709-7RZs;Vic{Zn}q4qZvs6X
z-Ua~-%*M;Y*p#KfwKp>F4xHtSCyMW87t|FR49E7|v==6xryBmZ!_Of3oL8Wa6**D!
z&Grn{h~Gc4<oBPwX03lKpK((NeMhkgofw`n?e5+t`S<rusTn^WW`J-_+Yb8mS4=63
z{PF?FSfJIG#x`i0Rj|lh|6s+6#>V!A{4gdTu&nsDg3GC<*cSsd37=FCyEfq&A9dEa
z*=}N9z51S>EvB=xf;B1nZ41aNtt}Ln=dsxe_{x^)ok7BsPsb6vr4H7fR_64eFbR84
zNP{606OWbUKb=8UUqAd5@ZksKs&xnFw){lQ%2$WN`KJ-7(F{xT_XLp|ZT}W_mw_lp
z1v&hd_4Z-<wtKTucirRmlJWjFs`g_F1D(8|g<U%R!fo>IA&e%=RN%b++K4lBuIsz6
zl9z6JGNC<3=+TzNx54Z1-4c@-S@^jb=nWXRT;{u9rUYTm#S9|s_jjW|!hiiLJa!Xt
zZ6qXL$j4y*VC`ymXFWr);p+WHt=jCu&(}cN8O|OErtt=+2alxe;J?OWf$Tq=G1OS%
zwC<8{IViN#@2Mw^>1BdNKFipumP9~A%)c+XcVT93#KS~EM?Z}8+FP`|_Opo{y^H>P
zjzn(Ho1QYqVYLFtyQ%_e`spZEw1;7uSAA_5#a2*^F`dpEQd#Ji=r_(Zt@$-YHZL7X
zoEFABjqS6aVYsQwue9J1tZmIGtY|<O*(icy@V2ljjOwE^UER$hUPY0J`1mB-iFd4s
zu$`dy2`;RzLK33NMD3S3>hO0^tzA!q*=zllq+s>VLpybr5mdMhoU;-+sW1__`9=$N
zOxiqEs<G1|z$aO%jBT=|Yvw${@)q*Uir~*8EXz4EAuYP=^l*YA@`CnoWi50Usnt&|
zxRf}j+AxkL1Z1Exaw0QFBM&Py<kb#KiVRJ22}KZZV9coLGr(frdT4%4Z28;+_Vfu-
zT-8`rtN=>|mW4QREy^akf;>a+9nCLFm#k@#%U5tp`@_vw<8-4@PTW7gKMD%=(>g*-
zS(>@a=jZbLP-vxz2{kXQYH08^7ExF_E0dFSy*(6Nl4DWxEla+RD3<fCR0%%DS3VN|
zo{V1GoA@(dm+w**&1AkDeAmnK4L$SpfBywQj3^4to**a|T`Robc|?(MA+Ngro)HqW
zufJ`}Sj1u^Y-*hMz<%WtlTgygx<u8HEsTcLv7_h+k^o6L1kk(=X1RqG9kfAXQ_4nN
zG>0K2id(Tko3VXlg!rBObi9;90VC=POtk1%Mw>ZSPXFsiL1~IoR2cW(h*lb345dI&
ziXQ&j<^d_b_D`Xe=lKq}2Ve3AzRs>#N6)pajB6Ik$O+4%1ik1rm;C9Q&W81<7}-a$
zx32J4cY8hDG7KImu#ppnBt?b~^_vc2=lczD%SK_Ekl3n>+^8bBLAwjtb_L`UYV*d2
z;3<L63!i9>E)>>*ih`Dzs1o;TqGFukghHuTMR|1{n{<kJwYhS{639u&k}AE1R9WK@
z|3j+~lrc@wt2Y{&@%trV{g;V}iH<IiCr6mw-})y1Z!!WB=%n-&DCcX=NQ(uGX_2lA
zNaJCIdEm(bv`0rzivsKd2{F45USlF6Jvb#(urpT4vweL?YOPH+tBqsu%kXpmX};9k
z1zSX>Nq}n9^*{*T9Eax5HG5+-LnypzS@-jimhJ94Y0XgAm&<-Pdjz~Rb`frA>Hm+h
zcZ|}cY1W0G>F#OUwmEIvwr$+)p0=lL+qP}nwryKq&%5{8=h^4i_p8>5S``@?m6a8l
z*A<b%p@#2?crju(2$aJnjGJWWb%o3K*K+679Up0O20)79Z&i|CknV9&*op3Ygv50P
z^lw_J2Mu4j&#(fiuFFk76Hjs^>+~m%9WFxD(MD1-c~oTt(B;!Q$~S(6QBce^s**=i
zJb><7S}$lWS_Lp1OeT9)Qui}oA;j$J_3|uvfHriMX>E<wofb?uv8#1ctLK~P4vLw9
z6O~>WOSPr1-KmC}7s@7bw#sW&c)iYN)+2Gajf+LCLaJ{r7Y%(lABo^T-(R+0w*MzF
z9()>TxMU|Lc%uX7$Vn5BfXgh6Llsge>>7}7#%)K3`+mk0eyR_F2^;;FwB-vR$%gT8
zs{p&(`zB*;UlQt>9ffuOq}wKu#dMyQ<H8ZG(-92%pg38MAPX|q5aOu2MZB3X<q~B)
zH!EB}r$;{nIJ690$L77j{fD+yDZ|%4i1VEq`K>LR^GAyV{vfYd)+Og<{#NB&^{(CP
zy13)6<9GJ6?^>i!^3S@?i~L<6yT2qpTNse}QBWqOq-hO54q1C(Mt8_fF~%D+isUuU
zhUxwgObwe9?9P;IM9JmVX(_rxaxZtN$%4IaO+4_;8&^`E#hAPaNX;-1a@R5!t$y4e
z9WVnIyfMojMU{?M6h~#}SEJ!Fszw2O$6$;*f<LfUOc%W$cWf;@Wihr))^1}E9@#%-
z7~u44>7GHbCJ(h8q8HZ68MLs!yVWf6ms%wv_x?*J+XiHL{TTb))fE#p0vE)_=4y<`
z;Ztzth|!u!%VjGc>$=V%Qg7;ws=@IQlLNYv?m|$>$rSsku-zf}d21b(6c^4r1g{s0
zqhCRRZ!p-o{g+{Q(qr-fotN*#$U5%)kKn(l;l68`|KKUKU(g|-UCYX5v!ET!oZT#&
zibgxqB9=7XRl5xQUdQV1O;}X4EH$%KyJMg9>Ow2>Fb{!|-J0YJUXp(qozG)?czb)k
zWD>@mcQM%H&Fm@1S8cvWwb|yly_(CRZj38Ms5m(pMvV19H6N~m^2cl084Knoq4CFY
z)Z;a4qQxjADr!z$Wci(Ket^s=krEYl#1JhbnYKUA-krk_&Q24;u=?hH4pB0fX}FK+
z)6*nu{3aBdHU7O9=}i7jtJ}yyOH@5`B9IH2JqNe+{&GL(PL}3pzkshcqCKS3^l|N^
z7LaDtNEPXB9Yx7;XVjx89PqJ`yZ>gceJ61GbhxJ+kil1ayMpfpZRweOc&3IBS!!`3
z2+d5_nU$atX9-L6aDl+q29){#37Ez7ETPwioS+slc7+)=kAo1CS3DqOj4`V@E=LvI
z-adu2QN8ty4baP!O}cwl{m)3XR{Z-?rRkv2&R_|q6#`?=)y`oGf)7?HU1x8}Gq0Th
zaA0CHEhL-C*UhZy>u}kdeSwS209gx-qe{>d(MQ5cKHt(x`8<l?;z1&iu|Mbf`eJr@
zv3Yif%kn}-bq*<AN))k?mVJq{;QpL0-HyX@Qcl+VuR9&VmD71*$CK9>ywG0t)X^9N
z@z&PE!uN$pVnrw+Skhp9HqY=NE}Hyms)2uwt=R13;U;J*(N9Gs3+q+zNebdo^0nuL
z_Hh5O|CqF8xgtUA>W4*rtPgGit8NGuI8VwFv7n_;%GYi^mCt_~Mch}4&NbVEfz!aL
z%x8f3`SNo(&kP3lmbAF+E?S+O7~@z=RCbvoCLyd`hy92M9#gjfWx(~G8(ju~%3?yg
ztz`-OTeG2!_DxhM=6Hi_GYDTa^jyatmOi9D+TL2Wuf={D<}qkXOt;yw23bXGIVu^7
zeYiY(_<d2SYP)ATY&GbvfTp+(H<FJRFWe}MJ5E_vIqnb9+hksJu04P*CkF_{Jf*l(
zin7!9dpf!_0wOd9z@3Gyk1!uP?txg7{ve?doGbRRo|aU#wemu&b->oY*oSVT&B@j_
z9Y2o`$DNm6U>6Gy>y7;CjLd^Um6QJsAd*L-xl;^3pQntM@_=xgTK8k$8<$IQg*_r7
zg3p+$)q_<1IZODIM-Z{-b_dzxqQU1Lua5xR^+o(CnV5fjxKb~(x^<JTvXe`~Rw}E1
z#~5YknTLszS#~|no8<#Wp*0&y-T(Pc{Mi_QDxosH>QwfjXSfnPKa9+@fJ|`XfqP2Y
z;s3?c1_UQXSTJ)AslP}On-Efhvkn?#wquEtXt_TZt#5^+DUqLUa(;lXDS_}j^!~Fh
zb#uV?Sjgzen1HAaC9XYfTHsC5yeEaU7~jFpCn5p`T4EQW(~}1G>zCgxuu0dMpXwo|
zAPQdKM;g(vVdYpZ$%OIn)Tp4BJPalUW@pY3Tl;P;vY@4z_5f5{^+A#6GCW<s+}otu
zeuFFhFy$|Q#bJf==QScVj!`)4e3&{d2U(B6t4^4K#ygYhJ50X-y77SPHq&Ynb-&pe
zy1j)X8v0oopTJ(VbdE=;&%37xvAE{$)gHt|SOzm>qlGz%iLbviS6hHjao}d_cXG-%
z+4%c!0!f5L23?roAVX0MJpp0qatDGKtJC8L$n5**%=f4s7`itfLDmqBu6QH;r@~z|
zDP%k^YcJ$ri%^FPA?jmm$mKV|3)je9jF$oMX4(q_jb$5ZlyTC|hb-=pU)@)rD9yP3
z<EEgCHCY<eo}VzFYsk>y<5xU1P5n6|r9<d)5>LLvavU#06}20LZWpbP*SxHY(PbJq
z=L^qbEjZ(A+4U~AtcFtC5#hL1#x|=Py%Dcf5x>Cg03{{AqZPM>cu89_asal*CyDK;
zgw*64?2P%ta7DR@xGM?MWIe5x69a8D?g}`t6y9k>&LtDe3Zl0<Kjs`l@;mt3?+xLz
z*#gVKBpc5VI@V0V%m%#jD|e`=h=m~flb{1j&%x{hwR$~-&JW3>XQTC{xtm4Spc<-s
zMh}J5$Xw^A?Y$GDfV12o-}Z5d+T+yEH!d0jDJZ46*!o4(dNJmMH4Wsj<%h4Han&ez
zEFzFfFDRSJ%zzfyli<})=1flX6=ku{jK5!%Esz_{spKWDvx}qa!*@L!X`jGOEwb%R
z(+-09vw5LdCy#J%8q2f_HY4<PR4+fz5@V}RP3B=qj*tmF&oFcjQFa@WLYN|bs*0O|
zABT&5@a;aRUj?ST3VpT&9q8=Lta&<f*Vlj4)mX+7P;(vslsqAFxzfF;)fl78o)5GP
z-?2#x`lw1RKK{a^2bDbjhvhk0T`oLy6?9%DDYw4(pVwCdmlk$ItziZ=HID4)_=@ye
z$a$rN-TM*VYzt$_ugSsb9$H)Hf~uu-!kW*8sv6fjjD3B0P)@o*(=T+G5Z}qXUczVg
za?j7J=ie<)B<!zKp5S?&BE2Dvs4>)SeR*nnVUm$QsCUla{@LV6jqKl7$}cS3-L0bA
zv6-6}V?ztA+T@agdOMB#e8bLE<3Kd*fJj^i30&N7TcjcTjQi_DOCZ9Df+~Qsla=em
zw+m(X{t4;e72&?Y${n=s@5=hXAgdD(k)y~_nhqKv!k<$;|GJ)4xK(t!(qHF9A(xTu
z7H8NlUby$+eTCJLdO@@icZ3uGDB_qg!O>V6MFuV})1O!S$_gBZnf)+~k+GXE8nEMT
z*T!eT*FRN|*O32XaCl(t`coW4q<*>*i7P0!R;&&tMm79))pDOnC8u5vx@H*5Pm2P!
zI1_8#m_hAOHM^4-Z6#u1xJ8WFcoXiDiQ3d0dQN8J0W!eRI`YGb#)(vT@6Re~=N#Jh
z&XNj&|F|tjs(%(uEcLkXZBK^U)088d02DVMt`?ExXFjxrx7l>=EYQ{X^H-fS?zX(L
zIk1;0Y22p!6)}hykgva7z61)t@IWPi4xqVK*>-x`3eax5Jhf48Gx(8DH0urnA|UQ_
zuS4b-D|PsFNi4+2Cnp!<;6dnY&3?dbdiik(SZXApgJwlPI2bo5M830aa;m!i=cTQY
zUN;VbxrdE36rPp7?6d)|nM2-U)Uokw;S2eP@U|s^?RBO@W4LOBBEs_k#PNl;EzE_a
zE}b*3*9CSZBlB8%5x`!h_A~A4x`)&?niVBXcTu%`lOsJIcZaQ>Nug+EgUP{g%1-OI
zytf@VZ~so2JMyN`!<BG3_G>`~@b6qt2ly_A3>ik{)Pa=FgvQBXpUX|0&YeGX0AyfM
z5WTK0phr|iPkcWsX;-7mr=DXpK_!solU@i1MBg$OJY)8>W$Y`FOd)cKO~pT;qzFjI
zM3JArA<KeTZI_E42PsQcJBIJ@jB0thP>$kbpwrwC&|t6k++}HQhBO`-98l?u7H5Ia
zr>wf!UidF@FC*ONKo7mRqJ#nV(VLlC<_KUfgMqX|E-8Yd5Rt!*l}TUX@`@)_K)hH%
zI5;?3z4t$?K?^{0!QV+Cj`y1)0N5u-1CGvBoxgnd;h|)*#`paa5}2A$V>G|F2TJf}
zHcUqXC1n*vWDO)F;CC^9k1KeL6BQl#6m(>qhDyzFnQLJ2YNc<$lT6x$B9NKdxRE^d
zOnMc#?4ZeYIFl6?BG%q-vXPL?=@Ju&zQQlfMPyg3l}t|HJBVU~5$DS)+71x+Z(kjR
zw9C9b1F34lz_g4#Ul%mJu;gWyX2*Q929;>B)`G4D{V1f@)LCs<vb^7Ms8R_baJ*2w
z+b%F^FV6xc3t|ZAi7H<xfR^mYiv>e{2yGt`%#z*;W-YQj?<z&!B@v^+ydBM9shSd;
zQ^DZO*QDp%BHALTz#3<bX^?4Rgf1}B?QX9Lj`h5PEki8Ii;HUS5`2T^ZJ!HgHszVb
zg09{^<A`w=IQK|b$nR4_&P<b>R##7lCr}kN%S<f7`iI8Qc(e9YEsys9I9DMXoPXzj
zvh{l0xUXht3s*#;dHKao_si$aqa<OIm*Dm1behqvq}5p=gsLD2A{o42Kf-4f?<I;@
zK(W@{?tR@n_A;EN5}WD2FGywB!wSMpTx2g004-f|D`S%<T3v~8fk_>%GTqeFex)>t
zINPP8;ii5i(O4+`0ZuixW`@e6{BIAKo5#3UO%!dPW3^+}5MF;%lN?q)!&kUIb}d<~
zR|VxWl2c(@fz&n3DrrpK9yRC(Mr5YsZuB9E2pMz~VD9(UbFA6IaHO-kQXk4lB&zsu
zSG6-5HTHiFqqq-`t_xbbaz_}9IygQM{$i4!oW^eL$LQd{1+4fJToBTmuYfJjGN4DK
zii`?5NHR`n1mvC;E?Abm`D^zGEi<T^*66d=2jd@OPNxOiiZAJf1<$W?iXencM>F})
zT&lD`yu?lcqKuNNx;F+w{HwPw!`^}O?4F?WD~rVtbFKBeCPQF9Kwe3j_lj1Kq7=s;
zVif@|MeU#S*iM=xuZ*vV)*Wj86+&HjI>uK%9b(xm2$Sm)qS74~8G)EVq;`u{HnFTf
z-mgpXw)XI(&9n&fgu5G71V{qBysU_rQ&VMXn;IoLhQjEcZ$RfU{`!*?!OYT9=t{3@
zy?HWUT+x%e4?GySv6C{WRrXTvx*Oo?w4>vs%rrYa%_sN*E56Pi^mKG=sX?=m9Mo*K
z&L<+;j5zB6u6WfM#!ndBymqC3$h)~6N2d~9qD|)Qi1M=U@f!tAx;bTtcS|6V*wG&G
zLAjdvr(^AsR+m$)^%(6V4tY^di7;Y@Q*ifzkkC6m{ReyYQiVyB*<_<J%Z!}1^oFm;
zqq<}4(W#3t6VstdYW~NdfGhJ<?a8|)_S@OP0aqUh+>-wca4`4gL8IYpBY!S*T*Ie;
zzCHm-EN-tfNX_xDugfw|Ai<mK>%zj)P|vr=kX6Y`MRR%($*ri8{<+G_YPn`N0w`Xu
zqyR!A0h>yX9a518$lkiJjEIi)ca2q&!)e`IG2u2;vv}9o;*mp}rP_Rc1+(E6O*D@|
z6Md!Cjk35Ea5DUM))OS*`33dq3+>Uxa)ZYt=GkUmQIFY1f}1ejU{|gb)cKabK0k#2
zl{T@=+(1t9l)`9ST4aj-V+q79Uwd5lQfpk8&h+}y>gYBlpQw5+UJAz`5ecGbz!k*V
z;}efo5~85UCMhY=0fgX)Yq+S*#$>@koa^&|q0_~U@lMyVnq5buBDSndTn7u;4UBd8
z%#M&rI@BHV=7@W^JeQi*-I4c=Ct3+am(xHhef+uXYPX}z9nouIiL0rLHOgzT_wnRw
z*VmQquDFQtb^4#)wg&y7-1cNRyab_g*)_u@0tjsq4FxiwgJ*Br!zr|)XiT^AGuREf
zCCprO1`e31aG2OZ2}zknB;6`~XmQT{cAgJnG5kMFPSr9_SUAMS{mc6OF2Obn1VuP4
zC1aT*xvqDv#sN-3bv@QQ6<C2cF&#N^u1h~7Ge6Ux#w~EMd3;KyzEJX#paPFf>r9@y
zTIfG%(xR5HB}wz1%wn3@trLGElIeONk=gb1LH*Jgy6a|5@wnYaHsQ92BH+QqgHxSM
zqBI@Zf&ie%c0!#(3iBa6N5F%_zzDON?ic_xx`^A`BP)yOXlM=^1YBAcUsz|Y7GQ+8
zlgO?u(~+D-@J_8fcRj1?lZ)wA`Wo9s#J6ns_ZECMC*!X7bwJuyJ+oA{^&afKtS&ho
z6B_k6QeQ`y|KQg6g1E4+jT_)p<nmK&7z4&k3g=Jl9+H+$g`$xOTXXUj$VzbUWn`Ky
zQmNRj?O+L&#{CfZtz&I}18;HjL}L{?8>e>JU@A@`4c%3KnxDYD@6LrF^UoX%X_d8B
z)`X&tYPH5?+*;r%)}byQhqmo+gvOLVfo&`@#hJRw;0pgtXcXh^_}=?Q@H{~|_IF6~
zP9U{iL_UgEpMH_R-AYF8)zT=gq9!g{o?lp<`Jxx|^x~cixn<ZkTjEo;=J^RW3hRy&
zEh`q>uBnwgzc52MB98-XC>}MR%OG5)TA%U0D=~_NZEOETR_+Y<M<~ZBKPYfuoo~Vy
z=A3p(TqC5ivsuCo8Vrm}*j<&ht=#%nM+_nLgXE^7mKEExb6!VyyGbg$xmoR&5cB$m
zy%nj<sXaFrXruOEtfB)EF~0jjGgEq@NjIZ=3ZdESVe%^+b{>b+R{Ai?hNu666)utM
zv6LL>`$NhGHv^GT+MZp*lD#%9*)0YCZ|Q$7*Ky$FFpsjmg|rGFldwQelbIloIAbnx
z+%ShsuR<<3Tjn3<-MJzqe;?`=N0I|t5+_nbBL^~t`+@ew2D;TD_c@tKUlv38w<TK+
z@b~d^ucAE3Qkm~DBnR>xko~=Q>4Mx_Sy9sTUjZZ*%>G;WH&|;D%2uzHI%|*<QU1Tu
zzfZ`({cv}8ckM{kQAd%5(@`$_?#2I@y?pzd!d$Wf<ljxmF#aI1%`oXMb^Et8zPn)Y
zuLJ()(V`R|#AX>rJ>`ynOC`1y0RJ)<*>_Hg4??R5qq<b*|8@fTyMYqsf9VSCHYd#n
zshopWQ?B~IErfnIFpv2^UH{ulroV182Q4pE{XY)*+gS)L3z+}0>#y@tA;^8tn1EFl
zsQ&A%{nt$p+6K^n`-W`-B);1*^+(w$%6~cczit90X#oG{UH`YrbQ2(nZH@^a<%fSu
z$$cd&{{0ll|9`h_m{;olr=LZ!e3JA5Z%=m{q-2A-GjMpE++8DdcA`}CR{LQ;ISkx2
z=u@(D7P4{--L~y0UEeVs7px6FZ&lVkE0)&;t#iPRbe6$nPr@#jj;E?-OhnVhuSh#}
z%t&%|;ShH}Y<X}#s+sgFR>p@MpzpCZ(vp9{Vatkgeh;W^H2mwdcGWMSJr!wkpe}IV
zb?vt0S`!%NpnBAFu2deo82=W$+B+fEiG%oqVEnrTG~hy#y_dS5l`5E2cf&dz>EV<(
zsAoGk^sR0?NnDBYHMDHY8UAcJ5L$%E<7ov)>#$G*0~``qNMc+#KuHaP`7Isg6UW`0
zT*<-UQ*qwpP)obLkdLSwGu|#tm49}U^D4F`Z*8!^BkOjl6$Vcy^zYGpC6S1u+#(jc
z1}ztj)vlpo2pN|Dlr+bWe?&r~V}zw?{T@ugEWaSMwKD0^qViks2w}_YUeFL17N=OV
z#}>!I@JrKi-rZ|pGAPlQ8n42(l>sMFg3t=`=3gjc{5!NJi%%3XxaYtv)f+;NaNk%j
z=y}-0jvNmeJm$_)e)o__VWJE8j8$>xvZR*U4<~=XUYV}VY-)+<#QgND!}|2KZU*b0
z9rOAnNSGnC&G5dO!7cKZ%2yZUShgCBaVoSei_o0<SOeH_+tfksk0Z2Y7ndwLKQwFL
zTVUXEoszn`6WKij$O`MAN+!Ba8wx?ww#LEpMe=X6cC=As0c$4Sod#`kaZ`t)cl?lt
zF3kl`cLb4H;XWuQDgrGBPY3^T)p_6YOo8iV3>jnJS?R(dyY)sG#$(yL`-;z6csir5
z@oRy3W>J426ambXEL|IW-?yqHZPl#2vS?t|HyCA^nRS|aG5vCO(Z8eyrYr+kMn(i$
zLA7I^<Q1%C6&4H)Egf6PdzSW(vIE#-AZhBjePtUX?4uL9Z4aFn&{7ADw?;t#-t}=8
zz)lvsUwNqrvG`&xbbd`vF{ovO@T0nKauY!nj_ky0spge*+)8^W9JV<$bl6FX)0zrL
zZ8g=ryd+!TEPZ}w|1vPH0`8(dCC$9prse?)L0X%u{`2J6%)GFmBm&mdc^wDlm}8u2
zG415nG8CEUIrBoajJ2WHUh_#5gMs<{>Uwxd1CC#%@Sp_%+Z_#VM~}|aqM)G#L9wm^
zX%@!xq>S6C!el%GCV7Iil#1%c_OV;Lk~K}!+<b00Ope%!!@YU$w?FFi;vcgbYMO_6
z30)e7sMJXb!~Jv8z3x9PIWdbW`evm$tu!&wUP!LRSva)07c+<DHT;7Vo|n-WHH?s&
zvifBc#(9gi7-0o4?9`so>?jp^Vd0AV^@5@0aA9Ut#ua9Qi*9;H<PKNlXT^CbZi)_Q
zn(pcOvNEu}jmqEr8PJwqYDX;L;YK9I9O2iM!n&cE0UR{HMKCCp88r=R)YYE>I{2I%
zBiJ~j{7gDl45~0NU`NxiqO7XsqKD<u=q%=z5lX5`+ZQ_#O&us<>W4+@rwItB_af=W
z+-#wPDmDv~HkVwB8p7_5M2E0>R#HLGYF3m$rr5rWGI5@R2r4)#Ah0CxE<c`lJn8z}
z+3LJUEF=cjXX76@nhGBZytT0H=$CAl>cUp^+X}^TbGL49Tl~;-aN@ckn%@1Kn>?$`
zXRSN~+$-Bd(mvVa5?tSwpDuWtnJU3L8t&ZFr?|hg2MgPAEK{F&t=kVtHofPw?mM6E
zPH(Xx;VzbL8kz6(X2`hgM$AChPBVH7n!E<x)|hYSX<lNFDpR`I8x4=_J{Rz+MIy}&
zMxP2oJ<GOsb>oPPu{(mpI{b&aR{AnQ+56&07Eio)2v3?=261DaZf<8SA&2$vOr!3)
zlO<bR-NcKw6*<C|Y~GNfxL%mYsM;)+-a|rp4?==?^<M9vUXJsgTFzcYU0-BB8(-@=
zzOF|ZR7QNTp1j7=$%dS+qEhauuPRrELv6bB7tf;Tod>zYFXG09t4ylzKX@Isj8C+W
zV2M5Zvs}njsm-l|#5o#e)KbsL-_IdQqmI{Hy`o~IT27Qr66(Xs(<YL>JQ5S2GWTaV
z$?QH~ju<aGO`AU|)z8s($~*1>I?sKs&~-Q8q}j18!v=88#NMdqwGX`8du}xQF{KDi
zZ1W?XVMD3{IPE`1Xg^+xQcwR(xf14pm1uC^I^XDSnhYj-o@YF<C1GnJ$vfZ7hhOZc
zHr9AemT9qGSbsX1lYhMS+s%2K-kiog*&Q8|2g-JYcvo5H6McEFdq438^oh};qXNpD
zul=c>k1V(+F18$|Qy7-7Z-BM*()u!M9}91nmpE6Hb^9t8pq^g`hSY8^1k;x|eW9{6
zM*=4tUe0UEFaT!&$Po(GJ2w*~l-l`Xosn`=YolBh)hzz|)MuN+_;~_rpYOQJl<7yo
z4o6;*tm9`mQ8wCylp5O)ngFGElWGdiBplWbzYmzNy#l3~=kw3l7vnUSv$9{AxC%q>
zLznrMt7Y%pD@pLOR5Gm!kdFtqhl!*!iJp_ZxK)G(>j}^)h=Fs7(&JuJ0b_@B+wwmQ
z%hmeQ9l@6Ci=%(F;mn_p>Mhm7ydM$LAtL(Sa1*%XrkLsUtu1x&ZTNt>Tvuia&6gW(
zR7!K*sL-Kq&X2A+w@V41Kde6lA@8Ox)|tPVeBNr<bf#T*Knkg<kYF~0fNnmKH*qp4
zvV4i_WPZ`abPgb+Q0u>-4cxyj5oVs6#u(CFKd!=nxMcK^^bIl;l>4dbyregv>H42c
z7%#(MPZY--#hyCa{xchC)|rZ_DI8`{&|sVQ49$$>w!(3^WhUHo!OK<SN_M6)FQ=L{
z6dOLnMgOI&uz#yPhqgn4$@kSmgy9$v08I7Xd{AT84?+g7|3qdm*^+s7CY)V1Qa}wL
zY4WJfgg|4$vuu9T^~=Nhft0lu(HW7ejFch01G;!#wUe>Z*1TT`KDcQQ3?+QWV!r*)
zAPl2IrvvXCTFUWs#rGDYN5E__pm{Ij^WJi0c+pDJ<v77;XGzTAut*7}*?$I(YoY^3
z{d}u6-hC^j=fHC)?wH&}M-vW{e4`~jz@}Y%qYvs?mKXjfM&+l<=#pp8(bt;HK2n%V
zzAjjyvCZ{PX2iJDW1fvL%Ao)h{}kQ9-bdBVRF!ERqbEolu9VUACH3dq33g>mS4b<3
z`*qhbuJxBB9pPDHjr#;-rpqykNM}V6KO^jEKkvnueeF`eU0!(yZtlfg0?ol(g67KM
z)o^iqPI$|sOrzJqh?Q(45pC~yWRb(K7oB0jJ3P|zhQP#L$M&05?AcGu?oqf+!#!X4
z!H)Xiq};Na`0>4}tLByW(^lWI?}ZyQ@ps_LXgjNvG-V595KABWI#gL0TRIBMk|Jt*
z6YmRsMgW%(jBUS(w4=9a&m!FNi}MV7a4U9nTIUnQY)9P@qyDHe#(VK*$sIJ7%?tV{
zlh=oM>%)?AvpaTy>em<9kO?Fc6RzISr5I><NMBBuP)q=f@qVxp=ue-q5U;xdXfukf
zq1IPlXxzlf<DDD-`Cxbz)xq7Vq&m+~vN9=(dpxdWhaqAla|^+(=pogsO42(mq6vfQ
z+0X@M_%2*-F+8T|&qxCahQgZ_zkzuZ^%2XuqE!Gnnohh(>wU#Y^f0R|UN#%G?<zpy
z#M_z??fjW;YP}WGIVwhr!3o}PKz!}aHm#rnM^lqF=ehrt(IeTcAfJb85vjEWr-Mx|
zZEcKvqc&n!_BHNtJRlq)u1s4F{t^^HMj-F{1}4`=gA&0$McXP7+#E{1oi=DR5mRcx
zI38n`9Ea@B2Hbil4ckfB%Kd^?BeGH$M3v9F2<zyc0{IfjHX24`QB%rsvrw#CQ;Z_v
zY2%{`f|OIu$b3@2?@2gDnt)Qr&%E)qBAZG=hx!<iE3bPAjNWMiVDakaZT*R%w>1Tg
zf%c^eeoM+iuCC;T0Y8kVX}&;^GuyetCOhCTO%C$kIHU7nbLiC6tJ*3x`vV4}98&ut
z?z@P%e68~txQ(gVSCk>ar@~)3ZW5fQwrd*vVM=p5NTMFM|D?1D5w3FEHmJaVood)i
z%$Xxb#7`<oeRjf7ztT!F)vke8|AaU<+<O$V`z@<yTMFlu6T{$T6AK1QT<Ap#b*EBm
zX~hWJLf|4!Yyi+kC|hD>xV$B|xA3zKmp0seF^B$Lk^RvP>tR)BdJ;|<+KnN#Eo9SX
zdJV6<gyOq}?mOs)Ilx;oApNel@2h;3B;Zl~d>35X-7_YN%eSkPo+PVp_{$Z?T<Dul
z?qo*YuG85lasy*As-Ly?bD5oOo0LbaqPB}!N=jB=zY+PTTQ7K6RIYQbyoXU~4II3p
zAvoDlH8n!u;vlI-$15W0d0-RU3)b5D&2QU2B2fjUd932wV?o<$u+H5kW7C)qS{;`o
zWO>Vo?1$`y5#ccG`vKj`CC6hs2*{x(SGv|!4hxde2p@Dev)&lwBOiE=Ql}XWA|81W
zS+`L9-;>>>mtEcn`p)mZX&#<87fKhub!_*)GW={G-a2`-@@1W1*f{+W8Hb~wY@7_M
zDt#L0xFo|G$V$+jXJwmzqfLxxGqH#9BoC#gyRCZq=Vefls&W%>4n#>a0y||<@0p|F
zwe2=|ybek+oN3!#qkVRAtV#;qk$(TX7w(H!g`|I#u<G9)OUqT8l6AqJl%+khUC`wA
zBg&Mi+6Vx3+$<4lVD&Fa4ervVZDA!G2m-h#cEgmd#bRF?cJ+?`SSK?3Vxe~ZaszeL
zF}#QC9a7@=Ob93i;XU^N26v1zw8nLLWrN>82rP2vT$rSN7F%dcZ5O<Lv>()7EMn{1
z**}twZ%8b3Ll^`}V3G;zD4rJ}Iwk;AF<yv*=yUIhUm%gEmSDnacpq5)UVVMK?w#0{
zRa1+0L9h^3;2|cNn``jzfYomX3q+tD69CN)CA@AU_@1%0CX`Bj(=k9O`z;${JnF!e
zDLTL#rurHv<30*5f(4*FGrnui;?xHO!k?c@6no+PL`gy<leIkZ6A1LftF%LEeu-rG
zth2zy5_$y}n;)y2PK&mcCEa>q6?qN0cA6Hfb0VTbt9UhcA<mT|lX<^vSfilD5tT+_
zW1cr;V3or|5sMC^(kZ-%Pk<5iNV7vZGE=MzNgd_`>Mzsu$n%yfCp2S9LXp4Nqa_u#
zSr>9wQm@HchYXJQVpWZoqlwk_FDm0|AHdMfJU{p;58d7!+DVvIx=UG_r!{c%3Z{(b
z98@VB<RAoT-c;xib0$-`^+A|LJ(f*D=)=d0pg)f2Ax8!jOA0OyTf^=kVascSxune-
z+TTcRuhKr&OHGq|9n9a5W=5+s)rPlV|H=78Z)}E4kN}nPHbJ?$ZY!1~#gLfjG!yBF
zk|7l>gx0)hs-VL%KR8t(j{S;d3?l@^+wmFP?dOMvds8)|oW6W<-C$Hxq$FAlUYQFY
z`(@4#1cP4s7^@AdUmK`FHCBwkzoql+q-hjYeA$ebmS#r3pty}D(7In&{j-vTBb2BM
zj=sa)?uNUG@m=hswlQ_R(P^Y;0ly<=o``Uqy$vLK-iA2NCRJ=p2BM;F<ut|e*Htz@
z$PK1^)lac%K0)&z35jA5crgZ**}p^;T$DKA*||{FX)^@$j}}h9Lc48Jzt_WFb8~qd
z&Vxv1NWAH#TuwGy)()==C$(xEp4<(edtzAburY_2uNsGp&X-JDbKJI*qk2_62tyD=
zV&Bz)x%RyhsWSr&wee?kRIn=sl$b^Yw`Tl&?3``ASJ-%T_J*YZ93g=$0)V93gK?;9
z>}lUR6Z^WS{xz8}4X$Df4)I(OGU)Gx?yt`ALlh$0#W3}96Rfq-)05_Xpx2*`vDO}b
z;|mms2t`CW=A0N{#I@(OcVaBoH3h2G4a+LBg6fqKg3@g%v&L=3xE}QSB{@Py<N3{&
zSd1o7z3x5%vp+H7@7bg3c|LPbR!15gv0e__bl#0$n9rNfwVkNp25I`!X6$zFoEZAd
zSH>=B3eJ}?dIJpG#agaRPH_$i1mlC*(XeSQ*b<GZokT;0&e-+w2o7n3G*01$lSiFv
zoh4CQ{Kx#hz!N!$+)TaS5s9wNCW@FeLHa${hS%MF5NFnxdm%1_9n`xb6jr(%vyzgh
zg+xt`{xJW_^crkhZeaPw{5W6hErzJ*b?H-x-)OW~v+ywTCE-7NI-zep(yB~!d_}#l
z6W{eFH#x#1QGv=5Zyv_)Zep4BUupgR6#oW&d>~rYx+g+$#<52DVfuyZ<i@-!pGe}M
zCUW_FlkcB+lL6kL5{0ks>^@AlGEvUncP(+k;KcC?55Mgf#a~~eLhmq&T{X5IsU3_*
z@XBpDVQ;k4v~#?-?;-vC8xo(8+MoOl#geBwfdue}o)cNV!J4Y&P%q6D2|<R{qb3}q
z?ESg#niGRSo6CSj#!~8(T6kL(|9h&@{n2W1drqKNJb`~!2G)FCRyiafs$1!H!fxI2
zo-R{lbLYDL<%OXto8H@yOITV5ZF=fQC?<VI1$RYB`!+;0p5{W+^ii>z$i=Kb3?Cb$
zLp%yK!v!(e$;v%BS%$0MGYN`W#hF!h#cFp)@_|9MN;2`y5pl#|)k+#|sR0ca>4W2n
z^7@6uAufq;0p-U(tGo;w8ZvH<{N(jJOGuDsQdf7G?vvM3obyX0^ZiJVeP|TNW^1gE
zwR1SG>H?L~zy>ks%lGIIrn|<LOvDu*OUTuzTx)Fg3H9#NU7@Ter16`6d*dC*NTB{+
zl$(*C$l7w%_}NbJ(by=nXHz$a9%oIucM<h`-qmL3YE2+0)W`Z-Rn~GTk3e}qfcrS?
z5(@{*_gWD#h2N>x_}Kcq42#EgxEGd@{K<gVnOXF?Y94>)_>{yIH=mSmi#DoID;DLI
z{1)gbbp>{4SGVMy@>Cf9f=iUSv(q2Nmc=i^iNHbP8dPs=y0ns*A&Eb^<JVl{jQ_O$
z%C&-$Yb+s7z~n|OuAu=UuBi{xnmlsUG0D5-9w%%1K$QE0{vJVaT;A7wG12xiR6%z$
zkL4_HbRk^TvvkwD`-2VTJRTWA14|nqYIfFut<qS7vtAT2oso^}m+Z1(#FLgh7+`P+
zNbCTvbPd(~`V}#DRlL(k^~R{7iDZRlKlNrVg=<`3BwsQvd&IGePb99G0}<SM>9lY7
z*v932RyS|<R&jGL^#x2vn<C+{^F_=ZKwLZhV03KE?{c!a@2mNG7noj@@R-?jJDkUA
z|0e7SE<I}KaSFWdH3`<gaR)=E<G^f{)!8Sh$~|VtKpRe5Px2XXVxv3Jd=@+GbwYEQ
z_3W(Ge^oXWpcpdGzH5G#mLCy4k1n#~Cg%$PNPWm6umOV~FP5ttMnpsmjGY}r9?s4x
z=ur750S?IGzT+%)iR~3OvP<NiZ6is=j%Na8Rp(SeOSHAU(~E$zuw?yuvcP93$9iTt
zb?aWs?}D8zX~cLjLC@pMfI=F(`%3bPi^)D?WN#Yxkt(Bvd63LqCgUQ;IXMD(9hH?U
z%9pl%c}->gS_n;+z9chwEo~g)t{ApF*0Y;i$C{U~-#my>45>~CucsuVQp6-^EtQJY
zF{wu0js@a`*Tk}MF1{<AA>vb86^s&<9loiQND(xv^m+HP<KaJI6~!M_7YGk&rTy{`
zRxB>}v$>-qcJB^|TvNZd1(WKLQdg>5OLNAIhcINl?T!~K0q~4Uo>XpC|J-231$hH-
z5*l)G?BN-Uihk9?<dk_kerL<D4^iT+t->@z39iveoVZ7b*9Jk@`t7?|M0Z*Mg{Yiw
zd|cb3MC8iTdB%ea-q@6)$~@x!Xm*+pc8^_2e3G&ugLAdQw<7cy;q*xDueU&k$z?%y
zDElr24?r8bIt9JCiZy2pW|ti+GA4T|=kn~Q*Ii{u8!e9GQm&|#<us|ryt#GwuJ={N
zGNU&pPVxf<wpS%~lEX~v%&53lB^_Hhtni=}F>;}HO7U=}Q<FS#^dMPyydA~Zal@hN
z;LJXbS>Gn+fdnAHIP#r;?@AKGS&J1`zciiO^f09dkOUDQsUkU<FtedIEUg$Sdtt2n
zP(<>p!lw25y<@QZq5pM$0Av~jt3eW_F8$EM9zPgf8#zFIen?$M+=DiOXePfwuE7fD
z-JZ^2ByJ9<pyEvio!tcHRY!`<9V@M3l&6v};-D{E4TFev;#~9KTy2;md|6E$chdr1
zKhRP}_SMbev$Lyt|HZJqm*>j!S#35%MGThl{g)mVxsV6(;@d8Q)Z#4`yO0B!L<X`V
zTtR8?Q-;H2znTmQ$HTpwd+(f#zbW;i1mcb94uRBa#Pi{;fpJXvFQ}&bD#0h&>jq<>
zf%P~f{QF#|qR)<6#XSX(NP%xGMbtOfiQ+#P)FM(eafi#j@wk6oraw?Ncse4`=+$++
zo>Id9LR&2V;v+0rjza%JczhNAswx7>EB#+m!@u}V%}O!RzoC?GwciRz(3MI4EyYgz
zj!7aXL~!K)1@&yl!+$HF=qaZBU()5jK#nELY4E?Hs3QMw1u_sK$|3)j4*dn14C~}Y
z{}&QO@>hYxuTqKsCFS^0w-Wws#H7fD^8Yqs`t0Ga$;AJU$$maPdf)cZFBfn8yDRAo
zK%@CCqjII8|BreSTbzur)v|BMi#N$<LBPE&AQJZMJBX}oGH9ruA$?Gn5%(NAnWeaR
zvRh>@2=b4*Z>yLf{K}jSovIv-Om_!>;Uqd~FjtzQK`^h*@%{DqkJ3^F1hz8>wbblu
zLEO$OB9n@Vyhl@@8m0xg=aqzX=ex6a8|llb%B$oJ^NRlTJ6h-Udj!ea(PG}ikggiw
zi2x;|_95jY@BY_b4*yO{GRf=?`Ni`$uHRRp<2qTg8CqM-Htb<KEh+I>oqA~_;V(vK
zN=H;cLGaa_Mw;JS%Aws9q}6VZmOL&Wj<>LjfQX&-H5>ieVq&*eob?x~cg>De^*gHK
zhN#1K$=GXd6z$@*!Bplq^)6nYF&lBh>W;`z2JQ%HD>W~Zk8ei7dmwjr!5VHM6Kml3
zG5O>TWwz~^*5^k*bnVQ{=7Pw6bcs~56O!Vtmq1?bPIY4{IaOUziE_OIZ%*i*w!tb(
z21cF9-AQWb<y<c92U?T#v9v<8;8Q1_<@^<?;T$ch<>O)MTM!aH89FTY$f}HcSja9S
zk%{C`h`C{E82L(DCK^xu(Q8*E>FQX>-u?FUV&_(+#%K|vG&;~8x`PgoP9sq&ZE<*m
z4bQ~Vm{W{;-rMJUWyLnVv;Dve5gY5|0oah&E$o~OOXb#BZHAYY<CGj$Ufdk{uw|1u
zU@>wqk!5Y26NCgYi6fPYA<OV`@#gu_8GrsE8n<!DkVdn=>vL-O+Wh2R^7;rl@;Ewh
z{_x88Z?FzmS3G!~Mk1$TC~N0{4qQaKoA*%5lJxPtbpT0Zt%wNz(%^OpFJ=UXmU`h~
z%cbmTR+ZEKD+)(_n%Xf_0x5h_ub-YeK|JZ**P}?yBctHQj2KhO=t}!k9RE_$?v+7Q
zjXs_03suTjBT8GEjfnv@Vdw`-sQDV22ZuLR3QP=iMsg@;#cYcui{}I7+{BW8CR6l$
zwc&W+3{uv%*lR<}GVXDakre8VYQ|U~Or#Xb&Mg_l0L{Spnqoi>w~s?BJ)pyZ5MLi0
z_#zj)jFOO-Ge{UKgZ-;j$>V{;!z}=5SO2_oH{NpDeFqIwxOVd)p1#)MhJ@H0IZ4-$
zQ1)=}VVL$TTrDF{3_}lpcnsr#kDG+?rL97!B5LbmzSQ@F6ucP(DVZze>@rm#|F@Vb
zr=MxniqOd;7bO|Uu2SmIXoU!9RMgN|4{Y0^$K!cLPPvSzloZ(6(kb}UYWHR@YU!Dy
zizsPKG)K5sYUrMx`6vm%8HX9wCRVY}7KH}pL7jTbY=Dk59R7#_(%I6;JP}>|H%B>7
zNw|#T_aTgqRtZYj#oKKaRzfZ|_=Z^tpfQQ>ZiR8n&i{0@r<#?G?5?S6l7FWy34z$c
z5HZoF%=i(#=!h?gjbv&Y+356CYIl0vd;h$@ugGm&NgLIMQq!vQ3AM+O$^5)W_o4vy
z>&YPrswiU^9;Y23Hpq%|XZt7$C*h}bWDB$){Ph3{1Q)4U_k^Kc1BEp(z^W~c7t@=L
z`B-h-b2R=;>(_Gk#IQffwtnVZbJ<4ITOA0B;O^<?PQRaPlvZ6<l&l@LSYv2Yb8I9e
z1@B76Bt)l?TPafd6kTJ5r|y_}kHzi-;y=KeHc|#C{0aBR?Vf;wJF<Gw618#>X}>jP
zU4f3v?ViL~kJzixf@!8MI6MVvSqDRQxj#%e4~0e*!1Tn>bxhAQxje$+n%y?fsi1Hv
zaT<({rI`U9jn%|#Xp4AW2_$@2t{6{aur{7>PF<d>@z~s=VdpsGebuELGm<*-f~*cK
zE)~+>rbo}nsywqwyGl2eN&I-mpKgfDsalcUyzEQ2Wo7cTEe?HMUQpx0iuGh}dvK%o
zKxBNY=H{-V5N(*7pARjn{i7{(55vw8=mM+BR<Ei2;N9b#n=*ehCOl$Ei4Ru@u1)CE
zsLlxrE0LD0Z8WXyvN;qz?}z(J1USG|Gd~MZTT=UT{4I{li^=m{D*k9OHcdAq%?@wv
zaftC2h!ygYMZbhHyQU`AZ3sU1wQ#S&5HyXd+=WCoUpGE(dnTueWkw^V$1)}ApQDQX
zq_9DSddo}xntN=n%=&IvOeZ?MnM8q5Ks~!{4^?r{xD7)`y%&x=_PSp%rX7~N==s%W
zv1gR!UG7CmA-Mx5#+b8h_L=|jP7))2v2SPwhUEk`yhAgih&#sIg1L~I{YuP=khUX%
zno-8VnU&)}cx&psn6rn`W}BpF+J$?EQRS~H>v%loAGh36M%%}>9)PD>vB9&wcz%6X
zoPt#s;JjcwkIaj<MeU&S)zXi(kui$gmZgCFF*+VUnNDD+C%GeRF<S-rOJ&YyYaP%7
z`<MYt>Dgj0;=$D!1$+S8(1=sjZ0FPK;D_Z@X_0s*m9MW#qm_A*`><Q%K|eevbpVgu
zXDy@>d;Iqd2V0QSh~hgZ&1XH1LmRowj#*<vlViDrsN+77Fs(n+Y!0L<h>DeTp)VL2
z8CJw{(`)z>8m}wM^W{PbElFUX{I&5Z_vmM5uHZ4{LrS?$dlolM2Y3^NmVs88&cG2~
z<2Pu&PMuM!cJq?tp_5ye;$cyK;KJTk$13QRF~-fsT#%`nIlnqWKqM(Ds7~;@xd7c1
zh?uT0>Ra_S=8lJ|XiD~=K}BI5L1s~m^8t(0oLWK|3+5q1`U0k<&QKM6Td#&$S~{|#
zL2Mww-ST!e!`{5N&KAE^#W34y&pu{SrDyB}0fPz*D-&bX_Ou&y1RA<+;M_cNzOCkc
zuDj%-Fesa|QT<1C^EGmv*KMzQpQ!WI7A)mpVz>V)93ZDFf!No~Js7jf?V$GlV6Spf
zoGnssa>;`Wjm@eAf@D6dCGwg2K%Ly=M>E-BcZK9*J%N4bRp;wjh&pZs`}|0qr^Upg
z*p7D7`s+N+%V&3V^BxmVNUEv(dt@fklyB<E7IU>v;*>*ZYRvRU@<=sb8L;qZ3CvX{
zP}4EidKngTZ5vMaqiSz}qK+32_H0R*6(`uBJ|l5+M7QGT{_=j+U_qT%po8k6>yPrU
zua~JXaG+<$LS=B5r!C0&_{FxQ|G7`|nN&8^Q<}GuI>9!kc8&xXLE6c#9gRtVqALD<
z5~i#6BVi5gZo<NK-9o^$A(Cd(Zatws$gz$=t(87$_*umXtsco)om|@eQBEUzLdSsz
zRTgaZ9n=v*%l^VHEF`p?raY^`Ck61NK=hHj60p(A7k+YZ{_aF|hkAsRWod90iE5y*
z_VRv#tsy16d;&$z{I(st*;~Dv!r=U7hQ8mUZ1`b|q<?cp0{Z@*>bj>JaDUR3b<4q6
z;F@s!;f}Pq8pSi`VNR_!bxN`}LJi+V^WwXM9N!O{CH9Hnwl4E^on7!_v}-Se6{q=J
zU-aH;#Zr?k31iNI{JZ?Or`R)my8U9c;|?UM(fl;QmO~hYe{a5=^`rJw?v!(ELK2yS
z+GM1*l^Ospy9%qDNR>1Wm*5FflNs?BA@3mUxM!Fw&oEin3U!wDjWlg8hX>)@YUe?h
zEDGY5Gakw=KqZ!ru-rygV7!D_=ftK>)hxG_TIlp{vDSK0L1iH__e=N^9g~&8^i|@t
zPZ9l6>(4>klj~U>V)>@MQw!P}jS6jpL*HMB^GcG};9w}nLwS11#_;8j$LKf*DD3nl
z!AqmN^5CStRB#BX0E8CHZqTRfH@#+7ZY{LCgjCNwry}PMVM~q$E7wQk#QFUlDaR}x
zue^uH)rdoUpeA4jCs{`NOPcF(2^^8K=<YBH!{dH~Qi878N313P`?SV*K%3LaDdTc|
zN&NUO{rka(W-|P-$YB`W^!d!F6Fp$n!zoqrgj`elfj!OTK_5)Oerq>GHgvh!4Ofuc
z!u2c12Ex^paVq?gq}352%cC`H;nwf{dRH<_eh*z9i_cR8#M|8!I_Bq<ZQqj3Ec^|!
zsupKJjm+6W&K*YIW)}ZtfUn2f6b_pdTNWp-6p0EhDG6uSK~$8ispaT{ORL)|NMzp{
zTaRpIB^#DD_<CI&;h03{$Jvrvm0L<s7511<;0kr}2fO$ClSQQmPk75zhqU;upw`#4
z(x9;T2cc2JzDM_Iln_!i0O3rf-T;j|q>DRMVEa;-%j3dYq0>FQ%)sNON`0yc>Z$hr
zqac5MCH$c~X?~;L$DK~B@GA#XjHa}<+&{J(#7*=kqTT+KR~P>K*wgHxRnFj=i3`so
zUxf)ZO<VHKGGIRAiRVcgeN=BoVVd}l&R`O?TU*L4PF>22I@FINnY~niXZ3j22yj-v
z-Nb2^osP#pg*Kgqy>qxv&q}15kD{H_j{7N7RRk1#%_DABn69{nl}HmNk|?b(Q@;$P
zNs+j)PKsA0%CwnsmfA-dDYUiQPwg9(l<ApBBhIYF$&Qz~dEdo`tW~@c2{0GT3O}}h
z@2`I4QGKTK@^&R&M1o=pm93gM_PMV@AM(=0>VCFSQ&$!k?!#ztt@tGdT-h#oqcYg<
z0EyI(RsWw_0H0OoS?iBpKh~U8!bBR&FeIs3+pFlcx&3%`(j_#;fI44HAiOj0a0Zfe
z`TL8(p3}e`Sad6LnakI!Gu=%s4{e&hpsTng>C?L2Q*j11q1^xoO^@8mNhI%2r|Rd<
zI8%;SpCKikxe%YHG9v9YfiX)d$K<*}E5;z6)-V2Oxx&-xcjypw6((21e6K=6dU0#z
zxvu3JgJDhHzGHWiu1@wgxsaO&ey(XQcNzGFS|q6)7&aRRy7q4*z!>CPb1ijU2bn8j
z<gK@qYaO|Bn5Ps#4&JZdC!w6zHZaLx0H>+OA#8-{e0bPx)cH8`Q0IP~g}q3&QkMxk
z+ilH4AJV}Z$A0Z7x-1tRGH^(!%5(o_ta=}anZ8oq3d(S5^!{Fiu5<#;Kg&}6&^{n-
zZ1+aX<E3Br&wJc_x_)OwYB4Z^^GJ2V)7`d5_EWmmZ8^u5rKgf$<$S+>x*@9E?{Bkw
zcpMl5Kplkf9{Ju}G+TNnf7iM8lYF6Wq@l}KI7`q(o}>`hVjcI1dYoHe4aT1$l{$dQ
zm7k7Ty5i5|8cN}FW><0DwE~!G?Ae&?XJ_7r#lyi|vi%HV;1jsGfV!iw%;<aX>f#?j
zGKfXk2w$Mok*-LpttwEy=P?k7>&jAIUE9xb_W`b9b$E$ZLlk!3v4A8aCC<z@?KHf&
z*r8_9?eTx!3|_c+n<aod%b>g7j_7N-UvO`ENOU;fh!+*F;Uag;V({!mOJ-(_-Pf(w
z*bTX2P4qB?zYvGB{VpT#hJDp@?@7gLF1fVIC;DlT*!UR(h$A{i@epG^wD`UDH6fj(
zGmh8g;u9uxeWtJ4|H%jZ`AtOm+=m^<!ZkS+RurFp-HPw~6r^pkTC6ne0aV@XD{cj=
zD1@@@r6IY=v5zOUMmwA!ET`SUK_ZIkxHDu?jTV>d4u+?Uy*#Z4aeA{2x0(Smq^7rt
zv4H~-V^;mbKs|Izl>J+mpTXUPG)B${1gvUViHLqTvjrktSaNV(3tCn$@;upnPQwcg
z`eV}Hy@ENWLKom@kNnPT`4r~SZAn6m3F2HgxWPo0%(MiE3}z|(K3H2ZKlLLaPx(Gq
zbzY9LP_ipTh!oC5=uh(41g=nF##lFRmGM?SzC<tC92s!}eaAtn(~O(QeRfoayvI8%
z1x;=SO%+MoRF<o4u^Icp;<j}#(Ik6TH63g1>8hT_>wAc}px{Z#%KDj6JK-=Hu7dDW
zp$8Z+P;N4pAqgN0E8rurrPf3k{LZdV2}Q{83#-|t*zBYK&&8rMyeH2(twx<C!w@c6
z{U8nEk(curcR#Ey3iEWt>oCms?ufXMrwWJ+!H+U$UBn{pskx^j1O*O1(MziW!EyNr
zP;TB=t;KhNdl6`Z+F6#i&!rbzjv1cQUG(1@a<fAR@=AnWG$SKin|8R~F5_v4-^nyy
z525U$MQ9F%J*yj$=ln~{e2V5Mnh$or(OX|_b1$5-Ort-?IQ#2A0gj`5mY3>;<-hy2
zCM*6w0GU8$znAyroRKk|zv691L@&Z3ybpiabk}u)8x5kl5W%EK9J3>&9fLSFYkiO*
z*cj?{;wNK~2t;}CT7-c1xwC&=_3Q0LP`sTxCS|g<EQ6U#B1s$~!j-)z9f=R}$}{KD
zGe}G<w$mMP)HmbQ_8o6YUEOnaXji3eg2k7vXa<$paqO>6#LuR-=sKyih+>guef>K+
z11k=__GsI-e%ni*kC+n&FRZ=q<Ih7fSe&_;kYIn}1_u(_?|S}`F^2oZL4U#Hw{UZI
z7>PGs#dX&Qb^1~rY@=c^A3isSjWsFUH0Kcpdx;5H*6d&YEAt_ONR7;#POr`9!3%!Q
zzrr(cIKywfgqLnk|K2Z8R)U}7X6DW-AoE~b(zdM#N1ZlzI?;G(bEeIyUR$%WrZg5J
zw09TzjI3$H!F8*BhvYv)n`p`MKH&aq7vOOI-+AHham46$vvc!y-dQMhbyx5cHe_C8
zwMpNOV5AA=TEC^g-QNRkTTFEw+V?=t?;J~4o7#Ae(!89CRqh9Rsl--K*O>I$TGr0j
z$#}JW2M1wea+He1d(kT(khJlSvV6m6bYG4j^4>6FBcOP%#?2sRTd7XFRO_dPRkXCn
z*Zm278*jPpVEadF`Yhjfw0S+tk*MJ-0;iCGICVSwMv~Akm84-e@#yW2WY1p6=U;9m
zPrEURHpi+tY)dG=_RHFow~zdyJbqxY`;ji`DovP+t8E%HEm32|_6_7T)KgcN&AyUy
z_O|yRb?_Lb{q+x|yY3b3RSnhResbL6A!faxAkrmuz^>v}8cyJ+zpl2Cwt@<q1NtG4
zzr&l+?#TWD1k`0v-yn|OzR4tuAefxoNB%<a)_mCxzv3i5<&(K+9!qC#$M52aga-u^
zQ8<%r+X~4Rx1{Du2_UG*<-ob(+Y;QLLH3Kt7v_5o(;CWcQ5=YSO}>fALHjXhe8vZv
zW{h4ggcmKK&>V(u<iS3RhAY<B=HPzpo2eWz_GiQ>EBU#bn74Gd2rpXEvN~<yi^o2o
z+AE0Q-f{TWHPDvd$xnO0Rqx);{_2WuO{mrAgg!8t0md)cDZXz9Dz$pLiac<w5~PuQ
z>0MmpzK(*8bNOn0HZ>(#EGrKsK4BPBZojfq%Tkvw4&yQpW^v-%T|}8A_H1phrNZKg
zLvSC44oRX<d@KRY2dETBKXG$9X3>>Y(@<gR8q+aPJN$sB7oL_PjMc?dIUZ!G{To5B
zMEjj|dWyqqKlUdr?T5LN+>RJ}BqfrTmMGdC5uVK@5<VdU&9Sfi@grV6h;q(BU%7_W
z*@v9&Bklt=Ybe>VjV*bSc|v~3lw@rpYea8CJ;e{}L>jesz|PB+uzer0CZigO|B&E@
zd<t5sDNFB7vh@7KzcWTWgCZC(VKCYMc$~~0sRYMH5#b~EDqR)MyT4)XHn}y)(x};+
z$^HOQd&i4FCebt<`%C4AnkeGruQq2F2g-^O&r(%Rkid!0(Fs<lPE!OFfuj(Rhas*#
z7;w>evdU+Olk(@hS3iKk;qi=1{*X_e{|8HqawF`JU-sf{>v*UJ<S5l0w#%g_y?g8?
zcg1{Od1MD+@=$THnlLrUP1vrH@{Gl-n^(r_I0?a%bdJq^Q;7<&r@G*<T7K}s>J&&o
zv==vyT*Loff12$ccDS|fXGeiM#;DjIoR3o!!GRm_Gf(F~;y}AKqJzptv3(p_<QKiw
zC7E#(*Ro*iLOyzO3*Tu^9Xl7SK_j_#T9WuVIUTNjIkJv}pT*Cu?Z9IG?_c}z*3v@A
zqrlo~hj;(6Tr@TgHy0xpPMyzJ8>jQG_++`YR#VsN$(Y-Q5#r^>gfSs}B98FyZ(GZJ
zZ!69&cEtAdph=!6jv*<eM3-Zjv6|H%&Z2EfU#_|~K!oMjd3Cu1?waYuC7j^sNX7{c
z&By%cMU$)p=skHV!xyY({fhta_!f5&(&UMzJ3w{2<Zl|<pOhp=nk6?@PxlqP_DB&C
za+RyBhk}}Dx-Ex#Ck$?hOqvwThs!_at+li9@v!0{K3RU^pQmX-oFmd1=eC=9Uv6O8
zXSw9{awBKvSL|8hCQ2U>!h^y^NQ@!eMI6ulVi_9!FTQxm%&wIFGUz6(MbmlbUmHZr
z*edHtOo}Zwz0J{w=GK><VXIiO<8A)?dMU$(T*$?JPr!l4A(nmv<0K+;3v-@&lwDz+
zQis)lFys1Foxa4a24{3W{Yg)Fnap{wvS+0yZW0JmQEmM`2<7M_{n5Qv3Hs=l7De;?
zEqo(m$_(ioQ?E&riA{^9E@K_j|0z+)E{&LS>_qcCgxHYH;!9~d&f4i})*$A1zZ9;x
zdJfaSd5bsJ%J-wT9Fto(Bd$o1)wT2_1TG2JaQ7#u?_?s19;InoPlCh6f6Hi3bgy2V
z(|;GUo_Unw2rDhwd9<ZXWWbmtdR1>>VEAm_c;pe=+H|+(l2Z{RLgSC3Q70Un#v5+9
z;qTtw-Z(jRD#(u{)6mes1{17rIWhssk!PyUiooxez!)DR1HDfEJJ8tFii2ou`bfC7
z<{qW<h#<<hp5~f5dC-b~$)Gd_N93_Nqm<g}S`0ywHXyPesj;EN_3)Ed+4zfQDgtjO
zF;|I0bEDZFdp8O7PY&*^PeX3+gSUrhOGIOkxub;ore<7v4HL6h9O>zi_*m*O?b%Is
zojhz!Z3K<Kk@3kscuK^em%lHOk$z&L2&DhOaPbS#OdU<so1JkN&0OE)7!sme*|0T-
z+8Pm7iVu+8=!Pz40GE#t->*ZbTyjM@IW}W2QE<EWi?exfB4NH-j-n_+{as~$EA6e4
zcA_JY0fUn1Em40K(Kr?79-ySIjyh4H)k@x`^a0_v@&4$qL8-5;xq;f!Vyc_vA*R()
z>nxF#qdE7A^BEMN>70Cs=;cd&ejdezg;cfq5fC?u8?GHdfZmyaP;crBiYb!grE+~s
zhos(!AB>-~KPjmZM8}2WB6HYU+K4%B3|C$lMd`LIN-8C)PtLDxb-?HuN=l-y2ulHy
z3L*kOH_=8M%B5@D-nR#l?oG5;=dx{wM6vD5;Op6S40-4&E|4hI7(Wl(+zq(e7qD3(
zJL{!>ryk<B6w;ftUZMdD_La31Ouy7vVr0&$_w1824aE|LS4X?v0k7DB1iAUidWj?=
zHVlVK5w08BXz`CEx^ySI>+7kJh&_*#aSR%o#()qH42~|6zbu1Y`&#G-9!<ZnRy^AC
z*>ym|{mt#TCXS|;e=Gz0`Ab>~KZ*VeCcdZt_w(-HkGu4@p<XmZCJ`bdMEe$g#Ir<v
z;#%5tv>LQECTUB=?4=iR(<j&mXNOjbcV<x_W2n>qbfNT!^~1;04{z^a5_$)8wk6Sk
zRgK<6#)T3Q=qS;(QlCD+wq{*B8YTURC!rC(;+y0r&oVy}lYD7v3J_M2_<J~Fw3umb
z)zcyVUj1b3;caW!ClQ`SrQ)>iCK{-?L8OL;Ghl!=kN))R6G4cd%a05FVn)OwfeMZO
z^p;c`@v&m2ZEFz?)~@a`xyMi8oIz1|bW~HElS65<9XhXbx%sxC^l-D#)a-_TXb7><
zk`qs>uS4o<(CUjI$XilK*w&8`JEIRVk`JalYY)ZcWz=?r(?im5OuMirJ`!|LDdSBZ
z5YahaVXlqWBEE(Fw8&+t<1h`Z<gjb0*vH&eZ4A6(GJT`G@vw8o&C3V>U`L8JZKkN+
zM3ZP{M@<@T^TP~qbHvZRko6m6zGbeA5lKXaCy^E(LZq<Qb=^bU<Q{TZQr@F{7k+QM
z>gBtonT4I554$6F4^und*w`ph&TH0KV`If((Cc7$NB23ljndLmUMqx`<wmB8B5<}6
zcs9<7JEM<ykemfDEapb)iZVG+C7ImiS)kjug1N<xltzr>%}e6W0s^OLh?0Y<ENcOG
zJ(R_`yT^$Wbbts{Ap`{aaH{ixo~99~YR_N-ma^^aoA(5x7EI;6rzbEZ%JX|6`V1b|
zuhsS9;$ra^l%OM@qemHQ$IHsfj`~CF*XpxsR}oMIeq#h0%lEMQg+bgs!;_jO>6~RK
z=ihS+e^SEM&zmX7VBErob8GSq+;!*M;*--;1g{6U^^a2-aTF`;&udIwtq2@Wz+|c+
zJ9{IS{NZB~d>xdqbvT~W_UUMv@6*<ps#p<F1kNl1ZekW3`>!(AKPC>vHkTC1-6d*s
z75V-1=h4YKk|B?kvFy(x$972KS7#TTlp*2ggH<*BC;^YCL7e-S%?z`*M_eCO`Gp85
zf$J9nt(s8;&O`#*I}9Df!B#0<PW|j@DHiO-e@N0FsiFw{q6GAI_BgnSPv9@ws%lIL
zTxty{0>2~y2@jvKP@LMsVn`nnd2;!twD$yVmMF#|A0}SW&z9&>i+}sw6?rYum+vlQ
z-R=@<f+TEz$Q1rOKJs@r%%cuSq7(~qviNF=6H_H~d!VCTm(%o7&pvFYrMZ^swXgHy
zoC0yA_akZCBu0-PNbkckXdZUSiG8S9&DRTBaElb@`9TpUw`NbQ1$CApaN-2o>m>>7
zTK+TLz&RK8Cq6=gbx!>1U-e8SaQ&+IRpVzJfyQh$udTzY#e<}i6}Ti<P~PqxtlSaF
zur7hCo1Z+W59}*pXMrn2C-k&E6c39^>OS!o+K?zIOqtAEA&Ik-BmyteOI}ZXf<*+&
z4eR%FKq3HxW6YRym+;{;6}EgoT5c+=k@Px8Ue_`tTEgMapd#bixO5|%vx+1+$05a<
zz>x925^*WXOzX=e8g(xV7P&L>hBTXI@q}YzCBK<L@`-qQmyx|@6MG|i5<lW62wY~#
zwUk%D+AJqV$SY(#8?xE7)`VZX7fHXgz$FoY*4j*FEi=$-a2yemaQ39NGV<D^omo|s
zNR(sR@aUf>FxKy8-IfNd@<QvRejz{2v@Q{XZ8bZYwbVe$h@KL`djiprhb)($v}xMT
z(sgZkgoV*F;gBfPBP(mIqN;d5i`N?&KBYIljuIVt<T<~@XA!EJD|hqFQoX#}G=X4;
zQufHJn=0fTngi0Dv9HNw@j`ndhV>*$30%L#jHosg0Y#vjKua!rH*e&#6%tA>0@tr@
zrP9LNML^t_t&_Y^l6<tgqbIgu^&7~Dp~ILqNl)>@54rR2i*ZZ~$4Lu0uieGI##ZVj
zQR9V@qTo#Vb&EXoR(vyyZ`PIKEXh*41<(#7;eAE0l($gZHJS+iiBhD&(F5<ncktlg
zJmxk&N6wM&Y&<dak{z~~f}N{)|05rIP3raQt|dtaVX0ifNB?u+icm@E@lyn@M$rtf
z5@EM2jvhZ(;4)>fWPUl;@KhpxvcP4MG$Skd-#hj=#Rtn922QuYCC-<%8<{twk%-~L
z2|b>`B?4|sT?tuPj`W|HfOq#IJ<-K;iq4ZX7nUZiA9lo_BMErhcd>Cr4m(T<lGCj3
zkH4kk6m{cNSM#d~ucvwtsy;>FH%mZrXSFocQc_fH%hs)v%*>Syl50upu-sJ4a;&(p
ziWd23mEZ0j{sEGr#T7@%h1FDBLVl%|ja-Vnw#851V$1Ms`z*;#X)I%ZX&a8-k|?!S
zau`*XVydySZ}%R_-X1}yi<yS1YHCc)l48?{QR)bimo7WE)lg9>Ijkh*LwmcttXPy$
zdhOk9L9zI`=rA6t8k5AA9cIZ_lwV1s<b~*vcqVrrZ+!h6F|^3*bINs+H>#YvMkk!)
z#mhcEE}a?(c|8tZgPD4n<OY?&nx!9gjm_BUYN@L4G=#bZNRBXfXL-@IZA8cZpOZxN
zrQXRipIt5QjuW4<Js<GQ`#H>f&y{|U4#%m&YU@L7gDb9nK6trHzNPvadG}$BjVpNI
z7bbbfB#)3$n73%hWIj5XOSASOsCY^L<!)G4+lGs=O5Ppkfp3^3gQNjdb+x?rPm+|{
zUUuSyZ+Hlv_AN9B*Tx13-ITd%Y`4QbI2`-BV#$LhHM{uXDet}XI^uz44LFBUH>Pmo
z-9zOCD~A;MMPDs#x107-xV!B818pWM<n>Cm_1YX7WDX^NRah{d!mOjAgt98ht)^vZ
zHAp@%7hl39x0e0SvNKySi_lkFUMk~jVc)JSbY^+QQ>(lQ!Bj?BZWdKCWX=D~Bl!Q>
zI}11|tMC86XLe_Ew!1r6y1S)8Fp*FcTd+~=)~_9?7>Edhl#<fj-LdS#vfbT1^FPll
z3%juTb$>q<fBv8Qf}NQsZhY>2?)^OHoO@1~j2A6Bqqq){0M^;LCE_Yo3B6;5Yk)6~
z=H=o`O#FaVlu6vlLh?)MDrWB$f~)u{6K(00Bm}*xAeodLS@5fctV{55y@QkZ2&<qd
zEkk@5S(1`)fjA#){A|pz5J^mGo(x=5vcl0*o*TVJx}rjSja6eUeV8Nh1l<DcG0)GJ
zK1?Ss*NV8<3w6(iqeL?he_%?gttg^IoQPhNpMz{-Xyi~zNPbR^_@GLsH2oqM<GeAt
zh&vB!c@C2DD6Os$2c{O-NWEP=T*Tj44b{@7<Xm~qO>NR+=jbR>qcZZ+(<zfSC0&dq
z&Q(W%xMgy-X;_$Clawi#m7C%b=)_-|gNGk(I+;t7bHz_ywUlLzt%8xa9?PmiQZqGJ
znn^t*dPTWR8#-${96fx+r(6|<nOV}G#bl($5traft-ZZCS<WUgyV4Y1NFD<85_i?v
z*$vl_UQC`Wu6lK)<fN6NH55@@Ex!3A+<=+be%X7=JRzGq%ndSTv+`uzmP)@%cp~xR
z<)%CvS~;FyD?axm?x*5|&ESM*koa5^tWAiEgs-qj{G!$9aFL935^gCav08#Vh!a{n
zojkjxl$F$C<}LNOPdw?lSx}RZPjOxbx%oC+jJ2b@ph`BH=qS%kBsosnZfdVyF!IM;
zDX6-Tth8ck1p|9$2gIN8bx%gwb@UIY#&yR*t$>QaUxt9OIGR%{zhcTg-*H@2K8iPT
zL+Cv`-g|(=DwG9e)3@Ar`{xqiMMJf*HMhO}4pZ(MPKUw+?E3BzMt%@$s+%F=Azqvs
zj-L_`P}wb5QGjvxtK2drk+x4xrbGEIj(j(hU(ajVu;~q2P2b4(gU_)3qp$f^g4-q#
zgkRX5d~x;_2Bt6Lga4c*@ziGV4Rew`7q!^B`Y`&-bG$vs2LA?<5o2XGWoKtGb@+$u
z%ogXOhThyX?J=gm))tRrE157&%kY*jvS>?xx;^$3k3TiQ6nI)8A*BAui_dGhVN@+?
zsS?Cy+cA9g^Z0m~!sv_)eP;*Hj_XZde^V3x_@9VYw3G$4>ePPr?T=^f%QXy-n$Gv@
z#xVGmr+H+o6?sc$^4LRj1#`*Pa62!qdY(xmTN5lQq3AVV^U%a^O#PvRC@}=z$<znh
z)6L7k!tc}R8~g$PnLmkV*T2YMmb3ixFL-B#G(eF_8QSyo+MjqZ{21#ON}%U;doeHB
z$(B@i!EZgSe!i3CyUtKO;8pIQ_8Jd$xVl*qSI;2CRpQ@W@k}p{K(n_<*%I$kNQnsc
zE+ruz8LRo`@lTk&@)${CwdWl^oM|iPFgeIbk@WL(pDyF4Jrdu?QPeK|pJn6XiG(y<
zx9hX|!=JgF+q;RCpTEzxvs$*ddx^HU-HLU78(L?7%=^D=X5kJkR`xE8`6`w-hB^{b
zxl=ro&*0t9HWDLBHgoe%JhOfw_lpPmU*@H7^7u|{4a@j?U0uJA`TR65+#E$m&nuNu
zNKfjLySeSXBOFgG#ppALK@;!g-TSTC@$yF;I;>^mj&}*T`Bm=f?LlzNN8IyuTwMl+
zcHBARW2Ou<CwKQjX3kHhyZ<NrXWnF9-8l)@olDvH<8oFfYFV)+oOaXKvGi^qyzJ|k
zerfDRR(<;dcYk#yzlooH#3K{?(bc)Wj?xz-v+<i*Y+HVk16f)Y{5qJyQ{QD?kM&F&
z{sEhl@+G`c5Z%X3;fZ&jWVAyz$v=%_)O)9iNt3WRzQY-P?>)S9n}Mybe#GIUT6Wy}
zE<t18<;h3xV@j`jUzjpRjC=X%;pdpW{+M{8mr$H-2QvP><-FlPj~8$LkhNmpm}BTf
z-|-Le`gg<V5VwFwo;IhQ`^RiOnk4p*TKv1-$oO}b@K)ahR(<>_yEbMKy-3UK72_Fk
z>m5ukevTpU#E64i8Ht8)Zg_M$k3ZUt;Ka2|d0WT(A5}B+b2IEp7m=8<pH&C6IQWJ$
z=F4dQ(_aW#;U<21Wd<|m>>^HHY8>49GHu;Y+-oP^=)cS*BVoO~P@ZRB{{4J@cshNh
z9VT^f!CuxaI?Jxa5T1Fb7lBFNGks7poo7fWts6Zl-@1dnEBE3s#g~~+>v-Yo9uzNL
z$flpxvNlP}@@1~H9(^;$(ojy#oxm5z6WANA#jo=S#!1liccgBbj9>V8@;VAT-NMaJ
z-@zdF`hL8ApH)@j4Ep*Nua>ML@b5?9(5j>S{6i|;=Ed=2R|7f;>+{hMM!Yof9N$>R
z;ji6!EcQI@1PY7Hjr{m)B8L{wrBI*6l8vMIHufR92|2m2a0LdZJfe%7MdBcy)lV<s
z<@<F^`tCh$=oX59ffGI!P89C;<ni~05aOJ~ulIaQvd<knyKW&pb%!~zZ4r0Ayqn{<
zRiL?$ic9B57&~bYb80V;y=xAm9(#v=8>ceL!Sj;HK0|`p%H%orJDi{2%Cg?h=+De%
zQS1>upRePskZd$3W)nYQ9UluBY!_rN({9sAld*%6N;~YPUL^MIax{lN;GT^~ICw^E
zVf@AMa?`gpc{F#|26ktsav?C7&Z2hU>=NScImkDU`q3&llhccSV9k<z`p&<=62Uxu
z`E=gie*iD1d^#tsXUSLR=`=TvIdaY_dnGgG*P3j>GzF(69%T%vQ{ve^O^9cJlgJPr
zARuxqcfT*xtUM3R;Thb#_ayx-<a=rk_8$Eh`1&h6e`Y3QroV~D>tFK0*ggDupp4BM
zcX4Bf-dDo%NNY4HYgqQx`w}Wi)Q6W^XRIB`qpy2O{7LIN34rOiNN+T|`R0*WTt>XX
zoDU=dL0J;1(Fb|&g?aROrG~|`tO*+aIcw*1#5pd3b6a)`DbwKJBx-;3pbIT}4dtdM
zA!dma(?1_gNZBU7d~QBTwu2ck^&4LQD1pL*-!XF0GR}1HVb51*$g>*HN3mZJUX?Ea
z57zO@_iH&jzJ!vLwG<FWl+y3-<qCf9bMyM`9BZp5)YHFiyi{gVeqkA}y&KNBPv79P
zR^HU?IYfF<0i_;2xbxlVY<kU-k&g_bSC1%sL=<UWHJqML)k(NChi5W9Hi_NGb+pJk
zK}AL)InsywrrY8ZpvT<f4w3jo;g}K3{nKwCSmIW?>Fd##@JSIv8S`3KVkNM=l1%x<
zNPfps=sM8%5^xGx^k?WJ4{=PBMi2Kk+&(!H+w53gAC$(>MVom>)SZs`huN_^o!v9$
z5_VfD@4VHD`+oR@?qTkfZ{JI{NQ<g``!VtD>1>cTjeB+|-8+jNmqY!|hH4>ONi3I_
zm!#g)nf|Qe0be8|B2hKeuH(HS|H1sOdCVFZhHuI*tUYmzx4-u0mjUujpO)wSp-*`B
z(RQ>h+rf@KNBKxd%KiO@G3wcA?3b`kw{+^ljkk8jUoX-&!&**`uQo}zG|@lvZFHg7
z%Ej<x(4{6TSX`J(Mw>giaq0p-vN}t`zF!zNa~_jAc(Llm7>Tj?C|}0TCb%M#qJ(X{
z{Pq%hJt`3n5`Q7rT3)86&f<*-Tazu~W$zOrNplh}_%0XHNhmA9Z2Ky_q&?^JG(zkO
zgp}2gi!ZIE{JM7sFM5riKw3=)+zUdv_t92(Wv$`yu`@^>{1Hz*+JU(hyV$w=5brHm
z!2|uq;CH17|Cn!9R#umv`F~8M)QYGG{F@NSG!Lb~cL)=P1ra81%UTIL;$$OXF^Y1?
zEj+{aLz`Lo*j@=hBj?2X_=SrR^qSBWm)1p;$86@?$Aj>kHG%dMZ^5SOFeS@2uy%bc
zFJ<&+$d?Z>tb4eGi?PDeAnG(nQGwaJ;~yyML<yi9uj@%r$IkTY8ANDh8QQ#Hd>-Gz
znIU=#JR=E-YEAnnF=!VRkfW|Uy`SAgZmOt(LL|1dVi;8};a&1eIPGu?lZHmnF4#`W
zXveYW<793<$*D+LB!X^ZV6PUmYbjx0F3+gf_Mp+RB|fb}7}O((5POmT*R~{ZBN8;Y
z@`{@D+S}@mlu4MIgL8QF=A|YZt}2~BQN3>9!2uq)XYWKCd^3Z4h0`WfRD<QQ66VL5
zQvWc<50$b6bDtYJ;s06^*-j-Ka<n7QcLWoM2N5pk%q4`6lTDsXgd$b24ZtBhlo5Rc
ziI8)a${Jf3&%q6=_-V;Ok|aEg#M2>KVi{((w-y^R38UiJiq7rB#Hd%o7&%qbzGWzp
zE_s|je}Vi`3FC8hn_N23?bbo`7K7x=KB<k~g!!IkrKpO8#+mNWhy+ZNae?TR4V?aZ
zGv=!uu@zNJX+edA;pxl8_gZ17IKkd|613dOhdal2VQ8QqMyc~vTFk3!K;hB(EM2vc
z<%e>yboL|c_Sbp-23H(S`ZIA=VQnjF7*|mRyWkfbf?xU`EPZ;?qP2{XPBLD!ItnTx
z@Lwv6Wkx&~Q@6A2Xa+SW7m1px3WJc~V<-F3eV8vr(%wMt4h)pgHX+s$bkEQl|5c*k
zu9k(qzGgZz33X#3YVjScdRJT(ym==>hYh4<xu~GcEwOWRm2f?lc=-6^?<pZ@N`<^h
zVD6cptmA^<Wt2WSWTln9mS;sDgmYv|hW8FMJ#Q9DABy_S*1-*j3NHzpC9yB-%f0le
zt;r(e_!_=!kl$e|4MAb;ge;0`^z!vOY(@2FV<#$0H(&hS^i*Fw%c0a2Y<l@Db~X}r
zt15?#ba^oe>d7DpPh^!ZFDh^PV*Bo$3>-O_*3xcsX|IKw5`xGAFTX(iJe;l=@=G6+
zxrZ$&18Fy+9o@SG6QDecm8s;$rg6mj7H;j|QpTL93Vm7=e=(l}YYuVj1}m!kM$w~N
z8#>A+72o0v5|cCVI#p~kC(w%-fQ{Y~H&ILa`FKdY(`<?^Zs)rfmU6DDmWrZ8Vl^FU
z+1rZjpt>=rG~4LekG37V(xYQA!L`+B3quH5R48M!jM$XT9N51Cc1iGdvHhwNRsGQu
z{pIDygA(^{ga`MeZ)d@&o=eu_sFg7lc!J>UcoI^CJV#5os!`r-iccj^g2Y>k+CSUV
zQ;?UJDN`~RHLa)x9b}AZqz?o9aIdyP8+ao<y0)Q{wAZgBljM|CypJpGm0{*On0x-y
zo@#qfL{s^XNE*>_T%q~@h$^X-P!afdAy94UjL|6oe_36xOk>i<YO$fRk+<(i2{b&Y
z9kRZg&JQxm0@yi-K(7ki-*zQd6i;VAd5c|DVTiDVVzI-rb##$8V%bSlqUA<ewM=6A
zMzD#_u}tiWZ2WL=5qlExQYvmWv9)u?F*S+&8fz-`vMAWuVrL>rvOCVj6+eyGJXDD7
zg=iQ|sYYy4WcDg?jFiR29NDmh&Q9X}iIYxUwzwcL6B`y$W%;>^-OBHfEmK}XG;N)I
zBw)1sl6ZwO`=d9LIFofH{r+FE4biztJi&pTaFxZ%%qfa?o!Uwu-F)%TZiPnb7vQE7
zyB*0!Y&$BoGQ&IhBViIv$;#Os$HHi86O%|Zb0)<xfB@+aWi4)$EF>tmNI!yIFTGh8
z9%tL4_3SuZie1;i46+qlqyk&g_Zra(NHt;~Vr3>I&qm@;+KO~T2_P-OvaM{zK1p#X
zDO%O5lTqx^eEd5wVE9!wTq2dRk@xz%`WqB4vt>fCJR)fk=tEGXo5==7C@Qy@h10^_
z7w@SWS|^J=UgkEIzp|Mc=dRrLVi*pM23mcFS3WIVLJ4nQDTJUHos0u_KiT!AsH%T2
z+4|umHfe6kZj1_PueBa0qbwj5<&+E7J{`hnAu&JeHfv}ZGA5kv!O0ZF*kEv!MNbiZ
zR*Sqs4Eh`-=3JxUqP4@qwHFirBV@9|K+%q$MAGYkOPd~yoEX;FXkS!RC%0^7&AM3V
zG=zapM(Gnrs*YJ<TUAY^t=O<R`AWRfdg;jTHA>D&ey6rderwO0^1DIuL-MOWF7{Dk
zCneT+znz2>8)_vsXkcf0^_SS3^5Rpcq;$pIKZI~E2k!o;lGqvz#p~xV_ZJsDI`(A5
zZDMEiTe%wK;Va7$NmwvW4uX|Jwv;5t4Heat*tfvT)e13z!(1;CW3k<{78}28jUTlR
z5qOJDlvG3dNU_<px<ceknbiH!RHTw3YThNYc2F2KfG+Y(T9%)|?wlRA6=LJq;9Bto
zf~$*+amCYdsX1oinOAv)wdG=C>KaUtmlI(fyz6XIrS&6jji9~PdCu5a%Whf0;cBvF
z%G(}SPaUql8SG6+COf7DT^^7i=tm_`wvfuw;2>;UM#^|kZ#-u<td}DDvJb~g;$7OC
z2&n|Fx3s>}UTa?>y3|W28{K$af2f4(y27s({%=RXvaAq`YzdBBEbb9xH7ZL>k|47}
zSgc&c*jA6Hi!U8-eS%?LGU>@2VoH@+<VbMqvf&dM8kWMZuYJR!4O?V_2|y#H#j~vs
zw~R04t6#rmtLGFfJBHL5U{{EAL5!%2<W0&TZ}kpEyU0puLux@34%HIiH#eP($RIo{
z%w*YakSZ#ul>pGu9zjGo3sI<BHH2MRh$=(4OU8cAB#tA{R#aZOS>%c_aJj!23pdE(
zFa0X2QmY^d96jZd(R_Vj@<x44vbM&iHWy=tEZ*rOg}BO^nwChGNFzdgEO9oLa8~*w
zS^C3IjQOu2T@5oVjg=tMIpo`QX6)m4&`l?X#|IKwDXOdgLQfjz@<02o7<Ah^N<d*t
zd^-(g<ZZoaRj;pAc7TeDi4&~{Gq7JdB`3D9{ELn3-<3n?l))lt`~4!V1G>>i`Tu*D
z3E41aOK@(vrk;N{dASfMTMH{8gk2ao@eX<j(Yc(`e`Ysj6ka~?8()ODP%hGw-V?YZ
zNbHP${)MGK93oNJXXxm#x*e`rg_J6Usv?;SG0B|H2;k1QA7`+T>heQx5S{w_eWEFq
z4JRV4ExEc16)9XeCw6A({+IKsIP@mxQbp=^^|hCNYYHXsbFsY8$VL-Oy%0k)3t9}m
zml18<@T`BZYD%aSsZmD1NlXmQ;Q0K-EdB8SX=OS>hYR5{2(im7phRg?!*aCpz&S|p
zakI5#Wc4PiI6yXg$OUHRLh7w>&fX(Iw?`u}ywMei!MaGqih_MiDzyK$m}{i{<+7=u
zTs9o!B*n7ffE|<9KEe=hae^8%o63dBoEO9RKa}hwP`OT|j&1rf?5+`Xy!3Kox;G_V
zEFYVAHXCGY=PvF`><wfd+(E2k2Zq|WqleSaB<7@&?iq@A#I;*>HL`)Arl775f0MA*
zm!Y`t*q%g{n~=h`q4?GJOa1xl^!eZV=sHzPEmlR~-+_Ri*!uXC9%uRLt(3bPsXB9(
zxV%6dZKLq?EGCp)toUggy0&6Zq&$r_o+1UxrZD{iKX0(3XprnG?9-D@g(qbfpap3%
zJL^PZ7Sy{tFJBzUjMYJy)r@3ll<evf!luvN&!!!Llm&Sc?wG*wle<`JZ6HM#L)?)Z
ztRA?N2>U}~2%AXa=>zQEk|V?{lfpBJ<c=9hiy&D*>cvjtX24!{O?G$ro~<jkVV-D*
z^@Zb{*E--nq>WhSoc`x^lHMCXnT<Wm4zP0JHY^0!>`l=Wv>Aoppa?o99u%Wo>5o;?
zA09?@xo5bTV=MMVb+Va84YKsWMMPowin`+P7RoB}DL)xQT19~D%KB?(aHCd~oUV~{
z@?6Z(qq|vaQB9_gEYfD8O0n~$y}R`DDl^fRIS~@#LeR)=RPM{ds#FZ{o0KXvYT57q
zFqeK7vh6AxH#To=L8ZCuk}T6U8EwGm7)(o#y&Sl(k2ODwol=<8Q3yYFLf%DnT=Sc>
zr9l;HWfxrDE`Ir5Pii+;Tzo`YHq?MexwuQHutX!$3cs2aoI5JU_hR*xXXzrY6w1gw
zzJ+a)O~vUm@=S$@idNa4)<n`tKyZzS8`Jl(dAA?s0b=9iWr?M^)Ke!r<Gdu2f=3~F
zm-4GL<rmaImDnIpD-YSaaF8=`d)O{JGQw-!=;wKe-M?<fJWY{2OZzQ_OgNa~t=rGy
zZ}nvL6IEDH3tA4*QY0;~ls0Ltz3{JI$*IFTu(Iw$M_(U&W#=U3GOk>^Fevg9HXPo`
zy3#z7Wt>{tnTt9<nBJaWaA?zZF%R&?J>xJZh1WRU)QJ`x`5kqYv{Pbtx*HCY5wlzB
z9WE+BSA4@|_vzW~>_2aYG42?`J1G~{;~z;z=P=rOtmp8#y{uVgO@VCUkZp<>rQh4x
zD?2EEKUsVF;-Gg&yLCSm4^9*bnj1b*<{aN<Nm`~A?R!XmSq<{AP}GT~VjsAVt-H<1
zmtB+9we@d?4X(TNRU?M^D?YtsG#{)Iu4@rekEjUz3lV73%Y~wx62?uR#1d&=i{Znu
zwecp{I*3+1#jZ(=XrI1ccFD;iRU_vO0XH%6fqo42knP>`U*YZrbz-mJ2_G@7qoeHT
zNn(q*V6d@sBz)=&It_h+ts>;Nb-S6q9fIg~;BDTxe>YpFF5=_I@1^|fdHndwH_SBp
zi%W>xnej<y+>%bBN#DZiwR2f8SBII=6DN;bd3V>1v=_GvSEz)j1cC<h$XB^c8TTx2
zeJ@+XYr8T0;d_}nIuf(f33#}R-HN%Wn6B<SjT|wv!`W5*aM{$#c5e;kLKf;;BMX3;
zt+>AsX`1K(uerBjUK&x2Sm|*Sy{NK2%D*c~CU|pkli)4}XF8Dx)tw8X!-!kOBCCv-
zpShE}1y^IuXr7qYnf@I`H7Yw1OS2Ae>vNO%S;?uYh%C>sJk+ietwc5G>TF}GqbV<!
zzVvLdhI4a1W!gMT3BzMYt5Ktfbaci;w(yrqo6JO|W2TWU@fLPM0z~4W6Um5H)KOxT
z>|m&G@1-i6S&Lf$Tg=3kre2tNxiNx`t-T(5QSDh-)k=HqL_yPq@ozm$;Y+hv_~Ms*
zE-f?)AvbR`g~ehhZFS@$7VkPMwl^B=L%Y%A;m>$cd`*a}vj1Jui$QklwhZh2BG25n
zgIyy=VqFnM2N@fttfjpg3%#^gBqQc+==Ja<j9-4omv7z0JcVq@`I@N5nen6@W=fmt
z+pC;2*W>JBj<uyoZ0c(%5;9!8aN77R|5;K-j<nOG*InFl?}H5TvBOw<3u9#`-x~{d
zvh~a}435wcR{1f{-Tkd8hZZA7pceuYq!$+>Hb!x6VBHvB$Ii6vu~!^te!&-yA7<N>
z1$=v(7w$r0aA;3d=y75;zb5(3s>`qb85Q>v*YuN1fBM|8lGq=<<Wn&k?|1J@%$WC-
zJRh&~!Q29o=1Ct3Vd^;QHr{^N3CFe5d3||}$a^$+^?!gnCXc4S=+$c~Mlo^xYrH&b
z58F<^#C?;-b59pVglR70$B)5N9_8Q@Uo-EA_l0)|9xY{e@C&n<K4%)!C(q#X1sUYY
z?#v#y$Zp#4Ezu^#;3BGhE0JEC#;!*C#zw}Z=mMpc7~O|4WW;>g?D7Gh#N0;Df&Cfj
zJB?=^UPz^=JcD}m64iJ|I*J<8(o)8sm=IV9$#-%xzw(S~1P@C+?qaNIscp~bXYQx+
z{aMU@Z7#EvzSY^8`uzvlnQS5X*okWWavz(JZSY6$B<k!Syu^J&=U$%Df6^5`Vq0nx
zNR_z{ZQNu|DNvqmQPImYrFHB|hhDpgiT;YupV~-^AtSKRd)A#(vK6~ROVJp(xY(H5
zt1*-3&(#Hu=wz*~>BI*0_?y3K_U_$l3=NfCLShWqRLaQ6;0s~CpB4PZ+e1?~smD|V
z{$&WfA8yT~!B?orA8wwge`;$)ZBSkJ&Zjj~o_=xODWB%@)hM<ZRieHTB~e|H#Y!=%
zHPaZWk>mAmic0J=onmJrwmr3CJEKz;b~#(Es1aqdF_X;9<ae#uhE<7;lvY$x7G_em
z_y($}H3$I_LLvmkLd0lhvJHFM+lBb_=)ujmwGqjMoRi7a;u85WP1yDIQH;qAHBv{h
z=Thv7r0(WA@jk6M>k?IvXhg737SF~v)!i*Vyp;1wlf@H)B(eE1)my$^I;T|}nacl0
zw<pc!nRiR^7yk&ikCXbz&C(3fa9&l8U~6dVoN~NY%B~V0Vy2oX{;Q<UN;#%;Vw)p|
z!b;K{c!x<l{D^4RpVvkOOOpiK`bA658)~Y=SD9dVse`oUvV1A{3;Vm$Cc#4KM`^3l
zKCMRSbEA}9-%qBZ<UZ*yIo=3|OQ)1`HFC~`uw*Ai*0opZW68L#50#4rDd}%3OX+<%
zUMqd8R88@VWr~lduu{bF>GR_F)U!L0<0dfVzv^F<d>bcaT-Mf9A`sGO%nG>{N>Mj%
z8@5*&XJXfO2_{n=Ep&3F>A<!9u8ddhWs)rUDeV^<r5YJyCWJ(VW-cl_)0mg4)mDoi
zG6f%HtP4IGL$yda>gs&CeoB7Qe1nYthJC19WfWt?8hH+@4YH7nDol}X)sH!4eAg&8
zl~?DdJfo)e)|FHLw|-2Brzm;ubf)L5QtEEFRCnnNIW8fYWT@1Xi@zwPeEF|w*e2yU
z79V(3%6O1A>Ez;izhI_v<oT!;@ay|s>0fiHw@%dg%6w5PDoL><tSd(uuMNkag2Sa}
zqo%=lHb{R~oBBxVEp5{pWv)=(@+39HP)zLV#-9j~lyP|F8I>{J@R|ROu_=$5GBpSc
zGFLQ#UtNiHdDX~ssI^jFT9iJOwkdrq_*p3P%T;Ys3`*<zQ06z&q@wh*%n1$JtIQM1
ze56sHHEEnt=2J7lR>}XbOlfIpCQMyi#5lBxq@2&r&i)-KWD_^3hg1Yq1e%F}GWp6x
zDZ+s!lSWn#tKT?j_FKm<=cL$zH6($G#7F*LJ}--l{BB&dGWAOm@}(G=THA<Jpzg?T
z{FTXD76eO^Mfz2j$O7`aZ;uLzyJQ`$%#V#ygL93JU;3d*_?bEDX7bI?gXucvA!gqd
zb?s$>t+E(gwtcI=LOCu3)k-lyyDDWJU&i`*ukz`ROM27dmh^gVFeCa0%7iHs^Hud!
z^083<UzLyYv(dGJr)9k=Ru*Dehp$aC`3qNVI+=*}l~Y&pR>-3KzjEsGH|<r&Yee;#
zvSu1nzB|k5ljd~2w+E4zuWsHK(*kcH(t@TME>uM!?~U3ki++>WUWF%3_PgXK$93ZF
zp{aH%H8<0V)T+@*At}vhk`jbnr~Gf?9;Ge1Yo3!PF1&Q8eoS1sLdKxfy{Tj&QnDtK
zFhiwHO+8ko>lHkjtW(`f(=~ZE>JK@4>DiEOxtx@jFv+q(lDVSE{=G7`>!07cn-rqc
z@R|SZv3X_uHYl#q*Sfqc8sa8xXjI<SZTg))tZ(n-xj=c=F8^p$@OAys2>$C@6SZ&^
z0TqG20Ref{6Sc_1`)bgOeU_rc_{SyJ0Ze$-n_ijX8pGZjw_wjdt%`czc67bvC8l?i
zH)tivuF#0?;v&Q0H&&jytNu^?)mqx))L{}2Oci773OzoNQH1?(?YaI>v|O#EiopL3
z1XRNHf1{t&TB->Ac?j4B)2`#6m))P9lT8q9`^o=5J!9FE;1)`R^8YW$`+8@o6^V&$
z*bR&byWTZX%U2Ol5oihlm2fqMih4{%;9rD5Rh~E)Oi1QzxjzGY2FgAu(I{TsKCv00
zG>(18!7J1UZ%=)bYP73wyZpO6nV1WuVi@m4c$CL~QBz*N>-v0=utSvviR_lpDp6em
zaCNBnpY&g<BThXLr<=QvX~g-Wkz#QzQKOOew!F^mt&&)enVFo4m)%{xgV2i*^K$=+
zQF4A(8pmQR<Xj;3Vq;dFev&gu;;z9efUa%5Oyl9dv|K%{BA_DhCm?Y7x%?CIQnOGI
zP!aeCB2bkX&GAk1`S{zVoDio-5{LNOBtf>xUeCAU&uRDRbc9PZFBKkQ<BAO|{WbcE
z^Umhw@b_IU1f?`#E$_awkyGhKjU7GyUM*_H3wV}zIRA7b2M(-f<;o2#UVZlZx3?^w
zxI^ptWX3Mi#FAgA^OaPdM9PWvy#K*=62+;l*tt`lBrYYENqCs0n~Ax`G1Zk@)o&^S
zDgu8l0xIG9bMaJjQxW*bA)s$DTs)hP;wgU#>2gqfW;Svq{g11zTA{xf0jI9wp5O+5
zhTCmq!>PZxFg1G>0TqGE2&gK>%TTCaR0RIL2spPG%uor0J3ws1_5b(n!~eY<^*6Q5
zug_F&?Jll9)Uoh4A+8pqBA|F#Q<I8-iom}f0cA_Ll>}gG6xg`%7`v7)WA>aK#48Sy
zDl#~$9Zx64Cr;664y{|p*E2UufMD57Z;)WoU);q&2`l758W;Dj<HzUbvQ=?>B&o}g
z9%QCUVA){h-ehw3&tt;-8H{}GIYtL1bL!`%{Iu*4$zt7QVbzN9AHB**=fiATlSfj#
zc*(AgWnbDzrY*Re_L85eo)XJ&_pbA-+nPp%%Sz^L9?C;+dXpe=?tB8H7(B8CE}|Z+
zOx?umU+EY*M&eGM)sl1ZDCRZWS$&{xdh7f20`BVVOK20W2G7i&%%Y2h#HDKSYCDi&
z_r1cT)}oZlT+3&#FJ$}KH1dqD1hgN-xM|}UW@_zKe=2h*j$6&^Pc7iIgs3SuO02}Y
zZfD$m-3h<yQVNc+bz3~g)4Un?U>m%$*7DYq8REot1igB@Qnlv<r}wAh_2d}ZXRhI+
z7Z<WSE{g(V1g-mz=7E=b5|y@r*QC9H`XwAc?}|fMFkvmPC@VBs>zMW4BGw;HAV)&X
zl+@Ue?Q*xtA5?vH6bF_P4_Zws0xAN3BLXVn`WwMki&7Ez=OB>4krh9)b7vZsJ?~;-
zKn0ro-F&~@M#xSQCpSpA79~J%x4W1SSWW)^%`D&E1}EEETIOwL@1|Ykb(Q<V>->88
zd6%<YV&7@XQ%E|N#<rPRMBX}(mVOzWTzHIxTz5K5ypz7-?9q^)z^<Qm6FEZS;vL$_
z=`34X4ZD?FI)$5JLSCMfY9!oB%npw2$-sEeUEDS<gckZU9E{JyVC84BN5Uu$C(BYe
zbIO7qeQQWKbcEPUTUrjgTiR5NCiWM;+qj?hLH+S|Y7qQIY}PahD>>hL1g-ly(<58F
zjb~=CbnPzjWNyQr*N#ye(t`mVtgtGVc#4I2Y?!}~j<<=Se4|dxB`bbA8{V2nYS`@z
z3KOS`7mpB=bbzJ1{CTmrPot}`uB9SbVp{GiC3#W^=7*M%RcS|IVn6&^i0`1h4B32;
zgImcV7Qgrz=PifQaiklL`O(A|?P2C>7iL5zaCXfma)$LGtVajh_)EZH*|Z?mdC~!=
zSoPjFoGNWY<j~$i%2G*9OkvfT28Q&FYoz{C5l|8Mn-I7>xBX4!sl})Ws0jQM5Re^-
zr_L3TW6_RL58uZ~FR`9Zu4T`0al|Td7SG1ylVWJa$VcvDj88cQp{LpN?P+4&C0MRP
zaI$>q`Sg9<E)p$M%2>vQZ4%pVX9d;ekrGgQ7?bZAM0oW&zS_H&!zC8DJ4fOz5|`@S
zIQFlyqHkwMiX>RCQ(#BBj<|y%zD)ol9=5Gr0*D%TH)BJ@`+8b}$jF3P{8kbttxf?Q
z=r-bhhPY<KiFD?^okCGjvE0>wa4Gkj+u+yn7Dn|CCA4TWt5)yf;NH{Z=UB3K#V!mI
zqs}MT1;>g^lFsLH_(ClSx7ySZy-Ve5M8cMvTFBOuuJr!lZf<KO&MeQ>GUKNtqSv1x
zv7-&Pr+;PXfo!pztHmKA6it~1f4fxTbBvfBEfHem#gW2%iF22SouQH}TL;{7&ho_`
z8`{2m3!?{y<D0pX70b8t^}@r%zb;{*ButQZyU`3A)|M#E5e{rk5>MS#XbO(A<)Fmz
zn>3VBH}#;c?i8nXZ)U#`t~y!dZvm$sR}oMV_^T063D;kZu$sS$z&{azqC$$SL$P&k
zM>{{MU_-G@aS<gJ0a%7a(J??4Y6*wp6xIs=`16#;mvdU;pcUDM(zTv!)wi!AhxC|C
z%A9@a|9WR4B|L{kc0Pp`g`{K`kh?pFi>7PM35#@>SZfk+$fX^=o-JwJ6xmX)m3V6o
zfdTXs-%@7v<^0~KOM86WTh--PEwYC$vH$=;07*naRMVTQ2fpI=`WkQg61&joJA#f8
z_IN1HL2GR#mZ1Ya5*x&jUr4rtsN&8ZB`ZzhG@8nDqeY~vga|2XOkBz(JWHiHc>zP|
z6)C}_MHg!6?T>d=3i0BK<6?Cyf>V#Oe{YfmfUc1M!u}Gk&QhdVshmkDqU?MNB5rO$
z!mo*xoyn!z!;zZ6V4MmMljSp<))9_)O8u;BJn*z~!u4bvF&dHX`3$CQxQhfjm&z4f
z0z`?Yl9NNWdq4Vwd*bgR$BQnVQ$JJ$R0OU&0xIFU?p>f(Kt<p>ARw{c%q1S3=%OeW
zvSkz-uG*4f$_;vIP3KB6mI)~<m%52zbxoO^v$nuY0>s*z)kqNQ0wE9((16JpJ$le(
zXcnREGWquV4UC$06QL5K#LTTLgM0R5>;wG>ZD==?wwUwVGk;HB)if{?Bh4T&;S`Q&
zRARf83UM*IG_p}@`o=$SRD!N)EQDnF4B`IQ?`B}PAUx_A7gXni#Gy3Vm(^z_vEsB6
z-%clL$GlRBe<^sF3#OG~Qf08Q!p^~)fSW#H?oIVK$S%>-zi{YKF&Co`5}O;vRHv@=
zu3bk_@;Nd*`{2_)QX=3S!?H4);!=sjDGjxiICz!PUsd)ZF}spg<8O*Roy115s4AmM
zV*4rKA`MC$&+;<LQC-eA221^=BJlSkAk%`HR0LE6{=Y-O%>(zMRBF$i;dq7+s){m_
zcdz9{NfG(3?zom8qwLU1mLE|92Un50cQYqCh2YeAAOoE<aL-%J(nAVSlVG#*-xQr!
zK(q}XMBhQT^K!+V+`k}>ixzHp=d34b{|>gDy>h*B%l|A%47S8f3et1QmP{&(3rXCy
zo}*P2lr)w-{m-)33A^<1Atd%Qw(m|PI;~-yuT{z!^>$d>R^fB(Bj)d{LZT6o6McfS
zHZ>IWY)z*oYN7WH#NE*ygKSthJERY;`Y<|+tyrZHq?9BLzJZo#JzNMq^Bx;^rx7dt
zQy|jC*rGJzhYC595YdfD-=#8)LX?gEK?KF^BjJ1&iG@P$(o%>!z8CS;+DM4mM77jI
zDgr73e=!28gzGN`Sj}EV;Gc;=JBHqVmW+8n@mQa4cujmog!Sr(L!}jtMA3he9=(}3
zOC2B1j}ip7I<FHG=Xa$~#|VOhhLe|-!5b685&Lpe>V3;dN^*h-71f_Za3sARevhrg
z#_&qTXWTRXPTFo*!|XBPe4t3U%q*#me1uP@)Cfs33DD{?`6GWlM>B51Ilf%@5@RBs
z!qHw&P?z=ui~7*6p7s5ae178^qtQ-wQQp9`#n158YcKNTtZYhUmNeRh;obFiet1d*
zT@CLwdJ)jN3s22X=gH|^8TEV(<)z{Dyzg!v8XMX0$}8U;MA~HGg-u*CBl`KFmjK63
z9tKfAx{*@q!Tla~=nX@7Vde9@@X}Ns`8=QEYJVd7-Nftfw-@#$n;Du+63E=xk4N9!
z!4uz3<GYXZ@$&b;C9oYGgy5=^eUqT62UP_AHUu<#_wF@@hKAzgq!<HSn=&#o_#y>9
zD`=oQxb`yjh>F0!8iDu2t$8$97PNm;DoG<TA)ZqS`Dn$?$-&!O+>qN57%I{)`zi`j
z5{N#VDrP_;2sio=)iV??XIrc#Tufei0%uMpBSI8Yat{a)TQ588MdA|>Vvm^^nxEf(
zib6494-+y`o}T2rV{>M2^d;P#j_o^6$F^;&V<#QkcE`4D+qP}<j&1YFZ)TqQ&v%$w
zuTRx=u2X02y*38|T?y#M7O|Kj;Po6Knex>d9F0|?o*_7A|E!yiHBcr;L=eVesiQ27
zp@4ab3@N4J61kC}WGnl&mdu=UcM|VMWzGBr66#MEG<GCp=P@R3dJIpQ-M}K3X4cDO
z@+6)AsYq(Vk6c2Y8-o$+ENm$pAtNjQw~s?bxaRto<|&iIIrjctfiiLI_`C*b?}L^G
zc0k;FYfDtJkbwou1LT+0_gInLV_)`LnX>OG(S3f9p|)ReB089Z>Z!z8Q^Q445buWO
zi)b)QrHKieZOCZ5eu?q}+6uw(!FvTCd3mT<=exN4!dwVAQi|-9PS-F1#)H2!PJmKF
zSz0?YP7TNFK~6r=wIoSVZ_Ffj9#(kkWApP+%PW5!d0)y4`TymjX9w|XXkZyL2Di14
z2gNUw9(X!CvwjmTI`)6xi3ReV3Tm09QVHQd*W*7h1AO@;TNaWt4++b4s=wvX|6oS?
zTM;fw_biMne>2YiAT9i#WJ_9jihJj`CioxlGku#*Ri>YcbpILB|AFa$qQ#t6|McO%
zpYwk(Da=ozH3=%+sU^bye<7z8vLv9qHKcU8{Qn&B{~Q$MKXHjd|6u<uWc~-fhlDxE
zRfmK{|IZ!1=RqWAhdw>2`nzs<c%-X~MPAAV9;DGIrZ!A&>n#ztn33FUs&jd7ZPzr)
zT6?fq_nbs%jO~5XX=Ho&RHR(J<{Y)v$7R(=%nc25KTC7;-elR9v^^oLJAdL#E9k|E
zR+r|RKXoH}bkx<Nh7K6@q@{2Q3)B3FET2izkeksPux4T*Kf2pqd}Q{@7$w?lW9vzh
zVBakyTe@0R0P?X;87~$S$4o^uKQG;>)63+6P|lZhMRP;JRoX_5g_-)jSPnrE7Qxl^
zaOg6dcVf}X2l5%7F<|vgv6l1-UMIZGHB*jQj@Tc+zDz~os+bn|)p5iS()U&y!K|<{
zUUj|DK)Qg*nK;yUBo!X`m&f~V9PI_TOe=^-VGc@i;4Uydm$#{W*M*$P=lkI}96F=q
zts5)XNw<cyL!>oF5m|bB>wCmU6IfYaOkJu44h*EJme?MzpO`Obnfgz@f|3)R$6I`$
z5Ga8Yd(Uxj39c*gu}Qsy#J|upgYE|SyT?h4@wEG@=H2$$pN!5&(2JUMcwe@=l#F8&
zQTuNz(IZk;@S@X9ov)~hRIa3wAHl~Q_Es7dheJwvpx$lVSdKh<36?C&`v~Y`oG-kd
zi>2$oe-c@;vgI;JW)$Czf_R*Dhm@Tv8cf17{>xb~%MIml88SY?&qvimV-=mwcTR#o
z;kiw5amWs3=8=(r*B}<k$b*?I$FNL-vT`2x*5a0eBy&CR$Ps~lkI&<$G(yQa_!`qK
zJgrwy0~?z_Sx9~rXVOu(B{dlw2@|^S%{#~9VRH2z^TythE_oJ_G?|(azXyuYCG}Tp
zZ%okfAd5d}1RQN>fv-Fj5seE<$_gsRp$YdsM3^uVoORL9Y5W`Q0W-ZCrj92PtY7Ys
z?beSOd@ixL>$i5(wfeTn5&<w$40P=yvz^^_rd9+&D&DYGv_M8I`UNEg4fBE_^87mH
zAb&2VlKX|3x=z@fZc4Ol{i8$V4v!VYBIK%WXd@O~G+!Td5N#eKdpoYNwaJtFw$dcr
z@h8Q_Qv!GRb8)J5#xeW3P>ytSg=!4DL9z`58`Y9AIzk#%vA+deDs#j#%J8Kpi3=&K
zy9Z~kiT8N{8v%w2@pTk27LCS-En&oc^{l@4(r!|8WpVkO)D@XG7HGb~<l=D(M)Jwr
z<>fFVv<rWW>X|oDjtd6sK9#kV_>Dx|1`1Q8cs6PlQ*$e)l0}*$2xsA2TNjb>bwgRy
zQ4<ywC_rGbP3X9P^<6KHGb*JDOq`(Jj!~Ww6LWG|W^#wzGmUs@+#gb)h9r#jtpf0E
z93n6Q?5RrbrN6Ac+wgmam*K>iTDyt;9g5>9$`YZtuV9bn$H<$LrQjAZ#^ytLQw8;$
zzLN&nVsfK&Gcd`bgjtl(^Sgyv8WY?F-p<hLG{0ZeNWt0UGPEa3C#4SbwUX`wMW<R(
z7KRX9G+X5sa7ECTp24`5CDIDCZ$=x{)*zPz+3oA8YU;(wC^Rq4&Z5&Z7ZX2QmAV~@
z3o4bJ9vrT(d)Y?d-qvv9;B|8rnpuA8IJ2iD#wEwfxT}CYe#*nP2>3_)lMKBJ(-sxQ
z$B})Q8iy`TWiQd3mrBZ#lJWRPc+!YPom{&>>t7>cb5GuhhmH^bNfonl!c(8?)^NzY
zw*i1;PSh~&$EL<f+Dr1zMKZP&biV!|6y&k3t>3@ZY`IS+Fr|+EGy%!<%a{!pw)z@-
znb77;zuIg^WYr-S+ZR_aEjS7(kP$6QtR&OJ{Sa{{T=^rs6i7Tbce|giq^%ejoH)cR
zo1jlIO~AyHJ^+I2P2(rC$4JW=m=On!NteW^!hHktFcc}BM`vEkDpgpr0O9~)^DeZB
zB~c!cg=?CM?Jt#8l8yq7f+H_8Te^xf@l?>XgbSdU`lCbsth3{Io5*l@iXYM(O%>H<
zZch2VMB34p+P{}s=fcplDA}~6lAMst7{Y87D}Zlj2gNr!9R|;r^YxfzCArvE_SD3n
zOcyh-5R3XDss*f>K>XiKh%hVAlQPwf#4lEs-hQyz2qTNIX@OFxl6O(%k9-2@9(SQN
z?+BNaRuEG7-`1Yr)BLp&4sPIKBD>_(mh5k@dwV2v({nhq0}DHgtN3Iv4kz6Tw~Ejd
zao#SLCq}0*ib(LW!YwvrY%d^U@#e>flzS8}KTIsw7$!PlvlW;;wds(R>oQ3g_EMHq
zAdXaR3G;(CPJiT`o~eIP+=*$3k|<+!{xuCOA`W*Tqq4I&3a;N#NR5><Q|EAP+6fZS
z(4w{&k&`53V+!S_IJ=Iuq&`@cKP<`%@W+|1L9VFI6#90_;xx-5pgeFkJ0W3{Yt?8C
z1P>9X`2jfhjK&s{<do#ZB<mT!-B`nR3nMB#$EH`q0_M`_xBvEOVaq^1R6c9+(eY{e
zSd^OUQG$GB|K7n{ijBD!O!DLkK87S3f4naq?s;sm(UWm{WSFY@h$_y~>J@=W&5`tA
zeC!`?acKY};d;DTg?8D}X7~NkE1BFLpY0O^w$y}+AbS>mW%M3!oPekIc5ah$x2O_z
z%zP{i#&GN3xuO0^;{d2KI6$iXQQ9~-TMn^z=sj%k$}-_emtN;rnUH|1H?K#a-URRH
z_VN1*^FX*Je@K{vTq=QW*NOY4isp)@H9To*NiDp@`)+#nJaU%)F-jrJ;}%4oR+ByB
zkASES$=2r8-w6Z!?^=8NGPz0MhZuS-6-BasDlL^|9^|ndHXpC<sDqr+{E`cjn7+_8
zt|$J}=9%Ebt_jB5$xB<3^2^*uZ*l7T$Ruo|9HG-P8~0lea-Kz*(QH}HLM{HU%VW_>
z=?)HvquZs0R-7@a!iJ^vM>ZMbIVJ>Ki;^neG_vRv7X13phzeUapHZsLgNrVAvijop
zh?f=#*kcpX&$ZQ#mo0Q;8pj3Hhoe}dX~tR^O0lF&12IARc|IJG9EJ9ZM$fy_4xV7_
z+S)Q?u5?h&K$^Yw#XVQM3&jZYBdN{yc7fAmfi0k0$HNFh(QBgk$691py2QLqZug6^
z@#ZT%#4yd_V6exmqECwUol3o}HZM<+)8Ex%WA3lP$mfAc<Ef17RFB{Im4(<tGjGo?
z#n>b2tzrF|@U^<c$n8(hp`4ZYU}FAmPajwubnHe~Id!K$u;EQ>YwB{xu_4?n5{N!u
zG}S*|w2VJpLmV^3XJC~L-}ok<bY=9VO}eRI9JS@NUe0Ectl82Hj=EA!w!Z=gG)Z$L
zbb1l0CrwTs)#@U*TtPQS?rG@gHLB50Mt-t-f3n=6p92#jq&o9|<rndaXVncs`;tem
z_N}#+Kkqis$$5Sd5;^!B-kBWLaFAwt5=ap64AGw~LbQ$>6VUN#3zZB{XGGm0g|2&X
z-%Le1wkR+mowTBC5F$V{Lq}c6<t$7G;f8njbGR}_4LWtor@95L1kR^kzXY~%mA@Y|
z9AJ|2xuOVdG6mw$?!{|v8^w=6gd3(b;LZRLs;5wk@l4K4q8TkJc@9Vlg=L=;-fTkq
zxITU`C8ymSaw&H_OQRuGb=#5>gc2Q@+rgiW{X0s&`=ocf*I%N4ip1YvjV2jC4iG#3
zarydAbZKKnL5G{1#ghAHG4LpKoiTjaC}UXDyo6Qh&pu;9x}S$Wc@m(E$HDC+mLsFA
zqA+hM`qD)fc<I53<ZOpaClj^zxOc@cu#U&J$MHzF)}Qs^9`wbXikEC>k49)d9J^}?
zpE<U_#gA=Ho8|lXVfTPY2+)lTjs^g&7*o1mKoA07?5+1GnN@gQg@bga4sMhEc&M{c
z=nP6&5V-Ne7Hjccoek01tW&2(ri=?JRs|jJ)tQBOQof?lu4pgB=E9V5R-FU<8I4`e
zp?)_w&@mIn@wDv_u;S5@(3X~2!@J$0WL+sswlW4wCvp%IB>SDxuSKTx>}5w9^1tfq
zxDNSwY<GQE26@_&hXU^(Gd){YdX=VtFX8M>Y=J8>Dwe#?*!g&#kx!y-T2-$PuX)H-
zXMr6WmtXjhD<ZqtDFczT{caD1TP?iLG?`q1FrmnrNt049H+zZ=pPwKw9!m-xml8Tr
zyd!kj9~g55v$BdYg|%n%2psC`v9VNLdIA=1V1UrTz(!ooz4Qj$55}ud4as<~uoW+<
z6K)SSlq*^>2Rj1wUKhsQRo&;l2b`1kuDpJP@YeFT3s?5GcZT%fFv^DE-D~w$-(gNS
zq!{Xgo#2m&k88!XCTQcM5|>%o^^xX$joIGQADV191~>3#LRM&LOxZEa*JN4VRb-vQ
z3V#U#;)j>*FLOD;A`b_eJL>q7ojjc9`kvUC@U;AvJ%XQWs>RbNmziwrkO9K>G2Xc`
zM$P*SuRZWvXqseX1VvOTx`xvkm5x3hke|r}cR7mDyg21yCcs#fjyV?4M=K-k=3MC$
zHKE>9u!?Q-zt??t+>5ml2_i0cJxRZwm5;pvFfv>6WA#kro}@|sS1Eh@rW99a4;0}M
z;cw5+LpY+i8&m69&Mo2}DxZ`OZ=ax>y0}vo*t&mjFV;DjX2Q-R`u7vu>CF%KHvTkb
zuxKzbr<SXC<UngLoKdG!#ichm!cV18IJ2W1JAHX&u)*fXBj$RLzUA>WXL&@yM8z>f
zg^%8}B<3Q}9WqVB>|ee{MDcz0Jy&^Kem!%^COI0;-DbD6i=Zz;g|{3jbH(Dn`x;sV
zCyLwnMd6YaIzx2xK5}4MW$gqyHP265lD#cW>^3bwB7W7e6>s^Zn;xa7v>ZZ+ieb$x
zB>j!;Oz>!y_^4~HGZjGxz(CvrZ}l82Hl~8Tc2BPNxbcvnQeArGA1~OaqO&WCu3!jf
zLq8)DF6&cn&-q`$!xKtE%Q%~^By*Y~GU!a|8_N;4hdKuQ{aF%>uw+y<-&}H^6wlb%
z4(2epKGEndr}g%>_8MR!jaSq06<<arR32)36m147_UYHrC-g*(2{GpxS3iP&euPH5
zTB>8UKdH{hxuGzUm}%a_#*ukV5=}o8C+h{5)U)37bi8nL52PPFWe=atx}<Qmvk2rJ
za{IVK&~>+keBNE=1m=r_$+!_C)%#%9>ud=eSHMi1D2H3jnj23|BHxn5E$^LFWGnP*
zLl|zTL7hx)jri%#t+rG8@6>LlI^HpzbH9RXTZ!Ce*d>{UQ_4PA_ggrjb-XW+uEP0O
zC9EvKmQnH?AgTRx7&cou5z(R=Wo3`(fsYM<%NXqS6`&69jLp)HbZlg@CwQ=Db<*A7
zwxx?Gtf5YS1|iFcwjnmPL>;CxKi<#w@4)+`e@{GDu%j|mi0_Zzk?qh(baJ?qBoW^M
zJoY5@c>@PrtxpF}2O=ik!Q3s0+|8GfM1;=W>_vVF+%152wbjBAP~552oncf@-y8MF
zs4gDN$>rbPWB$Tmy0D8HvDmW8Y_~gWk$qNUWzkQY+N<U+`xZjT+AKC`KO-?^38yZd
z&-Ny~mqW4JIY-mm&?`$$q06+$BRc#cAdc+-7CKK=+MydU(jrD+v)W%dsU}N$QTr~v
zqy=0bTp=1|)>{?*JRW3xUhgP;HXK5tP8?`qcF|%~b7kcePbg5n(xRQ3qk<N;`Gmv)
zDl9B&A#J+|WV5B1n(#Rm0ob3Hk1Je_1ccPSj~*gu_7lGIU5Y6iY%xi__EiJunik=l
zq46rg4CgxF50JS|HE^t91>IUow8cqxa|x{(D1B<`X%cx>eAX@UVjZ1H1vPJ}j589j
zBQ!HdYx*<_<ad6^lyg%K9e)WdY_>xaOSmV?VMZq(`n&6CDB>>A`bf+hXT${`_h*g!
zksddW{8u0GP4QWx_{%}!Ci>|ua7R+IoY~jZ^yi!DV&$|@=kmzJ3WT~7Bcf>RY?gyH
z4|r8igz7oF6kXg>6}say$Uj4!3<|x&+Qd$ilaGSsf@=#jV2Ai_b&9s`nDKpHaLlUw
zF}?1zr6Cgr394ve^2@_Z+L!9Br_|#j(YYU9>A`uQm{+)RsuAr?^dbuz@j5dr8qo8$
zI}#$ghz8YKAime)rO>zOL&D`3-d8J&B9At0-auYW?Z}2<DJrq#i7td%m+LK_-L)Pn
zzKZ6@-e{^vGO%R9&>9T<?Z(|S#Boc2K%UJbxxm|+7`6LpIdLUsJ3V!;bo!TuLs<$6
zOwe$*>&XA8|JZX`&DyIDf0LTHIsjuTk=9^wp)w^jY(!8=crY-^^ubGfp+z3oo$Xhf
z*bM6e`1-ax=4{Z;1%7z_nRHe<4u5&*IMn0Tu$@&`DQ4Q3V_h`OULx6{gRF+8a+-kO
zCwNd)?M_9>)6+6{j~5&JSkNyAOSDG!%7uOs<mIK!mi*?-k}#1u9AxQ#k^5w7I&KQW
zix`9obC<CVaIv*Ir-A9!2(e+DGzWx$u<t})IpJu!UU=g1#F$ir;X(9{z7vgrLPRKZ
z!hU$$LQq8wS1O~plA}UW;;iUUD`p{yzFacWbngOK1x78V<_Q(kAnI?bfFvO;3cGXZ
z<}S9IbKm#~t4*-_dQ5grO@=a)ajH{26p&jo@{Aqa)`rd6Y%iAwB<1~!hW7cNF3nPw
zl4qg$;XIqxt})B_j>9JRE}$YRvEEv1^4Ve^#YHT+R*&K80Xr!xQEB&o+&53AZ#Nkd
zT8?6f&hutAwF^2i{Sq158jh(&K8ox6<|OHer&S`3GU=OKBd|SQkS?iKRzoBLHQ|3s
z3@RBd+ArBqx;#Q9xb@+gypa<Iy0+19jeMr#AO;@W5HmS0NpdWzt*+z(7+<DyH1$!Q
zuvxwfvc3bL?-GzHnreDihh*_lV6^TI1mJOYc9G;r)P{XG!YyIaB6VtKxHY8_#e(N(
zl0K?cb2<9Tg9!`lJAV&c11&KJQz%^^9JV#38c5@G;vs;Q<G;x`(o(Uh=pjoP)xzOo
zJ7Z{!2&k9yVmT>Mug2mwb0W51DUmVqw=lV=2sp<glk)5nhE|h9FGRJV$tt{RYM1pY
z8=Cdvz_2y(Grm*q$|EZ3+(%EA`n~5U$5*a??b?xQ=;1U|1e!RM166~+L8a-;;UMIb
zm)4UhUN8sXWh_LT_HBpwW>D}0*;B^sh8D?CWA#{MlX9Qk@rmagSTv&=dd`!x8nS?X
z%?`YP26txXsus%M;%?}Vvd2<&A|xgGr!J6yLqds#@${~HAWMKqY4%W9*$7gEM-G7Z
zvF=~Gxsq!4UxGa>DY>;qhdlGt6(#i$VzJYmf^yW8o<ic&G~Z}$*@YU^IHswZ-K~d$
zlqbX6U^X_D(nVd}FSCQN%uFxb+0vNLL^e+|0%J@HVr8x!y`$d)3ba)f-9QBIq+~^P
z9clM~7-;z`Eb7hL#^ywZ-v-4)g0H$EPR`JS2k`rt8D<2AGqRWlaB;JRFc+O7_Ci>}
zij*zAQbO{L=V~x`BazK6#3ReVIS>lrxuICdSmk3wvZDA108qa>zTyTJCf}=D;QiT{
zW)s|X$6T{mWhvz5sr7<v^=1$A+$ciEIkvd=8SxC^*p7y-utJo0LPI`Ohi7QwVQ$dr
z!@`{vweD{bY#){5_`+TCsR^M!nqY+!`U<7!E?VA?r?b(2QF_9{ZoeDU;w<@Rz~+0W
z1gUFjNhrFPOl2Flv`>FK2z=Nb)T<1|Mle~G%Wp6>0`P8Y7HKxBT%moTYm-fC)?I@t
zd8wP^Lx?58Yp0^C1XO=k?;D|ob<0s#ayQvNW>CH1fHN)5;<?DvER*0mS8d&6xDYX2
z(G|#0eGh128sYUmam+{1<Q5h;QcNEMJ~OB4<{fX=5m_Z?<R1Hpdu?(WTpbe`@aE5I
zM|zvm7{cESFZSX{9ROL90Th|=*lx}d`gdy9dsH9RdTC6P6^7mn@mFpy`d%k9B@kE#
zF9@Hx$W=bJM<vQ{0HVJ{T%F8;$8quOh%V_EZZKEkNFI=6@(iwAyUIGD1U%dOKErZ<
z$t6(sOc|hQs?uw#e;DA0WFIKh-EDGYuR_TUN((suq2OwO&syB^QnV43IhHWJVUV?I
z>mkF&rbAO@e2ugTBk`1^b<?k)-6kKGBw`{{eAgXK8ZTG0X5~0gCWa81;TVYRX~1A~
z7=#zm5kbSdOD~m#ePbH%60KuHn8@JwQMZjCvu6ini)A5#Wr~1JQPd6`U|s`;6o?84
znB>Olt_QWY;&=?jGA-WHF}GCC4bs#MsuIrrxdh<n(on53pFv!=Wr}%ezxbSIf@R<?
zzC3k*v+^cS6*eFQF=PilhhMXRpMpl^Sd;t_!dwkz&<`DC;5Px3U9(JG`;BFslS^{D
z$JJX#yGMLvEGRVbc*gWrW-61IkAv|c+qB!%9q4QFjxlWkPjg_z`)EM0n(&D;Um(z1
z_yy{u+zLJLgwwnox@??>cx*wCu|QQ!H)WWTqv`0k?&_sAXjm%5*QcuO$q#(LD2wdl
z*x1R(#7pAn%n$=32rI6+)p@yl|2E0lMJR?F31U{pz)uz~^|<){sX>@kMb1FipUTCk
zwGVmp)F;!%k~61!!PUo|P6<g8_@I6$qt~@d+4^#*`%KL>FK3Q8McbqblR}`XH2J@|
z0^i4oxeK$=&;(&2$dK_61;YCE&BqKzD6XiG6RZc_o=BbYLc!~gNvu+*1*fGjk4V0&
z$XK39<P0}Npawz%hSAr?%%)|zEJpv;cZ;Xewr6iQvoR45LCJABpn+Y@#c9mJ^glmX
zFb;JDs9up9G)qgcak}lEZV49{v7{qx3fIs(wK{I|m7t+*bv-xO4AZ$|^wVKW=o<0u
zDhUuPnAe7R%<9#Z{Z?9A)*x0)Wnsx1CMg(PO#NX&<?V0t*S!NOdvA>_oIx<i&gj^)
z&Y3k{hYEw31kq_jtzPw1M7)44H+Qh(b;>j1S5}X1QE29cr&Ju~!7oC?^N;t(T8&-s
zK;(0UK3R`Pl%_2t-xdH~0W(kJTn@p;&Q>r(FE+c97Qx<<Z;R=P?chzS<KjaD`?w%#
zDDRD(Gjk!LN@wt|pM&A6F3$?Pg1_iTd33il<dp51YgL$n@+41%=gO2oGR-MV$;a~5
z(D7FNtMZ}_UyWZ}d3^jtTc)xtavS%L0{$r?<^sF!Z#O2Eue@bF!UBsLek}+`>J5Yl
zyDuBY7?1tkI$y;>)rt^lAEmq*;<^Wo5uV^}Xb!AqVyoHl;t`2eQRgToBGgcU7QyY+
zYD<mO4Q(hTNZ$1~2h$l_^})pA*%v_-_o+Upcs8d6BaE`A*zCRZbJoZVv@InOL2Fm*
zoJl0oe;O@4{@qS#_^{x#hsi1|XR$%rM5`&Roy10P0WrFvNfMWyg2MSbm{i?~xICJ$
zZ=R#Wvgtygf(kja9$AhXq~iu|hM~`g1;*G%z%6D@SHeU$mb^*KZ4VQ*XHX)$1{nV0
zcy5OVmDs_NAwr0hDsJAr6Au|HrdC&Biyb&Wj&I<-Ye)FOZR-;Gn|Cg>ViS`(<AEd6
z&Pu6jaxjfEDaAK0z0QEjO~z~@(<-5q+)e(-aCEFq_++$sPTb8x>dikdCFULp`)I1z
zD;xV$`{FJ-1hq34y$;YlocAGLz{?yu>%kgdYe$n!!(uCBqg|Xk8Aa_(yDsPOJ**FW
z6uZ?1hk`{J^f*#bm?)sfiuCAOp-V$cI6>UJLd8wdN2(?W?r?Xdu;9QNakIv_ZsYVA
z@uSP{u!~G?cI07E`NH^u5ODjRNK=DFiD05QhtpS}sR#vWuO~gHrE;Os&t0qDC`A@d
z4bO^Vx9qBpcIdBo1xC$X7xjYA8jDN0#u5bIci^9+?pmbTC#+6<4X2q@5zlZLadIj?
z^gyY1cPr8WC`17gEzi!vxXf~3A*}=sHs6nXk5Pt0zk9qmSX5VGZ~^VF6KjcIeF)mw
zi4CM<O*-3(B|C3mV1DzjvC)1K9eQ4a;f~hb{vmeey>!AU<&dy8t3Hj;EKlQnI+;99
zpj&D20=qL@^VH3`AKwp~WlOyw%DYC5t&~Y4iR<InEBv+D{N3O_O^!xUtytQ2)Oihm
z)5|uHh!hK>_St*nSb)Jvl1!)!gOph=&<SG4`Z{Bh@jcb*V1C5|qsvP$N^@|vvlg!o
zc8!ZY!cX;y@j`W$J-lGjd43gzqEu&w+}g8&Dz5_@yT15jjWbweZ!IfGZy5=;`-OxT
z9N+!P*Qi{}%*vKf@O3uRRz1^bY{m@*EI6soR^lfx(mb=mQ!f)EqKf@Fkg@fu-SYj=
zV(sqNP3gvHmbp5E*9STB<{ifA6I$w7cM<C}VEdHE&{&x;zNP7}Q)n#0Y^C9a`as?R
zXAl|uU)yInzS<I`Dipc~=L&-BZc+Y$L(=6Ry9eV7o3kq{Rsg|`8L8H}HQ_`5>6<nE
zMoKeorfi&v{TnYRTHD<+OsdwSKmcMcsyva{7>rPnl<?}AYi>Yx#YSt^dEeJ<Z}Hc#
zWGX9TXy1Fl@DWql@)5Ph4V>;&B7~zjWUT)XBT+BDO|x@fAMCToc)09?@|uYwN39n!
zouZ#_r>Mh`c6jUAg{m595xyV<{J^rukABY$;prk&ZJ@pJmjwj)EX%Cs8^dkcS<6vV
zct~97R7r7A-TmsSXA8fMO(lyGW<Vb7No0LJfT5Pu%`Anp);2NNK$;gI_9dhOWvxI%
zXg&a$8YGkB^OqS(p3uzwccfgFcWOkEb6+qlQm+8=FFztED7l@b?osH0?T+#D#K_F?
zlaC;J(=i$1EI(U4+t?>pSOy895G-1$L+wQ(`mmqL+9YS>e0$kG9#H@=G>c)9jkoci
z1@K4)saY~g%2h|DfTioi0@)Pi(2^Mp<aZG)is|bS+iF<{q%z<z7(sZhLCZz9i^KKh
z)3c?Kkja}T1e5JpA?S;`+Uq-83pZ<aLV`F$GC^F}>!fFgA=!(N;i7g2QZu3tNV4Zx
zo`~5TC$8*I2IB2k=sm)XYdZ-v?Q|nUAI9`Rn=3N+62webhHc=Qlb4Zl>BZ0Lcr%vP
zu39_B&9jBz&t(<G*ItwNGrsK_X>|H;qs~Fp!e$&hvZC`@hG0Iy=@vp$1e?^6ZXHkf
zyByI&+YycJ<A9YEqD1&3<#Pl#p}QnxOqIGJ2nB~N^T>M@Ao2!M-Ie-_&Wjjy_e+h?
z%H`qSu<xRI58F77;aGfSheEIli{m!?VB+ct$H(Kd8I|XeKx!*aIV^7bG?ss0W?Z6`
z?4LL$osQshbd#L24T4~ipAha%!Y7`OjW`GdUFu_8vbQ+hi4TWCzwT};fOW-Qbe!h^
zFNVLnhu@FL531XYRO;##yS}S-<u#qrz2P_jj)<~v-Py}(K`IeIeE?<m_}GMuOJvNN
zG0}A6+2F-Eq{aOa8u^Gw@%W?ab6$Ia`;7o*D}5NGxAzp;PbzzTkXI>XazWB08zfX3
zb7EoLh4C!)XqAMfVe^;$^b<k|DI-Bd3z@~L*At(ck6Uo0n%Xb1P`wT8P(a^-K0S~Q
zTx!#hVRYsBFF2Xk`0&5%io6THNX^$Lz3U%B$r`@Jo-5BNYrC^77gi9eP2dO}A0JRx
z*W51|>3r6_qxaAyg!VObq9+k@4Jo@TXnxhj6|Sfhs{YdPqyt=ggj9?VS^b#2dK4V>
zN4JYyZy{KW-?eQ&oltho((71SfG1R(xj+I}57<2b-A7gj#D2bEW=d9V5&d<XMT=@t
zrp!fW%U%~6_v;oJ^;ZE>cMH4VZV;2a^foy#d&&g|AQzw5;DFBfMFjJ}v^NdYSGe9{
zm(L=Lb#_6M*R2?UjP%g0@`G;Kv;6uUm7|dy&Ns`yCmd>O1K=Qu={0?_-+EtgL+{1~
zu<h@M@1TD(1`il-kbZj4>z*SBd$nS0FI7@^4DLR>i+poybVgps!&~Dyh;Gkr4r2*F
zv|VHqQop%@BW_KR6-x5nF#bqsR9{;cKGGb?6fv))E3oRnyI*DZSMSCf3=q!7ucy$^
z#sc91@y*L4gw0z&Iy>_i`z*OTI5;rjVeuXlY!HY0`3+x1f*B3nzNK!2o!S?0`?CG@
zMe4W!3bxw;s$a5+?_%LpNy-KyB<-z-OWjBYj9Kr4pZSgZ#pTC49eme^Z`n6)LDD2n
zu74Y}2K=dl;*jqy=41J^!yD6BK;6MX))MrmTcR}Rm_fa@Kr;j(kG)u`JIctGbd%b%
z|Fn;aIC2<!_rU<hPnim_Y2C551ab%3vYAgD1gG#HXSj?Q_kO)Gtca<IkIi4TTO7aF
zT)Y!VAz(WJy2H|XjmFxFrTb2t^r<M80DSRQ3P-^e8dRD>J0_9;L|eR<l6B8If_hwp
zdw!QwcM@VSA1}N-h>CTf43v5Il}>*t)ynGVftGH|E&jX9(P`e%DJa=?n?bLH!UEwV
z18tB?%bs6cdVQTI`qP~qsW0F$yv4Zin(^g^_!WE@c0rwzEbHvnKT0+I2|#N~Qb=g@
z7YTnFZ(~t!eCj4wq!JS1|3*$QQ4UfSp0{t~Wu^(_f;I50)k3|I<*Frdg{)B_MA1Q+
zHJ$B1frjc%`04%JZ$;3YN@sH2rozA`cBP%8UF#^Rj3fH|o~7f>J8fkTnI*?z{9~_J
zWh(G#KSq&w<^8$Qg2f!t^cyRPGmy!wh|Hi<VxSsf<m*h)!FXCDTVq8ItdQQk&L?CR
zij&5*z{VgJGq7!0d!IURb2N+Z=iYG;XB=C+;Z@bo@`HM&F@1N+U5_Q?V^qC=_)M{z
zdMzW)AU;bV%|I^8L3gXTMT_w}HaS;6Clup<Mey9VHHXcwA~%n>%HY7T;i`|{(&_Af
zKGk#S)sWI3_-;G&vwT2~XiS?-^9)8gnpk6fQI4|lPEXbbE}W-~TWlwYyQ^QANC207
zx_ekkfx?+n(mD^K=$&s!HXZG0M7!@ICYfXLQkQxi7!J$@ozul%AOBR7CEZ9}IFYY*
zx9KK+ckOubzW?RLw;=}*MfS2kb;i4VGDI56+40%m`-NIW?RHM2y`YXiVVYTn?&Wb^
z>K)SLhft{ZF4KKPW}I~ar<BP2HXrL=8%fSrj->m(+S5y&BOmGpJMJXFR@F5JOYf|g
za8d{2uR!lsx22`Kt#JAw0>b9c{LiJ<2dJ{KUOxPdw_c->e8#!qk1mWib%=D3I#X|-
zeO|OzaCF?;;e_@G!^WIz7`3VAAVe8%LPa+4d9$DRtcl4*J((pTmZ+xyLXkFihx#T1
zOprp>Z&b}%4itbFllb-nrcc+axAR1cLUdJ)K3X6&L&!_d;!ickuKiqHYyFjUAA{2#
zenRGYOEEG3rhI}N0$XEH<~}Fmhz3+FkZnv~o^t2gMKP{Hin}{*5?WVS<??6K)a*&*
z=KN<bsn+`^?)03Fuu#y$9mX#5X=52<Vwa&Iru(|_&@sFHqTr!fRqBr77P8qiRJm(4
z`DQk@-1R%OYRgrzY($qlWH}=tGd_#0w~WbDecX@7uRVb8qEf|6!156+nWHBJ2~0hQ
z5>uQmH&=}5jc<#~EPNUj?u(-{)FN&C^I|;(s0y2{t2U|85{0l7b~JKT5V)gJB>VQA
zDqhEs<a`sIn)6?xyDq5x=6n!wiCZ9@1yd_$Awuu&r-_Low#Pu)3(IDwYY4)?*aR33
zB45l$wP%DFoeNQ|6_L>k`~pj;fgzY=FuRm>2_fCGxP=9_2sS{T)0X>Jbw{8SEe}7i
z7gp!xdx7vJ1*y+CVOpNzp!xd)Hy1^E*sn7;`=w>+k4Sb)T6B{^9hD5tCp+?djAoCo
z(LJF`4217BO1o@!o3eIw=Oor)IyzCGr$=tWRf!J$;D^=Dy$YMeqJrzkrqpC6Ht=?E
zR=a5YEV3|IApgN6`kR-g@Th1CgL*iKVl?*zq6+zvKlC}7`Ua&$^=Q@^E#&)<@>en!
z!t0a!CetYr49cIKrK(+qsT$~#1bl@b&cdTzOL3WA7{LSFcjjCJcvcGyZMKBW+Mip;
zw}+z+c~GNd^VA`iLqP!An@G+FVbi@izS7-h;Q1S2r4O3pVsr&|<g3wPb)NPv$Fs$+
zOdkM$jPomhmX-+IKn}y?uyyR%47fJNDB$kn0HL*OR2)s9-!rGfqnz=`0A>UdvQgy3
z!8Mf|YT=P0lfe%L12Gh*Wq0W6=sw^GtA>nsz&)<`b7-XF?I52sIT2aNygvTTT6!~Z
z;Zjp66S-oSkG5=@eMpxvtt-jVx!P)HF}dE%{3=Jgzz*0c%HVu!2#)y}UtjB2oXsn(
zn68dv<HB<)jkilXoZP!-La$vFe8T^;{Btvc!-ubRQu*BMxPM{2h=~VQYiw<VQ)%u*
zRAgh=bx>x%>S%9pGOR@))}k2fe_J^R0e&K_Bfq316`>s*BvYi}k)#@DaA9(LC+cGj
zNs5UHlP5nk%PH$#f%o0x32>Y<O?nnq7&xw8fQBNx$1=6aOPHfGdLwX$8bwEi%+mtP
z6fhdi$Y4j9oSPd3ex$b1zZ(iD?hRsv=rD+b8mG)zn+vaD_=Pd&oU;3ouJ&=GC%uFb
z1Sf5LT)-_}UO;O=Q=a~~XBlP?AmY>U86VHyg2v}lyVW!*Bi#!GRgjDnA2`kI90aT(
z7B%q^!IvnGsxSY`mtzj?e2@A$(`fQ=E@ErT4P~BoW0{2bia^3j8S|$!*_{lBy8|*&
zJDrbnTR>PO2syXIf;r4bTn;~gZM8J%T*4M^kcT<LH&)wiW00f9A1ryz+&uFhHMoe8
zSW@eH71`y@<aU6@9+ZujF;BCgsr;K&zIo*l(lp@gymn5(95RCmWT?qF0<LkP37QWX
zDYmsKNYnwlN+x)vu{PzUT&v~rZn;GeG8njn&Ha+yW`LXppW0kzkvB-_4Q1g{^FA*9
z7}8*QSnfhUnxE99O=rJ%XU!f~-KPi+A!bLfEvjjSmI#MviCEmsg0}F|wpVdSVmC)V
zBx9EIa?QBadB(!K8b4wa=RF)kbqUN$JxH*A4O5Tqn##-D;%28!E!}lo>E^OHS1E1P
z8OijA4=<*=+*O{P<;b#IzB<ZppetR$8=WcrIHo}^tcQl9X$Tz{D-v2<6IAq~d3d&O
zv(8dZHIZB(=mOKkDzzy=V!}c6&R~~gbZPi@l7@UYSzMoF2evnnie;<&O(@m5s{hvo
z{T13_j+TSN{m-5H0t4}e3v|VmFj&lz92*-OU26*MJU~-Amcj7yzmb$Co>G#PDa?>s
zAN#CBjzy7}!JKJ4v)k;>7Aho3U{<dM6+=P9<o`}4#IOr(cI&ZtoCOkR7@uS=@+H{b
z$(GHj)*CvI41$3f((3m2O8gQY_2z?6sWj>hBhBciJ6uA@0#?nku<z3V!&|Y{n|l4W
z|Cwz(UTr(9_b_UdRY1ydqgUXnX`YoL2Um<yob`TZ^1<4G^u(b$abvx!{sPN<qIbjf
zqtW*RUc$P&(FeQ_Srvo>JANJlw1Fgp`;x6M>UqrBsZ#=@H$r7H>iznmuuz85kH$$C
zRRtvt8DWwHv3bhX=Mg6Z(qb=<>Kk0Ic*a%~`G3Sy(V0R2!xY$0nLa04Q!_Ib&?zL}
zg&VxOG`jF|+ORzeAPR*dDZf9L0N$_f9u~Qij`h@(9i#LrsWf_cAqUitLilnA;w=e)
z-EgGO4v^~bdMS~PY0`<#$pX)KVw>C6-YIw4DE`JA1;AO1@}UO7xcB5PUEMXvCjvO*
z=!9UF0n%}a&Tvr#!}+{J)PIjU781oJMbO>#`GB&Csuup5(RI53GGE5I9_<LfZg7M@
z8E8Wu(>|20%5CMzrDR;ER9;-jv)NAjqqKO4T9OIwt_6qGMx3{2q{!P1h)HdlK$FV9
zN4I1K<E4yx`Lz2UU7G*?O&c_`Kg%lZ{l_<sC5%^y=(^301Rxi(CnBO>$*7F&%E7i7
z?_QK-am4b!uP5Z6_1;kAQcDYaM`xnKz-VqkLBKNf&OzFIB^Mt@G<rV4%siqiLvQMv
zzU*8arvsbj*>?@4zHXPj9}%T+SJyF@*3HdBPk*WU$O?gdIj4vctvv!(MU|_Y2QuPu
z)E4#8-JpnEA-umXb=Q#l+L<H;Qf$)J-yV^%xkgSDjNQoO6w4Yf9(6+}T`4eiH+PW1
zd;j**)YDyk=x}r4mv!={lJ}5HKv=UPwo_|h0;=k$W9D%(rVM*<5#p6e5pD55h1g4G
z$&TJxu;m!yZ*@;td}T>?L8x3#NpK|IN)vesm=XvGdO_JgD}z-D;Y~_NyFsA!m>nBf
zuRcr*?S$gFxvP?qh?`K8sd|QJ#a~P}r{Nok)$gq=#f`6jwsd^xTLB8Ywgl!8;_7^6
z&FPwiS`>*CS=5urW>Qhj0}l@fVBoaqH8jjDD(ZlUc-DoI_cxgX{Y^TCuW&L^0itd$
zv>>Kb#W^j%I_t4Nw>Z}*VOA0qE8YKDZwGT{V+yS7l)irivCm?nQ0#YUbj0mm-`Nhx
zr{mWE3qIx%pIeFk5HrDpyOF+)F})}WWPZ1KU;#PNI5jeYdY~XZP5PV!Irx%=9K4{^
zZ6fwpA5~j#ZfB*%o%y^I_uL?bWgbcA(7T3$&9o<KHjtJ_=TjVC)M%r*VW2kMR>&$P
z{__*~xIs*$T4di3-+`J%i~lk3%pTHAs+O&EYixQy#0=N@JDKLGA4b9CWfu}5%~@Ip
ztQ4V>tF8h|-QwPG`H}#fFaEEek+vTg<Q7ifF8%}}J*OL@$LhSJnWHvhrwhWF*lFZ#
z`)`eM7KLw-vLh(OKQGuaQ<bu$1Lx}?oRi-gRJN=2c(k}8t(~bbyhUm8W1Vtjx;&>X
zcd?1_Dx-{HSzca4z|75mGNYg4;DZ9$XZ!OL)#_7sx%7Smi;~^5MFDnLqw9@w=Fz>3
zijthN^lNK*ON(g8^)8IO0{QIo>+I9~zzp(z;6KAc*7ZZ<;rp$bLEzrHji;y(7%pPL
zaFBEg&owhqIR_lgfy3`FKsmJrj%Zo5uXu$_-aLDb?2Z?P>Ium+W(&L5gri|h`Ih4A
zZtj<1xo2~s%h3<CdVsM51g`$Civ-Yz_v67Q3lT-ymv!Eq$93a)b&AKWE(<f|vzOcc
zXgA>E1FF|DW7}<FwQE{1{uh<pv}|#~Fvu5=z+9bf&3`BK>vYuU|E4SWpHDhWDeO+1
z2oRkU>lTAaWwvlMo-iPFbMbj{ZihDrDV@|X>N_QY_)xw*6w?mdC6c=uDm9+d(MqK%
zkwHDt0so5nABcWdD(4eiD-z@Yx&;Wl$QU;H(j?Uz&+X#2)3VEqj?6mU-Kbw94u&*o
zT3%jqD&^j9s^WVGgFol-Nc+wMwvL9&Rm&xWc82-CT^c^{F%8`B%VPk6zx)YWru*c~
zY#7^W4F}Ubm9s)<ynpso+iFPIKd_M`i(_=PU6=H7*A#AGrQT?QJ8{1)V{Dtjw-wSg
zRW(WN<p9Oi#!XH7gkbE`imkKT@n>00@*>N|_4T`2q{EApXprC$xLB^<<;-WKZ#8Zj
zrZ?x+%&=j_x6ZmOuj2Wq;uKI*t<S#v<rX$c_#rR5q9Fd6yE*Yu6!D`eR^F7va6)<D
zn6gAdchK4b^jEc4fSLYKm(`QyVYM_FjpjQB&@bJE5#_2gQBROj8`jNmLUZgi5fdkl
zH5~^Q76(&6IbI?oxO*4^vk_+$F#hSS2itL|SM+)i*IJ($Q$mEZg`nOp31zR{A9s;S
zg@HoX>L32ykv^z=AL(3u6#ujwOV_ATkqg^(YcE<%ibV9uU?osQR=PED6kgb|1$BQ0
zh)6#kUqm-#wCIX0o#$F<tq)pz|HZrjux$}sJ35#BI?LXvGZgb&f2wm@rR-8C39?uA
z<>XnKq1do5B{FK|G>5JqxKx90mlU=AKuJdajegUu)|LGsBAIX!WV7;v^!-#L2+EgX
zsi^k;F3}Q^FKf|iabaO0X0kBzRl$i%oy7;uqRB{+B8x-2GY+(S9h48ZYI7U)P(ve(
zjqz;JhJ9mBwp?1~5@2$~`+=O(`BUn^c)j&k<D~xEWb_Jw0VZD|-7L#`>VqUpKVEyl
z{@+?5vd+=fjKM0n%7HJS{<@Ruaa-U$?`(X@Y2&vwrga5v+ZF|Qnl!-w7eUCN0V%}M
z>5fr`af#8nl(Nk+1+2iOE66@B!8T28k31qfO$qjI(Y;uDu}{&C60=(BuZIm<QrPz~
zR4C4h8YySFISLYwAr#c!c1{{%?_uOo8D7n0o{x_dDpW+Bu8R<Klllkh8Y6Ps^Jyko
zo7m|6lK;rJ3{q~FF2_3)wg5|nU}gNO`~}-O7yX#WoHXh1du2ME+yN8KsP)}riy3?~
z`Cqg7zcL|pHmkBcS`Qw&%8rm_I){AAWgJ#3o&jG<6jHu&n#jub#Pv}MdLY_yL|3cQ
z>Db}60~wR)kgQ5o1HElZ;!>Gsl9#sN_9$<hTyT{wQFszU->POrHm7ksFI^^xaxtiv
z7rNOQldaPODLKm@(`?Yf9Nq48Co0X8gL5H2LajX0tv_*70NoS}_JN5tFo+U#Ho;yy
z{cDwwKNh{LTkc-4xzS>KtzLNLhUN}(nSh_XkqyhnHxE;YqQ&fWCNFw*_NO6u7=Z$7
zfBWTZXP_wRfiu5@?CV)?58HsSEe-w?)4Ya@MWoP)H`=O+Ls70>h;uaOYueJ0eKQ;U
zie}&rywkrejTsr{RMQ1C?aFmD>oOz1+|reU1+SCr_6kmw`^B_M*i>)~7rU2iTV|!p
zDT`ZUh}xL~L|XS!|Hyr|Ez_I8^)4$ys;(0}UaSrsae=r=0}H_5eDR{b^{M+a*iu_D
zfvqIy8hnkL5oxgbUh2(4b}A;BLhidu%SE*Nh6X|{5sm+5Ac3^oDVVj4X`Uw#cS5Ts
z-Z2{;tE{QkAUo?*u46#kt6h>Vb=)GjDZZ=tUm_`fojLej4;LHLpYAx9uewa3DPQ6Z
zM~2!%^R+OQyK^5EM$$3)iY`E?+$iwA8%R)v_A?ZkMg-GxysDtAHzL1E%agxJpRqmO
z@oc*_?-dR2-2t=k|DOfm?F@h;=*PG_lWMhmE0*^5z%6tUMv7w&s%;a`3m+`=zCa3l
ztk~U#X}WVPqvJZVEMmS!F50xiR?I6zu1%_bZLj;FA6gM>JwF`BFj$j43|p0U7aD6H
zpbm#=!;7xmy&M_Mj47?YPPkW1euQPxr6YOT5uL+=QLoL3JMPw%;G<YlYmJNk-u|(v
zNvti{l1F@L=~vY&xsx;AdfIgY%e4Qe_Cz-#{SoS9IjUf{T)UwqYCo;`a&OGmPSkt<
zR~Vk-!0K9*>^0LfZ0^-Vw7r+Us!S&tgRii=^3uFUZ7`1q)64wwx~q3Xs$2GXFXN53
z_d~c@!~^#T&<bYMt<SHPBy;e}rkH>vHo?p*#FD1)bOb%?ZCRhTojBq*fmT-8^P~M(
zT{F{LKB0T}8(udSX$v#$;YTz=U422=={xk62Wfl?g0-H~KWx0llL}4Up2KPc2J3f7
z>lVVu<fmjNYQ}_^F>cC<$Oc(F;kng+1%<PSEj|B*2En|4HXd3)dXj-sirDWj;ZJ*i
zV3uz=Z!Yhsj)%`vU><c*NF&NExQF}p{3McaXAN%)z+!EAQ9R(tSidkF-}*O(Yxz=_
z(aExGyFJVnb86V5q$VjM20osQqqh~LZf>vO2W9cbY)<{N0W_M3*Ay|oZ6qngzhvze
zoUXGrR!05dc}N%$H9d^Mja^94XiTmZG0b6rgf#9M5s;b$gKV;@B7Nbcbn%fUr~4Yw
zT8^NQYf-Fy6+rtJ^&pVL(gIH+Pr4FL$*^3rMpReo^q;GHproNcwyduJ@wjy{b1_w}
zoR8n@!0&qfOyq(d#J)`I>+<r#TqAt0+b+G)&GGYl=|eOzdMm?qhGwzNQ?AV_mI^kc
zS)gz@m&9ycf9}^`QjU&L4yIu0d3x}B?6GThjzxD*sHL6SffrcA20~5AI8sITgVZ~>
zt1n)YlPPXt7145nAI&WS38-nKaOu4wVsGopNsD1s4QeW2mwzvg!e4eRf~(H<joW1x
z?LSMlZ;MDZup?2)KH|3F><}qZ6LLNIOK0Y&lSH7|cWbg9e2`0%a;0{S(Qet=5NM{V
zVB3$a>kjeq4FCQUKQw1(;<WESa4uR=k9gD-$|)xN4q9iq8#Q`=yJ#bjYC>cTk74}*
zMTXbwfM$jZIwH$~K`b{kHaW~OxMq0LW7G73Qs);OoedTDb0cf6Vj|a}@(w=bbHUQp
zu~%)wD&79<ZQit-eOz_r5~}xv;!Dloy?rjX&zI5&dtO1kq2!I{5?L+i58Fqu3SR$X
zuYSkR=hFjW$?-N)^uguAuJDG8jSYv;Sv0hm`D6Qz%gqz$7&FORlbe~z@$2p@37xlT
zad1rMT91B7ytm}*?D>PUu;!tyiB6YD;4PK=o)2@Sj^ib)cAC2wkz6-XzzY4o1n;vU
zsTas5XR#7Vv#d>zDXMmpeD~qymuEm>ZD3+z6~>uCs$GUY@FaX`$`n%T7}Aj!pY~qo
zJ>+7!xf!UgEuC<jIB=;Y_@`F~C;e=8RQ0bM)KZi)PWtJ0tI$wkt!NSUd3Fs?VXy`t
zBxFx_S4@;w`zX18)RHmuG95{MZIpTUkM}f2)3rwu-3wG-84oUzbk!IJdhjcOz0@6T
zLH<RP2??&BV)FYp;)ruBCzPKXo(L{J_5nB$K7NCus=bdimfXAl{QW<Qam=z~y3hWQ
zm4ikWRXK{TvSpA0?N(_T#1Ke%8R7zdpd`IwK|5EOv~MKQ5R}5&tILW^p|j#})6PF}
z)`ZpD$yxl2I?28sgqOc#!#PWzrQJMH@xT0oq>QFdthB39Ha5E26l8U~VagFZwGigJ
zc9EVsZ-E0;)gFNLg1UsLThW}YteL;mpdXGTB;idl)kV2TG}^zCAQFO<^H5_4a;#H~
zQHp*~3R6vp=`{GYejwNo6o8__on6tOeLm6rBxDttw?-B)s*{~A{&N#IbVRN9aKrgj
z<X+k7F94#xo_&|_GNU76!1yz=x~bvMmMNXs{b7XU8p-xk8-{||cV(I}kEZ1P!h<Z~
zvnlXVvY|4Fe_EJ7-Zt~V$%(OfXGL$QxHM=c4JQxFe*df@&0LX6EJ8(c?U$*eV}9@P
zN@<0A(m@v8D5~CqIwyT&BjVg2(Sk-OvRbw+O7s#cM|eYzfH~7RjQoDE)$Tj6qq`#9
zAk?9V=>peY^Q<l_H2fBUzb(P!9N4xDq%rR5T(3igo}WD|757bZ2^M)@{r(u-<f#GB
zm``BYH%s_cdig#_!J=RC6#GffNWZ-y{E>-LJYPVY`0V+r)2@up17evi*M^3lv?l?Q
zNaAz><frC%De^SsD^t{N97M*PL@M1k5#c^*jSi~UlYsw^sdo&{G}ywmC&|P!F(<Zd
z+qN;m#5Uj9wr#wzZQHhOCntOFI^X%Ke?RrCu2%J0SKqg;E9aT*<2`{UBUYqBL?%Pp
z=}LL3(-h+;m6ffnz5afJKmr?-!Yi-`L83|_3j<ct?JU<~nLwTVz|LY?oi^1DdPzEB
zh*hWrc_r?Pm^S+s{$G`MmPeNzeoncUf?`uz=R7KnVb2(>I_nlzF)Kl;Rj&5a{=%=z
z3yIT%1JCwnsZY-{Pu=7r88Ib-^wX*X&dj+R8n%!y?`~#Nvd<*ctBQY{T9>XZ&>Hsl
zq=F_$%fWUV<CX0-pH8^ipLD$)Ml1#C=n90%Olc5y1DWVdHk$^U?Qc|@ck;g-nskc!
zc<7T*W`=4Pis12y^Z1(H4N#-GUt!T;JbMJ(!^(-EzkQs^2;)4mRtC4W+OvbVnhb1F
zxZ4%QaXB)#Hd)n)P2hwJ9*YiJJm25k>1|!NZ|0hYp2WFk5snq0?p=EeZP*MEkamo$
zg}lgJyrowP6*9$6!&VJt+glr5DTt~&f5O`Z?ks5vMUa0Mxx(Jq-V|tV1vo7H<vyb#
zcYwxMyVv5x*6D0Zk3h!K=W1+{ZCL8u;@PS3UN#hQ{i@t)J^_F6Qwf+AQ+0l+XG5g8
zWO;Q@xu#bywK5}-yBC$NGzis12_D1dDRp|tQwdor6;jhGkoJ(*8`fmsLbxVicEa9^
zysWpTL)eJ`^Bo!ag?T*Iy{v8k=5N>FKC@FNCe1Nyia8s8Lu4G7myM2VUHYrDU!bBc
zoFf!yJwW;!pJFrn2Or>l<AdRMXJk51OHf0a+Y8ws1SWKlho)^Vq(r>B0)*iCrzpL5
z?J&=}pRCQ<C`HP4fx^0bIFSHpYSA6WaKKm^!%NWaA$eT<^340`l4vg|5_GF0WmN79
zYaPsFR@SrdAk)7R_#55MpReQko?cMET*)el!Mc2+*qXe4o;l&{pIwusbdY@S2BHo_
zneM%UG}>;7SuqGyIQC2fWFDa$5x{MZl##iK=HNg?)cn3LPO{SsXL-V6k#LxDIp$bF
z`KVK03baF{i5RLPMLcI8o|i~=H`i^fg$3R#W&)qjyz)cQhzfm2)O;veTCZj!ZR}WC
zQtTn=T>~;c>9&HPMb1@+(U;W)NU|+qQfb@7BYFK|!8Qbq_1%`^QOxS{u--omN84xN
zYPQtLtZ#^?7=BmvW2w6>Qp7q7>>h4A$hboTL|&oxuzg>77O8n_VPBVivSV+eCM~jx
zjrqA2Wy%j*n8`md$(lCD8^YnI*H>xT#ddd5M5}Eu2(kp4w_M?uPT69Wwr0&bHfa>G
z{X9nJt&i@OI35)Tbx3wwhslw^<esn<oXiA-a!d$v{tFh+(!$vwMrTtdBqUsGg0yQJ
zYHfR#5g!?6$fAgEV42@kQueo%{XAN9e`!?Io4Z9V)1>}teYAvh{xjEd;dqq$$hDsh
zYzWLr({8V{YEIb)IolIZGyqM4gLQg%Ffus`<;g~q%={Qel!y_Dc+wCyD7e*Xg^F8M
z>oVLq7Y~uO$H}g$3z%eA30hSujY=#w;8gZJ%BJxTQ|dAlC{%kP)=diHYG6UY7p9V4
z3d(Ls1+i0T=HO7I`WUOMIJAxQ)Zl8dU*4BVbopsTIKlO&wX89*N|#o!nmWvAq*Fyk
zbIdUarWPaHIX@JQpdfNGPVbQ};o88D>1lvnk9=Zb)s284hA*72Q(kVmdPW;C=M#V5
zU=CMly!6?}N+=<Pj8-GXO16WRm9!85=6^BRNm~GCVYPs8tO13BI%59UA4Kn^n?ptZ
zXl!gOnx=w7B@dQkQo~Up&p6dRk9q@+Zlt%cuxC+2q}j3xK!6!mupBzf&}(q<E}1x~
zwckEKINJ7)DNE*{87kD`@qQ?6J$P}Mom1F+QCTl|DL3;O^$6MAF>XPsQ(XjUKKE7v
z)48?a(P~IBw@j&OI3zMx97aUl@~t*8hdt~=zBvBwG>5A+_7~-7nRsO6vJ+Cq<gJn3
zq((ud<fw5~9TV_QJ&&X-A$K(=48engG(Dgk8$ghd<bzNB7eqbNI58RJlsJHeoaeU~
zraT-cy7{`lnajE7^x9hKXl){uF$HMxuxjwEVJxd=TftwnSj+k_fg#QpBwE-gWSv}j
zPV5ZMx4&bR|H)xu5^iJg3rAp(Ke#k_p=5>dAM_klq(1!)e<~+S4wjCUJ&X<ZK*q|6
ztwgSwjrvY}nf!D=PcV?*)KzSnFw9YJcTP0Eoap66;gGNAchbB;$AVS}5PDqTbE@#;
zY#bO_lvNi_`DV=LPD#qk+C57wEUOWlM*X;dK|1eI{#sPZ3eGCiPn3hHPMmY92#Msm
zBzHS4>(^CNQ`GuY8d#AX=F@61r{bcFCRC-ITvS~t!!J`KG(L?`B2(EgKj@My_NFYk
zr;LON`!OmUEhEs#%NTpwj}nphbB$1{LrXHuZn*>1B|qw?#2P{WNy#58vZ*|wlW)7P
z%(-Cq^nfwSIGRM+Es~MiFrZ8u0?@qX(2M_`e-=`%kd#_LJUPvB+V2~MK=Jh%Ykqqw
zzVbLPl)E8&;POJchzRlt>IV1Wk0#cZq)c?w2m64t>8&aXGhj-fsx5%>)kf){|2@ET
zzW@Cs^o5;PTrly{)DvCG%)+vW=m{zbC(mW)T-tchSz0AA<gf9suo>}AS~#NF+(|=^
zmdDrgA@emAOOpi7YBuSCWmryH1(Vs!uZ!YD%&g0u03ofdwrsUGN*OYf+T}*cyh1vP
zg57Q2)m1Lj^732;KFH*MGsdw4Ae5B~MK~&R2|g3LCH$K!E-R~(rFS|Ql)lN8a4Rq-
zM0u8cu_7L(h#Sov$(te#LOunHe&5~tU*n$=$q_@M?J#W-RYBdB*OShV!58_l&Zz-j
zNeHJno5ci?c!?4k@h_BSwCJxPq`MfTBMHZGx~7$xN{c&*^(mUAaKT!Ql^V-1?qm_o
zV?AGYBP^QM$m1s`>-<byi+|&;U<D10Bg$b;tCea%EfqOZp&w6lBu7~@@N*eDiL(*0
z4yXiY-z&xlK94&0Hmz!}WnCmHo@M2(j9T))Qtp4DCESqzjsaj~W1ZN0ZB-ajs<J#*
zMS^k9IPOE#ZKr9th7iHo-j;Srh3;qXGWkK+8*)uF{#cU;<9sA@slgORYayTEYBs*F
zgt(!HT@-t6qKX1&PN_=7#WIGniJ>x{9C2mi+{UYMpForq{g|p9!wtHnR%yYtIdZ7J
zxDrVe+Q6>z;3c&(T*H6z^Z#qp{s_mh0aBsLj)FnT@>O;-8;vJgrIp74bHvm+5{;ue
zftrD?KmkOE4g?6S^s|aX?Qr(1IV@Cm1KB<09Y>u@TpJ?oIE{hQ?EH5J)bRm5;KiSM
z=pbO8R}nB;w9yjZ^y_~$H0Gb~^q@R(wxudA|KiCFu=*uyOTx-EcpnVZjHINc2o61?
zkmy7xgvB2+3v@OLc@=x7c$XzqUGNhwm}+i9+Qgf*f4V?A5fGP%{Ip`ED^+DM7x*u)
z^j~JFm}r^^I$2hAoP~=$Tmw|>TX({^FvX|+Jds`sx-((G$QWc)Ve=u<9w@Pka#Q==
zMPbe7PbjEHNj)hVZ5OqaF*_G{8kjF<2K3w$YcD`a1JeHudlK-|op@(9e7``%(x74N
zDuwE8GW_q65}|F4gm!`eXyKm9mPq@g#3~8#uCPwgq$cOr+Sw`Yl9ygBUa@G=Y<V+s
zU+B%Fy_~d1nX5-ehqMRo+M;)ktYk0p-0EFPCC^Ey+4;@J9A%)p34unKsoSue1X>%U
zQ;8})D~E?ZB1M5{YioY~#ec}B|FnDI|HPw+UZ(N#foxKHdI0>X9j5OD@4TCH-<p6T
z8Vg!Ty-5I_$Sf-3wK7+7LibX)(xGU#VbT*-RC84#+4?AlXv|eOs+jxsGKmqY6xjf2
zwl-6bR5iP{`j?MROTylhgHkXMc;DzXVpJuST2`G{I_rdL%~#ww+L#Q}_-~nTpTAJa
zc(~?b$!RmGUd!G1P3o^PnHFvBmQESTN>rmz;u1bEmb0~Dy4*o?`WwdjUpp>^x>xUA
zActU`*o8f}^lN{!nhVDf6il#h>dMLcm6D~uvy&j=bQ5VPyo*vQE1iF;)PuX_HvghG
z;KXOMrDk$*)Ou8xeTBQEF<Wy#6iesvqSHT~RrRKNvF80a3^Y^$#vPZMiVRy8w?!>@
zSN<p}GEJ<cIe;p&*zh~Yfu+neuj5=Qaf!1(=V4D0U7P!Vk(vD`vO>q^al#!%0STQ+
z6lElmNIN9L?Nae%@z!%Hj0@tO0!HEv9YV+17MpPS#8Sa%D^B>%13(k?R@^Cbu`J4!
zlhoougf)X$x-&D-<Btd6!tSwh*GA-44l_lidF8?phi1PY=S1HB`QJG^Dis$)<u|$g
ze^;TcFVVCEbaG6kb1G0Vpj#GZ(y{WqKr|MzaNbLFHU~yIwNvUD_|hq*vqco$kqRTU
z*7<&hYciy2*9t?RWzJ8b=v-!|w(yI^xa?Lvz?7xceH9oRw)FqoBjrSMhLC8}XWQd!
zp}DH1j3*rlP-Eq1F(0@%jh&06dEVOz#bD4Itkjl=Rd?oSE0j~I8*s){W0e`=B_rRJ
zA>s=Zh^0SJ>{N~}1QH7~blBM4Lf{84P0lI4ude@ZCl>tv3-BL0{Axd1G9e`8vV_pl
z%*dD32yrZ-rb&LAlRY#K+aUEeIak%Fx@G105=^)v+M8A+#Og27aZVA-hlB>Kem(=p
zpr~(Srs9g>HkcGz(6Wiuu7tnon=1NJucRIRMSTkn!I6th|7B#p;RWme&ME`@LKR}|
zFz%IM<tEu|YqiR4rGW0FPw8J5j)C_vt|Y07NR^rdQY5uBXnrae`_gs6d{&#C$J`zC
zZte!Qh?FFc_4kY-$HaNU`704ErJ+f!?xz+O<iIjfJ(WNULzYfLB!^`C#0Ix}Qq7DF
zW*i{yw_T+5|5l_alqVM`Pm*nF;1Bg*f>@Kj>=eC)(pbylX^~D|T&_Gf6}y6EUx9u?
zot9GT*k;%8V(5PYl}yP6dVIf&W!sk*q2cLVQBhGC{f$AgHi&s;`9eP|t;`B*YJ7uM
z-OVY>N@ywbJ9A=o+dW~VVC<@@2BgNPSX<v<c1~-As>$HsE9L$NYkebhh`zXQjTTP!
zh;;~=NWi)QQ9Gt|@3@%AY^*IsuViZ_ny;u~)-9#`8ox*k1HbD~DFSMDVsC+&X7}dZ
z<MRj!ZiTZ*8g<7+1Ij!_V*g!g?Fa!3$J}EY5W)8T(zupPGy=T`!izFWisEB&ToK6H
z5)Rjp+ceTsth1A2`h4V(lz;Ea{Quv?<Bt~k&$O${hqV%Hp07`dTg^z!kwT*6QbLoc
zfJz>{bAT$#rkUNbU%^G&dv_BM<VGHl^t9&!sR94_U7J5Y@=JDT7O#`81+5W6Ih5*$
zJOEj(@SxYS2d~mph<ZZl3MI0oFWfyxp)CxZml{r}>SF65@C_Igme0VDn(U;8yW;Uv
z^FoXS*QgIBo837jD3H>jpvgc6ZJ~N`T#<d;U);u;%LYN$8(0o;pv+~e5ou3cvNpM7
z<1~OAibpuJm}`53Bk`J|W<+pEy4#6!ghN~0LFWq)K$kI5UVfr}6r9ja?<t%3=4ARX
z=-IKGU>op`W-o)NXPKzTEw7E|3x4jeUA;p)rB-aLhb%B9_?9BFqK4iT+ihshDvD3$
zYO`L=GTGTfN}*#NvvGzlL$NgF1ZKnd;z~6qFuJroD=W_#O5#Z%mN0>HQ7FaXJ}AAo
zyUTl7qu7QO)IlDY>7vjy4nqj4<3UA$+FZe{XQ+ktU76m1Z|eCVlDJt=OyH!OovMqL
zvrLepDnFOiQbUBN1cmgMz@v|&hUM*&D7BHgsI9MSU&o&e=Tzf+<`W(-Yw>GJK)m$U
zl?m;dx!j%F6;NGugUmKro@jTN2?>2_2!&wAd?PBku4{XfZsnrR&}~PPCI^p{FvdNC
zVOs1AqZG$0L5oPY_T>~6&iPaLHtXh%w+q}n=x?t`k6pyt6X4jKgmYsTy2MYgjc(5D
zPRI+bOGu3Wri>4O?xO=2LN-<Er;~+p#k9}ohFqG*C49ZB7w)@|!U)HTQh#NC7e-#*
z<Dxv$Sn<74PEr{6(Js<`3-JlaY0Hsl<4mMj)LEsF!G{v(T+pX#!NsU%@n2m@HdojK
zm~jop(s=e&Sf|&)Tl2XM34>)!_;WB?K55~fUpp%FG=fxk&3C`Z0?I?<bhK8I6Q#WU
z-TiR!w25A06B2~0@DBnmu?3|N!9AL;2aZG`ew)Qtg2BxQ1egb$Ve`LlkzLdTl<Sz(
zBLeFf+|7eke!Cb8_WnZ?Y$R(ftSLUD&|28~cVYtMc71dY4Jb$d84-Bgxs8Qigp<I)
z$g#D$Nf=itz5Yurq<(sabj7^hQ>Kn&ujIgui?s1XL|Ai{hMXe#wRC%bpI==Vs#CE2
zUF7zl_2I`^7?b6Z1)=+2X9e>I9<qYUjo$FDD@@INPx*hYR?*5*luDQOMAvT!wB`Di
zo4w~QV<FEIJnI||%>LYyh)qEs=jxf0YN-nEX43(9QPRvuwJs(gD-$yTURXP|jrvv_
z!+<SnvK=}2ySDP+*{dO3xQm7qSoFKwEu7|$R4Pm?CGka|r88PE(v1=V(4oBm-N@d7
zW#T3L<qZ~Y{b`mZ;um|WYlcG?buF;ffa8ki3vq2U9pQ#slwdB(8dvx**!D}sO9I-y
z`-Kbuwy0EX$e=f+HPG72s%dOD^Y;bxcl6W1K#%xv%3AX(%jr7w5(ik3@iPO$^GNU-
z{K5zvWc&nmfW~k@z9;+I@Vtg{k*n{9*Tl*pN4UY%7_sDM0?o$;ZP9}Tq((@`PetL@
z1AIIsG>%elN^+tiR<p!vwQ^~)G@6&&F?MtNz9i94ie%oXAduQbj*+=x6dD-)mlk%e
z*(LxCEpYdz=>Xg~IG35K;>a?Hx<}lDTQ<mj%VQPy<LIxvpQtQFQ4lXMSM*J@^ULOS
zW<}!{oUQCT<Wby}l3$ezek0R@4(VXBKv_l=DtCv*aY6lwS|rCU5CVoxV$RVePcfDS
z7KmSPvdt~SWeSP1MbKKB;5Mbo0;|s2Zg3c@tELuaanBH^=H{g~Nsq&x?qXU*GETLv
z%3%xP-;QC;BZ_pSnKA82hpL)ut0K;&@eZUJ>)L_hjbXqnZB@4sje%OL;Qr=ju9b-G
z)wDB~gb_9P#tpS1=b01aB%9eLsMur$5<}^Rm6;Lf_!i%!jyI0=-EX~t(!N=K!#Ze4
zA;<~8*tnCCV-#v^yM$<8I0wkeS+e|u1%o74bTG6R&D#30-!@k0PM~0LwAROk04oEa
zu!;R;h1j62m<7@AN*r@?Nd)K$>QCE*Xpnr7QA_iF>SwljXwo2~Aeoas@tz)uNVA^$
znp|*)U`=AeWpQ3I5HY&e5E(*I263(NT3cb+@Th$MW3JX+$D-njgq3wdt2o9A#V*a}
z{P+{6_>@KkQk5u(Zvnu^$yZb~RkJ4lV<k=)42TmOvGQXPNsdf`SK^d1cx?aCrJ~6O
zmq#^KoALo#+0nn}-!2JH_D}i@Y-8$3g8HhF@gj_(Wa|f<$Hvn2tRoEx7Iy0?F*il=
zH{a!{qt?N2S+rsHwzi#|NgNt&pqf})!i;d6rBzCsbL4NcbVB?Eoh=(ujfHdKDW`lz
zGt>CDq7hzFPCHvgc5JF;RezR4QSZCqpG9&qgH<<BE$N#FmlkxpB*i$~u5Q#`U<DP6
zs%hzKMxLePq}trVVk&5$CnQBWm$6BrEk!yPPNs==BnZm^hNqua7P-I?zj*O$oP!`U
zuH3HEPuuxa<BT%zvNxgIVX^YMb-Ys#)k8##_i*%mvNpolv5gxNCOo_Cz$u%*{3Y6e
z#C}z|cxvI=r=~Mp1i>P;qt+~fOvAi0OnXo`M%zNG-?jGbnu96#6V6wy%i1d|S;%5l
zxw`)tIoHStVKvVVT0>rN*FOHrKPCME{F6TIWRv6|Tgd-Y5jaPn??Ib=xgUsaV~4WD
zdux#lS?DginpJLc9AkAp%*SH8P(>C^^3Xk;Bx{XayO3f|;AT#?qNqsI5*!U$L@#fK
z<0NtW!#*|{sEg~GdpnJyL&H&;;Z5}wKN)1YF4Gh?5)94SOVU)d&*>%KFV%rznAexW
zTnpc~p#?R$;#*UDe4pyRnmX8rt^4?EiF9;6R2qwTaAT}aufU<e8{JH=YpTk|E%fR0
zeC!$o{&sa$2nG8Bz|w#!<>o%>P%-MAjSc{y#;bhpEHOUZknBrvIzdysrLlc|64<og
zfP|xee{b!U`qVb+;WQz72w({ovH1w(`07ZO3X0fYT?*`0X{`CWdwc0qVQ4Ik_#0n!
znEHD+NTS28puGvNIVn6INkUTExIX|gH4*l~&B66%1m5kniS4E>HJS0_@M*==#@}4*
zfU?u|2u#=YQ;5~lGdkVIHMr?3VSIlEx{<SJ<BbsS5|}4QEF~xHn$$poce}nZ*L<Ak
z;kI1}uhDQV0hEv~NdBF_b-SzPF<dESGM9YiuvAHRJGuAw*Xakj4UMONvED0JSIds(
zWixXUfg#=DO@mvz#}j)|5vlD&_NL*dK<skTCBa9e*{}0-gK|EK8zk?Sd+kMKW+jb!
z|7cu*pH+JH4x3uU&TT4F%V#Ixb|1E!oOvnKZ?BD;-HyG~Pr#tp>HSttFLp*#a${5D
z{dO_h^<pMgn}=gl^|C+xtGla_>c=EP*wO8iiSG6%)<4^^0(PxUZy~YU>o`%ERvD&~
zH2Yzl2Y@!+USV`E;om<`9jzIaDznACnU-!&lpTt3TyF`s6fT|3F~1Y-ftGx!Hqyr8
zU%HJBH^_K9BP*%O;%;u`(R5dvYDsk>qg)Kiz!xgHP1eyQK81o@Fu(&x+n+W1WZM16
zw{IEhwG@oWV=3GNuW#pabLVDH=qo;ZFl5W4pg7J$mv*mZ!3jIiYf;ME+2`l4k5ntI
z?42mH{N`O3o7<B{O3EkNgSjnmr$@2Zw{n1uky35~)tr0V(N}7@u{80TZF8I$pCnQK
zW4~&)?KzUfay8ep{tTX}Mq^w?yWnX#TiyABM+&Ji2?-oA!|Rl%W6pTdR9O<dF|BLV
z8xmJlaoTFzS*4>hN_lZ!J09hu{qr28gluPOGHdvx#wH`Lrz0t{)dx;*OzhL0sw$+4
z+nw7>3%uKH=bGz2di?(0p4Fn%=bnCbqH7x9;ceyaAlvGRKkU?I{o~zfM%P~1o*-5%
ziEqqFESuoz`uym`DEs+w_MrNG0INk}!y%L?)pNtalT@7&$3znSdNebcX>##WD#h_Y
zYqrywAoa}cDrv0w&iCuOhZUrWBYHQo%HFV7`m-T7!Sju~(mWV#62_Ow%Og{T;K-1$
z+*9WJqIX?7L#+378vZn1soWGRS){AV>R+1qw2;cAt52bf7ydI&W|C7gNHe4bBk$YS
zokRSq&9=7B_>RsDgOryvSdun>eULNbSI0i=x=*}y&NfN;FJs2h5?C}OG#V`chw3Xt
zS-|CwRjGtyV2;5(A#Zr-Z$o7#8q~GBk`c-LbuD6}L0m@W^4XP-fiJs@$*vXo8Uh2v
z&?%h0<1;|Oy;>vE`w;khXIJ3hgUy}BB5S8M=J53GuhA!?+N-kP?aT|w3EqE)scqD3
zhbAo8yS^Q}&%JS8<*+8NpUoewsPuKRj`3IGHPS@f7l{|&E9+H_6l%CKdDN`8vy)$D
z%K<(qFXXvJ-3q#vJ?pREPAMXES1(%=Mb%TkrQ2UQF4?XQ<p)W#Ty1cd;I4`G<U9y&
zNO3do*ac_`l@Bg=GP}kJ9<pF4pT>*1^-=n4y8O2KA&`iy5O6m!6AEOAF@6i;uA0M^
zZnlPWC~fY{l;S?4)BF_>g_TOW{CB%S)N=Qr7x!WVDY`))*5j{Zw%qKuU~@&Xd-K9g
ziLp@O?l0$Tb6^39ha}ag)cA!U2Gkq`0I$g?^og##8nDXW<OetH!PG84{XDKb(ztNl
zg2cpVjC(p6Re@_G%X-6kKIMA5d&)hc{VT0PW2st-J?{<R5t%9d2_Bb+;Si9dU*;Lx
zngdY{D%cgYg|&|0**bUJR>|*~eDJ>qxd0RvuyfBxfDYFN7t97MzMXBJXuC5#gOCc1
zsn-b5!zqoPhf?%>qt4U5g9HJc;*H>$K%LS0EuKESaku%RiNnsJuYu~WwEY7cVr8{%
z-^iA8*NNeXmOEE*7)BM#9jq3UM(PRT%Q9kjy(h-(Xp}(fmKsM$^gA;%3fSZ-;`zHD
zRa26?k8IiBunFIosul8^n_0!yzQ`pNgq9n;q#GQnmPR8{bfpxdM9K;}z{4=m6!543
z_L|b>y7TG%Gf6qF!4ui|m7ev(4sWot>2{e;WUI0zAZ-1^6MvuOq3ZM8-JH%Ucj@*z
zLk!xwGKZGWzbPwyET))jhHO0FLLrDrS71cC<;|M6%3(juV~B~lHG-zD>#s}^$Q=z;
zs)H0)>-~}&B~yH*he$86A^DyZ0GQ2{{6%IppA0noT<kbkKN7mH@1Hvp8D$#7zwB>+
zBSx$t^KV^cKJ01>@LI#c_#F4l3M(se9Fb~gwZZxuMBEGap8R_)49e|P>hS*Z-RItE
zc?dF_Ip1PgY_N<p$#Z+c-@&`Do;O(IX=tN9K$~O;9+~jNid_6?0{xKTe#uz*{4I=o
z=(Aw+UCcThnpjnbkE?U5b%MZf1${idAzQo!@{_$=@L_c6<qBv;4Q+1Vd7;S*Fk=FV
zrqxf%uvoul)x+K#eOKxERhLW!Cg?&B8IASXy+LGfGqNSTy2z~iIpi7Cu|2gK{3+6T
z<>-BLJ9i(K8ot5Rc>R_<tMPcIEB$rx>sF7B%wxe^HMG9|_|EIz>w$yz<U(qjqbzYH
z{mx<YF{WvCB)M7#rD1{)Xoe1!E;un2WaETJ2u~%_7}Z%XOZ(~<rQl@|V<MLJPKg}Z
zAHj@FU^J#-v~((9MW!8w;TTt`+k8w0lNuI}k$PG?@CE~NMrQ{dCqO__pn612r>^F-
zm?Voxo1P%m|HUXq&T&zNrP5oIL#!h!8%0ba%-EdgTQN?gtcE(bgTBgCgqG<CE#8uX
z$aX(8wP|I6abri5fWsPpLGMQe#OlFN*uA)3?QK;Hqp-3eCR1=^?+s@7w{9ysvbOrr
z%%xJKg8eRh!wZ9_2Nv1^8OvFX;^hW=+sW;O;J1s-n^CjJHRhmnpaFUVA5KtB879yd
zgp}9?TkP{m{0n=eWTuq3scqMcrpHT$;IJ0P`BHbp7fiMp7piwmTTaNBLyMKg;h7ch
z4^Mo^C6nKbAtZhG+q_KmK$=k)9ev{8d{G9<5imXq7r=-&%vis0h@svt#K86i(O&M9
zeh^u5t#L4y@uc5OgJR?M^kJiK;um#}x>~qHHJ)|sX9Ol!Z_u~fo-Fo;KXe#&KfOlm
z!AT=tQ?#ZyHhX~b5G5n*H+f%%I0f}@Jz(DQ)0H9EDD2xw({V*J4tnmP*jp2nz^=yC
zog-!z0QEuisF0x`rz*iSallehiaT(S9I>D0+w+Vv7JlEAzS3k0>G8%nd&w36Qksv+
z!Wb6P%4&YL7Py@_M~K7cJ)a#By};ymjdF5V5=(rRH$W_fNHJxVQ;>t#K(iUZk_4N|
z(Hr(a#Q?dFNG*baRkzYWm!Qj-HChEnP(hOZ`^w8o3E33=WGrdXyC7wq;;AzCAK*{<
z7M@^sah3kQ6UZ*O0Uj5tWz4OrKHNB8XZx5SMLyP!eZ#b(Q;b&|7CrGVqhpr66D(3#
z?Nhiq+a;LVT4RCnO@3|>P<1t3ilvHBqOM4zv#bT9i-f5fA_CV2wrORR-lE?VMm&s~
zP%W9Zr6>GyeyE4IaQA=M6FxyO_aVe~wonL{R0s2<-*)OEV;o<asp8C<W~Gy=R(%IJ
z#ulx0`UGYfjb~(Ru??TmdJFZ{UJ)4=PO0a5aZp#VD{k|6m_squBJ=}1SR!SmQXhmN
zI0WnALw}YC^QDBUjXu``E>O_66`JA}ENJ$B;R$?gX^+*%c0iY=O_05*))=?J9i1b1
z7IaN43|MMzjpv?unO%pFG0GDA7(y}*AMKw3R#OI%!YC_HTB5dZfgU*v#yDf2v0|YP
z$Yuhkn2d2$3rxb7(QsE*mac^XNU4I8Cnf;XVTU!YsD2P3Oa{tSeTpe{z2WwyruZlR
zpXp_B;%VfHRZ<7}<trf3i`1K5Za5w`lK-ZsslGLwAUzx0(7uL$lW|(6iAQ@NlfhQZ
zj|ZVm{swtN<!I7I=Qqzp0J6?}XLVjoMF{7gMph!=AN0SoIZQkRbU%K{TIQW9#{Y;V
z>f+(e3W%&Asf|_#Bs(p!=8-_7%qZU7N(T1{WK$Yhw8xb9_+@(8H4@i`dC_t-4oGm4
zJSg_SrK*s%LM)oUsDy0F))gS{m2l#%$vu6oaKW>;jNYyDF|{#inT%OpsmuaZk<9TC
zRPLiF2H_x*iJh^RmhI#W^o|Cdcb^BJ2BU0%4w1;(yD7`tphbV^@%cgLV**sm6C0lx
z>)Pt-l&-#b+NjV7{@M<U#Jt>V$#5NUZMn(4WZiX6y|s@}A7z=8k5{n(;HiW7yUJR$
zsoGrAPFM3O0GK|o$!l00#>pVfwDXYw+h4&J?{*t&vE}L%$o~po;97idI$h0$_oUCi
z1vC$6X#N^7EzVj@Gro_KQ}xt!JL>}5dRfX!@5|?*o|P~qpI($lM|QH(6sxD<`KaMT
zV+{Pp1}K513vFwQWs^%ZbUx*Id4ei*kd2mYCqIC*bMu;+wB-EK-YcU;em%P@#^Kmj
z2z`e!e<TtX%t)a6fLrIalBkg1=HP=YtMZ`y71L#9Zf`5@5_+MYpM-<iKv(aY(NXTQ
zkzk8MaFlMX(eMb<{cgk7uSSmsz9c$5U#U)Ne$8mL7gw-i4l10@@fiW?c7pfJlt{CR
zeMc5G6X>*P#@le^<4I-bC7;*p$9@p)iG>x)dbq=Fxt=Ze0S623RG4@0TP}{bRC_g5
z3paQE8%$RLw8_9a<{`V3$_i!VN3tOiYu%>#MX+B?%y;YgtslYgB^whq*lmtJ-Wp9}
zEe;%`x}6$qp42%y`=hweGnJhD5I47pc7e_MCWuVDja^A|=DtEwnzH4S?q>tH=Qwjl
zPlm10p_-edI+_T|KeUce(MsBvjfBrLOqK3dS;}ObskG&Du+<tV(I?RptEStumda{=
zTu#SbMnAEp>X7KY*wY*d^taUP@1{y-tDqeTFXI-~2oZg(vg@?#YBouqNen+%)?(VF
zXvQP|p`-fYD4KY!N;$WMFH6#5cyg=4R#M+2#Uup%dlH1QF1geU(UJyke&U$O^?Y0A
zF)6uh&^l`liU%F7_iI#nVdg^z=+aQ#^~q~Br3GY+GMk{{B|u|6)CL3B2755qX@?js
zS7v<4$omjFJxYs8qETAwWr<N3ePG}zh|PtLM6$9?+b|8cP*EIq8=L6&|0xHuBzm)r
zkkR59dDK+uxsxX6^5VKot~#RI8yvIH%Mq#B))@mCeDr|9&v_T0JyV9Bi4D6a-O)}6
z+inJu9Eg&y%dU;<Dwbgjm*WafTH`R+jfvRgre7UGsN2&@_C|OeF42I_ru|r1DM2NB
zMu274529|HnW+Y*h3i5jN0+{BRe4Z_N-uxtLv*Jx(S*Laa)i!{S&HjN(W<@EFU#Dz
zTH}GhC79sEGJT}!qe<j>XbIK(+y!++jhpOv%7})BQdZb2=l(1ksG6Dob4Op4vulKH
z?MpYLL{QHRTZZxHw0W2~X9mWi5$l_F%9(UYm3wk(Dl*7$LxrgrB{y%`$V$v?%wEdZ
zAv;fy1{sC{G2Prb=;*)QN0su2T??m$wJFuHnbb&{9*ftSx`pJEJ(rh}nwejPxtvbR
zmI2}Peri^6r;sbss}P*JPC_vGSKR@h50e3#H|2DvWt?%pqCEAsUV9KP>R`9hbbcYb
zlH*UVd3Bpf-(E%(+zvgJn7GPPU6Z;NlcCnznz_{=UwXYjw#Gm}f&C`F`KiJRVt>BQ
zD-bT4fPtmTmir)z2My(%OuBhBLZfP|lLdTx);s2&Odc00zS(DTKmC3@CNz=nvi@PL
zqcTY(JLK~4aJ4fNj<`K#F+chQkX>4GIzGyN3G#M5isuwQuFR^IH@+yPySQ5Z8`~`J
z{JD1jSnikRdZ_zxmh4^R0hc@q*d+ZS(ZH%>mk(_I{8g#WO*VeU^GcL>sJbUWChdNQ
z*6<Q_ai22fOhlg^zivB!I7Gec`R#~S<Lo7sZ~fk%eXM<cJsP@3?DDg<;p=hB)S&Nx
z5(o!Ey~@J98q6G~oGN2KD4#tz2AgnDC2#B~-q&OO5an=510p#>*shE&w-=i+%j5DT
z+(iM1W{o|M%Ty|jOsAbwxoYPxPr9_Z>N>V|gaH%}vTVyBP2zA>Oe&NvULt2;A^&Le
z#8s3+$dJVggl%<&$2?+d3w~}1rrrcbuh?2T2mK7A06!g55p0MN?9I<70*Q3k8zu|=
z7k20F7rcdp1j#5|81uJnQ?sF!MonYtN@Ym8;na2ey8Rs*Fs`bEHvwv+*=@X@1C`3m
zz!+GOxxMb-t@WA>*4(_sY1CWD*Y3Nu#w$Ya6Nm)q1|V+IwwUCSdT{D9%09>6JM|&K
z-SO3wah8QeU-?6(ZMqT!r;z2O`$L7!25L+{LxMXe^_h>0Rr{y1b>mg!7PT4*KKGiq
zXfjVr-;cg&+Ni`O;AVlC+Y0z-`Z8E<vNS_fHZ1;Qk#g=7je?yn%G0M%>xaqG2*6x$
zu4}XO(!KVNnpz1aS7+JbpwdsD30&(XrME|}A*%cNI&(b1r;38hXPrW0s(5NDHM;c_
zFq%<9EGncr#=RkCMeKNE8FQ&Gf?GHhcLbkU(|w;?`TPij1*RTagG9r{_h_&C#Io_B
z0`}*S&kuApcGk4!FAXOa<bRr41%s*HJn!aBJ}$jV@@2b?%&0%%OWyET#<^U~0aFp8
zWwPK~eM<KzWv1r}IH$|Sl63KMA?Karg2rebPVTo=_h*osW$W}At+edU0mM4VR?`&j
zm&Vpb|1xoTUMHqbJ1Z<2ZZ59CY;pGH!llhCu3}c7dP-p*dv;cfH;!~Go>(Dgly*<S
zEMH(j%QBnA_&V<@Dfc~ZQqzaSn+P*4N~)zrsA`qjTl9kcZJDy&RNvm3JIiia9Brlf
zI@)xvyroiA+t1K+E;{s(3j>V+q{mlkvH<Y=<fi3pJosY1x4;i*ZkXy}MOK4sENDHw
z>riU9uD6_BjfnszK*^-Z>4UtT@9uABS^S8M6Ez(fe^uAc@{6{xdwrEa?TO_daEXjk
z%33lS)%loB=U}WZ#Rui4`)r)koodD-h(m`%T=gT|lc6oNFOb>uasao|FgDWRUo2cG
z!#|V4Z({-Kt-I?fK_25kiQa-egyrmjyZidI&Udxptq6+GVgJ)DmOQ=9CS8q4!#~Yu
zn7=ch{w`E#m8R)5oqhtHKhCozMuYiGY3R^ELy&iER`cpY5fUCeRrQ`HVZ0tXjLQ~e
zFE%wwAj?V{Yb-}T<HESQ9%p?!dY`nx3bnyRgrd*Lx|*d)u#0QnoJ&kN{;t%mI-c(L
zonm<Scnmk(J;ek!2j^@oG?pn&WH^YeQ77_7IUe(apbBt4nJxW53`w6RDvvT(TCH4d
zuu8?H9nW>X#JzCs)a%g#E}c@>3L~m^zM%^gF6rb)Zy?NFPI=0GIZkSNZDZHJZgWr@
zeCDr7bhv52wjZy1u8?f$^D#alDBg3<B1{(8n7mW*?>B}}Ox#607McHj1gzt7bL=`e
zJ*>LEqLF&K{_?3vu|S!N8HB&#*-(*4^TIqClttoZbuE++msnxxLq0W3gRm4qyQGi8
z203Bx>k}@yRwh0ST2aLrb8q=7+S?(-A5nolBm`rGli!1gSL)km^2_%fq0bf*xf*i?
z+x#ImGC|bryNTZ9UfFUj+OCcK>W`&*N}Uu!3Y-z^^dH*EbBtVH3V&RYT5?yw!<aDk
za+qzs-I2}YDyfNzK6_mN>`^zKo|Yek$5xtj)tyTX`f3ZU6<wHn-QT@#V{Xk-ux*yq
zkD!^Xyj)DPofTrjGrE0?u{Xe<Vr4(KeqN@@oe(wt*qQC8$R>IVt#|28#_8K@47B51
z<8#JtoSnUL&Hnecf4@-hklgiK!(ZZKW`e2#8fyTF?HHMlT}I6&^mteYY?8O5TISI%
zx9a68>GH1EV+*ETm{undkY&wr21_`nJ2uIuH^9pXU%o=F-E{xjbf&}RDUbItZuM$C
z*Fs6fD^<)~5z}=`?e&>8b($n)z3B0kA?(|a*}C6>H-E&}q`BIKK3&aj-DrKpVpzl1
z7Gw)ncBP+RHl>xDI5Ffy<L!j=Qq%dC`SCh?^!$T~Vha%dd9xkK>2(Na<q|z3m$^F0
zEAjwfEpyT7P&_gWr<Wo<-70edBv?+u{&Dhsve#+*oQhS$Z`#=nhnC9%*6oZ?h@u_n
zedbQSURj%D4yJb&$?1OLcGx_GaE6QCPnN5m`jLEeoDms~dEZkb7N*%8EZA>7aeP!|
z^FkN+_<cWXJCAQV+d3^zc<K^+NR0lJ`?y%ZTY|JYvE1Fm;w{$uI!4>LKHyt?Hu);<
zw7bYYF?`e_<@cI6a(sffnOXTAP<+8<foVJXr)uu1>%!~xI{TgfYrR#31l+{j5cV-$
zua`p%+XIwHwyjLU_{PrbnuqEEpx%4A5NZs_i3VJLyv}ni?M3TZieo!^%K-pyfTe5>
zJ=D_n7e=qs%MJH$!}Sp`@|SK8<~R7Qc|cpKjGiDHZ>nosXUm(TmAZyR$orq)k6-@0
z9#ZL_&beddytjzWdNQ2(n3aOPf$3Y1x*J`uie8K#-$jXshYOpttE#v5&-o<C0y5RF
zRPUE1Y$}&OL_Do*upKyW23-zWoKW^RP5-Rgcdgc=$?kn!fb*hjTm4!OrFd4eiANPm
zcgmsMp$s2A4|MB7y!Ud&r>|1&Kk7E~m&7z7G25Fwp@&CS)SZ)9b-oxrj_*uvZD~5L
z((%5v+pb++Zxiu$sC9sc4_7l^o1L+?7k#gb3wp|LX?!!_Z0%x8uP&t*(T$}Kw_VD2
zzI4ZF2kYhN!Kv<EB51Z&8?7uW>+2DD&o?9J{{H^2|Eli0NTbIrT}80mc+eOVGn}F~
zfpxg;DrcOHT<(0NhS&BJ-mG*nH_7I95iAT-7};l$>z3K$ZQutYV$DK$l%q<|WoHj!
zcwa(pp%TPMMl2kuL9BoO{cs;Ade-{ogzew#1Bd8j%KfUsKj&-$jeBmZq6F2}g!wz0
zY5yUsh<ob~>Y-8|G5SXib>l$faLeD`%8<MzCe#d7xvQ8c;yWky-PxWJt&bROAzs10
z04Lq5$AtrpSKB?icD^oS{<%5R_Z)z-x-{ug%@|TtSb*O(4Jf(BN_|GYpCY#>$GY;&
z0Cd3mZSrfzgRZ?W^*L(#EWOKgMZ4vJkzK7|LT2Wlg>B;KZDt!;I5zWMkW^F7o4awl
z*YH69G|~hPTv;WEF)9eNBr=_|sfp)2hr0O=$I_B<GP)y4ed?Sa0fuDfhT@pk>c$F+
zb4r$U;n&zZoypjRuHrqV<XOsxhSo&L;UAdQg2tZiY1P{6`F?`@d~eLmq_y-8<nVz<
z{tV+2`uRIQj+Xo)M`3OP7?rv0dsdh&6S!=M;(n9*yXFteexKV0BE@tj=K-z7ehRqs
z?Sg{hv7x+?F)U{A|8VOoX15KDdtb(f>f(c}`t~;dWQrEU(phN!!Nrk-F!F9EW9{?~
z;1po7!~K>ezh!S+xfLzSv_ehT&qEY_X6Uig!`4IG=`QXnq4L(QlA`0(1Gp+6Gg3|x
zq<vK#wY{F}Jx~}9{Lyii!ICCll=J6Olgjg7;nx3SaIQqVbY>~v=N}Jy1X~^-ust?3
zmYAsQnx~h~6!5S@Mi=Dlz?06Z;;gEz<Yjn0cbJ<^)&vC?4bLkls1Wsa-97the@v(M
ziS8Cw&6FAna_2J}oL*yumayZsj~yy!VURFQIqY<kK@YEHjOpytg^7LSnJOr;`8dy^
zM}9YOGpc>MQ)`#YhnCfSsI=aa>$iL}yzPoY?Y>(5h7qXClVM1@fu0FxZv)NgTn)sL
z!`p8FUH85#8h|2pj`$@5TE=lXDQH9?$Usp+o)|snKNpR~eWZt<6B>&7IDy;bMOo_W
zaX8@NFK=#2nZuB9YSmSFpr1~BR7Uc;-}75KPlIiStIQNc0wsX>$nSbJ>XPom&Z|2P
zA=XRGX41vc^X{YL7{G3<P(Od3*66?rmPvKgs%QUu*~?F%q#FnVWQo?vuUm(V%0edo
z=4WH*83FLA`#DPNpe^w)4oPhgU_07kc3qY?SwDNWT=SKV(*~NOJs7J&BoI@(@4jcz
z;Q-MHN77!FQi4T|M}J|Qrf@k&kd&O^*=v{i+11q%Z){K{!=qi=2QMRI9vjVet(Wf0
z{*>b+Sd)3*T{MSaKq_5ogRUj!n_CdmEN#CzX$k7K?-Emevt#o*uXpi3FWWBXX0706
zBIl*~(j9+50aaDYa!ZO#h)pMr^@Oh8$08JrVzeE)&skS4KVZ3~=hrWU-t(@s^mVkv
zq)HVLjgGJgb(rZ<eC6Zb57Yxvlhq8nf1$*6df3~j0{S%oOIe(aJx=aSWiI}j%<4W{
zU0OCnxbd@TZ?*0R&R;AIBk|*)5|k_vpKmm;ipNB)ws)niwFfEY&JfL?|0EBJvn!jn
z+O0!_4~f@e=WP|y#5J~?(Oe6C&Pd=lhAu9CzZxeLr;^J_K;WHUCGtai4AvO`4q83~
z{Hwd6?!`9YvYgIpwpu&H5tQjMdqnwbL&It3m>Gy_6+y=)>ycMuNi5vJA|`h84!XcR
z&+awBw5Z4Iw>68!mt9SQk<XKgW){?H>ea!4|B6MRsh1lR)Nmal>GnFVnv`5j=scL!
zD-*dU7=2h#<JGq^U}GkGF>sB@SPxooFGO9sEzycFHBhHCcRI)u3vukOblWOxx;77Q
zV+xC4J)!MY=S`O{qGJ4g*00ro_6o5HCn)KL0!SAA+sO%YUpAKQu#{Eq%add<;vrmh
ze>^c`0^NzQA?N!2yKwy9UbKFcV5*PkU_Q%w3E(>kTt+t`WJ7j#S}PE2y4f)aM8W@8
z3*c8jB9A;BPsMgFJnTD173`H>eI&^mD}3fnQw1SpmTe1^Z$bk0)<ug^!`4n^qWTRL
zZ%0r}I5T~HQuXA6=1i>u%k#X~{2l$aDI5!>Hh+?d_B-Zwm_bY_ruJI^H8qNKPOt%R
z?hkfo8F-Vs1rFiQ{hc=VB4+fIMWftkBdBLRIKD#{40H3u1n^Hj&2Gun=T)Guzq8+=
zRw>gISC36;mC}C(R>shmjcxnZh|oKYKvK-tUU!9oY1?2Eoha+}7SCE%?|%0O6_|2P
z6vrT#v1px<bl_|q>gce_@R^V!ot^^+_@rI{#v4jOayLdQ^D)PM_tc1=QjCZzA>^hn
ze5WMt_ubV|dBW%&v(K91SkqIEFsE;aaXS$|A~`7?b_xP1Jn-7mwo1W4SQa@%8LnbU
ze~YouW6{)Y?%#q6q3y8#bXrCeSvqqxnj`or$nK26n_aUOSTN$Bb5aKg_~aX|AhKz+
zUJ`U4tyq<_+0|3RXCzv1xCm49_pl#tF-8DIs~%8=*;X<CKNv2hK-%0WIGAnL<n9B0
zsWT%6ByC`7cgbqo+`_zS(Ym24H`y4y+^3x_V&L0?cfgxpmwcgZo-XS&TsAc)Q$a@t
zasxu<oqY+W+wGN+c>o1$`w8`RQTwGfEI%Q{GGn*#faq@rOsJRd9A^e;(8O;0XQMG-
zZAJe~u5Jgv8J~Zq=f?`W0Hc#1hquhz^Bzk;jvo0^Rm-~I5nULJ88sU`>H#;(5}D)v
z4-yS>-HdQvNz$Jq<EH8>K0s~KD!<_b$>P?BP9c}_L2f;%LCdv9FK2G8_CMQFai}Rl
zQIU|{x8K$?i5Ov@Nvvc1ScPzUL%Hryw*#7@s%p@}QuQ!9wy`1I`j+XBCL8H60Tj*{
z@ZO|Rt8BvO3f!7@{Pqx=<?roCsIR+}BU${ieg<XF_o_+gAl-+|oY=%~D5zA!*<@|W
z7D?E*^ggpsgh;oFV;$ojLPgjnu0tqoBqKhy6*zNyjVDL-ADtJkpC4wg`^7}B)Zn&!
z_X}8#tOharr8r#-h{2d!)N&x5phOi@rrhH8sA+<!qUwB~nq6;A1k90H9a`DXl2M<p
zLrtbChy;gQ9Zg?d7Q1PYO5JXjaZvbsjk|-+xY^Zql|g-ofxXrTm^W)sA4(_}le^lJ
z0hZpqsCqr{horczQeW2%)tYoG6=Sp(J3Cark=O`6_9~;qkEDk#UdPGWU*m1oOPJJ>
z3I&sg>Xc5~z86V6&2<r&HuSI@nx6xMMxcP)-2S+nJwUK-nnJ~p9OeZxSZse7k(z;?
zFLr_DD-cXR>HX1sYjt8-dBY`{?NtBbPh|3<*{qr<bOKV~-FpK04OJLAm9ITp;h|Mh
z{95`>!B4HSt_}8hF*u54u~A7)iUEJaG}d~9elqjD8!A(CRq*_&lP9>X$P{wDItA~*
zdfu;KJgLK-+J9`WD3#B3u^o<O^q_6Nq(Z`W$_*D&_Ymv&gl`uIh-oWxg*<P=$El-2
z3M~-6yo_GUia~WmcYRslo`Di|H8Ew83z*P4VuU9~E;)$v+Bwj*34SsA4%hl3p#HZ+
z@9M(rvHd)Z4cwf8%J-8Dk|79wzce~TYO7@rowqt59k=qu?nl1tNDMIU-rmE8urihN
z-dMfv9WYxzk=4w{%vgrhi~s{TxOLn6tQ#&zv>)bjnY<rOTFOfv>AY{?$&Kp18+Yll
z+VPhu)}K<I85c9#m)U2T*$>CzO&bMHEH9HUUcFw$&5!X<)^jd+<V)zEQ!Hg?U$LKW
zYKQf=vkp#?@u9B0EP4y@z)&)$Dfq0}&A#8Sb6uU-G$m?oQ5|KKg=n%G_{P3pA>f<x
zK2!py)!|6!z~Ks{c2W>E2_N5%RbuO^C@u3zg%SnNW-&;jVYugX2|Jmv3iEejiD!Ac
zgJ4l*0iZPla;I-X;lyh#LWW(7G-2<nBR3PAV2WN`m2Tro-k`$jR<#7zlv{b8Q{{Zv
zSUeSx2QP{!JN1V8Zcb+bQGrp6DJ}-bTCEjmt#$!4lWS7G*czXO={tK~JieG*#H&G$
zkXWam6X|g+QI{eZNin&Nx%^11vpH~rJbr8TnwX?UhWU?*GlVWJe)I_%rg&!RA@usQ
zLJx<a+cC~x3V0JS5d{cgy&t)eGZ4;xtgN_;J(nr9<d_O-fwqK{M8v3^6RJ!ZrU0}u
zCwihb{SM4QFp1LI1Oox=9Pim?_{SJcp5$oH?ub!)c|ox<LNYQn_T&9@iKU=2d#9K%
z9tNqhFA2Ej$+g)6C#>?!-GRpPD&XJTpPPJw<#tgsp_N~!?mVr`S#dv?<N~IhkPzpM
z2DBbp=nM=Cgk+CVxms@lHEi77Bp2!d7w&H0Vg@sfu56X3BDL5%!&9U!y!LuZ(;3w2
zRj^ZfMPo;d8Rvs)fT$02uBg%t8I5hH`fdrxW@_w|exbw&%<8;;@a|C`)r|BEuc`As
zJp6zy>>r@p2whxP7Yp1ho+djibZ4?jbV_2lPAB~E8koa~2r%Mcjwl!2!k0pF?7db}
zAjv(rZDtzGL!HGgrxH7rgrrHttf?c1buUP8%}gM)o7>pM$av?fmVn2OjbtH9F6EVo
zN#QzeXd?H!wOvVS!wFu_Gp=m3O)at?#QmiqT{q_X7KpYS7S~*CPIBZqm}t<o?I7u&
zmf6mWnN=r|Y@=NNhpKmAuQXiNbw_M;$F^<Twr$%^I_%iCZQEAIwr%5N&b{}!*7^%?
zjZszKQ+L&~RY45)w<|P9^>vnZs5Z^YRFcU(6x#cqyZY}~Zir|xvp74V29`_^(~dX8
ztKtJIjziyK5Ixl_hGfI19{Tni8WIsRt-2W5kk5Wwd9JS}2R;o#q$xB!D``WZh(IMj
zt3-i!>UH01_GWlszu_$;K?Wj;Ke-_+9))l{KOvKtPr`!g1%}&0mUm*_Xi3c7hak&C
zl;Sy62qPn|%zbZG;pOWm(OQ>RPO~=RGD3GswTcPfzvfRM7q|{((bs&Z?KhyVB8JL3
zvG34s-(vw6_)rSw4$X=gUOhIwouw_i&GN1erpHIV9=T^7*9cnmzr+7}b>5DA%x%@B
zmd-QXw(}#_qdCfs{8aR3aNZ7ip3jeGb|}DvI~GbSzCQ}u?J?H4WB4jZ{9HqEEuSqu
zHr>n*G0ezqTEh*ykPWI4%I|l*9s;lJR8kmxf18~Z(<#2RdJ50*ZB^KCd8(v2)m*J`
z`oU;8eVRERdi?mr=XtO9A1SQ+D1U#+^(+W+wKESpz)cS>RAU{nWRPah&e**dU3u-r
zii$wC?QwTKpD$NLB{9u9d!2c?on?14Tk#b<<tMqkH7#3WlRP<9s~0?$-X4d%Guzvj
zbUT@~+qQEQzhB|ZTYt+&71Xh0FBik5=#-4VcbDeiN+^A*<jkQU!}A8W$LP##)Y$pm
z^Wqe53)jn<b={ll)DuYUM!Rl)&IYL_e<gkr8c#KK@5S>i6rtIvI_byYwmzyhxf!2C
z;CYHysd<a5Ey+-Be8u`c3_=neNsz6UPJBPaxa^)`Pw{@X;(m@jH@b*L^SaK@EVg?z
zFp^riOp}~9T9_yY%5BzY^?V{4<&uz3e~wu-7MZB>$hn;@$HbJbe#4A3@32%EYo+M9
zC$p-q^wZf^%cnf?Va>{?L<k-`eBQjDYAX45WUsIl;XcGuE?NIeuBa|9y@#0!_I$zV
z@m7@s{TWHU+b*nrV{kCjS<^n!ngk?*p;F(p1JlC1YoO|4B9)Lc817JpJd+sU6LG^x
zq>qgNsj?a|8D`{NMltoJJ2LNtLv2e<@gP+HhN1O<<SJVC0tj;Ulq|D>pzahPR!5l0
zPhuh?LJ1D$`YtJtAl;jr^`SrQv1b4vNXPUCpCmw$K~$`gbT!0idJB)<I+)!KFkW{T
z(MtnIWS|JR*(%RXdFcF3q&WwgZVIvZ^$9r8jOh1T=dIa%r9gB!`G-yL=f%yJ3fk(d
zby->v-)+cAeM}YStuuGocTDLUL_bxq5*zlkgU|xQRjQO4-P25;QODNb8|#6U(y?=d
zQ)g=e`W!kHmGX5PMa|NPAqj`(9b}3Q8IPnbFM!O8N9esWPY;CiI$qPmAUJRHP1JH5
z4hwo22o$W%rW_*cU?Sc$oy@JL6z=Kzr5PdmsKa$d&<*+#y;CR#kwQTfWQ5~<df!vx
z#KL~XtY=q4MIZYw)r<*${42=hZ$I0?;F<B5m+*@<JYsYG{k6S}Hv4pWsoCJEiLm+9
zO6qHu1Wj4Kc(hh?m3{oMuV*ulu`G8^_T4In<g!?<n-*x6jOojBiTO~eq~HR!yC|)~
zMysX-H$MHv%}qSf=twg1_vmb^X2i9Hif=wb|42%UlO$-|N`Wos5O&v7@!9rshwajm
zvQ!D|H^D0jBy05RVrRZY)GE*0>XQZyACq2ob;%=gf}@^ohGvB!^wmd`tzWA~_xvAB
z@1tKl-ruRJdQBk?^dZ&nj~OGbrLC2MG9)H2d8{3T@aJsb&K1qL{CyprGE`1tJKJ#Q
zvjqJ0=dszXm#j9Mm&N{W8OaKz9*#G<K99#%k9>5aO7`bHmhZlUtP!dfCK|v0X}6Tm
zBb@fxoR;fs=dyxmLu$#w;mrymcsidRD%gA<;*wCLDFr?V)?0Oa9dc>3H`_FwG2+e^
zM9#<&SjlOoxPBZ!k{8R+m{#w^uC-h%NNiM0_StxzOv{4V@ro=6CU+b&TzZ?Pa3_kE
z+ZG_Q47JG!RU3Fjr2jC{m&dw_UD#Ouj2`TcE|-fqa?MJets+&t(Ml2=!T$G)jrAfj
zZ6NL6abe}9VkvC%)n;}O)+RNIRy-K(9oe%r%}WaDPy{QR2<LfvifhL<R_vs%-gy7!
z*Imgw8Ur{BROm_@)>o<&+VV<_)V*9g8tX|)^}Z)m!E8B#J)@c|ovxMCmYv!^zf7yP
z`Y#iPbO0k_SAL>goP^`N1<J2A=de2$0%tuxjqQZ`j!V}DHFxTkpSaV8d3+uPiD~Rm
z5ho`@jmJ!M09>d!*q^#Itl3@B-ImmhzYqW;-3n&$Tli66a}R*7#WdbFNb5$><;Gy%
zMs2gsG+qbHExW{#UZgeu2hTnJbi3}{%My@c;Hbbgt>rvAL3=UEd1HQ=fCW(?G&kt8
z<$2)UyiV<CiMRv^Bbc#}ED&r6mvT@Ec?K_q11X#2W^;~IhDTfUvUUXjq;3`>cs6fC
zfKx>yU6vMUv${IsbDSCNNzh3c@H9w`Gb8S9I11KnHlnGfZqe`8!*u^3JC+FO;tm$~
z!i=$e`59ih7h7VGXsx!rEk@8V82rU!nww^IZpex(2W+EkG=!|YNuYF3hywOoX!*Dq
zXKt;d$cT~Mf4gzaNe)VS@SyTjM=q4e|0b<r>s{mRRe=G+j*~M^f0;!}p-!e5Vu+!)
zv3u<EgADuTCHdH^*T#WWR8q!;7pbV3134XssVy(b7<M=<sl{EZZ&L5rI_21OW(yAk
z^iEyFA^rB#N?06&A67mSDBo_H+Fx*v%NUq*G5jUKhx}6XeA3SFre?MLzAbg^J+q+m
zkua~LP8aH2OQb^$xgH}vAsV;!@}r7T9Hl490OB+;mZamvylfKUuRlgp|BipQinErg
zH7isy0z}##-+D`Em3?O19#%HFu_s+Em!k(b*;flEzVGNByx<7NgS^$*zU@<<Oig#~
zvqV-p1ShIrI=2@4p>C|xZQqW<Lf*hB47vcV)L<+RmA;P^1SUO)IPJI3v<s)JGv~cZ
zZdTVRKsWOp&flLPjyAq6ww}*gjbo3IKh+LS=gAEam#oS2Ug0XEtXEFOdjqc{KP4-`
ziMHRtw4aKjefJM#OnEWH%K1~o7H;$2i07`0K*jsesy%<C;PackIB)uLjb*Xu{pw2j
zP*4A-EMnm;RC~Evrj$;p_kBWQq=m!q*0{CgyZY_mJ&aug({qI;b{8p}({)HMBDg<H
z$86-ox!5BghXie8F3q@F{LW}SYCik6T`!q-iQ=?cw5;MFD{QuJ<9%p5ue+@Byi(|V
za&j+pbu%|}3#NTt(>vMB?f(1DSB~&up7T_AToxh>ZikwCoBzu2W8v4%`*Mi^=k{nB
zZpbAzu}i&rU0~Oys<W$rV(s0t<)E9DPUe^A*R^l)xt-<z>coL-<n?%x1p*35*>rIc
z;d~o)j)R4*!}mz~pECNTM04{7TzwO{aVeLOCVB}%^qk5Da}B}t$lY6yNMJxRl3}Dv
z(+Dbw?%;FJ$W0yu?oiMQqz+zsu?VE%E{bj446wvDzXRrVh&%-^9ej!S<8A1Vwr{1e
z+8(TuS({^m@Z)CiuCAHq*#VARj=NkAL#HxSmf?aZH=pOz!JL6QKU>d~I6sU;BA4@b
z%puC!OL><JH+K(Bf8uMh!XItM!g~H+n&!ho+H&|cwg>oeQV~Dp(<--?L<NMw`PzXA
z9Q>H~kFM^6oReUN8Y>yW;6A?&z5n<(BQ*AT!|&HGmx<7RFY-^v{$K;R>sL3Ii<OGg
zM#4)RiuuMCfo#E_37KQ&r`f!01aQdQzprue7z4A&?w5g&nfvbs84%U^Ja!UQawi#%
zUwTiSwHD}zrh`wul9CUw3Wi3El@gMz(nM5zXkrH0mF20y<?OoT?hXLzz<6!pi|ja~
z+!z`9Wa`m-r}?2Xkjf^!3nd$!GRIVB7$~~8QPs)*fuXJJ4><fxbI;Ie4W(R3sv@*d
zG7<Aec>Oe8g#ww9X#gnh!a$IlVTM|Hp6wJ&(*^2t^c`tJP-x579=y+aa|w$j07fGg
zS1yULq5+wGX$S>lxpzy)^CZ;mw4{f(R3h3W-mv?2(pM&~t9RAq12vVn0CmfV>TxyM
zX&fjhVx3iy?=ts~jYm3-cF|n2Y1VOT*hzk?wh9IlrTSWi&cHw*CUuWATH~Tc8cJ)1
zrh4ymQJeu>N_Ne>8m*EQ3Be$SWcNZ->0z9ibE%i~dVh%}k#3y|c(bm7lxj<Pd$Dj5
zih&GLzurIPN*8N3BE{lySYqX3$dUvK5B)ug%a8X!Pk-MmD_)24wR%YjV~bcj4h=u6
zBZ~y!!DQ3n+Yj85xLNx8Z->vfZNF-~kKg?JyMkeny%ZNpVfVQ1?jNG3DW}Xqp<0+t
zVDe_`&n?v|M$5dxQjiq1dewhW7Te8HaGlTdAQ4QC*!y<WX36gp%-cndv*JfUpe9Cc
z^^Z_Eg*`jm+C%UbaayY8H1t~eD`;(%KB-O^o5aU~e*`vHRQ+PF&-8%sMv8tfaLQ6(
zy2jGf!>qqce<fC*S?@7#7?Fd&lu2_3v>#g=bbA3X_<dLVPfLB^FxxnG*B7KCm!TQ?
zQcBKKA97ixuZRSAMRUK0Qfd~BO`=5C5v;bmKPg8iN{*HerMYb|wHpNFDtWaABJI$c
zjxAq1j2A^0)l|;(Et=q)@#HtfV-ny_f$iIN1T;z)g0aZ{o|V8vYY>9-MX9}KI=h>T
zj+<;lp=kcaGLjY{3rU1!k^=Ik_J%Y{S$;Lap4q-AG+a={x-kX8jEmCG0a;i~$GXnr
zhL<~+uw4bvhVuQeNY;xUfE?V*ji=l@r|HBJTNL6gONds^6}vul(=(1%1CJ~G%ra12
z;TS_%bti*>p+om5h9eBabg1GW=>t+ma&?PZNA%CiW6oh0bN@AcW8CRs$kTT3AlEW6
zh+4_e$s~&{@#q2+t0u^@PmKm0XZXVV0I2zT&f9}au7x6+<9ZTi5=JNlqTq7rX#$v%
zZUe3Obf?whv#y>_e!NHP<ruyXwYPOS1Pb5P>+^_j&w}YDoB<_sbRG<MQH1aHna5AB
z`iCVw>v<X$?5%38M>9QyaIxeR=H(Ng_RD4+%xOL~ysl%2_I$)zmy`AOTc(8xE$ua0
z)N{YvhOXcBu1<5r9AZ^pd3nH6vVYed>ghk{Oypj&lhl`@%x2;lGjE;rk%G4LaXEY1
zVr9eD%~-Rw?=pbA>D0`DWA$eYL}NJD)K_rD(VH5gP3AQ}+1@|2u*gy?%$wG>9RKpZ
zR<&5Q?S2j=?IiHHKP!1U-`?Nqu7*XN_u{6<8^xSFefzXzLs$QMzxp!M(UX*!8~7IM
z`357FL0xWgz_rrC3iRNrtGaENOm+Rtu#vIcJ8?&Scdyc&cS<z>4CAdk{Pme?f2)I_
zYW~Smr5$MPzmJ$-tic(N@+0K9S2d@dk^Lv*>lz0vKdwnK-jbGU9i;yeHqIRfgpS1u
zrK07rcl;Z8IErqh$FX;c4k|%`k>QG1U!KNe6NE7CGGCVc=p&6nFEvajdv;*8YVySq
zan%(<NxIYX%u3erOBi3uE@zV6EN$WE?0PG&aCfYpJ(-OaC1=>@Ib?=gqMj$3;jZwy
z{!H@h=up<xtzK(7N8WkIcw^bwgN~+RovjkTHkf*Jp<MG5b`k>Q{}UJ@O#@Iwr$Yws
zl-JD|leFKqw^<wByWg(eYD<MAfN++PoOE(l<2_BqS%uyUqu+cbPdrALsGX)v&@Da9
zsk-b_cz3(?z{BP3vMj-@IQ=OZe^{PqF^m|F_pkZmvZK`>Cfdw7ZH<D#S2~xe0eMrq
zAcqWMf^O;t1EYDeWV<Bn35AwFvWT}d{pActGLd$$^JSm;$$~5q+LL%rr^uR3g&+ZY
zROTG*23ftb;ID-3avIn0)kS>_TnY!a<MAurc{hnUv?Nqx!zeqE&E9Dj1<LIQV7MO;
zI>Xg1v+90e@%i%8uArjwTx8Qn18hwnw=-jBrnw=aELZ41lG;@7Iqw_?l=u}K-w?xP
z_JWV4FP7U{{G&7%RS<mIjQJ4cy3ND|D<eXl9(G#Ux3=g`Fm@;lH*>ReU7vA2ZqQEl
zPwytXnxBr6x%+W4-vwRw{I^Uhsijo&CbYibWG}C5sc2p*7n<#%z0PqIcc!`c^pTP6
zWtfu99c1Qet)BJXa$4r5UC1)ga<X^f#p39mfotWbP~*rW7qIWZX!*MKcJ6(|z!Qbj
z>g;DFh5B~e?=o@!L&EeSWwwC3>&h^7@66+z!3}U2cNwcxjH^{UcA7g>Z*PtGij4lY
zNF3rND@NJeE+E<%MP*Am*r1EVQ8s+<IoobF(3-vuxQsDZvudl?JZs!@N82~_tLd{^
zHPQPwlKwQ_^fSAD8;E2E?#kcidb>HIJAIGAQ{1+yjZ#LVfGMQ5_l8-ypE_TPcW2)d
zIh2F}lDq+C0HO1zwUuL?2M)_jL&;^i-p$A4qVT9Y^=I@3tARGAxhnjZqm4QYj4upe
zK#i^cOV$7U>27W*+anIArdyI9B5LydFfNs9?V*H}7mg_-D{E<Po=T?Of~lnmB{zAp
zpd_cHqLNfjN!2G68xg2vpIn^z=ie(p5Y0ddZ71&PP*h_*81zqq%E*&Wgdcc0?90vB
z-lB6Wdi-3O;dQ^4h<?<zdtb%=hd%kdKRBI0f41C`wLGhVY>dg<trqO*-+(yY5wFI`
zZcPA{uHBC-1ookFweoJrd7{z=tav^j)=IpoZZSo#zV1iuS*#^F?f3{tUx@62wa*em
zO(qibp^?84Ga$xhNeft=Z~^A7(KoAZeWITgj(LjV6{4f1Y#dF+gd@M!A;&&^OiJCs
z!MZs!N<ZAUq-4xENbCU^vN3wQcZ$2oLwD+9!0YkLkJvlumy+ls2IptIma_tfZ|PuE
z`%}KvLst!Nz871!P{~243e(%M=ke<|KWUEgx@JhO>5>D~{aF5eQ`_tJ*;dDwhF#A<
z4fX~GOH~wQp)YcPXXp6M@8t{m{iUA89NjM_8*ZnfcCs_}WlfhQIQO)Cx3i_^tcsk&
zc4jvDqK5Beh**|D&#UTJ`lku4O<dIJg$};E(y#TIp8V&}n|oqQW2%-yRjLHizx5Jq
zpQ}-CyKa8vJw2yfZ<uRjX&P1!N!OXd!jO+l+rCYnwm$OP-LE5WsDnk)dU?~Iv)iY4
zE#4Y#Unl!-Eq>DFg|UdPWsk?~;kv%;PZbpcR?UgzUe<zs&wWlVe~0)lH>%o|mvux}
z{#Dl@H5!{1-C<5Ia@BNeZ~K0`et!IUPUu^&I?2{@nSUJ`KQbtARRJULo#_mnXpwxh
zd2j0epnLcWbJf>u6SQ=WU(a^FFma#6^J(OBA2YKE(mK!|n6&oL7RBkuMDQ&ZEx3ym
zdBFG7ghhLtUa?*N*YD%+)$38pgWB%%>3kGmB`?>M$T;wOq+PBmtDb)xn9e9*8O44G
zNc$9QNV-@1=xD6|?<SC@ce5IZCgh)KuO9apG-_Zw3R{EGam^zmr<tC~t*jlgeQy#-
ziy<KHBWb3}`Js9v6{;rBd5&^(og!_#G|!K#ThFrF5#pJOQxuQX3oD92>w)ug&iu#o
zB@X|I-oA$Q=F{GS81k+bsW3?{qXt+$1W(AiJ?Q)*?^Az@s|$F@-No6UeP|~6{!Kq1
zz7^lJP^zi!{jNav+LU|C33RhTkeeOwbpKv%8wZ7k0=UR+A<`rSpcZUKyWbfa4O7NP
zDP^TDFctYwrk~WTUNhwe^|(d_TnmakC2x|DXNYq)_tPuZzs~(6nC#7=Pb8v~Zo6S2
zLIxb_;h`jo(jX>`iBMJ5y>(v9UlHf`KRN67)$IS=EpE8d8f;19tg<m8w4x3hM`)dp
zN0QA#5!6MI=V3}Aht+>3v{h}(SH;i4EXe1~lJSY?jK*U_kW-XMP_Z4KKV!|SBwhbo
z=auBZ<qkaJ7~AEx)?Li6r-sQ`KI!CpYh*+q>`>?wc=SziWJRth&j^&DvNY!(>QskQ
zK^6z+TV85c)=8Qb`yQ-nJ_7fEv6I)u0JSwHpDSbBITqMkgSl@i9;>k~<g=9R5@rL;
zo<qD;)hS#>foZO4)}-e{n{;=nr#<4hTeHiLk!HCLL$e$vuy_b`otfR`rD+X(eKoiY
zOeq}h?ShfgF=OTEv7~%tZ|&;U%tI7I>KzYYmnwKdYQ$tRqS&_UE}OR{<6#barBq~g
zqHtPi<RM*2>v<H>dU$n}FTp`xOs_O}jFzcLZPMITiLDs~F{;6Q7Rel!<+0|ub*)#;
ztw|o54lOhi2;q@WDsl`+-RBgYZ!_?9pJBFqEFYf*e)&X`jr)5u`n9PxA(tg;$w;`c
z0;6bqeNgxn(6%Kz(N+k9ac8<usGZfzeKk39?Z&WXRu@l_im=5E{Uw`=vT8wp*Ku>m
z(^N~MBHJvPWH~--kMYqp(Yfzwn|ZMEu&OGj!b*Bx@+KM2b{mczY_^&qva09KziXhp
z5j^HJvY)>AGw*U3Wzd$Vjn12C7dh=0z4cVx3LSANAg0+cTvR+9#QSK`lDwbf%C5IM
z(Rel~D9e&!Y4!W<C8xcqykCs;)-=llWnEn+OI7l-FiE@o+0RE)g^DT~W&^Dy-Baej
z1Hn`<ZLJnt8CEu=GYV>MTe<%q&6}FPTVpK&jWHqnnn+<$Q;*pr<faADIl8Pj-5_09
z5dhj?0m8aTVBA;Ibb10C=X%ucq^!ZU#~2Mm#6<u8+Ah5y+nz1%4LkDB+VnW2<UAJK
ze8}TlT6;Wi-Te)&|2{uIA2e#ZdykY1l6EK`F?)Q^v6r`=<0%;6z?|>6BL*nue7aU!
z4t%zJy%JLyxM9Nh8j!Ji*jVSQT8*%EJh5Qq<A5A~vdhB(BaYC!vGljH-iB}D`wA;|
zQk$$X>Q@E8K~SU}fnw9bUB#WT8L_$cb823|<_1#9TkSKg)xLQjz7sq)ls7=yMY6dx
z)|Gmc8s<R-hdh__7U&#TQWc&!6A<(}+gD3y;Wq`ejPv5zRGOuQ6%-iw?B_r<eKpdo
zbyf>2iAz}9AP}s|S6iPo)4-pecy`w9>qmEOea={Zcj?Wy)n?SRy<rAxle8P55tb&=
zOl#Yo6Nf!V<8Ia5<c&O}<aF!qmg?aI5_}$r_u%%y_k|m+?n$*gtaW~${eZfyzx*>S
z|I;<Z{wGyZz);um`}y%r2QyO^Px6J(zK(fV^~6L*b_#x-*ID(5=2XG!0#_?~cK;lj
zt%v-}(QuQ0KE%!Xv?XXhe9MRkS{w#W=01Z3(baj^hmJCqc0v;wSV9>BVG(jY47m>X
zZq@kPCo4bxcc<n(@hx+wX7JFEY?wauR<c7+J)-_YdNLZI5(U^tj}4om{+oJ(T_CS1
zZVSk!HZQ;|QZ2rgS|piewoi8wVO=+cb=cmzp~kvW%&#6EmM9IwdixUM{wmdL`c=Q@
z-b_=cxw5T6{@^*kGzS)`SX`NXd)1P*A5TmGPj6+9p;yZ|U+3$^*G4_Lh_Pp;ucN`-
z2qRTGy@WO)-3zif-N!n?f!mi<(=y$R0|TlaWfvpP#`Mjs4R=tQ>_+AQIOODe<;b6p
z-Ab1m?Mt$8F18LGvYjP>Xg;9}@P+0|1Z!qT%U;|mjg~!v9fi<d`YLvU8WFPNR;2l#
zNB+OBP1XUH+)AaJlh?khRHR@g&l3s+>7PLDP6dt%3r5W<gbTmJ$PJW3Odk$03LHL?
zH4!uCl^lXa(=ZBWAI7EkM{~3j1}PqksG3DtKH9BHn#80?91AhULD2gii!Ii8ba8w)
z2uRgI*U7OS@iMXkHc!k?;8&}u>i)hFCI+^On?PAHDOVzbz5NqlHX$<uNQ&_0%pdFB
zb*!5sqfg0<i|IS(KHZp)X59{#VC}0RnyEV2#l{0h?DtdVwPBr{?q$`ZNasT6lYIP*
zJTlNEa}Jo4c|^ptUw<AtF;P5&*wfkM5;Kc(ioe5r9ZMb*e~Cw3F+PZ#Ecgw)=%JYQ
z+!}Rex$)e?tfR6NuBX3A$Vh~;TC{3<%q<=+P%H|AG}eW8!$A6hIw`?j$w<j=7{O@!
zu4G%o9w+*!8@o0}HyXEUNK=XE8ww13ZxPkdKr(@G=R%CX6~G^Z<lt5CIzmgLtN8!@
zuz&huM~$6F2yOo`ca)7dA+J2_Uz~-^QTuHS^7{V$#YzzVQ(hgFSNhESu2XfTecc8M
zX0|Ph7Y#C3t%JYa4dTVwg$V(8kQY$8L^r*_m9q)(J>{jMX^2luJFV<No~n)Akry^~
zJoke|`zRT?nUnH(8*$e4R1Rz`bb7_Gq#v1?){s4El$2B;0OJZQMf+dtjVIgG`qt6b
z<%sWSL=CfZdq^RKnSBiWZ>+Nx!D$XSznX)LqbYqk-=rB5_x6jsOl)aJP&-|Q8*6`L
ztU$7%l>2NNGU-vT^KHzJs<#2HLm^ed<cM(ZiB~`}nxOYmlE;}~!6jwpdezhflIHS~
zFx)`u9rRAs%LKL;ERrfN)@5)*PEj{*A!TGKn0!`&tck8b-W?2;%UT)l=bnLcim0iw
zQnar^fZA8109;JeIK=X>U~(=Ua~7eb6fo#KkvSLvM*u`6nOherkX^A`qHO%1{YE2)
z$^0F5!5kh4m80yX(+pNd)&uU@m$SmFadY?&#tD6ASJp?p|M@ql0n>HsO#&rold4EH
zhN9CHcZf4LHt$XI073v~og6S>q94qm&rU21o=%R=o`GuBP;l3E@RuYUWDLqjOjU67
z6m(#`)}Bvryw_Q~h=fMCRs#LwjyUxCo12e;iY3r>5m_X2o(UMh)^Z0&PM?LPz`fk6
z<&7%>V+H=ZD<(Z4!n>HlUALgXpFuFZ0BZE{YcXh?5qThxH7+6)B5tBmsLQ?;;Cm6B
z#LPHrvL*z7!*~;hBY*1XD;2NEH*$RNlIy(>5}80afS5wlFbCBJoQ}=mhNeGxKs?EG
z0$$58JJ5^n%IJ&bUjYrTrZ5tSS;#y}Y%t$=#tPAs1~N&%4J(+=`Qd+dMx?pu84Vl+
z#8h8FF|P=xH&t@{d^xYf*P%3XxmDFL%>j{NTv6c!*b&M*2e44YA-3Mk{mc+Wg0oi`
z`k#RwqmIhrV-MOzbFMrcTNt@r7E~u)&d5DCp$-YrkDe8*Tgasp)S3waB1i%(O&(Y&
zEbGA*ogtrIIVyQpiWzLoWtrCUH`(wAu;m#pq~vA|3tp@}rf1)YVE>^rf9Re>Fj-z0
z>R{@ci4*LYq?sCKZmnY8D}V5QQTW<gjpfn15R%CRBMTdY6w|<ga9~I55m`vOSy+4+
zMAVX52WRVEf@QP3=_{jK>|)1d{+NEQY(?+`FS<NxglyEjSzh3sRDP0<+FJ2_q9D*v
zF=lr5LXLfsT?fY51LM;=ZOnag8j^SN3{AI6JAGm}{FUJ43NQN7uYVSglkuM0o^c!Y
z8)B<Dpp3AmX}k}W_+Mu6kC0(bUn@9bo&P#{-D{`^O;;lsI_*iHPLR*Ry+z4el=vxq
zAa9UO(#W%m$k(IgkBs4ghUr&B75q)CE9Z9$NMH-ob=5GRKq^fY$fl#j#zL$9_;{gU
zUn$oY+iVem)<VTRQW-t-jGuSLq+7B;%TzBuD62oBh`3+WpAgC@ksIN0y34-<=}xFt
z`U@=vEz<^Et;9ZYw;(8bN6TvT;PPsfEwv<_j`1XL&IPMQw1>N>kZ39~71sTgJv2!v
zEALbe2IENNeZbe21Si)Ox<_WUXNT1)NRn*B8yH2N!^NF7eg-P%iau{-QPC7x+8Rt$
z3#4u|G8YB`OQaVpW%w^w``^eZqPi3P%poDPO$(U?%`FaH9HTJ%u=1OLsP3IppF`-^
zy)Cf2>1U#$atP5eH@{(b`{@(DBTa8L(|XN)^~J&b5%CDRFE*$T4|kL9jENSqi^jzH
zw{~$4cgP#E-~(L#s7`~=xq`3H5Nj{3Z`K%)IuT8Hz1pHqCkG=OcgfFAK)R(tmIRQ1
z5H%pLY_0xU*!>qodVGgGZlQE~##&2Am<#jc$L*i)F<~8gRD?qP9Y_1>^i@J9W(m}5
z!ap&33J+jHG^JbvP>VqW@v2hesv^s(2T@N$);OVJHl@e<QzK&__i>r))~jQR^m$AH
z-^eUxmfyBfh=f~WpaF(hCjrza=$9MC;X*Oxm2O-tXl4udleQ+R%Qq7r?j8k#J$h7X
zHAhq}AgzK*0)nM&$~+WG9z#J&*YqG>Y5o>QI@Q^$i+Mz$BblCaG*Kd&J>>%L+1JED
zT;WS{$aH#n8}2<D?#;iCiV9!n_9z34@l3vphf7e<(?Mb3%NeayOQ<Up&%;GKqeVFX
zAon_ffUHe40}nTW)c&uYzz!596PYPFp=xE85@EL=eG44~gqE9|R?sy0Pz^B;9uqgN
zk-0a9Z7-<F5rMA)fACSGCFPFMA&E(YZek{WCJTyQJvfzki^M+#?FLDN%_?!$5M9Mm
zZkxd4c+_^F;`abjVhDNZZG_{fFBVR^e+6@KJT&ypUK@vQ>v*`4*2)C`>})BDpDfX&
zID?g>Su141A*y2e@Xh!fYYbJguhYkK$Y3(-QbTRdr-u0AI6z~C1?VNbKnpcyny?uf
zkx5^4SP%AEeGq_2l?t%LT+JZ}A_%>4B$<_SOk$n^p*^4e@^me;|A-BzIRC{nSG`M?
zt#~TJD}(4e1+Lt7cc&cE{`HEcQ+P-<x<hQ_blf~*k7a7Ge^_oO$c<vO!bp0=Ddu3T
z<|s_S2#Me(T86Y0sptd#C&d>IHY#3+y|C=Bgt=#1^jv3vrWH7|OcpO@Y7&;q6}P{u
zOj=`po~%m~i?G!F0t;tJ7oe^L$lHe`7+PU)V>&}w>i?v;|B~oY`T+^R_8cMQ!o9y3
z6f3GufSC)^P|@<bHhOcH<X>8T4($sFbrQNe%n`Dj_02QHsYIrGL{n}!*pQDdmDd|i
z@y~7jY)^~qJWmR`vn4%<8(@IN!NmHKtG=*3Q!M!j6SPV)gq@}ZeNn^AK+{10?_-|f
z1;NTeA^8!2WleRsOd5brt}xr-=T+DNi+C_%Gkvma-Hg*vTP;*>m*I3&1<PV<2Z&8g
zvCbiayMWg^gH#?{C&U`f3C6F`85nyFTk3>R+lRVMz?Dokv9t0UU}JTtPY=M81pW$s
zzWS$p?ihvY!v4|NM(-*lGcSp1vb&0PaUIu#h>+8dJT#?Z0@t7JoipSBH8pwi3NiyC
z8c0dm3xakgf86H)_jFL!-v4tlr2sKzcLBXfE+ljn;y2hz&a1RyN|Lwp0f{6O8)|N?
zuFfTddJ2-^q%t4D`X>>1bN|};#GEv*h$jtr+W-9K=oFx~p954A=kdh-JT$&ZpUHTU
z`F$9h+SI_z`JQHvW;jfe)XDguc*kt}8dkVfxoed+WXjS|ASalwyopFsd+Gv`IGgc4
zPu<>%lYR5XO&0V$ep`-fH!z^FcV3SCVFO+SKiy1yG+tv{(9pttf|EjZv$IpfYAIWA
zDIaae(Hj{V4AvDc62t^DSQGN$C8DdiBw+uv9yg|iMkqj)6H?suA$QG<+3a@61yxrj
zoJw;c7o(Rj*gX;6jnWBO<=SVaBEL<-$cGk;9N|Egt>~55rNInY5WOkM)2_fs08}r|
zvbP)TX8VtM?3DcUNpAoM`QSS{{A)TtqO0dy?H?rFDEJPFFP<E*GYPS!z=NP0>K()m
z4fCZJ$29jT=o@bol!6Hr(C;YV9te0>s}M(`0sos%CIy}pr7{cWxp+DUg6V6s|6Qq7
zVX(6@^sa$Op`uI#jb{jzRb?P6d0C4(@U3ecXUb6RRKV}Rp!!XfI=?(;oH)hHqT0F7
zl7aA{Ljun@xr;0g2<LXCFYUIE0VG7}T6z1-FG6EaJkTIJofAvsyt6fJ1DDa!iByre
z$Oip@RhKrz-4Xoh>#aI1nF%aq=QWFHCW~Jc)N7;cYQKgVnORE;5s+vB8AIE86KW$J
zCZ9}U1^(y4SnB8}|88-8?&nY{rPPL?gPp=bm1NDsH5*kEyj&-ohD64tn6lMVHACGW
z03vBOMU+_M2UL@8{WTyU_VuC&R-TO`P*k$Avaz9viD)=Y4*m66V(qg_;|eM=O~dUm
zI~>G`;;F2BJ-u<;qZ3k2?vA#xdg&S1A~Vzmvtc1(!;9;oEjI8sqYTrJagR{5Qqp27
zNigg}+J2ymA1nD^D^hMWk23$WS<M2I#q2#Kn6D*RsZnH3FDDRQHYqx#9i-VDqtIsf
z1x7IP3>*TF2+hriv_w*3Ggm)ucvgLARn8SLN0-I9v0i|vTcPnz)bO)VrwPRZ0aHxD
zzS*rc;3G87<1KE{b<>I{H#JF4T$l=lI4ZcpRQd)EE#FWj1kwI@A{0Ypty$dO&e^I!
z$7>7TYIrjusKBk|uBB^58TS}kFthuYB+ixoO7-{6ZXe7`I)~fIww8JzK4pJZ2*zr0
znY3{<yj5d|++mbUSjz8qB2^3%KeMu^6V@vFPDKX6+F)a-qhnJ-jeu$l+zN(%U#8Mq
zFQ;DtB$ZyZ1v*Y?9(T-DiWcXXuV&(!`dFv#zo(c`MMI1b>C`E-JGdoD1h$<zH5C9&
zWltGCQjjL5X1@$06+xnbvg5Iqgt}%34tGnsb!@{29{1)MA1VIRP5w945;ylsfV57E
zg2lyZb}}RlR0w({<WKtIU}7o{t$-rgE5C=5F-MA7n#e>=Q&K5{aaTA$lzYC|Lh6)W
zrK%0svh%uY!~@DXHw0By#kp!zkcLhqiw<)yK~FG62NN)(F)&C+(|YGofalZVxpi49
z0NAp*EQ<x9c;3RxoAz*^c5hCM&*+5#1b`9hiT-=t_?hQ5Y!eXPVG603&>P07(G(Py
zLY(4$37JV#sw)vekhrDoB8_d?{l%>k6EyPl0DJJ(f2}%CPNa(oWC(6lu1}}3a{&QT
zXuI<m(Ni}kL5x5h4S5>;ip|i_cZtH@&hYPW)-XS+#0-9Zp@R7Js<>q?Ye<VFKgUFR
z5(GP|u146lU?pD&>)P&s4)U3e@(+eRPO5=E_b^F1yA2(8fJn5@{44ZAj&Ddq7v+%H
zg}hVAVuehwEML4H8D57L%)bjdKFV_N^M4gI;~%&iq;)TCH9bJ@a4eib!^{$buz0Lr
z5l7&xk4K>OuY@c9l?v}x>6CpW<G*c32qtD|c}`)|^<SW3BMqN7-FM6y$`soxu^(-#
ziJ25)UNH8^&=s^j@_`_m<mm-)3^2<PHp0>wFt(`~wHo+{#(QpkQj`bprOmu=g=d(S
zO{bAE)JEE*g*fctqNxZ#jKyZhpa-d9lypelUMvu}$1$CMDO3)m%b1a3e&O<>c^5N3
zRIJ?+!u45%|NYGtxytI(>58mQ^KlYHsIl}LlG+(dNRbd1Ca;5K__*{BAjxpUT~r9d
z)-qEtqnJMjpWEvFT(EK>K|=Jz9nkRW4@qZgNDCE?ya+d{M>xA-VFD(^L$oY-mSzNL
zL)`EaFvPQYYOH-@;{rvD@#i#9_J~3(!oG?#CI~Bnk)0jgh#7#U*5ZKUjfE-dnVKPh
z4ero~O`nOgFuA<Sl6r;2Z5SM|ih=!2>9U`HZqW1gJMps*#(d4TEcyS)YX4DuddG|d
z62R?;$nklEyL!r`-4$Yc#DGL>NoT}u1BNS!<uKbEjBAq=`P%@DUUq6NZ^OS1g(>dw
zK`&N=w1UOOK>5)E6YIwM#zpI&2Qcmc<iCUZG0!kn!d%tNd~vhuIi_&9BN;zo%g=_O
zfqEH#&B209X2$ad5kq*1K4ygCs<3buT6S7ylQ4o8_o3ul#{kiSkdXEA)|{zh$%oI#
zRB+SfqKE|jHhV+F*$hRatyZa6HdhIjYX}REo>aV9*YfP|o&rIO2sweF`?W(lW;UT6
znP!`UQWk=Qk^{pj`Tn!WX=0oRxR|A9`eD68cJ-%zE>$&lRU$T-ARQs<Qj-Hy1GQHA
zH%f3J;yFKY4fh86&p_tdcw+jG-cArmr}kZI{Id`V>0puhJ;;pD0?Y3z{^H-IT`yG<
z2=wUeX5|Qcr7DNFD}2UTANhCIln_%(kymyFO{W3<4!7F3sqs=#6&EF!TZ9;*a(+Qu
zT1Tm2jSpvTIt|uk>XijZ&2HK-@qfib!Z0AgRF!e6f}&G9ZqgaRFZg8*V<Msqe4{B6
zLimrX2|@_o!k2CiZopj&oCxXc_T@nEE{}js=kUZuCNhcw<n9xjJ4Zo$#Rw3j`A}f_
z>u|DUwy~#F9_mNPzUeabAzuP%?Zm)+-TAGeoHVfg2NE~awEnsOc3gENK$fTNkwV8^
zqFNI1of#oDcy+HezcTjG3Z&_12D~7g#4NPYFioongMg>mr^MHD1P5MY%aXDCkY@Sh
zX0|ni>_+;REK{zVb%SPH12L3z49?PmIoobGU<};c6^OZj6q5_fABn93c2G271+7h4
z<gNnQpGcLJr!*e)FsfK^)Hae_LAg@8hT<w=>MvVGZY_ZRY_BV6p)bOCSF|2}^CMZv
z{NEw;&8ko<LZRvIsv#dqASQM%74oeakcNZv65$FBE;PqJpZg9#mT?@lPIh6`5nwbR
z`Ll^9vxs+s(}$Ik%}|kF4xdyokv>*@KaZ7^r7BEXt~PP^Tk}^~x$6(J0s*8~z5vLc
zZdIWaZ~C7q129Y`v;Ty3oPa9!eKRExU&YS5_4R3J7m<pPw;ZDfJi%ox-Pzoxxl<d_
z0&ZcyGcR|(_rlK9@>~}Goq?-7M^?u_yKr+lKU#mGFhnIL{)saLQznh&CAQO>a-{<w
z&y3;GX0D(TDx_KZ(3A;i=?q9qUjy7-rp8_X@bjimPkIVVSuf+ojyuNo==hwx>pGB7
z&5%Q*;cAEyWBx!nP1!Q?&h9D>SCh**QndA-(;ywUO|63h_&h9piwQ;FJM#weHEe^W
zu`M4=o<^O%zGEm1!cBe~32p7^91G{7xTZ9NT?IkkW;}<9*~vhd;LtjVTh(pmT=K-~
z+Yv;OOKf2GVvyo`$n(QIYQ4(0c1kj1$g9G>>ODX(_2h}nNT<cPJppk<=y-o4NmEm~
zRs<UK^`bJFNpLB0?=J;JIW=Id40mgEIRng*B}ozu)PgZ5^*uogkKh7Fyz~&d6d8ug
z4~3+(gR~Ce)oLsQ8=FCWWX|K(W2d<TC5>E8H_2czNESIlqW~Y#dh#-7ZFNf{x&IlU
zuWyZ=LSXH|`-4B}i4Y8(Lpe1l9nF@0{~QHF7@FR?ECKW`k<t}R4f1BKgqBsbs@VMh
zpy<rSxMBQ%$@7?4%Ti4$;<<oA=r>)bPAu=%YT59Ba9TYXs8sQ(yiQH1Xet!+-!VSo
zo)T2pN@KCv44$+2zZ8!^rHSmg1&{VljE)alv6kV;UCV=c*S3d%cXFLV7McE<gXSpo
zI(ph}(?I{X#FjOOPEHAz&kiJyf`(%8dUt4PVF9#2;&N7o1w^hO6I^MH-~yTAPvdkT
zOuoW1cN-M)#9K;nMoL=Xeg&YzaL=8z0_FaZ=S*AGP#IZj_mKfDaqEDaqbU><OU{uO
zE5w7Gb5+q1#9pZD<N%7VySw^@4dtSSY3&je8uMa?mujLePWRjaY)#6+gcBffnY^(>
z10IAP2(b`sx!hpZ0c)pe!EkIktZurRSVsx+hjl)7=j6{+eY~n-<La5-DzvF;!M6+*
zdU>&~NvFhpje%|&C3cO`)Oc&NYz?z9gx4UB8LKC9Z~NbNYqh`z0NrA+6eXJf*H`_B
zKFiC%WGFk~8YdCtI-E!@7?`qVXvY;04ATStAxU4DRe6|?FXH@{vF&m|)=i5l6&*cV
zUhg27g25YXSPN&`G1FRJ;hbCu<q453UC5eO0PcX9#=U7RmaWY^6}E0Ej$CBE>}*(8
zb}4XO)FMOb%0s$a5aQAX$Q1Gvs10sSIGIIHU%!rYHD-{7@mu!1>ghX-zy5?lyPZM%
zk-}Gi6g7M9DnB9YBOJ!ZM|XC9(mm>UXcP0+<8n89MJg*Nmp-uL0=VS!*s0|@If&>;
zOMCDD^)u*nv5980?Bdf~f!?JAOr9I8VDR<BKRrqC{t|(+x&ipsyqPR8K(fE4u>vc3
znLs%IpdBTC=MmBAQX>GDFj!)d0^HJuRgCNzI{!+vT8kbaB>0%0$3$}1;OA{(wAy|N
z=D@eKPziiWO{hDA_|A11Frwe%)MUc+T4BVTw(d!D_H#PU*Fap-5Pg~@2yik99WSjQ
zG(-ecS}z>%L~iz{;XV;D@2kCc7kY1jH?gX)zZ*d=LO$X)k~)s1KKw9Iw(7J#w&jzG
zZ2X;Op2DF@{#IMvW#9i<2LG>6r>h2&sq8-in8B`&AANvLD2-9%IV|`5Vt6Ecq}NTX
zIs{AN>}VI)5Yj=c^I~RGtroQWqM3;R0v^5z>a|hi2Xik{-5sI~yvV*_FWeRS4DXO<
zy51@pxasQbaLu;}PNnQFWM%{iAudAf1d~9uXvhfeTbLy5o=iMjP|{b8ms7fY6zjY{
zT`bohPRyQ{yGd@oG(b{_LLkF=kRvIB?&N+E>h}XFkF<9Ikn}MCKk}}A8YuE^vf=v$
z6=6Ylrn8I}qViPr?ADfoY<TV+epE~K)`__)m|@!5vYcpMMWXby-~d^43Z?(c34j$E
zdo`M;{RVf6U9b?h-_0dz@#m_PC%2OcCjR^N>oEd;3%$tGcI3XrxC!3*xs|ep#I7Lt
z()xPI7mz;+E{W0%8yC8HgMAKAI^<RvhWM@5^P_)Oyk+4rx*hEQy9EHuk84>b!{YlW
z8-ffg0u=V@-Y>nuEXL$MzPI2zSyX)Jj?DpoZySe#839ztZri$!J!sy9Pt$23G6=Vm
zj%JIh(_H%NYjs9^p(0Kp1-@})=V>Z`Drq+ePsZ2Kld?B;xXcMxplC}lET|C1scD?8
zoQHe?Z+Iz}@%Vkg@Bg3o{Q$MPsO)6`wMZzpImx%&t|TyhaU()o@gSDSJ#RfTK_(B~
zCgugIsv?c74!2UH8QMkGDtRj0=*A5w987`+_?w08^{Tfcl*9-MrNdGGanX)M_%UDF
z_*wk?%)SvkRb7WNQYfDxoWG&?j-UhX^=I;#E!1u3{xR}s{sYFaq9I}wquBofj=7v6
z0cvV$=RvEI5s+#?0Mq#$@?DCEAjf}=e}Y1uC&!lnU8vDi-Dvv?bu?tI=s60Wz`2Lf
zkWCOMXsP+00Z-9Hez8jVxQw7?G16s_{Kt9G2iUqjyZVAgh=-f2CXlheDM4bTqg*X3
z?<v3#c>ez8y2DtZltBL{=%cZ!Yr|pJAiM31$z2Hxhk#&iUW!mF#9)7>_!Lh+J6Er1
zmeZwCL?XiJ2)e^ME2J~%+$np{Lf*hwudJyFtY2YoDFY7+3!M9<=XDIEzpS$L`t9>M
zm7&WbQ@~iR+M;c&mD~|!Q%+&UNz8AkjvquqjRhHNoFLO5LUKV%V@yCyJg864O1nck
zQBR`LrLL1+e%jUP`~02tymex+AX-2nmwvrsw?%WD?R0g$_3w4Yt@}QU-3%GL&J2$X
zjecnrj*2o$9256Ue>JiwSuMmd<bHHt-hhuL>@!f?J#+f$_pI_@O3FDKxXG@KX3ZaG
zZKQAd3?_0K(dg&dn#m!rgxnHFSWbSbbVynXwdC)(;CiR~`bflyBWY!gkM@-4mrENN
z^L%j^rxhkHF8w99%CS27&?QzjGI`;R;Q7b*qDM*~l3dV4|KIeWj8gU{4BA3^Fz`&c
zN(4rxV~z|F73K0Rc64u;9KwTO<rC~q)yca!o~_(+n_oPz-#Z6{;|&aQAw#XOkuRVu
z*vH&WZTF{8ha!>vgWL9y0YY{=#*>0hbOVIe>p|EWqv?kDf;oBgDWLH~DHY{ZQ7C5a
zwG-^K^D5iI`Fy^KvX9!iZB<1$p$NErk8Ijv1P2H9I#8j2fIIKuoBV4<tbKVn(9;NE
zJgRlaf6J5<ZRR|N-Y(6F(+8@N=iGDKVR`W3CrB#Fh~l7#E=PO%IYW7@WP-3~9+ZP`
z?16KAVTBAC(Fd?AI|eJT8qW@`p)hVaoIzh9I5%MD3ey^%0&cWbYK@Hwhzewmi~_7+
z%bt_P`<`eZ;mu7=m<lTD>Z3!YQnL%*&}`ezfn)O{v#=emm%VjHVhY;YfAagS>k;M@
zc=7I!r-V#YNQ5|H^Ya8iwIWsN5YF>!Z7}$C7(#`3a852xk8$RH<<xc5lb4!@3b|qs
zt+sfO`;!xMjPVnuagak2AxjF}F6XC18#CaA#ssUy=J5~%cfCxH(VLD==1Z%CH-N}0
zJ4Ow!t*x4ySMK{H=Q8(9s?SsFdVQ<_E#z<qgGC&nJE)3xH*^xXw=oI?0Xef!{NEs_
z$^v7Mv>HazZ;$5n@LXn<=8K3bUj7kT@p=HX7UIz;@~rguP;o6<$@3eyFbl`cI|Jhm
zJH;E6Do&eHA4~TaRKW`H*Ud=~EOz>#5r#hX3!Te43E-NIaZIL1faqK@l8($G{h}S5
zOp9y`8l6@3XF4=?m+a>qByxbqn;zcEdZ$m3+QjDbMJDXVJj1GuZ9t{sSZICLXF6J>
z-SLb8YNY?|ixxbNZ?+ZeQ3Z;bbWjL<XJ5(?aSL0IAw|tLA{Lh<R-u~xi^y=;0N^&<
zX=rNeh5oX5Bu0xS<_VQ1@W~INf$d`>HtXpQ(=KZ*)O*#Rz9_YF^vb?CXZh!^B<>b^
z=w_xU_uuPe_0B;w>14|ICRh{F+)!Y10<=?FDk>Jk%IvyY;+vC=HYaxMR1t=SF^xZ9
zjpT<Iaf_>~A`{EGX)5GG1pyb@L1T9BzHci{@C~<yzhE8y2vCVM4D~i1h@Y$Ixj_bI
zX}_fRv#l*hAqJ*{TXaF+9|^~!+LODeO3+@<3o5<ibGq}&?xO6@R;TGm;NMXrx;dbu
z-I&eKOg3Q1&=_pF;f4wwr_UnQm%b*e<?OFTnUEHShW=4c^@z`(GAtl@>WVxc9wVA$
zHCF_d<cA^$BB56SWt6lZlWvloj$dCEv6{}_%uM^)GvS5h%c?%6RS)UxCuF|Zo)AgU
znw6`N4y((oACK56nuUgQygdj>I5CSXyE9?SE2si{Z|;m#n&E+|D8Shre=Y4kRi!>&
z3xnW5_OM>BKsRM}N*f#r%Wa$vs<ZlW90MLV9CwU0AS3U6duRU`VOJIz62WfXn?*6>
z!sT{HluDs3W>1SqVYMj$d1Xme;teG%4>FWV?#_!rHd`AKA(zi&_s}EE@5E-jcTAn8
z7?*tWT_WVwx%egtAt$=H@7*~yS`Zm)CcYEbu0mSJ6~oHf_jv+@DjhqF*7Rp)a*c=u
zs2B_DhDE>V7&lri%TjAKPli=#*>xrPsyjQDAicwHl}zn+HaD|smWP<%rU%1ev7*;e
zFcInbJhIH2V(?n;&2f{CQVDTDBBU`;40t*6?FlWeZpNU}>USjuXcSdOKY^GR3B41@
zvfDEei;+uiQ@<5^peL$^z>zqn)mb0X%c2?uC7~YW;<G_?2}SzL=@N*(JTuf=@P$%|
z*h}~@g4Cs`;qrQ8zau;oc`YH#y0>N}w+35teV(E-7POnfvv!X{fkqM}r=-Zl4IlcM
zN9`l&6I#4Estlro@u3<|)&bJnDv?m~F^ZWr9zuW1|2N_R62!3ze<md26vqgfIzI$2
z&cbu^awa|=So7ki?^v8r85O-*C^?8-&rTRP+Z&9I<ddd$i)=Mz33=;K9j1ghheF$4
zZtH9^6nadM1d&xdmMaJQxvs=~hpa2Ly+Ej|304GiiUhI?P;(Chr_W&1Ii>qzarDuh
zpz-T!#Ru<0I61=_2JA}h7<q++oX_|?U(o+>>q!PAVBO><{C{M9WmH_t(sqKohr!+5
z0)x9-fZ*;LU~nh6yL<3JaEIW7JHdmyyZcA(xjFY;>-)QB*6!L>)!k23J=G0%hVI=)
zLei2l_Zq8WAAX0+O$qbC*f3sX)c3Rc#?VKeuqL`KsGcHQcyS)OYW@v~*``x&r%C;Y
z_bi`2b;ee)!V(U~Oxn@K%zo!XK!$NP)qbRSS27h~p6#8j)|?;_8e~zAZ}$0x^dTfE
zS(U7#3Tv_9nB|_HemLsddV46z%st;A795Y{P1>c_3*sL!6sV;@9Y%}L9LkX)xU6jo
zb<*}kB|L`RYgIT*0uDLe%^a_djQW6LsU^e4Kb*%yQp4CAp1<F@R6c{YWaah9Oztmp
zxk3uWok+?XGs8h(BFD-TXXr_b0_94Wv5nA-59l{xx(fEp>!T}R?fLSahLBP;g*L$V
z47F~|GjBcO-nS>vqlxkRjNqO0X|0l|VNZla8gjWPCw?Ia&!dijP-WE3*W+AP{l~O}
zB!5gR?5r$g%F4VZp+3fU6lIT%4;?5jdBPLy3O7B|)vxIW?F3<0;M}`76YRJ7IB}X6
zGjVaKRDGm{<XU^_vu|0~Q5}<Y^UeXAq3_9a)jx@AIqakeCOnj-g(h}Or#o7_OI&Hf
zqcrZt(9vS>B6V{^jybC-VD@7L!N8bc=)r>O-rB~T(e{CbU4LdN-P@68F`(}d1VoAJ
zJh0_doY4M}C^GS5s|9gU(|&b!)efM>RLoloI0#AdaT!txt5d$_0Bk%aEBV7%+03#1
zP@mHJkEG!iU9?PjYnz~IJ<~}Uigo;k(<Mbow{YT>VV38SZk@{Fva-zC0-6v~-YUx}
zYa3UT{I;o(aERizwuoTjiUg@2xuKNkT881W)#-zH@k9tX!(F(Mt%@zyZ$}ZKo3bg9
zN=zk%jzK6$4GfO5i%3I#`##1J@O#K3tPRN@uK;>tf9*(QjD_IDJXRAy0)0YM*u#%C
zv_u0Y%O+s-6E4|_PUa{LyM`yO_{%k8+jm`se3OC%(M<U|i|g~3C5a<sM~!(|>w-5v
zay!}q4#!94{;2C{Y(AFZAope@`fk!Os*1=H_)G4`na0C1fIRBkviydwIt$PSaJne7
z+}|5he~^G>O<_O6-UYC~qXxhK#OD+eTy=^gisv*@lHva&<#4w?2N<mJjGpct-EAgE
zt+>u`m7;2BF^3K1YQqXa>$y+&dFk?9Mf0;>BG#ygog=18YXiDuLq|9Xq{GnY@LulS
zjgwPDzTG!iN_3v0T7~nV3-%_<KyXw;q#vvFl@p8%i=XmgbMj{ELS2*U=Z!S;?A^1Z
zUL4&d8m2VyVU_d=Hg&xx*lV=sUw65C2%u}i3Rw9rhliGRAFcC;Md1|ch5&Zbg+82+
z5sFB0YVYPAJW2@Z4UNI>Mf7ThNn{za=G!Zz3!=RQiF5J@C-&CT1)>7y?~RQ)yLeH+
zcnu>XQjEjoJ9+5^^jT7*t$QFh1r7WATAUqWD&#=g_y=SDBEl?!2F5k9z}6=S@&+-A
zu<$LRJj(zEB!P*=C>rssj0r}b*Wog-p}?@sFk(!ONHp2F>|yG}B`C+%Od`^hogru`
z2FWjbV=F96+wZ;}1HWuB6o^`$Cy7FwR~YdEYF;qIx%=dbByY%Nr2}rNqzIf5_e$9l
zdON%?FjxvZST~a}4dsr*YWd%-bsb8~(L}-smKf*2FDHV2iYQ>n4`pe<)QIOId=lM!
zO}XOz{FLx8R*<A%NYnhHV>2-#X)tW)<O5b&{=0l3oTb`Ppo}M=va{^xN?`M$?Pd-0
z8+>&~LJmPSSS(u2y^mTBWn=TC)A}h?MSI|3L5L{1JJBMNf!!+(52&}bu;6HyCqpqQ
zT44z(HPX2}?K#JsuX-`lGWFlH_>#XJao$pD73<6&Q0P&TE}>cX%T-*m@Kl92O{_dn
zrUjc7DVf1Fl^{BCM8}+k&!&fzE6O)s9G%8PcnG(kR|+ajBd@31l&PTbQ%}NH9H}ro
z9es<^jVZcib=Rc#5>iIGArSkBP498TL{X8RHshWWtyCj&$tIHlo?<%!vK>w=O$V)D
zM(!ZGx?M->Zi_s^i<&{(=v$<4j|LZXc?8*yRM8yn%v2I#nV*)&2b)#-3ArQ}5i+z5
zZkhLwE&ClGcHZEPxK2k64rL}cZX7(yPP$%e^^d?=q2Sv!kAzYAC@L83H<HUN(|681
zx6^a%qkYHRn0BqX{-$st?i^S~n@X1HzF}}C@&Vm;OV+(pw&DUQ=F@fY-<@)hEEe5=
zc!VVXHQDhSV6wtYtI8u5|3uVO0lieMOk8jd1!-5dwa98d;GV{Sj}cJ*aarf3sImFI
z=ry$g*BtrEubz(&FzXeDVt1-@h9}*W1Gy6xzb_D?e=#V(K48}ouA%~-qgwMm$4hfM
z;`)$|q$()DP+Ye>o6)c`4~Ka$-Ra2nd*S|yKZC~((!(wnquv9qj=CAbx`MDN2oHaH
zW>kA#B4W8N==`Xjy|YZCyCbKJ{0^Wo+WNi_n=?r92yd;80$F1Y&3JXi77Jy5f-6sg
zq9eL|HUVBKYQiFBM*oUoB-|4Vg^Zk_ALyfq!7Fzo-V}=IX#|X(lWxOOLU~{a!|d2%
zN7?5a13%fvzhhK;YeAnIh%MZ5u4RCgm)ASt<qo!}FdeBzn^Pp%y2LYcgVPL`G!xi4
zTj8&Z*JMK)iGgb+8E+i0C%=@!i8>fU=zGrly5VSPmbPw?r76Uhg7W-f=5oZQZ^8g|
z&pHM{;+pweZ&_*{{g|iSTVIAkGU^xVwmq86sCOwK1XQALrcsA14%L_U^&c$?G2iG-
zh6JJNAenqX;W`f%E9ZPeo8-B&9d?7KdG4^j4Z)qt)wT8?l>28nHNi}E>7q0mmONBe
z;^m#%$+st1^!v2wb9KwXc7nx7upD(H2kBH~hUKQEJg)*~773ii5H!y;os`=)xA{Rc
ze5S-5h=W2JqA*Qam$-f%1?<f&dmxwGxA1*ut5vn*$oXybCw81LKg-3s5SjUCeYdAk
z&bdmwV*o$$8D}G#TH?r9eibfW5h`vu57Np)bve;bqKqK&@h6n`FcMKWF1gQ1Oh=nX
zEqCFnW*V&M*dkUk)BPeNpR%Uu*iTLL<1IsMGRo?HSMOK9=lRNRn+iwAePR@N$Je(S
zKJ{J)>VqPM*GN;=e2N!Y21c*UG6pc2+WqSyRSq2EgWjY^N~t=7hJ+hsIy@|6RG(yo
z8ufj$)FlRR#@O+D{E;+-?i2R#?AaL_0hX>_xDM(ikoImvH!JkhL|BmQQ%_IL$EDdw
z9T<vHLtcl4OdB5$?&<v<C@8^2Ace4s_|dQUUfA&`Myv*}Y#UjdZ>Zi_ZfrgHr^i7m
zBDVG-;*U(h*`Y4oNi%Z88xSL#IL4vJ9zOc)oIyhqvFd&o7Q`vsdH$41n}h)tC=5c4
z3=xT~zL3Jc{}}EoMk)lv6kU^;O|vLiqv5boV>Bq`2R_QTs$(DoKcl@0y<3Yy*MeiL
zmFNz-vPKoSp$RLd#}4C%68y980}V+_)77|vc=q`q?$!u5fN(hEw$;erT7vs1saL@x
zju**X6Qw3U(u*iLRW8h=2Zf89HKsc4!C=k~{gx)|_q#_N!iDDb<E4Iq#V`nRnVt&@
zu&Z$9gD@c-Wjue#(FWVrjBLNpj`NYX-c@XMIOu9JF{vyX<-AU<S{cNm_|*Re0Rnd=
zABEL@87q<U3O?do+ekt>-UXYL#F~!|!apoT<x9$O&kTd#eQ!<AR|JXi!5If;s@m${
zbGTFS-_+9nKZ|}@=1`R?CmY|;D(KiU`S%#AfxJ*_?a`H+jk-4Kjh6B99DgQ^SFiQ>
znB?#n25Kelg3sX`9v-S=F|nS6i7$Y|6DK=)zcL4D**|zQ6gOp5Hv_K*XG$hP2F%0w
z5(3mzP5gDglsF_Uxev{?Db`Ahe}tUEq}b;5GB)PneUt?l+}F!~;x7*Ou_9nvy5sTL
z)c9(=?Z_IdI{=SW$Jb}#@ZMaDhcDFe+!kHC_!Q{8`%wNTJ@giG7&ySo{aB0dO{i^N
zyK0#u>TQ$HP#Q{eL%C_2#>LphD16emlFdt)fP+S-yg+Xg0%P9*9$5H1k&WC7>sltP
z$VB|id%MXIDI+49mI{FGk2saI#piHpA5SE3y$e!joZ88xG#JY*;6dF+QBrZ6zqtF!
zpP$mCYH~14#yIKN%rMB~Ib_<Gka*XQ_-ye~^{DJ-bf`@;*zUlIqtBoD9TazT4tUf0
zak>M;G<GQxbUG>ARl*)@3J4NHs0)}Zr*Lr-k_J+|C<@!<+qa@aIoE|ZF}$}hOsBr5
z8uaiv2vUJ~ZKvtU_iyLGqd=p0i_Cm|^^HkqmNn~82pOOjp{NaY2=Tp**aY+z=`YO{
z+#`SbB}C#BYC2?RB`g(l*xocjB?Uk&q2t6aO@3JGxr&}4=Q*R7cr65WRCNMiBxa?3
zliRRDkDVLyCy8olQURg38H`Iu7%O};P=lYo*Ib#+JXUP_KiU?8m!tHv{GemB?l4JR
znmjpWjYCEflhw4pN6S!9%WQTSX&^;Tmeo#i1KyG3`vjN4+TySq)}a=d)vDpLXEOGM
z+SB@+J6`Je;@D(uQeX&8f7cdES*%KtNSf@TU~gJdA+@wXp1fJXF4gg=OQ|uA;tSic
z3{f0ki8VKwWjui_JQ=sa&1l-?Yb>96!It0ErgBV`tRU6m{;@PO`EwJ?NAj4#Cx<LA
zF_uBeA?!)&js9s;fGmvkKD2c97AZHQzg_HYo8yVm)rUl~o&ZBol{qQF636yXtKzw&
z@f9*A1Q|6?<bouZF>X%Gw<I*&VmBr!^T(Q?AD<k-$Qn&9&<?l|#;LQlFfgDmi#5oT
zS-e%>%h8WDXZ9*I!^WQ2kU*^GF0KO6({qMnHhp-9Cj}G35|s!{@iPVgIIN1aK{_-5
z8qxEDLF*&mQDk92l7cReBRVD1e!Zz6f7EYO-hJL4p^{$59S|*`nGk`=Wlxkq!b!=*
zeJ>&rPcTBs(3xmHhz8Q$A@(4$W~xrz<4fz!$a3TgrrxG}ep9+p{B|KAg9&?FRaFLU
zm>YdG>w@17y@s|0!b@Nygj#9MRD(_A<8EP)4B2DEULIYrEZIook+^iEns|7*hrq9j
zUk(P_Q5yD`fZuuzJzJ+dN+HQvo)c}3fF((kZ>2v0wHoT?V1?GnIfX;2fMPa0A4M9}
zM}_On-ye`N5i6!}>BU_6#_u|$@&A|LL-@147F;G9Qik1pX;=`J-OYaCPC>zWpD=Q2
z+^^Lsl%W}ELG;0wu;K^6IOK#AWmRCTC7&3>+tp-#lvbF-at!^4d^*UgV1V9Z)4!?@
zWIlNDD?)x%z&y+nx5tW7z{XIbo;jmqpsa(&IBw$;u?aAW#9U|Rym=5wQmF$>z;jZ`
zJA$K$5%Gig%aeOm0m1UzYH<7_=Qpn|z8;{>QdN?O^`Tne&9UgWd#G?r<R69{ks<;U
zH3o=YSC9#s@dS2a9lVHkNKF=Lwbk?EG?$qlH5K*izAGL~{MW8B23Bx?79wpdQ199<
zIm$|jv4m4KSmCf^dpa$Qx|fHHkn>o}sfS36*L+Y~hb}CZiA*;6b#MoX8=iU10QP8&
zb)p+OIDLYn8ET}~^aBQCI}3BlF#3lKSVly7R5p`dG;?lj?5&J>O*VYTuMi`)*D6Sk
zMiBkvw=C_}i=`Q#+;5k^>j44Y#af`P`zV~>Pjn8^AdRLRfv*gLIWe`NMzUstY&6g@
z6f1b>mmB@g-9`ir(Y6c&x8LGXo?vmN$`zsKwgkKwb^if0V<arc{<2zN>43hC#1*!4
z+<25nqrtARpB*9W%XrN@q#@|qP1B?A%1JQnr^+7Rc6^kq?TCo^1y6pR(6p=;kW`Dt
zpob3`TqtU)SfA^}f_z!@GvxE$!7(c~6MApk(s+Vt98QQV*)l8+MBokWl|#?%r+c;$
z?G7SGAb$1FT=YlZdkUitZy3`r$7@r8F?N+HWU_(DTqPs82Q#6kpBDo%br<#-#k`H#
z)fm&GN@w41IXXxX1LaDj|3We>^nrI>rc-G=3)*@I^0MZ<6M?x!JRIz1DJjWJ`y-g(
z&uoHm=OUKUmdAT0kyH;TAdAU`g}zu!Bx9B_I_CN?cK#0FW(4J-3HfH}q`vH|%F)`!
z20DT%{Po%f`*86Z9Rq^_!&}=04=;{`zp#?!dd<#gz8z7D^})U<I3gqVbqSN^&>)sA
zd4KnEI9GKz!7G{;#6-$z(sdZu0~45awS9nZz{ka8a(uGxktIAGV={sKPvzqiM1rEh
zZ|D>#+i#vf&nxi~r0KKZA7{c1nYu^5mbiepbv`0ah!oohGHSi|>9Lb6qd~7&RgcYx
zKw)BK|9K5`*uP9zp)LlLEMiJ_3V-N%ccueb`@x$#$V^II#8rxcO>j=`%DyNNIO%$O
zP1<9pxjVURPv98BJHk>MV$I28aeZKEBVu!_P-a5F1hc+71PPx@>1QjhHE1*NIsSG(
zQY?p+dT#Z~e%&fXV}d}3T!l*Re@WjUC=2@3b_xMbPTnq3)MuB1T{&5!>ez8;%t~6b
z)#fVix0Ay;NODAj$?9N$ax=r<x4fUEU{4E))k`!!;S@L--oD?G@#QTQD3K)CH?32e
z>On*6;eJvYfbQc5Lx!b=7Fk5R=-kuLF|c(<R0<n4Sm^^06o|wqmk%k(yfbB4pmCQ4
ze=S4Wc_I$=qGtDRqf0Mbu%1f)W={~R#&8l@VFYE4Z~T%g^d6<zy%0hHs8hs#zkY}v
zRhc0EZ{FG&sz}wI+q8iMz=Pt!oybv2`714&QW_XG^xmf>V|_C{p!P@U!m^f5g587{
z#nIQY<&@1^@RV}Q5J^bBm}VBaG-jXHDL2!cXg)kz(Fk<emj(Hb5`nErBTBGGO|(&9
ztu&>YRw`&-3=QD6{QcmxbEEHALM$b;%F4D!$g}vo|57D&*l2TKjS-$V?j)MJMYgVP
zbOw%~OBl*STWNANv|bbPds%_0&E7jL(YDOj0othl?b4)vmW0Y2YH&=U4ApgGg?_(~
z0K1ai3iIQ7v;EL9`&B`|O@E-B-A{}J6`DS`<@t+@&@qR|=i~~Rv(M?9C;^mJ0X(iR
zYC5XsfsbN_YZS`UYz4El6~>lIPdqeLKli{hqhTn@l9`8;$?BiKeT@hn-%wVFXdyp4
zD^E-dxgQN_X1NEsg+mVfKq7Gq#b!rfb+<G%vyLSOB`e<cM^y8nra+ahX=PGQ5;4^C
zfOavsytq9<-z(ng3-pugL(QexDJzlx1j;4?e-MYiWbjv!Olg-fQgJ0i+F|vU2fRX<
z0u`>q6X$x?SrtyJQnUP+saJ4a9v0vOD}}JY?`UF)b%RAIP}-|SQE^ZWMT~IP7UOqG
zcX3?@Fv1;yu8!!WG3fl@VnK(A#@|-Kw(9Ok98LZ6c<^QqzWr?jImva6a@d;wB5xoV
z)|K2%1>OOGnrlt(eG`m9CYv`qEZL)WK#6Uwp2^x!+SKz&wcy<)cXo3tmc}REz?~KS
z^+ID+piN3HwPZ5g+`pT|0bIdDX~~cCvh=<AF;Yr+89MJT9z5U!O8!@OjK?n~x31*Y
ztJXlx5w}f00*+skTFG(mMbVKO8jV8HchqlPyBL#nzLi~mW+g|#@9O3)G-QdRaS=a7
zs7O4K&u%VYW-^9HWsFthi0s}Vdoa`l+Hb+>L_T#mO&S6Bg;tw$+O@m{_77~)t+_qy
z5j`w(5ylTi`gLG{%PBZ&iSDRmO<V3mk>c)U7>Co_bs*WWC~jGZ@9C-#jdo}u+S&b%
z{fO1HPw(&$XG!9dJf)B4M*f*C-=LUMI_nUb!q^1&hQ%YZYMj#FGQBhO&r7(ApCRv$
z`~aC=$nxVzq^a70_g!crIvdoFP=x#Bq=_IGBjgZF-Ay#@JVBACuIrSk>rPzxCOj9h
zCOpGl;tK|-q@!UQ@GwRRLqXFc+QIE<&s)_FmHo*Ja<ixz7bA~@3zmsz`VqxeQqOf6
z_j>C*D|O~~%zL7fRQX(Ia+Wig9LPmc<AnkLO`GNY9@2xd%y)q4n@tNvC}(fsqrD~=
zUeVi)&+B+sk25XKc*(Z^R3$q<qyLHKBdCLy-iygA=Iq%O=BIFIeWi@fek@K&qvu{q
z)bD^5ZT*2~h6!tRvoMf1F%)gTv)Ihswx?tnqT##sXr<UK3zfX|gAW$nFom+gtyxEZ
z)Esl=6`=)qgzwBwq^8g8g{8AH=3xSQ?ujp2rXeI!1+0cGWNuBU!8$P)-)TW`Y%6gL
zLqrWy9J7CsJAq~7ioW$kv%Sn6zxl?h;m`9UGeR@PXdneP13dS?ssGV0a?e|&PDX4$
z4E$ZL$W9R+AMZO;NiASFBqX^)$K@BuW!5MSLpF4&;Lbft9T<vz^(oB0&T7f@Y>1u;
z7o9!sR^~?B3nhA%=jv)2R4#_P<M3UbA$S3q;C<2kC!_o@7NY03zPT1JrqcOYnFuvT
zXn=Q(jJSQZH<KRoxGGV(^b+yamQkf@_|Dt8p9(Nqrj%_=f;K#d!xYH!fBmH>Ku7|v
zA{35Ei)sT)$H=g`tVckVphR*Az1}HJy2TRGit2g})2p((GEl8gq;KAc1&&=>q$i%9
zHZ;nLM>4C%Mv=&z`+>H`qDn+ki53Ez@Jv&$1>DMKG^t`}$NAf<5ZIF|Dmyzm{dew>
zK*GuS#`Ng1ZCoqaPj)BOl}dHc6W{cv_X!ID%?emUP_L0#8E#!zg-5I*uq@rdh&cS#
zlrU}m`-*eHHbeklK6k(E`Z$VJRuuKVW|#bM#sIPZrVxaJ(V8?|x%NjB>rcBgRdF0a
z10nU*sD#pVO&BzNeC{ODOys?@11fD-$jqv$(La-G(ND!}fCek*pzo+>$4R%nGIUJ$
z;lmqI>iAz}C5zPm$xH|Z|HldW&3Z<qF7xwzWhJe=n&Pu8gFzWJJE8S-VyCaT5q_nM
z7oKY)KLXj+BHgTE5$+tYJ_Sl|-Lp5@Q}?CxX~+~G!CQ*|RXdY{!2>j45ofnaIdkYR
za%_sgJcMq@8iu;rdlN?hZw$$hj9vctm%IH4on%2dq3IV%)`;1127lIIhI@q?w21Ev
zxB1DFxEBt4U;e|<s33vBC2h+4tjbmg)KbAgocjRfsGKhIaUESePWeNEvUD)^5FjsR
z<$RL6-W~uTcUpUgjVvB3iM^j6T=K=;*Q`Zoe1f`U^glW65w|}tE6A5?w8!=CBJNXW
z)e0KzluX9JVn3O^hj2=QVgY&*<xlaht<)0My2}M)P!<NGB>a@9im3mrp9V$zT=Gwl
zl_pBU4h8toiyOT@Nc1@*m~B@)Ejn534&o}2Nl4#?DU)%OhOZS`6XTTp_*tsapNc`p
zh*n;@YTu%M_P?)?S+jwdBE}|LpqkPws#k20+n3wEOLWOm&MlxV=TItq;Y;{>XB>pX
zMlt<6d_#p=X+|D8`9^0;sgNjTVFwjA9XprlG#cK;(=4u~_;0R43(h2PEj~9Fm}OTm
zC8vnt=9QN){n0pNj|y*xB856a55Pej-1rl@aJfH@`MMCEsdo5zn$+D_VkLK4c(CAK
zT+4wufYc=p$9as=M@?OxpNZ6!r1sQ2sm}p!W}eE&RP2=RQl0wM%axDlqoiyJ`F2ru
zWay92GY%uN%$~)OyjFiJ2(jEyY$EnygVH?XiQCc~F<x@7Jd+R>dBek*=I-JRfx|TE
zAJNCD;~@4+d5;$gy<WBm<G>d$14zB8%=oOjzjnjD0Ckgpe9P}gno#<vL5podTS3I|
z1B-}TORoseq{f3EyhV2PH+dm$t)3oqG~XYH0%q>$$~kpbQJpf2Tp1&P%e#_k-Tl6*
z$z~`0zqmaS^9{H6qRee_`qMw36vptI7pG_MD>pFD|In8aPIo1PZ@P!!=|8s_yS42h
z(1GGNrOO%!w$l99%LD#wMz}EHo_tlf=9W$!ydJM?CsR6fWC~MTXgH^}@vO(^d-<Qe
zFXU9lRijHjI67okCYSzWrWDEl;BLOCW(>8k&(!HYvTR!%q_l13*|8Ayu}%=X9xnU4
zl6Lx5FOzfq3Ct2QHiL}>;h;^2VItj>6Z-#>TAFkqrkI+xVDhpV#DoPaOcc5EqUv^A
zmv(tg=d@GK%C@*=KTS<a_b9i-JndcXKPqRr>&IUYsYjaj5h$Q24&(o8ZJ`~s0l2OY
zei?-23<lmFZc=E2J~e_#%a+p0zEpL_TDC73bZuBs<PLi}%z85RF@?V!HEXuGdut&2
zjChjSIAZ?R8%oGx-y4$7Ki4!S=l0fOpr+;KJ6?~On`YlZ_E~isO)Zj?%Xuq*l(`(6
ze3-U;CX)a9c2Ceo*5Uk~tjeRAG_k-prxT1cfsJ894LDc244=QBIsgYzp<z=N08E(I
zdjldt^s2I@<R2y-+bMRH@5fShYoe*?t4hAxq$`@JXFi$UF{oBf`ak97SsxW3&ti2}
z>$^xO7(1Kb2K!z_2BL>Gw}v`G1XKMDgVMy-lp_%me%Z3i#`)2KkN65PlPJ8;H6Dxy
zPh(dyq=(Y>Y}J0p(oH#?EpZ+4UWnCb)y55xA5S=eASCQ{`4;aT(VD7xqUoewoTM~l
z`Y&!WJKXs5|4zv~_$C5e1LV*Fh+ZcbqA%77wvIil9!|tVW1P<up;ImoUBiXFHDYqO
zO8sB<S1G%j>)1`tF}xgJl)X}!8a34)u4%JV9Er`O;-CvsJ^)Cm6fVtMaZ^+x^nUyu
z!U#_8XOOIk$~-`5dfV9CeMdgbMTT+RVF&kwvUftWpL+8vN1$}O2|OPBv?YV%;AZqz
z<JKex3<PE;J>}R`P{oLHq~|k%8sDmju(3sknbKcs4LnqlzJ2xOTU%qO7882`u!UIx
zc{@r#0G^>wj{=|kc+%GUXn=~RSOb4lREi!rbS$ODw4uOcQ2uuz5rRR-F;z*=PVSv|
zl;Gy1-k{?*O&pN1OSM(xeNWyrA3n`X_Gok+-rS~BFI0F|CrI+;KS@_1_)K9ENT?L(
zh`1ecj4v+)<<go>V;1!%I{Z+|L;Dz~G~0_Q7&;e(>(qTg6UID!o?#pxfBxf#a-4pS
zQkjDl7e^OgVgTq`R7TQZu~O7z1&(b3?;BN*tx}R$Ww{gw_KhDOc?5^y*`L$`U%s-A
zdHl_w$&e(xDRhl(xayNV^1~&X0s@m|B2ZMek#<9tVEUtO8kF+J0-xkc_ulFGimHr#
zp&l}=YixzKk}p#p-knpc#x>7BzLiP=k!FZs0K1^36A-<$fD<_b9$fh>ruKF^eJa@q
z_{*(@W$J7~F{iv;_6j6*Zj=DUV~KHz9d4e?mtu|Lx7((bcU2b2uc?@EG}D7|N1H!O
zaOaF<(upGA!<)vn>a~kWNe#eDQ`sG~yN_%%5Xe@l-$)WCSW^~87q??dVhT>h6sB;+
zOa5jlwdJOsD=hxZO%~gWm*%54lw_pr{;N{<%W(5m4EGqM!;uKB>3yP?vSQ$=w8{xY
zV9muI$7##nHGocg{9hKG1w<NY)4VpZZVgc-k~4{e5j(;?qpocSFRbmD!HA34T8-Ql
zy-NiMGh^5+<}fsHe)0EHj;<{qLPSneK%)t}Eq@I6cO8Z)LSD?(UvZbI0sUgK8l1cJ
ztd(H|im)UR2P7X<WO*DCBr90UrJtpa98obAbjGBwcgSHA(!`-c=VR@pOHO<AYHYZ(
z`AD6I`*p~jFPg&6lfr#FTm4Cv`K3$a(LPYg1!XGwj7V7V9yf6_n_g-htVsOkr_13O
zt_xd@N5a3~>E}qpFN)mqX>m*Bi>Js*w7W@w9et*1RGE{7;ZA%Q2pVKC_b!H58fqK_
zi}){nzkRO_SdI2Of^bNnF8kNB|FdXre_OLkuO(pS$pY%tBHVWgOlgPk`2hEz7>%q8
z5KUtUcO?Vk2$As(P31(8x=qfTaPuhiBXS1{MN<+FS_zjh-cvnFgyP0w?-0d62UL-v
zt7L0fQ^cS{4IcM=<YU5@`;{9pfticWMfNH1TjJ;|&4U=Qmv#r^V>M?sySnsGdE62F
zU3b<Qdv{8DU{6ha(500MF+FcSqcUD)wGq1GQW0f8H$fnII$E|vRGp@Vv;a3VZ5Jsi
zn|M_inllWnTc(&1Rw)@z8uNLarxeGpjnTpr^%M4b##<0i$8_uxAX^z*QH!I0kUjJ=
zjVEu*>i4Ds9E+tOzL6Ow&z@USt8{Z;owS_0(GL5gS9Gv$o?mjv&`?TLw3~?7PfZ2E
z=LQtOX#dTOov0m&?-pTfvgN<X0R9g$fDbkFeMfCwA^ce8e)b7UDu$?bzNAL<!+R3K
zR*L;Q+8-l6B5SFT@WSN&Az6)?DX%JX6cuvtG1Els0}m|H)qZe6DR9I@3Y6&7C5a7b
zJc)N^Sr<8>Oyn{JYUoIE4o6P(7++*KbjBQ3%Z$@3Lddb?5IDK1>nZWbTytpTqc2B7
zrM6JaU3mNhszk6j$nUoWXq9Q~jmXU6rF#+*X(@-@ch|leZllebWo3#<kT*2Z-ftyj
zD>QC8En@5z>i9&i#d|8~DRP3SDHG9kY8YoFv)RW}3RNQ06l*wT<vcD%FoV)_ly?U%
zQ_N+%OfPkFrxkRz>sYpszkRHPkS}y(k@FS$H)dgr66%9v${;JuNk+Vv6UVSl-G9C}
zJ^IA<WDy-z?1D|!8$}U^GzhtWAdC`~nI|MYYu-*9tDF*v<rs~Oi{Tu89Wq!XgwASQ
zW-=Ht+6tLWua;X204dZ-mjx(j!4|SA>y;7~P1F&W6cwj?KYY&1>=_-H42(^viG-(5
zQ|eKU42smiPY{`gYYoI@7{#N+?afOm{irlx8AttyrGsV9>HVUdEZ0mWM>?lyZIQ{Y
z`)>+<Knwzxyr~FJArG9aAYgjWQ)`_Qep6r~d*E5-94^$Vfg#O#?ds(612|!YLUp8M
zo-;@O7fqQ#_{r@hm_zK+cJ#}+SCQ3?Q8p-xeoH~1QaL$PUM#;)`lk|ShB@(KZ6^3?
z+3bm~t!ZX)rToQ{03j<G+q&@YtC(WGB2)}-7OTeud_|Wh7$S^u!yC3g0HznD{9BCu
z48cAdVy#?awGN=@{DzkKy|Xz!pJ0pGP3gkKsHIcG!HVc#Y#=JcsFQZdVD?!SBd*VE
zn(=V-ALe)`64f_<YZyVVHs`<p{ga^ozLt(RrWNsDK=ejV4S;`p)P<^V_ur)VTa_yn
z4+2TbXJ6&AxXAMV{Pi1D1qwv8+ixBZ^?t^E-M`YlRUk=f;eeSnU#tE_EdRm7(&TG6
zZ5n3<GX>Cpanhe^WiZC4;(OeOwd;m|l=cTYmyo~7dZ1zbub(A$B2m6Q3Kno{`|>~W
z5B`YHGpm*GKk-HXh@Xq9XZM$c@FqSF1YJ{6bp7n#uvZ9v<kQ<Dv%P@1MYaDThi_0t
z(Qk$*F)shtK|VpSC%!%U|3q8ElT}@DgG#Di)2Mk<yuB)hec;zzQr*4hQm-ZtmH&L}
zFbP_e1Z%P>Mn6T9Egnzw!I(<QBthF}c%20(9o<f2-ZJ_}s=DicoPcE=YG))Z;P>y}
z5y`w%UG+|rB07y`*W!p%NPoTLj}@e$JUl)7oqif)=rE-q3gp<yL0kP_4Ub?!Kte(q
zx6H7@S7<N<OHr^DL45q5YQ904A^5rR2^4A1Xoeei7o`2IU%nZR#pg{Qed7w1pZ`@y
zVrS}`cJVN&M*pWa8ozVQPhB5<Ts#W@)%Z84J~1Kaxl|U*|0_#m&YR}WYp3Y{wdva+
zRDT8ulxF|CKmW1*6Vzw>sGKalzcJ<?>$9T24MHWC{&(m4GnY20-^~AXbS3kz^@ZRg
z!`=pAHT)&_f3$=n`2K^=rg^dY-+qZdgUJ0E1U|v+?^6DUn{o%=)aP6BcU<<MPCo@e
zw2O5L>*TnnsU_6M=ISsewc%kQh=;`lKUDFI|7c-=10n;D-|eCa-_hY%&ieO<#q5A(
zY=K%lx~7VGYBx({^)6@2R*uF$+A-+E&`?JQ1MF~8t8WD-xn4?Ew-ub?wDe%!bePnI
zDw$FA2M!NVKp4GUURQ4~KhLg|h#7n#LnD>7QyExX@a2ETsIY*rT5riC&f(Pi6A-ez
z6%*o=5a+NiW=kvR{`^!*RQxwN{Pufn*xLu2Zm3Lh{zuhp@tvw`P80$bqSRI9{pbXC
zN5U3(-1^WQ#c?Z1>h&nJdhX+L+GT&FNyUaBL!<JRV*MR+(tuLea2tgo+Dt=t3Ep;i
zyM6Lo85?T0qf)3O8lrRlNn+5(g%{M5EpX~`0i=<|yuRv7(6fZhwaLg(O!3@mOYbL5
z_GYyBPOIww%!wb-?>@|#ATs@U{K)s1<=fNPev5IiY^nSCN}=`ja`=;0ddzJ8jN8_a
z+i&4t%O_*OSvUgcvR>EBe0LKm#GTg>vT<42k_<W^{2f8t;b*y=Ldyp$1<AZc6;YDo
zFWKn`_1J%%13+ewQU*pQ_JD1_Uby~_Gq@+N)_{)^5~MM0DK@QXBzxf@6RY~@<8`?x
zq!#_Uq*fKj<}3;?NBHJED*am4|8W$Zbtnw%T<JFWMgQZgPQn36kS6ZXFZ#p90CoKe
z@R%|7Nh@zK@v9&}E%_Cx^5nF4Pz`aL{-jg)^x@sfxDWd4+3S+ql%%bM>TRvt&Y=1E
z@Eq@ZyZ2@8sO#3RmZ{(*Y&^Ytf%dn`l%C*PAaf%Q7ykuet6dOg(94yKvo^dO(wj7x
zU?tiAL^nFuP$uteYC^Cy-<M?v0I!x1?}oFB6;WY-%T}GJQMdf`2YO6*J6k_i?}h=;
zy<e9#+>8a(T#tHlqpA2_MmWowE73h~J*q19RSCTJaiU#S4UZRR^G#U%6L?+n$de=1
z8wha*euy0Z4moQW!baje>Q?l5VYAKjCWL4&E2)m$58Y6G<xTJjplkYNx!3T|0wBlx
ze$k<O|DyZ!*0^Wh#B&`qxz69_jDkw1)<$Tj#f9(a;TzJQ^V^U380hzYhfS+*GI}Rr
z6gZ<5{^3?9<ma3!sn#{$Q5kj<Bfw#|94v3=@s8^*I(PdTt^GAhbPr!I8m>snzHl|d
zR{#3VsdcYoH0(b8nFIEe=%L`T^4=%y(_ZS=E2d4H9ILjOYc?WZFF{w@pP4@MA8rjt
z{cW(!RrG=&&tM&ZP_*FeF!~K{$7(lcNDn=${xATiA)=Mip6*xcGKHpyN^q<D$5i#9
z5pd>Us(#=?GPG+c+p`)3rW}bQbjnk=7-OA_#sE_&_!N?j(?VlJ#EzJdd%-McT*59U
zDDMLJ>d(`Uln(FnH9?Eu)Y@P|gaygulDMuy0TJ31<aR%6GEy4~nQMr+42g{(TM4m~
z@E}xgPidb9b!WG<g-UxttZ;vuvtNcAC{0PJPpf2lVc*{n51?d{e~L^t-hLE_xF#+r
zv>wL1Ti<Pu?AM;#kQK~|SOG$7*L=J3#G_?y%ar~tAQ?ejLdD3531=eL;f{?I&N%IP
z-ursgZ|B-P;j0!r!fjCBd|rF{aCU6>aDE}{<8^@Q1r$LS%5pF*W&-#;st~_i{O~zi
zI0j3u9QWTyzy`DLS3Ky>KW3ulJdX=x76?U}C@<DA%B+==$J(b8qf?SOQ9VFvHHm==
z!*b(zMsVY3Ept9UKW!dHZjKn&3kFc@&xZkAcfZ}tqHbKqynGO7J79U>&BH;Ux}Y9P
zrdKhQnMttM-=$%n)UymJN)s~ZhMFtcRPf>uL_I{ftm3(M--~<aQ*+8zD)llZzZ77<
zHaNb!&i_NPk#$Dx-e;W4%k6mU?svvhV;6^N12v;_%Xv@C^IhNTO`a)VQXs=s+j=jx
zuOMP2k*k3Pl4-$7|I%jfh3w-?+VNuppqLChufOf?skr8B!w2w8N5#yVoO{3PaAB1i
z7!OMbtX>F_6j<-auZz{=*l><PWac~Q*MF)9$YZ5goNbJ^#|9NQv`lcpk4}*#btWlv
zGNnQH@A!6iJgq-BZ6|x4O_2LW?ApB|oMfg%I7CZiD(o*7#~dVMq)I_xau(p^ayPDE
z_Je%^!p`U+vkwHorm3Km_BiOnw_|8d3JFedbCT0KAM2|Ryukx)A)=;P3au~cn2XU1
zZvDg(N<&%>JK~?T<JUXf7L>|bD5LL{@b5QC$yF*uQ8=>dSftKPUuXyvxp#k3AzZm?
zS{%BN9Mr8dM6I<EN9Weip+qBC%TS{g4{XGKAs6=vT@34}nqrUqT{PqR6+Bb^#pKZ7
zBoB_r0~oxqK;S@}r0SZ~X@VB(OW6Cso;En9=a+Gs6|;RcNN1wEU%%i-so|;paYqmF
zv)b=FJAD@eAL(~`I}xzh2KS7nG<rt4>8~qZFNi49(|4a9?J2QWf4>O_a;w>+=|EBq
zsy*w9>5Eg<2-PV8t3+mU->ygadbG4&c~D>a)E}jZzIjCo@LJ<?qv@rBMeXyMIFXBi
zVKeNC`SSc-6MiEzQm)f{P*lg2LBBAp$G!FE&xE}JF@Y>0t-1^bx5h*^>-vYtOS@${
z4BD9eLI>k7oPdTeAVU@MsuzCJvIbqZr+!-klU??nnxPai&}9HR12XS<Z80IuB`+v%
zP{II&gnxpX|BFurKj}xpBBAX(0lxJ*^Wqm&DAtVKC?W!TgU8CY`MQN56w4H@;Kmma
zT7-kmon_qoV>m2x>zc?<TIS%!ClH+M=*>QHoG`WCqaiktwRs3$gOaBT)S+#R0qF<H
zI&e_V^F+Yrv(aRz@j0W?EU~Zv^xEa>S)R8jj;kI(JZii<x7^l7(7><@Oj<Tr?3Swp
zS%+88#XTvK5S-$_6ST@*^=&>VE5r{)OL{0-0(4ABs-rl$*a(gwZrc;1J`@o~np;Ba
zWxRYN>IUKW>o=a|zorEp-v)v(U)LSDex7aJB$73NmVatWobP+etl|Op`W!2ps*f$m
zI(X@$kvq5|txL4D8=I@`^6@hc?@_-^g+UL0@8q#D84V{N7e{YTd&+jr9mT={2jn2H
zr!&B=7%V$GqnL1Kx+UE*Se^$6FSYOmA1u}RKA6<b1r@(62ee_)Jqsf;e!*fi;E#7Z
zaqT!Wm|O4RRnx)jh4e-1*2#9bfIsz`jwoNu8bQ5t+|Xzt4IdN5wr%D0zn{Sh5{AXI
zEcf1bhCOL!9&2z=iY0>Op>-0WWM$C66+OXT5v>inw?o)S{=hmtp?TV4%a#3*gkM~M
z>_t4+p76Budr#n?$5zYT96FO=_FJdv<L)X^UrW6bR{Z@9H9xQw`c6=PwA<+AWJwLK
zj(FSiMZ&+_v=?-E8dQ~>SL)h`=&46?tIPSKUV(|IF1Ef`12VQHfHu*%ZNVRZ>dUJ0
z>I02a`)eo}t#1)gqg=RFOzigb@xwPDp1^PHsIrbQOBq}Lt`JP@goZnFPP6HPc10gD
zza$^Up=?^C6SMpvI7n5Yo3Rw@RpIq8Hbf1w8BOnTo&1IIIp#$&z2Xirr9ju(eSNIF
z3wN7RQSl(<<w2fqMULKU18Q!M_i_rs(HN)kS9s0yxQ@kBJ`JAlIv9~z%OcM)f$KzQ
z7#@~qw(pGkhw+}ra)i1*X#MMVMi(AKo=v1$)Q{LW2w7a5EjVXmVVg;;WksuF4U+ux
z<0vfw_ZvqPkF+BqSeDxngm*Js%c+hT$gqsI^^QiNQMQZjw}illJOF-<i?R8SD1u}z
zr|u}?RU9z+p^<(2PFElG{QAemfni9P8@IDczT0Z(Foh8;{2i9xq_6<-?fQTbFiNAJ
zv1Qv4)+Inm>^UE`V|mD6pj9%1tR}1WiwIWfDN|JwK@egGw`G2yT7yL<;WZWDMsnl3
zG%-_tDsR<tkheT`4dz?Z^SgKG6VhVBpZPd_Zm8c_w3hgyP7a74x$WblkL6E*J34lo
z+$e{~a1@zKqRvci5S%*+l5U|WFE&R8mB8Lho(HyhKB}=77`J@PjshGM9aq~==Wx$W
zdj+-^DrfU`W-qZ2Wfv7Rb1eB(1+mB%tr{&43X?<ki1;6{#&fxJ+=4bd5rganMjas^
z`R?|eS)X2v5Iu8l*LuHTu^s~Vzn;Sj>sRM+FAa>=Dzz}c*wxU2+PQx2tKTe9@eEyR
zbPjvCp|W05@mB5bhPfVLz1^=h?KkTYUigvKD=w#j(W{@P0QKX!&!8ZNqtSO{w+%st
zMCEzaur-8BJcMk0{)0|uuAcJ@;-)zH`V&{pz4_yw<N($sIh8NtL=EFE<RPcRHUnXV
ziY@ka8RL2{?+Yz_!}8c3CGfNAE?zFo6&N~JB@|H)x7j_&4*cb-U3ph4Sv1c-^u5dJ
zC20h2;TFscS8bn$Eg$tM>J>sK`wMn@8{%&`9*{3~sa<%*Gwjy>GK1CIC1$9cFw*W>
zu`uYskGaV9qW_A?T#Ky8UA@Irb8KX412zW1B#*%7#&`Hyxl>@u8&iBkFpT`hk%0k>
z=-h&5DhYp$_iV#Ldpc|hm@Nl%YzE#g3qP%Z4a?wvR^7uB3q0HsdEI3g+B}89F3XCz
z@iG!Ms-LH%ClgG&pF0gi<!dj^57TtNG#h$dOc{=pUak%Mo``I(hS=|R1H<RnPu<?w
z?XNRY$ol!68}@0&?r5+3jOb-8iKHSZ^=)@Jj8J|wL=VKmON!{zXNT`rp2)dQ7z?)p
zW&;wyb#BiyEGvB-dB1(Lq8eY9qOMPC6dzZsZk<qnYurtewz}IQMVI?{9qQ}OUjzb%
zX?<Rv?JR3v_DKZn9g(16+wKI0y>3_mEB8TYE0?Zd;GF=mO9ukMx35D*7Hy}f7GX3z
z<AM%YADj?_jF-^_1}}CRTFxQ0Dzlf4BsMdFJ}>wN$FK04U5{jN6CtG`S?*tJkpS(2
zk<dR0+_tQRmzpSoZBSIN8+v28R>OqDd970buiIY{Ln1bTDRK0!N;vpWbvI?sBvOZ(
zr$o#|K0`q<O4DUODg9@#GSnKQ6uoIfHLuox-*c3U)$z4IB;r%USbTUoG~^Teq4l`Q
z?M4kfKUy~(CR9r!veRJ==c_jS^LKI(Y=`_0<Z^dN+OFR9i8~T%8n5NBvPziqvqf;z
z>~QXS%F^8;@#I^VbC2<B=N&&W!iMoFyfNi!bIN_R_r)TS*OhPZ`A=fciJx?Vu3k)m
z$QRK{ZwE`eontWy?#h=FwA=~7*=_3&!&-1Z_SIq&J=~IdJrw{>A39K`Rbo+(b{}sc
z7+YS+13z4R2Zn8UzRD>bZGIwVY(t_A?1qIo@7*R)Tix&Pe~p`+Ge+S%Q@ijm$C;Z@
zz76Ui?%VJ}5U4h|XiIDJ&r2o)Dm0vK6XTz1;r6%HdFjdKE_3(y?Y>fl;wjK^cMFQ3
z<*s@5hIwC)T&j!SbwU{8cS>fv7;=RWEsNSfKC2F`vV~SM7!#1!c)z;Rjw$j?R{Fmk
z9IdDL7Q%dkqKfa_dZRN7)Lr3Ohe!DOam`4aW4jE=(gFGUqZ?azf=!RU-@e2}rHB$}
zW#IQC?88k>al*FukMrvzu7h*nj9D4YbQu+<S;wb*w}Rw2q>%$>YE%x^6pnUiICb#*
zTV>I;8TzeU^V(>F5m1JgfjL>^hou^reHY_y6K85`20loX5kM#DxLu=u4Ui~~EYbP5
z?b%dZ88$T>tvH>-d<|J*|96lrZtmlkGzh<GdGH@?ILg8{jOTil(q&<eG<JW*JG-%$
zYkFZcehxmbR&+ZHd+p0rMp5<NU<YgH^My<D;Jf5i%n+~{yPGnMqb$%Ah<^`OL*fD}
zPc-@E2zIM^qq-SDhK%g(kw-M46s8FKeUzi0{_(mFUiDt~BOi2ZtBb#?G`in+H|5>w
zB!TX(Y~Suz^yv;O;4>+Ut;d3>vqjFTmO0vwU=&D=<_jNbRw|<wq!!oXzGr+E<<gq#
zon)gA=PqPjY7Z<7yD#SpZ`OO`MFQejptJJe+6BUIb!5A!&mBDyaA^d}&8X9{9aGbH
zlM@|rYIA10N^z2Xg1R?rIXQ##n?g?KYbH-MJP7j}X>Y9VGwJ9oxibM^2f9*gdLw)B
z`=j}GKCOBW*v$F5@$L@(wcRRHx`ppW^-LWs!N2M`iPnBvj<Gt4*RQ_E>l;&Oz3%cr
zLG)P-IrR+@^&2Gc{)poADllG%t31WrFdu9i{*&Rwc3E0q8g@9%`3qD;$Byv0KhU25
zp<KgwQx8EP!Axo59=C;}4Q*Ks!kC2Q6;J*lb_3@(sNSTxv*Sd4nDM~70A0#5sZJEL
zN%}|7Q<7dkN`3f8Tw#Zj-l_hb1Y+oxy~is%MJmx>Aezx4yNOp1Lp1Hf$7-(o`x#@=
zrZ7(8@xs|S;d}GRi-eC%c6V1929o-O-GIUE!Uqx=?va~&aqhb<b+38Rh<RLTvkyLV
z5&Eqrn*o(526noFH(&Ca+LDsN>}*snWh%B$V1O4eld#KodF&|!#-api6Ppe$I(Brx
zBt;xF)em;#Jl0*(7W~TG#vFN{B2v&B;QP>ms{LquH^N!N&-rzEJOuPc?Bz~Tj^6oi
z?{y@(ee!$b4J|3(^wo#6Lt-H7BRTkcMK#N96|85&Mdfi2tIjZKQ45cj%L+#C5I6dj
zJER34Hn@U^Nk%K7=y9PNf#<HhF-t9+i|>xg+fG0(r?~m*b-{teKYf8Uu{e0iB91Lr
zwa*=slaZnDSb)HTa9)mnAway&%I4PK7LwH~aqL!s$15Ucp)VklP@*H7^W@YMKV-mc
zQaDrZDl5MiX>rmqu$})iS%7O#Rq|}Hy340E8_+k4wkUsN1p>zjVyWQu)VVzVeM#T#
z&e1ml{jgzaZhxyA=$^&)XKd1;&h3z4nGeeLvynLgaSK;?<Lj;P!@V0QG8al=GA>7g
zOT!7l&b+LO6px?G9kj)em(N%3!A-DY&AZhNk7B8&)S7J?X81x9LP-ypfbR%?5saLf
zvG0t6th<|Nqlw$=5s(usQCpcT+amo*5go6G8ck4pMt0wpp+>ddcuUB-Bx;?QkX)KP
zeZBjL-6nsycf{!BYGKOTyC7A8jl%2DboDOfDRe4b)%h#R<zgO9j-tMx18|`;x1mw8
zx`oQ0somJwtN(^Wqp6MOK6(%k0?8{Ns?TEEqFBv`QcP5^%yi7iryl`SlL9TSZ%yO`
zr6>lT!E4n>V62`;Jc}Enr;py|hK&ab+`xfw8Y5pEe*h^mdviNgJePr38(VRobFU^5
z39BdM8fp{zZ5ndV(5NAf?AI2&(Y@SA7aT6S{W3PZBnXtZj!;`--U@js@@q5L%mTHn
z*V^6-y`y&!2YaW3C7;=|!E*0eK>iV;HaEh6_Vaz4O&caKwL5`;=2;ioiWfd%RV_nn
zLiDAe_fWv8_b*5QFJSS@=B7SEejxkaiHA1SYd3D>>y;(yi+mX+0hzXJ+%H+^?VV36
zLxr41SGn#xKZ%~sMA2JctwB$r$r&B@g{VX*NefOgl`T}^F)K11Ddz(Gib$>#x8`ee
zwom=$wdZ1AH}Z(wF7?@Tpm@)E?Fzr;k53xs4ENRAY@&t4**+e^C65%Zj_R=+^qh0^
z<V{K69}?$Jai9iqGnOAoAVhM3c1TCDh+k?DSMOc0+i#4cGbg#16pPPcSMY=6VfTCu
z<q9F^Ch~;etLbg`o%$Si$8>CqF3g2g$KEEEt#7zW8e-&jsDOQMH)UfS24aeOH8?|X
z<{V*Y^KX8Z!=31!c2&M|B5Kcxf9f(%S>Ec)c@-e+v3y5Qx5+;-<iHe>q}#LpON+Xp
zeGQz`z9o(_8uq@%pc;OdECd-)RsHDFe9n~vGMd5Qu|hpJ{At{@KYI1>k^~#`s>GR{
z|H00_BS`zjpIsK9<#xP=a}u2^N#GNlc9#jey5Z;>H{KC%94(9@Jhs6d!7j6Uub=03
zWy#!LJBet;qM^wt@IY;dRjcdTLGJIn!+RAo?ob1{NI(<5`8!0U=@pWQ?^RSVd%HMM
zG*4KsAAP2pQsI+Ez2EKJNmr#nPSo7~BK2TJo<Z?<0pmMPkkwZ4asH}KJtqDv@C>ru
zF2i>76oUHwRoe+z-6zK8o&b@1cw#uMqK{`JmgHl-ZDNO1PQ4(K0b>Z4wufe8#P}AG
z&#gO-ITL=yz8lw7a8RK>oY9QK+B~AM0q-xm<xdd1RQ8WYEISvsQd2z`8d_!k)<$7w
zww9PwO&2%~Ymhk+zht`7w03;Hd}fT<fKhPPAHh{S@~_(JLOZEhns*c{I;#DDGhW&8
zDDIbu=ka;P$sDg=J{DP!y1YI0$BTrx5YOjdzeh&Ic)sTNyZ2gvPvb&Xr=@{w76xQ~
zt|-_t*UmL4UhMDcjLc7$<DbU9FJCY%kwed-<>a5Ot99@AzwYXJpvrbD=S-~pq1>F+
z<=TfeKkVqPGyHzvf$_-F+&`~h<ebg?#dl6_$wh_*`!D`AcMCl0SHx?5o$*!YsvvIu
zdcQTMo)6WTo~pGa&p7{kNo(fY-^~>hR+nBae3m-lQi0-8VC(UR<?gu}N%MF`RJ$da
z7OZKRt2VbVX8D;r&A?l<)6M>N<fZ&*w_A|b*V}II6mQf8Jm;NRq&3@eXT#=er!qx%
zzn9(eE})|Gs(!xU+KiH2^L!tQKA!NVc0SkPThATlh#hkM<9;R3_h3m=-|Lc1db`_>
z-<a8bqBpoEBvdu&Ud@BYJ=upN7ZtzjIN+Rpw^6Ly7`Sur#pKenMSda+{HIRe=kht9
z?{VI@kCn?U4o|ptqP(u*`HSx%&g`|*Ih3s$XK#>tQhwj6i{qCtYra~woBmnRb$=G0
zU&c{?`F6zmg2~AzpA;P1I7e9jokqc9iM4?@MZQ*U*>P9&>F-Ai`fo%#y?AK7ZMxq}
zmlh?i`PDC<tG#y;oqvCA&G90B;G$ZtpGm)r*ZvCN2()`&^=oGD6!(e2E{@->m0yya
zcmA+@pnZO8E4$_gi|I^a>-T<NduboXvq`ZH@6QxWJ8e^bIV9=}*N>IJ18dXO?-^R=
zP5xTdr7VB{e9pgv5107gZl3?phr8>1%*V_p#&4hXT#5zW={h;}rRkr=t&2)6o!6dV
znKEl@;vMhw`g+;<!fO-qtNVMiEk2jny>I58sxayGqST3<=b!MkDMto)94wQ4z1&{f
zbeZR+HtToK4dc%5*EG=tPUA%c2(;Fi0Oz0#?3k`SJ3IUBty@tdA{*2#-Lo=1dA>Y(
za>1s!@yh-82lD6doV0hjUO{n{7iY{;mS-1>c4wKg&WFw@N{BbUdzbg)Z{5F%b$aL1
z-QH&Axm8#HzB&2Au~2FKNx)&hk59R8O*t05B@Vc*^ni+B#c_8DD_7R*Di^ONfhQoB
zbNbwv09;jX8dvGe#)UM)3!Io*BD`RG5AxilM&n5p;JlU5%dDG76N?JK$(UbK;8r_i
z;xu6rXsS8oK-3<jxzLb;m)788+JF;)ps7qx(4_k$#_W$sCIuW^`X0Jw4AKdh37p3C
zWLt9-c~;z~(Z9XDU9j`TC;4BykZe_$+wej;^49aDmy4RbuLXRmDm^)`yYb3rxcLXp
zs66=mQ?Kf=xM)nH1H-3_NYl6Ah<J6_)Gn`TDw3m*`G6*H12f%V(`P`#dO*t(J{DeH
zjXX=N#xyPUWmH$P(o&SkV?W@k!jt@nxq6W2CObQ9nKpCjjf)o>4<0;ta;2*`q}2vF
z7=TCh!u9Ly$~!)N{w&DVdd5BC#<sbF9!q3DR><(RA2u;jmRi~i2|<W@3C<;Mf}1yQ
b{`jBKVbx>ytp~YpGXR07tDnm{r-UW|VImXh

literal 0
HcmV?d00001

diff --git a/docs/installation/index.md b/docs/installation/index.md
new file mode 100644
index 00000000..f4c530a1
--- /dev/null
+++ b/docs/installation/index.md
@@ -0,0 +1,48 @@
+<!--[metadata]>
++++
+title = "Install"
+description = "Lists the installation methods"
+keywords = ["Docker install "]
+[menu.main]
+identifier = "engine_install"
+parent="engine_use"
+weight="-81"
++++
+<![end-metadata]-->
+
+# Install Docker Engine
+
+Docker Engine is supported on Linux, Cloud, Windows, and OS X. Installation instructions are available for the following:
+
+## On Linux
+* [Arch Linux](linux/archlinux.md)
+* [CentOS](linux/centos.md)
+* [CRUX Linux](linux/cruxlinux.md)
+* [Debian](linux/debian.md)
+* [Fedora](linux/fedora.md)
+* [FrugalWare](linux/frugalware.md)
+* [Gentoo](linux/gentoolinux.md)
+* [Oracle Linux](linux/oracle.md)
+* [Red Hat Enterprise Linux](linux/rhel.md)
+* [openSUSE and SUSE Linux Enterprise](linux/SUSE.md)
+* [Ubuntu](linux/ubuntulinux.md)
+
+If your linux distribution is not listed above, don't give up yet. To try out Docker on a distribution that is not listed above, go here: [Installation from binaries](binaries.md).
+
+## On Cloud
+* [Choose how to Install](cloud/overview.md)
+* [Example: Manual install on a cloud provider](cloud/cloud-ex-aws.md)
+* [Example: Use Docker Machine to provision cloud hosts](cloud/cloud-ex-machine-ocean.md)
+
+## On OSX and Windows
+* [Mac OS X](mac.md)
+* [Windows](windows.md)
+
+## The Docker Archives
+Instructions for installing prior releases of Docker can be found in the following docker archives:
+[Docker v1.7](http://docs.docker.com/v1.7/), [Docker v1.6](http://docs.docker.com/v1.6/), [Docker v1.5](http://docs.docker.com/v1.5/), and [Docker v1.4](http://docs.docker.com/v1.4/).
+
+## Where to go after installing
+* [About Docker Engine](../index.md)
+* [Support](https://www.docker.com/support/)
+* [Training](https://training.docker.com//)
diff --git a/docs/installation/linux/SUSE.md b/docs/installation/linux/SUSE.md
new file mode 100644
index 00000000..797a329e
--- /dev/null
+++ b/docs/installation/linux/SUSE.md
@@ -0,0 +1,117 @@
+<!--[metadata]>
++++
+aliases = [ "/engine/installation/SUSE/"]
+title = "Installation on openSUSE and SUSE Linux Enterprise"
+description = "Installation instructions for Docker on openSUSE and on SUSE Linux Enterprise."
+keywords = ["openSUSE, SUSE Linux Enterprise, SUSE, SLE, docker, documentation,  installation"]
+[menu.main]
+parent = "engine_linux"
++++
+<![end-metadata]-->
+
+# openSUSE and SUSE Linux Enterprise
+
+This page provides instructions for installing and configuring the latest
+Docker Engine software on openSUSE and SUSE systems.
+
+>**Note:** You can also find bleeding edge Docker versions inside of the repositories maintained by the [Virtualization:containers project](https://build.opensuse.org/project/show/Virtualization:containers) on the [Open Build Service](https://build.opensuse.org/). This project delivers also other packages that are related with the Docker ecosystem (for example, Docker Compose).
+
+## Prerequisites
+
+You must be running a 64 bit architecture.
+
+## openSUSE
+
+Docker is part of the official openSUSE repositories starting from 13.2. No
+additional repository is required on your system.
+
+## SUSE Linux Enterprise
+
+Docker is officially supported on SUSE Linux Enterprise 12 and later. You can find the latest supported Docker packages inside the `Container` module. To enable this module, do the following:
+
+1. Start YaST, and select *Software > Software Repositories*.
+2. Click *Add* to open the add-on dialog.
+3. Select *Extensions and Module from Registration Server* and click *Next*.
+4. From the list of available extensions and modules, select *Container Module* and click *Next*.
+   The containers module and its repositories are added to your system.
+5. If you use Subscription Management Tool, update the list of repositories at the SMT server.
+
+Otherwise execute the following command:
+
+    $ sudo SUSEConnect -p sle-module-containers/12/x86_64 -r ''
+
+    >**Note:** currently the `-r ''` flag is required to avoid a known limitation of `SUSEConnect`.
+
+The [Virtualization:containers project](https://build.opensuse.org/project/show/Virtualization:containers)
+on the [Open Build Service](https://build.opensuse.org/) contains also bleeding
+edge Docker packages for SUSE Linux Enterprise. However these packages are
+**not supported** by SUSE.
+
+### Install Docker
+
+1. Install the Docker package:
+
+        $ sudo zypper in docker
+
+2. Start the Docker daemon.
+
+        $ sudo systemctl start docker
+
+3. Test the Docker installation.
+
+        $ sudo docker run hello-world
+
+## Configure Docker boot options
+
+You can use these steps on openSUSE or SUSE Linux Enterprise. To start the `docker daemon` at boot, set the following:
+
+    $ sudo systemctl enable docker
+
+The `docker` package creates a new group named `docker`. Users, other than
+`root` user, must be part of this group to interact with the
+Docker daemon. You can add users with this command syntax:
+
+    sudo /usr/sbin/usermod -a -G docker <username>
+
+Once you add a user, make sure they relog to pick up these new permissions.
+
+## Enable external network access
+
+If you want your containers to be able to access the external network, you must
+enable the `net.ipv4.ip_forward` rule. To do this, use YaST.
+
+For openSUSE Tumbleweed and later, browse to the **System -> Network Settings -> Routing** menu. For SUSE Linux Enterprise 12 and previous openSUSE versions, browse to **Network Devices -> Network Settings -> Routing** menu (f) and check the *Enable IPv4 Forwarding* box.
+
+When networking is handled by the Network Manager, instead of YaST you must edit
+the `/etc/sysconfig/SuSEfirewall2` file needs by hand to ensure the `FW_ROUTE`
+flag is set to `yes` like so:
+
+    FW_ROUTE="yes"
+
+## Custom daemon options
+
+If you need to add an HTTP Proxy, set a different directory or partition for the
+Docker runtime files, or make other customizations, read the systemd article to
+learn how to [customize your systemd Docker daemon options](../../admin/systemd.md).
+
+## Uninstallation
+
+To uninstall the Docker package:
+
+    $ sudo zypper rm docker
+
+The above command does not remove images, containers, volumes, or user created
+configuration files on your host. If you wish to delete all images, containers,
+and volumes run the following command:
+
+    $ rm -rf /var/lib/docker
+
+You must delete the user created configuration files manually.
+
+## Where to go from here
+
+You can find more details about Docker on openSUSE or SUSE Linux Enterprise in the
+[Docker quick start guide](https://www.suse.com/documentation/sles-12/dockerquick/data/dockerquick.html)
+on the SUSE website. The document targets SUSE Linux Enterprise, but its contents apply also to openSUSE.
+
+Continue to the [User Guide](../../userguide/index.md).
diff --git a/docs/installation/linux/archlinux.md b/docs/installation/linux/archlinux.md
new file mode 100644
index 00000000..b62b21c6
--- /dev/null
+++ b/docs/installation/linux/archlinux.md
@@ -0,0 +1,105 @@
+<!--[metadata]>
++++
+aliases = [ "/engine/installation/archlinux/"]
+title = "Installation on Arch Linux"
+description = "Installation instructions for Docker on ArchLinux."
+keywords = ["arch linux, docker, documentation,  installation"]
+[menu.main]
+parent = "engine_linux"
++++
+<![end-metadata]-->
+
+# Arch Linux
+
+Installing on Arch Linux can be handled via the package in community:
+
+ - [docker](https://www.archlinux.org/packages/community/x86_64/docker/)
+
+or the following AUR package:
+
+ - [docker-git](https://aur.archlinux.org/packages/docker-git/)
+
+The docker package will install the latest tagged version of docker. The
+docker-git package will build from the current master branch.
+
+## Dependencies
+
+Docker depends on several packages which are specified as dependencies
+in the packages. The core dependencies are:
+
+ - bridge-utils
+ - device-mapper
+ - iproute2
+ - sqlite
+
+## Installation
+
+For the normal package a simple
+
+    $ sudo pacman -S docker
+
+is all that is needed.
+
+For the AUR package execute:
+
+    $ yaourt -S docker-git
+
+The instructions here assume **yaourt** is installed. See [Arch User
+Repository](https://wiki.archlinux.org/index.php/Arch_User_Repository#Installing_packages)
+for information on building and installing packages from the AUR if you
+have not done so before.
+
+## Starting Docker
+
+There is a systemd service unit created for docker. To start the docker
+service:
+
+    $ sudo systemctl start docker
+
+To start on system boot:
+
+    $ sudo systemctl enable docker
+
+## Custom daemon options
+
+If you need to add an HTTP Proxy, set a different directory or partition for the
+Docker runtime files, or make other customizations, read our systemd article to
+learn how to [customize your systemd Docker daemon options](../../admin/systemd.md).
+
+## Running Docker with a manually-defined network
+
+If you manually configure your network using `systemd-network` version 220 or
+higher, containers you start with Docker may be unable to access your network.
+Beginning with version 220, the forwarding setting for a given network
+(`net.ipv4.conf.<interface>.forwarding`) defaults to *off*. This setting
+prevents IP forwarding. It also conflicts with Docker which enables the
+`net.ipv4.conf.all.forwarding` setting within a container.
+
+To work around this, edit the `<interface>.network` file in
+`/etc/systemd/network/` on your Docker host add the following block:
+
+```
+[Network]
+...
+IPForward=kernel
+...
+```
+
+This configuration allows IP forwarding from the container as expected.
+## Uninstallation
+
+To uninstall the Docker package:
+
+    $ sudo pacman -R docker
+
+To uninstall the Docker package and dependencies that are no longer needed:
+
+    $ sudo pacman -Rns docker
+
+The above commands will not remove images, containers, volumes, or user created
+configuration files on your host. If you wish to delete all images, containers,
+and volumes run the following command:
+
+    $ rm -rf /var/lib/docker
+
+You must delete the user created configuration files manually.
diff --git a/docs/installation/linux/centos.md b/docs/installation/linux/centos.md
new file mode 100644
index 00000000..1647f766
--- /dev/null
+++ b/docs/installation/linux/centos.md
@@ -0,0 +1,192 @@
+<!--[metadata]>
++++
+aliases = [ "/engine/installation/centos/"]
+title = "Installation on CentOS"
+description = "Instructions for installing Docker on CentOS"
+keywords = ["Docker, Docker documentation, requirements, linux, centos, epel, docker.io,  docker-io"]
+[menu.main]
+parent = "engine_linux"
+weight=-4
++++
+<![end-metadata]-->
+
+# CentOS
+
+Docker runs on CentOS 7.X. An installation on other binary compatible EL7
+distributions such as Scientific Linux might succeed, but Docker does not test
+or support Docker on these distributions.
+
+This page instructs you to install using Docker-managed release packages and
+installation mechanisms. Using these packages ensures you get the latest release
+of Docker. If you wish to install using CentOS-managed packages, consult your
+CentOS documentation.
+
+## Prerequisites
+
+Docker requires a 64-bit installation regardless of your CentOS version. Also,
+your kernel must be 3.10 at minimum, which CentOS 7 runs.
+
+To check your current kernel version, open a terminal and use `uname -r` to
+display your kernel version:
+
+    $ uname -r
+    3.10.0-229.el7.x86_64
+
+Finally, it is recommended that you fully update your system. Please keep in
+mind that your system should be fully patched to fix any potential kernel bugs.
+Any reported kernel bugs may have already been fixed on the latest kernel
+packages.
+
+## Install
+
+There are two ways to install Docker Engine.  You can install using the `yum`
+package manager. Or you can use `curl` with the  `get.docker.com` site. This
+second method runs an installation script which also installs via the `yum`
+package manager.
+
+### Install with yum
+
+1. Log into your machine as a user with `sudo` or `root` privileges.
+
+2. Make sure your existing yum packages are up-to-date.
+
+        $ sudo yum update
+
+3. Add the yum repo.
+
+        $ sudo tee /etc/yum.repos.d/docker.repo <<-'EOF'
+        [dockerrepo]
+        name=Docker Repository
+        baseurl=https://yum.dockerproject.org/repo/main/centos/$releasever/
+        enabled=1
+        gpgcheck=1
+        gpgkey=https://yum.dockerproject.org/gpg
+        EOF
+
+4. Install the Docker package.
+
+        $ sudo yum install docker-engine
+
+5. Start the Docker daemon.
+
+        $ sudo service docker start
+
+6. Verify `docker` is installed correctly by running a test image in a container.
+
+        $ sudo docker run hello-world
+        Unable to find image 'hello-world:latest' locally
+    		latest: Pulling from hello-world
+    		a8219747be10: Pull complete
+    		91c95931e552: Already exists
+    		hello-world:latest: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security.
+    		Digest: sha256:aa03e5d0d5553b4c3473e89c8619cf79df368babd1.7.1cf5daeb82aab55838d
+    		Status: Downloaded newer image for hello-world:latest
+    		Hello from Docker.
+    		This message shows that your installation appears to be working correctly.
+
+    		To generate this message, Docker took the following steps:
+    		 1. The Docker client contacted the Docker daemon.
+    		 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
+    				(Assuming it was not already locally available.)
+    		 3. The Docker daemon created a new container from that image which runs the
+    				executable that produces the output you are currently reading.
+    		 4. The Docker daemon streamed that output to the Docker client, which sent it
+    				to your terminal.
+
+    		To try something more ambitious, you can run an Ubuntu container with:
+    		 $ docker run -it ubuntu bash
+
+    		For more examples and ideas, visit:
+    		 http://docs.docker.com/userguide/
+
+### Install with the script
+
+
+1. Log into your machine as a user with `sudo` or `root` privileges.
+
+2. Make sure your existing yum packages are up-to-date.
+
+		$ sudo yum update
+
+3. Run the Docker installation script.
+
+		$ curl -fsSL https://get.docker.com/ | sh
+
+	This script adds the `docker.repo` repository and installs Docker.
+
+4. Start the Docker daemon.
+
+		$ sudo service docker start
+
+5. Verify `docker` is installed correctly by running a test image in a container.
+
+		$ sudo docker run hello-world
+
+
+## Create a docker group		
+
+The `docker` daemon binds to a Unix socket instead of a TCP port. By default
+that Unix socket is owned by the user `root` and other users can access it with
+`sudo`. For this reason, `docker` daemon always runs as the `root` user.
+
+To avoid having to use `sudo` when you use the `docker` command, create a Unix
+group called `docker` and add users to it. When the `docker` daemon starts, it
+makes the ownership of the Unix socket read/writable by the `docker` group.
+
+>**Warning**: The `docker` group is equivalent to the `root` user; For details
+>on how this impacts security in your system, see [*Docker Daemon Attack
+>Surface*](../../security/security.md#docker-daemon-attack-surface) for details.
+
+To create the `docker` group and add your user:
+
+1. Log into Centos as a user with `sudo` privileges.
+
+2. Create the `docker` group.
+
+    `sudo groupadd docker`
+
+3. Add your user to `docker` group.
+
+    `sudo usermod -aG docker your_username`
+
+4. Log out and log back in.
+
+    This ensures your user is running with the correct permissions.
+
+5. Verify your work by running `docker` without `sudo`.
+
+		$ docker run hello-world
+
+## Start the docker daemon at boot
+
+To ensure Docker starts when you boot your system, do the following:
+
+      $ sudo chkconfig docker on
+
+If you need to add an HTTP Proxy, set a different directory or partition for the
+Docker runtime files, or make other customizations, read our Systemd article to
+learn how to [customize your Systemd Docker daemon options](../../admin/systemd.md).
+
+
+## Uninstall
+
+You can uninstall the Docker software with `yum`.  
+
+1. List the package you have installed.
+
+		$ yum list installed | grep docker
+		yum list installed | grep docker
+		docker-engine.x86_64   1.7.1-1.el7 @/docker-engine-1.7.1-1.el7.x86_64.rpm
+
+2. Remove the package.
+
+		$ sudo yum -y remove docker-engine.x86_64
+
+	This command does not remove images, containers, volumes, or user-created
+	configuration files on your host.
+
+3. To delete all images, containers, and volumes, run the following command:
+
+		$ rm -rf /var/lib/docker
+
+4. Locate and delete any user-created configuration files.
diff --git a/docs/installation/linux/cruxlinux.md b/docs/installation/linux/cruxlinux.md
new file mode 100644
index 00000000..6c95110b
--- /dev/null
+++ b/docs/installation/linux/cruxlinux.md
@@ -0,0 +1,93 @@
+<!--[metadata]>
++++
+aliases = [ "/engine/installation/cruxlinux/"]
+title = "Installation on CRUX Linux"
+description = "Docker installation on CRUX Linux."
+keywords = ["crux linux, Docker, documentation,  installation"]
+[menu.main]
+parent = "engine_linux"
++++
+<![end-metadata]-->
+
+# CRUX Linux
+
+Installing on CRUX Linux can be handled via the contrib ports from
+[James Mills](http://prologic.shortcircuit.net.au/) and are included in the
+official [contrib](http://crux.nu/portdb/?a=repo&q=contrib) ports:
+
+- docker
+
+The `docker` port will build and install the latest tagged version of Docker.
+
+
+## Installation
+
+Assuming you have contrib enabled, update your ports tree and install docker:
+
+    $ sudo prt-get depinst docker
+
+
+## Kernel requirements
+
+To have a working **CRUX+Docker** Host you must ensure your Kernel has
+the necessary modules enabled for the Docker Daemon to function correctly.
+
+Please read the `README`:
+
+    $ sudo prt-get readme docker
+
+The `docker` port installs the `contrib/check-config.sh` script
+provided by the Docker contributors for checking your kernel
+configuration as a suitable Docker host.
+
+To check your Kernel configuration run:
+
+    $ /usr/share/docker/check-config.sh
+
+## Starting Docker
+
+There is a rc script created for Docker. To start the Docker service:
+
+    $ sudo /etc/rc.d/docker start
+
+To start on system boot:
+
+ - Edit `/etc/rc.conf`
+ - Put `docker` into the `SERVICES=(...)` array after `net`.
+
+## Images
+
+There is a CRUX image maintained by [James Mills](http://prologic.shortcircuit.net.au/)
+as part of the Docker "Official Library" of images. To use this image simply pull it
+or use it as part of your `FROM` line in your `Dockerfile(s)`.
+
+    $ docker pull crux
+    $ docker run -i -t crux
+
+There are also user contributed [CRUX based image(s)](https://hub.docker.com/_/crux/) on the Docker Hub.
+
+
+## Uninstallation
+
+To uninstall the Docker package:
+
+    $ sudo prt-get remove docker
+
+The above command will not remove images, containers, volumes, or user created
+configuration files on your host. If you wish to delete all images, containers,
+and volumes run the following command:
+
+    $ rm -rf /var/lib/docker
+
+You must delete the user created configuration files manually.
+
+## Issues
+
+If you have any issues please file a bug with the
+[CRUX Bug Tracker](http://crux.nu/bugs/).
+
+## Support
+
+For support contact the [CRUX Mailing List](http://crux.nu/Main/MailingLists)
+or join CRUX's [IRC Channels](http://crux.nu/Main/IrcChannels). on the
+[FreeNode](http://freenode.net/) IRC Network.
diff --git a/docs/installation/linux/debian.md b/docs/installation/linux/debian.md
new file mode 100644
index 00000000..c4adab8f
--- /dev/null
+++ b/docs/installation/linux/debian.md
@@ -0,0 +1,184 @@
+<!--[metadata]>
++++
+aliases = [ "/engine/installation/debian/"]
+title = "Installation on Debian"
+description = "Instructions for installing Docker on Debian."
+keywords = ["Docker, Docker documentation, installation,  debian"]
+[menu.main]
+parent = "engine_linux"
+weight=-2
++++
+<![end-metadata]-->
+
+# Debian
+
+Docker is supported on the following versions of Debian:
+
+ - [*Debian testing stretch (64-bit)*](#debian-wheezy-stable-7-x-64-bit)
+ - [*Debian 8.0 Jessie (64-bit)*](#debian-jessie-80-64-bit)
+ - [*Debian 7.7 Wheezy (64-bit)*](#debian-wheezy-stable-7-x-64-bit)
+
+ >**Note**: If you previously installed Docker using `APT`, make sure you update
+ your `APT` sources to the new `APT` repository.
+
+## Prerequisites
+
+ Docker requires a 64-bit installation regardless of your Debian version.
+ Additionally, your kernel must be 3.10 at minimum. The latest 3.10 minor
+ version or a newer maintained version are also acceptable.
+
+ Kernels older than 3.10 lack some of the features required to run Docker
+ containers. These older versions are known to have bugs which cause data loss
+ and frequently panic under certain conditions.
+
+ To check your current kernel version, open a terminal and use `uname -r` to
+ display your kernel version:
+
+     $ uname -r
+
+### Update your apt repository
+
+Docker's `APT` repository contains Docker 1.7.1 and higher. To set `APT` to use
+from the new repository:
+
+ 1. If you haven't already done so, log into your machine as a user with `sudo` or `root` privileges.
+
+ 2. Open a terminal window.
+
+ 3. Purge any older repositories.
+
+         $ apt-get purge lxc-docker*
+         $ apt-get purge docker.io*
+
+ 4. Update package information, ensure that APT works with the `https` method, and that CA certificates are installed.
+
+         $ apt-get update
+         $ apt-get install apt-transport-https ca-certificates
+
+ 5. Add the new `GPG` key.
+
+         $ apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
+
+ 6. Open the `/etc/apt/sources.list.d/docker.list` file in your favorite editor.
+
+     If the file doesn't exist, create it.
+
+ 7. Remove any existing entries.
+
+ 8. Add an entry for your Debian operating system.
+
+     The possible entries are:
+
+    - On Debian Wheezy
+
+            deb https://apt.dockerproject.org/repo debian-wheezy main
+
+    - On Debian Jessie
+
+            deb https://apt.dockerproject.org/repo debian-jessie main
+
+    - On Debian Stretch/Sid
+
+            deb https://apt.dockerproject.org/repo debian-stretch main
+
+    > **Note**: Docker does not provide packages for all architectures. To install docker on
+    > a multi-architecture system, add an `[arch=...]` clause to the entry. Refer to the
+    > [Debian Multiarch wiki](https://wiki.debian.org/Multiarch/HOWTO#Setting_up_apt_sources)
+    > for details.
+
+ 9. Save and close the file.
+
+ 10. Update the `APT` package index.
+
+         $ apt-get update
+
+ 11. Verify that `APT` is pulling from the right repository.
+
+         $ apt-cache policy docker-engine
+
+     From now on when you run `apt-get upgrade`, `APT` pulls from the new apt repository.
+
+## Install Docker
+
+Before installing Docker, make sure you have set your `APT` repository correctly as described in the prerequisites.
+
+1. Update the `APT` package index.
+
+        $ sudo apt-get update
+
+2. Install Docker.
+
+        $ sudo apt-get install docker-engine
+
+5. Start the `docker` daemon.
+
+        $ sudo service docker start
+
+6. Verify `docker` is installed correctly.
+
+        $ sudo docker run hello-world
+
+    This command downloads a test image and runs it in a container. When the
+    container runs, it prints an informational message. Then, it exits.
+
+
+## Giving non-root access
+
+The `docker` daemon always runs as the `root` user and the `docker`
+daemon binds to a Unix socket instead of a TCP port. By default that
+Unix socket is owned by the user `root`, and so, by default, you can
+access it with `sudo`.
+
+If you (or your Docker installer) create a Unix group called `docker`
+and add users to it, then the `docker` daemon will make the ownership of
+the Unix socket read/writable by the `docker` group when the daemon
+starts. The `docker` daemon must always run as the root user, but if you
+run the `docker` client as a user in the `docker` group then you don't
+need to add `sudo` to all the client commands. From Docker 0.9.0 you can
+use the `-G` flag to specify an alternative group.
+
+> **Warning**:
+> The `docker` group (or the group specified with the `-G` flag) is
+> `root`-equivalent; see [*Docker Daemon Attack Surface*](../../security/security.md#docker-daemon-attack-surface) details.
+
+**Example:**
+
+    # Add the docker group if it doesn't already exist.
+    $ sudo groupadd docker
+
+    # Add the connected user "${USER}" to the docker group.
+    # Change the user name to match your preferred user.
+    # You may have to logout and log back in again for
+    # this to take effect.
+    $ sudo gpasswd -a ${USER} docker
+
+    # Restart the Docker daemon.
+    $ sudo service docker restart
+
+## Upgrade Docker
+
+To install the latest version of Docker with `apt-get`:
+
+    $ apt-get upgrade docker-engine
+
+## Uninstall
+
+To uninstall the Docker package:
+
+    $ sudo apt-get purge docker-engine
+
+To uninstall the Docker package and dependencies that are no longer needed:
+
+    $ sudo apt-get autoremove --purge docker-engine
+
+The above commands will not remove images, containers, volumes, or user created
+configuration files on your host. If you wish to delete all images, containers,
+and volumes run the following command:
+
+    $ rm -rf /var/lib/docker
+
+You must delete the user created configuration files manually.
+
+## What next?
+
+Continue with the [User Guide](../../userguide/index.md).
diff --git a/docs/installation/linux/fedora.md b/docs/installation/linux/fedora.md
new file mode 100644
index 00000000..782adc67
--- /dev/null
+++ b/docs/installation/linux/fedora.md
@@ -0,0 +1,203 @@
+<!--[metadata]>
++++
+aliases = [ "/engine/installation/fedora/"]
+title = "Installation on Fedora"
+description = "Instructions for installing Docker on Fedora."
+keywords = ["Docker, Docker documentation, Fedora, requirements,  linux"]
+[menu.main]
+parent = "engine_linux"
+weight=-3
++++
+<![end-metadata]-->
+
+# Fedora
+
+Docker is supported on Fedora version 22 and 23. This page instructs you to install
+using Docker-managed release packages and installation mechanisms. Using these
+packages ensures you get the latest release of Docker. If you wish to install
+using Fedora-managed packages, consult your Fedora release documentation for
+information on Fedora's Docker support.
+
+## Prerequisites
+
+Docker requires a 64-bit installation regardless of your Fedora version. Also, your kernel must be 3.10 at minimum. To check your current kernel
+version, open a terminal and use `uname -r` to display your kernel version:
+
+    $ uname -r
+    3.19.5-100.fc21.x86_64
+
+If your kernel is at a older version, you must update it.
+
+Finally, is it recommended that you fully update your system. Please keep in
+mind that your system should be fully patched to fix any potential kernel bugs. Any
+reported kernel bugs may have already been fixed on the latest kernel packages
+
+
+## Install
+
+There are two ways to install Docker Engine.  You can install with the `dnf` package manager. Or you can use `curl` with the  `get.docker.com` site. This second method runs an installation script which also installs via the `dnf` package manager.
+
+### Install with DNF
+
+1. Log into your machine as a user with `sudo` or `root` privileges.
+
+2. Make sure your existing dnf packages are up-to-date.
+
+		$ sudo dnf update
+
+3. Add the yum repo yourself.
+
+        $ sudo tee /etc/yum.repos.d/docker.repo <<-'EOF'
+        [dockerrepo]
+        name=Docker Repository
+        baseurl=https://yum.dockerproject.org/repo/main/fedora/$releasever/
+        enabled=1
+        gpgcheck=1
+        gpgkey=https://yum.dockerproject.org/gpg
+        EOF
+
+4. Install the Docker package.
+
+        $ sudo dnf install docker-engine
+
+5. Start the Docker daemon.
+
+		$ sudo systemctl start docker
+
+6. Verify `docker` is installed correctly by running a test image in a container.
+
+
+        $ sudo docker run hello-world
+        Unable to find image 'hello-world:latest' locally
+        latest: Pulling from hello-world
+        a8219747be10: Pull complete
+        91c95931e552: Already exists
+        hello-world:latest: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security.
+        Digest: sha256:aa03e5d0d5553b4c3473e89c8619cf79df368babd1.7.1cf5daeb82aab55838d
+        Status: Downloaded newer image for hello-world:latest
+        Hello from Docker.
+        This message shows that your installation appears to be working correctly.
+
+        To generate this message, Docker took the following steps:
+         1. The Docker client contacted the Docker daemon.
+         2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
+            (Assuming it was not already locally available.)
+         3. The Docker daemon created a new container from that image which runs the
+            executable that produces the output you are currently reading.
+         4. The Docker daemon streamed that output to the Docker client, which sent it
+            to your terminal.
+
+        To try something more ambitious, you can run an Ubuntu container with:
+         $ docker run -it ubuntu bash
+
+        For more examples and ideas, visit:
+         http://docs.docker.com/userguide/
+
+
+### Install with the script
+
+
+1. Log into your machine as a user with `sudo` or `root` privileges.
+
+2. Make sure your existing dnf packages are up-to-date.
+
+		$ sudo dnf update
+
+3. Run the Docker installation script.
+
+		$ curl -fsSL https://get.docker.com/ | sh
+
+	This script adds the `docker.repo` repository and installs Docker.
+
+4. Start the Docker daemon.
+
+        $ sudo systemctl start docker
+
+5. Verify `docker` is installed correctly by running a test image in a container.
+
+		$ sudo docker run hello-world
+
+## Create a docker group
+
+The `docker` daemon binds to a Unix socket instead of a TCP port. By default
+that Unix socket is owned by the user `root` and other users can access it with
+`sudo`. For this reason, `docker` daemon always runs as the `root` user.
+
+To avoid having to use `sudo` when you use the `docker` command, create a Unix
+group called `docker` and add users to it. When the `docker` daemon starts, it
+makes the ownership of the Unix socket read/writable by the `docker` group.
+
+>**Warning**: The `docker` group is equivalent to the `root` user; For details
+>on how this impacts security in your system, see [*Docker Daemon Attack
+>Surface*](../../security/security.md#docker-daemon-attack-surface) for details.
+
+To create the `docker` group and add your user:
+
+1. Log into your system as a user with `sudo` privileges.
+
+2. Create the `docker` group.
+
+    `sudo groupadd docker`
+
+3. Add your user to `docker` group.
+
+    `sudo usermod -aG docker your_username`
+
+4. Log out and log back in.
+
+    This ensures your user is running with the correct permissions.
+
+5. Verify your work by running `docker` without `sudo`.
+
+        $ docker run hello-world
+
+## Start the docker daemon at boot
+
+To ensure Docker starts when you boot your system, do the following:
+
+    $ sudo systemctl enable docker
+
+If you need to add an HTTP Proxy, set a different directory or partition for the
+Docker runtime files, or make other customizations, read our Systemd article to
+learn how to [customize your Systemd Docker daemon options](../../admin/systemd.md).
+
+## Running Docker with a manually-defined network
+
+If you manually configure your network using `systemd-network` with `systemd` version 219 or higher, containers you start with Docker may be unable to access your network.
+Beginning with version 220, the forwarding setting for a given network (`net.ipv4.conf.<interface>.forwarding`) defaults to *off*. This setting prevents IP forwarding. It also conflicts with Docker which enables the `net.ipv4.conf.all.forwarding` setting within a container.
+
+To work around this, edit the `<interface>.network` file in
+`/usr/lib/systemd/network/` on your Docker host  (ex: `/usr/lib/systemd/network/80-container-host0.network`) add the following block:
+
+```
+[Network]
+...
+IPForward=kernel
+# OR
+IPForward=true
+...
+```
+
+This configuration allows IP forwarding from the container as expected.
+
+## Uninstall
+
+You can uninstall the Docker software with `dnf`.
+
+1. List the package you have installed.
+
+		$ dnf list installed | grep docker dnf list installed | grep docker
+		docker-engine.x86_64     1.7.1-0.1.fc21 @/docker-engine-1.7.1-0.1.fc21.el7.x86_64
+
+2. Remove the package.
+
+		$ sudo dnf -y remove docker-engine.x86_64
+
+	This command does not remove images, containers, volumes, or user-created
+	configuration files on your host.
+
+3. To delete all images, containers, and volumes, run the following command:
+
+		$ rm -rf /var/lib/docker
+
+4. Locate and delete any user-created configuration files.
diff --git a/docs/installation/linux/frugalware.md b/docs/installation/linux/frugalware.md
new file mode 100644
index 00000000..40368302
--- /dev/null
+++ b/docs/installation/linux/frugalware.md
@@ -0,0 +1,75 @@
+<!--[metadata]>
++++
+aliases = [ "/engine/installation/frugalware/"]
+title = "Installation on FrugalWare"
+description = "Installation instructions for Docker on FrugalWare."
+keywords = ["frugalware linux, docker, documentation,  installation"]
+[menu.main]
+parent = "engine_linux"
++++
+<![end-metadata]-->
+
+# FrugalWare
+
+Installing on FrugalWare is handled via the official packages:
+
+ - [lxc-docker i686](http://www.frugalware.org/packages/200141)
+ - [lxc-docker x86_64](http://www.frugalware.org/packages/200130)
+
+The lxc-docker package will install the latest tagged version of Docker.
+
+## Dependencies
+
+Docker depends on several packages which are specified as dependencies
+in the packages. The core dependencies are:
+
+ - systemd
+ - lvm2
+ - sqlite3
+ - libguestfs
+ - lxc
+ - iproute2
+ - bridge-utils
+
+## Installation
+
+A simple
+
+    $ sudo pacman -S lxc-docker
+
+is all that is needed.
+
+## Starting Docker
+
+There is a systemd service unit created for Docker. To start Docker as
+service:
+
+    $ sudo systemctl start lxc-docker
+
+To start on system boot:
+
+    $ sudo systemctl enable lxc-docker
+
+## Custom daemon options
+
+If you need to add an HTTP Proxy, set a different directory or partition for the
+Docker runtime files, or make other customizations, read our systemd article to
+learn how to [customize your systemd Docker daemon options](../../admin/systemd.md).
+
+## Uninstallation
+
+To uninstall the Docker package:
+
+    $ sudo pacman -R lxc-docker
+
+To uninstall the Docker package and dependencies that are no longer needed:
+
+    $ sudo pacman -Rns lxc-docker
+
+The above commands will not remove images, containers, volumes, or user created
+configuration files on your host. If you wish to delete all images, containers,
+and volumes run the following command:
+
+    $ rm -rf /var/lib/docker
+
+You must delete the user created configuration files manually.
diff --git a/docs/installation/linux/gentoolinux.md b/docs/installation/linux/gentoolinux.md
new file mode 100644
index 00000000..3b33ee45
--- /dev/null
+++ b/docs/installation/linux/gentoolinux.md
@@ -0,0 +1,122 @@
+<!--[metadata]>
++++
+aliases = [ "/engine/installation/gentoolinux/"]
+title = "Installation on Gentoo"
+description = "Installation instructions for Docker on Gentoo."
+keywords = ["gentoo linux, docker, documentation,  installation"]
+[menu.main]
+parent = "engine_linux"
++++
+<![end-metadata]-->
+
+# Gentoo
+
+Installing Docker on Gentoo Linux can be accomplished using one of two ways: the **official** way and the `docker-overlay` way.
+
+Official project page of [Gentoo Docker](https://wiki.gentoo.org/wiki/Project:Docker) team.
+
+## Official way
+The first and recommended way if you are looking for a stable  
+experience is to use the official `app-emulation/docker` package directly  
+from the tree.
+
+If any issues arise from this ebuild including, missing kernel
+configuration flags or dependencies, open a bug
+on the Gentoo [Bugzilla](https://bugs.gentoo.org) assigned to `docker AT gentoo DOT org`
+or join and ask in the official
+[IRC](http://webchat.freenode.net?channels=%23gentoo-containers&uio=d4) channel on the Freenode network.
+
+## docker-overlay way
+
+If you're looking for a `-bin` ebuild, a live ebuild, or a bleeding edge
+ebuild, use the provided overlay, [docker-overlay](https://github.com/tianon/docker-overlay)
+which can be added using `app-portage/layman`. The most accurate and
+up-to-date documentation for properly installing and using the overlay
+can be found in the [overlay](https://github.com/tianon/docker-overlay/blob/master/README.md#using-this-overlay).
+
+If any issues arise from this ebuild or the resulting binary, including
+and especially missing kernel configuration flags or dependencies,
+open an [issue](https://github.com/tianon/docker-overlay/issues) on
+the `docker-overlay` repository or ping `tianon` directly in the `#docker`
+IRC channel on the Freenode network.
+
+## Installation
+
+### Available USE flags
+
+| USE Flag      | Default | Description |
+| ------------- |:-------:|:------------|
+| aufs          |         |Enables dependencies for the "aufs" graph driver, including necessary kernel flags.|
+| btrfs         |         |Enables dependencies for the "btrfs" graph driver, including necessary kernel flags.|
+| contrib       |  Yes    |Install additional contributed scripts and components.|
+| device-mapper |  Yes    |Enables dependencies for the "devicemapper" graph driver, including necessary kernel flags.|
+| doc           |         |Add extra documentation (API, Javadoc, etc). It is recommended to enable per package instead of globally.|
+| vim-syntax    |         |Pulls in related vim syntax scripts.|
+| zsh-completion|         |Enable zsh completion support.|
+
+USE flags are described in detail on [tianon's
+blog](https://tianon.github.io/post/2014/05/17/docker-on-gentoo.html).
+
+The package should properly pull in all the necessary dependencies and
+prompt for all necessary kernel options.
+
+    $ sudo emerge -av app-emulation/docker
+
+>Note: Sometimes there is a disparity between the latest versions
+>in the official **Gentoo tree** and the **docker-overlay**.  
+>Please be patient, and the latest version should propagate shortly.
+
+## Starting Docker
+
+Ensure that you are running a kernel that includes all the necessary
+modules and configuration (and optionally for device-mapper
+and AUFS or Btrfs, depending on the storage driver you've decided to use).
+
+To use Docker, the `docker` daemon must be running as **root**.  
+To use Docker as a **non-root** user, add yourself to the **docker**
+group by running the following command:
+
+    $ sudo groupadd docker
+    $ sudo usermod -a -G docker user
+
+### OpenRC
+
+To start the `docker` daemon:
+
+    $ sudo /etc/init.d/docker start
+
+To start on system boot:
+
+    $ sudo rc-update add docker default
+
+### systemd
+
+To start the `docker` daemon:
+
+    $ sudo systemctl start docker
+
+To start on system boot:
+
+    $ sudo systemctl enable docker
+
+If you need to add an HTTP Proxy, set a different directory or partition for the
+Docker runtime files, or make other customizations, read our systemd article to
+learn how to [customize your systemd Docker daemon options](../../admin/systemd.md).
+
+## Uninstallation
+
+To uninstall the Docker package:
+
+    $ sudo emerge -cav app-emulation/docker
+
+To uninstall the Docker package and dependencies that are no longer needed:
+
+    $ sudo emerge -C app-emulation/docker
+
+The above commands will not remove images, containers, volumes, or user created
+configuration files on your host. If you wish to delete all images, containers,
+and volumes run the following command:
+
+    $ rm -rf /var/lib/docker
+
+You must delete the user created configuration files manually.
diff --git a/docs/installation/linux/index.md b/docs/installation/linux/index.md
new file mode 100644
index 00000000..2fb81ae2
--- /dev/null
+++ b/docs/installation/linux/index.md
@@ -0,0 +1,29 @@
+<!--[metadata]>
++++
+title = "On Linux distributions"
+description = "Lists the installation methods"
+keywords = ["docker", "engine","install", "linux"]
+[menu.main]
+identifier = "engine_linux"
+parent="engine_install"
+weight="-70"
++++
+<![end-metadata]-->
+
+# Install Docker Engine on Linux
+
+Docker Engine is supported on several Linux distributions. Installation instructions are available for the following:
+
+* [Arch Linux](archlinux.md)
+* [CentOS](centos.md)
+* [CRUX Linux](cruxlinux.md)
+* [Debian](debian.md)
+* [Fedora](fedora.md)
+* [FrugalWare](frugalware.md)
+* [Gentoo](gentoolinux.md)
+* [Oracle Linux](oracle.md)
+* [Red Hat Enterprise Linux](rhel.md)
+* [openSUSE and SUSE Linux Enterprise](SUSE.md)
+* [Ubuntu](ubuntulinux.md)
+
+If your linux distribution is not listed above, don't give up yet. To try out Docker on a distribution that is not listed above, go here: [Installation from binaries](../binaries.md).
diff --git a/docs/installation/linux/oracle.md b/docs/installation/linux/oracle.md
new file mode 100644
index 00000000..9513f8b8
--- /dev/null
+++ b/docs/installation/linux/oracle.md
@@ -0,0 +1,214 @@
+<!--[metadata]>
++++
+aliases = [ "/engine/installation/oracle/"]
+title = "Installation on Oracle Linux"
+description = "Installation instructions for Docker on Oracle Linux."
+keywords = ["Docker, Docker documentation, requirements, linux, rhel, centos, oracle,  ol"]
+[menu.main]
+parent = "engine_linux"
++++
+<![end-metadata]-->
+
+# Oracle Linux
+
+Docker is supported Oracle Linux 6 and 7. You do not require an Oracle Linux
+Support subscription to install Docker on Oracle Linux.
+
+## Prerequisites
+
+Due to current Docker limitations, Docker is only able to run only on the x86_64
+architecture. Docker requires the use of the Unbreakable Enterprise Kernel
+Release 4 (4.1.12) or higher on Oracle Linux. This kernel supports the Docker
+btrfs storage engine on both Oracle Linux 6 and 7.
+
+## Install
+
+
+> **Note**: The procedure below installs binaries built by Docker. These binaries
+> are not covered by Oracle Linux support. To ensure Oracle Linux support, please
+> follow the installation instructions provided in the
+> [Oracle Linux documentation](https://docs.oracle.com/en/operating-systems/?tab=2).
+>
+> The installation instructions for Oracle Linux 6 can be found in [Chapter 10 of
+> the Administrator&apos;s
+> Solutions Guide](https://docs.oracle.com/cd/E37670_01/E37355/html/ol_docker.html)
+>
+> The installation instructions for Oracle Linux 7 can be found in [Chapter 29 of
+> the Administrator&apos;s
+> Guide](https://docs.oracle.com/cd/E52668_01/E54669/html/ol7-docker.html)
+
+
+1. Log into your machine as a user with `sudo` or `root` privileges.
+
+2. Make sure your existing yum packages are up-to-date.
+
+        $ sudo yum update
+
+3. Add the yum repo yourself.
+
+    For version 6:
+
+        $ sudo tee /etc/yum.repos.d/docker.repo <<-EOF
+        [dockerrepo]
+        name=Docker Repository
+        baseurl=https://yum.dockerproject.org/repo/main/oraclelinux/6
+        enabled=1
+        gpgcheck=1
+        gpgkey=https://yum.dockerproject.org/gpg
+        EOF
+
+    For version 7:
+
+        $ cat >/etc/yum.repos.d/docker.repo <<-EOF
+        [dockerrepo]
+        name=Docker Repository
+        baseurl=https://yum.dockerproject.org/repo/main/oraclelinux/7
+        enabled=1
+        gpgcheck=1
+        gpgkey=https://yum.dockerproject.org/gpg
+        EOF
+
+4. Install the Docker package.
+
+        $ sudo yum install docker-engine
+
+5. Start the Docker daemon.
+
+     On Oracle Linux 6:
+
+        $ sudo service docker start
+
+     On Oracle Linux 7:
+
+        $ sudo systemctl start docker.service
+
+6. Verify `docker` is installed correctly by running a test image in a container.
+
+        $ sudo docker run hello-world
+
+## Optional configurations
+
+This section contains optional procedures for configuring your Oracle Linux to work
+better with Docker.
+
+* [Create a docker group](#create-a-docker-group)
+* [Configure Docker to start on boot](#configure-docker-to-start-on-boot)
+* [Use the btrfs storage engine](#use-the-btrfs-storage-engine)
+
+### Create a Docker group		
+
+The `docker` daemon binds to a Unix socket instead of a TCP port. By default
+that Unix socket is owned by the user `root` and other users can access it with
+`sudo`. For this reason, `docker` daemon always runs as the `root` user.
+
+To avoid having to use `sudo` when you use the `docker` command, create a Unix
+group called `docker` and add users to it. When the `docker` daemon starts, it
+makes the ownership of the Unix socket read/writable by the `docker` group.
+
+>**Warning**: The `docker` group is equivalent to the `root` user; For details
+>on how this impacts security in your system, see [*Docker Daemon Attack
+>Surface*](../../security/security.md#docker-daemon-attack-surface) for details.
+
+To create the `docker` group and add your user:
+
+1. Log into Oracle Linux as a user with `sudo` privileges.
+
+2. Create the `docker` group.
+
+        sudo groupadd docker
+
+3. Add your user to `docker` group.
+
+        sudo usermod -aG docker username
+
+4. Log out and log back in.
+
+    This ensures your user is running with the correct permissions.
+
+5. Verify your work by running `docker` without `sudo`.
+
+        $ docker run hello-world
+
+	If this fails with a message similar to this:
+
+		Cannot connect to the Docker daemon. Is 'docker daemon' running on this host?
+
+	Check that the `DOCKER_HOST` environment variable is not set for your shell.
+	If it is, unset it.
+
+### Configure Docker to start on boot
+
+You can configure the  Docker daemon to start automatically at boot.
+
+On Oracle Linux 6:
+
+```
+$ sudo chkconfig docker on
+```
+
+On Oracle Linux 7:
+
+```
+$ sudo systemctl enable docker.service
+```
+
+If you need to add an HTTP Proxy, set a different directory or partition for the
+Docker runtime files, or make other customizations, read our systemd article to
+learn how to [customize your systemd Docker daemon options](../../admin/systemd.md).
+
+### Use the btrfs storage engine
+
+Docker on Oracle Linux 6 and 7 supports the use of the btrfs storage engine.
+Before enabling btrfs support, ensure that `/var/lib/docker` is stored on a
+btrfs-based filesystem. Review [Chapter
+5](http://docs.oracle.com/cd/E37670_01/E37355/html/ol_btrfs.html) of the [Oracle
+Linux Administrator's Solution
+Guide](http://docs.oracle.com/cd/E37670_01/E37355/html/index.html) for details
+on how to create and mount btrfs filesystems.
+
+To enable btrfs support on Oracle Linux:
+
+1. Ensure that `/var/lib/docker` is on a btrfs filesystem.
+
+2. Edit `/etc/sysconfig/docker` and add `-s btrfs` to the `OTHER_ARGS` field.
+
+3. Restart the Docker daemon:
+
+## Uninstallation
+
+To uninstall the Docker package:
+
+    $ sudo yum -y remove docker-engine
+
+The above command will not remove images, containers, volumes, or user created
+configuration files on your host. If you wish to delete all images, containers,
+and volumes run the following command:
+
+    $ rm -rf /var/lib/docker
+
+You must delete the user created configuration files manually.
+
+## Known issues
+
+### Docker unmounts btrfs filesystem on shutdown
+If you're running Docker using the btrfs storage engine and you stop the Docker
+service, it will unmount the btrfs filesystem during the shutdown process. You
+should ensure the filesystem is mounted properly prior to restarting the Docker
+service.
+
+On Oracle Linux 7, you can use a `systemd.mount` definition and modify the
+Docker `systemd.service` to depend on the btrfs mount defined in systemd.
+
+### SElinux support on Oracle Linux 7
+SElinux must be set to `Permissive` or `Disabled` in `/etc/sysconfig/selinux` to
+use the btrfs storage engine on Oracle Linux 7.
+
+## Further issues?
+
+If you have a current Basic or Premier Support Subscription for Oracle Linux,
+you can report any issues you have with the installation of Docker via a Service
+Request at [My Oracle Support](http://support.oracle.com).
+
+If you do not have an Oracle Linux Support Subscription, you can use the [Oracle
+Linux
+Forum](https://community.oracle.com/community/server_%26_storage_systems/linux/oracle_linux) for community-based support.
diff --git a/docs/installation/linux/rhel.md b/docs/installation/linux/rhel.md
new file mode 100644
index 00000000..abf7b30b
--- /dev/null
+++ b/docs/installation/linux/rhel.md
@@ -0,0 +1,184 @@
+<!--[metadata]>
++++
+aliases = [ "/engine/installation/rhel/"]
+title = "Installation on Red Hat Enterprise Linux"
+description = "Instructions for installing Docker on Red Hat Enterprise Linux."
+keywords = ["Docker, Docker documentation, requirements, linux,  rhel"]
+[menu.main]
+parent = "engine_linux"
+weight = -5
++++
+<![end-metadata]-->
+
+# Red Hat Enterprise Linux
+
+Docker is supported on Red Hat Enterprise Linux 7. This page instructs you to
+install using Docker-managed release packages and installation mechanisms. Using
+these packages ensures you get the latest release of Docker. If you wish to
+install using Red Hat-managed packages, consult your Red Hat release
+documentation for information on Red Hat's Docker support.
+
+## Prerequisites
+
+Docker requires a 64-bit installation regardless of your Red Hat version. Docker
+requires that your kernel must be 3.10 at minimum, which Red Hat 7 runs.
+
+To check your current kernel version, open a terminal and use `uname -r` to
+display your kernel version:
+
+    $ uname -r
+    3.10.0-229.el7.x86_64
+
+Finally, is it recommended that you fully update your system. Please keep in
+mind that your system should be fully patched to fix any potential kernel bugs.
+Any reported kernel bugs may have already been fixed on the latest kernel
+packages.
+
+## Install Docker Engine
+
+There are two ways to install Docker Engine.  You can install with the `yum` package manager directly yourself. Or you can use `curl` with the  `get.docker.com` site. This second method runs an installation script which installs via the `yum` package manager.
+
+### Install with yum
+
+1. Log into your machine as a user with `sudo` or `root` privileges.
+
+2. Make sure your existing yum packages are up-to-date.
+
+  		$ sudo yum update
+
+3. Add the yum repo yourself.
+
+        $ sudo tee /etc/yum.repos.d/docker.repo <<-EOF
+        [dockerrepo]
+        name=Docker Repository
+        baseurl=https://yum.dockerproject.org/repo/main/centos/7
+        enabled=1
+        gpgcheck=1
+        gpgkey=https://yum.dockerproject.org/gpg
+        EOF
+
+4. Install the Docker package.
+
+        $ sudo yum install docker-engine
+
+5. Start the Docker daemon.
+
+		$ sudo service docker start
+
+6. Verify `docker` is installed correctly by running a test image in a container.
+
+		$ sudo docker run hello-world
+        Unable to find image 'hello-world:latest' locally
+    		latest: Pulling from hello-world
+    		a8219747be10: Pull complete
+    		91c95931e552: Already exists
+    		hello-world:latest: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security.
+    		Digest: sha256:aa03e5d0d5553b4c3473e89c8619cf79df368babd1.7.1cf5daeb82aab55838d
+    		Status: Downloaded newer image for hello-world:latest
+    		Hello from Docker.
+    		This message shows that your installation appears to be working correctly.
+
+    		To generate this message, Docker took the following steps:
+    		 1. The Docker client contacted the Docker daemon.
+    		 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
+    				(Assuming it was not already locally available.)
+    		 3. The Docker daemon created a new container from that image which runs the
+    				executable that produces the output you are currently reading.
+    		 4. The Docker daemon streamed that output to the Docker client, which sent it
+    				to your terminal.
+
+    		To try something more ambitious, you can run an Ubuntu container with:
+    		 $ docker run -it ubuntu bash
+
+    		For more examples and ideas, visit:
+    		 http://docs.docker.com/userguide/
+
+### Install with the script
+
+You use the same installation procedure for all versions of CentOS.
+
+1. Log into your machine as a user with `sudo` or `root` privileges.
+
+2. Make sure your existing yum packages are up-to-date.
+
+		$ sudo yum update
+
+3. Run the Docker installation script.
+
+		$ curl -fsSL https://get.docker.com/ | sh
+
+4. Start the Docker daemon.
+
+		$ sudo service docker start
+
+5. Verify `docker` is installed correctly by running a test image in a container.
+
+		$ sudo docker run hello-world
+
+## Create a docker group		
+
+The `docker` daemon binds to a Unix socket instead of a TCP port. By default
+that Unix socket is owned by the user `root` and other users can access it with
+`sudo`. For this reason, `docker` daemon always runs as the `root` user.
+
+To avoid having to use `sudo` when you use the `docker` command, create a Unix
+group called `docker` and add users to it. When the `docker` daemon starts, it
+makes the ownership of the Unix socket read/writable by the `docker` group.
+
+>**Warning**: The `docker` group is equivalent to the `root` user; For details
+>on how this impacts security in your system, see [*Docker Daemon Attack
+>Surface*](../../security/security.md#docker-daemon-attack-surface) for details.
+
+To create the `docker` group and add your user:
+
+1. Log into your machine as a user with `sudo` or `root` privileges.
+
+2. Create the `docker` group.
+
+    `sudo groupadd docker`
+
+3. Add your user to `docker` group.
+
+    `sudo usermod -aG docker your_username`
+
+4. Log out and log back in.
+
+    This ensures your user is running with the correct permissions.
+
+5. Verify your work by running `docker` without `sudo`.
+
+			$ docker run hello-world
+
+## Start the docker daemon at boot
+
+To ensure Docker starts when you boot your system, do the following:
+
+    $ sudo chkconfig docker on
+
+If you need to add an HTTP Proxy, set a different directory or partition for the
+Docker runtime files, or make other customizations, read our Systemd article to
+learn how to [customize your Systemd Docker daemon options](../../admin/systemd.md).
+
+
+## Uninstall
+
+You can uninstall the Docker software with `yum`.  
+
+1. List the package you have installed.
+
+		$ yum list installed | grep docker
+		yum list installed | grep docker
+		docker-engine.x86_64                1.7.1-0.1.el7@/docker-engine-1.7.1-0.1.el7.x86_64
+
+2. Remove the package.
+
+		$ sudo yum -y remove docker-engine.x86_64
+
+	This command does not remove images, containers, volumes, or user created
+	configuration files on your host.
+
+3. To delete all images, containers, and volumes run the following command:
+
+		$ rm -rf /var/lib/docker
+
+4. Locate and delete any user-created configuration files.
diff --git a/docs/installation/linux/ubuntulinux.md b/docs/installation/linux/ubuntulinux.md
new file mode 100644
index 00000000..1807874c
--- /dev/null
+++ b/docs/installation/linux/ubuntulinux.md
@@ -0,0 +1,452 @@
+<!--[metadata]>
++++
+aliases = [ "/engine/installation/ubuntulinux/"]
+title = "Installation on Ubuntu "
+description = "Instructions for installing Docker on Ubuntu. "
+keywords = ["Docker, Docker documentation, requirements, apt, installation,  ubuntu"]
+[menu.main]
+parent = "engine_linux"
+weight = -6
++++
+<![end-metadata]-->
+
+# Ubuntu
+
+Docker is supported on these Ubuntu operating systems:
+
+- Ubuntu Xenial 16.04 (LTS)
+- Ubuntu Wily 15.10
+- Ubuntu Trusty 14.04 (LTS)
+- Ubuntu Precise 12.04 (LTS)
+
+This page instructs you to install using Docker-managed release packages and
+installation mechanisms. Using these packages ensures you get the latest release
+of Docker. If you wish to install using Ubuntu-managed packages, consult your
+Ubuntu documentation.
+
+>**Note**: Ubuntu Utopic 14.10 and 15.04 exist in Docker's `APT` repository but
+> are no longer officially supported.
+
+## Prerequisites
+
+Docker requires a 64-bit installation regardless of your Ubuntu version.
+Additionally, your kernel must be 3.10 at minimum. The latest 3.10 minor version
+or a newer maintained version are also acceptable.
+
+Kernels older than 3.10 lack some of the features required to run Docker
+containers. These older versions are known to have bugs which cause data loss
+and frequently panic under certain conditions.
+
+To check your current kernel version, open a terminal and use `uname -r` to
+display your kernel version:
+
+    $ uname -r
+    3.11.0-15-generic
+
+>**Note**: If you previously installed Docker using `APT`, make sure you update
+your `APT` sources to the new Docker repository.
+
+### Update your apt sources
+
+Docker's `APT` repository contains Docker 1.7.1 and higher. To set `APT` to use
+packages from the new repository:
+
+1. Log into your machine as a user with `sudo` or `root` privileges.
+
+2. Open a terminal window.
+
+3. Update package information, ensure that APT works with the `https` method, and that CA certificates are installed.
+
+         $ sudo apt-get update
+         $ sudo apt-get install apt-transport-https ca-certificates
+
+4. Add the new `GPG` key.
+
+        $ sudo apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
+
+5. Open the `/etc/apt/sources.list.d/docker.list` file in your favorite editor.
+
+    If the file doesn't exist, create it.
+
+6. Remove any existing entries.
+
+7. Add an entry for your Ubuntu operating system.
+
+    The possible entries are:
+
+    - On Ubuntu Precise 12.04 (LTS)
+
+            deb https://apt.dockerproject.org/repo ubuntu-precise main
+
+    - On Ubuntu Trusty 14.04 (LTS)
+
+            deb https://apt.dockerproject.org/repo ubuntu-trusty main
+
+    - Ubuntu Wily 15.10
+
+            deb https://apt.dockerproject.org/repo ubuntu-wily main
+
+    - Ubuntu Xenial 16.04 (LTS)
+
+            deb https://apt.dockerproject.org/repo ubuntu-xenial main
+
+    > **Note**: Docker does not provide packages for all architectures. You can find
+	> nightly built binaries in https://master.dockerproject.org. To install docker on
+    > a multi-architecture system, add an `[arch=...]` clause to the entry. Refer to the
+    > [Debian Multiarch wiki](https://wiki.debian.org/Multiarch/HOWTO#Setting_up_apt_sources)
+    > for details.
+
+8. Save and close the `/etc/apt/sources.list.d/docker.list` file.
+
+9. Update the `APT` package index.
+
+        $ sudo apt-get update
+
+10. Purge the old repo if it exists.
+
+        $ sudo apt-get purge lxc-docker
+
+11. Verify that `APT` is pulling from the right repository.
+
+        $ apt-cache policy docker-engine
+
+    From now on when you run `apt-get upgrade`, `APT` pulls from the new repository.
+
+### Prerequisites by Ubuntu Version
+
+- Ubuntu Xenial 16.04 (LTS)
+- Ubuntu Wily 15.10
+- Ubuntu Trusty 14.04 (LTS)
+
+For Ubuntu Trusty, Wily, and Xenial, it's recommended to install the
+`linux-image-extra` kernel package. The `linux-image-extra` package
+allows you use the `aufs` storage driver.
+
+To install the `linux-image-extra` package for your kernel version:
+
+1. Open a terminal on your Ubuntu host.
+
+2. Update your package manager.
+
+        $ sudo apt-get update
+
+3. Install the recommended package.
+
+        $ sudo apt-get install linux-image-extra-$(uname -r)
+
+4. Go ahead and install Docker.
+
+If you are installing on Ubuntu 14.04 or 12.04, `apparmor` is required.  You can install it using: `apt-get install apparmor`
+
+#### Ubuntu Precise 12.04 (LTS)
+
+For Ubuntu Precise, Docker requires the 3.13 kernel version. If your kernel
+version is older than 3.13, you must upgrade it. Refer to this table to see
+which packages are required for your environment:
+
+<style type="text/css"> .tg  {border-collapse:collapse;border-spacing:0;} .tg
+td{font-size:14px;padding:10px
+5px;border-style:solid;border-width:1px;overflow:hidden;word-break:normal;}
+.tg-031{width:275px;font-family:monospace} </style> <table class="tg"> <tr> <td
+class="tg-031">linux-image-generic-lts-trusty</td> <td class="tg-031e">Generic
+Linux kernel image. This kernel has AUFS built in. This is required to run
+Docker.</td> </tr> <tr> <td class="tg-031">linux-headers-generic-lts-trusty</td>
+<td class="tg-031e">Allows packages such as ZFS and VirtualBox guest additions
+which depend on them. If you didn't install the headers for your existing
+kernel, then you can skip these headers for the"trusty" kernel. If you're
+unsure, you should include this package for safety.</td> </tr> <tr> <td
+class="tg-031">xserver-xorg-lts-trusty</td> <td class="tg-031e"
+rowspan="2">Optional in non-graphical environments without Unity/Xorg.
+<b>Required</b> when running Docker on machine with a graphical environment.
+<br>
+<br>To learn more about the reasons for these packages, read the installation
+instructions for backported kernels, specifically the <a
+href="https://wiki.ubuntu.com/Kernel/LTSEnablementStack" target="_blank">LTS
+Enablement Stack</a> &mdash; refer to note 5 under each version.
+</td> </tr>
+<tr> <td class="tg-031">libgl1-mesa-glx-lts-trusty</td> </tr> </table> &nbsp;
+
+To upgrade your kernel and install the additional packages, do the following:
+
+1. Open a terminal on your Ubuntu host.
+
+2. Update your package manager.
+
+        $ sudo apt-get update
+
+3. Install both the required and optional packages.
+
+        $ sudo apt-get install linux-image-generic-lts-trusty
+
+    Depending on your environment, you may install more as described in the preceding table.
+
+4. Reboot your host.
+
+        $ sudo reboot
+
+5. After your system reboots, go ahead and install Docker.
+
+## Install
+
+Make sure you have installed the prerequisites for your Ubuntu version.
+
+Then,
+install Docker using the following:
+
+1. Log into your Ubuntu installation as a user with `sudo` privileges.
+
+2. Update your `APT` package index.
+
+        $ sudo apt-get update
+
+3. Install Docker.
+
+        $ sudo apt-get install docker-engine
+
+4. Start the `docker` daemon.
+
+        $ sudo service docker start
+
+5. Verify `docker` is installed correctly.
+
+        $ sudo docker run hello-world
+
+    This command downloads a test image and runs it in a container. When the
+    container runs, it prints an informational message. Then, it exits.
+
+## Optional configurations
+
+This section contains optional procedures for configuring your Ubuntu to work
+better with Docker.
+
+* [Create a docker group](#create-a-docker-group)
+* [Adjust memory and swap accounting](#adjust-memory-and-swap-accounting)
+* [Enable UFW forwarding](#enable-ufw-forwarding)
+* [Configure a DNS server for use by Docker](#configure-a-dns-server-for-use-by-docker)
+* [Configure Docker to start on boot](#configure-docker-to-start-on-boot)
+
+### Create a Docker group		
+
+The `docker` daemon binds to a Unix socket instead of a TCP port. By default
+that Unix socket is owned by the user `root` and other users can access it with
+`sudo`. For this reason, `docker` daemon always runs as the `root` user.
+
+To avoid having to use `sudo` when you use the `docker` command, create a Unix
+group called `docker` and add users to it. When the `docker` daemon starts, it
+makes the ownership of the Unix socket read/writable by the `docker` group.
+
+>**Warning**: The `docker` group is equivalent to the `root` user; For details
+>on how this impacts security in your system, see [*Docker Daemon Attack
+>Surface*](../../security/security.md#docker-daemon-attack-surface) for details.
+
+To create the `docker` group and add your user:
+
+1. Log into Ubuntu as a user with `sudo` privileges.
+
+    This procedure assumes you log in as the `ubuntu` user.
+
+2. Create the `docker` group.
+
+        $ sudo groupadd docker
+
+3. Add your user to `docker` group.
+
+        $ sudo usermod -aG docker ubuntu
+
+4. Log out and log back in.
+
+    This ensures your user is running with the correct permissions.
+
+5. Verify your work by running `docker` without `sudo`.
+
+        $ docker run hello-world
+
+	If this fails with a message similar to this:
+
+		Cannot connect to the Docker daemon. Is 'docker daemon' running on this host?
+
+	Check that the `DOCKER_HOST` environment variable is not set for your shell.
+	If it is, unset it.
+
+### Adjust memory and swap accounting
+
+When users run Docker, they may see these messages when working with an image:
+
+    WARNING: Your kernel does not support cgroup swap limit. WARNING: Your
+    kernel does not support swap limit capabilities. Limitation discarded.
+
+To prevent these messages, enable memory and swap accounting on your
+system.  Enabling memory and swap accounting does induce both a memory
+overhead and a performance degradation even when Docker is not in
+use. The memory overhead is about 1% of the total available
+memory. The performance degradation is roughly 10%.
+
+To enable memory and swap on system using GNU GRUB (GNU GRand Unified
+Bootloader), do the following:
+
+1. Log into Ubuntu as a user with `sudo` privileges.
+
+2. Edit the `/etc/default/grub` file.
+
+3. Set the `GRUB_CMDLINE_LINUX` value as follows:
+
+        GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"
+
+4. Save and close the file.
+
+5. Update GRUB.
+
+        $ sudo update-grub
+
+6. Reboot your system.
+
+
+### Enable UFW forwarding
+
+If you use [UFW (Uncomplicated Firewall)](https://help.ubuntu.com/community/UFW)
+on the same host as you run Docker, you'll need to do additional configuration.
+Docker uses a bridge to manage container networking. By default, UFW drops all
+forwarding traffic. As a result, for Docker to run when UFW is
+enabled, you must set UFW's forwarding policy appropriately.
+
+Also, UFW's default set of rules denies all incoming traffic. If you want to
+reach your containers from another host allow incoming connections on the Docker
+port. The Docker port defaults to `2376` if TLS is enabled or `2375` when it is
+not. If TLS is not enabled, communication is unencrypted. By default, Docker
+runs without TLS enabled.
+
+To configure UFW and allow incoming connections on the Docker port:
+
+1. Log into Ubuntu as a user with `sudo` privileges.
+
+2. Verify that UFW is installed and enabled.
+
+        $ sudo ufw status
+
+3. Open the `/etc/default/ufw` file for editing.
+
+        $ sudo nano /etc/default/ufw
+
+4. Set the `DEFAULT_FORWARD_POLICY` policy to:
+
+        DEFAULT_FORWARD_POLICY="ACCEPT"
+
+5. Save and close the file.
+
+6. Reload UFW to use the new setting.
+
+        $ sudo ufw reload
+
+7. Allow incoming connections on the Docker port.
+
+        $ sudo ufw allow 2375/tcp
+
+### Configure a DNS server for use by Docker
+
+Systems that run Ubuntu or an Ubuntu derivative on the desktop typically use
+`127.0.0.1` as the default `nameserver` in `/etc/resolv.conf` file. The
+NetworkManager also sets up `dnsmasq` to use the real DNS servers of the
+connection and sets up `nameserver 127.0.0.1` in /`etc/resolv.conf`.
+
+When starting containers on desktop machines with these configurations, Docker
+users see this warning:
+
+    WARNING: Local (127.0.0.1) DNS resolver found in resolv.conf and containers
+    can't use it. Using default external servers : [8.8.8.8 8.8.4.4]
+
+The warning occurs because Docker containers can't use the local DNS nameserver.
+Instead, Docker defaults to using an external nameserver.
+
+To avoid this warning, you can specify a DNS server for use by Docker
+containers. Or, you can disable `dnsmasq` in NetworkManager. Though, disabling
+`dnsmasq` might make DNS resolution slower on some networks.
+
+The instructions below describe how to configure the Docker daemon
+running on Ubuntu 14.10 or below. Ubuntu 15.04 and above use `systemd`
+as the boot and service manager. Refer to [control and configure Docker
+with systemd](../../admin/systemd.md#custom-docker-daemon-options) to
+configure a daemon controlled by `systemd`.
+
+To specify a DNS server for use by Docker:
+
+1. Log into Ubuntu as a user with `sudo` privileges.
+
+2. Open the `/etc/default/docker` file for editing.
+
+        $ sudo nano /etc/default/docker
+
+3. Add a setting for Docker.
+
+        DOCKER_OPTS="--dns 8.8.8.8"
+
+    Replace `8.8.8.8` with a local DNS server such as `192.168.1.1`. You can also
+    specify multiple DNS servers. Separated them with spaces, for example:
+
+        --dns 8.8.8.8 --dns 192.168.1.1
+
+    >**Warning**: If you're doing this on a laptop which connects to various
+    >networks, make sure to choose a public DNS server.
+
+4. Save and close the file.
+
+5. Restart the Docker daemon.
+
+        $ sudo restart docker
+
+
+&nbsp;
+&nbsp;
+
+**Or, as an alternative to the previous procedure,** disable `dnsmasq` in
+NetworkManager (this might slow your network).
+
+1. Open the `/etc/NetworkManager/NetworkManager.conf` file for editing.
+
+        $ sudo nano /etc/NetworkManager/NetworkManager.conf
+
+2. Comment out the `dns=dnsmasq` line:
+
+        dns=dnsmasq
+
+3. Save and close the file.
+
+4. Restart both the NetworkManager and Docker.
+
+        $ sudo restart network-manager
+        $ sudo restart docker
+
+### Configure Docker to start on boot
+
+Ubuntu uses `systemd` as its boot and service manager `15.04` onwards and `upstart`
+for versions `14.10` and below.
+
+For `15.04` and up, to configure the `docker` daemon to start on boot, run
+
+    $ sudo systemctl enable docker
+
+For `14.10` and below the above installation method automatically configures `upstart`
+to start the docker daemon on boot
+
+## Upgrade Docker
+
+To install the latest version of Docker with `apt-get`:
+
+    $ sudo apt-get upgrade docker-engine
+
+## Uninstallation
+
+To uninstall the Docker package:
+
+    $ sudo apt-get purge docker-engine
+
+To uninstall the Docker package and dependencies that are no longer needed:
+
+    $ sudo apt-get autoremove --purge docker-engine
+
+The above commands will not remove images, containers, volumes, or user created
+configuration files on your host. If you wish to delete all images, containers,
+and volumes run the following command:
+
+    $ rm -rf /var/lib/docker
+
+You must delete the user created configuration files manually.
diff --git a/docs/installation/mac.md b/docs/installation/mac.md
new file mode 100644
index 00000000..3efb2f2a
--- /dev/null
+++ b/docs/installation/mac.md
@@ -0,0 +1,428 @@
+<!--[metadata]>
++++
+title = "Installation on Mac OS X"
+description = "Instructions for installing Docker on OS X using boot2docker."
+keywords = ["Docker, Docker documentation, requirements, boot2docker, VirtualBox, SSH, Linux, OSX, OS X,  Mac"]
+[menu.main]
+parent = "engine_install"
+weight="-90"
++++
+<![end-metadata]-->
+
+# Mac OS X
+
+You install Docker using Docker Toolbox. Docker Toolbox includes the following Docker tools:
+
+* Docker Machine for running the `docker-machine` binary
+* Docker Engine for running the `docker` binary
+* Docker Compose for running the `docker-compose` binary
+* Kitematic, the Docker GUI
+* a shell preconfigured for a Docker command-line environment
+* Oracle VM VirtualBox
+
+Because the Docker daemon uses Linux-specific kernel features, you can't run
+Docker natively in OS X. Instead, you must use `docker-machine` to create and
+attach to a virtual machine (VM). This machine is a Linux VM that hosts Docker
+for you on your Mac.
+
+**Requirements**
+
+Your Mac must be running OS X 10.8 "Mountain Lion" or newer to install the
+Docker Toolbox.
+
+### Learn the key concepts before installing
+
+In a Docker installation on Linux, your physical machine is both the localhost
+and the Docker host. In networking, localhost means your computer. The Docker
+host is the computer on which the containers run.
+
+On a typical Linux installation, the Docker client, the Docker daemon, and any
+containers run directly on your localhost. This means you can address ports on a
+Docker container using standard localhost addressing such as `localhost:8000` or
+`0.0.0.0:8376`.
+
+![Linux Architecture Diagram](images/linux_docker_host.svg)
+
+In an OS X installation, the `docker` daemon is running inside a Linux VM called
+`default`. The `default` is a lightweight Linux VM made specifically to run
+the Docker daemon on Mac OS X. The VM runs completely from RAM, is a small ~24MB
+download, and boots in approximately 5s.
+
+![OSX Architecture Diagram](images/mac_docker_host.svg)
+
+In OS X, the Docker host address is the address of the Linux VM. When you start
+the VM with `docker-machine` it is assigned an IP address. When you start a
+container, the ports on a container map to ports on the VM. To see this in
+practice, work through the exercises on this page.
+
+
+### Installation
+
+If you have VirtualBox running, you must shut it down before running the
+installer.
+
+1. Go to the [Docker Toolbox](https://www.docker.com/toolbox) page.
+
+2. Click the Download link.
+
+3. Install Docker Toolbox by double-clicking the package or by right-clicking
+and choosing "Open" from the pop-up menu.
+
+    The installer launches the "Install Docker Toolbox" dialog.
+
+    ![Install Docker Toolbox](images/mac-welcome-page.png)
+
+4. Press "Continue" to install the toolbox.
+
+    The installer presents you with options to customize the standard
+    installation.
+
+    ![Standard install](images/mac-page-two.png)
+
+    By default, the standard Docker Toolbox installation:
+
+    * installs binaries for the Docker tools in `/usr/local/bin`
+    * makes these binaries available to all users
+    * installs VirtualBox; or updates any existing installation
+
+    To change these defaults, press "Customize" or "Change
+    Install Location."
+
+5. Press "Install" to perform the standard installation.
+
+     The system prompts you for your password.
+
+     ![Password prompt](images/mac-password-prompt.png)
+
+6. Provide your password to continue with the installation.
+
+     When it completes, the installer provides you with some information you can
+     use to complete some common tasks.
+
+     ![All finished](images/mac-page-finished.png)
+
+7. Press "Close" to exit.
+
+## Running a Docker Container
+
+To run a Docker container, you:
+
+* Create a new (or start an existing) virtual machine
+* Switch your environment to your new VM
+* Use the `docker` client to create, load, and manage containers
+
+You can reuse this virtual machine as often as you like. Like any
+VirtualBox VM, it maintains its configuration between uses.
+
+There are two ways to use the installed tools, from the Docker Quickstart Terminal or
+[from your shell](#from-your-shell).
+
+### From the Docker Quickstart Terminal
+
+1. Open the "Applications" folder or the "Launchpad".
+
+2. Find the Docker Quickstart Terminal and double-click to launch it.
+
+    The application:
+
+    * Opens a terminal window
+    * Creates a `default` VM if it doesn't exists, and starts the VM after
+    * Points the terminal environment to this VM
+
+    Once the launch completes, the Docker Quickstart Terminal reports:
+
+     ![All finished](images/mac-success.png)
+
+    Now, you can run `docker` commands.
+
+3. Verify your setup succeeded by running the `hello-world` container.
+
+        $ docker run hello-world
+        Unable to find image 'hello-world:latest' locally
+        511136ea3c5a: Pull complete
+        31cbccb51277: Pull complete
+        e45a5af57b00: Pull complete
+        hello-world:latest: The image you are pulling has been verified.
+        Important: image verification is a tech preview feature and should not be
+        relied on to provide security.
+        Status: Downloaded newer image for hello-world:latest
+        Hello from Docker.
+        This message shows that your installation appears to be working correctly.
+
+        To generate this message, Docker took the following steps:
+        1. The Docker client contacted the Docker daemon.
+        2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
+           (Assuming it was not already locally available.)
+        3. The Docker daemon created a new container from that image which runs the
+           executable that produces the output you are currently reading.
+        4. The Docker daemon streamed that output to the Docker client, which sent it
+           to your terminal.
+
+        To try something more ambitious, you can run an Ubuntu container with:
+        $ docker run -it ubuntu bash
+
+        For more examples and ideas, visit:
+        http://docs.docker.com/userguide/
+
+
+A more typical way to interact with the Docker tools is from your regular shell command line.
+
+### From your shell
+
+This section assumes you are running a Bash shell. You may be running a
+different shell such as C Shell but the commands are the same.
+
+1. Create a new Docker VM.
+
+        $ docker-machine create --driver virtualbox default
+        Creating VirtualBox VM...
+        Creating SSH key...
+        Starting VirtualBox VM...
+        Starting VM...
+        To see how to connect Docker to this machine, run: docker-machine env default
+
+    This creates a new `default` VM in VirtualBox.
+
+    The command also creates a machine configuration in the
+    `~/.docker/machine/machines/default` directory. You only need to run the
+    `create` command once. Then, you can use `docker-machine` to start, stop,
+    query, and otherwise manage the VM from the command line.
+
+2. List your available machines.
+
+        $ docker-machine ls
+        NAME                ACTIVE   DRIVER       STATE     URL                         SWARM
+        default             *        virtualbox   Running   tcp://192.168.99.101:2376
+
+    If you have previously installed the deprecated Boot2Docker application or
+    run the Docker Quickstart Terminal, you may have a `dev` VM as well.  When you
+    created `default` VM, the `docker-machine` command provided instructions
+    for learning how to connect the VM.
+
+3. Get the environment commands for your new VM.
+
+        $ docker-machine env default
+        export DOCKER_TLS_VERIFY="1"
+        export DOCKER_HOST="tcp://192.168.99.101:2376"
+        export DOCKER_CERT_PATH="/Users/mary/.docker/machine/machines/default"
+        export DOCKER_MACHINE_NAME="default"
+        # Run this command to configure your shell:
+        # eval "$(docker-machine env default)"
+
+4. Connect your shell to the `default` machine.
+
+        $ eval "$(docker-machine env default)"
+
+5. Run the `hello-world` container to verify your setup.
+
+        $ docker run hello-world
+
+## Learn about your Toolbox installation
+
+Toolbox installs the Docker Engine binary, the Docker binary on your system. When you
+use the Docker Quickstart Terminal or create a `default` VM manually, Docker
+Machine updates the `~/.docker/machine/machines/default` folder to your
+system. This folder contains the configuration for the VM.
+
+You can create multiple VMs on your system with Docker Machine. Therefore, you
+may end up with multiple VM folders if you have more than one VM. To remove a
+VM, use the `docker-machine rm <machine-name>` command.
+
+## Migrate from Boot2Docker
+
+If you were using Boot2Docker previously, you have a pre-existing Docker
+`boot2docker-vm` VM on your local system.  To allow Docker Machine to manage
+this older VM, you can migrate it.
+
+1. Open a terminal or the Docker CLI on your system.
+
+2. Type the following command.
+
+        $ docker-machine create -d virtualbox --virtualbox-import-boot2docker-vm boot2docker-vm docker-vm
+
+3. Use the `docker-machine` command to interact with the migrated VM.
+
+The `docker-machine` subcommands are slightly different than the `boot2docker`
+subcommands. The table below lists the equivalent `docker-machine` subcommand
+and what it does:
+
+|  `boot2docker` | `docker-machine` | `docker-machine` description                             |
+|----------------|------------------|----------------------------------------------------------|
+| init           | create           | Creates a new docker host.                               |
+| up             | start            | Starts a stopped machine.                                |
+| ssh            | ssh              | Runs a command or interactive ssh session on the machine.|
+| save           | -                | Not applicable.                                          |
+| down           | stop             | Stops a running machine.                                 |
+| poweroff       | stop             | Stops a running machine.                                 |
+| reset          | restart          | Restarts a running machine.                              |
+| config         | inspect          | Prints machine configuration details.                    |
+| status         | ls               | Lists all machines and their status.                     |
+| info           | inspect          | Displays a machine's details.                            |
+| ip             | ip               | Displays the machine's ip address.                       |
+| shellinit      | env              | Displays shell commands needed to configure your shell to interact with a machine |
+| delete         | rm               | Removes a machine.                                       |
+| download       | -                | Not applicable.                                          |
+| upgrade        | upgrade          | Upgrades a machine's Docker client to the latest stable release. |
+
+
+## Examples on Mac OS X
+
+Work through this section to try some practical container tasks on a VM. At this
+point, you should have a VM running and be connected to it through your shell.
+To verify this, run the following commands:
+
+    $ docker-machine ls
+    NAME                ACTIVE   DRIVER       STATE     URL                         SWARM
+    default             *        virtualbox   Running   tcp://192.168.99.100:2376
+
+The `ACTIVE` machine, in this case `default`, is the one your environment is pointing to.
+
+### Access container ports
+
+1. Start an NGINX container on the DOCKER_HOST.
+
+        $ docker run -d -P --name web nginx
+
+    Normally, the `docker run` commands starts a container, runs it, and then
+    exits. The `-d` flag keeps the container running in the background
+    after the `docker run` command completes. The `-P` flag publishes exposed ports from the
+    container to your local host; this lets you access them from your Mac.
+
+2. Display your running container with `docker ps` command
+
+        CONTAINER ID        IMAGE               COMMAND                CREATED             STATUS              PORTS                                           NAMES
+        5fb65ff765e9        nginx:latest        "nginx -g 'daemon of   3 minutes ago       Up 3 minutes        0.0.0.0:49156->443/tcp, 0.0.0.0:49157->80/tcp   web
+
+    At this point, you can see `nginx` is running as a daemon.
+
+3. View just the container's ports.
+
+        $ docker port web
+        443/tcp -> 0.0.0.0:49156
+        80/tcp -> 0.0.0.0:49157
+
+    This tells you that the `web` container's port `80` is mapped to port
+    `49157` on your Docker host.
+
+4. Enter the `http://localhost:49157` address (`localhost` is `0.0.0.0`) in your browser:
+
+    ![Bad Address](images/bad_host.png)
+
+    This didn't work. The reason it doesn't work is your `DOCKER_HOST` address is
+    not the localhost address (0.0.0.0) but is instead the address of your Docker VM.
+
+5. Get the address of the `default` VM.
+
+        $ docker-machine ip default
+        192.168.59.103
+
+6. Enter the `http://192.168.59.103:49157` address in your browser:
+
+    ![Correct Addressing](images/good_host.png)
+
+    Success!
+
+7. To stop and then remove your running `nginx` container, do the following:
+
+        $ docker stop web
+        $ docker rm web
+
+### Mount a volume on the container
+
+When you start a container it automatically shares your `/Users/username` directory
+with the VM. You can use this share point to mount directories onto your container.
+The next exercise demonstrates how to do this.
+
+1. Change to your user `$HOME` directory.
+
+        $ cd $HOME
+
+2. Make a new `site` directory.
+
+        $ mkdir site
+
+3. Change into the `site` directory.
+
+        $ cd site
+
+4. Create a new `index.html` file.
+
+        $ echo "my new site" > index.html
+
+5. Start a new `nginx` container and replace the `html` folder with your `site` directory.
+
+        $ docker run -d -P -v $HOME/site:/usr/share/nginx/html \
+          --name mysite nginx
+
+6. View the `mysite` container's port.
+
+        $ docker port mysite
+        80/tcp -> 0.0.0.0:49166
+        443/tcp -> 0.0.0.0:49165
+
+7. Open the site in a browser:
+
+    ![My site page](images/newsite_view.png)
+
+8. Add a page to your `$HOME/site` in real time.
+
+        $ echo "This is cool" > cool.html
+
+9. Open the new page in the browser.
+
+    ![Cool page](images/cool_view.png)
+
+10. Stop and then remove your running `mysite` container.
+
+        $ docker stop mysite
+        $ docker rm mysite
+
+> **Note**: There is a [known
+> issue](https://docs.docker.com/machine/drivers/virtualbox/#known-issues) that
+> may cause files shared with your nginx container to not update correctly as you
+> modify them on your host.
+
+## Upgrade Docker Toolbox
+
+To upgrade Docker Toolbox, download and re-run the [Docker Toolbox
+installer](https://docker.com/toolbox/).
+
+
+## Uninstall Docker Toolbox
+
+To uninstall, do the following:
+
+1. List your machines.
+
+        $ docker-machine ls
+        NAME                ACTIVE   DRIVER       STATE     URL                         SWARM
+        dev                 *        virtualbox   Running   tcp://192.168.99.100:2376
+        my-docker-machine            virtualbox   Stopped
+        default                      virtualbox   Stopped
+
+2. Remove each machine.
+
+        $ docker-machine rm dev
+        Successfully removed dev
+
+     Removing a machine deletes its VM from VirtualBox and from the
+     `~/.docker/machine/machines` directory.
+
+3. Remove the Docker Quickstart Terminal and Kitematic from your "Applications" folder.
+
+4. Remove the `docker`, `docker-compose`, and `docker-machine` commands from the `/usr/local/bin` folder.
+
+        $ rm /usr/local/bin/docker
+
+5. Delete the `~/.docker` folder from your system.
+
+
+## Learning more
+
+Use `docker-machine help` to list the full command line reference for Docker Machine. For more
+information about using SSH or SCP to access a VM, see the [Docker Machine
+documentation](https://docs.docker.com/machine/).
+
+You can continue with the [Docker Engine User Guide](../userguide/index.md). If you are
+interested in using the Kitematic GUI, see the [Kitematic user
+guide](https://docs.docker.com/kitematic/userguide/).
diff --git a/docs/installation/windows.md b/docs/installation/windows.md
new file mode 100644
index 00000000..696ee339
--- /dev/null
+++ b/docs/installation/windows.md
@@ -0,0 +1,379 @@
+<!--[metadata]>
++++
+title = "Installation on Windows"
+description = "Docker installation on Microsoft Windows"
+keywords = ["Docker, Docker documentation, Windows, requirements, virtualbox,  boot2docker"]
+[menu.main]
+parent = "engine_install"
+weight="-80"
++++
+<![end-metadata]-->
+
+# Windows
+
+> **Note**: This release of Docker deprecates the Boot2Docker command line in
+> favor of Docker Machine.  Use the Docker Toolbox to install Docker Machine as
+> well as the other Docker tools.
+
+You install Docker using Docker Toolbox. Docker Toolbox includes the following Docker tools:
+
+* Docker Machine for running the `docker-machine` binary
+* Docker Engine for running the `docker` binary
+* Kitematic, the Docker GUI
+* a shell preconfigured for a Docker command-line environment
+* Oracle VM VirtualBox
+
+Because the Docker daemon uses Linux-specific kernel features, you can't run
+Docker natively in Windows. Instead, you must use `docker-machine` to create and attach to a Docker VM on your machine. This VM hosts Docker for you on your Windows system.
+
+The virtual machine runs a lightweight Linux distribution made specifically to
+run the Docker daemon. The VirtualBox VM runs completely from RAM, is a small
+~24MB download, and boots in approximately 5s.
+
+## Requirements
+
+To run Docker, your machine must have a 64-bit operating system running Windows 7 or higher. Additionally, you must make sure that virtualization is enabled on your machine.
+To verify your machine meets these requirements, do the following:
+
+1. Right click the Windows Start Menu and choose **System**.
+
+    ![Which version](images/win_ver.png)
+
+    If you are using an unsupported version of Windows, you should consider
+    upgrading your operating system in order to try out Docker.
+
+2. Make sure your CPU supports [virtualization technology](https://en.wikipedia.org/wiki/X86_virtualization)
+and virtualization support is enabled in BIOS and recognized by Windows.
+
+    #### For Windows 8, 8.1 or 10
+
+	  Choose **Start > Task Manager**. On Windows 10, click more details. Navigate to the **Performance** tab.
+	  Under **CPU** you should see the following:
+
+      ![Release page](images/virtualization.png)
+
+    If virtualization is not enabled on your system, follow the manufacturer's instructions for enabling it.
+
+    #### For Windows 7
+
+	  Run the <a
+	  href="http://www.microsoft.com/en-us/download/details.aspx?id=592"
+	  target="_blank"> Microsoft® Hardware-Assisted Virtualization Detection
+	  Tool</a> and follow the on-screen instructions.
+
+3. Verify your Windows OS is 64-bit (x64)
+
+   How you do this verification depends on your Windows version.  For details, see the Windows
+    article [How to determine whether a computer is running a 32-bit version or 64-bit version
+    of the Windows operating system](https://support.microsoft.com/en-us/kb/827218).
+
+> **Note**: If you have Docker hosts running and you don't wish to do a Docker Toolbox
+installation, you can install the `docker.exe` using the *unofficial* Windows package
+manager Chocolatey. For information on how to do this, see [Docker package on
+Chocolatey](http://chocolatey.org/packages/docker).
+
+### Learn the key concepts before installing
+
+In a Docker installation on Linux, your machine is both the localhost and the
+Docker host. In networking, localhost means your computer. The Docker host is
+the machine on which the containers run.
+
+On a typical Linux installation, the Docker client, the Docker daemon, and any
+containers run directly on your localhost. This means you can address ports on a
+Docker container using standard localhost addressing such as `localhost:8000` or
+`0.0.0.0:8376`.
+
+![Linux Architecture Diagram](images/linux_docker_host.svg)
+
+In an Windows installation, the `docker` daemon is running inside a Linux virtual
+machine. You use the Windows Docker client to talk to the Docker host VM. Your
+Docker containers run inside this host.
+
+![Windows Architecture Diagram](images/win_docker_host.svg)
+
+In Windows, the Docker host address is the address of the Linux VM. When you
+start the VM with `docker-machine` it is assigned an IP address. When you start
+a container, the ports on a container map to ports on the VM. To see this in
+practice, work through the exercises on this page.
+
+
+### Installation
+
+If you have VirtualBox running, you must shut it down before running the
+installer.
+
+1. Go to the [Docker Toolbox](https://www.docker.com/toolbox) page.
+
+2. Click the installer link to download.
+
+3. Install Docker Toolbox by double-clicking the installer.
+
+    The installer launches the "Setup - Docker Toolbox" dialog.
+
+    ![Install Docker Toolbox](images/win-welcome.png)
+
+4. Press "Next" to install the toolbox.
+
+    The installer presents you with options to customize the standard
+    installation. By default, the standard Docker Toolbox installation:
+
+    * installs executables for the Docker tools in `C:\Program Files\Docker Toolbox`
+    * install VirtualBox; or updates any existing installation
+    * adds a Docker Inc. folder to your program shortcuts
+    * updates your `PATH` environment variable
+    * adds desktop icons for the Docker Quickstart Terminal and Kitematic
+
+    This installation assumes the defaults are acceptable.
+
+5. Press "Next" until you reach the "Ready to Install" page.
+
+     The system prompts you for your password.
+
+     ![Install](images/win-page-6.png)
+
+6. Press "Install"  to continue with the installation.
+
+     When it completes, the installer provides you with some information you can
+     use to complete some common tasks.
+
+     ![All finished](images/windows-finish.png)
+
+7. Press "Finish" to exit.
+
+## Running a Docker Container
+
+To run a Docker container, you:
+
+* Create a new (or start an existing) Docker virtual machine
+* Switch your environment to your new VM
+* Use the `docker` client to create, load, and manage containers
+
+Once you create a machine, you can reuse it as often as you like. Like any
+VirtualBox VM, it maintains its configuration between uses.
+
+There are several ways to use the installed tools, from the Docker Quickstart Terminal or
+[from your shell](#from-your-shell).
+
+### Using the Docker Quickstart Terminal
+
+1. Find the Docker Quickstart Terminal icon on your Desktop and double-click to launch it.
+
+    The application:
+
+    * Opens a terminal window
+    * Creates a `default` VM if it doesn't exist, and starts the VM after
+    * Points the terminal environment to this VM
+
+    Once the launch completes, you can run `docker` commands.
+
+3. Verify your setup succeeded by running the `hello-world` container.
+
+        $ docker run hello-world
+        Unable to find image 'hello-world:latest' locally
+        511136ea3c5a: Pull complete
+        31cbccb51277: Pull complete
+        e45a5af57b00: Pull complete
+        hello-world:latest: The image you are pulling has been verified.
+        Important: image verification is a tech preview feature and should not be
+        relied on to provide security.
+        Status: Downloaded newer image for hello-world:latest
+        Hello from Docker.
+        This message shows that your installation appears to be working correctly.
+
+        To generate this message, Docker took the following steps:
+        1. The Docker client contacted the Docker daemon.
+        2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
+           (Assuming it was not already locally available.)
+        3. The Docker daemon created a new container from that image which runs the
+           executable that produces the output you are currently reading.
+        4. The Docker daemon streamed that output to the Docker client, which sent it
+           to your terminal.
+
+        To try something more ambitious, you can run an Ubuntu container with:
+        $ docker run -it ubuntu bash
+
+        For more examples and ideas, visit:
+        http://docs.docker.com/userguide/
+
+
+### Using Docker from Windows Command Prompt (cmd.exe)
+
+1. Launch a Windows Command Prompt (cmd.exe).
+
+    The `docker-machine` command requires `ssh.exe` in your `PATH` environment
+    variable. This `.exe` is in the MsysGit `bin` folder.
+
+2. Add this to the `%PATH%` environment variable by running:
+
+        set PATH=%PATH%;"c:\Program Files (x86)\Git\bin"
+
+3. Create a new Docker VM.
+
+        docker-machine create --driver virtualbox my-default
+        Creating VirtualBox VM...
+        Creating SSH key...
+        Starting VirtualBox VM...
+        Starting VM...
+        To see how to connect Docker to this machine, run: docker-machine env my-default
+
+    The command also creates a machine configuration in the
+    `C:\USERS\USERNAME\.docker\machine\machines` directory. You only need to run the `create`
+    command once. Then, you can use `docker-machine` to start, stop, query, and
+    otherwise manage the VM from the command line.
+
+4. List your available machines.
+
+        C:\Users\mary> docker-machine ls
+        NAME                ACTIVE   DRIVER       STATE     URL                         SWARM
+        my-default        *        virtualbox   Running   tcp://192.168.99.101:2376
+
+    If you have previously installed the deprecated Boot2Docker application or
+    run the Docker Quickstart Terminal, you may have a `dev` VM as well.
+
+5. Get the environment commands for your new VM.
+
+        C:\Users\mary> docker-machine env --shell cmd my-default
+
+6. Connect your shell to the `my-default` machine.
+
+        C:\Users\mary> eval "$(docker-machine env my-default)"
+
+7. Run the `hello-world` container to verify your setup.
+
+        C:\Users\mary> docker run hello-world
+
+### Using Docker from PowerShell
+
+1. Launch a Windows PowerShell window.
+
+2. Add `ssh.exe` to your PATH:
+
+        PS C:\Users\mary> $Env:Path = "${Env:Path};c:\Program Files (x86)\Git\bin"
+
+3. Create a new Docker VM.
+
+        PS C:\Users\mary> docker-machine create --driver virtualbox my-default
+
+4. List your available machines.
+
+        C:\Users\mary> docker-machine ls
+        NAME                ACTIVE   DRIVER       STATE     URL                         SWARM
+        my-default        *        virtualbox   Running   tcp://192.168.99.101:2376
+
+5. Get the environment commands for your new VM.
+
+        C:\Users\mary> docker-machine env --shell powershell my-default
+
+6. Connect your shell to the `my-default` machine.
+
+        C:\Users\mary> eval "$(docker-machine env my-default)"
+
+7. Run the `hello-world` container to verify your setup.
+
+        C:\Users\mary> docker run hello-world
+
+
+## Learn about your Toolbox installation
+
+Toolbox installs the Docker Engine binary in the `C:\Program Files\Docker
+Toolbox` directory. When you use the Docker Quickstart Terminal or create a
+`default` VM manually, Docker Machine updates the
+`C:\USERS\USERNAME\.docker\machine\machines\default` folder to your
+system. This folder contains the configuration for the VM.
+
+You can create multiple VMs on your system with Docker Machine. Therefore, you
+may end up with multiple VM folders if you have created more than one VM. To
+remove a VM, use the `docker-machine rm <machine-name>` command.
+
+## Migrate from Boot2Docker
+
+If you were using Boot2Docker previously, you have a pre-existing Docker
+`boot2docker-vm` VM on your local system.  To allow Docker Machine to manage
+this older VM, you can migrate it.
+
+1. Open a terminal or the Docker CLI on your system.
+
+2. Type the following command.
+
+        $ docker-machine create -d virtualbox --virtualbox-import-boot2docker-vm boot2docker-vm docker-vm
+
+3. Use the `docker-machine` command to interact with the migrated VM.
+
+The `docker-machine` subcommands are slightly different than the `boot2docker`
+subcommands. The table below lists the equivalent `docker-machine` subcommand
+and what it does:
+
+|  `boot2docker` | `docker-machine` | `docker-machine` description                             |
+|----------------|------------------|----------------------------------------------------------|
+| init           | create           | Creates a new docker host.                               |
+| up             | start            | Starts a stopped machine.                                |
+| ssh            | ssh              | Runs a command or interactive ssh session on the machine.|
+| save           | -                | Not applicable.                                          |
+| down           | stop             | Stops a running machine.                                 |
+| poweroff       | stop             | Stops a running machine.                                 |
+| reset          | restart          | Restarts a running machine.                              |
+| config         | inspect          | Prints machine configuration details.                    |
+| status         | ls               | Lists all machines and their status.                     |
+| info           | inspect          | Displays a machine's details.                            |
+| ip             | ip               | Displays the machine's ip address.                       |
+| shellinit      | env              | Displays shell commands needed to configure your shell to interact with a machine |
+| delete         | rm               | Removes a machine.                                       |
+| download       | -                | Not applicable.                                          |
+| upgrade        | upgrade          | Upgrades a machine's Docker client to the latest stable release. |
+
+
+## Upgrade Docker Toolbox
+
+To upgrade Docker Toolbox, download and re-run [the Docker Toolbox
+installer](https://www.docker.com/toolbox).
+
+## Container port redirection
+
+If you are curious, the username for the Docker default VM is `docker` and the
+password is `tcuser`. The latest version of `docker-machine` sets up a host only
+network adaptor which provides access to the container's ports.
+
+If you run a container with a published port:
+
+    $ docker run --rm -i -t -p 80:80 nginx
+
+Then you should be able to access that nginx server using the IP address
+reported to you using:
+
+    $ docker-machine ip
+
+Typically, the IP is 192.168.59.103, but it could get changed by VirtualBox's
+DHCP implementation.
+
+> **Note**: There is a [known
+> issue](https://docs.docker.com/machine/drivers/virtualbox/#known-issues) that
+> may cause files shared with your nginx container to not update correctly as you
+> modify them on your host.
+
+## Login with PUTTY instead of using the CMD
+
+Docker Machine generates and uses the public/private key pair in your
+`%USERPROFILE%\.docker\machine\machines\<name_of_your_machine>` directory. To
+log in you need to use the private key from this same directory. The private key
+needs to be converted into the format PuTTY uses. You can do this with
+[puttygen](http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html):
+
+1. Open `puttygen.exe` and load ("File"->"Load" menu) the private key from (you may need to change to the `All Files (*.*)` filter)
+
+        %USERPROFILE%\.docker\machine\machines\<name_of_your_machine>\id_rsa
+
+2. Click "Save Private Key".
+
+3.  Use the saved file to login with PuTTY using `docker@127.0.0.1:2022`.
+
+## Uninstallation
+
+You can uninstall Docker Toolbox using Window's standard process for removing
+programs. This process does not remove the `docker-install.exe` file. You must
+delete that file yourself.
+
+## Learn more
+
+You can continue with the [Docker Engine User Guide](../userguide/index.md). If you are
+interested in using the Kitematic GUI, see the [Kitematic user
+guide](https://docs.docker.com/kitematic/userguide/).
diff --git a/docs/migration.md b/docs/migration.md
new file mode 100644
index 00000000..8ff5c70f
--- /dev/null
+++ b/docs/migration.md
@@ -0,0 +1,84 @@
+<!--[metadata]>
++++
+title = "Migrate to Engine 1.10"
+description = "Migrate to Engine 1.10"
+keywords = ["docker, documentation, engine, upgrade, migration"]
+[menu.main]
+parent = "engine_use"
+weight=79
++++
+<![end-metadata]-->
+
+# Migrate to Engine 1.10
+
+Starting from version 1.10 of Docker Engine, we completely change the way image
+data is addressed on disk. Previously, every image and layer used a randomly
+assigned UUID. In 1.10 we implemented a content addressable method using an ID,
+based on a secure hash of the image and layer data.
+
+The new method gives users more security, provides a built-in way to avoid ID
+collisions and guarantee data integrity after pull, push, load, or save. It also
+brings better sharing of layers by allowing many images to freely share their
+layers even if they didn’t come from the same build.
+
+Addressing images by their content also lets us more easily detect if something
+has already been downloaded. Because we have separated images and layers, you
+don’t have to pull the configurations for every image that was part of the
+original build chain. We also don’t need to create layers for the build
+instructions that didn’t modify the filesystem.
+
+Content addressability is the foundation for the new distribution features. The
+image pull and push code has been reworked to use a download/upload manager
+concept that makes pushing and pulling images much more stable and mitigate any
+parallel request issues. The download manager also brings retries on failed
+downloads and better prioritization for concurrent downloads.
+
+We are also introducing a new manifest format that is built on top of the
+content addressable base. It directly references the content addressable image
+configuration and layer checksums. The new manifest format also makes it
+possible for a manifest list to be used for targeting multiple
+architectures/platforms. Moving to the new manifest format will be completely
+transparent.
+
+## Preparing for upgrade
+
+To make your current images accessible to the new model we have to migrate them
+to content addressable storage. This means calculating the secure checksums for
+your current data.
+
+All your current images, tags and containers are automatically migrated to the
+new foundation the first time you start Docker Engine 1.10. Before loading your
+container, the daemon will calculate all needed checksums for your current data,
+and after it has completed, all your images and tags will have brand new secure
+IDs.
+
+**While this is simple operation, calculating SHA256 checksums for your files
+can take time if you have lots of image data.** On average you should assume
+that migrator can process data at a speed of 100MB/s. During this time your
+Docker daemon won’t be ready to respond to requests.
+
+## Minimizing migration time
+
+If you can accept this one time hit, then upgrading Docker Engine and restarting
+the daemon will transparently migrate your images. However, if you want to
+minimize the daemon’s downtime, a migration utility can be run while your old
+daemon is still running.
+
+This tool will find all your current images and calculate the checksums for
+them. After you upgrade and restart the daemon, the checksum data of the
+migrated images will already exist, freeing the daemon from that computation
+work. If new images appeared between the migration and the upgrade, those will
+be processed at time of upgrade to 1.10.
+
+[You can download the migration tool
+here.](https://github.com/docker/v1.10-migrator/releases)
+
+The migration tool can also be run as a Docker image. While running the migrator
+image you need to expose your Docker data directory to the container. If you use
+the default path then you would run:
+
+    $ docker run --rm -v /var/lib/docker:/var/lib/docker docker/v1.10-migrator
+
+If you use the
+devicemapper storage driver, you also need to pass the flag `--privileged` to
+give the tool access to your storage devices.
diff --git a/docs/quickstart.md b/docs/quickstart.md
new file mode 100644
index 00000000..4f282b75
--- /dev/null
+++ b/docs/quickstart.md
@@ -0,0 +1,205 @@
+<!--[metadata]>
++++
+aliases = ["/engine/userguide/basics/"]
+title = "Quickstart"
+description = "Common usage and commands"
+keywords = ["Examples, Usage, basic commands, docker, documentation,  examples"]
+[menu.main]
+parent = "engine_use"
+weight=-90
++++
+<![end-metadata]-->
+
+# Docker Engine Quickstart
+
+This quickstart assumes you have a working installation of Docker Engine. To verify Engine is installed and configured, use the following command:
+
+    # Check that you have a working install
+    $ docker info
+
+If you have a successful install, the system information appears. If you get `docker: command not found` or something like
+`/var/lib/docker/repositories: permission denied` you may have an
+incomplete Docker installation or insufficient privileges to access
+Engine on your machine. With the default installation of Engine `docker`
+commands need to be run by a user that is in the `docker` group or by the
+`root` user.
+
+Depending on your Engine system configuration, you may be required
+to preface each `docker` command with `sudo`. If you want to run without using
+`sudo` with the `docker` commands, then create a Unix group called `docker` and
+add the user to the 'docker' group.
+
+For more information about installing Docker Engine or `sudo` configuration, refer to
+the [installation](installation/index.md) instructions for your operating system.
+
+
+## Download a pre-built image
+
+To pull an `ubuntu` image, run:
+
+    # Download an ubuntu image
+    $ docker pull ubuntu
+
+This downloads the `ubuntu` image by name from [Docker Hub](https://hub.docker.com) to a local
+image cache. To search for an image, run `docker search`. For more information, go to:
+[Searching images](userguide/containers/dockerrepos.md#searching-for-images)
+
+
+> **Note**:
+> When the image is successfully downloaded, you see a 12 character
+> hash `539c0211cd76: Download complete` which is the
+> short form of the Image ID. These short Image IDs are the first 12
+> characters of the full Image ID. To view this information, run
+> `docker inspect` or `docker images --no-trunc=true`.
+
+To display a list of downloaded images, run `docker images`.
+
+## Running an interactive shell
+
+To run an interactive shell in the Ubuntu image:
+
+    $ docker run -i -t ubuntu /bin/bash       
+
+The `-i` flag starts an interactive container.
+The `-t` flag creates a pseudo-TTY that attaches `stdin` and `stdout`.  
+The image is `ubuntu`.
+The command `/bin/bash` starts a shell you can log in.
+
+To detach the `tty` without exiting the shell, use the escape sequence
+`Ctrl-p` + `Ctrl-q`. The container continues to exist in a stopped state
+once exited. To list all running containers, run `docker ps`. To view stopped and running containers,
+run `docker ps -a`.
+
+## Bind Docker to another host/port or a Unix socket
+
+> **Warning**:
+> Changing the default `docker` daemon binding to a
+> TCP port or Unix *docker* user group will increase your security risks
+> by allowing non-root users to gain *root* access on the host. Make sure
+> you control access to `docker`. If you are binding
+> to a TCP port, anyone with access to that port has full Docker access;
+> so it is not advisable on an open network.
+
+With `-H` it is possible to make the Docker daemon to listen on a
+specific IP and port. By default, it will listen on
+`unix:///var/run/docker.sock` to allow only local connections by the
+*root* user. You *could* set it to `0.0.0.0:2375` or a specific host IP
+to give access to everybody, but that is **not recommended** because
+then it is trivial for someone to gain root access to the host where the
+daemon is running.
+
+Similarly, the Docker client can use `-H` to connect to a custom port.
+The Docker client will default to connecting to `unix:///var/run/docker.sock`
+on Linux, and `tcp://127.0.0.1:2376` on Windows.
+
+`-H` accepts host and port assignment in the following format:
+
+    tcp://[host]:[port][path] or unix://path
+
+For example:
+
+-   `tcp://` -> TCP connection to `127.0.0.1` on either port `2376` when TLS encryption
+    is on, or port `2375` when communication is in plain text.
+-   `tcp://host:2375` -> TCP connection on
+    host:2375
+-   `tcp://host:2375/path` -> TCP connection on
+    host:2375 and prepend path to all requests
+-   `unix://path/to/socket` -> Unix socket located
+    at `path/to/socket`
+
+`-H`, when empty, will default to the same value as
+when no `-H` was passed in.
+
+`-H` also accepts short form for TCP bindings:
+
+    `host:` or `host:port` or `:port`
+
+Run Docker in daemon mode:
+
+    $ sudo <path to>/docker daemon -H 0.0.0.0:5555 &
+
+Download an `ubuntu` image:
+
+    $ docker -H :5555 pull ubuntu
+
+You can use multiple `-H`, for example, if you want to listen on both
+TCP and a Unix socket
+
+    # Run docker in daemon mode
+    $ sudo <path to>/docker daemon -H tcp://127.0.0.1:2375 -H unix:///var/run/docker.sock &
+    # Download an ubuntu image, use default Unix socket
+    $ docker pull ubuntu
+    # OR use the TCP port
+    $ docker -H tcp://127.0.0.1:2375 pull ubuntu
+
+## Starting a long-running worker process
+
+    # Start a very useful long-running process
+    $ JOB=$(docker run -d ubuntu /bin/sh -c "while true; do echo Hello world; sleep 1; done")
+
+    # Collect the output of the job so far
+    $ docker logs $JOB
+
+    # Kill the job
+    $ docker kill $JOB
+
+## Listing containers
+
+    $ docker ps # Lists only running containers
+    $ docker ps -a # Lists all containers
+
+## Controlling containers
+
+    # Start a new container
+    $ JOB=$(docker run -d ubuntu /bin/sh -c "while true; do echo Hello world; sleep 1; done")
+
+    # Stop the container
+    $ docker stop $JOB
+
+    # Start the container
+    $ docker start $JOB
+
+    # Restart the container
+    $ docker restart $JOB
+
+    # SIGKILL a container
+    $ docker kill $JOB
+
+    # Remove a container
+    $ docker stop $JOB # Container must be stopped to remove it
+    $ docker rm $JOB
+
+## Bind a service on a TCP port
+
+    # Bind port 4444 of this container, and tell netcat to listen on it
+    $ JOB=$(docker run -d -p 4444 ubuntu:12.10 /bin/nc -l 4444)
+
+    # Which public port is NATed to my container?
+    $ PORT=$(docker port $JOB 4444 | awk -F: '{ print $2 }')
+
+    # Connect to the public port
+    $ echo hello world | nc 127.0.0.1 $PORT
+
+    # Verify that the network connection worked
+    $ echo "Daemon received: $(docker logs $JOB)"
+
+## Committing (saving) a container state
+
+To save the current state of a container as an image:
+
+    $ docker commit <container> <some_name>
+
+When you commit your container, Docker Engine only stores the diff (difference) between
+the source image and the current state of the container's image. To list images
+you already have, run:
+
+    # List your images
+    $ docker images
+
+You now have an image state from which you can create new instances.
+
+## Where to go next
+
+* Work your way through the [Docker Engine User Guide](userguide/index.md)
+* Read more about [Store Images on Docker Hub](userguide/containers/dockerrepos.md)
+* Review [Command Line](reference/commandline/cli.md)
diff --git a/docs/reference/api/README.md b/docs/reference/api/README.md
new file mode 100644
index 00000000..36485223
--- /dev/null
+++ b/docs/reference/api/README.md
@@ -0,0 +1,15 @@
+<!--[metadata]>
++++
+draft = true
++++
+<![end-metadata]-->
+
+This directory holds the authoritative specifications of APIs defined and implemented by Docker. Currently this includes:
+
+ * The remote API by which a docker node can be queried over HTTP
+ * The registry API by which a docker node can download and upload
+   images for storage and sharing
+ * The index search API by which a docker node can search the public
+   index for images to download
+ * The docker.io OAuth and accounts API which 3rd party services can
+   use to access account information
diff --git a/docs/reference/api/_static/io_oauth_authorization_page.png b/docs/reference/api/_static/io_oauth_authorization_page.png
new file mode 100644
index 0000000000000000000000000000000000000000..455d631e178921fd513e05b5418fd9f588c6e6a6
GIT binary patch
literal 39458
zcmce7^-mp4^DoZ9-Q6h;#hrt@6?cleyK``-xVsdG;(nmGySuwvk?-^VaQ}t7nQV4H
z$yhRzot^APsVGUKAQB=%KtQ0#%1Ed|KtO{aAfPw^(ElMNZV!w90T3z*KO_~bo&Q7r
zKMy`WJ}WD$|CG+m%#@avvaqoHw{C83uC1+wN5?EIEac(g5wY=#jEn2&=n%E_%FD|G
z+In$Vx?f&ietmu2-QAs?o#`YOe|>&lU0nRPeR_I2J3T!-JiNHLfN*JhdVILPzBxKN
zdU<|2Jw2V9pIcm9+~40{US3{ZUHwn#&d$#J`}^kR=Frg4*7nxm;NZ^Tv2Jql?d|Qz
z$Vh2ZyLv*QbZmkCuadR3wU(Bay}iBTlar~bsn4%3&7`8Sv9Z0~-Ty2HgTW6E52t76
z-96pay}cV78@)X}udlBY6BB)XeU~@4mEB!8*H;Z-FeC)j^5#~{(9q1v+SvSJ_t^Nr
z)C`1mGmcw(cURZ*e{#QGZ~lFrJb#{TPnULfWMyW+WRGr4w5*=oMTUmf)YQyupVs%y
zE%lfBdwcFK4mFK$X17eo#V7VH?iKW}z{a*-9Ig#+UtMqZcn5~XrsZYl7uRNlzMW2g
zecn8suLngW`6gGW2mSd~HIP!=Y~>a(T%Rsro%?)$_4RtTe)}1o-FS0;FnRp)`LOl*
z_OO5R;%x2GQyjV4m7=0!&m^JrXZbQU#LXo<`%h_lW_*ObTY{{VjG>L|>)laMQBO&{
zkC}=2)L`4;#Z8`{9(hcax1DL6t5sJ|e}ArX!T6Doihf&rCloB(bbUxj!}RG)m1Sfz
z6tm!9O9d|*r=GetHm|HvMh%^32VF+DU3M27K$E8P3QDEABF0AHC&)!di2@dy(KjvH
zS{~LTrzut)mdi{S3C862j8Sl&T}ru%Pa;d{Oujpx5*u=`;deM)P=X!|PTiK7EPrs%
z9*3Uy50`u!L}<l~K07&pKPMDGAVe46wu|O5?7!gScT-bRhrpx6hCx7uhJ=Dg#=z2|
zBO+sD7i8fQmEe<6R#3NfvheT=Fx5BGB=nA$3<Nbcspp6_)<ri;Ha4#G-Wx+eq@~MB
zi2d+_yvUe#+-Sl2+k1B;-D8hj_ofBtJ|xE<VOI$Th<O>~`O2_Dwgw>_pch2Ee;lfy
z6>*kX>2%%}2IN<lQt&O@PrU>KKcB4t6d-iq|C_qJePn@FARbr%#h2<c29VW4;}Z=)
zA+j1-)h!KZ??S`tdL|?%Kj8cIp6IzBMpCh0gbp;M*VCVhcqVRJ@&(PrJ^Oh<BFzPY
z1gD~o*PI;0?E8%N%t7c-KZ7#STH9}WV5Pqfy<|t4s2!yX>|c2CY>;fA=e!7kE>a8J
z8#`j=VsCZG6gor>P9{?!d|w}k017_3BfGZ6(0b$1fI5J;2X-}p%E5&~u+6UDOn{J8
z%xc7Jl!gc#mMz5VN$$2S1)!)O+=w7Ds1V|9*jWft>FGfw1LpDUg$7q*&~Y!YY@GEU
zh^{yqOOG^Jx)mq-watdHnQVnR8Q&S=P=Kg;z!5rlwH$?a1&ziJ-c8692j*15s@y+V
z{ANOf|B((-ytGsrqELP4$^neTi}@JX<%n(Z%JAkw;9)Pth(klSe`l|6BT&FPIR5U>
z<V9{q8fPu>M%%+rnXhg4etsOzk3k0p`1wEUQI%7p4#XlYXQ+6i5AW34{9d0XQ!=pZ
zcqwKda`Pz_O)$tEnt%#bIS;x7>O!AqgJLlmta9}Dn6q#=jwZ%Z!-5=U4;jmQ7YS0o
z`>51zXcqRIi}>}RXs+(EEwF$PTD{mljjWn%MPM@xQw~TI&$Y!f2TIA(lrw}MwZSf3
zCg76pjH`xjd7yTm;l=szAy%Gyw5$w4*pHY7`}cnQ-HNKPw<r~|Fn;EeoNZ5Zu<Lm0
zKrJ<BtWX6VY>$YTSGQ47tG6(%=f+=Cr4KQ^0Bmy$!>t^{0d?eWQpUEn(0>i16e?fV
zMtvFSdYG(&_|P;pnjLG`9W4q5&`iZ_DrUdSoVtZfF;Cg#>g!6C&)@EecRm6QG%LoB
z&i?a{MZFz`nd2GMQEsdH%*jl+*xFigGyGB0?eNskMt~=51$0MeK)ZVWXR#dMT=ZQ(
z#~Bz)Js2$x?0UtgSRejo=Q<L}=)6VIS4M3{3uK|A_Eo?HH&JlX{`?6O4Hs*pJqMiW
z&tsQ@6LneprVvngIM)7mOl(8|1_QLtsO6xFsg|0Jm?@38yBe9UcYv!4Ljs`C-KH$o
zGeczNzfV{XwDwf2k8vsFN0f)(J%1JBeKg+uaVdQrBG<=vE>7JW6??D`wQDiJTaBV+
z8^K9-b*C(hkvYghfG<k|wA{zxZ*-?UI0ABfQ^h81WZxw}=yq<3!_7(#;{%wG0x`#F
z&a`<1v4PI5sizg`AY$&U3=DB*7z}Is78e<{)KK)Nq3qwppk$?XNr#62QNSFfkyX;~
zoaNMeT!vNLLc~|x!U_D&s6?YhN)g8-#uk|n4d%w-8#JTE0K2NPybh-T?4BW2Z4Q&E
z(0`%^JpZ0PoL@o{eoL#SO*`H0%itbBy{q=I=={}>WpgGLiyR#dnVRu63k?{2K~IuG
ztd|?1OfmCAOTg%{c>~VK8;$7U;hB2-DTtAv%LUPYSjf_YY#EQk3t0iVtCR<Ci93=2
zKJ5vlQK%<|LchZqcfje`t_h$JU%P_XY@E3<!8&OYkjh~B#<H_-!?xQ~dG1es4YUWp
zuUj1vSD#l^l{tL9up~$PM9mZ-Mh|jE$4%x5f3|MDiN0J28AI3S9^I`pkYhrc<hD)U
zZ$%}Wd?C5?o6d;t%#BBDgJLd8M+Dx=%JiwD;sf`fn3K_gq6n485LID+x|n~UetR7Y
z){p5S(`uE`QbHh!VdiIQJ-P1vZ13#+XS2WKug9aM<(|ujMCL<AvMrS^=%v1V+51O#
z(~)@D9sWHn0$7hT`j{^U9grChVOj+n@qp|(e3(3lJbM)lUF|Wv5IrzC@<t9>hSF5@
z=e<B;J-Xdi3%iRGMy2LwrpyBUA3N20GczK($PIEC45XHIsb)QBF5`pJ<2(V8OGBmz
zv-y{c58mSq*Q@I-*XNxnC+`YQZ9*>zno(DBkPM=lDh4Bqx$LkUW~2<26usHER_&aO
zjGgdxN`K1mD4L9dLMQ?BTc!p~W={MeZ6@@p7zf?zMi2u`rImf8j~b%R1r%Z9UK)e;
z7Vmd6K$K$2Na_lddWC3F406FPK6FJ1L<2>j*Pjxo2G;a`Kv=ilxuXcB1LWY7T3qHT
zG0_^T%p0T(A~U%mF&D%dy9+t2)iM>~##N*TT*#kG43t4K3`!o}mbSLW7fmN>#vh}W
zq=9}$cDQ@qZp$%=#JmW%Ok;d)*SEuY-rRac2V-jTF(N?E&md!2v9<o<j}r3ul3*tP
zLFnfKHdX`_4Q>*^kl;M0y(_C(@%mqj>mH9-^w?Ew-FDrxHnjq8frZGErVzz8bn!up
z2{FDtx&9_Je$t=Kobc$r6bd>RJgDT^6-nc!-VEr9k$i_f4cKSigkIy1KM62pR?&mn
zTGFIxA&L@UY{crb>`J7OWTwWboRgr@XV$6U3#y?~HculdVLfE-KfV$wnhV8fTo#%g
zD@5qAf8+QjT6#TY4wG&V>qOG2DFKT%Yk`MxH>#+gI_IPt&x1ez<q;@aM$JL-(KFRC
zX-#4>s;wrcQnl|`kj<)myuXgQbx5$x$tLr7P|q&&2*-mL=&JB{Fh@7)AutHfL{(I<
z-0h2VdnO*;UufaVin~<`Q6z~<vy>Rm;q^j-KKhHOH;dTVk*H!rcwLyuxm0%KPVoz*
zO*>#(%oiY2;ChN8+%4hHHqe9S5NQGbdBhJZwy8pl9{LBe5=ouvd6G=kI)bY4cPg+D
zGsUZC*78ZUV}}J>WZhFZ@#-7G>Gbb+wzV;_Oi<+y?o>I9rNObGv9q-y7g1H^dH&0>
zp|!KIA>Cggzi_k8j*iaGj(lMmbCdN-@`P7U7rZL0!^@nZ&m5vmWPobW1Sa&0YLr7k
zZE>s!qtxHna7J&i7TIJp{dNiCv$0lF-VswH8-M6hbEjZRI#9m3l&CRDQZ@~W$=mP?
zx1>RN3KG0$cxl^s5w^gSir-VChlS{z4&EavLzom|(sRTESRg`>veo0>2>_%zcIs=t
z29a}U;`Kp@gDwgOa{`j6qJl*bw>~X#IVli>I7u;(A?)!028f1+j>0yoM!4U{=Z|kL
zDtoKG-w^Uu8WTxnz7;+tgU06RUq@mR9Tw=}(Jp+8szg#7E3{XQ&0P;BMk|M;!ptbE
z>Q(dkz28>WipG(ql<aDAc>P@(Tau`Bvg(EDZTJsUf1+Fe5XY=2-Ajyz16_b5fE<yY
zV<u)s+*TmY3z;L%i7;5x6_g(8)>nRWOc*311SF$77gWU+Yu)1XX?O{5+29Ip?jY{u
z{vxfomlHM%XLG!{-(@9($n2t(UgVzvw+l=|5QSe<K}@g}iV4lv02n^F5w)Nh4=Gg9
z+w*tY1bUo62|GRhEP-A>!QP9smFnK}D1Z1Orjm!<s>EL^-lTDg;I^1VSEsKYXoC+B
z&@9b`sQIS^RaG`fL4KlclNcj<O^U)6LDIZQY%eOQS>qJQc;rAS6A6QHdVHcv2%wOo
zth81~Y*#=@+WkYv%ySqSTBjMFnFz`fXfds^m~jF@<xc1_@8Zs<9ipnPwZB#%=-X@-
z##%RHw18>CjnhI*<k%hj_X|WjrO7Ka$Q=qdaRKTMF<6}>#3thqIfx~MgU~vikiqM;
zF6^SWNinTZDiMo$RF>x7C#!WPy~V{#g9}AbpFBxcTJxLOt{5aRuijf#yD(Y|0cgZ4
zUxS~uRG4c_INZxbR8&-PYe%<Cqm_k|j7)WPi%n(bx|NIBad4w?M7ADd)JUh6-ajM!
zUrRk7w!U}APtXlN`wOYL;<Vz{@+E=D3)2x4XybSM;G-l$lSFPu{&ILG-2F)J2`WX4
zN~#NVTT>{Fzt5&H+>0tq_J|n)J{XfbZ&GCnoKBG7KyW;xVvDp0+>r(=+$Us^VV?0|
zwma@bVuxi4_3&zH`!OyH$oQ2AuSr(A1T~_gm3T33++G)-F;aXog~p)sc_k)0%}_To
ze>Z4b#pm<bTao!`&##!ZFtgT?;<z-=y{cWs1M2sbvSB2xi5V^8a1+EZ@RZ$Os4Gvj
z4qV+9(Jix!G=zLC9W@(a4RjL^14?W5U`=hTQ*seFX_CmPK|Q9)D%{1Im9vZIJ1Dk!
zV$tE#nT%kQ;iTznA6XhJE}K*SQ(SHg*Z)qb$K7JDyNW<aVHmL4hPa1{UD=k*%>Lr?
zTa&sUZz&0rDt1Dbyw6sE7m4?h8ySt*-1$=UiHiL9t!OosIxL_BN+&3d{}0Rp2A}+9
zG>SvS$R*^+1&msyyTn9=s5T+8r%2JljQ899zROgj9uZ*)wO}OEpvH)7<ne6oFLXSL
zfV{o|`oo>iP-U_U!g_mU2~G_I0zP&=F7KiSHHB4dG|y7!i-m=Q%A{0amf8I8n)sZo
z9Deue78|`T(^by-o-*shlG}?Ky}<j`lDr&+XB8Kr75$AiZB(p%|L~)kZN_b{w$u}Z
z$J?Hn8!RCoql(nr;(@@&m~0W^<<9Xa;fTANyFK}i@9LTIC%`M`6SW85KQ5G<gT(v7
zoe=?)v*mP69oNq^IhMm}J%#^LR^r>dxCXwNbACB}qHnh7wmNbtGG+{!{^f34X-O4f
z@u8;ksl3M)s??6b4i6tGCOkEUh)83`<~`vif&O-GtYpBdjs#?<1Txz1RzM{|4r-G(
zss@Qd0Obwz4}Oq~4uDc~MH#X%`2@IKj-HYR?)c;BX<Z=p2q8<O$5VYut%dk0m4I@o
zA1Ps8<bS8J+YmjKfL)j#hM<&CWmU{H^j~{6Kkp_oE7hBI`x>>3gxKAWCd_`iPf)Hl
zxl~b6E0gFkN8%d?zUrUM*ry^V_#OY67JfDRcvwUW6meGzJha5CHRui8J-ggkNDHv$
z=Xrh_xSPwoQ*aRWo}5xn?Q%Jp@O!;I4NEQX?(n<xxX;<T?0Wi?6zW<aCan*@%I&m3
zi&(muO9}iYat1n-Z*?tyEZykdWi#K(<8)!g_UYEQ_%Tiz@FcTz<qjVB7_HAvo)HxB
zXj3^YExEc{`nA|)op5NMD)^>7+4rDemGZqfoO*EpOYTPnHd19Mm4Yla_C#HQ9U3U)
zRYxTpa*NN-C&=n@aGfMlP7wW_&2EexOO*EhcWX#7g!>gB8EPRq$43Hx-9#MXtZ$Xu
z1)_XpH?n%qrQ7hE?xpmPB5J?r#`=4PLHXS)S($X&|MHUuc*`ay`|?98N=wP?NRz0X
zHeoR>rtBD&+R~=^=dW_YDvfz6q~Ea4IPnW-!KcAcj{G;`p;j;dQbO|IA1%+zMFjsv
z%tvW)2QEBM<vxbRjfJMOY`%6q?SWHE;qh2M+FHDvk9v7nrj}ZX<-qxq(*ey-pUVTw
zj_(I!nkV`JUo>;I6WzDdRYu*P37)L_J>NzCt>e{+2;zmOZ-2D8n4He9Z5ok&wg!rP
zB`y1zyvo#i3zKQqxcM`sFXzh(d1jFLyEirJ^X{=Zo?K<vqbc5p97-iAE)BvoLu$mL
zCsFndRj7sf8N+f>!_*%_HNH|QYNvQ4AH#`4^s#vv;^GD&WP}mX!$tBsP+S2H*j0j(
zP|2&aF0>KIiGtOFE3PAngDCC&4!T}ODy6B*!JN+02kuZ}TabWiu9mhgzt5VS3^dYJ
z7P-{Wy<lv|u$Ot{(j^DkmACX}dseWc$j4>vk3NZY_LxWA8cipA&BUC#Wc^-CpQNZw
zY&eZ+YFnMi-`yQ$VTXCIO-6pVA`(XL=c}WJlY!>@Ay-`;Ue9~mJs<UNv-$}=H?u>3
zZ(FZ<gg*x6eDU6|R23N`JePX^#XJYF`Obgd?RNI&-jCNgW7bX@eEFOopI^VffCYN9
zzy9%j?%(qXowB|^`~`jXFK_!E_8(l=rfg4^Tv`5mt2tz^G1d(;<K920`7D-=;Fu2V
zspqW`*uz+wc`w$Oc6IfBT~vt|9!XNdb_kI{SNI{8SX5WT83xHaSNTNh=9Kt}&L1_*
zPM1`a4CUkjbq4`+t%SX@KhDtJ4bi}kMHylK->FUrVPY_bOd>iKu4`eH5}Yyemvokt
zYS_^-nCOpcM~s^JdR6^noh`fUOU(-PLCnp!OwcQNqDY>1+RN*Ab1ZoVt@jLCY}^=c
z-4x5)gwo(2_3CW?8vrg!|2w96Jj>~xtxIZ>4utI-Z^w`M*Iw<Ht{&$r#lYRFKyUx|
z%lv@AlY_Z2kr|v)_w>3=Yd_E3qh||8FSOb=_2~#ogyDZDv|XP*d&lSL*PkbMo3A{0
zhF)G*XB1<*?LAf3pLf@W{~i{q@V5PU>aRsSt!9}OtTg8B&eCiTnj%o6jLrr=ffPog
zG+dto@xO9}Ne{ArmdS`eQeWsNz54Bpbvwy-tGLjurg1kW?KjE|LwrUOQx5t(&&IMm
zSm_`YED>gerW30M>02MS*p>3@V#PTnpfm^d-Krp?3-skj7{Eni-y|+|{#P6^vreEE
zXdVD$qKJ`f4i*L=5;2v{#RW((upudjMIjG^$vcHyzA1srUl?K)!H$>7ptE^;BM|&4
zrQh8tT_=-n5~KXkcSV87sSGrYE=X}FS>?uW7hxlsVqAx|5~DXaZ*?N?ldDavy?#|9
z3N}NG&&z?2J3}{*)7SpqwnyWPlk<*(IUi?B6aUULzc*!z%%n@@@r*4Czj!&A+($H#
zP5V2!CL2D*F8BEG`a62KUM=c<!fS1{yY4UI9a-`yy)Oqk%+72^%v)NJ5&J&w_Y062
zcB@Zpv96Grr!jWJPEQb6%*yI@7t6{42Wmu?k8$9TbtPKMUOl(~@y9nP;y)_a#215j
zXm~&*yS{V})#1X?m@p2MB>by=ZMmDMBe028P?Bj(#=7KY#yJU)P>4<tAPssS{MH~9
znKd{72l9#@ETU=96MlOE^qsQ11i{`jHlGcLc&5TXj6-#U6b3gO(t|1$f6|X$n!-0u
zIld8DD~k=k@YY=p-us25v<`~75$GhF+KIUcxaf9O>HVr1{2ZU#XV$NyrAk#g*|}1i
zZVs2J-UsFJ1r`k(%e15MrnueGvAg%32R{GGc5~{1%(3^mhb0Bqm<hrG6R%6HN1uT%
z9zlV_38lBDRN&RYC6>Q@*e=^?;<4H5ld_HL?j_#i`nMWw0=p&G_5k0TNOQq-)aL%+
zfvf`YZl#mhIp&d)=i_MaR{mXzJxYYkF2ClCa{CT_Z_m5F$X)f)G$a5f_cTg2nC|S}
zh1+5miTso)m;=MK%%AqZW*2!@?PVl2M>sb5PG9&ViRgld1HeUo7H%-FPc^7*>=bfv
z`zPN90UuZ^*o)%?0vn5uub(s?kQBP%Es=SdK(CC`<s*ShM`2$0CfM;z{UcB6_8&|y
zhVbjbeBjpMEU?1qQ<bVw$)yA)n=Zb|InsuceqY<&pShCe7bTJ}e0Amg2gN9L+J}UZ
zas@%hl{(yO&rkiuhddQJj)$wO#=0b}RZn6e>lZUc3(kn`^cxZb*Bl3%QH}Sv0zRQl
zx4)^renO)b3+GaE%J{-byZD90VS8J}2v$>O_@tP~zlBxZH}$#5{`7Wv7jb2`2YG~`
zG;`|{@5!K>f2R90uEY`X6|IB?|Anf8#dRh(XUg|q7lX>Jum`azMncoB0>Xi!!lQ2W
z7>l73a{U|b>*K^OD^<Oefk~l()>VcgiVd6MDCYfa$Q6Q<wZCh578fTir<?|zI#dSj
z7K)_9qhvMX!H061@#C9rFx-CY)EJ8EMTHVBU^bR5%AlZ`^oKM+0Bu8vA!H~MVuQp2
z6Nc6lCJiH<;eazUGX`>*9F_@o)E^o~9-o*t7qTu%l(lS;s}E~Wyluo+M#%?nw@6SI
z>;2+PxvD<k83Y=h?8vJ<<tH|Y?o*p>+&whhQmEDY_y@1`+iVWxT)sBoQhING+O6vi
z2S30;m&>|%EV<)8_S3zS!xP|MB(7tD52LxEBw)1#sqcavl>yu~WEwqZ3D7s-nzU(V
z1K&`;$yTiPo5iiw!!a4!2|+<XJ8(zV5N~Yujmf4xYoW5o3K7UHtgg?jN3rEja;#FW
zOhn*^G?+7SDS_gnPQu9W*N`Kz*txQ5h#Pgq6pW*WYI3~hQi*ycH#b`<+RbB9K)!9*
zsQ+bOw5J94ubWw4>UR#x-Gd#JB{=vA_59?pwb`I(Iwu12vC&nX)Ku?yMv7PRSSrSy
zL3!X{-N0OoN|SL{s4hf*0Ujy@FD57LTpAT6IPJkkk44K;ZFzOw2$L@zSVOsJ?M$S~
zwIs=p*u@_dT9f0U<%C?VpAw0iIV5qCMXegze+AuIv5O(}T_Q?_Bs_5h5jYI0P=aBg
z(cwE?sfym&O^w0ohs47|sn!49=Ca;evDzUyF#sX&=FJu*^K$4*?dQgbKt_Pz>2a}T
z^}^Y~gMn%2VZyDS5zdfrV98fcWJQtY65zcnPczP(Y>tX2<Y#kuSWP`bfJ=qY@}P5q
zlFf)a#jFkA+R4ke>}qnWbdUvgNiyY#opk~7X~2&So{m@SE8KrWt|iuObb(+a)IK1Q
z0W~z}E!fLqtD2B(TamhTOH?yYg#z^2B^KhSe!ju#P<CiP4}}1>IwUvSnAdt-2J}j(
zb1uTBi#-C}EQe)Ytf&#ZjmkVJas;!9yE;Oc4w@6i%MDspIzzSW*+X&nRyxjG8BH?w
zrKO$5i|31%@iusU+GckL7@&Mt=ISl>WCR=Lhzl7mx+0<h&G;}Eb2U?{3At*52-=GD
zR`H0(94x49<oM^Dku8-cKRWa@<4syzl0%{r!=frmqHYXNaVv3X=ET$OFt|D-+Oid_
z8muYlWhrq@$1NCJ>rDnc6tHV@{;rHQwAB(dyTqK>Uw2Bz#6=Y}Oy#437(V1Ft|ww?
zO#EE`Jf}Ko$+iX7^M5(DXKAp|SvGRv#6e<z?}Fo)^S-YNCHMEHqKE_Np&FNp-w(>A
zkKR5w-rvJ}C;E<@85_yAt$(TEZ<1~*0R`nV{Ae~d)iIS4);b&{OVlNe7@V+G7THSi
z)U;Avx8z+>51dpUE9`dgWuU(0teHq?WN^e6WQiNrUqDK8+PU);QB}(~D8z|3RNG{7
z#+;=y!U?K$t!vk2LS!m3*%{##IScl;ylBbH$7{<=DyQI1)_-WUwgr<!A4UFA*@-Qi
zc;>K6kuI5`y5)wbE|sfiO1~YnW7PV$OJY-KJSN*N!QtqHa^WCoj#N(iv(oh4>NoYq
zx?&IZUM6^5=EXf9v~5SeYxcGJ>pJjgANb0FrE|0z_%K@}s8xkYwoytrr|@_7)k%@E
zAMrX2&0Te&AJdZ_%y(O9<W~1@-%mA2GGu-+>Bt|l8kt@*9+FXt;;Q~zpG|!gw5DHw
zY=gEST|i0hVpl5F-vfF%(t7Q?7PM<(b6ux+t#2WzfajbboX|rpOjB)tX;b!SPMe#U
zs*cFN;s%&iTY|>&QTr7p;<`tYA!?N0C&&Mw54em?$XBOkTeq(|{f}_QaH7f-m_X|B
zW0J`g8+L8_*&IbG4$VyV5!D-lB}(JX-}Y5BUPaqg*YJ^u>lfABuLv+TSI4jO1=sWc
zbDPH>6A=kMuL=(}1SDXKxi@W2`U^CFY=5qIQ>@bQ#~n#g*W~MGp)Gq^5^DH87{(|x
zSh7khw^Rs%HH*+IH%mHypoYVLPc#1<2fDa?&9W~Kimd)eu+ZX(TmuxWCXI1=w7G*t
z@Tz>a_4vzDX506-L83de=zchkItNG}f|&{~%`6EbT->>1{v!4u7em6*@6x(lsyZVq
zb%F|dKB(->4f6dCIUJOXAlUUXCQY?k@UL$%wTF!pOyBTS(va$i*$#tUqME<`Tnf@{
zhj1O!ti7Ds9AAVqiySl9QgaxhST7vgePB6|U@dX==&|+Wq(LCtPq0{`-cZH7dpcQ$
zroQ+BieXCSOXbreJW>|nrFA%=F0-*JV3#vW&hu4LP!5B?-Tz2WA7q%rU_6WYWt;T+
z=qGF>BNE|GwPzGbGxb*xW)^9mFyt1tff9~J6P4W~&lobU{vKPNMEimN@U`q4E3Y|R
z<zrwr#~&D^RkbU@ESFdky{jB;e7*57rIVc$9hMy`j|zAa22bH1S83mf(ip}S{|m7>
zdH;3P)holLcsf@DY#u>+-RAK*k$gmrqUmC4lP{j=2I}`(WpGsD&FKTB{w*SzFtNNL
zpNx-DTg&5K5{n;r8N%L1rr5~6&0w?3#?c{Ov>>Lh#KLeZEXe|%mjW)X9vhBwY_HWg
zGfg}D<R)btLp{FUTKE2mmcK*a=EG&P&1DujhFjl(FCgMd{VLZZk~^g{t<yYW4(m?R
z^Yp?D4oyOpw8HYq@9l>S@9D3b&ROc%fI=CWwmND-psDQ2zb(=Vt()(3!nvj+JuKtn
zzvA}NWg3j~-~C?5(e8A{tkrpis=PVmk@osxsc3csfZ!9JXlLqoQ!0e~Rxz7*^>1F|
z)@9v2l);zc<fcJ53>|?aWS_5MqzA4k1L=-Vrt;zu_gR8gmQ9oYF;OF2T7q9#rOE1K
zy@Kt&6Wf#%6gE<^Is$n?6&zR?qO!fd{(dhQlK(Z5M=MB9UylFl#C8*SDkCL%4h{Wf
z-`_=7VkHSqi`6v@-yso>Lp~;T+NQ%?l>52qCfcy?MSvLSy}HD6?5*mxq2Xyi+4Nzm
z2p*m_N?1b+^Q76m4z#3x_jntqUb<N8@-QP3=#&F<(ss1G9xfYc1=g*3HbIeoy|L2Y
zku59EGoKAi%hk8%pLIj5xEQ)54wcv7s=wm95k-cN$0m@In*^)p#^HepY85a4KCBaA
zenJMec}Qd4iP2IOZl<pWB4S3<cN&_Bd_D&bA0lN@{ywevI{%&dF|@w=^2ga6Nq?<(
zzdI0wlogF%s$z<{L8}_l!Zk(DJC(*StMir>w~*Oj{`zm7gZpJ*aOJPZ`{V$AXanRf
zyet4mo3RvAg@Q1N!BOv!%e!;kb1F78x8OmeYLYam;dttU*Y)aS)Aj0cP?!dcr7*Ny
ztNegeTwE;hIDMd@LikGw<q<Q*)<5^URUU<;*WW>oAi2(6x9_4vIX)?G3in?*&ckR`
z&FGJ5!1GwoJk`V~(8;B-X^}QQr}_m%JND3RlG*57)-BGcch0Z#{usUb^vt@;!@;0D
zH7m4-W{!y2HPlc}a{y8)Pc4D((bniU-a0MBIWpoEPg-fb!v8!)(>lQ-2;t$AqoC+j
zT$xvxKhwk#KWRlDir)wsJjJm&crP$MB$X`IdmYlQA9BQFde8(od+pD_A;VPaPPvI<
zmNY|yzCIl%a|s~9M}Zb^5fm`eBjSLC-TaCw*3R!fg_n!ph*fS%_QQYph|yw^L=+Xp
zqcLwUlH5gIfWb<dBQ(h<+~g@32<@xREukut<cOaL@F9-6mH~1=!D*g&D)tFnUyJhF
zqC{$9Yn%JXVyiA>Ix|~DxW`*_nej>X#Ke5lmk`b>gQ_WRDdh%Xya-B8c4c;n5tPw2
z7-?!CiXVbaNp9I6Bg;q-?QnZR(FRW(unzN7bhfO;YDpAY!Px)TU{|?~Y8vGNXFM@_
zVH*s#01yZCt-KM?ZTF2YO2P^z!4J}%xk$%1=@#_kb4^<v9zEGXJ^8LS&Q6orcCiwf
z;xKyI)K(uCm3jCV>tr!`g~`CZ3NuPK!GAAYC@A`~)Om{|I|^8X1AvyqmN(iz`rk5)
z=hLRlq_G{_e7lZVMPW-!sP2()bi2#rC{9_*G_13%9x3R);o0?ry$VZ0_t>|S5TiqI
z3z3P1Q2QU^Sc<|lb+6m3C4gAUz>xq<Fe6)^Gk(mvLoDg|Aq)F-KMe?7e^&$^yqz0#
zgSqY2+E&cksgjQ`QBG@v0aBsuaS`*0dyb|Io<V(8(qQOtt6WyA(PL}I0kWT_$kZ7u
z{o$I3Wd-YX5R3z&z?Ff4p?~BqW>^mVm<3h0E#jduxh?7HV&3H22yZe83Fb6I&5PMj
z(*2=8koi@o4^VtPab+QP*dxneC-NE_9tPT)%1@xnThSn~*mK-(>JwviE(&Gg2>_3L
zdvA*I*wQ?&HS+VrD{ER+*}YMPt}Pd<GxbY4-@f%@{*OFojcT5IpPkbsOBwG)sU^DJ
zll1`MO3FN;pKeN4B{au+Qztz0Rtxo&j^hGy=q^Ch)CMiS;?i1ofqM(m1Vfz8BtBIZ
zl?|)P4-I**&=hirT?5qlot|B?l}gFtAAb?lkB>0bul6_KS>RUwjZZKI!dr37(DZi+
zd6XLQz;QMc2u}q-fgK=$I$x9UDDB=o{a{%@;IncB`T;hZc5Y&`KSaKgha1v6bO?u`
zQj~)qb+^+6f#kAp6VlzYQq<q@-w+h<kRVIIm?Hb;s`t~8#sEs2Z`NRm)E>`Cq^@ux
z#S&!v;+Ud>@v4OBI==*yHZkiGk4$?-<_w0+f|XscxWKK#X{39=20-|-(G5bH2w1UX
zC47v|G>kte?Gl=#WF*`w=p2E8{uq(mU-tvl%x`@n9Bh~Ki4F|1B&~NQI-u==!&jfz
zhDOj|5~EMOU66y$c{;h{u8>`Td(Fq+>v3}EtN2V-BPu~7#TRQu=&A5X7O$q1U5Z|X
z06vq5j*xrKU8Js$yJQcdxtjy7dxK5J7}Ad*z-2H^QoLp9bix`*5cGveS5jccS0R%O
zD$p?p3^HsgOdTo_oSU7S1$a~(5E{v`?THz9+Ts{R8(gK;Vjru^!ZTM9_iNDM!G1g!
znVyks2E&l7Udc)CQyMiM%SjTDfK(c6KEv;HS@br=kp(iQInWjrsEGgOI4&aH+bKl8
zh=dFA-Bx^{ik9tAS_?(C4S^onf`mT&$LTo1(^;xH)+LLnLB(wDVRO5P1z>U+z@<Oa
zuq3cv*0M!gTm70{6|SuDZF_GabI%l<(c?$t5KQ~ra!A|Cx=%I}zSkuc!9sX6Cd1ut
z9JJrGJNCB~vi1FMi~cbSs#&~1zKUi~{_U1<*y%aA-98ipX>whL5E)hHgogqIn<;a{
z7CjYCZ)R#@*Xs-TYuXpc+X=y5zZFtM5P|^7h3T39rNH1%o*DqRJx}=|vw-frE{(J(
zoT>d(khQ2sOgVuv))V5SQlye|MKO>bW_5Fjxk~Kb&~x3}44WsUP?q=cc-;1NxXm~H
ziygGP<2(6ZpR8fPk?!-ZIDV5PmvIF;qIO}NYN|;@=Y?;oHepMd4L|;~&-=5Z-1{zr
z!Vi6K8Tp5ynQ616w8>ETE`1RD)T=EKbu(i3AuF+XTNpaxO@-~Ra4rGqNOu<Tg|}%&
z*V~MMG_R%Pyyg+?@)}<fcY#ZtY$nai!8btx>)0&~pCOcHM*}-&CEcc7Hm|{;tuUG)
zeKOXyc73RU**k|KZ9=3M3*t8dlEGAUD3IM1OR*sl>y=2HI>$TvH3b2-2Q&zCNk4h%
zVnWkH)Bzb67pvnDhRl%)gdcB1m5&D|t~k`z<0r{=&hP@1^CEmBYm2lL5vVMtZWxPQ
zE@M%^k^k*t4>m4R@3cy2c<>oi$%sLEqh5XFs}$3CQgpD)l>m&34$zBUN8wLCi{HBo
z?6)Gn0G*#m8Th=C5bT!eqRTMIPI$|s4+Ge+pJMG;sGHjW?AOwm1d$@=NzOk5lx!M8
z8;+4}rS)&p**%)i+}p({9Ft-Hjfi~MObP^{gJmjKWykhRU7wjfctFL^Zw=qr;a~gC
zT3pPX@8lZzEn^ogh{OIih(5p%1Tk4|w}6~n@cGDc=P{7si_k+wy{eb{G3YeA%;hDn
zS6Vxl^;ceJG}m}ECZ;g&Lp%dSCSIN?rbOiSm`LdQUm=aCl`62%J!1ZzB-B1rz|!k{
zWU9Z9;Kp_R1Z?9)L4ePXJ$|oVfazJ01~_E)Rs~~}AU;_(+FW)aY4^5`@kC!tcnpV0
zsQsW*yY4{wC~`Lf=G6IqgW@tZU!O}?Cu(Pz=j6oir@P_Dc=rC9{|>H4-<MA`?~vFq
z^QL`zT$6X?JC8eQ2*ID5mEff4wGYE`|MvdcugD}M(U%mRFCED{0pkg)3|a|qUA;wE
z8xz`kfxi-T1VEetbP^?wCAILxg>!T@&cSR2W2`;J%h-521e=T{D9}BG2@2d9Rs7sk
ztZH^bJMoT9{9w&LZhF`l{*zVNsX$|*(M^q8;S^NSw1p-bICgn-`>6G`?;W-txVTJ}
zizpty&{EOCC;NGi!^GKvgqE#z2jn~NUI1CA#eng5cUm%8288UuYH(+P6_5&4DaYY~
zZ^(X4^TBpDNu!jzhye*SZu7HhJ$roAVX#5^5wxK%YbliBzN{#R3~`}g^PFTkE30Pv
z6jY%6=7dl%yOjHk`pTPGq&o0pQql#1;f-=2>sgcg*zN2>N>pX8;Eqf%glJ`qHY(6w
z+<+_Dc=BYrL(0!Jc1bOg`ln>BCET0cws0d~IY)Y5wIPm|mj@4|{{h!;=Gp~@H9Brb
z$3ajqlxRi7=mmh-k7m@S@LM7;`#xvGpfQg(P<8~%!ZfV3?`;!@@cnyrPu)iZBDkn|
z6xr%e`mL7YO65#ETSFOx{GYe>xPyj$eEX>UPwg<@0B8$olG)E{d2@So{~*$O%OE|M
zHQhTH&@s#~bm+gclLq~hAU=fT?Z9F5_()ZW53EN!4JxjJ4PuxD(1F;?2Th{z3u+CL
zf05Lk@$jL~hs!hh1SZLKzE5haZw2ITB4+-yW?uJ<=#I2?;oXlnd5im>)|K2C-Br99
z4B?c}^*6;3U>o8kP}7m4mdwsgVDq!3^O!!FKVbLhY`~_w2hwS0L;?U^<rxNRHo+4^
zku2U@9<yi%TEiw+fK)OYx7~ozlI(>ngxL+w3Kn`421(+StB5m#kZTbt-}jT`@YiPP
zYF3dU0eqP2Leb)+bz6-klr}eoJCVtv7z~V}D-L<H=iMzq*BA;Db>d!xOUiAuB^#Ev
zJU*-(3yc6NpAR!yZJmrUmDh3x%^T1#`qiF!?luNIAd?nE9Of8}aQLR~Jc*s*nH1!R
zv6iPH^(?QH)jPiN^WH3{#B(4-n5D=do4ui;=<gJX_=tnBCLXt_c(`^GqiO}U+0V^)
zN0@xeml_IF)Jk%YtM#*{OuOkrbucXWP+ZH-UDiOx$1q6scVdcmf96>6F-7&R_Owqw
zeu%$e1Y0;d%PfGReVB)9LiNZ|1rHL)3T*4I`%}|Q5bKsc%!PGtl4ZJBWkTEC!&Cnu
zSQvub=8YE=m3poHNBQ$xs|LqWL4-9}_n0J22a0Q-M&yDDmcavjjX2oy_y!PN*+}ON
zM>ntc)h>XL;NM_AI-Ki_K(|hJS6--!FI0N>Z{#kh+eQ3K@?w<SAq-*#oc)T5_ZFx!
znnCM-h1a6<Nx&k?yFn9|^Hb`Eq=5a0BCuWY>`D4PFN|b)>7ImWRlm(~;_}^Y&^fDa
zcoxg1cQI*2IYAJuUoJ@QWJfZ`;KRFgADRVXoSYNe2fSEUSoh_NyC?Ht&h};L4heEH
z2%6a+K|gs&{5!(>W}!!c?J*B^o&X6pigkkGIxsp}KmjZ#LqdX)c}t(hF#GJHc*xDP
zow)iogD=(6p^8Rmc6PSRVO2n5i0BM=MnvVEya6*>=)fa<AZ+da43-qLPl2)AqBa&>
ze!D}rXB36?`56_$#NLkpG&M0obYY}zpKIJpZxUcNl74$b26=yor(nEz&f{c1tKK&R
z=YMj)hki6^$R&$TvYhOL9~bxVv2Cx<B${CWCSGTB8eLWJW8C>?QfnF7Nm?$%f)rCG
z7LLR~#B_Jo0bj5r(Z<i$Rk&O22ZX76p!CK+T1jc&f=KriFMvrk*3EA!gIHrS;}?7&
z)~z1*3grW&57<fq4T{91rwYnnS8x|@C%Hh@+j|J^n}1KNC9xGXdhtt>dZ3pIjCksC
zZd_C|EKs9*=aJBx$il#U8*X6&;~W`{0&XBc8dFMN!m@@&kEdRjLIPXq+0A1wzY&XI
z@W7KK-Vl@gKMV01k0m}nK0^2U#bluSm-_>52~M?^r$%;!%D~PQ`(pn6&Kho8DkQn0
z%<MV~tfDWA-eDJS?mCwF5EQw>#G5LgoHkU4y+WL2c@Xw_vt$~2#l2dpdeZ#UzebVZ
zi<|m;{r%XVX9)hC{u3CVS}7d=xU*ec`c;4NJ4s02)EEY$Lt5c8%E14oI68v@fN&5$
zC2g5AU*#%gzc^Tj(E3`KA9!bpV{*;B4E|7%Lq)p%v>N;auJ^|GkkD&xXWTZ6<m*p*
zIGV*%5idw=Q_Y41h%D_&V=o-#^SLgavWRL6graY09C?BVx)~eBN@hQ3u=-FS_W}x_
zP%P{$9lnF5u|Jz{9+hJu`*@oFiCi2dsRE1j_G7L;tY3HbdA$<?VOmjyOg1Ai>_@$>
zJvx_8xBQt#zl=*l;Y$TL&LILMk{J5%nfb0Ce+$0xMy0jw1RH1sz@blV3TuHhlzMEk
zru@@)Om_?-xoyw*i(S8#Ybtp1ek*{F&b8aq+N=z7a2{4OKIO^{a!_h%HJ$P!i>Ntm
zWQLc%<|Uhqp}1h;^QupM^5bz*x~2yGd_Aj;e%qSpxUmxmW}H1v;zM`-!rL?|bM-}E
zx)LlBGCB`><}3b33@=o#@7oW1E=5j;Q6I_<^N*h47bB(|Wm1r3URR@UVCW<y=mq0%
z<P3HMnQA@6%2JUclrH_xu=bd>3p?Z0irRIxFrAhAc%`_9T5Yt830e>}TTKK3TANR_
z(dqyPe%YZ<vfU>EIO7<<3gnh2neAbZkkgA$J^s3kiC3J&-WbLdx?1c`6u>*mB5?Z9
zl0>IEw~kVrYgs>C=oopV(Ap=qE)ZTHCyk1_N$KtX&=em4DP)XN5{P~nS~X{DsUp3L
zrgM?TdLjDW(e$gEiO>%k>;SbckLdEL`;&)w*?7mzcxGFpR0}ff?sqPNrXpwR7sk*U
zc%sWQO?$af1JA2cx7h~mK!1nCK%pnECRD58`{0KQ^qw~hdQGilEKKeE3}jfM{;$MK
zDNdirhL&;&w1Dq|6|J+Jwo3vJ>dqnx1C^#Dg*@!+q@)UD@ER_(4{>2L5;RG(x&@RZ
z4d8c2#R_^?{51p<mUAySM36wSVH}(dKofXxLVNPp9?}-@j2uJZpRtZAE``%@Mna)i
za6;KogknRQfQ4NV_w8TT{@-sJ=f`XJGxsVR0{J5V#P(xxuN(dcgjDIN(r8)C7@uRh
z{Q&Ln)^wu9k^cP0)QLn{CO1Vt^|3hM3fRFc;(Qt0#Hd8MciyU6MR}el_OS)i7k{P;
z$snfTxgmcR6@>GfxOWLb$L(1#Z3O)ymY=~3nb1@y(czp0VayZ1fADf<-Ny0<bKis=
zmG1>tnClDwg(cx{u?i7bI1@_`_y3bt?{xi=nePT3by&AP!6vZ={ON)rUu!V@*<s~8
zgox1<rj0Gf*fM~8m3$t8vw&$cY)x{c{)uJ6O&0#M8jv>wiHfs!3vJl8j(zV<7fn&z
zauw8AUkwYr`zEY_RUfNWOK|)L0aXez?q6xj4gxG{IKS>PX!+k47dk4+Z3W6>j0Bu_
zzLk{|K>Y>~A$Fi5=vP{&hg|L?yfS@^8&&f5HU-q2_eH!zxi#iq0-@DLMNH?D;R?0M
z5(2-@=B4H@IkPC31%beCDT%4!)CkNas&4XJLao#wz&Vb#@h?*Ic8j0u2>lF#X-D5l
zREX*Pc1cjM*l*L5fhaGLk~19PbYn`%S0#nGJ$FmThCZT|xJf~xAy6FI`M<LgJafW9
zTFDMtJt4^F9m8KQuZVdKm&iRTApjlF9wNe4I1JKG65**D=aoj=1gFUP*~P*3Kn>uq
zTto%aOPOmujXuTCF8rAyhpYV>Qqo$b<ktptjSA}s&WO+v0A@mN_ZEky!n>LpKc$y%
zlm=n9hW3weoOJ=MICUMi0Lo;cbymx82h7hKjfaOE{(lGn`0IkSRuOSVNFtdv0)X_Y
zQel<V873SLCZbY@!|dc-LkQAxc9p1#tCOgPg&#ezBE|%V38ur#5k0<)57<{_N~$TA
z@28JQPJD43(RNbp2Skr6L@N?j@Lxvvcob(8CFzP>UmJ`h!vq{B&auwWr$vFDKSKJd
z+V-(tLPi)V3Ci|qg6b1^?CUoAV%{%AZbX^=_a>tz>d89?njgaBI3;8PvSA#_j7nu+
zQIj9e<#u;V9B%r_6uGdrSaeZF+J1EzoERy;Xna((8pyp41$0LrmKi$aOst$>-g{hH
z-J!`hv2|YbNxAnnXxnT(eZ_-Ta5kWGd$PPgT#T2MT2<oogtddW$B9b)Bp;vP+k7S8
zA>iR30=o=0<-Us{``59ONmNVvnuwJn8|uL!8Zyfm8T%IrOXQCW&F6?SjToNztV~g7
zzMFAm+q3F+d<+NLUS9?Y1a`Y&Q7TCd`b!B*<hG$d<w3U_)GYrqBfJJ3e!e*M*EHe2
z#&D3c@oH`8<=-VhSL`pdkYk{@=zm0zS0=hkMbQapQKUrxuzYZB7S!hCrd*Der{3kW
zkwtf@2-OYC`20&Yk<3oSvm1UOaInW#p%qtM$To67pg=0KhH`cCNqaOVsy0qY{v9;^
z7MNxjt^0F=qhVXbpAdSjE%3Xp?KS_j+ftri*y&NXfazqyG1SqYs3Hl6wvuw%!Seoi
z-P^38wN=?JFRUjS;9vK?61TptAwnsP&JL^yeKOz5=pFgsynSQpJRZ#X0DM2VGqSIr
zf7%m0#1c`8SyBGJr!tp7Gkq_!h!t@?)6BctTS8rccKB3&swMwxPY&q$mZ;arb7%}@
zF9|SkL5N0k9Wf5RgX~q#kNz!H+5&$m!DMC9AGbKKak+LmHnAg`JQ?!UHBNKkcFZp(
zY^p)ubn2O^;Fw-#ly@78MzGC7_XXOW<GYIgr1smL-2bH(0x%Q1rB;Jh(Uoxjoc#(I
z`YvqDnO?<A*Lgo9bYd9a1F}C3W?w67FMsi!%Cy33G?5I!wmvGeIe+sTs*(zhIH_Jl
z2nPfT*jiY(B~LVOxiEi6sAaIhKz?#%4z@KIV?l6iU%JG^yI5NHNafjP2st<!8F|%*
z?PNmo&@uP8PeS<Y6c?UD?G(-&M(wO_B$;EloPyTz)HsgNA>$pSN9zIQD=pg!^se!-
z>!yenbb>k-Aew&ksx;}tz-W5kY}1(P*jA}+XJn{rrGg>ms?=@^QcbBYsB5;&YE6$^
z)h2<0L;B5VRM~TkCJyP9R_Uts=f9ad4XqCBJ2mUi*M3{2zx0uqvRtUFItVug8r40M
zj`TqX24-Bdf}i)l*0PH3nBYVe>VT69VMW)zf`w>IS)@UMFs22OGe_AlD5(V2=s`1Z
z)>zQk`mma7Kg!L*9elXrRAs1Z@LMXn$yS@isOW0Ubq7W!ZI-tj(rp`KfNHPCE-}K5
z7f*Goe^U~u)U&VAF)rUm-r$B1%z4Z_#Ai@z*6Qt-5v-tT==~4iJI897FI4C+X11U+
zbM3aKah?Mcx<UDYTc*Uc?|=oqG7Kx@tkGZ*PWQ;5BqpzV1@)q24;WKCg!e&YKoF};
z0JY}5hy0fSYO|_Q&?P;y*0NF+w_0|Yfx12yi~A+MwP)YRLL+16Ja60Pw<+q*#G?3#
zn59cfbC1!hR)Jco&LwHmhpH|Uyz`Hdxp-LtyH)cnzuzzQ;(r)LpnJQdNIkDqCOjhJ
z>>|cIJg*ZkC~YH3a<`nwy)%YS$$X#Z30pCSoZm@G)ARCV%8%fuJuX|=M@h?6IvB;P
zswn~q!%5%Z+-7FY5#w2WM{9<0ktx!_eL%mlLUME%kV9t#`Aq{AA0<c4pU%RurNh^t
zxaP)^#ftzTFBZM-%xqMBD5F4rJ5WLy@BuR+Jnm-cvK_r>`BHD-Q~AH5KhiKkgn%E2
z34BNdg#AY=SWzkf3Jk>m5jBv48XQnD+w&h_^H=VhqAw*#!s~b>6ZQ`tPzI#38*_hu
z-$XNS2%z|0=xHN|g+nnvObwEV4Cjw){G;%*EI|&CiSUXzsjO(ReB=Wv2u7g5h?nlK
z2)Ch~nA2{BeiVhq1X98%CtJp)b2nRW<sq>97xAOQJVMDt+RK2pcC*3w>i&}64z7A#
z3Fv42>*N2TKcmV}GPwW8=I7qVVV$-1=#zU`_9rQd0AewuiQdPxKr|39M}_QZ_)pS*
z-_b3y0^2#3@Xvuvu0)5b7`_t<s0+8hCnih>g&}N$JN^k0e6LVPXX!EjPvS+yEMC*j
z=$M4+LKecnS!h_OO{?cuHph7M{`9eHodGdmH=!;by8^mvU#sqC*%vW#{ay@-GC~C0
zpYc=noB6-JBGg{3TR}_CPFZ++7LtHGnwY;$P4edli$5}!MTCra@emb3PY<U2A0~TA
z^BcYSUA0tpLpyIom^W9SPrehNbF@}Gd(kh(tQHtk3&jP}|L%Jm#+$yMBzfGTL~Qr)
z?yc@xlQbz??j`4iFc<>Y9&8v|3n)=4Liz;5We&K1mR9JM$KCAX?zwM&1A6t^0rTTU
z^mll-3Rq%{w3KLC7$LtEH3@&TuTfiUOTJi6%uHO9IRsP*BYeLMO+eFbgXO;1Javrz
zy!f{&TSc>!tF==bXY}=QYCVjjlMsJ(;bd7|N#;j3_@{K~b&aRx7E?Iylj9?^)fWNs
zckkk`2EiMu(*F_nmQis$(c2&pAcGI?PH-o<4+M9DySoK<8(e}0hv4pRL4&&mcXxML
z`2F8^_nbXvcR%i#F6n!3Ro{BL<koa`_3sUrECuGMEoLG%TQTsSqGfJfbd@fljv1o}
zwuvT1IDn7a5%rhiL2}X^PTq6nFUh7hPUKR6cR|Q7b2AqpnSfcIh(gj0s6d#l+I5Ko
zT`<Thx!Kb(&)K;4wdSk;o1Pgw9Jj!a1xO<ty$KdP|ETTt%T#bhxdmQ-Tt1d`Q=m@M
zAjSmzfFD`cDQt))BM|{2;Zpnj3U7??5MQ2_hSlugt%y}#*{(?kEy1E>=L^Sekt2nD
zM#-72&*NBjxFd}ylN=%OQH4H(l(-ILK(qbg_+YE{vx{~M$&i|hkM8Al&>HPFFE@Y2
z_--nJ&)Fi-N|@<P*7i0JTb!kZWg(KXA$160k>AeVWXG&Bd@$_=XCkl{tCV0wsBUvd
z!~!Mc3C_oU#x-|jm+wK53r`ARH(e!^b604{NB?Ylfirq+d<{p3JL~7qnz2I;Z(#zY
z3)ElQ_ZeS+s@jZ*7rkUpiRmH3YKTvS#R(n%&N$on&Q>lje4>wf`8srVu>pj7BySKv
zLl~Qt*1PY)z(?XpPrJ+>bhhy<ABQs<A%OGmGxaeDkj3)TpeRIEv70nlF|r>5l$utD
zk#9j)9G9Y!KA^0aY?!x0?aVgEm<p%)wd<f_9&LmbZh*2*^JJbZ>g^QB)2;=P-Fm!N
z#1h;?|2Gmf6*m`1hB)%Ml)p$IHbEmeJ0Y$LO>rvbCo}#^xee<^ZcV1q2I8-Z$t0XD
zo}g=)9_(0?Wc}3kt!TkTJL{TAf>>j{sl+!PolKS)M+vcXl{aYEFHnqPx2}z!L7@lF
zwtZDIEN-jvz_0yWcr&Oly40yTogGtzZWuBmy1xhPMIdPMIK5_Nz(N#C#?WOMY5F+9
zr{YoS&18|ht9jep6n77SQ2^PjB$#IuE&L`c*y+jW+CQTK&H-ISB1lnGwGVc)n^<X;
zg?DtGR0UF`qt2|b@l2b1Qnecszuey!$={FKdHo{>6(7!I3|{h+oW95bK97&nyHW?6
z|7vG4fj#rSh?g(<)jWr}#88bS8dkm#YXMncSh`~KZ^UoLunkGMX*pUtW5Um9#idU|
zwr}zG_v41vauca88pLwj)|LA8(tYsrEi^l-+{4us{;<bpdJ3;b#OkWLQS*6Ub;f!Z
zkTP?iCCj?3c5)}ab+k>D_iEvJxz8j16X57`@x@ADUKYG`@FmA=wNVqxqQ($Elw25^
z@%1#^2AktI_4<&L$&{3+Ru42A>k;}T3*_fACSws;@$2~b8`IUYjH@6-R2r$zO<cAV
zP=Tb|%Rvw#)S!-}->iI%Ue=8P9;?<=llc})BPT|Jdrn1%gRNK6blY?3nMCI2D4wx!
zeGe*Q=ow2*OL_TCHkzM#Ta4L7dgB-4P55Dw=Bky4esib!IThGtl~o^lT(Xr8jb|j8
z5Is*0kpll*K0p1lu<}mh;uK0ASry3icRTNN1CM^5?bZdCLV@MgcMUku;a(3W?Zg2)
zV`X!$1gq|L=?!Sp<wwY*eF=R#;a7iaUtL+5HujPDSf+V-=z4V+|E(_YLjYaCc5!UK
zMUPl@SRBh{Q!UZJ@yT`(?C4%(Fx6=+KL)0-A}AAGXfnS`W=x=+g|jnsIcP|+_cXS!
zvkUj@C`P7?Zhid&1t?|78c&i~sD)9Z&PO4lD22)@JN>qttzLh;ey#wpFe5uagR-rp
zt9v1d-FW!)M-xz$%q5Mrn&{+CzM)i;y5RH+#FE9SD*Nymx2N|csuL#F%CBcxl0V^>
zu5_5)N{FPI!Je3^J>jnxiY!^pO{*{k>-JbD6ON8DvpBC%6mXZld%5CyFfy!2Xj9oX
zPVO@=+^^fY+P}%1gID=AwAG{FJG}fzr<b&U{rNFnXyJT_K6_Md%-}R=$1b%)c=Nn!
z-h^$Pu=4SY?h}tum|@{pdn!#-?QYupADB?79@GtUk}bdU@)cSX7k#v_CK#VA_;9)-
z|GJvn&y5G=DjfDCWa6Wt2qnwqUBme?H|7{;tokCGdi_yR&o)I-BASI|RZNZfBH+Gq
z2Nvz}x)eN57`e(8v5dTXr7iz9uKi|Q%ZLU>tq#r6&!Y}*fUkljWdCGr+08rxk~!|f
zWfS6%XF+s!ObC{nrw!N9j~S_J!DY)XLd}@qVPBbq?4%58(`|(Zzz_+9HSbJO;xpQO
z9)9&AI|yr;3Tuy-b4YA~?$#$=0VGnfM=3C-y49TD*9&%}dFD}Uy#FKplXt^IANy9V
zl}5#TSi{#@i3S!Hx99tWXBHP7OBTH&Cyo|{@aiY6HhtD^6Qjl40g?H_*!_qak^bOz
zWY%I^uuIMj)u_D%!<%#81WnVS*68^pGr-k|=u4mV{eA{?Depo8)uT$wflTHxY_ffg
z;)>}?{=ilO6~0x#!+t~tWk|4a(`8k)+J#um623&<4QGaacS;-5lhWM=B|g0?s9DT{
zDXk@IypIURoxf1o^*5>6maLg`sUB9SSv;bDRp(Xqck)T}u@%OLJJ${y+DQdKW4d^-
zB?{=e)5;vf&2BN5;`A)5igr4{gmRm0G_cYNkyOkLawUcLQ!ium>-DC)IXH#JG~mx5
z4YMYyenh{1S!X0XPd29JGC>fAy6`Cc$zoG6gC<V0VYD&?*ihO~LHO@dIXW!ezN7`O
z1wJp<5>~H2MhiTkU27SBZ!D!G6ZIfI>ymF-wpRO#&d(GtfzSNZ)Q`f3Avwuq|JJV<
zT($pL@}%DX^7>TrbNXjOy65=WHo2av>tV;+v%z_N`D@lBw*H7du`%L4z=rK1IH_`&
zwM#u7?ot-F`^o4H({-jX^2SM7l9$eF8U6P0j+aGm5Lhm9MDuVJw-GN#^TW*76$jka
zK7b=Dw!G?!{?#~(Z-`2j>arq!<z)N|fD_kDC75|sNw|^*Bl~<}hq^w?TgQPP53=CU
zAI{VlyBiYFC{EJNyYW3ATB~Nu`cRJ;_6s2GA$)ibDbjc=GS6Q3m(A{QuL3~tfhs*a
zyp$?kv*L4iKEo{<z%^N)w3eJfoQ9GB9{O!2&pg^$)hJsw<bX4mBR8yh_YQ6_l-3Au
zjVrKy^{UX9Kjfr8sfsk==ejK^!QdyC@VhY?*FKeMoM7Mb78kt2FCNT|1C0@Q*%=2X
zKA1*-T!yV5>o~q`Wu2jSYbJD?^SRSTlF0~Z(vMA0Gd9#kLgiHeK=6vEGcp!dGlYwX
z1<zAv-!&x9cAs;__(NbtlGCPec)NG^8Af9bSYkf`F1W#=fu=pO?8Hq!T4_4iVwL|j
z<}&?wmE77CGNR6!*ZQ|o(t;KzgT4rhe(m7_6maUlUeFxT-<v?HU)7mMCVt3W``mYQ
zP_!&gM$m+lfz&ZS$r<bfLi8L<FcLli+@Wu8Lqmd4ga$+(;#WHM@lE!@Gu+^6$}rWp
z^jpLyGEso~Y(}6>6~`j#94WMp+g<&d4lDq7f0q38dp|x-#w@?w!xsQ)#`ztpnMESx
z@YtbC2Yp$s07iHF&4O5w(n?&Aa(q~%mCE>rGzrDS$|pbO{K;f#6YulcRF&LeDy32V
zOT7}>+CDSfu77ylgSdJp*LA9%SC>0!X5*`!(ZGfvyI!+#Q7&+<pn&I`$HRAlC674|
z^2=X&_wTj4hSYDO|603Dees)fL5B9eqWDA0X4}E^$kNgkE7)cY4CPqcZ4pN@l<r?&
z8ZJz|T5j?97D4yq@>P8u;UKZ!1Q%4%vPBO!YYaxzh$aGqQf}bO++Aov>~)RLH;wyg
z|A^GN1U4`2J109;;bq+J)~6d~gMNZ7-9uUCQvAF%ZB%|;w4ylr+$qA}g3-WTL||kY
zalOvjr?JYR{xD<qYs-pPh9fUUWUeDz-FYWsc#%7BC_)nJv%%1nT!6dUV_JvX<;`qt
z5$6Qg`cGX*@CY$P_rFXMun_+kG&LV|cMqs2Mnh*rt#cC#!NGIOF=R0JtySkUKqMOO
zF0<VcB0ts(5`3Dw>_8Y0j7KbBG1K^D(u@eAJ{KNKrd~@7G8iZ1t<DvOGbHooJzVi`
zaD^ULlw{hSKYQlJpgnd10}|I(*pl_l_m7Y^HWNn6l#0C}Hm0TfrGZ>l8Y65R<x(bW
zS{8m2WSlG`U85n0*Bsf6Pb$n4a5fWg&et#iEnLj}b;@k?XytzPYC3ajulJ|y1M&wO
z-plhN@(kq+Q;MGPX_;aJmV34qHqn2(q=qcm5xsS7ln-)EPwIwvY{V6x!Y_XjlDlaM
z$BdPsejDZBP2)U7Eey;h?E~^x=+;<V*NjN%vZJ^p9oKr8M`$}?&E*WMkap9Wy+53a
zyoxTe87)c8oFmV79uyX@=cw1U_$n_<Bm!&9YFFD4PqKe#yRhNyuPSq3S7c-Pl&2`a
z7ZqX8U!pUGJ}>#BN2<Vo`y^B(rXyF9E?dDRNRicGc6v)W;(C8ZO4n%mkU~$<N?B@e
zF0Q9!cCY@3r!?~@>6-@<QSLe@mulLyonizm9lSJ~m(>@z<qx$_B7gKX_2eL1%aTSc
zD)z6nQwcW<2M6e!T`yYd&b5el`g~x2XA1$xjE~5`BhWq~z^Px@zdB$NqcwmLd7A~N
zz!>rt%%j|DlH=j3wRQ?Oi*XDmuSL~gZp&Mcd#)l9N-ekf+qLv(5B&y^RKjC&DvVSL
z9LFSOM<PazH=_>avJUfkk2MZ1CxJgkI?^DO%>G6@cz}s{Knk9Gqo;Fo%2y<bTpyta
zbIKJEe?`s2&SWAEcpwqRl0!w#)g|JOh(V71n~}``kHUb97{F|35)mrFHpK?nEWxA^
z9Pc%#ORb5Fr*x=txL0E@BJ#@yooqHK7cXe^qHiN6ADr%Qyw8U?(NiNJllRn+p!Dcx
z=rl^2U<ek{F&lrv5qMid5%dWqVNOoT$)^g~CiUiBjACL16HR_GsFpNsF*JoQK#Y!9
zp~z+EJ^^(DgZt_bv#Gt^rG9A|R)1;m3SG{de1~97V0+2eZTtDlcu3@3CU<j@$E!;h
zw2#%ZlGT~?9VPYJM!T2hIFcJJjL!GRFHgjj_qrwR4-b*ZeW#8c#wa&$+FvIdABB0`
zgmOC8x3rU^RDZ+67Igy`d^VU83W#?Er#>wwKWrB=Jpy0vJGxPbNdSmgNsQ+K+(zYe
zmyUQ_+DgZBrYR187)<46lpC6;8?3*^og$=;Xr?h$m_l?XL&V_01q3gk#V>x5_Iku7
zdFE=;NF;n&Ia`f9oN&ggn<}ZPU9Q|Hl;Mmw^M=pr!1D1T7RFg)m_93t$v4Dq8g^P*
z+2kuHQBHAb)Ecf^%y9z&3(*%1Th*=V1*3*La$<;zBpG8CjJ2$1!#59#{ZECtoKCJB
zCcxVM%8!dG{!c2;nLuSWyRl5D5c#avQ&+v``$iO0z9-w1->wWw4UyL)Dc4m+#sQg9
zQYgjFS}EMg2CVq;g@!hgnrW#xx%P`wXqwneLrMW+0q1obH`VC64a}|ZmH#T?JAM)0
zXlgb)F=puAJo(=H30VkoiRZc^c1LRQMfV$C;KDFut*csNB@@XHDUTSGe`O!}VLpTX
zk8}~|j>b<V@3!l}<Y6v_)+JIP`sdab)6sZrSR(ly`Q3}pxNn;{3CTTrB`E+!y%~6U
zRSEf)mBH&~vn938^-6p#4;S?7i^{g-yy!e-7<xl>8P!p{naXN4I-Q(D9ent9koIzo
zVIRr6MX&gTMv9L(*PR(DPj?Qa1~K<%w_t!##_p#AQCf~Y<MG<oaV5HYt@rN2^7ju8
z+SC7xpjT4}GP^n8cnZ>cP{E(s9(GS(R^MSjkX=(0{8(yb(hPRGee`{4c(UZlI2UZ9
z7z+vW%ig~F3PF~DcA)O!+F@I#nbWPO>*;e*5zxArd;fiY6oLfgp6b=~qWlyx+G3Dw
zw2<{YKXsZ`I9%;S_6!RN%=T*hC1)x4$K7#$)$*s$)6KuE*Jgh8m^H*J4K!#WFl&z?
z-)ques)b|yb1$C@Me8s8U$S24A%NKlF&&<bn_>MC+1_-N5M+p_3h>#25TXExP#^><
z6a?9OVhBG#&u2dXB+vi|0pRbpGpeTXg#bR?YBr(Dt+o?FK%B}2dwzNLU`Gc)sCFQ;
zbTf6_2eU!|L^~cfhk@j6r}hwlZEY0x?n(j}2q<pf$F~16UKf3E>(wG``*!}74EpzB
zkoNs&jv^&mp1kjHXkViMkWHSXe0>;~!bm^<<;ythe39s^qvk3>g#vDVkvNGH3nK`{
zKRa>!hV0dzMFD?7R3gXkP}yjA<oNwY>)XD99@*g;LeP~g1tUCVY!q<fcbS~1xkcnK
z<i=rB%Z5^lfly$tR`C#!yY{X9xiRq6w0<{ga0fN>yOnlgtL}ZQabP>KcA_W?2%;N0
zQF%yC36HnXiFFlP#fw=oKa%^>Ibi|jq$#Po)M_S;<PWMxE864J58-SX#f5?Nc|!tJ
zF*Lld()sxuwKsVJ8SK(K+btSWV=Xs@Q9qjNVzQGMl?Zc{q{f<E{;Hef<ipq$$**Ww
zj&PQ|+4uU?+DLhkeeb<)x0$0!9NHn&V&b1s_dZ>zQkpaxgxm^c_V9~5GVx~eG;|(T
z<#epNQ(&SXI$XK&wYlCJ#<X%DW-4rt`@_k+HEpQzWp)%NXj|HyK<5}c-oxRSLl$5Z
zG(|n*F>BIe$x*TrKD%r&iySf+sG5^53|52|J(;~}KN}6}Cud9IH*e6Wci|dK)T;N9
z<2{uZyd4dT)WUyRTGRmHXQ+$2kn$dKa^5_Z8%pXmzsZp%Ra){dc`Vtf(x2Sx_YCk8
zEj&ED??rS=k3G0W4Pn;szJVKFax?MIlY~(Fhy$y_t?&6N=>Ab-rVZZYeBL&p0OGWV
zlSxVEK}N*n$f`NZ*JnfL{yTnyqpppm+EeM5g%)<btW~^>yg6hJ<o-E2bW|}+vaeg?
zquqwNRaF`%Lx7CK%>!l?EVX8>1;x(9s#aYlf*U&vs<~Q~+@ggGwKAsYTm&)KimM+X
z4+Mssky=)!^$S)fqa!UY8^R*kX6tWd|E53Ho;zxN31$A_H=Ug+pP$NWN}r`QMqph>
z=>6)X{@AL>)`70pz1^TE_qR1n{K?F<uCX9do}j(9oc@TDSL`kbb(kuX)#u<ze(N?p
zc3^F?&x7S|#k$pYhbmK{l_&Pd^u+RxdlemofjWComytOf{8Z7?ER7+au>PZehf!^N
z^h}=yOM#_w%D^nE<T6&B!6m0%F74?>tGyxFMWaXa5a)uN^|-Eh`8R{=u#E&XIW$Rv
zqLfMyJZ*mX=1QBtRPQJ!C{dAH9%HD@^K7<6yPx`t0H((@trf<p$>GIW@wv~Zk|ED$
zGk#HY>`+i!2LRRRjM8mfS2v!ABhx;}lZjIMncJ7bx9x?|Rp2DK_<1B<dOT?eGkyKv
z9E89&@Q5}`$YjhXjWs}C5yFceRD4OpW%7Mv2vf{$g%slLAJ<#&4HO*4qw7eKKSbvP
z?J|HH2^xa07qG)=kFDen@f&!`X|LDH@~{U1!R)^E-i^Gn69OP?g9$dGocJIhz(gCP
zg4$q<Cd1gDK-5jyQ_QqT4{#_me>|9uJwDp$J=)I7lJ<VWTOAku0~~74>iPz&UHsHM
zI3OMhu<OPIfuYEtwc*GKNXei@sYyXX;7}kc8Avn~0Qo-w>IWkf@E(Z1vw;5-ytDql
z1UGyac<-_}YUrZh^gJ!>L|b)&OzTms>L(djM#FW#C8*HSrlwn`N)UQdv-ZMX3GqSA
zlk#=?b-|#KyuaKPkuV_%XwYyjhe8i1gbSAhqrt0=r?BYiSEm}<)C-P8#hC48dXBZv
zy_~o2Au9O<08@cKx_km;pUwLge1$2&f}{Z1FWd9I7a^~Ldo(p9F^=dU^loDGZo}b=
z#@h?<K7&hr{{2bF?+Y!O1&5SErqHzaEKK3D2S`xn6+K#~U5;P4uOk9n!+#1hy<THI
zw}=`a-XiK<nSg0(9SZ8T<l9!h{zV~nD;%~QzI=)NFEvc|`Yr8p(Q_z~D%_xqmJGA!
ztRBVlz=Wr3jwQ$azg^A3sIa%FuIz&)l}Y`7H@V_J<{C<u4bv-NsZy=zXlX6A4y`d*
zYaMp=SMC2=pUXL(z@&tY+$ToMKA_w=nr3_og}6>&vjv%hl3~EwZXytbA$N+at>2)y
zl|8p3fn!}_l$~6y5pvkMsD8#quxXK?#xj4jC`;g-iQl;jAB@2gGLDT!4XPa*j**%v
ztd{b0<g5v$WEG6WV|0LhkK%F_;!hhHW5{f{Y&cT7mG)x(BO^nm`ps(=sBx3A<B2VK
zY{sTl(H2|7j+2C@busBX{G~Y_sOnp37_&bu9iY~`bp-;EpU980MyOCG&qE`ArDZS=
z@^|??=xWlQz>2>-<35iEYK`n}<+&~s=?)PF)_i=-ll<)c`pz&NZ&x_c*dYv4nd({^
z;vTFP@<q37ksJS#L}~a0z?AR5UTM)NVhkvMppTgmbT-3{Uszx>Y9m4LgI{-9ynz1E
z3xo+7f5Ka1x^$H-JI5DXb`*#2QZ5kPvNNLAB8iZ0F4yjHk;Pl*&lZpA&3o%nS+?!O
z_qg&QT&%+wg6bs`D~N4UWB;r4X0Cdj^&0yzT=>acX5`M)PHsK5i&7gZpNYf;nds>p
zrRu(%1rHBtR!9I;=TkU!6uk?o7I}2sRP6SiM+}+htp@K3Ggf0R!X>`J@^jTy$r<kF
zwm9XK{k5oVnXvogGe<bV3xn>F+9<}QAz@xrc};sWX~Oet0GRxB5fY}(Zqzbeirm0i
zb9`1~8#&#pfV4eKdd{flf{RIY#v{cqtGqwKE`x*h2xWy(nJI$bM&sm0IX2jIdH_01
zVz#pBVvpgN`j^jtWA@+8%+{CH9AU{3IOy?i&A2{l)|Fj~MpIPDU#%FUf)F}rWZBh(
zd6^o=YuHl3n{n-FOnxZ7M_F$kT`Ez03lDUltr+Q=a?`1vxZ`X*62UGsMy#&O_k=r|
z8-Jc}mQ=gI3q!R+;H~x`)XC}AY|g)PmhjxbUU~^3ovGw2oghVWo;EgErKz5gaQltF
z)My|j^-zMn%AW83*;XR*sL*e)MH@lZ(QZW6%+kL!3@6MyzGQ~In8|wtU8(p@jiW_E
zR`<<WnJGF8J@uoRn|cG}cN)M-;=tPh=xn7em!O%bVdBL3+1~K0?{tGQOO$2W_eJdf
zOAEEF0G*ee70cH0>tkX@=QHX`Z)+UeTRr5;ZX`5ij70Y3G1p6`#mL9OA<mBWBtP+F
zA%?!IwJZrgo~)lf*+f~L+d*q9(@yDJmzS(664`0cGP(l11+=pxwQ#w6)X%P))PN8W
zvq|Z9?EXrbHMQ!cdL*4axu8l;LxaAMi>3Sm8=MYi{sKz;6(ib6-O^kD085Bs-n|(5
zEER2Nd(GahO<qsGkPezK;7=A&v!v&u8PW#)+x6gyIQJ3r+QVQk7GGR)6>^Uecj;l#
zd!yV~r;J-K;Ex2pDsv>noa}&UvFMXMaUcIyh3B!XmjCt6)XCQ~EyG`&1Z%Xi=fk=y
zNK_tcYF8=&_?A>-bt8Gfn8QUo<{?Cn3UH+dN+M-6<WF}KBI?4Zw^PAXfL8W4%;K68
zRzlh0fQMc|sDtwq5(4$yZ&h7DzOiYMI27=C8ZdG=;bm~XxnO49Fe|YTWov_FYCDQ2
zjOYpXs!fR~4~whJ_PV;&N`V{;*j*r6rkgb%;BZ|I#!SIlR*t@6C;dvw#{mv#NVuvE
z=9c(%77`=)y(3XM2zN|uhGv-GBg!C~-($EI|BA&{$Xpn*>qNGHV6c0!W+^oX0rw?c
z5K}jQvExaAI}fyDXmr2<k}^8Kx7tXw-|FRQv+X*z!F;sQK2`%&Ty=60CdWr}4{0)3
zpMN_RrUXd4Zbt26G|zKInTdKMV|)c{`Rux9M=GT=?AwPVc#wl_r=EOpRJ4k3E4ng%
z)mWMEo)<x4OVln4FJhq$iirWE&GoKXq*TPws*f1z8H||M`rEQ`Mmxb1VCIPQ2@iP{
zs4jDmA~69{b{1T~1YtNSu!RQ|97O}*wwOmNG0Asf^JBmxxWNS;)<>hSK)Ugr2mGL8
zgcS*gBozl7WQ1ap@;!jy6cAv6tOna)PasDdnb8=mOFVWGCY1o{spn8E5IIM;*(KK6
zf6UcWu7WO#CSFYnIz>b;qL}LjU?7VJN~Po_MlRB8noHo1fHm?zHKFiD&K%|eBV1br
zl!YiuN69JqERwSrybmF6UH}VXx=H=7c!>J>Af^%fPu;QnfE^6*a8n`!V56mm7{uC3
zkGiqobAnGhG|WI-bNtYtAZse;edz#z`3s_LxaSA!0hs_Bojf!1mp`snhiN!=YYUF(
z_VQY&GoZ80INd#vBhRxjz}9-sGoZt~?~NyI*NO!HIA}<x29X}3EGr2|0vFZO)6%pO
z$WH=e&a*8v#b>s~?=Y#Da^BQ+ae(lu#RA;u;j?TaaI;J%jP^X__o|7%QsX16TGV=E
z0J4DEz$ztAce=d{SC5`UzAx5Mh|P);a4b~YPb3)S%(g~Qu1!--#N7=HxdUsW@V{&W
zkkUE8E^^);9=MBN+JALyKS6@q6G~6ACadsDV-cwWnG(bU6n!3RypaF&rsyZ<YxNO#
z<&ox5tNX0%TP-Q2JFy|!t?GoFAyS!p;l}fG-)zREaw28x?+F$_U_kx-HJ8g7F!5VZ
zw_2pRr~-^fln|B9tm}Fn^)aMwT##be8V=8wN%8OMj}KiPm$J}~6otaomeK&8@`HK}
z-()h61Wdzd0L46qx~fKUG)!uEn!yjLDa-z~$b<I?e)q&ozqY@wJ6!Kw2H>4h57t(8
zv01!1B#?NKH-9zn_@3anOAnJHYL8@?fh{fPh4U(P80=oy;p%}<-yj*`e7K=zjM4ZR
z8aQZLw$*bdpOGP<e<<mknRuA9%1r58WFY;(_V-iPouYG{#peRi{D%3{ftL~IzYWA7
zPx`kh895O*Y45{IuzCl1<3DE&R;;2o2XoOBG+3~DSE>`nUFMH<=`c*QK~JQt1Oyps
zCdrRcTSG|V0UeWuiwbXTJ{VH0^!xj+-7qQ#EvmL5d70=r3C+c|WROKrNK5d-T!`b=
ziRRvgIn9UedP|g@8Q~iDAyJot^v69)YO`2EZFs|JGl>x2<EBoMe|B5SI{{+N%M!Yk
z9976v)`4YCNcz=Q98eC#SUlMXRCP*Yw?X}doJ<m2=>{^G_z-OsY_^HJ8i{dSXRJZm
z`FG$U296wIBum!bw9=}UaFYpsKzSlYY51Y|O+bM=I)kA%k+*-|6CV9)&SBzX4S|)|
zSH+X!<vIi@Y@WBI-qZ%YAyb1sFf$$CB#bd2pu&a2Yjw_?WJ-YJ%y@*CK!Tp5rNMTf
z?sFp#1;=-8{7~pVLd3t8Gs090y$P-CKt#h>vWvWQBpK1_j#AAj%yK7soKR7yNrw<2
zvyE9H<3H``)l;(2@D2+eay}=hd}Nx(ce&>C@^wciwm6@@?FMGB9ubOV&HPRATm;DX
zn9ja0z+~g%AdZ9$>^d6570cx>-?yj>tin0e{dOgpMfG)Yz&;h<TlI%f`{`VhqdXk`
zDNOFy(Lo*p0b_NiMJ0so<I~IMCLj3KM_FQ{3YO!{%2;&~I)=o)uQqZY1FxwXVLe9S
z5%piU!SO8m*hsUvD;T{cx9V?Rc8RWkenT@sH)0fKZek+mimmTt-18(cB95PBJezb4
zlGVr~VTxfq&hI5{iI0s-?N?8R2BTBS`$Wk@KYBH;3m&hGOOu-sz@EPiQ|+|Q-{>5<
zAe_{F4GjT3nyA5sPs=jEEC{n<fh2<9S<^(iM6L}fcr$;@h)~lD$1Kad25@ihcS&z0
zTj-@ss3#M=uTdK4b>Dlrp!ISySohwtR7yo=>XaJHXnT?ryE~O)r*XSIxauga6wq)v
zEh!S}n}x8uidT^@7v!-}eB7)p+>u0?+`S4Ylq7$8iyv!Ln)j+Hk}S;+`bOpb1WiWK
zz3ehKOimR3+TX{MYf<pM#%PQ{w`R7yXys(YVoX3z%xywB8W5(?`zm{ytL$<m6TaQW
zKoQkGOA~fOGVP?<5%AST-X-al<4XqX!1dw5Oj)5tq6~^^)U|_4&OzN&&Km-VY&$jt
z5fzQ}|2kMjCBXl4{9kmD|3wiU0RC^u|1CD4gOO7L#FV_-mellmBRweeBL$JA|C1^@
z_*Q6hj9y=|gGWXIB1-@@E6~HLQ_qc6EjmM(ZOA~{70)A)3|DBCzzAixDU~D^#{k0Y
zkqgUpkc0cQZEn2TXl;`@&Q-4Zgm>Bn8If|fHj3>wu^Q}tdihR_t&w~v{HkB!^VGoo
z#|vGz-LjAOeH8>mi09|OSuZZ%IUTlS9k*?hySh|6Gy_TYKJ+$dis;$0M4&2ks58~v
zdr^c)G?Q<PmNCm0a8Yx&TdeGX-FEDV=LLP}`)pAa*ps_-u|wA9`j2xh4VfUl@`alq
zxIOWPD`p5`dY<S6%C6FrHr(qSn}NhCyk&B}=FppMF6(Gb2;E0QFYlFzsYH8n>))68
zDLqo}kPakHh=s1D6@<jUEdDIG8;)&0n3MIY`bUtcm$vl6`BE(b!^ZT1b7A%7O4VW?
z@7wP4O!CIJCOzWoDBL;|UIILH7m0U}nC-y8#<F<nE|q5w@A^-Lz)l7i{>IieqAUhy
zoq?UA1`S&3qW_V5Trc>6>q7E|A%5f#qadq0qOS`Z76WjHa`kXuDuY!RSos-F@@Nz(
z52IAs(8-y5B_;u0{+8`lKUd{V=E40CosaF=n#?Kufe3VOR}UBKgHz`_ls^RD;oK1S
zQ>eN7s3dCtL1rBKe$oF9+z<H=5Y2(%B;)F9MwJT{9~=dY1uh=+T_fIUT%_xZ<P+2P
z(h^@v?Ki{olCe>|@N!kI%Nn<i4ds~PJ^x*87UXou^L%?-3@NEF9Bf5^*~sZ^(VeHq
zpOTi~pr91cKn*NS#yu#a$ZgG^3fd1K(^79Z{b4<fy?~~PiyQNI5xMYKQ&N~NaEtZV
zaI*CI0WQ+7Pu2}_wVyXdT$}sGr{x9LP9HXuSCpsuA948%c+g+<0%Abs7KVpKHWh@4
znOM?b&Lc)*eFila2OlnSIEP8#0szPo8I&T00pWXk<YS1|&!0Evfh&w2lN_^+E}Ga^
zQa_2*H{RFf14LCu74xUmcI{matK}!n11bSf!D?3gevSH}q_3x+6D7@m|FSmG9#(c{
z)lH8D+BQ-9io@po>@B^Vtd>~$VJiEuw2V?56#+Mng3!*q5k!l^VZ(8!K9kKx8f5>J
zMODY&YyknSCGACn7Gu*@#!N5LN{*Ac2PL`g?iWXev*E9lz6cHA6dl0>+S07Zj;Q{{
zwx(EswsS>r_$#qa>w~N%^RAWczbkO_{=FKjYO#W-r^#z?QVZj!6u2}mRn^i67b4<`
zo1yK*SmF9P2&s$;&dt<Q^PhO!ofQWWgs}Nz6$Ww9`(J_vAHICnjGDrcNWZLmbV`yv
zcJfSu4CG~-o*jR5;vpv&8W{NO6j-ty12+XbK{xewp_-H1E*<z1RxwP7hbYGyCyaUT
z&C@!V)il3>OU8O&oz%5cOG(($73!(Iw~=6~+n;NgNJwbBe)DJIHZTSxK`IIylH=hF
z04Ck)s^cS+)2F+Pl)|4870Xz5aJ$?ucHs}98gb2;0lpVnTV)&!m7g9?HypH5cD`<Q
zSNC?atOZc2wsJ7C&$k$_;|zCLY0!A{={|KUrs=XAY2gC;ci9;(f;wb=Cc6Xn=;<==
z*ic+6<(gHkw2!5pSICFe#{TZAEKW7gJJb1{oKBgcqX-T$J%72qwl8oo^4e%S^EvP;
zn@dd@O49tPJIav3zZ~aDzprgEIBqrdbEJXFOAiACztI3za9`tn*@t|8u|T2eQqmMn
z`!CJO*-ymeQe6lMqCZ^I2tfwXGrRnV^HPV)7)>Rnh_8pAispFGy$KV2&YAG7U2uEb
zE|xB(e9dphzV%NZ?EG~kkPzx1b!13`ywua61b{WC#@;tp^v&1Pu%k<@j|h<{%#Nhl
z`!XvGv1ATR*Gb*Mi)~U!H+H<M%E}AL*^}HttxS#56D%;~biQ;%9CBYN{a?C1FQyvl
zWDn?CV3BC^FoNzwbojtH+9_RgIci|$TSQP_BHJgF>^vSf7vFeoa8>DNG(IpoH0W&M
zldKF$hW7|0H76Mv_!7>_N5*Q;&24)}v63l~toHOXANZ51$y&Al85b(3)zm#wf{P8h
zo4Zf%t5D60*9GK&_dhBPcf*WM`oowI8IIMkm4jm&Wagk4P}2&DsJ<s_ShoFIUi(7I
zs}H?~yN7_wv}RGpc2aKYOPILW!=Xq8v(-)f&VHz?ok?}86iFF8aP`xP^Jr{tNO(O*
z$jo{=?sR4BPLY?%R3cr<wapN|c=%iBIWR8FN;p1~C3vXsnb3Qo*6#PrmfkN-o2j?{
zzh?x+KmeWUp3J`kfMCv3gc)nTgirg4TUs0Ipeh^~7l|TwuT<G0@DCrS4T<#jv(W>5
z<#e2HlF^mXrQoHvjW~b?i~-tV?&{5Aw(6)h`|JryboQJXXrhv%DJx?tdHTU)sfMT}
z@+o4^%XC7_Igr018MoC77Gf3fq{QPn!9T(Nox_jG<ZQ~k-Jg_>f-rZXn(dQL4`rl~
zFE_{|RIELH*x?|eOjs}*U-eTd;jb@jrqq!z1TPd7j9%0EM=Fr>Vq(rZl;`Mh<EY|-
zM{KOGV7Rz&N4P+a{44FKpNAfTQy#e9-#M+nIWYBDvR{UI=q;gx;7L~+f+6PbZRDVU
zsr#P?cd1M$Mj=KK&m?XEm_-jk#($80KSI@Okf|CP#(T^Z0r5e#BrB16IG?J9iN<PJ
z2mH(FLaV4>Kn4%rRS~~B;d$H0za!zagx5{~7DwpsXmY7{j48rY>8cW?C33&B@|=vA
zM(2HDk)Pxb(zB1~9mg5t_^<8vcEb!J5s;kw;*@n5^ry9s0cR>nzPE7&!A04t7w^ha
z9L}bpbxeL+!J4g7kLsoNy(z>@`pOD%$Bz3u>4tJH4Ev%Znd!EE<-PZtLRwA(v<DN;
zZu%&1oH=8_lLo~Q9e%s7KkY7f@33jWZ(4wl00X2+{qB9R-+Q0Dpbzgq{{M~fAFWdV
zb7WKfahB+-_s))CROSWKS^1Zb8hfT<1L~<fGs?d22Vfcr3h%KCf8+yY8Jwl1{!$O{
zdqTYPf~dW;qP=fS+?HIBUZ}1!yuf-jBhVOQ@q5>zTkSJxoCJrgexdUT57TF~FzBn;
zQF2T)89wk4vYs3Itd(0}Z}xdn!7VO)ex?VHskbRCD!RYdjopi%Td6J>T6cJk?kkqJ
zA)o|DsHwBoQpQ8vIcXMehlUO)k0Gi~Mxl>!$DFr%R=Nh&?aVI_d?*$7_^mA{xNW`z
zct<6(m{0T$!8s-<)W?3cl6mXF+N)|WiwLSWr=6W13-11r3)|mbQl|g7E~U6}#!j@s
zWoE$1WvJmk3U)taal&4sTqCnyKoGvS9{>h-ZE|Laqw7|n+L;IcNw7&2VbUu7z`7C-
z1U>pWS~?T8TXk&*q8mp8In#vXd9aHT5ojJKbWh0WmF{NliU3|)t$r$hLEZPU`?p$)
z_;{1GrucAo)(*cC{b!EQ9}CKWpD?#`mY<k_jPhuSi`ajA)tfAQ<Id%b90|(z^>=--
z`yHv_XXMNsk}6j_1gA4(g71({9X-O{I2$4%$Q+XNc~>pgB%6_Qq{pkS=d_a^c6M~1
zW0votE0ctZ+7_6cs_7;c>)w`C=2xJBTr(quQk%7@q4xO46^+P6LQTT^0@s7WO47DM
zh~5~5?=?e@6bzs!%$pMA5Rmn)ZDfEdV>OYNb$)tu%7sN-j3uGo8}Bo%(M!|$M&6Wb
z^LIfBXl><PdnKl3ZG0^lQM*v6`Y_ZOVOFXP4ceiX-0M`yh+8|GUitdI6D4DOYdWo-
zA|w>_Sp8A4J5w5Qm<t0t=ALtH5@pR@VM~P04tE7JTD#sM<jHfb!N9)?vnPy&<9{!w
zHQsY0@82$ABQ^Cd4paJB`|SKQ!qBIKs}X<8+PV8mArmlmd93gG^-19u)1Z34+GUM*
zZ_LPuQ%XW@i$JNbeuFWLT0lovfYaC3uL-nC-)|K9w10mTmImCBI5rY_4Ea5Txr`wB
zU|L=Et@<C!nO54g+UuBb5$jILn1xyS#(fK|8SLG8%7``s>{6&hVS{{P>r?_$@pJQ+
zluG&CJ<?^Wywa}3w3>WG>o)m<WrgOFh#F(lXpv+gF5a8iA9JZ4xs3FL#bYdw;$mW2
z$}lcZyDAMwux1bb=bv!ogsC#v-`9^n=|oq$wAtX^dphd+0Y8a#tmdb4h75@nFqe)o
zeWRy??mn+cGO!`c7%Fqv3)5MA@Y%EOxRUg}k1^SVH;O3PxVqc6GI|{;FU5g(9YoR%
zOA2`1xye*;DQP8Qo!+4iI-dpIrzLzZv4W*&>3ml~p262uY9lJqQ=TRg(a-LBKbZZL
z^t)4vD1ZtQ@~wF?W-KNxpai>9^)O6uTTn?;ov&GHinkIT=mOJK5WjGb5`!mnKf#=Z
zixlA7nV!`XlrN%^!<7yDU|(8kWG?boUZi^CS_~*OcI1}GLx&M;^1I#HYk#V@hu;|h
zDeTrFQf&Y*c_RJ#yTTG|2GV!TL%6$dQ^huZXo550sh2moyp>+~)`uHKV$zy(e1pIV
z)FbC~<M~4!=tV^mqNazEQXj#8jrq3}93y~Ebhyt&${HHm8V30gY`8G+VrphEH?#bL
z3JXxlYixGY1Kzuzv5*t{bWjVqt@t5$A1?C;j|9+b-0}z7ztKvrkuE@G`{ahm6r^`}
zq#c<;q}Q5Sr|tM=1PG~nLC6tx4~yXQHzW*+kvLUK3?{(I>6#TX(1P}h5r145_)tb_
z_VBU{5U0dp)&dNoM`~4GQzl&g4fy+zmm@5mYOY{@!k7~qiJR4>6qGRSCVC?`Y8r|U
zMm^`epCr134h4X%yUBwA;2P#DO_KL6{|=0^sq{3lk}BoyYX7_Oi_6s%7&U(JS@si{
zRS#v<Q<$#3?eco024dr-qu!TyuSCE!eP^n(4c1VeyCyPWjlJLuIoi{By=1jkhYDC=
zJmii!ZyHR6HItp~1GN#KcH7#R>ga0%UoSGOyiTtrtjnYFCm~kO;$NWO<rSq+@@$+z
z<iYR@6!=d_w7}n?Hqtw;^WJ!7R_NKTi`MP<$Cvdo=nSh|^r<s0QVShLpAuP(46Dow
zyN=E0(ko#OHL~KDv9mXOMz&)&rKOH%2w)Sz)i&&w>-!h+u;(whS&SQ2+KK>BIUkJ>
z6CC<x)%Ll=eya^${iQ#vf%TOQTi`n!kntvFViI8w2XIuGVf`|D0YKR(+C7)VjVon=
z7HAWz_@x@0SUO)PNtXA?A@0dIW_g?f<%b`Amaeitn-$Ct79s)qPZ4;nTCPND{=UBN
zo#)frBYydljK3<f--wl;Fi!BJqwXfer(d-z2Uh)SYFaaK-Uk;nGTU}_-cv4{Lf~!m
z>hZB--Uvv@IA4z~5%z=R-f==Z@=p}ugD92WKg324?TS8Ok99cKNLD~~k}T{0PBiC)
ze9V(X{MLOC=xI`k`C*cDMxCpE2JNs2NjTxvni|v<UX=bbEQ@W*_b4?jN`$P+571i5
z+2c%T7LP=#Ph!{KK~+2tipHPK@o!9xy1Z=6(h97E`54xLlD+K|z3YT<u+Tx~Kxh<H
z6a-mj{i=n)&VH8AYLA?zpx}9sk@lL6vK{#7s$$v}MmI~oiz3(df<w$}+D%QK5Qk!S
zF7ZefSV?^u97C<Mc2B0%k@D^Oe!YN4kNlPN!uCrM%jIYcGvH$c#db<4euDPVaK4AW
zy1JI2yfZSme#m0s9}@jAN<i=4YXFI;U^!m<F(mp+!e_?o-TzDuGNtp5mre!-4A7tV
z_0O~ZbEm(`X^;0tg{1BqlmC-=J*wo^uk!NPay7#h^2&FE>B8U#yQd|qNB*<v+FLna
z4V~+O^eOOrLH?9w+)5EBCUP;Q@EaKZZqm4paQ(yLIsNB>hcI03$I*tp+G*1V!u-@B
zjA7Ssu7>0_V4Bpv4Nbn<);9Q`p@Sy5g)QPJ%};F){xq0r3h^T`)PbUl#G(&k^GL*e
zcWaa)nj$Z=scAL+<tFp~%pKtV`P1-y1a!Blbt}C{G6ft`nyb|B*lyS0HT@4Gt2?lG
z1`-t{^Z<h{pXAAB$?30)eNzOHkYqygv*h}Hom9*XZfCi<EOl^sC$013YA9=owEOfz
zLeivJE|G?W!44_(>H(xHWqumFe*?iN^65Fvaq5Bj%s@<=oS5`fl^2O+<0D~<A|1)c
zJ&@%esxuO$l?@Y5VQvbU`*ZsJfvukHZ{fk^Nqpj)VdsN!+^CLXh5Juz;?n`R5D&H^
z8-jV$z67hrO$5B1c;~=dkB&B3ZX;wBN_Rl)bDNLxP@)FUR*a?%+v@dQ#L8^pKSPAV
zLhL`<gq}}+Ud}^Psb$OVg31x2sn@h0Q|~{`As%L?dE{hZKS&LM(iz4wMjZlL?x8iE
zboFfrZX!)p#0%kot)hCL%qlK8hznGCvc<HHQDJ99ZS>tvVsy5?39x?%5DHsv)GcF&
z<esgdEyTZjJ^Evk_($fNFye+#`Jps_8g(iDZ^S2*=|tgxuL|!t+a3PE@a181bc!Ej
z{<OY~qshV1{tt~QZFO}e0MdGArYG~B`7;O9Mgo8|z-{Py^_1{JaBw~yyE}SJYA-et
zg0zcO<AQ(&FN01MfC~7`4cSd2dDB{eB4=;VoQs8c6yYmdnd;iU67Xs0k{=fMZu#C9
zyc^XWkF%69Ma&*N{8bZJT6WUD2E~Y((rL^PY4Lbn4ZGZ$8rEauz8k=Cbe`eNIfU{D
zUe*RF5`sG~yYH(VJCwtdFmx0hcZXSgUZwZfTRAfnSqB+DPA1|vL>OXio`M4L=2x?F
zREvi7wSSeg9@}o`SBH!q&bT^1=GypxjVof(gvO<%6Fka;s-w1a$IeyT&ODAkM9>qB
zjh<xdF7vz|Ym(}av3;LTT;eZr`YqWz<?s_)q_O#*&{gliDF%rx(Gf}Iq#-)l3ZEP>
z`fu+MlV=YXnKB|4PVlCBOg>Rs^5p*by^>o)nET#34u&81bk)D=PS@h11TqV~pzvec
zeGj)0{aN{<;i>#FqiFHRe_0m{=#~&9K^@5IL$-W=!tS^H;J|PEOn5V0d(}&8S>^J3
z)8l`L`SE<cdULoqgh{oCq=7w=LA+~{pC{@mclAX*qj}Ld3X`KNwJ9ZkmC~^cMonvC
zBdH0mCQMtI@q5UX?Gg6yY2L~_H>ZlzUk>x0hFy2`u^#uahnv4W?Tt~VaO40IXz=+P
z*bfMV0)52)iwFTAKO(PBPyk5M{~<oMu_OK$Q$qM)dCVdqfGin40U$RDMEAeFEj2XO
zpWI9@&OH`{Z_=yO%6P=00HL}^L#y1gHc9d0RFMvTiCSUM!MrD+{5C(CGw3EVMF~tT
z<6yCX`w)zX8F-h%&i<apECc{>@`7Y^_db7I{W*k+6!t%D8ma!%C5F%B-cXnFGzj4o
z{zJg)MN)mTPIKNec^necq~|}Oa~X+&X`(LQH~!YkLpyO<SinE{ckRLY-(thsRI5r<
z!|d6)EEV6$A7xJcwJ?=uVTCu+wic-8fHsxye?5!|1$x&b42$1;a~NI3p$)4$Hib&l
z8GxX6gFUE-4^uV^h_Xe02Tf=n?^y4A4X@?4DAMHTll1`h&mvZ)%tU^oX5A84(p+!U
zx_k;2Q`SFhU#NcV0#Gz5jpEF|KSr)0xTeI>bkm;jd;`1}V{&ZdVLC&dX!+Y$6&04Q
zlA`ChRy7l{xkFSQVGJqdX>a81h%K8&Xi(TCe=eB}M%YTLI0L6szE0%_27H(MlDa*c
zvohC0cJhUB3#;wzcVaT+i|bnL#IT`LYo6plqGnY>(4bJp{%@KEkFZR7%JASu-ggT;
z{*y<FQSFw4Zoc87fC_!VC^%Dw^2R`O`vk+pIqaiaq(50op`d~IG_O%Qd}&by*c`1^
z&wTlQ-@fhNJ&kjEkGZ<ugdI|nW+0iNZODXSDRiff?$!XZ6-ep7+R!Lcbsynd(BOyv
z1{rr_X>H4L8R)JuNR}a^zGEk0zq@<wH^l38PB>rhc>3>nV5HpbD)FfY-BH;?T5Ema
zrFO-0?-lWTP>h3@r##-Oi{^O&Ot)dzQtdW$qUeH<haOj6lDOhkoWD!H8F`ecdkv28
zl8q0aJN%8p`~5p|L^HLOM+rslGCmKH9{wpGH6jB$JF>}i#*oCWqGJ2V<oi5%d7W8Z
z0=&g7T4I^_Ob6(Y;LaXm%ibYb5w@A(vDiivGoL?<_^LEC>XHaAaWWF3*jXa|Q6b}&
z9el~kfB}yE#NIA$UEhi}D*iTB(qpruYy@7$8$G>$k+4m-`-sf=7oiwg^LNN*z;Lvh
zE2<P!wjBz4{-i=2c^*NwWCjT*PdFZ|VYPaW+<$df)9IqnO+m%=Ox-I6iQmgQas<(e
ztM>k?A?V7zvSc}P4i!Y}%YvRT$ODiq_H)@EH0H>|o**q{N~7V=04I>wO$H^f;}2p)
zrANf*3Go|>H7E=RoPqtSd^*r+#dpt;y*=)G&wJLE<j3XnKl{=lfKe{7U)GL0oETfq
zUnX9wo%$P<c{I$>Sb5TrGHR*KZhQr{48;{Ij(-<41wuh>kkUlp8KTZmUT6^*Bz+B6
z_)P2%dl*UBo*FFqjyOhkq{G_{@0RPIxhJzeCSol&vpw}xaxXUyUIz!SXE_=)!mYyi
z*sUuwa#oGc*@PA}l9WfooWH~a1=8*4M@_xw;qDX$=bWqt&mU%lq*(d9(01<@G-SOZ
zp5^Mib@m`gNy^l~&{lcH?nkzftvoyqYUmekZvVDO)mK+$gsR9mZBG)ay|N)I-wgZ8
zj=yQtB+0~2dN$aEmviOh&?xpjZH`GLF9mlbLxOK26qvt%{no{*$D&%5b55ixs^#>T
zhRI8L)U`XYn-0?<VhIz$(bcg0xHwHJ?Y+LL_XAAGHnA37n#&Vk9Sc=RjE^-8$ZU(9
zQm(Ztf9x^cj+rz%6KKu<oQWs0h}b9g$D*(I!GR&Hi|$O7<RXWMw(O*IBQ5kuy7G8|
zqKa^GaZ!pkqWUwib0gdG<A6~7g6fA(6PUQ&hfY!gO&}Tkkp6ry5s4cYL%|mT-n1~A
zS=zcf8=osgS@Vr9D31l3#m1<DV$J^Ywd0>(i%DE4cOkxtzcRkdQ@}CRp$W9>++2pF
zxe|YIlmvZbA}`}+|HVrMD5*EH83(2ym2~@)$XxkDyc|4kjKsN?_>oSs+giWo&}L5A
zdbJPyK$lXuA|CJ``Ajl-1%07}Q+i{%H6>TRa<l!FSQjnt+WhN#*3WU^(dJC~rsj1K
zQ1$R`<ztM(JJtB@@rCdCs3Ysk^Z1)?_}lXrwGTZ+k>1>R(0!lpFGAc}2wd$*B$G+t
z!e-yg90z{m!WZ;;9v5T;yq``<NyL1p`N5zd75>lv?*#gPk=_He|C2BI|F^K4Cmh^+
z@i5Mx-a2S{&q#>WL2*Eud0Eo%%Z3<mqxdq;=EfHaxQ8gxA<sYx3P4;8$%m5w1^nmW
z-~veA-8<vM{Xa0h0RL~?|L3G^(86eF=^eh%2S?b9$nWtsjGS%f6~tKt5ygMhBtF?~
z%<rIv)|f}3sJ;c%bBNld=3wl6A$?a4fhFyC{&!0atS{)6!U=IxEd^~9@3PjWW|%o5
z*JCM>jsmcy(|bBPy72Fci`qaj`gWyNq^c_l<xs<Oup61R{rcg6-5UL#1}=rN<eTOi
zCj$iY+@Efo9{C$psTDv=TxrPFQ+&*N0Dk+xI^Hj6W8Y1UZ_JvEFT2PU6n}5`H@qb!
z0OwLLY>>R7_!8YW<gj*>e^6a1No~H-wW^1}6ZH+}lf$X~9|3?Cf9Xyg7G<Lw=W^F*
z!8u8|cDN{wR=xt(vQKbQ4kY2K;bPQMt7XwPcr(?h%K}9t3D=A$yt0M?`y8X}{K$zJ
z{><tnbV@31t(Iz0+G3Xl)a53HiK~^6wxU7B3fM6i73=bG5gU9juNwhD>DX_#qj53F
z)N`Su>l=6$ktAFv+-T)mU`OE=_qYq8sHe_!pS_ud*xXW8E(WO`K&mPgm2pw4gbv;e
zwGgY6khY@Quw(J^VUwc*T+mWU+~D<dS?<~1ar`dhV~oCsvb<5hyIcHgbPq6%#s{6c
z50wqRFVZVrkA#Gn<6=8t#}e%%%E!c5C2fcyn;6_w^W-6at&a;)I4jjNsA^Z2;sy)h
ztnC(F97Gub+6G0m8uzB!`k^SrY9u7Y6i#xGg-|@~hC#)?Wysb=D;F93IM-q$b_<Kx
zlwg9CQXv?M1q0&xn|HH#_J-skW2`YgTD>fC_rg{oAtC0Vv;lTJHi$>PS!u_BWdJG@
zHE!>s87HXgO<5OH?`@8~Li9cctrmsv_VT)bl|8g<9{_Cp%?G(CWlbSgAt6yjB^|I6
z&~fvC`Qvi5%e$Kuu+asn)Ph^oB%Q@KH>M%0sV!h?Iu|u+SP1+lu7z+**stL0{ljae
zWaz{SBqW4WDm14^xRp1SkY}!{ps1Z*Y!C1DcmPcwwN%KW5FOmM1xR1bDG`qvrr7X0
zubGQU%Y$2+Hr+qGmP)%7NJvaps?!$2@um{;l>X28e}26mIYlM+)KO7GHhQdyV<0Fk
zhK!H}{P}j@dW);!%*B;F^h;!)fUmO0;MLb8;f>)Nr=&K}vZH}shMP{_n47WdhGwe8
z=4wCE=_MHU5zrVPg0;bq*}!+eh#Feo%~)N$G{Q)IRGtkQFQszpm5}oX@ii_|_rQ(^
zjI?kw1^MU$_C)4N9f&Kur^V#3vHjqd9bl@uaROlbfvvX+Jv2l8(olV|&8S@*JBAio
ztE3#oDkV(qu6e)nSEmR{N>j8aNvH>LBL@NV95SPn48E@~Ru1PpmD&eyRWL_%^Z^`t
zzq8R<nNm0?;;x_i5)Kw|2@^XKtF#LB3MJ&FDC?pqavk=lEJ1m<)KO{W*(r2dnGL_u
zt6gLczcgBy^C0tAHROj46q}OICSXMkm$>f&ta3rW6!G0q)E5X5(LrTLV8>Beyq29<
zpM;yb!Njx7d-#%nmL+(4!f(3cm{98Ol%R03x9S}gBdVu^cg{HP^V}(^{ZN1DFMty4
zv4AH5HykDtq_%!!X8}_olZiHaD5dpgDug({gVMn9_fz?dTb+cW9HLUedmogtt|`SK
zUrQKzWBOuqzZK}TBiRBw8i*=@C~pAw3fCnD8HRmW$-~$er@tT=<{GoCdwQ?yc`)AM
z+rUh~&Pb}z1uIoTM>CzZt4+X3MPEn~D!(=f#q6bwrYVYIa#|_v2fR#tZ@^IZyDUNI
zxwuygdwHsb=2nM#Yb#awH9CW$>0Q83E10AqKV@sHL-eL^=0g00!?S)4HCc3UeFebI
z4HOfeFS1f$ncw<@xA_#77BjrQ2M>O06O{C)g!f6pur3J&cId{Q0mJEH&|8VOtMPrI
zHMQxM;L<^@Tp;p=DDM=bm6S)G=S85>i@D9Jtufwd-|X=UhTUV>#pzBd#Bl*=!GZyr
z4XMe@2P`vKt);ZljnxDNy8!scDqyPexrSxYvH4IiF2uhLzNok-^8MwP<(#9e&Mwli
z;{h+9QE^og3h+vs_U9Q8sAAgf1T)tun}y_%y_mdB!voSpT)dq$ce@r20pmiyg(D-w
zDXLK1ASx7{UOen6m$zFN^rF(yfQ=~maT01N(LgQb%cOCwt&QGw6N-`weivfbPCbn-
zShZ+Zi;r5yT}ZcuMOoC4zb<=Vrut=k4E`^ljaAATb_!9Ug?>E}@=^?TiSPDheN2jJ
z-%U_HZJv1&^*p$c_bU@HXghC}RJOa<N2Q3`rNz)4yZdrVHn)(_d{|9^7GpSE4u|=;
z8onq3{#Bc1G{$+CCXJ8V7Le@8br^lXzQO%($T3E<WmRXQRf~1=Oa6%q%xXv1O><q>
zyq=rfI3C86D!!vd3H7j|m5>{mn&jUA%w!Ff4c?i)H!huFS*-7|MGyfPoK;G@`wa{$
zk4t`V+aok=Vbsdqrp@)^BUb=}iF!c~cQt(esf0eCJ^u;20RWZ5&hS6IUS4t+48TjL
zxK&Fqu-S!8K1GyDhZv)ex%81H<sDB84joi}JsmTm@cU2ILEHO$LTp*&GimE$-2m{*
zuLC2#i{qRw-W?*!!Q-aqxP*KYmr&o}Mf$@fFwA&Ft(IKF|D<7B6xI&VvK0U$<}|r@
zZ=nxW@y1n!9jN%FIi_M`s?qEo)T4u|fSo{_7eW<_)kr9&j|LrKeW&SNv|4M4zpb{>
zH1KXTU}}e5tSj(uf0vV<`0T7+l#aN^K1f?Qr8{v0371eEuEYU`Svn8$FAnBuL~Y~D
z)&aB*Wf1(mgV4Sy_WShr@h)N;-L{#UrrM^0Y4mP8!HEt|QE7<_$66#5gI2yh*pbwB
z#`$Ml-{2Mb6EL|H8K(k2zef$rfA`U*!{E&)f4^QUUtS#%7F-EGJEPO)bVq8os5c*Z
zC<^O}maPOZT7_AZzu@)TMDXrBhFqSJu}ZsVcoh#$%?oWKX7ycNu0ukOX?pG0XM7eq
zKsq{R-B4iG>K+m0<bsr+o`h-RVrQ{F33mXD4&%c`$B$-<aRC;q+AFef34{1G31wjK
zc@5{IH!b@P1vD6ADjE9qoUG?g*&f)p0oF&U79D**)gtrtXXJ2xgXOSxR!ZqU-H%G;
zZXw~(r>=^2G~O!o(2dzc{!T(|fUV0y-HV?)GZ{as^#cR=UI^-AunKd-s~K;>%i5<q
z>^Xo5YZ|$L=$#p>s(uD_LLpD^D)j?g=vexp<63S}D)dKm{w~*_!d+M;kChNB;_bFi
z+c!+q0Dt$iebL~3cU=}@f<3>+BBageKH6`WPvW9d-I0ruuR}sEATHPobtZuAPP{3s
zfNO2h$LP&CL&3%7I1zXK0HzV=KAVFL=b}uAJwwrJtK=~k1H4rJ{C9`L%vQ-0;<!|B
zpK@oRw9(91$$$MJMz2ajw9qQ)0nHF;Z0KcxDoAM!e2_up{KwTL<T!LQHgMi#m%-9a
zDrRKz=!4+Rr(?(wG;r>)AHegoo=$xd#XJq2aS1b2n7DYCpE`2j%&3(f&bk!hJ>fG6
z<#Kv51z6{>)~$3j6}(pRJ??&11@u^i7)r5ew654?Xra@}!$-ZSTx|aM+qEU!Om^|@
z`75xjG8jUK5VY26$Fk%x<Qs9=z{Yrs)yOlQR^U6YhoAR`43>IL!^N9!ZrvaEHuvhR
zy=$Tv`e8n(p&0b(5+;D{0z?^HzWS+5Sh1A>V@O8^#-Kc0Ou}Be4|~Rin2rDYl_eB|
zRi0f0C<@j#RW*)X>a+1N1}n3OU4g&vFMBZlO#W0or2DqE@)`a8xGS~xmIbZ`dRNtr
znV|92*l1og6h=m1N3pe1d0z6f^{;BFanC49@$<6q#LMp?y01xyK*0v%)6w?b5O}B7
zCm{puTw1hVLc=aZTbTVfPYjxQ<E^q+mJt80?oxe%`6=&6Q2>5CHO+Q+h()KP)wl&q
zlmes0x^7Lh8duBe8E2KOz9}JI*&0l0v`YuNO;t_Lw9_;-Ri6vnad^>Cn4?pMsprY_
zv#f<2x50T}h4n+t#V>3&FFnftH1fnr9Pj(Qn{gK)dgHYUEn6X7)DlmYT~I>LKR7bg
z2dT7&Yi>tVc~CiaVcG;sK$5X@D21}vfIH0vGEYrf0dX;?Ufdn6GT$!1&to!Bhv>%k
z?IaYy!nO};N$CJYoRF=UqLRwjXJ`=OVzx?4`7$`(^-Y^D%RJB1(DVlBnmN8740pPR
zjCC&PWkKU3uoVKVa%rg4<zm9nZ1|rt@pa>@(!n+CpI4L+9aP$}8<5Xe>m{#FNY1C`
zez@18a_*a%nN2;oT_}|P;e9~kaylSOXtyWz;HNx7`EAUCnXBNvPj?KJFH5l2O7%h-
zE3?0W`}9N&hUp&II=OHsc^mA!d7Fj67)Yt$I&3(4x}Jnw)Lz}LUJEdFC}JMmyrhko
z*)n)@&oVN8LqbuQsCO&Np}#9OFez<Ll`tjqB<2yg_;@KkiaJP{CYlv6ZPOn475M`G
z_jzI^D5lPZ(6Pq^jI^c}KY<RfxOM%6QPVXg<alc0hUMBeB@3Eu&e%ln`ii|b1v(w-
zukS-$$PJXa+5F%*K4X<O9AmRnE(!D@owbansq0_&7@1?o`f*WciQSO-ssJ=wOyg#v
zkKQ@gkK>5hW^<;C571QXVKFjIK%J&xFg|4=+}J?DT6SFt#T=G!+d@&><_6pxGVU{_
zvbq*uQjiZ`V<2dn^ba4ksJS#0|CGG}G~UWQ!!LN}UEez-Ca_@$>*Jql$OWY8Wczx1
z!Yo#17fu6m=6fJ}T)L>Wl=>NKgYTzy_b$1vgsC*q0J}AZ^_YTez7z`PPIBKfIH5u%
zO<5NDv`7iISo%=QJ`^sJshj=N`h>DuXb)Z$l#w_em2uuXgAvfrr`KFnLSB}=*1xgU
z1936p^kEfUOoJXOfKzg2R$>3J4PPjPI~QN@E|ZI*3JV}^`b<M39gt(!<^74ED@(`)
zcj<`s+Gz{FL~&v$Seqah9s34O?;p04i2CFUgLTmM1y&@Wotm-V%@ebJJosQR;lsp;
z+i?R41$c$sqU#5o#0Je16f8_o%K8x}#-0Ad7GFAbdQS?vx2G%$SRT)PoATwsV0(vv
zL+F7$5+tFR10JHk3r4#{Uh?A;qBiYA87g=>QORyt;&je{7Z|IOhdPe%=Xr#jmz%;H
za`3Sv6pfV**qsnCX?c`|qHIvX`1QH%P}wC+R(3^uf!+kG7VG=Dd~;SpY&Jz7$-xJc
zP)t@ExTCtNJj%jclhD3n@V%dA{Nma9DPU{7&8>Pf7nuUjb%bEpLqQUj%{@7|o004e
zHE8lu<ZO(xzvX@C*J<MtjItG6pcDfIt2!UjnClRBGv~F`SSWfVNWveDmG`yzX@ZjZ
zm;?XlA$rB&wZut<-&8R5$;oJyVV58mgd5|7)iSkeYa4!R7&-W068=|M?koU-CQ7BW
z-**xi4TQmjMFzhGIM2eXt%~e|K&~u4V^T}&qd^i5i@(2%V#4lGcKmgCn?Py|snlZ6
z_Yl4OtSobbO7WvW68=4ehTR=d{g!Lq0h?|CPaRCtU|c%?q|@1p^QL1NaXCmrdzaa8
zJoe;+mHGT3qIK$<w!UxL)Ove1j3x&!3Q6cEcAo%ajd3w26rZs+;u6Rh8hB3Hh7p&9
zBpm)<d*3a$Q`PmzcDm1yiXaJRVE4{lr!)wX@NXquV}kg<_U&M&jjIjg_?ItHAUK#t
zKo%qg+ZYgPn&4Z=hDa=P30y(%f79c~^LO9LJ35+-T2<9~{;TY=`ssOR2LHPVzjBQ_
z=Zw%fBXrLF(+J-sgpYNE&KcojLip})LU{2}e>+<JPUxI_{^N5&`0-*o!lH0C3kXln
zPfy>U?WXW<zIpog{FHLe(et<G&98U6Av}A3dU}2m5YA@B;7=pe6rOR9E;di!AHOQ~
z=$z}3`2MuH<r+QH5dI{>R{`M*A?!UA&L1u}pTE#=N;&7gsLz}A!@T!MD1<Kp!dGJv
zz8pe0zq`F%uNRk>S69pB^8S9cy1u^tz1f^A09LE}`@-Ss>hf~2Uf<r_&4&=a9Eb2A
zAUsY8FFr`&-Q7d^PuA;C>rc)(ntxi)=MTk)41T!iA=EV*5FU(1_)A3CP2tV$da=0N
zPT_70SEcJlb8b~ymK`h{ii(Anup7cj2;b}x&N_sAt=F3w5b7S4LS3X{Xo#*sfT|E!
zf^ch42zf8leX9rIY>)6wbqSAz@GS^?4~0eHO;N}eE~T)vlEk)h?!E{tElUhxF?dr9
z{`E+BezHgSRtS$OOL!O&z8*lx6y9v7kS)Yvn>i-}@faPrMnU*GB0Q`j9R5b3DdZqU
zAq)-CwFnS`7~~k$5DtH#7=bW;D2#7r^iaqYCWUS0Tr$WI>X9(Mmx-SVM<YDmA?*He
zjeC@XR0_q=4qe*<MNkGgM!812KU&)%JRXTKe4|JYg}j<U;X(?<u;H8&gTeuWyp~Ci
zgy9QC72(kj2;)7<6iOisTZiZj5P~wu5XNit2ZTpLh{55n_57HLH#6L$WeSr*7&e=8
zi)642A=fC6guNd!6@yiT@y$&C9?c5v&~3B8WH4T%{r57X5$1bze~<=+Fl;sFAQ%kp
zkI{6Ejz<{pQQnVkr?4EPQpnpGF_gnrDLV6$KoQhC84Q+Vls}hA*Jusl;UGfp(QuG<
z3ULU;_HyoaFA#$qqYU9N!eVe3A-^c>-=j=nr%=y@fuSHansXumK|K#*kRj|{qx_n%
zj*y4Kfhp`1GKOL(hwbLvTm&_P7}PPEhmc3YI>LiKLSD^i3VR9*LmW1oa|jf{WRTY~
zeS`;fgxsTP3U!c5p%`in<*;dq&i*7Y5ZoIa7(%YmI>P=G@>D2=Y@x<b4CN4tZRH&N
zBv1r3gFS;h5vCyo;oxuULCC8a4pJ%9+Zh-Zhd^vI=Kxp)LQwByWRPQ&*D@gFclCn^
z`}gRKDJ%zRRM;`Zp&&Mza~FGo9l>a@9HR{3EL@`?tUeUxDMX<dc1NikBC)xg!=D7|
z5Ea2-Fb^S*gd-60RM=Oz8$%chA{JZAIrIr21a~voGsqJmkA!uE@g5DIDNv{}EDYrk
zh)8TQ=gt5qfrX%E5QE|KL>NL4*58kUuqb2;8ACBF4h0d3t>&B<Y(1QcAT!7g7K3Al
zFiv4jAr66v#ny5TeE>vYGB{!gL0AG|P{>6phQT2cq1a^3o#HPF6v1RLzLu#X99F0Y
zLm0}TAVRU#oICIQNgxF420>WAM>$BNLKw;+5V6=^&Y@2L5eUI(kYluRje;;f6()r+
z3=Xl_Y|fn!0wI_U)`u`7%nD(MLnJ!q{;v=S!6Acngms0-$9;xCbj|^=PcR#-3}Hf;
z6pA5hsNRt=I^zQ%1ew8Pa0J3(g^VE%1rdtQIY7KXV3@&?21y8$LdLK-gdq~0bNDMk
zuwZ#zF$lu?L7Ei8P!0tVi_Tde05yUT%mx|4I>MwdGQ^=I%A#{l7UU0skst;c!m$X4
z6*7lN#A4GqhX&C=;GjVePEsg_I7DKhh{k4fZtGx|aLgb$(O^~xLmUE86rFSE10Vt+
zINo4Yp%~&2h@$A66Tbiuf>RBmaF8L*h#CaxTw)-A5LA&M2B#^6ArPVHoP%Ekh`@;k
zQ5YHGFiUjKWq%Tw2+H6Dg_)rxI#=<R2u?DHLKxyOK{QBbcqyzL1cDfxpfE5LL?re(
zI_H4V0ZasCaEd}P#32x!bCt02W+K4~LmXP7b9H|Rgdhf|GsIzpXpPP#diWbDaJs{2
zk$*Vn;D^BJ1ZxnpM(13%Hv-^fht}v^h2CU=(;+(NCiwf$T6E6*a)<wO&P{OOoO8}O
h=bUrSIp>^n?oTIjeR4d(Q$GLz002ovPDHLkV1iBtNtOTr

literal 0
HcmV?d00001

diff --git a/docs/reference/api/docker-io_api.md b/docs/reference/api/docker-io_api.md
new file mode 100644
index 00000000..5e3c6844
--- /dev/null
+++ b/docs/reference/api/docker-io_api.md
@@ -0,0 +1,16 @@
+<!--[metadata]>
++++
+draft = true
+title = "Docker Hub API"
+description = "API Documentation for the Docker Hub API"
+keywords = ["API, Docker, index, REST, documentation, Docker Hub,  registry"]
+[menu.main]
+parent = "engine_remoteapi"
+weight = 99
++++
+<![end-metadata]-->
+
+# Docker Hub API
+
+This API is deprecated as of 1.7. To view the old version, see the [Docker Hub
+API](https://docs.docker.com/v1.7/docker/reference/api/docker-io_api/) in the 1.7 documentation.
diff --git a/docs/reference/api/docker_io_accounts_api.md b/docs/reference/api/docker_io_accounts_api.md
new file mode 100644
index 00000000..dfee194b
--- /dev/null
+++ b/docs/reference/api/docker_io_accounts_api.md
@@ -0,0 +1,277 @@
+<!--[metadata]>
++++
+title = "docker.io accounts API"
+description = "API Documentation for docker.io accounts."
+keywords = ["API, Docker, accounts, REST,  documentation"]
+[menu.main]
+parent = "engine_remoteapi"
+weight=90
++++
+<![end-metadata]-->
+
+# docker.io accounts API
+
+## Get a single user
+
+`GET /api/v1.1/users/:username/`
+
+Get profile info for the specified user.
+
+Parameters:
+
+-   **username** – username of the user whose profile info is being
+        requested.
+
+Request Headers:
+
+-   **Authorization** – required authentication credentials of
+        either type HTTP Basic or OAuth Bearer Token.
+
+Status Codes:
+
+-   **200** – success, user data returned.
+-   **401** – authentication error.
+-   **403** – permission error, authenticated user must be the user
+        whose data is being requested, OAuth access tokens must have
+        `profile_read` scope.
+-   **404** – the specified username does not exist.
+
+**Example request**:
+
+        GET /api/v1.1/users/janedoe/ HTTP/1.1
+        Host: www.docker.io
+        Accept: application/json
+        Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+            "id": 2,
+            "username": "janedoe",
+            "url": "https://www.docker.io/api/v1.1/users/janedoe/",
+            "date_joined": "2014-02-12T17:58:01.431312Z",
+            "type": "User",
+            "full_name": "Jane Doe",
+            "location": "San Francisco, CA",
+            "company": "Success, Inc.",
+            "profile_url": "https://docker.io/",
+            "gravatar_url": "https://secure.gravatar.com/avatar/0212b397124be4acd4e7dea9aa357.jpg?s=80&r=g&d=mm"
+            "email": "jane.doe@example.com",
+            "is_active": true
+        }
+
+## Update a single user
+
+`PATCH /api/v1.1/users/:username/`
+
+Update profile info for the specified user.
+
+Parameters:
+
+-   **username** – username of the user whose profile info is being
+        updated.
+
+Json Parameters:
+
+-   **full_name** (*string*) – (optional) the new name of the user.
+-   **location** (*string*) – (optional) the new location.
+-   **company** (*string*) – (optional) the new company of the user.
+-   **profile_url** (*string*) – (optional) the new profile url.
+-   **gravatar_email** (*string*) – (optional) the new Gravatar
+        email address.
+
+Request Headers:
+
+-   **Authorization** – required authentication credentials of
+        either type HTTP Basic or OAuth Bearer Token.
+-   **Content-Type** – MIME Type of post data. JSON, url-encoded
+        form data, etc.
+
+Status Codes:
+
+-   **200** – success, user data updated.
+-   **400** – post data validation error.
+-   **401** – authentication error.
+-   **403** – permission error, authenticated user must be the user
+        whose data is being updated, OAuth access tokens must have
+        `profile_write` scope.
+-   **404** – the specified username does not exist.
+
+**Example request**:
+
+        PATCH /api/v1.1/users/janedoe/ HTTP/1.1
+        Host: www.docker.io
+        Accept: application/json
+        Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
+
+        {
+            "location": "Private Island",
+            "profile_url": "http://janedoe.com/",
+            "company": "Retired",
+        }
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+            "id": 2,
+            "username": "janedoe",
+            "url": "https://www.docker.io/api/v1.1/users/janedoe/",
+            "date_joined": "2014-02-12T17:58:01.431312Z",
+            "type": "User",
+            "full_name": "Jane Doe",
+            "location": "Private Island",
+            "company": "Retired",
+            "profile_url": "http://janedoe.com/",
+            "gravatar_url": "https://secure.gravatar.com/avatar/0212b397124be4acd4e7dea9aa357.jpg?s=80&r=g&d=mm"
+            "email": "jane.doe@example.com",
+            "is_active": true
+        }
+
+## List email addresses for a user
+
+`GET /api/v1.1/users/:username/emails/`
+
+List email info for the specified user.
+
+Parameters:
+
+-   **username** – username of the user whose profile info is being
+        updated.
+
+Request Headers:
+
+-   **Authorization** – required authentication credentials of
+        either type HTTP Basic or OAuth Bearer Token
+
+Status Codes:
+
+-   **200** – success, user data updated.
+-   **401** – authentication error.
+-   **403** – permission error, authenticated user must be the user
+        whose data is being requested, OAuth access tokens must have
+        `email_read` scope.
+-   **404** – the specified username does not exist.
+
+**Example request**:
+
+        GET /api/v1.1/users/janedoe/emails/ HTTP/1.1
+        Host: www.docker.io
+        Accept: application/json
+        Authorization: Bearer zAy0BxC1wDv2EuF3tGs4HrI6qJp6KoL7nM
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+            {
+                "email": "jane.doe@example.com",
+                "verified": true,
+                "primary": true
+            }
+        ]
+
+## Add email address for a user
+
+`POST /api/v1.1/users/:username/emails/`
+
+Add a new email address to the specified user's account. The email
+address must be verified separately, a confirmation email is not
+automatically sent.
+
+Json Parameters:
+
+-   **email** (*string*) – email address to be added.
+
+Request Headers:
+
+-   **Authorization** – required authentication credentials of
+        either type HTTP Basic or OAuth Bearer Token.
+-   **Content-Type** – MIME Type of post data. JSON, url-encoded
+        form data, etc.
+
+Status Codes:
+
+-   **201** – success, new email added.
+-   **400** – data validation error.
+-   **401** – authentication error.
+-   **403** – permission error, authenticated user must be the user
+        whose data is being requested, OAuth access tokens must have
+        `email_write` scope.
+-   **404** – the specified username does not exist.
+
+**Example request**:
+
+        POST /api/v1.1/users/janedoe/emails/ HTTP/1.1
+        Host: www.docker.io
+        Accept: application/json
+        Content-Type: application/json
+        Authorization: Bearer zAy0BxC1wDv2EuF3tGs4HrI6qJp6KoL7nM
+
+        {
+            "email": "jane.doe+other@example.com"
+        }
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: application/json
+
+        {
+            "email": "jane.doe+other@example.com",
+            "verified": false,
+            "primary": false
+        }
+
+## Delete email address for a user
+
+`DELETE /api/v1.1/users/:username/emails/`
+
+Delete an email address from the specified user's account. You
+cannot delete a user's primary email address.
+
+Json Parameters:
+
+-   **email** (*string*) – email address to be deleted.
+
+Request Headers:
+
+-   **Authorization** – required authentication credentials of
+        either type HTTP Basic or OAuth Bearer Token.
+-   **Content-Type** – MIME Type of post data. JSON, url-encoded
+        form data, etc.
+
+Status Codes:
+
+-   **204** – success, email address removed.
+-   **400** – validation error.
+-   **401** – authentication error.
+-   **403** – permission error, authenticated user must be the user
+        whose data is being requested, OAuth access tokens must have
+        `email_write` scope.
+-   **404** – the specified username or email address does not
+        exist.
+
+**Example request**:
+
+        DELETE /api/v1.1/users/janedoe/emails/ HTTP/1.1
+        Host: www.docker.io
+        Accept: application/json
+        Content-Type: application/json
+        Authorization: Bearer zAy0BxC1wDv2EuF3tGs4HrI6qJp6KoL7nM
+
+        {
+            "email": "jane.doe+other@example.com"
+        }
+
+**Example response**:
+
+        HTTP/1.1 204 NO CONTENT
+        Content-Length: 0
diff --git a/docs/reference/api/docker_remote_api.md b/docs/reference/api/docker_remote_api.md
new file mode 100644
index 00000000..34914c4e
--- /dev/null
+++ b/docs/reference/api/docker_remote_api.md
@@ -0,0 +1,291 @@
+<!--[metadata]>
++++
+title = "Remote API"
+description = "API Documentation for Docker"
+keywords = ["API, Docker, rcli, REST,  documentation"]
+[menu.main]
+parent = "engine_remoteapi"
+weight=-99
++++
+<![end-metadata]-->
+
+# Docker Remote API
+
+Docker's Remote API uses an open schema model.  In this model, unknown
+properties in incoming messages are ignored. Client applications need to take
+this behavior into account to ensure they do not break when talking to newer
+Docker daemons.
+
+The API tends to be REST, but for some complex commands, like attach or pull,
+the HTTP connection is hijacked to transport STDOUT, STDIN, and STDERR.
+
+By default the Docker daemon listens on `unix:///var/run/docker.sock` and the
+client must have `root` access to interact with the daemon. If a group named
+`docker` exists on your system, `docker` applies ownership of the socket to the
+group.
+
+To connect to the Docker daemon with cURL you need to use cURL 7.40 or
+later, as these versions have the `--unix-socket` flag available. To
+run `curl` against the daemon on the default socket, use the
+following:
+
+    curl --unix-socket /var/run/docker.sock http:/containers/json
+
+If you have bound the Docker daemon to a different socket path or TCP
+port, you would reference that in your cURL rather than the
+default.
+
+The current version of the API is v1.23 which means calling `/info` is the same
+as calling `/v1.23/info`. To call an older version of the API use
+`/v1.22/info`.
+
+Use the table below to find the API version for a Docker version:
+
+Docker version  | API version                        | Changes
+----------------|------------------------------------|------------------------------------------------------
+1.11.x          | [1.23](docker_remote_api_v1.23.md) | [API changes](docker_remote_api.md#v1-23-api-changes)
+1.10.x          | [1.22](docker_remote_api_v1.22.md) | [API changes](docker_remote_api.md#v1-22-api-changes)
+1.9.x           | [1.21](docker_remote_api_v1.21.md) | [API changes](docker_remote_api.md#v1-21-api-changes)
+1.8.x           | [1.20](docker_remote_api_v1.20.md) | [API changes](docker_remote_api.md#v1-20-api-changes)
+1.7.x           | [1.19](docker_remote_api_v1.19.md) | [API changes](docker_remote_api.md#v1-19-api-changes)
+1.6.x           | [1.18](docker_remote_api_v1.18.md) | [API changes](docker_remote_api.md#v1-18-api-changes)
+1.5.x           | [1.17](docker_remote_api_v1.17.md) | [API changes](docker_remote_api.md#v1-17-api-changes)
+1.4.x           | [1.16](docker_remote_api_v1.16.md) | [API changes](docker_remote_api.md#v1-16-api-changes)
+1.3.x           | [1.15](docker_remote_api_v1.15.md) | [API changes](docker_remote_api.md#v1-15-api-changes)
+1.2.x           | [1.14](docker_remote_api_v1.14.md) | [API changes](docker_remote_api.md#v1-14-api-changes)
+
+Refer to the [GitHub repository](
+https://github.com/docker/docker/tree/master/docs/reference/api) for
+older releases.
+
+## Authentication
+
+Since API version 1.2, the auth configuration is now handled client side, so the
+client has to send the `authConfig` as a `POST` in `/images/(name)/push`. The
+`authConfig`, set as the `X-Registry-Auth` header, is currently a Base64 encoded
+(JSON) string with the following structure:
+
+```
+{"username": "string", "password": "string", "email": "string",
+   "serveraddress" : "string", "auth": ""}
+```
+
+Callers should leave the `auth` empty. The `serveraddress` is a domain/ip
+without protocol. Throughout this structure, double quotes are required.
+
+## Using Docker Machine with the API
+
+If you are using `docker-machine`, the Docker daemon is on a host that
+uses an encrypted TCP socket using TLS. This means, for Docker Machine users,
+you need to add extra parameters to `curl` or `wget` when making test
+API requests, for example:
+
+```
+curl --insecure \
+     --cert $DOCKER_CERT_PATH/cert.pem \
+     --key $DOCKER_CERT_PATH/key.pem \
+     https://YOUR_VM_IP:2376/images/json
+
+wget --no-check-certificate --certificate=$DOCKER_CERT_PATH/cert.pem \
+     --private-key=$DOCKER_CERT_PATH/key.pem \
+     https://YOUR_VM_IP:2376/images/json -O - -q
+```
+
+## Docker Events
+
+The following diagram depicts the container states accessible through the API.
+
+![States](images/event_state.png)
+
+Some container-related events are not affected by container state, so they are not included in this diagram. These events are:
+
+* **export** emitted by `docker export`
+* **exec_create** emitted by `docker exec`
+* **exec_start** emitted by `docker exec` after **exec_create**
+
+Running `docker rmi` emits an **untag** event when removing an image name.  The `rmi` command may also emit **delete** events when images are deleted by ID directly or by deleting the last tag referring to the image.
+
+> **Acknowledgment**: This diagram and the accompanying text were used with the permission of Matt Good and Gilder Labs. See Matt's original blog post [Docker Events Explained](https://gliderlabs.com/blog/2015/04/14/docker-events-explained/).
+
+## Version history
+
+This section lists each version from latest to oldest.  Each listing includes a link to the full documentation set and the changes relevant in that release.
+
+### v1.23 API changes
+
+[Docker Remote API v1.23](docker_remote_api_v1.23.md) documentation
+
+* `GET /containers/json` returns the state of the container, one of `created`, `restarting`, `running`, `paused`, `exited` or `dead`.
+* `GET /containers/json` returns the mount points for the container.
+* `GET /networks/(name)` now returns an `Internal` field showing whether the network is internal or not.
+* `GET /networks/(name)` now returns an `EnableIPv6` field showing whether the network has ipv6 enabled or not.
+* `POST /containers/(name)/update` now supports updating container's restart policy.
+* `POST /networks/create` now supports enabling ipv6 on the network by setting the `EnableIPv6` field (doing this with a label will no longer work).
+* `GET /info` now returns `CgroupDriver` field showing what cgroup driver the daemon is using; `cgroupfs` or `systemd`.
+* `GET /info` now returns `KernelMemory` field, showing if "kernel memory limit" is supported.
+* `POST /containers/create` now takes `PidsLimit` field, if the kernel is >= 4.3 and the pids cgroup is supported.
+* `GET /containers/(id or name)/stats` now returns `pids_stats`, if the kernel is >= 4.3 and the pids cgroup is supported.
+* `POST /containers/create` now allows you to override usernamespaces remapping and use privileged options for the container.
+* `POST /containers/create` now allows specifying `nocopy` for named volumes, which disables automatic copying from the container path to the volume.
+* `POST /auth` now returns an `IdentityToken` when supported by a registry.
+* `POST /containers/create` with both `Hostname` and `Domainname` fields specified will result in the container's hostname being set to `Hostname`, rather than `Hostname.Domainname`.
+
+### v1.22 API changes
+
+[Docker Remote API v1.22](docker_remote_api_v1.22.md) documentation
+
+* `POST /container/(name)/update` updates the resources of a container.
+* `GET /containers/json` supports filter `isolation` on Windows.
+* `GET /containers/json` now returns the list of networks of containers.
+* `GET /info` Now returns `Architecture` and `OSType` fields, providing information
+  about the host architecture and operating system type that the daemon runs on.
+* `GET /networks/(name)` now returns a `Name` field for each container attached to the network.
+* `GET /version` now returns the `BuildTime` field in RFC3339Nano format to make it
+  consistent with other date/time values returned by the API.
+* `AuthConfig` now supports a `registrytoken` for token based authentication
+* `POST /containers/create` now has a 4M minimum value limit for `HostConfig.KernelMemory`
+* Pushes initiated with `POST /images/(name)/push` and pulls initiated with `POST /images/create`
+  will be cancelled if the HTTP connection making the API request is closed before
+  the push or pull completes.
+* `POST /containers/create` now allows you to set a read/write rate limit for a
+  device (in bytes per second or IO per second).
+* `GET /networks` now supports filtering by `name`, `id` and `type`.
+* `POST /containers/create` now allows you to set the static IPv4 and/or IPv6 address for the container.
+* `POST /networks/(id)/connect` now allows you to set the static IPv4 and/or IPv6 address for the container.
+* `GET /info` now includes the number of containers running, stopped, and paused.
+* `POST /networks/create` now supports restricting external access to the network by setting the `Internal` field.
+* `POST /networks/(id)/disconnect` now includes a `Force` option to forcefully disconnect a container from network
+* `GET /containers/(id)/json` now returns the `NetworkID` of containers.
+* `POST /networks/create` Now supports an options field in the IPAM config that provides options
+  for custom IPAM plugins.
+* `GET /networks/{network-id}` Now returns IPAM config options for custom IPAM plugins if any
+  are available.
+* `GET /networks/<network-id>` now returns subnets info for user-defined networks.
+* `GET /info` can now return a `SystemStatus` field useful for returning additional information about applications
+  that are built on top of engine.
+
+### v1.21 API changes
+
+[Docker Remote API v1.21](docker_remote_api_v1.21.md) documentation
+
+* `GET /volumes` lists volumes from all volume drivers.
+* `POST /volumes/create` to create a volume.
+* `GET /volumes/(name)` get low-level information about a volume.
+* `DELETE /volumes/(name)` remove a volume with the specified name.
+* `VolumeDriver` was moved from `config` to `HostConfig` to make the configuration portable.
+* `GET /images/(name)/json` now returns information about an image's `RepoTags` and `RepoDigests`.
+* The `config` option now accepts the field `StopSignal`, which specifies the signal to use to kill a container.
+* `GET /containers/(id)/stats` will return networking information respectively for each interface.
+* The `HostConfig` option now includes the `DnsOptions` field to configure the container's DNS options.
+* `POST /build` now optionally takes a serialized map of build-time variables.
+* `GET /events` now includes a `timenano` field, in addition to the existing `time` field.
+* `GET /events` now supports filtering by image and container labels.
+* `GET /info` now lists engine version information and return the information of `CPUShares` and `Cpuset`.
+* `GET /containers/json` will return `ImageID` of the image used by container.
+* `POST /exec/(name)/start` will now return an HTTP 409 when the container is either stopped or paused.
+* `GET /containers/(name)/json` now accepts a `size` parameter. Setting this parameter to '1' returns container size information in the `SizeRw` and `SizeRootFs` fields.
+* `GET /containers/(name)/json` now returns a `NetworkSettings.Networks` field,
+  detailing network settings per network. This field deprecates the
+  `NetworkSettings.Gateway`, `NetworkSettings.IPAddress`,
+  `NetworkSettings.IPPrefixLen`, and `NetworkSettings.MacAddress` fields, which
+  are still returned for backward-compatibility, but will be removed in a future version.
+* `GET /exec/(id)/json` now returns a `NetworkSettings.Networks` field,
+  detailing networksettings per network. This field deprecates the
+  `NetworkSettings.Gateway`, `NetworkSettings.IPAddress`,
+  `NetworkSettings.IPPrefixLen`, and `NetworkSettings.MacAddress` fields, which
+  are still returned for backward-compatibility, but will be removed in a future version.
+* The `HostConfig` option now includes the `OomScoreAdj` field for adjusting the
+  badness heuristic. This heuristic selects which processes the OOM killer kills
+  under out-of-memory conditions.
+
+### v1.20 API changes
+
+[Docker Remote API v1.20](docker_remote_api_v1.20.md) documentation
+
+* `GET /containers/(id)/archive` get an archive of filesystem content from a container.
+* `PUT /containers/(id)/archive` upload an archive of content to be extracted to
+an existing directory inside a container's filesystem.
+* `POST /containers/(id)/copy` is deprecated in favor of the above `archive`
+endpoint which can be used to download files and directories from a container.
+* The `hostConfig` option now accepts the field `GroupAdd`, which specifies a
+list of additional groups that the container process will run as.
+
+### v1.19 API changes
+
+[Docker Remote API v1.19](docker_remote_api_v1.19.md) documentation
+
+* When the daemon detects a version mismatch with the client, usually when
+the client is newer than the daemon, an HTTP 400 is now returned instead
+of a 404.
+* `GET /containers/(id)/stats` now accepts `stream` bool to get only one set of stats and disconnect.
+* `GET /containers/(id)/logs` now accepts a `since` timestamp parameter.
+* `GET /info` The fields `Debug`, `IPv4Forwarding`, `MemoryLimit`, and
+`SwapLimit` are now returned as boolean instead of as an int. In addition, the
+end point now returns the new boolean fields `CpuCfsPeriod`, `CpuCfsQuota`, and
+`OomKillDisable`.
+* The `hostConfig` option now accepts the fields `CpuPeriod` and `CpuQuota`
+* `POST /build` accepts `cpuperiod` and `cpuquota` options
+
+### v1.18 API changes
+
+[Docker Remote API v1.18](docker_remote_api_v1.18.md) documentation
+
+* `GET /version` now returns `Os`, `Arch` and `KernelVersion`.
+* `POST /containers/create` and `POST /containers/(id)/start`allow you to  set ulimit settings for use in the container.
+* `GET /info` now returns `SystemTime`, `HttpProxy`,`HttpsProxy` and `NoProxy`.
+* `GET /images/json` added a `RepoDigests` field to include image digest information.
+* `POST /build` can now set resource constraints for all containers created for the build.
+* `CgroupParent` can be passed in the host config to setup container cgroups under a specific cgroup.
+* `POST /build` closing the HTTP request cancels the build
+* `POST /containers/(id)/exec` includes `Warnings` field to response.
+
+### v1.17 API changes
+
+[Docker Remote API v1.17](docker_remote_api_v1.17.md) documentation
+
+* The build supports `LABEL` command. Use this to add metadata to an image. For
+example you could add data describing the content of an image. `LABEL
+"com.example.vendor"="ACME Incorporated"`
+* `POST /containers/(id)/attach` and `POST /exec/(id)/start`
+* The Docker client now hints potential proxies about connection hijacking using HTTP Upgrade headers.
+* `POST /containers/create` sets labels on container create describing the container.
+* `GET /containers/json` returns the labels associated with the containers (`Labels`).
+* `GET /containers/(id)/json` returns the list current execs associated with the
+container (`ExecIDs`). This endpoint now returns the container labels
+(`Config.Labels`).
+* `POST /containers/(id)/rename` renames a container `id` to a new name.*
+* `POST /containers/create` and `POST /containers/(id)/start` callers can pass
+`ReadonlyRootfs` in the host config to mount the container's root filesystem as
+read only.
+* `GET /containers/(id)/stats` returns a live stream of a container's resource usage statistics.
+* `GET /images/json` returns the labels associated with each image (`Labels`).
+
+
+### v1.16 API changes
+
+[Docker Remote API v1.16](docker_remote_api_v1.16.md)
+
+* `GET /info` returns the number of CPUs available on the machine (`NCPU`),
+total memory available (`MemTotal`), a user-friendly name describing the running Docker daemon (`Name`), a unique ID identifying the daemon (`ID`), and
+a list of daemon labels (`Labels`).
+* `POST /containers/create` callers can set the new container's MAC address explicitly.
+* Volumes are now initialized when the container is created.
+* `POST /containers/(id)/copy` copies data which is contained in a volume.
+
+### v1.15 API changes
+
+[Docker Remote API v1.15](docker_remote_api_v1.15.md) documentation
+
+`POST /containers/create` you can set a container's `HostConfig` when creating a
+container. Previously this was only available when starting a container.
+
+### v1.14 API changes
+
+[Docker Remote API v1.14](docker_remote_api_v1.14.md) documentation
+
+* `DELETE /containers/(id)` when using `force`, the container will be immediately killed with SIGKILL.
+* `POST /containers/(id)/start` the `HostConfig` option accepts the field `CapAdd`, which specifies a list of capabilities
+to add, and the field `CapDrop`, which specifies a list of capabilities to drop.
+* `POST /images/create` th `fromImage` and `repo` parameters support the
+`repo:tag` format. Consequently,  the `tag` parameter is now obsolete. Using the
+new format and the `tag` parameter at the same time will return an error.
diff --git a/docs/reference/api/docker_remote_api_v1.14.md b/docs/reference/api/docker_remote_api_v1.14.md
new file mode 100644
index 00000000..e7c8fde6
--- /dev/null
+++ b/docs/reference/api/docker_remote_api_v1.14.md
@@ -0,0 +1,1470 @@
+<!--[metadata]>
++++
+title = "Remote API v1.14"
+description = "API Documentation for Docker"
+keywords = ["API, Docker, rcli, REST,  documentation"]
+[menu.main]
+parent = "engine_remoteapi"
+weight = 7
++++
+<![end-metadata]-->
+
+# Docker Remote API v1.14
+
+## 1. Brief introduction
+
+ - The Remote API has replaced `rcli`.
+ - The daemon listens on `unix:///var/run/docker.sock` but you can
+   [Bind Docker to another host/port or a Unix socket](../../quickstart.md#bind-docker-to-another-host-port-or-a-unix-socket).
+ - The API tends to be REST, but for some complex commands, like `attach`
+   or `pull`, the HTTP connection is hijacked to transport `STDOUT`,
+   `STDIN` and `STDERR`.
+
+# 2. Endpoints
+
+## 2.1 Containers
+
+### List containers
+
+`GET /containers/json`
+
+List containers
+
+**Example request**:
+
+        GET /containers/json?all=1&before=8dfafdbc3a40&size=1 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+             {
+                     "Id": "8dfafdbc3a40",
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 1",
+                     "Created": 1367854155,
+                     "Status": "Exit 0",
+                     "Ports": [{"PrivatePort": 2222, "PublicPort": 3333, "Type": "tcp"}],
+                     "SizeRw": 12288,
+                     "SizeRootFs": 0
+             },
+             {
+                     "Id": "9cd87474be90",
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 222222",
+                     "Created": 1367854155,
+                     "Status": "Exit 0",
+                     "Ports": [],
+                     "SizeRw": 12288,
+                     "SizeRootFs": 0
+             },
+             {
+                     "Id": "3176a2479c92",
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 3333333333333333",
+                     "Created": 1367854154,
+                     "Status": "Exit 0",
+                     "Ports":[],
+                     "SizeRw":12288,
+                     "SizeRootFs":0
+             },
+             {
+                     "Id": "4cb07b47f9fb",
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 444444444444444444444444444444444",
+                     "Created": 1367854152,
+                     "Status": "Exit 0",
+                     "Ports": [],
+                     "SizeRw": 12288,
+                     "SizeRootFs": 0
+             }
+        ]
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, Show all containers.
+    Only running containers are shown by default (i.e., this defaults to false)
+-   **limit** – Show `limit` last created containers, include non-running ones.
+-   **since** – Show only containers created since Id, include non-running ones.
+-   **before** – Show only containers created before Id, include non-running ones.
+-   **size** – 1/True/true or 0/False/false, Show the containers sizes
+-   **filters** - a json encoded value of the filters (a map[string][]string) to process on the containers list. Available filters:
+  -   exited=&lt;int&gt; -- containers with exit code of &lt;int&gt;
+  -   status=(restarting|running|paused|exited)
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **500** – server error
+
+### Create a container
+
+`POST /containers/create`
+
+Create a container
+
+**Example request**:
+
+        POST /containers/create HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "Hostname":"",
+             "Domainname": "",
+             "User":"",
+             "Memory":0,
+             "MemorySwap":0,
+             "CpuShares": 512,
+             "Cpuset": "0,1",
+             "AttachStdin":false,
+             "AttachStdout":true,
+             "AttachStderr":true,
+             "PortSpecs":null,
+             "Tty":false,
+             "OpenStdin":false,
+             "StdinOnce":false,
+             "Env": [
+                     "FOO=bar",
+                     "BAZ=quux"
+             ],
+             "Cmd":[
+                     "date"
+             ],
+             "Image":"ubuntu",
+             "Volumes":{
+                     "/tmp": {}
+             },
+             "WorkingDir":"",
+             "NetworkDisabled": false,
+             "ExposedPorts":{
+                     "22/tcp": {}
+             },
+             "RestartPolicy": { "Name": "always" }
+        }
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: application/json
+
+        {
+             "Id":"e90e34656806"
+             "Warnings":[]
+        }
+
+Json Parameters:
+
+-   **RestartPolicy** – The behavior to apply when the container exits.  The
+        value is an object with a `Name` property of either `"always"` to
+        always restart or `"on-failure"` to restart only when the container
+        exit code is non-zero.  If `on-failure` is used, `MaximumRetryCount`
+        controls the number of times to retry before giving up.
+        The default is not to restart. (optional)
+        An ever increasing delay (double the previous delay, starting at 100mS)
+        is added before each restart to prevent flooding the server.
+-   **config** – the container's configuration
+
+Query Parameters:
+
+-   **name** – Assign the specified name to the container. Must match `/?[a-zA-Z0-9_-]+`.
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **406** – impossible to attach (container not running)
+-   **500** – server error
+
+### Inspect a container
+
+`GET /containers/(id or name)/json`
+
+Return low-level information on the container `id`
+
+
+**Example request**:
+
+        GET /containers/4fa6e0f0c678/json HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+                     "Id": "4fa6e0f0c6786287e131c3852c58a2e01cc697a68231826813597e4994f1d6e2",
+                     "Created": "2013-05-07T14:51:42.041847+02:00",
+                     "Path": "date",
+                     "Args": [],
+                     "Config": {
+                             "Hostname": "4fa6e0f0c678",
+                             "User": "",
+                             "Memory": 0,
+                             "MemorySwap": 0,
+                             "AttachStdin": false,
+                             "AttachStdout": true,
+                             "AttachStderr": true,
+                             "PortSpecs": null,
+                             "Tty": false,
+                             "OpenStdin": false,
+                             "StdinOnce": false,
+                             "Env": null,
+                             "Cmd": [
+                                     "date"
+                             ],
+                             "Dns": null,
+                             "Image": "ubuntu",
+                             "Volumes": {},
+                             "VolumesFrom": "",
+                             "WorkingDir": ""
+                     },
+                     "State": {
+                             "Running": false,
+                             "Pid": 0,
+                             "ExitCode": 0,
+                             "StartedAt": "2013-05-07T14:51:42.087658+02:01360",
+                             "Ghost": false
+                     },
+                     "Image": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+                     "NetworkSettings": {
+                             "IpAddress": "",
+                             "IpPrefixLen": 0,
+                             "Gateway": "",
+                             "Bridge": "",
+                             "PortMapping": null
+                     },
+                     "SysInitPath": "/home/kitty/go/src/github.com/docker/docker/bin/docker",
+                     "ResolvConfPath": "/etc/resolv.conf",
+                     "Volumes": {},
+                     "HostConfig": {
+                         "Binds": null,
+                         "ContainerIDFile": "",
+                         "LxcConf": [],
+                         "Privileged": false,
+                         "PortBindings": {
+                            "80/tcp": [
+                                {
+                                    "HostIp": "0.0.0.0",
+                                    "HostPort": "49153"
+                                }
+                            ]
+                         },
+                         "Links": ["/name:alias"],
+                         "PublishAllPorts": false,
+                         "CapAdd": ["NET_ADMIN"],
+                         "CapDrop": ["MKNOD"]
+                     }
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### List processes running inside a container
+
+`GET /containers/(id or name)/top`
+
+List processes running inside the container `id`. On Unix systems this
+is done by running the `ps` command. This endpoint is not
+supported on Windows.
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+       "Titles" : [
+         "UID", "PID", "PPID", "C", "STIME", "TTY", "TIME", "CMD"
+       ],
+       "Processes" : [
+         [
+           "root", "13642", "882", "0", "17:03", "pts/0", "00:00:00", "/bin/bash"
+         ],
+         [
+           "root", "13735", "13642", "0", "17:06", "pts/0", "00:00:00", "sleep 10"
+         ]
+       ]
+    }
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top?ps_args=aux HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+      "Titles" : [
+        "USER","PID","%CPU","%MEM","VSZ","RSS","TTY","STAT","START","TIME","COMMAND"
+      ]
+      "Processes" : [
+        [
+          "root","13642","0.0","0.1","18172","3184","pts/0","Ss","17:03","0:00","/bin/bash"
+        ],
+        [
+          "root","13895","0.0","0.0","4348","692","pts/0","S+","17:15","0:00","sleep 10"
+        ]
+      ],
+    }
+
+Query Parameters:
+
+-   **ps_args** – `ps` arguments to use (e.g., `aux`), defaults to `-ef`
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Get container logs
+
+`GET /containers/(id or name)/logs`
+
+Get stdout and stderr logs from the container ``id``
+
+**Example request**:
+
+       GET /containers/4fa6e0f0c678/logs?stderr=1&stdout=1&timestamps=1&follow=1&tail=10 HTTP/1.1
+
+**Example response**:
+
+       HTTP/1.1 200 OK
+       Content-Type: application/vnd.docker.raw-stream
+
+       {{ STREAM }}
+
+Query Parameters:
+
+-   **follow** – 1/True/true or 0/False/false, return stream. Default false
+-   **stdout** – 1/True/true or 0/False/false, show stdout log. Default false
+-   **stderr** – 1/True/true or 0/False/false, show stderr log. Default false
+-   **timestamps** – 1/True/true or 0/False/false, print timestamps for every
+    log line. Default false
+-   **tail** – Output specified number of lines at the end of logs: `all` or
+    `<number>`. Default all
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Inspect changes on a container's filesystem
+
+`GET /containers/(id or name)/changes`
+
+Inspect changes on container `id`'s filesystem
+
+**Example request**:
+
+        GET /containers/4fa6e0f0c678/changes HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+             {
+                     "Path": "/dev",
+                     "Kind": 0
+             },
+             {
+                     "Path": "/dev/kmsg",
+                     "Kind": 1
+             },
+             {
+                     "Path": "/test",
+                     "Kind": 1
+             }
+        ]
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Export a container
+
+`GET /containers/(id or name)/export`
+
+Export the contents of container `id`
+
+**Example request**:
+
+        GET /containers/4fa6e0f0c678/export HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/octet-stream
+
+        {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Start a container
+
+`POST /containers/(id or name)/start`
+
+Start the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/start HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "Binds":["/tmp:/tmp"],
+             "Links":["redis3:redis"],
+             "LxcConf":[{"Key":"lxc.utsname","Value":"docker"}],
+             "PortBindings":{ "22/tcp": [{ "HostPort": "11022" }] },
+             "PublishAllPorts":false,
+             "Privileged":false,
+             "Dns": ["8.8.8.8"],
+             "VolumesFrom": ["parent", "other:ro"],
+             "CapAdd": ["NET_ADMIN"],
+             "CapDrop": ["MKNOD"]
+        }
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Json Parameters:
+
+-   **hostConfig** – the container's host configuration (optional)
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already started
+-   **404** – no such container
+-   **500** – server error
+
+### Stop a container
+
+`POST /containers/(id or name)/stop`
+
+Stop the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/stop?t=5 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already stopped
+-   **404** – no such container
+-   **500** – server error
+
+### Restart a container
+
+`POST /containers/(id or name)/restart`
+
+Restart the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/restart?t=5 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Kill a container
+
+`POST /containers/(id or name)/kill`
+
+Kill the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/kill HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters
+
+-   **signal** - Signal to send to the container: integer or string like "SIGINT".
+    When not set, SIGKILL is assumed and the call will wait for the container to exit.
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Pause a container
+
+`POST /containers/(id or name)/pause`
+
+Pause the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/pause HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Unpause a container
+
+`POST /containers/(id or name)/unpause`
+
+Unpause the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/unpause HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Attach to a container
+
+`POST /containers/(id or name)/attach`
+
+Attach to the container `id`
+
+**Example request**:
+
+        POST /containers/16253994b7c4/attach?logs=1&stream=0&stdout=1 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/vnd.docker.raw-stream
+
+        {{ STREAM }}
+
+Query Parameters:
+
+-   **logs** – 1/True/true or 0/False/false, return logs. Default false
+-   **stream** – 1/True/true or 0/False/false, return stream. Default false
+-   **stdin** – 1/True/true or 0/False/false, if stream=true, attach to stdin.
+    Default false
+-   **stdout** – 1/True/true or 0/False/false, if logs=true, return
+    stdout log, if stream=true, attach to stdout. Default false
+-   **stderr** – 1/True/true or 0/False/false, if logs=true, return
+    stderr log, if stream=true, attach to stderr. Default false
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+    **Stream details**:
+
+    When using the TTY setting is enabled in
+    [`POST /containers/create`](#create-a-container),
+    the stream is the raw data from the process PTY and client's stdin.
+    When the TTY is disabled, then the stream is multiplexed to separate
+    stdout and stderr.
+
+    The format is a **Header** and a **Payload** (frame).
+
+    **HEADER**
+
+    The header will contain the information on which stream write the
+    stream (stdout or stderr). It also contain the size of the
+    associated frame encoded on the last 4 bytes (uint32).
+
+    It is encoded on the first 8 bytes like this:
+
+        header := [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4}
+
+    `STREAM_TYPE` can be:
+
+-   0: stdin (will be written on stdout)
+-   1: stdout
+-   2: stderr
+
+    `SIZE1, SIZE2, SIZE3, SIZE4` are the 4 bytes of
+    the uint32 size encoded as big endian.
+
+    **PAYLOAD**
+
+    The payload is the raw stream.
+
+    **IMPLEMENTATION**
+
+    The simplest way to implement the Attach protocol is the following:
+
+    1.  Read 8 bytes
+    2.  chose stdout or stderr depending on the first byte
+    3.  Extract the frame size from the last 4 bytes
+    4.  Read the extracted size and output it on the correct output
+    5.  Goto 1
+
+### Attach to a container (websocket)
+
+`GET /containers/(id or name)/attach/ws`
+
+Attach to the container `id` via websocket
+
+Implements websocket protocol handshake according to [RFC 6455](http://tools.ietf.org/html/rfc6455)
+
+**Example request**
+
+        GET /containers/e90e34656806/attach/ws?logs=0&stream=1&stdin=1&stdout=1&stderr=1 HTTP/1.1
+
+**Example response**
+
+        {{ STREAM }}
+
+Query Parameters:
+
+-   **logs** – 1/True/true or 0/False/false, return logs. Default false
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default false
+-   **stdin** – 1/True/true or 0/False/false, if stream=true, attach
+        to stdin. Default false
+-   **stdout** – 1/True/true or 0/False/false, if logs=true, return
+        stdout log, if stream=true, attach to stdout. Default false
+-   **stderr** – 1/True/true or 0/False/false, if logs=true, return
+        stderr log, if stream=true, attach to stderr. Default false
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Wait a container
+
+`POST /containers/(id or name)/wait`
+
+Block until container `id` stops, then returns the exit code
+
+**Example request**:
+
+        POST /containers/16253994b7c4/wait HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"StatusCode": 0}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Remove a container
+
+`DELETE /containers/(id or name)`
+
+Remove the container `id` from the filesystem
+
+**Example request**:
+
+        DELETE /containers/16253994b7c4?v=1 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **v** – 1/True/true or 0/False/false, Remove the volumes
+        associated to the container. Default false
+-   **force** - 1/True/true or 0/False/false, Kill then remove the container.
+        Default false
+
+Status Codes:
+
+-   **204** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Copy files or folders from a container
+
+`POST /containers/(id or name)/copy`
+
+Copy files or folders of container `id`
+
+**Example request**:
+
+        POST /containers/4fa6e0f0c678/copy HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "Resource": "test.txt"
+        }
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/octet-stream
+
+        {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+## 2.2 Images
+
+### List Images
+
+`GET /images/json`
+
+**Example request**:
+
+        GET /images/json?all=0 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+          {
+             "RepoTags": [
+               "ubuntu:12.04",
+               "ubuntu:precise",
+               "ubuntu:latest"
+             ],
+             "Id": "8dbd9e392a964056420e5d58ca5cc376ef18e2de93b5cc90e868a1bbc8318c1c",
+             "Created": 1365714795,
+             "Size": 131506275,
+             "VirtualSize": 131506275
+          },
+          {
+             "RepoTags": [
+               "ubuntu:12.10",
+               "ubuntu:quantal"
+             ],
+             "ParentId": "27cf784147099545",
+             "Id": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+             "Created": 1364102658,
+             "Size": 24653,
+             "VirtualSize": 180116135
+          }
+        ]
+
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, default false
+-   **filters** – a json encoded value of the filters (a map[string][]string) to process on the images list. Available filters:
+  -   dangling=true
+-   **filter** - only return images with the specified name
+
+### Create an image
+
+`POST /images/create`
+
+Create an image, either by pulling it from the registry or by importing it
+
+**Example request**:
+
+        POST /images/create?fromImage=ubuntu HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"status": "Pulling..."}
+        {"status": "Pulling", "progress": "1 B/ 100 B", "progressDetail": {"current": 1, "total": 100}}
+        {"error": "Invalid..."}
+        ...
+
+    When using this endpoint to pull an image from the registry, the
+    `X-Registry-Auth` header can be used to include
+    a base64-encoded AuthConfig object.
+
+Query Parameters:
+
+-   **fromImage** – name of the image to pull
+-   **fromSrc** – source to import, - means stdin
+-   **repo** – repository
+-   **tag** – tag
+-   **registry** – the registry to pull from
+
+Request Headers:
+
+-   **X-Registry-Auth** – base64-encoded AuthConfig object
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+
+
+### Inspect an image
+
+`GET /images/(name)/json`
+
+Return low-level information on the image `name`
+
+**Example request**:
+
+        GET /images/ubuntu/json HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+             "Created": "2013-03-23T22:24:18.818426-07:00",
+             "Container": "3d67245a8d72ecf13f33dffac9f79dcdf70f75acb84d308770391510e0c23ad0",
+             "ContainerConfig":
+                     {
+                             "Hostname": "",
+                             "User": "",
+                             "Memory": 0,
+                             "MemorySwap": 0,
+                             "AttachStdin": false,
+                             "AttachStdout": false,
+                             "AttachStderr": false,
+                             "PortSpecs": null,
+                             "Tty": true,
+                             "OpenStdin": true,
+                             "StdinOnce": false,
+                             "Env": null,
+                             "Cmd": ["/bin/bash"],
+                             "Dns": null,
+                             "Image": "ubuntu",
+                             "Volumes": null,
+                             "VolumesFrom": "",
+                             "WorkingDir": ""
+                     },
+             "Id": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+             "Parent": "27cf784147099545",
+             "Size": 6824592
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Get the history of an image
+
+`GET /images/(name)/history`
+
+Return the history of the image `name`
+
+**Example request**:
+
+        GET /images/ubuntu/history HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+             {
+                     "Id": "b750fe79269d",
+                     "Created": 1364102658,
+                     "CreatedBy": "/bin/bash"
+             },
+             {
+                     "Id": "27cf78414709",
+                     "Created": 1364068391,
+                     "CreatedBy": ""
+             }
+        ]
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Push an image on the registry
+
+`POST /images/(name)/push`
+
+Push the image `name` on the registry
+
+**Example request**:
+
+        POST /images/test/push HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"status": "Pushing..."}
+        {"status": "Pushing", "progress": "1/? (n/a)", "progressDetail": {"current": 1}}}
+        {"error": "Invalid..."}
+        ...
+
+    If you wish to push an image on to a private registry, that image must already have been tagged
+    into a repository which references that registry host name and port.  This repository name should
+    then be used in the URL. This mirrors the flow of the CLI.
+
+**Example request**:
+
+        POST /images/registry.acme.com:5000/test/push HTTP/1.1
+
+
+Query Parameters:
+
+-   **tag** – the tag to associate with the image on the registry, optional
+
+Request Headers:
+
+-   **X-Registry-Auth** – include a base64-encoded AuthConfig object.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Tag an image into a repository
+
+`POST /images/(name)/tag`
+
+Tag the image `name` into a repository
+
+**Example request**:
+
+        POST /images/test/tag?repo=myrepo&force=0&tag=v42 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+
+Query Parameters:
+
+-   **repo** – The repository to tag in
+-   **force** – 1/True/true or 0/False/false, default false
+-   **tag** - The new tag name
+
+Status Codes:
+
+-   **201** – no error
+-   **400** – bad parameter
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Remove an image
+
+`DELETE /images/(name)`
+
+Remove the image `name` from the filesystem
+
+**Example request**:
+
+        DELETE /images/test HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-type: application/json
+
+        [
+         {"Untagged": "3e2f21a89f"},
+         {"Deleted": "3e2f21a89f"},
+         {"Deleted": "53b4f83ac9"}
+        ]
+
+Query Parameters:
+
+-   **force** – 1/True/true or 0/False/false, default false
+-   **noprune** – 1/True/true or 0/False/false, default false
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Search images
+
+`GET /images/search`
+
+Search for an image on [Docker Hub](https://hub.docker.com).
+
+> **Note**:
+> The response keys have changed from API v1.6 to reflect the JSON
+> sent by the registry server to the docker daemon's request.
+
+**Example request**:
+
+        GET /images/search?term=sshd HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+                {
+                    "description": "",
+                    "is_official": false,
+                    "is_automated": false,
+                    "name": "wma55/u1210sshd",
+                    "star_count": 0
+                },
+                {
+                    "description": "",
+                    "is_official": false,
+                    "is_automated": false,
+                    "name": "jdswinbank/sshd",
+                    "star_count": 0
+                },
+                {
+                    "description": "",
+                    "is_official": false,
+                    "is_automated": false,
+                    "name": "vgauthier/sshd",
+                    "star_count": 0
+                }
+        ...
+        ]
+
+Query Parameters:
+
+-   **term** – term to search
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+## 2.3 Misc
+
+### Build an image from Dockerfile via stdin
+
+`POST /build`
+
+Build an image from Dockerfile via stdin
+
+**Example request**:
+
+        POST /build HTTP/1.1
+
+        {{ TAR STREAM }}
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"stream": "Step 1..."}
+        {"stream": "..."}
+        {"error": "Error...", "errorDetail": {"code": 123, "message": "Error..."}}
+
+    The stream must be a tar archive compressed with one of the
+    following algorithms: identity (no compression), gzip, bzip2, xz.
+
+    The archive must include a file called `Dockerfile`
+    at its root. It may include any number of other files,
+    which will be accessible in the build context (See the [*ADD build
+    command*](../../reference/builder.md#dockerbuilder)).
+
+Query Parameters:
+
+-   **t** – repository name (and optionally a tag) to be applied to
+    the resulting image in case of success
+-   **remote** – git or HTTP/HTTPS URI build source
+-   **q** – suppress verbose build output
+-   **nocache** – do not use the cache when building the image
+-   **rm** - remove intermediate containers after a successful build (default behavior)
+-   **forcerm** - always remove intermediate containers (includes rm)
+
+    Request Headers:
+
+-   **Content-type** – should be set to `"application/tar"`.
+-   **X-Registry-Config** – base64-encoded ConfigFile object
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Check auth configuration
+
+`POST /auth`
+
+Get the default username and email
+
+**Example request**:
+
+        POST /auth HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "username":" hannibal",
+             "password: "xxxx",
+             "email": "hannibal@a-team.com",
+             "serveraddress": "https://index.docker.io/v1/"
+        }
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **204** – no error
+-   **500** – server error
+
+### Display system-wide information
+
+`GET /info`
+
+Display system-wide information
+
+**Example request**:
+
+        GET /info HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+             "Containers": 11,
+             "Images": 16,
+             "Driver": "btrfs",
+             "ExecutionDriver": "native-0.1",
+             "KernelVersion": "3.12.0-1-amd64"
+             "Debug": false,
+             "NFd": 11,
+             "NGoroutines": 21,
+             "NEventsListener": 0,
+             "InitPath": "/usr/bin/docker",
+             "IndexServerAddress": ["https://index.docker.io/v1/"],
+             "MemoryLimit": true,
+             "SwapLimit": false,
+             "IPv4Forwarding": true
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Show the docker version information
+
+`GET /version`
+
+Show the docker version information
+
+**Example request**:
+
+        GET /version HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+             "ApiVersion": "1.12",
+             "Version": "0.2.2",
+             "GitCommit": "5a2a5cc+CHANGES",
+             "GoVersion": "go1.0.3"
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Ping the docker server
+
+`GET /_ping`
+
+Ping the docker server
+
+**Example request**:
+
+        GET /_ping HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: text/plain
+
+        OK
+
+Status Codes:
+
+-   **200** - no error
+-   **500** - server error
+
+### Create a new image from a container's changes
+
+`POST /commit`
+
+Create a new image from a container's changes
+
+**Example request**:
+
+        POST /commit?container=44c004db4b17&comment=message&repo=myrepo HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "Hostname": "",
+             "Domainname": "",
+             "User": "",
+             "Memory": 0,
+             "MemorySwap": 0,
+             "CpuShares": 512,
+             "Cpuset": "0,1",
+             "AttachStdin": false,
+             "AttachStdout": true,
+             "AttachStderr": true,
+             "PortSpecs": null,
+             "Tty": false,
+             "OpenStdin": false,
+             "StdinOnce": false,
+             "Env": null,
+             "Cmd": [
+                     "date"
+             ],
+             "Volumes": {
+                     "/tmp": {}
+             },
+             "WorkingDir": "",
+             "NetworkDisabled": false,
+             "ExposedPorts": {
+                     "22/tcp": {}
+             }
+        }
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: application/json
+
+        {"Id": "596069db4bf5"}
+
+Json Parameters:
+
+-  **config** - the container's configuration
+
+Query Parameters:
+
+-   **container** – source container
+-   **repo** – repository
+-   **tag** – tag
+-   **comment** – commit message
+-   **author** – author (e.g., "John Hannibal Smith
+    <[hannibal@a-team.com](mailto:hannibal%40a-team.com)>")
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Monitor Docker's events
+
+`GET /events`
+
+Get container events from docker, either in real time via streaming, or via
+polling (using since).
+
+Docker containers will report the following events:
+
+    create, destroy, die, export, kill, pause, restart, start, stop, unpause
+
+and Docker images will report:
+
+    untag, delete
+
+**Example request**:
+
+        GET /events?since=1374067924
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"status": "create", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067924}
+        {"status": "start", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067924}
+        {"status": "stop", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067966}
+        {"status": "destroy", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067970}
+
+Query Parameters:
+
+-   **since** – timestamp used for polling
+-   **until** – timestamp used for polling
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images and tags in a repository
+
+`GET /images/(name)/get`
+
+Get a tarball containing all images and metadata for the repository
+specified by `name`.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+        GET /images/ubuntu/get
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/x-tar
+
+        Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Load a tarball with a set of images and tags into docker
+
+`POST /images/load`
+
+Load a set of images and tags into the docker repository.
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+        POST /images/load
+
+        Tarball in body
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Image tarball format
+
+An image tarball contains one directory per image layer (named using its long ID),
+each containing three files:
+
+1. `VERSION`: currently `1.0` - the file format version
+2. `json`: detailed layer information, similar to `docker inspect layer_id`
+3. `layer.tar`: A tarfile containing the filesystem changes in this layer
+
+The `layer.tar` file will contain `aufs` style `.wh..wh.aufs` files and directories
+for storing attribute changes and deletions.
+
+If the tarball defines a repository, there will also be a `repositories` file at
+the root that contains a list of repository and tag names mapped to layer IDs.
+
+```
+{"hello-world":
+    {"latest": "565a9d68a73f6706862bfe8409a7f659776d4d60a8d096eb4a3cbce6999cc2a1"}
+}
+```
+
+# 3. Going further
+
+## 3.1 Inside `docker run`
+
+As an example, the `docker run` command line makes the following API calls:
+
+- Create the container
+
+- If the status code is 404, it means the image doesn't exist:
+    - Try to pull it
+    - Then retry to create the container
+
+- Start the container
+
+- If you are not in detached mode:
+    - Attach to the container, using logs=1 (to have stdout and
+      stderr from the container's start) and stream=1
+
+- If in detached mode or only stdin is attached:
+    - Display the container's id
+
+## 3.2 Hijacking
+
+In this version of the API, /attach, uses hijacking to transport stdin,
+stdout and stderr on the same socket. This might change in the future.
+
+## 3.3 CORS Requests
+
+To enable cross origin requests to the remote api add the flag
+"--api-enable-cors" when running docker in daemon mode.
+
+    $ docker -d -H="192.168.1.9:2375" --api-enable-cors
diff --git a/docs/reference/api/docker_remote_api_v1.15.md b/docs/reference/api/docker_remote_api_v1.15.md
new file mode 100644
index 00000000..f6a860a4
--- /dev/null
+++ b/docs/reference/api/docker_remote_api_v1.15.md
@@ -0,0 +1,1764 @@
+<!--[metadata]>
++++
+title = "Remote API v1.15"
+description = "API Documentation for Docker"
+keywords = ["API, Docker, rcli, REST,  documentation"]
+[menu.main]
+parent = "engine_remoteapi"
+weight = 6
++++
+<![end-metadata]-->
+
+# Docker Remote API v1.15
+
+## 1. Brief introduction
+
+ - The Remote API has replaced `rcli`.
+ - The daemon listens on `unix:///var/run/docker.sock` but you can
+   [Bind Docker to another host/port or a Unix socket](../../quickstart.md#bind-docker-to-another-host-port-or-a-unix-socket).
+ - The API tends to be REST, but for some complex commands, like `attach`
+   or `pull`, the HTTP connection is hijacked to transport `STDOUT`,
+   `STDIN` and `STDERR`.
+
+# 2. Endpoints
+
+## 2.1 Containers
+
+### List containers
+
+`GET /containers/json`
+
+List containers
+
+**Example request**:
+
+        GET /containers/json?all=1&before=8dfafdbc3a40&size=1 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+             {
+                     "Id": "8dfafdbc3a40",
+                     "Names":["/boring_feynman"],
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 1",
+                     "Created": 1367854155,
+                     "Status": "Exit 0",
+                     "Ports": [{"PrivatePort": 2222, "PublicPort": 3333, "Type": "tcp"}],
+                     "SizeRw": 12288,
+                     "SizeRootFs": 0
+             },
+             {
+                     "Id": "9cd87474be90",
+                     "Names":["/coolName"],
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 222222",
+                     "Created": 1367854155,
+                     "Status": "Exit 0",
+                     "Ports": [],
+                     "SizeRw": 12288,
+                     "SizeRootFs": 0
+             },
+             {
+                     "Id": "3176a2479c92",
+                     "Names":["/sleepy_dog"],
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 3333333333333333",
+                     "Created": 1367854154,
+                     "Status": "Exit 0",
+                     "Ports":[],
+                     "SizeRw":12288,
+                     "SizeRootFs":0
+             },
+             {
+                     "Id": "4cb07b47f9fb",
+                     "Names":["/running_cat"],
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 444444444444444444444444444444444",
+                     "Created": 1367854152,
+                     "Status": "Exit 0",
+                     "Ports": [],
+                     "SizeRw": 12288,
+                     "SizeRootFs": 0
+             }
+        ]
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, Show all containers.
+        Only running containers are shown by default (i.e., this defaults to false)
+-   **limit** – Show `limit` last created
+        containers, include non-running ones.
+-   **since** – Show only containers created since Id, include
+        non-running ones.
+-   **before** – Show only containers created before Id, include
+        non-running ones.
+-   **size** – 1/True/true or 0/False/false, Show the containers
+        sizes
+-   **filters** - a json encoded value of the filters (a map[string][]string) to process on the containers list. Available filters:
+  -   exited=&lt;int&gt; -- containers with exit code of &lt;int&gt;
+  -   status=(restarting|running|paused|exited)
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **500** – server error
+
+### Create a container
+
+`POST /containers/create`
+
+Create a container
+
+**Example request**:
+
+        POST /containers/create HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "Hostname": "",
+             "Domainname": "",
+             "User": "",
+             "Memory": 0,
+             "MemorySwap": 0,
+             "CpuShares": 512,
+             "Cpuset": "0,1",
+             "AttachStdin": false,
+             "AttachStdout": true,
+             "AttachStderr": true,
+             "Tty": false,
+             "OpenStdin": false,
+             "StdinOnce": false,
+             "Env": [
+                     "FOO=bar",
+                     "BAZ=quux"
+             ],
+             "Cmd": [
+                     "date"
+             ],
+             "Entrypoint": "",
+             "Image": "ubuntu",
+             "Volumes": {
+                     "/tmp": {}
+             },
+             "WorkingDir": "",
+             "NetworkDisabled": false,
+             "MacAddress": "12:34:56:78:9a:bc",
+             "ExposedPorts": {
+                     "22/tcp": {}
+             },
+             "SecurityOpts": [],
+             "HostConfig": {
+               "Binds": ["/tmp:/tmp"],
+               "Links": ["redis3:redis"],
+               "LxcConf": {"lxc.utsname":"docker"},
+               "PortBindings": { "22/tcp": [{ "HostPort": "11022" }] },
+               "PublishAllPorts": false,
+               "Privileged": false,
+               "Dns": ["8.8.8.8"],
+               "DnsSearch": [""],
+               "ExtraHosts": null,
+               "VolumesFrom": ["parent", "other:ro"],
+               "CapAdd": ["NET_ADMIN"],
+               "CapDrop": ["MKNOD"],
+               "RestartPolicy": { "Name": "", "MaximumRetryCount": 0 },
+               "NetworkMode": "bridge",
+               "Devices": []
+            }
+        }
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: application/json
+
+        {
+             "Id": "f91ddc4b01e079c4481a8340bbbeca4dbd33d6e4a10662e499f8eacbb5bf252b"
+             "Warnings": []
+        }
+
+Json Parameters:
+
+-   **Hostname** - A string value containing the desired hostname to use for the
+      container.
+-   **Domainname** - A string value containing the desired domain name to use
+      for the container.
+-   **User** - A string value containing the user to use inside the container.
+-   **Memory** - Memory limit in bytes.
+-   **MemorySwap** - Total memory limit (memory + swap); set `-1` to enable unlimited swap.
+-   **CpuShares** - An integer value containing the CPU Shares for container
+      (ie. the relative weight vs other containers).
+    **CpuSet** - String value containing the cgroups Cpuset to use.
+-   **AttachStdin** - Boolean value, attaches to stdin.
+-   **AttachStdout** - Boolean value, attaches to stdout.
+-   **AttachStderr** - Boolean value, attaches to stderr.
+-   **Tty** - Boolean value, Attach standard streams to a tty, including stdin if it is not closed.
+-   **OpenStdin** - Boolean value, opens stdin,
+-   **StdinOnce** - Boolean value, close stdin after the 1 attached client disconnects.
+-   **Env** - A list of environment variables in the form of `["VAR=value"[,"VAR2=value2"]]`
+-   **Cmd** - Command to run specified as a string or an array of strings.
+-   **Entrypoint** - Set the entrypoint for the container a string or an array
+      of strings
+-   **Image** - String value containing the image name to use for the container
+-   **Volumes** – An object mapping mountpoint paths (strings) inside the
+        container to empty objects.
+-   **WorkingDir** - A string value containing the working dir for commands to
+      run in.
+-   **NetworkDisabled** - Boolean value, when true disables networking for the
+      container
+-   **ExposedPorts** - An object mapping ports to an empty object in the form of:
+      `"ExposedPorts": { "<port>/<tcp|udp>: {}" }`
+-   **SecurityOpts**: A list of string values to customize labels for MLS
+      systems, such as SELinux.
+-   **HostConfig**
+  -   **Binds** – A list of volume bindings for this container.  Each volume
+          binding is a string of the form `container_path` (to create a new
+          volume for the container), `host_path:container_path` (to bind-mount
+          a host path into the container), or `host_path:container_path:ro`
+          (to make the bind-mount read-only inside the container).
+  -   **Links** - A list of links for the container.  Each link entry should be
+        in the form of "container_name:alias".
+  -   **LxcConf** - LXC specific configurations.  These configurations will only
+        work when using the `lxc` execution driver.
+  -   **PortBindings** - A map of exposed container ports and the host port they
+        should map to. It should be specified in the form
+        `{ <port>/<protocol>: [{ "HostPort": "<port>" }] }`
+        Take note that `port` is specified as a string and not an integer value.
+  -   **PublishAllPorts** - Allocates a random host port for all of a container's
+        exposed ports. Specified as a boolean value.
+  -   **Privileged** - Gives the container full access to the host.  Specified as
+        a boolean value.
+  -   **Dns** - A list of dns servers for the container to use.
+  -   **DnsSearch** - A list of DNS search domains
+  -   **ExtraHosts** - A list of hostnames/IP mappings to be added to the
+      container's `/etc/hosts` file. Specified in the form `["hostname:IP"]`.
+  -   **VolumesFrom** - A list of volumes to inherit from another container.
+        Specified in the form `<container name>[:<ro|rw>]`
+  -   **CapAdd** - A list of kernel capabilities to add to the container.
+  -   **Capdrop** - A list of kernel capabilities to drop from the container.
+  -   **RestartPolicy** – The behavior to apply when the container exits.  The
+          value is an object with a `Name` property of either `"always"` to
+          always restart or `"on-failure"` to restart only when the container
+          exit code is non-zero.  If `on-failure` is used, `MaximumRetryCount`
+          controls the number of times to retry before giving up.
+          The default is not to restart. (optional)
+          An ever increasing delay (double the previous delay, starting at 100mS)
+          is added before each restart to prevent flooding the server.
+  -   **NetworkMode** - Sets the networking mode for the container. Supported
+        values are: `bridge`, `host`, `none`, and `container:<name|id>`
+  -   **Devices** - A list of devices to add to the container specified in the
+        form
+        `{ "PathOnHost": "/dev/deviceName", "PathInContainer": "/dev/deviceName", "CgroupPermissions": "mrw"}`
+
+Query Parameters:
+
+-   **name** – Assign the specified name to the container. Must
+    match `/?[a-zA-Z0-9_-]+`.
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **406** – impossible to attach (container not running)
+-   **500** – server error
+
+### Inspect a container
+
+`GET /containers/(id or name)/json`
+
+Return low-level information on the container `id`
+
+
+**Example request**:
+
+        GET /containers/4fa6e0f0c678/json HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+                     "Id": "4fa6e0f0c6786287e131c3852c58a2e01cc697a68231826813597e4994f1d6e2",
+                     "Created": "2013-05-07T14:51:42.041847+02:00",
+                     "Path": "date",
+                     "Args": [],
+                     "Config": {
+                             "Hostname": "4fa6e0f0c678",
+                             "User": "",
+                             "Memory": 0,
+                             "MemorySwap": 0,
+                             "AttachStdin": false,
+                             "AttachStdout": true,
+                             "AttachStderr": true,
+                             "PortSpecs": null,
+                             "Tty": false,
+                             "OpenStdin": false,
+                             "StdinOnce": false,
+                             "Env": null,
+                             "Cmd": [
+                                     "date"
+                             ],
+                             "Dns": null,
+                             "Image": "ubuntu",
+                             "Volumes": {},
+                             "VolumesFrom": "",
+                             "WorkingDir": ""
+                     },
+                     "State": {
+                             "Running": false,
+                             "Pid": 0,
+                             "ExitCode": 0,
+                             "StartedAt": "2013-05-07T14:51:42.087658+02:01360",
+                             "Ghost": false
+                     },
+                     "Image": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+                     "NetworkSettings": {
+                             "IpAddress": "",
+                             "IpPrefixLen": 0,
+                             "Gateway": "",
+                             "Bridge": "",
+                             "PortMapping": null
+                     },
+                     "SysInitPath": "/home/kitty/go/src/github.com/docker/docker/bin/docker",
+                     "ResolvConfPath": "/etc/resolv.conf",
+                     "Volumes": {},
+                     "HostConfig": {
+                         "Binds": null,
+                         "ContainerIDFile": "",
+                         "LxcConf": [],
+                         "Privileged": false,
+                         "PortBindings": {
+                            "80/tcp": [
+                                {
+                                    "HostIp": "0.0.0.0",
+                                    "HostPort": "49153"
+                                }
+                            ]
+                         },
+                         "Links": ["/name:alias"],
+                         "PublishAllPorts": false,
+                         "CapAdd": ["NET_ADMIN"],
+                         "CapDrop": ["MKNOD"]
+                     }
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### List processes running inside a container
+
+`GET /containers/(id or name)/top`
+
+List processes running inside the container `id`. On Unix systems this
+is done by running the `ps` command. This endpoint is not
+supported on Windows.
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+       "Titles" : [
+         "UID", "PID", "PPID", "C", "STIME", "TTY", "TIME", "CMD"
+       ],
+       "Processes" : [
+         [
+           "root", "13642", "882", "0", "17:03", "pts/0", "00:00:00", "/bin/bash"
+         ],
+         [
+           "root", "13735", "13642", "0", "17:06", "pts/0", "00:00:00", "sleep 10"
+         ]
+       ]
+    }
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top?ps_args=aux HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+      "Titles" : [
+        "USER","PID","%CPU","%MEM","VSZ","RSS","TTY","STAT","START","TIME","COMMAND"
+      ]
+      "Processes" : [
+        [
+          "root","13642","0.0","0.1","18172","3184","pts/0","Ss","17:03","0:00","/bin/bash"
+        ],
+        [
+          "root","13895","0.0","0.0","4348","692","pts/0","S+","17:15","0:00","sleep 10"
+        ]
+      ],
+    }
+
+Query Parameters:
+
+-   **ps_args** – `ps` arguments to use (e.g., `aux`), defaults to `-ef`
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Get container logs
+
+`GET /containers/(id or name)/logs`
+
+Get stdout and stderr logs from the container ``id``
+
+**Example request**:
+
+       GET /containers/4fa6e0f0c678/logs?stderr=1&stdout=1&timestamps=1&follow=1&tail=10 HTTP/1.1
+
+**Example response**:
+
+       HTTP/1.1 200 OK
+       Content-Type: application/vnd.docker.raw-stream
+
+       {{ STREAM }}
+
+Query Parameters:
+
+-   **follow** – 1/True/true or 0/False/false, return stream. Default false
+-   **stdout** – 1/True/true or 0/False/false, show stdout log. Default false
+-   **stderr** – 1/True/true or 0/False/false, show stderr log. Default false
+-   **timestamps** – 1/True/true or 0/False/false, print timestamps for
+        every log line. Default false
+-   **tail** – Output specified number of lines at the end of logs: `all` or `<number>`. Default all
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Inspect changes on a container's filesystem
+
+`GET /containers/(id or name)/changes`
+
+Inspect changes on container `id`'s filesystem
+
+**Example request**:
+
+        GET /containers/4fa6e0f0c678/changes HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+             {
+                     "Path": "/dev",
+                     "Kind": 0
+             },
+             {
+                     "Path": "/dev/kmsg",
+                     "Kind": 1
+             },
+             {
+                     "Path": "/test",
+                     "Kind": 1
+             }
+        ]
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Export a container
+
+`GET /containers/(id or name)/export`
+
+Export the contents of container `id`
+
+**Example request**:
+
+        GET /containers/4fa6e0f0c678/export HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/octet-stream
+
+        {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Resize a container TTY
+
+`GET /containers/(id or name)/resize?h=<height>&w=<width>`
+
+Resize the TTY of container `id`
+
+**Example request**:
+
+        GET /containers/4fa6e0f0c678/resize?h=40&w=80 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Length: 0
+        Content-Type: text/plain; charset=utf-8
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – No such container
+-   **500** – bad file descriptor
+
+### Start a container
+
+`POST /containers/(id or name)/start`
+
+Start the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/start HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "Binds": ["/tmp:/tmp"],
+             "Links": ["redis3:redis"],
+             "LxcConf": {"lxc.utsname":"docker"},
+             "PortBindings": { "22/tcp": [{ "HostPort": "11022" }] },
+             "PublishAllPorts": false,
+             "Privileged": false,
+             "Dns": ["8.8.8.8"],
+             "DnsSearch": [""],
+             "VolumesFrom": ["parent", "other:ro"],
+             "CapAdd": ["NET_ADMIN"],
+             "CapDrop": ["MKNOD"],
+             "RestartPolicy": { "Name": "", "MaximumRetryCount": 0 },
+             "NetworkMode": "bridge",
+             "Devices": []
+        }
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Json Parameters:
+
+-   **Binds** – A list of volume bindings for this container.  Each volume
+        binding is a string of the form `container_path` (to create a new
+        volume for the container), `host_path:container_path` (to bind-mount
+        a host path into the container), or `host_path:container_path:ro`
+        (to make the bind-mount read-only inside the container).
+-   **Links** - A list of links for the container.  Each link entry should be of
+      of the form "container_name:alias".
+-   **LxcConf** - LXC specific configurations.  These configurations will only
+      work when using the `lxc` execution driver.
+-   **PortBindings** - A map of exposed container ports and the host port they
+      should map to. It should be specified in the form
+      `{ <port>/<protocol>: [{ "HostPort": "<port>" }] }`
+      Take note that `port` is specified as a string and not an integer value.
+-   **PublishAllPorts** - Allocates a random host port for all of a container's
+      exposed ports. Specified as a boolean value.
+-   **Privileged** - Gives the container full access to the host.  Specified as
+      a boolean value.
+-   **Dns** - A list of dns servers for the container to use.
+-   **DnsSearch** - A list of DNS search domains
+-   **VolumesFrom** - A list of volumes to inherit from another container.
+      Specified in the form `<container name>[:<ro|rw>]`
+-   **CapAdd** - A list of kernel capabilities to add to the container.
+-   **Capdrop** - A list of kernel capabilities to drop from the container.
+-   **RestartPolicy** – The behavior to apply when the container exits.  The
+        value is an object with a `Name` property of either `"always"` to
+        always restart or `"on-failure"` to restart only when the container
+        exit code is non-zero.  If `on-failure` is used, `MaximumRetryCount`
+        controls the number of times to retry before giving up.
+        The default is not to restart. (optional)
+        An ever increasing delay (double the previous delay, starting at 100mS)
+        is added before each restart to prevent flooding the server.
+-   **NetworkMode** - Sets the networking mode for the container. Supported
+      values are: `bridge`, `host`, `none`, and `container:<name|id>`
+-   **Devices** - A list of devices to add to the container specified in the
+      form
+      `{ "PathOnHost": "/dev/deviceName", "PathInContainer": "/dev/deviceName", "CgroupPermissions": "mrw"}`
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already started
+-   **404** – no such container
+-   **500** – server error
+
+### Stop a container
+
+`POST /containers/(id or name)/stop`
+
+Stop the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/stop?t=5 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already stopped
+-   **404** – no such container
+-   **500** – server error
+
+### Restart a container
+
+`POST /containers/(id or name)/restart`
+
+Restart the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/restart?t=5 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Kill a container
+
+`POST /containers/(id or name)/kill`
+
+Kill the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/kill HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters
+
+-   **signal** - Signal to send to the container: integer or string like "SIGINT".
+        When not set, SIGKILL is assumed and the call will waits for the container to exit.
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Pause a container
+
+`POST /containers/(id or name)/pause`
+
+Pause the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/pause HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Unpause a container
+
+`POST /containers/(id or name)/unpause`
+
+Unpause the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/unpause HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Attach to a container
+
+`POST /containers/(id or name)/attach`
+
+Attach to the container `id`
+
+**Example request**:
+
+        POST /containers/16253994b7c4/attach?logs=1&stream=0&stdout=1 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/vnd.docker.raw-stream
+
+        {{ STREAM }}
+
+Query Parameters:
+
+-   **logs** – 1/True/true or 0/False/false, return logs. Default false
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default false
+-   **stdin** – 1/True/true or 0/False/false, if stream=true, attach
+        to stdin. Default false
+-   **stdout** – 1/True/true or 0/False/false, if logs=true, return
+        stdout log, if stream=true, attach to stdout. Default false
+-   **stderr** – 1/True/true or 0/False/false, if logs=true, return
+        stderr log, if stream=true, attach to stderr. Default false
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+    **Stream details**:
+
+    When using the TTY setting is enabled in
+    [`POST /containers/create`](#create-a-container),
+    the stream is the raw data from the process PTY and client's stdin.
+    When the TTY is disabled, then the stream is multiplexed to separate
+    stdout and stderr.
+
+    The format is a **Header** and a **Payload** (frame).
+
+    **HEADER**
+
+    The header will contain the information on which stream write the
+    stream (stdout or stderr). It also contain the size of the
+    associated frame encoded on the last 4 bytes (uint32).
+
+    It is encoded on the first 8 bytes like this:
+
+        header := [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4}
+
+    `STREAM_TYPE` can be:
+
+-   0: stdin (will be written on stdout)
+-   1: stdout
+-   2: stderr
+
+    `SIZE1, SIZE2, SIZE3, SIZE4` are the 4 bytes of
+    the uint32 size encoded as big endian.
+
+    **PAYLOAD**
+
+    The payload is the raw stream.
+
+    **IMPLEMENTATION**
+
+    The simplest way to implement the Attach protocol is the following:
+
+    1.  Read 8 bytes
+    2.  chose stdout or stderr depending on the first byte
+    3.  Extract the frame size from the last 4 bytes
+    4.  Read the extracted size and output it on the correct output
+    5.  Goto 1
+
+### Attach to a container (websocket)
+
+`GET /containers/(id or name)/attach/ws`
+
+Attach to the container `id` via websocket
+
+Implements websocket protocol handshake according to [RFC 6455](http://tools.ietf.org/html/rfc6455)
+
+**Example request**
+
+        GET /containers/e90e34656806/attach/ws?logs=0&stream=1&stdin=1&stdout=1&stderr=1 HTTP/1.1
+
+**Example response**
+
+        {{ STREAM }}
+
+Query Parameters:
+
+-   **logs** – 1/True/true or 0/False/false, return logs. Default false
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default false
+-   **stdin** – 1/True/true or 0/False/false, if stream=true, attach
+        to stdin. Default false
+-   **stdout** – 1/True/true or 0/False/false, if logs=true, return
+        stdout log, if stream=true, attach to stdout. Default false
+-   **stderr** – 1/True/true or 0/False/false, if logs=true, return
+        stderr log, if stream=true, attach to stderr. Default false
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Wait a container
+
+`POST /containers/(id or name)/wait`
+
+Block until container `id` stops, then returns the exit code
+
+**Example request**:
+
+        POST /containers/16253994b7c4/wait HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"StatusCode": 0}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Remove a container
+
+`DELETE /containers/(id or name)`
+
+Remove the container `id` from the filesystem
+
+**Example request**:
+
+        DELETE /containers/16253994b7c4?v=1 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **v** – 1/True/true or 0/False/false, Remove the volumes
+        associated to the container. Default false
+-   **force** - 1/True/true or 0/False/false, Kill then remove the container.
+        Default false
+
+Status Codes:
+
+-   **204** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Copy files or folders from a container
+
+`POST /containers/(id or name)/copy`
+
+Copy files or folders of container `id`
+
+**Example request**:
+
+        POST /containers/4fa6e0f0c678/copy HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "Resource": "test.txt"
+        }
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/x-tar
+
+        {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+## 2.2 Images
+
+### List Images
+
+`GET /images/json`
+
+**Example request**:
+
+        GET /images/json?all=0 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+          {
+             "RepoTags": [
+               "ubuntu:12.04",
+               "ubuntu:precise",
+               "ubuntu:latest"
+             ],
+             "Id": "8dbd9e392a964056420e5d58ca5cc376ef18e2de93b5cc90e868a1bbc8318c1c",
+             "Created": 1365714795,
+             "Size": 131506275,
+             "VirtualSize": 131506275
+          },
+          {
+             "RepoTags": [
+               "ubuntu:12.10",
+               "ubuntu:quantal"
+             ],
+             "ParentId": "27cf784147099545",
+             "Id": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+             "Created": 1364102658,
+             "Size": 24653,
+             "VirtualSize": 180116135
+          }
+        ]
+
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, default false
+-   **filters** – a json encoded value of the filters (a map[string][]string) to process on the images list. Available filters:
+  -   dangling=true
+-   **filter** - only return images with the specified name
+
+### Create an image
+
+`POST /images/create`
+
+Create an image, either by pulling it from the registry or by importing it
+
+**Example request**:
+
+        POST /images/create?fromImage=ubuntu HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"status": "Pulling..."}
+        {"status": "Pulling", "progress": "1 B/ 100 B", "progressDetail": {"current": 1, "total": 100}}
+        {"error": "Invalid..."}
+        ...
+
+    When using this endpoint to pull an image from the registry, the
+    `X-Registry-Auth` header can be used to include
+    a base64-encoded AuthConfig object.
+
+Query Parameters:
+
+-   **fromImage** – name of the image to pull
+-   **fromSrc** – source to import.  The value may be a URL from which the image
+        can be retrieved or `-` to read the image from the request body.
+-   **repo** – repository
+-   **tag** – tag
+-   **registry** – the registry to pull from
+
+    Request Headers:
+
+-   **X-Registry-Auth** – base64-encoded AuthConfig object
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+
+
+### Inspect an image
+
+`GET /images/(name)/json`
+
+Return low-level information on the image `name`
+
+**Example request**:
+
+        GET /images/ubuntu/json HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+             "Created": "2013-03-23T22:24:18.818426-07:00",
+             "Container": "3d67245a8d72ecf13f33dffac9f79dcdf70f75acb84d308770391510e0c23ad0",
+             "ContainerConfig":
+                     {
+                             "Hostname": "",
+                             "User": "",
+                             "Memory": 0,
+                             "MemorySwap": 0,
+                             "AttachStdin": false,
+                             "AttachStdout": false,
+                             "AttachStderr": false,
+                             "PortSpecs": null,
+                             "Tty": true,
+                             "OpenStdin": true,
+                             "StdinOnce": false,
+                             "Env": null,
+                             "Cmd": ["/bin/bash"],
+                             "Dns": null,
+                             "Image": "ubuntu",
+                             "Volumes": null,
+                             "VolumesFrom": "",
+                             "WorkingDir": ""
+                     },
+             "Id": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+             "Parent": "27cf784147099545",
+             "Size": 6824592
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Get the history of an image
+
+`GET /images/(name)/history`
+
+Return the history of the image `name`
+
+**Example request**:
+
+        GET /images/ubuntu/history HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+             {
+                     "Id": "b750fe79269d",
+                     "Created": 1364102658,
+                     "CreatedBy": "/bin/bash"
+             },
+             {
+                     "Id": "27cf78414709",
+                     "Created": 1364068391,
+                     "CreatedBy": ""
+             }
+        ]
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Push an image on the registry
+
+`POST /images/(name)/push`
+
+Push the image `name` on the registry
+
+**Example request**:
+
+        POST /images/test/push HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"status": "Pushing..."}
+        {"status": "Pushing", "progress": "1/? (n/a)", "progressDetail": {"current": 1}}}
+        {"error": "Invalid..."}
+        ...
+
+    If you wish to push an image on to a private registry, that image must already have been tagged
+    into a repository which references that registry host name and port.  This repository name should
+    then be used in the URL. This mirrors the flow of the CLI.
+
+**Example request**:
+
+        POST /images/registry.acme.com:5000/test/push HTTP/1.1
+
+
+Query Parameters:
+
+-   **tag** – the tag to associate with the image on the registry, optional
+
+Request Headers:
+
+-   **X-Registry-Auth** – include a base64-encoded AuthConfig
+        object.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Tag an image into a repository
+
+`POST /images/(name)/tag`
+
+Tag the image `name` into a repository
+
+**Example request**:
+
+        POST /images/test/tag?repo=myrepo&force=0&tag=v42 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+
+Query Parameters:
+
+-   **repo** – The repository to tag in
+-   **force** – 1/True/true or 0/False/false, default false
+-   **tag** - The new tag name
+
+Status Codes:
+
+-   **201** – no error
+-   **400** – bad parameter
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Remove an image
+
+`DELETE /images/(name)`
+
+Remove the image `name` from the filesystem
+
+**Example request**:
+
+        DELETE /images/test HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-type: application/json
+
+        [
+         {"Untagged": "3e2f21a89f"},
+         {"Deleted": "3e2f21a89f"},
+         {"Deleted": "53b4f83ac9"}
+        ]
+
+Query Parameters:
+
+-   **force** – 1/True/true or 0/False/false, default false
+-   **noprune** – 1/True/true or 0/False/false, default false
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Search images
+
+`GET /images/search`
+
+Search for an image on [Docker Hub](https://hub.docker.com).
+
+> **Note**:
+> The response keys have changed from API v1.6 to reflect the JSON
+> sent by the registry server to the docker daemon's request.
+
+**Example request**:
+
+        GET /images/search?term=sshd HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+                {
+                    "description": "",
+                    "is_official": false,
+                    "is_automated": false,
+                    "name": "wma55/u1210sshd",
+                    "star_count": 0
+                },
+                {
+                    "description": "",
+                    "is_official": false,
+                    "is_automated": false,
+                    "name": "jdswinbank/sshd",
+                    "star_count": 0
+                },
+                {
+                    "description": "",
+                    "is_official": false,
+                    "is_automated": false,
+                    "name": "vgauthier/sshd",
+                    "star_count": 0
+                }
+        ...
+        ]
+
+Query Parameters:
+
+-   **term** – term to search
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+## 2.3 Misc
+
+### Build an image from Dockerfile via stdin
+
+`POST /build`
+
+Build an image from Dockerfile via stdin
+
+**Example request**:
+
+        POST /build HTTP/1.1
+
+        {{ TAR STREAM }}
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"stream": "Step 1..."}
+        {"stream": "..."}
+        {"error": "Error...", "errorDetail": {"code": 123, "message": "Error..."}}
+
+    The stream must be a tar archive compressed with one of the
+    following algorithms: identity (no compression), gzip, bzip2, xz.
+
+    The archive must include a file called `Dockerfile`
+    at its root. It may include any number of other files,
+    which will be accessible in the build context (See the [*ADD build
+    command*](../../reference/builder.md#dockerbuilder)).
+
+Query Parameters:
+
+-   **t** – repository name (and optionally a tag) to be applied to
+        the resulting image in case of success
+-   **remote** – git or HTTP/HTTPS URI build source
+-   **q** – suppress verbose build output
+-   **nocache** – do not use the cache when building the image
+-   **rm** - remove intermediate containers after a successful build (default behavior)
+-   **forcerm** - always remove intermediate containers (includes rm)
+
+    Request Headers:
+
+-   **Content-type** – should be set to `"application/tar"`.
+-   **X-Registry-Config** – base64-encoded ConfigFile object
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Check auth configuration
+
+`POST /auth`
+
+Get the default username and email
+
+**Example request**:
+
+        POST /auth HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "username":" hannibal",
+             "password: "xxxx",
+             "email": "hannibal@a-team.com",
+             "serveraddress": "https://index.docker.io/v1/"
+        }
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **204** – no error
+-   **500** – server error
+
+### Display system-wide information
+
+`GET /info`
+
+Display system-wide information
+
+**Example request**:
+
+        GET /info HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+             "Containers": 11,
+             "Images": 16,
+             "Driver": "btrfs",
+             "ExecutionDriver": "native-0.1",
+             "KernelVersion": "3.12.0-1-amd64"
+             "Debug": false,
+             "NFd": 11,
+             "NGoroutines": 21,
+             "NEventsListener": 0,
+             "InitPath": "/usr/bin/docker",
+             "IndexServerAddress": ["https://index.docker.io/v1/"],
+             "MemoryLimit": true,
+             "SwapLimit": false,
+             "IPv4Forwarding": true
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Show the docker version information
+
+`GET /version`
+
+Show the docker version information
+
+**Example request**:
+
+        GET /version HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+             "ApiVersion": "1.12",
+             "Version": "0.2.2",
+             "GitCommit": "5a2a5cc+CHANGES",
+             "GoVersion": "go1.0.3"
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Ping the docker server
+
+`GET /_ping`
+
+Ping the docker server
+
+**Example request**:
+
+        GET /_ping HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: text/plain
+
+        OK
+
+Status Codes:
+
+-   **200** - no error
+-   **500** - server error
+
+### Create a new image from a container's changes
+
+`POST /commit`
+
+Create a new image from a container's changes
+
+**Example request**:
+
+        POST /commit?container=44c004db4b17&comment=message&repo=myrepo HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "Hostname": "",
+             "Domainname": "",
+             "User": "",
+             "Memory": 0,
+             "MemorySwap": 0,
+             "CpuShares": 512,
+             "Cpuset": "0,1",
+             "AttachStdin": false,
+             "AttachStdout": true,
+             "AttachStderr": true,
+             "PortSpecs": null,
+             "Tty": false,
+             "OpenStdin": false,
+             "StdinOnce": false,
+             "Env": null,
+             "Cmd": [
+                     "date"
+             ],
+             "Volumes": {
+                     "/tmp": {}
+             },
+             "WorkingDir": "",
+             "NetworkDisabled": false,
+             "ExposedPorts": {
+                     "22/tcp": {}
+             }
+        }
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: application/json
+
+        {"Id": "596069db4bf5"}
+
+Json Parameters:
+
+-  **config** - the container's configuration
+
+Query Parameters:
+
+-   **container** – source container
+-   **repo** – repository
+-   **tag** – tag
+-   **comment** – commit message
+-   **author** – author (e.g., "John Hannibal Smith
+    <[hannibal@a-team.com](mailto:hannibal%40a-team.com)>")
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Monitor Docker's events
+
+`GET /events`
+
+Get container events from docker, either in real time via streaming, or via
+polling (using since).
+
+Docker containers will report the following events:
+
+    create, destroy, die, export, kill, pause, restart, start, stop, unpause
+
+and Docker images will report:
+
+    untag, delete
+
+**Example request**:
+
+        GET /events?since=1374067924
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"status": "create", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067924}
+        {"status": "start", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067924}
+        {"status": "stop", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067966}
+        {"status": "destroy", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067970}
+
+Query Parameters:
+
+-   **since** – timestamp used for polling
+-   **until** – timestamp used for polling
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images in a repository
+
+`GET /images/(name)/get`
+
+Get a tarball containing all images and metadata for the repository specified
+by `name`.
+
+If `name` is a specific name and tag (e.g. ubuntu:latest), then only that image
+(and its parents) are returned. If `name` is an image ID, similarly only that
+image (and its parents) are returned, but with the exclusion of the
+'repositories' file in the tarball, as there were no image names referenced.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+        GET /images/ubuntu/get
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/x-tar
+
+        Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images.
+
+`GET /images/get`
+
+Get a tarball containing all images and metadata for one or more repositories.
+
+For each value of the `names` parameter: if it is a specific name and tag (e.g.
+ubuntu:latest), then only that image (and its parents) are returned; if it is
+an image ID, similarly only that image (and its parents) are returned and there
+would be no names referenced in the 'repositories' file for this image ID.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+        GET /images/get?names=myname%2Fmyapp%3Alatest&names=busybox
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/x-tar
+
+        Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Load a tarball with a set of images and tags into docker
+
+`POST /images/load`
+
+Load a set of images and tags into the docker repository.
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+        POST /images/load
+
+        Tarball in body
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Image tarball format
+
+An image tarball contains one directory per image layer (named using its long ID),
+each containing three files:
+
+1. `VERSION`: currently `1.0` - the file format version
+2. `json`: detailed layer information, similar to `docker inspect layer_id`
+3. `layer.tar`: A tarfile containing the filesystem changes in this layer
+
+The `layer.tar` file will contain `aufs` style `.wh..wh.aufs` files and directories
+for storing attribute changes and deletions.
+
+If the tarball defines a repository, there will also be a `repositories` file at
+the root that contains a list of repository and tag names mapped to layer IDs.
+
+```
+{"hello-world":
+    {"latest": "565a9d68a73f6706862bfe8409a7f659776d4d60a8d096eb4a3cbce6999cc2a1"}
+}
+```
+
+### Exec Create
+
+`POST /containers/(id or name)/exec`
+
+Sets up an exec instance in a running container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/exec HTTP/1.1
+        Content-Type: application/json
+
+        {
+	     "AttachStdin": false,
+	     "AttachStdout": true,
+	     "AttachStderr": true,
+	     "Tty": false,
+	     "Cmd": [
+                     "date"
+             ],
+        }
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: application/json
+
+        {
+             "Id": "f90e34656806"
+        }
+
+Json Parameters:
+
+-   **AttachStdin** - Boolean value, attaches to stdin of the exec command.
+-   **AttachStdout** - Boolean value, attaches to stdout of the exec command.
+-   **AttachStderr** - Boolean value, attaches to stderr of the exec command.
+-   **Tty** - Boolean value to allocate a pseudo-TTY
+-   **Cmd** - Command to run specified as a string or an array of strings.
+
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+
+### Exec Start
+
+`POST /exec/(id)/start`
+
+Starts a previously set up exec instance `id`. If `detach` is true, this API
+returns after starting the `exec` command. Otherwise, this API sets up an
+interactive session with the `exec` command.
+
+**Example request**:
+
+        POST /exec/e90e34656806/start HTTP/1.1
+        Content-Type: application/json
+
+        {
+	     "Detach": false,
+	     "Tty": false,
+        }
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/vnd.docker.raw-stream
+
+        {{ STREAM }}
+
+Json Parameters:
+
+-   **Detach** - Detach from the exec command
+-   **Tty** - Boolean value to allocate a pseudo-TTY
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such exec instance
+
+    **Stream details**:
+    Similar to the stream behavior of `POST /containers/(id or name)/attach` API
+
+### Exec Resize
+
+`POST /exec/(id)/resize`
+
+Resizes the tty session used by the exec command `id`.
+This API is valid only if `tty` was specified as part of creating and starting the exec command.
+
+**Example request**:
+
+        POST /exec/e90e34656806/resize HTTP/1.1
+        Content-Type: plain/text
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: plain/text
+
+Query Parameters:
+
+-   **h** – height of tty session
+-   **w** – width
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such exec instance
+
+# 3. Going further
+
+## 3.1 Inside `docker run`
+
+As an example, the `docker run` command line makes the following API calls:
+
+- Create the container
+
+- If the status code is 404, it means the image doesn't exist:
+    - Try to pull it
+    - Then retry to create the container
+
+- Start the container
+
+- If you are not in detached mode:
+- Attach to the container, using logs=1 (to have stdout and
+      stderr from the container's start) and stream=1
+
+- If in detached mode or only stdin is attached:
+- Display the container's id
+
+## 3.2 Hijacking
+
+In this version of the API, /attach, uses hijacking to transport stdin,
+stdout and stderr on the same socket. This might change in the future.
+
+## 3.3 CORS Requests
+
+To enable cross origin requests to the remote api add the flag
+"--api-enable-cors" when running docker in daemon mode.
+
+    $ docker -d -H="192.168.1.9:2375" --api-enable-cors
diff --git a/docs/reference/api/docker_remote_api_v1.16.md b/docs/reference/api/docker_remote_api_v1.16.md
new file mode 100644
index 00000000..630da701
--- /dev/null
+++ b/docs/reference/api/docker_remote_api_v1.16.md
@@ -0,0 +1,1834 @@
+<!--[metadata]>
++++
+title = "Remote API v1.16"
+description = "API Documentation for Docker"
+keywords = ["API, Docker, rcli, REST,  documentation"]
+[menu.main]
+parent = "engine_remoteapi"
+weight = 5
++++
+<![end-metadata]-->
+
+# Docker Remote API v1.16
+
+## 1. Brief introduction
+
+ - The Remote API has replaced `rcli`.
+ - The daemon listens on `unix:///var/run/docker.sock` but you can
+   [Bind Docker to another host/port or a Unix socket](../../quickstart.md#bind-docker-to-another-host-port-or-a-unix-socket).
+ - The API tends to be REST, but for some complex commands, like `attach`
+   or `pull`, the HTTP connection is hijacked to transport `STDOUT`,
+   `STDIN` and `STDERR`.
+
+# 2. Endpoints
+
+## 2.1 Containers
+
+### List containers
+
+`GET /containers/json`
+
+List containers
+
+**Example request**:
+
+        GET /containers/json?all=1&before=8dfafdbc3a40&size=1 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+             {
+                     "Id": "8dfafdbc3a40",
+                     "Names":["/boring_feynman"],
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 1",
+                     "Created": 1367854155,
+                     "Status": "Exit 0",
+                     "Ports": [{"PrivatePort": 2222, "PublicPort": 3333, "Type": "tcp"}],
+                     "SizeRw": 12288,
+                     "SizeRootFs": 0
+             },
+             {
+                     "Id": "9cd87474be90",
+                     "Names":["/coolName"],
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 222222",
+                     "Created": 1367854155,
+                     "Status": "Exit 0",
+                     "Ports": [],
+                     "SizeRw": 12288,
+                     "SizeRootFs": 0
+             },
+             {
+                     "Id": "3176a2479c92",
+                     "Names":["/sleep_dog"],
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 3333333333333333",
+                     "Created": 1367854154,
+                     "Status": "Exit 0",
+                     "Ports":[],
+                     "SizeRw":12288,
+                     "SizeRootFs":0
+             },
+             {
+                     "Id": "4cb07b47f9fb",
+                     "Names":["/running_cat"],
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 444444444444444444444444444444444",
+                     "Created": 1367854152,
+                     "Status": "Exit 0",
+                     "Ports": [],
+                     "SizeRw": 12288,
+                     "SizeRootFs": 0
+             }
+        ]
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, Show all containers.
+        Only running containers are shown by default (i.e., this defaults to false)
+-   **limit** – Show `limit` last created
+        containers, include non-running ones.
+-   **since** – Show only containers created since Id, include
+        non-running ones.
+-   **before** – Show only containers created before Id, include
+        non-running ones.
+-   **size** – 1/True/true or 0/False/false, Show the containers
+        sizes
+-   **filters** - a json encoded value of the filters (a map[string][]string) to process on the containers list. Available filters:
+  -   exited=&lt;int&gt; -- containers with exit code of &lt;int&gt;
+  -   status=(restarting|running|paused|exited)
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **500** – server error
+
+### Create a container
+
+`POST /containers/create`
+
+Create a container
+
+**Example request**:
+
+        POST /containers/create HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "Hostname": "",
+             "Domainname": "",
+             "User": "",
+             "Memory": 0,
+             "MemorySwap": 0,
+             "CpuShares": 512,
+             "Cpuset": "0,1",
+             "AttachStdin": false,
+             "AttachStdout": true,
+             "AttachStderr": true,
+             "Tty": false,
+             "OpenStdin": false,
+             "StdinOnce": false,
+             "Env": [
+                     "FOO=bar",
+                     "BAZ=quux"
+             ],
+             "Cmd": [
+                     "date"
+             ],
+             "Entrypoint": "",
+             "Image": "ubuntu",
+             "Volumes": {
+                     "/tmp": {}
+             },
+             "WorkingDir": "",
+             "NetworkDisabled": false,
+             "MacAddress": "12:34:56:78:9a:bc",
+             "ExposedPorts": {
+                     "22/tcp": {}
+             },
+             "SecurityOpts": [],
+             "HostConfig": {
+               "Binds": ["/tmp:/tmp"],
+               "Links": ["redis3:redis"],
+               "LxcConf": {"lxc.utsname":"docker"},
+               "PortBindings": { "22/tcp": [{ "HostPort": "11022" }] },
+               "PublishAllPorts": false,
+               "Privileged": false,
+               "Dns": ["8.8.8.8"],
+               "DnsSearch": [""],
+               "ExtraHosts": null,
+               "VolumesFrom": ["parent", "other:ro"],
+               "CapAdd": ["NET_ADMIN"],
+               "CapDrop": ["MKNOD"],
+               "RestartPolicy": { "Name": "", "MaximumRetryCount": 0 },
+               "NetworkMode": "bridge",
+               "Devices": []
+            }
+        }
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: application/json
+
+        {
+             "Id":"e90e34656806"
+             "Warnings":[]
+        }
+
+Json Parameters:
+
+-   **Hostname** - A string value containing the desired hostname to use for the
+      container.
+-   **Domainname** - A string value containing the desired domain name to use
+      for the container.
+-   **User** - A string value containing the user to use inside the container.
+-   **Memory** - Memory limit in bytes.
+-   **MemorySwap** - Total memory limit (memory + swap); set `-1` to enable unlimited swap.
+-   **CpuShares** - An integer value containing the CPU Shares for container
+      (ie. the relative weight vs other containers).
+    **CpuSet** - String value containing the cgroups Cpuset to use.
+-   **AttachStdin** - Boolean value, attaches to stdin.
+-   **AttachStdout** - Boolean value, attaches to stdout.
+-   **AttachStderr** - Boolean value, attaches to stderr.
+-   **Tty** - Boolean value, Attach standard streams to a tty, including stdin if it is not closed.
+-   **OpenStdin** - Boolean value, opens stdin,
+-   **StdinOnce** - Boolean value, close stdin after the 1 attached client disconnects.
+-   **Env** - A list of environment variables in the form of `["VAR=value"[,"VAR2=value2"]]`
+-   **Cmd** - Command to run specified as a string or an array of strings.
+-   **Entrypoint** - Set the entrypoint for the container a string or an array
+      of strings
+-   **Image** - String value containing the image name to use for the container
+-   **Volumes** – An object mapping mountpoint paths (strings) inside the
+        container to empty objects.
+-   **WorkingDir** - A string value containing the working dir for commands to
+      run in.
+-   **NetworkDisabled** - Boolean value, when true disables networking for the
+      container
+-   **ExposedPorts** - An object mapping ports to an empty object in the form of:
+      `"ExposedPorts": { "<port>/<tcp|udp>: {}" }`
+-   **SecurityOpts**: A list of string values to customize labels for MLS
+      systems, such as SELinux.
+-   **HostConfig**
+  -   **Binds** – A list of volume bindings for this container.  Each volume
+          binding is a string of the form `container_path` (to create a new
+          volume for the container), `host_path:container_path` (to bind-mount
+          a host path into the container), or `host_path:container_path:ro`
+          (to make the bind-mount read-only inside the container).
+  -   **Links** - A list of links for the container.  Each link entry should be
+        in the form of "container_name:alias".
+  -   **LxcConf** - LXC specific configurations.  These configurations will only
+        work when using the `lxc` execution driver.
+  -   **PortBindings** - A map of exposed container ports and the host port they
+        should map to. It should be specified in the form
+        `{ <port>/<protocol>: [{ "HostPort": "<port>" }] }`
+        Take note that `port` is specified as a string and not an integer value.
+  -   **PublishAllPorts** - Allocates a random host port for all of a container's
+        exposed ports. Specified as a boolean value.
+  -   **Privileged** - Gives the container full access to the host.  Specified as
+        a boolean value.
+  -   **Dns** - A list of dns servers for the container to use.
+  -   **DnsSearch** - A list of DNS search domains
+  -   **ExtraHosts** - A list of hostnames/IP mappings to be added to the
+      container's `/etc/hosts` file. Specified in the form `["hostname:IP"]`.
+  -   **VolumesFrom** - A list of volumes to inherit from another container.
+        Specified in the form `<container name>[:<ro|rw>]`
+  -   **CapAdd** - A list of kernel capabilities to add to the container.
+  -   **Capdrop** - A list of kernel capabilities to drop from the container.
+  -   **RestartPolicy** – The behavior to apply when the container exits.  The
+          value is an object with a `Name` property of either `"always"` to
+          always restart or `"on-failure"` to restart only when the container
+          exit code is non-zero.  If `on-failure` is used, `MaximumRetryCount`
+          controls the number of times to retry before giving up.
+          The default is not to restart. (optional)
+          An ever increasing delay (double the previous delay, starting at 100mS)
+          is added before each restart to prevent flooding the server.
+  -   **NetworkMode** - Sets the networking mode for the container. Supported
+        values are: `bridge`, `host`, `none`, and `container:<name|id>`
+  -   **Devices** - A list of devices to add to the container specified in the
+        form
+        `{ "PathOnHost": "/dev/deviceName", "PathInContainer": "/dev/deviceName", "CgroupPermissions": "mrw"}`
+
+Query Parameters:
+
+-   **name** – Assign the specified name to the container. Must
+    match `/?[a-zA-Z0-9_-]+`.
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **406** – impossible to attach (container not running)
+-   **500** – server error
+
+### Inspect a container
+
+`GET /containers/(id or name)/json`
+
+Return low-level information on the container `id`
+
+
+**Example request**:
+
+        GET /containers/4fa6e0f0c678/json HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+                     "Id": "4fa6e0f0c6786287e131c3852c58a2e01cc697a68231826813597e4994f1d6e2",
+                     "Created": "2013-05-07T14:51:42.041847+02:00",
+                     "Path": "date",
+                     "Args": [],
+                     "Config": {
+                             "Hostname": "4fa6e0f0c678",
+                             "User": "",
+                             "Memory": 0,
+                             "MemorySwap": 0,
+                             "AttachStdin": false,
+                             "AttachStdout": true,
+                             "AttachStderr": true,
+                             "PortSpecs": null,
+                             "Tty": false,
+                             "OpenStdin": false,
+                             "StdinOnce": false,
+                             "Env": null,
+                             "Cmd": [
+                                     "date"
+                             ],
+                             "Dns": null,
+                             "Image": "ubuntu",
+                             "Volumes": {},
+                             "VolumesFrom": "",
+                             "WorkingDir": ""
+                     },
+                     "State": {
+                             "Running": false,
+                             "Pid": 0,
+                             "ExitCode": 0,
+                             "StartedAt": "2013-05-07T14:51:42.087658+02:01360",
+                             "Ghost": false
+                     },
+                     "Image": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+                     "NetworkSettings": {
+                             "IpAddress": "",
+                             "IpPrefixLen": 0,
+                             "Gateway": "",
+                             "Bridge": "",
+                             "PortMapping": null
+                     },
+                     "SysInitPath": "/home/kitty/go/src/github.com/docker/docker/bin/docker",
+                     "ResolvConfPath": "/etc/resolv.conf",
+                     "Volumes": {},
+                     "HostConfig": {
+                         "Binds": null,
+                         "ContainerIDFile": "",
+                         "LxcConf": [],
+                         "Privileged": false,
+                         "PortBindings": {
+                            "80/tcp": [
+                                {
+                                    "HostIp": "0.0.0.0",
+                                    "HostPort": "49153"
+                                }
+                            ]
+                         },
+                         "Links": ["/name:alias"],
+                         "PublishAllPorts": false,
+                         "CapAdd": ["NET_ADMIN"],
+                         "CapDrop": ["MKNOD"]
+                     }
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### List processes running inside a container
+
+`GET /containers/(id or name)/top`
+
+List processes running inside the container `id`. On Unix systems this
+is done by running the `ps` command. This endpoint is not
+supported on Windows.
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+       "Titles" : [
+         "UID", "PID", "PPID", "C", "STIME", "TTY", "TIME", "CMD"
+       ],
+       "Processes" : [
+         [
+           "root", "13642", "882", "0", "17:03", "pts/0", "00:00:00", "/bin/bash"
+         ],
+         [
+           "root", "13735", "13642", "0", "17:06", "pts/0", "00:00:00", "sleep 10"
+         ]
+       ]
+    }
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top?ps_args=aux HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+      "Titles" : [
+        "USER","PID","%CPU","%MEM","VSZ","RSS","TTY","STAT","START","TIME","COMMAND"
+      ]
+      "Processes" : [
+        [
+          "root","13642","0.0","0.1","18172","3184","pts/0","Ss","17:03","0:00","/bin/bash"
+        ],
+        [
+          "root","13895","0.0","0.0","4348","692","pts/0","S+","17:15","0:00","sleep 10"
+        ]
+      ],
+    }
+
+Query Parameters:
+
+-   **ps_args** – `ps` arguments to use (e.g., `aux`), defaults to `-ef`
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Get container logs
+
+`GET /containers/(id or name)/logs`
+
+Get stdout and stderr logs from the container ``id``
+
+**Example request**:
+
+       GET /containers/4fa6e0f0c678/logs?stderr=1&stdout=1&timestamps=1&follow=1&tail=10 HTTP/1.1
+
+**Example response**:
+
+       HTTP/1.1 200 OK
+       Content-Type: application/vnd.docker.raw-stream
+
+       {{ STREAM }}
+
+Query Parameters:
+
+-   **follow** – 1/True/true or 0/False/false, return stream. Default false
+-   **stdout** – 1/True/true or 0/False/false, show stdout log. Default false
+-   **stderr** – 1/True/true or 0/False/false, show stderr log. Default false
+-   **timestamps** – 1/True/true or 0/False/false, print timestamps for
+        every log line. Default false
+-   **tail** – Output specified number of lines at the end of logs: `all` or `<number>`. Default all
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Inspect changes on a container's filesystem
+
+`GET /containers/(id or name)/changes`
+
+Inspect changes on container `id`'s filesystem
+
+**Example request**:
+
+        GET /containers/4fa6e0f0c678/changes HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+             {
+                     "Path": "/dev",
+                     "Kind": 0
+             },
+             {
+                     "Path": "/dev/kmsg",
+                     "Kind": 1
+             },
+             {
+                     "Path": "/test",
+                     "Kind": 1
+             }
+        ]
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Export a container
+
+`GET /containers/(id or name)/export`
+
+Export the contents of container `id`
+
+**Example request**:
+
+        GET /containers/4fa6e0f0c678/export HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/octet-stream
+
+        {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Resize a container TTY
+
+`POST /containers/(id or name)/resize?h=<height>&w=<width>`
+
+Resize the TTY for container with  `id`. The container must be restarted for the resize to take effect.
+
+**Example request**:
+
+        POST /containers/4fa6e0f0c678/resize?h=40&w=80 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Length: 0
+        Content-Type: text/plain; charset=utf-8
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – No such container
+-   **500** – Cannot resize container
+
+### Start a container
+
+`POST /containers/(id or name)/start`
+
+Start the container `id`
+
+> **Note**:
+> For backwards compatibility, this endpoint accepts a `HostConfig` as JSON-encoded request body.
+> See [create a container](#create-a-container) for details.
+
+**Example request**:
+
+        POST /containers/e90e34656806/start HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already started
+-   **404** – no such container
+-   **500** – server error
+
+### Stop a container
+
+`POST /containers/(id or name)/stop`
+
+Stop the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/stop?t=5 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already stopped
+-   **404** – no such container
+-   **500** – server error
+
+### Restart a container
+
+`POST /containers/(id or name)/restart`
+
+Restart the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/restart?t=5 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Kill a container
+
+`POST /containers/(id or name)/kill`
+
+Kill the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/kill HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters
+
+-   **signal** - Signal to send to the container: integer or string like "SIGINT".
+        When not set, SIGKILL is assumed and the call will waits for the container to exit.
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Pause a container
+
+`POST /containers/(id or name)/pause`
+
+Pause the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/pause HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Unpause a container
+
+`POST /containers/(id or name)/unpause`
+
+Unpause the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/unpause HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Attach to a container
+
+`POST /containers/(id or name)/attach`
+
+Attach to the container `id`
+
+**Example request**:
+
+        POST /containers/16253994b7c4/attach?logs=1&stream=0&stdout=1 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/vnd.docker.raw-stream
+
+        {{ STREAM }}
+
+Query Parameters:
+
+-   **logs** – 1/True/true or 0/False/false, return logs. Default false
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default false
+-   **stdin** – 1/True/true or 0/False/false, if stream=true, attach
+        to stdin. Default false
+-   **stdout** – 1/True/true or 0/False/false, if logs=true, return
+        stdout log, if stream=true, attach to stdout. Default false
+-   **stderr** – 1/True/true or 0/False/false, if logs=true, return
+        stderr log, if stream=true, attach to stderr. Default false
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+    **Stream details**:
+
+    When using the TTY setting is enabled in
+    [`POST /containers/create`
+    ](#create-a-container),
+    the stream is the raw data from the process PTY and client's stdin.
+    When the TTY is disabled, then the stream is multiplexed to separate
+    stdout and stderr.
+
+    The format is a **Header** and a **Payload** (frame).
+
+    **HEADER**
+
+    The header will contain the information on which stream write the
+    stream (stdout or stderr). It also contain the size of the
+    associated frame encoded on the last 4 bytes (uint32).
+
+    It is encoded on the first 8 bytes like this:
+
+        header := [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4}
+
+    `STREAM_TYPE` can be:
+
+-   0: stdin (will be written on stdout)
+-   1: stdout
+-   2: stderr
+
+    `SIZE1, SIZE2, SIZE3, SIZE4` are the 4 bytes of
+    the uint32 size encoded as big endian.
+
+    **PAYLOAD**
+
+    The payload is the raw stream.
+
+    **IMPLEMENTATION**
+
+    The simplest way to implement the Attach protocol is the following:
+
+    1.  Read 8 bytes
+    2.  chose stdout or stderr depending on the first byte
+    3.  Extract the frame size from the last 4 bytes
+    4.  Read the extracted size and output it on the correct output
+    5.  Goto 1
+
+### Attach to a container (websocket)
+
+`GET /containers/(id or name)/attach/ws`
+
+Attach to the container `id` via websocket
+
+Implements websocket protocol handshake according to [RFC 6455](http://tools.ietf.org/html/rfc6455)
+
+**Example request**
+
+        GET /containers/e90e34656806/attach/ws?logs=0&stream=1&stdin=1&stdout=1&stderr=1 HTTP/1.1
+
+**Example response**
+
+        {{ STREAM }}
+
+Query Parameters:
+
+-   **logs** – 1/True/true or 0/False/false, return logs. Default false
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default false
+-   **stdin** – 1/True/true or 0/False/false, if stream=true, attach
+        to stdin. Default false
+-   **stdout** – 1/True/true or 0/False/false, if logs=true, return
+        stdout log, if stream=true, attach to stdout. Default false
+-   **stderr** – 1/True/true or 0/False/false, if logs=true, return
+        stderr log, if stream=true, attach to stderr. Default false
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Wait a container
+
+`POST /containers/(id or name)/wait`
+
+Block until container `id` stops, then returns the exit code
+
+**Example request**:
+
+        POST /containers/16253994b7c4/wait HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"StatusCode": 0}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Remove a container
+
+`DELETE /containers/(id or name)`
+
+Remove the container `id` from the filesystem
+
+**Example request**:
+
+        DELETE /containers/16253994b7c4?v=1 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **v** – 1/True/true or 0/False/false, Remove the volumes
+        associated to the container. Default false
+-   **force** - 1/True/true or 0/False/false, Kill then remove the container.
+        Default false
+
+Status Codes:
+
+-   **204** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Copy files or folders from a container
+
+`POST /containers/(id or name)/copy`
+
+Copy files or folders of container `id`
+
+**Example request**:
+
+        POST /containers/4fa6e0f0c678/copy HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "Resource": "test.txt"
+        }
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/x-tar
+
+        {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+## 2.2 Images
+
+### List Images
+
+`GET /images/json`
+
+**Example request**:
+
+        GET /images/json?all=0 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+          {
+             "RepoTags": [
+               "ubuntu:12.04",
+               "ubuntu:precise",
+               "ubuntu:latest"
+             ],
+             "Id": "8dbd9e392a964056420e5d58ca5cc376ef18e2de93b5cc90e868a1bbc8318c1c",
+             "Created": 1365714795,
+             "Size": 131506275,
+             "VirtualSize": 131506275
+          },
+          {
+             "RepoTags": [
+               "ubuntu:12.10",
+               "ubuntu:quantal"
+             ],
+             "ParentId": "27cf784147099545",
+             "Id": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+             "Created": 1364102658,
+             "Size": 24653,
+             "VirtualSize": 180116135
+          }
+        ]
+
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, default false
+-   **filters** – a json encoded value of the filters (a map[string][]string) to process on the images list. Available filters:
+  -   dangling=true
+-   **filter** - only return images with the specified name
+
+### Create an image
+
+`POST /images/create`
+
+Create an image, either by pulling it from the registry or by importing it
+
+**Example request**:
+
+        POST /images/create?fromImage=ubuntu HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"status": "Pulling..."}
+        {"status": "Pulling", "progress": "1 B/ 100 B", "progressDetail": {"current": 1, "total": 100}}
+        {"error": "Invalid..."}
+        ...
+
+    When using this endpoint to pull an image from the registry, the
+    `X-Registry-Auth` header can be used to include
+    a base64-encoded AuthConfig object.
+
+Query Parameters:
+
+-   **fromImage** – name of the image to pull
+-   **fromSrc** – source to import.  The value may be a URL from which the image
+        can be retrieved or `-` to read the image from the request body.
+-   **repo** – repository
+-   **tag** – tag
+-   **registry** – the registry to pull from
+
+    Request Headers:
+
+-   **X-Registry-Auth** – base64-encoded AuthConfig object
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+
+
+### Inspect an image
+
+`GET /images/(name)/json`
+
+Return low-level information on the image `name`
+
+**Example request**:
+
+        GET /images/ubuntu/json HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+             "Created": "2013-03-23T22:24:18.818426-07:00",
+             "Container": "3d67245a8d72ecf13f33dffac9f79dcdf70f75acb84d308770391510e0c23ad0",
+             "ContainerConfig":
+                     {
+                             "Hostname": "",
+                             "User": "",
+                             "Memory": 0,
+                             "MemorySwap": 0,
+                             "AttachStdin": false,
+                             "AttachStdout": false,
+                             "AttachStderr": false,
+                             "PortSpecs": null,
+                             "Tty": true,
+                             "OpenStdin": true,
+                             "StdinOnce": false,
+                             "Env": null,
+                             "Cmd": ["/bin/bash"],
+                             "Dns": null,
+                             "Image": "ubuntu",
+                             "Volumes": null,
+                             "VolumesFrom": "",
+                             "WorkingDir": ""
+                     },
+             "Id": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+             "Parent": "27cf784147099545",
+             "Size": 6824592
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Get the history of an image
+
+`GET /images/(name)/history`
+
+Return the history of the image `name`
+
+**Example request**:
+
+        GET /images/ubuntu/history HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+             {
+                     "Id": "b750fe79269d",
+                     "Created": 1364102658,
+                     "CreatedBy": "/bin/bash"
+             },
+             {
+                     "Id": "27cf78414709",
+                     "Created": 1364068391,
+                     "CreatedBy": ""
+             }
+        ]
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Push an image on the registry
+
+`POST /images/(name)/push`
+
+Push the image `name` on the registry
+
+**Example request**:
+
+        POST /images/test/push HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"status": "Pushing..."}
+        {"status": "Pushing", "progress": "1/? (n/a)", "progressDetail": {"current": 1}}}
+        {"error": "Invalid..."}
+        ...
+
+    If you wish to push an image on to a private registry, that image must already have been tagged
+    into a repository which references that registry host name and port.  This repository name should
+    then be used in the URL. This mirrors the flow of the CLI.
+
+**Example request**:
+
+        POST /images/registry.acme.com:5000/test/push HTTP/1.1
+
+
+Query Parameters:
+
+-   **tag** – the tag to associate with the image on the registry, optional
+
+Request Headers:
+
+-   **X-Registry-Auth** – include a base64-encoded AuthConfig
+        object.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Tag an image into a repository
+
+`POST /images/(name)/tag`
+
+Tag the image `name` into a repository
+
+**Example request**:
+
+        POST /images/test/tag?repo=myrepo&force=0&tag=v42 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+
+Query Parameters:
+
+-   **repo** – The repository to tag in
+-   **force** – 1/True/true or 0/False/false, default false
+-   **tag** - The new tag name
+
+Status Codes:
+
+-   **201** – no error
+-   **400** – bad parameter
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Remove an image
+
+`DELETE /images/(name)`
+
+Remove the image `name` from the filesystem
+
+**Example request**:
+
+        DELETE /images/test HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-type: application/json
+
+        [
+         {"Untagged": "3e2f21a89f"},
+         {"Deleted": "3e2f21a89f"},
+         {"Deleted": "53b4f83ac9"}
+        ]
+
+Query Parameters:
+
+-   **force** – 1/True/true or 0/False/false, default false
+-   **noprune** – 1/True/true or 0/False/false, default false
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Search images
+
+`GET /images/search`
+
+Search for an image on [Docker Hub](https://hub.docker.com).
+
+> **Note**:
+> The response keys have changed from API v1.6 to reflect the JSON
+> sent by the registry server to the docker daemon's request.
+
+**Example request**:
+
+        GET /images/search?term=sshd HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+                {
+                    "description": "",
+                    "is_official": false,
+                    "is_automated": false,
+                    "name": "wma55/u1210sshd",
+                    "star_count": 0
+                },
+                {
+                    "description": "",
+                    "is_official": false,
+                    "is_automated": false,
+                    "name": "jdswinbank/sshd",
+                    "star_count": 0
+                },
+                {
+                    "description": "",
+                    "is_official": false,
+                    "is_automated": false,
+                    "name": "vgauthier/sshd",
+                    "star_count": 0
+                }
+        ...
+        ]
+
+Query Parameters:
+
+-   **term** – term to search
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+## 2.3 Misc
+
+### Build an image from Dockerfile via stdin
+
+`POST /build`
+
+Build an image from Dockerfile via stdin
+
+**Example request**:
+
+        POST /build HTTP/1.1
+
+        {{ TAR STREAM }}
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"stream": "Step 1..."}
+        {"stream": "..."}
+        {"error": "Error...", "errorDetail": {"code": 123, "message": "Error..."}}
+
+    The stream must be a tar archive compressed with one of the
+    following algorithms: identity (no compression), gzip, bzip2, xz.
+
+    The archive must include a file called `Dockerfile`
+    at its root. It may include any number of other files,
+    which will be accessible in the build context (See the [*ADD build
+    command*](../../reference/builder.md#dockerbuilder)).
+
+Query Parameters:
+
+-   **t** – repository name (and optionally a tag) to be applied to
+        the resulting image in case of success
+-   **remote** – git or HTTP/HTTPS URI build source
+-   **q** – suppress verbose build output
+-   **nocache** – do not use the cache when building the image
+-   **pull** - attempt to pull the image even if an older image exists locally
+-   **rm** - remove intermediate containers after a successful build (default behavior)
+-   **forcerm** - always remove intermediate containers (includes rm)
+
+    Request Headers:
+
+-   **Content-type** – should be set to `"application/tar"`.
+-   **X-Registry-Config** – base64-encoded ConfigFile object
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Check auth configuration
+
+`POST /auth`
+
+Get the default username and email
+
+**Example request**:
+
+        POST /auth HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "username":" hannibal",
+             "password: "xxxx",
+             "email": "hannibal@a-team.com",
+             "serveraddress": "https://index.docker.io/v1/"
+        }
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **204** – no error
+-   **500** – server error
+
+### Display system-wide information
+
+`GET /info`
+
+Display system-wide information
+
+**Example request**:
+
+        GET /info HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+             "Containers":11,
+             "Images":16,
+             "Driver":"btrfs",
+             "DriverStatus": [[""]],
+             "ExecutionDriver":"native-0.1",
+             "KernelVersion":"3.12.0-1-amd64"
+             "NCPU":1,
+             "MemTotal":2099236864,
+             "Name":"prod-server-42",
+             "ID":"7TRN:IPZB:QYBB:VPBQ:UMPP:KARE:6ZNR:XE6T:7EWV:PKF4:ZOJD:TPYS",
+             "Debug":false,
+             "NFd": 11,
+             "NGoroutines":21,
+             "NEventsListener":0,
+             "InitPath":"/usr/bin/docker",
+             "InitSha1":"",
+             "IndexServerAddress":["https://index.docker.io/v1/"],
+             "MemoryLimit":true,
+             "SwapLimit":false,
+             "IPv4Forwarding":true,
+             "Labels":["storage=ssd"],
+             "DockerRootDir": "/var/lib/docker",
+             "OperatingSystem": "Boot2Docker",
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Show the docker version information
+
+`GET /version`
+
+Show the docker version information
+
+**Example request**:
+
+        GET /version HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+             "ApiVersion": "1.12",
+             "Version": "0.2.2",
+             "GitCommit": "5a2a5cc+CHANGES",
+             "GoVersion": "go1.0.3"
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Ping the docker server
+
+`GET /_ping`
+
+Ping the docker server
+
+**Example request**:
+
+        GET /_ping HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: text/plain
+
+        OK
+
+Status Codes:
+
+-   **200** - no error
+-   **500** - server error
+
+### Create a new image from a container's changes
+
+`POST /commit`
+
+Create a new image from a container's changes
+
+**Example request**:
+
+        POST /commit?container=44c004db4b17&comment=message&repo=myrepo HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "Hostname": "",
+             "Domainname": "",
+             "User": "",
+             "Memory": 0,
+             "MemorySwap": 0,
+             "CpuShares": 512,
+             "Cpuset": "0,1",
+             "AttachStdin": false,
+             "AttachStdout": true,
+             "AttachStderr": true,
+             "PortSpecs": null,
+             "Tty": false,
+             "OpenStdin": false,
+             "StdinOnce": false,
+             "Env": null,
+             "Cmd": [
+                     "date"
+             ],
+             "Volumes": {
+                     "/tmp": {}
+             },
+             "WorkingDir": "",
+             "NetworkDisabled": false,
+             "ExposedPorts": {
+                     "22/tcp": {}
+             }
+        }
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: application/json
+
+        {"Id": "596069db4bf5"}
+
+Json Parameters:
+
+-  **config** - the container's configuration
+
+Query Parameters:
+
+-   **container** – source container
+-   **repo** – repository
+-   **tag** – tag
+-   **comment** – commit message
+-   **author** – author (e.g., "John Hannibal Smith
+    <[hannibal@a-team.com](mailto:hannibal%40a-team.com)>")
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Monitor Docker's events
+
+`GET /events`
+
+Get container events from docker, either in real time via streaming, or via
+polling (using since).
+
+Docker containers will report the following events:
+
+    create, destroy, die, export, kill, pause, restart, start, stop, unpause
+
+and Docker images will report:
+
+    untag, delete
+
+**Example request**:
+
+        GET /events?since=1374067924
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"status": "create", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067924}
+        {"status": "start", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067924}
+        {"status": "stop", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067966}
+        {"status": "destroy", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067970}
+
+Query Parameters:
+
+-   **since** – timestamp used for polling
+-   **until** – timestamp used for polling
+-   **filters** – a json encoded value of the filters (a map[string][]string) to process on the event list. Available filters:
+  -   event=&lt;string&gt; -- event to filter
+  -   image=&lt;string&gt; -- image to filter
+  -   container=&lt;string&gt; -- container to filter
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images in a repository
+
+`GET /images/(name)/get`
+
+Get a tarball containing all images and metadata for the repository specified
+by `name`.
+
+If `name` is a specific name and tag (e.g. ubuntu:latest), then only that image
+(and its parents) are returned. If `name` is an image ID, similarly only that
+image (and its parents) are returned, but with the exclusion of the
+'repositories' file in the tarball, as there were no image names referenced.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+        GET /images/ubuntu/get
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/x-tar
+
+        Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images.
+
+`GET /images/get`
+
+Get a tarball containing all images and metadata for one or more repositories.
+
+For each value of the `names` parameter: if it is a specific name and tag (e.g.
+ubuntu:latest), then only that image (and its parents) are returned; if it is
+an image ID, similarly only that image (and its parents) are returned and there
+would be no names referenced in the 'repositories' file for this image ID.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+        GET /images/get?names=myname%2Fmyapp%3Alatest&names=busybox
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/x-tar
+
+        Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Load a tarball with a set of images and tags into docker
+
+`POST /images/load`
+
+Load a set of images and tags into the docker repository.
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+        POST /images/load
+
+        Tarball in body
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Image tarball format
+
+An image tarball contains one directory per image layer (named using its long ID),
+each containing three files:
+
+1. `VERSION`: currently `1.0` - the file format version
+2. `json`: detailed layer information, similar to `docker inspect layer_id`
+3. `layer.tar`: A tarfile containing the filesystem changes in this layer
+
+The `layer.tar` file will contain `aufs` style `.wh..wh.aufs` files and directories
+for storing attribute changes and deletions.
+
+If the tarball defines a repository, there will also be a `repositories` file at
+the root that contains a list of repository and tag names mapped to layer IDs.
+
+```
+{"hello-world":
+    {"latest": "565a9d68a73f6706862bfe8409a7f659776d4d60a8d096eb4a3cbce6999cc2a1"}
+}
+```
+
+### Exec Create
+
+`POST /containers/(id or name)/exec`
+
+Sets up an exec instance in a running container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/exec HTTP/1.1
+        Content-Type: application/json
+
+        {
+	     "AttachStdin": false,
+	     "AttachStdout": true,
+	     "AttachStderr": true,
+	     "Tty": false,
+	     "Cmd": [
+                     "date"
+             ],
+        }
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: application/json
+
+        {
+             "Id": "f90e34656806"
+        }
+
+Json Parameters:
+
+-   **AttachStdin** - Boolean value, attaches to stdin of the exec command.
+-   **AttachStdout** - Boolean value, attaches to stdout of the exec command.
+-   **AttachStderr** - Boolean value, attaches to stderr of the exec command.
+-   **Tty** - Boolean value to allocate a pseudo-TTY
+-   **Cmd** - Command to run specified as a string or an array of strings.
+
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+
+### Exec Start
+
+`POST /exec/(id)/start`
+
+Starts a previously set up exec instance `id`. If `detach` is true, this API
+returns after starting the `exec` command. Otherwise, this API sets up an
+interactive session with the `exec` command.
+
+**Example request**:
+
+        POST /exec/e90e34656806/start HTTP/1.1
+        Content-Type: application/json
+
+        {
+	     "Detach": false,
+	     "Tty": false,
+        }
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/vnd.docker.raw-stream
+
+        {{ STREAM }}
+
+Json Parameters:
+
+-   **Detach** - Detach from the exec command
+-   **Tty** - Boolean value to allocate a pseudo-TTY
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such exec instance
+
+    **Stream details**:
+    Similar to the stream behavior of `POST /containers/(id or name)/attach` API
+
+### Exec Resize
+
+`POST /exec/(id)/resize`
+
+Resizes the tty session used by the exec command `id`.
+This API is valid only if `tty` was specified as part of creating and starting the exec command.
+
+**Example request**:
+
+        POST /exec/e90e34656806/resize HTTP/1.1
+        Content-Type: plain/text
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: plain/text
+
+Query Parameters:
+
+-   **h** – height of tty session
+-   **w** – width
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such exec instance
+
+### Exec Inspect
+
+`GET /exec/(id)/json`
+
+Return low-level information about the exec command `id`.
+
+**Example request**:
+
+        GET /exec/11fb006128e8ceb3942e7c58d77750f24210e35f879dd204ac975c184b820b39/json HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: plain/text
+
+        {
+          "ID" : "11fb006128e8ceb3942e7c58d77750f24210e35f879dd204ac975c184b820b39",
+          "Running" : false,
+          "ExitCode" : 2,
+          "ProcessConfig" : {
+            "privileged" : false,
+            "user" : "",
+            "tty" : false,
+            "entrypoint" : "sh",
+            "arguments" : [
+              "-c",
+              "exit 2"
+            ]
+          },
+          "OpenStdin" : false,
+          "OpenStderr" : false,
+          "OpenStdout" : false,
+          "Container" : {
+            "State" : {
+              "Running" : true,
+              "Paused" : false,
+              "Restarting" : false,
+              "OOMKilled" : false,
+              "Pid" : 3650,
+              "ExitCode" : 0,
+              "Error" : "",
+              "StartedAt" : "2014-11-17T22:26:03.717657531Z",
+              "FinishedAt" : "0001-01-01T00:00:00Z"
+            },
+            "ID" : "8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c",
+            "Created" : "2014-11-17T22:26:03.626304998Z",
+            "Path" : "date",
+            "Args" : [],
+            "Config" : {
+              "Hostname" : "8f177a186b97",
+              "Domainname" : "",
+              "User" : "",
+              "Memory" : 0,
+              "MemorySwap" : 0,
+              "CpuShares" : 0,
+              "Cpuset" : "",
+              "AttachStdin" : false,
+              "AttachStdout" : false,
+              "AttachStderr" : false,
+              "PortSpecs" : null,
+              "ExposedPorts" : null,
+              "Tty" : false,
+              "OpenStdin" : false,
+              "StdinOnce" : false,
+              "Env" : [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ],
+              "Cmd" : [
+                "date"
+              ],
+              "Image" : "ubuntu",
+              "Volumes" : null,
+              "WorkingDir" : "",
+              "Entrypoint" : null,
+              "NetworkDisabled" : false,
+              "MacAddress" : "",
+              "OnBuild" : null,
+              "SecurityOpt" : null
+            },
+            "Image" : "5506de2b643be1e6febbf3b8a240760c6843244c41e12aa2f60ccbb7153d17f5",
+            "NetworkSettings" : {
+              "IPAddress" : "172.17.0.2",
+              "IPPrefixLen" : 16,
+              "MacAddress" : "02:42:ac:11:00:02",
+              "Gateway" : "172.17.42.1",
+              "Bridge" : "docker0",
+              "PortMapping" : null,
+              "Ports" : {}
+            },
+            "ResolvConfPath" : "/var/lib/docker/containers/8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c/resolv.conf",
+            "HostnamePath" : "/var/lib/docker/containers/8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c/hostname",
+            "HostsPath" : "/var/lib/docker/containers/8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c/hosts",
+            "Name" : "/test",
+            "Driver" : "aufs",
+            "ExecDriver" : "native-0.2",
+            "MountLabel" : "",
+            "ProcessLabel" : "",
+            "AppArmorProfile" : "",
+            "RestartCount" : 0,
+            "Volumes" : {},
+            "VolumesRW" : {}
+          }
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such exec instance
+-   **500** - server error
+
+# 3. Going further
+
+## 3.1 Inside `docker run`
+
+As an example, the `docker run` command line makes the following API calls:
+
+- Create the container
+
+- If the status code is 404, it means the image doesn't exist:
+    - Try to pull it
+    - Then retry to create the container
+
+- Start the container
+
+- If you are not in detached mode:
+- Attach to the container, using logs=1 (to have stdout and
+      stderr from the container's start) and stream=1
+
+- If in detached mode or only stdin is attached:
+- Display the container's id
+
+## 3.2 Hijacking
+
+In this version of the API, /attach, uses hijacking to transport stdin,
+stdout and stderr on the same socket. This might change in the future.
+
+## 3.3 CORS Requests
+
+To enable cross origin requests to the remote api add the flag
+"--api-enable-cors" when running docker in daemon mode.
+
+    $ docker -d -H="192.168.1.9:2375" --api-enable-cors
diff --git a/docs/reference/api/docker_remote_api_v1.17.md b/docs/reference/api/docker_remote_api_v1.17.md
new file mode 100644
index 00000000..9baa758c
--- /dev/null
+++ b/docs/reference/api/docker_remote_api_v1.17.md
@@ -0,0 +1,2008 @@
+<!--[metadata]>
++++
+title = "Remote API v1.17"
+description = "API Documentation for Docker"
+keywords = ["API, Docker, rcli, REST,  documentation"]
+[menu.main]
+parent = "engine_remoteapi"
+weight = 4
++++
+<![end-metadata]-->
+
+# Docker Remote API v1.17
+
+## 1. Brief introduction
+
+ - The Remote API has replaced `rcli`.
+ - The daemon listens on `unix:///var/run/docker.sock` but you can
+   [Bind Docker to another host/port or a Unix socket](../../quickstart.md#bind-docker-to-another-host-port-or-a-unix-socket).
+ - The API tends to be REST, but for some complex commands, like `attach`
+   or `pull`, the HTTP connection is hijacked to transport `STDOUT`,
+   `STDIN` and `STDERR`.
+
+# 2. Endpoints
+
+## 2.1 Containers
+
+### List containers
+
+`GET /containers/json`
+
+List containers
+
+**Example request**:
+
+        GET /containers/json?all=1&before=8dfafdbc3a40&size=1 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+             {
+                     "Id": "8dfafdbc3a40",
+                     "Names":["/boring_feynman"],
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 1",
+                     "Created": 1367854155,
+                     "Status": "Exit 0",
+                     "Ports": [{"PrivatePort": 2222, "PublicPort": 3333, "Type": "tcp"}],
+                     "SizeRw": 12288,
+                     "SizeRootFs": 0
+             },
+             {
+                     "Id": "9cd87474be90",
+                     "Names":["/coolName"],
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 222222",
+                     "Created": 1367854155,
+                     "Status": "Exit 0",
+                     "Ports": [],
+                     "SizeRw": 12288,
+                     "SizeRootFs": 0
+             },
+             {
+                     "Id": "3176a2479c92",
+                     "Names":["/sleepy_dog"],
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 3333333333333333",
+                     "Created": 1367854154,
+                     "Status": "Exit 0",
+                     "Ports":[],
+                     "SizeRw":12288,
+                     "SizeRootFs":0
+             },
+             {
+                     "Id": "4cb07b47f9fb",
+                     "Names":["/running_cat"],
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 444444444444444444444444444444444",
+                     "Created": 1367854152,
+                     "Status": "Exit 0",
+                     "Ports": [],
+                     "SizeRw": 12288,
+                     "SizeRootFs": 0
+             }
+        ]
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, Show all containers.
+        Only running containers are shown by default (i.e., this defaults to false)
+-   **limit** – Show `limit` last created
+        containers, include non-running ones.
+-   **since** – Show only containers created since Id, include
+        non-running ones.
+-   **before** – Show only containers created before Id, include
+        non-running ones.
+-   **size** – 1/True/true or 0/False/false, Show the containers
+        sizes
+-   **filters** - a json encoded value of the filters (a map[string][]string) to process on the containers list. Available filters:
+  -   exited=&lt;int&gt; -- containers with exit code of &lt;int&gt;
+  -   status=(restarting|running|paused|exited)
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **500** – server error
+
+### Create a container
+
+`POST /containers/create`
+
+Create a container
+
+**Example request**:
+
+        POST /containers/create HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "Hostname": "",
+             "Domainname": "",
+             "User": "",
+             "Memory": 0,
+             "MemorySwap": 0,
+             "CpuShares": 512,
+             "Cpuset": "0,1",
+             "AttachStdin": false,
+             "AttachStdout": true,
+             "AttachStderr": true,
+             "Tty": false,
+             "OpenStdin": false,
+             "StdinOnce": false,
+             "Env": [
+                     "FOO=bar",
+                     "BAZ=quux"
+             ],
+             "Cmd": [
+                     "date"
+             ],
+             "Entrypoint": "",
+             "Image": "ubuntu",
+             "Volumes": {
+                     "/tmp": {}
+             },
+             "WorkingDir": "",
+             "NetworkDisabled": false,
+             "MacAddress": "12:34:56:78:9a:bc",
+             "ExposedPorts": {
+                     "22/tcp": {}
+             },
+             "HostConfig": {
+               "Binds": ["/tmp:/tmp"],
+               "Links": ["redis3:redis"],
+               "LxcConf": {"lxc.utsname":"docker"},
+               "PortBindings": { "22/tcp": [{ "HostPort": "11022" }] },
+               "PublishAllPorts": false,
+               "Privileged": false,
+               "ReadonlyRootfs": false,
+               "Dns": ["8.8.8.8"],
+               "DnsSearch": [""],
+               "ExtraHosts": null,
+               "VolumesFrom": ["parent", "other:ro"],
+               "CapAdd": ["NET_ADMIN"],
+               "CapDrop": ["MKNOD"],
+               "RestartPolicy": { "Name": "", "MaximumRetryCount": 0 },
+               "NetworkMode": "bridge",
+               "Devices": [],
+               "SecurityOpt": []
+            }
+        }
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: application/json
+
+        {
+             "Id":"e90e34656806",
+             "Warnings":[]
+        }
+
+Json Parameters:
+
+-   **Hostname** - A string value containing the desired hostname to use for the
+      container.
+-   **Domainname** - A string value containing the desired domain name to use
+      for the container.
+-   **User** - A string value containing the user to use inside the container.
+-   **Memory** - Memory limit in bytes.
+-   **MemorySwap** - Total memory limit (memory + swap); set `-1` to enable unlimited swap.
+      You must use this with `memory` and make the swap value larger than `memory`.
+-   **CpuShares** - An integer value containing the CPU Shares for container
+      (ie. the relative weight vs other containers).
+    **CpuSet** - String value containing the cgroups Cpuset to use.
+-   **AttachStdin** - Boolean value, attaches to stdin.
+-   **AttachStdout** - Boolean value, attaches to stdout.
+-   **AttachStderr** - Boolean value, attaches to stderr.
+-   **Tty** - Boolean value, Attach standard streams to a tty, including stdin if it is not closed.
+-   **OpenStdin** - Boolean value, opens stdin,
+-   **StdinOnce** - Boolean value, close stdin after the 1 attached client disconnects.
+-   **Env** - A list of environment variables in the form of `["VAR=value"[,"VAR2=value2"]]`
+-   **Cmd** - Command to run specified as a string or an array of strings.
+-   **Entrypoint** - Set the entrypoint for the container a string or an array
+      of strings
+-   **Image** - String value containing the image name to use for the container
+-   **Volumes** – An object mapping mountpoint paths (strings) inside the
+        container to empty objects.
+-   **WorkingDir** - A string value containing the working dir for commands to
+      run in.
+-   **NetworkDisabled** - Boolean value, when true disables networking for the
+      container
+-   **ExposedPorts** - An object mapping ports to an empty object in the form of:
+      `"ExposedPorts": { "<port>/<tcp|udp>: {}" }`
+-   **HostConfig**
+  -   **Binds** – A list of volume bindings for this container.  Each volume
+          binding is a string of the form `container_path` (to create a new
+          volume for the container), `host_path:container_path` (to bind-mount
+          a host path into the container), or `host_path:container_path:ro`
+          (to make the bind-mount read-only inside the container).
+  -   **Links** - A list of links for the container.  Each link entry should be
+        in the form of "container_name:alias".
+  -   **LxcConf** - LXC specific configurations.  These configurations will only
+        work when using the `lxc` execution driver.
+  -   **PortBindings** - A map of exposed container ports and the host port they
+        should map to. It should be specified in the form
+        `{ <port>/<protocol>: [{ "HostPort": "<port>" }] }`
+        Take note that `port` is specified as a string and not an integer value.
+  -   **PublishAllPorts** - Allocates a random host port for all of a container's
+        exposed ports. Specified as a boolean value.
+  -   **Privileged** - Gives the container full access to the host.  Specified as
+        a boolean value.
+  -   **ReadonlyRootfs** - Mount the container's root filesystem as read only.
+        Specified as a boolean value.
+  -   **Dns** - A list of dns servers for the container to use.
+  -   **DnsSearch** - A list of DNS search domains
+  -   **ExtraHosts** - A list of hostnames/IP mappings to be added to the
+      container's `/etc/hosts` file. Specified in the form `["hostname:IP"]`.
+  -   **VolumesFrom** - A list of volumes to inherit from another container.
+        Specified in the form `<container name>[:<ro|rw>]`
+  -   **CapAdd** - A list of kernel capabilities to add to the container.
+  -   **Capdrop** - A list of kernel capabilities to drop from the container.
+  -   **RestartPolicy** – The behavior to apply when the container exits.  The
+          value is an object with a `Name` property of either `"always"` to
+          always restart or `"on-failure"` to restart only when the container
+          exit code is non-zero.  If `on-failure` is used, `MaximumRetryCount`
+          controls the number of times to retry before giving up.
+          The default is not to restart. (optional)
+          An ever increasing delay (double the previous delay, starting at 100mS)
+          is added before each restart to prevent flooding the server.
+  -   **NetworkMode** - Sets the networking mode for the container. Supported
+        values are: `bridge`, `host`, `none`, and `container:<name|id>`
+  -   **Devices** - A list of devices to add to the container specified in the
+        form
+        `{ "PathOnHost": "/dev/deviceName", "PathInContainer": "/dev/deviceName", "CgroupPermissions": "mrw"}`
+  -   **SecurityOpt**: A list of string values to customize labels for MLS
+        systems, such as SELinux.
+
+Query Parameters:
+
+-   **name** – Assign the specified name to the container. Must
+    match `/?[a-zA-Z0-9_-]+`.
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **406** – impossible to attach (container not running)
+-   **500** – server error
+
+### Inspect a container
+
+`GET /containers/(id or name)/json`
+
+Return low-level information on the container `id`
+
+
+**Example request**:
+
+        GET /containers/4fa6e0f0c678/json HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+	{
+		"AppArmorProfile": "",
+		"Args": [
+			"-c",
+			"exit 9"
+		],
+		"Config": {
+			"AttachStderr": true,
+			"AttachStdin": false,
+			"AttachStdout": true,
+			"Cmd": [
+				"/bin/sh",
+				"-c",
+				"exit 9"
+			],
+			"CpuShares": 0,
+			"Cpuset": "",
+			"Domainname": "",
+			"Entrypoint": null,
+			"Env": [
+				"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+			],
+			"ExposedPorts": null,
+			"Hostname": "ba033ac44011",
+			"Image": "ubuntu",
+			"MacAddress": "",
+			"Memory": 0,
+			"MemorySwap": 0,
+			"NetworkDisabled": false,
+			"OnBuild": null,
+			"OpenStdin": false,
+			"PortSpecs": null,
+			"StdinOnce": false,
+			"Tty": false,
+			"User": "",
+			"Volumes": null,
+			"WorkingDir": ""
+		},
+		"Created": "2015-01-06T15:47:31.485331387Z",
+		"Driver": "devicemapper",
+		"ExecDriver": "native-0.2",
+		"ExecIDs": null,
+		"HostConfig": {
+			"Binds": null,
+			"CapAdd": null,
+			"CapDrop": null,
+			"ContainerIDFile": "",
+			"Devices": [],
+			"Dns": null,
+			"DnsSearch": null,
+			"ExtraHosts": null,
+			"IpcMode": "",
+			"Links": null,
+			"LxcConf": [],
+			"NetworkMode": "bridge",
+			"PortBindings": {},
+			"Privileged": false,
+			"ReadonlyRootfs": false,
+			"PublishAllPorts": false,
+			"RestartPolicy": {
+				"MaximumRetryCount": 2,
+				"Name": "on-failure"
+			},
+			"SecurityOpt": null,
+			"VolumesFrom": null
+		},
+		"HostnamePath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/hostname",
+		"HostsPath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/hosts",
+		"Id": "ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39",
+		"Image": "04c5d3b7b0656168630d3ba35d8889bd0e9caafcaeb3004d2bfbc47e7c5d35d2",
+		"MountLabel": "",
+		"Name": "/boring_euclid",
+		"NetworkSettings": {
+			"Bridge": "",
+			"Gateway": "",
+			"IPAddress": "",
+			"IPPrefixLen": 0,
+			"MacAddress": "",
+			"PortMapping": null,
+			"Ports": null
+		},
+		"Path": "/bin/sh",
+		"ProcessLabel": "",
+		"ResolvConfPath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/resolv.conf",
+		"RestartCount": 1,
+		"State": {
+			"Error": "",
+			"ExitCode": 9,
+			"FinishedAt": "2015-01-06T15:47:32.080254511Z",
+			"OOMKilled": false,
+			"Paused": false,
+			"Pid": 0,
+			"Restarting": false,
+			"Running": false,
+			"StartedAt": "2015-01-06T15:47:32.072697474Z"
+		},
+		"Volumes": {},
+		"VolumesRW": {}
+	}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### List processes running inside a container
+
+`GET /containers/(id or name)/top`
+
+List processes running inside the container `id`. On Unix systems this
+is done by running the `ps` command. This endpoint is not
+supported on Windows.
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+       "Titles" : [
+         "UID", "PID", "PPID", "C", "STIME", "TTY", "TIME", "CMD"
+       ],
+       "Processes" : [
+         [
+           "root", "13642", "882", "0", "17:03", "pts/0", "00:00:00", "/bin/bash"
+         ],
+         [
+           "root", "13735", "13642", "0", "17:06", "pts/0", "00:00:00", "sleep 10"
+         ]
+       ]
+    }
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top?ps_args=aux HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+      "Titles" : [
+        "USER","PID","%CPU","%MEM","VSZ","RSS","TTY","STAT","START","TIME","COMMAND"
+      ]
+      "Processes" : [
+        [
+          "root","13642","0.0","0.1","18172","3184","pts/0","Ss","17:03","0:00","/bin/bash"
+        ],
+        [
+          "root","13895","0.0","0.0","4348","692","pts/0","S+","17:15","0:00","sleep 10"
+        ]
+      ],
+    }
+
+Query Parameters:
+
+-   **ps_args** – `ps` arguments to use (e.g., `aux`), defaults to `-ef`
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Get container logs
+
+`GET /containers/(id or name)/logs`
+
+Get stdout and stderr logs from the container ``id``
+
+**Example request**:
+
+       GET /containers/4fa6e0f0c678/logs?stderr=1&stdout=1&timestamps=1&follow=1&tail=10 HTTP/1.1
+
+**Example response**:
+
+       HTTP/1.1 101 UPGRADED
+       Content-Type: application/vnd.docker.raw-stream
+       Connection: Upgrade
+       Upgrade: tcp
+
+       {{ STREAM }}
+
+Query Parameters:
+
+-   **follow** – 1/True/true or 0/False/false, return stream. Default false
+-   **stdout** – 1/True/true or 0/False/false, show stdout log. Default false
+-   **stderr** – 1/True/true or 0/False/false, show stderr log. Default false
+-   **timestamps** – 1/True/true or 0/False/false, print timestamps for
+        every log line. Default false
+-   **tail** – Output specified number of lines at the end of logs: `all` or `<number>`. Default all
+
+Status Codes:
+
+-   **101** – no error, hints proxy about hijacking
+-   **200** – no error, no upgrade header found
+-   **404** – no such container
+-   **500** – server error
+
+### Inspect changes on a container's filesystem
+
+`GET /containers/(id or name)/changes`
+
+Inspect changes on container `id`'s filesystem
+
+**Example request**:
+
+        GET /containers/4fa6e0f0c678/changes HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+             {
+                     "Path": "/dev",
+                     "Kind": 0
+             },
+             {
+                     "Path": "/dev/kmsg",
+                     "Kind": 1
+             },
+             {
+                     "Path": "/test",
+                     "Kind": 1
+             }
+        ]
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Export a container
+
+`GET /containers/(id or name)/export`
+
+Export the contents of container `id`
+
+**Example request**:
+
+        GET /containers/4fa6e0f0c678/export HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/octet-stream
+
+        {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Get container stats based on resource usage
+
+`GET /containers/(id or name)/stats`
+
+This endpoint returns a live stream of a container's resource usage statistics.
+
+**Example request**:
+
+        GET /containers/redis1/stats HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+           "read" : "2015-01-08T22:57:31.547920715Z",
+           "network" : {
+              "rx_dropped" : 0,
+              "rx_bytes" : 648,
+              "rx_errors" : 0,
+              "tx_packets" : 8,
+              "tx_dropped" : 0,
+              "rx_packets" : 8,
+              "tx_errors" : 0,
+              "tx_bytes" : 648
+           },
+           "memory_stats" : {
+              "stats" : {
+                 "total_pgmajfault" : 0,
+                 "cache" : 0,
+                 "mapped_file" : 0,
+                 "total_inactive_file" : 0,
+                 "pgpgout" : 414,
+                 "rss" : 6537216,
+                 "total_mapped_file" : 0,
+                 "writeback" : 0,
+                 "unevictable" : 0,
+                 "pgpgin" : 477,
+                 "total_unevictable" : 0,
+                 "pgmajfault" : 0,
+                 "total_rss" : 6537216,
+                 "total_rss_huge" : 6291456,
+                 "total_writeback" : 0,
+                 "total_inactive_anon" : 0,
+                 "rss_huge" : 6291456,
+                 "hierarchical_memory_limit" : 67108864,
+                 "total_pgfault" : 964,
+                 "total_active_file" : 0,
+                 "active_anon" : 6537216,
+                 "total_active_anon" : 6537216,
+                 "total_pgpgout" : 414,
+                 "total_cache" : 0,
+                 "inactive_anon" : 0,
+                 "active_file" : 0,
+                 "pgfault" : 964,
+                 "inactive_file" : 0,
+                 "total_pgpgin" : 477
+              },
+              "max_usage" : 6651904,
+              "usage" : 6537216,
+              "failcnt" : 0,
+              "limit" : 67108864
+           },
+           "blkio_stats" : {},
+           "cpu_stats" : {
+              "cpu_usage" : {
+                 "percpu_usage" : [
+                    16970827,
+                    1839451,
+                    7107380,
+                    10571290
+                 ],
+                 "usage_in_usermode" : 10000000,
+                 "total_usage" : 36488948,
+                 "usage_in_kernelmode" : 20000000
+              },
+              "system_cpu_usage" : 20091722000000000,
+              "throttling_data" : {}
+           }
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Resize a container TTY
+
+`POST /containers/(id or name)/resize?h=<height>&w=<width>`
+
+Resize the TTY for container with  `id`. The container must be restarted for the resize to take effect.
+
+**Example request**:
+
+        POST /containers/4fa6e0f0c678/resize?h=40&w=80 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Length: 0
+        Content-Type: text/plain; charset=utf-8
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – No such container
+-   **500** – Cannot resize container
+
+### Start a container
+
+`POST /containers/(id or name)/start`
+
+Start the container `id`
+
+> **Note**:
+> For backwards compatibility, this endpoint accepts a `HostConfig` as JSON-encoded request body.
+> See [create a container](#create-a-container) for details.
+
+**Example request**:
+
+        POST /containers/e90e34656806/start HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already started
+-   **404** – no such container
+-   **500** – server error
+
+### Stop a container
+
+`POST /containers/(id or name)/stop`
+
+Stop the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/stop?t=5 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already stopped
+-   **404** – no such container
+-   **500** – server error
+
+### Restart a container
+
+`POST /containers/(id or name)/restart`
+
+Restart the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/restart?t=5 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Kill a container
+
+`POST /containers/(id or name)/kill`
+
+Kill the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/kill HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters
+
+-   **signal** - Signal to send to the container: integer or string like "SIGINT".
+        When not set, SIGKILL is assumed and the call will waits for the container to exit.
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Rename a container
+
+`POST /containers/(id or name)/rename`
+
+Rename the container `id` to a `new_name`
+
+**Example request**:
+
+        POST /containers/e90e34656806/rename?name=new_name HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **name** – new name for the container
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **409** - conflict name already assigned
+-   **500** – server error
+
+### Pause a container
+
+`POST /containers/(id or name)/pause`
+
+Pause the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/pause HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Unpause a container
+
+`POST /containers/(id or name)/unpause`
+
+Unpause the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/unpause HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Attach to a container
+
+`POST /containers/(id or name)/attach`
+
+Attach to the container `id`
+
+**Example request**:
+
+        POST /containers/16253994b7c4/attach?logs=1&stream=0&stdout=1 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 101 UPGRADED
+        Content-Type: application/vnd.docker.raw-stream
+        Connection: Upgrade
+        Upgrade: tcp
+
+        {{ STREAM }}
+
+Query Parameters:
+
+-   **logs** – 1/True/true or 0/False/false, return logs. Default false
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default false
+-   **stdin** – 1/True/true or 0/False/false, if stream=true, attach
+        to stdin. Default false
+-   **stdout** – 1/True/true or 0/False/false, if logs=true, return
+        stdout log, if stream=true, attach to stdout. Default false
+-   **stderr** – 1/True/true or 0/False/false, if logs=true, return
+        stderr log, if stream=true, attach to stderr. Default false
+
+Status Codes:
+
+-   **101** – no error, hints proxy about hijacking
+-   **200** – no error, no upgrade header found
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+    **Stream details**:
+
+    When using the TTY setting is enabled in
+    [`POST /containers/create`
+    ](#create-a-container),
+    the stream is the raw data from the process PTY and client's stdin.
+    When the TTY is disabled, then the stream is multiplexed to separate
+    stdout and stderr.
+
+    The format is a **Header** and a **Payload** (frame).
+
+    **HEADER**
+
+    The header will contain the information on which stream write the
+    stream (stdout or stderr). It also contain the size of the
+    associated frame encoded on the last 4 bytes (uint32).
+
+    It is encoded on the first 8 bytes like this:
+
+        header := [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4}
+
+    `STREAM_TYPE` can be:
+
+-   0: stdin (will be written on stdout)
+-   1: stdout
+-   2: stderr
+
+    `SIZE1, SIZE2, SIZE3, SIZE4` are the 4 bytes of
+    the uint32 size encoded as big endian.
+
+    **PAYLOAD**
+
+    The payload is the raw stream.
+
+    **IMPLEMENTATION**
+
+    The simplest way to implement the Attach protocol is the following:
+
+    1.  Read 8 bytes
+    2.  chose stdout or stderr depending on the first byte
+    3.  Extract the frame size from the last 4 bytes
+    4.  Read the extracted size and output it on the correct output
+    5.  Goto 1
+
+### Attach to a container (websocket)
+
+`GET /containers/(id or name)/attach/ws`
+
+Attach to the container `id` via websocket
+
+Implements websocket protocol handshake according to [RFC 6455](http://tools.ietf.org/html/rfc6455)
+
+**Example request**
+
+        GET /containers/e90e34656806/attach/ws?logs=0&stream=1&stdin=1&stdout=1&stderr=1 HTTP/1.1
+
+**Example response**
+
+        {{ STREAM }}
+
+Query Parameters:
+
+-   **logs** – 1/True/true or 0/False/false, return logs. Default false
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default false
+-   **stdin** – 1/True/true or 0/False/false, if stream=true, attach
+        to stdin. Default false
+-   **stdout** – 1/True/true or 0/False/false, if logs=true, return
+        stdout log, if stream=true, attach to stdout. Default false
+-   **stderr** – 1/True/true or 0/False/false, if logs=true, return
+        stderr log, if stream=true, attach to stderr. Default false
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Wait a container
+
+`POST /containers/(id or name)/wait`
+
+Block until container `id` stops, then returns the exit code
+
+**Example request**:
+
+        POST /containers/16253994b7c4/wait HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"StatusCode": 0}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Remove a container
+
+`DELETE /containers/(id or name)`
+
+Remove the container `id` from the filesystem
+
+**Example request**:
+
+        DELETE /containers/16253994b7c4?v=1 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **v** – 1/True/true or 0/False/false, Remove the volumes
+        associated to the container. Default false
+-   **force** - 1/True/true or 0/False/false, Kill then remove the container.
+        Default false
+
+Status Codes:
+
+-   **204** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Copy files or folders from a container
+
+`POST /containers/(id or name)/copy`
+
+Copy files or folders of container `id`
+
+**Example request**:
+
+        POST /containers/4fa6e0f0c678/copy HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "Resource": "test.txt"
+        }
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/x-tar
+
+        {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+## 2.2 Images
+
+### List Images
+
+`GET /images/json`
+
+**Example request**:
+
+        GET /images/json?all=0 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+          {
+             "RepoTags": [
+               "ubuntu:12.04",
+               "ubuntu:precise",
+               "ubuntu:latest"
+             ],
+             "Id": "8dbd9e392a964056420e5d58ca5cc376ef18e2de93b5cc90e868a1bbc8318c1c",
+             "Created": 1365714795,
+             "Size": 131506275,
+             "VirtualSize": 131506275
+          },
+          {
+             "RepoTags": [
+               "ubuntu:12.10",
+               "ubuntu:quantal"
+             ],
+             "ParentId": "27cf784147099545",
+             "Id": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+             "Created": 1364102658,
+             "Size": 24653,
+             "VirtualSize": 180116135
+          }
+        ]
+
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, default false
+-   **filters** – a json encoded value of the filters (a map[string][]string) to process on the images list. Available filters:
+  -   dangling=true
+-   **filter** - only return images with the specified name
+
+### Build image from a Dockerfile
+
+`POST /build`
+
+Build an image from a Dockerfile
+
+**Example request**:
+
+        POST /build HTTP/1.1
+
+        {{ TAR STREAM }}
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"stream": "Step 1..."}
+        {"stream": "..."}
+        {"error": "Error...", "errorDetail": {"code": 123, "message": "Error..."}}
+
+The input stream must be a tar archive compressed with one of the
+following algorithms: identity (no compression), gzip, bzip2, xz.
+
+The archive must include a build instructions file, typically called
+`Dockerfile` at the root of the archive. The `dockerfile` parameter may be
+used to specify a different build instructions file by having its value be
+the path to the alternate build instructions file to use.
+
+The archive may include any number of other files,
+which will be accessible in the build context (See the [*ADD build
+command*](../../reference/builder.md#dockerbuilder)).
+
+Query Parameters:
+
+-   **dockerfile** - path within the build context to the Dockerfile
+-   **t** – repository name (and optionally a tag) to be applied to
+        the resulting image in case of success
+-   **remote** – git or HTTP/HTTPS URI build source
+-   **q** – suppress verbose build output
+-   **nocache** – do not use the cache when building the image
+-   **pull** - attempt to pull the image even if an older image exists locally
+-   **rm** - remove intermediate containers after a successful build (default behavior)
+-   **forcerm** - always remove intermediate containers (includes rm)
+
+    Request Headers:
+
+-   **Content-type** – should be set to `"application/tar"`.
+-   **X-Registry-Config** – base64-encoded ConfigFile object
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Create an image
+
+`POST /images/create`
+
+Create an image, either by pulling it from the registry or by importing it
+
+**Example request**:
+
+        POST /images/create?fromImage=ubuntu HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"status": "Pulling..."}
+        {"status": "Pulling", "progress": "1 B/ 100 B", "progressDetail": {"current": 1, "total": 100}}
+        {"error": "Invalid..."}
+        ...
+
+    When using this endpoint to pull an image from the registry, the
+    `X-Registry-Auth` header can be used to include
+    a base64-encoded AuthConfig object.
+
+Query Parameters:
+
+-   **fromImage** – name of the image to pull
+-   **fromSrc** – source to import.  The value may be a URL from which the image
+        can be retrieved or `-` to read the image from the request body.
+-   **repo** – repository
+-   **tag** – tag
+-   **registry** – the registry to pull from
+
+    Request Headers:
+
+-   **X-Registry-Auth** – base64-encoded AuthConfig object
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+
+
+### Inspect an image
+
+`GET /images/(name)/json`
+
+Return low-level information on the image `name`
+
+**Example request**:
+
+        GET /images/ubuntu/json HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+             "Created": "2013-03-23T22:24:18.818426-07:00",
+             "Container": "3d67245a8d72ecf13f33dffac9f79dcdf70f75acb84d308770391510e0c23ad0",
+             "ContainerConfig":
+                     {
+                             "Hostname": "",
+                             "User": "",
+                             "Memory": 0,
+                             "MemorySwap": 0,
+                             "AttachStdin": false,
+                             "AttachStdout": false,
+                             "AttachStderr": false,
+                             "PortSpecs": null,
+                             "Tty": true,
+                             "OpenStdin": true,
+                             "StdinOnce": false,
+                             "Env": null,
+                             "Cmd": ["/bin/bash"],
+                             "Dns": null,
+                             "Image": "ubuntu",
+                             "Volumes": null,
+                             "VolumesFrom": "",
+                             "WorkingDir": ""
+                     },
+             "Id": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+             "Parent": "27cf784147099545",
+             "Size": 6824592
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Get the history of an image
+
+`GET /images/(name)/history`
+
+Return the history of the image `name`
+
+**Example request**:
+
+        GET /images/ubuntu/history HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+             {
+                     "Id": "b750fe79269d",
+                     "Created": 1364102658,
+                     "CreatedBy": "/bin/bash"
+             },
+             {
+                     "Id": "27cf78414709",
+                     "Created": 1364068391,
+                     "CreatedBy": ""
+             }
+        ]
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Push an image on the registry
+
+`POST /images/(name)/push`
+
+Push the image `name` on the registry
+
+**Example request**:
+
+        POST /images/test/push HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"status": "Pushing..."}
+        {"status": "Pushing", "progress": "1/? (n/a)", "progressDetail": {"current": 1}}}
+        {"error": "Invalid..."}
+        ...
+
+    If you wish to push an image on to a private registry, that image must already have been tagged
+    into a repository which references that registry host name and port.  This repository name should
+    then be used in the URL. This mirrors the flow of the CLI.
+
+**Example request**:
+
+        POST /images/registry.acme.com:5000/test/push HTTP/1.1
+
+
+Query Parameters:
+
+-   **tag** – the tag to associate with the image on the registry, optional
+
+Request Headers:
+
+-   **X-Registry-Auth** – include a base64-encoded AuthConfig
+        object.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Tag an image into a repository
+
+`POST /images/(name)/tag`
+
+Tag the image `name` into a repository
+
+**Example request**:
+
+        POST /images/test/tag?repo=myrepo&force=0&tag=v42 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+
+Query Parameters:
+
+-   **repo** – The repository to tag in
+-   **force** – 1/True/true or 0/False/false, default false
+-   **tag** - The new tag name
+
+Status Codes:
+
+-   **201** – no error
+-   **400** – bad parameter
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Remove an image
+
+`DELETE /images/(name)`
+
+Remove the image `name` from the filesystem
+
+**Example request**:
+
+        DELETE /images/test HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-type: application/json
+
+        [
+         {"Untagged": "3e2f21a89f"},
+         {"Deleted": "3e2f21a89f"},
+         {"Deleted": "53b4f83ac9"}
+        ]
+
+Query Parameters:
+
+-   **force** – 1/True/true or 0/False/false, default false
+-   **noprune** – 1/True/true or 0/False/false, default false
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Search images
+
+`GET /images/search`
+
+Search for an image on [Docker Hub](https://hub.docker.com).
+
+> **Note**:
+> The response keys have changed from API v1.6 to reflect the JSON
+> sent by the registry server to the docker daemon's request.
+
+**Example request**:
+
+        GET /images/search?term=sshd HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+                {
+                    "description": "",
+                    "is_official": false,
+                    "is_automated": false,
+                    "name": "wma55/u1210sshd",
+                    "star_count": 0
+                },
+                {
+                    "description": "",
+                    "is_official": false,
+                    "is_automated": false,
+                    "name": "jdswinbank/sshd",
+                    "star_count": 0
+                },
+                {
+                    "description": "",
+                    "is_official": false,
+                    "is_automated": false,
+                    "name": "vgauthier/sshd",
+                    "star_count": 0
+                }
+        ...
+        ]
+
+Query Parameters:
+
+-   **term** – term to search
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+## 2.3 Misc
+
+### Check auth configuration
+
+`POST /auth`
+
+Get the default username and email
+
+**Example request**:
+
+        POST /auth HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "username":" hannibal",
+             "password: "xxxx",
+             "email": "hannibal@a-team.com",
+             "serveraddress": "https://index.docker.io/v1/"
+        }
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **204** – no error
+-   **500** – server error
+
+### Display system-wide information
+
+`GET /info`
+
+Display system-wide information
+
+**Example request**:
+
+        GET /info HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+             "Containers":11,
+             "Images":16,
+             "Driver":"btrfs",
+             "DriverStatus": [[""]],
+             "ExecutionDriver":"native-0.1",
+             "KernelVersion":"3.12.0-1-amd64"
+             "NCPU":1,
+             "MemTotal":2099236864,
+             "Name":"prod-server-42",
+             "ID":"7TRN:IPZB:QYBB:VPBQ:UMPP:KARE:6ZNR:XE6T:7EWV:PKF4:ZOJD:TPYS",
+             "Debug":false,
+             "NFd": 11,
+             "NGoroutines":21,
+             "NEventsListener":0,
+             "InitPath":"/usr/bin/docker",
+             "InitSha1":"",
+             "IndexServerAddress":["https://index.docker.io/v1/"],
+             "MemoryLimit":true,
+             "SwapLimit":false,
+             "IPv4Forwarding":true,
+             "Labels":["storage=ssd"],
+             "DockerRootDir": "/var/lib/docker",
+             "OperatingSystem": "Boot2Docker",
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Show the docker version information
+
+`GET /version`
+
+Show the docker version information
+
+**Example request**:
+
+        GET /version HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+             "ApiVersion": "1.12",
+             "Version": "0.2.2",
+             "GitCommit": "5a2a5cc+CHANGES",
+             "GoVersion": "go1.0.3"
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Ping the docker server
+
+`GET /_ping`
+
+Ping the docker server
+
+**Example request**:
+
+        GET /_ping HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: text/plain
+
+        OK
+
+Status Codes:
+
+-   **200** - no error
+-   **500** - server error
+
+### Create a new image from a container's changes
+
+`POST /commit`
+
+Create a new image from a container's changes
+
+**Example request**:
+
+        POST /commit?container=44c004db4b17&comment=message&repo=myrepo HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "Hostname": "",
+             "Domainname": "",
+             "User": "",
+             "Memory": 0,
+             "MemorySwap": 0,
+             "CpuShares": 512,
+             "Cpuset": "0,1",
+             "AttachStdin": false,
+             "AttachStdout": true,
+             "AttachStderr": true,
+             "PortSpecs": null,
+             "Tty": false,
+             "OpenStdin": false,
+             "StdinOnce": false,
+             "Env": null,
+             "Cmd": [
+                     "date"
+             ],
+             "Volumes": {
+                     "/tmp": {}
+             },
+             "WorkingDir": "",
+             "NetworkDisabled": false,
+             "ExposedPorts": {
+                     "22/tcp": {}
+             }
+        }
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: application/json
+
+        {"Id": "596069db4bf5"}
+
+Json Parameters:
+
+-  **config** - the container's configuration
+
+Query Parameters:
+
+-   **container** – source container
+-   **repo** – repository
+-   **tag** – tag
+-   **comment** – commit message
+-   **author** – author (e.g., "John Hannibal Smith
+    <[hannibal@a-team.com](mailto:hannibal%40a-team.com)>")
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Monitor Docker's events
+
+`GET /events`
+
+Get container events from docker, either in real time via streaming, or via
+polling (using since).
+
+Docker containers will report the following events:
+
+    create, destroy, die, exec_create, exec_start, export, kill, oom, pause, restart, start, stop, unpause
+
+and Docker images will report:
+
+    untag, delete
+
+**Example request**:
+
+        GET /events?since=1374067924
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"status": "create", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067924}
+        {"status": "start", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067924}
+        {"status": "stop", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067966}
+        {"status": "destroy", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067970}
+
+Query Parameters:
+
+-   **since** – timestamp used for polling
+-   **until** – timestamp used for polling
+-   **filters** – a json encoded value of the filters (a map[string][]string) to process on the event list. Available filters:
+  -   event=&lt;string&gt; -- event to filter
+  -   image=&lt;string&gt; -- image to filter
+  -   container=&lt;string&gt; -- container to filter
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images in a repository
+
+`GET /images/(name)/get`
+
+Get a tarball containing all images and metadata for the repository specified
+by `name`.
+
+If `name` is a specific name and tag (e.g. ubuntu:latest), then only that image
+(and its parents) are returned. If `name` is an image ID, similarly only that
+image (and its parents) are returned, but with the exclusion of the
+'repositories' file in the tarball, as there were no image names referenced.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+        GET /images/ubuntu/get
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/x-tar
+
+        Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images.
+
+`GET /images/get`
+
+Get a tarball containing all images and metadata for one or more repositories.
+
+For each value of the `names` parameter: if it is a specific name and tag (e.g.
+ubuntu:latest), then only that image (and its parents) are returned; if it is
+an image ID, similarly only that image (and its parents) are returned and there
+would be no names referenced in the 'repositories' file for this image ID.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+        GET /images/get?names=myname%2Fmyapp%3Alatest&names=busybox
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/x-tar
+
+        Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Load a tarball with a set of images and tags into docker
+
+`POST /images/load`
+
+Load a set of images and tags into the docker repository.
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+        POST /images/load
+
+        Tarball in body
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Image tarball format
+
+An image tarball contains one directory per image layer (named using its long ID),
+each containing three files:
+
+1. `VERSION`: currently `1.0` - the file format version
+2. `json`: detailed layer information, similar to `docker inspect layer_id`
+3. `layer.tar`: A tarfile containing the filesystem changes in this layer
+
+The `layer.tar` file will contain `aufs` style `.wh..wh.aufs` files and directories
+for storing attribute changes and deletions.
+
+If the tarball defines a repository, there will also be a `repositories` file at
+the root that contains a list of repository and tag names mapped to layer IDs.
+
+```
+{"hello-world":
+    {"latest": "565a9d68a73f6706862bfe8409a7f659776d4d60a8d096eb4a3cbce6999cc2a1"}
+}
+```
+
+### Exec Create
+
+`POST /containers/(id or name)/exec`
+
+Sets up an exec instance in a running container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/exec HTTP/1.1
+        Content-Type: application/json
+
+        {
+	     "AttachStdin": false,
+	     "AttachStdout": true,
+	     "AttachStderr": true,
+	     "Tty": false,
+	     "Cmd": [
+                     "date"
+             ],
+        }
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: application/json
+
+        {
+             "Id": "f90e34656806"
+        }
+
+Json Parameters:
+
+-   **AttachStdin** - Boolean value, attaches to stdin of the exec command.
+-   **AttachStdout** - Boolean value, attaches to stdout of the exec command.
+-   **AttachStderr** - Boolean value, attaches to stderr of the exec command.
+-   **Tty** - Boolean value to allocate a pseudo-TTY
+-   **Cmd** - Command to run specified as a string or an array of strings.
+
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+
+### Exec Start
+
+`POST /exec/(id)/start`
+
+Starts a previously set up exec instance `id`. If `detach` is true, this API
+returns after starting the `exec` command. Otherwise, this API sets up an
+interactive session with the `exec` command.
+
+**Example request**:
+
+        POST /exec/e90e34656806/start HTTP/1.1
+        Content-Type: application/json
+
+        {
+	     "Detach": false,
+	     "Tty": false,
+        }
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/vnd.docker.raw-stream
+
+        {{ STREAM }}
+
+Json Parameters:
+
+-   **Detach** - Detach from the exec command
+-   **Tty** - Boolean value to allocate a pseudo-TTY
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such exec instance
+
+    **Stream details**:
+    Similar to the stream behavior of `POST /containers/(id or name)/attach` API
+
+### Exec Resize
+
+`POST /exec/(id)/resize`
+
+Resizes the tty session used by the exec command `id`.
+This API is valid only if `tty` was specified as part of creating and starting the exec command.
+
+**Example request**:
+
+        POST /exec/e90e34656806/resize HTTP/1.1
+        Content-Type: text/plain
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: text/plain
+
+Query Parameters:
+
+-   **h** – height of tty session
+-   **w** – width
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such exec instance
+
+### Exec Inspect
+
+`GET /exec/(id)/json`
+
+Return low-level information about the exec command `id`.
+
+**Example request**:
+
+        GET /exec/11fb006128e8ceb3942e7c58d77750f24210e35f879dd204ac975c184b820b39/json HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: plain/text
+
+        {
+          "ID" : "11fb006128e8ceb3942e7c58d77750f24210e35f879dd204ac975c184b820b39",
+          "Running" : false,
+          "ExitCode" : 2,
+          "ProcessConfig" : {
+            "privileged" : false,
+            "user" : "",
+            "tty" : false,
+            "entrypoint" : "sh",
+            "arguments" : [
+              "-c",
+              "exit 2"
+            ]
+          },
+          "OpenStdin" : false,
+          "OpenStderr" : false,
+          "OpenStdout" : false,
+          "Container" : {
+            "State" : {
+              "Running" : true,
+              "Paused" : false,
+              "Restarting" : false,
+              "OOMKilled" : false,
+              "Pid" : 3650,
+              "ExitCode" : 0,
+              "Error" : "",
+              "StartedAt" : "2014-11-17T22:26:03.717657531Z",
+              "FinishedAt" : "0001-01-01T00:00:00Z"
+            },
+            "ID" : "8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c",
+            "Created" : "2014-11-17T22:26:03.626304998Z",
+            "Path" : "date",
+            "Args" : [],
+            "Config" : {
+              "Hostname" : "8f177a186b97",
+              "Domainname" : "",
+              "User" : "",
+              "Memory" : 0,
+              "MemorySwap" : 0,
+              "CpuShares" : 0,
+              "Cpuset" : "",
+              "AttachStdin" : false,
+              "AttachStdout" : false,
+              "AttachStderr" : false,
+              "PortSpecs" : null,
+              "ExposedPorts" : null,
+              "Tty" : false,
+              "OpenStdin" : false,
+              "StdinOnce" : false,
+              "Env" : [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ],
+              "Cmd" : [
+                "date"
+              ],
+              "Image" : "ubuntu",
+              "Volumes" : null,
+              "WorkingDir" : "",
+              "Entrypoint" : null,
+              "NetworkDisabled" : false,
+              "MacAddress" : "",
+              "OnBuild" : null,
+              "SecurityOpt" : null
+            },
+            "Image" : "5506de2b643be1e6febbf3b8a240760c6843244c41e12aa2f60ccbb7153d17f5",
+            "NetworkSettings" : {
+              "IPAddress" : "172.17.0.2",
+              "IPPrefixLen" : 16,
+              "MacAddress" : "02:42:ac:11:00:02",
+              "Gateway" : "172.17.42.1",
+              "Bridge" : "docker0",
+              "PortMapping" : null,
+              "Ports" : {}
+            },
+            "ResolvConfPath" : "/var/lib/docker/containers/8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c/resolv.conf",
+            "HostnamePath" : "/var/lib/docker/containers/8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c/hostname",
+            "HostsPath" : "/var/lib/docker/containers/8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c/hosts",
+            "Name" : "/test",
+            "Driver" : "aufs",
+            "ExecDriver" : "native-0.2",
+            "MountLabel" : "",
+            "ProcessLabel" : "",
+            "AppArmorProfile" : "",
+            "RestartCount" : 0,
+            "Volumes" : {},
+            "VolumesRW" : {}
+          }
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such exec instance
+-   **500** - server error
+
+# 3. Going further
+
+## 3.1 Inside `docker run`
+
+As an example, the `docker run` command line makes the following API calls:
+
+- Create the container
+
+- If the status code is 404, it means the image doesn't exist:
+    - Try to pull it
+    - Then retry to create the container
+
+- Start the container
+
+- If you are not in detached mode:
+- Attach to the container, using logs=1 (to have stdout and
+      stderr from the container's start) and stream=1
+
+- If in detached mode or only stdin is attached:
+- Display the container's id
+
+## 3.2 Hijacking
+
+In this version of the API, /attach, uses hijacking to transport stdin,
+stdout and stderr on the same socket.
+
+To hint potential proxies about connection hijacking, Docker client sends
+connection upgrade headers similarly to websocket.
+
+    Upgrade: tcp
+    Connection: Upgrade
+
+When Docker daemon detects the `Upgrade` header, it will switch its status code
+from **200 OK** to **101 UPGRADED** and resend the same headers.
+
+This might change in the future.
+
+## 3.3 CORS Requests
+
+To set cross origin requests to the remote api, please add flag "--api-enable-cors"
+when running docker in daemon mode.
+
+    $ docker -d -H="192.168.1.9:2375" --api-enable-cors
diff --git a/docs/reference/api/docker_remote_api_v1.18.md b/docs/reference/api/docker_remote_api_v1.18.md
new file mode 100644
index 00000000..9de2cc6c
--- /dev/null
+++ b/docs/reference/api/docker_remote_api_v1.18.md
@@ -0,0 +1,2125 @@
+<!--[metadata]>
++++
+title = "Remote API v1.18"
+description = "API Documentation for Docker"
+keywords = ["API, Docker, rcli, REST,  documentation"]
+[menu.main]
+parent = "engine_remoteapi"
+weight = 3
++++
+<![end-metadata]-->
+
+# Docker Remote API v1.18
+
+## 1. Brief introduction
+
+ - The Remote API has replaced `rcli`.
+ - The daemon listens on `unix:///var/run/docker.sock` but you can
+   [Bind Docker to another host/port or a Unix socket](../../quickstart.md#bind-docker-to-another-host-port-or-a-unix-socket).
+ - The API tends to be REST, but for some complex commands, like `attach`
+   or `pull`, the HTTP connection is hijacked to transport `STDOUT`,
+   `STDIN` and `STDERR`.
+
+# 2. Endpoints
+
+## 2.1 Containers
+
+### List containers
+
+`GET /containers/json`
+
+List containers
+
+**Example request**:
+
+        GET /containers/json?all=1&before=8dfafdbc3a40&size=1 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+             {
+                     "Id": "8dfafdbc3a40",
+                     "Names":["/boring_feynman"],
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 1",
+                     "Created": 1367854155,
+                     "Status": "Exit 0",
+                     "Ports": [{"PrivatePort": 2222, "PublicPort": 3333, "Type": "tcp"}],
+                     "Labels": {
+                             "com.example.vendor": "Acme",
+                             "com.example.license": "GPL",
+                             "com.example.version": "1.0"
+                     },
+                     "SizeRw": 12288,
+                     "SizeRootFs": 0
+             },
+             {
+                     "Id": "9cd87474be90",
+                     "Names":["/coolName"],
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 222222",
+                     "Created": 1367854155,
+                     "Status": "Exit 0",
+                     "Ports": [],
+                     "Labels": {},
+                     "SizeRw": 12288,
+                     "SizeRootFs": 0
+             },
+             {
+                     "Id": "3176a2479c92",
+                     "Names":["/sleepy_dog"],
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 3333333333333333",
+                     "Created": 1367854154,
+                     "Status": "Exit 0",
+                     "Ports":[],
+                     "Labels": {},
+                     "SizeRw":12288,
+                     "SizeRootFs":0
+             },
+             {
+                     "Id": "4cb07b47f9fb",
+                     "Names":["/running_cat"],
+                     "Image": "ubuntu:latest",
+                     "Command": "echo 444444444444444444444444444444444",
+                     "Created": 1367854152,
+                     "Status": "Exit 0",
+                     "Ports": [],
+                     "Labels": {},
+                     "SizeRw": 12288,
+                     "SizeRootFs": 0
+             }
+        ]
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, Show all containers.
+        Only running containers are shown by default (i.e., this defaults to false)
+-   **limit** – Show `limit` last created
+        containers, include non-running ones.
+-   **since** – Show only containers created since Id, include
+        non-running ones.
+-   **before** – Show only containers created before Id, include
+        non-running ones.
+-   **size** – 1/True/true or 0/False/false, Show the containers
+        sizes
+-   **filters** - a json encoded value of the filters (a map[string][]string) to process on the containers list. Available filters:
+  -   exited=&lt;int&gt; -- containers with exit code of &lt;int&gt;
+  -   status=(restarting|running|paused|exited)
+  -   label=`key` or `label="key=value"` of a container label
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **500** – server error
+
+### Create a container
+
+`POST /containers/create`
+
+Create a container
+
+**Example request**:
+
+        POST /containers/create HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "Hostname": "",
+             "Domainname": "",
+             "User": "",
+             "AttachStdin": false,
+             "AttachStdout": true,
+             "AttachStderr": true,
+             "Tty": false,
+             "OpenStdin": false,
+             "StdinOnce": false,
+             "Env": [
+                     "FOO=bar",
+                     "BAZ=quux"
+             ],
+             "Cmd": [
+                     "date"
+             ],
+             "Entrypoint": "",
+             "Image": "ubuntu",
+             "Labels": {
+                     "com.example.vendor": "Acme",
+                     "com.example.license": "GPL",
+                     "com.example.version": "1.0"
+             },
+             "Volumes": {
+                     "/tmp": {}
+             },
+             "WorkingDir": "",
+             "NetworkDisabled": false,
+             "MacAddress": "12:34:56:78:9a:bc",
+             "ExposedPorts": {
+                     "22/tcp": {}
+             },
+             "HostConfig": {
+               "Binds": ["/tmp:/tmp"],
+               "Links": ["redis3:redis"],
+               "LxcConf": {"lxc.utsname":"docker"},
+               "Memory": 0,
+               "MemorySwap": 0,
+               "CpuShares": 512,
+               "CpusetCpus": "0,1",
+               "PortBindings": { "22/tcp": [{ "HostPort": "11022" }] },
+               "PublishAllPorts": false,
+               "Privileged": false,
+               "ReadonlyRootfs": false,
+               "Dns": ["8.8.8.8"],
+               "DnsSearch": [""],
+               "ExtraHosts": null,
+               "VolumesFrom": ["parent", "other:ro"],
+               "CapAdd": ["NET_ADMIN"],
+               "CapDrop": ["MKNOD"],
+               "RestartPolicy": { "Name": "", "MaximumRetryCount": 0 },
+               "NetworkMode": "bridge",
+               "Devices": [],
+               "Ulimits": [{}],
+               "LogConfig": { "Type": "json-file", Config: {} },
+               "SecurityOpt": [],
+               "CgroupParent": ""
+            }
+        }
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: application/json
+
+        {
+             "Id":"e90e34656806",
+             "Warnings":[]
+        }
+
+Json Parameters:
+
+-   **Hostname** - A string value containing the desired hostname to use for the
+      container.
+-   **Domainname** - A string value containing the desired domain name to use
+      for the container.
+-   **User** - A string value containing the user to use inside the container.
+-   **Memory** - Memory limit in bytes.
+-   **MemorySwap** - Total memory limit (memory + swap); set `-1` to enable unlimited swap.
+      You must use this with `memory` and make the swap value larger than `memory`.
+-   **CpuShares** - An integer value containing the CPU Shares for container
+      (ie. the relative weight vs other containers).
+-   **Cpuset** - The same as CpusetCpus, but deprecated, please don't use.
+-   **CpusetCpus** - String value containing the cgroups CpusetCpus to use.
+-   **AttachStdin** - Boolean value, attaches to stdin.
+-   **AttachStdout** - Boolean value, attaches to stdout.
+-   **AttachStderr** - Boolean value, attaches to stderr.
+-   **Tty** - Boolean value, Attach standard streams to a tty, including stdin if it is not closed.
+-   **OpenStdin** - Boolean value, opens stdin,
+-   **StdinOnce** - Boolean value, close stdin after the 1 attached client disconnects.
+-   **Env** - A list of environment variables in the form of `["VAR=value"[,"VAR2=value2"]]`
+-   **Labels** - Adds a map of labels that to a container. To specify a map: `{"key":"value"[,"key2":"value2"]}`
+-   **Cmd** - Command to run specified as a string or an array of strings.
+-   **Entrypoint** - Set the entrypoint for the container a string or an array
+      of strings
+-   **Image** - String value containing the image name to use for the container
+-   **Volumes** – An object mapping mountpoint paths (strings) inside the
+      container to empty objects.
+-   **WorkingDir** - A string value containing the working dir for commands to
+      run in.
+-   **NetworkDisabled** - Boolean value, when true disables networking for the
+      container
+-   **ExposedPorts** - An object mapping ports to an empty object in the form of:
+      `"ExposedPorts": { "<port>/<tcp|udp>: {}" }`
+-   **HostConfig**
+    -   **Binds** – A list of volume bindings for this container. Each volume
+            binding is a string of the form `container_path` (to create a new
+            volume for the container), `host_path:container_path` (to bind-mount
+            a host path into the container), or `host_path:container_path:ro`
+            (to make the bind-mount read-only inside the container).
+    -   **Links** - A list of links for the container. Each link entry should be
+          in the form of `container_name:alias`.
+    -   **LxcConf** - LXC specific configurations. These configurations will only
+          work when using the `lxc` execution driver.
+    -   **PortBindings** - A map of exposed container ports and the host port they
+          should map to. It should be specified in the form
+          `{ <port>/<protocol>: [{ "HostPort": "<port>" }] }`
+          Take note that `port` is specified as a string and not an integer value.
+    -   **PublishAllPorts** - Allocates a random host port for all of a container's
+          exposed ports. Specified as a boolean value.
+    -   **Privileged** - Gives the container full access to the host. Specified as
+          a boolean value.
+    -   **ReadonlyRootfs** - Mount the container's root filesystem as read only.
+          Specified as a boolean value.
+    -   **Dns** - A list of dns servers for the container to use.
+    -   **DnsSearch** - A list of DNS search domains
+    -   **ExtraHosts** - A list of hostnames/IP mappings to be added to the
+        container's `/etc/hosts` file. Specified in the form `["hostname:IP"]`.
+    -   **VolumesFrom** - A list of volumes to inherit from another container.
+          Specified in the form `<container name>[:<ro|rw>]`
+    -   **CapAdd** - A list of kernel capabilities to add to the container.
+    -   **Capdrop** - A list of kernel capabilities to drop from the container.
+    -   **RestartPolicy** – The behavior to apply when the container exits.  The
+            value is an object with a `Name` property of either `"always"` to
+            always restart or `"on-failure"` to restart only when the container
+            exit code is non-zero.  If `on-failure` is used, `MaximumRetryCount`
+            controls the number of times to retry before giving up.
+            The default is not to restart. (optional)
+            An ever increasing delay (double the previous delay, starting at 100mS)
+            is added before each restart to prevent flooding the server.
+    -   **NetworkMode** - Sets the networking mode for the container. Supported
+          values are: `bridge`, `host`, `none`, and `container:<name|id>`
+    -   **Devices** - A list of devices to add to the container specified in the
+          form
+          `{ "PathOnHost": "/dev/deviceName", "PathInContainer": "/dev/deviceName", "CgroupPermissions": "mrw"}`
+    -   **Ulimits** - A list of ulimits to be set in the container, specified as
+          `{ "Name": <name>, "Soft": <soft limit>, "Hard": <hard limit> }`, for example:
+          `Ulimits: { "Name": "nofile", "Soft": 1024, "Hard": 2048 }`
+    -   **SecurityOpt**: A list of string values to customize labels for MLS
+        systems, such as SELinux.
+    -   **LogConfig** - Log configuration for the container, specified as
+          `{ "Type": "<driver_name>", "Config": {"key1": "val1"}}`.
+          Available types: `json-file`, `syslog`, `journald`, `none`.
+          `json-file` logging driver.
+    -   **CgroupParent** - Path to cgroups under which the cgroup for the container will be created. If the path is not absolute, the path is considered to be relative to the cgroups path of the init process. Cgroups will be created if they do not already exist.
+
+Query Parameters:
+
+-   **name** – Assign the specified name to the container. Must
+    match `/?[a-zA-Z0-9_-]+`.
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **406** – impossible to attach (container not running)
+-   **500** – server error
+
+### Inspect a container
+
+`GET /containers/(id or name)/json`
+
+Return low-level information on the container `id`
+
+
+**Example request**:
+
+        GET /containers/4fa6e0f0c678/json HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+	{
+		"AppArmorProfile": "",
+		"Args": [
+			"-c",
+			"exit 9"
+		],
+		"Config": {
+			"AttachStderr": true,
+			"AttachStdin": false,
+			"AttachStdout": true,
+			"Cmd": [
+				"/bin/sh",
+				"-c",
+				"exit 9"
+			],
+			"Domainname": "",
+			"Entrypoint": null,
+			"Env": [
+				"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+			],
+			"ExposedPorts": null,
+			"Hostname": "ba033ac44011",
+			"Image": "ubuntu",
+			"Labels": {
+				"com.example.vendor": "Acme",
+				"com.example.license": "GPL",
+				"com.example.version": "1.0"
+			},
+			"MacAddress": "",
+			"NetworkDisabled": false,
+			"OnBuild": null,
+			"OpenStdin": false,
+			"PortSpecs": null,
+			"StdinOnce": false,
+			"Tty": false,
+			"User": "",
+			"Volumes": null,
+			"WorkingDir": ""
+		},
+		"Created": "2015-01-06T15:47:31.485331387Z",
+		"Driver": "devicemapper",
+		"ExecDriver": "native-0.2",
+		"ExecIDs": null,
+		"HostConfig": {
+			"Binds": null,
+			"CapAdd": null,
+			"CapDrop": null,
+			"ContainerIDFile": "",
+			"CpusetCpus": "",
+			"CpuShares": 0,
+			"Devices": [],
+			"Dns": null,
+			"DnsSearch": null,
+			"ExtraHosts": null,
+			"IpcMode": "",
+			"Links": null,
+			"LxcConf": [],
+			"Memory": 0,
+			"MemorySwap": 0,
+			"NetworkMode": "bridge",
+			"PortBindings": {},
+			"Privileged": false,
+			"ReadonlyRootfs": false,
+			"PublishAllPorts": false,
+			"RestartPolicy": {
+				"MaximumRetryCount": 2,
+				"Name": "on-failure"
+			},
+			"LogConfig": {
+				"Config": null,
+				"Type": "json-file"
+			},
+			"SecurityOpt": null,
+			"VolumesFrom": null,
+			"Ulimits": [{}]
+		},
+		"HostnamePath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/hostname",
+		"HostsPath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/hosts",
+		"LogPath": "/var/lib/docker/containers/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b-json.log",
+		"Id": "ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39",
+		"Image": "04c5d3b7b0656168630d3ba35d8889bd0e9caafcaeb3004d2bfbc47e7c5d35d2",
+		"MountLabel": "",
+		"Name": "/boring_euclid",
+		"NetworkSettings": {
+			"Bridge": "",
+			"Gateway": "",
+			"IPAddress": "",
+			"IPPrefixLen": 0,
+			"MacAddress": "",
+			"PortMapping": null,
+			"Ports": null
+		},
+		"Path": "/bin/sh",
+		"ProcessLabel": "",
+		"ResolvConfPath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/resolv.conf",
+		"RestartCount": 1,
+		"State": {
+			"Error": "",
+			"ExitCode": 9,
+			"FinishedAt": "2015-01-06T15:47:32.080254511Z",
+			"OOMKilled": false,
+			"Paused": false,
+			"Pid": 0,
+			"Restarting": false,
+			"Running": false,
+			"StartedAt": "2015-01-06T15:47:32.072697474Z"
+		},
+		"Volumes": {},
+		"VolumesRW": {}
+	}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### List processes running inside a container
+
+`GET /containers/(id or name)/top`
+
+List processes running inside the container `id`. On Unix systems this
+is done by running the `ps` command. This endpoint is not
+supported on Windows.
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+       "Titles" : [
+         "UID", "PID", "PPID", "C", "STIME", "TTY", "TIME", "CMD"
+       ],
+       "Processes" : [
+         [
+           "root", "13642", "882", "0", "17:03", "pts/0", "00:00:00", "/bin/bash"
+         ],
+         [
+           "root", "13735", "13642", "0", "17:06", "pts/0", "00:00:00", "sleep 10"
+         ]
+       ]
+    }
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top?ps_args=aux HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+      "Titles" : [
+        "USER","PID","%CPU","%MEM","VSZ","RSS","TTY","STAT","START","TIME","COMMAND"
+      ]
+      "Processes" : [
+        [
+          "root","13642","0.0","0.1","18172","3184","pts/0","Ss","17:03","0:00","/bin/bash"
+        ],
+        [
+          "root","13895","0.0","0.0","4348","692","pts/0","S+","17:15","0:00","sleep 10"
+        ]
+      ],
+    }
+
+Query Parameters:
+
+-   **ps_args** – `ps` arguments to use (e.g., `aux`), defaults to `-ef`
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Get container logs
+
+`GET /containers/(id or name)/logs`
+
+Get stdout and stderr logs from the container ``id``
+
+> **Note**:
+> This endpoint works only for containers with the `json-file` or `journald` logging drivers.
+
+**Example request**:
+
+       GET /containers/4fa6e0f0c678/logs?stderr=1&stdout=1&timestamps=1&follow=1&tail=10 HTTP/1.1
+
+**Example response**:
+
+       HTTP/1.1 101 UPGRADED
+       Content-Type: application/vnd.docker.raw-stream
+       Connection: Upgrade
+       Upgrade: tcp
+
+       {{ STREAM }}
+
+Query Parameters:
+
+-   **follow** – 1/True/true or 0/False/false, return stream. Default false
+-   **stdout** – 1/True/true or 0/False/false, show stdout log. Default false
+-   **stderr** – 1/True/true or 0/False/false, show stderr log. Default false
+-   **timestamps** – 1/True/true or 0/False/false, print timestamps for
+        every log line. Default false
+-   **tail** – Output specified number of lines at the end of logs: `all` or `<number>`. Default all
+
+Status Codes:
+
+-   **101** – no error, hints proxy about hijacking
+-   **200** – no error, no upgrade header found
+-   **404** – no such container
+-   **500** – server error
+
+### Inspect changes on a container's filesystem
+
+`GET /containers/(id or name)/changes`
+
+Inspect changes on container `id`'s filesystem
+
+**Example request**:
+
+        GET /containers/4fa6e0f0c678/changes HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+             {
+                     "Path": "/dev",
+                     "Kind": 0
+             },
+             {
+                     "Path": "/dev/kmsg",
+                     "Kind": 1
+             },
+             {
+                     "Path": "/test",
+                     "Kind": 1
+             }
+        ]
+
+Values for `Kind`:
+
+- `0`: Modify
+- `1`: Add
+- `2`: Delete
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Export a container
+
+`GET /containers/(id or name)/export`
+
+Export the contents of container `id`
+
+**Example request**:
+
+        GET /containers/4fa6e0f0c678/export HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/octet-stream
+
+        {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Get container stats based on resource usage
+
+`GET /containers/(id or name)/stats`
+
+This endpoint returns a live stream of a container's resource usage statistics.
+
+**Example request**:
+
+        GET /containers/redis1/stats HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+           "read" : "2015-01-08T22:57:31.547920715Z",
+           "network" : {
+              "rx_dropped" : 0,
+              "rx_bytes" : 648,
+              "rx_errors" : 0,
+              "tx_packets" : 8,
+              "tx_dropped" : 0,
+              "rx_packets" : 8,
+              "tx_errors" : 0,
+              "tx_bytes" : 648
+           },
+           "memory_stats" : {
+              "stats" : {
+                 "total_pgmajfault" : 0,
+                 "cache" : 0,
+                 "mapped_file" : 0,
+                 "total_inactive_file" : 0,
+                 "pgpgout" : 414,
+                 "rss" : 6537216,
+                 "total_mapped_file" : 0,
+                 "writeback" : 0,
+                 "unevictable" : 0,
+                 "pgpgin" : 477,
+                 "total_unevictable" : 0,
+                 "pgmajfault" : 0,
+                 "total_rss" : 6537216,
+                 "total_rss_huge" : 6291456,
+                 "total_writeback" : 0,
+                 "total_inactive_anon" : 0,
+                 "rss_huge" : 6291456,
+                 "hierarchical_memory_limit" : 67108864,
+                 "total_pgfault" : 964,
+                 "total_active_file" : 0,
+                 "active_anon" : 6537216,
+                 "total_active_anon" : 6537216,
+                 "total_pgpgout" : 414,
+                 "total_cache" : 0,
+                 "inactive_anon" : 0,
+                 "active_file" : 0,
+                 "pgfault" : 964,
+                 "inactive_file" : 0,
+                 "total_pgpgin" : 477
+              },
+              "max_usage" : 6651904,
+              "usage" : 6537216,
+              "failcnt" : 0,
+              "limit" : 67108864
+           },
+           "blkio_stats" : {},
+           "cpu_stats" : {
+              "cpu_usage" : {
+                 "percpu_usage" : [
+                    16970827,
+                    1839451,
+                    7107380,
+                    10571290
+                 ],
+                 "usage_in_usermode" : 10000000,
+                 "total_usage" : 36488948,
+                 "usage_in_kernelmode" : 20000000
+              },
+              "system_cpu_usage" : 20091722000000000,
+              "throttling_data" : {}
+           }
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Resize a container TTY
+
+`POST /containers/(id or name)/resize?h=<height>&w=<width>`
+
+Resize the TTY for container with  `id`. The container must be restarted for the resize to take effect.
+
+**Example request**:
+
+        POST /containers/4fa6e0f0c678/resize?h=40&w=80 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Length: 0
+        Content-Type: text/plain; charset=utf-8
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – No such container
+-   **500** – Cannot resize container
+
+### Start a container
+
+`POST /containers/(id or name)/start`
+
+Start the container `id`
+
+> **Note**:
+> For backwards compatibility, this endpoint accepts a `HostConfig` as JSON-encoded request body.
+> See [create a container](#create-a-container) for details.
+
+**Example request**:
+
+        POST /containers/e90e34656806/start HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already started
+-   **404** – no such container
+-   **500** – server error
+
+### Stop a container
+
+`POST /containers/(id or name)/stop`
+
+Stop the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/stop?t=5 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already stopped
+-   **404** – no such container
+-   **500** – server error
+
+### Restart a container
+
+`POST /containers/(id or name)/restart`
+
+Restart the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/restart?t=5 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Kill a container
+
+`POST /containers/(id or name)/kill`
+
+Kill the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/kill HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters
+
+-   **signal** - Signal to send to the container: integer or string like "SIGINT".
+        When not set, SIGKILL is assumed and the call will waits for the container to exit.
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Rename a container
+
+`POST /containers/(id or name)/rename`
+
+Rename the container `id` to a `new_name`
+
+**Example request**:
+
+        POST /containers/e90e34656806/rename?name=new_name HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **name** – new name for the container
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **409** - conflict name already assigned
+-   **500** – server error
+
+### Pause a container
+
+`POST /containers/(id or name)/pause`
+
+Pause the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/pause HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Unpause a container
+
+`POST /containers/(id or name)/unpause`
+
+Unpause the container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/unpause HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Attach to a container
+
+`POST /containers/(id or name)/attach`
+
+Attach to the container `id`
+
+**Example request**:
+
+        POST /containers/16253994b7c4/attach?logs=1&stream=0&stdout=1 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 101 UPGRADED
+        Content-Type: application/vnd.docker.raw-stream
+        Connection: Upgrade
+        Upgrade: tcp
+
+        {{ STREAM }}
+
+Query Parameters:
+
+-   **logs** – 1/True/true or 0/False/false, return logs. Default false
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default false
+-   **stdin** – 1/True/true or 0/False/false, if stream=true, attach
+        to stdin. Default false
+-   **stdout** – 1/True/true or 0/False/false, if logs=true, return
+        stdout log, if stream=true, attach to stdout. Default false
+-   **stderr** – 1/True/true or 0/False/false, if logs=true, return
+        stderr log, if stream=true, attach to stderr. Default false
+
+Status Codes:
+
+-   **101** – no error, hints proxy about hijacking
+-   **200** – no error, no upgrade header found
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+    **Stream details**:
+
+    When using the TTY setting is enabled in
+    [`POST /containers/create`
+    ](#create-a-container),
+    the stream is the raw data from the process PTY and client's stdin.
+    When the TTY is disabled, then the stream is multiplexed to separate
+    stdout and stderr.
+
+    The format is a **Header** and a **Payload** (frame).
+
+    **HEADER**
+
+    The header will contain the information on which stream write the
+    stream (stdout or stderr). It also contain the size of the
+    associated frame encoded on the last 4 bytes (uint32).
+
+    It is encoded on the first 8 bytes like this:
+
+        header := [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4}
+
+    `STREAM_TYPE` can be:
+
+-   0: stdin (will be written on stdout)
+-   1: stdout
+-   2: stderr
+
+    `SIZE1, SIZE2, SIZE3, SIZE4` are the 4 bytes of
+    the uint32 size encoded as big endian.
+
+    **PAYLOAD**
+
+    The payload is the raw stream.
+
+    **IMPLEMENTATION**
+
+    The simplest way to implement the Attach protocol is the following:
+
+    1.  Read 8 bytes
+    2.  chose stdout or stderr depending on the first byte
+    3.  Extract the frame size from the last 4 bytes
+    4.  Read the extracted size and output it on the correct output
+    5.  Goto 1
+
+### Attach to a container (websocket)
+
+`GET /containers/(id or name)/attach/ws`
+
+Attach to the container `id` via websocket
+
+Implements websocket protocol handshake according to [RFC 6455](http://tools.ietf.org/html/rfc6455)
+
+**Example request**
+
+        GET /containers/e90e34656806/attach/ws?logs=0&stream=1&stdin=1&stdout=1&stderr=1 HTTP/1.1
+
+**Example response**
+
+        {{ STREAM }}
+
+Query Parameters:
+
+-   **logs** – 1/True/true or 0/False/false, return logs. Default false
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default false
+-   **stdin** – 1/True/true or 0/False/false, if stream=true, attach
+        to stdin. Default false
+-   **stdout** – 1/True/true or 0/False/false, if logs=true, return
+        stdout log, if stream=true, attach to stdout. Default false
+-   **stderr** – 1/True/true or 0/False/false, if logs=true, return
+        stderr log, if stream=true, attach to stderr. Default false
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Wait a container
+
+`POST /containers/(id or name)/wait`
+
+Block until container `id` stops, then returns the exit code
+
+**Example request**:
+
+        POST /containers/16253994b7c4/wait HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"StatusCode": 0}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Remove a container
+
+`DELETE /containers/(id or name)`
+
+Remove the container `id` from the filesystem
+
+**Example request**:
+
+        DELETE /containers/16253994b7c4?v=1 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **v** – 1/True/true or 0/False/false, Remove the volumes
+        associated to the container. Default false
+-   **force** - 1/True/true or 0/False/false, Kill then remove the container.
+        Default false
+
+Status Codes:
+
+-   **204** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Copy files or folders from a container
+
+`POST /containers/(id or name)/copy`
+
+Copy files or folders of container `id`
+
+**Example request**:
+
+        POST /containers/4fa6e0f0c678/copy HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "Resource": "test.txt"
+        }
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/x-tar
+
+        {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+## 2.2 Images
+
+### List Images
+
+`GET /images/json`
+
+**Example request**:
+
+        GET /images/json?all=0 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+          {
+             "RepoTags": [
+               "ubuntu:12.04",
+               "ubuntu:precise",
+               "ubuntu:latest"
+             ],
+             "Id": "8dbd9e392a964056420e5d58ca5cc376ef18e2de93b5cc90e868a1bbc8318c1c",
+             "Created": 1365714795,
+             "Size": 131506275,
+             "VirtualSize": 131506275
+          },
+          {
+             "RepoTags": [
+               "ubuntu:12.10",
+               "ubuntu:quantal"
+             ],
+             "ParentId": "27cf784147099545",
+             "Id": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+             "Created": 1364102658,
+             "Size": 24653,
+             "VirtualSize": 180116135
+          }
+        ]
+
+**Example request, with digest information**:
+
+        GET /images/json?digests=1 HTTP/1.1
+
+**Example response, with digest information**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+          {
+            "Created": 1420064636,
+            "Id": "4986bf8c15363d1c5d15512d5266f8777bfba4974ac56e3270e7760f6f0a8125",
+            "ParentId": "ea13149945cb6b1e746bf28032f02e9b5a793523481a0a18645fc77ad53c4ea2",
+            "RepoDigests": [
+              "localhost:5000/test/busybox@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf"
+            ],
+            "RepoTags": [
+              "localhost:5000/test/busybox:latest",
+              "playdate:latest"
+            ],
+            "Size": 0,
+            "VirtualSize": 2429728
+          }
+        ]
+
+The response shows a single image `Id` associated with two repositories
+(`RepoTags`): `localhost:5000/test/busybox`: and `playdate`. A caller can use
+either of the `RepoTags` values `localhost:5000/test/busybox:latest` or
+`playdate:latest` to reference the image.
+
+You can also use `RepoDigests` values to reference an image. In this response,
+the array has only one reference and that is to the
+`localhost:5000/test/busybox` repository; the `playdate` repository has no
+digest. You can reference this digest using the value:
+`localhost:5000/test/busybox@sha256:cbbf2f9a99b47fc460d...`
+
+See the `docker run` and `docker build` commands for examples of digest and tag
+references on the command line.
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, default false
+-   **filters** – a json encoded value of the filters (a map[string][]string) to process on the images list. Available filters:
+  -   dangling=true
+  -   label=`key` or `label="key=value"` of an image label
+-   **filter** - only return images with the specified name
+
+### Build image from a Dockerfile
+
+`POST /build`
+
+Build an image from a Dockerfile
+
+**Example request**:
+
+        POST /build HTTP/1.1
+
+        {{ TAR STREAM }}
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"stream": "Step 1..."}
+        {"stream": "..."}
+        {"error": "Error...", "errorDetail": {"code": 123, "message": "Error..."}}
+
+The input stream must be a tar archive compressed with one of the
+following algorithms: identity (no compression), gzip, bzip2, xz.
+
+The archive must include a build instructions file, typically called
+`Dockerfile` at the root of the archive. The `dockerfile` parameter may be
+used to specify a different build instructions file by having its value be
+the path to the alternate build instructions file to use.
+
+The archive may include any number of other files,
+which will be accessible in the build context (See the [*ADD build
+command*](../../reference/builder.md#dockerbuilder)).
+
+The build will also be canceled if the client drops the connection by quitting
+or being killed.
+
+Query Parameters:
+
+-   **dockerfile** - path within the build context to the Dockerfile. This is
+        ignored if `remote` is specified and points to an individual filename.
+-   **t** – repository name (and optionally a tag) to be applied to
+        the resulting image in case of success
+-   **remote** – A Git repository URI or HTTP/HTTPS URI build source. If the
+        URI specifies a filename, the file's contents are placed into a file
+		called `Dockerfile`.
+-   **q** – suppress verbose build output
+-   **nocache** – do not use the cache when building the image
+-   **pull** - attempt to pull the image even if an older image exists locally
+-   **rm** - remove intermediate containers after a successful build (default behavior)
+-   **forcerm** - always remove intermediate containers (includes rm)
+-   **memory** - set memory limit for build
+-   **memswap** - Total memory (memory + swap), `-1` to enable unlimited swap.
+-   **cpushares** - CPU shares (relative weight)
+-   **cpusetcpus** - CPUs in which to allow execution, e.g., `0-3`, `0,1`
+
+    Request Headers:
+
+-   **Content-type** – should be set to `"application/tar"`.
+-   **X-Registry-Config** – base64-encoded ConfigFile object
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Create an image
+
+`POST /images/create`
+
+Create an image, either by pulling it from the registry or by importing it
+
+**Example request**:
+
+        POST /images/create?fromImage=ubuntu HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"status": "Pulling..."}
+        {"status": "Pulling", "progress": "1 B/ 100 B", "progressDetail": {"current": 1, "total": 100}}
+        {"error": "Invalid..."}
+        ...
+
+    When using this endpoint to pull an image from the registry, the
+    `X-Registry-Auth` header can be used to include
+    a base64-encoded AuthConfig object.
+
+Query Parameters:
+
+-   **fromImage** – name of the image to pull
+-   **fromSrc** – source to import.  The value may be a URL from which the image
+        can be retrieved or `-` to read the image from the request body.
+-   **repo** – repository
+-   **tag** – tag
+-   **registry** – the registry to pull from
+
+    Request Headers:
+
+-   **X-Registry-Auth** – base64-encoded AuthConfig object
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+
+
+### Inspect an image
+
+`GET /images/(name)/json`
+
+Return low-level information on the image `name`
+
+**Example request**:
+
+        GET /images/ubuntu/json HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+             "Created": "2013-03-23T22:24:18.818426-07:00",
+             "Container": "3d67245a8d72ecf13f33dffac9f79dcdf70f75acb84d308770391510e0c23ad0",
+             "ContainerConfig":
+                     {
+                             "Hostname": "",
+                             "User": "",
+                             "AttachStdin": false,
+                             "AttachStdout": false,
+                             "AttachStderr": false,
+                             "PortSpecs": null,
+                             "Tty": true,
+                             "OpenStdin": true,
+                             "StdinOnce": false,
+                             "Env": null,
+                             "Cmd": ["/bin/bash"],
+                             "Dns": null,
+                             "Image": "ubuntu",
+                             "Labels": {
+                                 "com.example.vendor": "Acme",
+                                 "com.example.license": "GPL",
+                                 "com.example.version": "1.0"
+                             },
+                             "Volumes": null,
+                             "VolumesFrom": "",
+                             "WorkingDir": ""
+                     },
+             "Id": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+             "Parent": "27cf784147099545",
+             "Size": 6824592
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Get the history of an image
+
+`GET /images/(name)/history`
+
+Return the history of the image `name`
+
+**Example request**:
+
+        GET /images/ubuntu/history HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+             {
+                     "Id": "b750fe79269d",
+                     "Created": 1364102658,
+                     "CreatedBy": "/bin/bash"
+             },
+             {
+                     "Id": "27cf78414709",
+                     "Created": 1364068391,
+                     "CreatedBy": ""
+             }
+        ]
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Push an image on the registry
+
+`POST /images/(name)/push`
+
+Push the image `name` on the registry
+
+**Example request**:
+
+        POST /images/test/push HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"status": "Pushing..."}
+        {"status": "Pushing", "progress": "1/? (n/a)", "progressDetail": {"current": 1}}}
+        {"error": "Invalid..."}
+        ...
+
+    If you wish to push an image on to a private registry, that image must already have been tagged
+    into a repository which references that registry host name and port.  This repository name should
+    then be used in the URL. This mirrors the flow of the CLI.
+
+**Example request**:
+
+        POST /images/registry.acme.com:5000/test/push HTTP/1.1
+
+
+Query Parameters:
+
+-   **tag** – the tag to associate with the image on the registry, optional
+
+Request Headers:
+
+-   **X-Registry-Auth** – include a base64-encoded AuthConfig
+        object.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Tag an image into a repository
+
+`POST /images/(name)/tag`
+
+Tag the image `name` into a repository
+
+**Example request**:
+
+        POST /images/test/tag?repo=myrepo&force=0&tag=v42 HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+
+Query Parameters:
+
+-   **repo** – The repository to tag in
+-   **force** – 1/True/true or 0/False/false, default false
+-   **tag** - The new tag name
+
+Status Codes:
+
+-   **201** – no error
+-   **400** – bad parameter
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Remove an image
+
+`DELETE /images/(name)`
+
+Remove the image `name` from the filesystem
+
+**Example request**:
+
+        DELETE /images/test HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-type: application/json
+
+        [
+         {"Untagged": "3e2f21a89f"},
+         {"Deleted": "3e2f21a89f"},
+         {"Deleted": "53b4f83ac9"}
+        ]
+
+Query Parameters:
+
+-   **force** – 1/True/true or 0/False/false, default false
+-   **noprune** – 1/True/true or 0/False/false, default false
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Search images
+
+`GET /images/search`
+
+Search for an image on [Docker Hub](https://hub.docker.com).
+
+> **Note**:
+> The response keys have changed from API v1.6 to reflect the JSON
+> sent by the registry server to the docker daemon's request.
+
+**Example request**:
+
+        GET /images/search?term=sshd HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        [
+                {
+                    "description": "",
+                    "is_official": false,
+                    "is_automated": false,
+                    "name": "wma55/u1210sshd",
+                    "star_count": 0
+                },
+                {
+                    "description": "",
+                    "is_official": false,
+                    "is_automated": false,
+                    "name": "jdswinbank/sshd",
+                    "star_count": 0
+                },
+                {
+                    "description": "",
+                    "is_official": false,
+                    "is_automated": false,
+                    "name": "vgauthier/sshd",
+                    "star_count": 0
+                }
+        ...
+        ]
+
+Query Parameters:
+
+-   **term** – term to search
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+## 2.3 Misc
+
+### Check auth configuration
+
+`POST /auth`
+
+Get the default username and email
+
+**Example request**:
+
+        POST /auth HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "username":" hannibal",
+             "password: "xxxx",
+             "email": "hannibal@a-team.com",
+             "serveraddress": "https://index.docker.io/v1/"
+        }
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **204** – no error
+-   **500** – server error
+
+### Display system-wide information
+
+`GET /info`
+
+Display system-wide information
+
+**Example request**:
+
+        GET /info HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+            "Containers": 11,
+            "Debug": 0,
+            "DockerRootDir": "/var/lib/docker",
+            "Driver": "btrfs",
+            "DriverStatus": [[""]],
+            "ExecutionDriver": "native-0.1",
+            "HttpProxy": "http://test:test@localhost:8080",
+            "HttpsProxy": "https://test:test@localhost:8080",
+            "ID": "7TRN:IPZB:QYBB:VPBQ:UMPP:KARE:6ZNR:XE6T:7EWV:PKF4:ZOJD:TPYS",
+            "IPv4Forwarding": 1,
+            "Images": 16,
+            "IndexServerAddress": "https://index.docker.io/v1/",
+            "InitPath": "/usr/bin/docker",
+            "InitSha1": "",
+            "KernelVersion": "3.12.0-1-amd64",
+            "Labels": [
+                "storage=ssd"
+            ],
+            "MemTotal": 2099236864,
+            "MemoryLimit": 1,
+            "NCPU": 1,
+            "NEventsListener": 0,
+            "NFd": 11,
+            "NGoroutines": 21,
+            "Name": "prod-server-42",
+            "NoProxy": "9.81.1.160",
+            "OperatingSystem": "Boot2Docker",
+            "RegistryConfig": {
+                "IndexConfigs": {
+                    "docker.io": {
+                        "Mirrors": null,
+                        "Name": "docker.io",
+                        "Official": true,
+                        "Secure": true
+                    }
+                },
+                "InsecureRegistryCIDRs": [
+                    "127.0.0.0/8"
+                ]
+            },
+            "SwapLimit": 0,
+            "SystemTime": "2015-03-10T11:11:23.730591467-07:00"
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Show the docker version information
+
+`GET /version`
+
+Show the docker version information
+
+**Example request**:
+
+        GET /version HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {
+             "Version": "1.5.0",
+             "Os": "linux",
+             "KernelVersion": "3.18.5-tinycore64",
+             "GoVersion": "go1.4.1",
+             "GitCommit": "a8a31ef",
+             "Arch": "amd64",
+             "ApiVersion": "1.18"
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Ping the docker server
+
+`GET /_ping`
+
+Ping the docker server
+
+**Example request**:
+
+        GET /_ping HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: text/plain
+
+        OK
+
+Status Codes:
+
+-   **200** - no error
+-   **500** - server error
+
+### Create a new image from a container's changes
+
+`POST /commit`
+
+Create a new image from a container's changes
+
+**Example request**:
+
+        POST /commit?container=44c004db4b17&comment=message&repo=myrepo HTTP/1.1
+        Content-Type: application/json
+
+        {
+             "Hostname": "",
+             "Domainname": "",
+             "User": "",
+             "AttachStdin": false,
+             "AttachStdout": true,
+             "AttachStderr": true,
+             "PortSpecs": null,
+             "Tty": false,
+             "OpenStdin": false,
+             "StdinOnce": false,
+             "Env": null,
+             "Cmd": [
+                     "date"
+             ],
+             "Volumes": {
+                     "/tmp": {}
+             },
+             "WorkingDir": "",
+             "NetworkDisabled": false,
+             "ExposedPorts": {
+                     "22/tcp": {}
+             }
+        }
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: application/json
+
+        {"Id": "596069db4bf5"}
+
+Json Parameters:
+
+-  **config** - the container's configuration
+
+Query Parameters:
+
+-   **container** – source container
+-   **repo** – repository
+-   **tag** – tag
+-   **comment** – commit message
+-   **author** – author (e.g., "John Hannibal Smith
+    <[hannibal@a-team.com](mailto:hannibal%40a-team.com)>")
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Monitor Docker's events
+
+`GET /events`
+
+Get container events from docker, either in real time via streaming, or via
+polling (using since).
+
+Docker containers will report the following events:
+
+    create, destroy, die, exec_create, exec_start, export, kill, oom, pause, restart, start, stop, unpause
+
+and Docker images will report:
+
+    untag, delete
+
+**Example request**:
+
+        GET /events?since=1374067924
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/json
+
+        {"status": "create", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067924}
+        {"status": "start", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067924}
+        {"status": "stop", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067966}
+        {"status": "destroy", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067970}
+
+Query Parameters:
+
+-   **since** – timestamp used for polling
+-   **until** – timestamp used for polling
+-   **filters** – a json encoded value of the filters (a map[string][]string) to process on the event list. Available filters:
+  -   event=&lt;string&gt; -- event to filter
+  -   image=&lt;string&gt; -- image to filter
+  -   container=&lt;string&gt; -- container to filter
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images in a repository
+
+`GET /images/(name)/get`
+
+Get a tarball containing all images and metadata for the repository specified
+by `name`.
+
+If `name` is a specific name and tag (e.g. ubuntu:latest), then only that image
+(and its parents) are returned. If `name` is an image ID, similarly only that
+image (and its parents) are returned, but with the exclusion of the
+'repositories' file in the tarball, as there were no image names referenced.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+        GET /images/ubuntu/get
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/x-tar
+
+        Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images.
+
+`GET /images/get`
+
+Get a tarball containing all images and metadata for one or more repositories.
+
+For each value of the `names` parameter: if it is a specific name and tag (e.g.
+ubuntu:latest), then only that image (and its parents) are returned; if it is
+an image ID, similarly only that image (and its parents) are returned and there
+would be no names referenced in the 'repositories' file for this image ID.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+        GET /images/get?names=myname%2Fmyapp%3Alatest&names=busybox
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/x-tar
+
+        Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Load a tarball with a set of images and tags into docker
+
+`POST /images/load`
+
+Load a set of images and tags into the docker repository.
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+        POST /images/load
+
+        Tarball in body
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Image tarball format
+
+An image tarball contains one directory per image layer (named using its long ID),
+each containing three files:
+
+1. `VERSION`: currently `1.0` - the file format version
+2. `json`: detailed layer information, similar to `docker inspect layer_id`
+3. `layer.tar`: A tarfile containing the filesystem changes in this layer
+
+The `layer.tar` file will contain `aufs` style `.wh..wh.aufs` files and directories
+for storing attribute changes and deletions.
+
+If the tarball defines a repository, there will also be a `repositories` file at
+the root that contains a list of repository and tag names mapped to layer IDs.
+
+```
+{"hello-world":
+    {"latest": "565a9d68a73f6706862bfe8409a7f659776d4d60a8d096eb4a3cbce6999cc2a1"}
+}
+```
+
+### Exec Create
+
+`POST /containers/(id or name)/exec`
+
+Sets up an exec instance in a running container `id`
+
+**Example request**:
+
+        POST /containers/e90e34656806/exec HTTP/1.1
+        Content-Type: application/json
+
+        {
+	     "AttachStdin": false,
+	     "AttachStdout": true,
+	     "AttachStderr": true,
+	     "Tty": false,
+	     "Cmd": [
+                     "date"
+             ],
+        }
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: application/json
+
+        {
+             "Id": "f90e34656806",
+             "Warnings":[]
+        }
+
+Json Parameters:
+
+-   **AttachStdin** - Boolean value, attaches to stdin of the exec command.
+-   **AttachStdout** - Boolean value, attaches to stdout of the exec command.
+-   **AttachStderr** - Boolean value, attaches to stderr of the exec command.
+-   **Tty** - Boolean value to allocate a pseudo-TTY
+-   **Cmd** - Command to run specified as a string or an array of strings.
+
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+
+### Exec Start
+
+`POST /exec/(id)/start`
+
+Starts a previously set up exec instance `id`. If `detach` is true, this API
+returns after starting the `exec` command. Otherwise, this API sets up an
+interactive session with the `exec` command.
+
+**Example request**:
+
+        POST /exec/e90e34656806/start HTTP/1.1
+        Content-Type: application/json
+
+        {
+	     "Detach": false,
+	     "Tty": false,
+        }
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/vnd.docker.raw-stream
+
+        {{ STREAM }}
+
+Json Parameters:
+
+-   **Detach** - Detach from the exec command
+-   **Tty** - Boolean value to allocate a pseudo-TTY
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such exec instance
+
+    **Stream details**:
+    Similar to the stream behavior of `POST /containers/(id or name)/attach` API
+
+### Exec Resize
+
+`POST /exec/(id)/resize`
+
+Resizes the tty session used by the exec command `id`.
+This API is valid only if `tty` was specified as part of creating and starting the exec command.
+
+**Example request**:
+
+        POST /exec/e90e34656806/resize HTTP/1.1
+        Content-Type: text/plain
+
+**Example response**:
+
+        HTTP/1.1 201 Created
+        Content-Type: text/plain
+
+Query Parameters:
+
+-   **h** – height of tty session
+-   **w** – width
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such exec instance
+
+### Exec Inspect
+
+`GET /exec/(id)/json`
+
+Return low-level information about the exec command `id`.
+
+**Example request**:
+
+        GET /exec/11fb006128e8ceb3942e7c58d77750f24210e35f879dd204ac975c184b820b39/json HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: plain/text
+
+        {
+          "ID" : "11fb006128e8ceb3942e7c58d77750f24210e35f879dd204ac975c184b820b39",
+          "Running" : false,
+          "ExitCode" : 2,
+          "ProcessConfig" : {
+            "privileged" : false,
+            "user" : "",
+            "tty" : false,
+            "entrypoint" : "sh",
+            "arguments" : [
+              "-c",
+              "exit 2"
+            ]
+          },
+          "OpenStdin" : false,
+          "OpenStderr" : false,
+          "OpenStdout" : false,
+          "Container" : {
+            "State" : {
+              "Running" : true,
+              "Paused" : false,
+              "Restarting" : false,
+              "OOMKilled" : false,
+              "Pid" : 3650,
+              "ExitCode" : 0,
+              "Error" : "",
+              "StartedAt" : "2014-11-17T22:26:03.717657531Z",
+              "FinishedAt" : "0001-01-01T00:00:00Z"
+            },
+            "ID" : "8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c",
+            "Created" : "2014-11-17T22:26:03.626304998Z",
+            "Path" : "date",
+            "Args" : [],
+            "Config" : {
+              "Hostname" : "8f177a186b97",
+              "Domainname" : "",
+              "User" : "",
+              "AttachStdin" : false,
+              "AttachStdout" : false,
+              "AttachStderr" : false,
+              "PortSpecs" : null,
+              "ExposedPorts" : null,
+              "Tty" : false,
+              "OpenStdin" : false,
+              "StdinOnce" : false,
+              "Env" : [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ],
+              "Cmd" : [
+                "date"
+              ],
+              "Image" : "ubuntu",
+              "Volumes" : null,
+              "WorkingDir" : "",
+              "Entrypoint" : null,
+              "NetworkDisabled" : false,
+              "MacAddress" : "",
+              "OnBuild" : null,
+              "SecurityOpt" : null
+            },
+            "Image" : "5506de2b643be1e6febbf3b8a240760c6843244c41e12aa2f60ccbb7153d17f5",
+            "NetworkSettings" : {
+              "IPAddress" : "172.17.0.2",
+              "IPPrefixLen" : 16,
+              "MacAddress" : "02:42:ac:11:00:02",
+              "Gateway" : "172.17.42.1",
+              "Bridge" : "docker0",
+              "PortMapping" : null,
+              "Ports" : {}
+            },
+            "ResolvConfPath" : "/var/lib/docker/containers/8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c/resolv.conf",
+            "HostnamePath" : "/var/lib/docker/containers/8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c/hostname",
+            "HostsPath" : "/var/lib/docker/containers/8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c/hosts",
+            "LogPath": "/var/lib/docker/containers/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b-json.log",
+            "Name" : "/test",
+            "Driver" : "aufs",
+            "ExecDriver" : "native-0.2",
+            "MountLabel" : "",
+            "ProcessLabel" : "",
+            "AppArmorProfile" : "",
+            "RestartCount" : 0,
+            "Volumes" : {},
+            "VolumesRW" : {}
+          }
+        }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such exec instance
+-   **500** - server error
+
+# 3. Going further
+
+## 3.1 Inside `docker run`
+
+As an example, the `docker run` command line makes the following API calls:
+
+- Create the container
+
+- If the status code is 404, it means the image doesn't exist:
+    - Try to pull it
+    - Then retry to create the container
+
+- Start the container
+
+- If you are not in detached mode:
+- Attach to the container, using logs=1 (to have stdout and
+      stderr from the container's start) and stream=1
+
+- If in detached mode or only stdin is attached:
+- Display the container's id
+
+## 3.2 Hijacking
+
+In this version of the API, /attach, uses hijacking to transport stdin,
+stdout and stderr on the same socket.
+
+To hint potential proxies about connection hijacking, Docker client sends
+connection upgrade headers similarly to websocket.
+
+    Upgrade: tcp
+    Connection: Upgrade
+
+When Docker daemon detects the `Upgrade` header, it will switch its status code
+from **200 OK** to **101 UPGRADED** and resend the same headers.
+
+This might change in the future.
+
+## 3.3 CORS Requests
+
+To set cross origin requests to the remote api please give values to
+"--api-cors-header" when running docker in daemon mode. Set * will allow all,
+default or blank means CORS disabled
+
+    $ docker -d -H="192.168.1.9:2375" --api-cors-header="http://foo.bar"
diff --git a/docs/reference/api/docker_remote_api_v1.19.md b/docs/reference/api/docker_remote_api_v1.19.md
new file mode 100644
index 00000000..e049dbe7
--- /dev/null
+++ b/docs/reference/api/docker_remote_api_v1.19.md
@@ -0,0 +1,2206 @@
+<!--[metadata]>
++++
+title = "Remote API v1.19"
+description = "API Documentation for Docker"
+keywords = ["API, Docker, rcli, REST,  documentation"]
+[menu.main]
+parent = "engine_remoteapi"
+weight = 2
++++
+<![end-metadata]-->
+
+# Docker Remote API v1.19
+
+## 1. Brief introduction
+
+ - The Remote API has replaced `rcli`.
+ - The daemon listens on `unix:///var/run/docker.sock` but you can
+   [Bind Docker to another host/port or a Unix socket](../../quickstart.md#bind-docker-to-another-host-port-or-a-unix-socket).
+ - The API tends to be REST. However, for some complex commands, like `attach`
+   or `pull`, the HTTP connection is hijacked to transport `stdout`,
+   `stdin` and `stderr`.
+ - When the client API version is newer than the daemon's, these calls return an HTTP
+   `400 Bad Request` error message.
+
+# 2. Endpoints
+
+## 2.1 Containers
+
+### List containers
+
+`GET /containers/json`
+
+List containers
+
+**Example request**:
+
+    GET /containers/json?all=1&before=8dfafdbc3a40&size=1 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+         {
+                 "Id": "8dfafdbc3a40",
+                 "Names":["/boring_feynman"],
+                 "Image": "ubuntu:latest",
+                 "Command": "echo 1",
+                 "Created": 1367854155,
+                 "Status": "Exit 0",
+                 "Ports": [{"PrivatePort": 2222, "PublicPort": 3333, "Type": "tcp"}],
+                 "Labels": {
+                         "com.example.vendor": "Acme",
+                         "com.example.license": "GPL",
+                         "com.example.version": "1.0"
+                 },
+                 "SizeRw": 12288,
+                 "SizeRootFs": 0
+         },
+         {
+                 "Id": "9cd87474be90",
+                 "Names":["/coolName"],
+                 "Image": "ubuntu:latest",
+                 "Command": "echo 222222",
+                 "Created": 1367854155,
+                 "Status": "Exit 0",
+                 "Ports": [],
+                 "Labels": {},
+                 "SizeRw": 12288,
+                 "SizeRootFs": 0
+         },
+         {
+                 "Id": "3176a2479c92",
+                 "Names":["/sleepy_dog"],
+                 "Image": "ubuntu:latest",
+                 "Command": "echo 3333333333333333",
+                 "Created": 1367854154,
+                 "Status": "Exit 0",
+                 "Ports":[],
+                 "Labels": {},
+                 "SizeRw":12288,
+                 "SizeRootFs":0
+         },
+         {
+                 "Id": "4cb07b47f9fb",
+                 "Names":["/running_cat"],
+                 "Image": "ubuntu:latest",
+                 "Command": "echo 444444444444444444444444444444444",
+                 "Created": 1367854152,
+                 "Status": "Exit 0",
+                 "Ports": [],
+                 "Labels": {},
+                 "SizeRw": 12288,
+                 "SizeRootFs": 0
+         }
+    ]
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, Show all containers.
+        Only running containers are shown by default (i.e., this defaults to false)
+-   **limit** – Show `limit` last created
+        containers, include non-running ones.
+-   **since** – Show only containers created since Id, include
+        non-running ones.
+-   **before** – Show only containers created before Id, include
+        non-running ones.
+-   **size** – 1/True/true or 0/False/false, Show the containers
+        sizes
+-   **filters** - a JSON encoded value of the filters (a `map[string][]string`) to process on the containers list. Available filters:
+  -   `exited=<int>`; -- containers with exit code of  `<int>` ;
+  -   `status=`(`restarting`|`running`|`paused`|`exited`)
+  -   `label=key` or `label="key=value"` of a container label
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **500** – server error
+
+### Create a container
+
+`POST /containers/create`
+
+Create a container
+
+**Example request**:
+
+    POST /containers/create HTTP/1.1
+    Content-Type: application/json
+
+    {
+           "Hostname": "",
+           "Domainname": "",
+           "User": "",
+           "AttachStdin": false,
+           "AttachStdout": true,
+           "AttachStderr": true,
+           "Tty": false,
+           "OpenStdin": false,
+           "StdinOnce": false,
+           "Env": [
+                   "FOO=bar",
+                   "BAZ=quux"
+           ],
+           "Cmd": [
+                   "date"
+           ],
+           "Entrypoint": "",
+           "Image": "ubuntu",
+           "Labels": {
+                   "com.example.vendor": "Acme",
+                   "com.example.license": "GPL",
+                   "com.example.version": "1.0"
+           },
+           "Volumes": {
+                   "/tmp": {}
+           },
+           "WorkingDir": "",
+           "NetworkDisabled": false,
+           "MacAddress": "12:34:56:78:9a:bc",
+           "ExposedPorts": {
+                   "22/tcp": {}
+           },
+           "HostConfig": {
+             "Binds": ["/tmp:/tmp"],
+             "Links": ["redis3:redis"],
+             "LxcConf": {"lxc.utsname":"docker"},
+             "Memory": 0,
+             "MemorySwap": 0,
+             "CpuShares": 512,
+             "CpuPeriod": 100000,
+             "CpuQuota": 50000,
+             "CpusetCpus": "0,1",
+             "CpusetMems": "0,1",
+             "BlkioWeight": 300,
+             "OomKillDisable": false,
+             "PortBindings": { "22/tcp": [{ "HostPort": "11022" }] },
+             "PublishAllPorts": false,
+             "Privileged": false,
+             "ReadonlyRootfs": false,
+             "Dns": ["8.8.8.8"],
+             "DnsSearch": [""],
+             "ExtraHosts": null,
+             "VolumesFrom": ["parent", "other:ro"],
+             "CapAdd": ["NET_ADMIN"],
+             "CapDrop": ["MKNOD"],
+             "RestartPolicy": { "Name": "", "MaximumRetryCount": 0 },
+             "NetworkMode": "bridge",
+             "Devices": [],
+             "Ulimits": [{}],
+             "LogConfig": { "Type": "json-file", "Config": {} },
+             "SecurityOpt": [],
+             "CgroupParent": ""
+          }
+      }
+
+**Example response**:
+
+      HTTP/1.1 201 Created
+      Content-Type: application/json
+
+      {
+           "Id":"e90e34656806",
+           "Warnings":[]
+      }
+
+Json Parameters:
+
+-   **Hostname** - A string value containing the hostname to use for the
+      container.
+-   **Domainname** - A string value containing the domain name to use
+      for the container.
+-   **User** - A string value specifying the user inside the container.
+-   **Memory** - Memory limit in bytes.
+-   **MemorySwap** - Total memory limit (memory + swap); set `-1` to enable unlimited swap.
+      You must use this with `memory` and make the swap value larger than `memory`.
+-   **CpuShares** - An integer value containing the container's CPU Shares
+      (ie. the relative weight vs other containers).
+-   **CpuPeriod** - The length of a CPU period in microseconds.
+-   **CpuQuota** - Microseconds of CPU time that the container can get in a CPU period.
+-   **Cpuset** - Deprecated please don't use. Use `CpusetCpus` instead.
+-   **CpusetCpus** - String value containing the `cgroups CpusetCpus` to use.
+-   **CpusetMems** - Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems.
+-   **BlkioWeight** - Block IO weight (relative weight) accepts a weight value between 10 and 1000.
+-   **OomKillDisable** - Boolean value, whether to disable OOM Killer for the container or not.
+-   **AttachStdin** - Boolean value, attaches to `stdin`.
+-   **AttachStdout** - Boolean value, attaches to `stdout`.
+-   **AttachStderr** - Boolean value, attaches to `stderr`.
+-   **Tty** - Boolean value, Attach standard streams to a `tty`, including `stdin` if it is not closed.
+-   **OpenStdin** - Boolean value, opens stdin,
+-   **StdinOnce** - Boolean value, close `stdin` after the 1 attached client disconnects.
+-   **Env** - A list of environment variables in the form of `["VAR=value"[,"VAR2=value2"]]`
+-   **Labels** - Adds a map of labels to a container. To specify a map: `{"key":"value"[,"key2":"value2"]}`
+-   **Cmd** - Command to run specified as a string or an array of strings.
+-   **Entrypoint** - Set the entry point for the container as a string or an array
+      of strings.
+-   **Image** - A string specifying the image name to use for the container.
+-   **Volumes** – An object mapping mount point paths (strings) inside the
+      container to empty objects.
+-   **WorkingDir** - A string specifying the working directory for commands to
+      run in.
+-   **NetworkDisabled** - Boolean value, when true disables networking for the
+      container
+-   **ExposedPorts** - An object mapping ports to an empty object in the form of:
+      `"ExposedPorts": { "<port>/<tcp|udp>: {}" }`
+-   **HostConfig**
+    -   **Binds** – A list of volume bindings for this container. Each volume binding is a string in one of these forms:
+           + `container_path` to create a new volume for the container
+           + `host_path:container_path` to bind-mount a host path into the container
+           + `host_path:container_path:ro` to make the bind-mount read-only inside the container.
+    -   **Links** - A list of links for the container. Each link entry should be
+          in the form of `container_name:alias`.
+    -   **LxcConf** - LXC specific configurations. These configurations only
+          work when using the `lxc` execution driver.
+    -   **PortBindings** - A map of exposed container ports and the host port they
+          should map to. A JSON object in the form
+          `{ <port>/<protocol>: [{ "HostPort": "<port>" }] }`
+          Take note that `port` is specified as a string and not an integer value.
+    -   **PublishAllPorts** - Allocates a random host port for all of a container's
+          exposed ports. Specified as a boolean value.
+    -   **Privileged** - Gives the container full access to the host. Specified as
+          a boolean value.
+    -   **ReadonlyRootfs** - Mount the container's root filesystem as read only.
+          Specified as a boolean value.
+    -   **Dns** - A list of DNS servers for the container to use.
+    -   **DnsSearch** - A list of DNS search domains
+    -   **ExtraHosts** - A list of hostnames/IP mappings to add to the
+        container's `/etc/hosts` file. Specified in the form `["hostname:IP"]`.
+    -   **VolumesFrom** - A list of volumes to inherit from another container.
+          Specified in the form `<container name>[:<ro|rw>]`
+    -   **CapAdd** - A list of kernel capabilities to add to the container.
+    -   **Capdrop** - A list of kernel capabilities to drop from the container.
+    -   **RestartPolicy** – The behavior to apply when the container exits.  The
+            value is an object with a `Name` property of either `"always"` to
+            always restart or `"on-failure"` to restart only when the container
+            exit code is non-zero.  If `on-failure` is used, `MaximumRetryCount`
+            controls the number of times to retry before giving up.
+            The default is not to restart. (optional)
+            An ever increasing delay (double the previous delay, starting at 100mS)
+            is added before each restart to prevent flooding the server.
+    -   **NetworkMode** - Sets the networking mode for the container. Supported
+          values are: `bridge`, `host`, `none`, and `container:<name|id>`
+    -   **Devices** - A list of devices to add to the container specified as a JSON object in the
+      form
+          `{ "PathOnHost": "/dev/deviceName", "PathInContainer": "/dev/deviceName", "CgroupPermissions": "mrw"}`
+    -   **Ulimits** - A list of ulimits to set in the container, specified as
+          `{ "Name": <name>, "Soft": <soft limit>, "Hard": <hard limit> }`, for example:
+          `Ulimits: { "Name": "nofile", "Soft": 1024, "Hard": 2048 }`
+    -   **SecurityOpt**: A list of string values to customize labels for MLS
+        systems, such as SELinux.
+    -   **LogConfig** - Log configuration for the container, specified as a JSON object in the form
+          `{ "Type": "<driver_name>", "Config": {"key1": "val1"}}`.
+          Available types: `json-file`, `syslog`, `journald`, `none`.
+	      `syslog` available options are: `address`.
+    -   **CgroupParent** - Path to cgroups under which the cgroup for the container will be created. If the path is not absolute, the path is considered to be relative to the cgroups path of the init process. Cgroups will be created if they do not already exist.
+
+Query Parameters:
+
+-   **name** – Assign the specified name to the container. Must
+    match `/?[a-zA-Z0-9_-]+`.
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **406** – impossible to attach (container not running)
+-   **500** – server error
+
+### Inspect a container
+
+`GET /containers/(id or name)/json`
+
+Return low-level information on the container `id`
+
+
+**Example request**:
+
+      GET /containers/4fa6e0f0c678/json HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+		"AppArmorProfile": "",
+		"Args": [
+			"-c",
+			"exit 9"
+		],
+		"Config": {
+			"AttachStderr": true,
+			"AttachStdin": false,
+			"AttachStdout": true,
+			"Cmd": [
+				"/bin/sh",
+				"-c",
+				"exit 9"
+			],
+			"Domainname": "",
+			"Entrypoint": null,
+			"Env": [
+				"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+			],
+			"ExposedPorts": null,
+			"Hostname": "ba033ac44011",
+			"Image": "ubuntu",
+			"Labels": {
+				"com.example.vendor": "Acme",
+				"com.example.license": "GPL",
+				"com.example.version": "1.0"
+			},
+			"MacAddress": "",
+			"NetworkDisabled": false,
+			"OnBuild": null,
+			"OpenStdin": false,
+			"PortSpecs": null,
+			"StdinOnce": false,
+			"Tty": false,
+			"User": "",
+			"Volumes": null,
+			"WorkingDir": ""
+		},
+		"Created": "2015-01-06T15:47:31.485331387Z",
+		"Driver": "devicemapper",
+		"ExecDriver": "native-0.2",
+		"ExecIDs": null,
+		"HostConfig": {
+			"Binds": null,
+			"BlkioWeight": 0,
+			"CapAdd": null,
+			"CapDrop": null,
+			"ContainerIDFile": "",
+			"CpusetCpus": "",
+			"CpusetMems": "",
+			"CpuShares": 0,
+			"CpuPeriod": 100000,
+			"Devices": [],
+			"Dns": null,
+			"DnsSearch": null,
+			"ExtraHosts": null,
+			"IpcMode": "",
+			"Links": null,
+			"LxcConf": [],
+			"Memory": 0,
+			"MemorySwap": 0,
+			"OomKillDisable": false,
+			"NetworkMode": "bridge",
+			"PortBindings": {},
+			"Privileged": false,
+			"ReadonlyRootfs": false,
+			"PublishAllPorts": false,
+			"RestartPolicy": {
+				"MaximumRetryCount": 2,
+				"Name": "on-failure"
+			},
+			"LogConfig": {
+				"Config": null,
+				"Type": "json-file"
+			},
+			"SecurityOpt": null,
+			"VolumesFrom": null,
+			"Ulimits": [{}]
+		},
+		"HostnamePath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/hostname",
+		"HostsPath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/hosts",
+		"LogPath": "/var/lib/docker/containers/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b-json.log",
+		"Id": "ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39",
+		"Image": "04c5d3b7b0656168630d3ba35d8889bd0e9caafcaeb3004d2bfbc47e7c5d35d2",
+		"MountLabel": "",
+		"Name": "/boring_euclid",
+		"NetworkSettings": {
+			"Bridge": "",
+			"Gateway": "",
+			"IPAddress": "",
+			"IPPrefixLen": 0,
+			"MacAddress": "",
+			"PortMapping": null,
+			"Ports": null
+		},
+		"Path": "/bin/sh",
+		"ProcessLabel": "",
+		"ResolvConfPath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/resolv.conf",
+		"RestartCount": 1,
+		"State": {
+			"Error": "",
+			"ExitCode": 9,
+			"FinishedAt": "2015-01-06T15:47:32.080254511Z",
+			"OOMKilled": false,
+			"Paused": false,
+			"Pid": 0,
+			"Restarting": false,
+			"Running": false,
+			"StartedAt": "2015-01-06T15:47:32.072697474Z"
+		},
+		"Volumes": {},
+		"VolumesRW": {}
+	}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### List processes running inside a container
+
+`GET /containers/(id or name)/top`
+
+List processes running inside the container `id`. On Unix systems this
+is done by running the `ps` command. This endpoint is not
+supported on Windows.
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+       "Titles" : [
+         "UID", "PID", "PPID", "C", "STIME", "TTY", "TIME", "CMD"
+       ],
+       "Processes" : [
+         [
+           "root", "13642", "882", "0", "17:03", "pts/0", "00:00:00", "/bin/bash"
+         ],
+         [
+           "root", "13735", "13642", "0", "17:06", "pts/0", "00:00:00", "sleep 10"
+         ]
+       ]
+    }
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top?ps_args=aux HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+      "Titles" : [
+        "USER","PID","%CPU","%MEM","VSZ","RSS","TTY","STAT","START","TIME","COMMAND"
+      ]
+      "Processes" : [
+        [
+          "root","13642","0.0","0.1","18172","3184","pts/0","Ss","17:03","0:00","/bin/bash"
+        ],
+        [
+          "root","13895","0.0","0.0","4348","692","pts/0","S+","17:15","0:00","sleep 10"
+        ]
+      ],
+    }
+
+Query Parameters:
+
+-   **ps_args** – `ps` arguments to use (e.g., `aux`), defaults to `-ef`
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Get container logs
+
+`GET /containers/(id or name)/logs`
+
+Get `stdout` and `stderr` logs from the container ``id``
+
+> **Note**:
+> This endpoint works only for containers with the `json-file` or `journald` logging drivers.
+
+**Example request**:
+
+     GET /containers/4fa6e0f0c678/logs?stderr=1&stdout=1&timestamps=1&follow=1&tail=10&since=1428990821 HTTP/1.1
+
+**Example response**:
+
+     HTTP/1.1 101 UPGRADED
+     Content-Type: application/vnd.docker.raw-stream
+     Connection: Upgrade
+     Upgrade: tcp
+
+     {{ STREAM }}
+
+Query Parameters:
+
+-   **follow** – 1/True/true or 0/False/false, return stream. Default `false`.
+-   **stdout** – 1/True/true or 0/False/false, show `stdout` log. Default `false`.
+-   **stderr** – 1/True/true or 0/False/false, show `stderr` log. Default `false`.
+-   **since** – UNIX timestamp (integer) to filter logs. Specifying a timestamp
+    will only output log-entries since that timestamp. Default: 0 (unfiltered)
+-   **timestamps** – 1/True/true or 0/False/false, print timestamps for
+        every log line. Default `false`.
+-   **tail** – Output specified number of lines at the end of logs: `all` or `<number>`. Default all.
+
+Status Codes:
+
+-   **101** – no error, hints proxy about hijacking
+-   **200** – no error, no upgrade header found
+-   **404** – no such container
+-   **500** – server error
+
+### Inspect changes on a container's filesystem
+
+`GET /containers/(id or name)/changes`
+
+Inspect changes on container `id`'s filesystem
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/changes HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+         {
+                 "Path": "/dev",
+                 "Kind": 0
+         },
+         {
+                 "Path": "/dev/kmsg",
+                 "Kind": 1
+         },
+         {
+                 "Path": "/test",
+                 "Kind": 1
+         }
+    ]
+
+Values for `Kind`:
+
+- `0`: Modify
+- `1`: Add
+- `2`: Delete
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Export a container
+
+`GET /containers/(id or name)/export`
+
+Export the contents of container `id`
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/export HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/octet-stream
+
+    {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Get container stats based on resource usage
+
+`GET /containers/(id or name)/stats`
+
+This endpoint returns a live stream of a container's resource usage statistics.
+
+**Example request**:
+
+    GET /containers/redis1/stats HTTP/1.1
+
+**Example response**:
+
+      HTTP/1.1 200 OK
+      Content-Type: application/json
+
+      {
+         "read" : "2015-01-08T22:57:31.547920715Z",
+         "network" : {
+            "rx_dropped" : 0,
+            "rx_bytes" : 648,
+            "rx_errors" : 0,
+            "tx_packets" : 8,
+            "tx_dropped" : 0,
+            "rx_packets" : 8,
+            "tx_errors" : 0,
+            "tx_bytes" : 648
+         },
+         "memory_stats" : {
+            "stats" : {
+               "total_pgmajfault" : 0,
+               "cache" : 0,
+               "mapped_file" : 0,
+               "total_inactive_file" : 0,
+               "pgpgout" : 414,
+               "rss" : 6537216,
+               "total_mapped_file" : 0,
+               "writeback" : 0,
+               "unevictable" : 0,
+               "pgpgin" : 477,
+               "total_unevictable" : 0,
+               "pgmajfault" : 0,
+               "total_rss" : 6537216,
+               "total_rss_huge" : 6291456,
+               "total_writeback" : 0,
+               "total_inactive_anon" : 0,
+               "rss_huge" : 6291456,
+               "hierarchical_memory_limit" : 67108864,
+               "total_pgfault" : 964,
+               "total_active_file" : 0,
+               "active_anon" : 6537216,
+               "total_active_anon" : 6537216,
+               "total_pgpgout" : 414,
+               "total_cache" : 0,
+               "inactive_anon" : 0,
+               "active_file" : 0,
+               "pgfault" : 964,
+               "inactive_file" : 0,
+               "total_pgpgin" : 477
+            },
+            "max_usage" : 6651904,
+            "usage" : 6537216,
+            "failcnt" : 0,
+            "limit" : 67108864
+         },
+         "blkio_stats" : {},
+         "cpu_stats" : {
+            "cpu_usage" : {
+               "percpu_usage" : [
+                  8646879,
+                  24472255,
+                  36438778,
+                  30657443
+               ],
+               "usage_in_usermode" : 50000000,
+               "total_usage" : 100215355,
+               "usage_in_kernelmode" : 30000000
+            },
+            "system_cpu_usage" : 739306590000000,
+            "throttling_data" : {"periods":0,"throttled_periods":0,"throttled_time":0}
+         },
+         "precpu_stats" : {
+            "cpu_usage" : {
+               "percpu_usage" : [
+                  8646879,
+                  24350896,
+                  36438778,
+                  30657443
+               ],
+               "usage_in_usermode" : 50000000,
+               "total_usage" : 100093996,
+               "usage_in_kernelmode" : 30000000
+            },
+            "system_cpu_usage" : 9492140000000,
+            "throttling_data" : {"periods":0,"throttled_periods":0,"throttled_time":0}
+         }
+      }
+
+The precpu_stats is the cpu statistic of last read, which is used for calculating the cpu usage percent. It is not the exact copy of the “cpu_stats” field.
+
+Query Parameters:
+
+-   **stream** – 1/True/true or 0/False/false, pull stats once then disconnect. Default `true`.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Resize a container TTY
+
+`POST /containers/(id or name)/resize?h=<height>&w=<width>`
+
+Resize the TTY for container with  `id`. You must restart the container for the resize to take effect.
+
+**Example request**:
+
+      POST /containers/4fa6e0f0c678/resize?h=40&w=80 HTTP/1.1
+
+**Example response**:
+
+      HTTP/1.1 200 OK
+      Content-Length: 0
+      Content-Type: text/plain; charset=utf-8
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – No such container
+-   **500** – Cannot resize container
+
+### Start a container
+
+`POST /containers/(id or name)/start`
+
+Start the container `id`
+
+> **Note**:
+> For backwards compatibility, this endpoint accepts a `HostConfig` as JSON-encoded request body.
+> See [create a container](#create-a-container) for details.
+
+**Example request**:
+
+     POST /containers/e90e34656806/start HTTP/1.1
+
+**Example response**:
+
+     HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already started
+-   **404** – no such container
+-   **500** – server error
+
+### Stop a container
+
+`POST /containers/(id or name)/stop`
+
+Stop the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/stop?t=5 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already stopped
+-   **404** – no such container
+-   **500** – server error
+
+### Restart a container
+
+`POST /containers/(id or name)/restart`
+
+Restart the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/restart?t=5 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Kill a container
+
+`POST /containers/(id or name)/kill`
+
+Kill the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/kill HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters
+
+-   **signal** - Signal to send to the container: integer or string like `SIGINT`.
+        When not set, `SIGKILL` is assumed and the call waits for the container to exit.
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Rename a container
+
+`POST /containers/(id or name)/rename`
+
+Rename the container `id` to a `new_name`
+
+**Example request**:
+
+    POST /containers/e90e34656806/rename?name=new_name HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **name** – new name for the container
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **409** - conflict name already assigned
+-   **500** – server error
+
+### Pause a container
+
+`POST /containers/(id or name)/pause`
+
+Pause the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/pause HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Unpause a container
+
+`POST /containers/(id or name)/unpause`
+
+Unpause the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/unpause HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Attach to a container
+
+`POST /containers/(id or name)/attach`
+
+Attach to the container `id`
+
+**Example request**:
+
+    POST /containers/16253994b7c4/attach?logs=1&stream=0&stdout=1 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 101 UPGRADED
+    Content-Type: application/vnd.docker.raw-stream
+    Connection: Upgrade
+    Upgrade: tcp
+
+    {{ STREAM }}
+
+Query Parameters:
+
+-   **logs** – 1/True/true or 0/False/false, return logs. Default `false`.
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default `false`.
+-   **stdin** – 1/True/true or 0/False/false, if `stream=true`, attach
+        to `stdin`. Default `false`.
+-   **stdout** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stdout` log, if `stream=true`, attach to `stdout`. Default `false`.
+-   **stderr** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
+
+Status Codes:
+
+-   **101** – no error, hints proxy about hijacking
+-   **200** – no error, no upgrade header found
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+    **Stream details**:
+
+    When using the TTY setting is enabled in
+    [`POST /containers/create`
+    ](#create-a-container),
+    the stream is the raw data from the process PTY and client's `stdin`.
+    When the TTY is disabled, then the stream is multiplexed to separate
+    `stdout` and `stderr`.
+
+    The format is a **Header** and a **Payload** (frame).
+
+    **HEADER**
+
+    The header contains the information which the stream writes (`stdout` or
+    `stderr`). It also contains the size of the associated frame encoded in the
+    last four bytes (`uint32`).
+
+    It is encoded on the first eight bytes like this:
+
+        header := [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4}
+
+    `STREAM_TYPE` can be:
+
+-   0: `stdin` (is written on `stdout`)
+-   1: `stdout`
+-   2: `stderr`
+
+    `SIZE1, SIZE2, SIZE3, SIZE4` are the four bytes of
+    the `uint32` size encoded as big endian.
+
+    **PAYLOAD**
+
+    The payload is the raw stream.
+
+    **IMPLEMENTATION**
+
+    The simplest way to implement the Attach protocol is the following:
+
+    1.  Read eight bytes.
+    2.  Choose `stdout` or `stderr` depending on the first byte.
+    3.  Extract the frame size from the last four bytes.
+    4.  Read the extracted size and output it on the correct output.
+    5.  Goto 1.
+
+### Attach to a container (websocket)
+
+`GET /containers/(id or name)/attach/ws`
+
+Attach to the container `id` via websocket
+
+Implements websocket protocol handshake according to [RFC 6455](http://tools.ietf.org/html/rfc6455)
+
+**Example request**
+
+    GET /containers/e90e34656806/attach/ws?logs=0&stream=1&stdin=1&stdout=1&stderr=1 HTTP/1.1
+
+**Example response**
+
+    {{ STREAM }}
+
+Query Parameters:
+
+-   **logs** – 1/True/true or 0/False/false, return logs. Default `false`.
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default `false`.
+-   **stdin** – 1/True/true or 0/False/false, if `stream=true`, attach
+        to `stdin`. Default `false`.
+-   **stdout** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stdout` log, if `stream=true`, attach to `stdout`. Default `false`.
+-   **stderr** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Wait a container
+
+`POST /containers/(id or name)/wait`
+
+Block until container `id` stops, then returns the exit code
+
+**Example request**:
+
+    POST /containers/16253994b7c4/wait HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"StatusCode": 0}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Remove a container
+
+`DELETE /containers/(id or name)`
+
+Remove the container `id` from the filesystem
+
+**Example request**:
+
+    DELETE /containers/16253994b7c4?v=1 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **v** – 1/True/true or 0/False/false, Remove the volumes
+        associated to the container. Default `false`.
+-   **force** - 1/True/true or 0/False/false, Kill then remove the container.
+        Default `false`.
+
+Status Codes:
+
+-   **204** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Copy files or folders from a container
+
+`POST /containers/(id or name)/copy`
+
+Copy files or folders of container `id`
+
+**Example request**:
+
+    POST /containers/4fa6e0f0c678/copy HTTP/1.1
+    Content-Type: application/json
+
+    {
+         "Resource": "test.txt"
+    }
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/x-tar
+
+    {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+## 2.2 Images
+
+### List Images
+
+`GET /images/json`
+
+**Example request**:
+
+    GET /images/json?all=0 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+      {
+         "RepoTags": [
+           "ubuntu:12.04",
+           "ubuntu:precise",
+           "ubuntu:latest"
+         ],
+         "Id": "8dbd9e392a964056420e5d58ca5cc376ef18e2de93b5cc90e868a1bbc8318c1c",
+         "Created": 1365714795,
+         "Size": 131506275,
+         "VirtualSize": 131506275,
+         "Labels": {}
+      },
+      {
+         "RepoTags": [
+           "ubuntu:12.10",
+           "ubuntu:quantal"
+         ],
+         "ParentId": "27cf784147099545",
+         "Id": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+         "Created": 1364102658,
+         "Size": 24653,
+         "VirtualSize": 180116135,
+         "Labels": {
+            "com.example.version": "v1"
+         }
+      }
+    ]
+
+**Example request, with digest information**:
+
+    GET /images/json?digests=1 HTTP/1.1
+
+**Example response, with digest information**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+      {
+        "Created": 1420064636,
+        "Id": "4986bf8c15363d1c5d15512d5266f8777bfba4974ac56e3270e7760f6f0a8125",
+        "ParentId": "ea13149945cb6b1e746bf28032f02e9b5a793523481a0a18645fc77ad53c4ea2",
+        "RepoDigests": [
+          "localhost:5000/test/busybox@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf"
+        ],
+        "RepoTags": [
+          "localhost:5000/test/busybox:latest",
+          "playdate:latest"
+        ],
+        "Size": 0,
+        "VirtualSize": 2429728,
+        "Labels": {}
+      }
+    ]
+
+The response shows a single image `Id` associated with two repositories
+(`RepoTags`): `localhost:5000/test/busybox`: and `playdate`. A caller can use
+either of the `RepoTags` values `localhost:5000/test/busybox:latest` or
+`playdate:latest` to reference the image.
+
+You can also use `RepoDigests` values to reference an image. In this response,
+the array has only one reference and that is to the
+`localhost:5000/test/busybox` repository; the `playdate` repository has no
+digest. You can reference this digest using the value:
+`localhost:5000/test/busybox@sha256:cbbf2f9a99b47fc460d...`
+
+See the `docker run` and `docker build` commands for examples of digest and tag
+references on the command line.
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, default false
+-   **filters** – a JSON encoded value of the filters (a map[string][]string) to process on the images list. Available filters:
+  -   `dangling=true`
+  -   `label=key` or `label="key=value"` of an image label
+-   **filter** - only return images with the specified name
+
+### Build image from a Dockerfile
+
+`POST /build`
+
+Build an image from a Dockerfile
+
+**Example request**:
+
+    POST /build HTTP/1.1
+
+    {{ TAR STREAM }}
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"stream": "Step 1..."}
+    {"stream": "..."}
+    {"error": "Error...", "errorDetail": {"code": 123, "message": "Error..."}}
+
+The input stream must be a `tar` archive compressed with one of the
+following algorithms: `identity` (no compression), `gzip`, `bzip2`, `xz`.
+
+The archive must include a build instructions file, typically called
+`Dockerfile` at the archive's root. The `dockerfile` parameter may be
+used to specify a different build instructions file. To do this, its value must be
+the path to the alternate build instructions file to use.
+
+The archive may include any number of other files,
+which are accessible in the build context (See the [*ADD build
+command*](../../reference/builder.md#dockerbuilder)).
+
+The build is canceled if the client drops the connection by quitting
+or being killed.
+
+Query Parameters:
+
+-   **dockerfile** - Path within the build context to the `Dockerfile`. This is
+        ignored if `remote` is specified and points to an external `Dockerfile`.
+-   **t** – Repository name (and optionally a tag) to be applied to
+        the resulting image in case of success.
+-   **remote** – A Git repository URI or HTTP/HTTPS context URI. If the
+        URI points to a single text file, the file's contents are placed into
+        a file called `Dockerfile` and the image is built from that file. If
+        the URI points to a tarball, the file is downloaded by the daemon and
+        the contents therein used as the context for the build. If the URI
+        points to a tarball and the `dockerfile` parameter is also specified,
+        there must be a file with the corresponding path inside the tarball.
+-   **q** – Suppress verbose build output.
+-   **nocache** – Do not use the cache when building the image.
+-   **pull** - Attempt to pull the image even if an older image exists locally.
+-   **rm** - Remove intermediate containers after a successful build (default behavior).
+-   **forcerm** - Always remove intermediate containers (includes `rm`).
+-   **memory** - Set memory limit for build.
+-   **memswap** - Total memory (memory + swap), `-1` to enable unlimited swap.
+-   **cpushares** - CPU shares (relative weight).
+-   **cpusetcpus** - CPUs in which to allow execution (e.g., `0-3`, `0,1`).
+-   **cpuperiod** - The length of a CPU period in microseconds.
+-   **cpuquota** - Microseconds of CPU time that the container can get in a CPU period.
+
+    Request Headers:
+
+-   **Content-type** – Set to `"application/tar"`.
+-   **X-Registry-Config** – base64-encoded ConfigFile object
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Create an image
+
+`POST /images/create`
+
+Create an image either by pulling it from the registry or by importing it
+
+**Example request**:
+
+    POST /images/create?fromImage=ubuntu HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"status": "Pulling..."}
+    {"status": "Pulling", "progress": "1 B/ 100 B", "progressDetail": {"current": 1, "total": 100}}
+    {"error": "Invalid..."}
+    ...
+
+When using this endpoint to pull an image from the registry, the
+`X-Registry-Auth` header can be used to include
+a base64-encoded AuthConfig object.
+
+Query Parameters:
+
+-   **fromImage** – Name of the image to pull.
+-   **fromSrc** – Source to import.  The value may be a URL from which the image
+        can be retrieved or `-` to read the image from the request body.
+-   **repo** – Repository name.
+-   **tag** – Tag.
+-   **registry** – The registry to pull from.
+
+    Request Headers:
+
+-   **X-Registry-Auth** – base64-encoded AuthConfig object
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+
+
+### Inspect an image
+
+`GET /images/(name)/json`
+
+Return low-level information on the image `name`
+
+**Example request**:
+
+    GET /images/ubuntu/json HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+         "Created": "2013-03-23T22:24:18.818426-07:00",
+         "Container": "3d67245a8d72ecf13f33dffac9f79dcdf70f75acb84d308770391510e0c23ad0",
+         "ContainerConfig":
+                 {
+                         "Hostname": "",
+                         "User": "",
+                         "AttachStdin": false,
+                         "AttachStdout": false,
+                         "AttachStderr": false,
+                         "PortSpecs": null,
+                         "Tty": true,
+                         "OpenStdin": true,
+                         "StdinOnce": false,
+                         "Env": null,
+                         "Cmd": ["/bin/bash"],
+                         "Dns": null,
+                         "Image": "ubuntu",
+                         "Labels": {
+                             "com.example.vendor": "Acme",
+                             "com.example.license": "GPL",
+                             "com.example.version": "1.0"
+                         },
+                         "Volumes": null,
+                         "VolumesFrom": "",
+                         "WorkingDir": ""
+                 },
+         "Id": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+         "Parent": "27cf784147099545",
+         "Size": 6824592
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Get the history of an image
+
+`GET /images/(name)/history`
+
+Return the history of the image `name`
+
+**Example request**:
+
+    GET /images/ubuntu/history HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+        {
+            "Id": "3db9c44f45209632d6050b35958829c3a2aa256d81b9a7be45b362ff85c54710",
+            "Created": 1398108230,
+            "CreatedBy": "/bin/sh -c #(nop) ADD file:eb15dbd63394e063b805a3c32ca7bf0266ef64676d5a6fab4801f2e81e2a5148 in /",
+            "Tags": [
+                "ubuntu:lucid",
+                "ubuntu:10.04"
+            ],
+            "Size": 182964289,
+            "Comment": ""
+        },
+        {
+            "Id": "6cfa4d1f33fb861d4d114f43b25abd0ac737509268065cdfd69d544a59c85ab8",
+            "Created": 1398108222,
+            "CreatedBy": "/bin/sh -c #(nop) MAINTAINER Tianon Gravi <admwiggin@gmail.com> - mkimage-debootstrap.sh -i iproute,iputils-ping,ubuntu-minimal -t lucid.tar.xz lucid http://archive.ubuntu.com/ubuntu/",
+            "Tags": null,
+            "Size": 0,
+            "Comment": ""
+        },
+        {
+            "Id": "511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158",
+            "Created": 1371157430,
+            "CreatedBy": "",
+            "Tags": [
+                "scratch12:latest",
+                "scratch:latest"
+            ],
+            "Size": 0,
+            "Comment": "Imported from -"
+        }
+    ]
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Push an image on the registry
+
+`POST /images/(name)/push`
+
+Push the image `name` on the registry
+
+**Example request**:
+
+    POST /images/test/push HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"status": "Pushing..."}
+    {"status": "Pushing", "progress": "1/? (n/a)", "progressDetail": {"current": 1}}}
+    {"error": "Invalid..."}
+    ...
+
+If you wish to push an image on to a private registry, that image must already have a tag
+into a repository which references that registry `hostname` and `port`.  This repository name should
+then be used in the URL. This duplicates the command line's flow.
+
+**Example request**:
+
+    POST /images/registry.acme.com:5000/test/push HTTP/1.1
+
+
+Query Parameters:
+
+-   **tag** – The tag to associate with the image on the registry. This is optional.
+
+Request Headers:
+
+-   **X-Registry-Auth** – Include a base64-encoded AuthConfig.
+        object.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Tag an image into a repository
+
+`POST /images/(name)/tag`
+
+Tag the image `name` into a repository
+
+**Example request**:
+
+    POST /images/test/tag?repo=myrepo&force=0&tag=v42 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+
+Query Parameters:
+
+-   **repo** – The repository to tag in
+-   **force** – 1/True/true or 0/False/false, default false
+-   **tag** - The new tag name
+
+Status Codes:
+
+-   **201** – no error
+-   **400** – bad parameter
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Remove an image
+
+`DELETE /images/(name)`
+
+Remove the image `name` from the filesystem
+
+**Example request**:
+
+    DELETE /images/test HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-type: application/json
+
+    [
+     {"Untagged": "3e2f21a89f"},
+     {"Deleted": "3e2f21a89f"},
+     {"Deleted": "53b4f83ac9"}
+    ]
+
+Query Parameters:
+
+-   **force** – 1/True/true or 0/False/false, default false
+-   **noprune** – 1/True/true or 0/False/false, default false
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Search images
+
+`GET /images/search`
+
+Search for an image on [Docker Hub](https://hub.docker.com). This API
+returns both `is_trusted` and `is_automated` images. Currently, they
+are considered identical. In the future, the `is_trusted` property will
+be deprecated and replaced by the `is_automated` property.
+
+> **Note**:
+> The response keys have changed from API v1.6 to reflect the JSON
+> sent by the registry server to the docker daemon's request.
+
+**Example request**:
+
+    GET /images/search?term=sshd HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+        [
+                {
+                    "star_count": 12,
+                    "is_official": false,
+                    "name": "wma55/u1210sshd",
+                    "is_trusted": false,
+                    "is_automated": false,
+                    "description": "",
+                },
+                {
+                    "star_count": 10,
+                    "is_official": false,
+                    "name": "jdswinbank/sshd",
+                    "is_trusted": false,
+                    "is_automated": false,
+                    "description": "",
+                },
+                {
+                    "star_count": 18,
+                    "is_official": false,
+                    "name": "vgauthier/sshd",
+                    "is_trusted": false,
+                    "is_automated": false,
+                    "description": "",
+                }
+        ...
+        ]
+
+Query Parameters:
+
+-   **term** – term to search
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+## 2.3 Misc
+
+### Check auth configuration
+
+`POST /auth`
+
+Get the default username and email
+
+**Example request**:
+
+    POST /auth HTTP/1.1
+    Content-Type: application/json
+
+    {
+         "username":" hannibal",
+         "password: "xxxx",
+         "email": "hannibal@a-team.com",
+         "serveraddress": "https://index.docker.io/v1/"
+    }
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **204** – no error
+-   **500** – server error
+
+### Display system-wide information
+
+`GET /info`
+
+Display system-wide information
+
+**Example request**:
+
+    GET /info HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+        "Containers": 11,
+        "CpuCfsPeriod": true,
+        "CpuCfsQuota": true,
+        "Debug": false,
+        "DockerRootDir": "/var/lib/docker",
+        "Driver": "btrfs",
+        "DriverStatus": [[""]],
+        "ExecutionDriver": "native-0.1",
+        "ExperimentalBuild": false,
+        "HttpProxy": "http://test:test@localhost:8080",
+        "HttpsProxy": "https://test:test@localhost:8080",
+        "ID": "7TRN:IPZB:QYBB:VPBQ:UMPP:KARE:6ZNR:XE6T:7EWV:PKF4:ZOJD:TPYS",
+        "IPv4Forwarding": true,
+        "Images": 16,
+        "IndexServerAddress": "https://index.docker.io/v1/",
+        "InitPath": "/usr/bin/docker",
+        "InitSha1": "",
+        "KernelVersion": "3.12.0-1-amd64",
+        "Labels": [
+            "storage=ssd"
+        ],
+        "MemTotal": 2099236864,
+        "MemoryLimit": true,
+        "NCPU": 1,
+        "NEventsListener": 0,
+        "NFd": 11,
+        "NGoroutines": 21,
+        "Name": "prod-server-42",
+        "NoProxy": "9.81.1.160",
+        "OomKillDisable": true,
+        "OperatingSystem": "Boot2Docker",
+        "RegistryConfig": {
+            "IndexConfigs": {
+                "docker.io": {
+                    "Mirrors": null,
+                    "Name": "docker.io",
+                    "Official": true,
+                    "Secure": true
+                }
+            },
+            "InsecureRegistryCIDRs": [
+                "127.0.0.0/8"
+            ]
+        },
+        "SwapLimit": false,
+        "SystemTime": "2015-03-10T11:11:23.730591467-07:00"
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Show the docker version information
+
+`GET /version`
+
+Show the docker version information
+
+**Example request**:
+
+    GET /version HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+         "Version": "1.5.0",
+         "Os": "linux",
+         "KernelVersion": "3.18.5-tinycore64",
+         "GoVersion": "go1.4.1",
+         "GitCommit": "a8a31ef",
+         "Arch": "amd64",
+         "ApiVersion": "1.19"
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Ping the docker server
+
+`GET /_ping`
+
+Ping the docker server
+
+**Example request**:
+
+    GET /_ping HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: text/plain
+
+    OK
+
+Status Codes:
+
+-   **200** - no error
+-   **500** - server error
+
+### Create a new image from a container's changes
+
+`POST /commit`
+
+Create a new image from a container's changes
+
+**Example request**:
+
+    POST /commit?container=44c004db4b17&comment=message&repo=myrepo HTTP/1.1
+    Content-Type: application/json
+
+    {
+         "Hostname": "",
+         "Domainname": "",
+         "User": "",
+         "AttachStdin": false,
+         "AttachStdout": true,
+         "AttachStderr": true,
+         "PortSpecs": null,
+         "Tty": false,
+         "OpenStdin": false,
+         "StdinOnce": false,
+         "Env": null,
+         "Cmd": [
+                 "date"
+         ],
+         "Volumes": {
+                 "/tmp": {}
+         },
+         "Labels": {
+                 "key1": "value1",
+                 "key2": "value2"
+          },
+         "WorkingDir": "",
+         "NetworkDisabled": false,
+         "ExposedPorts": {
+                 "22/tcp": {}
+         }
+    }
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+    Content-Type: application/json
+
+    {"Id": "596069db4bf5"}
+
+Json Parameters:
+
+-  **config** - the container's configuration
+
+Query Parameters:
+
+-   **container** – source container
+-   **repo** – repository
+-   **tag** – tag
+-   **comment** – commit message
+-   **author** – author (e.g., "John Hannibal Smith
+    <[hannibal@a-team.com](mailto:hannibal%40a-team.com)>")
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Monitor Docker's events
+
+`GET /events`
+
+Get container events from docker, either in real time via streaming, or via
+polling (using since).
+
+Docker containers report the following events:
+
+    attach, commit, copy, create, destroy, die, exec_create, exec_start, export, kill, oom, pause, rename, resize, restart, start, stop, top, unpause
+
+and Docker images report:
+
+    untag, delete
+
+**Example request**:
+
+    GET /events?since=1374067924
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"status": "create", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067924}
+    {"status": "start", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067924}
+    {"status": "stop", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067966}
+    {"status": "destroy", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067970}
+
+Query Parameters:
+
+-   **since** – Timestamp used for polling
+-   **until** – Timestamp used for polling
+-   **filters** – A json encoded value of the filters (a map[string][]string) to process on the event list. Available filters:
+  -   `event=<string>`; -- event to filter
+  -   `image=<string>`; -- image to filter
+  -   `container=<string>`; -- container to filter
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images in a repository
+
+`GET /images/(name)/get`
+
+Get a tarball containing all images and metadata for the repository specified
+by `name`.
+
+If `name` is a specific name and tag (e.g. ubuntu:latest), then only that image
+(and its parents) are returned. If `name` is an image ID, similarly only that
+image (and its parents) are returned, but with the exclusion of the
+'repositories' file in the tarball, as there were no image names referenced.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+    GET /images/ubuntu/get
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/x-tar
+
+    Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images.
+
+`GET /images/get`
+
+Get a tarball containing all images and metadata for one or more repositories.
+
+For each value of the `names` parameter: if it is a specific name and tag (e.g.
+`ubuntu:latest`), then only that image (and its parents) are returned; if it is
+an image ID, similarly only that image (and its parents) are returned and there
+would be no names referenced in the 'repositories' file for this image ID.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+    GET /images/get?names=myname%2Fmyapp%3Alatest&names=busybox
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/x-tar
+
+    Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Load a tarball with a set of images and tags into docker
+
+`POST /images/load`
+
+Load a set of images and tags into a Docker repository.
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+    POST /images/load
+
+    Tarball in body
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Image tarball format
+
+An image tarball contains one directory per image layer (named using its long ID),
+each containing these files:
+
+- `VERSION`: currently `1.0` - the file format version
+- `json`: detailed layer information, similar to `docker inspect layer_id`
+- `layer.tar`: A tarfile containing the filesystem changes in this layer
+
+The `layer.tar` file contains `aufs` style `.wh..wh.aufs` files and directories
+for storing attribute changes and deletions.
+
+If the tarball defines a repository, the tarball should also include a `repositories` file at
+the root that contains a list of repository and tag names mapped to layer IDs.
+
+```
+{"hello-world":
+    {"latest": "565a9d68a73f6706862bfe8409a7f659776d4d60a8d096eb4a3cbce6999cc2a1"}
+}
+```
+
+### Exec Create
+
+`POST /containers/(id or name)/exec`
+
+Sets up an exec instance in a running container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/exec HTTP/1.1
+    Content-Type: application/json
+
+      {
+       "AttachStdin": false,
+       "AttachStdout": true,
+       "AttachStderr": true,
+       "Tty": false,
+       "Cmd": [
+                     "date"
+             ],
+      }
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+    Content-Type: application/json
+
+    {
+         "Id": "f90e34656806",
+         "Warnings":[]
+    }
+
+Json Parameters:
+
+-   **AttachStdin** - Boolean value, attaches to `stdin` of the `exec` command.
+-   **AttachStdout** - Boolean value, attaches to `stdout` of the `exec` command.
+-   **AttachStderr** - Boolean value, attaches to `stderr` of the `exec` command.
+-   **Tty** - Boolean value to allocate a pseudo-TTY.
+-   **Cmd** - Command to run specified as a string or an array of strings.
+
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+
+### Exec Start
+
+`POST /exec/(id)/start`
+
+Starts a previously set up `exec` instance `id`. If `detach` is true, this API
+returns after starting the `exec` command. Otherwise, this API sets up an
+interactive session with the `exec` command.
+
+**Example request**:
+
+    POST /exec/e90e34656806/start HTTP/1.1
+    Content-Type: application/json
+
+    {
+     "Detach": false,
+     "Tty": false,
+    }
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/vnd.docker.raw-stream
+
+    {{ STREAM }}
+
+Json Parameters:
+
+-   **Detach** - Detach from the `exec` command.
+-   **Tty** - Boolean value to allocate a pseudo-TTY.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such exec instance
+
+    **Stream details**:
+    Similar to the stream behavior of `POST /containers/(id or name)/attach` API
+
+### Exec Resize
+
+`POST /exec/(id)/resize`
+
+Resizes the `tty` session used by the `exec` command `id`.
+This API is valid only if `tty` was specified as part of creating and starting the `exec` command.
+
+**Example request**:
+
+    POST /exec/e90e34656806/resize HTTP/1.1
+    Content-Type: text/plain
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+    Content-Type: text/plain
+
+Query Parameters:
+
+-   **h** – height of `tty` session
+-   **w** – width
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such exec instance
+
+### Exec Inspect
+
+`GET /exec/(id)/json`
+
+Return low-level information about the `exec` command `id`.
+
+**Example request**:
+
+    GET /exec/11fb006128e8ceb3942e7c58d77750f24210e35f879dd204ac975c184b820b39/json HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: plain/text
+
+    {
+      "ID" : "11fb006128e8ceb3942e7c58d77750f24210e35f879dd204ac975c184b820b39",
+      "Running" : false,
+      "ExitCode" : 2,
+      "ProcessConfig" : {
+        "privileged" : false,
+        "user" : "",
+        "tty" : false,
+        "entrypoint" : "sh",
+        "arguments" : [
+          "-c",
+          "exit 2"
+        ]
+      },
+      "OpenStdin" : false,
+      "OpenStderr" : false,
+      "OpenStdout" : false,
+      "Container" : {
+        "State" : {
+          "Running" : true,
+          "Paused" : false,
+          "Restarting" : false,
+          "OOMKilled" : false,
+          "Pid" : 3650,
+          "ExitCode" : 0,
+          "Error" : "",
+          "StartedAt" : "2014-11-17T22:26:03.717657531Z",
+          "FinishedAt" : "0001-01-01T00:00:00Z"
+        },
+        "ID" : "8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c",
+        "Created" : "2014-11-17T22:26:03.626304998Z",
+        "Path" : "date",
+        "Args" : [],
+        "Config" : {
+          "Hostname" : "8f177a186b97",
+          "Domainname" : "",
+          "User" : "",
+          "AttachStdin" : false,
+          "AttachStdout" : false,
+          "AttachStderr" : false,
+          "PortSpecs": null,
+          "ExposedPorts" : null,
+          "Tty" : false,
+          "OpenStdin" : false,
+          "StdinOnce" : false,
+          "Env" : [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ],
+          "Cmd" : [
+            "date"
+          ],
+          "Image" : "ubuntu",
+          "Volumes" : null,
+          "WorkingDir" : "",
+          "Entrypoint" : null,
+          "NetworkDisabled" : false,
+          "MacAddress" : "",
+          "OnBuild" : null,
+          "SecurityOpt" : null
+        },
+        "Image" : "5506de2b643be1e6febbf3b8a240760c6843244c41e12aa2f60ccbb7153d17f5",
+        "NetworkSettings" : {
+          "IPAddress" : "172.17.0.2",
+          "IPPrefixLen" : 16,
+          "MacAddress" : "02:42:ac:11:00:02",
+          "Gateway" : "172.17.42.1",
+          "Bridge" : "docker0",
+          "PortMapping" : null,
+          "Ports" : {}
+        },
+        "ResolvConfPath" : "/var/lib/docker/containers/8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c/resolv.conf",
+        "HostnamePath" : "/var/lib/docker/containers/8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c/hostname",
+        "HostsPath" : "/var/lib/docker/containers/8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c/hosts",
+        "LogPath": "/var/lib/docker/containers/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b-json.log",
+        "Name" : "/test",
+        "Driver" : "aufs",
+        "ExecDriver" : "native-0.2",
+        "MountLabel" : "",
+        "ProcessLabel" : "",
+        "AppArmorProfile" : "",
+        "RestartCount" : 0,
+        "Volumes" : {},
+        "VolumesRW" : {}
+      }
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such exec instance
+-   **500** - server error
+
+# 3. Going further
+
+## 3.1 Inside `docker run`
+
+As an example, the `docker run` command line makes the following API calls:
+
+- Create the container
+
+- If the status code is 404, it means the image doesn't exist:
+    - Try to pull it.
+    - Then, retry to create the container.
+
+- Start the container.
+
+- If you are not in detached mode:
+- Attach to the container, using `logs=1` (to have `stdout` and
+      `stderr` from the container's start) and `stream=1`
+
+- If in detached mode or only `stdin` is attached, display the container's id.
+
+## 3.2 Hijacking
+
+In this version of the API, `/attach`, uses hijacking to transport `stdin`,
+`stdout`, and `stderr` on the same socket.
+
+To hint potential proxies about connection hijacking, Docker client sends
+connection upgrade headers similarly to websocket.
+
+    Upgrade: tcp
+    Connection: Upgrade
+
+When Docker daemon detects the `Upgrade` header, it switches its status code
+from **200 OK** to **101 UPGRADED** and resends the same headers.
+
+
+## 3.3 CORS Requests
+
+To set cross origin requests to the remote api please give values to
+`--api-cors-header` when running Docker in daemon mode. Set * (asterisk) allows all,
+default or blank means CORS disabled
+
+    $ docker -d -H="192.168.1.9:2375" --api-cors-header="http://foo.bar"
diff --git a/docs/reference/api/docker_remote_api_v1.20.md b/docs/reference/api/docker_remote_api_v1.20.md
new file mode 100644
index 00000000..dd47ff7f
--- /dev/null
+++ b/docs/reference/api/docker_remote_api_v1.20.md
@@ -0,0 +1,2346 @@
+<!--[metadata]>
++++
+title = "Remote API v1.20"
+description = "API Documentation for Docker"
+keywords = ["API, Docker, rcli, REST,  documentation"]
+[menu.main]
+parent="engine_remoteapi"
+weight = 1
++++
+<![end-metadata]-->
+
+# Docker Remote API v1.20
+
+## 1. Brief introduction
+
+ - The Remote API has replaced `rcli`.
+ - The daemon listens on `unix:///var/run/docker.sock` but you can
+   [Bind Docker to another host/port or a Unix socket](../../quickstart.md#bind-docker-to-another-host-port-or-a-unix-socket).
+ - The API tends to be REST. However, for some complex commands, like `attach`
+   or `pull`, the HTTP connection is hijacked to transport `stdout`,
+   `stdin` and `stderr`.
+ - When the client API version is newer than the daemon's, these calls return an HTTP
+   `400 Bad Request` error message.
+
+# 2. Endpoints
+
+## 2.1 Containers
+
+### List containers
+
+`GET /containers/json`
+
+List containers
+
+**Example request**:
+
+    GET /containers/json?all=1&before=8dfafdbc3a40&size=1 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+         {
+                 "Id": "8dfafdbc3a40",
+                 "Names":["/boring_feynman"],
+                 "Image": "ubuntu:latest",
+                 "Command": "echo 1",
+                 "Created": 1367854155,
+                 "Status": "Exit 0",
+                 "Ports": [{"PrivatePort": 2222, "PublicPort": 3333, "Type": "tcp"}],
+                 "Labels": {
+                         "com.example.vendor": "Acme",
+                         "com.example.license": "GPL",
+                         "com.example.version": "1.0"
+                 },
+                 "SizeRw": 12288,
+                 "SizeRootFs": 0
+         },
+         {
+                 "Id": "9cd87474be90",
+                 "Names":["/coolName"],
+                 "Image": "ubuntu:latest",
+                 "Command": "echo 222222",
+                 "Created": 1367854155,
+                 "Status": "Exit 0",
+                 "Ports": [],
+                 "Labels": {},
+                 "SizeRw": 12288,
+                 "SizeRootFs": 0
+         },
+         {
+                 "Id": "3176a2479c92",
+                 "Names":["/sleepy_dog"],
+                 "Image": "ubuntu:latest",
+                 "Command": "echo 3333333333333333",
+                 "Created": 1367854154,
+                 "Status": "Exit 0",
+                 "Ports":[],
+                 "Labels": {},
+                 "SizeRw":12288,
+                 "SizeRootFs":0
+         },
+         {
+                 "Id": "4cb07b47f9fb",
+                 "Names":["/running_cat"],
+                 "Image": "ubuntu:latest",
+                 "Command": "echo 444444444444444444444444444444444",
+                 "Created": 1367854152,
+                 "Status": "Exit 0",
+                 "Ports": [],
+                 "Labels": {},
+                 "SizeRw": 12288,
+                 "SizeRootFs": 0
+         }
+    ]
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, Show all containers.
+        Only running containers are shown by default (i.e., this defaults to false)
+-   **limit** – Show `limit` last created
+        containers, include non-running ones.
+-   **since** – Show only containers created since Id, include
+        non-running ones.
+-   **before** – Show only containers created before Id, include
+        non-running ones.
+-   **size** – 1/True/true or 0/False/false, Show the containers
+        sizes
+-   **filters** - a JSON encoded value of the filters (a `map[string][]string`) to process on the containers list. Available filters:
+  -   `exited=<int>`; -- containers with exit code of  `<int>` ;
+  -   `status=`(`created`|`restarting`|`running`|`paused`|`exited`)
+  -   `label=key` or `label="key=value"` of a container label
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **500** – server error
+
+### Create a container
+
+`POST /containers/create`
+
+Create a container
+
+**Example request**:
+
+    POST /containers/create HTTP/1.1
+    Content-Type: application/json
+
+    {
+           "Hostname": "",
+           "Domainname": "",
+           "User": "",
+           "AttachStdin": false,
+           "AttachStdout": true,
+           "AttachStderr": true,
+           "Tty": false,
+           "OpenStdin": false,
+           "StdinOnce": false,
+           "Env": [
+                   "FOO=bar",
+                   "BAZ=quux"
+           ],
+           "Cmd": [
+                   "date"
+           ],
+           "Entrypoint": "",
+           "Image": "ubuntu",
+           "Labels": {
+                   "com.example.vendor": "Acme",
+                   "com.example.license": "GPL",
+                   "com.example.version": "1.0"
+           },
+           "Volumes": {
+             "/volumes/data": {}
+           },
+           "WorkingDir": "",
+           "NetworkDisabled": false,
+           "MacAddress": "12:34:56:78:9a:bc",
+           "ExposedPorts": {
+                   "22/tcp": {}
+           },
+           "HostConfig": {
+             "Binds": ["/tmp:/tmp"],
+             "Links": ["redis3:redis"],
+             "LxcConf": {"lxc.utsname":"docker"},
+             "Memory": 0,
+             "MemorySwap": 0,
+             "CpuShares": 512,
+             "CpuPeriod": 100000,
+             "CpuQuota": 50000,
+             "CpusetCpus": "0,1",
+             "CpusetMems": "0,1",
+             "BlkioWeight": 300,
+             "MemorySwappiness": 60,
+             "OomKillDisable": false,
+             "PortBindings": { "22/tcp": [{ "HostPort": "11022" }] },
+             "PublishAllPorts": false,
+             "Privileged": false,
+             "ReadonlyRootfs": false,
+             "Dns": ["8.8.8.8"],
+             "DnsSearch": [""],
+             "ExtraHosts": null,
+             "VolumesFrom": ["parent", "other:ro"],
+             "CapAdd": ["NET_ADMIN"],
+             "CapDrop": ["MKNOD"],
+             "GroupAdd": ["newgroup"],
+             "RestartPolicy": { "Name": "", "MaximumRetryCount": 0 },
+             "NetworkMode": "bridge",
+             "Devices": [],
+             "Ulimits": [{}],
+             "LogConfig": { "Type": "json-file", "Config": {} },
+             "SecurityOpt": [],
+             "CgroupParent": ""
+          }
+      }
+
+**Example response**:
+
+      HTTP/1.1 201 Created
+      Content-Type: application/json
+
+      {
+           "Id":"e90e34656806",
+           "Warnings":[]
+      }
+
+Json Parameters:
+
+-   **Hostname** - A string value containing the hostname to use for the
+      container.
+-   **Domainname** - A string value containing the domain name to use
+      for the container.
+-   **User** - A string value specifying the user inside the container.
+-   **Memory** - Memory limit in bytes.
+-   **MemorySwap** - Total memory limit (memory + swap); set `-1` to enable unlimited swap.
+      You must use this with `memory` and make the swap value larger than `memory`.
+-   **CpuShares** - An integer value containing the container's CPU Shares
+      (ie. the relative weight vs other containers).
+-   **CpuPeriod** - The length of a CPU period in microseconds.
+-   **CpuQuota** - Microseconds of CPU time that the container can get in a CPU period.
+-   **Cpuset** - Deprecated please don't use. Use `CpusetCpus` instead. 
+-   **CpusetCpus** - String value containing the `cgroups CpusetCpus` to use.
+-   **CpusetMems** - Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems.
+-   **BlkioWeight** - Block IO weight (relative weight) accepts a weight value between 10 and 1000.
+-   **MemorySwappiness** - Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100.
+-   **OomKillDisable** - Boolean value, whether to disable OOM Killer for the container or not.
+-   **AttachStdin** - Boolean value, attaches to `stdin`.
+-   **AttachStdout** - Boolean value, attaches to `stdout`.
+-   **AttachStderr** - Boolean value, attaches to `stderr`.
+-   **Tty** - Boolean value, Attach standard streams to a `tty`, including `stdin` if it is not closed.
+-   **OpenStdin** - Boolean value, opens stdin,
+-   **StdinOnce** - Boolean value, close `stdin` after the 1 attached client disconnects.
+-   **Env** - A list of environment variables in the form of `["VAR=value"[,"VAR2=value2"]]`
+-   **Labels** - Adds a map of labels to a container. To specify a map: `{"key":"value"[,"key2":"value2"]}`
+-   **Cmd** - Command to run specified as a string or an array of strings.
+-   **Entrypoint** - Set the entry point for the container as a string or an array
+      of strings.
+-   **Image** - A string specifying the image name to use for the container.
+-   **Volumes** - An object mapping mount point paths (strings) inside the
+      container to empty objects.
+-   **WorkingDir** - A string specifying the working directory for commands to
+      run in.
+-   **NetworkDisabled** - Boolean value, when true disables networking for the
+      container
+-   **ExposedPorts** - An object mapping ports to an empty object in the form of:
+      `"ExposedPorts": { "<port>/<tcp|udp>: {}" }`
+-   **HostConfig**
+    -   **Binds** – A list of volume bindings for this container. Each volume binding is a string in one of these forms:
+           + `container_path` to create a new volume for the container
+           + `host_path:container_path` to bind-mount a host path into the container
+           + `host_path:container_path:ro` to make the bind-mount read-only inside the container.
+    -   **Links** - A list of links for the container. Each link entry should be
+          in the form of `container_name:alias`.
+    -   **LxcConf** - LXC specific configurations. These configurations only
+          work when using the `lxc` execution driver.
+    -   **PortBindings** - A map of exposed container ports and the host port they
+          should map to. A JSON object in the form
+          `{ <port>/<protocol>: [{ "HostPort": "<port>" }] }`
+          Take note that `port` is specified as a string and not an integer value.
+    -   **PublishAllPorts** - Allocates a random host port for all of a container's
+          exposed ports. Specified as a boolean value.
+    -   **Privileged** - Gives the container full access to the host. Specified as
+          a boolean value.
+    -   **ReadonlyRootfs** - Mount the container's root filesystem as read only.
+          Specified as a boolean value.
+    -   **Dns** - A list of DNS servers for the container to use.
+    -   **DnsSearch** - A list of DNS search domains
+    -   **ExtraHosts** - A list of hostnames/IP mappings to add to the
+        container's `/etc/hosts` file. Specified in the form `["hostname:IP"]`.
+    -   **VolumesFrom** - A list of volumes to inherit from another container.
+          Specified in the form `<container name>[:<ro|rw>]`
+    -   **CapAdd** - A list of kernel capabilities to add to the container.
+    -   **Capdrop** - A list of kernel capabilities to drop from the container.
+    -   **GroupAdd** - A list of additional groups that the container process will run as
+    -   **RestartPolicy** – The behavior to apply when the container exits.  The
+            value is an object with a `Name` property of either `"always"` to
+            always restart or `"on-failure"` to restart only when the container
+            exit code is non-zero.  If `on-failure` is used, `MaximumRetryCount`
+            controls the number of times to retry before giving up.
+            The default is not to restart. (optional)
+            An ever increasing delay (double the previous delay, starting at 100mS)
+            is added before each restart to prevent flooding the server.
+    -   **NetworkMode** - Sets the networking mode for the container. Supported
+          values are: `bridge`, `host`, `none`, and `container:<name|id>`
+    -   **Devices** - A list of devices to add to the container specified as a JSON object in the
+      form
+          `{ "PathOnHost": "/dev/deviceName", "PathInContainer": "/dev/deviceName", "CgroupPermissions": "mrw"}`
+    -   **Ulimits** - A list of ulimits to set in the container, specified as
+          `{ "Name": <name>, "Soft": <soft limit>, "Hard": <hard limit> }`, for example:
+          `Ulimits: { "Name": "nofile", "Soft": 1024, "Hard": 2048 }`
+    -   **SecurityOpt**: A list of string values to customize labels for MLS
+        systems, such as SELinux.
+    -   **LogConfig** - Log configuration for the container, specified as a JSON object in the form
+          `{ "Type": "<driver_name>", "Config": {"key1": "val1"}}`.
+          Available types: `json-file`, `syslog`, `journald`, `gelf`, `none`.
+          `json-file` logging driver.
+    -   **CgroupParent** - Path to `cgroups` under which the container's `cgroup` is created. If the path is not absolute, the path is considered to be relative to the `cgroups` path of the init process. Cgroups are created if they do not already exist.
+
+Query Parameters:
+
+-   **name** – Assign the specified name to the container. Must
+    match `/?[a-zA-Z0-9_-]+`.
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **406** – impossible to attach (container not running)
+-   **500** – server error
+
+### Inspect a container
+
+`GET /containers/(id or name)/json`
+
+Return low-level information on the container `id`
+
+
+**Example request**:
+
+      GET /containers/4fa6e0f0c678/json HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+		"AppArmorProfile": "",
+		"Args": [
+			"-c",
+			"exit 9"
+		],
+		"Config": {
+			"AttachStderr": true,
+			"AttachStdin": false,
+			"AttachStdout": true,
+			"Cmd": [
+				"/bin/sh",
+				"-c",
+				"exit 9"
+			],
+			"Domainname": "",
+			"Entrypoint": null,
+			"Env": [
+				"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+			],
+			"ExposedPorts": null,
+			"Hostname": "ba033ac44011",
+			"Image": "ubuntu",
+			"Labels": {
+				"com.example.vendor": "Acme",
+				"com.example.license": "GPL",
+				"com.example.version": "1.0"
+			},
+			"MacAddress": "",
+			"NetworkDisabled": false,
+			"OnBuild": null,
+			"OpenStdin": false,
+			"StdinOnce": false,
+			"Tty": false,
+			"User": "",
+			"Volumes": null,
+			"WorkingDir": ""
+		},
+		"Created": "2015-01-06T15:47:31.485331387Z",
+		"Driver": "devicemapper",
+		"ExecDriver": "native-0.2",
+		"ExecIDs": null,
+		"HostConfig": {
+			"Binds": null,
+			"BlkioWeight": 0,
+			"CapAdd": null,
+			"CapDrop": null,
+			"ContainerIDFile": "",
+			"CpusetCpus": "",
+			"CpusetMems": "",
+			"CpuShares": 0,
+			"CpuPeriod": 100000,
+			"Devices": [],
+			"Dns": null,
+			"DnsSearch": null,
+			"ExtraHosts": null,
+			"IpcMode": "",
+			"Links": null,
+			"LxcConf": [],
+			"Memory": 0,
+			"MemorySwap": 0,
+			"OomKillDisable": false,
+			"NetworkMode": "bridge",
+			"PortBindings": {},
+			"Privileged": false,
+			"ReadonlyRootfs": false,
+			"PublishAllPorts": false,
+			"RestartPolicy": {
+				"MaximumRetryCount": 2,
+				"Name": "on-failure"
+			},
+			"LogConfig": {
+				"Config": null,
+				"Type": "json-file"
+			},
+			"SecurityOpt": null,
+			"VolumesFrom": null,
+			"Ulimits": [{}]
+		},
+		"HostnamePath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/hostname",
+		"HostsPath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/hosts",
+		"LogPath": "/var/lib/docker/containers/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b-json.log",
+		"Id": "ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39",
+		"Image": "04c5d3b7b0656168630d3ba35d8889bd0e9caafcaeb3004d2bfbc47e7c5d35d2",
+		"MountLabel": "",
+		"Name": "/boring_euclid",
+		"NetworkSettings": {
+			"Bridge": "",
+			"Gateway": "",
+			"IPAddress": "",
+			"IPPrefixLen": 0,
+			"MacAddress": "",
+			"PortMapping": null,
+			"Ports": null
+		},
+		"Path": "/bin/sh",
+		"ProcessLabel": "",
+		"ResolvConfPath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/resolv.conf",
+		"RestartCount": 1,
+		"State": {
+			"Error": "",
+			"ExitCode": 9,
+			"FinishedAt": "2015-01-06T15:47:32.080254511Z",
+			"OOMKilled": false,
+			"Paused": false,
+			"Pid": 0,
+			"Restarting": false,
+			"Running": false,
+			"StartedAt": "2015-01-06T15:47:32.072697474Z"
+		},
+		"Mounts": [
+			{
+				"Source": "/data",
+				"Destination": "/data",
+				"Mode": "ro,Z",
+				"RW": false
+			}
+		]
+	}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### List processes running inside a container
+
+`GET /containers/(id or name)/top`
+
+List processes running inside the container `id`. On Unix systems this
+is done by running the `ps` command. This endpoint is not
+supported on Windows.
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+       "Titles" : [
+         "UID", "PID", "PPID", "C", "STIME", "TTY", "TIME", "CMD"
+       ],
+       "Processes" : [
+         [
+           "root", "13642", "882", "0", "17:03", "pts/0", "00:00:00", "/bin/bash"
+         ],
+         [
+           "root", "13735", "13642", "0", "17:06", "pts/0", "00:00:00", "sleep 10"
+         ]
+       ]
+    }
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top?ps_args=aux HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+      "Titles" : [
+        "USER","PID","%CPU","%MEM","VSZ","RSS","TTY","STAT","START","TIME","COMMAND"
+      ]
+      "Processes" : [
+        [
+          "root","13642","0.0","0.1","18172","3184","pts/0","Ss","17:03","0:00","/bin/bash"
+        ],
+        [
+          "root","13895","0.0","0.0","4348","692","pts/0","S+","17:15","0:00","sleep 10"
+        ]
+      ],
+    }
+
+Query Parameters:
+
+-   **ps_args** – `ps` arguments to use (e.g., `aux`), defaults to `-ef`
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Get container logs
+
+`GET /containers/(id or name)/logs`
+
+Get `stdout` and `stderr` logs from the container ``id``
+
+> **Note**:
+> This endpoint works only for containers with the `json-file` or `journald` logging drivers.
+
+**Example request**:
+
+     GET /containers/4fa6e0f0c678/logs?stderr=1&stdout=1&timestamps=1&follow=1&tail=10&since=1428990821 HTTP/1.1
+
+**Example response**:
+
+     HTTP/1.1 101 UPGRADED
+     Content-Type: application/vnd.docker.raw-stream
+     Connection: Upgrade
+     Upgrade: tcp
+
+     {{ STREAM }}
+
+Query Parameters:
+
+-   **follow** – 1/True/true or 0/False/false, return stream. Default `false`.
+-   **stdout** – 1/True/true or 0/False/false, show `stdout` log. Default `false`.
+-   **stderr** – 1/True/true or 0/False/false, show `stderr` log. Default `false`.
+-   **since** – UNIX timestamp (integer) to filter logs. Specifying a timestamp
+    will only output log-entries since that timestamp. Default: 0 (unfiltered)
+-   **timestamps** – 1/True/true or 0/False/false, print timestamps for
+        every log line. Default `false`.
+-   **tail** – Output specified number of lines at the end of logs: `all` or `<number>`. Default all.
+
+Status Codes:
+
+-   **101** – no error, hints proxy about hijacking
+-   **200** – no error, no upgrade header found
+-   **404** – no such container
+-   **500** – server error
+
+### Inspect changes on a container's filesystem
+
+`GET /containers/(id or name)/changes`
+
+Inspect changes on container `id`'s filesystem
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/changes HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+         {
+                 "Path": "/dev",
+                 "Kind": 0
+         },
+         {
+                 "Path": "/dev/kmsg",
+                 "Kind": 1
+         },
+         {
+                 "Path": "/test",
+                 "Kind": 1
+         }
+    ]
+
+Values for `Kind`:
+
+- `0`: Modify
+- `1`: Add
+- `2`: Delete
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Export a container
+
+`GET /containers/(id or name)/export`
+
+Export the contents of container `id`
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/export HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/octet-stream
+
+    {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Get container stats based on resource usage
+
+`GET /containers/(id or name)/stats`
+
+This endpoint returns a live stream of a container's resource usage statistics.
+
+**Example request**:
+
+    GET /containers/redis1/stats HTTP/1.1
+
+**Example response**:
+
+      HTTP/1.1 200 OK
+      Content-Type: application/json
+
+      {
+         "read" : "2015-01-08T22:57:31.547920715Z",
+         "network" : {
+            "rx_dropped" : 0,
+            "rx_bytes" : 648,
+            "rx_errors" : 0,
+            "tx_packets" : 8,
+            "tx_dropped" : 0,
+            "rx_packets" : 8,
+            "tx_errors" : 0,
+            "tx_bytes" : 648
+         },
+         "memory_stats" : {
+            "stats" : {
+               "total_pgmajfault" : 0,
+               "cache" : 0,
+               "mapped_file" : 0,
+               "total_inactive_file" : 0,
+               "pgpgout" : 414,
+               "rss" : 6537216,
+               "total_mapped_file" : 0,
+               "writeback" : 0,
+               "unevictable" : 0,
+               "pgpgin" : 477,
+               "total_unevictable" : 0,
+               "pgmajfault" : 0,
+               "total_rss" : 6537216,
+               "total_rss_huge" : 6291456,
+               "total_writeback" : 0,
+               "total_inactive_anon" : 0,
+               "rss_huge" : 6291456,
+               "hierarchical_memory_limit" : 67108864,
+               "total_pgfault" : 964,
+               "total_active_file" : 0,
+               "active_anon" : 6537216,
+               "total_active_anon" : 6537216,
+               "total_pgpgout" : 414,
+               "total_cache" : 0,
+               "inactive_anon" : 0,
+               "active_file" : 0,
+               "pgfault" : 964,
+               "inactive_file" : 0,
+               "total_pgpgin" : 477
+            },
+            "max_usage" : 6651904,
+            "usage" : 6537216,
+            "failcnt" : 0,
+            "limit" : 67108864
+         },
+         "blkio_stats" : {},
+         "cpu_stats" : {
+            "cpu_usage" : {
+               "percpu_usage" : [
+                  8646879,
+                  24472255,
+                  36438778,
+                  30657443
+               ],
+               "usage_in_usermode" : 50000000,
+               "total_usage" : 100215355,
+               "usage_in_kernelmode" : 30000000
+            },
+            "system_cpu_usage" : 739306590000000,
+            "throttling_data" : {"periods":0,"throttled_periods":0,"throttled_time":0}
+         },
+         "precpu_stats" : {
+            "cpu_usage" : {
+               "percpu_usage" : [
+                  8646879,
+                  24350896,
+                  36438778,
+                  30657443
+               ],
+               "usage_in_usermode" : 50000000,
+               "total_usage" : 100093996,
+               "usage_in_kernelmode" : 30000000
+            },
+            "system_cpu_usage" : 9492140000000,
+            "throttling_data" : {"periods":0,"throttled_periods":0,"throttled_time":0}
+         }
+      }
+
+The precpu_stats is the cpu statistic of last read, which is used for calculating the cpu usage percent. It is not the exact copy of the “cpu_stats” field.
+
+Query Parameters:
+
+-   **stream** – 1/True/true or 0/False/false, pull stats once then disconnect. Default `true`.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Resize a container TTY
+
+`POST /containers/(id or name)/resize?h=<height>&w=<width>`
+
+Resize the TTY for container with  `id`. You must restart the container for the resize to take effect.
+
+**Example request**:
+
+      POST /containers/4fa6e0f0c678/resize?h=40&w=80 HTTP/1.1
+
+**Example response**:
+
+      HTTP/1.1 200 OK
+      Content-Length: 0
+      Content-Type: text/plain; charset=utf-8
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – No such container
+-   **500** – Cannot resize container
+
+### Start a container
+
+`POST /containers/(id or name)/start`
+
+Start the container `id`
+
+> **Note**:
+> For backwards compatibility, this endpoint accepts a `HostConfig` as JSON-encoded request body.
+> See [create a container](#create-a-container) for details.
+
+**Example request**:
+
+    POST /containers/e90e34656806/start HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already started
+-   **404** – no such container
+-   **500** – server error
+
+### Stop a container
+
+`POST /containers/(id or name)/stop`
+
+Stop the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/stop?t=5 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already stopped
+-   **404** – no such container
+-   **500** – server error
+
+### Restart a container
+
+`POST /containers/(id or name)/restart`
+
+Restart the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/restart?t=5 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Kill a container
+
+`POST /containers/(id or name)/kill`
+
+Kill the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/kill HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters
+
+-   **signal** - Signal to send to the container: integer or string like `SIGINT`.
+        When not set, `SIGKILL` is assumed and the call waits for the container to exit.
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Rename a container
+
+`POST /containers/(id or name)/rename`
+
+Rename the container `id` to a `new_name`
+
+**Example request**:
+
+    POST /containers/e90e34656806/rename?name=new_name HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **name** – new name for the container
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **409** - conflict name already assigned
+-   **500** – server error
+
+### Pause a container
+
+`POST /containers/(id or name)/pause`
+
+Pause the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/pause HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Unpause a container
+
+`POST /containers/(id or name)/unpause`
+
+Unpause the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/unpause HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Attach to a container
+
+`POST /containers/(id or name)/attach`
+
+Attach to the container `id`
+
+**Example request**:
+
+    POST /containers/16253994b7c4/attach?logs=1&stream=0&stdout=1 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 101 UPGRADED
+    Content-Type: application/vnd.docker.raw-stream
+    Connection: Upgrade
+    Upgrade: tcp
+
+    {{ STREAM }}
+
+Query Parameters:
+
+-   **logs** – 1/True/true or 0/False/false, return logs. Default `false`.
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default `false`.
+-   **stdin** – 1/True/true or 0/False/false, if `stream=true`, attach
+        to `stdin`. Default `false`.
+-   **stdout** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stdout` log, if `stream=true`, attach to `stdout`. Default `false`.
+-   **stderr** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
+
+Status Codes:
+
+-   **101** – no error, hints proxy about hijacking
+-   **200** – no error, no upgrade header found
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+    **Stream details**:
+
+    When using the TTY setting is enabled in
+    [`POST /containers/create`
+    ](#create-a-container),
+    the stream is the raw data from the process PTY and client's `stdin`.
+    When the TTY is disabled, then the stream is multiplexed to separate
+    `stdout` and `stderr`.
+
+    The format is a **Header** and a **Payload** (frame).
+
+    **HEADER**
+
+    The header contains the information which the stream writes (`stdout` or
+    `stderr`). It also contains the size of the associated frame encoded in the
+    last four bytes (`uint32`).
+
+    It is encoded on the first eight bytes like this:
+
+        header := [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4}
+
+    `STREAM_TYPE` can be:
+
+-   0: `stdin` (is written on `stdout`)
+-   1: `stdout`
+-   2: `stderr`
+
+    `SIZE1, SIZE2, SIZE3, SIZE4` are the four bytes of
+    the `uint32` size encoded as big endian.
+
+    **PAYLOAD**
+
+    The payload is the raw stream.
+
+    **IMPLEMENTATION**
+
+    The simplest way to implement the Attach protocol is the following:
+
+    1.  Read eight bytes.
+    2.  Choose `stdout` or `stderr` depending on the first byte.
+    3.  Extract the frame size from the last four bytes.
+    4.  Read the extracted size and output it on the correct output.
+    5.  Goto 1.
+
+### Attach to a container (websocket)
+
+`GET /containers/(id or name)/attach/ws`
+
+Attach to the container `id` via websocket
+
+Implements websocket protocol handshake according to [RFC 6455](http://tools.ietf.org/html/rfc6455)
+
+**Example request**
+
+    GET /containers/e90e34656806/attach/ws?logs=0&stream=1&stdin=1&stdout=1&stderr=1 HTTP/1.1
+
+**Example response**
+
+    {{ STREAM }}
+
+Query Parameters:
+
+-   **logs** – 1/True/true or 0/False/false, return logs. Default `false`.
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default `false`.
+-   **stdin** – 1/True/true or 0/False/false, if `stream=true`, attach
+        to `stdin`. Default `false`.
+-   **stdout** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stdout` log, if `stream=true`, attach to `stdout`. Default `false`.
+-   **stderr** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Wait a container
+
+`POST /containers/(id or name)/wait`
+
+Block until container `id` stops, then returns the exit code
+
+**Example request**:
+
+    POST /containers/16253994b7c4/wait HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"StatusCode": 0}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Remove a container
+
+`DELETE /containers/(id or name)`
+
+Remove the container `id` from the filesystem
+
+**Example request**:
+
+    DELETE /containers/16253994b7c4?v=1 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **v** – 1/True/true or 0/False/false, Remove the volumes
+        associated to the container. Default `false`.
+-   **force** - 1/True/true or 0/False/false, Kill then remove the container.
+        Default `false`.
+
+Status Codes:
+
+-   **204** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Copy files or folders from a container
+
+`POST /containers/(id or name)/copy`
+
+Copy files or folders of container `id`
+
+**Deprecated** in favor of the `archive` endpoint below.
+
+**Example request**:
+
+    POST /containers/4fa6e0f0c678/copy HTTP/1.1
+    Content-Type: application/json
+
+    {
+         "Resource": "test.txt"
+    }
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/x-tar
+
+    {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Retrieving information about files and folders in a container
+
+`HEAD /containers/(id or name)/archive`
+
+See the description of the `X-Docker-Container-Path-Stat` header in the
+following section.
+
+### Get an archive of a filesystem resource in a container
+
+`GET /containers/(id or name)/archive`
+
+Get an tar archive of a resource in the filesystem of container `id`.
+
+Query Parameters:
+
+- **path** - resource in the container's filesystem to archive. Required.
+
+    If not an absolute path, it is relative to the container's root directory.
+    The resource specified by **path** must exist. To assert that the resource
+    is expected to be a directory, **path** should end in `/` or  `/.`
+    (assuming a path separator of `/`). If **path** ends in `/.` then this
+    indicates that only the contents of the **path** directory should be
+    copied. A symlink is always resolved to its target.
+
+    **Note**: It is not possible to copy certain system files such as resources
+    under `/proc`, `/sys`, `/dev`, and mounts created by the user in the
+    container.
+
+**Example request**:
+
+        GET /containers/8cce319429b2/archive?path=/root HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/x-tar
+        X-Docker-Container-Path-Stat: eyJuYW1lIjoicm9vdCIsInNpemUiOjQwOTYsIm1vZGUiOjIxNDc0ODQwOTYsIm10aW1lIjoiMjAxNC0wMi0yN1QyMDo1MToyM1oiLCJsaW5rVGFyZ2V0IjoiIn0=
+
+        {{ TAR STREAM }}
+
+On success, a response header `X-Docker-Container-Path-Stat` will be set to a
+base64-encoded JSON object containing some filesystem header information about
+the archived resource. The above example value would decode to the following
+JSON object (whitespace added for readability):
+
+        {
+            "name": "root",
+            "size": 4096,
+            "mode": 2147484096,
+            "mtime": "2014-02-27T20:51:23Z",
+            "linkTarget": ""
+        }
+
+A `HEAD` request can also be made to this endpoint if only this information is
+desired.
+
+Status Codes:
+
+- **200** - success, returns archive of copied resource
+- **400** - client error, bad parameter, details in JSON response body, one of:
+    - must specify path parameter (**path** cannot be empty)
+    - not a directory (**path** was asserted to be a directory but exists as a
+      file)
+- **404** - client error, resource not found, one of:
+    – no such container (container `id` does not exist)
+    - no such file or directory (**path** does not exist)
+- **500** - server error
+
+### Extract an archive of files or folders to a directory in a container
+
+`PUT /containers/(id or name)/archive`
+
+Upload a tar archive to be extracted to a path in the filesystem of container
+`id`.
+
+Query Parameters:
+
+- **path** - path to a directory in the container
+    to extract the archive's contents into. Required.
+
+    If not an absolute path, it is relative to the container's root directory.
+    The **path** resource must exist.
+- **noOverwriteDirNonDir** - If "1", "true", or "True" then it will be an error
+    if unpacking the given content would cause an existing directory to be
+    replaced with a non-directory and vice versa.
+
+**Example request**:
+
+        PUT /containers/8cce319429b2/archive?path=/vol1 HTTP/1.1
+        Content-Type: application/x-tar
+
+        {{ TAR STREAM }}
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+
+Status Codes:
+
+- **200** – the content was extracted successfully
+- **400** - client error, bad parameter, details in JSON response body, one of:
+    - must specify path parameter (**path** cannot be empty)
+    - not a directory (**path** should be a directory but exists as a file)
+    - unable to overwrite existing directory with non-directory
+      (if **noOverwriteDirNonDir**)
+    - unable to overwrite existing non-directory with directory
+      (if **noOverwriteDirNonDir**)
+- **403** - client error, permission denied, the volume
+    or container rootfs is marked as read-only.
+- **404** - client error, resource not found, one of:
+    – no such container (container `id` does not exist)
+    - no such file or directory (**path** resource does not exist)
+- **500** – server error
+
+## 2.2 Images
+
+### List Images
+
+`GET /images/json`
+
+**Example request**:
+
+    GET /images/json?all=0 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+      {
+         "RepoTags": [
+           "ubuntu:12.04",
+           "ubuntu:precise",
+           "ubuntu:latest"
+         ],
+         "Id": "8dbd9e392a964056420e5d58ca5cc376ef18e2de93b5cc90e868a1bbc8318c1c",
+         "Created": 1365714795,
+         "Size": 131506275,
+         "VirtualSize": 131506275,
+         "Labels": {}
+      },
+      {
+         "RepoTags": [
+           "ubuntu:12.10",
+           "ubuntu:quantal"
+         ],
+         "ParentId": "27cf784147099545",
+         "Id": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+         "Created": 1364102658,
+         "Size": 24653,
+         "VirtualSize": 180116135,
+         "Labels": {
+            "com.example.version": "v1"
+         }
+      }
+    ]
+
+**Example request, with digest information**:
+
+    GET /images/json?digests=1 HTTP/1.1
+
+**Example response, with digest information**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+      {
+        "Created": 1420064636,
+        "Id": "4986bf8c15363d1c5d15512d5266f8777bfba4974ac56e3270e7760f6f0a8125",
+        "ParentId": "ea13149945cb6b1e746bf28032f02e9b5a793523481a0a18645fc77ad53c4ea2",
+        "RepoDigests": [
+          "localhost:5000/test/busybox@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf"
+        ],
+        "RepoTags": [
+          "localhost:5000/test/busybox:latest",
+          "playdate:latest"
+        ],
+        "Size": 0,
+        "VirtualSize": 2429728,
+        "Labels": {}
+      }
+    ]
+
+The response shows a single image `Id` associated with two repositories
+(`RepoTags`): `localhost:5000/test/busybox`: and `playdate`. A caller can use
+either of the `RepoTags` values `localhost:5000/test/busybox:latest` or
+`playdate:latest` to reference the image.
+
+You can also use `RepoDigests` values to reference an image. In this response,
+the array has only one reference and that is to the
+`localhost:5000/test/busybox` repository; the `playdate` repository has no
+digest. You can reference this digest using the value:
+`localhost:5000/test/busybox@sha256:cbbf2f9a99b47fc460d...`
+
+See the `docker run` and `docker build` commands for examples of digest and tag
+references on the command line.
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, default false
+-   **filters** – a JSON encoded value of the filters (a map[string][]string) to process on the images list. Available filters:
+  -   `dangling=true`
+  -   `label=key` or `label="key=value"` of an image label
+-   **filter** - only return images with the specified name
+
+### Build image from a Dockerfile
+
+`POST /build`
+
+Build an image from a Dockerfile
+
+**Example request**:
+
+    POST /build HTTP/1.1
+
+    {{ TAR STREAM }}
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"stream": "Step 1..."}
+    {"stream": "..."}
+    {"error": "Error...", "errorDetail": {"code": 123, "message": "Error..."}}
+
+The input stream must be a `tar` archive compressed with one of the
+following algorithms: `identity` (no compression), `gzip`, `bzip2`, `xz`.
+
+The archive must include a build instructions file, typically called
+`Dockerfile` at the archive's root. The `dockerfile` parameter may be
+used to specify a different build instructions file. To do this, its value must be
+the path to the alternate build instructions file to use.
+
+The archive may include any number of other files,
+which are accessible in the build context (See the [*ADD build
+command*](../../reference/builder.md#dockerbuilder)).
+
+The build is canceled if the client drops the connection by quitting
+or being killed.
+
+Query Parameters:
+
+-   **dockerfile** - Path within the build context to the Dockerfile. This is 
+        ignored if `remote` is specified and points to an individual filename.
+-   **t** – A repository name (and optionally a tag) to apply to
+        the resulting image in case of success.
+-   **remote** – A Git repository URI or HTTP/HTTPS URI build source. If the 
+        URI specifies a filename, the file's contents are placed into a file 
+		called `Dockerfile`.
+-   **q** – Suppress verbose build output.
+-   **nocache** – Do not use the cache when building the image.
+-   **pull** - Attempt to pull the image even if an older image exists locally.
+-   **rm** - Remove intermediate containers after a successful build (default behavior).
+-   **forcerm** - Always remove intermediate containers (includes `rm`).
+-   **memory** - Set memory limit for build.
+-   **memswap** - Total memory (memory + swap), `-1` to enable unlimited swap.
+-   **cpushares** - CPU shares (relative weight).
+-   **cpusetcpus** - CPUs in which to allow execution (e.g., `0-3`, `0,1`).
+-   **cpuperiod** - The length of a CPU period in microseconds.
+-   **cpuquota** - Microseconds of CPU time that the container can get in a CPU period.
+
+    Request Headers:
+
+-   **Content-type** – Set to `"application/tar"`.
+-   **X-Registry-Config** – A base64-url-safe-encoded Registry Auth Config JSON
+        object with the following structure:
+
+            {
+                "docker.example.com": {
+                    "username": "janedoe",
+                    "password": "hunter2"
+                },
+                "https://index.docker.io/v1/": {
+                    "username": "mobydock",
+                    "password": "conta1n3rize14"
+                }
+            }
+
+        This object maps the hostname of a registry to an object containing the
+        "username" and "password" for that registry. Multiple registries may
+        be specified as the build may be based on an image requiring
+        authentication to pull from any arbitrary registry. Only the registry
+        domain name (and port if not the default "443") are required. However
+        (for legacy reasons) the "official" Docker, Inc. hosted registry must
+        be specified with both a "https://" prefix and a "/v1/" suffix even
+        though Docker will prefer to use the v2 registry API.
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Create an image
+
+`POST /images/create`
+
+Create an image either by pulling it from the registry or by importing it
+
+**Example request**:
+
+    POST /images/create?fromImage=ubuntu HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"status": "Pulling..."}
+    {"status": "Pulling", "progress": "1 B/ 100 B", "progressDetail": {"current": 1, "total": 100}}
+    {"error": "Invalid..."}
+    ...
+
+When using this endpoint to pull an image from the registry, the
+`X-Registry-Auth` header can be used to include
+a base64-encoded AuthConfig object.
+
+Query Parameters:
+
+-   **fromImage** – Name of the image to pull.
+-   **fromSrc** – Source to import.  The value may be a URL from which the image
+        can be retrieved or `-` to read the image from the request body.
+-   **repo** – Repository name.
+-   **tag** – Tag.
+-   **registry** – The registry to pull from.
+
+    Request Headers:
+
+-   **X-Registry-Auth** – base64-encoded AuthConfig object
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+
+
+### Inspect an image
+
+`GET /images/(name)/json`
+
+Return low-level information on the image `name`
+
+**Example request**:
+
+    GET /images/ubuntu/json HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+         "Created": "2013-03-23T22:24:18.818426-07:00",
+         "Container": "3d67245a8d72ecf13f33dffac9f79dcdf70f75acb84d308770391510e0c23ad0",
+         "ContainerConfig":
+                 {
+                         "Hostname": "",
+                         "User": "",
+                         "AttachStdin": false,
+                         "AttachStdout": false,
+                         "AttachStderr": false,
+                         "Tty": true,
+                         "OpenStdin": true,
+                         "StdinOnce": false,
+                         "Env": null,
+                         "Cmd": ["/bin/bash"],
+                         "Dns": null,
+                         "Image": "ubuntu",
+                         "Labels": {
+                             "com.example.vendor": "Acme",
+                             "com.example.license": "GPL",
+                             "com.example.version": "1.0"
+                         },
+                         "Volumes": null,
+                         "VolumesFrom": "",
+                         "WorkingDir": ""
+                 },
+         "Id": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+         "Parent": "27cf784147099545",
+         "Size": 6824592
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Get the history of an image
+
+`GET /images/(name)/history`
+
+Return the history of the image `name`
+
+**Example request**:
+
+    GET /images/ubuntu/history HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+        {
+            "Id": "3db9c44f45209632d6050b35958829c3a2aa256d81b9a7be45b362ff85c54710",
+            "Created": 1398108230,
+            "CreatedBy": "/bin/sh -c #(nop) ADD file:eb15dbd63394e063b805a3c32ca7bf0266ef64676d5a6fab4801f2e81e2a5148 in /",
+            "Tags": [
+                "ubuntu:lucid",
+                "ubuntu:10.04"
+            ],
+            "Size": 182964289,
+            "Comment": ""
+        },
+        {
+            "Id": "6cfa4d1f33fb861d4d114f43b25abd0ac737509268065cdfd69d544a59c85ab8",
+            "Created": 1398108222,
+            "CreatedBy": "/bin/sh -c #(nop) MAINTAINER Tianon Gravi <admwiggin@gmail.com> - mkimage-debootstrap.sh -i iproute,iputils-ping,ubuntu-minimal -t lucid.tar.xz lucid http://archive.ubuntu.com/ubuntu/",
+            "Tags": null,
+            "Size": 0,
+            "Comment": ""
+        },
+        {
+            "Id": "511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158",
+            "Created": 1371157430,
+            "CreatedBy": "",
+            "Tags": [
+                "scratch12:latest",
+                "scratch:latest"
+            ],
+            "Size": 0,
+            "Comment": "Imported from -"
+        }
+    ]
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Push an image on the registry
+
+`POST /images/(name)/push`
+
+Push the image `name` on the registry
+
+**Example request**:
+
+    POST /images/test/push HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"status": "Pushing..."}
+    {"status": "Pushing", "progress": "1/? (n/a)", "progressDetail": {"current": 1}}}
+    {"error": "Invalid..."}
+    ...
+
+If you wish to push an image on to a private registry, that image must already have a tag
+into a repository which references that registry `hostname` and `port`.  This repository name should
+then be used in the URL. This duplicates the command line's flow.
+
+**Example request**:
+
+    POST /images/registry.acme.com:5000/test/push HTTP/1.1
+
+
+Query Parameters:
+
+-   **tag** – The tag to associate with the image on the registry. This is optional.
+
+Request Headers:
+
+-   **X-Registry-Auth** – Include a base64-encoded AuthConfig.
+        object.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Tag an image into a repository
+
+`POST /images/(name)/tag`
+
+Tag the image `name` into a repository
+
+**Example request**:
+
+    POST /images/test/tag?repo=myrepo&force=0&tag=v42 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+
+Query Parameters:
+
+-   **repo** – The repository to tag in
+-   **force** – 1/True/true or 0/False/false, default false
+-   **tag** - The new tag name
+
+Status Codes:
+
+-   **201** – no error
+-   **400** – bad parameter
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Remove an image
+
+`DELETE /images/(name)`
+
+Remove the image `name` from the filesystem
+
+**Example request**:
+
+    DELETE /images/test HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-type: application/json
+
+    [
+     {"Untagged": "3e2f21a89f"},
+     {"Deleted": "3e2f21a89f"},
+     {"Deleted": "53b4f83ac9"}
+    ]
+
+Query Parameters:
+
+-   **force** – 1/True/true or 0/False/false, default false
+-   **noprune** – 1/True/true or 0/False/false, default false
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Search images
+
+`GET /images/search`
+
+Search for an image on [Docker Hub](https://hub.docker.com).
+
+> **Note**:
+> The response keys have changed from API v1.6 to reflect the JSON
+> sent by the registry server to the docker daemon's request.
+
+**Example request**:
+
+    GET /images/search?term=sshd HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+            {
+                "description": "",
+                "is_official": false,
+                "is_automated": false,
+                "name": "wma55/u1210sshd",
+                "star_count": 0
+            },
+            {
+                "description": "",
+                "is_official": false,
+                "is_automated": false,
+                "name": "jdswinbank/sshd",
+                "star_count": 0
+            },
+            {
+                "description": "",
+                "is_official": false,
+                "is_automated": false,
+                "name": "vgauthier/sshd",
+                "star_count": 0
+            }
+    ...
+    ]
+
+Query Parameters:
+
+-   **term** – term to search
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+## 2.3 Misc
+
+### Check auth configuration
+
+`POST /auth`
+
+Get the default username and email
+
+**Example request**:
+
+    POST /auth HTTP/1.1
+    Content-Type: application/json
+
+    {
+         "username":" hannibal",
+         "password: "xxxx",
+         "email": "hannibal@a-team.com",
+         "serveraddress": "https://index.docker.io/v1/"
+    }
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **204** – no error
+-   **500** – server error
+
+### Display system-wide information
+
+`GET /info`
+
+Display system-wide information
+
+**Example request**:
+
+    GET /info HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+        "Containers": 11,
+        "CpuCfsPeriod": true,
+        "CpuCfsQuota": true,
+        "Debug": false,
+        "DockerRootDir": "/var/lib/docker",
+        "Driver": "btrfs",
+        "DriverStatus": [[""]],
+        "ExecutionDriver": "native-0.1",
+        "ExperimentalBuild": false,
+        "HttpProxy": "http://test:test@localhost:8080",
+        "HttpsProxy": "https://test:test@localhost:8080",
+        "ID": "7TRN:IPZB:QYBB:VPBQ:UMPP:KARE:6ZNR:XE6T:7EWV:PKF4:ZOJD:TPYS",
+        "IPv4Forwarding": true,
+        "Images": 16,
+        "IndexServerAddress": "https://index.docker.io/v1/",
+        "InitPath": "/usr/bin/docker",
+        "InitSha1": "",
+        "KernelVersion": "3.12.0-1-amd64",
+        "Labels": [
+            "storage=ssd"
+        ],
+        "MemTotal": 2099236864,
+        "MemoryLimit": true,
+        "NCPU": 1,
+        "NEventsListener": 0,
+        "NFd": 11,
+        "NGoroutines": 21,
+        "Name": "prod-server-42",
+        "NoProxy": "9.81.1.160",
+        "OomKillDisable": true,
+        "OperatingSystem": "Boot2Docker",
+        "RegistryConfig": {
+            "IndexConfigs": {
+                "docker.io": {
+                    "Mirrors": null,
+                    "Name": "docker.io",
+                    "Official": true,
+                    "Secure": true
+                }
+            },
+            "InsecureRegistryCIDRs": [
+                "127.0.0.0/8"
+            ]
+        },
+        "SwapLimit": false,
+        "SystemTime": "2015-03-10T11:11:23.730591467-07:00"
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Show the docker version information
+
+`GET /version`
+
+Show the docker version information
+
+**Example request**:
+
+    GET /version HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+         "Version": "1.5.0",
+         "Os": "linux",
+         "KernelVersion": "3.18.5-tinycore64",
+         "GoVersion": "go1.4.1",
+         "GitCommit": "a8a31ef",
+         "Arch": "amd64",
+         "ApiVersion": "1.20",
+         "Experimental": false
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Ping the docker server
+
+`GET /_ping`
+
+Ping the docker server
+
+**Example request**:
+
+    GET /_ping HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: text/plain
+
+    OK
+
+Status Codes:
+
+-   **200** - no error
+-   **500** - server error
+
+### Create a new image from a container's changes
+
+`POST /commit`
+
+Create a new image from a container's changes
+
+**Example request**:
+
+    POST /commit?container=44c004db4b17&comment=message&repo=myrepo HTTP/1.1
+    Content-Type: application/json
+
+    {
+         "Hostname": "",
+         "Domainname": "",
+         "User": "",
+         "AttachStdin": false,
+         "AttachStdout": true,
+         "AttachStderr": true,
+         "Tty": false,
+         "OpenStdin": false,
+         "StdinOnce": false,
+         "Env": null,
+         "Cmd": [
+                 "date"
+         ],
+         "Mounts": [
+           {
+             "Source": "/data",
+             "Destination": "/data",
+             "Mode": "ro,Z",
+             "RW": false
+           }
+         ],
+         "Labels": {
+                 "key1": "value1",
+                 "key2": "value2"
+          },
+         "WorkingDir": "",
+         "NetworkDisabled": false,
+         "ExposedPorts": {
+                 "22/tcp": {}
+         }
+    }
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+    Content-Type: application/json
+
+    {"Id": "596069db4bf5"}
+
+Json Parameters:
+
+-  **config** - the container's configuration
+
+Query Parameters:
+
+-   **container** – source container
+-   **repo** – repository
+-   **tag** – tag
+-   **comment** – commit message
+-   **author** – author (e.g., "John Hannibal Smith
+    <[hannibal@a-team.com](mailto:hannibal%40a-team.com)>")
+-   **pause** – 1/True/true or 0/False/false, whether to pause the container before committing
+-   **changes** – Dockerfile instructions to apply while committing
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Monitor Docker's events
+
+`GET /events`
+
+Get container events from docker, either in real time via streaming, or via
+polling (using since).
+
+Docker containers report the following events:
+
+    attach, commit, copy, create, destroy, die, exec_create, exec_start, export, kill, oom, pause, rename, resize, restart, start, stop, top, unpause
+
+and Docker images report:
+
+    delete, import, pull, push, tag, untag
+
+**Example request**:
+
+    GET /events?since=1374067924
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"status": "create", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067924}
+    {"status": "start", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067924}
+    {"status": "stop", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067966}
+    {"status": "destroy", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067970}
+
+Query Parameters:
+
+-   **since** – Timestamp used for polling
+-   **until** – Timestamp used for polling
+-   **filters** – A json encoded value of the filters (a map[string][]string) to process on the event list. Available filters:
+  -   `event=<string>`; -- event to filter
+  -   `image=<string>`; -- image to filter
+  -   `container=<string>`; -- container to filter
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images in a repository
+
+`GET /images/(name)/get`
+
+Get a tarball containing all images and metadata for the repository specified
+by `name`.
+
+If `name` is a specific name and tag (e.g. ubuntu:latest), then only that image
+(and its parents) are returned. If `name` is an image ID, similarly only that
+image (and its parents) are returned, but with the exclusion of the
+'repositories' file in the tarball, as there were no image names referenced.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+    GET /images/ubuntu/get
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/x-tar
+
+    Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images.
+
+`GET /images/get`
+
+Get a tarball containing all images and metadata for one or more repositories.
+
+For each value of the `names` parameter: if it is a specific name and tag (e.g.
+`ubuntu:latest`), then only that image (and its parents) are returned; if it is
+an image ID, similarly only that image (and its parents) are returned and there
+would be no names referenced in the 'repositories' file for this image ID.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+    GET /images/get?names=myname%2Fmyapp%3Alatest&names=busybox
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/x-tar
+
+    Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Load a tarball with a set of images and tags into docker
+
+`POST /images/load`
+
+Load a set of images and tags into a Docker repository.
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+    POST /images/load
+
+    Tarball in body
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Image tarball format
+
+An image tarball contains one directory per image layer (named using its long ID),
+each containing these files:
+
+- `VERSION`: currently `1.0` - the file format version
+- `json`: detailed layer information, similar to `docker inspect layer_id`
+- `layer.tar`: A tarfile containing the filesystem changes in this layer
+
+The `layer.tar` file contains `aufs` style `.wh..wh.aufs` files and directories
+for storing attribute changes and deletions.
+
+If the tarball defines a repository, the tarball should also include a `repositories` file at
+the root that contains a list of repository and tag names mapped to layer IDs.
+
+```
+{"hello-world":
+    {"latest": "565a9d68a73f6706862bfe8409a7f659776d4d60a8d096eb4a3cbce6999cc2a1"}
+}
+```
+
+### Exec Create
+
+`POST /containers/(id or name)/exec`
+
+Sets up an exec instance in a running container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/exec HTTP/1.1
+    Content-Type: application/json
+
+      {
+       "AttachStdin": false,
+       "AttachStdout": true,
+       "AttachStderr": true,
+       "Tty": false,
+       "Cmd": [
+                     "date"
+             ]
+      }
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+    Content-Type: application/json
+
+    {
+         "Id": "f90e34656806",
+         "Warnings":[]
+    }
+
+Json Parameters:
+
+-   **AttachStdin** - Boolean value, attaches to `stdin` of the `exec` command.
+-   **AttachStdout** - Boolean value, attaches to `stdout` of the `exec` command.
+-   **AttachStderr** - Boolean value, attaches to `stderr` of the `exec` command.
+-   **Tty** - Boolean value to allocate a pseudo-TTY.
+-   **Cmd** - Command to run specified as a string or an array of strings.
+
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+
+### Exec Start
+
+`POST /exec/(id)/start`
+
+Starts a previously set up `exec` instance `id`. If `detach` is true, this API
+returns after starting the `exec` command. Otherwise, this API sets up an
+interactive session with the `exec` command.
+
+**Example request**:
+
+    POST /exec/e90e34656806/start HTTP/1.1
+    Content-Type: application/json
+
+    {
+     "Detach": false,
+     "Tty": false
+    }
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/vnd.docker.raw-stream
+
+    {{ STREAM }}
+
+Json Parameters:
+
+-   **Detach** - Detach from the `exec` command.
+-   **Tty** - Boolean value to allocate a pseudo-TTY.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such exec instance
+
+    **Stream details**:
+    Similar to the stream behavior of `POST /containers/(id or name)/attach` API
+
+### Exec Resize
+
+`POST /exec/(id)/resize`
+
+Resizes the `tty` session used by the `exec` command `id`.  The unit is number of characters.
+This API is valid only if `tty` was specified as part of creating and starting the `exec` command.
+
+**Example request**:
+
+    POST /exec/e90e34656806/resize?h=40&w=80 HTTP/1.1
+    Content-Type: text/plain
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+    Content-Type: text/plain
+
+Query Parameters:
+
+-   **h** – height of `tty` session
+-   **w** – width
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such exec instance
+
+### Exec Inspect
+
+`GET /exec/(id)/json`
+
+Return low-level information about the `exec` command `id`.
+
+**Example request**:
+
+    GET /exec/11fb006128e8ceb3942e7c58d77750f24210e35f879dd204ac975c184b820b39/json HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: plain/text
+
+    {
+      "ID" : "11fb006128e8ceb3942e7c58d77750f24210e35f879dd204ac975c184b820b39",
+      "Running" : false,
+      "ExitCode" : 2,
+      "ProcessConfig" : {
+        "privileged" : false,
+        "user" : "",
+        "tty" : false,
+        "entrypoint" : "sh",
+        "arguments" : [
+          "-c",
+          "exit 2"
+        ]
+      },
+      "OpenStdin" : false,
+      "OpenStderr" : false,
+      "OpenStdout" : false,
+      "Container" : {
+        "State" : {
+          "Running" : true,
+          "Paused" : false,
+          "Restarting" : false,
+          "OOMKilled" : false,
+          "Pid" : 3650,
+          "ExitCode" : 0,
+          "Error" : "",
+          "StartedAt" : "2014-11-17T22:26:03.717657531Z",
+          "FinishedAt" : "0001-01-01T00:00:00Z"
+        },
+        "ID" : "8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c",
+        "Created" : "2014-11-17T22:26:03.626304998Z",
+        "Path" : "date",
+        "Args" : [],
+        "Config" : {
+          "Hostname" : "8f177a186b97",
+          "Domainname" : "",
+          "User" : "",
+          "AttachStdin" : false,
+          "AttachStdout" : false,
+          "AttachStderr" : false,
+          "ExposedPorts" : null,
+          "Tty" : false,
+          "OpenStdin" : false,
+          "StdinOnce" : false,
+          "Env" : [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ],
+          "Cmd" : [
+            "date"
+          ],
+          "Image" : "ubuntu",
+          "Volumes" : null,
+          "WorkingDir" : "",
+          "Entrypoint" : null,
+          "NetworkDisabled" : false,
+          "MacAddress" : "",
+          "OnBuild" : null,
+          "SecurityOpt" : null
+        },
+        "Image" : "5506de2b643be1e6febbf3b8a240760c6843244c41e12aa2f60ccbb7153d17f5",
+        "NetworkSettings" : {
+          "IPAddress" : "172.17.0.2",
+          "IPPrefixLen" : 16,
+          "MacAddress" : "02:42:ac:11:00:02",
+          "Gateway" : "172.17.42.1",
+          "Bridge" : "docker0",
+          "PortMapping" : null,
+          "Ports" : {}
+        },
+        "ResolvConfPath" : "/var/lib/docker/containers/8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c/resolv.conf",
+        "HostnamePath" : "/var/lib/docker/containers/8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c/hostname",
+        "HostsPath" : "/var/lib/docker/containers/8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c/hosts",
+        "LogPath": "/var/lib/docker/containers/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b-json.log",
+        "Name" : "/test",
+        "Driver" : "aufs",
+        "ExecDriver" : "native-0.2",
+        "MountLabel" : "",
+        "ProcessLabel" : "",
+        "AppArmorProfile" : "",
+        "RestartCount" : 0,
+        "Mounts" : []
+      }
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such exec instance
+-   **500** - server error
+
+# 3. Going further
+
+## 3.1 Inside `docker run`
+
+As an example, the `docker run` command line makes the following API calls:
+
+- Create the container
+
+- If the status code is 404, it means the image doesn't exist:
+    - Try to pull it.
+    - Then, retry to create the container.
+
+- Start the container.
+
+- If you are not in detached mode:
+- Attach to the container, using `logs=1` (to have `stdout` and
+      `stderr` from the container's start) and `stream=1`
+
+- If in detached mode or only `stdin` is attached, display the container's id.
+
+## 3.2 Hijacking
+
+In this version of the API, `/attach`, uses hijacking to transport `stdin`,
+`stdout`, and `stderr` on the same socket.
+
+To hint potential proxies about connection hijacking, Docker client sends
+connection upgrade headers similarly to websocket.
+
+    Upgrade: tcp
+    Connection: Upgrade
+
+When Docker daemon detects the `Upgrade` header, it switches its status code
+from **200 OK** to **101 UPGRADED** and resends the same headers.
+
+
+## 3.3 CORS Requests
+
+To set cross origin requests to the remote api please give values to 
+`--api-cors-header` when running Docker in daemon mode. Set * (asterisk) allows all,
+default or blank means CORS disabled
+
+    $ docker daemon -H="192.168.1.9:2375" --api-cors-header="http://foo.bar"
diff --git a/docs/reference/api/docker_remote_api_v1.21.md b/docs/reference/api/docker_remote_api_v1.21.md
new file mode 100644
index 00000000..7cdfd0f3
--- /dev/null
+++ b/docs/reference/api/docker_remote_api_v1.21.md
@@ -0,0 +1,2914 @@
+<!--[metadata]>
++++
+title = "Remote API v1.21"
+description = "API Documentation for Docker"
+keywords = ["API, Docker, rcli, REST,  documentation"]
+[menu.main]
+parent="engine_remoteapi"
+weight=-2
++++
+<![end-metadata]-->
+
+# Docker Remote API v1.21
+
+## 1. Brief introduction
+
+ - The Remote API has replaced `rcli`.
+ - The daemon listens on `unix:///var/run/docker.sock` but you can
+   [Bind Docker to another host/port or a Unix socket](../../quickstart.md#bind-docker-to-another-host-port-or-a-unix-socket).
+ - The API tends to be REST. However, for some complex commands, like `attach`
+   or `pull`, the HTTP connection is hijacked to transport `stdout`,
+   `stdin` and `stderr`.
+ - When the client API version is newer than the daemon's, these calls return an HTTP
+   `400 Bad Request` error message.
+
+# 2. Endpoints
+
+## 2.1 Containers
+
+### List containers
+
+`GET /containers/json`
+
+List containers
+
+**Example request**:
+
+    GET /containers/json?all=1&before=8dfafdbc3a40&size=1 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+         {
+                 "Id": "8dfafdbc3a40",
+                 "Names":["/boring_feynman"],
+                 "Image": "ubuntu:latest",
+                 "ImageID": "d74508fb6632491cea586a1fd7d748dfc5274cd6fdfedee309ecdcbc2bf5cb82",
+                 "Command": "echo 1",
+                 "Created": 1367854155,
+                 "Status": "Exit 0",
+                 "Ports": [{"PrivatePort": 2222, "PublicPort": 3333, "Type": "tcp"}],
+                 "Labels": {
+                         "com.example.vendor": "Acme",
+                         "com.example.license": "GPL",
+                         "com.example.version": "1.0"
+                 },
+                 "SizeRw": 12288,
+                 "SizeRootFs": 0
+         },
+         {
+                 "Id": "9cd87474be90",
+                 "Names":["/coolName"],
+                 "Image": "ubuntu:latest",
+                 "ImageID": "d74508fb6632491cea586a1fd7d748dfc5274cd6fdfedee309ecdcbc2bf5cb82",
+                 "Command": "echo 222222",
+                 "Created": 1367854155,
+                 "Status": "Exit 0",
+                 "Ports": [],
+                 "Labels": {},
+                 "SizeRw": 12288,
+                 "SizeRootFs": 0
+         },
+         {
+                 "Id": "3176a2479c92",
+                 "Names":["/sleepy_dog"],
+                 "Image": "ubuntu:latest",
+                 "ImageID": "d74508fb6632491cea586a1fd7d748dfc5274cd6fdfedee309ecdcbc2bf5cb82",
+                 "Command": "echo 3333333333333333",
+                 "Created": 1367854154,
+                 "Status": "Exit 0",
+                 "Ports":[],
+                 "Labels": {},
+                 "SizeRw":12288,
+                 "SizeRootFs":0
+         },
+         {
+                 "Id": "4cb07b47f9fb",
+                 "Names":["/running_cat"],
+                 "Image": "ubuntu:latest",
+                 "ImageID": "d74508fb6632491cea586a1fd7d748dfc5274cd6fdfedee309ecdcbc2bf5cb82",
+                 "Command": "echo 444444444444444444444444444444444",
+                 "Created": 1367854152,
+                 "Status": "Exit 0",
+                 "Ports": [],
+                 "Labels": {},
+                 "SizeRw": 12288,
+                 "SizeRootFs": 0
+         }
+    ]
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, Show all containers.
+        Only running containers are shown by default (i.e., this defaults to false)
+-   **limit** – Show `limit` last created
+        containers, include non-running ones.
+-   **since** – Show only containers created since Id, include
+        non-running ones.
+-   **before** – Show only containers created before Id, include
+        non-running ones.
+-   **size** – 1/True/true or 0/False/false, Show the containers
+        sizes
+-   **filters** - a JSON encoded value of the filters (a `map[string][]string`) to process on the containers list. Available filters:
+  -   `exited=<int>`; -- containers with exit code of  `<int>` ;
+  -   `status=`(`created`|`restarting`|`running`|`paused`|`exited`)
+  -   `label=key` or `label="key=value"` of a container label
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **500** – server error
+
+### Create a container
+
+`POST /containers/create`
+
+Create a container
+
+**Example request**:
+
+    POST /containers/create HTTP/1.1
+    Content-Type: application/json
+
+    {
+           "Hostname": "",
+           "Domainname": "",
+           "User": "",
+           "AttachStdin": false,
+           "AttachStdout": true,
+           "AttachStderr": true,
+           "Tty": false,
+           "OpenStdin": false,
+           "StdinOnce": false,
+           "Env": [
+                   "FOO=bar",
+                   "BAZ=quux"
+           ],
+           "Cmd": [
+                   "date"
+           ],
+           "Entrypoint": "",
+           "Image": "ubuntu",
+           "Labels": {
+                   "com.example.vendor": "Acme",
+                   "com.example.license": "GPL",
+                   "com.example.version": "1.0"
+           },
+           "Volumes": {
+             "/volumes/data": {}
+           },
+           "WorkingDir": "",
+           "NetworkDisabled": false,
+           "MacAddress": "12:34:56:78:9a:bc",
+           "ExposedPorts": {
+                   "22/tcp": {}
+           },
+           "StopSignal": "SIGTERM",
+           "HostConfig": {
+             "Binds": ["/tmp:/tmp"],
+             "Links": ["redis3:redis"],
+             "LxcConf": {"lxc.utsname":"docker"},
+             "Memory": 0,
+             "MemorySwap": 0,
+             "MemoryReservation": 0,
+             "KernelMemory": 0,
+             "CpuShares": 512,
+             "CpuPeriod": 100000,
+             "CpuQuota": 50000,
+             "CpusetCpus": "0,1",
+             "CpusetMems": "0,1",
+             "BlkioWeight": 300,
+             "MemorySwappiness": 60,
+             "OomKillDisable": false,
+             "PortBindings": { "22/tcp": [{ "HostPort": "11022" }] },
+             "PublishAllPorts": false,
+             "Privileged": false,
+             "ReadonlyRootfs": false,
+             "Dns": ["8.8.8.8"],
+             "DnsOptions": [""],
+             "DnsSearch": [""],
+             "ExtraHosts": null,
+             "VolumesFrom": ["parent", "other:ro"],
+             "CapAdd": ["NET_ADMIN"],
+             "CapDrop": ["MKNOD"],
+             "GroupAdd": ["newgroup"],
+             "RestartPolicy": { "Name": "", "MaximumRetryCount": 0 },
+             "NetworkMode": "bridge",
+             "Devices": [],
+             "Ulimits": [{}],
+             "LogConfig": { "Type": "json-file", "Config": {} },
+             "SecurityOpt": [],
+             "CgroupParent": "",
+             "VolumeDriver": ""
+          }
+      }
+
+**Example response**:
+
+      HTTP/1.1 201 Created
+      Content-Type: application/json
+
+      {
+           "Id":"e90e34656806",
+           "Warnings":[]
+      }
+
+Json Parameters:
+
+-   **Hostname** - A string value containing the hostname to use for the
+      container.
+-   **Domainname** - A string value containing the domain name to use
+      for the container.
+-   **User** - A string value specifying the user inside the container.
+-   **Memory** - Memory limit in bytes.
+-   **MemorySwap** - Total memory limit (memory + swap); set `-1` to enable unlimited swap.
+      You must use this with `memory` and make the swap value larger than `memory`.
+-   **MemoryReservation** - Memory soft limit in bytes.
+-   **KernelMemory** - Kernel memory limit in bytes.
+-   **CpuShares** - An integer value containing the container's CPU Shares
+      (ie. the relative weight vs other containers).
+-   **CpuPeriod** - The length of a CPU period in microseconds.
+-   **CpuQuota** - Microseconds of CPU time that the container can get in a CPU period.
+-   **Cpuset** - Deprecated please don't use. Use `CpusetCpus` instead.
+-   **CpusetCpus** - String value containing the `cgroups CpusetCpus` to use.
+-   **CpusetMems** - Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems.
+-   **BlkioWeight** - Block IO weight (relative weight) accepts a weight value between 10 and 1000.
+-   **MemorySwappiness** - Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100.
+-   **OomKillDisable** - Boolean value, whether to disable OOM Killer for the container or not.
+-   **AttachStdin** - Boolean value, attaches to `stdin`.
+-   **AttachStdout** - Boolean value, attaches to `stdout`.
+-   **AttachStderr** - Boolean value, attaches to `stderr`.
+-   **Tty** - Boolean value, Attach standard streams to a `tty`, including `stdin` if it is not closed.
+-   **OpenStdin** - Boolean value, opens stdin,
+-   **StdinOnce** - Boolean value, close `stdin` after the 1 attached client disconnects.
+-   **Env** - A list of environment variables in the form of `["VAR=value"[,"VAR2=value2"]]`
+-   **Labels** - Adds a map of labels to a container. To specify a map: `{"key":"value"[,"key2":"value2"]}`
+-   **Cmd** - Command to run specified as a string or an array of strings.
+-   **Entrypoint** - Set the entry point for the container as a string or an array
+      of strings.
+-   **Image** - A string specifying the image name to use for the container.
+-   **Volumes** - An object mapping mount point paths (strings) inside the
+      container to empty objects.
+-   **WorkingDir** - A string specifying the working directory for commands to
+      run in.
+-   **NetworkDisabled** - Boolean value, when true disables networking for the
+      container
+-   **ExposedPorts** - An object mapping ports to an empty object in the form of:
+      `"ExposedPorts": { "<port>/<tcp|udp>: {}" }`
+-   **StopSignal** - Signal to stop a container as a string or unsigned integer. `SIGTERM` by default.
+-   **HostConfig**
+    -   **Binds** – A list of volume bindings for this container. Each volume binding is a string in one of these forms:
+           + `container_path` to create a new volume for the container
+           + `host_path:container_path` to bind-mount a host path into the container
+           + `host_path:container_path:ro` to make the bind-mount read-only inside the container.
+           + `volume_name:container_path` to bind-mount a volume managed by a volume plugin into the container.
+           + `volume_name:container_path:ro` to make the bind mount read-only inside the container.
+    -   **Links** - A list of links for the container. Each link entry should be
+          in the form of `container_name:alias`.
+    -   **LxcConf** - LXC specific configurations. These configurations only
+          work when using the `lxc` execution driver.
+    -   **PortBindings** - A map of exposed container ports and the host port they
+          should map to. A JSON object in the form
+          `{ <port>/<protocol>: [{ "HostPort": "<port>" }] }`
+          Take note that `port` is specified as a string and not an integer value.
+    -   **PublishAllPorts** - Allocates a random host port for all of a container's
+          exposed ports. Specified as a boolean value.
+    -   **Privileged** - Gives the container full access to the host. Specified as
+          a boolean value.
+    -   **ReadonlyRootfs** - Mount the container's root filesystem as read only.
+          Specified as a boolean value.
+    -   **Dns** - A list of DNS servers for the container to use.
+    -   **DnsOptions** - A list of DNS options
+    -   **DnsSearch** - A list of DNS search domains
+    -   **ExtraHosts** - A list of hostnames/IP mappings to add to the
+        container's `/etc/hosts` file. Specified in the form `["hostname:IP"]`.
+    -   **VolumesFrom** - A list of volumes to inherit from another container.
+          Specified in the form `<container name>[:<ro|rw>]`
+    -   **CapAdd** - A list of kernel capabilities to add to the container.
+    -   **Capdrop** - A list of kernel capabilities to drop from the container.
+    -   **GroupAdd** - A list of additional groups that the container process will run as
+    -   **RestartPolicy** – The behavior to apply when the container exits.  The
+            value is an object with a `Name` property of either `"always"` to
+            always restart, `"unless-stopped"` to restart always except when
+            user has manually stopped the container or `"on-failure"` to restart only when the container
+            exit code is non-zero.  If `on-failure` is used, `MaximumRetryCount`
+            controls the number of times to retry before giving up.
+            The default is not to restart. (optional)
+            An ever increasing delay (double the previous delay, starting at 100mS)
+            is added before each restart to prevent flooding the server.
+    -   **NetworkMode** - Sets the networking mode for the container. Supported
+          standard values are: `bridge`, `host`, `none`, and `container:<name|id>`. Any other value is taken
+          as a custom network's name to which this container should connect to.
+    -   **Devices** - A list of devices to add to the container specified as a JSON object in the
+      form
+          `{ "PathOnHost": "/dev/deviceName", "PathInContainer": "/dev/deviceName", "CgroupPermissions": "mrw"}`
+    -   **Ulimits** - A list of ulimits to set in the container, specified as
+          `{ "Name": <name>, "Soft": <soft limit>, "Hard": <hard limit> }`, for example:
+          `Ulimits: { "Name": "nofile", "Soft": 1024, "Hard": 2048 }`
+    -   **SecurityOpt**: A list of string values to customize labels for MLS
+        systems, such as SELinux.
+    -   **LogConfig** - Log configuration for the container, specified as a JSON object in the form
+          `{ "Type": "<driver_name>", "Config": {"key1": "val1"}}`.
+          Available types: `json-file`, `syslog`, `journald`, `gelf`, `awslogs`, `none`.
+          `json-file` logging driver.
+    -   **CgroupParent** - Path to `cgroups` under which the container's `cgroup` is created. If the path is not absolute, the path is considered to be relative to the `cgroups` path of the init process. Cgroups are created if they do not already exist.
+    -   **VolumeDriver** - Driver that this container users to mount volumes.
+
+Query Parameters:
+
+-   **name** – Assign the specified name to the container. Must
+    match `/?[a-zA-Z0-9_-]+`.
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **406** – impossible to attach (container not running)
+-   **500** – server error
+
+### Inspect a container
+
+`GET /containers/(id or name)/json`
+
+Return low-level information on the container `id`
+
+
+**Example request**:
+
+      GET /containers/4fa6e0f0c678/json HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+		"AppArmorProfile": "",
+		"Args": [
+			"-c",
+			"exit 9"
+		],
+		"Config": {
+			"AttachStderr": true,
+			"AttachStdin": false,
+			"AttachStdout": true,
+			"Cmd": [
+				"/bin/sh",
+				"-c",
+				"exit 9"
+			],
+			"Domainname": "",
+			"Entrypoint": null,
+			"Env": [
+				"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+			],
+			"ExposedPorts": null,
+			"Hostname": "ba033ac44011",
+			"Image": "ubuntu",
+			"Labels": {
+				"com.example.vendor": "Acme",
+				"com.example.license": "GPL",
+				"com.example.version": "1.0"
+			},
+			"MacAddress": "",
+			"NetworkDisabled": false,
+			"OnBuild": null,
+			"OpenStdin": false,
+			"StdinOnce": false,
+			"Tty": false,
+			"User": "",
+			"Volumes": null,
+			"WorkingDir": "",
+			"StopSignal": "SIGTERM"
+		},
+		"Created": "2015-01-06T15:47:31.485331387Z",
+		"Driver": "devicemapper",
+		"ExecDriver": "native-0.2",
+		"ExecIDs": null,
+		"HostConfig": {
+			"Binds": null,
+			"BlkioWeight": 0,
+			"CapAdd": null,
+			"CapDrop": null,
+			"ContainerIDFile": "",
+			"CpusetCpus": "",
+			"CpusetMems": "",
+			"CpuShares": 0,
+			"CpuPeriod": 100000,
+			"Devices": [],
+			"Dns": null,
+			"DnsOptions": null,
+			"DnsSearch": null,
+			"ExtraHosts": null,
+			"IpcMode": "",
+			"Links": null,
+			"LxcConf": [],
+			"Memory": 0,
+			"MemorySwap": 0,
+			"MemoryReservation": 0,
+			"KernelMemory": 0,
+			"OomKillDisable": false,
+			"NetworkMode": "bridge",
+			"PortBindings": {},
+			"Privileged": false,
+			"ReadonlyRootfs": false,
+			"PublishAllPorts": false,
+			"RestartPolicy": {
+				"MaximumRetryCount": 2,
+				"Name": "on-failure"
+			},
+			"LogConfig": {
+				"Config": null,
+				"Type": "json-file"
+			},
+			"SecurityOpt": null,
+			"VolumesFrom": null,
+			"Ulimits": [{}],
+			"VolumeDriver": ""
+		},
+		"HostnamePath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/hostname",
+		"HostsPath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/hosts",
+		"LogPath": "/var/lib/docker/containers/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b-json.log",
+		"Id": "ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39",
+		"Image": "04c5d3b7b0656168630d3ba35d8889bd0e9caafcaeb3004d2bfbc47e7c5d35d2",
+		"MountLabel": "",
+		"Name": "/boring_euclid",
+		"NetworkSettings": {
+			"Bridge": "",
+			"SandboxID": "",
+			"HairpinMode": false,
+			"LinkLocalIPv6Address": "",
+			"LinkLocalIPv6PrefixLen": 0,
+			"Ports": null,
+			"SandboxKey": "",
+			"SecondaryIPAddresses": null,
+			"SecondaryIPv6Addresses": null,
+			"EndpointID": "",
+			"Gateway": "",
+			"GlobalIPv6Address": "",
+			"GlobalIPv6PrefixLen": 0,
+			"IPAddress": "",
+			"IPPrefixLen": 0,
+			"IPv6Gateway": "",
+			"MacAddress": "",
+			"Networks": {
+				"bridge": {
+					"EndpointID": "",
+					"Gateway": "",
+					"IPAddress": "",
+					"IPPrefixLen": 0,
+					"IPv6Gateway": "",
+					"GlobalIPv6Address": "",
+					"GlobalIPv6PrefixLen": 0,
+					"MacAddress": ""
+				}
+			}
+		},
+		"Path": "/bin/sh",
+		"ProcessLabel": "",
+		"ResolvConfPath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/resolv.conf",
+		"RestartCount": 1,
+		"State": {
+			"Error": "",
+			"ExitCode": 9,
+			"FinishedAt": "2015-01-06T15:47:32.080254511Z",
+			"OOMKilled": false,
+			"Paused": false,
+			"Pid": 0,
+			"Restarting": false,
+			"Running": true,
+			"StartedAt": "2015-01-06T15:47:32.072697474Z",
+			"Status": "running"
+		},
+		"Mounts": [
+			{
+				"Source": "/data",
+				"Destination": "/data",
+				"Mode": "ro,Z",
+				"RW": false
+			}
+		]
+	}
+
+**Example request, with size information**:
+
+    GET /containers/4fa6e0f0c678/json?size=1 HTTP/1.1
+
+**Example response, with size information**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+    ....
+    "SizeRw": 0,
+    "SizeRootFs": 972,
+    ....
+    }
+
+Query Parameters:
+
+-   **size** – 1/True/true or 0/False/false, return container size information. Default is `false`.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### List processes running inside a container
+
+`GET /containers/(id or name)/top`
+
+List processes running inside the container `id`. On Unix systems this
+is done by running the `ps` command. This endpoint is not
+supported on Windows.
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+       "Titles" : [
+         "UID", "PID", "PPID", "C", "STIME", "TTY", "TIME", "CMD"
+       ],
+       "Processes" : [
+         [
+           "root", "13642", "882", "0", "17:03", "pts/0", "00:00:00", "/bin/bash"
+         ],
+         [
+           "root", "13735", "13642", "0", "17:06", "pts/0", "00:00:00", "sleep 10"
+         ]
+       ]
+    }
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top?ps_args=aux HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+      "Titles" : [
+        "USER","PID","%CPU","%MEM","VSZ","RSS","TTY","STAT","START","TIME","COMMAND"
+      ]
+      "Processes" : [
+        [
+          "root","13642","0.0","0.1","18172","3184","pts/0","Ss","17:03","0:00","/bin/bash"
+        ],
+        [
+          "root","13895","0.0","0.0","4348","692","pts/0","S+","17:15","0:00","sleep 10"
+        ]
+      ],
+    }
+
+Query Parameters:
+
+-   **ps_args** – `ps` arguments to use (e.g., `aux`), defaults to `-ef`
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Get container logs
+
+`GET /containers/(id or name)/logs`
+
+Get `stdout` and `stderr` logs from the container ``id``
+
+> **Note**:
+> This endpoint works only for containers with the `json-file` or `journald` logging drivers.
+
+**Example request**:
+
+     GET /containers/4fa6e0f0c678/logs?stderr=1&stdout=1&timestamps=1&follow=1&tail=10&since=1428990821 HTTP/1.1
+
+**Example response**:
+
+     HTTP/1.1 101 UPGRADED
+     Content-Type: application/vnd.docker.raw-stream
+     Connection: Upgrade
+     Upgrade: tcp
+
+     {{ STREAM }}
+
+Query Parameters:
+
+-   **follow** – 1/True/true or 0/False/false, return stream. Default `false`.
+-   **stdout** – 1/True/true or 0/False/false, show `stdout` log. Default `false`.
+-   **stderr** – 1/True/true or 0/False/false, show `stderr` log. Default `false`.
+-   **since** – UNIX timestamp (integer) to filter logs. Specifying a timestamp
+    will only output log-entries since that timestamp. Default: 0 (unfiltered)
+-   **timestamps** – 1/True/true or 0/False/false, print timestamps for
+        every log line. Default `false`.
+-   **tail** – Output specified number of lines at the end of logs: `all` or `<number>`. Default all.
+
+Status Codes:
+
+-   **101** – no error, hints proxy about hijacking
+-   **200** – no error, no upgrade header found
+-   **404** – no such container
+-   **500** – server error
+
+### Inspect changes on a container's filesystem
+
+`GET /containers/(id or name)/changes`
+
+Inspect changes on container `id`'s filesystem
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/changes HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+         {
+                 "Path": "/dev",
+                 "Kind": 0
+         },
+         {
+                 "Path": "/dev/kmsg",
+                 "Kind": 1
+         },
+         {
+                 "Path": "/test",
+                 "Kind": 1
+         }
+    ]
+
+Values for `Kind`:
+
+- `0`: Modify
+- `1`: Add
+- `2`: Delete
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Export a container
+
+`GET /containers/(id or name)/export`
+
+Export the contents of container `id`
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/export HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/octet-stream
+
+    {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Get container stats based on resource usage
+
+`GET /containers/(id or name)/stats`
+
+This endpoint returns a live stream of a container's resource usage statistics.
+
+**Example request**:
+
+    GET /containers/redis1/stats HTTP/1.1
+
+**Example response**:
+
+      HTTP/1.1 200 OK
+      Content-Type: application/json
+
+      {
+         "read" : "2015-01-08T22:57:31.547920715Z",
+         "networks": {
+                 "eth0": {
+                     "rx_bytes": 5338,
+                     "rx_dropped": 0,
+                     "rx_errors": 0,
+                     "rx_packets": 36,
+                     "tx_bytes": 648,
+                     "tx_dropped": 0,
+                     "tx_errors": 0,
+                     "tx_packets": 8
+                 },
+                 "eth5": {
+                     "rx_bytes": 4641,
+                     "rx_dropped": 0,
+                     "rx_errors": 0,
+                     "rx_packets": 26,
+                     "tx_bytes": 690,
+                     "tx_dropped": 0,
+                     "tx_errors": 0,
+                     "tx_packets": 9
+                 }
+         },
+         "memory_stats" : {
+            "stats" : {
+               "total_pgmajfault" : 0,
+               "cache" : 0,
+               "mapped_file" : 0,
+               "total_inactive_file" : 0,
+               "pgpgout" : 414,
+               "rss" : 6537216,
+               "total_mapped_file" : 0,
+               "writeback" : 0,
+               "unevictable" : 0,
+               "pgpgin" : 477,
+               "total_unevictable" : 0,
+               "pgmajfault" : 0,
+               "total_rss" : 6537216,
+               "total_rss_huge" : 6291456,
+               "total_writeback" : 0,
+               "total_inactive_anon" : 0,
+               "rss_huge" : 6291456,
+               "hierarchical_memory_limit" : 67108864,
+               "total_pgfault" : 964,
+               "total_active_file" : 0,
+               "active_anon" : 6537216,
+               "total_active_anon" : 6537216,
+               "total_pgpgout" : 414,
+               "total_cache" : 0,
+               "inactive_anon" : 0,
+               "active_file" : 0,
+               "pgfault" : 964,
+               "inactive_file" : 0,
+               "total_pgpgin" : 477
+            },
+            "max_usage" : 6651904,
+            "usage" : 6537216,
+            "failcnt" : 0,
+            "limit" : 67108864
+         },
+         "blkio_stats" : {},
+         "cpu_stats" : {
+            "cpu_usage" : {
+               "percpu_usage" : [
+                  8646879,
+                  24472255,
+                  36438778,
+                  30657443
+               ],
+               "usage_in_usermode" : 50000000,
+               "total_usage" : 100215355,
+               "usage_in_kernelmode" : 30000000
+            },
+            "system_cpu_usage" : 739306590000000,
+            "throttling_data" : {"periods":0,"throttled_periods":0,"throttled_time":0}
+         },
+         "precpu_stats" : {
+            "cpu_usage" : {
+               "percpu_usage" : [
+                  8646879,
+                  24350896,
+                  36438778,
+                  30657443
+               ],
+               "usage_in_usermode" : 50000000,
+               "total_usage" : 100093996,
+               "usage_in_kernelmode" : 30000000
+            },
+            "system_cpu_usage" : 9492140000000,
+            "throttling_data" : {"periods":0,"throttled_periods":0,"throttled_time":0}
+         }
+      }
+
+The precpu_stats is the cpu statistic of last read, which is used for calculating the cpu usage percent. It is not the exact copy of the “cpu_stats” field.
+
+Query Parameters:
+
+-   **stream** – 1/True/true or 0/False/false, pull stats once then disconnect. Default `true`.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Resize a container TTY
+
+`POST /containers/(id or name)/resize`
+
+Resize the TTY for container with  `id`. The unit is number of characters. You must restart the container for the resize to take effect.
+
+**Example request**:
+
+      POST /containers/4fa6e0f0c678/resize?h=40&w=80 HTTP/1.1
+
+**Example response**:
+
+      HTTP/1.1 200 OK
+      Content-Length: 0
+      Content-Type: text/plain; charset=utf-8
+
+Query Parameters:
+
+-   **h** – height of `tty` session
+-   **w** – width
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – No such container
+-   **500** – Cannot resize container
+
+### Start a container
+
+`POST /containers/(id or name)/start`
+
+Start the container `id`
+
+> **Note**:
+> For backwards compatibility, this endpoint accepts a `HostConfig` as JSON-encoded request body.
+> See [create a container](#create-a-container) for details.
+
+**Example request**:
+
+    POST /containers/e90e34656806/start HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already started
+-   **404** – no such container
+-   **500** – server error
+
+### Stop a container
+
+`POST /containers/(id or name)/stop`
+
+Stop the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/stop?t=5 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already stopped
+-   **404** – no such container
+-   **500** – server error
+
+### Restart a container
+
+`POST /containers/(id or name)/restart`
+
+Restart the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/restart?t=5 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Kill a container
+
+`POST /containers/(id or name)/kill`
+
+Kill the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/kill HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters
+
+-   **signal** - Signal to send to the container: integer or string like `SIGINT`.
+        When not set, `SIGKILL` is assumed and the call waits for the container to exit.
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Rename a container
+
+`POST /containers/(id or name)/rename`
+
+Rename the container `id` to a `new_name`
+
+**Example request**:
+
+    POST /containers/e90e34656806/rename?name=new_name HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **name** – new name for the container
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **409** - conflict name already assigned
+-   **500** – server error
+
+### Pause a container
+
+`POST /containers/(id or name)/pause`
+
+Pause the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/pause HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Unpause a container
+
+`POST /containers/(id or name)/unpause`
+
+Unpause the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/unpause HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Attach to a container
+
+`POST /containers/(id or name)/attach`
+
+Attach to the container `id`
+
+**Example request**:
+
+    POST /containers/16253994b7c4/attach?logs=1&stream=0&stdout=1 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 101 UPGRADED
+    Content-Type: application/vnd.docker.raw-stream
+    Connection: Upgrade
+    Upgrade: tcp
+
+    {{ STREAM }}
+
+Query Parameters:
+
+-   **logs** – 1/True/true or 0/False/false, return logs. Default `false`.
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default `false`.
+-   **stdin** – 1/True/true or 0/False/false, if `stream=true`, attach
+        to `stdin`. Default `false`.
+-   **stdout** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stdout` log, if `stream=true`, attach to `stdout`. Default `false`.
+-   **stderr** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
+
+Status Codes:
+
+-   **101** – no error, hints proxy about hijacking
+-   **200** – no error, no upgrade header found
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+    **Stream details**:
+
+    When using the TTY setting is enabled in
+    [`POST /containers/create`
+    ](#create-a-container),
+    the stream is the raw data from the process PTY and client's `stdin`.
+    When the TTY is disabled, then the stream is multiplexed to separate
+    `stdout` and `stderr`.
+
+    The format is a **Header** and a **Payload** (frame).
+
+    **HEADER**
+
+    The header contains the information which the stream writes (`stdout` or
+    `stderr`). It also contains the size of the associated frame encoded in the
+    last four bytes (`uint32`).
+
+    It is encoded on the first eight bytes like this:
+
+        header := [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4}
+
+    `STREAM_TYPE` can be:
+
+-   0: `stdin` (is written on `stdout`)
+-   1: `stdout`
+-   2: `stderr`
+
+    `SIZE1, SIZE2, SIZE3, SIZE4` are the four bytes of
+    the `uint32` size encoded as big endian.
+
+    **PAYLOAD**
+
+    The payload is the raw stream.
+
+    **IMPLEMENTATION**
+
+    The simplest way to implement the Attach protocol is the following:
+
+    1.  Read eight bytes.
+    2.  Choose `stdout` or `stderr` depending on the first byte.
+    3.  Extract the frame size from the last four bytes.
+    4.  Read the extracted size and output it on the correct output.
+    5.  Goto 1.
+
+### Attach to a container (websocket)
+
+`GET /containers/(id or name)/attach/ws`
+
+Attach to the container `id` via websocket
+
+Implements websocket protocol handshake according to [RFC 6455](http://tools.ietf.org/html/rfc6455)
+
+**Example request**
+
+    GET /containers/e90e34656806/attach/ws?logs=0&stream=1&stdin=1&stdout=1&stderr=1 HTTP/1.1
+
+**Example response**
+
+    {{ STREAM }}
+
+Query Parameters:
+
+-   **logs** – 1/True/true or 0/False/false, return logs. Default `false`.
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default `false`.
+-   **stdin** – 1/True/true or 0/False/false, if `stream=true`, attach
+        to `stdin`. Default `false`.
+-   **stdout** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stdout` log, if `stream=true`, attach to `stdout`. Default `false`.
+-   **stderr** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Wait a container
+
+`POST /containers/(id or name)/wait`
+
+Block until container `id` stops, then returns the exit code
+
+**Example request**:
+
+    POST /containers/16253994b7c4/wait HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"StatusCode": 0}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Remove a container
+
+`DELETE /containers/(id or name)`
+
+Remove the container `id` from the filesystem
+
+**Example request**:
+
+    DELETE /containers/16253994b7c4?v=1 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **v** – 1/True/true or 0/False/false, Remove the volumes
+        associated to the container. Default `false`.
+-   **force** - 1/True/true or 0/False/false, Kill then remove the container.
+        Default `false`.
+
+Status Codes:
+
+-   **204** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Copy files or folders from a container
+
+`POST /containers/(id or name)/copy`
+
+Copy files or folders of container `id`
+
+**Deprecated** in favor of the `archive` endpoint below.
+
+**Example request**:
+
+    POST /containers/4fa6e0f0c678/copy HTTP/1.1
+    Content-Type: application/json
+
+    {
+         "Resource": "test.txt"
+    }
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/x-tar
+
+    {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Retrieving information about files and folders in a container
+
+`HEAD /containers/(id or name)/archive`
+
+See the description of the `X-Docker-Container-Path-Stat` header in the
+following section.
+
+### Get an archive of a filesystem resource in a container
+
+`GET /containers/(id or name)/archive`
+
+Get an tar archive of a resource in the filesystem of container `id`.
+
+Query Parameters:
+
+- **path** - resource in the container's filesystem to archive. Required.
+
+    If not an absolute path, it is relative to the container's root directory.
+    The resource specified by **path** must exist. To assert that the resource
+    is expected to be a directory, **path** should end in `/` or  `/.`
+    (assuming a path separator of `/`). If **path** ends in `/.` then this
+    indicates that only the contents of the **path** directory should be
+    copied. A symlink is always resolved to its target.
+
+    **Note**: It is not possible to copy certain system files such as resources
+    under `/proc`, `/sys`, `/dev`, and mounts created by the user in the
+    container.
+
+**Example request**:
+
+        GET /containers/8cce319429b2/archive?path=/root HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/x-tar
+        X-Docker-Container-Path-Stat: eyJuYW1lIjoicm9vdCIsInNpemUiOjQwOTYsIm1vZGUiOjIxNDc0ODQwOTYsIm10aW1lIjoiMjAxNC0wMi0yN1QyMDo1MToyM1oiLCJsaW5rVGFyZ2V0IjoiIn0=
+
+        {{ TAR STREAM }}
+
+On success, a response header `X-Docker-Container-Path-Stat` will be set to a
+base64-encoded JSON object containing some filesystem header information about
+the archived resource. The above example value would decode to the following
+JSON object (whitespace added for readability):
+
+        {
+            "name": "root",
+            "size": 4096,
+            "mode": 2147484096,
+            "mtime": "2014-02-27T20:51:23Z",
+            "linkTarget": ""
+        }
+
+A `HEAD` request can also be made to this endpoint if only this information is
+desired.
+
+Status Codes:
+
+- **200** - success, returns archive of copied resource
+- **400** - client error, bad parameter, details in JSON response body, one of:
+    - must specify path parameter (**path** cannot be empty)
+    - not a directory (**path** was asserted to be a directory but exists as a
+      file)
+- **404** - client error, resource not found, one of:
+    – no such container (container `id` does not exist)
+    - no such file or directory (**path** does not exist)
+- **500** - server error
+
+### Extract an archive of files or folders to a directory in a container
+
+`PUT /containers/(id or name)/archive`
+
+Upload a tar archive to be extracted to a path in the filesystem of container
+`id`.
+
+Query Parameters:
+
+- **path** - path to a directory in the container
+    to extract the archive's contents into. Required.
+
+    If not an absolute path, it is relative to the container's root directory.
+    The **path** resource must exist.
+- **noOverwriteDirNonDir** - If "1", "true", or "True" then it will be an error
+    if unpacking the given content would cause an existing directory to be
+    replaced with a non-directory and vice versa.
+
+**Example request**:
+
+    PUT /containers/8cce319429b2/archive?path=/vol1 HTTP/1.1
+    Content-Type: application/x-tar
+
+    {{ TAR STREAM }}
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes:
+
+- **200** – the content was extracted successfully
+- **400** - client error, bad parameter, details in JSON response body, one of:
+    - must specify path parameter (**path** cannot be empty)
+    - not a directory (**path** should be a directory but exists as a file)
+    - unable to overwrite existing directory with non-directory
+      (if **noOverwriteDirNonDir**)
+    - unable to overwrite existing non-directory with directory
+      (if **noOverwriteDirNonDir**)
+- **403** - client error, permission denied, the volume
+    or container rootfs is marked as read-only.
+- **404** - client error, resource not found, one of:
+    – no such container (container `id` does not exist)
+    - no such file or directory (**path** resource does not exist)
+- **500** – server error
+
+## 2.2 Images
+
+### List Images
+
+`GET /images/json`
+
+**Example request**:
+
+    GET /images/json?all=0 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+      {
+         "RepoTags": [
+           "ubuntu:12.04",
+           "ubuntu:precise",
+           "ubuntu:latest"
+         ],
+         "Id": "8dbd9e392a964056420e5d58ca5cc376ef18e2de93b5cc90e868a1bbc8318c1c",
+         "Created": 1365714795,
+         "Size": 131506275,
+         "VirtualSize": 131506275,
+         "Labels": {}
+      },
+      {
+         "RepoTags": [
+           "ubuntu:12.10",
+           "ubuntu:quantal"
+         ],
+         "ParentId": "27cf784147099545",
+         "Id": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+         "Created": 1364102658,
+         "Size": 24653,
+         "VirtualSize": 180116135,
+         "Labels": {
+            "com.example.version": "v1"
+         }
+      }
+    ]
+
+**Example request, with digest information**:
+
+    GET /images/json?digests=1 HTTP/1.1
+
+**Example response, with digest information**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+      {
+        "Created": 1420064636,
+        "Id": "4986bf8c15363d1c5d15512d5266f8777bfba4974ac56e3270e7760f6f0a8125",
+        "ParentId": "ea13149945cb6b1e746bf28032f02e9b5a793523481a0a18645fc77ad53c4ea2",
+        "RepoDigests": [
+          "localhost:5000/test/busybox@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf"
+        ],
+        "RepoTags": [
+          "localhost:5000/test/busybox:latest",
+          "playdate:latest"
+        ],
+        "Size": 0,
+        "VirtualSize": 2429728,
+        "Labels": {}
+      }
+    ]
+
+The response shows a single image `Id` associated with two repositories
+(`RepoTags`): `localhost:5000/test/busybox`: and `playdate`. A caller can use
+either of the `RepoTags` values `localhost:5000/test/busybox:latest` or
+`playdate:latest` to reference the image.
+
+You can also use `RepoDigests` values to reference an image. In this response,
+the array has only one reference and that is to the
+`localhost:5000/test/busybox` repository; the `playdate` repository has no
+digest. You can reference this digest using the value:
+`localhost:5000/test/busybox@sha256:cbbf2f9a99b47fc460d...`
+
+See the `docker run` and `docker build` commands for examples of digest and tag
+references on the command line.
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, default false
+-   **filters** – a JSON encoded value of the filters (a map[string][]string) to process on the images list. Available filters:
+  -   `dangling=true`
+  -   `label=key` or `label="key=value"` of an image label
+-   **filter** - only return images with the specified name
+
+### Build image from a Dockerfile
+
+`POST /build`
+
+Build an image from a Dockerfile
+
+**Example request**:
+
+    POST /build HTTP/1.1
+
+    {{ TAR STREAM }}
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"stream": "Step 1..."}
+    {"stream": "..."}
+    {"error": "Error...", "errorDetail": {"code": 123, "message": "Error..."}}
+
+The input stream must be a `tar` archive compressed with one of the
+following algorithms: `identity` (no compression), `gzip`, `bzip2`, `xz`.
+
+The archive must include a build instructions file, typically called
+`Dockerfile` at the archive's root. The `dockerfile` parameter may be
+used to specify a different build instructions file. To do this, its value must be
+the path to the alternate build instructions file to use.
+
+The archive may include any number of other files,
+which are accessible in the build context (See the [*ADD build
+command*](../../reference/builder.md#dockerbuilder)).
+
+The build is canceled if the client drops the connection by quitting
+or being killed.
+
+Query Parameters:
+
+-   **dockerfile** - Path within the build context to the Dockerfile. This is
+        ignored if `remote` is specified and points to an individual filename.
+-   **t** – A name and optional tag to apply to the image in the `name:tag` format.
+        If you omit the `tag` the default `latest` value is assumed.
+        You can provide one or more `t` parameters.
+-   **remote** – A Git repository URI or HTTP/HTTPS URI build source. If the
+        URI specifies a filename, the file's contents are placed into a file
+		called `Dockerfile`.
+-   **q** – Suppress verbose build output.
+-   **nocache** – Do not use the cache when building the image.
+-   **pull** - Attempt to pull the image even if an older image exists locally.
+-   **rm** - Remove intermediate containers after a successful build (default behavior).
+-   **forcerm** - Always remove intermediate containers (includes `rm`).
+-   **memory** - Set memory limit for build.
+-   **memswap** - Total memory (memory + swap), `-1` to enable unlimited swap.
+-   **cpushares** - CPU shares (relative weight).
+-   **cpusetcpus** - CPUs in which to allow execution (e.g., `0-3`, `0,1`).
+-   **cpuperiod** - The length of a CPU period in microseconds.
+-   **cpuquota** - Microseconds of CPU time that the container can get in a CPU period.
+-   **buildargs** – JSON map of string pairs for build-time variables. Users pass
+        these values at build-time. Docker uses the `buildargs` as the environment
+        context for command(s) run via the Dockerfile's `RUN` instruction or for
+        variable expansion in other Dockerfile instructions. This is not meant for
+        passing secret values. [Read more about the buildargs instruction](../../reference/builder.md#arg)
+
+    Request Headers:
+
+-   **Content-type** – Set to `"application/tar"`.
+-   **X-Registry-Config** – A base64-url-safe-encoded Registry Auth Config JSON
+        object with the following structure:
+
+            {
+                "docker.example.com": {
+                    "username": "janedoe",
+                    "password": "hunter2"
+                },
+                "https://index.docker.io/v1/": {
+                    "username": "mobydock",
+                    "password": "conta1n3rize14"
+                }
+            }
+
+        This object maps the hostname of a registry to an object containing the
+        "username" and "password" for that registry. Multiple registries may
+        be specified as the build may be based on an image requiring
+        authentication to pull from any arbitrary registry. Only the registry
+        domain name (and port if not the default "443") are required. However
+        (for legacy reasons) the "official" Docker, Inc. hosted registry must
+        be specified with both a "https://" prefix and a "/v1/" suffix even
+        though Docker will prefer to use the v2 registry API.
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Create an image
+
+`POST /images/create`
+
+Create an image either by pulling it from the registry or by importing it
+
+**Example request**:
+
+    POST /images/create?fromImage=ubuntu HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"status": "Pulling..."}
+    {"status": "Pulling", "progress": "1 B/ 100 B", "progressDetail": {"current": 1, "total": 100}}
+    {"error": "Invalid..."}
+    ...
+
+When using this endpoint to pull an image from the registry, the
+`X-Registry-Auth` header can be used to include
+a base64-encoded AuthConfig object.
+
+Query Parameters:
+
+-   **fromImage** – Name of the image to pull. The name may include a tag or
+        digest. This parameter may only be used when pulling an image.
+-   **fromSrc** – Source to import.  The value may be a URL from which the image
+        can be retrieved or `-` to read the image from the request body.
+        This parameter may only be used when importing an image.
+-   **repo** – Repository name given to an image when it is imported.
+        The repo may include a tag. This parameter may only be used when importing
+        an image.
+-   **tag** – Tag or digest.
+
+    Request Headers:
+
+-   **X-Registry-Auth** – base64-encoded AuthConfig object
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+
+
+### Inspect an image
+
+`GET /images/(name)/json`
+
+Return low-level information on the image `name`
+
+**Example request**:
+
+    GET /images/example/json HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+       "Id" : "85f05633ddc1c50679be2b16a0479ab6f7637f8884e0cfe0f4d20e1ebb3d6e7c",
+       "Container" : "cb91e48a60d01f1e27028b4fc6819f4f290b3cf12496c8176ec714d0d390984a",
+       "Comment" : "",
+       "Os" : "linux",
+       "Architecture" : "amd64",
+       "Parent" : "91e54dfb11794fad694460162bf0cb0a4fa710cfa3f60979c177d920813e267c",
+       "ContainerConfig" : {
+          "Tty" : false,
+          "Hostname" : "e611e15f9c9d",
+          "Volumes" : null,
+          "Domainname" : "",
+          "AttachStdout" : false,
+          "PublishService" : "",
+          "AttachStdin" : false,
+          "OpenStdin" : false,
+          "StdinOnce" : false,
+          "NetworkDisabled" : false,
+          "OnBuild" : [],
+          "Image" : "91e54dfb11794fad694460162bf0cb0a4fa710cfa3f60979c177d920813e267c",
+          "User" : "",
+          "WorkingDir" : "",
+          "Entrypoint" : null,
+          "MacAddress" : "",
+          "AttachStderr" : false,
+          "Labels" : {
+             "com.example.license" : "GPL",
+             "com.example.version" : "1.0",
+             "com.example.vendor" : "Acme"
+          },
+          "Env" : [
+             "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+          ],
+          "ExposedPorts" : null,
+          "Cmd" : [
+             "/bin/sh",
+             "-c",
+             "#(nop) LABEL com.example.vendor=Acme com.example.license=GPL com.example.version=1.0"
+          ]
+       },
+       "DockerVersion" : "1.9.0-dev",
+       "VirtualSize" : 188359297,
+       "Size" : 0,
+       "Author" : "",
+       "Created" : "2015-09-10T08:30:53.26995814Z",
+       "GraphDriver" : {
+          "Name" : "aufs",
+          "Data" : null
+       },
+       "RepoDigests" : [
+          "localhost:5000/test/busybox/example@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf"
+       ],
+       "RepoTags" : [
+          "example:1.0",
+          "example:latest",
+          "example:stable"
+       ],
+       "Config" : {
+          "Image" : "91e54dfb11794fad694460162bf0cb0a4fa710cfa3f60979c177d920813e267c",
+          "NetworkDisabled" : false,
+          "OnBuild" : [],
+          "StdinOnce" : false,
+          "PublishService" : "",
+          "AttachStdin" : false,
+          "OpenStdin" : false,
+          "Domainname" : "",
+          "AttachStdout" : false,
+          "Tty" : false,
+          "Hostname" : "e611e15f9c9d",
+          "Volumes" : null,
+          "Cmd" : [
+             "/bin/bash"
+          ],
+          "ExposedPorts" : null,
+          "Env" : [
+             "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+          ],
+          "Labels" : {
+             "com.example.vendor" : "Acme",
+             "com.example.version" : "1.0",
+             "com.example.license" : "GPL"
+          },
+          "Entrypoint" : null,
+          "MacAddress" : "",
+          "AttachStderr" : false,
+          "WorkingDir" : "",
+          "User" : ""
+       }
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Get the history of an image
+
+`GET /images/(name)/history`
+
+Return the history of the image `name`
+
+**Example request**:
+
+    GET /images/ubuntu/history HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+        {
+            "Id": "3db9c44f45209632d6050b35958829c3a2aa256d81b9a7be45b362ff85c54710",
+            "Created": 1398108230,
+            "CreatedBy": "/bin/sh -c #(nop) ADD file:eb15dbd63394e063b805a3c32ca7bf0266ef64676d5a6fab4801f2e81e2a5148 in /",
+            "Tags": [
+                "ubuntu:lucid",
+                "ubuntu:10.04"
+            ],
+            "Size": 182964289,
+            "Comment": ""
+        },
+        {
+            "Id": "6cfa4d1f33fb861d4d114f43b25abd0ac737509268065cdfd69d544a59c85ab8",
+            "Created": 1398108222,
+            "CreatedBy": "/bin/sh -c #(nop) MAINTAINER Tianon Gravi <admwiggin@gmail.com> - mkimage-debootstrap.sh -i iproute,iputils-ping,ubuntu-minimal -t lucid.tar.xz lucid http://archive.ubuntu.com/ubuntu/",
+            "Tags": null,
+            "Size": 0,
+            "Comment": ""
+        },
+        {
+            "Id": "511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158",
+            "Created": 1371157430,
+            "CreatedBy": "",
+            "Tags": [
+                "scratch12:latest",
+                "scratch:latest"
+            ],
+            "Size": 0,
+            "Comment": "Imported from -"
+        }
+    ]
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Push an image on the registry
+
+`POST /images/(name)/push`
+
+Push the image `name` on the registry
+
+**Example request**:
+
+    POST /images/test/push HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"status": "Pushing..."}
+    {"status": "Pushing", "progress": "1/? (n/a)", "progressDetail": {"current": 1}}}
+    {"error": "Invalid..."}
+    ...
+
+If you wish to push an image on to a private registry, that image must already have a tag
+into a repository which references that registry `hostname` and `port`.  This repository name should
+then be used in the URL. This duplicates the command line's flow.
+
+**Example request**:
+
+    POST /images/registry.acme.com:5000/test/push HTTP/1.1
+
+
+Query Parameters:
+
+-   **tag** – The tag to associate with the image on the registry. This is optional.
+
+Request Headers:
+
+-   **X-Registry-Auth** – Include a base64-encoded AuthConfig.
+        object.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Tag an image into a repository
+
+`POST /images/(name)/tag`
+
+Tag the image `name` into a repository
+
+**Example request**:
+
+    POST /images/test/tag?repo=myrepo&force=0&tag=v42 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+
+Query Parameters:
+
+-   **repo** – The repository to tag in
+-   **force** – 1/True/true or 0/False/false, default false
+-   **tag** - The new tag name
+
+Status Codes:
+
+-   **201** – no error
+-   **400** – bad parameter
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Remove an image
+
+`DELETE /images/(name)`
+
+Remove the image `name` from the filesystem
+
+**Example request**:
+
+    DELETE /images/test HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-type: application/json
+
+    [
+     {"Untagged": "3e2f21a89f"},
+     {"Deleted": "3e2f21a89f"},
+     {"Deleted": "53b4f83ac9"}
+    ]
+
+Query Parameters:
+
+-   **force** – 1/True/true or 0/False/false, default false
+-   **noprune** – 1/True/true or 0/False/false, default false
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Search images
+
+`GET /images/search`
+
+Search for an image on [Docker Hub](https://hub.docker.com).
+
+> **Note**:
+> The response keys have changed from API v1.6 to reflect the JSON
+> sent by the registry server to the docker daemon's request.
+
+**Example request**:
+
+    GET /images/search?term=sshd HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+            {
+                "description": "",
+                "is_official": false,
+                "is_automated": false,
+                "name": "wma55/u1210sshd",
+                "star_count": 0
+            },
+            {
+                "description": "",
+                "is_official": false,
+                "is_automated": false,
+                "name": "jdswinbank/sshd",
+                "star_count": 0
+            },
+            {
+                "description": "",
+                "is_official": false,
+                "is_automated": false,
+                "name": "vgauthier/sshd",
+                "star_count": 0
+            }
+    ...
+    ]
+
+Query Parameters:
+
+-   **term** – term to search
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+## 2.3 Misc
+
+### Check auth configuration
+
+`POST /auth`
+
+Get the default username and email
+
+**Example request**:
+
+    POST /auth HTTP/1.1
+    Content-Type: application/json
+
+    {
+         "username":" hannibal",
+         "password: "xxxx",
+         "email": "hannibal@a-team.com",
+         "serveraddress": "https://index.docker.io/v1/"
+    }
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **204** – no error
+-   **500** – server error
+
+### Display system-wide information
+
+`GET /info`
+
+Display system-wide information
+
+**Example request**:
+
+    GET /info HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+        "ClusterStore": "etcd://localhost:2379",
+        "Containers": 11,
+        "CpuCfsPeriod": true,
+        "CpuCfsQuota": true,
+        "Debug": false,
+        "DockerRootDir": "/var/lib/docker",
+        "Driver": "btrfs",
+        "DriverStatus": [[""]],
+        "ExecutionDriver": "native-0.1",
+        "ExperimentalBuild": false,
+        "HttpProxy": "http://test:test@localhost:8080",
+        "HttpsProxy": "https://test:test@localhost:8080",
+        "ID": "7TRN:IPZB:QYBB:VPBQ:UMPP:KARE:6ZNR:XE6T:7EWV:PKF4:ZOJD:TPYS",
+        "IPv4Forwarding": true,
+        "Images": 16,
+        "IndexServerAddress": "https://index.docker.io/v1/",
+        "InitPath": "/usr/bin/docker",
+        "InitSha1": "",
+        "KernelVersion": "3.12.0-1-amd64",
+        "Labels": [
+            "storage=ssd"
+        ],
+        "MemTotal": 2099236864,
+        "MemoryLimit": true,
+        "NCPU": 1,
+        "NEventsListener": 0,
+        "NFd": 11,
+        "NGoroutines": 21,
+        "Name": "prod-server-42",
+        "NoProxy": "9.81.1.160",
+        "OomKillDisable": true,
+        "OperatingSystem": "Boot2Docker",
+        "RegistryConfig": {
+            "IndexConfigs": {
+                "docker.io": {
+                    "Mirrors": null,
+                    "Name": "docker.io",
+                    "Official": true,
+                    "Secure": true
+                }
+            },
+            "InsecureRegistryCIDRs": [
+                "127.0.0.0/8"
+            ]
+        },
+        "ServerVersion": "1.9.0",
+        "SwapLimit": false,
+        "SystemTime": "2015-03-10T11:11:23.730591467-07:00"
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Show the docker version information
+
+`GET /version`
+
+Show the docker version information
+
+**Example request**:
+
+    GET /version HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+         "Version": "1.5.0",
+         "Os": "linux",
+         "KernelVersion": "3.18.5-tinycore64",
+         "GoVersion": "go1.4.1",
+         "GitCommit": "a8a31ef",
+         "Arch": "amd64",
+         "ApiVersion": "1.20",
+         "Experimental": false
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Ping the docker server
+
+`GET /_ping`
+
+Ping the docker server
+
+**Example request**:
+
+    GET /_ping HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: text/plain
+
+    OK
+
+Status Codes:
+
+-   **200** - no error
+-   **500** - server error
+
+### Create a new image from a container's changes
+
+`POST /commit`
+
+Create a new image from a container's changes
+
+**Example request**:
+
+    POST /commit?container=44c004db4b17&comment=message&repo=myrepo HTTP/1.1
+    Content-Type: application/json
+
+    {
+         "Hostname": "",
+         "Domainname": "",
+         "User": "",
+         "AttachStdin": false,
+         "AttachStdout": true,
+         "AttachStderr": true,
+         "Tty": false,
+         "OpenStdin": false,
+         "StdinOnce": false,
+         "Env": null,
+         "Cmd": [
+                 "date"
+         ],
+         "Mounts": [
+           {
+             "Source": "/data",
+             "Destination": "/data",
+             "Mode": "ro,Z",
+             "RW": false
+           }
+         ],
+         "Labels": {
+                 "key1": "value1",
+                 "key2": "value2"
+          },
+         "WorkingDir": "",
+         "NetworkDisabled": false,
+         "ExposedPorts": {
+                 "22/tcp": {}
+         }
+    }
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+    Content-Type: application/json
+
+    {"Id": "596069db4bf5"}
+
+Json Parameters:
+
+-  **config** - the container's configuration
+
+Query Parameters:
+
+-   **container** – source container
+-   **repo** – repository
+-   **tag** – tag
+-   **comment** – commit message
+-   **author** – author (e.g., "John Hannibal Smith
+    <[hannibal@a-team.com](mailto:hannibal%40a-team.com)>")
+-   **pause** – 1/True/true or 0/False/false, whether to pause the container before committing
+-   **changes** – Dockerfile instructions to apply while committing
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Monitor Docker's events
+
+`GET /events`
+
+Get container events from docker, either in real time via streaming, or via
+polling (using since).
+
+Docker containers report the following events:
+
+    attach, commit, copy, create, destroy, die, exec_create, exec_start, export, kill, oom, pause, rename, resize, restart, start, stop, top, unpause
+
+and Docker images report:
+
+    delete, import, pull, push, tag, untag
+
+**Example request**:
+
+    GET /events?since=1374067924
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"status":"pull","id":"busybox:latest","time":1442421700,"timeNano":1442421700598988358}
+    {"status":"create","id":"5745704abe9caa5","from":"busybox","time":1442421716,"timeNano":1442421716853979870}
+    {"status":"attach","id":"5745704abe9caa5","from":"busybox","time":1442421716,"timeNano":1442421716894759198}
+    {"status":"start","id":"5745704abe9caa5","from":"busybox","time":1442421716,"timeNano":1442421716983607193}
+
+Query Parameters:
+
+-   **since** – Timestamp used for polling
+-   **until** – Timestamp used for polling
+-   **filters** – A json encoded value of the filters (a map[string][]string) to process on the event list. Available filters:
+  -   `container=<string>`; -- container to filter
+  -   `event=<string>`; -- event to filter
+  -   `image=<string>`; -- image to filter
+  -   `label=<string>`; -- image and container label to filter
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images in a repository
+
+`GET /images/(name)/get`
+
+Get a tarball containing all images and metadata for the repository specified
+by `name`.
+
+If `name` is a specific name and tag (e.g. ubuntu:latest), then only that image
+(and its parents) are returned. If `name` is an image ID, similarly only that
+image (and its parents) are returned, but with the exclusion of the
+'repositories' file in the tarball, as there were no image names referenced.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+    GET /images/ubuntu/get
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/x-tar
+
+    Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images.
+
+`GET /images/get`
+
+Get a tarball containing all images and metadata for one or more repositories.
+
+For each value of the `names` parameter: if it is a specific name and tag (e.g.
+`ubuntu:latest`), then only that image (and its parents) are returned; if it is
+an image ID, similarly only that image (and its parents) are returned and there
+would be no names referenced in the 'repositories' file for this image ID.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+    GET /images/get?names=myname%2Fmyapp%3Alatest&names=busybox
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/x-tar
+
+    Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Load a tarball with a set of images and tags into docker
+
+`POST /images/load`
+
+Load a set of images and tags into a Docker repository.
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+    POST /images/load
+
+    Tarball in body
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Image tarball format
+
+An image tarball contains one directory per image layer (named using its long ID),
+each containing these files:
+
+- `VERSION`: currently `1.0` - the file format version
+- `json`: detailed layer information, similar to `docker inspect layer_id`
+- `layer.tar`: A tarfile containing the filesystem changes in this layer
+
+The `layer.tar` file contains `aufs` style `.wh..wh.aufs` files and directories
+for storing attribute changes and deletions.
+
+If the tarball defines a repository, the tarball should also include a `repositories` file at
+the root that contains a list of repository and tag names mapped to layer IDs.
+
+```
+{"hello-world":
+    {"latest": "565a9d68a73f6706862bfe8409a7f659776d4d60a8d096eb4a3cbce6999cc2a1"}
+}
+```
+
+### Exec Create
+
+`POST /containers/(id or name)/exec`
+
+Sets up an exec instance in a running container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/exec HTTP/1.1
+    Content-Type: application/json
+
+      {
+       "AttachStdin": false,
+       "AttachStdout": true,
+       "AttachStderr": true,
+       "Tty": false,
+       "Cmd": [
+                     "date"
+             ]
+      }
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+    Content-Type: application/json
+
+    {
+         "Id": "f90e34656806",
+         "Warnings":[]
+    }
+
+Json Parameters:
+
+-   **AttachStdin** - Boolean value, attaches to `stdin` of the `exec` command.
+-   **AttachStdout** - Boolean value, attaches to `stdout` of the `exec` command.
+-   **AttachStderr** - Boolean value, attaches to `stderr` of the `exec` command.
+-   **Tty** - Boolean value to allocate a pseudo-TTY.
+-   **Cmd** - Command to run specified as a string or an array of strings.
+
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **409** - container is paused
+-   **500** - server error
+
+### Exec Start
+
+`POST /exec/(id)/start`
+
+Starts a previously set up `exec` instance `id`. If `detach` is true, this API
+returns after starting the `exec` command. Otherwise, this API sets up an
+interactive session with the `exec` command.
+
+**Example request**:
+
+    POST /exec/e90e34656806/start HTTP/1.1
+    Content-Type: application/json
+
+    {
+     "Detach": false,
+     "Tty": false
+    }
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/vnd.docker.raw-stream
+
+    {{ STREAM }}
+
+Json Parameters:
+
+-   **Detach** - Detach from the `exec` command.
+-   **Tty** - Boolean value to allocate a pseudo-TTY.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such exec instance
+-   **409** - container is paused
+
+    **Stream details**:
+    Similar to the stream behavior of `POST /containers/(id or name)/attach` API
+
+### Exec Resize
+
+`POST /exec/(id)/resize`
+
+Resizes the `tty` session used by the `exec` command `id`.  The unit is number of characters.
+This API is valid only if `tty` was specified as part of creating and starting the `exec` command.
+
+**Example request**:
+
+    POST /exec/e90e34656806/resize?h=40&w=80 HTTP/1.1
+    Content-Type: text/plain
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+    Content-Type: text/plain
+
+Query Parameters:
+
+-   **h** – height of `tty` session
+-   **w** – width
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such exec instance
+
+### Exec Inspect
+
+`GET /exec/(id)/json`
+
+Return low-level information about the `exec` command `id`.
+
+**Example request**:
+
+    GET /exec/11fb006128e8ceb3942e7c58d77750f24210e35f879dd204ac975c184b820b39/json HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: plain/text
+
+    {
+      "ID" : "11fb006128e8ceb3942e7c58d77750f24210e35f879dd204ac975c184b820b39",
+      "Running" : false,
+      "ExitCode" : 2,
+      "ProcessConfig" : {
+        "privileged" : false,
+        "user" : "",
+        "tty" : false,
+        "entrypoint" : "sh",
+        "arguments" : [
+          "-c",
+          "exit 2"
+        ]
+      },
+      "OpenStdin" : false,
+      "OpenStderr" : false,
+      "OpenStdout" : false,
+      "Container" : {
+        "State" : {
+          "Status" : "running",
+          "Running" : true,
+          "Paused" : false,
+          "Restarting" : false,
+          "OOMKilled" : false,
+          "Pid" : 3650,
+          "ExitCode" : 0,
+          "Error" : "",
+          "StartedAt" : "2014-11-17T22:26:03.717657531Z",
+          "FinishedAt" : "0001-01-01T00:00:00Z"
+        },
+        "ID" : "8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c",
+        "Created" : "2014-11-17T22:26:03.626304998Z",
+        "Path" : "date",
+        "Args" : [],
+        "Config" : {
+          "Hostname" : "8f177a186b97",
+          "Domainname" : "",
+          "User" : "",
+          "AttachStdin" : false,
+          "AttachStdout" : false,
+          "AttachStderr" : false,
+          "ExposedPorts" : null,
+          "Tty" : false,
+          "OpenStdin" : false,
+          "StdinOnce" : false,
+          "Env" : [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ],
+          "Cmd" : [
+            "date"
+          ],
+          "Image" : "ubuntu",
+          "Volumes" : null,
+          "WorkingDir" : "",
+          "Entrypoint" : null,
+          "NetworkDisabled" : false,
+          "MacAddress" : "",
+          "OnBuild" : null,
+          "SecurityOpt" : null
+        },
+        "Image" : "5506de2b643be1e6febbf3b8a240760c6843244c41e12aa2f60ccbb7153d17f5",
+        "NetworkSettings": {
+            "Bridge": "",
+            "SandboxID": "",
+            "HairpinMode": false,
+            "LinkLocalIPv6Address": "",
+            "LinkLocalIPv6PrefixLen": 0,
+            "Ports": null,
+            "SandboxKey": "",
+            "SecondaryIPAddresses": null,
+            "SecondaryIPv6Addresses": null,
+            "EndpointID": "",
+            "Gateway": "",
+            "GlobalIPv6Address": "",
+            "GlobalIPv6PrefixLen": 0,
+            "IPAddress": "",
+            "IPPrefixLen": 0,
+            "IPv6Gateway": "",
+            "MacAddress": "",
+            "Networks": {
+                "bridge": {
+                    "EndpointID": "",
+                    "Gateway": "",
+                    "IPAddress": "",
+                    "IPPrefixLen": 0,
+                    "IPv6Gateway": "",
+                    "GlobalIPv6Address": "",
+                    "GlobalIPv6PrefixLen": 0,
+                    "MacAddress": ""
+                }
+            }
+        },
+        "ResolvConfPath" : "/var/lib/docker/containers/8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c/resolv.conf",
+        "HostnamePath" : "/var/lib/docker/containers/8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c/hostname",
+        "HostsPath" : "/var/lib/docker/containers/8f177a186b977fb451136e0fdf182abff5599a08b3c7f6ef0d36a55aaf89634c/hosts",
+        "LogPath": "/var/lib/docker/containers/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b-json.log",
+        "Name" : "/test",
+        "Driver" : "aufs",
+        "ExecDriver" : "native-0.2",
+        "MountLabel" : "",
+        "ProcessLabel" : "",
+        "AppArmorProfile" : "",
+        "RestartCount" : 0,
+        "Mounts" : []
+      }
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such exec instance
+-   **500** - server error
+
+## 2.4 Volumes
+
+### List volumes
+
+`GET /volumes`
+
+**Example request**:
+
+    GET /volumes HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+      "Volumes": [
+        {
+          "Name": "tardis",
+          "Driver": "local",
+          "Mountpoint": "/var/lib/docker/volumes/tardis"
+        }
+      ]
+    }
+
+Query Parameters:
+
+- **filters** - JSON encoded value of the filters (a `map[string][]string`) to process on the volumes list. There is one available filter: `dangling=true`
+
+Status Codes:
+
+-   **200** - no error
+-   **500** - server error
+
+### Create a volume
+
+`POST /volumes/create`
+
+Create a volume
+
+**Example request**:
+
+    POST /volumes/create HTTP/1.1
+    Content-Type: application/json
+
+    {
+      "Name": "tardis"
+    }
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+    Content-Type: application/json
+
+    {
+      "Name": "tardis",
+      "Driver": "local",
+      "Mountpoint": "/var/lib/docker/volumes/tardis"
+    }
+
+Status Codes:
+
+- **201** - no error
+- **500**  - server error
+
+JSON Parameters:
+
+- **Name** - The new volume's name. If not specified, Docker generates a name.
+- **Driver** - Name of the volume driver to use. Defaults to `local` for the name.
+- **DriverOpts** - A mapping of driver options and values. These options are
+    passed directly to the driver and are driver specific.
+
+### Inspect a volume
+
+`GET /volumes/(name)`
+
+Return low-level information on the volume `name`
+
+**Example request**:
+
+    GET /volumes/tardis
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+      "Name": "tardis",
+      "Driver": "local",
+      "Mountpoint": "/var/lib/docker/volumes/tardis"
+    }
+
+Status Codes:
+
+-   **200** - no error
+-   **404** - no such volume
+-   **500** - server error
+
+### Remove a volume
+
+`DELETE /volumes/(name)`
+
+Instruct the driver to remove the volume (`name`).
+
+**Example request**:
+
+    DELETE /volumes/tardis HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Status Codes
+
+-   **204** - no error
+-   **404** - no such volume or volume driver
+-   **409** - volume is in use and cannot be removed
+-   **500** - server error
+
+## 2.5 Networks
+
+### List networks
+
+`GET /networks`
+
+**Example request**:
+
+    GET /networks HTTP/1.1
+
+**Example response**:
+
+```
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+[
+  {
+    "Name": "bridge",
+    "Id": "f2de39df4171b0dc801e8002d1d999b77256983dfc63041c0f34030aa3977566",
+    "Scope": "local",
+    "Driver": "bridge",
+    "IPAM": {
+      "Driver": "default",
+      "Config": [
+        {
+          "Subnet": "172.17.0.0/16"
+        }
+      ]
+    },
+    "Containers": {
+      "39b69226f9d79f5634485fb236a23b2fe4e96a0a94128390a7fbbcc167065867": {
+        "EndpointID": "ed2419a97c1d9954d05b46e462e7002ea552f216e9b136b80a7db8d98b442eda",
+        "MacAddress": "02:42:ac:11:00:02",
+        "IPv4Address": "172.17.0.2/16",
+        "IPv6Address": ""
+      }
+    },
+    "Options": {
+      "com.docker.network.bridge.default_bridge": "true",
+      "com.docker.network.bridge.enable_icc": "true",
+      "com.docker.network.bridge.enable_ip_masquerade": "true",
+      "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
+      "com.docker.network.bridge.name": "docker0",
+      "com.docker.network.driver.mtu": "1500"
+    }
+  },
+  {
+    "Name": "none",
+    "Id": "e086a3893b05ab69242d3c44e49483a3bbbd3a26b46baa8f61ab797c1088d794",
+    "Scope": "local",
+    "Driver": "null",
+    "IPAM": {
+      "Driver": "default",
+      "Config": []
+    },
+    "Containers": {},
+    "Options": {}
+  },
+  {
+    "Name": "host",
+    "Id": "13e871235c677f196c4e1ecebb9dc733b9b2d2ab589e30c539efeda84a24215e",
+    "Scope": "local",
+    "Driver": "host",
+    "IPAM": {
+      "Driver": "default",
+      "Config": []
+    },
+    "Containers": {},
+    "Options": {}
+  }
+]
+```
+
+
+
+Query Parameters:
+
+- **filters** - JSON encoded value of the filters (a `map[string][]string`) to process on the networks list. Available filters: `name=[network-names]` , `id=[network-ids]`
+
+Status Codes:
+
+-   **200** - no error
+-   **500** - server error
+
+### Inspect network
+
+`GET /networks/<network-id>`
+
+**Example request**:
+
+    GET /networks/f2de39df4171b0dc801e8002d1d999b77256983dfc63041c0f34030aa3977566 HTTP/1.1
+
+**Example response**:
+
+```
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+  "Name": "bridge",
+  "Id": "f2de39df4171b0dc801e8002d1d999b77256983dfc63041c0f34030aa3977566",
+  "Scope": "local",
+  "Driver": "bridge",
+  "IPAM": {
+    "Driver": "default",
+    "Config": [
+      {
+        "Subnet": "172.17.0.0/16"
+      }
+    ]
+  },
+  "Containers": {
+    "39b69226f9d79f5634485fb236a23b2fe4e96a0a94128390a7fbbcc167065867": {
+      "EndpointID": "ed2419a97c1d9954d05b46e462e7002ea552f216e9b136b80a7db8d98b442eda",
+      "MacAddress": "02:42:ac:11:00:02",
+      "IPv4Address": "172.17.0.2/16",
+      "IPv6Address": ""
+    }
+  },
+  "Options": {
+    "com.docker.network.bridge.default_bridge": "true",
+    "com.docker.network.bridge.enable_icc": "true",
+    "com.docker.network.bridge.enable_ip_masquerade": "true",
+    "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
+    "com.docker.network.bridge.name": "docker0",
+    "com.docker.network.driver.mtu": "1500"
+  }
+}
+```
+
+Status Codes:
+
+-   **200** - no error
+-   **404** - network not found
+
+### Create a network
+
+`POST /networks/create`
+
+Create a network
+
+**Example request**:
+
+```
+POST /networks/create HTTP/1.1
+Content-Type: application/json
+
+{
+  "Name":"isolated_nw",
+  "Driver":"bridge"
+  "IPAM":{
+    "Config":[{
+      "Subnet":"172.20.0.0/16",
+      "IPRange":"172.20.10.0/24",
+      "Gateway":"172.20.10.11"
+    }]
+}
+```
+
+**Example response**:
+
+```
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+  "Id": "22be93d5babb089c5aab8dbc369042fad48ff791584ca2da2100db837a1c7c30",
+  "Warning": ""
+}
+```
+
+Status Codes:
+
+- **201** - no error
+- **404** - plugin not found
+- **500** - server error
+
+JSON Parameters:
+
+- **Name** - The new network's name. this is a mandatory field
+- **Driver** - Name of the network driver plugin to use. Defaults to `bridge` driver
+- **IPAM** - Optional custom IP scheme for the network
+- **Options** - Network specific options to be used by the drivers
+- **CheckDuplicate** - Requests daemon to check for networks with same name
+
+### Connect a container to a network
+
+`POST /networks/(id)/connect`
+
+Connect a container to a network
+
+**Example request**:
+
+```
+POST /networks/22be93d5babb089c5aab8dbc369042fad48ff791584ca2da2100db837a1c7c30/connect HTTP/1.1
+Content-Type: application/json
+
+{
+  "Container":"3613f73ba0e4"
+}
+```
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes:
+
+- **200** - no error
+- **404** - network or container is not found
+- **500** - Internal Server Error
+
+JSON Parameters:
+
+- **container** - container-id/name to be connected to the network
+
+### Disconnect a container from a network
+
+`POST /networks/(id)/disconnect`
+
+Disconnect a container from a network
+
+**Example request**:
+
+```
+POST /networks/22be93d5babb089c5aab8dbc369042fad48ff791584ca2da2100db837a1c7c30/disconnect HTTP/1.1
+Content-Type: application/json
+
+{
+  "Container":"3613f73ba0e4"
+}
+```
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes:
+
+- **200** - no error
+- **404** - network or container not found
+- **500** - Internal Server Error
+
+JSON Parameters:
+
+- **Container** - container-id/name to be disconnected from a network
+
+### Remove a network
+
+`DELETE /networks/(id)`
+
+Instruct the driver to remove the network (`id`).
+
+**Example request**:
+
+    DELETE /networks/22be93d5babb089c5aab8dbc369042fad48ff791584ca2da2100db837a1c7c30 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes
+
+-   **200** - no error
+-   **404** - no such network
+-   **500** - server error
+
+# 3. Going further
+
+## 3.1 Inside `docker run`
+
+As an example, the `docker run` command line makes the following API calls:
+
+- Create the container
+
+- If the status code is 404, it means the image doesn't exist:
+    - Try to pull it.
+    - Then, retry to create the container.
+
+- Start the container.
+
+- If you are not in detached mode:
+- Attach to the container, using `logs=1` (to have `stdout` and
+      `stderr` from the container's start) and `stream=1`
+
+- If in detached mode or only `stdin` is attached, display the container's id.
+
+## 3.2 Hijacking
+
+In this version of the API, `/attach`, uses hijacking to transport `stdin`,
+`stdout`, and `stderr` on the same socket.
+
+To hint potential proxies about connection hijacking, Docker client sends
+connection upgrade headers similarly to websocket.
+
+    Upgrade: tcp
+    Connection: Upgrade
+
+When Docker daemon detects the `Upgrade` header, it switches its status code
+from **200 OK** to **101 UPGRADED** and resends the same headers.
+
+
+## 3.3 CORS Requests
+
+To set cross origin requests to the remote api please give values to
+`--api-cors-header` when running Docker in daemon mode. Set * (asterisk) allows all,
+default or blank means CORS disabled
+
+    $ docker daemon -H="192.168.1.9:2375" --api-cors-header="http://foo.bar"
diff --git a/docs/reference/api/docker_remote_api_v1.22.md b/docs/reference/api/docker_remote_api_v1.22.md
new file mode 100644
index 00000000..5d3e1166
--- /dev/null
+++ b/docs/reference/api/docker_remote_api_v1.22.md
@@ -0,0 +1,3142 @@
+<!--[metadata]>
++++
+title = "Remote API v1.22"
+description = "API Documentation for Docker"
+keywords = ["API, Docker, rcli, REST,  documentation"]
+[menu.main]
+parent="engine_remoteapi"
+weight=-3
++++
+<![end-metadata]-->
+
+# Docker Remote API v1.22
+
+## 1. Brief introduction
+
+ - The Remote API has replaced `rcli`.
+ - The daemon listens on `unix:///var/run/docker.sock` but you can
+   [Bind Docker to another host/port or a Unix socket](../../quickstart.md#bind-docker-to-another-host-port-or-a-unix-socket).
+ - The API tends to be REST. However, for some complex commands, like `attach`
+   or `pull`, the HTTP connection is hijacked to transport `stdout`,
+   `stdin` and `stderr`.
+ - When the client API version is newer than the daemon's, these calls return an HTTP
+   `400 Bad Request` error message.
+
+# 2. Endpoints
+
+## 2.1 Containers
+
+### List containers
+
+`GET /containers/json`
+
+List containers
+
+**Example request**:
+
+    GET /containers/json?all=1&before=8dfafdbc3a40&size=1 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+         {
+                 "Id": "8dfafdbc3a40",
+                 "Names":["/boring_feynman"],
+                 "Image": "ubuntu:latest",
+                 "ImageID": "d74508fb6632491cea586a1fd7d748dfc5274cd6fdfedee309ecdcbc2bf5cb82",
+                 "Command": "echo 1",
+                 "Created": 1367854155,
+                 "Status": "Exit 0",
+                 "Ports": [{"PrivatePort": 2222, "PublicPort": 3333, "Type": "tcp"}],
+                 "Labels": {
+                         "com.example.vendor": "Acme",
+                         "com.example.license": "GPL",
+                         "com.example.version": "1.0"
+                 },
+                 "SizeRw": 12288,
+                 "SizeRootFs": 0,
+                 "HostConfig": {
+                         "NetworkMode": "default"
+                 },
+                 "NetworkSettings": {
+                         "Networks": {
+                                 "bridge": {
+                                          "IPAMConfig": null,
+                                          "Links": null,
+                                          "Aliases": null,
+                                          "NetworkID": "7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812",
+                                          "EndpointID": "2cdc4edb1ded3631c81f57966563e5c8525b81121bb3706a9a9a3ae102711f3f",
+                                          "Gateway": "172.17.0.1",
+                                          "IPAddress": "172.17.0.2",
+                                          "IPPrefixLen": 16,
+                                          "IPv6Gateway": "",
+                                          "GlobalIPv6Address": "",
+                                          "GlobalIPv6PrefixLen": 0,
+                                          "MacAddress": "02:42:ac:11:00:02"
+                                  }
+                         }
+                 }
+         },
+         {
+                 "Id": "9cd87474be90",
+                 "Names":["/coolName"],
+                 "Image": "ubuntu:latest",
+                 "ImageID": "d74508fb6632491cea586a1fd7d748dfc5274cd6fdfedee309ecdcbc2bf5cb82",
+                 "Command": "echo 222222",
+                 "Created": 1367854155,
+                 "Status": "Exit 0",
+                 "Ports": [],
+                 "Labels": {},
+                 "SizeRw": 12288,
+                 "SizeRootFs": 0,
+                 "HostConfig": {
+                         "NetworkMode": "default"
+                 },
+                 "NetworkSettings": {
+                         "Networks": {
+                                 "bridge": {
+                                          "IPAMConfig": null,
+                                          "Links": null,
+                                          "Aliases": null,
+                                          "NetworkID": "7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812",
+                                          "EndpointID": "88eaed7b37b38c2a3f0c4bc796494fdf51b270c2d22656412a2ca5d559a64d7a",
+                                          "Gateway": "172.17.0.1",
+                                          "IPAddress": "172.17.0.8",
+                                          "IPPrefixLen": 16,
+                                          "IPv6Gateway": "",
+                                          "GlobalIPv6Address": "",
+                                          "GlobalIPv6PrefixLen": 0,
+                                          "MacAddress": "02:42:ac:11:00:08"
+                                  }
+                         }
+                 }
+
+         },
+         {
+                 "Id": "3176a2479c92",
+                 "Names":["/sleepy_dog"],
+                 "Image": "ubuntu:latest",
+                 "ImageID": "d74508fb6632491cea586a1fd7d748dfc5274cd6fdfedee309ecdcbc2bf5cb82",
+                 "Command": "echo 3333333333333333",
+                 "Created": 1367854154,
+                 "Status": "Exit 0",
+                 "Ports":[],
+                 "Labels": {},
+                 "SizeRw":12288,
+                 "SizeRootFs":0,
+                 "HostConfig": {
+                         "NetworkMode": "default"
+                 },
+                 "NetworkSettings": {
+                         "Networks": {
+                                 "bridge": {
+                                          "IPAMConfig": null,
+                                          "Links": null,
+                                          "Aliases": null,
+                                          "NetworkID": "7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812",
+                                          "EndpointID": "8b27c041c30326d59cd6e6f510d4f8d1d570a228466f956edf7815508f78e30d",
+                                          "Gateway": "172.17.0.1",
+                                          "IPAddress": "172.17.0.6",
+                                          "IPPrefixLen": 16,
+                                          "IPv6Gateway": "",
+                                          "GlobalIPv6Address": "",
+                                          "GlobalIPv6PrefixLen": 0,
+                                          "MacAddress": "02:42:ac:11:00:06"
+                                  }
+                         }
+                 }
+
+         },
+         {
+                 "Id": "4cb07b47f9fb",
+                 "Names":["/running_cat"],
+                 "Image": "ubuntu:latest",
+                 "ImageID": "d74508fb6632491cea586a1fd7d748dfc5274cd6fdfedee309ecdcbc2bf5cb82",
+                 "Command": "echo 444444444444444444444444444444444",
+                 "Created": 1367854152,
+                 "Status": "Exit 0",
+                 "Ports": [],
+                 "Labels": {},
+                 "SizeRw": 12288,
+                 "SizeRootFs": 0,
+                 "HostConfig": {
+                         "NetworkMode": "default"
+                 },
+                 "NetworkSettings": {
+                         "Networks": {
+                                 "bridge": {
+                                          "IPAMConfig": null,
+                                          "Links": null,
+                                          "Aliases": null,
+                                          "NetworkID": "7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812",
+                                          "EndpointID": "d91c7b2f0644403d7ef3095985ea0e2370325cd2332ff3a3225c4247328e66e9",
+                                          "Gateway": "172.17.0.1",
+                                          "IPAddress": "172.17.0.5",
+                                          "IPPrefixLen": 16,
+                                          "IPv6Gateway": "",
+                                          "GlobalIPv6Address": "",
+                                          "GlobalIPv6PrefixLen": 0,
+                                          "MacAddress": "02:42:ac:11:00:05"
+                                  }
+                         }
+                 }
+
+         }
+    ]
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, Show all containers.
+        Only running containers are shown by default (i.e., this defaults to false)
+-   **limit** – Show `limit` last created
+        containers, include non-running ones.
+-   **since** – Show only containers created since Id, include
+        non-running ones.
+-   **before** – Show only containers created before Id, include
+        non-running ones.
+-   **size** – 1/True/true or 0/False/false, Show the containers
+        sizes
+-   **filters** - a JSON encoded value of the filters (a `map[string][]string`) to process on the containers list. Available filters:
+  -   `exited=<int>`; -- containers with exit code of  `<int>` ;
+  -   `status=`(`created`|`restarting`|`running`|`paused`|`exited`|`dead`)
+  -   `label=key` or `label="key=value"` of a container label
+  -   `isolation=`(`default`|`process`|`hyperv`)   (Windows daemon only)
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **500** – server error
+
+### Create a container
+
+`POST /containers/create`
+
+Create a container
+
+**Example request**:
+
+    POST /containers/create HTTP/1.1
+    Content-Type: application/json
+
+    {
+           "Hostname": "",
+           "Domainname": "",
+           "User": "",
+           "AttachStdin": false,
+           "AttachStdout": true,
+           "AttachStderr": true,
+           "Tty": false,
+           "OpenStdin": false,
+           "StdinOnce": false,
+           "Env": [
+                   "FOO=bar",
+                   "BAZ=quux"
+           ],
+           "Cmd": [
+                   "date"
+           ],
+           "Entrypoint": "",
+           "Image": "ubuntu",
+           "Labels": {
+                   "com.example.vendor": "Acme",
+                   "com.example.license": "GPL",
+                   "com.example.version": "1.0"
+           },
+           "Volumes": {
+             "/volumes/data": {}
+           },
+           "WorkingDir": "",
+           "NetworkDisabled": false,
+           "MacAddress": "12:34:56:78:9a:bc",
+           "ExposedPorts": {
+                   "22/tcp": {}
+           },
+           "StopSignal": "SIGTERM",
+           "HostConfig": {
+             "Binds": ["/tmp:/tmp"],
+             "Links": ["redis3:redis"],
+             "Memory": 0,
+             "MemorySwap": 0,
+             "MemoryReservation": 0,
+             "KernelMemory": 0,
+             "CpuShares": 512,
+             "CpuPeriod": 100000,
+             "CpuQuota": 50000,
+             "CpusetCpus": "0,1",
+             "CpusetMems": "0,1",
+             "BlkioWeight": 300,
+             "BlkioWeightDevice": [{}],
+             "BlkioDeviceReadBps": [{}],
+             "BlkioDeviceReadIOps": [{}],
+             "BlkioDeviceWriteBps": [{}],
+             "BlkioDeviceWriteIOps": [{}],
+             "MemorySwappiness": 60,
+             "OomKillDisable": false,
+             "OomScoreAdj": 500,
+             "PortBindings": { "22/tcp": [{ "HostPort": "11022" }] },
+             "PublishAllPorts": false,
+             "Privileged": false,
+             "ReadonlyRootfs": false,
+             "Dns": ["8.8.8.8"],
+             "DnsOptions": [""],
+             "DnsSearch": [""],
+             "ExtraHosts": null,
+             "VolumesFrom": ["parent", "other:ro"],
+             "CapAdd": ["NET_ADMIN"],
+             "CapDrop": ["MKNOD"],
+             "GroupAdd": ["newgroup"],
+             "RestartPolicy": { "Name": "", "MaximumRetryCount": 0 },
+             "NetworkMode": "bridge",
+             "Devices": [],
+             "Ulimits": [{}],
+             "LogConfig": { "Type": "json-file", "Config": {} },
+             "SecurityOpt": [],
+             "CgroupParent": "",
+             "VolumeDriver": "",
+             "ShmSize": 67108864
+          },
+          "NetworkingConfig": {
+          "EndpointsConfig": {
+              "isolated_nw" : {
+                  "IPAMConfig": {
+                      "IPv4Address":"172.20.30.33",
+                      "IPv6Address":"2001:db8:abcd::3033"
+                  },
+                  "Links":["container_1", "container_2"],
+                  "Aliases":["server_x", "server_y"]
+              }
+          }
+      }
+
+**Example response**:
+
+      HTTP/1.1 201 Created
+      Content-Type: application/json
+
+      {
+           "Id":"e90e34656806",
+           "Warnings":[]
+      }
+
+Json Parameters:
+
+-   **Hostname** - A string value containing the hostname to use for the
+      container.
+-   **Domainname** - A string value containing the domain name to use
+      for the container.
+-   **User** - A string value specifying the user inside the container.
+-   **Memory** - Memory limit in bytes.
+-   **MemorySwap** - Total memory limit (memory + swap); set `-1` to enable unlimited swap.
+      You must use this with `memory` and make the swap value larger than `memory`.
+-   **MemoryReservation** - Memory soft limit in bytes.
+-   **KernelMemory** - Kernel memory limit in bytes.
+-   **CpuShares** - An integer value containing the container's CPU Shares
+      (ie. the relative weight vs other containers).
+-   **CpuPeriod** - The length of a CPU period in microseconds.
+-   **CpuQuota** - Microseconds of CPU time that the container can get in a CPU period.
+-   **Cpuset** - Deprecated please don't use. Use `CpusetCpus` instead.
+-   **CpusetCpus** - String value containing the `cgroups CpusetCpus` to use.
+-   **CpusetMems** - Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems.
+-   **BlkioWeight** - Block IO weight (relative weight) accepts a weight value between 10 and 1000.
+-   **BlkioWeightDevice** - Block IO weight (relative device weight) in the form of:        `"BlkioWeightDevice": [{"Path": "device_path", "Weight": weight}]`
+-   **BlkioDeviceReadBps** - Limit read rate (bytes per second) from a device in the form of:	`"BlkioDeviceReadBps": [{"Path": "device_path", "Rate": rate}]`, for example:
+	`"BlkioDeviceReadBps": [{"Path": "/dev/sda", "Rate": "1024"}]"`
+-   **BlkioDeviceWriteBps** - Limit write rate (bytes per second) to a device in the form of:	`"BlkioDeviceWriteBps": [{"Path": "device_path", "Rate": rate}]`, for example:
+	`"BlkioDeviceWriteBps": [{"Path": "/dev/sda", "Rate": "1024"}]"`
+-   **BlkioDeviceReadIOps** - Limit read rate (IO per second) from a device in the form of:	`"BlkioDeviceReadIOps": [{"Path": "device_path", "Rate": rate}]`, for example:
+	`"BlkioDeviceReadIOps": [{"Path": "/dev/sda", "Rate": "1000"}]`
+-   **BlkioDeviceWiiteIOps** - Limit write rate (IO per second) to a device in the form of:	`"BlkioDeviceWriteIOps": [{"Path": "device_path", "Rate": rate}]`, for example:
+	`"BlkioDeviceWriteIOps": [{"Path": "/dev/sda", "Rate": "1000"}]`
+-   **MemorySwappiness** - Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100.
+-   **OomKillDisable** - Boolean value, whether to disable OOM Killer for the container or not.
+-   **OomScoreAdj** - An integer value containing the score given to the container in order to tune OOM killer preferences.
+-   **AttachStdin** - Boolean value, attaches to `stdin`.
+-   **AttachStdout** - Boolean value, attaches to `stdout`.
+-   **AttachStderr** - Boolean value, attaches to `stderr`.
+-   **Tty** - Boolean value, Attach standard streams to a `tty`, including `stdin` if it is not closed.
+-   **OpenStdin** - Boolean value, opens stdin,
+-   **StdinOnce** - Boolean value, close `stdin` after the 1 attached client disconnects.
+-   **Env** - A list of environment variables in the form of `["VAR=value"[,"VAR2=value2"]]`
+-   **Labels** - Adds a map of labels to a container. To specify a map: `{"key":"value"[,"key2":"value2"]}`
+-   **Cmd** - Command to run specified as a string or an array of strings.
+-   **Entrypoint** - Set the entry point for the container as a string or an array
+      of strings.
+-   **Image** - A string specifying the image name to use for the container.
+-   **Volumes** - An object mapping mount point paths (strings) inside the
+      container to empty objects.
+-   **WorkingDir** - A string specifying the working directory for commands to
+      run in.
+-   **NetworkDisabled** - Boolean value, when true disables networking for the
+      container
+-   **ExposedPorts** - An object mapping ports to an empty object in the form of:
+      `"ExposedPorts": { "<port>/<tcp|udp>: {}" }`
+-   **StopSignal** - Signal to stop a container as a string or unsigned integer. `SIGTERM` by default.
+-   **HostConfig**
+    -   **Binds** – A list of volume bindings for this container. Each volume binding is a string in one of these forms:
+           + `host_path:container_path` to bind-mount a host path into the container
+           + `host_path:container_path:ro` to make the bind-mount read-only inside the container.
+           + `volume_name:container_path` to bind-mount a volume managed by a volume plugin into the container.
+           + `volume_name:container_path:ro` to make the bind mount read-only inside the container.
+    -   **Links** - A list of links for the container. Each link entry should be
+          in the form of `container_name:alias`.
+    -   **PortBindings** - A map of exposed container ports and the host port they
+          should map to. A JSON object in the form
+          `{ <port>/<protocol>: [{ "HostPort": "<port>" }] }`
+          Take note that `port` is specified as a string and not an integer value.
+    -   **PublishAllPorts** - Allocates a random host port for all of a container's
+          exposed ports. Specified as a boolean value.
+    -   **Privileged** - Gives the container full access to the host. Specified as
+          a boolean value.
+    -   **ReadonlyRootfs** - Mount the container's root filesystem as read only.
+          Specified as a boolean value.
+    -   **Dns** - A list of DNS servers for the container to use.
+    -   **DnsOptions** - A list of DNS options
+    -   **DnsSearch** - A list of DNS search domains
+    -   **ExtraHosts** - A list of hostnames/IP mappings to add to the
+        container's `/etc/hosts` file. Specified in the form `["hostname:IP"]`.
+    -   **VolumesFrom** - A list of volumes to inherit from another container.
+          Specified in the form `<container name>[:<ro|rw>]`
+    -   **CapAdd** - A list of kernel capabilities to add to the container.
+    -   **Capdrop** - A list of kernel capabilities to drop from the container.
+    -   **GroupAdd** - A list of additional groups that the container process will run as
+    -   **RestartPolicy** – The behavior to apply when the container exits.  The
+            value is an object with a `Name` property of either `"always"` to
+            always restart, `"unless-stopped"` to restart always except when
+            user has manually stopped the container or `"on-failure"` to restart only when the container
+            exit code is non-zero.  If `on-failure` is used, `MaximumRetryCount`
+            controls the number of times to retry before giving up.
+            The default is not to restart. (optional)
+            An ever increasing delay (double the previous delay, starting at 100mS)
+            is added before each restart to prevent flooding the server.
+    -   **NetworkMode** - Sets the networking mode for the container. Supported
+          standard values are: `bridge`, `host`, `none`, and `container:<name|id>`. Any other value is taken
+          as a custom network's name to which this container should connect to.
+    -   **Devices** - A list of devices to add to the container specified as a JSON object in the
+      form
+          `{ "PathOnHost": "/dev/deviceName", "PathInContainer": "/dev/deviceName", "CgroupPermissions": "mrw"}`
+    -   **Ulimits** - A list of ulimits to set in the container, specified as
+          `{ "Name": <name>, "Soft": <soft limit>, "Hard": <hard limit> }`, for example:
+          `Ulimits: { "Name": "nofile", "Soft": 1024, "Hard": 2048 }`
+    -   **SecurityOpt**: A list of string values to customize labels for MLS
+        systems, such as SELinux.
+    -   **LogConfig** - Log configuration for the container, specified as a JSON object in the form
+          `{ "Type": "<driver_name>", "Config": {"key1": "val1"}}`.
+          Available types: `json-file`, `syslog`, `journald`, `gelf`, `awslogs`, `splunk`, `none`.
+          `json-file` logging driver.
+    -   **CgroupParent** - Path to `cgroups` under which the container's `cgroup` is created. If the path is not absolute, the path is considered to be relative to the `cgroups` path of the init process. Cgroups are created if they do not already exist.
+    -   **VolumeDriver** - Driver that this container users to mount volumes.
+    -   **ShmSize** - Size of `/dev/shm` in bytes. The size must be greater than 0.  If omitted the system uses 64MB.
+
+Query Parameters:
+
+-   **name** – Assign the specified name to the container. Must
+    match `/?[a-zA-Z0-9_-]+`.
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **406** – impossible to attach (container not running)
+-   **500** – server error
+
+### Inspect a container
+
+`GET /containers/(id or name)/json`
+
+Return low-level information on the container `id`
+
+
+**Example request**:
+
+      GET /containers/4fa6e0f0c678/json HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+		"AppArmorProfile": "",
+		"Args": [
+			"-c",
+			"exit 9"
+		],
+		"Config": {
+			"AttachStderr": true,
+			"AttachStdin": false,
+			"AttachStdout": true,
+			"Cmd": [
+				"/bin/sh",
+				"-c",
+				"exit 9"
+			],
+			"Domainname": "",
+			"Entrypoint": null,
+			"Env": [
+				"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+			],
+			"ExposedPorts": null,
+			"Hostname": "ba033ac44011",
+			"Image": "ubuntu",
+			"Labels": {
+				"com.example.vendor": "Acme",
+				"com.example.license": "GPL",
+				"com.example.version": "1.0"
+			},
+			"MacAddress": "",
+			"NetworkDisabled": false,
+			"OnBuild": null,
+			"OpenStdin": false,
+			"StdinOnce": false,
+			"Tty": false,
+			"User": "",
+			"Volumes": {
+                          "/volumes/data": {}
+                        },
+			"WorkingDir": "",
+			"StopSignal": "SIGTERM"
+		},
+		"Created": "2015-01-06T15:47:31.485331387Z",
+		"Driver": "devicemapper",
+		"ExecDriver": "native-0.2",
+		"ExecIDs": null,
+		"HostConfig": {
+			"Binds": null,
+			"BlkioWeight": 0,
+			"BlkioWeightDevice": [{}],
+			"BlkioDeviceReadBps": [{}],
+			"BlkioDeviceWriteBps": [{}],
+			"BlkioDeviceReadIOps": [{}],
+			"BlkioDeviceWriteIOps": [{}],
+			"CapAdd": null,
+			"CapDrop": null,
+			"ContainerIDFile": "",
+			"CpusetCpus": "",
+			"CpusetMems": "",
+			"CpuShares": 0,
+			"CpuPeriod": 100000,
+			"Devices": [],
+			"Dns": null,
+			"DnsOptions": null,
+			"DnsSearch": null,
+			"ExtraHosts": null,
+			"IpcMode": "",
+			"Links": null,
+			"LxcConf": [],
+			"Memory": 0,
+			"MemorySwap": 0,
+			"MemoryReservation": 0,
+			"KernelMemory": 0,
+			"OomKillDisable": false,
+			"OomScoreAdj": 500,
+			"NetworkMode": "bridge",
+			"PortBindings": {},
+			"Privileged": false,
+			"ReadonlyRootfs": false,
+			"PublishAllPorts": false,
+			"RestartPolicy": {
+				"MaximumRetryCount": 2,
+				"Name": "on-failure"
+			},
+			"LogConfig": {
+				"Config": null,
+				"Type": "json-file"
+			},
+			"SecurityOpt": null,
+			"VolumesFrom": null,
+			"Ulimits": [{}],
+			"VolumeDriver": "",
+			"ShmSize": 67108864
+		},
+		"HostnamePath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/hostname",
+		"HostsPath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/hosts",
+		"LogPath": "/var/lib/docker/containers/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b-json.log",
+		"Id": "ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39",
+		"Image": "04c5d3b7b0656168630d3ba35d8889bd0e9caafcaeb3004d2bfbc47e7c5d35d2",
+		"MountLabel": "",
+		"Name": "/boring_euclid",
+		"NetworkSettings": {
+			"Bridge": "",
+			"SandboxID": "",
+			"HairpinMode": false,
+			"LinkLocalIPv6Address": "",
+			"LinkLocalIPv6PrefixLen": 0,
+			"Ports": null,
+			"SandboxKey": "",
+			"SecondaryIPAddresses": null,
+			"SecondaryIPv6Addresses": null,
+			"EndpointID": "",
+			"Gateway": "",
+			"GlobalIPv6Address": "",
+			"GlobalIPv6PrefixLen": 0,
+			"IPAddress": "",
+			"IPPrefixLen": 0,
+			"IPv6Gateway": "",
+			"MacAddress": "",
+			"Networks": {
+				"bridge": {
+					"NetworkID": "7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812",
+					"EndpointID": "7587b82f0dada3656fda26588aee72630c6fab1536d36e394b2bfbcf898c971d",
+					"Gateway": "172.17.0.1",
+					"IPAddress": "172.17.0.2",
+					"IPPrefixLen": 16,
+					"IPv6Gateway": "",
+					"GlobalIPv6Address": "",
+					"GlobalIPv6PrefixLen": 0,
+					"MacAddress": "02:42:ac:12:00:02"
+				}
+			}
+		},
+		"Path": "/bin/sh",
+		"ProcessLabel": "",
+		"ResolvConfPath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/resolv.conf",
+		"RestartCount": 1,
+		"State": {
+			"Error": "",
+			"ExitCode": 9,
+			"FinishedAt": "2015-01-06T15:47:32.080254511Z",
+			"OOMKilled": false,
+			"Dead": false,
+			"Paused": false,
+			"Pid": 0,
+			"Restarting": false,
+			"Running": true,
+			"StartedAt": "2015-01-06T15:47:32.072697474Z",
+			"Status": "running"
+		},
+		"Mounts": [
+			{
+				"Name": "fac362...80535",
+				"Source": "/data",
+				"Destination": "/data",
+				"Driver": "local",
+				"Mode": "ro,Z",
+				"RW": false,
+				"Propagation": ""
+			}
+		]
+	}
+
+**Example request, with size information**:
+
+    GET /containers/4fa6e0f0c678/json?size=1 HTTP/1.1
+
+**Example response, with size information**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+    ....
+    "SizeRw": 0,
+    "SizeRootFs": 972,
+    ....
+    }
+
+Query Parameters:
+
+-   **size** – 1/True/true or 0/False/false, return container size information. Default is `false`.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### List processes running inside a container
+
+`GET /containers/(id or name)/top`
+
+List processes running inside the container `id`. On Unix systems this
+is done by running the `ps` command. This endpoint is not
+supported on Windows.
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+       "Titles" : [
+         "UID", "PID", "PPID", "C", "STIME", "TTY", "TIME", "CMD"
+       ],
+       "Processes" : [
+         [
+           "root", "13642", "882", "0", "17:03", "pts/0", "00:00:00", "/bin/bash"
+         ],
+         [
+           "root", "13735", "13642", "0", "17:06", "pts/0", "00:00:00", "sleep 10"
+         ]
+       ]
+    }
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top?ps_args=aux HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+      "Titles" : [
+        "USER","PID","%CPU","%MEM","VSZ","RSS","TTY","STAT","START","TIME","COMMAND"
+      ]
+      "Processes" : [
+        [
+          "root","13642","0.0","0.1","18172","3184","pts/0","Ss","17:03","0:00","/bin/bash"
+        ],
+        [
+          "root","13895","0.0","0.0","4348","692","pts/0","S+","17:15","0:00","sleep 10"
+        ]
+      ],
+    }
+
+Query Parameters:
+
+-   **ps_args** – `ps` arguments to use (e.g., `aux`), defaults to `-ef`
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Get container logs
+
+`GET /containers/(id or name)/logs`
+
+Get `stdout` and `stderr` logs from the container ``id``
+
+> **Note**:
+> This endpoint works only for containers with the `json-file` or `journald` logging drivers.
+
+**Example request**:
+
+     GET /containers/4fa6e0f0c678/logs?stderr=1&stdout=1&timestamps=1&follow=1&tail=10&since=1428990821 HTTP/1.1
+
+**Example response**:
+
+     HTTP/1.1 101 UPGRADED
+     Content-Type: application/vnd.docker.raw-stream
+     Connection: Upgrade
+     Upgrade: tcp
+
+     {{ STREAM }}
+
+Query Parameters:
+
+-   **follow** – 1/True/true or 0/False/false, return stream. Default `false`.
+-   **stdout** – 1/True/true or 0/False/false, show `stdout` log. Default `false`.
+-   **stderr** – 1/True/true or 0/False/false, show `stderr` log. Default `false`.
+-   **since** – UNIX timestamp (integer) to filter logs. Specifying a timestamp
+    will only output log-entries since that timestamp. Default: 0 (unfiltered)
+-   **timestamps** – 1/True/true or 0/False/false, print timestamps for
+        every log line. Default `false`.
+-   **tail** – Output specified number of lines at the end of logs: `all` or `<number>`. Default all.
+
+Status Codes:
+
+-   **101** – no error, hints proxy about hijacking
+-   **200** – no error, no upgrade header found
+-   **404** – no such container
+-   **500** – server error
+
+### Inspect changes on a container's filesystem
+
+`GET /containers/(id or name)/changes`
+
+Inspect changes on container `id`'s filesystem
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/changes HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+         {
+                 "Path": "/dev",
+                 "Kind": 0
+         },
+         {
+                 "Path": "/dev/kmsg",
+                 "Kind": 1
+         },
+         {
+                 "Path": "/test",
+                 "Kind": 1
+         }
+    ]
+
+Values for `Kind`:
+
+- `0`: Modify
+- `1`: Add
+- `2`: Delete
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Export a container
+
+`GET /containers/(id or name)/export`
+
+Export the contents of container `id`
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/export HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/octet-stream
+
+    {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Get container stats based on resource usage
+
+`GET /containers/(id or name)/stats`
+
+This endpoint returns a live stream of a container's resource usage statistics.
+
+**Example request**:
+
+    GET /containers/redis1/stats HTTP/1.1
+
+**Example response**:
+
+      HTTP/1.1 200 OK
+      Content-Type: application/json
+
+      {
+         "read" : "2015-01-08T22:57:31.547920715Z",
+         "networks": {
+                 "eth0": {
+                     "rx_bytes": 5338,
+                     "rx_dropped": 0,
+                     "rx_errors": 0,
+                     "rx_packets": 36,
+                     "tx_bytes": 648,
+                     "tx_dropped": 0,
+                     "tx_errors": 0,
+                     "tx_packets": 8
+                 },
+                 "eth5": {
+                     "rx_bytes": 4641,
+                     "rx_dropped": 0,
+                     "rx_errors": 0,
+                     "rx_packets": 26,
+                     "tx_bytes": 690,
+                     "tx_dropped": 0,
+                     "tx_errors": 0,
+                     "tx_packets": 9
+                 }
+         },
+         "memory_stats" : {
+            "stats" : {
+               "total_pgmajfault" : 0,
+               "cache" : 0,
+               "mapped_file" : 0,
+               "total_inactive_file" : 0,
+               "pgpgout" : 414,
+               "rss" : 6537216,
+               "total_mapped_file" : 0,
+               "writeback" : 0,
+               "unevictable" : 0,
+               "pgpgin" : 477,
+               "total_unevictable" : 0,
+               "pgmajfault" : 0,
+               "total_rss" : 6537216,
+               "total_rss_huge" : 6291456,
+               "total_writeback" : 0,
+               "total_inactive_anon" : 0,
+               "rss_huge" : 6291456,
+               "hierarchical_memory_limit" : 67108864,
+               "total_pgfault" : 964,
+               "total_active_file" : 0,
+               "active_anon" : 6537216,
+               "total_active_anon" : 6537216,
+               "total_pgpgout" : 414,
+               "total_cache" : 0,
+               "inactive_anon" : 0,
+               "active_file" : 0,
+               "pgfault" : 964,
+               "inactive_file" : 0,
+               "total_pgpgin" : 477
+            },
+            "max_usage" : 6651904,
+            "usage" : 6537216,
+            "failcnt" : 0,
+            "limit" : 67108864
+         },
+         "blkio_stats" : {},
+         "cpu_stats" : {
+            "cpu_usage" : {
+               "percpu_usage" : [
+                  8646879,
+                  24472255,
+                  36438778,
+                  30657443
+               ],
+               "usage_in_usermode" : 50000000,
+               "total_usage" : 100215355,
+               "usage_in_kernelmode" : 30000000
+            },
+            "system_cpu_usage" : 739306590000000,
+            "throttling_data" : {"periods":0,"throttled_periods":0,"throttled_time":0}
+         },
+         "precpu_stats" : {
+            "cpu_usage" : {
+               "percpu_usage" : [
+                  8646879,
+                  24350896,
+                  36438778,
+                  30657443
+               ],
+               "usage_in_usermode" : 50000000,
+               "total_usage" : 100093996,
+               "usage_in_kernelmode" : 30000000
+            },
+            "system_cpu_usage" : 9492140000000,
+            "throttling_data" : {"periods":0,"throttled_periods":0,"throttled_time":0}
+         }
+      }
+
+The precpu_stats is the cpu statistic of last read, which is used for calculating the cpu usage percent. It is not the exact copy of the “cpu_stats” field.
+
+Query Parameters:
+
+-   **stream** – 1/True/true or 0/False/false, pull stats once then disconnect. Default `true`.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Resize a container TTY
+
+`POST /containers/(id or name)/resize`
+
+Resize the TTY for container with  `id`. The unit is number of characters. You must restart the container for the resize to take effect.
+
+**Example request**:
+
+      POST /containers/4fa6e0f0c678/resize?h=40&w=80 HTTP/1.1
+
+**Example response**:
+
+      HTTP/1.1 200 OK
+      Content-Length: 0
+      Content-Type: text/plain; charset=utf-8
+
+Query Parameters:
+
+-   **h** – height of `tty` session
+-   **w** – width
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – No such container
+-   **500** – Cannot resize container
+
+### Start a container
+
+`POST /containers/(id or name)/start`
+
+Start the container `id`
+
+> **Note**:
+> For backwards compatibility, this endpoint accepts a `HostConfig` as JSON-encoded request body.
+> See [create a container](#create-a-container) for details.
+
+**Example request**:
+
+    POST /containers/e90e34656806/start HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **detachKeys** – Override the key sequence for detaching a
+        container. Format is a single character `[a-Z]` or `ctrl-<value>`
+        where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`.
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already started
+-   **404** – no such container
+-   **500** – server error
+
+### Stop a container
+
+`POST /containers/(id or name)/stop`
+
+Stop the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/stop?t=5 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already stopped
+-   **404** – no such container
+-   **500** – server error
+
+### Restart a container
+
+`POST /containers/(id or name)/restart`
+
+Restart the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/restart?t=5 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Kill a container
+
+`POST /containers/(id or name)/kill`
+
+Kill the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/kill HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters
+
+-   **signal** - Signal to send to the container: integer or string like `SIGINT`.
+        When not set, `SIGKILL` is assumed and the call waits for the container to exit.
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Update a container
+
+`POST /containers/(id or name)/update`
+
+Update resource configs of one or more containers.
+
+**Example request**:
+
+       POST /containers/e90e34656806/update HTTP/1.1
+       Content-Type: application/json
+
+       {
+         "BlkioWeight": 300,
+         "CpuShares": 512,
+         "CpuPeriod": 100000,
+         "CpuQuota": 50000,
+         "CpusetCpus": "0,1",
+         "CpusetMems": "0",
+         "Memory": 314572800,
+         "MemorySwap": 514288000,
+         "MemoryReservation": 209715200,
+         "KernelMemory": 52428800,
+       }
+
+**Example response**:
+
+       HTTP/1.1 200 OK
+       Content-Type: application/json
+
+       {
+           "Warnings": []
+       }
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Rename a container
+
+`POST /containers/(id or name)/rename`
+
+Rename the container `id` to a `new_name`
+
+**Example request**:
+
+    POST /containers/e90e34656806/rename?name=new_name HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **name** – new name for the container
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **409** - conflict name already assigned
+-   **500** – server error
+
+### Pause a container
+
+`POST /containers/(id or name)/pause`
+
+Pause the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/pause HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Unpause a container
+
+`POST /containers/(id or name)/unpause`
+
+Unpause the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/unpause HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Attach to a container
+
+`POST /containers/(id or name)/attach`
+
+Attach to the container `id`
+
+**Example request**:
+
+    POST /containers/16253994b7c4/attach?logs=1&stream=0&stdout=1 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 101 UPGRADED
+    Content-Type: application/vnd.docker.raw-stream
+    Connection: Upgrade
+    Upgrade: tcp
+
+    {{ STREAM }}
+
+Query Parameters:
+
+-   **detachKeys** – Override the key sequence for detaching a
+        container. Format is a single character `[a-Z]` or `ctrl-<value>`
+        where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`.
+-   **logs** – 1/True/true or 0/False/false, return logs. Default `false`.
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default `false`.
+-   **stdin** – 1/True/true or 0/False/false, if `stream=true`, attach
+        to `stdin`. Default `false`.
+-   **stdout** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stdout` log, if `stream=true`, attach to `stdout`. Default `false`.
+-   **stderr** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
+
+Status Codes:
+
+-   **101** – no error, hints proxy about hijacking
+-   **200** – no error, no upgrade header found
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+    **Stream details**:
+
+    When using the TTY setting is enabled in
+    [`POST /containers/create`
+    ](#create-a-container),
+    the stream is the raw data from the process PTY and client's `stdin`.
+    When the TTY is disabled, then the stream is multiplexed to separate
+    `stdout` and `stderr`.
+
+    The format is a **Header** and a **Payload** (frame).
+
+    **HEADER**
+
+    The header contains the information which the stream writes (`stdout` or
+    `stderr`). It also contains the size of the associated frame encoded in the
+    last four bytes (`uint32`).
+
+    It is encoded on the first eight bytes like this:
+
+        header := [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4}
+
+    `STREAM_TYPE` can be:
+
+-   0: `stdin` (is written on `stdout`)
+-   1: `stdout`
+-   2: `stderr`
+
+    `SIZE1, SIZE2, SIZE3, SIZE4` are the four bytes of
+    the `uint32` size encoded as big endian.
+
+    **PAYLOAD**
+
+    The payload is the raw stream.
+
+    **IMPLEMENTATION**
+
+    The simplest way to implement the Attach protocol is the following:
+
+    1.  Read eight bytes.
+    2.  Choose `stdout` or `stderr` depending on the first byte.
+    3.  Extract the frame size from the last four bytes.
+    4.  Read the extracted size and output it on the correct output.
+    5.  Goto 1.
+
+### Attach to a container (websocket)
+
+`GET /containers/(id or name)/attach/ws`
+
+Attach to the container `id` via websocket
+
+Implements websocket protocol handshake according to [RFC 6455](http://tools.ietf.org/html/rfc6455)
+
+**Example request**
+
+    GET /containers/e90e34656806/attach/ws?logs=0&stream=1&stdin=1&stdout=1&stderr=1 HTTP/1.1
+
+**Example response**
+
+    {{ STREAM }}
+
+Query Parameters:
+
+-   **detachKeys** – Override the key sequence for detaching a
+        container. Format is a single character `[a-Z]` or `ctrl-<value>`
+        where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`.
+-   **logs** – 1/True/true or 0/False/false, return logs. Default `false`.
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default `false`.
+-   **stdin** – 1/True/true or 0/False/false, if `stream=true`, attach
+        to `stdin`. Default `false`.
+-   **stdout** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stdout` log, if `stream=true`, attach to `stdout`. Default `false`.
+-   **stderr** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Wait a container
+
+`POST /containers/(id or name)/wait`
+
+Block until container `id` stops, then returns the exit code
+
+**Example request**:
+
+    POST /containers/16253994b7c4/wait HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"StatusCode": 0}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Remove a container
+
+`DELETE /containers/(id or name)`
+
+Remove the container `id` from the filesystem
+
+**Example request**:
+
+    DELETE /containers/16253994b7c4?v=1 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **v** – 1/True/true or 0/False/false, Remove the volumes
+        associated to the container. Default `false`.
+-   **force** - 1/True/true or 0/False/false, Kill then remove the container.
+        Default `false`.
+
+Status Codes:
+
+-   **204** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Copy files or folders from a container
+
+`POST /containers/(id or name)/copy`
+
+Copy files or folders of container `id`
+
+**Deprecated** in favor of the `archive` endpoint below.
+
+**Example request**:
+
+    POST /containers/4fa6e0f0c678/copy HTTP/1.1
+    Content-Type: application/json
+
+    {
+         "Resource": "test.txt"
+    }
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/x-tar
+
+    {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Retrieving information about files and folders in a container
+
+`HEAD /containers/(id or name)/archive`
+
+See the description of the `X-Docker-Container-Path-Stat` header in the
+following section.
+
+### Get an archive of a filesystem resource in a container
+
+`GET /containers/(id or name)/archive`
+
+Get an tar archive of a resource in the filesystem of container `id`.
+
+Query Parameters:
+
+- **path** - resource in the container's filesystem to archive. Required.
+
+    If not an absolute path, it is relative to the container's root directory.
+    The resource specified by **path** must exist. To assert that the resource
+    is expected to be a directory, **path** should end in `/` or  `/.`
+    (assuming a path separator of `/`). If **path** ends in `/.` then this
+    indicates that only the contents of the **path** directory should be
+    copied. A symlink is always resolved to its target.
+
+    **Note**: It is not possible to copy certain system files such as resources
+    under `/proc`, `/sys`, `/dev`, and mounts created by the user in the
+    container.
+
+**Example request**:
+
+        GET /containers/8cce319429b2/archive?path=/root HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/x-tar
+        X-Docker-Container-Path-Stat: eyJuYW1lIjoicm9vdCIsInNpemUiOjQwOTYsIm1vZGUiOjIxNDc0ODQwOTYsIm10aW1lIjoiMjAxNC0wMi0yN1QyMDo1MToyM1oiLCJsaW5rVGFyZ2V0IjoiIn0=
+
+        {{ TAR STREAM }}
+
+On success, a response header `X-Docker-Container-Path-Stat` will be set to a
+base64-encoded JSON object containing some filesystem header information about
+the archived resource. The above example value would decode to the following
+JSON object (whitespace added for readability):
+
+        {
+            "name": "root",
+            "size": 4096,
+            "mode": 2147484096,
+            "mtime": "2014-02-27T20:51:23Z",
+            "linkTarget": ""
+        }
+
+A `HEAD` request can also be made to this endpoint if only this information is
+desired.
+
+Status Codes:
+
+- **200** - success, returns archive of copied resource
+- **400** - client error, bad parameter, details in JSON response body, one of:
+    - must specify path parameter (**path** cannot be empty)
+    - not a directory (**path** was asserted to be a directory but exists as a
+      file)
+- **404** - client error, resource not found, one of:
+    – no such container (container `id` does not exist)
+    - no such file or directory (**path** does not exist)
+- **500** - server error
+
+### Extract an archive of files or folders to a directory in a container
+
+`PUT /containers/(id or name)/archive`
+
+Upload a tar archive to be extracted to a path in the filesystem of container
+`id`.
+
+Query Parameters:
+
+- **path** - path to a directory in the container
+    to extract the archive's contents into. Required.
+
+    If not an absolute path, it is relative to the container's root directory.
+    The **path** resource must exist.
+- **noOverwriteDirNonDir** - If "1", "true", or "True" then it will be an error
+    if unpacking the given content would cause an existing directory to be
+    replaced with a non-directory and vice versa.
+
+**Example request**:
+
+    PUT /containers/8cce319429b2/archive?path=/vol1 HTTP/1.1
+    Content-Type: application/x-tar
+
+    {{ TAR STREAM }}
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes:
+
+- **200** – the content was extracted successfully
+- **400** - client error, bad parameter, details in JSON response body, one of:
+    - must specify path parameter (**path** cannot be empty)
+    - not a directory (**path** should be a directory but exists as a file)
+    - unable to overwrite existing directory with non-directory
+      (if **noOverwriteDirNonDir**)
+    - unable to overwrite existing non-directory with directory
+      (if **noOverwriteDirNonDir**)
+- **403** - client error, permission denied, the volume
+    or container rootfs is marked as read-only.
+- **404** - client error, resource not found, one of:
+    – no such container (container `id` does not exist)
+    - no such file or directory (**path** resource does not exist)
+- **500** – server error
+
+## 2.2 Images
+
+### List Images
+
+`GET /images/json`
+
+**Example request**:
+
+    GET /images/json?all=0 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+      {
+         "RepoTags": [
+           "ubuntu:12.04",
+           "ubuntu:precise",
+           "ubuntu:latest"
+         ],
+         "Id": "8dbd9e392a964056420e5d58ca5cc376ef18e2de93b5cc90e868a1bbc8318c1c",
+         "Created": 1365714795,
+         "Size": 131506275,
+         "VirtualSize": 131506275,
+         "Labels": {}
+      },
+      {
+         "RepoTags": [
+           "ubuntu:12.10",
+           "ubuntu:quantal"
+         ],
+         "ParentId": "27cf784147099545",
+         "Id": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+         "Created": 1364102658,
+         "Size": 24653,
+         "VirtualSize": 180116135,
+         "Labels": {
+            "com.example.version": "v1"
+         }
+      }
+    ]
+
+**Example request, with digest information**:
+
+    GET /images/json?digests=1 HTTP/1.1
+
+**Example response, with digest information**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+      {
+        "Created": 1420064636,
+        "Id": "4986bf8c15363d1c5d15512d5266f8777bfba4974ac56e3270e7760f6f0a8125",
+        "ParentId": "ea13149945cb6b1e746bf28032f02e9b5a793523481a0a18645fc77ad53c4ea2",
+        "RepoDigests": [
+          "localhost:5000/test/busybox@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf"
+        ],
+        "RepoTags": [
+          "localhost:5000/test/busybox:latest",
+          "playdate:latest"
+        ],
+        "Size": 0,
+        "VirtualSize": 2429728,
+        "Labels": {}
+      }
+    ]
+
+The response shows a single image `Id` associated with two repositories
+(`RepoTags`): `localhost:5000/test/busybox`: and `playdate`. A caller can use
+either of the `RepoTags` values `localhost:5000/test/busybox:latest` or
+`playdate:latest` to reference the image.
+
+You can also use `RepoDigests` values to reference an image. In this response,
+the array has only one reference and that is to the
+`localhost:5000/test/busybox` repository; the `playdate` repository has no
+digest. You can reference this digest using the value:
+`localhost:5000/test/busybox@sha256:cbbf2f9a99b47fc460d...`
+
+See the `docker run` and `docker build` commands for examples of digest and tag
+references on the command line.
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, default false
+-   **filters** – a JSON encoded value of the filters (a map[string][]string) to process on the images list. Available filters:
+  -   `dangling=true`
+  -   `label=key` or `label="key=value"` of an image label
+-   **filter** - only return images with the specified name
+
+### Build image from a Dockerfile
+
+`POST /build`
+
+Build an image from a Dockerfile
+
+**Example request**:
+
+    POST /build HTTP/1.1
+
+    {{ TAR STREAM }}
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"stream": "Step 1..."}
+    {"stream": "..."}
+    {"error": "Error...", "errorDetail": {"code": 123, "message": "Error..."}}
+
+The input stream must be a `tar` archive compressed with one of the
+following algorithms: `identity` (no compression), `gzip`, `bzip2`, `xz`.
+
+The archive must include a build instructions file, typically called
+`Dockerfile` at the archive's root. The `dockerfile` parameter may be
+used to specify a different build instructions file. To do this, its value must be
+the path to the alternate build instructions file to use.
+
+The archive may include any number of other files,
+which are accessible in the build context (See the [*ADD build
+command*](../../reference/builder.md#dockerbuilder)).
+
+The build is canceled if the client drops the connection by quitting
+or being killed.
+
+Query Parameters:
+
+-   **dockerfile** - Path within the build context to the Dockerfile. This is
+        ignored if `remote` is specified and points to an individual filename.
+-   **t** – A name and optional tag to apply to the image in the `name:tag` format.
+        If you omit the `tag` the default `latest` value is assumed.
+        You can provide one or more `t` parameters.
+-   **remote** – A Git repository URI or HTTP/HTTPS URI build source. If the
+        URI specifies a filename, the file's contents are placed into a file
+		called `Dockerfile`.
+-   **q** – Suppress verbose build output.
+-   **nocache** – Do not use the cache when building the image.
+-   **pull** - Attempt to pull the image even if an older image exists locally.
+-   **rm** - Remove intermediate containers after a successful build (default behavior).
+-   **forcerm** - Always remove intermediate containers (includes `rm`).
+-   **memory** - Set memory limit for build.
+-   **memswap** - Total memory (memory + swap), `-1` to enable unlimited swap.
+-   **cpushares** - CPU shares (relative weight).
+-   **cpusetcpus** - CPUs in which to allow execution (e.g., `0-3`, `0,1`).
+-   **cpuperiod** - The length of a CPU period in microseconds.
+-   **cpuquota** - Microseconds of CPU time that the container can get in a CPU period.
+-   **buildargs** – JSON map of string pairs for build-time variables. Users pass
+        these values at build-time. Docker uses the `buildargs` as the environment
+        context for command(s) run via the Dockerfile's `RUN` instruction or for
+        variable expansion in other Dockerfile instructions. This is not meant for
+        passing secret values. [Read more about the buildargs instruction](../../reference/builder.md#arg)
+-   **shmsize** - Size of `/dev/shm` in bytes. The size must be greater than 0.  If omitted the system uses 64MB.
+
+    Request Headers:
+
+-   **Content-type** – Set to `"application/tar"`.
+-   **X-Registry-Config** – A base64-url-safe-encoded Registry Auth Config JSON
+        object with the following structure:
+
+            {
+                "docker.example.com": {
+                    "username": "janedoe",
+                    "password": "hunter2"
+                },
+                "https://index.docker.io/v1/": {
+                    "username": "mobydock",
+                    "password": "conta1n3rize14"
+                }
+            }
+
+        This object maps the hostname of a registry to an object containing the
+        "username" and "password" for that registry. Multiple registries may
+        be specified as the build may be based on an image requiring
+        authentication to pull from any arbitrary registry. Only the registry
+        domain name (and port if not the default "443") are required. However
+        (for legacy reasons) the "official" Docker, Inc. hosted registry must
+        be specified with both a "https://" prefix and a "/v1/" suffix even
+        though Docker will prefer to use the v2 registry API.
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Create an image
+
+`POST /images/create`
+
+Create an image either by pulling it from the registry or by importing it
+
+**Example request**:
+
+    POST /images/create?fromImage=ubuntu HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"status": "Pulling..."}
+    {"status": "Pulling", "progress": "1 B/ 100 B", "progressDetail": {"current": 1, "total": 100}}
+    {"error": "Invalid..."}
+    ...
+
+When using this endpoint to pull an image from the registry, the
+`X-Registry-Auth` header can be used to include
+a base64-encoded AuthConfig object.
+
+Query Parameters:
+
+-   **fromImage** – Name of the image to pull. The name may include a tag or
+        digest. This parameter may only be used when pulling an image.
+        The pull is cancelled if the HTTP connection is closed.
+-   **fromSrc** – Source to import.  The value may be a URL from which the image
+        can be retrieved or `-` to read the image from the request body.
+        This parameter may only be used when importing an image.
+-   **repo** – Repository name given to an image when it is imported.
+        The repo may include a tag. This parameter may only be used when importing
+        an image.
+-   **tag** – Tag or digest.
+
+    Request Headers:
+
+-   **X-Registry-Auth** – base64-encoded AuthConfig object, containing either login information, or a token
+    - Credential based login:
+
+        ```
+    {
+            "username": "jdoe",
+            "password": "secret",
+            "email": "jdoe@acme.com",
+    }
+        ```
+
+    - Token based login:
+
+        ```
+    {
+            "registrytoken": "9cbaf023786cd7..."
+    }
+        ```
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+
+
+### Inspect an image
+
+`GET /images/(name)/json`
+
+Return low-level information on the image `name`
+
+**Example request**:
+
+    GET /images/example/json HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+       "Id" : "85f05633ddc1c50679be2b16a0479ab6f7637f8884e0cfe0f4d20e1ebb3d6e7c",
+       "Container" : "cb91e48a60d01f1e27028b4fc6819f4f290b3cf12496c8176ec714d0d390984a",
+       "Comment" : "",
+       "Os" : "linux",
+       "Architecture" : "amd64",
+       "Parent" : "91e54dfb11794fad694460162bf0cb0a4fa710cfa3f60979c177d920813e267c",
+       "ContainerConfig" : {
+          "Tty" : false,
+          "Hostname" : "e611e15f9c9d",
+          "Volumes" : null,
+          "Domainname" : "",
+          "AttachStdout" : false,
+          "PublishService" : "",
+          "AttachStdin" : false,
+          "OpenStdin" : false,
+          "StdinOnce" : false,
+          "NetworkDisabled" : false,
+          "OnBuild" : [],
+          "Image" : "91e54dfb11794fad694460162bf0cb0a4fa710cfa3f60979c177d920813e267c",
+          "User" : "",
+          "WorkingDir" : "",
+          "Entrypoint" : null,
+          "MacAddress" : "",
+          "AttachStderr" : false,
+          "Labels" : {
+             "com.example.license" : "GPL",
+             "com.example.version" : "1.0",
+             "com.example.vendor" : "Acme"
+          },
+          "Env" : [
+             "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+          ],
+          "ExposedPorts" : null,
+          "Cmd" : [
+             "/bin/sh",
+             "-c",
+             "#(nop) LABEL com.example.vendor=Acme com.example.license=GPL com.example.version=1.0"
+          ]
+       },
+       "DockerVersion" : "1.9.0-dev",
+       "VirtualSize" : 188359297,
+       "Size" : 0,
+       "Author" : "",
+       "Created" : "2015-09-10T08:30:53.26995814Z",
+       "GraphDriver" : {
+          "Name" : "aufs",
+          "Data" : null
+       },
+       "RepoDigests" : [
+          "localhost:5000/test/busybox/example@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf"
+       ],
+       "RepoTags" : [
+          "example:1.0",
+          "example:latest",
+          "example:stable"
+       ],
+       "Config" : {
+          "Image" : "91e54dfb11794fad694460162bf0cb0a4fa710cfa3f60979c177d920813e267c",
+          "NetworkDisabled" : false,
+          "OnBuild" : [],
+          "StdinOnce" : false,
+          "PublishService" : "",
+          "AttachStdin" : false,
+          "OpenStdin" : false,
+          "Domainname" : "",
+          "AttachStdout" : false,
+          "Tty" : false,
+          "Hostname" : "e611e15f9c9d",
+          "Volumes" : null,
+          "Cmd" : [
+             "/bin/bash"
+          ],
+          "ExposedPorts" : null,
+          "Env" : [
+             "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+          ],
+          "Labels" : {
+             "com.example.vendor" : "Acme",
+             "com.example.version" : "1.0",
+             "com.example.license" : "GPL"
+          },
+          "Entrypoint" : null,
+          "MacAddress" : "",
+          "AttachStderr" : false,
+          "WorkingDir" : "",
+          "User" : ""
+       }
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Get the history of an image
+
+`GET /images/(name)/history`
+
+Return the history of the image `name`
+
+**Example request**:
+
+    GET /images/ubuntu/history HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+        {
+            "Id": "3db9c44f45209632d6050b35958829c3a2aa256d81b9a7be45b362ff85c54710",
+            "Created": 1398108230,
+            "CreatedBy": "/bin/sh -c #(nop) ADD file:eb15dbd63394e063b805a3c32ca7bf0266ef64676d5a6fab4801f2e81e2a5148 in /",
+            "Tags": [
+                "ubuntu:lucid",
+                "ubuntu:10.04"
+            ],
+            "Size": 182964289,
+            "Comment": ""
+        },
+        {
+            "Id": "6cfa4d1f33fb861d4d114f43b25abd0ac737509268065cdfd69d544a59c85ab8",
+            "Created": 1398108222,
+            "CreatedBy": "/bin/sh -c #(nop) MAINTAINER Tianon Gravi <admwiggin@gmail.com> - mkimage-debootstrap.sh -i iproute,iputils-ping,ubuntu-minimal -t lucid.tar.xz lucid http://archive.ubuntu.com/ubuntu/",
+            "Tags": null,
+            "Size": 0,
+            "Comment": ""
+        },
+        {
+            "Id": "511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158",
+            "Created": 1371157430,
+            "CreatedBy": "",
+            "Tags": [
+                "scratch12:latest",
+                "scratch:latest"
+            ],
+            "Size": 0,
+            "Comment": "Imported from -"
+        }
+    ]
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Push an image on the registry
+
+`POST /images/(name)/push`
+
+Push the image `name` on the registry
+
+**Example request**:
+
+    POST /images/test/push HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"status": "Pushing..."}
+    {"status": "Pushing", "progress": "1/? (n/a)", "progressDetail": {"current": 1}}}
+    {"error": "Invalid..."}
+    ...
+
+If you wish to push an image on to a private registry, that image must already have a tag
+into a repository which references that registry `hostname` and `port`.  This repository name should
+then be used in the URL. This duplicates the command line's flow.
+
+The push is cancelled if the HTTP connection is closed.
+
+**Example request**:
+
+    POST /images/registry.acme.com:5000/test/push HTTP/1.1
+
+
+Query Parameters:
+
+-   **tag** – The tag to associate with the image on the registry. This is optional.
+
+Request Headers:
+
+-   **X-Registry-Auth** – base64-encoded AuthConfig object, containing either login information, or a token
+    - Credential based login:
+
+        ```
+    {
+            "username": "jdoe",
+            "password": "secret",
+            "email": "jdoe@acme.com",
+    }
+        ```
+
+    - Token based login:
+
+        ```
+    {
+            "registrytoken": "9cbaf023786cd7..."
+    }
+        ```
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Tag an image into a repository
+
+`POST /images/(name)/tag`
+
+Tag the image `name` into a repository
+
+**Example request**:
+
+    POST /images/test/tag?repo=myrepo&force=0&tag=v42 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+
+Query Parameters:
+
+-   **repo** – The repository to tag in
+-   **force** – 1/True/true or 0/False/false, default false
+-   **tag** - The new tag name
+
+Status Codes:
+
+-   **201** – no error
+-   **400** – bad parameter
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Remove an image
+
+`DELETE /images/(name)`
+
+Remove the image `name` from the filesystem
+
+**Example request**:
+
+    DELETE /images/test HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-type: application/json
+
+    [
+     {"Untagged": "3e2f21a89f"},
+     {"Deleted": "3e2f21a89f"},
+     {"Deleted": "53b4f83ac9"}
+    ]
+
+Query Parameters:
+
+-   **force** – 1/True/true or 0/False/false, default false
+-   **noprune** – 1/True/true or 0/False/false, default false
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Search images
+
+`GET /images/search`
+
+Search for an image on [Docker Hub](https://hub.docker.com).
+
+> **Note**:
+> The response keys have changed from API v1.6 to reflect the JSON
+> sent by the registry server to the docker daemon's request.
+
+**Example request**:
+
+    GET /images/search?term=sshd HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+            {
+                "description": "",
+                "is_official": false,
+                "is_automated": false,
+                "name": "wma55/u1210sshd",
+                "star_count": 0
+            },
+            {
+                "description": "",
+                "is_official": false,
+                "is_automated": false,
+                "name": "jdswinbank/sshd",
+                "star_count": 0
+            },
+            {
+                "description": "",
+                "is_official": false,
+                "is_automated": false,
+                "name": "vgauthier/sshd",
+                "star_count": 0
+            }
+    ...
+    ]
+
+Query Parameters:
+
+-   **term** – term to search
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+## 2.3 Misc
+
+### Check auth configuration
+
+`POST /auth`
+
+Get the default username and email
+
+**Example request**:
+
+    POST /auth HTTP/1.1
+    Content-Type: application/json
+
+    {
+         "username":" hannibal",
+         "password: "xxxx",
+         "email": "hannibal@a-team.com",
+         "serveraddress": "https://index.docker.io/v1/"
+    }
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **204** – no error
+-   **500** – server error
+
+### Display system-wide information
+
+`GET /info`
+
+Display system-wide information
+
+**Example request**:
+
+    GET /info HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+        "Architecture": "x86_64",
+        "ClusterStore": "etcd://localhost:2379",
+        "Containers": 11,
+        "ContainersRunning": 7,
+        "ContainersStopped": 3,
+        "ContainersPaused": 1,
+        "CpuCfsPeriod": true,
+        "CpuCfsQuota": true,
+        "Debug": false,
+        "DockerRootDir": "/var/lib/docker",
+        "Driver": "btrfs",
+        "DriverStatus": [[""]],
+        "ExecutionDriver": "native-0.1",
+        "ExperimentalBuild": false,
+        "HttpProxy": "http://test:test@localhost:8080",
+        "HttpsProxy": "https://test:test@localhost:8080",
+        "ID": "7TRN:IPZB:QYBB:VPBQ:UMPP:KARE:6ZNR:XE6T:7EWV:PKF4:ZOJD:TPYS",
+        "IPv4Forwarding": true,
+        "Images": 16,
+        "IndexServerAddress": "https://index.docker.io/v1/",
+        "InitPath": "/usr/bin/docker",
+        "InitSha1": "",
+        "KernelVersion": "3.12.0-1-amd64",
+        "Labels": [
+            "storage=ssd"
+        ],
+        "MemTotal": 2099236864,
+        "MemoryLimit": true,
+        "NCPU": 1,
+        "NEventsListener": 0,
+        "NFd": 11,
+        "NGoroutines": 21,
+        "Name": "prod-server-42",
+        "NoProxy": "9.81.1.160",
+        "OomKillDisable": true,
+        "OSType": "linux",
+        "OperatingSystem": "Boot2Docker",
+        "Plugins": {
+            "Volume": [
+                "local"
+            ],
+            "Network": [
+                "null",
+                "host",
+                "bridge"
+            ]
+        },
+        "RegistryConfig": {
+            "IndexConfigs": {
+                "docker.io": {
+                    "Mirrors": null,
+                    "Name": "docker.io",
+                    "Official": true,
+                    "Secure": true
+                }
+            },
+            "InsecureRegistryCIDRs": [
+                "127.0.0.0/8"
+            ]
+        },
+        "ServerVersion": "1.9.0",
+        "SwapLimit": false,
+        "SystemStatus": [["State", "Healthy"]],
+        "SystemTime": "2015-03-10T11:11:23.730591467-07:00"
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Show the docker version information
+
+`GET /version`
+
+Show the docker version information
+
+**Example request**:
+
+    GET /version HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+         "Version": "1.10.0-dev",
+         "Os": "linux",
+         "KernelVersion": "3.19.0-23-generic",
+         "GoVersion": "go1.4.2",
+         "GitCommit": "e75da4b",
+         "Arch": "amd64",
+         "ApiVersion": "1.22",
+         "BuildTime": "2015-12-01T07:09:13.444803460+00:00",
+         "Experimental": true
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Ping the docker server
+
+`GET /_ping`
+
+Ping the docker server
+
+**Example request**:
+
+    GET /_ping HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: text/plain
+
+    OK
+
+Status Codes:
+
+-   **200** - no error
+-   **500** - server error
+
+### Create a new image from a container's changes
+
+`POST /commit`
+
+Create a new image from a container's changes
+
+**Example request**:
+
+    POST /commit?container=44c004db4b17&comment=message&repo=myrepo HTTP/1.1
+    Content-Type: application/json
+
+    {
+         "Hostname": "",
+         "Domainname": "",
+         "User": "",
+         "AttachStdin": false,
+         "AttachStdout": true,
+         "AttachStderr": true,
+         "Tty": false,
+         "OpenStdin": false,
+         "StdinOnce": false,
+         "Env": null,
+         "Cmd": [
+                 "date"
+         ],
+         "Mounts": [
+           {
+             "Source": "/data",
+             "Destination": "/data",
+             "Mode": "ro,Z",
+             "RW": false
+           }
+         ],
+         "Labels": {
+                 "key1": "value1",
+                 "key2": "value2"
+          },
+         "WorkingDir": "",
+         "NetworkDisabled": false,
+         "ExposedPorts": {
+                 "22/tcp": {}
+         }
+    }
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+    Content-Type: application/json
+
+    {"Id": "596069db4bf5"}
+
+Json Parameters:
+
+-  **config** - the container's configuration
+
+Query Parameters:
+
+-   **container** – source container
+-   **repo** – repository
+-   **tag** – tag
+-   **comment** – commit message
+-   **author** – author (e.g., "John Hannibal Smith
+    <[hannibal@a-team.com](mailto:hannibal%40a-team.com)>")
+-   **pause** – 1/True/true or 0/False/false, whether to pause the container before committing
+-   **changes** – Dockerfile instructions to apply while committing
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Monitor Docker's events
+
+`GET /events`
+
+Get container events from docker, either in real time via streaming, or via polling (using since).
+
+Docker containers report the following events:
+
+    attach, commit, copy, create, destroy, die, exec_create, exec_start, export, kill, oom, pause, rename, resize, restart, start, stop, top, unpause, update
+
+Docker images report the following events:
+
+    delete, import, pull, push, tag, untag
+
+Docker volumes report the following events:
+
+    create, mount, unmount, destroy
+
+Docker networks report the following events:
+
+    create, connect, disconnect, destroy
+
+**Example request**:
+
+    GET /events?since=1374067924
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+	    {
+		"action": "pull",
+		"type": "image",
+		"actor": {
+			"id": "busybox:latest",
+			"attributes": {}
+		}
+		"time": 1442421700,
+		"timeNano": 1442421700598988358
+	    },
+            {
+		"action": "create",
+		"type": "container",
+		"actor": {
+			"id": "5745704abe9caa5",
+			"attributes": {"image": "busybox"}
+		}
+		"time": 1442421716,
+		"timeNano": 1442421716853979870
+	    },
+            {
+		"action": "attach",
+		"type": "container",
+		"actor": {
+			"id": "5745704abe9caa5",
+			"attributes": {"image": "busybox"}
+		}
+		"time": 1442421716,
+		"timeNano": 1442421716894759198
+	    },
+            {
+		"action": "start",
+		"type": "container",
+		"actor": {
+			"id": "5745704abe9caa5",
+			"attributes": {"image": "busybox"}
+		}
+		"time": 1442421716,
+		"timeNano": 1442421716983607193
+	    }
+    ]
+
+Query Parameters:
+
+-   **since** – Timestamp used for polling
+-   **until** – Timestamp used for polling
+-   **filters** – A json encoded value of the filters (a map[string][]string) to process on the event list. Available filters:
+  -   `container=<string>`; -- container to filter
+  -   `event=<string>`; -- event to filter
+  -   `image=<string>`; -- image to filter
+  -   `label=<string>`; -- image and container label to filter
+  -   `type=<string>`; -- either `container` or `image` or `volume` or `network`
+  -   `volume=<string>`; -- volume to filter
+  -   `network=<string>`; -- network to filter
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images in a repository
+
+`GET /images/(name)/get`
+
+Get a tarball containing all images and metadata for the repository specified
+by `name`.
+
+If `name` is a specific name and tag (e.g. ubuntu:latest), then only that image
+(and its parents) are returned. If `name` is an image ID, similarly only that
+image (and its parents) are returned, but with the exclusion of the
+'repositories' file in the tarball, as there were no image names referenced.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+    GET /images/ubuntu/get
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/x-tar
+
+    Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images.
+
+`GET /images/get`
+
+Get a tarball containing all images and metadata for one or more repositories.
+
+For each value of the `names` parameter: if it is a specific name and tag (e.g.
+`ubuntu:latest`), then only that image (and its parents) are returned; if it is
+an image ID, similarly only that image (and its parents) are returned and there
+would be no names referenced in the 'repositories' file for this image ID.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+    GET /images/get?names=myname%2Fmyapp%3Alatest&names=busybox
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/x-tar
+
+    Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Load a tarball with a set of images and tags into docker
+
+`POST /images/load`
+
+Load a set of images and tags into a Docker repository.
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+    POST /images/load
+
+    Tarball in body
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Image tarball format
+
+An image tarball contains one directory per image layer (named using its long ID),
+each containing these files:
+
+- `VERSION`: currently `1.0` - the file format version
+- `json`: detailed layer information, similar to `docker inspect layer_id`
+- `layer.tar`: A tarfile containing the filesystem changes in this layer
+
+The `layer.tar` file contains `aufs` style `.wh..wh.aufs` files and directories
+for storing attribute changes and deletions.
+
+If the tarball defines a repository, the tarball should also include a `repositories` file at
+the root that contains a list of repository and tag names mapped to layer IDs.
+
+```
+{"hello-world":
+    {"latest": "565a9d68a73f6706862bfe8409a7f659776d4d60a8d096eb4a3cbce6999cc2a1"}
+}
+```
+
+### Exec Create
+
+`POST /containers/(id or name)/exec`
+
+Sets up an exec instance in a running container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/exec HTTP/1.1
+    Content-Type: application/json
+
+      {
+       "AttachStdin": false,
+       "AttachStdout": true,
+       "AttachStderr": true,
+       "DetachKeys": "ctrl-p,ctrl-q",
+       "Tty": false,
+       "Cmd": [
+                     "date"
+             ]
+      }
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+    Content-Type: application/json
+
+    {
+         "Id": "f90e34656806",
+         "Warnings":[]
+    }
+
+Json Parameters:
+
+-   **AttachStdin** - Boolean value, attaches to `stdin` of the `exec` command.
+-   **AttachStdout** - Boolean value, attaches to `stdout` of the `exec` command.
+-   **AttachStderr** - Boolean value, attaches to `stderr` of the `exec` command.
+-   **DetachKeys** – Override the key sequence for detaching a
+        container. Format is a single character `[a-Z]` or `ctrl-<value>`
+        where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`.
+-   **Tty** - Boolean value to allocate a pseudo-TTY.
+-   **Cmd** - Command to run specified as a string or an array of strings.
+
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **409** - container is paused
+-   **500** - server error
+
+### Exec Start
+
+`POST /exec/(id)/start`
+
+Starts a previously set up `exec` instance `id`. If `detach` is true, this API
+returns after starting the `exec` command. Otherwise, this API sets up an
+interactive session with the `exec` command.
+
+**Example request**:
+
+    POST /exec/e90e34656806/start HTTP/1.1
+    Content-Type: application/json
+
+    {
+     "Detach": false,
+     "Tty": false
+    }
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/vnd.docker.raw-stream
+
+    {{ STREAM }}
+
+Json Parameters:
+
+-   **Detach** - Detach from the `exec` command.
+-   **Tty** - Boolean value to allocate a pseudo-TTY.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such exec instance
+-   **409** - container is paused
+
+    **Stream details**:
+    Similar to the stream behavior of `POST /containers/(id or name)/attach` API
+
+### Exec Resize
+
+`POST /exec/(id)/resize`
+
+Resizes the `tty` session used by the `exec` command `id`.  The unit is number of characters.
+This API is valid only if `tty` was specified as part of creating and starting the `exec` command.
+
+**Example request**:
+
+    POST /exec/e90e34656806/resize?h=40&w=80 HTTP/1.1
+    Content-Type: text/plain
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+    Content-Type: text/plain
+
+Query Parameters:
+
+-   **h** – height of `tty` session
+-   **w** – width
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such exec instance
+
+### Exec Inspect
+
+`GET /exec/(id)/json`
+
+Return low-level information about the `exec` command `id`.
+
+**Example request**:
+
+    GET /exec/11fb006128e8ceb3942e7c58d77750f24210e35f879dd204ac975c184b820b39/json HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+        "CanRemove": false,
+        "ContainerID": "b53ee82b53a40c7dca428523e34f741f3abc51d9f297a14ff874bf761b995126",
+        "DetachKeys": "",
+        "ExitCode": 2,
+        "ID": "f33bbfb39f5b142420f4759b2348913bd4a8d1a6d7fd56499cb41a1bb91d7b3b",
+        "OpenStderr": true,
+        "OpenStdin": true,
+        "OpenStdout": true,
+        "ProcessConfig": {
+            "arguments": [
+                "-c",
+                "exit 2"
+            ],
+            "entrypoint": "sh",
+            "privileged": false,
+            "tty": true,
+            "user": "1000"
+        },
+        "Running": false
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such exec instance
+-   **500** - server error
+
+## 2.4 Volumes
+
+### List volumes
+
+`GET /volumes`
+
+**Example request**:
+
+    GET /volumes HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+      "Volumes": [
+        {
+          "Name": "tardis",
+          "Driver": "local",
+          "Mountpoint": "/var/lib/docker/volumes/tardis"
+        }
+      ],
+      "Warnings": []
+    }
+
+Query Parameters:
+
+- **filters** - JSON encoded value of the filters (a `map[string][]string`) to process on the volumes list. There is one available filter: `dangling=true`
+
+Status Codes:
+
+-   **200** - no error
+-   **500** - server error
+
+### Create a volume
+
+`POST /volumes/create`
+
+Create a volume
+
+**Example request**:
+
+    POST /volumes/create HTTP/1.1
+    Content-Type: application/json
+
+    {
+      "Name": "tardis"
+    }
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+    Content-Type: application/json
+
+    {
+      "Name": "tardis",
+      "Driver": "local",
+      "Mountpoint": "/var/lib/docker/volumes/tardis"
+    }
+
+Status Codes:
+
+- **201** - no error
+- **500**  - server error
+
+JSON Parameters:
+
+- **Name** - The new volume's name. If not specified, Docker generates a name.
+- **Driver** - Name of the volume driver to use. Defaults to `local` for the name.
+- **DriverOpts** - A mapping of driver options and values. These options are
+    passed directly to the driver and are driver specific.
+
+### Inspect a volume
+
+`GET /volumes/(name)`
+
+Return low-level information on the volume `name`
+
+**Example request**:
+
+    GET /volumes/tardis
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+      "Name": "tardis",
+      "Driver": "local",
+      "Mountpoint": "/var/lib/docker/volumes/tardis"
+    }
+
+Status Codes:
+
+-   **200** - no error
+-   **404** - no such volume
+-   **500** - server error
+
+### Remove a volume
+
+`DELETE /volumes/(name)`
+
+Instruct the driver to remove the volume (`name`).
+
+**Example request**:
+
+    DELETE /volumes/tardis HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Status Codes
+
+-   **204** - no error
+-   **404** - no such volume or volume driver
+-   **409** - volume is in use and cannot be removed
+-   **500** - server error
+
+## 2.5 Networks
+
+### List networks
+
+`GET /networks`
+
+**Example request**:
+
+    GET /networks?filters={"type":{"custom":true}} HTTP/1.1
+
+**Example response**:
+
+```
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+[
+  {
+    "Name": "bridge",
+    "Id": "f2de39df4171b0dc801e8002d1d999b77256983dfc63041c0f34030aa3977566",
+    "Scope": "local",
+    "Driver": "bridge",
+    "IPAM": {
+      "Driver": "default",
+      "Config": [
+        {
+          "Subnet": "172.17.0.0/16"
+        }
+      ]
+    },
+    "Containers": {
+      "39b69226f9d79f5634485fb236a23b2fe4e96a0a94128390a7fbbcc167065867": {
+        "EndpointID": "ed2419a97c1d9954d05b46e462e7002ea552f216e9b136b80a7db8d98b442eda",
+        "MacAddress": "02:42:ac:11:00:02",
+        "IPv4Address": "172.17.0.2/16",
+        "IPv6Address": ""
+      }
+    },
+    "Options": {
+      "com.docker.network.bridge.default_bridge": "true",
+      "com.docker.network.bridge.enable_icc": "true",
+      "com.docker.network.bridge.enable_ip_masquerade": "true",
+      "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
+      "com.docker.network.bridge.name": "docker0",
+      "com.docker.network.driver.mtu": "1500"
+    }
+  },
+  {
+    "Name": "none",
+    "Id": "e086a3893b05ab69242d3c44e49483a3bbbd3a26b46baa8f61ab797c1088d794",
+    "Scope": "local",
+    "Driver": "null",
+    "IPAM": {
+      "Driver": "default",
+      "Config": []
+    },
+    "Containers": {},
+    "Options": {}
+  },
+  {
+    "Name": "host",
+    "Id": "13e871235c677f196c4e1ecebb9dc733b9b2d2ab589e30c539efeda84a24215e",
+    "Scope": "local",
+    "Driver": "host",
+    "IPAM": {
+      "Driver": "default",
+      "Config": []
+    },
+    "Containers": {},
+    "Options": {}
+  }
+]
+```
+
+Query Parameters:
+
+- **filters** - JSON encoded network list filter. The filter value is one of:
+  -   `name=<network-name>` Matches all or part of a network name.
+  -   `id=<network-id>` Matches all or part of a network id.
+  -   `type=["custom"|"builtin"]` Filters networks by type. The `custom` keyword returns all user-defined networks.
+
+Status Codes:
+
+-   **200** - no error
+-   **500** - server error
+
+### Inspect network
+
+`GET /networks/<network-id>`
+
+**Example request**:
+
+    GET /networks/7d86d31b1478e7cca9ebed7e73aa0fdeec46c5ca29497431d3007d2d9e15ed99 HTTP/1.1
+
+**Example response**:
+
+```
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+  "Name": "net01",
+  "Id": "7d86d31b1478e7cca9ebed7e73aa0fdeec46c5ca29497431d3007d2d9e15ed99",
+  "Scope": "local",
+  "Driver": "bridge",
+  "IPAM": {
+    "Driver": "default",
+    "Config": [
+      {
+        "Subnet": "172.19.0.0/16",
+        "Gateway": "172.19.0.1/16"
+      }
+    ],
+    "Options": {
+        "foo": "bar"
+    }
+  },
+  "Containers": {
+    "19a4d5d687db25203351ed79d478946f861258f018fe384f229f2efa4b23513c": {
+      "Name": "test",
+      "EndpointID": "628cadb8bcb92de107b2a1e516cbffe463e321f548feb37697cce00ad694f21a",
+      "MacAddress": "02:42:ac:13:00:02",
+      "IPv4Address": "172.19.0.2/16",
+      "IPv6Address": ""
+    }
+  },
+  "Options": {
+    "com.docker.network.bridge.default_bridge": "true",
+    "com.docker.network.bridge.enable_icc": "true",
+    "com.docker.network.bridge.enable_ip_masquerade": "true",
+    "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
+    "com.docker.network.bridge.name": "docker0",
+    "com.docker.network.driver.mtu": "1500"
+  }
+}
+```
+
+Status Codes:
+
+-   **200** - no error
+-   **404** - network not found
+
+### Create a network
+
+`POST /networks/create`
+
+Create a network
+
+**Example request**:
+
+```
+POST /networks/create HTTP/1.1
+Content-Type: application/json
+
+{
+  "Name":"isolated_nw",
+  "Driver":"bridge",
+  "IPAM":{
+    "Config":[
+       {
+          "Subnet":"172.20.0.0/16",
+          "IPRange":"172.20.10.0/24",
+          "Gateway":"172.20.10.11"
+        },
+        {
+          "Subnet":"2001:db8:abcd::/64",
+          "Gateway":"2001:db8:abcd::1011"
+        }
+    ],
+    "Options": {
+        "foo": "bar"
+    }
+  },
+  "Internal":true
+}
+```
+
+**Example response**:
+
+```
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+  "Id": "22be93d5babb089c5aab8dbc369042fad48ff791584ca2da2100db837a1c7c30",
+  "Warning": ""
+}
+```
+
+Status Codes:
+
+- **201** - no error
+- **404** - plugin not found
+- **500** - server error
+
+JSON Parameters:
+
+- **Name** - The new network's name. this is a mandatory field
+- **Driver** - Name of the network driver plugin to use. Defaults to `bridge` driver
+- **IPAM** - Optional custom IP scheme for the network
+- **Options** - Network specific options to be used by the drivers
+- **CheckDuplicate** - Requests daemon to check for networks with same name
+
+### Connect a container to a network
+
+`POST /networks/(id)/connect`
+
+Connect a container to a network
+
+**Example request**:
+
+```
+POST /networks/22be93d5babb089c5aab8dbc369042fad48ff791584ca2da2100db837a1c7c30/connect HTTP/1.1
+Content-Type: application/json
+
+{
+  "Container":"3613f73ba0e4",
+  "EndpointConfig": {
+    "IPAMConfig": {
+        "IPv4Address":"172.24.56.89",
+        "IPv6Address":"2001:db8::5689"
+    }
+  }
+}
+```
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes:
+
+- **200** - no error
+- **404** - network or container is not found
+- **500** - Internal Server Error
+
+JSON Parameters:
+
+- **container** - container-id/name to be connected to the network
+
+### Disconnect a container from a network
+
+`POST /networks/(id)/disconnect`
+
+Disconnect a container from a network
+
+**Example request**:
+
+```
+POST /networks/22be93d5babb089c5aab8dbc369042fad48ff791584ca2da2100db837a1c7c30/disconnect HTTP/1.1
+Content-Type: application/json
+
+{
+  "Container":"3613f73ba0e4",
+  "Force":false
+}
+```
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes:
+
+- **200** - no error
+- **404** - network or container not found
+- **500** - Internal Server Error
+
+JSON Parameters:
+
+- **Container** - container-id/name to be disconnected from a network
+- **Force** - Force the container to disconnect from a network
+
+### Remove a network
+
+`DELETE /networks/(id)`
+
+Instruct the driver to remove the network (`id`).
+
+**Example request**:
+
+    DELETE /networks/22be93d5babb089c5aab8dbc369042fad48ff791584ca2da2100db837a1c7c30 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes
+
+-   **200** - no error
+-   **404** - no such network
+-   **500** - server error
+
+# 3. Going further
+
+## 3.1 Inside `docker run`
+
+As an example, the `docker run` command line makes the following API calls:
+
+- Create the container
+
+- If the status code is 404, it means the image doesn't exist:
+    - Try to pull it.
+    - Then, retry to create the container.
+
+- Start the container.
+
+- If you are not in detached mode:
+- Attach to the container, using `logs=1` (to have `stdout` and
+      `stderr` from the container's start) and `stream=1`
+
+- If in detached mode or only `stdin` is attached, display the container's id.
+
+## 3.2 Hijacking
+
+In this version of the API, `/attach`, uses hijacking to transport `stdin`,
+`stdout`, and `stderr` on the same socket.
+
+To hint potential proxies about connection hijacking, Docker client sends
+connection upgrade headers similarly to websocket.
+
+    Upgrade: tcp
+    Connection: Upgrade
+
+When Docker daemon detects the `Upgrade` header, it switches its status code
+from **200 OK** to **101 UPGRADED** and resends the same headers.
+
+
+## 3.3 CORS Requests
+
+To set cross origin requests to the remote api please give values to
+`--api-cors-header` when running Docker in daemon mode. Set * (asterisk) allows all,
+default or blank means CORS disabled
+
+    $ docker daemon -H="192.168.1.9:2375" --api-cors-header="http://foo.bar"
diff --git a/docs/reference/api/docker_remote_api_v1.23.md b/docs/reference/api/docker_remote_api_v1.23.md
new file mode 100644
index 00000000..30f55625
--- /dev/null
+++ b/docs/reference/api/docker_remote_api_v1.23.md
@@ -0,0 +1,3228 @@
+<!--[metadata]>
++++
+title = "Remote API v1.23"
+description = "API Documentation for Docker"
+keywords = ["API, Docker, rcli, REST,  documentation"]
+[menu.main]
+parent="engine_remoteapi"
+weight=-4
++++
+<![end-metadata]-->
+
+# Docker Remote API v1.23
+
+## 1. Brief introduction
+
+ - The Remote API has replaced `rcli`.
+ - The daemon listens on `unix:///var/run/docker.sock` but you can
+   [Bind Docker to another host/port or a Unix socket](../../quickstart.md#bind-docker-to-another-host-port-or-a-unix-socket).
+ - The API tends to be REST. However, for some complex commands, like `attach`
+   or `pull`, the HTTP connection is hijacked to transport `stdout`,
+   `stdin` and `stderr`.
+ - When the client API version is newer than the daemon's, these calls return an HTTP
+   `400 Bad Request` error message.
+
+# 2. Endpoints
+
+## 2.1 Containers
+
+### List containers
+
+`GET /containers/json`
+
+List containers
+
+**Example request**:
+
+    GET /containers/json?all=1&before=8dfafdbc3a40&size=1 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+         {
+                 "Id": "8dfafdbc3a40",
+                 "Names":["/boring_feynman"],
+                 "Image": "ubuntu:latest",
+                 "ImageID": "d74508fb6632491cea586a1fd7d748dfc5274cd6fdfedee309ecdcbc2bf5cb82",
+                 "Command": "echo 1",
+                 "Created": 1367854155,
+                 "State": "Exited",
+                 "Status": "Exit 0",
+                 "Ports": [{"PrivatePort": 2222, "PublicPort": 3333, "Type": "tcp"}],
+                 "Labels": {
+                         "com.example.vendor": "Acme",
+                         "com.example.license": "GPL",
+                         "com.example.version": "1.0"
+                 },
+                 "SizeRw": 12288,
+                 "SizeRootFs": 0,
+                 "HostConfig": {
+                         "NetworkMode": "default"
+                 },
+                 "NetworkSettings": {
+                         "Networks": {
+                                 "bridge": {
+                                          "IPAMConfig": null,
+                                          "Links": null,
+                                          "Aliases": null,
+                                          "NetworkID": "7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812",
+                                          "EndpointID": "2cdc4edb1ded3631c81f57966563e5c8525b81121bb3706a9a9a3ae102711f3f",
+                                          "Gateway": "172.17.0.1",
+                                          "IPAddress": "172.17.0.2",
+                                          "IPPrefixLen": 16,
+                                          "IPv6Gateway": "",
+                                          "GlobalIPv6Address": "",
+                                          "GlobalIPv6PrefixLen": 0,
+                                          "MacAddress": "02:42:ac:11:00:02"
+                                  }
+                         }
+                 },
+                 "Mounts": [
+                         {
+                                  "Name": "fac362...80535",
+                                  "Source": "/data",
+                                  "Destination": "/data",
+                                  "Driver": "local",
+                                  "Mode": "ro,Z",
+                                  "RW": false,
+                                  "Propagation": ""
+                         }
+                 ]
+         },
+         {
+                 "Id": "9cd87474be90",
+                 "Names":["/coolName"],
+                 "Image": "ubuntu:latest",
+                 "ImageID": "d74508fb6632491cea586a1fd7d748dfc5274cd6fdfedee309ecdcbc2bf5cb82",
+                 "Command": "echo 222222",
+                 "Created": 1367854155,
+                 "State": "Exited",
+                 "Status": "Exit 0",
+                 "Ports": [],
+                 "Labels": {},
+                 "SizeRw": 12288,
+                 "SizeRootFs": 0,
+                 "HostConfig": {
+                         "NetworkMode": "default"
+                 },
+                 "NetworkSettings": {
+                         "Networks": {
+                                 "bridge": {
+                                          "IPAMConfig": null,
+                                          "Links": null,
+                                          "Aliases": null,
+                                          "NetworkID": "7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812",
+                                          "EndpointID": "88eaed7b37b38c2a3f0c4bc796494fdf51b270c2d22656412a2ca5d559a64d7a",
+                                          "Gateway": "172.17.0.1",
+                                          "IPAddress": "172.17.0.8",
+                                          "IPPrefixLen": 16,
+                                          "IPv6Gateway": "",
+                                          "GlobalIPv6Address": "",
+                                          "GlobalIPv6PrefixLen": 0,
+                                          "MacAddress": "02:42:ac:11:00:08"
+                                  }
+                         }
+                 },
+                 "Mounts": []
+         },
+         {
+                 "Id": "3176a2479c92",
+                 "Names":["/sleepy_dog"],
+                 "Image": "ubuntu:latest",
+                 "ImageID": "d74508fb6632491cea586a1fd7d748dfc5274cd6fdfedee309ecdcbc2bf5cb82",
+                 "Command": "echo 3333333333333333",
+                 "Created": 1367854154,
+                 "State": "Exited",
+                 "Status": "Exit 0",
+                 "Ports":[],
+                 "Labels": {},
+                 "SizeRw":12288,
+                 "SizeRootFs":0,
+                 "HostConfig": {
+                         "NetworkMode": "default"
+                 },
+                 "NetworkSettings": {
+                         "Networks": {
+                                 "bridge": {
+                                          "IPAMConfig": null,
+                                          "Links": null,
+                                          "Aliases": null,
+                                          "NetworkID": "7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812",
+                                          "EndpointID": "8b27c041c30326d59cd6e6f510d4f8d1d570a228466f956edf7815508f78e30d",
+                                          "Gateway": "172.17.0.1",
+                                          "IPAddress": "172.17.0.6",
+                                          "IPPrefixLen": 16,
+                                          "IPv6Gateway": "",
+                                          "GlobalIPv6Address": "",
+                                          "GlobalIPv6PrefixLen": 0,
+                                          "MacAddress": "02:42:ac:11:00:06"
+                                  }
+                         }
+                 },
+                 "Mounts": []
+         },
+         {
+                 "Id": "4cb07b47f9fb",
+                 "Names":["/running_cat"],
+                 "Image": "ubuntu:latest",
+                 "ImageID": "d74508fb6632491cea586a1fd7d748dfc5274cd6fdfedee309ecdcbc2bf5cb82",
+                 "Command": "echo 444444444444444444444444444444444",
+                 "Created": 1367854152,
+                 "State": "Exited",
+                 "Status": "Exit 0",
+                 "Ports": [],
+                 "Labels": {},
+                 "SizeRw": 12288,
+                 "SizeRootFs": 0,
+                 "HostConfig": {
+                         "NetworkMode": "default"
+                 },
+                 "NetworkSettings": {
+                         "Networks": {
+                                 "bridge": {
+                                          "IPAMConfig": null,
+                                          "Links": null,
+                                          "Aliases": null,
+                                          "NetworkID": "7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812",
+                                          "EndpointID": "d91c7b2f0644403d7ef3095985ea0e2370325cd2332ff3a3225c4247328e66e9",
+                                          "Gateway": "172.17.0.1",
+                                          "IPAddress": "172.17.0.5",
+                                          "IPPrefixLen": 16,
+                                          "IPv6Gateway": "",
+                                          "GlobalIPv6Address": "",
+                                          "GlobalIPv6PrefixLen": 0,
+                                          "MacAddress": "02:42:ac:11:00:05"
+                                  }
+                         }
+                 },
+                 "Mounts": []
+         }
+    ]
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, Show all containers.
+        Only running containers are shown by default (i.e., this defaults to false)
+-   **limit** – Show `limit` last created
+        containers, include non-running ones.
+-   **since** – Show only containers created since Id, include
+        non-running ones.
+-   **before** – Show only containers created before Id, include
+        non-running ones.
+-   **size** – 1/True/true or 0/False/false, Show the containers
+        sizes
+-   **filters** - a JSON encoded value of the filters (a `map[string][]string`) to process on the containers list. Available filters:
+  -   `exited=<int>`; -- containers with exit code of  `<int>` ;
+  -   `status=`(`created`|`restarting`|`running`|`paused`|`exited`|`dead`)
+  -   `label=key` or `label="key=value"` of a container label
+  -   `isolation=`(`default`|`process`|`hyperv`)   (Windows daemon only)
+  -   `ancestor`=(`<image-name>[:<tag>]`,  `<image id>` or `<image@digest>`)
+  -   `before`=(`<container id>` or `<container name>`)
+  -   `since`=(`<container id>` or `<container name>`)
+  -   `volume`=(`<volume name>` or `<mount point destination>`)
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **500** – server error
+
+### Create a container
+
+`POST /containers/create`
+
+Create a container
+
+**Example request**:
+
+    POST /containers/create HTTP/1.1
+    Content-Type: application/json
+
+    {
+           "Hostname": "",
+           "Domainname": "",
+           "User": "",
+           "AttachStdin": false,
+           "AttachStdout": true,
+           "AttachStderr": true,
+           "Tty": false,
+           "OpenStdin": false,
+           "StdinOnce": false,
+           "Env": [
+                   "FOO=bar",
+                   "BAZ=quux"
+           ],
+           "Cmd": [
+                   "date"
+           ],
+           "Entrypoint": "",
+           "Image": "ubuntu",
+           "Labels": {
+                   "com.example.vendor": "Acme",
+                   "com.example.license": "GPL",
+                   "com.example.version": "1.0"
+           },
+           "Volumes": {
+             "/volumes/data": {}
+           },
+           "WorkingDir": "",
+           "NetworkDisabled": false,
+           "MacAddress": "12:34:56:78:9a:bc",
+           "ExposedPorts": {
+                   "22/tcp": {}
+           },
+           "StopSignal": "SIGTERM",
+           "HostConfig": {
+             "Binds": ["/tmp:/tmp"],
+             "Links": ["redis3:redis"],
+             "Memory": 0,
+             "MemorySwap": 0,
+             "MemoryReservation": 0,
+             "KernelMemory": 0,
+             "CpuShares": 512,
+             "CpuPeriod": 100000,
+             "CpuQuota": 50000,
+             "CpusetCpus": "0,1",
+             "CpusetMems": "0,1",
+             "BlkioWeight": 300,
+             "BlkioWeightDevice": [{}],
+             "BlkioDeviceReadBps": [{}],
+             "BlkioDeviceReadIOps": [{}],
+             "BlkioDeviceWriteBps": [{}],
+             "BlkioDeviceWriteIOps": [{}],
+             "MemorySwappiness": 60,
+             "OomKillDisable": false,
+             "OomScoreAdj": 500,
+             "PortBindings": { "22/tcp": [{ "HostPort": "11022" }] },
+             "PublishAllPorts": false,
+             "Privileged": false,
+             "ReadonlyRootfs": false,
+             "Dns": ["8.8.8.8"],
+             "DnsOptions": [""],
+             "DnsSearch": [""],
+             "ExtraHosts": null,
+             "VolumesFrom": ["parent", "other:ro"],
+             "CapAdd": ["NET_ADMIN"],
+             "CapDrop": ["MKNOD"],
+             "GroupAdd": ["newgroup"],
+             "RestartPolicy": { "Name": "", "MaximumRetryCount": 0 },
+             "NetworkMode": "bridge",
+             "Devices": [],
+             "Ulimits": [{}],
+             "LogConfig": { "Type": "json-file", "Config": {} },
+             "SecurityOpt": [],
+             "CgroupParent": "",
+             "VolumeDriver": "",
+             "ShmSize": 67108864
+          },
+          "NetworkingConfig": {
+          "EndpointsConfig": {
+              "isolated_nw" : {
+                  "IPAMConfig": {
+                      "IPv4Address":"172.20.30.33",
+                      "IPv6Address":"2001:db8:abcd::3033"
+                  },
+                  "Links":["container_1", "container_2"],
+                  "Aliases":["server_x", "server_y"]
+              }
+          }
+      }
+
+**Example response**:
+
+      HTTP/1.1 201 Created
+      Content-Type: application/json
+
+      {
+           "Id":"e90e34656806",
+           "Warnings":[]
+      }
+
+Json Parameters:
+
+-   **Hostname** - A string value containing the hostname to use for the
+      container.
+-   **Domainname** - A string value containing the domain name to use
+      for the container.
+-   **User** - A string value specifying the user inside the container.
+-   **Memory** - Memory limit in bytes.
+-   **MemorySwap** - Total memory limit (memory + swap); set `-1` to enable unlimited swap.
+      You must use this with `memory` and make the swap value larger than `memory`.
+-   **MemoryReservation** - Memory soft limit in bytes.
+-   **KernelMemory** - Kernel memory limit in bytes.
+-   **CpuShares** - An integer value containing the container's CPU Shares
+      (ie. the relative weight vs other containers).
+-   **CpuPeriod** - The length of a CPU period in microseconds.
+-   **CpuQuota** - Microseconds of CPU time that the container can get in a CPU period.
+-   **Cpuset** - Deprecated please don't use. Use `CpusetCpus` instead.
+-   **CpusetCpus** - String value containing the `cgroups CpusetCpus` to use.
+-   **CpusetMems** - Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems.
+-   **BlkioWeight** - Block IO weight (relative weight) accepts a weight value between 10 and 1000.
+-   **BlkioWeightDevice** - Block IO weight (relative device weight) in the form of:        `"BlkioWeightDevice": [{"Path": "device_path", "Weight": weight}]`
+-   **BlkioDeviceReadBps** - Limit read rate (bytes per second) from a device in the form of:	`"BlkioDeviceReadBps": [{"Path": "device_path", "Rate": rate}]`, for example:
+	`"BlkioDeviceReadBps": [{"Path": "/dev/sda", "Rate": "1024"}]"`
+-   **BlkioDeviceWriteBps** - Limit write rate (bytes per second) to a device in the form of:	`"BlkioDeviceWriteBps": [{"Path": "device_path", "Rate": rate}]`, for example:
+	`"BlkioDeviceWriteBps": [{"Path": "/dev/sda", "Rate": "1024"}]"`
+-   **BlkioDeviceReadIOps** - Limit read rate (IO per second) from a device in the form of:	`"BlkioDeviceReadIOps": [{"Path": "device_path", "Rate": rate}]`, for example:
+	`"BlkioDeviceReadIOps": [{"Path": "/dev/sda", "Rate": "1000"}]`
+-   **BlkioDeviceWiiteIOps** - Limit write rate (IO per second) to a device in the form of:	`"BlkioDeviceWriteIOps": [{"Path": "device_path", "Rate": rate}]`, for example:
+	`"BlkioDeviceWriteIOps": [{"Path": "/dev/sda", "Rate": "1000"}]`
+-   **MemorySwappiness** - Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100.
+-   **OomKillDisable** - Boolean value, whether to disable OOM Killer for the container or not.
+-   **OomScoreAdj** - An integer value containing the score given to the container in order to tune OOM killer preferences.
+-   **PidsLimit** - Tune a container's pids limit. Set -1 for unlimited.
+-   **AttachStdin** - Boolean value, attaches to `stdin`.
+-   **AttachStdout** - Boolean value, attaches to `stdout`.
+-   **AttachStderr** - Boolean value, attaches to `stderr`.
+-   **Tty** - Boolean value, Attach standard streams to a `tty`, including `stdin` if it is not closed.
+-   **OpenStdin** - Boolean value, opens stdin,
+-   **StdinOnce** - Boolean value, close `stdin` after the 1 attached client disconnects.
+-   **Env** - A list of environment variables in the form of `["VAR=value"[,"VAR2=value2"]]`
+-   **Labels** - Adds a map of labels to a container. To specify a map: `{"key":"value"[,"key2":"value2"]}`
+-   **Cmd** - Command to run specified as a string or an array of strings.
+-   **Entrypoint** - Set the entry point for the container as a string or an array
+      of strings.
+-   **Image** - A string specifying the image name to use for the container.
+-   **Volumes** - An object mapping mount point paths (strings) inside the
+      container to empty objects.
+-   **WorkingDir** - A string specifying the working directory for commands to
+      run in.
+-   **NetworkDisabled** - Boolean value, when true disables networking for the
+      container
+-   **ExposedPorts** - An object mapping ports to an empty object in the form of:
+      `"ExposedPorts": { "<port>/<tcp|udp>: {}" }`
+-   **StopSignal** - Signal to stop a container as a string or unsigned integer. `SIGTERM` by default.
+-   **HostConfig**
+    -   **Binds** – A list of volume bindings for this container. Each volume binding is a string in one of these forms:
+           + `host_path:container_path` to bind-mount a host path into the container
+           + `host_path:container_path:ro` to make the bind-mount read-only inside the container.
+           + `volume_name:container_path` to bind-mount a volume managed by a volume plugin into the container.
+           + `volume_name:container_path:ro` to make the bind mount read-only inside the container.
+    -   **Links** - A list of links for the container. Each link entry should be
+          in the form of `container_name:alias`.
+    -   **PortBindings** - A map of exposed container ports and the host port they
+          should map to. A JSON object in the form
+          `{ <port>/<protocol>: [{ "HostPort": "<port>" }] }`
+          Take note that `port` is specified as a string and not an integer value.
+    -   **PublishAllPorts** - Allocates a random host port for all of a container's
+          exposed ports. Specified as a boolean value.
+    -   **Privileged** - Gives the container full access to the host. Specified as
+          a boolean value.
+    -   **ReadonlyRootfs** - Mount the container's root filesystem as read only.
+          Specified as a boolean value.
+    -   **Dns** - A list of DNS servers for the container to use.
+    -   **DnsOptions** - A list of DNS options
+    -   **DnsSearch** - A list of DNS search domains
+    -   **ExtraHosts** - A list of hostnames/IP mappings to add to the
+        container's `/etc/hosts` file. Specified in the form `["hostname:IP"]`.
+    -   **VolumesFrom** - A list of volumes to inherit from another container.
+          Specified in the form `<container name>[:<ro|rw>]`
+    -   **CapAdd** - A list of kernel capabilities to add to the container.
+    -   **Capdrop** - A list of kernel capabilities to drop from the container.
+    -   **GroupAdd** - A list of additional groups that the container process will run as
+    -   **RestartPolicy** – The behavior to apply when the container exits.  The
+            value is an object with a `Name` property of either `"always"` to
+            always restart, `"unless-stopped"` to restart always except when
+            user has manually stopped the container or `"on-failure"` to restart only when the container
+            exit code is non-zero.  If `on-failure` is used, `MaximumRetryCount`
+            controls the number of times to retry before giving up.
+            The default is not to restart. (optional)
+            An ever increasing delay (double the previous delay, starting at 100mS)
+            is added before each restart to prevent flooding the server.
+    -   **UsernsMode**  - Sets the usernamespace mode for the container when usernamespace remapping option is enabled.
+           supported values are: `host`.
+    -   **NetworkMode** - Sets the networking mode for the container. Supported
+          standard values are: `bridge`, `host`, `none`, and `container:<name|id>`. Any other value is taken
+          as a custom network's name to which this container should connect to.
+    -   **Devices** - A list of devices to add to the container specified as a JSON object in the
+      form
+          `{ "PathOnHost": "/dev/deviceName", "PathInContainer": "/dev/deviceName", "CgroupPermissions": "mrw"}`
+    -   **Ulimits** - A list of ulimits to set in the container, specified as
+          `{ "Name": <name>, "Soft": <soft limit>, "Hard": <hard limit> }`, for example:
+          `Ulimits: { "Name": "nofile", "Soft": 1024, "Hard": 2048 }`
+    -   **SecurityOpt**: A list of string values to customize labels for MLS
+        systems, such as SELinux.
+    -   **LogConfig** - Log configuration for the container, specified as a JSON object in the form
+          `{ "Type": "<driver_name>", "Config": {"key1": "val1"}}`.
+          Available types: `json-file`, `syslog`, `journald`, `gelf`, `fluentd`, `awslogs`, `splunk`, `etwlogs`, `none`.
+          `json-file` logging driver.
+    -   **CgroupParent** - Path to `cgroups` under which the container's `cgroup` is created. If the path is not absolute, the path is considered to be relative to the `cgroups` path of the init process. Cgroups are created if they do not already exist.
+    -   **VolumeDriver** - Driver that this container users to mount volumes.
+    -   **ShmSize** - Size of `/dev/shm` in bytes. The size must be greater than 0.  If omitted the system uses 64MB.
+
+Query Parameters:
+
+-   **name** – Assign the specified name to the container. Must
+    match `/?[a-zA-Z0-9_-]+`.
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **406** – impossible to attach (container not running)
+-   **500** – server error
+
+### Inspect a container
+
+`GET /containers/(id or name)/json`
+
+Return low-level information on the container `id`
+
+
+**Example request**:
+
+      GET /containers/4fa6e0f0c678/json HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+		"AppArmorProfile": "",
+		"Args": [
+			"-c",
+			"exit 9"
+		],
+		"Config": {
+			"AttachStderr": true,
+			"AttachStdin": false,
+			"AttachStdout": true,
+			"Cmd": [
+				"/bin/sh",
+				"-c",
+				"exit 9"
+			],
+			"Domainname": "",
+			"Entrypoint": null,
+			"Env": [
+				"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+			],
+			"ExposedPorts": null,
+			"Hostname": "ba033ac44011",
+			"Image": "ubuntu",
+			"Labels": {
+				"com.example.vendor": "Acme",
+				"com.example.license": "GPL",
+				"com.example.version": "1.0"
+			},
+			"MacAddress": "",
+			"NetworkDisabled": false,
+			"OnBuild": null,
+			"OpenStdin": false,
+			"StdinOnce": false,
+			"Tty": false,
+			"User": "",
+			"Volumes": {
+				"/volumes/data": {}
+			},
+			"WorkingDir": "",
+			"StopSignal": "SIGTERM"
+		},
+		"Created": "2015-01-06T15:47:31.485331387Z",
+		"Driver": "devicemapper",
+		"ExecDriver": "native-0.2",
+		"ExecIDs": null,
+		"HostConfig": {
+			"Binds": null,
+			"BlkioWeight": 0,
+			"BlkioWeightDevice": [{}],
+			"BlkioDeviceReadBps": [{}],
+			"BlkioDeviceWriteBps": [{}],
+			"BlkioDeviceReadIOps": [{}],
+			"BlkioDeviceWriteIOps": [{}],
+			"CapAdd": null,
+			"CapDrop": null,
+			"ContainerIDFile": "",
+			"CpusetCpus": "",
+			"CpusetMems": "",
+			"CpuShares": 0,
+			"CpuPeriod": 100000,
+			"Devices": [],
+			"Dns": null,
+			"DnsOptions": null,
+			"DnsSearch": null,
+			"ExtraHosts": null,
+			"IpcMode": "",
+			"Links": null,
+			"LxcConf": [],
+			"Memory": 0,
+			"MemorySwap": 0,
+			"MemoryReservation": 0,
+			"KernelMemory": 0,
+			"OomKillDisable": false,
+			"OomScoreAdj": 500,
+			"NetworkMode": "bridge",
+			"PortBindings": {},
+			"Privileged": false,
+			"ReadonlyRootfs": false,
+			"PublishAllPorts": false,
+			"RestartPolicy": {
+				"MaximumRetryCount": 2,
+				"Name": "on-failure"
+			},
+			"LogConfig": {
+				"Config": null,
+				"Type": "json-file"
+			},
+			"SecurityOpt": null,
+			"VolumesFrom": null,
+			"Ulimits": [{}],
+			"VolumeDriver": "",
+			"ShmSize": 67108864
+		},
+		"HostnamePath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/hostname",
+		"HostsPath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/hosts",
+		"LogPath": "/var/lib/docker/containers/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b-json.log",
+		"Id": "ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39",
+		"Image": "04c5d3b7b0656168630d3ba35d8889bd0e9caafcaeb3004d2bfbc47e7c5d35d2",
+		"MountLabel": "",
+		"Name": "/boring_euclid",
+		"NetworkSettings": {
+			"Bridge": "",
+			"SandboxID": "",
+			"HairpinMode": false,
+			"LinkLocalIPv6Address": "",
+			"LinkLocalIPv6PrefixLen": 0,
+			"Ports": null,
+			"SandboxKey": "",
+			"SecondaryIPAddresses": null,
+			"SecondaryIPv6Addresses": null,
+			"EndpointID": "",
+			"Gateway": "",
+			"GlobalIPv6Address": "",
+			"GlobalIPv6PrefixLen": 0,
+			"IPAddress": "",
+			"IPPrefixLen": 0,
+			"IPv6Gateway": "",
+			"MacAddress": "",
+			"Networks": {
+				"bridge": {
+					"NetworkID": "7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812",
+					"EndpointID": "7587b82f0dada3656fda26588aee72630c6fab1536d36e394b2bfbcf898c971d",
+					"Gateway": "172.17.0.1",
+					"IPAddress": "172.17.0.2",
+					"IPPrefixLen": 16,
+					"IPv6Gateway": "",
+					"GlobalIPv6Address": "",
+					"GlobalIPv6PrefixLen": 0,
+					"MacAddress": "02:42:ac:12:00:02"
+				}
+			}
+		},
+		"Path": "/bin/sh",
+		"ProcessLabel": "",
+		"ResolvConfPath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/resolv.conf",
+		"RestartCount": 1,
+		"State": {
+			"Error": "",
+			"ExitCode": 9,
+			"FinishedAt": "2015-01-06T15:47:32.080254511Z",
+			"OOMKilled": false,
+			"Dead": false,
+			"Paused": false,
+			"Pid": 0,
+			"Restarting": false,
+			"Running": true,
+			"StartedAt": "2015-01-06T15:47:32.072697474Z",
+			"Status": "running"
+		},
+		"Mounts": [
+			{
+				"Name": "fac362...80535",
+				"Source": "/data",
+				"Destination": "/data",
+				"Driver": "local",
+				"Mode": "ro,Z",
+				"RW": false,
+				"Propagation": ""
+			}
+		]
+	}
+
+**Example request, with size information**:
+
+    GET /containers/4fa6e0f0c678/json?size=1 HTTP/1.1
+
+**Example response, with size information**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+    ....
+    "SizeRw": 0,
+    "SizeRootFs": 972,
+    ....
+    }
+
+Query Parameters:
+
+-   **size** – 1/True/true or 0/False/false, return container size information. Default is `false`.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### List processes running inside a container
+
+`GET /containers/(id or name)/top`
+
+List processes running inside the container `id`. On Unix systems this
+is done by running the `ps` command. This endpoint is not
+supported on Windows.
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+       "Titles" : [
+         "UID", "PID", "PPID", "C", "STIME", "TTY", "TIME", "CMD"
+       ],
+       "Processes" : [
+         [
+           "root", "13642", "882", "0", "17:03", "pts/0", "00:00:00", "/bin/bash"
+         ],
+         [
+           "root", "13735", "13642", "0", "17:06", "pts/0", "00:00:00", "sleep 10"
+         ]
+       ]
+    }
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/top?ps_args=aux HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+      "Titles" : [
+        "USER","PID","%CPU","%MEM","VSZ","RSS","TTY","STAT","START","TIME","COMMAND"
+      ]
+      "Processes" : [
+        [
+          "root","13642","0.0","0.1","18172","3184","pts/0","Ss","17:03","0:00","/bin/bash"
+        ],
+        [
+          "root","13895","0.0","0.0","4348","692","pts/0","S+","17:15","0:00","sleep 10"
+        ]
+      ],
+    }
+
+Query Parameters:
+
+-   **ps_args** – `ps` arguments to use (e.g., `aux`), defaults to `-ef`
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Get container logs
+
+`GET /containers/(id or name)/logs`
+
+Get `stdout` and `stderr` logs from the container ``id``
+
+> **Note**:
+> This endpoint works only for containers with the `json-file` or `journald` logging drivers.
+
+**Example request**:
+
+     GET /containers/4fa6e0f0c678/logs?stderr=1&stdout=1&timestamps=1&follow=1&tail=10&since=1428990821 HTTP/1.1
+
+**Example response**:
+
+     HTTP/1.1 101 UPGRADED
+     Content-Type: application/vnd.docker.raw-stream
+     Connection: Upgrade
+     Upgrade: tcp
+
+     {{ STREAM }}
+
+Query Parameters:
+
+-   **follow** – 1/True/true or 0/False/false, return stream. Default `false`.
+-   **stdout** – 1/True/true or 0/False/false, show `stdout` log. Default `false`.
+-   **stderr** – 1/True/true or 0/False/false, show `stderr` log. Default `false`.
+-   **since** – UNIX timestamp (integer) to filter logs. Specifying a timestamp
+    will only output log-entries since that timestamp. Default: 0 (unfiltered)
+-   **timestamps** – 1/True/true or 0/False/false, print timestamps for
+        every log line. Default `false`.
+-   **tail** – Output specified number of lines at the end of logs: `all` or `<number>`. Default all.
+
+Status Codes:
+
+-   **101** – no error, hints proxy about hijacking
+-   **200** – no error, no upgrade header found
+-   **404** – no such container
+-   **500** – server error
+
+### Inspect changes on a container's filesystem
+
+`GET /containers/(id or name)/changes`
+
+Inspect changes on container `id`'s filesystem
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/changes HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+         {
+                 "Path": "/dev",
+                 "Kind": 0
+         },
+         {
+                 "Path": "/dev/kmsg",
+                 "Kind": 1
+         },
+         {
+                 "Path": "/test",
+                 "Kind": 1
+         }
+    ]
+
+Values for `Kind`:
+
+- `0`: Modify
+- `1`: Add
+- `2`: Delete
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Export a container
+
+`GET /containers/(id or name)/export`
+
+Export the contents of container `id`
+
+**Example request**:
+
+    GET /containers/4fa6e0f0c678/export HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/octet-stream
+
+    {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Get container stats based on resource usage
+
+`GET /containers/(id or name)/stats`
+
+This endpoint returns a live stream of a container's resource usage statistics.
+
+**Example request**:
+
+    GET /containers/redis1/stats HTTP/1.1
+
+**Example response**:
+
+      HTTP/1.1 200 OK
+      Content-Type: application/json
+
+      {
+         "read" : "2015-01-08T22:57:31.547920715Z",
+         "pids_stats": {
+            "current": 3
+         },
+         "networks": {
+                 "eth0": {
+                     "rx_bytes": 5338,
+                     "rx_dropped": 0,
+                     "rx_errors": 0,
+                     "rx_packets": 36,
+                     "tx_bytes": 648,
+                     "tx_dropped": 0,
+                     "tx_errors": 0,
+                     "tx_packets": 8
+                 },
+                 "eth5": {
+                     "rx_bytes": 4641,
+                     "rx_dropped": 0,
+                     "rx_errors": 0,
+                     "rx_packets": 26,
+                     "tx_bytes": 690,
+                     "tx_dropped": 0,
+                     "tx_errors": 0,
+                     "tx_packets": 9
+                 }
+         },
+         "memory_stats" : {
+            "stats" : {
+               "total_pgmajfault" : 0,
+               "cache" : 0,
+               "mapped_file" : 0,
+               "total_inactive_file" : 0,
+               "pgpgout" : 414,
+               "rss" : 6537216,
+               "total_mapped_file" : 0,
+               "writeback" : 0,
+               "unevictable" : 0,
+               "pgpgin" : 477,
+               "total_unevictable" : 0,
+               "pgmajfault" : 0,
+               "total_rss" : 6537216,
+               "total_rss_huge" : 6291456,
+               "total_writeback" : 0,
+               "total_inactive_anon" : 0,
+               "rss_huge" : 6291456,
+               "hierarchical_memory_limit" : 67108864,
+               "total_pgfault" : 964,
+               "total_active_file" : 0,
+               "active_anon" : 6537216,
+               "total_active_anon" : 6537216,
+               "total_pgpgout" : 414,
+               "total_cache" : 0,
+               "inactive_anon" : 0,
+               "active_file" : 0,
+               "pgfault" : 964,
+               "inactive_file" : 0,
+               "total_pgpgin" : 477
+            },
+            "max_usage" : 6651904,
+            "usage" : 6537216,
+            "failcnt" : 0,
+            "limit" : 67108864
+         },
+         "blkio_stats" : {},
+         "cpu_stats" : {
+            "cpu_usage" : {
+               "percpu_usage" : [
+                  8646879,
+                  24472255,
+                  36438778,
+                  30657443
+               ],
+               "usage_in_usermode" : 50000000,
+               "total_usage" : 100215355,
+               "usage_in_kernelmode" : 30000000
+            },
+            "system_cpu_usage" : 739306590000000,
+            "throttling_data" : {"periods":0,"throttled_periods":0,"throttled_time":0}
+         },
+         "precpu_stats" : {
+            "cpu_usage" : {
+               "percpu_usage" : [
+                  8646879,
+                  24350896,
+                  36438778,
+                  30657443
+               ],
+               "usage_in_usermode" : 50000000,
+               "total_usage" : 100093996,
+               "usage_in_kernelmode" : 30000000
+            },
+            "system_cpu_usage" : 9492140000000,
+            "throttling_data" : {"periods":0,"throttled_periods":0,"throttled_time":0}
+         }
+      }
+
+The precpu_stats is the cpu statistic of last read, which is used for calculating the cpu usage percent. It is not the exact copy of the “cpu_stats” field.
+
+Query Parameters:
+
+-   **stream** – 1/True/true or 0/False/false, pull stats once then disconnect. Default `true`.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Resize a container TTY
+
+`POST /containers/(id or name)/resize`
+
+Resize the TTY for container with  `id`. The unit is number of characters. You must restart the container for the resize to take effect.
+
+**Example request**:
+
+      POST /containers/4fa6e0f0c678/resize?h=40&w=80 HTTP/1.1
+
+**Example response**:
+
+      HTTP/1.1 200 OK
+      Content-Length: 0
+      Content-Type: text/plain; charset=utf-8
+
+Query Parameters:
+
+-   **h** – height of `tty` session
+-   **w** – width
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – No such container
+-   **500** – Cannot resize container
+
+### Start a container
+
+`POST /containers/(id or name)/start`
+
+Start the container `id`
+
+> **Note**:
+> For backwards compatibility, this endpoint accepts a `HostConfig` as JSON-encoded request body.
+> See [create a container](#create-a-container) for details.
+
+**Example request**:
+
+    POST /containers/e90e34656806/start HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **detachKeys** – Override the key sequence for detaching a
+        container. Format is a single character `[a-Z]` or `ctrl-<value>`
+        where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`.
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already started
+-   **404** – no such container
+-   **500** – server error
+
+### Stop a container
+
+`POST /containers/(id or name)/stop`
+
+Stop the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/stop?t=5 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **304** – container already stopped
+-   **404** – no such container
+-   **500** – server error
+
+### Restart a container
+
+`POST /containers/(id or name)/restart`
+
+Restart the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/restart?t=5 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **t** – number of seconds to wait before killing the container
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Kill a container
+
+`POST /containers/(id or name)/kill`
+
+Kill the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/kill HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters
+
+-   **signal** - Signal to send to the container: integer or string like `SIGINT`.
+        When not set, `SIGKILL` is assumed and the call waits for the container to exit.
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Update a container
+
+`POST /containers/(id or name)/update`
+
+Update configuration of one or more containers.
+
+**Example request**:
+
+       POST /containers/e90e34656806/update HTTP/1.1
+       Content-Type: application/json
+
+       {
+         "BlkioWeight": 300,
+         "CpuShares": 512,
+         "CpuPeriod": 100000,
+         "CpuQuota": 50000,
+         "CpusetCpus": "0,1",
+         "CpusetMems": "0",
+         "Memory": 314572800,
+         "MemorySwap": 514288000,
+         "MemoryReservation": 209715200,
+         "KernelMemory": 52428800,
+         "RestartPolicy": {
+           "MaximumRetryCount": 4,
+           "Name": "on-failure"
+         },
+       }
+
+**Example response**:
+
+       HTTP/1.1 200 OK
+       Content-Type: application/json
+
+       {
+           "Warnings": []
+       }
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Rename a container
+
+`POST /containers/(id or name)/rename`
+
+Rename the container `id` to a `new_name`
+
+**Example request**:
+
+    POST /containers/e90e34656806/rename?name=new_name HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **name** – new name for the container
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **409** - conflict name already assigned
+-   **500** – server error
+
+### Pause a container
+
+`POST /containers/(id or name)/pause`
+
+Pause the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/pause HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Unpause a container
+
+`POST /containers/(id or name)/unpause`
+
+Unpause the container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/unpause HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Status Codes:
+
+-   **204** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Attach to a container
+
+`POST /containers/(id or name)/attach`
+
+Attach to the container `id`
+
+**Example request**:
+
+    POST /containers/16253994b7c4/attach?logs=1&stream=0&stdout=1 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 101 UPGRADED
+    Content-Type: application/vnd.docker.raw-stream
+    Connection: Upgrade
+    Upgrade: tcp
+
+    {{ STREAM }}
+
+Query Parameters:
+
+-   **detachKeys** – Override the key sequence for detaching a
+        container. Format is a single character `[a-Z]` or `ctrl-<value>`
+        where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`.
+-   **logs** – 1/True/true or 0/False/false, return logs. Default `false`.
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default `false`.
+-   **stdin** – 1/True/true or 0/False/false, if `stream=true`, attach
+        to `stdin`. Default `false`.
+-   **stdout** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stdout` log, if `stream=true`, attach to `stdout`. Default `false`.
+-   **stderr** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
+
+Status Codes:
+
+-   **101** – no error, hints proxy about hijacking
+-   **200** – no error, no upgrade header found
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+    **Stream details**:
+
+    When using the TTY setting is enabled in
+    [`POST /containers/create`
+    ](#create-a-container),
+    the stream is the raw data from the process PTY and client's `stdin`.
+    When the TTY is disabled, then the stream is multiplexed to separate
+    `stdout` and `stderr`.
+
+    The format is a **Header** and a **Payload** (frame).
+
+    **HEADER**
+
+    The header contains the information which the stream writes (`stdout` or
+    `stderr`). It also contains the size of the associated frame encoded in the
+    last four bytes (`uint32`).
+
+    It is encoded on the first eight bytes like this:
+
+        header := [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4}
+
+    `STREAM_TYPE` can be:
+
+-   0: `stdin` (is written on `stdout`)
+-   1: `stdout`
+-   2: `stderr`
+
+    `SIZE1, SIZE2, SIZE3, SIZE4` are the four bytes of
+    the `uint32` size encoded as big endian.
+
+    **PAYLOAD**
+
+    The payload is the raw stream.
+
+    **IMPLEMENTATION**
+
+    The simplest way to implement the Attach protocol is the following:
+
+    1.  Read eight bytes.
+    2.  Choose `stdout` or `stderr` depending on the first byte.
+    3.  Extract the frame size from the last four bytes.
+    4.  Read the extracted size and output it on the correct output.
+    5.  Goto 1.
+
+### Attach to a container (websocket)
+
+`GET /containers/(id or name)/attach/ws`
+
+Attach to the container `id` via websocket
+
+Implements websocket protocol handshake according to [RFC 6455](http://tools.ietf.org/html/rfc6455)
+
+**Example request**
+
+    GET /containers/e90e34656806/attach/ws?logs=0&stream=1&stdin=1&stdout=1&stderr=1 HTTP/1.1
+
+**Example response**
+
+    {{ STREAM }}
+
+Query Parameters:
+
+-   **detachKeys** – Override the key sequence for detaching a
+        container. Format is a single character `[a-Z]` or `ctrl-<value>`
+        where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`.
+-   **logs** – 1/True/true or 0/False/false, return logs. Default `false`.
+-   **stream** – 1/True/true or 0/False/false, return stream.
+        Default `false`.
+-   **stdin** – 1/True/true or 0/False/false, if `stream=true`, attach
+        to `stdin`. Default `false`.
+-   **stdout** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stdout` log, if `stream=true`, attach to `stdout`. Default `false`.
+-   **stderr** – 1/True/true or 0/False/false, if `logs=true`, return
+        `stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
+
+Status Codes:
+
+-   **200** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Wait a container
+
+`POST /containers/(id or name)/wait`
+
+Block until container `id` stops, then returns the exit code
+
+**Example request**:
+
+    POST /containers/16253994b7c4/wait HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"StatusCode": 0}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Remove a container
+
+`DELETE /containers/(id or name)`
+
+Remove the container `id` from the filesystem
+
+**Example request**:
+
+    DELETE /containers/16253994b7c4?v=1 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Query Parameters:
+
+-   **v** – 1/True/true or 0/False/false, Remove the volumes
+        associated to the container. Default `false`.
+-   **force** - 1/True/true or 0/False/false, Kill then remove the container.
+        Default `false`.
+
+Status Codes:
+
+-   **204** – no error
+-   **400** – bad parameter
+-   **404** – no such container
+-   **500** – server error
+
+### Copy files or folders from a container
+
+`POST /containers/(id or name)/copy`
+
+Copy files or folders of container `id`
+
+**Deprecated** in favor of the `archive` endpoint below.
+
+**Example request**:
+
+    POST /containers/4fa6e0f0c678/copy HTTP/1.1
+    Content-Type: application/json
+
+    {
+         "Resource": "test.txt"
+    }
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/x-tar
+
+    {{ TAR STREAM }}
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Retrieving information about files and folders in a container
+
+`HEAD /containers/(id or name)/archive`
+
+See the description of the `X-Docker-Container-Path-Stat` header in the
+following section.
+
+### Get an archive of a filesystem resource in a container
+
+`GET /containers/(id or name)/archive`
+
+Get an tar archive of a resource in the filesystem of container `id`.
+
+Query Parameters:
+
+- **path** - resource in the container's filesystem to archive. Required.
+
+    If not an absolute path, it is relative to the container's root directory.
+    The resource specified by **path** must exist. To assert that the resource
+    is expected to be a directory, **path** should end in `/` or  `/.`
+    (assuming a path separator of `/`). If **path** ends in `/.` then this
+    indicates that only the contents of the **path** directory should be
+    copied. A symlink is always resolved to its target.
+
+    **Note**: It is not possible to copy certain system files such as resources
+    under `/proc`, `/sys`, `/dev`, and mounts created by the user in the
+    container.
+
+**Example request**:
+
+        GET /containers/8cce319429b2/archive?path=/root HTTP/1.1
+
+**Example response**:
+
+        HTTP/1.1 200 OK
+        Content-Type: application/x-tar
+        X-Docker-Container-Path-Stat: eyJuYW1lIjoicm9vdCIsInNpemUiOjQwOTYsIm1vZGUiOjIxNDc0ODQwOTYsIm10aW1lIjoiMjAxNC0wMi0yN1QyMDo1MToyM1oiLCJsaW5rVGFyZ2V0IjoiIn0=
+
+        {{ TAR STREAM }}
+
+On success, a response header `X-Docker-Container-Path-Stat` will be set to a
+base64-encoded JSON object containing some filesystem header information about
+the archived resource. The above example value would decode to the following
+JSON object (whitespace added for readability):
+
+        {
+            "name": "root",
+            "size": 4096,
+            "mode": 2147484096,
+            "mtime": "2014-02-27T20:51:23Z",
+            "linkTarget": ""
+        }
+
+A `HEAD` request can also be made to this endpoint if only this information is
+desired.
+
+Status Codes:
+
+- **200** - success, returns archive of copied resource
+- **400** - client error, bad parameter, details in JSON response body, one of:
+    - must specify path parameter (**path** cannot be empty)
+    - not a directory (**path** was asserted to be a directory but exists as a
+      file)
+- **404** - client error, resource not found, one of:
+    – no such container (container `id` does not exist)
+    - no such file or directory (**path** does not exist)
+- **500** - server error
+
+### Extract an archive of files or folders to a directory in a container
+
+`PUT /containers/(id or name)/archive`
+
+Upload a tar archive to be extracted to a path in the filesystem of container
+`id`.
+
+Query Parameters:
+
+- **path** - path to a directory in the container
+    to extract the archive's contents into. Required.
+
+    If not an absolute path, it is relative to the container's root directory.
+    The **path** resource must exist.
+- **noOverwriteDirNonDir** - If "1", "true", or "True" then it will be an error
+    if unpacking the given content would cause an existing directory to be
+    replaced with a non-directory and vice versa.
+
+**Example request**:
+
+    PUT /containers/8cce319429b2/archive?path=/vol1 HTTP/1.1
+    Content-Type: application/x-tar
+
+    {{ TAR STREAM }}
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes:
+
+- **200** – the content was extracted successfully
+- **400** - client error, bad parameter, details in JSON response body, one of:
+    - must specify path parameter (**path** cannot be empty)
+    - not a directory (**path** should be a directory but exists as a file)
+    - unable to overwrite existing directory with non-directory
+      (if **noOverwriteDirNonDir**)
+    - unable to overwrite existing non-directory with directory
+      (if **noOverwriteDirNonDir**)
+- **403** - client error, permission denied, the volume
+    or container rootfs is marked as read-only.
+- **404** - client error, resource not found, one of:
+    – no such container (container `id` does not exist)
+    - no such file or directory (**path** resource does not exist)
+- **500** – server error
+
+## 2.2 Images
+
+### List Images
+
+`GET /images/json`
+
+**Example request**:
+
+    GET /images/json?all=0 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+      {
+         "RepoTags": [
+           "ubuntu:12.04",
+           "ubuntu:precise",
+           "ubuntu:latest"
+         ],
+         "Id": "8dbd9e392a964056420e5d58ca5cc376ef18e2de93b5cc90e868a1bbc8318c1c",
+         "Created": 1365714795,
+         "Size": 131506275,
+         "VirtualSize": 131506275,
+         "Labels": {}
+      },
+      {
+         "RepoTags": [
+           "ubuntu:12.10",
+           "ubuntu:quantal"
+         ],
+         "ParentId": "27cf784147099545",
+         "Id": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc",
+         "Created": 1364102658,
+         "Size": 24653,
+         "VirtualSize": 180116135,
+         "Labels": {
+            "com.example.version": "v1"
+         }
+      }
+    ]
+
+**Example request, with digest information**:
+
+    GET /images/json?digests=1 HTTP/1.1
+
+**Example response, with digest information**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+      {
+        "Created": 1420064636,
+        "Id": "4986bf8c15363d1c5d15512d5266f8777bfba4974ac56e3270e7760f6f0a8125",
+        "ParentId": "ea13149945cb6b1e746bf28032f02e9b5a793523481a0a18645fc77ad53c4ea2",
+        "RepoDigests": [
+          "localhost:5000/test/busybox@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf"
+        ],
+        "RepoTags": [
+          "localhost:5000/test/busybox:latest",
+          "playdate:latest"
+        ],
+        "Size": 0,
+        "VirtualSize": 2429728,
+        "Labels": {}
+      }
+    ]
+
+The response shows a single image `Id` associated with two repositories
+(`RepoTags`): `localhost:5000/test/busybox`: and `playdate`. A caller can use
+either of the `RepoTags` values `localhost:5000/test/busybox:latest` or
+`playdate:latest` to reference the image.
+
+You can also use `RepoDigests` values to reference an image. In this response,
+the array has only one reference and that is to the
+`localhost:5000/test/busybox` repository; the `playdate` repository has no
+digest. You can reference this digest using the value:
+`localhost:5000/test/busybox@sha256:cbbf2f9a99b47fc460d...`
+
+See the `docker run` and `docker build` commands for examples of digest and tag
+references on the command line.
+
+Query Parameters:
+
+-   **all** – 1/True/true or 0/False/false, default false
+-   **filters** – a JSON encoded value of the filters (a map[string][]string) to process on the images list. Available filters:
+  -   `dangling=true`
+  -   `label=key` or `label="key=value"` of an image label
+-   **filter** - only return images with the specified name
+
+### Build image from a Dockerfile
+
+`POST /build`
+
+Build an image from a Dockerfile
+
+**Example request**:
+
+    POST /build HTTP/1.1
+
+    {{ TAR STREAM }}
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"stream": "Step 1..."}
+    {"stream": "..."}
+    {"error": "Error...", "errorDetail": {"code": 123, "message": "Error..."}}
+
+The input stream must be a `tar` archive compressed with one of the
+following algorithms: `identity` (no compression), `gzip`, `bzip2`, `xz`.
+
+The archive must include a build instructions file, typically called
+`Dockerfile` at the archive's root. The `dockerfile` parameter may be
+used to specify a different build instructions file. To do this, its value must be
+the path to the alternate build instructions file to use.
+
+The archive may include any number of other files,
+which are accessible in the build context (See the [*ADD build
+command*](../../reference/builder.md#dockerbuilder)).
+
+The build is canceled if the client drops the connection by quitting
+or being killed.
+
+Query Parameters:
+
+-   **dockerfile** - Path within the build context to the Dockerfile. This is
+        ignored if `remote` is specified and points to an individual filename.
+-   **t** – A name and optional tag to apply to the image in the `name:tag` format.
+        If you omit the `tag` the default `latest` value is assumed.
+        You can provide one or more `t` parameters.
+-   **remote** – A Git repository URI or HTTP/HTTPS URI build source. If the
+        URI specifies a filename, the file's contents are placed into a file
+        called `Dockerfile`.
+-   **q** – Suppress verbose build output.
+-   **nocache** – Do not use the cache when building the image.
+-   **pull** - Attempt to pull the image even if an older image exists locally.
+-   **rm** - Remove intermediate containers after a successful build (default behavior).
+-   **forcerm** - Always remove intermediate containers (includes `rm`).
+-   **memory** - Set memory limit for build.
+-   **memswap** - Total memory (memory + swap), `-1` to enable unlimited swap.
+-   **cpushares** - CPU shares (relative weight).
+-   **cpusetcpus** - CPUs in which to allow execution (e.g., `0-3`, `0,1`).
+-   **cpuperiod** - The length of a CPU period in microseconds.
+-   **cpuquota** - Microseconds of CPU time that the container can get in a CPU period.
+-   **buildargs** – JSON map of string pairs for build-time variables. Users pass
+        these values at build-time. Docker uses the `buildargs` as the environment
+        context for command(s) run via the Dockerfile's `RUN` instruction or for
+        variable expansion in other Dockerfile instructions. This is not meant for
+        passing secret values. [Read more about the buildargs instruction](../../reference/builder.md#arg)
+-   **shmsize** - Size of `/dev/shm` in bytes. The size must be greater than 0.  If omitted the system uses 64MB.
+-   **labels** – JSON map of string pairs for labels to set on the image.
+
+    Request Headers:
+
+-   **Content-type** – Set to `"application/tar"`.
+-   **X-Registry-Config** – A base64-url-safe-encoded Registry Auth Config JSON
+        object with the following structure:
+
+            {
+                "docker.example.com": {
+                    "username": "janedoe",
+                    "password": "hunter2"
+                },
+                "https://index.docker.io/v1/": {
+                    "username": "mobydock",
+                    "password": "conta1n3rize14"
+                }
+            }
+
+        This object maps the hostname of a registry to an object containing the
+        "username" and "password" for that registry. Multiple registries may
+        be specified as the build may be based on an image requiring
+        authentication to pull from any arbitrary registry. Only the registry
+        domain name (and port if not the default "443") are required. However
+        (for legacy reasons) the "official" Docker, Inc. hosted registry must
+        be specified with both a "https://" prefix and a "/v1/" suffix even
+        though Docker will prefer to use the v2 registry API.
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Create an image
+
+`POST /images/create`
+
+Create an image either by pulling it from the registry or by importing it
+
+**Example request**:
+
+    POST /images/create?fromImage=ubuntu HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"status": "Pulling..."}
+    {"status": "Pulling", "progress": "1 B/ 100 B", "progressDetail": {"current": 1, "total": 100}}
+    {"error": "Invalid..."}
+    ...
+
+When using this endpoint to pull an image from the registry, the
+`X-Registry-Auth` header can be used to include
+a base64-encoded AuthConfig object.
+
+Query Parameters:
+
+-   **fromImage** – Name of the image to pull. The name may include a tag or
+        digest. This parameter may only be used when pulling an image.
+        The pull is cancelled if the HTTP connection is closed.
+-   **fromSrc** – Source to import.  The value may be a URL from which the image
+        can be retrieved or `-` to read the image from the request body.
+        This parameter may only be used when importing an image.
+-   **repo** – Repository name given to an image when it is imported.
+        The repo may include a tag. This parameter may only be used when importing
+        an image.
+-   **tag** – Tag or digest.
+
+    Request Headers:
+
+-   **X-Registry-Auth** – base64-encoded AuthConfig object, containing either login information, or a token
+    - Credential based login:
+
+        ```
+    {
+            "username": "jdoe",
+            "password": "secret",
+            "email": "jdoe@acme.com",
+    }
+        ```
+
+    - Token based login:
+
+        ```
+    {
+            "registrytoken": "9cbaf023786cd7..."
+    }
+        ```
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+
+
+### Inspect an image
+
+`GET /images/(name)/json`
+
+Return low-level information on the image `name`
+
+**Example request**:
+
+    GET /images/example/json HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+       "Id" : "sha256:85f05633ddc1c50679be2b16a0479ab6f7637f8884e0cfe0f4d20e1ebb3d6e7c",
+       "Container" : "cb91e48a60d01f1e27028b4fc6819f4f290b3cf12496c8176ec714d0d390984a",
+       "Comment" : "",
+       "Os" : "linux",
+       "Architecture" : "amd64",
+       "Parent" : "sha256:91e54dfb11794fad694460162bf0cb0a4fa710cfa3f60979c177d920813e267c",
+       "ContainerConfig" : {
+          "Tty" : false,
+          "Hostname" : "e611e15f9c9d",
+          "Volumes" : null,
+          "Domainname" : "",
+          "AttachStdout" : false,
+          "PublishService" : "",
+          "AttachStdin" : false,
+          "OpenStdin" : false,
+          "StdinOnce" : false,
+          "NetworkDisabled" : false,
+          "OnBuild" : [],
+          "Image" : "91e54dfb11794fad694460162bf0cb0a4fa710cfa3f60979c177d920813e267c",
+          "User" : "",
+          "WorkingDir" : "",
+          "Entrypoint" : null,
+          "MacAddress" : "",
+          "AttachStderr" : false,
+          "Labels" : {
+             "com.example.license" : "GPL",
+             "com.example.version" : "1.0",
+             "com.example.vendor" : "Acme"
+          },
+          "Env" : [
+             "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+          ],
+          "ExposedPorts" : null,
+          "Cmd" : [
+             "/bin/sh",
+             "-c",
+             "#(nop) LABEL com.example.vendor=Acme com.example.license=GPL com.example.version=1.0"
+          ]
+       },
+       "DockerVersion" : "1.9.0-dev",
+       "VirtualSize" : 188359297,
+       "Size" : 0,
+       "Author" : "",
+       "Created" : "2015-09-10T08:30:53.26995814Z",
+       "GraphDriver" : {
+          "Name" : "aufs",
+          "Data" : null
+       },
+       "RepoDigests" : [
+          "localhost:5000/test/busybox/example@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf"
+       ],
+       "RepoTags" : [
+          "example:1.0",
+          "example:latest",
+          "example:stable"
+       ],
+       "Config" : {
+          "Image" : "91e54dfb11794fad694460162bf0cb0a4fa710cfa3f60979c177d920813e267c",
+          "NetworkDisabled" : false,
+          "OnBuild" : [],
+          "StdinOnce" : false,
+          "PublishService" : "",
+          "AttachStdin" : false,
+          "OpenStdin" : false,
+          "Domainname" : "",
+          "AttachStdout" : false,
+          "Tty" : false,
+          "Hostname" : "e611e15f9c9d",
+          "Volumes" : null,
+          "Cmd" : [
+             "/bin/bash"
+          ],
+          "ExposedPorts" : null,
+          "Env" : [
+             "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+          ],
+          "Labels" : {
+             "com.example.vendor" : "Acme",
+             "com.example.version" : "1.0",
+             "com.example.license" : "GPL"
+          },
+          "Entrypoint" : null,
+          "MacAddress" : "",
+          "AttachStderr" : false,
+          "WorkingDir" : "",
+          "User" : ""
+       },
+       "RootFS": {
+           "Type": "layers",
+           "Layers": [
+               "sha256:1834950e52ce4d5a88a1bbd131c537f4d0e56d10ff0dd69e66be3b7dfa9df7e6",
+               "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef"
+           ]
+       }
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Get the history of an image
+
+`GET /images/(name)/history`
+
+Return the history of the image `name`
+
+**Example request**:
+
+    GET /images/ubuntu/history HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+        {
+            "Id": "3db9c44f45209632d6050b35958829c3a2aa256d81b9a7be45b362ff85c54710",
+            "Created": 1398108230,
+            "CreatedBy": "/bin/sh -c #(nop) ADD file:eb15dbd63394e063b805a3c32ca7bf0266ef64676d5a6fab4801f2e81e2a5148 in /",
+            "Tags": [
+                "ubuntu:lucid",
+                "ubuntu:10.04"
+            ],
+            "Size": 182964289,
+            "Comment": ""
+        },
+        {
+            "Id": "6cfa4d1f33fb861d4d114f43b25abd0ac737509268065cdfd69d544a59c85ab8",
+            "Created": 1398108222,
+            "CreatedBy": "/bin/sh -c #(nop) MAINTAINER Tianon Gravi <admwiggin@gmail.com> - mkimage-debootstrap.sh -i iproute,iputils-ping,ubuntu-minimal -t lucid.tar.xz lucid http://archive.ubuntu.com/ubuntu/",
+            "Tags": null,
+            "Size": 0,
+            "Comment": ""
+        },
+        {
+            "Id": "511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158",
+            "Created": 1371157430,
+            "CreatedBy": "",
+            "Tags": [
+                "scratch12:latest",
+                "scratch:latest"
+            ],
+            "Size": 0,
+            "Comment": "Imported from -"
+        }
+    ]
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Push an image on the registry
+
+`POST /images/(name)/push`
+
+Push the image `name` on the registry
+
+**Example request**:
+
+    POST /images/test/push HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {"status": "Pushing..."}
+    {"status": "Pushing", "progress": "1/? (n/a)", "progressDetail": {"current": 1}}}
+    {"error": "Invalid..."}
+    ...
+
+If you wish to push an image on to a private registry, that image must already have a tag
+into a repository which references that registry `hostname` and `port`.  This repository name should
+then be used in the URL. This duplicates the command line's flow.
+
+The push is cancelled if the HTTP connection is closed.
+
+**Example request**:
+
+    POST /images/registry.acme.com:5000/test/push HTTP/1.1
+
+
+Query Parameters:
+
+-   **tag** – The tag to associate with the image on the registry. This is optional.
+
+Request Headers:
+
+-   **X-Registry-Auth** – base64-encoded AuthConfig object, containing either login information, or a token
+    - Credential based login:
+
+        ```
+    {
+            "username": "jdoe",
+            "password": "secret",
+            "email": "jdoe@acme.com",
+    }
+        ```
+
+    - Identity token based login:
+
+        ```
+    {
+            "identitytoken": "9cbaf023786cd7..."
+    }
+        ```
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **500** – server error
+
+### Tag an image into a repository
+
+`POST /images/(name)/tag`
+
+Tag the image `name` into a repository
+
+**Example request**:
+
+    POST /images/test/tag?repo=myrepo&force=0&tag=v42 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+
+Query Parameters:
+
+-   **repo** – The repository to tag in
+-   **force** – 1/True/true or 0/False/false, default false
+-   **tag** - The new tag name
+
+Status Codes:
+
+-   **201** – no error
+-   **400** – bad parameter
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Remove an image
+
+`DELETE /images/(name)`
+
+Remove the image `name` from the filesystem
+
+**Example request**:
+
+    DELETE /images/test HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-type: application/json
+
+    [
+     {"Untagged": "3e2f21a89f"},
+     {"Deleted": "3e2f21a89f"},
+     {"Deleted": "53b4f83ac9"}
+    ]
+
+Query Parameters:
+
+-   **force** – 1/True/true or 0/False/false, default false
+-   **noprune** – 1/True/true or 0/False/false, default false
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such image
+-   **409** – conflict
+-   **500** – server error
+
+### Search images
+
+`GET /images/search`
+
+Search for an image on [Docker Hub](https://hub.docker.com).
+
+> **Note**:
+> The response keys have changed from API v1.6 to reflect the JSON
+> sent by the registry server to the docker daemon's request.
+
+**Example request**:
+
+    GET /images/search?term=sshd HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+            {
+                "description": "",
+                "is_official": false,
+                "is_automated": false,
+                "name": "wma55/u1210sshd",
+                "star_count": 0
+            },
+            {
+                "description": "",
+                "is_official": false,
+                "is_automated": false,
+                "name": "jdswinbank/sshd",
+                "star_count": 0
+            },
+            {
+                "description": "",
+                "is_official": false,
+                "is_automated": false,
+                "name": "vgauthier/sshd",
+                "star_count": 0
+            }
+    ...
+    ]
+
+Query Parameters:
+
+-   **term** – term to search
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+## 2.3 Misc
+
+### Check auth configuration
+
+`POST /auth`
+
+Validate credentials for a registry and get identity token,
+if available, for accessing the registry without password.
+
+**Example request**:
+
+    POST /auth HTTP/1.1
+    Content-Type: application/json
+
+    {
+         "username": "hannibal",
+         "password": "xxxx",
+         "serveraddress": "https://index.docker.io/v1/"
+    }
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+    {
+         "Status": "Login Succeeded",
+         "IdentityToken": "9cbaf023786cd7..."
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **204** – no error
+-   **500** – server error
+
+### Display system-wide information
+
+`GET /info`
+
+Display system-wide information
+
+**Example request**:
+
+    GET /info HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+        "Architecture": "x86_64",
+        "ClusterStore": "etcd://localhost:2379",
+        "CgroupDriver": "cgroupfs",
+        "Containers": 11,
+        "ContainersRunning": 7,
+        "ContainersStopped": 3,
+        "ContainersPaused": 1,
+        "CpuCfsPeriod": true,
+        "CpuCfsQuota": true,
+        "Debug": false,
+        "DockerRootDir": "/var/lib/docker",
+        "Driver": "btrfs",
+        "DriverStatus": [[""]],
+        "ExecutionDriver": "native-0.1",
+        "ExperimentalBuild": false,
+        "HttpProxy": "http://test:test@localhost:8080",
+        "HttpsProxy": "https://test:test@localhost:8080",
+        "ID": "7TRN:IPZB:QYBB:VPBQ:UMPP:KARE:6ZNR:XE6T:7EWV:PKF4:ZOJD:TPYS",
+        "IPv4Forwarding": true,
+        "Images": 16,
+        "IndexServerAddress": "https://index.docker.io/v1/",
+        "InitPath": "/usr/bin/docker",
+        "InitSha1": "",
+        "KernelMemory": true,
+        "KernelVersion": "3.12.0-1-amd64",
+        "Labels": [
+            "storage=ssd"
+        ],
+        "MemTotal": 2099236864,
+        "MemoryLimit": true,
+        "NCPU": 1,
+        "NEventsListener": 0,
+        "NFd": 11,
+        "NGoroutines": 21,
+        "Name": "prod-server-42",
+        "NoProxy": "9.81.1.160",
+        "OomKillDisable": true,
+        "OSType": "linux",
+        "OperatingSystem": "Boot2Docker",
+        "Plugins": {
+            "Volume": [
+                "local"
+            ],
+            "Network": [
+                "null",
+                "host",
+                "bridge"
+            ]
+        },
+        "RegistryConfig": {
+            "IndexConfigs": {
+                "docker.io": {
+                    "Mirrors": null,
+                    "Name": "docker.io",
+                    "Official": true,
+                    "Secure": true
+                }
+            },
+            "InsecureRegistryCIDRs": [
+                "127.0.0.0/8"
+            ]
+        },
+        "ServerVersion": "1.9.0",
+        "SwapLimit": false,
+        "SystemStatus": [["State", "Healthy"]],
+        "SystemTime": "2015-03-10T11:11:23.730591467-07:00"
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Show the docker version information
+
+`GET /version`
+
+Show the docker version information
+
+**Example request**:
+
+    GET /version HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+         "Version": "1.10.0-dev",
+         "Os": "linux",
+         "KernelVersion": "3.19.0-23-generic",
+         "GoVersion": "go1.4.2",
+         "GitCommit": "e75da4b",
+         "Arch": "amd64",
+         "ApiVersion": "1.23",
+         "BuildTime": "2015-12-01T07:09:13.444803460+00:00",
+         "Experimental": true
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Ping the docker server
+
+`GET /_ping`
+
+Ping the docker server
+
+**Example request**:
+
+    GET /_ping HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: text/plain
+
+    OK
+
+Status Codes:
+
+-   **200** - no error
+-   **500** - server error
+
+### Create a new image from a container's changes
+
+`POST /commit`
+
+Create a new image from a container's changes
+
+**Example request**:
+
+    POST /commit?container=44c004db4b17&comment=message&repo=myrepo HTTP/1.1
+    Content-Type: application/json
+
+    {
+         "Hostname": "",
+         "Domainname": "",
+         "User": "",
+         "AttachStdin": false,
+         "AttachStdout": true,
+         "AttachStderr": true,
+         "Tty": false,
+         "OpenStdin": false,
+         "StdinOnce": false,
+         "Env": null,
+         "Cmd": [
+                 "date"
+         ],
+         "Mounts": [
+           {
+             "Source": "/data",
+             "Destination": "/data",
+             "Mode": "ro,Z",
+             "RW": false
+           }
+         ],
+         "Labels": {
+                 "key1": "value1",
+                 "key2": "value2"
+          },
+         "WorkingDir": "",
+         "NetworkDisabled": false,
+         "ExposedPorts": {
+                 "22/tcp": {}
+         }
+    }
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+    Content-Type: application/json
+
+    {"Id": "596069db4bf5"}
+
+Json Parameters:
+
+-  **config** - the container's configuration
+
+Query Parameters:
+
+-   **container** – source container
+-   **repo** – repository
+-   **tag** – tag
+-   **comment** – commit message
+-   **author** – author (e.g., "John Hannibal Smith
+    <[hannibal@a-team.com](mailto:hannibal%40a-team.com)>")
+-   **pause** – 1/True/true or 0/False/false, whether to pause the container before committing
+-   **changes** – Dockerfile instructions to apply while committing
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **500** – server error
+
+### Monitor Docker's events
+
+`GET /events`
+
+Get container events from docker, either in real time via streaming, or via polling (using since).
+
+Docker containers report the following events:
+
+    attach, commit, copy, create, destroy, die, exec_create, exec_start, export, kill, oom, pause, rename, resize, restart, start, stop, top, unpause, update
+
+Docker images report the following events:
+
+    delete, import, pull, push, tag, untag
+
+Docker volumes report the following events:
+
+    create, mount, unmount, destroy
+
+Docker networks report the following events:
+
+    create, connect, disconnect, destroy
+
+**Example request**:
+
+    GET /events?since=1374067924
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    [
+	    {
+		"action": "pull",
+		"type": "image",
+		"actor": {
+			"id": "busybox:latest",
+			"attributes": {}
+		}
+		"time": 1442421700,
+		"timeNano": 1442421700598988358
+	    },
+            {
+		"action": "create",
+		"type": "container",
+		"actor": {
+			"id": "5745704abe9caa5",
+			"attributes": {"image": "busybox"}
+		}
+		"time": 1442421716,
+		"timeNano": 1442421716853979870
+	    },
+            {
+		"action": "attach",
+		"type": "container",
+		"actor": {
+			"id": "5745704abe9caa5",
+			"attributes": {"image": "busybox"}
+		}
+		"time": 1442421716,
+		"timeNano": 1442421716894759198
+	    },
+            {
+		"action": "start",
+		"type": "container",
+		"actor": {
+			"id": "5745704abe9caa5",
+			"attributes": {"image": "busybox"}
+		}
+		"time": 1442421716,
+		"timeNano": 1442421716983607193
+	    }
+    ]
+
+Query Parameters:
+
+-   **since** – Timestamp used for polling
+-   **until** – Timestamp used for polling
+-   **filters** – A json encoded value of the filters (a map[string][]string) to process on the event list. Available filters:
+  -   `container=<string>`; -- container to filter
+  -   `event=<string>`; -- event to filter
+  -   `image=<string>`; -- image to filter
+  -   `label=<string>`; -- image and container label to filter
+  -   `type=<string>`; -- either `container` or `image` or `volume` or `network`
+  -   `volume=<string>`; -- volume to filter
+  -   `network=<string>`; -- network to filter
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images in a repository
+
+`GET /images/(name)/get`
+
+Get a tarball containing all images and metadata for the repository specified
+by `name`.
+
+If `name` is a specific name and tag (e.g. ubuntu:latest), then only that image
+(and its parents) are returned. If `name` is an image ID, similarly only that
+image (and its parents) are returned, but with the exclusion of the
+'repositories' file in the tarball, as there were no image names referenced.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+    GET /images/ubuntu/get
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/x-tar
+
+    Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Get a tarball containing all images.
+
+`GET /images/get`
+
+Get a tarball containing all images and metadata for one or more repositories.
+
+For each value of the `names` parameter: if it is a specific name and tag (e.g.
+`ubuntu:latest`), then only that image (and its parents) are returned; if it is
+an image ID, similarly only that image (and its parents) are returned and there
+would be no names referenced in the 'repositories' file for this image ID.
+
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+    GET /images/get?names=myname%2Fmyapp%3Alatest&names=busybox
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/x-tar
+
+    Binary data stream
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Load a tarball with a set of images and tags into docker
+
+`POST /images/load`
+
+Load a set of images and tags into a Docker repository.
+See the [image tarball format](#image-tarball-format) for more details.
+
+**Example request**
+
+    POST /images/load
+
+    Tarball in body
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes:
+
+-   **200** – no error
+-   **500** – server error
+
+### Image tarball format
+
+An image tarball contains one directory per image layer (named using its long ID),
+each containing these files:
+
+- `VERSION`: currently `1.0` - the file format version
+- `json`: detailed layer information, similar to `docker inspect layer_id`
+- `layer.tar`: A tarfile containing the filesystem changes in this layer
+
+The `layer.tar` file contains `aufs` style `.wh..wh.aufs` files and directories
+for storing attribute changes and deletions.
+
+If the tarball defines a repository, the tarball should also include a `repositories` file at
+the root that contains a list of repository and tag names mapped to layer IDs.
+
+```
+{"hello-world":
+    {"latest": "565a9d68a73f6706862bfe8409a7f659776d4d60a8d096eb4a3cbce6999cc2a1"}
+}
+```
+
+### Exec Create
+
+`POST /containers/(id or name)/exec`
+
+Sets up an exec instance in a running container `id`
+
+**Example request**:
+
+    POST /containers/e90e34656806/exec HTTP/1.1
+    Content-Type: application/json
+
+      {
+       "AttachStdin": false,
+       "AttachStdout": true,
+       "AttachStderr": true,
+       "DetachKeys": "ctrl-p,ctrl-q",
+       "Tty": false,
+       "Cmd": [
+                     "date"
+             ]
+      }
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+    Content-Type: application/json
+
+    {
+         "Id": "f90e34656806",
+         "Warnings":[]
+    }
+
+Json Parameters:
+
+-   **AttachStdin** - Boolean value, attaches to `stdin` of the `exec` command.
+-   **AttachStdout** - Boolean value, attaches to `stdout` of the `exec` command.
+-   **AttachStderr** - Boolean value, attaches to `stderr` of the `exec` command.
+-   **DetachKeys** – Override the key sequence for detaching a
+        container. Format is a single character `[a-Z]` or `ctrl-<value>`
+        where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`.
+-   **Tty** - Boolean value to allocate a pseudo-TTY.
+-   **Cmd** - Command to run specified as a string or an array of strings.
+
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such container
+-   **409** - container is paused
+-   **500** - server error
+
+### Exec Start
+
+`POST /exec/(id)/start`
+
+Starts a previously set up `exec` instance `id`. If `detach` is true, this API
+returns after starting the `exec` command. Otherwise, this API sets up an
+interactive session with the `exec` command.
+
+**Example request**:
+
+    POST /exec/e90e34656806/start HTTP/1.1
+    Content-Type: application/json
+
+    {
+     "Detach": false,
+     "Tty": false
+    }
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/vnd.docker.raw-stream
+
+    {{ STREAM }}
+
+Json Parameters:
+
+-   **Detach** - Detach from the `exec` command.
+-   **Tty** - Boolean value to allocate a pseudo-TTY.
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such exec instance
+-   **409** - container is paused
+
+    **Stream details**:
+    Similar to the stream behavior of `POST /containers/(id or name)/attach` API
+
+### Exec Resize
+
+`POST /exec/(id)/resize`
+
+Resizes the `tty` session used by the `exec` command `id`.  The unit is number of characters.
+This API is valid only if `tty` was specified as part of creating and starting the `exec` command.
+
+**Example request**:
+
+    POST /exec/e90e34656806/resize?h=40&w=80 HTTP/1.1
+    Content-Type: text/plain
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+    Content-Type: text/plain
+
+Query Parameters:
+
+-   **h** – height of `tty` session
+-   **w** – width
+
+Status Codes:
+
+-   **201** – no error
+-   **404** – no such exec instance
+
+### Exec Inspect
+
+`GET /exec/(id)/json`
+
+Return low-level information about the `exec` command `id`.
+
+**Example request**:
+
+    GET /exec/11fb006128e8ceb3942e7c58d77750f24210e35f879dd204ac975c184b820b39/json HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+        "CanRemove": false,
+        "ContainerID": "b53ee82b53a40c7dca428523e34f741f3abc51d9f297a14ff874bf761b995126",
+        "DetachKeys": "",
+        "ExitCode": 2,
+        "ID": "f33bbfb39f5b142420f4759b2348913bd4a8d1a6d7fd56499cb41a1bb91d7b3b",
+        "OpenStderr": true,
+        "OpenStdin": true,
+        "OpenStdout": true,
+        "ProcessConfig": {
+            "arguments": [
+                "-c",
+                "exit 2"
+            ],
+            "entrypoint": "sh",
+            "privileged": false,
+            "tty": true,
+            "user": "1000"
+        },
+        "Running": false
+    }
+
+Status Codes:
+
+-   **200** – no error
+-   **404** – no such exec instance
+-   **500** - server error
+
+## 2.4 Volumes
+
+### List volumes
+
+`GET /volumes`
+
+**Example request**:
+
+    GET /volumes HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+      "Volumes": [
+        {
+          "Name": "tardis",
+          "Driver": "local",
+          "Mountpoint": "/var/lib/docker/volumes/tardis"
+        }
+      ],
+      "Warnings": []
+    }
+
+Query Parameters:
+
+- **filters** - JSON encoded value of the filters (a `map[string][]string`) to process on the volumes list. There is one available filter: `dangling=true`
+
+Status Codes:
+
+-   **200** - no error
+-   **500** - server error
+
+### Create a volume
+
+`POST /volumes/create`
+
+Create a volume
+
+**Example request**:
+
+    POST /volumes/create HTTP/1.1
+    Content-Type: application/json
+
+    {
+      "Name": "tardis",
+      "Labels": {
+        "com.example.some-label": "some-value",
+        "com.example.some-other-label": "some-other-value"
+      },
+    }
+
+**Example response**:
+
+    HTTP/1.1 201 Created
+    Content-Type: application/json
+
+    {
+      "Name": "tardis",
+      "Driver": "local",
+      "Mountpoint": "/var/lib/docker/volumes/tardis",
+      "Labels": {
+        "com.example.some-label": "some-value",
+        "com.example.some-other-label": "some-other-value"
+      },
+    }
+
+Status Codes:
+
+- **201** - no error
+- **500**  - server error
+
+JSON Parameters:
+
+- **Name** - The new volume's name. If not specified, Docker generates a name.
+- **Driver** - Name of the volume driver to use. Defaults to `local` for the name.
+- **DriverOpts** - A mapping of driver options and values. These options are
+    passed directly to the driver and are driver specific.
+- **Labels** - Labels to set on the volume, specified as a map: `{"key":"value" [,"key2":"value2"]}`
+
+### Inspect a volume
+
+`GET /volumes/(name)`
+
+Return low-level information on the volume `name`
+
+**Example request**:
+
+    GET /volumes/tardis
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+    Content-Type: application/json
+
+    {
+        "Name": "tardis",
+        "Driver": "local",
+        "Mountpoint": "/var/lib/docker/volumes/tardis/_data",
+        "Labels": {
+            "com.example.some-label": "some-value",
+            "com.example.some-other-label": "some-other-value"
+        }
+    }
+
+Status Codes:
+
+-   **200** - no error
+-   **404** - no such volume
+-   **500** - server error
+
+### Remove a volume
+
+`DELETE /volumes/(name)`
+
+Instruct the driver to remove the volume (`name`).
+
+**Example request**:
+
+    DELETE /volumes/tardis HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Status Codes
+
+-   **204** - no error
+-   **404** - no such volume or volume driver
+-   **409** - volume is in use and cannot be removed
+-   **500** - server error
+
+## 2.5 Networks
+
+### List networks
+
+`GET /networks`
+
+**Example request**:
+
+    GET /networks?filters={"type":{"custom":true}} HTTP/1.1
+
+**Example response**:
+
+```
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+[
+  {
+    "Name": "bridge",
+    "Id": "f2de39df4171b0dc801e8002d1d999b77256983dfc63041c0f34030aa3977566",
+    "Scope": "local",
+    "Driver": "bridge",
+    "EnableIPv6": false,
+    "Internal": false,
+    "IPAM": {
+      "Driver": "default",
+      "Config": [
+        {
+          "Subnet": "172.17.0.0/16"
+        }
+      ]
+    },
+    "Containers": {
+      "39b69226f9d79f5634485fb236a23b2fe4e96a0a94128390a7fbbcc167065867": {
+        "EndpointID": "ed2419a97c1d9954d05b46e462e7002ea552f216e9b136b80a7db8d98b442eda",
+        "MacAddress": "02:42:ac:11:00:02",
+        "IPv4Address": "172.17.0.2/16",
+        "IPv6Address": ""
+      }
+    },
+    "Options": {
+      "com.docker.network.bridge.default_bridge": "true",
+      "com.docker.network.bridge.enable_icc": "true",
+      "com.docker.network.bridge.enable_ip_masquerade": "true",
+      "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
+      "com.docker.network.bridge.name": "docker0",
+      "com.docker.network.driver.mtu": "1500"
+    }
+  },
+  {
+    "Name": "none",
+    "Id": "e086a3893b05ab69242d3c44e49483a3bbbd3a26b46baa8f61ab797c1088d794",
+    "Scope": "local",
+    "Driver": "null",
+    "EnableIPv6": false,
+    "Internal": false,
+    "IPAM": {
+      "Driver": "default",
+      "Config": []
+    },
+    "Containers": {},
+    "Options": {}
+  },
+  {
+    "Name": "host",
+    "Id": "13e871235c677f196c4e1ecebb9dc733b9b2d2ab589e30c539efeda84a24215e",
+    "Scope": "local",
+    "Driver": "host",
+    "EnableIPv6": false,
+    "Internal": false,
+    "IPAM": {
+      "Driver": "default",
+      "Config": []
+    },
+    "Containers": {},
+    "Options": {}
+  }
+]
+```
+
+Query Parameters:
+
+- **filters** - JSON encoded network list filter. The filter value is one of:
+  -   `name=<network-name>` Matches all or part of a network name.
+  -   `id=<network-id>` Matches all or part of a network id.
+  -   `type=["custom"|"builtin"]` Filters networks by type. The `custom` keyword returns all user-defined networks.
+
+Status Codes:
+
+-   **200** - no error
+-   **500** - server error
+
+### Inspect network
+
+`GET /networks/<network-id>`
+
+**Example request**:
+
+    GET /networks/7d86d31b1478e7cca9ebed7e73aa0fdeec46c5ca29497431d3007d2d9e15ed99 HTTP/1.1
+
+**Example response**:
+
+```
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+  "Name": "net01",
+  "Id": "7d86d31b1478e7cca9ebed7e73aa0fdeec46c5ca29497431d3007d2d9e15ed99",
+  "Scope": "local",
+  "Driver": "bridge",
+  "EnableIPv6": false,
+  "IPAM": {
+    "Driver": "default",
+    "Config": [
+      {
+        "Subnet": "172.19.0.0/16",
+        "Gateway": "172.19.0.1/16"
+      }
+    ],
+    "Options": {
+        "foo": "bar"
+    }
+  },
+  "Internal": false,
+  "Containers": {
+    "19a4d5d687db25203351ed79d478946f861258f018fe384f229f2efa4b23513c": {
+      "Name": "test",
+      "EndpointID": "628cadb8bcb92de107b2a1e516cbffe463e321f548feb37697cce00ad694f21a",
+      "MacAddress": "02:42:ac:13:00:02",
+      "IPv4Address": "172.19.0.2/16",
+      "IPv6Address": ""
+    }
+  },
+  "Options": {
+    "com.docker.network.bridge.default_bridge": "true",
+    "com.docker.network.bridge.enable_icc": "true",
+    "com.docker.network.bridge.enable_ip_masquerade": "true",
+    "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
+    "com.docker.network.bridge.name": "docker0",
+    "com.docker.network.driver.mtu": "1500"
+  },
+  "Labels": {
+    "com.example.some-label": "some-value",
+    "com.example.some-other-label": "some-other-value"
+  }
+}
+```
+
+Status Codes:
+
+-   **200** - no error
+-   **404** - network not found
+
+### Create a network
+
+`POST /networks/create`
+
+Create a network
+
+**Example request**:
+
+```
+POST /networks/create HTTP/1.1
+Content-Type: application/json
+
+{
+  "Name":"isolated_nw",
+  "CheckDuplicate":false,
+  "Driver":"bridge",
+  "EnableIPv6": true,
+  "IPAM":{
+    "Config":[
+       {
+          "Subnet":"172.20.0.0/16",
+          "IPRange":"172.20.10.0/24",
+          "Gateway":"172.20.10.11"
+        },
+        {
+          "Subnet":"2001:db8:abcd::/64",
+          "Gateway":"2001:db8:abcd::1011"
+        }
+    ],
+    "Options": {
+        "foo": "bar"
+    }
+  },
+  "Internal":true,
+  "Options": {
+    "com.docker.network.bridge.default_bridge": "true",
+    "com.docker.network.bridge.enable_icc": "true",
+    "com.docker.network.bridge.enable_ip_masquerade": "true",
+    "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
+    "com.docker.network.bridge.name": "docker0",
+    "com.docker.network.driver.mtu": "1500"
+  },
+  "Labels": {
+    "com.example.some-label": "some-value",
+    "com.example.some-other-label": "some-other-value"
+  }
+}
+```
+
+**Example response**:
+
+```
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+  "Id": "22be93d5babb089c5aab8dbc369042fad48ff791584ca2da2100db837a1c7c30",
+  "Warning": ""
+}
+```
+
+Status Codes:
+
+- **201** - no error
+- **404** - plugin not found
+- **500** - server error
+
+JSON Parameters:
+
+- **Name** - The new network's name. this is a mandatory field
+- **CheckDuplicate** - Requests daemon to check for networks with same name
+- **Driver** - Name of the network driver plugin to use. Defaults to `bridge` driver
+- **Internal** - Restrict external access to the network
+- **IPAM** - Optional custom IP scheme for the network
+- **EnableIPv6** - Enable IPv6 on the network
+- **Options** - Network specific options to be used by the drivers
+- **Labels** - Labels to set on the network, specified as a map: `{"key":"value" [,"key2":"value2"]}`
+
+### Connect a container to a network
+
+`POST /networks/(id)/connect`
+
+Connect a container to a network
+
+**Example request**:
+
+```
+POST /networks/22be93d5babb089c5aab8dbc369042fad48ff791584ca2da2100db837a1c7c30/connect HTTP/1.1
+Content-Type: application/json
+
+{
+  "Container":"3613f73ba0e4",
+  "EndpointConfig": {
+    "IPAMConfig": {
+        "IPv4Address":"172.24.56.89",
+        "IPv6Address":"2001:db8::5689"
+    }
+  }
+}
+```
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes:
+
+- **200** - no error
+- **404** - network or container is not found
+- **500** - Internal Server Error
+
+JSON Parameters:
+
+- **container** - container-id/name to be connected to the network
+
+### Disconnect a container from a network
+
+`POST /networks/(id)/disconnect`
+
+Disconnect a container from a network
+
+**Example request**:
+
+```
+POST /networks/22be93d5babb089c5aab8dbc369042fad48ff791584ca2da2100db837a1c7c30/disconnect HTTP/1.1
+Content-Type: application/json
+
+{
+  "Container":"3613f73ba0e4",
+  "Force":false
+}
+```
+
+**Example response**:
+
+    HTTP/1.1 200 OK
+
+Status Codes:
+
+- **200** - no error
+- **404** - network or container not found
+- **500** - Internal Server Error
+
+JSON Parameters:
+
+- **Container** - container-id/name to be disconnected from a network
+- **Force** - Force the container to disconnect from a network
+
+### Remove a network
+
+`DELETE /networks/(id)`
+
+Instruct the driver to remove the network (`id`).
+
+**Example request**:
+
+    DELETE /networks/22be93d5babb089c5aab8dbc369042fad48ff791584ca2da2100db837a1c7c30 HTTP/1.1
+
+**Example response**:
+
+    HTTP/1.1 204 No Content
+
+Status Codes
+
+-   **204** - no error
+-   **404** - no such network
+-   **500** - server error
+
+# 3. Going further
+
+## 3.1 Inside `docker run`
+
+As an example, the `docker run` command line makes the following API calls:
+
+- Create the container
+
+- If the status code is 404, it means the image doesn't exist:
+    - Try to pull it.
+    - Then, retry to create the container.
+
+- Start the container.
+
+- If you are not in detached mode:
+- Attach to the container, using `logs=1` (to have `stdout` and
+      `stderr` from the container's start) and `stream=1`
+
+- If in detached mode or only `stdin` is attached, display the container's id.
+
+## 3.2 Hijacking
+
+In this version of the API, `/attach`, uses hijacking to transport `stdin`,
+`stdout`, and `stderr` on the same socket.
+
+To hint potential proxies about connection hijacking, Docker client sends
+connection upgrade headers similarly to websocket.
+
+    Upgrade: tcp
+    Connection: Upgrade
+
+When Docker daemon detects the `Upgrade` header, it switches its status code
+from **200 OK** to **101 UPGRADED** and resends the same headers.
+
+
+## 3.3 CORS Requests
+
+To set cross origin requests to the remote api please give values to
+`--api-cors-header` when running Docker in daemon mode. Set * (asterisk) allows all,
+default or blank means CORS disabled
+
+    $ docker daemon -H="192.168.1.9:2375" --api-cors-header="http://foo.bar"
diff --git a/docs/reference/api/hub_registry_spec.md b/docs/reference/api/hub_registry_spec.md
new file mode 100644
index 00000000..f2517c23
--- /dev/null
+++ b/docs/reference/api/hub_registry_spec.md
@@ -0,0 +1,18 @@
+<!--[metadata]>
++++
+draft = true
+title = "The Docker Hub and the Registry v1"
+description = "Documentation for docker Registry and Registry API"
+keywords = ["docker, registry, api,  hub"]
+[menu.main]
+parent="smn_hub_ref"
++++
+<![end-metadata]-->
+
+# The Docker Hub and the Registry v1
+
+This API is deprecated as of 1.7. To view the old version, see the [go
+here](hub_registry_spec.md) in
+the 1.7 documentation. If you want an overview of the current features in
+Docker Hub or other image management features see the [image management
+overview](../../userguide/eng-image/image_management.md) in the current documentation set.
diff --git a/docs/reference/api/images/event_state.gliffy b/docs/reference/api/images/event_state.gliffy
new file mode 100644
index 00000000..fcf080da
--- /dev/null
+++ b/docs/reference/api/images/event_state.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#FFFFFF","width":1193,"height":556,"nodeIndex":370,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":true,"drawingGuidesOn":true,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":26.46762966848334,"y":100},"max":{"x":1192.861928406027,"y":555.2340187157677}},"printModel":{"pageSize":"Letter","portrait":true,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":373.99998474121094,"y":389.93402099609375,"rotation":0.0,"id":355,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":0,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":191,"py":0.7071067811865475,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":-0.663724900050094,"endArrowRotation":-0.6637248993502937,"interpolationType":"quadratic","cornerRadius":null,"controlPath":[[22.0,-17.0],[94.00000762939453,-17.0],[94.00000762939453,-61.64974974863185],[166.00001525878906,-61.64974974863185]],"lockSegments":{},"ortho":true}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":359,"width":75.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":0.5,"linePerpValue":0.0,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-weight:bold;font-family:Arial;\">docker start</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":275.99998474121094,"y":323.93402099609375,"rotation":0.0,"id":344,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":127,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":335,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":193,"py":0.0,"px":0.7071067811865476}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":105.08369488824782,"endArrowRotation":91.96866662391399,"interpolationType":"quadratic","cornerRadius":null,"controlPath":[[22.531977827253513,30.06597900390625],[22.531977827253513,51.06597900390625],[-52.96697615221987,51.06597900390625],[-52.96697615221987,106.06597900390625]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":347,"width":64.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-weight:bold;font-family:Arial;\">docker rm</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":279.99998474121094,"y":249.93402099609375,"rotation":0.0,"id":342,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":126,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":188,"py":0.5,"px":1.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":191,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-74.99998474121094,0.06597900390625],[297.50001525878906,0.06597900390625],[297.50001525878906,50.06597900390625]],"lockSegments":{},"ortho":true}},"linkMap":[],"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":313.99998474121094,"y":290.93402099609375,"rotation":0.0,"id":341,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":123,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":335,"py":0.5,"px":1.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":191,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[19.531977827253513,28.06597900390625],[88.35546419381131,28.06597900390625],[157.17895056036912,28.06597900390625],[226.00243692692698,28.06597900390625]],"lockSegments":{},"ortho":true}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":353,"width":75.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-weight:bold;font-family:Arial;\">docker start</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":214.99998474121094,"y":322.93402099609375,"rotation":0.0,"id":340,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":122,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":228,"py":0.5733505249023437,"px":1.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":335,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-7.637919363960094,-3.93402099609375],[11.085379699777775,-3.93402099609375],[29.808678763515644,-3.93402099609375],[48.53197782725351,-3.93402099609375]],"lockSegments":{},"ortho":true}},"linkMap":[],"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":83.0,"y":251.0,"rotation":0.0,"id":328,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":116,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":188,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-52.03237033151666,-0.9999999999999716],[47.0,-1.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":332,"width":67.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":0.5233416311379174,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-weight:bold;font-family:Arial;\"><span style=\"\">docker run</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":74.0,"y":318.0,"rotation":0.0,"id":327,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":113,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":228,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-42.0,1.0],[58.5,2.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":333,"width":85.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":0.5689443767164591,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-weight:bold;font-family:Arial;\"><span style=\"\">docker create</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":191.0,"y":409.0,"rotation":0.0,"id":325,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":112,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":193,"py":0.5,"px":0.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":215,"py":0.5,"px":1.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-21.0,41.0],[-61.0,41.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":331.0,"y":346.0,"rotation":0.0,"id":320,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":109,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":209,"py":0.5,"px":0.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":193,"py":0.5,"px":1.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[2.5319625684644507,49.0],[-41.734018715767775,49.0],[-41.734018715767775,104.0],[-86.0,104.0]],"lockSegments":{},"ortho":true}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":324,"width":64.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-weight:bold;font-family:Arial;\">docker rm</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":872.0,"y":503.0,"rotation":0.0,"id":310,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":108,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":205,"py":0.0,"px":0.2928932188134524}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-60.03300858899104,-53.0],[-148.0,-151.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":735.0,"y":341.0,"rotation":0.0,"id":307,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":105,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":203,"py":0.2928932188134525,"px":1.1102230246251563E-16}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[0.0,0.0],[137.5,60.7157287525381]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":309,"width":83.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":0.37922003257116654,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-weight:bold;font-family:Arial;\"><span style=\"\">docker pause</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":1023.0,"y":446.0,"rotation":0.0,"id":298,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":102,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":213,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":205,"py":0.5,"px":1.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[39.5,-1.0],[39.5,24.0],[-158.0,24.0]],"lockSegments":{},"ortho":true}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":313,"width":100.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":0.37286693198126664,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"font-size:12px;font-weight:bold;font-family:Arial;\"><span style=\"\">&nbsp;docker unpause</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":904.0,"y":434.0,"rotation":0.0,"id":295,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":101,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":203,"py":0.5,"px":1.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":213,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[43.5,-24.0],[123.5,-24.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":411.0,"y":419.0,"rotation":0.0,"id":291,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":98,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":217,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[7.2659812842321685,51.0],[-14.0,51.0],[-14.0,-3.0]],"lockSegments":{},"ortho":true}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":292,"width":21.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":0.5714437496124175,"linePerpValue":0.0,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-style:italic;font-family:Arial;\"><span style=\"\">No</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":415.0,"y":419.0,"rotation":0.0,"id":289,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":95,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":217,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":191,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[53.26598128423217,1.0],[53.26598128423217,-32.5],[162.5,-32.5],[162.5,-79.0]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":290,"width":26.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":0.46753493572435184,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-style:italic;font-family:Arial;\"><span style=\"\">Yes</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":521.0,"y":209.0,"rotation":0.0,"id":287,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":94,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":195,"py":0.5,"px":0.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":209,"py":0.5,"px":1.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-11.0,-19.0],[-97.23401871576777,-19.0],[-97.23401871576777,186.0],[-117.46803743153555,186.0]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":988.0,"y":232.0,"rotation":0.0,"id":282,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":93,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":201,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[39.5,18.0],[-150.0,18.0],[-150.0,68.0],[-250.0,68.0]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":664.0,"y":493.0,"rotation":0.0,"id":276,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":92,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":207,"py":0.5,"px":0.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":236,"py":0.7071067811865475,"px":0.9999999999999998}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[8.5,42.23401871576766],[-20.25,42.23401871576766],[-20.25,-44.7157287525381],[-49.0,-44.7157287525381]],"lockSegments":{},"ortho":true}},"linkMap":[],"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":678.0,"y":344.0,"rotation":0.0,"id":273,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":89,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":236,"py":0.29289321881345237,"px":1.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":91.17113025781374,"endArrowRotation":176.63803454243802,"interpolationType":"quadratic","cornerRadius":null,"controlPath":[[2.0,-4.0],[2.0,87.7157287525381],[-63.0,87.7157287525381]],"lockSegments":{},"ortho":true}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":275,"width":59.0,"height":42.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":0.5,"linePerpValue":0.0,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">container&nbsp;</span></span></p><p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">process</span></span></p><p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">exited</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":566.0,"y":431.0,"rotation":0.0,"id":272,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":88,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":236,"py":0.5,"px":0.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":217,"py":0.5,"px":1.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-26.0,9.0],[-36.867009357883944,9.0],[-36.867009357883944,39.0],[-47.73401871576789,39.0]],"lockSegments":{},"ortho":true}},"linkMap":[],"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":785.0,"y":119.0,"rotation":0.0,"id":270,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":87,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":199,"py":0.5,"px":0.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":209,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[5.0,1.0],[-416.46803743153555,1.0],[-416.46803743153555,241.0]],"lockSegments":{},"ortho":true}},"linkMap":[],"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":829.0,"y":172.0,"rotation":0.0,"id":269,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":86,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":248,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":199,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-1.5,-2.0],[-1.5,-32.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":661.0,"y":189.0,"rotation":0.0,"id":267,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":85,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":195,"py":0.5,"px":1.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[7.0,2.284271247461902],[-76.0,1.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":946.0,"y":319.0,"rotation":0.0,"id":263,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":83,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":197,"py":0.5,"px":1.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":233,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.5,1.0],[81.5,1.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":708.0,"y":286.0,"rotation":0.0,"id":256,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":80,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":211,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":254,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-0.5,-2.0],[-0.5,-76.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":258,"width":64.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":0.3108108108108108,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-weight:bold;font-family:Arial;\"><span style=\"\">docker kill</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":710.0,"y":359.0,"rotation":0.0,"id":245,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":68,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":211,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":207,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-2.5,-5.0],[0.0,156.23401871576766]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":247,"width":84.0,"height":28.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"font-style:italic;\">&nbsp;killed&nbsp;</span></span><span style=\"\">by</span></p><p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"font-style:italic;\">out-of-memory</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":761.0,"y":318.0,"rotation":0.0,"id":238,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":65,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":211,"py":0.5,"px":1.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":197,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-18.5,1.0],[111.5,2.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":240,"width":87.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":0.4363456059259962,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-weight:bold;font-family:Arial;\"><span style=\"\">docker restart</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":608.0,"y":319.0,"rotation":0.0,"id":232,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":58,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":191,"py":0.5,"px":1.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":211,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[7.0,1.0],[64.5,0.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":333.53196256846445,"y":360.0,"rotation":0.0,"id":209,"width":70.0,"height":70.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.connector","order":33,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ellipse.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#e6b8af","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5555555555555554,"y":0.0,"rotation":0.0,"id":210,"width":66.88888888888889,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">stopped</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":540.0,"y":300.0,"rotation":0.0,"id":191,"width":75.0,"height":40.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.process","order":6,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5,"y":0.0,"rotation":0.0,"id":192,"width":72.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">start</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":510.0,"y":170.0,"rotation":0.0,"id":195,"width":75.0,"height":40.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.process","order":12,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5,"y":0.0,"rotation":0.0,"id":196,"width":72.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">kill</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":872.5,"y":300.0,"rotation":0.0,"id":197,"width":75.0,"height":40.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.process","order":15,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5,"y":0.0,"rotation":0.0,"id":198,"width":72.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">die</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":790.0,"y":100.0,"rotation":0.0,"id":199,"width":75.0,"height":40.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.process","order":18,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5,"y":0.0,"rotation":0.0,"id":200,"width":72.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">stop</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":790.0,"y":450.0,"rotation":0.0,"id":205,"width":75.0,"height":40.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.process","order":27,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5,"y":0.0,"rotation":0.0,"id":206,"width":72.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">unpause</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":672.5,"y":515.2340187157677,"rotation":0.0,"id":207,"width":75.0,"height":40.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.process","order":30,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5,"y":0.0,"rotation":0.0,"id":208,"width":72.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">OOM</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":672.5,"y":284.0,"rotation":0.0,"id":211,"width":70.0,"height":70.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.connector","order":36,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ellipse.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#b6d7a8","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5555555555555556,"y":0.0,"rotation":0.0,"id":212,"width":66.88888888888889,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">running</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":403.5319625684644,"y":420.0,"rotation":0.0,"id":227,"width":130.46803743153555,"height":116.23401871576777,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":54,"lockAspectRatio":false,"lockShape":false,"children":[{"x":-6.765981284232225,"y":76.0,"rotation":45.0,"id":223,"width":80.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":53,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-weight:bold;font-family:Arial;\"><span style=\"\">Restart&nbsp;</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":57.234018715767775,"y":75.0,"rotation":315.0,"id":219,"width":80.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":51,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-weight:bold;font-family:Arial;\"><span style=\"\">Policy</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":14.734018715767775,"y":0.0,"rotation":0.0,"id":217,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.decision","order":46,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.diamond.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":218,"width":96.0,"height":28.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">Should restart?</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":1027.5,"y":375.0,"rotation":0.0,"id":213,"width":70.0,"height":70.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.connector","order":39,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ellipse.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#fce5cd","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5555555555555556,"y":0.0,"rotation":0.0,"id":214,"width":66.88888888888889,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">paused</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":872.5,"y":390.0,"rotation":0.0,"id":203,"width":75.0,"height":40.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.process","order":24,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5,"y":0.0,"rotation":0.0,"id":204,"width":72.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">pause</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":540.0,"y":420.0,"rotation":0.0,"id":236,"width":75.0,"height":40.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.process","order":62,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5,"y":0.0,"rotation":0.0,"id":237,"width":72.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">die</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":790.0,"y":170.0,"rotation":0.0,"id":248,"width":75.0,"height":40.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.process","order":71,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5,"y":0.0,"rotation":0.0,"id":249,"width":72.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">die</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":670.0,"y":170.0,"rotation":0.0,"id":254,"width":75.0,"height":40.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.process","order":77,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5,"y":0.0,"rotation":0.0,"id":255,"width":72.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">die</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":740.0,"y":323.0,"rotation":0.0,"id":250,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":74,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":248,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-10.0,-33.0],[87.5,-113.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":253,"width":73.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-weight:bold;font-family:Arial;\"><span style=\"\">docker stop</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":1027.5,"y":300.0,"rotation":0.0,"id":233,"width":75.0,"height":40.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.process","order":59,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5,"y":0.0,"rotation":0.0,"id":234,"width":72.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">start</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":1027.5,"y":230.0,"rotation":0.0,"id":201,"width":75.0,"height":40.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.process","order":21,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5,"y":0.0,"rotation":0.0,"id":202,"width":72.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">restart</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":1066.5,"y":298.0,"rotation":0.0,"id":264,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":84,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":233,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":201,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-1.5,2.0],[-1.5,-28.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":132.5,"y":300.0,"rotation":0.0,"id":228,"width":75.0,"height":40.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.process","order":55,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5,"y":0.0,"rotation":0.0,"id":229,"width":72.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">create</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":130.0,"y":230.0,"rotation":0.0,"id":188,"width":75.0,"height":40.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.process","order":3,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5,"y":0.0,"rotation":0.0,"id":190,"width":72.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">create</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":263.53196256846445,"y":284.0,"rotation":0.0,"id":335,"width":70.0,"height":70.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.connector","order":119,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ellipse.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#a4c2f4","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5555555555555554,"y":0.0,"rotation":0.0,"id":336,"width":66.88888888888889,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">created</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":60.0,"y":415.0,"rotation":0.0,"id":215,"width":70.0,"height":70.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.connector","order":42,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ellipse.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#b7b7b7","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5555555555555556,"y":0.0,"rotation":0.0,"id":216,"width":66.88888888888889,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">deleted</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":170.0,"y":430.0,"rotation":0.0,"id":193,"width":75.0,"height":40.0,"uid":"com.gliffy.shape.flowchart.flowchart_v1.default.process","order":9,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":1.5,"y":0.0,"rotation":0.0,"id":194,"width":72.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">destroy</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":1133.0,"y":570.0,"rotation":0.0,"id":362,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":130,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":213,"py":0.5,"px":1.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":0.9595103354441726,"endArrowRotation":177.33110321368451,"interpolationType":"quadratic","cornerRadius":null,"controlPath":[[-55.0,-192.0],[-3.5,-192.0],[-3.5,-160.0],[-35.5,-160.0]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":363,"width":87.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":0.5835366104291947,"linePerpValue":-20.0,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-weight:bold;font-family:Arial;\">docker update</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":281.0,"y":596.0,"rotation":0.0,"id":364,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":133,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":335,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":-88.08561222234982,"endArrowRotation":85.23919045962671,"interpolationType":"quadratic","cornerRadius":null,"controlPath":[[-7.0,-301.0],[-7.0,-334.0],[17.53196256846445,-334.0],[17.53196256846445,-312.0]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":365,"width":87.0,"height":14.0,"uid":null,"order":135,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":0.524371533874117,"linePerpValue":0.0,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-weight:bold;font-family:Arial;\">docker update</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":305.0,"y":604.0,"rotation":0.0,"id":366,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":136,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":209,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":92.55340974719384,"endArrowRotation":-91.2277874986563,"interpolationType":"quadratic","cornerRadius":null,"controlPath":[[63.53196256846445,-174.0],[63.53196256846445,-144.0],[37.0,-144.0],[37.0,-186.0]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":367,"width":87.0,"height":14.0,"uid":null,"order":138,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":0.5749848592663713,"linePerpValue":-20.0,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-weight:bold;font-family:Arial;\">docker update</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"},{"x":516.0,"y":570.0,"rotation":0.0,"id":368,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":139,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":183.34296440226473,"endArrowRotation":-0.7310374013608921,"interpolationType":"quadratic","cornerRadius":null,"controlPath":[[158.0,-263.0],[134.0,-263.0],[134.0,-284.0],[182.0,-284.0]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":369,"width":87.0,"height":14.0,"uid":null,"order":141,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":0.4230219192816351,"linePerpValue":-20.0,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-weight:bold;font-family:Arial;\">docker update</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[],"hidden":false,"layerId":"gmMmie3VnJbh"}],"hidden":false,"layerId":"gmMmie3VnJbh"}],"layers":[{"guid":"gmMmie3VnJbh","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":142}],"shapeStyles":{"com.gliffy.shape.uml.uml_v2.state_machine":{"fill":"#e2e2e2","stroke":"#000000","strokeWidth":2},"com.gliffy.shape.flowchart.flowchart_v1.default":{"fill":"#a4c2f4","stroke":"#333333","strokeWidth":2}},"lineStyles":{"global":{"endArrow":1,"orthoMode":2}},"textStyles":{"global":{"color":"#000000"}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.flowchart.flowchart_v1.default"],"autosaveDisabled":false,"lastSerialized":1451304727693,"analyticsProduct":"Online"},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/docs/reference/api/images/event_state.png b/docs/reference/api/images/event_state.png
new file mode 100644
index 0000000000000000000000000000000000000000..28d09ba192d05bf5b55dbf4c85a879842a7f4c46
GIT binary patch
literal 78354
zcmeFZWmwhiwmymoNQj`IC@6vm5&|j{5UD9hH%O<_4U$eu6iiA&y1NCWnUo6B-6=@7
zQj%x<eD~UGt^ZnkpL3n_<$PEl-uL42n)Asq#xur!-($W}l$RhSrY6S0!6B8Be4vbj
zgJ+I|gDXr(0RQrZ!p98<hYm;T!TpD>ddp)(2dWN7jT?c+l$u4Vj|;i!rH4d^xJoWQ
z^m$$QfHCwzVp>7CwGq4aP)KThN@3rw(oi#P(lVp$qqO7c!&tsUTj3i08izH(ozXSE
zIVak{iR2lV4{J|7Yj$p~?F&v6b$6%Agi}-C64E`x`RD(kHSyK1rLbfR(@5Z)z#~Wh
z)Bj>{=t)UW{L4R+ucMy@HN22cApF<y;2YNeG{#>;{^uM2Ijes(z5iIrKRd~P{Nq3V
z@gM&{o|FGXhW|u{|Ktq+nqOVlG)RwimVUC)qP+d~?b|}DaQ|!1o=xETpgaf2Qbqr6
zG_`IgM4}F|Uk5RHaeYA3k-#T3GmN*-{ymNJK1Ym4Pg*D1_D!SD>dR$9Bh6<)OfAJ7
z)eL_RLFC>zb)v2ha_Y5j-@w(Rq)TafoLkiK5Bc5$X7oBaEk*XaTI(D11$;vDLXD+m
zu75}_&k~ah_%wcDtvc^;El3R3bhH27zTe-|PqYs%9@+QX1;n;rV+f6uU<vPv+lBsd
z35m!OWdE~-|IeqedrqM0Xm6>cf!b0dgh}q&Xr-C@%sbUjZeNGV(R8eEHyPJ8$^PN)
zE}dUzbiKRTDQaE&>_o}0c78W)ifWCgBoFGyzm?(8%Qev8R0iVUE>LI`8ogoH_*h$g
z@Ka`gwQ{Yy^u_X7WT0m*xTbMW)B3VhThbKbX=R3(WFri2#JMJUZ1t%-xAV;nPS(9x
zDW8igVh9xIw)Sf9yR@AyeAtv%^;4Q^IH$N@%Xw$aMZ3~@#cE^fYk#T?)rjZ*%1S*6
z=O=%j;cv7an@W~2_)X&*DQ|ou{po@<U>9H1uHYkO%#r?N>4ayIg79H4D=Vwj_VN&q
z?YIC{xBKzo&Mo>sMy~k8+hzP|W52$aM^Aie+-yg@?bgyjDT_+lU|O_|g~VlhAE(9M
zrh6`{%OX)d^89T9_ZFEe=ab$oXQsy$78o`TkCr>+T91_QcpkV~j#U&FTMc#la(4*)
z^26>eX7?9cs=L7k#xOF1XS+kSBDNTUtYC#k16Na#6<U3-_gxinYK^$f<FxpYs(*f@
z^(86IFlH(D75QKHz)1C)E9Lj(3o@&v+|m-a)$+zO_vYzJZL{;MD{{+cqxuUBB`PPM
zljv|#Z-pwMi^iNs%Ac-QEO87(i`V&k?tEhi)c7^qX1&mz>bzcesxm?RyL{#iktk)7
zB2T<vcC=*3@?P>LAzhID38!EE`132J6E+oQeZCnSN7URF4<ti2O6pb-Z?q@=a#+?g
z-<7OOmn;>?CiweDh|T4w?Uj*{r*pA$A`vESQRRAfEc3A?(QApXXbWj<%Idb#hU^=!
zj8W0lg<m2zqg>ux9jp9d<%43pVRDl2x)%6)SD(c9vuL^&T;apbkR?HfK2`Pd#;7yG
z2X+H(+Ej6y2~AI03?|N^alCi&r%uyeVAnE=_c|&kQ62X>_NZJ)iyqau+aY{hb;V`W
z-X`YK)~BIIudY~)mf820*-snOx3%$3ROQ@|TV11EoxePsDEcaR`m4F>&)7#N3F*ko
z!GwRL<d8#1d@X^Vz_Cbppc}E6q&)H1rr_&^4Xc>kzv|>526EH&_1S3K3Y=Mg-f=rY
z6UuIZ_1cp>=H1r^DowzeTm&rw1h+Nd0(E}Fl!GTuT{d_@K>Fm7UqcGtk04R2$y#q7
z>tWQ0%Y?^Da-dKlvaTOn)aj~CE-y*xo}qt0czz#JC<3K-!Y1ybShDTOzIP`1*zH0Y
zj`A-~OC}<JB74GRTzdjCYSGy!%e;bL9l{eUS+p+Q(Xo_+qi_qWZF1`R9>s3^A<r)g
z{!EdweOj?Q^=@TA-^+<!t|v`yrS8;K$C{pz*yp^WVZ)sA*~)7qOA<KV^ANU^c#ZwR
zU(rqYaFNF0`kv+3&2E|gbcL(DgWt2V^R#}h6#m!Kk#&w)V*R60)484z(xu+aBAxe}
z$JA)y2+!T`r?jn$`*NIDhF5Dg)zS^BqJ$5=lcmMq?MR&YnACUe8Tttxp?R>1dMG7~
zrNNZItCF$f*AQ0@Q{}2=tIhv)-ikcl*YU{~{j+%Qd+e{2s+HP|4Ymavo##J8^8n`r
zLrUUV<a0!not6(cE9S55jAG;RC#;Iv&XrM7UP2a0$BrvSLTl0<V?JV2nY$!Lu@j2Q
zF7p_q#nq&OCk#Vka12KG9#{0$nPShwJx!Rv>RS+fONHHyC#K9O#PiTo_=L3e>hx;g
zb0a9cZxWMt8x`~qnc|U4R@F`%ZS(HD?W*?JuLycc^ygH(pCHfNK;yqWb8lcmDfjb*
zU~kXRS$N2pH~!6-V2M-NL01smMVS#^)arZx@*pBBGC!y9yNtY@L98d9zgq8mqw2~w
z`+)8p^0?<XZNuizae_<lvKpO&<jMOX5iBZS{$HNXAXg+xs?+l$F)&5?*(ANY)8q5w
zZ~4xCOM;bLu#EK($MOC`Lf(D7nt15XiK-&6boRf#^Vjvji#Jriok6Z7^BkQkp?<7}
zZ|P%syh3JJ$yY7YcsS|}Sm2v{5og4RCBxu7-(CFIjNt#xQIX@3We#VaTay(N6MIuy
zy9jf=fw`n|xSJuzh(vDNodO4$c3rx*F=!SHyMR&VgGR1au~l)O+OK9AU;31dJZWZf
zTs=baZdWBzN?iExHwD<0Fz2i|^388?wXe@ISpE3+-nm=qhUQ#*Y|*J&T83xnYsiIY
zT2oS=z$@f{&2C+&J^GWl<VYH{$M88Xq=rX5r^ZK}Bsl$1+@IR}C7iY^+|RVfc_lQM
z>EsS9^%L=5a9b9Y;@#vR@kjpkmwZv1X^CIKUd|!jq9_xJByAbj(UPJee*tp|7T%+J
zsJhGWv10g`GV(EHl~4*~v1jR068ZkikBZSYoKXg6Fg=}G;1n##!DO;Dzky|tcXtx}
zm0oKkqC4N2Y|eMtRDXR(rM)s-JT}4aIA1%6`g9de4X(FgpEc<jm~ZVG{=AfE_FqeY
zwcm%agC?aym^7n#tVjKb?Jh>YRC|GgTMc%zt0x*thOAoTS<p)pZ^UGu)&9gS$C~YJ
zE*Q#uxOqF4bANlqve=@pkS(w5`8Wzi{V%f-nwy=6@4=UEawbT`Y>KC2wie52xk7Fz
zlz5*!RT1Bxt6e$K7B4(;C?6<v8+p-%z)^QK*g_Gn%(xG8Gd=&?+|*v;fxPD34DyS7
z6h5d$&5->{gBa@5@V1<ofCF^TKHCh7C-fnwOCj?9a`Vr`krxy@BI#0;)-Ew2VTA}e
z!3@Uc*YLTA=is2F{yON7k57nDYZ2lSUPtoRH^t(SV28ip!;!YQIDbCUO9!_{aUaL~
zIxO&dK|eF3$VQ0k{E`Di7`X`%>R}i)MG^kZH>{b1{uz1?%&S|!ahd*4JhI2#Okrsc
zOg)QE5P*?q>`k*_iD)JGTWq7?)}PN1z&`FMHZ5PnWr0*(>QQQ;41@|#aQ4lC+iu9J
z=@bFXm9zJ}>5qdu1E#_f$geF1M*bFd!}2!J7dZ{QJFwUgZ)p>%vyzGMX=1i8T@f7b
zO}N&Snt&luWVzl`FxA^%hUR$W%z^Nkr=vrx$mpT)x03tKKly#o37Giw!#kC)(ZsM7
zWsS_`bFf2w*x{j5EA2JpVkvK+B~@as%78aLg%O*l+trZAJ_#9p%J9*jsZN8n8YKh|
ziQy?DA*Ej0I2`Wc5H`M$Z@7)T-spt8FxAw726$pK1B^)PQt}oVoe}<~yh`%NDUATF
zW;z+x%5g171U^lv##-qExhoQ%y{;6!`g7l3iO9Pt=Nh|VC$#XHpJhd=$mq=QchauL
zMPw?vlQ8k63?t{W-jr~cDIb-G7$K<Dz{dBMA_U=qf+LZC7L;~Z_yYvdpRoAQ#@JkB
zw_?cXUmNTHOmzwDtO?Cn^zPr?dFtTjSm)tP%51r<du*(%%2+S^)ypfKUMts&g|9BT
zj8{F~{z|2<0VzffykEc7(Qm>fl@C8eJnw^p3;^(?4T0+=6JSxeY;7;D?YmOUoM<6_
zS1b3>k^8}Z%fub2mB2kYm&4f_mz&_7zOWNY*2X7@MO}isYJMF*DR+ujNvdLljfz*T
ztHqFd9Q8&`>ZZdk^&4mToTM!yYr+&cI8bZu<|FtL6JmKvZSU8v^AdcQg176uv%KtQ
z=}5*d);Gpy^clL^->80y%OUmt1ZR+vD?S9V<(m&Ik131qXY7v#Isq1V73<sIm}{_z
zM6D|~#e{T-+*$HhW*`rTPw8}9oq`R$M!Z9$^>prAniuO~{;ICo9~~Z3tGx|ks(N^5
z?nhBjD<-*@@C)2JML25YK3v5$@PjwxT%y@i4Rr3thUdpwmt!JchFwb`;tXr$`+f6z
z(Ks_Vu01U33uBuzV%UVR{cB%ZJG07e6Y3AaQ%1~xBkfTtp?SRwql3H<NmCB5v_D!0
zjKE&1=n7&Gh&2)3=K92HbGlxg=Re!{|IuwYU(Dunm>o<F*RyaLb5h?uZ|d59EA7&(
zrp-WzS=g65;n~<nsvJ*C-l6Y+0S7B7gq{O4(*XB<Nucx^U2c22!g1kodc0@FO4YCS
zmh;D*qGW$E#&;Lktp;>misAJe+TED8K05f_pREoVPVv04n$dY5E(UQwyAdVHo^pq|
zq|(Uk^P!c8GkXNq_K?q(=9Z2RkGoEjYTIJBsxooobLx|JADS%kTIJrpic7c)L2lYG
zR}pz}5(wa3h?1noovD6fF;R_;g<`da#2iX#n`o=TH@VpD;r<*=uIPJCS%Qa~Jsc?u
zW0fxSm0Fv3R5jZoZhwYi(&YZ#Wd9h)ZYdtSNwj5ehEmsv>^^bx*wGUYe&=Pgxj47H
zm9pu8JnTwg3rESYMfOt_d?8I=v5m~uUfV$}Lm_yU;Z<vB)Jl{^0vEkp7;eqsb~L+A
zS?5?4Clvjjhg<5y(zO3w=u^H8HEbp|k8}Si#Xs%GwH&6dS0F+A^vjvMlQ<)f-?3Mn
zHt#Kx2;^SqFt`@eRD&P(i^;PqNvyxd%c~OLiIq?l`P;=c>2a9mC?4xYjHT|=nXr<6
zEz2Pa1%XGeu6mY@lrQB~wzmuITWK4Iss5Z8x)#oyu9_&uX&RY1A!6x2LyoSMfP=eg
z>3auB3Vcv4MDBn$s3|Euf+PRX7Rx{2i<<B{#<F~RM9jI~&c8Oex0G+YS9Cc<B<dY!
z^<eekwzg$Ynm=~Eo}>hhNQ-=YzKbFr(>>pifBywRi!WEX&G4(oX|rw7BNa<|+Uu;n
zZs`%U0!ukX0hy=m<z_10=vO#qI<1Y52_5YkR(^j;Gn(wUw*yuCqDWLi+rs-BeG6aS
zQ0QW>x-Azt*Av|+8`rm2m?>m65pGd6SuBmvGSvJ(58j_*cOgA~d22x5Wdf5;^*Kkg
z$Z94`y#y|~B6<X=v_6Fi;5A?AHj5$L`tf^z;@GA`a3=;Tde6K~p;ssb*k}s5F_##V
ztNEEg6)Bs;mYDP!-(PVatZN9kVmV@68oQ9@IpMM6gf)Hg;=b=~z&;8fJ*z+Z6@Of2
z2yjizbp7`}b$!A9x9s7nxA`^m?x@s!?WJx33^EYTS*V}b7^zeV&2`YfmWw)u*-J+s
zLlqmfZ{k)u=3K-i7gZJ{{=z-4VlnH_Vh_tgY+U<7?)PLUCFejnruPcP8iTR(zr@vm
z*<Ln}cmMf@EgzF_cA0vsw$sqXSDyNrhOn>vSC0I`ju^h8&bGPYnCI`GjD6wMs~YSJ
z!?c@?GRW0MFqYG|Jv(voLve?}9M7;BL$siq^YRPg@D|p5>0FdUd9&={1r^Ji@BTSq
z{N^f|+!(RRUP2(*Pue~1wq_04a1r=eOK*{P<}L3hV-N6C`}{ZF+=!dUFq(}9!pV;C
zj5(^<x^?5x%PD%2Ud*v$BDCDh2x?#_8i`K%sP)S&bJQNA_E7m!SoY!J!LN?I##TTk
za_pxY@**(F5h9VJLE`jjv^D(CG^Hp0rUd{q8Wq5#C}Vdvc?!$iR>E4cBKp<-hqJyz
z+wH#DCE*MPJ|apcX!Ppxlh<w}EhQs1G98iEgfD?D62HA7(4X?;vP0|b)rOtw{Z$7n
z^=8H!Tf^>$XUwxmEM4(k%3f;bZKvxASlAM~ZZU@tw5wfIc`8dydOfG~&B8`W8_!59
z<**s;7SG$t0lo5^`aYvRhp=o25x0vQ3JK{ZlX2+%1B*o>ktfve6^cw~H-W~W#Ad8w
zb!4@~dZe4_8aeZT+(Si2e<_E(h4jieqIi$($jY<*ba`2}hh8?4$;Zc2?>MV4_%1W7
z7w<V{EJ)<fa+u&u5@zw7&1N>;-v<x12B?LX^vq@1Fi~pkm^qZ}&P|NrWty8M1zrc!
zSH(!%b<Dno_CU&!=1G#v{Q=<ctMHt==bUebRFBZ;Zb}zh33tMr9PgNsZl!ZE31`)<
z?G3u_VVn@xY4yB{T2{={tFm4Qj$!D}tv1Ld9@vrL@{-^z$H0#ls&H<i5MbOb{ePeR
z=Kyo*jQP0xFS*L)!j@46f<?Jx^~pP843nSb9-`co_lgb9V{fN@m;3YLyvl!XHur^9
zOQHWIdKmnqTP=ARAXg(1^vT7nS5gzz9=baRC^-ryS-Zfy2*8I_ky_bmx!s@KjK`=T
z#rXB#SxjLeY2oE+pPKlPJ<|MF{{{*Onhj#Q7$|PrUViYiB^>L|xDhs6cgD_;y!zb7
zzolqryM4l?XJgzi1Z&!cQhS%dnx=wH_>oM|2iN?J`D)Fv=h8$?%?fOvBc*FHR<?@}
zMi@T}kpH8(FQ^<!dO6ojqxL3K`p7Nu%(Jg$AV=dcFF|T4AO|EV=uKX#ef7V;+uXof
zr8>xWo0LsVl0uI)(&4A3qzP8Z0&faxk2f+=D@dUPY(e*f*O7^;_OQsp|IQ=-*G2lE
z&OSCVQysnNlWzr3hi@!J&qrk+)c4e2z8mqrM*TFY;&dF4qm`u$oq-yK9I0u1A}(p2
zhg6k~=0Dr`e{dW4yabnqXOdislai9=ojyK4Chk1?X-gz!;nizfvBZ0fH6((n=OI)*
zihPLI;Wfj}tB4=q*+xZY9I$ap@izTl)2))(9X#^<Jwv4pbOAyMr~zE)dSAqfU23Hx
zd`~r&19A$_y@eb5@W$mr>?nbB;8kaU*N5wUwg>mD&U!C{c^H+h4mm(^^AWD`Ia^>7
z!?S0+xR7pre9s^;EOjH+D3;%4J57i3dQ9!q*LT(k>i_ho5t1V9M{=3A7y6DATbd$}
z3_RYiwCNp?41pHGeiVr)k*evNIvBA2?O6n$|3KB*c7SA$#1@pD^Cs0w$>O&d(FVX$
z@K_DrqTw>}1J)y<`P@LB?ns|GI4{LV2}%U5+4VvYfs<fvL1-{NJT+=Dz>@OuDBGD+
zlr)m<#CbP2(>Ai+X0iK;Q1`{cf4bn~R*(j5Llop7u|6ZPj#f{vTq)7M<NQ_`sUD9h
z0B~SIoP-D|?hR6vj37f0rz@qBQ)I^UxT*+pUw9D6hrl7d+TtOYzR@Qw?ArhmS9;}F
z{cJ{{+<|vY5$O$KcaU{WzJZ8+<NW>GNW^vrum9QgSPxQ8gQtJ6CEIzqkSet#T5fe6
zd*3CcBA^ts5D2-2v*y!1r^PZo6p$Wr<MK+6;l!%oDrTc`aA3C&V7J%%sf}T`SMi?f
zp^_y6oxdvO`z4f$y*hK{VsyhRX=0_9kT#b~#BHV%5Uh43ziNx&>v?(RiiM!tw&PaD
z<R3^?G784*w($FjY~4g$Qj`lpCWt8rF<p2s@Rpcr<f3_Oj1kN!?bblq2jz_I-RZ!}
zUkRA*j8eZv+2j09@smVL6PO|jMDF$v%kpjo9K)!Z2nWW+C;YLU)D;1M;7xnped@{-
zwOp;$u1lC6N*tP=Ys3aG$*!(qTISa<P8ExJdRR=}>cj9}ec7-&6G+XCAm3q3HvWo4
z$^|$-Y15V{fPJvIm@iUTc1M-`@eBV9RGFi-4&{0GWse9m^eDfWJu?t&=*`vU<%h&w
zS2v5wAM?Q6ihAp9(&|AbuQb3`zhR+2Y#YuY6AU3mxgI_xoWVI}^3m4p`HIK^IWO|=
z3{!ub%@-3JYII(#cXz@@<f2gawl>P-qE~*aNQB~@z)J$NdD9-ujhJ}>Qs;`dy@aCm
zEAC$~nBeCh@y{@g8F7@o%aAfu6*tweCOv>CSpet%B_ZbwQg(}iN1QP(0ieJf;F68f
zmwij-0EYtM;?J1k{p@_of}A{39H66MncX^-%QS%VsKJ+tRa*i8$?}7vy8U>rfW=>!
z3;c%n$giH-Uzp-Fc}$~4#Ce!OG6iP4mhCSB@I^n2Q8<n}=mir4ddNil)eOL^Z7W{2
zAcCj;ICX&Ioy6lhlKs@4LwW-5;5@P*8|F)J%Zj;xeE6S)@t6TxOLP6qJa7w07hdsB
zDAC3Y<%rETBPdSDg*NAqoWOHOc7lD$3>6ohqAvoOAi(e6zSy525k>2DU=K?rAha1N
z$)$l=@wt#g)Pw_V((*5=0ka|oYk&BVfgeuB_yQnk4)_t}w@p#oezf*l9}T>VZ70V4
zg_G5-|N7$J>GOXC;E~u9T6zwJ{)iyIe|Bei5D7?USgC>46=Y42TghG8@EF>Z=U@3D
zqjXLs0GR(Tp<&O{RN#DKx0?0fjH}>`H!yQHa)I1UUO*`JXDBi79?1e)eaS1$UA6uL
z7n2=Oh*6#q^(2lf!+o17i*JI`dh3Zagz4pu!hq?kxg_&|4Ib>=8<wIt-c}H5L(|7^
z$VN;O5XM3Dq@mN8?f|QWy7V;yk9%2yzMxGb3GGdnLhqV!i99>XKY{^)&0J%Kh`|7~
z;X~tleY;!?5&@1U@j4>88u7V+2J8jy6_$Hnl0to*d~IB;vbZdFUW&r{knxE%LNbsd
zVggMq7^r)%&>6zZOW42rR?dbg;*SmSU4OR$cc<D9<loM}=697W^c+<Kbk>IbY*_3h
zy})&ZWGVUthmyKwyaHE6iY#nV6KjG(uLGPvic=?u*|a-}x3mV9t4Qlz_TtsgWn+}K
z{|LZIQ5cy`ErhGN`tOG69{Baiyk~TmYq~MeC6L=3JbCsZP}JSFG3?+3#klsT$fWY#
zmgNGZFsgNpl^>XUNrZ$kH3!?4UTPVJI6;FfE!PxVF4ceuQ9%&&U9P<lz^$7($z9eJ
zj|4fY@a(nEc2nx9XKDrmL!<hKp^<?bQqj`y55U140tAsoPSEn1fxlp~L=5Uk77+EZ
zT`mX#ENujuY`BC!*kPz3mlJ|obT(`v)PbxuI%4#$gq(p$u6Pr?Mb6wqlOM8A#KHG4
z;9SI}l-=|1nMlb;i%b;=2m|7xxUVUOqDSjQm3-NM)gucEEwA?&6aWfGs}^CqK7gO6
zeX7m@OD&`a>#-JGDqzA#VOphL;94GBA|-F#<?6au#DkYa4%hTLsdYw60=cP~Ec3t;
z8DP5ZKq~q*CKddcC706@=twJYhzIH&ND6!sPa*bRA1OK9JqmpbBKa;0>}WDwq)hp%
zHKdVwddh-S2%Gfv-z-JNUGR8&#CE%1+ja<wdb0`lU;Z>M;xA4P08+CXRzv`<6^U%E
z$@%)r^Nq-OqN#h;L_n-@`~15TqS<QIyN1vpQ)g&{bxt9NalO3w!9!>GMi4@JwRa;<
z(;r?8VT=c!ghHi`Wk!T-q3j_5K)cIu=sCgw7Cl0^w*TWMo5Tf+!U+L+SCOTGqYw`?
zCPCP=j+g)QO5px(Tf^yJ6#SqoKMB}S0hIS6uw84nmEv$nu(GA;VQHkN{+&bdEJk7h
ztQLuSJdBKkQN6hj^l(`aWO(&jC03f9!!MjhL2Ch;i}2_DN&&ukWmCj7cZ^;i{%qka
zneg1#45SszI&B$D{okUJvQok?+>Cv!99K&y;t`+iw*q_aW(!IQV#*x&<S^IH?P2da
z>3u4#l)k`}@VX-1>LmTuB%qx}3<CvCRz^xo0W0F$O!DPW?;)5fkv^=gbC_){0J3~k
z&tprK#O9-AmQQmHnfzPcF~^YDr?Zj2IrK_?3-8S{RDwEXCC+WN08x9W>3eLkevV2Z
zAbUlN$soOWtJZn^>D-`Sh{bsta+<etVC_5>JWvv{T#!_j4EbU?tnYQ$7sYG4nit=3
zZz+ee^tv;t_Ya~kR|I}Ar0lQN9L#X?7&e^NHct%`;nbRc!fj1wll|}|ikK0wBLU0)
zoX9J{emidunR1etht6idYI;E?WJXHE^9k~$(W8So;Yy4q077FRhj8u^qZ+C?+Ttt?
z7{|JeR6YHrV;ciJb(=ij4CPW^b~peImd=M;1KI#GE_X>>E#_*!`<Xr2$pxaenx^r2
z8mNvv4mKJ~HX3N6Z8G%SH^fFj_3)wCySe7LQTXV4NkJU}&0xa)7dm7S4()uVLp8@o
zJ2jO~0LTd0@Y7g-de3%z1iPwtR#nmH$x>x2t-{cV3Hs9t4sT8VUd+yqk=R)sv!43$
zChhnb%I=lQwdx|%c#nQKUp{s9sJzP6d+Mfl4qyyja)-~Pyk!%lm+y9RRIQ7+L2bVR
zniI$4bh0()5$m~rucO~{BU+ZZGyPY4EkpM|O$YD~2Q$hngPbDZNpTK|cNIQTV!Bk_
zT`ikl{?sGi;`TJ2s<S|`amu=Mtba={N57`J<7=uFElE!0YK2<9o?uUWvE{&aSqf#Y
z4sP`;lvH_|szT(^;eMrUwNq}kWlei5f8|mi5F_QsJ*45YzagW}!d@6C9zFQ|Ys@J&
z?{n$kW0Ib>E(i|#c}!C!l?HXVJIM)tMBbkW1whxb-OANbw$C+IBhJ0x&<%mmvNOS3
z@aH!MM5Lqr$?Uz;@?h6iR?p$4s=BVR(^7x&RnOfzkA5e)Y_}1RKXq)6Iw*{|tzpLw
zD`)%G8vJSIj`G~3J??w8u$PwY+l@&O?1UlFsM4$71M^Ww2y3VI={S<e+)*WuB3b0s
z<8)o;p|5Fj(X(pFTeNnyC-Q>%ofeG-^xSgyy;Pq}H~3qFrpU#AdeATsL7>aug7Li?
zdn20oPM#I!&$ljYV#+)9)@HBI?0omA>$Ly&Ot^l9!4J4v=Mw?-&qdGheX&*%bbjbP
zpyS{l3#y`3nirEMdUbUpwl&t#HWdqnW4Q-zzSoIqOGcl_xCE<QOc1|#pzZD7pYF8K
zAa>&pzTEKD!+6@`rn&cd38rmeAWI+AUj#fMUKC066Y|+(G6tlX!~K0t%tM9YQ}_x|
z3Rg`ISA8ht?W#{*b^n-K)PBzyu*-^&JzBTrN5|kGxlmiROY^2nTyY95x_JAskKk6X
z3dcd$DYxcOmeq|s<{M)u2uG!>v+s#OZIR&;gFA?zQo3K#%)9N?PLvAm@8v9MeDy)o
zLu!$nARgGTcsY}&crh#cLgBp+Qi;zx=;f62%#RT$b183U!fQfzMDY0FSKf`%y!TEX
z9ENfg0eur&GX_orQ+34!c{0F)e_U=@0kpo5ly~%2|AmZ3CP#-%&XdBwe^7`-X>1K?
zT*j>^RnAD{tW7>`{ybf=_s#veG0^!8LSZ{2)KO7NBjEaRfh*Tdn6xc%+I#i0Q)^Fn
z;NCg?#<OFumhL9qVV#e?_2@Z?os;kZNZQJt_G(_+sa78FqtdbS)?QWc+EX#|^FiS&
z&b~z5D`V49noKYd<6XTG?_Nk^E_8h0U^$Q%Ye@%Cc@~ScidZ(T>U(gJ>_g<$L*z=P
z6TN1euJ5SBaN`V=(Me7jOR68SPy|=ly7gs?(R-hn_t@LC7es%u-l|o+`<{QnC~V)&
ziAePlB@VOL!xycGrRStp6h7LrzB<=ARAf2=y0mZ?$z<E}+-hxL-s-_Y;^vtm=eOQ=
zrBD<TaP~{-?B@o_whsp)6{4-GW75EJi}*|8633GjP{~)?J@EF!3^P}C?`_eKnnYWV
zo<M)s94WEZ#b(R}S8rV8vC=rfp0y_i1l){~u^94hdN(FTp6z^!7Bq7zO6A0Zh{DT1
z^_pQ6KN<Hj6Q27S^WZ0P*&X3|pN009xm<pwbVTLJIQi!;Sscn^JDpYzp(s>$W6z`E
z@o37le4wkolqUNqFpomt^SAMin59k#2G{R0U$<_^BIe<K#z%E}P6}M}v&_bl$+vjQ
zBs}I5U**_NRIkQq?0nw4Bfm2Nex68T<rtW^j~;X21hm4#Jbr&L*fW1gZ%q9N;N8`C
zyAay*SAS*3-7DV-6IlIWzSP@xc#=%Opva`{36}S{EqyPuW3Aw9gdswV*i%_xs-%w9
z&ZURc-9L532&!5qdIg(-3_8-&&YDD%g9V0TKNnB@?3UqVPfy&`AL&l!TRfYb@MxuY
z;3zhtIcnc67RQ3v{F5y)-=}H={TF0tC)Fg|ku^{NRzfJyJxK;th0vn8a#mw3Wm1gm
z)Ekc5ZLz)4;uErXC#1>MX4;c!d4@S-*I(q>*R8$S@I?iMRy1ak<ctDC<v&xBY-_NJ
z-5H<oHT;UwrFCJ2yd;@&(mtJ;TT@*N|9O!3oRLReqV1|<NNTi@hk0@|N17GM{55@H
z;?>RRp3oFaEnUMnV4qrc9k1|u9_$+Hr{EiQXY63W%PLlT7*@*%D)y!xKJvGz-;@*w
z{^gQx^5R+ID-69Hj-pbM6t9FvUaKTL4CG(XQ`L`IqSe@mt(&X<S-lV^pP08wwKW*b
zG$zc}*(JCHFQs))x`K=T)Tz%}cuRMeKYq4?I%w7Py_<ff^{E!It&EV8$jCTUs>QSW
zYrzTHDG*h?l^GOwo*wF+c*nX8G~b=AdZpp~IF$7KmP>3-*w4)O%uOmmiMA&lm6cq~
zw+1`!q3m+yFA_WT-t8q-q4I`<*AvW3eyO7STA9yC>CQ!g@f7j&#@OBvi5oYza+ETH
zE32bKqN3^}C&NZlsZXnae=Cxcupd*6-{o6a&n{?t^Qv5wLI*9u$!7D*)V@~4`kSvq
zt3A4sE%*9W>ijCIGh6p6E9Nr8LuSL|K5}L)UG+M+{nIo;##lA0<K&WDKF-Ng>7_P9
zMf3QS{qqenb7~$TH6RYGa0ue~vFQRHLMhqIy;5_0XggpiH=wuJmLt)@J?=y6p?o(v
z4h1EcPPn=gd)|`mR*F)-y@y_3$i1?1wyzA!s(s~o3Ql90&&0p`J-=}%MMiy9m_9U9
z!&@1jj9A+7fH*Fy(<5g*IH#Q=%8@g}&0$P^sp$fK!lG09zPUe3mYcYLSC*UP*2f-u
zbRz+N4Y6$T5g>ZyTT3m+qx;f_92y+)Ctg_=-V9T98j%~Tt*fik!9I5Um4Ckll}Vp*
z!c6v}FLOnmQtBz)6v`6jVik2Z!MNl)PwukFxOXZV$#m$zyDSSm)7(*xxJsq+?CE)0
zi%F@I=tTKWW3Kohah60{VdWPpqG}!Fg7N9J^cJJ6;oF>q9+Vb8jw+upp30w88%*9J
z5Hx*m#}rZXu<k{(J5ULCNg~;lRMpi5heP)tDce%%-c*Pa81m0gq$ppMxvEG?$mrrv
zk>Z{EFh7e+aQnKYpkA8r3vU(fvchfk<NQ7KE8=`%&8*FL3iFU6#wa;%sKpF_Q_P!y
zruVm$py^f;j)zpO4^U;0v-BAr)m?nST2yV;qj-|KMagTCMAH9cswFq}`c$CTfno8$
z)crLJd=!<wd%^zWhfDbad4`#bG6U@us{?JxwD~)^E~=T^(OV|q9(AHK<2UaI-t}im
z=3GCY!;I5ss8CVb|63!F)7*^2<9<G^P=!lxL_V>zqke{=cbt3II}FM>Gk|L`H1W3i
zlQlM{_{%rb_jfX$M=5I>Go>iqNzV(;l2pyZw9m8C*D>6|prrioV`Whb;u3+a8FPM^
zLgsIZ%n4H7&*CKd%zCLO#KV#)WbL|p*C@&7<z)BZL3lrYIrWR~bZW*~Rx2g4*k%>g
z8g+DXL$=fl_RJHkI^FoG^>o%;gyx&Jf(;LK6|Ruhr%Z|(tJ^)~i(zq+On$Hle6)j8
zqLg=}{NUd9gAO!-pgAhO;aDjlS?Y!fc1-LgX60!oR`mt{(lxa3J#T^z7E5wd|4Ae@
zu6$p^jen9&;*gYuUXDlMvCt~_U-VQkUBbJ2u|-aCUBC4?PfxZfNM)2ShuxMM_*CK9
z$6cWJEm3N~m{<UnmQek$H{7h^LZ3Ueb3%pX23<;5xWitsLWs@aW^jPALPeKKKISlU
z$<jlr*#~eh>GJ{)SEU$4eOW5Pds5sS$H-XmNNN3vSKFMf=08(=acXIYdQU_&WS(Tt
zfHwBCle>~@b~yRWxH@Yu>4%<Y6RKk`sFc%F3$yZWW-dulEN9?S3BFPr^9`qUQog0q
zw^p2!#@(;M;CRL2QmkyBOv<3tNdmUAZ>IZSt%`c<L^V1VPpf~b!nFN(sgR}4n3h_|
zR;+q^>s#RvkSk4U9z~^HMDqt(jV!$<)uwwEo-0m7anVm^ql5Fzvn$W^2;~6t--6Z5
z&9dAus1o<+${6RZNPEZjpbzA7zGD?mmOC0^IwM=fV@i3OBv2O3)2a(TLX}v|&~jkT
zmj;{-6Lz_0ddk+QSD>Pi<k!oF(V3)-rm|dRn(hZmmozm`L5&^-{LkOv0>Lp{%&M;K
zR#(wFu{o;YGSv2=`e>|uFWbFl+uF~oVHo%9#tK>o<qixJUN;AVV;FV(FNjJHdqROZ
zU>98^zNorgr-kt)qgCDYmu+v~67%9%)2pm+w`Pq`YJS^$Zk*+oBRCk>px0&4ceuCZ
z5SY8P;o>whU^)42DE@Kt@_r%a)BXHO5Yk(RyY*OHp6RC%;2t+xzc6^Wq=|=|IURuv
z_;!j1tr5sT#mYa`;3-tuVXyzOP<N}q-`o}kIPZamVGO=uN~&9aNVyAfFAt>s#)c#p
z3aN<YDA%pZXFhC05?|gpmK>4g=KZ2#NFPe~Jnd?|mqGher~G|WN_`0o8O4<XJ}xPi
zqXH5e>^jTXFyDO}Y&zNOB3u1+6M5?v*po5I%#gTH{lURZ{}&u=fl5&_`I)%zqTJ^n
zfwj;lK26|c1J$b=O^`?cU2o?g6Yr?q3pc431TnoWM3f)Q{BZqAGs4B@b9JeA&`XLq
z>53*GdvUTQ@2cQ_y#j)a?|OF=N`1`GGT5B^EoQf*vDK<Ar?1@W#j0u99`xQ;|K4zh
zfBEBS>FM-&_P8hsK|`doW2cayEt~4bytw|zKr&a|h)~P<ZsrVS=FCGC^2Elso4CXc
zhI_}(SN+~6I)Cv&U%*2E7c1)0^Yn7T+A<G}Z@3bY{gFQZ4a0Inw2}uohFBZbe1*Q~
z%TO-;z@(TdOD2!sLb7AG%H;8*<nUATxv|9dpqH4fr@`jR)QlK~$m!5IK!sXa`+!~!
z>g^n0HCA&4ks4)5HM#SF?U`<#K0^trslOFU90%pUXQRiqw|Ih^^S#dyl=nqHdw!<|
zN_LQ`>+Y0vB+SX@>tUOzyE6v-5I~nWpaSIkh=j<^jhO=48tE$k;Da9m5TLOsmocf3
zLcr(MA35}YV`(9TSN^625JZHIp8W;S&-$_v^Y^le*-qVq8dX;^d4SIr+7wo|+A9py
zI!<9fs2aXDJ9=^E-Z$)(UjUgnPDh@;bmxoXct3+6CM3MUrz^$DZ22rcXWcfUj7QWU
zhdUD!o5bpe)e7-K9J^g5+<H<ojVaFu#7+fcu>0Turgaf0YIQNguF#?z{@bF~x`xvz
zi{5W5Aq@soZDKXH$D1h|zar3?(l-#yvO<vMFlxF4en-F~7E^-{PNDiwINE>R()8rn
zB+Vj|a$1)A9n|=YG*%zImsXxk`}0=ViG^TZ%_}jI;^rD>Q(wMIC<h59){#=r%wvDK
zC~(O?grB9VOXDtvQXXsF`$9b5FIPbIjCq=D<YNT!;-zo%A)*)+nzuG-i{^C++ya=O
zz2ogp!b2Yv?L%C#*QyBM)F1oK)eyn%9_V;W>0Cj8%+LQ6nf^L(`*053<)$0)s4eLs
zyU(O6NKXr(RQ+2fnhtH;*3s4_x3Q{Hfoo>n2T`UVYPLC`COyik702pPDx%CfYX!$Y
z?Tou24Igu~Ufm2zdn!xw<Jiij@?<*E5tYEpz9^6jyrWTIx+o*Ql*^i;q;OSGK9!c2
zno8n(pw0G{t7<u>n>n;QJH;tZaWKU|{Dl8=>a<0$bF(X&6n{M3_J8$spf`#FpkR5l
zv&|q_(F?sw#`zNJlF32$135D1S{TE1rU;1pYwKQJagJEpNILQ2e3h9WHR<*U=&<+^
zEC#Abmq0=D-%#ld2nwZ=i{1~yr6*0`cU?EwDPbVZ$R58%aYNp5x;qCrP1`t_AWDxy
z2(xLX-Ve2Wx#ENAIkTWgf~%BsBeAHX*7fh7b;%h1V7Z^X{Df5;+-{^~4!!2<X8aS}
zvHx3eM?~|cSJ+&Y^2vNT7rT=5P#8m%b?0<Y*Htt|Q8t@(@1m&Z)lW_>wkc2_&j69-
zP@~eBe9I)(sb4eCv<0>>hxw5~6+j!SjOH@yq$~9!IOvN`MtQ!&EHgWH87ix8r4V`M
zHzxMJGXZRc7dx(teS*4JKyXG)vL|0(xM#8+bGQY15d&xmdmyD(m#fD`oY`9`LA!W6
z<;3%+v5sXW@{$zoZ_2wF{%oiG|86@jSJ>>jCTsdg?XoA>Ix|($+t-{Q)bxCU<~*PA
zrt`U+o6^m9rxBiES{LCN1YZI}gxS1>w%e7aPay)xd;tN}B@4CwZ>#{+&8Eg=TeD2X
zrv9&z8|!*0q`dCTfbKdZp332dKH?HhkN+1eJN+-gcFeY5FAy(o;(>R~4=(wqCvTWW
zq0ED~bvc`kfE4fv3&Y%molo8t^A~#up)IX}RqFWk{q>+DL4O-E5HTldU$PWQKoDo#
zP7OTo%ZRe^1>PnT^I^uER4^tUs3l)6V)ISO5CXz}SAo;yI<A#WDJ-J_j3F%0=FxQ1
z<Eiu*^waey{MEm9!{E>d^;`WMuvaEG&mv?72#nd?AX*M(|H|6F`(_0l$jy?_WhhTg
z`4@B55YLh)NAXAC-9)j@ouUa)-sj%QjcPd`RCOQW3?dj7fP85q;|{a*HT+;#hd4>I
z4wBeU&bJ=b<ME<Dj?<-{c+QPbf+nng7)H_lXJ|^?#lDP=X&~CKeqB6Qeg@Nhy>J+5
zA~MnioOy};*&(MIojLE^*Hz9Ib@rf8=Y$PY@j%)YOy|7nII#(3Cv(Q5x8m?oYKi{m
z=-arM14ocX*=H+ChNLtqz8hL=ZaLTeAhW3gA?hQ5Re1c|ge&vBWOLh73%1&jD>5Sd
zoe8y{Uy+qUdt1ec=L+{0uJfYplEwW6lw>7t10kyvxGYwPPuVOBwakjoQC#0R$_LeC
z(-=w%T7OnBgs!)yr3@63^=(g$_*>p)onOaZX$7`!EAA5Da5P?N5`nZf2bT_GSrAgr
zOi+^s_ct*x=R_acENrPoqTIE~ejyV3zo{tbyKt)~Vs23L-uK-pzXJCfrT{!!@h~-A
z8A$x#Vw1KZak{3V_6{xiM{ICSb45;6lA^Hd77)jDlOdo?P$<5y8O%KStL^DI!4NGI
z{Soiym%`-k``ai3&!yIA@;cl4>|dJgT`bbT0*+qbOF~s~>3NN50WT>%Y5X}vo9zwe
zK$L@eyBzi`pLb4=-Z<e_b@543a(4uYML4t8vl5rTH^e`BHrdT94vZsB5k6iPqB39(
z>bKWaS>L(2okpMXy$ER|xsJ%sy~D)cW6!Ox%#O0foIc->?tIJZ$eo7ADuTqEvfpv3
zzYQO?wb<99=pSmUPGsI}+VP=?J!s^e__Q4WiI_7#0C#senUZZP*N^Fe5^<laZXDPm
z5s2&OwCpKIXimi2v}5l#8Qga_KZVJW!kTVIgb?8O?{dNEL1Wz|KqZ#%{8z&TB2R3*
z>NUC*bLp;K!i?vIE!!*Uec6hQjXAQ=5teDb4J|>?PbL|XwP<A8OgGum_Vki-tlTW&
zZs(az_QK{w;Vq32n}?1)^_2PGKvm;bq~2(Bpz|5X;6Q)5AhI~x@pxv!Sj<0&iH*C>
z6FT^yhs|7BHFjC{5}tb*ALnPAq9$qF8LLy66sZZ?CD*(-L>S_9qRpmqMO-ipT5!@%
z&s&}IX2sjR8FjXMy$g|XoC9@GNUe18H$9@zUvQAG{ixD(R?rh?$gT>Fdbs7(!~<dk
z7Uy46`;hj8&FL1TEhOV+t?B!qmkRjML`C<}tm~Q^r~z|<t@1qBkU*Mjbu;xK3z!JY
zGj92?dQ6QnGeB}2=%Z*V8OK;^TjmxE42JB!1&%VFTU$CEU2fCflew^?Hxp+FQXo@(
z_l>WG4zlZOlQHKS`9NdvhrP_nJETU4Z-~23N6zxToY^v6BE-XWzd&TZivqGY5|6SL
z@hg0;HSCUFSE|`)Spgt~-cU0wB@N8&6NCIPpT2pn5^Q>n`=QQnX{Ug$-;9J$hykIn
zR37QUi9jS9C-Ge7JH1alC#myuy<~Hmfxy^_kdhhMa9VBJ=f}WMzkXJYy)20NM05G}
zE)$oA!e{pAp)~E%k9`&c1^zrk!-p=PbEA%JxEzEdz8|e+cTAM(UpO|3#~xRB9R5C4
zVzi;qGTX<SWIg=Jo~nA!jT(A@QT?p@l<9EqF~b{H*%c15E8G^E*fyR*_L8wyi`;^!
zzGIN7qN8n#7S@QjH*z{gkK6Wt$Y}rk#kt+ZA3uDcP*eC-n3HAia<YN=iu`^5hS)B!
z(^oH>$l%frGfqi+<HU=JPz&LMp5(<dju_j@6&|;#H#a_5Td!1XSyk$uDS4^QlYhsr
zsZ@j5LdbndY=5$iO2>>sme}&1^Rh-SZ~X5Mi~+xi%%>DhXv{%jA*HaAHP9NOAXGle
zXEH|GUvk0C*4Dpd=u`78rU|UNE0<}%>GobIuXP=-@J;Q5kDt#t%w61?&9Ujmsr$PO
z0Z8`~{^LKs{0PM1eR<T2&)8IgEHui>3wO{BPx@v8=(9xX2JaNZ*;>2s4f=A?*c7TZ
zmE;A@u6P9$xg7D?Xp+%5DGZ3&Yhn6<^3D1Eamo)6pX)VAZ1IM@h9-^JXsvhH=!!V5
z)TrK~*)0~^p-mQB_N7NEV|?P%9j9q{T0t1{5&nem2=9{W3T3sP&1sTSLn*u@%E=;0
zNeW}P$GU`c>%u2UyYE``GFNW(YmXf>$C!7`YK+*gCFk}pS~kpn`k^m8yvaf~vJ^tA
zbD<v*c6cmBZhF5YGJk9-ZpAG2N2@;)4MbHR{<o8-&NvDa+c|iJC+W)1<UJH>WR4k1
zUXd?x8@Zt7=09Ap@@p!dYJ_cCzcjp2{U(X!laAX(rX9`@y>ILP7YlE<GQ1IXo5zpR
z>NU-0%7@n~K?Ec8&Igrg_H7vtSBS`rd=jWw+o1?9ViRXuw<kH@WsS*vx%2&MTJU+I
zdZTB7gwlJo;}|cS%}Rp!#Dm}N6cPL`c{F5}ZQKKnhH9BEqU7Dskofsf-Zs2vjhe@5
zUVDS3;~0-M-q6{0q<dS?B2eRVWOG>JN0X^!PFU{ozIgrQWiI=v2UG-E1Ae&Fg0m0M
z)3z$J4V@DeiAF=`kOK|Lz0fg!P4V%GtvHa?T8^r1-tD=6h4bcuq1^A)0NNK(n}b_C
zJD($Mx`39g)Z><l0r`f8WoUT}E@$;_5-F{~;8sLAwEmBd%s^RUyWF+b`&qnZ#Gym5
zMe|{au0MK}FYV|mZ((x96`k(JsGqrnf&^Rh>-IcrA^D?8x)qKEds|DDL5Pm%H+!vr
z;>4EdLLmd<<4pXyv4Ua=UvT$IZe6^nfi)ez{M7kPsmAVNy8OlOn0~YFgh1#*u$iLu
zg5s*`Nb^oK?p617Z&GU1w>Zoq%Muh8$j>kQmx%5YB)yG5;xX|<>v@jX@li>iS}F|}
zTlC)7HK$cRajfalsQJW{x>gdmfXCVwW2}W^K-aXRtS5=tasr)VG_P&kgm0=NVTum)
z!2~hQ$i<9_LRUI94H_CK?Lckf&}mOK{9$BGb&r&)93R{4wtVGqRD&DC)(A;H#ra+!
zZia9)1RQV|?>j(Ptf1wpo0bJx9MXR|t+*)Glc{oJAQ=f0v4*I@JX(kDL9Ru?BDt2_
zL*`Lp>Dx=iJG%MQ*b4qPa~IdV88{LG@R9m2Q$6;m9a#GrP+-xgu;?!twh*SE>2{_x
zPqf`0%imetNQ-*Cwc9hu&sli2Iy%1Wof%;77U2^N>u%no<0xWl;5|-Ou!bg5`FpXa
zJwf-RdY#Irwat=}4HO=`ZHBrpC#Ohzpod)q_0<gSee9ceh#m)0Wl>3$>i)(LXC=$f
zt6z&6;`x?C@0ZAr?Y$XcBV|44loOQomJ6<4xt=1Wqmo=p3$nsAB?AgsOw}7bs5}+r
z&w?XSd(DQv8xD7}n-p=XKE@>aQ{QXwS5cYg6AzqPZ(bF#OqiY7wAcjUz~ENG)8&H3
zQJfA$nj{2?GPEKV3zhhx>+zp&oalX#*1|~kVQWS1tMV)XH@kL;W1!G)p|gLQZadVy
z6L{M^cE;ui&Z==nO$Q3c6_^QR-`X<kH2frW#tc^(dk8%q3`l@1Yh2oNuDjI}!{?x5
zcMFtqJI)!<r|hfg_w*+vqSMF$$p!}@@H!Psx{d$G!C%)v+uC(&^91j{R&iP;sfjk-
z(e3-{uN30rO-p2c?%+hyyz%*r(dd_YDC67!R$kf|Lll8rH?4h^Jl9Uw4Xmo7Eme*U
zas4H%w=BIsbk@YkkOj_<WVvre^ehh*jp1~7>~H&fGUR}q_9rCe^eIi*b+@2xHlos?
z7hM;1FV;mOsUaaV^Jw#1k0@{4^mA(69G097r)w!2#U{+^=kTDZc#i-JqiiN^WOP4w
zkd4BPdZvEgAJc25Y#U|Jxj4C_>dS?3DkUgVMfX%abqKUz9TFqTkqEfFkZ0+5xw8x<
zp!Q)Ile)P8N-O#lDG3=9PV(1MlOQIt3&c0edDg#Dq5ZDE@yn-~U7lat!i_^*$w#x}
zn<<U-kbRI(H2fNb>V#IK^(~qaxfS^Fj9f^7tGb#(E(E&;@D(oA^*>%qiwnJ3@wiH$
zy1rp-|KQ2oMSKFo2EPJ?rmaQWQuok&>us@wMjjMCH*`zC%_G00+XDg$+5CYcP~zxz
zL?(m>2b=&g8y#MYS*1bg;UDkV$XESP@BlK-?1fh>RcH_>%L!{n0%k(Rt<5vmb7t+%
z-Qr5Y???38?b*|9a~tN6)r}k|mmBi0d<t>dPo?2GoSz+Nq?rT&b*)ueH^Ja?)Ri5J
zMZMzK{)Or#+M=O+kIDAim`y1xAHc5GhEXW_U=ixW^?SSXTHa8>B^&N#>Q<JJ)Hp-q
z9WSlF!t|k?V4PR1=?X@`D={m4y*Srg;Evoq@jafeef?@$&}gST;T-ofRHAl(%;G7k
z-kLj)%%ZG2)HyGK1Vc?goF^rHl4!zys6bD6`+=m23j0sDcs%#h=8nIUuX-3#xm(VK
zX!eUljW)($$X24h@$&gv3sXz(M#Ys@s5`j8kGO0lK;4|JzUxkGvUxYelV{x3kg9wB
z?483J1&V>`-vi<w@)~~)WO@<}YaK<|7juKWafzu|2JdQb8MS^eeUV9OV>Be=6-nt^
zx6_+fHa_#}e=Km>cG2x_47jp%v}q2Om&wB{BM16}kmAWirtmD!c(LqJ2U)GF4p}+_
z`3g^4Xe*s!+)|vOb7dRUIBNT4AsDya3)d;TOIon9Hj>jtru})h-<eZsoKH4gB_ckw
zTT?GGL<)TF0V$K&*OeQLmv}7I6a+SW7Q#kIORY>A9czS|RKwMWxL>c2l9^(j{=5c`
z!WvoLimQ2=mYA_4N!3o?y4Of$hbKKp*5x#{wS$RQ$?|0tpxmepc3(3D7_^4^q5N`m
z4KJwV!n6{SA%S|M){yYW4@>>7vgfV7?qJfkxc-^U1#1?-XBojg%F1sW9<g6{+HF3K
zRu3tUq<)^g?q=NacwNzq-L%UBDPK=^$3IazHR2vEN0KTt`s8ZIUhC>*f#Iz*rNB0W
zsq>?6vYRDIVu~$WAFqD|QaOm}Dz<EdnqE$*IOONkX&ZN`+16lHHMcIj6|Q+Xht=}A
zVUSME$rUlCY^1R=OA>nDBp{>L$ckaKRIB4-vc#G_ZzjX^oCc{Ef;Z0$KOpayjpk_s
zU~al^vc$K<_CvNNoy<T4w`Gp&nVh#2UpTAuk#qgN#I)tmFt!_fI*O4Ep8{U1xGSE`
zbR$ppvB5gl_+f(caw@;0+n=jl_%4DpniOUQlNhnPG83RI)$S{_<!mJp4NE#<&7X_}
zjf<z$*+dr72c^QUEGe_6@HR-+s1VS4w?gVL206(WCSRq$`-wyqFZCC3PzeY9U}ei%
zcF`Fh_uRFq9`iar?1$#Cr2g}L^*$&islvFsc!d`PC=H_+vnMYXtrA#juO*JXeI&D4
zIIwxyhNSv;UABX4(tQfO-5ec5aV0s8^XaekU272NseV9ian2917ZjTs0$%%5b2mGW
z?weUU{1}qTD@<w@a;hhEGd|FD29?8bt@p`yTIvr;D7qgoHesg7zbUUP=9qrSdG64<
zYOOsS&%dI5Q}=PW*WUP>?dIKq9K*(d{z{j%FRQ2U1I6js1|pQq9;wD$^Zb4|1^6$K
zK5u3`*J?w!QD=?@{#Yk}tjjCwvL>}Z^H#4{K6Rd(xiX4V4=sr9N=t7o9{u^{DTT|p
zn#8nkx8UM$8LXENI2CX4=%i~@eBn4g93WX4)+@z01xVdAAtsIsvutI~BF>(o{5L0D
zCvEEhqP{JO*yqlewLabDr4HfsG=5B!XcX^+dk>R*%pYMMJdpz+mBe1Z%E4S2Y0Tov
zTvA{3_-nF!ODQGoQ`YT}khqy5Xhc-ChK*hS*NxrOFh2-`pF8R=87t4d;yCInm6s>k
zEVNKSW3?Chsx7=!AeArWO-jAS8+BYwBHAQ$$6HmqfTq1<`TNmN9e3|WAJuD*#~3D=
zwd5q<^1i8Kc!BBHe(Fb7`Exbvo(LT0lONsNami&`=8oBgoK2mBA59@EwE-U1P&LUv
zaS~JBCYx}tYZxDz&?>dDrj|$?rJ$E9w|urT#}E_-vdWOf**0WGzC3mQk+hk9rA|i7
zmA{1`-nobehD=rKnq>`sS#STRNuR6RntBLCCB$<49td=Hs1dEY#03aQlSI&Rm>^r7
zC?$9F`D}yMqMSepicgUSI#C3q)PtZ{Nj8(tVMxUNGq}b7I5>^3-hiC^6IC&-?IldH
z^HO$3#%o8cZ;oG38aej|mT<J%^H<F7MUT%f&&}+_UB%aC?YFm2&#vNYOu<DZ^1t`B
zY|Y3b$ez0XuQtHcx2S)-7Y_WE!z!s5wYJ#FA~oQH?=AYvFG_vh)c1a6BhWbOdAA1y
z<u;H%-DD%7m(%<`w0n$q;iiTG(i#X_g~;*VqMyxd>gFMEo^M~iH_Aqosz|qYQ!t}*
z=lxSdNb4_S6Bxnlu<W6*jgjdYAr|72hdI-;@5G0z6smukJllJiz+`tL7~`*b#v<pf
zO5>lflX=D*dTB2sEsaQ9UG{c;L0VQh{EC+qsOGjCXl$=9k}}AIa}+nyy0v02rB=L4
zY2K%Gna*w+pPRVRCv9tW57dY&@y7@0ZdP->Dhj!Ga)>w*Xl#aB0~S27E~*<#obPfU
zH&c|1RC^VKWtFq!WOe2X>;$pzuFCN54zA*_fU&riKr{7V`@N-`NPBEuWBYBxhO+H@
zpmPO5tLCmh)$KWepRJ%M`?OLr!m(D|3VqX{qrJipzkT&fk0+DlG}Ip)*iB`S<xN;Y
z=qy2cr(<1MUvW#Fp`FT$zOKDcl(n7EVFSNFmJ1+af1YmTgzhW6xd?GNo??ze{x5Qu
zE!<8j)YK2V@OPIC71(F|{=evY>!>QbFkbMJk`xq>jw209Bc0OS-5t{1(x7xmNgt2~
z=|(!GyOEM^X}J4%@10pQb7w7GEdBuAv){d+{lqWwQg)+-^K3^BMy1chgkG0NeBnj{
zD7{e_zi07BAE`}AX_Yk2wAL06(hFis7(p0@?*&?As#|<gt-Wsv7EskA)h@X}qE!oP
z2yQsIUIku<*w;Gh<O@JSRu$c>S$MSAnpP~%NzgP;yDgqqV4L{+Du(YY9EK?V3vfhQ
z89c5cwr`Gl@ro58<`bOmsL+Ladjkjlu(@HUYRYM8PGzswA9kfM`MG)pwGa+~LN)Mv
zjKkRX|Ax_aj{6TMtg$Lc6ZONs?SATU>G9jx(B=r&|BATfJD>apxo=hy#POP0>9^;K
zOpaOlh)pWmZuhD*xRNJycfP<N&w%BBWXF7-3gg$;M@BdE*qfRuE2I(Gw~V{6T!STV
zS}vzAJ%xDCUg#?QaSEw>MplaYu6ZG-yz$?NQ%w#$87x&mb9P%QDI%HvH5#xh_>H4)
zX0@=qtod;v#A&lt_ayW?V5KiC)L124oiS(&LFCdZBEIk=?fYB;eD5M4sh>BM_t(d}
zRF@K2$N_F$Icw?ZE};rFte}O-A1u4C+QKy1^jyZpZjRgrwyy??O?kC`es+C3a~b)l
zn!XR9gGokFOnw#Zk4<GidI@KsQVA`8>&CXu7W$veqZjGbAin@KSB?hE*u45f(FuO{
zMqLBM>erBe^f9~_D&OU60sX2mXc(NB<3E?z677BuOUEwE6ZHWw;_vb;smI#0JFr8R
zZ(;Lg7*J7;M)7iDoad<JT%PxOEogcF^K?U|?_aGef55m8YbKa^&+DT3n4Y^=_Z>~o
z)&`6p-!BKZ0==}lad9HGMiN(=Hh@{w)4ISP0^sWH!SC490Digymj-|Vzrc9x#Uh~B
z9Rg)Er@Pv&7rYJilLr81Jybj1Kx6<Ri!J^N6YV=-^1u1gOg_95+M04mGfh9Ylh&CA
z#04Avws<cl*wzQ};ECq1Fe<G0XYf1i80vVpVwCNN)N7tEzo?=)YVP&ZuK9_Ra^R^b
z!FwNkZrj<#xmcLaRJCAJYPI}4+U4Bp_IHB&VY!X>Lg_A3!)nINj=9bF-l&`BRnS4+
ze1+Ej2l*P6(e`ma-HX<!wk_lI`>EwRv4pR7IvAX*y;FGyjV$%^{re-ewmLO+`7%!?
z%{AN;FSx2IKZV2=+!kaLX_5F}9Ink<WF0c1UTA6pzFF8HP;8Xrw74x$?#l%j<tE%c
zwo?5ss5+P7-LRQrbe6E>IgE0FMD%fuH0FBL|Iq|!ZzS&@Do?Y>aYA6=RT9VUmq$8E
zB*y?r-emTyeBlwM695yPgULc3&6T$AkGBJvyaiZu!)81;<nnNFmc7zSt#3~5{d{-G
ztHwTSTa|NbZywUi<5j`Bv4(6+%Wkx3oEgBtX0-dVMLb$G<}8*oge(1RGnRU8r?`_)
zk8HO<)u52?e3-4^{7;)iZIy5ILLPbXb9?V4Ki%tu*6U%_#pCeSUtiM>9e*;`-DJIY
z-fuoG2(yiOaQ`7kI9<Pg`>?ECv(QoA{O2`Z(>LE;tGYWsUY(vqg7@CrcXgKQF@L*#
zu}cqG?zEE6W2$*<rhoJulUnfBEv)QuEHx}_xkh_hPgT2}Z@DiZUG6QQ?9|kc?hIEa
zc-1le@!GtRFsO@&X~P-7d)B6lJ?kP{zIWC1IDJMqEBe2&0It?*v!&L&$$D<7Fm=8o
zAIJ3&ye3ZL-6n(C)5bo-Wz0XCWj1$9&N5pY^&?a;(81k=^y~zW#Gm8*l$!QEIX0)w
zezTI<9g&@)?D`;u*%bPUk?*%>zb6$0U9X51KUT}pS)yuxS5QYh6hgsMt}Li4;H<SS
z24SY>7-*lk&c^T_w>ay+31Lj06@TP(UQ##1u$uC?ko)|I&Rb+-Xm=$<viW}TBO9J<
zjrH`P@5Vx_w|jDM$zmhp&&!4cI9Nks1(6h$28Q{EiGh6F9!|Au({o>*2Hn1z@s4Jo
zj8H%X-}*+G^F<RK*V-reCB8kgY$Bw0d41U~&Md~=$n|L2;&*xJv4#`p^E})L38WlF
zcHYuF_H8%joF(#D(#WnI2GedX@Ok#Ot`4&pp>U9lF_-FWU$mK=Y>7MX9$XEs^z2Bc
z_WLT><!jgGdA{A4PQ&q2`Qnu#p6YT<VcW&C#P5L=h{ga3U&N4JSD{!014wM5ZljU%
zj{TaX`~K~>UFijHhA7aq(77rr+tX_YOx?w$M;I|+y5v!TW)-ymLv4+7wpED65d#L}
z>!c3l56@xb*_kkR1}-Q8+nN1)vn5}*quA#MB~06MwRog98q2)P)O=3W{8w|fGquO7
zwn1L$^WOGtzqfgh2PHm^2ihN;9X(&@;S?~5BIK;rKTKaR>dUZcKK749vp#BEhpUfv
zFHmsI8M)CAuqLvtYQzxuUS?Z2{nu^owDs_C7R2hVk!l->cC+dNg&%PrymgKtm<#be
zf{O;;q{bQEdKPzNp4!6G1+m-X&5zbi*J_%vms0$+f%+6YU-ylL`lLdJ0j8mXSDzj_
zzGHwll6H|gwWE{JE1(TzRhII^Zr{@3%>K~!*Kl_rVVF+X2Ji`&EKa?|{kifV3OKo{
zuCj{&N}(4^DvRo)T4y+sB1^w<vy*ikeGW8@)9zIIT=@&~Od_a#O+Y9YRQHUW#t8h&
zd!<<>@!U18OzQ3>!UrBfU%;|SwWH?|-zTmHu$#VD6ZfDvg%Nxj&jS{+%bx-E#pr4V
z!;0^fo<=*5#eRc3$WNM`>)R}qc&G4KV8n~NDv3i1u0EUvHqMU}no0oft(t{F5_Fc~
zQk|dWLxaeuE$_e0R#d88?xf|4Q4aw1&8xMCl?oj|Q8ankN+H^-*9${n`Mq^z4*$cN
z^WWqI%-Y^X``ypnn@dJVt5JmZ<~#RWA{sHtOCFiO(oWl!ogd)c_9tiOFOpYlAg!U=
zF+<JT8;A8(3|<EIVWjTacPO>@GWK(;&sWXh?b?36eroAv<hyZNbj|wec8bwzyQNl4
znq?&xifVP#dJ4Jnq%)mhQJIwx(8Dg7?f)D-fGW)Jq;DXi?&_m4`U%!&_MNJ&x7%|m
z`+g#1Ac@rHMG~aIwT{4<<%jc=;bL5F4=_Cry>K>3+wB|Hk=);vNzLW}Vu|zl9w}ti
zjch8NbX;%T0Y0fKZHed)3=U;FyJ57D6deFkBd6*;N3mLo%h<`AE5Q74?vo-RDrwfo
ztd1(&j=1aPE_Ui`%)|}haICLI!KR)Aaw!c5X$l4_yG^n&bv6@tM@`gIJ1SW!a!tvz
zzO#UDRlVe!$0KcdW7w!H_?paJM@CmtrBP`#jbrFie?00_ydFu7tKqDa@M`GZA}>h;
zuK1syxs;mEzIfHsVks%+uvp+!{dprxgSspPzHr_)#m;u{rr`Wnc#5!yX7`_q&?Fav
zmu;>*W7Cf@#9YRu%U`g2yXhkdkLOek|1#|XO#f&<|8Gh0;UCf5ghd#8gK^;n_a>G*
z>qLE@SE5)z<W~crY`R4Lojy#Si)W6$d%SHo-CpjtS2IDLP@8d3g1bh~b#XdO;<?N6
z{U0JXM1>}YnUHUP74GuJ#Lst;4#=La!<y%Bz)oEj%d|VYSbrhV!qjpSxc@BwVY-bE
zaKMk?OR*acrkkb6^ruth-!{4`9(2UTn)d{@zkQs)bz7Nk!X#ezs<ZTZ$p3CTWb0n_
z+@8cTo!$C3DYvqH`s4Q_D~T+x2#!TF|LP=lSoSdE_vjcvvb^;w{rpjO(W_bSW6`_X
z3W29Nq${qu5O%@GljW+ujJDg~Ci}~d&zsLOXFs-L5H_r^`tx2n*tq{j{5w&NsadUu
zS=svJ6UY$cb#Q;T+KzkKfDQTeH0z5s@kh&##QQ>P7NrghrWxPPgp@}o@lfweteVsR
zH|402)5MsDJFyq25MxQ|I;C_(L`L$2lVT%4A`>J9sgOV7F;{h$o%|uw=lHI|Bx+C<
z2q2j4k6|=33b=NaeQ{bIE18Y%%w02w;KNIB?oN}KOcSZ>gsy3prN2p%daBs)V}3c2
z0(cPmNBE=w*OaN$<ft-At#@Da?$3S2xtK%w7#<N1=H54`b1S2<t6cWqVzVjgX#w1`
zQjlmLEr{%-2tMp8^kfQH>*_C#d3piy1&)#QZUUT%LcEM}ozEy%p?}Hj(rp_fNL<fy
zq9Mp?#b{O|Bu=4d4j>a;b?Y_SnRmrRcY^%FzKX7AI3hJ<C~JwA^V*{VCEf8d4?`Hc
z+B^TreD^uKyF=5mr~B0vp;3YN^N%d%RTz!?#`SGJ-wQ<uv&th}F`9EtoE(-gqUTZj
zT*1Ykrq*X$rm&L^<B~8&D(g&mQgSgN^cj*YPUq?NkwmdL_Yzn%?EB2qE)DSe?O&<!
zzbLSo&BhaHbJhBDk80yGtlCh)D&fgbS|Hn0F@cxe6r<Q$w3FVZswSDo<a3FbX_pza
ze>*t4f167=BE>m!8(27I$Tm`STUXYwm{tz&5>v2pdplel2700{?+RkY4bpab6f>}<
z%3T;|_)Fn5YCrgL7wng=wJG(%wIWbymaDd|26_#tN~%bjl-)-~i{SHj6$GU+h6bgF
zlH)64qLQe(m}E<&yFd#56UUp;R>w0!rJm9e-)(xa-I(xVp%D^A`1M65sy7atTIR){
zIMRfPC^6R{J?jjH1^uIA^%@e6qqUa-*~G%5kmVEFkK+T9G<@@_nKfiUt$IKT64i9L
zmrJ)7D{iK!p^7MeHXSC@YK~*QD_V;64*8pl$XHJ;DUG56;;+0FVbszKxrpsqjGR4T
z8q4YL@|_(U@*U50E=wLJ21M~%P`v_I#6oJC2Zy>JgrjnY8~2e(-Ic@h>vHMbKN2oS
zT9TppE=jG+WMRA4eF^2a-M4Sqb?Rx~ofxURd+clK`^vuh$<Fp*5_47CE_3;ccVVRA
z`bGNbAi^v>P0GbwqDYz;T6^t2lfVkn>S+~`i8#L<y}}*~n@um8n`9s9P~aO3;`@jC
z^UtVO_zBxrWlC9ABqpvCYKmnhrETL=oRHi55<I=5IenOd8TfG;%@9VO8+F$fbW(TJ
zy26cG`Tma6wqlbsIBmo$VM%>YQa#E-i#(Cvh7(au0%%@7QhnKm=--z5D(T5gTt8%a
zm%gyWs(Mc?xAuzf2+AbH{yu7ihNqAAlLlr!7n!^AT!kYx4*H%9y06t_wlF+i1L6)U
zA~{d{9vX3y+79yN7^(<i##PXMNCTO>Hn>Z_SnHVt`$B{i1ySX3qo+zVn2skSzK&OE
zO9&)@@oX}!7atWqo^Y0{ubayYroWCfmtI!RmJGAbVk%p);_ZS}=a6!mU%O$KbtT8m
z!+UlO<quVx8oVXTh>Xx852H}uzw0}0o!n3SqkK=@U;aLDqWR%XsMg+3Um2JuySFcl
zv|O7m<_`Ej|Kw|Quj*|*#U>WQt^}x9lN>+F)m(MUj#7w&**lIkTzqEna=lvU{?yVs
zlZ@iF+1!gQ|3vIF^zC)MA5XUKz_~aA`}u}Pm-Ev?-J>8rm!?s0+tOQ8<#Z-fE#LV<
zlkZ;HUn!t*`JtX;78)Or|M(PsM|I(wN?zazLvq!gzHB1J`{E2Hwz|AWb+3J9j)Bg-
znL^4R87%&`awZuUg_1k|T83JFJ&L`1-$^;ncl%;_qaF^ch5Vy><qi=JGQGaX8Z(*f
z>j0UB>tmBm<WBN42+jPmP0<W#^~`!qHQx!<?&3PZ%jVA~=#Kg{?ZshQlV1^0&4i6!
zL&@xyruzL{xmFezwj5@PKkK=6)2LWDe`$TymD_VW7+s$=<{s{@;YV)7E}DElbGz_J
zn90i)!^=fwu4!M$0;0FfxvVx%mvTQI4c_nR<@#bYg(jUj(kx%s*e=f4o@4r7cU7UP
zaZfRbOBFR$TDKJk;`nl@;qi>`>5LgpL<kMEF_up!so^b2KRUO2Vs1xyt&KMb7Oo2*
za*V2}aACK^H_rtG1!c1HKVLp3{V;Jc!Io#6hm^i}9cHKf`WwP|2EPN;c4f0YXJ__&
zd+xXYgK5dM_VQ)yuJ@tlV$*JU-PvG?=5h3|gU`(jAJ?x8=1DYM>-|1t)p=&M+6RpY
z^oMYk%xVq&y4rni-_#z{w)M)UaW<!}@A0Yizbw`x{aLiIfFK(?hMVD+7trxvc_M@)
z&Q8zuz*Uk^#i)6yg&A$rq&Sl&&hz?tOvs*dspsXd2!X|0zI_oLNK>@It>7}dI=H|>
zn(UBWmd1L#wxpiLMISf)H+HIIrWjksN~b$k)d7f2Kbne7O6}O4W2Ut*tgKNj0wsce
z6I+OJzC?X;`S4w8wQ5g?JL7whbI4#m6I!4?G>xetKt)Hjf(cPRZA#uLd1$9vslUZh
z8&|n4?dy1LtXJ#qf|S2THZ+~b*F5l9V;(+NL$TuaiM%b4_>!`>;5jPI)04ywX0<8T
zvuKRno*tM?4q;uW0Lp`VUo{lc)Sn+&dz03bn2euclV)l<NMcX_>;Q@66Hp9%6#P4a
zuryfYyAhL9h(#AnnUuqtsGvGHOO8Q^ktChQE*T_EI8Hl}9fxE!W@@dhd=o4!@Dd{)
zNhD29F8A2~A+z*+)z)IpBIbDIPHVQdqIz`YxN^n2?4iwOdEf7dX4$(cy`j;&&N~zO
z-h9imqm%f`k=j1;7^0@A$J%&KWwpdbCPp=iugWFAJm9-}^(eQ<O%+8!!@9SV<9BR-
z^D{Vg6}iGPEc;p?%^5i{%wtH2Sn8MacpQ5n$pm4=_rFURxFr{VV`fi1C|OPg>ymE?
zbGoq@j#6c~csIC_eYP80t}ybQXFDGPRx6KN;*Nc;zOWaJAK9RMm~c?B5R05vB7DV!
zXSX7+6?mT-KnU-rN>V6>AIoymxAQ4Q#s^i?tcx#lfIePOT{G3iAtBcUGVq%^goWv@
znk1^%FgTqa6IK0Wg2Kw<Kd7sK?5GbJasS~Y59aB4Ec;YglZfH9_sLj}(a%(7mQ!=H
z^yzoyXw#UhjjxJEb`seQ!?oda|5M?DmIYI?;BOlp)NNEGd}l3ke&wk?M!;7+*q=>+
ztz^e1yFl&;WZH7j8L<R$)FmO7np!)=>-2G*^tzWa`&{GF9T-P>nbx_X9hanj+J6sM
z=oHu+#gOE+shqzHB#TTm92VM7j!<llZuFTdes7)*LJC?Hz)V(A-o8g;iVLZDkublJ
z^%YW4o`6mB7;nKd9edRET5?1ePp0Cv*%bQqNK@J7;=BFLftjuR*?#xUFp_lB^~jeK
z-kZElqn}<(L#<mSg5JNV!&$PrQvA-dDS!~s+1exL)p+ILzvVa3il0R*c?$IYi~KQy
z`0KVvqX^@V$z2;O9GSM55RHj{2Rlf$^e8ufZ^Uh@kt7_!-0gaZ;Sok+DcWfZI*WF$
zWF11Km(Hv?`te8^m98nI2x&FTCbT+^mt19n<8HG@wKLd~eXHVd?vssqR=R$pT&B(8
z`yPAmAQP95lYCRrv+`%hAomj+^(Uchg@zr9KIc2Ju5SXFQiQ8GOGR;P<q9Dbi1mU}
zY<53QZ?=9`SffS~I8?lbH|zcu5Z~_579Iz>y;Vx$0^IsY@_YH4qbjyYL(@H|(plqr
zL1$1D4OBa(sE7;&P3<dF|9B)^4wHkaqvQMc$kh<yxI3;5A61UXb4^OKz@4Lx$Q$JR
zwbah)Fh@@RR2r!G1ebE=%`+26^(zXciF9V~4lew7Bn}RLIzInYo$Gk^IR@rrY1@_&
z5m|Pbmgv5`fVkOP!oBy~{dS~%`~iMFBKXcCqOY-T?q6&1ZPZ7he&v3D$66<%yS5z_
z4RyQ|Bb>Cnsttx%S>mg*qA#&zP}W7E2)wefW5@5!3GMKS?~EdL%NXFr7VAf|8;+hg
ziS2EZtRNT02Xo0V<lGHrETc7~fwf^1ZX^UuO7tBCh9$b#^HVHGC|t0L^^P#(fin9W
znm)AWVv!|845&Dy`g|!q8n17jovfWDF-a7klkm7m;tKFx6vCI%aj~FuCG<Ybg_D_6
zA&5lOt%b?p<DCAKRJ0OYz_IY8R_Ej5LMo=F*1=*k{E3NwObFet(F4XcH9#YuhKR28
zjc?F1UWebI$h%vKY>zuVV@X8jnM0^jd5qXW#jgpz^<LOe@2fM7Kcu@5(kEHhC$jja
z(<}XMvA(arbHAjXD14~qu_Anu)zNBnsXH1KAbPyZoU)%ZC~vu?=0IC%-|;43*<pCN
z8#dwCoDK3;;Ku7lN9rnc*R@)4g(g;vvlrU1##7tQY0jJ0#wST5<8@|TV>Ejc?BV-8
z;q+@u+Eb6>+)`XIYcz146G_nZwI)UiEsZvieK<L3rt#sZ^(K6EdI7zZ)%VEW(D=RA
zd4vD6+6#I7KdJ7AmlZ)^d&lxG87y5o8tkla05l|jC|VLqabC~3JfA^BvQV1ysN|QF
z&#zB~cu!iOhl(?~(Z*wa&S8E#nYgkDyLo(z5pjK47}z35z9|*A@$9mqOMa!B5^04I
zuhrxJn9~mGz9$JEu9=YJjo*%EV2qbQdXG{}&-iV?bL{^5P+=n9i0sDmsUmIN>Tdg(
zmC_2?-HDW4wR1KBX*AvXl0LtrTR1hy$z1d}8LAiu=d|9_xLIs-{ykX1>~E*|m4}$$
ztz8Tw*Z8amojw6JuL%2?15Nq70me>m>GhYJ=-K(Nj{FQKkpw=+9VxTUOly8e>FmLd
zl&d!@?c6W2PL~|Npsnl9o!d$z2QF%GZ;-X&53x`?zsRhQ{H64+a&4`umYWJAVXLNh
zAHPSUy8Bg$rM`vvs95^Tg3rH)8GNI>U!4p0%BA#um>`!mYzb}(<>nj2zr`DMIAHXk
zW-IvZERy1xd6&R`@I1~klRfp2N@;~uiz*0#^0)|>`qW1u?2^f+Z%{}3uE33N<hfN>
z5JmOrLMpd`_D+CLC)c}Lo@&gUpVfW1;aL6DtD{TqaV_JgL8h_$$nU7lu$Uhs3!mI%
z6Fr24x*KYKPbE+5_?4npc4P#Qi@sQN{D`Au2N(K^zAV7Fa+xh&6H({8!|@I^YDQ>=
z>@wa*Zl^z-+-x$h2jV$=1%pf^FbAxh(oFg9p6(cSWbOTBKaFy2JjpdqE_|&lo|G5l
z@8U6aiR$86&PnfPjjAl6ux9T^>f|E6`KI)ccglZ-PnuXHXWB?3yx{b7%6TS#+<dW@
zvBLkZ^?}@GsdciQacX>7WwN=iz|ALGM$(omYA|oyt|K$Z8<P4rWiDGtWFRpOT_CL+
z9*s75?$v8yqv>xQq?F&h)tOH|&~=%nz>OmWU}$x@6~4%bM-nSJW}{Y4;G9Jo@1~z~
z!|d}r;<=N%dt%;pAig>|mY}@jp6_%lM2`_pJ7Pf9W9*U1Lf_9|`HR85e^5$i-b+CG
z(>`b=Didv=jXJZpyT~YM<{{&b)x`6t_R+-t$(y<F<SJdZL=T_s!-csUUskGHXm@a;
z<2+P(k#ojGRzkC}iQD@b_0-Wy%8Up91ZAC|{*PXIHe0eo+g+Pj4y<jfn-no@K|dW2
zG@gCbUJO2W$VbTqc!Dp31fv@D4t?)qE07t<uSf#^WOlXP-H3;Y!tGlci#=dVOJPSK
zNfnrg=bfKc%Gw5Q$FMEt|2>hj_g{Uh&G%C&>clX*8=ittv#06!2mOdB5*5bhG*hO&
z=zB&JFI5c`_EP`SFB(#5nj6MDF^q8Nm5Q7>0s(WzmtThU3ZeKOj%44v13e`7xqsi4
zO4_7PDPD|D;nP7)0@R@8RIMAVrym~f<|@Os0{NbFxxR>HuzJgPW;F57X;`zj$o#!;
zP!RAtR`GP~IFGMbGfU-9Bwo7vf_``rPv5NQtRtn5(8An{?gHUvyBd?MDa5P%-0dp1
zpYr1;Q(0Tj4kM9;`Rjg=2~paO_YO*?N!FQvBjH`hU>aHD&Tks{gd548W1d9B2N9D|
zkJ{Nrm07O$y9pRhpOV?A)Ite&Wr?Srd1tuu{Mqkrmav}l5JgT^^H>7tM={^P4oXvu
zHYOaV!m*YWrvZ?9SPa8wSP!{!;{ElihHABEwXISta{4n^WcYq9xTZ#+PpNY2@$x*+
z7t8eQMR3NbQ}Do&3}rF*h<$a5xD{frSu>dwwohp6N!-QcaFG|46vrM=FV|^La5#cD
z`iUA|J@^@*pQ?UdQWiV%%J$~t)X>~}%;J<7v|!MmtVC87|G^j`JAqXn`I0MBN>ZPK
zME})(UF78ri>zBtVes);W_$S>XZQQkk2iQCUDq$f5JEq-Nc4nr%9ZOjPHDhbA!RXB
zSi#xsnnJ9W*a|%6jg{+@-XSy$%j<*3ozbx^ktB~rHyL(VH`fdag|6dq`TbkbpNrJ%
z^^tBnUo3<Yo-zE6mQqM()6ln?@izbWgaWpb&hvL&oJK4z=n^5XQlUm?;tO_>3oL)+
zer-?^<5QopkgJmG5O=_N{$AlV4tb)BrEj6VzBnP}h-8qAxIy<vd+K!a>GLbXZ6Q(2
zic_AHO#A7jTNTSblAWnYBa#{4inS-&ufio8lt41%(f(+PZxUJ(g<dii%YF~n$F!hH
zAcgI*NO}Kt{K)4N-LlGXiw{12Ie9x7zS&f{{WkM7Z@u1xQjTv`xKqQu9}hIWOqmsS
z{8@E{tBgx`kza@7T&=uhxmSQ-@NE0w@Fja3r~AFGAgGgiM`io<t=0u^i-ly7yf~x9
zoXqRztgP8kh*&dtbG6>!5wnF?g=%p}+rYQhw>sQ{gcTl{AscB2_#G6nZ%u~RUfw?O
zW0Z_3{{K8_$Q3Fb-k0QNjYqwmaSywy*uA#fjDafa(;+873K>#S;K!Z#(OFv^$G$GY
z>K6_F>;o-6C2}yjKg5LDE;v{i(q%y1dhfc4=I_Z}6>`Gz=x$^>UuA}^k0Xh<az2a8
zs&?bQ-L}C8n{mgA#nhx+Pi~H6=%}P=ROstHSV|`ASD8wIJ#k<?APTm(Y!N-DOszOB
zoG9(-dvEUrC#~9R6}b;YyXaIAVfw%Il&T_Gy2hPC)huZV{Q@@dY)d1dC@r?H{Dv&u
z+dPoiwJM#QE=(~!MZ|*AdSzH$D6D?pyoh&PM$r&?2~T$p#MgI$m*d4)EGrf(<08ol
z|IOK!3MN@Uc-G_tx9CrfT9?;Z2PjAOy&O{hXcNXSh~CRedLQ-!ygY*pXmQrQh(3^_
z{tZ!;O+aBl^W>S=c{@cnWgusKm<1Nwp(f1;m+*6_!P>PL5d-*C_UXZ^tRNC(K9i#^
z)ulg5`*kbRu|L%7T#cx9b=-cVyB&G7)>u<0K7la(Epr9sHzMmc7$#09&a{Lj-hkoG
zWk~xF=+TxiArr9D3ioHnLSzHmW0_iZn6_Kv7=t<GQdz}NacIdw-hFgGAj%i~*|W-M
ztJ6CDvXlw2d<c);$FctDuN<%0#HZ9u@7`{bSQOQDQ$mx_g^yqjk^hftm|B@8=>M;&
z?&O)1zS$-r-VJ+RcVxnF!V0q`=6LGD?TaOOT61!fuZ()d>mrNw_8JL#`h|+fc*YYi
zSl}T+2E*XlD}p0c2D{I4$>Wf_cmSA4L22ZAmTo>gOmTs7zS3zFAN;~JQwA({EDi;M
z8>o<`77IeWRV0D64Uu{d#PS+3+MwnKND)u!q^{rPE#Lem7&Gk}EOQZ=5SpQsaik|q
zM3JRT3HQp!m)c1Bid;^LMReT$)b>`ZN_3{epklW~X(&4u#y7uoU3Q%X`Xst<JkK_j
zjH$KvQr608A6nz1JdhE)OuGjOkZID>dR5tT?v-D;ubL8>gigeVs?q+5!2dt(vH41A
zb&e>NaXv6P>l~8lktAfQ6<>4hIKZ18t}+`k1>_~^5uu;41x-FTXUb5?mzQn<DZ+Hv
zQL*_yZOHDw4oLDLd{JjL-pVW*C@27*gGs<7@UXqk;14q8B0d{VH+qTU7+X9w+aIy!
z3IeHw)ETK0+kc;b#I$P<sODq0Sb>oNmHU((4b@QtQ)W6-c9Z?X8GI^dQSz;~hn!d!
zBEA&1BAb_aUeI&QK`>-u0P;!kfX|Kkgh#I`SxufquO<ysB)o)5zWY^c!T2WlGbP0-
z)?3|y@T6n5f{`w@e9=bZj!rzzyE45W`YS$GagRqV`B(AEY<5DjW1p$Pb0(Uzmx>6F
zN~R5G;~ln{Q_7iZ({$8F!J;%*!b^r>S)E#IDho4SiL|TCe1Gg(V&1c6*#ixQYhKfS
zEaA_`wZ@cDv)YuGw`<(h*3<N<?`_k3fX8B$|C3)MuqK@H4jk|R29F$KuDP`46V^$l
zl%#=&IRl@k{U6WCfFa|TZy66CcllcKALXW;E>4s@+crGbD>SlLB0l@_>1wb>vjo}V
zb<t~X${$($+e?e)yZ@Ii!2f$+^%MiJ{$8H&SDGq*Dr+s)4TAYf^SDG>B@r@1{kP&1
z9zWFN%do8pR5gJr@l2$ghQ4P$;HeAIs})1((?n4%1`9djlRWy7lc(Ag%uA8)gst3`
ze}!xX$kzr1Ffso1be+?w+MRrt>DSwh7>lAkU`k?wH2E!5jk)mQN#Oq(FeY4qD*YI<
zzF}2Q9EFs`vlBpir1?09y@^hVVMHT2#sts{%zsl(NI<S}Vnh%@vChv1r1etyz3U3b
z%e8BZfyjVlH3wCYQ!kl{1RqGjMESS<L4QiLwT8W7A5b1;QOa5`M}ALa>tzIYt##GU
z_UBq1@3NT#G(o0sFD3Dbql@r+(or81szndJbL9NCu*=$E3W74&Ti#xzHoB@Lv))dB
zuPrz=Jp0zkn@ftv!g9(iceAlnaZ~>F7RB+yI#I{lxgjI@7q2L+a+kPS9eI$`0L6Xq
zVt0~5?Y*BottIN~w}n=<2|qmIpxl1<4MKb-O9wp;)uxnI*S05-MOxJbkFw$|?}Zo}
zf9D3@4BTHVlM*c4P~8AzQ)0tbo6t3d@7QO^8dl}0$M&5FYjhu5%!J@oW!qOzoV@AT
zNZ?$zI7b>PG(m9!;BP~b1Z-2up*2epLR0rnhRL#I6Cx;tNF%{+o{b=S{F=GhuV~*K
z%lUB2b65j(w+1r#o4+~s60DRu#Lw&jpsgxvHh{$4>evHpU;LZ(UqjpVALvx-BH54C
zm>}VV$Y~J|76X}CfBPe_X%Y+R)Js#AfB=LOkPO~ig?Uh>V;I-6BA`F}@DnSX9!`8h
z6xWV76%xyZ%m;M(sth{<gPC82rU(lM#rF;gu(!4LNv3t*yqixFB?|xuOIqP-k5gkh
zy`~zl*N3&oB{(nGc;dH#NS%5hQZ997R4@xN>7?^#Sk?*?EKD0e?7|dGj1hd)gbBi5
zmNbDGyb3bWqaeWVe0V+)ZHSBy7y1c;m5dAmMe;B6r1uEMG5;CCnR?#>jF_5~vqsR7
zV^QHLm1TL`t+nTA58lQb+~PR)A5R#X7{9Tfsj|bM-c!YDGSS4`xx1qPNGPQ;=>g>i
zdX*M1C?=)F$hUuuqh6sYLrNdv%x|PcW^2=*QaWhysiM4lO^3e9xgE?wf@{k3TeSs%
z1SyEq_LS~NOVU#(^eP3Bx`2%8^mjfYeT&`!$5sZc8#6*Y+A|8P_>$H`Ym9)(H)}Fe
z-6nq$DxS;ny<}(4jbk@D9CWLs6j=lD4m<G^456aW@i_#x@z22TPD|^Be^>)N^JJiF
zU-CP+=F*PkKPtJF5P?Q4nnZRheiOwBt|}xmj9G;&7gG#BdBbM`COzP<f|o|ljRkH!
z?uGgC39N8@I4lkip4j)ex!dJP3YMSkDw6-*<Z^pOr0l2SV_-jBu9#h()5DE?DUi?L
zNz0EOV3rQiZFEXa>!pYa)ldXE$5u4&k>V=(YR`Y+X-#Ftu-}5G{IUJ?x3N@A_Gv2;
zj_Ceug@zf1DMmMjFAlhEW`yR}bWCy-_3eF2vLLYcmjf}Rl(W2^UjZ-jgcEKgFVtUV
z$uX<o&tGehG?{5VjF^_K0C-^;<s_J#>`(6%XfvryK$mrcF>n}lHEFm#v=LO6Sb(K4
zInevS+{Q{>*#VIzIf{r=dTTI=t@U`lE6nU@snH2Ah0~=RdH!(YVib)7Fe(E~t+_oo
zGbN3Ba+&cB?{xzE5oOzG%7oe@l^Rh}O#e-nqoVT13SA%85S~%|JyJ_<uZzM^0pS_0
z&QNc70gg86u6z3&#eiJvMS_3(&;Yg%4Gzs}IS}}wegZ@#JveRCJYM79Lr)5xS~!#y
z#}$FpC5v1PaZHb7T8&N=ihBSY;wGT7#u=&z^2Wm~7$<;JO1S&W3E_m#$<8pr(NqC4
zItWXbUYk#&c~aGx0)mekJD#3PoP4H%=N4{HhAi*%7sSjQQO|kgwJ9;w&V75=RGby|
zi!%rBMLj0>H(nP#$rg^{-!g2Xn^v<CY`2Lv*&W%K26ukM&yPyg_s-tX#{GAsktx8D
z4t^=in+V=acp6`>tWii>VDWZcGwFn4p(d_Kn&L>QuYa_9K$7!BIQBM<LWnRgVo|f8
z)W)42pPq`ftJxc1fW`Fd(*#h<Xau60tSwL=Y9S3&RHmA9fT!%)pS+lYSaw+#Buvt`
zg*1%q_fGuOp->zVI)LLX^jHDFpb4PvU^Q2n^KrRJZJG;+UTA!n2itD|;MnM4SPAq0
zya7xT3N#X}`G$T#q{y`wYHhxY*8n2IOr-F&%yn@Ms5RaI#ut$80mwp`CimlVBNE_}
z7f;IXWk~{9B&4m6z!0n-&=g%cGHmZIcJorhVL+i&AZ5{Z3~WwnEXPGE0?q*r`vcHz
z#d9C5L?_|`|8OyECCGqWlMdAVc!lm5Vk;+yjg<X?Pt=PNBkZq#Z+0=ALA|PMwcyK%
zixr|0<tesxzuq;SuGVfk8xMtmQenLfADg!!?%^4uZk+$ZC<WLt8*!nP*7$G{!T({e
z60n)~%P_S<lM#hgT9#U+=R^}q1HJ{M+<fe@+2j9U#JUU=eH+rd9|1P%3_x>bKp@W-
z2|-N@`Hb=il$dfVa2eG5JA$6O#-m7KjZ#%p{+h^_*#ZK^I8!eH`$JmEIR_dL9&`YS
z3|Azl{^b4lAPz{%%I(dRF@S7J`4UBR81Uee_&fnzDk*!N1CWlXbjjTS9yb?(aurtX
zj7AuT`Mubk1$tl^*UpTnJ1dn&A3pmdV85fb|9B3btHe6U7J>;V7PLTyx#noL&DYxs
z5aR9n_JNzy^hR~y$SHHfmbPw=T`UF;^+zDMG+|rz?el-wy0hl7wm_9L|2NXi5+13~
ziSP~Z07+s#@0oRoWP~G#W1s4MA_&ruE25`@x+JCNNzVw4l<M9Ch*pbwtHqm#$d3AL
zaO$K7khgqnP;u#@?Y@Z|!5$*w0Hxz{SC;V$76$_y-hhb1HC|%^4((4mWTCfMUt)@w
z5d#Y>2a1(9ztX>yo0Zd?>{WO@6w2{Mxu0MPb7~7nZ$=HN8wYY5{``+49#9j%ORteg
z!5e+b{S5%k6UXG%zZ*@zLLq#}R2b5D;YmP)TLw5~s7alJ8%z>NG^o7{`fa+}=Br#|
zsRUylU$BWFlFKS~RlW;GE2s*_ba<<Al5gZK60vjx3{Ag7(L_f91KIUA!r$OuJ^<|I
z1fXqnMcb$eCBXJfJ_0Y1iPruzE(0|P!q`5vDY`jxIhnDDKu2}b1a{*WFRb5k^@22h
z6QCPq8mU!P3x$x+0V2A7^I}pVW@kG_b2)~Dm%4^vyR<L~XeY&sOq|^1Jjj3Jf`FM!
zlqSi+PXY=oWT}nl-%pVNrF2T=DL70T?72pY!EC;D#zCceKLkR)MQpS6&en%oJQMG_
ze}q`*s?&DnklPQ}Q*Q`Z=={5z*EkR&p{LqkG=0$n5JW!(uqUh{qP>Rd>W%1nZZ+u~
z#ruTF^lu^Bqu&&_uQtiM*=aH8%=**DvX^5?2Oi5-B2_^&-pW2V?39;$kwXZDni)R=
z&fMN+M!-#_QP-5iYgh4>5XYMjiCXbUTLZui%@izqT7Dm$4Y^fHgOFvZcC9oG6Ktw^
z;jerr;->5Wa7kwxX3zhPCh9IS;tnWpyZEz?W;dL^3kE~NBIW$gub5)RA5BqgkszWv
zjUxDyAlah=bkGHf3>pmSXPxPw2acE@%Ov%oAAVgACp-_p;fn{6l>4M_k=KMbWF}x@
zvgGH;a9B}T`C#5dfDXli>+$WnB5(%zgOkd9u9I3E!{(sPIigdFOa1)mwETSCDeujF
z5QdY(F%#Y5Z`*D*>ep9#M|6xK_2*^lq|XLqkyTS!%`V!W6WH!G#WsH;f#nhC0fn%;
zb1J(I8|>u&OfiD~+??-x_n6^QWn^+m(A7Vo=H|U?jNhqBKn<PhC+f!^Tp_FLAMa`(
zxY7~SQ0@(3J0;me!odjU=qYjPZLep>?^6kh#i!mcjTR9nw-*GMJXP0#DkMaymZ2p!
znTc$t9D|(L{sfvBuSTqLIH_viJ2zj<jzEJUAUXpz9f)`8K*Y1`#}7s|MQ+H|7mg5>
zl#P2MrYZ%W(}fTg`zE?07=4vM5<d~|8)gU^C59hs&GS2v7I5!g&yL9l=L^5W`i)Rj
z<+LSDr{8i-M~Q*I76l*o)1dPQvdI~hl}}V0q?jDqe`4C(L9l8Q1s%Z8)3klY5|N9}
zO6Z?IjFZU{ypY@L*k)<>1UI{tz)&$nGhdbU&a<LLQcymsB_J~AVBrUNlLGX-?++6X
z)8+lPrL9NtalB(?V5C|UNTBrCY&}v42BOKw@8tng9II)=7qp8r|JHhr9IW+6hx%$l
zIH{Qbuyv3o?#*!7%g#U@f^38u93><URnzPdjrfln`?xr@rhHsO?t>;$!UNz{OM?sP
zmAF_}t;JVphXE36NRoSaBVaj5LV~*uMMSt>Qld&z-dpJVKe!5W3v0fFJOeT$A-A!y
zBq$&BSsx7t_alQ&=^?Taos^b9%yti6^qOED0SL?_fCFBvfx$2f-n#<F0kQ(*mInH=
z8;cU7m~ao}#|L~I1f8L;?~+724W26yCo0SScO#>x*O0&@1+Rq2jTjL8?1!1R)YEGl
z$|!d-;oy8=aEm%DyJ!8xFnGWgy7R@}Blqc))vMQGb$vy6-4{&Vj9+<4OTINN2Z`Lw
zni;sw$Ul0B$9M9sp!gpDH7-g0|D<$Sz>fIvQ=yUKFYiuqS|22qj{mTG;IK7*Khn{f
zda%ryo*bkL)1a%JZ9;se+1t8bZ`VfT=Awi`AqWvDB-VJh&nS@*!YNpQ3Y=vQlM=a2
zKZ2MhmNd~6%g8~!4gj|v2hk(Ohcfd^VoM;fpadlv5$WUf<EqMIiNp$6h43mVAd`mU
zXpo2L>LF_p^17A25&!{0#U5ub#0hnksGosPt>K0Gfp1sF94Wjm-m4z_9_a<xrM$fI
zk}<yb3U$(}cP+UNRP(-i9_t~upx@(D(vXF48yVoxLo`?~6zp;^r-YJj8Af#4@~OYi
z2F>}*zWqV{X(x@moF!$4X;huUrsdANG7X$jAt%_?<5btIR|~=7L}p$WzhQRXmgTsU
zbyHFOUf>C;!s+DD4i0>(K)k5^#8kD3hKCnq0;LZW@A70tGRV!9??5A0eVomtYT$-k
z|0H2RR+uF8)WUjaBgN;4T5byMd`$@TGuvK5stxjHLqtPV9Q%r`nyNLvXIL>5<pQ-!
z4E0CKnoRT=sd9IcX0Z)iPiGz5|E%XukU;Y1kw;Sc8YJSeNO1U1Zx;PPc{FuQF)u~v
z&mosvWcdfFBcA;)1uFua*iXqcp}5bFZa`f}gTf))60Zq=Ks)#gG$;DHJ=@KB3lON(
zaMARYa5_~W&ZYmZ0$8@c3nEt3B_^nYPT1l4dk8jPeGTMWlvNVz(nFr_Xn}bJqU7hY
z#P?1L_5~MxgFU{qPx^^{V9Jg!REA56(EaUjAMmEsE92Q-i{*rMF=A;tv;OZtAU>f<
z1`CZ1qK3e}z`9fV8tHhF?M3tu8hX`)yxfOvGLfIJAbAN)I0aCYDw8?8XB6O-{8SY4
z{UF=K(zXm3Q0D4iTu^AFf(ZP;<(iZzjK~A{22|$c->!#0|J&cNk`oyY{5%5HVlM~|
z#(_TpArO&m8njUgnJ}~><BJU4q<SG$&apqb2<S~JBcH;DybvR{ShbA`WWDD6ANCEb
zeTZU02lc6~qR9lyi$+;+dczZ3nxTEYpC+a6L8ysxU!>Qm`?xnRI(Tb&%@C3ReWoT!
zaErI65FIt&@RDQY&|aPGUpd(l{wa=K|08Zm0(iJT<Qa*B*W;84R$vj7{lil)loL#_
zhQ6FsT!{Sa_dzs*kLVh-<HM<lXHWSw0aS%g#njy5{-(>yLF?q)Dxe;JG}>I*<9pNJ
z_4<;<BRL_(Qxj4xQObb~W;&?XbFbkEW%&VIz@2GZ5v9&=O|$t>-{&pDJZxh=I*$Kb
z9x?i#C3)<7u$wfG!9zS#cvETqix5(t6+m+=_3m5Y7KoTr1A@w)D|cUwHS{5zI4#Om
zS*~AoU3aN&r!NuDp5Q+-)%%xZ+1{PfaQhsj`227U`}ky4Pt4=>)=WqBy$7G+@PK#4
zYo>U1Se%q^N*T*G^a4s1o9kg@?*n^FGH8Rm2tYd|H0UGwQpCk<ON@BOYKiyNk<kz}
zhtIXc?o?4i@j-)uA<nQb-UlO*Ok`hF4IaCG@}mzqvFup<SR*h-;j3Hqe^n89zcFBi
zf7rv91b`L3hWxaqhgYE92O>&wMqQ!#P)d2qN^(==UC?g!8#L2%@slrdIge5<6?#-1
zNEz0D`m5J$c3JSN%6h|my_G?h5XeHrzM@W=-w=25W{P9ybw8Slc+Etu1-iO%uit6^
zfo=my2TnveN?s9!7+Xp?gbs}Lv5`r{X|m%yCG!48y!TcUqQ87UyaU#~V@-M4j;4`<
zN<q2QDV^1)fTX1+5;3eqOlFovVFk0DC15uEB%lIg+5lVNdK?CIS%phLEbIr|igNMZ
zLRC=yPylzA*Af%JV?*C*XXIU(c5OV+bfl&81^m>0pltKKuMv3HZh~HTvUC!C(F86o
z#Qd=k6^}{(EtrRRN_)Ipt+!v*m!j)*lPUqW<jx!|JH&zy7YP@8(=wnADD3OeDFd;(
z_=TBZ-7cuFfH*VR_xn-TDze$1egF(IhHgkpz->O7$!|6Rl~S&?RwLkXu~g-Y3bc|~
z?E829M#5Sb6u}4Hu+|d~9PkB-1-w{Ur>#LM;0`lB-6}e`hroRfl3TPKxkO@%EGk@?
zCE6tEC0fKYePWgth}G9}J({7Jav7yLETo=Kt1^RxOtJs`f6Xmm#g5uQ4>Tx(0yT}*
zY>-yVgv#$FGdKpeJIDz@2d1crnUG4m8*38-is*}J{OlEFb;u6Vx>lhqPz5rE^?ZwE
zAxsSx!n%ql1A(R4Snt2QskI!>t+E&;rQ-kj_3GN%(LcyVAJ~Bbx~wFuQKSXRc|!6J
z<>;h*nkWR4#Fg5OPWiB|7hn|D_k*(Yk~nzUZmtqy#<B$}Rk~Fb!ElnJeIRR=1pXI|
z67Q_d!!ut0UAt5(R;6360L?e)?rd$Brwtj2j1#M%w<2-f98NLY=iqRvDe{Ska#uz1
zEVlAgw+`3AYELFukipaL*n@>-I%H-;Ks%1hHZ(-Ur20i*@huJu`A04npaFAaxNgdp
zvDQofQl_GksH@I%iwcV-PVy|7>0gQwkcZePGX6+AK+Id$jAJidV4XJ_Yd7ve<*;69
z_ix9cQx?55?fH!Bx`jWA&Ttw9&e6(8K|HVE;=rqM+VMA54X>xD3-N;>*2Jg6Zi3N4
z_L!*;;0!>o-u2_?1BWK{PB>OX5dsl-6X!$@ED~U|qPEJ`nNFTD|02E@7dZitQWPVs
zBz;E0K05$;6Q^l44Jq(79~d@xMFXX)!qE}WoeUbFG%LrAba%!ddNqYB_Ch)zSZGTO
zklu%qCpFZc5kMM%P@-}z#@*=+NcPpFHXbEh;f=cH3_-S4Z0fR!O%LhZRD3RMDqN{i
zuB!zKWExNyhl_JoIseZFq&g^aP#C_sF@xQSjQEUlL9(8}h1J89d>e6sJkiGKt}1OF
z95S5I)U<q=L3rFjv7~RO?JxS%G?FV~JsD>IXcSt(O6-!{A8*I0ty11HTN#;sMd=2@
zvELJradgp7fIDGP)s4fAWcMo_-YY3sQDv^+Fo=Oe0-{?4wbVv<8fXaa=W{!+3zbj4
zB*S8i#SFd{l05n5Vk8vI*f>TLIno#=tS{7*Eg#4%jJTnr+mLXFuKb*e!4w%<<1dWS
z#g?W>CsG7@eYY`{3K|-15{E&rUb~_}CxC|(J3=v7`zoO7m)Hd?pR{p>tm4>X-xH%%
z_2H`W1ZyivC(@qAG@bG7FEu)opDerwccdY*2P)`v@=X(~6MP`|eEBKc$kh&9B+9K`
zt}v;>!D?*CFv=x5yaDREY{pR$!FXlC@ZUF`+4|Zi(WR@W8ApTJuhryArJ+)3ppUjI
z8tTASWto#=l$3%eiXQL1c>|bt>GH~&RCNb(KlU)<xGUn=<2pE|@^TA-#K%|q7oKEM
zuWaK(ZJdG;kKw7Tzr|DgKi*4EeDmB+O`9Kh$>vcjl#=a5r<na|WrN%jnJ&=79(0~w
z5nhjH`xz~QGdKilaW$zR)R0)JsrNoGpW#9$#9GuW;T9p|Jj0H;`DEGCcEMYEE8zD6
zr6=kvwba4k3#L(0JYBPbcSMl-fS-b9??iowB^T@nn{ncCOWKY!7=n3FaoyIuHi)!1
zR2W|%Sckz%IsMPj82+tVHxalyyLG;3`C<eheE5{&f%HwXG{T;y6k$U|z2{Xxwo(2h
z0eoJjl~!w&g^ok-8SdF$6|S}*4rOUUugCz7U3@66nfk}nnl-IY#VD7<ZN7IGNmMeg
zlP)*Te;QCj0M${=saM(<<f2iWi@1S_4kW6!!H8mc-GR_k8f&;#{qSgDqiWp`>XP85
zb7+9eHfirei9x%cwBd=YSYx0+MvnByFW)h8#C)Fb!bQMIbs3;`zc7+0)P|IBGg^}%
zzv>)Q{4VrDctQwYxBx0P;m|Hd(sfR3K-B+cI0~gJus?v75QvHnXY%WGed1;^%CA9L
zaXEMb?l-hX5;JehQ}=^Xa@%N~8(xbvHoR}!;EFXQ#(otpVD_((9pLc+WS<^3EF~3?
zSaRgp!@ved^}qO=EK26t{p2Tr{QJc_5Q&?U!3*7i1?k8`L9Vf^pCi+rU)d8g<-Ja;
zHNGO7V$6FbY*eYP;<v%*l<59iFU9LH3A(z8V+g39qyL4N;{Rl$gG_ySCLm3y^2?(w
zJychi!b&8R`OWiB#8fhv*1(Xwh4szOiJ)bvB;nrp4-*M0x`tygBzXHxKfpo!<%fos
zPy|twV*Gw|9Hv;(;P*-m_9j@7gTbAr4622(P9BMLv{oLEGes&AY9UM5EGr>v0Y4jo
z(fp+cUkP0-ZR{JIkqo5<>`Re2<Wq596b336oN06@2I3{UfFXzq_2#_Yn8S3oC(xkC
zbw9ZV?A4cbA-gO<7L$y$N;s#JswCm=g>gh|v8d)j#2{veyfKLKnIb<W2^BcP)OxWb
zeGn8!$otGIk%YSpi9OjEjL>lipnZ4QsDVfvSf4SF(}drVUZ{Ggh_^<be1DuYAIi+~
zk3dmMcq!E-ipYxeCKT^@`OEYQuuM|}AY>-nXS<!BnG)djCD%?}4Gl+8t3%k#rYK$=
zdsA4o%oYTH$4cuA{x;TSnWP!d9t{<eBBWL75?ER!H&XUie*|4Vucx6*esAeIsxULJ
z)%-Bd9g3FECP>Qn{8kN^ceBYS@1(8!x|#92e%FljT{<2<t~&ds;AR1hJL}Sq|7%yk
zY7!4y?vi>4mIN|$K<GCk4vY;EeJqaB&X;5gJo3=Ph-||XD$A3s-T4!N#_PcIjlx=a
zbzGJ8Bkb>}!E)?49OzBEH1|~Z7*c{(nx`~Q@b>DG^Px4R_;*$B;GI^Q@q*lNSYny6
zSS9b3%!MCWP@I^MPSxY_K$L5l{VP8%T<jeV48AoJ*mY?}1z$5NPGoyTxF<Lr{kraV
zINtJlMfJg?<`$aqFQoxLREi0%523l2TwroYZ+h~dk?Yh0)$0c!x4`3J!aQjBt-}f+
zjym<jG)cxh$Fj3i=eEXE%<WNe;SF*_|Ly_T+*cIxwXgo1W}JmgD{1&h5eVds3e{A4
zfu6U%TE7r<b2wF{-FdYdqsk9@UTEkc+%GhIlBsr0%<W`3s6ovGyjxh)9e6<80Y{4P
z_!2SMj|lfSOnyjR7-UDmPiJpUPv0no6Qa*UEI>mQr?##J)@%Y5A}uJA6KLOA%^D$l
zAU{LD)5LY%M8~$7!k3&MN@Adal9`bYn)1e>YEkz~zlwp#Th(?Q1qsT8DQ!&Wg`SX8
zV}l2`T;$$D`;4zaZo>6q6AjTAF+QZd(1bjY+_?XsgFLIP^U4Rw6aMtKJ{Idi-%~*>
zN{w2)H!p0l9~rAvvge~aT@m%kK@wq*i`0pPD4mO!34a~DP9$EqhbefUJ&JgA6?^Ov
zk`owQs(_Ghn_K@~4>oiP#sq8M8J15nfYpx!XKE$H@`*sdG6<6flg1|;=c_(l3L2wM
zo$REG$S{{6RwOyZ;`g#MHODuCKPEV`o;i9$4QJT{g{xR+Q@))zRMz;aI|B(4C<#Je
zC=AI}bWf?wuF><+DAC%Ur>IuN%Zp=GB@3P0ykZN;oCU@91ndwVUt*xQK>o6Prc!0m
z?qQ(Bm>sGn4h(&a$YBgtW5vm2D6~U~*uDfs^zIWa1q<nRh!V>~XN!4!j>H@XAz1%7
z_L=AC0r;C_&Cvg?3jp~~s*9Ym_97`jJ%T;aRP+{%l~f(qlE7FNjw%~pQFxenOj^{q
zcl{SCIRWQMo|V#}e39C=dIh`K+};nDLmq<DTOTknP6xBxNhd&%NAUR=j`tLsHznZw
ze7K*BYYlrbG*pNX)*LA-5BQAGgAj7kZz<p1Dmp>QrnKQjIp0dG^&y;HtKbi2q@!K?
z!{5YG<<q0ZjWUDm>0Yex7jTgY^&jVR=Qo+dE$(F@*v0;kMdBX1y@uytlE<}2Adwd|
zEI4XRDOVa>e@;yTht5Y1o8?o0+06tI4k<}A)QFiCG~oXSPhSBPRk;2w-Lj;FbayS1
z(jBsNcS%Ty(uj0-cQ?`s2+|;pk`mG(-AePld++^!GmbjOu$(>np6B^x2GI4`2=9S)
zhHPJ><9eH1H409<R{nI#6Z0#6w>!D6K!(Z_TnHJ7+rg@G4o<i@nAc=f%`CQK0rk@W
z2<d|X45$S3Jo9=S8C`~f9&f$KOs3DrJkAtizAgB8*;(B`<7uQffmJ^lq#*w}6|%LN
zCW@Fwfc@b9(Rul`szkTwmSA`CRcq>6?L?BbL+20Zr{e8cEuewa7+i3rfI}%&T-+>N
z+Lg(bT<TLYjh->ZYYWCXo>Ye?wXZGmmRqThV8lNKNT_&hq+EMj!iUI)$p~MtBLeXd
zHo`IO6NDfh;ZF00+)x9Ut{ZOG+$5e*0p(QGExF=GzfQd{!*fIkqxEpIdcQJYF|7bl
z(crovM}wN@QU(eqnf0aYK%oad8=;d;pUpE41Fb<vq#-^4HTkK1Ddu;WEeBvZW*;uT
zdF+^38p0^R0SY$9LAKPTXS|TgE3-o5fOp*ovqb1LkH@5hlF!Y1l$Z&EaZvmr3Ppg=
z!~DP=_wuh^&u3$~XPZ6Q_}$EcMGpN6E!Xi0WPdNfZKnj7Cf)^x^5d9d49pjcECleg
z0;8_5j%6(dzBa?(3(?v_7lW4}&lJh_`rWcnh?E-e`He(&+i8w`XZYE@3npdtH>3)#
zs6tAK;49xtL}sh>S{MKK_N4ajU;TB|xT^F$tKF|ncs}1a#E+s@*`Q3=c0-k7()K`K
z(CD@A@%GON-t}=>mi5S&oU_|CI+n%41{#^<Yr<oK3h-(aKH1H!>m!qxL7Z{Tc|n^2
zgVM<&vwlNyBGhVZ%?*_%o{denMoR;29qC*YJ#o&|-xzRYRgO@r2_#(6{6)#h77z<n
zI|!0G%aO>&chE^h#aMM~sw-lypW}z#m#JhFvT1hMRK*sb-c!EE-RZV11vDKQ+am~e
z`r~!N)NLF3Ziv}0k!6OlL3LVI^dmn1=+LA5XYUOgQf|LkeD@2chtM`aCp*a;dOrN;
zGbi>FP;S~gF%%*?o>XJ&TB1K+-BS$m-{A9uti22|hosMfD`YwwInFp6L|T30&7rPI
z*R%8vxb^#g5fRI6^aO2|SCy8dIFsAhQd9BgOp{niljgmpm#gpJHnQt|(QrSU&ub9D
z3Il<%Fsfb|X1PgvDYgZEPf7&dXRB*GfC=>4Ops3|ajhuB@bJF)DbN27V-jf#o99~L
z8VFO3_hzcf8chA&%$^->K5?-pMs<sqcnE<o^kh@p4a8A#aTqjReSZPJAj>&n-FTBy
zgfD@fYqDh$ur{pqTEz+p@hb5zSHdf_;=>@U#c*sW$UuxFE)AlU(-xOUyYJ!41djE(
zjviyMZ3z^*i~1u2c1y%-uc9p3Q;sM!@TbxNMB;v^FDqJ3l)OkEX1y8~gl`E7k$;N5
zm)NmT4@M#BiSA~~h#*5Fd9yu8CRIQ}RZ!?^g|oplpbQa&<2}@8=yiHSp1-_C^3z+}
zH0&5`F`o@StH*Sl@6a5|L{Zi)Wp+$2J28s$um<2N-u?@BGwIbwJeT3r03<Xe06A)R
zjHm{~r5NDxi49PXSB*5Shpj_h=tZ-7?Vk0a#FAZgZ$QX`_5SRqN*75U=|Mt!a<Sh1
z0T#OxWpk;(IcynByLcKq&<?->)-BZ}`1M-JCn+3CP$KDJWK+}xyR7z4Y{#E^HC*xH
zc3<z(7CTcY2}<QuRDn2m@?A-~F*7pX2Lq7cI}1~vj?}RT>H^iT;tY4c8(D~H*v5b5
ze)X)s!sm}hpiZvNRxx}<(p>921~i8?_GIYfV9kDUHQQHcs!vXe7!ms<^6dX}(wIV1
z`8o_0x{Za|S#&<roR7`YVb-(l*1VQSlY|YSvNFm12{2#zjh^V@2-IQs*kburfL!bm
z1j%D>eg`bQH7Jv1$%S4GE`go=EdaZfL4wmJP<3cdWWtSLq{kqky5xbY`mS(bO$3#(
zm^Gw$4S2y&CrAdV|896L2_~ojjL5LJ2wg1_ELWL_R+t`2Iz%zIJR<x!Vlu%4A&uY@
z^9p*XS3%P?EYgRqZwX@|<T6?MsAPfM{%Z0El=-#Z;2KvX*@)A{BSmTmmsVFt2S40G
zov1(F7}|M9H8yIlc$d_mtcHkuGG;~d%WHhPR$tu!T8;;HCMui3Obov5kx{Ra3$|&f
z3|^lldU66(@r15H`2rQuN~%(;A~EwnQ$3pDc+xgNqjcY67pM~InPNACExPoPkGdCY
zfT-OHHVI+vuQwvW&lP}(LIgo}=v1|Gb{wzGC`rtvyd8mKOA=Nq?GlC*>SZjJhsEbe
z2ulqEDP|usZh0=wanfR>Q4)5V?=ZhGKMt-$yIqey_(U*ey0iNuXH%&H0A%JaGulTd
zkvzbY+71>2!L*T4UGPhRy&WVSkb(DC+JpqQ2mE+TTEI;%X9wzmcj!IJnyUnmr6itQ
zViRK#_GIK9T)|{|GkFcQd-8KB#q_U~cb8flEA7|8=}DmW$@+ba4|2R)<9ZTERM)Bv
zImV?BrUw~ck6}=OZ^x5}p?>iX7TAte@@xBI@qF>nXE}MAjP8C=U$odpI(~nr;)Cn!
zX8~FmJFFoI(4U9sS1$RpMW(kl?m>Et^aS{v8X4_{J|%@8%$Nz)pG#R~QK>c=c4h5E
zp(UbjQrp8O<A2u!@#t4Q3x@Z|C!bDL*T#G>tzyn=cvi^vUxrF-<8}EAz?bCR=|Yoj
zT>O%kp{nUAg_Y*dd-=poA`_selNvf|;K6c&jaW@t7YS>8r}&?JdXMNZa#XKF%Eb7K
z)KSN+6HY&tE_kXNDWJMP_Z3vQ^troo)xIbQb+g&IvW_9)ky@gEQAg+P#)eLIC#t7T
zw@FAuJ0I*Q`#bB9Xw0A=OA(1N9*5Z;7QCh{?d`;7NB5+DOT*J2oSu~pr<b1s>VUre
z#O3@`eJ+4uVxBzk0Zd>Lg`(Z|=A9#}$I|wFwA*p*gVD`XfBkRvdNBGVGtsMQ5=F~S
zIq>4Sk$EFN@?n1{Fji)X|F^Dklp~mREOyn{M8c~?<sQ5lQU%^CPI@HqSj{otvmqvp
zYCRr)B>Btl!4S6-2IW+RtQT*rfM#INOZN2^0R0L+=)t3XZmibgWLp>>v`pB7{k{@T
z0OWio<pRXK<rF?YGsxMf7rP*xrm&({;kqEoYXY~EB)ldfVkDX=aUid}`-#uh$y#pL
z&ykc9@C}yJ5Jm=L#`C?>@Aa#N6-bqe{(UQL@Y^ErqqroW6YQB<h=4URrn%auHrxod
z!U2WMXoHy!0c4BlCrI<~Nd-z}$GL|7Wr3hguA3Ssk#Sx+#|W#5ir?hR@dCwce3=X#
zSk>GK0zqD5f6e(#Hfe|o*qJoMBvq#hWwC@@*Mp5*`-ylRf7K;By1|9jHA~Xdb(kom
zQ($S2IUcaZ;^LUrV%9?M?Lw!ZMNUy-$NHzjXkJ}dlwSa`kKD}Ir`w21Iidad_#H$^
z7Hyh%@3Adx4JOdpyB~+(JJaK&3#kb&7nMqCTQXQ8!=_sam%*dg2RTw$s$dWu#V*J>
z2ILJ!m%T~2LchX?UQI+({1PhN?&_v}*f{b#yXvan(<H!+B%`wnd}Fsb0SQM$jOPO=
znI@f?D4_z8!{i<Fle}>jY6!@6X9buxHN|lS>Ef{G>cPe{&IEuRDhM`;^0eB9d;?wA
z@aY(?TNHIE$*4l?8|?|fvR-O&Jp-lgR!%$2j)%wMy(}5!EsEzL!HX`1O?MW;%*bIS
zRTx9#%FS;Is&LHAK76O}_!A7TdjSE{#A9aP|Gvr~2vNrPLkL7u$#6v#Qv*q*;k7?9
zj6@V9vXfP*5lb@OrO)1eh&71)JAf84fe}~a4|SMT`6pSTRiZ@1qFa-lKd|l=y{YKB
z{N;_|HHd>NifjY1K(9?f<a5PyK^KV?xTX^>a@pniBYvkg07*6g&+R0@2UhIurW!i^
z{7MAIShz~-Ff2acdDx@6FN)!MLh+h`I{i;#xoPCNvkNZM6)-~+`uh9&IYj@!d1|`I
z#si`5+XYqx?Jbpdd}s~B;KOu_wD|mI+fGiggzKRypn9+U5<SDVi)SWF7Pt-a6m^me
z&@)Fk+t_K^Y1Ug^)v@x~|G22(RA{Xacy=V$P5WIAjPaV?JkO~XDSL!HjlK!!cq(+>
zN1*mv>Bf__dQu7oXFdGe2&c)*S8F;SyeG;9V3S6GJ1&!m%0x|pD<X;kJbm*U2!~ip
zlu{;L7+0hQHNoh>?}oV<h81KXrJ6o+^t;Wnrns9uC%FwC+*|VN)sB3hbM(*yz*kWS
z?2-c^?nUx(I)!)}uX(p6de}|c_5AleJtb!Ix4XhyfjsRiu6dl*Sm7~&Tp$g<AL0y=
z3=SsymyMPSyrVLB%%u&LOaKZ-xG+{>SOjm->klGJSg9O_j8??-(lp-#SJ!fp6sLj0
zCO$XjRB7@@buegio>tVRTE%tJ;SGC2$$z0-Rvl2?JreqZNq+XnPHSFzqLACKg;@ad
zpPTgsF)mAGPf9HdTtwIsOwe!<gQfi!s}7U2gbdoZYGz=#FaRO*C1Q9HX3M0<G5Z?M
zOl?##4&SBaW0me7q<glNr3FcmajG`U`Py$zR6bGN+B~&rP<~CDq;aDn%DkHXjt|eg
zC)Pe7Fo2upiHaEv>Kar28i3FRY(Id$Xu9snv{X4W?6K8v<Gwi;`%>KZsxC3?ZrP|U
z;d9Ugt4?(}GR`m&CM)qY6vFPfe}iGqma7K%hSdApe`UcUGzm<j*onA^khdkk{IHM)
zoc2O%|6-H~Eq>h3l0u6X3Oi591F5Y75E0QXpH9f#?12LzrCM>~mhs1nXj=d|%h3D<
z>j8;6!Rw&1dW!o<n5Y8T4Ihw6#U;WOQ$D%Yqu6+ki@(p&UHoNd(iM<nkSGdE)x(ma
zK9<|*K~4++2kyXOamj-$^RBQr@<r7z(7`d={Z<gQ5Y_1qI=6YrDAf<Piy($UJo}4-
zTHW>Hbvt9?-K~t*B|DW9`5!N0s~zz_1k5S6C&QK3EJ2fzE_lGCnmlXL`81qC3oE#M
zb1X}@YCoKO8ZS66;XYyrO5l|IVJR)Wx{-n&XU$k;_){MmViP$%HYRp^xY3&14Pqp*
zR01=g+te+P`Elr<Rw9A!gH%P1H98VS>G2-|)V{FomcYIKyyAf5Zrq5S=luy#P|l{q
z5bH0wh7{0yJt#^Xi+>DsJz)C0OC3{VXv#&1P@vifDI+o8f$&8m0MNjlUpFi}8hISp
z0}@Xf@C6a!BR}{JC9)p3bOHMOa$B$TTaW(9HKDq&STK2Nkczo}iB&99%i~Nl@vaE7
zX99+dvdmsqOZ4n)Li4_Bpaged7e`HFti6<*==zSNjZB&Yo75AEkob41X>}iaJgtey
z5bEEZXAK-L!WEXX*@}ktVtiJslKcZQD<zkIa|FFfoonz?5HLS_jy*>f0tc$)8@3f~
z3!S8lWLUb@22&3`MGDSga2z_yStxfoSZBOjE2^Eu&;=RBKu~KzF}5{GRu$HJGv82B
zS<0<fEHMd54NffeJY5&|+VVJ1o8(rfeTPAdn~2|QM_AxFdh!UeTa(*emB@G{>kamk
zMUVV}$X`ctPlB*s+%M@L*i2RC#h>G3qJuX|s2Vj0k46pRoInlf3Gfi5Kr-_4bNKU*
z858{Cc@#3$3?8bZ{~&aBym9*8K7v%4dqhfhm4`AM#%R$AL{$DYmbwFVCaeImsNk>W
z4DDJ$GT&UmPE5$;EC0;R<opgNddky<sO=1sbo#8jPJ3^}`HSM0#_>d{Yfh|19zLIZ
zOaJF-k#B^Dd+>r7c7%4U?Eitl2Kn)Pc1fBbU97dI%vR{mCmg|w@n4@MZUZ$xtdl@z
zdLtyCo`~NMiHoHMcVk+H73lKPUJabiopLc3r%Pnri9Z-*bJG)Q#5+SAf#4&j5((C`
ziqw0KCQE{u0iIr(H~)^gz?q~j#l)Y8nn(I2Xi%CzY~hIpYCq0)A4#CJyEM9u%%mU}
zji>|cjXD!L?1%{x?DXi8p9`*<Aoyg)F2~>Sv^-wl%nELibnwUjx)^i0o)t_S2oH;1
zoT?ipDH?TJBj3K5?UQuP7-IS1Frd)letwjhx#(c72CQxikzaCXASlQrtBI7v`W#3L
zfCT!p`8`qq5>BXiZkG3OrdM?Hc4{WX!oA@8<DK$wvpp4|BA?|orq}y<%oMV7rI>6G
zD_$+09w#;3;zAZ3h*4|){sH*pH2Ho4h~!W4=o<n)7_X~^mK30TX99#XY}UJj7zxsB
zvlzJ%(QqlX^hGL3F=bd-UxjCY?b~6H0Obr%oJ92XB&{8cB!By(OhB}xv8<dZCM(|{
zdF~r4E2&o#|2W%+SnPZs<x5a@gNDbOojm`v-1q*3Mo3Kx7NQ0j9`y!GtT9+I_@e*#
zep+#g6SD5#bB-RePTJMTNw`8rM~Udn)ywKqjX0lp!kCM;WJ&;#3#u@b5gnyYyrlQ8
z*>z<XQfElr+(wK4nLZB%LnTNc)YdFjp`x1@9>YMhLlR4t7iKmSnWDjXC?EU$v`;qP
zI2fB5SNjt^4r}tryPSvfUE9frR=kGe9n)g3PkU#5(lMJs6SInq9TR`*Q)5XPQMfu)
z<R-i{LsfEUcC1Dix!xU8Yb&j=G8<Epzfh`a<L$)u^{U(y6E9OaxDQ^^xG>PKch6~W
z^p1Hh{8q-M^ES7sN>^7{pqk6pdW_cp;W91S->u^!>m-uW*)eWh<1{siMp5L$5`%GQ
zTtbRz_1w*<-=p-kSx>nNo85Co>2hpLQmemxCv<JL{5cp%Ny1W;z`&TlM{<`6_L7pr
z5qE4)b&L4=ehQ|kC*NPAJ=+VuLE~b{BJ3}xIcTDx>2gkl@%zha8RV6D@G>^MLU}g&
z@bLZVcb>^AXW9h7AFK(*Tgy!cUnC8>*bXp{Tcz7lwoD!SsfJ=io#BdX{OkS_jC|%8
z{Nt2EPSgtBZx}UHdsPpmp`^Fbv%boDsf#n<AQ7_Ibi^YgX88Di*rMne=P<DNH3iOe
zL#`I{ldgPpIEE%a{!`?wd`;4FB4ynDB>Y)$%ri_jtl)J~Z~q*XB&g5R2X+De*R0M@
zNvYGehd6Lw@+%xwc!o{4H3mZWMHI+%D%fY7I#qKsM2%BFUDv97s0=$;Xf~z%Gp}nx
z@k3t8*i_}neojA@;!)ZL+gEAU?>^=og_xXJx}d?V<1hM8sG?=T<DdE?|J<HEveFn+
zIa2qU<Zv{u7;|dg{!P8_yrX^p^<r9h3D%OY<=0d-&0_j$FPV!i$ka<4qsUA#b0{jc
z5`kq6KbS$H+WdJYpY1Ev{wR--+H3wKw1rgdEZ|nz#iXyuR$u6g!j0Kasy?$c69zSo
zyFUtoY)Ts7q}XZDlT99b^zaQA@2Ea}1i&N^fh_fxL?e6j7p)k4(g=sVQj$yDPBiZz
zJ)w2t4_`a_|1!@4F9QQGBF@6}bCYUFP9dHiJk^NbS>rj>h50ziMe3rGncXMj*hz;M
zE=`rQD5W*38QWdPz!6(ORQ)vcV|XST{$B9j$9G>mk?A$ffAo9|8KuGIB;^i52?EY%
z<6x=Dd;^x>)t{n$+l%gQx7Qb%Y;DI_g&J}=-k`qZid!<3*M<@qc)$X;Gw+!AK8+eQ
zsBE*}$Eh678L~DxaS?dGPbx&gdabk=`t3%s$UbGOmVjw9<vPl0e6?fG^kOFVxOjI8
z$@+9~r)1Xh_tq&RuEMoH(cH1zn78qV>-%_UYg^^?;ew{vhb`I5-s`P@D<zIm?&dUh
zAicc`Ny{`bG)2aA67MYZi!ALcGFyvl9_C9WL)-0UG@gEB^b&2_o1a#wSU@_ffQv9_
zIH*63njY@M;6PJJ(C!3q_mZSt85S!OhlPvcT_#L%AmEdEim+q2L5?ZwZ_B>1Z`kV=
zS3eG1PPG}>>M#Ld1k4K~gr7Wg@RNsk0bkmq!GSR=a$s$J8XCQk9@qaBoHhHzb?4-W
z{&W)QXf&^usCgWtp8<t9lsbqc8J#nQ3(1DQ2MA^V5h^yqDUqo_91q%Tbg57&&@a>R
zZ91&<vWsT&W_f{ZIN0mBFkxb-b-r=m{ajp+C25;8Sr<)|#pBE2yGUD=IXuhcU#))v
zv8*P#gC=is4Zh+A!?xswN5Ycil!GY!tf&4`ltDE=i8!T=$Lx;~a78E02i*?umgSVL
zX?2sKp%EM*D+cXgZ>oyo^L2bAQzVE5lI~teI0a&CF^yKzzX&bg2(r<6btk<DcEs`K
z0Rh6jEa#4&I~0}bz|SBkxt*WA?RJ;(n*44w+7rFq54)<Xe)zRAuX6)Qh9fIkSk&A!
zRBqC0+Vapxni>-wvY=UGB!p8!QzMkYD_nmD1#mZzK-j+fj4`Dr1qifu9Vwot4>?4e
zerUz3TWQ08sXT^8&X-d!4Vyvh(BCBaTvFD!**1Ahqg369#NGSbLG3i-OmL4Tf)Qoq
znA)Q<wN+KOD6QI{h?QbkK*T?O!0%>gkxP_mX2B!H^>^D~jDHrs|Gz0Gp?4SMRze#p
z6?6BB*RLl@v@f3DZ{V^_Rexfq5)gf@M&`d^#*17htg6El{Yy`gzIbR(@R!4z=PG^x
z;6mjGVz85^h#<S+Bd?M;@keST>caLb-^*9d=+3Ho!Ds(PfpF|K2FZEz@i>=0846SY
zL{23Wsu)2wa+K_92#|jsxd6w2pCT`?ytux?mNU7T<Bjp(W-V}h9jSSFJ99$$-h({~
z$o*ti#^0dd#XPZ7C6!3PObK%XBJM;~a{A6!u`fY)aDP|Ta3oA2Q&prRCGwNVaD!{F
zHqZIloh<M1J?_@!&W-Y-<b?A4x`5J{$gn~cf^>4V*Lp$d+tsv{;tz35C5B0%8lNxT
z>?vwiY>rh1>fg@Hy)|tXYw$i3)Ni(~0+%H*QRMpEgq9*SI(~#}n9k2oKu!Hf^!&Ah
zko#TBw9mR?g>gqU^pm=FZ<crSYue9`#yX`O-nyZxc|=+*nsO{HenXi}8ZICVNFb3h
z*KlIb2|c{hmO7b0U2$U}4aQWqz+K3A^DQ^tNyGE@W)`y7hlon~hFvdV2%CXle+*pj
z>KO17c3Jcn+6$+FXi|+%8(BD<CYQx@@UNF~G%@2m)oxaD`b|A>7Wd)%i8R9vd<v#K
z*r9c1MEz{8H$PwJgSBxGD9}pS6srGvrQ{=EHBZ8*kNeN0+EOzD(Qq?dYbR#dl?i)t
zY+jx>;lJQp(J#%&x@q!NII7YzA^Ug4l;?jR<22W*{&M%K>;7yf&!0un?Jz}mu$_o%
z*Ms2po#t6+JafAZHyNXwR*0d}V7gP>kk`&8tTsa)6*p-suX@IhY)M;jh`imU<IX0F
za*Ak=Fxu6{fIdc~MtMjz)83ake%gXQn;97LWb72%Vy$GUNfpQzX7TvTb$C4gO$aAf
zA5wkV4=tC}N76q(YC9gz<ad~M%$vYS7*6HL;?y$F6?a}1)tp5B!40OuCmK((1bbHn
zzT+k<bBXQ7Bu8(3|9xBhYJ^fLSIXvl130IYFAkT$Gr)!?us9%_nh4lZO|zjbW>1aU
zJzc-KW0R8#dVix<FNH67<&_VvcP*v;;~)OcmmN&(==%|BbyA42>radp+BLC^^PzTT
zvfJje*yg&1b}&1$n-*B9Ol8h&4%S=RBOjPPrFvO8(EYGtF6{efP+f@YyCQD3nNm#d
z{d<A+<0&@4hE66giQeJ=A0vi{s6w4VpSXo|iBff&&hoaF5qb%d{?8U1YKH*R#SDh`
z7EzFaaPzYB5HuJRU*-A&SLGz|{Jk6i>HUS<pM&2YEH<k}cqJEg<R#g+f&LQS4|ksY
z6M&ih%4t-5>D6MurmsLY_@pMK9+gH-MJl=+Lzip#N|0S)EJs8aBLgnldqm?}J|_)<
zFn=Ie`EdJ*43pr@is21hWB1KNuY9V4#G7GrNFnpb?H7t}2s#GBB)2;NC(u6kNib@b
zPl48AZ4JFD9S-fOK4}`8G&C|LGD7~Jtnut2_5$%SZl%N5JGpMdcDCQzjP9L;p)CRi
zGm1jE$Z7z1m_CTFE42dmGreUM(_j9H3_f}8#xNHa!!Okx-`T1GZX@jaoX;j2pFO?J
z?bxKnr65r_p4TyqwaKDCQVAWd-&7iOsRo3q`U|HeX25F9OwjlbM$Q5g-2B(~Rng=E
zuR8rfV80cx{_iDpA*X_MDKAVpA&s3L=i6*vxum)!gD^Tam6%ZyeLM-`+vuHA=QTc)
zay3%hlQtlMz5fEx=!=e#CCfiQ3KXgKHscRO?yU7&d{gv%rnCP~3n2RUm*ow1q&E1s
zI)jT|I02n_)E7YroTMZzq*tXZuinLHXV9?Kwa0}?MYArWP#jgz0I4j=46F0f7imn>
z1hs~2FAd3!;oKnck)M{|HzSn`<;hyzYL{E|QC0HjJeFL;N(od409DWX#oNM^j~+*6
z^lWQHJD~Z)y*I<u^<s^&2#ZE>_`p7un6Dlj1!H&(8-&3|BnG2_dQi0o=m2PUay)Xq
zo#NM14m~BmLLS1u)&Mo{WSfUGgYSo{H8lPtE})cpr2~Kf4LhJJuFMOoB1()XM&Q$`
zX141}gD@|QDsAF*LDO~R=y8^*0X~unHZX9)OTt+o@6Pud3${K@DI!kiCX=y0YPsFy
z_39i;F35R=wl@sGHazF_1=uijkoA7j;?N;6SR_YC+el=yhy2<Ha?u<pTa~FeC+FfP
zK`nOIpm*(MHb&Dzi7C%JT_Q#eTN$_6o+h*pM8^VswjBEWzthks=5n64f*UftKj3i-
z(%cJQ-c(@$9qcr09Yq#9*B-({h@J~%b$flC2A}Pf4z5^bfM}Xi*ZBR6ICa2ug<*3|
zC=Aa@HlSVpjkKq>eO_LQ(ra68JtlHRB)NDLqh>t*?u+!nBg;PN)hjZc0LzrwRL)EH
zhTETlzS&$jSjg-WeU;$*X4^b$2ZswhJ_PM6_FEq9F>qXItl`HYS+0Ng$~X4yzUD1Z
zZY#F0o#y;<Uw+!)H|L~Q%oeR}`M>|1AoZj$q#J1DH7^O-X|;gk6XRL(v#WvCtbmDW
z9DyZjVAxbr)ZGK&oQg=@LAp4(<X7`8CoHiT^+Dc*afHi_IJwX77_gqwPk^);2H=IS
z_+SEvu{sGz+(e;^k)RAthf6Y0&MN}etJhUeL@pd1OwfWK;R{U3=aO@SJI`h10xEXN
zSQm$}Boi2^7l+*0+nC}A`mgSe($q-EU)>KYk?3?V^?76vvs4&N&;}q5Km`%`l`CfM
zW&o}-ilQk>T!;&O0SD1uPVEt}B0@NV`6W9D+4W$cu)gqt@5&CINgPs4<3RDi3o3$A
z5s*;JX}IlzZ~q<FTD?Gi1yrtDDDXki?)TTvHbjBt-HV}aCy#HMf0yR!07Xh7_`nZ=
z#x(24hkLR_>2NJ@!abY{eGg*Bl#iIRRTr$uf$f88l)VC&xMYuh1P7v=C~|D4dCChN
zPwIl?eUQ?SiMp2e;idv~WGDfWnQ2Py;_34%<dp{Xun!H^x8v!Y5@d==t2v{b6N~6e
z@8^u|W3PbBWf+*@bF?a&?J_(mNH)Gnh3kw>GL%?f4lf^B;Z^^R-eTLFv1V&J9*8P~
z(XWCd1HXKM$1>sxFoivf{`l`;zDNeU0GQq_{>By*(kc8s`d!6JE|tsd8NJ38B()9N
zn_!cnmasv_KEIVmx99+jBB}R5rzgOb{z{1WvFxu`i|Eq&r9NSe*t+sGHziF%K*}!~
zGjLb_BG;*~49SrKj`nHh?AsTtt<!^K@{@#I?w_N{e=)eMzU;6b8TTvE-tgHp709_z
z8gaDyZ5i(S<-vi!trIAC_}YB*zJOtcoqItNJ75(;y#*x@wYW$ci(>?_oM|=O^U}Gn
zpZTTcXYQaO2JIi6!pCpX#fl&0nv?}m5Jc@x0wi|>g<Sp~%=5{FL+67J5=$35Pbj{h
z=th-(R<jYGsC!H57=J*IbHW`V&C(zIloy96DFqn&z>9Ao*Rit<5l%pXCK|&u=p10I
zVjzxR<C_%A?$l{<At#<v@0XXwQ@uDrjCMw$Wi-;Ee|n_Y0g+fQ@q643J-i%YgMZGb
zNI-QtY~%?~Zdc4sK)rJR@5VL1w}uH0>llCQrY}bhSCrx~G#Q+i+sR_%N5Q~h<#gZI
z?w(9!rN0NbQwx*)7481>M&@iBner*1Ftw0T6_mtT*Gr(M<lY)^hKJ@%ePLXpyd>Y;
z1Gkpe&w))!stUlP4Br1+sh#f{Yzdv1-Yv_k!HSv?yRCkB1VIQ6R~x{bv{e|ziI2Vv
z>>In<d@raE5~N-~f^HqMzu2V-eXQZ7=bN0n3H(-gNWG~z_6kv`{DGB^lSEV_cMQiP
z&Ye_=EN;XK&F;90$KMTx=54K0f;#V5)o{Jk<y12(z8_7srih-t)&yjm|6Bi&8eVHH
zf1$^Ax2-?*;u;UY13tBN`k~jV=R#nsaH-X5ulzxy{@~Ns$3PEVg~Kr6-P@hKJ@&)Q
znKZs}LE{g%_jMOu?oH9zf|{ALwG3EkAE?jEqT{oi+3~0ORnvJ)2PV>M=Vv_o3&DYf
zHGP;35KG)zpQBcJQUi<qq%mmvE64<rW%G@TU%(x2o$N;O{uDf%Dfp#?9)lZrB4!wh
z^VH^yz5>XTdaEyQvgZflkTyT`_nDy9iq#G_T^Db~@D*Jq(UUqEZyji?SXdaBgYn(>
zXH^?(PSfJ$82^@6abE#<cC)wo8WoCSukDe4dpZ1Z56>qEJ?5hnbXolv3O#Ex03MHc
zhA=nqcX}8(F2r?G9D!>2DWd@WA@{EXzG0<(xzFH+GBK>v+H2lpOp?DyS#;*$yfhT2
z(S9&i$~~Ags1)$ldYkJLD>_vbbg=ME*Qs`1ONT3)w!emroq=^GEsj_v73*zo8GX#H
z|HVk7_0-&=m1k#7!$DA7$xphM*2e??Hb-I%i+jG|j!X)10RhnYA0hJJhQ^c*GYSj;
zp0h7{JTTMUh;tsdH)}jTUL96|&9O%L*DMfuK0#FY1CLLTi>&6R&$4rAPl8UbkfKZf
zFS#lc2nXbKhxJ^Qx8ajObBD1HE%hoPy=Tk}$bZ1&WclOJ)f+g(PudKIJhFj!_h_gh
zA5b_jsJ#+7gpU2v0W;cIA?mf%02I5s+37dy)=1ji1UGUgAfYuCG68Q<e7DkIt*rgK
zpos;{0%S8%!%*jCBT!#dke4UuDy5kB_i%Cl8n|GI@x?ks$Q21hlL1Mom56#=4^zyn
zPqJn6lFC~+nbE13s!sB~IZ~N#@v0(hS?6s%2|Txc?9SU-CN{SEqnR_sU`Kf@V)Wt4
zE>3i+@f%?~Z{FS6;_=(velO&_47kQDKlkvn+PBU<&D~$O`ud;EB9p(~N_y>YnQLrj
z1}^xs{hm`o{kI2s*OJ6y7kI4urHlsh552Ci>!ZuTuX?z|sZLp910mnj^qb0mVz>G<
zQ1?n6-q6RS8T9U1pj%NQ=&YYwQ@0VWQ4N`Z^*?ut*}hr^H$Wi~8cYYC7eIVr0<rnc
zpp^Wh?iO$&+zg@-$LOZR;l<sA*#~ce)zz;!PRVI~b^#NmhA>8P9Ein<PM!`v-Hs{I
zrvcQ1EuE)nh(bY1k-CCCIVOIV33p8%ova2;YKOmAnwKs=IvO^@Iv!n{S8*Fp_mgZ+
z2nji5YdMlj6SsfWZ=AuxmZeCDLLe+s<zFw!6YyVb#mWj!FL>B0g!oXV&N!>3oR5zc
zn1<{r0ufR)s4`!Mgfk$5Xo*i|5>dX%(2}}|A)WP{VwzHNJ1*Wu;+dml1M61<ql|C$
zzqvMIr;Eu?Ib}s|TPc$(CJnw^uHhg=9=wyoJOb$zBS1PdBbsh&n!g3gliz~$k6{3I
zGh`EpJf4drqB_S~jce^hjeym#CXy@}k2ywR;tiOg;UC~747E%kSlsKE=!wsXfi#17
zBona57k29MmJxyUm=}(}sKp<yiXgda=mdEi#zE`Rr)-f~AnHiw;qF}RJ_p>Qs@g)q
z;=e)J2Z&;c`{Tt;Yb)N+V-4CL9VO)OtLn6Q<<OMkvR%!i*SMcD!oQ%d$sdmfHNQq_
zd$C_8VkS^yr%wwo;U-6Boa2hpWj-7OaT?<V(Q^7RoUP*&aOIMWcJi3yV=0sNooeaw
zII>u7pWd;jZ4Pk&RJzRfZa3|%$Hw2Ywf3|b=TeoStl~rIe|ZO*-~cv#Gheeus!)J3
zB{w{yo1^u4&bKb;!s}oyKLu*@{CUwUhcbTT_K#2As-fnKwy<w6VsYRbQ5fCyJf9y=
zjmTNVfXA5$ztzeV7gxF>SN`r(y9S)#a|V5T8$`(Iea7zd)?aCH&5<zHH9XKXzJn|l
z<$8;Lu!SL4qdQv4s3J??tj2?96Sdvo!k5=SX<78@@}a<+c(yaa1($gO{QxVAwA7R6
z0G_9|JP9toclJ8fdNi_8#M(Wf+_saSK?X881#ki#taO@6Z=UEcwR<&Iz8_?l`Ky5)
zA%49{fK!BJ>*-HlkC|T~+J<2-$U7+2aKmbQw?n?B(2b)Qgf`k^N4HhU#+6n|k(+#%
zW=eaX_nN66)J{Fi+vnICS)x7e=rpJlI|&~peazPS<k^;7Jqe?Hvn=6f9oh*smV1>=
zv%li6`to(8u_o-s!<p$8_kmVmWnN<Y8?Vs|=X;&6e<>J8OsTkZjoc%e_Qez)+MJ4f
zzgmSteT&03zcDw5O8IqsXiTp9%}%dIrrdovUqg`_>1w%wf;1NQu_sdG@s`*^pp`~r
zuz&oqxKVXG`OBIe!ZBq?784t8%dX{MYIH_U`=W40Z3cOG{8ogcT7-dIyO=33E0#^Z
zMwQcf1$XIO23tu|e|F>mLYx#}PkdcUqBE|~QESxN;BC?lGO^x*RccSK9K_^c5)k+^
zdiRFm&c&lM`taF~PZN1!u06Xl62!&ou>8D|46Wa_ZbDk7C!B_sgY$(rKmi{&9y%d<
z9(@xJsni12OD`~6y%&v)!#-xAN9jT*X$W26qgSal`F0`lVao9lwE9&fqHe5#aWJ$|
zq7RIZhJKRhR0mUKaUY%zH9F4oGCb|kr;X4S+$W8)bd9s_kkr#Oi0Y074H(pUD&#*!
z%I&2lu_-Sb?&=)k4(2^1Dz%vDrsQy8TchbijVWCP)1OS#IlrDDj{TBBpIRId)9T0C
ziq#MpDdkwS?v0$&R@D4vE;9f35ch^6GCh~V&_2)GW_sjo+Rak!Z^d2OP@?|E=CE(t
z@bW!c$=h!)&bCT9Smq#+t}aDS@2y7u=G^#%&-gAih@i|+Xs$&3K>KAWEXwtOTf*%U
z(6rW%snw9>78+PG_g9v8*q*k*S%)~0r!i@6fj;@>#PGXJx>j-o*<WNKBt_|T0$h$k
zD>f#$Q`B3Em%1y`(_r2p9eY*$6e#yA3SNg`62YY&nFyhdoGPQ#cGRYOKtqg-W7qMF
z(}+1<6y#G)X?qWdh>~N_ZS@z&M}YXR`a|<3Z6Htoj4wAW)4@TjD7vZ`6iCiL24bxE
zk$*Pd0X|!pF(mku%TeugC2V4HA<i$|$ddMX1ioT5t-2`}<vG0eR%d_1tDB=^O;P&K
zPde58p*1>rhPJ%I?1`q8;zH=-#+56Gt5f4g{>#<*;I7bMGges9?uYe#N-SkSEPH2^
zZvq`-&(I-PrR^T{K?oFY1UG=})Pnqf|2iOi)lflcMh}H)o^l4g`?Z$>qUkD+Gt^G0
z+&RG=`Auv7D&Ov=hIj<mQOqqFI`GW6hn4z1H7^4K7sQyhy{vfI>7QnB7UIrPBC#B`
z@mToK5qQ|<uKX`TlVg-6hL}H*(fsRIV+CRK;<Qg8Cn(dz@!(eF#$za+OMpVSiZA_u
zeRvDB?rQRu0#Djk#5gK)w%h0+^j6T|C1M3sL&A7gqJ0*j;94GMcF5q!^+d~ml0k*v
z=}mO=>FCx<!QfKiBjiccbX&9fx!p;$UaT(#9K0QVQ9GJjJD={|<ea<f_pPNjuI-;<
zPU_2dN3q^e9Wbs_CwNqnHk@CDauIQv7{U3zT3AUd_A8R|6WW?ZBAvRS${vY<X@1EU
zX3-wKbukEBNWXw=E@VcAV<0Vcx(vk1?eJSZ>wpGj3cNxuwE5SaSJL|jL+J<i&|6ZP
z#IFVSoXZMi`#3`%pX|C#jm%0hO9O$>D|G{q`G53syO<r8&wR;2l7P>Opx#^mO8owv
zaXasZ+3^KuT4gqhd^p*ie04At{2OIQq!M~7v%?Yr1D{0NRf0kOmiYVsq9G%9&NpQ*
zZ?^`27G>It;0*^_vz4rb4+&4$7*SP$ISw+&hp|z*+LIA~y8aUeRM}cv0g~D4RBha_
z`4-nA8+lOf9QFZM5=p<eZ%E0PT0*3-d=HqqOM8K$Im;#yy)43@1?b3PpHoDz2W^{S
zR+Zg3ktByHnV`BoygrilDXdXOrZW#GC4@5DjfOEEnrteNHCRB_e}W<DwY!i=8V!U9
znZ%(u<<l0BNGZ{nfS9neWS?*1ic_FRGUhm}JOj8p1v6eosRu_TUiN$a%I`Dh9r~N_
z!QHH87yAXzd{g2JMDWIAg|Gc3;W?1qA!#SsIBx)d7^?l}TM*<gh^tY$#4IUR`<`ST
zGh}3B!{nQR-WCIg%LoQH_>hW15hz2@G=XusXk3mD7*2;0__58*BolBAPZ<&6kYuSS
z=s|8?0%h%IK>9TZgi>1TzbiDEF0TgDxblSe%ZT^MN2&sg3u?_F&)5~EF$cgX#Ic@u
zskgp4j^njhsm=CH4H$@ab2I-NP}uUl9n{X2E-4oUNls4J7#ref@+ex-+HYwgFIg?Q
zU_1}d8|W$18L^uxEy?&4;^^#|Vuq=r@M55gPA>Wf^jmNM{t>cy&}3+*=M-!pmVyl~
zDW0GS@YI1UUw|&e-41w^+B)Cl+N*%($Tt{>!NP0m!62$V#=0Eaxs!XH#zhnd&`3%S
z$^%vLc)`MWXUPX4@YHAvJ2Dk=uxgp91)IN%-4Tse5P#-SL2We#hN&9YCBhG8bsu!v
z!=6-qtbU5W5>ACv@XERUG}NYv8I0^t4I-v&A<y?AFN*6Rd{$4oGV&sNsQm8|q$Xju
zs4H-XcVI-zHWpVqOp=KWt&((-cNriZ!sZ+xC6Y2uTl0qfJDs5fJU}&ukCh@;^4Bwc
z)T>WC3SlHY<#qpa@W9gvl7GFGQMX@7+QySQ$aJVt*AzwPVMNEi@RE!zco*^R1&3)N
zBc*hn@5|TG`9oJ90$IoVInHlGene`&_!#X#p2Y#8HbsvB7j{xZ9r9ueWM!)G8)E$v
zIhrV*-Qt=+I64NRn`E$RD}cK^rFe~UqA~7P%)Su_b?nK^F!L-Kqj`iP%~xcZCOyCi
zd;LH#^peCwYWl}EAn~c}0C)Kvs7{|(U3}U67oEwYXPS93P5W2g^#fEi>h7COkuk8f
z@k%`JBxUq^^-_8O(FD|Mwr<LrTXa1c<gN9r2$6|^Dq!&n6)1QC^!VLn1On?ON`<n%
zZ1iXGvD1z3GZzWoQg46MqBmN~Cb=-7lcCOHXX;-Ex6ps0MdFug)qBZMLRXBvct$xH
zEQaCQtHfqSbX%k%t-slhLG8iaR0L0dDA~cjFb+5|=RJtbLcjXZ>AWHa#Q)KhRPCn^
z1@YR!U(M`?`U<ovH1Lk8Rg7RQJZm4zclDY>;|mw}w*a~^{BhT9I%ohrGum(j4=Va2
zL$Behqs*ANs~d<K0IC{8{x61}2y90?QO~$$ZM#1rAiYAMPj=)exA9dx0~YTJ*SgNY
z<P#P~Y+`T1#g6pldD1zFA1BfBii3R1N}dq-UHbe#cd4`TPKDn8_$be(WMT58FU(U%
zvztc=D5K>ji>CspZO{$P8bZ8F)r;gZKMh5pTq3bzQ)a%9Jh8xvhz3D;DNI&fW>2uq
zxd9o9<JFTC>cXr;PFgomS!WPYh}IMQRWf;1R*Ga6m@!k9;0ryOzI0uF`R=d!B77>i
zV}Ml`=8<5LGQ^7HOK4(LRJ%q`j~yH<l1FDYh_2E4*1A8?TVk^AF_}g49nqYJ%drAr
zN&!k)Sv&_ijw?Em7)3l+yF!cF*F1rcGZnyVayS+{>b)2aDXrR??|eSDe{~FjE77au
z2NCHtt5b|k`Xjxs@uAp+G@p%p7X7ZKQ_m4kSGPJg4V(2W`|lHP1+XyVSs|A?*a6cJ
z>h>5S&jC!&nL3Ci!#iX^6F--RbLW$blTx{_3O7<<Oncz4Cwob}`_=HXZG(a*L1?WB
zr^;Oh^+uEgjWVL$OtmKxf=(7SwL3s?tq^1o*^ZexsGXnd6O1fq2uOueC!e5xBr$)I
z%BIVyJ(llH(-a{oYAz4#v4Y$u2f(BJuYw6-UeGtnUk4)90jRPnD_r_`e@QPeHwogE
zP8Z5X`8#gFuZpoA(I#$b()2TFXDtaJM~}i#l<v=AAwT~1M^oB!>MBGTnFxnr*2b>>
z4hPx$Xd0cYxfYNAQHE!>Pdfi_FXYf7B;}lvu07dB$M+u`-Zd{Y;bhl19X-X3Sod#m
zJE@i+x&YZQd+SIO#si+^5=b1uj~_rt^H=UQVh!}4Zwrh9D4Fn@&l&86-~GuqchHfN
z?g|g<I^~0FI*K@qS&!<G+7u!zbZwiwdi*-w@8>2<zsIMSExUICgjVU<Im2s(3LHrS
zHI%}El7kn81BM)P09~e_FFc}#hN%!=O~(_VO3|jWlEuIMk5Q=dnx&5l$-oyCID{_(
zS^~@fr&yJU8!T>aH71eq4?7ftzYrJSX&NXEjg9G&F_07p`I*B=en}ch1{N06R6~$-
z7%?GigTJRVJAhzKmvlor5!F$@L?WZXVUF`Kx!j&CnX9S*R?iv?9rHX!%DDac-2ml=
zHaP3LqIiXN7Y`~oT^ws%9Ui84|3ym3xv73VcfTsP;3&A(g$j)NUw3BSF$?j~G9Jtd
zXwsVNm%q?gpq75xg74(B_@<e~HHkDOe{n@%>Z!?FQ6>(Y&*giObrzTtK3e=bf%5Q6
zSO33D_xtV{Jlc026B$P)Mt6H$Zu06<!Za{6K4x0ydZS>9_cc6w<#VOUuH)%P!{YrG
zuX7u?Ts#z8(j5jGY|GeEOcZ*@@>Am(qho2rVb>Dlf@)-YkxEbcvDuQZW>+5@%zIIB
zu&k^TALmi|pYnR44qf#@diuIZYROPtiZ>ZW$QF|tQqVYL#zAT$zb~s=t|*YPfEBeC
zX;6>V&ZrZSt|rT&MB>LZyS9dX3MZ*{1L|9wqhWqt=NYog+yd_Fu4gQK1ZfJ7CheYg
z66j=f_7C%Ke=<_G|MEcmq?xZLS%_A3!T=>J%zn0s3WzX~VZ}jG;6zvaq!P+J=uC{@
z=`NAWZqx#MIm5lZ<K2~PODcCsvhMaR_)i_~FmA3i;7DhtR|yG+AmYIc=c5)P?Hj&0
zb?TEJ@m9{OH?GouyTx_g<?fV<=m4tWy+4=e4$@&*#_!l2fjKpvLdM2FIbXlw;RbBj
z>Y>DHQyU5+tyzH(V^vvcLlA;AWy!<a9~6o|fgICD51xUuc72GgJoF<ku<uB^@(Cpi
z5P1}C4)v;DKYu8<;zk*GotDCbdQvTe&nuJ4gj$9DmWA2jB+6VusT+HKPA}^iHo5AG
zB!rOBOHD+JuBpI?4nnGaR=>)QLo5gi_65&I$q*59lR+=o4dh4**iE!A1QSCY>9A`o
z^||T81_P0cBxbc(U5m8XKS;|=y(gG$I%wpw+Ff|hvWYDNeb3W)8to%vgHGlF#qtx5
zkjd|p9{3c0WoQ*lgpAd94pi|aAV>%S39%x`U=oinws`GHxg_;+l~zTeQj#YNJm(Qw
zO%B>4$3@hh%>p|Cg<ohrbs#IDH8oc*3$Wcy!Hiujc>@gyEH~knvre)|`9X565O$~w
z_8mG+ot}%?X%|s)7KDI3TpjmI$RBe&)R}6Z<@%NY7V(L387_!Pu(Kv?Dsz~*g;)SQ
zj+Wrs8%!(ZFx!R-yX?qN6lK$XE9!JvdvZFv2f0*5f&#MYci%0;H4P~GLd5EY$LSXt
zEfQ{6P(B!Gv0l}~x4Fu4YNB1>zQMafD6C^Z#z(pV_WWY+7o+soVxLFJ50nR<HoQmv
zYX67V%MAPZ!LSRV8OAM0oA`l7d}r!oi`cxC{P-wMR@jZMu5Y1$DQ#)j%~ipUp=x=J
zLp$?Y!8$VX>RvWPW>zYOy$D5L$;U({)q*_)Hd_J9AcLx=KknbZ8Q(ZMy%3%ATY>*L
z6RMp%_x|D_wBtAKXT0M(?vWwdda&@>|8tSZ(T||t-M2@FWXIoZm;V`Eot7PaVxVeE
zTQNR>*!h}E%Kg|H)oS)yVefu6D4TyONI$JmJhWX@FO(2!%UN#`P8y`pdmN6HqTlX<
z?Np){O5NgPj`|b9HAfbDYIGGVNYK1f>oL^-HEDv`7qZj&aN`hFB8TbP0WpB+Lkdu_
zNz4i{-NZayo*%Qnps2f|$3UuS_O(3^_9EQz{MrAH!9x7s8G*O+&mhmB^dRQG>?rE%
z3sQ1aJ7&FM3x1g%oEJ{?(^f0{_>_Ts1XZimfzOA8(_3j~BanP@j~71M6K^)@QSo{G
z6%}~hch5L(ISnC-dK&?Kq|m`uaEB$*|F}}aUdJYYx+jwOvX(IY0IWV=o6UM?#%HCk
z7}T@W(`MRRmb0F;XfrD#{573vRr;3X&1yL@^INR=&Jasx<+M*OE7iAYhF3qCoOUC*
zhS_bdsJN)z<6IpQ&B%R6x9EN-l+P>Vv+l>QeoMHcW3vcJ@47`4py<%M!Z*r6sefh%
zVTYK8^8}^fOyGB%ix5M76AE}W)7N%dTKKi6&zn907tmj>JBE|p|I-36&Ne03lDkpz
zPScF8#v+Te8`Nb>4tB?2uuY8iw56L}>21X$Kxnc8iI{gFP{GDk9a(n%J_^k45LbsD
zDg3okfY&hw(ov^8^Gp<r<O|7+6T2BiCQn&KrWXy@c0mMqwMeM#B3JX`tm;?iIzKi0
z>z(G6)~PmZ7hfhj47bg4!U*WNe!hxH54+hf(ul=Z8rne-5#%;)=?aa4be?wEN~O4-
z*?Y$N#`T5QAQ=qng{yv@nWP4+q=ur!_$+W!q{p=b#Wghqk&9A)%u0<9J78die~g$P
z-!3o?py}a|mSaeK4i|A-OWqg9`N<`@IpDjEpx%%r>p1WCp~6G0BJF6O!4_vSuL<(O
zBj%}XKZ}guM$WN~4KfSNV(TH!a&e5V!;oJ!%dKjmq}c``+`Yo6GyyHVcT}z+>5k!C
zdP}RqvZ0dOY8fFbtzRYzBlh7clQG0F6&U;5aMvI#;(7cj9mtdV<#iG8y6gkvo^VYf
zi%ZMP4XH9<d_zz}-m#3kiD`4~%1iuFjJfD?z1p_q#?@&)VMoQq%NnElO<`l>2e<wj
z!ziaFK2{QcFxhaqdXdFvJ>^1$APMPifewf)ttw49@ndFsPDB2xQ2zvSZt01@I_0Xn
z+yTW>pKrVyF{LlfAoUNKe#geEi?dG4bVSvK5V8np_jkH#7X*g<_Gh-9VVdbh)RU`)
zK~H*hy(B{|c{|Z_k7P58Ig*D`2Ym?l({^%w#+SnCbGu(gNc`>lxS=0T#1r_e+s~D#
z*Zvel>+nU91#<?I1TNz%hxTKfz6rOL#^ysNW_N|O@M1ZsA~XM;>oShsz<Yz<6E_%i
zA}tDaJ|yrZ?0ZxgV9Y|ow{JLBj)2bdB`GAmY#bi%>LJI=yh`}SDcYOkw|Ba>OpU1P
zvpJ-HH2agl2nZJrDe(BQ&ZncG%VQB{Wf=%+blmPzwTKx{uOhP+lNkSXhe<8z@dQ{}
zjBy$!t6&EaaQ#kbhaG+UXW|pl08z(Clb}J)gktf#`n(7c$!usNtFHS}tzDJcI)4>N
z9i<!_cNwy}-r3F^M6GF3Jalw)DomC}M{H|_dC`MT%z<tM?uJ<EnpM<(IihvqLM-Be
zmp*^l7lmZwX}VsXuDPVF`)vm8(Dk@H)PA_E%8P&^FMK~s=;23KI1n&JFN`X|ofTD&
z649+Tkt^>`3~f<pkw}0_$|B29QzEx75`6Z1-6zp(djE1={q)J_yVatJC83vS^9ky1
zZf7%UpA~v(ZGn^W#ZWgpKTb%%pmGugJ+X%?bLJA-aY;*kq5?s?GhZBiIRh4iYtn3c
zqNZL+5E+x@N3nK!#9|{$c0%%^wwWxoVT0=WKoBg5DEyh70$a=ss-(k66twj>&o^6|
z1M13TkNciP3}sowRbB16zHScIbG;8tC<3Rig+bfk3<LhXe|5a)ToS*slxks{L5wmr
z0u_F63)BPm!HqVU3_0@%$?1zARQ)MZqCo=c9D;B1^{eNZP3eW}9x<(4oDeIX@F2Ee
z@J{93xLPtKFnX@oP)2k`>x<>>06XQ>hg5!5C-#v%ZR`NX7%A1IT-CMc(xsZjAxx~N
zGGs<_zh*AF{l6*n@@dVxz1=V>Z>*~kx>^k~{^or-`kUqHd9_si$=n#BeNF2&nY=G2
z5gsJK6GA=yOy^i{l6tyND4x4#)azS~+en9=UH2MZL7{;L+oUHO8R8yZ6r(Cio}K%a
zr~1uD4|S(b@EU!XoT}+3k&g}itxAbv9?5lF8%l?Atyxeqn=s(_(3W`S+fFIj>bj4z
z#pd<<pB!3xK}^V!>@(x!+p%}0cwP23GnLvlpPIn<u_GIj?j~lUXYf0l6)~Kg%+;T{
z<)yiH5iKGu#1D}KYBsMZDifSZj`q&uz5UL=Y<AfyJR43b-{#)L&>vKNuVWg*bHNp5
zBMYQ08Hyb6r*7xRK}f7Cjqv`tDdvgWACn@Jx$3tcH`-Kq>Yv1~`uBMe^^ao3|Gf2&
zcqz9;td_FuM8Ra$4iJZQLAG4oqw4oIt{4jCES%22RgrsW<5{NreqORn^|L%h#JNvZ
zN(e1~NN+0p3BH!zhLvj3kl%^C<C30YF~)N9^W9IcDLq#an)`_j^-h#|MNZv-cF;;S
ziDJB=C~9}Tsg;%S<x7v`Tvf+$Ge0TsO+ZRae7l@A6vx8M+JIqhHRV^k_*qaU1#2x7
ze5_ih?aS-d7(g@O9C-OYE{|YU|2torrxHC*d|R$u1bSc4|7-6%gQDu1bpZ(jhzwZ}
zkT?WEa*`YciIN-?g&|51L83}d4oRXUK|l$Lhy+oPoDoSP0xCJGAW;QL-ro3~^M3c7
zI`{XzRoAkn^vBHJd+lD`z503jX_cFK4%Ypf!kWHAlmaiw;;JWY2HG@pb)IR@1}tHR
zwqI18KWU8{Sq0%JU*IJA&F!yW^&KF08I7Ist4Fp*@;Lvdxg<!|NqIN`AEXpw*so0x
z3(Osr{5bvM5iHfVGoQudsKLr8l@Q{7<sSp;y<8C~!$K2}j32fM3hMbQI`n0Ibsj0b
zCT3M305vvuFu4kXrTj0YP*IRBS{h9tpZX>VdxTty)APf;M(%OqJ<EvOiJAB5$IlDr
zk77PZ7eG&PdGwuoXLMOio1nS!q9cu~#4~xL<)&n|$QA>wlz<IM9M!>>m=mYKOYcg*
zk1mA9O-v7mXxSQv@G3L{opQ;XlI7+b;8A^SQGcrnx^4S~0wh0rh`-G__`!FgGHCbn
zWW{p99`#~<|L(!d&u*STD)5008y}NGJr5Xx;p3m`R=2Koo6N>O=9DB%E^zZuy!C@$
z=i6MhV&~>+p7n)o$Uuc7q@R@gezZ@s=96<|yaVbjH;}G7`L(7a<G(&%Ke=tmhLt6{
z^0=8Lc9AGmN|1|#Xq{uqw$}L4%#h{#r9Ex?z?S;2f5vY$w&&!v2|O)7N%(}$X)o7?
z?7MFxjD}DmCn=t{jaPIK>3B?SsgDh#4*r+_D)&DD_@A&bYNsBkRwIo;K_fsN@P%IW
z&npCK$2zls*U>DJHOT$QPSvD=a>n8OCWx0-1J*lHp^V0&6C<adWRNV82ytv*=}{A$
z1LU?%JP$!@-Js>}*Y4i$P5peixdio|Owu&I2WO#q(WA{pel}KO*>ebb25rnoRv2C_
z`kf9&TOMCTIpTZTI=KtBw<d#Dfw??~440}*Rkh}fklJ?##(buVdhQP}qXA<_N5&HJ
zTJI$X!c?eOxTLb6ykPvutIe{9oDU2a3hB4hW4TL5KuK#1RQgL!D_Ak}@jdW+Xgh%q
zUIPyCYY;m-Q*u-Lnc|H(?c3~)Q2Skh7x8MBgY-(k&kxd#Z8kB>1`4$>LBUJ+eL%nB
zRtm|jLaN0q&%097@O_^TPcQg_2&yPy^v(@-@A*2QZH=-8?X6?l_zKWR@AtE2ymh~6
z(`uxqZ+z>*ckLsD6I*^oLRJl9nK5R)5sp=-oPP0HW@^RXw{%df++C@?M9MdoHDhkf
zH`w*zYY`_4Q(BRv9=7$Cd)uL-Q8av+0Ii%ChZCUYS_6dcDn0Ok$-f(4Tttx;Fx!W8
zyy85q*4y}J|N0ip`1r&{mk00rS6PJ1?-J<(TBnBnUzaW|SFUwrhLWs$bh0@POSI*$
zb5U_M!F-`bx9Vw9x^(Opt6N_Scs=5xK6@&BS?oJ`XYEFhSSL0JBvMCVar-L{pv`%-
z<UX@9G7U#xNL><lqt}MOr5W~l4e<A{LU}!E9o<kisFh!-Zq;CG;J#6}^X;jFN0;JC
z-KIfhzUt9+l5*4pDh`BaDm+35LJP!ND40c0-ul8>E1eur8bi=p1-;46f4EI(Jno_i
zX`BsYr-^G7QY}#EtXBUeXz7)7c>p!h(S7$y^-+bLFOT$(W&*YOgmPeAl%!*}cPjb0
zvE<h#Og8BKZx<T78GZBPMMQ>DS_V%K2Aj&!;AIKJ*UqxvY$Lu(p&HTeI@z85p~38Y
zJ4;)JhheYJY)<C2az}prFZ}%ZUyM&mZkzB8PJNrx&w1aFfV&a;x@*dwjJufkE8VbY
zO=lbf<25~vjC27%YaebL(1Go_sGR)FLTT_}Ds+5#k-lW1v@uur>OX#WOthHj&NE#x
zKoOzDuzh|qOed2uCi%^0;xv66np+;xQ_g}r2n*N<JVPNCUSf(ZL{naEjimau$CuZ9
zOn%wA1s{Jxo%AV$wSG|X=_(0~;>O=UY7_TrSPebr8OL$Q{@6Tp>-g$tN|qnkuB((;
zOMmUox$~2%g@TAC6vf46!#zW3E<Hr4%TnT6mfjp4*|LrmHGW=tx%Sg>bp=HFHZJH}
zJnAQiN4<Xc=<I!?O2A8MK%ydDlbYm0ElBWY*i)&^)Nf6=5OIB1!=Kg8r$SxC4vM-Z
zW6{p;H!oH?#QhY0m==w~tJI+q#4>6KLSHbsd}5pI$@aH=ANpE#x=+%+PuFdu<fi@1
z(N*$qp#vuulLQkZb$A>q>hL$GpUBF%j*50tCh2IK>Nh7T;ix=WJE9n3_>^K|m5J3e
z<Q!#ac?Rt|V;;@&4790&FC^HChcQ{1w+CRB*GeF0djHYO%@Z!TC7t+=Ow8fi&=dPr
z*)|@H4825BnkbI3K({6da+>M2R_e*N4X)kuY5U9tHunPbJ>_i&a#h`+t|s*^yrq^v
zEc8bYwoPHZjSiEPP~`?gXfUo*2E<In)R?KWY~Cs4*XbWbV4sb7z1J@VH0YPi*k{>D
zr8X&Y!U+A>J)3A%G}+$1EOla{EsYNTd7EMlDG|+z2{=h6AuIHax&lV;mI(57QXDGH
zl#v228Y@Q3aoxV-w1{oOl99~9W2IcNR5>g$=f!ECv>(=;uEW+Ar}8kb`cwL7Lms22
z<T^5wMz1#vJ*lsh|5{zR@`_B#{f>0s<o7SvDJOj?C$20%$k<G}^sBwQVt38WG5h3)
zpRO+hQUnt_iYCkzGIJuM;&ofY?~Om@Pt7;Pw%W1tnd^0L3yJGEs69(!BZRZTdh{a|
zI`2Hv3&$9fQO|@5!Htae7RsFdP)WXpVf;FAj_9dkTl$8W6N+bfJTJ<yB{b9as%^Q6
zG#Rel=Hw}=wj*ONW=!#qB1lA5l<7+@yYH*Usy1<&qlrivrLi^E9-;V<s_0j)Egw)Z
zbVR1J?CnG+byJ|B@1vB*sf|)oy-{#Oyp`5(6sXt3x5ZE~cu(w%d#o~}40nkg-mrDF
z0Vc3?w`mFaqc1ssD7J5jf6ipiQTMqEqq$!en#YdHgxN#hFazLaRQd!}{45P|l;&)N
zfK`xBzK8An$B2aFA2W-@FOr+aiQ6yG5YpiJ2!&kS!&<yYJ4@Du<x18MR?5Oy(&bIV
z0)CY#U*MVG=rCdw+3zW_yApJ}{Puoh(B{a@c;Dtp-PY<$eJQJ7O`{~!>oy|f1gr%6
zLU}gY!|~7gQ#t5{`G;%iy(zjWl>dzTe11l6CREEOAB&<&ucr$>&nr&^r{~S+N|o75
z%<ades1??Ng*nQlIU~tp#(VGO_7_gov+Q*}Z`kP;;z3LM3y2JIuuMsJJ<M*g$)?}J
zceS6sSN@O+h1T;&csjQuXSisK)b^ur;Xld6UgD=iQEFMjm``n2RrelU#xtSpt2L|K
z#y^EBz|q_{d4a2qrgc8}$T87rvZr)Ho}=L{p(G(>F6ls3ce}y9qK7|&62wkT?X-;z
zoP2wm{5)CAiG{N$wdyv`2S#US-k_7oJ>nZVKN(#=I6F?BtG~>u!LGp^&TlivK}0*n
zM#=suk|TsyfG{>-`je1CHKXSX8_I|R7DKEFO%6UZnBi6VWkI*s&ruo~O)k&t9ae=J
zY@L#?tNJZ6_e&&!Nc|I9C%-ovT>Gsj52je8UDJn@dW$dXX{C#bsd6dxE>N62jS;Vt
zjQO5w-2EoNT$J10-K<2Ew@Bn83D0dU0Y(mMn~}t9)i$m%wBJCn-B}ebebFmA=&Sy^
zk1#_VFKp^ng2$nfc_EXrrr6P>Y@%nCpRu?4qv^}3cExDTAc1Elf;RUA`uw-2?_k`r
zd_Fm){^WOCuXDey*3-oEAXGL4t(MgUyn=i7qBaI<vBxKvs+-YuX-$m`7BbVB;iKx(
zycBNdg?`;^<ao(}Pl->SduDOPZ<?g?#VyETq~#c!QKy8&1<UDT2Ns_jDo*$Bk?R_T
zQoTPdZaU4VnPYT)X4vlnZzxr=Saj%5Di1fjiTbc$iB{cHMwn`Wioiz&D$L33%zFA1
z8qLae7X2!I0$$gi7*82v6lUGp-?sIzOsR7x(owkIw#3H$8Zu$BsYHav4t;fo1tt4A
zF%ixhZwN(p{VC=7(={r0O#<&=Ha`hPi#hV139^rfkZ@@DsCVp5aMOOq)Kp{kH5}Je
zKwW^{%7(XNqWTH`YRz&Zeg}cMId&6;aH5_ko&pM{=|3vNm?A3V%&%nOeD5~o_rA#1
zaVV#xyMUR{YfI1CQ2ef1=lS(Wl%$!7ZW7r13EsR&S;^|LsX`A>kISrTT{y>?Giw$f
z?#Gt+#@Tb`==!;Ik+QD-9&`GlR4zPcR!Y#p^_A708rcT%M5<}~rDv~Br_bv&jGVP>
z<+^iI-9F+b8<D=|laAS;&YEF{chPaG(j?>t>@u9<BR)$CG};n`3o<>Q&y^3ya&5te
z{r>rt%)MjpheQXD+X(8K9u#Y^ToDB{{N;<d`==~p$VHOJi?2*%j6hx};;K@qo*bh+
zE1{65w{uyzv|mlhB#YCJO+>#T$xcW88&<C)fS}b?IbVr@cj4eX|2&f#LzKkw6izNe
z#iS>S+T+ym3&a=gF3{m9-<H@6b5aD*o3rr@ni_~l5$O+wvy2&b4XJmWC^;&43VcG)
z22PWaYeGapqC5+COjR|vi74s0Ya6q4P+89?pnAO|_^se`KTrcBO7*g(<~Ub=t>^ce
zox`8fnd?B|YklxM7upw`i}d$qc+S8i{HlK`Ng|nd&bYA8v2wkpu@jI37-MAvcD@#s
z!W6esfIsZNKC9ObtC31Q1@vIiWZ}?*ayn@s3cpQI%|iP>AeX)H&SU7r5>>@<BhmQz
zPmk}`;3X}ONL;1}e1D$S(f?$GTuo<e_Eb<h>#k|qvNo+GI`3$6+*DxtATHW}P>0V#
zs?adU%}E7#B)Ssc`Q8)9&|PQKY?ALOrm05<%BJe^{h$kI{fVCp77f*rieb^K2_R5q
zluiG+aDuO+^5L<G$!sNFHi0KfQOv3XdYCWE(u|Kd=s5>CBF{5naj6DEna0=+`bWL(
z)ps;9drb@~ROoo~w7B$fN?#Q^#g25&-IvokPNI5e3+>cJ{sMLhrC(u;{_(AMQXAY&
ztchDZ_nF#Cb#CMC23N5^<WX&msn<#OIdE=7(I*FMKn0I+N;EArLy*!dbbv-ZOjAaL
zN`s{Wo$xEhD<5k%b#5kXNAb_zCMJKa0yo{~#%L}fWKRCzjuhb^K5Nc{`L?&sBaIJd
z{X!(lxxTO-+#)_>$CdV6yEQyv>E^3K%We7%);%;$;)XCWXWO6b;D~hLWCyxaJY&OM
zf+0&(7D^~d9dpv1yO)KJZ*Ic$Lfj0ifb_?C)qKv~BT7qlB`O4J?&^N(JkuA)C=-cs
zHgN8GnH-hF8<-wQYml>(lKuO|JHr+7$gX{wv;4~qT!U+7%LL(9U=q^FC1xf0YB?u9
znVbg`={~88#Itu7gS)keoX}Svatv+zvaCyEHE5<@RL~ZVKKN07?36TBS9*kYScI@e
z2tT%MZDLw6CC){1RbEJ9)Y>LF*jLGus%_&jhD!UEGGBQBuCu>cDz=6;)xM|E2WBU?
z;V5n0?#qH2n;^M%exi1ArM9~D84X6p4J>DZaU#hXE-D+Un9a{_wY??WSXNt|FamY=
zE0`C{SQ_d(qayj&+KO$Pf(bDz9BNZ%+J9%&*37Pba2Q<BWDXVa_+x21D9T!vPkwvk
z^m38zajv+2f)MOXB^k8B+8x(rSqU*}{ZoF<hDOhd;~U4&)Coih%jF`RwR>(wH-*NM
z8|%DxB$jIPjt)HYB{xhj*9qn^WVd2fMq7!<-ZHO5F&H{X<Na$i&*$UFV$+YHE?mif
z=Z0-i6izJU3U#8rdQNy~?aC62HmR5QD>a+n5J<#qJ1QkJc#>5dyICHYenr9L=JT}!
z>rFm9wpEKZp#A5lq&0U`4Qj+@78Ke9xe`P|$~0NNg&DPu>VK<K<<f6>WU$B=acF^Z
zF_OezH8pVSeOyWs?xN;m)lDfPto`BmsPiyM^KDy5&n&iNmVG`9&3)iUleg!g*WqVD
zV|6EVmw~PXR>m(ea&=-niaJWBe4#*_l|?B0+|SUXo;Tu2$cE1asy1sdME)SOU=}xd
z(GvdR!LrRvbR>s5j?Zyp?u}1e&(eAj@hcMpx%LVL)*D@%jN8<kHz-D$?oqk$8i#T1
zOkI!rDtG$EGVT1O(AV<shHXfee!|_CTK=xk`SiOY|Kp3Z@A(H(j30Bh9wU;736kb7
zJ{QKk;Hlu0Gr#fu3I4-E8;kU<8#*Sj5!|T-cE4MxhKrsWoVir>yo~sV9ChD?lF-V*
z#IGD2iI{dSsu)M(+w&~4@JcZnZPA=DBwSR<rk1JL*xBxx@ndD5nz|z*Wd7KOdbiP>
zP5(fWDnd-wF+;j(8|aXCS3B%642dr8W$#?!9hp5t|E*2Ylfg-ll9iRA9Mi+Z{E)(7
z1}{Kg@^DIj2P<TSa$Z_J8_P*7p+QP~#<;2c5xI*{5en7o?Jn0Gq+n9E{zNg#M17f4
zWN_-3)a_rcwR~=dKW1S9;ziu80ZaBbsz=CXZxEA_eD968A=#Ixy=kJHZ;>l-&xkv*
z(7ivTd*Wt>4b|yqbtX3g?s^JaR_k#0Y8@5(IA~e+D}SoE6yzgC7hP&Ta40!OnfdRW
zlM+4#3AzBI(^@U&i(9Ecb^UERH$A&f9HD_0k475E$$e5g>B2&^fr|pYJyA-fw~84@
zv;AhG9Lhtm;k-S-2k$u-F;%f_=b_X{7ZVv}qS=Yt58kCp76|R;JZ|(H424*yIa^>j
zg-iHix=01IOR`*_d26kv>(3b~!<~SWQdjljK0u$=!FF;u3>0BMa?CZcijl<}Kj`<!
zdRx6_eg^OLL&nWGmb`;ZRl5Av4C_Jv`m)L_t)|tT^D_yd^07YOSZ?@k*s2iq8s<dW
z6fUM}n^YGWCHS&?Qk3BQ`0SJCpZGs3C&HvFtknK+0v$fekutp1M?R~m{SsIY4qKU5
zr}$Qd%FkWNDc1Z=lc3F=*x~=2JUva9Q;~}+N~D_L_p-s^P?%E;V!Fp&g;p$jY~@rb
z+%#xPJp5HIv=I)v8oNiRZZm_@bj?FkFV<u{qN```I|I|cZ!kEO_28JO-bJ~p-#_(&
z5Qlo3Y*VWk@tceL;ONKu;=V`M-}1dgn`_2W?F5IWcY0K(H%D&rSIg5}h<qc)McK*O
zHGMjAYWDIIloBHNcz>QQLWyh26UN&uZ^7IL3j%GMqv46P4_wUKyNl)m=kHzU>0vv?
zdC!kFfmi=^C@~pZK|8H8)WE+dF2_IpCih^UK_-ZF#hG{@2fCvyZYKQ{eFi|(fudDU
z`Td}4y0=Nn1%-pg6>kyq47z^edvdP1*CtB@!}(iJLpxqS|2HI%oJ7_UA(STe0_EgF
zx~Xhqh2oTSg*}(cyYIHr@=R89!JXplVYmTxgkNGagKuT@_H?nv<hwf=5rG9kZ@1)w
zo(pA5G1q)q+}PquScBoHcDCXrv?(8;uC`&Y#b%!Eojr!iznq^)(!0>9FBT5*vL?VS
zEQ{fX9Q)iw)w?*)X()S^_o4y~T)^iC^)uaGUa*=SysTPsuJelTUCdvbeh|3hq}zWE
z!(MXHG>e3ir-8zp9al3J-YW(DDjFxm1L~prarZ}+(yqzzv7`>cqZplftxQc8a!IrJ
zZ)%hPMi#GxS;q7K^2}PcwEK1jy5xmTE?kV!$lSZ#FlsCFhb3)=!p7{(uh*WE5PfvY
zwbePSi0YH<7m{>OM=hX)Z#)~7Ywf)=dPb?~TH;fq`R_@;xLPLzKzM=CG&5x!mzrNr
zk*q&hde1yji%5Sh(NY^pG1daRes$R>cfz1*CuU64^NxNeVOpn+)!#Pp<9jZauTSC4
zzK$;Sz2o`oy!82=Qib?<_O8+Q;<7J2^LOAQBBk}j6l;o9Oeu1kH(RvtcS%M|M$lgs
z^bCpJ#0sPw`ie&nNBcb{{t&<8lfIm?NEE@{u-@Gk$$f=mW%>8(B&OG;=j#K@JKap>
zh@YfkN%Hb-2Q}c()2+$U#w;%4{bit;&1V$n#ImdGa>}BJ9m<q~VWep+NmuNeZ>xZF
zjowXkqI06)9Z0B(Bbb1Mu!{5i^DBy#7}=@dBV$l+wGL^vsHSZdoHYLUv$`Mf7E?w)
zg~{9Y53Epmm<x%R9v|NQi^Pvav=X%|6UCqOFpuz<PHjF<QY7qE{fqQ_*_}bbs@G_T
zU84S&OrN$;<R?i?(MBcozdbrMSbpYwkz_CQHPkbYm?bnkIV3)+S%)us4%MOLHYV%4
z|8wNN3ew~-0#szm(km7m+qt$;dTx#nZWgu^o)X!~3i$Q$zTF+lTfMoR5yHTJAU~(H
zHOn(N*LONiqWpye-71Xel6vZLZ<+k+G1{yQEQw<Q_j}dD)yfPy*vxSl)<q^K8@mkd
zJP+D`Ds)+vF3IX(BP}t2=!+&}olBdb>?t;8YN80*t5^4-4(?W-hng9O5xhs#NMC_E
z=iAV?vqau4<b2i2`(F)94Rh#p`#$^!7eL8jUi{XNt8^WHkrN<Q!045|$VYg=5W4Yp
zZv$a?T%B5R&S%V{Q$O&}x2MmSgYc3ljk++m+V9dMHJ*+#H#h8L?7Qg~m0KgeWQ#^*
zx@u;sy*N8^^iHsllk|-g?c_gxgRDHV>g5!D=gt;}sQ{B~3{S%?^qE7ss6Jni<khNc
zje^|gkod5tbOD7-7Hgd;htL1WFgJmS>KPwi#^M?>_LuHlS)m-XTlLOIZ2)f%8T;O^
zkqIU9*Dw_QbNzb92{!<Bq(f9p5$$iiWz`;J1XoQwJ0u4yP>p+eoCz;|umu4rQ@eF@
z3x@Z4pA7hsSPQ@NT_N;ie~xlvE*I4`3f;$v+I0K<h660;ARVOhDlzrWTHr9F+4=g%
zh9T?TT|F{F^7;F}JOwpba-wU2S;2UnBQ9dxnh|y0p#J+VvT3+Y50is;7^ACD182`8
zJ(YTUwSHvXEf--CjM+eUnXM=9F4Q&k+@~{iNV6_j1$<!hXrsXlNIDO7_5FTpbzn0r
ziIS;)Z;lzPg9$K<e_C=3*<i4`Y-LaL#i9Y;qj`}>z3Xpp`M}$KYH<X2IiJ=L4p=;c
z;ZirG$jA+h|COFhg}q81CDomKk!Bh#>9r$Jlr@toV&w)&t$rp2C6z`dG>+H1o~NDv
zwFHLb``3^z6SdP`bq@kSwdym}LXLJo^<4PiD5Dglb)F!zSLrfRntcg`VLv-Reb!S^
z2tkC=l0Jr6$m-=};B9$dko2}U7c+~JMD!ZT<uVqT&S3O^PxM`QT=TW?eh&{b({ot2
z8o+ubULQFp^)%%$ox}xbNdD)Yzu}vjRPX5=<uLI$UBwkg&5@<$k|}HPZjJLpjL`O@
zbMScQ1{14?rV7JIv|*HZcc!$<u#oTfs*#HvJ&;YcKYRnvP*)b(ROYvCLx=NM6?K|y
zs8_r#UMYVwk<_=q_O4uqe)gFU-y8oNK#jcIwJg86n3&L^DBGvPtASOWQDAlD2OP9B
zDNPrC<5jWJjIBu>uOyiAkY;$%Q=BD^==%sn0Yk$UYrvCnGS2GW+mnO1LF?4AV~Olz
zJG8mKbkw_$f<ht6(8>>q>)a}J*pAwncY8y=PZ*p=RogS6b-zL9o>bhchfgdj3oYJh
z$XS=2EL6Q>w|<+Ip|Hco?0D(<#&3=}0S>80s~;rX>$>Dy7JQ}3`CiStwmf>1+>lO)
zcs&o-_BQ){L8a7JfyrYQ(fS<&k>7EV!1b64l}0<;4K6ByTW|1Z>p(h^v*86&b1P5o
ztA%P2W9tI+0aTHbCA*5t+jr!1zNOnLj7RZ|0TK6MTfTtuu}})BD_NYoRCEHLj?h)$
zXyW-y=Av7%CTu}m9ElKXusLMlPLoSw8FF+c?)VpROl_8!livxR9OYuP1krKN*N+>u
zfMX|Idii&3oZMx}0>0lR2Cl!XHMv!9%&KTV(^j9Y2cdR%Vmbr$8ff@uYY04VSeyNk
z>DE`WlNqq(%#!Z%BnWdIA-rBrpz6iZN4{>79-IYJelQbWOT)dG08qsDw(Y#@4ccpW
zk4D;1N;XWRco0;~-tQrYCAY%V261JykP|@Ox!I5aVM?}jet<|ruMN2ii;yipam(zd
zEBWgq>I#p7%F5OYj)#Pu`nJ{`p1Cm-dtDw_N8z87`(qh0n)9RWG*!5IwJa$vW_&1n
zvSy9MkrKSwO^-;;Q>x#754K3jelET{R)z~}kKh()0tp|>57P_>IdTLi!~srweqYkb
z*tO)Ir?YE_!A__00j~TzGJ~=9i20<#9W!ZK?JDgf1U~9OBoCnc)O8_=vYc_d<p+C+
z;Au^f{V7FW2*tc#wM)dx?3!4@99hf{+f+Y;bqLYXFmhG<OaO@Hz}(_nQA=})mx2*p
zKzmiZli=%1nwNkA*Oo+fK+|mRjKlqFFF(%JA#mB<C~LEk**(y&csaLkbmcM5qiM9c
zfP716BKbvPl)$yt>;7E{oGZ}HQc@9TLHMCrlaC|Ofg9Lwzp3l}7dh%E%d`}LdhtyB
zz<1#pR`#XS`wsDSoYWbZ3lS3~1+zscTkb|E+^4QCv$@%_8Lh7qh>2m3SY$oHQg`wu
zlM*28n7}p5%|=_AcSVLLDKY&4?19@jx*-8<ZY7Oc^Eq0kS<A~&5*9jHZ-SQ1yh(@-
zDph+IC}*ul%WyAM<BeK(bHv0!yKnbTu4<TG-TEeXTNr?T=}$#Y2)lNby@|MA^9pJb
z+_SUPLEB*#?{<Xl)+xVPz%R+InsqFti`iNN=-0EusC!9z(7*ZOJu$tj(MPBi2J8>+
z-jf_wMxYhovSvh`sIK<B_N_YrowF_EPW25K;YKmf&-N&er8vpBjrt{9+h2yhb@_PP
z$JDD^J(E$NJ4uyCaCDScK+5G_@2PUF1{e(TOtFVVyV|{pkj(TGgIyO7^AXzzJKRG}
z^Uyw7MWuBw2bF&%|0cMwv6Fwc&vLgkO~Q+zl~da0C>MRSW~06zr@JmvQ9UF>@zWBx
zaP-A_XXrx+T8Ko>V(76xXzGYJL@S1R9A#5entLEx{fRPDt^4W&!aZtTwJUvCpOlAd
zHyo1cppU*50Q4fE4qbt7NxyF2%5#Vjep$92@;E+52&zOHU-&RV%d9r{+U>m3F8k=n
zzZ`vK#nsz!8VTh_eHZeZspv!6Iu|w?H?PcQgr_6DPU(I<Y8k%A%SZZTXOF%u^#vvS
z&;8ZbTx)A?b8M~h37W!`wv0=b@zvH0_S3edu|K(2bxV6Y$SBQ9*qON%n4m&oyM+@o
z2=Ejro4MItRd>nc^vF9oWt#2r)xbsefFJL2IM+{4@6EyxR1r_YM##D^gEqGQ7nQ5l
zmF!|ia3qAs2uUa}EEuDFVoBPFHPjbAy2d6FCap&fwD`3aN0xVBm=`$&x!gsSZ^IGj
zT3BrP?AsSk?|WW<WJ*G>1zoqe|66|5daOhMORyPOSc*@^$NIY+uN`B;B~sl~qKmcA
zI7`eJjxH&svD-e%x#0fb73$%BMx!UI=MgMm^A~=3PBsMS9}lI>p-jK!a$K5xzb=@H
zpE$3ZLg%=3baj4(KnO6_rc^lnVO)x9d5c=n-rcKXWK<$jN|wv~Xtab|>1A4{ijyJm
z;m9~5fwmg;{_!;n<S3jz;zvE^=HI#*JT-sTBU}LR-mu=4<>fXFo&4rOGQy8!GjT3K
zZ8Z}U52K{l#)L%%hn`&;=|CszTV{`jm_#W<NIJ1=1m`o`ngK2<N>#=Ltbk2(a93!8
z+JMi43#c9;T0_O3rk!^cSJfEbDm)#<18f{-(PWAl<aoWezZ&$)57&6`^Z7UcF?!m~
zf`o6i5AO0F%Q+!*tlA1nRTYtonk+WSIN`h`<&fSe$tz#{mdiU`k0MRT(${USg_pG)
zSJlHk!i%+up+bHLn@h#YOaG+NMthdMY?+B6CYrF%a1mW7lV0E2B<cZWG5yEQw=$OY
z4z?O)-VuA?^%L}B95gTotD2cTlTZ@oZ;`b-cBfYCd+q@q({{0d9sAnr+t3^R9HsG3
zs?C=(#Nv1<S3Q(;p|?$Do%ShPNk>`!^qIZ81<bSTG<a!_?X{1#2hjVt_2GimwNQRW
zwI2D57@Gq1C))X{toA0y&XYFdbIb%W9El5!mcYn6a(BF$he64U_;u|4`zA>{D%WU2
z)M(b4T?3k|PaaJhXTz}IE0$HnIj1!BrZbu-Wdv6YRKrFXqw`8@-#sHRxrXu4GyNFg
zu-?kmRV!aUfE%Io48pi9rwU+g_Rhv5wOm}>3{=^q89mOcnj$5>+tAJ>G<D{F`~)q4
zGY`aGQ8p63kx$$@8KW)4UmY1QrzLN($F=6#mqe;dBtBgJC4Vi@ruE1Y;i~lfO<ehu
zjC_SX7D{WoFk7Zw*5fKl<vCXJW77Wb^($Y}Wv)NCCh7N<rHx9OwNAb|-mukyiBX!h
zAEPuZh6+>?IO4k&5(e}-tO_g6e?#dR|A54ZI)O&`G`7R~H?2ngIuW%k+cdvPKF*c9
zltY^H^fU%P72Ym6bL`qW$<oQOVr%0>?N-age#+H7k;c7>WrcJE>``)@kMZSx+c@Gy
zf{>?=q!)4y<*Mwo>(fS(Ie0JUORRS+$Bh#pY`r<Ob!hi7eTU3zK3nN}6)~-Sq#`zZ
z;p=P;XGz|5tnzC{gom>@%41b$M#IM)@3j+egoIgiRR&`#?4mL>E5o`BSmm8Px@eC}
zSMppo<cibCEbH)W;GznpaKi+uhY&2cr9A1`AQ8(Lzb(FOgx2?y#+}y-K<P!hplrxi
zOz^@&b~FLl;FTBe4HlA`wJ?-!6>Bs*1e9bN&W!6qr5-^o_3a{a<pz#N=v~4=cET~v
z-7_SNci1kjqMHu;r;HE^@BN=i)eEabV(3o%m^c#=gHsHZI%-Rv#u2FXrBxqaEd||f
z(x(`NwA>?X^*A4|vyGeyQtsg0vYlw(-5*e=uEJi=NEM$y)&G;ZXd<b@DrT~tm+Ils
zQeB29$r4-Uw6<>B)A)j;TW7E4v-L2P7fwq=O3{Q;r%Kd~c<^fE+qrHiYp^I$yN}*l
zdiLEj_-gker7pYDS?r*7z%LL3y6AvuW7iP5w+B^+H`dzL8sRJy@&gP4;lH^>CK$Fw
z%Yz@Sai*P6T_0UC;4%^-s^bp=^)*W8MM~xvzrb}H`&VI?x%~_G-MHlWmP^at(-zR4
z&5LBS#QehJKBjCemN!{%rMBE<t-TzWm(=TBsVIGQU?IAV1(V<AWn!7>`sD1AAL5qO
zR}6l~zxCH-VZ7H?-}I9qBpl0TX3@Ygh&H(aWQmspcI$f9o+X<5TqzOTvCI<7w_J@l
z>dGvdTQaM~t5s-%!rO(H2pDs+;$!IDn1SQ=GD2?n4E{r#zip!4_>C&<XM!ZYh1f^*
zW546{MI6@Lc&mlgC|0kv9h-T&{;|`BzBxoTs9Kh@X^p*bmD~u#-d*m<e}GzooekBd
zkdQ9(No=WTQHwB2m6)jpM*MyzWez&audzH86r0nn!E#_2aQvy=BG2$q-pAVNwZLXP
z*0mT~b#kj<0xyYe7VWzkWTL#l{vvLxDPU{d(GtzG|3~2j7R?wwi3_U^ODCr+xnBNB
z)p}$2-0z?1eUZT$nKxz$Jg;M((X-FAr}Hq`@H<dQDvZ?!S#z!wxI_m74U%BpWt1vP
zO{=JvCg#3TYksVz=F4VoiT>74i6loFz9}`JAwCFEIu+2G=Dt}zB{IBrw>j;kZf1VF
zM@(mtT;0WU`5(KIB94bBS}b!rKeaRDuu3F-b-BdM{n?a7SEv|XJ4{M|a9u8bk@iF~
zmaPosn0F2r(#w@CG9iHw2(jP%LhkAxm6pcpz5j!hW&ViW0R~sQJo9&Kmx=$cHcL>M
z#I-vn=N1bE&;Lr<_v=wOa*AfA%Lpxo7Y?fqMz@Tra{MS&*~{@O5G|UFx;fWLGkd3s
zYxaGoTk}kKT%gd6vKG~*rcjc%q7<thCC+GBe?{rVmGBb`YTTh@TQd!@azd?-sm(<j
zCfb<nSU2Qt9#PM|z0I7Myh#&Kmj7#p`sX@fQW_j{-7fSfUVQ25<ZZtaf(PKH*8N2I
z9cs6@`Qs-7u&=~?r#BZa=S_tlr>~-F+S4-l+6R?i!d<;Q%-vGMiS{>*mOKL~D@O|D
zV}en3hPhZZs=}J>{aMoP6~Sbdifh})N%izl)v<C4$&5Y*8IQ}B+U&w-B!tV3w9myx
zDKCmS;l#tP%dgTf(xi9JUhivZa{M%-Abq4-i7|^_<D^e`25Y&e89pgSCE0>nug>F9
zd;Ue<38ZMcto(okYm&eg9}#)(7jY<xTD27P?LO(x1ey9AqttouOvpi}K(B1Dr)83V
z{!ibepr=^DF@?$Qm;uZ92zk};O#xhachNB?d8P~OLh+|qD9av~T$f{Fs&?JU_C#OC
z+b2JBPyAk(8J{={09BeQYj@ps``PS2?;3i`^ORCHzTe?HZSG3o+=>}9Oab(At%u&(
zNbCI6Bc<)_;EDn33d2Ma{pyp9m-UG?a{Y*-Ifwk{uKL_9v%{suTo&|c9%Xxdu(Q;w
zcii)q&ja_fYT7uNdw$BxuG4OjItnWe%S{!vTGAvlY#ejYF+bwp^s!*p*Jl+Sftp+F
z=N`xv0f6+nLx{@DBsHw!{HX!@>-1j?+5u{D;I@At=Px~XF=_Ylsfe}Ud*sd7s2av1
zV+wPRnMbc3&Neyj@KD-1#I`J#K78~DsW<Z0hkRveh~^JpcA)j5*nG~<ICElqoH!?2
zUF_<^QIq0ipeYy;MKC)1I|$`u9|^h^x`ex8_3Wb59T#e`0MW2c<rBUrV=WsC^<b+C
z-l<9bshc(o*5dkW3PQG{iQL+p9#mLjTVs6{#hehHO@;ojaf`hX8Xr;R)8RL3i8FH_
zi70mJAcdsit0EC=O?$w|@SrrmNMVlqSy@V_Pt>Mwv(n;_d=Bx%PaaZd_|v%%G)K0$
z30j>OTz<KsshZBYpHU&J`Q(l%6NE-fa(aNQ4hYN1w4X(RSV4eALn&Swkt=Hd)e=We
zXET<9<luCj0XrA;BBD;Js3=*<lAZL@2qZGTwe`MdbFX}eEQWnTCSnwwppv}AulMWb
z-?C8)uL3cj030#DYSU<QL()iiJDb3G+26RVxOuLAs92Hk5nee=<aC5AMPQn=b){E2
z3LlKpc%YIO&Y}U^yG(l=rqt`ZtNJ(BM}^u`5>eF}<0XL8T|n-OCHjpEQ72VANlmEB
zI%qOO5kYcngm0H-Wbt?GlwlUjIR{pfNkY46uJ>xt&RF@&>Ul98?|`W$fBl~{08=m}
z??k3KWpxfqh|wx6NYHvXBBp${WZhf}9PJ1COC_pV%{L-f>7gv+I2vLG6e@HG4=sPV
zQ5arrkIC4HYY<6C?Zxc7yn;myQ%Q)9CO3zrTcLjBf19gia`I!RJDyJe9Fe9fuxsCY
z;7Zws;x46fGoIIE33_0NizAQ(D9!UJ7s?8&Nu-bENxsQ;Sm|N;2yJ7@^w2ium5<6#
z1P9J~D|;v~U!L2XiX<^|nT`1PX;XJxsE+tYzVQquN4%nX53Al6GYu7J`1nfP!sy(6
zX|RcUNrR}}MEt#jjhH7KPtrISWCw5V{P;+Gbm2OPCJE?{-vX%G!WuXB1avQMR938~
zN@gssO9am0l{(pPmjqCsdYVj}nI9y$aXkk~D1XO4jJuGqhR(`Atfgvl#DQCx8(qqm
zwzUbvsz11Cg?2$-8};t>O^PE|l&{8%>&*mk(xGOKW@uwI9>a^pt6W5d!w{^tIMWnt
zON!xronjqv{)C6(5=*o}MI0}Tx_V3x(xX>Q4(iHwjfnI|HIi>C{trunzLmXAtOtU1
zD>eG1k=kL_>XFC7@3BZZS3}`!+Hr=;rU%XzuIGcNHsgc#TEm%7x^!5ju$jX@{KUhH
zmuP`o&V`mIYDYWUkQG=)@D8-qlf_&J`g^%+|Md-^Z?i425TCFaS(_ivyHQWFqSux&
zO^MSom#9e^x(UCf!_ATBu&F2*f^m9OU-mum(8Opk|HZ@vte?|ar)T}dcCN9}+{uv`
ze^jk#F740R0!kP;zYSEZAyp+rw#tnAILt0Ab?kp|znam$BEe{LGm#ToS8`JKJ_#W;
zvOw-HMV0?`dpRw8S6L8)9dPMQfh40Zkn~@A4f&sxa!v`)B-rN-!4UAUZAknr>i#VM
zuP-ydeB^@zaszn&5WNtGz3p{3sEN2ihrLuYMgn`?;ivui*(~Br{IM^`O?3}*;K(Q8
zccysS5v)Lf$O!>|;_6GKA-3UFh{-tykVDk|&*wqj2p=AF_FfQtBi7?{-+^NN7~>_^
z^SIvkLPK+00}0K=K)t;`&)htnC&+;RTf3zaCZ}%Ji8gaLKVwWhs11&n<@V)kjL0^`
z({#Pa&2v_dJnC`5(jy`Yh0GfK3|z=Dn1eHY42bx>!wS&nbDD^%gr>pm^;gUYoXqiY
z#AZdKV6}jjxb)nd<}6t%m_9?vD5R|}@j(lIRtWI|wCTr~;2MN9sI(^FAuU3byy&3%
z9$MsI0U`4>jNg2XRGNXDT@3@j#(Q&=C(Wu*+Q~-AF)Hf)`-{qdJeVxqLq0>vt|swX
z&3x*#&*M_YQwUYbX9Uz(FM~T82My0zzq^ki11Mhf{B=R^fSJ}QX|mHf4>hL-4|;mY
z>n`F7@hVq|m3EgUUO~Iu>#y&NYC(87B?<+VN#WW~3&(6TC(F#9?tIn9Z_IMnvnFn@
zDvkg`^9nT5e5XRlB8Ssn8|?uc^>Ne@%B7xA)q7cEIRRoa>r2`nu!x~(aEQTr@D!f<
zfIfWjA|VLJ9kvnnh<4+6z7CxXXwdIA-1_P4>Dk>e!~F(X(_X0gjY9+F>Rp8m?U7g4
zt?1fsZLNF{+*>~z^Yc;C735KW)yw8@N#v#;n!*s=L)69i$4bbiOSnM<!Yt)atr{C{
z1FA9x_<@Zini(?TMd#s?udr(wwaauKBFlM1SwoaDFJR|~$7<c?-P*m4x8opqb?uM}
zN_Wk4P)B7ZTqD!#u7A}<<Y6A_!qR!|YDv){HeyPf4)Q%NpsITb<g;CnBQT(9y$?H>
z+9F_5-fNJGdVNj_xMVkIu1?%q5+12^G^{kpRJd936gu~~Nn4<704tCjI|)KDi=}lN
z-GUb1g6(J#C?1o+ed!r3a+PiPKiy=5Nv|fdn2E&r^XdfM)Joe;iGnP73ozJOk}~1Q
zG1(^XuY>JXSKqaSPLc}fppk1H{Cd?`(|Sz42ifUvz&_@$Jh#!KwDW~q#(&#g1}czr
zZJ>;o#v$vi*8&R&m~t8CvxP&eSO!Cl3ScTGJX}x(BCDYNs?SiV9S5z|Z>6ul32u$r
z#@E1jkq`B-Xb88Pv2g*W;dxF)c3M0p7aXwb_(`Y-QkY{fv2Xcw&0LbWfo(^um<*qB
zrpa)Lg>9AxugRH}rdEOTWC&!H{Fv}r$KjQU5Oh<8ubBMs%BDngd<I^=<KAhve|>Zu
z2OZ|OCC(H6oBDJd6#^dg&Y={Ns|~xQ_D;z7z4lGcUTNm?U!Pn=d_i21rLZTshwY44
zS>yDE*E>xni`1fQ-wC-BS!bj<5BI1}myx-|f45O>_7M2ZJ|TrZg-tzQ;I7t!DDC8!
zFU&3cRz~slQ`OTY7+6nE^Vzjh{~o~%&k!-g)vJ<>V%QVefjeI@4mbe`z!m{UkVmvb
zYWlL}YZ*?NS5NLO$hh@o$zgoXLr{^UbKF}sBN`%%;y#2VW=N}8c!=Pc#h_Y^Szvqo
z?a;6X$)|R_dZk9HK^f<MEnO-XqS=I0&-H>;{Hviajcr)!(zPnHd$Kbe$bGOw1IUH?
zTi$f#`~a=U&@A1%aK!@#X?wjIyAe~nT=BL${pbnlp1?_)7~$f%{3C+^*g~nnE7q&Z
z7_smfb+B-RA;W;!-VojP!S1SXr3qB=ETKC{xPc<H18I7h2{Zh7nc*=%rIacOi)Ciy
zQD&QrjIxK#5#(uwciH4$1DxBS_n31^JS2qtb=I>OtQqUiKihPNmVNLDD-6yL9byNh
zljM>EQ<uY6@Q%2Sgv#kP$S0o|DY1}{2|Dn9dl1e5#L8=|YRB9Zs<je7T=nFQR?{~M
z!Bpx`Tr3pN!@LVqi+dY$=*@3Zabyc23&@2&1BqZB_XiSW$EXlf=uEXxibzssLSM(^
zn13Jum6@OEQh5<_yGfBjmDl+DB14&Xg%z~Cc^D?ZKCgMIQF%D|i%zTkiYjHZIt*rQ
zzCVf=4lPm-{-5;mx$`~5ee$F>0Sr2S_slnbU!Z5!0D9gLI-vwD4~&lU0L1x#1-xo6
zQw=6J1|Hy?-~fmdO<aS1!r`6`H7eD#lYkMA6zDQtfMKZ|{9bw#u<c+owBVj&4qtyh
zvJJhq9^XJN%|XOKvqnUm5v$Ev|K32pMk!#Y8npCk$=LmxY+fh;%v=hi2tx=`jUT_!
z%)JTBUZG?<bMdwXX2n}Co`Tv$hLMEZSapSUO9;W2+#y=+O6^T>vb8c3ey!O+&Ms9T
zJ2*?Q!X2+L_#OIFp0J&CuKpV%*5Nh;lsw1J|Mln^MAdRPLmXDdYLIqBpPxt{{mif=
z&<c#C9~q;hYEY6$xGWge3jYLXK+i2yx%0b+nyCi&ty}CGHkfnNG@j}5Ca7d;W<sFL
zxWqH;OFZrdGv(w#?O(ra`lgCj&8gDr7RytIDJQ(eTr6x@`j{6h+=p-22z^}ZiY@^G
z%{3hjRa2t2+~%KAKgO1C?cRXqlNtnGr!!P|r=Kp``~jrcx_6mOkQK=zM6hRI5Zyok
zj;cHK^Nsu8uM5{QgvLdq?9@5FbM=BMymhLie<}Lv_Uk_fyZU7o<u(z3fF;RKhtpN4
z7Tf+cDGd%0u!4=2qU68-Kd0YxDOCYvwqK^-f{5dKAuD18(5od<YIaw1Oq=6JIAlC6
zaT5#A%q5~CI{NhmVA0n+{P>9tFdaRBD4PtY!hFygQYw~e<v+js&0ZRk;Z-mpk};Ci
zk~hU1z`K@$r7nDG^Hq9OO-sA#3~1Q9T;#lf?4yUUk4z+oUMK#2S$QY~E&-~;O9|E4
zEYCiqPqJ)$4blnhIX9te*aVtdjJ80&5uIu7&8>0Y@ene0tob-_?LJwGI`lvIe({yt
zwH1SE$pFy!TM0T?3>pK-sfR*ElemI2!6A{<z`t-?k891~zI5*Z=TKKP=KlHof2~Uk
zlAq~izE1snCpzS@$HiKF8epos1)U?bVSjnxzoAnpiU8_D(o|xu+gHp4!i|!jsdz%*
ztc6a3TBK&b0z4uQN~Y5<T+L-B{VUt2*XMymknq&RjIH?31#Ngw`h`+djD8JW(OM^u
z|6K!PWDNv2pcUdUh<qW|?vFDgFSmet-0Z=2r!rEBkh5fVr{O~Jmr}x!>00jXI|7Ku
zyb`qUJpy@1nm}Dy0&LHQ`^rHL(EXY45gE7YefxV=+P<MC@eR%dpF~oJiOi18S>`;f
zWKAq4`>!#gNx|LVjE1BTHwKxp`qZ71f$pGK`Xaa)n==NrOvV^e-#kd|`o4qMBMhvL
zI9DD@PR4LGSbO~Q3n$xhM=d~1W@x`7>4e1~3@T6*FEL9*+~sT!L(-_Ee-S#E^>nl*
z-JkVmjEB$1iueWF=TG|n`h|P6kVdO#sI;oRrIZ8_u9wxqz{~dq4_6hztfmd#dki*u
z<42bT+w;kBDzm5706@>sL_Y~4XW2_@+-t7~3_JD4B~4=F4LWf5g0A4}gZ<sl{r(dv
zKJq>13tgfhSA>ER5+0;qc$NHJ<`NV-jg+YfaY8`-OXpX&Xbh~cQHx`fABMKhewc$Y
z5*lG{euD-{N4hDc_8RQo(7pmi_qOPI!4uSnX&hZhXnDgU^m}KR)*E}4tT^@WBOzfC
z<8ir|^zViJh=_^W)kt+&Eb;!FRZ<y=?!qni@WHLPqQ$<mx$8fFP+s-<xe9U#uRfSx
zdg7_cVM<hhc0#Cd!1b9k`b^W&4rysXZ4bn=lO6MF^`zxh26FQ$M$ezb{Jnw(Fw`@z
z{)%zt{p(^lh)|N%v;okin@au-P;oElfvy@AQ9Xx_$rL4Kv0_@?X*>OAHeR_@mRa?T
zPA4(Oh$3+TBD;sb<}-AEH0=)yqn;gK0Q=Vqpj95pOZ}11ahQW6FR>|z+#mKIW&mks
z73ZC2nJs{brWexT%c>gon~T?%o+*LFdY#wkT%y)6r&;`o>)t$xh0f+@)DSaELb7<{
zTgKlJ7eGk!IH?Kr-Gp6eRsA;gFI`SFGC_qDc58hlpy>)z5dd-@wV7|$t24Aui!HvQ
zkS}OcfYs`J)u~cH^y#_hh`=X#L$vjV_Hc2gB7faNqxY~abU*7}yv}HTKGr4i`fcyP
z4J6U_$vFofe;)fFPi2IHr=n0b8=*hE5xfwR;9HD44?U(i$5wCD+Rif&9%{-Yzy;US
z49{+T24{K#{h~uN?m^7>CRy>$-*;ZX7i`pObAeH^V3qO%2h!M8F>AK`h<A|we)S3;
zvW5ka92Ncu$Ynvk4&gVr2_(}kv(I?b4$w+*>O+vwsC~r?A3>(_$W!tY!&M`4i;*hy
z->=|RjvhV&pU(gI2*`?t97jXi{oMexDZU?^|Bh_!Tr?7cLW@fU4&UZsKo&!&)St3>
z;A8*MC&Z9cIN|37h|MmW9Ior3OR!OaclAPE2R?SsRvn%l)Zph$P{pqc|KqlxN*;_D
zpl=d<Y{fetK5hj3d?DJ@TmR6>{as(e5ZGF^FnOg0V)h%z8;bd*QrFO|m4AySa6t|M
zxKW-0z7NO#`C3;<Q^W4c60`(=1KIEy$fa{wOB2QgpbW7|`?nB;tS4~fGxLAsf8zY-
z5#`VbvWmpOT5w^OfM9!8tN9dZ`=R=D5BXY$rcIBS_F%H}oqwKZPGu^J?}2+!PT=d^
z-s^$0NaNNkXyBW7zc*Dxf5{IEzG4@)<2W!0zQ6qB{FLI<PAj!?br3Y5mcsM7L69S#
zNGCdJ;c8CecK5W%;XR>|RU%06!vAw2o_kGjUc3y`T*iR0ws`Bum+8{_U!Q;k)K1He
zc0^<Yd;#rF^BxC{3(M7sdi}EX`SMP7Pd0fUq22wh#y|D7AShr7K#G2~+(NqT7+;S6
z4C86bFUaYrViq|#X3AV&S?JGM4FsJ6Mms<H7&BGD=P`e+Y7Qyc8jN}+{o5_wY08rG
zv;+xX{W_I0mB&xOd8o2rk50q17^+g3fm#Y}nr>})8aG%G&zzuxnpz-0^%y%W^kfVV
zgZItk*xa6tuZ4WB24=@s1AqLrm~BTj1g>5pL78ixh7e5(L>ZtIh(z{!r(v{^FX+$J
z!pP`qn7G=O3ins~ANQvR_t*Eu>*2rMUl_qd(iY-WKF|X7y2Iv^E<c0kMrb8M>7u8N
za3l<;Bef;GznMalqs$h(qgptyr+5#JSOr}(7ipVRP5B5-@jYshIRVHB^x3k)yn4JD
zN)$OngK*it)z(xP^=p`;HTZi8?QW4O`DXj*V+O=f&<tQG4+rUr|IJWR5(wN35!PKT
z@QubHVe1(rcF6=X$b?PJnquq**lG<_UWR`zjr517sHLcek;;YhX{2sM+y;cMsf{J@
z%8RS-`fWZ;5kZO8hT7%>5Tz~ywP75DUENL_?gc>e1>;g7;65wRv@D__VJSxZEY#GJ
z2|45t(sX5jNoBqJs`1Zu(PktJj|1h10b%IVN5a^cf5Y|+C7oFr3;EM!*hwpY4p#qA
zU<T2?h44xluKYoc7`k~-W2%9!Z+Rj<Tef5ij6v4bVQB<^B4hJPxD5o8-fk4-i3%K$
zzWRQyPEI0$();@-Ghn10Q6Kr6&$-h&0ax|VZ~Xm~<_yMe0vGf($h_5nZ_Q{&rAp)I
zON<^sT19DW$*;>Y(_IHk=RlQg;ckCssiacqxM;Zp`m*c_Q{#3!rc-fmtra<<JBWFL
zR%9($_n^%u_i^}2|JWlX;B`J#E_briq3h@x_*W7Gen)He-|j&p_bPGpbW2z*Bcn*Q
zIE`-yQ%N}JX(*p{z#Q~l_#ND2=XD0oA4s8L@pQws4V|5P&?nD+#c`+@eTUOOZKaSJ
z!5L8f7`IQmj7coK`sl38VRd5;lAPo{C3DJuCDw@h5(jK%aC@q;+Eo!!YR0h0sYW0;
zX38II&yEAnX{y-lsY7#;M^L6HE_9!5DG#nQA`CIqvL1CNR$Bt5v{7>C`S4q2;m19P
z&Y!K3=vR3E^XvPwT>5reX@ZBbcpW)p9|Sx;%%=W^1{GHny?Q=j2U3v(E!+hV;>i@3
zMhbw4UW(*c157;Y6SDFD3iB&SSW98b)uy>rTPf$j8vMSk+r{e*zY7btQhD`VBeMks
z5nol#2^W#RToC<l!Do-0UN?U|fB3o8busTQbIsJ^=x(qx>(HaaQW-=BPn?+Un?3pb
zbQd}O1*7;eaUFl}?qByvLk@oT*rk8>yA}C5=M0P4kj?e?FZu`(cy-^T|6@GB6B0u0
zQ(ouaf9bz@aEM4ye9h+hi?96mq~Xv&Ah@-tuNnNGg9yaQX-+@BsK2Gw|DL}5N61}6
z*Cij)c@JZ(4zhp(icft06}n*&R3Li$p(b<=S<Ohs5t0v)G&$vgsr)~ChJzFo-H2CV
z+5)h*k;PXrMv6-RFD%nk#2t`psRn|xBB|8r%M1VruYlmr!fOy{u|ni(;O`s6cz*|!
zF#ele*`fRrG2#r-s+v55ZMn&&nusq$MS){WQ28eQk8yAinb9?g6I0TF>Rp*^%Z4^+
zcp-c4H<B_m#(z-z#|I+s<nQ0V$xxVqF~dK*^zhyPUGgMDh%XzvSmD1J;6L9x{5Dux
zl%&`f9<#s2gMa(p|G)5muJC{U<Nw~Jp89hn`n=C1sxPCM0RHG`8fcWNS%>~F8W8jj

literal 0
HcmV?d00001

diff --git a/docs/reference/api/index.md b/docs/reference/api/index.md
new file mode 100644
index 00000000..05f3d126
--- /dev/null
+++ b/docs/reference/api/index.md
@@ -0,0 +1,16 @@
+<!-- [metadata]>
++++
+title = "API Reference"
+description = "Reference"
+keywords = ["Engine"]
+[menu.main]
+identifier="engine_remoteapi"
+parent="engine_ref"
++++
+<![end-metadata]-->
+
+
+# API Reference
+
+* [Docker Remote API](docker_remote_api.md)
+* [Docker Remote API client libraries](remote_api_client_libraries.md)
diff --git a/docs/reference/api/remote_api_client_libraries.md b/docs/reference/api/remote_api_client_libraries.md
new file mode 100644
index 00000000..fd4b3e39
--- /dev/null
+++ b/docs/reference/api/remote_api_client_libraries.md
@@ -0,0 +1,248 @@
+<!--[metadata]>
++++
+title = "Remote API client libraries"
+description = "Various client libraries available to use with the Docker remote API"
+keywords = ["API, Docker, index, registry, REST, documentation, clients, C#, Erlang, Go, Groovy, Java, JavaScript, Perl, PHP, Python, Ruby, Rust,  Scala"]
+[menu.main]
+parent="engine_remoteapi"
+weight = 90
++++
+<![end-metadata]-->
+
+# Docker Remote API client libraries
+
+These libraries have not been tested by the Docker maintainers for
+compatibility. Please file issues with the library owners. If you find
+more library implementations, please list them in Docker doc bugs and we
+will add the libraries here.
+
+<table border="1" class="docutils">
+  <colgroup>
+    <col width="24%">
+    <col width="17%">
+    <col width="48%">
+    <col width="11%">
+  </colgroup>
+  <thead valign="bottom">
+    <tr>
+      <th class="head">Language/Framework</th>
+      <th class="head">Name</th>
+      <th class="head">Repository</th>
+      <th class="head">Status</th>
+    </tr>
+  </thead>
+  <tbody valign = "top">
+    <tr>
+      <td>C#</td>
+      <td>Docker.DotNet</td>
+      <td><a class="reference external" href="https://github.com/ahmetalpbalkan/Docker.DotNet">https://github.com/ahmetalpbalkan/Docker.DotNet</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>C++</td>
+      <td>lasote/docker_client</td>
+      <td><a class="reference external" href="http://www.biicode.com/lasote/docker_client">http://www.biicode.com/lasote/docker_client (Biicode C++ dependency manager)</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Erlang</td>
+      <td>erldocker</td>
+      <td><a class="reference external" href="https://github.com/proger/erldocker">https://github.com/proger/erldocker</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Dart</td>
+      <td>bwu_docker</td>
+      <td><a class="reference external" href="https://github.com/bwu-dart/bwu_docker">https://github.com/bwu-dart/bwu_docker</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Go</td>
+      <td>engine-api</td>
+      <td><a class="reference external" href="https://github.com/docker/engine-api">https://github.com/docker/engine-api</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Go</td>
+      <td>go-dockerclient</td>
+      <td><a class="reference external" href="https://github.com/fsouza/go-dockerclient">https://github.com/fsouza/go-dockerclient</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Go</td>
+      <td>dockerclient</td>
+      <td><a class="reference external" href="https://github.com/samalba/dockerclient">https://github.com/samalba/dockerclient</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Gradle</td>
+      <td>gradle-docker-plugin</td>
+      <td><a class="reference external" href="https://github.com/gesellix/gradle-docker-plugin">https://github.com/gesellix/gradle-docker-plugin</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Groovy</td>
+      <td>docker-client</td>
+      <td><a class="reference external" href="https://github.com/gesellix/docker-client">https://github.com/gesellix/docker-client</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Haskell</td>
+      <td>docker-hs</td>
+      <td><a class="reference external" href="https://github.com/denibertovic/docker-hs">https://github.com/denibertovic/docker-hs</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>HTML (Web Components)</td>
+      <td>docker-elements</td>
+      <td><a class="reference external" href="https://github.com/kapalhq/docker-elements">https://github.com/kapalhq/docker-elements</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Java</td>
+      <td>docker-java</td>
+      <td><a class="reference external" href="https://github.com/docker-java/docker-java">https://github.com/docker-java/docker-java</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Java</td>
+      <td>docker-client</td>
+      <td><a class="reference external" href="https://github.com/spotify/docker-client">https://github.com/spotify/docker-client</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Java</td>
+      <td>jclouds-docker</td>
+      <td><a class="reference external" href="https://github.com/jclouds/jclouds-labs/tree/master/docker">https://github.com/jclouds/jclouds-labs/tree/master/docker</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Java</td>
+      <td>rx-docker-client</td>
+      <td><a class="reference external" href="https://github.com/shekhargulati/rx-docker-client">https://github.com/shekhargulati/rx-docker-client</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>JavaScript (NodeJS)</td>
+      <td>dockerizer</td>
+      <td><a class="reference external" href="https://github.com/kesarion/dockerizer">https://github.com/kesarion/dockerizer</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>JavaScript (NodeJS)</td>
+      <td>dockerode</td>
+      <td><a class="reference external" href="https://github.com/apocas/dockerode">https://github.com/apocas/dockerode</a>
+  Install via NPM: <cite>npm install dockerode</cite></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>JavaScript (NodeJS)</td>
+      <td>docker.io</td>
+      <td><a class="reference external" href="https://github.com/appersonlabs/docker.io">https://github.com/appersonlabs/docker.io</a>
+  Install via NPM: <cite>npm install docker.io</cite></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>JavaScript</td>
+      <td>docker-js</td>
+      <td><a class="reference external" href="https://github.com/dgoujard/docker-js">https://github.com/dgoujard/docker-js</a></td>
+      <td>Outdated</td>
+    </tr>
+    <tr>
+      <td>JavaScript (Angular) <strong>WebUI</strong></td>
+      <td>Albatros</td>
+      <td><a class="reference external" href="https://github.com/dcylabs/albatros">https://github.com/dcylabs/albatros</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>JavaScript (Angular) <strong>WebUI</strong></td>
+      <td>docker-cp</td>
+      <td><a class="reference external" href="https://github.com/13W/docker-cp">https://github.com/13W/docker-cp</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>JavaScript (Angular) <strong>WebUI</strong></td>
+      <td>dockerui</td>
+      <td><a class="reference external" href="https://github.com/crosbymichael/dockerui">https://github.com/crosbymichael/dockerui</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>JavaScript (Angular) <strong>WebUI</strong></td>
+      <td>dockery</td>
+      <td><a class="reference external" href="https://github.com/lexandro/dockery">https://github.com/lexandro/dockery</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Perl</td>
+      <td>Net::Docker</td>
+      <td><a class="reference external" href="https://metacpan.org/pod/Net::Docker">https://metacpan.org/pod/Net::Docker</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Perl</td>
+      <td>Eixo::Docker</td>
+      <td><a class="reference external" href="https://github.com/alambike/eixo-docker">https://github.com/alambike/eixo-docker</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>PHP</td>
+      <td>Alvine</td>
+      <td><a class="reference external" href="http://pear.alvine.io/">http://pear.alvine.io/</a> (alpha)</td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>PHP</td>
+      <td>Docker-PHP</td>
+      <td><a class="reference external" href="https://github.com/docker-php/docker-php">https://github.com/docker-php/docker-php</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>PHP</td>
+      <td>Docker-PHP-Client</td>
+      <td><a class="reference external" href="https://github.com/jarkt/docker-php-client">https://github.com/jarkt/docker-php-client</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Python</td>
+      <td>docker-py</td>
+      <td><a class="reference external" href="https://github.com/docker/docker-py">https://github.com/docker/docker-py</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Ruby</td>
+      <td>docker-api</td>
+      <td><a class="reference external" href="https://github.com/swipely/docker-api">https://github.com/swipely/docker-api</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Ruby</td>
+      <td>docker-client</td>
+      <td><a class="reference external" href="https://github.com/geku/docker-client">https://github.com/geku/docker-client</a></td>
+      <td>Outdated</td>
+    </tr>
+    <tr>
+      <td>Rust</td>
+      <td>docker-rust</td>
+      <td><a class="reference external" href="https://github.com/abh1nav/docker-rust">https://github.com/abh1nav/docker-rust</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Rust</td>
+      <td>shiplift</td>
+      <td><a class="reference external" href="https://github.com/softprops/shiplift">https://github.com/softprops/shiplift</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Scala</td>
+      <td>tugboat</td>
+      <td><a class="reference external" href="https://github.com/softprops/tugboat">https://github.com/softprops/tugboat</a></td>
+      <td>Active</td>
+    </tr>
+    <tr>
+      <td>Scala</td>
+      <td>reactive-docker</td>
+      <td><a class="reference external" href="https://github.com/almoehi/reactive-docker">https://github.com/almoehi/reactive-docker</a></td>
+      <td>Active</td>
+    </tr>
+  </tbody>
+</table>
diff --git a/docs/reference/builder.md b/docs/reference/builder.md
new file mode 100644
index 00000000..a932276b
--- /dev/null
+++ b/docs/reference/builder.md
@@ -0,0 +1,1344 @@
+<!--[metadata]>
++++
+title = "Dockerfile reference"
+description = "Dockerfiles use a simple DSL which allows you to automate the steps you would normally manually take to create an image."
+keywords = ["builder, docker, Dockerfile, automation,  image creation"]
+[menu.main]
+parent = "engine_ref"
+weight=-90
++++
+<![end-metadata]-->
+
+# Dockerfile reference
+
+Docker can build images automatically by reading the instructions from a
+`Dockerfile`. A `Dockerfile` is a text document that contains all the commands a
+user could call on the command line to assemble an image. Using `docker build`
+users can create an automated build that executes several command-line
+instructions in succession.
+
+This page describes the commands you can use in a `Dockerfile`. When you are
+done reading this page, refer to the [`Dockerfile` Best
+Practices](../userguide/eng-image/dockerfile_best-practices.md) for a tip-oriented guide.
+
+## Usage
+
+The [`docker build`](commandline/build.md) command builds an image from
+a `Dockerfile` and a *context*. The build's context is the files at a specified
+location `PATH` or `URL`. The `PATH` is a directory on your local filesystem.
+The `URL` is a the location of a Git repository.
+
+A context is processed recursively. So, a `PATH` includes any subdirectories and
+the `URL` includes the repository and its submodules. A simple build command
+that uses the current directory as context:
+
+    $ docker build .
+    Sending build context to Docker daemon  6.51 MB
+    ...
+
+The build is run by the Docker daemon, not by the CLI. The first thing a build
+process does is send the entire context (recursively) to the daemon.  In most
+cases, it's best to start with an empty directory as context and keep your
+Dockerfile in that directory. Add only the files needed for building the
+Dockerfile.
+
+>**Warning**: Do not use your root directory, `/`, as the `PATH` as it causes
+>the build to transfer the entire contents of your hard drive to the Docker
+>daemon.
+
+To use a file in the build context, the `Dockerfile` refers to the file specified
+in an instruction, for example,  a `COPY` instruction. To increase the build's
+performance, exclude files and directories by adding a `.dockerignore` file to
+the context directory.  For information about how to [create a `.dockerignore`
+file](#dockerignore-file) see the documentation on this page.
+
+Traditionally, the `Dockerfile` is called `Dockerfile` and located in the root
+of the context. You use the `-f` flag with `docker build` to point to a Dockerfile
+anywhere in your file system.
+
+    $ docker build -f /path/to/a/Dockerfile .
+
+You can specify a repository and tag at which to save the new image if
+the build succeeds:
+
+    $ docker build -t shykes/myapp .
+
+To tag the image into multiple repositories after the build,
+add multiple `-t` parameters when you run the `build` command:
+
+    $ docker build -t shykes/myapp:1.0.2 -t shykes/myapp:latest .
+
+The Docker daemon runs the instructions in the `Dockerfile` one-by-one,
+committing the result of each instruction
+to a new image if necessary, before finally outputting the ID of your
+new image. The Docker daemon will automatically clean up the context you
+sent.
+
+Note that each instruction is run independently, and causes a new image
+to be created - so `RUN cd /tmp` will not have any effect on the next
+instructions.
+
+Whenever possible, Docker will re-use the intermediate images (cache),
+to accelerate the `docker build` process significantly. This is indicated by
+the `Using cache` message in the console output.
+(For more information, see the [Build cache section](../userguide/eng-image/dockerfile_best-practices.md#build-cache)) in the
+`Dockerfile` best practices guide:
+
+    $ docker build -t svendowideit/ambassador .
+    Sending build context to Docker daemon 15.36 kB
+    Step 0 : FROM alpine:3.2
+     ---> 31f630c65071
+    Step 1 : MAINTAINER SvenDowideit@home.org.au
+     ---> Using cache
+     ---> 2a1c91448f5f
+    Step 2 : RUN apk update &&      apk add socat &&        rm -r /var/cache/
+     ---> Using cache
+     ---> 21ed6e7fbb73
+    Step 3 : CMD env | grep _TCP= | (sed 's/.*_PORT_\([0-9]*\)_TCP=tcp:\/\/\(.*\):\(.*\)/socat -t 100000000 TCP4-LISTEN:\1,fork,reuseaddr TCP4:\2:\3 \&/' && echo wait) | sh
+     ---> Using cache
+     ---> 7ea8aef582cc
+    Successfully built 7ea8aef582cc
+
+When you're done with your build, you're ready to look into [*Pushing a
+repository to its registry*](../userguide/containers/dockerrepos.md#contributing-to-docker-hub).
+
+## Format
+
+Here is the format of the `Dockerfile`:
+
+    # Comment
+    INSTRUCTION arguments
+
+The instruction is not case-sensitive, however convention is for them to
+be UPPERCASE in order to distinguish them from arguments more easily.
+
+Docker runs the instructions in a `Dockerfile` in order. **The
+first instruction must be \`FROM\`** in order to specify the [*Base
+Image*](glossary.md#base-image) from which you are building.
+
+Docker will treat lines that *begin* with `#` as a
+comment. A `#` marker anywhere else in the line will
+be treated as an argument. This allows statements like:
+
+    # Comment
+    RUN echo 'we are running some # of cool things'
+
+Here is the set of instructions you can use in a `Dockerfile` for building
+images.
+
+### Environment replacement
+
+Environment variables (declared with [the `ENV` statement](#env)) can also be
+used in certain instructions as variables to be interpreted by the
+`Dockerfile`. Escapes are also handled for including variable-like syntax
+into a statement literally.
+
+Environment variables are notated in the `Dockerfile` either with
+`$variable_name` or `${variable_name}`. They are treated equivalently and the
+brace syntax is typically used to address issues with variable names with no
+whitespace, like `${foo}_bar`.
+
+The `${variable_name}` syntax also supports a few of the standard `bash`
+modifiers as specified below:
+
+* `${variable:-word}` indicates that if `variable` is set then the result
+  will be that value. If `variable` is not set then `word` will be the result.
+* `${variable:+word}` indicates that if `variable` is set then `word` will be
+  the result, otherwise the result is the empty string.
+
+In all cases, `word` can be any string, including additional environment
+variables.
+
+Escaping is possible by adding a `\` before the variable: `\$foo` or `\${foo}`,
+for example, will translate to `$foo` and `${foo}` literals respectively.
+
+Example (parsed representation is displayed after the `#`):
+
+    FROM busybox
+    ENV foo /bar
+    WORKDIR ${foo}   # WORKDIR /bar
+    ADD . $foo       # ADD . /bar
+    COPY \$foo /quux # COPY $foo /quux
+
+Environment variables are supported by the following list of instructions in
+the `Dockerfile`:
+
+* `ADD`
+* `COPY`
+* `ENV`
+* `EXPOSE`
+* `LABEL`
+* `USER`
+* `WORKDIR`
+* `VOLUME`
+* `STOPSIGNAL`
+
+as well as:
+
+* `ONBUILD` (when combined with one of the supported instructions above)
+
+> **Note**:
+> prior to 1.4, `ONBUILD` instructions did **NOT** support environment
+> variable, even when combined with any of the instructions listed above.
+
+Environment variable substitution will use the same value for each variable
+throughout the entire command. In other words, in this example:
+
+    ENV abc=hello
+    ENV abc=bye def=$abc
+    ENV ghi=$abc
+
+will result in `def` having a value of `hello`, not `bye`. However,
+`ghi` will have a value of `bye` because it is not part of the same command
+that set `abc` to `bye`.
+
+### .dockerignore file
+
+Before the docker CLI sends the context to the docker daemon, it looks
+for a file named `.dockerignore` in the root directory of the context.
+If this file exists, the CLI modifies the context to exclude files and
+directories that match patterns in it.  This helps to avoid
+unnecessarily sending large or sensitive files and directories to the
+daemon and potentially adding them to images using `ADD` or `COPY`.
+
+The CLI interprets the `.dockerignore` file as a newline-separated
+list of patterns similar to the file globs of Unix shells.  For the
+purposes of matching, the root of the context is considered to be both
+the working and the root directory.  For example, the patterns
+`/foo/bar` and `foo/bar` both exclude a file or directory named `bar`
+in the `foo` subdirectory of `PATH` or in the root of the git
+repository located at `URL`.  Neither excludes anything else.
+
+Here is an example `.dockerignore` file:
+
+```
+    */temp*
+    */*/temp*
+    temp?
+```
+
+This file causes the following build behavior:
+
+| Rule           | Behavior                                                                                                                                                                     |
+|----------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `*/temp*`      | Exclude files and directories whose names start with `temp` in any immediate subdirectory of the root.  For example, the plain file `/somedir/temporary.txt` is excluded, as is the directory `/somedir/temp`.                 |
+| `*/*/temp*`    | Exclude files and directories starting with `temp` from any subdirectory that is two levels below the root. For example, `/somedir/subdir/temporary.txt` is excluded. |
+| `temp?`        | Exclude files and directories in the root directory whose names are a one-character extension of `temp`.  For example, `/tempa` and `/tempb` are excluded.
+
+
+Matching is done using Go's
+[filepath.Match](http://golang.org/pkg/path/filepath#Match) rules.  A
+preprocessing step removes leading and trailing whitespace and
+eliminates `.` and `..` elements using Go's
+[filepath.Clean](http://golang.org/pkg/path/filepath/#Clean).  Lines
+that are blank after preprocessing are ignored.
+
+Beyond Go's filepath.Match rules, Docker also supports a special
+wildcard string `**` that matches any number of directories (including
+zero). For example, `**/*.go` will exclude all files that end with `.go`
+that are found in all directories, including the root of the build context.
+
+Lines starting with `!` (exclamation mark) can be used to make exceptions
+to exclusions.  The following is an example `.dockerignore` file that
+uses this mechanism:
+
+```
+    *.md
+    !README.md
+```
+
+All markdown files *except* `README.md` are excluded from the context.
+
+The placement of `!` exception rules influences the behavior: the last
+line of the `.dockerignore` that matches a particular file determines
+whether it is included or excluded.  Consider the following example:
+
+```
+    *.md
+    !README*.md
+    README-secret.md
+```
+
+No markdown files are included in the context except README files other than
+`README-secret.md`.
+
+Now consider this example:
+
+```
+    *.md
+    README-secret.md
+    !README*.md
+```
+
+All of the README files are included.  The middle line has no effect because
+`!README*.md` matches `README-secret.md` and comes last.
+
+You can even use the `.dockerignore` file to exclude the `Dockerfile`
+and `.dockerignore` files.  These files are still sent to the daemon
+because it needs them to do its job.  But the `ADD` and `COPY` commands
+do not copy them to the image.
+
+Finally, you may want to specify which files to include in the
+context, rather than which to exclude. To achieve this, specify `*` as
+the first pattern, followed by one or more `!` exception patterns.
+
+**Note**: For historical reasons, the pattern `.` is ignored.
+
+## FROM
+
+    FROM <image>
+
+Or
+
+    FROM <image>:<tag>
+
+Or
+
+    FROM <image>@<digest>
+
+The `FROM` instruction sets the [*Base Image*](glossary.md#base-image)
+for subsequent instructions. As such, a valid `Dockerfile` must have `FROM` as
+its first instruction. The image can be any valid image – it is especially easy
+to start by **pulling an image** from the [*Public Repositories*](../userguide/containers/dockerrepos.md).
+
+- `FROM` must be the first non-comment instruction in the `Dockerfile`.
+
+- `FROM` can appear multiple times within a single `Dockerfile` in order to create
+multiple images. Simply make a note of the last image ID output by the commit
+before each new `FROM` command.
+
+- The `tag` or `digest` values are optional. If you omit either of them, the builder
+assumes a `latest` by default. The builder returns an error if it cannot match
+the `tag` value.
+
+## MAINTAINER
+
+    MAINTAINER <name>
+
+The `MAINTAINER` instruction allows you to set the *Author* field of the
+generated images.
+
+## RUN
+
+RUN has 2 forms:
+
+- `RUN <command>` (*shell* form, the command is run in a shell - `/bin/sh -c`)
+- `RUN ["executable", "param1", "param2"]` (*exec* form)
+
+The `RUN` instruction will execute any commands in a new layer on top of the
+current image and commit the results. The resulting committed image will be
+used for the next step in the `Dockerfile`.
+
+Layering `RUN` instructions and generating commits conforms to the core
+concepts of Docker where commits are cheap and containers can be created from
+any point in an image's history, much like source control.
+
+The *exec* form makes it possible to avoid shell string munging, and to `RUN`
+commands using a base image that does not contain `/bin/sh`.
+
+In the *shell* form you can use a `\` (backslash) to continue a single
+RUN instruction onto the next line. For example, consider these two lines:
+```
+RUN /bin/bash -c 'source $HOME/.bashrc ;\
+echo $HOME'
+```
+Together they are equivalent to this single line:
+```
+RUN /bin/bash -c 'source $HOME/.bashrc ; echo $HOME'
+```
+
+> **Note**:
+> To use a different shell, other than '/bin/sh', use the *exec* form
+> passing in the desired shell. For example,
+> `RUN ["/bin/bash", "-c", "echo hello"]`
+
+> **Note**:
+> The *exec* form is parsed as a JSON array, which means that
+> you must use double-quotes (") around words not single-quotes (').
+
+> **Note**:
+> Unlike the *shell* form, the *exec* form does not invoke a command shell.
+> This means that normal shell processing does not happen. For example,
+> `RUN [ "echo", "$HOME" ]` will not do variable substitution on `$HOME`.
+> If you want shell processing then either use the *shell* form or execute
+> a shell directly, for example: `RUN [ "sh", "-c", "echo", "$HOME" ]`.
+
+The cache for `RUN` instructions isn't invalidated automatically during
+the next build. The cache for an instruction like
+`RUN apt-get dist-upgrade -y` will be reused during the next build. The
+cache for `RUN` instructions can be invalidated by using the `--no-cache`
+flag, for example `docker build --no-cache`.
+
+See the [`Dockerfile` Best Practices
+guide](../userguide/eng-image/dockerfile_best-practices.md#build-cache) for more information.
+
+The cache for `RUN` instructions can be invalidated by `ADD` instructions. See
+[below](#add) for details.
+
+### Known issues (RUN)
+
+- [Issue 783](https://github.com/docker/docker/issues/783) is about file
+  permissions problems that can occur when using the AUFS file system. You
+  might notice it during an attempt to `rm` a file, for example.
+
+  For systems that have recent aufs version (i.e., `dirperm1` mount option can
+  be set), docker will attempt to fix the issue automatically by mounting
+  the layers with `dirperm1` option. More details on `dirperm1` option can be
+  found at [`aufs` man page](http://aufs.sourceforge.net/aufs3/man.html)
+
+  If your system doesn't have support for `dirperm1`, the issue describes a workaround.
+
+## CMD
+
+The `CMD` instruction has three forms:
+
+- `CMD ["executable","param1","param2"]` (*exec* form, this is the preferred form)
+- `CMD ["param1","param2"]` (as *default parameters to ENTRYPOINT*)
+- `CMD command param1 param2` (*shell* form)
+
+There can only be one `CMD` instruction in a `Dockerfile`. If you list more than one `CMD`
+then only the last `CMD` will take effect.
+
+**The main purpose of a `CMD` is to provide defaults for an executing
+container.** These defaults can include an executable, or they can omit
+the executable, in which case you must specify an `ENTRYPOINT`
+instruction as well.
+
+> **Note**:
+> If `CMD` is used to provide default arguments for the `ENTRYPOINT`
+> instruction, both the `CMD` and `ENTRYPOINT` instructions should be specified
+> with the JSON array format.
+
+> **Note**:
+> The *exec* form is parsed as a JSON array, which means that
+> you must use double-quotes (") around words not single-quotes (').
+
+> **Note**:
+> Unlike the *shell* form, the *exec* form does not invoke a command shell.
+> This means that normal shell processing does not happen. For example,
+> `CMD [ "echo", "$HOME" ]` will not do variable substitution on `$HOME`.
+> If you want shell processing then either use the *shell* form or execute
+> a shell directly, for example: `CMD [ "sh", "-c", "echo", "$HOME" ]`.
+
+When used in the shell or exec formats, the `CMD` instruction sets the command
+to be executed when running the image.
+
+If you use the *shell* form of the `CMD`, then the `<command>` will execute in
+`/bin/sh -c`:
+
+    FROM ubuntu
+    CMD echo "This is a test." | wc -
+
+If you want to **run your** `<command>` **without a shell** then you must
+express the command as a JSON array and give the full path to the executable.
+**This array form is the preferred format of `CMD`.** Any additional parameters
+must be individually expressed as strings in the array:
+
+    FROM ubuntu
+    CMD ["/usr/bin/wc","--help"]
+
+If you would like your container to run the same executable every time, then
+you should consider using `ENTRYPOINT` in combination with `CMD`. See
+[*ENTRYPOINT*](#entrypoint).
+
+If the user specifies arguments to `docker run` then they will override the
+default specified in `CMD`.
+
+> **Note**:
+> don't confuse `RUN` with `CMD`. `RUN` actually runs a command and commits
+> the result; `CMD` does not execute anything at build time, but specifies
+> the intended command for the image.
+
+## LABEL
+
+    LABEL <key>=<value> <key>=<value> <key>=<value> ...
+
+The `LABEL` instruction adds metadata to an image. A `LABEL` is a
+key-value pair. To include spaces within a `LABEL` value, use quotes and
+backslashes as you would in command-line parsing. A few usage examples:
+
+    LABEL "com.example.vendor"="ACME Incorporated"
+    LABEL com.example.label-with-value="foo"
+    LABEL version="1.0"
+    LABEL description="This text illustrates \
+    that label-values can span multiple lines."
+
+An image can have more than one label. To specify multiple labels,
+Docker recommends combining labels into a single `LABEL` instruction where
+possible. Each `LABEL` instruction produces a new layer which can result in an
+inefficient image if you use many labels. This example results in a single image
+layer.
+
+    LABEL multi.label1="value1" multi.label2="value2" other="value3"
+
+The above can also be written as:
+
+    LABEL multi.label1="value1" \
+          multi.label2="value2" \
+          other="value3"
+
+Labels are additive including `LABEL`s in `FROM` images. If Docker
+encounters a label/key that already exists, the new value overrides any previous
+labels with identical keys.
+
+To view an image's labels, use the `docker inspect` command.
+
+    "Labels": {
+        "com.example.vendor": "ACME Incorporated"
+        "com.example.label-with-value": "foo",
+        "version": "1.0",
+        "description": "This text illustrates that label-values can span multiple lines.",
+        "multi.label1": "value1",
+        "multi.label2": "value2",
+        "other": "value3"
+    },
+
+## EXPOSE
+
+    EXPOSE <port> [<port>...]
+
+The `EXPOSE` instruction informs Docker that the container listens on the
+specified network ports at runtime. `EXPOSE` does not make the ports of the
+container accessible to the host. To do that, you must use either the `-p` flag
+to publish a range of ports or the `-P` flag to publish all of the exposed
+ports. You can expose one port number and publish it externally under another
+number.
+
+To set up port redirection on the host system, see [using the -P
+flag](run.md#expose-incoming-ports). The Docker network feature supports
+creating networks without the need to expose ports within the network, for
+detailed information see the  [overview of this
+feature](../userguide/networking/index.md)).
+
+## ENV
+
+    ENV <key> <value>
+    ENV <key>=<value> ...
+
+The `ENV` instruction sets the environment variable `<key>` to the value
+`<value>`. This value will be in the environment of all "descendant"
+`Dockerfile` commands and can be [replaced inline](#environment-replacement) in
+many as well.
+
+The `ENV` instruction has two forms. The first form, `ENV <key> <value>`,
+will set a single variable to a value. The entire string after the first
+space will be treated as the `<value>` - including characters such as
+spaces and quotes.
+
+The second form, `ENV <key>=<value> ...`, allows for multiple variables to
+be set at one time. Notice that the second form uses the equals sign (=)
+in the syntax, while the first form does not. Like command line parsing,
+quotes and backslashes can be used to include spaces within values.
+
+For example:
+
+    ENV myName="John Doe" myDog=Rex\ The\ Dog \
+        myCat=fluffy
+
+and
+
+    ENV myName John Doe
+    ENV myDog Rex The Dog
+    ENV myCat fluffy
+
+will yield the same net results in the final container, but the first form
+is preferred because it produces a single cache layer.
+
+The environment variables set using `ENV` will persist when a container is run
+from the resulting image. You can view the values using `docker inspect`, and
+change them using `docker run --env <key>=<value>`.
+
+> **Note**:
+> Environment persistence can cause unexpected side effects. For example,
+> setting `ENV DEBIAN_FRONTEND noninteractive` may confuse apt-get
+> users on a Debian-based image. To set a value for a single command, use
+> `RUN <key>=<value> <command>`.
+
+## ADD
+
+ADD has two forms:
+
+- `ADD <src>... <dest>`
+- `ADD ["<src>",... "<dest>"]` (this form is required for paths containing
+whitespace)
+
+The `ADD` instruction copies new files, directories or remote file URLs from `<src>`
+and adds them to the filesystem of the container at the path `<dest>`.
+
+Multiple `<src>` resource may be specified but if they are files or
+directories then they must be relative to the source directory that is
+being built (the context of the build).
+
+Each `<src>` may contain wildcards and matching will be done using Go's
+[filepath.Match](http://golang.org/pkg/path/filepath#Match) rules. For example:
+
+    ADD hom* /mydir/        # adds all files starting with "hom"
+    ADD hom?.txt /mydir/    # ? is replaced with any single character, e.g., "home.txt"
+
+The `<dest>` is an absolute path, or a path relative to `WORKDIR`, into which
+the source will be copied inside the destination container.
+
+    ADD test relativeDir/          # adds "test" to `WORKDIR`/relativeDir/
+    ADD test /absoluteDir/         # adds "test" to /absoluteDir/
+
+All new files and directories are created with a UID and GID of 0.
+
+In the case where `<src>` is a remote file URL, the destination will
+have permissions of 600. If the remote file being retrieved has an HTTP
+`Last-Modified` header, the timestamp from that header will be used
+to set the `mtime` on the destination file. However, like any other file
+processed during an `ADD`, `mtime` will not be included in the determination
+of whether or not the file has changed and the cache should be updated.
+
+> **Note**:
+> If you build by passing a `Dockerfile` through STDIN (`docker
+> build - < somefile`), there is no build context, so the `Dockerfile`
+> can only contain a URL based `ADD` instruction. You can also pass a
+> compressed archive through STDIN: (`docker build - < archive.tar.gz`),
+> the `Dockerfile` at the root of the archive and the rest of the
+> archive will get used at the context of the build.
+
+> **Note**:
+> If your URL files are protected using authentication, you
+> will need to use `RUN wget`, `RUN curl` or use another tool from
+> within the container as the `ADD` instruction does not support
+> authentication.
+
+> **Note**:
+> The first encountered `ADD` instruction will invalidate the cache for all
+> following instructions from the Dockerfile if the contents of `<src>` have
+> changed. This includes invalidating the cache for `RUN` instructions.
+> See the [`Dockerfile` Best Practices
+guide](../userguide/eng-image/dockerfile_best-practices.md#build-cache) for more information.
+
+
+`ADD` obeys the following rules:
+
+- The `<src>` path must be inside the *context* of the build;
+  you cannot `ADD ../something /something`, because the first step of a
+  `docker build` is to send the context directory (and subdirectories) to the
+  docker daemon.
+
+- If `<src>` is a URL and `<dest>` does not end with a trailing slash, then a
+  file is downloaded from the URL and copied to `<dest>`.
+
+- If `<src>` is a URL and `<dest>` does end with a trailing slash, then the
+  filename is inferred from the URL and the file is downloaded to
+  `<dest>/<filename>`. For instance, `ADD http://example.com/foobar /` would
+  create the file `/foobar`. The URL must have a nontrivial path so that an
+  appropriate filename can be discovered in this case (`http://example.com`
+  will not work).
+
+- If `<src>` is a directory, the entire contents of the directory are copied,
+  including filesystem metadata.
+
+> **Note**:
+> The directory itself is not copied, just its contents.
+
+- If `<src>` is a *local* tar archive in a recognized compression format
+  (identity, gzip, bzip2 or xz) then it is unpacked as a directory. Resources
+  from *remote* URLs are **not** decompressed. When a directory is copied or
+  unpacked, it has the same behavior as `tar -x`: the result is the union of:
+
+    1. Whatever existed at the destination path and
+    2. The contents of the source tree, with conflicts resolved in favor
+       of "2." on a file-by-file basis.
+
+  > **Note**:
+  > Whether a file is identified as a recognized compression format or not
+  > is done solely based on the contents of the file, not the name of the file.
+  > For example, if an empty file happens to end with `.tar.gz` this will not
+  > be recognized as a compressed file and **will not** generate any kind of
+  > decompression error message, rather the file will simply be copied to the
+  > destination.
+
+- If `<src>` is any other kind of file, it is copied individually along with
+  its metadata. In this case, if `<dest>` ends with a trailing slash `/`, it
+  will be considered a directory and the contents of `<src>` will be written
+  at `<dest>/base(<src>)`.
+
+- If multiple `<src>` resources are specified, either directly or due to the
+  use of a wildcard, then `<dest>` must be a directory, and it must end with
+  a slash `/`.
+
+- If `<dest>` does not end with a trailing slash, it will be considered a
+  regular file and the contents of `<src>` will be written at `<dest>`.
+
+- If `<dest>` doesn't exist, it is created along with all missing directories
+  in its path.
+
+## COPY
+
+COPY has two forms:
+
+- `COPY <src>... <dest>`
+- `COPY ["<src>",... "<dest>"]` (this form is required for paths containing
+whitespace)
+
+The `COPY` instruction copies new files or directories from `<src>`
+and adds them to the filesystem of the container at the path `<dest>`.
+
+Multiple `<src>` resource may be specified but they must be relative
+to the source directory that is being built (the context of the build).
+
+Each `<src>` may contain wildcards and matching will be done using Go's
+[filepath.Match](http://golang.org/pkg/path/filepath#Match) rules. For example:
+
+    COPY hom* /mydir/        # adds all files starting with "hom"
+    COPY hom?.txt /mydir/    # ? is replaced with any single character, e.g., "home.txt"
+
+The `<dest>` is an absolute path, or a path relative to `WORKDIR`, into which
+the source will be copied inside the destination container.
+
+    COPY test relativeDir/   # adds "test" to `WORKDIR`/relativeDir/
+    COPY test /absoluteDir/  # adds "test" to /absoluteDir/
+
+All new files and directories are created with a UID and GID of 0.
+
+> **Note**:
+> If you build using STDIN (`docker build - < somefile`), there is no
+> build context, so `COPY` can't be used.
+
+`COPY` obeys the following rules:
+
+- The `<src>` path must be inside the *context* of the build;
+  you cannot `COPY ../something /something`, because the first step of a
+  `docker build` is to send the context directory (and subdirectories) to the
+  docker daemon.
+
+- If `<src>` is a directory, the entire contents of the directory are copied,
+  including filesystem metadata.
+
+> **Note**:
+> The directory itself is not copied, just its contents.
+
+- If `<src>` is any other kind of file, it is copied individually along with
+  its metadata. In this case, if `<dest>` ends with a trailing slash `/`, it
+  will be considered a directory and the contents of `<src>` will be written
+  at `<dest>/base(<src>)`.
+
+- If multiple `<src>` resources are specified, either directly or due to the
+  use of a wildcard, then `<dest>` must be a directory, and it must end with
+  a slash `/`.
+
+- If `<dest>` does not end with a trailing slash, it will be considered a
+  regular file and the contents of `<src>` will be written at `<dest>`.
+
+- If `<dest>` doesn't exist, it is created along with all missing directories
+  in its path.
+
+## ENTRYPOINT
+
+ENTRYPOINT has two forms:
+
+- `ENTRYPOINT ["executable", "param1", "param2"]`
+  (*exec* form, preferred)
+- `ENTRYPOINT command param1 param2`
+  (*shell* form)
+
+An `ENTRYPOINT` allows you to configure a container that will run as an executable.
+
+For example, the following will start nginx with its default content, listening
+on port 80:
+
+    docker run -i -t --rm -p 80:80 nginx
+
+Command line arguments to `docker run <image>` will be appended after all
+elements in an *exec* form `ENTRYPOINT`, and will override all elements specified
+using `CMD`.
+This allows arguments to be passed to the entry point, i.e., `docker run <image> -d`
+will pass the `-d` argument to the entry point.
+You can override the `ENTRYPOINT` instruction using the `docker run --entrypoint`
+flag.
+
+The *shell* form prevents any `CMD` or `run` command line arguments from being
+used, but has the disadvantage that your `ENTRYPOINT` will be started as a
+subcommand of `/bin/sh -c`, which does not pass signals.
+This means that the executable will not be the container's `PID 1` - and
+will _not_ receive Unix signals - so your executable will not receive a
+`SIGTERM` from `docker stop <container>`.
+
+Only the last `ENTRYPOINT` instruction in the `Dockerfile` will have an effect.
+
+### Exec form ENTRYPOINT example
+
+You can use the *exec* form of `ENTRYPOINT` to set fairly stable default commands
+and arguments and then use either form of `CMD` to set additional defaults that
+are more likely to be changed.
+
+    FROM ubuntu
+    ENTRYPOINT ["top", "-b"]
+    CMD ["-c"]
+
+When you run the container, you can see that `top` is the only process:
+
+    $ docker run -it --rm --name test  top -H
+    top - 08:25:00 up  7:27,  0 users,  load average: 0.00, 0.01, 0.05
+    Threads:   1 total,   1 running,   0 sleeping,   0 stopped,   0 zombie
+    %Cpu(s):  0.1 us,  0.1 sy,  0.0 ni, 99.7 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
+    KiB Mem:   2056668 total,  1616832 used,   439836 free,    99352 buffers
+    KiB Swap:  1441840 total,        0 used,  1441840 free.  1324440 cached Mem
+
+      PID USER      PR  NI    VIRT    RES    SHR S %CPU %MEM     TIME+ COMMAND
+        1 root      20   0   19744   2336   2080 R  0.0  0.1   0:00.04 top
+
+To examine the result further, you can use `docker exec`:
+
+    $ docker exec -it test ps aux
+    USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
+    root         1  2.6  0.1  19752  2352 ?        Ss+  08:24   0:00 top -b -H
+    root         7  0.0  0.1  15572  2164 ?        R+   08:25   0:00 ps aux
+
+And you can gracefully request `top` to shut down using `docker stop test`.
+
+The following `Dockerfile` shows using the `ENTRYPOINT` to run Apache in the
+foreground (i.e., as `PID 1`):
+
+```
+FROM debian:stable
+RUN apt-get update && apt-get install -y --force-yes apache2
+EXPOSE 80 443
+VOLUME ["/var/www", "/var/log/apache2", "/etc/apache2"]
+ENTRYPOINT ["/usr/sbin/apache2ctl", "-D", "FOREGROUND"]
+```
+
+If you need to write a starter script for a single executable, you can ensure that
+the final executable receives the Unix signals by using `exec` and `gosu`
+commands:
+
+```bash
+#!/bin/bash
+set -e
+
+if [ "$1" = 'postgres' ]; then
+    chown -R postgres "$PGDATA"
+
+    if [ -z "$(ls -A "$PGDATA")" ]; then
+        gosu postgres initdb
+    fi
+
+    exec gosu postgres "$@"
+fi
+
+exec "$@"
+```
+
+Lastly, if you need to do some extra cleanup (or communicate with other containers)
+on shutdown, or are co-ordinating more than one executable, you may need to ensure
+that the `ENTRYPOINT` script receives the Unix signals, passes them on, and then
+does some more work:
+
+```
+#!/bin/sh
+# Note: I've written this using sh so it works in the busybox container too
+
+# USE the trap if you need to also do manual cleanup after the service is stopped,
+#     or need to start multiple services in the one container
+trap "echo TRAPed signal" HUP INT QUIT KILL TERM
+
+# start service in background here
+/usr/sbin/apachectl start
+
+echo "[hit enter key to exit] or run 'docker stop <container>'"
+read
+
+# stop service and clean up here
+echo "stopping apache"
+/usr/sbin/apachectl stop
+
+echo "exited $0"
+```
+
+If you run this image with `docker run -it --rm -p 80:80 --name test apache`,
+you can then examine the container's processes with `docker exec`, or `docker top`,
+and then ask the script to stop Apache:
+
+```bash
+$ docker exec -it test ps aux
+USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
+root         1  0.1  0.0   4448   692 ?        Ss+  00:42   0:00 /bin/sh /run.sh 123 cmd cmd2
+root        19  0.0  0.2  71304  4440 ?        Ss   00:42   0:00 /usr/sbin/apache2 -k start
+www-data    20  0.2  0.2 360468  6004 ?        Sl   00:42   0:00 /usr/sbin/apache2 -k start
+www-data    21  0.2  0.2 360468  6000 ?        Sl   00:42   0:00 /usr/sbin/apache2 -k start
+root        81  0.0  0.1  15572  2140 ?        R+   00:44   0:00 ps aux
+$ docker top test
+PID                 USER                COMMAND
+10035               root                {run.sh} /bin/sh /run.sh 123 cmd cmd2
+10054               root                /usr/sbin/apache2 -k start
+10055               33                  /usr/sbin/apache2 -k start
+10056               33                  /usr/sbin/apache2 -k start
+$ /usr/bin/time docker stop test
+test
+real	0m 0.27s
+user	0m 0.03s
+sys	0m 0.03s
+```
+
+> **Note:** you can over ride the `ENTRYPOINT` setting using `--entrypoint`,
+> but this can only set the binary to *exec* (no `sh -c` will be used).
+
+> **Note**:
+> The *exec* form is parsed as a JSON array, which means that
+> you must use double-quotes (") around words not single-quotes (').
+
+> **Note**:
+> Unlike the *shell* form, the *exec* form does not invoke a command shell.
+> This means that normal shell processing does not happen. For example,
+> `ENTRYPOINT [ "echo", "$HOME" ]` will not do variable substitution on `$HOME`.
+> If you want shell processing then either use the *shell* form or execute
+> a shell directly, for example: `ENTRYPOINT [ "sh", "-c", "echo", "$HOME" ]`.
+> Variables that are defined in the `Dockerfile`using `ENV`, will be substituted by
+> the `Dockerfile` parser.
+
+### Shell form ENTRYPOINT example
+
+You can specify a plain string for the `ENTRYPOINT` and it will execute in `/bin/sh -c`.
+This form will use shell processing to substitute shell environment variables,
+and will ignore any `CMD` or `docker run` command line arguments.
+To ensure that `docker stop` will signal any long running `ENTRYPOINT` executable
+correctly, you need to remember to start it with `exec`:
+
+    FROM ubuntu
+    ENTRYPOINT exec top -b
+
+When you run this image, you'll see the single `PID 1` process:
+
+    $ docker run -it --rm --name test top
+    Mem: 1704520K used, 352148K free, 0K shrd, 0K buff, 140368121167873K cached
+    CPU:   5% usr   0% sys   0% nic  94% idle   0% io   0% irq   0% sirq
+    Load average: 0.08 0.03 0.05 2/98 6
+      PID  PPID USER     STAT   VSZ %VSZ %CPU COMMAND
+        1     0 root     R     3164   0%   0% top -b
+
+Which will exit cleanly on `docker stop`:
+
+    $ /usr/bin/time docker stop test
+    test
+    real	0m 0.20s
+    user	0m 0.02s
+    sys	0m 0.04s
+
+If you forget to add `exec` to the beginning of your `ENTRYPOINT`:
+
+    FROM ubuntu
+    ENTRYPOINT top -b
+    CMD --ignored-param1
+
+You can then run it (giving it a name for the next step):
+
+    $ docker run -it --name test top --ignored-param2
+    Mem: 1704184K used, 352484K free, 0K shrd, 0K buff, 140621524238337K cached
+    CPU:   9% usr   2% sys   0% nic  88% idle   0% io   0% irq   0% sirq
+    Load average: 0.01 0.02 0.05 2/101 7
+      PID  PPID USER     STAT   VSZ %VSZ %CPU COMMAND
+        1     0 root     S     3168   0%   0% /bin/sh -c top -b cmd cmd2
+        7     1 root     R     3164   0%   0% top -b
+
+You can see from the output of `top` that the specified `ENTRYPOINT` is not `PID 1`.
+
+If you then run `docker stop test`, the container will not exit cleanly - the
+`stop` command will be forced to send a `SIGKILL` after the timeout:
+
+    $ docker exec -it test ps aux
+    PID   USER     COMMAND
+        1 root     /bin/sh -c top -b cmd cmd2
+        7 root     top -b
+        8 root     ps aux
+    $ /usr/bin/time docker stop test
+    test
+    real	0m 10.19s
+    user	0m 0.04s
+    sys	0m 0.03s
+
+### Understand how CMD and ENTRYPOINT interact
+
+Both `CMD` and `ENTRYPOINT` instructions define what command gets executed when running a container.
+There are few rules that describe their co-operation.
+
+1. Dockerfile should specify at least one of `CMD` or `ENTRYPOINT` commands.
+
+2. `ENTRYPOINT` should be defined when using the container as an executable.
+
+3. `CMD` should be used as a way of defining default arguments for an `ENTRYPOINT` command
+or for executing an ad-hoc command in a container.
+
+4. `CMD` will be overridden when running the container with alternative arguments.
+
+The table below shows what command is executed for different `ENTRYPOINT` / `CMD` combinations:
+
+|                                | No ENTRYPOINT              | ENTRYPOINT exec_entry p1_entry                            | ENTRYPOINT ["exec_entry", "p1_entry"]          |
+|--------------------------------|----------------------------|-----------------------------------------------------------|------------------------------------------------|
+| **No CMD**                     | *error, not allowed*       | /bin/sh -c exec_entry p1_entry                            | exec_entry p1_entry                            |
+| **CMD ["exec_cmd", "p1_cmd"]** | exec_cmd p1_cmd            | /bin/sh -c exec_entry p1_entry exec_cmd p1_cmd            | exec_entry p1_entry exec_cmd p1_cmd            |
+| **CMD ["p1_cmd", "p2_cmd"]**   | p1_cmd p2_cmd              | /bin/sh -c exec_entry p1_entry p1_cmd p2_cmd              | exec_entry p1_entry p1_cmd p2_cmd              |
+| **CMD exec_cmd p1_cmd**        | /bin/sh -c exec_cmd p1_cmd | /bin/sh -c exec_entry p1_entry /bin/sh -c exec_cmd p1_cmd | exec_entry p1_entry /bin/sh -c exec_cmd p1_cmd |
+
+## VOLUME
+
+    VOLUME ["/data"]
+
+The `VOLUME` instruction creates a mount point with the specified name
+and marks it as holding externally mounted volumes from native host or other
+containers. The value can be a JSON array, `VOLUME ["/var/log/"]`, or a plain
+string with multiple arguments, such as `VOLUME /var/log` or `VOLUME /var/log
+/var/db`. For more information/examples and mounting instructions via the
+Docker client, refer to
+[*Share Directories via Volumes*](../userguide/containers/dockervolumes.md#mount-a-host-directory-as-a-data-volume)
+documentation.
+
+The `docker run` command initializes the newly created volume with any data
+that exists at the specified location within the base image. For example,
+consider the following Dockerfile snippet:
+
+    FROM ubuntu
+    RUN mkdir /myvol
+    RUN echo "hello world" > /myvol/greeting
+    VOLUME /myvol
+
+This Dockerfile results in an image that causes `docker run`, to
+create a new mount point at `/myvol` and copy the  `greeting` file
+into the newly created volume.
+
+> **Note**:
+> If any build steps change the data within the volume after it has been
+> declared, those changes will be discarded.
+
+> **Note**:
+> The list is parsed as a JSON array, which means that
+> you must use double-quotes (") around words not single-quotes (').
+
+## USER
+
+    USER daemon
+
+The `USER` instruction sets the user name or UID to use when running the image
+and for any `RUN`, `CMD` and `ENTRYPOINT` instructions that follow it in the
+`Dockerfile`.
+
+## WORKDIR
+
+    WORKDIR /path/to/workdir
+
+The `WORKDIR` instruction sets the working directory for any `RUN`, `CMD`,
+`ENTRYPOINT`, `COPY` and `ADD` instructions that follow it in the `Dockerfile`.
+If the `WORKDIR` doesn't exist, it will be created even if its not used in any
+subsequent `Dockerfile` instruction.
+
+It can be used multiple times in the one `Dockerfile`. If a relative path
+is provided, it will be relative to the path of the previous `WORKDIR`
+instruction. For example:
+
+    WORKDIR /a
+    WORKDIR b
+    WORKDIR c
+    RUN pwd
+
+The output of the final `pwd` command in this `Dockerfile` would be
+`/a/b/c`.
+
+The `WORKDIR` instruction can resolve environment variables previously set using
+`ENV`. You can only use environment variables explicitly set in the `Dockerfile`.
+For example:
+
+    ENV DIRPATH /path
+    WORKDIR $DIRPATH/$DIRNAME
+    RUN pwd
+
+The output of the final `pwd` command in this `Dockerfile` would be
+`/path/$DIRNAME`
+
+## ARG
+
+    ARG <name>[=<default value>]
+
+The `ARG` instruction defines a variable that users can pass at build-time to
+the builder with the `docker build` command using the `--build-arg
+<varname>=<value>` flag. If a user specifies a build argument that was not
+defined in the Dockerfile, the build outputs an error.
+
+```
+One or more build-args were not consumed, failing build.
+```
+
+The Dockerfile author can define a single variable by specifying `ARG` once or many
+variables by specifying `ARG` more than once. For example, a valid Dockerfile:
+
+```
+FROM busybox
+ARG user1
+ARG buildno
+...
+```
+
+A Dockerfile author may optionally specify a default value for an `ARG` instruction:
+
+```
+FROM busybox
+ARG user1=someuser
+ARG buildno=1
+...
+```
+
+If an `ARG` value has a default and if there is no value passed at build-time, the
+builder uses the default.
+
+An `ARG` variable definition comes into effect from the line on which it is
+defined in the `Dockerfile` not from the argument's use on the command-line or
+elsewhere.  For example, consider this Dockerfile:
+
+```
+1 FROM busybox
+2 USER ${user:-some_user}
+3 ARG user
+4 USER $user
+...
+```
+A user builds this file by calling:
+
+```
+$ docker build --build-arg user=what_user Dockerfile
+```
+
+The `USER` at line 2 evaluates to `some_user` as the `user` variable is defined on the
+subsequent line 3. The `USER` at line 4 evaluates to `what_user` as `user` is
+defined and the `what_user` value was passed on the command line. Prior to its definition by an
+`ARG` instruction, any use of a variable results in an empty string.
+
+> **Note:** It is not recommended to use build-time variables for
+>  passing secrets like github keys, user credentials etc.
+
+You can use an `ARG` or an `ENV` instruction to specify variables that are
+available to the `RUN` instruction. Environment variables defined using the
+`ENV` instruction always override an `ARG` instruction of the same name. Consider
+this Dockerfile with an `ENV` and `ARG` instruction.
+
+```
+1 FROM ubuntu
+2 ARG CONT_IMG_VER
+3 ENV CONT_IMG_VER v1.0.0
+4 RUN echo $CONT_IMG_VER
+```
+Then, assume this image is built with this command:
+
+```
+$ docker build --build-arg CONT_IMG_VER=v2.0.1 Dockerfile
+```
+
+In this case, the `RUN` instruction uses `v1.0.0` instead of the `ARG` setting
+passed by the user:`v2.0.1` This behavior is similar to a shell
+script where a locally scoped variable overrides the variables passed as
+arguments or inherited from environment, from its point of definition.
+
+Using the example above but a different `ENV` specification you can create more
+useful interactions between `ARG` and `ENV` instructions:
+
+```
+1 FROM ubuntu
+2 ARG CONT_IMG_VER
+3 ENV CONT_IMG_VER ${CONT_IMG_VER:-v1.0.0}
+4 RUN echo $CONT_IMG_VER
+```
+
+Unlike an `ARG` instruction, `ENV` values are always persisted in the built
+image. Consider a docker build without the --build-arg flag:
+
+```
+$ docker build Dockerfile
+```
+
+Using this Dockerfile example, `CONT_IMG_VER` is still persisted in the image but
+its value would be `v1.0.0` as it is the default set in line 3 by the `ENV` instruction.
+
+The variable expansion technique in this example allows you to pass arguments
+from the command line and persist them in the final image by leveraging the
+`ENV` instruction. Variable expansion is only supported for [a limited set of
+Dockerfile instructions.](#environment-replacement)
+
+Docker has a set of predefined `ARG` variables that you can use without a
+corresponding `ARG` instruction in the Dockerfile.
+
+* `HTTP_PROXY`
+* `http_proxy`
+* `HTTPS_PROXY`
+* `https_proxy`
+* `FTP_PROXY`
+* `ftp_proxy`
+* `NO_PROXY`
+* `no_proxy`
+
+To use these, simply pass them on the command line using the `--build-arg
+<varname>=<value>` flag.
+
+### Impact on build caching
+
+`ARG` variables are not persisted into the built image as `ENV` variables are.
+However, `ARG` variables do impact the build cache in similar ways. If a
+Dockerfile defines an `ARG` variable whose value is different from a previous
+build, then a "cache miss" occurs upon first use of the `ARG` variable. The
+declaration of the `ARG` variable does not count as a use.
+
+For example, consider these two Dockerfile:
+
+```
+1 FROM ubuntu
+2 ARG CONT_IMG_VER
+3 RUN echo $CONT_IMG_VER
+```
+
+```
+1 FROM ubuntu
+2 ARG CONT_IMG_VER
+3 RUN echo hello
+```
+
+If you specify `--build-arg CONT_IMG_VER=<value>` on the command line, in both
+cases, the specification on line 2 does not cause a cache miss; line 3 does
+cause a cache miss.`ARG CONT_IMG_VER` causes the RUN line to be identified
+as the same as running `CONT_IMG_VER=<value>` echo hello, so if the `<value>`
+changes, we get a cache miss.
+
+Consider another example under the same command line:
+
+```
+1 FROM ubuntu
+2 ARG CONT_IMG_VER
+3 ENV CONT_IMG_VER $CONT_IMG_VER
+4 RUN echo $CONT_IMG_VER
+```
+In this example, the cache miss occurs on line 3. The miss happens because
+the variable's value in the `ENV` references the `ARG` variable and that
+variable is changed through the command line. In this example, the `ENV`
+command causes the image to include the value.
+
+If an `ENV` instruction overrides an `ARG` instruction of the same name, like
+this Dockerfile:
+
+```
+1 FROM ubuntu
+2 ARG CONT_IMG_VER
+3 ENV CONT_IMG_VER hello
+4 RUN echo $CONT_IMG_VER
+```
+
+Line 3 does not cause a cache miss because the value of `CONT_IMG_VER` is a
+constant (`hello`). As a result, the environment variables and values used on
+the `RUN` (line 4) doesn't change between builds.
+
+## ONBUILD
+
+    ONBUILD [INSTRUCTION]
+
+The `ONBUILD` instruction adds to the image a *trigger* instruction to
+be executed at a later time, when the image is used as the base for
+another build. The trigger will be executed in the context of the
+downstream build, as if it had been inserted immediately after the
+`FROM` instruction in the downstream `Dockerfile`.
+
+Any build instruction can be registered as a trigger.
+
+This is useful if you are building an image which will be used as a base
+to build other images, for example an application build environment or a
+daemon which may be customized with user-specific configuration.
+
+For example, if your image is a reusable Python application builder, it
+will require application source code to be added in a particular
+directory, and it might require a build script to be called *after*
+that. You can't just call `ADD` and `RUN` now, because you don't yet
+have access to the application source code, and it will be different for
+each application build. You could simply provide application developers
+with a boilerplate `Dockerfile` to copy-paste into their application, but
+that is inefficient, error-prone and difficult to update because it
+mixes with application-specific code.
+
+The solution is to use `ONBUILD` to register advance instructions to
+run later, during the next build stage.
+
+Here's how it works:
+
+1. When it encounters an `ONBUILD` instruction, the builder adds a
+   trigger to the metadata of the image being built. The instruction
+   does not otherwise affect the current build.
+2. At the end of the build, a list of all triggers is stored in the
+   image manifest, under the key `OnBuild`. They can be inspected with
+   the `docker inspect` command.
+3. Later the image may be used as a base for a new build, using the
+   `FROM` instruction. As part of processing the `FROM` instruction,
+   the downstream builder looks for `ONBUILD` triggers, and executes
+   them in the same order they were registered. If any of the triggers
+   fail, the `FROM` instruction is aborted which in turn causes the
+   build to fail. If all triggers succeed, the `FROM` instruction
+   completes and the build continues as usual.
+4. Triggers are cleared from the final image after being executed. In
+   other words they are not inherited by "grand-children" builds.
+
+For example you might add something like this:
+
+    [...]
+    ONBUILD ADD . /app/src
+    ONBUILD RUN /usr/local/bin/python-build --dir /app/src
+    [...]
+
+> **Warning**: Chaining `ONBUILD` instructions using `ONBUILD ONBUILD` isn't allowed.
+
+> **Warning**: The `ONBUILD` instruction may not trigger `FROM` or `MAINTAINER` instructions.
+
+## STOPSIGNAL
+
+	STOPSIGNAL signal
+
+The `STOPSIGNAL` instruction sets the system call signal that will be sent to the container to exit.
+This signal can be a valid unsigned number that matches a position in the kernel's syscall table, for instance 9,
+or a signal name in the format SIGNAME, for instance SIGKILL.
+
+## Dockerfile examples
+
+Below you can see some examples of Dockerfile syntax. If you're interested in
+something more realistic, take a look at the list of [Dockerization examples](../examples/index.md).
+
+```
+# Nginx
+#
+# VERSION               0.0.1
+
+FROM      ubuntu
+MAINTAINER Victor Vieux <victor@docker.com>
+
+LABEL Description="This image is used to start the foobar executable" Vendor="ACME Products" Version="1.0"
+RUN apt-get update && apt-get install -y inotify-tools nginx apache2 openssh-server
+```
+
+```
+# Firefox over VNC
+#
+# VERSION               0.3
+
+FROM ubuntu
+
+# Install vnc, xvfb in order to create a 'fake' display and firefox
+RUN apt-get update && apt-get install -y x11vnc xvfb firefox
+RUN mkdir ~/.vnc
+# Setup a password
+RUN x11vnc -storepasswd 1234 ~/.vnc/passwd
+# Autostart firefox (might not be the best way, but it does the trick)
+RUN bash -c 'echo "firefox" >> /.bashrc'
+
+EXPOSE 5900
+CMD    ["x11vnc", "-forever", "-usepw", "-create"]
+```
+
+```
+# Multiple images example
+#
+# VERSION               0.1
+
+FROM ubuntu
+RUN echo foo > bar
+# Will output something like ===> 907ad6c2736f
+
+FROM ubuntu
+RUN echo moo > oink
+# Will output something like ===> 695d7793cbe4
+
+# You᾿ll now have two images, 907ad6c2736f with /bar, and 695d7793cbe4 with
+# /oink.
+```
diff --git a/docs/reference/commandline/attach.md b/docs/reference/commandline/attach.md
new file mode 100644
index 00000000..dfe2908c
--- /dev/null
+++ b/docs/reference/commandline/attach.md
@@ -0,0 +1,115 @@
+<!--[metadata]>
++++
+title = "attach"
+description = "The attach command description and usage"
+keywords = ["attach, running, container"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# attach
+
+    Usage: docker attach [OPTIONS] CONTAINER
+
+    Attach to a running container
+
+      --detach-keys="<sequence>"       Set up escape key sequence
+      --help                           Print usage
+      --no-stdin                       Do not attach STDIN
+      --sig-proxy=true                 Proxy all received signals to the process
+
+The `docker attach` command allows you to attach to a running container using
+the container's ID or name, either to view its ongoing output or to control it
+interactively. You can attach to the same contained process multiple times
+simultaneously, screen sharing style, or quickly view the progress of your
+detached  process.
+
+To stop a container, use `CTRL-c`. This key sequence sends `SIGKILL` to the
+container. If `--sig-proxy` is true (the default),`CTRL-c` sends a `SIGINT` to
+the container. You can detach from a container and leave it running using the
+using `CTRL-p CTRL-q` key sequence.
+
+> **Note:**
+> A process running as PID 1 inside a container is treated specially by
+> Linux: it ignores any signal with the default action. So, the process
+> will not terminate on `SIGINT` or `SIGTERM` unless it is coded to do
+> so.
+
+It is forbidden to redirect the standard input of a `docker attach` command
+while attaching to a tty-enabled container (i.e.: launched with `-t`).
+
+
+## Override the detach sequence
+
+If you want, you can configure a override the Docker key sequence for detach.
+This is is useful if the Docker default sequence conflicts with key squence you
+use for other applications. There are two ways to defines a your own detach key
+sequence, as a per-container override or as a configuration property on  your
+entire configuration.
+
+To override the sequence for an individual container, use the
+`--detach-keys="<sequence>"` flag with the `docker attach` command. The format of
+the `<sequence>` is either a letter [a-Z], or the `ctrl-` combined with any of
+the following:
+
+* `a-z` (a single lowercase alpha character )
+* `@` (at sign)
+* `[` (left bracket)
+* `\\` (two backward slashes)
+*  `_` (underscore)
+* `^` (caret)
+
+These `a`, `ctrl-a`, `X`, or `ctrl-\\` values are all examples of valid key
+sequences. To configure a different configuration default key sequence for all
+containers, see [**Configuration file** section](cli.md#configuration-files).
+
+#### Examples
+
+    $ docker run -d --name topdemo ubuntu /usr/bin/top -b
+    $ docker attach topdemo
+    top - 02:05:52 up  3:05,  0 users,  load average: 0.01, 0.02, 0.05
+    Tasks:   1 total,   1 running,   0 sleeping,   0 stopped,   0 zombie
+    Cpu(s):  0.1%us,  0.2%sy,  0.0%ni, 99.7%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
+    Mem:    373572k total,   355560k used,    18012k free,    27872k buffers
+    Swap:   786428k total,        0k used,   786428k free,   221740k cached
+
+    PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
+     1 root      20   0 17200 1116  912 R    0  0.3   0:00.03 top
+
+     top - 02:05:55 up  3:05,  0 users,  load average: 0.01, 0.02, 0.05
+     Tasks:   1 total,   1 running,   0 sleeping,   0 stopped,   0 zombie
+     Cpu(s):  0.0%us,  0.2%sy,  0.0%ni, 99.8%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
+     Mem:    373572k total,   355244k used,    18328k free,    27872k buffers
+     Swap:   786428k total,        0k used,   786428k free,   221776k cached
+
+       PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
+           1 root      20   0 17208 1144  932 R    0  0.3   0:00.03 top
+
+
+     top - 02:05:58 up  3:06,  0 users,  load average: 0.01, 0.02, 0.05
+     Tasks:   1 total,   1 running,   0 sleeping,   0 stopped,   0 zombie
+     Cpu(s):  0.2%us,  0.3%sy,  0.0%ni, 99.5%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
+     Mem:    373572k total,   355780k used,    17792k free,    27880k buffers
+     Swap:   786428k total,        0k used,   786428k free,   221776k cached
+
+     PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
+          1 root      20   0 17208 1144  932 R    0  0.3   0:00.03 top
+    ^C$
+    $ echo $?
+    0
+    $ docker ps -a | grep topdemo
+    7998ac8581f9        ubuntu:14.04        "/usr/bin/top -b"   38 seconds ago      Exited (0) 21 seconds ago                          topdemo
+
+And in this second example, you can see the exit code returned by the `bash`
+process is returned by the `docker attach` command to its caller too:
+
+    $ docker run --name test -d -it debian
+    275c44472aebd77c926d4527885bb09f2f6db21d878c75f0a1c212c03d3bcfab
+    $ docker attach test
+    $$ exit 13
+    exit
+    $ echo $?
+    13
+    $ docker ps -a | grep test
+    275c44472aeb        debian:7            "/bin/bash"         26 seconds ago      Exited (13) 17 seconds ago                         test
diff --git a/docs/reference/commandline/build.md b/docs/reference/commandline/build.md
new file mode 100644
index 00000000..4530f77b
--- /dev/null
+++ b/docs/reference/commandline/build.md
@@ -0,0 +1,318 @@
+<!--[metadata]>
++++
+title = "build"
+description = "The build command description and usage"
+keywords = ["build, docker, image"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# build
+
+    Usage: docker build [OPTIONS] PATH | URL | -
+
+    Build a new image from the source code at PATH
+
+      --build-arg=[]                  Set build-time variables
+      --cpu-shares                    CPU Shares (relative weight)
+      --cgroup-parent=""              Optional parent cgroup for the container
+      --cpu-period=0                  Limit the CPU CFS (Completely Fair Scheduler) period
+      --cpu-quota=0                   Limit the CPU CFS (Completely Fair Scheduler) quota
+      --cpuset-cpus=""                CPUs in which to allow execution, e.g. `0-3`, `0,1`
+      --cpuset-mems=""                MEMs in which to allow execution, e.g. `0-3`, `0,1`
+      --disable-content-trust=true    Skip image verification
+      -f, --file=""                   Name of the Dockerfile (Default is 'PATH/Dockerfile')
+      --force-rm                      Always remove intermediate containers
+      --help                          Print usage
+      --isolation=""                  Container isolation technology
+      --label=[]                      Set metadata for an image
+      -m, --memory=""                 Memory limit for all build containers
+      --memory-swap=""                A positive integer equal to memory plus swap. Specify -1 to enable unlimited swap.
+      --no-cache                      Do not use cache when building the image
+      --pull                          Always attempt to pull a newer version of the image
+      -q, --quiet                     Suppress the build output and print image ID on success
+      --rm=true                       Remove intermediate containers after a successful build
+      --shm-size=[]                   Size of `/dev/shm`. The format is `<number><unit>`. `number` must be greater than `0`.  Unit is optional and can be `b` (bytes), `k` (kilobytes), `m` (megabytes), or `g` (gigabytes). If you omit the unit, the system uses bytes. If you omit the size entirely, the system uses `64m`.
+      -t, --tag=[]                    Name and optionally a tag in the 'name:tag' format
+      --ulimit=[]                     Ulimit options
+
+Builds Docker images from a Dockerfile and a "context". A build's context is
+the files located in the specified `PATH` or `URL`. The build process can refer
+to any of the files in the context. For example, your build can use an
+[*ADD*](../builder.md#add) instruction to reference a file in the
+context.
+
+The `URL` parameter can specify the location of a Git repository; the repository
+acts as the build context. The system recursively clones the repository and its
+submodules using a `git clone --depth 1 --recursive` command. This command runs
+in a temporary directory on your local host. After the command succeeds, the
+directory is sent to the Docker daemon as the context. Local clones give you the
+ability to access private repositories using local user credentials, VPNs, and
+so forth.
+
+Git URLs accept context configuration in their fragment section, separated by a
+colon `:`.  The first part represents the reference that Git will check out,
+this can be either a branch, a tag, or a commit SHA. The second part represents
+a subdirectory inside the repository that will be used as a build context.
+
+For example, run this command to use a directory called `docker` in the branch
+`container`:
+
+      $ docker build https://github.com/docker/rootfs.git#container:docker
+
+The following table represents all the valid suffixes with their build
+contexts:
+
+Build Syntax Suffix | Commit Used | Build Context Used
+--------------------|-------------|-------------------
+`myrepo.git` | `refs/heads/master` | `/`
+`myrepo.git#mytag` | `refs/tags/mytag` | `/`
+`myrepo.git#mybranch` | `refs/heads/mybranch` | `/`
+`myrepo.git#abcdef` | `sha1 = abcdef` | `/`
+`myrepo.git#:myfolder` | `refs/heads/master` | `/myfolder`
+`myrepo.git#master:myfolder` | `refs/heads/master` | `/myfolder`
+`myrepo.git#mytag:myfolder` | `refs/tags/mytag` | `/myfolder`
+`myrepo.git#mybranch:myfolder` | `refs/heads/mybranch` | `/myfolder`
+`myrepo.git#abcdef:myfolder` | `sha1 = abcdef` | `/myfolder`
+
+Instead of specifying a context, you can pass a single Dockerfile in the `URL`
+or pipe the file in via `STDIN`. To pipe a Dockerfile from `STDIN`:
+
+    docker build - < Dockerfile
+
+If you use STDIN or specify a `URL`, the system places the contents into a file
+called `Dockerfile`, and any `-f`, `--file` option is ignored. In this
+scenario, there is no context.
+
+By default the `docker build` command will look for a `Dockerfile` at the root
+of the build context. The `-f`, `--file`, option lets you specify the path to
+an alternative file to use instead. This is useful in cases where the same set
+of files are used for multiple builds. The path must be to a file within the
+build context. If a relative path is specified then it must to be relative to
+the current directory.
+
+In most cases, it's best to put each Dockerfile in an empty directory. Then,
+add to that directory only the files needed for building the Dockerfile. To
+increase the build's performance, you can exclude files and directories by
+adding a `.dockerignore` file to that directory as well. For information on
+creating one, see the [.dockerignore file](../builder.md#dockerignore-file).
+
+If the Docker client loses connection to the daemon, the build is canceled.
+This happens if you interrupt the Docker client with `CTRL-c` or if the Docker
+client is killed for any reason. If the build initiated a pull which is still
+running at the time the build is cancelled, the pull is cancelled as well.
+
+## Return code
+
+On a successful build, a return code of success `0` will be returned.  When the
+build fails, a non-zero failure code will be returned.
+
+There should be informational output of the reason for failure output to
+`STDERR`:
+
+    $ docker build -t fail .
+    Sending build context to Docker daemon 2.048 kB
+    Sending build context to Docker daemon
+    Step 1 : FROM busybox
+     ---> 4986bf8c1536
+    Step 2 : RUN exit 13
+     ---> Running in e26670ec7a0a
+    INFO[0000] The command [/bin/sh -c exit 13] returned a non-zero code: 13
+    $ echo $?
+    1
+
+See also:
+
+[*Dockerfile Reference*](../builder.md).
+
+## Examples
+
+### Build with PATH
+
+    $ docker build .
+    Uploading context 10240 bytes
+    Step 1 : FROM busybox
+    Pulling repository busybox
+     ---> e9aa60c60128MB/2.284 MB (100%) endpoint: https://cdn-registry-1.docker.io/v1/
+    Step 2 : RUN ls -lh /
+     ---> Running in 9c9e81692ae9
+    total 24
+    drwxr-xr-x    2 root     root        4.0K Mar 12  2013 bin
+    drwxr-xr-x    5 root     root        4.0K Oct 19 00:19 dev
+    drwxr-xr-x    2 root     root        4.0K Oct 19 00:19 etc
+    drwxr-xr-x    2 root     root        4.0K Nov 15 23:34 lib
+    lrwxrwxrwx    1 root     root           3 Mar 12  2013 lib64 -> lib
+    dr-xr-xr-x  116 root     root           0 Nov 15 23:34 proc
+    lrwxrwxrwx    1 root     root           3 Mar 12  2013 sbin -> bin
+    dr-xr-xr-x   13 root     root           0 Nov 15 23:34 sys
+    drwxr-xr-x    2 root     root        4.0K Mar 12  2013 tmp
+    drwxr-xr-x    2 root     root        4.0K Nov 15 23:34 usr
+     ---> b35f4035db3f
+    Step 3 : CMD echo Hello world
+     ---> Running in 02071fceb21b
+     ---> f52f38b7823e
+    Successfully built f52f38b7823e
+    Removing intermediate container 9c9e81692ae9
+    Removing intermediate container 02071fceb21b
+
+This example specifies that the `PATH` is `.`, and so all the files in the
+local directory get `tar`d and sent to the Docker daemon. The `PATH` specifies
+where to find the files for the "context" of the build on the Docker daemon.
+Remember that the daemon could be running on a remote machine and that no
+parsing of the Dockerfile happens at the client side (where you're running
+`docker build`). That means that *all* the files at `PATH` get sent, not just
+the ones listed to [*ADD*](../builder.md#add) in the Dockerfile.
+
+The transfer of context from the local machine to the Docker daemon is what the
+`docker` client means when you see the "Sending build context" message.
+
+If you wish to keep the intermediate containers after the build is complete,
+you must use `--rm=false`. This does not affect the build cache.
+
+### Build with URL
+
+    $ docker build github.com/creack/docker-firefox
+
+This will clone the GitHub repository and use the cloned repository as context.
+The Dockerfile at the root of the repository is used as Dockerfile. Note that
+you can specify an arbitrary Git repository by using the `git://` or `git@`
+schema.
+
+### Build with -
+
+    $ docker build - < Dockerfile
+
+This will read a Dockerfile from `STDIN` without context. Due to the lack of a
+context, no contents of any local directory will be sent to the Docker daemon.
+Since there is no context, a Dockerfile `ADD` only works if it refers to a
+remote URL.
+
+    $ docker build - < context.tar.gz
+
+This will build an image for a compressed context read from `STDIN`.  Supported
+formats are: bzip2, gzip and xz.
+
+### Usage of .dockerignore
+
+    $ docker build .
+    Uploading context 18.829 MB
+    Uploading context
+    Step 1 : FROM busybox
+     ---> 769b9341d937
+    Step 2 : CMD echo Hello world
+     ---> Using cache
+     ---> 99cc1ad10469
+    Successfully built 99cc1ad10469
+    $ echo ".git" > .dockerignore
+    $ docker build .
+    Uploading context  6.76 MB
+    Uploading context
+    Step 1 : FROM busybox
+     ---> 769b9341d937
+    Step 2 : CMD echo Hello world
+     ---> Using cache
+     ---> 99cc1ad10469
+    Successfully built 99cc1ad10469
+
+This example shows the use of the `.dockerignore` file to exclude the `.git`
+directory from the context. Its effect can be seen in the changed size of the
+uploaded context. The builder reference contains detailed information on
+[creating a .dockerignore file](../builder.md#dockerignore-file)
+
+### Tag image (-t)
+
+    $ docker build -t vieux/apache:2.0 .
+
+This will build like the previous example, but it will then tag the resulting
+image. The repository name will be `vieux/apache` and the tag will be `2.0`
+
+You can apply multiple tags to an image. For example, you can apply the `latest`
+tag to a newly built image and add another tag that references a specific
+version.
+For example, to tag an image both as `whenry/fedora-jboss:latest` and
+`whenry/fedora-jboss:v2.1`, use the following:
+
+    $ docker build -t whenry/fedora-jboss:latest -t whenry/fedora-jboss:v2.1 .
+
+### Specify Dockerfile (-f)
+
+    $ docker build -f Dockerfile.debug .
+
+This will use a file called `Dockerfile.debug` for the build instructions
+instead of `Dockerfile`.
+
+    $ docker build -f dockerfiles/Dockerfile.debug -t myapp_debug .
+    $ docker build -f dockerfiles/Dockerfile.prod  -t myapp_prod .
+
+The above commands will build the current build context (as specified by the
+`.`) twice, once using a debug version of a `Dockerfile` and once using a
+production version.
+
+    $ cd /home/me/myapp/some/dir/really/deep
+    $ docker build -f /home/me/myapp/dockerfiles/debug /home/me/myapp
+    $ docker build -f ../../../../dockerfiles/debug /home/me/myapp
+
+These two `docker build` commands do the exact same thing. They both use the
+contents of the `debug` file instead of looking for a `Dockerfile` and will use
+`/home/me/myapp` as the root of the build context. Note that `debug` is in the
+directory structure of the build context, regardless of how you refer to it on
+the command line.
+
+> **Note:**
+> `docker build` will return a `no such file or directory` error if the
+> file or directory does not exist in the uploaded context. This may
+> happen if there is no context, or if you specify a file that is
+> elsewhere on the Host system. The context is limited to the current
+> directory (and its children) for security reasons, and to ensure
+> repeatable builds on remote Docker hosts. This is also the reason why
+> `ADD ../file` will not work.
+
+### Optional parent cgroup (--cgroup-parent)
+
+When `docker build` is run with the `--cgroup-parent` option the containers
+used in the build will be run with the [corresponding `docker run`
+flag](../run.md#specifying-custom-cgroups).
+
+### Set ulimits in container (--ulimit)
+
+Using the `--ulimit` option with `docker build` will cause each build step's
+container to be started using those [`--ulimit`
+flag values](./run.md#set-ulimits-in-container-ulimit).
+
+### Set build-time variables (--build-arg)
+
+You can use `ENV` instructions in a Dockerfile to define variable
+values. These values persist in the built image. However, often
+persistence is not what you want. Users want to specify variables differently
+depending on which host they build an image on.
+
+A good example is `http_proxy` or source versions for pulling intermediate
+files. The `ARG` instruction lets Dockerfile authors define values that users
+can set at build-time using the  `--build-arg` flag:
+
+    $ docker build --build-arg HTTP_PROXY=http://10.20.30.2:1234 .
+
+This flag allows you to pass the build-time variables that are
+accessed like regular environment variables in the `RUN` instruction of the
+Dockerfile. Also, these values don't persist in the intermediate or final images
+like `ENV` values do.
+
+For detailed information on using `ARG` and `ENV` instructions, see the
+[Dockerfile reference](../builder.md).
+
+### Specify isolation technology for container (--isolation)
+
+This option is useful in situations where you are running Docker containers on
+Windows. The `--isolation=<value>` option sets a container's isolation
+technology. On Linux, the only supported is the `default` option which uses
+Linux namespaces. On Microsoft Windows, you can specify these values:
+
+
+| Value     | Description                                                                                                                                                   |
+|-----------|---------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `default` | Use the value specified by the Docker daemon's `--exec-opt` . If the `daemon` does not specify an isolation technology, Microsoft Windows uses `process` as its default value.  |
+| `process` | Namespace isolation only.                                                                                                                                     |
+| `hyperv`   | Hyper-V hypervisor partition-based isolation.                                                                                                                  |
+
+Specifying the `--isolation` flag without a value is the same as setting `--isolation="default"`.
diff --git a/docs/reference/commandline/cli.md b/docs/reference/commandline/cli.md
new file mode 100644
index 00000000..ac5f62d4
--- /dev/null
+++ b/docs/reference/commandline/cli.md
@@ -0,0 +1,209 @@
+<!--[metadata]>
++++
+title = "Use the Docker command line"
+description = "Docker's CLI command description and usage"
+keywords = ["Docker, Docker documentation, CLI,  command line"]
+[menu.main]
+parent = "smn_cli"
+weight = -2
++++
+<![end-metadata]-->
+
+# Use the Docker command line
+
+To list available commands, either run `docker` with no parameters
+or execute `docker help`:
+
+    $ docker
+      Usage: docker [OPTIONS] COMMAND [arg...]
+             docker daemon [ --help | ... ]
+             docker [ --help | -v | --version ]
+
+        -H, --host=[]: The socket(s) to talk to the Docker daemon in the format of tcp://host:port/path, unix:///path/to/socket, fd://* or fd://socketfd.
+
+      A self-sufficient runtime for Linux containers.
+
+      ...
+
+Depending on your Docker system configuration, you may be required to preface
+each `docker` command with `sudo`. To avoid having to use `sudo` with the
+`docker` command, your system administrator can create a Unix group called
+`docker` and add users to it.
+
+For more information about installing Docker or `sudo` configuration, refer to
+the [installation](../../installation/index.md) instructions for your operating system.
+
+## Environment variables
+
+For easy reference, the following list of environment variables are supported
+by the `docker` command line:
+
+* `DOCKER_API_VERSION` The API version to use (e.g. `1.19`)
+* `DOCKER_CONFIG` The location of your client configuration files.
+* `DOCKER_CERT_PATH` The location of your authentication keys.
+* `DOCKER_DRIVER` The graph driver to use.
+* `DOCKER_HOST` Daemon socket to connect to.
+* `DOCKER_NOWARN_KERNEL_VERSION` Prevent warnings that your Linux kernel is
+  unsuitable for Docker.
+* `DOCKER_RAMDISK` If set this will disable 'pivot_root'.
+* `DOCKER_TLS_VERIFY` When set Docker uses TLS and verifies the remote.
+* `DOCKER_CONTENT_TRUST` When set Docker uses notary to sign and verify images.
+  Equates to `--disable-content-trust=false` for build, create, pull, push, run.
+* `DOCKER_CONTENT_TRUST_SERVER` The URL of the Notary server to use. This defaults
+  to the same URL as the registry.
+* `DOCKER_TMPDIR` Location for temporary Docker files.
+
+Because Docker is developed using 'Go', you can also use any environment
+variables used by the 'Go' runtime. In particular, you may find these useful:
+
+* `HTTP_PROXY`
+* `HTTPS_PROXY`
+* `NO_PROXY`
+
+These Go environment variables are case-insensitive. See the
+[Go specification](http://golang.org/pkg/net/http/) for details on these
+variables.
+
+## Configuration files
+
+By default, the Docker command line stores its configuration files in a
+directory called `.docker` within your `$HOME` directory. However, you can
+specify a different location via the `DOCKER_CONFIG` environment variable
+or the `--config` command line option. If both are specified, then the
+`--config` option overrides the `DOCKER_CONFIG` environment variable.
+For example:
+
+    docker --config ~/testconfigs/ ps
+
+Instructs Docker to use the configuration files in your `~/testconfigs/`
+directory when running the `ps` command.
+
+Docker manages most of the files in the configuration directory
+and you should not modify them. However, you *can modify* the
+`config.json` file to control certain aspects of how the `docker`
+command behaves.
+
+Currently, you can modify the `docker` command behavior using environment
+variables or command-line options. You can also use options within
+`config.json` to modify some of the same behavior. When using these
+mechanisms, you must keep in mind the order of precedence among them. Command
+line options override environment variables and environment variables override
+properties you specify in a `config.json` file.
+
+The `config.json` file stores a JSON encoding of several properties:
+
+The property `HttpHeaders` specifies a set of headers to include in all messages
+sent from the Docker client to the daemon. Docker does not try to interpret or
+understand these header; it simply puts them into the messages. Docker does
+not allow these headers to change any headers it sets for itself.
+
+The property `psFormat` specifies the default format for `docker ps` output.
+When the `--format` flag is not provided with the `docker ps` command,
+Docker's client uses this property. If this property is not set, the client
+falls back to the default table format. For a list of supported formatting
+directives, see the
+[**Formatting** section in the `docker ps` documentation](ps.md)
+
+Once attached to a container, users detach from it and leave it running using
+the using `CTRL-p CTRL-q` key sequence. This detach key sequence is customizable
+using the `detachKeys` property. Specify a `<sequence>` value for the
+property. The format of the `<sequence>` is a comma-separated list of either 
+a letter [a-Z], or the `ctrl-` combined with any of the following:
+
+* `a-z` (a single lowercase alpha character )
+* `@` (at sign)
+* `[` (left bracket)
+* `\\` (two backward slashes)
+*  `_` (underscore)
+* `^` (caret)
+
+Your customization applies to all containers started in with your Docker client.
+Users can override your custom or the default key sequence on a per-container
+basis. To do this, the user specifies the `--detach-keys` flag with the `docker
+attach`, `docker exec`, `docker run` or `docker start` command.
+
+The property `imagesFormat` specifies the default format for `docker images` output.
+When the `--format` flag is not provided with the `docker images` command,
+Docker's client uses this property. If this property is not set, the client
+falls back to the default table format. For a list of supported formatting
+directives, see the [**Formatting** section in the `docker images` documentation](images.md)
+
+Following is a sample `config.json` file:
+
+    {
+      "HttpHeaders": {
+        "MyHeader": "MyValue"
+      },
+      "psFormat": "table {{.ID}}\\t{{.Image}}\\t{{.Command}}\\t{{.Labels}}",
+      "imagesFormat": "table {{.ID}}\\t{{.Repository}}\\t{{.Tag}}\\t{{.CreatedAt}}",
+      "detachKeys": "ctrl-e,e"
+    }
+
+### Notary
+
+If using your own notary server and a self-signed certificate or an internal
+Certificate Authority, you need to place the certificate at
+`tls/<registry_url>/ca.crt` in your docker config directory.
+
+Alternatively you can trust the certificate globally by adding it to your system's
+list of root Certificate Authorities.
+
+## Help
+
+To list the help on any command just execute the command, followed by the
+`--help` option.
+
+    $ docker run --help
+
+    Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
+
+    Run a command in a new container
+
+      -a, --attach=[]            Attach to STDIN, STDOUT or STDERR
+      --cpu-shares=0             CPU shares (relative weight)
+    ...
+
+## Option types
+
+Single character command line options can be combined, so rather than
+typing `docker run -i -t --name test busybox sh`,
+you can write `docker run -it --name test busybox sh`.
+
+### Boolean
+
+Boolean options take the form `-d=false`. The value you see in the help text is
+the default value which is set if you do **not** specify that flag. If you
+specify a Boolean flag without a value, this will set the flag to `true`,
+irrespective of the default value.
+
+For example, running `docker run -d` will set the value to `true`, so your
+container **will** run in "detached" mode, in the background.
+
+Options which default to `true` (e.g., `docker build --rm=true`) can only be
+set to the non-default value by explicitly setting them to `false`:
+
+    $ docker build --rm=false .
+
+### Multi
+
+You can specify options like `-a=[]` multiple times in a single command line,
+for example in these commands:
+
+    $ docker run -a stdin -a stdout -i -t ubuntu /bin/bash
+    $ docker run -a stdin -a stdout -a stderr ubuntu /bin/ls
+
+Sometimes, multiple options can call for a more complex value string as for
+`-v`:
+
+    $ docker run -v /host:/container example/mysql
+
+> **Note:**
+> Do not use the `-t` and `-a stderr` options together due to
+> limitations in the `pty` implementation. All `stderr` in `pty` mode
+> simply goes to `stdout`.
+
+### Strings and Integers
+
+Options like `--name=""` expect a string, and they
+can only be specified once. Options like `-c=0`
+expect an integer, and they can only be specified once.
diff --git a/docs/reference/commandline/commit.md b/docs/reference/commandline/commit.md
new file mode 100644
index 00000000..df64e957
--- /dev/null
+++ b/docs/reference/commandline/commit.md
@@ -0,0 +1,82 @@
+<!--[metadata]>
++++
+title = "commit"
+description = "The commit command description and usage"
+keywords = ["commit, file, changes"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# commit
+
+    Usage: docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
+
+    Create a new image from a container's changes
+
+      -a, --author=""     Author (e.g., "John Hannibal Smith <hannibal@a-team.com>")
+      -c, --change=[]     Apply specified Dockerfile instructions while committing the image
+      --help              Print usage
+      -m, --message=""    Commit message
+      -p, --pause=true    Pause container during commit
+
+It can be useful to commit a container's file changes or settings into a new
+image. This allows you debug a container by running an interactive shell, or to
+export a working dataset to another server. Generally, it is better to use
+Dockerfiles to manage your images in a documented and maintainable way.
+
+The commit operation will not include any data contained in
+volumes mounted inside the container.
+
+By default, the container being committed and its processes will be paused
+while the image is committed. This reduces the likelihood of encountering data
+corruption during the process of creating the commit.  If this behavior is
+undesired, set the `--pause` option to false.
+
+The `--change` option will apply `Dockerfile` instructions to the image that is
+created.  Supported `Dockerfile` instructions:
+`CMD`|`ENTRYPOINT`|`ENV`|`EXPOSE`|`LABEL`|`ONBUILD`|`USER`|`VOLUME`|`WORKDIR`
+
+## Commit a container
+
+    $ docker ps
+    ID                  IMAGE               COMMAND             CREATED             STATUS              PORTS
+    c3f279d17e0a        ubuntu:12.04        /bin/bash           7 days ago          Up 25 hours
+    197387f1b436        ubuntu:12.04        /bin/bash           7 days ago          Up 25 hours
+    $ docker commit c3f279d17e0a  svendowideit/testimage:version3
+    f5283438590d
+    $ docker images
+    REPOSITORY                        TAG                 ID                  CREATED             SIZE
+    svendowideit/testimage            version3            f5283438590d        16 seconds ago      335.7 MB
+
+## Commit a container with new configurations
+
+    $ docker ps
+    ID                  IMAGE               COMMAND             CREATED             STATUS              PORTS
+    c3f279d17e0a        ubuntu:12.04        /bin/bash           7 days ago          Up 25 hours
+    197387f1b436        ubuntu:12.04        /bin/bash           7 days ago          Up 25 hours
+    $ docker inspect -f "{{ .Config.Env }}" c3f279d17e0a
+    [HOME=/ PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin]
+    $ docker commit --change "ENV DEBUG true" c3f279d17e0a  svendowideit/testimage:version3
+    f5283438590d
+    $ docker inspect -f "{{ .Config.Env }}" f5283438590d
+    [HOME=/ PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin DEBUG=true]
+
+## Commit a container with new `CMD` and `EXPOSE` instructions 
+
+    $ docker ps
+    ID                  IMAGE               COMMAND             CREATED             STATUS              PORTS
+    c3f279d17e0a        ubuntu:12.04        /bin/bash           7 days ago          Up 25 hours
+    197387f1b436        ubuntu:12.04        /bin/bash           7 days ago          Up 25 hours
+
+    $ docker commit --change='CMD ["apachectl", "-DFOREGROUND"]' -c "EXPOSE 80" c3f279d17e0a  svendowideit/testimage:version4
+    f5283438590d
+    
+    $ docker run -d svendowideit/testimage:version4
+    89373736e2e7f00bc149bd783073ac43d0507da250e999f3f1036e0db60817c0
+
+    $ docker ps
+    ID                  IMAGE               COMMAND                 CREATED             STATUS              PORTS
+    89373736e2e7        testimage:version4  "apachectl -DFOREGROU"  3 seconds ago       Up 2 seconds        80/tcp
+    c3f279d17e0a        ubuntu:12.04        /bin/bash               7 days ago          Up 25 hours
+    197387f1b436        ubuntu:12.04        /bin/bash               7 days ago          Up 25 hours
diff --git a/docs/reference/commandline/cp.md b/docs/reference/commandline/cp.md
new file mode 100644
index 00000000..841aeb36
--- /dev/null
+++ b/docs/reference/commandline/cp.md
@@ -0,0 +1,89 @@
+<!--[metadata]>
++++
+title = "cp"
+description = "The cp command description and usage"
+keywords = ["copy, container, files, folders"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# cp
+
+    Usage: docker cp [OPTIONS] CONTAINER:SRC_PATH DEST_PATH | -
+           docker cp [OPTIONS] SRC_PATH | - CONTAINER:DEST_PATH
+
+    Copy files/folders between a container and the local filesystem
+
+      -L, --follow-link          Always follow symbol link in SRC_PATH
+      --help                     Print usage
+
+The `docker cp` utility copies the contents of `SRC_PATH` to the `DEST_PATH`.
+You can copy from the container's file system to the local machine or the
+reverse, from the local filesystem to the container. If `-` is specified for
+either the `SRC_PATH` or `DEST_PATH`, you can also stream a tar archive from
+`STDIN` or to `STDOUT`. The `CONTAINER` can be a running or stopped container.
+The `SRC_PATH` or `DEST_PATH` can be a file or directory.
+
+The `docker cp` command assumes container paths are relative to the container's 
+`/` (root) directory. This means supplying the initial forward slash is optional;
+The command sees `compassionate_darwin:/tmp/foo/myfile.txt` and
+`compassionate_darwin:tmp/foo/myfile.txt` as identical. Local machine paths can
+be an absolute or relative value. The command interprets a local machine's
+relative paths as relative to the current working directory where `docker cp` is
+run.
+
+The `cp` command behaves like the Unix `cp -a` command in that directories are
+copied recursively with permissions preserved if possible. Ownership is set to
+the user and primary group at the destination. For example, files copied to a
+container are created with `UID:GID` of the root user. Files copied to the local
+machine are created with the `UID:GID` of the user which invoked the `docker cp`
+command.  If you specify the `-L` option, `docker cp` follows any symbolic link
+in the `SRC_PATH`.  `docker cp` does *not* create parent directories for
+`DEST_PATH` if they do not exist.
+
+Assuming a path separator of `/`, a first argument of `SRC_PATH` and second
+argument of `DEST_PATH`, the behavior is as follows:
+
+- `SRC_PATH` specifies a file
+    - `DEST_PATH` does not exist
+        - the file is saved to a file created at `DEST_PATH`
+    - `DEST_PATH` does not exist and ends with `/`
+        - Error condition: the destination directory must exist.
+    - `DEST_PATH` exists and is a file
+        - the destination is overwritten with the source file's contents
+    - `DEST_PATH` exists and is a directory
+        - the file is copied into this directory using the basename from
+          `SRC_PATH`
+- `SRC_PATH` specifies a directory
+    - `DEST_PATH` does not exist
+        - `DEST_PATH` is created as a directory and the *contents* of the source
+           directory are copied into this directory
+    - `DEST_PATH` exists and is a file
+        - Error condition: cannot copy a directory to a file
+    - `DEST_PATH` exists and is a directory
+        - `SRC_PATH` does not end with `/.`
+            - the source directory is copied into this directory
+        - `SRC_PATH` does end with `/.`
+            - the *content* of the source directory is copied into this
+              directory
+
+The command requires `SRC_PATH` and `DEST_PATH` to exist according to the above
+rules. If `SRC_PATH` is local and is a symbolic link, the symbolic link, not
+the target, is copied by default. To copy the link target and not the link, specify 
+the `-L` option.
+
+A colon (`:`) is used as a delimiter between `CONTAINER` and its path. You can
+also use `:` when specifying paths to a `SRC_PATH` or `DEST_PATH` on a local
+machine, for example  `file:name.txt`. If you use a `:` in a local machine path,
+you must be explicit with a relative or absolute path, for example:
+
+    `/path/to/file:name.txt` or `./file:name.txt`
+
+It is not possible to copy certain system files such as resources under
+`/proc`, `/sys`, `/dev`, and mounts created by the user in the container.
+
+Using `-` as the `SRC_PATH` streams the contents of `STDIN` as a tar archive.
+The command extracts the content of the tar to the `DEST_PATH` in container's
+filesystem. In this case, `DEST_PATH` must specify a directory. Using `-` as
+the `DEST_PATH` streams the contents of the resource as a tar archive to `STDOUT`.
diff --git a/docs/reference/commandline/create.md b/docs/reference/commandline/create.md
new file mode 100644
index 00000000..70c0e4c3
--- /dev/null
+++ b/docs/reference/commandline/create.md
@@ -0,0 +1,162 @@
+<!--[metadata]>
++++
+title = "create"
+description = "The create command description and usage"
+keywords = ["docker, create, container"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# create
+
+Creates a new container.
+
+    Usage: docker create [OPTIONS] IMAGE [COMMAND] [ARG...]
+
+    Create a new container
+
+      -a, --attach=[]               Attach to STDIN, STDOUT or STDERR
+      --add-host=[]                 Add a custom host-to-IP mapping (host:ip)
+      --blkio-weight=0              Block IO weight (relative weight)
+      --blkio-weight-device=[]      Block IO weight (relative device weight, format: `DEVICE_NAME:WEIGHT`)
+      --cpu-shares=0                CPU shares (relative weight)
+      --cap-add=[]                  Add Linux capabilities
+      --cap-drop=[]                 Drop Linux capabilities
+      --cgroup-parent=""            Optional parent cgroup for the container
+      --cidfile=""                  Write the container ID to the file
+      --cpu-period=0                Limit CPU CFS (Completely Fair Scheduler) period
+      --cpu-quota=0                 Limit CPU CFS (Completely Fair Scheduler) quota
+      --cpuset-cpus=""              CPUs in which to allow execution (0-3, 0,1)
+      --cpuset-mems=""              Memory nodes (MEMs) in which to allow execution (0-3, 0,1)
+      --device=[]                   Add a host device to the container
+      --device-read-bps=[]          Limit read rate (bytes per second) from a device (e.g., --device-read-bps=/dev/sda:1mb)
+      --device-read-iops=[]         Limit read rate (IO per second) from a device (e.g., --device-read-iops=/dev/sda:1000)
+      --device-write-bps=[]         Limit write rate (bytes per second) to a device (e.g., --device-write-bps=/dev/sda:1mb)
+      --device-write-iops=[]        Limit write rate (IO per second) to a device (e.g., --device-write-iops=/dev/sda:1000)
+      --disable-content-trust=true  Skip image verification
+      --dns=[]                      Set custom DNS servers
+      --dns-opt=[]                  Set custom DNS options
+      --dns-search=[]               Set custom DNS search domains
+      -e, --env=[]                  Set environment variables
+      --entrypoint=""               Overwrite the default ENTRYPOINT of the image
+      --env-file=[]                 Read in a file of environment variables
+      --expose=[]                   Expose a port or a range of ports
+      --group-add=[]                Add additional groups to join
+      -h, --hostname=""             Container host name
+      --help                        Print usage
+      -i, --interactive             Keep STDIN open even if not attached
+      --ip=""                       Container IPv4 address (e.g. 172.30.100.104)
+      --ip6=""                      Container IPv6 address (e.g. 2001:db8::33)
+      --ipc=""                      IPC namespace to use
+      --isolation=""                Container isolation technology
+      --kernel-memory=""            Kernel memory limit
+      -l, --label=[]                Set metadata on the container (e.g., --label=com.example.key=value)
+      --label-file=[]               Read in a line delimited file of labels
+      --link=[]                     Add link to another container
+      --log-driver=""               Logging driver for container
+      --log-opt=[]                  Log driver specific options
+      -m, --memory=""               Memory limit
+      --mac-address=""              Container MAC address (e.g. 92:d0:c6:0a:29:33)
+      --memory-reservation=""       Memory soft limit
+      --memory-swap=""              A positive integer equal to memory plus swap. Specify -1 to enable unlimited swap.
+      --memory-swappiness=""        Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100.
+      --name=""                     Assign a name to the container
+      --net="bridge"                Connect a container to a network
+                                    'bridge': create a network stack on the default Docker bridge
+                                    'none': no networking
+                                    'container:<name|id>': reuse another container's network stack
+                                    'host': use the Docker host network stack
+                                    '<network-name>|<network-id>': connect to a user-defined network
+      --net-alias=[]                Add network-scoped alias for the container
+      --oom-kill-disable            Whether to disable OOM Killer for the container or not
+      --oom-score-adj=0             Tune the host's OOM preferences for containers (accepts -1000 to 1000)
+      -P, --publish-all             Publish all exposed ports to random ports
+      -p, --publish=[]              Publish a container's port(s) to the host
+      --pid=""                      PID namespace to use
+      --pids-limit=-1                Tune container pids limit (set -1 for unlimited), kernel >= 4.3
+      --privileged                  Give extended privileges to this container
+      --read-only                   Mount the container's root filesystem as read only
+      --restart="no"                Restart policy (no, on-failure[:max-retry], always, unless-stopped)
+      --security-opt=[]             Security options
+      --stop-signal="SIGTERM"       Signal to stop a container
+      --shm-size=[]                 Size of `/dev/shm`. The format is `<number><unit>`. `number` must be greater than `0`.  Unit is optional and can be `b` (bytes), `k` (kilobytes), `m` (megabytes), or `g` (gigabytes). If you omit the unit, the system uses bytes. If you omit the size entirely, the system uses `64m`.
+      -t, --tty                     Allocate a pseudo-TTY
+      -u, --user=""                 Username or UID
+      --userns=""                   Container user namespace
+                                    'host': Use the Docker host user namespace
+                                    '': Use the Docker daemon user namespace specified by `--userns-remap` option.
+      --ulimit=[]                   Ulimit options
+      --uts=""                      UTS namespace to use
+      -v, --volume=[host-src:]container-dest[:<options>]
+                                    Bind mount a volume. The comma-delimited
+                                    `options` are [rw|ro], [z|Z],
+                                    [[r]shared|[r]slave|[r]private], and
+                                    [nocopy]. The 'host-src' is an absolute path
+                                    or a name value.
+      --volume-driver=""            Container's volume driver
+      --volumes-from=[]             Mount volumes from the specified container(s)
+      -w, --workdir=""              Working directory inside the container
+
+The `docker create` command creates a writeable container layer over the
+specified image and prepares it for running the specified command.  The
+container ID is then printed to `STDOUT`.  This is similar to `docker run -d`
+except the container is never started.  You can then use the
+`docker start <container_id>` command to start the container at any point.
+
+This is useful when you want to set up a container configuration ahead of time
+so that it is ready to start when you need it. The initial status of the
+new container is `created`.
+
+Please see the [run command](run.md) section and the [Docker run reference](../run.md) for more details.
+
+## Examples
+
+    $ docker create -t -i fedora bash
+    6d8af538ec541dd581ebc2a24153a28329acb5268abe5ef868c1f1a261221752
+    $ docker start -a -i 6d8af538ec5
+    bash-4.2#
+
+As of v1.4.0 container volumes are initialized during the `docker create` phase
+(i.e., `docker run` too). For example, this allows you to `create` the `data`
+volume container, and then use it from another container:
+
+    $ docker create -v /data --name data ubuntu
+    240633dfbb98128fa77473d3d9018f6123b99c454b3251427ae190a7d951ad57
+    $ docker run --rm --volumes-from data ubuntu ls -la /data
+    total 8
+    drwxr-xr-x  2 root root 4096 Dec  5 04:10 .
+    drwxr-xr-x 48 root root 4096 Dec  5 04:11 ..
+
+Similarly, `create` a host directory bind mounted volume container, which can
+then be used from the subsequent container:
+
+    $ docker create -v /home/docker:/docker --name docker ubuntu
+    9aa88c08f319cd1e4515c3c46b0de7cc9aa75e878357b1e96f91e2c773029f03
+    $ docker run --rm --volumes-from docker ubuntu ls -la /docker
+    total 20
+    drwxr-sr-x  5 1000 staff  180 Dec  5 04:00 .
+    drwxr-xr-x 48 root root  4096 Dec  5 04:13 ..
+    -rw-rw-r--  1 1000 staff 3833 Dec  5 04:01 .ash_history
+    -rw-r--r--  1 1000 staff  446 Nov 28 11:51 .ashrc
+    -rw-r--r--  1 1000 staff   25 Dec  5 04:00 .gitconfig
+    drwxr-sr-x  3 1000 staff   60 Dec  1 03:28 .local
+    -rw-r--r--  1 1000 staff  920 Nov 28 11:51 .profile
+    drwx--S---  2 1000 staff  460 Dec  5 00:51 .ssh
+    drwxr-xr-x 32 1000 staff 1140 Dec  5 04:01 docker
+
+### Specify isolation technology for container (--isolation)
+
+This option is useful in situations where you are running Docker containers on
+Windows. The `--isolation=<value>` option sets a container's isolation
+technology. On Linux, the only supported is the `default` option which uses
+Linux namespaces. On Microsoft Windows, you can specify these values:
+
+
+| Value     | Description                                                                                                                                                   |
+|-----------|---------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `default` | Use the value specified by the Docker daemon's `--exec-opt` . If the `daemon` does not specify an isolation technology, Microsoft Windows uses `process` as its default value.  |
+| `process` | Namespace isolation only.                                                                                                                                     |
+| `hyperv`   | Hyper-V hypervisor partition-based isolation.                                                                                                                  |
+
+Specifying the `--isolation` flag without a value is the same as setting `--isolation="default"`.
diff --git a/docs/reference/commandline/daemon.md b/docs/reference/commandline/daemon.md
new file mode 100644
index 00000000..796a04c3
--- /dev/null
+++ b/docs/reference/commandline/daemon.md
@@ -0,0 +1,958 @@
+<!--[metadata]>
++++
+title = "daemon"
+description = "The daemon command description and usage"
+keywords = ["container, daemon, runtime"]
+[menu.main]
+parent = "smn_cli"
+weight = -1
++++
+<![end-metadata]-->
+
+# daemon
+
+    Usage: docker daemon [OPTIONS]
+
+    A self-sufficient runtime for linux containers.
+
+    Options:
+      --api-cors-header=""                   Set CORS headers in the remote API
+      --authorization-plugin=[]              Set authorization plugins to load
+      -b, --bridge=""                        Attach containers to a network bridge
+      --bip=""                               Specify network bridge IP
+      --cgroup-parent=                       Set parent cgroup for all containers
+      --cluster-store=""                     URL of the distributed storage backend
+      --cluster-advertise=""                 Address of the daemon instance on the cluster
+      --cluster-store-opt=map[]              Set cluster options
+      --config-file=/etc/docker/daemon.json  Daemon configuration file
+      --containerd                           Path to containerd socket
+      -D, --debug                            Enable debug mode
+      --default-gateway=""                   Container default gateway IPv4 address
+      --default-gateway-v6=""                Container default gateway IPv6 address
+      --dns=[]                               DNS server to use
+      --dns-opt=[]                           DNS options to use
+      --dns-search=[]                        DNS search domains to use
+      --default-ulimit=[]                    Set default ulimit settings for containers
+      --exec-opt=[]                          Set runtime execution options
+      --exec-root="/var/run/docker"          Root directory for execution state files
+      --fixed-cidr=""                        IPv4 subnet for fixed IPs
+      --fixed-cidr-v6=""                     IPv6 subnet for fixed IPs
+      -G, --group="docker"                   Group for the unix socket
+      -g, --graph="/var/lib/docker"          Root of the Docker runtime
+      -H, --host=[]                          Daemon socket(s) to connect to
+      --help                                 Print usage
+      --icc=true                             Enable inter-container communication
+      --insecure-registry=[]                 Enable insecure registry communication
+      --ip=0.0.0.0                           Default IP when binding container ports
+      --ip-forward=true                      Enable net.ipv4.ip_forward
+      --ip-masq=true                         Enable IP masquerading
+      --iptables=true                        Enable addition of iptables rules
+      --ipv6                                 Enable IPv6 networking
+      -l, --log-level="info"                 Set the logging level
+      --label=[]                             Set key=value labels to the daemon
+      --log-driver="json-file"               Default driver for container logs
+      --log-opt=[]                           Log driver specific options
+      --mtu=0                                Set the containers network MTU
+      --disable-legacy-registry              Do not contact legacy registries
+      -p, --pidfile="/var/run/docker.pid"    Path to use for daemon PID file
+      --raw-logs                             Full timestamps without ANSI coloring
+      --registry-mirror=[]                   Preferred Docker registry mirror
+      -s, --storage-driver=""                Storage driver to use
+      --selinux-enabled                      Enable selinux support
+      --storage-opt=[]                       Set storage driver options
+      --tls                                  Use TLS; implied by --tlsverify
+      --tlscacert="~/.docker/ca.pem"         Trust certs signed only by this CA
+      --tlscert="~/.docker/cert.pem"         Path to TLS certificate file
+      --tlskey="~/.docker/key.pem"           Path to TLS key file
+      --tlsverify                            Use TLS and verify the remote
+      --userns-remap="default"               Enable user namespace remapping
+      --userland-proxy=true                  Use userland proxy for loopback traffic
+
+Options with [] may be specified multiple times.
+
+The Docker daemon is the persistent process that manages containers. Docker
+uses the same binary for both the daemon and client. To run the daemon you
+type `docker daemon`.
+
+To run the daemon with debug output, use `docker daemon -D`.
+
+## Daemon socket option
+
+The Docker daemon can listen for [Docker Remote API](../api/docker_remote_api.md)
+requests via three different types of Socket: `unix`, `tcp`, and `fd`.
+
+By default, a `unix` domain socket (or IPC socket) is created at
+`/var/run/docker.sock`, requiring either `root` permission, or `docker` group
+membership.
+
+If you need to access the Docker daemon remotely, you need to enable the `tcp`
+Socket. Beware that the default setup provides un-encrypted and
+un-authenticated direct access to the Docker daemon - and should be secured
+either using the [built in HTTPS encrypted socket](../../security/https/), or by
+putting a secure web proxy in front of it. You can listen on port `2375` on all
+network interfaces with `-H tcp://0.0.0.0:2375`, or on a particular network
+interface using its IP address: `-H tcp://192.168.59.103:2375`. It is
+conventional to use port `2375` for un-encrypted, and port `2376` for encrypted
+communication with the daemon.
+
+> **Note:**
+> If you're using an HTTPS encrypted socket, keep in mind that only
+> TLS1.0 and greater are supported. Protocols SSLv3 and under are not
+> supported anymore for security reasons.
+
+On Systemd based systems, you can communicate with the daemon via
+[Systemd socket activation](http://0pointer.de/blog/projects/socket-activation.html),
+use `docker daemon -H fd://`. Using `fd://` will work perfectly for most setups but
+you can also specify individual sockets: `docker daemon -H fd://3`. If the
+specified socket activated files aren't found, then Docker will exit. You can
+find examples of using Systemd socket activation with Docker and Systemd in the
+[Docker source tree](https://github.com/docker/docker/tree/master/contrib/init/systemd/).
+
+You can configure the Docker daemon to listen to multiple sockets at the same
+time using multiple `-H` options:
+
+    # listen using the default unix socket, and on 2 specific IP addresses on this host.
+    docker daemon -H unix:///var/run/docker.sock -H tcp://192.168.59.106 -H tcp://10.10.10.2
+
+The Docker client will honor the `DOCKER_HOST` environment variable to set the
+`-H` flag for the client.
+
+    $ docker -H tcp://0.0.0.0:2375 ps
+    # or
+    $ export DOCKER_HOST="tcp://0.0.0.0:2375"
+    $ docker ps
+    # both are equal
+
+Setting the `DOCKER_TLS_VERIFY` environment variable to any value other than
+the empty string is equivalent to setting the `--tlsverify` flag. The following
+are equivalent:
+
+    $ docker --tlsverify ps
+    # or
+    $ export DOCKER_TLS_VERIFY=1
+    $ docker ps
+
+The Docker client will honor the `HTTP_PROXY`, `HTTPS_PROXY`, and `NO_PROXY`
+environment variables (or the lowercase versions thereof). `HTTPS_PROXY` takes
+precedence over `HTTP_PROXY`.
+
+### Daemon storage-driver option
+
+The Docker daemon has support for several different image layer storage
+drivers: `aufs`, `devicemapper`, `btrfs`, `zfs` and `overlay`.
+
+The `aufs` driver is the oldest, but is based on a Linux kernel patch-set that
+is unlikely to be merged into the main kernel. These are also known to cause
+some serious kernel crashes. However, `aufs` is also the only storage driver
+that allows containers to share executable and shared library memory, so is a
+useful choice when running thousands of containers with the same program or
+libraries.
+
+The `devicemapper` driver uses thin provisioning and Copy on Write (CoW)
+snapshots. For each devicemapper graph location – typically
+`/var/lib/docker/devicemapper` – a thin pool is created based on two block
+devices, one for data and one for metadata. By default, these block devices
+are created automatically by using loopback mounts of automatically created
+sparse files. Refer to [Storage driver options](#storage-driver-options) below
+for a way how to customize this setup.
+[~jpetazzo/Resizing Docker containers with the Device Mapper plugin](http://jpetazzo.github.io/2014/01/29/docker-device-mapper-resize/)
+article explains how to tune your existing setup without the use of options.
+
+The `btrfs` driver is very fast for `docker build` - but like `devicemapper`
+does not share executable memory between devices. Use
+`docker daemon -s btrfs -g /mnt/btrfs_partition`.
+
+The `zfs` driver is probably not as fast as `btrfs` but has a longer track record
+on stability. Thanks to `Single Copy ARC` shared blocks between clones will be
+cached only once. Use `docker daemon -s zfs`. To select a different zfs filesystem
+set `zfs.fsname` option as described in [Storage driver options](#storage-driver-options).
+
+The `overlay` is a very fast union filesystem. It is now merged in the main
+Linux kernel as of [3.18.0](https://lkml.org/lkml/2014/10/26/137). Call
+`docker daemon -s overlay` to use it.
+
+> **Note:**
+> As promising as `overlay` is, the feature is still quite young and should not
+> be used in production. Most notably, using `overlay` can cause excessive
+> inode consumption (especially as the number of images grows), as well as
+> being incompatible with the use of RPMs.
+
+> **Note:**
+> It is currently unsupported on `btrfs` or any Copy on Write filesystem
+> and should only be used over `ext4` partitions.
+
+### Storage driver options
+
+Particular storage-driver can be configured with options specified with
+`--storage-opt` flags. Options for `devicemapper` are prefixed with `dm` and
+options for `zfs` start with `zfs`.
+
+*  `dm.thinpooldev`
+
+     Specifies a custom block storage device to use for the thin pool.
+
+     If using a block device for device mapper storage, it is best to use `lvm`
+     to create and manage the thin-pool volume. This volume is then handed to Docker
+     to exclusively create snapshot volumes needed for images and containers.
+
+     Managing the thin-pool outside of Engine makes for the most feature-rich
+     method of having Docker utilize device mapper thin provisioning as the
+     backing storage for Docker containers. The highlights of the lvm-based
+     thin-pool management feature include: automatic or interactive thin-pool
+     resize support, dynamically changing thin-pool features, automatic thinp
+     metadata checking when lvm activates the thin-pool, etc.
+
+     As a fallback if no thin pool is provided, loopback files are
+     created. Loopback is very slow, but can be used without any
+     pre-configuration of storage. It is strongly recommended that you do
+     not use loopback in production. Ensure your Engine daemon has a
+     `--storage-opt dm.thinpooldev` argument provided.
+
+     Example use:
+
+        $ docker daemon \
+              --storage-opt dm.thinpooldev=/dev/mapper/thin-pool
+
+*  `dm.basesize`
+
+    Specifies the size to use when creating the base device, which limits the
+    size of images and containers. The default value is 10G. Note, thin devices
+    are inherently "sparse", so a 10G device which is mostly empty doesn't use
+    10 GB of space on the pool. However, the filesystem will use more space for
+    the empty case the larger the device is.
+
+    The base device size can be increased at daemon restart which will allow
+    all future images and containers (based on those new images) to be of the
+    new base device size.
+
+    Example use:
+
+        $ docker daemon --storage-opt dm.basesize=50G
+
+    This will increase the base device size to 50G. The Docker daemon will throw an
+    error if existing base device size is larger than 50G. A user can use
+    this option to expand the base device size however shrinking is not permitted.
+
+    This value affects the system-wide "base" empty filesystem
+    that may already be initialized and inherited by pulled images. Typically,
+    a change to this value requires additional steps to take effect:
+
+        $ sudo service docker stop
+        $ sudo rm -rf /var/lib/docker
+        $ sudo service docker start
+
+    Example use:
+
+        $ docker daemon --storage-opt dm.basesize=20G
+
+*  `dm.loopdatasize`
+
+    > **Note**:
+	> This option configures devicemapper loopback, which should not
+	> be used in production.
+
+    Specifies the size to use when creating the loopback file for the
+    "data" device which is used for the thin pool. The default size is
+    100G. The file is sparse, so it will not initially take up this
+    much space.
+
+    Example use:
+
+        $ docker daemon --storage-opt dm.loopdatasize=200G
+
+*  `dm.loopmetadatasize`
+
+    > **Note**:
+    > This option configures devicemapper loopback, which should not
+    > be used in production.
+
+    Specifies the size to use when creating the loopback file for the
+    "metadata" device which is used for the thin pool. The default size
+    is 2G. The file is sparse, so it will not initially take up
+    this much space.
+
+    Example use:
+
+        $ docker daemon --storage-opt dm.loopmetadatasize=4G
+
+*  `dm.fs`
+
+    Specifies the filesystem type to use for the base device. The supported
+    options are "ext4" and "xfs". The default is "xfs"
+
+    Example use:
+
+        $ docker daemon --storage-opt dm.fs=ext4
+
+*  `dm.mkfsarg`
+
+    Specifies extra mkfs arguments to be used when creating the base device.
+
+    Example use:
+
+        $ docker daemon --storage-opt "dm.mkfsarg=-O ^has_journal"
+
+*  `dm.mountopt`
+
+    Specifies extra mount options used when mounting the thin devices.
+
+    Example use:
+
+        $ docker daemon --storage-opt dm.mountopt=nodiscard
+
+*  `dm.datadev`
+
+    (Deprecated, use `dm.thinpooldev`)
+
+    Specifies a custom blockdevice to use for data for the thin pool.
+
+    If using a block device for device mapper storage, ideally both datadev and
+    metadatadev should be specified to completely avoid using the loopback
+    device.
+
+    Example use:
+
+        $ docker daemon \
+              --storage-opt dm.datadev=/dev/sdb1 \
+              --storage-opt dm.metadatadev=/dev/sdc1
+
+*  `dm.metadatadev`
+
+    (Deprecated, use `dm.thinpooldev`)
+
+    Specifies a custom blockdevice to use for metadata for the thin pool.
+
+    For best performance the metadata should be on a different spindle than the
+    data, or even better on an SSD.
+
+    If setting up a new metadata pool it is required to be valid. This can be
+    achieved by zeroing the first 4k to indicate empty metadata, like this:
+
+        $ dd if=/dev/zero of=$metadata_dev bs=4096 count=1
+
+    Example use:
+
+        $ docker daemon \
+              --storage-opt dm.datadev=/dev/sdb1 \
+              --storage-opt dm.metadatadev=/dev/sdc1
+
+*  `dm.blocksize`
+
+    Specifies a custom blocksize to use for the thin pool. The default
+    blocksize is 64K.
+
+    Example use:
+
+        $ docker daemon --storage-opt dm.blocksize=512K
+
+*  `dm.blkdiscard`
+
+    Enables or disables the use of blkdiscard when removing devicemapper
+    devices. This is enabled by default (only) if using loopback devices and is
+    required to resparsify the loopback file on image/container removal.
+
+    Disabling this on loopback can lead to *much* faster container removal
+    times, but will make the space used in `/var/lib/docker` directory not be
+    returned to the system for other use when containers are removed.
+
+    Example use:
+
+        $ docker daemon --storage-opt dm.blkdiscard=false
+
+*  `dm.override_udev_sync_check`
+
+    Overrides the `udev` synchronization checks between `devicemapper` and `udev`.
+    `udev` is the device manager for the Linux kernel.
+
+    To view the `udev` sync support of a Docker daemon that is using the
+    `devicemapper` driver, run:
+
+        $ docker info
+        [...]
+        Udev Sync Supported: true
+        [...]
+
+    When `udev` sync support is `true`, then `devicemapper` and udev can
+    coordinate the activation and deactivation of devices for containers.
+
+    When `udev` sync support is `false`, a race condition occurs between
+    the`devicemapper` and `udev` during create and cleanup. The race condition
+    results in errors and failures. (For information on these failures, see
+    [docker#4036](https://github.com/docker/docker/issues/4036))
+
+    To allow the `docker` daemon to start, regardless of `udev` sync not being
+    supported, set `dm.override_udev_sync_check` to true:
+
+        $ docker daemon --storage-opt dm.override_udev_sync_check=true
+
+    When this value is `true`, the  `devicemapper` continues and simply warns
+    you the errors are happening.
+
+    > **Note:**
+    > The ideal is to pursue a `docker` daemon and environment that does
+    > support synchronizing with `udev`. For further discussion on this
+    > topic, see [docker#4036](https://github.com/docker/docker/issues/4036).
+    > Otherwise, set this flag for migrating existing Docker daemons to
+    > a daemon with a supported environment.
+
+*  `dm.use_deferred_removal`
+
+    Enables use of deferred device removal if `libdm` and the kernel driver
+    support the mechanism.
+
+    Deferred device removal means that if device is busy when devices are
+    being removed/deactivated, then a deferred removal is scheduled on
+    device. And devices automatically go away when last user of the device
+    exits.
+
+    For example, when a container exits, its associated thin device is removed.
+    If that device has leaked into some other mount namespace and can't be
+    removed, the container exit still succeeds and this option causes the
+    system to schedule the device for deferred removal. It does not wait in a
+    loop trying to remove a busy device.
+
+    Example use:
+
+        $ docker daemon --storage-opt dm.use_deferred_removal=true
+
+*  `dm.use_deferred_deletion`
+
+    Enables use of deferred device deletion for thin pool devices. By default,
+    thin pool device deletion is synchronous. Before a container is deleted,
+    the Docker daemon removes any associated devices. If the storage driver
+    can not remove a device, the container deletion fails and daemon returns.
+
+        Error deleting container: Error response from daemon: Cannot destroy container
+
+    To avoid this failure, enable both deferred device deletion and deferred
+    device removal on the daemon.
+
+        $ docker daemon \
+              --storage-opt dm.use_deferred_deletion=true \
+              --storage-opt dm.use_deferred_removal=true
+
+    With these two options enabled, if a device is busy when the driver is
+    deleting a container, the driver marks the device as deleted. Later, when
+    the device isn't in use, the driver deletes it.
+
+    In general it should be safe to enable this option by default. It will help
+    when unintentional leaking of mount point happens across multiple mount
+    namespaces.
+
+*  `dm.min_free_space`
+
+    Specifies the min free space percent in a thin pool require for new device
+    creation to succeed. This check applies to both free data space as well
+    as free metadata space. Valid values are from 0% - 99%. Value 0% disables
+    free space checking logic. If user does not specify a value for this option,
+    the Engine uses a default value of 10%.
+
+    Whenever a new a thin pool device is created (during `docker pull` or during
+    container creation), the Engine checks if the minimum free space is
+    available. If sufficient space is unavailable, then device creation fails
+    and any relevant `docker` operation fails.
+
+    To recover from this error, you must create more free space in the thin pool
+    to recover from the error. You can create free space by deleting some images
+    and containers from the thin pool. You can also add more storage to the thin
+    pool.
+
+    To add more space to a LVM (logical volume management) thin pool, just add
+    more storage to the volume group container thin pool; this should automatically
+    resolve any errors. If your configuration uses loop devices, then stop the
+    Engine daemon, grow the size of loop files and restart the daemon to resolve
+    the issue.
+
+    Example use:
+
+    ```bash
+    $ docker daemon --storage-opt dm.min_free_space=10%
+    ```
+
+Currently supported options of `zfs`:
+
+* `zfs.fsname`
+
+    Set zfs filesystem under which docker will create its own datasets.
+    By default docker will pick up the zfs filesystem where docker graph
+    (`/var/lib/docker`) is located.
+
+    Example use:
+
+        $ docker daemon -s zfs --storage-opt zfs.fsname=zroot/docker
+
+## Docker runtime execution options
+
+The Docker daemon relies on a
+[OCI](https://github.com/opencontainers/specs) compliant runtime
+(invoked via the `containerd` daemon) as its interface to the Linux
+kernel `namespaces`, `cgroups`, and `SELinux`.
+
+## Options for the runtime
+
+You can configure the runtime using options specified
+with the `--exec-opt` flag. All the flag's options have the `native` prefix. A
+single `native.cgroupdriver` option is available.
+
+The `native.cgroupdriver` option specifies the management of the container's
+cgroups. You can specify only specify `cgroupfs` or `systemd`. If you specify
+`systemd` and it is not available, the system errors out. If you omit the
+`native.cgroupdriver` option,` cgroupfs` is used.
+
+This example sets the `cgroupdriver` to `systemd`:
+
+    $ sudo docker daemon --exec-opt native.cgroupdriver=systemd
+
+Setting this option applies to all containers the daemon launches.
+
+Also Windows Container makes use of `--exec-opt` for special purpose. Docker user
+can specify default container isolation technology with this, for example:
+
+    $ docker daemon --exec-opt isolation=hyperv
+
+Will make `hyperv` the default isolation technology on Windows, without specifying
+isolation value on daemon start, Windows isolation technology will default to `process`.
+
+## Daemon DNS options
+
+To set the DNS server for all Docker containers, use
+`docker daemon --dns 8.8.8.8`.
+
+To set the DNS search domain for all Docker containers, use
+`docker daemon --dns-search example.com`.
+
+## Insecure registries
+
+Docker considers a private registry either secure or insecure. In the rest of
+this section, *registry* is used for *private registry*, and `myregistry:5000`
+is a placeholder example for a private registry.
+
+A secure registry uses TLS and a copy of its CA certificate is placed on the
+Docker host at `/etc/docker/certs.d/myregistry:5000/ca.crt`. An insecure
+registry is either not using TLS (i.e., listening on plain text HTTP), or is
+using TLS with a CA certificate not known by the Docker daemon. The latter can
+happen when the certificate was not found under
+`/etc/docker/certs.d/myregistry:5000/`, or if the certificate verification
+failed (i.e., wrong CA).
+
+By default, Docker assumes all, but local (see local registries below),
+registries are secure. Communicating with an insecure registry is not possible
+if Docker assumes that registry is secure. In order to communicate with an
+insecure registry, the Docker daemon requires `--insecure-registry` in one of
+the following two forms:
+
+* `--insecure-registry myregistry:5000` tells the Docker daemon that
+  myregistry:5000 should be considered insecure.
+* `--insecure-registry 10.1.0.0/16` tells the Docker daemon that all registries
+  whose domain resolve to an IP address is part of the subnet described by the
+  CIDR syntax, should be considered insecure.
+
+The flag can be used multiple times to allow multiple registries to be marked
+as insecure.
+
+If an insecure registry is not marked as insecure, `docker pull`,
+`docker push`, and `docker search` will result in an error message prompting
+the user to either secure or pass the `--insecure-registry` flag to the Docker
+daemon as described above.
+
+Local registries, whose IP address falls in the 127.0.0.0/8 range, are
+automatically marked as insecure as of Docker 1.3.2. It is not recommended to
+rely on this, as it may change in the future.
+
+Enabling `--insecure-registry`, i.e., allowing un-encrypted and/or untrusted
+communication, can be useful when running a local registry.  However,
+because its use creates security vulnerabilities it should ONLY be enabled for
+testing purposes.  For increased security, users should add their CA to their
+system's list of trusted CAs instead of enabling `--insecure-registry`.
+
+## Legacy Registries
+
+Enabling `--disable-legacy-registry` forces a docker daemon to only interact with registries which support the V2 protocol.  Specifically, the daemon will not attempt `push`, `pull` and `login` to v1 registries.  The exception to this is `search` which can still be performed on v1 registries.
+
+## Running a Docker daemon behind a HTTPS_PROXY
+
+When running inside a LAN that uses a `HTTPS` proxy, the Docker Hub
+certificates will be replaced by the proxy's certificates. These certificates
+need to be added to your Docker host's configuration:
+
+1. Install the `ca-certificates` package for your distribution
+2. Ask your network admin for the proxy's CA certificate and append them to
+   `/etc/pki/tls/certs/ca-bundle.crt`
+3. Then start your Docker daemon with `HTTPS_PROXY=http://username:password@proxy:port/ docker daemon`.
+   The `username:` and `password@` are optional - and are only needed if your
+   proxy is set up to require authentication.
+
+This will only add the proxy and authentication to the Docker daemon's requests -
+your `docker build`s and running containers will need extra configuration to
+use the proxy
+
+## Default Ulimits
+
+`--default-ulimit` allows you to set the default `ulimit` options to use for
+all containers. It takes the same options as `--ulimit` for `docker run`. If
+these defaults are not set, `ulimit` settings will be inherited, if not set on
+`docker run`, from the Docker daemon. Any `--ulimit` options passed to
+`docker run` will overwrite these defaults.
+
+Be careful setting `nproc` with the `ulimit` flag as `nproc` is designed by Linux to
+set the maximum number of processes available to a user, not to a container. For details
+please check the [run](run.md) reference.
+
+## Nodes discovery
+
+The `--cluster-advertise` option specifies the `host:port` or `interface:port`
+combination that this particular daemon instance should use when advertising
+itself to the cluster. The daemon is reached by remote hosts through this value.
+If you  specify an interface, make sure it includes the IP address of the actual
+Docker host. For Engine installation created through `docker-machine`, the
+interface is typically `eth1`.
+
+The daemon uses [libkv](https://github.com/docker/libkv/) to advertise
+the node within the cluster. Some key-value backends support mutual
+TLS. To configure the client TLS settings used by the daemon can be configured
+using the `--cluster-store-opt` flag, specifying the paths to PEM encoded
+files. For example:
+
+```bash
+docker daemon \
+    --cluster-advertise 192.168.1.2:2376 \
+    --cluster-store etcd://192.168.1.2:2379 \
+    --cluster-store-opt kv.cacertfile=/path/to/ca.pem \
+    --cluster-store-opt kv.certfile=/path/to/cert.pem \
+    --cluster-store-opt kv.keyfile=/path/to/key.pem
+```
+
+The currently supported cluster store options are:
+
+*  `discovery.heartbeat`
+
+    Specifies the heartbeat timer in seconds which is used by the daemon as a
+    keepalive mechanism to make sure discovery module treats the node as alive
+    in the cluster. If not configured, the default value is 20 seconds.
+
+*  `discovery.ttl`
+
+    Specifies the ttl (time-to-live) in seconds which is used by the discovery
+    module to timeout a node if a valid heartbeat is not received within the
+    configured ttl value. If not configured, the default value is 60 seconds.
+
+*  `kv.cacertfile`
+
+    Specifies the path to a local file with PEM encoded CA certificates to trust
+
+*  `kv.certfile`
+
+    Specifies the path to a local file with a PEM encoded certificate.  This
+    certificate is used as the client cert for communication with the
+    Key/Value store.
+
+*  `kv.keyfile`
+
+    Specifies the path to a local file with a PEM encoded private key.  This
+    private key is used as the client key for communication with the
+    Key/Value store.
+
+*  `kv.path`
+
+    Specifies the path in the Key/Value store. If not configured, the default value is 'docker/nodes'.
+
+## Access authorization
+
+Docker's access authorization can be extended by authorization plugins that your
+organization can purchase or build themselves. You can install one or more
+authorization plugins when you start the Docker `daemon` using the
+`--authorization-plugin=PLUGIN_ID` option.
+
+```bash
+docker daemon --authorization-plugin=plugin1 --authorization-plugin=plugin2,...
+```
+
+The `PLUGIN_ID` value is either the plugin's name or a path to its specification
+file. The plugin's implementation determines whether you can specify a name or
+path. Consult with your Docker administrator to get information about the
+plugins available to you.
+
+Once a plugin is installed, requests made to the `daemon` through the command
+line or Docker's remote API are allowed or denied by the plugin.  If you have
+multiple plugins installed, at least one must allow the request for it to
+complete.
+
+For information about how to create an authorization plugin, see [authorization
+plugin](../../extend/plugins_authorization.md) section in the Docker extend section of this documentation.
+
+
+## Daemon user namespace options
+
+The Linux kernel [user namespace support](http://man7.org/linux/man-pages/man7/user_namespaces.7.html) provides additional security by enabling
+a process, and therefore a container, to have a unique range of user and
+group IDs which are outside the traditional user and group range utilized by
+the host system. Potentially the most important security improvement is that,
+by default, container processes running as the `root` user will have expected
+administrative privilege (with some restrictions) inside the container but will
+effectively be mapped to an unprivileged `uid` on the host.
+
+When user namespace support is enabled, Docker creates a single daemon-wide mapping
+for all containers running on the same engine instance. The mappings will
+utilize the existing subordinate user and group ID feature available on all modern
+Linux distributions.
+The [`/etc/subuid`](http://man7.org/linux/man-pages/man5/subuid.5.html) and
+[`/etc/subgid`](http://man7.org/linux/man-pages/man5/subgid.5.html) files will be
+read for the user, and optional group, specified to the `--userns-remap`
+parameter.  If you do not wish to specify your own user and/or group, you can
+provide `default` as the value to this flag, and a user will be created on your behalf
+and provided subordinate uid and gid ranges. This default user will be named
+`dockremap`, and entries will be created for it in `/etc/passwd` and
+`/etc/group` using your distro's standard user and group creation tools.
+
+> **Note**: The single mapping per-daemon restriction is in place for now
+> because Docker shares image layers from its local cache across all
+> containers running on the engine instance.  Since file ownership must be
+> the same for all containers sharing the same layer content, the decision
+> was made to map the file ownership on `docker pull` to the daemon's user and
+> group mappings so that there is no delay for running containers once the
+> content is downloaded. This design preserves the same performance for `docker
+> pull`, `docker push`, and container startup as users expect with
+> user namespaces disabled.
+
+### Starting the daemon with user namespaces enabled
+
+To enable user namespace support, start the daemon with the
+`--userns-remap` flag, which accepts values in the following formats:
+
+ - uid
+ - uid:gid
+ - username
+ - username:groupname
+
+If numeric IDs are provided, translation back to valid user or group names
+will occur so that the subordinate uid and gid information can be read, given
+these resources are name-based, not id-based.  If the numeric ID information
+provided does not exist as entries in `/etc/passwd` or `/etc/group`, daemon
+startup will fail with an error message.
+
+> **Note:** On Fedora 22, you have to `touch` the `/etc/subuid` and `/etc/subgid`
+> files to have ranges assigned when users are created.  This must be done
+> *before* the `--userns-remap` option is enabled. Once these files exist, the
+> daemon can be (re)started and range assignment on user creation works properly.
+
+*Example: starting with default Docker user management:*
+
+```bash
+$ docker daemon --userns-remap=default
+```
+
+When `default` is provided, Docker will create - or find the existing - user and group
+named `dockremap`. If the user is created, and the Linux distribution has
+appropriate support, the `/etc/subuid` and `/etc/subgid` files will be populated
+with a contiguous 65536 length range of subordinate user and group IDs, starting
+at an offset based on prior entries in those files.  For example, Ubuntu will
+create the following range, based on an existing user named `user1` already owning
+the first 65536 range:
+
+```bash
+$ cat /etc/subuid
+user1:100000:65536
+dockremap:165536:65536
+```
+
+If you have a preferred/self-managed user with subordinate ID mappings already
+configured, you can provide that username or uid to the `--userns-remap` flag.
+If you have a group that doesn't match the username, you may provide the `gid`
+or group name as well; otherwise the username will be used as the group name
+when querying the system for the subordinate group ID range.
+
+### Detailed information on `subuid`/`subgid` ranges
+
+Given potential advanced use of the subordinate ID ranges by power users, the
+following paragraphs define how the Docker daemon currently uses the range entries
+found within the subordinate range files.
+
+The simplest case is that only one contiguous range is defined for the
+provided user or group. In this case, Docker will use that entire contiguous
+range for the mapping of host uids and gids to the container process.  This
+means that the first ID in the range will be the remapped root user, and the
+IDs above that initial ID will map host ID 1 through the end of the range.
+
+From the example `/etc/subuid` content shown above, the remapped root
+user would be uid 165536.
+
+If the system administrator has set up multiple ranges for a single user or
+group, the Docker daemon will read all the available ranges and use the
+following algorithm to create the mapping ranges:
+
+1. The range segments found for the particular user will be sorted by *start ID* ascending.
+2. Map segments will be created from each range in increasing value with a length matching the length of each segment. Therefore the range segment with the lowest numeric starting value will be equal to the remapped root, and continue up through host uid/gid equal to the range segment length. As an example, if the lowest segment starts at ID 1000 and has a length of 100, then a map of 1000 -> 0 (the remapped root) up through 1100 -> 100 will be created from this segment. If the next segment starts at ID 10000, then the next map will start with mapping 10000 -> 101 up to the length of this second segment. This will continue until no more segments are found in the subordinate files for this user.
+3. If more than five range segments exist for a single user, only the first five will be utilized, matching the kernel's limitation of only five entries in `/proc/self/uid_map` and `proc/self/gid_map`.
+
+### Disable user namespace for a container
+
+If you enable user namespaces on the daemon, all containers are started
+with user namespaces enabled. In some situations you might want to disable
+this feature for a container, for example, to start a privileged container (see
+[user namespace known restrictions](#user-namespace-known-restrictions)).
+To enable those advanced features for a specific container use `--userns=host`
+in the `run/exec/create` command.
+This option will completely disable user namespace mapping for the container's user.
+
+### User namespace known restrictions
+
+The following standard Docker features are currently incompatible when
+running a Docker daemon with user namespaces enabled:
+
+ - sharing PID or NET namespaces with the host (`--pid=host` or `--net=host`)
+ - A `--readonly` container filesystem (this is a Linux kernel restriction against remounting with modified flags of a currently mounted filesystem when inside a user namespace)
+ - external (volume or graph) drivers which are unaware/incapable of using daemon user mappings
+ - Using `--privileged` mode flag on `docker run` (unless also specifying `--userns=host`)
+
+In general, user namespaces are an advanced feature and will require
+coordination with other capabilities. For example, if volumes are mounted from
+the host, file ownership will have to be pre-arranged if the user or
+administrator wishes the containers to have expected access to the volume
+contents.
+
+Finally, while the `root` user inside a user namespaced container process has
+many of the expected admin privileges that go along with being the superuser, the
+Linux kernel has restrictions based on internal knowledge that this is a user namespaced
+process. The most notable restriction that we are aware of at this time is the
+inability to use `mknod`. Permission will be denied for device creation even as
+container `root` inside a user namespace.
+
+## Miscellaneous options
+
+IP masquerading uses address translation to allow containers without a public
+IP to talk to other machines on the Internet. This may interfere with some
+network topologies and can be disabled with `--ip-masq=false`.
+
+Docker supports softlinks for the Docker data directory (`/var/lib/docker`) and
+for `/var/lib/docker/tmp`. The `DOCKER_TMPDIR` and the data directory can be
+set like this:
+
+    DOCKER_TMPDIR=/mnt/disk2/tmp /usr/local/bin/docker daemon -D -g /var/lib/docker -H unix:// > /var/lib/docker-machine/docker.log 2>&1
+    # or
+    export DOCKER_TMPDIR=/mnt/disk2/tmp
+    /usr/local/bin/docker daemon -D -g /var/lib/docker -H unix:// > /var/lib/docker-machine/docker.log 2>&1
+
+
+## Default cgroup parent
+
+The `--cgroup-parent` option allows you to set the default cgroup parent
+to use for containers. If this option is not set, it defaults to `/docker` for
+fs cgroup driver and `system.slice` for systemd cgroup driver.
+
+If the cgroup has a leading forward slash (`/`), the cgroup is created
+under the root cgroup, otherwise the cgroup is created under the daemon
+cgroup.
+
+Assuming the daemon is running in cgroup `daemoncgroup`,
+`--cgroup-parent=/foobar` creates a cgroup in
+`/sys/fs/cgroup/memory/foobar`, whereas using `--cgroup-parent=foobar`
+creates the cgroup in `/sys/fs/cgroup/memory/daemoncgroup/foobar`
+
+The systemd cgroup driver has different rules for `--cgroup-parent`. Systemd
+represents hierarchy by slice and the name of the slice encodes the location in
+the tree. So `--cgroup-parent` for systemd cgroups should be a slice name. A
+name can consist of a dash-separated series of names, which describes the path
+to the slice from the root slice. For example, `--cgroup-parent=user-a-b.slice`
+means the memory cgroup for the container is created in
+`/sys/fs/cgroup/memory/user.slice/user-a.slice/user-a-b.slice/docker-<id>.scope`.
+
+This setting can also be set per container, using the `--cgroup-parent`
+option on `docker create` and `docker run`, and takes precedence over
+the `--cgroup-parent` option on the daemon.
+
+## Daemon configuration file
+
+The `--config-file` option allows you to set any configuration option
+for the daemon in a JSON format. This file uses the same flag names as keys,
+except for flags that allow several entries, where it uses the plural
+of the flag name, e.g., `labels` for the `label` flag. By default,
+docker tries to load a configuration file from `/etc/docker/daemon.json`
+on Linux and `%programdata%\docker\config\daemon.json` on Windows.
+
+The options set in the configuration file must not conflict with options set
+via flags. The docker daemon fails to start if an option is duplicated between
+the file and the flags, regardless their value. We do this to avoid
+silently ignore changes introduced in configuration reloads.
+For example, the daemon fails to start if you set daemon labels
+in the configuration file and also set daemon labels via the `--label` flag.
+
+Options that are not present in the file are ignored when the daemon starts.
+This is a full example of the allowed configuration options in the file:
+
+```json
+{
+	"authorization-plugins": [],
+	"dns": [],
+	"dns-opts": [],
+	"dns-search": [],
+	"exec-opts": [],
+	"exec-root": "",
+	"storage-driver": "",
+	"storage-opts": "",
+	"labels": [],
+	"log-driver": "",
+	"log-opts": [],
+	"mtu": 0,
+	"pidfile": "",
+	"graph": "",
+	"cluster-store": "",
+	"cluster-store-opts": [],
+	"cluster-advertise": "",
+	"debug": true,
+	"hosts": [],
+	"log-level": "",
+	"tls": true,
+	"tlsverify": true,
+	"tlscacert": "",
+	"tlscert": "",
+	"tlskey": "",
+	"api-cors-headers": "",
+	"selinux-enabled": false,
+	"userns-remap": "",
+	"group": "",
+	"cgroup-parent": "",
+	"default-ulimits": {},
+	"ipv6": false,
+	"iptables": false,
+	"ip-forward": false,
+	"ip-mask": false,
+	"userland-proxy": false,
+	"ip": "0.0.0.0",
+	"bridge": "",
+	"bip": "",
+	"fixed-cidr": "",
+	"fixed-cidr-v6": "",
+	"default-gateway": "",
+	"default-gateway-v6": "",
+	"icc": false,
+	"raw-logs": false,
+	"registry-mirrors": [],
+	"insecure-registries": [],
+	"disable-legacy-registry": false
+}
+```
+
+### Configuration reloading
+
+Some options can be reconfigured when the daemon is running without requiring
+to restart the process. We use the `SIGHUP` signal in Linux to reload, and a global event
+in Windows with the key `Global\docker-daemon-config-$PID`. The options can
+be modified in the configuration file but still will check for conflicts with
+the provided flags. The daemon fails to reconfigure itself
+if there are conflicts, but it won't stop execution.
+
+The list of currently supported options that can be reconfigured is this:
+
+- `debug`: it changes the daemon to debug mode when set to true.
+- `cluster-store`: it reloads the discovery store with the new address.
+- `cluster-store-opts`: it uses the new options to reload the discovery store.
+- `cluster-advertise`: it modifies the address advertised after reloading.
+- `labels`: it replaces the daemon labels with a new set of labels.
+
+Updating and reloading the cluster configurations such as `--cluster-store`,
+`--cluster-advertise` and `--cluster-store-opts` will take effect only if
+these configurations were not previously configured. If `--cluster-store`
+has been provided in flags and `cluster-advertise` not, `cluster-advertise`
+can be added in the configuration file without accompanied by `--cluster-store`
+Configuration reload will log a warning message if it detects a change in
+previously configured cluster configurations.
diff --git a/docs/reference/commandline/diff.md b/docs/reference/commandline/diff.md
new file mode 100644
index 00000000..bda74ead
--- /dev/null
+++ b/docs/reference/commandline/diff.md
@@ -0,0 +1,40 @@
+<!--[metadata]>
++++
+title = "diff"
+description = "The diff command description and usage"
+keywords = ["list, changed, files, container"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# diff
+
+    Usage: docker diff [OPTIONS] CONTAINER
+
+    Inspect changes on a container's filesystem
+
+      --help              Print usage
+
+List the changed files and directories in a container᾿s filesystem
+ There are 3 events that are listed in the `diff`:
+
+1. `A` - Add
+2. `D` - Delete
+3. `C` - Change
+
+For example:
+
+    $ docker diff 7bb0e258aefe
+
+    C /dev
+    A /dev/kmsg
+    C /etc
+    A /etc/mtab
+    A /go
+    A /go/src
+    A /go/src/github.com
+    A /go/src/github.com/docker
+    A /go/src/github.com/docker/docker
+    A /go/src/github.com/docker/docker/.git
+    ....
diff --git a/docs/reference/commandline/docker_images.gif b/docs/reference/commandline/docker_images.gif
new file mode 100644
index 0000000000000000000000000000000000000000..5894ca270e002758b8f332141e00356e42868880
GIT binary patch
literal 35785
zcmd3tS6CBW*sj+UAPFD|HS{DP9Sl`K#LzngL_|~wh=>J0Kv6{0(5o7H5is<s1Qeu*
zh9=Dt6ciCZ19of?ELhom|9@TkY@hGvV2)>Itu^ai_j`|%i=(+kus7_0yaNA47>mV;
zii%50N=ZvgDgGCEGFeScO+{N<S67#;ufN{tzi646Z8SI6-Sl5J&}ds|G()@p;^gdX
z=IZL^=4RpHVddlF>+4I~zJ0sDe?UNh-Oink491>4dt5?8J@)TEc<>-SB4TS))R7}c
z0#5#yKqfOd`M>PV%*@Kl3O{@HU~X<+Ufw^&#nBi3%dyJJnwpvuwY8_3nwp!NnU^mo
zUHLC*U0uDsy_wgqpX=`*930FU9?l;hpO}~^zIX4!ga2}IX6DJ0Csj|M*3QpAfByX4
zyLXpAd{|yy{`>du|2*{nFBkF;6bpbi(EIO({u>h@vdW|<CMBn&rln_OW@Vo}cb=7#
zo0nfuSX5k6dZDbm;v&1Us=B7OuD+qMsk!CS<yKBx`<1I5o!7d$dwQ?;-MGo^9~c}O
zzBMvBHa>Ct&fR;w$@>qcrXN0<c|7}M?&-hJ`11?TU%Y(v`pw(Lcke%Z{3Q6iwEX4k
zx9=-Ie*XIX=kF>&a7xY`c7GB^N@v$7r*be2ujX3j+*UQ5MKnGzH`-P`a-L+DspQgL
zGnS{dwQ1K_d+kIKb<cR2%ayu27tD_=&W&BEzju+Agj06C+Avw|oTsyU{A%NadU~~M
zxobz$bhH1J15d|0njf_?1~Zl2I$IuJ34hSEd!qBwlWUQy&&SK%u3diG8@s&tbmCg;
zvztsrRK>lEGe4Lvr5kv=tL^y+OU<pqy}SM8M6vO~e{XkRd3}#<m!;y-bM@_mhONzk
zcX~SBJ>u+{sPO3R{P3jf$h&{<^j`b)jGH8?>Uq8E^YhU>-JrYIyO&?{s@*Pn_VvWv
z_lWH>Csg%*|HL26QuVrV{m1f~v5S%Y)nhTK7CHdXxe$t5S$_BI-p!k<t3X(b&-`P<
zr$NixSc4};J~IK3yUk9PlJ*OqPa%di%%>_Hdo!P=s$)1P1V~&Y2{vtmfPxsbkVU<v
z^*md7T_pq*trDuXIFaaJor$pa3zmIAx*dd3YJ0wFZI9;zNe4&mm-$MRc>vk#Wq3)V
zblS@z#%UJ_atYsYPfC=^u`fQ<DgQ!JOpje%vXo3^5)Qv=)J%62!^7pDQHU#cQuaW2
zsxiQ$>`zwwmz6AA*M20sQ|*mJPFTPjiA=v9PmEZ&PE&>0@3;FcQ8sU0l3ENxQ{Cq1
zaEfgMXRxW=ufe|AwB>E3q;9&P>GJiT0rTrL*vz-B!w1X<aT_DkVW_?;4+Rqk%!eRz
zJwrR_THs0q<T+y=p7z`aV-FWsu|S2AP83rZ5AaPr?=9yIu6w4FKq6=upYQo_<K(<J
zmdhvC@Acd1xegq4?iZ0c4Qy6Z6<F`k`s8E9hAE=AUCD^#(V2ndpD_OLs7$VVu(%q%
zVGw|>F7kw0(XM$6gn=kP)Y5&OIDE7?Z1{U%Lq8-P{eJ$w=le*56bfS^m>{D7G4J^t
zpKF~q-0t7;h<HrDbJ}wba78!ZXi2;mLo`~N79b@_xry;RBsUb(kts!q@oTu>mi^bB
z(Fds=Qkkvv%5_?0W%J_abw0*CPgTTnId)vCt+;eRAo-Q!Z&5YKkh}TZoH8W}05v+W
zOtGW#lB6~O?oqyi9?b^8dOLr8=r%47pYa~_oEI?$IsL$Tr}-cxP&w1GBzJ?vY}MU$
z$R5%+58k|*;xp1>j>^k164M%*4c5I=9zVDtUoGpsJ=A-|HH!b;h_U6bCvO(kNk%~O
zKSJ+BNkAp#ngj|!|5iTG_T>t8W8ibuJjk9_DH`j-L`~RI)&Qhf^rJIR=)dMf)~&d_
zL)7&^MU9yrH%cc!4Pi=#`;)ni0H|{NaYT0euiZ4%*@|{w=PG>C`%RjSQV2o+C?f7Z
zijk5WfRBkdkR?C+iKhFf1U{;iY3C^#OyR{e8q7DC<^-9cU|l&C24Mc|=DFQd?hN>K
zgcmmY3tf1qYs5N?aZ*-cK!}=*5Po}{A2m{^kf}g4hZ?6~^jy9>=a!faX*D5eD~#)t
z9kDQr!dBl_OU(peM4!x1iL+V1VQ5^;#~G_Yl}&MvG}HulZ98i47{G1qky&R~I#*+6
znL&mkS&6325U6-N@mna@R=TU$r18f@;d-{M5RaG=8hQKlhkLeSD|PF=Ww~TdZp8Eu
z-BNcdY4}vO-I%Y2S@DTViQ5rHi&ji<crOZL04Bk>Qc{>n*Tm$rg(I~7HD^OVEh>e+
z%|dv0hK;nn7Z%TZDXDe9Ta(VL)(?kp1{x?xJ}QC|xsvgw_cH@>6NE@RQ<oaO4hpVZ
z#QOJ(7%)44WE)TztrOZ3$s`oh5J}Sk?>t<B;6o;KW%UXk_d1WeJ~;={@K0#FT)GYS
zG~7B|Mjk66fcM+du%UP8SQB2N7+30IquX7nVpg&mo{X^(Brr~Jlaz>soJ65R`1D9r
z!z9=<>Q{YQGS_qWC6^*;o!9ysc2+9RxZ4#^O~0`IMY&yf_Nu(?CERkUq6R)e#4H^W
zb>>52_5czlfq>%^PyYQ`cnu~2SQ?)op3Fz}*f#6pBhl|GzU|eShl^vIN;Q=dL`<A*
zFjO9R`q8h8z-5X!b78q5uCN8aKSXf?9kG^ePmCRqD&-}A`&NLl*3uIX;U`M77>G<b
zfKl#FM7rp@83vXr`@Hq7Wvug*%-PkLBV1U*p4*G}r3qPaDo{=6Mr-&0A)c1>_%I0;
zp3#SOXz(|a7NYoRPWE2u;JZrw!rEMJ(yKj8TryY4f|Ph9t3R2<pBea9h6!77D})fW
zTgK;>(heLdQR6XD0x2@XjFqUQ1P$@RZSmoeiMSdfK)E#B?4YQY+mAaXq55GJcvRMx
zHX%-e#M8m62$Qu@6L8NF_z6U<x3Y&*uT<&Uzq~cI!x~Vz!Xd2Mm{3ij<BrS1;erK!
z^|;B*!zLl63`FA1L!iPxx;dQ>i{bqtO+i9^rRZWnkn>dXepsBe8<JCsQ?)ivfO$&r
zj%y1Kl$*A7Ij)+H>{+k7Q(nhbltK3q)wW^O=PidsGa<}juJEZ>PLjLukVzi<ek1K$
z>h0RC&hw<~g0FI1&Z)|Rb-^Mc{+%fX)QLmJsaQ>(zHl`DBa_-MG<X<@<Njh}{u$lx
z;4{Dp3`N!E(#xrN@^^f9a#IKRo{u-tZU!YEynzpPz(n@5<ZYAj=td!3xs*XuG>WpV
zz)>qybLqyz!x(p#EdYDF?Wu`5NewSfkQ3u|BC9g2`h|q?Tx`g{kpV~E2<y^kBm+2!
z=b{cp3I=)}cK>UrX6}j6qE<=?HzvptZQjSK{nGcQe<;f`OP1QGgx5a`HeWu4b*OLa
zL<W;rWrD#|*|vV>4k|82leWhV&+Rjx?tSLK!=A6Fzp#rzO0fknCsYQwa+0unRsPA9
zD93a(*@^F$xKbt=*QXPjxKqg5(YZBC6y-4;qU;Z21gEBh^Pwme{m5U>r}{F3DxX)=
zMMxJ&cvpY&tEBgV{|>Y~-MoL|?m)XO`y#$w>*&cdqN&&&D%TxL`4A`r(u<upq|Tig
zEbIvUJF>BE$3BZw9na5X5Zh0Q>~Yw;d}>D8(3J&k+H-Vk-RYAA6vacHvXWLbAVZ5O
z#-F*h@x&v0r(;)-DLRvXZnXXFbV_>Zj1q+@Q{_A>dGyT}4^<{?N==d`0aNxr@1L(S
zPxK=&Lq|Oa#jyb~9IG%BuN3YII2u~TMuH`1{hKr7F0xLzdG}Q^L}Mz1I!NO^=j|Cn
zT$(tBXitjKnncBUKui<6SO@)aJfmFf@oQf)#o2vgIeGI`Du^X-U4h<*q7CcexG%1I
z9mwmsOp6sc59WbN0UFvFnIu5X@EN%?M>FaBRJaIBD<j7_qvaJ`?uhZ=#-=he(($25
zG_;hMv7rz(q#=ge_oZs!+}Y_D*oQL_q{RmyRB~ArU92{)3xo8SlVf~+O=I0orqQnz
zXZ3a&iZPQ0ea$rsd~~MWJn69X15M>+I4hZ)q7{3_2F9>fQwvzAFg4sW4CzaOvS{f0
zQ5evWcUl-tKI9&WDsrGS4m4$pvEl*1Ot1%_rDIR;w*3Zl$OVt$Nb%};_+c%uEXJ;F
zdbbL(i^7^cTM>C0q%q{{DYQ+dDo2EyqtcCFmLNwef)>)g!ceSju0|vEe$6pw4s0?A
zwMP5(?%hIh(#6wZT`FAq^=#M1oTHN{U?7!D$n`!-2B5ATvIaW{-26-?ROKJL%>uI>
zD}=laeH5LONJB8Z^NGB`4^A;&yoeJo5p_X`H4`Lq5kTK>LIa}0hIjWC4SdHE=}<>_
z%*}RkX@Lbb+P%Ou*RFjPE$AqA$UPZhV^Yb?OyZ(|4HB8Lt`^Bj3{ZtBWD{9*V0bIF
zBp)N>LW7}w7;Rc<3Jp%o-F^lu)S`_c@W6Qt$leYe)yBAvovY*)l~Rv%zGCE#$@<IU
z3?BhPB*u_bd_H{-Dk5ZqN6c-JMs3Wbe9-mRDj1O<i~FT1f>OgG#87~u85m)Xmh0Oj
zIzE{mc`iA!uzg0G=u$j_JuucS`y>X(K7o-Dm?cJ{o>-x}LezzxL+1LYQrSs-czrIc
z!im=AXuWX3ymG;~^C3FBVo?qi=9B;yoJ>-s3rMW>sxSPpi{0e~jIv)AI)55v2f|iy
z6kJ%j1qSC-rCC)`X;G@HS^3!+6XSS3+ybL$iIMqP`EEZ(od(B@T}b9dc+l2nN5<3j
zxJQYx_6-+}ar;b5Wsg}TRN<k(fWmtgwP6ZDz6UTSoVr97N}wUy8kssq82P3e4p!*>
zeBI(caLX^pCbP<expUkBhDqfDO^_sC_sgPge=zv85vK{N6X{UPFnsO+hNi=gP6eX(
z(U*nmw}ko6X@H5^N{&l?L(@4j3kky|Bt`0LEEbghs5E5nL*#2Jn7}8XjDc(P)@TeT
zpTGGHYr-r@W#>y_&WFCOyMYtByY@I1n#Dg(6B%GmAtvWm1D&&4W6irXml>Amiji=^
z!2HT2Civ-(Av1u!E4FO5F37c|Gpr@Na!<txtObpoC@3;vUq}Lm?_Dp6E;Xi5Imyg&
zDIz4&T<@ZTaSOnZ4q${?r3+mbY_@V}Qn+JS&X0`Nj=I);lPHb{{<vbTdB9N6Zit7Y
zA0A8rtl@_Tgm9oguF8OhaUp>dU(u!mn3Fmf{{yX_O%XP{#v&JBV~2dQ#MqFUD)~t0
zDAp*G+(tQ?7J}+WdX8q~A4_O=8Nlwr?6RxNzc`9s?_}6;D8k@y61y{nkKhD*O5-pm
zXHf(8P8Iwmmz|ie;TR`8^ezgPnu+$nt>TutuAC20SABgvbwPjLWRFIcYy|ddJ!5w|
zEhwAYoyOf>%|h*nN1X8JvL*KY_nLB62hkSF)m1<6ogzo_R5a?PCiXgMcE*w`WmqkW
zImm1O3+H#La}?KWX{#;OlgD(`?wrg|i9(lbU|msy4gIhttLK1u3vr=Cmusrafd$dm
zM~yZ`UW?i7MB{Blv>3*l)~X-@yfN}d^mn7cE7!}HEnXlumoDs}GGX3!va{f(F`x2D
z@#Y=b)YKdVN$rv&pihsnjYj&2xmp^&8(Z5`Rz6#zv2hoiQuL}I3KgJKGK~)qws*0}
ziAE=KkN>HKsm%~-?HRc`pq)+MB!Fn#+<P^sC`Utqre)SL@ai}*3=33Pb>hLu%T#D+
zQ#|#)k4BA|{4QhVs}>}!G}<G#14(urqJsg~4JS0tC{Ed&UmA|x3U1ii7T<^ad{O13
zTfAnXyBILo*#||TP}-2I*cs_~vX492H``;&cAC=FWKYiVm+f)U*`solGyX5ofUBFr
zf5Rx#o&tK0S0j2pJEC_DWlly5dZFq4co7j6h6~4LcbqvyPAD_;KjgFJyK7eRXl9G4
z?9`}tI(g!W^Z6+o1vPlfadM10IPiT;eWW)L%6O^)o^_5dN1}T4!zdp1+J#&9eLP8T
zLY4vy_pDC*N}Aw`-Fj3{UK()=a~M+?G*(PRTGgnd*L!m-4?YzJ1TOqYPr`$REI1!3
z&cv<Th&ErlBP}>m2A?`aymjsN=t4g4Wf}S5ch9$0ceAg=rAk>J5P=k=?%}NDy;#U+
zoDGo=|0rAcI0^>)N3?k(P1GYoAnz50I@0Tgc4ZIDWVa4M9thB(nVK4-RdU&bTJHX_
z*}3n1+`v|&4s@F_YR5(~Rj@4;k>_Zv7wG6yZ9K%M*t_IgM$h9zyV^_F+0zg*^-zfm
zYys}nQIAl;O$BDI+S)YvwzjHVjUMN8`J1AVh$D?6%GCBz1M_*0R9wjQ*H&SPP?+BC
z7xB_(6KXTBhPEOA%cE;V0(~k%;n9;KY{ur~T^J9;BN8+j2={_`i0l<@eULg4)<vqW
zD=?LZOPZ_PI{S1uRc<nAWM}3MW1(~G&nWX16kcAkD-5xf6?f+&y$8aU=V#*zXWO2R
ztLy3%O%NMmVarrMlm`?eVM8u*M@H;&0b)RdiIH>HUqgCa<l-CA%O{`4<vz{HL9IB=
z?=J1NI>s0)Kx}yavlp;lEOaHMVs>~pF*S@|4x6wUW7KC~K4^S9B~Nh-(MS#Xeb!Hy
z)h@$?ZVi{d+#7hQt0kux$#F(>{<a(Nf;4G66&X9>&Q<=h4N$lhOp`@bg~cVU=MVYJ
zS4N$;VeU3ifmHybJ7Z_J0}$?*$4l=*xt9i~fvU>FXiT6L4Xx=F-~9181AfsNb!nOR
zGSG89BTx}<ClMO>$|w5O)yi`R4nI9~L-Vk;V!p+zXzSM}d|tN`5Vg$L#_b(PtWllE
zug2q*^aK}{7-cz|UT5SUw;g!hmIHV9yg9M%bep1jPqTKnhg$ABMNLxuXHvDXhx)yV
zR~P>(kilgEe$ST+H#CM#US8O-OXSAFg&q5fj{VBw{(JD9zy}F@-f<G0b;VnoGb31P
z7BWkSE)$lNF@4;Q=<;BxqW9%@!_y8cb;!I{URdqdZ|UbuP^3fpk6_fxAGxZ6xF(|^
zjKfFmWt|Or)-WEBSRXx6L?VA$b=2xEvbp!F^#eI$TdK2cD2!W1Tn0bglM2{W@L@RT
z{1*lS@yKqNI5Rs6t?EwO@AyflNvF-jZNHI;V``I0wug?Wv7b{g`8z~kpr#~G`N$3W
zdu_D!5~bUhaA>N$B)F}kOavDN^qfb5pHr+nR5y&aStYL1A5oBa>q&K&rF>jZb9PJ~
zb2T}`=uK=+8@S^Kobv5Ygh$BkP$uxZ1nhiIue-~~HwbOc#YcbP{MJ!>ldSUWi#+_5
z?`yQRRae=cEL`l|EV4GuAv)}gy}e2n8hSW92?{JFa5N9Ra!N!H`CqZ`PprOQ8Tz8p
zbw@7oJ52<B<m}vP{|`;>8!SHS?xE^R{keex7g#IfBAb_4@Zcivpx5ZcI>0;r(|N=9
zqt1yc_kKm4`JSw9I@$i6AKLpOANW~)ym}>0!<UBJ+AU-2siXeuK~D5nX32$h*|*Kf
zwSRs2=!1<E>TtS;!?LMopT>p{X)nE|WQ^P=)z-eIrtg!z?{#_4t9b|k#2jE$jXXVV
zfmX6uvL~|9Qy++JqG{-76(v)FJN^H~Y+F#njx}amO%^IHauWk0rt;EMPxDn#yaq|5
zhzi3Bn}pQt9s*TIV;Jx@0l3if{?x-6PwdTP5}>SCkal||1QfPpX@Ebxl4t03(w8-m
zgPND&c~raMEt<c7L%qHvwDtc&+jDSuywZ=H3?@NJPTS?}kn?z)UV?r?cY4_Pas7yP
zX`{)#w+p3C+)^SlrN;gj+WM*iMUU!RRS;?Z-Ws$G8E#yIwi)IiJ>T_zpluAq&*{9R
zB>^+z%iZLPg@NU}MIm8(W}2r*VwduN%r?gZteC&=8~~?Is_iK^1Qol+iqD8O@W+IJ
zq!;l&X8T1;1E3c)e$^y06^i$G?OLs>>3lzGiuz(cj0r<%*7h}MyX$}?aLROA-=_cR
z!)soz!4JU>={)g^Cv>0P?K^2e0lBf;OOv=jTDQ76=%Noc6GEf&mm)|jE5BBj({SxB
zTgEiBF?gErhTjbP2#iJpKT*u=4L=F*s5PJD_*-Br3}INdQuQVYyD_srG#AnbegKfB
z9`^+mC&oXx_rK8A<YD;pv*xdgs{xURU(kLj&-Kf+mvtdZ0HTGDq|FNdMIQY>X6x&R
z-HQ_Z8($XgvX)PdZ8e#PfC{_eMM=2MUc21=nO*(D!=D*UR>Z^o^^PW($bF~((b3c>
z3Hzx1hTSqm1FMz)e(f$V`%GSZQ(e`?1U2K@Jx`^`fMdhXKNhzShl{l=tDXD701!Q+
z=|HKb38!g)P4sv42$A@8@se6DSN?L<@NBsRhCTj{vy#Gu+R}c^K5YS0neVR*Yl~jm
zasQYc3X?sW_4gBhcSHnC8=QoJ%*@XZ-TSxE;GTUc?{?#H7^Z0Nm)vPC_G|9TkFnY;
z(XbmpwU&m1Hg<f9wIAB_Prukd$v{+GH%4&kkE7t9A>yMD?tuImlh3E@O-M{p<sv1w
zPK}da3{UF;yiK(BNcQ+vqa#<1PCJ<ZFlPE)2?v&bWKZ7t(J=>Z+dlf89O4pWfAqA|
z+G%ce$YUhC^uV^)OIJ@DV0eJAqbOc!Ciqc%$7vU5kI2UaRf5Wst7RX8#9%F&*&JBj
zXYlXk(GNkAGJs?D>`UpW_I&e-KIQ2#wQ~l!TP!Ow7br%A6>N^1^`Ui#4pf+zRlLdo
z4=W@t?0b8$c^nmfTzR*-^0L>uo~9d++^=Q>V&pIFe7WwpcfH5QZ5#UY?)T<=dA!}K
z>XN~h@z0KN7?6Hf%GDN~PJ{b$ZPu0iDe+)M+TslC*-UY(7240GC%QlOl|0kM2A=)*
z%9c&-(f8%g<e)q)+N)~^RZIUp-u36D=2qi??cdO14M(9n%)d7Gvp>GF60XB;E!82R
zz0X%EM8ZD_-=7pVCU@BUW@tL@fyjNu9SMB}bc=(T1aN#`|0XCadBdD%2qQFSWm@2Q
zJKAqufm(;$rPf4p&7%&w+0cA!ooe3fGYO%u$x#K(83PucTg>YQQv0(q{ME(bpOyU!
z9y#=FU$zss^{>Ih`LmJP)k?3OM=WQ(&+QrDDt{jxv6h_27}!6OClpXmT*{I5NVmy4
zIyCBNxs=1oCY%qU-`XdB-&>}4hFn5R+#kvo+Jv_yIJ%7clrH5rxYz1<H70HASt{Tt
z)#8t>p-T58G+}63Dug>hG+{%1+5KW~w>eiR=N=XcPdG9&c>A?prH~Ny#g&z<)oQD<
zEqi4}pG*0FXNAS(mHg&%sSeXO<&~R4EfjZ1m9Uxcd;SH%p*mA(mfJQ%%>+YZh5Mu#
z6jkDCeimzp%Z>!7Z~NA%{2Wum!Yhp_1OC$|nGn$7Wm=D5gkwRw7)kBv*Or4$%gJb?
z>~$#&10(C9eKeH>;>DYT3>9|WxvycaWmQ?`{zUmqZsq-oaYrf9ulY|xuHLIKJQuTp
zLffqT2;f$}G`3YTn^R41$vL#`ccC-0IdYrScMCT$E{WnF8nqPmrPsKegq`-PZ@m``
z;NY_dcatLZ0{6G6magr6`+T>I=|>0~?idj7=}uR@&F7@+4^Vod{E6lvs|0ge|0csW
zL^_<`CS{`+V%Urli`l}Kj}x$TAkVnX5Gwns7rvE(%J`?OHv-(X&B_?KckI__^7eL3
ztNBuc3M1xR`*o!1`~SXl(29X2aR6DL&uvVJ(ZK=1PI((S43;N?lLT}EhOd&w9TJ!1
zZnb4>@0}C6g|`RHrOvdL)+ZqkSpn5gT+ay&{J{z>oy01o1Gag%lbaDE8CDA>;JdgK
z96iy24hXaoXW?TsDU9GKB<`7vV!V-ja~qKYm&;O)cu=Va4`wmAsR_ZD?{zOg_^Ii2
z5(nBfUNF&Z!}YIh!S+8(#|fLc$r!8mD4}ZxyRgb_!NMR9rWLQR-DUv%DC@YAiG4pw
z(K!&~r6OREiW-(EoR&a?AR&0O)mFtME}}R@64E5C5o~4x&V&YGilrb7_3XNHdlXJq
zNWs!PCXT^CRPaH#5ataMXlIz+YRgtx$<U-GV5~<W@m(xfGMS6Sm<3gM4Zq&cZMc_U
z#$~H9!X=WK=!@z#=uJa4Zg+a9&^hOGem~B~GumAvbA)?D0rM_%;ws7&3S{n3X0wHE
z^x2F0wP1BGAV4?L_Ud3RUM*gZI31X*(e9BxUPaP-7&az!z2KtTYyO>E2bj?BISCkV
z38#5}S=q%;47|@2HskcK-bDU>3hZGDMHU*Dt3~cByWtFk!-23Z=Z(^o!ftnt4d$U`
zhxE{e=Mo#4u>aXN+v}M^e_p-hMzE5U@MXfnPF?k{cR|Z{daEVtW5r@4KU=>1sUxig
zguZ1-F#Puroc$AoKN3JQo!OIx7r|wd*5QAXx>buIyb%>hsS$6FXtbMObx)VWuvJQ#
z-20+}^BgB-pkmf9Qpi9t#XmIPz4Bxn`VZ2RMgZrykX0lsH#$4nX`NYn9*=tT@==ur
zCaiRhiHT(jt-<}Xgs&*&1yhLJ0Qf>oX20BxNtc=52Bq8@vn|$3Gl|}B?YMB(vz|>`
z9&G@*t0xnhFgsAGc@fC39W+RxDxUtfvDmi6GeijR94x`QImxwtc{|V=Sx=%JUKHf3
zYMuD|6-$tHOBT|YzqP5?Ee}=svOCo868K<zG5JZ+ORW3C$u~#dcT6mkT8~K*4cWR%
z`@mA#iJ*`(-U(-H*k@$u%tcA0^tEcYoRl>6^f)tK+HeOKU^&6Ziv-AgZM>HskR!ob
zu^=-NyMebSnGHW-BDz#DC1=b=Hl!IA?@8OWftX~B0iRGv_YG<ndE7APc=l&>jjxfx
z8Ngtw;}L7XoXbJ2sZ5C(i9jh>vVr-uAGKh?M2;Vfhsb=`italXwTfEtVKN>v2mwSE
zY{Btu_D;}?N-(WF6l@0c643b=xj#Z{)j(o08wJcAQvIj$_re;Sn0?2wcI<=606N`;
znIcP9eNFH5m4F3M7CrfGp`^1p(S?S1G^7w{un8Uwe535@j68Zy5y!(Ow3LSnup-9~
z!};%!cWmbH$7|5Gy+Dx<+c+r17E7*iT+Jvf1!U??Vmzt4DaQ_J?M)xM7B7{ME**n)
zU`7<NQ3Zz7CqRGj_3XU!VG%;6W5eNh`(&Ni&M&2*wL@xGxTXsO(WKj>OvsR(I!HjZ
zL0Uo@q{l~EwJ2VEM2`vm*_x`&%1&)t&6b+X_9P`*(g>}4k0Kn&d)oumsHbP&ph6^u
zCkX*xVLObN7z-2&pc{KpJ09ZLb<_Zxm&^hWoG?|fGPPPV@~@#k%jZW&b#3@CUOrZZ
zf%LzTb!R(2V*r)Ntmf!U6|Q&Qm;CVH94;s57c<FQ6BM)I*?MSgajCKMHeuvbL3}d6
z=F+gUuTe=sXg?QHpq)ylK?OWmp9ydN22E}UZ#&Vrv7(VeD0%Ir;3K36`EF5bO)}%2
zd06_3o;@GF9K2JH#EP&f30Myl@yHJ?9Tz;JC=ka9N~-1yiaBC;1Y*ThIHVhM+z{Bw
z?)4Px(r2u~R$r06kzG^*flocxn}#hP2KzHE807}{H9{R|*sL&e8!M)R2RR(L=f}1h
z;(4bWbZ|MD%tb^Sb-dQTh9cn7iBflRMZjL5&bFf1!%EW?GA<e0Kc7veqpZeVfg)n@
zKct}2c%e9i@=6A~h+-6^exFF@H&RSUroxf1bcTUVB&;L@S%=74;LT;?Dj(!lDs6-E
z3uQUl+jW{w&p&p7@$i=tLu)*I?L~#sB&x^tR^)9L8$@P;fgU@~Ij2fDpoU8-QM5s4
zD#5@D<KCKWima0L!9FydnlFjf%g5kdE|T^KY62Hg=S+eNQ(1;vZ9Rx2Tv>(8N=3c!
zq_v8CvmG*%3%@QQ?EYEnpitM#awL$djHFPXBn#yn<Op2vVuu`wu5yp6k8P@oD;2E^
z0h!}w$pNYg<jsizX8W&d`}8-QRoH&sRaD<@^XUR@!*9wI&D!8RsxZ6BX}<9y&aYBO
zwArFDJrAiF6Sbz5#snC7aY_w;HvN=u4zg_KP*X22n%k4odKeUgT8rnBEoxBn(Bjrx
zi#SahU^iMg(ZD?&Q5PE6|H^_)18eo!RF9MnJxR7U{iRvJbqm5r*VDPCa*xJw8X<K(
zoDu`J3pxg0F0FXBh;`z_-#)jF{lt3EkfRuyP%rWAiKcSSDn*-H-ROcSBv&gYsNWyQ
z9jlXub#W5!u+q(~3W_){1`@u4wc#B<<lX)&D*Ez)C^jE)!s7H5S&H7_ZaJ5w4AJ9;
znNWw=R^hYHrX^zKFAU2?Oib^(_f_V54^EtA-wRGegld;x^}F>2Yr)!A$wF@%%I<g~
zu~Qd^eV%DR^9oYzq|=a_WSk2VyxNZlGfm6J)Nu?C#Yj(uHt5?|-0vKY;$(-)S1dzU
zwj6)$$j)oCgV!op2#(QUAE~Erhels$&whg4(`#G_R74+m5l_M~wcVs>)V+zopRbpj
zzam9Wv~`nn<>l<~W*nd2sqBa$6_#;ny$)HcjQmkXAfcm?Z<eSl$`6(vX(L+jeXMy~
zfO9s*&3NJo_RcS}8aB8$ex;Ic)|d!w|B97*jXnJc>uhUwxOZdpViyroc~Xjd-Yd=P
z?K44y=AU3cy~Dm0#c9;0Vjg3g^TIxD>Z8;9<gR!C4t3=fR%RAkmPB!`>bcA~;o9HB
z<@XdrP|RbQ-~62cw*p(;Fp9sAx!wxhO}^d$HYxO5^d~4B`h4lOVWWzmuOd>3K0iRS
zTYD)wbgq(*>tHz(QvHGz=We6(lFPY~>hI{rde)0sgli;Gi7O38WnIgghAJ3CZe^Et
zWp!18nhM5nIdj;|eZM+abvbvnwE|D7B*#^-h}9<vdemW6sCgp?9uv6hGWK3>MmMlw
zYwwZcbMOgwj3X<;mI=Syi&qf9j$m|5bJXvZ3W6i_HAf_A^%mg=w)-8*iaezHySx|Z
zD1Jr*2g&;t6%q#8B5rdm@HfkO?ZR%xjb&Tc3L8zliEriL!FDR=5ap?&4*G+pkH~Bk
zlF2Z<jKdEp(j7eF*HD=#<0!$MhF}{xE$_$ayou#ax6M-Q=$zXD?{A{?t_n_asV#D-
z|IV-&@gjR%OwV1UrTb4mcVo+ei+H`*Doq!gOYdnIHxkg*N>tzgX%?9^d2dXFCl(;D
zODk4uz^>=4BDx8@)$56+to~9lv9N3I`R{jn$%W0O%V@;ox(5jr2|yccspNNF&q2jW
zMBk`wD*N{PR1dDWf$RMx9oe9Zqj7Is)xh+DJN?0yY(NA<p)hgJQCMRZ%O`J5$h(zD
zxT_cp_CCRRl@W{=Prz)Nf%pSJdO$LoT7KdMxKsINIds~zuQ${i4i4@~d9dt6U&F1N
zae5zao@p~#9<bDVN8eMUobaHzjyYgw*|H@Ef;$1!Cq8m5G4oW2?x=*~TU3;KdQZV<
zR$rnU6|u~jEas-`<xCFCB`Orls72s3+G{xi`_x6O42SxC0gJ&qupVF!hCC?8uRghY
ziFQ<2s3B^nbE4=qaiQ)%gAXSx?Lr<B_*~cQIi>sU<+N$}1O?>_xTGS27ZY61(M~jc
zQci#JLU(7^=9@8_9q;VE>uWb%VkG-#!N)Dh@Af5|>k&7V1|F5OjV}U~cLPfQJ^**h
zL~}Owrz=b4cwn+m#TT23=|=Gj`x4(eV-zAYO8PMCD)`mA$BH78w&YBb{Qb$|`2?M{
zmb%|{mRb7GIm+<i@Hy<~tf6vlADfH38$p$FjlEyUtMF1S)riz}LPnl9ukEGa(72Ki
zP{yEy%S@{*V5iO!wDJ6AmZqQO%Ow|Bo!@81TX?4Autntso$<nJ6zgHV`ZT`zSp|Dr
zCE?jc(ko{boXNlPc8SmEB-1nEhJQjq`$L!BXo3g+&VvBHUex^AvpduPh_-oic5KX3
z07?HFD0}0vAv9~P{ibBsSYrCAJKFcvR77_lxqO)kmL^djI~y0lt%_h>!#V5*%fVN>
zC;oBoQ|FCucVKBpqRsLOmpq4`p4{n%Xqr&B`9|rDkhi|tI%L3$w%}2&6cSw6p6zTu
z+>ofc;2NE^xS;6J8#uA7_`aO_e)RJD+c$_Z{H~H*r9*!|4E(Fdj$AZWg2r!Xkm+fA
zmarO<CcQ(Md~#a{<6^S1=v31i`I7W34jem=!m9IU|Gp{Jf1G!Db$-_G-1eNwhcjb6
zS+nITqISPORWm5p6BO?0Xprw4NxXoD1}iTArBNhsLh=gD|9<=|CZy#xY?B0ioA!yZ
zHox6ZJ{@&0(kS&v^bz57f|uZVJ5#+=M^r-wr@rBa=BmvI!GyqG)`Y(tF)Ap_(eAu&
zRL1&f@d>->*)0{ea*o26gzc*O%Nq_>r7DhmuHst!TqI0c&ac}dD0YB0JATKko6r9E
z=9SP}$<rAUe+4Y<ysQrPFZvj{8>1$FU0y=eos@Q10%u6Q7xPiSI7Gvpg_aqA(0GOo
zNTGOdX(O|LxI`-LNx1Xlk4>f5@|O6W{5B#={h&cnF)tj-{JHv~hvV^2pePjmw3Rav
zp@fuw`oca#xhx@c<rB7}^=ABp>iSRKfj56o9qcRlguM{7-|)PG<(w6pYvHm%wD-Wm
zt^;qSDzQ`!N~Hr;3xQQFibTr4Y5n{DrexY>e@_||+8A+8Uv60fLlr_?J-3K$^32R6
z0mm#)X$}2+EqvB`Ro2<_S!&oUku9v6+DthW`u~cyEiS?Y4^HQ`W*6A7$qTk<B5E5B
z>B%(VU>mx-FziG(1By+0K)qvN$nX~33CMWa2%}zJeJY9_P4}nh4`=8^Otbb!vT(B=
zuE`zc(!;wB#w3EvNu8zkR2Eukw@v-@=J?fcz|2y!Ff04NUTkxUm+F>8;q525oN=c3
zwr9>QIy*kpTn`>T*A@pei<+b~FOo?2buchfO8FI@WZd{5NyVVJbTJgWrV}3sWdpm(
zG(^ok9JG(>_+8p{Tp9@aN5vrEu9XPDfZCNE*N$C+*v%AmU17jy+T{p?bg3eYDgPgS
ze~O`Zc<{i6ZCe{EEJN>enG$!d#cN^as}j8=GNdlj3u+*M>Z%QyzqVyEg$*#QwX)rm
zIZd~{UYCRH%F{5RkalnTb?oC)db~*kmtvo}&C6CRodDa}6%#zW%==$#v*A^Wn`oU^
zDKzDO*r9C0^oLfxwJrsXREXDF9DZuQ_uB5`&)T9Z5)_9xka!cirqLRdtC5cX+jxKH
z0m0Y%c?rZJ)__|xo{%W=Zs_$m7H}9L@!q@5wvo5S_~5b)Y$??g6WezCvjzq^&-XeD
z(s$_S-dI|bu9N8@IquTwbScT6feO3VS96o{d<K?=@;52Bz0e7gEn!8f`)a?^vBEQ+
zmAFSX;_~Um-I*6=PLxO&2F&hXC~`u{^~LsDG$64r@nID!U8CtuRkm5&j<A%@1q4P{
zq~F#ShXsU-p(H^`ore_>E-x)Su-MqL=Ehhy*sd?A=G@YG*J5iMaNw}8;L+mc>w!P*
z#a?vrbXFzC%J5;WqZ;q%Qkobxs2uN!*19z1ckn}1XW^_p4#u<K#>rG&17mGGiG~{~
zbVXqId5e#|y&41pEH-d(zWLFs=1({3@fnL!2EJFJtKVd^btEJd_yZTO&$5B}guLG8
z5({6zgh>ik`Ztx1iyiE|<R=CoO+Dk!W4glL_#weh0sF8<wcZgQ8y1aga?$g8+lbZo
zU23DfMr{(w>MyL8Co6O4Ij|m6@vxLZR~T)~dHe1utjv7j<-Se7-hX}cC-bB|PC}H!
ze&8o}JDC<~%7RUd&;Ox9Dl?pz*#)!UB$17}f@9OWlk~erXu1>jVnl8V4P(YWdwjLk
zeFhJof{(sg8FI-_^+z-XT*33}*8PLn%L&gDdyPc?eJ&m?{_!Wp@hW?)`tR&JI~;)&
z#uYYL!T!9w(8aNF0QRiJ$(ti%2v#D<JyE<t^Guke88t{1Td{ii=U%E<B==qGhBaSV
zsLS8{y4MO97Ty@7WGiMfr{A~L1MT0vj54^15*P2ShOJZAQigO`iMl^FSi6kc;B<I5
zgjpn!CA-;g26hRbCdZBVNvLprbi&f)<pWcjAS7mcf)tN*S|r{FA5OAe5Er04w|Tq7
z*U(SEH>;Vq`4U=;s&tW1ac0)(xJO$)%<Fo~)D#35IcKi#(Lz*e#(%7aJ+zaJCCR6E
z-x2nqA*$+?>CPu@CF5zxNz^b4Cjg>HwFXzxlZ4gNX}`)+5~PNhB2J+Cc10wrGQ?lA
zP8UWgv_z>z@3<$u{kWd?WZ4#maHjLZI(ItaFmzbRHgaH{A1Be17%b$8hjG8#ktf&r
z!bP`VXl!asSD>})8B=XE$&JoythXSO3*qRbYOmDj{7kJ{;MtAYy%bHLn*@Ex9YIxp
z8?tPbb|6$dEX!kx*sM@~=HgKm9@~-_PWyGZfoXY*D^hfD&&kD+0db5^>6DVNL^{jU
z*DwKd+TG^(PziBg1UFgBw_abP7)Th{0I~E?NQ=H|1Hx$p<2P9pI$#dW(WtsBKxl2U
zYJz?UnSpjt7UeP>!|+)|m{KMvyk%a=&NL6VZT4Z>v$;ufLNv#Xvy<mj^Yz>s8l?_r
z-qwnaEHOF+6QZdq686m9H{SZ9R6ZnG!xb_lt&@nSC9A1ddW;yRl?}y}nXRA4*b5+u
zXj&4nizK9;E?yh222gu0vM>e_C|Y#7en+EB>}zpxHWPD*glaNu{31Bhq*$32y3vT|
zZSRK~UtKPlh3krX;uFQ~Y0zEgvsZMO+vVOAw4U1LfYFL93DpUKjGw;2dwNgOU8k@c
z8!kz?1E75U7*wBLg+F}Z$>{2D5+Rep4WYdCd1MK7;)Q4|CSZEM@4R+X{3C^8`E*fd
zpnGd24dZiA)bQ8?VU<i>VQaT@;XhyX3C?~J$I@mR{bGpOcV3alHW@6pf4!tWLlaV9
zGI`_QxgxSm2v02+_n#ITn%r>4<_OI98SdttO-?CiA|RdHd0P9Uy>c+I=vX9SP`vFh
zd2)W#+y=RGHYC-qF<l1m3#31w*&SI63eQ%09ZiQ}Ba`5It4gdp?I6DJJ<@SGX14*q
z-|rOX1?gx3Hd3d(uzyOOf=?LpygMo!O?s)Z;qgR}!-v9)l(P@V%{vtXVNjDB;*cKO
zpnhyX#9eRK!sXaif<@raxpL-wiKPuzgJzSqm%8BjzGTGQ^-ER4dkP3WbSLBh3|MJz
zJ-37+$mcJOxd6N<t>Wd(aimZxjDND@TEau)i{9_|$sr10BmQW%T+Td2n)JvHfa=fh
z-|WyGc*K=8t8HvYz<c_X%RIKe(j#I!vuC#6hx^{$@XhOi6ND|?!<?Oh#nGXklb+^n
zlv}$$`q*EceipO;n(=K2ZrS;G=v!u6IsMZ~3B~KRD@+fLxIzU!n~zBw=#V<sNW}1+
zvY0kOg(Qrv{Xk;xsRjy;QAAd%tM*)jn3;GNNXr%l!~y)Vp(wT3vg&N!ili`!InXd%
zE4i8m4U2fEi~0IuwVZ6o_MS`5#dBD#?LQ>r&mrt1SMk#3J=*yk(bS|h5$1~JRk_Pw
zjW;KN34NhJ-hCM*JpgL}n|IO>@+6$5uSQG^m|2kR8m)Z{ldeh48ZfWPkv?uXyRh!C
z8IY!PYxg|Ll8WOLiV}k%nAtz~WT~(#d@1!s*zYpcEw^P*l7Wqm19p5erry8j%k(SD
z#qH7v2wigU?anzT*^#V#=Z0f>7t<}uMCOTT<F{*a_apT?;*v4^`@=z37W1A}2se~w
zq~G8CCFluwwaFfQZU0+X)cU7hJs2olyul)pzKRX3Jbv2h`~8~g;@2(1B8LcPR?p`1
z;31|`yz0!=U;k8c{&*Gt`uiPk1%N#N<kH3%R~D0h<tT`Zghp`~lAgrOc3_?$vS!_q
za3Wm^{9^#c8_Ra#Fl-8W#!<#Uv6G8R0YD<1RKi$0@-R|#uXnFEYH8VN#wKxSh)fP-
z45Bu?F?OXQ)~_WkM{#9GlK<u<xxT@faT3+?fEYE!*FVKCHpRa<C14bYf}J~8QW(Tk
zzv4Bz42>R7o}Wy<KbU-A2Is+d*N%jv&C`zhryYw;i!Dy0sDrqfw9_kT$IQj7*<ljS
z&Jin{4#lPm2H-F3bjhvI^Ox!S^U`yP2AX)Nz@O?{kg?5fHKQzDPxo`ir*_DBeWvj9
zjJg?}3&oj}x$9bDjT%-mYjacEF`0VaSwd1-U9s9~U0K&9Vaxff=T%t)S{jSnv+E_D
zMzsuvy0Sk<#ocYtE+U>Czn?v|B7OhZ*<xGE*%{r3GiN1i4t$5sh1i<Cn9+F_d#;Oy
z-mN?5Fp&N+T<0zEd@DHf%i(+%A3mFYzR2kO?=IYZ!TC1?DlD)4SBq8V!z#^T;j}eG
zew-J~uv}~qn3UtN#QJT1R`v(pjGm(?uS(1~U%8TlA+XdlRLCypn`3jY(UtVD3fl7L
zudd{BsLb!qc`f+7k26{3JI;g1yv>b~ALQ~cMP}P~ui^ww>6;t#7BOd?9+Lnq$!0A7
zMe$j$M%?@K(_StGe64fau~Hva3Ocz3Pm2peTn<F46}Hj}XT#6$!-D4xg_pR6kHT|<
z#!vtfqq}iOUCxUAC@3|Hh<;o&Nz4h_UvRP{&+bRQ!ii$>;^HIS#ZDHvAsI2O#^RIR
zxj}F9i(HEDn&;X4K!fW1+;eseK_wO4*;X$3T9lv$?GpR_`8L=ypJTF4mXvmNt=~3K
zV&h`<DJC^2<3h&@DLvTWWwQT{<GI@SAlm*MCmz7z%Y|wFlaImvAGr_lLDP@&YQ6>b
z#}+)54+_}9vLOXMPRr|luK4;y!JXwm#3}FN^s3jLALmU3fv(*-2KXS!nLHv0dSsJt
zm7`FsRTPU2^2uNc|IC+bC!Z{-faCJ#ONgAY+?ORp5!c+WjTK&RFQiu%^>tgY8u#Cb
zx(I74Wqhu%FDd_3QqmZF!G4EQ22?heL42N(cOPH9UAszcPl62>u9yZig&JGS8vB46
z$G95j(i++UMc3IH&!08)0H<R~iBKkSxsg@7eDT)^s(S>;li>9XIK;9pG@vdlt}eW^
z?m$nS1_@T>)<r7RN9)w9aiQ&o;wp=0hAb*KbeDO*Ju~M6w5U66{2Q*cqelF-U+TzG
z=FIaya-0j%K;bZ-PQQnEXzQ^sd)8`L!$wsYxTY#JO;sUS=BY8c#ykboLu0SoXVJZm
zd;K~a{r$3Ez4QPY3^a^^>1;mQ!4Ut(c%&Y@^VXU;FIN@UGBvQ%V{-r85Ml-xDpZD$
z?8WOn&A3~Pny-u>+p1^lecfZ=NgaQjpMP3`f7Y~rd*<F8Q@{L_(A{-Scbj&Uz1+cm
z8Cbn7puW~~xGiFIwzX|Qt~QnypYJtq>DjZ@e=6S}ABI@a_P&i%$}!!6Kj>Fof|R_3
zFH9@Hm)VA+1uW$|-5&AO<a<uqg9o9?hV1QfrP|-~5tVkY=P$f~LzO-P1g~1nMRo6V
zwv4Hjnz3LNuGjG6HmwV*$bf>u->>Znrk)z_AXQs*`>f+X(oRQwJ&z?jc|Qp{^~F8W
z9wdi4Z+k8=UvwpOLMy(l!ubel2ApqX03r?c7H(%7bJo1QWfoDGRQt#!&?MB(Tzc=^
z&rO@Z*zGg1zj4G!2H^Jgc4hm(FsHpQ8Z`m-noW)toNK322!2x)|22h}-S;1$K%It$
z(q;;2qEj>p`zs|B@rT1*oGdL7e$}^JYf)4V7IZ{mBkX|_f!T`=Z8_3wb*CEKlj^!1
zuz5IZ^Ny1m7;bBuVqei@aId1l=F$pbK4eJm^K(KC`OuIQq{ph4%(IY1Kv~}AkD8V>
zNko~*Rm*W7B?ryEFK#koJm|!gjT`rXY@~Zy)?$Tf6f@XUO4$fo)vj;Y7=Og@%%Coj
z8}PFo(c-|NhG%q1aHp)h8rRh}1g(>G)e-c2B*O}<gL|Wp;CdIu_la98-6)6jB_CaX
zXOF!8b%Xuxj1${}PeahM{oV-K_d%*oo~Z$E(8bXG=R%z)6%}D0_pMyJLPvwc?FxWu
zq_MnJj2a%Ob{<YkaH|m@Ee_r+s<n4A?3X=kkch6iV6Jo+U$()OQF1*O`Lo~5f;8Ct
z9hHaVh^(@P1tT>(_{EwuaKu=VRJ?ECT=D_^ct}n8+W?CPQ*FK1tf$tatMnp1WeaWh
z?iS3v@GTY%B59sf;M)`{Z5>{u;F%kQSOX8+LBIi>U2(=|T1I9^M*g@M{cV<CH)zzN
zWkjsjjwsw9$&5OpG*U;s>Bx_JCyZ5PLADFQEd2OZa>Le2Xid(I)3|dx^<WkQh8WE0
zDkwfc-CjT<%uGm)qCd^W=XPqnyKm5|wIL>@(?JsH-KQ_ajPj%dpN%M$3K#g|HnMNC
z0HmtNLwDn*#13z)`;SVObC9pcp`oMU8)z=Ghj6&vch)3Fne1pIN$)CmeG(O_wMGAA
zH1>`n-AT~rLzJO`G{=_Y+Y5T@M&rH}ZV&<BhLhZ;_EorufeP`5@G-z3993Wq*ndDB
z&rW#?c<lFdQ5po1KsCQ#Zw0wh>$91UZeYsPaHq8O>Qwe#$pL`HJM?{@K84CI8bBMo
zp_JR1HVi`*?%m6H9hZSeX$?9LA|JGHwOz#Sj=l5|;SI~-N8AL^#rkO$8`<)KUdf%o
zcuc3_&s^BNHTu|@@ea%%tH%YGqD=7)@+`V2_aXkzSfu`=3k!Og*;!TIF}k@L2Ym_?
z+aJ6Mp81i8s$dXPX7q(aXbK4x<=?Y*94@>%n-e@&nLk&<emoyG;29~CB6!??HAH#$
z!@GZW@!p|Fz3)(qHbg0FyVD_<Q#Iwkswl&K^lAQ_mTjWO!jm8OohbmBKX%5P1e@}n
z*6@$iQFk4D^lbIg+|=0_vIwAU``1iE4XneW*3<t)5L?RK0G;<J`roV;mC;|Bmx6)u
zSv&z6o$Zpgdh%rR9Ya+*=-dZiP@2yYz`w+>PM0v$!$i!-+37xvS*P0Usoh=b&#OER
z1MXbx!%@QUo#}yj2T3$6Y2xAvs>l{A?bpBZwD7ghGu;~-;y=4O0I-4mypBC&ED5g2
zyxQ|OWRvH=4?Um@N-yF+kJ+CN5C7|<eQh`W)K2pEc#m~YK1ZQ2KI01!R?U${!WT3a
zkiG{vFS_F<WmKCB&pmN(p{=53thc3sBp22;x5T%l6>sl7d~5X{w|NmtUV5X=eG;|Q
z(xRd|{CQC#_!%J{beZhJbI_!Xz&a6btw*~n+zJ!mxU_dYp5Xf7lg`}7+djy-Qh|)s
zu8Z*iW?>u|2B8Va;N|1-lef$T(BL<0rJzS~-J3UL>8mF-tVt?;N*1N(q;oyrUgo!y
z+@O*dU_r0cT(BM;m^wU9-J3ts%o;rYL41eMOe<A__5&4WEtEKJxE*p~tyxyF2NA{_
z6Kt$>OCMMrv}=q~t?l=~;f+-;68{fZXC4k!{P+EH&K!(kn6Ym$gD|r1Tg=$WG9e|Z
zu@p(NZ*61jOBy0OV@;G$WH;87(vU()Ly}5GdsLqJ-S_i6*Yn)h<zJV7j`Ka=&*$}i
zy%l7?khH!OP6|CE!Xi7c*sVfi2JlNw$x&hWPN=%Y1}L?m@H-aJWbTN^v_9v@?d$&u
zb!>tv8-o^d-=g;;jlv`l07B=BsIRsd;~a;C7&G;Q5AFw~fVV5D-yp^}xrG?RJFA(%
zz5G_vts{zWEaz^qp_={Jwj4e_l%eEhi9K8Bj3rHWNkHRWaMK@HgQUf7my<Cn7c76i
z$%Py6HGda(AqDxI+3Lci+=$O8_oqTklC!Ed!x)e;57XtEJ}^toS0v-ERHG1aa-0~`
zn<Yfk<^1hms9U#Ctrokto(M9|;9Fj*8J3-_Z(QDzhx26I-R(rHlw-1nhTM5pYFU5k
zfWI@9Bdg7l$L=lq<q`XEz$;^{Qww-nr-`h!)kxm*mE4h8n^8J2l(S9>t{loa1954$
z2t1?cpa8iii3Pp9NHWa<mZkl-9f76+yI#r^P0hP{)f_NOBS5)mY#JU-Q%+X|j57em
zG*X6QJsDd|a|P7Mx30Bi-$}dMMdKbKGpgIk#(-Yo<fN?V<4fAG%m1_^ypiYZyv+dT
z4;v2Yc<GHaMZMhgK5|1N*-1)k|DA_vIHeMJ3ZU9Ak^s9Xuq9j&z^YigX$Mn@m3!ly
zh0GN&uV3qWAh^`sNB!jUm0=aj_}GSWlJyNK$v9CRSe^?d_R(x4nLDd=??n#fj$m?2
zl^%9WCS2j&0TD_To)fAK&%6FxkKh?%(wu$>N9@rUYA!T8)M6jcT6<Is0Y-KE-099F
z!Z-OKZYN?=tcHkLyd?smD;4$EkG$qaM+3WcSA#5vQ>;{!i(1Q58FRbAWV<~P*(%89
zVkA)3u;GeD+czCnN6|zTs3PgAT23R|^vf9Q2xL$J_7{GMoEKmz+v>1B-!ASsM`2PU
zpJoLii67c;aO?<An(oEKe9H)6i)(MPK4gGNYW!=a73aDbO4@N00DwaLq(jNS!Yttg
zhsbn34zW(-(Zen!+E~ZcW<!J{&$3R{2dt0~5=bJ`hRkno$pu+c{my0RF)#1zt{Y6Z
zM-21k<%T{3F{EP|9%Q%BY&yf+wBDFIz@mHaR4xwB@fzf%tNflmmG<pdjY>5MJD081
zXj7s8q2T0daZuYe0dI|OClut(N4SZ*3;QCIZ8Z1t+T@=BxvAhjOMI=ooeH&1A)$`@
za85@ueKrFC=}xA_kFM9$=E{ndgOK%!8c@UO^<asC&YaX$wPZ{kSYbJ6wc8pM?XFZ$
zDjYwLlB6i|O5iAnn}cX^r^Ai^iiL74Kn6Y=%M5mlKWV$?<DJzz_dIQ}eZ}@dMp6<}
z!p{4xlbUURs0zzFKV2=nojxZ%gTrQ@4GPL89^y-u-C#pGw*ms#J8GZEC+E*Rw+w%q
zRoIytc20cgIu_lorsriPyeIF9JP8wKF9gd84fZq#sUdkc(9^9rxfc;CBl*rgiQ{C;
z+S9h@gKd=Bjo#k4E&Qylj_S&#5OFQixi&0+pW-ngw+88hy-42Iyfmt+vsSu%Uv>!H
zA48}O8{w|__2W#CU8g}n?e`#QX#BAUStm~Ye2kYh_FS6dG3U6Jb-eg6bO#3+Wf7nM
z{Bz!NCIikHXRC_4$J%_hb~w22X5%wzk`Jlp>uTApS>3}EGd?Zg?%lpjB^mdqPF;BB
z>d(cs{?ZI{<b7InoYtA_`MMp;U$EsxE0DOc*;U`Hn~b?7wPX3VUl|E@??zIsT$5Si
z!j-&od*!cHwq1R2FV<pX9{BO~Z@~`#_PKAx<Nkl}P@^;P$K%C?-+zCV+NgR%o&x^D
z5Z&$%|7zX@{c{Mu#^HOjodwDG8X@YWCqd$kp^Y98@XrM1p4ku5!=3iCeQDs__iQKX
z{k@+fgfcDJN@7%g1R*_<-;3H+%rEGlZfgHQ#L|ca<2mmaDqjvg32i;3y2AjMK8frV
zlO0OgXet6HMJrhgyCZ)fvM?T0M92*W*K-Ndzp?5hY*e`PakH99^R%nVVIvoPmJ-q5
z25I<{mw23sDSV6C47`}OkVbl<xfxkn;(->oUiOXvFF7hXK#>GkCD4F>Rr*|QIPU{b
zSi)v4iTwfAO3pZ9M-Gm9ghf4#=VXj1Z~5hr%ya`2kds5FMILYkwUHpVOa#8~SDUyQ
zOA5r@78H`jL&{-;yk^l*%r24(DsD>qN|%#d@afFl&f^-fU6;`#Y=S`oG}oLy+R9Jj
zU}d0zSPL}-2}1t-6N2XS$<q&SSD5<yODj;QDXlhU5EA5D94hV8qZDx`DP?NFeZsvB
zh5h+x+b?d30m0)u7LkJtrVZfPJ9H^8v&zm$IPvvIUQpS7kh^Vnx`GEYNP_C`nNFc1
zTfRu@U0N-LzUL`y%*Z<Ydgr>6q+0pluLoyuNl=h7l9E?pRI;ba#5V7vMW~x*?`I@2
z4JDUuo_H$lNcJ}#LJ6Gj*tB%YdhF_TA9mGWLK+^i7GkIGt^26X<Fp&)effdtxzX>E
z&aCIW|D^5=N&RTah_ehbk(9fB;W!c~N;DLsB!69J0H(sw!PctzTQLaepgvE~M7PC8
zx-z6@b0hd*)|`K}lDYAk0McvUi|08fe7Lm;-ZG_Vg&Ry>OJZUm=et*g0r2FGreYP(
zUczeu(nfQj&`~l?F5orK9;0T1n2k}5PecHU8$`G4UwEyW*gI{L7+p?*B^X4Wd3Gq@
zNahh?HU;_N<GOx6bq7-Pu^M3MhaNAdgFq0Q3laMH?CTdVPl^0uB34tq?5@D~=*0St
zM=hz+gRn=Ku&wLb2*to@SxA@0%?UZ6kf(IdEO6ez9Mgmf0EkeAVYx#zEROD@+=~Nv
zn5ifa<|1^A3dyepp_{cKG(U*sr848oDNyu3b{8>>3B&-&r|wXpk=+=sP@+H92giXQ
zKk-nt5MVl6>Ojm;!I?6D1(9EkKq?4qWIx_5LgC@8RZkQ$-U_X=drc2TmcDX2zQ>}F
z1!#TC-|cf)Vv`6$4fPp@&VEWVF5phWm1|r?{{D!q8Pi9u_1X_bH_r`o9=cn?bMfev
z9gQWagcHreILyi^Eei4x7m>R;F&U(YaYLQ$!nmfyQz5^l3}QGEk+YX}v#&r9GRCxk
z0bA@Tt$21mhH)z#0jO;Aoc(vEGLR7hJO+S&FB_x#4u6EsNdrsV-#W{QpU<3Qq;gqp
zmi@_iPaC*zi7mO=Q9_rymi(NJk#pAC8G+ny*X?@HtO{`7NCbTl&|`E*vnK15f+Dd?
zzh4_jZK2YS)c~t8w5#{BE}e`tc$1jZB@9rYkX|Yvk2K*Dz#)nSsjK}l#sR<0e4;NN
zK+YZ_MQs25%E+Ru*;K|KH0(j6=q(gu3K`)?*-S5eDFh7dcQ{pwSdw7xz}2Qb3)0wR
zVg7W3^f!kDdlPAwj=e_6#?k<DDtbJpcUFDvw|+J?Qh6<&2cRk&7*Wq$ki&iXS76Y7
ziv--i%zR@O=xTZwOrEg9eFbsnT8bypfGKB~ZlnQZE}p?=AC<1V_eX#0<0Yt8wADH+
z-#vo4+*SIQ*G3T&VNeE(|I2_^^!_cJC(=Lyl`DQ%`Lez_g?S7CD2vBGI*U%!(Cptl
zZwP^HmoD`qUhwWC27;5PB18T#0EHruYjNP~$ICe2CFUZab<s5T?7p{AH`81>p!jPp
zuRCe3JL1$Yu}6Cgso{Z#I4oPvrlSElX8P_)X9|LX03@__?8;)`$)ApT^z(A|ehv)l
z`0(@B+Yc+UPA&Y5O)La9lrGE?BW?vItv`*!uw2B+@p~oWyi$DLdt7{!0$E{vU)?>Q
zAa>Xhuyr`(S~wf}j@!rQUW(T!7_dzJlj`c8jy|v!*Y4>m+KE=8o3@Wi<}4|w5yR9E
z`B^g|eoLAjJF#OF)+WneTn6_XN_%LBfGlyhM}kwLmHi6P9M;4p3_TZv{%jCptPHuY
zCTZbpRc1rhMS%@2uk2MArXSFVjWW9(VHI|Yiv?NWU~D}MXl1$pk(_vkE*-oZlli(1
z;!cGfH_{J2MQF#M57wU<`Q;6B14ayZEqMo8;0BUsk9VYJb+5s_zY?a$&%7i8uUdV_
z?^&j=K~eVU%(oCV2*4B1$&Kq{H&i6TL`DO1yf$HTCM3byubu~q2YE}dBR07r<yw5=
ztKvAYD8K~vXaVw+3+DFV*|Z4E2B_2m?2ADc>O+Q1u*wFI(n6>*;^@l2!BPKyML<gn
z&Nl=eAbkpXF08)I#dV$kmQVl8ZEHdF=VRIElU<E@0n>NzULaDO0`pPxdc@)jcEg&*
zfcEcPd<NQ#8zj$NfS75G(eSI<%bEp<O#91T|3y2iK>*Bl*0oRPu(=C(327!|woyR2
z?;G9<M)+}{;~nU4r*Ev#;Wy-hJf!QT@i+sqj2F~n3*>@*^l$|VY|+BW+aXE|i>SOs
z3kIndiqVqy(52UXo>Sn0E;O|(4x&hL#lop7$}nJMOuri0C19No{Z^5nt(Dy3#rS7{
z2umCm18Fc39r2}h3{Ct-PJ%CRgHR~-jF)^+Oay>3=Hrg%g6i>T>lj(@g5u2;pdlc}
znT-e`C<6>YmI)ct@pm&k?hit;6qV3-kU6#B?mX<&D&O;4SrkV$z`zb#mv{ewIX(&l
zx~gbcB{v!5@ZTg{rIHxPLyxEIhmKqY#IK|22cWh60A>U6($h!uu-N#4^388MAZLIS
z_!H)w?QMz`FiVX<M3}QGr+FCWM1-&qxNEnBL>Om2SMknRN~Ht=t5(3(KtA2cfQk5X
zpAj+zgQ|89M9@WI`;qj@)ps?Nle_q|PQE4j%V17dUgxY(qkQqO91zL10X{k@Ys&QJ
zZ#la8EnSf3ssktOi-APxe##jDwgt3rtaThcd`5q_0mDfe112<zL*zO|Hgxk{rA4Ng
z6A?Be?(3cbe#Yl<1E?2EAfE1~hOyVNM(9xx26TimrLi`_UV{m7mLhnjgD8=&Olbc-
z2YEckiWAj+Fi+#$mw8(1-wmEFlyqHefk%RGxZvu$MR%_2lCIl^UoUQK;AQ|=GAO~m
zu1L|VmO|79H#Rgj>M<Le9idi^DQU|i-nXeV6NI=#t(moxnTc24bN;Fbfzm8XZI(*{
zUXp+hJV&uyN0lN(xv9Xj%$v`H_4Mcnb7m8LtHyZ)SgN}r)}w3D!dV%e{~F9Y5DEWy
zF8Mp5`Q7_l+&~L#+QQ~)d70QUTXGZMa#MrVVjc!NVOn>c%8_PS8B6O`Edg6Gt(Iq%
zY>BQ|CT%aDf@$d;rwOrrFYb`6;GtIFz5X4~Q?efqB)h}yY2WYoY_~sVw^L3j3>MbF
zVL(u6M{rL^$cv89?T#?%yAh^$qrC6Nl<stJQRx5$d}PwW#&=wh?o0<dX?(KQB8Z!+
z;+dSG?TgNw?M}LMSDtBCzIWHvvt1F|w@K97DbgKgFS;)5>tvXA*Lru;aNYG2cN$8&
zZ@lPk-0o^Fz1<|;bH}@fV%*cQUD8?F)BB<abGN78JB=ybJL28juHQShCw9EF_u-3P
zN4}oPJ?AH+`)0iRK4|qlJLNZ5+PCnc?;2m<qIcK}>Hd`uy|2Cdo1**IdiwjD`q#Y=
zecJB-@}YavbilxE;792IBWqyGRO-)*0pL&jjx<wAn+cy|?mERpnxRp>OaZe(^dDv(
zW>CmyaGI}Q?A(Av*`SPCkMzRezwMntoY_$Ko*_jarqa0~)jx?MW<%<|Lt1711exK<
zjUl~r!(9HuGB<{e7KSgH4x9HP&16QbvxjU#M(oN)$_z$CAC5Tw8Sz4lIIfS7eMZxW
zqXOBZp8TVSvzbSFM;-o*!fIm_r;z}DW}wg5-m<Z+iLqd(;n0wQ@IPaF%<g?TbuY?k
zC{Cu|8fa1RZUMY=;?2ghS@$mVwp~ygx5>tINbT=)9FKZ9e(8qzWv5{yo%?4H_e*+_
zg$v`w{G-m=_mOw**Onox7RGBrM)BJBzZ`zhXm<Y-@!pVc6Y%yyhuH-7z=ZcX$qq-G
zj*y97nf?9zV|OV{W!n=6d>&$>cODwv(C=3q9p@jLydln7AD&?EJ1_l+e(q61?jz6M
zW@7E5X8y?%ncaqplj9+i55A5S1At7{WXZzhXPFUK7R+(vSQ9zH6WE-MFk>PfXglmI
zJl-yQZ14hp$p2W-=kd=QkGB^d@5r!>wOHmYk4Z$Br=0cD`<5})z9pdnMdke0Oeh|i
zR(1e1dcexVb^;SksPX~8u|b1=YkNyuxu;pF{7FZ!{8K4#UiG%agG#B>-Fm?_-L-)6
z`+X|sjiqt77fq%_&%=?UurrmFHKmcY|LN%h`1tF`KQlXjcY~n{(;bcgiruU!Rb%yc
zI%NWe-b0FE4H@tE?ftv+gn+TX_5dNc=jrJKPqV5VyiPx!OL~0tG=ky`>HqaGeRR$F
zBed;xpORILFj4*4)$oW`tN-GGDOX#{bEovoC;A5}45)P><=qYp%{`X2rO#*7fLn$W
zCkGHW)iAR~j&;bbQu`NotSN}LsLBKHOW$6fS9%8D55E@gIBRP1ylz)#>&ZgLkJSTt
zFCvw98HCk1>@^~=O1gL9J{ecM`Q1SFzP3L9(n1)K*}L$~9`2d}K4bz~de4XcCXO6=
z*;n1bS)Z(yS8((cpQ{=~k0X>!I_#J)juQyVEs|@_m$&<H@l*1@h|d{W)p|r|Y+jy6
z_SK#CSBmTk3k2uud53+fMjS<ikQMB}YfCb+oVX7AdR7VEyh1T&iIhZ(S5Yu)d6u{h
zo3UO+j4vy>c>6@&H^_NSYkF<A2oS;+Z`i=f80q(imY?;!T26O!{P&s^DTAN^iY_bG
z<p@Rg3SR4Rd?D0Y1vpIhThpObdHnS0H*747XYEI8S${bTZ~I-vw-i42L-5Pv%@_OZ
zh^yv04?~+hH89eV0`oHyaBL26HsBEd?0#9s+t1Q4|AFunSvfnl3LFMqob0y?gFc8u
zl>$O(?!iJ2!^$EcozOSdYzZ`RjV}aYL<0|)qt%GPsGrQ&ZY9N`LJkalQQ|wK4Cj>z
zp3d3fl`nrF<AX-xRtK7qiBrJHKPHK}`05w7fwEU?0p8!XcWM%uA|z}Sf;e&Hy>&R5
zwK!<bxn5yEWm6Ck6}-7P;7pcpTSN|QecCI7LDJWG1@HrJhan5}v;CmY;(#mt+V@Wn
zma0d%XACm;Yh@4CNKM0G=WSw+e#~HorL}BcWfY7keoDBHL@h(11)G^fSc5G|`U=~k
zKAYb$6**H=)$yXf<ZI>N7mZgMswILMKt=WNSG1yC{d;JOy2-lxMZI#bQRP<yHpcOy
zjU@8B!(lCF(mTGyPah~I5j23{yK9O{m<q@LHXoF~0-tz=T$FXsWBe${MP}f4a(3i@
z41scwq8^K!Q|<|UlkKiGknq|-ON30UO$gVQW&BKj{hfyWku(Ljc{pWi>R}J?#<>2d
zqyIW)Wt4hZxv-LdaDAUk<iOh}$iuRF669U`A-w=)q<Sk~Wq_axw{ENE!4x)s`zy>l
z1)%837I|Z<Fi%M4_9vgsHyaluGe7ZvLRnN1&sSoV2hZpj=5Fb>ZmB5Pw9&CcpC_x?
zh|}MnliAzM&(bf>U?$JVyi)k*7SV0a#$v;MgbbSHQPsI_zp&P>NDAATua?}z@ZAwa
z0><Rzlw>s0H8m^MnwIU5ikD8wO?Cq8l8piLLclDWW3)}R1FY*fpzY58Rod1{OLR1$
zu_<^onUtldTv}dPWo?jBgd&?WQV39HSp~VMY7Xs0e^@*=J3lx)O1?VBCSOl+2AsPa
zCGu<apv~Hi)ZT2fuH>8u&S4GhGLTYh7Ja_40w-F6JYs555P;tA8d5u66;zJP;O4Wz
zJo_w{uM9~sBdZt+=KCRy{{OACm6Qz26-My^6BU?4^;Z-f3&@95rw^vf@d7Wi(I(w(
zyQ@SvhzZ@R4fC|tGb=_^w8rvrEw|&S{n-vWD3%qWlKy_m3c(K{TfSmx_5z?{EpH?e
zOFhz?z$*z5t7%l^dJcuPl1NmvOWXO{*0VC`v(T056Xd*<NN_=DKX2qHZKKs8pECv|
zfNh;Z%BHpKR+IuyK1p4)90ZtT3<sge(Ks@GF9YfI=t6zdg5lSN9=`i^p$(SnrFyb?
z%PVcyLJM6jkpR6@g9tDy6y-%AY76c@@4(LuSqY_D2MHX}5Iw$Puao+HR^~KsLY?f{
zQbORAm#f+GbB@w>tpp;J=}QAxzz)fqm~!=LY)ToA4PsQ(vpQMDGCUa?H|{)owzu2}
zm62K->z|z5so>{KFtU1Jbeg1;8N`gMMT@Y|0YHW#g-S&`vk)m4Tr$522<i*@ApipP
z{*l6D>y!3EYUW<Zoht>_#9_btO9Az%ajVzg?o-q&7Usjx1Tu@cRibjrqB5%$^VNkS
zd?FlhQmgW=5|rAE3$`Y2YX>E_l+I<dSQB38ULzFu^!F%QX;uhpIZ@>Jw6X%elRkVi
z?hTvwMzTlLNci>hZ6M!It)UNB--|>zre${?MnXw?;4Zq}0m^j6+=(W2LQb5cFxq(<
zV73pY{|veFM58SjFRQneox-xjtE*Pi$stXb#!NNoq@ou$dXhabAucR(Pr8EjlC{-P
zb@I=}E7kf@XYdjdlvXMrL3!4S^%tVyf#i)VcV!Ud3O|JO@<z`t-(@dnf2rP&5A|Mm
z4W2W!VXEzjxE9+E-FsC0=l%qr^cP_h|6s^@qCGeI`h#Wlz2CHmhU>R_$=?+#uhwDq
zM4B0o*yiCaES$nM{RI}RA9$CXRpYMl3_B?#7Cv;0p47Xy5$}w|Os5m?(W6UZXRVWg
z=w~;6EsGoY0$sY;4S79oNp?Lu%7z>_H|CqS!Rzd&;kNYhqf-n!$;!b*<mwf-jt3W(
zJvQmp9zUYh&Gj(DpR|)P!@_Do@@L>(co{`-NON@vYphk<{DQbk^A8rHTPNkJrLvRw
zb|f@4zmPX5R(5JIU+>0rOnx%3%14!Uw#KxWy#6*@`2-7x?R7`?v~EOUgiU$2k%>YJ
zD?2%{efu8qW-H3Y+_-f<$sXdBe^UFED<dvB4hOyrEX(i;i&Jg_TqD}RjjkaM@NvjY
zps+v;#o%?N>_@n5m^$FtFkz0m5x_}>le6}bk%Q>SPAka+I4(6N(W8i*xW=+cH=4oY
z*YQB^CH2&eD&P2X4C-Othe`$*=AU)DF`Z?^MXb>kjp-WdqAwGtTqGynC!r?RfdMqv
zMLA<uDD}}4*D;@a396jra}=DVd&4)f8)@G$+G?jWvn;=`dACpt4=J4+b+ruBDPwNf
zmye`Mk&IDF=?%PAewNB7f8KZVjJWjOp-eK+Vc%h`DiDr)<-`GavAYvvcAVmloBQzc
z>UX$_42q0uN`^Z*ismXA;{d}GRnmyHwySgbHUeq}9U%!{OY4{qqz4^b4k{)Z)nBo(
zBF;RD=+>2B8Ix3AIXw0f0!<Vpj_>WepL|WtQQR)<09SAOW3MenhMQW0<*8x>4A>U&
zwO7Ji7|mbUYs9bFYY!`c=J1y;HMqKBbkH4;mU`!ec~}ADVSh!T!7f5>FCjIZ2tgj3
z#X65pKKfH7Dn|6UCgBM21to!=@jBdUU(haz-6aaORD<rCUGCSquPN42w6S4{=GUJK
zD|G@U-1dX6XDpM2)mBqKt^_;N!l368Y<S;+CZF#k;v9sdKJw-c7uJm_4+XiphSWL#
z3(|Vl+bGYgr&8tVLiZdtF>p1<4f?IvCEYZS5p`maj_cS$SC$F9+RS}pX2iJ(S<l;9
zSf(uBsproOMCo26A~Fbba8_s;sfY24x_WQ`SBrxThXB4f+<|6;L>`AbAN<`|hhCT*
zv~t}TJd@<DG!aq2Yi18}=Qruf1>}d5!Unm;u4waz)OO&GSH#>uMMZZqx*lKpT#?R(
z1hvwE<U1g?ziCQYW!NC*X(o>kbyi2VkjwB?6=cA&lNXsSbtc;ioD_NCi#^yc(R@s}
z<1L6f#f4C2kT5qU9^+VS*wbx;dVYf)vGsF=Fqx^hV;Dx0*kBZ%2pPi0VUmPHfI@X^
zApK;^D}L#&t9Gn$ZjlyQGgSbg7?y~(b=s!{4{~cX2wk}?Pv!cF?bCS~&VOfN<%R@X
z1J9^xPN&2Fp0Dsa;Anyo%zGFL16+CY<%$EvUrX-y<J$o=!60G@a;11Ls(~0-`!ES7
zLn>&FhlDTeHWwe+9|{`WUi}Y)PLFHumC@s~Z%ITNeaq3Y1vFQe5;1H#mj-(mTI@uU
z_dJvP_G&rbAv#T%V^ZK;S><&;TEd)9Y()y`+GX|$qUnor2c)Hd+Q&o`Tk`1%Pa@(*
zJ1B@z;L=Es=0D+l%KNp+tTr<CmIJU8;-OCj(?XYuMURZjz=`b_LoLfj#Svm<?7+^J
z4hTchhUPqg<6{a#=umAqsPqLMXZt&Zi7>ePYhEI-v6kRWkG|_YhtT{rD4es=i(xE1
z&jFeSK0;D@TT_oF<D3l`7R4|AthO?YC+|0WE#Ln0wr<UsC93?bO8W0x8;kCayykE9
z{$=l69t+RZxJ2{2_PrPHHhFe8^zhBdBl<^oy62us{b+q%yMDs8$7!nhM{!Hv$1u&c
z7q3IJx}N;~#J*#?7<u$--*$OL!p_+}kmj!;&76(Y0h?FCkK=UZ`!{bMHd|4?7<b=&
zQS|aa@9JRa??+AYUn>OroQW3k(>q!JzHMrqe|_Nc*0TxP_l&f@4}p(S^Wuv??mX^O
z3EPQX{P6E5dE@V5ir~5D!aJYtX<qnnMJ{%A&#`ZlXU=}B9Qgh2+RLq(Yi2+0_5WSJ
z)&I5YbN^3&!3(boFaB9GO#ao?|L@y&-`_)N1KYV5FU(F{{P*bA&X@0(FTQ{EYRzsV
zlp~$xHl#jZ4g6bp77U_t8Bx(xYN4Is+%wBxSE)CZ6NQn0s8PIZYOt$+;{0r4?6<_*
z%2L8cmbkU^O6jLnip~~kC01Ug-TX<L6H6-L+11cts8e*_D9+BL;p{RkSi3EWDV`jw
zm)!hTpdlvQdM?2+&dy09VPwjZ{v>(Sa3{rUe@d63lKP07C-R(6k?7H)v!c_M+CNjS
z9ZdBKPh}N~{z*%%daDX-q*m}KO#x{$foZm)33*pxyZ`6fdvVD;#V9?|9=4;y^whLV
zvuPJ4(vuFQrxhVG)(}~9>6hnXI5Vt22Enpnfv{bOWL)O8xQND7aM2)KG%$(&E3i@`
zbKN$Ro08d3loeZ>89SA!O$@gNvK|+})h7aHJF>>cGL?Z-d^LMW%o9!&$A)k48`7nQ
z8F)$}kXD4~>^Kz;8zL#0fvKSUlataCS;02hNZ;&DTj2hj<ikU!N|2YPkycNC!Lvn|
zs78S=*Ur=g1uv)XoOrN`csuUl!2GXiTv*UpN00%L9#SM6wu(3;W>+6$C*{7!j7(qa
zbmb|g^Tpetz3c_&Pn^}s6@3Sa6V8Y-a%CJ`=MEh69+NE@hTN61=lzZwFd<b*$`J#K
z8THC8uj9yhUuRoDKmN*G?G>{OhXn3?ONV{;+K-;FwU-x5X`g|WPDrmGKPqmJzoJ(l
z>Rx~sgAWl3ye0GA98e1Mvf#)Zx(l?2hx|O+eUY|D+m0hNd9O-+xf(uyly~at=YYc3
zqTYB$;rt97=5Q3-qDtd+yZ2q@L`>1;`-P2FMSre{Uiw{dS+v+F2*`J^wPQj?4Z0go
z5BDD^8T8*Np3^C*yYFLrwWOr0ME|u%s3;_p7|!uF7GL+ck%8|h*6x(dEo?9CD~2#}
z#cHjGuDuIM<l>AIpn~6}w^;B*hNs2PvMJ;8O$^)&xjWmr$Fzfw9Ln#o%h$C@OJ44g
zhbjzm5o!_A-h~L~8DKV`q8+FNaFvJbDmTI_jeHSzu+V+pD2+N%|Mbe6I0oLGVG+wX
z=qIa|=UVYg1kJ8M1<MFa6`0SuZX{N<Y{0Iq;927+2ezsrvFrw+I`U98F}6Cps(QgP
ztfDT)oB|-plo<zDZ!6ZYq~;gKc2XhEwFM;PSJmKZbq+_{BybKFqc+7ji$Mc>)K1+c
z!@A$bc)GF%5L{74O}=oi?skj$yKh30;irNgs7fwDp>2C5GUc>etX!!+wQO%r<d9*5
zU=Hp-K7@2-nJNQ<-}JFrR5{s}v~Df5Mt4%cbB@LVAJ*+b8$(W39jMu8$ikW5Jz;+o
zY*>2g^K9O$Yrpy9Z`Yc~%5O0m+QI_C%+s^-;;q`!37LLP8@jzSw(cuArt-i_3XLjq
z8l`2x8Qq%EvD_@@m3KyctKb#SC~G>OMQd$cn7F-(Oly*Gj+R!3i2~sXtPDtGF@=gx
zddvr-Vy#W?I|6#kDYy5ZX1F0=WH#~nUiBT7nnCe#szIXP9+BTPhBkJbRNsne4kODL
zf)q<3PkEFvMZlbLFc(l-$H?v{<*c_E=3o@>VMU{AFhkM2h9FuXGxfJ4egvz=wGYX|
zhrLEob)ZVC<f?K!P<iZ=Q)@!vdo=GYrD!t*El5Jj(&j%lWl7UgI6gi#`mWSr!_O4{
zS0LI|2Q7I3M6v{4TOuWhG;d3T%eauESfxKixeM|d&%^oOZ72>+2?u6X+Px4{1k^y?
zc9L5=Zn!OvVR4!dKt%2fR_yo;GS;ZPLkjI4+k)rL;!m2!MH%rO59d|Bhjb;0mu;Av
zlg+oNHK~{!&ky|l-_7emB{eafR4r=qhA>H6M45yb(cU@Lm@jmo3Q58lNwXsq^E;hY
z&P93R2mQJpN9bphPzt`tyIFUqG2T9d`>%U@VM&;R6~R#OZZalk>=d@ZhA5R=dYg|=
zy-R9Q+h*JN=ywyDPhV8N`656r^E*pI&b3HSjxyl|E(;_3&qnFxl)Rju^k*xWb6ndz
zlOD(=u~_2xZ4|1wYQ9w1i7D5)-D@eV#pi_Vn?UmX(cw8KG_(&nnV58)Hqg*=tSDT(
zM0?lcX{NJ??{DvbJd)(qTw%l?R83s*K56U2nWCdi`AZyOA5*P}BIdfO*cs3+wKi<~
z-G-89G*TrfCnTRr#x6A~9FeZmAIy||K4d(&Bg6YpH?~v0_mryGLtKj0sAvdE&rR8}
zR}N)K6r7edT@YE;9!sO(4u%Mm|Dd#q=+k&r=OqojFEGnjM*oYEM|JQQ%P`KI|A+jp
z8^MEuK1j1LLl)i0*#k+HSBV-NOKT%UyWw4W_i5)=MXKFwWY)tTgSUNwB%kpt`gj(T
zbEZ5HajH}HCA7LpxK=9_2`SQ?#v$CUkaNnX6NM<MsPnHM=wt24WbmJxoE=Le6+lCq
zW95#JwU|<x)1XhJO95^`-dB-5)Tczczm=yUQg&Zc`(8r{ZSb6MZp5Ai2_0h=`XcI4
z4sKsVFLEMpvSVyA&`+~9#Go&4M~!bv<+IGA-%~0hZBi>Td;}sO^8oc}!}|JHVW%*?
z6uMr~4b-0}*eCp45L?oj4ZgwK7VZ-?LEO@OIOcXmV3j;&Gzi1w`k7)D-(Hkqg7%dI
zDp_Gu*KUkvQKfXxYp?r0$-*EChsJh4ao7|2gqwv8G1ECcIIYo#a%BJ(hlF30$%{c;
zvUITuE3C6+n1(N62HPd_TKT2lm=o4Xk=-jwlg<;?yUHA^wlb<xo7}{JzPVNV_deC%
zKgvA&G)3$2xz~pIUq-XSthck3hO1_8J(>MHJQnjr;7B81jCzd&5s+Ztufthp;YM#*
ziSStyi6}0bFlgR#kRZGRiym*EEVUA`vg#RzP7F?W<{s*2Srjg-ZZSy8gCrej?$-wV
zqP@ZT(0rkKZt^bv>(1>5gw0>;c6%Hi6|yG1|2eey1m;*|-?=y3zw{#Z#@>amCkBu3
z*-?O#0mAtsNOLhnYw5_@8M{=fs8_45^~Nb?uBj-XV){g*;e>!4tLUn&c*u%v?#8v4
zryXJs?GuwLxLFIj;SQXRgI1%(H|K@V?R_=ti!|FPf5OM*5nv;+e^AZZzAQmVo6J@O
zZLF<{xwZBH=~a2~av{rlTk;7eBnT6VybI6tczEB^Q|w(48pzw9$IW+Vc%OKo)9LV<
zCmuJm=&!dDY)QnOvcPxg&8&=%EC<pjR6~HUqswdMO%XhKk~j;0&#iXK!BR9<E$mjc
z9fi#?IqGvU8tfd`qc_jE0O8FskvTxLIbURsRFQh*#e}T*3#&C7Z`Cwnl5*b4>Y&v>
zzG*9BL3AiMwAh)wMgZQ~jlmq$wP^~rGfhi3iIS|)RwKWg;eDUg3f2fj)%_D|_=NiR
z+tUOUbi7^S&&jn8tq;oN4;N!TY)j7Hz<cP?%8jm-o7a8NC9OZ~iX7Ki&}}`aCvQRd
z7~(`hl#b&2o7ZpQKCUl;PX&TzD?SohJ~rpVEnMY_tjWz$IN8Zp9{#v+;n2Hg;6w8}
zzBiu~ft}CEj<!==CarHkZOSLC4XjN$<~0Q<GjDyBJvlij4;gG+KE8nzl;e|Ii`ThE
zU`z0RHa&6O{qVdgrgGvqZ4*6UJ3qR)v9#IR?0ajQ&nL!u^f1}M7GfShVP$(<tE<32
z!;WLYS~>eA%l)h2v7^T`KF|3b*Rnl&8T@8g;mmXY3Yryg#Ma+nl@cK0YqsjITP!52
z<?}`3+i;Fg4Cy<cr@!dzmkKy@Z%2T~E8y5bZqDu?<sbedF(=0BLw;~a-e?V<PQ}#5
zWa~Tw^q!rx*Zh%S`O};`;EV0A`v&7VC*FwYoV;ieY!MTrE9O^mBA_buc<qT`-ZZ<b
zLg2IMonS?(^-_oF?U+-msi8|_rz~_cMJcl!-?>P1$o?PnhpE3zp8odo48C?^yXM#y
zHf?LUW2=4a(%TNxTa{4jWz{=!TX!#qxUC|3&P3%uM(lcfifOQ&j*HkGxXl+EVf27c
zly$n9J5)pbcdzEL`GLO!9pIvC*j=ND<ueiJz<+C(t<--;qzQ6B+ob=mhKwvNo%=s(
z$WpJ={-=hFUf=Y8YRInM?C9#g)7kUiHDslIBlpHHjotsR8nS|kshNQ%PybUx)-t>B
z>iQ!4KQ&~@%WvNozWczbA!B~r{8pF$eTUOS*8FvQ^Y1?hB@=X+LZosFtNw{S<GVLm
zK*4c^J6ygaQ%pD5IyJoJc8;u7=E~DBMI*YBd!tNBL|uEHhW`VPrxEoxOAI34t0hMU
z8Wx!+p^nc)1{pDIuPCWE=I@@aCr9gC+B&KFv<Y$3?`dsx(`=gSz}S1$jvFRzCw5gi
zPh9nz>u7j3R4(nTairqR=l3arvA1e_FCYp(^c1$RhuisI9mww7+%p!5=OC|+5#AH|
zx(B&#{Kl?MGPKVdn3~)<`MAtgS@mYOzWlRezCE6Q71KV-VC5GkHv>A_X8M!TzJLr)
z4ViiJp1hmAx2do1ap@gHpX>g<56_Sm+zH=>!a{705(ZNN<bGN+#Lf!fen%^<U($7O
zl@kU(!qbN7uNeJ1j><u?mI>M;;=>n_CYH%DZ>wgl&p9iqEXi}r1QO4S1|1wsmXXgJ
z3Mb42CdC*;1<B*>WMZw)y9Uj^$k0+Hmq9zH!+fH(V%}PYYy2r34mVywDx3oz{(Kb)
z*eeGdcAg7^xY5@CrL;Zyrr?mH@zJY3G4GD&OO#Qpk`Er|0b=)MiY8y;RNxFEl|~3}
z%c7p0d|MtjMxY_%f4qBJsg%tG5u>Lu@PQ9qg-V_d93~CcRa+XV&G!ucj~$`$U42>1
zd&0GS4*?L6Q1pEw?5q_I?_f!H-X{r~ZP16~j7PSDn@E^&SlGF@v%y6V*}@d46g#!v
zI<D08PJj<d9JY2<#KM9Gopgv-mV!xyxYNa7-DOMJRe&gKY9fzfEt`fmgL9K_4Y*iC
zfRf6o&wamEO|SC;bR0&Q<gssv8;hgXhOd-lHFs;zk(&g&l?LHkedge;(T4g5)<R7~
zB}r)QLs>UF7A%!HJEjogP&Y|J@)prxk@5MV-fY=BG{7!$7BcH3T5=%|%~2nyv6u*~
z6SH(e*a<U;K&$aD5L3qR<iQ7KMO!+1zY3lDI!pP`V>R$rCf5oj4IhyKv2k=7+B~R_
zgN@J8X*)dFg@ZDXbS-^2)4S9P0qCTi{<So|{722udIV#Mu$QL}zObfCx(Zv*T}ph;
zSr1zBqq&=%g`k<NU+)?sgK0p7)e~z0W$TSH081w#u#SA+V5}Y;cQy}OMo)TEZIMKR
zt}EZ_t>dL^Jp7<Ij-*0(7SL&D$HLIQq3BxYHXp(uATUu_X(j;3WIAC8>pVn`hJoJW
z;JOh;+eX)7Onwc9FsZ)*>s^SbRg_#Z!xFi%_~(S1v=ICVz>`IGqNd~};vOK6_RI){
zl4*{TzTCKE(vng;$7)JRE`+L3fz%-fUJ}>J?HO)U`|Co@0P^P+i1MT)@3;&C0AH;Q
z#*)L$bg~nijcI&8tf-iVGqm<!xk5&D$yk^O7nhJg6q$gQ2}I^^fm~%&2ncwe#**}}
zOT|IJA(q?WmE~GamS35F2~a0LL+Vjrd;kvN0Tbz*A{TM^QM$$pl<-v~0C!U3$md3R
z#aP$nIFI3>hxyzqYp_B96Unf)tW%-V9KK`RCFc@rmADcOJspvuBQr|M2M~bM6z|#u
zrS$?pbr%DH?vWXYJ0MFTnQEp?toF(YgEo_i#ko#g+<F@Xr(j0}4<jGxbMiWrAK`A%
zAR-hJe;p4{xZ57q3o9~QlvO|=SWj%yFDQ94e8&+nS;K{uc}f-fILf^}$oy9wpNR};
zbANUtU+5@>CPj&Kb0iAMotlFHA2wHtH%G6FAvm=Yp#oJrik0S)t}|2hUX5s4P6oi_
za4r=lzE1DK)BzKYV4+AJMZZVDT2sUvTK02QNEG1$f)F<q8dRjTXu+~GIs9vh!bbrh
zTHcqd6ea>|#s-)_K(-YF5YX2Gv<{;nO-4Sic?+zN-B@dt{@$a><T?Ui*4N~Dl$C|u
zuYbOugYYzY9pu;=IHhKH7iN&MxGX_^YC}5j&;`rdnf+Q%uNU|MXs_<+^B@(t>jMG(
z?~=J{pYryGEE(BkO!T<CPuto3RISd##BOMRCWr{LL>m<+?iBpEbG=T)*MI){=+H6}
zg`-;N`y(I~prqjC$nm`eWaVu2)WnbLwW^1c95Q~C8kruiKMH`3B<9^1vun{GjjyMf
zfV@07fIpZu_C<q{a}}jozr01;E^=wjj!r>ytd#aA>UkwF%!rzajCb<i7|Eiy&Z_HA
zp1Ba~rh){n;aVU^USQyzO<*!Xe`)s}N@=g!n;^}CB_~lvk3G)A2wczH^}Rvg;6#|R
z%){&Nzckg(Kbiq_y8U$8#N9uOXaaFke#(D}MxI9x@t|<m4O)MV>qnhd23zKxBoB&m
z9c~G>jl%6ZMY~tpxD%=_XtG2Xz}>NF-kn~+I^x&|^tsq`c-~VkQO%MM3LB3*d=K$d
z{v`=SehRf2odANTjYOCCd{rsoIQx#=m^QPw7Lf9=5K|oD(ZIbI4k5mG3p|X;@A!r<
zVV|_rs+tkd9l`n$5ejuBhADB;*Let;5b4>&Tw-MX7_XnQ3=tU7p~ZzY(9AmSPP$Ov
zki-E1vqs?(Z^?)4PXz(M^tgP{a_g18b-FAt-mV7lhi!n8PMOc2js2*7_-=hS5_o=8
zKuh&k3`$-Fhja}~gtGHtc>FOp_pk4?2Tq*0IOQplK@zUeOUIIwEB|qKGKC50=#?~#
zEE$X6DZxPeoocT^IiqnKm&`k$wD3^Bh(NCqAW=4rOjf0Gs{n~+(>}05k#?{q`H+PD
z1Ei3O06g-+1rSMaQ$-R>J+%NV8}l~hW&C61?@5BVXKq?WFHf2lf3wRF=i&XuM0HGF
z*R1rjmf=Z((s@(3Ly#y5qOiz@XS%YH<8-NMau>HR;1|l|>CdEEyfsJmh;zv5U!Az3
zmc)!rj=cd#<v|U`k&G^UDX1(;B!P0;0}EJf&8tF+$DjN}k-le?zx$v)8kN#k;bw`f
zuL~BOnsa}EbiEjL{EIPaQ$6-5M>6cnwb^M&$4w_OflDY-nY$I93tD^hPgZ0H|5_0G
z{hz&8i39S*qgx=7TKJO-yr5F_N>l>Jo^Y3AZasPUu~v(D$xgfTO`ar54FGn3fgji)
zjWGyyC{Az4JV{Se<EsLvSWi1F_V2-P0C!S)171lBws(t9#^ADak)kTdomqI7L~J!1
z5|2n2Ts`>XC(R(~Vhs_%tDqDtW0!St&KNyqGKd|AOADz}%Er??K<QhRWSsd;Tcl`<
zk)aXNSOrN4Q;|k;Ib#sAWIRMUFZxCIPNb}>3UYs3idT{1GdmRe9!(vY6cTrF%NB(q
zdes1OfAO6Acw&Q?9+qe(i@{r}AaknqbA}MxBqZOmrUK6n5MY^>6qd##1mE;bN#4M7
zWAITDc+S@Yq^14&NqU@720+eephHitr8c~!oi55u_?BA3se`gdnJ$BSZ_B+OhVb-V
z+!RHPu;7d7vA67H`VoKw64<B0X@NRN!(`nqGIwTS^6ZgZLW;4S$qGX9560~W#4a_k
zfb^iuOT>$f5;;S5C_Z^oHPf6Ug_EYA=jbq_jf^I*z}>#m3PO;vmK<3Json<S?T{nb
zM9v@}Pl;o%&H3;P#<QWjxg4@P#}f(ch0b3o)P+yd*AF2D+b&iUWe{&JWdJ$L5_wnU
zlhkrAG}7Tp2{6J)lLMD>Z{%tI_Tr}R$ow`!LSYc7VyHl~7NpV0)I1&<sC7M~DlRsK
z2#_GT1RkzHHzY9wY43n?WuB4!eW^hu?@$Iok$`fh03)#|G&vJyT^h;t=sR>}aZ0w%
z5c%_K+^ry_Z#?obG6g0oiIOu_ypp01W~N}^Xa|&~al!%K!h^*Hsm26v0?LjEe0hs>
zWrNZbV;()E8nciVc2!V0<!2c5#IOKy0F=6Zna=r@H3+GKlx3c>!vXKD5a)gu<r*XF
zf6HH=kAQ(ANe)H7zgW(-LzA|IlrDnd#<5}@tKw>e0`<t7D@B?24a|#q^XsM0-`$(z
zuA0iqGN;6LsHBlMb`-TY3?z5~2hnoicVeD+gnvAQh=xV!kQybTAtoEhsCYe_Th4^z
zlS;e1khpn5h_z3hjYH?bqm^ymW%)MV$%G?3jEVc14NMq~DX63)9BepmA()ndbV@?j
z#8#yet8!Ve9mcxQ5Q*y!R&Yca69M!_*|r1n?>wPp#Q7=>8hA&z9p%b%m{4e4Q@C7H
z3DqjRV_e_BKP#5J1OW@bt1~e*Wz&HrZ9wl`g8MVV=^u{#2?W!Yn##7iQJdQ9L>SA`
z)NmAc($d6IDxDILxD12|B}io>O5Vn8fF~f_hF}jMRJ0H$3a*_E_B_yNMO<}J*7wy1
zb^>%A3043?fgEV6B`aY=Frn0Byt#HR_z3;ErIjO}F-1#}Tor}CpzL13*&zsG$}n$i
zq!^&Q7QkrN40+@EUjG2da#3YKn06qq8eFS|yQL28{tm)KJL{j$;kyrbJayrsduv#8
za>Nc?bUPxahpGjk^PM9?fhDzoTW_0sGF_e=zNu4irh|geiHJ*BLKsv7^#>a>$>3-z
z;j#|FNI`e)wqwijqaR0r6Hg)dFub;M>k8Cz<qPQYGZa$wzGCU^Q%K6-G;T(L!BJq@
z9jM;j)nBp2g~<77E$3A4dGVRCRXFugjBZf}Cd82!2Cg+<VuSNncTW7WIpY#`G}EMM
zSCfk^Gr$A@ju{g6Zr|qm;AYixbS}EC)6U0M%f_+=c)!xhcNRP=5AkeRkfhI&dkEq!
z@jY~yK*nR)&~X!yEWLVeI;8xeEt3iP1QXIvI0AG#xtQC;81VfJG-3=nEITIb0h+&o
z)_aa?==*&XJwC<F;AE{;^a<o`my-AJ`45g>O$07-b`OPUQ)@vc!5_bRVQV`Iapr?>
zJANH-jlUBRwT}=p;rQBwU_?1s`@P$SyEEUi$JMj5_)Citk@1PET|AZ0w(WeS=h!<d
zesdxuS{>iMD$Mby%7)2t6CnZK?p)5H8&5dXb3DFwC-7YA?WQJp&l^V!(`I>(-5u{c
z7gKwR@)`!B4);ws@H!H7DDaz!&ePrmC0zVHhPC9h{nMIC>D;||h5>_@IkU}a1O!Ut
z56dv40cw*j`?N%=!`(aG*@p?cF;?nC2g%+ekRy0vq!VuzTJ90*0zf&d9FiZ{#l4Rc
zr8XsU9tU_I%hpN@R(huNEEtNP8FXnGY>ytkd5{3N)Q)e!=5%Pl3b-<i@HfRcF%bkR
z_>*KxpvLj6^E%;xUG=2X)_@@ew!RB2iA1{}jMi!I7Qr0|PO;OaM7ykxg_$7`0HA<T
zjb89LbS={CZ3r*U&JPCoi00g9cK}WDJ`4l)R{$o*G)H|+lyLWS+Q$tK6I5F==Kh1?
zfx%XQC{C$U7t`}vQIuhbWP=)vdaqvIIm5bgojS9$eML0b%4wo8_H3oj$fEwpZDkiL
zr{Q8h7@~|kW#yHs?Y$(Tq{q_v%)vG{6oYm5HmoBgyB}0g0k~0<!~duK*2i!jt}r;}
zHi)7sLJUBnMaO{oa0bwV6wa^S0M2uA-XV{wT1pnqY3`<4@lwycEYqZVKV~ywbMnbJ
zEB#Y7fG8VOZqfMIwuhux(5R#SGy;+hD@<^g;bs~9hv?rJ`Ed>vo8DLn4aqQ1?__Hx
zylC6PsT*_h4`N3^_hH!;zu3(*4P}N#y~8OzBBIvzvH|Of9tMH;S68O0OH)CeBRbE0
zftY(N)H@BlI={j+lYmY-I@63A)U(r4*Q3nX-&FU_05o}JUx#Zs=*Y4+^N<YSLF|*)
z*EDQ}Va(pAEH(ns0^B_NbOOQA)dEjG2tV|lRW`22u^*h<Wnc?H00unSBb?+s*T^v?
zMSuo{bE#GX)`37mm&hf;{BsK8uQZ?<4b-21-cbI$vG4hfm(QF3K5yCeqTvYO#si2l
zp4wvP8Jw{)20r!(V(wZP+Pg4vWMS<5!g%?@gT95~kI;n7RM+46p1m*cF<#7^f4Pp^
zc{$hjvYYa9;qS{V_DlBOMK03f>Lcv)^Na64ihOvvsJXPbQO>u#>($)eSKpjp{y6`t
zr~K8H`uv}luVVhb0%WHlbM`YIHh0A+hoGJ5Ve>b42>fGzl3Eh#uNOJGq?xcJQBf+@
zzjR=JN%qqvoa}P2(X!%&1f>hh%&W_)&HieO%TwQ%wVFM2%wJD=yf)A<xgoZ|S&9!G
zd1UPJYWb`BfY=I9F~zDHunlE{L$XnKSGfCe>s1fPF0YW6v=01Z%R#$F%HI4emuKNw
zNBbAY&G!0FvQ7PDs^V9-oE1mG>5vPH{?F&aE7)9LGNJ|8g4OBqvJRZ|QQX(vH1nOc
z<o?~s7uM24cb^`HJQm;X9}E_C1KhkJs@uD(p&VvYxv>9T*-_=)I7mb~Qw><jF&EL$
z0uW@VFMB?X0Pm*0M|iz=9E1gln%xiIr**-9z5rnwANFkS;%#}~IXP=d2UeFpSYcs^
z2;MbcC-lK0%#!g>!cD(VPkvgL!~uThAEmVm=Ffec6aba(f7Ic`*10}S=D^O@pS1Dj
z|FS=I9^Gd%`AHTFz7pV=Dzd+62=P^){WbaC|H<0+CyXMcbDV}yVShgN6w+j#)x||M
zH(4%tS}I#xDln~ju35@^5RkXdnj~))=^*w{Esb!Ssgb}-qYddqV77Ee&7Kj;v8Zgq
z`{jtB`-6Rk!7gLDLw*4P0r@dMtICcB$ec%g)j3As4Dc`JALAv~m>iQK{LxpU7pvaF
z3RagrfI#gDx6<P<0`t89`WWs_kZVCOMxts19IeQ1KdwHii2Cui`TK1ftKOA;Ot=ih
zt-GE0!H6<ivwDBP0<)YncO=+*TL@?x0eD#J@-0IH8IkVqoiiPO{I39x2yyq;zD-(c
z_)doSPB2e!8$&oVcE85}gikZ|H1C0*5O>(@#nMLN6~XAFw?bM2Eg)LI>B#CvQ5F@c
zXXP~!1@+>^`jq1OlY&z^#Z$uEwzlu1liC8lr!1ny(x<NwcbG3A98xP*{{WZ-0RaF3
zLT3cjMEjJ210^sj^V&&W^;I6E0h@JIS+!M@QvF%>O@w7wKl?)vut|m${^PH7WS_0u
z3J5|@gM@{KhlKz<P>hX^kC2g)la!T~mzbHFo1C4VpP-?lqok##r91$LtE>yEgg*cx
zMgR*+PD2C&MuQqiPD=nShd>7aD1*Vsg*wIn8iytT1h=k*u_A;k001zAAKin}BZkGt
zgDWP3v=prFhl;22^Yr!h_xSnx`~01$?*N@Zcr_>%iW>mb4VsbA$%-4vgsm!&AmTDZ
zMqJ@I)B->afdrix95jT%3jz(DSR-T%5ye3TE{K?UfI&cj@%ri9|H-qb&!0epq6&HQ
zkcN;rJnoRV4nT&IHKNJ@@Sz4TLm~oLTqPuBAtdLH7E1cjNr8_@7y$Soa6ln&g0N~;
z0svysn>mH*-OIPH-@kwx{kw|@1%M%h7!INJA<>5&1tLcVAfUiTLoF6;ojB~!0EmVW
zFFfpI>5`@;oPYpu)rsNOgfas=M;Pa#z_@ek-p#xBqrtTc(egHEgk~oc4iFj=&Jfc>
z5ELp~r6hppLOTZB8cxXgppLB>K<fcu1|bav5JiWXo{$XK!JXvwO~1bV`}juzk6*mv
zpaX0<A%p-s4Dy0<@N_nW2tW)XgiQ|0LI@7Txz?EqojIXF|5;9q;GYu!lEl;!0+jVZ
zJ208IV1oie=tM^h>;Qxb8S*FJZTaP><BmMix1WtAP|$)26*>V#bSO{&-ylr=AOHXm
zlyK1x7XVNI45z&yfB+w$P+%_r3?RY?0TL4AkVWE<zy~WpP-6)iw2;9I1w9$%MdEPd
zm5n#{=;xn+2D;OaeEx!n5x3m5*iD8Sf<#=aG>Xx6hEPh<l7v9YCzCh|>glJThMEbX
zo0e+osi?*`pQx<1>MEe5rYh^Kw4S=^tGMQ>>u#~u>g%t-x^wHU#1?C8PrU}K?6S2E
zd+f8&Mr%s4%vNhHpUz6F?Y7)jLhZHSh8s|}-Ii;v|F++XtM0mlkbCaC@amc_yYzzV
zZoK&B`{}&y2%*Ad4%OHputTWuB`ZtZkeYx71Ej+U09$*nz7$uiBfqOG*qlnoIS9e8
zMu@QSDl<fe%TeaJ^8+|VRy(o9FvrXr#$1hT2nqtv%3RBcpjS|N00Ck1AxcDC6wmN<
zD)Z7z&rDQs%%zOT0+^=C-8&i}7>m@bbcJ*wZq^2wZB3VLc3{-vpo0@Lpg`#kD4>v(
z)J8~M(lslfz+ypp1AM~@-Yn6=3S9q?H;cn50fXCxDDi>`HDvws434YNS`AWry&Mc9
zaG1d}FI=Sq&WSpK#Nsm`w!@Y$*tN>bXU8u4|2@4bag+uch%f*(;(V}#5d)?CLI4Ol
zp@Is8n4pf(<aDUP5I`gVL81w?N1}_$8wmh8j6pC00oswoKo3s50D#udEI>g30t8rq
zTM-i1rV~aKFw7D#08qjXw|p=I5E&SNAe69x(`djvKybhSWF#!5&F+B^yoV0}P&!0F
zX%Gm3NK#JYg#1Yj0>xv1Xll?NCuG1TFc1I-nF9?ImT&<OA|WA8NI$Azur7mOz{1Re
zzQ%|I01*1Y!88Y=Y&hWpC=#0d6vB=deas0(NZAESNF4z9Ac9!T;yjK308PQehs+rU
z1Y8s~LR<hrM)=SId{_t=7NP(EI86p#{|KQq9)cDtXi6TJ0x-$_&~<95VEoo`3n453
zK}v*)OlV>g9Xz9gQ+!8Pj-bU#S~3(sV}%WCI1DZ=CzD4+(2&}NCnh~{5FA*G3kl&y
z`INGTd4#1ySaTlqxo!ji*juJHh652q4w2!Yi|Y!3O950UlI~#0C6~#}OhkZ<7W5%4
zh5>*Nm2nVf90UaR2E;??q7b23<se$wO^g5_mUwi6G^FOoSh#K*94rJ8P4GlNCUQE6
zz=1KAflO9>AOg({s6Zj%0{Fd7ni5F>01S1_P&z>g#dCr}uVbDnmFWWT(||!+Inl((
zQkFH4P%msr2nw81p5Z700O+J4|6mfwWbQFSg&@$Ley(BwE*Pjz1=@s_t|Ay5_!;sT
zl7T@OMg)n<Cg%zf(ktQM12VvcNS#0c;^YrYFnHfBnhJxbMl}`+5t>2{Kp^_*qCv4B
zjuHmIA`rCD3FOIRS0J#29e{5MOQ1_*fB+*I(Z~rUxQuL^AhID0A)bXWUlVr9SZ0!d
ziiB8#$Ov!)BUEVtY*9e~fVcuNu_&7qAYUO;NEw!vrT`<j0S7X)1hpKX1{t7$Ri7jP
zIvL?}2iSoTjuIjxsHFfJFllE#aDWk*Km&WLUO^~Oi;aNe051sX^gsduUPyx*3NgU}
zS}+3!4Pq$*$QevX(Ae@?|B?v;*x_9;Wl|>?jS!d`LYW%JimFlPG>BaXVe$)KLwM12
z`NiuhN+19xnD@Y0qyYd9#wQAZpk5Fr%u;B8;0i}@0|T%WVM@@T1aK(AAZEo72CxAO
zn|O9lXg~opTomSV;FTecF-Z#0fG3>z#%F6n0|>xi8T*(|c5T37aZKc<Jplu>`LU9N
zV;BtBxX4gunhON*+9g{#AT=OsPNU4_r6pkl=QDw5uS{mRn!o@6*gz7x%;u#X;RI-&
zh5-&h=Q`W@&UntVp7+e>KKuF4fDW{s4S*5=7~lkyY_p=hoP!v+fCZ3_w4^6Z=}KGr
z(wNS)rZ>&$PD|PaCNaptnioy#Qk(kJs7|%2SIz2HyZY6zj<u|3P3v0Q`qsGKM<4(I
EJItD)iU0rr

literal 0
HcmV?d00001

diff --git a/docs/reference/commandline/events.md b/docs/reference/commandline/events.md
new file mode 100644
index 00000000..22e94609
--- /dev/null
+++ b/docs/reference/commandline/events.md
@@ -0,0 +1,165 @@
+<!--[metadata]>
++++
+title = "events"
+description = "The events command description and usage"
+keywords = ["events, container, report"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# events
+
+    Usage: docker events [OPTIONS]
+
+    Get real time events from the server
+
+      -f, --filter=[]    Filter output based on conditions provided
+      --help             Print usage
+      --since=""         Show all events created since timestamp
+      --until=""         Stream events until this timestamp
+
+Docker containers report the following events:
+
+    attach, commit, copy, create, destroy, die, exec_create, exec_start, export, kill, oom, pause, rename, resize, restart, start, stop, top, unpause, update
+
+Docker images report the following events:
+
+    delete, import, pull, push, tag, untag
+
+Docker volumes report the following events:
+
+    create, mount, unmount, destroy
+
+Docker networks report the following events:
+
+    create, connect, disconnect, destroy
+
+The `--since` and `--until` parameters can be Unix timestamps, date formatted
+timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed
+relative to the client machine’s time. If you do not provide the `--since` option,
+the command returns only new and/or live events.  Supported formats for date
+formatted time stamps include RFC3339Nano, RFC3339, `2006-01-02T15:04:05`,
+`2006-01-02T15:04:05.999999999`, `2006-01-02Z07:00`, and `2006-01-02`. The local
+timezone on the client will be used if you do not provide either a `Z` or a
+`+-00:00` timezone offset at the end of the timestamp.  When providing Unix
+timestamps enter seconds[.nanoseconds], where seconds is the number of seconds
+that have elapsed since January 1, 1970 (midnight UTC/GMT), not counting leap
+seconds (aka Unix epoch or Unix time), and the optional .nanoseconds field is a
+fraction of a second no more than nine digits long.
+
+## Filtering
+
+The filtering flag (`-f` or `--filter`) format is of "key=value". If you would
+like to use multiple filters, pass multiple flags (e.g.,
+`--filter "foo=bar" --filter "bif=baz"`)
+
+Using the same filter multiple times will be handled as a *OR*; for example
+`--filter container=588a23dac085 --filter container=a8f7720b8c22` will display
+events for container 588a23dac085 *OR* container a8f7720b8c22
+
+Using multiple filters will be handled as a *AND*; for example
+`--filter container=588a23dac085 --filter event=start` will display events for
+container container 588a23dac085 *AND* the event type is *start*
+
+The currently supported filters are:
+
+* container (`container=<name or id>`)
+* event (`event=<event action>`)
+* image (`image=<tag or id>`)
+* label (`label=<key>` or `label=<key>=<value>`)
+* type (`type=<container or image or volume or network>`)
+* volume (`volume=<name or id>`)
+* network (`network=<name or id>`)
+
+## Examples
+
+You'll need two shells for this example.
+
+**Shell 1: Listening for events:**
+
+    $ docker events
+
+**Shell 2: Start and Stop containers:**
+
+    $ docker start 4386fb97867d
+    $ docker stop 4386fb97867d
+    $ docker stop 7805c1d35632
+
+**Shell 1: (Again .. now showing events):**
+
+    2015-05-12T11:51:30.999999999Z07:00 container start 4386fb97867d (image=ubuntu-1:14.04)
+    2015-05-12T11:51:30.999999999Z07:00 container die 4386fb97867d (image=ubuntu-1:14.04)
+    2015-05-12T15:52:12.999999999Z07:00 container stop 4386fb97867d (image=ubuntu-1:14.04)
+    2015-05-12T15:53:45.999999999Z07:00 container die 7805c1d35632 (image=redis:2.8)
+    2015-05-12T15:54:03.999999999Z07:00 container stop 7805c1d35632 (image=redis:2.8)
+
+**Show events in the past from a specified time:**
+
+    $ docker events --since 1378216169
+    2015-05-12T11:51:30.999999999Z07:00 container die 4386fb97867d (image=ubuntu-1:14.04)
+    2015-05-12T15:52:12.999999999Z07:00 container stop 4386fb97867d (image=ubuntu-1:14.04)
+    2015-05-12T15:53:45.999999999Z07:00 container die 7805c1d35632 (image=redis:2.8)
+    2015-05-12T15:54:03.999999999Z07:00 container stop 7805c1d35632 (image=redis:2.8)
+
+    $ docker events --since '2013-09-03'
+    2015-05-12T11:51:30.999999999Z07:00 container start 4386fb97867d (image=ubuntu-1:14.04)
+    2015-05-12T11:51:30.999999999Z07:00 container die 4386fb97867d (image=ubuntu-1:14.04)
+    2015-05-12T15:52:12.999999999Z07:00 container stop 4386fb97867d (image=ubuntu-1:14.04)
+    2015-05-12T15:53:45.999999999Z07:00 container die 7805c1d35632 (image=redis:2.8)
+    2015-05-12T15:54:03.999999999Z07:00 container stop 7805c1d35632 (image=redis:2.8)
+
+    $ docker events --since '2013-09-03T15:49:29'
+    2015-05-12T11:51:30.999999999Z07:00 container die 4386fb97867d (image=ubuntu-1:14.04)
+    2015-05-12T15:52:12.999999999Z07:00 container stop 4386fb97867d (image=ubuntu-1:14.04)
+    2015-05-12T15:53:45.999999999Z07:00 container die 7805c1d35632 (image=redis:2.8)
+    2015-05-12T15:54:03.999999999Z07:00 container stop 7805c1d35632 (image=redis:2.8)
+
+This example outputs all events that were generated in the last 3 minutes,
+relative to the current time on the client machine:
+
+    $ docker events --since '3m'
+    2015-05-12T11:51:30.999999999Z07:00 container die 4386fb97867d (image=ubuntu-1:14.04)
+    2015-05-12T15:52:12.999999999Z07:00 container stop 4386fb97867d (image=ubuntu-1:14.04)
+    2015-05-12T15:53:45.999999999Z07:00 container die 7805c1d35632 (image=redis:2.8)
+    2015-05-12T15:54:03.999999999Z07:00 container stop 7805c1d35632 (image=redis:2.8)
+
+**Filter events:**
+
+    $ docker events --filter 'event=stop'
+    2014-05-10T17:42:14.999999999Z07:00 container stop 4386fb97867d (image=ubuntu-1:14.04)
+    2014-09-03T17:42:14.999999999Z07:00 container stop 7805c1d35632 (image=redis:2.8)
+
+    $ docker events --filter 'image=ubuntu-1:14.04'
+    2014-05-10T17:42:14.999999999Z07:00 container start 4386fb97867d (image=ubuntu-1:14.04)
+    2014-05-10T17:42:14.999999999Z07:00 container die 4386fb97867d (image=ubuntu-1:14.04)
+    2014-05-10T17:42:14.999999999Z07:00 container stop 4386fb97867d (image=ubuntu-1:14.04)
+
+    $ docker events --filter 'container=7805c1d35632'
+    2014-05-10T17:42:14.999999999Z07:00 container die 7805c1d35632 (image=redis:2.8)
+    2014-09-03T15:49:29.999999999Z07:00 container stop 7805c1d35632 (image= redis:2.8)
+
+    $ docker events --filter 'container=7805c1d35632' --filter 'container=4386fb97867d'
+    2014-09-03T15:49:29.999999999Z07:00 container die 4386fb97867d (image=ubuntu-1:14.04)
+    2014-05-10T17:42:14.999999999Z07:00 container stop 4386fb97867d (image=ubuntu-1:14.04)
+    2014-05-10T17:42:14.999999999Z07:00 container die 7805c1d35632 (image=redis:2.8)
+    2014-09-03T15:49:29.999999999Z07:00 container stop 7805c1d35632 (image=redis:2.8)
+
+    $ docker events --filter 'container=7805c1d35632' --filter 'event=stop'
+    2014-09-03T15:49:29.999999999Z07:00 container stop 7805c1d35632 (image=redis:2.8)
+
+    $ docker events --filter 'container=container_1' --filter 'container=container_2'
+    2014-09-03T15:49:29.999999999Z07:00 container die 4386fb97867d (image=ubuntu-1:14.04)
+    2014-05-10T17:42:14.999999999Z07:00 container stop 4386fb97867d (image=ubuntu-1:14.04)
+    2014-05-10T17:42:14.999999999Z07:00 container die 7805c1d35632 (imager=redis:2.8)
+    2014-09-03T15:49:29.999999999Z07:00 container stop 7805c1d35632 (image=redis:2.8)
+
+    $ docker events --filter 'type=volume'
+    2015-12-23T21:05:28.136212689Z volume create test-event-volume-local (driver=local)
+    2015-12-23T21:05:28.383462717Z volume mount test-event-volume-local (read/write=true, container=562fe10671e9273da25eed36cdce26159085ac7ee6707105fd534866340a5025, destination=/foo, driver=local, propagation=rprivate)
+    2015-12-23T21:05:28.650314265Z volume unmount test-event-volume-local (container=562fe10671e9273da25eed36cdce26159085ac7ee6707105fd534866340a5025, driver=local)
+    2015-12-23T21:05:28.716218405Z volume destroy test-event-volume-local (driver=local)
+
+    $ docker events --filter 'type=network'
+    2015-12-23T21:38:24.705709133Z network create 8b111217944ba0ba844a65b13efcd57dc494932ee2527577758f939315ba2c5b (name=test-event-network-local, type=bridge)
+    2015-12-23T21:38:25.119625123Z network connect 8b111217944ba0ba844a65b13efcd57dc494932ee2527577758f939315ba2c5b (name=test-event-network-local, container=b4be644031a3d90b400f88ab3d4bdf4dc23adb250e696b6328b85441abe2c54e, type=bridge)
diff --git a/docs/reference/commandline/exec.md b/docs/reference/commandline/exec.md
new file mode 100644
index 00000000..80796a59
--- /dev/null
+++ b/docs/reference/commandline/exec.md
@@ -0,0 +1,56 @@
+<!--[metadata]>
++++
+title = "exec"
+description = "The exec command description and usage"
+keywords = ["command, container, run, execute"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# exec
+
+    Usage: docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
+
+    Run a command in a running container
+
+      -d, --detach               Detached mode: run command in the background
+      --detach-keys              Specify the escape key sequence used to detach a container
+      --help                     Print usage
+      -i, --interactive          Keep STDIN open even if not attached
+      --privileged               Give extended Linux capabilities to the command
+      -t, --tty                  Allocate a pseudo-TTY
+      -u, --user=                Username or UID (format: <name|uid>[:<group|gid>])
+
+The `docker exec` command runs a new command in a running container.
+
+The command started using `docker exec` only runs while the container's primary
+process (`PID 1`) is running, and it is not restarted if the container is
+restarted.
+
+If the container is paused, then the `docker exec` command will fail with an error:
+
+    $ docker pause test
+    test
+    $ docker ps
+    CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                   PORTS               NAMES
+    1ae3b36715d2        ubuntu:latest       "bash"              17 seconds ago      Up 16 seconds (Paused)                       test
+    $ docker exec test ls
+    FATA[0000] Error response from daemon: Container test is paused, unpause the container before exec
+    $ echo $?
+    1
+
+## Examples
+
+    $ docker run --name ubuntu_bash --rm -i -t ubuntu bash
+
+This will create a container named `ubuntu_bash` and start a Bash session.
+
+    $ docker exec -d ubuntu_bash touch /tmp/execWorks
+
+This will create a new file `/tmp/execWorks` inside the running container
+`ubuntu_bash`, in the background.
+
+    $ docker exec -it ubuntu_bash bash
+
+This will create a new Bash session in the container `ubuntu_bash`.
diff --git a/docs/reference/commandline/export.md b/docs/reference/commandline/export.md
new file mode 100644
index 00000000..604ceab1
--- /dev/null
+++ b/docs/reference/commandline/export.md
@@ -0,0 +1,35 @@
+<!--[metadata]>
++++
+title = "export"
+description = "The export command description and usage"
+keywords = ["export, file, system, container"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# export
+
+    Usage: docker export [OPTIONS] CONTAINER
+
+    Export the contents of a container's filesystem as a tar archive
+
+      --help             Print usage
+      -o, --output=""    Write to a file, instead of STDOUT
+
+The `docker export` command does not export the contents of volumes associated
+with the container. If a volume is mounted on top of an existing directory in
+the container, `docker export` will export the contents of the *underlying*
+directory, not the contents of the volume.
+
+Refer to [Backup, restore, or migrate data
+volumes](../../userguide/containers/dockervolumes.md#backup-restore-or-migrate-data-volumes) in
+the user guide for examples on exporting data in a volume.
+
+## Examples
+
+    $ docker export red_panda > latest.tar
+
+Or
+
+    $ docker export --output="latest.tar" red_panda
diff --git a/docs/reference/commandline/history.md b/docs/reference/commandline/history.md
new file mode 100644
index 00000000..d8750d83
--- /dev/null
+++ b/docs/reference/commandline/history.md
@@ -0,0 +1,40 @@
+<!--[metadata]>
++++
+title = "history"
+description = "The history command description and usage"
+keywords = ["docker, image, history"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# history
+
+    Usage: docker history [OPTIONS] IMAGE
+
+    Show the history of an image
+
+      -H, --human=true     Print sizes and dates in human readable format
+      --help               Print usage
+      --no-trunc           Don't truncate output
+      -q, --quiet          Only show numeric IDs
+
+To see how the `docker:latest` image was built:
+
+    $ docker history docker
+    IMAGE               CREATED             CREATED BY                                      SIZE                COMMENT
+    3e23a5875458        8 days ago          /bin/sh -c #(nop) ENV LC_ALL=C.UTF-8            0 B
+    8578938dd170        8 days ago          /bin/sh -c dpkg-reconfigure locales &&    loc   1.245 MB
+    be51b77efb42        8 days ago          /bin/sh -c apt-get update && apt-get install    338.3 MB
+    4b137612be55        6 weeks ago         /bin/sh -c #(nop) ADD jessie.tar.xz in /        121 MB
+    750d58736b4b        6 weeks ago         /bin/sh -c #(nop) MAINTAINER Tianon Gravi <ad   0 B
+    511136ea3c5a        9 months ago                                                        0 B                 Imported from -
+
+To see how the `docker:apache` image was added to a container's base image:
+
+    $ docker history docker:scm
+    IMAGE               CREATED             CREATED BY                                      SIZE                COMMENT
+    2ac9d1098bf1        3 months ago        /bin/bash                                       241.4 MB            Added Apache to Fedora base image
+    88b42ffd1f7c        5 months ago        /bin/sh -c #(nop) ADD file:1fd8d7f9f6557cafc7   373.7 MB
+    c69cab00d6ef        5 months ago        /bin/sh -c #(nop) MAINTAINER Lokesh Mandvekar   0 B
+    511136ea3c5a        19 months ago                                                       0 B                 Imported from -
diff --git a/docs/reference/commandline/images.md b/docs/reference/commandline/images.md
new file mode 100644
index 00000000..9ab97684
--- /dev/null
+++ b/docs/reference/commandline/images.md
@@ -0,0 +1,229 @@
+<!--[metadata]>
++++
+title = "images"
+description = "The images command description and usage"
+keywords = ["list, docker, images"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# images
+
+    Usage: docker images [OPTIONS] [REPOSITORY[:TAG]]
+
+    List images
+
+      -a, --all            Show all images (default hides intermediate images)
+      --digests            Show digests
+      -f, --filter=[]      Filter output based on conditions provided
+      --help               Print usage
+      --no-trunc           Don't truncate output
+      -q, --quiet          Only show numeric IDs
+
+The default `docker images` will show all top level
+images, their repository and tags, and their size.
+
+Docker images have intermediate layers that increase reusability,
+decrease disk usage, and speed up `docker build` by
+allowing each step to be cached. These intermediate layers are not shown
+by default.
+
+The `SIZE` is the cumulative space taken up by the image and all
+its parent images. This is also the disk space used by the contents of the
+Tar file created when you `docker save` an image.
+
+An image will be listed more than once if it has multiple repository names
+or tags. This single image (identifiable by its matching `IMAGE ID`)
+uses up the `SIZE` listed only once.
+
+### Listing the most recently created images
+
+    $ docker images
+    REPOSITORY                TAG                 IMAGE ID            CREATED             SIZE
+    <none>                    <none>              77af4d6b9913        19 hours ago        1.089 GB
+    committ                   latest              b6fa739cedf5        19 hours ago        1.089 GB
+    <none>                    <none>              78a85c484f71        19 hours ago        1.089 GB
+    docker                    latest              30557a29d5ab        20 hours ago        1.089 GB
+    <none>                    <none>              5ed6274db6ce        24 hours ago        1.089 GB
+    postgres                  9                   746b819f315e        4 days ago          213.4 MB
+    postgres                  9.3                 746b819f315e        4 days ago          213.4 MB
+    postgres                  9.3.5               746b819f315e        4 days ago          213.4 MB
+    postgres                  latest              746b819f315e        4 days ago          213.4 MB
+
+### Listing images by name and tag
+
+The `docker images` command takes an optional `[REPOSITORY[:TAG]]` argument
+that restricts the list to images that match the argument. If you specify
+`REPOSITORY`but no `TAG`, the `docker images` command lists all images in the
+given repository.
+
+For example, to list all images in the "java" repository, run this command :
+
+    $ docker images java
+    REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
+    java                8                   308e519aac60        6 days ago          824.5 MB
+    java                7                   493d82594c15        3 months ago        656.3 MB
+    java                latest              2711b1d6f3aa        5 months ago        603.9 MB
+
+The `[REPOSITORY[:TAG]]` value must be an "exact match". This means that, for example,
+`docker images jav` does not match the image `java`.
+
+If both `REPOSITORY` and `TAG` are provided, only images matching that
+repository and tag are listed.  To find all local images in the "java"
+repository with tag "8" you can use:
+
+    $ docker images java:8
+    REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
+    java                8                   308e519aac60        6 days ago          824.5 MB
+
+If nothing matches `REPOSITORY[:TAG]`, the list is empty.
+
+    $ docker images java:0
+    REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
+
+## Listing the full length image IDs
+
+    $ docker images --no-trunc
+    REPOSITORY                    TAG                 IMAGE ID                                                                  CREATED             SIZE
+    <none>                        <none>              sha256:77af4d6b9913e693e8d0b4b294fa62ade6054e6b2f1ffb617ac955dd63fb0182   19 hours ago        1.089 GB
+    committest                    latest              sha256:b6fa739cedf5ea12a620a439402b6004d057da800f91c7524b5086a5e4749c9f   19 hours ago        1.089 GB
+    <none>                        <none>              sha256:78a85c484f71509adeaace20e72e941f6bdd2b25b4c75da8693efd9f61a37921   19 hours ago        1.089 GB
+    docker                        latest              sha256:30557a29d5abc51e5f1d5b472e79b7e296f595abcf19fe6b9199dbbc809c6ff4   20 hours ago        1.089 GB
+    <none>                        <none>              sha256:0124422dd9f9cf7ef15c0617cda3931ee68346455441d66ab8bdc5b05e9fdce5   20 hours ago        1.089 GB
+    <none>                        <none>              sha256:18ad6fad340262ac2a636efd98a6d1f0ea775ae3d45240d3418466495a19a81b   22 hours ago        1.082 GB
+    <none>                        <none>              sha256:f9f1e26352f0a3ba6a0ff68167559f64f3e21ff7ada60366e2d44a04befd1d3a   23 hours ago        1.089 GB
+    tryout                        latest              sha256:2629d1fa0b81b222fca63371ca16cbf6a0772d07759ff80e8d1369b926940074   23 hours ago        131.5 MB
+    <none>                        <none>              sha256:5ed6274db6ceb2397844896966ea239290555e74ef307030ebb01ff91b1914df   24 hours ago        1.089 GB
+
+## Listing image digests
+
+Images that use the v2 or later format have a content-addressable identifier
+called a `digest`. As long as the input used to generate the image is
+unchanged, the digest value is predictable. To list image digest values, use
+the `--digests` flag:
+
+    $ docker images --digests
+    REPOSITORY                         TAG                 DIGEST                                                                    IMAGE ID            CREATED             SIZE
+    localhost:5000/test/busybox        <none>              sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf   4986bf8c1536        9 weeks ago         2.43 MB
+
+When pushing or pulling to a 2.0 registry, the `push` or `pull` command
+output includes the image digest. You can `pull` using a digest value. You can
+also reference by digest in `create`, `run`, and `rmi` commands, as well as the
+`FROM` image reference in a Dockerfile.
+
+## Filtering
+
+The filtering flag (`-f` or `--filter`) format is of "key=value". If there is more
+than one filter, then pass multiple flags (e.g., `--filter "foo=bar" --filter "bif=baz"`)
+
+The currently supported filters are:
+
+* dangling (boolean - true or false)
+* label (`label=<key>` or `label=<key>=<value>`)
+
+##### Untagged images (dangling)
+
+    $ docker images --filter "dangling=true"
+
+    REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
+    <none>              <none>              8abc22fbb042        4 weeks ago         0 B
+    <none>              <none>              48e5f45168b9        4 weeks ago         2.489 MB
+    <none>              <none>              bf747efa0e2f        4 weeks ago         0 B
+    <none>              <none>              980fe10e5736        12 weeks ago        101.4 MB
+    <none>              <none>              dea752e4e117        12 weeks ago        101.4 MB
+    <none>              <none>              511136ea3c5a        8 months ago        0 B
+
+This will display untagged images, that are the leaves of the images tree (not
+intermediary layers). These images occur when a new build of an image takes the
+`repo:tag` away from the image ID, leaving it as `<none>:<none>` or untagged.
+A warning will be issued if trying to remove an image when a container is presently
+using it. By having this flag it allows for batch cleanup.
+
+Ready for use by `docker rmi ...`, like:
+
+    $ docker rmi $(docker images -f "dangling=true" -q)
+
+    8abc22fbb042
+    48e5f45168b9
+    bf747efa0e2f
+    980fe10e5736
+    dea752e4e117
+    511136ea3c5a
+
+NOTE: Docker will warn you if any containers exist that are using these untagged images.
+
+
+##### Labeled images
+
+The `label` filter matches images based on the presence of a `label` alone or a `label` and a
+value.
+
+The following filter matches images with the `com.example.version` label regardless of its value.
+
+    $ docker images --filter "label=com.example.version"
+
+    REPOSITORY          TAG                 IMAGE ID            CREATED              SIZE
+    match-me-1          latest              eeae25ada2aa        About a minute ago   188.3 MB
+    match-me-2          latest              eeae25ada2aa        About a minute ago   188.3 MB
+
+The following filter matches images with the `com.example.version` label with the `1.0` value.
+
+    $ docker images --filter "label=com.example.version=1.0"
+    REPOSITORY          TAG                 IMAGE ID            CREATED              SIZE
+    match-me            latest              eeae25ada2aa        About a minute ago   188.3 MB
+
+In this example, with the `0.1` value, it returns an empty set because no matches were found.
+
+    $ docker images --filter "label=com.example.version=0.1"
+    REPOSITORY          TAG                 IMAGE ID            CREATED              SIZE
+
+## Formatting
+
+The formatting option (`--format`) will pretty print container output
+using a Go template.
+
+Valid placeholders for the Go template are listed below:
+
+Placeholder | Description
+---- | ----
+`.ID` | Image ID
+`.Repository` | Image repository
+`.Tag` | Image tag
+`.Digest` | Image digest
+`.CreatedSince` | Elapsed time since the image was created.
+`.CreatedAt` | Time when the image was created.
+`.Size` | Image disk size.
+
+When using the `--format` option, the `image` command will either
+output the data exactly as the template declares or, when using the
+`table` directive, will include column headers as well.
+
+The following example uses a template without headers and outputs the
+`ID` and `Repository` entries separated by a colon for all images:
+
+    $ docker images --format "{{.ID}}: {{.Repository}}"
+    77af4d6b9913: <none>
+    b6fa739cedf5: committ
+    78a85c484f71: <none>
+    30557a29d5ab: docker
+    5ed6274db6ce: <none>
+    746b819f315e: postgres
+    746b819f315e: postgres
+    746b819f315e: postgres
+    746b819f315e: postgres
+
+To list all images with their repository and tag in a table format you
+can use:
+
+    $ docker images --format "table {{.ID}}\t{{.Repository}}\t{{.Tag}}"
+    IMAGE ID            REPOSITORY                TAG
+    77af4d6b9913        <none>                    <none>
+    b6fa739cedf5        committ                   latest
+    78a85c484f71        <none>                    <none>
+    30557a29d5ab        docker                    latest
+    5ed6274db6ce        <none>                    <none>
+    746b819f315e        postgres                  9
+    746b819f315e        postgres                  9.3
+    746b819f315e        postgres                  9.3.5
+    746b819f315e        postgres                  latest
diff --git a/docs/reference/commandline/import.md b/docs/reference/commandline/import.md
new file mode 100644
index 00000000..d4ca8d57
--- /dev/null
+++ b/docs/reference/commandline/import.md
@@ -0,0 +1,69 @@
+<!--[metadata]>
++++
+title = "import"
+description = "The import command description and usage"
+keywords = ["import, file, system, container"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# import
+
+    Usage: docker import file|URL|- [REPOSITORY[:TAG]]
+
+    Create an empty filesystem image and import the contents of the
+	tarball (.tar, .tar.gz, .tgz, .bzip, .tar.xz, .txz) into it, then
+	optionally tag it.
+
+      -c, --change=[]     Apply specified Dockerfile instructions while importing the image
+      --help              Print usage
+      -m, --message=      Set commit message for imported image
+
+You can specify a `URL` or `-` (dash) to take data directly from `STDIN`. The
+`URL` can point to an archive (.tar, .tar.gz, .tgz, .bzip, .tar.xz, or .txz)
+containing a filesystem or to an individual file on the Docker host.  If you
+specify an archive, Docker untars it in the container relative to the `/`
+(root). If you specify an individual file, you must specify the full path within
+the host. To import from a remote location, specify a `URI` that begins with the
+`http://` or `https://` protocol.
+
+The `--change` option will apply `Dockerfile` instructions to the image
+that is created.
+Supported `Dockerfile` instructions:
+`CMD`|`ENTRYPOINT`|`ENV`|`EXPOSE`|`ONBUILD`|`USER`|`VOLUME`|`WORKDIR`
+
+## Examples
+
+**Import from a remote location:**
+
+This will create a new untagged image.
+
+    $ docker import http://example.com/exampleimage.tgz
+
+**Import from a local file:**
+
+Import to docker via pipe and `STDIN`.
+
+    $ cat exampleimage.tgz | docker import - exampleimagelocal:new
+
+Import with a commit message.
+
+    $ cat exampleimage.tgz | docker import --message "New image imported from tarball" - exampleimagelocal:new
+
+Import to docker from a local archive.
+
+    $ docker import /path/to/exampleimage.tgz
+
+**Import from a local directory:**
+
+    $ sudo tar -c . | docker import - exampleimagedir
+
+**Import from a local directory with new configurations:**
+
+    $ sudo tar -c . | docker import --change "ENV DEBUG true" - exampleimagedir
+
+Note the `sudo` in this example – you must preserve
+the ownership of the files (especially root ownership) during the
+archiving with tar. If you are not root (or the sudo command) when you
+tar, then the ownerships might not get preserved.
diff --git a/docs/reference/commandline/index.md b/docs/reference/commandline/index.md
new file mode 100644
index 00000000..a5704da0
--- /dev/null
+++ b/docs/reference/commandline/index.md
@@ -0,0 +1,88 @@
+<!-- [metadata]>
++++
+title = "Command line reference"
+description = "Docker's CLI command description and usage"
+keywords = ["Docker, Docker documentation, CLI,  command line"]
+[menu.main]
+identifier= "smn_cli"
+parent = "engine_ref"
+weight=-70
++++
+<![end-metadata]-->
+
+
+
+# The Docker commands
+
+This section contains reference information on using Docker's command line client. Each command has a reference page along with samples. If you are unfamiliar with the command line, you should start by reading about how to [Use the Docker command line](cli.md).  
+
+You start the Docker daemon with the command line. How you start the daemon affects your Docker containers. For that reason you should also make sure to read the [`daemon`](daemon.md) reference page.
+
+### Docker management commands
+
+* [daemon](daemon.md)
+* [info](info.md)
+* [inspect](inspect.md)
+* [version](version.md)
+
+### Image commands
+
+* [build](build.md)
+* [commit](commit.md)
+* [export](export.md)
+* [history](history.md)
+* [images](images.md)
+* [import](import.md)
+* [load](load.md)
+* [rmi](rmi.md)
+* [save](save.md)
+* [tag](tag.md)
+
+### Container commands
+
+* [attach](attach.md)
+* [cp](cp.md)
+* [create](create.md)
+* [diff](diff.md)
+* [events](events.md)
+* [exec](exec.md)
+* [kill](kill.md)
+* [logs](logs.md)
+* [pause](pause.md)
+* [port](port.md)
+* [ps](ps.md)
+* [rename](rename.md)
+* [restart](restart.md)
+* [rm](rm.md)
+* [run](run.md)
+* [start](start.md)
+* [stats](stats.md)
+* [stop](stop.md)
+* [top](top.md)
+* [unpause](unpause.md)
+* [update](update.md)
+* [wait](wait.md)
+
+### Hub and registry commands
+
+* [login](login.md)
+* [logout](logout.md)
+* [pull](pull.md)
+* [push](push.md)
+* [search](search.md)
+
+### Network and connectivity commands
+
+* [network_connect](network_connect.md)
+* [network_create](network_create.md)
+* [network_disconnect](network_disconnect.md)
+* [network_inspect](network_inspect.md)
+* [network_ls](network_ls.md)
+* [network_rm](network_rm.md)
+
+### Shared data volume commands
+
+* [volume_create](volume_create.md)
+* [volume_inspect](volume_inspect.md)
+* [volume_ls](volume_ls.md)
+* [volume_rm](volume_rm.md)
diff --git a/docs/reference/commandline/info.md b/docs/reference/commandline/info.md
new file mode 100644
index 00000000..06f7848d
--- /dev/null
+++ b/docs/reference/commandline/info.md
@@ -0,0 +1,69 @@
+<!--[metadata]>
++++
+title = "info"
+description = "The info command description and usage"
+keywords = ["display, docker, information"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# info
+
+
+    Usage: docker info [OPTIONS]
+
+    Display system-wide information
+
+      --help              Print usage
+
+For example:
+
+    $ docker -D info
+    Containers: 14
+     Running: 3
+     Paused: 1
+     Stopped: 10
+    Images: 52
+    Server Version: 1.9.0
+    Storage Driver: aufs
+     Root Dir: /var/lib/docker/aufs
+     Backing Filesystem: extfs
+     Dirs: 545
+     Dirperm1 Supported: true
+    Execution Driver: native-0.2
+    Logging Driver: json-file
+    Cgroup Driver: cgroupfs
+    Plugins:
+     Volume: local
+     Network: bridge null host
+    Kernel Version: 3.19.0-22-generic
+    OSType: linux
+    Architecture: x86_64
+    Operating System: Ubuntu 15.04
+    CPUs: 24
+    Total Memory: 62.86 GiB
+    Name: docker
+    ID: I54V:OLXT:HVMM:TPKO:JPHQ:CQCD:JNLC:O3BZ:4ZVJ:43XJ:PFHZ:6N2S
+    Docker Root Dir: /var/lib/docker
+    Debug mode (client): true
+    Debug mode (server): true
+     File Descriptors: 59
+     Goroutines: 159
+     System Time: 2015-09-23T14:04:20.699842089+08:00
+     EventsListeners: 0
+     Init SHA1:
+     Init Path: /usr/bin/docker
+     Docker Root Dir: /var/lib/docker
+     Http Proxy: http://test:test@localhost:8080
+     Https Proxy: https://test:test@localhost:8080
+    WARNING: No swap limit support
+    Username: svendowideit
+    Registry: [https://index.docker.io/v1/]
+    Labels:
+     storage=ssd
+
+The global `-D` option tells all `docker` commands to output debug information.
+
+When sending issue reports, please use `docker version` and `docker -D info` to
+ensure we know how your setup is configured.
diff --git a/docs/reference/commandline/inspect.md b/docs/reference/commandline/inspect.md
new file mode 100644
index 00000000..38d4098c
--- /dev/null
+++ b/docs/reference/commandline/inspect.md
@@ -0,0 +1,76 @@
+<!--[metadata]>
++++
+title = "inspect"
+description = "The inspect command description and usage"
+keywords = ["inspect, container, json"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# inspect
+
+    Usage: docker inspect [OPTIONS] CONTAINER|IMAGE [CONTAINER|IMAGE...]
+
+    Return low-level information on a container or image
+
+      -f, --format=""         Format the output using the given go template
+      --help                  Print usage
+      --type=container|image  Return JSON for specified type, permissible
+                              values are "image" or "container"
+      -s, --size              Display total file sizes if the type is container
+
+By default, this will render all results in a JSON array. If the container and
+image have the same name, this will return container JSON for unspecified type.
+If a format is specified, the given template will be executed for each result.
+
+Go's [text/template](http://golang.org/pkg/text/template/) package
+describes all the details of the format.
+
+## Examples
+
+**Get an instance's IP address:**
+
+For the most part, you can pick out any field from the JSON in a fairly
+straightforward manner.
+
+    $ docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' $INSTANCE_ID
+
+**Get an instance's MAC Address:**
+
+For the most part, you can pick out any field from the JSON in a fairly
+straightforward manner.
+
+    $ docker inspect --format='{{range .NetworkSettings.Networks}}{{.MacAddress}}{{end}}' $INSTANCE_ID
+
+**Get an instance's log path:**
+
+    $ docker inspect --format='{{.LogPath}}' $INSTANCE_ID
+
+**List All Port Bindings:**
+
+One can loop over arrays and maps in the results to produce simple text
+output:
+
+    $ docker inspect --format='{{range $p, $conf := .NetworkSettings.Ports}} {{$p}} -> {{(index $conf 0).HostPort}} {{end}}' $INSTANCE_ID
+
+**Find a Specific Port Mapping:**
+
+The `.Field` syntax doesn't work when the field name begins with a
+number, but the template language's `index` function does. The
+`.NetworkSettings.Ports` section contains a map of the internal port
+mappings to a list of external address/port objects. To grab just the
+numeric public port, you use `index` to find the specific port map, and
+then `index` 0 contains the first object inside of that. Then we ask for
+the `HostPort` field to get the public address.
+
+    $ docker inspect --format='{{(index (index .NetworkSettings.Ports "8787/tcp") 0).HostPort}}' $INSTANCE_ID
+
+**Get a subsection in JSON format:**
+
+If you request a field which is itself a structure containing other
+fields, by default you get a Go-style dump of the inner values.
+Docker adds a template function, `json`, which can be applied to get
+results in JSON format.
+
+    $ docker inspect --format='{{json .Config}}' $INSTANCE_ID
diff --git a/docs/reference/commandline/kill.md b/docs/reference/commandline/kill.md
new file mode 100644
index 00000000..6f202587
--- /dev/null
+++ b/docs/reference/commandline/kill.md
@@ -0,0 +1,26 @@
+<!--[metadata]>
++++
+title = "kill"
+description = "The kill command description and usage"
+keywords = ["container, kill, signal"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# kill
+
+    Usage: docker kill [OPTIONS] CONTAINER [CONTAINER...]
+
+    Kill a running container using SIGKILL or a specified signal
+
+      --help                 Print usage
+      -s, --signal="KILL"    Signal to send to the container
+
+The main process inside the container will be sent `SIGKILL`, or any
+signal specified with option `--signal`.
+
+> **Note:**
+> `ENTRYPOINT` and `CMD` in the *shell* form run as a subcommand of `/bin/sh -c`,
+> which does not pass signals. This means that the executable is not the container’s PID 1
+> and does not receive Unix signals.
diff --git a/docs/reference/commandline/load.md b/docs/reference/commandline/load.md
new file mode 100644
index 00000000..0b40fde2
--- /dev/null
+++ b/docs/reference/commandline/load.md
@@ -0,0 +1,37 @@
+<!--[metadata]>
++++
+title = "load"
+description = "The load command description and usage"
+keywords = ["stdin, tarred, repository"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# load
+
+    Usage: docker load [OPTIONS]
+
+    Load an image from a tar archive or STDIN
+
+      --help             Print usage
+      -i, --input=""     Read from a tar archive file, instead of STDIN. The tarball may be compressed with gzip, bzip, or xz
+      -q, --quiet        Suppress the load output. Without this option, a progress bar is displayed.
+
+Loads a tarred repository from a file or the standard input stream.
+Restores both images and tags.
+
+    $ docker images
+    REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
+    $ docker load < busybox.tar.gz
+    $ docker images
+    REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
+    busybox             latest              769b9341d937        7 weeks ago         2.489 MB
+    $ docker load --input fedora.tar
+    $ docker images
+    REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
+    busybox             latest              769b9341d937        7 weeks ago         2.489 MB
+    fedora              rawhide             0d20aec6529d        7 weeks ago         387 MB
+    fedora              20                  58394af37342        7 weeks ago         385.5 MB
+    fedora              heisenbug           58394af37342        7 weeks ago         385.5 MB
+    fedora              latest              58394af37342        7 weeks ago         385.5 MB
diff --git a/docs/reference/commandline/login.md b/docs/reference/commandline/login.md
new file mode 100644
index 00000000..baff45f8
--- /dev/null
+++ b/docs/reference/commandline/login.md
@@ -0,0 +1,117 @@
+<!--[metadata]>
++++
+title = "login"
+description = "The login command description and usage"
+keywords = ["registry, login, image"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# login
+
+    Usage: docker login [OPTIONS] [SERVER]
+
+    Log in to a Docker registry server, if no server is
+	specified "https://index.docker.io/v1/" is the default.
+
+      --help               Print usage
+      -p, --password=""    Password
+      -u, --username=""    Username
+
+If you want to login to a self-hosted registry you can specify this by
+adding the server name.
+
+    example:
+    $ docker login localhost:8080
+
+
+`docker login` requires user to use `sudo` or be `root`, except when:
+
+1.  connecting to a remote daemon, such as a `docker-machine` provisioned `docker engine`.
+2.  user is added to the `docker` group.  This will impact the security of your system; the `docker` group is `root` equivalent.  See [Docker Daemon Attack Surface](https://docs.docker.com/security/security/#docker-daemon-attack-surface) for details.
+
+You can log into any public or private repository for which you have
+credentials.  When you log in, the command stores encoded credentials in
+`$HOME/.docker/config.json` on Linux or `%USERPROFILE%/.docker/config.json` on Windows.
+
+> **Note**:  When running `sudo docker login` credentials are saved in `/root/.docker/config.json`.
+>
+
+## Credentials store
+
+The Docker Engine can keep user credentials in an external credentials store,
+such as the native keychain of the operating system. Using an external store
+is more secure than storing credentials in the Docker configuration file.
+
+To use a credentials store, you need an external helper program to interact
+with a specific keychain or external store. Docker requires the helper
+program to be in the client's host `$PATH`.
+
+This is the list of currently available credentials helpers and where
+you can download them from:
+
+- D-Bus Secret Service: https://github.com/docker/docker-credential-helpers/releases
+- Apple OS X keychain: https://github.com/docker/docker-credential-helpers/releases
+- Microsoft Windows Credential Manager: https://github.com/docker/docker-credential-helpers/releases
+
+### Usage
+
+You need to speficy the credentials store in `$HOME/.docker/config.json`
+to tell the docker engine to use it:
+
+```json
+{
+	"credsStore": "osxkeychain"
+}
+```
+
+If you are currently logged in, run `docker logout` to remove
+the credentials from the file and run `docker login` again.
+
+### Protocol
+
+Credential helpers can be any program or script that follows a very simple protocol.
+This protocol is heavily inspired by Git, but it differs in the information shared.
+
+The helpers always use the first argument in the command to identify the action.
+There are only three possible values for that argument: `store`, `get`, and `erase`.
+
+The `store` command takes a JSON payload from the standard input. That payload carries
+the server address, to identify the credential, the user name, and either a password
+or an identity token.
+
+```json
+{
+	"ServerURL": "https://index.docker.io/v1",
+	"Username": "david",
+	"Secret": "passw0rd1"
+}
+```
+
+If the secret being stored is an identity token, the Username should be set to
+`<token>`.
+
+The `store` command can write error messages to `STDOUT` that the docker engine
+will show if there was an issue.
+
+The `get` command takes a string payload from the standard input. That payload carries
+the server address that the docker engine needs credentials for. This is
+an example of that payload: `https://index.docker.io/v1`.
+
+The `get` command writes a JSON payload to `STDOUT`. Docker reads the user name
+and password from this payload:
+
+```json
+{
+	"Username": "david",
+	"Secret": "passw0rd1"
+}
+```
+
+The `erase` command takes a string payload from `STDIN`. That payload carries
+the server address that the docker engine wants to remove credentials for. This is
+an example of that payload: `https://index.docker.io/v1`.
+
+The `erase` command can write error messages to `STDOUT` that the docker engine
+will show if there was an issue.
diff --git a/docs/reference/commandline/logout.md b/docs/reference/commandline/logout.md
new file mode 100644
index 00000000..a3bb40c6
--- /dev/null
+++ b/docs/reference/commandline/logout.md
@@ -0,0 +1,22 @@
+<!--[metadata]>
++++
+title = "logout"
+description = "The logout command description and usage"
+keywords = ["logout, docker, registry"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# logout
+
+    Usage: docker logout [SERVER]
+
+    Log out from a Docker registry, if no server is
+	specified "https://index.docker.io/v1/" is the default.
+
+      --help          Print usage
+
+For example:
+
+    $ docker logout localhost:8080
diff --git a/docs/reference/commandline/logs.md b/docs/reference/commandline/logs.md
new file mode 100644
index 00000000..91558ffa
--- /dev/null
+++ b/docs/reference/commandline/logs.md
@@ -0,0 +1,50 @@
+<!--[metadata]>
++++
+title = "logs"
+description = "The logs command description and usage"
+keywords = ["logs, retrieve, docker"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# logs
+
+    Usage: docker logs [OPTIONS] CONTAINER
+
+    Fetch the logs of a container
+
+      -f, --follow              Follow log output
+      --help                    Print usage
+      --since=""                Show logs since timestamp
+      -t, --timestamps          Show timestamps
+      --tail="all"              Number of lines to show from the end of the logs
+
+> **Note**: this command is available only for containers with `json-file` and
+> `journald` logging drivers.
+
+The `docker logs` command batch-retrieves logs present at the time of execution.
+
+The `docker logs --follow` command will continue streaming the new output from
+the container's `STDOUT` and `STDERR`.
+
+Passing a negative number or a non-integer to `--tail` is invalid and the
+value is set to `all` in that case.
+
+The `docker logs --timestamps` command will add an [RFC3339Nano timestamp](https://golang.org/pkg/time/#pkg-constants)
+, for example `2014-09-16T06:17:46.000000000Z`, to each
+log entry. To ensure that the timestamps are aligned the
+nano-second part of the timestamp will be padded with zero when necessary.
+
+The `--since` option shows only the container logs generated after
+a given date. You can specify the date as an RFC 3339 date, a UNIX
+timestamp, or a Go duration string (e.g. `1m30s`, `3h`). Besides RFC3339 date
+format you may also use RFC3339Nano, `2006-01-02T15:04:05`,
+`2006-01-02T15:04:05.999999999`, `2006-01-02Z07:00`, and `2006-01-02`. The local
+timezone on the client will be used if you do not provide either a `Z` or a
+`+-00:00` timezone offset at the end of the timestamp. When providing Unix
+timestamps enter seconds[.nanoseconds], where seconds is the number of seconds
+that have elapsed since January 1, 1970 (midnight UTC/GMT), not counting leap
+seconds (aka Unix epoch or Unix time), and the optional .nanoseconds field is a
+fraction of a second no more than nine digits long. You can combine the
+`--since` option with either or both of the `--follow` or `--tail` options.
diff --git a/docs/reference/commandline/network_connect.md b/docs/reference/commandline/network_connect.md
new file mode 100644
index 00000000..a815ca38
--- /dev/null
+++ b/docs/reference/commandline/network_connect.md
@@ -0,0 +1,93 @@
+<!--[metadata]>
++++
+title = "network connect"
+description = "The network connect command description and usage"
+keywords = ["network, connect, user-defined"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# network connect
+
+    Usage:  docker network connect [OPTIONS] NETWORK CONTAINER
+
+    Connects a container to a network
+
+      --alias=[]         Add network-scoped alias for the container
+      --help             Print usage
+      --ip               IPv4 Address
+      --ip6              IPv6 Address
+      --link=[]          Add a link to another container
+
+Connects a container to a network. You can connect a container by name
+or by ID. Once connected, the container can communicate with other containers in
+the same network.
+
+```bash
+$ docker network connect multi-host-network container1
+```
+
+You can also use the `docker run --net=<network-name>` option to start a container and immediately connect it to a network.
+
+```bash
+$ docker run -itd --net=multi-host-network busybox
+```
+
+You can specify the IP address you want to be assigned to the container's interface.
+
+```bash
+$ docker network connect --ip 10.10.36.122 multi-host-network container2
+```
+
+You can use `--link` option to link another container with a preferred alias
+
+```bash
+$ docker network connect --link container1:c1 multi-host-network container2
+```
+
+`--alias` option can be used to resolve the container by another name in the network
+being connected to.
+
+```bash
+$ docker network connect --alias db --alias mysql multi-host-network container2
+```
+
+You can pause, restart, and stop containers that are connected to a network.
+Paused containers remain connected and can be revealed by a `network inspect`.
+When the container is stopped, it does not appear on the network until you restart
+it.
+
+If specified, the container's IP address(es) is reapplied when a stopped
+container is restarted. If the IP address is no longer available, the container
+fails to start. One way to guarantee that the IP address is available is
+to specify an `--ip-range` when creating the network, and choose the static IP
+address(es) from outside that range. This ensures that the IP address is not
+given to another container while this container is not on the network.
+
+```bash
+$ docker network create --subnet 172.20.0.0/16 --ip-range 172.20.240.0/20 multi-host-network
+```
+
+```bash
+$ docker network connect --ip 172.20.128.2 multi-host-network container2
+```
+
+To verify the container is connected, use the `docker network inspect` command. Use `docker network disconnect` to remove a container from the network.
+
+Once connected in network, containers can communicate using only another
+container's IP address or name. For `overlay` networks or custom plugins that
+support multi-host connectivity, containers connected to the same multi-host
+network but launched from different Engines can also communicate in this way.
+
+You can connect a container to one or more networks. The networks need not be the same type. For example, you can connect a single container bridge and overlay networks.
+
+## Related information
+
+* [network inspect](network_inspect.md)
+* [network create](network_create.md)
+* [network disconnect](network_disconnect.md)
+* [network ls](network_ls.md)
+* [network rm](network_rm.md)
+* [Understand Docker container networks](../../userguide/networking/dockernetworks.md)
+* [Work with networks](../../userguide/networking/work-with-networks.md)
diff --git a/docs/reference/commandline/network_create.md b/docs/reference/commandline/network_create.md
new file mode 100644
index 00000000..f44c5eff
--- /dev/null
+++ b/docs/reference/commandline/network_create.md
@@ -0,0 +1,169 @@
+<!--[metadata]>
++++
+title = "network create"
+description = "The network create command description and usage"
+keywords = ["network, create"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# network create
+
+    Usage:  docker network create [OPTIONS] NETWORK-NAME
+
+    Creates a new network with a name specified by the user
+
+    --aux-address=map[]      Auxiliary ipv4 or ipv6 addresses used by network driver
+    -d --driver=DRIVER       Driver to manage the Network bridge or overlay. The default is bridge.
+    --gateway=[]             ipv4 or ipv6 Gateway for the master subnet
+    --help                   Print usage
+    --internal               Restricts external access to the network
+    --ip-range=[]            Allocate container ip from a sub-range
+    --ipam-driver=default    IP Address Management Driver
+    --ipam-opt=map[]         Set custom IPAM driver specific options
+    --ipv6                   Enable IPv6 networking
+    --label=[]               Set metadata on a network
+    -o --opt=map[]           Set custom driver specific options
+    --subnet=[]              Subnet in CIDR format that represents a network segment
+
+Creates a new network. The `DRIVER` accepts `bridge` or `overlay` which are the
+built-in network drivers. If you have installed a third party or your own custom
+network driver you can specify that `DRIVER` here also. If you don't specify the
+`--driver` option, the command automatically creates a `bridge` network for you.
+When you install Docker Engine it creates a `bridge` network automatically. This
+network corresponds to the `docker0` bridge that Engine has traditionally relied
+on. When launch a new container with  `docker run` it automatically connects to
+this bridge network. You cannot remove this default bridge network but you can
+create new ones using the `network create` command.
+
+```bash
+$ docker network create -d bridge my-bridge-network
+```
+
+Bridge networks are isolated networks on a single Engine installation. If you
+want to create a network that spans multiple Docker hosts each running an
+Engine, you must create an `overlay` network. Unlike `bridge` networks overlay
+networks require some pre-existing conditions before you can create one. These
+conditions are:
+
+* Access to a key-value store. Engine supports Consul, Etcd, and ZooKeeper (Distributed store) key-value stores.
+* A cluster of hosts with connectivity to the key-value store.
+* A properly configured Engine `daemon` on each host in the cluster.
+
+The `docker daemon` options that support the `overlay` network are:
+
+* `--cluster-store`
+* `--cluster-store-opt`
+* `--cluster-advertise`
+
+To read more about these options and how to configure them, see ["*Get started
+with multi-host network*"](../../userguide/networking/get-started-overlay.md).
+
+It is also a good idea, though not required, that you install Docker Swarm on to
+manage the cluster that makes up your network. Swarm provides sophisticated
+discovery and server management that can assist your implementation.
+
+Once you have prepared the `overlay` network prerequisites you simply choose a
+Docker host in the cluster and issue the following to create the network:
+
+```bash
+$ docker network create -d overlay my-multihost-network
+```
+
+Network names must be unique. The Docker daemon attempts to identify naming
+conflicts but this is not guaranteed. It is the user's responsibility to avoid
+name conflicts.
+
+## Connect containers
+
+When you start a container use the `--net` flag to connect it to a network.
+This adds the `busybox` container to the `mynet` network.
+
+```bash
+$ docker run -itd --net=mynet busybox
+```
+
+If you want to add a container to a network after the container is already
+running use the `docker network connect` subcommand.
+
+You can connect multiple containers to the same network. Once connected, the
+containers can communicate using only another container's IP address or name.
+For `overlay` networks or custom plugins that support multi-host connectivity,
+containers connected to the same multi-host network but launched from different
+Engines can also communicate in this way.
+
+You can disconnect a container from a network using the `docker network
+disconnect` command.
+
+## Specifying advanced options
+
+When you create a network, Engine creates a non-overlapping subnetwork for the network by default. This subnetwork is not a subdivision of an existing network. It is purely for ip-addressing purposes. You can override this default and specify subnetwork values directly using the `--subnet` option. On a `bridge` network you can only create a single subnet:
+
+```bash
+docker network create -d --subnet=192.168.0.0/16
+```
+Additionally, you also specify the `--gateway` `--ip-range` and `--aux-address` options.
+
+```bash
+network create --driver=bridge --subnet=172.28.0.0/16 --ip-range=172.28.5.0/24 --gateway=172.28.5.254 br0
+```
+
+If you omit the `--gateway` flag the Engine selects one for you from inside a
+preferred pool. For `overlay` networks and for network driver plugins that
+support it you can create multiple subnetworks.
+
+```bash
+docker network create -d overlay
+  --subnet=192.168.0.0/16 --subnet=192.170.0.0/16
+  --gateway=192.168.0.100 --gateway=192.170.0.100
+  --ip-range=192.168.1.0/24
+  --aux-address a=192.168.1.5 --aux-address b=192.168.1.6
+  --aux-address a=192.170.1.5 --aux-address b=192.170.1.6
+  my-multihost-network
+```
+Be sure that your subnetworks do not overlap. If they do, the network create fails and Engine returns an error.
+
+# Bridge driver options
+
+When creating a custom network, the default network driver (i.e. `bridge`) has additional options that can be passed.
+The following are those options and the equivalent docker daemon flags used for docker0 bridge:
+
+| Option                                           | Equivalent  | Description                                           |
+|--------------------------------------------------|-------------|-------------------------------------------------------|
+| `com.docker.network.bridge.name`                 | -           | bridge name to be used when creating the Linux bridge |
+| `com.docker.network.bridge.enable_ip_masquerade` | `--ip-masq` | Enable IP masquerading                                |
+| `com.docker.network.bridge.enable_icc`           | `--icc`     | Enable or Disable Inter Container Connectivity        |
+| `com.docker.network.bridge.host_binding_ipv4`    | `--ip`      | Default IP when binding container ports               |
+| `com.docker.network.mtu`                         | `--mtu`     | Set the containers network MTU                        |
+
+The following arguments can be passed to `docker network create` for any network driver, again with their approximate
+equivalents to `docker daemon`.
+
+| Argument     | Equivalent     | Description                                |
+|--------------|----------------|--------------------------------------------|
+| `--gateway`  | -              | ipv4 or ipv6 Gateway for the master subnet |
+| `--ip-range` | `--fixed-cidr` | Allocate IPs from a range                  |
+| `--internal` | -              | Restricts external access to the network   |
+| `--ipv6`     | `--ipv6`       | Enable IPv6 networking                     |
+| `--subnet`   | `--bip`        | Subnet for network                         |
+
+For example, let's use `-o` or `--opt` options to specify an IP address binding when publishing ports:
+
+```bash
+docker network create -o "com.docker.network.bridge.host_binding_ipv4"="172.19.0.1" simple-network
+```
+
+### Network internal mode
+
+By default, when you connect a container to an `overlay` network, Docker also connects a bridge network to it to provide external connectivity.
+If you want to create an externally isolated `overlay` network, you can specify the `--internal` option.
+
+## Related information
+
+* [network inspect](network_inspect.md)
+* [network connect](network_connect.md)
+* [network disconnect](network_disconnect.md)
+* [network ls](network_ls.md)
+* [network rm](network_rm.md)
+* [Understand Docker container networks](../../userguide/networking/dockernetworks.md)
diff --git a/docs/reference/commandline/network_disconnect.md b/docs/reference/commandline/network_disconnect.md
new file mode 100644
index 00000000..10c4f16e
--- /dev/null
+++ b/docs/reference/commandline/network_disconnect.md
@@ -0,0 +1,35 @@
+<!--[metadata]>
++++
+title = "network disconnect"
+description = "The network disconnect command description and usage"
+keywords = ["network, disconnect, user-defined"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# network disconnect
+
+    Usage:  docker network disconnect [OPTIONS] NETWORK CONTAINER
+
+
+    Disconnects a container from a network
+
+      -f, --force        Force the container to disconnect from a network
+      --help             Print usage
+
+Disconnects a container from a network. The container must be running to disconnect it from the network.
+
+```bash
+  $ docker network disconnect multi-host-network container1
+```
+
+
+## Related information
+
+* [network inspect](network_inspect.md)
+* [network connect](network_connect.md)
+* [network create](network_create.md)
+* [network ls](network_ls.md)
+* [network rm](network_rm.md)
+* [Understand Docker container networks](../../userguide/networking/dockernetworks.md)
diff --git a/docs/reference/commandline/network_inspect.md b/docs/reference/commandline/network_inspect.md
new file mode 100644
index 00000000..251407e5
--- /dev/null
+++ b/docs/reference/commandline/network_inspect.md
@@ -0,0 +1,119 @@
+<!--[metadata]>
++++
+title = "network inspect"
+description = "The network inspect command description and usage"
+keywords = ["network, inspect, user-defined"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# network inspect
+
+    Usage:  docker network inspect [OPTIONS] NETWORK [NETWORK..]
+
+    Displays detailed information on a network
+
+      -f, --format=       Format the output using the given go template.
+      --help             Print usage
+
+Returns information about one or more networks. By default, this command renders all results in a JSON object. For example, if you connect two containers to the default `bridge` network:
+
+```bash
+$ sudo docker run -itd --name=container1 busybox
+f2870c98fd504370fb86e59f32cd0753b1ac9b69b7d80566ffc7192a82b3ed27
+
+$ sudo docker run -itd --name=container2 busybox
+bda12f8922785d1f160be70736f26c1e331ab8aaf8ed8d56728508f2e2fd4727
+```
+
+The `network inspect` command shows the containers, by id, in its
+results. For networks backed by multi-host network driver, such as Overlay,
+this command also shows the container endpoints in other hosts in the
+cluster. These endpoints are represented as "ep-{endpoint-id}" in the output.
+You can specify an alternate format to execute a given
+template for each result. Go's
+[text/template](http://golang.org/pkg/text/template/) package describes all the
+details of the format.
+
+```bash
+$ sudo docker network inspect bridge
+[
+    {
+        "Name": "bridge",
+        "Id": "b2b1a2cba717161d984383fd68218cf70bbbd17d328496885f7c921333228b0f",
+        "Scope": "local",
+        "Driver": "bridge",
+        "IPAM": {
+            "Driver": "default",
+            "Config": [
+                {
+                    "Subnet": "172.17.42.1/16",
+                    "Gateway": "172.17.42.1"
+                }
+            ]
+        },
+        "Internal": false,
+        "Containers": {
+            "bda12f8922785d1f160be70736f26c1e331ab8aaf8ed8d56728508f2e2fd4727": {
+                "Name": "container2",
+                "EndpointID": "0aebb8fcd2b282abe1365979536f21ee4ceaf3ed56177c628eae9f706e00e019",
+                "MacAddress": "02:42:ac:11:00:02",
+                "IPv4Address": "172.17.0.2/16",
+                "IPv6Address": ""
+            },
+            "f2870c98fd504370fb86e59f32cd0753b1ac9b69b7d80566ffc7192a82b3ed27": {
+                "Name": "container1",
+                "EndpointID": "a00676d9c91a96bbe5bcfb34f705387a33d7cc365bac1a29e4e9728df92d10ad",
+                "MacAddress": "02:42:ac:11:00:01",
+                "IPv4Address": "172.17.0.1/16",
+                "IPv6Address": ""
+            }
+        },
+        "Options": {
+            "com.docker.network.bridge.default_bridge": "true",
+            "com.docker.network.bridge.enable_icc": "true",
+            "com.docker.network.bridge.enable_ip_masquerade": "true",
+            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
+            "com.docker.network.bridge.name": "docker0",
+            "com.docker.network.driver.mtu": "1500"
+        }
+    }
+]
+```
+
+Returns the information about the user-defined network:
+
+```bash
+$ docker network create simple-network
+69568e6336d8c96bbf57869030919f7c69524f71183b44d80948bd3927c87f6a
+$ docker network inspect simple-network
+[
+    {
+        "Name": "simple-network",
+        "Id": "69568e6336d8c96bbf57869030919f7c69524f71183b44d80948bd3927c87f6a",
+        "Scope": "local",
+        "Driver": "bridge",
+        "IPAM": {
+            "Driver": "default",
+            "Config": [
+                {
+                    "Subnet": "172.22.0.0/16",
+                    "Gateway": "172.22.0.1/16"
+                }
+            ]
+        },
+        "Containers": {},
+        "Options": {}
+    }
+]
+```
+
+## Related information
+
+* [network disconnect ](network_disconnect.md)
+* [network connect](network_connect.md)
+* [network create](network_create.md)
+* [network ls](network_ls.md)
+* [network rm](network_rm.md)
+* [Understand Docker container networks](../../userguide/networking/dockernetworks.md)
diff --git a/docs/reference/commandline/network_ls.md b/docs/reference/commandline/network_ls.md
new file mode 100644
index 00000000..b12957a3
--- /dev/null
+++ b/docs/reference/commandline/network_ls.md
@@ -0,0 +1,135 @@
+<!--[metadata]>
++++
+title = "network ls"
+description = "The network ls command description and usage"
+keywords = ["network, list, user-defined"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# docker network ls
+
+    Usage:  docker network ls [OPTIONS]
+
+    Lists all the networks created by the user
+      -f, --filter=[]       Filter output based on conditions provided
+      --help                Print usage
+      --no-trunc            Do not truncate the output
+      -q, --quiet           Only display numeric IDs
+
+Lists all the networks the Engine `daemon` knows about. This includes the
+networks that span across multiple hosts in a cluster, for example:
+
+```bash
+    $ sudo docker network ls
+    NETWORK ID          NAME                DRIVER
+    7fca4eb8c647        bridge              bridge
+    9f904ee27bf5        none                null
+    cf03ee007fb4        host                host
+    78b03ee04fc4        multi-host          overlay
+```
+
+Use the `--no-trunc` option to display the full network id:
+
+```bash
+docker network ls --no-trunc
+NETWORK ID                                                         NAME                DRIVER
+18a2866682b85619a026c81b98a5e375bd33e1b0936a26cc497c283d27bae9b3   none                null                
+c288470c46f6c8949c5f7e5099b5b7947b07eabe8d9a27d79a9cbf111adcbf47   host                host                
+7b369448dccbf865d397c8d2be0cda7cf7edc6b0945f77d2529912ae917a0185   bridge              bridge              
+95e74588f40db048e86320c6526440c504650a1ff3e9f7d60a497c4d2163e5bd   foo                 bridge    
+63d1ff1f77b07ca51070a8c227e962238358bd310bde1529cf62e6c307ade161   dev                 bridge
+```
+
+## Filtering
+
+The filtering flag (`-f` or `--filter`) format is a `key=value` pair. If there
+is more than one filter, then pass multiple flags (e.g. `--filter "foo=bar" --filter "bif=baz"`).
+Multiple filter flags are combined as an `OR` filter. For example, 
+`-f type=custom -f type=builtin` returns both `custom` and `builtin` networks.
+
+The currently supported filters are:
+
+* id (network's id)
+* name (network's name)
+* type (custom|builtin)
+
+#### Type
+
+The `type` filter supports two values; `builtin` displays predefined networks
+(`bridge`, `none`, `host`), whereas `custom` displays user defined networks.
+
+The following filter matches all user defined networks:
+
+```bash
+$ docker network ls --filter type=custom
+NETWORK ID          NAME                DRIVER
+95e74588f40d        foo                 bridge
+63d1ff1f77b0        dev                 bridge
+```
+
+By having this flag it allows for batch cleanup. For example, use this filter
+to delete all user defined networks:
+
+```bash
+$ docker network rm `docker network ls --filter type=custom -q`
+```
+
+A warning will be issued when trying to remove a network that has containers
+attached.
+
+#### Name
+
+The `name` filter matches on all or part of a network's name.
+
+The following filter matches all networks with a name containing the `foobar` string.
+
+```bash
+$ docker network ls --filter name=foobar
+NETWORK ID          NAME                DRIVER
+06e7eef0a170        foobar              bridge
+```
+
+You can also filter for a substring in a name as this shows:
+
+```bash
+$ docker network ls --filter name=foo
+NETWORK ID          NAME                DRIVER
+95e74588f40d        foo                 bridge
+06e7eef0a170        foobar              bridge
+```
+
+#### ID
+
+The `id` filter matches on all or part of a network's ID.
+
+The following filter matches all networks with an ID containing the
+`63d1ff1f77b0...` string.
+
+```bash
+$ docker network ls --filter id=63d1ff1f77b07ca51070a8c227e962238358bd310bde1529cf62e6c307ade161
+NETWORK ID          NAME                DRIVER
+63d1ff1f77b0        dev                 bridge
+```
+
+You can also filter for a substring in an ID as this shows:
+
+```bash
+$ docker network ls --filter id=95e74588f40d
+NETWORK ID          NAME                DRIVER
+95e74588f40d        foo                 bridge
+
+$ docker network ls --filter id=95e
+NETWORK ID          NAME                DRIVER
+95e74588f40d        foo                 bridge
+```
+
+## Related information
+
+* [network disconnect ](network_disconnect.md)
+* [network connect](network_connect.md)
+* [network create](network_create.md)
+* [network inspect](network_inspect.md)
+* [network rm](network_rm.md)
+* [Understand Docker container networks](../../userguide/networking/dockernetworks.md)
diff --git a/docs/reference/commandline/network_rm.md b/docs/reference/commandline/network_rm.md
new file mode 100644
index 00000000..0653458f
--- /dev/null
+++ b/docs/reference/commandline/network_rm.md
@@ -0,0 +1,47 @@
+<!--[metadata]>
++++
+title = "network rm"
+description = "the network rm command description and usage"
+keywords = ["network, rm, user-defined"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# network rm
+
+    Usage:  docker network rm [OPTIONS] NETWORK [NETWORK...]
+
+    Deletes one or more networks
+
+      --help             Print usage
+
+Removes one or more networks by name or identifier. To remove a network,
+you must first disconnect any containers connected to it.
+To remove the network named 'my-network':
+
+```bash
+  $ docker network rm my-network
+```
+
+To delete multiple networks in a single `docker network rm` command, provide
+multiple network names or ids. The following example deletes a network with id
+`3695c422697f` and a network named `my-network`:
+
+```bash
+  $ docker network rm 3695c422697f my-network
+```
+
+When you specify multiple networks, the command attempts to delete each in turn.
+If the deletion of one network fails, the command continues to the next on the
+list and tries to delete that. The command reports success or failure for each
+deletion.
+
+## Related information
+
+* [network disconnect ](network_disconnect.md)
+* [network connect](network_connect.md)
+* [network create](network_create.md)
+* [network ls](network_ls.md)
+* [network inspect](network_inspect.md)
+* [Understand Docker container networks](../../userguide/networking/dockernetworks.md)
diff --git a/docs/reference/commandline/pause.md b/docs/reference/commandline/pause.md
new file mode 100644
index 00000000..36d5416f
--- /dev/null
+++ b/docs/reference/commandline/pause.md
@@ -0,0 +1,27 @@
+<!--[metadata]>
++++
+title = "pause"
+description = "The pause command description and usage"
+keywords = ["cgroups, container, suspend, SIGSTOP"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# pause
+
+    Usage: docker pause [OPTIONS] CONTAINER [CONTAINER...]
+
+    Pause all processes within a container
+
+      --help          Print usage
+
+The `docker pause` command uses the cgroups freezer to suspend all processes in
+a container. Traditionally, when suspending a process the `SIGSTOP` signal is
+used, which is observable by the process being suspended. With the cgroups freezer
+the process is unaware, and unable to capture, that it is being suspended,
+and subsequently resumed.
+
+See the
+[cgroups freezer documentation](https://www.kernel.org/doc/Documentation/cgroups/freezer-subsystem.txt)
+for further details.
diff --git a/docs/reference/commandline/port.md b/docs/reference/commandline/port.md
new file mode 100644
index 00000000..dbfae610
--- /dev/null
+++ b/docs/reference/commandline/port.md
@@ -0,0 +1,34 @@
+<!--[metadata]>
++++
+title = "port"
+description = "The port command description and usage"
+keywords = ["port, mapping, container"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# port
+
+    Usage: docker port [OPTIONS] CONTAINER [PRIVATE_PORT[/PROTO]]
+
+    List port mappings for the CONTAINER, or lookup the public-facing port that is
+	NAT-ed to the PRIVATE_PORT
+
+      --help          Print usage
+
+You can find out all the ports mapped by not specifying a `PRIVATE_PORT`, or
+just a specific mapping:
+
+    $ docker ps
+    CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS                                            NAMES
+    b650456536c7        busybox:latest      top                 54 minutes ago      Up 54 minutes       0.0.0.0:1234->9876/tcp, 0.0.0.0:4321->7890/tcp   test
+    $ docker port test
+    7890/tcp -> 0.0.0.0:4321
+    9876/tcp -> 0.0.0.0:1234
+    $ docker port test 7890/tcp
+    0.0.0.0:4321
+    $ docker port test 7890/udp
+    2014/06/24 11:53:36 Error: No public port '7890/udp' published for test
+    $ docker port test 7890
+    0.0.0.0:4321
diff --git a/docs/reference/commandline/ps.md b/docs/reference/commandline/ps.md
new file mode 100644
index 00000000..1dda728a
--- /dev/null
+++ b/docs/reference/commandline/ps.md
@@ -0,0 +1,251 @@
+<!--[metadata]>
++++
+title = "ps"
+description = "The ps command description and usage"
+keywords = ["container, running, list"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# ps
+
+    Usage: docker ps [OPTIONS]
+
+    List containers
+
+      -a, --all             Show all containers (default shows just running)
+      -f, --filter=[]       Filter output based on these conditions:
+                            - exited=<int> an exit code of <int>
+                            - label=<key> or label=<key>=<value>
+                            - status=(created|restarting|running|paused|exited)
+                            - name=<string> a container's name
+                            - id=<ID> a container's ID
+                            - before=(<container-name>|<container-id>)
+                            - since=(<container-name>|<container-id>)
+                            - ancestor=(<image-name>[:tag]|<image-id>|<image@digest>) - containers created from an image or a descendant.
+                            - volume=(<volume-name>|<mount-point>)
+      --format=[]           Pretty-print containers using a Go template
+      --help                Print usage
+      -l, --latest          Show the latest created container (includes all states)
+      -n=-1                 Show n last created containers (includes all states)
+      --no-trunc            Don't truncate output
+      -q, --quiet           Only display numeric IDs
+      -s, --size            Display total file sizes
+
+Running `docker ps --no-trunc` showing 2 linked containers.
+
+    $ docker ps
+    CONTAINER ID        IMAGE                        COMMAND                CREATED              STATUS              PORTS               NAMES
+    4c01db0b339c        ubuntu:12.04                 bash                   17 seconds ago       Up 16 seconds       3300-3310/tcp       webapp
+    d7886598dbe2        crosbymichael/redis:latest   /redis-server --dir    33 minutes ago       Up 33 minutes       6379/tcp            redis,webapp/db
+
+`docker ps` will show only running containers by default. To see all containers:
+`docker ps -a`
+
+`docker ps` will group exposed ports into a single range if possible. E.g., a container that exposes TCP ports `100, 101, 102` will display `100-102/tcp` in the `PORTS` column.
+
+## Filtering
+
+The filtering flag (`-f` or `--filter`) format is a `key=value` pair. If there is more
+than one filter, then pass multiple flags (e.g. `--filter "foo=bar" --filter "bif=baz"`)
+
+The currently supported filters are:
+
+* id (container's id)
+* label (`label=<key>` or `label=<key>=<value>`)
+* name (container's name)
+* exited (int - the code of exited containers. Only useful with `--all`)
+* status (created|restarting|running|paused|exited|dead)
+* ancestor (`<image-name>[:<tag>]`,  `<image id>` or `<image@digest>`) - filters containers that were created from the given image or a descendant.
+* before (container's id or name) - filters containers created before given id or name
+* since (container's id or name) - filters containers created since given id or name
+* isolation (default|process|hyperv)   (Windows daemon only)
+* volume (volume name or mount point) - filters containers that mount volumes.
+
+
+#### Label
+
+The `label` filter matches containers based on the presence of a `label` alone or a `label` and a
+value.
+
+The following filter matches containers with the `color` label regardless of its value.
+
+    $ docker ps --filter "label=color"
+    CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
+    673394ef1d4c        busybox             "top"               47 seconds ago      Up 45 seconds                           nostalgic_shockley
+    d85756f57265        busybox             "top"               52 seconds ago      Up 51 seconds                           high_albattani
+
+The following filter matches containers with the `color` label with the `blue` value.
+
+    $ docker ps --filter "label=color=blue"
+    CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS               NAMES
+    d85756f57265        busybox             "top"               About a minute ago   Up About a minute                       high_albattani
+
+#### Name
+
+The `name` filter matches on all or part of a container's name.
+
+The following filter matches all containers with a name containing the `nostalgic_stallman` string.
+
+    $ docker ps --filter "name=nostalgic_stallman"
+    CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
+    9b6247364a03        busybox             "top"               2 minutes ago       Up 2 minutes                            nostalgic_stallman
+
+You can also filter for a substring in a name as this shows:
+
+    $ docker ps --filter "name=nostalgic"
+    CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
+    715ebfcee040        busybox             "top"               3 seconds ago       Up 1 seconds                            i_am_nostalgic
+    9b6247364a03        busybox             "top"               7 minutes ago       Up 7 minutes                            nostalgic_stallman
+    673394ef1d4c        busybox             "top"               38 minutes ago      Up 38 minutes                           nostalgic_shockley
+
+#### Exited
+
+The `exited` filter matches containers by exist status code. For example, to filter for containers
+that have exited successfully:
+
+    $ docker ps -a --filter 'exited=0'
+    CONTAINER ID        IMAGE             COMMAND                CREATED             STATUS                   PORTS                      NAMES
+    ea09c3c82f6e        registry:latest   /srv/run.sh            2 weeks ago         Exited (0) 2 weeks ago   127.0.0.1:5000->5000/tcp   desperate_leakey
+    106ea823fe4e        fedora:latest     /bin/sh -c 'bash -l'   2 weeks ago         Exited (0) 2 weeks ago                              determined_albattani
+    48ee228c9464        fedora:20         bash                   2 weeks ago         Exited (0) 2 weeks ago                              tender_torvalds
+
+#### Status
+
+The `status` filter matches containers by status. You can filter using `created`, `restarting`, `running`, `paused`, `exited` and `dead`. For example, to filter for `running` containers:
+
+    $ docker ps --filter status=running
+    CONTAINER ID        IMAGE                  COMMAND             CREATED             STATUS              PORTS               NAMES
+    715ebfcee040        busybox                "top"               16 minutes ago      Up 16 minutes                           i_am_nostalgic
+    d5c976d3c462        busybox                "top"               23 minutes ago      Up 23 minutes                           top
+    9b6247364a03        busybox                "top"               24 minutes ago      Up 24 minutes                           nostalgic_stallman
+
+To filter for `paused` containers:
+
+    $ docker ps --filter status=paused
+    CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                      PORTS               NAMES
+    673394ef1d4c        busybox             "top"               About an hour ago   Up About an hour (Paused)                       nostalgic_shockley
+
+#### Ancestor
+
+The `ancestor` filter matches containers based on its image or a descendant of it. The filter supports the
+following image representation:
+
+- image
+- image:tag
+- image:tag@digest
+- short-id
+- full-id
+
+If you don't specify a `tag`, the `latest` tag is used. For example, to filter for containers that use the
+latest `ubuntu` image:
+
+    $ docker ps --filter ancestor=ubuntu
+    CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS               NAMES
+    919e1179bdb8        ubuntu-c1           "top"               About a minute ago   Up About a minute                       admiring_lovelace
+    5d1e4a540723        ubuntu-c2           "top"               About a minute ago   Up About a minute                       admiring_sammet
+    82a598284012        ubuntu              "top"               3 minutes ago        Up 3 minutes                            sleepy_bose
+    bab2a34ba363        ubuntu              "top"               3 minutes ago        Up 3 minutes                            focused_yonath
+
+Match containers based on the `ubuntu-c1` image which, in this case, is a child of `ubuntu`:
+
+    $ docker ps --filter ancestor=ubuntu-c1
+    CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS               NAMES
+    919e1179bdb8        ubuntu-c1           "top"               About a minute ago   Up About a minute                       admiring_lovelace
+
+Match containers based on the `ubuntu` version `12.04.5` image:
+
+    $ docker ps --filter ancestor=ubuntu:12.04.5
+    CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS               NAMES
+    82a598284012        ubuntu:12.04.5      "top"               3 minutes ago        Up 3 minutes                            sleepy_bose
+
+The following matches containers based on the layer `d0e008c6cf02` or an image that have this layer
+in it's layer stack.
+
+    $ docker ps --filter ancestor=d0e008c6cf02
+    CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS               NAMES
+    82a598284012        ubuntu:12.04.5      "top"               3 minutes ago        Up 3 minutes                            sleepy_bose
+
+#### Before
+
+The `before` filter shows only containers created before the container with given id or name. For example, 
+having these containers created:
+
+    $ docker ps
+    CONTAINER ID        IMAGE       COMMAND       CREATED              STATUS              PORTS              NAMES
+    9c3527ed70ce        busybox     "top"         14 seconds ago       Up 15 seconds                          desperate_dubinsky
+    4aace5031105        busybox     "top"         48 seconds ago       Up 49 seconds                          focused_hamilton
+    6e63f6ff38b0        busybox     "top"         About a minute ago   Up About a minute                      distracted_fermat
+
+Filtering with `before` would give:
+
+    $ docker ps -f before=9c3527ed70ce
+    CONTAINER ID        IMAGE       COMMAND       CREATED              STATUS              PORTS              NAMES
+    4aace5031105        busybox     "top"         About a minute ago   Up About a minute                      focused_hamilton
+    6e63f6ff38b0        busybox     "top"         About a minute ago   Up About a minute                      distracted_fermat
+
+#### Since
+
+The `since` filter shows only containers created since the container with given id or name. For example,
+with the same containers as in `before` filter:
+
+    $ docker ps -f since=6e63f6ff38b0
+    CONTAINER ID        IMAGE       COMMAND       CREATED             STATUS              PORTS               NAMES
+    9c3527ed70ce        busybox     "top"         10 minutes ago      Up 10 minutes                           desperate_dubinsky
+    4aace5031105        busybox     "top"         10 minutes ago      Up 10 minutes                           focused_hamilton
+
+#### Volume
+
+The `volume` filter shows only containers that mount a specific volume or have a volume mounted in a specific path:
+
+    $ docker ps --filter volume=remote-volume --format "table {{.ID}}\t{{.Mounts}}"
+    CONTAINER ID        MOUNTS
+    9c3527ed70ce        remote-volume
+
+    $ docker ps --filter volume=/data --format "table {{.ID}}\t{{.Mounts}}"
+    CONTAINER ID        MOUNTS
+    9c3527ed70ce        remote-volume
+
+
+## Formatting
+
+The formatting option (`--format`) will pretty-print container output using a Go template.
+
+Valid placeholders for the Go template are listed below:
+
+Placeholder | Description
+---- | ----
+`.ID` | Container ID
+`.Image` | Image ID
+`.Command` | Quoted command
+`.CreatedAt` | Time when the container was created.
+`.RunningFor` | Elapsed time since the container was started.
+`.Ports` | Exposed ports.
+`.Status` | Container status.
+`.Size` | Container disk size.
+`.Names` | Container names.
+`.Labels` | All labels assigned to the container.
+`.Label` | Value of a specific label for this container. For example `{{.Label "com.docker.swarm.cpu"}}`
+`.Mounts` | Names of the volumes mounted in this container.
+
+When using the `--format` option, the `ps` command will either output the data exactly as the template
+declares or, when using the `table` directive, will include column headers as well.
+
+The following example uses a template without headers and outputs the `ID` and `Command`
+entries separated by a colon for all running containers:
+
+    $ docker ps --format "{{.ID}}: {{.Command}}"
+    a87ecb4f327c: /bin/sh -c #(nop) MA
+    01946d9d34d8: /bin/sh -c #(nop) MA
+    c1d3b0166030: /bin/sh -c yum -y up
+    41d50ecd2f57: /bin/sh -c #(nop) MA
+
+To list all running containers with their labels in a table format you can use:
+
+    $ docker ps --format "table {{.ID}}\t{{.Labels}}"
+    CONTAINER ID        LABELS
+    a87ecb4f327c        com.docker.swarm.node=ubuntu,com.docker.swarm.storage=ssd
+    01946d9d34d8
+    c1d3b0166030        com.docker.swarm.node=debian,com.docker.swarm.cpu=6
+    41d50ecd2f57        com.docker.swarm.node=fedora,com.docker.swarm.cpu=3,com.docker.swarm.storage=ssd
diff --git a/docs/reference/commandline/pull.md b/docs/reference/commandline/pull.md
new file mode 100644
index 00000000..01ec88e8
--- /dev/null
+++ b/docs/reference/commandline/pull.md
@@ -0,0 +1,228 @@
+<!--[metadata]>
++++
+title = "pull"
+description = "The pull command description and usage"
+keywords = ["pull, image, hub, docker"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# pull
+
+    Usage: docker pull [OPTIONS] NAME[:TAG] | [REGISTRY_HOST[:REGISTRY_PORT]/]NAME[:TAG]
+
+    Pull an image or a repository from the registry
+
+      -a, --all-tags                Download all tagged images in the repository
+      --disable-content-trust=true  Skip image verification
+      --help                        Print usage
+
+Most of your images will be created on top of a base image from the
+[Docker Hub](https://hub.docker.com) registry.
+
+[Docker Hub](https://hub.docker.com) contains many pre-built images that you
+can `pull` and try without needing to define and configure your own.
+
+To download a particular image, or set of images (i.e., a repository),
+use `docker pull`.
+
+## Examples
+
+### Pull an image from Docker Hub
+
+To download a particular image, or set of images (i.e., a repository), use
+`docker pull`. If no tag is provided, Docker Engine uses the `:latest` tag as a
+default. This command pulls the `debian:latest` image:
+
+```bash
+$ docker pull debian
+
+Using default tag: latest
+latest: Pulling from library/debian
+fdd5d7827f33: Pull complete
+a3ed95caeb02: Pull complete
+Digest: sha256:e7d38b3517548a1c71e41bffe9c8ae6d6d29546ce46bf62159837aad072c90aa
+Status: Downloaded newer image for debian:latest
+```
+
+Docker images can consist of multiple layers. In the example above, the image
+consists of two layers; `fdd5d7827f33` and `a3ed95caeb02`.
+
+Layers can be reused by images. For example, the `debian:jessie` image shares
+both layers with `debian:latest`. Pulling the `debian:jessie` image therefore
+only pulls its metadata, but not its layers, because all layers are already
+present locally:
+
+```bash
+$ docker pull debian:jessie
+
+jessie: Pulling from library/debian
+fdd5d7827f33: Already exists
+a3ed95caeb02: Already exists
+Digest: sha256:a9c958be96d7d40df920e7041608f2f017af81800ca5ad23e327bc402626b58e
+Status: Downloaded newer image for debian:jessie
+```
+
+To see which images are present locally, use the [`docker images`](images.md)
+command:
+
+```bash
+$ docker images
+
+REPOSITORY   TAG      IMAGE ID        CREATED      SIZE
+debian       jessie   f50f9524513f    5 days ago   125.1 MB
+debian       latest   f50f9524513f    5 days ago   125.1 MB
+```
+
+Docker uses a content-addressable image store, and the image ID is a SHA256
+digest covering the image's configuration and layers. In the example above,
+`debian:jessie` and `debian:latest` have the same image ID because they are
+actually the *same* image tagged with different names. Because they are the
+same image, their layers are stored only once and do not consume extra disk
+space.
+
+For more information about images, layers, and the content-addressable store,
+refer to [understand images, containers, and storage drivers](../../userguide/storagedriver/imagesandcontainers.md).
+
+
+## Pull an image by digest (immutable identifier)
+
+So far, you've pulled images by their name (and "tag"). Using names and tags is
+a convenient way to work with images. When using tags, you can `docker pull` an
+image again to make sure you have the most up-to-date version of that image.
+For example, `docker pull ubuntu:14.04` pulls the latest version of the Ubuntu
+14.04 image.
+
+In some cases you don't want images to be updated to newer versions, but prefer
+to use a fixed version of an image. Docker enables you to pull an image by its
+*digest*. When pulling an image by digest, you specify *exactly* which version
+of an image to pull. Doing so, allows you to "pin" an image to that version,
+and guarantee that the image you're using is always the same.
+
+To know the digest of an image, pull the image first. Let's pull the latest
+`ubuntu:14.04` image from Docker Hub:
+
+```bash
+$ docker pull ubuntu:14.04
+
+14.04: Pulling from library/ubuntu
+5a132a7e7af1: Pull complete
+fd2731e4c50c: Pull complete
+28a2f68d1120: Pull complete
+a3ed95caeb02: Pull complete
+Digest: sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2
+Status: Downloaded newer image for ubuntu:14.04
+```
+
+Docker prints the digest of the image after the pull has finished. In the example
+above, the digest of the image is:
+
+    sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2
+
+Docker also prints the digest of an image when *pushing* to a registry. This
+may be useful if you want to pin to a version of the image you just pushed.
+
+A digest takes the place of the tag when pulling an image, for example, to 
+pull the above image by digest, run the following command:
+
+```bash
+$ docker pull ubuntu@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2
+
+sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2: Pulling from library/ubuntu
+5a132a7e7af1: Already exists
+fd2731e4c50c: Already exists
+28a2f68d1120: Already exists
+a3ed95caeb02: Already exists
+Digest: sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2
+Status: Downloaded newer image for ubuntu@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2
+```
+
+Digest can also be used in the `FROM` of a Dockerfile, for example:
+
+```Dockerfile
+FROM ubuntu@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2
+MAINTAINER some maintainer <maintainer@example.com>
+```
+
+> **Note**: Using this feature "pins" an image to a specific version in time.
+> Docker will therefore not pull updated versions of an image, which may include 
+> security updates. If you want to pull an updated image, you need to change the
+> digest accordingly.
+
+
+## Pulling from a different registry
+
+By default, `docker pull` pulls images from Docker Hub. It is also possible to
+manually specify the path of a registry to pull from. For example, if you have
+set up a local registry, you can specify its path to pull from it. A registry
+path is similar to a URL, but does not contain a protocol specifier (`https://`).
+
+The following command pulls the `testing/test-image` image from a local registry
+listening on port 5000 (`myregistry.local:5000`):
+
+```bash
+$ docker pull myregistry.local:5000/testing/test-image
+```
+
+Registry credentials are managed by [docker login](login.md).
+
+Docker uses the `https://` protocol to communicate with a registry, unless the
+registry is allowed to be accessed over an insecure connection. Refer to the
+[insecure registries](daemon.md#insecure-registries) section for more information.
+
+
+## Pull a repository with multiple images
+
+By default, `docker pull` pulls a *single* image from the registry. A repository
+can contain multiple images. To pull all images from a repository, provide the
+`-a` (or `--all-tags`) option when using `docker pull`.
+
+This command pulls all images from the `fedora` repository:
+
+```bash
+$ docker pull --all-tags fedora
+
+Pulling repository fedora
+ad57ef8d78d7: Download complete
+105182bb5e8b: Download complete
+511136ea3c5a: Download complete
+73bd853d2ea5: Download complete
+....
+
+Status: Downloaded newer image for fedora
+```
+
+After the pull has completed use the `docker images` command to see the
+images that were pulled. The example below shows all the `fedora` images
+that are present locally:
+
+```bash
+$ docker images fedora
+
+REPOSITORY   TAG         IMAGE ID        CREATED      SIZE
+fedora       rawhide     ad57ef8d78d7    5 days ago   359.3 MB
+fedora       20          105182bb5e8b    5 days ago   372.7 MB
+fedora       heisenbug   105182bb5e8b    5 days ago   372.7 MB
+fedora       latest      105182bb5e8b    5 days ago   372.7 MB
+```
+
+## Canceling a pull
+
+Killing the `docker pull` process, for example by pressing `CTRL-c` while it is
+running in a terminal, will terminate the pull operation.
+
+```bash
+$ docker pull fedora
+
+Using default tag: latest
+latest: Pulling from library/fedora
+a3ed95caeb02: Pulling fs layer
+236608c7b546: Pulling fs layer
+^C
+```
+
+> **Note**: Technically, the Engine terminates a pull operation when the
+> connection between the Docker Engine daemon and the Docker Engine client
+> initiating the pull is lost. If the connection with the Engine daemon is
+> lost for other reasons than a manual interaction, the pull is also aborted.
diff --git a/docs/reference/commandline/push.md b/docs/reference/commandline/push.md
new file mode 100644
index 00000000..81091b14
--- /dev/null
+++ b/docs/reference/commandline/push.md
@@ -0,0 +1,26 @@
+<!--[metadata]>
++++
+title = "push"
+description = "The push command description and usage"
+keywords = ["share, push, image"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# push
+
+    Usage: docker push [OPTIONS] NAME[:TAG]
+
+    Push an image or a repository to the registry
+
+      --disable-content-trust=true   Skip image signing
+      --help                         Print usage
+
+Use `docker push` to share your images to the [Docker Hub](https://hub.docker.com)
+registry or to a self-hosted one.
+
+Killing the `docker push` process, for example by pressing `CTRL-c` while it is
+running in a terminal, will terminate the push operation.
+
+Registry credentials are managed by [docker login](login.md).
diff --git a/docs/reference/commandline/rename.md b/docs/reference/commandline/rename.md
new file mode 100644
index 00000000..3e2b3703
--- /dev/null
+++ b/docs/reference/commandline/rename.md
@@ -0,0 +1,19 @@
+<!--[metadata]>
++++
+title = "rename"
+description = "The rename command description and usage"
+keywords = ["rename, docker, container"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# rename
+
+    Usage: docker rename [OPTIONS] OLD_NAME NEW_NAME
+
+    Rename a container
+
+      --help          Print usage
+
+The `docker rename` command allows the container to be renamed to a different name.
diff --git a/docs/reference/commandline/restart.md b/docs/reference/commandline/restart.md
new file mode 100644
index 00000000..5e6633c8
--- /dev/null
+++ b/docs/reference/commandline/restart.md
@@ -0,0 +1,18 @@
+<!--[metadata]>
++++
+title = "restart"
+description = "The restart command description and usage"
+keywords = ["restart, container, Docker"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# restart
+
+    Usage: docker restart [OPTIONS] CONTAINER [CONTAINER...]
+
+    Restart a container
+
+      --help             Print usage
+      -t, --time=10      Seconds to wait for stop before killing the container
diff --git a/docs/reference/commandline/rm.md b/docs/reference/commandline/rm.md
new file mode 100644
index 00000000..bf615b55
--- /dev/null
+++ b/docs/reference/commandline/rm.md
@@ -0,0 +1,61 @@
+<!--[metadata]>
++++
+title = "rm"
+description = "The rm command description and usage"
+keywords = ["remove, Docker, container"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# rm
+
+    Usage: docker rm [OPTIONS] CONTAINER [CONTAINER...]
+
+    Remove one or more containers
+
+      -f, --force            Force the removal of a running container (uses SIGKILL)
+      --help                 Print usage
+      -l, --link             Remove the specified link
+      -v, --volumes          Remove the volumes associated with the container
+
+## Examples
+
+    $ docker rm /redis
+    /redis
+
+This will remove the container referenced under the link
+`/redis`.
+
+    $ docker rm --link /webapp/redis
+    /webapp/redis
+
+This will remove the underlying link between `/webapp` and the `/redis`
+containers removing all network communication.
+
+    $ docker rm --force redis
+    redis
+
+The main process inside the container referenced under the link `/redis` will receive
+`SIGKILL`, then the container will be removed.
+
+    $ docker rm $(docker ps -a -q)
+
+This command will delete all stopped containers. The command
+`docker ps -a -q` will return all existing container IDs and pass them to
+the `rm` command which will delete them. Any running containers will not be
+deleted.
+
+    $ docker rm -v redis
+    redis
+
+This command will remove the container and any volumes associated with it.
+Note that if a volume was specified with a name, it will not be removed.
+
+    $ docker create -v awesome:/foo -v /bar --name hello redis
+    hello
+    $ docker rm -v hello
+
+In this example, the volume for `/foo` will remain intact, but the volume for
+`/bar` will be removed. The same behavior holds for volumes inherited with
+`--volumes-from`.
diff --git a/docs/reference/commandline/rmi.md b/docs/reference/commandline/rmi.md
new file mode 100644
index 00000000..f02734e8
--- /dev/null
+++ b/docs/reference/commandline/rmi.md
@@ -0,0 +1,75 @@
+<!--[metadata]>
++++
+title = "rmi"
+description = "The rmi command description and usage"
+keywords = ["remove, image, Docker"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# rmi
+
+    Usage: docker rmi [OPTIONS] IMAGE [IMAGE...]
+
+    Remove one or more images
+
+      -f, --force          Force removal of the image
+      --help               Print usage
+      --no-prune           Do not delete untagged parents
+
+You can remove an image using its short or long ID, its tag, or its digest. If
+an image has one or more tag referencing it, you must remove all of them before
+the image is removed. Digest references are removed automatically when an image
+is removed by tag.
+
+    $ docker images
+    REPOSITORY                TAG                 IMAGE ID            CREATED             SIZE
+    test1                     latest              fd484f19954f        23 seconds ago      7 B (virtual 4.964 MB)
+    test                      latest              fd484f19954f        23 seconds ago      7 B (virtual 4.964 MB)
+    test2                     latest              fd484f19954f        23 seconds ago      7 B (virtual 4.964 MB)
+
+    $ docker rmi fd484f19954f
+    Error: Conflict, cannot delete image fd484f19954f because it is tagged in multiple repositories, use -f to force
+    2013/12/11 05:47:16 Error: failed to remove one or more images
+
+    $ docker rmi test1
+    Untagged: test1:latest
+    $ docker rmi test2
+    Untagged: test2:latest
+
+    $ docker images
+    REPOSITORY                TAG                 IMAGE ID            CREATED             SIZE
+    test                      latest              fd484f19954f        23 seconds ago      7 B (virtual 4.964 MB)
+    $ docker rmi test
+    Untagged: test:latest
+    Deleted: fd484f19954f4920da7ff372b5067f5b7ddb2fd3830cecd17b96ea9e286ba5b8
+
+If you use the `-f` flag and specify the image's short or long ID, then this
+command untags and removes all images that match the specified ID.
+
+    $ docker images
+    REPOSITORY                TAG                 IMAGE ID            CREATED             SIZE
+    test1                     latest              fd484f19954f        23 seconds ago      7 B (virtual 4.964 MB)
+    test                      latest              fd484f19954f        23 seconds ago      7 B (virtual 4.964 MB)
+    test2                     latest              fd484f19954f        23 seconds ago      7 B (virtual 4.964 MB)
+
+    $ docker rmi -f fd484f19954f
+    Untagged: test1:latest
+    Untagged: test:latest
+    Untagged: test2:latest
+    Deleted: fd484f19954f4920da7ff372b5067f5b7ddb2fd3830cecd17b96ea9e286ba5b8
+
+An image pulled by digest has no tag associated with it:
+
+    $ docker images --digests
+    REPOSITORY                     TAG       DIGEST                                                                    IMAGE ID        CREATED         SIZE
+    localhost:5000/test/busybox    <none>    sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf   4986bf8c1536    9 weeks ago     2.43 MB
+
+To remove an image using its digest:
+
+    $ docker rmi localhost:5000/test/busybox@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
+    Untagged: localhost:5000/test/busybox@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
+    Deleted: 4986bf8c15363d1c5d15512d5266f8777bfba4974ac56e3270e7760f6f0a8125
+    Deleted: ea13149945cb6b1e746bf28032f02e9b5a793523481a0a18645fc77ad53c4ea2
+    Deleted: df7546f9f060a2268024c8a230d8639878585defcc1bc6f79d2728a13957871b
diff --git a/docs/reference/commandline/run.md b/docs/reference/commandline/run.md
new file mode 100644
index 00000000..97553a67
--- /dev/null
+++ b/docs/reference/commandline/run.md
@@ -0,0 +1,614 @@
+<!--[metadata]>
++++
+title = "run"
+description = "The run command description and usage"
+keywords = ["run, command, container"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# run
+
+    Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
+
+    Run a command in a new container
+
+      -a, --attach=[]               Attach to STDIN, STDOUT or STDERR
+      --add-host=[]                 Add a custom host-to-IP mapping (host:ip)
+      --blkio-weight=0              Block IO weight (relative weight)
+      --blkio-weight-device=[]      Block IO weight (relative device weight, format: `DEVICE_NAME:WEIGHT`)
+      --cpu-shares=0                CPU shares (relative weight)
+      --cap-add=[]                  Add Linux capabilities
+      --cap-drop=[]                 Drop Linux capabilities
+      --cgroup-parent=""            Optional parent cgroup for the container
+      --cidfile=""                  Write the container ID to the file
+      --cpu-period=0                Limit CPU CFS (Completely Fair Scheduler) period
+      --cpu-quota=0                 Limit CPU CFS (Completely Fair Scheduler) quota
+      --cpuset-cpus=""              CPUs in which to allow execution (0-3, 0,1)
+      --cpuset-mems=""              Memory nodes (MEMs) in which to allow execution (0-3, 0,1)
+      -d, --detach                  Run container in background and print container ID
+      --detach-keys                 Specify the escape key sequence used to detach a container
+      --device=[]                   Add a host device to the container
+      --device-read-bps=[]          Limit read rate (bytes per second) from a device (e.g., --device-read-bps=/dev/sda:1mb)
+      --device-read-iops=[]         Limit read rate (IO per second) from a device (e.g., --device-read-iops=/dev/sda:1000)
+      --device-write-bps=[]         Limit write rate (bytes per second) to a device (e.g., --device-write-bps=/dev/sda:1mb)
+      --device-write-iops=[]        Limit write rate (IO per second) to a device (e.g., --device-write-bps=/dev/sda:1000)
+      --disable-content-trust=true  Skip image verification
+      --dns=[]                      Set custom DNS servers
+      --dns-opt=[]                  Set custom DNS options
+      --dns-search=[]               Set custom DNS search domains
+      -e, --env=[]                  Set environment variables
+      --entrypoint=""               Overwrite the default ENTRYPOINT of the image
+      --env-file=[]                 Read in a file of environment variables
+      --expose=[]                   Expose a port or a range of ports
+      --group-add=[]                Add additional groups to run as
+      -h, --hostname=""             Container host name
+      --help                        Print usage
+      -i, --interactive             Keep STDIN open even if not attached
+      --ip=""                       Container IPv4 address (e.g. 172.30.100.104)
+      --ip6=""                      Container IPv6 address (e.g. 2001:db8::33)
+      --ipc=""                      IPC namespace to use
+      --isolation=""                Container isolation technology
+      --kernel-memory=""            Kernel memory limit
+      -l, --label=[]                Set metadata on the container (e.g., --label=com.example.key=value)
+      --label-file=[]               Read in a file of labels (EOL delimited)
+      --link=[]                     Add link to another container
+      --log-driver=""               Logging driver for container
+      --log-opt=[]                  Log driver specific options
+      -m, --memory=""               Memory limit
+      --mac-address=""              Container MAC address (e.g. 92:d0:c6:0a:29:33)
+      --memory-reservation=""       Memory soft limit
+      --memory-swap=""              A positive integer equal to memory plus swap. Specify -1 to enable unlimited swap.
+      --memory-swappiness=""        Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100.
+      --name=""                     Assign a name to the container
+      --net="bridge"                Connect a container to a network
+                                    'bridge': create a network stack on the default Docker bridge
+                                    'none': no networking
+                                    'container:<name|id>': reuse another container's network stack
+                                    'host': use the Docker host network stack
+                                    '<network-name>|<network-id>': connect to a user-defined network
+      --net-alias=[]                Add network-scoped alias for the container
+      --oom-kill-disable            Whether to disable OOM Killer for the container or not
+      --oom-score-adj=0             Tune the host's OOM preferences for containers (accepts -1000 to 1000)
+      -P, --publish-all             Publish all exposed ports to random ports
+      -p, --publish=[]              Publish a container's port(s) to the host
+      --pid=""                      PID namespace to use
+      --pids-limit=-1                Tune container pids limit (set -1 for unlimited), kernel >= 4.3
+      --privileged                  Give extended privileges to this container
+      --read-only                   Mount the container's root filesystem as read only
+      --restart="no"                Restart policy (no, on-failure[:max-retry], always, unless-stopped)
+      --rm                          Automatically remove the container when it exits
+      --shm-size=[]                 Size of `/dev/shm`. The format is `<number><unit>`. `number` must be greater than `0`.  Unit is optional and can be `b` (bytes), `k` (kilobytes), `m` (megabytes), or `g` (gigabytes). If you omit the unit, the system uses bytes. If you omit the size entirely, the system uses `64m`.
+      --security-opt=[]             Security Options
+      --sig-proxy=true              Proxy received signals to the process
+      --stop-signal="SIGTERM"       Signal to stop a container
+      -t, --tty                     Allocate a pseudo-TTY
+      -u, --user=""                 Username or UID (format: <name|uid>[:<group|gid>])
+      --userns=""                   Container user namespace
+                                    'host': Use the Docker host user namespace
+                                    '': Use the Docker daemon user namespace specified by `--userns-remap` option.
+      --ulimit=[]                   Ulimit options
+      --uts=""                      UTS namespace to use
+      -v, --volume=[host-src:]container-dest[:<options>]
+                                    Bind mount a volume. The comma-delimited
+                                    `options` are [rw|ro], [z|Z],
+                                    [[r]shared|[r]slave|[r]private], and
+                                    [nocopy]. The 'host-src' is an absolute path
+                                    or a name value.
+      --volume-driver=""            Container's volume driver
+      --volumes-from=[]             Mount volumes from the specified container(s)
+      -w, --workdir=""              Working directory inside the container
+
+The `docker run` command first `creates` a writeable container layer over the
+specified image, and then `starts` it using the specified command. That is,
+`docker run` is equivalent to the API `/containers/create` then
+`/containers/(id)/start`. A stopped container can be restarted with all its
+previous changes intact using `docker start`. See `docker ps -a` to view a list
+of all containers.
+
+The `docker run` command can be used in combination with `docker commit` to
+[*change the command that a container runs*](commit.md). There is additional detailed information about `docker run` in the [Docker run reference](../run.md).
+
+For information on connecting a container to a network, see the ["*Docker network overview*"](../../userguide/networking/index.md).
+
+## Examples
+
+### Assign name and allocate pseudo-TTY (--name, -it)
+
+    $ docker run --name test -it debian
+    root@d6c0fe130dba:/# exit 13
+    $ echo $?
+    13
+    $ docker ps -a | grep test
+    d6c0fe130dba        debian:7            "/bin/bash"         26 seconds ago      Exited (13) 17 seconds ago                         test
+
+This example runs a container named `test` using the `debian:latest`
+image. The `-it` instructs Docker to allocate a pseudo-TTY connected to
+the container's stdin; creating an interactive `bash` shell in the container.
+In the example, the `bash` shell is quit by entering
+`exit 13`. This exit code is passed on to the caller of
+`docker run`, and is recorded in the `test` container's metadata.
+
+### Capture container ID (--cidfile)
+
+    $ docker run --cidfile /tmp/docker_test.cid ubuntu echo "test"
+
+This will create a container and print `test` to the console. The `cidfile`
+flag makes Docker attempt to create a new file and write the container ID to it.
+If the file exists already, Docker will return an error. Docker will close this
+file when `docker run` exits.
+
+### Full container capabilities (--privileged)
+
+    $ docker run -t -i --rm ubuntu bash
+    root@bc338942ef20:/# mount -t tmpfs none /mnt
+    mount: permission denied
+
+This will *not* work, because by default, most potentially dangerous kernel
+capabilities are dropped; including `cap_sys_admin` (which is required to mount
+filesystems). However, the `--privileged` flag will allow it to run:
+
+    $ docker run -t -i --privileged ubuntu bash
+    root@50e3f57e16e6:/# mount -t tmpfs none /mnt
+    root@50e3f57e16e6:/# df -h
+    Filesystem      Size  Used Avail Use% Mounted on
+    none            1.9G     0  1.9G   0% /mnt
+
+The `--privileged` flag gives *all* capabilities to the container, and it also
+lifts all the limitations enforced by the `device` cgroup controller. In other
+words, the container can then do almost everything that the host can do. This
+flag exists to allow special use-cases, like running Docker within Docker.
+
+### Set working directory (-w)
+
+    $ docker  run -w /path/to/dir/ -i -t  ubuntu pwd
+
+The `-w` lets the command being executed inside directory given, here
+`/path/to/dir/`. If the path does not exists it is created inside the container.
+
+### Mount tmpfs (--tmpfs)
+
+    $ docker run -d --tmpfs /run:rw,noexec,nosuid,size=65536k my_image
+
+The `--tmpfs` flag mounts an empty tmpfs into the container with the `rw`,
+`noexec`, `nosuid`, `size=65536k` options.
+
+### Mount volume (-v, --read-only)
+
+    $ docker  run  -v `pwd`:`pwd` -w `pwd` -i -t  ubuntu pwd
+
+The `-v` flag mounts the current working directory into the container. The `-w`
+lets the command being executed inside the current working directory, by
+changing into the directory to the value returned by `pwd`. So this
+combination executes the command using the container, but inside the
+current working directory.
+
+    $ docker run -v /doesnt/exist:/foo -w /foo -i -t ubuntu bash
+
+When the host directory of a bind-mounted volume doesn't exist, Docker
+will automatically create this directory on the host for you. In the
+example above, Docker will create the `/doesnt/exist`
+folder before starting your container.
+
+    $ docker run --read-only -v /icanwrite busybox touch /icanwrite here
+
+Volumes can be used in combination with `--read-only` to control where
+a container writes files. The `--read-only` flag mounts the container's root
+filesystem as read only prohibiting writes to locations other than the
+specified volumes for the container.
+
+    $ docker run -t -i -v /var/run/docker.sock:/var/run/docker.sock -v /path/to/static-docker-binary:/usr/bin/docker busybox sh
+
+By bind-mounting the docker unix socket and statically linked docker
+binary (refer to [get the linux binary](
+../../installation/binaries.md#get-the-linux-binary)),
+you give the container the full access to create and manipulate the host's
+Docker daemon.
+
+### Publish or expose port (-p, --expose)
+
+    $ docker run -p 127.0.0.1:80:8080 ubuntu bash
+
+This binds port `8080` of the container to port `80` on `127.0.0.1` of the host
+machine. The [Docker User
+Guide](../../userguide/networking/default_network/dockerlinks.md)
+explains in detail how to manipulate ports in Docker.
+
+    $ docker run --expose 80 ubuntu bash
+
+This exposes port `80` of the container without publishing the port to the host
+system's interfaces.
+
+### Set environment variables (-e, --env, --env-file)
+
+    $ docker run -e MYVAR1 --env MYVAR2=foo --env-file ./env.list ubuntu bash
+
+This sets simple (non-array) environmental variables in the container. For
+illustration all three
+flags are shown here. Where `-e`, `--env` take an environment variable and
+value, or if no `=` is provided, then that variable's current value is passed
+through (i.e. `$MYVAR1` from the host is set to `$MYVAR1` in the container).
+When no `=` is provided and that variable is not defined in the client's
+environment then that variable will be removed from the container's list of
+environment variables.
+All three flags, `-e`, `--env` and `--env-file` can be repeated.
+
+Regardless of the order of these three flags, the `--env-file` are processed
+first, and then `-e`, `--env` flags. This way, the `-e` or `--env` will
+override variables as needed.
+
+    $ cat ./env.list
+    TEST_FOO=BAR
+    $ docker run --env TEST_FOO="This is a test" --env-file ./env.list busybox env | grep TEST_FOO
+    TEST_FOO=This is a test
+
+The `--env-file` flag takes a filename as an argument and expects each line
+to be in the `VAR=VAL` format, mimicking the argument passed to `--env`. Comment
+lines need only be prefixed with `#`
+
+An example of a file passed with `--env-file`
+
+    $ cat ./env.list
+    TEST_FOO=BAR
+
+    # this is a comment
+    TEST_APP_DEST_HOST=10.10.0.127
+    TEST_APP_DEST_PORT=8888
+    _TEST_BAR=FOO
+    TEST_APP_42=magic
+    helloWorld=true
+    123qwe=bar
+    org.spring.config=something
+
+    # pass through this variable from the caller
+    TEST_PASSTHROUGH
+    $ TEST_PASSTHROUGH=howdy docker run --env-file ./env.list busybox env
+    PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+    HOSTNAME=5198e0745561
+    TEST_FOO=BAR
+    TEST_APP_DEST_HOST=10.10.0.127
+    TEST_APP_DEST_PORT=8888
+    _TEST_BAR=FOO
+    TEST_APP_42=magic
+    helloWorld=true
+    TEST_PASSTHROUGH=howdy
+    HOME=/root
+    123qwe=bar
+    org.spring.config=something
+
+    $ docker run --env-file ./env.list busybox env
+    PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+    HOSTNAME=5198e0745561
+    TEST_FOO=BAR
+    TEST_APP_DEST_HOST=10.10.0.127
+    TEST_APP_DEST_PORT=8888
+    _TEST_BAR=FOO
+    TEST_APP_42=magic
+    helloWorld=true
+    TEST_PASSTHROUGH=
+    HOME=/root
+    123qwe=bar
+    org.spring.config=something
+
+### Set metadata on container (-l, --label, --label-file)
+
+A label is a `key=value` pair that applies metadata to a container. To label a container with two labels:
+
+    $ docker run -l my-label --label com.example.foo=bar ubuntu bash
+
+The `my-label` key doesn't specify a value so the label defaults to an empty
+string(`""`). To add multiple labels, repeat the label flag (`-l` or `--label`).
+
+The `key=value` must be unique to avoid overwriting the label value. If you
+specify labels with identical keys but different values, each subsequent value
+overwrites the previous. Docker uses the last `key=value` you supply.
+
+Use the `--label-file` flag to load multiple labels from a file. Delimit each
+label in the file with an EOL mark. The example below loads labels from a
+labels file in the current directory:
+
+    $ docker run --label-file ./labels ubuntu bash
+
+The label-file format is similar to the format for loading environment
+variables. (Unlike environment variables, labels are not visible to processes
+running inside a container.) The following example illustrates a label-file
+format:
+
+    com.example.label1="a label"
+
+    # this is a comment
+    com.example.label2=another\ label
+    com.example.label3
+
+You can load multiple label-files by supplying multiple  `--label-file` flags.
+
+For additional information on working with labels, see [*Labels - custom
+metadata in Docker*](../../userguide/labels-custom-metadata.md) in the Docker User
+Guide.
+
+### Connect a container to a network (--net)
+
+When you start a container use the `--net` flag to connect it to a network.
+This adds the `busybox` container to the `my-net` network.
+
+```bash
+$ docker run -itd --net=my-net busybox
+```
+
+You can also choose the IP addresses for the container with `--ip` and `--ip6`
+flags when you start the container on a user-defined network.
+
+```bash
+$ docker run -itd --net=my-net --ip=10.10.9.75 busybox
+```
+
+If you want to add a running container to a network use the `docker network connect` subcommand.
+
+You can connect multiple containers to the same network. Once connected, the
+containers can communicate easily need only another container's IP address
+or name. For `overlay` networks or custom plugins that support multi-host
+connectivity, containers connected to the same multi-host network but launched
+from different Engines can also communicate in this way.
+
+**Note**: Service discovery is unavailable on the default bridge network.
+Containers can communicate via their IP addresses by default. To communicate
+by name, they must be linked.
+
+You can disconnect a container from a network using the `docker network
+disconnect` command.
+
+### Mount volumes from container (--volumes-from)
+
+    $ docker run --volumes-from 777f7dc92da7 --volumes-from ba8c0c54f0f2:ro -i -t ubuntu pwd
+
+The `--volumes-from` flag mounts all the defined volumes from the referenced
+containers. Containers can be specified by repetitions of the `--volumes-from`
+argument. The container ID may be optionally suffixed with `:ro` or `:rw` to
+mount the volumes in read-only or read-write mode, respectively. By default,
+the volumes are mounted in the same mode (read write or read only) as
+the reference container.
+
+Labeling systems like SELinux require that proper labels are placed on volume
+content mounted into a container. Without a label, the security system might
+prevent the processes running inside the container from using the content. By
+default, Docker does not change the labels set by the OS.
+
+To change the label in the container context, you can add either of two suffixes
+`:z` or `:Z` to the volume mount. These suffixes tell Docker to relabel file
+objects on the shared volumes. The `z` option tells Docker that two containers
+share the volume content. As a result, Docker labels the content with a shared
+content label. Shared volume labels allow all containers to read/write content.
+The `Z` option tells Docker to label the content with a private unshared label.
+Only the current container can use a private volume.
+
+### Attach to STDIN/STDOUT/STDERR (-a)
+
+The `-a` flag tells `docker run` to bind to the container's `STDIN`, `STDOUT`
+or `STDERR`. This makes it possible to manipulate the output and input as
+needed.
+
+    $ echo "test" | docker run -i -a stdin ubuntu cat -
+
+This pipes data into a container and prints the container's ID by attaching
+only to the container's `STDIN`.
+
+    $ docker run -a stderr ubuntu echo test
+
+This isn't going to print anything unless there's an error because we've
+only attached to the `STDERR` of the container. The container's logs
+still store what's been written to `STDERR` and `STDOUT`.
+
+    $ cat somefile | docker run -i -a stdin mybuilder dobuild
+
+This is how piping a file into a container could be done for a build.
+The container's ID will be printed after the build is done and the build
+logs could be retrieved using `docker logs`. This is
+useful if you need to pipe a file or something else into a container and
+retrieve the container's ID once the container has finished running.
+
+### Add host device to container (--device)
+
+    $ docker run --device=/dev/sdc:/dev/xvdc --device=/dev/sdd --device=/dev/zero:/dev/nulo -i -t ubuntu ls -l /dev/{xvdc,sdd,nulo}
+    brw-rw---- 1 root disk 8, 2 Feb  9 16:05 /dev/xvdc
+    brw-rw---- 1 root disk 8, 3 Feb  9 16:05 /dev/sdd
+    crw-rw-rw- 1 root root 1, 5 Feb  9 16:05 /dev/nulo
+
+It is often necessary to directly expose devices to a container. The `--device`
+option enables that. For example, a specific block storage device or loop
+device or audio device can be added to an otherwise unprivileged container
+(without the `--privileged` flag) and have the application directly access it.
+
+By default, the container will be able to `read`, `write` and `mknod` these devices.
+This can be overridden using a third `:rwm` set of options to each `--device`
+flag:
+
+
+    $ docker run --device=/dev/sda:/dev/xvdc --rm -it ubuntu fdisk  /dev/xvdc
+
+    Command (m for help): q
+    $ docker run --device=/dev/sda:/dev/xvdc:r --rm -it ubuntu fdisk  /dev/xvdc
+    You will not be able to write the partition table.
+
+    Command (m for help): q
+
+    $ docker run --device=/dev/sda:/dev/xvdc:rw --rm -it ubuntu fdisk  /dev/xvdc
+
+    Command (m for help): q
+
+    $ docker run --device=/dev/sda:/dev/xvdc:m --rm -it ubuntu fdisk  /dev/xvdc
+    fdisk: unable to open /dev/xvdc: Operation not permitted
+
+> **Note:**
+> `--device` cannot be safely used with ephemeral devices. Block devices
+> that may be removed should not be added to untrusted containers with
+> `--device`.
+
+### Restart policies (--restart)
+
+Use Docker's `--restart` to specify a container's *restart policy*. A restart
+policy controls whether the Docker daemon restarts a container after exit.
+Docker supports the following restart policies:
+
+<table>
+  <thead>
+    <tr>
+      <th>Policy</th>
+      <th>Result</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td><strong>no</strong></td>
+      <td>
+        Do not automatically restart the container when it exits. This is the
+        default.
+      </td>
+    </tr>
+    <tr>
+      <td>
+        <span style="white-space: nowrap">
+          <strong>on-failure</strong>[:max-retries]
+        </span>
+      </td>
+      <td>
+        Restart only if the container exits with a non-zero exit status.
+        Optionally, limit the number of restart retries the Docker
+        daemon attempts.
+      </td>
+    </tr>
+    <tr>
+      <td><strong>always</strong></td>
+      <td>
+        Always restart the container regardless of the exit status.
+        When you specify always, the Docker daemon will try to restart
+        the container indefinitely. The container will also always start
+        on daemon startup, regardless of the current state of the container.
+      </td>
+    </tr>
+    <tr>
+      <td><strong>unless-stopped</strong></td>
+      <td>
+        Always restart the container regardless of the exit status, but
+        do not start it on daemon startup if the container has been put
+        to a stopped state before.
+      </td>
+    </tr>
+  </tbody>
+</table>
+
+    $ docker run --restart=always redis
+
+This will run the `redis` container with a restart policy of **always**
+so that if the container exits, Docker will restart it.
+
+More detailed information on restart policies can be found in the
+[Restart Policies (--restart)](../run.md#restart-policies-restart)
+section of the Docker run reference page.
+
+### Add entries to container hosts file (--add-host)
+
+You can add other hosts into a container's `/etc/hosts` file by using one or
+more `--add-host` flags. This example adds a static address for a host named
+`docker`:
+
+    $ docker run --add-host=docker:10.180.0.1 --rm -it debian
+    $$ ping docker
+    PING docker (10.180.0.1): 48 data bytes
+    56 bytes from 10.180.0.1: icmp_seq=0 ttl=254 time=7.600 ms
+    56 bytes from 10.180.0.1: icmp_seq=1 ttl=254 time=30.705 ms
+    ^C--- docker ping statistics ---
+    2 packets transmitted, 2 packets received, 0% packet loss
+    round-trip min/avg/max/stddev = 7.600/19.152/30.705/11.553 ms
+
+Sometimes you need to connect to the Docker host from within your
+container. To enable this, pass the Docker host's IP address to
+the container using the `--add-host` flag. To find the host's address,
+use the `ip addr show` command.
+
+The flags you pass to `ip addr show` depend on whether you are
+using IPv4 or IPv6 networking in your containers. Use the following
+flags for IPv4 address retrieval for a network device named `eth0`:
+
+    $ HOSTIP=`ip -4 addr show scope global dev eth0 | grep inet | awk '{print \$2}' | cut -d / -f 1`
+    $ docker run  --add-host=docker:${HOSTIP} --rm -it debian
+
+For IPv6 use the `-6` flag instead of the `-4` flag. For other network
+devices, replace `eth0` with the correct device name (for example `docker0`
+for the bridge device).
+
+### Set ulimits in container (--ulimit)
+
+Since setting `ulimit` settings in a container requires extra privileges not
+available in the default container, you can set these using the `--ulimit` flag.
+`--ulimit` is specified with a soft and hard limit as such:
+`<type>=<soft limit>[:<hard limit>]`, for example:
+
+    $ docker run --ulimit nofile=1024:1024 --rm debian sh -c "ulimit -n"
+    1024
+
+> **Note:**
+> If you do not provide a `hard limit`, the `soft limit` will be used
+> for both values. If no `ulimits` are set, they will be inherited from
+> the default `ulimits` set on the daemon.  `as` option is disabled now.
+> In other words, the following script is not supported:
+> `$ docker run -it --ulimit as=1024 fedora /bin/bash`
+
+The values are sent to the appropriate `syscall` as they are set.
+Docker doesn't perform any byte conversion. Take this into account when setting the values.
+
+#### For `nproc` usage
+
+Be careful setting `nproc` with the `ulimit` flag as `nproc` is designed by Linux to set the
+maximum number of processes available to a user, not to a container.  For example, start four
+containers with `daemon` user:
+
+    docker run -d -u daemon --ulimit nproc=3 busybox top
+    docker run -d -u daemon --ulimit nproc=3 busybox top
+    docker run -d -u daemon --ulimit nproc=3 busybox top
+    docker run -d -u daemon --ulimit nproc=3 busybox top
+
+The 4th container fails and reports "[8] System error: resource temporarily unavailable" error.
+This fails because the caller set `nproc=3` resulting in the first three containers using up
+the three processes quota set for the `daemon` user.
+
+### Stop container with signal (--stop-signal)
+
+The `--stop-signal` flag sets the system call signal that will be sent to the container to exit.
+This signal can be a valid unsigned number that matches a position in the kernel's syscall table, for instance 9,
+or a signal name in the format SIGNAME, for instance SIGKILL.
+
+### Specify isolation technology for container (--isolation)
+
+This option is useful in situations where you are running Docker containers on
+Microsoft Windows. The `--isolation <value>` option sets a container's isolation
+technology. On Linux, the only supported is the `default` option which uses
+Linux namespaces. These two commands are equivalent on Linux:
+
+```
+$ docker run -d busybox top
+$ docker run -d --isolation default busybox top
+```
+
+On Microsoft Windows, can take any of these values:
+
+
+| Value     | Description                                                                                                                                                   |
+|-----------|---------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `default` | Use the value specified by the Docker daemon's `--exec-opt` . If the `daemon` does not specify an isolation technology, Microsoft Windows uses `process` as its default value.  |
+| `process` | Namespace isolation only.                                                                                                                                     |
+| `hyperv`   | Hyper-V hypervisor partition-based isolation.                                                                                                                  |
+
+In practice, when running on Microsoft Windows without a `daemon` option set,  these two commands are equivalent:
+
+```
+$ docker run -d --isolation default busybox top
+$ docker run -d --isolation process busybox top
+```
+
+If you have set the `--exec-opt isolation=hyperv` option on the Docker `daemon`, any of these commands also result in `hyperv` isolation:
+
+```
+$ docker run -d --isolation default busybox top
+$ docker run -d --isolation hyperv busybox top
+```
diff --git a/docs/reference/commandline/save.md b/docs/reference/commandline/save.md
new file mode 100644
index 00000000..23fc6712
--- /dev/null
+++ b/docs/reference/commandline/save.md
@@ -0,0 +1,37 @@
+<!--[metadata]>
++++
+title = "save"
+description = "The save command description and usage"
+keywords = ["tarred, repository, backup"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# save
+
+    Usage: docker save [OPTIONS] IMAGE [IMAGE...]
+
+    Save one or more images to a tar archive (streamed to STDOUT by default)
+
+      --help             Print usage
+      -o, --output=""    Write to a file, instead of STDOUT
+
+Produces a tarred repository to the standard output stream.
+Contains all parent layers, and all tags + versions, or specified `repo:tag`, for
+each argument provided.
+
+It is used to create a backup that can then be used with `docker load`
+
+    $ docker save busybox > busybox.tar
+    $ ls -sh busybox.tar
+    2.7M busybox.tar
+    $ docker save --output busybox.tar busybox
+    $ ls -sh busybox.tar
+    2.7M busybox.tar
+    $ docker save -o fedora-all.tar fedora
+    $ docker save -o fedora-latest.tar fedora:latest
+
+It is even useful to cherry-pick particular tags of an image repository
+
+    $ docker save -o ubuntu.tar ubuntu:lucid ubuntu:saucy
diff --git a/docs/reference/commandline/search.md b/docs/reference/commandline/search.md
new file mode 100644
index 00000000..893895e2
--- /dev/null
+++ b/docs/reference/commandline/search.md
@@ -0,0 +1,97 @@
+<!--[metadata]>
++++
+title = "search"
+description = "The search command description and usage"
+keywords = ["search, hub, images"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# search
+
+    Usage: docker search [OPTIONS] TERM
+
+    Search the Docker Hub for images
+
+      --automated          Only show automated builds
+      --help               Print usage
+      --no-trunc           Don't truncate output
+      -s, --stars=0        Only displays with at least x stars
+
+Search [Docker Hub](https://hub.docker.com) for images
+
+See [*Find Public Images on Docker Hub*](../../userguide/containers/dockerrepos.md#searching-for-images) for
+more details on finding shared images from the command line.
+
+> **Note:**
+> Search queries will only return up to 25 results
+
+## Examples
+
+### Search images by name
+
+This example displays images with a name containing 'busybox':
+
+    $ docker search busybox
+    NAME                             DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
+    busybox                          Busybox base image.                             316       [OK]       
+    progrium/busybox                                                                 50                   [OK]
+    radial/busyboxplus               Full-chain, Internet enabled, busybox made...   8                    [OK]
+    odise/busybox-python                                                             2                    [OK]
+    azukiapp/busybox                 This image is meant to be used as the base...   2                    [OK]
+    ofayau/busybox-jvm               Prepare busybox to install a 32 bits JVM.       1                    [OK]
+    shingonoide/archlinux-busybox    Arch Linux, a lightweight and flexible Lin...   1                    [OK]
+    odise/busybox-curl                                                               1                    [OK]
+    ofayau/busybox-libc32            Busybox with 32 bits (and 64 bits) libs         1                    [OK]
+    peelsky/zulu-openjdk-busybox                                                     1                    [OK]
+    skomma/busybox-data              Docker image suitable for data volume cont...   1                    [OK]
+    elektritter/busybox-teamspeak    Leightweight teamspeak3 container based on...   1                    [OK]
+    socketplane/busybox                                                              1                    [OK]
+    oveits/docker-nginx-busybox      This is a tiny NginX docker image based on...   0                    [OK]
+    ggtools/busybox-ubuntu           Busybox ubuntu version with extra goodies       0                    [OK]
+    nikfoundas/busybox-confd         Minimal busybox based distribution of confd     0                    [OK]
+    openshift/busybox-http-app                                                       0                    [OK]
+    jllopis/busybox                                                                  0                    [OK]
+    swyckoff/busybox                                                                 0                    [OK]
+    powellquiring/busybox                                                            0                    [OK]
+    williamyeh/busybox-sh            Docker image for BusyBox's sh                   0                    [OK]
+    simplexsys/busybox-cli-powered   Docker busybox images, with a few often us...   0                    [OK]
+    fhisamoto/busybox-java           Busybox java                                    0                    [OK]
+    scottabernethy/busybox                                                           0                    [OK]
+    marclop/busybox-solr
+
+### Search images by name and number of stars (-s, --stars)
+
+This example displays images with a name containing 'busybox' and at
+least 3 stars:
+
+    $ docker search --stars=3 busybox
+    NAME                 DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
+    busybox              Busybox base image.                             325       [OK]       
+    progrium/busybox                                                     50                   [OK]
+    radial/busyboxplus   Full-chain, Internet enabled, busybox made...   8                    [OK]
+
+
+### Search automated images (--automated)
+
+This example displays images with a name containing 'busybox', at
+least 3 stars and are automated builds:
+
+    $ docker search --stars=3 --automated busybox
+    NAME                 DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
+    progrium/busybox                                                     50                   [OK]
+    radial/busyboxplus   Full-chain, Internet enabled, busybox made...   8                    [OK]
+
+
+### Display non-truncated description (--no-trunc)
+
+This example displays images with a name containing 'busybox',
+at least 3 stars and the description isn't truncated in the output:
+
+    $ docker search --stars=3 --no-trunc busybox
+    NAME                 DESCRIPTION                                                                               STARS     OFFICIAL   AUTOMATED
+    busybox              Busybox base image.                                                                       325       [OK]       
+    progrium/busybox                                                                                               50                   [OK]
+    radial/busyboxplus   Full-chain, Internet enabled, busybox made from scratch. Comes in git and cURL flavors.   8                    [OK]
+
diff --git a/docs/reference/commandline/start.md b/docs/reference/commandline/start.md
new file mode 100644
index 00000000..156a2aae
--- /dev/null
+++ b/docs/reference/commandline/start.md
@@ -0,0 +1,20 @@
+<!--[metadata]>
++++
+title = "start"
+description = "The start command description and usage"
+keywords = ["Start, container, stopped"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# start
+
+    Usage: docker start [OPTIONS] CONTAINER [CONTAINER...]
+
+    Start one or more containers
+
+      -a, --attach               Attach STDOUT/STDERR and forward signals
+      --detach-keys              Specify the escape key sequence used to detach a container
+      --help                     Print usage
+      -i, --interactive          Attach container's STDIN
diff --git a/docs/reference/commandline/stats.md b/docs/reference/commandline/stats.md
new file mode 100644
index 00000000..8ef7d6e1
--- /dev/null
+++ b/docs/reference/commandline/stats.md
@@ -0,0 +1,40 @@
+<!--[metadata]>
++++
+title = "stats"
+description = "The stats command description and usage"
+keywords = ["container, resource, statistics"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# stats
+
+    Usage: docker stats [OPTIONS] [CONTAINER...]
+
+    Display a live stream of one or more containers' resource usage statistics
+
+      -a, --all          Show all containers (default shows just running)
+      --help             Print usage
+      --no-stream        Disable streaming stats and only pull the first result
+
+The `docker stats` command returns a live data stream for running containers. To limit data to one or more specific containers, specify a list of container names or ids separated by a space. You can specify a stopped container but stopped containers do not return any data.
+
+If you want more detailed information about a container's resource usage, use the `/containers/(id)/stats` API endpoint. 
+
+## Examples
+
+Running `docker stats` on all running containers
+
+    $ docker stats
+    CONTAINER           CPU %               MEM USAGE / LIMIT     MEM %               NET I/O             BLOCK I/O
+    1285939c1fd3        0.07%               796 KB / 64 MB        1.21%               788 B / 648 B       3.568 MB / 512 KB
+    9c76f7834ae2        0.07%               2.746 MB / 64 MB      4.29%               1.266 KB / 648 B    12.4 MB / 0 B
+    d1ea048f04e4        0.03%               4.583 MB / 64 MB      6.30%               2.854 KB / 648 B    27.7 MB / 0 B
+
+Running `docker stats` on multiple containers by name and id.
+
+    $ docker stats fervent_panini 5acfcb1b4fd1
+    CONTAINER           CPU %               MEM USAGE/LIMIT     MEM %               NET I/O
+    5acfcb1b4fd1        0.00%               115.2 MB/1.045 GB   11.03%              1.422 kB/648 B
+    fervent_panini      0.02%               11.08 MB/1.045 GB   1.06%               648 B/648 B
diff --git a/docs/reference/commandline/stop.md b/docs/reference/commandline/stop.md
new file mode 100644
index 00000000..1fb376ea
--- /dev/null
+++ b/docs/reference/commandline/stop.md
@@ -0,0 +1,22 @@
+<!--[metadata]>
++++
+title = "stop"
+description = "The stop command description and usage"
+keywords = ["stop, SIGKILL, SIGTERM"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# stop
+
+    Usage: docker stop [OPTIONS] CONTAINER [CONTAINER...]
+
+    Stop a container by sending SIGTERM and then SIGKILL after a
+    grace period
+
+      --help             Print usage
+      -t, --time=10      Seconds to wait for stop before killing it
+
+The main process inside the container will receive `SIGTERM`, and after a grace
+period, `SIGKILL`.
diff --git a/docs/reference/commandline/tag.md b/docs/reference/commandline/tag.md
new file mode 100644
index 00000000..cd104e8c
--- /dev/null
+++ b/docs/reference/commandline/tag.md
@@ -0,0 +1,20 @@
+<!--[metadata]>
++++
+title = "tag"
+description = "The tag command description and usage"
+keywords = ["tag, name, image"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# tag
+
+    Usage: docker tag [OPTIONS] IMAGE[:TAG] [REGISTRYHOST/][USERNAME/]NAME[:TAG]
+
+    Tag an image into a repository
+
+      --help               Print usage
+
+You can group your images together using names and tags, and then upload them
+to [*Share Images via Repositories*](../../userguide/containers/dockerrepos.md#contributing-to-docker-hub).
diff --git a/docs/reference/commandline/top.md b/docs/reference/commandline/top.md
new file mode 100644
index 00000000..2bff2fdb
--- /dev/null
+++ b/docs/reference/commandline/top.md
@@ -0,0 +1,17 @@
+<!--[metadata]>
++++
+title = "top"
+description = "The top command description and usage"
+keywords = ["container, running, processes"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# top
+
+    Usage: docker top [OPTIONS] CONTAINER [ps OPTIONS]
+
+    Display the running processes of a container
+
+      --help          Print usage
diff --git a/docs/reference/commandline/unpause.md b/docs/reference/commandline/unpause.md
new file mode 100644
index 00000000..641e3771
--- /dev/null
+++ b/docs/reference/commandline/unpause.md
@@ -0,0 +1,24 @@
+<!--[metadata]>
++++
+title = "unpause"
+description = "The unpause command description and usage"
+keywords = ["cgroups, suspend, container"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# unpause
+
+    Usage: docker unpause [OPTIONS] CONTAINER [CONTAINER...]
+
+    Unpause all processes within a container
+
+      --help          Print usage
+
+The `docker unpause` command uses the cgroups freezer to un-suspend all
+processes in a container.
+
+See the
+[cgroups freezer documentation](https://www.kernel.org/doc/Documentation/cgroups/freezer-subsystem.txt)
+for further details.
diff --git a/docs/reference/commandline/update.md b/docs/reference/commandline/update.md
new file mode 100644
index 00000000..24fb1f29
--- /dev/null
+++ b/docs/reference/commandline/update.md
@@ -0,0 +1,73 @@
+<!--[metadata]>
++++
+title = "update"
+description = "The update command description and usage"
+keywords = ["resources, update, dynamically"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+## update
+
+    Usage: docker update [OPTIONS] CONTAINER [CONTAINER...]
+
+    Update configuration of one or more containers
+
+      --help=false               Print usage
+      --blkio-weight=0           Block IO (relative weight), between 10 and 1000
+      --cpu-shares=0             CPU shares (relative weight)
+      --cpu-period=0             Limit the CPU CFS (Completely Fair Scheduler) period
+      --cpu-quota=0              Limit the CPU CFS (Completely Fair Scheduler) quota
+      --cpuset-cpus=""           CPUs in which to allow execution (0-3, 0,1)
+      --cpuset-mems=""           Memory nodes (MEMs) in which to allow execution (0-3, 0,1)
+      -m, --memory=""            Memory limit
+      --memory-reservation=""    Memory soft limit
+      --memory-swap=""           A positive integer equal to memory plus swap. Specify -1 to enable unlimited swap
+      --kernel-memory=""         Kernel memory limit: container must be stopped
+      --restart                  Restart policy to apply when a container exits
+
+The `docker update` command dynamically updates container configuration.
+You can use this command to prevent containers from consuming too many resources
+from their Docker host.  With a single command, you can place limits on
+a single container or on many. To specify more than one container, provide
+space-separated list of container names or IDs.
+
+With the exception of the `--kernel-memory` value, you can specify these
+options on a running or a stopped container. You can only update
+`--kernel-memory` on a stopped container. When you run `docker update` on
+stopped container, the next time you restart it, the container uses those
+values.
+
+Another configuration you can change with this command is restart policy,
+new restart policy will take effect instantly after you run `docker update`
+on a container.
+
+## EXAMPLES
+
+The following sections illustrate ways to use this command.
+
+### Update a container with cpu-shares=512
+
+To limit a container's cpu-shares to 512, first identify the container
+name or ID. You can use **docker ps** to find these values. You can also
+use the ID returned from the **docker run** command.  Then, do the following:
+
+```bash
+$ docker update --cpu-shares 512 abebf7571666
+```
+
+### Update a container with cpu-shares and memory
+
+To update multiple resource configurations for multiple containers:
+
+```bash
+$ docker update --cpu-shares 512 -m 300M abebf7571666 hopeful_morse
+```
+
+### Update a container's restart policy
+
+To update restart policy for one or more containers:
+```bash
+$ docker update --restart=on-failure:3 abebf7571666 hopeful_morse
+```
diff --git a/docs/reference/commandline/version.md b/docs/reference/commandline/version.md
new file mode 100644
index 00000000..14fac17e
--- /dev/null
+++ b/docs/reference/commandline/version.md
@@ -0,0 +1,55 @@
+<!--[metadata]>
++++
+title = "version"
+description = "The version command description and usage"
+keywords = ["version, architecture, api"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# version
+
+    Usage: docker version [OPTIONS]
+
+    Show the Docker version information.
+
+      -f, --format=""    Format the output using the given go template
+      --help             Print usage
+
+By default, this will render all version information in an easy to read
+layout. If a format is specified, the given template will be executed instead.
+
+Go's [text/template](http://golang.org/pkg/text/template/) package
+describes all the details of the format.
+
+## Examples
+
+**Default output:**
+
+    $ docker version
+	Client:
+	 Version:      1.8.0
+	 API version:  1.20
+	 Go version:   go1.4.2
+	 Git commit:   f5bae0a
+	 Built:        Tue Jun 23 17:56:00 UTC 2015
+	 OS/Arch:      linux/amd64
+
+	Server:
+	 Version:      1.8.0
+	 API version:  1.20
+	 Go version:   go1.4.2
+	 Git commit:   f5bae0a
+	 Built:        Tue Jun 23 17:56:00 UTC 2015
+	 OS/Arch:      linux/amd64
+
+**Get server version:**
+
+    $ docker version --format '{{.Server.Version}}'
+	1.8.0
+
+**Dump raw data:**
+
+    $ docker version --format '{{json .}}'
+    {"Client":{"Version":"1.8.0","ApiVersion":"1.20","GitCommit":"f5bae0a","GoVersion":"go1.4.2","Os":"linux","Arch":"amd64","BuildTime":"Tue Jun 23 17:56:00 UTC 2015"},"ServerOK":true,"Server":{"Version":"1.8.0","ApiVersion":"1.20","GitCommit":"f5bae0a","GoVersion":"go1.4.2","Os":"linux","Arch":"amd64","KernelVersion":"3.13.2-gentoo","BuildTime":"Tue Jun 23 17:56:00 UTC 2015"}}
diff --git a/docs/reference/commandline/volume_create.md b/docs/reference/commandline/volume_create.md
new file mode 100644
index 00000000..112c260a
--- /dev/null
+++ b/docs/reference/commandline/volume_create.md
@@ -0,0 +1,76 @@
+<!--[metadata]>
++++
+title = "volume create"
+description = "The volume create command description and usage"
+keywords = ["volume, create"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# volume create
+
+    Usage: docker volume create [OPTIONS]
+
+    Create a volume
+
+      -d, --driver=local    Specify volume driver name
+      --help                Print usage
+      --label=[]            Set metadata for a volume
+      --name=               Specify volume name
+      -o, --opt=map[]       Set driver specific options
+
+Creates a new volume that containers can consume and store data in. If a name is not specified, Docker generates a random name. You create a volume and then configure the container to use it, for example:
+
+```bash
+$ docker volume create --name hello
+hello
+
+$ docker run -d -v hello:/world busybox ls /world
+```
+
+The mount is created inside the container's `/world` directory. Docker does not support relative paths for mount points inside the container.
+
+Multiple containers can use the same volume in the same time period. This is useful if two containers need access to shared data. For example, if one container writes and the other reads the data.
+
+Volume names must be unique among drivers.  This means you cannot use the same volume name with two different drivers.  If you attempt this `docker` returns an error:
+
+```
+A volume named  "hello"  already exists with the "some-other" driver. Choose a different volume name.
+```
+
+If you specify a volume name already in use on the current driver, Docker assumes you want to re-use the existing volume and does not return an error.   
+
+## Driver specific options
+
+Some volume drivers may take options to customize the volume creation. Use the `-o` or `--opt` flags to pass driver options:
+
+```bash
+$ docker volume create --driver fake --opt tardis=blue --opt timey=wimey
+```
+
+These options are passed directly to the volume driver. Options for
+different volume drivers may do different things (or nothing at all).
+
+The built-in `local` driver on Windows does not support any options.
+
+The built-in `local` driver on Linux accepts options similar to the linux `mount`
+command:
+
+```bash
+$ docker volume create --driver local --opt type=tmpfs --opt device=tmpfs --opt o=size=100m,uid=1000
+```
+
+Another example:
+
+```bash
+$ docker volume create --driver local --opt type=btrfs --opt device=/dev/sda2
+```
+
+
+## Related information
+
+* [volume inspect](volume_inspect.md)
+* [volume ls](volume_ls.md)
+* [volume rm](volume_rm.md)
+* [Understand Data Volumes](../../userguide/containers/dockervolumes.md)
diff --git a/docs/reference/commandline/volume_inspect.md b/docs/reference/commandline/volume_inspect.md
new file mode 100644
index 00000000..8fdd34d9
--- /dev/null
+++ b/docs/reference/commandline/volume_inspect.md
@@ -0,0 +1,47 @@
+<!--[metadata]>
++++
+title = "volume inspect"
+description = "The volume inspect command description and usage"
+keywords = ["volume, inspect"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# volume inspect
+
+    Usage: docker volume inspect [OPTIONS] VOLUME [VOLUME...]
+
+    Return low-level information on a volume
+
+      -f, --format=       Format the output using the given go template.
+      --help              Print usage
+
+Returns information about a volume. By default, this command renders all results
+in a JSON array. You can specify an alternate format to execute a
+given template for each result. Go's
+[text/template](http://golang.org/pkg/text/template/) package describes all the
+details of the format.
+
+Example output:
+
+    $ docker volume create
+    85bffb0677236974f93955d8ecc4df55ef5070117b0e53333cc1b443777be24d
+    $ docker volume inspect 85bffb0677236974f93955d8ecc4df55ef5070117b0e53333cc1b443777be24d
+    [
+      {
+          "Name": "85bffb0677236974f93955d8ecc4df55ef5070117b0e53333cc1b443777be24d",
+          "Driver": "local",
+          "Mountpoint": "/var/lib/docker/volumes/85bffb0677236974f93955d8ecc4df55ef5070117b0e53333cc1b443777be24d/_data"
+      }
+    ]
+
+    $ docker volume inspect --format '{{ .Mountpoint }}' 85bffb0677236974f93955d8ecc4df55ef5070117b0e53333cc1b443777be24d
+    /var/lib/docker/volumes/85bffb0677236974f93955d8ecc4df55ef5070117b0e53333cc1b443777be24d/_data
+
+## Related information
+
+* [volume create](volume_create.md)
+* [volume ls](volume_ls.md)
+* [volume rm](volume_rm.md)
+* [Understand Data Volumes](../../userguide/containers/dockervolumes.md)
\ No newline at end of file
diff --git a/docs/reference/commandline/volume_ls.md b/docs/reference/commandline/volume_ls.md
new file mode 100644
index 00000000..0388e8ae
--- /dev/null
+++ b/docs/reference/commandline/volume_ls.md
@@ -0,0 +1,41 @@
+<!--[metadata]>
++++
+title = "volume ls"
+description = "The volume ls command description and usage"
+keywords = ["volume, list"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# volume ls
+
+    Usage: docker volume ls [OPTIONS]
+
+    List volumes
+
+      -f, --filter=[]      Provide filter values (i.e. 'dangling=true')
+      --help               Print usage
+      -q, --quiet          Only display volume names
+
+Lists all the volumes Docker knows about. You can filter using the `-f` or `--filter` flag. The filtering format is a `key=value` pair. To specify more than one filter,  pass multiple flags (for example,  `--filter "foo=bar" --filter "bif=baz"`)
+
+There is a single supported filter `dangling=value` which takes a boolean of `true` or `false`.
+
+Example output:
+
+    $ docker volume create --name rose
+    rose
+    $docker volume create --name tyler
+    tyler
+    $ docker volume ls
+    DRIVER              VOLUME NAME
+    local               rose
+    local               tyler
+
+## Related information
+
+* [volume create](volume_create.md)
+* [volume inspect](volume_inspect.md)
+* [volume rm](volume_rm.md)
+* [Understand Data Volumes](../../userguide/containers/dockervolumes.md)
\ No newline at end of file
diff --git a/docs/reference/commandline/volume_rm.md b/docs/reference/commandline/volume_rm.md
new file mode 100644
index 00000000..ff5ce24a
--- /dev/null
+++ b/docs/reference/commandline/volume_rm.md
@@ -0,0 +1,29 @@
+<!--[metadata]>
++++
+title = "volume rm"
+description = "the volume rm command description and usage"
+keywords = ["volume, rm"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# volume rm
+
+    Usage: docker volume rm [OPTIONS] VOLUME [VOLUME...]
+
+    Remove a volume
+
+      --help             Print usage
+
+Removes one or more volumes. You cannot remove a volume that is in use by a container.
+
+    $ docker volume rm hello
+    hello
+
+## Related information
+
+* [volume create](volume_create.md)
+* [volume inspect](volume_inspect.md)
+* [volume ls](volume_ls.md)
+* [Understand Data Volumes](../../userguide/containers/dockervolumes.md)
\ No newline at end of file
diff --git a/docs/reference/commandline/wait.md b/docs/reference/commandline/wait.md
new file mode 100644
index 00000000..5cd9a7b9
--- /dev/null
+++ b/docs/reference/commandline/wait.md
@@ -0,0 +1,17 @@
+<!--[metadata]>
++++
+title = "wait"
+description = "The wait command description and usage"
+keywords = ["container, stop, wait"]
+[menu.main]
+parent = "smn_cli"
++++
+<![end-metadata]-->
+
+# wait
+
+    Usage: docker wait [OPTIONS] CONTAINER [CONTAINER...]
+
+    Block until a container stops, then print its exit code.
+
+      --help          Print usage
diff --git a/docs/reference/glossary.md b/docs/reference/glossary.md
new file mode 100644
index 00000000..22c2d36d
--- /dev/null
+++ b/docs/reference/glossary.md
@@ -0,0 +1,221 @@
+<!--[metadata]>
++++
+title = "Docker Glossary"
+description = "Glossary of terms used around Docker"
+keywords = ["glossary, docker, terms,  definitions"]
+[menu.main]
+parent = "mn_about"
+weight = "50"
++++
+<![end-metadata]-->
+
+# Glossary
+
+A list of terms used around the Docker project.
+
+## aufs
+
+aufs (advanced multi layered unification filesystem) is a Linux [filesystem](#filesystem) that
+Docker supports as a storage backend. It implements the
+[union mount](http://en.wikipedia.org/wiki/Union_mount) for Linux file systems.
+
+## Base image
+
+An image that has no parent is a **base image**.
+
+## boot2docker
+
+[boot2docker](http://boot2docker.io/) is a lightweight Linux distribution made
+specifically to run Docker containers. The boot2docker management tool for Mac and Windows was deprecated and replaced by [`docker-machine`](#machine) which you can install with the Docker Toolbox.
+
+## btrfs
+
+btrfs (B-tree file system) is a Linux [filesystem](#filesystem) that Docker
+supports as a storage backend. It is a [copy-on-write](http://en.wikipedia.org/wiki/Copy-on-write)
+filesystem.
+
+## build
+
+build is the process of building Docker images using a [Dockerfile](#dockerfile).
+The build uses a Dockerfile and a "context". The context is the set of files in the
+directory in which the image is built.
+
+## cgroups
+
+cgroups is a Linux kernel feature that limits, accounts for, and isolates
+the resource usage (CPU, memory, disk I/O, network, etc.) of a collection
+of processes. Docker relies on cgroups to control and isolate resource limits.
+
+*Also known as : control groups*
+
+## Compose
+
+[Compose](https://github.com/docker/compose) is a tool for defining and
+running complex applications with Docker. With compose, you define a
+multi-container application in a single file, then spin your
+application up in a single command which does everything that needs to
+be done to get it running.
+
+*Also known as : docker-compose, fig*
+
+## container
+
+A container is a runtime instance of a [docker image](#image).
+
+A Docker container consists of
+
+- A Docker image
+- Execution environment
+- A standard set of instructions
+
+The concept is borrowed from Shipping Containers, which define a standard to ship
+goods globally. Docker defines a standard to ship software.
+
+## data volume
+
+A data volume is a specially-designated directory within one or more containers
+that bypasses the Union File System. Data volumes are designed to persist data,
+independent of the container's life cycle. Docker therefore never automatically
+delete volumes when you remove a container, nor will it "garbage collect"
+volumes that are no longer referenced by a container.
+
+
+## Docker
+
+The term Docker can refer to
+
+- The Docker project as a whole, which is a platform for developers and sysadmins to
+develop, ship, and run applications
+- The docker daemon process running on the host which manages images and containers
+
+
+## Docker Hub
+
+The [Docker Hub](https://hub.docker.com/) is a centralized resource for working with
+Docker and its components. It provides the following services:
+
+- Docker image hosting
+- User authentication
+- Automated image builds and work-flow tools such as build triggers and web hooks
+- Integration with GitHub and Bitbucket
+
+
+## Dockerfile
+
+A Dockerfile is a text document that contains all the commands you would
+normally execute manually in order to build a Docker image. Docker can
+build images automatically by reading the instructions from a Dockerfile.
+
+## filesystem
+
+A file system is the method an operating system uses to name files
+and assign them locations for efficient storage and retrieval.
+
+Examples :
+
+- Linux : ext4, aufs, btrfs, zfs
+- Windows : NTFS
+- OS X : HFS+
+
+## image
+
+Docker images are the basis of [containers](#container). An Image is an
+ordered collection of root filesystem changes and the corresponding
+execution parameters for use within a container runtime. An image typically
+contains a union of layered filesystems stacked on top of each other. An image
+does not have state and it never changes.
+
+## libcontainer
+
+libcontainer provides a native Go implementation for creating containers with
+namespaces, cgroups, capabilities, and filesystem access controls. It allows
+you to manage the lifecycle of the container performing additional operations
+after the container is created.
+
+## libnetwork
+
+libnetwork provides a native Go implementation for creating and managing container
+network namespaces and other network resources. It manage the networking lifecycle
+of the container performing additional operations after the container is created.
+
+## link
+
+links provide a legacy interface to connect Docker containers running on the
+same host to each other without exposing the hosts' network ports. Use the
+Docker networks feature instead.
+
+## Machine
+
+[Machine](https://github.com/docker/machine) is a Docker tool which
+makes it really easy to create Docker hosts on  your computer, on
+cloud providers and inside your own data center. It creates servers,
+installs Docker on them, then configures the Docker client to talk to them.
+
+*Also known as : docker-machine*
+
+## overlay network driver
+
+Overlay network driver provides out of the box multi-host network connectivity
+for docker containers in a cluster.
+
+## overlay storage driver
+
+OverlayFS is a [filesystem](#filesystem) service for Linux which implements a
+[union mount](http://en.wikipedia.org/wiki/Union_mount) for other file systems.
+It is supported by the Docker daemon as a storage driver.
+
+## registry
+
+A Registry is a hosted service containing [repositories](#repository) of [images](#image)
+which responds to the Registry API.
+
+The default registry can be accessed using a browser at [Docker Hub](#docker-hub)
+or using the `docker search` command.
+
+## repository
+
+A repository is a set of Docker images. A repository can be shared by pushing it
+to a [registry](#registry) server. The different images in the repository can be
+labeled using [tags](#tag).
+
+Here is an example of the shared [nginx repository](https://hub.docker.com/_/nginx/)
+and its [tags](https://hub.docker.com/r/library/nginx/tags/)
+
+## Swarm
+
+[Swarm](https://github.com/docker/swarm) is a native clustering tool for Docker.
+Swarm pools together several Docker hosts and exposes them as a single virtual
+Docker host. It serves the standard Docker API, so any tool that already works
+with Docker can now transparently scale up to multiple hosts.
+
+*Also known as : docker-swarm*
+
+## tag
+
+A tag is a label applied to a Docker image in a [repository](#repository).
+tags are how various images in a repository are distinguished from each other.
+
+*Note : This label is not related to the key=value labels set for docker daemon*
+
+## Toolbox
+
+Docker Toolbox is the installer for Mac and Windows users.
+
+
+## Union file system
+
+Union file systems, or UnionFS, are file systems that operate by creating layers, making them
+very lightweight and fast. Docker uses union file systems to provide the building
+blocks for containers.
+
+
+## Virtual Machine
+
+A Virtual Machine is a program that emulates a complete computer and imitates dedicated hardware.
+It shares physical hardware resources with other users but isolates the operating system. The
+end user has the same experience on a Virtual Machine as they would have on dedicated hardware.
+
+Compared to to containers, a Virtual Machine is heavier to run, provides more isolation,
+gets its own set of resources and does minimal sharing.
+
+*Also known as : VM*
diff --git a/docs/reference/index.md b/docs/reference/index.md
new file mode 100644
index 00000000..a207ee7d
--- /dev/null
+++ b/docs/reference/index.md
@@ -0,0 +1,18 @@
+<!-- [metadata]>
++++
+title = "Engine reference"
+description = "Docker Engine reference"
+keywords = ["Engine"]
+[menu.main]
+parent="engine_use"
+identifier="engine_ref"
+weight=70
++++
+<![end-metadata]-->
+
+# Engine reference
+
+* [Dockerfile reference](builder.md)
+* [Docker run reference](run.md)
+* [Command line reference](commandline/index.md)
+* [API Reference](api/index.md)
diff --git a/docs/reference/run.md b/docs/reference/run.md
new file mode 100644
index 00000000..b37dd5ae
--- /dev/null
+++ b/docs/reference/run.md
@@ -0,0 +1,1468 @@
+<!--[metadata]>
++++
+title = "Docker run reference"
+description = "Configure containers at runtime"
+keywords = ["docker, run, configure,  runtime"]
+[menu.main]
+parent = "engine_ref"
+weight=-80
++++
+<![end-metadata]-->
+
+<!-- TODO (@thaJeztah) define more flexible table/td classes -->
+<style>
+table .no-wrap {
+    white-space: nowrap;
+}
+table code {
+    white-space: nowrap;
+}
+</style>
+# Docker run reference
+
+Docker runs processes in isolated containers. A container is a process
+which runs on a host. The host may be local or remote. When an operator
+executes `docker run`, the container process that runs is isolated in
+that it has its own file system, its own networking, and its own
+isolated process tree separate from the host.
+
+This page details how to use the `docker run` command to define the
+container's resources at runtime.
+
+## General form
+
+The basic `docker run` command takes this form:
+
+    $ docker run [OPTIONS] IMAGE[:TAG|@DIGEST] [COMMAND] [ARG...]
+
+The `docker run` command must specify an [*IMAGE*](glossary.md#image)
+to derive the container from. An image developer can define image
+defaults related to:
+
+ * detached or foreground running
+ * container identification
+ * network settings
+ * runtime constraints on CPU and memory
+
+With the `docker run [OPTIONS]` an operator can add to or override the
+image defaults set by a developer. And, additionally, operators can
+override nearly all the defaults set by the Docker runtime itself. The
+operator's ability to override image and Docker runtime defaults is why
+[*run*](commandline/run.md) has more options than any
+other `docker` command.
+
+To learn how to interpret the types of `[OPTIONS]`, see [*Option
+types*](commandline/cli.md#option-types).
+
+> **Note**: Depending on your Docker system configuration, you may be
+> required to preface the `docker run` command with `sudo`. To avoid
+> having to use `sudo` with the `docker` command, your system
+> administrator can create a Unix group called `docker` and add users to
+> it. For more information about this configuration, refer to the Docker
+> installation documentation for your operating system.
+
+
+## Operator exclusive options
+
+Only the operator (the person executing `docker run`) can set the
+following options.
+
+ - [Detached vs foreground](#detached-vs-foreground)
+     - [Detached (-d)](#detached-d)
+     - [Foreground](#foreground)
+ - [Container identification](#container-identification)
+     - [Name (--name)](#name-name)
+     - [PID equivalent](#pid-equivalent)
+ - [IPC settings (--ipc)](#ipc-settings-ipc)
+ - [Network settings](#network-settings)
+ - [Restart policies (--restart)](#restart-policies-restart)
+ - [Clean up (--rm)](#clean-up-rm)
+ - [Runtime constraints on resources](#runtime-constraints-on-resources)
+ - [Runtime privilege and Linux capabilities](#runtime-privilege-and-linux-capabilities)
+
+## Detached vs foreground
+
+When starting a Docker container, you must first decide if you want to
+run the container in the background in a "detached" mode or in the
+default foreground mode:
+
+    -d=false: Detached mode: Run container in the background, print new container id
+
+### Detached (-d)
+
+To start a container in detached mode, you use `-d=true` or just `-d` option. By
+design, containers started in detached mode exit when the root process used to
+run the container exits. A container in detached mode cannot be automatically
+removed when it stops, this means you cannot use the `--rm` option with `-d` option.
+
+Do not pass a `service x start` command to a detached container. For example, this
+command attempts to start the `nginx` service.
+
+    $ docker run -d -p 80:80 my_image service nginx start
+
+This succeeds in starting the `nginx` service inside the container. However, it
+fails the detached container paradigm in that, the root process (`service nginx
+start`) returns and the detached container stops as designed. As a result, the
+`nginx` service is started but could not be used. Instead, to start a process
+such as the `nginx` web server do the following:
+
+    $ docker run -d -p 80:80 my_image nginx -g 'daemon off;'
+
+To do input/output with a detached container use network connections or shared
+volumes. These are required because the container is no longer listening to the
+command line where `docker run` was run.
+
+To reattach to a detached container, use `docker`
+[*attach*](commandline/attach.md) command.
+
+### Foreground
+
+In foreground mode (the default when `-d` is not specified), `docker
+run` can start the process in the container and attach the console to
+the process's standard input, output, and standard error. It can even
+pretend to be a TTY (this is what most command line executables expect)
+and pass along signals. All of that is configurable:
+
+    -a=[]           : Attach to `STDIN`, `STDOUT` and/or `STDERR`
+    -t              : Allocate a pseudo-tty
+    --sig-proxy=true: Proxy all received signals to the process (non-TTY mode only)
+    -i              : Keep STDIN open even if not attached
+
+If you do not specify `-a` then Docker will [attach all standard
+streams]( https://github.com/docker/docker/blob/75a7f4d90cde0295bcfb7213004abce8d4779b75/commands.go#L1797).
+You can specify to which of the three standard streams (`STDIN`, `STDOUT`,
+`STDERR`) you'd like to connect instead, as in:
+
+    $ docker run -a stdin -a stdout -i -t ubuntu /bin/bash
+
+For interactive processes (like a shell), you must use `-i -t` together in
+order to allocate a tty for the container process. `-i -t` is often written `-it`
+as you'll see in later examples.  Specifying `-t` is forbidden when the client
+standard output is redirected or piped, such as in:
+
+    $ echo test | docker run -i busybox cat
+
+>**Note**: A process running as PID 1 inside a container is treated
+>specially by Linux: it ignores any signal with the default action.
+>So, the process will not terminate on `SIGINT` or `SIGTERM` unless it is
+>coded to do so.
+
+## Container identification
+
+### Name (--name)
+
+The operator can identify a container in three ways:
+
+| Identifier type       | Example value                                                      |
+| --------------------- | ------------------------------------------------------------------ |
+| UUID long identifier  | "f78375b1c487e03c9438c729345e54db9d20cfa2ac1fc3494b6eb60872e74778" |
+| UUID short identifier | "f78375b1c487"                                                     |
+| Name                  | "evil_ptolemy"                                                     |
+
+The UUID identifiers come from the Docker daemon. If you do not assign a
+container name with the `--name` option, then the daemon generates a random
+string name for you. Defining a `name` can be a handy way to add meaning to a
+container. If you specify a `name`, you can use it  when referencing the
+container within a Docker network. This works for both background and foreground
+Docker containers.
+
+> **Note**: Containers on the default bridge network must be linked to
+> communicate by name.
+
+### PID equivalent
+
+Finally, to help with automation, you can have Docker write the
+container ID out to a file of your choosing. This is similar to how some
+programs might write out their process ID to a file (you've seen them as
+PID files):
+
+    --cidfile="": Write the container ID to the file
+
+### Image[:tag]
+
+While not strictly a means of identifying a container, you can specify a version of an
+image you'd like to run the container with by adding `image[:tag]` to the command. For
+example, `docker run ubuntu:14.04`.
+
+### Image[@digest]
+
+Images using the v2 or later image format have a content-addressable identifier
+called a digest. As long as the input used to generate the image is unchanged,
+the digest value is predictable and referenceable.
+
+## PID settings (--pid)
+
+    --pid=""  : Set the PID (Process) Namespace mode for the container,
+           'host': use the host's PID namespace inside the container
+
+By default, all containers have the PID namespace enabled.
+
+PID namespace provides separation of processes. The PID Namespace removes the
+view of the system processes, and allows process ids to be reused including
+pid 1.
+
+In certain cases you want your container to share the host's process namespace,
+basically allowing processes within the container to see all of the processes
+on the system.  For example, you could build a container with debugging tools
+like `strace` or `gdb`, but want to use these tools when debugging processes
+within the container.
+
+### Example: run htop inside a container
+
+Create this Dockerfile:
+
+```
+FROM alpine:latest
+RUN apk add --update htop && rm -rf /var/cache/apk/*
+CMD ["htop"]
+```
+
+Build the Dockerfile and tag the image as `myhtop`:
+
+```bash
+$ docker build -t myhtop .
+```
+
+Use the following command to run `htop` inside a container:
+
+```
+$ docker run -it --rm --pid=host myhtop
+```
+
+## UTS settings (--uts)
+
+    --uts=""  : Set the UTS namespace mode for the container,
+           'host': use the host's UTS namespace inside the container
+
+The UTS namespace is for setting the hostname and the domain that is visible
+to running processes in that namespace.  By default, all containers, including
+those with `--net=host`, have their own UTS namespace.  The `host` setting will
+result in the container using the same UTS namespace as the host.  Note that
+`--hostname` is invalid in `host` UTS mode.
+
+You may wish to share the UTS namespace with the host if you would like the
+hostname of the container to change as the hostname of the host changes.  A
+more advanced use case would be changing the host's hostname from a container.
+
+## IPC settings (--ipc)
+
+    --ipc=""  : Set the IPC mode for the container,
+                 'container:<name|id>': reuses another container's IPC namespace
+                 'host': use the host's IPC namespace inside the container
+
+By default, all containers have the IPC namespace enabled.
+
+IPC (POSIX/SysV IPC) namespace provides separation of named shared memory
+segments, semaphores and message queues.
+
+Shared memory segments are used to accelerate inter-process communication at
+memory speed, rather than through pipes or through the network stack. Shared
+memory is commonly used by databases and custom-built (typically C/OpenMPI,
+C++/using boost libraries) high performance applications for scientific
+computing and financial services industries. If these types of applications
+are broken into multiple containers, you might need to share the IPC mechanisms
+of the containers.
+
+## Network settings
+
+    --dns=[]         : Set custom dns servers for the container
+    --net="bridge"   : Connect a container to a network
+                        'bridge': create a network stack on the default Docker bridge
+                        'none': no networking
+                        'container:<name|id>': reuse another container's network stack
+                        'host': use the Docker host network stack
+                        '<network-name>|<network-id>': connect to a user-defined network
+    --net-alias=[]   : Add network-scoped alias for the container
+    --add-host=""    : Add a line to /etc/hosts (host:IP)
+    --mac-address="" : Sets the container's Ethernet device's MAC address
+    --ip=""          : Sets the container's Ethernet device's IPv4 address
+    --ip6=""         : Sets the container's Ethernet device's IPv6 address
+
+By default, all containers have networking enabled and they can make any
+outgoing connections. The operator can completely disable networking
+with `docker run --net none` which disables all incoming and outgoing
+networking. In cases like this, you would perform I/O through files or
+`STDIN` and `STDOUT` only.
+
+Publishing ports and linking to other containers only works with the default (bridge). The linking feature is a legacy feature. You should always prefer using Docker network drivers over linking.
+
+Your container will use the same DNS servers as the host by default, but
+you can override this with `--dns`.
+
+By default, the MAC address is generated using the IP address allocated to the
+container. You can set the container's MAC address explicitly by providing a
+MAC address via the `--mac-address` parameter (format:`12:34:56:78:9a:bc`).
+
+Supported networks :
+
+<table>
+  <thead>
+    <tr>
+      <th class="no-wrap">Network</th>
+      <th>Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td class="no-wrap"><strong>none</strong></td>
+      <td>
+        No networking in the container.
+      </td>
+    </tr>
+    <tr>
+      <td class="no-wrap"><strong>bridge</strong> (default)</td>
+      <td>
+        Connect the container to the bridge via veth interfaces.
+      </td>
+    </tr>
+    <tr>
+      <td class="no-wrap"><strong>host</strong></td>
+      <td>
+        Use the host's network stack inside the container.
+      </td>
+    </tr>
+    <tr>
+      <td class="no-wrap"><strong>container</strong>:&lt;name|id&gt;</td>
+      <td>
+        Use the network stack of another container, specified via
+        its *name* or *id*.
+      </td>
+    </tr>
+    <tr>
+      <td class="no-wrap"><strong>NETWORK</strong></td>
+      <td>
+        Connects the container to a user created network (using `docker network create` command)
+      </td>
+    </tr>
+  </tbody>
+</table>
+
+#### Network: none
+
+With the network is `none` a container will not have
+access to any external routes.  The container will still have a
+`loopback` interface enabled in the container but it does not have any
+routes to external traffic.
+
+#### Network: bridge
+
+With the network set to `bridge` a container will use docker's
+default networking setup.  A bridge is setup on the host, commonly named
+`docker0`, and a pair of `veth` interfaces will be created for the
+container.  One side of the `veth` pair will remain on the host attached
+to the bridge while the other side of the pair will be placed inside the
+container's namespaces in addition to the `loopback` interface.  An IP
+address will be allocated for containers on the bridge's network and
+traffic will be routed though this bridge to the container.
+
+Containers can communicate via their IP addresses by default. To communicate by
+name, they must be linked.
+
+#### Network: host
+
+With the network set to `host` a container will share the host's
+network stack and all interfaces from the host will be available to the
+container.  The container's hostname will match the hostname on the host
+system.  Note that `--add-host` `--dns` `--dns-search`
+`--dns-opt` and `--mac-address` are invalid in `host` netmode. Even in `host`
+network mode a container has its own UTS namespace by default. As such
+`--hostname` is allowed in `host` network mode and will only change the
+hostname inside the container.
+
+Compared to the default `bridge` mode, the `host` mode gives *significantly*
+better networking performance since it uses the host's native networking stack
+whereas the bridge has to go through one level of virtualization through the
+docker daemon. It is recommended to run containers in this mode when their
+networking performance is critical, for example, a production Load Balancer
+or a High Performance Web Server.
+
+> **Note**: `--net="host"` gives the container full access to local system
+> services such as D-bus and is therefore considered insecure.
+
+#### Network: container
+
+With the network set to `container` a container will share the
+network stack of another container.  The other container's name must be
+provided in the format of `--net container:<name|id>`. Note that `--add-host`
+`--hostname` `--dns` `--dns-search` `--dns-opt` and `--mac-address` are
+invalid in `container` netmode, and `--publish` `--publish-all` `--expose` are
+also invalid in `container` netmode.
+
+Example running a Redis container with Redis binding to `localhost` then
+running the `redis-cli` command and connecting to the Redis server over the
+`localhost` interface.
+
+    $ docker run -d --name redis example/redis --bind 127.0.0.1
+    $ # use the redis container's network stack to access localhost
+    $ docker run --rm -it --net container:redis example/redis-cli -h 127.0.0.1
+
+#### User-defined network
+
+You can create a network using a Docker network driver or an external network
+driver plugin. You can connect multiple containers to the same network. Once
+connected to a user-defined network, the containers can communicate easily using
+only another container's IP address or name.  
+
+For `overlay` networks or custom plugins that support multi-host connectivity,
+containers connected to the same multi-host network but launched from different
+Engines can also communicate in this way.
+
+The following example creates a network using the built-in `bridge` network
+driver and running a container in the created network
+
+```
+$ docker network create -d bridge my-net
+$ docker run --net=my-net -itd --name=container3 busybox
+```
+
+### Managing /etc/hosts
+
+Your container will have lines in `/etc/hosts` which define the hostname of the
+container itself as well as `localhost` and a few other common things. The
+`--add-host` flag can be used to add additional lines to `/etc/hosts`.
+
+    $ docker run -it --add-host db-static:86.75.30.9 ubuntu cat /etc/hosts
+    172.17.0.22     09d03f76bf2c
+    fe00::0         ip6-localnet
+    ff00::0         ip6-mcastprefix
+    ff02::1         ip6-allnodes
+    ff02::2         ip6-allrouters
+    127.0.0.1       localhost
+    ::1	            localhost ip6-localhost ip6-loopback
+    86.75.30.9      db-static
+
+If a container is connected to the default bridge network and `linked`
+with other containers, then the container's `/etc/hosts` file is updated
+with the linked container's name.
+
+If the container is connected to user-defined network, the container's
+`/etc/hosts` file is updated with names of all other containers in that
+user-defined network.
+
+> **Note** Since Docker may live update the container’s `/etc/hosts` file, there
+may be situations when processes inside the container can end up reading an
+empty or incomplete `/etc/hosts` file. In most cases, retrying the read again
+should fix the problem.
+
+## Restart policies (--restart)
+
+Using the `--restart` flag on Docker run you can specify a restart policy for
+how a container should or should not be restarted on exit.
+
+When a restart policy is active on a container, it will be shown as either `Up`
+or `Restarting` in [`docker ps`](commandline/ps.md). It can also be
+useful to use [`docker events`](commandline/events.md) to see the
+restart policy in effect.
+
+Docker supports the following restart policies:
+
+<table>
+  <thead>
+    <tr>
+      <th>Policy</th>
+      <th>Result</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td><strong>no</strong></td>
+      <td>
+        Do not automatically restart the container when it exits. This is the
+        default.
+      </td>
+    </tr>
+    <tr>
+      <td>
+        <span style="white-space: nowrap">
+          <strong>on-failure</strong>[:max-retries]
+        </span>
+      </td>
+      <td>
+        Restart only if the container exits with a non-zero exit status.
+        Optionally, limit the number of restart retries the Docker
+        daemon attempts.
+      </td>
+    </tr>
+    <tr>
+      <td><strong>always</strong></td>
+      <td>
+        Always restart the container regardless of the exit status.
+        When you specify always, the Docker daemon will try to restart
+        the container indefinitely. The container will also always start
+        on daemon startup, regardless of the current state of the container.
+      </td>
+    </tr>
+    <tr>
+      <td><strong>unless-stopped</strong></td>
+      <td>
+        Always restart the container regardless of the exit status, but
+        do not start it on daemon startup if the container has been put
+        to a stopped state before.
+      </td>
+    </tr>
+  </tbody>
+</table>
+
+An ever increasing delay (double the previous delay, starting at 100
+milliseconds) is added before each restart to prevent flooding the server.
+This means the daemon will wait for 100 ms, then 200 ms, 400, 800, 1600,
+and so on until either the `on-failure` limit is hit, or when you `docker stop`
+or `docker rm -f` the container.
+
+If a container is successfully restarted (the container is started and runs
+for at least 10 seconds), the delay is reset to its default value of 100 ms.
+
+You can specify the maximum amount of times Docker will try to restart the
+container when using the **on-failure** policy.  The default is that Docker
+will try forever to restart the container. The number of (attempted) restarts
+for a container can be obtained via [`docker inspect`](commandline/inspect.md). For example, to get the number of restarts
+for container "my-container";
+
+    $ docker inspect -f "{{ .RestartCount }}" my-container
+    # 2
+
+Or, to get the last time the container was (re)started;
+
+    $ docker inspect -f "{{ .State.StartedAt }}" my-container
+    # 2015-03-04T23:47:07.691840179Z
+
+
+Combining `--restart` (restart policy) with the `--rm` (clean up) flag results
+in an error. On container restart, attached clients are disconnected. See the
+examples on using the [`--rm` (clean up)](#clean-up-rm) flag later in this page.
+
+### Examples
+
+    $ docker run --restart=always redis
+
+This will run the `redis` container with a restart policy of **always**
+so that if the container exits, Docker will restart it.
+
+    $ docker run --restart=on-failure:10 redis
+
+This will run the `redis` container with a restart policy of **on-failure**
+and a maximum restart count of 10.  If the `redis` container exits with a
+non-zero exit status more than 10 times in a row Docker will abort trying to
+restart the container. Providing a maximum restart limit is only valid for the
+**on-failure** policy.
+
+## Exit Status
+
+The exit code from `docker run` gives information about why the container
+failed to run or why it exited.  When `docker run` exits with a non-zero code,
+the exit codes follow the `chroot` standard, see below:
+
+**_125_** if the error is with Docker daemon **_itself_**
+
+    $ docker run --foo busybox; echo $?
+    # flag provided but not defined: --foo
+      See 'docker run --help'.
+      125
+
+**_126_** if the **_contained command_** cannot be invoked
+
+    $ docker run busybox /etc; echo $?
+    # exec: "/etc": permission denied
+      docker: Error response from daemon: Contained command could not be invoked
+      126
+
+**_127_** if the **_contained command_** cannot be found
+
+    $ docker run busybox foo; echo $?
+    # exec: "foo": executable file not found in $PATH
+      docker: Error response from daemon: Contained command not found or does not exist
+      127
+
+**_Exit code_** of **_contained command_** otherwise
+
+    $ docker run busybox /bin/sh -c 'exit 3'
+    # 3
+
+## Clean up (--rm)
+
+By default a container's file system persists even after the container
+exits. This makes debugging a lot easier (since you can inspect the
+final state) and you retain all your data by default. But if you are
+running short-term **foreground** processes, these container file
+systems can really pile up. If instead you'd like Docker to
+**automatically clean up the container and remove the file system when
+the container exits**, you can add the `--rm` flag:
+
+    --rm=false: Automatically remove the container when it exits (incompatible with -d)
+
+> **Note**: When you set the `--rm` flag, Docker also removes the volumes
+associated with the container when the container is removed. This is similar
+to running `docker rm -v my-container`. Only volumes that are specified without a
+name are removed. For example, with
+`docker run --rm -v /foo -v awesome:/bar busybox top`, the volume for `/foo` will be removed,
+but the volume for `/bar` will not. Volumes inheritted via `--volumes-from` will be removed
+with the same logic -- if the original volume was specified with a name it will **not** be removed.
+
+## Security configuration
+    --security-opt="label=user:USER"   : Set the label user for the container
+    --security-opt="label=role:ROLE"   : Set the label role for the container
+    --security-opt="label=type:TYPE"   : Set the label type for the container
+    --security-opt="label=level:LEVEL" : Set the label level for the container
+    --security-opt="label=disable"     : Turn off label confinement for the container
+    --security-opt="apparmor=PROFILE"  : Set the apparmor profile to be applied
+                                         to the container
+    --security-opt="no-new-privileges" : Disable container processes from gaining
+                                         new privileges
+    --security-opt="seccomp=unconfined": Turn off seccomp confinement for the container
+    --security-opt="seccomp=profile.json: White listed syscalls seccomp Json file to be used as a seccomp filter
+
+
+You can override the default labeling scheme for each container by specifying
+the `--security-opt` flag. For example, you can specify the MCS/MLS level, a
+requirement for MLS systems. Specifying the level in the following command
+allows you to share the same content between containers.
+
+    $ docker run --security-opt label=level:s0:c100,c200 -it fedora bash
+
+An MLS example might be:
+
+    $ docker run --security-opt label=level:TopSecret -it rhel7 bash
+
+To disable the security labeling for this container versus running with the
+`--permissive` flag, use the following command:
+
+    $ docker run --security-opt label=disable -it fedora bash
+
+If you want a tighter security policy on the processes within a container,
+you can specify an alternate type for the container. You could run a container
+that is only allowed to listen on Apache ports by executing the following
+command:
+
+    $ docker run --security-opt label=type:svirt_apache_t -it centos bash
+
+> **Note**: You would have to write policy defining a `svirt_apache_t` type.
+
+If you want to prevent your container processes from gaining additional
+privileges, you can execute the following command:
+
+    $ docker run --security-opt no-new-privileges -it centos bash
+
+For more details, see [kernel documentation](https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt).
+
+## Specifying custom cgroups
+
+Using the `--cgroup-parent` flag, you can pass a specific cgroup to run a
+container in. This allows you to create and manage cgroups on their own. You can
+define custom resources for those cgroups and put containers under a common
+parent group.
+
+## Runtime constraints on resources
+
+The operator can also adjust the performance parameters of the
+container:
+
+| Option                     |  Description                                                                                                                                    |
+| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- |
+| `-m`, `--memory=""`        | Memory limit (format: `<number>[<unit>]`). Number is a positive integer. Unit can be one of `b`, `k`, `m`, or `g`. Minimum is 4M.               |
+| `--memory-swap=""`         | Total memory limit (memory + swap, format: `<number>[<unit>]`). Number is a positive integer. Unit can be one of `b`, `k`, `m`, or `g`.         |
+| `--memory-reservation=""`  | Memory soft limit (format: `<number>[<unit>]`). Number is a positive integer. Unit can be one of `b`, `k`, `m`, or `g`.                         |
+| `--kernel-memory=""`       | Kernel memory limit (format: `<number>[<unit>]`). Number is a positive integer. Unit can be one of `b`, `k`, `m`, or `g`. Minimum is 4M.        |
+| `-c`, `--cpu-shares=0`     | CPU shares (relative weight)                                                                                                                    |
+| `--cpu-period=0`           | Limit the CPU CFS (Completely Fair Scheduler) period                                                                                            |
+| `--cpuset-cpus=""`         | CPUs in which to allow execution (0-3, 0,1)                                                                                                     |
+| `--cpuset-mems=""`         | Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems.                                                     |
+| `--cpu-quota=0`            | Limit the CPU CFS (Completely Fair Scheduler) quota                                                                                             |
+| `--blkio-weight=0`         | Block IO weight (relative weight) accepts a weight value between 10 and 1000.                                                                   |
+| `--blkio-weight-device=""` | Block IO weight (relative device weight, format: `DEVICE_NAME:WEIGHT`)                                                                          |
+| `--device-read-bps=""`     | Limit read rate from a device (format: `<device-path>:<number>[<unit>]`). Number is a positive integer. Unit can be one of `kb`, `mb`, or `gb`. |
+| `--device-write-bps=""`    | Limit write rate to a device (format: `<device-path>:<number>[<unit>]`). Number is a positive integer. Unit can be one of `kb`, `mb`, or `gb`.  |
+| `--device-read-iops="" `   | Limit read rate (IO per second) from a device (format: `<device-path>:<number>`). Number is a positive integer.                                 |
+| `--device-write-iops="" `  | Limit write rate (IO per second) to a device (format: `<device-path>:<number>`). Number is a positive integer.                                  |
+| `--oom-kill-disable=false` | Whether to disable OOM Killer for the container or not.                                                                                         |
+| `--memory-swappiness=""`   | Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100.                                                            |
+| `--shm-size=""`            | Size of `/dev/shm`. The format is `<number><unit>`. `number` must be greater than `0`. Unit is optional and can be `b` (bytes), `k` (kilobytes), `m` (megabytes), or `g` (gigabytes). If you omit the unit, the system uses bytes. If you omit the size entirely, the system uses `64m`. |
+
+### User memory constraints
+
+We have four ways to set user memory usage:
+
+<table>
+  <thead>
+    <tr>
+      <th>Option</th>
+      <th>Result</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td class="no-wrap">
+          <strong>memory=inf, memory-swap=inf</strong> (default)
+      </td>
+      <td>
+        There is no memory limit for the container. The container can use
+        as much memory as needed.
+      </td>
+    </tr>
+    <tr>
+      <td class="no-wrap"><strong>memory=L&lt;inf, memory-swap=inf</strong></td>
+      <td>
+        (specify memory and set memory-swap as <code>-1</code>) The container is
+        not allowed to use more than L bytes of memory, but can use as much swap
+        as is needed (if the host supports swap memory).
+      </td>
+    </tr>
+    <tr>
+      <td class="no-wrap"><strong>memory=L&lt;inf, memory-swap=2*L</strong></td>
+      <td>
+        (specify memory without memory-swap) The container is not allowed to
+        use more than L bytes of memory, swap *plus* memory usage is double
+        of that.
+      </td>
+    </tr>
+    <tr>
+      <td class="no-wrap">
+          <strong>memory=L&lt;inf, memory-swap=S&lt;inf, L&lt;=S</strong>
+      </td>
+      <td>
+        (specify both memory and memory-swap) The container is not allowed to
+        use more than L bytes of memory, swap *plus* memory usage is limited
+        by S.
+      </td>
+    </tr>
+  </tbody>
+</table>
+
+Examples:
+
+    $ docker run -it ubuntu:14.04 /bin/bash
+
+We set nothing about memory, this means the processes in the container can use
+as much memory and swap memory as they need.
+
+    $ docker run -it -m 300M --memory-swap -1 ubuntu:14.04 /bin/bash
+
+We set memory limit and disabled swap memory limit, this means the processes in
+the container can use 300M memory and as much swap memory as they need (if the
+host supports swap memory).
+
+    $ docker run -it -m 300M ubuntu:14.04 /bin/bash
+
+We set memory limit only, this means the processes in the container can use
+300M memory and 300M swap memory, by default, the total virtual memory size
+(--memory-swap) will be set as double of memory, in this case, memory + swap
+would be 2*300M, so processes can use 300M swap memory as well.
+
+    $ docker run -it -m 300M --memory-swap 1G ubuntu:14.04 /bin/bash
+
+We set both memory and swap memory, so the processes in the container can use
+300M memory and 700M swap memory.
+
+Memory reservation is a kind of memory soft limit that allows for greater
+sharing of memory. Under normal circumstances, containers can use as much of
+the memory as needed and are constrained only by the hard limits set with the
+`-m`/`--memory` option. When memory reservation is set, Docker detects memory
+contention or low memory and forces containers to restrict their consumption to
+a reservation limit.
+
+Always set the memory reservation value below the hard limit, otherwise the hard
+limit takes precedence. A reservation of 0 is the same as setting no
+reservation. By default (without reservation set), memory reservation is the
+same as the hard memory limit.
+
+Memory reservation is a soft-limit feature and does not guarantee the limit
+won't be exceeded. Instead, the feature attempts to ensure that, when memory is
+heavily contended for, memory is allocated based on the reservation hints/setup.
+
+The following example limits the memory (`-m`) to 500M and sets the memory
+reservation to 200M.
+
+```bash
+$ docker run -it -m 500M --memory-reservation 200M ubuntu:14.04 /bin/bash
+```
+
+Under this configuration, when the container consumes memory more than 200M and
+less than 500M, the next system memory reclaim attempts to shrink container
+memory below 200M.
+
+The following example set memory reservation to 1G without a hard memory limit.
+
+```bash
+$ docker run -it --memory-reservation 1G ubuntu:14.04 /bin/bash
+```
+
+The container can use as much memory as it needs. The memory reservation setting
+ensures the container doesn't consume too much memory for long time, because
+every memory reclaim shrinks the container's consumption to the reservation.
+
+By default, kernel kills processes in a container if an out-of-memory (OOM)
+error occurs. To change this behaviour, use the `--oom-kill-disable` option.
+Only disable the OOM killer on containers where you have also set the
+`-m/--memory` option. If the `-m` flag is not set, this can result in the host
+running out of memory and require killing the host's system processes to free
+memory.
+
+The following example limits the memory to 100M and disables the OOM killer for
+this container:
+
+    $ docker run -it -m 100M --oom-kill-disable ubuntu:14.04 /bin/bash
+
+The following example, illustrates a dangerous way to use the flag:
+
+    $ docker run -it --oom-kill-disable ubuntu:14.04 /bin/bash
+
+The container has unlimited memory which can cause the host to run out memory
+and require killing system processes to free memory.
+
+### Kernel memory constraints
+
+Kernel memory is fundamentally different than user memory as kernel memory can't
+be swapped out. The inability to swap makes it possible for the container to
+block system services by consuming too much kernel memory. Kernel memory includes：
+
+ - stack pages
+ - slab pages
+ - sockets memory pressure
+ - tcp memory pressure
+
+You can setup kernel memory limit to constrain these kinds of memory. For example,
+every process consumes some stack pages. By limiting kernel memory, you can
+prevent new processes from being created when the kernel memory usage is too high.
+
+Kernel memory is never completely independent of user memory. Instead, you limit
+kernel memory in the context of the user memory limit. Assume "U" is the user memory
+limit and "K" the kernel limit. There are three possible ways to set limits:
+
+<table>
+  <thead>
+    <tr>
+      <th>Option</th>
+      <th>Result</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td class="no-wrap"><strong>U != 0, K = inf</strong> (default)</td>
+      <td>
+        This is the standard memory limitation mechanism already present before using
+        kernel memory. Kernel memory is completely ignored.
+      </td>
+    </tr>
+    <tr>
+      <td class="no-wrap"><strong>U != 0, K &lt; U</strong></td>
+      <td>
+        Kernel memory is a subset of the user memory. This setup is useful in
+        deployments where the total amount of memory per-cgroup is overcommitted.
+        Overcommitting kernel memory limits is definitely not recommended, since the
+        box can still run out of non-reclaimable memory.
+        In this case, the you can configure K so that the sum of all groups is
+        never greater than the total memory. Then, freely set U at the expense of
+        the system's service quality.
+      </td>
+    </tr>
+    <tr>
+      <td class="no-wrap"><strong>U != 0, K &gt; U</strong></td>
+      <td>
+        Since kernel memory charges are also fed to the user counter and reclamation
+        is triggered for the container for both kinds of memory. This configuration
+        gives the admin a unified view of memory. It is also useful for people
+        who just want to track kernel memory usage.
+      </td>
+    </tr>
+  </tbody>
+</table>
+
+Examples:
+
+    $ docker run -it -m 500M --kernel-memory 50M ubuntu:14.04 /bin/bash
+
+We set memory and kernel memory, so the processes in the container can use
+500M memory in total, in this 500M memory, it can be 50M kernel memory tops.
+
+    $ docker run -it --kernel-memory 50M ubuntu:14.04 /bin/bash
+
+We set kernel memory without **-m**, so the processes in the container can
+use as much memory as they want, but they can only use 50M kernel memory.
+
+### Swappiness constraint
+
+By default, a container's kernel can swap out a percentage of anonymous pages.
+To set this percentage for a container, specify a `--memory-swappiness` value
+between 0 and 100. A value of 0 turns off anonymous page swapping. A value of
+100 sets all anonymous pages as swappable. By default, if you are not using
+`--memory-swappiness`, memory swappiness value will be inherited from the parent.
+
+For example, you can set:
+
+    $ docker run -it --memory-swappiness=0 ubuntu:14.04 /bin/bash
+
+Setting the `--memory-swappiness` option is helpful when you want to retain the
+container's working set and to avoid swapping performance penalties.
+
+### CPU share constraint
+
+By default, all containers get the same proportion of CPU cycles. This proportion
+can be modified by changing the container's CPU share weighting relative
+to the weighting of all other running containers.
+
+To modify the proportion from the default of 1024, use the `-c` or `--cpu-shares`
+flag to set the weighting to 2 or higher. If 0 is set, the system will ignore the
+value and use the default of 1024.
+
+The proportion will only apply when CPU-intensive processes are running.
+When tasks in one container are idle, other containers can use the
+left-over CPU time. The actual amount of CPU time will vary depending on
+the number of containers running on the system.
+
+For example, consider three containers, one has a cpu-share of 1024 and
+two others have a cpu-share setting of 512. When processes in all three
+containers attempt to use 100% of CPU, the first container would receive
+50% of the total CPU time. If you add a fourth container with a cpu-share
+of 1024, the first container only gets 33% of the CPU. The remaining containers
+receive 16.5%, 16.5% and 33% of the CPU.
+
+On a multi-core system, the shares of CPU time are distributed over all CPU
+cores. Even if a container is limited to less than 100% of CPU time, it can
+use 100% of each individual CPU core.
+
+For example, consider a system with more than three cores. If you start one
+container `{C0}` with `-c=512` running one process, and another container
+`{C1}` with `-c=1024` running two processes, this can result in the following
+division of CPU shares:
+
+    PID    container	CPU	CPU share
+    100    {C0}		0	100% of CPU0
+    101    {C1}		1	100% of CPU1
+    102    {C1}		2	100% of CPU2
+
+### CPU period constraint
+
+The default CPU CFS (Completely Fair Scheduler) period is 100ms. We can use
+`--cpu-period` to set the period of CPUs to limit the container's CPU usage.
+And usually `--cpu-period` should work with `--cpu-quota`.
+
+Examples:
+
+    $ docker run -it --cpu-period=50000 --cpu-quota=25000 ubuntu:14.04 /bin/bash
+
+If there is 1 CPU, this means the container can get 50% CPU worth of run-time every 50ms.
+
+For more information, see the [CFS documentation on bandwidth limiting](https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt).
+
+### Cpuset constraint
+
+We can set cpus in which to allow execution for containers.
+
+Examples:
+
+    $ docker run -it --cpuset-cpus="1,3" ubuntu:14.04 /bin/bash
+
+This means processes in container can be executed on cpu 1 and cpu 3.
+
+    $ docker run -it --cpuset-cpus="0-2" ubuntu:14.04 /bin/bash
+
+This means processes in container can be executed on cpu 0, cpu 1 and cpu 2.
+
+We can set mems in which to allow execution for containers. Only effective
+on NUMA systems.
+
+Examples:
+
+    $ docker run -it --cpuset-mems="1,3" ubuntu:14.04 /bin/bash
+
+This example restricts the processes in the container to only use memory from
+memory nodes 1 and 3.
+
+    $ docker run -it --cpuset-mems="0-2" ubuntu:14.04 /bin/bash
+
+This example restricts the processes in the container to only use memory from
+memory nodes 0, 1 and 2.
+
+### CPU quota constraint
+
+The `--cpu-quota` flag limits the container's CPU usage. The default 0 value
+allows the container to take 100% of a CPU resource (1 CPU). The CFS (Completely Fair
+Scheduler) handles resource allocation for executing processes and is default
+Linux Scheduler used by the kernel. Set this value to 50000 to limit the container
+to 50% of a CPU resource. For multiple CPUs, adjust the `--cpu-quota` as necessary.
+For more information, see the [CFS documentation on bandwidth limiting](https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt).
+
+### Block IO bandwidth (Blkio) constraint
+
+By default, all containers get the same proportion of block IO bandwidth
+(blkio). This proportion is 500. To modify this proportion, change the
+container's blkio weight relative to the weighting of all other running
+containers using the `--blkio-weight` flag.
+
+> **Note:** The blkio weight setting is only available for direct IO. Buffered IO
+> is not currently supported.
+
+The `--blkio-weight` flag can set the weighting to a value between 10 to 1000.
+For example, the commands below create two containers with different blkio
+weight:
+
+    $ docker run -it --name c1 --blkio-weight 300 ubuntu:14.04 /bin/bash
+    $ docker run -it --name c2 --blkio-weight 600 ubuntu:14.04 /bin/bash
+
+If you do block IO in the two containers at the same time, by, for example:
+
+    $ time dd if=/mnt/zerofile of=test.out bs=1M count=1024 oflag=direct
+
+You'll find that the proportion of time is the same as the proportion of blkio
+weights of the two containers.
+
+The `--blkio-weight-device="DEVICE_NAME:WEIGHT"` flag sets a specific device weight.
+The `DEVICE_NAME:WEIGHT` is a string containing a colon-separated device name and weight.
+For example, to set `/dev/sda` device weight to `200`:
+
+    $ docker run -it \
+        --blkio-weight-device "/dev/sda:200" \
+        ubuntu
+
+If you specify both the `--blkio-weight` and `--blkio-weight-device`, Docker
+uses the `--blkio-weight` as the default weight and uses `--blkio-weight-device`
+to override this default with a new value on a specific device.
+The following example uses a default weight of `300` and overrides this default
+on `/dev/sda` setting that weight to `200`:
+
+    $ docker run -it \
+        --blkio-weight 300 \
+        --blkio-weight-device "/dev/sda:200" \
+        ubuntu
+
+The `--device-read-bps` flag limits the read rate (bytes per second) from a device.
+For example, this command creates a container and limits the read rate to `1mb`
+per second from `/dev/sda`:
+
+    $ docker run -it --device-read-bps /dev/sda:1mb ubuntu
+
+The `--device-write-bps` flag limits the write rate (bytes per second)to a device.
+For example, this command creates a container and limits the write rate to `1mb`
+per second for `/dev/sda`:
+
+    $ docker run -it --device-write-bps /dev/sda:1mb ubuntu
+
+Both flags take limits in the `<device-path>:<limit>[unit]` format. Both read
+and write rates must be a positive integer. You can specify the rate in `kb`
+(kilobytes), `mb` (megabytes), or `gb` (gigabytes).
+
+The `--device-read-iops` flag limits read rate (IO per second) from a device.
+For example, this command creates a container and limits the read rate to
+`1000` IO per second from `/dev/sda`:
+
+    $ docker run -ti --device-read-iops /dev/sda:1000 ubuntu
+
+The `--device-write-iops` flag limits write rate (IO per second) to a device.
+For example, this command creates a container and limits the write rate to
+`1000` IO per second to `/dev/sda`:
+
+    $ docker run -ti --device-write-iops /dev/sda:1000 ubuntu
+
+Both flags take limits in the `<device-path>:<limit>` format. Both read and
+write rates must be a positive integer.
+
+## Additional groups
+    --group-add: Add additional groups to run as 
+
+By default, the docker container process runs with the supplementary groups looked
+up for the specified user. If one wants to add more to that list of groups, then
+one can use this flag:
+
+    $ docker run --rm --group-add audio --group-add nogroup --group-add 777 busybox id
+    uid=0(root) gid=0(root) groups=10(wheel),29(audio),99(nogroup),777
+
+## Runtime privilege and Linux capabilities
+
+    --cap-add: Add Linux capabilities
+    --cap-drop: Drop Linux capabilities
+    --privileged=false: Give extended privileges to this container
+    --device=[]: Allows you to run devices inside the container without the --privileged flag.
+
+> **Note:**
+> With Docker 1.10 and greater, the default seccomp profile will also block
+> syscalls, regardless of `--cap-add` passed to the container. We recommend in
+> these cases to create your own custom seccomp profile based off our
+> [default](https://github.com/docker/docker/blob/master/profiles/seccomp/default.json).
+> Or if you don't want to run with the default seccomp profile, you can pass
+> `--security-opt=seccomp=unconfined` on run.
+
+By default, Docker containers are "unprivileged" and cannot, for
+example, run a Docker daemon inside a Docker container. This is because
+by default a container is not allowed to access any devices, but a
+"privileged" container is given access to all devices (see
+the documentation on [cgroups devices](https://www.kernel.org/doc/Documentation/cgroups/devices.txt)).
+
+When the operator executes `docker run --privileged`, Docker will enable
+to access to all devices on the host as well as set some configuration
+in AppArmor or SELinux to allow the container nearly all the same access to the
+host as processes running outside containers on the host. Additional
+information about running with `--privileged` is available on the
+[Docker Blog](http://blog.docker.com/2013/09/docker-can-now-run-within-docker/).
+
+If you want to limit access to a specific device or devices you can use
+the `--device` flag. It allows you to specify one or more devices that
+will be accessible within the container.
+
+    $ docker run --device=/dev/snd:/dev/snd ...
+
+By default, the container will be able to `read`, `write`, and `mknod` these devices.
+This can be overridden using a third `:rwm` set of options to each `--device` flag:
+
+    $ docker run --device=/dev/sda:/dev/xvdc --rm -it ubuntu fdisk  /dev/xvdc
+
+    Command (m for help): q
+    $ docker run --device=/dev/sda:/dev/xvdc:r --rm -it ubuntu fdisk  /dev/xvdc
+    You will not be able to write the partition table.
+
+    Command (m for help): q
+
+    $ docker run --device=/dev/sda:/dev/xvdc:w --rm -it ubuntu fdisk  /dev/xvdc
+        crash....
+
+    $ docker run --device=/dev/sda:/dev/xvdc:m --rm -it ubuntu fdisk  /dev/xvdc
+    fdisk: unable to open /dev/xvdc: Operation not permitted
+
+In addition to `--privileged`, the operator can have fine grain control over the
+capabilities using `--cap-add` and `--cap-drop`. By default, Docker has a default
+list of capabilities that are kept. The following table lists the Linux capability options which can be added or dropped.
+
+| Capability Key   | Capability Description                                                                                                        |
+| ---------------- | ----------------------------------------------------------------------------------------------------------------------------- |
+| SETPCAP          | Modify process capabilities.                                                                                                  |
+| SYS_MODULE       | Load and unload kernel modules.                                                                                               |
+| SYS_RAWIO        | Perform I/O port operations (iopl(2) and ioperm(2)).                                                                          |
+| SYS_PACCT        | Use acct(2), switch process accounting on or off.                                                                             |
+| SYS_ADMIN        | Perform a range of system administration operations.                                                                          |
+| SYS_NICE         | Raise process nice value (nice(2), setpriority(2)) and change the nice value for arbitrary processes.                         |
+| SYS_RESOURCE     | Override resource Limits.                                                                                                     |
+| SYS_TIME         | Set system clock (settimeofday(2), stime(2), adjtimex(2)); set real-time (hardware) clock.                                    |
+| SYS_TTY_CONFIG   | Use vhangup(2); employ various privileged ioctl(2) operations on virtual terminals.                                           |
+| MKNOD            | Create special files using mknod(2).                                                                                          |
+| AUDIT_WRITE      | Write records to kernel auditing log.                                                                                         |
+| AUDIT_CONTROL    | Enable and disable kernel auditing; change auditing filter rules; retrieve auditing status and filtering rules.               |
+| MAC_OVERRIDE     | Allow MAC configuration or state changes. Implemented for the Smack LSM.                                                      |
+| MAC_ADMIN        | Override Mandatory Access Control (MAC). Implemented for the Smack Linux Security Module (LSM).                               |
+| NET_ADMIN        | Perform various network-related operations.                                                                                   |
+| SYSLOG           | Perform privileged syslog(2) operations.                                                                                      |
+| CHOWN            | Make arbitrary changes to file UIDs and GIDs (see chown(2)).                                                                  |
+| NET_RAW          | Use RAW and PACKET sockets.                                                                                                   |
+| DAC_OVERRIDE     | Bypass file read, write, and execute permission checks.                                                                       |
+| FOWNER           | Bypass permission checks on operations that normally require the file system UID of the process to match the UID of the file. |
+| DAC_READ_SEARCH  | Bypass file read permission checks and directory read and execute permission checks.                                          |
+| FSETID           | Don't clear set-user-ID and set-group-ID permission bits when a file is modified.                                             |
+| KILL             | Bypass permission checks for sending signals.                                                                                 |
+| SETGID           | Make arbitrary manipulations of process GIDs and supplementary GID list.                                                      |
+| SETUID           | Make arbitrary manipulations of process UIDs.                                                                                 |
+| LINUX_IMMUTABLE  | Set the FS_APPEND_FL and FS_IMMUTABLE_FL i-node flags.                                                                        |
+| NET_BIND_SERVICE | Bind a socket to internet domain privileged ports (port numbers less than 1024).                                              |
+| NET_BROADCAST    | Make socket broadcasts, and listen to multicasts.                                                                             |
+| IPC_LOCK         | Lock memory (mlock(2), mlockall(2), mmap(2), shmctl(2)).                                                                      |
+| IPC_OWNER        | Bypass permission checks for operations on System V IPC objects.                                                              |
+| SYS_CHROOT       | Use chroot(2), change root directory.                                                                                         |
+| SYS_PTRACE       | Trace arbitrary processes using ptrace(2).                                                                                    |
+| SYS_BOOT         | Use reboot(2) and kexec_load(2), reboot and load a new kernel for later execution.                                            |
+| LEASE            | Establish leases on arbitrary files (see fcntl(2)).                                                                           |
+| SETFCAP          | Set file capabilities.                                                                                                        |
+| WAKE_ALARM       | Trigger something that will wake up the system.                                                                               |
+| BLOCK_SUSPEND    | Employ features that can block system suspend.                                                                                 
+
+Further reference information is available on the [capabilities(7) - Linux man page](http://linux.die.net/man/7/capabilities)
+
+Both flags support the value `ALL`, so if the
+operator wants to have all capabilities but `MKNOD` they could use:
+
+    $ docker run --cap-add=ALL --cap-drop=MKNOD ...
+
+For interacting with the network stack, instead of using `--privileged` they
+should use `--cap-add=NET_ADMIN` to modify the network interfaces.
+
+    $ docker run -it --rm  ubuntu:14.04 ip link add dummy0 type dummy
+    RTNETLINK answers: Operation not permitted
+    $ docker run -it --rm --cap-add=NET_ADMIN ubuntu:14.04 ip link add dummy0 type dummy
+
+To mount a FUSE based filesystem, you need to combine both `--cap-add` and
+`--device`:
+
+    $ docker run --rm -it --cap-add SYS_ADMIN sshfs sshfs sven@10.10.10.20:/home/sven /mnt
+    fuse: failed to open /dev/fuse: Operation not permitted
+    $ docker run --rm -it --device /dev/fuse sshfs sshfs sven@10.10.10.20:/home/sven /mnt
+    fusermount: mount failed: Operation not permitted
+    $ docker run --rm -it --cap-add SYS_ADMIN --device /dev/fuse sshfs
+    # sshfs sven@10.10.10.20:/home/sven /mnt
+    The authenticity of host '10.10.10.20 (10.10.10.20)' can't be established.
+    ECDSA key fingerprint is 25:34:85:75:25:b0:17:46:05:19:04:93:b5:dd:5f:c6.
+    Are you sure you want to continue connecting (yes/no)? yes
+    sven@10.10.10.20's password:
+    root@30aa0cfaf1b5:/# ls -la /mnt/src/docker
+    total 1516
+    drwxrwxr-x 1 1000 1000   4096 Dec  4 06:08 .
+    drwxrwxr-x 1 1000 1000   4096 Dec  4 11:46 ..
+    -rw-rw-r-- 1 1000 1000     16 Oct  8 00:09 .dockerignore
+    -rwxrwxr-x 1 1000 1000    464 Oct  8 00:09 .drone.yml
+    drwxrwxr-x 1 1000 1000   4096 Dec  4 06:11 .git
+    -rw-rw-r-- 1 1000 1000    461 Dec  4 06:08 .gitignore
+    ....
+
+
+## Logging drivers (--log-driver)
+
+The container can have a different logging driver than the Docker daemon. Use
+the `--log-driver=VALUE` with the `docker run` command to configure the
+container's logging driver. The following options are supported:
+
+| Driver      | Description                                                                                                                   |
+| ----------- | ----------------------------------------------------------------------------------------------------------------------------- |
+| `none`      | Disables any logging for the container. `docker logs` won't be available with this driver.                                    |
+| `json-file` | Default logging driver for Docker. Writes JSON messages to file.  No logging options are supported for this driver.           |
+| `syslog`    | Syslog logging driver for Docker. Writes log messages to syslog.                                                              |
+| `journald`  | Journald logging driver for Docker. Writes log messages to `journald`.                                                        |
+| `gelf`      | Graylog Extended Log Format (GELF) logging driver for Docker. Writes log messages to a GELF endpoint likeGraylog or Logstash. |
+| `fluentd`   | Fluentd logging driver for Docker. Writes log messages to `fluentd` (forward input).                                          |
+| `awslogs`   | Amazon CloudWatch Logs logging driver for Docker. Writes log messages to Amazon CloudWatch Logs                               |
+| `splunk`    | Splunk logging driver for Docker. Writes log messages to `splunk` using Event Http Collector.                                 |
+
+The `docker logs` command is available only for the `json-file` and `journald`
+logging drivers.  For detailed information on working with logging drivers, see
+[Configure a logging driver](../admin/logging/overview.md).
+
+
+## Overriding Dockerfile image defaults
+
+When a developer builds an image from a [*Dockerfile*](builder.md)
+or when she commits it, the developer can set a number of default parameters
+that take effect when the image starts up as a container.
+
+Four of the Dockerfile commands cannot be overridden at runtime: `FROM`,
+`MAINTAINER`, `RUN`, and `ADD`. Everything else has a corresponding override
+in `docker run`. We'll go through what the developer might have set in each
+Dockerfile instruction and how the operator can override that setting.
+
+ - [CMD (Default Command or Options)](#cmd-default-command-or-options)
+ - [ENTRYPOINT (Default Command to Execute at Runtime)](
+    #entrypoint-default-command-to-execute-at-runtime)
+ - [EXPOSE (Incoming Ports)](#expose-incoming-ports)
+ - [ENV (Environment Variables)](#env-environment-variables)
+ - [VOLUME (Shared Filesystems)](#volume-shared-filesystems)
+ - [USER](#user)
+ - [WORKDIR](#workdir)
+
+### CMD (default command or options)
+
+Recall the optional `COMMAND` in the Docker
+commandline:
+
+    $ docker run [OPTIONS] IMAGE[:TAG|@DIGEST] [COMMAND] [ARG...]
+
+This command is optional because the person who created the `IMAGE` may
+have already provided a default `COMMAND` using the Dockerfile `CMD`
+instruction. As the operator (the person running a container from the
+image), you can override that `CMD` instruction just by specifying a new
+`COMMAND`.
+
+If the image also specifies an `ENTRYPOINT` then the `CMD` or `COMMAND`
+get appended as arguments to the `ENTRYPOINT`.
+
+### ENTRYPOINT (default command to execute at runtime)
+
+    --entrypoint="": Overwrite the default entrypoint set by the image
+
+The `ENTRYPOINT` of an image is similar to a `COMMAND` because it
+specifies what executable to run when the container starts, but it is
+(purposely) more difficult to override. The `ENTRYPOINT` gives a
+container its default nature or behavior, so that when you set an
+`ENTRYPOINT` you can run the container *as if it were that binary*,
+complete with default options, and you can pass in more options via the
+`COMMAND`. But, sometimes an operator may want to run something else
+inside the container, so you can override the default `ENTRYPOINT` at
+runtime by using a string to specify the new `ENTRYPOINT`. Here is an
+example of how to run a shell in a container that has been set up to
+automatically run something else (like `/usr/bin/redis-server`):
+
+    $ docker run -it --entrypoint /bin/bash example/redis
+
+or two examples of how to pass more parameters to that ENTRYPOINT:
+
+    $ docker run -it --entrypoint /bin/bash example/redis -c ls -l
+    $ docker run -it --entrypoint /usr/bin/redis-cli example/redis --help
+
+### EXPOSE (incoming ports)
+
+The following `run` command options work with container networking:
+
+    --expose=[]: Expose a port or a range of ports inside the container.
+                 These are additional to those exposed by the `EXPOSE` instruction
+    -P         : Publish all exposed ports to the host interfaces
+    -p=[]      : Publish a container᾿s port or a range of ports to the host
+                   format: ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort | containerPort
+                   Both hostPort and containerPort can be specified as a
+                   range of ports. When specifying ranges for both, the
+                   number of container ports in the range must match the
+                   number of host ports in the range, for example:
+                       -p 1234-1236:1234-1236/tcp
+
+                   When specifying a range for hostPort only, the
+                   containerPort must not be a range.  In this case the
+                   container port is published somewhere within the
+                   specified hostPort range. (e.g., `-p 1234-1236:1234/tcp`)
+
+                   (use 'docker port' to see the actual mapping)
+
+    --link=""  : Add link to another container (<name or id>:alias or <name or id>)
+
+With the exception of the `EXPOSE` directive, an image developer hasn't
+got much control over networking. The `EXPOSE` instruction defines the
+initial incoming ports that provide services. These ports are available
+to processes inside the container. An operator can use the `--expose`
+option to add to the exposed ports.
+
+To expose a container's internal port, an operator can start the
+container with the `-P` or `-p` flag. The exposed port is accessible on
+the host and the ports are available to any client that can reach the
+host.
+
+The `-P` option publishes all the ports to the host interfaces. Docker
+binds each exposed port to a random port on the host. The range of
+ports are within an *ephemeral port range* defined by
+`/proc/sys/net/ipv4/ip_local_port_range`. Use the `-p` flag to
+explicitly map a single port or range of ports.
+
+The port number inside the container (where the service listens) does
+not need to match the port number exposed on the outside of the
+container (where clients connect). For example, inside the container an
+HTTP service is listening on port 80 (and so the image developer
+specifies `EXPOSE 80` in the Dockerfile). At runtime, the port might be
+bound to 42800 on the host. To find the mapping between the host ports
+and the exposed ports, use `docker port`.
+
+If the operator uses `--link` when starting a new client container in the
+default bridge network, then the client container can access the exposed
+port via a private networking interface.
+If `--link` is used when starting a container in a user-defined network as
+described in [*Docker network overview*""](../userguide/networking/index.md)),
+it will provide a named alias for the container being linked to.
+
+### ENV (environment variables)
+
+When a new container is created, Docker will set the following environment
+variables automatically:
+
+<table>
+ <tr>
+  <th>Variable</th>
+  <th>Value</th>
+ </tr>
+ <tr>
+  <td><code>HOME</code></td>
+  <td>
+    Set based on the value of <code>USER</code>
+  </td>
+ </tr>
+ <tr>
+  <td><code>HOSTNAME</code></td>
+  <td>
+    The hostname associated with the container
+  </td>
+ </tr>
+ <tr>
+  <td><code>PATH</code></td>
+  <td>
+    Includes popular directories, such as :<br>
+    <code>/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin</code>
+  </td>
+ <tr>
+  <td><code>TERM</code></td>
+  <td><code>xterm</code> if the container is allocated a pseudo-TTY</td>
+ </tr>
+</table>
+
+Additionally, the operator can **set any environment variable** in the
+container by using one or more `-e` flags, even overriding those mentioned
+above, or already defined by the developer with a Dockerfile `ENV`:
+
+    $ docker run -e "deep=purple" --rm ubuntu /bin/bash -c export
+    declare -x HOME="/"
+    declare -x HOSTNAME="85bc26a0e200"
+    declare -x OLDPWD
+    declare -x PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+    declare -x PWD="/"
+    declare -x SHLVL="1"
+    declare -x deep="purple"
+
+Similarly the operator can set the **hostname** with `-h`.
+
+### TMPFS (mount tmpfs filesystems)
+
+```bash
+--tmpfs=[]: Create a tmpfs mount with: container-dir[:<options>],
+            where the options are identical to the Linux
+            'mount -t tmpfs -o' command.
+```
+
+The example below mounts an empty tmpfs into the container with the `rw`,
+`noexec`, `nosuid`, and `size=65536k` options.
+
+    $ docker run -d --tmpfs /run:rw,noexec,nosuid,size=65536k my_image
+
+### VOLUME (shared filesystems)
+
+    -v, --volume=[host-src:]container-dest[:<options>]: Bind mount a volume.
+    The comma-delimited `options` are [rw|ro], [z|Z],
+    [[r]shared|[r]slave|[r]private], and [nocopy].
+    The 'host-src' is an absolute path or a name value.
+
+    If neither 'rw' or 'ro' is specified then the volume is mounted in
+    read-write mode.
+
+    The `nocopy` modes is used to disable automatic copying requested volume
+    path in the container to the volume storage location.
+    For named volumes, `copy` is the default mode. Copy modes are not supported
+    for bind-mounted volumes.
+
+    --volumes-from="": Mount all volumes from the given container(s)
+
+> **Note**:
+> When using systemd to manage the Docker daemon's start and stop, in the systemd
+> unit file there is an option to control mount propagation for the Docker daemon
+> itself, called `MountFlags`. The value of this setting may cause Docker to not
+> see mount propagation changes made on the mount point. For example, if this value
+> is `slave`, you may not be able to use the `shared` or `rshared` propagation on
+> a volume.
+
+The volumes commands are complex enough to have their own documentation
+in section [*Managing data in
+containers*](../userguide/containers/dockervolumes.md). A developer can define
+one or more `VOLUME`'s associated with an image, but only the operator
+can give access from one container to another (or from a container to a
+volume mounted on the host).
+
+The `container-dest` must always be an absolute path such as `/src/docs`.
+The `host-src` can either be an absolute path or a `name` value. If you
+supply an absolute path for the `host-dir`, Docker bind-mounts to the path
+you specify. If you supply a `name`, Docker creates a named volume by that `name`.
+
+A `name` value must start with start with an alphanumeric character,
+followed by `a-z0-9`, `_` (underscore), `.` (period) or `-` (hyphen).
+An absolute path starts with a `/` (forward slash).
+
+For example, you can specify either `/foo` or `foo` for a `host-src` value.
+If you supply the `/foo` value, Docker creates a bind-mount. If you supply
+the `foo` specification, Docker creates a named volume.
+
+### USER
+
+`root` (id = 0) is the default user within a container. The image developer can
+create additional users. Those users are accessible by name.  When passing a numeric
+ID, the user does not have to exist in the container.
+
+The developer can set a default user to run the first process with the
+Dockerfile `USER` instruction. When starting a container, the operator can override
+the `USER` instruction by passing the `-u` option.
+
+    -u="", --user="": Sets the username or UID used and optionally the groupname or GID for the specified command.
+ 
+    The followings examples are all valid:
+    --user=[ user | user:group | uid | uid:gid | user:gid | uid:group ]
+
+> **Note:** if you pass a numeric uid, it must be in the range of 0-2147483647.
+
+### WORKDIR
+
+The default working directory for running binaries within a container is the
+root directory (`/`), but the developer can set a different default with the
+Dockerfile `WORKDIR` command. The operator can override this with:
+
+    -w="": Working directory inside the container
diff --git a/docs/security/apparmor.md b/docs/security/apparmor.md
new file mode 100644
index 00000000..b0998f84
--- /dev/null
+++ b/docs/security/apparmor.md
@@ -0,0 +1,183 @@
+<!-- [metadata]>
++++
+title = "AppArmor security profiles for Docker"
+description = "Enabling AppArmor in Docker"
+keywords = ["AppArmor, security, docker, documentation"]
+[menu.main]
+parent= "smn_secure_docker"
+weight=5
++++
+<![end-metadata]-->
+
+# AppArmor security profiles for Docker
+
+AppArmor (Application Armor) is a Linux security module that protects an
+operating system and its applications from security threats. To use it, a system
+administrator associates an AppArmor security profile with each program. Docker
+expects to find an AppArmor policy loaded and enforced.
+
+Docker automatically loads container profiles. The Docker binary installs
+a `docker-default` profile in the `/etc/apparmor.d/docker` file. This profile
+is used on containers, _not_ on the Docker Daemon.
+
+A profile for the Docker Engine Daemon exists but it is not currently installed 
+with the deb packages. If you are interested in the source for the Daemon
+profile, it is located in
+[contrib/apparmor](https://github.com/docker/docker/tree/master/contrib/apparmor)
+in the Docker Engine source repository.
+
+## Understand the policies
+
+The `docker-default` profile is the default for running containers. It is
+moderately protective while providing wide application compatibility. The
+profile is the following:
+
+```
+#include <tunables/global>
+
+
+profile docker-default flags=(attach_disconnected,mediate_deleted) {
+
+  #include <abstractions/base>
+
+
+  network,
+  capability,
+  file,
+  umount,
+
+  deny @{PROC}/{*,**^[0-9*],sys/kernel/shm*} wkx,
+  deny @{PROC}/sysrq-trigger rwklx,
+  deny @{PROC}/mem rwklx,
+  deny @{PROC}/kmem rwklx,
+  deny @{PROC}/kcore rwklx,
+
+  deny mount,
+
+  deny /sys/[^f]*/** wklx,
+  deny /sys/f[^s]*/** wklx,
+  deny /sys/fs/[^c]*/** wklx,
+  deny /sys/fs/c[^g]*/** wklx,
+  deny /sys/fs/cg[^r]*/** wklx,
+  deny /sys/firmware/efi/efivars/** rwklx,
+  deny /sys/kernel/security/** rwklx,
+}
+```
+
+When you run a container, it uses the `docker-default` policy unless you
+override it with the `security-opt` option. For example, the following
+explicitly specifies the default policy:
+
+```bash
+$ docker run --rm -it --security-opt apparmor=docker-default hello-world
+```
+
+## Loading and Unloading Profiles
+
+To load a new profile into AppArmor, for use with containers:
+
+```
+$ apparmor_parser -r -W /path/to/your_profile
+```
+
+Then you can run the custom profile with `--security-opt` like so:
+
+```bash
+$ docker run --rm -it --security-opt apparmor=your_profile hello-world
+```
+
+To unload a profile from AppArmor:
+
+```bash
+# stop apparmor
+$ /etc/init.d/apparmor stop
+# unload the profile
+$ apparmor_parser -R /path/to/profile
+# start apparmor
+$ /etc/init.d/apparmor start
+```
+
+## Debugging AppArmor
+
+### Using `dmesg`
+
+Here are some helpful tips for debugging any problems you might be facing with
+regard to AppArmor.
+
+AppArmor sends quite verbose messaging to `dmesg`. Usually an AppArmor line
+will look like the following:
+
+```
+[ 5442.864673] audit: type=1400 audit(1453830992.845:37): apparmor="ALLOWED" operation="open" profile="/usr/bin/docker" name="/home/jessie/docker/man/man1/docker-attach.1" pid=10923 comm="docker" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
+```
+
+In the above example, the you can see `profile=/usr/bin/docker`. This means the
+user has the `docker-engine` (Docker Engine Daemon) profile loaded.
+
+> **Note:** On version of Ubuntu > 14.04 this is all fine and well, but Trusty
+> users might run into some issues when trying to `docker exec`.
+
+Let's look at another log line:
+
+```
+[ 3256.689120] type=1400 audit(1405454041.341:73): apparmor="DENIED" operation="ptrace" profile="docker-default" pid=17651 comm="docker" requested_mask="receive" denied_mask="receive"
+```
+
+This time the profile is `docker-default`, which is run on containers by
+default unless in `privileged` mode. It is telling us, that apparmor has denied
+`ptrace` in the container. This is great.
+
+### Using `aa-status`
+
+If you need to check which profiles are loaded you can use `aa-status`. The
+output looks like:
+
+```bash
+$ sudo aa-status
+apparmor module is loaded.
+14 profiles are loaded.
+1 profiles are in enforce mode.
+   docker-default
+13 profiles are in complain mode.
+   /usr/bin/docker
+   /usr/bin/docker///bin/cat
+   /usr/bin/docker///bin/ps
+   /usr/bin/docker///sbin/apparmor_parser
+   /usr/bin/docker///sbin/auplink
+   /usr/bin/docker///sbin/blkid
+   /usr/bin/docker///sbin/iptables
+   /usr/bin/docker///sbin/mke2fs
+   /usr/bin/docker///sbin/modprobe
+   /usr/bin/docker///sbin/tune2fs
+   /usr/bin/docker///sbin/xtables-multi
+   /usr/bin/docker///sbin/zfs
+   /usr/bin/docker///usr/bin/xz
+38 processes have profiles defined.
+37 processes are in enforce mode.
+   docker-default (6044)
+   ...
+   docker-default (31899)
+1 processes are in complain mode.
+   /usr/bin/docker (29756)
+0 processes are unconfined but have a profile defined.
+```
+
+In the above output you can tell that the `docker-default` profile running on
+various container PIDs is in `enforce` mode. This means AppArmor will actively
+block and audit in `dmesg` anything outside the bounds of the `docker-default`
+profile.
+
+The output above also shows the `/usr/bin/docker` (Docker Engine Daemon)
+profile is running in `complain` mode. This means AppArmor will _only_ log to
+`dmesg` activity outside the bounds of the profile. (Except in the case of
+Ubuntu Trusty, where we have seen some interesting behaviors being enforced.)
+
+## Contributing to AppArmor code in Docker
+
+Advanced users and package managers can find a profile for `/usr/bin/docker`
+(Docker Engine Daemon) underneath
+[contrib/apparmor](https://github.com/docker/docker/tree/master/contrib/apparmor)
+in the Docker Engine source repository.
+
+The `docker-default` profile for containers lives in
+[profiles/apparmor](https://github.com/docker/docker/tree/master/profiles/apparmor).
diff --git a/docs/security/certificates.md b/docs/security/certificates.md
new file mode 100644
index 00000000..5684e331
--- /dev/null
+++ b/docs/security/certificates.md
@@ -0,0 +1,85 @@
+<!--[metadata]>
++++
+aliases = ["/engine/articles/certificates/"]
+title = "Using certificates for repository client verification"
+description = "How to set up and use certificates with a registry to verify access"
+keywords = ["Usage, registry, repository, client, root, certificate, docker, apache, ssl, tls, documentation, examples, articles,  tutorials"]
+[menu.main]
+parent = "smn_secure_docker"
++++
+<![end-metadata]-->
+
+# Using certificates for repository client verification
+
+In [Running Docker with HTTPS](https.md), you learned that, by default,
+Docker runs via a non-networked Unix socket and TLS must be enabled in order
+to have the Docker client and the daemon communicate securely over HTTPS.  TLS ensures authenticity of the registry endpoint and that traffic to/from registry is encrypted.
+
+This article demonstrates how to ensure the traffic between the Docker registry (i.e., *a server*) and the Docker daemon (i.e., *a client*) traffic is encrypted and a properly authenticated using *certificate-based client-server authentication*.
+
+We will show you how to install a Certificate Authority (CA) root certificate
+for the registry and how to set the client TLS certificate for verification.
+
+## Understanding the configuration
+
+A custom certificate is configured by creating a directory under
+`/etc/docker/certs.d` using the same name as the registry's hostname (e.g.,
+`localhost`). All `*.crt` files are added to this directory as CA roots.
+
+> **Note:**
+> In the absence of any root certificate authorities, Docker
+> will use the system default (i.e., host's root CA set).
+
+The presence of one or more `<filename>.key/cert` pairs indicates to Docker
+that there are custom certificates required for access to the desired
+repository.
+
+> **Note:**
+> If there are multiple certificates, each will be tried in alphabetical
+> order. If there is an authentication error (e.g., 403, 404, 5xx, etc.), Docker
+> will continue to try with the next certificate.
+
+The following illustrates a configuration with multiple certs:
+
+```
+    /etc/docker/certs.d/        <-- Certificate directory
+    └── localhost               <-- Hostname
+       ├── client.cert          <-- Client certificate
+       ├── client.key           <-- Client key
+       └── localhost.crt        <-- Certificate authority that signed
+                                    the registry certificate
+```
+
+The preceding example is operating-system specific and is for illustrative
+purposes only. You should consult your operating system documentation for
+creating an os-provided bundled certificate chain.
+
+
+## Creating the client certificates
+
+You will use OpenSSL's `genrsa` and `req` commands to first generate an RSA
+key and then use the key to create the certificate.   
+
+    $ openssl genrsa -out client.key 4096
+    $ openssl req -new -x509 -text -key client.key -out client.cert
+
+> **Note:**
+> These TLS commands will only generate a working set of certificates on Linux.
+> The version of OpenSSL in Mac OS X is incompatible with the type of
+> certificate Docker requires.
+
+## Troubleshooting tips
+
+The Docker daemon interprets ``.crt` files as CA certificates and `.cert` files
+as client certificates. If a CA certificate is accidentally given the extension
+`.cert` instead of the correct `.crt` extension, the Docker daemon logs the
+following error message:
+
+```
+Missing key KEY_NAME for client certificate CERT_NAME. Note that CA certificates should use the extension .crt.
+```
+
+## Related Information
+
+* [Use trusted images](index.md)
+* [Protect the Docker daemon socket](https.md)
diff --git a/docs/security/https.md b/docs/security/https.md
new file mode 100644
index 00000000..1b2619cb
--- /dev/null
+++ b/docs/security/https.md
@@ -0,0 +1,216 @@
+<!--[metadata]>
++++
+aliases = ["/engine/articles/https/"]
+title = "Protect the Docker daemon socket"
+description = "How to setup and run Docker with HTTPS"
+keywords = ["docker, docs, article, example, https, daemon, tls, ca,  certificate"]
+[menu.main]
+parent = "smn_secure_docker"
++++
+<![end-metadata]-->
+
+# Protect the Docker daemon socket
+
+By default, Docker runs via a non-networked Unix socket. It can also
+optionally communicate using a HTTP socket.
+
+If you need Docker to be reachable via the network in a safe manner, you can
+enable TLS by specifying the `tlsverify` flag and pointing Docker's
+`tlscacert` flag to a trusted CA certificate.
+
+In the daemon mode, it will only allow connections from clients
+authenticated by a certificate signed by that CA. In the client mode,
+it will only connect to servers with a certificate signed by that CA.
+
+> **Warning**:
+> Using TLS and managing a CA is an advanced topic. Please familiarize yourself
+> with OpenSSL, x509 and TLS before using it in production.
+
+> **Warning**:
+> These TLS commands will only generate a working set of certificates on Linux.
+> Mac OS X comes with a version of OpenSSL that is incompatible with the
+> certificates that Docker requires.
+
+## Create a CA, server and client keys with OpenSSL
+
+> **Note**: replace all instances of `$HOST` in the following example with the
+> DNS name of your Docker daemon's host.
+
+First generate CA private and public keys:
+
+    $ openssl genrsa -aes256 -out ca-key.pem 4096
+    Generating RSA private key, 4096 bit long modulus
+    ............................................................................................................................................................................................++
+    ........++
+    e is 65537 (0x10001)
+    Enter pass phrase for ca-key.pem:
+    Verifying - Enter pass phrase for ca-key.pem:
+    $ openssl req -new -x509 -days 365 -key ca-key.pem -sha256 -out ca.pem
+    Enter pass phrase for ca-key.pem:
+    You are about to be asked to enter information that will be incorporated
+    into your certificate request.
+    What you are about to enter is what is called a Distinguished Name or a DN.
+    There are quite a few fields but you can leave some blank
+    For some fields there will be a default value,
+    If you enter '.', the field will be left blank.
+    -----
+    Country Name (2 letter code) [AU]:
+    State or Province Name (full name) [Some-State]:Queensland
+    Locality Name (eg, city) []:Brisbane
+    Organization Name (eg, company) [Internet Widgits Pty Ltd]:Docker Inc
+    Organizational Unit Name (eg, section) []:Sales
+    Common Name (e.g. server FQDN or YOUR name) []:$HOST
+    Email Address []:Sven@home.org.au
+
+Now that we have a CA, you can create a server key and certificate
+signing request (CSR). Make sure that "Common Name" (i.e., server FQDN or YOUR
+name) matches the hostname you will use to connect to Docker:
+
+> **Note**: replace all instances of `$HOST` in the following example with the
+> DNS name of your Docker daemon's host.
+
+    $ openssl genrsa -out server-key.pem 4096
+    Generating RSA private key, 4096 bit long modulus
+    .....................................................................++
+    .................................................................................................++
+    e is 65537 (0x10001)
+    $ openssl req -subj "/CN=$HOST" -sha256 -new -key server-key.pem -out server.csr
+
+Next, we're going to sign the public key with our CA:
+
+Since TLS connections can be made via IP address as well as DNS name, they need
+to be specified when creating the certificate. For example, to allow connections
+using `10.10.10.20` and `127.0.0.1`:
+
+    $ echo subjectAltName = IP:10.10.10.20,IP:127.0.0.1 > extfile.cnf
+
+    $ openssl x509 -req -days 365 -sha256 -in server.csr -CA ca.pem -CAkey ca-key.pem \
+      -CAcreateserial -out server-cert.pem -extfile extfile.cnf
+    Signature ok
+    subject=/CN=your.host.com
+    Getting CA Private Key
+    Enter pass phrase for ca-key.pem:
+
+For client authentication, create a client key and certificate signing
+request:
+
+    $ openssl genrsa -out key.pem 4096
+    Generating RSA private key, 4096 bit long modulus
+    .........................................................++
+    ................++
+    e is 65537 (0x10001)
+    $ openssl req -subj '/CN=client' -new -key key.pem -out client.csr
+
+To make the key suitable for client authentication, create an extensions
+config file:
+
+    $ echo extendedKeyUsage = clientAuth > extfile.cnf
+
+Now sign the public key:
+
+    $ openssl x509 -req -days 365 -sha256 -in client.csr -CA ca.pem -CAkey ca-key.pem \
+      -CAcreateserial -out cert.pem -extfile extfile.cnf
+    Signature ok
+    subject=/CN=client
+    Getting CA Private Key
+    Enter pass phrase for ca-key.pem:
+
+After generating `cert.pem` and `server-cert.pem` you can safely remove the
+two certificate signing requests:
+
+    $ rm -v client.csr server.csr
+
+With a default `umask` of 022, your secret keys will be *world-readable* and
+writable for you and your group.
+
+In order to protect your keys from accidental damage, you will want to remove their
+write permissions. To make them only readable by you, change file modes as follows:
+
+    $ chmod -v 0400 ca-key.pem key.pem server-key.pem
+
+Certificates can be world-readable, but you might want to remove write access to
+prevent accidental damage:
+
+    $ chmod -v 0444 ca.pem server-cert.pem cert.pem
+
+Now you can make the Docker daemon only accept connections from clients
+providing a certificate trusted by our CA:
+
+    $ docker daemon --tlsverify --tlscacert=ca.pem --tlscert=server-cert.pem --tlskey=server-key.pem \
+      -H=0.0.0.0:2376
+
+To be able to connect to Docker and validate its certificate, you now
+need to provide your client keys, certificates and trusted CA:
+
+> **Note**: replace all instances of `$HOST` in the following example with the
+> DNS name of your Docker daemon's host.
+
+    $ docker --tlsverify --tlscacert=ca.pem --tlscert=cert.pem --tlskey=key.pem \
+      -H=$HOST:2376 version
+
+> **Note**:
+> Docker over TLS should run on TCP port 2376.
+
+> **Warning**:
+> As shown in the example above, you don't have to run the `docker` client
+> with `sudo` or the `docker` group when you use certificate authentication.
+> That means anyone with the keys can give any instructions to your Docker
+> daemon, giving them root access to the machine hosting the daemon. Guard
+> these keys as you would a root password!
+
+## Secure by default
+
+If you want to secure your Docker client connections by default, you can move
+the files to the `.docker` directory in your home directory -- and set the
+`DOCKER_HOST` and `DOCKER_TLS_VERIFY` variables as well (instead of passing
+`-H=tcp://$HOST:2376` and `--tlsverify` on every call).
+
+    $ mkdir -pv ~/.docker
+    $ cp -v {ca,cert,key}.pem ~/.docker
+    $ export DOCKER_HOST=tcp://$HOST:2376 DOCKER_TLS_VERIFY=1
+
+Docker will now connect securely by default:
+
+    $ docker ps
+
+## Other modes
+
+If you don't want to have complete two-way authentication, you can run
+Docker in various other modes by mixing the flags.
+
+### Daemon modes
+
+ - `tlsverify`, `tlscacert`, `tlscert`, `tlskey` set: Authenticate clients
+ - `tls`, `tlscert`, `tlskey`: Do not authenticate clients
+
+### Client modes
+
+ - `tls`: Authenticate server based on public/default CA pool
+ - `tlsverify`, `tlscacert`: Authenticate server based on given CA
+ - `tls`, `tlscert`, `tlskey`: Authenticate with client certificate, do not
+   authenticate server based on given CA
+ - `tlsverify`, `tlscacert`, `tlscert`, `tlskey`: Authenticate with client
+   certificate and authenticate server based on given CA
+
+If found, the client will send its client certificate, so you just need
+to drop your keys into `~/.docker/{ca,cert,key}.pem`. Alternatively,
+if you want to store your keys in another location, you can specify that
+location using the environment variable `DOCKER_CERT_PATH`.
+
+    $ export DOCKER_CERT_PATH=~/.docker/zone1/
+    $ docker --tlsverify ps
+
+### Connecting to the secure Docker port using `curl`
+
+To use `curl` to make test API requests, you need to use three extra command line
+flags:
+
+    $ curl https://$HOST:2376/images/json \
+      --cert ~/.docker/cert.pem \
+      --key ~/.docker/key.pem \
+      --cacert ~/.docker/ca.pem
+
+## Related information
+
+* [Using certificates for repository client verification](certificates.md)
+* [Use trusted images](trust/index.md)
diff --git a/docs/security/https/Dockerfile b/docs/security/https/Dockerfile
new file mode 100644
index 00000000..a3cc132c
--- /dev/null
+++ b/docs/security/https/Dockerfile
@@ -0,0 +1,10 @@
+FROM debian
+
+RUN apt-get update && apt-get install -yq openssl
+
+ADD make_certs.sh /
+
+
+WORKDIR /data
+VOLUME ["/data"]
+CMD /make_certs.sh
diff --git a/docs/security/https/Makefile b/docs/security/https/Makefile
new file mode 100644
index 00000000..3c846974
--- /dev/null
+++ b/docs/security/https/Makefile
@@ -0,0 +1,24 @@
+
+HOST:=boot2docker
+
+makescript:
+	./parsedocs.sh > make_certs.sh
+
+build: clean makescript
+	docker build -t makecerts .
+
+cert: build
+	docker run --rm -it -v $(CURDIR):/data -e HOST=$(HOST) -e YOUR_PUBLIC_IP=$(shell ip a | grep "inet " | sed "s/.*inet \([0-9.]*\)\/.*/\1/" | xargs echo | sed "s/ /,IP:/g") makecerts
+
+certs: cert
+
+run:
+	sudo docker daemon -D --tlsverify --tlscacert=ca.pem --tlscert=server-cert.pem --tlskey=server-key.pem -H=0.0.0.0:6666 --pidfile=$(pwd)/docker.pid --graph=$(pwd)/graph
+
+client:
+	sudo docker --tls --tlscacert=ca.pem --tlscert=cert.pem --tlskey=key.pem   -H=$(HOST):6666 version
+	sudo docker --tlsverify --tlscacert=ca.pem --tlscert=cert.pem --tlskey=key.pem   -H=$(HOST):6666 info
+	sudo curl https://$(HOST):6666/images/json --cert ./cert.pem --key ./key.pem --cacert ./ca.pem
+
+clean:
+	rm -f ca-key.pem ca.pem ca.srl cert.pem client.csr extfile.cnf key.pem server-cert.pem server-key.pem server.csr extfile.cnf
diff --git a/docs/security/https/README.md b/docs/security/https/README.md
new file mode 100644
index 00000000..ff553891
--- /dev/null
+++ b/docs/security/https/README.md
@@ -0,0 +1,33 @@
+<!--[metadata]>
++++
+draft = true
++++
+<![end-metadata]-->
+
+
+
+This is an initial attempt to make it easier to test the examples in the https.md
+doc.
+
+At this point, it has to be a manual thing, and I've been running it in boot2docker.
+
+My process is as following:
+
+    $ boot2docker ssh
+    $$ git clone https://github.com/docker/docker
+    $$ cd docker/docs/articles/https
+    $$ make cert
+
+lots of things to see and manually answer, as openssl wants to be interactive
+
+**NOTE:** make sure you enter the hostname (`boot2docker` in my case) when prompted for `Computer Name`)
+
+    $$ sudo make run
+
+Start another terminal:
+
+    $ boot2docker ssh
+    $$ cd docker/docs/articles/https
+    $$ make client
+
+The last will connect first with `--tls` and then with `--tlsverify`, both should succeed.
diff --git a/docs/security/https/make_certs.sh b/docs/security/https/make_certs.sh
new file mode 100755
index 00000000..39001fdb
--- /dev/null
+++ b/docs/security/https/make_certs.sh
@@ -0,0 +1,23 @@
+#!/bin/sh
+openssl genrsa -aes256 -out ca-key.pem 2048
+openssl req -new -x509 -days 365 -key ca-key.pem -sha256 -out ca.pem
+openssl genrsa -out server-key.pem 2048
+openssl req -subj "/CN=$HOST" -new -key server-key.pem -out server.csr
+echo subjectAltName = IP:$YOUR_PUBLIC_IP > extfile.cnf
+openssl x509 -req -days 365 -in server.csr -CA ca.pem -CAkey ca-key.pem       -CAcreateserial -out server-cert.pem -extfile extfile.cnf
+openssl genrsa -out key.pem 2048
+openssl req -subj '/CN=client' -new -key key.pem -out client.csr
+echo extendedKeyUsage = clientAuth > extfile.cnf
+openssl x509 -req -days 365 -in client.csr -CA ca.pem -CAkey ca-key.pem       -CAcreateserial -out cert.pem -extfile extfile.cnf
+rm -v client.csr server.csr
+chmod -v 0400 ca-key.pem key.pem server-key.pem
+chmod -v 0444 ca.pem server-cert.pem cert.pem
+# docker -d --tlsverify --tlscacert=ca.pem --tlscert=server-cert.pem --tlskey=server-key.pem       -H=0.0.0.0:7778
+# docker --tlsverify --tlscacert=ca.pem --tlscert=cert.pem --tlskey=key.pem       -H=$HOST:7778 version
+mkdir -pv ~/.docker
+cp -v {ca,cert,key}.pem ~/.docker
+export DOCKER_HOST=tcp://$HOST:7778 DOCKER_TLS_VERIFY=1
+# docker ps
+export DOCKER_CERT_PATH=~/.docker/zone1/
+# docker --tlsverify ps
+# curl https://$HOST:7778/images/json       --cert ~/.docker/cert.pem       --key ~/.docker/key.pem       --cacert ~/.docker/ca.pem
diff --git a/docs/security/https/parsedocs.sh b/docs/security/https/parsedocs.sh
new file mode 100755
index 00000000..f9df33c3
--- /dev/null
+++ b/docs/security/https/parsedocs.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+echo "#!/bin/sh"
+cat ../https.md | awk '{if (sub(/\\$/,"")) printf "%s", $0; else print $0}' \
+        | grep '   $ ' \
+        | sed 's/    $ //g' \
+        | sed 's/2375/7777/g' \
+        | sed 's/2376/7778/g' \
+        | sed 's/^docker/# docker/g' \
+        | sed 's/^curl/# curl/g'
diff --git a/docs/security/index.md b/docs/security/index.md
new file mode 100644
index 00000000..9524a93e
--- /dev/null
+++ b/docs/security/index.md
@@ -0,0 +1,24 @@
+<!-- [metadata]>
++++
+title = "Secure Engine"
+description = "Sec"
+keywords = ["seccomp, security, docker, documentation"]
+[menu.main]
+identifier="smn_secure_docker"
+parent= "engine_use"
++++
+<![end-metadata]-->
+
+# Secure Engine
+
+This section discusses the security features you can configure and use within your Docker Engine installation.
+
+* You can configure Docker's trust features so that your users can push and pull trusted images. To learn how to do this, see [Use trusted images](trust/index.md) in this section.
+
+* You can protect the Docker daemon socket and ensure only trusted Docker client connections. For more information, [Protect the Docker daemon socket](https.md)
+
+* You can use certificate-based client-server authentication to verify a Docker daemon has the rights to access images on a registry. For more information, see [Using certificates for repository client verification](certificates.md).
+
+* You can configure secure computing mode (Seccomp) policies to secure system calls in a container. For more information, see [Seccomp security profiles for Docker](seccomp.md).
+
+* An AppArmor profile for Docker is installed with the official *.deb* packages. For information about this profile and overriding it, see [AppArmor security profiles for Docker](apparmor.md).
diff --git a/docs/security/seccomp.md b/docs/security/seccomp.md
new file mode 100644
index 00000000..bf567906
--- /dev/null
+++ b/docs/security/seccomp.md
@@ -0,0 +1,143 @@
+<!-- [metadata]>
++++
+title = "Seccomp security profiles for Docker"
+description = "Enabling seccomp in Docker"
+keywords = ["seccomp, security, docker, documentation"]
+[menu.main]
+parent= "smn_secure_docker"
+weight=90
++++
+<![end-metadata]-->
+
+# Seccomp security profiles for Docker
+
+Secure computing mode (Seccomp) is a Linux kernel feature. You can use it to
+restrict the actions available within the container. The `seccomp()` system
+call operates on the seccomp state of the calling process. You can use this
+feature to restrict your application's access.
+
+This feature is available only if Docker has been built with seccomp and the
+kernel is configured with `CONFIG_SECCOMP` enabled. To check if your kernel
+supports seccomp:
+
+```bash
+$ cat /boot/config-`uname -r` | grep CONFIG_SECCOMP=
+CONFIG_SECCOMP=y
+```
+
+> **Note**: seccomp profiles require seccomp 2.2.1 and are only
+> available starting with Debian 9 "Stretch", Ubuntu 15.10 "Wily", and
+> Fedora 22. To use this feature on Ubuntu 14.04, Debian Wheezy, or
+> Debian Jessie, you must download the [latest static Docker Linux binary](../installation/binaries.md).
+> This feature is currently *not* available on other distributions.
+
+## Passing a profile for a container
+
+The default seccomp profile provides a sane default for running containers with
+seccomp and disables around 44 system calls out of 300+. It is moderately protective while providing wide application
+compatibility. The default Docker profile (found [here](https://github.com/docker/docker/blob/master/profiles/seccomp/default.json) has a JSON layout in the following form:
+
+```json
+{
+	"defaultAction": "SCMP_ACT_ERRNO",
+	"architectures": [
+		"SCMP_ARCH_X86_64",
+		"SCMP_ARCH_X86",
+		"SCMP_ARCH_X32"
+	],
+	"syscalls": [
+		{
+			"name": "accept",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "accept4",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		...
+	]
+}
+```
+
+When you run a container, it uses the default profile unless you override
+it with the `security-opt` option. For example, the following explicitly
+specifies the default policy:
+
+```
+$ docker run --rm -it --security-opt seccomp=/path/to/seccomp/profile.json hello-world
+```
+
+### Significant syscalls blocked by the default profile
+
+Docker's default seccomp profile is a whitelist which specifies the calls that
+are allowed. The table below lists the significant (but not all) syscalls that
+are effectively blocked because they are not on the whitelist. The table includes
+the reason each syscall is blocked rather than white-listed.
+
+| Syscall             | Description                                                                                                                           |
+|---------------------|---------------------------------------------------------------------------------------------------------------------------------------|
+| `acct`              | Accounting syscall which could let containers disable their own resource limits or process accounting. Also gated by `CAP_SYS_PACCT`. |
+| `add_key`           | Prevent containers from using the kernel keyring, which is not namespaced.                                   |
+| `adjtimex`          | Similar to `clock_settime` and `settimeofday`, time/date is not namespaced.                                  |
+| `bpf`               | Deny loading potentially persistent bpf programs into kernel, already gated by `CAP_SYS_ADMIN`.              |
+| `clock_adjtime`     | Time/date is not namespaced.                                                                                 |
+| `clock_settime`     | Time/date is not namespaced.                                                                                 |
+| `clone`             | Deny cloning new namespaces. Also gated by `CAP_SYS_ADMIN` for CLONE_* flags, except `CLONE_USERNS`.         |
+| `create_module`     | Deny manipulation and functions on kernel modules.                                                           |
+| `delete_module`     | Deny manipulation and functions on kernel modules. Also gated by `CAP_SYS_MODULE`.                           |
+| `finit_module`      | Deny manipulation and functions on kernel modules. Also gated by `CAP_SYS_MODULE`.                           |
+| `get_kernel_syms`   | Deny retrieval of exported kernel and module symbols.                                                        |
+| `get_mempolicy`     | Syscall that modifies kernel memory and NUMA settings. Already gated by `CAP_SYS_NICE`.                      |
+| `init_module`       | Deny manipulation and functions on kernel modules. Also gated by `CAP_SYS_MODULE`.                           |
+| `ioperm`            | Prevent containers from modifying kernel I/O privilege levels. Already gated by `CAP_SYS_RAWIO`.             |
+| `iopl`              | Prevent containers from modifying kernel I/O privilege levels. Already gated by `CAP_SYS_RAWIO`.             |
+| `kcmp`              | Restrict process inspection capabilities, already blocked by dropping `CAP_PTRACE`.                          |
+| `kexec_file_load`   | Sister syscall of `kexec_load` that does the same thing, slightly different arguments.                       |
+| `kexec_load`        | Deny loading a new kernel for later execution.                                                               |
+| `keyctl`            | Prevent containers from using the kernel keyring, which is not namespaced.                                   |
+| `lookup_dcookie`    | Tracing/profiling syscall, which could leak a lot of information on the host.                                |
+| `mbind`             | Syscall that modifies kernel memory and NUMA settings. Already gated by `CAP_SYS_NICE`.                      |
+| `modify_ldt`        | Old syscall only used in 16-bit code and a potential information leak.                                       |
+| `mount`             | Deny mounting, already gated by `CAP_SYS_ADMIN`.                                                             |
+| `move_pages`        | Syscall that modifies kernel memory and NUMA settings.                                                       |
+| `name_to_handle_at` | Sister syscall to `open_by_handle_at`. Already gated by `CAP_SYS_NICE`.                                      |
+| `nfsservctl`        | Deny interaction with the kernel nfs daemon.                                                                 |
+| `open_by_handle_at` | Cause of an old container breakout. Also gated by `CAP_DAC_READ_SEARCH`.                                     |
+| `perf_event_open`   | Tracing/profiling syscall, which could leak a lot of information on the host.                                |
+| `personality`       | Prevent container from enabling BSD emulation. Not inherently dangerous, but poorly tested, potential for a lot of kernel vulns. |
+| `pivot_root`        | Deny `pivot_root`, should be privileged operation.                                                           |
+| `process_vm_readv`  | Restrict process inspection capabilities, already blocked by dropping `CAP_PTRACE`.                          |
+| `process_vm_writev` | Restrict process inspection capabilities, already blocked by dropping `CAP_PTRACE`.                          |
+| `ptrace`            | Tracing/profiling syscall, which could leak a lot of information on the host. Already blocked by dropping `CAP_PTRACE`. |
+| `query_module`      | Deny manipulation and functions on kernel modules.                                                            |
+| `quotactl`          | Quota syscall which could let containers disable their own resource limits or process accounting. Also gated by `CAP_SYS_ADMIN`. |
+| `reboot`            | Don't let containers reboot the host. Also gated by `CAP_SYS_BOOT`.                                           |
+| `request_key`       | Prevent containers from using the kernel keyring, which is not namespaced.                                    |
+| `set_mempolicy`     | Syscall that modifies kernel memory and NUMA settings. Already gated by `CAP_SYS_NICE`.                       |
+| `setns`             | Deny associating a thread with a namespace. Also gated by `CAP_SYS_ADMIN`.                                    |
+| `settimeofday`      | Time/date is not namespaced. Also gated by `CAP_SYS_TIME`.                                                    |
+| `stime`             | Time/date is not namespaced. Also gated by `CAP_SYS_TIME`.                                                    |
+| `swapon`            | Deny start/stop swapping to file/device. Also gated by `CAP_SYS_ADMIN`.                                       |
+| `swapoff`           | Deny start/stop swapping to file/device. Also gated by `CAP_SYS_ADMIN`.                                       |
+| `sysfs`             | Obsolete syscall.                                                                                             |
+| `_sysctl`           | Obsolete, replaced by /proc/sys.                                                                              |
+| `umount`            | Should be a privileged operation. Also gated by `CAP_SYS_ADMIN`.                                              |
+| `umount2`           | Should be a privileged operation.                                                                             |
+| `unshare`           | Deny cloning new namespaces for processes. Also gated by `CAP_SYS_ADMIN`, with the exception of `unshare --user`. |
+| `uselib`            | Older syscall related to shared libraries, unused for a long time.                                            |
+| `userfaultfd`       | Userspace page fault handling, largely needed for process migration.                                          |
+| `ustat`             | Obsolete syscall.                                                                                             |
+| `vm86`              | In kernel x86 real mode virtual machine. Also gated by `CAP_SYS_ADMIN`.                                       |
+| `vm86old`           | In kernel x86 real mode virtual machine. Also gated by `CAP_SYS_ADMIN`.                                       |
+
+## Run without the default seccomp profile
+
+You can pass `unconfined` to run a container without the default seccomp
+profile.
+
+```
+$ docker run --rm -it --security-opt seccomp=unconfined debian:jessie \
+    unshare --map-root-user --user sh -c whoami
+```
diff --git a/docs/security/security.md b/docs/security/security.md
new file mode 100644
index 00000000..b9738a3c
--- /dev/null
+++ b/docs/security/security.md
@@ -0,0 +1,276 @@
+<!--[metadata]>
++++
+aliases = ["/engine/articles/security/"]
+title = "Docker security"
+description = "Review of the Docker Daemon attack surface"
+keywords = ["Docker, Docker documentation,  security"]
+[menu.main]
+parent = "smn_secure_docker"
+weight =-99
++++
+<![end-metadata]-->
+
+# Docker security
+
+There are three major areas to consider when reviewing Docker security:
+
+ - the intrinsic security of the kernel and its support for
+   namespaces and cgroups;
+ - the attack surface of the Docker daemon itself;
+ - loopholes in the container configuration profile, either by default,
+   or when customized by users.
+ - the "hardening" security features of the kernel and how they
+   interact with containers.
+
+## Kernel namespaces
+
+Docker containers are very similar to LXC containers, and they have
+similar security features. When you start a container with
+`docker run`, behind the scenes Docker creates a set of namespaces and control
+groups for the container.
+
+**Namespaces provide the first and most straightforward form of
+isolation**: processes running within a container cannot see, and even
+less affect, processes running in another container, or in the host
+system.
+
+**Each container also gets its own network stack**, meaning that a
+container doesn't get privileged access to the sockets or interfaces
+of another container. Of course, if the host system is setup
+accordingly, containers can interact with each other through their
+respective network interfaces — just like they can interact with
+external hosts. When you specify public ports for your containers or use
+[*links*](../userguide/networking/default_network/dockerlinks.md)
+then IP traffic is allowed between containers. They can ping each other,
+send/receive UDP packets, and establish TCP connections, but that can be
+restricted if necessary. From a network architecture point of view, all
+containers on a given Docker host are sitting on bridge interfaces. This
+means that they are just like physical machines connected through a
+common Ethernet switch; no more, no less.
+
+How mature is the code providing kernel namespaces and private
+networking? Kernel namespaces were introduced [between kernel version
+2.6.15 and
+2.6.26](http://lxc.sourceforge.net/index.php/about/kernel-namespaces/).
+This means that since July 2008 (date of the 2.6.26 release, now 7 years
+ago), namespace code has been exercised and scrutinized on a large
+number of production systems. And there is more: the design and
+inspiration for the namespaces code are even older. Namespaces are
+actually an effort to reimplement the features of [OpenVZ](
+http://en.wikipedia.org/wiki/OpenVZ) in such a way that they could be
+merged within the mainstream kernel. And OpenVZ was initially released
+in 2005, so both the design and the implementation are pretty mature.
+
+## Control groups
+
+Control Groups are another key component of Linux Containers. They
+implement resource accounting and limiting. They provide many
+useful metrics, but they also help ensure that each container gets
+its fair share of memory, CPU, disk I/O; and, more importantly, that a
+single container cannot bring the system down by exhausting one of those
+resources.
+
+So while they do not play a role in preventing one container from
+accessing or affecting the data and processes of another container, they
+are essential to fend off some denial-of-service attacks. They are
+particularly important on multi-tenant platforms, like public and
+private PaaS, to guarantee a consistent uptime (and performance) even
+when some applications start to misbehave.
+
+Control Groups have been around for a while as well: the code was
+started in 2006, and initially merged in kernel 2.6.24.
+
+## Docker daemon attack surface
+
+Running containers (and applications) with Docker implies running the
+Docker daemon. This daemon currently requires `root` privileges, and you
+should therefore be aware of some important details.
+
+First of all, **only trusted users should be allowed to control your
+Docker daemon**. This is a direct consequence of some powerful Docker
+features. Specifically, Docker allows you to share a directory between
+the Docker host and a guest container; and it allows you to do so
+without limiting the access rights of the container. This means that you
+can start a container where the `/host` directory will be the `/` directory
+on your host; and the container will be able to alter your host filesystem
+without any restriction. This is similar to how virtualization systems
+allow filesystem resource sharing. Nothing prevents you from sharing your
+root filesystem (or even your root block device) with a virtual machine.
+
+This has a strong security implication: for example, if you instrument Docker
+from a web server to provision containers through an API, you should be
+even more careful than usual with parameter checking, to make sure that
+a malicious user cannot pass crafted parameters causing Docker to create
+arbitrary containers.
+
+For this reason, the REST API endpoint (used by the Docker CLI to
+communicate with the Docker daemon) changed in Docker 0.5.2, and now
+uses a UNIX socket instead of a TCP socket bound on 127.0.0.1 (the
+latter being prone to cross-site-scripting attacks if you happen to run
+Docker directly on your local machine, outside of a VM). You can then
+use traditional UNIX permission checks to limit access to the control
+socket.
+
+You can also expose the REST API over HTTP if you explicitly decide to do so.
+However, if you do that, being aware of the above mentioned security
+implication, you should ensure that it will be reachable only from a
+trusted network or VPN; or protected with e.g., `stunnel` and client SSL
+certificates. You can also secure them with [HTTPS and
+certificates](https.md).
+
+The daemon is also potentially vulnerable to other inputs, such as image
+loading from either disk with 'docker load', or from the network with
+'docker pull'. This has been a focus of improvement in the community,
+especially for 'pull' security. While these overlap, it should be noted
+that 'docker load' is a mechanism for backup and restore and is not
+currently considered a secure mechanism for loading images. As of
+Docker 1.3.2, images are now extracted in a chrooted subprocess on
+Linux/Unix platforms, being the first-step in a wider effort toward
+privilege separation.
+
+Eventually, it is expected that the Docker daemon will run restricted
+privileges, delegating operations well-audited sub-processes,
+each with its own (very limited) scope of Linux capabilities,
+virtual network setup, filesystem management, etc. That is, most likely,
+pieces of the Docker engine itself will run inside of containers.
+
+Finally, if you run Docker on a server, it is recommended to run
+exclusively Docker in the server, and move all other services within
+containers controlled by Docker. Of course, it is fine to keep your
+favorite admin tools (probably at least an SSH server), as well as
+existing monitoring/supervision processes (e.g., NRPE, collectd, etc).
+
+## Linux kernel capabilities
+
+By default, Docker starts containers with a restricted set of
+capabilities. What does that mean?
+
+Capabilities turn the binary "root/non-root" dichotomy into a
+fine-grained access control system. Processes (like web servers) that
+just need to bind on a port below 1024 do not have to run as root: they
+can just be granted the `net_bind_service` capability instead. And there
+are many other capabilities, for almost all the specific areas where root
+privileges are usually needed.
+
+This means a lot for container security; let's see why!
+
+Your average server (bare metal or virtual machine) needs to run a bunch
+of processes as root. Those typically include SSH, cron, syslogd;
+hardware management tools (e.g., load modules), network configuration
+tools (e.g., to handle DHCP, WPA, or VPNs), and much more. A container is
+very different, because almost all of those tasks are handled by the
+infrastructure around the container:
+
+ - SSH access will typically be managed by a single server running on
+   the Docker host;
+ - `cron`, when necessary, should run as a user
+   process, dedicated and tailored for the app that needs its
+   scheduling service, rather than as a platform-wide facility;
+ - log management will also typically be handed to Docker, or by
+   third-party services like Loggly or Splunk;
+ - hardware management is irrelevant, meaning that you never need to
+   run `udevd` or equivalent daemons within
+   containers;
+ - network management happens outside of the containers, enforcing
+   separation of concerns as much as possible, meaning that a container
+   should never need to perform `ifconfig`,
+   `route`, or ip commands (except when a container
+   is specifically engineered to behave like a router or firewall, of
+   course).
+
+This means that in most cases, containers will not need "real" root
+privileges *at all*. And therefore, containers can run with a reduced
+capability set; meaning that "root" within a container has much less
+privileges than the real "root". For instance, it is possible to:
+
+ - deny all "mount" operations;
+ - deny access to raw sockets (to prevent packet spoofing);
+ - deny access to some filesystem operations, like creating new device
+   nodes, changing the owner of files, or altering attributes (including
+   the immutable flag);
+ - deny module loading;
+ - and many others.
+
+This means that even if an intruder manages to escalate to root within a
+container, it will be much harder to do serious damage, or to escalate
+to the host.
+
+This won't affect regular web apps; but malicious users will find that
+the arsenal at their disposal has shrunk considerably! By default Docker
+drops all capabilities except [those
+needed](https://github.com/docker/docker/blob/master/oci/defaults_linux.go#L64-L79),
+a whitelist instead of a blacklist approach. You can see a full list of
+available capabilities in [Linux
+manpages](http://man7.org/linux/man-pages/man7/capabilities.7.html).
+
+One primary risk with running Docker containers is that the default set
+of capabilities and mounts given to a container may provide incomplete
+isolation, either independently, or when used in combination with
+kernel vulnerabilities.
+
+Docker supports the addition and removal of capabilities, allowing use
+of a non-default profile. This may make Docker more secure through
+capability removal, or less secure through the addition of capabilities.
+The best practice for users would be to remove all capabilities except
+those explicitly required for their processes.
+
+## Other kernel security features
+
+Capabilities are just one of the many security features provided by
+modern Linux kernels. It is also possible to leverage existing,
+well-known systems like TOMOYO, AppArmor, SELinux, GRSEC, etc. with
+Docker.
+
+While Docker currently only enables capabilities, it doesn't interfere
+with the other systems. This means that there are many different ways to
+harden a Docker host. Here are a few examples.
+
+ - You can run a kernel with GRSEC and PAX. This will add many safety
+   checks, both at compile-time and run-time; it will also defeat many
+   exploits, thanks to techniques like address randomization. It doesn't
+   require Docker-specific configuration, since those security features
+   apply system-wide, independent of containers.
+ - If your distribution comes with security model templates for
+   Docker containers, you can use them out of the box. For instance, we
+   ship a template that works with AppArmor and Red Hat comes with SELinux
+   policies for Docker. These templates provide an extra safety net (even
+   though it overlaps greatly with capabilities).
+ - You can define your own policies using your favorite access control
+   mechanism.
+
+Just like there are many third-party tools to augment Docker containers
+with e.g., special network topologies or shared filesystems, you can
+expect to see tools to harden existing Docker containers without
+affecting Docker's core.
+
+As of Docker 1.10 User Namespaces are supported directly by the docker
+daemon. This feature allows for the root user in a container to be mapped
+to a non uid-0 user outside the container, which can help to mitigate the
+risks of container breakout. This facility is available but not enabled
+by default.
+
+Refer to the [daemon command](../reference/commandline/daemon.md#daemon-user-namespace-options)
+in the command line reference for more information on this feature.
+Additional information on the implementation of User Namespaces in Docker
+can be found in <a href="https://integratedcode.us/2015/10/13/user-namespaces-have-arrived-in-docker/" target="_blank">this blog post</a>.
+
+## Conclusions
+
+Docker containers are, by default, quite secure; especially if you take
+care of running your processes inside the containers as non-privileged
+users (i.e., non-`root`).
+
+You can add an extra layer of safety by enabling AppArmor, SELinux,
+GRSEC, or your favorite hardening solution.
+
+Last but not least, if you see interesting security features in other
+containerization systems, these are simply kernels features that may
+be implemented in Docker as well. We welcome users to submit issues,
+pull requests, and communicate via the mailing list.
+
+## Related Information
+
+* [Use trusted images](../security/trust/index.md)
+* [Seccomp security profiles for Docker](../security/seccomp.md)
+* [AppArmor security profiles for Docker](../security/apparmor.md)
+* [On the Security of Containers (2014)](https://medium.com/@ewindisch/on-the-security-of-containers-2c60ffe25a9e)
diff --git a/docs/security/trust/content_trust.md b/docs/security/trust/content_trust.md
new file mode 100644
index 00000000..f11e4e6e
--- /dev/null
+++ b/docs/security/trust/content_trust.md
@@ -0,0 +1,300 @@
+<!--[metadata]>
++++
+title = "Content trust in Docker"
+description = "Enabling content trust in Docker"
+keywords = ["content, trust, security, docker,  documentation"]
+[menu.main]
+parent= "smn_content_trust"
+weight=-1
++++
+<![end-metadata]-->
+
+# Content trust in Docker
+
+When transferring data among networked systems, *trust* is a central concern. In
+particular, when communicating over an untrusted medium such as the internet, it
+is critical to ensure the integrity and publisher of all the data a system
+operates on. You use Docker to push and pull images (data) to a registry. Content trust
+gives you the ability to both verify the integrity and the publisher of all the
+data received from a registry over any channel.
+
+Content trust is currently only available for users of the public Docker Hub. It
+is currently not available for the Docker Trusted Registry or for private
+registries.
+
+## Understand trust in Docker
+
+Content trust allows operations with a remote Docker registry to enforce
+client-side signing and verification of image tags. Content trust provides the
+ability to use digital signatures for data sent to and received from remote
+Docker registries. These signatures allow client-side verification of the
+integrity and publisher of specific image tags.
+
+Currently, content trust is disabled by default. You must enable it by setting
+the `DOCKER_CONTENT_TRUST` environment variable. Refer to the
+[environment variables](../../reference/commandline/cli.md#environment-variables)
+and [Notary](../../reference/commandline/cli.md#notary) configuration
+for the docker client for more options.
+
+Once content trust is enabled, image publishers can sign their images. Image consumers can
+ensure that the images they use are signed. publishers and consumers can be
+individuals alone or in organizations. Docker's content trust supports users and
+automated processes such as builds.
+
+### Image tags and content trust
+
+An individual image record has the following identifier:
+
+```
+[REGISTRY_HOST[:REGISTRY_PORT]/]REPOSITORY[:TAG]
+```
+
+A particular image `REPOSITORY` can have multiple tags. For example, `latest` and
+ `3.1.2` are both tags on the `mongo` image. An image publisher can build an image
+ and tag combination many times changing the image with each build.
+
+Content trust is associated with the `TAG` portion of an image. Each image
+repository has a set of keys that image publishers use to sign an image tag.
+Image publishers have discretion on which tags they sign.
+
+An image repository can contain an image with one tag that is signed and another
+tag that is not. For example, consider [the Mongo image
+repository](https://hub.docker.com/r/library/mongo/tags/). The `latest`
+tag could be unsigned while the `3.1.6` tag could be signed. It is the
+responsibility of the image publisher to decide if an image tag is signed or
+not. In this representation, some image tags are signed, others are not:
+
+![Signed tags](images/tag_signing.png)
+
+Publishers can choose to sign a specific tag or not. As a result, the content of
+an unsigned tag and that of a signed tag with the same name may not match. For
+example, a publisher can push a tagged image `someimage:latest` and sign it.
+Later, the same publisher can push an unsigned `someimage:latest` image. This second
+push replaces the last unsigned tag `latest` but does not affect the signed `latest` version.
+The ability to choose which tags they can sign, allows publishers to iterate over
+the unsigned version of an image before officially signing it.
+
+Image consumers can enable content trust to ensure that images they use were
+signed. If a consumer enables content trust, they can only pull, run, or build
+with trusted images. Enabling content trust is like wearing a pair of
+rose-colored glasses. Consumers "see" only signed images tags and the less
+desirable, unsigned image tags are "invisible" to them.
+
+![Trust view](images/trust_view.png)
+
+To the consumer who does not enabled content trust, nothing about how they
+work with Docker images changes. Every image is visible regardless of whether it
+is signed or not.
+
+
+### Content trust operations and keys
+
+When content trust is enabled, `docker` CLI commands that operate on tagged images must
+either have content signatures or explicit content hashes. The commands that
+operate with content trust are:
+
+* `push`
+* `build`
+* `create`
+* `pull`
+* `run`
+
+For example, with content trust enabled a `docker pull someimage:latest` only
+succeeds if `someimage:latest` is signed. However, an operation with an explicit
+content hash always succeeds as long as the hash exists:
+
+```bash
+$ docker pull someimage@sha256:d149ab53f8718e987c3a3024bb8aa0e2caadf6c0328f1d9d850b2a2a67f2819a
+```
+
+Trust for an image tag is managed through the use of signing keys. A key set is
+created when an operation using content trust is first invoked. A key set consists
+of the following classes of keys:
+
+- an offline key that is the root of content trust for a image tag
+- repository or tagging keys that sign tags
+- server-managed keys such as the timestamp key, which provides freshness
+	security guarantees for your repository
+
+The following image depicts the various signing keys and their relationships:
+
+![Content trust components](images/trust_components.png)
+
+>**WARNING**: Loss of the root key is **very difficult** to recover from.
+>Correcting this loss requires intervention from [Docker
+>Support](https://support.docker.com) to reset the repository state. This loss
+>also requires **manual intervention** from every consumer that used a signed
+>tag from this repository prior to the loss.
+
+You should backup the root key somewhere safe. Given that it is only required
+to create new repositories, it is a good idea to store it offline.
+For details on securing, and backing up your keys, make sure you
+read how to [manage keys for content trust](trust_key_mng.md).
+
+## Survey of typical content trust operations
+
+This section surveys the typical trusted operations users perform with Docker
+images.
+
+### Enable and disable content trust per-shell or per-invocation
+
+In a shell, you can enable content trust by setting the `DOCKER_CONTENT_TRUST`
+environment variable. Enabling per-shell is useful because you can have one
+shell configured for trusted operations and another terminal shell for untrusted
+operations. You can also add this declaration to your shell profile to have it
+turned on always by default.
+
+To enable content trust in a `bash` shell enter the following command:
+
+```bash
+export DOCKER_CONTENT_TRUST=1
+```
+
+Once set, each of the "tag" operations requires a key for a trusted tag.
+
+In an environment where `DOCKER_CONTENT_TRUST` is set, you can use the
+`--disable-content-trust` flag to run individual operations on tagged images
+without content trust on an as-needed basis.
+
+```bash
+$  docker pull --disable-content-trust docker/trusttest:untrusted
+```
+
+To invoke a command with content trust enabled regardless of whether or how the `DOCKER_CONTENT_TRUST` variable is set:
+
+```bash
+$  docker build --disable-content-trust=false -t docker/trusttest:testing .
+```
+
+All of the trusted operations support the `--disable-content-trust` flag.
+
+
+### Push trusted content
+
+To create signed content for a specific image tag, simply enable content trust
+and push a tagged image. If this is the first time you have pushed an image
+using content trust on your system, the session looks like this:
+
+```bash
+$ docker push docker/trusttest:latest
+The push refers to a repository [docker.io/docker/trusttest] (len: 1)
+9a61b6b1315e: Image already exists
+902b87aaaec9: Image already exists
+latest: digest: sha256:d02adacee0ac7a5be140adb94fa1dae64f4e71a68696e7f8e7cbf9db8dd49418 size: 3220
+Signing and pushing trust metadata
+You are about to create a new root signing key passphrase. This passphrase
+will be used to protect the most sensitive key in your signing system. Please
+choose a long, complex passphrase and be careful to keep the password and the
+key file itself secure and backed up. It is highly recommended that you use a
+password manager to generate the passphrase and keep it safe. There will be no
+way to recover this key. You can find the key in your config directory.
+Enter passphrase for new root key with id a1d96fb:
+Repeat passphrase for new root key with id a1d96fb:
+Enter passphrase for new repository key with id docker.io/docker/trusttest (3a932f1):
+Repeat passphrase for new repository key with id docker.io/docker/trusttest (3a932f1):
+Finished initializing "docker.io/docker/trusttest"
+```
+When you push your first tagged image with content trust enabled, the  `docker`
+client recognizes this is your first push and:
+
+ - alerts you that it will create a new root key
+ - requests a passphrase for the key
+ - generates a root key in the `~/.docker/trust` directory
+ - generates a repository key for in the `~/.docker/trust` directory
+
+The passphrase you chose for both the root key and your content key-pair
+should be randomly generated and stored in a *password manager*.
+
+> **NOTE**: If you omit the `latest` tag, content trust is skipped. This is true
+even if content trust is enabled and even if this is your first push.
+
+```bash
+$ docker push docker/trusttest
+The push refers to a repository [docker.io/docker/trusttest] (len: 1)
+9a61b6b1315e: Image successfully pushed
+902b87aaaec9: Image successfully pushed
+latest: digest: sha256:a9a9c4402604b703bed1c847f6d85faac97686e48c579bd9c3b0fa6694a398fc size: 3220
+No tag specified, skipping trust metadata push
+```
+
+It is skipped because as the message states, you did not supply an image `TAG`
+value. In Docker content trust, signatures are associated with tags.
+
+Once you have a root key on your system, subsequent images repositories
+you create can use that same root key:
+
+```bash
+$ docker push docker.io/docker/seaside:latest
+The push refers to a repository [docker.io/docker/seaside] (len: 1)
+a9539b34a6ab: Image successfully pushed
+b3dbab3810fc: Image successfully pushed
+latest: digest: sha256:d2ba1e603661a59940bfad7072eba698b79a8b20ccbb4e3bfb6f9e367ea43939 size: 3346
+Signing and pushing trust metadata
+Enter key passphrase for root key with id a1d96fb:
+Enter passphrase for new repository key with id docker.io/docker/seaside (bb045e3):
+Repeat passphrase for new repository key with id docker.io/docker/seaside (bb045e3):
+Finished initializing "docker.io/docker/seaside"
+```
+
+The new image has its own repository key and timestamp key. The `latest` tag is signed with both of
+these.
+
+
+### Pull image content
+
+A common way to consume an image is to `pull` it. With content trust enabled, the Docker
+client only allows `docker pull` to retrieve signed images.
+
+```
+$  docker pull docker/seaside
+Using default tag: latest
+Pull (1 of 1): docker/trusttest:latest@sha256:d149ab53f871
+...
+Tagging docker/trusttest@sha256:d149ab53f871 as docker/trusttest:latest
+```
+
+The `seaside:latest` image is signed. In the following example, the command does not specify a tag, so the system uses
+the `latest` tag by default again and the `docker/cliffs:latest` tag is not signed.
+
+```bash
+$ docker pull docker/cliffs
+Using default tag: latest
+no trust data available
+```
+
+Because the tag `docker/cliffs:latest` is not trusted, the `pull` fails.
+
+
+### Disable content trust for specific operations
+
+A user that wants to disable content trust for a particular operation can use the
+`--disable-content-trust` flag. **Warning: this flag disables content trust for
+this operation**. With this flag, Docker will ignore content-trust and allow all
+operations to be done without verifying any signatures. If we wanted the
+previous untrusted build to succeed we could do:
+
+```
+$  cat Dockerfile
+FROM docker/trusttest:notrust
+RUN echo
+$  docker build --disable-content-trust -t docker/trusttest:testing .
+Sending build context to Docker daemon 42.84 MB
+...
+Successfully built f21b872447dc
+```
+
+The same is true for all the other commands, such as `pull` and `push`:
+
+```
+$  docker pull --disable-content-trust docker/trusttest:untrusted
+...
+$  docker push --disable-content-trust docker/trusttest:untrusted
+...
+```
+
+## Related information
+
+* [Manage keys for content trust](trust_key_mng.md)
+* [Automation with content trust](trust_automation.md)
+* [Delegations for content trust](trust_delegation.md)
+* [Play in a content trust sandbox](trust_sandbox.md)
diff --git a/docs/security/trust/deploying_notary.md b/docs/security/trust/deploying_notary.md
new file mode 100644
index 00000000..68e57fb7
--- /dev/null
+++ b/docs/security/trust/deploying_notary.md
@@ -0,0 +1,34 @@
+<!--[metadata]>
++++
+title = "Deploying Notary"
+description = "Deploying Notary"
+keywords = ["trust, security, notary, deployment"]
+[menu.main]
+parent= "smn_content_trust"
++++
+<![end-metadata]-->
+
+# Deploying Notary Server with Compose
+
+The easiest way to deploy Notary Server is by using Docker Compose. To follow the procedure on this page, you must have already [installed Docker Compose](/compose/install.md).
+
+1. Clone the Notary repository
+
+        git clone git@github.com:docker/notary.git
+
+2. Build and start Notary Server with the sample certificates.
+
+        docker-compose up -d
+
+
+    For more detailed documentation about how to deploy Notary Server see https://github.com/docker/notary.
+3. Make sure that your Docker or Notary client trusts Notary Server's certificate before you try to interact with the Notary server.
+
+See the instructions for [Docker](../../reference/commandline/cli.md#notary) or
+for [Notary](https://github.com/docker/notary#using-notary) depending on which one you are using.
+
+## If you want to use Notary in production
+
+Please check back here for instructions after Notary Server has an official
+stable release. To get a head start on deploying Notary in production see
+https://github.com/docker/notary.
diff --git a/docs/security/trust/images/tag_signing.png b/docs/security/trust/images/tag_signing.png
new file mode 100644
index 0000000000000000000000000000000000000000..9a1f9062b4dc6d30942ab7c4f47dca5f5df2be31
GIT binary patch
literal 74416
zcmeFZRX~+pw>AvRrF2UxT_T;*-O?qEgmiba=xzxGq(efwQ;;s{2I=n3@8(f_-o5vG
z{-69u!t!48o^#AG$GFBdu1T<*j2IF;9y}Bj6q1CvumThm7#9i(ln?t1_~g>?q!IWB
z+D<`C5UP0K#U>OKKa_;9fRZ!xP6}M|^B<SZI(z!qD@_8r9N=0^RJkyao*ap(a5xM#
z9|k5yxU=vN{J~~tG6F`l_8=G>Oc8k{IeCtc8WF2uW$<0(JGQ>}o(Of-Mu}5%Qz@Bl
zSNZN8d&R}YuG{%)OsBim^VFvWAN|14u>4RURBtFS5!BxwCB@V1;l8Zf{FnbC(uE~r
zIuQAv&;RpPB04ZC?vhWm<bMqG_#?l;BG<peKYr@XuL%s+{*?6N|D6JncUOzk|CtyO
z6r=`~-yjG<lp69sX8e1|XvqG5`4nVB?A?Wm9i{~OyTHFQfFgOa@LxU!F9||L6Vu`3
zga5Z_fNu&vYkKm(4E8WyyFV0(kS2oy+<#i~&x?W(-C_QH=idi{5TJzvYIL*E|BInf
zaW9bni&;>yK|zQ%t>WbWWd^{;y!`(+=KpxW|Mwdc_Z0eZ&o@PMC+44&(K^X0a4Kgj
zxa6zXx+_d)pgnp(gDg~Z>$Se0|L^^UkYIETOi_?(ClT9~v145(En#tI_Lkb_oN|0K
z3SClZwR`k~EL^~sSn%cQp8Vs_t>jTD<yrwe_ep)4cZ%PMZ;IXQOjN4BhJ8s5?~1aX
zX8Cg*4^W`>m@bS8OP>GsbkvV6?;-Eihrt1ko#Qdh&DH!zXM2&R80?Sk3rhgajqAg{
zc7pTI7ly;U;Sncz_@qCOcl)-&BF3&s?OB2YSgxsmzWlu={$MyFrZ^m8%s<|&Af~$-
zIkP&wp3}2~iH~mC&OvF|eJE|(wSb0$KJe+;pBH(Odv`5PM7LS~GYTv>G$u~53!4i_
zXr_a8#YBsw6b2=r#p@F4&pLu04lF!Q8S(GmwJCJL0Y)?sVy;61L|<0}iO-^2t==t*
ztNY+8f!|@Jfgi9mLZ&y;A4}uFk}2xGsTM;pnJd8)AkfDl3=#bOq|aMm?5<4Ng?|Qb
zaRRHTNs-;1^yM;9y6JznZ~{N;^?eWQDx6j1<Lprn_<%TZA4$yf&w+$^qrN*Gajd-}
z{L(Y~F&G<XV0%hXovnl$2Nef&w43qy&m1luf*XpM>7U?67S}Q`cWu!6>C385ti~r<
z68!BLWwH3X5@k!b&DT?nC@2BKWjVhs<jr4)#%~~Ajh4;#&tOsU;3l<N3Esqdx>p{r
zb&A6pc=RzrLJGzsu)lqgs1XRhSrg8~`2Sc~ToJ@)KL5(f^J7ZfJZpZ+E4OpPw~`tx
zk3o~)6^$xIdoG>*(c#Eq`ET)XyUio29$n+$4d5Ewy!?qUzeDN)HKg!rY^9G*dKJR{
zA=I(}SISg37$YIoF}Z@PN`)p;9_ul@Mq=<A99%%XC-^<L7U{*9g%^|@8n&y)Kep$l
zY;UJtuJ-PG#`&9hA$K=lHejqYPMMK$8EJ^$2_>AzQBn*f^m91|u3(=EJ`HHTDURi4
zcS-NlE=|viOtLM)S5Dx4iQilB<y%x>Adqpuk>CHU;(xt&(HPWBkg~e6(Wo%+(F2`h
zq6vSd)W5QF^$Uz+%ml9vL3xX{W+vWv`Afq-$_0rOed^9}hU`B+hkC#b?D-%H+A~3-
zL$Hdv##sO0JXM`YDn;YKT&3*RSWny)E3<Se0ax|cZOzYb?|_q<7357zA{>Lf<CdNy
zGEmvG5$?khI%Jx)iU#>LHu&JbY$yS2;mW!jWSM;0Bn!pUWX(M3ChvAN|M(`+q7#r1
zJP8GM0{IzX^Sl{c)=ZO(q)|^YC(soA_|HVmjkRQDc1ML}N@r6fP`&x7;e<aTzsT%~
zqa$DKiHkon?0w^Mjr`(ytj>53y&c&CI^Nk!8fP&$4PBh`DW)WSxY$xMOdNZcAI*H~
zB*!XNA*=E|f8R|Cyqgz~=B+=!1l)~5(K5m9onTVa;`PRNLE>=Zmwf&2$YYBl;gO%X
zRz*SclpR=8`QcX+qtb)Mm|u78*BNyKXP-m)ZaY(CxM7}gxJa32s?07j)@w#eN1`BL
zZ1t?QawVamQRc2>oiA3Vf4i%z*R?0r14i&DCA0*iNURZ6JE@B010>xdwv7N07V*7Y
zt>5qXpG6E&XjXrPbS;tqxF<IBsgm<nf2}BvwINq-(#IaD>%!?6LunG0vC535iTqSz
zvqIxT7qNIbnljDL*di|1iE6bCnv=Ojh?SthXaIJ!qh1VF7~0O+jgXZq)RM55SltuL
zfAfDga$r~Ar7GoRzeJnYlBNwy?^UO?RvgyvD**T*;tmbHdyV+oH#j88{9f|;hTFn-
z{h8d4xqyJeo6<KB24;i^6$MmBvy=~K7jdL1NBmxHe|(s@AcCAuDRfe)6U*V~_?nPc
z%QzT`IiWB?cD*=umK5X{f|E%}%RthRqIwcTH$J0;4kn7i0oB%@Q|2sDRc^_kZnZL;
z#bzJ%f1LyeEPozl8N3@o$HDT0LzMqSivM`<zC0YfODH{Fa0c2?@cjZ!f^m55q6{^)
z=5TY0A1v%1$Uk}8?yB~K9QLKbo;ohOVX*n^C!^Hi?B^4apGeq|_b7a?D_&($SPDUb
zv?+D>!G{Wr56Oc73n%qUSj*z6O$YCvM8FLsg7#Pn2Z0t+u#zs$S^M*HDL;!CSGrky
z`E$Kc1V^4d{pR9+VLob>x5=ry&TM(>!e>`SOnTz<PBsI?P>|=SK^6DH@_lcrWRy87
zwS>yYvi87eQVNh?^v&BegX)aBSj9+MBxq7RasGc`K#LcEN^jUdyhDV5;5N=;Np<cx
zg>`X8>pyBvH+#G_t3@y;+gZzwH}VTXI@b_bQ&~4>c4B47nm#%Tg1paua3@K@#jl>7
zy~Bi6U4^UZ+LG*FoO~MC%_<EvN|k0!+WqH*t3PX2n*?%c5D-pl?0I>_@0194AB^Uy
zVAgi2%bc#MzLw^fK%!O~&Ek@K;bl(iveUdk#PA#wZ}m^)G!X_8O!%|dV*Zvh-J#5s
z0G-)6Sg13HjEJpQhdT#%Ok1Z@A8`Gv^brW0S;#^-PoE|5#}&Pn66uaaQ{pf)>+Nse
zi5^z*P&*~*G!IrWEU)YAvX#<p_a(+7KKc`#Hl=}gG<GJ;KMnKl&=vP@S?nmx2!Kbf
z^An79Wib{sX27{X0i(<EJ3K45QKIo_`x#2DeXExgR?bbNCw<Gw9=(->sqYbX^cerM
z;2r=6u6P|Zbhz&#@{#kPa;`Xv8IJ>X4BeL@-6%X9g;;o`MlQDa`IJvt-(O7o@vEZ^
z!MUfHe#|bd%xaYhq>=xX7zVE}IPL0qKL5nA>ZZgcceJvn%0#nmw%RH$L7?dCM`3-+
zmEE65@m&XIuheQHF5uWmBOYh)JQ6_Mhc$=K!Q3MJKm6eo6FAs5$@r8(z7~G2EE_6r
zb#vJi;TVTim6e7cR*xLffNugpQi)1ceSotx-`-TE*Twaub3x)`$m+^XDy>29z?{t8
z?f6mlu8Ui?S#Mn#t5am`H<C7$0?onYt=`mInB!wD5}~BwZ0Wm?9y2{5$-7MYQ;{+p
zJh+~g*q1HSJ&v`QD<A)@smy`+$OadIdcX*Q>Ga%vw~(nt`npS>Yn}5WB{hpCqiyVz
zgJ6P9!^It_ywQ-_BEtgqBBezLV@-7Dd-(kwiQe7Z@(0nr=FK0QXvdjGpB!+0TG_!o
zo?X~?VC3c;sHb3}MGX+)J1I2J=@_$}!9peNV%*UwW{>VdB^f2-l2}&_V+L^`JS-}L
zD8_wdEjrDAA4n*0%mZqAm1qJ61rw*uL+clMZ0u%fD4Pz6(35LbrO#tJ;_*4;d-R}z
zP!BMnUt0=Qyo<qOkNJ0jG$5LUMKdU9LW~Q&)^lQQMBhS>-Nr<vn-YEIx2d)20mwUK
zr)D2qe=3>#c(220j_o_EnYw`c)$bI8ihds?w{U}XbA;~Z<L{P7Un`~B>!i5^j|d-6
zlC^~kzQSUc|FejlpE;0|-O<U~+cI*jD$93TpGNbkH5~mqyshDF{-P8jAjW`gCpYcu
zP!lbK5gmtv8|Y*Y^tL85BJ8`ql7^~SF|BP{Vo<Y00cUR?!};_W6D{0*F`NVKxcg7)
z;3t{{VulaT-N}3>*gn5K0l~}Kb?BQJ^ZINkrIEeaUJ&94Z9N)p!yC!T6)sTSTjFW-
z01~I1MM-=7w}6@dAW|x709il(_<WUUkr7m<^j$_Rex__fk8!eUsx!855}4Xzq+^LB
zS0pKzNDdK{o$*vCNW>*5+nmvS<!?Cv5`mHp;74Llk){OgWut4K>&fla#kDmW=*@>9
z*{Td;ZL*M^JOxP*%Qd?OoV+P+N}gJMm)qzit43mhHxWfqS<p3};+A~lrt_Kn<)`r&
z8nc9i6t^?3OZJ9?T6;5PRf5JNgDIy)Iq@bto0XNTa;~0)g<C3wiMtoJ+m;0b3A}35
z&YXU_zd*m84%Hd(XvjT0RLeK;+PB$_#QFIUr^Ue0){uVPPQ%16;a!V?jBTR(XgK(W
zf${a7{b9yCA7wpWFy8moF9atN+I?s(pw%mm_*)GhumhOME0S;=CeE9VeJBy}6VvOD
z355Y;?gE0<WiN~xZN{=}aK(Xxy92hZTIo0$DsF@!iI0pYEG_8{%b<uGUd3{a{MR9c
zgSuO)p+LN341-6Yl31MvoKbB|A*JU(vq*wN$jM;&Tj;?VKP*e01{j~;4)g8&-E#u)
zfk6<A$d)&M3|!4J<HlK(rzCYqpJv&7VxgXdl-WxTI1nloC#2x&CA}0a#B%)Tiy%SW
z|3IQC*p9KPxwHumeEYE7Uhc+LwfCoLWy?XTN?p<uBFC<s;^*V1hP@GUGJ8ez9^@}S
zk70%PMy-dOS}!*@TlZN1bz+7GC$^j2tQ>^v8ytx29BQjH^ChesEASu{GmtA?`Oa%`
ztINhF*s=hoq4cE+eF?uip(U@!qj}dJC-^1%PwImLwUPqFM+0MSCokoqHg)=pimS(V
zkM-<sxha>LWodi&3P5iJLA>eYOA=n!5QL^tO_HBF+lL&qL<?HVK0UVsaG|}9E%IN2
z1QGCPfcx<tgsn-C+=!3zl=}5OsGiSr8{tfl2op^Gk^VI<X0OCp&uWqE6lv#?La8Qh
zxpHCmV4m*LSd;0vOWUWU;R+dLlMf!B#*0n+iuHbo{iLO5Z8k~K?_*T(vPY28!b3~7
z&lg@+SN>jJ8}Mf(M2o=Yz+PZ`?_EcFU+;PWkmz;-x_2pcoDO6Et<HOM)xj_z$y}5X
z;vhkkQ1jyDwTpLVRGuXdjhfsA2Ono8VRF5nRC{UYwx><$b+NIjkT0mlv7WV7#zW6{
zpAKiYiX)X(v$zsp=H%5R=CdXygVsP!f=!0~C(=T^0hILn{h|C95r~wRGz7lV^}d*e
z!&tbp8NnW3fHRDm(&8)c=bbL=g?^a6{pFrU?@lCAIwFyfgZYRgw9Byj5t0yff#1=g
zt^Ca0Zz5fc=!_aGsj~?`)1svDotv@TVvFaq=swkFFTs7-J|Urlj${G=T0P`EJu+`f
zp|BPzWQY>Fbts}|Sf_4zFA(EL??ejNlL}p4vvsNQXiQdf0QmeV>c&_VWT&DkMYF=v
zPCQ@RV!QXAZ8z@pvye!AuZ$Tfp=Z4eTYXj9C=BcU*kD3$x(<R0vOPjCfE44xXPh{8
zH_PC|M-C<gQiQ5n8qO=#WN>93LmMmwkot8axEjx1LFln>7T*<1A>SmAdTJOXTKzBt
z0Ohf<o*NUKeJQw(9_t(5*X|}2^H^-YyS=;{w(tV{XyTiI5KL;O=kcPA%=CKE%?$@G
z?e0vEWfUyi!|0KGjpu04S_+HWDvR2-i<y>ha?VP8_#!@+wQI`iB+{q8dHMz@ll3Tc
zNhtI51z!kJtq7|PJg4RRkm>Ts8$v2b_}>Op;K^{t4uI_?ASw3w5IT+nyB^bb{aZpV
zBmM{8@t%9wRYF8bU=lj}pv;yuk9^g}vP-{nsbe$cqUWjotdH>=ni4R6OEZ-H0^dJF
z-83l)UZ+cuZ;f|F%_e)~Xy9387%t;EVn0}49@b!tPt>z=iRy($?pMVn(${N(z0byk
z6W*Fnm3DT2VKEA?s9burq4E*H>s*)L+^gPJq)N$h4SenG#_C6rP53geGM`i{$!6Xg
z*_~!+d7)(#Top&sfL#37NXUSZ7Q<M1PC1~@RU+&9bbo%8wiT^j8?H7}96YD78uZlP
z-%7SvGw#&0#^?2DJ-2=TrD~7n0Y<}u=TmCcBf9g5vcGd<-Cd7SD{^x4eL}Uq-!3N|
zmBD&kGAh*rrxbIzYywLb-tsC1uh%dC(hAohqxg$z4o$qL)@L;zA?AEV9#WID=auQf
zBju}KFi2q{>?VF@EAyO_ucN|}LC>}RYO@;eHlH}6dMaP7ZkYec#@Xek5t<LLX;N^x
z%J#3klT{}Uu~ie%ikl$+zd0BRBtquhB_}NR+?W3=-0Yj0&l|!wzPJS|QmSd~;Tp$p
zp+rtChjc@z*-nfn7{=B<of*+}2U9bQ79_o*1?qjeqU|KlQl;-0LIG&6$kIS<L8>3R
zwsi{M^uTMu+gL_oiLFwSE>ChQ3p-Wh>BGHrymH-)93HyD-}`X;`J}hFQLId=dqRp7
z0q@N2#iP;1y@2eu$=7kh5Dt4%HLkHO=9H9Z9*ne1I~XuK7pRYC%x*-dX2q+9RM4y6
zCX)~rl8=B~yVkkO)Uz5<lp$!<i=Szji6{Cl&q^y6C@R~4GN|U5k9j40Qw#wy|3k%v
zm&V(hK*`l(FQ&Y%k`=Gd*)EM=iAxDkaTR#fD^Pw1VsReGjSgad^-~032om%mxT_&Z
zN}m`HK81$B)GQ-D%ULU5QR8l)&TL~4Ye#irhprr?6^q{<JNP~fhbrkKO1)cWHLIzw
zcQaf&HN&j?JlxUz4r`3XZA$$JK&He{7G_I)cG__?>Wx+XLhTg(8I9yw+-pVk)VmR@
zmAdsD|G04b!@=%Q62o47D-V3eFK-{=q|ZZ*F}W<eKjPg2M4}+i(fVKchjz)?&%g9(
znYkvIrwj1l?BO40Z!jTq@z~Cpz#_6CMxa`w$w7Wa+`H2*7fq6r%NARZNNVG<{w2R5
zdT3Nyg}KhK00?~neQN1^Qa57AA4${6hKUyt{)uEuEh;Pv)K)YogMfy!_hPuWT~l22
zx&j)S?_u1t1St{*KMVTzPV<eF*(pX5KQM?bdG3YFc|M3MkN;>JUvMn?irMx*k_{>@
z=<aFS^`@9^J0@iyEK;4lUe}Y@!gol)NL@J)%5QErq(;GhG0G5uMw$m`LIsf)0|&tA
zV9oia>-k%+w^3yXToA;|jK~Yat$W(YpvxQC>@4CwnyEpM=mtAfb>}-WEPomptYj=V
z81QqSo~6>*9IW+ys5J!D>zJ^v)1g3WPE>K3z9vD;81b1FNo!RcIgT)av<ArSj4&>x
z{=9eWb|y(yo>QGR(+6OAV_!|@*dXP5yd|G1(;ti$^I|<jlQEW8E#|Aw+?jT3$v-Ns
zZi+50+UnuK{z7(*^1}9L-^C#(+4$qc8|1w#DRy8fe-dsQ8GwK#1tX1!7vF>MaLURn
zc~%xuulo+^<OCLNdkX}r>$uNHRYdKnEU|f0>SeT(%H9ZT4%Ml@n^D**LvoCyqEkzi
zasuI3t@Rknx|40Q?NQmP%5D#dyH=U#_V698%?1r>-470utf7?Mt+kEZ`34%aG-9-s
zlWMD0f~v+VtG?NXVsoe<CcZU0|8zCRoF!PxG+_5h*5?rtJYsa-ez-i!))|x(dRgg2
z{ayaj>CK|XF~d1LTv6i<<HnymLm7?`0%Sa^_dtLw8@i&YYKM1QhpksQ)vhU##V=p>
zPw528n>U|Yh|N9<6|Z)e=&RnHm5U|7_fJ)>drzigsi=E}Mk`d@9L!Pd7-g=`obN6(
z#$*3@N?9FORO_}&Q@dZOrZ9s}K*zKDW~!2Y!A|fPAliP<6Z{z{QA;|%%)@wl?{N~3
z<5|q{GO?R0WJ<l@ovKsWNuhck81l3qU&*d3?_5Y;0khza`s3?FExH3eDtN{oa0>rv
zA3T<iLK*FZ_L+5}_-S8AnbSQ4br7Odc4hY*B{-BIC0VlE_%ELmi4LUSjTT)jfVSZO
z;deL^-@Src(3iy*UpFe0p7-6SUc1~sXO%Hs8>5knl@Xdyc5`x4%g+t~#v+RkEDF6k
zv|_b?5kt*+Ozg^8sZOnAKq_0Ynn)$w<@@7-DEx3U)#y1D?f`2Pf5jR07%No^mU)b`
zCl6d=ss(-*cId>6+TVcrA056HE-=gF@<qN><dM1@!kARLhl+)niLh3uhCl-E22;>?
zKmP+GC$$+px(W)qP}O^yI$wV-X`O?{jofU^w7q~<EjXynfHn?rh$KIIWKfAqo4*S8
z$MX+G9AD$jyk@jh6W`qD-3U+`;sWrZ!#}q|&;T~@```3UP61>SJwGKVXe-pAL<E33
zd(&el@B`AM^;r_&oX88_-!Z|?Y(>y+1)WrXYez?{3T)TNGx}jMG>H_g5b1~{T~$o4
zTDp`%ui_Vk`Pyre8lb=Qxbc<Db#X<=LRJL$S5&vXvcF^c!-9O<zNWe5q{7Z<h@#OZ
zb8`IKs<Z*xny4^AO3(m;8_GtLRr|T-VB*J>&tRQjDU!NJ7Oj?_e60dmkM;`!5tdk*
z-crBW5L@PM(5v+xRF7E>!rU5Tpm+0~wH8n<56dXIszHGep&A=oFwaa)t5nGsz0IvJ
zS2btg;@GH)bvt{>z0-{<KyOVD<cz)w0r>|9VMfFK1@n4<MNpZU2)w<WV2xk+H3O}p
zyiV_wQM>mSKj!-V76zo&<bQ;JE;<{lf1h0WW3_#AD#ry=h`{~QY)Us6RcLT8@olUz
z0w|TNWIiO{TC;5nU~;lsWvH2GZaqUQEHo9*2;UeO0jP7;%4w>?QkmnY`cc-5<R=3Y
zcpbWaM!g>ronr|)M@LSOi=+A%KaY%3Cf_>NJ3=lFK06Gzhx|II-|J6dI{}z}G5R*x
zS1ka~@mN~>0jG-Cy9NpR8@k;4_mdckf_n6M6F%^WrOtF@U%gD*SbghoWJ4(D6D_!3
zRM2V-r&saW?wSOfesU#VL;#&P^KxaRL?2zNwJPnhEQI(fRI8J}Qsi7<6%cvWZ)NTx
zqEua#ToD_BsLy*h&}1KRjY1HE&8xYiY4=#8L4lV<fMlmlmJb7xAVZ~N$UFb8rJ71Z
z(IkkzOC_mjI#S*?7>7+UU{}>Mx{5(c`z-)X$Q3giz6Z!_bRdAtU#jcj^EjHz^yS@}
zldvOkqZIBP{1(mpm?Vf$xd8ArnREySD@gJuysY8DQPO=#eWcGE-sYzlcZ?MX@X)Y$
zFgX=*m?FaUH``dV+x2@9p|XJLRs=@a$LVPIp3^R91pr6;4<24r24y#z;y3~gFfojS
z%$CJHe|V(ZIySp9inm%6gnmy8?JaFV5Ejazv=0HJktKFg*Ey`&?zK$vZuhEYxC*ad
z#|t?R->56U_WuVPxQ?QKwKbINUARB_oY@lt{nxc5C846zv%oF{fN2hvt^=2GC#7BI
zd|RtVJh)%Pl|{#%R#Y+vJS!msW+DRAKtC2eGaSc4#zhlFWDRN4A^(>1OVZvtIENIH
z9;o7|(BW-qR(HEu0+^xYb6L0U)RBR{it+3ec}^W87;8DhFQx;$`QYMuP;QK!7B^m8
zBa8iAdDII~yMZ{ekvatEM%GX+y)4`6N}Df|)HM1^J@gI{FYl;oJqH(q1$Cui2WdE4
zxlt)exE@uU6B-lDX*d>t3xh&nQXf}ou_}<SZy~KlTb`j*q&ZNU|KVe1f<V`|(hJ%*
z%6~a1C@?y(e&TfJ{1>1@;xrosd-P(7Cp^;v&zBY5Oih1kQL^y*zJyf}iAxYed>hVK
z0S^${iFF4s-Fffk-FMci*9qbxn=ZcqRB?Zl`*jn+3`;Tb$DV|b(#<=zWe!|D5&fpU
zQM?x9PJ>NRH+1n-E+c6e1`D1VeHY3=K_$z{Qbg``?V*}m_%4)|;Bue6*i7aT!9LI^
zsJMDY9T>psASgz~j?<&TE_1N0OUWQ!&e{quE-{0lRiY~s6X`T@R9FyXmgjo4l0IH+
zXY0EIU*O95_Go*p=bf*}K<)KPs;W^feadk`>RmfWwd@%oH<?iC&1BOG>|aM%5(Nxl
zNtF-#z%L4*S<pYTXdUb&`wo}?ZWy3KlWGkbYgs+F6mV^RbpQHM6Tq*Io~M?bu{jZ+
z;wE^7O}jw%ylK_&{bhmIv?VqihiEU#tM-4xKu|Okgis$WY6DC5*;}SzHw)v){!p*v
zdId{5M`Ldp4>kr2gvW<E_{3cCKCk%hp$9$(8=0Ef67}e;-t<5h^g=I@fvF2jQ6Dc^
zL%Fi~U09!a@_R5mqRu-3A_-JjWa!s7`V|-9XpWJv$k?v%f0pO11JE=V4l5;Gs9+XR
z$n6K6C%jvJ+%FYndxhF$UQbw6%5n%2;ea!Cxl9}*gL3%6PmmfP`6i$*5!Aid%-FUB
zh1OLi{EUm$O0J(*x?UefirdBL3VwthQ{`a;pvSP(Sqtg-2(jx71glGEG;+dT*jmWv
zy8u+y<FSSTsuE8ea&tr)$fa0SkrEUqn(V|1mfV_=)!PZnVR~3U)ORLN4Y=<n)rZF`
zGkX9YAj;p2J=BtGb6{cHoDWywDfS~^;cu}69E6*l3<nHx2LX$)qZ?K;0C>5psT$V7
z6IG{?jp47UBTh0zQ4!#H&t~O#Pd-Y$3EnG5E%7Edgx)B8&Bu8`K}VtyQTTQ~1KSZT
zQY>n74z;?LCk^CVo`%`)5qS9iL2?hP;3ooh0j!s}Nd|6^C2E5=H_5$x%{H0)FOc}>
zVM3t8eehHFy=e*TO$9l-+{*#e#3l&s6V@pEznx@Qexe~@1t6Xq`}tn*EQwG&CM5OW
zfbvfYY1syzXy6r`gn<s_7yV%iSz5$;2O6{CM1Xjs87~y7w79-?`g3G90YL`wZD%4u
z4m6~J=XxX!TV((HfYx=0c47>ww>Ldp@_cEj=1@U4y+x<-<DO&yd{NLq02iwGD+ti@
zO*vCtH;=VZjDIt+=~(tq58Aj^jTF%pO*IWeTH(OMQGkddQro7i!bFo4$xZB`W%)2v
z>qCm(Im|sLphzQWTjaHPfuL+qb2?>GW}=ZAyMB&wIyB^|b$%fhQ-57@F33}`V03Ey
z>%90qA3#U>^Amyts0_OPkZ4&jkh0C6NUqS36S4y@Bc~Wmv(1*3qylLe?4o(H1U?1{
z*9tST#%cB#f?fP8CT(9=x`yK)@JY2~ooLt<zDeV3@sZkYpA1w676zDj#NxFDh!Vk9
zj;16iTJs1f0lLV1jsLs}kU9WdSr`9^v={nN_Ze(&_Pa=o96CErM!RlTGoL2y6^CeK
zHHR#r&^E$3|L>s!B+4(;V#~Gcr^ISXbe+E171Y@-FIo<xpPS&riNR)JLTl(6&-js}
zo3NJHKl@F{p+1BaMA!t>0}|*I_ic2aT#CNv%PD-Jx1(?ko(4U?%uk;g&!>GFEsB26
zdunPRnS%GRzh5{QHOHgCzhUk=JSr`mR=rZfp2H6w;VHQm0prO|!~>iD6muC+AS~*G
z9{OD{^xNdHh`a>CZv%h3>hov-cAyE!BZBfN(yT7Ny!6c3IE#oiDvUuXB!7-yczlpm
ziqw~Ne*hnPFhe{c8kCoc7Na^TBJbz>eM^ow%PF^msRbRYu7adX|9wLZ3N#;v9OV6q
zArBhP4R_GwAD%S`0=xyWgbE&-9(Bk&N(jc0i4gO}TG6Dg3%hyL4q;W#*VCtNNPaWT
zHfE_Cls_dJG1b|=($$&yg}~DUi?i5l1$wi?CjY#A=dxHvVCx?HX`TW0^&@l=e*>Tj
zKhhj%Sh5Ijp!?U?(m1M{P0p5gktQZh&70@cCaZBo;>z3J#(DbIc&er@U-GFR^>`&b
z!l{|zQa&n5%P2IEuHHCr$OWtKF08(*y;lGSpbM<L|LyzUC=Wr=dWZoR^b~DKqRG=$
zLw*)P>X-&4Xemo2+_dD0uuaP$B3P0??d_%lxie>Nq@%IAlzkGI0I_>j#_UfVqDQ3y
z)QJtcuxx*#i4VW-$eGqrI3^D31bmqK=xCv(a=u(~7)_*&gp&L=3jIXC`gnznM(WM}
zddjbA_{Q<Y2<6uwV}T9`mU{eew*d}S79p_w6MRM2{}mB{AS4b48GdE*QS@)B{5L*{
za{&?7ggwiiDhPbGGe!E6%P~$NTax3;SLK498k=Q5OnHGD(IKP9<NsjntN<W6DYm7k
z5TiPQYHMqm%*JW*l?&q0uvCgQUp;w-81;$OtjEghdZwmY3{ZRV+rqA_u1ZXm8D<Om
z!*`oRsXT6(H$NQgVz(T~nHz8kz^3A#*(}Ijzm`(3Fn;gnU+}F-J)Ta>v`@3bIQoUx
z&0)vL`;DRWGKcM7v~&|i8kD}zkYcur>t(jai(Z?J7e*VUx^x@{Ip1BbuMR~Q?X2}B
zVJLKVgyT!ksdug>=+I?~hBFPGZjOjy(QEIJb5DYxb<pHcvP$(kKQ-s}^}Wr1SDG>F
zIAf9F^91OK{Hb%Dlb}d^6U1O<h)_u(jc(^Xt-dg;Es!Uon$G8QPT5-Zj%DxLo|Pvr
zee=34DAZ}5Z$MLiFVMRw)@$Orkse6K1vJk+PUO`pO+WS}bBqL`EO=fQ)$YwV)*HX1
z7T!P)pKo;Ia%ec}c}?MUd9*6JQgb}O_0oo<!&2@A2tsLny<6R@<upf5y|X)8tElo#
zoA!&xS(2vv;g2;d?gMYAKZS$0w-Ml;&W^?mh@eumA@&r9tx-nHvDKcB%mgr$$<{u}
z_QMiKfE6T<*ZNl*jt4M2Ub`-bvwv#XZ@!;r$r$9hSoF;xK;}%Js<!%)=i~$bobT=;
z(|&JO?ZaRy?GqSe7DHfLDekW(nhmbccFS~ILAeppq+*iW<3+3S8kW)bxBFhD4&K8+
z>L5-7eS!D*;(3*CzdJp4)4#Q_?+1qw_O8b3{#Ow_!V%4IvjgTU7MW0Z45@gU=<-3{
z8BM;MgErB;p=O(YMFF|q6qmK6frVWdLU&#6&n(Rv)s{?F^W6Fx0@_mN^KRc74m<D%
zsOU7R-qO{sppy!7CM7@S=BP6u0}guzZR*Ow8ozypiD94QBLi!n!Q^sez_FI7-v<_K
zL}B3-sx%!7Lrv4P@Aj)REI5$MS0MM@nzbAJ$ai-bIb3a}ldq5+GHcz2l+jBfnLtOI
zo9g;CUkV}qm10M`*N|P2(DvBTStZ9WK$6Da2d=W1`5-KSi8Y&VGLm!D@&qL@8{_I+
zE6V66*M0+Oz2k1oe$(}Uvp|K_f_8D^nY#SpVg%P7!#!^vcC2<mNuFK?T`uQx7;~6)
z-jc5?W&XNiv*&FXgNd7j$g%qH`hM*?ftb?8zSq53yw#=x-QQMh>x2F`xilx&M26q1
z%V}e%)tNAF9n$fkB$h7oqTkAMnZ{y>J)QYOpLGw5`J`M=0=-qp{mt><Q7+$YH%;IW
zd-iLULIx{JRyyC*`dGT8lGqMAIbt6mhQx(=)2R)^)x*2|RFLNm6%E57wwS46l}f%l
z2;}QhGfFYkt4#L1+AP!WL{_YHWz2_BxV<`Ey}RCLpO>JPalbvC5Vg+JZmdhT?Rk|`
z=*ntb_66=-opZNhq|f&CY1FV6K1)vfVykaI^UY)5AF_z5EBeoRpo!9~@JPuq33=~t
z?2<Sgz6Qr0Oq+d^7)<3!VUK9OISM_VblYz<;>H?f7F_V$vc&wvlDE=)e{02jIRw`p
zO5bE0ul&Mk)@H4#9yzwv3*eLW(1r|Us7d@_T$Cb-wNfkG&i4d)LTBeCOobEZw8Chq
zpXZ6ENo*IWeoH+x7&e>Xl6WeDNnB|zDjI-BF{&t`2>9NW)emJ=Epi?ALw_`UrHhJt
z4+fND!pGnU5`ZG?;74RmK?KSxgn8F(+RcULW`XoxJeDBM-Ra8y&r(_n?<uvKc`T+`
z#59L?>Ay7`N#@IE1~lAVZQCAoQ-03il)v1_j7)|LsYj+o^|Y861Q<N3L~nR75E^4@
z?bbtFUrtIqeTIp^0&DO-Rm5_i%*_d>p5VMPB)HD}`<a0PwEUAs-rJKAiU?oV*Bg#C
zTXP1vJ`M2!h`1!|3-0A;RQE>-&51aS|3Uu4K6?<pG7g+D^}`ttiD~tu75D#)dFC@>
zh=Erq--v8~>6a5vtI>0^Ig*l%tX!b-@o>5Gb9LSoh4L~dpbgv12&H4P9O7jB`39+u
zMo7{5<*$hx)O&y&3K33|&lElCB8^NeG6dp@{xLfjkS#D0<$cRd7ss5PvGQ|$I!s-F
zASaR_m+urqaqE<2yV~=C<70=}5PvZT2glk1N~2EH#BeZWs`1?}4)cdFL>vbGP@u{1
zyI6t60VWS(TeN4N1fN)B-*%KSpmTNy#ZfEe=~lIb*++5%xS1CmfI?{50A;>UT68+D
zVfC?oziEa>UoJ8r!xhWFQ_@DKKx~+KkXzp|ZOBebC0jsuzkZ*W5~r}kT#nclh?qHc
zzqBRy%x;~Qw+g<oap|*|43qIP<UM^%6FO*AhDG0Q##FKNX?~MAL_}bgfe_c{`ET+F
zq<%>>#@g5VcE|*=ZZg5nNr>uK<~hZ<GS<dE3sm|^6hB9NLh0|yt!3T%^yqrweqQV4
z`eXh9`$6@RgP4ZwG5&eijTpZ#<JJmaOiNm${9wisEaFvR2nOD@fIq|<BCv0!O#||^
z{8FHej>j^*3rTkX6n=l~g#56{%;P72<j{+#Lt4}-Me2q=ESyQ?Z{!DIv@CyCnyHqP
ze}MbCB>(8s?tntLwbM6n^Km|paTW^5*t)fT38GIl9$)duu>&Fn0NyVyx3<|o4)gaB
z?*yP8ayDTp`D?nrj{x8l&|DI5KZ4SK-vsL%%&$g|>r2~8BKK7(U)LdV{!yq2K#)45
z*T2(sgAg!RE`2m{sf+ihUGH;8P+^I6@437WaD4m`fQAGt_`)d@Hj3(j=_2X|TGi18
zi!8qty_evoyDKwX4%;ku06ttMCI699Kg|0gp8wT05<2gPrkA{4_{CO)7gv{Vh@}Le
zLn2`G7W{7Kp)6!ra41wWxex372~e*czyP+sVU&6Iz)2F(!u5S(?R92)o5IOTdo7mx
z*B1Ok0Qy0#Ks%T7a=BhiZ*6%Fn-v9>iulS;b_Df+1KLyS!X1i{5CCveAZMnm)so>?
z55~G9VsP5iT<$(N>?FKy(=B`~yaA*~_3-tlOTRvlz#W_sN89J)gYJj{DW+EkycF>w
zE9fTvU^++_<-tSIxN$GA{xLCs4{YCO_CaSR_lsYFugW0-|A7;i!~m7fMQK(J&clGB
zy3YgoKcTn85=+CxTM7`tfiGyI!Cfp5lmn3{FvoV-u%&+-1(gqkfJMWQiU^<!&l~D&
ziod%I1&Kog1~A+(NvuZs=k5r(H|3LsC&2#H0K>^^+HyZ^36TvTj1YgJVfwrD5`?8u
zD{FUVYPjC3_m5j)`%9R5dlNp;9Pi^wO65S+^R5LOGhyOiB3^R!NVCt8Ew~>`r=P}E
zcw2P-z}BG&M1D!F;sAsEA_{m?>gebw<dhplphXruU1>&1DjF7LH^9*;`$7Npzr*uC
z2b@yAC2E%*^i;YFn^v7nmiICXfHlgz*E{8Yj^@4bv^jUl$uByea>qY20-#cnMs@rH
zDm~ks!S2nB^9KrP8jY$xVD7hPGffqQng3y4LAW@i#ua$b9hqFtTinhAY#n#`ud3fH
ziybm}-+u?Ytfx5jo${Q|lIAAchQ!f+PW*N!f~`dcz|eRApi6EJmzp{MgUI?nu`1-s
zyv&zN_ZguC7>r`@bcKmNH|}ty*9pR7kb(t=^Xq+37swR%;t_fX%o$Rc)T+fhllFkm
zOXbR>7;Fw_m+Ae0pQ^RXB^5ND2O=WrmOz@sQy;$j%faCW7rS*A9(k*vPC_rurt3W}
zc>$px@R;Z)y9L^O2Q5z&01zcF8$jrJ(HaDHeEI-;RJC11IwD?fI|C5(JDlw=f9#&k
z+%J~#&c<q(VjW?)`UEo-Cb5Y4Y;WrvwkbZdTg3w)Ln4xZXC?QGXH0^Qr<&<RG41_D
zC!fL1#UTLwRTMit&gUqTl9JY3ERN4+tk|o@zUk-y;a!{NXPZ)o7f}>H=(TEb9Q(Yp
zkb0%5;T;9~<a6aeI+KT^M+Skamm-5^k`|^w9Sj=sy6n~I%hKS1vLDU>d8a554b>oi
zQsN%sx1)xAI1o&_El~CEx@-V@+D@C~CN;?N-6~z3Ze!anc%)m<=`_v4VhaT#vkJBX
zMM3y^``ztzxHThiK+j1BYT;3Y0uUJ|R5fk<(NL2=k4t>hZVYQl(-U_dX47%qBzHOa
zDb`<v%lrX{SdhMg2a}5B0fyUlzH~~o14Q)n=(<jD^bzoE0xg8#rAv+PgghOR4<~7!
z61ASM`uy6@ADSYK01Ci8`>TD-gDhVFD{_K-_2kj`p9TQ6T-WJ@j+MA_zQT_NiOK{e
z<F)(Sh5PQkxq1;EkY&xUXNofScKeOzJ$*^cnIXuyxVSQEx4+6Q=Qx>vO}q_9NKb{O
zewN3OzWIRab~kFLcVxCa4m$bn7!6DUr@wj(krS$^so8duC%lQQ$vl=#<(}$Rl|@De
zH%RK9ZjDh;__{Jbs1Y9z|BbBoD*7FvkSnU_VyrALTrY=vJ_xdRmu51M%t3JmN!_-E
z)2d68SY}5g;GUcv$wsTYX*na2lV94a-)ED;xC3${-Z$v$RF|5l`;D035X{$jg8=}n
zQB<!oH;Lz&JS1jG^@T^RLljK#$b(9^c_|u>w>ruVKn|0csv<SV^ubM6$5Y3PtL<;A
zW2!nI0dzh>6FuZ<T=oMt7bNqbXQYnb+(ZADf`o#c0G+KUf@N`fO)!D$2Js~jb;F%?
zjkay!!!va$!)<hP0asN&$uya7aB-|c!!U>DXLb<$HV^m7o<sBtug44M?*^h5vcL%q
zpYU;gXFNBd?N+2H$%Af>>&tc529%Ti9!T$Mo%Xet9p3X<kE<CarBI&KxnCYpXzbRn
zeKHH{D)GE^EjJfBHa`?{%C|mmEe<6GHwf}KdMJ6DO;_Y=I!+mCGxlOTuIx=y0>mb3
z)j;pOaRi`FmAw6g8>5!rP+_jwhJ7pUAN|nY1B5x<02NXwTg;d)RZzD!SqpRp5``ac
z>Qn$VMHHKmgjk%nE7Zo(Go+imL#&-d1h4z+h46KVD*|9F5RVfAf~!UD<?(v2mFF@3
z^>ET87p};gpHSfs<?RiyPi(1hdt#!I1hlaf(oBpb70DFmbhvwEuEkR1K#hG4l#pg$
zdan1I>Ca-2v|?<w@^d-Q-$1;v;qqz#InqxtQGfqU1h1$~geLYcKB-Er=}x&6wvxFW
z!~VhLeZBKUI&^RP2C%SZZ$#_q;yz#6o6`XLkI=f}ndC=kAO~D%3;-=!_j-ZNQJ^q!
zJ+EgLdK%B?&3LCV!mWlH-JDFu3zH@xYb^J`F~Qbwe^>8Vbm(I|S(0wd9SDSUTD{@X
ze8ttC*WXwKz4tB-T44w$t1}2#&xEwKQ`Jb)9r6SH>BgLQD<{IvA+B!<)hl~wK3l71
zq{9EwcxTEJ9W(7RrmULe9b4D_T?Ws+Oq*xEYl{1gYi!H;f|nI2mCa<h9nNP<T1wGs
z%rC!p<;OX85ImBI1ZOk>piREa>#`neiGV!ESJK2`Hc3ar4f!tJJ4q4&kN9vm;fbpO
z=Ba$oADjYu;BpUiASchPdugi^EhroU;pXZT8eg!qEK5+Ptk`SzR+vo;yggxM^KHav
z_j!uYcjSlsk~5K(hLs^D1iQ{$;EP)Mhj2x)3XC~Rg#=UMVJ(6ajyV~{1T*6oPo>X>
zVR)(&q;8IS>6r|B;xhf7(PE?m8W`Yrr>f=(0C$oN!d&x;!8${{LlB&qo^zvbP2X3q
z^V!W_&1IM4sQ`+h)hw4b(+|PzfOadU+O4_p(xzSwSvO%U_^d%5|3Ud_xH0we$)Th6
zkHiPf2uWyvEAN(V%o@^H3DIoZ3`B>`_D{*XG1W%RR6<-PFG)K+$$@5flvpuOI5`y?
z&L8nS1O(uL=TLzfcf`7~18uY_^8D4oJHy$bwb{KG_UlhQdhZX~P<nT(7wGVM(>$)v
zh$BrK!2KgFp?Kd~=Lc;25*fv$*MtZV>*Y}3Gz^B)!mey6k@}3SzU5zr<Fm6>E2DDk
zHypo}>jXFvAnfrlB){FxGMgx-Aj*0fDzMBAP$p9kvIFNBZ`bpU;q+%nc!?>B+$IL_
z;a9pH)Gk;3wZ!uX4rT@qeY$KTuHNMy&dB%=bluV4u)jUrfpG}QGxCK;9-JTLEAoGa
z2@}A>D58{RlMATQBnHpIvjTt6sZZCi%6@paLm{I>>{=|*C|J=1^k9<=pZ`oH2k_!=
zAdXg5vZ4`%1>SiBw)_TFug^K<37oPWsak+M>92|g__>8X1-SK&XbdgewC_NR`4bCW
z+joD2lr($1ZQX}_HzLjc(uL$ctzOKyZ1?9ogssE0Ufk~^7S(ef^r&i{Fl)PRW)nk*
z9F`0xFli}##|!jA8p(6D&D_+1zQi|-q5T?HCgCgm!@AwzD%qz2FgkbBXgDXk*V(r-
z-MysGdTJXrFsT^wEI6Z^E|>Ol+#?;sU)VV;dCaF+iJXL4!(UzqKZV}?qM<u<_qzHQ
zR-_O3*=`j)dyi`GYpc~_34erBs-HH*k5C;o1;FY38{hu9NDxe#R(zv<akWW@JX3AO
zUeB;$&<GHlGP&nFQ~FB`8w2QditSOvLVZ>7rsuWmsjmTordW-a(PpV#(8*@9(kuau
zeRNy!DU=hJjIWqXmHCujJm&@-mL(cVL$Zg*#t<>7k8vT4G<C=Z6AF;<WOUmCkSG|w
zcA(T=Z51?HS`P0hTKR5^N!v^-Cft3d+p?@ZQ?)zN<GE}<GR8T*GGAw$^B|ey#v^e7
zgldNp58}q$h0@f*s(5+s!;YOO!{>vD`-EK=SfyoBqAuTV;>AUEOr8LH>#g$ucn!0L
zhh+F}804aV`C-UdSNU-Rv`)6y{oMyuSS{Cd2})7=h66##CBhA`v_202o`oNn6n)tO
zm7*1(_<bGo<~_k8AF4Pbw1zoZK-VwG5c{E!sEjT5pI&?s`_`%?w*rEyMa)d<=e1Gh
zG$Vv^a7*{WWw&_mv3^<a$YSaHT&ci9PVznFV$5~H+Nnc47NRUy&JAROtWorXHml%K
z^bCiG)Za}BWEA(c3THnBD01h=zXjl}<B4OOCLSJ%`YK<{$5I~PhkM1VF;c7DFKy-N
z5u85pdei|HMhD;U^E;Wk01!1BC|7NPXnWPV;y05=cUe~tp>P-@G?V_YOw2GD5a`B|
z)vIx7y&oCl$}rimlL?Qcns=f9G#I#@BokJ%WN^*a`5f(_*DCn=uXMGCiM@JAb?7@R
zU%@vgZT!_!Bebs_65zGg(n_&e7_wYhNAu)K4WE2XMI7WgPoAPsoa-Navm6%1AM=Vi
zEPxpG2~g!7z4w=mTRx@WZT4?7IuE~;`~b)#>FlTcnm(Spao$JVyurX*lwYQA=kj;+
z$qMDiu#)L69F%P)kLmXR=Xz;Y4A2yz-h^qe@WcV%AVg*CZGYPRxLvI-uzwT*@19#c
z2;_0`UQyOz&Lhu|Au)56YCDg$B%>_X(=FmwDN-zC{+y2Ya_It!85BM0P8S-NTt!+K
z17-0t7pzkPOk;P#&R#XO#+nGH&wkoVc6NMt6?)CP-c8<O6})nk!}?$b5#koCc#(8r
zK*rZH0j3z#w4ks&RyBVk`7UUj5%UFSbuneGqp2PR`p=$d9VQSp-NqhzR$D#xB*^!u
zW~a{)t}UaN{+SvVRTv;)u1N1?zM)~7?3Joup8n=cM-N8`p0oLmh1;Zg;TxQi&WQI{
zjQ0Xy30l~p|EX{BxUEjE5&EYcPqhJ#<d{zldW9t@S%%0}L$7V9oC|$}Rwc?mZlP2^
zaEeLANul;v06zSyl=<rBH|T)^Zuzb7+e(At#(`ssz?*>U8;L_z=vuWv4Q4M|{o%|+
zFrw~9_Os;*U;eF{OSLo!STgE=H0u!l2l@NS!HCO4|3pL6S}YM|-!QgLIXiVVU#{Gg
zd|AEdoHcPK{$;(PFFBoivyE66DYb&J$JI~cn;;}&XG#0?B~U72AX?o*$GQ1Jp0H-<
zQHfhw;eyR+2GCB{mM1t>!ewVqxuH}~{y9*<uMddZ&q0Tyx_XHJ)R<XM0gO_CBgzSs
z&{WW;nm9n>FF*Yvoh_e2{h%XYhM3M2#sl}dI+`#KYm62I)T%7Y`^w{0`$~M4S8p0d
zUgZk<%23nojEn~%4Is&ch!D}!%ceRn!F6|aMSZrc%YWyP)hl#X{B-)u8d3pyw#F9Y
zd)asgj%Y%WfRB9U4)1>G*GuM>fn;WvmkFvt1i$`hq=^_FTFuO(_Rm3^Qv3_wx2nAM
zPIsnf2zK#$rW)0I;8e{0-zoe!GRy+nnrqDVx?-0fE@d+yt3V=S95Z$UGBavQ91kE(
z0tbgZwS1?BiG5)32GP*d@h-;SKsufoxF@t37c&OT>MPge?DCp{?H>UWECXN?C=_0;
zKz>ftq3Xo8)I{{9#-S<`+SkU~Zlvh#nURzPsyZi`vB9dm>NHZc^gt9gO?Fz>INFiE
z6{&_M`yrzX@We;=cMJE-GvDWJdudBmTQJB;<i3gK95>Lh9_jZux-ivT$96T5F_jpQ
z?EbxI&IE*3GG8VO;84I3qe|$?+5C!Oj*u01t8!{9AoMb7e`X=vh^Mr|Z%jpS1XLeO
z-E!RaHeRN=r&?$FdbK`;Vo0C=Des9=;NoP~2Y#{xOoj)X9|Gb>>bQ??#hm2tLB5}}
zLU5+ztMa?C@Mg{0=2kf(WpwZFZkcRX#2@OxOzb6@@37{RpY|JvdUEIA?7czXyCXxy
z!+fk^<%k||?V&Y52m)PVhiymt=sfN03~uuuqC+@{-ICMeq!X!h(^V82#s>wxE@d_T
z)r!TM9LwF-GZxkU3-Gg*d(L{ftbCT$vKX$jHLUdMr<C<aK=U|ucqL=(bF!m4OHbtB
z;(yr?Ko?>hC6+R3)|2;6hM?w3iKAGeA87tM#Ny>xR0_mSXH`Xq$Se+}3w6Z)N)IHU
zz7jG~FUvM7t20)<BV&u6a|p#v(Fgj2;`Ms@z+~Kx2&G<@#%smK(t|F?o{)|6DiZug
zFLFu%?IJ=h!U2RN46wZ_%z2sL4E_GAeD~NqivlD^g_%)Ng`co-bXwESOtUtfFGbvl
z!lh34M%y>%!hUS091EwIPsgvD>*QNhn63;iW?R-faLMedX2iO=b5@5~oPQFY5xxBl
zlpsn#5D-6w9pVM9s~Ldmp1%hoQOc1QcW(LAX=}Im&)_}o^r}e-3xg>?>CA&=Uld;B
z23&ahq<L}~hhW4jQQn`it4>W_j^3%mrKMKYdi{l(+M}LawbzF0KaTU}2`wYx&TD>@
zzufvG@xAy6v=nv3kn4$2`9UZVx6_*r=gatAF1b~X#flyoRe92mwlk*dHeqiU2e|eP
z0^ty(FAOd(oz}#jVFhYpGVmtVkLPcGZ?Z_S<4a8*EBDv0I(r=r>VHj0Ycq{EMA}=u
z6gC3)c&EkYL26-?rUbBRWC1OJ3M_+=ON%ir(_<?sb0){yjYmHV2FV3rI>IS^JB(mm
zZDoNA2Wo^z9o(trN-ZVTo}=EedoS^prew;thO;Rg7vBPA1mm6R4%w8BKqb_?U$^<g
zK!Q_%R5sKMeL@K0C1$uA$&Scw=BmwRDewxj+x>`9X`=frK7s>K71$1N1j{TwkT<D_
zcwdM&Bq*;fC+@F1-O2YB!wwgjZCo9@gk9P(8<*rQdbX|4h5Vs*jkseYd?Nx=MnhZo
zm%`?-AK|_;`a?f`NsZV+AT19p`H`C3{We7M_2jDkL;&;MRo#<cKV}AFL@Nv4OlWgn
zz8{gPy^2P85zFg&q&J)Y5-(boz-@<ds^00_23!1UZ$hLd6@TrO2j6}~^$S^F;I`gs
zYJp5V=NPl(+g~HK+bf3?MjWSzdn2NjFJ}8|BPP0mJCsr8uVKGF6RdRd`B~>6A>P};
zD(qxn9s26f^c=YOZt#87P{x5>$35m`cY3szZZDXwxn>X@hovMdr%!TqbvJNe-KxHZ
zfBE7?Gx-v1?AHgvq&*lgWir2l^bQ!{vboCBco_jPnTzXp&5>J6K#Y8QKQS{xwdZM5
z*Qa)sS$a4?+}PfzJv$PR+x14neAEj=JP>YU#l5Rb0vS1Fl$UMC-ULvM#A0s;H%;BI
zx4R7J*D?2a?OmnVX$@m&kz`@G^VIqK8=rn%OzVBIw279stIfVes#bYdf|F*U!<-k2
zxHU)p3D<vZ8y)Ucw<IB9;|YBvj&Xa8AYl&wcen!$l3zh4|LC3ifV`n6+VSL&qy@#-
zIr{CrtEHRer;X3@(q4^upHKG3XGc;}nT*1@FFRi7XEqgi0K!im3#+f;Za0UWhUa^8
zK)9|J{}F<zXc1vFecz&PdA!(r*(x(uV&_&JFEwaR30%a(oRUc)Yi6)%I>yo_RD%4f
z{bkg#D&5eyEhP~TV`A=`ZsZhqrQ#kGlOrzZ>*{-BB4@N2rJUO}w!S+>zg$QZ3EZti
zJ3{>a9yTIQ2blb-kT>*0Fo+=W?y`Q4&J-i!P57*vWcS|DKHu;5gZ(Vex_FU3wM(7i
zXRj&Rg!%L0Qu&4Ptr$23dw}&8Hev>DAu$b4EC0B~(rU!Ja<HJ_nPv~;G#Q6G>ifZQ
zR7&n#Tdgq~&sqKTH6S%|)dWAo6ioHBD?UCqInS~TN8J2boW8L#-`FRV@Ny%@H%ZFY
zV0oOozJ_CKp$7@uK0I_?mMmQWUq1R5qEwcW<4-?4jM<-hx%EnZb`v!yTOI;O$UwKi
z*@&j(;m<mG1D91=DOwpf0pE$TUuiNQ+GU$hQ^CZw>r`vn=u}2&r0267V69qG*E)#e
zIUQ9jvs;(B+}63LPD=WJOnn7VR$KQsARW@(U6Rrz-Q8V+ba!`2hk`+OgVGI>qLg$a
zAl;pQ`%&-zduNzCUgnwS?6c20Yp=C_0c}vKk+a=nYk3w-i+c~={GzaGH>E#P1Tw1U
zK9rZ9@QgR&Z9tq15wOD`6t)qQ)e@fPPEojP{M;MSlkQP5GRL}J^b83}yz~tk>Fkg<
zcetkEw^+03i5Ng)q86!yk!>2w=_Xz334O>xrT{H&HZ2wp20G~t%i16O101|E;0!+2
zk|l%=Bq%^_uO^!2Z4UB#eE!l6^u8O1%qo`=4_BS%Z@%gJdzZIDn*YXZxHzIL)a132
z686A(&hZSIWZ1|-72K?H1uS=}l?DB;`Ken!X>jp1EoxGgXMcMuTkXu|Z4YDaTj2xO
zk>9?&?)*`#nX1IGA0V}FQ>iRrbwR~sET!?Vz)wq^vAwlM$-h|*a^7B|oc$~@#Rgm|
z3}+RrT|L&>KsiT)rGVquhoQPN^554{aU}fep8K=O-(CqXy@gj5IvQz=D;90)%2`I)
zy{sMxO;Nt5?xRp0jZS{q$+?V4RKPJ^pg^+-6V{OHBJ-M>-Fo5nqsUQ%*4~V#xl+Sc
z>LuI6N+##HiWno22`NInpi4*nSybz9xT!wjzk^j#3;-jT7w<d=i&B9Zu(+jX$jP=>
zx@cS*4SM{{A+{n5FT5kEE$r1p|C?yNtJkdNEp<~mm9=3Qnv6MdNqJ|xyEy&CyEms{
z5@n6S{RA17ed0CgPfBK;A4(V@;yTwat5s6s)uTYH0~q}|t;T6wrIq@lK$qlZE^94l
zq(8&#$}Wrh3WzL^Cud%pj1QlN+B${5`=aRTwZ+Eh;-=xEs<$AQ?rt3y8KZqH<AsWJ
zv7yRVjyZkE(E=OsA7e>W1Qa&@co6K3j9#_YpD@uN!znA<{(GYUx7Fy2-);7DpQIwu
zi0Qa(VZC~au)T2!7M)f-ddfMTYMMr;op%T`vJR$-9_`4`&j^@JA3SrY6-$3<y&z!5
zYJU^1T;(u|jLUi0v709Q3Rh5N@5hn_S5bIF{y}_G-Z8B@b)^wsk5^+&^PK;pbZLp%
z*{8(AyUS)|fm{BWc^Hi_Ex<(=T#iWiQA1yZQQjTd2atKlpv4&i&|Wiv$OTjoc_c%>
zgL+Q$-e^%2RDoPT)p86mOX98#n4W*d`Myi_qu7t3dgYF6(&ZNxKB04cRQ9dkj&G-0
z#a{wgzcJk1Phs|kmftpjXrWtq-ndC8DqvJ35(Skhkb(EWiYBBxkaar$@NMp5ow49f
zQ|Z_$8Sfq0KQg$eDnwiDv9ZGo>o03M+7Z@KJFn7EM6}!ac)^C9y0(=aq+HL)XlFuS
z)({m;#Bu-g(Di!`t4nt80_o&XBddxt3IP*W$(Cpx7dW~{SOP{!CAyn2qp&ZY0i<|;
z!*OQhb0Se=_d$1#XDP<2vATJB{LD#>tXmN_w#0x^#M7(mzH*k`f0B@Ez$gs+Qx0RO
z!Yp_lo+ynzSlE^20(MOhR~Bl$-3(+gHYW6!hrDY{>`nB)W4M^wSkSBqzPp(|e!Z`x
zU=w`)+aZu@zqS7~r6#r2NKhrQrFUH{{VIa<$0H4OX>@Kk)4}QofxzUSVl-dy=Kl`8
z5WVBUg=eH;{Q%_y1LmUQ;Bvnp6}gk9vGP#ly6@3qp5OP}dVQ$IOk!V<l;+2XWL@D3
z_LVZ+?OP!|n6M@C%#2nqFmGiHvXgI(^W~p)+MPnlQ@*%gjrM%!O;(TQR~pt(eh^g*
zalNpxnR}s^MLwj+#MP9pygl)>Q8!J|04PWP1jZ^Ys9}wX(CopMBv9pyZywZ5zs@>J
z-)NXxLg<{$Rulwyq^%I)?$j{(o<&3U*M>zfq0BqVs-yc+1tvy^ZEti`B99NKmr}Q~
zstQqK>c*E6S_2$39Nhg37XvmKkqq?JRmr&>BmL$EW8t3hGM11X{u_o(K<Wp9c)EZP
zQ6j7oCm+sP)*<4?O+tK|YA=ly<?_n+lb#1p7zIKA`He^=^5e&k+YuAT2_3m!2<q+#
zLW-VV7nN=BJarmPTfu(fE8VZ(CB<zx(l6*ItSYa$5MU98buT#<xHTg5f%@mTuTw4g
zRt)e<Ay5y6F{l83N~QRM2M~_Ay;xSIam70v<T}#s`?F!(p;hNVson^Jh@Dti&$0)l
ze6anHGX98PMGLjtr#hzndZ=dLKq@!Y($7cIdx3EJDaMfOq38YqPyLd!%PZg?G{jDC
zOU&fl)K1s~_r3((6*3b8uVGRVg!kocx`PKh5hHq}tn~5F-%=^CEvrMnZkYpIH+4u3
zF$Ca|eE{hG{cuHjvlGbS^NXoCcB{xcuOiag@QIf_d?Vsdg5418Mk8A%rgj2*5@3qq
zm@OSgzP1Q)6o6a@0}96S$(T$FkOEwP>?(abXeyIz(qx-jq2H;b&sBCfWL)ZiVx)FG
z<*D8c%i6lnsga{u3TWtxpIezLk6vfK=Pr4bU36ZeK&QP$(qOlFJ4TDl$o*}qX@T_$
z3tcC<AiH7o>k1*HQD!BP;|+)Z2N#o30306y9vT~LYbcV1HY;1PyZt`S`)kVvx5N5W
zFQW#u?POY8!BSJ0>W<s86AOT5ICR7P*sg--tV^f1UVO^d7O&HG$cMPrjn^K!;*h>@
zM)l^h6hE3&Q2M}mAw$0PKdoI7G6>w#9A$tA0d5=X{=&4+uOH2JmUAsEBlSAUlSL}e
z7WTQ^P3iB_UP8k{7<kyJxd1(YOOvlQ5cE276PR42Hb%8oJ%hg?6F=lVWg(t%-Z!%F
z!KS5dUT|qVYA6rTb`4d<E9^XUaZhwo%PRak4H2ct1c!gY59<kh!~%{G*2>)&U-(&@
z{ixV|jZu;%p3=&FCbha;AHZ9TqyJK-b;E)D`m!KM;h~OyCbi#68fka?k+l`1lKt@3
z%(wBUQct};jPHA-%k?$u4DjMUv;NDW36%k0iT6w8L`vW;<2VWx?|0l^tRVaYzrK$&
zw%eiHD(<|565q%@8ARxKUW5!wT&Es!g@f|JhH;+hme0ZVQ_~jf3%WUXi`Z$&xzY<e
zLC@WZmaKr?xqLs8rS(0%Fb>pzK}i925(!439_-{j()Pk6C`{d%$OL_ozumG9G%HWV
z%;!KlOZU#3`ZIoMy5nCToWSdd%d9QQn)IvLr}fIOD9Xq0GO8D^2JOeuXTjOs0k_k1
zxH-$8KJGKs3tiH8e(HYhDQ#Q{#%7_Ue*;tzT(g_R%NGrL1xpnjI@5i2XWZqv<;`z(
z{A{zED+5V~n$-D7{4k|_>j4zjrY>*JI>)6JYxDv!Mz6RKucGRtyMF&S&PTyLHQx<W
zsAq&9lQ+m>@YP1K@D_J^L~dNv=#)p5Gun6iaxNBZL=#of@xl92y|CULNcT>rUS~jM
zU|jj|r2dTW9}*WTo-<jkjVy1qQ{0HS?djqF(8f&{So@29c*-BBk3SBn)_+5G9o1?t
zRQmB=?jRK2x6SFB`&?G*OkMf-=1SnUzh_#s3l4-(r`O_M`Z4J7W}?C2QIe<M)?dee
zwj{Bav{zLyr<L}6Z(i{|Zv`DG7RjV4{Xn@}Lu|iDMy*9VF!sXlIZn1y!M@@|YWG<t
zb&6@n$&qQ5o?clRq8#mA7pLEU&f>>adesY>A|u)QANc-kpz8dbB($`YTWp!gsyC(r
z<P?-w>jAkvk**qM{mZ9693>+9t)jAROk5S&LHSKXz&-_;(J;V+GR9nVJ^31AHA>8%
z55696iOO-dgfU@EwZo9G`67kP)ip|5PV96l@8Wc}{JG`IV_1<eE<qOQvWa&Xp<v*j
z4leYqbi#u?s7Oic7nlUL!{<m6VJ+RWWdg=LUdGeX%q}A_F>UB&A=?Fh8+F6wF1|JD
zFmu-7FSjZ|2wDD^-Y!<v_;|SQ?sznPS}c}%FpNcRlEL?)mwJ_O&q+S4BeEF%RYgiM
z{Wp(W+(47NoK|5AT^T>WF<)-ZLgo0cYf|~fPV+4aJodsQf)eTCB^fp2Sg(5e2)y8c
zD_Sx!f|r|>OO`2M6v?uimO*3$!09I%wJ*4z`h*g6e%H>Zt}JWfVV|02=XYHPgP$Vx
zoqoa%TJz8ulY@;+SqlW@Y0L3EDKHAyl8t&AL)x06_dcW8<EO~-tw=!gaa1ptYOnr<
zpHPm~+xwNdOyu)^AKM<1ckCYTG|GLAQ9GMj-HaAf)v8CI&cQU)Ao(3u1)To8L$NrG
zn^NnG{5g-c=LQnwvzG6UG-5Q<Eezzu;1Tuq#{zybaEB5D8Gta&hMEd=8Irx?ui}7K
zz3IDaW`j}Fg^NdR$Nsm=iFSuD0z2lW>;1wPU%_bQt=3*6Kb%Lvb^coeelpajDH$rE
z`$Madg~P!R2?I;+EXCaP)%=67TYBtPbIawPmrlA=FQ?d3ligeeddEkJD{~f&vDNs*
zPM!q-9zVo-422+bx5SD67DhA)#Zoc$G`e+CWR5kk8Xgw+>WIe6m|z{{aDh;)_!=fr
z!O02;QW%7<6%w}O6+wGSD=iBrgSbuneIYB`b8<sG=pKE4N*zdDbg8sk4t*zPn7_l0
z86_)+leJ%-!>ru447-uN>ne~-wdf9o<8)pX-2veChB);1siDtBH*c?VY>MkA#pow$
zX)aX9kZS30`*vqOiTI+T>=P(t-tt}r*H3;q2*^DE?sA#ud(#!N=3%c<vUOWE!PK9o
z7h9|y=CI}G2G)a7sp(6R4{oH;>Jh|#bFyl8WiX1k<tFb1$mgV=<8c&~9H>@ZLzrIv
zo<e{4acbbMu%zDlqR@i45yw;mOtST2);Hs+cx2qk)}~5jEqcaiMhjd?*a?a_$mO>N
zcIvzXr-m7=`}8+1K)C%=;2n`bO@34UK@`p^6&-|z7Cx*I@g-fk#O3xXx5pTm>L@`e
z#K!}+23#%&6<*c6btqk=$}NfkmD$V}Oc)*z8M8Ehvehv#AAvuLlUjYY7A3YCDYQm9
z&70n$ZP*tXs(!(QTWEH`l!v)fZmG>B)p)S@vSDNR#;17OM@-IWn48^LZW$I|GidBE
z08G<Pzw@pP0uh7(|4A=)*mQu&m5wkA7u3s&W!z+e${-al<8kI9OXB2RN;X}v8<-U*
zMU9|!e*ppaUVfaIkO%GWW=&Cn22rNT%*#FccXCFhqr2nc@aKa}$#!0x4wvQz-kjbp
zn#c`ueGwdQXOh}K=C4lFE@{<@NwpmxJbzgpF(F0?V4j>ft_Luoy9ZW$-75KSUNxM4
zq4*BZ1-GQ;Vs>5t_v*l-;MbG}P_2`eT9Hn%_?_%#C(i#6nQ(hwya3xUTIS#*XrXT~
zy@_{i54`4H?es<zH;UOu!`B7hGinqKe&ly60J!5sCGo;<++e27MlQTB8crkip6<FH
zX)G;@KWXgVg+Cr_^Sq1Ic1Qt!KBQVzVHdn}xl*K`+Y1~~nrE4?Z46}N19Gy^yirLb
zl2Gx%^Jp@4hNuyNpCZugabk#Zg^|OHkz8D#H|I2#wBWT_-AU(R6XFu~XdEU#9CDk?
zMD1C~YD992eVR$wqhb84&Yybpm?%<?o%bKAzQVaBKnMaQ^~9cUmyS>k32-lQ<BJ`)
zQ=&Wd1e>=%(Rl6JIhd6$=z7+LhyA3(B{Z&u5gqvyTG6u3RT6v!z=gT?!Y0!v$6!te
z!#?N^v5q4J;j)6JcT4aMJ?xxt*y7S+W7vfJ0#9ot=kj1)bL3!2Ag?9~@lMnEx)+NG
z!1XSZ2D$-H?xO1}3zd^(Bd{|7w;fOpByP`lsD=G5pWQ>t(_{k896&v&c85&qml{sr
zi)F6g@)if_fXPb3W7VgFSKlD>zKx137V*=j;9#uPMpy`c641hcE7oc|2U48WJv-tz
z)q%o%f#z|!1i`M4uTj#s-}+1&Ov+{<xY#ryzA2eK?&-aubTS2E>j?Px1yQC92zB&K
z?!pM5P@JwQ)a=_UOUJRT>E3p;p||y8`nD%s3MLWvO6@}C6hSI*Vkq0ffeNtht2=;<
zxoQJ)e->HRIZpyP{El$P$-YqmcuXYX^a9CmC3`;~<W1x5pjG&CLiGL1U3f4jK=Y9b
z>Qs4U!2>S-n~hWy#_tCfScv#nf2H7+O(-`D>U3YTrlz&i8-;nlV-lSo?HnMC4oEPl
zbp`0Nb<+9^IA@>%H4-;CZR^O4oxH%Mm&wShb@5r*XO~g7E*&><u_gAS&*8O&iK5fU
zLm4+<R3b4*vRcNv%JNrCwr9`xkDsSfvCpDKqM)^;4o5R%<k^dm=&^SHv1bQVq_oRC
zwOPn?LKJD+KogD2s`^ReN}jKlsp<#r>&%WFErWvs7n;Rkp?&{^D5MhnFN4X{n`fgh
z5MrVbw>gm-yMXxt7b77Vsw3=tR)Zb=l3HXZ?FaaO4SO&z2*K6wE=b{8-Vljs?9z~C
ziw*vQ^-S0;{N-bMhkK}aS$Sg>qm`ftKFti{GAb(p89yoiB{NXQ(HUi(&({3Vcr_RB
zvLof4!t{sBlUK5H?B1Wuz#!07mmL`f0}<j{{KxMF0~i(qC85i*?mQ5q1;*-Q@z|EP
zyj>teV|p*dce$6M`L1DfcLZy9D5sWCc9|k)Wd@M1oa6YfCZ|Vyn3Un0-^!F8oB8n;
zf|1~VeB&Hb@X+DT)>uLF1p{;TiI>kwwf;u4$z~vbp=CV+zPK*+((X3&=s+O>oKp>N
z0Kt|$ggoRY8jOkViiRImb+?vZon40d7k9!G!NKx*ng1M6x;}uHzKx$%7Y^XF-eBfk
z{Cl_PATV}k@pvdkd1T}u^EaOE-7A%4|A~n35Bz?Y_J9lxXr***EJO@MAvbR+UePa6
zO`{AsL@kK0%|`z7!G=cM06@>6RW~6BSZEmXZ@Rdj6nhSkR-w;cTlUauuL|6;RKWir
ze&JzLyDK*n)#7#JC`5RBdGMji=-jANyK3dv>|*yR)v>ti!dk;9N`u*xza1|W%nexZ
zsh%@DG@^HK7r~6D&u%v$9|@c4*D8%!Vy9m?9SOYvqsgt0*vU>EH~oMM{*Dulgp6`^
zxm&C~rY&jFv+3Y0)M55Ns^tGn!WijtI8e@&I_c0d_y+60QS=qPX}SU49+9vinu%x=
zW-#<w-gze$+bf+fWQ9b#ghLvir2BR~dl|YwcDI6DJsbJAD*)g8e{lOTYRFJkOk+Q%
zDtfTH{NXGXZ16YoIl$#3R*4)+rQfo0eai_0>Eq@d0chZM7=hg=3?>-_nD+l>EF?-f
z`{Q~Wkdc?H2sBz`iNTLKIj=O?#)6Q&ekDEgmW#rA;T+|Z-I;HSjgI|`*&~^P5Pq?F
z;QzNr1Ygw#$mQ@y@kn@L6iL92GCcDWk+w>#E~;nHetv)YSjXJZ!CS{IxRWO9ajNwp
zcAJR;3eS}v0mf(Rp5ux5De3knFzEj+$@>jRU&f?_`=O#;h)wj1hfq#Ckz#iZ0$a`-
zfw<bfUbZQYMsdwANCn)JE)UM0yzDoGM(=$iny!7Jc%NiwHy0l07~uK71b?KtxFH4L
zJwNBQ)tEF~)>8THHdCAJ;)QSH`d_IE%KhoFz;1d2i`KBKe%M$F3|W}9EYuxjvBot&
zh`wF8u_mSJfknO(LXn0@TOcAq*Td#5yiLrnG#Oo=zuXPisA+sFFphwK7}=F+chO|n
zo6W15ELEHH{$-&VXR@CL^w{x;jdWJ6{H*%zay*XTQFbbkQEkcpPnYQQ2li^SA<`}s
z3<1O@B$G~e^3A-f>aA>JPvlM^b5niR^s%SA;WmSV_m<GljR}693l7p>cEa5r!3+_@
zYQp+K%IWO(TGcRj!XyKGRgTJ<I_oLA;=z6gADI}W5v3WqEp3m@{_dp$;Qm%+s2rvk
zyn-c07H|vXy#KS^!HD6V<1>wgJMVk$ipWUByzY!^%_9^u*u{Xvjjwq%6lKC=J79(_
zbMS@Wz2bPLs{61Onl=&3oI>#a-7YZv;mVPDtEb<4n&+)v$og-hZ4LqABbn<#2g!lq
z?DQ^u<b=SUW`4k1rDwn8!P|bRr9O^;qbIQlq32cR>_Vy^Zr`tJP=LQp4?9fwWc#po
zO?3i0o~P#Vc~72MVPku-#duY!$@|m)UEqI^e$bn1{x4;m7T?(0Y|?d6Rv7xCC1%5C
zJ)!jU$1lS<QzVRtLf`4j$_u+qr!}I|<(}PD02%*%Xa60&-BgIM3Bk(pq3>P24p3}o
zG6Ng!=de`Zqat6Zh{J|zKkh%#{tw5;AcrYj*FdX>yhaQn&{qa3XcXy(L!{}HLS#}c
zSHkMQr>l&Zsbvz<0ArYC!r}Dar63XLF9}{9ax}amut7UwqK&K6o7mRV6@*!+H+)#G
zp2w?VbDyme(-<|RnY1f1l6Xq~seZs>8Ni`%O$IK?NS|Z(`QUtLu^uAazqFhut#_K2
z0kAcA=MI_x2^_q0j*Cq>9>R<d0eh8=1z`N1^6nku8z!w3z*<&NR#sM@pOyy7FghRz
zXe$|0`*;qB;=^p6_vU0QHb#9m*;fB8IXYgH(a!1A<fUKu1V%JE^kqW=`ha`sW}D!$
zYiQrjhetbjk7SV5iWIICUqF1f9{F9eHV#EdqJZ0YBe}qf%3IyVk=frm1;1I7e#)#S
z%aA40XZx!!2i`e6AD<bz1p);Xz@v}z2k+ZNiCX?OH(p^8gaLoLIa~<jqiXV!qsyH^
zos$)M8q?J#Y!DS&$|P<(?&0-2Al$hZ@`b3>3z)&?On6xA;KTY$ua1LxfgfRrat}Fh
zzD6bFmjiQ;x8ThTnEv4JHsy(nU&l6256Fofw%Ky#bV)?1X8W_XtI^cZnHhiueZUD+
zemhg;>6+!*N(sW3x;{V-ypg7%oD8As7ja+E5OP^38G0>ws5d$qjS~=N`=7?}&%``z
zkLN=;$7zd;hBvEW=!zZ6`<h%CyiQpf|EZX<+GmPY$o1O1YnzLE`aw&#k?FO}A>NHd
z|B(WszXrvXf&I}N>x*TN86ya|x3k#%*?ytnyEm7$5g0nB@VosYSd&~J7H}`IUu>#X
zHBf|xc=kggF<4X_;0QE0Y;QoEO3{veazXR)^bT@iBcBB}8ErQ&R!&_ZMh%>fU$OM+
zd^Oa{74`V*)f}`w{M`}H2@zY9`cWDVrynvvGYSU1aC|>yA##9M24mBe22qn`si#1n
zsr%~td&{@%Bz(@I%K=wL8q#plKsoc3(CQ=QAGrrmZ=d#Js|;=orCP4_L`V~OZ@$rq
zW1p-xc>y7?W(sfx0ZM(pU9MCto-5GF5OF}5Ps@Hs!fGyJeX;4rzH%c%XNuIilT}6w
z(U?qpl4V!uLDyk7fo<16V^4q238G&!lpQ3JPe>4jLm_oT<$CRea;a%bV&Gs%N#blK
zGDPD_W{qCe1m8YWDPW35gU;41ITd{!ESpM4iV6!uLm4uu1oNAp*QtkYZpr@Ll1=BZ
z)!foM!AAchi>;A&EBw4vRG}N6fD}nOQ@|q+37aljfPYyMAlxx`J#2msjBqd}qEN7Z
zf7-->roKHCHzE`Yu}LD>sbwx;HI@8ojQ97$=Z(@A>3zJ1JzX^|O%}!xdD2ttW#lFi
z=J{VrrQI!a!(}V9`ZCLmM1J)Y+RG=SBH&NB6<j?N$oeSOcHn(V+iF?syY^`CVdCY3
zW8H^=IKh!DVdkv2Gi6!|LdiVTPn^#Asj0(eyH>Y!9(`b#q4^MLh)MXSO4P!PgC0D}
z^y`@dfR?wH_ll%7<Ok4NP^TePgkJ;3e5pb@Yg%e5^&|$+rZQ>4Gpjenfz%mt*jhb{
z8@;#ITSbV3gw(TX28;#7FPwp>1u-n5-4%RT{tdGZ9z1daGi7=oQ)J-7ZOmE39lO;C
ziM*m>0qBAd`{1tzv<)OBj>!>&q5k{?>mYRvu4=V0kid#|k;3?62mY@7Zv7>TW@y$q
zDIt?FXnlnD?0&xGcieX-?{|amQ!sl3VjLzst+1HUE2a?qzxfPBt9pKTZpmF@q;+0A
z5RZgoOvtQ|X4&5lr_D*hsIVGI?3e>6-O==SVq%4(g0X#6IEW-DVJ5DsvX0Q@u#PP|
zMJfG*<!Z<AcVFKyN9;wkrGl+<A+!%Stq-|3@@F_BFGmHZJeloO8E!oJ3*-Ix`1nE)
zopaB0p5iff4)@ir704u#(ZWCF5$Wyijb0jQkYYtSqJV<=`|}kmI9W_DivbN*RFo3N
z|M_yG!jlt$^tV#2Pm9M6sTu3`25(ZJk`u~4S<>XJCnTsklDA6KIcTQNbG<HXh=0jA
zVtawQY0IH3htFzA5%}plZ*9IzB9HQb<{{FV#Z|<`-V8P~{6=pT+>c@v`h;8x<|jYb
z*X4L5Yp5XPWmiwLf>kyW-Zj8)%6YiELW$@d&zDh%#~*O3DSXesD0|!0Ur<m$vld7>
z^Szdc<jwHFu+Qcv-58haW8h=ty%jh#^sZsh=j7?X`=Q8r22DViwiz=4V!TZ>*lEHt
zEX?qpb!gR@m0N*;<obEBn@tKzm_^dDl(~esVZFJQq`^=IMaMvm3*|Ka6mi+p4#LP3
zu^URuE7+&=gD2>~w?VOS$&<KN%<B4hjq0!`KT$+qy|hh|#%Wa-0bTe!NtNVyBGo=_
zwRac6)2PIxvjeezkQK8H=T%@}$E=f4<m_?hZwuTWAS{#nQKXa)PJx(pe$|(zra50+
z=Q6r>5sZ<-!nD3xa@$Nup1<sk#_V|$`jW@_&if8%ujSvi)j1-Fg#C?3D8%bXs5sP)
zwK#one>ij$j=zX;@ozKYKUsbWYg6En9bC!uNk>DN_A!&JDa!q}RaeJ#d%d36rykMP
z1D)auJDb!M3C-UDlm2Z%SGcPddjkg-mo|vz>3oyV*{j|8`f}%>)t7U@W92$*W;BRs
zXt+N7zq)~)1tT}NmVYB_81LYUUPM<me>4p}kMCd%8UhJo3K~+wS4#;bVwt8x7J~-F
zbVSy2AgH7Agl$a5CN7)x?sg>qxY5#wPrR~u;Ee!{0rlrcHA|Fs$m`_&X<wcsMo9(~
z!d}mg4hQ`P6!de9q#%?H(ePK>pV{sPk)b^4SBV4p`$OAr=d{d^mfO!KHB@3U5bgsO
zn_PgR-f``z%gw2!S<|X$oIIV(<|lnBKE5VHkG4!S95b_#K7B?VD4y*ss9#tu<l^oi
z`E>=unp&{0=Ij<KWDsmy7K|xl9J4|j!-b?PY;=VHsa>5Hv&0TAmaLpyZc`KAPg<rq
zZu991y>p=7m;hQHgSFa0D3}hq;O6k^n0yh){ebnyq2fLlf69j0)!U_Ds`d<VI|(Wc
zb)JaJGi240N)H;0ol$_wGOK|odOEo4H=-$Phz2wy5!cB;Ny8t+$JpqH$As8K>W?RU
z;?fW75wIHhh@3yitnULC0hIMBRD4EyLC45XpFbP|rQsMv#B~2V+vgYIk25GJu!Jon
zQ`R*h<_%cL=9*vzCwJ=<sHyP7WDulDgrX^9%r-ia1N#a2jg8Hly3_FboE%YDRw1`v
zs8Z6>0^`^gwRBLlVccl`@X#2}Z^2%Tq=^5yGcav>v7#069;_6YS;0X3HI6ZZKyuyz
zRw+zct4^H{bW}gj3eJF59%K021>SE#@9Bubxy$1KnO~f@oUk(J!SXm>_G7SR5A1-0
zm3GC4oNea{i0fXjJGNhFn|~PqC1dX=e~0<HT#(&k){nE@U|n5Zqji|BXF4A@7oi8?
z{(HMY+RD*`Vdu2=v>s!}fC~8p>rE*9cIphv`)biGk)5YzGV90AkK&!84~}^<WIo}#
zYtHA}YVY}6@|F$;5=irvGX=(hD~M!ZLfZ<^VqunMy*P9Aas7#SdFtgka}7)?`Zz$X
zf;If0lqK{o@+ql&+ai$IorUk4h~ORJVz1KTnfPqt`d-diF^|NN{9hUc|9DTAvwy4c
z{*Z|X0W8uBrt|TZncH?U8l<}+^IF8l@b4dZHGnkFdc8lMiVTuPn0|8AP_6<6r)T5m
zmRyt0Kp^Lohfg?4%E*xQyWG$H#DVKQ_hL^oUmERXqa9@U^BxqoF`z`1QTo7xJA4cH
z3<+t*^P??})Pb+4M}Sj8A65ig$8{cNYqUtne+eTv*aop{(DZ$-w2YYO3hb;^wh?Ut
z3BPzqNC<7FUXwHB5-1ycYQU9Wbef0Yl_OtYfO8flBCPU2*!LWR72S}47|Yz;T>fkQ
zRmeiO0*kbyWb`xFXV3{fqjG`xCdb(tu%TgL5h>lJ-v(j-_d(e}9+a>57$1npcTfZ3
z*MNKpB#{o9pI<4Nk;ux+W3fJk2>hh(!&icSXI>X&zd>STWaJ8Z^nV>2OYOISPA>8c
zpKW<gDHNL+d6q?-hvL|3ulHhD8fEX`zPVyIcR$ddO(poI<L1`~acEA^tDh3q!2PRk
zAOS1N3yYB|#w!sK85-P-1k7I0d)jk>a8?r(zhxT535Wm*(_zzZ^X8~`Sa=(Fvx$!>
z7!nUhBIyhaW_oWN9Gu4U;J#-Hrq9BKow+@O^X#^sD2PcqAQ$phO?#7-r3}$!m#C0I
zC!neE3`NFd3VI<wk(ztBcFcxqO?Os=PXO+V|GOnlFshu}e)nU(80>J+JTNuou+^fb
zl@z9ZJ;3*9yR<kf5BLd5Gmy4;9x!D%`$znKyz1<s=tf2~SeSbwzC7ZB2jnPHYinyb
zczATXKSh&1`d%HfEN}k)+Hb#lMACNLu;56|<LjI>2&Nyyb0@~o(Asgwv!~vlYN3(-
zcVjwXndDMi?QR`J^sB63{3SwusEksVd~f(nM9ItBXm~8`x4^$mF?=ysqsntK@%rOz
z@T&dKQ@(zv6g$|B6_`gOQ5Z;~v4UisXN((9Apf%h$vR#YY8r%)tOFfdO<`&dQ(<8$
z@ddo#ii*%iAon}J0lB3LOCk__9^+U9oYifk1l+Tf!7(AE?6asabTl9hAt8_&!9&A=
z9GMFxi31JUKxAyuRhfv8JV-2opBW^@4?Ie}mJF>aQG2v&h<|_k_rKgoqC+`!0jV?b
z#prY|pvM9*YN)`M;-dP4-01usTwgg~TpIG(V?t;KLjOo2+`li&EcG#nP!!rH2-}i>
z?(W~Wj<JD{oeO%lIPqtRYzHEaLxVpa3X=QlTuCtsQzn=Ug$&!KaXs+qOpM?ZG5RMF
zuRui|9Gr~Q27H6WhbY*HZ8tjdoc@2dFtq@2K;Yxfz04~VFm?@<>qD_B0e*Fj!BYkU
z{RFeiutzj3rV5my1d-rEk%aQ@u#l&Bt^j&75e)grii&3so-i!`cbI~kp<p0%#wwA9
zQX$urNPI0O>IR!*F}9eLBSw*f0+zUKo-rm1mY9keoYHOaB;oMS67i5AH~<47Cnsm!
ztWe$mhDetjSP&l)@?08ya54JV=Tb2gIXaN=_1GA5#86EK`?z~5a{#$1(^#;`h7wca
zzg4pe5-^?8U?80M@dFIanf}DazpYe#3qJYvRMLhOqw5C(z9}U$BEd)SD|m8KcXZe`
zNhmiYwh*aW$d|4{hd`kx^yPwo^B`{E85ZW1&oD4omrO2?QM@?4Dwh;{oM48c%2Rhf
z?mLJ5HIk{YHJV)vsz;4@B5uXeCs1)p!PS`lm8%v<`j}+<PWFh~q<`0E1_H!%Hg_s;
zAnx=$g#PtA{)n_UCN#z)Nmef<taHevBH(4&f(S@IhC~WQLXO4UsG0N3m-*ta9FxzP
z(&A90EEwB<;b3<theusw6O&x~hG=F5tNp^-^owMHEIr2rWWH^$efJetVHH&G9`6%*
z=)x@=K4Cp~E>oe9xTh#-#u<_VKf?q1X^)5Kv&X>P#0KcTaPaZ178CNUim1B!tva-8
zT)Kbs_S<wwYoeovo6RE^Wo=<;FLlX4_L3b3ygI1dA8&W#$mroexvZIMhd9TmzV}uY
zrF|Wb8d)o5Q^TNg28n@tjNA}b4AXUS`Jz4>j}ItPu@(0A(bZVb437<kr>$=;_|n<u
z336UQRt}y|9I9o^YU?QCwu5<>N?ywIQ(QGxP1twwXh`Ff;#3A|#`_4+)EK%orqG!p
z0q>;~NaVmd#3P<QhJcM_deyw4aAW+ORhQb*Qo`N>Ln{%nZrQ$N)c1ozhGX!U8Cbdo
z=s3F5zEs64?^&96?M9>x<5ButaPxcS%SJzq<eHvYRm&a)PiWO`qeN8<#y``P+TFKd
z%Mr7RC$<{<!dzUj+;(i(uxH9e>Q53Gdk%KuT*z0zsg;ZlUdTnrld_Qpxk-O;vsmkX
z0~rZ6PSzCk^5-)qLF313UrGV(M0%g<)<PAA#4QAE+`nCw`J_HqEM65;RkxC-M5~(Y
z7nW_USo@y`i3h%Wk}A<xZV&s(+jhFb%~D6xBo$oGTvKvG6DfkAmnTQ(KQ6KBt~ARQ
zVcYDIL^FvnxhkwQh!z@gr6S<$Y9dCsk>ugG_$bpo5uF#|JmZtn^E6v6UvYC;2e9T|
z`h?tyLCz^O5HKZTq#npH`dI|W*ri{#-2AbEx~G10<Fn!zW&MWlhtolj-n_5e?H~I(
z1HU~zb_{IQCStJZfpXj|EhD3ZQ%MsY<`U`nLW~7p;I5Ks`K7c(*xM~E+<5#;Nb?Y^
z26|c3$>b@q&N=~(vDdNT`IH+mG;A;Nh;cU<J{a7+x<5x~uQUB@Fz}PY0||9+F8tLC
zkMfpy=g*!Dgp06IU;O2RpFq(UZk6v6si|hj+^IO^I7Fq7CvRk?Sq<e0aO<m{g;%+|
zopoypm%S}Dq^}c5Ki-Ln`TFM|ehCZ1HBH8a0INygg)Lh-XmZe<lwEKV&f8&IlUJ^K
z&(JJOv6I^MD{Sc2zG-q702Yx6WWw^`tS$uP+p^`vZ~Ol5YyH^_BQ?omUK4jQWwi>@
z`A%65sxvf?%FV!gCaXT*)ca)fy-LOUVR@8xUEEVn<FTbC`?~(DmuPpv5!HxgSBk}U
zfDaYkN92rTD(*Ei;}deo+93PS2of8E6xL>wqG+rNIbSfo4C0KzPug#Md^F4?LP{sp
zzc5!!DR)vurzdJ#?3>=Eq53~w`FIc-M!I{_`3ze!&}!%#F_epHU4#nZys*Cu);`Q&
z397#flvx<qd2~$F_@Q6xdG^haJHCJMCS~ctcP_WDIox<QHxm+Ot1K{q%S;5Dp~1_D
zgS$}e^&b|7`;)`AT%+HhWzi832+>BbFHzRG@2I~Q@L&RH!eHhXT;X5&n?YS&ISgtm
zIQ?R_KKp6%71n|uQ}S=WVopB{eRE;OINCLG+gUowP7TG+{w&hAahAOCq|RbEH09_T
zT=mb7Jf#1Zd(WUS1FPHJ6$#%?=Xf_XDRg3P!-j>p9n+N~7PkFH$2gZx>3zxa{^o*8
z*)lv=moSWc9O>`3rx(F!sQO-+Zjw7)rAl0ZBdYT?L2qz+uUiCIE>3;kpKhk6eF$1w
z>QUpL1x4|n3szx?D#Gi;P<B!x9V_{O7n=!+rOS-_$sO9~JJ?n=ijZJ3L||PLcX_m;
z0wyB`cr5xQ^A^t*%9sKZnXcUTuN$8;3ag|tqclIEqg|&_y1z%-ohZP+unt714KcgO
zI--quf@*Vk+{^LzdLxjcgkO2k(ix_W<Xv*gJxv1IQ>5{39Go1MarIVsZtL#njj5fT
z<Z!ZV{FYm|V{CULW8uxj8%iPp*?c9!@rOU;E2@%x`O_Q7<#H<)VX_;#E8d_Hum=NT
z@02XXsvXR!Q&Cpj_skDV3TWmFWAEy|)a}g@F}@vvYn^Q%(U<9zXS?^9lL{yOyC7u9
zj*De5$Y;ZPyOtKm6f&pXlrFBFH5(foPP}Q*-BKzclSAUBlFIpdAG$X_ZzmO{_C;Td
zfr=|hI-qI#79-m~Au%TDZ4gQ!tJ3=R`11FiffePk8ZYge0>{rfr(e)ti~)Pcoh-k@
zTu>~&BSpA9l7O*~)AG}kPj6w?Lnhn5@oH(Fqc|<sv@bYV`lY7dvcod(;UB-0XKGp#
z3orQhrNE(sq7Lg3Rr~me$bk7wZMgjvH8L}Icv-GKVg$Ug&eM{qLqmmHfmPX4KmdI#
zPkGgLyQ*}4-{tA9k=m5v&~bl!UU6|g^!@<{3rCdN$xgW$?`6~2bxLll$Hmb~_B9-B
zSSzf{$8y-~#^iVu-xhcrBbJ;IC3w}Xq9+QdsEbEsYqeZ?S08YQjk2c?^kjYDq8nFt
zZ-VdtZsS+*T*dg`GRPIfa=KN&keji=|7hDl!kGDzyH^^H-y^Q^`5PnGv!x@?iPQjt
zac-N_(VcgG^J8aM4f#xF-I}`YTKdF~sA&EVGPQ|lScxm+p{y1gs`=Mt<_m||_=SZC
zo!G2TkA#;cN-&!e?9^R|ud;JHssq^4kcW+TWGeTx@CPim@W&Qb4hy^<Kc~{69g42s
zHRg&AwTCCRb{f3=StN9FRBur&B=Tz~kauGIGvQ=IAew&jSpmbHy0*yD`689tK-UPG
z^|VI&_MHR0q@FqTBeRq#P$2==4A$L+MmErtG)#(62ZjtMwd8-@<u-!9dlQ)G=<qxR
z=Kkxz0unM}VF&4eI?K>ljm4RJ)FHOwi(KElmayP?$e{uSi>d%d3tyhH2>f~m?a9cl
zF_BV6$;U40s#GFXtHm5kNw8Q?83Bi&uCGld?5=?A>!54(H8~C{yZU$PJa36y`vT3_
zgq+up9NwV3lCNSt*BFfLL8oWXHbH2%sk)hOl@4Y0F0=69qwAP`xJ>4~bnbj7^DP~2
z&E$jRljE@LO?B(f*aUn;Ql;e`F*PDR^DGw<G%9UD?}8;8HBzAQgE((TQXc+5$TQ2B
zY@*xIXJEt<qcOyZXl|_LKoyy`Us~;Rxb^M|V{%}UA#3E7t@xWTn4QrdJFf($40rc{
zL8;U|XKV^Is|0H%*=x&R6rB~uV|zz|4^0g?CY8BHWcwoHRcl5#*m_YNOG5DpSqo+n
zo#!9_^8$G8w64#xz1e*<yBHP!H>fC98Nq=MNw*$K!P$qOEvD_|n9CyPIo9faWj|3^
z>tq^wTEw;_hD{q0oQ(tP{QmqM8jOxBOWpbdLW#!u`w1GswvCLd&K0GgJM;4EK<jBl
zn^2=vD%#B_>29Mhf^vjYTGmMAC~J@M*HU`<5-v04aeeeEYm7Oij{`kNWt-EK;3E3q
zi@94<!v)N@YEiiSHbv(79BP(MS>>Ur_#do>Ief28%KNOI*4@0eX!6dHd1-dM{p?M4
za;A)%&Jp(AiHQ#kuv^FjD3mG~Hk1V1U2Z-nutzbB^na0qUyXw}!y)|pmzNz!FQc=E
zEl=@yz;Bj^jt9lo#OlJ0Nr?%kF}N~pjcnhBwpe%%A6-t#N%yj67XNiaf9By#92>ki
zA%?Ndny8itDh^s-=FaVXFNP~|NHM7@=Zt01<#{*#zx+O~{2m_rgpG^c!yEr3WnttH
zEw{Vxh0#8|i=sOEAS1tUtgR*zu5>gw*jqC6?4ee1sgz~Q;5@Caw~Jp`&r@T%+wBqe
z#xAi33Vx)*r(ACKulj(7xu%Zs)t8%^cBl5>^m?e(d4Mm;P#vC`nGV%nft0v!V)X;D
ze8{t~?bgbH8g(h8+*9(ywln3Q>3V6XoX}0ELo{tyRbCgNtrk7vd6Leufao8S&XrJ&
zweRS{_w-LK00sMzE+-I{ulU33IEox0XocJ}rpSWSft^}0ud%6e9a0{P^&lO!={Lhq
z&-mtdc1{w$Hq@(Va~D|L1`>`wlgm85i2TAO(Q@)zvxOr_N}c9dqyJS(IZQdUZv62!
z!V8Tcx#Y2nzCLl58uznt^+>qA4|POpeUA9)G+roAml^1JaA>CEsAB6<q^|HzdLF1e
zuSssbZ^+#RxD}f0L0u*}Vti^$Ay+;pn(R9l=rc3hqe@rn^0L*UY4uV_FsE{R;2W+g
zM_RY$?jEq1v)P?2tpj;PeIfo)%9F4K%=drJEEYR4Z*lf+@wKAX3MTAx_8MBG=fY3C
zer7*=yS~wfl}<U=M=!yd;L?WaIhAY_X&iL@3oAYM9rLC9iOhZYFh)9cD{7|f5YF~+
z3+fzGqK*al&}=}oQKYU9O)IL4m~As^t#63V>`9SdxN#L)Gv2@qE5|DMi@5*J77FJ8
zyed&M1{m0L>72oSw7hl^!*+d19VT`%FxeOzR!J<FT1cE_?qBm%N%Ye7h7+{ZlK66M
zE%1K-!z?uP<L1Ff{~sf}p_v10s>3ZDT*}C0e1Riu=aWm7eM+<41$z!J>$`^~1SV?T
z-f`_-{?gRZ$8$R>jXj@<U<Sjtdn?}`1*3t5TLrkx*V5Lh1w7j{r6~H7F_^ny_*+gz
z{q^~ME)@ky*u;E%Q>o_6HFoeTIVThE8@|2-b1|-<1F@kTHG{P7a%=mWvx-Xl*~=F&
z5RBkt*j^sK3Dsvyr7L|GF5iT>?YTGu?w_0P8if5idK|xKaE=E16~lRRC?PvLXlVSy
zbmdzre|q%~;fTH^CMvgXzsYKk)*FAz&FSfJosY1(^FI$ucx=u-Y^@I)yqZT*QGeA>
zo1ExWfX|Y_(%?p@Ad*dwgJqe>Ryrm_t~<s4`zG*wo3t`Oothc0;>TmBdLOoGNAqtn
z{g@D^Z%%2U{Epss>}Ute86$Fsxab|9CvGub$3D$}Q;n8$N7EQy$K1^2`ODY$XMVjq
z1)~xJ&b98-F7MNOOQMT4{r8lm_@{-lC~Ro9DtZb7$mvLdFm29D*|eLdKW5z-tt}83
zJDyZCt(CO-%aNKfyTnBn#On02K7EYd$mjwlap5Uuz_>8sIgveEE2=PSrSa)R=yxv1
zOSTl`)sN9q>eH6d>&YZp!s1QKuyD76?u0*A@OcvETu;otkhP+otYEdGvSiJszlv*)
zAd-{j+S{lAfoL^q8Ey2T!YDFu&a0oERiZ<cP51M}aD6uwp;PkTXcO(i2Yv7{oaH14
zxPhmnIWCE)d5N96(ig<sg?%Vn6M{iOF~0&ohu)$Rh%*Cg#ZIMcF&}<@u8o9|^F|x;
z@$Zf2MLxd+KV*?|r~P`Suk7b(pAYwZC7+!4pisf4^!zy3c(Ow4gZe;Jgb}*qwq5Ym
zl|5@SjbUE=T}qoeH-c*%(Wy)Gr#bGmNEs2vxsF#?COx9g5*LUqDK8l<5myzTNxozE
zdUA88L)9^7)`-II;p>^Ko10g)L6=MiXJw(sSIjm|j>YEr@;KFE+a6K3tyI_NbiXaW
zmrePIZ9%E+d}Gw_5sO#)^6Se&*iQRGs8XXjA2{`{frkdqmmhFLjN5%NJHHiKBpF3o
z;2_XWecKH}#bK53Kdc$XARbUJbjv_9@n8PL9P055%a2upyBwz#-DR%9F!Hh99{)iJ
zS#@4UKOjQKr*zOVS_|Lx6YFU5u<Gbr-s?%r==g++uj<rI`P0>CRZR$A*W<kY&3c@p
zz%1cV^$SN49R{Y>8$AEUxB88Hl0MD+lMOHN=i7~ZZ<%ba_PFg8DRXmsOlvH^=$B=x
zru$y(ur0yf{iqq}p9s!!*j}7_o|fgAjQk8w!0#8Et;<V<Tb}{7G9nha>%ySZlSk;?
zdmpk?Lt46k7G<HG$sSQbb?BN_SYiTiI7EXOG~`RH6;rJ=KHYo|SIsPsj+hkrpC^I_
zSSuSYghMuZ)2%0S@FBos3#-%jd|Pa()vGc2OU8#)&Vv1>PvZG{hL*L8mah&y@EI)a
zYK`85n-rUHqQ&|%NCIG7Xt016N5?kdE)+C9VmSOwGYQ7CB44!In_{P(<dDWUlVj@*
zB0tZj^2~Sqlg~#~EJkTE^Rg<j<WEnch6#5j_Ywko-k6_1dFbs}4nUYVtL~7}DwB>q
z@^2$z<l&5NQNC7-FEgr2eKJ;P_%%0`@epCoy;+?eeKjYQ1ktIw&hS@8;tan}TJz_3
z-<v2B8>rKBV^9Kd9Z@SdO&iIT6AUB0Uoex+f>$JPcVJ29Cui>+$n*yKQ$<(V+l+>h
zvkuYNY@1(MCHAv=ODl%Q^2sY|4af!*YTwLSZr7V-_U%4Ph>K`QxUe8*7ToO%#~>z5
znK%n5vK_mv7faw?M=~Hm`PbNuV1P!8P=4^GF3jUS!(v}u;DyThRPl40o%sVz-dal9
zOaWyL`UGYzWM=$lH#d_VZoKawv`&-+6<(v?*T&k;$Q3B;l)A6f$k<Fa;YZZ2)#GR9
zO}%(lcqb!7`E_kQ;GOuB2L{l6oU|HGyy$q0zb@=Mzp8G)>`eMdUjxuf{mwvPkG<)5
z-^=}-`w)TeNa>VE=!Tls!3DO*#i^w}ti-8HHkp{!Xot>S|C&PzDC#F8&>Gl?$j(cH
zs;Z`#tZ2NGr80AKdgsfNL++HD6&sI9Y;aC((ozu-?#@S!nAK(j(@N(H)t#zQtV=di
zR|?i&!^i6!ujFnww{Xwj;iRs`lJly5q5EEHJ7sH5^17hQ@bqLqat$RNNt+EcChu;A
zM7O5s$AIZ^3qUQVoTA|kR%PL!(kTa?^p{1#bBo7>iTMg@hk;0|Sd{p$@G`;Z!X3a*
zQ;T|q6b|29L=YVvT`+y%gcTXAj8?9&H?ksHSul%Qq1cp`MHh#j*|IFIf_k8E<KuHa
zvd^|N6a}vu)obl*_tlMx&tl4!V{$92TYWLIVe+#F=}%Xfu&~nKNo$1(R#RcT*mql}
z8^rMNPU_NgBUrO79_6}5p*rtGT@#=TBR{V9HkZl3s;|G##Ub0Dck1}ey}dS%VexXv
z)aowE|Gy#{IYd4s+~D<S0xV1ieHRBxo%8L1!ieXv6|dkPazuFeye6?Ojh2L}YEAH0
zmB!gs3_LP5R#y>(gbf@lUtwgSphl6bPUcMSp6|%;dnM<tq-$ZX2FXvVBw*T}6&t7C
z`*n4q+0xykmB_7}wJ_fjA2*bVmCr=>*S_)C#M;__m-D7M{PTg-AN-R233QV}hFRLU
zOcd<(&|5*Z!8vPFwjp@<WpV-n8smo3x7@6QJ{5`Sjf^KFyKo8ZtCht*@^zS&8L3^s
zP1go+h=62;z6JQ`en*0CzeIxO`6L~28=I4)ck>ltZt7=!NYLE{j@tk|Jq!~x1e?G(
zCIU@FTO=ObUIdg1&k_gcc43gKAZaQ7h7f?i>k-|7PG7)%J4gGXWX1y4yAaN#&vp!E
z{utw^DaJb2$@<CPG4&;Y?Q+^V#A5vwgQ=75?(`O2-yOSXER~HIUGx;~NGz72Ba}+y
zEX2l6mFni|dmS#y0bhL}0aySqW1m6~lP1?|Xy{hhwo2O?gW5zd%|uaW6LM-956ELO
zwFMK$4BzW<AG$6VB;D^xSw_};6sl|lj<RSAxt<5}Y5=H1TX^BF*a{n0WgA=`?l~%4
zhYBfW;^d*q6$m^m#@W&loiQY-X|psx;qZ0H*L+`1kltm!HAe-1QF9-&T;Un;sU;v4
zXLFYcj{mf57$VL>p(`fKa$159`I>JEQ1b9+3BtaPQo-34Qc-XO;@_bzLZ`ZZ<~t%T
zdauV%ws_bn)#I~DyeCRPCe9BZP8!!lBiZK=cvd6s2>|%N(e^(Btn1PsFrjyR`TW=-
zMJGWN*2O40vdH1SBjC;&_`FSivQ!{qHx0Jo&sm?RFiq1%JJE_wSD%L0s)PAkp*@4p
z0)}PtvvILjXHoZgl0PP!m>E}Eu6jyfmDj6@`597n^+$k#RFf;>X(%8E4VJ+h2QV-S
zn|Q%n^Q4(Jn^$L1LAXMo`R;lO-D^?v1pdQ!xt!~rH-Yv}LLv4f288hNZdp~4yBC1V
zD5V$)`2!8A58_tmD#1Dwws<;v$QTvbc2Ah+<M8Zce_LVs{<+IvlsVbVMLzwo!dmY{
z#ogISTb<vyqEwYFV%<#*m!a^y217GUL@vAOxc58`w&7Jd=<qaMoy}lW&cNImoicGc
zsP3-xxqYMI(;i7D^*>-Zm<ZHFs$l}VlU&eQ87E&++r-20Qtvg<;Ne*kp3ZNuhJ1-a
zN1^>PQK+!Q0y7X2JcE>0GQibBmF)i@ZckR7ja>3~cG?9E&@qy(Zq_rb)foNu-Q1rs
zZ?tjH?9W$=HI8e!k9=%4vUnXAGmHUlPVI#m@Ej4kL&O>NW64+OG=D~u65_fsZUTZj
zcI1C?4}~3^0=)%|I7`{35~@3%6G1P&Z!lbo4`x%(b!RL5U<MM&@#P}{$7!d7Z9AAB
zac~CFvv!@>pBoz$)pkN=>2F+E0ti9%En-JlFfMdf)5&+?YCe|}`H(5H6@QC-7!_0g
zug!Yu+Eo$SheA?1t^uP98vQQgW|NhAEXe3+r*#ZJNC6-pz(A<TyW79*?5>-Gi2TlV
zE^po=bX}^%VVk|*IuHL}1cHN44Cyt)mt)wU<*+EY&<ZaDfaBk{DoiK;&zU@=Lgfo?
zWlH8~x5vMIcN-pTx$glB;v86mtD2irp#c}_%2zqY7|yX!E30Q7p=eJ#Tys|i^fn`}
zg&ffcpZ+}ofCmUjDTw$|#IaBah8C94%tWlOaJ?<RyYsNtRI{mQet&;%Z@S8{5b!fp
zFKQ$|aHd=bT^>FW@uw*ZMv@VOH}2~+#n_pj+>%jni23l7DEb5*b${q5qJIceU$MHq
zFq}n2h4@qApzb#qgj)gjr;DS;Qv*%SG`TX_4~H;YI}8h(l9I9wh@Sc3;jly;=HW=b
z_MNfLgr7#G+5BcHzH<c3&UQuad|MPx{4g>@&ch0TE3P*vnFFh;0D*vj5Tg)69RPO5
z5MjMP4Mf5Rp6p@+_|2Si2wUC?i+oh2&0;<DojEJtmjMCvR<atD(6<_m`1p3sJ}uV7
z#P~HWk|(O|_j7ng%;tQ+Tp-bXs?TTZK>AZ{h>4U=HIjtHD@V*t{nsCPl+Qe<gbJEa
zJB%s*3wScb)z^hlYU0G)O2PCYxhX9n*eW#73+T0PB4!xqk6OBOQ!F$Q(J!fA><G)h
zXYVP=*`btL*Q9X%^^NfTiy)DyDx(ho?kW{WsnaN2HgY^aJl%+Yo~s*yp_`}u8ArZ<
z=eH5{tgJ(3Pl26OaA&saGhL?vtAEAt7z%iR=bY-+#dJtGFEW`@G*SEH;bScfYtpMW
zaF68PE{B^@$!c@1j*gK%x93HN=3xaOW!4Fgfy$;GT&vOso~%4P!VIz=<^VKJt_AzT
zyU@o!2rdWW>R~^@dbII%29yfSkIyKQhVWixukcX<T?`Qdd-_fY_~iL;o>u)3O3#w$
zB;}W}QvX~K<Cjds^0eUAMGZ2rLq2{!I+0zK`ePasLcahu;;#XT5aPFP5U<h9{h<h5
ztr;$%+-kG0Nw1S{#A2d7tKTB28kb}yR~IcL1C>tr&6oq^KF4suO}hU-y52e}%O~mr
zrMo+&ySrPEF6l;6Km<fe8Ug7BrBmtdE-C4d?oI(gO5o0`{=W5ncip?z`-cnRo#&Z3
zbLPxBd+)<%WLvrb=h6M;;@tB0`-mv?-y7K`ocw|kLs=Df2|J|=Hb4FC;&OPMoe-Og
zoJ&XU=L*?i9E?Ea+|VNMd!w3v6slqcd)F*VRdbxBQ|AHBNep`QA6OFvFd(|~Q`}<O
z3<^fHNojQ8OAnKfiD7&sS5?mXS`(R~;@Hn2oKFZu;qmMa66r5yJ3Bv3vhPkFM))R7
zqw6X~cOf3*G&-%rsALEy?F@g)Tb9eUqEv^5=6_1j63b#zy(j}8+E`}@YOfRjgO{k4
z0|!-E6w*ST5RB+c(NC#|<DokHazEkX^J0H$T2(!wG8eg$dvUz(dEmi!qoNVX@)e6!
zZm4a~>24j!W)C3Yvjf%49jx?rk6>R3m(2L7nnFnz;_yPUr|6r->SH>BKbD^!oSRou
zrTVq_By9-`jmorr#9CKfFKO1m{CCq3qz2h|8sRw`FBmd+DsbfBV~7SQH#y{7q{AqF
zz`*{NT{MXmrQ^jewpf&$F*fYXOu=2GL@6egVLkj&YGPu7*X>B}Eoolf!fyGB8tUV_
zaq9?s?ZsymORI4P-=nIUC`gm2I_+Q{%63*A_;6V0^`K|7<qDDTisVSu8U8(l9xe#+
zQxU`=K9vt0O=koP1tod)oMit@8;eZS8W(4e!_W2l37LPEP^dp|bwU&>Xv(-?R(iKt
zYYYpU;>yn!v7*<S(e8W3K8qsf_yy^7M67?$ye@4a44uq7!#_vrI8O5ZuUA!us(GD`
zNNE=2uY-p6UByCyRn2Z)T0^;@>B7}*s;lPv2M1qAqn7ZIV~F_xY5t4#Pzp^gEj)0S
zQ#Fj5vbFzyEM{!}&0{8s{Mp#^yAVE>;Rv)*>{xAUyRR~gjKg{NU--xCd%o?-pQ{el
zSZZXDuoZer>mIDQAiXWkLXr)7BNJxy_gPFJlb_O=t9Oqxo*N+bnMuuYehtf%Z*H0$
zFUZkRzQjE<H({6Kn+H((eyN+1N~gurKu%f<!X8w0?nZugCe>y%;{pF~vG$h7yF05U
zZaL4t@llV(tJu5wNFQGLvJ(@Qw?y6pCH6D>-7voCiXI}8@hVJh)R@{;?3ZIV!*8^B
zm`BZ@9R1w|P|)s3W^a+*3)hKyaIloLto3+TC4>TnDm-$&Tk5`&?}~5f4SjS+ML(MK
z_h?c))T*$ijcO|4Yh%61quCFV)X_=SGv2trTAh6s#5X>)M#*3tlJ3ejDVf5%2xn3d
zvW%_zxwz$gEY<j@?RK<&0hs^s(Jxuqo+YN)pGw5DYgt}?ZyEA=82cW)4ftsPjDt}M
zY!f=hT(ll6dBx}MF#F8%$%ihyKi}_}Vb^rcY+hz|DC%*Ffdr+8)wV&eOHxu0EK~1b
zT1EA}1aM8L-%l8P)dmN0=a|=BE$$C^^X+B8Nz9x^zKTza_2dZ#T~LIm;rFndHiqXc
zqQz(E6Zkt)2zPLr+-$B~C6c%Z%fsp6{b}#2e_u6C{+PqQ?T7uLS@(ftTiBiU28wOI
z+8<P2HJg0q{tFy4AvlERfr2ZXa30h}!B8gUFjjQ162?65%;eP~p&YWWU5}*<s`urY
zemgkK`E0<j&3h-(qwh;Dr}d{S#BdB@4~&cyxUYDIO3TRX-|S}TmYcz*@a7xR7_{v2
zW{fqmr*SMAyRj4-v$Y;sd%FihnPSeJmi8aQxWAq~L%;Cj2_1j#u982h;+T`|Z#Ho_
z{cZQ<P>PzSWBdKjK4j4Wn12zj8>Dbgi0<|=3`)uTMj<IPfsBY7BnQAn?4XH7{M8*O
zE%AD;Tj!Wm>T;1%(fj>k@wpv7o~|T-QCQgA8g%1l2Yo~B;qqvt_f{Wg69~#h<kK+I
z3nGsWza5`@dg+FG^~xd8&LRy|y`Dxn+B2{x-xW`A3#9jbfP4FLGQx|u10eM)y~eKM
z&$jY6VXOXx?;yw(1=r^w#8an2XCzx$ltU(sOtLrW2>gPTsIux%-Q|KWh7dxWYy7DA
zsRa`Rf5eBmcfIW<)??qP(qrWXG!+ySl-v}P!1s&#-XQY2n9RnQjM#Hg6~`wq#@+qW
z;&*55PP~Ed4e|}WlU<|H0R}h10xc;dz4bXfFGF9>R`Df%^67GX{<p+hq3HI;4Dmlx
zgg|Py^>S%5aMnoQMBAI?_u_6t%IVtZRT>}Y%<LVE`8b`39U`w!L&cC7U!oR<F3vRq
zppOj}4GZD7^<}2uv10+kM^#cx+7#iX1*^R%Y~w<e7oLv~nuvQB5f0fiU+W~R@kHl-
z{&0O$BekVlG#9(nGLl#8I%OCi(M!@o0|gso%scl7x<;AJ364cPgz$}vXZ{RHqFuZ%
z6q_8FbojJTxsICmSqiLJ=gpj0g@UN1VT;;naevT%Rdw3>-YKBzEwf!3*mb+Kb}RSG
zQObEDsZ3zACKN6_JbW)oV1?4p&(G^-J4K8YJ+wu-lQ@X<v8)xuMz>C`YN39H<<p?!
zqaBCRK1yhA3B0CvF!XfOekTqrEQKkbXtLaeZ^Dbb!>ML5RHh23GXkUa@YcW1ZU|DJ
z28;leP`JsOOY(>u>MgR`Bd72)Ep+divEsn$5Ey>S;l~^QM(l&BcJ^gPG0!A)3~!z~
z*Pqx1RhwF}b7Uu3k3W42iOFzWd>BXxvn`!6(!M+sv@nZ3T<hSY0i^+FA*QyuHszDN
zomIMb*JZEdH2qC)8bzd_bEX?M^@{0;Ns=8hPsV)$?>?!EY5ZK4h5cL5yifoO>l00C
zP=*DKaa}k&uwG7WrY+;88h}?q^}ajk-dN0t=jKMPKe@EU0rqBRztHmisoa9=X{kUs
zpU<b~UsUnYJ}ZBE;YH96wH6*A<%s!s&z7uX=vnLj#xsF^Rllq6%>Lr@ixP_2<c*Sf
z%$>m#++&gzS+2OZdy6AedwWgf{QX~?%Lp#c*W4XWdj6mYAvgX+km}6D={;+v@2o-{
zPGk+9-J1(Gs=9^iw?Dm_N=YgIO`G&OdRlo2Lr2+6LCNYFv?9W+=XukB9LGbN(^snx
zGor8AS5CZwC$UTM4yMX8*+D&}a`*tg?co=sSXabV^1MbU>g4YA!kZ171s`uVx-U=S
zbtsx7-@Z6_K9=l0k<E^&6!IZeH7Qv6?>bVhF$1$Rq6_&QLY+Mu_W4Utr&0}mg=7we
zb`UsHx$j2q%q?T}8807z{tr&S^+!=p?wcEPtHkg|_BbOy@%x)>nUtKaWfF~`MrJy8
znRn5qiTM}LhTuI)3(KqTbWcQ!MEGDIPpWd2ULOQkA7$J>A;6&vlyUKwS3T1XtZJ>Q
zIgR~W@ad!h$p(-2n23iNP!jV3_LFJF=CffD)7mI|0~~DmbH(NcwjntSfNV=Uk)@b)
zQBZkyNm<zy6~uWW?%ZWQQ|jokNqRMnf`OXs#y%1E?fuFODt=UO%^jPpZpKLX|Ky#p
z!3&FahX!4$N;1*))T<oYo;PYhlE<kHj?bR2X34xg6krbB-OIY$pYNy0=27@k__zi<
zkHkvBkomz%>4EG_XF0Ny8l$@+v0YE?%c;WbZ2!4AEG++T31wYYJ<u&eomK+`8Rv_&
zxh8t8PV9hV8+Af)_Vh+h(a_uZ)j%Ea)VSjOkiZ-YiBT1*M(}G~u4E0iys&3_A6iSO
z_`MrCpY2lQcXm@bwV1}3<nm?JE~*?l!Rngw@kg<_Ec%Wc=(-<EQR1l&ByD$NVHZPb
z6!8mcj%C{D>p4=}TeEZ->gzon1#403R8q{-k<30SYXvDLINHVcS8Ip9B8IC?7i3k<
zuq?#2v2&NwB_R@Jg@o1RMxQGrG88B}M3U%L?o&q0r_SrTtb?ks|D-CQ;Fy6Umx1@M
zB!y$9b`s)|(WGsac_r*hpx?6U_J#Aw*6wZ!H}~&$D;n*vayhYgtFpe6E<Q10m!e`G
zx&kB;`&oFz+6B3G-ql%Iw<CV-6m4gh72-u>pA@HkUmPlv#yum30htc=?VX)TRE}0j
zDk`cWJiBbo=**U<K`jfW`kk}JGsWLxb*52EjXd@Tu@mPik)zTsFst>>Utz>ml%qSP
zREANI{`CQ^lE4RWNXo|DQf4QXJdGe-#O~Otb^Cgy#U~sBfau#Q8*SO0(vUoEyn~c?
z1v4=jb#AWW_C$9|<DL_VM0Sv!N)uOAGamMRuHEH31Lq)v1x_N*1x&tZKft7VTBpuE
z_Zc&VYSC!OaYoVUnRv|VZ`*cG>WT+*CS&=kwu>_GK-SSxTEED^of&L?DCi%MP@=_K
zqd5fmJ>nh9O7o0_uhMH3&u9X6LtVwMo%s0p1e)LK$@wVw9;dYZ#=n$Yjep)BWlQ?Z
z+bi&FiIsYXLhPNwer}tINje^yi{%djlZyUAd<c3tF(X68!J*Kosam6D-=(8(<o4^f
zg}0}qPA317z?Qf`L<wth(H6ezv}(0tl&(ruiuc=BNaxQawclCzAOBy6KGF-<e&Z0$
z$vLcFYs5{Ts0(wg6mTRcxi!F$HIttcz>s}e9Et)Pl-e`EMb&rNp)o?A?U;lV30P&*
zM;uMKRK^VI6U;cXZ#HmoPp=YuzrB#|<!)2hzezQ%p46QU$%bM@jp)GoJ0+`-gtb7r
zMno5~H`foE+pAjLmuIQ3rgN0s)7r|6gd!)Ob4=Eie8q0(FcDPK<>q;{b9vc!fE_R`
zSkE1du))wZd!(`Y7KX=WG#~U$ivT^ZynXVJCBEv+G=%3F))=G`)fJ9Iz0eL4(6U!_
zQ~x%LKzA2b4N1L$)S?U|wHV3gWfugcCN35=;<Of%ad9F+Kk=NSof*CawLs$P2X=|<
zwEg%8--mq>JNM_h;Sp-tAfuj(`wVk}L!u(P9Mt^AtlQL<-(BULevl_+`#D0d!$GTs
zI`Nx!Nq|>9VgU}c5~E2qbEE4arD>iVBL9+a#eBKTJzc4z?N#f}Q>RuCf2%(;o-N1t
zl8%U0Aaa>T$G2l{cQ$04k|<6|70vsP?EsYw;I&%A34`r3B-Q=5^6W&`8m3fM9}W@X
zQd07_2*2#v&FrVm7{2`V?)9W04*?PlEGh2J<E{;f=j+#TU)-dP4Jwa1iknm`y{P!P
z<>ez}g8+lEP}vMHmJ;LQq%8WQ3z)TsNhND?@I-5=j6(3lNN=v#nWs&A?M|mFk5qep
z|1Mu$BgDrqb^)f-v4Y@!>u>RQA|*TZVUqIclFNnCh;Jk%6=29b4UeZd#9Abkg_DkS
zWv!fP&wjUx&fuZp7ZG+Nj$j$9vz%JU{;pi*4{+pQClIMlj;_m)LNwf7^RQzfJ{8Cg
zO86>=n{iJ%9$(zmOuEv}Pc%cPiuwlm(7E?ts)QQg*a<$S`jfOb2Lwp<a`55YF)}<w
zlxfRG@SfJE3h?~7qhV*q9Q8yj6|hp6hhxwv*D#>#w9$Vp9F5q+lBQt4>3`zs@E01d
zo(c|TMO<0WX6nv~de4m{Lv^x94c#dBoT{Ug;XZhNZjd|GL5?KhQ{+{7MHi%VlWjbN
zy|(IG_SH_k+<jXK1+y!hZM(<}^-pN&-+<I9HD+k3QSOKYGHC~&%T9Q;qAO2I1E{K9
zs)ndpW;ayd3L?NQ(Q^V4OI33((6?A-heZtZXMyV-66TXZr}$m(^<MZuNVgBh^RGXP
zl!1!ji{eS%3rmB`?SWz3u9p32U(~W7=01Z8f&1<R*}Q}tmTjJ`B{S3=C~%_%yB`d2
zi=P#$x438nCXXf_0$q@cvWDi@znS`{Uw5HgAlWu>1VM7_R-U=M<Tz_-&iuSYOlMO<
zCKN0Bmw|6rDVht4u5WiXR$nGqI!I3P2jtoC*q(Qf<i@$XD^I&wu-Gnx#yr9C>qq+O
z?)cf=jvQE=#l=+oD9i{P>FkU+fAieX&=$-3LVJvE0sb^FGd-|OAa!_U7ZR=$?bIu|
zay8DTV%v8vVY^zS<>e`LHd4}x`D1}@TvIb!`N^bI3%YBr6{f`R$^n1|#I20|$^sYp
z*>3HljGR02#ZZ{P^xr8Gh443?T{~53Af5KcqoaGNZZH`+Sjl=vG_=2wP>FZcyXnJM
zScLP4^eEM7<M+?)4y;?ALov7l7-<x`9zY0V8Q5Q5KKJan>xKWJ^L`Sart(a(no;SA
zh#E+r7gMztxBKCWl0PHE{B!5Z#t2ZH&CgezDV#Zit8J{mTu&rhF5~S|D+V{kK9_WB
ziO>l@D`Y^O41<}`;cjjB5UFZW2Ov$`tz))A;GBls@Cuj|{g<0}D(2OWgnJPh24#eq
z4ScN~sptxJ4^{X3LgKHP`vkaco!N8tkUw-owwq)qs6ULaXA>6;8l)5Hp;Sx)P-ycf
z<vuwC?BB1V&Itp2E92KeF$y$Q<}5aBD7Ta3uKBq?s+$5Toiii>;l}ix%m}ZUyu!;(
za6`a7Y>%qy>{H6#7MM;ogLEaL458aUC|rC1oy?(@p8LTEV~{~~N_%c;mpOY|_Oz?i
z!0Zx6jW$lQlM$}mq)m~v{O8Y~G!H)NJRrSB!^A(Rwy4%Um%Sq?s3AZ~cygi_lX<YX
zaL6vBe<PcinEWi6`Z!#2zOoYmp~i>;z`va~rez5r=K&{#l#3=(yYS;<G6TZ?Jp4vc
z(s#!5t+*Lf)*x9J=saw_T3c*#3E%W59&6Bw%F|bh#B!vh7rVmHI($a0nv}`n?d{s6
zS;N+5W(NkDO17J&k}Qxp>%0PUb}IH}`dR|UAdAR$WW4j6L$zNS@m9q(4HpA68x!%c
z5X@d33mhnzXr32%zjzx&5KoMbHf((O2AM6L^l#DO8sa9}>7#EIk@n1AWW&n@;e69f
zmh4Bw8s`k4Q%W8OJ;!YaVyUKqf-ialo(gQhA>6faT)MdiUvi8-I+`eo*GDBI3B%Jr
z1e#$f5TU$@tf7BbloAFlQ6}ukHM=X`DEe~CiVu5EBjF1N$u>LyoO?hshhHE=yXD9?
zIbb{Di5HC*<3xiaioUm&S)gs0t~3OV0<r-*Pa%b=-&pnyL0+ju*IqElvq;C84Yr@I
zki3DSp(_yHXa=DIqz(8=2@+ipXm@)(861c{@nHg%E+|FS3hz&i{s{yLP2(*%hYRDy
z%{_2`@e3|K3RUza8cJs|Husy>v`|3A*&(*iyGq>T&9^jYC8&T7**mm}eX@%)YZ#*j
zi6+dHK_pM~#^~(?3xwGMGw9p+sY&+9-TL`dVWGMo5uvN|_uRM@+DeCcZegc2C<snE
zRp9l>NU=IU()D{NQx*?86cdv9soq%>P`Mx_N1K>^dEm+J+(vl)hbY$vNwrn=J=bmH
z>hASlX7o58z#S}YrT((Xe|o!}Bjp?KOeNXs%I9Ru3L5l+2R4C;c%jWeY05IknPKmI
z45&UEYGm#K6@>EJ$VBGs8tuAse-bIT5IA#tzuIh>z(%h>L;R7ZIn&l`UHsWPgSvy(
zT5p0ZE#Q-$!-4MN47Zyx5_^E4`WZ+^q>TBqQJP`FoYw`m^dQ(Bf(LK6UNbOP`TAf(
zGfH=KMey#==B0pa-hM&i>ZFfEL@s(0Oju57;PD*udIBiT3?Ljax4j8xuo=*CC0&Kk
zF)>mRAil<$y3%fj*$XJ0*n;*k)(8BzDF4zv;6FnkelI8FxoJk%6rxWQp#dt)3WSf;
zfSl)z#rXt!m@ZP_^By*+t2{tBZ;xD0G5>4|EI5dWOCp+x+Y#qezj5ThA=#geNCS#>
z!-5AS`#hQAww9FRXjtP&;77dNShfgAdmjL)OPGX}7eLlJc|m=Ub3{Ea53=sruV4Tp
z5?3+gc(K90CCBzJlj>hl#~9f1oNN&J3Oyi-t<XoFOG%nSh)1&?IdzoT@ZjBT&GE(&
zAmcNtKq-byik<?w0f@(=gCP}g#8V6bwDH1e7_I-HB#;pS5|{B05_cK$t$(Lc9t`w%
zZb8sAOa}>?{!m*C!DvpXr2lGV>ZzSOBWc0$0jvMvzrav{JEs87LZ9d~Dg(d^3?Y(p
zg@MDPaXMb$djW2-{MR>K2<1e2cyKTX5MFlxBB3$ht&Oum4{x}NxY`OrPE(?YPGAt=
zi!FHmD=Ph&fxQH<(6?j)GPNXX6lh$LdvHjMkeb0)^;}9UPIU03$~@D1j9{6fk-#$L
zbxA+}v#kf<>R+$2C!!tBRtUHVObGn1W#R=dk0#c-a6$%_>7DnuFxDv__>s2?*<}D&
zY(R|sx7d--z(AW(OkRI>Pcv;L5MIfF$S{|&FUH70X6L^TmeinsjU*q8$89!=mlhgK
zDuiiC9||7@1FeGFX(T<>6VwMvWgip4%g~d1xROF9tyT`w)ku1<((BT$j1T?zFTmk%
z;OZ0)ep5A2ntvO4Z9nK-S%VsB?-Tfu*AuZ?a=2+KFpa`X8Z3|}0M!dRNcG|`31p22
z26W;C#snmXuS-?6{trWz6}%=yzQKqREIWIrv<?<0q`<7qIj~2K#Hb7ig8#8V)&0R>
zD3VXHA?5-FlZh+nwC1nQ{Ts*~WD<tpKn(1^j}{depLtG$2^X*qK~(_?<~uN%%Fh8~
z;Gd&dfNlwZOR$h{X{Q6f`Pws&|L<amz=3|1w25c{w^)+^oAx&x`TMoCs$k~JVqyap
zL%(1mJTY=bhg+fqe@r^=goN}l9qgpP<WneU6&z68O6UocgH$5@Z;;4D+>{xKli7{!
z+DG&H!Jz*>z{>#pwxqnALkFzT&BB}!$~7^_IT6FAhyb0310J)GCc+nd%m12Z@Gxjk
z*LuTn!6JE_y@0($G5%kR^ajHAG}<gHTG`kS`Wylq1r0p|aTT{%+0c~PA`o7v<G{EX
zcv)O5Bu*)c3E98zO%8JSin)MG9thyWG7ymq41-AeK>v4eAh^g|3M|=JD{aly3<i+5
zxDHb~6wF^7b>yc1=39~jvirZu6IW(<+?sVt$)-ql!b08y3NzF$6^ay}`%Of?ZjPl9
zBel{x-<JhalD%i^R1e*2Soq<)()HQq?B)?D^?xR-8F*Fol#U|%{@%{%o|w@fNg<do
zYFVFyQ3*ArrD4!1#9Nnq9iX7wum^@XawBw6-UH5LeN8i!FspxYD59o1l(gNTC|63X
z!W#J>dzJx5^KoSGzCmDEz<vlBIYIymB#u++zrUx#ufQVUwoQg2B?Lu<-XAOSe`%6S
z%&i*jnM1us(rS6Z^&q$NF&IP(*2FK-f8pZ7qGO<>!oe`(2)dt;`P}Y*0m4gcB%q~x
zIGfZA<r-jy*Ti}=t=jj&AL>+9g9{oYZEx_Jf7u3j1%a(SPGAuj5TH+x6t^8N7Z>Nj
zK&~m}nm91|C7V#18JbQmLcqZUQT6z4)EZRWU;ZPogxxP>%#d;rc>c}-bt-DhQvzsZ
zv{qRHz#<bzPM7e@1Wxc-RaMo+oJGuj4X$n7K9bWggl+jkCdeR68y(&5Jq}_xuVJ@Q
zw*yTyq?o)H0N%@sh%TspVgS$`hYe6FG|LM-!ni$=whIOWf3r|IrJ%w8pfr;Omd`?T
zUHB4)>~(-K%~k>9jAN-jI=Wn@QlXD(&L3K)QwsR9llUIzC%BxG;J{65<t46gKRJ5O
z!<Zd^F+G^&p<fLmhABm3G4VKce{-b#f`W-s{TfDk`Vi2;_ti(=9GX7r&Tx1g_R2sh
z`@zT%1ey`LS~u|=G01jVV+RrC5?$z~D1G)-7_=I%XZ)wk=W7?KyV2QIRRJ_17HqE1
z5-Z2{fGKj`A|1B)IVh_tj_J<u<z{on{K{I8T*TnWqZt%o8jF{GYge1SgKWINvlCS0
zrN#EVNp%m9Gk<g-)jok3jRU0Y$xrBT2@Tz*ie|al{k0UPLYY^89iSmu(J;h`5VW9S
zQmJCWWt+!(I2$xcp9GDji|krJc>c2QyzM`RXz?ql?P%oMVp17!!OE}lG1Sn~tK1xR
zJh8eG;Ai)+S5UM`OR^dK%-15GbNNmpB@%Uh8>56cL*8dGDknP1OCw@|3j^O}muF04
zq_EM&YVTE$$u5r9X5_CwNB|bFSDb<g&Y2Y@V{l<j#lLPqnVe|{h0%o41o-PC*-8y|
zB7}%num?Fy*)WiklIpbcOFGNQD1P1|S*OdZF8Sa$_Y1mgiL0f%=fw6-aC!CE+0KCF
zyW`5IlFt(#MNF$(OgTg@1XIRQ4Qp{B^Rh%|*3Q{`65s9onH~^%^Djh&Kc(*CUk0)@
zk}a--{I>>!ge-tC=HWJa-*C5GemA@TeXL6sW@3^bp<#oHY1T}(O9j`fo-?1lJ_T2-
z8C`IdR<n+NQ=B@}vNPGTD)CI=<!&h^$Bp;j5?=O}i1@$r%s(FD8RF@OxM`u=yLQuj
z_`XZnWS3?NdW)xAza+syBKjn0X-TV+E~xQVHw^F=Nr-E5?mqX<RcQzb(U=kurK4|^
z$QB~1zREp&6EYccUy|P_bwj73+~%G6+53iednd)cfpPFX=0D&3KWy}D7C`vnm}>Ts
zm>7H4{w1ToL47+`-i~ZF(5vA@O)Pa)YGR#h`<A8z*<-TEdgE3oRS5Bu@&}BwFjRQ&
z$r&=|*@IufYR&d+E*$P|Zv1VJ4|jm^AU7uZGxA+9qZ8f>PDUt=0%}omk?5w*Vm_su
z=8hZ1b)`W;1zZWgz-Hcky7D)GS;b}yn=ol6|2&*)=&!qHRD<Fo9^&aDpuj#Ypx7=b
z)$+P)8LahvR7`8LH)z3+YTuN#Gwk4jzeNle{e_11EZ*;n+!?t;@@7d?D~zmn5+w@C
zX*3bC_<lQyg4N+!vRZR>nX6GM!3*y9n5pZHadRavVF2pCc}ZNqEj#(e$UK5yyCcdg
zq3g1Nm8SW&Y07%^3<VM8mgusa;UiRx2=f|+0&bytRVC&cSwB-Bp_Fk7@>(K@-Aq%h
zWr*Oty$v*w>SPZPNNzU+I1R*mPiv00-`hmD&Udqkrs`zw>y~zoP1mTwx~R5afAAcC
z-z*`oMh$NG{xVdpxk65J-YfB!f^Pj={FLOB6owbvm8k%+;VtX$r-qsNO=E;^blX=k
zIS}#njfj}*H;F=}nmb$hhLrt+t_WJ1n`4X!W_vTIkHjMXj&yK9Ii;LJJ;9j4447si
zWN~m%UBUOVnP+i5*g$T+?BjAR)6{FS_?3ChK`vfXw&cdgZ{&AQ-=waEN@WryU6lXc
zv_|ullu$YLT2-28ex5zzOImk%`41lkv*UKMi4hn&J91iC=}3t$;=^fW+;{0=3*Sry
zZ0YXbzV@9t)gzg>QwfhMS3CU0n%@f3YdHSxV{Qh-^vs?@E?mx96ATT=mFcd76<L#+
z&)<EW%DLVP(HgAqKpvbTe9WgKU3F=3cumguOtRt$wtQ8b6vnKqdp&yQEuV-X<~fs^
z<d}u7y1FFL;QG?pDd~0gl`ttZF9&CluTTm#vnk{E{XL_k*C3Nfg+HKCgwPK!Q@%dm
zzw4Dce(9Q}a{*`?iT{THOPEw;2#4ryDHBv4KfPqQ7?}^%@uETeupSZqz2<7PMNzV)
ztzNaKSMUig@(gYn=KsK;fNn<QAKeT&YA0S##I~QuPIj5&NvX3<pV+Mm#ut{eG|Der
z<xAq9yJf5~xU{37z05z8Gp&^ZP>R;(_r#jgm-32**i4auH}JA_#^w0ra_IKjIUmL)
z0YPOU{<!@Xivm|_CQrIZX-W`eVc*=IHQ@3dWoWk-uN+>U+DVm~tU<+iDPL|bXnNO$
zxTTFAgt(#q$o)7Vd~v+<()D5qBh8a^)=r88)3<*|+~GgKg&G96#w0~n!2**M#Qgj*
z8dH5aHOltK;Oagh6P9K4*ZNXkQ*Op1;dX=8_f}F~f%)37L83@x*cmB{Tb;3hZya7o
zvQ-Ua%2w!|E)TS^6S~I6VgRXn>-a#6O=4EF6hkoHJ8U8Pu{fWtLfivaOrnx}d78G|
zGL1t*RLow?r`lQ~7!H1XU@`T1xvWGv9KQ1l8P<x)Jdw*l?f&LEq8FDV5B<V?X;XXc
zkDtXDd_OPu&uY3HPz}Yx$b1hgQWG;=kqv4VWhJJzTi}5Db7uw7F)({jnFDdzL4@RX
zHfJjLmgyv1NsO&W2gcRZy)i}Jm9K}kOU&F!BaiU&X#zxU792=s=?_aA$WyQ?B6y1a
zzE@0RU%hu^5SwqnH@?e?eEh#W+obP5#AIMiA2rBE5yJX^*h&#{yX51)E)IXyqGpsY
zUg67NM7Hv-HB_C(iF`JHwKD2%Onr5>olr5@s^TK=`(<&2MfFeAz2n#JlOm7v3JD1A
z*=P5Q>e;m}=oIdL4Sl^To*S$7gC?Hd!=O)LKFDI`uLbehZjUD99x3VHxK6!^cuEc{
zB9N`GcA5L5Ap^@QEK2-V?Z*MUJ6CY<(}|H0gfPOCF7~&eYPrmY(GLkcA%Xf7oYU1h
zFSF$|Pe5+2wAV%b865(`3F<dR(yszvUefGLgns)nc}^a2x%AcL)$W(K49|Zuiq4r5
zk+#+?Sv7@cEJ0<tGDv-5T?B>1e9{ejUe9yO=NF>?i-7xpak3EG9SF<B#-e5*mW|xT
zU&^yBFXult`>1eCI-S4r3deRozvbn4nuLbdHl?}uhr|_$n;ZYy4um>|Qq^ztS9x#W
zsiDF?T}Tp5<v4CB@ew<isOG=tERZOWmqX^~EM2%E%n;2|prLE{z$7CwQT?jFNT<#T
z1r<48#%8i;AAQ1=nl8u<q(M0__stqwEq1v-EOz=$IoQs*F$UvU<Q3{m^IrZ)l$Vfa
zC+vC0mop?4aIw4ZniXAQa1b2zXe|3m#0^p&X}CSyKdWaRsWYmpBVPRP9^ed&i!mAx
z-Y!n^*zRqSX=o0A8i9TjO4RXB0j4>lS1%{U($0?>)dmn73a5-83M1TqiHUoQ>%s+Z
zG3Xm8oGQ!?$=jBYbF^K=*OP2*f1i#<{=)Z2rdOO?5+7%EJ4w!~p^0>@UHlY~`5dqs
z<Lz_Ee@Flcj@iWD=RHc%o{x9S7Y!Ws;XgvHqhh_!?KSiBz1Lh$Zgw%_Egz`cXqae!
z`S2PUBvJnV5OJ$ez8|UL9DK;=XCFUGy0hJ^?Q;9p!U+Fi>mrM-e{bEdj38^i@c)~L
z+jgIodJx>*4dZpQA6M&jhuzQ&xT22Q;X(h+jugzSi~)-tV>k?S8TQ`fh0eZ$A%4pU
zb1Q*jo1^!~Cmlb1n1~GDwA?K4HwHa9xWsI^t7{I@MkiCq*yKCiGDIC*U}#%_t&#U_
zV^gTtUnu*m<~2)5IF%dq?5RlPRzi8Ob44LK&}Xav@U8QVcsO?Sv(40IJPS<44(C78
z9Ve@(w>^*Zg91N7s&H!rCp(0Fhk``>R4U*BkHqMAr2nH%w88<j5ZxCWWI7~LDoDcl
zg>@CQzwQS?sv-gpx`-Ix+n`Z}%aw&&1Ow43juE0asC@B(Dh3SfS%=m#PaE;xSDTE;
zw`^<2bGwM}Kapo=3QWR33Yn<VU`20l%CQxwNL`OeV%BTx4AHI&6!HE2OM*#+B_d>H
zKA7ExAZBDj;%dsL!7ZB~8T;ZN{gF#Gf?$|n(c><DY!^H0sy><n`mhTzV#_h;zf3|q
z<RZ?&n1?ZgytM3F*~9OI79{ydsj%{nXQq7R{X;B_)xEDJd`7#6da1w)V>?Y<>7ub0
zibn-49lIE@yIy6V+fZ@H!TO|2iiT9GExGq39~WBc%U)2urd;TT%w;w0+wNIXj1<?)
z>@C&GTMF2sPg}*E-}I|V0(3vEZPQNC&4$__*5ZdF*!KipuBt~BzG#S0if@q}Vg8!c
z<n;gI_->efbDLPDt&^e{ObRsS54m*EoW!`139wAG?2$a!7JV@joL>6P;wrg1EQ)jy
z^NT#YoxlhFHxkz6r|scXss<S{$7|6(2xvL@-w38wKaXWsRyrxRcw~kwO?-ObKc;EE
zNnYXovHE(dCNE_2QN`mE!LWCX?^10FdqKfu53H9)jn1pWqchNK>n;Np_J1e>9N=QQ
zhB{OzGX;0e)NzShF)(g7UH0{UqhLRzWnS=vL#_L(OUjHiBd_{$n$UHAi%=|r*bz`j
z%=`V@`-O#!dMrPh`O4Fgp}^{}*9$@eo1>eAw42swQ3-*}(OExH#ooHxLkP*jA6>=D
zp-a$#3P4<R#<zTp27xcllhq&JsTt>Yup42YVeLpvrP2HRVi98~)9X@t?ifFfkU{%a
zDngh`+UIoR_sDdkTdg3wz~ikVjtg3fm!<=}j;s?ayote-j%Vq|%A}nNF_7f6!%g`g
z%5JzL@<CqOe_8+*!E!Z?LoYrlK14mInX#YyC@n1$+|?;T>F@SxRk{xMK(j*pesFa)
zD@2Sx8R5b~ray-KGfYJAXy#3X!O~oS?}~F`v7FK-^?i-FNs&0*O$r8gu~ri!A|&1g
z9|))_hZWmffIMIc=8d9!(`x8*m#3u&eA?)z3IfYn={*=~K)n2DH;s#jRtH7z%e`L#
zN&(F3M>V6<5+@6@q^^*L@EJXC-1{{VmNHB#U$2hyI_MXqEKmAIjW~$OxeI-le57+I
zDc%9DZccb(f%Yq}$FNKQs{6I^716~gB>3<lpR}MeF8$g=N7XfUL*#=tow%MwgDAi6
zoFZ9X0IY6x2|S|Th4u@pX8?R`F0Z0Ec6Ae<q#F^wX@GbCBV$=%^dEJR%9g!|;DnSv
zUQS|M&EdzgJEhp;fuUA`UF|hHh3Nq$X8S-04Q6;JM7itFRUIN#mEQecS&lw7NmrDL
z*M)-oQstF4>|K7x?Y2&MG!m6>{B1TKWAr9h;-!L3hpSLkMFUON1&Oxw*C|~?@%`4`
zCwKX3?`Wm3^J`3nCHNjx;@u1xY<wo0MBj<;<090vZ6`b|f42}nQ)oB|T@m*??LtgU
zOH&#XyCMsI|9-FRMztXYR!9#0rqRgPO{H-?PEE1CV*WlwopwoGEU<h_?>$wv<(G>9
zF?>kqD@Ij8yTJzh<*WZg#3iP%E}vs@^Qn5kI*Tyo_?=IB4*1QsXP-AHgU3b}<$rHn
zJXA0DDycoR?s7P<EU?5R;ry;ng2{KQTI^q%xqEf|>ww>+y+J>{L(i(;ploMGu?!^z
z-HJfr)6_pQ<YZo{me6TG`^)Vx#=(J8#we02YUkmQSrhMYoyW>V05y8gC@a2FEDw>g
z`;&z=hLBGPd)~`=B}ihAO=c)7FvLV;8^0l}NTlE0wi<Qe%4C<=**|j;N%zrxJ_AA$
zn`eV$H+?Y_9KzwGrH7lx^6;G}K&xX7pVEPjpMFk>EFmYiH-zhOt5EdN8<#GrchkKd
z&zY(*a;uj0a9R9r_zz2QFhxn9Ktb+XZnv~>qkDs1U$yxZL9N9h{q6CrX`xKYN$tTM
z9j{flZ7S!@Tc){9quY&s^yx~4H$dAtbxre^hg*|6buhwwhc%Oi_|V^kGDIb^T#y^N
zH7(hn#Xi&&A_!1!<Tjva;v1Re*peVBwvr*dZJ{^Q$&QD<8L{1b?)JJ}cPn93>AFfy
zxCF;C>jDGaLMgTP<2*x~;ZKiShwkI<hV=XXt4!sB@ocDdnU!)W^wgizueuq0Qnq$S
z#rHXu7BlIWrjq9v?w=}tW~`vja(%Zgbgr=L@6PJ8E9ujIs=xuAH-!oEI#?x2mI@O$
zab&myu@Cf`?Azmmc>Ns;(Mo5dD_HxlIjUV^@hGU1`n+35MUooTnK@P$8?70G5#Oz%
zhi)>t9(bXOan)9+vsOZ{XUv;UCSamxV}wmyd{5l9JrQ7eU-A_A;3Att;prmtw<u^B
zpC4pGB0SK(_qU9zgz5)5^gcRyK)L-zmihaqL2^B~WEeaQ&=MVoxYH_!I#Xq@aK4^f
zU|t?7_?@iMWG5Q?4u7AtN{^$fX*X&gp2xP(?)klYH<9N)_p8ROp3LSac+W@kMPz4-
zQQwUtUGds?7F8FSVp$h=`32{b<#>1b5@!<z!m)`u8wo2N&#4E+_j!^ZrEY>{yD7x%
z_x0BK&-w>nWVtpiTlq|qC#7)69yKJ*F=Q0%rIU$8)xRy(Z-^onNv2m#mtS9>)#c`7
zi3q>FkE!s>Lx>q;a4Q-&xV_U|EW8b>Df;$v)wWOeg9T0{sKqOC>Q@Zp@QUzrcAS3?
zy;!W$vYRQ-V|>tI+S~lK`I7o{=QFHL@ZD2A4>*;(Yn}zK>sAk+i}?mT?Sf*b4(4~Q
zIIqw!n|$vzb43&X0&t;Vej#baJG!RNhA*<fFG_Wy!+iBUI>_?vXBX_q6mC%xee}be
zn7-N>zn>)8qwuSWJP@!`j368>Sk{Dd_7#5ndm!uLf+lD$OEXjWl4P7bgCxbE`RIB*
zh}UMqWueA`RON|8_>Mw3;rY3h>F?_ZJPnD)t?PR7mRL<qecjLx_l2g9c08|^Qnn6q
z!gp<81K6@I{Gtw2f$Gp?xtg%RR*qq+x;~i7fO_xAZJ+a&IyK?fZ?rPKBQNi=YMy-F
zJH-MTODtImee+JavlkQ3C^W3C>BWF9Fdi{+k)i;A-l!LtXcePD+l=}};5j7(Nf%?6
zNPRMC)<LOYoha4$Xpgv0+n@ugdtLv;Db<h|H}`fEKIh_Kjbj9SC@ijBYpI)VHf9+5
zHi8WrNLa=`k&3%Kw=(1}t!r|fZ>q6j6g$pUOW}AEypp-OO9$ISpF`rbE%<u-Z9a^d
zJMwk@yNK2w-^f8bghD(nV(+mPWxk<e1k*k{^#l&B{~_j?iGw@A$JfIX7Vt>DS`|_f
zj~8rW+^6;NlU_^TpLy4tv`1!D&Vk8wkrTdb&dd71cv7<cO_Aha4OZ!c1x--l;j<F5
zt;tdL>wJ3~)<nBO&<TtYuv`F2ll-`4j#9CXVtX$Fs^9Jd%B4VSagNv1*meYjGWb94
za-0vGM6P1qwyijDf*bWE@$;7@ez_Im8460Xj$fL?(3$q9ol}LKjf!?o6ZGCGrOcEk
z$fry`=d1J92fC1SAlKtNs{~Bm_aztbI32M@G^f3|dhKI;F9wd8pz}&d=Cq~NIu0|V
z8KVE;kFxxIPw1y@f(eKc{Ur{Mjg{fy39zAmhX`LXiikw4qzQjw&reTUqBtM)y5WkR
zrQ|SnyIjyVxVe8p!gZ=s)jAKsqG<&E$X_~gX!(|M#%<d!Uut3tn54KGrk!%+7|6qE
z0&1n~ajB^XoD^<>{*!RtO)$ZeuiUjv9PqTzqOZ;V%Gvv$gG{)3CX?bcG4y)LK{tvM
zHg?=}^Sw&9dgr%jXOg?_RomHLrgU$mNoFD=IP}|(YJNNzR=X1Kq9#!9ym1;Ro_SF?
zCKj}RWh(Gt`<ut=NW+qe;|;gCNwn&yXQHZ?76;=9)b`7WPS6PBX;3Xzg89@1)k0v<
zcR||m<F8*au0(34Y>N>dqGB*mT|XcGEw_RAARHS|ydYAl<v8PtPxpYzr>&_=eaQ&n
zO-)U?y1abh2tFlid~two_*(B!C_tMH4q#CwGvJawUQzsEj2qne8HTTx#&Fch<ZzUl
zR9?MDow&pgEY;*1eLAaK^b%j^4rpwuD=MOh{hG7DBPBI7_kC>{JLU&qcT%(OtcK(e
z3P$~CN+r9L+(HmZ-|Z`wf!eaWb)F^Uh#jW@rI-r=Yul=BIKeq8wQi%RZ=EA%c>!&-
zKw`qr%q-Spe#r29Bjs+DxXH@rUXf{3MfIn|E7Ye0G%+7?>wxfx4uwX!IMP6I2p~pc
z6UC!XdMO?~n7hITW%j|o`eT_q*gzDICyM{pE=5wSQ0VB@hc>e-yiSZLEQlmEAPR47
zSw__&jc|$p?kq3Be3nV)WF5khCfr;-`A@TTni9eiCUI5&@)GG3$9j;s@3_3>0Dj=>
z<y+MO7iXWkW>@=AObT{>z>7^qZ7)*t$A1l~N$)q<nAl=iWf!#hoD4k+D1D#(r#Zj}
zDOMxAoh}lBVU3uXdd{p1CEd1$!nUQI)~RdiLzjrAprBwU0DlQ7${qQ3vYgp!({+Zx
zNB4AwSOGA_pDm{jk%qO4d)Agp)A>+x^v*tUtK6%L@&1{_g@PH7u5<+j`17AVD)Hja
z#;?nENIfx9NwtOi<2kll@W=W|6V1#{5wsJL{|1s6pc=oF6Jmj;;Gd;VOeaq;jT#~<
zt1?jp$iT>SJ*Iy5R^bo13Af-WjC9axpCXo=qyi#_?-)((A69mxJSbezL^I!R@k3{_
zJ`vAS@`|8lcPBc4{{**ksc5!0o&(XhJyl*f*{hUXcT91amj;?y*Xb~%{X!;iq$IKb
z-Q7{a`8(dtn2nxF)mcRhDvda51eb~Ly>-KBN7*UlDYI>0l#*F<0QM4_l=NV>qGGo^
z`<R}(v!e?nnZo{Xd^>-%hpBS9{!s^Vl>=qT40NK@Lm!wU`?Ms}d}4{kaIaytD!qU%
z1RPqdaghMP7?&B$zLMf~zOy1kX%B%Qblk|pFi^4N&<hEby{mH$A<=fWIdHJH9!}%D
zmq?Wt7oZ9=#MW4BLc?6xbUmma>*1m!rE`P;y^M7|=Jy~241%7YpVw|$Uf@`#I!C{W
z00`9K84q5zU93#`_5$g_2J1RTQQm>6Tvs1aQa>RRSW?otVCk^z?%!!+po_&~S7GVl
z6l~NVch>_cl%2{%Vl>P6GrVaX6(l98CCY+Ut6Cz~Cd)&F0U)J{{UkIFzxrUetj6rn
z_3C*!e(u&YdEK<T;rciTQ}hstlmwKA8D}-0Cg<9#=9pPM^^kWamNT}VXTtg?FAhpD
zKwj6baa_+7C)TRMfSVWYhLBXkV=^2LMvnFr5Zk7}WQ9ec1DSNb7lbTF37P0<OHC?>
zV>)xsYOEM_sNj+r$5?}PnRqJX%?5^<+FV`qDk<Qv3HuSbNf|Ew@|!w|z#4P*3FZ=-
zP<Mue^zq5;1DsrOIj*RbRTyi31Q5Wc!EM~ld{+n>QEu&q64A&#v8lN%(;HN$oknYd
zkB`q8Z;uZ!W)*aXQUIVEx6j!fkOeYB15Zz6K{kQPfn&C+`>RX^&{!{yCe_kg^<F7V
zu*OAI;8-$K7+vS5pmpqv0}+MvUnk2fXy^bW!)yHb>a7RxtM&Z$)}$;P01ht8b3CCb
zBN{c>=^SwV)tMaVoh#8q)c-A${l^+bgn6W)e8KxPRNg*^aPqOi{mH3@_B_R7oQVPw
z7E+FqWV052K5O6y|3Iax7p8BI{ZI?-4UNCzx0EsxNb11rcS+;I!9C4aOrfT8Mas$7
zefY5?XpUn|&oh{)>wEQ+csJ>8RP5?q*7}I&m;BGWH*{)2tzC-c*yS6ZW%XE*3JnY4
zS!q9j(!KMHw(dm2IvI{5ajZW_vC;>D_e7*yJ*}b$txSd7$gxn!dLN*o&<G41RO=4l
zdP}mkHJt{7OsoUcBGKdBrMju}SDLj+EhfvF&pW}%UuoWhfJVZL1W-v0>`0?av2eYI
zlHFtuRG96l?>%M|a0Z)adelX}H$UoJhjVPlLqSH+iUK2OZ}yk4$xF79^deDWx}D20
ziIsF7E3cP3g+a@#sB#50vM7q$xWR0E<uvPr^5XWW9KVaPF}sY;6a1JN7T8VQD;G>f
z$MmFak?&Lzr9~&$--GyCB!86uvsPJb^|$laxTKJwzy}o7qtLwc;1A5?VfZbAh{(3e
zl0^5c?B=_-Rgy(iL<y*S0{QX+y```H_h3jYCXG9}=8GtNuc7T{%fABU)iBVq;FE*f
zO4exaO&ZsBe;Ee+Y)KRHBhftmE7DmPk4(fi8Og|zXQNwpy)`4`=-aDVWuZ0NCzQxF
z7BtW}l;8sz8fM2)jk9!~sYrF|pc>QDyiQSli4ZEv_Riy17TwU62j4N<^GKakR{6W=
zse?=<X$5}pSJiOkjT<NzhqE!6XjWB%ONO=P9nWEdjGXqK(wk(qqnL_1C-oe9R@%XB
z^|!s3YqZw`J#Nb@lKtHCm#S%*KIe4tv1HQyd4y9jXc7<-ex&)B?k~Ee;NW1Lxigq8
z=Gx4xk{o9Uvzh&i4l^*$TxuvHfC`7cLqSli0h!gP5vxSEB7}&v*>!*8*IS*VM%&E?
zlrKJ%Y`FGrPh@u!h4Ft`AzmR3ta_grVPPVO@sW^R)RIgG!^!)@m8$s5A=p<)*qFk@
zyikt~RYp!IR8D9xJ&%Jk!SSNHA+qa#KiQLm!%3WAf@~|?mj8OSz47<?xBbDjzFRVd
zF_%0-rz5R;!~40S7cl2nE2j7%%-?r@KjGy~AAA1{3;;gA)xa2!Ji8wd7%2OKX}<hy
zOBFMEg7(#nih_$@zRxM-d82zCC;hURs@#5^<sc6DdXBv*fNE;H(9A0&#}ezQOJ_f+
zJypNDZKC;B>~oG9k>o7(@Nn2R*uhZ5;G(?;mmqcEQ&&g<F{F<Pz>s!~bVr8};kLR)
zDCT><)<}tKwn;~#d&|4Fe~eUcAMGo&0sR1?fZW$aLRS>L!(t%;|A|6LrA-6^GX5`f
z#9g@FLhq$#bP*Xb26a3ebPQDFgJ<j7xV<F`f8Izw8wc*ACkVtm!Y+{p7E6ww)y%~B
z`Hh&glF(W-de;ciuPG=uTOf-T3&4O@9bf0FEUI37MQJPgEaD?~VH+)cHo<;L@?8x6
z(!Q_ps3##Bc>weB_*pfqflzmq^$B^BpGf4I=lY7nTm)nS<vZo!_6E)JXL8G-sbVv=
zvzIJkxvqtNguwtd>TL1z@#A@4a-sxBwH~rX(4pyR%oDLaus$yIy>e^I@4PIAa?AAE
zx3N^Mwv$YfG&!E=zI_S9#a-zsC;4!4z*UuJQ^UB=Hp5{s9aTJB&>He*NPjqHU>YHc
zd7Hr?9~JioA%fp02EM~5sLrocQtRp4T6xDH-{T6oitqPvSkE<eO_nUT&3VRERtgn7
zxd&${Pb$!I81=FH@)2)GFCMNpx=yFmB$#Bt#-206l~?@Gw`Xo#i|Ir!f*CApgN>_y
zlg=JGRm1gi-Fo0E?)j%eQi`Am_QELalmf=4@;a^ueb1j+shNk>im`Fl`te43F8A+A
z6kZ)D!q7^>(3&~H@NyG*Ll?F0!l_z+Ua$M4W^uOD<Y!`pKHo&F_t?*I@N>DC!^!=T
zVVtsxC)x_Hh0LtKYsNP7sDt}me2LVMm0~%<;Jn#o-$&P<%g{jHOc$A=M7zYgeelLZ
zZYGbJ!Y}JnLX7U`ioQuUO|vT_T#KID<^I!|^9+xhWXHX6-m@hI+*cVtNlJ|BD8=%y
zWQ2e>God<=gFN33O=mjVj^XpsLKqm1F^{FuPAA{pSBU%@MMYOH`obRp)aL3phTjt=
zR`$;HnI9rzKT2@xL(R_|VjHw{93vG3Ru3wSnl!g9v0fwaKVr>!?%{>RWW31?=<;>t
zk{0FjgwL;-PfaXH{4MaJm(SuGhp7FHAIorKc{=VN*ZK+KT206gc5q={68Eztre&lA
zaQJy)^Z0q<&U@OB{aS6jd*&cfIk_(6N2WE%NXPVvV3H~Xk%iw-`8K;;1&hM?7h8F6
zzJ#j^;$;;zY2N5fyb^oYM=lGkVC1~fE_ttriM1}wWXVV*e7^ln$JKDl{q@%0%S#E#
zCF0hPq+X(V8<#UZsp^P-{4DevEVIV<Lf_+RPNAW1=G#4bYy@NL(P_LygSXz}X`wPJ
zv^G9o^Ly91mSW0X8s#^3f3_jaHkW=+hbzNPzx?x^+?Z~uNgD|&0c$6ahlvEjMF;xY
zJ%>AC0bTt1T)fJ&(hQD2W*6KBVplinDCxpR9E~d3qTkO~#r-*IV*NXi#s}6oCdv9M
z;oP1W1vx*q5SNjfgnW-`-n87oW;K$~e<LvxXp-Cam0YKrVS`$R*COccpTR31(~_81
z3X}+452lfa2i3!Sw?lsKnbu#%qFBtmJ;i%LBjX&f^K~lkEq8BPzkXVcbwzTJc~Z?3
zdyHSR87hLSU0^=krZ(FE2dmCZV5!c6MkEuC2_dl}qE3o{fZE@a*CQA#m`RsBl^iV=
zK0$Cvi%Cr1+f<9q%o)90y1?PlF&Duk(UI&*$1CsBI}7ndE2%ec#v=l{OxEM)HmJ1&
zq?t7;o1S%M2sEEtsJ@t7ZE9)wM)CS2YQSU^snoCm<LAzZ%<gE$M2DZB&9Vo$oX?z-
zUt4y4|0zvQ>zPLc(>uV~`s@v_QaDGOjo;m7V{^H8;4`&=QR9|=rxmn*9u%!Q$`TKb
zMANC^C2A7lA(?gYKc~3A8q%rm2enGg!WHDF!Lpm5uwQ4pFG4HMbQ#O#>b9hDIX_5L
z9iAHWA1qEjnQJG%Lb=xP^iRfd*w^nGDxqS1|GM0WEnEZvVezv5<3&ZEkyV(BZ@uT;
z&lYe&Xxz(<0A3BId1Q@Fo5F~%slhZ;N9Z-YuFH11RvM?`z<cdB!l4Rt-?%zl_>|o)
zpTD-YioI5Wxms0VnSsN|%-nnIL&40)`5`sfpwaH~Bi<6vshH7%OQ9;?l`>lr(YY<g
z)-idS1xzLpkps>aVrFlC%}q!rP}bLai+pBnCX(fUoLM%|>GY7aB1Zj4p*2I=-9jRi
zOz-ztZ|{c)i~S_7c^7kut5hO9g5_${cR%K5>?e(Qk2&9WW97%!hug;LMqB!s!Rfz;
z_SZkM#{6CGSpPRL7nV+=AvVg2*}fxvL`&Pv+%+PZ`sXsD!qlpCo~5{}a6iBM`WrE<
z<JLzk@*ccgoZfEm;FEXZLC%ve$97cI)xW9g`RHoA;+v#d477}G7wg%?h{?u9(lg6S
z4lr=MCZ2!0&+h+>_#-%WT;1~bOWM;!4RdqoOs_TmVbeO;UyIZXRgPk<r?+r$@F}#^
zzqI)868>$L3S_WZ?7I^yL|~Q;Orj4otZ;J&W1I{l#-*8Vjd)Se?HYOoSXQMEs@UqE
zTeXYuA65|4X0pCft`MnrNqJimn&W8n(PZXAkE1XDU8M3Ap~FHg@~Y1jIZ)jV1s9M*
z6H`Ct#-FDOXdSFyvt*jdN*tqXQ+8qBPEIYMhGOKuIFfk495Jl>+W#X;roqJLET-x;
z4O0`<){_00M8Lw^_|whw*PPpnUj;p>(Z|HRFx`IqCYO<0iM)Fz5tCYnGvlhuZutHS
zMeFldj|GpE(@Kunmdcr@1exCZ=y34x>uV1_A1@x#3hvUrS9Fnbh=;9yFYT=pSPDn%
z|Baha_f!AVr^b^Z$G!Qh;>qL3QIn9PQe{?SLBz6!x1Hak4#^Lwy&i3rlx!!8(N{e7
zU%DQDM^$UTe$9J0#i#zQ+xc(A!1@%#K&Wi|Uks$p)OXjd)aCnL6^)v$N(c3f7n{3J
zSNKrz|E|I+aUbq_*ffkQq4RghTmq5n)pR#=xvc9`eT(2WG%-h|CMB*y-cn+7+X{sL
zr@gm~tFr6fMI|JpL157h0@B^xNJvRYmx6RlcXu}eQc@z_jevkksdRUj<e3Ye=l{O@
z>~p^F58Iy~fZtm4p7)Fq*SN+QeFfWxdq>eqOTA;D0-OgsZwI|ToX07#U9L?B`qz0r
z<#+)+Ts-4nAO6bPjKiZ$?(`&L%yqW%=m*>}>7nt}uY~-9cpqoEiE_}Inwc-GmAzm7
zr8O@xHRNG(ZFQ$kf%SvOd7o^nX-edp7%fB3_q$K~V>HgRzwV9GRcBK#Ngw}p2Q??r
zNji$HZa=KFo}9_J-B!Op9GSMTpJj428Tqv7b~e9^r7MIkGIAsRPDZAmTxb`P{5&<l
zZ%Th(9sm3Lvnc~|{x#-dy%uyey0(aVeRoo=^ILrae)*(DgnNnd2>HSn$U<RX`M5qx
za)SD-+O0UQ@A=<kPwglBE&F?mKi|l5M{Z4!vu(cgP;P_!WzDvE{e68_0~BOr1Wil}
zQPCuVQ4cHZ0_5M@bz#4@%1+CuWW3R#kt$(NIwO6HOP{Jz!@cKot-UMb{(R5tgzPuQ
z35)$Jjz_X;>)CGT6U$3%7Hga*TLO<HDu@bEjYcEA@B^CaJI~6As?TGxwldvVWsxU+
z+StU7RovvSR1LU4b$a{ER*K}COxZL@ABSSHgrv-+hl;pZOC%)Xg@#6|&plbh!YcgJ
zNkLI~#C=!SSHfI9v79t_{>Blz)wXfnNYLdx3fE}C{Xu?VA3Om*L5qK!c%&jZCUWOV
z$55y~TBO`mch<5liB9d?AP{Vi%|>-eh09v`u7oRLjew{jk)VS$XvN4SR4HB=Tw^i%
z!Q7ZcQaUNn2ObfTLO751M+}+Tyz2Mwp<~_~3OEv?MGDM}ts?Kd-Wf7)elI%FJ8dAu
zT{FdW2douU2Px^S0@G8heZ)6XIu0_r{xZMnY$x<KC>_J2A_ClmWfQ#6Q2zDeE})vr
zyK`9VM3KBGcPAht+xfK4M*8@zp<+}0{-c|(f2vIoL8T=>P#q8oYh9|1VGvG~V+B#s
z)!eYg+XioZFU_`vfB%e&nH|17-oKiTslICqn@=Yju0-(ZQ}y^7Y3~)Sn94lqM9BzH
z5TL*CWzXEKS=kV1iS@&M`EsIRukQW0b9|Mmj=g={ljbq+%`z{7{z=KXWVG!>EYTJ+
zC1R0q+mFh<p{lMW%$+V@Np|a3SAIQliW9^#4mJG86NK>ro?z#E4`22kQsQX;!n?=k
z`?KXs)^tiax|enGeX;DOF|%GcZI?!79W{YOy=8uEn{#afr*xGd>lVUcuDJQf@aE0N
z`zZakRrcZ6HCiah{F_&uErR0mt%MD&28=8U<t@C2Z!MD{CGvmyhbG8H_Am<edOtMI
zFCCRtbWRy4YQjz0jzdDuijohdV_AcX$eM5hLS{oX-?6;(LV5CJ?7|;!3$Zn``L^!8
zz1VTG4))h6jivsvD!U}=BOWG}0AioNn=<3}1O<h(5*2ZoXq5XLOs-vXuLW3N4t*te
z$EB_|8REuIvQe-Mf-n_uy_tl)bGu*;X(}KQcqwhW$#QJ^KWl*r)`BdNFW3gzEuQ$(
z=Y-gL&FI0@&2rSVRxJs$^{ujPNWvcD=S$EhZHiejN0<auM}vT>cehVZ0;K6rm*N~w
zrMw|u`6b4q(WLZDs|F_)o=GYlF?;fD!bLXTaVHHe<X5gyQd6tLgh!R@Kaux7i1FH2
zn{jz3;;dLfB;rg<T_8Rpr}S8E#nLLiJx~88ICcif6?MB3T|qXeJS@*}2Jwz5Nvqw+
z#PeX)nr44#=+?jeH4kP&n?BN?vz0WFQcU#kn_b+ySzDAxyQj%FyiA_{QUAC(*J8Qp
zctu*=<!vI;s}Sm3tk`-6zqXqdBgd)g%pa$*JTfu2y9lSEsXsnP9dWz884hsUPS|AV
zKKK8{5tkH~7w`S<_FehUA4X?1qkYjifm8aBD3<lx$jqJRf<<N+DfOye6)l7YKDYE0
zr1l)NEr$+iFHK^E?igM&TbG}FPLdoN8tOC|Z3{mw(=t2}G0?)uD-3_{ZnEC#)N<WB
zda;t%rk}i%-9W0W=vtW{{hsNn{?3Q|PlMS=gL1#AUKy<qPEU~Dt*~s12f5C0)#2M|
z(N9L?YgWl@v#obSDGiFV$B6pG$B%?BmfoN8=){X?jvv)N!IBD+(jg5gK5pU{NXbyc
zhQ+~hzvX)T`0v2bH>t=hF$wsHPpsc?K3v!FAFTUiMp?|u)ai~#u{&wx9UWKiZZB$g
zeMD)0&~5Ta@N3A?Cvu`i@YIg3H_|VvT~-|m^E@kcYhgob)0dByEiMzoil?fusNuy2
zQ)ivlZ!T`vzYPoxso9qF$WoBeyVJgq&+hH%qfm<2O}d!5l6f6r$n^7KK-DKe&`zF!
zeUqiIujjRvd=w}O@^ty`#{V*ph64Ac{JWEgWmfk|%2oMh&+i!W$%Gv;cXDz{9TF1F
zm$Dwc#x%6E120(EHl<A)T=(@ONd)i=y#E$rO%#nFkdy19F>Ogw(zX<A1-NAt7Llav
zgqAi13aG`B-A1FLI+WKq8td7a8pc|Q*Jfg@qM>qYA2EG1w|@3Z;M~AsIcq!bHId%8
zL<EE@K8K9^vm`144`I&Bsm-P3ryyVLzvbAIN^-MWJ?fP&Bl*Lfryn3a-MZ|mH{B$Z
zY{fN^mBdz)gx-8N8gF478@ru7K4Yi+v1pNsi6_8|fSo{8&t_L4O6by}q<UAE+qfeZ
ztHF4zRz61Sj)TC}fJgS-)se{luujyb$UCXrxfS3SrIeM~{sL9q>O7SYyeeb)zM!BW
zGklv+DJF>SU4A~m{PhE$xw{P>8<yFSWwt;!)4%#f7^+`J6S2`G$=OdlElA~tX--GZ
zcYi&$&nMwAV(`v9X97j1#s8pZX-o%}v70X)8X6oa+7;yRMoS&H1@!z0pOQ#iV>7b)
z(e7Eo_J@y6<;(V1Z(YQ}K|K50Ld2F93PHljNEHMGmWVT1Vv`?2U1p^tB_$=Pphpv^
z`4^aB)AUu{aoO}lCYM@E0(QwHpYfAup2+U(RI!V-oHOcqrJ?dab1fG1JN7Zs(8sH!
zhUvzN9bR75)r*36YG@#u`zemsQ#|(f2kC|LFXI`<?g@zCH7zcqzA6F76<A?O%keJ+
zcz1R9wb<LnKLUA%Fpw<@`{KFsdq#G3<*)vv2r~+86h;9URFSA=n?~~KG9s+8UhEb&
zXouEHCcTVFog0LGy*Uv}OjZ$8lXYk7|DAwMy=#L}_6B+hI^5tbO<CvCRZUoMVi8%d
zXypp11;qq0nq0OE-xl(`^UlL7BMO+@6)3HE*|)PjO1D_g#Yn;Rqi`jyJTlFxs*;vs
zwXY|Xyf1={r7b$lw!JioMpsKG_>-p(S4Ym>n=*H{0p6i62aysw`k_98*F0B0^?%{*
zKbAw%<cYRzYJp7@FO^(a=nP<>>$b@8(xl;QNre}rQ4!V(D4N=?6}hY1b~Y=<zsJW?
zI{0$l9goCuP{E|Y15`CGNA1-|z^Km}Z&Odj%$I2QlTg)D5B!}@=g+BSHoVf}wOK{Z
z^gW;R(9-gI6A86ew;INrACJi8=Px;4KATp5QmA8dyjw++cyOp>M7~|brP=?sN}^fG
z(-DLWUz{oNekO<!b#VB6WXhVoHa?9CZ>^8E%BTWywlS7e3T3A6eKXFdV*9Ye%UFiU
z3d`kbZ#X9ve$l(93c4{=zSNs#BGIH@{4Moz)_A?{8^nEkc5s^Fs#5s8fgwaY>BxJj
zm7)>f`q#wJc0acFY8b?1eiqx?Bm3K8cgP_KY32f)uVJ_D5A27n!k8D`A6wtJt!K{x
z%!ZAe-%e!|>G`Y!rn2%a0l<m7SeB(dT&ff1{s#5Rz8K|jst7g@TQ9ZbP5ZcrvAwF@
zbwJMdfYegL0JIy6R*E1&RO7QvS-i1uB)g@j*poeCwnrjNnPo|n*8T))B7F@Qw-Kcf
z$VRK-@YOhj4jm26<Cz2_l_}c6frGvJ_Qg8J-@Y_*r(Wkwe>{*9@IcrvuJ%~7#+@s3
zQgF6sT1DM+Quo6RrOfT500;Gz6b!of1LCC(5U*D*n|$^}F!ppwJXe3EF5mlp(r%8H
zhcy1J=lTt2!)DWZjzw)%$jSJV;YhzYQc+(5%BsJ<u=l)J43Sk->;avDR^J`kd~NnI
zeDB%*Hin&3kn2sO?o^f90&*yRz^ANwT|HAI9h%3CP~0wZY-OGcIp{xVIY4nF$%`Eo
zr9_pPqh*xVmj}{3e^x{m&7q*Cu&$LG2HPQ17!<6E#NiR^#g9tvUi=j)syRBC+d(Vr
zLlD6jT@)lI?|Xb`hzTd5=hT3x<uS*_QHcZqUFSE6b>E~Nc4SinA%vgCPEMX1J)X;?
zf}Y+63EyncEWw!UCk|+X$W|Da_jwNGXpEU{bK8~7M6pS1&pS*mh1SYq#bv1nSuvFr
z1~hZ-nsuEgsVW(WnJAKR(#Y|p@APw)5$(b#AdF#RE0}xwCEZWV_PPY)-sKQQhOtU*
zZ2V2F0s|A)iYpP2mhQ$f&~0aC?C{S18+HQo;fVDm?Lt}ViRf?>a52D*%W|C~2wmi(
zMOK#;^&U{r9vHm!D!22Mcggk3i(hafxE~i3hGy04+LomsdkyR1XrHLKq>EwET-IiD
zr7`)w(_4Ir!F$!QCXpxL#@=Q-!`F>%_`Ol+=<7Z&IcO~lh={i!=#Xp={N}$7&jx8>
zDluh8<DW?Vg?WMc#tbfCE}N#sK}{72`Y6yTGzt~LK$NPivL6vHf89J*(%>lg8&MQ6
zQgb)R2yP?g&if-zViP*aj#nUS6y!;C)Ri%Tsu#^+^*X?Fz?2BU%^=O8`P6`($pIa3
z8fpz^Bh=r3j5!R1quhoY*}94Z4?Z1gxr2!+^FT9fFFxZAlQnXX+UEx<JtBg1N;kkQ
z{KiH<(!~z%@Fd*+z?76)te`UE$)7RQA#6g6)sOua$c&YU>q^k$EDoIGInXXMcM1{C
zUG}L&09Lx7>0~tWY5KW8)|w*8H)XKvYX&AYqbiZ8O9bnTCIKs$^3fRepU(YnZt|xr
zkl&LuzJQLTNhL}ZFrld@b3Abz;MX(#@#Fet=;Yth&<N}9Ks(tV^4!?0D1JLT)-9l`
zKxlY)7gda)aq=5`Qal=RX$0gv-Ym6OX0XQUc+38f<iD<W#7aUU3YkCSb?;$jCg`QJ
zYIWw)Z54qG1T1!{U2<>^1bl?xFHwHeK$Fnop-V!31|$RgQxU{-7#QSU9EtADOv;rN
z{6>;^x;#5Jtj<z-%)2!KeMqZ_0`FwH%)R!QfohNQ%PkKVX*bp}T}s)o)})naV@u$V
za9{&FsT*`X2DLq-L96iLNVSzrSy7D-v15X7(i+W<c_f1$m$V-y(TiA1eUWxcu3Boc
z8v(POqy;NcJ0+4^!!sD*M=DOY@=nts%I=h#F*l;GQ?3I8gcKGK2Z;UQ6~#NAjbbPD
zzE;-@<!aV6yuH+(cDF=9&-xv+Go#2^IfW3nsJiiEhh1;Z29uDEyKD!uB^qk+v?zgn
ztE4Ivbw!43c8bpN?($_X*F}^yqcUvKk)kX$8lLVf;@U5{A7egy{=5e?LJyCP#f&5s
z`YnjFtOy416z`B7#m<K1^<G12dv!@+UVcf;=RSh-a!SE6P`|vgqc&wO@{)__J%42P
zZO(H~l=^e8=|w(LYG|}B9DukgSQOdk1TgtR5Lw0Y6-(LCQV&=b*IahaE)w}26KMde
zu`ZW7C{ZsE!AieRwoB={{UYRcx=mMo7K6L@`h%2e-KTlde2>`>8>YJtG>B-f`}~Nl
z(V6_AbVV~k%4C_#3(qm2ps{E#d}?x=vGk4@Y`CagS1%H$LgdMtX@64;+oY$xN2V?N
z&*c_&e$_w(Ts|F{S5ZGwN(V;45&X-T{k{l;8?wo_M%Xs>H63*~L<gglq<#G;^U}Z5
z@@))s+LkkG4JfGA75{e6&_Pv8J@QyW=R5VCjd!rpK3C+0U#SfOcm#>M{L3hq!wbK*
zc*Uq@vq3+Tx-DHUM~(>}dHZ}Z^jC5HrPW{jIv9<C!|RkfxWjX>DCjxUuGaXZe^2lN
zt+Fu<1e*rpJOu9}61dogXf02$s^O4%Y01;tR}+X0UZyKXqQ}z+w#&ZHT98gKjgFVn
z8;q~!Oe5-;?q!FkrVDW66a-AV<TMVt`=|>y>|?3N8tkm0nY|h2%aVPnk$<<#EaOv+
zadwZIFRbI%9v{-87wu0uQ+@^a4Iph4l$2eoo^J8*vgCHaQpVyvBmPAVPaR1~!T%Hu
zhjOe`pYu1ZOj&GrF!Cb9n|x}UL}drh27cy6JbbQDv4|$sEkZ(wq63v3p*|HkGFg8l
z!7`WoQ_1^lPhDld|Mq&GuHJC<EN3SD_EXYb?`ZqohUUDe)9(g*D&~d-SV<WfDt2~k
zG(ygf{r0;G^<Q=Gh;-_0&@$*USx)~nI?{oTC}B%W@$6sDOuX)H&Uw8qzuZvRB>2(*
z1k~`W*?NJOoM<Ha(js|qNRxfK-{NQtwZj*8kqZY;AdvHM+-^>%H1rWlI6Lpxm|8^}
zcEWCD1xAqX)Fv|L>hsz!yP1+)4T0pPb_F`hKT^0TMfg{XlA4-$!RRF6>p4E8Z{ED&
z^*DJ(>T_*>vNeHXF_J0f;J_|?bD{=-n=8GHu`!j9;6Q(W*crQSv{+11ZtN<4V7-6x
zMzp(y3aDHT*cjo<;v>^o_GD}5A4Fj_sA4m6qDn+wbmZsEg}ZNCh|8P&*0B*o_rBOA
zip=`^6uof2hGcT~{A&VT_4{)hr@a{hE~`mNP;>tlG*vIFYKn|RJ<Y#s-fv?(Wrnsh
z29*v1wkFD!LGhQqclEQu<+}C8peZw^L>&Z{x&7J!z`G?*6-)FKbC?c$(E@v-9v&W>
zd>Mjqe+L->M=xKxaNU{+<nf|PrhuXmq9<8G@9TbutvK)g#s#%gYMg^!WVd>QLe+)q
zjbgCUbR9i0(gtF1+n{7N&0hMw*S>=sNyLNh?(V+Dr19!i>J7aO6sr~`fHn6_Zn!-a
zo-U&?1a(_2D&AWD$`!&keoH}1sYHOsy{oGm57)I9_sQOv<28+U;(D*HP2=MnuQLLh
z_8S*H=LwC5i=_xv(9a-9u8S7bun#-ko-zS7I4mbhaX-Gu_!x;mB^{|UhvB$3tSbG4
zO-b-#ApmsX;IX?nFd9zhLg|ktk$CwM8&G*eVc-xJ4DK%Rxozhn0qshxi%N11_!3cx
ziBGwr1K$le#}jo;_Q<l?Er=?nu|MW|JFe0f49cJ}lH4BW+!=yK9Ism3*j#p|7ga>k
z0`&T&Va>@qrX<Z@NsahHWv`;-LYxe#YRzHDpR%wjdj_!8w6wA6`NA*bb*KcN!}cqY
zbwvm0#^$>}bDNZ(xhNc8b^itek8^w^#F!>OKx+jy&kH*<BnY>4>W?iyL{gPL*ef3v
z@2g!N+&W;Ey)m}NtbF`t3Fh#J0!s<mF}BU&RQs(42|k?Y&yO$ccWb9gV<SSyydg|F
zUqs)&Ej<#22)eNbqY`{*AqM%H@P`eI^E!3bVa3JIK&VVE$nF|2^fo5TiKtc0Kzuqe
zPHb&azWs>3Q5ja6252f(t!NMEF8azLw_NQt$6n~NaSs3z71aKCl_uIAQPJ6|6&(yA
zEHGO$H~iy=mRh%C@_Y)LONRo^H;_X1!vA_YCC05eEXB`_Q_tt-v{<7|bCc;afTZ*s
zzS0z4)iFF>Lc<~>i<zE&<vcQ%q3M0Cz#ANBJk6s!AldGHBk#x*TJM*?5?xo2aP+#~
z=CvoN8N2~H#Fp@W*G=cRkr!|XfL9b<$c%|WrtPK&(}J2>Ile7v@mtuOtPme2J~*J2
zO0gg_X4Kh`ONSCav4UR7o(~E&LkEN3$QHg@8Hl~~3_HwwOSO5m1%Sdl<s9KE8hCUJ
z3@szHsn@O~fWM?G?S3d*HCk)fEX@xPuPaQ%KS9P{HfEda<5_NK!j{8v8P&N^HftPK
z<#n~3E1dc}gWWVh8+jaP{@Rm9Ozn7#C15U=)-&D^hb~iKvr+^3fZAxS4)l>P=p|!#
zeQ{XY1fO7-<{HJv0o9_&U#!LnT+gmV%+&411vsfur}R9j^xM7Ie{=3^6i2*?mTT~H
zBb;%bdd*POnI{oKZiKSLG*<DtnZ1yaMk`=NGqxwf*f-WRrfzKjPHZGB64U`(08J6p
zzfy_ZT|44#ks}}?2gKe0)*<fEetb<&%u*-$%~Zwfh|El4vu7zYXiGs9c?5_Ur0S%Q
zk&^@~nw;)7uge!5Z<Ysav5P|=b<;3V_8dP*GjAF@U;&pL?wDBLls-bFf+53s#vmM#
z>2J&>Z*HTS_8s`MhKxaaYw)hmrO4TzV*`T$5@s)lJJKwd^)!;?lw$7UO#At7PQ(Lo
z@1TLPfhYZ^7Kq3qv0JD-vrY+vN#rI9(*Y3d0?I&Yi^zxwH3lFHQHN4k`pr^af4r2n
zL11GBY9!^Xdef%)BWM?SF@JX(a(i=Crbek7&k4#&>3UHw7I+~AGo5tO%Cz-fRRF@w
z;Ig=B*mrXF&w=?Xey^IGO5{a16-AJ@-4=uJ6Bm0_PoG>>H@txLpaTqF4+9FEZHvCh
zF<O0Qr6~AoX;DFfo^tg_G;EO}X&?^CrGtL*N&PNT;b4AB(LUB{;1`!C_FH$yuqP0a
ziaCBih<Fweh(XA$j<S=b19CRunXQbPi^q=BnVe_iwF#3}w@i}k6L%%+oAfBVyAF%7
zvQyl3^esyTY<hX&$83bWZ$)lSa0-5O1A1WP(X)Xz^@P|#oM>^H9WzkhmXQUXo{9cE
z*()LT2^%pl(bS~Yr5ta_7f^om*>ZrF+*;{|1yR5}b*?MyHNL_=qvQ=Zb+R4C@StKW
zDVK={`z!0k7re8>EtJHg&s6$?1{IZCNLHxWdzvXI_~C0!#If+YET;w!I0v~FI~N-&
z`m;#Oi10Pw>d)OVwfQU#j`t(J93_^J4uzsdbOHZ4Po}Jm)L^?3g<)`tN`r#By~}mp
ztH^-?IDTU8^y;RDm^X#ipKE@6HRi1%z|i|P(G~+?9IP+h(9*{{mlLf7HgN7#QnjzX
zx#yLkpV{(LxsG-CIiEYPB&qAU_xn=f;{K!k%a5oR-T^d-*MXnxXg7kkFL(t=PPc;~
zPpYq+%QZbHKS}!>spd<6uv?2X5a8gq_~q0yIq53h1WFHfu%7(Lz#=5xI&=2eNli`;
z22!a+5AEIWFJcL_FPsWL&Yk|mea>Ja3nj2P{2I>tLO_N(T+N>O7#Tj<w;UBBL;%~2
zPCV-fyX0(lV46J|iE>65W+5@VWmHUJwL=zg=2$w+okNqU_Q%nb&U>~Ieuz_|yGg{`
zeoj@uQSMkDGP$eiWb58I<Si%%wFmZ~Xg)BGmvLY{Sr3pkpU}W`<HUYi0IEw(y9Wmc
z2Tg=bspA@+dcCVt&0Ths;pEDc#sC^nN<MwNP$St}KjVk<zS?DqMF*)@oLIP#jE+Nj
zL9)-DQ{in`V5-i>Pn%eVFm0ARvEHuf0I1NJAqV1}D0aG+2mZovfv6%;9vov)WrY07
z+}e{APh>#JlR!oDd%H9-_M8nn{@IVWQKQ(Jy7nU};N&1dJ)<s$G<6waNUD<&9}{*l
zrJu6!UwFXC?c1%Nk1i+(AF9`|=hat&O`;_Ki$~4br5XPDrFe^59H`ynnS8MHLQ)kf
zJQirc61yQ&_qr+hVjyI5EaOreJ_Zg#RTl%1YxGhzc{a*YXKuZ@lmuK3&4~;COEM@V
z^~ln6;WZ{JSSuum2f89`6D=!9PbcQJdsIK;fC6PKTfHvHtVPNkp_hE?p)V>y#XxDp
z1s#H+iOMY-`u_hzfAhg!2!OGD42G3~508kjKikokec||504vmmpAlo(!nWtU%*AAR
z?u%$~2iq+5ScN?k>elb4=V;a;pdvF*<<TcyZ=-5<=8ID5LW|$(GrA5Ove5`^ys52+
z+Fd)0!+(LN0*M2@zqB4#!p1NnT*7neA~9HfT2|*R^_@TU7(m3~0K|30Y!f#E2d>+9
z-TZrl3LC@gQ%sZY8T??k*)hA7FL;D;+PPNyk7ZCO3Yij?y-b|!IrVd+549;(R`{5q
zN{^QgY^Wo*;Iawy2(cN4)4>E_BYmOkZvR->#rRW;C^5Ts!rMU-Ur^{nnHIUMc>g#~
zW0Ty@t2DVVo`A##PRHe%z%;ECM-X9RWq{e9;Ah{GSG`97tC0Labw;C|>FVibS6fkY
z!S@r{zL7&>Wl9}HR&-$`7}<l}XH>s}xml53lz9JRXN$t#(t`8kgR|~d2!C;w_w+Fj
zSoR$x_}>W>=F@Hh?;754!lrTTm3<kEcckDF!v7m&!N??Gi_fiyBqQ!rJU4!nE(}fz
zq5Km{s0UVwg>;xs{qQsRl?4+Joe*61X2L*q%MaQ$=K8U+Skw#YzTe(c2$hXF%fMwP
zIb@h~vqS9U9=N%w*<ces8W=0ZLiayX3L5DwoS=y;<g4YPgrQ0-{PaZYa4_~7`=$MV
zg`s@!mM#L=`=Lx!7;L+Yj^Q*84W(evpt`{eO(5R42)^gNk+M$3<v?B9pTkH`4&@l=
z0)o$u5dg$t!&<Bu{oYv0>KMzDc(MO=tVElVR><=)sP&Ec!ONP7vHp<)H%SK-j?ZV3
zqwVulqb&P#Ul)kb8@?YSD~1!%RDj`qP=<aBQS73mZp{A`g~FX&<QQ(9aZP*w7;=~#
zC=Rq9%6D)2#QM^~x80oSTL1d|7{u7cfbA~SIL_)tG+7ZH95#VPtd8dXc-{Naq(Z2)
ze5+fJbnw!ME8eA-@Yh;nRRLz~SsmKNGw<@l*~(`7<py`}sctQ}HT<_`^goZukx9$P
zds4e%kr~T**YBN8KVTzD82)v1g1#`hp96eF+vQtSQbCBA*!tW-%C_;vZ00rgzAp))
z@`q)KoRpFEMk3};6A6LEc$5VBn7@w8e#jArhZq@HSa|+_F6*R~+T5`zNJpRfQj2{F
zKNtUdMaxki>i)lQnE>qt=hM>%h9U6fKpefVFN%nwFSzdAA5G0jiV7TMgsZd5;o6I<
z4j0}li)i1F%1z(?irv7A4ZEj!xF&~vaFEN&{c#%O*oHD6B4UB0sI{+L<JG6lF(w_3
z92%kB8Lp=<=aAU@w3${retbh@JqWT*Eb98?gDQPRTRXv}?f%$p*T;%&Z@bpb!3|%~
z$r&*)7@nRbB2Gw0RQ>OtW|T$6Y`x=-g@~%-F?y#KaxBNGJ=M?3=4*@bGVSUnsI6ZJ
zXlLdT=ReJqo0bH4U&cT=Qp?|__Q(Kp`F>Xq5P^YsEtY2TV9++aFkI;HYuG9+Q{4S(
z7=T4e_#udPTmp1A*cv++dWlIw8jh3J*s#fhzZ68oB2{M&e_?&d?PQ~gc*D=x6G?|?
zG|f0q#mt~cKvrrsPsTF+Axl{@<YO({_Gag+FZS*1qL~8&y+ywp%lLW3D(g-UcR93{
zL(LO0;ksLDud3EJ-pqUqk`i>B?M<yc!Wb_j2-pZ!x%MU}VIrb71jNu+&D+ni3BUK2
zw7d>c7ITUf#4)yf_4f*kvz#bI6Aj1iwD-kfIi7>PV-5-yE?)S%tDo=G&WBvdTk*Yh
zSP?Pi*|3@Z=mn0qHruJD*zi`_^60<6<0$xIt!923vF;NCA}=}~pQN_y+}0+}TQ2WJ
zm4u^E3w?njdapv%fC{;I$`bTIjdGJWoNIA^)$ZNO&grx<*7<V?ZKB<~9CCfIG{(-4
zZ)JmcmtBou!inLR`*z}>w2leEFEZ2fll!)Z-pmK|crFv)^48OD9)bd=__bG8fx2V#
zh3KVL*%*}T>G<uvw&||jyx$~@f4=8ge#tb|1;Q4km2QmBCnK>O^t(8sGl#{+jN~f(
z$tH^!_Csr%qZb1jGpbG|7L`^>rm!XDuRMC0BRx#oexv_1y_4Y3)0-~~Vt3Ok{VI}_
z6cKjJQ*zvP8$;TH|66YyS*=Yw67yT^Q*2^?{OksU7Xl^T-NzqA_A@G3cRmV?Rj6q_
zeY#S1YmQ#C7-;k85hcHzq?kHBKgJ`Bhf|Xp4i$JhN=o<K;Yj5L;OR@=-QKib;%QZ?
zqZe8%Hs0O(2Tmictl%yo?8-D=FOWIAGvY4g{(>C*_%=J<&y9#|8;Z*EcU`xO+~v(2
zT%8N65Kh=(+#r%Y(2f1dDUe46;ypIsti-wq=B~Wq^jo>`QtEAUg|UMVx6i1!v9@$q
zhNg`}L%+wXaF?i&jI3z<<S(_0WI|Lh3$^H_k`VY{b=(A*6OvLeB?wMy-#Jn!3>Woa
zNrWBaemhx_FYI7_l^ivF)$ek>-_I2qR&Fzo24y<cdNJBGu2WEtmqrZ?SON}>TV3Mj
zt6q{|1$8WPmV3Ys$ZGKRHu=Uf4_C?u6NFdDs$6z;LaXyYE0tRayP=8c+c{)|>o2WN
z*X26Ao!36-QjARMVuRY@JpSrwu@3Q@Ivd@0Xq&}?gga;`XYM4}%ktit+2dVITRk~f
zc?`k+ADx$CD>XiE{G!zkGH7A5BFUa;K|`?2dy4(p-eey|;k4@AQ_BfRk7%3=E&h_T
zk=5DJNO(}59?o(f!#BI{&F|m}YlfF^_}b2mWq*`9ZZI{Ps2Wl92_HWr^}aMHPDs>?
zej4jdiPr3T8%>0G${=(;Qb4fry~t;?jfeXPWz>MqcAyaTAEEI~xud0|d1y58>cK4w
zCb#Rw)iNATW!spp&Zjsj509tlT)*RZF7ms#*>IPvU%jCxK<A~@A!UP)%6q*(<pfOy
z<4hzkThPE=#ud_`GdZHt%B|MKQ#&HHo=FInEf?=8!Z=rJ#1?L8uav)NP)cyGUVD9T
zQJZx*z(sP{Q#4fDf>M+ucvw)yh3pzTDLGV5o<~6WGfnXOH`ObrMNKnmECS=F+SR+U
z`8N7OF0YPJ-y}T^YLLBYk@)L1gix^e7fuVcX>w67A|m2@@f!}$W+%AGJ-#6P`Rhlc
zA|5PCZ~G8!>#7z$%SpG=XM6@~9QwZ_yW_7i&zZ$TtO2~cH*J;WcS<O+piHy;=y>3k
zOiA$Z&Yv}}H-l<o-l;xi8pg3?Yxr-z68jJe5Ko<2!~Dha>TYN}OA(!$8}%|mx-AW&
z0TQv(YoDcWeoi-(se~>u#9xmQ8FEf6l;1+xH#+Al$aLPdVU!iew=9gyUTrjLuc-Z{
zT)l$Y@#$z7vyL}n3B#hie)by4VzFFw@c1&pRwA{}i5AXiG;J;Ac>ml`x507>*?NED
zyz#*Sk%|y=+ckZyf%4FIR;#ZboPbav*4a4-!NMhpx_RF^G;Gf6Pz;apFEbS%S^ei+
z>X^?+ged)>7c7l^OUum+U0*h}AsXzFxz_EQ_#W3I*RFXcU}*VZY&r<CVR9CeL`3df
zvj_X~?Cq3jcv?ot(B1|b?lRT7NkvW_F-`N7sC<8glE9l6q}w85k$*#v+lN_jLyj-e
zabhMgm|3$cyZQBT`!3_R!Ug&4UBavVcR11%6tu7;WS7K<%BH__j(*ial&s5T%i0_1
znDEowqtPhpyxT65JyCdG-{437UFUUbX=v^?nyk=6|2uO!X6f9%Zfaqoa?YK4{f%<m
zc6xe|D~S(+LmFuw7MIkhJ~efqEj~3Qu?qJ1xxA>zZ6Mz3M@kQ*j@;+a!sZJp2Hs*h
z!d`Zpg(=BGZ#spv^dA`qV8I2b``V3vWWJsKZse@!z^*<{t)1`XNHf|t5Ba9BRKfVC
zv;~v0+W-OKJ&CEVAi+wAb8fttc_v>JPJi@=H-n9y`0@EhdptkCZ^jSBCeC20vaz|{
zMfoiL$WF<Z%5X_#JEaPxli2OyUoBEAycuBSuhc{)XL+#4{x`7$P$C|W(=D^GEo_ZN
zcln_pyA@OJGh#k9TsGlGZt)>RRUrmcqFRTv^IMBJ<-P++%iU=eCS?iMmp_lMw<cn<
zk_yKYS&?)Z0Z$syw#~nKnU0>SJE;86a$5Di@p!CoX#{mhCht4+E~=JoXUsM7yO0-j
z-v82sd7$CV3{LtXDp)7`6C`|r1Ya|x=dYWdf||e*pg8jPd>M@PQC-_bY;Q!v1DM@z
z8sZl;D*9;APSqmGIXOj1HNygxJ%wI5rPlSuL_q^8$L<^l+8-EPA6MQdN6lmA(goNy
zykvkHxv`=&$e~7g@6Y#OzV@rgCAp{hA;Axp<xxr+87;=fu%xRev*!DC;(vOUaDQ=g
zx8R2@epK+|$Uj&;NaTK?sB-ZZ_R{wbY1lS$@+3UKJps{%!9NQTY$wzlv`cyo!PzGt
zm>&e(8Z~e*94i<tq@adCFwI!GE)Nt|1o5SvCxkNgtsY!%8HT&lthNyag8v9fJ9!Ya
zRQi4Z|1e>4r0dJ=%E1J&QpKt`-%8}v*)qR8?6$UmXE_g36a-d$B3;)5Z{5!q8;V7L
z2bl&Sn&^c4iKjukm2j)?dqk&)D~E+5bQ=GgO$<7j1VB^bK)WR=fM^b8ozCxl_K7)|
zHzY0@g!d3+YaL_<<O`2-(Zx-8nqMZs_bE!L7P+4v$oC5aYD}Z6KjMMa)$$_OaeV~H
zb1ET%7PRD}8CpZU%HS2kwi3-nZdn&-2o46jiW+9kv})zE;}7UM<r=_(8r@oa1U(sk
zQSh)*9cvR~1)6~rj4Gjd)U=rzG_cNhc6#^UV+Sw$%Kenj75dv4g&&9n<O1IM325x_
z`;}^8!vN+N`6tqEJxG<-pAy3Q1<H+=kLaNWzk1Gak7Ce5_XCHSq3AyPBTWlUa9sV$
z3R<#KDF-xVgo@g!aD~c9)bz;8)*=Y;e6KZnVd7!1k;dr!;4<0eJQ4zhgL|_dw$~f5
z!B7F3S4bB?_R0}y6iN018gHti2|n3*JAaM`7XT6ONdWKkpa)>3eD9t-4j1fy$l9}$
zH3S(Ig9(dQ`|YkE(NK;&7Jen9B{Ar!NkFy(=~xHmK(oKe!#x3^bh-c`wEKX?BV_nY
z(G2c)W2G95V3R#*ihUVjmzc=);Wo7&^SUvRN%dO1c0S+aBZPQ{r*u7Riy$>{zC${u
zvmO*uJv?wmg3~xG7$mxZ+vg<!DNGQ>MW&Vv5s#N3<x8mSdRF>uWO=AJqpKK~RWSQG
z%fkg=g@@w8)r#sM8V9lfC34M%k}bb~cq~Nlsb(cOr^F4Lx<5n$6&+D|je?_cVBPVh
z5s}VgWO|LS53wy#SPx1tk!;O?rUw(y5CBNPPY!11L?z;ml$7mYg}0`7YHSKXvw4fY
z;J^(`vvEubxPOVl8_?uZ4_&M+3Ft}2qZ?~+cZ?+9==+?Fn#T7xwb_M*-QfwUD;+hB
zWWG$9M`#!-N9Nv~`YUk=2!}$53b1=OGrJff@B{oI_#j1*@_C?pa~WzP?863mN`t_3
zPF|tm{Z;fE#GJ0NzyJZ9U=-$tM<9e#9El`ha6G<(`>Opa)o7huIyl9)b-3#Cy_!9U
zI>^L}hvzLiDPcJrMZ_Ac=*P<*Muvtxi=%KSn|>G{ic4LvBx7lY@k14*Zx9man;-Bo
zLT9OFLIjc4hOvK~eoac?HR;Y~ybZ$_FCP3wuC;=Xx9nsiHy8Z#msu<EhwcDOY~lhz
zyqSa%{f9$Hoy!8;iw!HGVzhfdKDz@XHXVQjC(%e~bRcWh9n<#^Inj;%DZOoQChWI_
zys<{Q0H!wu)UgG00f$rB9QRwxhz*?d@UjuU`)EouGDun<_>qmenqvN|{gi~AG8-R5
z>D5d9cY9XwrRfP2MY)ipxEA!`uN}JK4@c@56mlDsSG_0Q0YC;05#12P{4B?EVQiW<
zX(NWye{$l$7^tUU+9H9~3Ynl8cB;3#7nGoC2`8vp@`8^Fy6~)=ewU})KNC8~7%g9~
z_Wql3Oc|H05ij}K=9Criflnt`6BX{AD^Y;o0Usaqw4=P=H5dadUZ)LA(1y@|WyKV9
z9val@PL<xfT_$+dy8I0Nqs52ZDx_*vBU!m{nSB>DMGl!(Wyuy)^z6Za>x*-(nkae=
z#`N)UmBpvGgc-{Zhcp&kFi!S{58aOc+<Q8eN_`;@_69jGP#i7wXjwC)b$ena&?j;y
zye`U$PjEC~j)Hs<1wfQ#>`8NR8);7u)2BUniN0Y|X?&0!tuX(Gw}yQn>_@&IQ6Tv+
zb!<RX1Sv~KGY$5G8F@!9hkaH*pj~AVLQKy>luVaaH_L`GC`CCE$<F`8m@;A@95Nu8
zCLFqw45`Xd!j&NQ{|mTK04X<z_%PQd%GlIYS!DzsP1EmvH@Ii~vB_av0x=&P<+Gk#
zeGYgJzk=B6#vF<mke&W*Of&{TsQigD1yo2|VFQuFHI-F!Kk6*Dtb&4CHYz}$f0Rdi
zsO-pkB<sEf(8R8$h)Zdz?}|w57<?-M#5(;CDq6g6{C~;3Y*atW(SPz;h_Q=bH`g7R
z+PTFeDj)}jJWjD`{*8p;T$#g2ped4K@G5fLX<jSp0KtNdvmkpwgOAWZpwwN0+U(zr
zkb%-qu$WyQUiE;>FM&>(K{*&eyFF791UlY-r1xl?TB^kS^VSJ0S7S0q`p@$Dgh89m
zZ|>oA0fA0c|K#$Ck|T{JP+*P&_7!w!Uo}_|N(C>h#=ou<x$&JC#ph2<eo<z~3)Jmw
z|CMyMb>^kyKR`S;xxquYPDI7|L3SS|j*>E7J$@F+KblV*C~j!_-NVAqQ9?VL1MOnJ
zBxxJQS(pj@*p~Oowg8)jKm5LEww4M~YB65_6!RL)Tu=&vr=D3@C=t})>na9`Y}6Rp
z!!_@Y9&AZ~1xtgWy(PZ+J;;$63YAt5XK?=D<hK(NF{8eBH(8P`D7uh7i5Q`zWk)rl
zNO~V)$16mXfM*lzNye8H)^y0$u;Kq3Vy_(@zx`1sc$e0UUhSu2oB?DyK5-8AnRNWg
zCs-i;Jrt-{|5<9$AaJ3JF|h<5e!oZnjg9f<+}BBZdU_T>;P+sCESR*+LtWbzL76t;
zf3jQ=hx9<C13*=aWvc>*M@+M0d2fu<j?I5nyR#Hn;HI0&7aqsXpmMS&E-gGH>-dsE
z(<<*NMbOvl@PY;Xv_WDUnO4&KJwc}@7~WOz#+G)ID>G^dS_@gt?<K_9hQ|w@7pg}C
z${9h1n;B5qrk1NMy2As3j`vV3_5l;jZN#!}TjD)WjCz5>4@3=<5{y6?lT`ofUN*K}
ze}`cLeQ<DiBvxIU^aWmiSN0dZQ?@d{&N}pdj!dFhYp;uYW*FGaIZAM!Y~u=uA8u(S
zW@uz25S?1GO?XQnca&BR742v3SlFMd+By>UmHI#_SqGUKB7ExzNB*LLy08Cp*ZF|%
z^o&l0dst96adHt6vdZ>b{;saBgN^(c4~LS~%fXmiGhGZZRD@>qY;kMTXUt<=1Rh_M
zTnHvvExze9A$FI_A6`0j;-PMgODgaaXq0TjxvP5TX(qo!iHe1f(R^#HXfzO*q?zdm
zH8T7<fK;cby5{45FedpxILd9Ox_^*l)y5sxfN9=O8P8gXCB>iG_Nj#LiV|clpD&%J
zH-(Vc8{}^$_t^KlBa;pdRapA${T2#7Hs{S&eI(~^iMt<kWR;qx+tY%&nrHW5hj!3`
z<MI#~f-Y0>b5PZnGAV(AmlvWecqnPsn|j8ti!EJpxlkJB+CB7>VZD4oz9KW>EsivD
zT2(24Qn`j%7?^!R|G@^R7jR$|uQ&c1Nj28PR1TIQbuai#srWvNDMnlh0l@$cQ$psi
zLrNQI4f|2=d!wuG#O)z6P(K|cdc-Ul-&|LXew~V8PSREYJXYw<G$aPH9AZ&kOn<K~
zgF6684$vpfXm|P~F^Vie+M}`Mm_))DN-OuF{<QORI>WCdz}t_FvzM-Pd*DKY4ZKJM
z0p|ahR}2!qd;}v!br0!?tJgR%{4eXJoqVNTgg#X|un_adhEHYtz}9Y4FZT1z8xGb-
z#AT)Vv7OHc&kFeT$Hwt2FBaVeHCzxPJ$b^MzcTVJgXB!N&Qdtr=R_aMm<JT_#Z9d_
zagckn2>4>D+<zrnF0JKk;)`xiX>UE2chhIcc@s3uMG*y1Q|ulEh5TdCKpB!bhJ`Bk
zC)ckO)9v^h4@DyZ=m1gf{YpbBS-WDlL?bd5Bf|=|O@8l{`m0bHk>S3BjQt+C{2Z-3
zOsY$Ra0>%3jM=*%7-X$igtz-6+Xss&HABzbmM&Czx6XS|Di=F-Ll#BUEEfIOnAp4q
zB_rQ^bJ8kh1c2gSodxIfJ+4FCODkcVk%T{>xsRf=9;YOO@oWJSdLlno@w1uo@m>G5
zj<n$Q?jlyoROvwo?;bhP!>n30iRG!+v<1e;2P^or#=lKJDm7jvGN`%p7maOu(2ReI
zy2`mvxT`iiQv^Ob#0x<W?JJeTGRe7->^?fL=Z0vS{ZzTmVwHiC5<2ZSz0k8PW@#HG
zZhn{D;8Ps~^|FtGL{GlFtO!Bhk;sT>GVDyxDvnb@iCFVlS4obfZ)$jJ)H$J-wZ`{w
z`>_uQ!8L9Pj`x3<VvE!Qh$l*miNQeWSApsW!IQcsTN+Ba34&Wm5ge^Rf91)QBZbC+
z2-2t(4I@n;1p_}J78cgqjkoD+3!+>4CpJ@6kqj0}g;ccM6(^}R-kqIdgT;2+V{L_A
z?@vi`>#k17K6O#<wRu<l-siD<M*807lev$bFf9W+d*GO%){}Ii2aO|4)8S+P-)C|m
zFNE|ZF6}2v!(v^kQuYBS#}_f0r%rhafS%n`MnT(R?HyS9Eag=_sknG|Vkjv7<<#~C
z5#U*c!d5OhJs<<>gLnQ%vtYYPTWB8gb;3ED$s)r*tpSTpKqN=eL@nLVpX%tr2Cjuh
zTdoRKuIEa_cP<E-Ul~Nq2_82*TsJ7#1;nQa+`8SvEOBw5q~x9~y)Ig7+i1qNL1LkQ
z(%tX{FtRvj0$*-TbnM>fY)aeSXSyNV(gb{|gv9;$j5c}w8MXbk1^#u@X-|u7TNg*n
zOqA62d16|7jd%Po8zq#a$0eqzNjvAc`G#1)0SV-qzWQv4PHV+S@X`Am2c%9#fj}lh
z+K6cqSxqFY&z@xPVQV}U^8>q)dcg~b2Dcn~ng<w5J+8y+e71->FgRFKHU5xUxdcBZ
zv5bX1dx?Lt!NvO75@mqKg`~N@Y9Ut?NI>%_zrG+l@ANr5&j>Cy`Oe11@Wv!6y*5$C
zzr3=>`;?Hg3nbF^_0rc)oSqBaKA$YVB%u4LY}mooU46NpGuG@y<y>)PP|-0#WuuwI
zm>H#Anwk*B$|M-@uPt?-a%SQ-Nd{++iv3Jk)L6m&Dyit+^QR!^BluiXLt%uYs(On?
z7D~Xa&(sBc_yuD~sAvq`N5*#?7KxDJ%#uB(N`#DSe}B)F)ip|fTFq6(DiW5v-A@L|
zng|?}ls}A|k>rr*nJ7Q++`&Ot>8E$Q)a*0K;Plb44h!TfjWuql)Z7RFe(*^(`ndmt
z?H}C%_$;oq7E;Ox0;n@5Ffg|6T+`|(6AqjMMIY8a<v{2%YmfRK>xx)>wq76dQ7}X1
zAcPE#Cj2AoFUbvs6Y7K;UZOn6DF)1ogKi8qn;BkEgy`dwmu~ccZ;JU*Lnjto?Zd^`
z7Bq8PHmo@X?>8=*nfKLOVnrtaw>57ImHwXPCfhLte|uKnP9Jt+dcgiFoKd3Vk3O1N
z;I?Ivi*;`{9{<af(g!UJNbf=fsBOOL_gZXNb|F7T_+>U~kx~}>@(C{;2^MR!7Mui)
zlT(c<E_8BLNKgdAG>`8E^fy*)KY{%gwGsto1gi4%YG<x8Es0rP4>rivNWs~?vJr%G
ziJ=KT_a7JXlS`nbR}TL2h4bfV63#dV49M7!{oEgDxt-)UF-ju!0xDEG(xGKrzB#Xd
zf*O{hQ}8y;yWAQ}+|)gHcZ#*|^iVR+J{sNZnSfLj)v3&4J!HQ^UG!2kZ2?=(8aFOb
z+vOYqeGts<{(lUxb33W@cJ84c>IDo~wU3Ib*{J<7Was^MW_^(H+OXd~=YQs_the*n
z*BkOhU_VPI;90AN|C$^j()ry&2%I5S)5lNP5_<w`N&|WJ9{)4+L8NGHjn457_8BeA
zK4!6IdAf(%Cdr#bkZ58^3mX&^RG5u=RNs}e>!e9q;c1h6WPY&TKwS0~z9+(H4n+bJ
zfA^;T96%Lu>DeJa`GPdmekf}xqy{E#d=Yn75>~j_{J6vlUBU$zAa4bIdn@K>IuPOZ
zj|w=kS#e;#eua`JXFz8^&`Im)YP@F*njmuFJwZxHbgeXB1Jm0;PKtVtVZDz77tqR`
z<}M{G6c=$#dDE7I)$I>~^o$t>^?_7^PweZmV8WbGo8VoqVgU;os^XW_%qPfhX`<u+
z!4kv`=OBPNd<!feUn+|uXC96+0*EQh#q+%8Ke12loe4noc=6v<54wBa#C$s$&%7rG
zl<M)`t0eanY31qD<%O?;p{@a>>9}a9U0I{p9t~H;aM1gd2n|zflg=Dd!3aYxu((4g
zVFIv#H`0kW+_m-50vC7&o}nQUx#=3<iy5QXeofoF|9_kcI2>qE!)n`kVJO?za=bXs
z&q92nTvQYl6<e6X=;^J^OED;@)6y9}ianPrOK`u)uc4AJg|5(D6tG-KJB+okt02&m
zZr%BU{k2c9O6a*b;10#UOwzRROs+cGa@+%7^MEoi^+B&)kHgLm*oa~Jcz~}eW^jXO
z(0<=Q9MyNwnn7NE(To}s0vlhnII!uNvuXwMZ^Qs%N+YkX`NiKexi}Pa^d54!gVu}i
zStCAF2K11Ha_G)Sg1ea+w`fm=g=rEHr~=3`pFaOyY6R7wezWBvp;Sw|%Y$YW+ECK|
zy|TH5&d0~yky8K+Q5Db$?x-I-JTz}SOTg6_uqkBa<merv1)%#KUn7Q!26zgw2?l}J
zl;`o1(!mIT?+b}{rC?_7vHW=!(FV93DCQ4|Q>0h`9Ras!=LM9zLi=Kn62=j_L5-6M
zHS`LA-5uX9rekjN3p+K=NQ?nh92LbH7Y9mvihLk5T|?_-{lhddR0;QoYV1`cC;_wm
z?p6TG;|A&YRWsUqP|X8UiG&pnl<u$Z4S2AakCib&)P<p8TH%_cT!#s)l$6vnW@c$S
zJ63;xh|eCIs6N2LD1dy9c+Ob_fKJ0_u$~Sa;|{9Y_aY0y?^lh5$vvphNyxGG{J~wl
zmo&ssNfYhNx$^wttTT2<x=^lz1?pkr4-*H%qbmE3Vh0<DD?w#aAoP=6Qmcvg-`jv+
z8_lT{BmgvJ>yr`{p9fiU|FoyjWAnE0luNtKYi!Cxg$R2L2mEQ{4OcM=@<z%dz>;d_
z9*+b=HbIA+tz93!7jyOSc+X$uf+1~Yigig!Akcg9&;O3U;FEU3IHZR-Fl}B3IF{%V
zun15n7mk@wgVyg6CRpi5xsI~X=NJ2eL&NZ>=O^@71BwqFG}5;EwaR9e{|;jW>p$;)
zU#Th^HA%W3rA*$}maJ4hb}GTw9hxH1Vl|W&=gWh9pbd>o+}F}-fhLg6Ey~hA469FF
z1uBk#Va>l0vd9-c`_KE6!x%uZ+DZ@{SA+GuT6l`49P7IZ9rdXG5lpPFF8sywMLb%U
zdq1@uim@2jJF-4}-xUdzBh+(e|D@OWBWv&BOg}u2Iu{2hlCiJiuT;_6ysDN;9Y?4^
z_qz-_30YaB72C)6_$V(WI07>2ZeVSF;b9fXsjIpjoyu?)Vi3#bVKV>4>;G9(-!$NL
z8-ASNoYou37P4ZED!CUZ|5<b>D#8dm{B<E5ee@sD<bO8g{)YzWnXXr@zE80GU%vP7
z)&EA!{&|c0Edf8<Kp8<GSp|sRfB*EK9~PjjfQpR+;(xdQzaQ)S2e_GbM7RPECffh&
zu?<jgnUP;m=KphCZlFkJq<f?P^QixNcm))M_`k1;{D0)G9^CD6j7ca7NgqD~|Ky~U
KBrC)X{r?}1u{0I{

literal 0
HcmV?d00001

diff --git a/docs/security/trust/images/trust_.gliffy b/docs/security/trust/images/trust_.gliffy
new file mode 100644
index 00000000..9298984b
--- /dev/null
+++ b/docs/security/trust/images/trust_.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#FFFFFF","width":1029,"height":814,"nodeIndex":315,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":true,"drawingGuidesOn":true,"pageBreaksOn":false,"printGridOn":false,"printPaper":null,"printShrinkToFit":false,"printPortrait":false,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":159,"y":120.286},"max":{"x":1029,"y":814}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":465.5822784810126,"y":531.0,"rotation":0.0,"id":299,"width":30.0,"height":30.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.events.timer_intermediate","order":204,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.timer_intermediate.bpmn_v1","strokeWidth":2.0,"strokeColor":"#000000","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":733.0,"y":578.0,"rotation":0.0,"id":294,"width":54.0,"height":54.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.events.timer_intermediate","order":200,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.timer_intermediate.bpmn_v1","strokeWidth":2.0,"strokeColor":"#000000","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":297,"width":88.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\">Timestamp Key</span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":311.0,"y":147.0,"rotation":0.0,"id":268,"width":18.0,"height":53.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":178,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":152,"py":0.5,"px":1.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":264,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":17,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-3.417721518987321,-4.214000000000027],[9.708860759493689,-4.214000000000027],[9.708860759493689,50.74999999999994],[22.8354430379747,50.74999999999994]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":415.0,"y":313.0,"rotation":0.0,"id":250,"width":7.0,"height":413.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":172,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":79,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[3.5,-3.0],[9.5,497.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":290.0,"y":340.0,"rotation":0.0,"id":11,"width":63.0,"height":82.0,"uid":"com.gliffy.shape.network.network_v4.business.user","order":12,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.user","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":12,"width":48.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Account</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":479.0,"y":330.0,"rotation":0.0,"id":2,"width":120.0,"height":80.0,"uid":"com.gliffy.shape.network.network_v4.business.user_group","order":9,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.user_group","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":3,"width":73.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Organization</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":159.0,"y":310.0,"rotation":0.0,"id":79,"width":531.0,"height":500.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":0,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#ffffff","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":159.00000000000003,"y":320.0,"rotation":0.0,"id":82,"width":108.99999999999999,"height":20.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":58,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-weight:bold;font-family:Arial;font-size:18px;\"><span style=\"\">Registry</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":730.0,"y":340.0,"rotation":0.0,"id":86,"width":61.0,"height":79.0,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":59,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#ff0000","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":87,"width":62.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Offline key</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":730.0,"y":455.0,"rotation":0.0,"id":88,"width":61.0,"height":79.0,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":62,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":89,"width":70.0,"height":14.0,"uid":null,"order":64,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Tagging key</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":360.4891500904159,"y":650.0,"rotation":0.0,"id":227,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":158,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":228,"width":16.0,"height":18.0,"uid":null,"order":160,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\"><span style=\"font-weight:bold;font-size:16px;\">X</span><br /></span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":185.1428571428571,"y":587.0,"rotation":0.0,"id":109,"width":187.85714285714286,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":81,"lockAspectRatio":false,"lockShape":false,"children":[{"x":7.142857142857139,"y":50.0,"rotation":0.0,"id":98,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_right","order":74,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":99,"width":71.42857142857143,"height":50.0,"uid":null,"order":77,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":98}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":98}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_right","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":-7.142857142857139,"y":0.0,"rotation":0.0,"id":100,"width":50.0,"height":18.0,"uid":null,"order":80,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":98,"px":-0.1,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">working</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":7.571428571428527,"y":0.0,"rotation":0.0,"id":95,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_right","order":66,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":96,"width":71.42857142857143,"height":50.0,"uid":null,"order":69,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":95}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":95}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_right","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":-7.142857142857139,"y":0.0,"rotation":0.0,"id":97,"width":38.0,"height":18.0,"uid":null,"order":72,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":95,"px":-0.1,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">latest</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":77.85714285714286,"y":8.0,"rotation":0.0,"id":30,"width":110.00000000000001,"height":80.0,"uid":"com.gliffy.shape.sitemap.sitemap_v2.photo","order":24,"lockAspectRatio":false,"lockShape":false,"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":31,"width":110.00000000000001,"height":25.0,"uid":null,"order":27,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":32}],"minHeight":0.0,"growParent":true,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.rounded_top","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":32,"width":110.00000000000001,"height":25.0,"uid":null,"order":31,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":6,"paddingRight":2,"paddingBottom":6,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(255, 255, 255);\">Repository</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":25.0,"rotation":0.0,"id":33,"width":110.00000000000001,"height":55.0,"uid":null,"order":34,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":30},{"magnitude":-1,"id":32}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":32,"px":0.0,"py":1.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.sitemap.sitemap_v2.photo","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":184.21428571428567,"y":450.0,"rotation":0.0,"id":253,"width":187.85714285714286,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":173,"lockAspectRatio":false,"lockShape":false,"children":[{"x":77.85714285714286,"y":8.0,"rotation":0.0,"id":125,"width":110.00000000000001,"height":80.0,"uid":"com.gliffy.shape.sitemap.sitemap_v2.photo","order":83,"lockAspectRatio":false,"lockShape":false,"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":126,"width":110.00000000000001,"height":25.0,"uid":null,"order":86,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":127}],"minHeight":0.0,"growParent":true,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.rounded_top","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":127,"width":110.00000000000001,"height":25.0,"uid":null,"order":90,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":6,"paddingRight":2,"paddingBottom":6,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(255, 255, 255);\">Repository</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":25.0,"rotation":0.0,"id":128,"width":110.00000000000001,"height":55.0,"uid":null,"order":93,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":125},{"magnitude":-1,"id":127}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":127,"px":0.0,"py":1.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.sitemap.sitemap_v2.photo","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":7.571428571428527,"y":0.0,"rotation":0.0,"id":122,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_right","order":95,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":123,"width":71.42857142857143,"height":50.0,"uid":null,"order":98,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":122}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":122}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_right","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":-7.142857142857139,"y":0.0,"rotation":0.0,"id":124,"width":38.0,"height":18.0,"uid":null,"order":101,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":122,"px":-0.1,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">latest</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":7.142857142857139,"y":50.0,"rotation":0.0,"id":119,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_right","order":103,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":120,"width":71.42857142857143,"height":50.0,"uid":null,"order":106,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":119}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":119}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_right","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":-7.142857142857139,"y":0.0,"rotation":0.0,"id":121,"width":26.0,"height":18.0,"uid":null,"order":109,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":119,"px":-0.1,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">2.0</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":479.0,"y":120.74999999999994,"rotation":0.0,"id":261,"width":155.08307142857143,"height":168.072,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":174,"lockAspectRatio":false,"lockShape":false,"children":[{"x":85.65449999999998,"y":38.0,"rotation":0.0,"id":245,"width":28.0,"height":43.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":171,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":193,"py":0.5,"px":1.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":204,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":17,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[2.5108499095841808,-13.999999999999972],[16.0465641952984,-13.999999999999972],[16.0465641952984,39.0],[29.582278481012622,39.0]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":null},{"x":89.65449999999998,"y":25.0,"rotation":0.0,"id":244,"width":24.0,"height":1.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":169,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":193,"py":0.5,"px":1.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":192,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":17,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-1.4891500904158192,-0.9999999999999716],[7.534659433393699,-0.9999999999999716],[16.558468957203104,-0.9999999999999716],[25.582278481012622,-0.9999999999999716]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":null},{"x":115.2367784810126,"y":62.0,"rotation":0.0,"id":204,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":151,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":205,"width":15.0,"height":16.0,"uid":null,"order":154,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:bold;font-family:Arial;font-size:14px;\"><span style=\"text-decoration:none;\">C</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":null},{"x":115.2367784810126,"y":9.000000000000028,"rotation":0.0,"id":192,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":148,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":201,"width":15.0,"height":16.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:bold;font-family:Arial;font-size:14px;\"><span style=\"text-decoration:none;\">A</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":null},{"x":65.0007929475588,"y":9.000000000000028,"rotation":0.0,"id":193,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":141,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#ff0000","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":194,"width":14.0,"height":18.0,"uid":null,"order":144,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:bold;font-family:Arial;font-size:16px;\">2</span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":null},{"x":55.08307142857143,"y":0.0,"rotation":0.0,"id":195,"width":100.0,"height":133.0,"uid":"com.gliffy.shape.ui.ui_v3.containers_content.speech_bubble_right","order":129,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"MinWidthConstraint","MinWidthConstraint":{"width":100}},{"type":"HeightConstraint","HeightConstraint":{"isMin":true,"heightInfo":[{"magnitude":1,"id":197},{"magnitude":1,"id":198}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":196,"width":100.0,"height":118.0,"uid":null,"order":132,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":195,"px":0.0,"py":0.0,"xOffset":0.0,"yOffset":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":195},{"magnitude":-1,"id":198}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":195}],"minWidth":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.containers_content.speech_bubble","strokeWidth":2.0,"strokeColor":"#BBBBBB","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":197,"width":100.0,"height":29.0,"uid":null,"order":136,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":195}],"minWidth":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(102, 102, 102);\">&nbsp;</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":36.0,"y":117.0,"rotation":0.0,"id":198,"width":24.0,"height":15.0,"uid":null,"order":139,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"ConstWidthConstraint","ConstWidthConstraint":{"width":24}},{"type":"ConstHeightConstraint","ConstHeightConstraint":{"height":15}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":196,"px":1.0,"py":1.0,"xOffset":-64.0,"yOffset":-1.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.containers_content.speech_bubble_right","strokeWidth":2.0,"strokeColor":"#BBBBBB","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":67.0,"rotation":0.0,"id":180,"width":67.309,"height":101.072,"uid":"com.gliffy.shape.cisco.cisco_v1.buildings.generic_building","order":126,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.buildings.generic_building","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":182,"width":56.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Company</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":231.1785714285715,"y":204.78599999999997,"rotation":0.0,"id":0,"width":63.0,"height":82.0,"uid":"com.gliffy.shape.network.network_v4.business.female_user","order":6,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.female_user","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":1,"width":43.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Person</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":272.07142857142856,"y":120.286,"rotation":0.0,"id":171,"width":100.0,"height":132.0,"uid":"com.gliffy.shape.ui.ui_v3.containers_content.speech_bubble_right","order":112,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"MinWidthConstraint","MinWidthConstraint":{"width":100}},{"type":"HeightConstraint","HeightConstraint":{"isMin":true,"heightInfo":[{"magnitude":1,"id":173},{"magnitude":1,"id":174}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":172,"width":100.0,"height":117.0,"uid":null,"order":114,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":171,"px":0.0,"py":0.0,"xOffset":0.0,"yOffset":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":171},{"magnitude":-1,"id":174}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":171}],"minWidth":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.containers_content.speech_bubble","strokeWidth":2.0,"strokeColor":"#BBBBBB","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":173,"width":100.0,"height":29.0,"uid":null,"order":117,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":171}],"minWidth":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(102, 102, 102);\">&nbsp;</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":36.0,"y":116.0,"rotation":0.0,"id":174,"width":24.0,"height":15.0,"uid":null,"order":119,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"ConstWidthConstraint","ConstWidthConstraint":{"width":24}},{"type":"ConstHeightConstraint","ConstHeightConstraint":{"height":15}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":172,"px":1.0,"py":1.0,"xOffset":-64.0,"yOffset":-1.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.containers_content.speech_bubble_right","strokeWidth":2.0,"strokeColor":"#BBBBBB","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":310.5,"y":146.78599999999997,"rotation":0.0,"id":239,"width":20.0,"height":1.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":167,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":152,"py":0.5,"px":1.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":237,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":17,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-2.917721518987321,-4.0],[6.078661844484657,-4.0],[15.075045207956578,-4.0],[24.071428571428555,-4.0]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":333.8354430379747,"y":182.74999999999994,"rotation":0.0,"id":264,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":175,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":265,"width":21.0,"height":18.0,"uid":null,"order":177,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\"><span style=\"font-weight:bold;font-size:16px;\">&nbsp;N</span><br /></span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":284.4177215189874,"y":127.78599999999997,"rotation":0.0,"id":152,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":120,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#ff0000","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":153,"width":14.0,"height":18.0,"uid":null,"order":122,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:bold;font-family:Arial;font-size:16px;\">1</span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":334.57142857142856,"y":127.78599999999997,"rotation":0.0,"id":237,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":164,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":238,"width":16.0,"height":18.0,"uid":null,"order":166,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\"><span style=\"font-weight:bold;font-size:16px;\">X</span><br /></span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":565.0,"y":500.0,"rotation":0.0,"id":40,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":1,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":41,"width":71.42857142857143,"height":50.0,"uid":null,"order":3,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":40}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":40}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285666,"y":0.0,"rotation":0.0,"id":42,"width":26.0,"height":18.0,"uid":null,"order":5,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":40,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">1.0</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":454.99999999999994,"y":461.0,"rotation":0.0,"id":16,"width":110.00000000000001,"height":80.0,"uid":"com.gliffy.shape.sitemap.sitemap_v2.photo","order":15,"lockAspectRatio":false,"lockShape":false,"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":17,"width":110.00000000000001,"height":25.0,"uid":null,"order":17,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":18}],"minHeight":0.0,"growParent":true,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.rounded_top","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":18,"width":110.00000000000001,"height":25.0,"uid":null,"order":20,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":6,"paddingRight":2,"paddingBottom":6,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(255, 255, 255);\">Repository</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":25.0,"rotation":0.0,"id":19,"width":110.00000000000001,"height":55.0,"uid":null,"order":22,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":16},{"magnitude":-1,"id":18}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":18,"px":0.0,"py":1.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.sitemap.sitemap_v2.photo","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":565.0,"y":450.0,"rotation":0.0,"id":37,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":35,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":38,"width":71.42857142857143,"height":50.0,"uid":null,"order":37,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":37}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":37}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285666,"y":0.0,"rotation":0.0,"id":39,"width":38.0,"height":18.0,"uid":null,"order":39,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":37,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">latest</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":443.4177215189873,"y":513.0,"rotation":0.0,"id":229,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":161,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":230,"width":15.0,"height":16.0,"uid":null,"order":163,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:bold;font-family:Arial;font-size:14px;\"><span style=\"text-decoration:none;\">A</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":565.0,"y":630.0,"rotation":0.0,"id":63,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":40,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":64,"width":71.42857142857143,"height":50.0,"uid":null,"order":42,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":63}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":63}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285666,"y":0.0,"rotation":0.0,"id":65,"width":68.0,"height":18.0,"uid":null,"order":44,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":63,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">producttion</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":454.99999999999994,"y":591.0,"rotation":0.0,"id":58,"width":110.00000000000001,"height":80.0,"uid":"com.gliffy.shape.sitemap.sitemap_v2.photo","order":45,"lockAspectRatio":false,"lockShape":false,"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":59,"width":110.00000000000001,"height":25.0,"uid":null,"order":47,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":60}],"minHeight":0.0,"growParent":true,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.rounded_top","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":60,"width":110.00000000000001,"height":25.0,"uid":null,"order":50,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":6,"paddingRight":2,"paddingBottom":6,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(255, 255, 255);\">Repository</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":25.0,"rotation":0.0,"id":61,"width":110.00000000000001,"height":55.0,"uid":null,"order":52,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":58},{"magnitude":-1,"id":60}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":60,"px":0.0,"py":1.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.sitemap.sitemap_v2.photo","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":565.0,"y":580.0,"rotation":0.0,"id":55,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":53,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":56,"width":71.42857142857143,"height":50.0,"uid":null,"order":55,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":55}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":55}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285666,"y":0.0,"rotation":0.0,"id":57,"width":28.0,"height":18.0,"uid":null,"order":57,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":55,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">test</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":443.4177215189873,"y":646.0,"rotation":0.0,"id":221,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":155,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":222,"width":15.0,"height":16.0,"uid":null,"order":157,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:bold;font-family:Arial;font-size:14px;\"><span style=\"text-decoration:none;\">C</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":565.0,"y":745.0,"rotation":0.0,"id":281,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":179,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":282,"width":71.42857142857143,"height":50.0,"uid":null,"order":181,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":281}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":281}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285666,"y":0.0,"rotation":0.0,"id":283,"width":48.0,"height":18.0,"uid":null,"order":183,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":281,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">release</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":454.99999999999994,"y":706.0,"rotation":0.0,"id":277,"width":110.00000000000001,"height":80.0,"uid":"com.gliffy.shape.sitemap.sitemap_v2.photo","order":184,"lockAspectRatio":false,"lockShape":false,"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":278,"width":110.00000000000001,"height":25.0,"uid":null,"order":186,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":279}],"minHeight":0.0,"growParent":true,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.rounded_top","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":279,"width":110.00000000000001,"height":25.0,"uid":null,"order":189,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":6,"paddingRight":2,"paddingBottom":6,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(255, 255, 255);\">Repository</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":25.0,"rotation":0.0,"id":280,"width":110.00000000000001,"height":55.0,"uid":null,"order":191,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":277},{"magnitude":-1,"id":279}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":279,"px":0.0,"py":1.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.sitemap.sitemap_v2.photo","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":565.0,"y":695.0,"rotation":0.0,"id":274,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":192,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":275,"width":71.42857142857143,"height":50.0,"uid":null,"order":194,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":274}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":274}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285666,"y":0.0,"rotation":0.0,"id":276,"width":26.0,"height":18.0,"uid":null,"order":196,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":274,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">7.5</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":360.4891500904159,"y":510.0,"rotation":0.0,"id":289,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":197,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":290,"width":21.0,"height":18.0,"uid":null,"order":199,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\"><span style=\"font-weight:bold;font-size:16px;\">&nbsp;N</span><br /></span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":332.57142857142856,"y":532.0,"rotation":0.0,"id":301,"width":30.0,"height":30.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.events.timer_intermediate","order":205,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.timer_intermediate.bpmn_v1","strokeWidth":2.0,"strokeColor":"#000000","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":330.4177215189874,"y":670.0,"rotation":0.0,"id":302,"width":30.0,"height":30.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.events.timer_intermediate","order":206,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.timer_intermediate.bpmn_v1","strokeWidth":2.0,"strokeColor":"#000000","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":466.5822784810126,"y":667.0,"rotation":0.0,"id":303,"width":30.0,"height":30.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.events.timer_intermediate","order":207,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.timer_intermediate.bpmn_v1","strokeWidth":2.0,"strokeColor":"#000000","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":621.401335443038,"y":508.0,"rotation":0.0,"id":306,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":209,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":621.401335443038,"y":459.0,"rotation":0.0,"id":307,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":210,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":621.401335443038,"y":589.0,"rotation":0.0,"id":308,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":211,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":186.21428571428567,"y":594.0,"rotation":0.0,"id":309,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":212,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":189.21428571428567,"y":644.0,"rotation":0.0,"id":310,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":213,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":810.0,"y":358.5,"rotation":0.0,"id":164,"width":217.0,"height":70.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":110,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">A offline key is used to create repository keys. Offline keys belong to a person or an organization. Resides client-side. You should store these in a safe place and back them up.&nbsp;</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":810.0,"y":487.5,"rotation":0.0,"id":170,"width":217.0,"height":56.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":111,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">A tagging key is associated with an image repository. publishers with this key can push or pull any tag in this repository. This resides on client-side.</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":810.0,"y":587.0,"rotation":0.0,"id":298,"width":217.0,"height":42.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":203,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">A timestamp key is associated with an image repository. This is created by Docker and resides on the server.</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":743.3333333333334,"y":681.0,"rotation":0.0,"id":314,"width":283.66666666666663,"height":20.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":215,"lockAspectRatio":false,"lockShape":false,"children":[{"x":66.66666666666663,"y":4.0,"rotation":0.0,"id":312,"width":217.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":214,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Signed tag.</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":null},{"x":0.0,"y":0.0,"rotation":0.0,"id":304,"width":33.333333333333336,"height":20.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":208,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"}],"layers":[{"guid":"dockVlz9GmcW","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":216}],"shapeStyles":{},"lineStyles":{"global":{"strokeWidth":1,"endArrow":17}},"textStyles":{"global":{"size":"16px","color":"#000000"}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.cisco.cisco_v1.buildings","com.gliffy.libraries.sitemap.sitemap_v2","com.gliffy.libraries.sitemap.sitemap_v1.default","com.gliffy.libraries.ui.ui_v3.containers_content","com.gliffy.libraries.table.table_v2.default","com.gliffy.libraries.ui.ui_v3.navigation","com.gliffy.libraries.ui.ui_v3.forms_controls","com.gliffy.libraries.ui.ui_v3.icon_symbols","com.gliffy.libraries.ui.ui_v2.forms_components","com.gliffy.libraries.ui.ui_v2.content","com.gliffy.libraries.ui.ui_v2.miscellaneous","com.gliffy.libraries.network.network_v4.business","com.gliffy.libraries.flowchart.flowchart_v1.default","com.gliffy.libraries.basic.basic_v1.default","com.gliffy.libraries.bpmn.bpmn_v1.events","com.gliffy.libraries.bpmn.bpmn_v1.activities","com.gliffy.libraries.bpmn.bpmn_v1.data_artifacts","com.gliffy.libraries.bpmn.bpmn_v1.gateways","com.gliffy.libraries.bpmn.bpmn_v1.connectors","com.gliffy.libraries.swimlanes.swimlanes_v1.default","com.gliffy.libraries.images"],"lastSerialized":1439068390533},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/docs/security/trust/images/trust_components.gliffy b/docs/security/trust/images/trust_components.gliffy
new file mode 100644
index 00000000..07c859bb
--- /dev/null
+++ b/docs/security/trust/images/trust_components.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#FFFFFF","width":881,"height":704,"nodeIndex":316,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":true,"drawingGuidesOn":true,"pageBreaksOn":false,"printGridOn":false,"printPaper":null,"printShrinkToFit":false,"printPortrait":false,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":10,"y":10},"max":{"x":880.0000000000001,"y":703.7139999999999}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":10.0,"y":199.714,"rotation":0.0,"id":79,"width":531.0,"height":500.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":0,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#ffffff","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":416.0,"y":389.714,"rotation":0.0,"id":40,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":1,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":41,"width":71.42857142857143,"height":50.0,"uid":null,"order":3,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":40}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":40}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285722,"y":0.0,"rotation":0.0,"id":42,"width":26.0,"height":18.0,"uid":null,"order":5,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":40,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">1.0</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":82.1785714285715,"y":94.49999999999997,"rotation":0.0,"id":0,"width":63.0,"height":82.0,"uid":"com.gliffy.shape.network.network_v4.business.female_user","order":6,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.female_user","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":1,"width":43.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Person</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":330.0,"y":219.714,"rotation":0.0,"id":2,"width":120.0,"height":80.0,"uid":"com.gliffy.shape.network.network_v4.business.user_group","order":9,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.user_group","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":3,"width":73.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Organization</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":141.0,"y":229.714,"rotation":0.0,"id":11,"width":63.0,"height":82.0,"uid":"com.gliffy.shape.network.network_v4.business.user","order":12,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.user","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":12,"width":48.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Account</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":305.99999999999994,"y":350.714,"rotation":0.0,"id":16,"width":110.00000000000001,"height":80.0,"uid":"com.gliffy.shape.sitemap.sitemap_v2.photo","order":15,"lockAspectRatio":false,"lockShape":false,"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":17,"width":110.00000000000001,"height":25.0,"uid":null,"order":17,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":18}],"minHeight":0.0,"growParent":true,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.rounded_top","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":18,"width":110.00000000000001,"height":25.0,"uid":null,"order":20,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":6,"paddingRight":2,"paddingBottom":6,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(255, 255, 255);\">Repository</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":25.0,"rotation":0.0,"id":19,"width":110.00000000000001,"height":55.0,"uid":null,"order":22,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":16},{"magnitude":-1,"id":18}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":18,"px":0.0,"py":1.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.sitemap.sitemap_v2.photo","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":416.0,"y":339.714,"rotation":0.0,"id":37,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":35,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":38,"width":71.42857142857143,"height":50.0,"uid":null,"order":37,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":37}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":37}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285722,"y":0.0,"rotation":0.0,"id":39,"width":38.0,"height":18.0,"uid":null,"order":39,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":37,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">latest</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":416.0,"y":519.7139999999999,"rotation":0.0,"id":63,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":40,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":64,"width":71.42857142857143,"height":50.0,"uid":null,"order":42,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":63}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":63}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285722,"y":0.0,"rotation":0.0,"id":65,"width":68.0,"height":18.0,"uid":null,"order":44,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":63,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">producttion</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":305.99999999999994,"y":480.71399999999994,"rotation":0.0,"id":58,"width":110.00000000000001,"height":80.0,"uid":"com.gliffy.shape.sitemap.sitemap_v2.photo","order":45,"lockAspectRatio":false,"lockShape":false,"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":59,"width":110.00000000000001,"height":25.0,"uid":null,"order":47,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":60}],"minHeight":0.0,"growParent":true,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.rounded_top","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":60,"width":110.00000000000001,"height":25.0,"uid":null,"order":50,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":6,"paddingRight":2,"paddingBottom":6,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(255, 255, 255);\">Repository</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":25.0,"rotation":0.0,"id":61,"width":110.00000000000001,"height":55.0,"uid":null,"order":52,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":58},{"magnitude":-1,"id":60}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":60,"px":0.0,"py":1.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.sitemap.sitemap_v2.photo","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":416.0,"y":469.714,"rotation":0.0,"id":55,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":53,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":56,"width":71.42857142857143,"height":50.0,"uid":null,"order":55,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":55}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":55}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285722,"y":0.0,"rotation":0.0,"id":57,"width":28.0,"height":18.0,"uid":null,"order":57,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":55,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">test</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":10.000000000000036,"y":209.714,"rotation":0.0,"id":82,"width":108.99999999999999,"height":20.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":58,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-weight:bold;font-family:Arial;font-size:18px;\"><span style=\"\">Registry</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":581.0,"y":229.714,"rotation":0.0,"id":86,"width":61.0,"height":79.0,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":59,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#ff0000","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":87,"width":62.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Offline key</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":581.0,"y":344.714,"rotation":0.0,"id":88,"width":61.0,"height":79.0,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":62,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":89,"width":70.0,"height":14.0,"uid":null,"order":64,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Tagging key</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":36.142857142857125,"y":476.71399999999994,"rotation":0.0,"id":109,"width":187.85714285714286,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":81,"lockAspectRatio":false,"lockShape":false,"children":[{"x":7.142857142857139,"y":50.0,"rotation":0.0,"id":98,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_right","order":74,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":99,"width":71.42857142857143,"height":50.0,"uid":null,"order":77,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":98}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":98}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_right","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":-7.142857142857139,"y":0.0,"rotation":0.0,"id":100,"width":50.0,"height":18.0,"uid":null,"order":80,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":98,"px":-0.1,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">working</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":7.571428571428527,"y":0.0,"rotation":0.0,"id":95,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_right","order":66,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":96,"width":71.42857142857143,"height":50.0,"uid":null,"order":69,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":95}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":95}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_right","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":-7.142857142857139,"y":0.0,"rotation":0.0,"id":97,"width":38.0,"height":18.0,"uid":null,"order":72,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":95,"px":-0.1,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">latest</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":77.85714285714286,"y":8.0,"rotation":0.0,"id":30,"width":110.00000000000001,"height":80.0,"uid":"com.gliffy.shape.sitemap.sitemap_v2.photo","order":24,"lockAspectRatio":false,"lockShape":false,"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":31,"width":110.00000000000001,"height":25.0,"uid":null,"order":27,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":32}],"minHeight":0.0,"growParent":true,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.rounded_top","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":32,"width":110.00000000000001,"height":25.0,"uid":null,"order":31,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":6,"paddingRight":2,"paddingBottom":6,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(255, 255, 255);\">Repository</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":25.0,"rotation":0.0,"id":33,"width":110.00000000000001,"height":55.0,"uid":null,"order":34,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":30},{"magnitude":-1,"id":32}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":32,"px":0.0,"py":1.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.sitemap.sitemap_v2.photo","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":661.0,"y":248.214,"rotation":0.0,"id":164,"width":217.0,"height":70.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":110,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">A offline key is used to create tagging keys. Offline keys belong to a person or an organization. Resides client-side. You should store these in a safe place and back them up.&nbsp;</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":661.0,"y":377.214,"rotation":0.0,"id":170,"width":217.0,"height":56.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":111,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">A tagging key is associated with an image repository. Creators with this key can push or pull any tag in this repository. This resides on client-side.</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":123.07142857142856,"y":10.0,"rotation":0.0,"id":171,"width":100.0,"height":132.0,"uid":"com.gliffy.shape.ui.ui_v3.containers_content.speech_bubble_right","order":112,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"MinWidthConstraint","MinWidthConstraint":{"width":100}},{"type":"HeightConstraint","HeightConstraint":{"isMin":true,"heightInfo":[{"magnitude":1,"id":173},{"magnitude":1,"id":174}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":172,"width":100.0,"height":117.0,"uid":null,"order":114,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":171,"px":0.0,"py":0.0,"xOffset":0.0,"yOffset":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":171},{"magnitude":-1,"id":174}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":171}],"minWidth":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.containers_content.speech_bubble","strokeWidth":2.0,"strokeColor":"#BBBBBB","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":173,"width":100.0,"height":29.0,"uid":null,"order":117,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":171}],"minWidth":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(102, 102, 102);\">&nbsp;</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":36.0,"y":116.0,"rotation":0.0,"id":174,"width":24.0,"height":15.0,"uid":null,"order":119,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"ConstWidthConstraint","ConstWidthConstraint":{"width":24}},{"type":"ConstHeightConstraint","ConstHeightConstraint":{"height":15}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":172,"px":1.0,"py":1.0,"xOffset":-64.0,"yOffset":-1.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.containers_content.speech_bubble_right","strokeWidth":2.0,"strokeColor":"#BBBBBB","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":135.41772151898738,"y":17.499999999999968,"rotation":0.0,"id":152,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":120,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#ff0000","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":153,"width":14.0,"height":18.0,"uid":null,"order":122,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:bold;font-family:Arial;font-size:16px;\">1</span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":294.4177215189873,"y":535.7139999999999,"rotation":0.0,"id":221,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":155,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":222,"width":15.0,"height":16.0,"uid":null,"order":157,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:bold;font-family:Arial;font-size:14px;\"><span style=\"text-decoration:none;\">C</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":211.48915009041588,"y":539.7139999999999,"rotation":0.0,"id":227,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":158,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":228,"width":16.0,"height":18.0,"uid":null,"order":160,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\"><span style=\"font-weight:bold;font-size:16px;\">X</span><br /></span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":294.4177215189873,"y":402.714,"rotation":0.0,"id":229,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":161,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":230,"width":15.0,"height":16.0,"uid":null,"order":163,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:bold;font-family:Arial;font-size:14px;\"><span style=\"text-decoration:none;\">A</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":185.57142857142856,"y":17.499999999999968,"rotation":0.0,"id":237,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":164,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":238,"width":16.0,"height":18.0,"uid":null,"order":166,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\"><span style=\"font-weight:bold;font-size:16px;\">X</span><br /></span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":161.5,"y":36.49999999999997,"rotation":0.0,"id":239,"width":20.0,"height":1.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":167,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":152,"py":0.5,"px":1.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":237,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":17,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-2.9177215189872925,-4.0],[6.078661844484657,-4.0],[15.075045207956606,-4.0],[24.071428571428555,-4.0]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":266.0,"y":202.714,"rotation":0.0,"id":250,"width":7.0,"height":413.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":172,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":79,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[3.5,-3.0],[9.5,496.99999999999994]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":35.21428571428568,"y":339.714,"rotation":0.0,"id":253,"width":187.85714285714286,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":173,"lockAspectRatio":false,"lockShape":false,"children":[{"x":77.85714285714286,"y":8.0,"rotation":0.0,"id":125,"width":110.00000000000001,"height":80.0,"uid":"com.gliffy.shape.sitemap.sitemap_v2.photo","order":83,"lockAspectRatio":false,"lockShape":false,"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":126,"width":110.00000000000001,"height":25.0,"uid":null,"order":86,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":127}],"minHeight":0.0,"growParent":true,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.rounded_top","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":127,"width":110.00000000000001,"height":25.0,"uid":null,"order":90,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":6,"paddingRight":2,"paddingBottom":6,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(255, 255, 255);\">Repository</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":25.0,"rotation":0.0,"id":128,"width":110.00000000000001,"height":55.0,"uid":null,"order":93,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":125},{"magnitude":-1,"id":127}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":127,"px":0.0,"py":1.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.sitemap.sitemap_v2.photo","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":7.571428571428527,"y":0.0,"rotation":0.0,"id":122,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_right","order":95,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":123,"width":71.42857142857143,"height":50.0,"uid":null,"order":98,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":122}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":122}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_right","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":-7.142857142857139,"y":0.0,"rotation":0.0,"id":124,"width":38.0,"height":18.0,"uid":null,"order":101,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":122,"px":-0.1,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">latest</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":7.142857142857139,"y":50.0,"rotation":0.0,"id":119,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_right","order":103,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":120,"width":71.42857142857143,"height":50.0,"uid":null,"order":106,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":119}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":119}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_right","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":-7.142857142857139,"y":0.0,"rotation":0.0,"id":121,"width":26.0,"height":18.0,"uid":null,"order":109,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":119,"px":-0.1,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">2.0</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":330.0,"y":10.463999999999942,"rotation":0.0,"id":261,"width":155.08307142857143,"height":168.072,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":174,"lockAspectRatio":false,"lockShape":false,"children":[{"x":85.65449999999998,"y":38.0,"rotation":0.0,"id":245,"width":28.0,"height":43.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":171,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":193,"py":0.5,"px":1.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":204,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":17,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[2.510849909584124,-13.999999999999972],[16.0465641952984,-13.999999999999972],[16.0465641952984,39.0],[29.582278481012622,39.0]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":null},{"x":89.65449999999998,"y":25.0,"rotation":0.0,"id":244,"width":24.0,"height":1.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":169,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":193,"py":0.5,"px":1.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":192,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":17,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-1.489150090415876,-0.9999999999999716],[7.534659433393642,-0.9999999999999716],[16.558468957203104,-0.9999999999999716],[25.582278481012622,-0.9999999999999716]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":null},{"x":115.2367784810126,"y":62.0,"rotation":0.0,"id":204,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":151,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":205,"width":15.0,"height":16.0,"uid":null,"order":154,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:bold;font-family:Arial;font-size:14px;\"><span style=\"text-decoration:none;\">C</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":null},{"x":115.2367784810126,"y":9.000000000000028,"rotation":0.0,"id":192,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":148,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":201,"width":15.0,"height":16.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:bold;font-family:Arial;font-size:14px;\"><span style=\"text-decoration:none;\">A</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":null},{"x":65.0007929475588,"y":9.000000000000028,"rotation":0.0,"id":193,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":141,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#ff0000","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":194,"width":14.0,"height":18.0,"uid":null,"order":144,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:bold;font-family:Arial;font-size:16px;\">2</span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":null},{"x":55.08307142857143,"y":0.0,"rotation":0.0,"id":195,"width":100.0,"height":133.0,"uid":"com.gliffy.shape.ui.ui_v3.containers_content.speech_bubble_right","order":129,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"MinWidthConstraint","MinWidthConstraint":{"width":100}},{"type":"HeightConstraint","HeightConstraint":{"isMin":true,"heightInfo":[{"magnitude":1,"id":197},{"magnitude":1,"id":198}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":196,"width":100.0,"height":118.0,"uid":null,"order":132,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":195,"px":0.0,"py":0.0,"xOffset":0.0,"yOffset":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":195},{"magnitude":-1,"id":198}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":195}],"minWidth":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.containers_content.speech_bubble","strokeWidth":2.0,"strokeColor":"#BBBBBB","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":197,"width":100.0,"height":29.0,"uid":null,"order":136,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":195}],"minWidth":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(102, 102, 102);\">&nbsp;</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":36.0,"y":117.0,"rotation":0.0,"id":198,"width":24.0,"height":15.0,"uid":null,"order":139,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"ConstWidthConstraint","ConstWidthConstraint":{"width":24}},{"type":"ConstHeightConstraint","ConstHeightConstraint":{"height":15}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":196,"px":1.0,"py":1.0,"xOffset":-64.0,"yOffset":-1.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.containers_content.speech_bubble_right","strokeWidth":2.0,"strokeColor":"#BBBBBB","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":67.0,"rotation":0.0,"id":180,"width":67.309,"height":101.072,"uid":"com.gliffy.shape.cisco.cisco_v1.buildings.generic_building","order":126,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.buildings.generic_building","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":182,"width":56.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Company</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":184.8354430379747,"y":72.46399999999994,"rotation":0.0,"id":264,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":175,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":265,"width":21.0,"height":18.0,"uid":null,"order":177,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\"><span style=\"font-weight:bold;font-size:16px;\">&nbsp;N</span><br /></span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":162.0,"y":36.714,"rotation":0.0,"id":268,"width":18.0,"height":53.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":178,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":152,"py":0.5,"px":1.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":264,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":17,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-3.4177215189872925,-4.214000000000027],[9.708860759493689,-4.214000000000027],[9.708860759493689,50.74999999999994],[22.8354430379747,50.74999999999994]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":416.0,"y":634.7139999999999,"rotation":0.0,"id":281,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":179,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":282,"width":71.42857142857143,"height":50.0,"uid":null,"order":181,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":281}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":281}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285722,"y":0.0,"rotation":0.0,"id":283,"width":48.0,"height":18.0,"uid":null,"order":183,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":281,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">release</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":305.99999999999994,"y":595.7139999999999,"rotation":0.0,"id":277,"width":110.00000000000001,"height":80.0,"uid":"com.gliffy.shape.sitemap.sitemap_v2.photo","order":184,"lockAspectRatio":false,"lockShape":false,"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":278,"width":110.00000000000001,"height":25.0,"uid":null,"order":186,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":279}],"minHeight":0.0,"growParent":true,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.rounded_top","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":279,"width":110.00000000000001,"height":25.0,"uid":null,"order":189,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":6,"paddingRight":2,"paddingBottom":6,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(255, 255, 255);\">Repository</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":25.0,"rotation":0.0,"id":280,"width":110.00000000000001,"height":55.0,"uid":null,"order":191,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":277},{"magnitude":-1,"id":279}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":279,"px":0.0,"py":1.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.sitemap.sitemap_v2.photo","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":416.0,"y":584.7139999999999,"rotation":0.0,"id":274,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":192,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":275,"width":71.42857142857143,"height":50.0,"uid":null,"order":194,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":274}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":274}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285722,"y":0.0,"rotation":0.0,"id":276,"width":26.0,"height":18.0,"uid":null,"order":196,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":274,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">7.5</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":211.48915009041588,"y":399.714,"rotation":0.0,"id":289,"width":23.16455696202532,"height":30.000000000000007,"uid":"com.gliffy.shape.network.network_v4.business.encrypted","order":197,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.encrypted","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":290,"width":21.0,"height":18.0,"uid":null,"order":199,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\"><span style=\"font-weight:bold;font-size:16px;\">&nbsp;N</span><br /></span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":584.0,"y":467.714,"rotation":0.0,"id":294,"width":54.0,"height":54.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.events.timer_intermediate","order":200,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.timer_intermediate.bpmn_v1","strokeWidth":2.0,"strokeColor":"#000000","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":297,"width":88.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\">Timestamp Key</span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":661.0,"y":476.714,"rotation":0.0,"id":298,"width":217.0,"height":42.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":203,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">A timestamp key is associated with an image repository. This is created by Docker and resides on the server.</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":316.5822784810126,"y":420.714,"rotation":0.0,"id":299,"width":30.0,"height":30.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.events.timer_intermediate","order":204,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.timer_intermediate.bpmn_v1","strokeWidth":2.0,"strokeColor":"#000000","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":183.57142857142856,"y":421.714,"rotation":0.0,"id":301,"width":30.0,"height":30.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.events.timer_intermediate","order":205,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.timer_intermediate.bpmn_v1","strokeWidth":2.0,"strokeColor":"#000000","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":181.41772151898738,"y":559.7139999999999,"rotation":0.0,"id":302,"width":30.0,"height":30.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.events.timer_intermediate","order":206,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.timer_intermediate.bpmn_v1","strokeWidth":2.0,"strokeColor":"#000000","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":317.5822784810126,"y":556.7139999999999,"rotation":0.0,"id":303,"width":30.0,"height":30.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.events.timer_intermediate","order":207,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.timer_intermediate.bpmn_v1","strokeWidth":2.0,"strokeColor":"#000000","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":472.40133544303796,"y":397.714,"rotation":0.0,"id":306,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":209,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":472.40133544303796,"y":348.714,"rotation":0.0,"id":307,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":210,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":472.40133544303796,"y":478.714,"rotation":0.0,"id":308,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":211,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":37.214285714285666,"y":483.714,"rotation":0.0,"id":309,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":212,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":40.214285714285666,"y":533.7139999999999,"rotation":0.0,"id":310,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":213,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":594.3333333333335,"y":570.7139999999999,"rotation":0.0,"id":314,"width":283.66666666666663,"height":20.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":215,"lockAspectRatio":false,"lockShape":false,"children":[{"x":66.66666666666663,"y":4.0,"rotation":0.0,"id":312,"width":217.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":214,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Signed tag.</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":null},{"x":0.0,"y":0.0,"rotation":0.0,"id":304,"width":33.333333333333336,"height":20.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":208,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"}],"layers":[{"guid":"dockVlz9GmcW","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":216}],"shapeStyles":{},"lineStyles":{"global":{"strokeWidth":1,"endArrow":17}},"textStyles":{"global":{"size":"16px","color":"#000000"}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.cisco.cisco_v1.buildings","com.gliffy.libraries.sitemap.sitemap_v2","com.gliffy.libraries.sitemap.sitemap_v1.default","com.gliffy.libraries.ui.ui_v3.containers_content","com.gliffy.libraries.table.table_v2.default","com.gliffy.libraries.ui.ui_v3.navigation","com.gliffy.libraries.ui.ui_v3.forms_controls","com.gliffy.libraries.ui.ui_v3.icon_symbols","com.gliffy.libraries.ui.ui_v2.forms_components","com.gliffy.libraries.ui.ui_v2.content","com.gliffy.libraries.ui.ui_v2.miscellaneous","com.gliffy.libraries.network.network_v4.business","com.gliffy.libraries.flowchart.flowchart_v1.default","com.gliffy.libraries.basic.basic_v1.default","com.gliffy.libraries.bpmn.bpmn_v1.events","com.gliffy.libraries.bpmn.bpmn_v1.activities","com.gliffy.libraries.bpmn.bpmn_v1.data_artifacts","com.gliffy.libraries.bpmn.bpmn_v1.gateways","com.gliffy.libraries.bpmn.bpmn_v1.connectors","com.gliffy.libraries.swimlanes.swimlanes_v1.default","com.gliffy.libraries.images"],"lastSerialized":1439174260766},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/docs/security/trust/images/trust_components.png b/docs/security/trust/images/trust_components.png
new file mode 100644
index 0000000000000000000000000000000000000000..039dfc8cf323cf1933ebb385a5b0edd2e6be37ab
GIT binary patch
literal 124071
zcmc$`^;ebA_B|{}9Qx3m(w!m=2Wga)4r!#jn?pB}g0zHmw{)k{AT1%?poHJ&i1)tZ
ze*S@X41RLR-uu~m#awgEMTGKe84Oes)F)4#V93e7RDJT~DfGz`_$d$)@Gq}xMmwK8
zp?V_sQbOIs;NT;&hx*KHsF)W7tG!W~T?!)Zh0R0*k6KLi9Nd-{poiB7ABouZ9PE$S
z8bm0i97)5-+)fxci9$^k9}kaG5D#AbQznu*R4|b)V6oSD+!H*SSv%5tmD$=+J8RH7
z8AHl%7Z8FV8}PqBoyQ=&JgN(!4ChW-arpoF$pI;YooM2pp#0BIKsHVe)rDG*^Zft(
zXV~vb3<~_8CB)(V<O6~xl`tlZ-v6I<o*+{1{NH~<xnY7sg^2M9hrRmWqlm-fK{KEJ
z-woG_5Ew!C(<krVy?fz(#fpQAn~<3qU8-66n+fGSj2sUS%565B<94_RLPzKAkZ2Hx
ze+`be2o%QsvCwHu0q03SSetA4HE)}*`-9x$wRB<v8@Y*})hl%O^f>NKGZ~VmXhs(~
zZ4Fzlv<VOf8W^$t*(+$H6?EJ{$ji^aw_dZOC=c&O!XROE9EAKk^AVM}#4hHZosIMD
z)#2V@N7CL*X})|ivyXypo(QkKf{#y|j^#*4AJ1grE7C{^ZgZ`bFM_Gva1;%js`$Cp
zl=r8&{H)Txr`G!+w%?n$_NGhni%<;|{;eJg&Y|K($ah!I^F%UBU<i5%MTy!6g(I7<
ze({x$k1FD%rR{Z%singi3=SBT@l+{jr^T_ym(0-T(SI4BP$z9_T3}VBU29&fk{@bK
zV!`t7QXSquLCnooM8tlU!EdjTZ@c<Mq%SAqfE}&#RmO8BrRZ>{(1_+Cu+6Nz__m3c
zSIgP!h}6iwON3rY@7+mie7?y~3WU;FO)CgC2`~e@`v6-m&2R-06{g(%(hQ3<>J}8v
zFaF>FcO*($WrhZaVup!^CMhl+fJ4K2^z7t%)xQ+18XDU&fn<~ZcZFow3R(sPzBM-{
zvWd4C>`|iHcXERj9@g5jo%#rMoK7gX$zs6o=0rG0ki_r85#Uh4!G0X@0VC2(aB~(~
zT(SsdYFPmDXZ+c(?3nhy+?yHU5$rX%p@S186dpLhk^W-0EQrs(*zWB<@sr5=@dek;
z0kiU5=}mzfhDZ{S)l9zK7QZI_7&LkR{4G{a;*hK=@e#{a^g`!Oki~pp``=Cdp8;>q
zK)`R7>$ncjX-`pQLtN#~LG_2-kiv2XmFNYSNc8)eJr)O3Dt8t20q^qzkr0z2T!$;4
z$UVpX{u%IM0m;!GQS=_Z0;wRX+JTWJmUg-rcun|%m1T+|%M9x(^zWU7{JoRKlaPMv
zN;pbCkZjP0)+2bGx<OjcwI@|hbPgv}oJR1RuAc`~4XWwjDIc0}-vrC&YA*e@RDPz`
z*-uw!Jo3OZ??r_w>HWN?_<@>Hzov=WgzGy+=tX4m4Jq8X<V4Mj!*%VexAw3|(P;?8
zfZq|HFmx@$2~VmA0+w3?<3!=lMiiUg;htPfiSN&L@~?ViHaaYRe>Goq%`1(CE_K{+
zd7g<<jZ)&VnemEIuL*1}wln}%u}l-WGktJM+Xi#GP*mtzL=eSyC}q{TXwe{;ie(aT
zy&dO7FMmUWKu|6ky}ZuFY%I=#!!=p{h8&;k?Q~S`0XhFPMX0Kg*`vXJQ3T>jYPmJf
z^Bw|{XVO}|YZGEmw}#>5<T`^8J0tPa%P;ql(Mge#*wFOaK;NCQsI<>t;(5vbvifDf
zs^?2o%Wx$zgZfFmGQ}1oqxF(Zb&7ksBiI_rXwo)Dg{~M+^;^YSty!xh_cqP;E8?{a
zM)caSDG?*Y2gS~KPsa6)3E`&)3r~el0_cpzvoKVDTyuPd@3=?8V@GGzw?bjM?xe}x
zto8dIk*rHIjh6SiaT+odU|g(`i)W0ZicRbb=YJ?1INz&&xAV}jJ6Dpsp3m7!5qceo
zpZGT>-UtFFY}j}*c1m0`nI<%c1J8^mrhPI*V}CF|DiT~X`Mxi=q3Fc_&r?D723Ax_
z$w2MeC)i1L>}Rw7H+5TS=ifgvzf>pis`PKi4nf6-bi{U9t*$LNGg&FE_g77M*l8hO
zSm`Q7bQ5luNnB3~67h95OO;b!Iq=9lKfXuE%nIAUAmbgRL11__j2G0L`|CpO?V0IF
z6g8Fy=DeFqTM&m|4MAXEl<`K@)okj^W(-NlpatuEtX-}vr<sR^BtziT6=xlPS@hpz
z^It2{wwx}t(7qVjP`W}{anoIi62gwd(P{B(H}hY|5_@voj-2^o-ED(rk2#s81R`aY
zy_R;ZX=FK3*c>U0Lh9`}t|Kf^RgV+0A>reEM9-S;SE*)X5<1^=NV@=M&#*QvoRlio
zxQeNmZRbfZyU@0P!{xA-w6%J+Axnc)cT5+pM}st5Q4dY@633ocn@=xQuGA5rL;5u6
zZ1nTD16iDW-IcO%X#3KPOi6%oJm*<8&zYay3qjVRgLTXNwz$V{IYt3IVhGQ{E0;P-
zOuJJ`S|>bWKnWq6Hg%|U&|M)#>k3aUA-Hm@W0{DXKB_|~OFO{ckT?e-vGvN|tN%?K
zPoYd!4_Ilvt~rD2I2q20i*coI0J+YI*>v=s_svk-7Uvip>`QherV0rp7;`r{I&4s|
z@Q<?(h?8hK+&u-<O9?prztBbB)lLLVh&8?>@en64Mxiup+(|;EOa;s?n|-PL3UxS3
zVu6EE1rf*CZ?hjmk$mBe6aiUWOF%V`pC<K>7%NTAUgg&dJ@FJ(IFE7DA4uT43>xmh
zhi$yZRQt0<80CI))XFxX_(SuD_bKzR$Oc`K_YbP8yO#w+SKzo+WU&L~sE+9imZs~i
zKCQdic0>x6)7^}Yw{Pd@hZSxXYDAiRwwMc}cQ+jDKQ@H*u$@ce4AQQh2;=24<SC(1
zQu1TIa2cd|QX3`gi5V`Nlq$D4LXG|YnT!r(a#@R3T|Eo#IQB3wrR&Yf-1vKW^x<=A
z{)D1Kk*sq)%1ek`7UB-O!SHoRV%EBV4VFmEiO#?HKPU}@9EH#+Gz@IVpFdOLRXlq-
ztln&Iu#1J(oRD(&;&5LbwE~$(7crN0*NsB7lpx?Xc3?fGl7Br;y9YHBv6kRa{4`JM
z#37p?tz+*AW>)yXL4-SjhoJ%C3tOx(-R&6Kw*gdmfrLbsr<n3-yU*gZxTChWPH|Nj
z6X0|Po1yXkry)|xE!Bh7JYsjQgTI3;Z!$(suhN!ghzmUNQ3SA>n&*@uGIYjkaaf@O
z_>hYFzMUXahNl_yunZ<f4||Dz*h_R*NFt8}y@oC~*j}MQWR7@-*cTAjgT$~F=?;E;
z8PTj@l3;{<Te)Qfz2c@V<%0(FOdw+W>3m~6#ndP<mLo|vOql$d&cil=A;(Kc{e$0*
zh#OOe1=~@xQAgmimEd@-CPwD;ki~sR_hU+uJPleM_)L>xKd~~ruF)TJsb>YrgZv--
z`vLiTt0BOxa$rM;hK9mpW2H+}KPf9*v6->pLH)Sb1r%FBFYfdh)fst=lAu9K85$0W
zMA$)z(Cs@<g;i#aIuFotQ<2uylPeoF!;qk;osO5)G;U_#BVMm8zEPKN2YgNKuk_Im
z7e?8)f9e0I63Mhn$A1K$H#{(4SpDU3cNG<to1aD5@gF`!%24|9hA|dUUA#w`Fj|!A
zT;B--L0-)-uz)_vG+akexi~kdU_*Pn_%&~lrRM8xb(X0mERTH=iTjMa@zl9G82&;A
zsz4uDq8qw!u*#*jzuH=RH^j(@Jg%Vgt0xQ%6C1Z7k(Z|N_QxP9ZX~Gtdc_;7<L(TN
z!vF4+HBZ?LRnM77=8r&SY-V_LOTdhOb}y9L7VTgtvV6dCYnU(DZRP6Aq|X(}S6pQ(
z4TCjvcuX<EHd!!*um`xSs|yr=KeB*|n47^smGO9(6A%DGDU6WLh1O5Hm4t)W*ZYqy
znbbl4bH#x%SYkHh9tkv3(_JTtvm%_FU<nBcM#C?{Kb*_)*mTtOowtVZFB9$>@tS2=
zA|fKRnjCU}PvuBF6~3A`@wizJtG1CL^IIm%#mstMqs~ZJ{B3-n4RcA-Ua~C<;fxw^
z&I=len;-9$^6Xc?>@K(R%croWhae$R`&0Y_iceto#Oh$RPKXVMfJiLE%!PeU^1N3s
zBe+EB2A^GzXs*&w(?4n#*GQ|;PG7y$eCS5A&BKunJoW9{*+G;~qwUi3GQ$o7{iS+q
z&9>irr8mbDTxnOmwl|u~k^M1GJD;khmUx|y$fxNB0~R>BQp@enkmF4uPyf~bq56O@
zY16boF$+DK#B9|-eCd{US{>)BY+XRaEeHUv6$b1vL|pKaVVF`2HD=U12^2!_1GJ;u
z@+>mEER}291R;5H%aOZtTuq(tsKdUA2~@ep-jc--O_EI8#=(0Jqx~z7a^3<@fXH(e
z!9r$W8O|U+j>V!m{sNPb!&oU8N$XD+@~of~!Z79OmHrnWVlFN&StTXS?3qeK%G}&s
z`L%b(T$SUrw6t%(=1C1pG8!4zfP8jy!%ilbNICb#+L=HxwKUdeaPTczXx`U4iQPoL
zX?H{KZ;VHYXlKi<>6khED-7B{`yHPd7ps1fXH+Xhr<Di55d4RPgj@rfcT(OZrru-E
z;)H|LieBeBZuS$2`3WO^=OKFEu^5}gt56WALPy8;)K>_}q&waXQ?q1*0<*E3^k0cX
z#RBuBbZkrxUPT<}RY4}9M3d{j#=$}@vVMz;M5`MjM_ru=bR?By04Nd4yg_s<RItjx
z4Rgv4c48-jpMg(1ce0oCJ46T#vITH^w#TLP@}*}-6p|Qod$T~|5d=+cha~c;>@lGj
zq@Nv}u>EMjbe`&dLCO^gB7J8;C0f<SyQ>{y(xUe`U-VqzSHC#Li7eONk_cqD>}itD
zq(fr~^sgN1uvcXM)jSJ-oioY7BX?a|g0V26Z!Hp^#o^|}i0;U0wk*A}?<JVsppA%$
ziAfu07-pX@cQ{?KColClRlpBbrYMR1agA5{&>RmC9WxaZ6UvUgId4o%%o~m{Q~#<1
z<fNV8LkeSC${LLX4-z^>bzvxu;O~Rli9Cbz*qgPY_E5C$`+?2VyMvkevjqqJ=T+@m
zsUl={A^eYEEnZv$uoge=XMn9VX@es@uMU^Ovi%>3fy$}R_j)<CvhPeVEFQ>7^nzg}
zQ2`Y@L2^OL<Qg6C-fwmO_K6G^JG~njq4va-m2I*Gy)$Tx1ea-6W}%XI+#a=JQ+y2K
z|FWXB26xdS4xd9ctq?u;SW0`K0uQNF4IR3ltUswej6w!MPOsRsYY<LPPl-gl>QKq2
zbQwXHIGdLb;^K48U1LGYwF88PK7r0V<LeO&S>jRxBUJ%323>GZk#Yb_idUWnU^ig)
z5}VhLzV0Ul3;Cnv*6TY)LCP()PFwN^i}h%URFK5cT{b+ZSH!88KUL0t^BQ#!r=TE-
zNq@A;La-zRQbYFYea2WUxlpK}>mDN)V@S{>rTOy#*}u=369yD96gmbz<rN{>$f(_K
zN;OLIX=&BVT=!>N*d!#1Nr~-Gp2AFxf(F#bTG@W}0re@lut$}kG(;(vYFaXC?jJ~g
z3S5AH755W;G%+kZD8O&@0=FJPA>x(OI`%8%>O)-6q=9PNcs6L)i`^rh>h7>{b^3hm
z*G{$!PzbuFM+YervKuJ=J=7X9j7sPn<bL_MSgZSSe`Uu*q(-?;NiWz74KdfixNU{<
z-%8)BO^{do|M<EVywuM)M?0)0M$8pS^1%3;Dg(r@0fGeAdSB<pGlxppWfz>nuK)Sl
z7#3;apG*#z@9mNmvj6=)T98uai(DK<-?JeG=B45+h(vK1K_%Valyrg&7}djDGYb)@
zp+5#K1F6hsMdG(VWY_vJTK9#WeuNM6>a@DqCTmICV@uq0_mC$zZhctMJ#YJ>{?^f_
z-iL!eZZ~>1ru64$%{hpk=2%-A!U02$HHB9^Rnn#zt&h*c-7m{;1rhg8%~gr@%RIOq
z5AP4q3l~^ILWJBcJ_2i<Dp;O*uVkMbwa;w@oirPfD_2SjNU}ZL4V0d)G-csILsiYp
zDrnZqgOoAzu`n>+1SyXbCq4an$aVo<REV5Qc&uj7{wD7_;Jw*!wJlY^+X4!}ZT~?2
zk>4|YsRza~QpK6f3)!-_h_p3Vju6#qsp|~>S<BC`5Zdu;o3zemLA8;}$NoV>c)AEt
zb*l0O52~v@0MYmCBSby?yWDJk*);XI?$w0#l%Gid2L%4*oy?&<00@L;`(yH2CCM=}
ze|~GlXT9zF%9NJVDoH^E8f<6~-POn^QTsc&>^@SdO?~YJGjj6iIZ5-M<>Q8psh!(A
zl|xj-Su^jzo~y|jR1W&UJCxlIVKg9qTlhjnE`m~MLAKzQs>IFk&i?5(ZX>Z^Y!AbP
z(bYx=6A0te@bF_k(USli2|r0B2LrIKrH5gflgqgn%C6}Wr?j-?OTpGKhrSe$Pm?8s
z>NoBKyQwU+unU_=6v@Q}=XWXAWDQ|QDIQNze!LQ&6E2_{b!S!qpQTDanr%5?w(T=c
zg13N^7S-Bm>K&C)xkyo7)~z32P4Z|M>^CF0jP+>O1{`-FXZceU>n(6Io?b1fk?;=Q
ze?}t=p!9nJ4<FF%d{{E%6~jZF53B1ok6ZEim{Y4~3CRr|HdvSTZH2rq_gtY;y+$VU
zOg^`f4<?RvEiMa^glzx3M;zW07ciUm3+sny7%&SjCM#4x0lY5UgY*Sht7BzeG!&}U
z`?gf0WzSU|EdOk3+pc@Ke89C{bFy!SIi()}Okd02d<<eAJNE`ce-r-7W2_K|*Zx~>
zMW0*&AOy%l>X=iX5ZZn<uSHY2Fqx9ac-D%zpubOj3<w@XfSqCSgljKzIp<beOi&DN
z*mMTKX*JjoqY|>)+;Bz{Koc7t9&V2ZHu|De3KfZMmKrd|KJcmCe{uPV)8c*{`%%a}
z5AgXH9w$`8i{?_iZ(Yn6djgKCQN^g&#?Jr7aHcT1zjyx@R-;d0drLnxXS*{tF`0q;
z8iq;U{S-?$;P}h!I156qmKngwff5|}p6Iu_^?l&8R<5&D8BOOwHW`S0lkI=nN9b{P
zI)K5Sr+vlQmR~kmgyL}yyzs@(lA*3g&uNMWVkMeUYb{egp`T`@LEmx5pNh61ol|<O
z+}WMRRX<XW_KU>dMILBEZU^Bcd{)K&?nmE=_h-x1Xuj?m*NH?QQSP5(!Ap<#EVsIw
zEY`i#VzxkqC*n2*8F+5t*Tp-dy<#*+g?M%)XJ(esJpJ(8)(Ud$T=`AbyQyr-Cj7DF
z-3Q*ls~zQ#G~g>52Fm*A7v(c)i8KIw1Jo)Lmc^CRS|=Q@{mOUIPQgm<MGC=;oh{lN
z5D_0%ebwprD*3^Bf>>Kxw^{@vFE2sh2>DqkINa?13R=x9kt$aXQicmikFn<%7JJBb
zw}o)>2}wRsCB+Z#&sCaS?0z+<51S;IO<~hb;-742yPVb4n8+no>$UVw`zka0^A;ic
zL)hj(+yGDuK$+isUIXqWxXrQ|cm*&aA#$ysf;md}<^Ei$NUu(UY`CcJ?<P}jA~UR1
zmz0=))df26l-XQn4^O$gauZTg3KJ{U%e1h??l0cUPj19eKw=gP<ldjGcpsPeM`}_D
z3zG!~1{RKC<{ujA$Y@t9;c^;NM9RGCT?Jst$>{*4?)9qZ`6y2spEben%l*GtKq?ZC
zE9nz)kaFTH5dey(@!MzBSDIgn@e@hU_b3nkhbiHJA)S!)7&MF#jMPT7?t%i^WOeDp
zQQ3r(s;Vl^=}N=Zx`nQg?01&h)tInnwVtaeNs+pV2&)28_#Qu>Nk6*q?Ln=em)Ytk
zb5J*r#W;)r-}^K<oXo=IuqOUeS{gz_^MUuBvEe{w)3B`fi?0|f@{hs90+s`N*UZ^@
z+w{R-9)9n89M;d(j3O+R<(n&F^BfvU`)e23<8Yc#$aj|{Jd@e*|8tui)Zl(>VEx?i
z8Pf-95G-8JToW32z$H5D^${BO3LUov|C}n?+)6ckUUS<#YZfY^c+5-sNYtKq0V&SF
z9&(HHb{o=@fw&GJhRH9!-iX!i$19f8#R-CLkm2vm&Rjk>4!2MC+lCdrcMniGu1(;j
zCnQlQ$@#4CzWjOcmU>eY`#MW_0k2yct(!%&qPV@+>0!6Yar5NZ|Br4+?0BZYl-ZD3
zbVC@^nl{s;sZGFgw7~mqQ7Rrnk`-o<8CC%qPi{!0{PW%x*Zn-RkrZad(a}j2p2Kwp
zwGTbK0Rai;%Dry^f1XicQ#Ca_0zTbPZJaLocMJiP27zwV!JrQx*rP5CZYucAKdVB4
zr9G~?bTkZmd}xCOc+nh!r?J77M1w*H*s}SJHWUahN`<^(@1DTrZ|BmQ5DU4nivIe6
zJHxW{gB!_(XO0<&SUQF3zYedDS1D6D45cG*=#n~<Yw`6H^!gdS)A}+m|6w6|V6W9W
z>sXca=1FiDujM3_@JZ*>o1@la#Z!>1Y8ahDN--2GPWUW*N<#?fUXbuw=IkYOY>i5=
zl@_zw(U~fuk@NNNye$;T4DCU^3k^^?cK{HAwqI(gM!70F4>z}Ri7K7T?qrukp)_hY
zfFVnGWVX_x54<U!(a@+fHsjU49|4@I$EX(an1ZumEXLIK7+Gc`2QTm)N6%XumwJ}(
z=D%<uM5l!{cpp3MC(~L2Af{Y~QiyuMSXNqPL6XszO`|N$mC<Q@Z>=kM<|}cn#YBG^
zmq~PBwgMaADs|)4#{br*1J<uC924ZUH?;f<`nNds<vYW7f;{GEx!xbNj+M(Mrca3d
z`F=78_e=!J9+IVG0<56c-|hGKKpt4Yr5#r%tBG9xO)qNOJ7cu*EO7RI>_F#B^<T#-
zfD3SonDyP$dXMvNr8QNs*Bzb-a(jFLzZfBqd>y*0M;_rag&dIOpN$#&6t#J-%Sc$>
z`MiyxrGjNESZC}JXNtr3!}>R&`2%wsV`yTikhpAvgPc^HlkFXN#N5=^f^Hd)F?SOP
z1YVhPqd(*MIqn!iW9hhM$^Vx6^`BPI|IbT}5<poRUcNP%e|LZxCo%j9-7Em;Up%Xm
z<NH3tMO03z$@86Y#SW_{unN)$KH2uPOra9?7DbHGpwyTM2D%?*ZV5Z$jT)}gJh?7I
z8-?>D8HYxwV2yvl2nUD_>|F;B(rv!EM*RZNnzam3cb<yXrodP>t2~n^9Y%6X?cGlW
zW^eZcd2XzC<ajIe;r<YRBY;txqw%nf#j9u<ft&TTtfNXwmH5ZTPqy0ny0m;EkVnFk
ztVjI>ejgt>xQhlXfYM7}xFL4kDAn;A1EcXH|5A?wQCa-sYnTBhpdY%}j^TL=>9Lex
zH0b(y{(N&Nu$-$(cT+g#eWDxUx#r=3Ve4z-t6E=l+z?><>v8i2J3Ki1tT1U*$SLZV
zn;{(p0*=Utp2d8t5LHi_6`%{lLtrD*I4PLM-BznosC?;BD}s*L^&ij(L$IHkmgmv{
z|B0m#iTtFHng_&k4}eO@glEd?a^%riU#=FJ<Zg;Iqi#5-eSRz!Jk6^xSj-CYZY;IG
zf0+2laI!Gr{dk-r^v(>C&;b64p69lUYZ>-my4V`O2SGwm1xD3{gH0?dAnjILNkmCF
zscDg)_In(KnZN2(dZ2HmD>LU18RM#Qx%D#x)Er(uQk_%N;Q_xFaMs|?$bSI$HE`Cg
z!R4tO;H)$>G*up_#_FXS7(HQF?nHU44@gP|(P77yxx&FEKQ%euU6EY6|7}U+Bw=_f
z8EvI(GACUONtDmfoYb0mpD2w=`3P6X^&DFBd$o#WB6XtHfL}O^BI;sgyP_n|cD(`X
zwP$Wg4I28FbO6Y7E3qNQrU2l4(nP$ULnI|tnjDP6N*{nmPuY?)YOVc4MXD`mplHOc
zv^}WCLiq}9*q}S46l=3ThBQsEhJ|FBF>X_ZkkhUIIE~-z$unfK!ij%miEtnQzZkT-
z5PeU!L$cQde1G#2uxbSWq>RzQd^IMnZqsk@?8ANB8K!(f<K3%0^-d`Dp%ZN+`1FN&
z|8cQld)pbA?9FcYyT9D;$Je}@hgS~sPujSU180niIL*g(UVc>K`Z(V7ptg&I{~s*?
zbuocDD((@=rI*BfkrHLw#W#iB@69{_w%7&>q2RXzZ2PPwTm&ANi*bXqQKW~4LW*eI
zvjXcgLb57H#JGMN)V*ITi(#BVlrWQS@b;1SA)^MOC5VrsZD5IzWM}+i4*-&)0FtLv
zDkp#IE5CnNXT__@Qd<#xdci+&PjB3Y1B7dlnBz7^qE7b)*_nOR2?A0p_4<;q^~nx{
z<~VvklDx1VhluyCsnyO=2~y9va4TV1hV&-6WD2AP85XT<UY?(<hf(&oU$3BHhXUEh
zB|Q6p?qR)BQvQj2Qs)Ujn&0|)cP1a`kqHk|(v1}pB{G-YR<ZYgEo6$Y^70XrxB+3n
zjz7>^aP1H+Mj@4beT1W<ccIqeboI}}oRQ^6>4~0=#-lgXIUD3YIhwWbwTR<7bx$MY
zehw=%9ea?i+?c=Dc_OIRwoEY|{qb4{bXTt_99)4Lj574|#%>wgrQ=hI5~v#mmp%u`
z`Aq<1RBo`*4l7I!Z*7?wUSAhw1G;x+q;VTdnn&Y}>?oA@*u^3;KROIO%c7=Ko?5;3
za0FFKBCWmpmjYmg-m}rSehfg=a=icT>T|v99^VdCD^zr3e5t5Fe||fPjCUfGeJ^o{
z%(|N?v7mHwPl^0SE4{(qa>OF`*yKm|#NDr>pKN!YYUo*f3p|X?8ofLoqC+%DpKc<l
z?$&~_rk%wT6%i2;1x%e5p3c|4^2O)k^q+xCV$|rZpyfI<mQ#?Y^NzQ-S0e;^yw1f~
z4g8+B&WrD!l>L)9umQ1bIcWJZ=65&5<Z!WmzQvUV36m_`eC&ebixV#N3MABgd~W7l
zc8e(`yXb7_r*Vbo-Q-7bD;-rq5WK@)xPE&nQ-0zj1wQ)TjO)BT+C^&LmRo}*r1}z!
zxxcIz5*$@!y;RpC88o?ai@NtL8x0YA;~%4B4oiN)pOI&OqM^m$GQ57f-W@Vb%IS5n
ztH&fGElop5Cl!)t#sSdZFSzc@6#S0_LW;J_q!l;l)MN~rl&QCfqdPp9qKJ~DeWk#K
zMMaxmWhnbL<HTZ@>{>DC<dX)Ie|7~UW0R3Z2LuF=t*U`P2x4dpJVL%ySapFTDX{d)
z5DX<ICcXjaAP1mw5x!XqE;j7&!(^o)GAm1rsC!ddwiB!Z78Hu|=-@$ki7qPO&1cM!
z#)1@u*AOo8&LS|zLV3Tn5(FWhNTgG!^1il<rWB)i^I2;gZ_FUe=S=S6aEY+p`+7XV
zCp2g>op{Xq(FJ{A-TO+dngGX}AgUzl{{DVrfQOQO_3F(6BAxo^m9mvUstus_AmV)c
z#FQF%7VG*6SsaN2l(-Pu@UO9%@nEjQgX+5za-ommTN!ai7vc(^{SLoa;Va~O^?kz}
zqcW@xlMKG@$#|GQj~k}nW9DL{7^Hk|8XB=kb4@3a22^<C49Pn|rsU-+`O>kHdjMe`
zd$u)V(i@IVB<NBsFaB&HIPRldXPK1H*V<Piyv5oEW?(zj#yr8ex*Qsmk}R@$!2#dg
z7`B}>L7f{tha|G&XOD`DP~gjWF4}et40SAJcXxrJ=S@FAen;iK{wP?i*UVj^-x_M@
z_e+XggU#rZh}T6Yu99#djYL=4S)X)RpRR%V>(?Wl2Nup^m1Q|4>k3zlmSqnQ_mr)F
zy52j_QjMEVy!}cOl5C-jGxLKEsgK|bEyzq51qDT`&Jvq8NW2C+s;J7K-D}U23VCRR
zM|_+M(9Kkz(PB1PaMJtN>wjdiGL@4X5nqk%+EY}MLCZ#qP2BW-^w@F0DqKRd2$%P*
z(PD~=8R<~z_KQ89pb@g8FR0a-3}BY&HRAxqo63r$_7iDB+gNE==F(^M(X7X#tC2{2
z!%N9f8t>LG=2*{~f2-<O;013Y*QtgraeODr;(!?9Lb<gT_}h$nkjO-Rhya}uphQyN
zP_DrpLCd?j@wm+VUmo08AnI$e)5%NWLcjX2CC}d7=y48{l!g7pAmT8vDpJ>WqhqLV
zIhe;mPcQ9>(kn@|ZUWSJFF(mAt3Ut7WzxSk!dDG?r<EKu8MRZ%@1~C_C`OVT&N5e#
zv2wqdJpA^^FzjSDj~uaKD=J8tv`!d{)`ypi3md2{G$<efDUkni-+ocCX}?Ug0(US7
zK-^1+w{ZiTzZObA4vQa@PP}Vp^%QyZDr<lnXh~^Y(m78J32g{F$?`tx0!lA12??qk
znS{h{L&;7fhSIH((28Nr65Xc1`CG>4WYOJM`CNz%J0n4yja^aTB(N%WsQaofe|Nsx
zN&g%v69_GnsqJ65`lmp-mjYX9OZV|G8Y=_MvTQ{sEYj^pYfO{TOg{FXGrbb!)jySa
z5sldE`dAp{3IW==Ahs~xrU$@~=_xkQM--<3!_*PEnTLfPAc)+H_en|6_;@f2H!8%!
z0_)fv8c>AVZE=Ls*KuqUNXj2za?46x*zR@dWEyVZI8kjfpuWL$m<d6JRC1CEJ#s*6
z5Ex2@9*!5@NrAWf(}E^H@=W+Ixv7H*SX2=@W5~R*q6nA}ei_<%;~ZXsuh2_kT9^1c
z^Ii>r{kbrXF{?6{VV7`=4zNC}tF$t&|0cb7Az0y<PK*atWZq;@TQ&(TLFo=_`Gcmi
z^S;{7Up?hZ%sypM401lU8;$75&IE>CuwjD?jW9FU$d0|pA_`CHVOMiO9hpg;3^<bL
zfLImzPoodkk4y;DNR|ym!g4a&NR>EPyoThlkV*x(I~M_`YhGCiS&7}O^qr1!b9^Y1
zR^y-OB?O~N4Oa*65uF>$Uk0T_1ypTIlS6V6mW;18{xOh`H(>ixZQwP-TO|)xK-y$h
z{u+`~_pQZ|?=pLaIXU#sJzqz{QoR+P5d`$U()`PM{NS@_KvL-P<|^31)r72B66KSU
zmK`E!Er~%@RFJ!@$M;f$@lK!3Y<|~s9q?+{L?|zus<NBy9y$I@?BgmiG;_@sJH-Dc
zo?ahza`;OZdo=i`>x7Jdvji>_hlKg|vW61n)H1Gc-jS6+<~4&>!b^sNjYI5@GuSvq
z8;LxIzscfyQa8QVZ(U^^sV~pQCeVzoPqi*rJwu|eFw29Nbf&xiu&qWl*%&Jy<x}z6
zJy!*j3?%aXBj!?oh-dA&wEO|ofnij1I&;?k!dtZO==QATB<9vy6?|p2%`3Bn$_T>f
z`{|s#fZCmM$+B*0ljs_)&`2@xbom2Su?tEsZJ~}>sxw+P1vuziU|%h$NlD|VN9b8g
z@qIAUPtCHqksVKzZXw8ip7lA&&F);4ULO@AwWPG~k<0+x<3V1$1P}+c&GriIdd}3g
z?f49-Ry~C2JB}VAHAZQUyfV{F!rBK3Msh85rgxeScjh#(YG<Ah8_m=DV`2)NKOt0K
z(yCO-?em!NA~s73Dx-P(p~nSc5+-A)%2S=66~oz*9<DuS-$=>Exc3GfYP~^xT#Q)~
zr?0o)+|5YdtlX7*6f2<>Wg~aL@uoM`YYx38v>8a52o*AhxMF3aVdihfJO<j=us{o+
z^|dilQyH3b_#pmH5~^6)aLHM$iyKZgt=mnr;UMr(+%je;DQ*1*5c`pn>`J8`Um8Bt
z5ZZoF2VNlQ^RfCiJAjE@^<C^VBoB#4mC#Y&`Qt+?eZElGi#lfHzCSz}a!zZ%u}6hS
zmeg=RnztrwV?;Bd#duRLpv)QGz{jIzw6FGVEUy#}7*8VC<yQr(f(3a(JStzqAAzA;
z3d!O{g#=t_OQ(1XVd4_SQ^mjZUQ1Y#Da`)Eq&k4pS8RQ>woYW-?o*mI#||dfo$l^6
zI{Ziwq!awW3Mv{~F6e%T>|zJ)49G*3bMZ0nj=d`sj~O;|x))qGCh^npMrdp-iOLnZ
zJbq<rnTC9KqIeWU4_e}@_^h*tZ7266AOF`K#7a8$9Ldanz2TXKBR9MAMDF)z*_Gd2
z;pLiXQxfC9md;h=L(;|XRyn*KL<N>BzWyquO4>QRxwQ*9JYLGOfEY{!17cW78m{M|
zAG;eXUwq+Dm_TeTWaFUuo3%O902}TSztmt@kSv;5vT1+S7DR&})KEnm$o2WAmJ089
zA1%8~DjIIc)8-I+v59%b^D{DSROw20NVb9TihDafNao5eR<Z~;X|R^flU!WP(^AN%
z@k$m`;^v{)&SUeoTvmQWkvV_ndTQhzTdzEG*z`k|BcGv`6e=O))L3eo?@gu7xb#J%
zvXiG=ozuRfB*UBf$WL5GvbrwTZwA)Ae(5<7k=xTgVvHc*w74gk?QfvNC+|jT!@J!3
zFT@?j&c-!9Zu<EXKtp?Yb0F+@=mERyZ|2!R`M80k>A^#qVD|Zx(y)`wB0CvlC&3h(
zh)F54J#zdzRq$TWkM1a73u>F^Qjd&2j8Q5aqCznR>Qx&I++@YvO3~TA+ybsE^uVA=
z3i*oGP&Bc*YBx;<H?;1I^uT(*MO4Vwh!8u!Tw&-hp#Lg9Zs`4T&f%WRRGpBD&~S7o
zC@Qd4;L#3Y&D2-862ie7)JZf(d4K?s>lL~@DNx>UyHJcdt?vL`fPDTBRGGpB<m_g8
zeP4Ofktf4Gz6hJ6I0!gg=L&B?F*9i1r}gt#XSWgYd9I+Ec05bob*6dTHL(=?Y>b{(
zT{M-30?1E1WxI=lz=yHfH#`REx3J<bG@UAJ%>U9lt$wTISu4pG3(ngrMvybV3!vs*
z6sz|<H%BMtMp*T|CXXbjr_D+@28hs5pdVs9SD|k?RTyJb8-ga*qwHlP^?}OfO$Yaf
zX;eu6%>L|`BT$?~82yZLo$NYmHpena;8ElBFjt}L?Zl5?&GaDm&;jF>JxPx;O&+qC
zmH@V}{MzYf5f&N;!V%A&cPCMFXHM+^D0IH=9WKDs1_O*luIKr7=)=`{MwJh{$H7E8
z`CpXzmrpc4H^;*FZBjxTq^w0lG&+KE=(j){Y?n4Bb0znJ`l1L;PS(0KBp7Lwzu>BP
z?3Xu^n9~C`A^Ec!zxiw)<rKWg0m99-)dBiwg1%SBtCa@ezP>)QUog1~3{3*61=~HJ
zP3JE4wzAB>S%?Y?mg2KW8df9(O#N1p;Mjk{0UM|Fq0IwS^}$l3lD_gMd3-WJ&6CXh
zMwJ3`D1-`0RaDEif(A{tjuPYI1_S!<(%08Nr;sN^uE`#L?NACo+-&aEo^B3o_F#$e
zx+>#A3pdQR9^)h)^eFqO#YEBCN-CkQ(AoDY%-xxWECoSn3CnD%q|z+^2hTP@7XUss
z8i*xN)+(TK8RESxk^W8x8o02I2;Yse^3P*VOx{M~tnddt%=@CQC(c}$r(cI}{o1r2
zc>Uw~R|Efh*S4!g>)p9ZN*E7~K~9)JuksY&LwZUpzeENEJek^NLd*qP439lwaZ!X_
zYM1p3Er9J1)vHshXVjLWONcH7aF}lpOiB(&O|Q@!Y!-0Jb?S`=i%aQC;_BbijqIi)
z*a+El3P69E63;-S4cm@2>WXzyEO6DzUy41ra?m!v0?NOHv_wx!-~5e~Nm*1#6!J-a
zoaivl^P@c`If-4X4Vy>Rr8t1xS{x|m%?VsTxhsdtN@!J4wf%XxJq2Xr&$zj9VEr|~
zhTf<Wdx7+Co}K0vM!#_DCI}-FI{h7FEBhrWAvp1n0wMxx4x5DR1Mflf!huSoOe+v5
z(`aaEUt&r3RD7c1MW<tV42_dO9j}bcYQa86!Tx*d!dpeKDvjsOUQ23F)mw?1`|H(w
zn}r$xyLYsB^hXoR<5lQ3#!~0En3Hl4z_%dejs*tCQYcn>f-WbEsOlzL95+K3S#B=p
z3{CETU+zi8+cpCNnMgdQJmhl8IUx5yWBC7Na~Opz7jU&=N6NlfEyV`NHv3j|F`8px
z`vNl#Ho}+FYP(<a!*Bu{LcBp3>7jmaBIrQ_m-Zp~DiQOpth3yH86v(Ne|&MUEjS`+
z;85{Z*E5gf_96`%q&A}6MAu_T!=qny6DnPI%XAz`$uHuw3=F14?REU5cJZ@{A>orp
z>4vp$>^tro>LI@l8?EOsYX%&?707*;+!eN(eVp%DGlKD<rtyH5bRf%NBxrJGJ?|Sm
z%p4p>)3{#v+;Ez5P$T9>`H_h(Mjv)vys|>3rl)pRS`F(s=-bC~@4VdaL<G+H{>uUs
zOU7O1_f~0Byw`&Kc8Aze@7>PP%a<33dS9H_Ms^kub7|uiJUB^=7&dC-eO<M@ea?5N
zGeuKv?lUR66<>DTUy&ZQ?6Y5XeSTBwFhK53B`Qi0jD(@OlY~jcDNdJ>;G1TS?*$s8
z8S#3o!p~qz{k&ga-(3h>D>zL<$pqGi0ZiOMmBi8~dGbwxL)$(tY%;lahJVpXGv%wI
z1S5(`FZnwrJm{|p78KHC-(DwzcXoZd7UFicK-Zz)K0E(!H_INjE_{^jyf-S)MAxYQ
zF<gsm8wT`ATXSu(3RB}%PQmhW^75)OuPu>hN!y74q6bk-n4f>$PeK+ecZG>+$V~M9
zLQVMoVro`*slhfXPV7M|B<6!YPy}Xh?mtQc2V;OFh_>AaROnTfmqs(HfYzSNQOldK
z?n6BaYWMeqk@fRLaR|cdzpmMSNX?7=<<`dE{D`?DMP+mR#VFlY5_B_K#yA{i#A*iF
z?p8WazwW3xaI-UwTz-6b^A!2@M@dyUpwhx^I@e;2&3s+8Lg^}sZx4t`vY$(>*%(Lu
z);pUYB{3BU|2Xj4^rIb6Ife?879;@zIWy;kph>gh1@L2OhyheFgo?;ZoAiaT2ay14
z-;(nN2#u1nU#STF1mAl8{G?qQO>exEu*>?))6RkPu0{lBT_qj4Zv=7NoY?oU3$s|6
zo+|2zum2Fc&&^ABI(m*p(6AdmtK2(Akcdg*Y4aMf+gpyma|)|KfcRi@nxsJ7w3&`L
ztD)!n9XflmD%7yCSYNuk(k>K9z-Dz;tnDj-&~(BQ9)Im$xj&DRu`b90x{NnbB^Ie0
z?MRtGJSVP2{F|)<GXV>Km4)AMiwqkIxat+9Z%p&Pl)*fbRQ)DZ_ihRa&|TX7d`db-
z+ZmF5Jb~mJbh53DhvWe)_X*G_joexP(&NnL(tYf70toaMS=w`VTn#&sibeA2aui@t
z!qt<qpvy!Ci<)b_P4IQDbPNe>!FsT)qGIo=|DPDx@RG0h+%dx^ay`k;tNDng0$#Ga
zowoXQ|Bb|xjr&I9sodHZ<k_C+y(v9k)2?kOZRY)v90{k&<~UZdBl<Y52fAa{Wm|pt
zMt07ymYhLANDd8FnRnmNO9|XgF>{%{zf`U?M&ZLU6Rl}V1uV<^SFJ1T^G`J4FM#X(
z<qgPVYWcC!+~yu6h>b@V7&8TlBVf}^K!T=^`!KU3Lj?rivm$`yu>>ZSjD9h~y#lW+
z6tYA1G^M|Xj23YF9|(jz*zV{1{KU}~{j*&uNi<Kbh26{^HnYlFGsjsu;fxC<#ga0y
zH*Fis#cie(;=0cgv@{TjPk2hfi3~_ar#-`PzH#K<vp!}=+BIe%9n&WgP%{Q8vvf@O
zboS1kRq9+}4U0mUE|8kW(Btc_GM?M2`cGjV)dsWZT!ou3yi{8ej^yOWTHpLwn)8QE
z!be~|5=BLv6cEaRfElE%;bd$aoDDb;W5UO7#vP2Pi%5Y@&`j;vYOvLzR|L5aTya*{
z2bB_F<$9oQVbmSanTBh1jYhXYgr5LoUXo5u+=RZ;L6?&)Kqh8bUP981>s<?Y6>eqq
z8^7&J8QG`fh%wJjnibUW!3@o0ak(BF3=Uw|Z}DK1`?H$@O;C6t(DVDgXN8Oo<~$xa
zfbZazp8^E=JdvADJxqzd7uPxx=<DskG~<Msen6Mh_%+eApO8B)at#$7-GzUH^)QM-
z86l_bJ}x#^BTE8%gJ#e-uvw<-s%qRa=;S9{d6nNE;sc>{SEbcyWTCZEG0e45fstbs
zmj9137!`q@Ef<-18w0G0Hbk!8+vXZP?$bs(oQm4nTrdirVfwQa`RCO^@cGbBS-Fv_
z2ELyeuWt6f_7`i_#CuVM6B#**1Ohq)YGGkL5!{z)=L>6Iq*YRXP09lHZaRjs8Sy3z
z1*2IW3_;c@{MCH7rL)2zSF1)3$pCtSI5<>E8Yp0E*Dxp%ys5XE=}zad7(K2EW($9k
zDw3&pA^@6<vSZN#Hw<X{lZ{G(kNTTwN4j=(sx`rTQoLo(`sj8P0mdP@2H>GD8cN>P
zdG3lUPVH^Iz`P#ROPf{-BGrfVUrUmQo#?Bmn;@JMReKUpf1gfWbkW!U(5g?JnsPkS
zBTM8k5Vx}WESNvJEJcu)Xep(HJ+bsPUnU{TPFq-EH{)v6Yme((=d^Q}Qf{{=q#?aP
zq}1*fG1rv1z4<FvKrIEN9nULlwyWbaQjSRsDWi5<)ulUamW_L8vSG6mBG7Pn(?Kc|
z1!6yKdjrT#h>6p)RAlyf_C!6U<$eU*eMOa&ipd-CdNj%lVC-^QVRU?-utF4yMR=&L
z>29NfrY7U{=Yb5n37EFBQnVLy6>6#f#;|e*X$0olmgO|+Lb5;*rVU5j3DVVyB>@S~
z^q&X^gwX!bXi=UjKEGw`2$QdbHPI@fe^x*A2tZV%z(~oMoh|JNO|52#7nZ8y%;>Me
zOl6+NwlOAJ)fdA>P{k8+osFLK(gZb11S9!q|A^=}%KjUHm0%Ir)N<)Qm<E*XT_qxq
zh{sdHcm6rq6mK9Or<#KXbL2Tx_nH#p=K>yXXq|J5k*DMr-&;5Rl36-lbpmf-risQt
zN?Vx=ed?Wa75q~a%OHnY+(tP50IduYh84pzeu8!n!q`l?m*2*!oZkJ0L50u!Nb8m^
zG~al*+ppe#S%K=;QuHqR7CA~Xw`%`zW@_*TJkgsa#V%%$8uUk~jmMldS$VpwTNW1@
z^*mH}zud4I;d2UG#W-UfTZ~oGz`Z^Ru`JW^=e)c;hhJxA%SK6wX;N)LAFj(^M&K0d
z)PI%{q3k_po?wX}drSSdD5ZjP2goztA$XXOkSN2(@0%hlBkwlQTPpYPT;Xi<U39o*
z)rEI%I_@2Rm$%&fY-LzbD<$-PBI_L6EYKYoo!o~2roJJvmN%@;a^hzJ>eXw4D*V)}
zQCBImG`efv!Rz;Lz{L2RJfhN0CT-a2G#<S6%!HlUUjHgFEir3n#|zQOM^z`~90iD^
zo~OG@g%o~1CD}Yp2Q8WgSF%3>@C1O(QbiiPBeq1FWeo6sVn{ZY2Dd#*y8;k=!hu*P
z*Prx^f!1{Td4Be+y2BV1`ra%8xqZn`M}r=@+Brt*G{X{&YF=QH2PP;Lcr}rwzTeDt
z!CRR#MgA6%b`1dz+hK~}sI%IJ<Mp08d$8`FW`7-JgOEz=eIv;swM!#a5-rQwnT)~j
zLC=qf_$cIJ9w#|`Rslnfs5Je@kFZRZ3O0ZmQ7ge6U9swoYIskQ(xb~bCSOAwHCM$2
zv^Ke`8Lr;k14BhxE$f!CQKYk|kj+JW@M05*4u44~AUs&oG=kGy@PZR`Kg!&v_;4U+
z(o4!XM3|P@2ga?!VE`S7d15M!8w6M3ruddMNI_VTU2VeM36Guf5O3}4@u91VO;2gm
zH`&c8giaUiZ>u-zy{qUC&{e<jye}Qx$=apHb9BEt(B4{qFXoBAK*-pw(*5$2tZE7U
zs}Bww)%R*)nvYVP_$L51=0$M}8+f~w0xJ9NB`gy~gT6KC<sO;{%nIG2HE7??@)bP)
z?P^ur7Vt@dfIlQLyd6+?>0$Mme<M<huT>2O*@%$@TYS;V-n5Y@_i{(=)+N;#;~Lh-
zt{&WXR>FhAGTcJYR@-<Rq}%p=|6o9K>U_@7nAN}h6$@Nt)GKxa$szF;<NZ@s14-<V
za|7bF6!5ol<UCH3E;nnBQV)a<-z~eTA=wRNIq)+yfd#Z;eEJwJauHI8AaMy}<<AZH
z(En1)x?1lH1{8cwj+ah`@7RFY|2<W!OxDQfMN6w-nrNf(KJ~N^uM#d)Cy$9(rqZC@
z37x_F8xaaiaxt7cMM7?>K;^$d8#pBz04GaZ4~q5x5(-^!DsMCfOzUG+B_p?q9MBY<
z{j&83%}IhrQ^MrFY&RmF_x(+d+%@l7K{i5O1QR~ha5(HA42Sf=!(8BWVn}(=iSdU+
zE-0fGcsM;I{ZdxU2GMALjal~f$Y6q*x~Ld_whaK{+xoX73%Ji9vIYc0qT-&<Ekoo?
z4nE}l*9lwzC!UTOohPk{f?%7{pb9k<zq65So_-GWRR<}{WtU*nqWO#XiuSq?2)}(p
zxY2@`$M1`GTY#2p0WO`l-vze{?jynhez0n}D3*~IL7-+8Rnmz4lMrsK+UrjR+&I$g
z>pvQHu(;nvj}Hxx{4;rRWFX6vSB<vtHbxgD+H3;~h*v1oF$kTX;s2uri2jlTd1)J$
z<nW0IFII;@LJpo<>IzNH=o?Y3Iq|-0Xy?kH$KCY+IVf(}Yu?+yb+%NMps}$mCbeTZ
zn(){@%FsPa9Qta|@^`Yehs8_6yH$Xvws&UF@p)Ki%3>yt$%Olyd@lF%=I*C~$Gfbp
z?-J#`v^qEgH;I5qoF4F>1*xqq@caH3JkFjRe^LDt6g*(^w(6}kd-KNpPlV`?)yyMY
z_%z>u-r!=@CesFvTD6O>N33FAjfKN_uaG_t{pYUf8j#hWln}%7?Xh(7NxIsYm|g1l
z_{@qLHv`#rn`>MA5d`Dw(-(I;=dL$<V(rvBI0lMiqes6kimYegE^xY;Xp~vbe!+;Y
z+^L-eqw`;+XbmPmli=pxAIhd_Zrfi1LvXiGw-`x0Rn+sPG4T1QHk47{_s@&mdr<#7
z^e$j^#b~L`gbLm1greHPBJ0)KB;R6-c9$!@NZz8+y&Fxrw>a4u#}z>0EU-{hB>Fb~
zJ#b64bsKRFGO@M0kn<Xz1_}AKZpF*o_D}Amg1ZZ!F%2>^X7VkL@4YH(FTsANE*v%@
zP6S_3m}af~{@hZsrcDznG?K}v>J(NbPlzy;M4MtJi!}h2cQKA+p!An;6o>x}WX-+J
zt;AA(U?QAQOgqC`mj=_!-$=ISbFpe}L5p<a*CbR%q|+z;v<06hX!6;qSZOeUUYyyf
zpjC3D=1DTPzFv(X=dE}hYY>n@eIcHolHE~ko<raf!6(lpZp0h=8C457fea}U7sXH6
zBiZ;zA%^#MCyN$T|5ELn5->Q=1M1`X@82$<eM<q@<oWzw#jk^3c&s|UL^PnSjxlzp
z{x$uNBzd~BwyB{}!w(V*JZY<eQ|56WFW(2WBk=wu<z0PVsyD1|tGU<rw#|e&{H&p?
zQ;8H3fnLRqEY3{|f|$tzq)2<v+Ga*s^MM9U!c$e+p5iuE0KKwSDgA5r!Dh|{09-bH
z%JahxI{-)nNDDG)n%EO><#o0xXeCL$Xh)C<uL4uy(R-9ZuyJ{9zI__FN`@SiZW%A$
zzSL68A7H4H=$e8v{}vPITrlk9m$!W%zdyyOBl^n~ZE5?SG=XLr%$sfjXrde-EzSpK
zAW*JxyzeVRpZ-&&(gXY3)y*EA5c#wVqo287(ZHXitPNW(R59xyX-WW;^BxY$(`44%
zTN>kp4{lOsG<9PH%yaT3s=0U&5)Fx95{W$nfgd{EGCefL)qgyEQoL=JDEM;lL$56N
zRO50<Uv(DB<%q+Zqd;6S*T0FpNX<<7gylvqlu$nRg$hKMq$eDN!#w<-KPN%ECI}p;
z!o=2AE^%P=w<CjwUBuwmmIExZ`SJ)HXLADV@I+Jdh0y%)_U2<{YbD`OwNQ5r14#m$
z6L<J#REPlK!!}odwg@zZ!$wm2{0yvvRj8Dh|BQPA??O{z_xL<|^FOiK9Z<!(aCxGj
zB}2Iyyb=0H=K)0!3=F(sNpf<Gdol!Rak*DH7)kkNa77r&X-W;}PY+x?aej-@dG0Rj
zfRfLz0k|?RXU-Jcn9k(Vx$?A!2!$GRVm2-CH_6?J^C*-5?gZ;O<|0nRU5Fh)JwWv|
z)LFP;_3lyNQBfD{P^Y);hX#Gp^(=1zH60OTuiLY`P&g`p9>kJ5lD=ko`<1B9UX@KI
zYy^p*5%|Ec6Bi%u4R&+X4gr?#sxu&O+xg?E+F<6SPVl!mi_IPgz2741z9u;CZfQIo
zh_sOzXsfpjvsxmANQ;c@9XyWhJVCjEb=V0Pbb8k=JTuD6BVc_hXt<YZg0d=hh%Q#<
z(1G>P223J`JMNK~J5QL3?En<zlSs+V7p_XC!e_tR43cXED#VCWp>3i?R4xnZZzcaz
zwZ4ZDW^ZQ?jFrbRd@K~Pk}z4fgJ#LCA+UR#MimK(b^M{fqSUD^v5N}S-Yr4gOOMt_
z1-A;!Wn0$h(*^G~5to*gdju0r3ua_6;we$1q1@mC1$RTSE;hg2lM(lq=EM&s?H|@H
zrx9%g$ZYR3cfh}=(ATy8rJK%Hpr87|QcRAF$7j)LKTE<MC)hKhn_48p7?=~JS2dZT
zUDHO$#D{gAwXaP7{sD-;P52t1^x$=r4!2MiGEuGx8_)76k_n604l!N`b?|AiX}sKz
z1M=g3zX0yLwD80??*o=VKm!I#N>?dv()|FTHo9f3$tLYDn+~k^1gN@R1p&Ihl1;ig
z8gHaAQQgUc++r(+F#{8k6v!1Wx68ERV%gGr*dpg3;`#~6G|wud6lajVpB{iY20g<}
zw#$a_F|NU0-=d8SA2E+?XDh4#dCMW7VSMtVZ&q1Fz|i5MQyEvsNk7@i<9;5vI~mnG
z3t3&*e6cI}TLs!RdiW1iZJ+F<zAuXs$&Ax#dDq-}klER)<JU7Mca=2J?(Y<ByvHWd
zL*y7=MraQ@$!D-1*hg!i<~tl7`;EH3S8u&%8G({rIRT+&+x!gU*fQvmGakpcsNg7p
zKLcYKgx#U@g%Aj1g;rPF%3lvGZ6swBQd$3M-QYzu<lwWU#Brev#vFMnF*#%(TOBw5
zA5m8sRpr)o73n-Qh$7vgNH+(N2I+2)?natJcT2Z42+~p_4Fb~L4T2z{An@&TulN1_
zI2exe)Q+{+o@>szk<kg6lDB_0#*}ZQdZ#2)B)gzS5wb={m8I{-3E%GPRC=32BzWH&
zw!CTA6kh#tdCTi~AXu$8{O3;#JCDiaC-D!ge{56T?|!CBQUI><OqTI~9od!nPYYE6
zR0mUrfqMI2`l>0uj+1YS^Q(1KnZ%?w+H)PZQ{VSy%3}`&x`|}ELJ+fr+^O=k5}vdZ
z;=Y^Rjm3-!8ppM6`<IgfdJ~S!KNiHXy}}+^|LIbK`C~|e!^`-$?L0ZlvZI>sGFMR}
zzfwX7qEC7Ns2%Hn28<}e<iCOsFy-L1_2BQ<e{qiK1B|yQA2$=)Va~~+8bqCL?B$v)
zcF!d>q!4n%DZ(h0$gRH8F|}{;!E#KQFaKqAz~4ax+~s!Uti5n@&uiv{7Qf_(^1Q($
z(<yn-+~;fS6D4<qmba+pV|hgniYd0D|J%CZ{jdjt6?s8v^hxqZl;Uv6`E()aP7VKq
z-_+aHv7g^@6hs9QXcMA&5(VlZ8RtV^51Ikoaaikr0V6&DeuLJ8ZQo!!_irn9ho-;|
z19|3{PyM?9dC4eka`#I#p?<cb2tGvHxNLaJaG5J;0m>0crt|<(5j7h@I@}$!(i|@r
zGfy#}A_R!OzF4~5zvT4z00;QA8?Ocsq%Y$qOZ)I+pG%a(e&;{1C*q%>2p!S@5=7%u
zq<SkO-x8fSL0jj;(ywaSuh<-fhLq3D@Dc0ZvLoIPg@3;CBG!UP3#Tww=u{DLmc_y7
zdyaa_6BU0!CS|vS%?Mvmq~IDmpm-~efD8|7Xu+)s4qRZ_$s6JRZ-ViF@bTDEa}mY?
z$KARzgld=;dpHE+#(y4tAt#jz2zs7mzRG>^V^i)nI(Rta?_~jqOK@_qDE_Y`ih7|q
zN40xM^yBd%(ZtF~L_r`01$Bbmkyrog%xHQrYao+wdid_o!N7A7g=e;}zvgJi*u7Uq
zhmO_bzBPx7b<m-vZ}4pX>&Y>Ah>X{_jmxqm)k6ZN5ytRKu#oaC7DC!Na{hV9>BmT}
zzZ<lGT|f!o93TRf`cI)#eFCOFx(~=W6|`cAL5q)YF5Jf)$0oFAzRf3`H~-s+6oGB<
zfzHWO_e@q~w?#miDes+F!&?I`z~JuB6;LXTJ$3XR`-t<_><M@~jNuozI)F<KD|iz!
z(f8T>FFO=02KMmJ%R@VU_u&Df6>0e^G_q{|@(QKMZgaBk)BU<-4d<jVk5_O8I?Z6Y
zbe9Wws0ya{sI8gOf4$%d?@bQ<f3eBN8HPb~WOtiru_mrlG-Ej9b?4si!C8|AluR=u
zs|DnB9kN}kNb7TclqCKh%u|)pV|g{BPO(w{GHg2GU21!ORPef-*m$m1QUT74*Ws?*
zP~UjYagA`d<b<G$oh4=qwI<TRvOzKi8NG6=nNu)h9Y5ZWCkUVc8Igr7$m{6;u5(62
z;Op@RhWxs%TzIH=d}ON|<an(BqHs|n8<NP>Hia*%XTlUKrQda0Dsgdjx9Kzk(OSHV
z=z6;Fkumhr_SK6$v{2J$^0aF;K_GEkTssxe8GmVcaAfkgI!d$V2fm+f!D#(J9MmHn
zbGn~@8nAv{C@70WBn8jRm~joT?C+Y~tF9|Uw{L=E0sKmPY%6E2vtzMwnk3SqpQgJ!
z;ohXtFim+rO)9Jb@$);OM*O1;QS|-rsP6(t%;>a0*hCUL_`l_ff*m}N?H!r3<!xjY
z?wl_tGOk4(Iwvvbi5fl?f_bhHP%ymX?PE-Ao7YAAl}Vvy^1%=lLGCrC_hFWK=YKoB
zf6058&D`56$TUT25(R&JFMZ1O$t50Tuzf(s^^dVe$p=c)p+|FY*3>Es&Dt1Zn<T_u
zz?tahEcrLP@|Aoyh#LO`fLm=gpa_UwVyR#r^bL^xH!9#XJn!&*2@1Lr^R=TEf(lVg
zk?eSL9K*9>%w_Ud3S0BosuBk2T^rW-xpcoC&z5)H29R?Q&tZ*Gt+9h5?ss&8;2f@t
zIkLaw-4U)`N;7&x4LWv3cFoKdFSPxNOtHtH{w*qee;I$B^5SrJ<R}04j`=_g5uXBq
zM)KG`9I`KNtILJvc7k)ahI{jM+(N;v`=`kN1tNIYtvHCsf{@)MfpAJZ=}5`-lvJ~3
zaalIK%Y?z8o?(=}WZpOKC9wt*Sva$1&E`h&aBBslZXGXEDw^mZUa#xw@PD5ifY_D`
zV2-QBc<TQ$rT^yY!!R&y_+ejLGAAY{zx`XKAJb7z=P-Y6G5SRCd|aGCtu)>R>xcdS
zuK4@MhhT8ar}5Dp5{SlNw|WY%^a8d&AT%Pw)$E^+TQPvZOajQjV(b$y{;k>m4c9>F
zEDCpzvwufGg$gwAA6#}7lUa3V7J}(>JP{N!I6wD9;HO+U&V4ZE1)A_zu}>o4Mk0hv
zYF&d#^e>FN5vNL(A4L(f_svx4riA-k@0X|xZJ0k1^5z8M)##@J?rXLE<R52FXLKF%
zt*6V&V>JzZ)i2gtc5}qz$c3KU%&;su53}0meWsJ?YC<h~|Goft+c78?z#Oom3;&Ch
zct2#|@A$le4k(xxiX?J8QNIAEyPNM#n~M&e>d-3hi-TVqQS8Z0j@Re=ypC%RW-7G{
zdw{<~%#SHmrF>v%P^$fr?(X))-*mavEj%tx3Qj|SV4|a|%*s3!dVATE%&7XoW|j>Q
zBF1(4fpY7)-yhGBEIxdTv7FvI^Wo%pux-E_mlE~+0$Ny=-Kd_!YJ%osqgbs><(g@8
z`fnrwh33EH$||muMRMqG#h%q5B#a;Z&-~YbuuzS>he|S%f}2~z3p?(aNGuSF76MHg
zFVMx~`HI~Aq6XrQl5Qn)LlaP#VbZLQ4#6NU7ZJJt^Kl`G!5|74_8Ij?5(48CpHzOJ
zS8+UPzcLxi5rTIgj_t$^+Q7-hr<0B^fZsh{Z>8GP+q)i!LM{p_5+7XmRW1bH{I5MJ
z9xB0olaMPc-=g*wQfwRnoh6eiCoiwo#ZF1CUpE**xrG)~kl_^OFd&9h^}0qtKybV`
zP;UeJ%6Hs$8LbA#H-Odu0dRyRq@*f-s4`Bx_arD*C@b{8zbnT^vrD>-0wRKENcm(t
z2$|=82xm~qw$ro3R|ZR#l5M{YeJ=><lyWNlDt?DJiU8%OwPEd_SV`$2Au5h-q*$1D
zRMYAC{^Y@SoCIXR!uR_8vqi3ND4_O~AJWw8!7M?g`4m{`6ae#u-=SfhfEMy=w)3ud
zA;}roYfN_tQg5|%{r^t%8Q8`w8|}7TLag<1mA<4I`bBi!UCa5>tXonco1eNLFY!eK
z4nat`tY-<#+u)PCf)|qc>N=dE55&1@UUV}xhH-F79#C9<W(2S#tkDfHJB;x@$mCK|
zbSmJgQ-N%E_?AUPfpdqro3-GzUmEqR=+~WBhW@weURO64hb0F@?1iXG^Xz{>t$rOe
zujcH413xDx0bHk8pmK@pu+)qTRI$Ag`1DgkEg@mU<Ys8Jvj&*$zjrbZwx@ttVf|&}
zy6FGX6Lg?c)Ot?+rDhy)9WaU1<}5Dj{O|qXt^=$;%nb8k3E0ns_1bSc9oL~m4q(Ep
z_+II6`^LA+)_Eq|7CYy9BAVwG{9#4-neDNnZ14a#p^;n+9r{IK1pPKVpsfp6Idzp>
z@B8Do(B|zcHmK5ZLYf$06?cRAR+U4D$HvyF8No2#-9<~IE(<EDj{6g|gik5RCA_Q%
zKt;&H(-R5}@=l=1-%Bi#?I}91k&GhpGZVs2`EP*&$rYAM9)%c#eqy_HU5!#?mhvwk
zlF55}b!`2@@^D!WkPc+biCA@ts#AQ!f9{TH4qE&DT1QDKQv;@y>OXEyI+>NAm;812
zi&)ZgG-#fz4^LN?-52d3?0J7Q8mLUzSXksk5+b!m*kOy@n0ko$-y6=zh)(ihX^R~L
z-@3cDi{sn$yaBJN$_@u`E*cn3*gJnXdZoJVPe`_NCOW!&)!l38GwT1l76u^xg<IWt
z%*@OvSXmXk9-;GB8VEj8ftw8#2gAAOH<;=B<8JPza(9wzKrvsc|A||p#-J+J@mnN~
zRidvC)zFqF$y@Q}-j^i!_@>ME0<L?n-2|gip}4Ud+w2By%?rdV210`bEbE15-BLXz
zZEFdI7Cqt&cDuynY%3CFy0KXa9U!F7bVm1o`wzEA3kZr&0*g}sVipa>`kb?1G!4vp
zwmN&^rw3qei3+;aIlS)4Z>L=HLW6#1AU&m!JrD3irVX5$DpOTo+=xjgmWB&#@nW3S
zV#25Ybbr~FOr*(A_^C+SR_}Lvt(ds>{eRJI1#VKd$kKNQ9`5<%;c2%&FlQQCe4lc(
z3t1rR&ej|#Z47&z*kilWrX3O(Mg08v^Viv2OhJl~X6S^0OzXKDk|W2I^|wuWA|Udo
zbje=goOxo#W$GOL%f5Jk_70wQyY|?^S6f3=={`f5ODf82=P8NH4SCciSdj2(4?Yto
z7cE?Jvq&_r#6r309UC3*8=FX}eu)!F4>oQ8Wf%8gJ-yET$_H28veQr)=TR+ed6H5K
zdg*X)>NHrF#Vaqucn!kC^#8FhgRiBIaN~mDHBT}){@R=vaD<aA|32|SUpNq}q4A{%
z!KN!Tc?x7_#Qx%-G;1Lsw6u>~9&!9dZ2z~clE5`psF9Wb%gFxeA@FK#@MjP|j`{zm
z{+9?)!*g}91h@a)<L@5<#CRWcA$OOH4hFn}?!acWOBw+<nZ=7FCM0Sz#?TD6N_Y9A
z0{PCYKk{$_d{_h!L%<b8Olqh;;co*a=Oyu;CxE9$IBIjD{d)M&tA%CPu<qZxdtyJ-
z4~oZe8hh~s7>OPOSKjylFxv_Np|Mn}wm_h@iyO><ws!$-dOJGZQCI`jKw$if2IN_}
zoXjYa2s@DYM<Z9q%TYUDGpT`zYt}0*X7B=IU{7+cJ?U%&hK>Q;^fD@@zd9+P0*!`_
zZUfMKP|?w$K>eY&EVu}0l0Tfm@@`-+>YfWejvge1*G1ZV40zAOx`19EE>+^RTOa@?
zRXd#BI^b=5;57EJjMPW)OHJUH+6ua7BkC!vb%$WU7x&+1+sZA@=9)ZXm+%(P0zXe9
zi(dvX-am<iu$2aOB;p7qgq%DUaPZ(}RL#Ji;j0y_0kqyP7Wl_;v7!JL>RK<nf9E`p
z_|cj(x&ToVmzX#V`0D0^7*uVa^Bv?;o_yfv>^u~o064w|2h4mYDxVOby%VRPqCx=v
z7NTE5vA$L73%EQst^$oAEC(9HLSZ-%e(4MNrQGD76cMWF;(@MXZcYm@0kOb+1LDAD
z?;Ka$nFM|foP=94GWa<@paqeNnz|O4kpZpzgQxti&zoM%0Qtq53;e;OMNhyq3c!J1
z`jFZg6;3;WTi!)Phyh<Q<pyhYO|D^g&>}uC&?0dpiC@6b`@skrP}p1%I}~w**70mh
z25<zCfWk{0MD-E7=mvOq!*_?dFBwq)lYH$F;t~}qy+Q^I<bmv(KCHTp5+DUR1<620
z&Wyof|6eB&Y>>Ll*i8T?_r`9ne;-(6B0x&I-;v7$B<Q%(GBTfm91?D30tB~TGh0VH
z;1T5kcn;2UgirtQ_2yBVB_SZ#5dpCt<2Z@UOyy^weKS~di#2#|J;mU2dojDW(7-%X
ztse!Fs=ab+KxmO|9-{g^kU$NF*Myr0JKaMEYDeIQY`aj8=5{b8md2*vR&{d(YC-{-
zV3f7aKd}8rwBby-MkK}yGCrU4Z&Kv~K=W0sE^TgR2Dd`fYIQBUR)l4QcLQZuhDjU9
z#_+#=`(`aN)fM=N@?NUA#4<=_)D-Sc02YF>U3cJlY#>F!#if4x2JR*Xh(~Yr@8^v{
ze7ORX!j;{>@gKcR3$9}YMWuQL5fDjdNJ{GiY6T#ocIS(SO?{qi%;EWc1oDqi&z&OI
z!x=0kk=yzqPfK06M;9QEK10DFS2O4=Q!Qco)?_w_cX7hA>Vps5JwP;mMzLEiBXECr
z)tN%k2K-^bANR&U^9TuKDh7Elkjyav;i55N43*h7c~vyY3uyK*JOcs~vj8}}FxA_y
zw0QybTOD2(kdsM(WxRY7a6mPqtQjYE<k;JbuIZwVK$gN!&@sfQi0}qKJTkHyNavJ4
zzEM~L>+c(${%iOgjfM{~(&R57=lp?&U{466>H(ekz9&ONVk86xEA@{Y7jRq)zyqAk
zf5?#4dijf?sdwN}z`)NVr>~YUJtNEk7~u>tGn%ML?2Kj$xU?HeZ2VaNGVMY2K=Nol
z75o?T3x;m4x46bPUwKy7;F*k}j0rYwj7pKv_xO{)79N)ogS}$E$RB<cXSgx9nJQg>
z`)Dg1%mR5poVR2$(D<i2u;Ja2OdjPqnb-n%m2+}(nhCVrkjDOkjfEAG6-YP8((!8p
zBbh-N0T4BZsGfj?Ef6GLI!N<2HSM9mo@H%X(=Y@UCR<Ag)7dLW?FK{{z$khG+FX6s
z_s3_Hc(a#y=uGQH6YRQyOe?*{UqZESm<)tu!e0XSlkn0MD&MCZX5r<U5{K(w!lt=Y
z3_RD7+HNlw4?25w8GKWyx@%>U=&(tXcoG8U5ql0<Z|r)L>~`)9KK6fxH~5k`2ogd|
z^GxuSXiKW=d(iWm(FoBDL9e<65zE61{F)^|QZBc@0ZuO|Yl&0_+-RSt5SQVGBmVbS
z{!D_Zh{c|pbz%8C^r*T`_Ek`5uPK9Z9w67M<mWctkT%>jjBDaHeqU??#S1iTJK$i4
zF2rik#!EwO1>%1#VB!x5O*})xpO&bce@pjUmExfVT2XQFI!J_=Ms&MhX@e%0{;LP{
zWc_D_4GmaCTGw@GFHTe&SP`uXAHV+b1*hu1k<gE7s=f}y{X_o~VBH3&ZmQi1L!et;
zycv1N;x;7Q@kbE0JC-XIMZ{X?$=HBS)20UHv%6xpo>yt$r>$4VhXKm6YQM7Cm>$3X
zosZzz0Co8S*o-m+mc>|o4ni7Y9)u#~$by|15r|M4VH3lr&si?<0c-8?dI^5KGvgzm
z3)6DIv{S({M~I@XcT(pp*Z+Kne!C@W+(0i#G-yRS=fc^?Z*8m&fF-zx1JEPgpkbXn
z1AOAYoBJO^@KN6=V_tWHTTdtjY<cjHJMZs&_T@;*JXblz81DUmkCGc2^z=u>mH4sm
zW(<#WJ$<**C1+&G>&P9-5e3MOTcfeOd^DFpA*^o5fCcSY3jgKt^6*GZ#}(PnGTd+C
zrDIv2zL>&EwF9eEh!{-M%&D&cvh%#$KO9fsP6sxv*%@m5WknUJyoyCJyUX1+tw|<6
zmR)D|y1=2AYP-3YATHh0u4#z96N)PRZooh9PfSD<3g)u~8dd{gWL>9HTNGX^9XZBe
zKq(ra8EnMh<7C5pB6k%pDRy=#r?8ialo|3%RGK_b;jT7>JB+>Dq>jXc)&Fq;<ozfM
z7dm>5!j^}HrEtrg@AB<%af(ot+ocSDolF7u1u;N=Hu&D3l1BBL*1=h7Rj^C}_r>I{
zy#{nVfeOLGa_kMsLSdO9nmBF{#_W^6?&+{2yz!P=LNQ)135)RNH>ZMN0n4$#zx;<B
zBq$3RI>o4)RgxPjFux}-rb987!>uXs#5WgXTD2h+>-|JGsAYTgBjyPo9$xG3KR?Gn
z2%!}bV=#VCbyg$|C2LW-8<XP*R!rxR^kvI0bH)rIU^P?gsW`Grmf&&rft`!6i!ofu
zEcl(iSs?l?f5}`IA3%@a?DLyr%kdhh5T>fXK5t*LZ7`8Td_VTFO|*^`lp&%0L|lN4
z&ufoXUC_~*?1u!%Wz)I9o-rXYbvlZnVCQ>@{Z-U!6*Mg0)1(GI!JzI6@u&>A@ph06
za=w}9i(dQtQ{G;i!$5`}x}u#mAumsh^TVm}B!5M}c^-6VC#L`kIDBAj9lkh!JZZ;3
zN3SzUlrL<&LG=H<O-x%&LtPSHwG`<&D}4XQC8f$0pdi2Bh_G1V<oo1m4(6QGzRd+-
z|9Fq>r4Y;-*K=Pb)wZ;bT^X?oRSr~S%@CYpcK}tLqH`Xg0h39e4pKW5GMh-5n<UJv
zK6xx&lgw420cIro2PG<dVf{vds4iTG_2l(zb%wGUA~Y;Q_eSFes=VAMb2<@wK|`md
z7=RANaJS$^HC*fg2t{+XAPogLc`eevX7-OCHlcQdXtxf07*tn;Pv6g@L-*g&B&R<&
z4mvRPlM))Zs+&ETx5!n0ds<)cRGuAWB&sWkn#%9?LKA>CFM)giVc2&+5j62^ZabaW
zc*Xf$dKq)uG5O?i6}~LppTa}J{YmsnOf}oVIKrja&12*o<rk+(O2V~t?FpAOg-jS|
zp8OBJQGYhRb_Y(^m732E5pcP^hXG^`?A71ad18v>%=Ob>^~-2|hnF|Qd#HK6jTj`P
z4_T=&E$%+(d+9Yml}pnKT4sTme>e@EM8yYC!#n5ceyMvLi!{4lb6%Z`?7`c?qq3Cq
zb62?0t@XVjKzF7o&zuQDjuw+%V$dFzz~YC}gB$y$wq~B4Zpa|S0EmEbEZa_Cz9#Lc
z=*-`liU^}z^SIsbwsnY;=`DWofPu_+AE?FL4+FgCnW82pRDSoj9?9&6<i0nTT%Y)A
z$_y{te48yx8ak=o&;bUM+P&mb+v(R=6-}=NLq6ty-&9>M#G~VP-(jk-c-`}}BF?R0
zI5UHIDY>5cm+icLc<IcLe`vk>TMq3drM3Hc0eny9l8ZPI;;-A>ufNe0@1-Ia$PB8f
zSUoqSQ6;!n*`cB&*8Enyw^5Fnt|B2jMJUUW+{#d#j;xTOwsrrz+VuO%&m51FpU1zK
z--?Xwx(M%PwXZhJeDt&Ve%sM`Auo$M*@;{pNR@}mfMAcv5es>x14X4g^_{vB2flaq
z=#xsoLF*626cGR%U3C(h;*FE%Bsfww79zpsR;pBUFHHL2QXO$3<^dO%X0@Kxf%QzO
zGWGHSqKQva2s5tPxFV*rOYd!xcq&wuHTvlkBjl$d3{U7d_X*SIhon#V^4gQx5{Riu
zYB0$}c%CtiXkgg1@fNqX<8`Z1S8p;RL<Ug3=0(t!L`^>iIB79hH*;S0Ph0`055|!|
zgso&!1NX9uzL;SA_~t8~3BEc(puFfB0H6{)R=oPPzJmS1J2WPG{r+PQMO0cSUx$XI
zSM!(^+EaYFb-ThhFlpmPtxq}Gf~(1?qK^2!rB_x?+Q{vqCogSv27Eae2V9{%+UNqR
z(09-eZVZy5xUUg?sN&sV@m@(t31J#0XigV2)FvQbiEjAd^ZT68uMf%#Qs?;=mlCyV
zJ?&BcLl&#K5BX!o6T<|7=hPn@R)z8DD~P(=8XVscgiJ+~PB9u2vF%zbWi<5AWWLxc
zGgJ05wY-XElM*|7Xa9&ErY9*wK3VLR4Rdg83Q>O<NB3l-R6q?%!ezDqe;I<nBI@`Q
z*z^6;{RfO<0Xp`EtlAEh>^+ZLFy8(&8YvSg`%N}mR^-;N@_}jUpyxJ&MiEH&6hDW5
zChxX-+E%acyH2ki^tPC_CVpQ7YB54vT`=ex>}$M0wT`m>$)x+ya#DlDLJbaLG9+>!
zl5i?_=tjuDV_>H0cLKAnMv-!1+cWH#IQ}7&I`4>o#!xMF9_+dMQN1}Hgo4~=D9ik8
zdczIrAc2rOi!#)WSuSj+p^k&h)cB`T?+wUHGvgzgq!Xx|)nY}89Hk%1h$mV-tv|fJ
zYa=`x_@(r<GyV8(FZyZQ?~OOkuO_#IezaD>AW&AF+(-wElNZjZ5a^#*(GW`i2NKU8
zuYXEi==HtXNsu7?r=Rem1Ms>LAC)inhCZN)e@9gr7y%*wRedlu5HFt6Ln(TxUw5$)
zxeVNsdfc)Ch4`xUz8-3(eAaA~Jz$~W-o?s-Jl<@VVjq=mQWoCS(x?(0m%Y`t71n-$
z{d=sR!{XcHN#FOnnn@wb<=0>NpuFyt14364N(f(AQMcmnyw9bl6Zd(+=#77b%0M|1
zD2aVWKp7O*ey#n`<FzZB!8wGl@f8x^^+26-k8yEvcRp>AT10{K4>A7)!>c<wU5}##
zw@mkeA-Bb?PbryZn=|@I@5_6h*H$Qz5*^ql5;nd0x_8(^tC4wrIb$)WwmA_^vp8gK
z;e9wjdUjEVwX=#+<B*xqdywsvRz@*lv|V4lVW7yZnsQDN{}Kj~GaAcTk@!*LPgrJX
zSY$4ja4;=du0GsJQlXiIDF$r5C5Tw@<{PWlOvEsA-?EK4mllBd5Gk4kz9kx8)Q+4C
zK?^N3_P2y1t{Zx_M@jZ;aUIT5rkL0=0`*-p(?4eG*1wHb(6u|wEjk*3|50k7X1$tb
zZ7GD+^F^`#z?N>MR_%v*pUo#!rWpdu<WkE^D^K)jbhAz!HQj72E7#KLMvn>xV?Wi;
zi55^!O27ZK_-4WT)5TYBsI=gk0#8IVX_Egzyr^|kj!Ud`81^^T&16QZlQ!zJ<4;I~
z>x7!&g4d;}PGL--{qs<J!offw0j#uI>gP6hOfCLL^uH^E!ctfnceA}KU9H`sYajG6
zPYU0N8DySTRnC79nj)03M82?0PtZv5Je5|vxxKj>1|^Cuumw*ADL%jQ@*6V|R__?B
zeId7Bl8ouWc-?cx_N({XuQ%rlr<d8>X*O-rr(yBDpR4tM>LO7FwR=bCd1Ryd_fu=3
z=X%SUo$vkWiEoBhhCDVT!D(I4z#XsxGi>Mlti<n3(c^`{HB!kldZAHaVM>W{A?n>n
z^}b4~WBnb+1n+af0xiSjvf{PdyP`}~FONc*_0h5l^Y@q(a=W}6a4=g?`IxW}QwE`h
zm5H|ecu@!D2=Zd%*W4Eba%=cXJxYknAE1~H&0>hd`GhR6mljNnEIt?qgrKF?0t4`%
z%S4RgUFoo3v4|7u&*Jsf`QMnLKh2rej3hnt7dB#5Qz2oE^qRc~Tbw#j@!;Fb3og>A
zT2h=#!iMfuN=bJYiD}aCBq-Q^qH(TReDyUxj;NBGn6~0BFAZ51HK{h^+f{lBEZ$RW
zAdiqGP&_PB&&TQff#jsgAJ2rqM?ZBjC_^4=l3+!8SAmWT4+rmq%qZ4nM{4USPusFt
zx1-YNdYT;FX}3%MyT5s!<Nl_Nh9W$%doRD_s0Zv4-=MCC5F3#AqG(Tb%b=<zFyik`
znR7N`)&HFJ{mqeCK5S{rOIM&ig9~jkhj9Gb$)v)1On^Ph-WkrK_s-+#peZErD@DD?
z`FQtD-fhb+IYo#yBg>PQ?NAVE(JAs^uX!XVa4DQdu)e$x>EkO~NpL=yu1XTFo_*jU
z@={LtW~YB#R|(UygbSlk3(badE58~Tvnkh)bjVGvU%$iJ#s^j~!P#k8)s6FKXhTd;
zX#~<b*2V6#c(KY5Gi)sScu|(O&-}Aiw<iz1^%U*!GNiZSql>hV?6_5=*Uz>yEa`NG
zIr(uUDUiTKlz%wTBG?nF|F(Fs3oRd!qXz?*Ct0z@d<#?im&Jh}-q*Gl^>1IzxX7V|
zLb}roN99JHoa&bICtiGJ=xg&I>4(k}(5TOIjFJ5cJ(_EujZQBMBOQHIAiFI$I471}
zAS%=-C#7^POE;=x`xyV@(n(N~$)U7vZ;Yr0E_6wPGC<lmRV<tW&G^?T6E!ZH_B9<N
zmdJW|{-O%1SdXuoBz$#x_zb+~`NKp5JOP9z5kA!crbsm=P1(>Zp)XVT@+E)T?3&KW
zUg-PXeY7_|d^N40z(eSd>T`d4RX_xNag%Xtcj=BE9`n%^VOx9UEz97k%w40nyk_>a
zgHQO}d#YMYTIh_!D6?cz*#(&?0)IeET_{9FBZxm(!x7((knTOP$M`VYa0TmLYADuE
z7B6mb2DVbIC&Vlao~)_;ySXB38V4OgG%uq~Lq-adi(e~)7naO}fSGteB=Z<y6y*&v
z>B6BJU%vfzQ4Fy{e{;-+ur;k}73;SVKIPfiXCf;!X)Rlca(L6`eV3aw+`%=1k{Po#
ziS;eK%aSj-@}rUZt@MRHS}Bk^o({@<`MS@Ru`j`IMN#}=vyuX4ula4!9>3*6!-3$m
zwE5@gAC1qCxg?HT=*PY$A^bF`Gm*@>NI2A}7IZ|K=|&-kv@pn*ktL28g-A@fafS%!
zhN&QOkUgY@rMLS9&UD;l<HHcnrLR=uQf&B9D#9-Z&<qE*lsb5>6Hb$RD40U1MN^ew
zEQNwg+jWAM2Nq`sD65ZA6Rl`nbx=s7+J|z!s;$2bJV9X|tjFW83I<`ALDLO==IZtP
zYU4_83nWTd5f*78%0mr-@J!7Zu>qr8VU)a$jDGT{73(mrI>XLCMb2B&4l3aSOcIki
z)F?Qk)G7alUkOoBw0!%xB8s&UCY@?|CwzLf`hm|fq|7sl{_`!G-b?qXM=L)w_n{wS
zuf@+&Gz}7f$WfoIb&o2^jx!C(WOB1(kn*bEtOqZV^5;y#OSAa}R^$WuChUdV4f!F}
z3RymUUA=P81eiU&g@#6Du<6M`@;3?o{I#O8kJ0on`$HpMlh91dOm39deO#^+ML&o>
zch5YEGEQUrtuG_;XME9jN=9N@R*R(Wx&s6q%XzfrM}yD+)!!$Y4&2Lz%Vh~!vzK#b
zScICLV@moo>>X)o$2ae+w^b9@sMtatje7#*x6k~1uP|=Z3p(H|DB#s0cyk%(nJe)r
zmS11;W5iVRplgA?)M{=Ml$`Y5Y7f6~=JNv|uOH*5X`Sy*;-U#Hjwoh6*K{!P65<U&
z@GX=2MUiW%praeO0}L}FWQO6r3Gc*fBwoglJ^O%X&0;KAYNIPjK@WM2VXVmFVoksA
zio&e1W#n~nXWxB7G4$TheR%c6>t&J7`%fFi2&M;+V_-%wDsu0`s6taql&!Xx8~uW<
z^MqBqm2NBu#j0@anpELS53*!_*N0OV^Xs<le4@b*CaN@d!@Y+i53xx_mnVu8&0Vx6
zitNq#ij5l>>e>IOc=%38BtUscEA<<)qCZu*tfTJ}%1BXcqESj<;DthlXDc+tMzWlI
z;<+o|o+gS3pclnAi_38j3i7*JiamW5HyWic!MSNUan*pGhib-;AdC9a7wJ)H=cLI*
zhc@fJhuGu;YcJ8_n?4_wT%Y#7wmc13cbY6K4CzHd+tBuvQmUJO--xrM;Bg^Y;}HQ%
z@Qgz89o{}uWJk@&FO5>PfmOc{4p!nE10^=W@6E6jYbUyQVmPvsOFn~xDz$oyoz~l*
zM)&E4$WoY-Q=NkOY2{bnB~QGfMC8bTK>LPL1U_Vl{CWM{9aQ8Wk&3q@PT)Z5B+zGG
z$r@+{=4rS*oq>p>dNtIU%WX(oQSBD^f{ltO1>`l9B;0&}jW+AJK)l+Xm3~%$V;sK+
zA($4~O0Og_`pLNP`1O0;7T_v4kR$YVtL^7#5`etl>t=UF$Ax@vq_^0i4(aI=!@Pa-
zjMl($BP_~%qLMbhS%U7JG>7zeiNtjYal~bcr18)#mc0~IrzB`)rM}K=Lbct&bu2SY
zCWG0yOhGN?ikl>}>AD&kG6JarYW8sft8Qf5g@)Mc>=`i=RJ-hMi7z;VG@%eQ3)-V4
zZIJ7oRj2d5U`JN|H)6w6{ewnn1_VK~9Jk3|uX7!QUHy!fC94vrXxm%|9yWcOFMLZw
zkYsy!6!y$79;8Ncz$txuEjV}|J&SE*{=Pj-0jniWM`%EFp}<ewY9%kSHh>SwW^GoE
zXDF!n5J|-pV{Fj|&#IvVBw`%q?gpt^CH9b+&<19iU>(9@*N8{<T>|bWNg+TN==!nY
zkL@BhtMzamIV(OwlK@eYB4wxs&j%O!Y|5L1tPmUX%L1-^5b#L{)=D3KpXPWMKP{t2
z4?cYGoX<ppoMc^Af!FjZQKnn^^<;xh4%@m3=`%mAt^BaF>itC?_AgeUL%@V?<lz=&
z*b}PJ&X=zI<&9JjUeE~0_A(s0lqT`^B-~%+gHY<|ubYO$(fCv+Z4|l(<hTJj#YOxW
zsK^0eO+`J!lOlUYnrGxINW@#gp2~_|)~{=Vpnr{-OC)<PaUZW%nb!0DH(}+z)_PVC
z<f+u912NAj)um@o#ZTCE@hN(Bl@>Do)1M?Y1`EPpl7@JzoV8GD@%VewwUg(>^yHHm
zduSK5pf%BjCmqbr`^8?5X(n|@jbq_Es4TCY^!M`LI`3~!-r*$(0e5E(;OET;tV9%!
zuJt{Z&F|<oFB)bIn3aTo7wI{EMmhr(0Q#-?#0gnV1Fzygpn4G_v+C&R1IRvoAL*36
z`#v_nfyS1D@(RJ-U!W*D%vh2|<$u9cj5n6&R39T*qP6f#`Gxf1o|IuHPywDtB^&Hw
zJhVs*Z&a`zuuJ2<nr2%jRxZjhxsc|-^C)`j7xBa&6b#=V^(ad{HCMDzKZ67e#M@21
znN^@+t0Gh9IjyQ~6?T^1lqY$Fb~IfqBW#mr=v(_ZHs{>D!;FU}XPttUC=fL$bJ3Yp
z&hVH!!re{*rr5F~^-32t;#oZnj^;Qr)){-r%LKVNa;oNcbgI?OP_v`CHr%!$Ll!+x
z3cmyi&S4yyQrY)9qaDO-dX@uZK^|y1wBJzCMq-67wMbvSiRQGP8u;_WWAeR%IlzdV
zK^{2-#y5jpDoa9=B0pnB^%sMiWslW#zfN#A5e%;zZd<q~09xy%_6LEhB^Qhl+%{&l
zQVLK-OAv3bo9%mP8Et3!jWLzmZyIBQ|9X0U%uN>cHm_***Q>7mOUbi{oZYQu)F8G(
zIzL7S-};`?bZO%DyfFcy+ZCUm3UCAgPLu!@FH$*T?P<D1bBwfp<OXbF6SP^o6{{uo
zW&5;%K(hVQhM#&eod&I9jv?oG!m39~EJl7Io}V>EesR0<k-m-?i_!!coJn|o3WlPH
z;<Y|x`4OqN(9cUBC7beR@?8x(3FgJlzg2KgLq1%#=UI)w_zf!SZy&+~;oUYn3SFI*
z>SuGeR?GJV6oN>*VVHxH)L9rdA?PUQ^5QLVnf9%NkXBHENq45!x^CP0I3}C~Lfa6i
zmYG(%Xd%_U&UWe}1;?1=N&}i*bcz%34&ONe78Y}!rAAI~ff3JEx<yU`rFiH7KtHzt
zlmk*VvLR4wVkyaX&wzt=6KhImv2MqJe1;wKbIkuvbtrA@nQ8Pzv>zo5pgYg6jb0os
zHr3P~w=CWt8s2lb6mhc$A?<_H9MXU{-;MyMe!F)=ZQ_c{m{4E27pMVb97@GJrUg_R
zCQ)HZI~<|&_~<8m6K(y*N5FN5MM>~fV(v0whsXEYwdGtX>c!PbuHUuHk6%tR_#L2F
z^z~hG$~6GBkyw@vRlqrC2y(n0$9kmCjRLeQY^qyck^B4*3*-gI3Mj=2o=H<)bpf^)
z(_)hYPSia>c1=I5d@v5C{G%jvk<4i|A+f|CXliV;Xa5p-xQunAhxeL;O3xX{B{JGC
zer?9d?N1a7t$zC6xVQxnuk(ggs*9)fH$iyac~#P(hnqAov1*aMP_IAd_k(jD#2INR
zkXI|Pr6R{i<-o~vG%dU9aX9n)MWOTP_guv`hpj3VvPW+H;q)}0qcfkp+AP?2U4Ns#
zIp}lHz`R5%bla*MOl;q9%s~th9I)oJue5KcSQ=B(rOEZ~F)hCkx#f9RNe3H+al{ET
zK}U=^dSy_*(5A{zQ!X{yWx^?qT4xj*pnAn4feGCu(Bq8b+ad7+bj9uSNu@NP3Mb__
z13_vGA}al~2nQOW9@SY(V87J-4blW0kH~@^1b#u6F$BgtsrNUX_er2c7Z#2qu^CPs
z`+PIY_i~;CP<gcLEfau~4D~aoFOeRgJUt9R$QWVua<vzTYoG`Y+E6PP1&8~3gUbaN
zR;5qKgA%$!hnLPUHR8qDFgwq2#t7U*3V|{dk+0XTjHS{SZYD5_V*<|55Q2{lOkpii
z$~k)|YQErZmW$a^vs37Rm}~n?@BULnu?pZNy2mg5)O5-Fuxf`#E61@L&H13LL>9Q^
z3Y~^Yn9Ae;;@+R{4*oA`egm8!5x5jQ)~ixH?-#_-72g#E6hL}#-16lS*)T`*n%_us
zGx^6+qjn(4AG-ovJzHr9;~Trvjb7uMS0#B7|KG{&pRy^kb)P2TzV!ZCNPD)`BWM$b
z2iBlaLt%RVY<@Q;N7J$JUd8yt<Hz2v7`Sbf`o8$NX$;zp?iHB+UiKYF=~}1}i_9Y-
zQ|YHoUbp2OzlJm-RG6o5wqNY93^6YT37ew0Me@FC_UyYO&St^7uTP|d%IN7DzH1ye
zvvrG1?3TzQd;3fqWE0v#Ny_%!Sf4)rk!Y?gv7&)H7~`_Q1jkR7Kg~jNq{zK`;$M`A
zHhNO@-@tAIQP7E)SYByeAI#RU16JotBC#8u<LH^htAmP~3>2@MfEAEJ{S+M&=P~;T
zcxgLAm1<hCdr>e;z}rj%WJL7hWRfv-yS?CNu1ykgkJ}8sQ`P|5Y{5PX9#X9l+ui{|
z1-phyWib4-lPsUJ!9HtuP@pG9{p_g2RJ%bq<G0ZhVZ6&@F`DH=68w-z$RmqJV#WmX
z6s?JEWETC92h{0b8#ZSKk-{chh}M5R;=w~UUbg#I5HhF?C(fGEz7m0|RVqSWiP-FA
zp^P!FU%&AaoP3S~dxU`fa8Be2s%LwD2hCmGhg+gD2U=L|s(8J5D8(8LtcSr(A;3n5
z>HV>*zbcf3^fZN8Gh<Ro5z(dL2r*S`AeB&0{N!MsDIeC?j&4t^u(3&DxV|Kn4I{km
zbF88cwk#0V)Y`hn%p@9$eH`KFl^|A`3Q|3VNc)j*QLmX9<);p$R^#xx_g-KuQgy)~
zHsokV6vm35tIh!aF_88L31bxmSxZ#(GjPE1<0w3~G{{3~%HvQ7^o9p#$^Zs&{sw|0
zB*G<;snT?Bi)bJrX-zANc2<mlm_^HI2?fw9FFt&CdT2LYp7Jg81xv&^6)ZZ85VuJM
zcIc$ugSYS29%Ekbf;LM&L2U1*Rl)7B^2Axy4bQw}m|;#gno?qYrZ<B4Ff6wDW9vmf
z6DAR0_QZuhBQj(uX<BlYE5*Rht~GLgXXJJbFg2g5d>3-9qAwRQDJ0B|ZmSJp4<S%J
zm-ZDGyl&|mR+Uv*RQz8;rTR$t59uk}Dt#aQzR~u_cwfL)W#Dt-fA&Ysjr8K9R@Sxs
za_e-nBO)V4`m<$xC#)C2@nVN`==0uiP`@SYdU{y<WfFHnVhe9oaD+Rd+u@<>(-<>a
z*R*yLus?_Yq8H2NpQ1ozr5|gh-_7jdAAn|$i)e%xkQzay+sMq&sia0o4`Wl_16pj~
zb&&Ze`V1-F7l@$+8l?s|3rj5oYH=w~PYG*=*!%(uP^J?_RXp<&RW{CEeV`g1j#TAS
zwu)x|0*mHLnlZ{Z30jgHD}YX|YV^C3ZAqMztb(FC2C%mqoG2S$bKHpZm6_bkjP@yz
z1IO=xUj9TwWZ{P?t8pW{$Ho)6qAny1<7PJ}UDVG=v$`{+n!~#}Zxw;bf$frH6(I+n
zU!~0b-EE9|Z2Lov9`%VCJZMEyE|=@*qY9Jej(Pl1z928)7BE7N#9ni?1baT=hcVlP
z*A4AlJ`a+Y>XJbnvr^Wz7d#2j6^q}!{B@X%K}0CQ3QN$8%;Yy5|8+{ttiducoI$W0
z?)$MAS49T-yV+9F`0&DZH46WF;Bf~=TR*~M*kM~B3d_S2A#bOL!?f=Lvs2U(#01Fs
zFG;z%lBei%MoMdqitNt7zUf_8HpB?ZYtn=IIb$<gIT$g4CRB?<R!ZwP2-`8{F=pg{
zb^>#I=;Db?rqMq__)Sr3=jLF~6?x>saZ;JcN@g1Ebn)NL6-wbG^&mR$(3m8DTr(y=
zq&T&R$36B~Ur1w8A8PKwqb6m`ERT5zqe&PEZ5CT_YF+?rAOzTWqV*CzC8!Hj>gyd&
z-&KAbMXz|~<Y$B-R>HnP&Nt`Q580?5exm)TvcOE@LWg+eV>dr;m_-eB8IFsj)Zx&u
z&Rq0I2q(`Spo`~FF0Uy#rwy}x8mSav%bF5u<mcObNDUw2BTsFzHCI7_k;^HzIdp*p
z+Lkw-D<N%g!e@#~{hfzw>|h#n0iqv{wdQAuuHWOcKi<injbGRWmzBy@Eaqe}Vsscf
z7+hqMP*c;TBGU4G{&In+3GqOXo|O5I3*g>JgGpS<wk)HAZ0Hrqn3ZEqDzwj>&TCUk
zN@O!jCjM!c+DOquxz0^^X}7+pB7AYLu0eN%*MO!007!_3Oo^4Aecf~|M*GO7jP=kM
zDOvB*B5VLMq4n_R!61j2wNA|v8<)ETCWrRT>!ApP<_3Ph&67xw!P$)kwFF{4S=Igq
zY=v4D($ArZIF&Mjd7oIhNAI1;LbNF3nenDXUuSPrf0JS%JFbApR^!Z)H%YMQk0g*t
zHqH6%KRP6?jYEBr()_LUqy%EwM>mKK6_V0pm-&TP?OXKw1+v6&q}!ltYc$7>+pNAt
zWrNuc?1@)Z)LZ*er&>%G5>d;DPcz26x6*<VN8~i<#wU&p4|c#Qf?rGU=av6ifE{)F
z2&XF?up4U;H;;$?0=g1Mkg0Tvq;bctD89{jYtQ*bO?e=6qTx-X(51+rMlVE2c3Gu&
zd7oX6+mk*V^?J05+AHd%&BI}W$EcDx*$89}@7S&E6<cUVz5Vv7xYoWmx+|*$CK705
z71JetXS42iZH;NIIx35_IR8kTZI;0+Us=LbCN7F*j8KaWN-1ukOPT{lG1DyRL17pg
z40w|to)r?-TtXmAd=cwkp!-tNIY9&(9gItE>jrV0BAp~I*%uGa7W-m#wHRb*ZlxbQ
zA~)cQ&F25DFK$6r(@~4CnK(>|^fvH*P%%o9)P&?%h&}?lX(r+Na&l#iTy~2KMAC@&
zm*$W?_gzHos}foxiO!Ej_7{J+{DP1tH`FtWPfSlp8<;d1SRM8rne@<hHw4#@G?zSa
zpEDNI9WB}qcEey!BgAW^;mEYCkCcjB{K9osLF+~2P#LU+mc*Le-|S|Vb5Z4#Ez997
zdNUqh7Hz>|n?v*2i4M`^DaP=Oj#ln<hd<a|U-y@fGk=VR5b>`D7#QhO^3hx{Rp7pE
zP-n%(Kapm{tE@4TEWV^9>IFev(q|0E6aEdt(_p(P&$Yq#eC5_uIF->QH9h_Aw({Cp
z`{qwsS}^kGpQ^-zQ75b%)^3&ta>)7#zo!0(Wx5Dn$E!T%A?GMq?@nUgsBbNv<hML^
z@Bhvhp%9O1JRZ*Z3yVxdGrU)VjrW#!-{Z4POI^&Quo4*cdI;bj#Fv-V9|YH{WictY
zptK($YXO;_in=QWZ@y;aqe*y=jj?RnomfOm=oiACD@$98P$FhI!PJ>k6D;gS=*Rc;
zZr23r-h6Q{EbJp7>`?1Le%%?d^`OUlE0VWLZ$I*>tLgX3hkLGMSa_5^+rbWI01}8k
z5TlsbdtvcShx9BrE?Uvgnto@9T&Y(u1wscghrg2QCly3zIQrYtekYT8t9{!SW^#6X
zJTD8%a2fTr8~dJ@-CWKmF3&RA!o7S>YTNSMQ+}Yvr$qh2K>tBRbQ7<@+qlQY&6zzb
zvylkP@cXtQ`R$^F&etk~uWC_@3Z@trsMh<ED70{~mH(}4TzAIa4H}eU6Lo#2iVA~h
z>+4Fo&sJ3vIu(aw-avQTndI4=DHYgMp*B2U9?4~&s4-m0#CjZ#`Bdje_h>dw8*-q;
zV{QUQUGA1vq#}<>VbA*bEn2-1fm+Y0DO&rlzdc0X=UFo#Fp7bhA!{_+E|#@T|9GmL
z;a*-W^^4Z)4tPzY**4g!e4FkMrF0dg&t}<IiRD5)h=sfI2C~x_W)Sb@WmYO1J*9jK
z*QAx3OCN-vwc?*?$30qEnxQ?1V-nFqXNtOBBtylsOas7m6FTyGgIIpqt#4A2t*$bW
zZwP*MoDDIHbL}N^NK<CxVeH8N*ie6v!;<p|1)I|x%QM%RWa@JvCX$R8!=B=^Mj|7@
zpVC}($F^mDZgCCSt9RM6%8BdAs)~by8GW^DDI?sV-W6eweWlQ-oHz_Gu;e-Zr2V=T
zjUR_jKy~8Z0VVg^S1rV!5lbA5?>406KmhWjLO#i_v>5qGkoV=$!K=P=9rwfea#h8{
zUKEoJZu<Mv#kH%)CLN>c?UP>38}*fnPyLifZs}Vo(HtqJ!tuH#3duS;qbXooR}{f5
z6!B0SbNMwNyRSkX>pu~(ace73p832c_dQq6A9;AO4XBlG@IwFWirgo#cl_!$8+^}#
zAi3WkO-c<Ii5wz-6fTv~dkb#>rBq&l|KPNjxvUR%TIywq(RVW~qV65!AA(K@YeO`u
zPBZ}X`91M{CHeC2*E;LtcxNYz0yGW0?wm%)f828QZq^9q&xh?N<*S14zEOLUt4M#R
zlQw1xe~EoO@}4WC;6MzQ9l962S*2c_1u#;!{R4hh`%$f>JiKnl(=-_rrhXJuLCPMg
zx#n8b>H_In6RHLqi`jBkeWp4KrIjqlr?)`e$r6f2P$}OiDp-VWLz$Wf9K;^mkTrZC
z7#KVxcwU0MDs;7Eiu!n)41%7d8i$?8?R{?9a@t4s^$;l7INa8{i;u&MUK_^hILC`I
zCx>>SOJ@s4=Ha6#W%C}4B^W#Z16!mScn@k}QNm!-uag`G;wkH_r<wBiyaD}udneO@
z+kj(=+;%)qY>tnQQh|#uIxN;GWcwqazn_6KgEL@`(#>v;2fx8FvvPpWEp8Jc*#P+3
z(B&>it??@$#o7kCC9ZW^h)d)Q7zvy2=h{<%6li(sv6&D_m{WV7v%@f)(sGoEMaKP3
zLKt!j45qd|Vcs&(e%8r<>0*I14Tv{KOETEtFhG%?dckg9z&06pMG}npO5tT_IXW?s
zmf@6;12ChE7k`=NhiOI)Gc9Zos&PZul=5SWj%({uE)xYI9mVh+_5H1L@wX5a{7qyx
zmBYNTlv*NaT^a2sgJh+YM8EW(j?@fJj_wl%uyJjiDM8WYC4*RD4zCyDinHo{E`3`_
z0EQ^fe0PqO^5qd?4rGIAp}}Sa{i$#LKwBG3TAN<0Ep^-cQCb8({xQFGl`6rzk~Ll$
zIKaV48`bRbT0SS}2%Or))q}-612{hlxbBe&_+#K4h$~WN^6!+yPhJ7kKskfQ!M+X(
zMQ%gX90QeK?y0z+kIB!aqDd&hxfh%;oNkGH&w&k~g0#5{C4lmJ`VS`3!co19PDWe5
zkr(~aCoAm=RjmMKz>u7vq!}5rQ5^O5F6%=iRzDAsUUi*R2=z=N!1kf8`T`t;vC{p)
znTOFgEI&=Kw8+BAzEkQMXuYm~%CiWBk%P=NZ6>IEy(^?~ztfmC+3KG_CR|4Oq=44Y
zLYgG(p@Avii+Wn&_X?SBu6G;*yaOxgoeDIvTsk*n1-25T$Z?lcslR5|etTGPfJUEX
zG;^L|Q_c9{<lQ5eI3nWRhoRH#D$g`<E_0Kl=?_0iqZ!x5Py1mZC~6AaojAEaYWX$t
zh~9laV83|(KFR6ij`UZ}v57MKL&FY&5{Kp12B%MhNKSZA7W<y=6ea_j@2dCf{Z$h;
z31yT*SrQ}ZBee7LLfJFi9{WTfdUC(G_(b7}is^M(7(ZO<jrvQH?d}jk3H78!%4{IM
zE#mTo9a`|tmH=-Y^H~nh$Iro%?>rDfP*#9nbjCCCZq~tIGb2*aH91}Z^rl=zrtsRB
zUHqKTT`0wmu6r;`9?MbAkh6Hu=layyu68Wz?W(tBF^(h4k!<zYNt*dcBlZlWl8O?`
zGJsRlSNB2`XIdlJE*(%Qf7bSd^0}X^ENkIYJ~eRZzTT!`EbHm1ewfPhp%>xRH&1N0
z+PM&26i4Gxu)&OiA0UscB-|w6am+a*$l?m9;uk##8<@B-AEyTaqQ5AU0md`m^bXE$
ztN;1<um@iW(>VNsSk4X*p5^z3DuD$pQv4SLo^=Ep0gnm+4H3Q2_MOpu#2Kp!`nSC{
ztN9kZ`qb+iQ#iJNE)%-q%zLUq3`F05Lf)_4iA7?+=U3orn@&!g)g+?Lq$K}Ku>P@5
zFw1q!U<3o3Xx7>LjVUH?Ed14OeYv<Ej<g0Fimzm9G8ivlsEU6aok~;5U%C?qdpzr-
zVa|_Q<lkdEKbCh4&S_p!$*ebNQHd}tg?htKN41+Za&jAAGrV>%2SlyyaC8*Cbd_o?
zY^+k)bBd^J1ZX%RQlJEj)`zYocDT9sX5&8500GXOroLNBz4i2vmSr<GRm56d#0|qn
z%9FnNRY04wst%M+6q;fb4BzArmqddG$x*U-!BK-57Ir8qA2{C3G<->CR+hy=>vQ+l
z!45!UFYE5feiCY1v35Q3a*RZC&hhYpmDyd>vU_H205DtblK<TJOu)U8GSxs!6t(sm
z8eJJxL;KzyD(z3?!ZHX^uc^&~{Q$>~y|izQS7(OfS)zB@_BD_fA};hR1e!*dPe`pu
zhiz8HpkMYMqY=|nJ`wTr=@DLNa(FgDt-eYki>eyp8XLFi$Iw<Shrd73swk`M^nUNk
zJ3z6FgH({@1u@t>bMkx#IuVN>@&&55+4FMddvi+YoK%A&06zC)N@GtUD0sBL@WCsM
zMXPm1t0Bt_IYc^AB8wvZRkrhDDe2j_py?f2X%?bZ2_0@qEiHyB;S$bDI-Cn()?Dn>
zniZBF;sr$2ONDbQ<<4>=rz)+Eq5#tZq>X6%;TijcnlyV<ZN%(N%%g8AqgDwykIE&+
zc<`?QE)=gW%R#vn_@uk*wg4Pr*2k69EQCr5+XC`c9?`XOG}0b*98E#;MlS|>wz%dG
zKm$Rd5;TooL17;X#|dPvO$LL>l*z<V2Pxb~(2E{m6xtoq(D<QI!lrc!S@r|6j1n+;
z=mq@BUl<F9BS};OsvRZ9v()Dsv|p-%X?sSZE+|6r9<o<9YBf>_!@Gx4p!xfPd-N)Z
zRR~1TD3Qaskn#CGzSJa$Ny8!VHUH44m6}fdBGDcrKl_sq!G~L1{P4w!*`?3n9d?H6
zmrv)X|LLQqka34+W!HURW6xCN;`78L!y6})Np98_jq=;=l<9WHs7&?b`L3l>Czm1J
zpQ}&fa}5=#Ny?8FY?h2LZxR#nn~#1JOIJ#=p$+OBKl>^3(0Q}(L7nQp5{6b8o@B8G
zq5tVy0gscHTfLEAgGkX#S%QPBEw`=KyX)rRYyn^V{bO`e8r70%Vio?&YDMFVu8@lg
z+Cz+GHboQE!AoX{F!N#45sPTX@@?Kp9<z?@;j0#x(skltGlLS?^Ypz}-#il0C}{$C
zg~`2ZvAOM+<{+IWy^-m7I6VOkc8fFdVc<0RcZie_;iU%=STyUHY#B6@T?JP_T#?x<
zwlNbSa5$bHEb}^;jM3~19Y!r`yaGXY&@lC&>E3<aFx$&5JQcLx=i;c@FJOvS%H+qa
zlr+e(n8oWmW^S@bbc%_#tcmf@q<?_Zu#El2gL54ZKe!!gm{P*F>WG@tbcU&9j3~6%
zEUQWtS+Z(V|BtY@42UXf-@OGvh7g8sm_brXO1eWD0qK$!326}N?(UQZL1_d8X&692
z0YM2#>F(yN@%caJeb1M3KIjJ>m_4)CUh9tQ`rS=2pp<}{Fh?RaEARv5rkW;c;HNEH
zDH8z(78P4{sl0A?W&xf<dAt{^`|dX9tk-X8`p*%(9&EkadRgTBvtP~U1E1A534juo
zUAvFWL3!+!21Bq@XK75KWJeUy;l9UCa}0W5Do%j^?bUGAq27aJoW3w#lg!yN%xyK<
z)r#|a6>r<qgRmnV%#3F_7*r9oEY5K~n{Kbv4KgPp46(;DoRVn>C9&o#;(c>6WV>x*
zDYufrBRH5Xo}^bq!Ha)n<g&PNQlwJ2=><!EaGe4zL2<2uCn-bbb|ZV<F1`*Irin1{
zlz%4hV#Tjk+n|#HYD;-w(L+vfCFhKXpqAp!1Za9m&?&Ql^aF?UcE-!lsR66kAu?R?
zm|2!Q1n~MvPWks!^QmaR&%$-0d6``0(HSjl-I9<g9Qo&8V1gn=U@RX=r|g)Lb!qNP
z2d*N~R6#`BJC5DE8k}X>p35awrCk(xN^JpF-LR@JyF%s)*`n_n4@3?rhMIj8tfWQg
zMqv<#p7<B1#2J=3E=-}&&z7!|9&CPqJa71`xsEeid(`m?H#+AXD}`aU%fZaE4_~>E
z2ZjxGKdhshmn&o!1E>Ml^4znN*^SuX^7eBz&wv`yUaSH}eFU8Y+N)#9C%DO&O>0q!
z6XVUs!idD~y(v2q!$<8VZN<;GOxeCmn}s`7Xnt(v{bbPmoM4@%duKP&EqaW6cx$bg
zHcpONLfr0p*83>BcZb0F9EfsjEl#XD6Ekp}hehJbwMUx9XfzvI6FXj!2q{cGhAR_P
z|8UQ;kkU;T0)=@#5}IB3HYSq-tOn!2ex%^AHSPo&0J$VKRDt_Km6o~^Sr%7UJib|&
zb&1Yw`R+VhLzYH7h1&Ic;W@gd3W%=hLvcO5?w>_Per)~W^EK&sS1>~}IOOr9SRzKk
z5p1&g*|dkRTTK0J#CrGM?c;4BhTsr*(H;{ziuI(Na0eWN*23)VbdI;{H<rV+k8_Xr
zd`^S*?_JOAT^((F%0MHmO9q$+KD~wT-uLcFijrtBfoqufO{?_e&BbThN|?9y<_q?`
z>Tc{RGI_S+w8pAER$sicpQI%mkD+0t*yK22_tD-BWDc*|--cRT5fAoLIq4dkrE`Zu
zR^v*KXX1?03_+5^NNO_QR+<6z+OSc=if^Mx`(cQ!fFMzZu);THK_Am57oT}ZvN;aa
zEH3`!9vFvHvS46AHLV3BJ+FpWPZc3`Z{6;T@zb1ElX&$KYgKrb@s_zYO?*_B91*E0
zp>q8mKq#|T?>m1N)++v{+559|65F+D5KyGHbyPm;)kUW&kofS7tq){w(bx}ACLU)5
zNi>1aW21{5;nP!G|006UY?)kPFi`7z4w0PsKDYH;P*FKSmw%<)J@9nX&R&Ka1U)Yc
zKj<5fQI=Ph{#MGqld!o@P&wLzpO`J*OAAyuH;Y9&3}h&(ch>B>_Dd0t)JKoPQXex~
zDy=np+sz$RT-Un9<yrM<II12^J1Z8x&eZ=yYL>uBCruh~I$LkAe}Lv%VMI@kBIW{w
zIFmhMhaRmOEf(rW%>}MesdnL{!?QM3AUd(7mXIQYTD*7&giQG0lt>!N{i={vMBtK&
znHni0k}M}o$c=R<&6cld2eAXuK0-=PPT=*!ax_X5B{ZjT)ztXelKBf2!qq>SY@!YG
z$4J%rjqOWbpumX_dCo@^@DivspO9_EpXfu?PPS*Tqh-G<Icj#x)|>7qGWy0}nkKvs
z6TGT+TUhUIEH<72oTa1UeUC;s&vHr*g<MYdqb<_GezbOANYrcftWn5NriP^~&~>1E
z`_7dYyhQ%7r0Lz$3KLlh4e=UnS-sD1OW6z?JFovNF#j^H@n+F9sFC~_*_YxvQovUW
zim5L40s7$#QG@Sk^!wmVU*Ke!EO4AYA!ayEJ8nd{c;QMHkXV>S#xb#`4o_;)tB$Z(
z4ALK2fegFgk6ps*?g%}F+gb>(<LM}mTx-*BzJ1E+#F1tuiXmNO6oLJEx{n_<VRj;1
zrv)hbZH(JLBy%{yh@F~7JOp0XA2@D)eu!5yE^e@^mrODAV8CkP@9<e7Rt<_lqg_Hb
zuJE@BXAMk7RAU8;^I2CLqh}*_`aBNBrK1MB7tJjnG#?#hXsDyLBGpatKKUeF)!34=
zG$)&7QKV5|%*|+g4WI2~`s%?kv5mKZoe$`^t@<jHW4uPgqY?RKG4Blk5WRX=Bcq0N
z!#Rm~ph@BI%P!ydGS2m(fRX27NQobJP+w4%%fo9cX|=W4<z5c_9Z=>%mEGwkL`m$M
z6+cZv%|KN!{!#2^WS%2m{PKsV?=;=TL<%fOm-%%WvGyo?O3Q<{l@~{ASvZbFOCLci
zH(qO4Zw`!wziu<~*_duo?czFkEZr%IJt;*j+YtlQ;QrfSOl}uQr=OMGJfq__8yR@|
zyGVgBKzG*XY;LUDRJs{JLH^c{s}jD(^J2IM=TZPE`><%(*D`DQu6V#~7yxOTO|6cG
zc^n!YC<~OojYC}_dgur2hAN#$uTEe@fzzJSp*UQ81T34Xts=##Fx}+dmz9n;e|)cY
z`lLL73pz_bva0nkawDp7adnv#Z*8~6jflm0mkqNs9aI#OK<_y7(tF~x?)>H`?~Z75
zU6STmEENm?AJ4)KXMh9(#&1r&FYflQcGrc0RDnmQ2n3KNFi}3zauza`b_X-X#zU0*
z57H?DCepouIo1*=Tk_4$97L-FTl#}KLb`{WAFPNv(iry(d#o-M$JITskP!Q;UY;NP
z<Z;unSvzFmgZoty&rvU?S<brOj{%?^@LC?J=GA!ia4281OiexzCj|l7FKz?2)CTAS
z*FsO?g7z=gtVxo*dR^9=jp{sy&99hhsbp)9Cw(>Jz?VK@zAI>!h?&n0=dz#X)fA!W
zl5}#GA4F!?ott17Nx2%o_xV2bha&-oJk69S7<f`bcJW>^C^+n$JVo!%s`gti!j_K3
zl?bNXSK*}Q>JVx*5;kSsjaczp&j>j@1m?<pC1Q@e_#^@b#dNzoq#vvIH@tB1G9)+$
zq~qKUvjRymSBXj-Tt4c`qGR4z-Q8`mlTru)@W&etIIHf-!n;k~7Pjc^K*nMaic9@E
zd^Vb#2M0fBor~!ZmG{k`SrD-M=(18fWKmsebkMZDol8x4AO4Q_#u@g~5?J~*fU4ws
zi`4PPU8;ctCcYHGl%A--^ZiVW<vP4pNAq0whmLb@ldMG?W|b~sIAP-$hTT79aS)|q
z1r$I4X_~^V-2XzKX(>RCow6pse}K%SF?-kfNDC7ewP*9R$<KKm7Al<{=9RZP)F$*t
z&oiN`CP>Iew8JxCxE7o)_iNuPFa|@DK+i(~nZ`<9fFVreTQq2BW)q;#F8!-|R^l4C
zx{N!B50KRsdb}voD=RScxo<PH_@HI$6LtfwxNj?zv+o3Q#ss0i8E4cNHTF5tl75^M
zGEpNZnHfHcOakDUi<b?>B!EZ31p4%N2~@|&Jb8|up7>ImC|}GWo#acA=!8n-UeBZO
zjKZ%<W1lqNW2U+T<*kg&uBOaHX53oUZ5kJkEhTZ?lUEqOqf1Pf)Xj3_;%MwoQ8Dhl
z#Eh`A-}$xv>aGuKn-32{HmP6bvtoEZ^3NU6qCF6EOc#0U{LSUrn&ahr9v8$5b*c1n
zR?_EfAiTsFvoHYPUe^|!gcS}R_BUwNxMmFWa&+TH^tJXeZ^)jqzvx4cT0o%eXi7a`
zkKG+5bod4I`f2u0w!D{sPT7=dfuYt0g#LI7O#x;nHDl$POv?_4ARZDn`Fk<}7IdeJ
z^EU9{_?P)X!7$yPYRDhIyPLkB$)}*bod%|Fjasxe?#4kMD+$zi%2tGBLAgmID}gOe
z4{0@*eoQy~22`C^JBW0&*;3pc;yWFW0``eQ!${#4RI}!Amv|AjV)MS}1dv=HK;NDN
zNLqXYjP56Ne~6@H)ul5Gt6*Q5Q-Czj3p<50nU{w=`NE*lu1oZ>`V({nh}8s4NJo5t
z_&}GrZMAc2(b44-N*G2ZOQ06167x~4<?cGQD(x!XZN_7;*4+N0mhp21=`vLojS1o7
zQ5ka-ZSIoLsH>U?CRCcVf4y+l0s_(|8)?YLm*mQB*&ODa24A#*Ac0~m=-g1Tt&ABJ
zdBVc3U<1MXKwZd_$~((iqj*pq$NGqbgyyuSUJqMcKq{O8^Gs~%0=fmD5s%`?4$Wr1
zRCSw8l&Dae3wi;af8k`e3ItC5E$kibr$YIn3q9^7OZdOl)Z`Hx0}u9`CKFUb1)2m{
z(~j8DH=YOggMSISb`2*s>i&Qw&W=`ny?jl`3dC}2-ocK8$t>_8Ry~0lgydl!Pz;q_
zHWbl_>T(`;b@iWh0y)VFC<pSG8=UEb7QKYma3M&Ct?b)Q6I>p`n(50Wb;WV1&2qjp
zWQTV1B@ym`BO2l1Qc{6JzRlyUuW$I1AcWc}#6q>c0I&8BBGEKiQ>`+nrl>)6!plbd
z0v{H-SBPFQ9A$w|4detiL9dRBsw|c&d#$d`KctWvKGPxs?HZKn``{53Ii7#F*M`ak
z|1o5lX2b}^k|*W}RE>HmfGSf<#1^RAaXu_9Fre><7t*Smrb=mx*m@f32t4{gzVWKy
z=Y3Q&bBI&9j7PXVn9UZ0{*Vq86LV_s_U3BXl;sk%#uX5&)?%t6>)6z=CO#l*{0tzK
z@G0}***fbu5kU8mvtD8Xd@ox=i5e<``(Y{A*wmBU1Y^)QQ~A;uM>Bo9dOq;%1;t7l
zzVI4^nJM!5gj>);vtCW5^gO8~#(Yy*@reg$yvt*zfS#c3Q`_nEcQMDMzT7(7g;;ox
z5#MC9`66y9-lR$5zUN0Rf3XWwE%20LRwSbcmCR_dt3&66oaM?y(2JQp;~B8a2T{-v
z+I=yBoURU7k2jwA|LR1VHCej8s#p<ZbXh6OnUsF+2*zl!wMpxe7)m(%i45{ox#9Fl
z%ue1t*mO;6lB=HSp@=5-;E}r=NZa+{P-r&jH;0pFNY70r(HDaak&y+fC=l&wyc+0|
zRA3A!BD^s-x{VTp1yloGzWgDyRaqyprUUpbgv;TUg#7B^84YF^8F6(qw5c2jvYqS*
zz3=@|(8Cr6L{AI6=`Gz$X{lUIHBqhb2#eUsl*A&Qrfve<rJmF&SdVt)3}+8>rtci6
z<!j93HhsYpJC|T4HtlyeNXVI*dAkrw;Xr#JYCiSybo)2s?YLsAOMlmTu^RBNc74*4
z5Ie#D2?Aow3L;19Ij5ivXDuZ(Wf26BOsKeT|FLZ;%%yPq`2rW#feF_eaEyV~Whh?a
zd;Yg^h@yxo`(G^p9Z{wqu)5mlyhiwm;aVQ<ypz;y-gjkJPdt^y^arv2{c1>AyoJ=d
z_c@1Nt%c!l(i(UCx;3_s3o`ip%Cj^I?p?P_ezj>WNnJe^VN-*W99<_-f9QFgluVBl
zj&TECm~j=-(4GsRM=^C#btwq=EbmM;o*4*;jd>=xp6TEJ6lc9#A19k9Q)N$g1st^U
zye`$8Sfd`40`L{k68P88a*}(*Wiv_e_Vrj=zF?W#qdVuN=>S$dC&)yyhJrY%s>hG5
z7GAF2wQ=^5(H|@iD>Cd#fvW@=zy%QDcfI(QO2#`#u<+Psi0&oz762qZ4xQp63aCVG
z<=SlKmyAw#>2aXYU@3=UI8n=>jo1*H&VS2J?kZbx96(i_@G&I5(gCfgqKFn{R@RA9
z7QvRetDm>NsLT;`#fQQA-?w6;3x+8g3LiK&&Po8W`+d~<5BU&_2T0R`c@AoM@r;n?
zQ7>ril{`b&n0l3>U+o&iQg8nkxJM^-yTm(TUjvja0Uc*xooMLCZUoF^zF_KCyq9K}
z2@#pr%$c8H(a`n}QPje;$BAOdRvO-w_akd^I1c2)hfuos8l->pSFuw2(#Wq)yINd*
z3x!BYWq1MCbBt5)6wfH9a$nzK9_lD?qK-HdN?uV3iAzsBD&ojjbU<cBuq|Z1g`NMJ
zo)X0j9fSoGI#jl`Za7kRijbgcEb<RQJay~EJDb?zzv=fz4d8LncN5AAMt^WC*?zYJ
zCXB5apQ@OkPw~TAo2p(OP<_Qwlp+_VE!}D$=<?JSd^i0VY?Jzo2~dr_Pe9tjn2+_B
ziCHXeUns(a8B;P<@ye?J-^psjm82!kE!**?mm9a33!$;epP*PTBzzSo+y1KG#Y9a3
zQ!z4rWeteIVn2Urni2mW6}x6&;4H?$dNQua@&i~TZZcF3CDqvL9*Rfi)l`^!+89Hm
z1+ffKrTCkdw=ZrdUJSXxE2aTiL#3}4;G_NuQQ73R6Li&c20VtMgPT=&k2NC=Txr26
zh&e-?QIn0|x1vZz+<!f*9!ZzM<x4O21;7`jLq?ZF5^nA6#h5ya>ifWvk;R#1Q&huT
zA+ck;`Na87xxVR2jThJV`0s_klbX;5y?7ea3B^9_Vh&I(l?P&%dZYUJjGKI*I;AMD
zD}$d%L?tME0FJOAs}y<qSXJz>mY7xeP>e5V&#i{;R_-Lp&o*%0LA=|&T)t-dNq*xV
zw38Po#&~=?#b;0jtlse{D%^03)W*;`@S9ZzAe%?(R5t}thfCQCsN;3kYWa;jz%|99
z>mpzg{7SvfaRrfpin5$54R^X~mxV?>s#0f#<{Q5R(^t?qQvu&7OKKCyv+LmZN5!rx
z0p$u-!nJ`{L2AiXmgcchoR)de;<`ZxU@A#9?m`h}0&TmkN2)xW;fEj^aZu!cYbp^D
z{y!NIi-l4#a?06^il|%^G2o>)+&BPBg7;0*D<&#j-Tl@}>{8()?5V!yLXef&<D!J(
zkkbJkBSGW{zum9zmEAU_IgD|lr|EhapMe=h*a{CC+vOz+W?7=wrav1Sp1U=<yG$cb
zx=fy6zXo#Xn3V6MRKNUmYky>k{szRa{B%)E#%-~Caq>dTvV1Q)?(v9W(1Gpty&k9d
za_JVO6sBoQ{OG<@&TrYeA4U@#quAplnBw79l*7^?l!P{4FA_f*>X~;1?yK+e*nRMB
zu<(&5Hp65=8846|F4z6^V(`UmwPooy<0fq&p{I&$x7_b@dz`WT|7}4~sV$+`TWtv`
zm!Pf7zcN6gRtgabS;lxsVIfZtvh{Y<CIQ<zBmWPeix=!o^!@cG2t@xOw3=>?0|%*d
zmB__P5;vgd96dMr>|hk(uB-$x@!DW02k{q+qUznc{CaQ}G;|!Bbo#&T#928w&GGVN
z*wTS+W3@9<fLs#q4dlneZbb34Lat?O`t=B1i5!Q|@eiwR=L8n|l+-<{ZedT1)3t#R
zD*2RI8DmY~6ti(l!UzFcpYI6P0Y!|W_9-$U`$cVb_v0Du0Kf?yHG7736A$I-TmeO|
z%!t4;4$3H)LpT6(uuWTB_czYpkux<RHw%$hpr;pl%5cS-J%ZFPyZ}1t`cF_J$0ne>
z_KC^+^ajEZydfpl-Or$hmWpYypHeD+bg9MdE%#^Bugxy#C4)@0gN2e_j3-IdIi3Rr
z2v_1kFR^btrBMZnYH__IYWIQ7sIFKdF21`kj?G$8{RM}K{^L|mmSQEM6!0&UN9*1k
z@ei{+23m%Nl_Mg6YX}iL_YV75@5^gJa=!O%RvR(oJKL|3EwQZ(R4IhAQ(W*w{KS3i
z8PhOot9$;*tw8m$3eOU)0bpKp!R}2d@0@W0>Fv}bzo-SIrI<|+%D41eurk<Hs=h2?
zs13_GJOtnD-bS{7li7s1zLe(>`)9JxIu$&>8*5M{<#R~79K9st;mP&gmb_FCbo)Pn
zdhxPX#O-m|Nt}C62YxL|jV$Mry1=NSI=}E3Qd}q@n}_j@56H-J(*v_;sk3d-;Va~w
zBlms&rE0yYqJexh0Pb0$dyVW$T8?mjqI&+WAy3Sw1#VCBrd^<b$%}_{a$r}ba)y7-
zHR%WK7^$lDr{(?5&CzREeAD=4=M$rOC;)wgc!$PqDZAvw90ZO0bt)N|IwYh+Iw(rL
z0R-V`snO$3iF+F7gBbG&R$A{Zg>P8n1XFJ~FF?DP>jYz?b^myIrE7ePg`5rNn#xPO
z5VH6;Ey~kU<Ih*oCRXi|Xz{tHc2IJDj=gEn7T#^{H~B*LsRe*zW3t}6?G$0tWWFs6
zeGb=s1B(R|v=bGG-_;KPa;7K90<y%A_QbcKDDtp;{Z~!lTS$MP743daWdeinG*?cr
z<4`Jl{@dV30*l9VzEFM{LkYOo;**zRO~M7@lT}kDeskZ3*`Yb0UBY$DO(t{|_T6*Q
z|7wR=$8hmCZ7MIPGA7|cVNen@Fw5oIv4^JBks-v<U;}suP=;&;44rsRU*7?lsS=2$
zr9H2De|#*R%R<@+CiNhTAgb=({3eMp<zJ_H9ZTE&j18^=3c+Z7vzzn?o86=uf=nTC
z@ekSVPJz!v<Ut6MgwlLUj)4m8##^gO)H~84=hxt@Fru1!W`~8@BU<lPxH(p$?#2)}
zfGQMpHOwsKIp;>_wq^BX+VsVn>12Q5gf!#9FUX|oL&YcV)DNKL7fjS86p9Tyuu6q4
zaUi;R!(wz3?Mf86bqG8V(v9N;{hjn7>or);I{=Ty4qCX)uDi2(WaIj;*x;>uU$3GK
zUe}uoVJ-r0u`Sy>`FbxdKS<WN)OrXCM<mpsLVQ^i<W-0N)XFuyV;By_P$kw>==ANJ
z9#@Wlgk0NYAs+Yw@xT|D1r?ftCl-GO0Ag;p%@^huD?(<Hb6~x1#k?!gd3WhTAk{9w
zEmo6O$(d^Z#PrRQ7mkf3Ex`=As&zFwtD)D$*Y3cJS(nj_`>wbmSO)#BK8rxkM|wyu
z;t*d)!FXR=B`1$oYnDmiw-&Z3x4Xg8RZqjafz9DshjHA+x~S`Vo6-w$?Q+BXdMb4|
z=hKAgz-yCI{kJL<gskrcCpZcr@B!&hEsuqDtj`@229n0*AS@{UvhfzQ*Q+R*!K@;|
zgm~es^cZm>;nKJfdLI3oi>YD6KnI*S2^B}CKA<1RQIZOgd<w!U%9Hd|XkvP3Fq7{2
z_o!d39}PZVPGa*vHzdno<qD41<-`fs3Hqgvx*c63?FV@VNZZP&B#3I_-Qkg2r<9Yf
z05XL3NBxX+Q4hb?wU7-x>m1_9jHsd@p3v_Z(HL~Ju~4ZAM{}d<mjUt5*N`p2D}R9j
zP`C<SC3R?nR{*2K9f&ls^&mG(uRuv9qpiOQ>N?p=qr7h{kmIEH37n^|@)mQkIjH1c
z2Ap)wHOFpTc7Y^|V}-}l5Xb^^<SoImuxgR^{upfT7W=B&KiN^^`*vs!{7!GU86qG5
z9^XksTHV1?J{MMi!|C%OskEgb@t6x^&q|bvK)16`Dp(c+n~ck%=NfLE`?ka>$CXgZ
ztQN5#Z%8ZEMa-S$FkL?|E`<mZ<BI$di&;~X%CSTYXVY#qr0m`Z;ltAi4{=7OIGC}d
z52zZ2*lnZH)q}EO@#X}@@pgSI3#;3Co+_M5ECNuIwVx&ea|7`k&oD~0#v-y9f_LBM
zi=##MNcB+BHGOjy@E>9uu&WFnkC|$lc3JO$2e|z>i7FJ8fZ^j@5d6y0Wpxs7yd)GS
zQ?O>zrgDhSIV~%UJq$6urrrJJ1<KZx4uW%$0>$`MBRpglE(4ff5USXV9W?BJvq>6U
zylx^!{fV6El=SWX1CF_-1EPOU4TY~9AwU<e3_il6o=_)or>J37{aTBG@R#RpBklxy
z=?T-q#1BhJcLoGDpV3<TC5v_h$`ufbJzMOV^K06oJ0Vr|Xcy|KeFt~1Y~XSEpd-HM
zdNlL3T2SJ3#JiB51Rl7?FhbsZ+DSf<Xh^6p&{V`e8QK?Q9NXyQe(3%7bO+t)^tYjN
z7suYZf=LGNB|?jua!@OW;_v$4nhK?#r}whc`1?=sk-)RgjOq)TDC?x<^d_WGsq_`S
z*JqIu6Oe^Zkrf|fOk-MtaO^=QAWh1V^I8~lF+;_6&_7B|wNyxf_T8`ZW^SK9&J4kR
zbi<eo5taf2-S#gS4j|A8HJC6<pHm7b{nw%+D;IhS$iE<3k6uCcql0FcGn`x$0JCK5
zHPfq4J(LM=#|MW=`IC4uX;R+*3HmvFb)=1Wv@HIRMV4A>6MwZ9icn2uyWT9{DN58u
zLm2mM6cJ}BifXM0{~1?D-BU>S&r)vnVIa}lVTXW(2dC>Xpnr7vvju}p3++C5|4!Yo
z=<$Nl>T<^7wv^SAiop{jN~K<B^yPcp4$efge`+;zv(Hn$>D4n9iESJ|!+n((F|JTH
zqWcN(q3vt^)V-t_oFF3S3qg!o<R}{!HHB6rvXOV7v<^WJ(hT6|!ncqS-Y7~c$R!I&
zC~pWs&uEJByo~g6w2#M!01;a(`J=HqYns%b6;aXDS@=zIA1&s;(wX?>OxZ2TByboN
z>`GB02|1_8s@S_p?qZ(&NxeN&P0Ni;_KUs{vPQe-TABQ1bj6XR3gxN?xQ&2F!fm~%
ze_^qh=`9oQYpcV~RQRBNs^vA^;nApg7LKLJc~Yc40~bW108u9Q!5#opxcf~R=rzeV
zItCDcmoA?49mAH6e8TZf^YNIHN*4-*p?sFs@7gKp;prf274OD?LK<#!5e=D7JXThw
zE|CNyNpjcMCWOT4Kw!UH(Nm^ziV(j6f@g#FeQ?b@opzwW`7(eT_NnNa5tjFr+4b8U
z=;0>6`Fhb;&kzN>ksD*+LcHdbl!EOCJN9BF$i>Js+7AWA1T#Xr?GhVoWgFj&X5nLU
zu8xulKK3*g+ZFP1$LwmO*&;Z&8SqH_vYYcoeCwv;tX!w@n{NM<d!z&u*-;ACLOiF2
zg#a*8hH^&TH<t$%Fww8>vgJSvI`Ki{spF({rT^B`y=0)FL0suIcDm3|XHF&hl4ciK
z?5nvVUdjzxn$2Xh<ny>vV#wJeC^LrT8+Jx&9~@9}nFRw<on{$3x&kt-Q+dd`Ns;5Z
z6jAb?N9HgPo8w8*oStpu6w(Vy3pBA`#mWk070>_a0sR!Vz5?iL^L`h$<>AV}Dj!>?
z2=fWRKNp3Bg==g@>MQR0{>b5-2LS_*L!rp4A5+Lcacl%6P2-GO{2MFqa6>$}g_v=R
zK-6;#tNa%UO;8|VwQ#?=jEE+~pAz9IIVg-<9p?A%^5_N$ronrdC=HJH-S4jXgAcov
zIi$P7{TnwD)PH1RX{&Chjq&BtK>A7;U>18OX(UB3EMO$xEs3hYrd3b|4~GQ*z}jQb
z$VS8K3S$E`TKC;Ql&RN({o=)@e9bMIh1qfBu2ln|SpSgxeTl}^>84axnJ6-B#|nv?
zYiL}jl|s*d^zdmzrhcQH&8(2#eXJE{XB8(CH0(!3QDF>*ss{D1;6)oH2p(-gM9vqy
za7w;%=HP7(#^@QQlUf1%J<t(w!uTuEQDKs}2(+gr;H|6;<?P{01`f@=6IkZ4P*f~t
zbJ?CT-A23L-bYTG1wbeNg;n6j0uA1ycs_p@IqMRK7)<Fz;Y`SUN!}y+G~!diq6jA4
zTl58=KvL8(5S@OPOgZ}Ezen6k0rZv(9&>JK^|n(Z-X7BeTaL?PYk+rc2|%_bU#a+T
zoW@HX^4S++b?#3};noYF)h!+SF6_qyap2bMS9e?m9@rBQ)M{#MefN^S{?}PM=X&#1
zT2Q`ll7@y9XuXLp<*dKvy=gnqPE!7cWxwA-Cg@yrFt#88Rl~nsdv_j6>F^|%rXC$5
zvTO<{ZWDxMuLkkKLAr{NDmBX#x1WY<T5+a;=<o4@BE{Bu%3xZeVn`3er}<jV$v1z<
zx1bl(ixkr!2Hf~w&`718?<#fqtx>h?W1aI~Ma^gBUX9Hf#ZEQM1yQ!l5xQVJeWn^A
zf`;FVEjV5<Tws!~vK~x*$b)Mk8-X_FQJYdYV9*9@JQr(YICoJMh^*nZMGOuOQcYl1
zfhJKV!6PE?RmqS{)21}9lc7Hgi#;T$jW>S)MtHR|7K1BT;6-KD`m@6f#}*KZEr%+P
zeJ7WM<hX=U9VV#+zI&BuBm?~NWRpo9UV=?+sJ91ke(CoaS}FG_{9S(n$94yteBP;b
z)Z>o|P}M^@aEH!SSFU)nG47{|?&?iyqAWcVkLP9c^^|Z-e^9d`Jhf4dGEnyi&r^Zw
z-F6KqXH(>PA1Y*s`+fa^;xYCpR-h}|>GZet(D!`lVK_C0>m+61fxyczOOdSK7RfQZ
zygAnMg2Y-`Dw{s0jodYp>Qe1CE#tlg8d_x&V`IkO^*(MK14s{nv*YlEu@h6TGXhUf
z;YJrv^P&C*f$U#EZHY#&R>&D#Ep;8Z##<_%WFhREX>qG)1-+Y9$*(|lobldSZXHBi
zZ<!a1rm$8v03Rb2Xo_Z`k3Ft&@Hm>X2r9z%JHCSkhRcU<8-h0n{*uC~6TtWfv|LXX
zA&Y>JY*U#e@_j)la$g*e*Z4+XYTXjvBW2@ep_-lOGBzTHRT@Rm75%G4oh8F5_{oRg
z8@(g}^0{b>B1E&fXx?%AIcu>ybz#QdZ+@?6dB;hd?`uHTI{o?4F>D*fU4um=g$`O4
z!tUB2#2kf_S14o8qWLfiJ#8c$2bzY@=!0>hXj@$T8+~uQj&6oLI56xMTZO}kOYzuJ
zb*VlIv}aw2x!%5Usu$25jS_TOCBwrZmW5G()hid2YD`IrstdgcfJu>k-uq*FE7!O;
zo%N)mK#RcEBtsmNrl?9eq9Antz$53w-<0d#rp#F~!Hu5C;!iAGfn+7*zh&Uhnsg2w
zJA(Q_Q^Ts#Hv9R}{-Uo$b?IM`@Lyz7G%u>Da4DZElK_Kh;_!F8(lwF#eVBz&(JUVM
z(@>}mvpjQ86#&Ke?bL(5%&O_;pLcsF+i4gys%v=wapBDs+@yIBFI`K?7SxJoDoeXc
zqDsmT95H7ixvqj~3e|>R2+17ML)P-|!Dm6YQ|t}K*5Ix?xf>0gUflh!I_J5VYn>e^
zM8?o2L!n;ZutN%&$h~i4#YgWTT%jkvFu9qHpD!^VhdJqD9vnMjqv4Nj9`E|Umoodf
zhUQR0)p)@W>~QAGgxhpc!HoI?dCF7NA5SMg@(=kD_i|2C;UQ{IGX7r2LqbxSlpeZ$
zkWXfv6S6k(Np{$IN9%-&E}4Rf2n?2k$y^GS@-*EPrZy`?<Zvr=g1!xYJY0v0?3;Og
zJi&+k#Dgq7KScmgg7HhGPJ421({9UFG=n3ELY;q^hK2M6tW3XE?;ayiIrApSkpw`%
z!nWQh2}S~`N>y*G>hpz?9THq60a$nM_Y03!T}$Vy|Ew)ouxH*c&sVt7;dMbh&6w~W
zEYv=DN<;Kws=}<X0Nw)#S<w&1LcPxpITvDEv(0sYi9XyzOz>IWn{K{YwI&#97WQ-W
z;%4KY<D1L;c?D_b;WJ7@Wq9I<`!_;rHh7QhWFP%>O~#|5^!t*hd4z<HXc&}MFGV@O
zcW$_64qVB*sZoPNOf#$@wg_T@jtZLYG3RCU{rMK?FS(Qpsxh8hr!_?#R!cae&@^7;
zeak<EW1*UWcpEiC$^1F1Ns|0cVniyL=I4E()F6%G+CpQSR<c#IE9FPQ7U#Wz_UK!9
z#YWpG4+li#aRM!~&m6~B-&CqwJY0PqB2956LA#fE#hw7&6F6uL+YUZLu9KIdnBkIr
zGXZ3xQbe;6jg_)^OChA)|1_5{H7b!1O489(aN2~35Hq()Q_k`VB9^`oZoz2q;{|H@
z4FX*C_b|-R;BQWaClw$WSuv(|GmRe=E@dxhT1C^N#wok-;62pD6$~6_FHr?o7Vwnq
zaNy?qLc7)5Dy<T*m0;X5QnglLL62!x__v&f$&AOSn3DdK%K+AGDgS__Q)?{h9@96G
z_wm;ux@4~(9zusAK1b3)dC|Bdpi)Gh9gG8*c*_<$e~&_J&qz(YO*dbeT_8CoEO%Xa
ze#?g#7yi5w+>YI1Af_d#CGu6Ir?+@7AZ&U||0-fqda*don0t3e+m4Q{G~_!$7tldw
zplN$j`SaM~+ZYbg*QCZXp%sKgF@<HT4pGzR1?!CHO0oHX{iYTVrJ*J~6?#ZnyGj*w
z*KCsOwONk7)PB<x&CPN7`~$|~I~vvohTtChMBN8li~{d9K^i;k+dI><;Y+cW`1*+L
z8Q7lz$5>SjU!E6L*HfUOM>LW$4m7bkh&O=lf(Mh>@nphH;V!f6!5@eP7Q9{|x4LoP
z(LMyjl`X)cVuhzaNC5AKsxRIqu{|P%0h4eNhPann2@oRb7EHRu;j-O)&?%XvIV@J4
z1(`8&>1~dL1+Co$WF;A{*knxCM7kt~yXZ6}tkRbo(<=?9P(!_Bs);tBi%~jcUHTBQ
z5vASrR=nw|#vDKo#Ed(M$roXhSnp6+d5cop7DA+3mtSAaA`h9}N;iEgthd#v*h`Ut
z$@GErR6R1i&YJSr=_usMlq{u5*&2ZU#|P6dr$BN*F_9mpXQ`*VQKwIVZ6Ay;dSY{{
zaErDP#Jt4SIj@Vw?=brc0@sF_SvzsobNKE$V|(YxJ=R&EcW7k(@<j$UOv?B#E}8BA
zLTCQlcss19bYVFT!qeEzbXpXI=sPy`T}0%Ye=VQSQ{o$SpBuu-!m~`Dvysk10hi`w
zE&FD<zU$0ARwCPSlCE{f@d{!TS&8Tdv_m4-w@1VLDm6|X*A!lad7uQ#oJ1Dk$+a|G
z4VkV*o7Jpjh)aKJ24RQ0rc!tGez*D&Y!M2+TsHX2Il?&xg6{(rH^|<A*`mCJ)Qw1G
z&bNm~S^!OlYyBH<vMc*{o%+r=Qgr27C6OAZ_Ct483t5q%L4|z%%ni^fNk-UdS%93<
zhvp6@{1|t&#lBMoYAY2IE^f{x9W@*buKN~hR3HYckysj$*SERFTPu)$!f)U7!?~M2
zr#(^}%`pQm7g*`_l%(54sZ9}Z2c4+{l;Oe1Arnpy8_210w)$>@&}b}rifE{v?4VKx
zsU3PWeSlt)V&Knqm_zZ&Fo367p@{$!DKYwWO5X^_=3+1*lg3V4yDWXaRs|uF0SLR@
z$RfDJJzwBxd1%_*o^y<d7c^r-CYNSUa(ypt2t9E-A3e#$u{W-oN8&+z-ie}2LIoY{
zW??zx?b(uNi-xX_X>eU1z!d4T=OwNoQn)YFORZ@ei$SUJ()M76D5$EN1(iHjq68{M
zDIHE6f5@&azvBnkIa%AOU_cjUf<$}pcca~2tDJfUKsF*4z+<Zs(YQZqM2C_{@o5$%
zSEz^0Od+tN0PGXUnt&=e);E3SDNrZ6I;9{sk2*5#bb1VtD3y{CC{yKAB~pHqPmgfv
zX16R(yMBgXU>SIX>)ZC+3uU!?2tRiI(K-Ff$OqsvTiE@-u$TUbe^o`ev+nh8-N4eI
z2qGy&CXltGhNZ;mN-kX^{4d7U#50=MnJ{slA%*R`QcELfT(fswDXaq5``yw8!S~h7
zD8YJRJ|g%eYH8eb=M1AP`W|CAeI}$M3tLBK{g+slWxh`dDV^|D;p4xtIa^;kR5uMQ
zOm7f5<SrT`siV^9hJwYtHzCS42@q2O(i{-Pr0YvJU6y@$<(d`U(EB**9Y@B=3jlJI
zz~2YwBEHnB%%*Q*mu_bkIv(LBblU9iqM;l-$+H1U(79NuBk5k+`^2yrm8mfv;mANB
z|H^#sJm)X&E48PZm2p%bmge&Rk#GG8K?$OTHZjnjy<{*ZQ9zsqHGIt$xT{#uqP{Tg
zvh!Gdd$Omlw1X6w=#9bN8drfOY=C$X>G+6IfTqF}aD0YUzFSSxt=?b4tT}E$F;}S%
zj<>k?8XoO{9slBi6gVujbpAtNYlm1+z%7iu*PKQJ<P(epGYH-^qgI_#Ejg+66b4=8
z{papFAn$IjJQixvO3Bk$9%)K`hFJ&Z?}IAkfKpRpOqeQ0;Y~5{UoF6E9!a7*WbnRi
zy*u@mHjVU3$Re@mNxb;jJHnx-0Cgfw01wNK<#rb!rM`so3EaHGF+Dc$*L+R04JKVt
z`<UD3gB2x+3^clwjoGp`zJO7K`DC}sxpAAH!2kR=>fSK6|1R45Mqze|XjTg#0v@=S
zXNviFA==QTFakt2%L<hn`L<4%yyrGrG;7RclMX3AtA#U?KU3fhdVUtKX{ZF5lf1qb
zcUe`=7b7Hj#uhi6#Xq{i7iD$0Fs#3i6z@fplp9wduO${KDRj7pRlodcFyJwbz<+3y
zo^U{EJ(JbPuij<f1*1%iOIJ{OcQF$^hLD&yB?hI`V^OBdM`R`pLTD3GWYor90Gkh4
zLH?9S;J?SF6KT)ipOoR#Ktlzi&Hccu&Mh_2i32*oi=H?t6=1O-spK$4h#MiY;xhq>
zw<LlOG2?mu=L*ij*^p10d`$6=Lah;nyv(JKg)FFg0r&LeoaPvY%1WM$Ml$?V_}_--
zNy&ffH5>~pGWE`4QdZQ+dyx1x;xzTd+vmPg|5+B|-~l-fN;ED6A3jpzHBvRL-|EII
z3uA?P0&gNHNBNX|(n_F{tu<2>!US(FF9zbRq_~<`<Yo{lQ4fATnuM#(7;KO$|37r!
zPs<l)LEw|0%Yo~DQ+6!%pX&|<*PSf+@jeUc@1T1PbmjcNKN|3B9{mp`@c(i#086RO
zR;Vh4FE5CU_i&qW%l^GTSU_+#BDyvtwtN<%oXM*IPDch{k4*t(Z)S;qsOEDia1EU4
z$8`U>2Bgv>x$9#PxQ2iZ;L=e39RWIouQW2Ybv1HA=;8^$Gf;wNMJ<D5%?6Yq>q*3h
zUNzvu_;-LfiUBmY;=u?TBt?su=-;pO2KVqgsj^qXzgx{B3vRXI;$$aLz_x@0d+_g?
zSRrg#*iUe!fHEMI`|m{|Kt)mQ7=4Tdet{!=AIZbxY`>-hKD9*Pu4NYce_lAiKB<^q
z0{58`7<N==t^wWx+#DqGG6}Z^&@cb9h*sF(*FJZ&weRMAe;;h^)t;T*)Si77KMe3d
zGQkOCaS43WIDD%w43Mkg5b6o40KnA9J_h<0EC!90T?G&ecGOuW_r1R~HS<Tt>c{cz
z@;`#`5(#ASxX&UA!q(g9#;m}aX`m&}Ne3Uy;t8stETlRA&7X@byP2CTc+ihQ6D2CT
zx8fL-1pxQG@)#9#>JtHvOA#=#igattnz4dLgq83YXcEqjzBqc4#YjMvNQHHAIW=G4
z5s3N&A^Nbxm@P7@z?XlBDkur@*uF5Dw4Y(UR!vUkbPInWR$rF;fC=mQ4pSi%IpPuw
zjZy$EKF+^GX`{?@T6(e_*eK!ieLGhc%dtM{Nga;iQn;+N`pQivW&h^`3ah|0<qm)U
z4l{-9!5hsAxq)Xdf%vx8dX%PIzu^NBr?JSz{Y^-uL?YB5@@cN6-!qP02^Oj~NWw$I
z*vz2_aq+=ezXlfy3x`-Rz*io$@20h_*7IvQduGt}nU#GiDwi_sS71UNFI7tez^*}H
z?O*{<jHi&+j~e2Dbo>q%`UF6cCF)G6_qs3>+|ertuC6vJ*aOck2=u(rYGa`UlufV4
ztGIe0ec0j_Pz{LS3s6TV4**hm#O~aen2>6j2!h`tS~&(JbpB_E55w&w@{FmG<<5Ej
zM5`Yfo@3@C)ByfnM`<!^9_cR>cHbHPe4?1f_PGBAE2rCsl(cEBp#gki#ZoidO)})W
zc0(+P;VX>o*J~z(BzO2*Ut!~hDbBshW&tk-2OrK@p7iaMQ)%=^5(K;sOG}_2=4p4B
z2Rr~6lC%X5ZllLqABY&Ryqf9aY0%`^8ebpf2KOcP3lYkjUT8FXc&1kbLzm75qu>0k
z=-tA>kCuZ4$82e*Vyg*{KxO|2xE~`i3GEsdKFgr=i4Q)PT9QlLk-I#J%=_E8CYBm^
z`}wK-xQ<a5>>ixT&lW@Qwyc|*q_DwuiUNBPsOee2*8J_)+p?wRAc+ri(l@Xue$2CQ
z!$iYJ!J4aVN!CoGahYhLGlcQo6+(Q8xWl%8#~Ob$KL#6HB0d63D%{d>BXmw7^l{@Z
zJZN@5DaF!ZW<*q@>g=fNP0BaPh3^`@7Mt-L<Vsio2F8L^x76FuXvYdHg?~da<{K77
z8{44S#Mm~hBU;6RUpo&7kqfO7s?q7T$f*B=^n33_YLt7kAXOn>Kh~NKsp_@AE%k15
z4Z7Z6*8W{1+^)nzDvg6-{6iyiqI}yrYlH9Kz91umMB)MxRp%>P*<vq~1+hp<n*!|F
z`ODdU?#&$Z^4!?iw0memPd~D7&QHQoM2o*hff~L#*cvSnFUvJ9XstA=h6C__+6(2Z
zUr`EcIgHN|?o;IFz7(>&+EqE+UAs#aoc{`M-<@MQ3`5ZR;g@R`muF8em|YmeOgeAl
z|HY1BnLWD_V{vv|{gQ4a45z2rubEmM00z7xdtv#Pb(dO2mO&rJT76T>8dtJqZT}{P
z*shGr+G59d1MaF)`%xCw{|4ztO2`pPIh@CL>PCL+$I@-xu^Y>fX-;Ttx*+bfe8Iqj
z|LedjFZ#tb;3yK!%FWc<Jkt6gbLN;7jaf0{%Kco$IIr~jW2DGLoz@uJibXo(xN8d@
z*5{pB*r=c5=j%5=+1@<4qZ?cL^~u@c=q|~s;kDd1vCHAis$%1x%SoS^SvCc;FyT&t
zfF#b7rv;_^RqRF$?7p9pIq+%o=WE{ODQ7n5G7jq}#*q=|2$Vfjis4lLK{IJe6ksO<
zE5w916l&<{)2UPXXTJD3M5-n~mNB*#qnxZitwsSwypRh2vJPMu(IH@z@3B=!_v2qn
zsX7z(LJzO_bK!UTAJV_wu7zN#)DjgHalJe`p2%7mDjvrQ*+~DuG*DcMn_Nf1d)i8}
zwJ^tdlHg}}x+isob&3945dshL2~`_P<ElrJ_ZF6tmKg(g`9jEW0di)QO`p&U8+#FP
zyOT`x;O74OOBPhHE13hcR%h>)J35iJ-)jcCjc5WXKV6KI56TR|pi`0XJo^@4MiM{(
zR!scISj`*8d3*Mye)D}$e`v?Nny9wiyrY+0jL}DViXg2g@`u;aUo1}f3BAi-lpCrv
zZyp;IYmU2M8Hz7&eYRYPni|Ru)4tkdMUYxPg3}xChnix9i)(ip8&M2_J|UwUOUbAK
zM<J6>%BcQ%kH0&GPWp?91{YbFFg`+8D!hVu0F~Ql>7zn%@RK?KaUtjeV6*`s2rC97
z95qUmy@p<0e>@ZDR4hw;3yF6+^DE?tQ*zq9Z~J*0(_&qMH~9H2okpuX%f{@nRP*-4
zR<Yp*)*%?>j9{Agg`It!HgVti4R@i@CnnXFe3fk<{N0{B7)Na4iWl^U?D8G=0A2*N
zJbDe!x~D&`p8fD^tN?wZ<j2NMQ5%43^%s~>q>7%ihlF%}A_b?cKL#qf0wgF~i+9pU
zE@A1hWt3br{9w}n)3h=iqtFOkJ(!p{1mcV$Ah&UzP=8iTtbBu0M10$X5qH8P;SD3{
zgoQm^c@*r2pY*&hj_P)5aO{0wMD4p#)r>k%tFj0JDe?8<T?zt(D^laih=rVQlQTd?
zp$ZEC?kf)LR0qV`;f9+iM=2wwO3-8c0XVtB6;4)a9MM;<`Y()`3Uk`u6Nmz$pTQns
zg1Iypb6+rQ^HqeFJ*<nDOwWU-i7l1e>yT3@5~Xp)n2RX*8}B#_AMuOc<eRt=dd=;u
z<uJF6h#5Oj9@Si54>?@e4G6&->5}Lt!xmjfx#UT@UU)wki}83GM>}K<TQ8>H_R^C&
zpV9~$Y978Etof;rX!$twH;A);@J@U5Pz7r52PC2=3LPp$9_mF;hG1ty5wyVUxNI%=
zluKpmsarRJ^ylJuXQHOK56EwqZUG}8`cW|b!}HbBZ?V*DcBahglJ*}8!l(e-aJp#8
zw8{2pntQdR4y~)jdLD&;&P*2f>FYKT+Zw~0sx#~??XG#h>z2l`qiC<gZ||a326^rn
zlh$rwets6OyZRNZ!fHftm^5kIef$7a^bqVZ@&GAWY&E>nH$YUP`B?0J$j1A<{#Xg#
zJe0~ndcv7jp0;B8>k$&E^S@_%gKpH%6y_c?g=Fsh{%jz2cT4^DrV!)rl+W#+HE=!B
z<y~+6$!L2K8hb;}3w0=XXsdHfm98HseS4Hp4(11d(^erPQC523rK9BBSKBH!qog&(
zO(M29!2Iu>cydfIsQDx|B|ubvP>}sK6D<z4B#6?uX^`JX6UKo={La#petKls;wjTa
zypDtLv(%e<t;}N|7POlMrObh0BenPxO2355wmh|=L|&mwM;0(3Cd2)W&fA@31{-+E
zfwD+u*rI2jg6j;RzaW6>w+OIfoY(Wi7+bE&E|q$%0pb66sSLV*MgBe)=7v6Qq)3-J
zAj*HEEm*0{w=uCTH)<6%^)2Oq_78Brvz`6?NFZhMgyDwnbH#tezs85inL86joJS14
zNQI5z&zgMRa)aMQ>1T;~Pj})uNvo2q=Z#@oPj?_jfergD94bKX{O8jpeFl;)*PQDq
z<wmV?>HZxBDZd7!DAUH4sL&Y|qS`9se9vEjr{$hxji7OSX+O5#M@r3KLRY(;kqZt|
z4jadA?6JMsK4+KDghh7cW{1GjYq>gQTeS6kVATt;%(t^S6#DT?k!p(bYD1OpFJ^1J
z+*h+Av~49ZHHVVHcjwX;lLdUvBk}xy_uEtB6@r8mx--MFo(i9BgW+xG0JF4=-MoBV
zGWOZUoW&U-8Q75MzHH5&YD?=UZs%9uT%-Bu;ua85ioj&3v#7r%d+fre@^vVjSzOiO
zVs70whpVOH>0c9Bd}%|I%B9(S{6K^1-|Q1mSuJwkInI?RUE+D~FkZ7w;Af9@g@aby
z(c1odrTz6-_Orjyays%G1aIfx8rOO)f98I>+itNqh}Zok{#Ld~FGut557z$P0=f6o
z7Sb9SAjIL9dD!`y-&x|_=omqK=d(V)%_eJ-l&_?`G1Fkmf-^va9VQHBaXPFjU^V9<
zDT)>`!JfuH%hlhX`aeb{hMm$dAcMktfIUUx+6<wojF<}l)ivnHuK#}dg$Ry;)cN>o
zj`QE}4UJ|)g~I-ekFg1=Ow{aooJO3Z$_Dh0s>D^mj?0uJX2i%e`H8+?i<MKeU6*C;
zX4#(H*Uh%M(dYi}yMEfk*{gX(L<1`Y-RXvh_&{`(&QK0%Hhos(-Q!V}yF6Ecnv#hM
zV`D2eUG}ZU-9)A73BDUPlXexa+zWmdFyqKssyz*dymjf=>u@e}*ouuUy|Bcaop_K4
zZ)SchuaQC&D!+Kd^EE|D^`ou)W^tTy%IDQv*c+T}X6vUP;2!M)&uDUvEtg2gf0&!%
zbt_Pd#EyInsRojzLolPBFE)4SO=je%e~U_gyXvA>_%S&`rsBOzZr10jltar8L|A_~
zzwi%~&MPOAW9O#Xe|bvMbbC!A`gf4$R&6l#!}C`rlI^f@%={T4ve@)R#_1XSE`M8Q
zhvG%Hz>trWB+|7JLPiS6kwxSG=i~@~2|4^OyKfv6!%vTENlKPXe}SfqheN=E(eZbp
z<{PjA&(|ZJr?BfDzMc8{uFCuNS8t!jFS`y_?)SEY(mkPSmm0girm-8VUrN2?i=7!B
zatSxS7PRr1vE{xCi&-slTO>^Tdt-c1m;Iu&*1P&;L$vRiEsIV|6R+?oq}hDC-+6C7
zYlv@$0@2Pmnno$~G#N9``we8PGHis@P@(NIXy3?Fk@~IqsYbK6r|}$f;y6yrx<$tI
zZ#?JW<-MV^yRTjAKC>swiMd6LnwX2Aq|1S%p92)gAXh&X;qX({^M>+koU$3$t~9k)
zvHKZz#L>k0H-6h`_QI0`{qxH4F$Ow=tJD>LgA211hn7{-9{kLbk1$*0(diSi5}LLY
zg1h$Nno&~;muaGqDZu^>_K2dfa3s?1NkqqUE7ZG>cm*Ug(nZj-A2l9shswO;%eMn?
z*8DyKxu9B5^;uy=C6|S`F!)wie_XF8DLFLtyqPrOKJOLO_^RymyKRl%yg4YlP4rDO
zmHMaT1?@EwLlJ{NhaZl29b4gVd~&nl%U0gD99IhgyWn1QTb})yx4gR*S!y~R)y4eN
zU3~NbfBbJgtNsAKU&%pe*|1ToYRld74ixTv*(U3JqUV=%XT7J~;r8KF{FaA0_BU5t
z0!wm@Mxq8U`B;&GpZaErhK*{HV)MjKNq|+vgTyXkIKcok<beY{-SPlem<!I`T3x;B
zRqLtn-p$u{?bbKB{VuUbyL>)V(|h{!Cs~Z_hL1jfJq)SzKG8Mi`Etp~ru#@IN6Tc_
z*EV+SHC=k~?fIZv<h7`%djho5sw>cBMM$Xt`1}aA)_lPrn2d~CpkYR$IFs2a#pbmu
z&t)_?688MLvSKad3f?j9Q}2J#e$w&-!%wJC#<V;|{ag8_h-Tb8nAs84!3p{5JvYrK
zfIB1N>%C!fIMAN0gp$vjjOUlF^pw+f>iMOst&<@w<A_nQHz_`$(*)1ZylW3^K@ZJa
z7V>#}Q2T8uUBZd&6e8(tp7BlWl`<9y4$ViG-AbFW!{etKwJ+=fxR%&y2Xwb{e@u5p
zPPJ0l662>~le~DqE&n8KzHx`dK_)BvxiPvM99?EI_r9~*=Tt?_UuQpm4_XjOd9H2M
zr3^41cJFT$d0i0Hve@Rm;4m=EoIm(V7pyO>+xp7%FQL4VV%>S%r1L?!TakP5nDhLM
zOR?#R^9NNGNdKsC3Ec2<>`oyDi@|;?sMY<=3=9um#F>QQn&P5X&O&vrR%WQrLGeU=
zwQ81#ORh$2T}P@3jJVQkb}p{B`>mlWv{9rRwkO{#Lm*}TbO(|Aw_K+Ee#98orR5vg
zv}>E<#>oBL6^a{W2;7`>R+N#n^I+vtX*5g3cP7?n?5N!Q>k*`!7G|M}Rn8&*HsA8t
z+^9&Sxs}3#E>p_5;TxHk$}EK<Q~%3NZU`A#YlwdpWbv}{K7JUb$!Dt+5k~_~@~hud
zl9-G6(t^$o<NDk;Sy~ze7UgBujDHT*`Cn-+?AQ#g>}>RB&&&}3OQo;M8$Zs^<dDUB
zrY{3k2JQpbclO%1-s#?_@0OLCPZCQG<J=!w_Fl3H-sEyMiv?dw#K`R(K0Wz+<(6?c
z(<nODa1s&eFUq@V+k955y?JMHQ?HI*CU_Byb-3NHv{GIZWie)M^tZKyFQo*(?m1+!
zj8j{F^oU~MbGx0Uum9bykNfvaZ3l#gWhI5w1J}1%UfhX>QRvu+4>7`rGMaAKI-4h~
z@M|!E+XCoUH1eg;S#&r&J8<}G#@(0_p%isCYu3pgumpX{_U(tEP@(q8rH?;ebNnx=
z-ZCo6_X`{S2?#?E4U$7jx1=CLcQ+E!jUXUW0z)HRlF}fJbP6bqq(~zr-QDNr|GsCf
zbH1Q_nKe9jJbPdJirHEx2Cw=9uU>82-#GO)YWhzz-bz9!zP<acqwUVczKq=65es}#
zG)J(S>e_1UjR!wfqzYprp#~7X`mT%MN`vIhBQ1F<;z~n0?vLHPRu&Bz?7a*5Y^M~c
z$ZiAqgqxaL`QCqw@^LSoEY>z$%sx(XSU7Dt?YKj|azA^>pZoo%|8)!&0R9I1$MR&?
zyVafhc#-!tHSZ6<<hcHPI7>Dg5sfSI+2ZNv&NOV}R=nr`XTMxTo{PTBneOq`l%oml
z=#+Lqlt4VBG*l_+hQpcJ@tOAE9mTQd5dlH4t8j5toxcr!%gdMgkW(J}QKIqusih|b
zQ%(!)B-p7md+AfLBu-+w5qC)^vB$B$>T#n6e+!G9-}^L`+GCce3BNAn&}V8h$-t`>
z^TBpLn7<W-%eC3C?Pzh7)250YbuPs%&wtnYvjw)c!wipp^_yTIYBzc&;IzvqWwxV2
z5970%Fe{?_igvlL$8{<!4IyCgn;~!X5iIy%cZqGVF*Wk6i=@YwZq<s?%?pxj*R|cU
z!HAyT;?Q>L?_R&H$Ys)VQTXuuR<b#JNp64p-jicUs?E8OGU%hkcWOw!D9q=>Cb{dG
zwBuUR1*5_O>L-i&O##a-fs^%N+@gUrZPxYZoyx?bkaif;WC;^Vz0-5#EHXyxx`XG=
zZMV+)Cnp$Q=DURY^%gmz;|Gjh_Vd;?<~P*i-{!oI7uPr$*voC4yoOXTi8wM6^&c$F
zld)XmpfbGA`MmjAlQqKK>nds1>-skroPWi^gE8cm;ZH3uP0U){?_SPk)7P=4#O<|Q
z43=tkj7+foD|(7a9DDZJ+hSg~)S*R+zHcPuE}0y{sO9THROVA&WRb{LSQ|8(!kt##
zdt7FMz6`ov23A(ZffP<oGBUDitc7ZxaC$_5gk{vsJD-VECHQ7&TaK6V4TbwrPS*Um
zA0tAioMKj@7NJuuLu~0d@_zZ5ZfE=73ht(Mga@8%dHD9iq)xN2oMw~6cbZrzibfW+
z{qkJ4#&J-_cIs;##q>jwPs64?8TYQxy5ak^KC`Bp?yckdA~(zXjL!<@my1Pi1!_6)
znwM_r??f7cm9j2^%5Kd{u)I!<$wYS@g_^Exk2l(1YH;KQQY7Uyt($WTxxWcn%BnY7
z%xWJB|7uh&X%9J|<kmHQ*hSNwi>P<ajk-U{)l8%|&kgL~6uVA>-UGj@t`1EVA?Z8C
zLi+!EYSTPv>`kH_=09h~=ARfyZl1M05kCsijxM;AXE@@8{qTp1!%;Lxn}44eJk>{T
zGIF(g?R9!xU!k%vaWIrnf;m<EVt3r6Y^G6jonA`L^XRCf!lh2U(DiW-bwDm7pfcoI
zs0m{iOe1mJbS6nTK~%$;1#ZGdY$F}~IymbViWit8iDL;?g90Z0%oj_p3vYR^z*EUL
zTP-}k#td2?PRY{F_S}8<dH&)O%52C%*Wi;oEIoli6e~<L!GI@WnW49cTw%-pa>Smk
zq3t+$NbfqGKwDU+m*7tp%vVG}bBmMX{Vu^DO=UfieO-8%2b3N5xQzXY|L4tctF+@u
zb2EykpY5(D$GKK$0|$?w^Ag(Jgz=`dMLAo&>1ol+hnQ8CY7pl~3%d>LAGG*klKi4m
zNsqJH+QCVDqhpb^J|JBK^-0jH0lL^@#9`swLCQw9pI%6Zh=g6Xp2<|DA)V?)ho&ur
zA0{O!xN%a#W48O;>n_M#z3Gtr*7nL%qs17xU+n!W9BMJP^#R@3->m+LOw^69n~mOn
zGFsTNl7=v6%VC@S)R0C@5?rRzuW)4?J4@iBftTJTK!f{%K(YYDLyrT+5k2kmEN?Wh
ziQf&v4k>Bcpkw*r!rLML`?GSCKA4qgcIIcgm}CDiuoi^dU_YOzys>pXyV}3j1;9$x
zcb*VvkMLY!h6Ig2>@O=^?r%VyKSh{L$Z6qHsj9fwNrAP+{OMEIzu%vD)h;R5oTp@4
z-VQkf4P)N;UEmbY-<jpWkOOLx>;fNbRr?8*Lgi~Ys+N`*pXztzLuuzGWM|uIUe3o9
z@|?y-`<w0swJ#5lnreELo7M@ICBt;8bgtfX4ObIOLg)-|vV8k05wVawsb>sb&*Nkg
znEkxK-&K3ZQtgd4N__mfLwqA_RdJBhJBWX&Y?X$-8ZMq56+(xYD$a7sPlsf@u)hvB
zRaeD^DXqK_P$oz5L4db3EEGYM{tyK*&a~g|-!MrrtlXpRs5B`WIBWC&*m|;k!sGYv
zO^H!mGuDUVY@gdsIWm5;WDBP`+KaO*@iU|Fc!u?0yw$Zy-jQTq?~A_gXih0)*?zfV
zBBggvc{YDG5Qf(#JI@ZZL5y|EzYzV`K@mciR_k*aYl03Fg7iyI0}86`*ve&oUwDQ>
zM=NrVgRm>SI6JCGnP!}SBc&}zM@GH>d7MD+>wNRmV>j?76%YYGLJLazX=0b~4vAnE
zH98KnOf#W*0t|tZM6Ah9<mh}NH(w%1Bi7a|20M|_649TNr)WbIf(R8yb~c^a4^9JX
zCNTcN5V}~N&GMQiNO;pXZ<kQ&{~2ilyUoO*A*IKGlvbJESW|>~aX%-5D<o$<l6ILx
zdKAB6X+OFi`mwE9Aofw&P_RT23`6`H{sMlO+1l|y);v*sWFdL-DhC(+KSL3QD{7%g
zZlvcIY@s4p-tO<jA8x-r=2Sge^w<LasYZ+KVnBWuwdZPFJF=4v=IVZ{B2m5_Lj5lf
zVzf!x9FpUvmzIWwbVd1O39rlM7IG)t1br1ogW$^8>~=XJNGL5p|D$^1WsH)1msWBQ
z-7=fDzXZA&MS!qa@ga=UNvY47(mcOAI_Bv9Ej6w${>vB}@dkYAH@pAeN5dJ}biS#J
zD|yfxNbCsm!EU!__Wek+wpL9b8F$|WO$fSvm+B4z`ECJF&brRp7BRRRD?a<SmA^vm
zyjq>AT-01&_4fBlyiTKO>*$A?R`58KBmck81caF$aeb^bJ#&q-eG1qa5B58r@J8<o
zry0OrO=Q-T0ppv*Npx<;Jo#Yp{hqurr~$d6wxgL0y3tb&&IN=6C0W-0%LT|1k%X-J
zS-P@vAx4GRl$B8fZlgbPqQkCA!d`6aWPO$5j4;KMqT31`gUSTPUt}GLz>L0GeFD-_
zx$UWPR-lAZVfhaBS;=AVe50n-M2UyQbd|!}&QLDxpHTRQ)fD(q#m7&Eax8+>PLEJB
zV4*<jl7@b=c>4@aimtHe-E)9Yvxfk?B6g690zT^>r5wvGx4{0I$j5q@)##v_i@(dM
zH><&cC23KM5#``Hl=A^?R`>X%1+?z~a+wU}c`NRGHIek=XSg2Wk<HWcJKoS`siEW(
zM?o)Ak9N;xdm}((9Lg3q*`6$+1KK64OC%04v&APQo$l3k0*e7dFNJC>J?lBkWg(0q
z2c|5AX@|V9`5Wu{vip~c*f|IOg&R2QGwmCc7apx*Z%e?-Nb>HkV!uf7E^Xb&CrC=i
zc^bwUbt6-!-ta+aYhv#*qY4-6fwlp+`=Cwj&bUJ+B#|xapWTwuI=I9?c0dpLVQV_1
z8k<a=gb<U?cxg<baYr{&50oB+?n;lDU|i5Nu;y@>sgVY<bp{Y;ByTa%TW9&dt?jnz
z)P_708r^rz_F#*t$&csz7wIT6#AUzc?0BW|XN}j*V(Op96igj<6OC(kaphV5%5^&d
zTuNbjU}&VZ|J1qlD1?yB#u?{st0;S5#yY$Fc04l~Jote}(Kv|OY$IeLT$<T=j7(o_
z^Bx5MlD%WAK3(b;>lydsv&`MHXFE|CZ6<ea<+h7LzA2bvr2W8lCLJWtBD!M_??Z8+
zYkj*RVKOA0G;XU=5cRFW^&i)6WQll1f)iy3L2wVy<6ADadTEsEu-gJ*U2a;PV{a=m
z*rxw_7W~lU)KR!kgDSngqQzHp;EO}MaIMSLEV#rW`G?yl<Sj2Isr@b`(q1@z-F^VE
zbxGRtU)I*v<UpF-`o)qzptfZY8&TYY2)lmp*HL-?o^(6=tvd)51C$I1m2>WWi4c%}
z-QFWysYmnr!&ZU1xx-#c-5$s*>o0FuWHIqM3LXfu`$6?&i2xq5er9oIgWPoIP8ZcE
zgmrWB+vA37_XP{EKTHBF6h+`4T>xe-P68w~ekVBeME9xWsy{^jBU|g@0(QWuH(MSO
zWis2^3aVb3>Ywudpu?VZ8mp=jD@n)E24l*9QYe@=Mnx}wxN!8Q-x%fgH&l|9eK{*V
zO4<wq*47Of@5be8d~ZC2KAaYd9{17p@=tX5`vcyy^&0RdP6WeIxhB_j3t(}hKoIH?
zIw@1xcAoawmx?{yx^0c+h3+nOm;lSFuN;hk_hwl~^7O_5G*${CUftLNeSp*o13b(G
zKyz39C2}C@1&pxQzz|8@7el*YpKq46_7fC-E^!@Z_06QiPXXC$nEwxmduN?o0;z)j
ziZU`Gb_7_D<o{y3QHw`sE*?M<WH!3gYu^HRbg`Hi5VA+qVo{43JreTIW`H3!EugFc
zjt*)!Bx7$N^y@{sbG!QGX8U7Ao5s--2$knS+r<Eo?y^4s3wp~(H+AQw_WAbQBkZY|
z?_QQs9+!I68yCPyvE<|@Z~=GgjVgT1g3)b!+xcIJ>G9ITz3#f?JxEGJp+#p#>3+07
z@>KQ(=}!?qmVmm!Zc$$qP%Qg0J$C}JUJ!3nahbjvty}GBN!S$D41^-3k;uc^X?_nD
z%FCc%;A5qCyX2aXS<fo|Fq{6IHT$Pac^_y>3V`N)9QX_fq+=L1c%gN{*ZR@$uW+Ca
zR(I#f@xGVEMOA&y7SO{s6$m%c-ov&-oyu43=M2u`^ZlCkJte>91>Z+F49(|#C3m&=
z)>V@A+?y@H*`X+esgk^Y7e`Cc_)PC9?Qh^QMfUPTEv+uaxzMR<w%F@5KHFT#7%=!P
z@PjW3{yhPaa4myiDx6d6-^j%W%xKSfHRvTEG}z$TYyJ2O7Bmrnbz&*+Z$U1d#Gs^F
z-6-*Fq3uLrKX4`B1aF=ca8^vtf(FNc?}H{s`{f%lKAYG_Lj?s^ezPu=N8$B4h^f;+
zIV>s4!spWiDwrY7$|+GE9XU>`5`ZfWs8R!t@Kq^)WdP|gAhyL>v>f~2Ulr{wkx>f;
zZ;6=aRzlr+Ao73wL)VVyf!BUQDTAewhnuwcrP2uNy4_TnZ6q#zdeaS%Q)u1&{TN=I
z1VtiD!8}FF9eVoYqzW{nzs1(tfv9ym{=XWW^X5Hp(wO1DS|#UAfd81b(^Q$hmz>9Q
zr9Ty~ORudOJOV#Uh@4e0e$7gRA&lvQQ~%TEG@Lv$G;t$UnJis#5D6E>5}7+OuX`&Q
zMkW)E&w${Zvxx9Qix2nPb!1wlJk)r%eJh80_X;AbWXwn>_PT=joS*WUVx?mAXOY6R
zsI=?0sLxGs?46!pV7$aJOi8^0)Z)KkRBvK4Gs_{vAWN_alAui^`{-lNX56axIm&f8
z%n%L|l~C}z*Xf>>0_~HuZ61v&B-9UrMUQ<PIFh<x9m`+)0VqY7MkE6d(OQA3g)rcw
z1u82@4oegQ4n&jUJq7Yq?s<6TSeMLjI4nEg=8X~&tBzL3HxsxOlX6;qPub6}UXKg6
z4roXzkH$g;?p@Z|#|G(gpG`?6XoHeMQ)hn<PG8ApH&&VX|M_9x6Ghh4?o-?U{z}PS
zUI=Y^nCMQ>=h9`r6>b!?{LQp8P;@T{X3+mid>Ak(`^;lrGR7*)(XE209WUD;RP4#w
z@4B&9we_Ep$@Y$&JMIeqQMx`#rR)60CnnrBXb1~aMR+$n?0cc`-VWi666gudEk*)^
z3fd=h0US3{oX}VSan&BPX?c3CjlYVY$;UvKETZo|>HgW1#;#9PoksuQBT3+|SYsrC
zK&_bPb`7Jg6)--;=;unbA>zvBZ5DT%1`MkNa90>-{pCQzp-?M)k4eIzh2}AY%)Q?F
zaDU?#=>cLgRbHNHoi)8Em|TmJysk3qPJA)G&kJC`PvlI1VK&V0RtG;shEwnA6+EmE
z5<tps(r)y*6eM^Xe-com5jZ8!4eam*bf-zTG`U&4E;`xh=ig+9=<u>+Pl8`)C~`%O
zetpUsgI@f)4eAs|NsnbFwz=^bscPf(=rbnTU9%!%__*5}QAST9UT~0#*;s$8sW~3X
zWZc%N`6&u7ghiCmDG83TyxG16K6oXAsIwoT26Kf*z<ke*yP<-7XFjBhkjJ^aJ0bv-
zJ3iKp8j3uD=vCDOd?D}f!xJs2Lv)>InGbyK6Lx2^Me(Uv7YoKC`_3rS<?ie(&C6;3
z0mcee@BH$|!1>w7Ohp?=CK4a@RKl(&jlNaBUNrrO?8EV6P!yAYTdog*vST68<I(WU
z7RTt9-~1OK>0KyI056A0&4uXG8i;4D9)9YW1{s`XwZWIOut{J(vQeCELpMe<<7>r$
zxa_nYPB>E&w;D?QvR<Aazyn40**<jd*20@m<x2p<x#UOP<ry}7=slNqzUW<#KX!s{
ztv2vu#8#*o<;Y!zvxW)nJqpHvz;uYgfe<SM&m2>SD$rV&Gp?(AnwuKR8AdFnf@a>y
z<_Q|X2rW&LADCUv0=lP?2|WL^|5Nix6}h+F<6!KDwtxTr@;d$rz5##`$wc2*@$gF{
z%ZY#2vF9jv3<~8Ru;GG}VrW8g>To0>F&_pWXea;J(FUOlCTVgdJJQY|sxB~jQ8YGn
zOVZShdd?0q4)>XExF`-j&X7*iPs>e16PWw`(Bg$W#2faKJpbbzA8He-kfn3yZA{Ic
z0&BIH%HDv!9Ld>U+=uv$8-@I`@B^?ot>C$v2n?t7GljA!33HnuEOLD5-VcG)s-jyA
zZriod7~7(A*bgiyTyFFkpQlH*Ej64EaY<>HYxZ)|9G|qz=L_Hi6Cz1J7}VP2gqZ-|
zpquYjRa$`Q$^@!@!1UYjh<-M)M2|6@@-fAu8A;aAB^oEP%dXe1{S00Z*jhgh-4M;u
z&sx?P#)<udQ<6_K?V-08RFLED`J9DGe_1+Nadb9G7g86CjLz#PZzoPLLQI3VY-q$#
z(sN#O;HK){o_g%hdu8Clc7la|7$tgK^<S-mFcR%q@u|4;Zi|J@`f7_BnGkFlh@@GB
zPzhtY4GL&V@L-cBeDg@(mQN<+CFt}R+hWHtn(<!pjkh!2aFyY@$DRL)9PvGKxIlOg
zvW70}q5Vo>H;Dz-i6iDc`1Za>iHheUP}QXqH+{}FWFwjtyT7O)5n)Ah-^ztsyqr!F
z(#CD*gb(Lax@<Q)4l60rrg6Wl)(;wdMR<fO)gl0lbk-w2I@A0>&!K`~g!<J+r5fX>
zqPoidM=YlXc(I97zxH_pXTK~2*gUm^lpAE5u9p}pnnsKIkRO@nIZL(vn8eHRzokAd
zeLA7Q7iJ1g#T_%?eDZ#iX$`G&1E1HBHrdWhsgsK~CGWMD4>agEpqJ`NAIE~4oq3N9
z1t&r2B_m&ZtdEZvztfOxl^^uoFX76@G*FuyN!->|IUxlN9Dbe>4HB4@K*ApL<S4#U
zx`;d=TX;c&l}czoT*ZjEtwj~Y2xhhyR+CJ%Yr@uKDOM`3)Q_LG-Wyb3?p^Iy43428
z7a?yYxfPH1CB>mfoPAA7ivNjk|AKt)ym|M}kf<~k;P^_Y$BjV7hKHHtL;tsX0e0i?
z?SKJZEc<=&<6vjS9guSANt=+?=)Qt{y8ZMK>|#A^C;Tow+4qNkB?@dO;22LhDBZb;
zYF$&+;Lr7CZ?kQ3Y`)Tjbc#j(=w;Pfh)ewA+oKhSsfpCD=e8*Efjj6&FSfEKeV`8B
zlOR+4u(-1()AgV`%G;wnNmg5;myBUnY<E?^?74i31@vy>Oo?_sf9EHXf1ShiDZkYu
zyI%k?DlB1xc|j#uRvUss3L%Q1KuXQhQ5%mW)OgluVTZg&tY3rM9e_A2F#MH7%%pRC
zdIO!dmW1SGb2trhozTEZ8b0<XT67>Ug!-_ge~WgU_apSNS!&-2M0hSlB1SO+8AFX2
z_eaF=#|Kc5iZ3uAG!o`f({!eg908pW5_B^`3m5HI-hB-8w&-#%KOT@?ZNYtsD~!cr
z8hnahyc0$~S7@mvk2@U^HHW&82l&WCo@hHCL*ahn?=Fiet_JDrUp)aFT}=5Lq^I|^
zK~G=GqMUWfotsTVyQYoRE2%@eKVdNW@*x1zH3gGHPV{rt`H20&E5Y5?%cdqmbTQVc
zHrks*JfT!Ksp#9Y_Y!!_2Kis|iN;An7Z+GtYxc2Vr#(uSanL{tZ`^iw;qq62eeC)K
z`%Is{xYtljkK87MOZP`86mAa&a?&WrL@-e+jCVs6&keqf)plKCQJo+!GfuOv)OA;Z
zp1z*v7SyZV-#xzoQZLJl1J6(JRZa+48404R91mW`(siJq1o9xbI314miEPkWlNC-T
zjqyCp=r^B8LI_aarCQx8K-vPbwt^*S&Y*H$@J*Sj|N6|5#-)?cZENlzZ62gJvXCM+
zW7ZR0hj{nT-fN>d-5R-icqJxn85v7ug&B)q6yS?o<~+~Dhrk(9Q`uN^#8Bd)@ZTHz
z{kP7OhHQ=H*^lJ=X61dKy+Kjw_%Z9s*Ab0Px_{lA)<}^;pdZW`Na35GyyT=f!`j2C
z3xA9A;_aoqxD9@#Kmc#(4wpn_O=hFj9>`~KoO=8+(hzE@yE>n<)t)bU3-6Zu$9Haf
zD$H#mX1CB)Qk6#M7pXv+`P0OVg8%&<r5tKg1ge-M<RmvKj8NK$Hr{{qk{AFN!!6tY
zzBv)V$EBd6!LK+2@c0)fQvPh?{0OKe&7Xo0efb&A4gC?aS+s^fdHfw2x7cDoK*D^*
zmQ#JTddHm0LH-QS7Ddhe0hz9E`$gXCK`G9?g%(dIt%>)C$`&(;^oUEJvODt*3u*<W
z#UB<<=f)yfXmp5#jw|gf$`1P7S*nx23>tYp{Z%7BPr!*i`r=u}CKM=kv&&mo5=YJa
zd8N+tJG84$Cy0a(;big*mDbD^4}9&Jx#fFJ@U?IM_33*8-c*Y?DQ<)5&wzK>mkS9s
z;m`A(6hKU<cCP2R3`jtiTbHCCU~URxQcC>`kyl-NzgvY7vIiIdYg2~K+9l7+;*61Z
zAiLr_zblMt?Pt<7dD0+tP8FeY+bTkEIgXM~BDgX<9=+LS-ztqOY~Xh?t>E#?K&buw
z1AMA|B=v@<TaUH2e6GXIvLiRZZd#Q%(9>_1>z_$TPG)4vaDm?v^{5B^SqyMNxO4^b
z*Btt%uV09t_vLiU=39J7%g~~e<Z$o`<SW;N;n35v+VLTBX+tVTgk!4|C3l8Q^)*=O
z9_%nb_1jn+l+39%DMP~H%Eq0bNY}VZUjjut%a)+fQy626=yBL9gF>axv}?zb-ocD<
z4|%TxzC#hga=Gk=^;!}`AQw1CLl}!vSc^f?|7txY*kZ>9)}JGbqB?MYv-I#Q;Tta7
zOeIj}a+K(lr$s0!;Gcq8W;%IQU&D~keoE<VuM3ki5p=h&_uNrxC3XtuR!)En0P|TB
z@Rt~*^qkKrjJ|yjI^;M&FaNi42<9lIJ`rmthBX%93QkVCx~3*%b7a;TIWCf;dI5CL
zUS-C2Hye+tflwq9ykn4%{?AXU4Yapv(*)Z58luJDos9buY$$R2H}($Aew8`0>s7rf
zRLT56p`&vwb&Z+Z%cFun#A|g(-#}Nv^2i}g)9ia@KNP|4g(feh8hG=F3zXCK_zo}^
zt$CH}`A^*wXl>?3atK#Y>}}NzU8F3C8s0c58>p(tPthAJ0}%7+>r#-Ej(CJE@J6c1
zmvEV-Av1sbc~c!q^uC5E=w(A5;FXjiL3mx>i)nO`x{lZ){0;7Q9Dgz<Xm;I>L`@-P
zqMMYggEA2%Pt)I;t}I{L$5fzJwjt+0mKU7;m=$%LF@?YTrPRl=j(nx2{7+phGaDVI
zUhv1766-UZRzc9*k3u7rI^j1tob)9AZS9vi#OPNBSf?n;Q;jg@C4d!iMv`#qctdt_
zG>cRsTK`6TU-k!CyAh)BuYH_-syHVUr&l8ATSBdxA^%xR?bC0G-tU5jM<aZD3`f5|
zo>AWBBe)d`@O%E0>W<V?NCn-)_o+T?!o2pIHndD&bQH6;krul#V%NpA9`y1|B`*<4
zHo0qCk7im#LbOLhYY3z8)5z**s+R_M6Q=H4=k6v=?}JIlaLj>VwrH|o_j>@c;~$i1
zI8|qn9Ntaq=-A&UWZ%+LfSbJh-a`~xSKbX}SWJ&{OcBr^AA{Wc6TvbXC!Hp+R774@
zRE?xxZfh(DwM-u2oUPxbDa{m+5OxF<{~SbXe{}_BviPiTS7{|iLhBv^)@eS*x@I1X
zJ7tyo{z;QrVXIOh<(xH`a;U0{m`Xk)+@cV<wmj6eWCkS`9QBM|0`-XOtw`#}KRDf;
zkmc{(k!vRf9l@`=aoxpVa|qRWOmD1sfy?IosEAJTTnnJ^e;qFLaP-_@HF9n{$3dY(
zP!C<{8)w#tuDM_kKc`8c?$A;o@f_h40&bjA>7gNp4L-ltVK-8K_>VQ+9JroJlTqOB
zr}V9v0|SX|LBe~4>03FOZ&RStB;&CN6K2a(c9<yq6f5crU>OBTPhh$C9Ghr_4$6u%
zJ1GFvVg<GclpM2p0EUl8l<R+!i9=_H(%4gvay?}QEd<^foB8+JgfDE9KTp0{k0gW1
z7Bg+>gUZr0?ih<7FvlNncDHx8H2{jVGfy987=f@hs&A&KR}F2WhkH(3%{dXR#Oo+@
z05lcO_cLWXw4{CyZ)Q@-NDci@pE?>97gDm&`lT*7gPY1_d=E7mou`*#`wGolqztJp
z)9v3-TrZWkk{M2k%(qA#VAaE!go^#Fn7{L>Bu%|d$`}j5#>cZBimDzxfi;yWq!Lug
z1%Iw;R<!8YSF<^|%hwgvmN>BYX=}j-ZhuLJDO!%$<M9!r_7<bU>P|ON@AtSUqM#}d
z=K@~W-O^@%4trzXB`a7)g!*!1p@Cu$t<BtW2GVrKYTVj*?W$4;-f$2Z$bpwzG@CJ{
zv7%V9uA%Lp{51R6e**ASr4u#Aw<Gs^$20K)7M%mCYp>45;__%^F~j(Z{n9eL2l!pp
zBXKm!9cHRdGTj7aBM56c_HYfSC2=3$$Nh5jFhrkeL~m!RmNXQ8+qw_B_NS<`B(<UJ
z2DPz|89n<Q5BEl~qpvc-8Q3<h9Of>!KrJ8927zQ0#T3WPMNeI=_qs2SR)dne1&k8}
z`4k>IegkPa^e6i7I?k40%m9ehEsV4|hF&Ai!8mmXjvPV8^6#rnOc|-(POh)LNeS-C
z1jvH^jk`TX-|fUN(F%H3iYH8bi3T)FgDIT42r}^=xg%2tj}snHz4Kc~$rAXsa0j3l
zrhm9^QmgOAP)^gP>54U}t*{YA4+~PIx2m^c8k-M%Dm5Izz7FEGGa}V#u6{dyY|6sD
z9(h*HYR!;kM2y&JnQ9-$Awf5d=GQLf?=|>j6}@mteDo6b!vxwPQHjZz?<7TcHftuR
zl{hA0PSRg{5NMBnusaK{u-mC<qS*NX?Ydkdb`ownTbCJ0BNe<)%d6}JWf>Rz{X}H;
z;0U=Vg3|P%R3$;B=q}Si$RXf4bsr}pb~7h6G+vWSzs7#)g_q~le^<75MmHRUP+PZg
zOV_!d7xD`OIVWBfmv`Q_MtQb1AuD<<VEBh>X+*@31~teN%a!j6RVH8!BSt()kPL%a
zppSPwq3oyzSgpP-=FuvgZ+V%i-R7~SA14IDpgx*^sT9X`C^E76xSa#GCOk?EW6=^6
zG>oZi6$W)I4b;~MHmfweyOB0tT+*#uh3Wa$BU$6%eprR%OhI#>Oqkb9J%wRK#rI!!
zLMHTU^&T++;fL6l$H<b&+~t!<Z*$pDGTTvq$#aQ*pK>xzWrE~rOWFu9hLNw4zCr5*
zV}x()Iv-x@p|c@y@pb-h#}5!uy{nYm66DBNHOeNV_=dg2(a`OCv<ke}zZ4)PbN{>b
ze&F-2Jc7wW-&+MH)6C0dczfTr-AZ8Gq(N)OD(_Z5k~cPLFpbICTM`n~hNy&tt8e)j
z`s?m(-jGR?{M19WtgCA@ATtJQQ+1uBO(n|k^S%kOJS)u9=rFi6Jhvd|T58x&Uhi;7
zim`f7{dBg=_`ASw7|V91Dk5WntqFZG?+G>2+o9)jA_1$O|Esvc(k>agS&n^WH_Lf8
zzr$ubM}MGfI}KMCjirXbQV@n7)|mNRpO635wyd|96o&4>gPxVI2RNz9C8Q}kWJ`+(
z{tas9xokE^dm|2Jg^Q^#8_;upheDCw{BC?ohlpjz`DLRuZT@IKN~DBBAcgag`q_>e
zKJ>&E`8e-x4hZimYhx~xC7#h(8<a7Y#m0k43(Teoz-7$T@a<-RPHMd(gJ3`OQY3zS
zVY5x6hQg2&6SV~<NZNiuHh4$MbVvf?b+|Bq{U%D9OQGnrG}9>Qw2~sH$=pstthz1P
zNUCjSxzwe}NlE8F`7Nu4>qK~b$FQg3tGK+B@F;Ucbb+h`vig%6n=#s8wAD^DTv{xS
z0P{DCG`&!bDl}DaeWJrw8C|e1173>5beH^Y%E#}`N-RRz3wy5*YDuD?8pb1NcMWM5
z27_jckt1|>Xe}<jX!ac3G`(e(%4tHJ!3L!sZW(>fm`nKZ7uR4+uXG(kJ!rA48@3ci
zAYuJjoXSGXI|nO<7Vl<`XBu|a^1Mnd+@`XdVqRfX9!yKk1`Db&NlG@_b$eXxmYP^h
zP<yXMC6p>AMd51*<slq~XPFFZ&ilKl1r$nFY{vofVZ6f2_2gQbN7g_xY$W8jDqVby
ziufvMYDi%e4`+5>Z^y@DyE&6}<QTCVwIYg|Qu;)b&~s7(d$`69{EkwGOpe}4DYh##
z3A^fUgsx>Ia0>5Vakf8bQF%S+=pQOw$_?Z3C;te=f+^8nCKoOM5|JY&sC=r?t#~j3
zx&@$JL8f+)>gB^2Tyn;Q)K~agA*Q^Sh~?gBGT0C7Ww&`U$TM@I7790Te370oOATt4
zXfPBk(E1`<#iusX-oCc)5A#5`{rH^*rO^wZt`@-ExyjsmZ&fi=#|4Do4)hLJRG3~J
za?ME@qDfdC{5FujCM1o0T64J)$;nclOKeZoWpnt-&0c`>FYealDl9gdQY_YF=N7G-
zg>LnI!GH9hcv0>D+oO3BViWX5!l!Vj?oDKm$8?oh(=+*(*&d9wQ&+DrZHx5j`^JEk
zQpq-*UGZb>NfpNKSCvY{i#lahT=z_{H~hB#kR5hfvt&w7u&K5A7L=L<5|A-eF`f^`
zRJ5dFSK8JBu_7&e4Ve*A1YI+VQv;X!tOdQnOo|O2*aa5NZPcTPrqZ>$EpdgS7iWar
zr!}UPG5x6N+znCvgpXBdZj>0$wY`KQmD2nRl7a;-1_a6{3D!-9@DQlNleiUIhJwKo
zUBwtT=Qvk}LDrLoO5I=a0jv9Q;<)=sPe;lw#t+|YgHy@f`R_ff0o_cLGKA}Ic12Ls
z7h8!NDK6Y8+=q>i75pl-KeG_1(SIp&Tt}Xs4^~j1ec%&KHG=<#<c5krL)c}R@|Thw
z7yb~0zCK0_%h|3;-e~zxTv+LO-i%vQt29B#7VCZbGCg5*z)9{-O*B&)w{)O(<2|Y$
z)pUy7K(7X4Ry$g^;FM6bMO2*Vsv=x2_M=JtdShkO|H}o~i?Q&@@@HK9!VCJ%7G+2g
z;134%`Vx$_!XdDbfOt80<KNIF%az@Se%^*mCihZmUfVnO36;+e-3LtzUkyP+?{&;g
z(8*8kIq*Hsq#vkX`d=@!rH_)N`#Je0l)!GCeiL8W&7gXD&*EaV0O%%uJ4sRT+jUaD
zU->a!IUW;LgvZNagLY%$ig~sU=Oxxq9O@*EE$Mu-Pgq;ixyc!N1xiD&4eA*+)BfDe
zNwMfjm&ib7a9`{TKEH8`{t=aF`1AzYg(N5_J*DxJM|&-iKqcu8?V>+0+j@f-fEYZt
zD_(X#)+~8eCd|h^R&I^zeR#d%-=Qob+NuOWzKQIBS$%v={sHMAUkOo+<eJwjKB7O*
z$HX6?N^uzbmjT>R)EM)oUUB#Dr`s-(p|o=K0!~A$1kRHZS{qDsVM)lb4TCt~mh^q;
z8H@fR<NYzlL*?{j&T}v2N#$^|^-UI&@{UftFPiIGKb}ed_L65`;ex-y`Es6X_thth
z{Tl26pVLKqgTe6M11uVse_2iXV&`TR2T`@(I4=HnosY(ce;&p^$&|v7av2pd8O##@
z7L>L`tjtRPQkXvpm4AULB-}tXfHagRy*<y~O*(duUK;{)LbgF^qtH?!=;C2u87Qzm
zO-Qh-k7F14Gf;LQ)2~YYPeuuPCi)D%c`pD$R`$&)6fsdgbc(AMIl1trlBLNEVImWJ
z?j3h#8u;?L+X(P`!>Z#ZCBI|3?TWy|Vj%57CC{sEFi$XHQNdU>GJ=GX80GQB$hVm0
z#0q-@mV{$LSc~WLd?lLYWkz0p=1r#GQGOS+t=<eQiho-#S54`kys{_sLJ+nK+{u2f
zv&i(htu*(;GbT_XpXPeo`mg7OdY9Q=H#o3{EvN%10;wODel(Tlzb+-nPZ$heB&f?O
zGY_83VQ#n{L4EU9vX^nZW%WoxK_dXlD3T<Vze5SXT-Y92Oa4_U*S+m;e~bHXH-(|J
zsPD2eq%R<&?}8Vw!KB5`H$ZtzDWW+}V+uXwL~5r)_{sC)jl_pBN(W~{U}$5uic`$g
zjJ~nKRhho7{I+wAAzH(Ni~p$D`vwzI&=FiZWRp8(q7qj4Z$B>i)5z|7AGwj;>5-IZ
zRUmGyhiGS-&9hINR`iVN7tkO%$&a+z2g8QfaqzVPS+Tg~3*+M4*bmBFWIx}Mn_%BQ
z!-u6|h46GZx+!2w7vq)NwiPSCw)Ow&ZA*b)omF-z<0f>hb}_LYuW7&WnM#}hUK_ak
zME@o}1?ar$#EwtU^5G?E<Lgl(4v}}aH?(BD)?XYJs$b;VVZ)*zg^g6;C~#aVnLUyy
ziy)WL(2D6+)f!ys&9LPO`JA~eX$*z(<DZiwYAa}PNC~;9Q}xgt^LsAr9ytrZ)ErP4
z>`+>04|?U-@*<y@KAst85}$G9znFu+f$QXiIg%ppe|A$3em9&|yyDrCK!>Gu4N~6=
z>MCBY&7I`G-8*(QkNqnc7qu{K?a~?wodON@u$9(AYWTUorAGzlzk14>wI*C*X8$2<
zkqhRNIYre<x<Os%glqnRe&0X!I#NanUF4kh%V}3Ov{MPFg3ox02cveDghnhQ0SnGH
zq>nXqR||iP?K~VaL?QIwAI1LDj+30H$xE?K8jPGD<ozxkRa^+hk!Y>?1a(8ssVJ3C
zvV5jcl8$<6FZ)ABm45_EpT7Gx?BX68G5V~cOfx%yB~S}%O)5(F%~5}CJ+(vhn-YP=
z>U>u(6Fhhz>TN57>q(kcYNN|6ypjM;8@PCNor1)yRH%phGhFbyYG#AM3x}D4zJ&|>
z`u<32_T*4!K@k!p5o{Rs`P~SgtwvEUPw0<bZu<+rN8)Qgg2QGGfz$i$bk@Goz0F_8
zh$g7vrNC=I<S9Wq(Av5xw9DSiva#wNF@T9z^e5`>x2VOzU2d&@T5Wkc+Us6_4m*?T
zHA!n#61%q3o-~KFLXXH{r|`h5Vu^>+S5sM^;?-GvRQeZg8V0+F2-YIk4+bj4d1LJN
zzrGNVJHYW&n8Dw_`OzahB{xV0CuP>y7qf;ebNlp@$#!{-lS&a}P7cph|8t=i$m1`{
zO5fXVc5`*j_qjS|=`}Y+{MMW86_4hQ!{x?DcMzYZkT!Itcih;p2BHvjs*g=-ehF%`
za83d^P8M!VTJ}4hz7N$h6v{uIP{H*oEYziU4=vNr7KEF2(s;Y@;X^VL7$gG>2=Vga
z#N`XB?35wQga5=35HW-kAYe8eXg|}rWmY6)r3GXw_&_4t*V^E)1(Cz+Ud6=vr|@=9
z|7fEtIb-bdgiGmfS?`&8{Ob&KoEP6_%$)u#w*$MPcD4B*Vy2eAF+LlTLtPhGT~SUa
z8`D?OW@xb(5yRlN;auakglen4!6#HYcIB#2o*ZvnD^;fL{WasUz>b!J!tqlQ95Rgj
z)||)zE)iSl2nadjEuPLvqFJw)rLY}mY6@ZxoPZT6V9xR;iO0~dtyyAX?RUB5fB7rq
z+WHuH$TA~DlDNiBA?DL~?98M}DgWb2d?z~FbN=m+Pr8o>00q^@YB-xWX`A-y=d{vK
zt$&2!)jzR>*tr2FPqAF~X?8uxvo5>#{qx#W9$0f|olbxZhp#`5<f_`^<+4V0uN7aT
z*wdAx-eD?fRO+hL3XV4<s0cIv8Aiq?Z=&jtE7J5)^Lzw-JNh0PfX!_Z@0e5j`*Ywr
zoC1Q!iW8}U4W_pI)+3DwcJU?ok>Fz#Y<dA`NQlg(@8{^xEd*qN^@#S_BkM<EBgNg6
zp65{nq{-fFW1)F^q3Hq61wOpe29^JVwLk^q!?ofB@$eI|S)uU}LqLoAD$Ob&Ed@C;
z0ppHo5(JbQPTRgLx%n?;KlGbU->$R2<{HkP=|~adU{uZ@x&D>jzJvu4=w>&1xPw|t
zD{DI<u8hgY3LOcV43ojbYJz&$kn*Ac!{TJQG-lz~bpZ5QpOtjSQ^vH(WeTQJm$3N(
z6w7=oppFHym?z+Y#XquO82CfgVmB$_Q?<65uo=$;MrA^7y8heUnQue^t7Ls-UZ~mr
z_g*ug;Z({H<Q}2ww#={C$qA*32h&{@E^hiUQDRnM@f__58FDB|uDg|$6^8sI>^%tS
z8gzW*P#pspZr~B1!-4O#7tT$tK9X#R^l4`Ve?;GZv32<UHEDd)7EV}JnYhYZdainr
zvUa`<$x+dSVn;_kRQFP8`iA@`29i($UpW2!9^gfczV$-beVaZ{Hb&>N)@H2BqkYsk
zo-OO!e{S;GFz2WsSA)~WFr`JneW*IIcclKN{fTp@OIQ|qYhTeMGwfM)75tYx9P0_V
z!G@&UQterIiZi`f)C@N*;f)usT!*E~!&2Ci8P6UtUf}mX5nG%Yzy&V7&){;dQ~Su{
zMTVH4o8D&*U3)lEmD^T%etcf}$HOMqRkR(jBQ2=KXj5v-sShTpbj9XB97h!1eq(B3
z#?JqPZss?R5n>QU#(<$%9(5R=PiZpBp=$%l8T?OHuWb%-2y)JK4MZTMKQK-t!yrG*
z?yk?qfwd~E=>o8?k_ta<_}!i9K2l>`(Vuz`fjoyerYA4ER}Vx(oyizK(HqOA2a|U%
zcrIn$h-TaGJ)7mOjiB~945)QlFnF|Wf8@?sAn&a`5?AD~@@v7yJ_d>-g%8)<+5U*5
zS3Zn@Q&X$ntX%uf=4;tqy^2ItI|qQyUl$wH`8RjOLE(o{#Im(sHhg2kxx*G5q$B-I
z8=t1J<=316xJ*366I6#x1$|p3@g3`!S`Kp7NP~ci-g#AB)zy#O9%n32yjB0NKNyOd
zZc_S>w@a69N$ejhP~LPK%QD(6>zee@c`nlH&+!(>e*+UuOlP^h=3XW)leS~orj6`B
zeFr;#<o}f3t5Q*1QZpNOkz0vepHG(}M&rU=OX6M7-ZP~Q<04{}BYhC_F3q1?Q!=8M
zw3rFB?4LzI>z%aN8z|Z{ga=9q+{$(!by;uFkyb61%G|fY@{Ab}#^V^#<adQU;w{a8
zhU+Kd!rB7(q|R9Gd}-Y6U(+`mgMwD^R~f6NBBkoUgJ^7m%`~l3<@@TsW3q#Jw^xN6
zdU@Mz)o#FvF-78+V6l0PEzvpF(5nN0?#+vP0y>WE6BtXTi07~0ruyia+J+>T7l2as
ze0Ux_d=3Dz*DxTYdU|T11oCSj<wAooI#$CzJ?;C`_-8%eY$q5kks>!=a5vB&VlaM!
zF24DBT#;hx>$_9lkPlQl+yq^EZ-2aNaGa~h;N%*eh3`;szZiPU?aK~$v!ho?_I*_^
zy0JqtlQtjC7k6(B=0fu|7oDPMRv#Uc(+*5e4BI}ur```UsUY;{0<7>epjj-~;7e%`
z&w`yjdy)KElW}0KJ3HZsw<9k1=l!D3#ohwl>k%i$7%V?^m6s<DWaqmHu9t@}uXl%v
z71xT=-xf!S@68YC^?}~&>7-l;3ROtLSm^t?claW?k?jI!H}6~C8C?Mpbb_pR=KA}#
zBdxxF!#SVR^#zn=kdgOLuC--A7Td7LDp^aN0~cIQYe81VcTbD=?Vr41nKn5{TQ1Rj
zi*-Yk*NwK<y143~q^daQf;X54%oEfJkitnX;$upX>}SKB_MQ!(Cn@%7#iU^Jf7O%_
zyE?Z1d^B8Hfd{XZiKU_}d-RLqab1(^^xW@6qfP__LFN+)oSVzz9GHdb^2f@$h#UwE
z1&g||ww6!&*Qf`$`IWAoym9SgV8~t_|Icjt5nk`hAzC|0cWRdZaK6h7CA3fPl*3*H
zVYSi6`V)xQ7h~}fkaBmujV$izGZ1-JV)r10{A_wjjt^lo2PP+3#czM~;zk_~O6^QF
z94wVozU$zJNlJ#v+f{kc^y?_mjBRANsi<MYRs&;0(oO7dY#_*aQQJZ__+6$arRc3G
zOR|-x!vcudxmD^H`;p`g)G5BK;v9yw4~^|HU+umB=}1G1IP{nc1}O$jLVSeGBU*2V
z2#&|1f;FntU^C5Lc}Cv-Gd#<K2gjl$o}m=Q|C3FIoRABvX`X76!c$4UwT~zzr5v=s
zTE`ihC-aw@kFbm!>=}CLdcvz|IX{u2`1{yj#7<V+@K^G8snx%oLE9k-$}{Xotgs(3
zQ;}8^#&ihrR*$?_kOX#$Urq;JO&NL*^!>$p@)3m0v@e~S?;4#L?3|x#Rej9RSRf~6
zR{8ZQn-4)!FQ(qyXlk`jpH)4@e||#5b8v$V7Os!<-VzF}RY!>o;QDJFaxe>oIodSw
zI~6S|cmhM%+(EUxIg?@mAIfGqap6cgU3^52)b!sZf=~yrh-!MQZ5l_#R&GM;@jE&n
zP1dNJ6girt@Zez4Aj^PtT-1}(i#)?{h~e8i!malgoU*5wJ%hn^rXbbyz(4d1hWN5_
zL&6>%%YM5Ji3$p@!0|JGEt}fCve8d^^i-O_=FhL5Pvl7l^j3MZq0osrQ!#{2?jVCJ
zSC_LRHG$^P`@MfQz&}62v_>p&xDtkl^Ow8~fm%@u)3Uzk_5Y58`1dHF^mcCd$p|?-
zVJ5H`=rv!vYUp9vlRfW59>442wLHzAp`u3&u7{k&2zY(+A^UN^ruguhk$N~%jL>hF
zUD$B^nL~GY8Vo^4y|pX&wq<P*cfG)yBQ_cPtKgWj?6xUyr&191Pvr#l4t%)mD~}v7
zataD+_Wq-Cb|-e%v1&P&tn9il>`8UuLVFSNkH5|B$=aj_U?4Knua@>Y!sQMi$4JbQ
zfEr~damZ`_@QQ00p=Z_%(MO+z&e|^W*#<>HJ8OX%hr*5&it;TU`eop|-D&mDE^r8-
z?Uwc-=c6<MY;3*lVliQFu3^p&VvEdUn^bMy`;~?f;t2fi8u3|D%&OX7fa$v}WbYai
zHknrYs=Q<$w>_qMC9HoR#Bn7(d|6lona)k?#0A*vD<mhzEmvRlzZG^-6KGWh?h?#D
zbsY&#BmRV&&#ngG@{XzVaF+<%@=RiqJ%-NE)Em<iMJ+?RIM`ouc%MtgF>G>FDf_ni
z^uW6<D(f;hW1PpCKG!xuEdCR@Ujn&vhw96HX?Utm@yAmy+cdU2OT}>|na&X8f8+eU
z8^0nP&>0U(KKvfQP^ZjHyp@6guE3WUhl3m~yMi6)Ok8zoPD1M06?qf-XO!3+=Cy0p
z!_oXC)>C2{7?$3QTep+w)GRxABJkAWwkIhcL$o7$Q7b|f$sXrN@+dGZ>!MwU0(2}T
z7nQ1bpqJT@_k=R@K%>&ZL;_DK?3HPS=q(c7Hg2L?w)D7|4)^6jj%Aco*IAPA%9duW
zAiSO{@25Ys-0-<s8SwDYj+w3tYI^>!0%d2p?cW2m_SGjRdcm2O=8ody!YiFT<1aMM
zntT)?V^}y|yT*^wQlWC?meqeLhNeiEtz!Q)RqY_G$t<)e$;=aXM87?m?*3}HS2Mja
zx(bK7nun>PK7$L;dev?5DlEP~#4piqsx|-Du+y-w^RJ<sy7fo(`d?4DoKvqYGN&6>
zj2vqXKHS|!^qtg{HDzKO8m_ECu>D9dEh2oDJPJ3*euBK_&5m>;H<|J;3WPlouX111
zc^l@150ChThKc*v2;hA9JYnn=woR?zG6@(>YZrtwP;+0=k3Bc`yILR9vCO*o4+*H@
zFQF@nq?N4~Q(RtqR}wtO37<6{@)_%Y`@ZxJ5q&tN<8iu1V%BP`8Ye#AofX>>LtG|J
zmZ&KSveEQM^E^8+$~U+ItNH+F4qr#-z%;sKPuZc>4HHHozKOy7nM!}MRc>}demj#M
z;o17aF!^p<9J{G!=W9Lo+OLXXx`2@}Yb5lX3Q;%JXos0hBS*96k4yb16g+#KZTE%`
z^ig9{wvYu<_Ghw6+{gq|En_;Z?jK4jZLYW~0f&ip0}<;9?NH(fmDe`gNZ6DTDa5&W
z)TzCr<-SuL>`0<|{VQpX`n?gyrccxELW^NZ^UkC_O}4+VghA$*&R3mE2B~zB7I}BC
z{j-Y#$D8Qm>>{e<j0^`ahrYoI87(aSbqc7RB_WYq4p0Ry_{-<o!o>056m8s@Z#5-1
z(cq1q{`F;xtrMxrvM0G=a^Qu`Z-e>g{w<BImvuSf@GwX6cqacX`VzU)o9pK!iIOqo
z*g2A~((JI1P@kAQN*o)39A^1kkc#YT;N*Bbw)aFUPQ5+XN6<H5-o*>dvu`Pr(xHzU
zX7H=*nfE7yy7kQPZ}~pK3P*g@n)(nL&}Nc82eL_&68qp|0vLT4$vyd6EQ|j5)nAhS
zDd_%elcYYX!^k}2&Bb1lWT<N*vfqcJc#R4l=@Nss5UpaZnYy~fZK6<G#D`r&4@*`@
zv)rfRokQj6Nw~24Rox7KgRTqI_7h$O!6HgkzL3t@ljabYfm;)cQIoAVEY^v!y-qee
zM4J?Qy_nQ~bRD<tlD~!4rq01=gI#t<Ac+hG3+WyX<n*zlYxB>TG)6I~L|tAfBrB+J
z(2A6QalZv4#&6F8DeohRIGK$|wMx}B2XwLg$zlPjrvA&-)m6)wSzug+J_x$v(&5lg
ztAEl#P46}+QxY2o+xj`~>K1b>gf@$e_Km^5mxI~3IVxlNkkEE<`<;9Py6NAcZKYuY
zS{NeA$Nv|ee#c9%*)G$~mbOPdp&fQSOX>F=gv-f!+xSjNf8alA=42f`nvfFue5vb`
z@7056@msb$+tnP=vOOxq#sOm9`BF6Q5~gb8OgFM9Lm&a?rjaFFN&y3Ph-EL=ma)5o
zODjDmw?H^tSJYkq<`T5Xy?ct!_O1^_{Bo);z@B6wF%ymCR=1RVROP+1B0gPyNJ&~6
zJTFhr_mK%9R23&yj~s#eUM^K9bo<ZDcl%eLzME57V}i@QSpbu^5+fBShx%|v#1iLg
z+9mc>I)+H1xLjLl3m}wY(Gt$710(B7IZnnJAgt87$^(gF42asEa<3g~{qa_J5uv<2
zp<isjeAE>45o(fgY>s9;g|ymqQQHSvcXw%64s^CB!EcxP8ueM}ye2P3PIvs$jC}pf
zmtrJw{}UIIn+BSx3J$ib{eL&YT=*pk$c(zwc-$AeGkNi&9oO5XEL$S}bki93(G80q
zN_{{;VN*(Et@B=K!X3J{Zt;tzH3r6yn(FWcQUW(`AiF9Rdy|vDA)H+QMxWZRm(vmg
zLza--45sg?W^0!lL`+}+IvR6)XZGr0$Gc7nX7$=CLiRL9!v-g9lX=jVYlQm1*-tFN
zn=yL6TfE7oF>$)yH&pnxL2T!8vliUA@gI|8S4;~fHG9Q*{r|*12gQ+<a^~|nfl3er
z8(E6o0;b7!l1ylmKyjvB!SdqlQA1+wlUp12-{(06xT7RKE~OZ4a70qP8|O9)**dEr
zy0pR+5jzY8rP2;FGwaK?Wh6#izNR{mAfUL_B9`u2rDc4Yjp`ki(jz9m@CC&f`zPBM
z=Eg?0>^Cd=TH|}UE_Ve-aK-h;KvLSgFNlx#s+W%0N-)#-?F)~O{}0w9I>m&-*0dZ#
z?mBqr1<--t1$&3f-RsdJ`)VgAAf`zU<TxTMw$?_xfzkK+awxTq5KhzdBM<Dly}p#S
zs`B(Giuae=78$e_zNSdQZ>QB4Hk(0~Cg99L|7oL$csBU?W0;HUlJ7;y7Y;xPiv^&=
zzw@MvE+^5o&MAEC!nnVZ3joV#I^7(T<R1ejzK@{Bz?>Y1L`xHfPGw#8B$2}+Y4^t`
z$dg7vKfN|GnbxFhF`)ospoLY7HsSP}2wL<(>qvI!&!(Dirk2$9&JLEuN3NfPTzifw
zr{#@xP688K$dh;<Z3LsLbhs9)4W;+0q3q!G&`X{Qf9sO8xDP_58Clji54=T6v1RN#
z1zO=N158of;{BG$xDOQ9Gw(;CZ!ddA10b*G!GAb2j16W@d`c48FFaQ!z`IC(0MpDW
z@0(woFu!#;4Z_>wAig9!D(Ms+nj{nJG9#s6o+b3%g=RVTzX@u%-Np8A#q~+rFF3H)
zreLQ(6`2;6mi@BSzWGi$4Ngl8BpxjWU;l`9GC$X-$<l-5pwj-X3;t9}oKoB6PmQ8!
z`{XhJYH$=nam<;NZ+8`6ksjt6AhYtG&%E5AE*?+_b%BvD6Fn0X^X(UjAi}Lz_B}b7
z)-X@pm#49hsU3mL)Ny6<FI36ms}fwO-pJy6%OOdH9Bczsw9q3p3>}sfI7OrGU!;<0
z0ahd;74`pN?7YLNj{m=3h+`jnbB?|Dh|FWJY*~?!k&zY2=Gg1lGn<gCD9R>#6GF*O
zl9_Dx`}F<(?)&=vcmLIOx$^P(y!ZR{dcGdd*P8EZFJi?YSSTO0%HtUWol5-GP)wXi
z3+(j`*QwH&08rEB2_$2ivajnypeH+XI!@3`KJ#)2tQ6ms3is=7AEw{Tzkcq?E(iW8
zU>p^2UUq4}N~*AI`><<q=k;7ofzMHSJvP24rR>e+Q48yg2KVF#&o9+G-!VdEzk$Pk
z3lhr1aDEAL`|5Sqkx#}y$O`hjD<5AimRLHEy(1@~?=AV~>-s&!K<9&hwc=|!ax3J~
z_h-lwj3*Yp$>nEr7w}v1`1&~UKY01IGp450h2a!8NZh)*luDL+@tvDdj47SilQjR+
zTCnK-UMUc8aU)gtd?IuCwzB@r{j^`p(|OjdrD9PoEeVbRr}sW;Nwhtk&-GgWpQF5`
zZ#6}+WDhHLw?%c<(aHfxe4k?LP>bkmQ1DfVzFd;`B)de5ZgU?K@y$wWUov2fU`Igh
zbHnj*NG}y(eF2d)!<%wG17$bOmfS`l&Fow4wZ7qb07dkrS1okMlPab9Tn8QwneBtn
zIi6e44$k^U_1iIh_CO2j28ZHg)7IzpAEG~Tzq0O${K<SWkj(PaRMg3$DtQd@hH)It
zdPj$ncqNXPUuk6*pFIA5aVRGy9^>kY>l!gNDGCf%QY^w^`v+7xQqEQfXC?gS*vZIs
zy~N>eUD8;njYpUfp~*x)5rY(`Hhn23BAW8Eo3t?o31K<dm|RT)fLbCIhs+%T$~Rz}
zK3){nmd<jMD3w?-TeMmuQN*B(sIm7~EmV0V2>zoQU#4S(xI+%qk}6!hp3AU|nmwuB
z!Q|nvKtN|XcG&)P?D?M20UKP4jnA4F6t3Hx|9q9;d9X(Ixd4Xb`)Qn_uWT?q!<nBM
ztri+5ccb>?0dJAz3!<APA{pSL_j5M6r&Ua!-73~a)-mFEg=w11?ZEBBHhatWF#MU7
z0te$a%j|sP9f+ZfTGpqDR=hgjX70yQ-IHZ@X}l7!{53DlC>vn-n_fyW@~eN*E67Sb
zjY!%Vw#oNbD~-+C5V@=8@$_Fh3=$b7nb8HZ3wc6U>+ZUxY9uYdQ}&1eH+Zls9EayE
z1=ec+f;C`4h-sb~c*g7lJtQaJVLoP5*~OpttbE!D(?=`bfd{0BuLXwFl;YL;7W;55
zBO#=qk%RbNb7MAZ)N_7<{v@VaerwD-Q(YTXvg=-_Q6@!3N*4yjO1OU*;(m14euz<L
zw=Z%$oH^U7dTsY(qUa~-gSk)2Oyw~q{*NXbK+J0KgJXe6$ZwuM9)olL)t@bN>%Ijd
zl`v&=k=M>dFOiMrJt!hN?(6f30H+x2X|?^(iAP_HN8Q9sZLD^_wSD|IR~K}C5=Jyp
z;P=_R^#98FEMypXqU63}n%xqE6MVMX6gTmo{o?`jj|0sfYlh~alG$j%e%83+4+VaZ
z@o4>AJ1)97L5QLeS^wk?Ce`G=PUdj<-pJ9y!l7X>_pTYg%z|Mi;tufV-C}%3*DpQj
zH2gnWfTEX+YHpE&i*<N8uuHoA2lCB<>y&tWB;tQB3wmzAkT;TH8Z&2c)_j*zzM(lt
zCXo-2eNqnX`0!tU!~R0x><lg;K{L=3+4t3#tpP>9mi=8UC3)R-+kpGt=ZMgkrZ^I5
zC>e34dtI$Dqp=AQO^S8do<`2YEmYozGatW4j6u8ftn79fmL-1k7x67MuND51d4Biz
zhZIwVD)y51Hcued!VgSV7l`6bV*0i~{dNinJ5}BPUUG+~H=Znk9!Y>tI3gxi-;E@D
zD<6PC!m|<<Qn;d!`WHl*U&k%v%lK=6^3fy~zzd6}DSY@471_yI=(ROwB<ptiuITH|
zqQvE2Lr#R_o8?4ku}~9T5_?a)9Ie*2=G_38C{~oM8+5<_Dd}6S0Q%icZj-jzAbqP+
z6QI$5(e^`L+Wei1-WK0x=CIj7F*~y8oQ`_s^Fls5vYMEmw0T__R7-wVuAw_^S+QK3
zG2b;u4D{&~zmU@~E5gu!9U#PI+K96KdgHpt=(jhVe)u_wj^VY45%<vfuBwyii&x~y
zF3(Q4@S&-<F1z;e<>|;dvlQEb!S;~%#C<`gGaz=}0DgYP_Xlx269*pbB&mg_5I$r<
zmN4!z|8c(Ft<Cy%X8pD^fO48j{PC+hghh0l?}^)l70oDb)Vb}`k^%LYdo*8M4o?hQ
z>wdXTK}~>s*x-D<ZF&-XQ`M!y^yA6EhRijWQPpR6T1KlmiD!V0E&ZDgWW;l{=$>cW
z+QN1C{P1zF*Co2lu$H?FwZyDn;tP;=yE|d#$@WTSyWR2(4Nez-b2RjUSo+7BSHfn*
zp6=xdoaI;7soN1ld@yxzPXN?Fp)v51$!o&zXp>8u0hw||c?lzMOqy6PRPKF%ik`ci
zkwpejO|x&*-Rj<2tl`I~#ClQ*gPeXMxfRvce*dM^&ju*jXS7lJStgDKx*x5`5F@1Z
z#$ij3JnSU$<-t!l$jeXfME2mwskkeL$C~m61)2<g7l~n?aH|RX?7X{$j*0zDz}k5P
z%=Y>^^yU;`v?q`F%_l9xvO&F`s;EgYO%jEOGnj%TKNJUOy)ot5H4$%$?Aklp*^nXc
zWOqXBcJJ9A?NGrzEdUOIt7F^$vFxdS@Z~{&+4F<dp+=HXCZEd{w~Ki!LCl$Qa-TKp
zw>Fra*$ks3n<Y`N-=!D4r%wsHgLfDEw(4SJld#=s8<nK-D>4cvLU@;Nv!0h33_1Qa
zsGUCjl=$z$rO)5?aL+{+f#Hoe8fx46Y@fSA%^wjFtaPV%#SLJOtng&j)!RhImq@d#
zR5!_a#%dnD74V^DT%MKi{iK4X1E+88HnneQCY^9dN@e^~R5koA)bU@)#QKY5Xrw0H
zcW)SkW17&UXCFu9h4=BN*aqQ`c|O3*h$$>s+?e8Y!#NC#i`5ZVp%vDAdg?V;&iDNE
z-Yh*<D5l~-n)p%AR<5SS5_O|^VpHTNY_qPjqpjC_wjV!)Z7j2#vr!dT-13U4#$^g@
zz}B0b*q6l07?ywS^ytymi&iK<#%n?2MgyNUINs|FN5KRvrdj-~hrs%=#nl_67+Q4p
z$N$r79O-v*-**ZjhXNfR3Y>oPU|%D(8W*5NT=}EVG6L>_?itgoltC-Ax@oo9B}qW>
z>4_ho0ri5{;>*H64^uod<oWSO$iFDqg%QcW>4OrGAleBqHNU#Ed#+BS2DdLN0@6uT
zJBZ>n1e|$p9FOp=ZtwDE$ON;A`Cx?WZ#(5r5&RUg9tzFIw=Rk4``IWDx%v7xK;5^K
zN#w6)(6WNxdF888*J;|JV=Or}qVTLX(oR^Kpyi0puK*rzNjCx9w9Z}jTwdq39j4i#
zhDH%(yjPNh$+bHl-x!GaokYH?NeDewf-1^6;v2}I;-95}oWQf2urk8$UYBjn1PHMH
zb#~AjAQ;{;xni2}iP8dliiQQ-u)w}gtgI1N8!;UD5ZW*~!>`6Eg<>!i-g)#pOigSp
zu3dec3HI`w$#Nt2)yJQ-h^w1JZ24gH3-#|-I>)Io1hycSkv>G)j|$zl<J`CDv^Z-G
zSR$&1%@|XS_q&3j0c32+@f>vmK3P8<m@5US+1)<V5oUZKPF|NH`n;^`YBr}@y)*0<
z*tbyNxbJaj3T9(S2mu1Gt#!MEq*}j^9{Z(5bMow`zJ98EXU||!C~*XhB7q_<9a*kV
zMS?ujHLlD^`8}6;!7{eqQnr~*a;N3CYkJ9$d6)eSciUDsXt&Ypxq)E07dllL0yQI1
zlZ+ieT+fYl_x)HAa?xcZt|f+u18KO0fstCMz4&gpyV_H~{6h=|ft&V@VH*Fdx#YLG
zm%zA=KEFO_ti28dZFJ02+)Yht^<T8t(;f)J3G5FY#727>6Z3qrsMk1T?UfAI_bezq
zoRG6b1sq!6e#x#e6YgL!KlKc?qYAT%YJAW0RLr`JFJKqsJ4QSI3T>txhv!xLI5Dz=
z5NSYBiS}#gjz4uxUMhRz%0leAm&~$Bhr5tVf;fY^-%-3mXA<NzANnGje3d1dMz?A+
z_3%8b|2NY;_hR3oD|i@HRPe9GmM?^CSxk?x)x(zD!`ftUZV$PCjM*F<%VV{W3A&&c
zp$ZTXJX`s`(kOj8MAhK^$5`@bq1=4pa&Sr<9aY9clXE4VC(*+qE%`ULtEh-&Nb*)U
zu3s{2xEkK=ow~>+_{6DMYGi8+9&+~Md>2PLvxc)HS;2lL35kkRx*P&T|B`Rc7>Q7K
z0xu=eC@D^y<k#@WC{YM)%keMS@M@1Q5V%sV0~IL~Gj(-qI`qkr;$_Ca+69fH5N!U8
zM!d1MWItzw?ZDk%DXAYn+gH30qOuFNW%9Lss@a#Nm5Uwf4k^WgAJcNhOQb6`tBVw<
zM&5dNb4vJ#NDW~jo~O%RIBN#3x)0O$BDKZy++m%fw{}T#*cYbC@2(7;pLum_l#sCL
zq`u@zBC|DbgAeN+Ew+eU^Z5I^83Yw9eJ|nLl&6ewZwU#8jP0yoEo1XTCfHZk!p^AM
zV^vb(LNfIY*Hwi91T9*U`r1xOWG1YZBFF|M;yfSpa-1lRM1OuhupAe@OlSdnLh3;H
zJTzUQ?l2SyUA~8u!T)=w{VAf%uW-4()JX03qO+L<AbBn+!5%}3*dvxOIHq4sU?q5X
zwWvIhNPgwctXfiXb-_IOdjc<J`^$WcF6I6C-j+c&N5Wje+<LLq4E`iZQW8mz9MzJ6
z(Rw1|P6xoHG5|KNyr#v>-hL08+4^15g3P_3el5$VCn(=-U?NWzfHA0p6`G`^hR~60
z3|ztD!=QCig9Rx&D&PH1qb`eK36WYe94cBbp$R0utN``?Dj%2|gR-6<zFdB#!?f|Y
z?{DG#$06lOkhDwIoF=j3_CF##a8^`wBJ>Fm!1Cc6e*>;ZiT6$@ELirp8SlCmE?9+u
zFAm^!q9`tKHRwi5>F_Z?DcEfpQ(2a*C{j`ObTYh)$9g+Kq!Zz&9sn0=i6!sTc43Y3
z8zOU~cJK`AMUssu2{C;DDXkek;pC6r!UoQ!&eYD=_xY91BYz-2p7O}!wdJ)MCgFPN
z^(CrnH^XFB1hr<iP*R?1Cm^PAHc`h2d%IFRHYImxx8gwUQhmzGd|FVPy(zDz3(<<5
z6a;{o8}%7M?Rz9J6tBn>I?O{Ab!K#_27y07@isoqk{}ht>yRkcvDqAmC_I6$lad~)
zHfsLg!h9*D>_uccboCJW-@^PuwVTsK8)A60Mx7{eR@_3F(Lk;9RQw|Ne5kr4qJl$A
zFINT>8ip;M(jHJ^pro{DzqB%e;xVU*!cbwRPkStRg}dQtcSIs)qJoPJQ=Ww6+9K3S
z?l5O_-FCoGjw)q8q(eYlwIa9;D+(d-&FFwlDqxo>8YJeZFVuD%jv~T9K)&?zW@%z*
zS?+pj+)2dY^Wucxx*f*FhlOhDq@@QSghSg6UzTr*|3wzyu#3oU^lyIKK~C_yb^^6)
z+EW-S;YxSXck6)QBZlY=+)!1RFIH|>CX@<jA$Mg<WVOU`Pf07_jqHNN#@}-8NeEWU
zW~P>?B<KgSKr<fxymdv1U2e4hZPDq49aIp)iWi#3hNSJR4wUSUEC{@NZDBvF9tt6q
z6fIG@Zrj$LVNPgb5EZ7sKG?DiZv`uLy7+KHk6f-GPB77xk{E-qotg<^0Q0m|H*(SJ
zash;Wnj-5!X}x+}cce<XB)b}h<m+x+9Kiq_p|5Ny^a_~W%2b38UVYtiytOaMdLV3X
z?&RcjIB%QuNk5${^%hngFTApit{2LzW`_Ir!Se!Wr1=vpI(Tt|_#aiCe&3Vb_sccW
z{5Kr6^y+Wn=*o6ht49?dSh#BYNqLV08>YCCJ@Wx>=numQP2)fs+cZ1hSi>cZsu6Wr
z!rKvP;uDTow#q^t8+TD&f*kssU6#y*5K>oSI5qwG&ECzmj!GhZrPi}X>`Ai+g^?)K
zI+Qj5TWA+<5>ue1Ld9zWTk=-4a|YgOd@cZHCiXT#RQfKvB~*bq-m{M71{xH4AK%P&
zlQftmfMReu+BB2oDa$P(yCnA~wINuDe`WibV#vucvgIoaP{{-`js>Z?x*su+=e#LC
zfU{ghm}(49p%EOX#yX_JIE#e-bb8#=pO>aBcQH}F9FB_xEsz&KK5h()#5(`=6*k0D
zeh(@jDw=h$;=R`>AFpQB85;8amg9&ZCLTFRZQCV#V`afeHc|qfVL2S6MxrqB7bFMn
zKVr6iCG_rf5}micrDK<ighdXN9~*LsNz>c96HY9Px{Zl__uE6!<m!(`uZ=5v|5~UZ
zcXHQW3R3h%gs?|paV-`EvKF_61%_R9TTo+1$)-c#C9LuzK%iA(apykJmq`b070Jfg
zdGw*H+}YnCSbyX?0GuCwD4+y}YYXJI-*+R%MH0{+NMK~`qCzrz<hsn=zjL6Xr^DD&
zIx(<lU_aSuMcm>QNf6Nx)>zI=$mSaq0#arb0HNYDD~0gcMY(UqkdM4ngNJd|Wq?~m
zC5$)%@6Ox+6pA785Tgf*^#hC)V_9*>6!`i9UU|={0jVLjoPNNAmU!540BiZs!MmqJ
zACqqBX*A(u)L^oYyLe~4q6M~o$D2-QwJq$sHWnz~-)zmYlnl8Q<afTWLkmHK1FX?!
z?jJZsU27B=`0l4sohu^q0QmKof1%b&j-r*F9F7(UE&(S=Zl$}d6Wl>?B#P552RG3G
zlr2ABiLa8rZP`g}pjYfyd=`;M`juE@RQC`a`*_2k5Xq^tt|yvsn$_ogj>mY4N2(U4
z7KHQ>Fs{y$-tWZJOBk1SfvOpS*V6i&Ew+XRPG81@n)0B0nd!fEknhttej%*icNFg5
z4LnVHVB538WTl|SfOG`qS1I}V`5b=rP2t9=dXN>@_g~8!W3wpFfl|r>)JaoOWU)<I
z1X*+NcH?Btp=okp5M*ig#hk0!jiU)&c6`TY06VA0ZYixP2usl-Qx>%BTF=aTY(a!_
z!*FFYd(_ycf=;A8RizO-vIVmb3|}5l^1nHkJ<hSl&MLwFQpv2xg1kF~9YRV~i#pm)
z)sfX(U`j#R(hjWLfKYken}tN^A#6ce3%}`9S+Uu5QT$7jbLJE>ozGm{@-7R1L27D=
z{=*Qm$*cXjUhlLt(q!z+6~FFJitDwlhZ@iH+<}>1AGrtlkx?V#Ow_i(72FZCHx(Zv
zWtvV1yiOwgktouhjT$7uuy60d0YT#LX7BNUHP!_C%3?ogDg@EZI=c%1R?YAg86kEQ
z53PxA(4tNfEuja!4@jnG9@%JPRf{2|<H|`0N%go$I-uQq?HBj&Oar22x^Rb9TF5vW
zX4lxF7B&oG*Ok&XBQ&8fHSPp;p=+S`+T=*F`*T``fE>WtPz0e*qAjFA0jzQcu7ZxI
z6APL*2uIoz{^$K_nZf%#aOgW87Q%Y>bh)O{9gB2jU#DG)=!X6q+MlT>lF%Th+#OvD
zsf^8~lY<L3o<sZbd_FXnK|uqNeZLsa>W+)VmJ|1!aSD|Oo;_eB{)aR_hIEF&P0^Q)
zZu|sZEP`e203lpva&>na_ox9c(@tdtpf@sFND{K`t8i?biAkz3GEqgN`@C+n(msQ5
zOqJT}Q)F1bLqTA<?5p7WSw)fNnVVkWAq7xDT7=wa#`bG8`Pd37h!pG?@s?%cAW;<}
zV{PD|<vYCgI8|MX!d(SL)IE&Xlc(;dwV)7R>ayf9f-VB3UkFk`XLyeV*`o1dz7FnW
zLf{1V7Nkdv;NHf30_-_vbX4Fi&*PRkoHzyjJ}r@_5O;Cl{klVCQP>xGLZ;1Z-{pve
zBO8@3l*l&1Lg>?gy(e@e+SI@?;G@rO4n$3h4xQ@-ZChJD>^%#%{Q(XL5D)3FFAx|Q
zf;fSiBQjcdaHXJh1*+I6=@<her@saOH;>1{5IqyX(v-RkzWOsaB)XsDT%)Iiy2b36
z8qHZbt-8*U2X{cN;!$v`si>$RBJZ2wGRNA?;(GAtm#VpaR86GUWABo-6&oa+6B2De
zYe6UVCy#|Qv4-HFQnhtw_Kg9p;x#c1pI$LCmLH$QZnXO0M`JYT07!%>8>1aLcc&7O
zJ5gs#FccHIUFAj^XiCtFlmvQ_T8z)W?u)q9a`X)xu^+ES`7uS^80g4|jjt5k5=CJR
zFs-8;OC38Wco9UBmx@X-C8bxtCW;g-0uP<7AqP5gSEY?_plovZPMpoWuypLrS5U>-
zJ0y?PmAeAo@(a=cX=NcEES!=wr9z!cAp$5y8rF*Y&S|KoeZxbhK?D8}EiRY+w`fA;
zz@+a>Dyr;qfVgLE?I(SKM+JidRbqY2GsWqim4fj0L`L-&kgy8(9~{w;jk}j6Y(uqS
z;_<;TGtdtSVpQ0m?pklHdyD)HOM3y<btuG!$gIkci$W&tSr{>wGsdzm2lLzq8Cio4
z1=tsK-~FNy+@(WL>d-Y307k8j4T$UPj==W<393WM%RN9>gpk|#o-V(CTEHB}+BE+3
zI?N{yIfEy6eOfYAN?Og4j>V+VSfG^jwb3cnjLH$ml*NMFuu@+ch~P>ZLxbiL%coki
z>z^|L>_wZLYIzhI?|iKY%IGg8w(NUvLw@wgZ5HNAJQa_+fjod*hi8qh%0*`grr$xR
z?ZX?xvPk|dKQ`#!n0FT`LoYw!A-U*QWB*X@X2o1ceB+3Oz-$1`5~BucM8;>zE6G4u
z^S}QL`gi`Kzwg4!?u8?CpA`ek5>90uGy#3#iJ|q107F)(6N+HEpR?V7o_mMrmN_(V
z!FGhY<J>NGNr^*2s@Hc!Z2qmx-Czb--$jmWp`WS%J3#;E=Ofy2*r93iAwQ~>p71@W
z$uq1r5n}7J!?p&$(i{iYrr)d1PtZ3b0*rcq$Ft_G$QDNbezjSX#>R>>I3Q~*TK9q}
zB?v*HzttU*Jq`f=ps`lLdkY?9<x&!2aD{dPJ6A*IzaZJEQKpfuZ=+=oML*>ux;^;Y
z%YFVcity2+C@hByy^}z;r6>g~d4W-6>h%44qp<&e16U!gO`=CI|MLwi=x=Zz&<@8A
zospM!h76~1v7jNf2@2VI=vS^mFQ~8gbB6x&N?PE*Q<J%rqd;TT`RtmRHoF%AP@wAA
z-8BNtXz;^FPzd^)t>MDN|5oHsBw!9%cf%zJX|eP%Ljg1dXhCz!KtKyf$kJ!1(`X{l
zvymIT_XoV%%B6qp(2E3*5bCnWLn|-998U#kdNptx+!zrV7Y+H(bL-G=LdkrDK5;yP
zs@(+-V5j$-E>wVtK__Ut!PC_NFWJCW*Pa~xrLWQL#NGNIsyYlxhHfXUTrTuM-etZ{
z0lX6ju&PW07-U-ce<Mxa1S}8)_{o0g$Ad#LJ(>kX)Z#P&L(xKhExy+gcU$6Q)67Ui
z+tT$Fj&P!X>j8SC89mqjN5NHqv4cm%<BA&$fJcN70Atn%$z32`+kfl-t1C3qIN^Y0
zsq??OVgL*Pq;w71>YHyC4PHYnH-P|h%~-^L+s+aEO;P7A@E4<TZ|mQ8FN7Bo;86eD
zCKX`x7-!(*atlpXY!^6tHE0RUy^~l1r9XnKfW_2+FV78s+p)ePw1<!X2u<OKilEzx
z;3bzMbYK~B3Fw-K7keF=2dkgZq|h@u0+AQ!iNK6?h!023B+!a!eDm94F#YKB#(QU0
zo8)5#pZO37wv(@{(P&@aB2Iv@>XCf{PI-gqxU<?iz?_zW6R0QH8Z>Jy+h#=m9fiU}
z4A7lLo>I;jE-$P22uMSOfnhVS^GnGC49+u`WBcZ_JE2#Ss&>IAB!jZvN)5zEM~?YL
zuPFFoP7!z-FU%Cw1@v{N@Tf)vCVEB33^|a{Rw}CiJ<I1ScbsOcvzGvvj{5=6I@AV-
zWPR_FFH4<s9JTcf?9@MLqFGr{9eM)6uf7533ylr+G`DC3dXbd>*RJRbe>86B)x}@@
zN{;wQLH1KEI5A6|^9@|`WUr21HYM{`<c>I2z1<{2zuqv1Ia=kA88w82PT}aW3{c7i
zU+hXKe{YP`b;f1+{9A#)$p>(uEB_+N?hmj<qVY1!asO!od1>_UCVo*~tpH<UL1kxi
zi8zd<0YI%r6cNLr5UKr-%8*;V0zh+S_j@!Z2Me1{ZoN)pyEsL!*qvK`eSlgY^z#zh
zkJ|Kuccm~%1Ozbya|3Y?fvg|5L;@K3Q3THxKQ9+6<I@16`AJHt281>n;9|#siFfAp
zZM1?A!-K^gFzQV^g4)P=jJ3chr|=Cd#|W1f1|G9+OMbcyCk&o%{GzS@G$@y8eSk-T
zGF7-YP<%d6uySiXP@xfg6fy-tEMbJZ0%Dyb6N2&~p!$7Yxc7X&@Vqh*5`HID!5K2x
z`wIM(P+^;12wGCDl_l7PmG803Cr&|!rB4T@oPmGP=nt?A!BOeyY-oGh_;`Yr{cik+
z&i#fiP<Q-LzK;zIpCOSu9Ob1=!m*pqay^F3NL2gBy>@dn9k@Jy`Cv!!UWM`n`Qb0%
zU_zn3&eR?X#Ji*|zI&E_*JoQsLIcb<-iG>u;kU5Q38sjyV`on$$!&6;{AW#8LLV<D
z3m@l;fhF9N<hwZCG-nB1G_Lz81Z3+>fVA;0zq}T6pI*hI+sb%HuipuRa#SqhVA+6+
zeTF<4|99sPQ>C5VX#()z-d)i->_|r%pbRL*cxD>$!YK)632cq67;PXPrIw9pr=*AX
zg5rus49V)pw84oBP0|Jniq+BM7tYXq0u1E+0^lMHrM&{AqC>3?EmZ=HE+|a@$9Z))
z23+f%Jf4UKxw?-8>9-(mC_>a1DiBm$)Z>d<epW{fu>iW8Qh+~gc+`bKp(mQQFYWo|
zapvH-+zl@wt!Q1~C0JX@1Ktxe$yNtoH>q>4r!F6`Da8%!%{U$Qum||%ViRJtE5krg
z8{9;>+W&T1FS@TTt^X8Ul`3t1>agIw1p6+C@#V`GZUU)m0W2Ls8|c0;MvORd0#;mX
zSuE#r_a$o(2Xesyico1dlNXNu!dZaU+dDzg;Z3w;xaYnQYpwfAcNmv!rc0=>{RlNW
z@tyvK%Z`{37V6U2QjtzxoLtJ}$QNGr4zdXUxAdcGp##21C`MM3fNHXQP?E9Wk>p7&
zN}f95-$m-9?_LI%LAe?*#4ZC^q%#U^5w|23l-ALNTH)Z+90aH<Rm&6~T^H86I4z=C
z7g3|eBI%Aa-UqDHR5V3P{OLD(A1*Ygyvq1Z6{O%L^e#IepEjB?@keO4q)dqi!Zi~(
zAsZ|87hWnjB}!#|&xsLziPNVH4N!!{z+OcchL<Cdq_z4|d{#IRwJ#Dq1iZW$l9H0#
zIgC+h?(BNjJYGLSfgMybVYWYg)u`bbHU=<nNg?A-_bmA-{mkZem>=gERw|eO$<xg7
zj8-_laS$_3!`~Qs3Q05hQiVU$>q`bT$?P1Bsi{@=$Uj^ol6fr3cxTJKGvi2T0+W)~
ztCa7)+V5cYr3oPfX1Md<9#U#pxxaITwnPV{Gi)}bk25tX9v7BDG*kETsq8El_bEd`
zx7}coVpJ&*r|G|Ud+4{8AdyD%=4AjNs(AuGKpp}hhT?i)=~otTbM;rhLKi;w!OeBL
zNd<%ZdLz@S)OYXOPhmJUW&JUmUe>3n_npF%$6^_hW^FH;Vo&M#`a-X!T%Rt!<10VU
z>*P*;28?pFdUxyKkueqx<$Sd;dBfJhRE~cHazM>j-<|!tbB)4L9ZRhZTF9CS%IafL
z{0@L48`*RV8q*6D%skKygLSf{hI@<k0bzRL1sA6^fs5;3O)=MB{qfp;%?X>@EFE5-
z64^@=`8kX0*V4TDcdyK&;zIxIf3yGz<@G+FL^c5EuW9)^sKqi`_0yMjWRiIq4)vNc
zi3kx|_aZEZ6Br5D7fDgA+`RQ=n9!qeJ=VZ=I=;_2Ri>dQpA!qwFi?oqpeidl=GI7M
zmg6+SQh-9Y)%NsDHTR$|97CZnc*0@9J&%mc#}Z!--`Q`{#}BqU`P%z#ja}gtuyAc;
zWyKZ)_!a*jjx?prwGZwqVQT5t7SCI<B)#k{KKf{z<V~EfA8$`r=oW>&ac4IjZysmm
z`Eh(}>oX|oD`MSIhrA5Uz7I8NZGTroBJhN|aL_EiiTcS!d(f4Xl+Ukdz<P@wrh3X}
zsR?=LaZjrWB?}))n=xPJe`0Bd_55g9;1rzYaxYVSDa{P;@cg|d`^&QC^}KSG22x6_
z7XDC9^s^D4_p3r7i-_%=4{P7g{;2b-tt?SYT)qjdFsiB^bf_dE%3r2oF~3Z)Gyi=Z
z@`@Be%CB<3I#@j3X!!Ls^+}$1MLeH#9aw?@F_(-^+@<crhhwHvPj!ma2sxTNIqT_q
zx_)<kl#6I~0Z}~+%wD{Pdtig0ikt*dqIgCb+B<mU;0lbRghx~r!`c*IWd<ZG0K-lX
zVDDsq&ZNImwBKC&gC<g~h&CjXJ6k8qllIf+beFr_4_AxnmF3XMj|T_o*dU-<V#c^8
zpcaHF6o4x(>7NR0v}~h$>AgjZCxYZR*eX(Nn_v9l{@}eG2FT<_@o|+|V78ou1<QQq
zsVcA_9!m|>r+F+0^YVK1g2ZOv?5*w~Go!_W^Op^E!8R&nkK6mTM!#f*kSZE@iAR~*
z?EVI4#_G)80&2VQd<MYSR|X=g1F-yl2Q1yr3cV624UH2uPrscTecwfxmuOR8-VLZV
znQZm*3cX|GmE&||qcoPil@3^VcuN(%WQxDTJFd?)InU!L`AD6$_0<TPF4n-~$XVOL
zLT4lA89agf2(DuSzaD#eSue)3k6d+ul8XwstfE%aO6*^*i(?Ih+Hz-{Z?OfXex3qG
z1#ML^bl)Bel*F=zai3mX#4X-^kbaUXZu@Qd)x*ziKj(<BWc_z2v~~^?8Th1YhYE!Z
z?|iMiY~P^!CDqbf41YYH#Z=HSjq}GUc#_F?c+!aaZY_&XQu`A<^WT>!4lovE8HdhN
zqqLp4HIz}@@WH~iE_3$#dC}lf@Cbz3#Q6#iOiH&a2;_SX?%kvK1P)oBtaG0yUkcKS
z;fB}a^2I=}CbmYhSq4Z(x&3Z!!P^`si^EWpSg5t-j$k>*q5i;LDZ?d4dySjn?dex>
zw`74jwDVxCKcZNX8ByFRW`i_VdBWyrEhzehBm5M#FH*}t$f3Rl4yZ^P{;$k<RQ!4C
z)M^@M^f3;gT385#h=j(-IPO!cflT6B*+MVm>t5>-QCL`5Z_aXySN|{i3Ke2n(SeCs
zP=hLe#~G-kBHN0M7$toSyx5bImAT)SZ?*z|!qh)!FP~ODT<vcm3m%KHWvkz!S3lfX
zR+nYV&}U<lWpym?>zZ4qt+&jV_S32nQuhJJ>v~|sHz~VV9@CHk_59YF_x*XZ3hSi>
zPW#h&Ib2$SfFDVk4P#d<7h~x>nXq+MB<pX`=@fq|emblB*kla__KJgy2fJq?ZK`qZ
zw^J$OLn(xsoWglR^9RA(9=d&^%o>#<afd~o><jPyZ16I1FRD2B@u_^mCnBP>^0`Dk
zGvb<bB5DR=IccmPn$K-CG(TeBe;<PK7ZSgN`}VahKDW6d<bd>huGB3;%crrFPoF9E
zb&epuo^H+96Fi*9OtN9F^FOA*fAMTjRXQ0uHF5x8$`r8##0e=T2k#21q765GDdhjW
zeMR_qM%Q@}4;PmN4>EoGrHsF^AxCJsZTZhG#Y&N3peyc$=i&IPl(EC%dcuhxG&~I&
z?9>%b9EG`!M8SYkN?}MLQZZv2WDZ^R4`+X8n5TBPlD%Fw<_j=w!Af5LI}Iu{dD1=t
z6-EhgOT}0N_D-?q4LVf_uze{2b+W>g;@d~u7OcsQVU^&@m}2|=^pw7TOj7sG+F$1B
zM8^&$b)Pf(8xksYYRLy+ru);2Y$<voriO-160IoT95#b;@>H*kC(Jt&(sN6Bqn|m1
z#3I-zM6cJfPOme(I1Y+e`2x@8Ikq&VOEomSw7k~7(<s)E;Fd@RMAyFy{*76c(kF{F
z{M&K1NvCkEPAjR?F891>)KI|i@ACtBM8$4ymC$D!?%x&;?Mcml)o8CSFA1Dc)a88_
z(HDh!B`U_bO;U$fJMWN!r?aLbOQMXeG<Q0<Zg|qIDnot5K9=a#tP0$n&t(q(%j^cT
zeRN;dCd+YA6kf(vSu(1YPMkiRF<+j@u&elZy0E&MoPmMw(lIM5|Lm=W5r$m;uc{iO
z4k;M4zWJ^8n+d*<SlHE_uT88l<Rz^LgZyE{ii36mX4zp|WJQ+RFIh4sUZgS!Vyjk^
zIGr^_pP}@yuY1|=?j}5a^YO`f__H4qx4}h~!qwDVjk&V8p0MhkG=bMhA2+=JSM?H-
z)dGM)DWlw6i@vOZ?UxKIZp9aOP>e#Kv6-y}L>b^9s>Gs()#0E9QHR}?qs$@p{3c!T
zR$vWbBfpVhmsK9d8<6;X(n0S;{Zq=OKTxNOiz;+H=hkAiHWW{##Z1>#_iU!R`wEm3
zq9I&}^t1@25N=BRn8{=oRV33jD7_jTTLH&DG9|R>NwM}=mkCfAcfZmp$jKA=tY+$n
zaB>^l{5g#^L!QApvG6R}%OQunsuw&=y-u{xR!oA(l6gR^nAX89A^T(MwppoZon(VD
zMTT9@p3`qd%Whqx^|CP}E?Mv6I~Oqc%*iO&=s$}*;#Y5Lt*FB?_|4)<XGZYr>Q~*#
zQTNi3n>u9NQZDA{rf*;RVwV}eV^(;_Q<z!XXBtB8fG~pF*}co7T;cxr`4r1+YVK8g
zy0C^5@Qry>BytW#4UtqxwQH-M>PiO9jQfAj#FnG>W6?Y!ctD{Hc^J_ud$oXoyd>e(
zO8TOX$dZNe$W|OvSPmM{Nc0HU9CdxU>+$U4CoH{0(3djCpFW7IRZ~}{a+3#79j8Q8
z6|p`NO<>_FdSUBaWG26=Ajjj3Pn>DUkwqF_s`DD#v(@w0<>1^)J%D=IN3AET=}H!p
z_QE8j)eO2)m4T0F1PY0Iu2vQ`1e^9!L#U-kU7Hvxske%|F0kgX(mXa7J+fUi^slI!
z6m0^+X~!=OY=A(>JAhqKa;{`E_-ws7n&WDCUV!*;Av%4tPaZMwr{pOu%hR`3Da2K!
z3oQ+<q?kDkQ<qugv7%RYA2&DUQ?#Z&wM=crKcVQa<ueOYh?tqlV{@xkRi64cTf0O)
zyCu>~BA@aFQk$+XsW+;v+X+(EFnD>3J5I>2&#)e>MufI_sOk5K+1$G4bqck;PTicf
zz$BGjD-=FV33CAIgoa0e+21{rh6n3caAB*QJJFVI^zWpHYY`Z%1(rgJA_@?$95X$Y
zs1kMAtNYt8etdfbxeOFp8yQs<kiOyEyxqs=9HB6p!S*FXgt3r@E2c<?JMiD^6fqtb
z3jDFHxRFJY^E90)tMy?C4W69RLnCsyH^t%ku`?mOl$)BA5wo1+5Q#uM-(NEGu8_E+
z9G<VL6(1AV9qRSE{&_#AQh(d&*T-&du~4bt&wkWf)|u;}tWl+?p=2$EE|P<~Cr?Ws
zld>_+|Jm=)sAMngV7Xemi-Vn2q+Tg91Y+E*10l0XnmK;@Wu@EsyrM#-OjN{|W=sgu
zZXf}tCOX+1p#H459i^hL#g<&&CjH~+UMwEP6*eXY2GWY!NHxU|?6&C>d#EQ54Gq%<
z{;26Iq{@@JzBzPoBbZ7`3`|`TDI`c&OR>VXOpWLONwrKHnR%wUNMw|30_Z?tO#|bc
zr74_g!$#vb#PGlqtx;1=h$Jzoo`F}nz^lr0Lt*W!mstiarBZxGdf2$D3kF})f?qNB
zdrXaF{^ZA{I}ny2B9&-SF_Y6-6Wctmx3ZK)A*Xecem2(=!{<W$W2ta|Wy+}!I2mhw
zO25!O7x!cuXx}cVN+57fgtA9g9?0q=C%Sct#L0G6j+;tx;e6_Go4gS^-xwo*(Zsb*
zoLl*`KiUng%v#t;i;%f@EmRd@ifO>2`hw}Jl!2__2Zin9$m9JY&-22Y9hBAYOWl$d
z#Uez6g%|-R;)n2$XWR4oh=G8xV`2`j<1}GsTP8d8T%12VpH%OP@;lV*eqvgTT%DB}
z4)_Q<{r8XoocUl)E~ja*k(AYpRqVwn(GZQ^s7;#QdHomjyT*wxacn4awDq~x<=QtL
z-|BHI9nY0ymka5Y7tm<CHg!EdeTWECiHMn$t^B5&46mQ$Ms8}UsHdr2s`Z*UVhsIA
z&f~bk{DK{G3;&ABsX-$Qeo-o=<fTW-N12$5jARY<nygaX?1KeDoQO332mleV4Izk1
zWjvBh@LHdIkR0UlE6!G24Cl+OxkPSGA<?n%3fIir0a~NkdJi5KnT^~MEZ-b~$&~**
zI-Ilk7@wk<(%;=;;L7&pa}7R)ttIJ%gQ1Pa=lP|(o<KwX$Vw0rCmGOO&U)COmTG0|
zrB!J`_OvRT0M=V?@M+!I)55TE<GL_-wNyQoK%<Ejd09z_N<(js1G5$}Cqd$@#>;%#
zDtzq7n^E2bom;d<+X)SKo^&ruVCGB5d}@FDTF`grk#&kl)3Ca#jibRLfp|}$h#}!F
z-%oiLfv}o4Pq#zon@R%eea~SNd!bCtt)HG5dGuWiSaH$?U3{R_FV_k+<SO8~OrG>O
zy_gsCE@&TRo8J3-;Oux4<aB)H%JEw|y1V_Y1PRGTyX>=ad5tGGADJUimT@fsf1l6r
zPSb`4(Ts}wi5-(0|9%-_oB2Ll0v?E4VYtp0|MZ?}ZBa`#gAN|IB8GCA!uhJYm)@8{
zRm6+i>ILH5^iv%p`96MvW$Ld-oH)0-#GMv6x2$!T5-aG)$XL>Z&GFwDSNsCa=h1$b
z+l4ni_6^^HtUBY_2l3O`GTW8g1w%}@#JDv5k2HlOaBA2_VcTo=mCA`NlFt3<^WYex
zL!g<DU(x#{E{`mxyd`D+ZliPBJnfOB!PQ~|Q9~l1|5SdU-MGo_o1NQ8)cdXswlKT-
z-(g>dVaF?CdH7$RcJ?vg7SZQ1DmdhMz~1?mRGx2=sQr}xRWq+1fwF3SL2u*o@|DQR
zjp|eK?x$a!af82SHFHE3m8&xZ7rlLSLDQHE-RoE#5w7o9bToK-*WTrB;=8?!&Y?D{
z{V(&+#^}So2C}`ok<p`=!5}>m#LAwMC0>7YB1ry>%KtupPX<fJ+I7hU6{E973*o}-
zuSl?A?)EKyCVWl`PveHMJf8ZiUY=Db?5IQfVomHjJi|VMH9v+S=Z)#TsxW=RQvFYo
zg8Eg4#BZE5WpYI^M1|P&N(zeWUu1gk_7<SF2`aL(LC)ssMO8Z@1kx-9=cP3yeYit}
z_&p+EyVtU7^1+{I3`zg~#l})L)KgftlG?j(&c11a2FK>L!UGCkmCjULxHgxGUAILX
z$D6hAvH6?5^zkUUi&^FU1oyOyC+*h9%Ry$iZL-`+!$rip4byv4V?&4KL*xT^Rt1J8
za>p#Z3x2a~y)%cC?Wd)cS9^n1g>Oux15e2Rvbfo74YEN9JL2o2UvpZ0e`d&aLZq?5
zhtna7`}C{pZvW>$(lO8}0u=nG)46^1yTRV$7vBdV3GuhME+$H}Q;grxsx585RlebI
zI3xKfM6BZ!KE$dGVMun&izQQ+(YD<lFONlZl0cf-;4U)t{KdsALJb?<<O7UM`I#GC
zCGM9WwpDpA9m<VNn(x8WQmx7Lv0v7UD@TYB^%~!<VSI;oTZavq$6E4{4JSgEv|IE2
z@3qf0<7BEh=VdDU@#4*adn6jqvg2yyIO8k{hglTmX{Cb>$<322dsJDBW3S{7PnCC5
zni;Mk%3-V85aNfBPZ!JlWcK-M9nTFa0s?O2{IOl+f(V~QRm;yF2bsuL$XbpT7|q1Q
z$Mg_uUVoY|yD1J{n>#QHZ%}*5eW${>;TzN9`1j$M+>v+vQV(}ByIOWuI3Ebo&0hQK
zH3kYWW2e91hX(4BT(xKtR?mAWG;R#owBE=(q?o~ft#$iScK`Eh$@fnEsgNR8Jwxor
zA8=JqiG}NMC}d=Ci|U!+gK+hTjHM5w<+_-95Kb(M#1M1RZc4dX#3HTL%I?%Nt6S0U
zE6kJL^zAFRkuW%$dW-A8k$Kg8T-<pI5O6?W`}R6t3$h(Qsu=Ih?n|$+Y3|c^or&C6
zF=1V}ZX}Tu?z<=wtudqi!vo?XNACq~uROGVn}7@0YF&Vipe0Wl!>2>L?hnBNYir4`
z1#2EY3plgn0waast@z7c=ZFSe=674igf5aVC@^yjJHJLvW;GpP{cO!(`gCO9ox$?J
zL*$Y~Ht=nQ<JRh%3&$fj+|v8m7#kh=0t1hBd}G&+n*=ARC`P!P6PdlttlsXv>>%Oq
z>q6+CUSt@Y9=|CLD-~z@NEE!=7E*?}v+`B=Oz`<Pw|J|diK1cdza2bAUAwt+MHUf5
z5H082<)pSh+PAfC4iR7SIb?i(FyF2B0FA+_V>n#_o!Uz5c#8tI;WC(S1$75Nc>gsI
zeEqq0g87*G_`yAoi;5a@47}So@b4K&_x08GAAeQ^OYc9HBHb#P=P>cLBi?kO4KZJd
zQF8FdZoPSdBU&*ts<1CvW9qDLcy~>{I-r97{Vckr)yBIyOZx6#CMxn;4}+PR0?pCi
zQ{T@?unZ4Muu}bk@nwH>>0wx_OnmI8P$oGN4ePS};NmUS4J;D6_m?p2@vnUB9_L%e
z1NoCy(6<jf9hCmG$GM*(I4h(Xb7z>Zx61BS=(6I7GquDzIVUmO77B2;rI1}Y?DbBJ
zf9s@b(zNa#>iMC+XT*E9l?SU{RF%NiR@ZJ)?Vf8iBjNq}jFGSZ4b|Es_Z)>$ZkvsE
z{8O7%_PmR-CTidML@#>A(#VVD^s4V`{T|O>ds|j7`%>Nxb$avd-N~%PToE(USRkT?
zg0(1RQj!f`+TG`k@q)ApT#na3&6O7(JdMQQ4}AyMcZO|)S38J%%|f>H=n8Co=N}t9
zPoA8{rwv9o^+im|WuJt`%r+$(Y<SJqWH*i9qkb~k%6FO*ce<UJEYA>A1crF--x|1T
z-;({-sI*}b@f!4GU&?ql7pb@<(TW-#lt`ERY4`*Age|vwu3scj;Q8rD@)!<*bgGHR
zW~j-T?)Ht(u^mE<39*T1lgPNXKX%UY_=B>;?;G=#r2XC2uLEhbRC+>55uU1^@1EQ!
zua8jQ;@<9yV9z&tA)xe1s_c&6j`TD9O_vy*h_`1KDxBspo?@E<2)#PJ;%^md%M$gi
zEjicTAG1cuA_kXR)G-U+L?k91*SRs_dF?BA7d~@`Quv2WdJIwK<t*q+J6E+m{un;l
ztYPh4P_JE)!z-#OBU=^$3+|!%btn8Y?_wY$-!+vEHG>hxRY0A80KNj`p%HsLeY~kb
zKOkOZ3O)TpRH|8Ud+R=fY6rio`^u72z<lGKcE-Di%d7D(9gmK`TiR4$s>G|7j4#+s
z{n)dtsO`5nJ+tB-5b5|xn%lv_g=7sEC3$>~tqzgA1|-55rDFn3xo1BOKW64iUYwuo
z;;V>?@)LZn<rCJvHEkf+7V6>jt+hpMVzi<RgyO|eTBP!lRBaUZ4Q@^BC9IbqBDT&X
zcCm*r=_Xb?z40xmHcQ`%;Z?Fh1qGP?PW40)AAIxQi;)?!JGnIP3cC|g3(^1#gt%*u
zbN_X?xv-Caem#Yi%Esesoi(MCrH*p<28a0H7IS>K*7_kYTS;Q(`wv<w80BI<CDc9o
zCEG^t``b#<#RALIo<CkgSq`B)%dD2p>>-?PX!U#lh5nNw5#rvVD2*G2l|dxRidU3o
zBU8&0hU}wa1{d2+&$AOu!8^(^0olsBROKNMf9eEArVKI->#a)jh(S(V>-SFRe~0S_
z`Jic%x8{17lV!r?hP+<_oVp?8YPytEHq=FvGj5c7^=j^LZNp`I!g<q&oN$P9Ar0w%
zF!nrRe*!s<x~Ew<c%o*RYsi-p0`=tO!I9`RFFOp`I|%qPz0%e-T)#8(>`J1wT-g_f
zWDS039vpAI7EEGavhw$LvHcl>S{h8I)+>H{t;^e84)=={|K2_=SM?t;X{P-9`<ucr
zvGb$fLmew?sq6|@X_flhk*3+wp&yzy_zC@J;c2lstjLjjeM=sOc&6xF6MiGG0;v1I
zz<wppuT?(QZMUU$egCkFS^Htx>b7G9subyWCyIauV>4$5n4zlCj?o7bAjI9j%OCH|
z5x;&=OZof+M8TD|*7pE7j6!{bMri|hW>VVOuk|IszC7Ni<ZjgRk@Z+r5;T=!@t<-H
zCAn+*7o>zj#J3o?#ueq}gh7bx(Km(iQ<$}|QPQ~ZgVooy?c9CFAAMYt9rLMfYq>82
za-E`800`gyTJ?7a+@l{0VzOJDM~h8Qml@%3I5s^t0X6K9E@j=Ttx`Vw$?)@PdRw6S
zAn01G7$H&J6wu;T#>OQLH1JdCENG~+B2{L0-viDbooB#EhC(5FJ?9|s$rIUyJ-=OA
z^F!&2<&VAsXb2a-NY*q;{iixF-$S~0)^17ea!v;urz5-gEd}$80vcIs6L*tkJZx59
z)UYgTF5&dXoC#%17-CPq^_Hm)3cuG9)=$zs->>6w82Pw8{C?k5(O0%|N~u&RHxu_&
z<`-}_JAxi+My<S~5&uf@Df^<Jx7IteCDJJcT0?gT=U-|~did%oBv>{lAn4EV@(+_&
zqB%wav8fNbb&L9$u$d5NjK#%sb)MGrZRD}T@0p4fK4FA~{3*C1ei3A7dD*_E6b;ce
z5VoR>H}$;LL;34d>{Hr8m2GK+Q>iH@?#eGdj>!fUp-cbkcl(%^MXq9CQ~f~8{?m~H
zalgWP1CjN~A`ZauzM%YZiz}r(AGX}|Ft0&L8Fx}jk3`Qdo9*w6m^VGlig&YUBQPY~
zs#)MCs_<2Oy4Lf4sCcjL#`-*|M9_0eD~<O^icwissZYyvpJ1GHW)7ccvx+Z=#d=J%
zZNca9y?iBz-1!d{Uh{V&E3(K$6XFLKQ2mER8xSL^svIqCC4Du6PqS~#@w+vSWPeA2
zU^AXrvgD>lCV#@8ojLqNHT@>rexifa$$L)8-5nx(e4~t}QB_ndPY+RJrAHtxe@k76
zEWvq@R6sxyn_Cvxgi&E-*ASKeOhz4;rhL4<y0HB<UvE>bMX$r$DWz2|>o@^Z_?5Mu
zhZTiPZ;pzLTuqSp23=34f{@}Q#(BL2+5uSk=0eKVaQ*q|DFkC6=q|c)J!bDKNMf>o
zc$P)*@;Qmb?nY>D7;+zsV^Tck=?c`X6nT%)=#Q0WDCwc%hqjve916p^61BJGQhZlO
zhHq)kMXnFeFc#Gc93-DMv`PCNW?5K~%CMJN0Zqk^%$*)hS6c+9$Exh31xia%!Esgr
z$*k^A3xC{uFD%BzWfGxNjXzdjI?4#`SG?1zj2M%K@_-TcK8}N|d%YZ*-@(Wq)-r%#
zOWMpf{E(Aq77ot4MV|E*k#p+T-)`I_O?0r+Cx64ZW0;7naIs%}kuE0DSP#s1_`UiD
z=lRop;ns&z5<!=Te5co$N2ovQQm;=;9d#KxvftxdNpQyTZeP}IcCs~IIfZ{Y`QbcY
zW|>U|fiITXWXt(Wk#rq@Jo7(Z{>5&Vc2STS_@LVcN^&GUULt}Gr6WsVZ(8omqcD#!
z{ZTG9Jo!;Ej_O1HTN`{I7t5$^vcBlKZ*MM0UIgC5qY<{((6y=+;$cFxp&H*XWG}tM
z(PqT<Q?pNQ!L8(O_BsPn^3LGC_9OysuY*<P*2}|TA_iIFudSSENOY}3Sf@~WKhTN7
zA(ZJn+|EFOMXo^-!|+)tr$_kg3|OZ|AXKL<st^JB5xud<_+23waXOq-%kn!gzQG5)
zD`j{0I^9*f72k9p0+0t2Hc#5T2*~g%baJq>D|L*!a+j+%sYgIf&wLXTvh<Bg<s3i7
zQbe3*i8&h|_{Q|4a_H!Se1gy{P`u$4+gI^%KU=6zxoqGYi&08pP5Lu$Y{MpmQ2U&2
zKW;&snCvW%P$C@=D~Sb*l3B_d^nlqq*K^v)FP&2RlT#XNH!{@(mlSVOoiC@fvgFQM
zqyh=d`yn!O;Z<eynFsmF7a<z#fpRT3(QQpTD-#lVL<#=%@K!%LN(rXkpMuZEUAs;A
zyxHM~vWDk-bUN(FR_irFS5Sb`N&Msixx=qu=S}6u0y?ve&rdmLzw->7PuVqI9J{Jz
zAF`EdWMia0U{Ig%K6-D}HT-3I?RPk*)<ZARE@x3W?c`N93*5lyh<jr>^rYc(uF?Tt
zpb+-@6D=|KpIaFN<Ue?36t;&QN0(gvW}n|o%jFdu#7q5*XT}A)=N#_^*)ZiuU*p-q
zHsbjs8IN_?RQdR=n~+;}BYDcF)I{6UcmB`?hLyi*Cr9ee&N+{0DW=KAY1}KK%753`
zqbL^xA57K4wa!}}&+vJv7gb)wd&sfXeM~7DJ|of=(bD2Lh(SCis<*zfJU90MirBPV
zhv!99k$+aqSrLAyviGfxaC8>9fK`~Y@=wtlX#TF42mU9g5!U;tTBA>;*`@TDZ_GzN
zuN7IP+$E(V<*AA_Ou@jwAXv)?eznc6EnG>jH)w0UDC){qpYE!6o9$Zk!9yTuz#wRJ
ztq<n2bV(ZG9!-@bYQAXb`5!I7JHF4Ay(cNa;EflsPaGT-SJiEXgFxaTR(mw+O!)C+
zO+DMV*Viv6SwaVyPZoR{kF;G}qu*A_AcS9klBf^#*c_ojMntg9>qz%dUqESb(vzJ<
zZTkrJ3qZHW|80{Ad=9#ulro`CZ5RV;(Lx;$Z@XuG-rW>)F7bs<c<I~uJN`mLd=as?
z%at;fLRp$4ZvrY(5d7P7GTG26^62-Ttuh<C)jY8uNf2JtY7uo?wTnWoyFw4-AHUO4
zp}AUZ)9+52r0KG2#1v|}sid4DW##@|+2axW;uxa+#HjbXP-+D6O2m=FM5!^GR`y5w
z+6Og>&v+<Ta)0km27ZU|o(D>8)+}Mm1qXY({t>F0t%yj<eXpr&CBTHhCLd1zCYH&Y
zi1pP#OC=^$I^h3Mb=F}~cH!24MZh71p+jn52mz&~Yv_<hBn0VDY3XJF=}zhHQ0WwD
z>6DO=mhOhLdEaxc>-+vUX6D(?-uu4q-&zawOXR?vzv^&JwshO_vpmB~u8T<H^*tf(
z*x^HG84_beVYroC-UdJ{(T$|Cr3_xg*x*aV&=-5W_rKM>2N_kcHW#`Oru!g(mr!)7
zRGSWG9bAHBo#fChBjoUl=qbC5*|j1=C@?Sw2wX>=1{1yHOLo_akWi?TjXQrMOCKo`
z4&YD;0N;-QiyD&qJ0EaMHT&`mAF<4onJUVWy~#S!4Dd_FdSoyj;=@%w1Q!2F{U{oq
zp7w6)SIm0-Zb#}`(>28+71$XP+CKe~4^R>@w|aTOtL~2cNDqrUPti5lCA*Cc;hIXm
z^#OnV?7<n?8>3v>{sXSJvDI7AD}MFo4}jCcx{ZwXdo{<W=d72GRsm@5?l=@6JCDh%
zZ9LtlGOU*B=&vd*+&!W&0f%;9-QPmoIbkag{FQEn*e@>X8O&1(pzYr?G$enLcaB*0
z5x?hi)V>QhkqKS!)WJyGYGxia7{4?t`l0?3E(KZL8mxpYJ+PO&tEe=&W$o9mA<O%z
z)wWjcouzd()WME|^6+4}0!y`2gA99T4DHFQXGGo=hfdGJ&MgDkxp>NLy46UF*9PLy
zlTq}R6HB_!2dbCkkWnTfxlutcy}AyZE#?1W#}A}`q!}FLj)Ny;Or&CU4=qr>`F3ln
z0jUo83|^2gQmuT<$=CXpBiR8orreQmyzJznV_0rI-Bspv*74IEepbywP(uc1a>LDa
z5QUUKfZbL9WTW?8%l<QCU5yBfHQDOO)-j5>2OkQ@qixwgVRZNKt6pR;&}d3tegRSO
zGS_h;$W(&vJ~!;ZACS`g86zKpo!9)2n8S}3j29{NJJyCWs3WOGi5ZIF-PkV1diZq6
znNv{RlCeB&jv^gV9v%1ihE!?nN)S>`-DqT77joHuTNQXbkYi8?Hwi8q06>M}E?$bA
zT3+1wA*W9W*Grl3Gc-@KdM^#D`iu<)GAb(T$)Kn$DSJ`NQTRcmaXxOrfg9hY@ao2C
za|%=qwmp$mPlLR>ZpK?U+5S}7n8kEp<%&&lK^GFwO6T{;LLy?J!D}bLc6pP_gs@g=
z5S!n6r=42Bn_%Itir`q=UNRb~0!rS<az+9~5%loq(<%$|%be3DDbW0g=xB?bRkFHM
zr*E>KI<PW)|32&!DYJr}9;;Dyj#MVuhlqiV!t+eC7B7s4Eu>Sm&M%Yf+vA36ns*u+
zS{U&Va=C@&s+zHqA@Z<+$+?NhsFle4Y&DFyjs)+-;;fuA-^sZMq)LfwG8Y-WZ;nl-
zVww1n0{-(9nNgcC1~=?c#9<o^1N?!8^+to(pRV>Pvg=O1km90L`?bGvev)cEZ#nuG
zx)prEY~2vliR~Tn0p0~Ea(~3{IAe-{0wZLKbkPhX*dgR%9M<OxMBzkTV62BhEu#J*
z`KNccuuMQ0YBDi@%)XuC%v(154;KO$taQfYpNCS^Aad#V2*VmV9-g7S$jnCBjGfM*
zP<LKuYJwE^4!oZ8mE=I#V>a&oooFyGW^7CBn3-!?oY`*|Cr)AbjK%x|QUQ<Dvng)S
z$j}a(`Z2QiRHinA6|%H{(3-jF9v^_A@}0J`(st01Vx|^r>`u>r@oND#?8nh68*+vy
zv;}H?orqRqciu*YeO;WUE)k*o^*qSm#<1g>5{C{s876h1qU}!{HSYVXVKViKyVb=~
zT09naKBOTVOm#5FPqxNJZ}zaORa&*Dr($ZQN$HuvjoS5m#W14}&3nGldB_$zjxTxj
zN;hLhqtAuL45k|Y-R4|y0-wrcvvn=Zhx2ss(@NjM!h&sYPt_Q9thiF0_qkwj=wwIa
znxDoZDXO%)Z|wMM#R<BRtYqe1%-{&SL9xpL^)#-NG#UEHfMs5-*P<^|&VLqk%#2PJ
zFo}PazQk4g?eMC~L}aGw^<h&-YJOF4e8=RtOQgl@$e+)zpClL!)l6qNQP)`sQ`GPF
z`ay5G9q_Cdu)mkAviQ|DK03SgH((4WY6(!z5aB>#FI0bs?X_KIai;oFWE{k9rJ`IA
zKv8QpVqPxjm%K%}NAPwaNm01Oqfn8~0?bkLuPIeC9x=@C9(2up9#i5&5u7j+LYdqK
zerW;a`kyngEu(nK&XPm%wUlX*6l?>mrq2<#<0;|t_MHkGT5mq}Hp>(6rF3z~=fW$(
zUdd_3$_J+Ub6r0=@wywH3d57Vr%3UlW9l);Ccc21zne4tOpYa;9En_EiN|s^K`cWY
z{F<9A53@LA3%WmfB1??4o$vc_Zak?GM$OSv=|5k3A<{MQ+NayDDlls4>h@yRr0&4A
zq$bPaU^MA;S@!<RnUow6^V^sinA~(6h?}yKDXR@JQ8Vw+A&)oTx_ppkb(l!hc$?EJ
z_d)oi;RzkI3ck4r>H2ZzR9)$!<b9qiztmM?b~P*%4vkTiqee)_n#?>P#+M*wwo`mQ
zxSljNpcx?P`;^?`OV4$%qGcN*Mm9qr<%gW8tXB9)x)<3-z^yB1^*_G}DKrbYM}ZbT
zbXTQN$qsjvHLl||(G=}s+18RBayZ4`=NR^WDv!78F||)`E8CBsXqd}=d2g}zrd~23
zW1zrer6&BHV&D_+dKEl&Zhp~EsYLcdMLXr;Vg-t8F^Hed2DQ>KyV_*gfGC_D<{e~X
zS%i65_vFo9nU!I_k4Deu-mB4<J-;_Bkx}0nEFOGkiUcYJl8z8~REFpAQ)7KThUbhJ
z4j;2FWkdxpC++%Uditsy`ZXSF-Z#JrQMw@D_G1!J9JNmx`brJI{nbuu`!PmNmF<o7
z5>jxZ#Hr5Z7Ms{+CJ3MxWQag69lft-B~4IkkDpngznXU0`qKsGEn(dQFNYad6?!rz
za5Wy8sv?K8cNS}Kr`>3rf-pE7x#+%dr0A&K{u4o7F?VN*DHO@HUf811cnJfY*g^}C
zer7X3pXHU~tfwI5aL#z{;jE`zZaF;${5rGi^WcHU2C>Yrhqdf&L5ezi<dPX@^6DeF
zBIj*U?ooef=v4ajLO2<-O1g_KwZK=J!@WQGn}|dlxaKW+i)fFaIApw!DMia7-)TJ$
zW=?a*?XpqtHay6`=}G5e67Sg`p5--w@ZQcmnShcV3>U$=Uk-$e&}*QF(+xdEB#kTC
z?oI6oLmTa#!eXQgcA8v|$WvF+gsJN9oWm^tY?o_#JJG0=DSL2>2%n0!k|1_FU#G_O
zL>LNwE3Re8netl;Mn)k+T96tuq+$wB48btmsHe3aEGj<@G;Nc??+e~{lwp}nM@$0m
z!Z_RMZ}v?LZ<~OR9!89nLKc}hkXt;y`1{`S2j0hiDYWX^iVhDl%87z9<NPaG;9A+y
zS=ksqFv(9}>qaF5sTb=;&>pO8a+OSl<PJ_v;pXE%dM6S18H;xiCymHnPmsUZ@0iGh
z)=m9>!)zv+EB1RPqOr^QAg~Ar3yVO`qgu`<jbB6xk``R!<+&*bSuL~>w?7gueYt>p
zInZB|;4&h!Aa0|`v$TnfS}tgi{ut%u2V$g2ifIPe=(XXnIIn=3oquNEaoA#GWN~BU
zrN~hWGTht(Jt^t~hZ+GUby{|1{RCER$-mD7cg+jEr3)D3s%tEc=JRBiL_}&j()vp6
zj2zyrn_mlgPVkwpv2Z_+_&b)s!BwfZ)}Jh;BrE-AB`MiLpCPk0@1<t<1;hmoYjR;E
zKg*#Kq<%(nY@tLnjwAIH`TR90W#hO6Y{ZW56;J1!3ij_*MrEq=%Z9E!IXsZ|+W&#d
z2^F@oVni+48P7hXj@8VA*L)CoBpIMG=<DSQf2FZx!QA?On)3jEg0~1?;4`5-XAg&J
znMsx?T|D`%Qnviz;x+=&!%cE^wx<j&&k(n{JlkWtrT|2kWF{&4s-X%+u{U;DtgyQi
zFbO76^cxiN>EGkE8fS_gQ)bXG7l4Q;Ylgtn<lzpNy-rEnsr*NL&M~H!Zk(J?<%(X=
z41iKcN>I^cDDzp^TY37}lO(=0hmDC6l6z*fGS1iRUhhQP@P+*~uERXpdKK3MuYV<3
zWNcy)sG_BT&zO`uP-=^V_&hv(d|G>A95PN+cw6v^rPb})43AX)%d&_5Tkt^NIdzbE
zL2yBvthEn7-nakI=;L!O30BdS_Xo&s_m{;wc^@9O5mHgq=4~m4C1ZU7p$6HOF(*ap
z1tH%3?<{}n+nu`iOy9V|Vc4Nz1P15xdNFEfFYyqo606#R2sUbFt-%xnmFs<TKHGVe
z#{W*^oxL$tq)J3sV&HXpWoJsq?X>okU+trqk?i|+b4R3?t45uR%T!883S9t@oZ<zS
zn$GiYIZ3w{fF3N<=<}$y$|PEUxF|db;Gl$SWyj8Ok|XIYWo0ZFFpQ*0H)N4O(#B_I
zd<?4CR&Y4Jfj^<<wuqu3R6JF(husZc9M%J<7P1;#adeTHNz?zCR~eW(Try-ZVvuqe
zA!$-I3T69VC!Qpw<ba3*2sSq1SoG#Yi%m7aHj8&8?WZT%rIyO5{YVYs{urOT2mH~Q
zK)9{!mqGJi3{#zYMh?@wX9@r*(I;hOBO}E~*dit;4*}s15>Qj=U9(v@SMZ4(=evKO
zgOZW5x}N%0o9AHjJIsgAir{i3y0y>2N~eP~bflihPRg~P-!AId4JekW7i$z@>xRh-
z_117uHM!I{rcIN^4sj*IyX7@An9Tq*&1x;ts8#y=F8#bo1|M-CT{H52oPf9&Uvrr7
zzK4-s*)Y_-vGK5qYZ!pk#gOriYuToqk5XW>CMuj=0ONnrUK;<X0I7xwDU63mqQ15D
zll*M^ZWmAzQ552H+@RiZ{4Jc+hzrs$mV$>bcSn*i<OylS%!N_#kM8n5e)y}>Gi5DW
zD7r2RDcjD7LF-8=$9^7(IzrS*0fS!@s^x{yAhG4Uj!9EV&d`qd@mXSafZ~MI1C8IH
zSOET}^r!cA+MO(%_?ZrBv4#d+GVea<Xfo-1WAgL&KRDi0m+<bge*8Z1)pO7uLMJFD
z;AM`3(~>;blU0dawjM8xrZERTXEJ_vUk!?rOAF}b0e@!Wunc#le(|2vLSGkzD@XS|
zeK%R^7bh>pT_sZFk&@C{?^L}K>h3Q&FfO3-Y-c#j|20d5L8z}&Iyc!f?Jv3FkJlVD
zw8@NpPWU1L{b~f5VuT%cwUVB*_9ykk=Wq1e{6m`Zwpbms)J*eq22bl-;1vlq0Ot;8
zxjKH0*!U2=T8B}piUypTS7)U&TGH%jCe3r#beDFX*f6^4eg>8RGS22-JOK%a()c?~
zz~N4&L+E>a<H#pZqh=6rNboY(cSRZ<BcOl)G3aZSrEv?aoM=3jzU4;Ux*vYTe}a!q
z_35N<tk0hZcO0Gu_u&i&qbU&2L>NN+lJbIAi^u^Pwc;ldel3@`2W*M`6ssz6G@AfL
zrjfJ~LB_@KeLpXzQ}obhh$nNV*5$zH-(F4;K4Z*-6t);4@<tvZuj|*PZ|>VZAM4ZM
z)9~2-3KluWhj|vgWS;AJ!3F%;9Rf2g1L3jE%>G{h`L7q|@30hrB3DfBsaC|z<L$7c
zmN!Nm^AarbgD9cob}<D=_*BZ#q!D8<$JAJy9M9Aypgg&-gSQY|+Qvdod-ER-1je?%
zX@52Q<C=msww-hp@a`ShW+twBl5gBtVYwMSy-yOPo_u7;tT{C;V=jbbmB}_L3!77Y
zqU3ouUpYGDW59lUdmHhWVZ;gi?ikxn&VNI0_LNA1d!w=4uwW}fpt7AC4U2~RdAVc%
zp~dPY4MxZ41@50n*P?pP4>R226h(zeEE*XuvTI8zeYjVN0U|CMSY)bknAle<->2d`
zQ*mMIZK0AW4r=k)t~56*uT5yk2W3Pg!ir9zx+!fh-v3fLC$hgi-pcta84yZpGxJUE
zn*^s=jJShLN~{+UxiQeiss;bKj80Nhg-2)YQB^U(#wWQLkQ%(xY*;zIF&?Ck;yEH}
zEUi;DMr7X?VXA%4);0zWl}?Xp<gi`_+%bR6ru>au+v@FNonqO;qjxb$@~i5hzE2TM
zH&Ws2&oE$`DiIUo0+tiHDQld2wH#FZ_A8ZEY12c%W?7QZ(MV45!*7;y4>tZ1n@HfS
z)RWdS_u&n@uBNyY<b%|l=imB2Vx?!>u8^ff9-ER2!<~?9NEVAqZL6}@j<+*J;KwmO
zHtq5bp47`7d>a)AKO3_zcXwRz!yH9>YwmZ(`(zi`!7xpx7U_@3A+oFEXlTqo9E%|}
z!>I9Vaqs=%K{r*8i!evELM7uW<Q&wP{kMlEFgEDxjoI-otq=Z0Ap?<7`R>O&_u@nq
zROj8fr(QAR?0gu#tVDDd&M|t-A=s=E1ky1ie+HXE;jrT&);A5@8(2Miv@tj-KS$jH
zw%~H{cI-qk5Ao$|IuAHdn0qO2a9yX1$_nTu^hhESF)2K8H(9#9!aO127;%&4s)9=B
zZCM$V|6!7%R1Q~%1;;SOQe|eBe}8FXgoQO_p-zmXTsEK(N5>Oy9B%5$b=0+to&!VW
z{$kCN6g|cmQSEcD%oK|-8DQ01s$(u~xk{B~z~ITg>1|>CSaFAlIi7ntFFTFRK;)|R
zc&-U8k^y;)Yp8^9=6d+WaUfZp9YBf-)Vx=z0?^sVSqkK~6TYv9dPhYv%${-gE|Mg(
zgv{KPi~YV8dDDFN##EX-4))jrFGer47K*6%f?L3u;C^uH<7X!9xaecU#4%_Wk)%<C
zht$DO9v1CGU#h>r$D+Euh?J*}mnt^Y0ZE-PucObS&uy{cfkJf+qly}W2I{VmqK)V|
z%OmK043(sZN!ILx2?44<a#R~%yAek!_-2>ImYRaa#T}oKpB|{J9B~h=?sYt`N_Byc
zJ342!(qO$Ll#`vN>b5C`T6vqd;p59{=N1(uIHvs76=dUAx||)!Rn>>Ev*XN~4^t{!
zean9%ZNT$9f6}+u)QGg_g$qnPTPe>OTwiG0QftxyLf9+jm_I2eNQKX@?qWNazn1(<
zKs`S9a8T@p$3oTXnZTxTnipNZE=>nVvpE<r5~RUj(DQR0pBdKp<cfBo9+{2P;g-2^
z{X)-^X41Gz2r_c!W3UeoC}#rfAIit8E62neWrf(`Pkcc#bf#3=#eO11#}{+8-e`Jb
zezkarY^Iwt(q5Id>t&dRv@5rCib<pi5<F+JK8fn%9a`1gJ_}}nLU^hMt1P4ld$e>Y
z-W9s@TTbzfBv0458pn$lub7<ST?vF2LJmv4KU(QeWW_cP-%<cBxnZp<O+(mWd1aMZ
z!DyER+{~04x2GmAdM>`S(2qDid&B79@>)l<>f>-uc<$u%nEsgyLbgq~(=l#MTm$W-
zh4R%SBW3s5&d8}ZI31^%-Tv4EQWhaF3D?=N^k*L@Zfntarl#x)Zj|2<FjPCEa=`IS
zbb=Kh^lA}}@4m2sBU7n+DPIc6p>FO;x68zIEi!4G6_U!UtG!$Bd>@LjR>U4dQAJ%N
zWgsYr{U%zcea5wLod^&;XHsn}5ZF>PKJm_ERwt#aU@1<=?iISidy`#9ni?YUwfET-
zXgBCdZtX;!6IXY0C$`r$2dGrio%KeSPAAEeY&<%xx+nn-rj;d>y3CEsw~QPnx9wM|
z${otOSZsHrSJ9AsbWxBr72#8hkKmUm4$wePzE153M~(2NOEzA_PN_Yh#-O~p3G=+M
z;FQmJ5hI3vwAcy+To`I{V=DNH_%BnEzEG>HKAG@R|F^)Mq+R3z5W@;LWq63Y)iZP)
z&-6zRQ!qF_`Q(I@;C4i$B-Yk$MLaTk$6?N0`RUUqlQQTFvT97;b|KzB9KDPE74Nhg
zkDWyKcCQR#B)keFJ4J|gG1f3e*EdlX*JBY-F&VG<*~d+xPxhS<7K+&X1~L4Xm(kmD
zF^s_(MXOPgsxdM#(kUS^8l&Gd@We@Mj3$~9ZCH5w<cOZ?C6e>_O43GarxQJ6cQv`!
zTsTsYGV!0D=^xJ?R?*9HT=NoKajLRQ2sUQdx!wKz=-4@T^4Fm|iNTG>)J`z{%N;$;
z#BuZ&qcR@B8R6kf^t=y9_w-TjbK#U#OPcdUjh(sAf0L)Mke8Q=G>LFv>>WdoTXKN=
zuxg-dfAck!rIACCV=m%j9vjYeN^*Mx%Y;^<J*c2X;{T)dIr1=&kI9()w_g{$y0TmZ
z%E%*f(qM@yv?`YR>yl%&18^zPpu8E5UbuhM3rWy~r~5)4H7xtG#Y3Mq_)=S`(ib_T
zAOzXOHZRC+1o}dy--Rd_CnDvOc*-KjS{{~?Wt3#Rv_`6g^7g_o(y^J0<>}-8W@59_
zVdR!fy*#Oasz6+LQS{{?^(KbVb`Xrn>dT*V>8ttEDk|vI1&?rTPwwHQ>6&*<zEDnF
z0#9vb&0@HRnVza%^IbSb7E4b&PaSoG?UUbLx4L);x?u{u*MTeSG7a3cg<;GG5V$#_
z@YDw(2EMed7HU%h6yG-GJc@9JfTC?QAa+FJO|-?YiAP4O5~iEa<<3)ip@=-FNF*_f
zmKGl3=REH2mpeIBiFRWO^0=^$sEbGOHUQ{KXcin-$9xdrgJ`RVxbVQ@R5(fhQCEi(
z6SfimlDqwao=<EE*AquwO?vb4e&X<~v0HFd2~>z$@RPFFRoSvs+aZ6fuRu!TPbXjC
z)@{B@!|m~^L=Pzs`?kH4m9F;hl2($U(S{;|nfxCjMRJWSnhicV0d=3xQimn_iahN`
z`F#Uh`;^Kl=wX#99nal3umO-FJqEIA?Np&(^CIC}?&L7N8bMNbrG>U?LEMA$UUk&V
zi^cf4WR*rek+{JODH|7k3+3c6gdWc5l+bC_$6H@F)(9?I<t+{+nd&S>Y07|7D=qND
zsX%^3h<%|&>Lj_)eEQ@?i-UeJvfNLNZNg{QI*!elKDv|L<2vK}>vX4B`Q=BN$wx9Z
z_Q1v<RnQryqWP2@X#7eIe!Tj&B6rn#b=+#VIQQY}*Q>w&U(V}7jO`Q$uQD=D!X(RT
zt3MIVPV6&{;n8=SoD9N|AWwqdY%ukr{cs;;3&=||d#}LUIt&;R(VEJ4uZHSXTgCTG
z^ra#PnMZ3sADP@rBmhBPFjE1gfMZ(}Od^$sa3T^s`NaniIPk)*9tk8^f3P&owfOXo
zj$*;rhx=*tVO}D3ecqh-WA5q#p-r)EoW0-`51Pp*-bGNefs~T~)Sqr=rscxQ(|1R;
zY2U{u4h&ZZ;tAQBk?{*&K908{IR0$)yWZxXgLJ<5IPzxN7}_&~53W_AFQup$_6d0n
zh%Q4Qq5>%vspt1l*TKdJoj5j&M&V*5{io1S2~Y&ufdIh*X(JKu+a}pZaEv7|t5Ioi
zw8Vb$0vp5`66QA+-#73u9|Vhip+jP`6A)j#o`cTfE2WA*a4Auk7=9B{K=J7}TEz-z
z!=c_j!lmi}rVc7C9<GE>)jIIrz^C&Iw(qFMY7Ot|b>#-lB}<A6^=Y+YhNdsY>}T)F
zxpAva!ec(GZ73p`4j7*rlLrC87=6#OO#Asyw$@Bw{eIt%kdI^XUHTD}11{`-+yFMY
zhn>347Q7=xJTD<c(N=$eZr=~|B(eeb1d=4Eqn@fWM6>*dCsmhhIDr6Li-i_pfF}6>
zkuMhYI~|SfnQDdcWz(6hiq;75q_v|o^0PPoRRAw0H9Bt6+LPGpRll3+`er#6#b(fg
zI{OkI!5nZMW=0KSR1rX_@OUWsGZw)@>tP=Y$|GXt&<<0O#wi;wFV$bY;#roi3UMJv
z0S$FGcRo91e&|o$pu?;Xnf50hkiEHj|H?{s6<C~^+~6(rIPPX)w;-I4z@AOc<&wvX
z@}q&X9%keU0&-EWe57J7nXF{58tX#iO}t=2;5$x)WET+7ftHEhU8^V6{zROVg8sql
zZx(nV#Lt)^WCMyIYbG4XX#MlkDQtc>d<+<sjvY$ncQCp<-gE)FeGXu|K_Tiz0c0HC
z!N1`TMzo<q{#jXBE<o;IX|o^#gcZ``833+14+A6+E11KxbxDlY0kr4+?*`4>y{u_Z
zHDj8ms}AsV@ZWR;3-wMu<y5|CpHevlA7INkx`8L2aeop=VEvfh<eVPxg9!v#ePlDa
z#j<L`jvFfOwGGAh+iu-c6n#LMi=&25jZhvcy7u`d{d!7Wye`=D1Og*?c66Fly9dw>
zhu-c~u!QuvYK-@$Kg$_$f6*k;c!n3Z;!q<JMFBC~_`x^lu{bC6t)~3Z)(B;mg_CIQ
zk#eoM(%Rn!0$A=HmnTFHvboGSz;buKj4S@7kV);LMEffPFtef85GoFYhr-Qjtxrm=
zo&S#o_>C{g$;U@}cY9T#vI|CyY}wDp6yr%uOAP=xqPh+e8S3m;F`2c>S^G6>Z5Ezu
zh{VWBzne^PNqO>64x~u_8p~4%>gkcq64{+^78K7l$46{Vz5E!(P;%YGfMK$fIxrBh
zW51mWV7q!$*Edy00ZBp3_xrgs?II|>rp*xWKv%8{TK4c|im`zY;$Zo(P!}UvHXb8Y
zn339FOz_Oq%bCEzOmgRdBU;86$0XSz^0dlm|Iz-LU8;5hF9E_CliYa6-PaldTHU(3
z1Iy{oGKf0cCB(gN6O&O(OA8HIqt}hVJz2M(7t9pj2r`&*KtGu6t<sln1rBtpEK7Q<
zj3=UAP5acjuIs=*BI?Blo$K@ENJLp|9&pKd-QrPCV{q)CXoXG2X#$0x0*f@+Xj-&F
zuTc~4|HPI+`&XRp(E>D&?L(hEN45bC)M>VkAc~g<9)Oxsv#Fs~D4TXqlpntad%P^+
zg9<njo2qTrP>T>Bafv+7wNH=C0(%QMz|Qaxmzn#SZEw+<q@1J<;%=1RqYqv@nvD!f
z3g{hK%ijK_3r=Fuvy+)KZ1x{wT=RN!@lY?2<%B4r>&@nrjg^;!SlY``|M+S?g!!i$
zBw18RYTU`9Z`#Nhov!o}WR)H`RQ;zt%-f%)gRMAl6VX@c)mo>i5EmVe3`O0<Kx2^f
zJm@h3_%b?X=jZ32ye_62%?8Lv@)MwHa&U0*jYo|ZiA`l$x3GS$0V~qC9|X`N{%w%X
zf`rX{hLts@?@EXdIMY);1tPmYWpb21=O4Y`duG`Df8Veja6^7~E?9%!|2|s!7oQ{b
zzNf46+U{7RQi-|-e)B3)<#uLh(tW{(xl$?2db6~s68AKTr<Z>J1w!^+6wqnYT74@Z
zNr@mH+T0_)_&^zuCy0mGlmM)VTr30n!~g{>*RAI#8-62*0Mlg(2K6KU1EYlJZ<sxf
zH+V^*P?~G>A_30Mhg(q|95mQBIFS_meuafhAR`F@6}*Iv=Bk%mCqH@EOa4-P+8Gc^
zl44}c(Wwf5$A{Pm!g9jwh0O<2=uu|&@gr9z=JaH(EJyn?d9l+a944<XDA%X93!C$2
zG{Mz^Ri=#&Vz^)SHL2cGsD|QAClVSst?8AAJ~Oc$fv69m>r^PRy>-&a4)Sxy<Bj5A
zpZA(43oy%VIxsa+lOg{1ZMYx63BBHbk=jDvB=_%<sNj8pr&{&;YL6c1WQcj&smM~;
zQdu50ykPSGg7zhOdsG(!WBbPv1K}-h!`!6UA3bkpDWex2Ujl*MT!IAVDO7RO!eP~T
z<0#THgvFpq9BOb!q-0n?->iZ64ZZ!<h-lP@D7`Q28~tGPEJZ^WgJ5=0NMOZV%Z9&Z
z<z_QQRr88a+Z+Shx_hOZ941*$AU{zNGx?S6=RS#Z&{^aL4Vx&H7`5V%{59G$$bfE9
z;HdX-v@7|WW=73B@cRF=c#7QLK8Zay^D@_~rz~Cd3#>jmdn{Q}E0Ck%8@aC*;uu`M
znXdj*rRbN8l7TaRdnUFB4j0`?+{3EFtV0n*4<zT9F87Y+2J%K#$n<V2__5sYo`5TS
zsQB{fY?Cg^hXv1(u&F1ItgoIOCwh&!GuiU5nVD#cx`j?Z0t&17dq{XV5hk^N1?l=x
z&X=w~dl|#jarL-lc5wkK(G{~X?Y{6+a42_xBLfdi=$)-492~OvS;v%yy`%c_{@cOm
zz?Z1pLAvn~*>m@5G8t@mau>~0Z(hHomZ$C%YO6CXV=tWk0-v?-cz7K%M4mJQ<84iM
zq<JNxG31=ciyFW5l8bKYz$rzXC{^1j74p6KhJ?da)8mUXvr&K_XQtZ$O{gN{33-X0
z%=CN&$ID}@856;GIC}Ud!!e_+a%khOJFBRXZk#Yj#@c@r_G?ebY?LIH9wUb*KThOO
zi8{y)TO=<rO(-!`4W$XzvXkZE7l+(m(SAefgkkTws;HC<6jGq0G2Au@e=H6LAuEH2
zb5%Oe7yci;r-D`-Kz}&%M|jAK0Bzw{;ZgXfHj@|H4$8yeR9$Z4?1f-1%;2{{y`SxX
zl&HFIO(MP2GMZ6=rhGoQZDKg+m+b~8iif(dNl)r@Zu&BS|Gouc_whg9*23lI64qi7
ziidJ$&>UgL5W2Z%X=2D_@e)fxc62qFV~=qibAv^Q6jQQBC12$iRoaXf*W7>lU5E=V
z>>78ITjYU-Mjme;aUq8H0=CN`ocL<6ynU|B-`Bit{5j)qqnD&|5iPVDI6KeMr6D_M
z6{Q(-o`uKlBk4|qsr>%_k8ndaoWdm6H#m)!M6w`W`Xz8TkJpp$otG1++bf<#<fz8C
zGYl}CP!xQHEFt5Asw}#-OM;ZtgtC6<2D*WNQuyijrisv4*#J&gl#};^A7+4z_Co^V
zvE;wEcv9#-JEG^a;ZKOhY1oA-yE_?Dq$$t=cJ-LR30QwW*d%gf;Ky%Y*_Bv*o?*DO
zv_#uZC6UEd=Svp~_s6=LkP2=(;Kx<g$M|vSpZNIq<nu(_&O7&=j(B!%vTE|Og{Ki+
z6Cr%>EheFe-PumT!KJxycl0|^{2D8IhozfCHoD=x&bPEp=Sg*k?1eZpI<k;FoxgHO
zcK#y2u6MdjpEJr6;5ECH&09|qg}m9t!l1wsgS{0+p^|`vqQ^^4HTXvf9{v2~ZY@Z>
zm*Vd*6{#EU1GZRxmy|~w&RJkmZVxDtq=EX+xD(a7xV9_T&r(|{7!JQzee<j!>?0cR
zwW?UFaszSXC=V$p_-w_H;^v&jGDIoCFDRSQW3crb34C|CYL-{x8(sF968?z(jq@g(
zRYqox|I}u0dGm2)5FhL-LA9mZ>_@5!z(m?-bWgdwo<FrX5rX)xN2apd3dwrJHrJJ%
zwl1b-p$wa*82;vG(M|v{wAVzdez#pVB25JQww_k{m-*i-eK*bh%X-q$@F^ssqbFfZ
zmB!uhA*M|ETt|i=qtRCMLKy-`I$?}roIQj@$tb1Ds?n*CEFKdTYi#HJECKhE=aaj9
zkz3AG*=oHsD?Nlh+sP=lEUfsvKWMAgT_B^ESBoVK6*+FnO|Nz=wM0DbZao3R`*R6%
z$=yFO3lUARacig@g*{2tgnch%OM0P+H*OW^<MUllHkIM}Bk5ggL&S-MD1NT(^`XQs
zw__cYuX4g13LzjQ@o`e~Pir;vy`(9e3l*lQT_s5DSLVVu#$F^V11p|h$PnnvmC~z|
z`({#r&+Wf2_kr=VZ)FEW^UvQ*vAYLSm=At07)t*$d~uT0xcWr0TX^V4JgMTYJY+TL
z;aD!ARhDuwA#sJ1Jq(%tSEBl)O^S8i19RYAVn@(KDDCi`>*3oSTDDm);-g7wncsZ@
zs2s;gd<qIyd=6lH4kcplU{P^PyjKE97Vz_N<k62_6i6?tzKfzSV<SE;qif)-zI$|C
zLtv+zVW`?FP<O{fOfPtYvmE-Mxht6z_H7kKqQZ`>mTtn{nI2jG3avs9yDMrwjooue
zCs)?+V!fin^=j=SlU5cd%2>Yt=^b0TsK5TsXXBATVcBTTyw0CL_fS&8-E_g+ZT6MM
zfDCy5_R&%2(xDN0b0p0o6oKPK=~t6_7@^XySB!l{9ai<4J`y^-c-&UDAG$WRLbiXq
zMLC?Q##?K^TO7bmVzfx65W<MpzOp7!4MfkZ3vT2&f)irjGqH{M+4OL`%Z;b76?EB|
z=;oQo;9j^m7~R9#g8OFEP3H~4#*hSh_r6hc((qkyaL|&x0^SR(Wo8o&*tB2YD_7Du
zYdl)mIAKJX)k<9YoTuvNpNht}pS8Y;_-*_dGd>Fb1+lb^b3o561F>uouss!hH82s4
ztMFCT8IIh|#MEzfLNoB5C&Ze(HRgeNT=U`B#1Dp^Tn*BOS5z$BJwzF!<@^JCo-P_1
zW7?-%-4p`VK}&SIzj3O7tH`!k+YZLkfcsPwo$)TJx)3q`1!Ci%GH9yGY5`6m(7J?H
zJ^cUa)*SF}b&84Ifb(92h=%i?jN$%}E=Rt@<GANZkAWhb^l%F&wb2Q;f_N~H=<0d<
zJ*^T8oA>y(&Pb$6qlGSxd8IV%r<yh|T~8YU({}POgBQ91NPc_z>mwk^lL2?eW2+b9
zg4hfM<WvDRqGg{t?^3&Cyax?`4@Y7TCC%Qw@tzMUKlz#YYPyM()0-__$bBv9Q_dP>
z2}oE!eX1EcQ&tvx=;^7#r-fe2MJ9ZDv`z#2_ARO|oP7MDR7hfbMQm60;b$HWi*e;1
zvN#ftouIu-ns=wEznaX@)~>6GfNJS`t+3!?d;QpXr6rc*<`pHUc`&ZeH}h^{?CnXV
z>$_P1G!O24-Z=S9+JAc?b4)Fw1pN_Jl6WvXeh|12Nh#oC_v3PT-&fe;-142{7BAt~
zf{5<YqUC78y`P2pUvbukQfY6!=l@c=5R&=k9hqlIMEdf%9!K?7+0LnV;mC~qq35tZ
z7t<)bX1K(m^bg#tyUUBp+hWL2$IPn!RP=9yIKXEa&(<Abf$hsp!h<%j%ve>2M;!LM
zAaQx{=G~|8P_e=O0M()m8AzWFYLVLO{5pOrr!6;G<~pB7pu_kpak5P9zHfhe?6(n(
z?L^*)bKzjx*1bm<lwo5fLDl}*p`|TMGpNc;tCA)X9^f!V-M#iOv2x`~dh!D?qv*~4
zlEhq{-H$9x!>=RnRNzcGphgm11e$-~I=~~p&M`jgeag^c^G4Gd83S_2n<WIFIPwMz
z>mXcCM$xznZ<$l7H+_Z#&pJ{q2`W90bXcdq89)&&lXX&pglw9`od(Z>@_`y-aU@nH
z>#uIo^$(R)AvYBv_f<7^@=2G+cUPt&hihz~TGDi2$}QI$lip01A1#elFxk*Dq%xGs
zI`(R9^t-R(L&#>X%C%%vYqd*GH)bx4v7g*wjpi$`#Yx|azLc%dZ=v~n$A04MasEm>
z);N0Edh`&>V>F*`O(}z^XEWiXr1TZb&Kwm^ML8tv2kaH)e{G-=ynQ|dupjXs4zhct
zJU+(4p5-~;-?FH@{AUo!UVo_~CDolZrTm0r{qto{0>?jhSH^7Cze6Rjq=)G2$QkqR
z?3P4QTO75b5DAfwo_DUKSF7?VdxW4lvnH|`bOD<-&}<RWDA${YNsOb%RRuw<flQe|
zu&L~d6m(m6DfzO*(O2x8Mt1Kid-#yZZk;&CbZ~~r@ElA<&}GV*jpxV|YURPrDt`Hy
zD`$jECER#IH%HCeQcS&#e)Q3k-fd;j;6)E9r8bi$`VG;$>~utXb6EfS$AilaAK=@T
zG|1y;_i*pI=kE}y*PJ%_--q@m!=b1d!U33?^BvthEN|zFciK%fZbiEpw`#5Kh+dTI
zSlP2$j+x4`TMt$_2MyUC{=x%rQ!|IA_rFbA8Zz2NJHXAE6yh^X8Oc9$)IubsdKPX7
z)?M{zif<I+ydbYcl@M$S@88UL6wJ<m#EUc<v2DZmm*+ECQzG={=Mt$f==xCWE-8sx
zZqOP5I#RUegQ+-V1++*U--%%hADh3ZAtlD{?(+=?w~?OLgh1L8bL}yO&z<7f)g`$c
zD=@LYlhoT2^^{AX_8hA4VlPOU+(3L0Ve?xolx^9wd-dy&E@cAbzWBLt7WbDZ<jMOx
zvM$AB;{<4oUb=`KssS!(`acXcv$>~FlD-<TczAj~zEf6X?w)NhcAjhY99ww}P9d4v
z7t~m*oTkMZ*-8r$19k{Jg!u=Ve><R{yq~-$0J&F1ljdFx1HsFGKf&a-P*4f)9+tf`
z_xTGiop00+XEYQlHN$Z`JgScFCbJ}OOKEAJ4oLr?k~EBZ*iUidHUumY9|PNdF#s5=
zmg%%#Y)%9<5+E*_sal}LQ;uo#O3TGk!)3llY?O*S-b(4jG`!SFT3B)kvX=?gHzY;s
zSCE*gjkGBayHmBSd`r3jHP|)K>v(WkW&1)8r$^Myun=_)Tj(C5OIioyIliYmbL2S;
z1BgAGXV|LZs|$IEy7%ATUw?U9twOOEINu%;;2^F(w05#Uh<V>=MT4!}Jz+sUI=eBp
zXN4nY?79isiTUidE7c%rw-G9o|K7WNSAu+i8u5n~9YuqD6MeqHC%X+hU5Ow;`%1O@
zUuL7Hes-*e%cD>h!iAoX*I|8e`t_H`K7PwB+;Esk{gF{h_+_p<SgDN91C8v5&bE`w
zCANT*J}n%M>g(&<1MK0-Jvoy4LFxDLLu`1pYb~<;yD90&@m#nq1?H)c+G{2)bPYB<
z>ZQqPK+UZ16%y+=5rh}k6|i9|TtZ{&n$_1IvZf0X9GNNNn`KW`=yN1F$55mTc#&pI
z76oc6@MgOdalXFneve0Ewwd5<ckze+fLycLPby^T%J(<k0S$$4D`hzPg#7YU=T_%}
zd-Wamg9pB(yv7fn8}Kn+<Cwau-||u<4rX+I!r&U&Zsuio={F%{(MHc0FQUCQ*pfK^
zjjO(|-TarKo7Qjo+B~7pE*5&aH;&RB!Hn40_AI*mZ|K&G_aKrMDFjb#GSqGn*CkPZ
zA}01Zv~O~FsV3sbsGA1X=Wsn=2bdu(M=eXpVU`=-$7itI(b}`|kD-vI3Km>ChTY(9
zC?e)N7+qj-o`ZDBzYRAoBUSh6@fene<v~(2zn#hzAMm*gQ|w{C{`2K5<ag|THabun
z*r)LBbz@em=;q?W{Oj3A&GY-UIgCeiR@gK&pih_e{I>3NSp7OG_osUu5|`rfD?%2u
z*xvYv8+aR9+zzDdEqjmMwUs_ymi&i2L4LxD=4A@EAM{Yr@MxwLRnEi^K4OXWiq2ex
zDs1D9D4{<iU?IV}y|44A<8Da5Mmwphk7Fcgc>Hx(_rQY8$(~=DV9nEj;n35jl>1`#
z-$|2D2$Wog)bsG1!_DjBslXXkSbL{DW^BgNO~X=mGL}?sZFor{>~KlK<5wwt1oiFI
z`#PHsNr$Sj-al|9E<^r7QH`WM_)rn?C!w~>{juc6KKe_Y#dW&{MhNcwR^tfMwLC^u
z7iXBOq9UQ&W2$h8E9b1e;k)mmZB?7k&B_JCUhENm>=ik3L~KB)i$O1&TG$OWB^(_U
zm4->yATJoXe;!9HyLTt_2;>*(F%&sZtOhqPpXFaBKoNt9%uDf&LlcOYJj0s?qZ#Uw
z4s-4S&RFKEDh`*!bBycj8v~c|xpyO~2Z@m_UTl-Wp`lWWj^AVv70=%P>}C`Z%|E>h
z&*0!C-f_tDLupI>HvdW^PSr+Nm52I%X7&WSZ-MARBNfcesLL~b>(lAr-TCQ(!Sc|@
zMpW_ZFWPTB4m1r``r~Dgw7f)ab9{=fBls0YbNjbR*H@h1Y+m6`+ppk@Fmz@82>;>#
zZXkFg1EHQHLa9qDv|SGSlSaqe-~Ul&crA@KV!QqQY+uk{DT^2^n2FjY@Fxt(J+^5r
zvq4n`FxH`ylTJYbm_O4L5jW&qw9IFY9OhU=kOUXb-_&IbgFoTh@K^ocn<_lQ2ka!?
zXWJcdRX^BohIlr{>f>dl`yuu=6U9Ne#ff+(@7EJf%p@W|W1bCEuA1ssz}ti0<+O}+
z``72ryeKxMapmNsB$ATOoNaMUgUNos;9^88ih~VPR+0VwZlZCaB5a^7O_J8QR=BJ1
zrobMCZKWx7=CtzxG@JqFL|Yk_e(w!8;@DbK3anfnOtgQ6o!Oqwx%z7cUJdl$;-Q(!
z`j=V?bJ<v{ebqv;KShpj{d@Se0eY4Y1{dlA-L*CjD+*6pQds$o)=j1BZ-etpIfrWw
zhvJ?KNostDtZuU3FQ4S=p|id<(4e~0Yn4fI?;Bpimb*P!f2mIs0!OwgU5h6bTm49S
z=U}wi+$6-lzqt4}lhbYJXYA~jklSMhrwV%eM}dK}dwVH7{-Ov3^`D<3?<#FwBv$$<
zHeT(|wRk=O*%Q(=@2Bq*ls5!kNI^aZjO~zr4S@E^B^^F<Y{Z!1$o#{9vlRQcGxe(z
z_vQ;tKzDu4`_IUQ5Ct7oC><)|eu~{JSOdif-fUVZ+k@hvJ>Rxw>Qed~<UDUf6GQMB
zOW2xuj`v8MgI(;*X<*+io_C~ZJrfma`+DJdAX9FaTxj(TyV$@wb!$N*Vk7pDJ~~%~
z{iS?WR0y<TNH7IyJK5&eKu{|neAj`bs#YnN#W_o6_1W0405-K~US3{3v5b-B#_C8F
zExzC79PSVpqw%)xh7-XzJF#RGHJA;9!IO85-aJx}-`?Tl5KsgE?}@|3OWh0&@%T}k
zw=r83-$Sig;zhS4=<@d$jCKASHNX9;68CYPU7bx#ouOx=QCIdyKKDb?lx738qgNmN
zy~Sw2{V3jI^iLE^BC_HSa)B7kvTXDkvsr*4U5_Kd%-e_epZ^JOJzl$@^X^;VInWbB
zk9D82@`j|H60&r&?+&SVBLl*8I%ZCkNa}8wX<yv_5w2uczjibi6Ym$3pXFOku?ohg
z_y`+KtW7~#t$%Eug+Sf5`ifnjf{sOc*!{W5VmJZ`^+^54f$G;^&8NZipU-l{mbC6w
zJ%$W@E8m~0=iv{f{QC%MU%bBn^-c)%&$2ly6i>00Oc<jJGwakfP~2v0{|zcC`k&u!
zkL@fLo`dg?TckF<j%!qkY4tz_IqW&_*BcI%4;Y@BA^`)*iH|TnDTw7q+w(U4RMC%w
z&Nd5TYhh$d>sxgA(MLSQx89D5th)iCKHd$-JqEe(zPO6FoFRGTnJ#k1$AVsWv#Ulg
z@InP=g;|ONU}r{cvg7G`qgQ!|Th{p!oW8RN4{Fy#ouVq1f7>!Ph_+=A*I`0Yj_myP
z4Lvx3s<ucxM;_bOVRzh)`@?U23et<K4IB4RLgJa!z{yinc_Izuunu9`kq2l%85$bC
zZuJu8H0?uzB+M<$FD#Iy5s62(wr4L;FY^O!$f@sj)WA|1YLe(+BGOP-$A=6GS_ULI
zpZh5*r}-fEXvgO)Lnieq0cOn!Uh16k%mz7Q&|+-|_X(A1m*=HVE~Bk;Fg-~b4~a!w
z$(84Xi-!ODxA@N|Ss@y6<YC9TZ;HB#L3s@)K^2OC3efR4mxX%s9ur$7u)*=k)(3%A
z`1dHUu$phZ{^IjM^P;=l5uyh9AkNz|m^NE$OSh7;&mZnZ=nJ$Uw5EL;`&bakwbE&5
z93%Cpd5?wNBk*9lIyx4CtEV3mFcBCsN@aB&jz-!VT_K-xT41`Fth>=15`QsMWPENr
z@3!?UjztUS`}gnd%7?qZ8~MC%g+LfZ0GNn|6cz(Hc_$cGSAzVkxmIuLkt*f=MLR3P
zlGg;AoF-pPQhIljcNirqPuu8K=&$RK1TAh)SsIMm_8|J?ZYerFLzjvVPPJn;FmwIM
z)se&EZN+B)b(|>gZ@VjcFE8+Be0|F`$xe>Xmmazt9zVq-diER=@GJlx^$1nLIux|y
zaFz;XB5ltXJnLLe`Dpio=+wK85sybx9v<H1WE<NtvSMpHpk^(y<f*JxhafIqmcn@v
zviRS?>?v0{gX-ho@hWRrjLQtr6V9G|tz&AUa6oz72WFJ}jTYmDc=v;IV2Aqz*mdAZ
z)`BPi+L*tfei;5@svs#PwFDec`JA>%K?0)>SOET3o7qyKQP1B9u+F+-78o#xB%*L`
zg#`2ROcw2ykdEaS|HyX~{aZy7n4U@O=1xPlL(78LsC-sI{_0<1<OSVgG;)~gtLo=y
zdo?KqP4OLDI80A)MFMaie3rTC(*x;gv$igKPAfer7`aXwo`r`hJH1h`hiU~%kBjw%
z=G2Mq{m*GoII8SEg+)kA^Uh0deyK=KyI<E;RaJG4n=wBK+v}U>$2@a*s2i1%n7;_Q
zQiK+KpFJ=Orf@l2;Q#@~Sit=oA7qhz2Ndf5?bROLhna7I9Q%7`yT5+`ieq_8)YT6_
z4w#4MAlhWP`D~t`LP}Ed?Nv0^r=RLXEtc_Wg>O1WFTQ4b1zZ=tqLn?X=CO`4VTTK?
zp|v^$Ilq^BgiWIkn#EFy-mkc~Y9hgvv_>HZJ^y~i8>0%v03VUtm2ep<yQ6ml^M9Uk
z9AWBYV_MC60{4b(Ay>+q&l+NBQ~EXeKTVFdn=2cCH8`QAONtVn$6SxVD?t=OJ1#&I
z-nAQqiDD5k!>`*nc%@A@7Qg%dYWP^90^Ji0lT6UN*jGx!U0Ob(y->17?t_8!Yhbdk
z()o9?tYpjUk5u=c2PgXm6eNu^N>>@vC(WN;dvKbC!=mo_W83Af$Ku;=#~Z$;KNB$S
z#9aCJfpCUlBQa#7Cz_4}Xh#m5@ms;bKFfS4otB!;z-BD}@qJj@Z3YQ;v)c)Nw4A0L
zB?>onvpp|)mGa!rTK4*A@!fyGb>&P%Mfkrh%;8=#vtrWpl*7&lPx9GxgF|h)G#H2k
z2%O)(W6N=~>t1Nm<$Uh!x;8lQj<3d;CuC&+6F&)fpJTPlv{nGFAjhOPrYA#G6v+Db
z0iux&$QnNi`GqR5VspTU1E2vaQ25Y#VA&wM|4i_1(b2HK@v~GiXcE<4g_-yer6|Qv
zfY7#<L_9b$^m2;mf&MY`8LiR&Chj{>q+Qy8{2yp7FqJm~D)M&c%8y%<F4yNAYBwZV
zuV)7Z9UlB23&6{U?F9l{#8F<x1M77xz<o%7G?x7zxT2qau$_?%sA$>=qwF3xM^p4>
z(jv>faSQSOYm}%%Tv%bp#PRG!kn9BO+5h!af95GPEp*1pOwpO1+V)5@1Y@ifh+Pap
zR7ED|F)+@+j8`e<jgF2+Y-U{)3hj$}oI}A>hM4&eu%izEire4@4KLzt>@NCNE#J5y
z428{p-`)@?K35D)jAe|Oa3~#y;l|#F&daNdi{R^EcmTKO&K&;%Aq4ED#HyP0B>nLq
zRtZA=13+wV0sQmluD;?}>1P(>WN*<kfLt4gN7mJrg{wiDKS)h@++#mBVr|A4u<z!>
zKEO0y*q(A*6Yb?ox9(tQ>6|m33|pWZoWTt@g&|#e@B{I!A@_s#ATtJ_OY|t2LT<;h
zNulJ7>g&GVfI~UI+^Xob-H?#Ys07>aa-`@jbjJg*I;5grLZs7PSM@>r&yI!IyZm)=
z+5h~kJx<4LNp5*e;5Lq^r{#CFnN3G8%EhC@Hz_W4OEAlsdfVN*<x*^n`JfB6Sf3X1
z;b(q3Xda<PgO|OCeJfX>^n`?)hlIHg8$MR^LHDb=DNRa?=amuY+aWab*_a=W-H)}E
zT{Lu^Xcw8e)EdzCY1!++oGo^%uf+9!5$}fi$Pge<6cDmT8*=nA0@QXim6KY-v1=PR
z#(A#m_ZIVe20*fKa5N-}g)d7V>Se4*`Bo2yg3pIeCgRgSuzbt`v}r2;pfFMnMAT26
zYOAFI-erd&O>5C75;K}Xtu}v(5Uk(3??lymK|(>+?D^xQ@vk+rc!**H0ArBIKMDRa
zzq*kpSVwKCJFlv4EJq!Mo@X%V2h43k2<hgqxSyCReFy$DnFg(1!Agbz+^=(3$4TL~
zG&<!^3E@=1V<So7wTZ~^x|BO7j{q?Wpf}(qkvsF1;6X}spmYcS9HTI}b>i{QFlu57
z%4|<h5W$YOPt<en^^Hvg4<Z?n+?1x|n9f+lZ><`K&EY@<yI;T@A>~tyjk^Yl0>3%c
z>Z}aiuVw@IJ4xS-5fTyv!u!f8+;ZnXRiA+$I)@#Dg45&^jT9WY;Hm#uoAZ3@g*bkD
zg_ol;qUS9u@YQXlB&c&oWLa*+Jyn;aA-lvGb#!b;V(@vKv-c%D`@BJDL8ZVGHzE_u
z3^35{d-(3&v<1=gje-co6BVbp{YHcAyCdaxD8;emP|4U?`BzB4nQRimzM;~eg#A|v
zKS!ZbhG1xE%&DigQm*bl(br83l+V;a`|v?x;wz3X5JtW^M~-Mj@~>Jj%hM)mEcs@v
zFjS?wc?5#}ADj^0eqN3?O$X>!Q{_7<2tIcePr|`v{ioPT+5RHQii!&$2OxLxW9U@T
z;m)rriSv*az=I)rxe6dpa9u#afswLiS&HMW(3<&*=>s;*+nX~3ysAk)t0LWhve6C2
zd^)0t8P9Ukf0??r4_zO7!TpNF5rusYs6b8CDE@ElS4WMaFAn*gOvvdXrh=YfV#Bb~
zU#9HW<zdG?WW0}?@^_^FD<E$+M)MT1C6YzGTi7W}K}_WIdcIOx2-xsx1q8_R6cUL$
zqDG#|;or|69v0ZpNa15_mwos5Jq%qNK=uls4E351@F@x_eEoT}J`~y}1Q$wIanZKD
zI5ZXiV>93M)UO#{Ge5)6!6B^K0`8V@eof{A?t;9Od#I?2db6Z3#GHnv7sf`BW0c`1
z610YiLGw)X+CvT4G7WiZD$->_vS!Hss|atP088Gm&W#c`24i&9M-NH1FMxNu-(PIp
zMZorTgDqZaT!m^lmiAc!)wvvdBd`Qel-g8~MRYh4anlPs^I+rV7=8Tgsv}BWtB$_9
zlH}yqlA@t$NwwLJ_;_z3OzRBCP1f)OuTjPd^ge9@;C4$#vII+jMGBsaO(0~*y4%Q!
zjG2>pAL<*rQ3AjTY(xi#eMRA)X$ZS~k)!J3x`+K4#y2M(a6=>JIBEKCEeWCMOF`(L
zHj$FAs%0RExVsLX@K#Y39!6hBQ^>|PcPNTge>iAU&VGv_{#HZY(q2{#5nlv2v+}g2
zSa(Javw30W+=RFJQ~RWw;H^oi^SpBMW2m-Dt#7I8I^N9rpVr<wD$1|xA0|c_N@f5_
zfdQnuL}`W)B^5zHx<yhzI;BBE8l+oNx?4a(h7zSiq@+<AerLGv=YGD=^S<v|zdv5q
zESPmMb6w}`v(G+ze|DYx0zH8l`}EY*)ZVkPe5ZYjJ2H&YwWm0}Tgm%KJSS=2*xx%J
zBr0p4&tF{@kV8Jw1o}Q?Sl9~K)jW1C5vzcCe6{Wf<p^G$Tw}r*#*n1*iR*iD>yN%&
zL|9-ksH$o{`;GUn1A*t$ypdAziD)pV=w{fi2(oV_r)U@*BJL?={o^Kk*axn{b%Ter
z$H^+bIIoGDbK|5Rgn{O*w`fG)$buNh*gF&#D2irgkTv<e#iLFQhf;(8!R_}SfHIAX
zOw#(PEY6peTo3_MY*S7#8im9?VAd|2;jb)cK-NUM;WS8sbLZgd?^j6U#|`)840>Es
z-vB9!PO$+o#=g4@?2n&3EBUtctQ1eD=4<VQRZZBbOYOHTXI4#FQy3&hS{^PdWlD>L
z2Czj#i20Gn<vUA?vC-=*v!J`&k+%gGS$~toX<F>eQCiFJoP6#`KmcUf*3c}lvn{*R
zBa{;)(h5Ts<}d#WGuDqd4vSmJ3VAIClCy6jGs1myaPMow$`o}2pIcnqo>sq?2KT!i
zx6O5CICFypRek{rxIJL@V)k>}>g?uj&koD;y2g!APz(5jFXN3Y3uVeX2qy92oo`5=
zpQKJFt%om9!5LTo<SNSNoRRgGTV2$MeDTw@xreWA9gJycy1Li`Qc~QrPI7q8$<2N1
zXvR_1Y~s!lx&RiTi$eZkMK($~vGZbofJeA~OfTLHMDNNQQqPgBq)dWLput7n^1EY^
zyf{o;??4;aQo%+`=U;N0OzLU8S1X`hpPg(&p4?M8$c$2Zk^k<QjpA<SVXp(i%kFmK
zksyPWyvgqq;l=&~@9-Yy;XBM41;0h=Z>xH{6EV+9wuww=JcP(fK^82f`~Li~xbJWi
zZYUugNK!YcN-Reshb4#U2-&Ay1QE{mAj|CeeKj4Yo44**iW%td)k8)%x(-RJA)n|P
zixO@N25`rNDw0CmKls)kj2Sp>jDN9AcNyfaU%=x1@qkNF$ymQYg~p?!#8mJD9b@VK
z4$$=G-hUdy>hth5)k*8i2MzGLL9G_lCzFSaSeD-2tqwe>-<?e*y6V5~nwpN?B&1r1
z6y4@+qOM`Vl9p=^^|zn+o0nu6(qY;qG(J6AK5H03cS0c|xV~hgv3$~|>IL0&DesI6
zPS7lFWd~~);=2r%E>s-8JgV}cgjYw`>;-bMn}d<`c$m^Cjyobs{BIH*_0~rnk+Mac
z^!~lEEX9hRpnObjQWJ;{9mbN{8)@-yS)O+rj$ZOzHsWr^C1IwxQYnt_UE$k>v{3uS
zlXZfyWGe1<&<Z;~Mi|vKkqWP(#U>oFQu-v}wr|>|wOyZ2diArb`zS)?G5Pb`aC-qv
z7QD_+BsfL}I+dyeQ$=nr=ic2i_W}QvPi0YfS&#0F@G@g&NL2I{H@a(~7fKAG%LonU
zd63i17jXaTXNH(wp8ZlYT_5PN%VK*)M>{v2JrRtxnG+?!U&61^K(e+q2$Ehcw2m6z
zY+2QF>~k*y%~Ri80CW;+rdQIo{9)XWJ@>*SOXD?&*pw@anu}ya4XdkZo6(y}>Q4Gx
zoy}`inuZ#kaOqpFm~~Hv;b9YsAEIP}<c?a;wgslL^J2Ku^QMb$O}AZL?8t8r&vE22
zC2y*@JZU6(zM_^b;`K2S3c*KDbMtBkd6#Bx{ebxH_^U|j;JHAKuT5ExZSu@$I@B{R
zFpKMW9uC~JvEhKO6L!f=?av$+3u=qs#bQ`^j#Wk)umU%0Wz!+nUc2@9Rp#SexZwuW
zyTPJ+7({_nYNmjKf~gWQpeqnH?vIno=}NQknAqJgjxyFNx?l3YC(G$Tqc_iQtJK1_
zf=`(tuZ-fJkjaA@q~bp0%rONa9zSCqN@Z=ak*=B!iUw5^KR;Yq23o&h$(uptM=pAE
zLV0K0lTjUho@~8Qbi$(_)O10lG#%(%Ce+i(R}|tqjjI6DY{mwAZD|8j*mwrDS4cwn
zV!Nxrfr>}TgFry@V$!uI(m#5R&#6~cNlCD$Z@wm?ad2(M(}G_Eo>BB0HawX@*_v}a
zx6r{6_;RoFKE~lpXlUqO4fO=MUnVm`nqqvQpd(QZ-9~BQf=lP+abN~RiP(UiGxX^U
z-x>i|%%q-68r&>4JDR61j5tAn5VO?pGk)nK+5scy9^+t<50ZKhD9y&_dER^l*^dpo
zx$s4ugLKv%$NlhLP~Sg7G?U<-`srtb54W+gM$8gpB<Z{kpU7xc&h0LCdCB+l+&Arf
z)9`SOb`ax!HD2+*XKaJx^l}8>Memf=y+-1Uw`$jkKA-c7d@k+Er|-)^Z64yM$NS)1
z0*s#d$-}u!VO+;g?ziA|wzF1umQI@PGBHsGdmV1DUFsXs&Vs|5vcdZ8)@5s3a*@{&
zJR0FNpCanrqa@v)$#`z2+VQzC=iK<KApG2T`&Cvd{j4kzjYz-?yO!JKt*0MjCL_1~
z2%bKDk`*5^{Ass3?r4C$czM(HLN8+}tn7o*){_{hz^gl-vH!$PFmnY0z@VsFw2?%>
z2C5pw_A5Ek|42I70yW*qw-?S`8aXJWP^T%+%S2tqqi#|d;tOp*ey}(k9vi03os*Z`
zE!Vqz9!b6w);gIbZS5b^%PYPKy=+-?=A1q!taMZ*)%cVe7|jqKTqzc9hQUKdduJc9
zy-{3#@76LJ9_`9`yF;jRE4en5`{G=$+4JOeS4~E+b2G=+`K-g!#j}JR12WoHz9h=C
zg{Gt(P5CqPz3SepUoDRE3EW<4eKJj<BrMs$f<-sojuB1RLUo0V6i_lXf;<qWDGmt<
z?_pLRmeSb2b-$KwVG##xYgtSVy+4_I?dV8YC*BH0_XA|+TGjjX{rmo`{YR{@7&*$4
zpmoCI(VW6pprUY$er7iEIkGW-m#L?-Fh}y@kOWvW8u7L^X9U>QYM$!P0s{lJ`Bl6>
zEetferVzEZ&wCyWv1i;b$jhTNxM#VQH((3W*ri-dzP?SEshe{ze*9&FQZ2;5UOQu*
z$&zhoU_f9yo`0S`CtD}}eHZcZhAhMrfskIK5wo&zU#heHj#;2ezNGa=#MPz3=~F7=
z=Z<VE$<;x|6$L}MCi3RD{hwBO&e08qFKZ5Tw+y?jF1dg0pnwrZ;TGUl56We_E+4Id
zxK-V|zgee}q7piqj%^E8VkUVgs^5_*=-*!S$Y}HUK}5u<h>vUycT*VjtOmpsx`n;&
z+{vd_zYjYBjjV*`_N>bfkMHArQ-@=+zyL3HvRmD<fE!8?$!F)<8*U5BU*-Dd;D?u+
zEp`UVi(s}^v$DE2ejz8@L1{b_J2?oGR2SPQEMLZZb^#*IDGOS}%xXH#s*lCknpw}a
zKRV(Bz#mE;FJR|ztNO3+p8-sU>MY1c@?cPasRC4z7(e!Dq;z|1ZqAHuw905dqUSOj
z2>PNfhZD3NkEX>JOtCW{uq>eU(lGg;huP0l5BLhl<U*iPo!`79jaL3LDTp}zYORqB
zn}yJ?Dm>{Ebtkm}Iw*hskc=2!6R5629c)J$K&s=p9jhwAm!4ITb0*;v^;E$<fLxs0
zQqPp;rbSL*6fM2y4$35$&HGql=`6#B|1<1}I%AREc3m_;tna5Zt>mg7m$-aVdf0O*
z*P~Qg`4aWH<Gav{Pq7o`nNS7T&9LUvKcbj7@v=N{0;%+rEL)5!-E|H=zBpzu{wj^9
zq|;-G`7zAd9&}0SS!cy3$vzl=&l1f^VE;7P`BUR^O*ZY@O|`haTL!%HF*&b@C*LQS
zr0b8}2rcN;T@B}M?1P0hhxZHKCjAqkqbS|S!$KP8B#^B*PAEL%Yu9?xQ*pZAO3<eD
zEN*NxtmX+FgP|~%3V8s05l$hw|0H5v@|F-18NN&Rz#D3Cas0r%?3CwL?v8+$_HSmW
zo0>cifvTw)ZN-TDL%-hnWP<t?ctG{`-cfn)^4qo->v<hAdYAeun4CMtWBaQ`GMjW`
zH{-cUU8?U_?ksJ&1(@!=BJ{Kyp@~27TmK~E@~pAQJ#1CN-EBD*A?QV2+<`$HjUYgH
zI&T?ZdAc=&u7p8<f(?FC!sE8R2zX_VqCm|4bj8{;%{7s})npOhPCtKN9@cc@{UtF~
zHt{2}eyi|;cLc0U4!6zpTJOFrH9f2`bfH<f!|ID=L|<aP_3`w<4N<++BryqbaT*Z2
z&#$ZMRvvJqP7&u@q;!1c#FCxLMuf!*VWarsTkzw26v@Fb8_jyI0kn(9#P*elT(jMy
zM6mz^qEo$wfv<<8JVVC<-ZOvFie7Zt`lCp+!j~f2$i)M3Y(aM1JzZ(>rAU2BCB|;i
zKu%H}0GJ6u=!qP}6Iz!1qn%y*6em5&bQsxgQg+0(g`f1AIGD<+-}L36dDg=S)s8C5
z{=EtGz<ZqUeuwY4|J6ftkn(J&6=yr-E)=^NV`Huj;>z%-m=J%5a+mad%vaWJ*Q*8K
z&*P-RFklta;M~5|N5po1oSj+Nw36_Gpcn<<RKiWfRa<snc8P%)j?rFWwr7l+EcOk^
zjxec@!)aoKTdCtrb@%>~H!n_~kraiF=(>A%7dD=Z_sc~i4D~1WHmrDVs_zY~*7du2
zsAljz(`~C}o>#|JMutH{+J8Vka6*G!=mJ^Fy>1(2E#Bt#(){YsEWUGN@WO%p_5QFd
z?w^|P$}n0nSCnh-9FUFjcWrJOECN}s)T+MzYrR3H4_nB62xT+w7#!WP$O=v7?qvKK
zhL5Bz*;k84+J3Jv3bM>8AlxC_cX2~k$rzxUUXH)jxS!Z6vlbfg*yxK$HDt8w?M@ZQ
z;Gt}rfAB3XE{?yqcbMW&%96$dbFbNsk93wm^84vy{@HQCYHn(Gf}A5&k6?3~*{nYY
z{I8UyAJ#qfmN4psbj8PNitFE9P4v?F>q->iqZQ?6di;8E{THaR$$m$2=Mn04PiNZ+
z)?NrRp4!~2!}`d5)BX2~+<T%#RiX=b+*Tty9Q>c45`J~WF^QF$t6}Tdu^k@Y@Z(l<
z63!NiyZY+<)3f0@EAdI5)X|NhIXyqSsFRnD`}i?Fm9Ue7W0x<`<i)I2M6*1Up;IQ}
zyk;?r>EOc+@0)+A{M2t4^*x|JKC5>@F|;bj`?Z}+%=5X-KFc*rr@5Qo|L%O>Fjbz0
zcm48YPV->%fb@05osBPT1M{h#!J{_SPPS65IVTb;0?ir2zTBktv>Y@(M+s#zbx#`o
zD=X#_4ZL6ej5SLZeEFV!LoBbvN!AnRKrJcZ(cGilra~4AhMgz@EVe+FoV)}f3HONI
zGwjvwOmlVy*dXA_w{Cv~|FV-9Laovz_UEuZ;~OZDT9SH--N>y84&0`XP<pILREn%V
zL_L;GM1Hf7<x7{^mot&O%w<>Q^(A_0FR*pfpk4*9V`u?#&fnffshyA=ZSeS*$sZYA
zFi+ayL~Uk>b$b<dKf#gM;_^dh5pw70T{VRKWQpJL)MAj-Gqy*-^w~`bee2+s@ydQ+
z*P}&$+borQVatu=)7iqk@=bSk-sg)gZSKTdBqGn72z@kvW>NasjZU<dbYkD9ZQl2d
zJ9~RIT$r7wCpPd=v7GSI)|^)Q8<)PTUChqe{^=jFfz`E@j?M-CW*+@>`?18mli1=Z
zGE4!W<EA`PxA~ERp~|*S+(!;IxO1Lr%hc@Her8w=*<0x#$Igk`o1@s=C5=W#^AO6v
z&s9XI5@>vdAz1daeQVjbWD(yF6meD`Jum2QHG~*@Zj1?Ik$M*;-%uE0-_?O6ObUE9
z$`KKQlmBTGeb)Mp|M->Y6WHbU(1@$;jHo4StX>CS&|+xy_|38|=lttm5+8)~9A@)f
zPfvwWd2)7kAAf9UM|rT7tMQ6M)bU1)dj+4oVSPiFK|}G9phH#4pZ9oDO<?yu#?Ed2
zT)`Xks#t7T;@p1cm8wQ-4!F5;A!Yv6oTE%A61MRHZkmhxTm`1xQk*~Y8L&EJeUZFO
zj6^S4R8DQalLjdpzhYoUcA~&K1g8y*)Y*KV#9^P-eaKH_GB@?|*mS)~LDB(I*v+f_
z;=9{c@KP<@M|Sm>ILE8GzZqk48R_?(z7+HZ&h8&fd3n|v7!soX0=}|olcmaRgQ94n
z$)x7|mT?iKlIfzx&2$OT(S{#1_n(SfX|kna@LZ|uj`eRiG{HIG(3@B|Q7frd@Dl5<
zPE0nm&&MW?2+~-g94}n#B<7o4#PiFJp~Y{w*^X?Dbhl0^=A22(9$YaC9xZ*%7G6eG
z0UctS0jOSOf4*6BAlf}{Rg;Zw@g?P$>9q7kRQ4c5(^<<jkIFA)+h1U5yA?!#Nbu0~
zrLdbW`g$OQ{K_Yr^`bP8I3Ru}rP*JXSNwD3&^&_8nPpTU3Lz|s^Jha)YC1rLVszcO
z8Yp#(@v;J?%`D>dSl6110?dj9DAvcazL;*VZBNON8N44WZ$K#61Rrn_kp}p2lLk6G
zG4i7gTDee!=|t+%gaP|qDi4r}LoOEw98~NK?P6+!^L=rY4h|0fOjxyd4Qo6sH4xpC
zw*<Dy8jBQQjW272p2J~&hV;OC;^fG42=i6Ob>$3*Xx1s#<VuZv+Vz^lPpUCkGq7Qr
z6U;;7$8C3cw1r*5gpju6virk~70HP1WSpCy?@!-F`A#U>Y<N-WxAG9dPuRE%6C~yH
zq<r|z%P9GQwJawhGYRRYM9n|18h)u{L9%9Da(Y;R<th&Zv8}H2kTyi=ZUyK^|MS<c
zY>>i>iQiL2zYe86F?^6<^O(=U+^XLIa?{1uKeUbjS(kA6K*~^}<8AMO@&L;k&#m+~
zl$QB2UC`&Ubn%G8BipBEfQAeU;+VL|o#dh*Ko~x(!A;jS6uqwNVxZ;simVlD%iCgC
zS;O|fWz$!@in}&QLP9@=?&zP_6n#UA-gvi{pd_mW6%h<Otkpq@^GH)TDduB_19;2V
z7m|ffrmaqj=|lXz&W`T&>({8<M<lZHI#+>zBZbMAVn4sQcpz7^#eyZQYtKE`;8D+3
zDqu-a>ffPDVHo6R{z3OHG_AQYB^8XS0<GqJiyy0(YiEX#@#sf@9CJf(z5!o#%nE3I
zerbYwTuAH*aZR)zle9g2xj;Y_`#wGRgFiB3>XVFFW8@pFJGhry;|$Vk<M9*CU}^l5
zeIZ7?<>@`#SoaXo@8A3X{%w8t?p*{sd;dOM&fp+n#p|QY0n}7EO|7(tLNJI-dXC)b
z>C0y<citIyrU~W|JH{ZKeveui0|H7b0f`Vot|~*0DGJkSbYf%01I|9H5M*&UBx|C3
zXscYrAGKX{*OOj$({Pgc8(qmUzq#GUW0<>);xL*WeT4u!mM)g)%eH@l{N0(40=45Z
z!J!-y8CmO@P8^WHC|o0B2ca+ZXQOme5H-4bM%*g(`ZX0EF4Evl(8l#Ge1M{S8eFV%
z8*>r{vTPqDxf`Q0r43)Z|7Q>%{i9DH$<L#+QR__145XxiDxAatD!Lj&k03yt0-1dC
z4A1JE0cMCrz#1DLZw84g(wn}*?NwBr#FPHsWP|PLI{&%w2_qy+2pJY+&rpXE?lTvB
zHvfV+TEq1)MWWusR9I|(@%5bt>2D{di5NIo>bJ)=n4xb$c2{z0=0kza(k=7Iw&q$e
z*US<Lun4m4qJXRC_D07574x7ax(&pS9zCMqHN?=VwSM`4jsvooglV(4ctK7*LU(|t
za(n2LxfbDa8w<~D(6qjR;mOQ=y(5KfLm|oBl{up=%?M?cCeu<-Vr#AEomM9;utKpK
z6@p#0gbXmfgTc$!Pr;Q@D=TjBG!?Ly*W%*G#bgmukXy83A%lZTjBH+MBF>z2fw%p4
zN9VXeN^hdcq#way<58QOqvyWx#oj{F-1k`bJ9<4=z55MSU9_dkPdLO#57KGh4ky|X
zh4B6{TQb8%*6G{`cXYC<egc-qTj$wxv?w^2k@81L>P~!w)(5qtOAr9tDaYsP(sJTs
z{K`S?Qy4RiNYM6?=TpJnwGiIl?pI`YREFgzn^+cGIoy{zirpFSePmWiXYa0~{%bT?
zRTZ(yMr+rWi+{_)G{-Bpv8Sz6QR#CZO98cQdijjRc*Xt*p4+Klh10Tx?&Y{rcdx8r
zPliw6cInbP5te<t-6e9#rM#DtOP@dq`kl3OC_X@W;!BR!M{SNTsPX%4qMWx+G>CqG
z&+yZ?p)%Z#YI;{YR<)11^7|rBR~>SBu#L}ma3-6><&!Y#j~deKSo*M>jT{mC>UIQW
zf?k}A<<`o9<;`>ld|lkDTmuN;O>Ymx3c7><A(fyMs57ymTS6LuGpe%iZSq&nlUW6m
zbQ7GKuJY5Go|LrU-OJ{8uA61}F=@|zDd%^P8MTBXpS16^UOEt!x!K;+Z?%DX`@DQk
znlAB<h|F3Z{F{LO@5MK4t!g74+O}G{Nb_GyZ%<MIRG_&wE_N&2dn)`b<&Wbb)Gc|@
zCL)?HE=Cc?5_zcm{E>kS!JJq#N$s|xz-ji413JfhnfhBgE46h8QbByT$ih0WIH&yQ
zbx|F#qBgJfSDp>*@UcrlJVy8Gc9M*eZVrKOr_Rda{=6v74yJ?Eh1U5CDw?K4F(FRs
z|B3~WdOfOgxaJ}8ck5AixZM@bmdG2nj)iHrs=c{aB;l8(GOK0B1Kq-K;{CR>yjEmR
z6YH#enkEo_wb?0AKsb<qoh@Q?TL=dZMflNqA7g?rIobJEuMyy(9(ZV+hsga?=9Jam
zWV>`nOr(~_z1G&ZP3iP2%r5!CiPpi!pP;;oE9{I#KfV?~qy2~)SL4ygImxA0&A5b{
z@>HF_XY!r-e#Q)clHj{tEp~bSt6so|g+{vV@4JfKf)-bc?VIE8$^tJ}@Aa6_arKS~
z6SQw7I(^=(`nJ6NWOna!7)_9&o`^%q;$t064^q!I+8Nrh*6C1cgLI3Cw;eApJ!jpL
zYDD05ZJ#hi=URSHxb!wj{Pl>Y!b6H`-H6Jk?Y#8zfK!o$p{TN4Hx`>>;@t>h&AFtV
zw%(Vaq9WRGR|%<tY+KH<G7<Bxt<{!?e{iJzQP2H9@}Q4@1~m;JKs1>0Rso0g-?cy9
zHM%4EX7Dyyrwru}*ZtV|kYYXj2W~8c12mt1{HA-8<1ow0OZ9RcNj~gHq}*{l&`7yt
z(>Wc!yO+(?V}gI>E#zJs`B3GOjg%}M9?ABwDoi3radk&OH7Zn?2)SG@@TH$^T+>E0
zq&Op0?=E!y3`m`(dI59qHhh;06L@X2SI(Zb_Lj0i1HK7PZP&#P4_`?Nr<3CBag;;Q
zv4{CSJFnKzVZ12c_SILYyifdEh<%Bt*#~;)*0WlhDc|{bEf51v-M2ySQsXFey!E-u
z+N^mm|MrVoj^|P`Fl58vZav1<<_=c=?%L3y873=5v}hRwqRjHv!x{#xGNuX;;03zj
zU;|uI8eMjC)i5ux!by!XO!}td569#CN&eZ6;qLP2)>sMygP-Zjf17FHu{2+lF7iK?
zJ`Q$i71EX0_V#{tCuKam^Rk-6l7c#v_Q=y1ii`^6tu!xmV2QS&O!&O{wX08}6jdor
zBX+!#w}#3s8_9nNQ_=J8LDp~op+;4EJ0)*DY1S7l^um?y`!wioEXch!MbOOhBio2Z
z_q3b9v(Bu|U~(+de|P*#Z2i_$O#S)Bro#|nUAoZK+p{Ah)2m3P%Zoom1;)F9iAi7k
zLyK5|IX};ArG}odCxEfn1du{N>tv2jNeKghR(EeN<Gp*|UQ=k|A@SO5T~ygq7;h|2
zs_KPyzwO<f{f6D+CDG_PceZUj<E$;LE1ZjckEI}Mo=%dhQD&_nSRs5)W3{d;DEHa#
z2OmO5R%`A-zMIgMwqu*PQ(v`NtB1ie^A*EST^GZJj;DWWB%LIV)K|O^=o(e1Q^V_w
zBD3jvNB*WeN|cED2*aS+*}h@R=0~deIGZi~&ww(KHZBRnvd__u72-@SvVs~u-0XVt
zV=ANwCdPTPN2|gYhm4o@2U<!7&1BBTU+0F;j+ji&?aJG!>Ad}zhja|TMhx%v3;6Vm
z-za`kr|&hUCKnKxDZ_Zc6_rm|kwW+grb+VQ<F#9g4xHkr@Uj##OktQ-oh?nR?Q9q*
z!m%{tI9%h|uZh>0b|w&E$eoT<q@5LbxqkZRz;Sm$qs894Hz0eM?Na{I`KHz|$+P_X
z2p!^bPjfPgHM7O4=Q)lC?s9ZH5>9s#CHQE%8ihU=x3yu^cz<#0!(kP{5f{tr+c-{C
zZSC^P@yPa0gAQuP2D~sh%b)q{I=Q?3MEompfOR6-fF|K41zhRsbbg0RTTxXl`8+mI
zL1jQjbM9(iOo!k1X<GB;c`PfZSl}70PyXZCvB1NPMX$ZzudevFNmDeOf>E6Bt*$+c
zvYGr~*T=(0SAht)O??0LPw43AC;`6FY@@{}o0fJ7EMRUhIHARSuO=or%>ZPL{SoKR
zIclqe2w8o2i=v`;ef3wBDdlpj!f~Y1h#-=7xMSM!UfglSb^$&8D&m0<iF$$!kE4PT
zIiJr(dbSkr?V9JB*e@>K7?-kNQGSyi)|0pUrJrV@SdgYL#M$1l?DvW6>CDBOLte4d
zL&Y`cxpw}7gXN=v4#~RtGpOZO|Cg^lg?@UwBZG35Q_W`1usCfNpn#QbaBKy<l$wYJ
zG9Ku-4dAS-d4T3_h6?WscTf@QhPeBoRBt5Hj^@d@{cVnEWmtl+byVQ4pAXk(QAeM$
zrQaoP5l`gp+Nz5kqDI0D`9E7|Xd1ig;JeU$kyDY*62kCa4~&s7Z*j$F)jGyDUjC}}
z%B{eDdys8y)(1u<{4$b@dU9Dfk+7#%fGkTU(f0UvmkaO8@)1GeNJ`D1B1u;FVFGuH
z2ni+}hWVTXfY*QaU+pt2i24Dz&fjNavOEfe0nbw(Rt6fv15|Z=Xl<J-NP4bJ;H}zq
zy#v~(M|*9T`I5{L8@9P^^~XG8=jm42{L*VD=L?@ayL2oyex$~Qr1t7QTe{5bWjZ{m
zlaO8AZgDt0e5rJG$auar;t^rQhqvyLF(h4;P^wI0eo&th5{@TOqbw?zFB<Sh>&822
zv^aPStb_4L7$$r-v>iAjBi>O9XTO>(1EDRZSaumyWyULDcp4ufH)%NrkXm=JN&~(;
zEUhEctc9JNxb+PWh;lqMGW+xK)NPXaiM%ge!EIb*L22PHMqn910HdjB$qh+EuoQfc
zaNMFQ^jq9}=>DTqgW0SPS-r|?s5&eI^{^<IZU9T_uYWojnq(Z{;MS4W_6qTRi)%eq
zjZ1ycS_*`jjFi3*9<X4SwtVnfU9{vQ!nEK`4Ot2vL@M@sN=W&Zm<!Mwt6ajSuF38Q
z?vc{<q%_3$6>e@p!P^F?n@{u+w3K_~d7GJY;>NHnmbQV?Zlh4a3w%+bNLg3QkV#$t
zEPu{`j*7=rIe@jM!5tcHJ_{MZd6O|1Blt&I(Z32O<j9c4p{dgu!epIG;-V8e6y&$V
zemQ(q6kgO8#YH;$c#o%`88b;5D6RxyRx%J>B?KcQb}$j$z1J{)@~nx^j8Kp2+E%;b
z)s5WCZ!Gy#V?||%!wUP9nhKd5h22|O>cIR_f3A5zj0uOD144E*yHhnmzx%d>V1+#p
z%9jlwUQnhhafNXo+G)n4`^s&8qv8~DQ&Q|RsdS&bC705pVIUrgHi-Ie3Z<n)wBFaj
zMN(S}68>w|foE?#;d<45dyy2>)ZxIde>|?~%&rL24AxoLOk#tIS3Mfy<lQGrXBVS6
z#&v&ym7laQE6tLh5{)=~EwJVQ771RF1T59h?GtIx`|sL8=bt^`uFV9l;I-+x@|Cez
zMD?8pHkwlz*lWWR7W|kGWS-xU1<ctzE!w6aF|qgIJM`xDEdrZY`EyZ^Y`YgEl14NL
z%#5Cy`6j3#U3~}Kex*-&9cAE;5~w$Mz(Qz5K>+T7^FAgJ6-P%Y#DLahycxlfCR}Z$
z1(}gX@bSTmHA|73-%1_k+*Y+EK>3-0nAFj%wj1;~kNA?_#{^fCuqabjNm3bMBm?W_
z&JO#A5et5n<eQi&QZ(nygEc?xQLT|{{{xAnlZ*txp#8|T)3gN|3=T+^g)G6nSWiLn
zlY-yQbtoI-=uLX*wb|j&|0mZ1&#KW%f4t?7N+wVQ&G1CYjQ*M&I)Jp;wd!Gb!eP?5
zNOf<g@sMj?Q31T-lnV~&899W200}6GE(HQ*N9r9+23UBm8D4}S0P(YZ3+5EG&O{;G
zvksRVm}0GjrR*=~$b+pc+x`qNO8(L_6NUu|tS?`_XniuifsRK6F}FImz};W}%y*(-
zm0qLt%$!k3?fxd~xy7qaanpnmuvfhmRTUV<7&rt)yaI(J;kyEUB_*7{=i3a(kdlsX
zbPoK;0%+5n7?lA?=pi_|mLfz@YzTJDSi)%Wi2}?$P>~2g7a_h(U^TfqN>pUq8z6vJ
zgF(o17Qk94#9S*@Na6#p2VqGr-S>r;iY<2POorkql)qF~H_oHf|FdueB#TW_!b%n`
znUv4~5W9*HGuAev{Zcn>7n0)k?LZJ*G=K@wfo%ixifGjiX|Ce8;&@ckH3c`ScaycK
zRt))5!&bgI{RrlMQ`M;NJh1n*3Z>8Ux?NjCB}kwl1uInJ@}ZQ!TGRDD_zm8oykBL*
zL#5P!Uon|UF@XZpEC>J)C*QHTpygiP_ip8yy^yf063L}FKk_0^ozRV+{*;5@lyHr@
zKgh-^tKv=Xx?0hU#Oy1~f-lksVVI&Q;wu3att_sY`vP#&l%295102eZ_2b8n?@cb{
zM)bMUg%eCDe-xv2NqSxK1((O7jzDVh(-&{Z1JWP4Lg;g1e`T=C>Pyq(`J6=8VZI6q
zL^StM@+mx7`zz`n&(#VsG7C6tK(mb&KvYrgzc!vg?#TH*S|<ni4v5|{2KY|G@Q|&4
z#lub40ZP{~BTZY(H`~LkPvrb7?sf>+=2+-He93m09}t{wqJ_KsDwrDUN#0!mWo<#P
z_ca}OdsZ4Me;35~AXr#%l*Hkbl%XJiPFvzl6K<ze2!~x}xuRHv<hkP~h!LCRC6rUf
z;d`NqGGk#xKP6zpDO|LP0V=r=2mF0O@=gKbA0}mG#ZJbp8*+T?3JQwP?0-^(xd-cl
z@$lev#6^hZrWJa_lKVA%J3-M+=Q=h2iprMkVYDfXfB~Mume%tM^L+~i*q!lkx;QB4
z%KLuo1u!I97`dg7CG|B|5Qm3_x&Z(axv1WFc|D6DAU=dXOoT)4C$xh)gM2=hp5w*O
zi9lb>3eWToW@thAOyEu(ZF?(Y@_o0Duo3v;{koTTxYsAJW_2cxL?v;N6mXf?vDYy^
zqfKXi=A5?}-}6hi0KD}zrH~1E5h3~^youl;4Pp~1(E3OzeSO;Z@87EdWD~?XckZ9y
z#3GunT0U!4E!#IlY`0{ylu>^FT23&_38h41tmU1g#NL4hB@SUoVdmmQM733L5gq!b
zg(8@^ogb@4V*wG(U<#_Ly`Vh_42Wq(o|f^~@*ND&t0q(Gxyy|Lypw<rj<?Lk-EM5i
z2A#djd2u6aVmnJiyZv~|sAm=_49;WW(%N6_SPU>uK*hIad4ekN3N}n_XhED-@_u&2
z<z5TZu~Bc<<L7%nQg0e5tOh*JDBi}lB?<6zA}Z~tY8ZOTDy<c-2P7X_#OQzp{kE@Z
z$FOi8<Ob7pfy!KP5|Xzuj1P4r+6+Iz=KfB3S}Q&(j~mW0Ia}IqEoJvAYb2_dgYmnw
z&dMaKqPFuiE_BKo)LEr1k7f(^(9wJ`fP&P|^&H7CNpML?Nzo!4R3fsR==VY9H`C*U
zBRqF6^0aC$4D)_wG`&RJbhdrE?l|GqPUz1oRE2>Pwd#@fthG_etF%{2fQCvQAvS&z
z`kM*rHOuucOZOL0zXUUibVxCu!}|sYyU~IDAhj=oN~nLo0o?vWqcM(tYC{=PqNeke
z;V+Ws2>uzL(7`lL=oYD9&oo^?NCnKvl62jsCeuUTpLZ=m2^;7r_LyLgkaJe%vtnJ|
zMc^AvY{Om?ULNk@an2?^-F|&MtrtflssZEwzky{dtE%=^5)Bym`H6vgSnK($!<hci
zSNm9<zjgjK##yBK;?JV7LK=9`E#+n2YzxO~TT*o!?@gDy?1!nxk2gh?!DEyjyVJhL
z!{bP6nx)I!v@Ga}S(sPh0xFoE_7Jdj5lLv2@?hiTZw5nbED-+Q4TAS!WMn}gF71Ux
zwjoJ?Ic9(Vm);q=*xi%;t^3gldgInj0a`NxjW_@nQ8Rz80uLadk_kub;ENOqek6&M
z=etxCCAQT3my`1vQ?LM(9xuDrE2L~~xy=WYjPB;6%XNBL6^q2rvO?K5(o-uN17Ms(
z+X?VAhs}_$7WB^kh-we^(2d_Fsx&${P4`0g^Kf5G#v`i#>|5G{4ZsZ!g0<1W$!fWF
zPOJizv`(OCz(MPcdp1)^6V~z54ylL_Rm@*tZ#CGW^rndt|Gd;*8ZjgbsK(1T{Yk$S
zaH0O_nVDC=N6(j+taqVaKPW$PptXieG>S=AW~Bkql|e{K(v9US3yiAhI!|aM3{NZj
zqp11Tv_sgUA^~)9C09<MDc$GkKga<@@F6h?94`#X0zz+D%0B)Ap>eR^=&j{-L&zHr
z<@M|AM518?A**pI(By}U?%fN>A{z2JFq>}qHP94LKJO;|qy-SXBhGMc^K(%qGRl0!
z{GLTB0C#PwNU5&X0aCPvW`0dcjJN$tX(AK$lr6tfUU{Mk`Sua)X@s&~Ew<>bT=Lng
z97F0ECQL?;I$5XgA04t3V!z&LZ%S_(f}F!FmOdq3AOf^+D3;qy--L&hY3DR5+D^L@
z2h{3O5h{Tl{TYm1ulYEo5vZ#RAY1EutCuJeiA0s@i3+3~etc&L3y8q#_wXS#xgAfR
zmYS)I<aECvrgySgGV*No#9_trVk1qBx@ycAk>!P6<G1CX)N|fFhMn%mmNcSIfdx7s
zG%goEYRa_>LDu+1%=$@XVEP_gHGt6D{?S;!_o7-4w8u~I-fXKsry^5m!bb|fxDj6N
zp!<w9rT4)OEpX+OOMdy^n|Tucz1D{MSgssI<0cHxe)X>qkv2TPfg*7jFZ1V(*6jE>
z+q63_v%EJK*U-}uM1wagw|;M<8u&4)Z%=pvY4$-1oSnGEg%3icd~uc1#ePt9I8W+X
zoGAQehbG!S?#PhPF?tZSFLGG_Zt4l_<`jEU^(#?YS|1YTVLhPrt<rEvuUWKP>7%uk
zk3iM0ph7*91IX=N%sG0~MH-~{VpZjLjcZk<M0bAsGWiQ%qvri7rtYb)W{0ajm$yg*
z%o8up-tR3L(8+st^=RF<V3xSte_?82wlvaYC%qI|TE9QJY(JloE~jLzhe94Nq_u$^
zEm~{MdC*`M{%f(EXeO{ar)X`aMfmb?rg-gp9*%3&->Rs&&)qDvg86&LRpkpC)V4z1
zW^Ohb_Y4Y{3lk9~)+>Mhx9afF*9Gd980`WrebZ1?jHupZm>xo|@krMTv%zzMoqE4J
z)Mcqprmu+`^2!r!2eB}>hWd5MFI))gcbD0u?rr}pkFIo4jX@|$ri6vN*NJa71ZTLz
zC*R!(@li_gySF83+~2!nG`q30J7?iou^k+LJl0aTc){iv<9!IVZQe&JrPNToBTh;9
zL3UOGr_xy`b1>e(#qE5Ys7G|IMy&uQ<$73lORn7wVoFc2Eu{C?|4)Z6+T8I?5OT&E
z{TCuMo_jzVARN^I9V0K7OH0xkys{F}_u0l(N@*GIOLi0d!&}yz$zslRMHyJ2avQfZ
z(9t5{WCmx9%(rJ}yJc9$R^{HeG95pkmXr4mJJHVRR|nXx+e1D%iczh75;38T4u3vb
z&Xv4Avj$K^U@9{MCxnJd?&eVsyU8JOK;(<3$_ijZVS=&JRD`7XLm?>`2QYrRMNqK!
z9nZ8TS(7%j^g|P+m)rzi*Q9C`Uk+RO6e~AWoA1h${{7f~bi7M{@tb~+B->1q9=%W=
zvP<7xU=SL9B@lC3t*@fJGW|;|I~mDF91z}mSvj~Wk>1c(0d3v?oe@4o;Xb0!e12*A
zft#~iv|J+iNZ+U9*t&bgWOpHU*raP}V&(6Tq8H_Ot3{do`PSI~GMpIHZh)Ps;hXyq
za4<V_h2yG9msvHi-^v^*TUImXjlGPmP_{9j-cBtO<#=dGTmpxMfbaMq)*Z3!rkV<;
zpQs08l3j;i=oZtizVbINwX`WqmdXv(ZpFmBsaAk_iys{DXDB|NiS%hcB$zuLcB;0X
zz4hf$)9zr74=-oH%ZIm?L3P~17v-%E7Q02kJ3ZxPt+aoZs1v4HN)v9!Cxxh0e=M&i
zNw8CLW<`r^?z=!_cgju1$+cU9@;Ayd-rf>rjT`JBn>uyY^K(Mnt2urNqJU|}GqcfS
z8XW!#+vmHXowc~1C`KDX^EOx3OT?u6hF@~cc-<v`a3gSnc3RudxYo9_hWto)8{@CI
z50v%%^7R#sR<*4#e-s@DaX?e89oxZ!n_(wE4eX5io8$Y2hCXNPv=BDA*meO(k#93x
zb#G+4+;FsnDI_GKTU=Q0tu(oQ#HCD7;xx-=6FIri_2QPpkJqDTSYQGg1CQT2FrEFX
z&`xlWIp>fzQ21Bo5A@kxs5lp`Sc07vezAIgKUcl|cB1QUBz45E?ChMqjkf&EVc!n<
zxRE6{=zu$SmNx#3!|clU#1E$98M`Qw<K3-9KIaaiLOqt7s*;|<t;ym;$JPrK;Q#{M
zp@u6BY*tl15Q-`etuL(Tr^Rm^b`Ji3Q)8HULHpz`D}M7qit!TdvH96}OG%Uqlq;>|
ztw?bg;-}L~CMAiD)S8O>wf_E|KUaP+us6O5WP950u`R2~Y&8+aD)5-~?NG&d7%L?~
z{zoq|Itu^`8E)YIf51XYK-C+8vX3=7zY5T#|InJ;6^{^%&3CrZ(15wi{|v7|HEJi1
z#i}z#ypM!rJ@AkPP!2G9lEDTW$}OsuZO?<Wp6@G~T3DDIu8o95RNs3BOe1?+5xX1o
z7B6dSP-Q<;&}Od9YD4&A*pzecOI^T4wk&{){?cTgg!|$`#K<~9-&}gm!6}|f;s9n&
zLyVNdNQ6^(O@;chLO^g3#8BgWK94it(xQa+S^<6mcFY{{*a5ha1w2XI<6dQDB`-+f
zm3{c|#bX73)KlOR`W23Fs;uGVW+xq5{*Y+fS>*r_jx+dE8T4srNCmiHOzk5*+@8k|
z?a9o{#Nc{S>!de@dsNnFCvc<z6PeKYp7rFeYcQ%v&L368QS1iPWQYK;2@Lhc-|0cD
zk%l08ysxjX-7HZrC@G0T@!`rR*jKNO$FdK#Qn5!yLq!S&e%anR`AJ|RudU8<EG97b
zZ$OAGV;avCTSZyk;6o9_2;q`+iiX?#{$sHoD<Rm}z9=ZoXUpLajHv*BgA?a`Gu^)x
ztMvojao;OkG)TRgU(%DQf_r?r&X@0;l%j3;lS@p)b*lPasZ|IYv#Sd#w1^ovtEc2P
zu5ss&z|yX8pLqr}(M$?IP~U+bL`5d*yR#Xam~fd1tWTHLACv|LIoq3NBv6bNh2~up
z3+zBSXFvEiym~Liu_(zx&}$c*wyB35FO~)Z*S@^$u;6mCVmKWgV8YKTn$~-F4dSx_
z)==&!l$ULvg@9zAx6RFBf_8IvYOJ*BV9WoGoS1EaO5Z!%OLXbQuOrx>E{t0FAQ)i8
ztA(FNs~}H?Y_o9`;zUcEd=PRhcq4}jj_E>@B<Ujo5<0`+jPjWP#l-acWUY>8UOM-V
zut^<zv`wUx%FniRX|LG3l()X>imQS2?RB()L#5SQ{C0H$#8|C#z_Om4xTP6AK|8a0
zBAOA@Z~-IOz=6G&fqR#Qg;7|Td?-aoMpiapc&i8)ma!Obhwjo1$z8H}%yK!UQv6JL
z3`=RKnn*y~{Yhw__?<{AIf$;ZAqam~P*(m7k_6y%bURjLDa~HEcYrK`q<xZc$f1Zs
zRCj$Hqd>Fof;C{@soUW35+neM-~o{(ru2u&xm3Htn4*w0BX``JF%IssBbDDkG?34Z
zea*F6KL^zM!}Me;@Z30tU68r51WJ#CL@ElZd)BNH42B+9ey<sAh+mNG)pS`8_Zncw
zAr8s4Yp&Jo39#F=yxx3d!(!OQ_XDaLy{ITPsJ$fp>{(oWh!hHzN&V7F({DZ}1_aj`
zY2E0Ok?{|DCwY@ydX4C#l{#9t@<ii%)RGf`Q!y$`zYv2$t{4C$lmq2XKFb1N0V5}d
zzo<nrfIbj0_PATFVUk_TQvet{6H!4o!59{Z!JN6ZEtS<F=Z_FfOgC6mK12tiGNLDH
z=W*3QNyo)cAJlv1C%BraDM+O0DQ@B+<FC-_w=Gb=VVGy&ZS{PLr7Q!?2?8qX-wf*n
z+5gnpYH|?&G~b7Jevy(gu(ZLN9kukcFigi$A-gac41UXq$3Fls)(Bh+4R7#vtB#o}
z1`46^1F80m931$#xVRuj<yPa~t9G<2Hsa~V7Yhpg<vWw}xFzhu!;b$EGYktpU;@_y
zsC^HjS)zrRpH6Y#J~PH03A9b%y9Lo>g<jVoU4H?kEZc-eLSzwZP~J=>bMt(-T0Tg3
zmlpOW1c^)SRNzkE>@|7N{I@^|_|MLAT^sCweq3|_2`E{CF5!Rzd;bXlp3#>9kY#c$
zbpHWliD037PJndmce#gre0={G_ttNr0(mrRAOT3H&X(&j`soP#tiNbs4uybi(23Ay
zB~*v}R$2gz1<GS2aR$86zxz%ZGT$Z*#lXOBd?YLV%vwr{3`x!DAB6rk2zdcRQv}~X
zRx$+J<~wLkefoDR92kYiGwD=d<?NZk^eoDX&6$9KHUk#mt;dC+JG|nCAINNG1ZX@u
zmcrV)gsUf48r<f46hI*^zR5D8Cl0>3h5nO)TcX!QHeF};uw1_d)#~MuF|Cdb9{v@r
zhzvSUlmPPkr-EoG`|=EV9;{jf+M{}S=mb2fIkvNnwG^>8!Mgkd1p}W4Oo0Rbcrssm
zs%9H+i+lW)1u;*awyK0+9QR|vI0Pm&s?f;4Em*FO7H_H+=y(5ifU!g;Bm{wWe~jGR
zU&%~H5#ToejbNgQ3HcXIhasR<o$pYpa1Q89u{K^5do564m=?g<<MgZ1N)t?>L%E$p
z`aURXxR727hR(1+js+?f$Qv2a1LLoq#}l2~z@SFvH^ALQaPF0L4YV^D(qU<k1*D0(
z$cK}0{T6ur?i#5D!;nQ3LeUjfQ}5Z}edK#pf&TJ>6Z*p{I9Vsxq8Yu`|MmKBzsmI%
z1C;*v>o^e1q1OLDAN=>5`Z#b|kz9Z5+BfvyAOFun{qqvso(-&DB6o8>7n)K2`2w;J
zy?p=UweS=z9`sz5U!XVBKVSb|sefKVs~o^wZrn|&{oi8*?D#KR<)8mh1RJQ)X;H}L
ze+&>z7l;?y|IGTo-Xx;eXT9^))c+VDdc4ww;{R*d|HMW9=dfh~yzTM7FF|x4g99TE
szx?GjO8?I>{+nt3c?tUe7s0QHZ1v;bXkG1WVSt}Uaw@WANJIbs13ZvRZ~y=R

literal 0
HcmV?d00001

diff --git a/docs/security/trust/images/trust_signing.gliffy b/docs/security/trust/images/trust_signing.gliffy
new file mode 100644
index 00000000..b21fa366
--- /dev/null
+++ b/docs/security/trust/images/trust_signing.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#FFFFFF","width":881,"height":627,"nodeIndex":322,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":true,"drawingGuidesOn":true,"pageBreaksOn":false,"printGridOn":false,"printPaper":null,"printShrinkToFit":false,"printPortrait":false,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":10,"y":0},"max":{"x":880.0000000000001,"y":626.25}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":10.0,"y":122.25000000000006,"rotation":0.0,"id":79,"width":531.0,"height":500.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":0,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#ffffff","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":416.0,"y":312.25000000000006,"rotation":0.0,"id":40,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":1,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":41,"width":71.42857142857143,"height":50.0,"uid":null,"order":3,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":40}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":40}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285722,"y":0.0,"rotation":0.0,"id":42,"width":26.0,"height":18.0,"uid":null,"order":5,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":40,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">1.0</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":82.1785714285715,"y":17.03600000000003,"rotation":0.0,"id":0,"width":63.0,"height":82.0,"uid":"com.gliffy.shape.network.network_v4.business.female_user","order":6,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.female_user","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":1,"width":43.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Person</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":330.0,"y":142.25000000000006,"rotation":0.0,"id":2,"width":120.0,"height":80.0,"uid":"com.gliffy.shape.network.network_v4.business.user_group","order":9,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.user_group","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":3,"width":73.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Organization</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":141.0,"y":152.25000000000006,"rotation":0.0,"id":11,"width":63.0,"height":82.0,"uid":"com.gliffy.shape.network.network_v4.business.user","order":12,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.user","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":12,"width":48.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Account</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":305.99999999999994,"y":273.25000000000006,"rotation":0.0,"id":16,"width":110.00000000000001,"height":80.0,"uid":"com.gliffy.shape.sitemap.sitemap_v2.photo","order":15,"lockAspectRatio":false,"lockShape":false,"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":17,"width":110.00000000000001,"height":25.0,"uid":null,"order":17,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":18}],"minHeight":0.0,"growParent":true,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.rounded_top","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":18,"width":110.00000000000001,"height":25.0,"uid":null,"order":20,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":6,"paddingRight":2,"paddingBottom":6,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(255, 255, 255);\">Repository</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":25.0,"rotation":0.0,"id":19,"width":110.00000000000001,"height":55.0,"uid":null,"order":22,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":16},{"magnitude":-1,"id":18}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":18,"px":0.0,"py":1.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.sitemap.sitemap_v2.photo","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":416.0,"y":262.25000000000006,"rotation":0.0,"id":37,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":35,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":38,"width":71.42857142857143,"height":50.0,"uid":null,"order":37,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":37}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":37}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285722,"y":0.0,"rotation":0.0,"id":39,"width":38.0,"height":18.0,"uid":null,"order":39,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":37,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">latest</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":416.0,"y":442.25000000000006,"rotation":0.0,"id":63,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":40,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":64,"width":71.42857142857143,"height":50.0,"uid":null,"order":42,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":63}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":63}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285722,"y":0.0,"rotation":0.0,"id":65,"width":68.0,"height":18.0,"uid":null,"order":44,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":63,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">producttion</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":305.99999999999994,"y":403.25000000000006,"rotation":0.0,"id":58,"width":110.00000000000001,"height":80.0,"uid":"com.gliffy.shape.sitemap.sitemap_v2.photo","order":45,"lockAspectRatio":false,"lockShape":false,"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":59,"width":110.00000000000001,"height":25.0,"uid":null,"order":47,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":60}],"minHeight":0.0,"growParent":true,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.rounded_top","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":60,"width":110.00000000000001,"height":25.0,"uid":null,"order":50,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":6,"paddingRight":2,"paddingBottom":6,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(255, 255, 255);\">Repository</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":25.0,"rotation":0.0,"id":61,"width":110.00000000000001,"height":55.0,"uid":null,"order":52,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":58},{"magnitude":-1,"id":60}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":60,"px":0.0,"py":1.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.sitemap.sitemap_v2.photo","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":416.0,"y":392.25000000000006,"rotation":0.0,"id":55,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":53,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":56,"width":71.42857142857143,"height":50.0,"uid":null,"order":55,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":55}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":55}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285722,"y":0.0,"rotation":0.0,"id":57,"width":28.0,"height":18.0,"uid":null,"order":57,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":55,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">test</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":10.000000000000036,"y":132.25000000000006,"rotation":0.0,"id":82,"width":108.99999999999999,"height":20.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":58,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-weight:bold;font-family:Arial;font-size:18px;\"><span style=\"\">Registry</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":36.142857142857125,"y":399.25000000000006,"rotation":0.0,"id":109,"width":187.85714285714286,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":81,"lockAspectRatio":false,"lockShape":false,"children":[{"x":7.142857142857139,"y":50.0,"rotation":0.0,"id":98,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_right","order":74,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":99,"width":71.42857142857143,"height":50.0,"uid":null,"order":77,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":98}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":98}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_right","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":-7.142857142857139,"y":0.0,"rotation":0.0,"id":100,"width":50.0,"height":18.0,"uid":null,"order":80,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":98,"px":-0.1,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">working</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":7.571428571428527,"y":0.0,"rotation":0.0,"id":95,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_right","order":66,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":96,"width":71.42857142857143,"height":50.0,"uid":null,"order":69,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":95}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":95}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_right","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":-7.142857142857139,"y":0.0,"rotation":0.0,"id":97,"width":38.0,"height":18.0,"uid":null,"order":72,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":95,"px":-0.1,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">latest</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":77.85714285714286,"y":8.0,"rotation":0.0,"id":30,"width":110.00000000000001,"height":80.0,"uid":"com.gliffy.shape.sitemap.sitemap_v2.photo","order":24,"lockAspectRatio":false,"lockShape":false,"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":31,"width":110.00000000000001,"height":25.0,"uid":null,"order":27,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":32}],"minHeight":0.0,"growParent":true,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.rounded_top","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":32,"width":110.00000000000001,"height":25.0,"uid":null,"order":31,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":6,"paddingRight":2,"paddingBottom":6,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(255, 255, 255);\">Repository</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":25.0,"rotation":0.0,"id":33,"width":110.00000000000001,"height":55.0,"uid":null,"order":34,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":30},{"magnitude":-1,"id":32}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":32,"px":0.0,"py":1.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.sitemap.sitemap_v2.photo","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":330.0,"y":0.0,"rotation":0.0,"id":180,"width":67.309,"height":101.072,"uid":"com.gliffy.shape.cisco.cisco_v1.buildings.generic_building","order":126,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.buildings.generic_building","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":182,"width":56.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Company</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":266.0,"y":125.25000000000006,"rotation":0.0,"id":250,"width":7.0,"height":413.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":172,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":79,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[3.5,-3.0],[9.5,496.99999999999994]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":35.21428571428568,"y":262.25000000000006,"rotation":0.0,"id":253,"width":187.85714285714286,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":173,"lockAspectRatio":false,"lockShape":false,"children":[{"x":77.85714285714286,"y":8.0,"rotation":0.0,"id":125,"width":110.00000000000001,"height":80.0,"uid":"com.gliffy.shape.sitemap.sitemap_v2.photo","order":83,"lockAspectRatio":false,"lockShape":false,"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":126,"width":110.00000000000001,"height":25.0,"uid":null,"order":86,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":127}],"minHeight":0.0,"growParent":true,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.rounded_top","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":127,"width":110.00000000000001,"height":25.0,"uid":null,"order":90,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":6,"paddingRight":2,"paddingBottom":6,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(255, 255, 255);\">Repository</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":25.0,"rotation":0.0,"id":128,"width":110.00000000000001,"height":55.0,"uid":null,"order":93,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":125},{"magnitude":-1,"id":127}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":127,"px":0.0,"py":1.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.sitemap.sitemap_v2.photo","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":7.571428571428527,"y":0.0,"rotation":0.0,"id":122,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_right","order":95,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":123,"width":71.42857142857143,"height":50.0,"uid":null,"order":98,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":122}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":122}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_right","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":-7.142857142857139,"y":0.0,"rotation":0.0,"id":124,"width":38.0,"height":18.0,"uid":null,"order":101,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":122,"px":-0.1,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">latest</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":7.142857142857139,"y":50.0,"rotation":0.0,"id":119,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_right","order":103,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":120,"width":71.42857142857143,"height":50.0,"uid":null,"order":106,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":119}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":119}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_right","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":-7.142857142857139,"y":0.0,"rotation":0.0,"id":121,"width":26.0,"height":18.0,"uid":null,"order":109,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":119,"px":-0.1,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">2.0</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":416.0,"y":557.25,"rotation":0.0,"id":281,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":179,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":282,"width":71.42857142857143,"height":50.0,"uid":null,"order":181,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":281}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":281}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285722,"y":0.0,"rotation":0.0,"id":283,"width":48.0,"height":18.0,"uid":null,"order":183,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":281,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">release</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":305.99999999999994,"y":518.25,"rotation":0.0,"id":277,"width":110.00000000000001,"height":80.0,"uid":"com.gliffy.shape.sitemap.sitemap_v2.photo","order":184,"lockAspectRatio":false,"lockShape":false,"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":278,"width":110.00000000000001,"height":25.0,"uid":null,"order":186,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":279}],"minHeight":0.0,"growParent":true,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.rounded_top","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":279,"width":110.00000000000001,"height":25.0,"uid":null,"order":189,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":6,"paddingRight":2,"paddingBottom":6,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(255, 255, 255);\">Repository</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":25.0,"rotation":0.0,"id":280,"width":110.00000000000001,"height":55.0,"uid":null,"order":191,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":277},{"magnitude":-1,"id":279}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":279,"px":0.0,"py":1.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.sitemap.sitemap_v2.photo","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":416.0,"y":507.25,"rotation":0.0,"id":274,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":192,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":275,"width":71.42857142857143,"height":50.0,"uid":null,"order":194,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":274}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":274}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285722,"y":0.0,"rotation":0.0,"id":276,"width":26.0,"height":18.0,"uid":null,"order":196,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":274,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">7.5</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":472.40133544303796,"y":320.25000000000006,"rotation":0.0,"id":306,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":209,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":472.40133544303796,"y":271.25000000000006,"rotation":0.0,"id":307,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":210,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":472.40133544303796,"y":401.25000000000006,"rotation":0.0,"id":308,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":211,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":37.214285714285666,"y":406.25000000000006,"rotation":0.0,"id":309,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":212,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":40.214285714285666,"y":456.25000000000006,"rotation":0.0,"id":310,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":213,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":594.3333333333335,"y":493.25000000000006,"rotation":0.0,"id":314,"width":283.66666666666663,"height":20.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":215,"lockAspectRatio":false,"lockShape":false,"children":[{"x":66.66666666666663,"y":4.0,"rotation":0.0,"id":312,"width":217.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":214,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Signed tag.</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":null},{"x":0.0,"y":0.0,"rotation":0.0,"id":304,"width":33.333333333333336,"height":20.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":208,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"}],"layers":[{"guid":"dockVlz9GmcW","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":216}],"shapeStyles":{},"lineStyles":{"global":{"strokeWidth":1,"endArrow":17}},"textStyles":{"global":{"size":"16px","color":"#000000"}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.cisco.cisco_v1.buildings","com.gliffy.libraries.sitemap.sitemap_v2","com.gliffy.libraries.sitemap.sitemap_v1.default","com.gliffy.libraries.ui.ui_v3.containers_content","com.gliffy.libraries.table.table_v2.default","com.gliffy.libraries.ui.ui_v3.navigation","com.gliffy.libraries.ui.ui_v3.forms_controls","com.gliffy.libraries.ui.ui_v3.icon_symbols","com.gliffy.libraries.ui.ui_v2.forms_components","com.gliffy.libraries.ui.ui_v2.content","com.gliffy.libraries.ui.ui_v2.miscellaneous","com.gliffy.libraries.network.network_v4.business","com.gliffy.libraries.flowchart.flowchart_v1.default","com.gliffy.libraries.basic.basic_v1.default","com.gliffy.libraries.bpmn.bpmn_v1.events","com.gliffy.libraries.bpmn.bpmn_v1.activities","com.gliffy.libraries.bpmn.bpmn_v1.data_artifacts","com.gliffy.libraries.bpmn.bpmn_v1.gateways","com.gliffy.libraries.bpmn.bpmn_v1.connectors","com.gliffy.libraries.swimlanes.swimlanes_v1.default","com.gliffy.libraries.images"],"lastSerialized":1439068922785},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/docs/security/trust/images/trust_signing.png b/docs/security/trust/images/trust_signing.png
new file mode 100644
index 0000000000000000000000000000000000000000..4a941be19d7af808c74be2f67e75fb13de6de411
GIT binary patch
literal 71621
zcmZ_$1yt4D7c~k45{Ht5bVzqA-5t{1h$2V`N_Tg6OCu@LEhQm{N+Z(U(%p9-|M<M$
z_}+WRU^oQM`JKJ@s=4Nxn=n;nSxhuyG&ndo%x7{^>Tqxm0^#5gf+5J@Cyx%az&8|d
z&!ogPU7!ESL^aeJKkZGyc^Hevlv7+n@nJF5BF{29RZ_)4&ZD59!qYN9<$c{3^*c<f
z)49>w>J&5nRn>=Kg=?YVVGooc@@QzqzG!)TH==Krn=(9_I$CW9n$|O}46?Dvm+c4U
z-uRp~Ir@~<O)xo}?aqEid;kxHgNNFp`XxqM>({bI|GG;nzPygw)+{pr%w50}b)%V$
zj^hgl`QH~|fEW=(;*~XS3nDy}gB%_|fSh$s0iEZumY3b92VR@x*txY==Wgkog&(($
zULwFA{rBq?)R%(mtH>7x@NELN+_y#<a<)0i`8O2E<Y<QlYQmD6q93thjZc_r*KXR=
zBI%MJAW*>l{Zds&fCkdihFpokA&TV$BG%#uP<sf;-RXJ7M$;FJ=KtK1fF|3{+mhU`
zFf|SiF_*{%?+pSxbchu!Fo9sFker8HW44z^-22!trV#&0AC3gHH2U$sZTaRx#Gu4h
zpBGplzP@p&m4w#|MYFZG5tk+$WmV)+8v`c$aG7%bl`jG)xDIg;=f%NFz?YaCSXn=3
zPbh4qs=i|KYuuL$vOC=i`)}P$IN11&F{mU$QE>jg7QDP884i&$3l(-As%c_YYuxU8
zy$qLj-|dpjsjNu;$PPNzu_IGLw0dJuVNZv>!xoVOg4tkZO9=iihggdnu;YKTxo1QM
zjr)?Y{&dGgqQ5vUi|icj{;aled?_@upS*_IQv-nodESUnTJ$E@+jI!~Nhl=uy-27o
z&;2Rkio^LsV^Cn<6^l`DULkw6ZxY_v@jVL~{uJVwQ_hR@tAvdz;2=l}xj+y~sp%!i
z0sqeh!odOO)}s&j!$Amx#3cI7rb_(?P07x#v<r~lM~{RX9rP^uQLx}+v;DJv0~MV3
zhW2z+4|t1(^upE8UW*?YKhqU?Uy8k%vO6Z-;g3`Q;|UGyq3T4sH~WG%*!!&2=PF%r
zV4olxTF_Gqy=-mets*?+AOAT=jsq}(z&u4G3IfFoMFe-;z$B)`{Fv-*IZAkuW1T6y
zqK;&Con*3y2Sv!<TA9sQ1Ofj%dE-6UM%x+6oFCXmqAv~P?snrrq9@}=F}t*s%le!h
z*@59NqXcEz=TkUX!xbLNcoqzzHm)e?O;(~tE%6$@q124|Ny7c3-*5EQO{Vbln}r7$
zOP?n(4>5xu^c=2QbmCy~JF&AN--iHnh!-9r;kAd=0z!_10e%(fCErg&JPj)GK9l{V
zUW4$tz-Zj8IO_I_>JVsrm5<Sf_YJ#4)eTpKj<O5??B?q$40ep{#ipF4R8*E>xOnre
zhRBhdKE-NcKW~a#sOQb?QhO^#vp^#z!dH4#RVW?Ku+jI<j2LLLB2>F1m4Jxl6X8nn
z>MJa65RkX|VR-kU?TZH%7a#;>fqS*2Zs}tfe%{}lOphG#6hH8j#C3^NrKppYT1-o+
zE3ON=_d^7V94I_Dbs!7#_r7Zu7PG`2iX!(cxq%N!YCR1fV%b}*l3Mx}7P}*;f|4-(
zRdYigbp89BXb@{#7My>Ys@a(Qe(i)4P*v9c5)=w`Z@|Juz(xj7W`lnQwWq1fHRcv@
z6B&I<c}DLkLX}uuF`u_`%<_GE{w<$`arBOSnjY`Q$oO@Q|7fy|#!AQohD%c>qtAAu
z_QLH0uT`M#+GS$wXK%!N6F4ojH2pOqlDZdiM+q!X=7gR=#5Zsy3^DG*CYTaVym<7J
z2_>J;3A}(0<6T$Yj8;WI*;ui%(?NVi4E@EGtGa|evf28Im#$D^toBAf@x)QCPDr3Q
z;g;jxVlqEO&YvSEnBc-gr%HdUj-(+p-=*G}@8A*A7)$Dwm%!>%?&AvW1$Xb+EQ;f@
zL><I6UG?Tslge~+X>1}P*De1f!axeHUWYKPe}}{hjFBmf!va_2-7xxAs?y5>jvMPR
zf6cEAmoOGsr8?li(vgocD$gV#NVk?dnlPG#G+1+FNo;AILKOj_+)9u#>`T7+=w{07
zfHblmMs;lDGr4^3;Ue@hV#a)0SEw!eeKc=mfG~*WvA9hSpkiX+jYd4(!&MaSB#zHk
zdHy9eUKb&oa?07?yWt|XcOA_<CWa!KxD({2MCt`Jao3d}w3Hjs8FtSxwA+DaDPlYY
z#bGrID-!YkXx(8)n~<4W{i2AEnW3SGTB5|K2)ab}LSE0xo#&@+ZIPJ#W;gcZVing|
z_0bokP+JcKee}*7RLikjKY={qKuyH2!%8on^w}`pMyll3Ia39U@IeEkAN4rh=ZP1j
zARgG}n9K16-ssgP5n^EM7amAX^C#l#tDo^lB?je=HT(CvRU2s7)kA@Isk$S?Q;<$B
zi!UAjob4Snz|_}$a2cjjUqF7xryN$IQ&yfWQi|i%Xu)e#rSbASlkz1l{vQ<sEZX7Z
zu4l^pgGi?C4VH4#F*L)?USZO6=)jZo|Bok8fIPQkL;S>y+fD)X8y~l0XQgwxYtL{e
z)?Gu_mM0}uP<l=;&0Db!JMq48*`q5QH1Wn&KH5TlHptzT34zu0?`#ugyyuGY63@%6
ziAq=EjEBBfxZ^EZ<>9QoV|Lb|fJ8_KqW}Mv2ct%_n&jPrg7?u)QW)|HuUBVq<2s9f
zUl$`t<)V|LDcTStl%h$zmkDHn@FO(Yezz;SII+;mZfRv29@(+$0UOX|p)&kmsRf9H
z8f+ks)!;L8Rw3JO%QP>sA}H}}dy+!SOSSX0jGx+Zok$6nxkHf(&JPmOgM5X>87Az4
z3L@L?#=2@<w^1*@KcZ|=n0PmrJD9zvI0_c_F*$MgspHKWs~@`m5Q_@tFZg@cm;%LW
zEURgQwXY=4(>wN)mxYnLkEtwyYrJT|Cx(^Md=|8qz{a%H6sVnHl2ht6!Q718N9krc
zDn4_v<RY_K{VA*pX%laCpZhq?k=L&LoJ&mbh$vrMx$%DC;kHX&yOZ$6@sG8@>RhwU
zNiz*3e_7q~OJP1&j#q5zn~5q1?dYRz&%1*U*SJn?aM+#kJM6mvG5oDqH2|zQeo=1Y
zq8=GBk45kEd|LQ1FG)(FndYt16X&m&*H}f8ol?0(ga9raA<~FjRKR<^%(v^hj3<<Z
z(2AcMo)tP$@z?lLWN_qge~MBLq+mgPG4roz(b0jJI9S__QJ};RjIScJ#$NeYMG&OY
z!0|NsJR-^i*FLe*8IyhX97R^Fg8{MDS`c2`BC!a;8x&7ie(=2o8PuwU{%|8F8BaP>
zZ|yfxT=G$1KB!r0H~In&g5^l?PzoxDgb?z5jKCqt0LLs|WU~>p4W7HSk1&&oZo9Z}
zwc7A|rEx=+DK|>6Q!j<8qxhI1FNg!2K`*MDzpZWWSI1KmZ9kE~072wYPzo8?_`9rz
zcv0$dX{VRaYBLum+6`U$-jYkW1@3<mw<(smuy;HpZK&z1DPCR=9ehfr(x2n7Ihi~`
z@J`T=GcfucV>tkge@|HB5iq{3L6K)ez%OaqP@)s!$BDMK!z8;JeZf4q#3D4Q{alEo
z?*w16LXIw>Wcl5-AGKKyiAVQxnX9R|Mv&~q2}u`}POS8c+<LPIKjch}qgT#4?z14~
zT4wRFAl^eRc^NqWO4Av6N1Z_*)@n`sOyOJtBxKxcU+p|Utwzi7dcO3}R_%mMT9xEg
z?f=_%qB2xqKJ_^h({f{on@(PTaZR_a@O`RGjR2`q=892;V3kX)wZU;=gF+USc6$GU
z<3p6yaoG!E2WTZb<VX-3|5peHyM(I>w4az@O&a1t@c!u*i!emOJZ#bZfBT1W5P%FH
zb*hoYw$)E}Jiwy!+;DA~;InE`@=0dX;|YIX1Dx11N*0514BCu#m%=@^;a|T^heP)J
z(i9To?e-Msjq<YVv!GrOEc)jkj?1oZ108;medvqH%IUiaa}?%n$D(W>pi?38DtU)K
z<-L-@m(9S7pX14M@JD)EQxhW5;H_BYdcPJ5uo5zVzdaTL%*{!W$J0saC|gD2QZFHE
zpTcvKrj<j<u{M7Ne#Nx>h|Q|_0Kf_mk#r}Xee=`JuDAs8i#6W$^{YdAR^!FmeiN^h
zjTnxdWRVs<x~7Kjc*ufaC?n`Ul#vHe9bS*64+p+K3xw7{)S(!;CfPf@__t~L^^Wrs
z=oyuvh|P;llpYAh0v)2^xN}}5gc33Ly^yOe-Mtz3p27JKJ$pgh<hfJsn%?}Ps4<B;
zfRvIe{Dipu_YxDj1Xl@f|G*a&9h{*c3Kosv4K{Kq8h;AM6CA&bf5<%>EQ9-Z3h%mg
z;SS1Rcv@C81kYHeiud)qLP=E1PNUjvj{fp5D#B0(rKI5?gXmFXOP#XhMGLjGw7U(d
z$%%Jr_U_Na1*RKFqKEQ$$@0DEH5jP{@2r<*oI+I1G_kPIJ^x`}0+_4AwZ%;-{a%V~
z$aei8EqrMjX_xn&*qXHv&QAiBj|GzOG_-#Oi&~3FIMX?;zt4N2n8Mm--P8V$aSFrn
zEisbkY<4WNc&It(1O9dfGq9rFkJa(5W;6K|^Ldi+#(IfLu~2?>7d?&n$Zw+Uo}A}e
zLZQ<t9pLrh^b3^~iuDtzS<}jfbj=1|sqi1;1@?Hn_ChL+6i~pJxQE2PO(3t7wqz^t
zJT72QmWj}t3i(xVChM%}CbJqs&Si&Wwz?AT*W_ce>@L!;;*TxfVTvfv4nbETN~)vB
z9b2)XM|QDRwELEZG^M=1{W+#6r@#1H7AFhJzi3nd(O8QZ(UhJ4=80X&QmN1BJEa>z
zq>n=Rhh2lZwIMt*+4v7)wx<1MPTrJU(-2}KD$0n>g;c8TSUK)KpC)>~HZ%V)LL_j)
z;hoy$_;zwq`)3aMW6G810Xh}yH`u{D1?&w&^(x4t2Q{0C9#_%h+x7lXEg7X#ikJNN
znK0)m2)iWskeKH$(){w@c#HhH>C?=59=GTdqx@kr!a1T!AL(lN4{9qe5kY{jZyLyh
zL-U`*yS^)ejunqNk=gbp>U{&cSF5TxfNkTGQkq0gt|YdU_paFp1JQU59zKR>tz6XV
zKRP60k#ezFxrL|gAI9ITI|O=W{ly@B@J6+nIoB)dZ^ZkwtPiKu7BDEYOzy+c_8mYp
zOuKj2<0vpx=0@J!Njwtxaz`^mX*RcaAoN3^M-RJ*cNMymm7eh|>JtG7VTRZ<q?g=-
z;U=poW;>MU9^N-wb%xCj6%{$8G1nNB4ViMEGbGK~W&{IVQ#RH!501OuVAtOC@yoZT
zC%A0?O(mckICnrkyAP0@S`Z)#3YDQ(vWj|2hGvO7buY0r&MJ|a1`2nFj<kD*`fcdD
zX(XGubL}LjN(CupP~Zb_Vi6ZXGc@w6>zO0NLEd=yoKNZFpD{ub&#G&JJipW~E^;|&
zVHma8t2EAjezW`gE!XRTH4~&oYAj^c3wyIqYg2B=q)rz4MR3EcAp;Un;%okZt9!$#
z>Vrcmpw;cW(VMUjyTX!xJ$4ijf2UUUjq751XK8whyT#(7){iN!tCHfyLxg(&{TE9}
zAKUyTprBiLMsP&ZCrAU?o1tW)eq(5%VK%1cE=S~)OjwR`UyvNILF;TO+VGf9@|{<c
zbR-$!f>I5=R54eAbJr=zD^H2gCGdk`HR1}9G#r{N1;tNzy7k9f4EldXP;K@-APXBt
zaYV}<zA-3)J*Dl52j^pXIUF2i(qX^LKom<}{?`cb0obvKlnp7rJ*a||`-q3=3!mq1
z-nj;P&ta=D5>2`>e^zij^rXAl8z-x^Fvu7u>J+wPti8@`JDxlg-7Hsx9&TG7at6M`
zu$E-bU)o%0Qe-x{<IQ{UQ@5#IjEM;`_X`<IBl<n!LW9u*gvDGL*Vhy}gsXW^g{OIF
zjNiSg&FpLQ*1(P9$IVVYb5eoGZ+rYrQi?iB8!vUC93r3}YvcUDI$ow9)>sf|nq6_7
z@LFg-t=#ZCo^iZavnRRNzNTRRkAZ@+ZC=(29~>eDa-kEB%+HBRF1uPNtK^5<(7>-g
z+Liz4AX{2k6mEPc8TnrH;^psr8%Zm&jgKQg3P_TJ$O&TOn8NXS^!HBvxHc!F3*KY6
z1o(bIU72Z=E>dS7t@7x}|FAlvGZ~;<U|2Y@m-$)CBP|qKszkW_FORvQf;?8+V5qtF
zo*Tttwj8m)|62^4+^F4Htj04vQg`jroOpr(Oph%?Iy?PhVIMad(Cp<s@!E#^Y>kRQ
zS|OQT5g(Oge0vr^z8U?D?t-VQw=6JjDRxD%6q=1sM-WIZG@kWqM-VJ%w=R?7k!4;@
z)}Ernug7`EA17GZ4z}fp#!W&v{<13ov2CP)Y>n(u<E$g}DI&ZmwNdkP&E{exWl?A~
zVWKQ@z?Qp)tuVP2-XC@;its**{mK_;l28VDj6(!NMo7C`0m^KP)BC5@Z*_Isj&79o
z`K#CuCVMhw45}ww#G%AXVF3yMvKtvV*OTA)glQg+*d`ql>mTzOP@tU+-hKjI*9*+n
zsw}I+20;cUo^OX#4c{yb2YbzKUzk9LnEiyFxQ5Od5o#4j*o&WA)HFM?3BO-5l{P#7
zI`9)=qtAE~DZC}}&jAJNEVis3|AjdOq(X&3M;nRxw?ZZ^%5H%}dT&GjuTW@yA<CcW
zxb4Tu<?~ZqK90M<S^CI58bkTcGA4=8(@Bm{c=A&Tdfy9q7&Ri>O;I7n1~K+nqP%n(
zEJ5(+sDQtLZ+4|^|BW$!b#as_O<ekk;@admKkrGaZ~(>FnZtv<`%Xw~5Tq-kMnM*g
z-XFRu2hWJ`*=rTa>r&{#O`foMQgGCj!$>{*SxP{;by5e6AdnISK0%@iEWiu25X{}~
zg$w`^=r6Y31vRkQRpC#VM7h}Il*W#xjoO!SDRY)7$&$@8_Z)2O?wkm6WW@>tK(94X
ze7|}aD$Xduw-Wavz1fr<?=j_=HdNWTDVxpcTh&rzqS~y8vn|Gb{o{i5!l-L`^srVc
z<^8Ad0b6Mm5sh<4sp32`drjNj{+rq-m$l=K_eh>efB^XcJSViT)$M&Wo!L-%{yOP%
z<<UzKT%X&gQCC}7>33FG;Ua1B>!zEF84}H)1FCi3vuw6!Z9hkEznxyWt+jGNnC)xL
z<TWPBBX1xra!R<0@L4^bEzDmssLix>ee+-8^7X|8uJc&<(UA^0bRBKAP}3v4Hq!d?
zr5B5I51j#C?aM{}&B=#jC1zfa<9wMZa>x-%(k3h}!$rgHoW|05i=SzIbR9Z>SFhGy
zAB8qk@4i<eVZ1j~tL(S!LMAL5)cR0-W21aQ;J(Dc!FvFMIh`8*iBZU9oZqQs;^|_m
zwtYiREXL}8UF@dH8Zz>%sbV4boJ)W(`?VIAjQ-Oz+?BOM3;Nue5V+lqa5&!7JyEkd
z3$DH56Tk~L*OjTf^J?fCHjsD96p}b^w-fHsO{qDej#+M-lP3{zmnd6oF55wDk4_v`
z&+YwrA22UmK~)i$>2y*<<$AOEd`WYpGm<*QdoF85Z!!SkL8$@TEBL;zCY6=QN7oK-
z8J}26q0}Z1E#7v~dSP><11?817fwtWkNuAmAohgc?IYitx)#>raUV#mE%#BNf3ZOs
zz-2^Ca!$z)m@)B3?|0QYP<3~WL_r7!NLpg|!MTzt3+?v-gu|uA$KBKOJ2`K74@ufS
zKb6>EvHicB27*0$^e^vp$Z2jTvg}GNYC80B2^Uzse_)H1L$^Y|?X6lYE(W3}z8EDn
z5P66$$;S5J<p#vaaG4F!8tJ9FJAP8r`}WHv#N1z6GMTdk|1ZzqS-()w%k%xwY;=Gm
z^x|MbxQx>73e`=Z_*z1Qpzmu*?j-+3NkNAE*7gqL0O{1{l=nvD$_oxbCC46)CVsW*
z_yKnt)A7NMZ<eT@rs5+WOLr_nD6@ZlrpH~y?(`H-&C+>#oVChb7?X>xV{cjkqPfkP
zeC{9fbpeuh^NW~?-SDCkbZ7k3H0c*HmBC|FeL6T5x}-8abi<u}x*xp*h4=>ut*Vhy
zyWv0se(ov7;MIOXnAvc=%OaUJIbpf0FuT!}?fhL`=DVuyD`N#UB4%;dhDd1~dH?-9
zCF71IlF^#29|Xyfs?RmQ>V5dXbC*?1wg&zm7AW3|cfbRIAgJt_p&6;&^;Qbu$3*pL
zeD7<();#{R$JD^V4r$B)^s%VdF1Gw<&#3B(b=ei;J7*M|ES}JZS<3ka4STwtvz2#|
z(opaHu`XPqBZ5qUY@LE*w%LN(AEfCgp62Ndw;Tn=t=@ZWPZQJAl;&?f(%*QTz&AS!
z-zl1OUMOC^^+fclwTQusS$;<96iDHCA&G$Uj|J+0^)gdJ<%9yxuW2%c-k-roM<Feo
z=k9PtKm@8aqwx<@W<c{6fvYaNut==&h`}alxarmB;T=I2Mrwse-ckwPzokXnXH#yQ
zZG-Ghdo0dRDxU8u7iq9-?EdtK+6>#6Zzs#)f7KjM14lc=sl6LQ!L_OpBK<FAI>SEy
zg^db^$YX5z8^NGhomGF@C2rf2KE_A!oR(`#!rH@~VblVu+4~eapMx*N#T*bo;??H^
z`H_|3)x-Ooz(Ef(5ay{<cjCBq+!xfYsjwP<cODUA80`cNa-X9)FGPihbb9`X5gzkR
zZk?6I*-ib|=!=Pwz%a8zy)dT*;u8kSD!d@iLfg}G2v?2HMcSABODfQ^4qd$orONww
zmQiiL-?Xc=DP>Q$Bj7x6*xb@@k>kUi_tY$O5Wb(a(%Gpw!z;i#qTe<y1rQlw^FHxf
z3}A*}qn*M-#`lWgAywd|`|AbFd(2N52C94b=Q`6-wM!GrS~FzourHlbl)Tl(93|xL
zc%|nvFD$&UD<1{AglX?NDMRzHa@$UE{`or`L>Gq2Hp3Pi0#p<Ym9N=J04$*3$~#Ew
ztm6D-V7R_^l7CspwWPkl3E@-faPp7!aapNLS%54O<dYXXap0Nv*m>U7<?&HGaA?z}
z2lGC&!6BT%y18Qp#f!HnpCaU;`3~H}lQ{01)xMGW-;L{7qu0v&KU(zFdrpZhSx{mi
z{!kWs6!>$uLcFe2D_1FGK%do3)fJkl+$!Ni_d)MDmQM~3_Z!uOxy!dG->3r*ANteo
zN$SS(A?8kIOO#>V=e;pN9~L7_-`Fu8k3`CS@5_$dEdBWF5v|c7Ne%C4t_Qh0xusf+
zs}Tp3LlC}+f)q+7W%rFJnRbsqjw;Yt&X+f{)ph*v^4p4{dvR4ZG;oH^WTNUQk>=)l
z*XWX(C(WCXTwHW7oM0VtREBY5cg}KixVv2II*r<##e71^BKhVtD^F`rM0s9{EP0U)
z28nylpn<P_(5gi4y-YO*SPRX1by%FbD10h!aqYy=P4lS~s+OxO$A?`=VtxNc&FuSl
zodUGPI9gQEJQyp?eqt%kyEju%mT@g}cJ02$gNeqW+rVBmG(ib*I_vA8{O7^Az=MMt
zA_g%|uP3O!7rzdBD34Ao2uQ?m1ank8Z&!{CHq=CIs8tn%6r?UElK)=>XMhO8o6~VK
z8}5L6mo7{xu}EYnII}k##^p8qb`dd~a)kkAA;p|pX|viF55$X+%zpf%QP*g|k?*%X
z^fc$sY)_<>@v`~dH6~p4;xeUE!%Ac(CybfJ@-2D$?;wG?vWh0GR48IC)j}hMkP3|e
z-lK0<P^(3H#9aKuC;z}|Y63VQ|Eqpj=W4ob{!q)-@dktY)iBu<p_e{iV6EECA9NwL
z5Z`70A@5i2PA%1Bc>b#B{izS`UEl{`XH>s<%{nh&w4SWuKQTEHGrn{z<Ns*eKPqE@
zbQP9N46M%#@0K*ol*FXEa@$^(e5tt(4HxxEJN;S!*j%n!wmQrM0xg+34v576e}X_d
zbNV&XTI)Fa<jIn+G9_2D4>OYN#GvY-%n4vTEV|aaj+aS=;NgQ%`;Zn#jnbh$?32N%
z?Zry3MBOXBF$J=-Y}_(?Ug~ln=5`wRE#6xI4p9?EkW!3+kke2!EG0a+iHlLa8iE7Q
zo=`n>2t=nl$^UxddAv%|0-g=Y>9-K+>m{=i`#!gu57oo?N9|JNpnyDtwkvVIfs{P#
zoh1<4!la{W>*$3^`%e9C9u<2`;J2~y!%h;YYA6^6Bj!rPJPL-tZ$XU!QIzrNGWMSq
zK-1P>#eb*_$&AJjfby+a4tFrbKze4v03E^tjs}sq5sKRXmjM&$!TO;Z)4|8D2?Ein
zUxl^*R<+d34S{rR#Q*&yHgZKiq<@Vdtl5RE+&1F6TgrSO{5ja0aBi5HhUq`_<8wsa
zH&B5kpi7VcdDv?hm>JsbN6JkzP?l?4@wb(0pyPTgXAmT3LI@oKL}usp4dFOvVw-Dj
zO&bs7|D?7=Fe!dnvcEe2XTTrY3c+&^<%nbhPhYc9u=VA=Im?bwcTEszo}vG5WfZDU
z!2!}PYcG^1n2%b5T97=^#3(F__R|88ZjT6(p2-bBzjqNyaPB_+MFX}$gI2PwWZbgP
z;AD;VB-91@J}IY0!Ms?IX-~4R3zQ|MwjZV;k47xM<_RadSD-fNm|^MfzZESt0>sYu
zZhf&1iH=z$%5I7|jDNuJ?O!|Y0VH$`>JM&qA_4!aWdu%u1XNvX;0{ktHEnrpLN0{`
z;&}cDOS3>$dF-T6ws6QkeBw;SMC77b81UcsYZh7h@d8B(ncH)T1Mhxi7Jvm)eK|Md
zZSo`XL_1G4or<I5{Zt6D>Jf$UY*9j%K+3ZsP&L;VX#_H2W%T%)v_J4Y?YlvtM8@;>
z<;d8DG=8KABpjQ~hlJcauNWR!Yv~JG{pwAIpT=I5zOnHty$Esn!G7@L-{yNGJiSU|
z+hdAe$4QBxGh{vx!p)YM<ae8&mVvjyK6y*dP#W$I0BIOmFcSO?)K*sf_lGR3pYCLF
z;x|G;|M}P7%uZ&oWU=_`fw_f|rch6Jfq*a$y3C+F9?O~CC8H1jtN6Zzd5w&P8s0V^
zOm@&o$GV50EVkrulK8&CROy&Sd^vgvnx=FMo36db`2QwO6skhNftH9E?UAzCXMCuF
zOqSFwd<>Zi4Exnh4eO8>6II{R4-0f>>!Vz00Orw3DacM-YyxrS8B_ve>rySy;a~HM
z27*GX5?_=-7Hc_vBy3u%Qg_8?QaS4<!_%L&=W&^zsfx>aXLWicrEbnYYK6A1wr7%{
z>IC@mqY_F(cSXFj@Za+99@8D)Psifg*@o8#U1Us$Ed3kd@3UK^60ly;RWDUs`wG4T
zRe{u;y`zfv++JHhS?GCED9u}YSp-_Vz*&RwBHp_ONgUHVuPXE;87R-^b~@o-h46Jg
zaF%)L)`WEbg8nh^;j!V@9eALI++fRnZ;=7Q7T*!Jb-q7_x|QVPrTS^Vb`%`XvqlWh
z4P#I?&nF$j1-$1rUkU(nmM6-Kk*{NV)5Gq;y?6Qg9)S2F_Q9(9$F=;Up`i@e;G7@5
z>{9v<A^h`oPvAdnzq__4Dl|Sj?`#a^N+wV4eclsE=QMwKbF=4D^wg}sv4dF=^*(*v
zzi;6!C|gFA%PbIb&wcUB&7$n$*FV!8&vuOj+zx3@c4y!J`eYy*BYc{Q-qM)}-Xst0
z8yF}&T>Y-m6ONZe`0&*|=7-I+O2M<Vdfxch;s>(o*XC?&Sd{A5m9FLyJa_ezkdUzG
z3`C`J=d=FJA>e+@5Jk!#FLL#V^YGvxx4T=4nD;H|c!@?xGP|*|nwpw~RNM98cN5a+
zr_p4>>HW#93La;>1?yQJ15dx!T8{P&4yr^R%z5mgl0Wy@;oh36WB!@W9g)ucW(|Qj
z^$}vEitk-<&5JJx2i^&PqIl<^dz>mND$DFp=Kqe812&!~u>M2?aryI`Qi{wcH8LV1
zpUtRw=xpAHJy3sVs%~?;q8)#@vqYmv-P)SPX0AmqwCQUU$!G+7n;e$#F%$_Aap-7J
zRK@4|0L7@$)^Doe9eZF-LqkJjbnnKmPb5m|Tw$j>)3UPBq*akmUjHC;Uro}nSo@LY
zczf-pUuTsBjfatu>yVa{Uk1m^F`^^kc+ADm66g|>lVv1B9@6^w_~<v;(<U+N3^c*p
zasTrVpudp<E=)aiX!$3TawWUw+@RJ1+vazr-}wVNS?EQ8sg+e}C@CEc%}}PGOEGwo
z<Mp{6<z+Iffed@=alD-9szaDg#q$ENhT(Wxh3*OV_G_vE8hc`ce3>W<uyf5;cc+g}
zmX?<-7drfKac~}pZ}_jnYY@MOYxg;iVZY8=IV&-}?tOo8v_9G$hEt+mATKTRr#FV2
zeWb5QF^wvaX1=Ta!TC*poL4kYmavC*%ftni%(cFh6yneKyfM4&ciwi7%^y`lG11ZU
zn;h2Fw|{+#_<?-B5P-Gehe8HDs(LKwtoUOvPFdM4=)OmRgEXSRO!lY7F*sJ#wTkbv
z+fkw1V@wPT+_~%Pqd_j${RM=qDzP%{PsAr%;|fxj=aOrm3>qvBSH3L;kdn-wU94x1
z*4s>P%rrSr-6Te>uY^(!etUJiGp!T(h5Y*bdMQUd07Sz+%M1BsoP{&m2qyeMJSNS`
z&lJzN@bRk5)%dK&7~D@M&3niLewFD_-=>ZhsgOV6xw8umqAv<*zd4=e^15`i!@OH8
z()y^4OGLydMOzg0ZoVzE-g;7^NF^Kp?Du!%g+zw|(pYaS&*Nd)C70n4a&L=kr7vjz
z!5C6dt2a29R@qqoVB~T=D9Z9W`pJ8Iwbvez!dH+eN^xj>#Qwa6L4?aboT13YzI1(O
zx<OhqcJT4-GWlK3Vpm9nW*yk~h>o$B8Ft|H%Q#V?YKp`dc=6(yITM;Q>W)1fZ)3b9
zdsd@mx$dkQMBR-8;p@4*xmH21>w{h@YTp`|<$T2A^KLWZ`|-)hlqbrKaC|V9AXInJ
zd`?@Mxs!04o105#$mV4GX{NU~9k)Tj!Oin@CO!YM%GbYH<szP9rq!e2Jl6b82o`za
z+Ryh9?dL~L61Tp5Cf$&@hskMamUusx6RT82Z!|yT+Z~`q)7jRkx5ZHVdn(7>nfYCO
zqt6bl<-m_S45dKKMJGd0v?N9#ZQY(};<Uq!o$i(UYO=fVC4ed_vByLW+rw=vdw%cm
zO;aPTEEfNJvD>z!yxVI*U!Rng+sp0brmK@}`Zd!k9Zep%yO+hUdZU+I5X}kXh9yR=
zAL1kY%ZsWkAjO(sGx~_z`Nx{CEa7^V$3%&mf+tiQZ{){>Z}<u|yR7!(scF9694T1R
z7YS*!U6fEOdwsCflc&!3zM_KtlX3g=56P3!FRxk;nZJfoym*fA?AbHTis!;pwU!CR
zznO`$zpXlWvh+6+SLS1TL}L_w_@Fz|n(cY`Obs&?i4tA*Ha|KfBt-7PdNCP6@Y1oG
zw@=Oa${D8)@fw73&<Jcm7RSxHoa0AZ^kczaEhIrn|Ha5}S^)HxQK)%&Q|#^SrQCJx
zes1w=MShY`V$x=Awp$M7GY=g(6PUATeC>)r>a}jw;d$F&GhM&*V}Abjly^z)aW;vm
z-G)VX8;3Z9*26Vm^Qutl0MF;=H)rz%4h~%LKE^^vKR6}0?9EK@KT4ZD*x$osljz#9
z;cKmZ*%cf-kIwQx;Ui4@$PcR0z(MCY%r8`Z;qHc4LGFYO^L(?uf(j5<v9p+I3P|=z
zn>g>zFy`HoB9$37Ra>xj`A0{gD^`iE9;-xCP02u3=Z{Wi0ul$Ak1oV(dpo)??`^d!
z3x>!yr=-k4ou?WGN8q|-!k#hmP0QEj6Bo9JGLqL~5P_7Hm9}<rA89N}QH(>dFDEPY
zc?PwP-0D#P>9fH9POXs~WR|mOhccK*(-)BsGf|pE2S=MKo*u8F)S#hUjwp$s`w0bE
z<3G6>g{lPD8ZBbTG%Rez6c9W`VwuzI;R$IYslzku`^_P5Cdxl`#}fW)sbG%<I?zT-
zTcUdy@?X4zvMOGTC>{9^tKSC^90D?E3oSa70>1zEll%YVAcE!6GMHf8H?9Ats8N7l
zJa|iN_@7?!->+yPU_?#AV=aeC%%y6g4EwMbst7Z8(d{iQE!_lv`RxqK*wj=xkfxm1
z@D2Yra00W|5TuuBPt7d8C$lnr4p;=U#bZTKd<H*1m=_bfLu_{3lyKRb8*k6whr%{C
z6Y8ts4{h(B-T2m_F5dAF{_Sfr92{!*#X75Tv`E;VI~WnJd(AwPZPAGSC#xI>Xs0xq
z5XaZo4Pw~lnfCPQ(_&DWR(5u5vVvaHf<31LEzcMt=l=j#5#U4wg3!Te*8_(S011%&
zV$ykR<ZY&E?cNdU0-=ZRC^+g&nP8H?wsC?XYif{@UXUT^lpE$AA3FkA!gO(do@)M5
z7Ztpm4!oTEOXRcr)j<Q57dv|>7UmG6$wif6xC4dE)px4iW_ymK5~lqq0t*(1!r=Wo
zY}f*C){>1x73&Z}`~X?>I-8Z{wi@FY?5unQUaABZYvoUr@b{$}uw``yMTmE_qIUQ6
z3<KphBOhNXnfLk2vtYk*F#6&H&~(Vs^nXxQ6V?t2m?**_tWnyYY-xd`encr@ktN(C
z5A!%^p#I2LLzqV_5CW_B@+~rf52Ol@i77Jr?5qZ4qd_4d0bqaNvC`nNjE0SWr3e2T
zVZ2sEKv<)QO-hm`V1G`-&dy${S5wH39|Th`S^&w7D(6@#1ZL3tYGepOps>9>ww!A7
z66Ci29ZTl6f(`c<0RLwX7z6}z4=TvK>oVr$pPIoxY?W?DYh#}bc-^;3iZtJOvR*uK
z+)%wd=p`?)o~%}uY<Jqmzd8KQKK4<E{SesY(t8HToTy?mGnEL~455SWpY-b@R|GtP
z7HS9{?D4TRg5h6>CP84s4g?vzfZt&a_cPIZ-gkunx#4;kJ!2>2w!-zg+G(H~sWSVH
z&!khHp&_|5StAS4QO;k!wVs=sQ=W|hCa^#RDV=?)*@=19=k8{#$-z9o3Cjn#w;^!v
zp&k<7P1qP6IB*K2Q|Gx`(Ctz79mJ*WVvQssw*TkPf&zt<k^Us+o<ZH>Dh3wgwic%M
z4R*^i0xr9xTA%cjF3<K<u0@&56(1$GwY7DZIBJz@+O0W*unMN8kcM37t*?^-B_kZd
z08FPAj1SX$!NJ==8a1H+ai=I}@V%t{@OG}{8LL74hkV(XaIB2OK9cs+`McW`zNfvv
zN;K%*FIH1Z)beGtYac!qkOEMoh*~x}w0IsM1$L=<042N6$i0rSwaN|C@Y$cUl+qmv
z4T|2iKm$QJ&nNdj_iMY_6*TedKOK_98ct9Vc?R63E>s4;+B3#<P~?iG&SqL0cc!ne
zF9(3wQ2_NUzxX3j)kP!i1I)-EENm3{#O=^jEj1u&-4h&m(7U=f6NRWabcqaJTJL3%
zYZ^KIK761#kR|rsJG_Gb|JZCbRM7441N2RNRqC7JyrA>spy$@sWzcs3Op$>0W10=m
z&1!S6{Z3gJgnD9@p{YD}oA=FSSTRk68h+aF@UZiqc^nK*9B|_MvYf8`%9R9dwqD~D
zG5Yi!=zES~5Q5xp(;Gj^T8KR2Sv^4WBZ7M^`9F7G;X`fX;qDHoSXq@?=x?sCGg?Se
zKoB+x0#|eKL8$Zw77>1ATS8$<!7}&3gzX97tGWtJ<N2EHSJ6N|3s=q*pd~i(xjC88
ztTK@%=6K=TsQD-wq{D*BN{$GMD*$I1sHprwpCY_;tjg0wk*Kbt2QAmH3tw7Vf&u-d
zW?+$w#@`r4{`LZlSF{Ahq(-DX)~P)@(OY)n8AP0~p%MB#r%rvblqQDwpL)S{hl$G8
zi?#R1Aci9D)+{Km`oDHQp`nqA8AS6$fR|TRE>wEYqb4Ti%W(U@TOsDKbSa5G0TUkj
z@*o<rLC_88&_9IX(1#xd92S$yt_EX~v%NK_w@!l^T9cYB<0?KIYCRrNINtNQGx%U$
zowH(*VMA=C=3nWw{fmk=kvcd7d8*OwRoo?`=pe%^dqG=urOiZnrZm*P-)gi_NqVa!
zBm~7ydPJ7oD-l-M)pviBE8`?dl}(w`)wzA(h)6?SSy@rFvSOkNd_8AchKZ;N<3Fhk
zG5!{ITABrWaXy<VF16o5gUIq<CAI-(sPtqf@MamKnQr$1J^vYKs>VyTa5|%GPXA1D
zfzImVlM7N~HSA7>6gD*ri(;)rbz<L91^y%r@8@cz$xKn-EFI%1{)`sISjfIKXmVWa
z3_AY7IT-p9+@4`ZEUYb*j=%>lg@Jf1PeDr?#AE$i?DqC{tj1iWwYkKj9ncwpF}K_;
z#m-SJHQkj<s2S~v(u^t9-9exHZz9^^bvB{_Rkd4>`0y{HXwroCNA&;B!cL6H&-S@Z
zL&hRATyeG|W|W<$5$~J712ElI9%>&L6Y+Y#6$Ii-zYE>-gEX0vyL4R2T6zfjwoM;-
zag!|uNl~@ED6ca4>XV10d@nADvXr1h)PA7H#}VyHV$yn)2h|pW$A2=7l~GWqcHnqu
z-8@SI)cr64Vu{1|%dyfb@`JP8w?J*fxMs>^BWxQC)C7{(t-@~}|6%_vJW@^8T?bD_
z3?PH`BSRqTv=u~P!wam}l3F$2Jing(5`a<yAf0weu6=Ib`W0Vu-+EeO2U7OCctlF{
zr_o>S0;4rV`0abmp%LLwdr|RnjQ+e>4HY-*=%t(EQ5CA62};i~3X2ofHVyM^YCJ^N
z`y`UC$or$HV_Bp!ZM+tpRao%<s3T;s5ra-??wzLyfi@pJzK=0WRN>88o?mpe$&+)_
zhQedh3A(q87<%Wdlb(^u)&ly)5SB>Vh_0|fXI~D-<ChL!oB;RX8_fty*g1p<&5r^N
zzr+q+K9kn_u$9g7V{4*<J-Jg&I-1TtG1`Ys3vqRWnBY}h_96+tJ&oPg8tC%bx+x6Q
z{9{KI^;W9v#7Wv>?$&#f#OamNX`Zi-X}*>GLRS!3?YdeMWw;SMEn9gPgeuV%L*n7U
zrSbNfI9n&s&o>KorqNFFdN?rKiE-qUxsTBz33|HT_dLtl@^gtIER20RK(cL&H7WM@
zSCL<syyOF8XzUw%f@QgdL?l6UJbxenELO|hO7yy+qopy&4KHwUg+`H(t|j~H?+v0M
z=FYi5Zh?0-QiFmdF<s*V3K{;Xp{1s`^8SRe58hHZvwijNYI9PftF4a}QgtJux90%>
zF{p1m$9D;?EPg#*FKuk?72l8<+g-LpB;gzxRMA4rl&xSY{=M@NGJ-o@$GSBr3<?0e
zKz*$J^l*TF5uJE?Z0I!CiLpfw?w}o9i^1(kj?H*RlCPqsY5laI(A?lAqX!dRvWCQ=
z25;C~Bx_8B%hx@SJFmlc3khnvI`g6UH_en2-?PdD13>#7A4C{IS;r;=!1SXA(@zkF
zUBp(>f%K{60ND%l)l^fx!(2@iD@Kd{PnW+&;gD!*enh$D&psg$^={#dpidi1%_8|x
z)3J<?{pMF$ZW^b#zBGhZbY=a957VhXkr7E<;39*ZASv!lab;{|AXCsFFUE5Kq-`}R
z)@=7J#^HrI9y86ugYWF^wYaT|7mayLAmo*Onb+*Qvp%kYqAI($Yqdol(NV=o{VC7j
z=L0WGApY;}{Hiuh=#`Ey^Hm>JQaQ-f?$y_tAW}82?eDDGC3QcxH$zpouzwAyS^G~!
zN_%XmN_cNmt#NyJB3AJQZU%tVAaV--{4WH|@Kpecl}Q9;z3)GM;EwZu)GVRupI7*b
z#Gd7`%WroZLrpj%m1Ur|-z2=N*QX`QU;0HDWp#)8&qbG-5L=bc)u|13Q^MdY4`ErQ
zb02#a{0Neiy;g_y=whyZbDYWZvJYd~m0Z@g?2uw53Q(f2?Rt89LoQEuKAt)T6J?|K
zMy6IzQ6cl!**V^6E29!$nD8HRzZ>^9v13TnqYkQ%6UX<<ziOx_dFHg@_u@4W3F@lb
z>EW`aj$y?~$SzpgVgeOZ>=UHFsPb8dt$$_lNfpJ)k=M+8j1Az5^7ebS#y|EDkeuOX
z@V?7Z2yd`;k`Z~|mn6?$m&6LdZliH7wZzD`)}B?096op{2s+g&gg_R#fJ+TO08ARK
zczcE?F&E`1eV(0yX^EQcSC+3quNwEGO-b=qDn^Kl7TWmDYou}Q17oR!UPo3YCnx<n
zlZ09+ksiTPuh;>iA}z$NiCL%o1AUfj=Waj$$k}?fk3LfzevIrSGXV5#c`5eO^)@62
zlTw5bLcfmH?<vwBGCjO+ci#DM`hPFIf?Xg=Z(qwX%i^y%c@(6Q_*6L{Q5G#lg~TG<
zf<RUarLAVhKa4sc<N3$LDh5))SFL7^YF-9I#onw*#AM5fv0z?;`el&^fCs2*obM(g
zWsQKtS|o$#7jsnp@dS@T?l->_rO^4ue`<Zj?gRi<)!DhepvolzpVe^n;TjTXFJ@ZY
zG-_Q+RCE0;&X#sxGh5wGwsW8C;g<0wS8-CYYH>GhF=W$oH3NO>i2d8xL49w5`j1Nr
z`hO?FQ|w=*w~Cis6}Tu6UxrmK(*0dXk}o4tZfQ41qXJ|fWiL@dPut;YV*jc1hi+Oi
z1-{Mkk2=!0S@}DjY!kCK{VsxFI^f@tlU%%5Ws`4omkAX&wD?;5wUtN@DqrZRsWq?~
zHTj-3=ry?S_2Jo|GZzz&#yO_AMYv5j6=)e0LH{shN@5kfT6rE3rhqs6KqSS?pmW|i
z%2On?{rrJ_5&ns-vRqHd0)V>R<4zYpm~~K{UC_x}JN$jA4O!5}pSo=o4+ljV$}wj$
zS$)5I;hD~-()U%Z6Eho2<4pud`2)~NJ@yS$fOTwQuRtqA{Git{2xmbKowsnUVuY}0
z?0~?>BA8LZ_v79z;0E(L_W-w-_;}_;{((dP&ZFOr!`FXMu}jOv$Y{%qx+2b5a@9Vq
zx8v(ERhJSyPCU0o(k*GHE}A~vLrHxD0913Z;A<E__sav{EM3_0!{hrKrUp<41nI4Y
zuYN1CGFw86wg!WqL~q&<`?oVp$7HudKcs0WFp{QC-geoa{?P-S2q`#al_oz-zIdU2
z?i`I!3(nm7Z$X$1>KrCM!qMkP0>2yQDJmpwmU(cQ8#1Azgu>0GJj`{yArzYLIllf?
zxvs-n&p`|q1}R?+iKdm7*2Ez?OsjBQ*uSdz0&^=Gb@8)$qZNil8tYFtbeCx3Ox#%x
zO#HUbB{@^Jc@NW=gJM(M3E%EigVLZ@Yzcs60oh>R16w2oWt-O;f<~H4G%6(AR_JJM
zTH1A^(zI`9%CZI@Ro9`N<^$yc(Zw)l?H)8Rcus^53or<<YrS-{x~=RH-;a+_B%8F(
zO66ueKYP3n)+{R22}`!!HNn4W+vEB)ji&;x`jvfMu%JxI3Q5ZF#Rc~w>RHAs_U0^I
z4r^tV=V3aml^2g&H0Dx<ifwRL{8dZZ0(usg9n~0_!W;s7hSks3p@Cb6JsYsHq524X
zGHq_KhrFWid)K2T=IFI&+V$2%#B(2sFn6Z{`;%BTma0~H=h_@nl5Ip}<|{-MU3O>c
zu0!(!J%b^br3%4mB%^>vO%)OnvH;@}T9R%Wmv89(W!WW|=x!uIl(XqWjg&T+vKm=d
zAGO~<^iXw=GPZVen`prfUVe=qLJ9d<ouCT_?!IZjCDJW<o!ap6174ZS=of^FT)%*8
z-EYvQjfUVim_`#0T$zdP@Y@gAGZw`Tkdecy>5>WwinfESy>S!<p^Rfjd<n{_(yjC7
z-$eO^BK;aR^W+zhI;`=+Y+8^@=JuIp5P&2@6XWmjrT~CtU3uTe*(V66-8tHuCVz5;
z#-rOq7#ywVtt*!5aYS#96D$M|#xzuttf2`rt7zgD!HL6q3TGoDO1<40IjehcK<U<U
zKmj?a!rDiGHTf$bo(_bHl{>NsSNsWMgv)FULg$_7L#cS;#c>7NPhc%g`|V}Kx#TRM
z0r#%q=$iA_8>RE6Sf|hSPN|LGsf_E;S0sml3qs2xPHYKZ6^+^7?pG{IGh@tDcO7VL
zAIXD{+(mBzx3m6A<9A!{(#yR2{WJ6WB21S<>hrT~NUWYV?9h;$W)-GIoasJaqvA=B
zakLF%m&r&(TEr5)ra)Ze929!hP0O%WBXn|buVoL9GWsoM$e6(Vx|*miJFCU#70@cE
z<!aenfw68O`xI-T+y5?WTsoAt(&a~EiCc_i2FwE=f{ny2)@H}QOs$aL{(daNelE2R
zO>wWkj#)lFskp#Xj=KCZr3J;o!RZ;pBraz6HLR17T{EiQET&y5lfDZ4v(0O{Ao!iN
z+|Ep6x6YDl**m{}TlKTVN1`bwLYr*#BLZ+&ZvEt&!aps5V3-rY0I4vkQJS-c`I|+}
zVR||?`rDLGDz4C0q2egEmTS*%&%<XN<j*_tWWi0YP%6%cyFXy_sB%&f&&B|k)T5`L
zf}&bFEmV!(UEa?2Vxl{r%eJd~st4~I@5tv{5>0Yl=Z^;yj0DeGll1=IK3b3Ob`W~$
zJ#Mi}5)&t3L@VDqGV{K{^0=rS+o#x^(+c%YJ%Hg0Tqtx+G69{08~uZ=W9(puov3g<
z(0+xARuYc?`k$r`?d--=$a3IKtLFAH1AF(YvHmidS#u9>NmwXU;e(O`yMM>^U3ts;
zas6-tmW;5(jERIw{YeMWW&56sp5ap~w5(r>faQ^!@m>OBNBkZ7naP#TVE$q)Lm4)!
z7AB9OV7)GkC?iv>mYNy$L|N7+HYAU^nqzs63+Elk{D&|;hjPP?6DAUvbk?Nbj^oW<
z6L~fBPBG?mEyZAC;hW|nab95bPAo3v3RC{|;=rsD87;V3iZ896D1_51ZQ7U`X=<2z
z_U)|_W{i<HasoluOk-c9`d2lrHGpzc(!)1$)J+w5A0ocoJYRhKw~E5B9I@sTx)Yc-
zXi~g<V}eSq3Cmr6Y1WA^Oyqk0;S-u{+L`^PDr$E5YDVia&{htEftTg)%9onC5=g9t
zV<)8agN37^j2Gr(|E}hAo4-xz$dj>pmka7`=<K%-jsk8x0p)XV3cjE>R#c;Km#-^D
zZC@7Kf7O0ol0==&f<`i4QV#k2ZGJZg;Op<YK-hwFBm1%(Q2!hHx2ca|5&Z|uq`Mt*
z`QY7%jes!y@~qvRNhBoxL3Boa@PN?|L50xp{GNnWk-!=6Jiw>C&3?)>T&?t2i%Q*s
z8Cj3R?oQ~oE9lWzDqAB>gdK3pu^ibj1Kd@~?$(KL55MRrS)~@yx4~|a50#kiqo_bH
z$?MrEcNPty7>nk9{r3u{EUZ$=qfPKDie<40lo~4#&#c0S>^b!W&6f+yDeykV(Kvfc
zE|-v{Mc2F>UT5)SeW@pc5sWQ@A3l~RBkK>vVZGM&czEG3=wMfcTb}ccaddzXJw0gq
zmE~$ZPV%%a!_O>eu5MsN5Cwr(JQJMYGCBGPxW^KH7XIif_AeMt%8TtK9byd3+Qr*)
z+_C{F)-D2-F)#eA_L1O+KZM}VJ{)#iz>3L#bUHJ_%qzvxxo=6*B<DJ#+__z-1RE!l
z?*n6ICZZy~cc9VRuKgfV(?rJZ^p9Lgaw^C^Y-)thlnloUHiR?lnj7ujp<VHpdG@4l
z=?zG2-FH*OvfL!UN|bL!vXaRQK7gy-4r$2_u7@6cH})f;55q$>J@R5FX4^G5POPV6
zJzI~ws?SWTp@vN-hzD*8O^b$=x84cj(5-hW3)nEk4X_81YNBsTbMcv1lEv`KZFqFW
z*B35f#q-+=o8T^kiK`|FYx-fe*>?td`Vc@nD1y<k_A3PpVY(t?<%_pPNyQ2H-RtNN
z9+VCCnXS*@O2{yIQyB}Lkz{b@rcg1aXAochN--$Q^C#{3GtU^<DfvK3s)l3Pnc%ZY
z0=R04ll+UolT{X-|7WvPrBBIOq>oDrfa3+Cxt?P9A6d$TnGLe_l;j3#1?U-OyG-my
zY9334Gb<W{>T*&?{y$}PD(nwvJdj4+4;e^#EfxO6Amn_sb~uJfpiMuZRp1SECZEGI
z44BL++_OXLyN*tb2LMmaUROK-JjDRQb=}Ivky{k7X5N4L(u8Cm?>#1y0%CjU@OC`$
zRhNk>TPok>SCgUdGNyRkvf2YmlxQ~jsRhCw-%VnhK1GGIs}X+`&er?zRIotZK%t-P
zOb<vmyK(-`UM^wE$9CZ-wX#4#pL6l%VL12k&QR)e;`3O_Uq_QFpDjn*q!yWd&ev*U
zIIa+3QiaLMNiN$3vBP5)fuunrLi_$@0)>2OKm5ALe4~uKO=~rxxM+UP5vp1~_peDl
zHq=Q2=Rf240az*d^k?+X!9cd%3TNc?mA`>%u^Gz;dXZ^(pA|Lq%7kSJr~oPkjE(g5
zMFz*m?fXYr1E}Hld(($Cgvq$N5APaIV^<{^5nm1)&`CqU{9FNaGQ8clrJFS9#NN9$
zQ5vMvydRm>AM1Hmg$g*ab;a9%W6aAy`}XyY2mKgtxcUCC4}c4M_40!&+q$k*431oQ
z@kj&>-LV75_WB#v%HmE`OuB@E(fIb$5M_F^SBpKL9+Tpgv1syJF<#L9>=Lo3%)%G<
z_D3Z-idDB-ojIS9acW`p<Ucu8^<+9olQ3AGi@Kh39uwuxCUPMo@gK@`A%6pK><}|x
zSX*}^#c$%#JHg$mQD5aR!MfiD!5vNBGm$Y#D1NKiN9|8}pp8?#yS*u~8ZQn0ZCsbJ
zg21}%++%<_59I8^IN16tzyWSv+MT~Lwe~Y%G+a$UFT^!JJj;I+Cq8{)O&t{7=3+hV
zxZlW<;ZbWN2mT-eenXjw&j3}@$J$%6Obe&v1oTB)8l1dJ-M~^KV0&VHjK2duS^y1n
zO&lAC$>1+ghMuShNyWHWTSHXacln+<XkRmWIvq=XqQo!sPXKdW$L(LNXb_0)_Sa)l
zw*;N-6^41B+m=rX*Zb`}`KCy9#(~NGT1n658Q#6D({D)yF`^uHQPED%!Y;A0_$a#G
zBsOSko?1fdVi_A<@~tFgg$SBj@j3OvnD6~G3YMmTbXr1*<MSYmy|_gnS>VV3%e4JW
z{He|iip|-i(iJn{p^X_iITOfyuI);n&o-MBey*&F!m!tT14xWgwrmZqi<ztzVoS9i
z!xb-V{>#(N-{qwjy<Uj4?crOi-w@KJOHEnw<~_>usfNe$@Ehz6NPimC&D*0E%{&!M
zJq2!9XC6)Tmu2Gv@Vf`Qb1;*Nf*>&9^Z&!wTZd)YwC|#V#6veow={xumq>Samvjiy
zNOyOKNS8<`DV@^NAdPfN!=A_A_wBWgwT`{tzjzO1?zyj-x#o)VJa2BS32y2adC&D4
z`D*xtz@8LH&CZtRaa?g*gcR8KDzfzCf2D3LtSt@CZY8IW62lL9M_AJMMcaa@GL0_J
z%ExrwMXo2Ymx7>4WnHj{dVifGgM=j+_1IOal))dA9M0s~sh|!p8OZOL*dVR@F~RDy
z#8<F<dGDZ+x8nD52{ZWdILzQH*LL*D<qV}s4?Ml`U!+Q%`q0U#sWJe-*xcCI&`h_J
zM7zTC0RjaIgthcOscK@bF1@XPsa(#aNlMHg1uv0id`UQ+Lwe~HiMOWZzm4jC*ZP`j
zY?f!K6s|1v+PY=ev%<7zUVKdg4?~yzJ;hI)@<(%RC9rYWo#cUd%`;eZXfx*-Hmh@X
zz<rQ)&;kgw_T%{c>QQR$cdR;8)^CQpo_mv98ti5seHI3tqOI+1)g1o!1Kr&c9*<>z
z;_VYskDJRs!{Q0#TxN{nDuR??i+gb;!$qVa(%9u9rpU>zae_y9YyeAckhe`UVx9e`
zOMO+euDVx6z1fCWKe!?I`;fGtrI3JB=z4uReCZkjh_X6=zAz|_`)XXU5LFuv7yn4o
z)b?57atzKoP#;XaS#<1}03Frcx_+`EC@#qkGiYVz+$c)@)#N&T=6~W0=WkWDYZs$X
zs&!tOhJ4>IB~NEUJ^#%Kv4$}Y{C*|Y&sem~v8iVu2vE;ucneht_&5pRu*@uCOGW|D
zu3kb*0W}>$g4z5{l{L1qdKlRSPj`N4Cv_UNdAm~xOxc~F$MgpPtkhfF?aQ_63K#Pe
z^GG)zJxFBSiwDOJ>uTo#O+QND>?(g@2eDY@TjCCJ{rOL<h4#2j@mm1)4Hpio=47>_
zzEsNQEqs27gyB*w;K0QLSD<IlgAe-I#+YE&BFxiMf3x}O8q6!QyEKJINGMZQR)&j(
zCFbYn_jB3qcg2<pRN^F}L*L%Tgt~^eoKCEihjP@r@f|n~ZCdXy67VnII1{IHL(RJu
ztphDVbP|Gre~x!Gpkvhvy}Fn}d;lc@+OVUU+rkT`**|3%nmV5i03|*_X!`44rMUCr
zPoKsw_h$!JSMwM(CU@G)e<%!>=fvK=dX-2e(o{kxMlUkPo393mIa(c>*eY{35O;aW
zPR+fzTmCM|)EKJzgaHdZ4!ckw{NvvqTr#w$U9Cu^AxvAsUmIdXr`j9_)wVwz!)zw{
zsJnPRMe#RE67x9FC=wq|6op9>zelWppzgoTka%BbcjL)>b6x=+c_mqK9vy3^SaTY6
z8b%={%HRVIUY9643G_+yqM#)V6aJ!*;$uV0y3Jl-&N?FAP+Bp364|Ula(q!xwu{I4
zFZ;C;`{K6;6~3^l!SPd)z<nR!r~mCQ9+%^w>eV$cz?DSL9{V8^v$B=I>Zx}7U+#Fj
z(ix|`rwZZCjhL{<;LfW{W1p3TF`@OgnnMTBJ|8Bo|F@y3fyGG+f^B8rh>{V8ThE3+
zUYajr#}xfi$a^&}m*A}!v4%zJmVE{~VBuL)9{ax(I7>Vblk$S5k|@moo=K;vQ)=aY
zF4L%a<2j?|`AW%i#-#0yW=57i=FphY_wMt9Aue&u?}@_O|G*P>;AyAkrEf*aG}dIA
zGsy{@#)F(?{1^fUA1U~EudAKJGP1KtRFwM+sDix&5$O)og~Y5E)BS$5JPg#U!uRvc
z4>Hx)tbW2GuWDROH>?S)tvyduWF<`#_#f$mW)f(a&I!eSz?ggFiW_Dm++n%MAsQVs
zvP!y8o)g7nwC6TIQ4p7-@;8x!_FO@|)tG7;t3j!ukT1k%NAvgnjEh)l8gkJjBZ7jy
z36|*@S*B8JeYPsAMa1y5a0}hB*sf7`l%_nf^~XvrvF3luBnpP{{Wm4gJ$NNRiH=aW
z86P@{uTWAWnpIN{?Y=H6THcq1vmczF{LpSc$P<(wsI1V+ySO+`=(#qIM{uO|+~2QV
z-pM??DHcmNgPWY3++Ap}-Q3@o(<pD&ToTxJ{!^2f7japBK&h)}?aW$3KgP$%^H3s`
zx_xml8>(~D2HB!Y9XlNLtV&~45&s+X)Jb)DnN$+><w>ZY<qJep(a86(%)R`2ZG`pQ
zQwl#whtJa=SNxT@)o#j>E~IPnw0rqq$c_N+LatI%c_!G#vLY7Zy9vZ1eihm{m(0ZP
zx!zgA=^ZiX+42n|!;-8(=4oOYqeuxL|F~u4<v)R@tx6CAT68-}*nQJOH^OQU6_ems
z)=TTfc%qrIqjBEiw(#Crz*+>2iwJ0RMD&w;s8`rESs7dCoh0{G0ylm!32E}vM@d%s
zd6V`~;;As63c1lBA1<6QebJYDPOlFm6~2UP{YCW0Wjs{-v-I%4Fi`pMVA@bRM52`T
zi~i?Vv-wTANOb-&jOd?1cF-?!P`Kg0C5bSPiAO&l<hj-bKLo(Gz#}J=ln67vO|_%_
zx!hX?koLOoN=&_Z2(pl%eWf8h=BG2RbuPM}$2t6IHdxLjiRX`5ciZ59OlZwF&xb3#
zhK!5=u-vzfbKxv;vaIM#eWGwh?X0|{aVb5nril(7L7l*~PDM1gd3zP@{(DhsYJ$SO
zu+{L-Z!$=Oo~_q%<uBg}Xo8x<L~=V&wUH|M@&3P6sDH`kKjH<bPub)JRMA)Z8PR%K
zC=+8bC{OWbo*n01scZwG2OA0mIYpnHpE=3#@uH;sZuy;^orxIcodSG&eN?uCpUv<m
zwudZg^9ira^#Cc)sFe8ZT?cb>Gn(X8?WB~u4(d;XhSjcuX4$rE1~%Kl6><26RFaJD
zBv7XVmG_2heAfbYq1=BojBzM6-M}HrGv^ClNb98Vni%JOou&F{ePJO=2cU(uKONSF
zD-NNV*1DyG5}>q>j*fc0rNY^n%jy8Kh!#6w=Zmn;xV&w2Gbe4yk~H1{?NqhlTl8Xq
zML7=^dq;84F|of38DHh91BUDc8_9T!%6QGm^$_n=DvbS41rWE1V8j2<lJR)<Gk*#a
zz$0SpQXMQ3MB6)iCbYtyUhb7z-8r0cpnv;bisYeni`QVR%|eG<3Lb<UPP-Ccx0O*j
z*QyO#=!J!IySlp>=pp2lp8MKvy|l$@BN4cDNhD}y8?ucd#p(EsTld-A)jNPiS{8lZ
zYx>z;0iQEO3O33s_*&=+R75I+nM#@;T}5q6eu}v8?=Pj?RjIPgHz^q&sIFh()${wa
z%U$=`e7o;;KeG#+QqjgA)*nq*Fr8uS$qU@S&38&x^y>$zZ|2m${}D6>pxLOi6B5kh
zvxf-}f$%$+p(=U8!Xta4$?gJ}>FtjT>UDu;Ayy7ctqOOsc_qtrgBN%0Q*Kw)mtUG2
zdRoTZd&0!w-HEZp;VHfwL;S{KGV0m`L@i9_>g}oDk*N<KWe5ppdC)(?+Ru5Hcj^e@
z8@s-|=(-z%zq6TUpoGMHcRe8nSMLb$)1$2|2-;cp@Zx%D`*#|}2n`i#2CH`iP2cHm
z)T?M%Wjb7PCSTVxFdQ<{=8k>hDAPhVus=Sb$mA>xg0X(l-7Dn%cN_pBN&x@{7aQ9Y
zwPdZBqO;KHU_^R7yg&#?(!d-~Z42JPu4ZR|R_l-CFutJv{{h<p*HkxQ{Q$&CcJA+U
zD@kW`1|fNS(fhTOF@0yQw_h{pNe=-uVFKi^Wp87M+*W<BQXJTps*qq*P_53{Pjfe(
zG>5cN&+a1i4D(e>RMkg?(BTTcT@h43Wd>h@?QC|GMcHO~$^%IFx>jnNlI<^!4!3s>
zWtJRchWiA}Jh%2Mly&<WsE)VlC8_Tk=ubVFt$bc@GysH*+rb<=GQe5CRLD$sj`*xQ
z^}Q4>v%#&#fO6oNCl=z8722iC!G@~HwB=4j!k$btK1^B1<^y<2l&B^Y%1}O>Ao)L^
zD*~dN+eMryPZ~)&UZLq<ypl0vD2<RaJaYb<=jG-)d^~@g#4{zA>O?m&s_j&3cpe?`
z14m(f2P<4cV6Vucm5PBxPz$*!-<MO++k3;E?XwQT^FJV|2jRH{Kuo_sbI`BGgYjEc
z(5Y2ZzepzT=m*{8PoM)Wc`WjcG+K%2H(3YI*2~MwjnIq6_4uOW`hF>j81)JT?%#qS
zv|HkY0yK@iz&t;%n$EJu%bokzF@G0z3zXD<Qv9(VREFPI7$0SN($U!0Hh?+r<U{cH
zcvY#cu5SAKds}2QwD<RK^~(rhyshAMAb@gIzUv(ezp2&Hqb<3~_x@r-Rh@JO75k+N
zG!aWP?*9a}iZTt<KosRz*MK<6TTjCiD_e{CHHN=*J9xB{Wa66gb*f*Su>B<t$fDN>
zaR=!A=m5ZR7ceLQz)=C9SePCW^a~hZyiMa*U6rIb>mv)9{@_ZX+{nH5Bd<#5$2_K^
zrOYyChKMKG(WF9Qn~c!cTTt|64i$-S2lPC-SKNOi)g<UpZKVz+p1ZAmY8yZ(X#xDi
ziHyP~`j;<5(aDA70g|o|FgyO3imbg6h5>M#ys53L9Q=gqn28b_K&ir)y7ukSkT#*9
z0I0+8oqt@J3xKax_V+fmjynJg&Nx6WyJdBM@kQD@0ZsThyo&ZUI;D7NT1itrd3K@D
z`yYzK7+<l2CW9LR2&9gWmKXsR8)_Pq|9$UBctc606$AOd$ff0A#|+J%hp;2ldG3x=
z@;m*0#^tz@t=rfW_K+y(`fjP)KiU%{hQpo)j}jwy)B@$~8VP1U_3$L1&9PaE_v)_q
z-}5j7m9O;R5J6J91RAde#17we<=i#OGqLwS(z|7wT3Wt5CCDS+bPZ<n#r)0KzVs_3
z24!F*cYK&u#j_gy9`M3a#X0^XfwT7<yA`zdz}h;(kU(*UA7P<EpfbI<=%Yz8BB!|d
zxceH?U<RjqpV#p4HHGcd#BbyxeVb&aXqRG@bYTc8AaFX@C^gQ83dt{b6E%<2trp?f
z+!ijI`o&^9T>GRC`~2v+1v;vwH4gziP`f~R-=`$Wna}(or0f<Av>NvRBi5%;*8jfu
zS)&#5H+qDhIJ(DhS}(R-gTbw`j?^GRcSW=*t|%U$@i+hY<)y2PoAS{z;E2*Q(P_2z
z*wZ&BzCwi#iwffQ{}Gx41w_;xEPu?DOrw_98VU?fjw37bVc2IxZcXTaOP&<NmET#b
zMY~??ssIWLIhXxHG61TZMRF1PV*OVJ$6|L2<Mmm6aCjr}1CrWLe;^U5ZA$a6C=Qj9
zRi#;W%LbI;o)B}IJ9Bxhw96Oj?@*ex)}Xp}yM6yvhwLWy%Z3(pyuA3KAW0t|AJh&q
z4(0&093WWQtGYsd6VAHO@}~FY)TUz-N*>U0ir|Q014(rc2Qbz%*#B1OlBLed3zznz
z$Ivr>Y?c)@*nXHevw1#R%PjfJX}t$&q23B3Bsf^P#eI9uQL?kyDgI;vg}MG|1Z|B;
z%c+3JQ_a;mLkuTP?|u&Cz{9?Q&#S?%-@O$IK!h%eF`)Nhj=hOMI++(^HK!!ZYuZRw
z;YdFW(*bpX3zZj8Hx97>a!@y}5<|ol(9;WNw;BeBw(sktZl<n))X*6kLFyVT2ip~t
z%dv772L<=;LRq=OSG|~qgJUe;%6Bp{^DTiU$x>`!mB*cE=0)XSq2+0PBbk0-K)sTb
zlvDu_m@?nHzqF(XR}61Na~qch$J2ncn?^x`oJjP&AnRkPs#mV%3z+|_8Pa`u0U8u?
z7AhRsq+ccJ93?&?EZ(?%f)u2s5zJKTsCCn!tIdOAXZTK+G}tLIU-eG#z*TAhuJrH2
zicGDFH(|<(I9qNi97Ii1zo|Iv!ksn`oy5gq50}0r!9IUp1}H_AOYRa?gMZt2cNz>g
zbp|i3Akb`weQI{&!K}1I#@C7xGGi4@_%A)yfu_gU-Isv@typatk%My%HG=kT>Z|yi
zpfAwm5BufImt9c(4~7&7lZ8~;e(Ra=8iak``Ul`@(lm*-z!^(tpycabC-{lEx8dpB
zK!6!sy#g}=I?&Hx;X$8ay^J2~<9~JFyr2FDETLcMeBn3sUjp_^*`1xkUw@`bZ0`OZ
zPS=`9cx@&~U9^WdtgS8>oN@y1Rng$GnLCCH?z5t8v4(+Jy|zH5lAjinWt;LqzeJW9
zp*Zv+QNnt89Y3x>A`0j?KyX<9bvhKl4Bka93MLJXVYv9$0qoPZPPQFw;|_#xXzeKV
zf56NXfPYr5QIXoRF+O^$gX>qv`90u8lEA=(gd!c@(~zzjC&n3zJ89VZ6!WYT5tly@
zH4;R&76=C{S1%y4bNc~bZq}C-RG0GF`ecE(i-sm}yxzscN|*ZEhG^1flQ%w^Uz~-m
z9Qyn~lj0Vz$x1<A2TEBf|43q%8vm>$&aZy^S=C~S@+UUtwG;H!ZIB%TLb()B`oOMw
zN%DD{i~!`n{laD`z^r}1OIcSwOolX_QQ?!=qys`bfnV8H5A;0KLy(6tL97%5(!Wwb
zEZN-G^D&pH^8L{)320L`ATC|^SIQk#)}R0iz|KOB6BYFu;UZq{>ub!(p!!etPc32`
zO1XGAj5rdSbj|SQ`dyHg$u$G;!V9gQ95Vm`{oQ>=X-t6Y?~1&c%LN-Ng8_3yNTE5&
z=}yghCCEY6Ukz$s*TK(Tis9Dsez^V?0v#9u>W}`{zzhH3udkJ?5SdiKU<8h5mg7<a
zj>+qro0~FV6@ZCN2Qw;=;lUpUOUcFwrX=B*XPfPjmWqSD{GY<tDT}TWW{!w|F1N#y
zG!)}ZCgjz;P1#ck%oGZxXbji~O@W_Z0v}?1hNfxe=^{4p@bh|jr0-$+8YPg;G0oM*
zg`SHGKsL+YJU)8b1hH8lEw%e*RU36EZVjd2WSdYJ<AXC|IWJQQ2qT^H;82c!%_6F@
z82nsR*eXPP#h-Pq`$}bKCA!bzvL7_pWe@6|ksjz;xVSb{Ne$IxWsw2>Pb~Zg;M(!~
zkh8i)cY*-JW;|akH3|{5fdC4X53m(^xkVXj_}vfE)1LrAR6L&F7QpDR9vCV#D&7{8
z4$pscZhHiqdCx!YH&DY1xC1>zw+^9KmyzFidvT7Lo77o0Ws8pE4ocr`?5heG1j0<d
z{t_`ISuAX;FXP<%^`nE4Xb`m)Gcpz>^A8D)5f*a)`#Ma2Ce6xxL~@^aR-<-#*PWlm
z0Nb4kKsib(15)-a07*?M;+G9&S6rxrg7GIJu6LLOWKf1iiY0RiT|ZhVD3Mr)+Xq4g
zvK*kuqET-BvMm>!10XG<i#AJLNr|>gA|A8%qD4js<p=q%{>i@GDb4*XPy!^f!-@EO
z0ifhr*0N7?W^oLc(%&9<nF|3#O$r2k;;6Fjfa$tUZvtqKyHiRc#s3=-l{d55`^o{z
zrYOnt)BSY*C4Z^T4Dn${<f#Bkt{X_8mduI=FmFm$y(R~iz7NN3SEZocd$C|!6Y;LD
z-f|QgZcWVBTm7l1X~&+8dBI+Vf;RqNEI=UOyD~>2rm*Oxf_^9CwoZ$C)w1)d*FMYb
zW|C5H4RBILm6gowzcvSxdauTWu1H9QywsNj04$o_L8ZO<LBd4*8Nl8wsWT&i4RZoE
z3|dD>wO)Xb%D{?K&wsS0@ie4ki~(nUSJ{UMDgi|m=+Z%naBc&Is^X@Wff6e{^K-S(
zXHiX1if$|kpE&3tH4!C;tP&Xch(T*kfK`B!@OM4x)uaT5&>JWhf!lsz9N_<h<4Ind
zLkwC!sJtN*a6gbvNJv<}1Yovtz!j+Kd%<Ce+IBX?#Ob;%UsnQc<uo_*dYui@*#Ktd
zI#>0}yMA*2abOr(0A?l-{|aa#?)?_4cNc#oR{fvaq=_vGhRndzqQ%9<cL6^4v%~WD
ziBB>~!J?b{I+$l(2RB_*xR$Ko$ZRhtRU!ZjkU)=2T^y?({MD<hvt{(i2sxH%MEnqD
z?3-4TqJX{4<BdOGE>vS5p>0^;(w$l3r^Iwn@ht&@+ZyyKt8Qz)p*AYMY<K&U7>?=u
zj>7*sj6vdenvq`ts7j-#STY4`E7#>Oezm~?1^Y;Tw_S=!{<gL@n~6fno}Isb_oq^8
z5UCeBZq7B*ihO7o7<3MJUqHnPE5*#&N&o?+>Em-mRe5<-S{j;gj^O*%1H=;FM#t4$
zkPS+1^v4nW$+!BMT_?aw(2azKRt%`q39r4*Hf7j<fwxx#sUxi+HA>*YfgP6Q=1!^C
z<(}q#!W{qwjno&HsDSS3SK<?RXesXunw85a2S4MfFlu7T1-iVvf@FDvNt1Fq%s@iu
z-nVsNwj@$wqqx|pDA{d)dx81-lPOyn;my<GKtS6fqAEy>-;qW$W;V9ExVruUOxew~
zHOfLsHVeqXYKPIMP!~#kOC}zC@AK_ZoCzU(*EX+9><KR6{+kIYawL^YK<0_k1BNm-
zH)#g+Ysx+vu)ukk+03^9gK8V`R<>(Y6LaO8tJGKgHCS;J0#;l}OR%=IlX8bK!(#{~
z1ujHPQ5rT&JgYuxZ;0vS(<$`VTuVuo&7YdD<xSc}F&WS8{@CC`#DxwKeE!joK!)+0
z5%YH-2ehA%-i*6Io+itXRw<c@tj75I6A&=~#Uv@P$WTDMgAwm%`qGSyj0<2@WURC6
zjX0(*@}T(e)>A@p#o_4i@LCF!)9Gph0U`jm!Bl7d!mHb#AdD~1jL)~6JhoToyjcr8
z*gErS%W*qX--eq)yW_>~#JVtk@EJQYPVjN-d93u6x$|IIk=;EIyf}<uLK64J5|34u
z6+X-4jY*l(*TKZ!Mu981Ss?^_cTuepaI8A7;V>yVAIbK-;ImbSjM(W^dpg!TqNHEV
zn6hUh=(dEWUBAOycf4_A+2-yh(U*D6$CtsVUYf7N1jpgzYL2F_klc$^qUC<PVt^au
zxt(G4#w})1bfCyVRhCW)?go{tBu3T>@&wpUSbW*+W(cH$ACz&k)|`272i9YIO9WZe
zSs}$7!TNTglJqDYnpL_HU)5Gz@sj~Fp<vmWuW(=orQ>G%X<h(hx4iry#y{SWf+k)W
zwt&DUke;3@h@L+39^MAu$<D0XurIQx$c(T*5YI#%6ITodhG8;+6#^UR1_=iLUF4n^
z-B}vSizi+kc_06}%4yK1=ezXyIV!ZeymKJbFi9%Ths>mC-!mVhjj**trCluYx-s)s
zTx@r!yiSu0S=@G%z*`QM<~K1MJ;c{6SAkD9Of>mtgmGm$<KxK8Pk}dvz4uhtG#Y>?
zyKm7x1h=V}K_ZYWV9K-df%^1AMknY8Isqzm+AJd(pJV{vI;Lg=rfeS?F*iNBIk*x^
zcvG-;*j+@Fm}6Xe)F**=Di3Gld&h|Xy<C&8|4E=S%!S|t@TAH(`JHjkdkKu_Pw6Tu
zw7N`}JXU=pX`Mj0ZarP9;weDoLb?$d5y3!^snM^teBBzIK0_!S5I8P+ZI=lr9RT-^
zLR4&^SPYgXKQf?OoIaQBGCZoJ+?9Kf`KQjCuY);4-{`dU5;qD>g|gX90@rILAB_aV
zG~JMKh={y$cT|;B2E#sP?%^qYT@Pt|m*}4+5N=|Ua*X1=K#<ym4udSdKZ55i3+yBS
zwUbpfpDOkVGE4*u9VHqlA+iImRL%6D>=Ipka`LC(C(NB!fc~ptiYA+m{4?fGUPn~`
z7B_gI&SI2C6pX<N#`74gBSE^Rhp9UmAm!ABjMhJ+If6oW*C2P}pl)*R7Ar*g5g9z}
z8wq$j=}sT;<0ubZ<6c5IV%V1W5njfiOfc_SynxF3R{Y?5*meC)aDLQcQ6f1oUt&|h
zU^}HegD<G~lpY7Q&IProSSh(}o}CRK=S0qm$*c!=F{h$@L!|pS(>qD~Qzc!WjzY5(
zhfb0HYLP}B76&Q*8B((>u&;*dh!iZC^(|ID#dKVQQsV`<^9$5U6r~judV$Ko2|xm;
zxz2sDh{D!V5Tsdg9TWPn5yOLthZmChXb{`8?A%W}*W&T2=X|~6@$wa?!_o`DxKeAS
z^8-x%NcgkeiJ}ktRZYoHadC0|K=vTTcz*q@KR~_9D%(dazq9~Ja}cm4!_j?)J~c(G
z7>!>xFB;%*Mcam?M?qihS?_5=D@r=lNC9vo5@5=Lt|l$H=H}+~KZYf1Bd8N?YuYri
zT-S+=nB|?Fozq`iAXk6iW0d?Y!_0;B$zZtyU^}OV#z=3BKCHn@4n&~%Ms&aI>RHoJ
zfprylG^$KgJp%Fx%7U-j&wmQYE^#<-_;;i67~fv}8LCtHhS9%C1QWqUC$87iG=lg4
zX}7V4uOCiL!$Xwc=$V)lV5i?6Hm&x>Q%c~XEQ4qyg<_V9d2{#kCeF?au7?)wV!!J(
z#4Qw8Ma5Xt<s@xe7sT4noxi9cKvKdbTpE`tKfFK7;k%4;C#95*|IHQw8KK6v*IUhp
zz{3~8G1R<xrDVZ1q6l_c5OlXXP4bz89WjNIPr><st5YB3LIXWhk#~2IHV1Qc>A-!_
zNH=I-Y+76O(ufy*_7{1-mkds8VvqIyOa%dG{b^QEBvUMc1XZKwvo;LvZbNuKV8j(z
zjpfdP%pxwTT;CKOrNHh$x6!Wb3uk@OGo<U+V2>N+`o`vfy;}+0yZjvZ$7xF&I4HRg
z)^9s>S<m<^=Q{lTdv)phg-R52B0;H=K_p50osrLJ2)2^K8^iZc?ST6kUZNUCaWGjN
z<&vhbz7{c~6zCdNlms$(vEUMj99FQ$@_Vgsv|q|8K7}Yhh~t#JHeJK})wJSOaf_@S
z2%c?)q>OocFzxyq?BSO$Ma8Vw2kTsBSNxxRLC%7GzBBd;gNstL8#pGS=Lo3Em2N=Y
zqwn@|A5Sii*AJ`U8b}lr0owV_L(9E>Y&QQ{R61@68`Yz#sw(d3H-}|@upG|xSGdLY
zSiv)-bSYk57rO=Fsw<T0O_SziapWS^5KmpmOr4nn_Q`wT1KQhRdHuj*aA1SQ*r?QQ
zRdUI$SIQIqa5<xe*Uy5Nv;_0dKj~ZEoNYyZNTLZ;gfj=R9vc8!zkBip3K?4-zf4U*
zm*tP@)?5h$_mr10){;hMsr&bDK=IR_5vPCZ@Vb20I}xo-(tGw{-XcvW`@7#V!HSXZ
zWeOFfKZdx(sM{_ASmq3@3X4bx$up$*05o8w1t--iP8w(Kq_i{-L#JzSdd114Ywv17
zk2RD5W{Os((@iUBnr;mzeHsgMtS<3QCr1MGZ!5q!2DH6CP}i1E4wn5vyPg)i77Yez
zmeS__`m~V{2T>gSN(lVwkgy&e>YSA20s@s;*thAxkEU|6g(2}#AK|1$(ZE09`kJ2h
z&t*{pmxW=~C=T05MPc~1cd_&XA)aHA{67zh4E~`OJv#=}P3=O*GFq{VfwL16ZH<m}
zB|Lr2NG$k2PA~*GL8j#Nuzw@cf)QUiHok>zq&OMnS<Npkl|H>C!o)O=Vt2*_<1T;`
zGM&q=2PQ}X(*Ry;2HOm}ShVN`+K`R)^`Q-UY!v7td4W6KjmGo`M+|sI=wIdW>CwOp
z<D?6DbJMJB0;iUe9{2x0RSIEYvf|=m>xn}6oS`|>w|o%n@h~u3;p};2=rc;8?;nbP
zp7;!j9uDZ+1huvbMiX%%Q&LiX0_GG2Z0&psHzb_@S%hjZ+xNYrebSv|aDeAr5S)`A
zGER0rs1hGw2!3@*HR=xake$#ySY2<bh)wbF2`gQ|gY`>&J@obp4hu{A_iD{=fCr_O
zA9(|P#CNbur}21*sbRb^c|id!GAe4K)zkI*?rzacnFJmz{x%q#OKJoGI=CnoSe2Op
zZSbS<<NeLR$Vd;62?_^?2?z4;KKcI|+DRK?W@bj1zCxxp1SZT1eU~32Z~u*n2ZP-8
zv^K;_Uk1lYlh1m;_e%vnDMO}H3&O15j0rqYFB;EMz`%gC5g~WK4D9cgu6jwZID{gp
zFQKc*0=fP~kxby_?iX=pI>y8(Df8zW(LBQKteA8F`5TJ2!M9BQ90>t6IMUM6qADs_
zK<y~Bvs2Wl|HtWKyr_vY!|St6QkB5gF4Zjq6+L8(GYM&9gMrnvFml|A5=k-Z?ywLE
zDj4iqL6|(OV5-MSm&jxSAA8vG`RGW|Xk;`|^>h)~2L|+<)Ag}KncpBm1KJsk)g6ys
zoOW~Lxj~zyKCuC<#Nf|TJVH2Nc2O1Igm;|f#&={q(tvno1{^6-*llWKZ!vmtHin{;
zRx{z1bY#zYo-%T2lU=m*%5GIS(0dQ*>Jrz5uyENP*eSrhfqXW{qoi#aD8dMxnR!Ky
zl{Jl_+Czy0#?$!kczR;={l3_fC<zH#m3;3#C;GV|>sXYdGW7sruKmRv3Ai^l^8w5^
zQc_vPdIyL|rBwOFn3W4yd~b<}2{+GY(di)?EGm}&Ol$y|Q^kygfJV~EZQ9C$<(s3Z
zH(`kRGH}Ogf4;cPhZn$M<KO`4gaB}nP|?#5jJMZ1V>^Wfkf13HF#{8idJHU=&FT>H
zX{-+)BO!}hF$IeNzd!-=fHbFw*;lf~<RKa@>mo?c%Bbzk*!c$5own9){&lvnFHsO8
z#@nQq3J3i1vBRNon-0cZ^RNolSj~}gD;QP8@OPVK*uYO{A)WtoRDN)F)R3)RC2_Bh
z1*Wy@Un8hL&LP|`zq-G<f@8kjqIV}1Dq7t$kt;{~8eJBqhv?RYXJD$4#-#?O+;8se
zFqyLP^3KT{m>Egu>%yMJN)IusA0cN_M)dEwvr`JwAu~WmYj5We!PK!!<vY0pPn2D9
z3ygd!^t8Q5sUPmr_D?4YSDPDI-u!N45?Gr;tofoG$K>%Ih<;)AzXr-e4eQ#W5kSte
zGu#%g`s74XMH+<ZL&jv#0mst<Sl|jK`rqUzWVBxNW(45(OA|N<1!k@4u2-Vme?vkN
z6u89}6#3qS<h|W0=c3Q~>J>%|G0$6R>F{&d5iwW<Ow1iqm%P?@Y@Tf`iB8+k8cB5n
ziy{Q#jgq70LJub@x-YGln*|EH_U@94;{%nCXZrvCa~XUv!zkiN43zx=mGOo9@bo5(
zt%S874zi+BiVEd_QIEH2P}})<M_=-z8-vap)J-6ulY|3dqAXKXL2mm<8>fYcqbg#P
zUD_%x5pI@a1ePvoUQ*)_)Z*ga>%#$A=D9PN#Ghnk`d`tVoEIsZZwp(-+ble`6iw{^
z*eMcGbr()^Iu5ns27k`RcaH=<tRG2R7jsC<h>!7IF%9^hAmf1TkH{85Hq!p2`pVz{
z-zrgxyB0*2!EO`E=!gh0KwV!mYd!`Zx$YLD`|byNv!ZB)+0>aKW(j*PLaK)^4cE^7
z<+!R(!=B_O!S-}|nV2@}+Y4XhSpzpx)1tkZbjOv{8n)IkUPrg#aejITTJKn&3~+K_
z6Qtq?d*isec@Q2|y{GAyl6(O?%Vp`%Ndmd2dTvMzt+9q!v*jpJPk+BzX8=riR1^np
zAw&!-IFTkmlvKjIyDtZ;lvm0nPBXZGCviTzZy@~*s>9M<+teC7V(3~qO8;5`B?cwc
zfse|EmmGu`@?;_NN>%T5)8;vpF*AKb=S0BPFrqQm5wk8XD&%5euEQU~QstA~b10;6
zOUvdP($T<tNk<2SiwG=hF%1Qr$$lLRS;Qh)yi&*7o&83b+WuN!BV+G%)YOa9*Hs?!
zVpgOc8kqchf2P)m1Ycj+e05lAZ{1r8v=bEB@U!Eu#m`!e_W1SbkH4ar^(})bBCvu_
zd;l$cfe+G3R(gf)Z%>xlP~Myf+ZU)ediI4B>T)CcH&u)f|Hm6E5+N^KEq!Nr-6jWn
zdUfIFq3c)8&Pus3o&@1jFR+3w<=?><L>HK}^)=UxjlP()rAg#SJXsDMt9y54YVjcp
zM3B6r2mj)0?Of<1Nh^b9sz~baxg#Lz4W$=zs8{a@f?ko6qKb5UKe@V7`?|eJU^04?
z^uaEYy+1vd(3Aa$bdnU?eM8=otdUGw+&!1iH2NEVM6O+^fxSeO4+8_kz~G>mn;U0W
zSJzkTt}Xt{4+#24s2t@le;;wgr>a@v;i_2wx+tL#3~Nqj4Y!}eDkG$GqHxyJNweMc
zny*_p#}HM+%zXcO{uT7V)^fwhA$Kh!@qJ!_`|yQkI<$1$j6?ALi~IFi-H%9*>A=Fo
zvo(15YlbHw+hxBcA)64oZug1<#4Cdcf$F2^GLgd{IYHlz*HWpQFAs|yW-QbxJ$Sm`
zUd~P&g`yEVU7wif``v6=FE&;cEKh6@vbhCtJL(^D7^f;@SIb99U>dsraEd;-@(4zl
z(IOck;d>yqtntMwnTq?Ss^AF{e~sq!3}{p&-6;v1iWBU@xx1U;Ll9=QY*+nnsy_BL
zsn>sxXE&To`B}X-_gzX~ExRz}lB}TgtG%AM{8)qfak)r=Gw}IC-9gG)di`SnW!H4l
z$BJcC@5xl2;aomf1OVg*i3S!(klS<`_P$?yKv4IHgx7zWzfCAT$f(+dnlTSt`tK=C
z;kfAwoMy+}u*esc>91YKjBkf_PVP?g4BSKBi0z(zF?|cQC<P2295Wqclq}c~-n&HS
z`2+16NvA59!^=5T0l2lgDZ=KHf{d*PbPS}<wK5Ni8#~tT3h5uEo@(fFNhVOxx&oE;
zRU>Cw6iu&fQBv-y$d12#W=foLouK4ay=fwqQf1pL_8ej#^EkeVGTp*q+Wh9)`CW+4
z`C(Xuf}aZR+^89bpfOf+XcHHAZFSYLf6=vRV_qfgcY=u!)^8&M)2d{b)yl=V4&U0s
zzS~bD5<C~3Kh*v-m)fJI+KH4;`*OEDOA}_7vyosf%u{?34!*pqvN!p<Y#!Bi9;4yC
z<4P+bB05QDahhQyke(@JIhwim5_~SmeK^BVp`O7s7LZaIh=<5yF~709`ktA;?{77}
zv7rffs(oIh#iEESGA|81YK7ta4rksx$9P%vyjA!EH4OI2zs1!==UO|0tr*oU?YEqx
zgy2lMIPKgGPtbf}K3XdEJ9L&f=ALuk<^0UL7!-Fz9=;SvHL~jSf}qJZ8b$Yw$)CR)
zFK%wBT3tQ-?++Io=!HDcjVkA&q85AU#qG|?BeWa#;c|(WiOY0uu1#-_n~&Ci?UE3L
zXmsR=s(P_H+{j54=N6T4IQ8eVLQX284CDN&!hdua&Jg-%%d0J5qipv_d4Plen`mDk
zIlcNqA~C$HM)R<n<vBki)n#K-n(2>J>h!yNWz@Y1Y#b|xu9kEE_Z|!Sj5|Y?bH$Nv
zKa(>vBSBpsL{yld5>6tZ5a;mc6!m28t2@V^1H#&~oKrl3cJ(fq=`ua{*7on}%E?g%
zQkolgF;8#bD!Mdyia+l@>Dp~_wrJXK$b#g&`%E#7#F<6;pAAO~*<z~uKycZsp46Zm
zH(D!!8F^X#4*Mg|-_hO=meaJm^Dhxz{hTWeZ>nq+xAQ)>>{b2n2WNFXVvT@7{2=EB
z2%SVL$a4AncnJ_mg)(+ks+~(;Jl&BT2qwbT2_8K<>CdnB|IGIYd#Qc1h$L_L1tnqa
zNAp)TH9-M;A;WK%ua{gEc;t1Pad1Kn!;g7L)ZzBO^GJ!sCTeQsLE721+&Y(H!q^^j
zEM!G`_(oC8?u^%dQ8(`d;qhM28>RReIX$_J=1lW0qGr9Xa-9DHe|L2(l_%^wUS}pH
z(Nea<(P=idlDC(c3xmW=o|owu`Rsg!{PKn?S6(PUL!iXO@jg_xtJbmPW3%`8#xCw6
z8rA2@TzW{AaL|DWi2q5Ev}G}GhaP?`;OlDG7UX8FP5t@y!DjpAn;De1hGKQ5-*B88
zchicji3kz+G_|+}vBrk;GGh>{_p8I35JhxC{!|Rb3RT_DDgZkYd4|x^v#{XAB9+Z=
zi6l|yc(iqpI6gLzXTDAG{DNE1XyK3T;N`3GjUxMOifl=!8O3kT=f#zOEApK%Va;Y$
zb-QO4y4m#B;pyCTL!^dUB8lAc`6;jDJ>Wp0^yrMXDul5eiC6@x44Z3+?b_mtlV$xn
zVkkW#to@=fuJ>u_l>e}*v7s_7P+9JKWfs&qE>RmZh?QC<VftUN8T#$P$Y->{0mUAY
zRmbI_;^tBhqu|*JpS4wu?A%n3hMdS7MqQLk++d9=YAS@@jN#Kwd1*)_D+@8Bq5%!u
z8(mFdvW`=#Ue)X0bQLMoMN|;-+*Vz_*Niq-QX80yY^WuZF5}H&^j?CTYFNSOC??kN
z9WHdrd#cP)U{wctt0ovf3+LYZkn;DvWqi*Mx8|`w%p5H6ayfE4rmLb#sb_!JkCYKf
z{LgS#L^oT$9?F2wU~0_%#zMq-opavbA3woO3}gvI+q|#VLHFq`z>O~J^cgZ0{o4eF
zS&e6rjKa^owBf7H93UXmX-UUCe$LbU7Fj%qE?^WCb>c<2;Ov+naiqclCFISd^{IBH
zDwy~L1SX<ayv&PU&rH_#j>SB6SEle7esvjQ4A%9DD^-*?w084Tb=BMj6K;7*VzT<)
zyd{wt>g*H2PPy}O**s4e`}O;A|GSypQ|ugZUg%1kznWjzcwGU0)Jk~!Vcotqax5Lt
zl*{9eeCF-GfFQ`;ns)Xi@|2s;Tl#0=3)af5AMqofEsEa<=NAa>js@C8TiT_NE}M$K
zruUsFwGYZ)Trf^nJq%UMeD4%LF<3C_LM%k7ZyUP_ux;xcNJ*r5^#-%bQ=NcqrY0xj
zGcqDdOX;Tpg}xux(RoG<^K9;GljY%<7s*&aCWc?`MHk~S0<yT0WrhVb1Pp+i#;i@I
z5KPVvI|vln_&vj|e1m+y>D$B*=+vFLb={A1Ma{wmZ@_vGvSZ|rLEv`yQKm+zhaj&t
zYTLPr?YuwF`F2`HkYf#<gzp;BfrJA+PWXw4is;Qc=n`GKFIatWT~Crt8f*K@>hS$i
z(dT+wgfXRtd_ok>yJk~Cez>oreLjFREU{J9=zR(=+**O!pGXb@DQvl1k}*^aq@Hvh
z{Ea~@f`ViC(IJ1<b;kjbZHXbi>>>3^BjyO6_V1YMyB1rvJOy(4-Dl+FLLhRZ``Mkc
zoVC%`fhKzLWJ)HBfR*!*n`_|k-p6_Stss9T9nlQNk9GTgaDj--Xy+|)WwU+l_Y73t
z!;7-m@4Ljq`22M3Rc|TCq-m!ib`4rWrenE6&AWwB;|;c22HG>z;kkkF{h!-JW*AnN
zYW5ApDq4wYUfTD+v_Nk?NVcZ@I%Vg=43b`VN|5wk@3rKaj5PS3o<`qTFRsCk<O;(J
zG&=MoI}&W1eDwXWTSI+1<{=_6{Oiz3Aul%ldONK7en>3+_D6^FhbKcH?tQ6)rAERr
z5f`4%KMe!x%dFTQ`#z@EIibNm4;mUCu2U27_wWAI>zY^7_kH;^wBguVo7tPCaG#Q?
zsrJ4)|9-^T{GyJ*c5O!s@zL)+G<{>dyaLHvfyM^pljZhWQf~|6gM4frDBL5SGU%i~
zoPT`R&yY)zb}VRk1o_-}TV7$jTC#zKM^>qgNa{h@fbdR3>;oWQg7P%Q>(|&=SXjDd
z<qdv9@RV^1-X7&!4ky_JQeI7}bParP1$ZlHLb@-AH`Jmc3Mi%n8TV<RchVSS&JeTx
z>4t=cj`nw#p>KR%T9i?fU8lc@kKQ*uZC%~K1g)#S5y|~p=R@RPQ(m(P{_C3?N-kPL
z9`xOakbMuc)g#gm8zFQjw_)ImgK={4SxF%SrEht|T(`EC`CRtqr&Cf=TfA$0+g5N*
zYa35_nS+(?JxE`^nm>#w@UB8XeeE^Yu$=52?Zubm?6y)K=mb2;T!SqEYwL;lR$PLN
zlGp(BQu*^K<B9>lt1HoUrKUBLh%|8g;241~cZsEOBqKEk8@?dNGRX{Fv$ZHNa!BG_
zVt+_qJ!GKFu4lax{?Ss?rYvmb|IG`slEIJCD;e^_chn;NvHP9faxH?=GS5+~XU;ck
z7Jm1m*umqrScaq(RX?_;K!^Wg0fcvN*FKyT^NdrxE^lqc>X+P#9gHVv4<Q-l^v?X?
zN*+x<M~LCmiY#)->rj65xREM%`g<HD<%A%}D7(V5G$JynshmPyNh$0e06spR^$&b1
zq1ddmIUf5e_?)(QCq7vxJh_tUm`AzzE!e;x!j#X8JO35I0^lB{I#mOeW2RvG<(`g^
zl-6>z^17vrMkOk^53&3Y*bIHQO?t(5F@sGh^;>+{w?{KW2aR5-j}Nr{SoOcdt6F$3
zY9b~qD=UjRUyFr)v>23@mm2^en1p5yPgzuu;?`Vz@I6^(*1_JgXtFF5VU`7~+H$BS
zFpvAe+(*#&g_h+PU|b3;>xH1<W7j8*0o7B&c!71Pu}vmel?w9|kLU0OnoI$gptJ}I
zjq0@Ej-xk<!<j_U&y)m{{_9QtBU#4L^zRo1pb6fO61Nmn6!v$c1y4^!*9*M}@#;rU
zlW?H+bszdS{cpA(WL6)wZ@Woaujksd8#d@QSq%bgfPW)InWduP#Kl+^#(qFR?;BV=
zVtrLJODaB3(<2E_Io`pX96Ap^Zl!?Ek%9wWz)c&n^_agz&G}kqi|}{dpFJ&^87t8q
zV;@}@nxjhmLB`|IQZ|3^r?wwE$N4?Yr<L#RvY`&R{6Ew0ohoG-#IoJn@_4!NsOQi*
zcx@(IhnSZc{z}9Xakc6iJ|?Sgy}^q7$CZ))N1Jm^Dq21yr4{dr#8=FMB*zaP+^p>f
z$eZR?Ybhmkze^-tQ}PV_wv1c<KB`N;(PUn2({j}MzU`j72aBg?!Ex|6-`;S%Jn#hQ
zNc01A#ze6k!NuOp@VL&GA!tNZjU+Aw)HJD3+w57s4z+yz_y_Hwq3d7OptA%5LZ+dS
z1HpvDUvLqnDCp>Azi_NgOg^r&tE;N0P$Hk5r%>mg(bk({mvANqN-(y-)@ZL({p4ey
zIqKgaLXdc@&aC`G_$x4qbnk091ujO>x{bOirYy5KHBKH3^&jsQcl)t`U%$lvwCSv(
zVJ90Z2G6lfh+8)iZhZjuIuPx22~<{K78j6@udnG@Le=w51(zR?{|htnyMZUrcY<O4
zwuvo4_i-$s;9AIGDaA^Z$+n<BXSNi!#p?y0K5j4(3y~)18H>V_Vb*3-sJq6EKW7ak
zs2XL|u5(>NB^K5od*7KdS}TQSt<KBAfn#H1^A+=5&um)x`%A*{Ze45qBP_~C>*WEz
zD@0H-`_eUs0Zs2f$;<^1x|(slafV|Z7P$E8ku~Wcbjv)Q)x36m)nOtAMbX1EqqXxC
z05w4lfHY#DkvIXw!X;Yz<EZ|X6B@<>UTLF9qDInxH7g7mkF6hK2bDkVoPaI3f@cIx
zo4TI)94_Jp4bXx8{cOJ`7+5VbBI%!A*vX-EffVA?=g)<PZC=)MwFN^H-aG>E1s<Mz
z23fjd^bhs*4dXxiB`uCXG2O3gj_h9>fX-M(th8^j)D>=fprDUYTFg3@@B9;iCP8o*
zI%yYRT}}Yl1JFXB#la;@E2g-3QBZ)_ObsC=Z7gaSU-tM|kW^aej4X~<o1OyQ%5GF(
zJbJr>b^Sil3JUlFMWwLNQEdZEODn65kqiz928I*>RdLd6wZ033dZV4nk>qZ@{?CWz
zEV%o|JD&^UI}S7HA&30+Bm^KfPeIbw#N5V9G4)S;e~dkZV$=>NHH&g${lLrJE%<s5
z>+Ld%o&hEqp9>tolSpN8+mF{6i7elo7KIlKv`scQ<-rJOqihrgV&ZMj3;bY8Dl(x3
zYu{xt16H2q_e+>zWN|`AaW9yj{nDAlp43DF|NN&LXZV@e5NL15b@S@4rS`E3A9JvY
ziAi{D?5~y^*~3#pHr$TI7~50S@CG)9`tdKv@DW1RS8v3uuL!rVfek99J0}B`4If?H
z)GI?YrB}WnPx70F%vZO?>Dq-}esTf4i%PvFbO5~<2Q2nWyW7@AXhrVWeM49HxyzWK
zFc*0U?atCsUM~FB@_3zdxRx;X-n^s70;q_E5e)->7a!0F$IJqOj|msU3ZX(D&F%?l
z)`oBM<q6I*;TZE8^__Czs6<QvM8r>@J_X>53t2DLqgCa>c+w3ZVb{IL6q@H7d86?c
zH`vlB=71aw_X@kVm4dT{9`&Lks5$gUyjh_x4YD{(={uv6Us)zqQkdlAaX_Dpf|V8h
zIl>F#=Skpn)>kP!cnLi}n_yeBgXwu^-M5Kyg}~%e0-A!1=6S#lJ~_~Oue_<QA{MCA
zD_AhN@y47sYSgY5ZduM{#?=~vk#{$@x2gE}2nz}d!XqLk$_dl<wm5!cznrp|yd!kd
zMj3U>?3wM!XBI~mpAw2Zz=ZBuP?jE-PZh62=zEJGCN688(@gj)vzGgEzm4$kUwUk8
z>{^#C*`B_>_4119Gxy8#y$z0h<TRVt#9+l<;98m6@b!keo=CETy?*`03=zx}S_f^!
z4u0L$wXRAcl;jv*L|6yc#|@dDv2P~i?nYE9rluS7S}`P+3N5fvFQx1tik?IDcFp(n
z^yKxu<pgN7aiDzas9E)$l|%4(xxgqa+Zkc}Mv+VOG$hO%G(!Y}bPcH4?k2&BKH%ti
z1Sk5M3T6>Wyq{)|G*LWmqhN+bxrnDb3ICuc`x24)?jU+^76t=jzrgz`W(n2XtTrMd
zLc86E4+vUEiUlEf7Rfg4v)vLpwQL9*j-!qRtn^DaxUgCl7lU0`Ja1|Qt!jn@*uxjd
z=ac<}E9|;Y0XcCv!|u;Q4lfSD&ElJZpBx<o9Sd`h_rI(?#=X`1P_s;w5PsKUA|N6b
z0R`Gz^(|+eqCA*5#NS1D>05+OAE*@uStk$BzyJE#TlqB@q|cms2TWk=)L_;&P`Jq#
zl3*mh`a$Tq@{NZ|%8yF?9u+SzwvMok(A{pY^1f3Uvpi3TkM%p~dTcfCa?R=&wZpzj
z1+Nfa0ID3fNL*1AZWsC}CiGVWMf>o(UNNE%^1FJ0|LKZ?CDNz-jT1NyBYs3+xtT)W
zHBL&f>9QmhY^<&wz-0Fxe6GQ=xtzl1I+V<sU{N%!u4QqcJFmJ-JvmTWXfQAkcA#z|
zKc8Z2t~6nA*D9d@^KzDNJyKU>QM|{S`8@0yO$n@zYd<WGk%UO1zDcb%tKtUt)maTg
zy@WCjOdfWy24y(?2otjg$%Hy?_*oY+N;ygg|9i|`BSgxNexH5oh}#IO8KIv3nb6`3
z;?U0d4a0^p+~A+#IZv)gvK{7w*q{+*24vOtm`+TQKv-i)lF6zO5(Z~FILxy*soDE>
zgc-v0S8WBu<w0}>FR?tA6A9%k$bXqX5`qg;YLQO4OeYhBzyK6Kh8Uq~Tc-r9FdbyL
zC-0s?)9~bH>qrD$bA0D_2-1mKWss%!e3m_jyx8snj!nv_lR{BJ$cfTx5J@d$)?^MJ
zj0J4Gkug-650lVZ#XI{MFJkGf)yyNe@=8){*Y|T}0@RTU(gJ%cAB7G~<Rw>%m%Ms!
zB|01%b1RWOm`<sqf=LDvtzZrvdO%9nc6z4ERTh^HdFT=u7vH@ZQjnADE|iRd;%5pZ
z!n_O%5V_J%2~Ui9GYN!}<6~t|JT%{hX`a0%IjfF;5n{t9Y3Qjn;4QvFAny;FwVUt$
z)k)8>z_yz1k_j+F-lDfjx)lpWk>GF$wdH^P9h6W&AYaV;n|DliyqJ)Tcm-wRQi9W8
zmL4J`rLV0W4xl}hY;2g|(=X?(;u!DP7CDTAn^l7x`xDGh$m}gl+fS;M>)(DIkrOMW
zHTb0f4Fis_YO5%cy~(hnYHP2vz0LKRExxjGE?PE!rY`DF<Y0Rg8Fs2p{j<C9g;Ln_
zgppvdB`+p$+}Axe5q$DOyVe+nh|@X%h~j$wd)q@o(ATzqJ?dnxE=Q@I5=cTF6NCEt
z(ARC&a`YTTAGsXnX#Z{?d)P*t;IqIu(0J4h2LcVl!|gI}@?AXMjF~rrbqhR6BKPl}
zwY?IMJkM*nE%K1E-&jz=<j+AUA&iWSjE|2G2ncuvTpj;tjRgYORn?HL?g&EO_uPoR
zlC+p5toB)NDas9NQ`3j`KZn$!hCmyZ(~m_aGcqa74QJISGoUtI!7=6xDkJF`0ab7X
z`nMupFO^&?jO}q4J>HrU!~NM-?zGEV%Y<7~dwL+ux}xLv#iz0BEoI{89o><E))977
zQbvb{x>`NYmBFVhP|1at&XI*mf7p$Q+6Ouv9wlAd&6D-eS>^JqiwWtigH)c9Q+lzM
zyPXxXC6wUQ*jY6$LB>2KE4kHevj6tS_cprL8Ar!y39((Y$jTt-R&1369$(q;EG+R{
zy+8Vl_2-v`o|bGM_|$+NUAlVvPzH!WmNN%Qnrl_b%nl<fYu{iJ-P-YS9O&P9tETi@
zjQ&NPrh#1bl&n8uX#L_}5hl(0eb{pAJ@Tm$*+&C&=ug6@5%Evvcs4_`Gee*t4~j;4
zI3WOJP>s0_>d&By3z-wg%#=aZ%;xu88_vOEiA%_|=NO?bsupSmff64d-}U3&F%~|4
zD1bB#Hi+3K4}-S{t2cV=_oJ{%Do6GDprFE8EQ-G5W@+?y6gXGO!y2$yA#Xngb0F3p
zj$@N3EPcE$)bHW8i!&sx?uV}v8gG;QsuTgPJ!(ygMQGCeaREu&5HnK)RkMc`Tz)U!
zVWkb(Wts4&I3H@o&cGLRi|_92gyFO3Hgj9YxMUm>mdaqR+^r!W#3;GSu7$AsIw{no
zDxQDK`jG}#(1VRjnQoxG&dLh3lTz_Fny8uTjE51W`Mp267`zXNT15YG*>>EQ??52n
zE0R4bBVnHIPL3={R2tcZ8_a0T4jex~t-OK8IqiRsL~?9*bHucEWO|JC)#GQ)R5R>3
z^!1FrLUXQN8$j^4y|rcXGn)^Bg!H3SrAXfwm2=Rl(F%Yx8f<>u5=sxzzmauMFwqn%
zIN2{KzJ50oHSlVr3`;hs_QewSZ^GzSJNiJ_ckaxbj>B3nR;;pZofNX80>^ujx~riV
zDKiX+e2c8k-e0}k`y-pMQACCM{9)fqH$`;?Y}^I70<+E)RQV3`J9e7STfZ;nNjPIs
zyCv;S$BXRUs_g!#_njAOsj3D7;2?;UI%h6>sEbl&b2I~$D?hGtzEzBSk@KI1rUM*e
zsEPJ*$9nq@987Fncf&`HjKL4aXY?a}@2aN0kK}#?<$?eAb_b#5Hyo<K@yNj}MXO4B
zNE^G=zMoQO7>Wl4JIht;o>ybUkNP6-A{%w<28D0mKVH2Ru`QRV7_Ck9t=9Gs6N71g
z_^Ss84{tJ(&hEvfXD?vsjj*fU*Rb{b(5ll;(JVNyB5+*n;FUp5cUw@N=zibfFy%JB
z`Nj?5mD$wChPivo*8kg3$l^?-cvbcm5mOl;%p-$m<X*I#!$T>cQ_^!cq%_QXKzW1t
zE0v~kG25zI&9qfR0r;vBQJwk8NmbAQE&{1JXaN7$sdm=lR4aVu0j*OCdFfe^&-wKU
z<#@rWMn$(Vr~Yk@ees6W3E2t3$J{=#8Z87&3ZR?n7MlG(zzA%oAZQ1)87(cX!yu9F
zW8`Qf;V*!}c;WNmjEF=q<!Exc$??~-|A(}<jH@#0)_xU17QH}Hx};mWTWO?QKtfWw
zyIYj*5CrLNP*Q27yF<D=-nn?5XUExlzx$lu`Njv<y62j8&pF2Rzec7oUlP#rXm7EH
zsU(-R-DxB7+x0Qk6)^0q&4T_oL6<8#o2*Vx>;2gyYWJMde>n25qNpo6Q%+NsTW<8L
z0Up06VKcprIsqdpmm7S&7~87PaS^f!%#yu;;)U$-_OtRYWV5MB#z@la775Z>Z9M5n
z>clziU|oT|P@8S@tq;if)H^68%BYB<WT(VydCdc%_tM4T%EuK0CLN0n%#rwvlwE=k
zlF&wWW;3_-V&O-ZDkBwtedgxtv{4%L;0?7ElGTO_l&}WZrM>r{fr)yoM3mRJ#Mz>!
zIEWn53irWNmIhsaPmD`dRWd->9*6lKk`$~DvEa%FJ{@}`Ia&JJIuse~bm>T9Q_UnY
zGCe;6s|xV2e9z=5)A{^j*@qMj_A5=wm!}K%Hfa&EHxy%t2-4Y%gYDm))Xv!aYrL{*
zK)EN%A^8~yrgIH-gZT9&Wx&w0Ah3f;g?v(~QvF)uNmBTi=EK4;1`eAho5^~{kCXVJ
zrSlcxOf#h7LNp+3J4t>Jw!QkU21~fApD=E1z2iA5tiT2Pq3&lgY-JjSx8ItsX>zPV
zte^FZ2E$Lbq43wy9rD`c&nl6exz%d0-as2=kB01l*z!ger~(Dbh6A4WpP`!5LB_Ou
zi}<;$O+;xY5I(V^$XnwS*T;Qj^dP!zik9q|oF6MaXl}P+oDst5tMyqwL4xk*{`c8J
zERYH|cM%&nOxxk|Q#QN{wT7x%em4RgSOl`f#qtvA46i#4uk%fE4&E9yN{bEu&d`)G
z73QdJb^}@)({{HE00c55cgK+K3seR3!dgcS84DLhv_Gu(nCtQhcV++!Neh92`4pt(
zI@R!^#nT(TIfWi0NH$D5z2j_MxUhY<s%m?RhKAaKlDp6yKUX?&@cPeJ3uG}bo+=zz
zs6a^^gxH3AvtNwL$#gXj!cBt%o30wPRmg(@*H*<vv0G2QCjQw5JNh;yxWYq7`PI3~
zs-c6W@T19OjvJHJJa0Z3kBrUXIdY|{#mMW(LuGv3Dv+lI)BlI0mwZE&<texwoD#gd
z2j|C~SFi{l5#(nqxq%!AWypwlV20v+PDaSq>dZQLK34XGgk)S?R9bX1o#xdZv{z58
zL7dhFDM|*cIt#2oiY+0{@~Y`3pJ?NeT;}}``ZsbF<vy*RWzyqE;p$>V5V3zt#Yq)g
zUwV<^;J%d@NvQ>~20DH92hE`k=D%efu<D*#gour4p@2=mSrgJlU;l1KdE~9_0^=wD
z;l8S+a%gy>G9?opc=oqvftf7##0HG_b9n>>u2$2@EBJ}@@Yu0`dAO_*L^m1Ke@w3r
zef}U(T8ct>qzrv7nr;n?5sK`>GlDeeT^6@)r0ty>PKM8g&6m9VtiGU@gDsEDY_%Em
zjaa^VTMUx64b!wp;b6mDo2~_eOAN7&c2oluoRT2Z8C3pbb_*T>ZAc3j0*Be4#Ov2c
zHZ7;>7nft6(!G{w<4Unp8Ghm5<$mi`{^4t3w0x=-G^LB4$Kwh+bma?M-F?Zl+Si^Y
za)F;1yGCNw-ky$Snf^*Ht5zRjr<^n_&>ypI6f=K)(@X#siGP2dNOEy=ojF`;Y*u_>
zCnR*gY3*5O#Nh9L?|HfY&dhKU2XFauVxgxiQO^%!!JUAby32Lx^mVYdIMIrOCW>*7
zy!zd*sTOK8-Pv2Wv6aN-<{Y~(hdB+khpIKB_&)}JFaeFxoTRNQZ<si3s;M@ls7-vc
z^cjB1i}5AviDG~ctN++3mh(Kmq`9~dE?b_`SopDdc%H^h?A}613#oC((qw_113rqV
z!R{jGJG0S({B?#q2K#E7U-Hw`;g^@?ua$(Chdv@&dS79ZHeX`&U%uzqy1HC)G=j5f
z*hB8uIkwF6lwv7#YFargv*mgVE<?}%#DDW2{;1$O33f7%M`i;lFlk^UF+Z-KpWmL^
za?l&o8fePtWc3uhVK4W2>T+q8=WG(IH~e(<eqg~SK0G}9Vr>&mTAkRbJ9i-bsASKJ
zY<*X;el-N9!1WZ2vtU?f2l|@8XA@CRXU1)xYF&dQRTA4;z%gTBpHEr{Y1{qNeYx~J
zo_<=!pFNwF%pE7B>ZvkN<d0vftzMRz^~bg-m$8Wb(b^x1n4oD4MoyIoHX5w*3H~x%
zq{k0bwks<*U)h07-;rL$a0&m=PjsM>GnGvDes9;JvF!bPf28Bu`E@120y*zr?C#s$
zrQ_+5<GJBn$@=^i&K!Gi;wz|<hiwrB>9AJfvOyA=Zb*g%E;Qsa+mPp&8^2%`<_Y(U
zwui0MTeg4hZA(>y?g@B4FY~(PFcmhI0~U*E7iCjAcAKh=YZ;uF0T^i8VRw2)PWw&7
z@Jl;WRk4|wF~4)ADS3D_U4o;Z4w#b1<tCddd>vX(bNTukg1PPb^polQS4{|t>|pZK
znPs;H`mfSp;ek<K)fTDKbRcbWF>9xV%w>18!)`HIOpp5@Vm}t6_yf_?j0ikex@Zoj
zib?H2RDH}F0k;S4bDP#XZIo>I5?ikxGns{`$>H}+FL(7obFyd2vA?q0hkR5pDQ?k^
zy0}#aVSWs6EX!d=!yt=iAi*%YGWVT7aNIk8(gW5f<yen1u>(2sy+aij+|UgA_59A#
zzul*_8J;S-Zj5cPc}%^yxV&Z<Z$IoPec44U)}Vtm!HR!W_j??ZfytTUbPV19!`^HI
zkV*Xr#iWFqW}WNhX8M7Yp}0b;(@Jiw<@h550Y1(1p4>(=k#=Na!O#0Rwtq5E3%EoJ
zCYrzj?=!(WEm%Xy9&<kIDCpU<)F)K8cQekj&K-~BT(786N%-KVrjo-ahR1jL-d^Uo
zZ92Udei;=N;F{W$Bg;6SA@J<Blqm52=9m{72WPp9TZr|fRdsAqRmwJ4Fd4;w*%DEd
z)&<ffHkl)d0(8oRT<KE6PnHFw{Cji`C#yq$Y)G9;U7PywjsCHuuylXgsg0kh?i<-`
z)Y53L&yRy(_}Y#w;f7V`+(jHncb9V_`NK<aJV^+~!Wp-zVGTcr2_AYAjTO0(3_Nep
zU$h*)p*B)R%RSt!l&?4L9CKaCWr?2*{N!vi6Ui@y`sS|5O_#xw*N6H!SGZkfEh068
zHUfh>h`3A!kY73~^F!JJr%BGwPuLNHA?;dkH^_2<s(Gwze}?*V-yJh}K2)$M;p6Nx
zIo|YwS@O8+6>dGJu)Y1KPxCeSE&CN=w{I9v1oCGM2A@9aFYam1(bK5^@W1f{%7lG&
zH(Ts)*2dol%DExi1|d}g<#&Q_fHdV9jgqeJ&M~go>8hp}r2Yss>4&!Fh}HXBn~zy1
z_Ew`dVYp&V1GGKja8z#*;S#U{wSzKPw<Vrljfrk=Lf1;)%7=jh+*KMLZMsvasb23;
za2Z9Uq@Ds@T5xD6q@%IV>^tiT31{&-0qY;_&EI5mj8+;Lx&8rwGnV{e^f2woVQpS2
zKUa+|oc(Oc$^H8jjx0fR3V$>K1SBn<R+nfDm}<^s)Eiub3#qcIY9P3fGKe-u$#_1E
zq}bPLvdDbQp@SkwY3Kbn6zWrL^RDeW06TDApRV`;cxo1hWjUfFQ@S`CT=KK*nT&9-
zF>*>taF$IqBeaHF6>3rqcRjwe1_8Vnwyg2_9BC;iDaSMx^RPUhHp9Q!u$c9F>iI*P
z)<{VroA?=1pmUm9Gz^>Af@#oDB4jJL*(SDTi+0<J)PIBrb*<fAwR~m$+xmEOsvAFq
zyEY9K4KY4lBb1zFK>BuABrU}|CYb5HjuS9^0KP$(goF`5W^PSbl;?~r)-micTHfTZ
z^t|TZlMI6HR+>q$-S#E<TV7FG?B$W8*aYJ=S$o@|z*)>l;6Mtra}~D}rnX(%RX)nI
z-HMGakJ`l}XOcWpBlNaCyw22L75KwM%&SNmTFyzb35-8LZ5NoT`=!O`&vH8@==0$D
z++ab>!06yzbEfJd7v-KbWvKhfWH~GB#bhq_{gc0vKOU*f;0S!^e7yVB(a=x2?+E9L
z(xx`qf1I?DPBTQEc8TTWLcpnmul^){X>-1phdi%zV`D?eX$u<}8F{!^iv!%k+_ckY
z*61K}QfB6&wh%D_-}K@jBjTOem!p5@?8JfMpqmaN2>)~WVPZT6vPrR}w@wU(@^%Pw
z$tx?rwCc}0aC(0$zc_vd6RplS9wW;}h-No~a3~cG%}R=8si<6}T~9p!f-vzz624#Q
zWfU^!J=|Liy8~6eJ<olbPRWUmdBtvzpituCAUkEzP-Kol(a#z$+Fyf|hP#p};lrb&
zeNDi93@4!}Pzs(&J*3{=<`RyGn8f!5=DhGUkhJLa47&aiOc+b@)r6;PkF3gfb8rPR
z9Z;VOlgKJfy3<2gH!RumPUN1s!qxeN8iWi7UXN!nSA6VaJ9lcMalM_aZpHwIbEdzp
zaztUTcSM_Lkj0vYSbG3r_ZA5Ca020GETpB^f>;cEpWIqTGnjWtb_!j;@B;)nB^@0S
zaM%+Aa(C1KGTfuSjI=J}k>CN}#$e#(sgC@!;;+1IjAUPu`xgBN^15ciWtC&5XF0Eg
zu$`@lmY=~yD|oo9Rj?C>?;tGy5v2A;DjQsn`d{mx*=r~@hqA}|>OrVpyr2*kHoy!Z
zC-2tg>SVt=*$_UStd_)0B<acT(xxR3@4xf@NLS^M6!uLP955*`=$c-GEl35Pkp*H>
z+wYmFWb`^rZCK0KEmPZxsF(=?!>sJBPCz>04N+ebIoN~=Ota5~HodI)$_lWN%uwQ<
zQJc!Oey}a4a6uO1C>1+{t+ELuSky=v`x_eT{x(YNN*&2#Ugng<L^EWR>{H;W>i+B@
zzp+0H@*DlU2-))tnY#}ne+Rf)ASTA5^*MI`mlhx>Blyz?A#0$4?|!D);?Aj%ArQt;
z){Hff%FW#>zVjG~hn&oamAvIUww;xiGU^-X5$3~I?|@YvPlnxjgrli{Aw|U(#pcg9
z^D_K9xZcF3rbdA59_7opC6dS##M+_^Un0_Y<1hAUs{2$Eh^vEH%`Bd5zr{8qss`C$
z;lXs@U66rHOl)>d8re1(TFEvwSl`LSg$KHk5J0Nu`rO}{PgUmO%9kr(4adPU5^i79
zq@_6ZhKnDP+_O|~WkomNW}o)y2WE9XtM(u><etEdm`d}7&l~#nOWFTVNKnv}XEjlV
z9uiM;Z2mjE_qY=Yq-giLg4NLJ)7Q)OU?(Y-`#$ck^rHK)Qn8QjNL!8`S(Jgr?QBj5
ze!R>e2Gm2$F=+EPpKGkC`(`3Y^%nA&DbVnhh#vJURQUND=<~{gDO%XZQ2*-tnSVJ2
zBFI&=v+}n|)bL<q;$v==HBYWl4@tnaDtrgJ`{-yXSJ(QomBkBd2{Otud=noTRUNdo
zTPVp+kBcPQwjZt-p&%_0Af0@zAs2CE#XOclU3tC49e}jKPKe7XztFvmS^Lu_e)20q
z?=IC2-nwd?7s`S;S#L)PthXXty{>Zr7OMX(e(a-f14PwR<JHi&ZVptWVpwVc8}p}2
z&~Za9nd4w6FZkuJL~P-N7$B!l2hLu7w}A)Yv;df3)M69@1fx|m2Rtyu0u7=BwRjY-
z2D|b2h5!cXVM|&pg6FcGj|8O2@*i0iN#G&jh4Z8bguS!;0j!0r*$<##5jZ{=9s3{}
zZNdcLl?_Ml;YZ&y@EtW~{kRVeU;=DZO=nUjXbbrPsFk%CBYgLrI#Jgj;5)Goz!wj|
z(>Ad&IUbhi9*lvK9(?*5@LX?HRAPZH4ZK}pRRzxQv87>{GadLs`NK+k*m>$h1Za!S
zq-H1}uRsf7ye+UZ2m-~r{y|>-k6#VUW<JKo`T@zCgoMQ8Kbfw4@NCYmzTSsS2@?Ru
zYz&RbK@1g;kwyR?25=i<qtmt&8Ens7i~~<rk?0410$dD6!V&WlQo(RBk26MKM2AU0
z5cU-9`TzFS3*OggP0qXRL3sM1pn~iF(rO}Hu?qC?_>W+t09QX41}7EzFJwpwx;2!>
z^vRbA0^aI~z(qp@6kz)eiVo^Th6RAG8cqNWuJzR7f0)WJT$tE`5u9_fW=XLbvR(0U
z6#t1BMuPw25WC@p{oke{Kn#7>tzuz_;e*s7Oq8|)k_;Q!?*w2V%mObQU;{Cn2|jh#
zKShBw>F?V~7N;2qmY)$HjO~Mwh|Eb-4<uXx1z`J-@i@TNzyksG!AURH5)Fny`B7c_
zU)1oRH6m~dfXL*N>_mliauz>$#9VBZC{{V5Uw^+GOr`*40!*eL__RwIG|(KN+Da<T
z|J*FVw{PNd;esd~kLv*$Z2AI;$_kji)X<070^_>rC`=y?;&b3RThVD~pL_)&?@UaV
zfX<*mql^SN#=MIWwZjIFPk}*z*enbWOjaFOB#l8)LEx9emLUL)V9RiGrjEt$Vcx2M
z>7szi_T-`06hNaMZs<FrWZ;Ag2n(2m!O^k$e`_@;OA6bP!0wm}wj}rm-0^?vkjEiG
ztc;APpdj7<vN9Gy;8C;Ah8RG~VRyIJ|H~W$g}y(grJ-s=cG)rk>9{EhehWsg)k98Y
z6ihkQo`?ppK<=a$0ly7<tE6z-MuWG?C*6lh0b8A4Lz4j13S=ELV6^$|xn9AYk$nVj
z4&eVn`SK+;=)2mUEFNSqB=TSoEW#7x!F>4Ws{@wbTzj_|=z73Kw*x1~-{2Uf>olhJ
zfA0uC0EkjiQ<GCs!ON$-toUEP+Fthrc<{W5jzA|7ND_JVod)s_FHZHj8QAbI#!6P6
z8J~BP(Lq{7W1Swx)djTBJ(0$e@^L2lM{orOratf>+5LVbUx>p7eUux5jhje8SqASW
zN&S<7QBq&|eaRDyf2SoWD%?TluJ!QdLmc>7<6wfCms}dzzW)9ao@%ud)Ygd0I+@UQ
zh<bn375&k-30_8Kh@9ywK1gpWAY@f>fs8mN&N{|r>R&}LzjPnce{Y4rpX;g5&O+fC
zMZqfv6&V>EFj!-K)sRA=a=+-sWSlWq+gg(0Znv{u-;zlZu|EbMMS!iR|MXEZPEMQ%
zJQk^rU^KfqrwOf`p&cqDRVo<oD5D)63zJFg5nb8mke#eeZA^k8?}sg)VvY{)Sl?er
z*x1-2Vv6ujpHgsfjjy(toWBCqy?LLf#A*4q8|`bur`y@Q5r)cBz@?j1?GDjFtodt*
z@WCJlf&SEXJ(_gFV*Mndt^FM4bt54uxdd=??n(x$RCwJNWP^rSgSc7W>XZ^04#cD?
zaBFR_cRoj(fow>*uO@(RA0fFWKSEf#_wD_i{Y`&$Q(?BRC~9mfT*T0j90)mpmUgUo
z+J*IqUx=<sse!>fm})=qzXKI%5VEaMSGUV=?CPJD4aEBLASmgEBVLeGbYl43wR#~2
zVqhXc{30V!88yov0mUjlmlb~YN8k5I?^barg-X6}qZ<nlm$QU}e4C;MTHnJYK1TvC
zb?nEqd!5v^aWomLtJEYoxLK}I#>I5|EHdNfXmG%c55@|@!NCm!q}b9irR9VU4og-k
zFe|o49Kp3c`N^cSIa2hCJrQqZW+TE{=`!?*T&I=2P~@V0l?3ptOm}!*O|W<(pa)2z
zw5fhyBE{sn5GatlUOy@c#??C9$)A9{Gcz-uZ*~LQPS3$oM~iw{6VC082ORFLJ$6%c
zhFu+U!ib;9`FIrT$*1x9oQT@!&{daKTtli+GI}PaZd++}z@A`ybUb^tmh+Fq-Wc9o
z&>mA0gA1~yteL|fC;@I>zMIN=9@)#a>T(q@xr7v8hpeHp4sfBxHhdM49V4tP^zvqT
z*(i<24h|H+1;BSuHf7sCc|`H+@7-gV^}D?a7bic8Mse)P>pUM}e`QnK4{TBz-PZCJ
ztj0DdamTz2;^iElBV&9@c_kFI&D@Ayp?qr5&;8G&-o$l*3&^>;KQr@y&F{rDn0f`I
zt6#C4Y?>E1c*Z*b?T#|-GI(R|D3H<6Ac8!Mq^2gmR3yIP<OfMeI9VLkWB4un@n>8+
z$bR7tRQ^i;|A0hUQT)sVj4(D6)ldAvSiYJ>zrn)PLyC)wgJJKWDgX?Hv`U&#NDDdj
zP$U=^B6Q9aX&W3UKfxJ_A&eMF3Us_RM&=`I0BJg9#Z2^x#n@~`F#2a}Y8(GKO;`0o
z{@wxTn-nqmUx8m9058V?k(G(CI~WzZsrN!Z>%0#i&SI^${(~g$J|D;>&qqePcyo<=
z6m$XLT)JrFU)rCpgDTMc9r>kt`BleV{ZAXk^Ejh!Zal%85b?*4AE5Sm-1xwlrq9LC
z7*xwtG!F$BT{>4P;k^N{$^Wn5A{~OEz9I9v^&RrP-ldTJaTS9oI$CK6Lz8|)Q<*oa
zJjMNqmF8!Bfp}-gK+ZG)mogxS*NEvm@+WtLYZ}GZoI_M`fmC*Tyd)xlN#`5mZp#jc
zdKkZ#kl#ZV<3*rQ7gZFHvJ{*bMp)wQ>~a*f>iD-rUP{7o)!3Ix<C+apUw}BdcWVNG
z2c&>sJXS$&rxU(K%q;V48z*>AFoHW2bA{1ZyNSf>Pm%CrOE<#jaAc(3_&_Iks1&F%
zV07oqOqfeSv%KoeRW;}@>$0ITJ-87cP_bO*?G>AG_vW0Zn+JAaaQ3-O2jDt02HORQ
zv;HqkVxa|4EB(jp9Ua0FF)3;nDUAy+v6%S>o($r{r+l^b&kK3;Hr8Sk=R@xMNkh)>
z&)Ui=6f8%D0&wSFxrNAFyN!H9u${~P^UbGbOh;Qg9Net}aK$J$XTHjF`m<6OL0%_c
z@u3_Co>a#VQF7kG?-5>QQ#@tJ@1NyJYCYn;@xC!j)FTH`5OzYw2Zbw4!6b_!)|2&A
zpNB-8xfO4TJa%oRzhAa11ZA%)EUx9^UAw+YiLb~#U+-Kyh(wj0MBrkTy?t4X#Yt$?
z!KWqPf#tlMYTK&Zt}yF)JP_<8A9K1;q=(w->BxF>v(>(^ugKt|;Eg%HBNWz?kH2zz
zm>i3@GEY8tc+N8MZ>*|*tf9k_LPu$_4=i)Wo>aMGce2liOKj|+5%Hpom9Vc?v8!@7
zlUEWC3p-e?Y{wyGXomnKy#GC;t^*NE=4r_M-L!(X`Fq_W?H5njK6i6osOW3cXMxc{
zFZ@}VdmX-VxLbvK9WD)9_Lo|Po^C~?ID<Pxh;dIeoph~EjYVF5fyVJx#a)QOIJ$ul
zm!=(5O-c35{C$=$yJCCQ_-@bKXLVO6-BQ)FA6^>E(M9~mTZ$eZHnNyC>(?MQULJ)E
zlJcK>rmhkn9UI|P8);Xp$Wo_Cq&ISUq%qU>c9l{V9o}~PP*Tz~OdAG24PFZRZM)KI
zGogbio+qRN)%Hf_eFQdqLM+x6vYp?J+$oaXORtU|Cq~E8J5c%kq}Lti21Yfd?j3(4
zNeGPyOT9)=e@z8Xz9cUBgNYf)VcM?*zhqrEXR674s(C+gW)Wt4?=6T<lfRN9-O5b5
zEnBA>P7`w8ei$d`=(Wfoj(=kQENW52htb1?2jr&ThO(Z%TjVV9`A2r{dD-ub$lvjm
zG%6Tx#|Ga|61HW3V%?c}Pqs&L!o%0)tdhZ51j0K-LuA(=O#4<EE+040Meml@hVX;1
z{}Zu~$*IwtZ7hB~X|ZH27N0=w(3l9TN~t)=?`|u7aI*q<(xkeL!KD3h%D@{_mB0$D
z`7yNVhz8JhbWztG$EVDm=B94@9pZ2wT(^i{38hBZJTqPVeZL(>BYh$kP)>%O7-w`^
z`WgRjT8z3aw8x|LZ}{qou45<@|9tDpE9Btjmx{dWmwSRf%Eg{Xv758JZ|5>T*Way?
zLWwc`FIi@NQFNpkOze@v5BB%#R(2a^4tEM<4}O+sKn}`KD%52fY{7^x2x$Ve>dksK
zq5I-up`-37*HhVAQnf9iR6SqW%%r?(a@^mFG^m{zsWG%p?~}jj+^g3jyGN*fzVb82
z!rUy`l2gGz$bO&iPYeSt{p{iLu>)5Y+R%wp^nKeFPM*Tuz|qT3WOoW5Y^C*72ph)q
zjhG{d(gwsvy>)c;-IDhOBR!vO@77Q_Xl^2UF{WXnUSYS=T}V<_hrC&FN9@na#)Rn7
z+D0T#As)XMvo%4&ePR<}9im{oRVjF}dFS_&iMIV_AjHnDsk=T)5<9_0I6AhBrJdj9
zyl0_wH~0^*xataTsjt_Ir0C?jj}298Qdn&G-4dG;AH$MxAHB_N6E$e3ta&<vM3uL(
zoY3Z|y2b0x_rwKt%l}bZ<L2q+L^%G<wp#jO&##wxOcigvn_cmqkE4`Uw2FuQl@X>2
zqrI^h6Pjhu%B6T?>)}C%YsKr|Foe;SMZ&~pxBjA;|6apZUajU-Rrg*>3t^%}H$1}q
zT++3rH`+j#xc=)}k)^Z{R&4~5T@6aYFKJQp<U%89a7y(I1;vS%0)H7F{Fyw*B>w$n
zy71NDt8U?qW?yT>^o97aFsracTRo#fIyJ%^u^2SAeWmwxfyImvuK_VyQtNLoFkOuo
zbR*5A^!zidjSiM0qrzSLdKo%v&u!EhgA#=fnKJObV<|f4lkXW`3{HMgJ?{BhmuvT~
zfTEv|Ge+XRZRp1!B^|VHWe=k#{?=;;)!oJ1KfW#f`zm!4lz=2smY=h$YGiyRUWcVa
zaKf?UOAtSs;bzc<cZaBCd8vm3_A2drr_-=SLI+92{yA63%7Rw@iFn#bGixmdF7UnZ
z5YqGu$h=kidk!Mf6SJ?QjBg1|a2T1H+kN-!G;2>EwYP5<dJhXS8K{7~z_+jd2(Wt@
zAUdhu%7|X<UfmnXwKZ7~y#e~_vlmo`EA#sm?`FRKWa%y8vR!#v@}Xz3?l*gWRjO+w
z)B08{xgb0_tb=et2LVq>BqU)wU|L4ML=*YSz4ZQnMqVqvXvo`l9v^)*UGdv)WLVz)
zp{Q<n^^M&&mf_y%8Bj4v=^KW%D+d~jSvX$~t-jjO+h^%X_1O){S2pZzi%^=W6h`81
zX)Vx&DqOzD*dv)m5VjJEycX6E^2&_VI8xVG08A^}*3p@()s}YGH@er+d3%?xX%u(*
z=`{$;#isN5;`ry8>^}-jWG>ge#rKgF+`TATFIM$l##ja=3*SXvVWNHbut4(vAP_-?
zkp+coR9gklH$M(%E%%r6b@n?$Z0}Z@kLDMtNuTm_(N#&z&;h9A>(r_y=+zyu?{T2^
z%`8xo0ZW<4Pk$)V1RS6!Tx~IwVKaR}h95*|`RbbCCiHF|84=dFsHYeDFsJ%Y{v`W3
zv7GWL1Ga>Z?(8cnVHi+XUx6|@%Zcv2T6!-`a?afInS-31wz1l(fX68o3VpA2>3Y*0
zfi1ffkXfuA9T`prWKR}rKMTIhkw%GIb+D$%^og!K&E7m5mXn0?F$QLf-u0%76v|dG
zM(+lY<JCzOC0)559XoB}6BdsCg$6E^uv9_!k{lUQxRJ|hg)qx<ubm30AbBh(H0T|^
zHcVtgu6^C7cDtRIllA*?=Xjn$&m~s}-R!>PTk{m@b}oqf5Qq7+UMJgIy}Y%eFWnnM
zf3|P~O*G(zs0d$hqwg<7T$6a9vj};!{8tE(KK}gpT!DxDuS*Q>(qN-)Lne67+4N2t
zg7+LL8Nfm6`N<Kf^KfQEuf9u+;STE$!B(o9Plc8ibTEYz1>B<W`JEZz;OH05PlXD%
zEJqz~BM!EO45i$pCH~*Swuh);lC}~HXOm8h2*5*ywOEl*(pQk*`bh@<yzJ$DrjMc$
z(Ws;K6vWo64edUy20^%)2lYu)of0s0WK@M;s#f!0^Ik-l^rqEnK)l%JFDs~M^`iL`
z$Bx4k$exAiHM4{gR-;*mj!u<UvMR6E*C3bTmT5%J$jG+t(nxek<mP1CuUoCa%ieg?
z;|48Sij>@51ai#LxOcNWSu}TdL-%icJ!}_GF@&WjND|4oX;5O7qduT-fX>5ZNDi^7
zFi|(;r$!dzA9&FNVnuK9VEU>l1ZtkRG&8)rZ{6gNcLBySRE4|MK)y~)ucos8#*_g?
z3<x)tXh1aR?=xvBjC2`|v<99}nn$ayrmnBZx|=KT6{G7RUM%M7cMh07;&*JMZw8lC
z^Otj=vdd9r%z-@aT9?!En^+U&H$BpdX3K!G{$O&x?z(UL1bWk!6!J+_!mRD9S)vZH
zL0SW54ElDM)Twy6>kQlM<((quIE@P$4eG9423eeYm(f(ComW@DU*XpIoj+HnFFzOi
zTz;pic&btvE>NQ2blL9j8QHqdE_ZKOW6$W=wS4Ki)q0#xC4X;-<E`I-t@5HJubS;Y
z0FQ6n#)u2DAMHckBdE3?d<?KYNWt=<T&PHY5eB<Wwlg(qaJT3nZXvzbvVFb&2cTG;
zB#0VxM-l{l7ctgd-LAMB>u=ON)0UVJSGO^|)DxxK=V8B^jH@{~E_&kA)_7t5+cy4N
zE4a6skMY12Cc9m{J1mtE{=D)P;PIlKGPtJqo>|k(VaH$B_+t|J{R>N4x9BI&|GG*9
zAu^1M_UK7*8oSWgcAc`2-mJ>_X3&Tb`41bC>k91a^rv#7eQsk$!J{A*@V?*G7>zLZ
z9WDo@O{~7mvUy(qMXF!QPi0#_Yoh~q!+GMTWAWK!C%CW2AHt?oi;*zc>$#%ip)|(I
z+E<eAaZ|DuHTtew?6V_BgD(mjGc~Glw<^d>e-)zcD>ZO<#P?}xK}m$Yb?t(UTu`z%
zs&rp~Eok%Ey<W&KS!a)2nX)l*eX0G1+En`(Wfn8`=s^v=dy1zkBgk<c%kE#AXLTb<
zW)Yt)T)k=#cU>L!jwJD<6UtyCO+49+0ZNk}5ixTSJsCb|4y`Hv|CNa>Rh`#yf#d?l
z<QciMtN^>kf1>oFBYHL7Y5b|^Ks-2kQfEB=35^rPSoDHDwCCgPMiZoqgIY+iCJur!
z)YUBA01`$_zi(VyNp`c>wEr<NF(j5!nu4k`De1ktC-ktpSh2YQqZ?x<5>ZG$DASqf
zTq<6_XoVCUdJ#kP3j*8lZ<cij#N}0YT;;b7;Ikp(B_%;dk3Dy%qz`T<4Bk#R$8XLT
zajP?H`O@sSsQoq7bmf`9-nY^nE<x0HbBFWReyMSJ-d9ExIWeF4jfkT}d!F#w%D2S#
zw$*uN#2`5F$5iJbIPv_k4vJU>RLE_?I-G2_+?4n3u=Dnnth{I<ipLU=WOX3udC(3%
zp>HG-_S#x?+v}!$E<xWDeB#KvH+>SnCiCyq`zW?b`~*3e#WFZtiR?OB&~6~J{qhAK
z$cMt8pi_QQgU`maDjqhq-ZoIQ1P~e^EJtI*!;zIgW|r}!6mE)g3zsqWD}Q*k_7SSq
z=h3V0|7T)dZ+he^ie6FF9NVq-;R?w448)iIMWV-3idggO`c92}ecLl0m2|XgL?l#R
zHf!SgPXv9Vf$-jHJZ7@Nnj^z!)kaS*x=62n$gB1FwsTJr)B5R6vv?kQVLZYT;QM1g
ze-6N;lp<s7$Bzlc4%`|~ow9GLygRMLO$mz96O2SQKo+YiW<Ps~Ip0wMq~zdsXoHNG
z?lIok)|1P|>+J-zi~SH=1{V}rS=nB_U|Zd$9Br2sl!^WB);a!zZWP7Mb$i_biuen&
zf5F_|$LMOOj=EFOA}tK}bwRsjc$lXjOe^ETc9)XE22i7Hlh)?aQXj#RASsn_$f5MM
z)LD}-z`ag-jjmw>s3iC}6B@{YSK7sG;OXyT;E|oyZcs|%?~*?#W~Xe}(05QmIIg;F
z<GG$wvpLzo|Dx@@(T2H4Pp`bvu70PY>?IJ&S@>A=_3*2nJqrX5oYLy*xOe;acNn02
z<9Ro`vK}Hrw#B=A`b9tmJ5J*j2T?p-b7}f78jKZ~B4Q=woVSO#y@^I3$VJ}^oz#mH
zqhz{T`lh18^)xvIh_iuROW#3FAD+gxO|x1PI&@;yUPFc@ab*xUfru{L8X8(q{^*1F
zPGmxZPpPxGRsQcZ0k=0uatk0Pse_o${mh~1v@8A8*32?HJtpE0plH7)uKa^p??V!+
zF{J4%?B6{X@&^EV=Z;A#EHsWs(m*JUvD@RqP@7YIqTA5-;SiVG`R5v#8V3K)M;E2`
z9ZusW@jMTWKo-mL(W53r$gUxkcH!zYB{=j)K!K&@01`t^LDBxv#_pETf6g+>z4Go~
zN)7+)pkd1xbcP2db{QtXaO2Q?;hCMOfdg~v&EUIPpFT7m0v|cLvqhC>hif$Zi%mFf
zS#~3nGRz$+pFR&daC;w`XpqtH%W5R9j72H767`viipi_W%|e?hpZBNsd`7GIoy-0?
z=))hcCz0Jh&eWi;7bBc9Hi{E%K)rFq-|8@;^mD-(XxyFCwW5I&@Auw+6UJ2Z@77II
z<uLQ`z>guImu|8*zi?UklcCStQxskDO%0gK?e3&<w|ylvqLe-ZMKvgxn9wE+d<1iH
za!~(<uLS%YvW?>U;>EQ^;>VDYv5O<RX+DQOF2;LFKJjQL4FIkJO+<tsh^~gDsQ^XZ
zynWs9lYzd5-a+lQ^cR3|3y^aQIlyl4f{H4uyc}9#9>MPTFD*bt1q2oKWgrJaHu<EW
z&FGB35+Bug`#%sCw^`v9hL17cSRTWBK;N{-(SHb|hhu@(-Vk^OQX5=Y;Jva|7X^vj
zmjkH_z5XA5eWK=ZSVs*;CGZEH^8|3o{=?8667Fw7VB*p@Wx*d7UeYr1ZrBN*7KjMl
zI9U<B@n+GD;fk^VN+{YRs|Pu_#S0kpJ1$y*HO<*zgj1{lJwlJKQ4g%!QzGEq0yI{3
zR@NgxV~Hy%eI(b*CVL6r)DvYv2g!3VV#1cq)<hl1*da2_q4xlrMVZtYP(OXgL(+T$
z?Uk51oh$(2q%GLhMQa;#++DmFF)Gvh3hAq2X7}QcfZqVS6ig8)1KM=)a*x>p{cQsw
zvKMJgzM5zQNuEpdZzcBt<f<D4b6o=tndQY~a(#4Sp4xua>xv~{6o;==$|iy}W#0h4
zQie7WX7318k$w3V#i{@7hx02JO_VNs^MqAPBc*y^j%IRNK?>VL4rm_e;r4kI-h>9q
zH#0d7JurIuwnuXxtpc}Gy;$=xW)RE~kpemD6?UMM(s{Ey<#=1DXhT3og38Y2BZ1-{
zcwJ-&*&z|ZU9dd02qnym&mMjgM0KUitINip!2s&B<6I{cDXY*H!F-s7<Jwv_pfe#z
zY~A7%2-$UJYMED&y7xzWAC13AxfUfXT-%!|3Bg|(0nilBEZrEmTe9-QqJMsbnF+Sx
zWi1vod=#Ce6=-lR%WBbtMl~k`u?s)ZD(WD`+BL{n?nW@z>P;j{tcf<vQ9;`g)NO-(
z<1a@Z28;pD=mPszCLp6r*_ru}AGw3+W!4}cd6FtVdDu-se|CS@2_rPJjUBBc0i}Ti
zi7SAKIl76MxVT`+V9Am0y^SG9^GB`mwhqGgfcIHWR*k^k)IhXD^O~U7jHN@!#$||f
zdQdKyJt%Q5?02N2qb*L^&ruIE^K#oe={Il7I%c6Bmcb__J&c4#ic&4Wm=Kne0Jg^>
z5x7hOg}u9#rkeNv<aK`xKk&M7Y-00P+Xg6x_*hDKAf*At!CgGNs?`CD;NJy;wa`Fz
zOaiwq9`_duaSl1B6Nca?$Ro|KrnAokPZH~5*;8<HYasD172&qOMsYS8yn3>?$RU}m
ze9O1EWGLvkACWxK)~wij7gumMOiRHkFsX>?ceEfE50Yf|k`MXEOUR@Y6j_@iILG`S
z`83XSfE&mkTBtW9b9a`ayU#T`@p#|xT%GU7fWUa8c7M@jr2c)h+sRgzV=<!u6;xKg
zRk;VZFQu~giiMF`O(A;~CxQMJH(Qe}2;uTan+>rfeE6f2wQIjpMvDJvF8p2HfB3L6
z;UZ9ql=SpvTwsdH+mm2Td4uG0ML6{-=meM9uV24l&Vis11#k{TP1etyXah)@+%(w5
z#=Z9XTkk-EC5W}GKms#hP~cPV{tZA)!_Sp2#SJxYKjn~(-YOdhJe-W;U@D<VP5oK0
zZzvcnD*UaF6^#z*mU5qXA6aFC-$I^ncZeQerNwu@VY&cqV$T6K`-`AxO8w1I-|u{R
zLXB`&!I<CMZQsb!92Xvy#r#giA(462141hdYOh5#gT;lYWFp0Qt(WB<@ufbqBYJV(
z-SStYUn^Dp0!XNEOvAhYD|f&NSBo7Ojpy;kl)ST~p5%4wQ|S;yT6Fl6J9ev+;3SuV
zSsg=XXduilad1!y=9k#fG52K2kS=$^M-3EF2e9Y|0E-IT{C$qxjtpP@fp(=pXt)hM
z<-fC`-4tPZ9Qv6ZncT-RepQmi1>wnUlpWdITC@uFw3=^;;9)dPzy+L0$P*uUeoM~O
zTF;gJ4ESWKa}N+h`FsMQP;)x?qBmd#+q-v85Dx%#!kH&4a6bT|jn_b@q{LuIt1g1+
zZ-nzw2Ex~E3cff4Wm3nQpdyUBBY0B98$@$N!TAH|9Rh)51}GJE)&^?t^t5C{o^gEG
zvO*7!kRc<bn&yfUQEho!*IiZ%WePOuTs1d;WBM35q9#mGbEJ85$y{zXWtc-4WIC#+
zaA6Oxm-=o7pZz3+2l-=^uWPu9hqQ#mTZzz2dzwzUbFuzf*gbTDL<q=#LE#%C;AF5l
z*TfB~2yIS(Z%OO3+HT_#t#>|u?OAJuvHY21D3`UsOjdw*nIiD%d%~*0354vMc|{(b
ztiOerX0p1)LBQ;G+q>nvR@(_|BuV0?p28YYK)L7ulv*Ub%&Q-0n8hlVE8e)h4?-9V
zGDzq9$WL|z$32auIWnsKUcA`G&EoUS1b65BmlWWp2Q(%RZhGK6W;(_^VG@7ZMk9oC
z?o(emZg={365e)UY+<dU>GN-miME^8iDUhSs)pFyTmWWxDqz2X^63!#OE>eK2Ej1-
z;<Iqqx7o0e8y}C2$9ifNEr%G8zvNWpBDC2M3gY*;B99+G#uSCGF!I2t$l4DJ*UQ{|
zb~?o$9-j3IlMe0=g2WfvmP9B7l)Lz-ztncN<kKPls$p$brA;d$K9Il4?96uk#YU5d
zsiIRD`g4}_dM%RB8iRS0bMpyABZGqlAQ?N`nF?UmYh0}CV?LI|i=Tekca_OwNr`L4
zqgyC!ATW){L@1@MJv4&stb1Qc*$J7zjL+cUf5>PrG*|(7rU+as<y%5g^EJn1Q#Uea
z{cZtqlZ=Q4hO5&K$WoA-;|F@%zRk^;1Var^i@dgh%(hcx-GxHsyi<Xaw=|-(q<3M^
z6O%V=iW@(E58C8_cjpXF#~EzVX9>aVbq!2oIb`_kIFQ6LvKtRx)V33}x7}T#@Vo3u
zz)Vg+L5Ncy@rJj*8Mib2%U9oBx!=k<|6T2eTeA_(#pC_VY=*q61kOdQeJ6lF|851-
zcT&5_iD_pHkwPT!$IA+LO-=?;1{g6q1;q1qpH$$sMFLfs9VluhAtgm2AfOw;%(B%1
zzFkMEM(Z96E$$23-V3x5lS4iydLQvs5}hJESSo`RW+}-^2~+4^N@&(1{c6BuiqJoo
zJM^1u(W)Iu;649YZ{X3Fz%<$F#ShB)_=5V-jkY2|xTae7HzJ*N{=??4jc4_yKXo-q
zrjvENU~!npJlax$ev|z4U{5Y02#eet6(0C~A<C3SU`T<xjMLal`6PUxja?-Gb?8g8
zB@M07w9LDPIY$8T8Wa=L4_J0@vB4*q+@cWKB)67JjLx#tlivNZftKuJt9tyHG28|$
z%yd!kKirHx;PRn?l4d9s_ZK!dm2NMbJMV)QeWAK<&e>7xJ@He<Td*IG4P~}`ED;M)
zT-&05N~}U*q*VLp*V<_-GZ^}Ovg!=7*;;GDTAR6W=iTXSur0OfZ<$PU_g%S=G^f0d
z$F+{`2peTg6G#u@!zACFtmfj=#nRi;)ua<Eov?u#FgrGci#exi)&K>Flj&cWQ%f=u
zzCLt))y#PCYX4yD=sY$(Rm<P$!&`j!n!hoKS2rlxKiFj6mFL(CoIcu;<Qj2ot)7&!
zNI*2o$gTttq|Gb|Bx*idWii2Ua6*{2GA*4$ymX=9yrvjQ<SvPtkk*SDCcBT&uL>s{
z-HNQAK2}c_yi6s}8U7aJKm3hDwhcsZf$Q{v|A#-H?hTKQ&Kcg#vR+}$&Tn(R47WkK
zG*;2SbpNGNU$>Cj*q>-c9$)gM^*=rzHTTndRrW}keC3A*Xj`#693Ae|ZIiW^=3qS|
zi2N0E+Vl!LMGu;?M2}><(WoX@ZZZT|M)xMZ$qZOfew5~|tElUKNI?0<WUY)K#tFs`
zVnGAZuci~ZGGh^SGo3WM-S^(DDEs#gDtWb@YNC}eUCy^w;-7M`8SP}~ROlAmt6^Eo
z-V_bVeup0~m+OwrQQ~8J8H!JIeM!F~oU#6?aQ)Q6=xF6uW|XsvOm2`?#K^ssJQ|_?
z<zo`{PZ-ecU<0DL)8Vx26ac<i@bTb-2rQNoL{kdNw_fFP-Ncr4Y##VjZ?ZKZ<FkLv
zdQ|uCRlSRoSiMHY7Ao}6C{!gTZS(Gj5$WzaX>!@`2It}7N)uVfy;-fq^8|v4Hkzzi
zoPcPd41(V{Px!f+_x?os52GuKZg7&5lGKJH9llG(Z$(4MUiupP1iXjK$sdCoW^%{m
zbjk0UuBgr7Y7B*R-r%XWw!%<RIw^4ELZ9N>nv~kwZLI2hV)tIbSy+5+w^2E_Wfl-H
znBxV?Pn4CFEs`8(f~UsY(k}TwCI#OjeZ|C8B_1%QpqGQA6rrNHn2oD3$-pZ{O-iFo
z<Mn=fIIdg;P?ER$IsVQJ>T_H&qULq+ay~HClgM{f|8nuqr3HAH5#q0}b*H7i$@vn|
z3Ah;2M^ZqDDL=u(VKJSY7i}H7v&}rI=!w4b5pT-OK1#?;*#)Z62yj-(0<Z-rZC{j<
zuUBi5aLSUi*WsqqD*z*2MK-$e=Xc-yoD$xkAoY~fZ$zow6J#1x7OR4YHHgs)QBOGH
z^?UG1=gs_D2>J=#)>Bm!Ef`16CVm*D7~l8sOSfJmJ?VlyWaaMAKUE{FE+cSqI+rAa
z?=;dhvtQEZ0>7AxW?l{>uxdCHN}6WYi=BgI(1I<dUnwd|gIa%-feK0!&EOT=`8jc~
zb3)doF;KtL@Hpw%g-<<!r<*#!mxA3al2p~oVaKdU<|PwIkx!ph>r0xM?>@(IH2piU
z0I#?q5#fv-sI6rBaLHLDdE9~0-n2j(Dr>C0{MXPn%f03}Gog1*rAgu4%Bv%NIju9R
zLuVxoU2c%&tw2;O3!f|ySu5i2V)h@_1N^jk5QpksF(T9U9x%Luc{G6nVRmcr8WvMd
zb_P=V_m!r?X>AB7++Ba$yBkzqGgFd&#OD<&FjHl{I}mL?S`|-vX^i<z-D%&Y{DXdr
zCmWx0%kykQP8m<1i|_i8gkChJ%vv$u#&p{ZhQCcH0v+gGk?#|jD%39m0yZR}qstQ4
z_p8^T=w&(ruD@O;eoXj!la}Fy%%R>EJ%EU-!Pinl`Fts!A6HFVaUXe4U)gXKak*0S
z2zAVjUi~L~3J77q+(dvnv&LfV&svG`=;{7nMEq8NSKEd0`Z8O~4rH;GT>qY!u9d@U
z+pZJIwk9SB3JS__l^&z_Tsg*LKfkVpkicMa2975o7(3#r=;^a5+Q?#cA1c^k=bMkd
zc<`t!5Fg!Z9GhKlA0)i<7p93k8lRFKK)7w7J4Zf~yl!z>HYLw4JtfM{wyo}WfinZk
zhxZes=?wIdS0cJ8xI;?uR7MD*t_O>vFk2~5)kd<;X0F;Jfamnx=qZcx56M*Y?e;Il
z3aJwj-zR?%qtZY=`{1vPYl&jo*b3a+>P~-SYQ5UD*7dR`6}a!d4lN`_aoa6P%oKA>
z$7eL)!Bbf;>HHg~;`%oX(a!vy1hwImS>WiTFZ7$5j%c;_0I~r0+2gfq{Rxcr!Y>k$
z9+&c-*Ha#@rtSRUta3c=@C%+-Hittq_w#`uy!BLvtE6Y3ZXuvz<vzex*bC3V=Zg7x
zCs#M8*VE<eUzxNEiq|G+l~wGABj*MyKYWBk^k(ju9T?g76z4O1aZ9Eb(~*X<x5p-y
zFOh7Qy7l!?tGq{_Lns3+V!!-rAuS;ozSp3>t+&Es(hDENU7ReuO{%-|BI2uP(8PbL
zjv-YfCCFNSEM8zx)Zo7QvXUxsO185+2W2<vN@OQ8)U1G6pH&?i2<pMTQc#dGH>b_X
z&E<60h}-D~*I_)?HAjnTrd-Pf;x*iiT)Pm~i<C2bxBY<n`z0FIwPTEO_e+X?{aR(r
zz@zDdCK8dN+QeM7>*)H^tD=MD&Y0mE4@J+Lai4O_83UQQi~4~21{brN{fK?cnN=)-
z+hN+5R-^F7nU@&d!uGayUs(4Rg#=EAY1cNsbgtlkFzGY$V2L5jttRHRcuCT-f!lnw
zhX*ObER}e^<}oGae)5w%?^Y+%JA_=2g~fp}+AgO4nzVj*o-K**uefAd>4lTu%x{^x
zw_8fd{z{0OJD*^$E_(8}e4<GyYQ7hv$1{?<Z|Ea%pI`bVnHBUJ<bi$wp=ix2Q#4SS
zG7_jbHjffsPG2RKBug>VD4OXx<|_|<VGkQ2QKbmHlvMbe#qfyM{~#mVi`8~O{bxdd
z+Kv_K*7(zfK|MbQvmyGj0j*O!i@=G_c3xqlUpG^(=S8ICVx7w89kyoVdy98iWxKPD
z1pCcbjQU9zm>KSydq$$PW+**^u3wLimm4_PJf>Hd9fD~TsTLPo=QgKzwP*i)WyojJ
zEU_YR@?=?Ys3zsSVq?@hP)RmMDpIcMtnccv%iaIJN325!iMlaeo&>-5)prVbIU2}{
zibHIQnmOjpUW2lJ^{_ccXLN{cM)o&X?-DXdRb?fpgBJMlBXqRX%bPG`yvuys!18`<
zQ&CYgiFezOS~+Q!lXjznfng9%zSePlV{N(CPw?PRDrv6iJ8Y6xONc4U0_5ITMDjaz
zrhs459j`jucEL3;gJtk%72K`HdLKtYu@m;&WpO|;KaK$+sk=ATfD<FkpWVsYwHLZw
z)*jcufQgT<dD9a5rpI-k;F#qL6?Fn{!f^SA$d+?lYJ07LA;tH{CrSJj4*Up)Cfj~x
zu&4|W)GB^=^e;cT6y3*6>J!uYEtV??<tJeVhl?x!0{}i~)>z;?=dua~C1JOYO#gV?
zp8MFLSK2e+u{VCV%N{X3wOHQnxo%KWnWH!HBKwrA5!mt79>-5pAG3lgXa8$_s&Y$X
z8^uwu-UI@v_w{Eid51x4dd&6#pVBTATTe|!NZwwjVyhbb(saD+!4;wbUD<1{;jg5v
zh_;?5oEe@6rOU-x(f2MAkPW$eTm!j#$uORLs?5$=0u^!{!Tsh#ZE7)~MR$^f_MYca
z2KrcEwDebmk~xw9pOHq(sBzf%fhqd}OxgN1^L)h(RUzsG2l70X7>^XbS&aavXxyz^
zksa4^hl_90)jx;_rTE3EF|n!=K#@!k7smo}$O4tG(abiREq7}H7!3k<-w$8v-JIvE
zU<M3DZ+_F2&UT_>5o0z|ibhELMdv{ix`LVwsoQ=!AE>25V?3QmN;e}BLmI_0KTo&(
z;XInD-s>%f=k3UwYKxi2!nX${pUBp~;-uQG9(b>DhHdHDzn5*kn{E4;oDoc;pAz~*
zaC)gotBwAiMTc8lOzdzlal{T}+}38ZJLYNbQ+?~7Tpvs$erBt@S93iai1}S9k2uR!
zo_f@BOwgXVa0Tyz+L+&8LHo<<&PV54qz?SjMaW)zw6#vXiRyOHue*oY9Sqd>vhs}%
zaE~{d3Iybd_xd>3LUG4iRygtqTLLxTi~i(LEgfjYsf{GzcSZ$u*ChazH(aE_GC`!#
zkTCDBWa46FTv~a`0wlDCf6cQ&2T(c0%4NnX|Guzar+E2(TnzI~-agii(>x>f>qzXv
z>%&pr`eG-KwG9LBl;{o8dug^~%WKr{_b+aJ%Y@yeUyD$#^^&w;LZMj@vCGtQ&))))
zR5G!0Ihl(02yCZ>z|)kZV`smun_HNv<3?*FZoe(PN_VPz3;%N(Iin?GUJsLSo6sF*
zvCcI}F<8%II>x~!!3pJCdQsY$Fm$Rl>=Al;#?EK=&BPeOmlP>=R=HM}$*kUt^Qi*j
zzfNjT5_y02{`~$i*2TCdVPGx)+F3#6uDfSpu|y+79SZ`pOwF@1j#G5=I43Rsf=(*1
z%<OqKxJ~^hAjZRuBE`U2C^nEX%1vJ%y}N}6)5lgf<m>&hFnmbhg;j#tO)bi2pSf_!
zGSovYQXB$iCWsS3U}E|fc|L;&+1Vdz`4kSZ0whye=VcJKV*oVn-?77(<zrG@+O}L1
z9a9r(VPOo(AV~-^dTW7&TiM!r+K?$RzN1~LzrW||+B$vWFh5?!+CFL4P2%x+-gX=}
z?uPq-1)}I4MYXnJf^yLS?JX>u1NT@3MJ(C3&VZoIQ-&ezv8ntma+%;YkGF2K0%qtv
zk=v8I!^x4*!U?6<lKSdfhkxGp>QvjrxV#Vuh-pg=_)UqJ?L6n+OYr$mVTbHjM3;F5
zstuKQMZZ;y_oTEfWbC^64VaUjAQjesasJ5CL_5JXq~sPn7msK(#ArFO1<D?3)>;vO
zvTnn`&UBa0c`FQ4Ot0Kyu8@CwfmhqSdiPpCfVRU|mt(ZHbzey0q$^3U=C$Z1J>B?&
z#nvt)NgryX--esnd`ti0wjQb|C?L}ismcEHbcY+ltv4cyX>6%+qiwTwSoz0GcKQfi
zuT=F<7{8g<XATnk#8Iz~E1U=cX;Z#1TA8PfV|{pdG;}=WE{PQM#B{@6oF$gdL|v8(
zWn)ZYVDe`S6!T+rW}Gfws{`+@S8{R^O5o%;Ub20S-nZ%JuY|Xw@3OUb<syOdS;34<
zXiw>|6txV|NaV?qsJHnWhGAdIV{Z`BpXd1Uk4kW<zJ>6HT8V#T;T0;oe-U8)f^uI~
z9BQ_@lGr@Aqw!9<DYV}JGntO%wEmrogM!N5D^0R2YEWjjY&(88BYJe{)2ExmYiV67
zY)Pp1>5@*by4uFe^+6Y-LP579x=LN`h1Gc$>=Ab>57ikO{warZzsXQ5s_cGHZ#gcI
z{r2j8X5pJ807KiEs0zJMobYioLt)teEx;)ObCEU5CaYd9{zC(98CB0%0S!8tR~4DT
z?}Dxv-5}fWQ4@VX#_I})8b#MahJF6d^LZ&Dt7b!5ee>vwN#1qBbru!d_cjvzFy^_^
zE^$Qx12Jgp)d^*n)+<>9?VZ^es)C05ggc=yXz$dg$)ArduGQ9_RJ>jY$`FDQ{+gSe
z)%{tk+~6T!8?~iO3pvf&^U9nrzVBs^br<HlWz=+QDp1NJ8@08rFoRu!Xk&c;!Y`c#
z7DrSLGHD$=%kVajv-eSLBMhN4Lv*pdC#*`amY8!#qn8uZ=bNhwt=Gu(#x@w#jr3}&
zHD2|#Nvd7s28(jJFhokt^}U^#XPUkGVSueEPA0j49iu)dm=KEGTk|Zs9nr|4^+$^v
z8CQ4@h<s}{yRv~J-fvLKQ7^dbv<$_$j9<<8R)<ZSwn=C!_}XJ&qTnelB#MvY!IL%}
zDM<k;lc4;IYfBd^n&d~8jWw&srPNDnZvs=f<S$mw;`;)MF4O-{dv6(4W!trl3NBy)
zDxK0HjdXVkQc6i9NQ#0;DIu{a0qKwq1q2Bt6bY3Oq!kpA4hbpgRQ9~M@B4Y4_x;|z
zzdgR+pM&A>2d;J1d0ulK^N0yAean-FRl11p_-DbZWb)~?07;9F)(6e4v3gQU3+7gz
zb0>W7T469@`D?iu>$_o|X*DjVkB<1!61r68dfO!tF$5StPkuk9ouuNXl|dh-uS2Jq
zAQP)SmeKh0#!#uTZt9fV@1@|eC7my($3_n+JMjX_Y=W7s%1ptZQ>tnUnQ3+-wGLU|
zEUTdG1nV5dQ-<9R>t|{SllI4}^sl$GKXukp@86rgtjleDO=7}nLBoo|-?<ylMmOT;
zgjyM%jjXJOhQ|BmP(l*0bA+(!pF&ASwuMY`lBb0~5GiTRwi%-qggCuSnS*|}54cVE
zUM4<IA7+s=UPi#jqeA$DTH!{-E+az;_Mo~N<anY|?2%E|J3{P2GR)I8maS&*FB$Oq
zSIN=oNs5X-FXEhU9x^4-zTo8WLlq}$1!(M=#uHvpg#sw@_O1NSp^6H^{!fg2?LgRa
z(_T98u~(tO;F@^XXYmIbu8IhAFdk>UASv~}F!?Aub!t<+T)zx260S?wM;e@x;la+h
zOv2Q9yfRB9{-b3JnKVWt*9XVlWF8%ZZS^vH_1jB)RfoQOlPII&iAvD%+}-BI$H{At
z@Vo`2-L#aHFv$HbfDHH7>mSa0PTgbUI&B=2@n~y#QyP!o)zmEYPNn`3`pBPC<JmRV
zZ;THbWJzP3jRRgZ+)TMRm_T%HM&CW&%A<Fz@XcT<Uq0VY6qiQx^Z$A{T>q4&YUBJd
z!^y?DRm=oRsg<<l2^6U70ReI#jM9S&NyM>VLHxtWw9eGCk2fp5hVG1gc=yPH1H#N?
z8}3;VRo^u4+E%;$HOVngg+Nx;X42l<((u)WDB08Zpo6P1_;zB=;D@jt1&StlcP`i;
zf=7ayMGS#dY@$Q)R<`Kw;cgoZ_pbVse-zjqS^q6Uf~jkx_`=grVUv5rcRFm$v01Qz
zzb$e;_o(rbM3(mzA)y{zJq>j)3Gsz!P?>S^#Lk@b<Af+JF0|dAo!xoS&DJ;PDLi(P
z9g4d}H=6*?6^#UoRyt`ftzC59*MKVdO%gX1LUwn@BpY!-&QYk`Umi%DLw1PDKqe7)
zcN%Z1G!8(W<b1+9Ev65?4o#m)He#^1x3@uD2G5>t>(5iJ`I+)NE>In%a^}L5A2ib)
zLG;M1RlO@E=A=fNM`@jBCKm#HROxC=M$IK7$$Ol7tnsJ%^d8@&aJ&<yNyri!8Y%%Q
z&ZDEF{>tmhd~a?rvQ3I&?JHcVjqmijS{B6?7cU&LaX9fPltf9oSIQrmwMxNDxcR8L
z>YJ|+p4xZp*-lK?=^z!Hf|kLzt`8lG%^zd=FFE>$b*7GkA+{|*`sj1#K2%<B@f)VN
zl^FOFRXwgo%P?Eyhj#oCHP4g5M$p`eUiU=Kygxhe8BX4$W)HX1#|HO*xBv=%&e=P&
zGRs$bigUx2t%XVTVvq>P>6w`;Wu~HF3|eBJ8g@y62m6uBlaG&a<PP0Fy)~t1RT~!P
zUXV!zoTtoX=Y(`tP6mPma^oJiv!Q-0yg6sOI9hqxtSPYF1%F4=2on<%2LjFKS{vWN
zb!F@(;;;l>Ew5meu;RDpTc7KLtJv4aGp}J`gFK%!xPKvEj{$unsyOQvzRAA!4Tp)|
zY}qJQ^+&nRUrHcMD?aN=zc(RCT-D<IF-0A{C`j*VuW7@yRQ9q4B8?<LW(w9a*eTFK
zFP5`Cj=zDW#<d}!C(rV(_T%YjAtJi)HFQS}8E8<A%d@B@-Jh&U<=c_=M+RmZrp^jW
z?$49;C;d53Hfu%krNrQhO72nbJl+EeU2<?ECwx41;s%C;;sp<LIoj)o#WKVy;YR9X
zZV&k7NGnCK)G>Mt8_?^zI9V;y0X(ydT4q9%U43Ld5HzuVnEgW{>v8aCFkP#fxT>S|
z*{$2Yr%l_v^qL$_IEn>`nLK%Af~3xB`sacUn)e5yzYXg&m15VcbdkJBw&Z;<3Qc|@
z^lBoYURv7(*c0!<P(a8gB-ni6cX%=F<+LrG&UfRvWn3IofoDtC9oy9Sh4Bq36dtDJ
zCBYx5Jv=E(_hjx`M-2SW02D8*C|bLyzNuNdS*omo8%A}q24vmKt=1?+^YZ$&gn*J`
zW#p9GrFXfg=iKPN8#y16k{NA#a|YrPQw_O(=fc$BOFqZy;&0CM_Ue-A096X1y94VB
zRIg^1UJy3CZ2189Vuu~V`4-YXw+iq7@|3zWOxwxpzT;0eJbae~1K1dJdRgA%P7dT-
zNKP^iwh=kT$>iCd%O{oYvAqyNl%`SLlU2LdZ~JBz#!D`i7;o~PUzvV8KN-dDI#X2i
zz`Oo|7_vWLF<akL<kXS+9NCo>>a2R^u}-Ed6RCvmB#0h6hc0NR6XPS@t-+;t4};yB
zqd9(c%{^x5^K(;(AmyUF|0C;m4xdbNJm!woMEK~Dix%Un<{80CX1IZkhz*C7?hDo|
zAN$+!Bhz~PROg6x^hrPL9SUZ>Zk&+X8dsb|a>tt*m&)tWp-5-p!hv=@v~q1_r~h?-
z4$r&ptSzogXgc#1{*eRsVc$LHMQKO#dYS;A=Coh|X=$^%bWQ<*e!I8VU~;8khFJRc
z`eY46&QoQn226!+h9z(f-U%lkh`d?PIh;|4hMQ8pKkcZY0Mqwq;u3bWou!m$J?)HZ
z!0EI3+<o60?i`yo$oTVK71pJ>N_=~y_AJC!w}F*%68liD;%Q!sH{_`nUNl~7<1uEp
z>u|2BCnW5@L;?jM$wA(z%=9T*fBvQQd+e=+Pp7A*rkd!mVQ-nj|7J=|8{j3OKq`QR
z^-+j>SdG1_xZ=1n;}l*v$PV?eAf>i5HC*M8Vc`%}e$!jIE_o)AXsT^7)@JR+iY9%5
zDgui1LmEH>%<8En+;TU>l~$kouha}NVQY5+oB;7SL!CiBCd#BaV;%$AdxvXpF9Y<g
zF3!zO03$%<7}^Hh*2~>4x7}fxU&v87mxJ26!1Ta{y)JrGnUlyD$;@HXV*uIt(AO|?
z-A@HSwqMr|QHzuf<hQPURgUyspX=+hUYgQw`w)Ert$ITg($c_jK?#O+$#*CzDW?;4
z<=(?)%H;hmV7-mX2ViFM_zUsM8d@npQ}mwjr-BshHu$AT@o}HiD<iMkU*DPOulIIs
z*d6ypQV4By^P^skd1ZWV_um~0hXig2myPeddCqs^H{_hVO}FA7K~y|DG~Menf_J7>
zL~ea2&k(!S3|124(oiNXe11wOcepI<0g>bw+4*(<y{T~YS;P77#6w0nH{%1>z<J={
z5g%V7SUYqSHEn1t0rLUi6bF+H7p#XmurqNstH~+6yn5wsm!lJZd|pj|-Xg_okwQ`D
zFcs_L$gyj6zp3mpINhdBOTaMT@ywM1HO1bvsE!2ADGForJeTvyET7(+xi%U`eqR}@
zr-FomX7K2U022b+)(8>_a5SRiH;;h5VJ0t}q50bj+x1@QHF82}l3U<CkS5|pihG7S
zSB1eFQdlT>j5tXyz1SVlmCplvFHQMWFm_N4)<gY3!iu@{3z=A0uv4u9Bm;hL8{3^>
zF&}zv5|YegY%|g1Z}&*oFU||zA2@KMjnY&Pz+HsYO$B{k)Y;?H{u%o4wsLq`oVoOl
zGFZ>!yJYT_mCMAljM0fs9B!s0ZcRLDWKhFLC`lH;R0UF)A8y9V9Tc-H&o0+xGLu7$
zu-;DqxwW6MHm|-}D%S^|uSWPUDYwZ$Qi~+9Du=!>l|8ZBqs4S5L9V9NjzNg?30wy~
z7dUg{{ZmRmW!78CsIr)oh=fL}oeCPVv$G%V?fIDdZ-0qnlPEQ=_yD0#<<(rSejxZa
z>#Kf#lKcI*N}aTlJO~`9fC@wfUS|%Jl9zjUvzW2A@xLh&*A@@q5}ozK<vU+(Y~%BB
zk>iDPyAto16j8Wtw!D0imtZ<mcSnZ;WGBytC~-k@faaDCD%+*!Ii$wFfB~o_5acLc
zaH?Xg0KGr4S9v78`VNkGYJR>*<qsXp)%*t=;zb@LcQ{DY7e|J(l`lzgB*(usdr9y4
z`(PV}4*InPonnUSbx@cl7u(#MDPS`2r5MQ01~_Q@Nnex3J8aY=I?4P@yvUdsyQ?&W
z-5eGWy-Hg7hRJ25SlIH-w#8tq)J05YSL8sufYZm3Yc;kc?i+Uv+FV3n{7<fl(rtYl
zA*miO`~WVfQEjkP>ll&zQ6LzfXiMtDfq$(TvMfb6KR7;|Xp5J1P~^PTbhL4q*Q{2{
ziS^SZl8}V=1}sq<eI$31q6^)h<au1B31>?3dTD5IVA|mG0ua$AwOEF-EsOCzh-S8E
z7AX{ltssjda4a!!7{5DR^s)wu>A`47aB%nPxpojFPAX#?QDOv1&i<M!uIT5T^CL~(
zc&I`kZ?T1|!c<}idjuI7S+a1z?&w{j?0a)G?E9V2F}tlb?sA(c*<};~u4R6i+2Qw%
zkz)9#Uq5HCUU`%oS`v=@it<MrZl!YL3d@I%iNaCtwFq*$F!(Hybf3)E9aoT#ZzW$C
z^GK_hh4*QU3O3xak|WtfUr*Ibo!7`nNjvFs8fqOsv8XmkvE(`TaIC}yeucYGbD{Uo
zrFS-{+0oD^<PMmA8?wvZoosQBjSZ%ce>9oay-H~lMNX+Nc8~G)g2%ephnF2Lks}ei
zb4{4WcJJ4?<q4*+HiXPc+!G`XUIuE$-+G*Y(W;F}X*!R@_^88>GFd9YK#lZGhnKc`
zl1}aYl-sN$YIZ!uEj!@P-VYu!Kjxq57jftJUZES2&w3TDX|VntkI{f7(fz`e+9;`2
ztxSRI!3jYIn4%k(`EL3pJg$a!&qLjW<fKrTuR}fGUDf^~F%S!lNXubD(uvcm_5M~M
z{uHqRbDWhArGxv!IDI`#=22A#mxNi~Sbv~1dZU71pZl1TwCjVNs-n-*i0mh(m-v>A
zGptb6yl(h2ok%qO8;7j&cAtCdNRpx8H+kya?R#|I=7+h)UVdM$B~(Z35#V!W#JEr;
zN9V-KY(ylW)B;kT=RbYrlOoy#GI#cTj$L$0)6S({zD`4`AKOcn9NS>Zki^Jdr{(76
z7I~|DJi5<V%PAE#cmaG&#IAg2#mXRwD-+vLH<nZNl;g1xKI1Wjje6Ldt?X>Xe6@;z
zn<6l|?mWY6cn7h3hj9ua3Jko}o4$}8Gi-3b5nG$uG2qCO3?ib`ddKLS$|`+vWMxOf
z`&>x<_@i)FA6(I3=Qk7Mr}*ebE`ya(sW}nz?y*Me>Rg7a*t>;O1+jg^aT4eOa2gW%
zP5v25`_w>}rTA!f@iC9Y4K6-H{Ir-r^!wRpY&Hi<g(l-F096#nXt5qj+z4V{V?NrQ
zz2b8?UU8*H(=fJhZ}72-i$o=*6~8}TyMAom!zk%Eb|D{&!}rwwzY`+}qIQa13q%rp
z@x)!e<<iN=l`^G^IN2oSam@%E?47}h3K3+7MW(NF9#0$l1G5`M)BLcxU+0!aHE`a+
zQX-)ffA1<fW!0iK{%b5cFjKPn?h6}?UfI4(+H1Utia*$;wHIX=`JO9KcZP1ivXZ6^
zk&0FD5xA&seDj=RIBFTO87UXmeXF6sj-5cWy0th!E#gSb!m?+bPimCDE{HWuo1T^(
zex&5d8k~H#{`T1igJ*Xuo~PSc6)`>calX4z_2S1bT;35OBD3i~t?PpY?6iZi(W+4g
zx9%L)9IKS#((_A+I}C>^w?on9hkRR+k5eY<xvs)h_pbMU4z`zCCMKGQ-h9n*y6MCD
z@j9u_e4a<G9$#ak<Ml+-pjs^%WyRtjnzmL*<uOT%R2~v9fc&N)iJHZpOiChWPxdh|
zAeW2}WXA8<>2KZg`|&)N<e>}wEhFg;FN6byE{(N4X>Su?eb=$TVKlHzMi766mxzSt
zD`VW@G?c*ww+ltY>(B0$a73?rrFoHq&Bb^*ZS9E}(KhfyOZt*1HQpJaC@)$@&(7Z1
zTAN_}^l7fw!=W^?DyYgmH5aWY`zqWhY#3o(RlcNnKZIZ?3cm1i{Vwbf%Vy1m4Tw;<
z`SN)(vJkLj9P=})62>AFWB5?pQsi;|v~+o<Lj8prf#S<#TaFfQH##i`FUcgXCEjFf
zpuSqC{i9q-Qr|ILNzpOfq%an)ggq;G+tkv`_-MSdMy2qY1SfLnBED)TbCUw!Uo$__
z-nhr|`&a4rp+|?8g#31Xd1i~2=O(M1W_OBaixt#=W+i;;)AcVsA~#|`Xeus{h>4w$
z{ByvDX^YE}mII8}B|x{~e)q0t6!Al1c&DrK6T7YJI4tQ#E6RFgvm&`;UpUn+)6SIZ
zekn0hjFM9PwOh3#3zu%S{LI&rOE&=vXiL_1M*%zKLM0d}MsO|<6veU-)bRhd$_%Ng
ze{^$<?@%ASQH-`L_vDouYuPkxNk3P=)$d;lN)@sWFDoF&I9JfZUI5+48e$IA7e{&N
z-B%PT85yE$fvS#$lk?JD%Dh*8&+p|d>&aq2u435vmZpLOr-@c7B?l7JDp$2L0IWZ|
zKO>3R!pNH5T)wl+W_=191}m*EY}=8+3If$^l3XEneq{dToGb<AnaO-XFbhGM!3je9
z|Mme1dKaL%(BLGaqkFy|0fuJk<<8;Yks)l(KE;=7B=|l>_VOjgg_WPyC)T)nh;i3}
zmJ>L9sZK(JsqE(`Q{K2^3Mhc{sx(gCT!-OGKfPjF=9NHrkh@fIE}t$lYhm<k`EB^a
zh1?b>>W}dsod|XKiT{pa`Smc6Rq0y2*Dc^J`q*_PelSHh>-0F!WV9dVnbws2D)nL}
zykT@3%jlMT*aPi@p2R%gG5aIFEW!H<(lWn$Ofxn6-iP@|c64+7`d*%bYfggkiXe~@
z-rX$?HWK{)Hnlnp{1W*%t4_kx++yMQeH*SpYHcog5cCq$(E2TmH%h~fl`qN2hnngy
zO`pnmupMH4HqKbjVA)n-d-J1wVa0e9p4_#<x-~|*Z-l!$PN5f5m*4sOo7w)!33qEB
zi4tWD7pFJ6fc_DDFOuMU*)`7*Ak&Q*3H=6#M1j+==7qaS+b?0`UO)!E;Hd{eJ>YF+
zuo>^nj6U>s#xUkIVd3dM$(ymApgP?9ykcxK+OH##koicA$iJv=?eq2U!cXX}-Ij`D
znum{X?k=)uHQs5EQRJlRYA>2iUk$$JdQIXL<i7wCy3Jow#AI+YwEx@*w^bbsxnxtS
zRj_N>enGP|1F+S?*Rt~v@>C*unh)pt=tp74<ArJ)M&*!_naR{$mPHS-?{Y#Eu@fGW
zAI3)UMU}Dju6a=MyrOUEADZLYR+afPb0Bs}v+KjtZPujY!$UnG+y)W#VQ@&0FE`Bh
zBMp`DK6kBghWfUT9e;jH$gj;!@qGV8$EVsxmRRHIjWn*u)iix))`Ht{tseahFl7Fu
z>9pJOvvF@eysNW@;}%2Xi_<%dy2|aBoozqOwLDxIczo~m23P<vl9K#hjvr5}{}X4^
zmHL!d(Q&9aSJ<I6oAn8JPSr=&o`Al>uwiB2vE>1B&M^l#lSKnZ*GvVi`^0{#X*V_h
zcI&=NNlU$WdyGYf%|KA%-o_C9o{yI6jd_a6`E9&Ubtd%HF4U228L^Wo$NcZ4iOfSD
z?6^i%K_0`BU44I@$t~50vWdIcJhk*~RjhAV*jcHpE{;V8Wo6_Vy096!$UbbXb{P%0
zMcCFmmFVCG{GDRUGHxl^KaDK7Yjx!mJ9L)~4-(LG9E7i!xp^zieeob{cP5S{|5rUl
z{T<&v%7>R4H&@!ycITOownmw@R{GHwbq-Ij{W(h29ePv6G$_oyH}W~u=je|aGPZ4P
zr&kE)H=g+xuk5olu-4yTmqB{Q=+B!|iQ_rfjvnxtzG@>RlUMpuLe-mkpRnhIy>!1`
z=pQyA)G2cMrfgVdB-h>s$nLC7#QyE~IW+3c$BH3s<grkhjLCdWJQMEy{)hI>nb2oT
z<m)N%iLu&iV}&XN6@Js|GJ@3wU~jO$f3ZPgo2acjyH71oN2QXboBt+p(9P`ZNWSm{
z=J@s%#xc)7H%GZV8mswJTxB2jQQcBjabzlQ;Kl9ptEW7!o8dm1IjG&U{zEAvR4i+M
z++;=ayp-ddacx41oi1vkOqRb*cj?^Zs&|0l2j-7X*^Kva=3FH(5By%AIehzCoyNOM
zP~R{6$p>ci_9Fsh*uQS8K4m;c6!7KfSEqg~lkm)$!rtSv2(L@)aDXVLnPSX0&!VWD
zle5G4XDVgPcoPXYhOu{?u#FY4%i%TRkxae>%BCcZ$-!s(9ne=nuS-lxSt!ZQhcorD
z+ND8cg-9g~hlQg;FLE?e!mM&#z=lPMY53A*s^RJ3m5($&j@Htu4YEgz1X?C9%%0UA
zZC`)g;3VR{5#_eCd~Yf(F2Up|-DR=i`1jK^A6@TOmFzw#E~S;e#z^X&37j^BXG-sr
zYjv~R;sLR(oJr6aj64SUy2dl*&)N9An%f&neam%4o9iW?XFG>C*R*T%mOS%E=eeUh
zr@Vi!HCS)iY5ch!J=IIFI#zdfm*_1+RjR8}R@wpkXkTAf+pW{SlV7~$)yEFbl8}=J
zGck_7r7>vaHXZ!($5Pj-x8|EYrhf?I1Wugb1_9Q53v$A>P=&a$0Q!Nu44uD4y%!J_
z`9vHFo-*-f8K|}9vfY(TNIF*+obOq{$^I<L94kIOKI#F{VzCMV;~$TwFYQ1C|E<rM
z+f41L%kdunU@XD=^+DdjXEf30Vs)U$W>uo5n=H!2CpXi)ac7o-y1x#ecBnk)PNH#v
z>Th&gp)zr=sjr;U-Y%YZu3}lg&`P8a{iolbNrUx12pzY*Ul^`sp3S^bASK#=+?Mm=
z_U@gW-lB-n#}`MZ2joUYEe)<k;HjN?cedqr3!nF>_m$1onRbE6&J^}PKohgiQ(s#e
zTPgW`Ku_zO^W@oQ#d{`T#eO-^<s?Z$jtQ>7>0%KLY%i9$goNO&Ef4Ua%TtR<Fk7mg
z%zes4J~gx&|E%qHB$N43Co!F-Oo*qi4(I&-jjnlHtLM#WK`R0q>6G6navqi+|H<1s
zlQ%<`ud;Q!>5XJ<8~e<qtGKvUpA1N>`}_{2v#Gyp?BDC@MX@VtXQ<Wunp@WP@jS>$
zJ8ZVzx;>;9DbiW1M}nCs{}x*B`>J*Bv__}oyH~4ASIQg5)b*3adP$V-EX<W=Ox>)z
z`NElE`LcusOGe4XdBHp1Lo_i0Zx=Ez*54W4=`G6;+{vCwtNM9y5M6QaO8rdx^m>1m
z_*9FleL+Br+O@sSSRe1^O=MoklJ8tMs%uAK$MF5@t8ohqIVQPB#_FU(T7ja*xi3>T
zA@C{MWxRm~0n5OTvA@KS2O=V`5;I6-7qZ>GLmoN%ai_Z<dh3G^O40RotmU^&D)u}{
z9-OxPL-V;e-rxgGoC;~URvMAU*2|-s>yGs24Uaaa5*HVar|Gtwhfb~iuHwKxKJHb1
z#*|-ms4x7m;L$}bv+#C2t4F4y!If_MbgRA(H0pL{pHH!dNSU*t+sajVGX|gK-4O8K
zKip35ehM@XDPNtsn*x#r3W;(&KW9V4Et`j{RDF(y@%dv^Yvaz<mlIn09`pRr$}<gh
zK!0J;kVa~D1?*%nvV0y*jGS<B9D=SO&bS>NmoVYsH+3!(DlR<ICmp^?O&=D$d^BAZ
z{CWI^-Ii5ifO3tq;iPdHx142V4Q5f=*COnLXLEc)c8D(3ZJzaX7kSuE2tc+XVB6Cq
z6wWrJ$~)%%M1n+1b*EFP^02C&god_Q1&`i=W^8>d@lCIZn(*dBw>^V$7UFGAmep0d
zQNo$yO))9UPi5WAE<kJ8SYwQpEz1n=`q&GpTDN|!j8Zrf1Hy70lmlT2VX%(jhnrbJ
zv4b7#A0{b+{+o89!sXuQZ;rv0GK_R2%^XdpF|bMRwi@Qt#Pb#$FH9Iowig=;(S!>>
zU1KH}q|QkX7nTf_+k7R{lHlZ_^0pKiP!C4SFqS0?heplyDirb5vla&MdaZp69>Lpr
zmy~0itD51px1P}_XxqtV*X5{S9p`NO=*+sZ%Z*&;ooJf~Gqo5YGCDk@ZZU`T*6{`D
zm?*H+&=xJb)3=N#SI5hK^>gr4&aSbRi+(Qt+V#pRG90hQxcu$HZnLi3Tj%ECvX}gY
zsY9y74+RE=OnpRFiC1a97q#vywx{%q%l*ME8}V+gyE`v1AMU#Tb5ET@oQ-ht2_seh
z^_jwwUdoGw#uOYeh(9(A0Tcp*<GP?!eaC}s_Ud*UNHqGJ{C%r$4)yYwWs8Vi#`Kd-
zEcX{e5!SRs!}mPeKOlf%V{?Q5O+n>Lukxnx=U&7B`g{Sxv{A;D0~mn)7o_rUVTN9n
zy*5}1JIav~DD}jbe!s37-2W+_;ggbKmd8Mvp>Q+-7?O)qoi065L*hdJCmPtzkBEqC
zT_+y#nbqbZwzB<sA#>$d|El~gNHCxC;tN7cu(5~%Tewj3+&chK5+^J9A`f%!IVeUw
zB|a12e@h8e!DH9#K<C{`4K#jK&y8Lo=OY*7%<q2)!$zK7ZX~`6gq@(5?PCHcOo}Y-
z-vWj*LRO3^nei)mZ=Ad@1))ac{GI5$H*55!Cyh=GV9+O8m3M`x*>g%CMYz2o-3Ma|
z;+V3?(vchv2qpTYRBBJ<*-gWW`PuZqF$Q@w2jQL<<EnlK>oT%$RSrY|uts$8*PpR?
z<MAmIqf8v|%UZYR&^|nyjQVhx`{@huV7>2Vi!OO8cxG)V<tEerq7>01PQSM!;YBKN
zDhT#!h^Wm4>2btEsRxe%0b@o3g<YxZ_Hb${>b{JqGKJy-br^*ZqLyG1dh#aqM$A}d
zaR0Z>mQV07d`pC$L3TdNGBMB@1rEXC^2bMHsh0P-%3n_td|7_u91+}ac=ba`Q7ses
z8k=caT6QepDz=hK&5pCZigmvIKS4h7Q&{U5PO<wE;0MuF9|RKvgU}KzNaSy^VQI=7
zYXQ?BT^%?50gRDwQ-BY-mt+ppHhsJ2O=2u&DrSTD!Edb$t-PPs`-8=C(ZA^DApAsp
zjeS%>Q+s+3G~!5<0OEmbIlS>i5GRjgaLaY(vLffWMztPGD5;>x{TIk|epsKF)?d`!
z51t4wHfY4#O^W*1a#;}b(o88&0vH&fzu*@7@uBI_cL{n~raTzfoE=+j!taLkB9rph
z1d<n^6Rn3%wEB=B_n2*xJqRGYDFhw_m;X;?X5tsi>LxNtly)D}<b{GVbgGoqlrvtr
zfV@6ZaY{$gG3iVD9XRednC1O#RBK7n(cP`$?k)scUJ`oxm1I6$T7BaCO4`R_ri4oC
z*IKQWOc?+*^Te}Ohg99-!<RFskR2^o3;6_UI1@_}aLa4~nG=$e3v;O!WStf=ZDG>?
z+}a|>oU5=qEOuc{UU_0lrNPANfXiN5Ob?H-SElEI7OYMW_#Cwy=0~xpGdfH>JcKZ7
zfiOYEmG3p8jC?1Z?V_Hp;)0vP(yb@J(TeNHO}?02;Q|2>Mrsi!yx6~;%zGI$-d#mK
zVvv0ZsCyom6D$l@70orBbmqzDVwlivB<f<H5mlP675TBVA@O;;3Fu_>36!j!3w%dn
z7_pEc&i(e-GLUAXURG7z*_hQpY=prBJ$+Lkm}&HZ%vlr3x%xAWIx1)zmJrb#;YC1}
z`==T%Vy+{co^z#-I^ur55fHN}f|JUmI7#F{ywX>iuovX<eKbx?o?qDD0M{iJlDzLZ
z_57Z@PuNT}ck6w3&EY8HYemyDYXMvz&aLL|hwG25oH|9ttD&N3;0S<s78Y<;TlXKR
z-c~=WiVDLu(pSm#>${q83WwPkg>0SFNRz!jhhb&G(kF>SU$?Pg2@Vb>CL=4@|F%tu
zId{DPs(nvt+Syp(GhX?azGNTGi_U87xF}P~mh<tWd`_SmCjTxzelhOb5<_wlPVD~P
z`O_AU;mJ4Vd~wp%I$nmZ)@*z^2F0sBiO>R@{OVY6E9zIJdVUu$Z87Ypi>v#%wrUfq
zQDIn6>`H0+dQT$WcM2tFeg%bBiRO;pzWViRJHb%nZ^ktLJlPmwHmP)$sfv)aQYZ*Q
zts^*ZV16C(KKPZp6X`i>VueTg`Pcg+KK67y;_P<jdGwD*&4bT_HF2!%y4edHZ$vQ8
z@^t;{VMeG0knWp7_9z0SrK(V#dF|zmNcSHqZv%ddFxG!!!Q7AF@y<Q==ft;_H-kW2
z74RakqnrEvyCnB^%qdm6m#6;a!Tg^e!~`>;gliWdb{72j2mHX&bd|Y?so`B$s#4|F
z^A54k2P9avx*`y3I)0d3a{}NI!f~7kZLF`K*kn()MO`U1;sgB8>aK1NCz>c*B4nnh
zO7EH;O5>-yhL!|N3%2NWbwwYBDwng`T7Aj^d9JGryskn^Uw<J42JN};5m^Wg&`9Ec
z*#Zz_Z8kP0CMJct`$|hT7ZmqKc5L^ihv*}8HQ%E3C%VpGAMK$hp_?3$URvfyvrB3<
zFUs7Qqi||8h&udFv~=X9Z98&L^!VYP@FS$03UsENKkeJ24MG+c7PpqO;wMOvJqbp7
zT3=wU;0MJUAJwQgK8Js9%DkU+KVMIvG|T{~FR~G*n(V*KH^1`fxmVnZ3NudLMPs1B
zz}6G!0P8_^=7SM@)3Gj-ygVb!k3)d}1u46^l2ldb=Ey2BoA+TY$s7CApX3~e1zvu>
zpKVlGz?4*fdPaY9wCTpU{)h6~sshd@Odg(|l_y#EjtJf&{dGAK#jC*tejP~U4-DM|
z9s8Mj{6(Ue=zf0^T7IZomejZT$}(t4TC}7(yNF_$4gG^(ktF#3ZK5)l?BxptTxcFM
z5<eh21fr@DTXfmGJD0Fi5Y*SG!jc{|VuPdN1WLPcBdWv~vOlW3+XqeM2ix_ej2d$O
zca1A2x<|~G?jk;QG?G0u*P8|D!vdo)J5P`8<qeKAQ@hL`!=T%v_lNcF*OroU$RW`D
zOs&CSTX^-Y{i*yGzYM(&v<xs41qkU*?CQapT(N@!q7|TkL>N`F_sJ2X;+UB2&J>QA
z9v1XtgAe~GSiAm(tCs$}t*`$Da@)Un+^K{sE(T?&V`5}s2HPYLwuy;Jny|w;h&UJU
zSkSZb)GxOHJ=>kYAszEHHBnYfg2)AC?L%ptFP6(*-=s7Zi+4)$WZ|hG{gn+n&F&ee
zAe4(X;$gDBz8+2d=a~E2=3Ip4P)It}z{T%$;bhNDB<@KOda@|>zi_(c@tW<;sNl85
zGkO0%F;<}Orpfw>!4@Xq@=c&e{YD`=FWv3m;?b)AE*{nDkz%AEzvB256tOCKhJ-kI
zh7KtKP)VeL4|(2Whge$<tkcAt+}zFJJf#Osg2?UBYnvp)+QjyAvopi4Ly8y+RrU))
z)QOBs-tn9w^-LlyhNR<7_@-?rvmIV|hF_J2teh-we^}l>g`cXDR#G6o_T8D1WFQi!
zmh*c(*EFI5QK$dNI!WjM2U+Kj{NSe?RVNdXw-RrbK0i6%K#G(1o+F|K%D75oXk(@$
zopk|g8=WcZO9>hsxVZ9HjeFs>JORSHg_*}B7J`+Vp&ey3IC=E>!M!(|Cn^X`+b}*a
zwa!e01^55bZ^Z(}!M8X#@3S0P{E30-D7I(aFrxu}60o%l2C6UDc2hDZ2|vIi9jKI_
z5@`-DDY&Pl5~^X13RXeoWW22H-V9DwOt^~?ZYSa$mvR;Z(6jrpLI3Txk`Xm7^h#~Q
zA_N2m(!d)t{d$Uo8mWLl5E7pXxNaO?BXD{g<*vfRMB>TVJ92eySf1q8X({m!ziy{0
z_5P8h(x4N*x5$49(?2jx#}3OgDe4E1C$+ubHx%79cw^ym;}nbXbMGs%IC-W#n18g_
zaLHdhVMi{|u+YKp-3cBuHP^Sly?SWU6p3{#-;e<!xJY`QB)rGgncI`+GTlsqq5{cd
zpt5q;O72t{vZo(7XWUesDP3Sts#n9wx@WRY2lupe&Ga9dI&{?S>9Sy`gAXO*v^kVi
zqPw3ug7xz6Gxkmdhh|KR%wK(@3_?Z?`)E4mK^|`E2YXDG_coZd(qCNKw{AhVogjU*
z*FEo?1Y_v^^KK3tLKW&{m3(`>*(=>x`=cDI0DRIC-@RUXTe`irGD5q%ee2dWMMN3-
zw<Ju<Y70>PQo_!b`{WpgU|ZpnRmTiZ24nM6C(=qnr0(M?7g9n?)LLm8xP2;Y2{Xa&
zSyHuLo;(*uhWRKTz5dbUJpwI!?b2m_qjM(ZVrCTArV)#@@aY-GI;!xUwfAvmYt1u#
zjbXpip<0-Fjkm^2i8=IM<E$D_r+7R4gX05}C_4?(x!pbXC*m9N2vqs_;An?X%kNI6
z&_rL;4u9C#og5bat}4UfW^{=q1>esU8C_G8^TG{KX@;3hQ^QhOR)fO(wy@3vjdysc
z*)w^W>`B5HQ`b6SXG}j{nxUZ6Uvj&r53QcY&_T%H`=RRgf0T6thOz>$)ukIG)>%E4
zzED{O>`|Uu9Sgl!cpQu=P=AOswU~5cYjJQn|GsYH2Bq4$g)rU1Khc-@Z$;ARUzl1u
zyCksK9=hi{!|1d60`J$4XjO?UcLHys#h7QC#(B3JaqYe*$d&Hz8~*eT56esbDrklS
zJy#EPJJ_m0tQ<H;rP&=^!j`)LyFXCE?@bQ8q}C?x{Hn#8npjlDFEvo?aP@Jk6A=ic
zj`Hu8*pMmu^!3aAjq5}{ecSyW@7SM2pX#|9$V=lAGBKdrYd@+Pxl>zQe2tjjO5|1d
zeXHZ@GcT)0yx(BgNe=HV^-ZjQQFrB;Klilfe4l*KaexTTEh!I0FC$zQmYdhxDmJ@T
zsuY()>zTXU8%)1&JDN@0_a?bYT=J&dDH?fa8NlvdOrS=~jO9xP{3J#_0|U&+?RxEd
z-@YQp?z~uU>c7Z^7Iu)0&aawJs>e+fCKz<r7{)#LWuc7V2zz)ao8ji1_1O?_iyIHV
z2Tu^wQd;t&jd`<;?Hjr78gr7o2S>H0Zy##>aVN7b7R`(fSM41&9@~7zbLFnsZoJO<
zp>Yeh_IFL*sGM2N(zUz_E$)KvS96(>=a(r+6Lt&tNThMnR#;_Dx@+JSO}uj=QTswB
zWT_jLft&uNG_rzmZQh<|tu)nhMaABd<XldtAu9jXQ;)g+(7OSxnTr$Cn``qtg?5dr
zqX$&9;`QWC&$s}zT_1gH_ccnonkc717K`zLI9^PKn7ZGnq87EhQ6zC;w&qni;>d`S
zr<pW<Kc1<(%~XyMQ&<#@%CS3}Tmg$lFPutQq>7FUEQJEag1zlNye@x`rU}~OZftG}
z+O(n}ukog)<{CPWEjGSuhKNpgV9-@micD~CIikGNliW0QWA)zvjpf<Jd=)`oFB_G&
zJjud=7UfO2EJv1mLyph)4h4ih_mLAeha7sPn&^_YX&wHw?cUoanw^`Q-fw4kH+9-q
z@a8aXch2wAO~1D+w6c!R2M33&FBF^gH+svP-|O-GvBNd}BA=9II{aIQLIpMT3&B^>
z|7&TOiyZ_sQTAtAGaq7Zr5dQ=_|=MB`P8<Bt%BGm>K26Bjq$w(y%tEV!<(hqM9A0t
zMNel{{LFK?=-Cur`TYJityuFyy!hm`qkU<1#()h~zs*Hyz$ICmoiQ`=y0XFSgaKDA
zm%f%V0(^IwJ;dprzmeEtLt2xN(qA>yB?Tm(=|sL;DR{!J0)+#TB&nbfSje{Zh}ik(
z^H8Z$E#ilz&Z>l2FDS@oSucuHG3Q;UxS+sYVQFNKi+wtzvzwIrqx};UZgK;E^B1|S
z_Tm3ejEC$mHrkE)CqhyM;<t9o(MsWW$JGdXa6gvNsM#?<VOC2kX$eoHG|WP)TX+Z5
zNq-3jN#319+E3V5RWC)<KHH#S-ddkM=xC4*?l=CV#8@|1GyIE5UgViw<0d#ZTV6a%
zi#*ccH3*Yxd?Q+REC^YSja9#Xo!Q3Lc51#kbj0~{9+N?0p;zrF1;*<k<wMB0aBOQv
z=TSH$%OO=s7QCH@9pYw?s$_3}J_kwBVpa}gf&t|KGEjbKR?{m(fia4uG`&~P$%-jy
z^ml{^Em-Cd#Z}C$L(7WgOKOej&)!^(85&0`@u(A)rCSUNIz$uS-z>jwcJj_R3-62x
zx2J|kr2^`P8Q}IH>IM=9hVo}?(SLo(ATh=$ic-^~(ojoaw)B54oI;2Z!aNe12sG86
zi-oSD_J3ihM@+3MDO$U(#4>bhT-b-PMKJJ7VG@%%Q!m$OMj>a^p+b9}CJ@@<l3xNP
zBm_zYy=U50VTW}<cGztH108H`5+q;B?O@Ak6k3dkhzPxpB{%KW9#qo}7_Gb)En7nB
z9b($qHB;rUpF<Vwb>#j?+p-$1X}zPDz1T7zYhLtSVs^Y42H$KB<i+;-Jj(9#xudd<
z+dzBRrYU>?>)0MaTRxb~q#?A2NA%KRz$~(0!Kfz)xqW%Pc&V?~xY&HWy7v8on?x__
zk6hA|qkjuL!k?Yv6s|z8bJcZRlq!02%ZfVbMBMRyqN3zt_xa8XIC*)6At5IuaY)f(
zrox6jWC%scXNm!q$r);aQ($yqIdXUCUF~aqALk9)=VP9uV};KvP6w@){haDKyq{|^
zV=A{~ksnIRl@yWpDJr?*F=tOUknKz3XON1J74G3*DuiTwq|<{%1YVTLBI^8VA?|&F
zhlu5zN%Um}6>FaeubXV3_y97DVt$w!FQU}w&I<02D2=lPSg{g;73(Wb9q3|n6GLx|
zpOBEyUtuLbSl+{z!Oip(KN(*FjzUsI^F;<VIoRu|nfU*ATv#*+QY%=YBZgjB+1fgH
zXvY!wIf@GZ07d@S$N4h6$YG7#<|8oz;RF*_4{ZC+Vd?bofu8sX!<j=jTLq}3SBiA#
zm!vfNcoh|DV>`vJ4(pV7#-oJX?e$(h{Qd%%)F<$m0=61-Vvbuh(|ecRp-?)R5(rGt
z+S<y**>Uh}Q(J(YE}!skaRpxF8Pomg{mx4L{|Ov&M<K?2!(!io7Hl`d30$nuK-Tk4
z?)F%Io=yG#(oQr`!Va;~J1K#bFDg*J=u~N2X}nWM0XmQHMkFM@sW<lX;_p2Q{4cOi
z)A`pQdBH@`rCGupPTCCFT-rniG)RB(1py+Z$X~PufRwwWEPV0fcaJlbGLMaCy$1DE
ztR1aIRZ*S0yzKurlv{^OM(e60!9prP9|UPukQ5X`qBNjQk7te_1R@m8jmMcsn-Huv
z;XwT_F$7vcI)})^PVfrx8>L83*eDRjIuMCA>|NQcHL!uVq=xWD>gH&HH)8r(T?*FW
zB*K4PqxlREEjV&%Ll=E3zgitzjE%`y2Lji)jCFt?0*!<P+(|biB#tNPTKGwSjBG-D
zt~+YjDQuNqE2gb&ZF#=CtB#|uU$FZ>L9&L%5fV=}GvCQe^*g*&zg*DtWwTbs28a&<
z9RcDap`~?J#`bs&a6bhcX}O-wiP6JfDR>RT=kc#4ykmTDbi(q5h|Xq6B(%|BTqK7T
zwhJHF=x~V;zKAVX3{IjZ@-qXpJPLqi!XILK`WR@q&y(hM!Ecnq&F}~%T{=0GTKJze
zKYGS5y-Ps-Ioi}k==H|tcW@vg?e_oX!`}hHG7cEUrZvtmgQOK>Q%HrU#2m`51p@Z3
zCtJWRWH8s2(TKDWF5j#1eRq}>Q~53W!Nm6R!KEU&D-Fn0S612d<o!_tzh0u91i_DC
zsH<16x*?uds;bN~GNWN2zJv4RL8_6wR;iQoL}D6m-K!EOtz-*=d{A2??{M%L8MuTy
z{cn!^6e~t7)8ma6HUsj)Iz^jtaw%fr+YhJ(dJ+Ta(JsR;agad5@N@M2;MOPoT8k0R
zO$LSo3s@pzC+Eh9+)+X6bPjlRUeeZ9g=8>DCB6c~l>hm+-7XV@4r-viCGQ^cGCKJw
zB}H5cfcxxVxVv!TgqM~O*cGf75P6dRdNKrx3lvA~O}!M~`j&z`YJ(h;FPRM9-UQ0T
zzdq*gfAk|mg6yqf@srZ+um61V_W~gPdg^=2>BtBC=g$_r3W_=WcOWAZo}B;qkwSt5
zN#yEJwygjB9$C0ZKQ(gv|MFl!uG`-S`3P=}C#DY}y#MDnTmtb2Vkqq}@t+@ma{rK>
woPMh6=6`-X^6&q98vo^1z_t26xf_3ozVs>nHng;9It70;RCQF!m8^sRACZ8KLI3~&

literal 0
HcmV?d00001

diff --git a/docs/security/trust/images/trust_view.gliffy b/docs/security/trust/images/trust_view.gliffy
new file mode 100644
index 00000000..b635e657
--- /dev/null
+++ b/docs/security/trust/images/trust_view.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#FFFFFF","width":866,"height":537,"nodeIndex":323,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":true,"drawingGuidesOn":true,"pageBreaksOn":false,"printGridOn":false,"printPaper":null,"printShrinkToFit":false,"printPortrait":false,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":10,"y":0},"max":{"x":865.6666666666666,"y":536.25}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":10.0,"y":122.25000000000006,"rotation":0.0,"id":79,"width":531.0,"height":409.99999999999994,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":0,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#ffffff","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":416.0,"y":312.25000000000006,"rotation":0.0,"id":40,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":1,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":41,"width":71.42857142857143,"height":50.0,"uid":null,"order":3,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":40}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":40}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285722,"y":0.0,"rotation":0.0,"id":42,"width":26.0,"height":18.0,"uid":null,"order":5,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":40,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">1.0</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":82.1785714285715,"y":17.03600000000003,"rotation":0.0,"id":0,"width":63.0,"height":82.0,"uid":"com.gliffy.shape.network.network_v4.business.female_user","order":6,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.female_user","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":1,"width":43.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Person</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":330.0,"y":142.25000000000006,"rotation":0.0,"id":2,"width":120.0,"height":80.0,"uid":"com.gliffy.shape.network.network_v4.business.user_group","order":9,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.user_group","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":3,"width":73.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Organization</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":141.0,"y":152.25000000000006,"rotation":0.0,"id":11,"width":63.0,"height":82.0,"uid":"com.gliffy.shape.network.network_v4.business.user","order":12,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.user","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":12,"width":48.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Account</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":305.99999999999994,"y":273.25000000000006,"rotation":0.0,"id":16,"width":110.00000000000001,"height":80.0,"uid":"com.gliffy.shape.sitemap.sitemap_v2.photo","order":15,"lockAspectRatio":false,"lockShape":false,"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":17,"width":110.00000000000001,"height":25.0,"uid":null,"order":17,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":18}],"minHeight":0.0,"growParent":true,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.rounded_top","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":18,"width":110.00000000000001,"height":25.0,"uid":null,"order":20,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":6,"paddingRight":2,"paddingBottom":6,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(255, 255, 255);\">Repository</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":25.0,"rotation":0.0,"id":19,"width":110.00000000000001,"height":55.0,"uid":null,"order":22,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":16},{"magnitude":-1,"id":18}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":18,"px":0.0,"py":1.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.sitemap.sitemap_v2.photo","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":416.0,"y":262.25000000000006,"rotation":0.0,"id":37,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":35,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":38,"width":71.42857142857143,"height":50.0,"uid":null,"order":37,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":37}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":37}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285722,"y":0.0,"rotation":0.0,"id":39,"width":38.0,"height":18.0,"uid":null,"order":39,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":37,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">latest</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":416.0,"y":442.25000000000006,"rotation":0.0,"id":63,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":40,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":64,"width":71.42857142857143,"height":50.0,"uid":null,"order":42,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":63}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":63}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285722,"y":0.0,"rotation":0.0,"id":65,"width":68.0,"height":18.0,"uid":null,"order":44,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":63,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">producttion</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":305.99999999999994,"y":403.25000000000006,"rotation":0.0,"id":58,"width":110.00000000000001,"height":80.0,"uid":"com.gliffy.shape.sitemap.sitemap_v2.photo","order":45,"lockAspectRatio":false,"lockShape":false,"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":59,"width":110.00000000000001,"height":25.0,"uid":null,"order":47,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":60}],"minHeight":0.0,"growParent":true,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.rounded_top","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":60,"width":110.00000000000001,"height":25.0,"uid":null,"order":50,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":6,"paddingRight":2,"paddingBottom":6,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(255, 255, 255);\">Repository</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":25.0,"rotation":0.0,"id":61,"width":110.00000000000001,"height":55.0,"uid":null,"order":52,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":58},{"magnitude":-1,"id":60}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":60,"px":0.0,"py":1.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.sitemap.sitemap_v2.photo","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":416.0,"y":392.25000000000006,"rotation":0.0,"id":55,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_left","order":53,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":56,"width":71.42857142857143,"height":50.0,"uid":null,"order":55,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":55}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":55}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_left","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":10.714285714285722,"y":0.0,"rotation":0.0,"id":57,"width":28.0,"height":18.0,"uid":null,"order":57,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":55,"px":0.15,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">test</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":10.000000000000036,"y":132.25000000000006,"rotation":0.0,"id":82,"width":108.99999999999999,"height":20.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":58,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-weight:bold;font-family:Arial;font-size:18px;\"><span style=\"\">Registry</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":36.142857142857125,"y":399.25000000000006,"rotation":0.0,"id":109,"width":187.85714285714286,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":81,"lockAspectRatio":false,"lockShape":false,"children":[{"x":7.142857142857139,"y":50.0,"rotation":0.0,"id":98,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_right","order":74,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":99,"width":71.42857142857143,"height":50.0,"uid":null,"order":77,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":98}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":98}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_right","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":-7.142857142857139,"y":0.0,"rotation":0.0,"id":100,"width":50.0,"height":18.0,"uid":null,"order":80,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":98,"px":-0.1,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">working</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":7.571428571428527,"y":0.0,"rotation":0.0,"id":95,"width":71.42857142857142,"height":50.0,"uid":"com.gliffy.shape.ui.ui_v3.icon_symbols.annotate_right","order":66,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"MinHeightConstraint","MinHeightConstraint":{"height":28}},{"type":"MinWidthConstraint","MinWidthConstraint":{"width":40}}]},"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":96,"width":71.42857142857143,"height":50.0,"uid":null,"order":69,"lockAspectRatio":true,"lockShape":false,"constraints":{"constraints":[{"type":"WidthConstraint","WidthConstraint":{"isMin":false,"widthInfo":[{"magnitude":1,"id":95}],"minWidth":0.0,"growParent":false,"padding":0.0}},{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":95}],"minHeight":0.0,"growParent":false,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ui.ui_v3.icon_symbols.annotate_right","strokeWidth":1.0,"strokeColor":"#EA6624","fillColor":"#cfe2f3","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"hidden":false,"layerId":null},{"x":-7.142857142857139,"y":0.0,"rotation":0.0,"id":97,"width":38.0,"height":18.0,"uid":null,"order":72,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"PositionConstraint","PositionConstraint":{"nodeId":95,"px":-0.1,"py":0.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">latest</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":77.85714285714286,"y":8.0,"rotation":0.0,"id":30,"width":110.00000000000001,"height":80.0,"uid":"com.gliffy.shape.sitemap.sitemap_v2.photo","order":24,"lockAspectRatio":false,"lockShape":false,"linkMap":[],"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":31,"width":110.00000000000001,"height":25.0,"uid":null,"order":27,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":32}],"minHeight":0.0,"growParent":true,"padding":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.rounded_top","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":32,"width":110.00000000000001,"height":25.0,"uid":null,"order":31,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":6,"paddingRight":2,"paddingBottom":6,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:normal;font-family:Helvetica;font-size:13px;color:rgb(255, 255, 255);\">Repository</span></p>","tid":null,"valign":"top","vposition":"none","hposition":"none"}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":25.0,"rotation":0.0,"id":33,"width":110.00000000000001,"height":55.0,"uid":null,"order":34,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[{"type":"HeightConstraint","HeightConstraint":{"isMin":false,"heightInfo":[{"magnitude":1,"id":30},{"magnitude":-1,"id":32}],"minHeight":0.0,"growParent":false,"padding":0.0}},{"type":"PositionConstraint","PositionConstraint":{"nodeId":32,"px":0.0,"py":1.0,"xOffset":0.0,"yOffset":0.0}}]},"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.sitemap.sitemap_v2.photo","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"hidden":false,"layerId":null}],"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":330.0,"y":0.0,"rotation":0.0,"id":180,"width":67.309,"height":101.072,"uid":"com.gliffy.shape.cisco.cisco_v1.buildings.generic_building","order":126,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.buildings.generic_building","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#0b5394","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":182,"width":56.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">Company</span></span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"dockVlz9GmcW"}],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":266.0,"y":125.25000000000006,"rotation":0.0,"id":250,"width":7.0,"height":413.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":172,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":79,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[3.5,-3.0],[9.5,406.99999999999994]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":472.40133544303796,"y":320.25000000000006,"rotation":0.0,"id":306,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":209,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":472.40133544303796,"y":271.25000000000006,"rotation":0.0,"id":307,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":210,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":472.40133544303796,"y":401.25000000000006,"rotation":0.0,"id":308,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":211,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":37.214285714285666,"y":406.25000000000006,"rotation":0.0,"id":309,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":212,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":40.214285714285666,"y":456.25000000000006,"rotation":0.0,"id":310,"width":20.0,"height":12.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":213,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"dockVlz9GmcW"},{"x":580.0,"y":418.25000000000006,"rotation":0.0,"id":314,"width":283.66666666666663,"height":20.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":215,"lockAspectRatio":false,"lockShape":false,"children":[{"x":66.66666666666663,"y":4.0,"rotation":0.0,"id":312,"width":217.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":214,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Signed tag.</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":null},{"x":0.0,"y":0.0,"rotation":0.0,"id":304,"width":33.333333333333336,"height":20.0,"uid":"com.gliffy.shape.bpmn.bpmn_v1.activities.ad_hoc","order":208,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ad_hoc.bpmn_v1","strokeWidth":0.0,"strokeColor":"#38761d","fillColor":"#FFFFFF","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"dockVlz9GmcW"}],"layers":[{"guid":"dockVlz9GmcW","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":216}],"shapeStyles":{},"lineStyles":{"global":{"strokeWidth":1,"endArrow":17}},"textStyles":{"global":{"size":"16px","color":"#000000"}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.cisco.cisco_v1.buildings","com.gliffy.libraries.sitemap.sitemap_v2","com.gliffy.libraries.sitemap.sitemap_v1.default","com.gliffy.libraries.ui.ui_v3.containers_content","com.gliffy.libraries.table.table_v2.default","com.gliffy.libraries.ui.ui_v3.navigation","com.gliffy.libraries.ui.ui_v3.forms_controls","com.gliffy.libraries.ui.ui_v3.icon_symbols","com.gliffy.libraries.ui.ui_v2.forms_components","com.gliffy.libraries.ui.ui_v2.content","com.gliffy.libraries.ui.ui_v2.miscellaneous","com.gliffy.libraries.network.network_v4.business","com.gliffy.libraries.flowchart.flowchart_v1.default","com.gliffy.libraries.basic.basic_v1.default","com.gliffy.libraries.bpmn.bpmn_v1.events","com.gliffy.libraries.bpmn.bpmn_v1.activities","com.gliffy.libraries.bpmn.bpmn_v1.data_artifacts","com.gliffy.libraries.bpmn.bpmn_v1.gateways","com.gliffy.libraries.bpmn.bpmn_v1.connectors","com.gliffy.libraries.swimlanes.swimlanes_v1.default","com.gliffy.libraries.images"],"lastSerialized":1439069097667},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/docs/security/trust/images/trust_view.png b/docs/security/trust/images/trust_view.png
new file mode 100644
index 0000000000000000000000000000000000000000..71eb26ce3163d519403bd6f6e72b3347c48c347f
GIT binary patch
literal 59533
zcmcG$WmJ`4^ezgBQqmwIAl(Sk-5}lFpdbR$-KBI&Nq0#~N`s)3bT>$Ex*P7={@{Pc
zIp>aXKix6-fR4T2cdfZ*JoA~)B3Myg0u}iMG7Jn1s+6RdG7QWkM;I752E-@ef7H%>
zieO+!V5G!^RbBMAQxRNL$4*c2kP#_j;VFG#ltnO}s)c-_BJm@;6~^fZ_<7>?7zJ<J
zP(py9;7q?<_ar0>QCcYkKKG0)^V2gdAxRRXD0oRkwdVD?rKhG;mQ>uPYblA&{0c9P
z?fT~}?oRPjoX4jv;_4hWhbc3oVUVI=kj_5|nZJ*a)rlrSx#Kdtybd>4i;-|+i{l9Y
zDVrXO4L<STk4vNwehANA+nOwe5FAAYHH`4tI68rG&)?KMf3vyrfa?;Cs^S?>F)H*u
zt4og*A9%_Cep=n(X&{ZANvzP<`S=T&ubH_X1)dy+<H66#MY9`ES`HoV)#*?aYf~nk
zP2bs4-+#{s{yGRoJeAmzDnSH}!Vn#9{+WZQ`#jBET7#MswQ1L@K691Psb%KO1n7Fe
z&msqG2v4ojfe01}EEWwvEMh%pUP+8~!ZzKF;jgekDi+z7J5!^i8#dhHshgABun+r6
z1#g*%wg+GH6`};Yx;)!5hA1CB)|+`_#ImA}SpTYmntQ}IC5urpU7$4i-@aPYkrYQS
zj&|)V!JFerqmmr8_3!%K{dSjLy81Dau7+g1%jsu{d_+VF3tbHftSI<Aen^Zz)CfXe
zaAsQht7CiPJ<c-D$r1T_s$cm=n+$~|luUWN<p0}^5S#$1kkUH#c1kR~B#9!Ti^^bi
zBys{m{agl_gFCt@ZqV1w1mD9I+tmNI?<?k$#Tez3Y(WW&wND2&uaQ?8x0jGeoM|sH
z$gI3RwzF>hU?_Gt97lc8zF=T!xL_gmeyxl52aH-Z{8Ps!3yQpAFUG&+kvRl^7TaK>
zeqPAx$;<WsYAcecST~V)ci}<b)f4t_U9rD-O~#Wt-VP~`;)Vv{-TRHt4x-}dlvVG>
zYjF5Ph#r;32~X1-JLpRzb{DkOcla2#&T^jd5{v774{~{U%VY#Nk)4__v=|tqNnal|
zalL_fN0ZaZW+x#@VyOqmnxz2dp`y`$13mmSjPk64BE?;E*YzR!VJ<S&TUo))Zo8cA
zF^%rN@b+ANP29-c<zM#(5Q1C7&M06_XEp_AgD3=-RN%fCPe8Hi;?(R%t1v$$qQ1+;
zpmRp-n02&0$Jx!ab+&5pLg02Og2lG~J+~7JC$XIKFcW<|6TQNTB`w0RLQhy6(#su5
zn_qT^4h!*ia#KYn$8(&n4opl`_verGIvs54B8>YHIDZ(d*ZQNsx;nURDX|<e926GD
zlut_S^S_38HPC4=lyw+hr+2Pge{NanOt^$!w6g2IU$>zpIJoiobdjbRcN)<O`+>rR
zJ^onQe7gauK1iE#rCXHSE8QFCaybo&TB+7s_`}e89L%~E&9Cdx^<RSPr6*RzH>Bw|
zF!&p9^4xG7Prcdd;Qn(@L10YN7`e|up)!&&eMp56>MMt|4Ei1th&DS~!no4XaIQEJ
zQmJb551n&&@D+c=ulR-jYz)~)mF34Wh&(xRyHed>rYu6OoihyF;-p<M>vs?$3LO-m
zi>C^sBLqH#fj=}1o{nxTJu8;`^4J0^E{eWn4ilT!+2KQh*voKu$yQx(8lqyQUYcrC
z?i9Vuq?Z%?<Mi5g{kl=HVIMoU3|>u>riX1XYE7B0o)^-auKymGr1@@rnh@?jvT{6i
z6tQ){Q%s_S=OD-J`pp_;D)kGk{Wz6tm8RUF<&3xNnpGFJ1CHZM(v=5aSX6@s!>^rN
zV+?zP{y8#<2!o5({1)CHZ(Yq4i;~<5-+YMr6!=6+SvqfJWzBPOCO%ew!#EuBsfYE^
zjPh(<3sK`2cs{C(;QAm)8`ewZ?#<f~Qzpc$52ZCXt+v5GIJ~EiZ%46}1slzq!P@?)
zjXqZEqW@Sy&)xn`Sc84z1#ad{{a!&#Ms~r`Ip!kj{~n_|^I{mb*4|C^tzEi-8;E8v
z@u~U<#-jo-UHwXFW|F=#&cqCxSbBtDd6Wip&2_oYu)M0|in``UiuLg+(|+;6&uTsM
z>4j^mDJBmhPf**B9EZeOTkmEy)|(1=bU5pWV`0L`C^&*McFsSyn^(t89U&mIyQvqG
z8mKv;WMC^pl$K&ZGBsD<j$Y6cC|F9F%Ta2AAL4xhBH9+-gB0RK$X6;h72%(TQg5C>
z?(i9jCn~dmb@yUX^1*K@KxQU4i+@{etD;_1Y47G<u2FToHLN*E-a{kP+ZBy8GQKV|
zK**YteH<LjX8s~V6b@FQbtcQoUb)`kM`pY^e+Djxtur>s#^B*%WQRkdfzT&;g21eP
zy{yKF`$E$w<CE3j(0J4rKo?JZ^J7SAkUb1BTIsCXnf_Nr&MrA6_Fs96P#@bTCm+7`
zPY;3IC#@ia?FcO?lAm>JuYyK0KC|N!vlgU!)PAfbl;quXxIt*I?@AsS@9u`9TWIDh
zFR2PgPFS7!VzPN^9GN1a6w5n3nh?kP#iT9ok@&of(mJNLzU;qRBm}2V4$>3*=wk&o
z<5^wd2DrYc_uOta?qx2Y3+9sVbXFbaBQSZ(GS(?zg<3t80>6FLxSXI>s&xQwb~YHj
zSr4`vE>-%`u|wY|^d;aLQq&{)`A{RI>XTX#MS&gnWiRfpUF82QYo31s2}YrOUG8!y
z43*{G0b@EMkLB?8>=E7DT8`VE+AAC<0S_9k>IIC~YNK^*-~0<iDQqCab1#p!roNSa
zg4c+`r^gOyO2{hJ6l;7)vK}J9sMM3<Yh_ZgwfV(Pf96|c-nlj!(5JgRGCKRYLMe~g
zK>O~h!X-q($v@^2#n(?PRX-Fr-s@uehO-yF_pB>DLUN9h+y0j6V*h(7i`VZb+^do;
z4CJQ$28usuAlIvfOFZ`lKf@RR1?k@<s?M2~u)~bDX=vl5^)-zgRVszQ8Fu<gf1-`O
zCf)u3e2S7Bgd6jt8L7(432E(dvreJCn<}Y!k8=OmCJ0?OkLUQoC2RVtm`$cx(z<oV
zuEN<yZ(>6Q&w5$)M)$I9o><a#MqLLtJ#0q;>|rQ^8Ez5HNwVlGZI_Q&cARbDy^yZw
zWHihvHNNU?xL;kXG+3QSIe~(FkmGTts8XzRpfhLHPZOzxPc;bSR1A%Wu=a*JYJ8tT
zJzC_3l^ew!HEt{)8jNkE2#`#rg1l_1F5H&t?xBVZW_aBGeuU#l3H!(W;o*Ow7^zV>
z8C&^rmOLwB{j+HH#%=MX5xMYiyzAD%cC?}Tq%r?j%ftXsG+^w%mw6Pz)4+#&9CPpd
ze*ji6MVk<j7?ap+)Y=@5F^Tw!vBhP;x!wParPx|V!D_u47>-Otsk8IpY$aQDpl=n|
z7E}MoO~d3>G0IGyWoVQstbg3vROq$fA|&v&MqV%M!(4GKLV=(e`2H^Tpx9hf>Wl8o
zcT*RaqjNK~(lxt+bV#&`^8U>>3IvJGWTXZ%j~Z{g{VX4!7LG_j^c(ZTW9i+ixB0`=
zkz8w>&Wzfon&-L`?YPK04=&N^Pxob0uXK9o@5_2?1$0S2*q592DN)9$3h_%`<c`>6
zM4?<xwoU$R4Mj)FKO}(Lt!1-$=IH7Paq9LxR*`2oOo}W^h^hZcH~rX62@e;O%(2u_
zK2e_U3uQEW(dxSfmo3r|o)*`?KQR7PJ6|Cx5Szc|T6WS$2yvOH!*^eyk{^0^9cJ;0
z%d?w``+4w~R@UdKseWxWfF`*scxh?~pS3_KuC(n!dn3Kp&9KVb#<Y9W7fXN;k#Wyb
zXcFtm9h-SfA|3c4^?j%S;U64XCVu*q--3uZ43JWXZ}i0qdipuL6$K;gHNByuCG;HN
zIiL)uVJ)9LBuaj0F`CBqgyb?2gu7ShdbY(nr)^N_X^)?*IO)s4!O96O<nMkf>XjUh
z?lqld3}%Q_Py%)!<YO#MOc?l~hjrm~@p3HR>dN=smuSyi@41x=9m>;^21=(RSZ@1W
z>2#h(w2^!R0asHLt-9rMp0a$-Ajy<5UWY&2B{5ly8N@1#|81;Q0RT5wGjfDRK9xZS
z!qfSn-QmVe$LZ%d0gIK~wk+<yUY>0E@+Wn5`R+7|g^on|+#r3(DwRrAL_)V^4Epq!
zhU;q0T&9-ji#lp)@0r_dbN1)v-O>VgM;rHx1#4bf$oAa_+sF4CkBS7z3-2Xz5O)wy
z-!u8f0hG#kuaN2k+QZ)(^kYIBYMl1hKEvoen35zyi09vOg^i+lLh4~$_kYO#ccea0
zH2B#vy@g6?KCME#?-L>snWNM9`D`znAIM6bZ&sY9xGy&?;NmeHO?rZKf41>qhVU2&
zVy2`&L=ec=rZ06myO?D4$>?ieDtmi_B6ayalwZ&+_@j)p#%@Kmubxx5m$t8v**61u
zy?Pxe#;khkjFKyRt%KLiZ7;0MayZ;%1cfLgX)SsjJ9069Qs_-j1oX<o$Cyg?%Lftu
zLt9uhl&~T7%5V<rPQ2ADHhPiG)xzt~99QO+PJ>zMD>)kj;Qx><))dI}<IvjwLMgdi
zy*<WOeshN6EUvc&*T41q&Q&+7tSrsCFga$J7V^gphKuo`n~4U7>@Gih*<(}n1hG_8
z-^=aFD#nz}={zTv0iW3@^99=vWmjQ~N5HX#4&Y~>Inq96Czg=$$0keY;et<Z$SQRi
zNGUTskx>XfaJye_`Abm0W6q2(|E3-ugoT^OqYYKBR%fQlrVX7h?cuY^K%uDbkU^PJ
zs^T*BQV_+WDZDfj1X-bFw7N`X^!OF(?#`$rmU6{mHCyY}mQ#MkWo|mZsV>_6qJ5xi
z9)Qi#wM8;BkM};dcm>c$B474FyTaEReXp4x2B>`ZiR|I=$DWWEqs4TAOtoxnEP^+V
z4G<OQwb{qrT#moLAA;6L%@Z;hx;vWK$fRtj;8mgeFYyaN6aVe%aeYz2yAv5f_oyF)
z_dB%l2TLG`lD3!nv#df`OWuR~3^H5xjqRQL*8BqJ%P91`5|xqa5abxCY<G7H^L|md
z8cI-u_M@b&%1GIds&rL$As!Ry{NCROCs1%5uOfI-$G|IUYkl#){MSJLYlISin1B?&
z+Ku$x{0Y?6d9}6QL@eu)TzA&-q?BcY<`74|73&r1igZ?9Wr3(ke4{!7pGs%`*Lx@3
zRsgxCga6uY_t}Nr{CFd}yyaH!M%#{DO5bdzglte;PVZx)dDpCD2Q#gSStM>Aq{$Q^
zDRI5A42#hog$-@=#XXms(M|iqiPdI%H@-_&#}8&vUSt|*FPl85_P%r}6k)H<n7ViO
z5Cu{$t6I&MB#1Q|Gy|NqHh@1zec#FetjK!6{hY<BG~<$Td#a7Ix5RQQkt?}Q)SH7^
z{(aeGHWmJ4c5oQsWdHpVe5fF4kQwE8YlV1Agb41Ejq0nJ-h}VG6k5*XXn0}XTyLoQ
zgJa%NGliD*I(zbD1%ehaM^kCy;x{6#`-z&oeaXD5CJ#qRT;#^EWgrdY<88{2=l#h+
z7lYp=;3+?tF3;MKmOpZBK#)#m?NP0KQ~mzLFp=BKC-|6)4QVpnr>J1YZLvUQftwQY
zY$s~vokr5921>~7rA$s(>GxC_;PTzf|7U8C=7~8q{uS?k_?KE{Yy*{C#CUi^pQ>-A
z$;dtOvW*#EjHrVMv@IEia8}|FX);KNRLil0APt0%^7qz5O>+Y^O?Ema^8Lps{7~n@
zp(|%IhR8DulVRC;g3}8r8Dkyg`Xrk_Q4zz`RKxBu_EcEq_y9m;I<^Jy7gk727+(ub
zOI<8lr>^F!1%F9OjH#`VA#;y3?!HUgq#aSG;7TpjNsppqHE33uPrnG%9S(*j`Se0}
zFCl`&CJv?3m;H8Rr*{Dku}GDi>oQw81(j3&;?DQW%YXqjhl>B%<&i^yN3aNOZFLb7
zyU6y?Fv<EKSGDIRI&a<P2TYjrmmsrQ5skc!4N}Kk3{Z1YLG)iv%9oZX3lEkGRic~T
zkz&8xqN7$wR}oBV;<S%x^zsIt#7#YA+Rv+hN5-MA-*We!+k;QywqCaytEFQL+JUP7
zxbHx*XkLMwIE=-x;^jGFdqaug%s(@hu!d^!mCb%L;IoUU5>CmmiBb04P-bSBXO7Ay
z)$$yLp*>ukDN|Q-6?VmzoiK$ZcN~3uf@dN1N?q@|VxK-0x#N56weyGK3hkb$cF>V?
zJ(#US88l-krs_1BgD3JtkI~E$F<gXkdlFYZo3`)rrcg?LXXr8r!_ocTXf7~cZ~NnT
z6Qf(-F>Pse%<Bz|-|mP(Z7;pb#EOnqw)R+#cc7&3N*_TUo@3d<g7CAC)6`eWATMDk
z(Iyb{kE>BJO;X|K_jBp~+>&iM{*7jfcJI2c6F}0b^BCJWnxN?Ms}9CWh*DqtsLo{{
z=m1)3&rggMPC;U0NO9^)OVVB6Ux(nmd?s&%0w<2d!_b<LwHuo6-gAM1N6C6s?7!N(
zP#iz?ZWkwIwU^%+a9A%wcy#z|9lqQrj*x$dhZ>%LE01ZOmcE9t2M_g1qGf!zOePku
z$u<oVUZ&nXeQw+t`k`&GK)zt$dZ~lLPz}!2&nmf*#nCd85h6YZ7`NV~FhZ$8T<NxO
zy=3vO2tn3ETt@uqqc@4)>4Yon%TfyIoln#b70;*+$E<mgQ&flxk75bP|1XFmFo~V>
zo^ioWu{otyP1!L#&~qq*5VIb=*<g=iBMpC29W-f>M=U8{;EUy2iG%}jH^k>Eofjxt
ziWd?TMpxPK7sxv0^=UKw+yy;~i=;Ola2<&Sy+X|e^rMtUwXW(iogdB|$_Z8?;V}zz
z%<UtgP%?9m*v4_HFr!G<8N=cb3t*&755tpe2xyhd>ED#@Bc|5CoQdn{HcRT6i4*C(
z(7a^MvVV9KGI*3qdA;BV;h$)6%;`-nO@%w?imP@%t4_Ye+tx|M2PqELwOBW@lp_ia
zW_ER1SRwMfQsykTk8R}l^v5A8JSr`?GCY0H?Zq--cJ$Q?Uvq#(L*_r~G99D{hVn8D
zCnk@Ij>0HpI=R1LbN)?Ps3#ahbqc1|@e3Tg&M%xNQ(qZtF2o1)|7w$LB}Po)^;UAC
zGVMu94V=@LAF0p$;<EB7?AjyI<3d(p>IbJB+Lm%jbOiU!XI|sofE&BR<2XMmmzxRB
z%kC6MDZA6zUyT<%K^~y#WN^t&zf`d{V45$y?TLS4WsS;2ai8v6pwv*N<qfDgj{Wl1
zZ>j|(2mVA`<NfZPKF7%?dxa7Cj(C#>Ak=CMq<Rs!anh)GM{R+xCxMF!&Lyr*7P->7
zhb)j#+~Hb1e~;R}x$?5X30{!P_b$hH(PfMPKB#M;|DP`Y8X6P7PMz#UzJ*=6Rja__
z{y;n!Bjpj%77LI%>e`x>?h{+6vkcy>U}v5y#0aS|K28yRWLra5J}D~X%peXU*Krk|
zT$B{tV8O359{2LqR!^uwncZ2uvR;1V=#BM?rFk(nw+5LH`CWtVvnIz{?RI=U(6RI%
z_bO+u_dT375=a&ClTS>kp*$5x+!#3~&)x?ue*O$ErTFV`_;ps&GD{HGb9g-?xsC((
zD*ETVIpj0XG;QuSzf>bm$^njtCIOvfxD>@bHLG8HfS~D~Y4QC6swX`XJNB;dC$zU#
zps<LCaA)VgiACE%QKX;*&@4M}-G#!?9m;~G|6qE%OeyZnffg!S<eLCmqWl4UGssS_
zWNLmZ?f+F`JQ}G1h1EAlcV0;%I&D%JFd@|*gmGda_E)iPm}q1nv|#QuC;Q9FFpQQU
zS_ctwp5knsXu<?MGOUJDLQ3>26GlBPPur~inK35*IlK^_{}TWb?{r5mPkp25@na9Z
z;PdfmsJ8S3K+@AZ_f{k&#-Fs0h5Af7iE5a|;uCx!tIOlL(171FF*f~-a-f$aF$kf8
zpIg}dNc+g0?En*BUIuQQY|$wP&2)@0l;1OFH>9Aqi{8X_3iNWF-9s^T^%_$iv)T;`
z)(<W6OAsO+<qFVTIisS!o{TS2YC3Z{OjZ$~(dgHzLy*p(@@_fxa?Hpst?sDjnGF^J
z2545_HD#?PQ#PywW!JvL2i1r?U0_Od{@N>*@uniI%2KsmiRPEos2<(&pkq=2@7geD
z>G|5SVuVHqDFy^3*Cix2`v0;6(_Z%v+M*-z^})ze?}XoeG|6R8qgw{NBkZLI#71{h
zsq3Y-3TzDOez{7uuEVn_oy}*bQr>i!fewL^<#tx1$hiC5-FWNPq0Z)jDX=V*gV-Uc
zeqygh>+SMwtf$1`H&gvDGGEf-=%K|!K<9@Zi#(_j2KZ9FJ<(-%uF2OHyU(~i*Lv`q
za>%s~PYU!8$E!}{`JAZ9FC~=Lj{-lTJ#g=lfNga(d!*QH*U_Ol<xaCF`ur)G)u`uA
z)3Zc-)54(XB?)VCgqn9edA$2B;RaYVmM6Um630=Y-g;mDe3WYp4!dy*zdjyLJzO7(
z`BFq*?l&Rm4N;#;cM=&q)~)ousSpR#9>%1g5&iVn?yTae1_F+{I1io38-P_=^(pJ?
zNrcY~%RX#Q<bH?O_+#MJC>HbFMMYUUUiR9kNoCaP9{99sap53M`U{zfr*f)yAIn%P
zt`R<jqaL&^o=hfPUgHtpc!O?L*59u+Wi!9~xm$*2ySP#6xQ`xqN2y^m;I$8zWjq^y
zrpElw;OYkyG<&L3)(@XNO(lX)tx?o43S@PPd2{l%{Sb>Esj<5hoD!a=r=!}e-R`BQ
zyo~GdcwPlHrOfy?&$f%6!A*sci&`{`3H<us<MHzM?A+1z>bfYo88+S1a}w}-f_*)D
zo^i9o#WmM8tA@VM@e3=rM#Nhl(BE^g_TM%PHnE$b&OM#196Vm8)WRBH%S9^>q0CuA
zYVZJRV9hgFY9(hW<J~6%VnkP?S{8zvsP}d}Cx<p)PPpqEyDwQ)_Nkw4f*#h1E#*4_
z=;qoT*=UHzYjcSbMAD^N-@!FwJD%5)mpQ_cIexGc@HqU^TeexBUU`|@>E1)|5J?N5
zvrnwbe&AS!lveGAH|FCRLjLX^t`|#2DXg!kP5bu|3JPIVXGi<A0MbXVa;vD<QH{R)
zuVr9LyoZ8p&b9(Ctv5w3uYP1*W*%FSb4la*3Ehwc<d|qpdOn{~&^FKD@=B%a<i8<f
zl+X|q1iOfEQ0Mf-V810IZvjX$clueZL-&A!HrWiLx6KZ~mxg+5So_X!Zb}n^RLWS&
zEJQN;E!1kkwZAb*?KUQ9JGb0bDpvB|7)g(2;<hE}Nl<8A-Q>ztFbIe@6OGAuX~z`w
zkF9FqYt`IDU0?U;9kz$?+pVRH=a+{4nJHITYqU%7z--V9YzX_KpImS&ue83WKsq6D
zPuT(=^L}!y#KW7fSMMk4Z>QQZ8aBjJCa9e<hyX9Gb8{H2lPqoX+3rhXNib*hUi?lx
z^;K2W5eSy;S^B;|2bV;akX4;kKRE<sPmuNz&>!bN6wy#j!<_y_)HeM3nOp8Y=5H-x
zn^lj)0Y&%0zO~Zvi69?g{}*^^dPw7Unm3R};Y9m~5O#zPOd2^aLlW+Lk0%3*GfNNT
z9Jep4W6=1JBp64=)+mN>PJ(#%XIcL@aReZ93k!5dF4j)~g%d$Ipq?$jd;Y$z+VWPF
z&OiV7(&j8Iaa9uE9ZEIln&_2XwIWFYN^lm>Q9?|WnitbEoyYoIN@*RnC&mAP>w<FZ
ztxdjP{R>7uE_GZzC7k0CmAmiJxjS%Vx3*FEnFD>UvPu`%me*WX`RG72)7U>C-f~9Z
z%a6|9KQvT9&|${en{!h~Nl)bWMFp?NN`2qJ-AW6Am{b02ht+VQke@rhQ2m|aB{wMn
zmNHS<0+yc6G&`Ec7*mrGj^ljBAMOXQt_KeGbT;{+%ffu<vKBYS@ue5S_&{ydI$ko|
z;*wC1Y&8Tfc4k;h<=0|SL$j-3HbNt7Rji{IVZ6enAJ}R^Ag*M(uWrM257bF~ML@{l
zpMMDZTCVsPYj`xM40VTrD2p8IUt4r@U`!5wM&rd8QgyulaRB^NvQ|ifhS0p13jf7H
zuE3M%)z|lVObG4`CODChoS+UqfnUti3fAaRiy^E3J%xZ0*XZ$s79jf0)Pc#22-oTr
z0!ReU!E84ot3N{`xc$K|%%Hm!E5dWU)us?{&&6{bc>0mv-;IquiXxB<b_<}4?1IYv
z5lMx6^MD2w$MFe2eyLpNjo#>gw6Z4bNJd~#yXF@daU$_lN@7_a@%u>N`S)S82d<*3
ze2}D#o7I~mgvWbcuT%~s)QGHzJ;ZzSl=Fa7^>>nFf?U_7`Uc1_L7tp`AOnSkHHZRC
z{w%<r8!Cv~twQ4?@8-v}3B(?1x)1y(u&Y3lC~+e9G5li;+vhUCV|!=f3xY5%1_Z65
zzfx5*)G0WG+`AuKA^?ZN4J~Ji0Z;KcCzxNnh$Mfz9vN@H)|jCv4JLHjF9$|1mKp8k
zUVs%v|E?BYS#DV%OHEQ9JV+J3-<vuV&n}j3T#Xt{BDjke5qnoyN^P<jO}j}o%zoeo
zbHBtxX@f#7{>k+C?rNxFAtRIrnWq{5!O<@NIa)S(XXPrWKNQT|On#3=hhlH_UdYH+
zA{Js|883dECxV=XBNz__c)}^=*D{OpNT+|5+~aAVl57oyhtnFJQ{+`m&D`ojOvOv*
zl7BFJ8kkBSrD#PvXH>U=ZYA|os*@;yaGMxJq<!QTngZ<h3rh@B3129SYN>lqa~!(+
z`PZwg#5M-gBmDXo5rW#aB7`zRz+!v(LmYzcjfPAK_B-6p?0F!6VYfT(@m5lhNbF^n
zGb;HvDVGoBqlhIGOMvqa-B|jV;>2jB^R^z$IdA6JU#y30M4+LnRrfARugYb08cDVC
zz{4qxvKM005%d2>Om$2XaRbVXe{uzJ=sf)ZNqE%iBHq8k&@!uoGRKt<Tg*W5vt7hh
zR8KImf-JWArF#gr<>PQ-eSXbLhYvK)9b$*qDbxh57M2PmpvH{UV>lGpX^ot^cRs%N
zbD<3AWO7)3xp8idzYsLYbjjGm6elh<3GW%F*d)uuiu}gGc;8X=2irGn?FwHPJSgKu
z5)5pRELiODAGu3n2$JZ<hb_!sGLromRU$r%?dj!Bfh?i2Q*6_7UDKq>b;_=|p6v=n
zzn3EJINTT`B;cGV4Dpm|t<EqL>m6!4gWPMr(UZ2}8h565uC{m9vxuxS3(r3YHJYgb
z_k6`qGx!LR|9az<m4bP2qj;>G_ic&Yufwp$xF8B^WHC5OT*q4Q6sBwIIE^Uid{6m>
z(!}<q#p)@?NlrVeY~68BfGySoHSiU9dYce8As9b+V@eM2yaKWp@nMCP`lj+4B_lh%
zxR46N5!l*2+P=?`r;SQZ#63~f4UsN<vJ)HA!+A=m!6AqT=lcJ%L<&Px5Ypq52yPEy
z@INVul1xZRgY08t@V&p>ySWd1u`o#X2v;_1fAGx~nwvh()bugCulB^59IkX9wmw3a
zOk^?fSj7FG8uyS5pm>FN`-RwCIOjagg7;mMuKP~49S|H%H8_{e+IA9E7`DOH-JH&N
z{`ckAenRr{5wWjy)JyBuUXTYYKmVV#Q7AG1Qs^xvzBjCxUg)z|#>>CMm2;(WJK??W
zt`>4_mw&Uk9e=?6MZo7$zCBx~5`acTx7Tvl{3#%y$M+F}@k&>;a*_J0L~i@MV!Z}+
zq_+GtH|cQy4-3nYf{Yq^j&UC+%Y|Qh9xHV|U+#=dC@+7_{=2BG`J0E!>6B@%``PZ{
zkOZ+*<@>%c0|p5SUl<Y}ruTWWiCOd3N&I)$M-b0vI5;>k@IS;J3I(hINMJ{>o^qol
z+SSrX>>ebtl9EwYbM@Vv3m(}W>U~M<t1WjoWg*i|zyMgp#7r{r3`%~*O4)A?JFpeH
z<T&RjFflO?C*MVOSD5s!Yz$=&XNn?Fu8D|<j5<EgmWX`G;<T+fRb>{lJ^8(z`S<=(
z`|4(XdVDZ8bx$<8gmHfgxAfCtaE5&3`+q~3dYl(LsloccP{}1py1CWQf`4PZe92g8
zIuH*wI$a6t%6^YCLBzQTffIkE`9@EBFp(z=6_(R-noX<fL-e938JX+(>#y<gd1Nk9
zQc{N#2HsMg5kw|uyK~Y%ZqAn@4_9IozNyNmjPN=_Vs)M899cXs9Zrsp1_X;(-6WAL
z1~YvBqzf8+Q!83yd-L{f*3;*&h5r8iO9Kg;Hjco44ZnZehDYO~@YnMjezVWTVK0-(
zpRdfynIfOb$k(&qge%idfs<Exi*dHN0MlrIX(TbaH<&33X^LR-+}AGCZ(6Aw5Qy0-
zYth#W3=-%to~f~19Z?XB8!yqp!;ka6Ihj}uAh1$AYIE9|&Rvt}z}(Dc`=2Abf~J@@
zeKS+Y{t^=0*7d~^9crafdq7Wey4R)DZqwPkN1E`8T8Xxr+u3djnbmoQ%hJ!suFK(^
zqk+uNcdz!_(M^7Z;M$$<8^!e?wWkDa8_9>+uBSSGW8PmvUBB3^TYm{6f)6ES_!fS@
z`O|B^0(y;7U0;;pPX<cS_J|GOUESo7d|AzdiJaDHmm+xz=>p~-J=z`}1gUN%=(|Y?
zoG(6dL~U*~8~Ya5@%uNOQ4r2{9KA-*aITEW-R%t|%`fXva^VfU!Ikr3N$tGy-Ls~P
zwdB(UoYIF`FI*VNC+HlF<*bfL^peY$z%^FR7Q8i>Ncpje5BEzhzrX7oMG(x<AydOL
zi@{^kR~_O`X}_9TxTQiDye^l%(r)&s^SHfOM^g$!_c(_^RLUpzheBM~{9^(*mzKYt
zYO0qNPT{=K_F`M4<2LB?SGDtQMU6-OymTy)H2m{r=U9@V&E!qk&#<w{^A*z74K_%=
z1bUO7?#yU>P!%927rklleF~E@^s5DZpNWTO+WIsA<$*L2f-2$sQ^&>T>K(U65!f|m
znmrrXtmkz-k0R`y&Z9VuyD;Lk<Kp60anwXF$K3at@|7DDqhJ>x*&$TBqQ+?Jr~A}m
ze;f9ii<FB=;7_8tq2~dgGHi`V5;9(Gp&`tMRwBjbPcl>QSR~#3X_21Jt~9cF`KGkx
z+2a_DU!tl8cg<s2d*_@mckz5@v-S~nSEoBgYo841>F6SvoOv7}Ik(|Lu?C^j7kz6s
zr1$v?g9IQ2kMf~k!8|`c`Jr&FKWRt!W#DxoZdJGX?BrFGK#$Ymij*3S$?q_Hh;~YE
zGLPdoy4J&Xbio4Tr1BT+=3PHOqo^gtZ#^&dK7+-QmjXklsFV~2N62XOuTZ=q>58PK
zFuML~Va-hGk_KS;4P_M-qQVjXC#cG5=A;mk+x=g%7l*5A((G9lG)|vXWgA;aNe;Z;
zJk}M1ymnSnauqvy%|W;Da{`n6&7>3Y2G@NmfM)?I9A)pe&VHSOlT#yC8+Rg#&`hIT
zI*twuZ?>l@A+toi-*jBEH<NadNRT7ws=3f-O7(ahpX}b<?%ly-vZiGFx7u^s>3=O4
zp_?ZA63FC%k=cGRHKFe=*B4$ua@*vxkr^1fFZxRtu|F&8@Z9;)XSG3|$Aw8JTNAZ6
z`Zll+CJX{5gtMKfdk?}@6lpOuCQ|TLQ@n}Ien(~9YNZi~&vs;qkkgCxo3zCjFvE*9
zzh{~2z$rZu9ij-5%~2*xT7OYEaz`|gEkW78_m_`Ihw1sHrp@d7;NOSh#InpaG4Q%u
zc^L6f#a8&u=mPmI^W5MR@{+?n@4E)+qd)!q>X;r)q__mpZVJ<wi?hUZ&frmGZvQKX
zxP!D`x!ycv0Ys!Q<UX;|h)k+=>||MaxW?b~8fv6lM)6#cURUWpjA<v+Ks@f$Mxj6j
zi12V+Oo7PBH0EzVkyZpA%cT?+X;tQ7irPK>pBzODF!T|o3t-LuS8e<UKi+`k#p*}a
z`OxzH|MLwSozbx}0|Urdk!eQ?A?OBM^WX=GQ3c!D+8}}V0!%KOMW5}3mW3D{mskJ%
z$cF$rUN-58jn0)xsAr~N0^z)`0bs~&eWflQl1rdat<@a7+#Xa|0)BpD?Msdx5Wju5
zWY30GP5{eR91$9-(lo4HZEnJOw#fvLP$beK%3H7a{R1i+=x7?sOs^-*^oU3MaKp=|
zaFHe^CMs8(t05sFF`HsVNCP2GEpVS}CyP4hffGZ~^}!SH)pBg#R9@$vJh|i?vyr^v
zJUIg1I(Y*?*f2l~AY8H#9w?yKpe;%@u%gEkhg-woay`s3Ha3=wqf?_`V;fD8;-UlV
zS%4P%nUd9?;Nu>$;H#Ykt(#J<^6;nIQ{-C{WeLB-31mQ~*jeH61hU+67-(31gwq3u
zwJ!q<;Z;`x=(4Y(i=%}qcGu^&g}QYWs%83f|6h;C!p1fMNCFEVpO%@K*~u=o84Q^<
zp;Pq79KMX8ke>s60Z+@UI%5d@A5tFyM^LL(!aK{FPPOf+mI{Eey`YV}b!|KfIamra
z_%N|GOg=R%FXm*6cT2Huoib#ij0xDNCT8n64jeZeup>h`l7lb!oe7GjS8ME)C=Ahj
zQ&I@I-Hr?3A3yGPoX|7vryzuW+#33kopC!O@G1f5=xG^s@tDGp8V&*dWvoeWyc9^}
ztMNKk-~V49e=ar(MOTNnS9^GfRjx;C!`Tw(b$7Q{a@JPG7q$zYXWdX(1I2Hh$sV8<
zUtFxG=Q{7r)42(g!+KNMTppWADJUd>bR`x3g8kaHP?rFl782NltWOUql$a9|^B{w~
z342Z&L#@E*^eCP|iwrD@{<Qv!{_BsEuP-1)WusFWz;AoTGz@lz6gMUw9|Zr!Y;fL-
zkBY*G++F`gVaN$bOG{hfa_}}dC`i$uc@Q{(WGgl}*0jODP_Y%oq5y1qP<?*7m-g+=
zo;N*H%lTiFz~?;9yD0$Nh`t|4EAc}3{@6&P=A+h`#!6dU%gt#rp@4_xH`PM2o68gI
z>w(|cBVwdv&uB<|Hy($>UndG#S(WDG=1Kv$LCL`ICq1F38t`jhp<WALK=^Oi=Yd-|
zBBr-9U2QUu#xMVN1HhT#3KN;BI{SR-y<v&g{b}#pBVyrCPsej*@LVB<`8mS=Pvn#9
zEN3__7X8tUfveD6o=#ho(JpaVj5C~^fjTbZNprIlNDS{;`+DGAB!8Y5(Qt3`&8g1C
z<yP5aGHj<2InM43VgDQen9-IHm_yvz+*hI{a`YOUzRkM7f1l^DF(@2C$W5k_C#&?B
zlH@I@|BU$f_~v1p^Dd%sp978hp(y7<z4E;rKEInou(I%lSd7mU{J!jRF9u&ezxyeh
zJ5PiHu&60Co<EA#L3JCw82e^9Xm8E;=9{E#%$^93XNjYnXarTCpSw`Ddfl98)GbHw
zBE#n^j9lNGErec|7vhCz=ag74G}G}Q3L|Cy0PO?Zy6+$Xi*e8;kr*L-@;r~zb^$z5
zM}CoT$}PzKF~H3<Zjez^NUsgQqWfW-p3YeJ_A<46Ohot;5#^KS^Q^E)G1Ko;U?BEC
zDT@o>Y5K`^8~@2QW~mlcln|H>EL+qwC>R;#ag7FLvAL)f(qh$1w7Z)<uX5~Gdkz=w
zZZ)87&*nl)OT8+#cLJl{mm13%9<eciW*M8@PQGXuc&drx8M-Oui$5iWto=zO2l;I{
zM+)0<E|A!Zh9<+WN;>ELPo}0Wu~_T<#WpkpOg+))1SD)K#80$Oo6!il6vI)L>MSN0
z9Z|PG<LO5^&$~+8aArB}<32f<_+k65mNN?Piw`Ff$q5SwhkCC5-zIU86-Z$J3BW``
zC!hirpn>yXgdp4Fl9>YEh47^cTn21R0;E!Gb#>559QVPGbo#Ty8@X8ii<OweGVdFi
zTpke|GP<>-VXfE#i@Ex0=`yhuG}<^2kIH7Tmq(tZW;q!7J2SP;K|DF$9G26nxwi34
z2KtJ$*d~h_W%{oq`9BLv){TBDm@-A2^JZ|NM8c6>1ki)7<hj8&lE*RkRR<*CPtVFg
zawUO1Lps+T4JQ`V$E9!6;_f4f7q~rt*ST==7xk@7WnVHU@2&eto*cA5P&OOJP|1B+
zY7gWM54N`y7l%X;3o;H34apCQSi<C(lf6>*_EISNTNob9rX)9dvN<AA&0|wi!0iZ8
zbp^m>w48wBqavA-&PbKnh^j->8#r}JpR+CyYPoJF5I@rtbrv{VAfo@h|4)@aKc%gG
z01p`0_|fGl$WL`8*}GS1Ur$N_WSCDIBnL~sBLTjW&lLOD?Y%scjo0NSb=}##dniRj
ztgKiYn^IuQ-Hx^Qk>n`paC}Ni@i6a#$5Efhk#OTu7%`dC>sQJeQ3dqHXL{!5-^hRZ
zRw*9Wh|*F0o~$rI$tJ!%Xg-`#BY}i58DY4VsujgAl#X<L77i+&wUb;clZypB2r?lL
zAV)WcD@q+KwKTNZk+HA&2VY$sa|h2PQ}xyo#^UOrA>ZmpRYxFeZ1dC>i~4@_4-Cla
zf08VQ2a@SWsn-0g{_6VN+mHDD*_LzlYM^-R#lA1ZbLZL%K>xat_?cB;BQrOcCx}k$
z7Y429B?Z|Bt{4r~9JHIYDD5Xkfo$?&;UA_!KT@VlWpoKgEuL#&zJ9DrkhDBY+(C7@
zyonku6eOiELpOO?m^}hOa9kW^%k^QXYLU9!Zv7VHOldnoglMZL-@ELO&4h9G&hm)$
z!u&}+8M|_D%Co|aat0MLK=+_k5JewG2|xc;f(HoqugWhLc|hS4T8{<E8dkVfISVcK
z#`aW>o-Io)_tTGWI<=+K7-DA_W1>}0TPEn#$a+4*kzcY}iUy*o(Y_tvKTE-KD9;ij
zQsy8XHKZB#yV@5dQ7tCqbt-lvGE4hl3o|mzL@H!Ej=ml?m;`f+M+LE2I9%;jQ&qBd
zL0v!lKw)SCSAY@9q|g&bpWiH-xk?SAbT|}AVA7V<A#%V5#OoQztHyxw>+XNW1^3vN
z(@9bS_cJn%sF>Ak?AYg!IzS!g3YVCF0rV$DuJN;w)rhZ>_^#G7J~+SBz13+T#m%C}
zk)S4(!h>R`JCODH(<iR;Ot`$;S;8zh49Nl<q&C$k(w-AgJ&Wj)dgEWk0HOl7p7>X4
zVf!8m>x2kZslcWVxI{2|B1`l;z-3HhvxA#INI6LK1(IfBYoSWM>J>U)k@kre{neJ`
z0!FGojjdeeHin+g+az(s+oz?PjOjX3v|5KVzdb8B1jL6~>{7hYec^1^_nuglif}Qo
zN%DwENDkDX<`{`pdmsW8A<z^UYgO`VeIL=u=E*$l$DVs$T{-D5s$}{dHIo+#Ttr)`
zvv$FX6M(xIh|gh+4TthXiATo*@`J8Ryc)B0&-T=Ev_J{+G3mYbku4i$prq)PF8~qU
z9l_YCWR6M1mq*r;n}nQJy3NOuDej_~IGzgpIc9(v7{h$rQP=Va0j*$T2~>=-q^}Km
z2Ic}@huzc>B8*?r;{?no3?1PL7DLuwKK9zb&DA4?A?1Agwpb;$(6#*q3y}Bwa@kHm
z^@@4FfAa?O=HQBCoG)wfig6fR8yBi1(Yf$X(rdfbl<YBb{IUSLk&0KF(mI6uNo?N|
zgcgVX5pFN8gqWb{Gtx&vOwa6fRt``9$)c!9u5_I0JG(wW?~q3dTo&-42SPkP;6!jB
zaCHV0z<pC9Bf{q2JT5^(K13K|W7BSSImil;-dMM7dWj2rAV`PU{P*{-CP0KFeDeve
zbbFmbG<rD^7l67)30sM@=;`}Y++}ahet`eIf@$)B(o>VJA9ZNLfoyG^SJj7-u^V`y
zh@+<V94PQ<?{8mxw+|l_?gA~nqc5hM^Gn3nS0Cj;vxNK8s%Nq}Y_jgr0LlcIL&37-
zLz^2(xEgFn@f|ENqW*@=JA#j`KCs_}4`=J_$IzcPtqWXjv!>%v2(QYdjEO#$%L)FO
zm6Zj5vptLH4}0;+ZYZA2hlv}Fh$jabW2{i6Q@Qz~2VX1+BXdNVk#u98Xuhe{L0G|4
ztOHFjiJ!H+gf8nZQ@~pq8meskEc<iX64KNYK+zNaM2qGT+rDNV*3wp=Z%zjihYoIH
zpnuK4*r!(tlxufQ2h>1A>y2o~4rniJRJ)E(sQ{{&86wn6b_ZC?uM)I+<&R*+dH`}M
z4S_>_!PbSwn7q53U|-vna8$#ymU#WqTJ29eji_{{z+0eIhG_}nA+6_LTunri4H_g>
z8>8_rht6x?{V;N_i8AukdBM)tNlOaIO)S4<=p8}|#iy_>*p8ZeZT<*q{>CXKqSMBo
zk#TdhD&NzY<Gp}1RN@AW%BAsX+1c4q@bT$dHSBPh4P`whR>mqvh0Q@*zWH34r7f;K
z!)5K4UHWr{_(of%g;6PBfbFeFarQL%H>1BEsdGC(c^YBwz~z1p<lF&FX8j@X7Y_aJ
z*%?P(qju_K!O}vcKZSGtyQBCW{u*55YcSV0<b^xmPjTa$>D~k7%nS2-`N;bWMdW@z
zGQH=&eBkDOdp1b}m5lQ9KUh@HXV@Xf=|fHMzf`u(H|7wO@)L)K<oFZTsbAURDAZ+(
zisD~MQa8LkLTRCeT)!o#gN~3;puO{A9(=tFh7Aw^Lv%b+RP0`%@AV+8o9z3e*Xe1G
zF4f^<6O-T&T>?UJEO8V-qxp`+ZDt3kST}-f7~aS<eskpY4x{|>+sTb88I4;V?2)kx
zp66MPK!^Wv{F$vTCm7(>!3HNl=L$kd;2&`?FRYmZVaQ&75C}^jem*<`Ue(O@4k<$s
z%9-XP=ko2hKKhMjRXMbul7%Dqw66o)6EJ}wAOE|F@z`{0+r0M1J}FzdAW?}Y9Gx!4
z{N^sI{)Hs!T*+ye;;5FT#0EORO)XGzF(I|;fQMvF@gp2&{m<gR>?V{|(&EA<!kSLI
z+}&J>^gzRi<AyG9p7k2;SE?;K0=c7xCL~+#rh!fU)zd#5O<cl>Uc9FUqANsOKAFTs
z<3=@^zuLBO-ACD+BJGm;dbSUM2%PHA0Vu|BaWLX~8M}>-$HR}MV_BJKnkuB4EYx^R
zV%)|+vA{qoQO*>KWR*{g_6%e-nebhv)3cxOeRomXj$jb$S9^p{f$}k-{j+uR#haTm
zfbTw1);8{<(9x60J%8^6$*tk?M9$NjA=oJToRsQTXe%memr~;YAdJ3oUHaq-5c)X<
z)XbnMr-A%g>QM?M^}*Udx5=+HZ<|1T!LTr$*F0L!@k8t>I&p9O0_RQwxClr|e^os4
zJZL(zn7hOQ9)Q-2Cj|foZa%5Fn7hOg$q{*?Mq_#za_qUat(|4S1PO!4Xb`&O=$j7-
zrxnph#Miat7qBKUNdS>DqAuvcd>hULw76feFB4*AnJ4Kvs^Po-aAvKmb;qu|{KgV+
z?s!lpbGZCP@38OZ4xqCW2;Y%u2ePt%6w$T&qmnO=TgBnB--e)O;V;DQ86Eo>d+!MO
ziD&Tb!-WTyvgnwN5%oTESf!|zCW)Ix7uP;h(J)=C&O>M$j!^DG3*|uW3H8P*2Ou(h
zBOB%@UE2sm%@<d9)pWMTrCgC1bywT#eHC7vMxD8mohfYJ@ILF=?jv6`Ju4JFk?{~h
zQ9b%x0JKg21kI$i7B4adEKh*)K3CM?lg3L@KwcR#I$=RaBnSU=v^1E|lw!0jmxe_n
zIp|7%g4_%l8Q*tC=2dXs?>PbZH|A)4pm(v&KUbIgNCi!1x3JFnQe^Z(^m0{#m7^={
zSHtL<%h3W%2#@^&`fdbJNHEgs{}V{0K`E#(yfQ{uUq5)F5WZQjN@pFk>v~2h-1kFa
zKTF}0X|pazGm+neM*0!Y&0$USh$^o7Bxl)i+zV1+%14kky-T_XK9zNWAD)4g#^(qq
zW2j4G{wDF^Gr~Vw%q{e#luY|PGc`amJOu+a(>wmEYvkW@S|!K{A2=Y*r*=9GmjVaw
zLjgA|2Z1LMbxL1Nwxc2h4t|x!^n-R9S{Xs<jzz{rE|oT)sCNBZD-gc_pE|vdiO?T8
zqF@EF(xQdk(_4_uLSj|1atBOkSNzSkM%hwzMx&hrlLhmqEGo9naU7lIxG&|vopVRv
zNa_ou$yfPzFoC&?*Ryka1Xm7ftO+~ucei%Ahk1H}gjdLap(#5v7LdRNR4cybBY1lb
zVqQ&3NrFH>jlX{=i(sWXE5`Ju0sm5|zO;S2C-Zg?`KQ&D?$;JTg;m7pB7jgC0~raV
zjO#Aq9KCt|_jwtQrv@Li0E-HmV0i2bN#lsuTnZfFl-$1b?7>t0nR0Rp^Gx2>-t>Kc
z3N1G`H;Z8_3=%Sn;Od}UZKGFW?XTeGLlfg2jEl9nhQ{Xi*;F3qB?e$zt%7Rm^!U&5
zA41pjlE(MzuNy*)vL~<H2*G`rJ(zV6Ko2C{GtGo%5|O#`Z-<*lwV}d9DAG;!_UlYN
z%X>F;=Z0vN7Ov;Y{xoecfoMcuLh+cS0qKzYajJsyd7HP@P$)KQs28{k#cH%s`-A}8
z?7aNaQOe;hm(|E`Qf(&)upgD+%uJPl_vK#}r;_L96P}D+)<9n{Em!&(U{>gDyW%PW
zua!^>oaGav)W<t0#m3NH<nFBRMWD>}lZB?aL{`&?6h2qw%abi?wQs7ndsKo=(oFK@
zVwK2w8=s|YejQe9WVh8&eakv$8gRf#VwS;Zc(b|97+~47nUI=aa1^Mw@&aJ3VoA`p
zhcx^}5ZEMmnvITosiZZee{Nj(aV|Me_gz(g6OpvMd^`#sqokOam{2X-;D^m@M<B;h
zT|y@x2+DkojGXf!pyxYKUpQJ<GI+$@%972(bK=M|_h8Jy*XG1FvMIdT3?tL2w*~hb
zJ0qRJwe~0>BWRxd_*G=F##`P#C08`J?pgG2Pfgb0CH9$^)xNtDWzoMM=d#duh+vt&
z$QixsOXbyIVP(w)^aU0c*57d2SNxsxqWCPvvvI6CL|GQS7NWfPe_5puM8AG0!3MQB
zC}l^kKMJ&WtD~zNsG35npj%K%#V}Ll9gStpzeLUo5)zqYFHq~la00g_q{n|#^Zrg^
zsVRdfNF4zwKF`A8`ZkEgTPRcLeKu}NKa!s#4%F!0H%A=l7k~RZL^}s!+B*;X$G>B}
zKj=_aR#rVa0A#Hcm^g&CkiwMO$hEVPy<Ml<AaNTsKs69}ZiHb6?(}u9eNq*UoBmrY
z(_5eAr9I002O-A{-PNL0wCV-vwl2AYCf*2R=#1XpO<GpJdoedQFqR?6Jt)ODr#<E;
zg$eDKHL>mubBl4VGCbWHN3}iBq_qQXkkh;)W~S;<R`xFTT4;1Vq5wms-Nqw%Bvg|X
z(HW*2`^X7J82C7%Xs_*H;aFL{=S-Cv+qSb$zO$M+FtwA(Vc63c=cwhKbO;9ZL_eA-
zJPW}LkX#Q!`i^E4$P85zp`S*aa)mpB>(&{bzR#vs+^2(xSe%}Q@Vs-i`!@<01W|mT
z^*RN{P0>t^Qt6;V-$ku`{k2`|j+De|omA*p)W+3kKiaCFNKl%uKb5yrQV%xh7}ucM
zU^zwet~5Lp*O><L{X@H#@D^MX4YTr~uuyn%h4y}a5ox_<i#j_Jded+o89TYeDRIAD
zip<D@zv}PrqC79i*if*XG@Sw9gJwx(@*JRf!mzJQ*t2DOKXJXnt+jO{^G3<Ei9b^U
zdZf_7zToK)OVOZ4)6+s-;k>4y0hVUmwJu7`&8yj`P+h7cQjy`aCX<%i%OXO4H&v^a
z8>c$ZYBRL7%sXKeh5_y14#gifVw?F=qfbYP-&1Cfq{BWu=0Cp8BA#0rYC@HA7E4+U
zO=oZn=_gH^ER%T`92}t-{p;t`5}fgl{H_#ScS1{Cn^##*l3G?oxccUQ&TE&UQ2l1>
z_>qW>2qA(R!#bM+5Q&b|aqlExd;%Ktf?;v9aUfPOExF0ygl<C=>Y1m*SoCcOoz&DF
zbOzd-XbA_A3vZEHLhS!0Mta5YBSaSU-m=ywkP<70CXbZ12->X#rSQ9}n~xXMPUzZ)
z>m?Y4EV$f8_iXj!vpW<0Ag59en41z2kCrjtNAQzpa>ID+pMm0pDJ|X?o$9WS#5?if
zt=T}9$e{1cb#*YMG}5asQ$)FPRyw(=oNd>1RuDG=m|$&y8VA4H|9G-p0R5u^2K_VN
z#=T8D-yE*^B!6uCd$Tvu{Z|elw(J}xywa!24~ap$N)in3R%>RgV)plkB|cpHvJN8%
zrhQk!C1UQya1^P}&i|~eYQEf|8K^0OgMw?OM;?%N9*&5gWv-n><B`PHbHwV+H4^B}
zG&tYN;Q##Pk)(u|(z|Dd=$*L*M;OnU{@vc<1iXA5Qb<Cbgb)+tWph*F?84ETGppkR
zwY%h&zJs<eS*06&J{i3BYhhRpxOA%f2mKdbZb4XlXQcrSZD@VwMODIxG>Dl1I}&Y%
zO4f>LlRow4u+S70@2jE8gG!PvESJ6VRV8#04&aT}t+YwSu%};rFx8EI%Z;>|@=|Oa
znLMn3NE?fU9s9|_ryAJZ5cwcEF?9BYD%VBwklw1Grz*0Bi<!Ckkh-PmC)FZ^9?`$+
zUop$s{O%tcoI&5SbiO&diCIm53FZsy&30<Q)c5L}eR}lctla~zl3ecu8lB?3{M?4s
z&|cy{w2+Yb3NS52nSOD+F(k@Pf^IB26b%q(D#q+|O*7vpeSH_J`7Vop>lGu1fB`Iq
zYPuL^)L+><FE%ofb)IyKj{do`2n!U%FqDItN<GibsTwcaUb@pWjHH5>msh_Z$(s@=
z%|6ByM{anFndAg3o@(}i8~m{oAs;YqLfJ=X-B{fc6hmvdqN*!WA<xc#ZPI9<z7yA7
zd8_!Y;i_#EN8;n_58B#ED{E`gnwno#i#3Oyyi8suBQw0D`w~<WUSH-}IQ#<Ts47GG
z<`;kdH-y<AbrDs)rU(lRwKXNCTu%}6p_dbvMHoo6HAXK4HG~nqUkH_bP-%wo`ym?o
zNNk@iyPWkJbN_=-2v4NV!CTOAVc8@DkUCS~lF18yoYjxU52<3m`QcDY{<-uAdhf2y
z{<=l{D;+B6utvwKP8>3h`Um1yipe9E0JPWEkQ(wi%=O7*HI`61#jL&LK$=N+^7`a8
z;>$l~Ubtghm}JjIR9F$0G>CVMB~>d6e)Z``lce`eZU2DZEHach5&)60$GRQ{&dwKP
zBF5LJQx-*|q4n+!oJvYeywCf^Z+=je!E%f14e`dOr7?n@J01+fB>@GpUEUOMxuGpJ
zOyDQ4<5N^lPsftChleDL02)A2IUGN1b<Hw~l)VP`|A())jLNcW*M$W^N|8poyQLfH
zM!LJZyFqDb0cmf#OKA|LrKChaK)O?qhCMHz_xZ-!>sxF8QHDdkYR<Ecn8S)PYZzhZ
zi28ASOPiyuF4CB)f+H6q-jSKdU^YQ8mP++kmI=jce)iM{<v-q|l2_VSw4O{za74sA
ze>b^5oae3=I>;xydl%}6D1~c-h^^D&Rs;Y}V*ubVpY5jK-K6C3wV`64=J-3>(1Eh}
z%K>Jg=0>jiZ#*1=NtvF+#f!;#Z!jbfHV3LVaa7s~;<IAs;c9LTwsPKF0(3|$ne#FH
z1;&`4|AVoacW|vy91J_{kFzI1|Bdh%)bSy+c8AOw_onqmBcKFxZ}PWZQ5!u;I1hgN
zP)4~_74=F?@9XmIju#i{*x;b*oBr@HRA-%i?by!tXER@@j0@%p;NDUTTfXLm68wZ~
zmc6r7N8Vx#H6?0<&9h-{)QI1KQN(r;8k$t7FrTj@AI+>)%V4?jBfATbcLgb((O+I-
zE(CI>KC59%6NB3AnH#<Xr!s@GfV%UGlQ8v?vB3^=YkmWr-?JFTt>%|4GnKkj(b3TW
zqNGYnN=iGQkwtR8-sGA@OK9FbBr>i_{&+mN<EHHzrZMnV|7qFMJ5BQ5X_dgwINHI0
zdfhN~j@z%o7DZ46db(q%r^{uK`Aeb(ee|lk2_M{Pb&P_n`fBH?OPq(J?Y<e|zeVA?
zGsGY6kJaJ}HSdp?^YUthcxPC|#Ki2Sr`FqvJW)~AY)ZlLPgX3(Bg07!wwA)J@=7LY
zrCtwi(yixIxCfGL_a1>NszSu0lMBaw{A%|N!G!8n55o6!>`n_6)lG$~Y~cR%ul3WF
zjiZ;KcK>gWTw(g%?^P+UULmvq)(s8gSJFUaVSUrj+PekDPyfW=-CWF_u1FfAOv=MX
z?aZF}^FR&*el3JnK=Q5e886cttU}*NPHO;<BMU*TYtv?N&5yI2;q#jFly8i<ig``c
z*cRDBROg>W`dxR2j~~YD)oCX4-|XiC(%KLh!xjS6L9NBjGFac}{qC_9x19I;9kk%B
zu{vG3sqL}zv%?7;(!-gr3+wN^NHUAVF^9Ro+Rhac>wv0iHT*C5z5&q)BJH~pu8#CS
z$(p$pudp|7zInd($12U@`TETM^Zh20ue`-ZtxZxyyiTbA*^>htt0K7++Jgm)-xUU*
zN_F^-MHDJ!gGChYZ}h-r1CPI7ig@#soR^YaSjG$HKkfvGfk{5`U%M7o5F1wuOi)8F
z?XlMP87iiKtbaA4QSV!{Y_TDMdB_?I1~0=-CO?MdGnm|%e2a^F%ntx~!0H2#uI7!2
zR4<z;5Qqu!Q)n4(?TVB6IlHnd+HX`P@NE+%+!q+zZ_o7JaOnoh7j(Xixf3E8rSNNe
z^TM<(_IEHJ(!hDp@z|#%Z4d_JQp}-QR~IgL>j8v{RQdN2o!ZxrPR3sBD`r(tKMdvz
z4DYF4Dsi$*9Ssc2;&n~~*rF`}vm|A%?+o5u=ceDt-?p$bMGI8QlDSSWHtndBc1$a%
z7{5_p+Eq1vGQ)_e>@pcEaO>NXEK1WpNdm5O@N$J4DiDB2NQ}VPyJK`-l&u1yW<<@6
zm#JN-5pIWi)R=ed@|$<n7FJeY0j-aknp(14t7_-&4NvDp%;p!aY{Y1RnT=I-qirTg
zvfB8N-+FW?v8kF%a^~FcLwPCFo)FA7k*^k%O8rOxunz$o08lldYsdS&3+Xf?znXq;
zDE1~%US!>!Yxl$Bdz1J1q9k$CheGr5Ec%TD0DUZ!ipATZ!%$?~sZ_gETMZh^&`r+C
zI%nSXXI{KLQIr$Ttuo@hX3pxAG4ufvYwn<s)w<g9(kwzEwu{gf9)+i`tmm}t3rm0F
z`i=s|%CAGv>)ZrJ2DW$ZO>V9&ySkH*u@cQxu^v7?q{SUdKZ~}8Tv}pN(!b`0_fOwk
zJh&S9(OC{pIwB0OtE(H9XE$A5mM6x3OE3-~4^6>`&e`frF)T21vVc#E;~~UBELU6d
zH3A(Nz5I=XV}E#P^pHf4XrjNLE9Lp2+&dHTk5C9Cp<eCX?kgR4r)*+u-ji=}aSQ`J
z?>DA}k2s!1tNm>dDIlL6S_eFebiXnqX6scm+C?g3HRyvsZoBW&@wp$s+V9p;XX|-u
zI0O{)Xg4&i9fW29eT@cSyP4efv{ibSokAVFFI$87L-{FE&0zKlV_s)PFIWzv^pQ&;
z#iEse{Y|6mr^yM!0;MB@aRH^~3|!MGnRaq!%%aI)IT(Jr%d?sMOCQCCxe1~Ah#3UZ
z7+B>(E~WiS3RpRJN3kT%?cvqKFH|=T7qfxroZJOO4#ZKTYmcHUStR0?<*S{O6$uV3
zQo=RdPimZQYdOv{0|%nNDLvSO1dX4c@~K3+d;a|;)Xc^{#KWvgGjg|8RjkNVG716I
z+ZWg~r87c&V~vL{X%bQU3WL|qr<(KLe3No<Tbnc5SyP`xAQHJxpLD;1bcyK>Xw&>u
zwkup)-5%zF5f7w_#0q#qd4ll#&arFvK+n%A{#PLS(4a7z9D{HBQGsTQ2MH6<G}{Ro
zHTc!GO&+zXf!xAGBetjv5rAGpA--Ul8@~EWwca}F$*Hj86z?A^LKxxwm2HYej=*Y0
zL|FA&kN3e(hAbY(WI*4M2fxdUBtAKmJVg_?y;?CuUtS-w6ibaGo>JD6d5yml(TU0;
ziLFNrN<E{pg^2uXFzrT)TwxrbG`k-^eeybHMNM$+^MhaPr83wAKu3k-eXK?W-YUV1
zB=f(c;vi^AFt*EgY5p)h5#dNWIocm7wEM;#apgw2SsCzq*Xwh(UqL<-iPdSTM2!IS
zORE^SkT!sS>-i~0T&<>vn90{#8!MTBLiVk+XUwMY%N-kA|Cw$73Dc3>LU!15Iz36|
zCAV)C@J~e=<55$9+Iwe-IMW&2#btz`HDu=(3~u7?Q-7L1g~${n8p7Ewec4(0b8`O?
zs3}u5P#6uzlT-LN*U~jnP9`T7+<*~A|JCvSP2qUQ&nt2Vej7YD8^8vs54!cU{n=di
z!Fg#>Joj=G7rErs+T-Z?l=5sb4b%wKiq}Q<cpEIalhU3i6M9K_QDn%;nKR<4IHXBT
zc4t0g9Y=#|bjQ&i<H4uS`{TZ1g%Lpl{tfB^R000y(M~i$#-Y<m=CfaU3!7Jv8qZ%A
z_m96sHqw}VZCeSM$d%5$XO38FYl@s4#_`0P1qdyO4Bk*=a8lT>BM(3h+TGO*3v%^i
zQkP!)&U3cD0sPL~C6ro<v;BKDMsq*WXL*q&c>+tA>*8Ct?PN}*4=g_GNy;}S)?KTv
zJ5vn&K{w4B)dsrd+BHsHQN&+}5RP(*L`+RZl2BZ|_1hjz2%WUTkJT<$&NcQF)Z27-
z23Sv$!)Ox@M$X^z@_bX-0Ci5vo3-a4U@}9VK5qJ0I_NE0eeQ;V3$=`DHCEhZh6VLg
zrFhiuH5p44o`V_sX(h3ovM3Ewyv5+>4=Jz1+Ccx<hrazx$3)4%5zw3~bsMB9si<gZ
zY5RKK@qHLaAm0O1U|h)q)aRO|lG=mn#vgjm{3J0{h12%M;udM{NfThBpU%@OAX*j)
zNDxbPPk+2iGWzH?M4{;-uJG|W(Ib(NmB(1+2(9kugAT!aLP4O=0hqI5Sa|q4VC{VT
ztp?xct@+Dxko7FLJDA84!^6k;eGWX6ETPo&r~db)zYlNMcfcbCK#%CX_t41-xtVR#
z@hu|jYlTztZ`VxB)Uw|a&}asQ>)I!_K>hgJBk6pla^zbli+q5{Aa>r(@!ak8`49lD
zi-K;iCR*IBgAHKDRkok!s4s2$BH(+87oDSq-y@2dTHeDwWXQCc4jIV#Zej2gWyR@b
zLb3eMaoK!&Xjh4VyO8Z720w1Ntd|PF>!m&@O9Oo-TXvp3rmjSwOHZWY2!siPwlY#I
ze4sm0CF48V<NGHZGnJ-KPyo8T)B$iF3&#NYP%=qOQy(i6ed%XH0ebFkZV+)E3kQdK
z#?U(_()+iYGiKK{gqoL66fPc-?#?!LdPG%M`E_qQ+MD@_oF6StWqm(?qSSAQNDBJ}
zDMRIpn|Nj;egp4Hm&vW?U_#3R_T#Ks*4{4l*UsRZ)xH2#c;vbuL)cWLg7dRiB&fo_
zRJ0{(7^R>6TzV~ff1?h_EUbVg-{App<y#`(q8Vfy4=;4HgU?3e5uKal@S^wpqYTgE
zxrV*vRi8}SC-Nmhe49%IK{~MGks(hGxZ1%^y%nGsE$0;Slkj+8HhMN6?0gwD@TIBl
z_~g3pR#~0WF4ByV`Re73vQ1L!KXkWI)$EnS4O}a1F#lf`2Etn_<#7k9Td^qskuC>v
z?e4<`h!UX8s`SDB`)W4}jy!sQ(yNjt;OA*7CEGwO+}z<26<^x}j~2sD?)msj{A-Pv
zMcCS!g>Jn?^i;K>eyjJPQ}k^iwl*^Px>~Rk?xCQwWKS@FziAcq4_y!rsWkcvlR^O1
zl_c-4^AUR_Xgm209(qlM!4RTGm&1$hhO;yu;NqBey(33$`{KQIx;>c;T0UGRtyCb!
zsBoaU#lS2S`~*hE;jfzza(LcX)Jo`aPGs3q=R?J7!~a#h#$T<y(kVgCX%f{)LkM_*
z`3TRSK6?!i1J;_Bf>J<^mIpylAuRhmL+pWZ=}$0bU%g@MRP+Vy8@3gr-@w>L&me@V
zNhx-p3Iq+Q$f{ajvcSSYYT|)3RFiKSVDp{w*U!TcU*}xoxVyX4u&^jGYLt>MFE1Y~
z4KOLugzVJY5WoX-IA9ZWO)U^#{t>uIt<dK_uLbFazc#1Le)HEKs2I!ZfR%v%_YXAA
zs=2MNY`S`y>N0_jDWIJJ2oulEzKHh^-LUH&tv-5zPefFq#^!&vV>xU6{2MV5KonlE
z$^K{vcTUrv|NfgG>|cMP-&A@{Tiu^Ue!s@nj|DIK<Dc+Fki#yXf;e(NtB_ZPKt>%I
zm$fT<y|YwQC$w1ecI<{>q^H_?@8wqL=5BU$E*Oj@hWU<g&y?aQW*(yC<CDZ-Ghk}g
zwFd|{)~LWd{IGyzlxDVNb4tO+H3YSR3#9K=&j0!i#NNa_P0<TCH!cn&K)n6O+r|ic
z0~m;&<c-HkZ_kp71{rLO<*`jyXs3$=UOjuAvzi*#^)K{<taYg-72FuFdZ^}5owp#b
zx@k@Hbsao}P6T)$%f>Ic@eazexHvN7dkf18f#1VN>BF`xc>%;t^_AU9R%RO;+ji=x
zk!%z23m`oPgK=m3RJrERpWWj~L~=(yRthB+$heASTmXcPnD*mo`E_;BHhT6YNJAm%
z(SHd^Pcl@`rdh|)(5$y_KA+lVa91D=f!^!JR5zlMf{95X=yDyuOsgvMC*ZwC#0|cX
zmm%LcW{8Ii5}!PbS(oR{hx0Bl`3jnU0ckzZ96yv^$MAx1t#gvXd+_PCpd~e(Qx|H?
zrx3aFICJ@iV1n)Tvw>(LB_eiN23Hcm=@jJUV^W#4l_@DJ#}!2q&wI}Tn_X4{(>{;;
zPd!C9e#wj|rEU|d1ZF6;=Xn)i!p9ETsQEhF23g$llNz7(JjXtHWxI=5g>LfCc>FkM
zjE!?fd!kMyM}P*>0D&m302Cw&0*?<lqe4UwTLF*d1aJc$y)n2lJ>68l?3La2z3N5=
z^+#>20r0L3!385kT~}>~l}X3@?2S^N?Wfk;26emo#I?~UxB~dB28kd*Fz7c{f&ej3
zt5R{_3M9mz{C5+WfWc|M;d&-`#g!0Y6}8Pog6x!xI>{}1N+Fo*gPqti&NHefzJl2)
zDO8-+qpA7%<OJ*?)=vU&f3|hv(}~XOhcRB<DH@Kx`~CbT{B^+n#T8uLj~h@-%wx1l
zfMS9dDkiL$I@&M-8(f1K6IbL_^TPQ5V;puE*7(aoukZjcd(!|^r}M45%Z&kW++Iu>
zG(=!hoB)S{JgqLtbp;$EdHF$)i(XF8&@%(PMm;dmMFQXJ--+(kZRx)bal1GFanLcY
zzWf(UoYP4Yc8&$HVZEO$I5h^B=_}9=?WSKlHA#&ar_ejA=<cuaP;T*=&rm*B%#<;r
z;}#!gGW!53?mdOU<f>>}_!lMIBs0Wj`WS7(svDOIkSSd}Fcro40iF)t|6ZZp@77n~
zG|%ptYE_T9?xpmMyJr*+LaSlBk18O_P{&Q_0^_OLYoETpfH3((8kmplh(_?v94S{q
zrRttpBTcbj^$YpuL5XH%34JZ-Sis^)h_jaES_n^p*M${~EVDZ{<Uu#|A3N1sGajb&
zm%I;aJDCMX(Rs?T?fSSH39v`{gD;kmrUPy|uPfC>mUtd0dEk^~7!S`=qJ5{vWjIju
zc=3b;$UIv=R8j@EHPFmI%Xl(xwF(To9lE!G2qMH0N~cy8m8+$l><>GS^SD~mJ+nDK
zr(gnafN^9z1<Xr8@>l~nwcE6&HbfU!A|IuALmqN&`!iSLbDsZG%S^@-j3j#vI>|FP
zhiSfSVUjmL#6(GeC`pAkZHN-oPf&xM=Nx)VT<eD7$!SwRlg6o8XdHCD;LUh@5{g91
z{*b?)EA#=(2W61J&LT>91jDyq#Z?QmCck7jqj+^R_Fqb`#)S7T34(h)HvOxxa0frW
z>z=NWF|1q9Z@(B+`zT$(Ey(jwNGgYOS|OcvFfaIy;ljlWD9*A%v(3Sf@qz)|hUkJ0
zYb+>sHo-Rx=tTVEPX2O^z((+QA20)P45+_inkQUS1;ZofsXRz-bxUgE2R`{PP7sqs
zB*vn_=eWrRJ3G(0mS70X6HdFoB#07SIW9-S4!*LI@wtfI78!N;-L;>I=o6_KjAio|
zs2MP6l>Xur<>Nqk1_H#W4U8C20YeZ@pl6Xg%IG@n71Z4Jc;;uS6x7(nm~xO1k-Xn6
zs#E&4srzMaASl%Cnl%!>a{<PyCj0tlBr**|b(=oS44|a^33y`haN}q|_a>Se6@|P?
z%U}j^y~{3}9OsKAi%NK$7lpQewlrt}$(+1kT8aB_zg;l!X}BXDmjKh}|7c|{r|fYI
zny=U2#oPInhFs2lQ!eJ={nHyZ$?1+zmaa#}s&SFU9rPepJSqyWtoxlnfNTMQ#IGFh
zMOApG@0Gf4Kz|2~N7f*nUrpzg{N2Us(=wp7;lRe__&S(E2Z<9WfG8<pQy}=R9mpyS
zlT%W_44F|avrZ^CoA*Z;c%v+h(aPW>{YV5qKj9rgWi1##2JSL~EfWonf!n}%fUDH<
zP<jo+eTg+L9r9q(TgspynU%bJo&=O5C?Z`?NriO2zWqH$U)8i^jUf(6vmpNY7MFx6
zq2w+hmks%0$9XQ+6qQVTDgZ}OV1Cf7u%|~7mwRMnL=)yRU9JhqjP#*;5im>No}PNx
z&No(JMOEoHX_>cQ?Nodw7>E0p3orpV?!Ny`o2p?BwDR``hL8%*cB(Y#)$7+~QOs9Z
zX1SNYH}UxnV%a+B4?C}`PdowrBRMChs?QJ7E-sM)-76#uX!X9iIJWx<3poBm>LT(R
z#P@e&8Jr;LBG7^%bk|RB2`$6K+U~BXpPo_ii5p4W8lH-RKN<@?X45iQ?ZHSmiN9kB
z$78fDY9}3oXiL5SRKYyg1-TaJTo3Eb`_Z9fFqx0xOcs1o$86ZD@#k=<=GAv>6(I`V
z1&@>u4zp@=A8e^6OH{PYTz++hy6yeoz}?@SDoX)U$MP9Km}drZNe@Evi=*X}(@B*f
zz~fvWNTPafJxVMG#I-=aFbL5J?V+L(XiEk;$AqW=Sg&DL4_Kdw@n}oer`rXn+vJGY
zX4vMCSakxB-Y>yBXA<^1O$5S6#-zwyik;fruz=+T%i#vgBGtd#gHwoykO%h5<)qV<
z3Cor<_rb0v<k7aZhv9|c#}_<94$B1A;Frvr*s9G_al}BGUo<*M@ewPmn%y23mlj}_
zYg2hcNEs}=>v05}8Wc~Fk?~I0t^9-TF0CPv>)Tp4Tuuxr3`@YCNDI9F18HhCV=QE4
zqsZ-I+#R+^kR=MAez6@)reO@^q@|Ts&J$r_(yDwp&VkG|!$IEp=<zdhS6A2M)YQV!
zspU`0NNV(g9$Vzy5l>Qpptx*Go-2>d#sJ4BIzB$_4H0ko=}?FNd3jx~{{jDJ&T#G(
zi9jH{j@h7C(XP_tE;-u@1h(B9v-K17fc7%?<O+!Uf2lw@)s{D~8IOzFxRzEGF#X)-
z(Xv%1)wn4xjtZKNzL}I^>J3&MPjD(L*hRQMw2b1Z>XOsjczf?<-6bf%l`3dP3H13!
z;g*@4Z~>(<?{Nyz(h4&k`EJnF`u?_hYZbjhxjvNc-TEMGABcF>Re6x>7d!kb=<yNG
z^qo73UX81(2p1iMf<iC6IqSJ)43<Xb84!&|OCvW49=1<n;!gFXSCn>>p6|`7f9dW<
z>~*c30cFU`vP{G`{s%w#-%doQzC>1b{E2Vm^Fr!YI)Svx;4?ma)blT*I2sJY!077U
zzXW{brCc{DkmtXXgSzZZ;1LnqOG!&$X7K-c4m3A>tKSjtu0T@QEoHaG#bq_r|8B{V
zYR0nz6h3O>WRj+gnr<pS`kseXE9qXv=nU~dz2Vl32shOk=s%5(0Yer?QRS5UN$y8}
zk=PpDV9zdj)atcgKHAuE@|B6v600ns`4DI+w9j8mZTHhFPIcUz3^96Q!DHHHu-}ki
zwuSXgOB%iaOjcBGvO3zrSCp1GuxfT=uvSkz2se?Wa$K4Du^`sj7TChazU*%wOmH4!
zH_>U{mff{QX(*}Zv<UI3G1_ZA)e@~Dj1;_^Cvv|YBBn16)ew~4iCa+BXnEE3qI?A?
zh|5v4g-*XoFn)cF_wZ^fJ&iPafOxc!0#RL1J(4pa>X%Xm`-?`Wg>uwV6Jkj?if`oP
zXAEgTp^{T30f&n$7u5tLE)19nFg^^3NoW<iN?9NI+sioM`1RyFfx@@2muRTX<l>P_
z5*}a3DyyJphzsnjWG9r$!SxCiftnV`L?HO5W>%#fwyz65OvU+XsilorsdT$0(k2}D
zRM5MB-SZM99~p^}Xz})bR`BUjY0SZ!Ple}+;_wK_<Q?9Lf5s&-*02kI)Z%OGbsU!k
z?*;u}3Sd+!4?A5fJV#f9M}ViGpy;5x$#Y-r)2MHo?Ev}0J2w((U^M&P@2uIq!1Lj3
z0uK0~pdd*L33yN}Yt_eO##qGQU|P18RC^RE?>NrZOUcEo93IwWyQjXQcQaC=45~L&
z{|W*WE(Ogz4~?3ZfPmH2Cx#e0>($QdgEp*Oxsw!7ArJtf8uLuGK?}RnPd*yTCeK|h
zfNkKNQHf8lY3u0dB<V2ktN7l{Vz4RM0$HK*DvHTDSeg+~%kZPD$eh|l6dr3ksX_Au
z!&pGQ;MUKRbO;L(cbUfe2cv={l|CCy3~$g4kjzBi7(ds;Q}LkGw{R3zNfs-jY@3~(
zJvu#Q<}^KV*X8Z(q!}9%7#p5Yj}fT;>-Sd+b&J<7MVeUbTyTSC^zU#%6c1*yhUt8u
z!XP4w1v!iXMaijo`O!M7Knwf}SSd4gJ};<K{IW3PBSFBV2LU7QdCF-xf(A7PHg<u5
z2&+E4?`3n$FQzT|gQ9tmaNI^!8<lu$zKLDGa7Cbg2{9#D(I8m*--}OwLK)CvQb%|(
zI=jVi97>&*$SEGjrQ2!n+7JxYl4C^p_<p!Obbtnkso-+iZgbmQpr%9xKWl{S4I2^*
zc*qV$&`DwOY|(^~s}=*v9t~Q)LGrK}K`02d;uAA7)rM`uId*BfW{%*()}RgFRBTX!
zB%o73R9ZsoNVm7!vY9IZtP>Iw6GQB0s+S=*3s^14XX}eBgFnv)s1kmG0!RZUf_rPw
zm@W+1!hC+G^wd<pt`9#Y938npG?T%d^AX-9`lK$<&-?<O6Iyp{=@u$r^R!^-s(m=$
zol$Aw(>?f;%=3hZr{`dy?XAW!^9Hs~X8`}o>MDoNkqHnobl*f&%7G`Hf}YgxYFh|A
zDGAu&vzXNlS!t4lpp({?OfURI#$}U8IY7PN`qN#j#z<H(SBL=2>9i#?e}1G%r%6Bm
zoo*bY>${+F5AH~#C!^3h-M<wG&(%}+RalLAZjE8#69>_Bxi6o?D`#@awcsnL^(^`A
zR%P%wX4WH4et!q|M&$g<%jX30Veu#R#DojMSAZ630u3p5o9l3)xT66a->RRB2Q1jZ
z12IXs<c_4zpq6k;zy&DLG+}~R4A($Jm>L^L(@Hx}UX)86P`b70zA+qXVVD{j2I?M~
zue9E-gYTMSSlRGYfnxh<)VCCyY~-$a=TC-mj1=?Y-urXC`{`Q4N5DsdTo-@6vp$m>
z?GWAq@(Bq23Np2(bW{z*t_$%5FROC3PwOp4VpSSsAfZ-)&*uHp70GHi1Fj`X=U_b9
zF}ZgL%x4*ITC!J@_cPVj&}-sJ1kHA)%4Tpq-ID65e`9>6ALncNp@Z-XU}E1u6n9wa
z%+Y77(ix%LvOt&ors<WCiMuiT3at8kaJ|O@bsnI|7jp-@AyXxk1BrZdjyjnZCO6tK
zh}4qpyt~lWgvFgwl>%gtpMjA<>Wn1y&CTzzuU;aUcI&qRpfF5)oJp%X1LT^rr=w$I
zD$$*Th{JBWzd?;czM?8w5Y-w<>Q_onsRLMZYSs%^`fXk;YkCi71(;?CYrzNj59RuO
zkHFuC6>5Nn-qpP(K<EU@(}D1NU?&h;&5^jZ5CZq`TZsx8jUJ?#bXaWHjc%5Ej*aP0
z7H|~mHm0?mH?&(HIC<)h`6_u!5+R#<4+E~nc9J&g8+It&=AS}mOwV=45gb84_*8#I
zGdA^(<9$)NL1zE~5Malcod5aL`1652xF0@9hFp^EB>>2@`S9RpTyjBu{Cbueu%9yc
zTw%#^g+57~t^mc>#wvy+{Fo+clBv<imByb$g6?n6-GW8@|2X{g-OQ1{1>?X<ojUPZ
zaRxKh=ce)}I1FxVxeh2?(XA6n0+;uI1NwH20qZga`4`xzTMm;NG{Ni4g_1^6`3h!4
zcu;itXZo0`1ELg|@I#{*e$K{P3OKoZO3b_o{1EL^_rYd*{LJgCt26>BY3Ya)PBJpG
z1{wN486D#e22!}ID=XyfQU>~8=1+2egn_Rv3%+_BR~A$#ia~|aDHjnj8VVmW-0Tjc
zw&nnVTy%B)|N2=FQTT-6`1|Q+<Oh0J*QJzlNHO5RUrq&l%XqZEhHHBe!A-=#_ASC=
zB@?it<go}_9v%TB6ZQ`^9so!0@&ea%=ub|ArdIiU;QdxZW7b%d0h(i5TU+EOPc*Aj
zP5zo_{OwyMqCKI%+2sZnXd0(E8kUP6yxaXR&_sQ!(&y!}o#@&2#eh~3#Ni)a?a}+Y
zilF{gA-YZk>~KIlP0Y-U0pWCAS?qs*r{r)YbhSWly1wGwg3$?zaOJV^2jI%XfL3Bn
zO7|T!=j3n-&>TrV?hJ(7#Egun)KnY<BqS<w@({_t_s9(H(aO|}2KsQdkQq|%zz=Zm
zCP0?M7jVHY;IS0~Y79(dDDGrPf%n9$SSbmih<H$^`HX-F{JBAgAMW7bATlbdxQPjQ
zDEO1a5MAiezVyideKbh;9-CAL&YkMIyS;Wj`t{<2<Gj{o_g`15e<%@HyMO=LI{0VI
z)_r)?zfKX7latAV0mxK+WBUJow}2P@1?YUgwR+k^klX+J<%YQBDvwSN`U>!C_y51I
zA5SVAv(V;U06_XJ&?Qa&CV#LAOm}mPzvw!9<2SczxRXB6JWYjF$2^$LhSoYGC~5nP
zK(;jDfNLpGJ}6HS+*zv@z{6rE49#wbr?%dp;^ZZJ$B#HL%+g#P8<bmp^v5Oih9#K(
z^lLwG!u#NjdJCTP8ya|B9m5FyFW}K7e_b4}{%CQh15@<~R>M}lZv*@qSfv?aL7%y)
zi#I7agqzebwF&ygoOuzhTVLE+U4qd+i8dG@f@T{+0Ro#R7*U>OhA^mY9v&uu6(w;k
zzZs_@)?*N0$GS4<MseS0dF)aVkqMU@(`61vztfERcU_2p53$$%R!gqy8-jAKP_*NG
z<9ndvZa(fKda}=y!^sNgAJZ~1WuagtnMk+xIF}RD_tv?AR{&u)Q2}e}Pocs*waH8P
zva&K+S=o@hJTh?!i6=WW3(ud!%~}y;CBMlQnwQ>SG}q$nddU4yn6bj@#|*>HW5JIe
zabTC5ga3k1<v|-AoD4MvF79hUn8*kAJpgTrq-yQr5M+Rp^TBfGCMs&sDUX(bc|8&D
z$bS9~RVpWw=}jQun($$RcW9mIcqI?dLz$SC76A<l)U*qvpAhL55n$Dl!Ohx%n<&W6
znUqL!%y{#qJxBS6>eROBnd@V)WTheRx*pvk6>1Y}_|4IrZh(Pf5D-LzhH1WqH<K>3
z98-35Si-}saU>;Q!%^eq=nQ{WZ9!?pPPr*`Y!?<iIE9Qv`w`d(y$BPNlbHDUNXEv-
zU}B*AGxv$C*b{iSnd~TjmL|QJJPvJTlk>85K6hKPdN)oC%!y|tS&v_YAMqgndE&xo
zDx+G`_tlyV+|(#UpC_=+5lIolMKNf0fdkGLGC2aC-<q7481)*Iev2mbm<(2P^7(AU
zI6j_;F+~1gixKlahbUir2)XSCFToq7(YhgA#I(n)`Q%TLVBgKg<7+Vdxyvmk?Zirm
z9+`_pMt-BMf8*A7;J0q)M;R6n&a!Qk?#Zy@!Oubr>}EsYK<Xzj!P<sLDODn;qI#Il
zW*m`_@Dy}|(+8c3!K<CRu>`vb_9E!$T><dtr;ZVad3(-54>|4SHI%X5%ZlSv4K1oO
zu?H^b4}6uYaiO0M>}H2uD>N5%vqT~Psi|EIBbnrA-_@xyEO)!d@zj)-eF(*mmynw!
zD`e6Vi(=5~fnxu?@&&N{Vh1{m*!lVT&?tUPPc>@(KyH1)5|%7%dJ!4Q9m$`wuq_tM
zm<#GKr`_=-M$fUKZv5N%_+It!Jn?*IT~luw8g!K#c2sxcIh`_=4(<HX$?M0i0pNP^
z^58wITF0-_!aYF&<RD5O9=yfH#ZurE6F~*{NJ%GTM25{y;E|UTNoX#Moq2Ctca^<C
z<y&g;XgRg}(Uz}3bX&?fyFIsNCB%7Z$%X7}U?D&y_{4eGhj?Duq32HmjA>Wx92jzM
z2gUG-fyY7u4aa6acE4##NE!mQ+*g1WyrpIUPG${h5}`{2&RqL>IofZ;=5FY!c*w{3
z<z7+3loNW@ROv)sT|}-nR(qSd^e06r#P{B?h?*|Ew~X<h2T77|gcxx8L7NH<;8=@8
z!^z?LDS@OLaW-swdpmmWqrJU=PmF-lv385Qy_BJupQ(rPs~n>tQP=_D&g+kolCtX5
z)Or2U3T<eS2A{v7HI=3<C@QL!%)HxZhGK-6KiH&mV{kHJ@aQt+6clhEbxO#}B15iA
zO8qLTB@B0r-cDtulSABy8+=Y!p1eF{@kzqQp$XO@$y_u$Cvd|He3<DeqnYN#rRY*Q
zQq4N=pfH*p1MXK{i8qG^ZXRP`bhHn!iUIN$8ijmaTwLSOgX8%YbK-nAEvofm%Alus
zZA(BvJNwVnM`v=1ZK1v=w|bZ!y$bSuxQhDM0`b|`lY6HkIG$HVL&PM|+pv)Xjh@2Q
zUKRpzs+gG>Wg4qt%&%W2j|rYjs<TaDc#;skUQV}0`Z7I@=v2)rbysY?Zr1%C&Bv*p
zM;FDIWELgiiBq_C&}<wN!@D28lz6u9S~5o?i*mB4c8D1Sw13_YGUdq}YI*0|N~XKj
zS!@)VuIDo7v~2dv*ZKNinJu*SGgg(HqbjDt&Iwj7z~d4FC1Fm%C~?0MJR#P=;NS~I
z#kfhyort9$$e)CGF{)Xo6LYeRB^M_bG%wHhl!BL+*=9;bsEpt2#v(oX(3PqgdHhR>
zrOrnN=ituc_0DRkeB|3`ffh*vn0vg=_q}VWmh${eg=GPT8jDS<UnWz2H;rf5)Fu6I
z_51s~@tx!Ea02!1uMuNdHo&sS!?FEa5`Bdb$MU~5ftZ`yb37KkS6y9VkBNAOSN=3Q
z<VzPiz3i7A_O(P-HkKEUv<_k+ybC_qiNKHa?rFKe`QT^P%Chi$UaKvF``7w%#M?vk
z{`L_%F3fbRr;XV$xZw7LgajxQ@YAETdqv&njb!;kJ+DhvY);d#R;v9Qf_yHDH^-S_
z+>#jle(y`&PYKp8K>czGHl}h7XSZuoNIVMQaj$?n+r`@(ih*1tWtp&py>*KZfp%6&
zpMn+-_=MNtdJIRzc8@ua_CC$8_F|H#F3e#2ULxuQAHhd_YSJlVgFi~j(x+f$c&J1f
zmYTO88`J;mp7~{?V$h#~PpLLpk`HSPAM%iNhEN>dgc61>>RfD8+05rhOwbAo;^*Bo
zBIVt6BGtUviL;LQ7}=JEMr}vGZ{>J}mJsx@SloYNqfCE(8JvIU(M<7p=sa81!B}ZX
zx(VNkDNxqp<ofvbsQ(XrZ<?@zFKjfaz`fB-^Pf!UV5!XOMZe?0iAxNsu8_}A%ykgo
zMn@@qLC(VR1PzZF%BB%dYp&MEH3=HPW2>17klvVa+daCZmmr;P;BeZXz-Uu3>`Q$c
zc|5Xuo0yan`+8obK)t|)tA;2J*MHP>4M~B0dwJ2v<0Zfb+9L91h^0!TO=B|Vf^M+B
zlL#fu$audHx5EoE3Pfn~unWOE3#&Wm^6jCu{8b&yt+|)ok{yTSWQXFdjqefgM_cOK
z!qO+icw<?Ot7O@grXh67o}~(L{}NUjhSfyMFHTpj=FJr<>QXj~zqe7D=P+L{Ej^3L
znv*j7GVFNau)J8Vs8Zw@8!NyKb04=>Ud>6*?E(jjEU%o5T@Fk<T=?LHDB!V;E_$Dg
zqRi;Ib%?6zc(}P8BW=34;kC(rM!!RBRnGSk3ZtOz-88}OTTTukMP6H9Uj{}YF7ECU
z0M+6qNzQ~R!)%ITqdo|V=tXGDcuHSKnEKfFX-S0?S#6k{Z+bIgwmGp4e@5#Tq&Ksh
z_|lQVZk}bfadCc5Av7R^sXelT@cx|XcdaNRDHfd2>DiAjpT>+{q|<WO{ps?(sl6c&
zyJ`PcrOVRJ<H@<$aV;(6=58O*;v?Gk)G>CcF<V1&vp7NeMWbb!wTk3?hLO_I^>_7V
z?+JNJ;$)Zg5y4io<57B{lWD^2o8utMpCe>>R_8rTw5laq9tV5d*gluh*X;h6Y2YkE
zBO}(U4`q>W1y#Cc#+Fvj45$B0P=Lby$1DiSAbe&*;ZsF4hYoHR8Kf_>yPM0SKY#kb
zD8Gu+tU${yrgcb;;9_jp5&6%#xRqBf)(h;=j}|ioQ>Z7eEe4qlE!r#+(l=J3_2=l}
z_XZEYo6fa<VUDn0`b4r%^j*wKSp*dowbxitTyNaIUijoao7QT<wLeU&w&uhgQ(y2d
zrgxu=nE}f)MVq9r`=S0y!hXr|Mboa!UYq~h*7aHa+I=qRGn=^0Vh0UateQpa=CX4?
zBfQhf9!VksGg@QLmml|dF(UqH7rF@*eqPFyo^0`LGMJwFJe7U(Y(nupuY5i@%wswS
z9Pwv1*+sI6W`yK@x_<1rGu=O26uffMi{|5b^Ds)lm$>N-L9F$X&(qN9aF_i#?%{V=
zR3e#2u&}MObCK?SZ_%h4QNK3H>yWM;JgQSK?-!GquQ5%jaKVW7e`qyBZ*Br4Wn{Xi
zr*Y4ArYAk7z-yd{R+IcD7nbbq%8<DGL{B<`K3aawFSKWhStwW^iN@@F&3pIlemdn&
z?wx5z{jJ*9_s)Hkls)+P*prw>3rPF9nPpJ|>V>2IlS=$lbd9OVOC*LI&FT-Qo}zWd
ziaLr<Mv?ax%T0|e89XbSKVM%c#op1b7RJmk@aJKm*s)-arF$%q_uZ3X^AT0|Lw1`l
z;ts-I<JIm=;+~88J3$O4Sf1FT*O=yyJo}qC@m3;eM>xFaEcWJGa8ov!ySK6XkEU*^
zj)U`VqXr(madDq1&Nv#M*&08mRlMB6&c55F56bSqx%PJMCmIuqV{lJjwflnm(_de7
zSf?G1lr&dr-x95)A}dRicz*h<p*$y-2-MHMUVJ=YC(1xxWCIQTbtxgz2y61;{O%j{
z+Jpd`kuFfh@v0~;#XkOSbrVM!EHzc-v&kdbOKZM+tnl@cXIA8LIDzQsg2mBA=CGKL
zFei$2Y>ZJr-C7`>F6krY0@3QPS)c4!h2GlgC%Bkrb5krnram(3_ravms>#(KVjlPQ
zf7<W6A6X0)T_lVMa@=9W6rD9=fI0277Bn{*yYKPimSo3XuYEScofGsDQMFYUQlmqE
zv$cpUI%F8YI_*NaVHeGu_b2<;k9Vu7vWCic-2Ptb7W33Qofo#GD`w{38qKvWEUioq
z<5@12X7U)V_fb(#INZeWhYjjc^m(gQDZM$<9Mn2{WTO(g9Ruggk2fUvyllus0)8U~
z9G$7yOjmP0pHRodA&#+c)|y((+|PQh^Dgo`=Ie1?DqL`S>j-Ti)B{5Oi}1)J(4wM?
zi#4L=3VJK^r{E9}lx>$z<9L>^(lVgPD@sw?)lZL)%|A33F^IsI@en)T_!w)156644
z|2omDSdyXFR8I1+F*=rFP~m&0x1ip4GzP!R;dPwHnY9lB=chhzCj1GVS@K?yL&S_1
zHqO<@x%Ic-&=L}?6c&HjUgvPGD|FFYj=DcM+jcB5{}$8JOq(+D$(M(z!<o+at%h%X
z-*S3hBF?0?ZLO&92fMa{wQA6g*${Mxp4V}1m6Uf+$o?#)cv#xV30-<AfU5Ymj#RM8
zp-W-4FU^$0eNdXqar}{Jz#SZI@MYb}m6AlnYVUnO)Xs~~Qu|f2ehiI1#maBj`<0<$
zvx^-xq>nk@db~oIq9UJX0~RaVG;XedcUU&#$}e0-vBT{8lG4G`{(_2|s$^>~`vb4z
zrvRrD>E>3g@T>~7PF=VBSKIzqJQBA@V$_8eD{YoY3hlJ|{DubQ6apf+?)O5f2Z?Kp
zVbj-RxHP;ixg95uiLdXB5Uzb0R0SqyMHB*>ik*)4(rsri`P^v~Fn#|p(yE>xU8J+y
zuIye|UBOQ||9CcTtzy1Xp~3`CGb>GzUFe%0sx|qeadTw9JdNWPe=rc*QMy!$;#S{4
ze)u{+@nyD<*R#WRA=0MBAiBPv=cSZ8g&iNkfr|qERS)L=dTp75I*fCpeS!(AmI=<c
z7C5w3x)Hbm)4KgRZOgth+8sv18V0rVFZVplk?WC+?h4a0G}r4?;d)G)S5xwdW^T2o
z!k&~{Fzkk;?044qk7!lBm(0gZPSVLt5577MeEs?*3v6!AlDjWA+=8kvU7i#mdG)?Z
z_!KHRckt||1i$}Gi@$T_g*oY>-vLMEy!Rt}ZRRgiha%l^y+q6VtKlUFMA5mokIdGD
zpW=UP`lD!ATSK&i=s){9G)=nYR_$+{E!#B!zFnM9+vyvGJz0~h)9skEI`bhXr3UjR
zOGUw$(kvHi?Vs~Ch`ASDBwG7|CA2X4YrpGiCm%N({dK$7q0YBX=k||do|d)`0W=EJ
zlk&iU<Rj;T`uS)f+0lhz(~9`1t|gyJCl}nO0A7^eGkfAbRmkn<bDS6ZGkF}IpY?kB
zdslk<543hJuP&E=-;YR@5cyLGv)~?f3XxW%-Bh=KFE|uyKkvnnLdJ7mDmG7-M>5;x
z`<Dx_neTyUB;v&JoCnmyVCDwJwy8;#O}Q>Vc<a$@RYG2yZ(V*=JT}|(z^kj8a6(cF
zrkwrJdrJ8V!*pYP-OwrGYj(B+O-fPf&!5B=)|L$O3^a2Z?Xoaj2BSrq8glx@#fia`
z*nUg2;&D_ePw6bxD?qc##|Q0|-#e7}a0KGGuHko_Z`(kZeSLt+=Bm|A6C=P)KVOru
z8!ez-^CxC*cC4aYm&a~H;k~%3_Q#K(zyIx<fk}lx^%HQ<704Nso^Hj}9&2A1!?k!|
zr43lw%9-z|b}UNmB=<eS5JDH7Y%uKFe}gl-{d7%<A*%#TFgPS|)!N2JDHRi|H<sTJ
z9Sma7W&g;C<EfX_r1WV6oYLhyit!Qq1>Kj?sMkpXRHKZ6VC4AiAr!iX;rl^bC=2~V
zJVogpVwV#SE(-;zobduL=|#Um*_`-AA7WH+nPsTHb&}u4Kq-|l0p=2*1Nxl7Vg74*
z`Mq+<`so+h9IGwIi8^lB=zywVfmH|B2mzHRkMI1qzaz<1K=SODf<|t*q3)Zb4AE+U
z2JV?ezdqy|Sa}lu<^#pi={Zqqd<ErB9Nxzidc#;fk;G4L^uT%)XgGyX1bgt7^~N4t
z(}6CWJ@_sFs+fSCIjESv52L9U9*iZ(*z-K{a^Md&VjKGyUCMdp@T$S<EKC@4Z`X-m
z5y=k7M8r~h-vf3F9}al($V^uBG=x(LasdH7xl}cP5E)X-zb~B}n`5`8Zp8B}E;V$J
zM_*BQA0Y^<-Wka8aO2GxM*}a$I^zxuu57@JRhj8zFCBq6yDJP44Vqm6|GaL1QgAvy
zE1P^A_*S4XvXt`)J&PdOIEwDT;3usjj`C@pMtz<q=Mj-vv3iDf-=9i>w>HZGwGYr&
z3<%pMMfnli1$Zh+>FJRG6ZtZt)OHFT447$pJ@>JsG$m=M!wah}WgurUHmQc4ek2#B
zd{~jR3i$CZ8sH7Z3%C>WqSz>!jKid4m6iKyO}jCkJu98Hq2J+>FfNMUXW3B<9~x#6
z8=iKMJq5!Fg3)o@O=Z=Re$4?6@L116K~ainl_ZiF@(6*|pgH8{PXl1aiga)=N8=4f
zFD56B--`5Lqg)#5Q_7S+ehj0uTdxGAa*VXdz!;R;gbUomKl_3aQ>WE~0mvRX01XF>
zvMZ+SXPy3Y7t?s2&vh_8IOJw!6~`(jemIW*AV361Zm?*fJA&3fQS1@~qGm{VP)Yd@
zW=e{Q`95~2|K06Gx$RVC5*}=Ht<s@4mE~PMxB5P%oa)-+9E&!OKClWoM+E|D;jmsp
z2bdD3&LW{aOY8!)Lku#q1i*}WFa3rv({}(`tQAvrY2ZOzJ~mlA@@soR=^@=|&|WX~
zLRFi9qVul+=R2TOH^dX^CxuL6H~Sn@);Bb$0{46$Utin4aBwX3spgK(Q<yR_yX9b<
z%8=%rW5UX^-jg%&Y+f+vV35iY)_UgnS5^zwz9z(&#0}M~&{_tbchC4-$iXzOs@^nK
z+7H8%j*XT=c=DLF9sTKvRFw&tzG8SU&ne}O;=`uM=HH;?eG=@AaBY_^JFpU6=MIj#
z7JOLj3xzmn9`!+8rC%=J4gpM^UsYBzgHzoCTWmx(97R;QGYA_&pNW!7`d#@9a|;~7
zjg*-EF7k`$C7#To<iMqG3!}L5-G~}=-ibECe;Y;Tc7ahg`4=bPPZm=<S#Cp8#u<%W
zbyH&pns!p1yHQ6?ZgW?E;n>!d(X};PdKAs)?x-o{Q9qcB0)!2hH`J6c-6&VGFWa;E
zW5K+FSiTa3N-_8}2#v@lfWWW^QE%QzSy|Bn>j4yJXXlX&09TTLgSaHlSa&3c<qBCj
zd5tkW-U7d5hqOgfR(UOjO9@x)yVk<eimU6lcu=vC56MFf@WKD9g{ku?NO%qY1mFvd
z_=)zKr?fkr#4|EXI96x=jI=1mtc%7lRw+XYbbf6*?;kY9n_7%3jNvTrSi=Js$b%bh
z0JIce@mC!9Ur;6$v1G{Qm|jjTAmD>sBSj)e<R36()0i6rRb73quAks|_9FkFl8YH^
zkJRU$dVHjTK#KOCj}6G|5V4)C`hz@t1YIpa3$q2i(E;B`+QOpH>P~G+HzF5yKxXs@
z$Gyl}s?kCk!B-&g1P36Li#3%19~6V%fNF|#oL#UjQ^_&#@go5w3?|c`XJ)iH1>)&<
zz(}XBw_<x>Xe5%FvE{uMdD!iA%WeX!+NJC(&(M!lhqblYO{dnFMGWqTLN7VLNi>|t
zekW0%vK4-~2Mz-1DuuHB-{`uh2*GJlF)`u^q{827O(g`+wd#Cjusn&L8g?ZxJ*5(0
zEsB%i{g}`bOC`|NKiTP>$=_C*@`{c_yCEqpr)DAZ%tI>tC0mJNvAAl<EFigo+kXTh
zibp8L{?sOH@W;o;vI+_k!0q(c=B9Ox6XVBSdf0)B2R!M$-@fPV_S^?rk-$>#A`$JP
zu!b0czeE4<3ynYnEVdakF4W&%0${+d{nndp9@<c1y-<7*_!}Q;1FyY+=?xYb9!P*Q
z5&mwec*-4-%ui?vUb$sc>tuO^Ase3IOjXv7h}JlsZcPRN4(P>?)*ov2Xv<)ttG%9b
z%WnDbRJVm73fVR;UMV8qS5ojpnSOWKD-e^av~c(T#w0mttwCNETA0ml>!`q;0+Wys
zH8?o9!r=!j31HFvokrmW<I!(hZ#FWjn_CKQvBvm7dD*rhIc)oJy8i#3<xiEcecO)s
z{A^;~^ygHodeN7IzmxoZx<5>Y89e3S)lnsK{oOJ}Ao04&fm_g#G66IVzMvaEptz5-
z8p+hP?8bWoaJYgkW*93EKhm*nOQzJOh1Q>3z0mF5MR6@<zt<@m3%rldPknKzoQY9Y
z&SO&6nSXGQbhpKSbg1{#$$}|IrhK7*0zWi-rYKHQP7Jw1fN;&^<S>9jAs`@>iiUjh
z_rOu@-v_J-*_!lCMp4<U`$DCec*%8Y%ou9P@z$vPdB4*p`N-w<<yce0gZ}2w)#ZI%
zo|L_}seD4m-SoqOw&q2Rr$(V5S#kCpgUj(Tf)p&1!yli8z(rf@eP~3??}k7k;2{Rq
zAve*Rf+zu6`MR3YNqtJ3<L?Hl)|9_%w3>d^g|g+pxDd70;H;lK>Wk~I+wYNfxTn`^
zIDc0qP+Z!8D>nxrkfF)Y@}T^?JRmF;5bz-^m7V<?BT=Kx8a+%oVEyf*`{8C5D$itO
z8d|wq!A(Z}PiZj%b@+rB@xk6L*x`clk_K+f8_t&~yXY+Ht#i^KEx7%Y7L*|eAls7M
z_!O~eWMF_m25?RBHm`kvYwng4REXPyjYG@p=zDo_B5du-z(JB;Q%of^fKNgg@qXb6
zHzT!OA*Ux+PKqQw<<6<j9j52Z%O+`sDHO+;S8KodTy4FVU6`8B4T21meCza3njnN=
z=sySnl+;8vLJP>@BB@-?b~LGJXej9Ekpbmp#^DBp1P3_##SQF4(R3`%uNn4B?2iwZ
zW=KH1wlw05DOFHpiyMuuowVnOZY9ck+CPw6)78%@CYOojdHG<&DLZON&YFc#;C~+Q
zWAgbNkpmmL5MWK54?xC7PKWn2*4Uo5@A!QJceJAT+KkF@_rmjX33Q}?@VAyuUS+~7
zq;3AM)BXlU$!eGgSiJAYTEU*8{$&8ZS+;%WHVev+xDd&0YCSqtf#~nHn%Qzw(fR&Y
zkx%%1IR=@3zOmQtR~bWRR-H+bG6c}5nYx<?Ne&ab|H;?Q@wRCa8^ZCTpO;^U<+{HL
ztJk`XCA=LivFJ58Kd6)6-R^+LF4_u=;1hvHA5iWr<?MG&3F$+i{#|6zl{%cB45wbP
z!VDW#dtsfKFeB~#nI&fjUnzkKtksxN++ecG*>kk3CX!e?)@s~N;d*yY7j`@0p!qA5
z<jJ9g&MTjbm67p0nDZ`$UdM>TcQ&b<k(Uz~P-0DmAZNtC^)K9D00RL#4Rpn+a=y&c
z6i$~CvlN%-8;my{3**gN-#oFikhP<SJ2)KOTQ)ZtS6MfAHah$i#(5NFusz+Pn<Y2n
zj996&yIOD6UAg=eP+Vs^bVY>%CV$)DjT2Hv5qG?t;=g+Ab^~6kA9zTB11&epiftkQ
zPv>|*OMee6G`9d7-KxM7N0si&UWL^4kT4qE7kihIt7p>%C~M3H$CQIFgY*J%u*w=5
zaT31s$CRcFbr)dQd$>k7fBac7QEgO97Z$isVJ4pL_&=eJHZRC&Xb^!dH!?D^7+~+>
zNxZ!BKu|rO+@ZSgJ;Q8x7TslUP{E#MV>$S8_&GAYxa&cMM683z?QH~>(*2Fkhn8Xo
ztwX=_DSicy13z~AM?U#hCbN4*JXsIkJXW2uMaW$MY2X=jX2fzy26}QxATpE!=9`>l
zKnfTK<c(_&vj|P$Sb^y3z>hwnY5R@Lo*e{E`UX;1#j-0n!r)j&teh-C$LE0d7Qt~Y
ztjD^U(vQA+DRa>CdaL0X&yG|3$wBb)>aP89wn0s3UI`Q7Yv1{)V$wJWd&c8?1Qrk#
zl%7{AC+M(VhKkwQF#`G`Jje!sxLE$p{L*ksb4oYsM~@LXS#uc;X?t0blT;2V%-yz(
zA>(Y)`{K_h?Blr}xo3fgRF=h5pvUd@``AlF77(h;`{&CH*{ATE8=>~g&*?nEzkyLz
zjW_&0l=wn8pf<tXXd4&hM~;|=22P{HY*@q-A{aOa$?LENhJMPpLoLu0a85ANoO;mg
zx=$`7T$ytqX?RoF@97GLwC<~iB%u*+vM8E?FmqwSb*y`JXm}|?Q{i}8#@T$aeBZ^@
zvv*yAqj@*YNT=464IUn?X=D!O)7F-6JCeM~<Y=mGPZak*mJkr=0n+@@@83|G-}|ZG
zyK%<2!}U;2uHSDysO7TZ+9RBihF=cTiV1&2#$Zn>F7R~wxw(Fa2VB}64;q+1Ma0IU
zftd^Y)dmsAe!>|KuIGenTWe6Osd+^x;P=H)|Njy(pZ5VV2uQC624qhU7UrSwUdXFT
zH&1+Kz-p|-=H90=B*{?6+0T&Fntfy6`nl2JGck3KF{}1e6_}NnjplVrtQu?d*|Vu`
z?x;PfqH^$8R(Tr2uye|eMhuC&{%dbdE-Xv}$mK_8XHvkI2vs<3>Gh&yjum<NH_%70
zI^LxWur(L|l)}%;)JJ4<m^t->fth%+?0TfG!X9DS>N|n?5jqx-`VvDpfw12_Lbo`9
z+5`z6P_w%LSxdD<ndEeTeg<7Q!&=Q=mDlDAe4+KWL|leUrA3wW$BNZWYb3qN5Au#*
z+a}0COKDwg!9b}p<R+}zWO>V|n0fJNqx$C~ZC+j)JMY8VP99NpKuB0eHCg%_Tzx=r
zC3YU=GsF6Z7z*4&Aa0t7hzRo2r!x+Uda(j>QIz<v@>(+r2_D)D;(_DRw^+YwBH5+K
z9F$?dz|YBevo<XBF;Zj7*i|(>FFkTScv!06Nm!K$MoKMVRg;E!aT@t<YxbP>=KS7B
z#>okN@#=_)#?86{Yi~Eg@3T?k^AaM#pFw3=WxvEgR(=efglmE=?=36F0uRns>H!e9
zYMYni>EV)bmDA8^!N=0cVOONX3%~S)SbK;gV2k-N#ohflosGeIXKncB{;l9@w{y^o
zp+*wi9cc3XkjhEz&alKN@TT5{MO@sm4e?!ig5U-G<`IA+WyLH(>Bjib+MC)02Od!J
zK;!Ycsfiaf9%b+J0XOk|jaol|VmYcKOAV!z<vmyhnb3mn;51iWs+za>7&Mv?R<WyD
ze;_Clg+eN*>Pyn!{o<4D`iwmAeF$`P4Ek(H=o<HmX(;$oIpHkXpCaw!OF4auEvJ;x
zTBSz<7?>G$KIo|KrGTQF0914Q-OQ6Rz&|+@v}+Jg!pO*|6d2Ky__2>s1G!@Msn!sd
zDxLX^`_$-nhld>t-^izYHn%}`?@+V(D_XjPrYX~ZJ4(0~p8(*<{Iz!#oN`qEHG+ju
zb!s*YcE!Vt>sgE`ATgzkkb^8pg$K|QzKT<Drk&VRuonJV-+bhudwUMD^*AajDm1z=
zTCbsrhUV^!o+@1jA-|pVT2*@7l;*y0_una%i!f9GLj)HsOj$+69&p$eCNXgwg+zqT
zKXs_X3)Mg(O-xVe_&EaZ-6Gr3XJzX59et$W6J$e$i~BHV2Q^$4_CMJ9V<90S3`|T@
z_v;P9LeS@=cJ9oIPZ6-#(W$oLeGDM~Kg_*#RMcz#Hfo@Ng&-*%64D}FA|Tz;-AH%0
zbSg-f49(EpAStadbT<qo-OPKBPyC+eyyvX<od3>VYj0q$S@4ZJKKJ#x!iTULEOkyM
zTX<l`jDu^gO22z5ckh`b88<fph`vKo*uct{n}o+mk`c6d{&B#|iPrqVl^Mq~XG;OU
zSiIOjiyKh+(jdVoZ<o@Gr=?1xXr{XW^Q4%Zn4{)9HV^n`j~W!C$h=Om456qDl(!UL
zQc}W!TBdDoju?oSew$&p8S0jH4Lt4n-Dr%WLpVnO%BkeYKw?!{GDbF3(t)`^88HJ}
zmkg70{ia=}l7vd<aysr1xxr#jG9D<o%Si8>;|FE{ie%^``N7|Dz@IAqS*eR<YkLoH
z64lD|?p|MCvv{7{4mNS)C4>>`rbYt04&x`ggh8J;aGkZd{lHmMGUpB{hUL}qGm)SR
z)%l<8F9Et8BKs4Z-q{~(nk#Al8&u-BFJG<-c%}N4^hkUF$>aVwDq|`EsF8<<hqkxZ
zZgutbnZVW_)Ng?~pG`{_*D`K9*R$}7%?7E>Uu;f6I0U@Q@TOrH)tVDn)v+OIB74U=
z5uSlUpH2bfs2fQHe8PRRz}DvgOIoRu00b~Fp%Mjs1e%(gS?yQFBgK>^z3kmNL>9|8
z6MWI?-|5PYJxol}^i70Lec4PS2?tSF^h0TY7X$rb2vA5CBn_5wfWnLH?o+hYjSWg3
zo|h#hCBW-A{UN1Z0+pV?-TyPv^o9N@$N|aH`ov-~fFI{>%t@ukfA?SbQssO|qy|sc
zcaZ=3dpVN;JQgfkB>67k0k{)o6woBK1*(|3x;nBqZ$@4dT8iA$03_+eidRZCCWYEm
zbYZEPv6cx#YWM{X-RgP6VEmhd^;_xln=7)r_p!c+&;d@oB32HPmHY7c3ll+_@3iI{
zFl)&$c_?+6bf%Is^Pv&Xb^rPeZiCsc-V<3Y-nNCV)#&`xbU0mk=qIdHcL9(geGRex
zfg}Ys56!sMsR%be--sN-(Io(|-i5$YK9X4hl4fNQ4xN}WzD(#L`6;Z1K@@Ogo}PBp
z*UuDp9ndF*XWhVF9n{JT>a#)OprvgE7=d@#78$tL4`33#y*F$v(T0Ws0Nkv)-`|Dq
zQ`QNSioYWVxX{^IhG%$|3&rYnlNJs+4Z?&DFmR&i0k78=<$o}dRR1>MNq{2=lv&%@
zw<8i8lwV?1zf*ne9iWpgRJ?5AwZXuvQ-S89abwyIdFl+MjtK#)rB~yBnW6nij_Xha
zBlwNC)NSI#3HQKdy#klTklFS36ae0K7|)S<IW;)r)7=ARoAj$#hmCs;QuP6;fK=>@
zQUY8$qPG7pY~WOXU!&G<0dz4piX`J|;8TEr7iEF`f&v2|M4o`dsrbDhauy(vTU}k%
z1A#4n{`_Hy&;>mz@iqYz{DMjhRgJ%GoPVl5py)`f=D~vpArTP);g8vF)St#Ym1vVd
zuHC&NqcUI&je%P!h)N}n@wGz(Nsgpo7T|N+Q-N6!xq{CR?zRlc4sF!SQ9uqjFx>C}
ztJZf61(KB&Cqf5W(}oaiC|w0PIu}x4vXNxr4&u4KBMEd)Zk3!^EZBYz9^)cQs*Yfc
z;EarnOwTMfF!XAWpo&Lsl{gY0dXIb-;5OUL?`;fci0SB%z{iUpb8>P*cgx7ZUvog#
z8BuPz3E;DE0K6$>aC=bQ?Rc(MWrhi~pR6F*3FYC#m)*=ffMBaf3YPcNB}pjwFkn^o
zup_q@c0aHbl5uk4fu+!|v9WQ?dGZVRd)&we(Ze??1@7$x`5=Z<`D1+b(HPV#P=HB!
z7l@+7#KtzlZ{0*PW4yqpr-JE=|3aan#1qI8Xbi=`z~Ebd4<!YK>qXrd_S6@YR3r`d
zXn>s`yb1XP@O?wm6d^i(SR24g?biBmo{;e2XJ%#w9Yzj;1JyqQ<B~=wkf$p&@YqW3
zgNuQpYc;uI0!dH4b|VKLKYwveM-aH5A*8`8_j-~JxP*M<6!Kc%`HJ#HSPzIz>pU;s
zJbXqJ0u(A8=b~a@%>2(_2R{HH0cnCzL~RQKTaAp3GXcx`&*5Rk^fN;6%eYXHFE7#5
z9SBmsBggJZQl%Ic%M(9#i}7~>NLc~4{y*5u6M*y5a{>;4|A`CA3XuWMA{aV=vq%kw
zPFlMu5BN=B@d6@}sq$CId(%3Tss!=?Z8lU)AIuaaWxcH)DF`63zw5Tp;uZJ!r#iSk
zao?~16fDVS+@W-Wvzdb868~Nd)hl57D-i?KGlu_u8-E@f{1r5TaS6y{FTt0x<TgN@
zMJ|J&iY5d$g(@@pNM-T{IJIsN9Z55TrRP6q(tm-G6D;1pF~NtCv7!I_L<0WT4-^y>
z03jIlC5NS1H8BTpFSLCI#@Z0;@G(f}dglec|JU{YH%$2NEB?P5KQ%TBQ6Q`gqFHNg
z20Wbp4<l2n-u?lgI0FelU~6lu{xyX1zg`6R0n|1~606D!B#Zm@a+}$4Yvh4U3P<(-
z;Y|aZ!|d#AGAb&RyLayf9fU_A2j{;T-QWj+-aQ3h)MWI4+X_+=1wyq#08vlPDj2LO
z3TWBJ8wvP@wT+Lpv<tcW{;-qMh^DP8wIQ_+_}{=Z5Tc2<{_6V@1+-GWrlv*!4kVbg
zg}+~c?ME36K<{MSY@|u`7e5E+-kDhcaJo7<aty2ue!OaPA)Kiyz!b)#9M8-P79`vE
z;2veUwj7gCEJgKz$px3==5tVa2ZK=9nLdWyFTT_$hmT7DRUIRAt3EEQuJ0lK=5COl
zF6Yk$1_XGyE9PLR{O5blBl~X*%H>hUR`vl}NMg9$ps1$?)9OME1BvyRJX@O*rYi%o
z$pF^C|9m=J5Bxr(Vl21$-8UP}eL7uZwT&$>DzWmsEH9B>M&d6f{(fkY+W}Au*QfIK
zk*^F%_?By^k^%5C84@6p_$CW+VxU^2MKMY-wv^<sKeQxFf({^(?~>#bY$~X;ceKd<
zQzZEA-b=6uj=J8P<VWXv;|CPzNcDsnFlYzriN&8KwmY)#-(jV9Y7KtaVu&|yU{+{+
zn5iS1Bn|4~!MN@gFwIg!?}*MVR5H%kN}6&S7Mh#7)BjSnKoeh=>h+~dVt#d>`Z4-u
zobPp1v`nwU(9l-q&kd<87Mr{m&Y*Zw^ZMtRk}D@a7Q^KtUgb7XQCWB2wu#75bws(b
zk>b}34vF=U7j=7x4a%hvu^$iu8G@;AHeN&kAYaQg%o>Wjyf6NP(e5-kM7u)^FKjTM
zOh;~aeKd<7A+jQ=*@f|q!G$qP(gGo%zY%9?(i9$I!)Qv4M0LS{1^<8n+nJ>B%Y_*0
z%U^)HeoV2f6BL_sdGRX)IbJ{e2H%N@8#-FPL3!FfLpI6TRzLynfyXn;Rvf&BAhJbl
zh^)Xb!&rx%!yioTvd>!B+)YEy?x&S~X#-vZ<p7j_Ydwn(K>5nDYAYzhjq0J4bJ~v|
zY^s(PiQ|@%-(^0_KiQqV)2#7f5@!9$@Q`<bL={`@&8ELUA5n-#xF~PS`<=1;7#Zl@
zG;92byTl~#Q+{&v5j1YcLAOHD4xO$Uhk$6Oh;01tzI}v_uK^R}={NWn7ogyR(F!!p
zL}yv;O>dVCWqN3kLLH!+Z(CR(1-nQx_uIXc>csNfI+L49!+!MH(OQBQpNiJCr}Ur5
zb(bY5zKxh>Tg`tZczE_7V0twaa1lk$5^SY{HJ@Yd=;}8=;LSC3ohUasF5CzG_RDnA
zD5MU_4jo?w*2~eKn4S9Cs<O&aL-bcD$k+rs!O%Oh*RLOG)>sMwQTlHn>66jIWu<}0
zhEe5}=JwJ~7SyAJ4Sx;c!E~vib(adD5D5JTv_5xq_(v2`V|V~t%zM76sWPc85!&%W
zFrs}nfkVYyY99xj=>&xTS)8+E=ZDJ<_|FPuD}QBkvF|OSQU%H!$`{BEjHf3bIB&=U
zfrX3~@mu}79Hh<p5(_(3<|ytp`H?vL&q|Xq@BAASC#<W73>oEF#HJh!{7U#u)@1i}
zD`Mwu6YGkdC2u+Aj9^$vk<?r(=pSFvE#CpV1kpENYf)`)Are^~zMveB^(EV5opaaA
z<)Gw2mb#l=Gqp-|zPbK%!7n!Ea$Ux7gPF)8RBjtQg*l~a#w0$aRs8+;)kD|?LMtHI
z?i_^MD71Qe9mB_@BANP+mpBgzWiE~LKp&0+Apw2byYKn`nPKk>dVnUf4{<Fsq7cP5
z_XyNKy?S@ydXZ%V6>@cLbI2$7n73IShBDXHsgzGVE6z4)Zq>V*L@}5<36I)!%KZty
ztNxqizknbd+`{<)ND2H&b(LOme(W4RRvJ{2+R)?bCOW?{$X%Zi6LSO`y?4WId1SA>
z#F*KfJI6NMd}<KT<4@CBr~e)cdR~2(Qs8tO^EnuuW-gIpf3x$ji51>zrd-Q!#2YNK
z*(arWb5xjc(AE~so<Tkpqt4v<_^`J4@i6vOa=zE@)VB0jFEQ<w6JU{K2*y>uW-Sw7
z?__m72gNVCbBdFBLB0~(T@~dtpbq?hME>FakRb}KBH**~?w+jZy9CIdUun?tdEn<b
z*?{N-QXRqr^5k)1-+*KPHz!#uQA@3ldzQn+5VtB-is7fFdeIEv{TU(LDpfIRc$ADv
z50p(f|4Vv854BDJ%Ap;9W%jIpX#(<7?m%CY<(7EeN0-=OwceZv`%bT;_@+c}dV0cc
zbvDB!?+l!t`Yg--Cg|d)_zH*fjKYpBJeVK4xIgip7ZR<Ei%Ie=#p4e;IuJXUJI`uJ
z7R9JF?^ACCN~@HJaExk>ANfg`QY7Z=ghmgDbwPCqiYZYb)coDrx;r|WvQqkTyVWp@
z<@#{vU0p*%+u%utnTNXy69-X)?*_F+Y}}u*uW5fK7dc$l5(evHVnWks48F!ESv=#I
zgRz?4@G3f%a83TFl)%mOKcoa39W$eN+w=S?pZJ?q^&r^I!_RvF3b2@u0-`HXT2fUv
zM~+phEV%Bd#xO6|GLq8!%Z33^@l$z7J`_*uMC7$OAB+cn&n3Vv<wzc?DhL8EFbN4C
zgLXNrNL?vbzp(r^_#gTMc?tJ#Kz^{Am*=4$G&7ZQ+uosDqA-Uj?LO(ce_undudu`Q
zPj0+g6XhcppN97*b{}&(`o>$eD42e8i!oT7-axdJ<p*<?rGHM<6L8^IleAjhp!9Cp
ztu<_|EQNE5`GmC;2Xj#bVF3*YND|9N)=E6DzI!N4lnCL$o)re?*S#>Y>ix*oFRI-2
z?EAJdtXJOZtGH-nutr*muJ99RMX&}xFF?wGwMLF*GZB~VcWPl}!y61Zekgb8lOJ1B
z5}SVpN=3bIHvpl`&Q&ZmTuul|lWVc;^S_A`l<k@zC(H@KVl+lu)G2n#o^SJZ0|Q>D
z)%v`S`d~vxzSqFH9UN@qPBKUV_;o$R|J4xrZlQ4Y%h%LSE~95@Z4Y2ARF+&7L@^?w
zOa|52o9eKn>o2^!ROTB?CT<is>?G!lOM?yZn6^d=32||Oz|rVOfB)lZ^RbEnJHjy)
z!<!V5xvBnMvn$vD<m;7N<I3?j)aNej_ltXm+bR*((SYnJ;-o9Lx`wBB^W!o8?Yu!w
z3tAh1NCWG#pS%sFoqgTH{F>x5qVnC;n~Nz*gd)W1P;|K3qAj-rk7YGYP@eJ^;p2rS
z94kWX`TL3KY2k9-GoR&r7CujWaO!63nC_Sxe1OIN&AF1}CQz(ZLn)L0(-EwA*Y?l=
zi)Z$E(3-~(ZB1#ean{V^$~Xb4Hy1bO-sgrM-wgWGbDB=}fBxpyEH5Nj^h@?5`HRtF
zJ2fOddWJj}>!CQ(!S`;Kao-k<5tYu~lFw?-Ns$RUZE;Z#d64*Y5pj6DCK7^$vK_Lh
zb_~xgW7vad<(B(%XU)V;R1DWiwM6R&pxt~6??D<~gnQMB-e(_gm4InWO80!$E&4D>
zMryp7<<8Mvto_p9te`)!;*h1qt%>wag+saR)h9=D>?qK*FE<$Gj=0uCr{<p}jDBVw
z>2ERd=O{UA6GkhIsWcO<+urbb;{brw;^Kqt!_er(c-g1FAUZ7L#9Yyn*-vIqN^`@~
z*b-t7+GH4)_Tc_e!?%TK4OdsSZ3mA-C3UeRuAQfZ0?s{@&GunARK`S#B9k(@E>B!e
zJ{6)3dI)IyiSk1JToDS}DK&~qC)PjBV4SrG|5W(v!@)_ZvZM9rG|uL)9Nz0|DQY&>
ziG#u#=2FrNNU1_%ZN0E<qC2+JGd5)+T5#I^jQJ}kpAgZ3f4vdKEKgZ>&BkNbYj@u2
zW@B*H+cz8)@IZ7qtucWYR;A{C<M$Gy8my$PuU3CTn0R>!L83J<r~pYj0XJmYJrysv
z7pUN?;Rz$6BGbgAj2+M{o-82GYhpKqQnV?uIh0);@y3N{*W#@&1}+g}v$B6$(veOq
zmtl3dzPfr&vYHhFHF5I)brt6}Ns5CJdWYoF-EwKcwDh}FY_giiBA>UK_j4g{oz3wg
zT%D8#g8g|fN|O3|cEF7yT?ww~veA@%4RIJ1%Oab3(_cvgv63#OKKI(Do8|qK^X8dE
z-Qha1cDbu5HpzwgQ`uYB);D|W(Q=g@%Q&N#6R&v^5)#4%tl;`<LofcE9M!r$Rju|C
zB?ep=J{(IV>~K$325damL+c2A>EYnlsfnG(T11hdUE^7;`WJiqU*l2~tmpo~Pryzn
zhe<HrPEIp5yUS@V06Ucax|<L~8QuU@Ej8F0$pISY_AlhqRCe+XH@dQYZ9XQ}!ey;^
zZz_+zp(Udgy=ol#uJVPM3ZmWc)47*~d9dq6ZIuGbWb8t5N0n2c`jd$kAKq!sBENxD
zPi$=Lu-3$YD#(P9$EvVyQMcIHnMkpo?%D=Ljq^25_>7>MA{CsvlqVt>wWgDFMsDT6
zW@2g5<?OXne`T%S%%=$WZ~S4IseBQ<oS(SE9Sc#)D6^eYykzKVxR$(u<p@S>uTzGD
zN|K4=o!JCZ>9*kouOOZixZ(PUAm(#5Vwz~;Zs-c>J6P{Zoz;LE-&MCq-|&X?4JN6K
ztHO_iOOK4D(?-(H3DRcm+-64C-UJUB3)~L@kst93*hVZz@W7FcA36S@PktrQt0NB&
z-a<@FTHK+cGp+AnIsBr_L;Z88j1(SA@v?Gc6jgS{>y9@Ko@HVvZtq*Fi}Uj@<onq~
zYjl~S7~mjm(RQi*fvc<QciA++Z!`=NWuNfbVrKvUg}!3{;OCz^fHMDFGg|wt;lrX*
z3Z%k<vY1ovb3DajdV>$u?S3U`9Alz{>I;_dhLqChn-<5L9xrk|Ptau%PS`8y9>g~M
z2>jdu?I<X^s_nkj4U6HyLvXk8X8UlH6sUP;wX@TW<zi-wv^;FfLV)Wfc(^OiZN(K_
zXsL-W9(0XpzBCnheZ1<P5D)$5W3vR04S;RsAQv5++n2{RZL0Z+*cb}yZ$+D`2?Vpu
zK2pF{nj8or2C?NQ=dad0Q!Fz)*L$A2UdMCPWw|I3MaqgKY?$Jt6|gl2Q&n(4JPe8W
z2%{bB3h>9PGbtcol0IO5vY&sA7^Y;E9Enr;nt6U+J9pkX#rvm6v*TB(jP|Q#8chaK
zn2fdy_SvaL6o20GHwU{6zDc0{>KUSWZ51X4@5}_6jV06i@Zp@7vYlFtU)M$>K9w~{
z?hM#TW;4;~rYvk#c-gP|G9}g<#a7(dpNu>JwiywxQWoLxuz+)}+3`Gnor_k4!Qlq!
z^5;^Y_fY4wuV2%{zAwsabyQ>R7C%%d%p4Hj4r$*k`WgnvQlJW>Gd)w?xgoZr!?P2(
zWoY7S!d%w9A8Ao5lA-eXSDA^@N2L*~N`M!9@jXQ$l7;0MZ>)UO$~|3ui|?nUp~E~0
zm4?X<25Y3#Rory)R^;~&4t4?J?9$#|6d>YElSC2Vj%gwOUn?-QV?ySwUf>DGBouk=
zJ69FqDIOmt_0!>lGty;E!RKMp-TS4j`<=0mD2O~-_-bh{&&CIeU7giD0v@^=PVH5?
z{s~vcnU1Y=0jnfECA_ml<QZWADs2+`!mU#y!7)@vbiCD5g2v@{S6-oyox7|v?mwj#
zI#UMqCR6X5-dbA{^Z@C_GoKP|zg}JMq9*6jFH5cmf}{|4dE3xaWg0~@KU27+=!iY9
zU2g)5#}T5;e*Yd-ZdU>;nXX{Kc_75&=oWwO##?lC3Ia5wKSt;JadXW8Sl)(?&Xo!<
zhnvJ~OPbU|A1x;0YNeyhc+)V;)?*@dSWZrk{!)7&Xx(>M)y|oCaG9um1f>mY1mrcA
zK2)=Vw19wH)O2H2bo8`;gW4tlYQbJt->{hS3RN<(CC`QphJhjSUXr>+)48nEq9Sgz
zE9WI-MTzxn_{G{Y39OgJ^FAfC^}Q!Mai)utXJ-_X!&0FmNkgaV%Z=<#;iWzoBeFFU
z(E1l0RB-994aSex^?vLWoG(qZLusiD99G+O&QVo@qf43n-@lJzbNO!}hV*W+zPt`$
z7?0-Hs)3=Tej3)TX!J=h_i**6l>U@<nzfB~4p%esl;5vctxX8-m2JRO94%pUv+$z7
zA&#%mz=Nrz64p3Q8g<>sp<!{`v#+cB=!wu&9t8ybW_F7TSD0*M@N^iH?s^i1g-NLq
zA*gQL+}uK<qJmOV2;qQx<%F-ICU1D7$y)SA2HXJNZ7sSWgP_slSdL2aDP~dvm<IPm
zo{B&A=%Q4q52oYq(5b%qPwbK=A0B?d*a<@?^~p*t2<JJ$13v}Xm@<fL>@}A!N4vRh
z*Z2IHCEVAaKkiK|ccpCd^85qyqWoRC@GhchV+m{5$|;v=azbV*NxurRv73-*7`+l3
zXtUgwl!j}#KekNG_jZx{ZKRp8o#to)>hO&tseq4Jvhwa!2ofp+Gpcu7>Vjh;)&BGt
zz3IBsE3w&ADiBgqxRno`o+lD4Q5AzY6KBL!t#B)|JI$R^EA)VEpl1hECE#4win!(V
z^z>vg=tP_8VC{f_DUI&p+|_)eu^4JIp+DB*VB(sq6IZ(r526XKQ7%!zKOf(BZtebF
zXNptogVcuX5Ld^F&w7;de_rsuAyC3A5>1KHE_1%1XgZ&q>tpe{x&Cv3SckZ6JG-8(
z9jH~Wx~y&RUq0*f(3MuGv5dF22~T3<yeenBR2&UT7oF=^xF!^XoT-Pdywn)q^}V_h
zj7%TA(zG<}36*hmy3A5T`1CMZ_df(h1{E2~6Gk|d;@NVY2R7hObeK2Yw6BOuhll|}
z!9h1_MwT1YxzF!>d8>$7w@IEl&Pnft%=mFs@>UU}dU^uZ=%3pn#z~jg<1r?<W9*?k
zU<E=;QI8`AhX=s;kf#8BL<S!#?Op|uwBj3%u;%SzANDL~Ztf{bYAL1O!9gKsmG~Gw
z(SVQwBV$~h%#}6m!v?>RT_}&B{lWQ31&Qidi^}c^1Kip(2j2LU;ys0(>b@8&M03g^
z35QiqQm!*VeWiSR)x`3ORs&j4P^Ei;CFjiV=0?EmuT^kV1oRy5+UP{)I)}YG6NTpD
zcHaUoo2dFxYQu%0;zT}E0@(~Mm2Xiz6+)D=v(=xHK8_0x>4e=h)~-aFlBlq!Rp)GP
zoMem}j*{;RK6lOiS&`)MkJArWUFj2|qhGT3z3H*~m;xF4K*s*YaOhH%-aHS}|IOS>
z_M;pwb4Orz;O=p$w;Fl2bn7kmqo?xFg6_8Vl1*CuD5>JvF)jQV310}%N>ILjElH52
zrCaHKV*b`*{0V3&b^!4!xzlPtzeha4_Lnn*N!me=zi+2SqrwOsg!<$d8JLjYHGKup
z$Gz~3b#f+-hgQ7Kfu8*hE<L!{``dDHmCg?yT!?Pv*IH{SS-;-yO2Jr~%=9|{Gl=(5
z%G9dY|Jzmh{FPHB6Uy94_aK|-+9>Nr=6KA>cN6V;mMZ`{^`Tk<)z;WfLq0RGTqv6<
zQgWDRO;+Gd;Wo|51en5GG<K7>odhD<OI5nUc^{hpEVm*szUp&+tiw{-)eXV$_P|l+
z4#d=J4s8H*?W#|s4{cg+IFMEgpt)^$x-;bp{7=a!r1}n4dVc3f;nAx$UJR~Qt}h^N
zIYD@e>U)?3?mE&?Xb9%(d*|qB1vNT;gs)OaLsB@W!T9jPQsvn^LvoAHQ~U@CB@;?!
z&OBP;lOaaJJ{e>F|557snQs*hYMUM|`K&mM?t14A%^ql#k_=-L$iaF~r7nCEMCgF|
zS1@CIXcq_QzJADsJ_ItM(eG*G<~07Y-nE3~T+#XTsm&TcoLGyFi1BBaoC8!58x67k
z77x^#9B^~3&Y$7EKuqap0k+k9i4rI`=xZc%+LWAAwVt)!oNCT`U+sQjKJ~sn5NkRb
z;tl&1gEr59Hv4&CK-v@7wN5s<vFW&Pz4AO?3O1XmVbt+F5Ix?Wz{v2q<<_XRE}o2~
zT>#Fu1;+=ApD~tW<phLmZOaamd(*Eq-!SMlI7;-^Y4KgmK}%c0K>9n{Ki%TWfp1`!
ztd<rLk{`X_iXZ`mVp{#u^YfNVIQ^^7Y`}_&=Wg%|r{AIK;?kVV^vPS&a~&(X?b)HF
zD=Ax#<y-X)MKbs!LrVpUMc~p9*%1XBt>&WHkK-qV?0(tJ@izG|NmK2q_LyC6%rXAw
zJKN6$U@9M^7D_cQ<)Jh-t3_KNf%O}sGKfR}Wn`v>NY<-W&l@lDp%mMVXgX2EjjRmi
z870ioS9?)avViIIe!C+lnf^3mDrzpTmYj{Zxzj_!1|sX-vj76O69v2)D85l?OjKK_
z0=*e_=tv|`<pK@g$%L*M$T<gmhtD9B&H!ZiA=&8Q+aOSpF9E~4HsCH734*9_LfJ5N
z08-Ju+8c|s&U<yw6*#~bY1YbyqJ;5FbdLeo*PIMO>$=Q{{1*ybK&2y{!tqo{NXTrV
zg<qvas~|$Ca|67P(39<n6{N>(l$_@mXV7ZdMD88x?m2!`lJ)!LrYslz(JU@&96t%Z
zb7r{Vo66n<URXFozAtJh@R;`+IQJ})7%Qrm{*NY6i81Zu1UH^2y%cW;9iz70;^n#g
z_N0xl1&R5|a=GUsuxnOwlW)A*Yq#_>$1Cxv4xOoKEd-D8!)`?K$w-wskt9s{e&JOR
z8Q*tY`$PNZDUNrOd~9Ni`WoLcF(YVBWF@5BUpT$tx!`9u9T#zB)X{SFSwXs{hOk{I
z$_>Fn^Ix#ioUF15g@sfCpDTKZZ0C0gKHyFv8G0y@vfzF76zkJWwMBwG^*-o5n@v~I
z0i)SSKzgR*Kmb$aHMS4%ra$eEjfcQw>PI?zmgZ$=(@yL-?#~m)Od11MVOL<*7RP}T
z3B(w$p-EOJB5g||X`UhdYgOymqx??$(wBFm7o6ysL^70<`7cILt`Fy^26QVQFI7`W
zW@kl3hcm|ZHH=0!e@TxoH0RkqypFZ8UAwPa!b+=iE^jep{>vt<kPim`K|i|WHgyRR
zWi3W9_niEOc$|KE<(JpG@V%-Ce#xl_1B0nHf9?LoOn%o_k-4^0M7QuwhB6b*@W5c_
zS~fnzq`-@m=;9w^RrJnD6ky4M!9G$^Q{x(Q4h;>dK+Gscj8Y8E%*?*#$I@y7&H~O4
z8qrQopb;r^+)`YVY6UGc@c&=kGsW`93Z!T5jYoSMdM&ZgwVTwbcd(mqXxwbMJKN&L
zdwp{gSDaR{Hu}-J`9$SagX-^d;96Dj?bFBm_ny(f?GGQ>9xE>S8Ayeru`x5-d~@Np
zJaB~J<W$7pB4^xm?Z|I#V7g|i+j;^8Q?1&R&1676h-`zliWX>lH+r(FH`Bc|B)(7d
zJ6HkL)EpsL#&}tbq?*5mgSuo%d;bSpt*mdJ$5a5jM^?>B;~MEQ=u4!?#m$S%fneNk
z;>l<Xm`1r2ri(~MnI-fsdKDl^>jN%v9|12NMf~kasSh1w?_wi^Ijjr^&uPS@?;D+3
zrAg$-2Z%q#CRJsw$oXnC-62g9$J&nbmIxiS0?n?`OwMt&LDwU2`tssGoivnOK#qr@
z_5Q?%>=cW(5LvDpoD{!-*?W;+3TCWCk$32{@guz%NuHO=j)DxOLt&>iR*Z0?0Ice8
znO-4J^O9XuOVjYfuC!Sh)8l0{2(Vzeb=??ZUfNjGU2>!{)#{3d-iEJvtj`!p<rYwa
z7dknqwl*+xbG8sYq2nPVL0e%y_L>h^bM~D|PQCfWqePSO!2VRGMlX2?mIkEjm`?UM
zei9Mj7O|RRcakZ(FHd)&Xw2LlG^V>l8G_Nk5b`x9S2>O8AuxUGOD$kC-o&<}wW6YM
zS!}!eO1*!w+%V1p&!`AsR$#f%(QNUor+8Q0U^BM4?{S&;>~1i&6A=A9yU4WK`liFo
zBc@<VCv!9I0!jwb_81ZImip>5e$ll-3QDI-?U@O}Bz}>!g4U`XPZ1g;avEJ(=B?JB
z2`(}n&EZ25+diG+(enF{5`EVfO)kSAR&V?#1C7rD$J1C<udwV0s!F)33UWQ|rZ<pw
zHV}7~q^syss37Ub9T;)x0ampSfJplzTpWTep-7=gD)alz6o-04q~(uqR&mrbNP=O8
zK;X=lF--^>n-Z&44nxb0BE$m>2_=dE`wwz8I>{}TsYuU80;SF@qXPyT&luK9K(7yz
zi(!ln1a3jT!eKn2BNA0Z`CX}-T5gai(=Z|n(MfQ`8Q19-a=Va^+etWV%XQAoS4yd~
zx~v4^PE1K4s&vMxAN628#Ce!AwXF@~_t^Gf$=wjfWlSpWnONF3-d`D5dx2X`uU+qK
zt9^ai7yo*y%+yeVkD_(k%gd{O_d|`2BsH?SpwD=4=+o=0?%rtR76~GNzWq#|WmCO$
z5E(k?Wq*WoVo^bJ0w^+Z2+4MAQql}8%@5Ew0v`4`R#;^?$QQNTq)@AuOqfP52eZ3M
zDxSxMPnMqv7xU=c0RrAYPqO~n3K9|$b0<w0P_e>)T8(6CZ0ok5MARog4V~XA=jz~Y
zSe^w{?B0z5ON*-+kN@?1MxEC^%tY;-Zp@30J9gnSlArYuFI_Kc&JIddI5o#~Fe0Tj
z*=-uOsMp|k>q%uPOesG^{Ob7g{p?`t9v14-FBBpb7?AE!@UYHgF5!_j<sc_bPlkIn
ziTSP!99g|Rr~<ncvmJR+^A-D4UcORzmDQDk$4v^v8SBTWlpTi<4f2w5i;@C@QTc36
z4(l9G?yXzilH%^B8vo{Qoc{6E)vS%JE@wp?dNnR3T%TYKT;=-WJ?l;0L9e9fmoveo
z7?W^6>!DgKgUH&FHYe_}m{OP2@)d;+DZseb2}{oN$Gr2a@ye0K@|mFI!?(<(6-moG
zV?Yej+&ewdg1fDYl9t*lD?MCU>R_Vg@<AxiMZvVYN?GGoD;Y+s^(Cf<tW8JM3qtzh
zg(6u(KKs$5&G{nT94Ga^>ckSUwoK79%RFwJgsn0*t+-7h(X<X(kKb+8uKCrd?7i01
z3w@H~EI>Vls&6<Av%l##4YursQG{1q&nK`s9vY{!;R5-CB{wO+5Xx3Msf)PF(DDqT
z$ywL>7C58ubol2X)|!r1)2N?kqTkK^dRViQT!Umjd_(r$k}5Yl8MHmO&9^SmkDY}@
zoG?<1cvnu@q_(!RTH-OPYpBZfe%uq6+ydpjs{5C@_?u))yPKKMg*O27y@58rQu5xH
z3K;sC5UyHdpDGGd?)LkKKW#BOS5toM?%SBRU0)Sd`-2-i>t+i7WR9y)ja6p_2Wx1$
z5)l&@8&LyzS0_~3u%^r^>S>9O1MOC6l+Ji7os@~EMoA3oC`ngGHSk2^vbp<(QSDz`
z0MMaR0#*%0EYp93Q`?qA)1)DmnZQo)^zvQJ*n9NTxXskv)|@rr;$jnVZC-b`{Nln1
z`@ApN(Igy}i7`<cyO7`$AJ9@6VI$se-~L0U3wv~`;L-Q(_PFMDmwc~jPFucXf%r$u
zUNXzLVIH7*q~b&Ysx{zQf;OKKMGV`K?Yd+<(?;j~!U%jRQzc>1Nr1MQAEpt$4XlrT
zg4_cpXD1g`#FFy%31SU$0~!eCXG-e*^SHYoPAvWNf~zY7>B22H-ER6fB$fb8vy}mx
zd}Cv+5RLnSQ|jNsL?nkV2-C@5EP8?nh*94SzPp;A%Q+D)_KMFvD288Tj$>U)#WM&g
zDq;maBMt-5h2{v1+NoLxk?U3!%Jvff;OMmN(8XG**;Gs&!R_{-&-%+i>b=0PA<fHO
z6QelROk>#OG!#Qg!~IE>A;35Ee~fj7L1l|tGOL?+qB2mZqomjS(fmf<qE}7*jPzdA
zp}gi)s&<{NP`zgpC{ksC`*ju=OACU6B-&GNXRe)^0W9KxRnR{$sEVR(ob+bRrKL7F
zJZ4PsR(>|F)d(=(Z&e^d0BgmPN5hweg(@8`5vF}n-U=?`ANRGajzFuhqWIR=U4V*&
zDB=bcrzTEr<t<9Y`V*MN-oL;15Q8KF9H|^qri#+Xw_B_7uk5u*Q!Y#}g!2qy{;VzE
zypmRe;Vge)zQ6X2cj`nTDFkY1O+^r&npI=0Sk!mv7y$a#MEdbuAHXGuQR#sktV`P{
znO?u_B9*M4wH55wvvI-)=03vE6Jf?-Z1vjq2nsmhH-1S=iv)QfuI}y{s9BGSt8@@K
zqG`DIda*pOAj?R<16p_(W|>$FcB~udS?3ch7NGIr0!}CNFLiZCxUCE_6d=Wv1pFZV
zuB}QbNXPA+hdN|Zgb&<3z!GEXF}0QiDg3HkZH}|Nyv$;|_zuW}l?M}Xice~8>EHt?
zBK)2O`f{wQ$^MqT-?WK_()j`*LrrI>7Jp?ZIVew<;XAMPs9w?-$U+=6Lb+pYkiXaw
z6Q0?Ei?QquR+I-<z#p7~p8hdnVLr)MRax5$!EBWN6rJks`#YjSMYPGaA5lKOTgo!4
zzK8R?zzVa<Ojp4+Uzk`x0j6PxORMrt;`}=;8YHCPoSgQNe-Irt%6sbf>*%f-PKWcZ
zZ1Y<K8?70^!H-=s_^-zs&e9Q69>r;ZqXf*2*^`e8o>pG8a<(}BnUo;nSMa-RQ2G-5
zs5#aUle8Fvw*<ysmta{rKwm6m)y!c!TD{ikPBnbEbwAs|IE*LFuaXzMte)q#5%~`4
zAN?2BdbHjoUc6)@f6v6xl!Zm9pUZ__IR|@_`?GN$qcNmmFokmkR4;WPUj(r1cIH-<
zi;OuCHgYhpnk%&Vb2E&JBPq@2_;z*}0}V@9A_3+e3<0B}X`cHV>G{7M&w^;q;*}fI
z(e**CbM}^re?BjN^e;mk%a-D9PbiNIW&b##YN0u%$DZcfwP2bzRrh()op7nB-+Ko{
z>U_267b<pCvIxRR8nrPWtMNl?C@g#}`YSLv7&_O~b6T{F@Tdr9@wx>@YDc;ouk`1w
zg!zWJzdVvX@wsT3U>ll_jWi-$=T7S&rU7&?KDUPpe|aScG%iILI~v!8(!Nq5{Ewb`
z4x4VFIdm3wxdDOeuEA0?P9!+0>Wuqwf0jQ4#1W+^_Fs)^U5Jg6>qpx)q^BVpk%Aav
z3wsA7+ZUQYLT{OQ*#>N3G7c%+3c!T*;;MJe2??kD61dwF!o!<aSkos{+(`c>7p<)S
zw7;o|@1u$e1sxqaCMITs&xS@9B5x3Z?@<}ff9Pg*?X#5Z$Imx@RO=rrlE&Bef;G<=
z!r-&J*f8{|Jqp4kAH8()_jmK$oeAe*tV~IIrChCSZQk{OK<W4h^*0m58u)`FT_?Yg
z3j=Of;gw6V@^uEJq`<;#7ZGz(_q|D$+hb@))S&8B_YgW5_vk9?M1Y|bL8fP+K!dJe
zFJ=A~p@3&M!7jUSzh^G3>osR}1l`D4u1YEMH$c40f<W$RH#iCbwZ6_A$EhI>V&hcG
z>snU@DS9pqEpv34H6iY^2}yM@KYOoW>hjpZ8(i-P%rZdkqp7S|`>;%V%<v&ixHCm#
zp=c+2*R<v9L8<eH4-YFUDp<gAJUb`nVnY0ms(KgVLS9%?!L&w%wxyxUNL8Rzs_xSZ
z`wO0o8n_ayKs4qbsyC&3H7}eF9Z%nR$E`yhcDZBttl}y|R>d@;4dPNXtOZ9;b5$^O
zEs8O?U7MPkw76aQ0K9gl58md3C$*%A9TIcv)^Dh;74*U&YaZt8Ok>%Rov$=wF-d~t
zWWIe~7Ld>D)If3-z1M-ttEwk=IuU{vDYBn^#0p;~{7qkg@%}TR0jAN+;8MG}@PoAe
za*<!X&M&#YYi%R{KG<Kw8o&v82_#hEzcqXAezsR!-B@e3@cMRNz?S{RgW`pxK*KH^
zE^qKuhoU-PHS-w0+wbJq)ys=B&vG_4+gi0B@Y}g8v&hV^gc@@*gUOqPo~Q#;9#b(m
zNkFvw4>Ch48k*2cL&|8irhKq(S+1Ew!o*cnHmB*u!ZFBR-4bahZI{0q{reg#^783v
zY2T@<69CpMCa4^?H>7wf!w}G?CZZpxSBJ}&`*3A+XQ6EA$%phJfx%U-!%RR9l=!K7
zcfElBV(_`X=>&MGs{Qsl$d~$pr8(cjVZ}kM?xM??+evOGGNsfLiyw<Q;99Rr8P}=_
zLrF})5Y1sKif-mj^<>N^@I<<?r<7n;3oXQe-YqUCCzc`L<%sYEZ+q;Xl8$mXDz496
zOw--C)pIn4CJUp-`le0_rh$f!?o~UruA<F!k1N0)z=@mwvN|<r^xPFVPjXn#mwvjC
z?Bd~Kg@$&JbhJ5?{7@&>u-5J!S_s~_T`+1o&m$(887cHP>XnYfQ1Y^fjI%Ze)1}g-
zfIulbZrFX)T3?@BQcCJ8h;T?u#J6EmsE&%e7W@?&{ypX55_d;XV_8{gBezq3X^t`l
zR$T!eB2-xCQ!!o5q=)exLHb_dw(QAxXpuLEX<<JtT-x~Avmj9Bd_b|Jgllos!y%e1
z@R3g;j|3ZkOXnzyCbl}iw10HEJjQ$W(pmsLNG=jX*=lSk3^~y%hL=`&UG_SGUk7sI
z0@6p-v*84sn*~zwmPb6Qq-W7mJ)2TKLz3pA3L61q+%6ekP<?M=P6SChNn4LkUWW1L
z{=<VE-Bqm386umTHhpm~I|KMnZL$*u(nK%bAo#M-c<4-?JH2@}6|^-Svz1mbU9$Eq
zWqKVYl|%^}7<@T-DJWnfO|wB!Le9aVQf$&}-D7^s%xa5zC|M?Wh63sMY-fEqwM)%`
z`Ml!I+2RaAardy>y;pWl^y?AUvq7KO6=;G(`r)agVcNBNiZJfMSZ-Y~a+}fABw<fC
zlcK&=D%sHrjzSre9*Llr^B%FuR)+9Qgiz7ysO-M?=Q+1>fX=}#`F|ste{Hdf`W-4=
zU4kQ|J|K$Yv*_KqJlijIJ|dX`12>$-<I`@5is6!oYh=UQr<~gJs929TbXJ$T+GRY*
zz4vYGbc-v2Onc>1MR*~jOGsTShq-s!HB+b9^gfGy7*91{z`vG}cuc3-r>%ssK{8@$
zwp^0*Qe`GRJPa4d`&{Z%-W9&<4>?ov9U_^(;6DNzMd88Hk<;VkIfF2mUcNJ7S63G;
z9i0#$k%EE)W<77{q4Eb2n9|Y%ky-Fa4gdJu&&AsQzL;FEe3SWe`GDm^Zo`)|sTb4n
z)Cu0V16(#Kip4q}tU0pUX%4}JKW+TYKa6}Q594|Iy+Q&!HmtICZl~HNu9sdhR|cn%
za+Gz39ZFK%DQ5fSlGh*qP|n|;`*jz`&8xwRz_Ff$WcF@BTKl(FFFKXFf)ir_tFaU1
zU-i@F!qQ(~URRkLg8Z8E(-|APr9ix8NI26-VG73#dnF=#xaD|X``lJ6eorgeg%(|D
zl{`2}6&|6L)-T}sJbDhqsWa(DKO^?MdWJi$$!XK}YOD4AM@Q+{iC~QD5cN@N{jP52
z-<erw8^cp4X26W6qxBKj9dP+6SS&Y^b7`f~J(MqWL<}qyv(TyTYgkJ}9`29yy=Pds
z#C9f`T>LGPHoWK8LtS#FHoW<$g~Ug1J!N`a?M-gJUzm1<ZaSCUy+bjTEu(7LeFGH)
zFf|QOxz3HMyVFW)=l2QNPeC2TqK#JeX1WcxE)nMpaQOB%%MM<_xtRy``;PXPx?&$h
zvmi}Rf-#IB2wy*eB;avG^G{Z16mlJ@WiY(kjnPsZn&~|NwZt-2&~dt_yW>T=?a~wk
zZ-_@d=<Cv69$|4><vZS-9me`_wswBMavsKkI+zH_71^PHpYF|tm$u%%1Z|RzR|#5>
ztBwAmTV|-kwhPgCnwTbWdWt=VNffajkAmu-dB+Tc4G~ZNn_oUza;=Zc^=|pD%{OiN
zj*r8|_mUsE?N5pA3mYUDS>D<{o!7adlf}ka{_0`flX)Y!czF<Ox3MGkn=Z4`f2)63
z@W*F1#P_C_!(>+4f#HrKv5X(f6Sq-U8Lm2*F7@1kOBtmtzs~pP7IxZ>q8FmId0RT4
zaxR1=Iot+ymA3ebf`6?GKH<Odd^@jw9(L&73)*}Y5F+TjcEAkcN@(Y1FGZz?V#V8d
z{smX5t`8rg^RqZ&OrGz!v-12TE+MJg2lf(86%M25bq2>_@$YnZN5dP|AI8GQD^4oh
zxSblFi9I?q+)ZF!{#Bk9xy;1Cb??Sq%kOu>(7TBM2S!sL?lLWvy=mU6*&@#By)ptN
z*vJWZnpEks%kaPU6R<|LABYo^5gi|s8SkWncI=Elt474_ljL~%?XVfU8RE0W-3f$W
zamvKXO?0cGNLrK2=&IoNg+RQl1<?e(Yxd87{>)y8lkz=b7QEsF_hXS`?L00tYde<X
zx)<s4b-I$%WH`}(kKf&3{l=#wl{b&0WYU;;pwo*jmliQJ%p0cAx-&C5pH-PlKOvj=
z=BZE1Nv-R3Am?-97to^fUW=)yq@z*twM$do8@v)yXFI5&U8Kh>qfh64u51slO-nY~
zfSiEF#!+FW9Lv*uX$8|ej?T!S9yH+k<kW@Z^pnYY(tYdO@~5$(0pu27J|neD0rv*E
znLCr^_d%;cfT{UdaZWJa<j7}g-E7_dT0}G)Uy$-e&MITQwt4}Se=R<@j@Xw1ZhbRo
zTXb`+`SY~9uun3gzDW?b^a90HHbZ4zvw6*;v$K1t16Vp9EbOlYKIkViXjeYV>7xJY
zWa|@q)`D=RN%y(Fd+oI6Im@{c|3QJK+_};^Bm3H;BN@llr?<Vku5qQu-j2nAbcC5S
zY~h()PmGf$@P{p#cq1@zqLd31zuPL+Jn@@}b<`{I+(XG6m{+HsAeeL=<3-O0B#Vuj
zLXTS^L0c<wIn4b9In0LEs(3nSH+S6W^Up-csaFT6HHPwIE8%sDc?&Ln)BFT<@IKY~
zOsdwH%1tVrX(c;6^$Pxqn%tMIgkBFw+}4ddyIk6dV@rFkQd-}On<Y}TKZ+vlSQQ-n
znCvv>bsac?qoAr`|6ctdmf}4;{nLws0eYKSI=Beg?Vp?4x+_1L<R?ng#4dwmP0i~{
z;Ec%Lf~&vva=&;K;SafPQt83MAr4Pc@_`nSIX`)%Sdzr=h1Iekqp;CSdX9`a0b<Pi
zcl$#d)(;$I*^Dfp&L%ic5p?!J`TYX}ouFy?8${=1=jCnRetkQQDD`q>e_hBQjyd<k
zb!v&5&Q8toOq|&Qs#;tf{Bn&w&$g~i1Jlh42a}ItR>iB~#g8B4Ve*X!@cus|%gTL)
z@g5JQ)C*=V5Nv-Y@^sCyofKX6=)-Xo5)QUL@SQ|I=<|rlu|FlQUEaC~x82{3C9G6#
zxLv4LtaaZqXevLxZ@gBTzsNPt;DcIWWj|6H{F>hB$B!RiXPg*Rg}2P#W`Ic!8S<J1
znzIW6&A-VjdC$vI^Jn6eN(!u2KNWXMyp^-qwb3vyez@IYZh9<JyuCiau1cAHdDT8;
z$tqf*sK2JDp%K>J{=T!b6WHksofY8kA`bt&e}*P#TP1Q<k2;-+)_~fbLoY_WsXeVx
zfGb3!xg)1i-9p)cqeQd34gWo%zsCExe6{$ZFTOvEdn!`%mFVK`Oyy(F=$3ooDpv1X
zAEWAxd4$Jh(?A8LLNlK2tIo%cRnL1}E*GF8{0~R4W{-YqMKmwtsg)g4t|5#Gfk_#5
zx{n2&H&2yrXoo}fS)YR(+4ei?^y{AY(sj<yNxavMk9P&{fbmp+IL)8C_uEwWM<=VW
z261@I_cfnd*S<PY*kBSXfk(>>NR)EtrM?1=f*{8MC<HA`xX!-2o>hij%SaXH=+>$1
z#!$E9IvRdUG-rb2E3KxD?N;0zg1UdQ#)=Ts{gJ?C&yCX!$AW+n{xLNyEBSC0f%I@-
z*R6Kwf=T#e^}Zumpu@B&R*O#GNX-k$TsIx`s&dYWITs0od0nK9aUuMJj<5yQs<AQV
zZhAiK2?s~FJJ_@Yi<a`0QYn8u?58hzZ)OHeSXVjqk1ngje#KG{FzM=E-i>K=?uk8H
z2s~TR4)7_t#7F4Vi?}tro|qU*<y%N&DNRhPB}Z%C-oR3M4@A3x7g*HgN81YIDRWWq
zu2d+`RI&qEYoT3D9(>zwIK#S|_)H+e;p$YiW|)uFl=`;Cwm!zsaugM+pr8`8O*8Ay
z-{@SEBstCh;B=H3@nTqjLlZr$w6Lg+60D$dnxzfSMKSU2J9WLTyBB%M+3D#gn_8(J
z-oo}Ms$o0H$*%|8U71=g;ExAxXB<L8B90d%NlLVCr*s&uH#LiVcH9Rq%}STnAwyq;
zP$mm7{U=9dtbCP5b`L8m-T+Q2@U46q8XDSgvJDS`$hxc+I&MZHYHL9Me&c}Kr+a(9
zSg9q;I6Ny)QB(7?(n;QP63pKabIpBaRdyrwXOC^%WVE#z%?qJ%pS$P6t8lQe3a=Bc
zw%47eUxs@$JMaVx4;5Bw>YqwAs((8I>Oq#rccsF4{J8eZx%);H(VcZKhVJoQw9Tp2
zEIk%oz4_FR_(8g#9J%^!PcnIXd_;p&&d+Q90p8LD&0bGGLL>6ii|+3ZieXp|zxf!Q
zj$osEnhsPt!Zo|IoHw}Nu<_VU3`R#bQSHNjH#*eCYgbKi7=~SU><!8k`!H^MD66R8
zzIpQo>9P6aGwSvX_nk1Fxv$WXOy=8tFh^^O{}i^FjfW8FJLs$KlAxHgn%K-_=O4xY
z_0Id^YlFhT40rZU@>5;skK#=53c1=#gb;DjCk+Ng5`EqddLoaa+)YDToiyH1{c$7)
z%cIS>^`oM4qbX%<A}Y7V<{4*{CAN7<#HWf1nxx+~*7LvcU40gNn!{Keb0$s)-_B3m
zddfXZ_vGv-i{t6WcC(>BOKt%m%fx2^)wqNNN<l$Vqy%=heo5YxA6ST{SB-7=t0G*A
zr`IxQg`LMUyXP?Bkw5tuyMj<NP2VTFJ<MJf2hn{2y}8Izqb<@mM?~8KHM(Ci(TFWJ
z@lmf9$8HJtWRpH)2_Yx?KBK2H_X}}@*VB>~jOsnJN_vg{e*(W2-C?@glrrAVrf00q
zZfv=#v19B^4*^_JeyHV@qukeBZ<CnmbQ(E_HNC@hr3Lw94ui*;(+>8E9xd~*<Tx2w
z*=GV*J8a0FHi+RJ^GXET07}&yVV|4UVl`gnhsH4<M1ZQT(hwZjvy{1Mz-qzvyzE>4
z3%$Wg-E?k;hi9@GMMOOGcemI~1#^vP=$T%(HBBTe!W9hT?wid>TFhy@{>05J?mve(
z3`VcpIm}G78y1!knOmvcw;YI?y4KS;^QPMBvubTtiH+k4trm~O5EYk4wH9RSpy`cf
zJ@-)B7E?{uQB+Vs>Lh`X{GNn_MDppF#>zjgwBz0Nf>MyQ@<TIuO6PfZI&qL%WY6F%
z1@zS($cm)VfnLK%c&5%82b4vSROYvb6P&Nh9j}~yKF5*z1ZID;-p#GHPM6dOm|Uqu
zMAWKSzFVK4OJsrDGpL^tP*7yqE=17nl1Qhdq~&z(-K=EL6B@#!h<jC(Vf88-tK#=n
zmt>0B1@ru7VacDmfk9IjO@^mG$o0~48dGk-h`cT3wO8i(*n!xsGpA`}jxiAasBhW*
z0l?~J|L7h(1EFkis;eBMACAnRz||jEyE(XBFa5PWdsKeC%NfU*VE@jt=X($%gH=wo
zHDg?rhvd$KqYb*P0$o>&f*AFqQiqMK3&}JOFNt#glOW8Hh_Ln$R?fwgU0uDko*7K+
z<4Uxn3A^^sykyl%_^UQ&?I{{Qp)WnsUUF7<4}H%(>+6$TU0WmP<0As8VGS6e|GeUU
z#BP;24aV-}E3tRCHU9<JsL8_C(uza@WS~1cEoHH*`gxEkCY$l<Z1=~xW*(iU^y-2G
zX}u~p$&Z@>UY|?z{Vhft^BZ#WYj*QF*h~HwQ|`!EJ*4s)+4=M0y2)*g-0^?Ikiqt_
z_keM9cw2zXdGl-AZPu&vn*~k^cGj03y3JjNUN)~M^~YpuU_D|FZ}0pf)cG(5l6%AW
zu7EhSjQ4NpVmg-8`%d&h53A=Qcb|Usocr;|C^g%zlMCLV8kLRNnXLSygp%@!DbSNr
zRTZw$3knRR(_}ee8eO;Pj$stk`}siI4pG<t9LIX0*uuSX4AOd7sByiprmMewR-eeV
z<JsiBF;?hA33WdFRr<Y1wwmL_Tzolu&61}PByKfoCLVzel_kt~O(f0NoUvqx)_3qK
z&N9`*dAF@#G|z6x?dDgt2S#h~x|QVv(X@q-r_H~ZASGpG&j~p!-+>-RN%N`3T+;0~
z-5{aLct}-+{sY9a&Lt`I`&BmM>=I}2VchQ?kpR7!CiKnUQ%6fnEwZX4x5jwNS*I`p
zU1s*|7Ry>b04&Cw_w4~JbPsp^8Z0dl6nYZ>s#CKPKh2kNLLK%#1C8`7RkEWVo`R~9
z(q~`*3@ptcfUligb_m;aQ4g%MS=#tH=>bzxZn3#{@AFm8V$y=HpKkUmGme+))v-9d
zKDFBx9AzpmYmP7<4(3TI<mH)`BLO`c%rao!TF4todi2`r6OE1P#w^WnBE@#SKQ622
z2L)OtrtV-;?+_3H7D2*4ov%-OlU|hX2YMn$SkKAv2nh;j?yQ|roQcSUqi8lfZ4(xg
z4ass41A=he;T0}$J3AlRVj!{+zcg^A=?Qx##<<Vw0lu#hKLP%WhE)>R0GdFK+v9^F
z<YjVLf5h9W&1vXeP3UA_IJT#Oz`Xe$JES^2($`otE$Kz>Ih^XYXsG_|M<Ru8D50iq
zbRq@6shXmqzti?OITO<}!|sURl@_O>_XIGX3ngeO8iws&$zlUzZh?Aw`oE!@awrV+
zaHII($58T5Ma3FaGfCHFP)s6l%NA~aB&?$Dm<7efU0*51o&z5xkaoH~#&|`37i7H(
z3r)q)X|kO##bApXY_47{ga*<($yV`f0CDDbRIm{@Oka+kAGqQSRHbzjX7xrl6b-%l
z0QDikGz@Dh_bqoij-nfJuQ4_@1|*fIz;eWH&S~P)9Ptdz-7&Py=2vVSeBy3jOgB2Z
z_z8j`Lodi%<dDafTg<Ym{8&0XRTz0=U3cpgp>13;)ZyWi4DFbAkMB7-IU${!<mI0O
z>r;sk6b8|@xL1_`X0JpIASWJvZ%(sOGE~otBAS*XKtjX-X#0U^YC14<3wk0uGC7kq
z^kTjOWAeManE6FToglCjm_PXe_Sp|vr4=nAk#~>nXwb`y#6EatUpBreG6w)3R0A39
zg~h^qS2KjC@-grKYVS;gnmocdPD11u1vxy+VT521Y{jBMKoBVrj0Qv$xkL^%0twPY
z5P@O<2T?FaE-eLRpo(~a3I*%cs0fM}FQ6hGh$2d*1nD^9c=W$7>M(xLFa6j|KJ2_n
zp51-++0D)#zyF~3uHJml`{MAIqv;LZb5mZwPFN)nl!iCRh}_(JoqnEyjW%s-OY|#A
zV|R<AzSuj|1R$GA{{qZnOWmoP1RSzd`FQFfmgi2j_^L63^ZF9v4uq?BUJcWf{SZiR
zX=(BMUA#~H>J{Ja-mfBou!ymK3iDWd_Tqg9YbKZT1|IBI$#tK`xB73B=kz5xpN@Lq
zf?M&9Hm3-Hdlaob!(rFOrlVthlA8@nQ+JLr>YU)-=~lF`1I!#i{9Qo`#U$oQkY1rZ
z{NoNFgQ@;8KyV=N%q6RsmLBtM?K3ZBn9Y!^c;vd&e!n84zY4LMCl&qyQdoJm<?8dB
zwa*4CU!%En3EhbqE;)$wNdxRV7^WUy@g!#6*hsIU8zU@h1A0<_F4`?u;80==PX1lG
z8h~|0{%luWvNb&oWRs>a0<HH@L^FieJwfS>j{YN$_$<4^S-8fos@*+ppg&)lanfR8
zzGX>tXWiEO!Sx9wR}dJwT}ma5Bv-woXAT%{t6171-d_}8y<yR^Bbl3y8)oVOEg}E@
zX7HH=|5bIyfcZ%EkzH1?(is~tg)R#H66HNPe$~}dmNYJ2EENjf<k<`hRz~^3A{FhS
z@fmZK(y`BSESq2O_}+-aTujhC;49foM>bJTRi}2;_WxaeFv_cFzUb|>{temZZpPN@
z`7HaZW9#$tHyJ0E2qFf4RI!SUKvGG$|BkPwrlq#PZQjy*i>u5r5^d3ssXidteZ+o+
z!SyV~slKx#?eBCv`DLB2j6>;zrnG`tb7MN0eYqGR=Q}a04}md3ugG%%T;EPK4V8x<
z+$Uktl1Y1uFF$K2aM~#qX-^BR8HJuQVQ%uA)U-5_qn9US5}7vipz@JflPVF;%#<2p
z+YYwrQ<&Y&mv3l*19mrgq79z|z6F4tf|c#!HOQbIVQZT|H<3*X)bl$QHX<@IGUgWF
zZt~2T&Eq7UEEpJKviQ_|q5&nNSb8>uD`(-&BP?eq<x1Pb$z|Oka>gmKFR=^`hV6X~
zW16<#9tDm8V0N1F;LQ^|;Et-_B+Vvu5}}Y07xF$rdwzl^m?3mR)~T#?2kkO7HI*K{
zgMdwL=KxaT)Z6G!D8hj2DC3P{7_5+ubaK%;B4TR2%p?<=4OgyhF@(3Sr{mk4pf)QK
z^zefw<p+6APN{Lk^)rbZOe6HZ?1<WE6CRI8KwotiFSdnw76M!jWU*yWv!HPt!pp;j
zxOX&VHs<jq{pQwI!idoVjr4>QJp4iSvf5gJunL)j_;@5z=*y*D+61b@<#H#?iX7t*
z+p}tLFoq0@cR)V5m2MqKaVEAoye6w53WiuB$-B@1=x^hN2KD`yH9Qn&QH1AFfl4&D
z!Ve)+|3c8m3K>Z^vWs?0PIjIzGv2B!a%}%ff&Y2xy>$6<bI?;mLqln`4TL@P92_p?
zp17{VNM{lL(`lXAbc3UFQb4D92-(pIGr|}r*FOvUVu5jTFCBZzEH>L5;JuEQx5>RK
zC$vD@t%^dZRZIIx53MC4f%$CJv$DOe+53VvcIEMokD-KZ*KP;D<t+sRt0n|Qo#iz=
zy39-tnF34`35VFs?7X+6dlj1CGz!`6WZg;~w^@ni7<A2y#q$7*qd1|BF+2Q{e6k0h
zZ$YWqu7$3ii3x@D8g7}nV2PELRW55Pa73~KM>gi|9fXV2N72DBV1j<793OBP&#zk%
zrX}D^p{kB^fLxeUb~|_`Bx<FM_2{W(=E68GJ<fuuxdV4ltu=SJbGdD?1%-eMx=1lx
zjAyz8Q_O!6n!7X#vB_8z(q1DX)ME{uZ#F|vRP(N>5!s_)qY#OA@~Q~Dju2@3IUQOa
ziWdYVx7gP=y{^s;`cr|)&V|Io9C)?*VWTezOq}d+9_pXH?X~8%wuVr5e0r<QOVN9b
z^teQH_o}iL_5|Gb2n{oFow^LV%wENq1mc1g)LC7iIM~&Ff%KfU;MIE?RS5G)1uc7?
zk{(W@&_!5}+mfQLS+efI*{{V<Nr@T3=HlS9t5A6O%a(tO8js5hX*6|>;!W@0ea&)b
zXIO4-F4NiB6vWj0y`$Nvcd-r}CpvL_8R}=CTF{I``&o4;{fD<=IvrS)bNI7*b25KC
zIiRAZUCmcuuYP6S&~Qt7BTG+<=FHUHY+6bBV@j)b{I@+?K$3kjGn7yy!6{7wLm73|
zY51q7i7L!2D_<%$Nl8Aw2O#!fyO%%P?9-DE2^G<4`}2U`&d+mc0*g+W#Ce!8+&)Pw
zh*n8(X&Co&Q#O;}f`PWp=G405@J}nz;2XDZ8%xE>u#En%$bZ!$@6`=_Ed2Dpi*8cG
NYXR5Ot->`V^<QO=dcObw

literal 0
HcmV?d00001

diff --git a/docs/security/trust/index.md b/docs/security/trust/index.md
new file mode 100644
index 00000000..8f596932
--- /dev/null
+++ b/docs/security/trust/index.md
@@ -0,0 +1,21 @@
+<!--[metadata]>
++++
+title = "Use trusted images"
+description = "Use trusted images"
+keywords = ["trust, security, docker,  index"]
+[menu.main]
+identifier="smn_content_trust"
+parent= "smn_secure_docker"
+weight=4
++++
+<![end-metadata]-->
+
+# Use trusted images
+
+The following topics are available:
+
+* [Content trust in Docker](content_trust.md)
+* [Manage keys for content trust](trust_key_mng.md)
+* [Automation with content trust](trust_automation.md)
+* [Delegations for content trust](trust_delegation.md)
+* [Play in a content trust sandbox](trust_sandbox.md)
diff --git a/docs/security/trust/trust_automation.md b/docs/security/trust/trust_automation.md
new file mode 100644
index 00000000..1b3d4564
--- /dev/null
+++ b/docs/security/trust/trust_automation.md
@@ -0,0 +1,80 @@
+<!--[metadata]>
++++
+title = "Automation with content trust"
+description = "Automating content push pulls with trust"
+keywords = ["trust, security, docker,  documentation, automation"]
+[menu.main]
+parent= "smn_content_trust"
++++
+<![end-metadata]-->
+
+# Automation with content trust
+
+Your automation systems that pull or build images can also work with trust. Any automation environment must set `DOCKER_TRUST_ENABLED` either manually or in in a scripted fashion before processing images.
+
+## Bypass requests for passphrases
+
+To allow tools to wrap docker and push trusted content, there are two
+environment variables that allow you to provide the passphrases without an
+expect script, or typing them in:
+
+ - `DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE`
+ - `DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE`
+
+Docker attempts to use the contents of these environment variables as passphrase
+for the keys. For example, an image publisher can export the repository `target`
+and `snapshot` passphrases:
+
+```bash
+$  export DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE="u7pEQcGoebUHm6LHe6"
+$  export DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE="l7pEQcTKJjUHm6Lpe4"
+```
+
+Then, when pushing a new tag the Docker client does not request these values but signs automatically:
+
+```bash
+$  docker push docker/trusttest:latest
+The push refers to a repository [docker.io/docker/trusttest] (len: 1)
+a9539b34a6ab: Image already exists
+b3dbab3810fc: Image already exists
+latest: digest: sha256:d149ab53f871 size: 3355
+Signing and pushing trust metadata
+```
+
+## Building with content trust
+
+You can also build with content trust. Before running the `docker build` command, you should set the environment variable `DOCKER_CONTENT_TRUST` either manually or in in a scripted fashion. Consider the simple Dockerfile below.
+
+```Dockerfile
+FROM docker/trusttest:latest
+RUN echo
+```
+
+The `FROM` tag is pulling a signed image. You cannot build an image that has a
+`FROM` that is not either present locally or signed. Given that content trust
+data exists for the tag `latest`, the following build should succeed:
+
+```bash
+$  docker build -t docker/trusttest:testing .
+Using default tag: latest
+latest: Pulling from docker/trusttest
+
+b3dbab3810fc: Pull complete
+a9539b34a6ab: Pull complete
+Digest: sha256:d149ab53f871
+```
+
+If content trust is enabled, building from a Dockerfile that relies on tag without trust data, causes the build command to fail:
+
+```bash
+$  docker build -t docker/trusttest:testing .
+unable to process Dockerfile: No trust data for notrust
+```
+
+## Related information
+
+* [Content trust in Docker](content_trust.md)
+* [Manage keys for content trust](trust_key_mng.md)
+* [Delegations for content trust](trust_delegation.md)
+* [Play in a content trust sandbox](trust_sandbox.md)
+
diff --git a/docs/security/trust/trust_delegation.md b/docs/security/trust/trust_delegation.md
new file mode 100644
index 00000000..ac803bc9
--- /dev/null
+++ b/docs/security/trust/trust_delegation.md
@@ -0,0 +1,226 @@
+<!--[metadata]>
++++
+title = "Delegations for content trust"
+description = "Delegations for content trust"
+keywords = ["trust, security, delegations, keys, repository"]
+[menu.main]
+parent= "smn_content_trust"
++++
+<![end-metadata]-->
+
+# Delegations for content trust
+
+Docker Engine supports the usage of the `targets/releases` delegation as the
+canonical source of a trusted image tag.
+
+Using this delegation allows you to collaborate with other publishers without
+sharing your repository key (a combination of your targets and snapshot keys -
+please see "[Manage keys for content trust](trust_key_mng.md)" for more information).
+A collaborator can keep their own delegation key private.
+
+The `targest/releases` delegation is currently an optional feature - in order
+to set up delegations, you must use the Notary CLI:
+
+1. [Download the client](https://github.com/docker/notary/releases) and ensure that it is
+available on your path
+
+2. Create a configuration file at `~/.notary/config.json` with the following content:
+
+	```
+	{
+	  "trust_dir" : "~/.docker/trust",
+	  "remote_server": {
+	    "url": "https://notary.docker.io"
+	  }
+	}
+	```
+
+	This tells Notary where the Docker Content Trust data is stored, and to use the
+	Notary server used for images in Docker Hub.
+
+For more detailed information about how to use Notary outside of the default
+Docker Content Trust use cases, please refer to the
+[the Notary CLI documentation](https://docs.docker.com/notary/getting_started/).
+
+Note that when publishing and listing delegation changes using the Notary client,
+your Docker Hub credentials are required.
+
+## Generating delegation keys
+
+Your collaborator needs to generate a private key (either RSA or ECDSA)
+and give you the public key so that you can add it to the `targets/releases`
+delegation.
+
+The easiest way to for them to generate these keys is with OpenSSL.
+Here is an example of how to generate a 2048-bit RSA portion key (all RSA keys
+must be at least 2048 bits):
+
+```
+$ opensl genrsa -out delegation.key 2048
+Generating RSA private key, 2048 bit long modulus
+....................................................+++
+............+++
+e is 65537 (0x10001)
+
+```
+
+They should keep `delegation.key` private - this is what they will use to sign
+tags.
+
+Then they need to generate a x509 certificate containing the public key, which is
+what they will give to you.  Here is the command to generate a CSR (certificate
+signing request):
+
+```
+$ openssl req -new -sha256 -key delegation.key -out delegation.csr
+```
+
+Then they can send it to whichever CA you trust to sign certificates, or they
+can self-sign the certificate (in this example, creating a certificate that is
+valid for 1 year):
+
+```
+$ openssl x509 -req -days 365 -in delegation.csr -signkey delegation.key -out delegation.crt
+```
+
+Then they need to give you `delegation.crt`, whether it is self-signed or signed
+by a CA.
+
+## Adding a delegation key to an existing repository
+
+If your repository was created using a version of Docker Engine prior to 1.11,
+then before adding any delegations, you should rotate the snapshot key to the server
+so that collaborators will not require your snapshot key to sign and publish tags:
+
+```
+$ notary key rotate docker.io/<username>/<imagename> snapshot -r
+```
+
+This tells Notary to rotate a key for your particular image repository - note that
+you must include the `docker.io/` prefix.  `snapshot -r` specifies that you want
+to rotate the snapshot key specifically, and you want the server to manage it (`-r`
+stands for "remote").
+
+When adding a delegation, your must acquire
+[the PEM-encoded x509 certificate with the public key](#generating-delegation-keys)
+of the collaborator you wish to delegate to.
+
+Assuming you have the certificate `delegation.crt`, you can add a delegation
+for this user and then publish the delegation change:
+
+```
+$ notary delegation add docker.io/<username>/<imagename> targets/releases delegation.crt --all-paths
+$ notary publish docker.io/<username>/<imagename>
+```
+
+The preceding example illustrates a request to add the delegation
+`targets/releases` to the image repository, if it doesn't exist.  Be sure to use
+`targets/releases` - Notary supports multiple delegation roles, so if you mistype
+the delegation name, the Notary CLI will not error.  However, Docker Engine
+supports reading only from `targets/releases`.
+
+It also adds the collaborator's public key to the delegation, enabling them to sign
+the `targets/releases` delegation so long as they have the private key corresponding
+to this public key.  The `--all-paths` flags tells Notary not to restrict the tag
+names that can be signed into `targets/releases`, which we highly recommend for
+`targets/releases`.
+
+Publishing the changes tells the server about the changes to the `targets/releases`
+delegation.
+
+After publishing, view the delegation information to ensure that you correctly added
+the keys to `targets/releases`:
+
+```
+$ notary delegation list docker.io/<username>/<imagename>
+
+      ROLE               PATHS                                   KEY IDS                                THRESHOLD
+---------------------------------------------------------------------------------------------------------------
+  targets/releases   "" <all paths>  729c7094a8210fd1e780e7b17b7bb55c9a28a48b871b07f65d97baf93898523a   1
+```
+
+You can see the `targets/releases` with its paths and the key ID you just added.
+
+Notary currently does not map collaborators names to keys, so we recommend
+that you add and list delegation keys one at a time, and keep a mapping of the key
+IDs to collaborators yourself should you need to remove a collaborator.
+
+## Removing a delegation key from an existing repository
+
+To revoke a collaborator's permission to sign tags for your image repository, you must
+know the IDs of their keys, because you need to remove their keys from the
+`targets/releases` delegation.
+
+```
+$ notary delegation remove docker.io/<username>/<imagename> targets/releases 729c7094a8210fd1e780e7b17b7bb55c9a28a48b871b07f65d97baf93898523a
+
+Removal of delegation role targets/releases with keys [729c7094a8210fd1e780e7b17b7bb55c9a28a48b871b07f65d97baf93898523a], to repository "docker.io/<username>/<imagename>" staged for next publish.
+```
+
+The revocation will take effect as soon as you publish:
+
+```
+$ notary publish docker.io/<username>/<imagename>
+```
+
+Note that by removing all the keys from the `targets/releases` delegation, the
+delegation (and any tags that are signed into it) is removed.  That means that
+these tags will all be deleted, and you may end up with older, legacy tags that
+were signed directly by the targets key.
+
+## Removing the `targets/releases` delegation entirely from a repository
+
+If you've decided that delegations aren't for you, you can delete the
+`targets/releases` delegation entirely. This also removes all the tags that
+are currently in `targets/releases`, however, and you may end up with older,
+legacy tags that were signed directly by the targets key.
+
+To delete the `targets/releases` delegation:
+
+```
+$ notary delegation remove docker.io/<username>/<imagename> targets/releases
+
+Are you sure you want to remove all data for this delegation? (yes/no)
+yes
+
+Forced removal (including all keys and paths) of delegation role targets/releases to repository "docker.io/<username>/<imagename>" staged for next publish.
+
+$ notary publish docker.io/<username>/<imagename>
+```
+
+## Pushing trusted data as a collaborator
+
+As a collaborator with a private key that has been added to a repository's
+`targets/releases` delegation, you need to import the private key that you
+generated into Content Trust.
+
+To do so, you can run:
+
+```
+$ notary key import delegation.key --role user
+```
+
+where `delegation.key` is the file containing your PEM-encoded private key.
+
+After you have done so, running `docker push` on any repository that
+includes your key in the `targets/releases` delegation will automatically sign
+tags using this imported key.
+
+## `docker push` behavior
+
+When running `docker push` with Docker Content Trust, Docker Engine
+will attempt to sign and push with the `targets/releases` delegation if it exists.
+If it does not, the targets key will be used to sign the tag, if the key is available.
+
+## `docker pull` and `docker build` behavior
+
+When running `docker pull` or `docker build` with Docker Content Trust, Docker
+Engine will pull tags only signed by the `targets/releases` delegation role or
+the legacy tags that were signed directly with the `targets` key.
+
+## Related information
+
+* [Content trust in Docker](content_trust.md)
+* [Manage keys for content trust](trust_key_mng.md)
+* [Automation with content trust](trust_automation.md)
+* [Play in a content trust sandbox](trust_sandbox.md)
diff --git a/docs/security/trust/trust_key_mng.md b/docs/security/trust/trust_key_mng.md
new file mode 100644
index 00000000..c15b84ba
--- /dev/null
+++ b/docs/security/trust/trust_key_mng.md
@@ -0,0 +1,90 @@
+<!--[metadata]>
++++
+title = "Manage keys for content trust"
+description = "Manage keys for content trust"
+keywords = ["trust, security, root,  keys, repository"]
+[menu.main]
+parent= "smn_content_trust"
++++
+<![end-metadata]-->
+
+# Manage keys for content trust
+
+Trust for an image tag is managed through the use of keys. Docker's content
+trust makes use of five different types of keys:
+
+| Key                 | Description                                                                                                                                                                                                                                                                                                                                                                         |
+|---------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| root key         | Root of content trust for a image tag. When content trust is enabled, you create the root key once. Also known as the offline key, because it should be kept offline. |
+| targets          | This key allows you to sign image tags, to manage delegations including delegated keys or permitted delegation paths. Also known as the repository key, since this key determines what tags can be signed into an image repository. |
+| snapshot         | This key signs the current collection of image tags, preventing mix and match attacks.
+| timestamp        | This key allows Docker image repositories to have freshness security guarantees without requiring periodic content refreshes on the client's side. |
+| delegation       | Delegation keys are optional tagging keys and allow you to delegate signing image tags to other publishers without having to share your targets key. |
+
+When doing a `docker push` with Content Trust enabled for the first time, the
+root, targets, snapshot, and timestamp keys are generated automatically for
+the image repository:
+
+- The root and targets key are generated and stored locally client-side.
+
+- The timestamp and snapshot keys are safely generated and stored in a signing server
+	that is deployed alongside the Docker registry. These keys are generated in a backend
+	service that isn't directly exposed to the internet and are encrypted at rest.
+
+Delegation keys are optional, and not generated as part of the normal `docker`
+workflow.  They need to be
+[manually generated and added to the repository](trust_delegation.md#generating-delegation-keys).
+
+Note: Prior to Docker Engine 1.11, the snapshot key was also generated and stored
+locally client-side. [Use the Notary CLI to manage your snapshot key locally
+again](https://docs.docker.com/notary/advanced_usage/#rotate-keys) for
+repositories created with newer versions of Docker.
+
+## Choosing a passphrase
+
+The passphrases you chose for both the root key and your repository key should
+be randomly generated and stored in a password manager.  Having the repository key
+allow users to sign image tags on a repository. Passphrases are used to encrypt
+your keys at rest and ensures that a lost laptop or an unintended backup doesn't
+put the private key material at risk.
+
+## Back up your keys
+
+All the Docker trust keys are stored encrypted using the passphrase you provide
+on creation. Even so, you should still take care of the location where you back them up.
+Good practice is to create two encrypted USB keys.
+
+It is very important that you backup your keys to a safe, secure location. Loss
+of the repository key is recoverable; loss of the root key is not.
+
+The Docker client stores the keys in the `~/.docker/trust/private` directory.
+Before backing them up, you should `tar` them into an archive:
+
+```bash
+$ umask 077; tar -zcvf private_keys_backup.tar.gz ~/.docker/trust/private; umask 022
+```
+
+## Lost keys
+
+If a publisher loses keys it means losing the ability to sign trusted content for
+your repositories.  If you lose a key, contact [Docker
+Support](https://support.docker.com) (support@docker.com) to reset the repository
+state.
+
+This loss also requires **manual intervention** from every consumer that pulled
+the tagged image prior to the loss. Image consumers would get an error for
+content that they already downloaded:
+
+```
+could not validate the path to a trusted root: failed to validate data with current trusted certificates
+```
+
+To correct this, they need to download a new image tag with that is signed with
+the new key.
+
+## Related information
+
+* [Content trust in Docker](content_trust.md)
+* [Automation with content trust](trust_automation.md)
+* [Delegations for content trust](trust_delegation.md)
+* [Play in a content trust sandbox](trust_sandbox.md)
diff --git a/docs/security/trust/trust_sandbox.md b/docs/security/trust/trust_sandbox.md
new file mode 100644
index 00000000..af056728
--- /dev/null
+++ b/docs/security/trust/trust_sandbox.md
@@ -0,0 +1,331 @@
+<!--[metadata]>
++++
+title = "Play in a content trust sandbox"
+description = "Play in a trust sandbox"
+keywords = ["trust, security, root,  keys, repository, sandbox"]
+[menu.main]
+parent= "smn_content_trust"
++++
+<![end-metadata]-->
+
+# Play in a content trust sandbox
+
+This page explains how to set up and use a sandbox for experimenting with trust.
+The sandbox allows you to configure and try trust operations locally without
+impacting your production images.
+
+Before working through this sandbox, you should have read through the [trust
+overview](content_trust.md).
+
+### Prerequisites
+
+These instructions assume you are running in Linux or Mac OS X. You can run
+this sandbox on a local machine or on a virtual machine. You will need to
+have `sudo` privileges on your local machine or in the VM.
+
+This sandbox requires you to install two Docker tools: Docker Engine and Docker
+Compose. To install the Docker Engine, choose from the [list of supported
+platforms](../../installation/index.md). To install Docker Compose, see the
+[detailed instructions here](https://docs.docker.com/compose/install/).
+
+Finally, you'll need to have `git` installed on your local system or VM.
+
+## What is in the sandbox?
+
+If you are just using trust out-of-the-box you only need your Docker Engine
+client and access to the Docker hub. The sandbox mimics a
+production trust environment, and requires these additional components:
+
+| Container       | Description                                                                                                                                 |
+|-----------------|---------------------------------------------------------------------------------------------------------------------------------------------|
+| notarysandbox  | A container with the latest version of Docker Engine and with some preconfigured certifications. This is your sandbox where you can use the `docker` client to test trust operations. |
+| Registry server | A local registry service.                                                                                                                 |
+| Notary server   | The service that does all the heavy-lifting of managing trust                                                                               |
+| Notary signer   | A service that ensures that your keys are secure.                                                                                           |
+| MySQL           | The database where all of the trust information will be stored                                                                              |
+
+The sandbox uses the Docker daemon on your local system. Within the `notarysandbox`
+you interact with a local registry rather than the Docker Hub. This means
+your everyday image repositories are not used. They are protected while you play.
+
+When you play in the sandbox, you'll also create root and repository keys. The
+sandbox is configured to store all the keys and files inside the `notarysandbox`
+container. Since the keys you create in the sandbox are for play only,
+destroying the container destroys them as well.
+
+
+## Build the sandbox
+
+In this section, you build the Docker components for your trust sandbox. If you
+work exclusively with the Docker Hub, you would not need with these components.
+They are built into the Docker Hub for you. For the sandbox, however, you must
+build your own entire, mock production environment and registry.
+
+### Configure /etc/hosts
+
+The sandbox' `notaryserver` and `sandboxregistry` run on your local server. The
+client inside the `notarysandbox` container connects to them over your network.
+So, you'll need an entry for both the servers in your local `/etc/hosts` file.
+
+1. Add an entry for the `notaryserver` to `/etc/hosts`.
+
+        $ sudo sh -c 'echo "127.0.0.1 notaryserver" >> /etc/hosts'
+
+2. Add an entry for the `sandboxregistry` to `/etc/hosts`.
+
+        $ sudo sh -c 'echo "127.0.0.1 sandboxregistry" >> /etc/hosts'
+
+
+### Build the notarytest image
+
+1. Create a `notarytest` directory on your system.
+
+        $ mkdir notarysandbox
+
+2. Change into your `notarysandbox` directory.
+
+        $ cd notarysandbox
+
+3. Create a `notarytest` directory then change into that.
+
+        $ mkdir notarytest
+        $ cd notarytest
+
+4. Create a filed called `Dockerfile` with your favorite editor.
+
+5. Add the following to the new file.
+
+        FROM debian:jessie
+
+        ADD https://master.dockerproject.org/linux/amd64/docker /usr/bin/docker
+        RUN chmod +x /usr/bin/docker \
+          && apt-get update \
+          && apt-get install -y \
+          tree \
+          vim \
+          git \
+          ca-certificates \
+          --no-install-recommends
+
+        WORKDIR /root
+        RUN git clone -b trust-sandbox https://github.com/docker/notary.git
+        RUN cp /root/notary/fixtures/root-ca.crt /usr/local/share/ca-certificates/root-ca.crt
+        RUN update-ca-certificates
+
+        ENTRYPOINT ["bash"]
+
+6. Save and close the file.
+
+7. Build the testing container.
+
+        $ docker build -t notarysandbox .
+        Sending build context to Docker daemon 2.048 kB
+        Step 1 : FROM debian:jessie
+         ...
+         Successfully built 5683f17e9d72
+
+
+### Build and start up the trust servers
+
+In this step, you get the source code for your notary and registry services.
+Then, you'll use Docker Compose to build and start them on your local system.
+
+1. Change to back to the root of your  `notarysandbox` directory.
+
+        $ cd notarysandbox
+
+2. Clone the `notary` project.
+
+          $ git clone -b trust-sandbox https://github.com/docker/notary.git
+
+3. Clone the `distribution` project.
+
+        $ git clone https://github.com/docker/distribution.git
+
+4. Change to the `notary` project directory.
+
+        $ cd notary
+
+   The directory contains a `docker-compose` file that you'll use to run a
+   notary server together with a notary signer and the corresponding MySQL
+   databases. The databases store the trust information for an image.
+
+5. Build the server images.
+
+        $  docker-compose build
+
+    The first time you run this, the build takes some time.
+
+6. Run the server containers on your local system.
+
+        $ docker-compose up -d
+
+    Once the trust services are up, you'll setup a local version of the Docker
+    Registry v2.
+
+7. Change to the `notarysandbox/distribution` directory.
+
+8. Build the `sandboxregistry` server.
+
+        $ docker build -t sandboxregistry .
+
+9. Start the `sandboxregistry` server running.
+
+        $ docker run -p 5000:5000 --name sandboxregistry sandboxregistry &
+
+## Playing in the sandbox
+
+Now that everything is setup, you can go into your `notarysandbox` container and
+start testing Docker content trust.
+
+
+### Start the notarysandbox container
+
+In this procedure, you start the `notarysandbox` and link it to the running
+`notary_notaryserver_1` and `sandboxregistry` containers. The links allow
+communication among the containers.
+
+```
+$ docker run -it -v /var/run/docker.sock:/var/run/docker.sock --link notary_notaryserver_1:notaryserver --link sandboxregistry:sandboxregistry notarysandbox
+root@0710762bb59a:/#
+```
+
+Mounting the `docker.sock` gives the `notarysandbox` access to the `docker`
+daemon on your host, while storing all the keys and files inside the sandbox
+container.  When you destroy the container, you destroy the "play" keys.
+
+### Test some trust operations
+
+Now, you'll pull some images.
+
+1. Download a `docker` image to test with.
+
+        # docker pull docker/trusttest
+        docker pull docker/trusttest
+        Using default tag: latest
+        latest: Pulling from docker/trusttest
+
+        b3dbab3810fc: Pull complete
+        a9539b34a6ab: Pull complete
+        Digest: sha256:d149ab53f8718e987c3a3024bb8aa0e2caadf6c0328f1d9d850b2a2a67f2819a
+        Status: Downloaded newer image for docker/trusttest:latest
+
+2. Tag it to be pushed to our sandbox registry:
+
+        # docker tag docker/trusttest sandboxregistry:5000/test/trusttest:latest
+
+3. Enable content trust.
+
+        # export DOCKER_CONTENT_TRUST=1
+
+4. Identify the trust server.
+
+        # export DOCKER_CONTENT_TRUST_SERVER=https://notaryserver:4443
+
+    This step is only necessary because the sandbox is using its own server.
+    Normally, if you are using the Docker Public Hub this step isn't necessary.
+
+5. Pull the test image.
+
+        # docker pull sandboxregistry:5000/test/trusttest
+        Using default tag: latest
+        no trust data available
+
+      You see an error, because this content doesn't exist on the `sandboxregistry` yet.
+
+6. Push the trusted image.
+
+        # docker push sandboxregistry:5000/test/trusttest:latest
+        The push refers to a repository [sandboxregistry:5000/test/trusttest] (len: 1)
+        a9539b34a6ab: Image successfully pushed
+        b3dbab3810fc: Image successfully pushed
+        latest: digest: sha256:1d871dcb16805f0604f10d31260e79c22070b35abc71a3d1e7ee54f1042c8c7c size: 3348
+        Signing and pushing trust metadata
+        You are about to create a new root signing key passphrase. This passphrase
+        will be used to protect the most sensitive key in your signing system. Please
+        choose a long, complex passphrase and be careful to keep the password and the
+        key file itself secure and backed up. It is highly recommended that you use a
+        password manager to generate the passphrase and keep it safe. There will be no
+        way to recover this key. You can find the key in your config directory.
+        Enter passphrase for new root key with id 8c69e04:
+        Repeat passphrase for new root key with id 8c69e04:
+        Enter passphrase for new repository key with id sandboxregistry:5000/test/trusttest (93c362a):
+        Repeat passphrase for new repository key with id sandboxregistry:5000/test/trusttest (93c362a):
+        Finished initializing "sandboxregistry:5000/test/trusttest"
+        latest: digest: sha256:d149ab53f8718e987c3a3024bb8aa0e2caadf6c0328f1d9d850b2a2a67f2819a size: 3355
+        Signing and pushing trust metadata
+
+7. Try pulling the image you just pushed:
+
+        # docker pull sandboxregistry:5000/test/trusttest
+        Using default tag: latest
+        Pull (1 of 1): sandboxregistry:5000/test/trusttest:latest@sha256:1d871dcb16805f0604f10d31260e79c22070b35abc71a3d1e7ee54f1042c8c7c
+        sha256:1d871dcb16805f0604f10d31260e79c22070b35abc71a3d1e7ee54f1042c8c7c: Pulling from test/trusttest
+        b3dbab3810fc: Already exists
+        a9539b34a6ab: Already exists
+        Digest: sha256:1d871dcb16805f0604f10d31260e79c22070b35abc71a3d1e7ee54f1042c8c7c
+        Status: Downloaded newer image for sandboxregistry:5000/test/trusttest@sha256:1d871dcb16805f0604f10d31260e79c22070b35abc71a3d1e7ee54f1042c8c7c
+        Tagging sandboxregistry:5000/test/trusttest@sha256:1d871dcb16805f0604f10d31260e79c22070b35abc71a3d1e7ee54f1042c8c7c as sandboxregistry:5000/test/trusttest:latest
+
+
+### Test with malicious images
+
+What happens when data is corrupted and you try to pull it when trust is
+enabled? In this section, you go into the `sandboxregistry` and tamper with some
+data. Then, you try and pull it.
+
+1. Leave the sandbox container running.
+
+2. Open a new bash terminal from your host into the `sandboxregistry`.
+
+        $ docker exec -it sandboxregistry bash
+        296db6068327#
+
+3. Change into the registry storage.
+
+    You'll need to provide the `sha` you received when you pushed the image.
+
+        # cd /var/lib/registry/docker/registry/v2/blobs/sha256/aa/aac0c133338db2b18ff054943cee3267fe50c75cdee969aed88b1992539ed042
+
+4. Add malicious data to one of the trusttest layers:
+
+        # echo "Malicious data" > data
+
+5. Got back to your sandbox terminal.
+
+6. List the trusttest image.
+
+        # docker images | grep trusttest
+        docker/trusttest                 latest              a9539b34a6ab        7 weeks ago         5.025 MB
+        sandboxregistry:5000/test/trusttest   latest              a9539b34a6ab        7 weeks ago         5.025 MB
+        sandboxregistry:5000/test/trusttest   <none>              a9539b34a6ab        7 weeks ago         5.025 MB
+
+7. Remove the `trusttest:latest` image.
+
+        # docker rmi -f a9539b34a6ab
+        Untagged: docker/trusttest:latest
+        Untagged: sandboxregistry:5000/test/trusttest:latest
+        Untagged: sandboxregistry:5000/test/trusttest@sha256:1d871dcb16805f0604f10d31260e79c22070b35abc71a3d1e7ee54f1042c8c7c
+        Deleted: a9539b34a6aba01d3942605dfe09ab821cd66abf3cf07755b0681f25ad81f675
+        Deleted: b3dbab3810fc299c21f0894d39a7952b363f14520c2f3d13443c669b63b6aa20
+
+8. Pull the image again.
+
+        # docker pull sandboxregistry:5000/test/trusttest
+        Using default tag: latest
+        ...
+        b3dbab3810fc: Verifying Checksum
+        a9539b34a6ab: Pulling fs layer
+        filesystem layer verification failed for digest sha256:aac0c133338db2b18ff054943cee3267fe50c75cdee969aed88b1992539ed042
+
+      You'll see the pull did not complete because the trust system was
+      unable to verify the image.
+
+## More play in the sandbox
+
+Now, that you have a full Docker content trust sandbox on your local system,
+feel free to play with it and see how it behaves. If you find any security
+issues with Docker, feel free to send us an email at <security@docker.com>.
+
+
+&nbsp;
diff --git a/docs/static_files/README.md b/docs/static_files/README.md
new file mode 100644
index 00000000..0b93167b
--- /dev/null
+++ b/docs/static_files/README.md
@@ -0,0 +1,17 @@
+<!--[metadata]>
++++
+draft = true
++++
+<![end-metadata]-->
+
+Static files dir
+================
+
+Files you put in /static_files/ will be copied to the web visible /_static/
+
+Be careful not to override pre-existing static files from the template.
+
+Generally, layout related files should go in the /theme directory.
+
+If you want to add images to your particular documentation page. Just put them next to
+your .rst source file and reference them relatively.
diff --git a/docs/static_files/contributors.png b/docs/static_files/contributors.png
new file mode 100644
index 0000000000000000000000000000000000000000..63c0a0c09b58bce2e1ade867760a937612934202
GIT binary patch
literal 23100
zcmb@OV{j(E_x888ZEbB^Tbp;=t!>=3ZQHint!;a2+qU)J@BCgqZ=W|wCYelTGH1?Q
z`J8JKt|%{o0E-Lz<HrvKDM?Y~A3s32{*9}kA^)}4-+v<ibs&z)62E@bOyi&a_#yN|
zN>o_Y4dhY>#tUQd@oOt3`ho<czZ)7xMiJNt!Q7hEid>OL|BKcJqN3Vxy$AhV?ax|X
zwP7_xdmcs=u4=&I4-7>PVT51Et0V?6adF`Fly>RguBKa_?u?$lQ0phh>{!;bJF?oY
zC)<v5?sbGHv%z?voDfg&|8nO!3LX1RgZ%%W5VErG{i_Ladf3R1NaZUE{Sp5I%+~bM
z!~VRFKI2%YZTTHCJx`^<QOG~Qagsf9-NKgAtsA6RlKle{E2D$03yqUgV%^PWTvme#
zUN8jZxxRwazM=7!=6vxSAO8;xtU$|Zyq7uN7IsQh#F2S3!%jwE<RvkZ7+ZahVj1-d
zSS)07Ak8`8q6i<z1*}?#D82eX*!qP3lZbH9Ek~x)%N}iac}9IWv#?6%7MR>U*RkjI
zsZ{9ymFQPP=Ffni?-C9P+OC9;+m(1`#sifR2o?cG#SMq<7^FFga@MBPTZc}}8{OtP
z!CXnufoQzjhXU6pDu?FO?q?N~x)gG+s5_)nwFPTwBYb7~CibK72sE%1)SrJd^${!^
zEHw&Dtkf^i4vaU^uU^}gy=)4@H#0a?oWg*dF~t!rx~8uPt`)MO;*-1xScpDwk8Yd6
zV|oWAE&v<#MZbeL_k~-u+`8|Wmvs+s;S27<SU^P!SeIGPa-hQVCA`De-3k6>t7f}(
zmXlHcCaBX3IF<@+Er8_&TT#hEUm$9AWJhM+a2DG>$2af5AN|C9xfYFRFuLL?G1+^h
z)!T!@8{JnMuGS?na}ca1a>7RB3N7|6Ju30;Ef@hw{DK01K4-F7z?<viMn;B!ZzJM*
zClA&xSz93_X|318zEgf84#YA}Y1)E;*6A&;I_LUcfPo+r$Tz=N(IW4skMEx<odaLC
z*Q{(Q5^?NB72;(M)?T6jjN-iX5w3x89$@a?EK|l!HAl)#t6?EMl-IYn&QD({>2a1d
z6xYB&;G|Ie<*=I5*<4$#T&O(X^Lx-a9hgg%5-@!cNcW>GOGntHUgUcesfkwoDU2}(
zp^XvJc&>8m=-3u88Wgay@j*@{{4f45)4=9Jiy38dDa1naT<3nu?&eE&0d1Rn`W{JW
z+U8LtqZPyYp%!)zg2B{3Lbkcu{ZEP<^T>cg)(%UgkghgLTC7~CpI^-|9klpVyAWH7
zHV%sv1WpJwWSw3XfkAq0r09b)a@xX9bKHO9xrn_r-#E&xkbhxq3~^b?MMfTMrD`?h
zS1|01CL;=KT9+@O+wU!YZtx6RE#mF=ft=3IwPZU@AV(b-C>&!>dN-kzGwftdTF&rd
zV2HwHnX$g0Btk=EJ0UuWB9?h;sVo?F6sphY7i^nLa<MG{miHzJ;-Ru@<Um@pZI<Ax
zQMJ|(2WszPFNDTN&Ve_w)E}Q6Mh7-6yUkXHS=|iu@8b8*cEd+iiW>qx;0#|-1_NIN
znQ=;!ID#{lTECe0DwM(&vRwJD*)Gz$_3@es`+CpqM7Q%IYfT1VZ34@S>|}^$zHlkX
zqF8IhE*z}@E5)`|)vYmMV8Fuuwl#g)M;dnrznCsx^)FDd&2BGw3%jIv9)+lZGfX0)
zYXR{+(nD1^wvq>61Pi@=cYUqu1fPu({)DXZT}E*gsEJb65~g}4&2#wpn~EreB`Aiq
zg7Pbi@B7eVz2$nQVzSKlXewM|_q0II6N#6^m%zv+)CQ#e{aek6h^j*oSezfg@@E<G
zW%&5h&KP(Iw!BtUlrkxi?TV0;j^CryykC+;otLA0L(8x=fAk?Wo`EyXFHAk$ntky1
z26xFR1`9Ol>S8MT<mw;qON`?9%E0>#Kt;stN<x76H-6|d!7!tEDEpIA?E_%_%DJH{
z%c*NaXMR)&{7zIi+YKp<Kps5HvtAercpwf%Tqk1w6DV;RUZuwFfg8vuq4#`454}(1
zj_<hVcmE18y|nVj?6ES9E#d0I$s(7{ip0fu%zRMFB;C!k&*?FzkBLyBvmKY4{iQYa
zQZIb0uHp5sIG@M5Q`LsvsL`vAvC-yuFgEqo-9`zccHyGTRCiAOBHPwC=|_9-%mtL7
z;A#Le>sM)7<|y0gZ}3|BfisAPKfpssv+PnM%1VQY)$rhkVcvBn)CNqo=Dw6JxNoo5
z+?S)IhN;I!PR9W}TV0%Cg%P|=Rwc*vuJcWXX}&i%Q7k8eY_YQNJh(%Oe)&`@<6og9
zh)NBcA`1moGJ-+ovIx@i7-yFFK0~yQnAM8Sr9^6XuoX!AbC?P$q2~6iiAfl=nAEpt
ztl<$HhP=f;xkH2R(?;rl($kw#&`v9rb%-xrT#kQOtTDMAWxbBS4HQeav)Z{pn`{*f
zNzch%el?n$o;f<FUQVyME9TL~grfFncrH1&u#o}sy;PVe0d+JG<Mo5%2G)C7CeqDN
zM405IG-Hvb6_-Pe7_xHN95(SD-BfZRWzH>}o{1b;5TUzc)DubRG<JJQ&f5UHj!K_P
zOGfVviv((o(QAks+!nLeG0Gy&7J2I;<8xlzTN7SwMs53*b%0*-xM^wiU!RYPzjHn>
z_P6s%V$>GskUzg(#JC12ZBkjI>s2sl+{Py{-jh`1@wQ-7m7=K;DQA=*epw=LFrIgt
zbYj&O@gA1R^a2EOt0z<MFpC$pnk#vdJz=>3ZbP);;o)nTj2r^hI#QW~6(^`bRt$iy
zl()J$C_Q(fa_hBYvjNUJAg)_uN(5Yc^KwcJf^P4KI#lO(yt;Dt%5_C^SN+!I$*8R(
z9M?!Cjh>#_`&aK}=msRvaedcGO2XFZhr>Gl8X2nHL0P#*@kV6U<iJXgCuR3aT0~nd
z-AEx`s?l|Xx0}Tvhi0ug#ri!WCWA()xCWe|JWs7yR;M3pFy(^!ODs9#-cNew!|v`;
zt@{WM`cF|33Q^DXYUyg!Lb(yQ*QZKsa2DC@Kr6_$;ZdIxISi$;I5_YHKyyk($oDP(
ztS=QmRuQ~7`V@|%VE6L?P8!oMFJ(9-2D0ndd8YB-O^%dEx4%$_AFDs4p72-_mi+=y
zP4`fuoG2P%o(NYWZScy+>ApxH+v_8;{N_M0Pl$r%yaDSqn6uqqIJBFa=5ojh-~A-^
zPmeoEHRJI_JUY^dNhY?vAL@v^rHqsPz1_@V2OKVYs(b?9_I#N5q3U0Chzi|5KU0n>
zRmfWd!I0N3rM@IH1c^x0U4q4o!Kk0L38x(yTR!)X$*8xmmY-}#7eIVJZkfXzV88`x
z!$Al&+Ttx~wK}v8dyHMT_ubr=!e}@<74}62y?&~Oka<!i?_F2!VeZ!ir%b+XKf=}2
zb#-~wP0=>F>|qt<k8x$Hh(x$}OMz!e@*6~7u-A=%#j209{!9LiEKpV89A3N061%?7
zn{Jj>=A81dXQ63s+)pM>@<@++StGdv_h{M{^*6(4wSA?L&`h(vdvy=jjQhB$s3~ob
z3Y`hzC%|P0cDQR_1}PGC$1c0J>5p^z_2l~T?oQ@{K_oKU9b&I1Oyd<(gP?o$^i(oi
z9e5d7eY~#v%EB)Gf-*+X+6%$qZ+Vc+9vrd(yTQ-(`<we8WAO*8E|=1tUyPt~6qrGd
z^{#MS+_O^0z2y5se@!_365-w6hN-4$u7pgFP%gF`aAXK&2CZq>=Y7~>G&eQq3jTPK
z?+SNz?L*%+JQ<Bufls>aLZ}9TlRVYrGKEHC-v<V-Bqj$=@>eo<>48F+QB1OX_b-y1
ziFZCun;tAP&7Y0IJMx=&mUN}<`z*`t?N2aY?vk(MCdW=@(=uNkl~T80k&p~)NiMJI
z_V}mOu+X9?basLL{_S~lM#kyDMHEU41?1ZZYu1zXWaw)kUC>@9r_yDtAL81{(T__n
zc9AR&U8ZH_zL$h_w_(L9u3!zbOuU;*atF*!Dy$yc+6<QrofV0g5YAh=R?th5y+q8P
zC=7VM)r&&hM$%5~#q*%iB*OoCOsXb#_^iFFI<H^ONrY#aKO5h6XXJ02+x=}Lv4Kxc
zua!xClVu!t@GmuK{bn8+FwmsH*6ysBbE&m#Dn&~*;(b0?M71?^@=nVvtG;3k&`RDH
z%U+{~676lP{E8eGd2VvC*Do}6fpy1^Nayx}y~c??Ly_V*V3LCYMJ6N+CwAp@;rJ7k
zF|!J)0UCgUfwMIEl<F~VOF_5}>j<Rj_`%U2`1Ta-($d%bji6y@=GRc>HptGZq~HnX
z=%6U+11T1-&TdgZrFtxrFlCioFmWS8XF@Re;1RY?ajff%ePKRjy6$9|i_b(x*Us2^
z%v;$!7$sR!p8U~Ig?=`jzhrjarKGU>D6stp{3uUyIHUa{YK?X8$H#H%cXf^v!fhH`
zd1;q$Ji0XkZSz3MoDGoRY4Hr<oC=?c{~qIrVKdC)UIn<^TVZJ>VPP`SD6+hx8B*&}
z^G~lwg9($F&bIPYuHK!?;+*1Yn|Z8zXgMP~u^^s+)+BZTyV`i5c+jAnK$g?Dnzz)l
z!Lp;k+7bS(+$`DHlDO2k6A{&JPK_#sC_IJ<_YZn9bCeXD@>Dj*oU~^Oipd|a)1j@@
zd9c!{Z-pq$UXCd0r8J=tRefM@qn=`a<zw^RX>PczYp}J#$p75w76m2L2&@gGH$xJ5
zEeP7RUtVAh)Jbl6Yn%30+Y`!kdZ6Ddopj|r8m7J_48skVI%iLci*%x^Cd%eekU|aJ
za?ga`snZG8h>&sMx#noLwhE~?*DOd#a%inn;Nbr3K6u?*D6_Fo4*LmTtgal6xQ1MT
z1fvmX5TVixN1@_b0Lk-qCbFQ0`YXFK?N{fmK3&ch^rVcuNO^sxWLHOilBqsU-<a~z
zRun*jua_osH0y2FV&F!9*ua?21;dDuo~Fv=JFW!M08@Y94!vqD&V)-V2iBEA_yQef
zF(bC|LYb;#OmGNRoT+TI7lt*3v<GAn`R7j508SGr$U78toUkYqoLseW6vGaUdp;36
z8kDuflHst!tBq~{eWC<lc<SYG2yCWn@{gPTIcI5BF^1tl!blcXGh|e5cW?B9l~L~p
zU5?#KU+=3F*&-VmCBHvG&{;K1HizTXFIl}C4i2<e^*Hy`i?O~KSG|D_3(enq4;gn?
zJ%4(GGkAS4)mWm%gEc+}o#-^Y2i@hPV#%T`$Z@a6yS5E>jY06u2G0xa-3$+X*yVJf
zI~UKD!|JODG?=<j>z?b#@%R)2H;3->;EB5UGT%k572IJ9H)t2rW?e7n=(GlVKcew~
zam>#q{bbEX(IZg%qh}Cl4};R|cEX^#^}ujEn3WWj-=VjnVqeB)6cZ?-M$xdb)@29m
z_ufV#<bv834_*Ia;7~{lub>^-1gmtJ^Qw-f{Jt@Nxv>aC+H%~G^2VgIo?1)MnmtZ}
zMI}6!Tkm&Pk-rA1eY&y+84IJ4bhZc&$fWF6YB3!}hD{c%cKVSh;!zx<eNKH;SuZ-8
z<r}(l>j<{8y5_Os6v6lFp|HsipZZq#_}(K94RQ%wcq;|?*27TE1D)R4-6exbOcEBS
z%I}n{D!QE7d_+oy%BWK3SY(;`3NWvBI}f5(w<3~H%jY>PW<++|`1Y_EEYv@E>|FBc
zEpBxzGto3zWkt7uWI}nDJG+c}F8AQ~ug--Ojkl2wf@lG&9pol}Z<vPx{eXWn#m?LT
zlsIqvhxr+)m3YKkV8&?>WNM?@aV(v^eFokThdqjox%^trPxl$6CuYbl8lGynbl3QZ
z3|b^N@NV8<$P)TW_=*|bTF4X13gK%)i)@oNh%DHS4h4+3@JM!lRU%NkrgpAinJg%p
z+qa_h@kz1s%DxKPs!HgY*4N}qhE0iueK!OWx3xwKQP`Z4B4pdmju_3Md8|mk`Cc%-
zYa;n2#lX}yK|c7mT#8@1TY&NeK9!hbYV>XS@%g{uU4GEo&kVQS{-E-?Vm3JG^W~1w
zC!8Ud-`K}PlWHPN#=i|nsxXIDk8;#r*=#3GY<<$9w%{2$LIH#tu`su(9oJAnqrfw4
z2B31CsqvQR1`u!wcRiVFFJY2QTH7mv&p0FCxRvc&4P`=p7FV06-O#rf*;`riR2Hen
z1j%}T=s42*hZN=hN?|AJ&QSw(pTM;uW#)&wuva7y%<ygyHRdbTd4C8RpG-ChK6OO!
z(~=ChX&t0*DC@C7`ZEUDl|=k=`hacnj(xHk{Woew%%w)XzJI$z<jy`}QotTV8LfX?
zPJ-%XuoIrPr@P8!S<dd~dwuiii<5%dqbAl>?`2<K>+T|(M%dx79#Xr6Tf5EQZneX5
z2P@~l%{-;BRK%8)Gnu9s`<n0U>b?a}EZWeWB*{-=kM>CA7vs}9+IoD&2L|&IVri>A
zKNu&oqw$OineM{b%a(ZL!=TMLe44hW;ClSgZtfDu-Ckdh>m0UO)UTQ@Xl*Q$Va9=y
zYRJ(y&SXiWT>*wDSF&~!19j1SQE(K74up4it=ZE9J4HVybMXT<Dj3BGZK3}06qlQX
zH7$%l4+KCer^jyHGO%d8*7bP379|7q<&=KGtO|oqdSqFG{|F53*+`DZ*P**9GS%|K
zTy(Bf(Bz1LW}=ryjUpcS>laII>#b~^2i^B{4k}n@Vpf23Wh$D#Ya#JXJ1Q_4S^<1(
zeBvx#7Lt$S{5mY>4LYSNp-JyPj)f8Nl!!>RiM{r~r><3RNmkoOaBJhV5071mB<0&6
zMBRb=79(1t*sG{m`7#2S)9&iuYS}3(U$hq&`iCd6TSvwqW)3;&U7<g6rY9;@Z>gCY
ztZY44JH#hvo7gqS=3590X!A|b)PoxmJw%j>qRjFM0gpSCK0d`;XEr16jPQ51fx8Pg
zHE3**?VgN+8{s;Q_Xwq`q**<!fv8r#M+w8P;X0zaVY8yM93p$Enhh`}Okmg**Zcc#
z_F(dQAbG63N~nimdR}tznI7W@3@vwqoAEvBLn1`E&H>R6L}YvGV~&d%YEcmsHyvkY
zEt;G0xi+_(@Rs;=y-^647=v$D^kx7XO*I#*?Q74^vu1pOSVT&eYe;;Oxm&_%3dS__
zs%gcJ3XFwo2WK^pr~YD5*6G0vbu;}Ccv>sPJ%&hyooMt)Hz$~RQ-kBPU~E=(0nT5-
z*v}0Xo%~=(jxL<ExvYQf81pK}wXOdt+*-{7muJ0}zNS6e4%<ESSC@!_zjOyo8E<xa
zkMiOT#!HjwgM2sYMNo)?Y+php8&qyVxa8AX{>#S-!KUQrk*}dD_O^<ksQXkesu2SP
zkCknxDL5t&xRqY?$(sv%mA?Z(%bH*|xQD28)9uMT29HRDyOuF@bjG7tC2Y({WGQsi
zP2~sRRKy3!+Y^+Lj0)Nl0LWK97C5>@{9r2LkwH7E;&WcsY42>R@ErHV8^YC=r?d?y
z>*o$s3jBT#2Z3Rk{rANUiw|L$fsL+2%4DGOYUPpKZ!Xq)d}v0d+p#`1{nQz1MVmSn
zXbTQX-<gG!`V+g4Zf|{=xBZ_R8_!fp^FIEUg(K$b0V|m7+Y%@(A4<A1gR(T1GH{LS
zm@?!@5XnEi#VGc!a-+HaApp6^k-J0TJ&Lfj@>;S(NfK1E?Wl2z>fVl6y?utRE&}W|
zt>AS>Z!PKGCJRwLEs}cqL*YqtkljsW9JNFS#gM8=6{@E6@B^8@6B!9?`;jdeM`S%w
z7^M2f#)~)POPrKF@TOaEl^(IqRJ8k?(rQ(%;~Q(pZdR4HzkM*}5A8#O!n%~$3ozAv
zSp+E~WuP?AMQIp{h5@4#!J%U9=W6_vmk|rQ*8a)Yg=UXWtl=)X*R))nDbE0{>1sC}
zi3b}oQ_gy-p*=7y;~8;*Vsg&o!(K(Tg(5S?F_9x;(dWg+nze~%qYVG1ZQCQ>BVrWm
zCgbrp@g<K$mf0Dtx22$7Et%;vlb%23@bHziVvn8%@w1P^;gCvy7MF@DxTOisKm}^9
zeHK5~?%a#7wo|ND`_4>}&O_i-eAkQAAU>aoZZ^LGi8+fz|Crw@SDpfkc0VWK?f3xG
zVYb*wPj2A$79(=&ksP?KY>3_)MNsFbgoZp(U=hmM+Z-J><AHAf+L_otChLp;7ef2p
z)665<`5&S;C;m^P3W=YN{Riy--^B;15J(njg(X$QBou%vfm*5UV7xYc46ETzlVm3)
z%JKqdw)sR~2tbe6VZ#P{Hw50&l0V~1`#x{W@}!>}%+69htY7X}bKOmOd1r0d^CYh6
zkBQB&5v1?nR$AD6KH2T(`_;hnHFoIV`AQ~JMXr4&^(BNg4G;8KIVsUIrMGCEUo`x6
zDB<C(fRCmU^+NP>TiM=|!;Z|H;4kAs?mR1Cv}yX6P#{-a6G)-w7F}HTsHYE0zx6AZ
z!wcPqXUs@YxXSGgBgcMApzWYs{(4;phk|>E#G{#kPjnc&jp8P5dRd#Io%cSDlzlng
z{AhE_^Fcf0^47L~W|bhx1W`NADQjZ9_^#>JJqLWyI}W-hkq0E6s__<1CfV(B6ozE(
zJLr?-k4))TjV@qH#IO}MH-XI7y14#Ng$jaCb!7|lCfvK)J|<KJy5IXt$gx$w1Ek2B
z>dCKLT$lWu_UI}E7S<=H?DX4tYo#>yf;}>4-2VQy4ce1x&>fn_cLn3eO&nO+_?;#i
zw3i(aEh-z&FG}jNXpcJU;%eNMLpxwuqSNXSh&yA&B<m`mlCGm;Qw!(*0==(PDtHUY
z@#o@JRG1?QKURJDqK^>CXUfAl5O1-lUi4G)SO^1AvJ8{+@GSRJ8mE(5q3!94h^DUc
zsr=a9_gw?$ad2Y1Y@1POPgkp0oBiG1WTnHx5?6|LX2{D)66f>f*Q3Vti0qrNAay}C
zh%T%?SuzH>n4f<2JNj@Wjs3myLa?dyJSMgBp~-2zxiruG5HA*A9SyZ3o746ncVyUB
zr9Z2*CPH<y?So$bHxG*EezMpY^>_g{xc5N=Ya$YwsAI4P-77_@D(ND{awAZNzpRC!
z(eUTAy7E#f%{`!3lImU=oT5I-2KlcfRe)kvr*)18JO<MoL|OW@6L^A?K<dwv-lE1K
z+<v=_$)6?=vmwF0prUR33RkFUbJ5*!<o44n!G0sjsuJrMuAV`R<<fVglzOGrivEJM
z@uB-kuaQ{P+AJcK4L7!5q$Xdo(XmpXbsH&?P@Tq{^QQ^GJUSym6yd#_UtIgR&((oJ
zYo%X?1rZ`@8eaZptjsRpB02Rj%-Khs))Q~&;k89%_OmWk9-?qp-Q*OYfv8PPj#@{Q
zl5QjfqTfRaP~v5m?T1WQGB|7yzHj=JBDE>{+_enyGJRD_@R}L2D0L**u?*Y(60`!x
z*<2sS(;}Aop9kT~WKM610cm6BTlwk|U+)<iGxZPjZbE(}W^zM2rwrh+US2no+A*w&
zK+DB_8vWkE+f``lsQ$v*qMf?<S!=K%)b*Q`282*BM`rW!j+Yu>g{D~&%Fsa_7j)V9
zo?I!D6`cW;n~ebDKfE{sc?|SEs}5vlp#k}p-i);>Y43kCC8f86fgaowdl#(exa?0o
zh;mM=3V@aE?LPTY5VR5d?CZ)Y&I{J5cCqeX&g?_gF^wg&Z)$WD;jO{K9ui@~H<vPO
zFvUrE^Rj~5%iU!;_ay&M4z7DrUiOGDTAPNS;E+$z40_H0i_6?IiQ`Lo1>dj^rxlpf
z9Eu+P3O8*wP{yh~-`VZhB!;)-!?ezM{Pkr_BHBZ{w@-!UOb)n_)TB0L@!R$q4^>Yg
zt;>bDoi{a{o7x`XuVpZjHDA2aLprmWWd^cfhex7inNuk%{<O_xLrALwfr^2{M~Oog
zRNb8D@lX7Y2mr<V2&`I>;BK<N`lP`}{{t<Exhqb?*C-ck6Y)P%35CGH8Y}58s=`A}
z6qG}S<%C=j2?)lk-TPOfSnqyc^kou59WL*eQwIACiBf%rAZKwW+u!GIHI1V<sXimn
zUw~Fq8!gc(2l1Bb*dG2q=V;~l3Rp9G{P2j$)0Z9*C=h;o#GRxl+EMDa>UkSPNRtEc
zza-iT|4qj1;R2f=m{ty%pat4qAxH1<*`I~r`uXQf{F}ZnzBbL?E6KIDEzbw}X@C#N
zQdK%vM`uA8FrT_Nivxp=Zrj&C^?O=byJN0h$xdf%M@MQoomvB}W=kX66ddBUe9fwD
zG=Zxh2c-bo4V|&ZKIM9n_)`^Ty5q0Y{YN~TufSD@@_r;b!8MEl1C}aHRpBKE{wkSQ
zIh=c10;>R|62RCSfNm0Bdl_HBR>{wi|HTtoJr1wc^QO{l4I2ukOO*7H?i;kX4S{t<
zenI9Nbr@Ll1HLM7Ht4ReF#qL6cn<oI{{a>M%m2(C;Tv5yk<x<O{${ii`_ZBDi;VO#
z@!l`<`kmEw{gdl%PUUv3XQ{yYz-p8>O#EznYgno$G%mvhivr%s5|O;3m_Q=d@j9rT
zYC=+-J@Z!C9qD2FHh!8p1Mia)oXnOOdd*t6GCNqwGR4HrC_&H^oZRR-sZgWwTbj=O
z!=0~J4*m{FBDybv(RiiULJ8M5fNf!2g8v?bZ9ywSvj^E(?KyeU8p$Pv#OBihHeBq)
zWMM6C$^-$WkbF$@6WfF0YWOJteJ?Pwzx{^{VYtxXU5*=%0mBuQ8=O4~|H7anp)cZ$
z0uTYL;eR|;CVIz(@DOTo^{H01+nVI=hAs;DwN^=jbnIcgOo&L};!2Nk`s%D$iVPGF
z-3Nh!pIPV&RqHb0$qkHq*0WJgKe|9$%vAx#?8&{GBxOOgn+v9$!DyXFq{9_l3}j&$
z&d&dVqCWK<R$){CV)<Op_(mvffAOP=_e3@ZAjBz|C~nZ>wqHlHG7)>D3`5}eCDySn
zn1R>NqJ45w@Wb40!u`1rM)>4RKIuutkTs+!SVgUV+BCcRHQkN{FkVj|Q}5MC3Mh6w
zHq@8pA&j~X?ks$7ZG;V$W1NkFy?v_E--yMa(qO^BJ-f7K&pn(Rd3$uAJfnvwb0_wR
zLyuKILd9@<arxL=+Tyxnp2+vgY~JH|AlyY7cb+uCGh7LYU#h(+!#>=@GNM{<jeI6m
zy=26_pTpb_o^4=$JEi{9&4(FTw!oipLtL}=Mfvlgd9Q1GJ9Jg1-1$q=p-LKX##i&y
zjD$n_SCf_Lau;tj)pOU^l;3nimK6lT0o2BpQm{6|HQ6!ML-X*CoS(k>qZd7Sk-u-9
z8hnG?8;2d;wu~z9aAgbkitRNa%9#yBeR4pCVMhb62fI@{!@pA3E5W?00%W?<-hTeb
zXnt3)qF=5{c=xt{7abojDU8~F!9~(O9G!-mPYuQUT>M+?0c<7J0kkeW8M@=vQEew(
z3Jk^Ooge`<)yUQmpGz!H$q;p`ONP!rxNL_Lq)f4PIn;yqOnsv6LK4(;LvT2{K9frj
zqBc@E=fP>%<KU?y-DYX6*IBX7XEm1F=_v(WxX>qJ!Ts7{?<dNH8OBch^E~h<XSUTh
z>Yn?EUC@MxFf87{&VU`;e1_+JXkqJ#_^!$Jz`(KuMcL7A4(R7Tr8loR1EJ1Z<stYt
z!)$IOJ4r9XaGCje@qyb$V?Vxtj8K>JcFSzl1rW%)Y)3T?Hh{Y+D`UZ25Hre|mZ)23
z=Wl5F(bAXYjh_;At^ar)a3P$^*^YQ8^b!ts(*u<EUV`{t(;1;^3CxIa8j%qC=FLoU
zjpQ#Xcr!(-OC^U+uxT;>O9x=(M)8B;j6A{hr~G$o&V`S#Kobn}9sHW#ioMclp98a;
z?N<VdL}xbLtc>6i`F2enDfUyLe6XgzLH1mmH#vs;j-`sffR8soP>rSG!VK=v_O&gI
zgI&!CbG+2p&(uogt>UHN#12YvdgE`X)nNc)o6V6+TIQMP3UKQ_JVt1>(J>iPqSw5o
z?+EY5cELRrOysYfHWjL<v%uc0#IrWNUH7f$P+@CL{QFF6jut=K?l1YY>Er&{U_Et9
zBS;@k^qwEsaQFI1*C6-l@EV>-A%_bjq|Z;LYt~#;s@{mcg|Mx#-^9i-?KpktZel32
z(5-QS4&VA|)h3GOf{tlZf08is>8S8^?q&-79$^JC!wYKoe{aLtf*jup$hXJNT-thq
z)(Dq%Ph&1*{?k|6?SDPU3g3AawK-cX`OA<NIilPb8Av~oaV{;^E1S}2I48Yo?2@ez
z1gk4AqyOOyxAIitLvFd*xP%$ZGTbb4+mHMTTBdQ`X+ZnnlDRs&rYn)NF{j5hMcF~R
zQLFVi&C498)yo>EK_h_JWx)3@`8E8TcN3;gtaqd>)I9R%=94AHMg1-R3lq_ItzhtX
zs@2XwqrcU50Cld9()E{=98uN>?4*<3$=&Jt*=I#M{O7hq(}lm5;4h6OgNF|nI1l_6
zSOZEV!`>JL)jmp#pdugA2g`hftMd`HHl+U?F9Zo-Bgz|7Zx>ARx1!(~lYC(WLQmOR
zz40Ifk<vFXcttqw_49tD?#Dc*_$Pk&aozOZS;nrtw?~MhRhiIir{64ek1Q@O(g-oK
zCyK@|^bElE4Q`@gSMQrk#6^KFW*(>we8u<XlDtd)=qlDMvORvBlyP0YRGnkKqLJh`
zz3=5KZv6(b)y=SMDWO-0=W?Gs$2<|B&|Bk!4W)M@ltgwY>8-W_PQj1`Y8+I%pQA%r
z*ERO#JtRSRZ22YC1jO9e%2sC4vfi;DCsdJw%r=DyR^Cn<`&m`Fj3*l7`Td4y?-+Zs
z6UgzNDDO6sj5vhRNUj5?(K9LWv)2Dk({U7ftADVd{InqJrfH}Qm@Mu(yiXBL8bbyw
z?__zMDR%Js2D(<eEE?osYFJ);XG;$0+^3%_A}r#~xBYXFX#BT(ZdUuC^MN|%MiD$+
zmL`m!A~X}4D_zVvv8J!>_v{yv!2Se(Trd>3>SAXH9Jird_GG0ln#^TSz6Tr+5>(N(
zG*L>oEKNiITf^bYBsXMoHrI>vMap2IWREM7f_v5aP7n-1SP}|c-T68l-{5b6oZQUb
zf#rC0JH@iUu0yFsgt_gUYcWz{k;3<pi1mt_281Q1FvWlp^LTh+2RvZB&Ehi$>Q_5t
z>1{sQXG^SX|G3ENOGAg!obXnMX3JO`P61J)J7U<B+*_4OtCV-Db)UNLW|S;p1ae}2
z8NA%ksY<iufQs%sL>5ziV0`Dt9m&jYaHDMJ)zX3JP%2_W^a*-9oD`JjAwe1U9A|N?
zw4O7fOfeGURurS}SI&HQ6@p0Qie-4a*@)Vu-C`r>u5{_b4h<+M4v+{Q?{-OAgmi}~
zLkWK=o68b1DM-A};8tm0s9JlmoRk<ELnk0uUDp^XI%t3qSy~YrKMDtcEo6su4jDYN
zR^U--ajD~3?#_L{bFE&S@YmLIRT(PWlO74$K-LoZ{4kbfcw%izph|)Bk-0qAkOeSR
z(Cqlyj-mUCn)CgP$OkZR3>b`vccCm@+a`?|p2m6%3tek1)wA<Plne@ZkZQ84kL966
zA3S=BeEzc}(kiu$sg()cBC_!_L0DV#z=NGdwPS9WVFNhA4~B0#Fd12%BFwxY)O6%A
zw%?(3HS%iy)r%*kb2n{x;G0^ea42vG+eh_@mkx#!G{;E-+=K<BU3FJl$l-RLf;mm)
zy~!sa;hEHzoi2{<D(biVo+=g-(=qgxfAGB;jyi`7)e7uHyL*&~HU)nD%sZFtrxUYM
zlmS7nNX2EF?<jctEwSt8rw(muaBE?kq=d@FSXXTMk_<0EBV{UM@~h9nF)`E7)e)xU
zlP~2Gp7YlG-X{$!Xsz2XlkJrvbl{It<<-zPRwLrjirdhl5dZ3qC@Me})1gM(XX&>v
zSa1w+Vpxe}Ss~B-lFPh#DiUB|{D@SNZW_^wTL~l*mbv>~>f>l!<pggHzM%pVboL{N
zU_r3Hxq{=P{l@ru+n+Ia*I1G~&0v7_uZqi0#4xnlm$q=)Fh^-sm$_S=0p-~ZL<h88
zwf^cQB5+TOV^V)X7AEOu!%<+JEfzW-=<>pxaUL<dgND`ZqmdG%_2^ZkGwnd!$~WB=
zz7yf{6GQNjhShdihX?Gr?+Jf_vVgX0``eXi4M_6`?&x<-chcJ@;v@)6R_cl}Oiuzd
z1QMn0Yu&hYd6epl7$CHGq&1Z>pKEw=)qg$Nk9XOZYa0G2t^x+V<4bVRsZwaH)l>g+
zt9F(fdeUuY&9`#q67O4N#lp&p4o0I`h;h~8nD%Y!VOXH11nFhZNF(N2!gf2Ki@*^O
zc!w+}zr?24dgV{{jW4j06!46QsxD8>kiKy|T2coVzKR{z8^&;gdKBv?RI~VNRYNda
zd)o=b)fVYba=_)__Zg#v!mI%ov5u1dFhn?K3pV+x7}eJWa{bmy%>Hz*yG125JBl{T
z0y4rsW1Dfw12$(}+o64>v&Oimt))6>O{WYr!WT){=t?B(hyAnkc2uIh(QKd<&(RY>
zNdREH$S)4bcXCL_llWl)#TbELpD;y}%(Hwz)JO`&y7M}*jp$IMR>^)-x~3y?#kQP^
z$c3J+)0Pssgf7!`$Mk$@d8#qM*4rFvy%N+&Q#yiMv#F4d3BQkf<aeyb(y<K2-};%F
z8Q@dB(x5A^Uw=*4A`HTq=<O{4gc+>4N_@4<?d9qlb}1)NAH7JI6oS?|@KlzfDp0)N
z_1QFOg9$~4!#ixwsv9b_!JFllWOPsoe3p;>!((sVyXLA8@w)$&@DoMIpDvLKu>k@E
ze2;ItOR)VYr@!35`h2Szm<CV9Sf`Pz6^T%#49&?*6S0tT+Y!e3%uz!0OYIB2<q`g|
z*X_camg$Q~c1aTTeImxp9R9H3ATu(;8uR0I6xf-=j7|;#0X@2L-hQ|h>E0*5wMysn
z(fd+?#wH#rw-_Quw!}dztCp^KPa$TXl$x4!!8kdyIb`7Z2);G;*s!$k2hB1wRa_VD
zLZO*yZb{h|?l-ZkHYx|6%csKFL<>S$eM`b+@*Jo~=DBkS9<~utwZeQN3_>#6ibDBh
z(U32@O#U79W_03WUP`mW$8Esvj7=er+iRY;>&r?58Ko#pD>E$Xr?&<Pn@e(299MC|
z2|w)MBh;E4i+`LB(N6e@c?=0JlDfefNAz2`#V3rXG4iCtd(i{N(C%T&X7rjJI$mO)
z+PuQb>r1Z|5L|iPvYrRTT=WVsg(!euCvC6uvh>(|SH7tMKxFw@ro?p4Rw4=%LsS5<
zKo~laFV)s)e+gu{CqsplvDW8X*XChM5EU@t+mm^5Mbh>6UhEIpQ@A*wiD+`Q2-z|S
zONfxkB1I4RrBaaeZI2lJ_M0eo*GU!qV(*VJ--mKto&X2g;VD%+EyP{L0Ndhm$N2)@
zI2@>&i&&htvvfk*6q63hz`!xspc-r<vjCFN9=S68@>kJaSlUroULnDQqaKjpBd8hZ
zR&>)cMb4Y$Q`5jmi$wFrQsskEI_XfX4Xx1V<-l=$%PRg$K4YQfca@`wZ)KY>t#7zR
z+qI!!jbr65+(blavJ|Iuo~_|TQP%kzq7aBXNAJ5cK&)j8siLY`$SR6)f!VbX*~3f7
zgeWP*E|Kk$?fP}XXAkqwHuDeL?c^1`pF;^{`8XPaB8pTIkc0U}??2l2Bms?ki);ul
zl+iT($hNQ_uns6rS6qT_rQA|Kd&plh=u(JbTSX8?r4{BJ@R4^ZGQEt&TElM&IPxvc
zkK3^PDYTe5Q}q)cqDlYxq$6|)$m+}`AT1@t19>p$o)B<g!#sYjWnMpeBiFx?bYgEo
z!0;_o{Xqi0hdR;X9JVWee?6!%fZWj{vUER4choYWD=7b|o{3(niPSITFwgtvj?8z3
zX=;jyt3huwP+e{7Rxx4|t4&}NiOxQXxXNW*rf}h^^P;#v@uJ|>Bro?_d&5We2LJ-m
z3@9|Sp!rdJ9C~I0qG!sA;JC0Td3JRPAT4QnsQAxrb}m34BH@SEleq0|Q$%CIP!sU3
zP#yg1_u(w9Ltmqy4wK$@Uqw>)w<#I+xkOlR!}9<TcvwvwN@W=Hr)>dv#%P{}Jajf$
zkjF|z9$Y*37$<v_1A1SY=p*$FIHAiGly5yUQy{534wpLplTAG*Z>OMF1;1AeSQL|b
z{1V`=?F*gk=fXn$>uMDvErrzMnKEm?^LAahMRhGzZCQ8hwx4=sR`(T+vBZ?-iA{bD
zooqvt>;Tiq+6$u+d4@<AxZ=U>ZInI{80A}?rz9l?SIH)2ny_-7Sb2N~U`OGz<g@+2
z5Kfx1{op*%`kDa8aR`j|^QMSV__$jSJWLOikB*^<bT2M21kSm|C&-FW(SsjPV<0^R
zrGl}re1K74>qP5EL2a$287qs^)Tk6Pign6p&L3r?iPUgx7>h)9v&@~SOPb{-r0MD2
zyi1~1dG5c=A9oFa%E9hJ70O*dh8>=<$eQZ(@rIlIk5gqD!2G7gPh(pDfc$s%E14!j
zV=q|=9U8IYXHRl&Ag0+-iN5C<iE5BodP&$ECeVvf2RPg>8$E@NSq{tLxNJ_<*klrU
z&%PYkh3%PX1`%*lkJcfa5`eA}6IbuGE-`j(HS+d7-4CME>zu-=Bf{J9nw-Xky*a6+
z-frjGlhPmUkSBxmT#Sok?0-t%QxZDoQM=9^Oyy<I?*c3&kuQ@iFQXFN!TL)+JjspF
z!wRLuyf<=lISf$;qoJQSF@75X`_{;85!e~ID0}`vIWXtXt5zPfnGhFYY$^7916fw!
zY+AW(9r|B6hS$qtO6jomuj9-9sLk$V<b1L`?i;KAh90+Q)m6i>bOEH4oiFT4OH}G0
zW|fi!1Wk&~2xn~VaLdqPMJ?(fEWE$L?kDvIsTWv#@5l^M_l13M1coUO8J@WrFF*~}
ziWP<<u?ZfmTRVEx2)$dr0K(3yO__t+=2SVA=D5B1niu51DiDnBKa=^^rnjIED-dcD
z5@5IYCoaS{T@w3Naj_`*SgoDv@(qo^Ig!hqu|^7awrTSAR`<g9Cyt)kfz>YSL&H4`
zY;+h5Gz`J+{xMb=EQhZz_Nld(z-{WyIlD$S0l&)lKc*NqmOL7K1?5WYv8|>t9-$2=
zJSyqL(K!0PS#loR(<@e?JoqmVW@TEi@ijcYp51_dv68EwV)x>l$dUP*?=p_#C(-dW
z<Xd7XPaNFm?h)r=_FuA){&-KIIJa>W+6n1D`{nI?efj${n?}ZpfoCE?WM0VN2rHoo
zV)$f<A}_}^pxZ)RQGwN3<2jKA&`}+O|C%NgTZqq&(kRQqHi?cr^}4%hUL3RIpkn1$
z3Oy9+Km%fc^l|Z;qYt=Da!nzVujY1Lz)EIW>eiB2O2&55bEm%i#rGIgC#SvLxp-(x
z(3rn7h*CL3`eXe-UqPYb^2!CO5rTs1ngpv)ZC{2OtC{TZK2))j1}aZYcxM9MHEA%K
znw;~j%t#WRT1`xK#63Kg5+qu&^^o(Lq=QnMqC@D3FwkIbT}m7BtA|k{l~^238-{nC
z=D&w9>hz&h!ZS{Z$_X^B$r_F)%_V&?ieS&O5WDPzusU4FPymx4-j~B8MHCIcTDlmz
zoE=L#@<PYIYn&~gVdvG7&o~C)&xl;95E+ehY(t`!&f5uzHtMlKXmS>gS+g|I2{Yb0
z!!*+l7rs=i@5=Pb6HNiYR!zvcW`HybsPvPvBw~s*i<qTl18RZ1AuF|tq^R<WWdst$
z&pu+WIk6ovmkVntiLo=bI*;-p=LOx@o%s58q}1@x3!Q6>F=);Qj+Z(r!?TV8&2<oe
znH`x3l!+3L9UzCx1y6>LNKQj*v}$m(Blk*sx4?U4jJAG*7c;0tZh4+Nkv>KUs_#>M
zynwKqsv`Tq+2zi*hGv)l(_+g0Kc<=GpV)*!aet}vAnFHugLstX!B10$$U^O<I+T@h
z_j(*Ueldwu5|-8ql40?kXxGi=G?Ev+R6pp$k{V%kV}%eQCxqkTkmJ!s@gPS};iJav
zonJ$SZ2uq<7D=IkD9ygax3O(I+$+11tHay=wL*QJu5pd-oO9R!<~tbk@v*cx26ZO8
znwIJOaBTWM#a1HVu_o^5mn%7h+;Frp`3Vy*gZt@}3<c@y;o>)DOW1ntiSk|P0Jp4=
zbq5lPxLxa^BWU*<abuPY>>Dc+GIETYL?}JzTo0T<y$5G2I8}-E%@U+gMQ{H@xOhp^
zw7BqUIp6Ja0vTP)q&@LxfE<VAU(ywLQH#28aeg;+FBmm_3UfbEl2-6cz66P#DSS&i
zfK+3h5_RMC7_imgXY%?q)DpG$KszG?(Gz=)ceBHAp@I8Cy5+-iMDb6`V~Kavg0J5y
z{e4!`IyM1@>zpJGW^&JuRyKiPM=MQjNOf8|6KC3uevYbXv{B+CJ&+%ab}zG91B`AQ
z@m-9XDp>rrXCw4OAZR))ggBjWiSLSdj`2ib=-tl@f8R})F>Dxr<ap|q0yAgoymQ`j
zMl+MQA@*MBce&&wbg-z=bz#|Ag?T|jw_!;NygD8O7(-7X5oZxdS1P#9#^V|(b}8Il
z_QCx_ffGB$bWh2sm<kr=J4ZWp7YM<k?r;4Uh1MT*+-(jV2Fb3HX$S6gstK9zY@uUY
z93Zi>2;#wkaEDXEx%lmOH<zi&o*Q#WWB$8Vj-Ko2BP*Y1q}$y|@XYh3b#Z#Dt{H`>
z5&H8~CAtDG>y?w&BRTH%0~Nc1^>O2MmDhKjhXPO07YMAE@;o~DQ2hk2FIIiE!00KF
zR<S`4*DAvwp1#+Uu_b@w_r9@heMisVmK=4M?Peq|+JzJn2p8TwSgRtQ_{bpA!k^?+
z+>(yU@MZ(QtWlU)QWkn$Y0ZfN<$h1>>8fSnQRp?Bh`yKYCS<)gt@K3XM6Nom=<j{y
z$2FvqCwA0|SWBAS*>&cS`@lrzBt3}9YIYsUE(7NkU)jgc<v@Y4O{bS9=<C&TwS#c4
z6fmj-OQu1#Zp<$>#&y+gs)5*$D(>e#e;A$DbNj?Mc68a=3y{JMEPkYd(+8Zt;6>Uq
zd_3>Bf9v^Qtd^V}{<uGs3qON$en+~Izy~@gaY(3X`H1P9Ixb^4`!;ex&){Q6$4);f
z%|v%M+J+-U4=9rDi^}EeP_Gmin7SpWj|6-f5dSC+QgcU?&`FOtQp*G;vh5{V)d1HH
z&^xdH*^jUCuw-8R*GV_$W|GZhuHJ3<j?C!PzouAT*2_L!^O;Vfo(R%WU*#s(8mQlU
zmTk0TmMSf`y0&<CiLm!v@4v3azFN+@WW43`mnQW8$eievt(t#hHQis=IVzIad9z5z
z)3sp|`TsM5z>Y-MP`=!yB7RX-R-R`Cmx0Qg!dex|^!u;T%p=xr|Gp8}5{Ta+*?937
z;X{&jYf)|;yR*&}=#6`$?Fw3VuSCir4w_}pM9c1<68VFYJJml5rZ<iMt|Okb3o>AE
zx}^{)x&s6Z0UhN@-Rk8i(9Te86PiarGUl>G?}sO@j4~}qx-`G=-tB$#mYbGV-jkue
z{0|4qOsIj+#}y`c2odKwRfZ2oC$aVBPS)feYRr%j@1LPP<-V~m*ROxnXqtqF!Y&iO
zlCKrt0TR|5+qfMR&&LQJt?6h8zf&EHX?9*P&Imdf-s>Z$w#%@GJr7V!8a0;Md8zsw
z4|TIErPwz{FO;Hu%t;@f_qk_widh?WO1VD!yngw2yx8|R<O~zjhK7M+bZ5yozi%I~
zUpg8V*Iw^MX=vZRJ_A~TmA`D{*f=OTGQs=bpK#!}h3#($xbOu;sW|4lh9zy*d-Gm0
z8ab#H|Gn;q8yR57$3#;*>C_W!w3N5DNhn2@4h9>1o^SqS8rFL|ybgPDlmv$-+SFM&
z<QP)Nw#l&QtJ;{%U-vfDBGEK!2oOGuok~78(7PeCQXB)iyF@WjOxag`wgbf2X{=`3
zWu~*&e>FXM%s^oT-tGNSa0vC#wK_GL1`E0YdrhI)DPm%nlIZa-Ni-hKw*~C4QMvrB
z4Xxs*%<e1i1GLPxN-z32)UbMQBO`*Z&+K29UJWSReQT!k(P6ee%gF!usVL9Y`qjt6
zP&RR$DoeUzUg<hVY36A(c@+L~*<BfDNA3~!L%~69LC8$o(Tx+37Osf4do=&flGYXy
z46h>gvPiM=(<)qX^f=1Gd%^7aZTu%>*_zhHTIcS^&fNWqoXEtuO)i42qf61dG%FEM
z5(B^EX(RN)*ElYUhn+=tlsP4JwX}U&$I}^FoDy%j&Cxe;%v>I=I)D7pls9=Bo1gH7
z1p%ppm7S^wKOy5Y?EM3kV6f=u<F7fZj|iczjtB<mh4@G_NjW!~RqOIaY7x@w%B3Fj
zK6Z=WzLq!N(LTP<7M}RBd=|^@8nudQKDoln+9e}UeIBcdHrr(RHfPQLOfx$hRJq<#
zuc%L7FM&r-ts9A!)vnK(JQt9%olEpY&1?RdC&b$Z;^xZsXO}W7mhV!&p@SIT)wTyg
z#dUaJQtA)IiZ&W_e*Deps@~$#!mjx?wnl+RA38QH89{jEbWA(zp?_zWiuUC3FAPfE
z8Md1JxP}pAhoi7_w!%^*0sM9f*R+C_?~%x?)tiF&L831jQ@QEu(5})Kx6R$LM^`y{
zVx?c4IgqvdSVkN?E`P2HP~4SLAMJY0zEiM5eLb2pj}aQizG(2yuik4sFLt`h*{x%w
zrhIyxtJ|LH%2!+7xh_1%4lUj9jqatb&)PyWDytxmj9Q;+Jat?5mS-LT!8IUu_uMWe
zn$$sRQGky)x*wq{O(mB7(U}x-uw5MXcabV3vdlvzM<0IPk{5($VG9k!dZhlJT_uRB
zD(NiiCR8KG>YD<^9q`mE!lsK!@-?&b+ttmB?4nJ&zYLVLHqYCyI(&J5ZU6o;|9a7$
z&@|e$4lCH-fzy%~OFxh<=&P&FU)UEh5wZJyIO4E4wKl#xjb1tddUL<IykAo7YAEC5
zs=Ih$P1-6OL|5;04YvIy@=x{k<e#;LbJ;+OD=x6{o=vK4a+~XN{nidEfDF-lTqWP;
zqfD1&ynbEX{)#oIMr9$vs0^p;d}-w8qNF#STJ_Zad}tr^B+BQNkhZk66q7?*bdj@G
zFL=eq2(GA^KT;#F^PiA~wALov>A0$%DeZjDSqnXc64h?IR+l<+AFuT@!0~<fM)kjR
zFRU9uCr%8Z|2}$KY2vo4izZSjd#WNw0t@x`Jw)~d01UKc-Xh!S0uD0DS-;0zzLt)i
zj+9ic#-MQ1NR}1UbE0q(-^c#2v+(=gIz2vL<7r<p*-_g0IMUG^;fd9KhPJhv&7T}(
zk`d`DXsR4(J$y#Jd^yK3*JN^unMzVRBtKsSc>16jU$1qnVNJ2l{~?cc=rf@m$ZR)Q
z&W?54av*}TKOti+XOH)<fdpAs(WjynxBvKrx2Sj`sXeX3>^SQ9h6A^CizHG#%VulD
zqL|#9^9|Ih;!__MpH}{6d3T?j)*Jjf^m0xi-dXaUHxx`6_`5w{dTCdcI`s%GZEf1=
zVU3MRKoFuFDti~Ezuywgx>m6c6`YoSMQCV;_KbukvKWPmsTLYNmCcQ0{lOG|bfnPP
zqU*`wFg6J8?94pFmNR1T8wyax(N^;EVv?I%cN1mEGU8rR{=Bj~iX^S$HJ<Q#36x@k
zk*fXi1Ly3&zW`*uTMaT*5_&4{xz|?B8QQ{g19F)+H#bx}fO0cw4XntGEMwjiOV!)u
z5eA%H+Juf%aGg~B%?8Gb%_?sn^Cy*^4V(fMWh6+^J}zTa_jUZVQLko(*8FX5)0YkT
zqq5F{l4Hd`e4^LpP<cplZU2%X$g+8iErY~VWy8^pJPVkQ^AE|F#`lxs%M5=*|6eUv
z*%k#CZ6${u(xIe7x}-t6r3C~A22i9!VCb%)1?iL$knWZN>6Gs7ZbV=hF7N#Z_rv`I
z=j`+BbM}7rTI(z_G^G}9L9;*Jzt1rru~U!RxDK_@Xi8E(;R$+#Omq&uWbT0`x<r`A
zl4wmlxj1}=W1_Ii#g4{AAqH2mwQ1tsS8@hYv8Z=M3W>)B)SDNFZobE(jGY{I3MbVf
z3G29FiUEJuwGf84-wtMc>-;KJ(h;<3R2gJVl2Xt{Sp8A(9mr*R@0dtZFUZ2m*UIjj
z?}Q)FAA3#md$;dtp~u8_P(7TJJEx|Q>mv!U9<;8hRBVyOK-ruqTM{|U`4dkG?j6U$
zk>#<nagT<H*qfH-6mb?EdyjrD7O;4HXJPg6Q+sJcy0sli7t26vkr*{}C0$?i_0Gd!
z{_bqZ-}=>qNoM(d%I46G8F1RYSYNMu#bs!4!uR&m9PsPb8`hHM@{P|NcjJToy-v57
z<hWxkSB(k~_sa7znAA4x>;+sDM*dk_9-1d!HkDnZFoEMUPVM!oOsMlwiwh7wDT`iV
zijIsZE9C85w0gZ2;uMCJqo_k9dc_vDf=ysEc0QA}ac5K4{b3`JKf(+DQuOa=LrS+e
z%#i;!R8`z$JN^er)%Rs(6o%+Va{Z}HbKIskJ}u^RK|KSq208c(K(G(X&?Ya~{Pn=E
z)qp=%k%(6W!Y_Bc;_lmPYg`9MY7>O(a^6J0|8o6Tb>ENSRe0Zr{>{@4ZMN^dRP6AP
z)r0yvtM7tw3wI|>+*NnwdF`L%)m64L5SSR?1{VCW8@z1yWT{NVIp8)GmJVsVYFkS%
z|HH2xi%-T?<lCcOD#Vx(8y#%G9qLOK*7$U8$SnbWWVGJ=>O=@rC0^&Y@gwlVUz3A$
zX~`Yu%gPuE`EoMfD02@jLmoFu(}l037@tv}YoZU$o^?Eur*@^$1_`8YJE^g|(H$5<
zV%)+26)W1>0OpsXIWmwZRh00zB!NL$_DKzjxN+WO4R>xLIfzr7WA3lBo{S_|{Nh8>
zo?oVuRnTWrV@Uw~c*zY!wyx7RL-SjO`?B2ju&L(LBVj_%^NbSSTHsvutI^&P0MQG2
zQljb0aC>4`d_gHB9S)1s7$eSVYXq@cXl&Ir>`Z9xo*;Csw+Tu5cf6$4rR*vvy|Ih?
zdq<Z-^O2DF0IWSY7ue{CMki%IVL_>;7+#{{RV2{A?&?-t`eHg6h9$=F(AKJO)!lcy
zfJH3h5^qeo&=UPCFO3DIZo-;Z8%227>ML$sO$gmM*u^~Q!oJVi_3wrAReC}Bnl|)$
zX1umAhXIWp6O5v?l@xE0l91=1iYe7cQE!v8ecoQiEY3LQ>$W$O5(4Q>i@Ky5Ic`PI
znx#QANYX#|++L$uv=q*GLTNiOI#Kj{!e^(1VbM~}HC;37r{39z-;d`k(a0M*GmU_?
z49%Q4son3B$QS~n1(mX-@LgAJqRf>1Fq+TA$sf&5gi*=-U?j{;#02>f?-f>^Su1y>
z>je&+`|_`*N$c3A<9@$mY*w=?->DJf83vBd`q7n3MjUsIj?q1M2aJ3Rj;nf>y^)qP
zfcqC3Hy7qB_ANG)78E46T4-KYU|DrIn`qxEU2>*9d7;nJeDMeWV~nq65Bp$`$>5##
ziJVgM1xtQxnxPb9f?AJu(_1PkYIpMJKV=fN@xqumf=|cqpb@8fL1G%^S=q^Eph#0f
z_E(8mc2(p94+THv9GYtK->qC7;gM*|g#vf$(s?~Q>1VXjF=BzwToizePd@VJ2BXnd
z9ilh0j-boqjOCw}nQ+Fxi)s>l#n5cIPK*If3LSR0IQ@~BDa#f7<2}VO?lPat3HeoQ
zsZ7;Lc!gj172^aDhc!^Xq$E=wwdU<jLXfY}%Q`s7Wowo0F^9571-;T%_obKT#WvRZ
z=GNp>0pKSb1MrZy+1;UHS){nx7LTmLd76UFAf0wi$1-K1I3gsV;TzFQe2CaZBl}}=
zhK@#=6eAId{*&4KGmia@S0h~W&}Ygt2QfbKgR~k<zuE&@on$IoS}K`Y{OMOpb+nVa
zRp)uBcE<wM+|VBbrW--}+HTfh-|-Q%ZBhfMBMi&+eI+wvJc1iP9P&I}g_n+;-D%tz
zo?ql(K1Pq-KYJ9gZITf+DB#OE%-j;-R;__h<)?K#EMPA-E7TIu4Ix9O-4WSpGNJY@
zIyH-x*Znnb=X?kOeQ9Tx9ff^xu|VZZA@y8wY+|LRjMCCp(ma-%{95?kI@<IqEh=Qb
zhU&h{n&@qH)gacp4Zxp`;ky?H#X77D?5bH%$DD8Y22cANvOZ17J<<C1b*vM8+aXaJ
z>p?M6SqF|JokTcOHa7+U5i2Aiir`qDu869rQnf61M?>DJ^O_<V@IXV^5J$ag8)e!a
z8(sPsUkW)@H<PrMe913M^Ti^sH)bg!GO|`^79N5bU$@6dK^5*B4wf&>2p&hX^B%KX
zVk>65tG<ieIl5QghAjZ9Isgj(f=X$GNX*9d+%bd(ua;;SaEP{_w|A*hKbh_9`(fBx
z5wJIbVb4Q3oQ3#UqX`I|_|z9gNe+EcX@+5IC!aU{S&_=|g*(V*`!{cqj%{ql<x$6K
zE*j3HKTL>T;wUg>IadPCWw~=kd0n2Pyw|DVoJ$5byVld5W5^R;Z^0wIDK+e*pe79w
z5{Hq-^5>eO<1Wq?G%b3ppF|ZChA*<VcZksjLC$F6xJ0+}@MPqxBggX_i*SS(?praa
ztQ0piGXXGb{=so;3uF=TqFp)7U%29D;!cdbmEZUxggV+1@C3vCK`6nSNVJNgE|rsg
zagVIFRiQDFACTJuqy9yAsYO^bROr3|ijmXwOC#VYgY|<(62@la+2;A*8pk9%4L#M+
zOe`S+8T#PZ1gu=1OzIFq#Y4$-Nr&Ig(`I|JqrE>g9@I(JFcZEi`6D&wi2ZS1^*AwE
z45YB^7D*Mk=4w-0E8uG=3J-zm5!XUfCo=v{m21{Bl$qt|CWrE<V-U9fH4bDTtq9T}
zne5Ojp&Ov0q_p|x;UT|%`E+`5Ksudy+nbml@n(SceRu(N%J1)Tz7$0+&5NX6EMXZ#
zB1?uEkn%-Somjz}juNdh>gyAuROdvMoVh07dL5ACs{Q02qj<Cm_H~hhrtFOVUz0TO
zTHMz+7w(79ro@bpk^2E)VSz5~PPwg98<+^h>_n`z60qB|aqz1~#3v|tRFPJBqD7(l
z3k&JyxAoe($X%8_3#-HpYmzrYY$or}pR?|O7yxsI?OBzUnTlSC%J6J^fijDc?PEcG
z&d*#GHFY?TNaT-Mo^3FTYJt+UkpZJ1md}fTo>yso3m%)<QENnbxvf&u#mpfWM`&|q
zKoeB@Bl7VInQUo7m=3npR;gLCyU;V9u6tsyK|{q+em#@_XI8=5p>obrXnrE#)@Y7x
z&l_KAwbdJX60TsN>R08OOCdU5%04+eQ3I(xEiOc^@O#*VUl>s`*12b#X>egL-t9m>
zB-S({5^R5;h#PAzdm;LpPs)sI_Lv%k<`}pb=0C9{#kFF}f++3@P`nA~2z`Nit^y^>
zwCZW{bhKfAb{WKGQ?y*|FgI9&MLzed-csc=+;7j$oH@8b#(~c+2gHDkztPsVJ8vJ}
z9SC@SV1gM6N08W<{vn^Y)Vo=XFp8cG-MO<JuB-sV`!2Y?RcMZ5&xvYxM(yyL{<{cf
z^E_W474iJm$m5+RCxJYuE3&n(uc3%2wcB3>(fJa|GS;i0>)F}edknqTxCIi~le&z`
zQd8cF*5b=}v6?JYAT6MmJSMF7rhC$MF1b()YU5eg`3O#1Y@iyW-+n{ZT0=m^iQqij
zIyw1jMCXdpmF*C|fZrv{EpGp`3{i8QF&&6oXx*AV?2p1En;hwdmxfu|7S<3Mu4yC7
z=IYc`4RazPpoKay#hHmUBWWatU*rAEqI|V>=T8!B^z7|RkdeKOu7ksNMN2a}Kc|C6
z)PQ8vez!Q-kcRD6;rGE=hus}7kwN5he1QOfkx6IvGW-^NM&EsE_R9O75A)RiNgJv$
z9XYYIp$kjdn@HQ0z^hF=Kl}0+KfXe{(AFVuW-j!3m6td*?B7N}F;2$z*`Xmkwr>Kf
z4$=u64v0-I#=daLpag<a!$V`VInZPPozk8Y^YX4}6K@I0^T*<5G00906=VC8GW%-z
z(=zQu4z-n?Ck*kFJ(gBfV+pn##Pxrr9wf+1O+VixYHR4T65)tUU>TMe)HM7B!>>WL
zRZHz>*mNF=mF|%&YUR#EbSt8b!#mgDKoo%-w5mSJbQ&+#g!J_EnMud<j2X<=u)?qN
zFL?z2Z8G-ji9oDFzRA^n@^2JkA_D;#{7SkfXr>omZ%g|MrN7dfqjJdaV@VbqH=KJ1
z7b+O(6B4*H#^u{C1A<$IGR}ea5Bt9~O+f$s!dB}FDxz}Y&Tn)txOw%qGVaFv6(WC?
zz9bYYa>~YTl53*t1N>AsDVm3z&Cf%uL*)UJ3fV;CQe~*jfNTBn4Phx3xCO_gz?^Of
zmIuLuqoS>lU{!8d>kcOk5V~sDurFtf&hBbcM0Z8apPYGtyPP_dRc3h;B%YynF@RAz
zTB>}f-`xhR#eNT7SP{HW^g;gQ2Y0^Y(0e8U-_cK4Rb`y3R|OSZ@p986A1O|g`UM0o
z?jfe#c_A>u4b3()*LW<Epr$X+W0%>HWW-*Ud^{n?#9~&^g*tm2Ek^n)vJDp5N@nF<
z>2L?b4R@?vtbe@@Wr<JA#FhtMht$@b0Pe`ZL{<JzdtaA-zC1-~o0~4{jdUiVHz@9^
ztf{DC_DeUBQPdW#gkOZ)vh~GLMWgN6u-akjn0NP@8{`wV-fSGdc5t|MN*u(1Ld#eP
zloZqw)3w#|uo`!1<61Ku`NeoGrZN%AHkQ0PJL+R;W6+hkTQLB);Pb}#8kByBbq|m?
zkYWf@Z(cuPE=M7l!XH2|bx3zHLHq}Yo6A_KbhiZ><lYFVj8hPOyco-R8=IR;=gVV`
zTG@dVlSoJjYrotjqQ)dc2|Y>h)NyR!%3qGx#}0UBxx;>_qy{_~t)_Rpg0K9Jy?K~#
zT3?=yiHVujuA}-*D5+k&7l@7o^S7QptbGk$X@`-S5i(cXEo;s|(GSbwM@knTDZWkr
zZh$*Ui|pd<WnhqYeip0RC6s(x$Tpn!ZY=3wZ#?uP3kqwLy|A&v=jR|J?=t@xgsXvj
zk(r1CS-w(mx$GTnuUFi;;TIzV7=4hR{xf`ZnvpfoIjHxo_H{jgAg;YmrdumWx7One
z{lqLpL!C{Y_gSl@HWyPZ03-6gG^VE4H^G*nH~Eyuvz%)NNfL)u_!f@F&(Fk=+Jew5
zr|0|rEkyCTEs6V%^kQ|3@2toLBsIF(T!~E!Hd=UlXQK%^uYbc8`8fq8VSP$GoY&m`
z_hI=qo^~j~4ox}u!hzI<cg9KeJ*;VDN)~$u;vIzh<5=Fa@6`53R`aFCCk0@o`>#=O
zE|@5YMVWRJYsFUH6vpSd%GmKf3c1v%-R&P__1&R2s@^F2CRpqRU@<hX&406p4&dui
z$Nv~s%nE??-}pyh_ut@r%CiQ*U^otXVDZF@`>~G~v0H+MK3y6hTq3hWN>s2!-|q%|
zU$!1=64}({#O2x&XY1~ti>rowsSFZd?$AkH^rt4|xBMNvg!`dT@*%RV*d6_biqQls
zxvO~VZym74+@nY*Ng6(hCWjjzO)u~`5K2%lN>GoD!U}GA`{nY3H_X4U`+kPcYn>s&
z?nmApS0b<P^iD)1o=larRJo`Z&6S71w_L7-cclZoNhGiOJ_qvHs!rj(!RYaQL_y%X
zfWMMB8hY6;DRDe)w&tEaudYW>Pl3XU*Xp?WOXYn74gACB$QMV8ZM3rCCS86I`EXdC
zU9QycN3MwLTbXKF1GlRDAA^U-O+_^Fl`m9HEr>aVh^#TWYxan~t_?NtcN(zC9fQtz
zFS{H}hlMDU9~#Sz?hH8$6nQlEq!UHPi_n*=*>rtn+0U_0=7iPkD%<^ti5*+xhS%Au
zy&dZ%4Q;ML^p<(Lm7L@!a(OJnA_Ileo`F25&A~}wbrrET>#0__=XDjV89f8hKFV(d
zVYbEsy#GwXmr|1khD!t<#_gVVhiqT}n{=#MtJ?|zYUrCze|>Jm4g_y@Z`atlT22}d
zOrj9ONF{oY3etI2BmshHgN1CcpoWb15_YJx?-~H%PVV3Gjtt&`QGK;=5)i$d)yomt
z8amgd{-W@)ZCiHK(2yjR7;Zn;kJY>`2!?off#A!TS<7Pnuc3Sz@M70oB5G?_RE<Ob
zsX~=JGJ;`68dL7QE`ycO?`x7M^l#NY&ToDQ?J3;?1wKl}PG8y<#02ZSLtI-sG-djl
zWcTV}Pzt^&!yH`Q9x+;%K@o_MXruM(cvu$j2vYZQd)AgXc|M=%IddQaXRW!vuRlH^
zYyHu}{c_WI6B>?;a*~61G(Z;T@m*MdZH$snsAp4L{~4&3<l>w<;PFiA7crzYB19cr
z@;Y8_r+lcnl_lw}`D77jNudxik=@Nif=+DGslF_}ZE8F*J1zXj{b50k@ZkoQqxKM)
zYFyfFuQ{J{i7aZIle?xoptdFl*cw<;{`HM6YTZ3;^GUa7;X}Vk3_hMf<2?xi@G=B<
zIE}uu_#>bb%{N(GS^Ybl)@ek#Qg69!fFW58OfqCx)YI$2q=fPln?uhm5>V~El3be3
zF^{@nNS-hra8`^pQb487yra7;r5JG`%)xV@BnDVy1x$Z;G_JhI_gEI_G=GCkm1WUC
zw4wXmS5X%bmU&OeSb<>^;7@^cQY#W`nF#I$e=AqN#y*yVH$E4n(v)X~^HM;^T?i11
zqdaje=<lDPqS#xbnw5Uw$uO;m%Y3FhGT}TpZ+-l7AZ}D-rGeI>HB2BP&+?O-fh>c<
zc*UoO^hPodZ@zNStNQ*66Y?Y^HX`~`qHa<C_A8*Vs2s6%;rAe>5h7_^LhGSQP#@!F
zO|Nh2GxrP5M@|}KsDn|rww{nCVaXpJ{?Mcq8Kbc1`jSnl<;6R37R8f%Dh%VMk(K%<
zF9kh^yb+)9L@cVsFIU&4N7N<BXeX+jDjbe!|Eokk=LYJb6W3(-E?>Q1Az2)#LgD+_
z;F6z0MW8{6xN4(r513cm`pFEXYUT6~io>~nTTf<QT!ydE#7BLSe!?bJ=t<@M(Ob_b
z5bZ>x6B}6h%T-k~JdarM<rY}tVDcAhWsbzFtp|mYIC$mJXamFtfr_j>dSmb4OVHIx
z?_;)Mc)dNOujjiEO12~_ARFtj)4IDEo%3}psBt97ooyYA_v`JKA;0(4FE87_9vMl0
z51PI#TJL*HH1oR#Y?INdDP<6h0m+f2H<4bXyh{e<`t%87Ng1mfZyj@Y6h59TRM1wu
zbFjOaJt}a`WfmQ;eAd<PKGQ`A{2gMrEn$g$6CZcIfmBS62*t;H#k}Yi6m2~GZ5RD7
z7&)u{#H`WW6}s@|le^UI0=wC_P@!q2XnCJR@}-_$#aZQl^A9Qh&qJB3bM6YR$edj(
z-v!{8LsZCO)+O4U;6moU{-h5gyIIWf^(F&ara~D<QNZ%rZBB3N7KS{XV>Vxz*;+ce
z7p)tTw3YS&(`0OJe~^A=p+~XuO{P8V{wYn4q>R*Q4D~)Q>e$U?-!gRVHAC-X)>N3T
z*XZywk~H@k&&>YF^6|mq!`zF1knO@A^S*NA$x_{X<`Td13QKR1txaA_Kau}E-N;UF
z<!A3x%XWllwripTuV3@Wn}9Lz)&B~B+h+nd5tKde^n&7d*cTlAZifbSUJhwTt#(dK
zX`lDW=5lYxMSA`o$91_0+8lBoTY(Rdv_7uRmGz6f6MEniAKTB0Vyi~%Q5%pfST2GS
zeJ>}_Nd@KmPd)J@GAAJyW1HH|?$Muvj@6BexRYo5)cd~F`_-spS9-Q)8GVMN<R0hV
z6>1)L*T=voe>uY0Uw~F(xk?{pI&ZfN1;Q<e!qSznK$cnzL{N)jBW_hZDLPr{^4Wla
zov~fyGbzevXTs)hnG5;^v^aI#dw=NOu%dPJ;$PS3#`n)`dN{ZA-d22GV&7Y=6`Yob
z7yjq<8;vITWMtwYKJP!2#8xy#7RNz>6M*|@;*?k38mE43V=eHCWpfw<qnnf*PatoU
z%Ouzuv^8bP%$xGEOG_to64&eXN9iX8!h}=jK)Eru-rQp$7bk&*Nhoz=^m+->x_C#r
znAllw?Q*~E6z81p{_Bque~HKLaDi1Q*3|XZtP#Ea-Ut0w_7PG`VGJklv<fq)XNpR+
z>gd1dIu%@Ub#a?BJX7Q2*Nx2x$mJ1*^ja}|1R)=J4Vtiv8$kotL2sflbO>$xT?hsO
zuY+Alx)(6`Z%|>0ptQfJN+lq2Q~l089zy4B)UX4LKEKP>ou21e(zDC+-0;~l@Bh{E
j`2XOe{3aXi30VC`rN0&MDDi9u{X#`SL%vehEckx_MeJN*

literal 0
HcmV?d00001

diff --git a/docs/static_files/docker-logo-compressed.png b/docs/static_files/docker-logo-compressed.png
new file mode 100644
index 0000000000000000000000000000000000000000..717d09d773cc46ff8297d06f66d9aa855453f35a
GIT binary patch
literal 4972
zcmai&cQD-D+s0R0Yj^ebT|uHmbh}CrD|!v0*I@N7h>`>myRteVy6C-&h-eWTEJBos
z9-<^fCwij%@;vj-``7QC_sp5O=f2Ko?rY{;=dTm3uctu`WrKo1AZjg5RYMSn3;=;h
zs3By3m9`raW`B#bzK*fl-zuwX{C{n-Y$9*-1}L@}R6Pc&oVoU4=l$%0kfT3mND56#
zql9}1Uva-kRFRCXF<n&U*w&t`xjjvAZecqiEImi5e)w7MG-E{3tJ&{;uI?p&ouK}P
zdPbl{x=TlaQe|8ZtveGp2*gmOrK)87aAxx>3fhIFQ&XZ}oXTOFRof05QPgBSL6y@1
zl15u3N2zTTe@FcP3$ULSt)XykoVa5Zj-VooAmOmv9K8eRY%r?F2HGJ->^d)z>(fIs
z36C3F!*19iQFc#}ioi8E9r%m^O#b1iB0vWrBehe!28TqDgd?xf{jbPSRx|Sc$2mT7
z&m4NttP7}oTSZqX<h4)BrC%Rc;*a5*M(b9jx&%3Wxx7qG7oRL%<K}P5`A9OM3dXwB
zrz<0Qqq?H@(kW}B(Od)M$yfl6jH>K&JR-6bJ@`zvwcz;r&N4lZ@wj+)(lm!0-sOe}
z(k90<@DUDRX8FZ{eyz|1*xIhv%ID3D&1ChI_x`>`Gg;e4bH{_FXe&)x)O!9J{%Jv8
z10pkYH+EE#h<gy}?KRik>@}O2-tj)+FGjX?9&g?%(*vn1tBCYe=Zl)^89~AWtfi;p
zbU;b51Uq2kF^Z?IQ(~B|4Iu3_9+o_vF<!B-XC=coU3la9#WN#SMe#4qfFM4=JgFbe
z>y7H(O8)Wz`Gex&iU2ojQM<@HGj-r2_lrl0U+sN@`J7yX!f1reW_&hJt$I=ng)fsW
zyM^%)1x-`I;ysWvqdO~<8gfw<aEkmo5qxN!j@H-F9)qOQq;*ky7L{sNkFEX`;Xvi(
zA>W<UERVt2JcVd;c&JtIEPO0M0m1BZQs<D686q&t=ZxC+xF74=Yl0`IQAkfF{~rHz
zIo2SU@p%)VQG+6dM2$W^5@&#OJY(Z|`V_#qh^AtG@_zwHB3p68BI@#9iCO>jnv|tC
z>F&Q@wW<<P?s<q#*GBm>xfkQ`kwLi(OUouG{MHZ^K0!I&e+06+Oh!1%0UD4#6)B&=
z``nN0G{ydfi6juFE*nQ=srFgEaf7z#zakhZrMDm(byQ<bw_Eohn{yVDX8x}qb-uhD
ziBEtyK4|T2t3MKL=9CYBO-h(<L8U&2;{mAR4y%KE*2IW(e2x08f+Bq$4sZLfM+<{@
z#;R*B1$NRSxoc`hw?A82H|3T~-v4vH`KuU!<8@J4NBjP##1;=$Iqfu^f1TLueE@J7
zaK3uFv~U&>q_VH7tWltTYlN=oY4G9P+p+<^<4=s4n*Xxg_SIz(Q}^0KKI9uw{k^j_
zMOFA(?j7s1Mr0qqa&JjW$S_+=iVjMEHu(J#Edz5Awt)IziHVMWC}rYDyUnB}>NI<#
zKLF`P%aUNM?4SlC+A^yMmOR|c&=!nOH55Aa=uc5HY+X!?0tTkvG_gKm15Ox~Fdtf!
z`fTZO5?g@IeWGkTG9~8yHTCN&Lk+vj7dl+F{@7>+SWE(&arXi;Zjn*I0Idx5<Z>(r
zbR1%nDN3=hhhP{pPVCh2HZ${01N6PkQx$>Q(DEo>A%8Z~_LGqHX1M7Gjec|ij00W?
z9s6Kw@f=_mO4WdgEnN*>o&7EeiP-CGIFqfDejyp1b3)v?6sQ@Gj-R`2r}f2WexHb_
z6ZU%agw8y_oqjXM+pQcNXZ89xhKiVi+NZ%!q>v(W#4~)Vp_WWSzPEvw4tg4jmXe!1
zEGE`fmefFeS(Q2mtHEesd0sEZ6^kHPJVgno!@w>h{rP(O<}eGR=yj5=&q36W?!CM*
z`T?8NFbF4%Q1FzoiPn2^0xuW6^vgKCZXS>j=P?+byDBuSwi30O@hM`Io%)pfri+5Y
zk%Z?h`B58R6PkE_gO=;U7vY~AF~T-80ixA6;^E|7e4im?11VycOmIh|iAjMM&)Qxl
z$`YSoFv8BFNMJ67@T|c8x*Ad*k-(%4z-99%C#jV4MOPh6)@gBs{l#(bL#1_bLeuOJ
zMadQ+Zrrzkl8n4jImhy}u&$}}svi0_5VZC!&<nfwSvTKhCK9GCM=mi#LGq&5ots?c
zro77oJ45lA+;3SyC>wT8_=OsUE|1OgTR~ncer@z#3)YaYQ*?#Wrx<glxc8Js{yD-O
z{_`F^?=@f$_#j2?*h%L;Q9uQYUH6MmNlrA`(m-#In##3dh)cP#V{6{|GGRFdeN!~w
zOVHwCa||Rv45pQ-UJAn#O*dHg1I4~80h*0;KA&9}tV=s1g#C%b@jf6&eo)@4OmQuE
zG7oPsPx6`#e7sv@B*vGOuf@m9F6;zeX19`UBonB0>abQv(>BcRlJOplPc+`&byEqu
zSe;z0F6W5sjW{-LbqNo*Y8cT}Bb@z~<Z*OCPxbs1=FbJOHV<|Gob4nuD+{mGDskfy
zsw(m-%zb=IH4s;!wHXrCgYh?*1`9D$=B9EcY8a5HPfkpCk#%-krl2!(Wb=c15cH9X
z*Iig9x%W!M#X+k-<q-Wt6ZP!9=bTy8e{sbeyj1W2nnt|>yI9DLEWN1oWe59z_@ipp
zLstkhb7SjtG)K5p8T!^o*bGI%<be!Wi=IQkU5<hDS?vcb{^L%86J^lDKU}=t2Yxfe
zeNbEt0XX|4mEHOD-rz4%R(){&#>V$0FtNoMIlpau7F(lUkM%3oy@Jgwn}2mJpbVsv
zYUL1a#7{fVYxYs?5QBa>1dF#(YQhTY<{rU_!+3F{U(;V?U7m}mCSv`f%>`KB;P!kz
zg}Xt&!&;r5fbo;^e-?ODNKx7pBCMv5#Q=9?Z@%340qiWT_HhME+>aGnjB0hEx9mrZ
zIf7LeNftg$1IABOR1cnJ&qr69m%R&KzW)Zx^)>eOoLqsYeKH1V{eGaYc$UzK%N(u$
z8MW|qaibkx?1xOd_cB&)9AYUp%jDLJF*q<0_OQFoT5UI4v*lLd)Ct+4ihEmPIr4mv
zT3^spo(F~bh_%?WfMyxf;(r^`B|7|(5^YW+;rXpVt6mmzj@;~|;6wte-q-K0Yp_`(
zJ;nRYI;I)n>4&$m?y~DBjcs??K>Dz|ef!&(xG(F?8Kqn13naL`$21$cW<FtkSmpyT
z&F9N4D*V6|@Z@pBLcHXwwCe(Q9RcCV4iR=aCSRp5g3tuUQAs8r-?h7$WO%aL8D|BO
zIQ{l^!IKF)+f>{lQy$eZwAn~26|FVhQ)&w*@?T;1__?~Q@@RdnRBxDK)W08rl#y?Q
zHt6|Y@KA+1?$y3I0R|<VptnSoS9aGL3bWMemp?Loa>XEtQ~<k!FQc=&!GNxjv}?0W
zfP#BVH8rp~`Hqfxj*Y)X765ncP~rzdTgJpRL`?d#QpzlnNPsTd*|ia%HF|qI(Zals
zGO=E7jzeFe;l&FX40+;}M^)$SU>@(1K^*1>=HW?FL;Gfrn>2X2{)Pq4;z=^FGBy{4
zfjcO)iMEO5!G5H(2PbPs`79(Gg*|FPTSn##qwNj0e}D*6oWkc+NHkG`3@+qjcLh$g
z6T8BcIDh5pr@KhK)%}u<*)k0r-o>NFVRBhT%@AQ;O!g*VVZ;OS{t5M+4pX8jTz!fP
zUT2PV&V>2OR%#=s5Hr<B>r=k$-fVU2zn>Jc>pmcCD1_#PBHiv8-}q9RPJ1Z_sK3Y#
zA27HxB}mSrs&X~!2ZtFIUal{SOK+u$jHlZ&q4q)-v2%g|cEWybWn=rLZAxos;_5{;
z%tB8~2Eq>yW6O^wzAD|gfDOFqkjc<U@v==dbdlTJF8|%xH%c8hX(84-UR6Ed!u_0e
z;_#2U$!7<#GI_=jH)&*F`gY>0CGjmeiY_{XOG^?&-Q6$HP^*dnBu3^{n^e50%;zmk
zwc;)Dh{=LBWv_i3!meuG>@sfew~lS&oWM4(iks3~-(?eX81YZI(rwzn7q8e4y$L78
z`4+D#Dl)qaN59RF&-9O!cN;@5)2r>hJYeq;n$uAs@2Z01pYA*HDdD&aosaAzKvx8E
z;z|5zUuN5_;k4*HQvgTq^b((I=_2NFM<H(|q<P4vG%NhGhoTFzw>6PVep|fAkTQCl
z&iA*FJ-;u>J+8DJ8E=4sJW@%+GeXvl%);76DFJM__y<;;3%*z(2_yT_d4Q#h(SXz0
z6TG{`sFOjtl5o`&3Ged>L{cVrz63hs^eEUZ6D*s7n5fFr7<#%-3rYTGcaKbhthnSZ
zvMn0>usnD8z?m8QpU?lM#i}y)Z0=qUB#J$xgB`xiv%~V#F$kHg5_n%lgUE{WATED9
z5Z37T+_QJI?|5hYl<At4I&UJPUbh{=s)NLqFyeGn4-MttLcS@&rDtsf6$9gbgqqq5
zUR?ZalFnGZ?_N$wy3YI;67jblFu2b}tVw5cA@=Ucykc2=y;K6d@u_8vPcchqyDfM(
zi|sl-N}`LN=)A*4Jh54SSS$8Yq4a=T5`%W;d3g1mx=OiYLLGF4143l!+TfSqRq{U)
zwdZfG=kO+0)E-B6mDVPXxzYR0`|(T2G7rGQak3Lu!RU}Sl)a;`Gyl5A&rPrH5mn<<
zyK+SD<1soZR@8dpcT0?zV;XeWJkVhHF>Fr(_elO;+!W<U=z7<{W@vZc;CLLt{$-tw
zzJ;xf?hmzok@d}91nkN===OfdhbvbH<!MVhckWBFkY%7YYx7Nsa_@{$!q)uYtUZIB
zwT~UQJ=fhDAryU0j<jg$tXF%Xl^A8LJ-8%w`+|**X9BK~Q=S{SUG*$x)aDN#y7Ol-
z&B2S%98=ilGwm>HpPS#rxhmNpG5SS98N{B=1haE1SAlEl)d)k7SZm;xWjT-*RY{tG
zN(H#)Vd*7mhLj(sb8{+v^nR8Rgdr@)pL~OMvWo+jlthKWH_7rkcSK^o7TpqSt26HQ
zv9Lq=2#t$3r9$CiI%#aWbC8{!<J{wS(Alel2b2%;KW$J)6`^D3@8h{y+zaf>1MS>1
z5UZ`lX<g0zK^dK}DDK<N$r!xM!)wG#@h)NGxF&(xrcQYCJ*y@gPonT7UhLRjQ#{)Z
ztCge<*XP)3X578QT$JPV-7X(-So)42{WTUzDR$EDX$XF>yO^rgtvE2oaic!Qw{AkN
z6!GotTQ_1whY#DPT1GVMS4Yz^iWhhffQ4ra^;Tj+mN*O>C&wdZ3%T64jdoSXNnenO
zea@%o;r3TW=&=scbNiV<GZyi-@n-W|XutZwu5SlgNoHSug>I5=Rkvf{pY+tp_o;Bx
zO6NISp=xBP=3DE}=6hZD-a13GU(K<o&5z_%X6nU`6z_5ykV3QTr5SG)ye_@;WUr(Y
zJvyadn7>Y^;wTpDEg?TV(7+$NWG6Sfq@BBZplR|%&spuHx|0@}%*`RMavjdMgtNFi
z?6c5OqGt41{y;bM{lvvxTU*vUA|^2TBJ}1zFE$41^u5>}a$N#EgK7jS@T2(%2G>^u
zMG{EO*o?=r8ydTN9h#9jGMgK))f7{VAG*3k1F=q=N+F!wD9-r_E9JenHtxz0L8~e#
z@$=-I0ZOD$dj8A3`-#!zl1viIELeCBWT;@>EhpCqK4;Vcq!0WX#j%{b>K6JJiZpFg
zLP9l+3-<Yc(|;YeJn4BXO%rrvHWWa)YHW%LWOf)%>z;xQ$p+im5E|cX$26GUzO;&G
zuvt5i4v?-+;G|D!5DyOUcJ{ngAt%H4hV-q0pq0g`pm8KZle(5EB=8fd^L-()yOD^#
zcq4HkpO)Razp>a{d64bm$vt<nAWINq9iLIJ86@>2#!sCF0X;V_57i1&Q^k5mQoB|V
z<(W__{wk;H!y4gdG!mfR-L1s1{wXPs7V}I*f~fHizL@>v=egE;{|Fp0oP2B<MxeN?
zd(SNfdOlXyce|G9U24Hz&9|Kp=I6F=LX=4W8u|QPMiq_a-mlx2e3S6()>3DGsrcsO
zmPqMH9F@IC++&PuoY2+6lP~d~ZW&j^aaF|~zOE1X+;!6}6HgrY=xS-#(z$}T{tbV@
z>=beW^pmP-9yg&@(NeWi!rjRfO+zyM)>5|<hdo&g7<#<Jxm{a|M=wo@f38+V`7Jg_
zD+|z=@~OQ4?OVBL5D|YxEz8^6LC3+NX4#n4GLsfIq|YB;q53Pq*uk60#yQ2=JYSQt
zN_?hoT2e3mSiGzmuiW4GqN<*~_u;*lj1^SQ6h}W+Uez7l)5v>4tnk1d8+ez;yd#xM
znmNhT$l%P&D%+dLk>Wa$Q!3^Mn5S5aa?m{%g`Ky@Cq~JA5=UvjEDE+oma&EF1bEdv
z&`!H>_o}HyFr4)2gsQ>*``6L#I43*9KSz+?morzu{~h`t6(dL&;hE-9;`#3^Ej2yW
IT4fCOKM4~1IsgCw

literal 0
HcmV?d00001

diff --git a/docs/static_files/docker_pull_chart.png b/docs/static_files/docker_pull_chart.png
new file mode 100644
index 0000000000000000000000000000000000000000..57d3f68dbd07967b70a19f8d486bca2e04cfc5b6
GIT binary patch
literal 7188
zcmdUUXEfZ=w>Ac&kI{P>qDG0{jZU=DqC}J+h(sAgFEdDVqeY2MwCE&4LX==cmqZAn
zO`=4vQFDLtfA3xE{c^wGv(}v7-e*61pS|}w`}s0)2qPUzG8QsCJUmK0T}@LwJp3Zy
zXGQ`7PIR{g=J4<cx)BEES_bYuz{&shMMidADIpON2y|T_u$b96!C){TkW)~IODTv-
z$pW&dgbailDj}oH#LPxQN($hKh>3x7dPZho|KFFC0^Hcr?td_p5Ncf`%m1i)rZ$9x
zgn$gCr6VIJ*D*AwXJ7=>Tha>RG76Mb5HTq^K-Drd2X<0YQZ^1QFbOFmGYg<nQc(dg
z0s;bZatdl1I#Mz+Qc^NndPWLLN-;?}2owrn0-vT+L8z%95IROCpeSZmb|@_^8z+pC
z5<*5nK}JpiR82uaK?0OSN){6L+$$s&$cLVRnTDQ$j)9q$fr*KU1+WqW>t9cRm><9I
z0lS5rD;+&!dE2nEhMrf*Q+{Ewxa`XAsZF3Q9h0j-Er8eCk(IjcuZ4}hKn|ht*{?tS
z&_h_6-gQdMuetyD36LZWEj=}qrsVZNW8VxD3wu?^cu-8nv*%^(Ts*SM8aD)lrQ}sv
z*|~s<^v!J_1w{FyQ|#T4+J@#5vWj<IyrR;IT)aav%3d=tv7{C?BEu7eL?sm9+F6xt
zH*ZNtB<H=T>4fVT8d=)I_ypYiBCPIvsOy<<!uZT=U384@*e%Px2P&!bGc_{9JEwsA
z3JgRLo-EiG>XWQcryqQf^I-bMW%i0L;dk@SO*XI3;;RAAvMhDRUfkt%m3r4}T(41~
z)H)kA<W!mxa&>uiakd+Cc-VV<b-aZ-zB)X-xH>t#n%+DrUi-4~wWK5e;PR~e{qf<H
z>G@^%)%pHG)ydx3;r5@%%dPW^KbseGmosNasS{_x{udYLTSw=O8yyEnYrEU0rzd;e
z^GGaeu<2FXUSkW{HXa_6jh?2Oc_9Ag_jNB;cl?1pe!YZrKErmyd8ZdGCN}Y=-|ywl
zn=(wyKd~kxc^(oI*vlG-FGej(&`nMaCh*}T!Czkdx+BYxqO7u+xW$(2%jvV-;-1Ur
zo=bN{reySf_G@)Q1?||1)IloDx(W6(tDZxdR#+XDHS`nNW-IzXAOFhg+OI2#Q{P<+
z(wfGqg7`<L67nr}9@iI@vJ|vVRBqLL4O9IKWj~q(7uL}!R=hzaCMTECxt3i7gzHY_
z(WYSaQyOrE5lE!{rv=}1-1&ROC!rhIrEVs+*MC6!`I*Zmo2rjQ5I+|NkD{B;)4qr8
z&*aN%W^N_Up$~pV4D<K#RED45(nksX?T%BE^Abv1a9yw{x8&9suv~*qb!_=%zT7!y
zJXgeRo>MFLsEF~fW1QCX=|y^~h3Q`p)KdJFO-if@D~@mOsnZxSfIolt-uZM@dAF>A
zW^LSF4q~k^5+>8pg;z!zkzmo2`^rn%U2xpEjn`*kU^whpX@CotvqI#k#|k0SM|F;g
zo}NDnjDJcML_BRPRwFmRxEEO9TDn>z@F|=H)4t=^(eM+d!}a;wG_1x!ZEJh_gw(f?
z{X9FyU;(G*IO7xiWT-Rc#rftg0%fq^=%EK1{E>D4_cm48I1e`_IxIv85%$$b7BK_y
z2DPE);QOGyukXb<gj5!Z)0hOhL^|b_G`pUGom-UI+#=E~)wxD8r2jOiS3#AyHWpr?
zHfCA$QljBlvr^*tZe<p?h|jLNIVkZ@_;{~;U-&X-OMI3jAFNYz2p`{+?I@?f_em<X
z;VXA}YT8P}Vvu0-rxB8&s+7Sh@IVvaPXeh*vq3D*lynALkA#SSpec^?j|w>C@|DWG
zqUL$Asc!UFj^hAsEEV>GD5)TS>Q4lys@x&c+9BTQR`dYVM|evF-XMo3SYpbli;ouX
zGV-=j07Wg5vWwD4^#|%o|FiUSBOha*31)VyLK2X!w(G=T-Nmadxa}m$SzUyXMQgMj
zN^DyEXC)lnY4^=wzhlw}QzGERmJAx7sn3}teqJJ;<O$wz41REfn2z8j#y5p@O?%8P
zQ1|Wrwj^);;Jc`Hc@~g4gTp-7Y>6uVC56OB3O#`!wy^$IjkkA-(gV&DyXsU%5}rfQ
ztz^epQ<CzdT6lS1l4D(mD7AJ;<E-}EL;}jnz|yknSxAOuP|2vUFhXL4zANjm|L+&%
zYq)Vx0D?~%0+$V~he(YLVktfeU{V5kVm7v~D#1ZfhkfD$%<S1t412l}zg}0o?OeNL
z8i#J-zdf|!D*OC?i5SU8{XiZRme@JldwMPaEf$k{^oXd3AY>r8gm$P)j-SDf^2^{J
z&5kd~J*E|$ktB|prbsl{z{V|@5&JL575RfmMsJRIe#Eb|{);drg?XiZc3~8#>yu=?
zT9-riq<iG&)WUP*BUWLN^pCr2i~Tb#xPH@E`#Q==B*>OVF9Trgqc3YNWgtY@=7|=;
zgQ6IOb4!-BLkvEgGr4AaAAVp<&LiI=sAMiD>6}<h0g91wNNYvG-AJ<eEd2J2XoBNe
z#CwUHgCOses68b&$YZvbmzJIDZIV&J7^g&7uQV>vwC~YX<?r=#cumCpcqa_Yn){f^
zEUICy_GV?E<osu$Pq#2>5$nBlUi2I^6dICAW?;|gHT_SNILDC~hSP}HA*!-lv1~~~
zRz(C>s}#=QPeI>KJ2=*+rbsu+<FN{M(t}b_`=EO~WA7`%jlrM1Y2|s$p|Qu@{IjH$
zsY@z6`7Po_bcGIH=QXR9Bk<}7!-ZND(i+``h!yhmk)be{goG)#B&sD_F(D+r=}ooF
zlKaVi?7qjUdlW-}FKR;6w3*NTE09xW-z&xE_AzPuRe0J6qiDp(J6y{1PIEKLsCIg|
z1^P5=9xu(e`Ks9E25FH;`G6|()6T|X(3)BM&mU^vS~tvRJEHE$we?e-a54sDS0DzC
zI~x)9jLn`!?7u|5G`_1BlOms!>hUasVW(wB2piN!D9y`J{gmuXi|wqHN+6NR)v=t#
zCRQw($D*8vYIC-1EaO)>pt9srWrW+yA!*BZHF<v#3)zs@PyNahxKv4E#lBcVvsSt>
z2F(<Q;a6kt{(1{&hDx~MP70mIEfvOjcwf8U;&N4gJI~MdG0HE)y%j9NLJx<03t88k
zd+!>NO-$PQexWoU1=-BljGoWIEe<n&s>mV|TD5R_t8GnltHcUee$7!Ljv4mzrn%O4
zps=sYksD6*k4w(jjN_KycNt+19Sf-6<gMJp9!ktc-#Aa%^P@Djh+qD)FXMa$hw60H
zfJ0LN%H23Pf4@WBr_l2PQ@LX%o!Rr8A)J|}&#qdI_x480FuXudMflOfMM~@e`J05v
zGj=nK_Ft*lXhXxi7^M&8mKjsl+AA2BT-WLtLmfyndDBG_<x$DUt1hT+(*;b7d{*hg
zg$-HL*<)k!a3G>L1OxjqMBdZ6p?^`Er_LVnAYY)vm1&Zz`(bX<*Zbf+rG9(=?x2XU
zn60B8{8j9zI9s`KC-(SuBae|CEaC|$c{1t)fBhXYotCuAsAN7e{-=ZO4;wYAm7fiY
zg>E0jn|1!#H^x4w_x_aWgbVnPYEg5ZvQJ{ldC7Y^N7@*bEOVLCAvx>LtK7S5>GF;t
z>(-mbp@i;)nPO|VCvHWhsS1;9IBz-^69&P!4BfWKJe-v2HqS&zR;ssfW%a6y_}1C!
z&}BzOixk-Yn^_8{lH`#1yWh`pv+s`YJNWI~^{qG&_`dJDFakL*yl}k}fY|$BwYP{c
z*zs;%8*Bf{ecGC(av9lfEW4iEmpfmqOtU0hvU%HRHF(#$Csa&+MsPQbHx%`(9p|Uq
z0P4`;mA8J4zxb_gJc*5tH*1zy5kZ=C;jl!77cNhupjv@Bk1T8iJx<qj5MIHHhCZ7M
z7v&Dvj#O6b=F5e(-Ditjcqb*W3PrvoUPC<}f6lf=^?CjdBMH)nnR6XAil7^0UGbi>
z=EVl#g`w{c#NE(&6%N7s%g_|6?&;J8G5?r@dl=ELT2Jy3Nzs<{p$YW5k+<#py7jYA
zwh>9(L+-2nQt-q3l9;(#x{?MfjK`9u%xLK8{hbC8d0U?euGZwbSo0got*A7dcLK3I
znZysh14x_x;F!>~%($LNl<m7*eyug8wX!#Ap3*w;-ZzL9svcu}bAwC?LlmpjlZDWy
zM%9?oc!$UQ7FZK4@dZ74q%Aa%|DG+@V%BP;5w>g8E{^f|4w0`Txd4+BwpoyK>(F&S
z2b_4~9ozvY`W%?1RcdRYdR<aoU%olFr2`*Ay;R6cC1#FD67_f!`@)#}8zjH+pY0=D
zm;WAPvl%wk%E9N_xq+?0=sRO)U({SuZTw>M2Vdo-yPDX?xZ6;<GX@6axmp3;Qd+SW
zihK2L4GC|N5blu$VJk`lYJ#1qCgIctLRgoOaIBXlP|C}(9t#uflqEpg6i|6#@eQ{X
z*3lZHBE7Bl*Y$*A={M1~DVJgLuZz=#aQB}H_H;c3s+jG8-`p-EYm+dG7GYJWQul<o
zG`<A@!P8CGxVNy6$4^XS*divTCxF(tY+BF#>(Fq3DLMBl(bRSS9^Syk|F_VS_A=g~
z^Pl7N_y0!5uvroc1F@5Z2_j?#aSw+CY>G+B0MPSEjEA;~TH;Nvc+47*#BBm(BN*?z
zk!hO7g7DhCfR;!NHy4khY>;*WYE3F1nCotI?!5IMYiU3h3?@RydvN+T(1qV3{aue$
zlU+k%&u@jQ+&TPUKDuI&`i-)O$a@v@vc)8Qmj0$ObKr{n7#GHpC?9ob&sB52)Q_ZN
z0zG4H#+sg?MU_TySKCrNCcMRlJMt)*w*o^Ryw)c1H(xIG%eHqH9rwK6JGtNbxHA8{
z+?E3!&J7xKaj^;bX3>5{9`=@6WoUjOAsh>PDxXa0z(@}A>rh%Op`0Ev@yX=G;Xs_L
zHFqnlDQZkum-t`;7LVC31Hau=GUppqEyZ}~RqX~z=bVey`Sf026K2q}#3J*#Pmeom
zemNmw>6f5cv^oFLk^zA=S^ejdTFemArwytqNU&9AY&<P<%qt&bTmFIzh`Ldx#TFO4
z$y{Ad);8IztI4aLDxhASE^7F9(R3e9)@FAHqgWXJ{(JXnhApG&gx>t_<)N81Y*`3*
z=E1BcY6W>m(~_4tCf%}YmVZcmRIND*r!m9&H=}LcIeV!sFV|JeMBb+xF>ZD-_ayX<
z(;>Tq8vSpkyz9XceLxGmj$cjtNr!Z1kCy(S_mg$bQI@n#Sp&l}s~r<ydP=-nmz9pW
zTbF}kW5mByao@Le`ALTp@*-^$oznVXeD;@U!lu;3=*8S5tNJ#X$fe5qXR=-GpG~pS
zn3ecNnekI%q9t?ZV6GKFEn46=^b9Uy=61D%DzUAh>?qoVSK<*p4b|Xac^s@cUVN)8
zxF}1*Q%>d;NjG2e5xg1h>2L>Ho^KA3BF7~P_2AJekH64J7FOSk4!f4N2}QQb?CWOe
zf{1WWeV^IJ388JBjQyI`L~|8!cT9q=R8{I<kRqexHR{^6>5I{<6C-48dwJZg33vBt
zWm}4X_k71&GaTux2E5eFac>b|tmHXnwfU}jM!4r60SwS{FIGs(0s|3UHvvrFO8h?>
z*gF}Xb_2Y8w6N7cn5i>nA@q|;d3aq`G0crWAB=0y5%@<`0AA}KuHkw{VRP}<tg^Z!
zFbl*|JY~Tqje9q50fS_;BFtr}qx>5<_UPb1e&yEA2>>4dr&rvJ-LwfnLZcea*W~46
zBKaT2djxm^6!+_2uIPVJxtm&mJKn;wcmA2Q0n_&V2U_B@z+CD#3!!I#;CJgr%1O!r
zOC3z?2XS}y4IrJ?sP=#UGU83wNhUAGU8?~Jpi<zY!*Q$0sm8+anp1*4zJ=AWTwlB&
z>!T$wGYJIdeQI+}Fs;+C|G&%MT;nYX4}b^*%3YKH>D+&4#%cz@+d=_Cipf(fg|R8I
z<!%BUXx9ymxIk*{qC6fE-+xHf_F?|-`heZ(?`an>LBn5f0lsp~Iaq~YO)uE6oJ1vZ
zhi#D;GhBg5*wMi2YAUmIj9*;w`4D&GKoHmO5jYpXq>p?}{c@EGmzRJN#8E{&TW?RZ
zCAaK>96~#pa@0p_7ky6b1=O=R*GfAhDRONOh4FSx<GZxJgBzF=MzaT#!pXU6Iu9da
zH(bvNOtH{mX|wq8CGaF8W-sN{#MmvzcuaxU1yLD>R<QOY8&<X|Hn9J==FW8fpYmhQ
zi-6gP2ZdMLs$1+VA9iQ1c6I*N%EYy^THI>hz}f#P#Nw59^_dmMQSCWN`u_Y>TVcFq
zttGpQ{5lQ}nc{d$n#f~mVxt53Jeet6xcU7J+E1M9NqtBo@+B$l;}zGvPrd_#PnHDU
zzK!XpZP&lUF|UR?*Y2kB%6-z8ac5h}AQjN!3=@S~JnoI%3rbQyNkVrBQ@S&#Z3^RW
z&NfoQ5p*$2SzJPjvAOre)7-a%YH!1C$7sKlOyu_TEcx?+{_2<1s<d2fX*`|tgyU}T
zmkOp#8Q)&!<2ok49L@)?1vRT?FT|_jzLU&cG`u?Z<#PT?2%{#^<RXBQ00Qd&N%3l2
z)N4*-1_88|Zv-x`yqaWOoZcx-5BEDfpe626qNU+jxs!RjmXANo|7`9YWVC9AVc*%b
z=&eBLUQjKdbHxH}JBeP4-V4XB6a=x_rxmUQknV?Y+4re(VIFVQKVw_H@^q8tRBGnp
z*@M_+jlS)@|A(e&_Z<_G#d(?20V{KSgz@_Pf%Re9-Z1*f`-kGL`sb@O=F11Fn$#gt
z-Q&zPh5F;u0e`90US-l9()NK~h-4N$_}RaFi+3w~{s&0J&6xqUcxgxv%^C7N!|xly
zsx<VPlxG`Syb7nm*|u&zA;l-G2S2B*#v8ux-~UGDI|FMTUWT2>^R4HqgmJ@G4`4Ni
z)+cOg$B$gxT!)C?<U$E8Zm}4x-ehM(<ub!DvY_<moa<ZjF^h6m{zD=~PImY$!*eU-
z3TAcP+vVx^sNRo8YWIM}?g@d!t3sF&3nu7?ExzLhr$v)lS})qe@2hp2b`JTkTl6zw
zUSII5nJM55?8LeaPj9v!1ko3Da-JxK?*&U15W3Y}*m-sZl@ZYghFVV$h^H;p(Hs<i
zxm$?WvJVzZ)Q;4<P5cuYRCCcpBWt-w^X0rG+d0c>l!MWxWAmbi!?XXy`(|f&sM?5V
z(2t(T{>A5@_cWlJZ9&O;TEm0Up>I>s4{fYjyTI&@W|QiA<RvV)_9S~!WFVvq-M{Ql
zq`6PWr9i;C&r_tXbwtpASWPrRNa7hD3$fX7U(|%c_eFJ|y(}cmtRf=RW4sYTUZlZe
zlA#}5K~(MM9hsg*5c0#{Zk;|wjAZnI{zu`+`|58(pNlhnF(VLsDrlKh^agDG31Yi|
z7CLtLOkU*ZUwN<a;x_e#6hR(dY=7NwD$#9xCMiU1kjaEj7DEfV$dG(90g<!Q^@=UF
z9bwZSfMyUKCu~>|={f|N)DU=gbc%<fiwr#45b0if6llDt5i<pKM^jpKcCm)EE|Z2T
z>ZwwROeAfsL0py~>39P^p@>9;;F@|%?h`g_qKON_5`FVVSq*FC(VB#QILU@urYc@V
za9G?k39k@hzqJBnfR_)h?;AtWubp7U*b<gH)##sU5_h7k%t;EhsVQ>R$kFZM9TZ$H
z`#Ks@wT!uuhQp?Z+eA6kgnzZDliwA4({YE=W?66XtI5xgzlFYR&SNN({Q0;AR&Z2a
zLjC74-fh7|MKu!PoN$fGfW~4fKPZDvA^zEdxr$M)F;}H@NG5vG8et$f$=Up^y#wR;
zTLY<t@|3%sC8D6=%P;VBQPV}lEnG~uInOkaLxiB{G^R)-$(Cyp?f0ud$m&!JycXM&
zmxYIbRJ#zQvx(@^cy5%9Hm@Np`3Ojw=)g#BD+H^+Bx<Yxj_8sUtW;AJh&Klz_L&Ik
ze^(wAniNx&Wk6nMDSrYT@#2j;WQC~N>9Mc);@n7!_N~Vy?!hr-XKxk4xnl#knI^2s
zg$RYJXeSvqM4!2H5>zX0Xj(7dj9Ju>+G$rcnk2p#s6{HIe)XhZF^RjOGNz#m&B&tM
z$(1dYWHntOL}&Di9?B7mPp^>GP!|GK7n|qVJm~m7^uTetCv%yB#Y^e~qh>Q-{N$rl
zs^WKhD&)v?XG&L1m%~Bg&FBXa(2O(wSZayaTr3&l#|w)T<ivSN#_}~kGP%BIVphTK
zzT<xNoo=HOeKDy)hJrm6Pi-8VG<lAAZXJ|?PGDwEO-mAEfuU+BEfxOGNWM?l(ntMx
zuD6$EazK@QQoO45CrFK3h^74r`V+LoOc*(Sg-%JxzBP5V#=hKRP|Y)Qu|MgLju_Q+
zQmh;U4bN;4HznV3N0W~}9qi|1YPo}cV_;rG?JWXh@ziW)rKNYXismv76Hs&6|H4z_
z0@@<D=~k^B;>%%2ji{wyBo1F>^U&fqRdjg7r^86oYQ_2tZ?j{g;a-t+L8Z<O#c1MT
z<m~HY&|v#>$UPI^$DjrtH}w6j_UIz{f|eJtk1S)VRX;l}l}}N5H?dp3spZM6S~c@)
ztSLZZrc0XE;1g9z`ba5<oWfYo!8C2WkJMHPLcF8zWgcSF*x~jCD`s<lNgphsvd_9d
ztdJ{K9Es7H+t>!4o(t~`(Bo+4(Ozm0gBHSqyW_G8=&OKEqOgO)<2Cym#d3)&y9v7a
zx;Ca8iPnVbQrS>L6txr~CDFWQh}pb$>uxwJK{~bivn%+Qv=(VPDL+oTsMUcGTa_^p
zB|<G22_cja{Yi(K1dv7;)c%-%RcCX<t$WwZso&ffNZr=;CpY=l$}{tOM!oO;+*)7i
z!<uBGD)%+rFN&5!=tpagi|)HGkA_S94wv+HXTR3PSSx?|z~8lKeV4&a=On<6>8hY5
z&$`Ue{mY5^IBUSyI;)y;zsoyCB$opLRnM(kI_TFo_LmvVm<#f5pSNXlc?^>hwXo{n
oN!z;P&tc~N%j5dLEMPet^SNh-$<O_83cFVIw2U<C)E&_O1y)$C_5c6?

literal 0
HcmV?d00001

diff --git a/docs/static_files/docker_push_chart.png b/docs/static_files/docker_push_chart.png
new file mode 100644
index 0000000000000000000000000000000000000000..34b37073db0ae78be070147107395c7b1a8b484a
GIT binary patch
literal 8700
zcmdschf`Bu^d|^{^xmsLXa-Pv6;x{Ip-V3jkrH~9CPnE20hFdllO__BK<M32L_j(u
zNbemYgtBqJyE8lU`w#Zcdv{K|=W{;qoqOlayaXcyEh=($asmPZDjjWgFaZG}0)HFb
zA;McI?sO~@5Zr1s(lgc2bMwJl{y!Mx<mAM+Zxa#yBltfD8z&DbDJcad<$Y;IacMbx
zfViYA4K1CdtO_d|=N&RKyam7fzlFC+NSIjI{$~=rMOsnK(8BIN7ZnYywt>ZevJUtu
zF)=Y-rek0vr=ZZ%H)UdG!K)8s6z|I_Qc=@LNXz3@4SiGmOh!h=$<0f8hm3`dor;<o
zA9L&0EeZ-sT6#t@a&j^<at0<AN-8P|DR~+?y5RUsY8qN<8X86xRy+kZ4lX(d22LJ6
zDk>UsN=kAHN<3vsO3FKU4rJtE3E9xFH~31JnAzx=m>HSb7?@dES=sSk68s<~?U_Bq
z7hq=R%E-h54T~>p8WOrEq4Gp0;oWCE>(0p?eDV0;FP#&uW9#1s(0J&^;pMvC8G!J;
zoX<_4zW3A8(O0zo(lxc=;^miCP}MQAWM$`~XJAS$sFqWC5|i;!QclVKxvxi1Oh_E;
zLtQtX$YUMjyy`ZHcNnbX`^&_4YFhf5`ljh0>o~Z0dH4jKJOjbj&abmefDdF0EbIeb
zr7^RzTROQ%rsm_HfHefFsHVv$C@d;2`P@I!HzLWz2BKwPp1vJFhG$ah4>m9%pv0*8
z^$SN5V`)F=E@$HG@3`}tw96k)ZC3#q_mfyT>+eG?M#h5>TCejA%hz3>G#5+P=2#01
zb}OgF%!OTFojG4$9K=mu7JWJ?JL$eY+l@ZEJ~_GkdmV6&y>2?(IsLsgaeQ^ra&|Ha
z#$9z@<BpCiu!k2Xdw-*@c5#<Gm-AOM7pLi?7onGzxZP7+-B#=I>Bhm{`8oEmbHVpV
zGzwlNqt3rbK)`LFqyES=m~dxy6UyO6*ncRbkN7$2L630D)6c8ae=cG>-B67L<#0Q(
zkdgTSN$<F&zopeaxaGr7tIbQ@6HY<6wAj1vIx<~&_{WD{$bfVGVTPhs<~O%gMX^hc
z;CvTE^Mb#Mai6p6hcr`E#?@MRZQ;-2=}$%iIvM}>suYEK`Y>tgE{u=t&V;YEbeC^y
zJo?={_rl6ZW@P{VLb~rbT@o(h(3$yn5>IHE-t?C*@st6S0xEIoCzxwGs}S=Yb$~uD
zmg(lg?=BW_RTZSuHsXnOtP%{<bQb<R!;`TOWXP5|1lvwJrnkc*-@f;E#A;+&uhchi
zH^F5|cs?GGM0S<OLUKYnx7s3oUoyra7^Sf@>+~j>-d)ocoAl-~^&rb*=vj(F{eJh_
z!{$ad&KN1?cAGf?AhL1)s3QIa#Z<=4uQy8H4XaedJirq_r1O1Wv&3nnD2G-SH8hCt
zhexjR=EEKK>icCb7T^6qScwA_?2dbU?&h-JGfcd^Ox~v6!!<UIFk7%i`Ar7f?Wj{&
zt4Bn1MD$~478TeP^T&t#LhFcD&mSJr{E8~Z8T_VDvRNa@KM9Z}yO%rPH1c72W^5X(
z<M)B;Oo~t_Jc%@piS)eWhvEo-Y27}<+Cz@Ujp)p_L1ssd-nv<HW1sADkc)kWSQtF-
zwYVcH+F98cWdbSvZWzeGw0_o%vE{?LAjU94L8x%JwdHVvgY}=ir8%MI^Ty8RhFzhS
zU~QW^_YXT~$=fAyUWp=(-p$@9LS=y!1m3vjw0d6F(tKBoitPs}M2@2w(t4F&>b2n@
z7lrzs@LgW-@Xz~-=QqOl<zGDGDm(+;a*X2wDVO!IWYUb0>(zr?uxBW*DU{TH%}BfT
z&>ccchXZq?JktB@<RLL4A6V|+lzu-<?wkvavPuNC_bn3R(kJ9zBc35hro7x2%SM_E
z+Ct<e7!Mv00_)`BwIzr)s80j<kpshCnt~*H_o;r-d|o-2UJ@uLoL@Px{+8$I^|sn$
z@c1EH?r8K-FtM7nbnNZ3bvw_%WhAxw_?9_>+69t)=k4#V=4t&x1P2fAOz?G=7Uo-C
z|MDipkTvS(!(N!=SMFC8&h>MmCQ|nvI8<5FTVdbFdsPpFq4qqHb#yg+nDsejC8uX;
zVn2c%XG7b1Gf3Eu`WuiTZ<SJ7E&pun?Pf0cj#keLkq&V`ICC0Dl9)Uz&T|WFdOcpd
z86R!5Q%EOr?X@7v&181!w7rIY^Q_cbx|gXVuj-?ro?~<pjS6N7^@srZC)^Y9D3#dN
z=yIW@r&!rk7q@TogRN99UgqaU2Rp+ZQruE4T4?SG!l}dZIn&}r)xulQVOjBliyWm7
zNvK3CHq>_n>HpTQrhj@PUL^4JOMIVFv_h(3>zHS>-_M=Q1y~KDS!IxpSLF`}>u5St
z+dkVwt6!8P4e$N>hu=6!J_=qY85<HP)N_hwc{u_&?ayfP7--qv+r5GMC)J*_JR__Y
zURaYaZSQH1)D;?vOJAhr?k|qhEwzqHcsts=$oesKW}WI{$jjvE*Wx5Hhq#Ao`(y^$
z!H7o&TC`k?^bJf266~$Q1zx$gk`K5S$C;xY!5XSits<cc0;&ARudv2T3*KpWYs(fo
z&$?W4o<3eMPlx#P{&aH*FzS8FO!BeZi?FWk5ODTsrMbutEp_@Ac-$=t`kW_(9ZLc{
zoJQub#yjN}Q_uh2NEyK7Fhb?x2wg->JH<q!C|!A*nV<+#j&;vM(N}COPO%~+E{LUF
z=5=B?$>%PX7h2{{ghnwcyPBd%3uMK$TX<T);3PRg61$o5q7gA`5l^V*c8@UW83>`o
zu7!OnH&J!|(x#kTU|QyPcT*s69lf_YhTbSEH&2-ZU_8-8p9|IYR+XbRX5U8EjWgW-
zrCPtmlb~jAH%a&{Yz?c4U`o~Vqf7&|M=Jf=5r>DjJ`Gc4m@eEg$IPlB6W#5bWr^oy
z_@?7`0zaPDyNm{KJY%;kdnL!$yqe0M^mQ)3h-hJG(HK6LIgI(ktQ0Z#{W!e-<f6WB
zMx?nFee)b?fZKVAA#N>W6mmgm1%($Q(^qgw`z;!;f*cc*NuA+y9J|P)LMee-mYHMy
zKa#%B<N?i|_1kZ8PLT9~V`B{ip>-F;ZcrB2mq3=$HhHD5o6N2dxpS4&c|h}wVPIzS
zQ^P?oK;xi(&W?F#Gc{+{0?6B<cP=%{06~o1M|s)Tw{3F?4IJ+Wrcii~X$4zO{{ilI
z=t$I=S^AYW>=|7zYz5O8T=1sdQIc=n#sOKfO?SgUmK%YwL4Q7;8CqnMDM=sR^ETS)
zofUONl?HJk#`G@}eB@nYN65o|9|-0j>o$<-J`FLl+&T*r{KI-B<-v6Je2q5$m;)IH
z5PD%FK6UKjUBG;<Fl@wXz_#|D+%YXvYlf!$vOwmvi{7h(A>@Lebn)#^mf%Ozy}kBv
zf09u-Rzkq~vzrq66KnKq{w`Z(2@eyW^maeN`DuGgF^_%0!m_ds!b}la(>pj$)joS{
z@xk?(<lGj;Fa3M~3!m`)@Ri#QS!7CF?b_Fu&!Sy#U#r>8{`qoo^rS1184msSag}eA
z8;*QDUDXu;yIfjtUz}07IaU6dV|O7kv%wtayUKdr3Ka}&>&{*2f2d)n0^A9LH^s*V
zoIcGG&L_t*06)uOZ)WPJ3S=9kl9y{~&W5J@q#inOa7dBFJb)3!5;1CztvnfFG5Y@D
zso9ItGwM*)kpOc?PZ1?+_!Rjw=HtGR<B;tucn|cZz%AiJN=7&Dox<zDgE<FO?t`sp
z&q<}#Ii<ta<}2TW);TsPiNy3bB|1#l>rU<L>SU+R^VB0I(L3rWgD69kq>t!xBxbbr
z?n#Sv70n_|9H6jIxW-#+G_`1Tfzq2G0@2ghp}iTZwfk^cE*HH^Y|jixDpgkVi&J_U
zNJpf`Tltarp#K$cx-fn0Dz(oHXLRC4B43Zowgq982C|tCjc1zK7QGkhbT=ck=0u|!
z+7XjN1b?gE&6Iw_7&o@s2J8z)_Svs7lcm7+f*8H_RcFz=D@bQtfM<z+d$ITTJ2xb^
zJQbLVTypUF+rImVgiS>YThG{na9k;QMfdo&o=*RR%AM@C63%wZI{HJJ4NrBh)2o5S
zWaGHP&Bo{kPe4t_-JqF18=wggGVj-3TnCB;!$HD;s#x%B<v;O=AL70!4yY2)0-qfT
z0IGUy8w+xDQKCh#YI=~BxfKBB`>_rr4AFsP84Z}Em^~Ij6bJKdX^IR^Gldt!h@{mQ
zgdt=cMQ^IpV1}yku<|?VE(Im?ey!c2s4N(1(KeU4&X*F({Qa;0p+5Z&RRAzw>XNmh
zJ@72G#3ied!a^8{2SugB01IGh8FR8yJ?DQ|G-h}a_yS)_NbIK#j#ADgBmWd|uBeX2
zg7E6y_)kz6{0%>90?((%Yyi~uFBQltupN(`4l|y(qQ=vNgHCi%qQ<=cC`Z)bInDh@
z!E;OU4zfK*_DPiP0CZ5R2FMSbaZ7$h6&V3p@cZ`$M$B(C2fp1RAgwqxP`Y)0`%S-$
zURHGl%<Xn>FW7uZfHLzhI<P!x+f!#r|FF^41mG?LdFOG8(@4J!P92(?UmWmtJ!k{)
z1?ct636_B-O$O*ii=B*JqG84MD$4wC#*UQukL9*x9uVax{>TM|1o44^v$?*hs3Rpr
z@W#u}hKOEF7Zt3>LqBh<WiF$vrT3SwP=_=-^v}+KYZhgXhwVT6QrS*ljOSnh!J#xv
z^W@=)C4eL@APeuH7g6nx`5oAQ*{+!?b@|8)<RyeL)%k`T$SsxLZ!jA0Ce8XCTAu88
zyx)@GB6+MN838r|w3Xm}+5_Hi96KY*qv0WY>hKvzzV<Gc7n5m%kjQYeSOz>nD@Q4A
zV`{Da3rMiJTZvA@!QxTY-*n&3W*wrdRBakp)G>IlKuFp;qo+Az_$iGU9hpzXN072k
z)8ax&s(w1hyCRn+1~e~saRw-x;+MG*09~?k%KUQFP51lB_=`!UiNN#6@cGR!<(bM@
zOj`;};o_{IurPJRz{9KyiqRaf3C9^EUHvWv{oQRYsD)xo1ak2WWv-g6u1*i*!i&_$
ze5-NiY#}l0Ckl3U`0fq6Cj^eK|9sDJ?xi8k2rv>2gXgh`RFSf3y;D7&o-hHxBwK_L
zwJRZhdKxI<)u{m53H4Yo_e`mO+p=T-X9^*R$L}4mBKq*_0j0{HwmTM)0Fmt_N86#E
zWU#EA&Op3NyTWW&NO}goU9AAu_^uAl@!fm*+AQOq2*Z?8b%u?OLSZA?F>3`hV7sn_
zZ)KEd$US^0>?p(R=n9;Qu^AApTDjc?fQqkDSFHfLcH8P;HDcx{-PpXAIvB2z1;5Yo
z<XHlWVP+>3pS)ncq;j9!VPmGKEN?q}#~Xpn6XgEo%P{+-1~S(X1bcZl|A$v}{J(eK
z4ic{lXW{*(Aam3O=>1oaDagt(t0e=L^RSe&4rHf0V1Oxx=}X6jaf!@bmw2Q+px?_X
znLiPPyh_AxyJ}uKJUV}}^(Tk_gOWgwN4&t3-N?bGwa1r0Dq>iG-{igkNcSmqm4F4<
z>$lB+x{8tr))F9E+Txh?90vd8il2}2%|3w#!sbEGieanCB`sadRRT{$x<RsFw1bu;
zXKA&jmA2JJu_*qW8L1Pw&=lFPlOWf`Lz3eOZ)D;jP4JMR|4$7|W&^MOJ8L`=OVTXF
zgDe3}8At7DH(mY#BCgf+AHdf%JcN`MZR5^a!7$12<O2xDy(DYbtiPGQ@VNCW?o6iM
z8jWiDG%)&#;n@OHucxzkzN!dCfbzaiuacC1@A@<hg(3V1pDp12`S?&#c6Eb?;L{{1
zXiJ{C-PwfwURc$9g~rAk?BP_<k&xcPKkCQZ&59fm>-cw2^G%fsj=o_+0PQF~v{*m9
zz4ly!fyRlaOU+76J)x(Q`_XDDB!(dQ7K>^)y}^NBZk@+WAD0$2uv{TnQ^qfzNB-;D
zHJ8KhCUUywmLL=yk|yq9t$5(T=wTHSFeAyJ`RSAAD12OqG^JasbC;@zYY!eg(`gd(
zW2Sf!b|V?sHCoo<vHj)I>W;CuGgmu(=h{s^M2qx&y;kQbBtCX2C46SNb8XA`tAY!g
zRCKWW)4<?g3So@OmSy@I*Y9d#Mkb0KXo{9C2zK&jLT5oAf@s<^_o*+w?icNs;HanU
zV}9|{(jP0+IFNj0OHO%>d!9p_noxhdhlXajy3TD!l^dDqsD7)i3<VEF>LeLnM_i^|
z_P0;diyWgcX*bz7Hxk(Z_79g=pHYz!p*X71m7DNT+{qco;ilNa8e(}oFHC!LTRI0e
zhVgROyoCJLxl!DtS1-fuwx;t+o=dq5z2)hFWZUnHJxy3o3R=9iuw?x%W2v^-`Z55>
z1wPVOiC-^^RgDoNQGGKA?A)zAlg%vjOsVfaz@AQS9c;HQSi7|ye7<=BEsXQ@$@?B@
z5A80u-`Q1}l)wsdt?p9A;fy6R=a<d`ACl2KF3f~q@6@=hOst<i&oJLj`D&qLC3m#B
zC%iW%{brl|ZHV|(;j3xuGP$Xve6rB*aJpOShO5SikI2)_sV~Qkt>>*51{W2w`?>Zl
zyD!Qa-fce>YkNrXKqsL&50h#}%D?9-ZI&Y2%+o#nCP1t2Z?E+=vcZpVzRI(P<#Ts<
zR73h&hP=V_!rI+dZnt59V;6t>0gk)+S<1n=&>*(^TUPvO={!?{p8TMQkj?c_>+@v_
zXgFr76*T(lM@F@HH;2R0->RZ&257ht%Tj|t^O0HUU8!`=2jJl?g>w1T69QHzT41T2
zPrS*moB(^4&2$IZ{8cc!;E9U;RPW5AO5*@KkcC3~T{J<cgd6)3Vg&7L(3=!FTC=>V
zaaa~*ZXuK1ew2T@&0qQ|8-QCxiG{o`LTaP4Q|qSyERT_V8n$r#X>A@4*X}TIsF{m8
z#?RbJ0eN36vG7#Zsc$4AV#DGLoc5MQ+C`R8WKeN$lT>xedhXDVDO1X=-Hz`^!fmtn
z9S-~Nr2#CoUio!L%<jcNtaxc+P9H5a=L0>zWDpw-c8>!(<@5v{No<?isq2{?3sa5a
zcuz;YO{aGSC|S8XY+90AB;+@CElMy~_Y-|`>rcUS@~Sw|$k;9JwMxO%-4#qQ#}Ce~
zECyrLv#8M9)+=nt0q36&VDTR6BG#0zG#^}vL4UT*04ei9WLR@AA8hw+FMR{_9vr~5
zq^R>+zW$MFW(@&bZSTlwU*lF%b(z5Y0F^_c#v?@nIp1MpklOX$TCX*x?(v-~PBjy+
z2QGtbZjBwS^DT$6nGb&1MeRYNU?mAN!Ij=w{ng(Ifm&v=(WUB9%94e0#+cK3#68|!
zQ>$bW0xODJ<x~~&XKK%&Ei*n}JMTJty3mKDh-pRT^B6#gzh;V`K+IEc?btGDsT^gs
z(#}UnpTbN8gr6XAxn53!0l_W&e)q#J)y~EIp`MfCQXdK!ctpH-!F;MhRtDq}A)siI
zvfDs$#oPD@S~cjco~0mS{stLV(p)^rm=<`(XIEvxC-`n}z$zL>TwC8_Nigbf!O<2v
zm@o4<)G_%bMPLL8m^*RlC<XCVIBUC%LOp`%g@ON<mTde{`*^b_)T#FY5$?8B&BNmo
z7?Egd(GMNBd(Kfus64@$Wj|t9C=IH%Jzl^2>NdLiuVY#raU8_)2NikiE3ej2hQT^h
z7KNhOnS44iH<{4ol!cf#re10Y@s>kVy7YO**~+h?edxx6hN>ianqCX2Fp#E@ov&@x
z>TPJU&?kYa>pqU#G8r!W(Um;N8R}^tb0(`KU6jTT-KChGqBqZeP?!Tr{S}P0+lmWX
zny_JXt|szf_3~F%S@~l4hWzFw3T4}*^~+I)(tt{%yAZ#&g&*sonq=NbiP_SNw+>@e
zp@;0XtHGm6P=_<cG4Jx9=pU~w_glY1+*YK360K(bg{zKofg(?T8R>wn7*htUp>N%w
zNk^2Vn_MfPUNj)H(@AW1YJE8Tpe0N9@p$lEd!rA#nTXIBhB=p>>Vg)+7$M#495iyw
zX7I02*x;aXh!n*Cp}kb0xmcg1uKA2#r2#R_#l7;67FLfhBsp&AA_r}*b3i1LuvE|H
zk3ju$irn?&s8UU|(%mb%M$ZA;4EJ(;e96@fvQpG51w_{f%uK*!%jdgfth$ML>0~Qe
zj}U)@hmZr-Y!1t>Q7c;3(pk?X)7{a28RLl(kAm{t?1!L^O)MYuyC|UPCWAG9QRr!$
z{+zGUm|z)g?V_gW<DX5@i=8MxfRvn_lrVH&AW5Id4jI0x&&B0}70<19%x8)zp7t3W
zn?iG65xSU11dD0Dylh3Jb9NLARw49BENbrV38abEG(w{)Hyd5{Tn5yt8(~Yl{2gzg
zr;`$sM(B8=4PA1?p3Gg_AadZ+YGwW3C(wqK$Iq3rw<ZLoa(XyUJ;=Jk>8d@}CO8T{
z=|vzBaqH`ex)nZM-ibA#bzYAiu~g*-OseUh^&?>kt?3zLo290y$f3rQh9F<A$i^st
zV{;k<eafLv&RkgdsyozV1oMskD0cIF;y2t;=fWN8JmOw@h6KFNM3hGSo~ZE3|8w}+
zBHN1FwP)GI7P|Qfj@IcOSW6W747z%k3Asb5epE*|xNiw2b1?Gfu6j~#*of7;ucC6v
z51j`!ywE8oh>2%xb=q60*$pmuG1~Mhol>h7{iP=@0x3s6Rpq#yXmR9M<-txu`=u(+
zms=yuWq6kMxy9!ZahFgrcYmW@nM|pSrzNseZc$^WYtz)<l+_Vt?qBA=P!U*DXy30@
zN;_^5h4EBvJ5;YWC62SZ6AVWkUe=w$te(gHoz7x@k+)2x=I6roVWGi%w#UA9a`be$
znrzWPF(`BBf_#1*b~?t<+eUA1EEQDnQ{W+^zfztjVc9I<;zzOI{t1z7|Lf_^zTP2&
zFmkYOrKrcg?CJyB7Zp03mg(uD2fCA)s&{k_u_e5=5d<+$xg91J!@jK^=(fD?Q=QLK
zn5HC(AOHxl{6Xu!SAC{jv$J5oM0NcK4NMn`xZ|$nZ@>5Wn$<R6w*9?aSO<pA+Wjcz
ze%Ng20Coejc0;y*JN#&KcYIFh13I^Y&=o}B7{71)i*#|a_U|!lu%)yI`vz=*89DbP
zsaPXD3OuJ7RHFIHA&7AXo2Cd1f6$r=c_P${y{~~Y__^O2cI4PvDv){-4$b5LYI_vv
zP`5~RWYTgw@M1ZHVh9>6MMMt*w7oqnjGmAc&jX<8;|Pl06J})K8p_#hf~7(XVX3XQ
zZO=H~?Uf>u1{Uw_Zqh7!PSLRi-d#_y^P(zEFV0tD)ZnHNu+Hy>Q@Dpy&1)08)j1-4
zGQx*rZ9?w-OzkRuW1>&AS$XU`YfkN}pdG}S4$6xYFKn~icwNd^g(LX*U2(JEi@Ip|
zXvYMcFU6H046rmY-(&69p5U-R>vm!~GTD<Zo*0LIJtTV%j0vZOqRX(~a%8XaS%(9)
zkm2CM_U~bK{ENIbfl2`DUrWH%tgU5;a4@dW)6_-lRU7sx&26c?f@#}Y?j`elcig1k
ziA%&_2m`KZBWEmrCHb2e?xGH&ZFnBA*7MHpuwvmzBPRPBwS>=JXW&`iu(oC$qRzsw
z`@0AA>y+xwv8%1+;hb|%{{C(+fFV!!oHM-rA}~K$V>HM5Sq9<WTE3+nQGavr6x)x%
zjUD|jQI(mbv%b29f*l6*(DdKG5AzF>GaEMU#unbLhJc2E;@{MZMYKA?55^_hbUO-;
zm*%(`vt-9-2rMIF0Sk!jj3=CeHldxb56)miiaBV$sGUT2w;AzTSV=`{mG~pyX0R)?
zkm9d`0oOh!Am3?en2TBn;6xAQ|B0K=0+98RcRZGUkpOxU8f}_+uD1%59jjX>QZu};
z1cz>WX6p?zY)0OJT3`;$)zb&*mEQzUELhnZ&RA&^YGW)c3SS<U5tRiayGCcWg{ylw
z!tG1!xLZQUGxEYmERh1*6uh)zA^L(|GEBQN<@|@;${C-o9~*ns#Uju^1tzHKkI<u5
z1W6)kX|2_lH<kk5Dm!+$ErSibq?^uXtu>N1!R;rSzpJQw6>Nf??H#vEBw8TiEn?{4
zutpzI@u8Bk-s#AV-RthqOj?J(YL*0`Y(3+~Ztk~v_sV~=3fqJZ$|o#7)|OGwI9nM`
z?r5do9-FIK;Rv!x&U7AqH~3fDK+~7_U3R~yYl}28=j=T4w^i3`E+I@9$7eA7bE9h(
zRdfx|NV+$+LqXV(Dhj6y^;jzM5asx?!oH!iG@QL{8MZfOty2kK?h$U&w)!@Ht9w{M
zu*xxNz{E&l0h#Fv<cP|aZa-_ttl4TfDNbAU6yT3Z@SiN{X+j9SP`Cl6k>XHQ&4)bA
z=A;*G;2FA_x0s6vQt1aj(MNV?IyKniujyL?tGEO?#F1}TpjKgr#0&h#4L9VSLMvO^
zd$F?}cyXnyB+^Y)u$I>BBGBrY&d)e@5!W#{O!7)<z1%1R^b5cb=YSI98JsiC0gQqK
zGBeOdC7C2hE4n7BgjN+;wAIm3DS$8S+(!0zl4CsUjcKmh8gg&lqcy{{lt)8g?zXfR
zvKCzk>6zg;&(a<>GJ6llf=z1_ersI9!v?Gvs4O@V|JENA$aTG!7z@4##>s;ijpJc&
zAMn%bNiEt?niZR9l%%!`NshmClbQGCyRYvw|HgvS%Ekucuk)j)#u@Z1Uf1S$p=iph
zG_B<(oBrAs>GVW-Fq{<Yh{7ZqLd$Z*+@;#N!^?Hb#jgyZs&B)RBJ(=y4%>G}>p+hQ
z8T<e6vo3gxNVz4$*k3%S?fS^<M)@lK`3Bu=-j-Ns%yAksfUBhBJ{kP(bH9qa8;?R?
z?X~K2FJW7|rXtwSu7a*c7so?zuY-x8!A7HFJ8nydi$+YkQneCV%A}P~b1NSzbDkKk
zk!Np#u-sIAFD#K6@!XV(<(1Y*vxPtv=9cGTb(B;pVZx2>Zi8^(-u4{Pqo9vegAEmD
zDX*gu>Dlyyj<&fc%EbPCVloujy86hM5b-E9uGka=EH8j;E?w@ho5(0DW(VHOwg(r|
u-FlwQvIA|{?zPf0tARV=e|-NNwEZ-7%czfELR4Y@R2>Zi^)HVdUi~lJvV!9P

literal 0
HcmV?d00001

diff --git a/docs/static_files/dockerlogo-v.png b/docs/static_files/dockerlogo-v.png
new file mode 100644
index 0000000000000000000000000000000000000000..69ae6851721e2bcb603b73da49c0c53ffefa70aa
GIT binary patch
literal 9670
zcmaKS1yq~Cwl1y#f`<adDNX`K+T!jMD^e`DOL2!1f`y{R-6>KiTAbik99k$8ibE+@
z++KR`IcL3l?mKT~*7|3Evvu~KnScJ3=$9IbL<Elr(9qC`l$GSP(a<nKXlNMLc$g@}
z#jf}cMU=i&)0N-e-eyD|qJ3EGT3Tgo*++|QL93cUfzQ-+F|!8Rdyw4Lo`Mbm#3}U&
znYr{qDYFO1>?K3io_@Shg>w2PPwo7_FRzeBeJHK29T*w)kBl{PaMLumnVOxeYyKRO
zkdjqg<{I>tI53Yhr=LGOpRMkv5Y!DLt(V)%`$^?jh*unaV4A3|iIA2NR^%t*<j?d@
za8@gS?zDEy%zlpI3H11ORyX)-cOL;gC~odBrDrm?i8D{aCp5%o0he%LBU`k%R^I3e
zjN~o>Lu;1$@3{HB=n3tZ8GX#ndxV*7Sf!(sk>$AIRWxo0a9}E7NC|pk2X6H;@yAvC
zniY(cZXq3G=~pJXEgetHJqR;;Fy8lIR4!o^Pixz`0P}}AQybBfI{6H38SO$Jd&Xg;
zBGKQqVWju+nK}oiWYRb8G*2&3Min{redmF?mrX52<`fO?{I2dFQK}du^UYxNj%Us6
zuAg5ai>sxs-waC5F!u_`|F%`yJrGw~MTDpu{JEtDweyIMm(@3Io|t8;ns$5}4a+I&
zTitl#5S%=-QN6OO)jHq0{;TKPvVgt?AffI3$A+5W35xJSvbuHJ#_f@f-O0V*6T1hD
zO}mzUp>mBgBDGT^>)Z4tqwp_lnRQLfZJRzFQ#4_D!rHIFc}NaxU-SAg!kQmb`-iU_
z-Tj7F>_Z~BK729l`le!LlQs4YC$+10WqoLUo6R9)Y-^u5sDRcl1uMD%yXw2Jv2Fa|
zJaYM`h_2~VOZS;yM*@ac-QU;v%$$G`WyNjXz}hv>*hE%$7)`@gLRr=L_Ae$^_!A2+
z(EASR;4FHVD6!&xGXE@^H}8__+Xxa{1oSO+YevG6vlO2;oRV{B-e&Py`{0$%GW#R|
z!%O&We3d_r5eMa)c=%mO>)N3T7u{1^L#K;Y)H?tTjrohRoV2bl`mdQf)Cd|zZRc$q
zrV`Y{fPfAn1ps39q5ZGNe}I9Q|4;7!2=}4=KXm_9@gHEw|Muj+44R`{$L|FL;abL5
zU}naebK!5ju{JGkv`Xq2(>F2e+t(swATm%=cf$YpP2Oc5N>GykOdvnJ9Na+|n1C>J
zcsH7?c_<UOd(zcBa8b!Tw2lVhjlde<17qR*<xuan^9qogM`WH2MVYcb0@3yWLFRaX
ze~kV^{{N=$vHnZne@p*Uf5GPeR|e(7O*h*5@V4kmMu*LO)nHmjo4xb*#dT4QKBoI3
z1ZClnOw%T=rSfHuIe5SvPnca0JQG^LYY3xFx8_(TRx^{Lu6Lz2Np-oVGHNNIP`M%F
zy9m26stHQjThw|NR5hghW#_^WYf3<c@m^v6*`VT+vNC=W;!7r^6ey<q6avJV9TVqZ
z0l*4Glh38Yz`v5>z^ls0go{h)SL-*ic$V~x2pm#FVk8=@?t`2$5%iXU5fJH;A&hLn
z#w$`ud_xKi6-5+T;)hI5S0M82*A^^k;u#dCm}3l{BhjFs!AP=`22aLy?2iX82Z|!0
zY4&l+qf7uPkP!2(01yXx$(k49<$KAVw;kz9Ok%cqnn(Beq*wD2N-;2+oZP>Voc!@>
z?E)9qjQ^qc;>i>Kt2GCZ>xrvy?)7o+BxflM3<E0UhKMu&jEto|gG~K=KSpwT3no}k
z35lB@J|TX!Fj)h0ms6zGyt{<9P!Pa7oZg3_%BN4sdBQfBkpmMdHIJ<2B_IM>-pd)|
zAcx3cT4j?kclv8pdZ-k<*DZR#5w(rb!O$~^dJ7T;4XO}a$j~Y{RKaKESfGj-8R`Vr
zDwxc!3m9>8Mlk_;^Iv8yzlKMH8Iz$cj<VXv0uFeX0w9G58C$3E5j8VPsMI;KTxZDE
z=Te8jP#76H76By_fkLKQImw|?Tga#t<^G(h>gUK%L`1>IIAwg7ZeCibR1>nCoEog*
ziMb*LN~i`u>ht>A0ryl@1SM2}jn{Z_wzbL;U`8G2OS>T~41#AUlN4|bCidy#gjg`6
zEL2ziVx=yT6BlZQiv&k;gA2UlMMXTIXvm}VbVa5of~X$2IdbhHirbbKl^aZU_hAkj
z9#l`gNjgiWqzZ<P7tV?_r~g?6h(yPe6-(0^e+3E!FFF-*x|cXbphlgAS-y-&fkFq-
zh9aj*6LQ1AXe94QBbj{ptr-#V@zN)`s-Tmxj^#j))15X(0PI-N6e(%HD>uO3aP-=A
zz=P0IDmwy|7^5UObU0#7r~EB=76zWqyV@$<7o?G22CL1m#iZK|m+vv?f$%V)V_&Hv
zc7C`0oK+*^O3RKpfueLyF@CXp?b|1$!soo1`oSUcZ=$7*6}bR@soKtrh-J8{CJAfy
z<a7ao#mLv4(Q;w!XCHJnn!A=avw?e|R*wi1r6otkKC<UMmjfInjmnzyFnCr|mJSCg
zDslhjIOe&8X_emfiSO}AfLCDlcI3y)hu8S)o4dQiJv~b^M@I*R;WIP+i%)_tlNeUu
zJrm8lvz5?x@u0TdSuN0%Bz3M4GvISHqNfJhps*Yp98wiAaCa|%AscJK)BB1Y0IU0y
zeimhCU9f+>H$T(ZU-yKY(DrH#UlM^7Wnc8%n**Cp#*UXsL{<N$%r+7RM3V%KMo#T@
zl7vUKwSsbHo;SyUbA@0`T_Nv85vM*u&assYE_QK-y1W2b82AIl2^&)M@SPCnx=&ie
zhhl@j6Zw_mkrR>S?1HzOy9Nb>bf7*0j5VUI6KK2ACB&!osMX=`%xbaJ3<}?vEG;XA
z5#peBjtg#;j<jnX)%=of?7x$SuK%-RmO5m{+ou5eUqIO6xqHPzo<m!kgg(?!6J;DL
zrorpop(1aXj{{<k85OCY@rP}}FxLjGYtPC;tG}*@zUHGbvnTOm(HrHY`D><$t<{RP
z>v&#aMC=8_Uo+t{9^UZ_lJ@wwQYubZaeo&wTR5EOw+?UEg=b}=4jM`*i=PHP_DW54
zbx*rML>r|x>TAu;_^c$Ecfl;*B#Oq<-Mx=sG83;NWGTZ!c_ybua0VxNoUmucbqoQZ
z09M_qfRRhSV*<_^Cl&xUBcQ@if&flp$mAui{gDvG(6=Y&^N|L>wWU?7_Af2xnZ_ZY
zDfV)S4ZBSWgeNN{V&88#&37$A;QhA-Lv>0iXQ0Ti#bew;CD}MW)V2pK2k}*B-VC>b
z;-hqI<atqkTg>59X9yeaymo$aN78`&u$A(+9uXGfg+k)|Q++Ef0UDKKDjK|~2;@E-
zE3$Yko|r^ktT*gEn?q%&hjO2Y8A^3RzOsHv{AIR$BPASs6bN`Nq85u~IHc)ocER6T
ztr`P4%hpDjFW)(<jc&<ZuqouLaW$&e^3kjGl2s+J3IhZ1w-o8&j#2MX>#bnbX@*Lh
znl)dB3NL)a<neHRNuHU~CEJ+#02}Y^T?D}B`b-Jw`Ug1U7jQc7z?)=IajXV`p_BRN
zpttRNIFF}WJ<a~^0Rww3QevGlE#2cE`Uq(LY4V7X1<|R!uyr0_ZJp$^CvVo`-^%5O
zX|W~frIYwlXqy-(gj%NpmcNL*;`K6q{h+_&3nia6vE%*uJ=3q!3Is3OfA*dcaXQ}`
zLP=0N)N_h6&O}b`?Jm#6QpO6?Vy>yIzR3=2pXj@pcm;%Ks=?~w`D*y19XC?o;1w3c
z)3(W0ifIoOSx^ux(S~~QnY)XI7G5}TAiVwFeddcjF)A6~SWIn$$(;>qgkcZ`5U2N4
zys+>~I^-l!!QaHL`m4d;gzfxP@gID1#so+RKG{$@`s07bgvbN29$2U`30_P|gC2#$
zOzc?L*e`$zjZxs~i}$4^o;|hnuwz!wg;&gghi`c=CnHwhYQ6teXsig*3?J!V?!9~~
z{>j@l{SCEr^1<lg;yfXodkK3NZ`~ef*q_sTnJWGXzvMNXVRH7z!wJV4c5mVV22?DO
zfYeaqIke$hr)QKlZxKCEt2Rx*G^ECUVWGkp979E_M>>$~W>;b33Sc=8xQF*&B?sLR
zoj>WzsY`hp&_K~}@w9rOm8Q(Cr(ALkNeY9K>Ccx?lM*29G%o&#q~|?*s=R&sczJL9
zTtMvwb88@f?w`~)b6vHc#<1gtoAnf@XfRCYN3g9~Nca+V;gDzdV<!+$Ub_?f!DFib
z4A;mZt}#9JHX#N2_gwQ0^v+;TCDrUrA?&^Ir`RJh_>f6%q_321s(aLmG;Hl{xbtWg
zYRytG^C#|g=d{oR4kSByGb+hmPQ7|p4f3`!{fvKEFV$WbOxC`dUa_FzEV}0}$1Tym
z@M?KT-G50ewk$w{8(FLBsjvK_l?LO2zHKfSo9yFvtlN5ge9ugtMDH@i3qqTNrxMj7
zzfGrGPkr?3NPcIKO>hPv1%L{5Y8P&f@>A!}>W&vt=jMp3W~QlB7M5Vh#Uw$N<}-%c
z$jjd|7c4Pr&VL$9_D>I}5h@*O7qy<SV>_pCxvC@`!zDN8;{M2z%z9<l_23^8s(r5h
z*h%1Lj)&UvWr|Cb?ZuKpw71*YeMZZj^UEjC0BuGd%EeYJh{3g%hD7T}b3e_X4Gntw
zcfWVK8cb^UN2`|qu%izXZfXArO=EX{evBi_&a^91zF`s5I`#GZ2J8f@^J!X}=5x6w
zq+WKpFsbxXZcC?XuP^QDh!S+w&S!o5MJ+J6>si(lG3TBvq2`Mzx+op0+DqX^ub^QA
zuzFgtK_db3Yo$Z@<JYy{cf95Ska+-+nCp~m*yEa)>566BHo5v7f2J>c2y>h5UToAu
zJ+J)=q~gatQI;8+bUrDWOuBL5u{gJCv2RL$e$_~-;IEb5cNgCg5Ma-3vMw4-YI=g8
zK4Fecm#q>KF=b<=PzGbMQlGOknMTFr>sB)Nzp5S!jePvUz`jzPqE&Um$>#a5UFbQT
z&3U)eSAZa3Od?O@#-{$_UehM7LL!cvo!byMxiL8JVQutA?9e|hR1`R{B5oc<hbtp3
zYe|XRv8ymk@K%?5+Ue{X`5@<+@%`bY?I$#(=wb*mjqK4kA4YD^X!)yxDnUjB8fAZ<
zw0O<LPr3L>+oTv7Q`j0vmxA=s6XO+mAB7$A0uc<nUiXLR?0ioZAPT!=s?UxV#z_^P
z96Ta@bO$POcvOs(fUPm!3oMD)R8$})xn*t_>7b&nH(#Ks7G*G(x{xDB57-(j!NFcX
zPou4k(T<4Bm)kB2yrNidHrTwfzBeSD^!hI1GE$lj8%ie`I1K8WH<9NXL7iQ_LaGW3
zO~1L=FBJ%&qMpM;gw-z1^wgMz>>+QC;wX?iKly3+%(~ic<ajSjo91G{bT@3_7AQnB
zo2>DQYi|RkqbQuXqm~j=l<xySNCg+^R-9myYVpL~ST}$`CYT>ZuT$Dopwm%D?y%i&
z#DR@PRHKtc`9`>Y@q<ut4H!D0{ov#36w=2)P0U-vks!r^;b5)Er&Ivq-s5^*)32wz
z>r=6F*nW45`^W47H2q|Kn$ke{x@|=YN7>RZo~BJ&LXY+Fql6~p&*d$7kjv!&H7W9h
zTF2vrcVRHgcGt!%=|!#*6Ce-iI>CF-ltb-6{9=@WwA$?1o`8a2AzuUsm8)%J&)eI+
z`Ng}Nf=9jeUfR{JLwQw?zfsJw?2*T|+8ir@(5G(=qJ$(Njn&@LZ8bxMwCWJ~y05U;
zxx~x>)2<?jV`K%b_V1Td?L3Pv@HUQlk+o9(6};XFk*3YDcFT8;+NK4Cqw#ZG!rsM!
zb66x&25*gz`e~uylIghWbm84H&si$FiBbB`zE`-MW=nVS9~Ec$!w5OkBBn-2N_hfl
zm^X3iewIQOSVysaP&jqOT4kVBlvXm*pqPyN9PZAXMT*lm6|sa|WntkP$*SAvGiVY*
zOi4iH_}2>OgP@lwG1NNDmIDh2Y|e#U=Lx6wk2!nfI~dUPU@Nse@cyfqYRS}-Xmx!p
zaSRhi0Hz|&CNXz!3dxW7h3IkB&x=@wZqzjaTCw2EAtgNMx4Bs_&MxlH$w~2<jD)|D
zK@8_W90nTf{Sn`i(pvWn5!b5*&QHJ)dFmRX@OVT+Z4H7}`|Q`|$jHbEaaWD=5sw^(
zNedW2Ra)5o-kL|r+qwO?UWyv8DB^Nt{*yqi*n3weNvBnwNo=IKNuMOhVx{`vNl2iE
z=Q(rP@%8TB-ro00h5PJ53-TT00rcp;!^((;I^-<dd%594ebzh=rK*=_u#!ZFS+Gbl
zX2Ny4)0@_8(nb(T7s1hK#t6{MI=A^yLmd&)6>$CQrtcTP(nczMb99;SsDl>j$&r~=
z@ksyZysb=9Qq|}%#9~IZ=P@+XR0idsXL{k=a`WqA8z=2>(YxDK&K?)j23z<Z`PSM#
zM}G-w>gMHnsvkukjwq_!9xk1q&$NB{P#%-j)#f-FTOJH8G{`)<pvIH+5VX#WzYnVO
z`(0qbBp-l8W#Y(ILZ{H+{&!u<`n)Y<j(=>9mhJX8I+9~b#ir%<O|TZ#xM7E3_8vKV
zR&kKDXBaqU5x`#e={9^3>ous^6P8J3GpY_;^O*y{!-T@a4Knh~z9$%Yr0PKy`Nx_m
z`n@QS<$scM{@ncv-_V4YR~7F)jGj6W$Hr=p?y*=pFtYG~l?~cR6*kS->0Yc?>`n7q
z>3OK@L~y80b_!RaV%JR=1+&CO91rB?8%U`5(no-a7y7Mtl-F%PeJW#LktRCFtL#&-
z%X>3Mh_}vY7BxC)xld>~MV^eq(V5Zcy<ZBPCxmIe<8Rj=ppWPKp(`f*O5IoJ#Smu7
z+#t4>MTZn<6PtqTk<sbSpZy79*Y$!a4gsW*sun^EulJWgOPp%gUEJ`EPqUX+?f1jz
zMlWA<=nlvF+cK)x7r#}jsn2*8i^}|A^e0-#K^Is-THd)E&GVq^Z`8Ph9~2vjG#$uk
zpz%Xk(ES>2KuX<iMelq`z{M5qVAB`qhXAf6N#0-Ns=%h-{=HH(!-BcbgIc`~SMF~1
zw%n^#fXm_Ef)6;M`xKNe#~8@T0{H@wfqAik!1}WvPQowdOdP;jdLBEw<ccgw%nH?_
zd_aY2T2Z3qbI_law!*rNY1jeM4#W{|BaV~PHuutyH7fD#C<ja{S!!sfu&0xXh=nSi
ztcWiV^>QzC;!Y#m``9vg#lX;fR{?}``POPt)T<M{zMCQfjChbje$BDr3$Hit@h{_m
zp$}3#F01heT;<n&vg@U=)&LpwaQc<m^E-P)PxBys6&+1M22bHN!nQPtSnu&}I?SH}
zj<_3Kom#F&cGPw7u^C!P;k)Y;&bg4619=h4oiSxqBN$LA?u@6JIn6=vPhdhAIxp0M
zf!0_2OcR=AEMe_Vg@+lK)5r1b`_Yf?G=-he+8-ZyfH=ZL>-K>`ss=R)QPb#5u`Y!`
z96Eh9<@N7vRQiyN!thp}`|L>Yk$N~A|E%9Luay<9lrO~m1~fPg4O2@Jo&Ker^6RP2
zdN1)RBZ#2gb>I$XJCAXlNV7}{js8^MkLD`iRqWSDw2*Wagh~1K*UOjb<q4YPYqfT@
z-~=4;mLShag&Gmk5&`5_o_7*}Vn~DE(ihqAA|<V7Dz%WB0wB(GegSUd7u{_M;92a3
zqPC|JrLS(VCsaz6+8!}Jf9|zz76SC*_@hx8{iuNehEAVDV9(|lz1~6MI_Illmu0>-
zP>ul&?TQ<rxw%JXuK4Y>e_{1s-=)w4I`q%+AnoYrtD#){pP#)59CUkBH>53=_)c41
z1t?OFSG0!pyw|gQBm7%sucJ^|VyxUx2Ozob`)RNC;dcbEFyXHT0?%H&xM^NnTl28y
zFDD??lXx5-U+iZkLxESci)|!pRptiNVnl4Mp5pd4Jw0X#@Tpo-0AQN?rgVpeo6}jC
zc^!8=s0!o9d~NnDx2Aa0c}OIB%P8tTVL(70AsymEx8I<S7j8Z3?Jq;N^jS><^oRGN
zk$BR`w1^sZEb}Gt(D|<UF<%BLHnhDq%5iJueo@KM46;Ebd4d4qxPwh_P+#ZJQD56a
z!BQYb01yWc^Izm&NL=F28%(5V^L0u8?T?`lB7YMEcxA7-d6-agPIA6P3=8_lzbq~K
zOy_QXL>4$uvhr=T&!{>)l>uq6*K@*L`LSjb9gk&CdMuEeK7|BN7IZbH41}XDw*P1f
zG9c7-=pPM)5B+<`{_keV3S$ENvmw_0B>`0UPQx%jCei_zU(dW+kuVYXIQ8HN3L5RG
zKAXAD>ZmuIrszi=k-fzxe9L%=K6TSIoKds;Zs*s%>1MxWsZLLQ^({}|X*YWO9x?3<
z+4@5YRom$`cg-L>tHNUaj9JAO7wI9}{Xbpq^GZ>5cW<0oZsR`(JH+MFu`m7#cJHh0
z^F_?Y;>_l{#MW7VL@yy<lVLEqadL?vz1OZG7JmBJKc9aae@T)rHC`2=h!-$dHY@%e
zSmYJr?z=>R?&oQ;P7j&>ac!fMhP5BvS&Y8e&juIc4G4;EhH3-W|Db&y7d9nXU2gyl
zKir9iO=GNjkTYOUlgXw}3SpE>M^DvK84z6!?6;0blb%s~dyV{-*GvUrpOA$|cBP26
zh(cr*u!K3@?VO1!GWMaF+LdX5^+?v86X>y1K}p4hobRNf>-5yM;+X9;bS|Z0NzYn9
z2l<+*7N^&UhQ0*L1)gA9Y8ESX%ZlB%to0Uh;(P<Yg;Yr#(%njO3@wyMvvc#~V-jO>
zyW?<F=f%RvSsWN~=$k{6W*Kqpnr#4n+H*QB2Qq+QsqJt!HACvbzHZYUzNNI4Bb^%~
zOR>?dGuB`^gvrFu8B6Wg3W##aN!X3HV!<~EKg24^h(Oj<1zj*{AwHJ$7+vm0V5GR+
zKKfXIzoEx;D61!+CpPRwx!6=%;+IDYIfp(0Vf{nbkA;AyQ6C|-)N6^Ih~^FsW#!tw
zuTM*#J34=_I;hczfeMw<%`fsAW#tT{<TIlCuaUH6997<b|8?Gbyp#@N{2FvqUICwN
z&-!C49$3?drR=BmNeiF~2p+1wbENc*9fX0jFk^(wmg=a3d1*%6C=a%dQpu<={S!IV
zNAF4E7fspOht{1afI;Qf(WKq0XYL#Lbx9Uz2Z63?TE-jRb`G~7W6to`tWtnQLhQHV
zWusewAnuN$FiV|j9tiQLsskA!!NQ#8uu8?VxFL*=j+*j|^VX<@3uICd{s@{+`f1Xj
znFStyJK<?DEg5FKyP}R$V&ctha~{u|gOjPA$KkD1;pfa@omLa`xPeVAf_|x>jm5^(
zez+6>GZ((<D*U^s-h?`U24f9dqnIbek+QmiuKd+&3o)tOw&4`q{&Jn>Pp@fIO93;!
zrT`?NXFyl!XMZY8Vv_UyVnYj%?>GJ^S&OgVR5KzKrbc{wVx|2_Z=JqxC5}P5GvssG
z;8}k#vY>J@@|&OIR?D&aSKD7w<?)0x*%vE%H}+jN;aj%(wSCWq$GD!7M7HeX_i`yi
zMEMtU#L7%_m2U=+@oWR`w!oM)3tuo$yNE*zH<&{iBCr`TBGNvz5VL)FY7ss4J7PYV
zNg;cV*dV~TI7}!irpJ#|?0zPC@c7qe$(}>>F~yyY9sRaNi~T{ji~0)^%A#DV-m+tc
zL-OrtK_fzPRn(lE+1O!+uq*UlR1YYXg>Ue6%3J#JyP36SXbXMUJJT@ZgSg<VFuhE3
zbldpt!_t_$tbV%Y4iUDXEn4>XoHq6H)Kx_sjuvNjdw&djcy+iSQktwb!sQN$G9OEx
z(Wm3C9siN8#0wd@GiHTC-gYxmyYo?QdJw)ij5zVIRC}!Ujcaccwa&vb!Dz%W(5)u`
z5D+^uMX$N;)HJ<<RJ=u+e_BKXqzYiE^IgsdQQ^)9R^f;)V?!Yv{977L?+N)=-|+H5
z9{0tlO}HibkX2}ekDB3E;zO84+~HSGo~X8swFDYih$(Gp(@QB@=q3*FGD1}*)BSi3
zu_tH8yL6sL?wbznNvDD|ikn4Paqy}Gdi?XnUW#)muwF3!@~rqK@zccELQMHRjYk;h
zVC4}S-m296!DC96>7w3W-m}6fFPqo~l7SuStS`1a<n#-w1%Z8c$`Ize(E)wMwZY8G
z&J?TY0`_O{KG9j$U?s$5J}A-5ZoEUi7RzGsmK|l6BRdrI%7zWr2cC!~y;4Z6I4EZU
z)F}QUTUVa0xA-*?v(~AK5S>yIIkmW|V)Twajsq3&cHenK85JDNS}Fm~Qb1bxF+Hw|
z!`pGJssL_JI+pDHuMCtdT=o!w`h>8ctKd}7u_5F{GiEKh7KHwahz}CntUE#+O`2z7
z$!ZV56U2kaNG~<0A{HidO#%mPsejyMQT>p>k4fZODK)XUby;e>`gX8*eYe!uPUCIY
zHs8Hhei2jGcO)a*O4`X;64_UqWC64ZH4|9UGO1u2s08}wOG_G&y^X=Xz}-`?&K0tx
z<-p&yd$G4{QMI?Iz7<D+Tq&@So_}Eq7(jT^9H4yaG)Ax~P)8ec46wfmnGiR0a}aVI
zII`3!$j9V|n4))Cu*N#lpYX*}EG#}@(5lT8#>{qNYbr_wxmqTJJZb5;+xmV=ATNCa
z&-l1;pm6aZ#g9FD;i`y>uFvx-V&7WL2A|4?q1*aZ8=~T!HsqsRE3-=jeJoxv>&B71
zg=;)H&cL|UG(kB8h`)IB+)SvY&v(vt;OCve$tQk%k4I0`?z7BVw#aAF&K+KGePA1S
z{mrF|ton*1F;-#ZO<S11Bz`|1KMqs@!}VkDk`~JF&%+vlclAqp_z`EfWmiiXLdqHd
zJDiIqk9PX^vt;Z28@pdI>MD8-t1i7yOJ+88_fLxQ(4+F;=<8F$2W0Ex>7Tjbl0(7S
zxJI8VmV<w*KV*;$uJUuO9h9>Tv~f1q7=FGi)k-JA&(9&DHv17n64Mi+UE!(w*Kuy&
z$mNr0kZH#@Z6wL2b|q#O6O%%LBoY_R+1R2zeZ)-UC;qMi4EuXU|HaW*?~ki5*)*?6
zR;6|MAuAHrI~osUt`{~EJvPC+zJleKH%<zm6}euLIzGtCyP`af-e!;Hf<Mf-_n2Mg
znxl3rj$HQwjb#)<I1irD$0}rPqwid|pBtpSBhd`h>VIcntx8TF4#pJ5)khWH3L)tF
zE*Ppa#c&Bqz-Gt|&@=1zO4wM-f;jWs8we)BS9t^u<_AzU)SclDAt0-|@6+guQT>zE
zO+-xd;cVb;x~e(svS>VC@>P>{{0pn-<026Fph%T+f7@XD+~JMvyx$#u>|seDGHf*(
zTlYBZ(sHbO9R0y;|FN?-FT@n>(U$RT0z9;3PJ%<=_)8W>fs9>beHz(AiRrcfp96t=
zU%@1Xd*5JBUsq`KF+n!Y<?Y1|!E1huMzW(L9EMJuh_6D$8_UIADNFwHl~i;g?KGs#
zr4MtNR>E1_reQn~QyGqHtnJpuZ_gwHUWi<s_S!nWkhrzZO*~^Od22mteS2)<DXwZ@
z(H^&PCeG~6pD_4D#u4KM5T(da(;^krl|`eKL%!M3ZKD($R<z8iC5YMxL<Ctra2Fz|
zL$??xF%<*yge{|wZ?e`zO60~@8N5|DwIFT{BFciVxXx6x-{TugWm8OGTik^9y*y5f
zMpl`eUZUR3*m`#H-yN0vdN&*!&iD%43%CdLUtZ~$ShN$34$f;t`PikZz`AP;y@l_e
z17$ayVvQ`?sdR)Q9AlstnT5FW-F#0^^lnS`-zVv$SI3OE-;k|G;-}I~h{#V954095
zRplLFbOk}pNtgr=G7eQR5hfOa47~f0cA}WUmZ_J~f~MQAU)!%;3r!_nH%Zr;vN93*
zIydzBragK;^;W;AZ+GB^R(pFN#+LNa1!4V(+r1YRcqCrHR2kh8@2S5y$x`<3r}qLB
zBz7j{3x?BM!&Z_xt$WNjTm_F(L6V9~^aM*RI9_R3g!YarkDc22f(T_NX3xXqgLT85
zXxb}0T>soHWTMucEhNC_Y}CtBoSjV$Ed1i3@yoo6dd=~J#I?&T+p*gNTh{*j-b4;V
z%ZKU5hrg&U=@K=eX`uMTF$S^i9}I4tq~~|>rB?RIM8Y9S?3!EZuXrH$GZOT8XlQ7R
zXp4FNp`?6~|N9RfzH#Ulp&&+_sDFF>JN-{4w10N~r_g_ZLqY$O?O)WtI{$9@-|2t&
c0W_!7EgM}F9dVdO#e=3SuOU|>WB&I402zAIRR910

literal 0
HcmV?d00001

diff --git a/docs/touch-up.sh b/docs/touch-up.sh
new file mode 100755
index 00000000..1dd0b1dc
--- /dev/null
+++ b/docs/touch-up.sh
@@ -0,0 +1,20 @@
+#!/bin/bash -e
+
+
+# Sed to process GitHub Markdown
+# 1-2 Remove comment code from metadata block
+# 
+for i in ls -l /docs/content/*
+  do                 # Line breaks are important
+    if [ -d $i ]   # Spaces are important
+      then
+        y=${i##*/}
+        find $i -type f -name "*.md" -exec sed -i.old \
+        -e '/^<!.*metadata]>/g' \
+        -e '/^<!.*end-metadata.*>/g' {} \;
+    fi
+done
+
+
+
+
diff --git a/docs/understanding-docker.md b/docs/understanding-docker.md
new file mode 100644
index 00000000..1dba248e
--- /dev/null
+++ b/docs/understanding-docker.md
@@ -0,0 +1,278 @@
+<!--[metadata]>
++++
+aliases = ["/introduction/understanding-docker/"]
+title = "Understand the architecture"
+description = "Docker explained in depth"
+keywords = ["docker, introduction, documentation, about, technology,  understanding"]
+[menu.main]
+parent = "engine_use"
+weight = -82
++++
+<![end-metadata]-->
+
+# Understand the architecture
+
+Docker is an open platform for developing, shipping, and running applications.
+Docker is designed to deliver your applications faster. With Docker you can
+separate your applications from your infrastructure and treat your
+infrastructure like a managed application. Docker helps you ship code faster,
+test faster, deploy faster, and shorten the cycle between writing code and
+running code.
+
+Docker does this by combining kernel containerization features with workflows
+and tooling that help you manage and deploy your applications.
+
+At its core, Docker provides a way to run almost any application securely
+isolated in a container. The isolation and security allow you to run many
+containers simultaneously on your host. The lightweight nature of containers,
+which run without the extra load of a hypervisor, means you can get more out of
+your hardware.
+
+Surrounding the container is tooling and a platform which can help you in
+several ways:
+
+* Get your applications (and supporting components) into Docker containers
+* Distribute and ship those containers to your teams for further development
+and testing
+* Deploy those applications to your production environment,
+ whether it is in a local data center or the Cloud
+
+## What can I use Docker for?
+
+*Faster delivery of your applications*
+
+Docker is perfect for helping you with the development lifecycle. Docker
+allows your developers to develop on local containers that contain your
+applications and services. It can then integrate into a continuous integration and
+deployment workflow.
+
+For example, your developers write code locally and share their development stack via
+Docker with their colleagues. When they are ready, they push their code and the
+stack they are developing onto a test environment and execute any required
+tests. From the testing environment, you can then push the Docker images into
+production and deploy your code.
+
+*Deploying and scaling more easily*
+
+Docker's container-based platform allows for highly portable workloads. Docker
+containers can run on a developer's local host, on physical or virtual machines
+in a data center, or in the Cloud.
+
+Docker's portability and lightweight nature also make dynamically managing
+workloads easy. You can use Docker to quickly scale up or tear down applications
+and services. Docker's speed means that scaling can be near real time.
+
+*Achieving higher density and running more workloads*
+
+Docker is lightweight and fast. It provides a viable, cost-effective alternative
+to hypervisor-based virtual machines. This is especially useful in high density
+environments: for example, building your own Cloud or Platform-as-a-Service. But
+it is also useful for small and medium deployments where you want to get more
+out of the resources you have.
+
+## What are the major Docker components?
+Docker has two major components:
+
+
+* Docker Engine: the open source containerization platform.
+* [Docker Hub](https://hub.docker.com): our Software-as-a-Service
+  platform for sharing and managing Docker containers.
+
+
+> **Note:** Docker is licensed under the open source Apache 2.0 license.
+
+## What is Docker's architecture?
+Docker uses a client-server architecture. The Docker *client* talks to the
+Docker *daemon*, which does the heavy lifting of building, running, and
+distributing your Docker containers. Both the Docker client and the daemon *can*
+run on the same system, or you can connect a Docker client to a remote Docker
+daemon. The Docker client and daemon communicate via sockets or through a
+RESTful API.
+
+![Docker Architecture Diagram](article-img/architecture.svg)
+
+### The Docker daemon
+As shown in the diagram above, the Docker daemon runs on a host machine. The
+user does not directly interact with the daemon, but instead through the Docker
+client.
+
+### The Docker client
+The Docker client, in the form of the `docker` binary, is the primary user
+interface to Docker. It accepts commands from the user and communicates back and
+forth with a Docker daemon.
+
+### Inside Docker
+To understand Docker's internals, you need to know about three resources:
+
+* Docker images
+* Docker registries
+* Docker containers
+
+#### Docker images
+
+A Docker image is a read-only template. For example, an image could contain an Ubuntu
+operating system with Apache and your web application installed. Images are used to create
+Docker containers. Docker provides a simple way to build new images or update existing
+images, or you can download Docker images that other people have already created.
+Docker images are the **build** component of Docker.
+
+#### Docker registries
+Docker registries hold images. These are public or private stores from which you
+upload or download images. The public Docker registry is provided with the
+[Docker Hub](http://hub.docker.com). It serves a huge collection of existing
+images for your use. These can be images you create yourself or you can use
+images that others have previously created. Docker registries are the
+**distribution** component of Docker.
+For more information, go to [Docker Registry](https://docs.docker.com/registry/overview/) and
+[Docker Trusted Registry](https://docs.docker.com/docker-trusted-registry/overview/).
+
+#### Docker containers
+Docker containers are similar to a directory. A Docker container holds everything that
+is needed for an application to run. Each container is created from a Docker
+image. Docker containers can be run, started, stopped, moved, and deleted. Each
+container is an isolated and secure application platform. Docker containers are the
+ **run** component of Docker.
+
+### How does a Docker image work?
+We've already seen that Docker images are read-only templates from which Docker
+containers are launched. Each image consists of a series of layers. Docker
+makes use of [union file systems](http://en.wikipedia.org/wiki/UnionFS) to
+combine these layers into a single image. Union file systems allow files and
+directories of separate file systems, known as branches, to be transparently
+overlaid, forming a single coherent file system.
+
+One of the reasons Docker is so lightweight is because of these layers. When you
+change a Docker image—for example, update an application to a new version— a new layer
+gets built. Thus, rather than replacing the whole image or entirely
+rebuilding, as you may do with a virtual machine, only that layer is added or
+updated. Now you don't need to distribute a whole new image, just the update,
+making distributing Docker images faster and simpler.
+
+Every image starts from a base image, for example `ubuntu`, a base Ubuntu image,
+or `fedora`, a base Fedora image. You can also use images of your own as the
+basis for a new image, for example if you have a base Apache image you could use
+this as the base of all your web application images.
+
+> **Note:** [Docker Hub](https://hub.docker.com) is a public registry and stores
+images.
+
+Docker images are then built from these base images using a simple, descriptive
+set of steps we call *instructions*. Each instruction creates a new layer in our
+image. Instructions include actions like:
+
+* Run a command
+* Add a file or directory
+* Create an environment variable
+* What process to run when launching a container from this image
+
+These instructions are stored in a file called a `Dockerfile`. A `Dockerfile` is
+a text based script that contains instructions and commands for building the image
+from the base image. Docker reads this `Dockerfile` when you request a build of
+an image, executes the instructions, and returns a final image.
+
+### How does a Docker registry work?
+The Docker registry is the store for your Docker images. Once you build a Docker
+image you can *push* it to a public registry such as [Docker Hub](https://hub.docker.com)
+or to your own registry running behind your firewall.
+
+Using the Docker client, you can search for already published images and then
+pull them down to your Docker host to build containers from them.
+
+[Docker Hub](https://hub.docker.com) provides both public and private storage
+for images. Public storage is searchable and can be downloaded by anyone.
+Private storage is excluded from search results and only you and your users can
+pull images down and use them to build containers. You can [sign up for a storage plan
+here](https://hub.docker.com/plans).
+
+### How does a container work?
+A container consists of an operating system, user-added files, and meta-data. As
+we've seen, each container is built from an image. That image tells Docker
+what the container holds, what process to run when the container is launched, and
+a variety of other configuration data. The Docker image is read-only. When
+Docker runs a container from an image, it adds a read-write layer on top of the
+image (using a union file system as we saw earlier) in which your application can
+then run.
+
+### What happens when you run a container?
+Either by using the `docker` binary or via the API, the Docker client tells the Docker
+daemon to run a container.
+
+    $ docker run -i -t ubuntu /bin/bash
+
+The Docker Engine client is launched using the `docker` binary with the `run` option
+running a new container. The bare minimum the Docker client needs to tell the
+Docker daemon to run the container is:
+
+* What Docker image to build the container from, for example, `ubuntu`
+* The command you want to run inside the container when it is launched,
+for example,`/bin/bash`
+
+So what happens under the hood when we run this command?
+
+In order, Docker Engine does the following:
+
+- **Pulls the `ubuntu` image:** Docker Engine checks for the presence of the `ubuntu`
+image. If the image already exists, then Docker Engine uses it for the new container.
+If it doesn't exist locally on the host, then Docker Engine pulls it from
+[Docker Hub](https://hub.docker.com). If the image already exists, then Docker Engine
+uses it for the new container.
+- **Creates a new container:** Once Docker Engine has the image, it uses it to create a
+container.
+- **Allocates a filesystem and mounts a read-write _layer_:** The container is created in
+the file system and a read-write layer is added to the image.
+- **Allocates a network / bridge interface:** Creates a network interface that allows the
+Docker container to talk to the local host.
+- **Sets up an IP address:** Finds and attaches an available IP address from a pool.
+- **Executes a process that you specify:** Runs your application, and;
+- **Captures and provides application output:** Connects and logs standard input, outputs
+and errors for you to see how your application is running.
+
+You now have a running container! Now you can manage your container, interact with
+your application and then, when finished, stop and remove your container.
+
+## The underlying technology
+Docker is written in Go and makes use of several kernel features to
+deliver the functionality we've seen.
+
+### Namespaces
+Docker takes advantage of a technology called `namespaces` to provide the
+isolated workspace we call the *container*.  When you run a container, Docker
+creates a set of *namespaces* for that container.
+
+This provides a layer of isolation: each aspect of a container runs in its own
+namespace and does not have access outside it.
+
+Some of the namespaces that Docker Engine uses on Linux are:
+
+ - **The `pid` namespace:** Process isolation (PID: Process ID).
+ - **The `net` namespace:** Managing network interfaces (NET:
+ Networking).
+ - **The `ipc` namespace:** Managing access to IPC
+ resources (IPC: InterProcess Communication).
+ - **The `mnt` namespace:** Managing mount-points (MNT: Mount).
+ - **The `uts` namespace:** Isolating kernel and version identifiers. (UTS: Unix
+Timesharing System).
+
+### Control groups
+Docker Engine on Linux also makes use of another technology called `cgroups` or control groups.
+A key to running applications in isolation is to have them only use the
+resources you want. This ensures containers are good multi-tenant citizens on a
+host. Control groups allow Docker Engine to share available hardware resources to
+containers and, if required, set up limits and constraints. For example,
+limiting the memory available to a specific container.
+
+### Union file systems
+Union file systems, or UnionFS, are file systems that operate by creating layers,
+making them very lightweight and fast. Docker Engine uses union file systems to provide
+the building blocks for containers. Docker Engine can make use of several union file system variants
+including: AUFS, btrfs, vfs, and DeviceMapper.
+
+### Container format
+Docker Engine combines these components into a wrapper we call a container format. The
+default container format is called `libcontainer`. In the future, Docker may
+support other container formats, for example, by integrating with BSD Jails
+or Solaris Zones.
+
+## Next steps
+Read about [Installing Docker Engine](installation/index.md#installation).
+Learn about the [Docker Engine User Guide](userguide/index.md).
diff --git a/docs/userguide/containers/dockerimages.md b/docs/userguide/containers/dockerimages.md
new file mode 100644
index 00000000..7a8b9656
--- /dev/null
+++ b/docs/userguide/containers/dockerimages.md
@@ -0,0 +1,554 @@
+<!--[metadata]>
++++
+aliases = ["/engine/userguide/dockerimages/"]
+title = "Build your own images"
+description = "How to work with Docker images."
+keywords = ["documentation, docs, the docker guide, docker guide, docker, docker platform, docker.io, Docker images, Docker image, image management, Docker repos, Docker repositories, docker, docker tag, docker tags, Docker Hub,  collaboration"]
+[menu.main]
+parent = "engine_learn"
+weight = -4
++++
+<![end-metadata]-->
+
+# Build your own images
+
+Docker images are the basis of containers. Each time you've used `docker run`
+you told it which image you wanted. In the previous sections of the guide you
+used Docker images that already exist, for example the `ubuntu` image and the
+`training/webapp` image.
+
+You also discovered that Docker stores downloaded images on the Docker host. If
+an image isn't already present on the host then it'll be downloaded from a
+registry: by default the [Docker Hub Registry](https://hub.docker.com).
+
+In this section you're going to explore Docker images a bit more
+including:
+
+* Managing and working with images locally on your Docker host.
+* Creating basic images.
+* Uploading images to [Docker Hub Registry](https://hub.docker.com).
+
+## Listing images on the host
+
+Let's start with listing the images you have locally on our host. You can
+do this using the `docker images` command like so:
+
+    $ docker images
+    REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
+    ubuntu              14.04               1d073211c498        3 days ago          187.9 MB
+    busybox             latest              2c5ac3f849df        5 days ago          1.113 MB
+    training/webapp     latest              54bb4e8718e8        5 months ago        348.7 MB
+
+You can see the images you've previously used in the user guide.
+Each has been downloaded from [Docker Hub](https://hub.docker.com) when you
+launched a container using that image. When you list images, you get three crucial pieces of information in the listing.
+
+* What repository they came from, for example `ubuntu`.
+* The tags for each image, for example `14.04`.
+* The image ID of each image.
+
+> **Tip:**
+> You can use [a third-party dockviz tool](https://github.com/justone/dockviz)
+> or the [Image layers site](https://imagelayers.io/) to display  
+> visualizations of image data.
+
+A repository potentially holds multiple variants of an image. In the case of
+our `ubuntu` image you can see multiple variants covering Ubuntu 10.04, 12.04,
+12.10, 13.04, 13.10 and 14.04. Each variant is identified by a tag and you can
+refer to a tagged image like so:
+
+    ubuntu:14.04
+
+So when you run a container you refer to a tagged image like so:
+
+    $ docker run -t -i ubuntu:14.04 /bin/bash
+
+If instead you wanted to run an Ubuntu 12.04 image you'd use:
+
+    $ docker run -t -i ubuntu:12.04 /bin/bash
+
+If you don't specify a variant, for example you just use `ubuntu`, then Docker
+will default to using the `ubuntu:latest` image.
+
+> **Tip:**
+> You should always specify an image tag, for example `ubuntu:14.04`.
+> That way, you always know exactly what variant of an image you are using.
+> This is useful for troubleshooting and debugging.
+
+## Getting a new image
+
+So how do you get new images? Well Docker will automatically download any image
+you use that isn't already present on the Docker host. But this can potentially
+add some time to the launch of a container. If you want to pre-load an image you
+can download it using the `docker pull` command. Suppose you'd like to
+download the `centos` image.
+
+    $ docker pull centos
+    Pulling repository centos
+    b7de3133ff98: Pulling dependent layers
+    5cc9e91966f7: Pulling fs layer
+    511136ea3c5a: Download complete
+    ef52fb1fe610: Download complete
+    . . .
+
+    Status: Downloaded newer image for centos
+
+You can see that each layer of the image has been pulled down and now you
+can run a container from this image and you won't have to wait to
+download the image.
+
+    $ docker run -t -i centos /bin/bash
+    bash-4.1#
+
+## Finding images
+
+One of the features of Docker is that a lot of people have created Docker
+images for a variety of purposes. Many of these have been uploaded to
+[Docker Hub](https://hub.docker.com). You can search these images on the
+[Docker Hub](https://hub.docker.com) website.
+
+![indexsearch](search.png)
+
+You can also search for images on the command line using the `docker search`
+command. Suppose your team wants an image with Ruby and Sinatra installed on
+which to do our web application development. You can search for a suitable image
+by using the `docker search` command to find all the images that contain the
+term `sinatra`.
+
+    $ docker search sinatra
+    NAME                                   DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
+    training/sinatra                       Sinatra training image                          0                    [OK]
+    marceldegraaf/sinatra                  Sinatra test app                                0
+    mattwarren/docker-sinatra-demo                                                         0                    [OK]
+    luisbebop/docker-sinatra-hello-world                                                   0                    [OK]
+    bmorearty/handson-sinatra              handson-ruby + Sinatra for Hands on with D...   0
+    subwiz/sinatra                                                                         0
+    bmorearty/sinatra                                                                      0
+    . . .
+
+You can see the command returns a lot of images that use the term `sinatra`.
+You've received a list of image names, descriptions, Stars (which measure the
+social popularity of images - if a user likes an image then they can "star" it),
+and the Official and Automated build statuses. [Official
+Repositories](https://docs.docker.com/docker-hub/official_repos) are a carefully
+curated set of Docker repositories supported by Docker, Inc.  Automated
+repositories are [Automated Builds](dockerrepos.md#automated-builds) that allow
+you to validate the source and content of an image.
+
+You've reviewed the images available to use and you decided to use the
+`training/sinatra` image. So far you've seen two types of images repositories,
+images like `ubuntu`, which are called base or root images. These base images
+are provided by Docker Inc and are built, validated and supported. These can be
+identified by their single word names.
+
+You've also seen user images, for example the `training/sinatra` image you've
+chosen. A user image belongs to a member of the Docker community and is built
+and maintained by them.  You can identify user images as they are always
+prefixed with the user name, here `training`, of the user that created them.
+
+## Pulling our image
+
+You've identified a suitable image, `training/sinatra`, and now you can download it using the `docker pull` command.
+
+    $ docker pull training/sinatra
+
+The team can now use this image by running their own containers.
+
+    $ docker run -t -i training/sinatra /bin/bash
+    root@a8cb6ce02d85:/#
+
+## Creating our own images
+
+The team has found the `training/sinatra` image pretty useful but it's not quite
+what they need and you need to make some changes to it. There are two ways you
+can update and create images.
+
+1. You can update a container created from an image and commit the results to an image.
+2. You can use a `Dockerfile` to specify instructions to create an image.
+
+
+### Updating and committing an image
+
+To update an image you first need to create a container from the image
+you'd like to update.
+
+    $ docker run -t -i training/sinatra /bin/bash
+    root@0b2616b0e5a8:/#
+
+> **Note:**
+> Take note of the container ID that has been created, `0b2616b0e5a8`, as you'll
+> need it in a moment.
+
+Inside our running container let's add the `json` gem.
+
+    root@0b2616b0e5a8:/# gem install json
+
+Once this has completed let's exit our container using the `exit`
+command.
+
+Now you have a container with the change you want to make. You can then
+commit a copy of this container to an image using the `docker commit`
+command.
+
+    $ docker commit -m "Added json gem" -a "Kate Smith" \
+    0b2616b0e5a8 ouruser/sinatra:v2
+    4f177bd27a9ff0f6dc2a830403925b5360bfe0b93d476f7fc3231110e7f71b1c
+
+Here you've used the `docker commit` command. You've specified two flags: `-m`
+and `-a`. The `-m` flag allows us to specify a commit message, much like you
+would with a commit on a version control system. The `-a` flag allows us to
+specify an author for our update.
+
+You've also specified the container you want to create this new image from,
+`0b2616b0e5a8` (the ID you recorded earlier) and you've specified a target for
+the image:
+
+    ouruser/sinatra:v2
+
+Break this target down. It consists of a new user, `ouruser`, that you're
+writing this image to. You've also specified the name of the image, here you're
+keeping the original image name `sinatra`. Finally you're specifying a tag for
+the image: `v2`.
+
+You can then look at our new `ouruser/sinatra` image using the `docker images`
+command.
+
+    $ docker images
+    REPOSITORY          TAG     IMAGE ID       CREATED       SIZE
+    training/sinatra    latest  5bc342fa0b91   10 hours ago  446.7 MB
+    ouruser/sinatra     v2      3c59e02ddd1a   10 hours ago  446.7 MB
+    ouruser/sinatra     latest  5db5f8471261   10 hours ago  446.7 MB
+
+To use our new image to create a container you can then:
+
+    $ docker run -t -i ouruser/sinatra:v2 /bin/bash
+    root@78e82f680994:/#
+
+### Building an image from a `Dockerfile`
+
+Using the `docker commit` command is a pretty simple way of extending an image
+but it's a bit cumbersome and it's not easy to share a development process for
+images amongst a team. Instead you can use a new command, `docker build`, to
+build new images from scratch.
+
+To do this you create a `Dockerfile` that contains a set of instructions that
+tell Docker how to build our image.
+
+First, create a directory and a `Dockerfile`.
+
+    $ mkdir sinatra
+    $ cd sinatra
+    $ touch Dockerfile
+
+If you are using Docker Machine on Windows, you may access your host
+directory by `cd` to `/c/Users/your_user_name`.
+
+Each instruction creates a new layer of the image. Try a simple example now for
+building your own Sinatra image for your fictitious development team.
+
+    # This is a comment
+    FROM ubuntu:14.04
+    MAINTAINER Kate Smith <ksmith@example.com>
+    RUN apt-get update && apt-get install -y ruby ruby-dev
+    RUN gem install sinatra
+
+Examine what your `Dockerfile` does. Each instruction prefixes a statement and
+is capitalized.
+
+    INSTRUCTION statement
+
+> **Note:** You use `#` to indicate a comment
+
+The first instruction `FROM` tells Docker what the source of our image is, in
+this case you're basing our new image on an Ubuntu 14.04 image. The instruction uses the `MAINTAINER` instruction to specify who maintains the new image.
+
+Lastly, you've specified two `RUN` instructions. A `RUN` instruction executes
+a command inside the image, for example installing a package. Here you're
+updating our APT cache, installing Ruby and RubyGems and then installing the
+Sinatra gem.
+
+
+
+Now let's take our `Dockerfile` and use the `docker build` command to build an image.
+
+    $ docker build -t ouruser/sinatra:v2 .
+    Sending build context to Docker daemon 2.048 kB
+    Sending build context to Docker daemon
+    Step 1 : FROM ubuntu:14.04
+     ---> e54ca5efa2e9
+    Step 2 : MAINTAINER Kate Smith <ksmith@example.com>
+     ---> Using cache
+     ---> 851baf55332b
+    Step 3 : RUN apt-get update && apt-get install -y ruby ruby-dev
+     ---> Running in 3a2558904e9b
+    Selecting previously unselected package libasan0:amd64.
+    (Reading database ... 11518 files and directories currently installed.)
+    Preparing to unpack .../libasan0_4.8.2-19ubuntu1_amd64.deb ...
+    Unpacking libasan0:amd64 (4.8.2-19ubuntu1) ...
+    Selecting previously unselected package libatomic1:amd64.
+    Preparing to unpack .../libatomic1_4.8.2-19ubuntu1_amd64.deb ...
+    Unpacking libatomic1:amd64 (4.8.2-19ubuntu1) ...
+    Selecting previously unselected package libgmp10:amd64.
+    Preparing to unpack .../libgmp10_2%3a5.1.3+dfsg-1ubuntu1_amd64.deb ...
+    Unpacking libgmp10:amd64 (2:5.1.3+dfsg-1ubuntu1) ...
+    Selecting previously unselected package libisl10:amd64.
+    Preparing to unpack .../libisl10_0.12.2-1_amd64.deb ...
+    Unpacking libisl10:amd64 (0.12.2-1) ...
+    Selecting previously unselected package libcloog-isl4:amd64.
+    Preparing to unpack .../libcloog-isl4_0.18.2-1_amd64.deb ...
+    Unpacking libcloog-isl4:amd64 (0.18.2-1) ...
+    Selecting previously unselected package libgomp1:amd64.
+    Preparing to unpack .../libgomp1_4.8.2-19ubuntu1_amd64.deb ...
+    Unpacking libgomp1:amd64 (4.8.2-19ubuntu1) ...
+    Selecting previously unselected package libitm1:amd64.
+    Preparing to unpack .../libitm1_4.8.2-19ubuntu1_amd64.deb ...
+    Unpacking libitm1:amd64 (4.8.2-19ubuntu1) ...
+    Selecting previously unselected package libmpfr4:amd64.
+    Preparing to unpack .../libmpfr4_3.1.2-1_amd64.deb ...
+    Unpacking libmpfr4:amd64 (3.1.2-1) ...
+    Selecting previously unselected package libquadmath0:amd64.
+    Preparing to unpack .../libquadmath0_4.8.2-19ubuntu1_amd64.deb ...
+    Unpacking libquadmath0:amd64 (4.8.2-19ubuntu1) ...
+    Selecting previously unselected package libtsan0:amd64.
+    Preparing to unpack .../libtsan0_4.8.2-19ubuntu1_amd64.deb ...
+    Unpacking libtsan0:amd64 (4.8.2-19ubuntu1) ...
+    Selecting previously unselected package libyaml-0-2:amd64.
+    Preparing to unpack .../libyaml-0-2_0.1.4-3ubuntu3_amd64.deb ...
+    Unpacking libyaml-0-2:amd64 (0.1.4-3ubuntu3) ...
+    Selecting previously unselected package libmpc3:amd64.
+    Preparing to unpack .../libmpc3_1.0.1-1ubuntu1_amd64.deb ...
+    Unpacking libmpc3:amd64 (1.0.1-1ubuntu1) ...
+    Selecting previously unselected package openssl.
+    Preparing to unpack .../openssl_1.0.1f-1ubuntu2.4_amd64.deb ...
+    Unpacking openssl (1.0.1f-1ubuntu2.4) ...
+    Selecting previously unselected package ca-certificates.
+    Preparing to unpack .../ca-certificates_20130906ubuntu2_all.deb ...
+    Unpacking ca-certificates (20130906ubuntu2) ...
+    Selecting previously unselected package manpages.
+    Preparing to unpack .../manpages_3.54-1ubuntu1_all.deb ...
+    Unpacking manpages (3.54-1ubuntu1) ...
+    Selecting previously unselected package binutils.
+    Preparing to unpack .../binutils_2.24-5ubuntu3_amd64.deb ...
+    Unpacking binutils (2.24-5ubuntu3) ...
+    Selecting previously unselected package cpp-4.8.
+    Preparing to unpack .../cpp-4.8_4.8.2-19ubuntu1_amd64.deb ...
+    Unpacking cpp-4.8 (4.8.2-19ubuntu1) ...
+    Selecting previously unselected package cpp.
+    Preparing to unpack .../cpp_4%3a4.8.2-1ubuntu6_amd64.deb ...
+    Unpacking cpp (4:4.8.2-1ubuntu6) ...
+    Selecting previously unselected package libgcc-4.8-dev:amd64.
+    Preparing to unpack .../libgcc-4.8-dev_4.8.2-19ubuntu1_amd64.deb ...
+    Unpacking libgcc-4.8-dev:amd64 (4.8.2-19ubuntu1) ...
+    Selecting previously unselected package gcc-4.8.
+    Preparing to unpack .../gcc-4.8_4.8.2-19ubuntu1_amd64.deb ...
+    Unpacking gcc-4.8 (4.8.2-19ubuntu1) ...
+    Selecting previously unselected package gcc.
+    Preparing to unpack .../gcc_4%3a4.8.2-1ubuntu6_amd64.deb ...
+    Unpacking gcc (4:4.8.2-1ubuntu6) ...
+    Selecting previously unselected package libc-dev-bin.
+    Preparing to unpack .../libc-dev-bin_2.19-0ubuntu6_amd64.deb ...
+    Unpacking libc-dev-bin (2.19-0ubuntu6) ...
+    Selecting previously unselected package linux-libc-dev:amd64.
+    Preparing to unpack .../linux-libc-dev_3.13.0-30.55_amd64.deb ...
+    Unpacking linux-libc-dev:amd64 (3.13.0-30.55) ...
+    Selecting previously unselected package libc6-dev:amd64.
+    Preparing to unpack .../libc6-dev_2.19-0ubuntu6_amd64.deb ...
+    Unpacking libc6-dev:amd64 (2.19-0ubuntu6) ...
+    Selecting previously unselected package ruby.
+    Preparing to unpack .../ruby_1%3a1.9.3.4_all.deb ...
+    Unpacking ruby (1:1.9.3.4) ...
+    Selecting previously unselected package ruby1.9.1.
+    Preparing to unpack .../ruby1.9.1_1.9.3.484-2ubuntu1_amd64.deb ...
+    Unpacking ruby1.9.1 (1.9.3.484-2ubuntu1) ...
+    Selecting previously unselected package libruby1.9.1.
+    Preparing to unpack .../libruby1.9.1_1.9.3.484-2ubuntu1_amd64.deb ...
+    Unpacking libruby1.9.1 (1.9.3.484-2ubuntu1) ...
+    Selecting previously unselected package manpages-dev.
+    Preparing to unpack .../manpages-dev_3.54-1ubuntu1_all.deb ...
+    Unpacking manpages-dev (3.54-1ubuntu1) ...
+    Selecting previously unselected package ruby1.9.1-dev.
+    Preparing to unpack .../ruby1.9.1-dev_1.9.3.484-2ubuntu1_amd64.deb ...
+    Unpacking ruby1.9.1-dev (1.9.3.484-2ubuntu1) ...
+    Selecting previously unselected package ruby-dev.
+    Preparing to unpack .../ruby-dev_1%3a1.9.3.4_all.deb ...
+    Unpacking ruby-dev (1:1.9.3.4) ...
+    Setting up libasan0:amd64 (4.8.2-19ubuntu1) ...
+    Setting up libatomic1:amd64 (4.8.2-19ubuntu1) ...
+    Setting up libgmp10:amd64 (2:5.1.3+dfsg-1ubuntu1) ...
+    Setting up libisl10:amd64 (0.12.2-1) ...
+    Setting up libcloog-isl4:amd64 (0.18.2-1) ...
+    Setting up libgomp1:amd64 (4.8.2-19ubuntu1) ...
+    Setting up libitm1:amd64 (4.8.2-19ubuntu1) ...
+    Setting up libmpfr4:amd64 (3.1.2-1) ...
+    Setting up libquadmath0:amd64 (4.8.2-19ubuntu1) ...
+    Setting up libtsan0:amd64 (4.8.2-19ubuntu1) ...
+    Setting up libyaml-0-2:amd64 (0.1.4-3ubuntu3) ...
+    Setting up libmpc3:amd64 (1.0.1-1ubuntu1) ...
+    Setting up openssl (1.0.1f-1ubuntu2.4) ...
+    Setting up ca-certificates (20130906ubuntu2) ...
+    debconf: unable to initialize frontend: Dialog
+    debconf: (TERM is not set, so the dialog frontend is not usable.)
+    debconf: falling back to frontend: Readline
+    debconf: unable to initialize frontend: Readline
+    debconf: (This frontend requires a controlling tty.)
+    debconf: falling back to frontend: Teletype
+    Setting up manpages (3.54-1ubuntu1) ...
+    Setting up binutils (2.24-5ubuntu3) ...
+    Setting up cpp-4.8 (4.8.2-19ubuntu1) ...
+    Setting up cpp (4:4.8.2-1ubuntu6) ...
+    Setting up libgcc-4.8-dev:amd64 (4.8.2-19ubuntu1) ...
+    Setting up gcc-4.8 (4.8.2-19ubuntu1) ...
+    Setting up gcc (4:4.8.2-1ubuntu6) ...
+    Setting up libc-dev-bin (2.19-0ubuntu6) ...
+    Setting up linux-libc-dev:amd64 (3.13.0-30.55) ...
+    Setting up libc6-dev:amd64 (2.19-0ubuntu6) ...
+    Setting up manpages-dev (3.54-1ubuntu1) ...
+    Setting up libruby1.9.1 (1.9.3.484-2ubuntu1) ...
+    Setting up ruby1.9.1-dev (1.9.3.484-2ubuntu1) ...
+    Setting up ruby-dev (1:1.9.3.4) ...
+    Setting up ruby (1:1.9.3.4) ...
+    Setting up ruby1.9.1 (1.9.3.484-2ubuntu1) ...
+    Processing triggers for libc-bin (2.19-0ubuntu6) ...
+    Processing triggers for ca-certificates (20130906ubuntu2) ...
+    Updating certificates in /etc/ssl/certs... 164 added, 0 removed; done.
+    Running hooks in /etc/ca-certificates/update.d....done.
+     ---> c55c31703134
+    Removing intermediate container 3a2558904e9b
+    Step 4 : RUN gem install sinatra
+     ---> Running in 6b81cb6313e5
+    unable to convert "\xC3" to UTF-8 in conversion from ASCII-8BIT to UTF-8 to US-ASCII for README.rdoc, skipping
+    unable to convert "\xC3" to UTF-8 in conversion from ASCII-8BIT to UTF-8 to US-ASCII for README.rdoc, skipping
+    Successfully installed rack-1.5.2
+    Successfully installed tilt-1.4.1
+    Successfully installed rack-protection-1.5.3
+    Successfully installed sinatra-1.4.5
+    4 gems installed
+    Installing ri documentation for rack-1.5.2...
+    Installing ri documentation for tilt-1.4.1...
+    Installing ri documentation for rack-protection-1.5.3...
+    Installing ri documentation for sinatra-1.4.5...
+    Installing RDoc documentation for rack-1.5.2...
+    Installing RDoc documentation for tilt-1.4.1...
+    Installing RDoc documentation for rack-protection-1.5.3...
+    Installing RDoc documentation for sinatra-1.4.5...
+     ---> 97feabe5d2ed
+    Removing intermediate container 6b81cb6313e5
+    Successfully built 97feabe5d2ed
+
+You've specified our `docker build` command and used the `-t` flag to identify
+our new image as belonging to the user `ouruser`, the repository name `sinatra`
+and given it the tag `v2`.
+
+You've also specified the location of our `Dockerfile` using the `.` to
+indicate a `Dockerfile` in the current directory.
+
+> **Note:**
+> You can also specify a path to a `Dockerfile`.
+
+Now you can see the build process at work. The first thing Docker does is
+upload the build context: basically the contents of the directory you're
+building in. This is done because the Docker daemon does the actual
+build of the image and it needs the local context to do it.
+
+Next you can see each instruction in the `Dockerfile` being executed
+step-by-step. You can see that each step creates a new container, runs
+the instruction inside that container and then commits that change -
+just like the `docker commit` work flow you saw earlier. When all the
+instructions have executed you're left with the `97feabe5d2ed` image
+(also helpfuly tagged as `ouruser/sinatra:v2`) and all intermediate
+containers will get removed to clean things up.
+
+> **Note:**
+> An image can't have more than 127 layers regardless of the storage driver.
+> This limitation is set globally to encourage optimization of the overall
+> size of images.
+
+You can then create a container from our new image.
+
+    $ docker run -t -i ouruser/sinatra:v2 /bin/bash
+    root@8196968dac35:/#
+
+> **Note:**
+> This is just a brief introduction to creating images. We've
+> skipped a whole bunch of other instructions that you can use. We'll see more of
+> those instructions in later sections of the Guide or you can refer to the
+> [`Dockerfile`](../../reference/builder.md) reference for a
+> detailed description and examples of every instruction.
+> To help you write a clear, readable, maintainable `Dockerfile`, we've also
+> written a [`Dockerfile` Best Practices guide](../eng-image/dockerfile_best-practices.md).
+
+
+## Setting tags on an image
+
+You can also add a tag to an existing image after you commit or build it. We
+can do this using the `docker tag` command. Now, add a new tag to your
+`ouruser/sinatra` image.
+
+    $ docker tag 5db5f8471261 ouruser/sinatra:devel
+
+The `docker tag` command takes the ID of the image, here `5db5f8471261`, and our
+user name, the repository name and the new tag.
+
+Now, see your new tag using the `docker images` command.
+
+    $ docker images ouruser/sinatra
+    REPOSITORY          TAG     IMAGE ID      CREATED        SIZE
+    ouruser/sinatra     latest  5db5f8471261  11 hours ago   446.7 MB
+    ouruser/sinatra     devel   5db5f8471261  11 hours ago   446.7 MB
+    ouruser/sinatra     v2      5db5f8471261  11 hours ago   446.7 MB
+
+## Image Digests
+
+Images that use the v2 or later format have a content-addressable identifier
+called a `digest`. As long as the input used to generate the image is
+unchanged, the digest value is predictable. To list image digest values, use
+the `--digests` flag:
+
+    $ docker images --digests | head
+    REPOSITORY        TAG      DIGEST                                                                     IMAGE ID      CREATED       SIZE
+    ouruser/sinatra   latest   sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf    5db5f8471261  11 hours ago  446.7 MB
+
+When pushing or pulling to a 2.0 registry, the `push` or `pull` command
+output includes the image digest. You can `pull` using a digest value.
+
+    $ docker pull ouruser/sinatra@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
+
+You can also reference by digest in `create`, `run`, and `rmi` commands, as well as the
+`FROM` image reference in a Dockerfile.
+
+## Push an image to Docker Hub
+
+Once you've built or created a new image you can push it to [Docker
+Hub](https://hub.docker.com) using the `docker push` command. This
+allows you to share it with others, either publicly, or push it into [a
+private repository](https://hub.docker.com/account/billing-plans/).
+
+    $ docker push ouruser/sinatra
+    The push refers to a repository [ouruser/sinatra] (len: 1)
+    Sending image list
+    Pushing repository ouruser/sinatra (3 tags)
+    . . .
+
+## Remove an image from the host
+
+You can also remove images on your Docker host in a way [similar to
+containers](usingdocker.md) using the `docker rmi` command.
+
+Delete the `training/sinatra` image as you don't need it anymore.
+
+    $ docker rmi training/sinatra
+    Untagged: training/sinatra:latest
+    Deleted: 5bc342fa0b91cabf65246837015197eecfa24b2213ed6a51a8974ae250fedd8d
+    Deleted: ed0fffdcdae5eb2c3a55549857a8be7fc8bc4241fb19ad714364cbfd7a56b22f
+    Deleted: 5c58979d73ae448df5af1d8142436d81116187a7633082650549c52c3a2418f0
+
+> **Note:** To remove an image from the host, please make sure
+> that there are no containers actively based on it.
+
+# Next steps
+
+Until now you've seen how to build individual applications inside Docker
+containers. Now learn how to build whole application stacks with Docker
+by networking together multiple Docker containers.
+
+Go to [Network containers](networkingcontainers.md).
diff --git a/docs/userguide/containers/dockerizing.md b/docs/userguide/containers/dockerizing.md
new file mode 100644
index 00000000..92b02608
--- /dev/null
+++ b/docs/userguide/containers/dockerizing.md
@@ -0,0 +1,194 @@
+<!--[metadata]>
++++
+aliases = ["/engine/userguide/dockerizing/"]
+title = "Hello world in a container"
+description = "A simple 'Hello world' exercise that introduced you to Docker."
+keywords = ["docker guide, docker, docker platform, how to, dockerize, dockerizing apps, dockerizing applications, container,  containers"]
+[menu.main]
+parent="engine_learn"
+weight=-6
++++
+<![end-metadata]-->
+
+# Hello world in a container
+
+*So what's this Docker thing all about?*
+
+Docker allows you to run applications, worlds you create, inside containers.
+Running an application inside a container takes a single command: `docker run`.
+
+>**Note**: Depending on your Docker system configuration, you may be required to
+>preface each `docker` command on this page with `sudo`. To avoid this behavior,
+>your system administrator can create a Unix group called `docker` and add users
+>to it.
+
+## Run a Hello world
+
+Let's run a hello world container.
+
+    $ docker run ubuntu /bin/echo 'Hello world'
+    Hello world
+
+You just launched your first container!
+
+In this example:
+
+* `docker run` runs a container.
+
+* `ubuntu` is the image you run, for example the Ubuntu operating system image.
+  When you specify an image, Docker looks first for the image on your
+  Docker host. If the image does not exist locally, then the image is pulled from the public
+  image registry [Docker Hub](https://hub.docker.com).
+
+* `/bin/echo` is the command to run inside the new container.
+
+The container launches. Docker creates a new Ubuntu
+environment and executes the `/bin/echo` command inside it and then prints out:
+
+    Hello world
+
+So what happened to the container after that? Well, Docker containers
+only run as long as the command you specify is active. Therefore, in the above example,
+the container stops once the command is executed.
+
+## Run an interactive container
+
+Let's specify a new command to run in the container.
+
+    $ docker run -t -i ubuntu /bin/bash
+    root@af8bae53bdd3:/#
+
+In this example:
+
+* `docker run` runs a container.
+* `ubuntu` is the image you would like to run.
+* `-t` flag assigns a pseudo-tty or terminal inside the new container.
+* `-i` flag allows you to make an interactive connection by
+grabbing the standard in (`STDIN`) of the container.
+* `/bin/bash` launches a Bash shell inside our container.
+
+The container launches. We can see there is a
+command prompt inside it:
+
+    root@af8bae53bdd3:/#
+
+Let's try running some commands inside the container:
+
+    root@af8bae53bdd3:/# pwd
+    /
+    root@af8bae53bdd3:/# ls
+    bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
+
+In this example:
+
+* `pwd` displays the current directory, the `/` root directory.  
+* `ls` displays the directory listing of the root directory of a typical Linux file system.
+
+Now, you can play around inside this container. When completed, run the `exit` command or enter Ctrl-D
+to exit the interactive shell.
+
+    root@af8bae53bdd3:/# exit
+
+>**Note:** As with our previous container, once the Bash shell process has
+finished, the container stops.
+
+## Start a daemonized Hello world
+
+Let's create a container that runs as a daemon.
+
+    $ docker run -d ubuntu /bin/sh -c "while true; do echo hello world; sleep 1; done"
+    1e5535038e285177d5214659a068137486f96ee5c2e85a4ac52dc83f2ebe4147
+
+In this example:
+
+* `docker run` runs the container.
+* `-d` flag runs the container in the background (to daemonize it).
+* `ubuntu` is the image you would like to run.
+
+Finally, we specify a command to run:
+
+    /bin/sh -c "while true; do echo hello world; sleep 1; done"
+
+
+In the output, we do not see `hello world` but a long string:
+
+    1e5535038e285177d5214659a068137486f96ee5c2e85a4ac52dc83f2ebe4147
+
+This long string is called a *container ID*. It uniquely
+identifies a container so we can work with it.
+
+> **Note:**
+> The container ID is a bit long and unwieldy. Later, we will cover the short
+> ID and ways to name our containers to make
+> working with them easier.
+
+We can use this container ID to see what's happening with our `hello world` daemon.
+
+First, let's make sure our container is running. Run the `docker ps` command.
+The `docker ps` command queries the Docker daemon for information about all the containers it knows
+about.
+
+    $ docker ps
+    CONTAINER ID  IMAGE         COMMAND               CREATED        STATUS       PORTS NAMES
+    1e5535038e28  ubuntu  /bin/sh -c 'while tr  2 minutes ago  Up 1 minute        insane_babbage
+
+In this example, we can see our daemonized container. The `docker ps` returns some useful
+information:
+
+* `1e5535038e28` is the shorter variant of the container ID.
+* `ubuntu` is the used image.
+* the command, status, and assigned name `insane_babbage`.
+
+
+> **Note:**
+> Docker automatically generates names for any containers started.
+> We'll see how to specify your own names a bit later.
+
+Now, we know the container is running. But is it doing what we asked it to do? To
+see this we're going to look inside the container using the `docker logs`
+command.
+
+Let's use the container name `insane_babbage`.
+
+    $ docker logs insane_babbage
+    hello world
+    hello world
+    hello world
+    . . .
+
+In this example:
+
+* `docker logs` looks inside the container and returns `hello world`.
+
+Awesome! The daemon is working and you have just created your first
+Dockerized application!
+
+Next, run the `docker stop` command to stop our detached container.
+
+    $ docker stop insane_babbage
+    insane_babbage
+
+The `docker stop` command tells Docker to politely stop the running
+container and returns the name of the container it stopped.
+
+Let's check it worked with the `docker ps` command.
+
+    $ docker ps
+    CONTAINER ID  IMAGE         COMMAND               CREATED        STATUS       PORTS NAMES
+
+Excellent. Our container is stopped.
+
+# Next steps
+
+So far, you launched your first containers using the `docker run` command. You
+ran an *interactive container* that ran in the foreground. You also ran a
+*detached container* that ran in the background. In the process you learned
+about several Docker commands:
+
+* `docker ps` - Lists containers.
+* `docker logs` - Shows us the standard output of a container.
+* `docker stop` - Stops running containers.
+
+Now, you have the basis learn more about Docker and how to do some more advanced
+tasks. Go to ["*Run a simple application*"](usingdocker.md) to actually build a
+web application with the Docker client.
diff --git a/docs/userguide/containers/dockerrepos.md b/docs/userguide/containers/dockerrepos.md
new file mode 100644
index 00000000..8274adb8
--- /dev/null
+++ b/docs/userguide/containers/dockerrepos.md
@@ -0,0 +1,187 @@
+<!--[metadata]>
++++
+aliases = ["/engine/userguide/dockerrepos/"]
+title = "Store images on Docker Hub"
+description = "Learn how to use the Docker Hub to manage Docker images and work flow"
+keywords = ["repo, Docker Hub, Docker Hub, registry, index, repositories, usage, pull image, push image, image,  documentation"]
+[menu.main]
+parent = "engine_learn"
++++
+<![end-metadata]-->
+
+# Store images on Docker Hub
+
+So far you've learned how to use the command line to run Docker on your local
+host. You've learned how to [pull down images](usingdocker.md) to build
+containers from existing images and you've learned how to [create your own
+images](dockerimages.md).
+
+Next, you're going to learn how to use the [Docker Hub](https://hub.docker.com)
+to simplify and enhance your Docker workflows.
+
+The [Docker Hub](https://hub.docker.com) is a public registry maintained by
+Docker, Inc. It contains images you can download and use to build
+containers. It also provides authentication, work group structure, workflow
+tools like webhooks and build triggers, and privacy tools like private
+repositories for storing images you don't want to share publicly.
+
+## Docker commands and Docker Hub
+
+Docker itself provides access to Docker Hub services via the `docker search`,
+`pull`, `login`, and `push` commands. This page will show you how these commands work.
+
+### Account creation and login
+Before you try an Engine CLI command, if you haven't already, create a Docker
+ID. You can do this through [Docker Hub](https://hub.docker.com/). Once you have
+a Docker ID, log into your account from the Engine CLI:
+
+```bash
+$ docker login
+```
+
+The `login` command stores your Docker ID authentication credentials in the
+`$HOME/.docker/config.json` (Bash notation). For Windows `cmd` users the
+notation for this file is `%HOME%\.docker\config.json` ; for PowerShell users
+the notation is `$env:Home\.docker\config.json`. 
+
+Once you have logged in from the command line, you can `commit` and `push`
+Engine subcommands to interact with your repos on Docker Hub.
+
+## Searching for images
+
+You can search the [Docker Hub](https://hub.docker.com) registry via its search
+interface or by using the command line interface. Searching can find images by image
+name, user name, or description:
+
+    $ docker search centos
+    NAME           DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
+    centos         The official build of CentOS                    1223      [OK]
+    tianon/centos  CentOS 5 and 6, created using rinse instea...   33
+    ...
+
+There you can see two example results: `centos` and `tianon/centos`. The second
+result shows that it comes from the public repository of a user, named
+`tianon/`, while the first result, `centos`, doesn't explicitly list a
+repository which means that it comes from the trusted top-level namespace for
+[Official Repositories](https://docs.docker.com/docker-hub/official_repos/). The `/` character separates
+a user's repository from the image name.
+
+Once you've found the image you want, you can download it with `docker pull <imagename>`:
+
+    $ docker pull centos
+    Using default tag: latest
+    latest: Pulling from library/centos
+    f1b10cd84249: Pull complete
+    c852f6d61e65: Pull complete
+    7322fbe74aa5: Pull complete
+    Digest: sha256:90305c9112250c7e3746425477f1c4ef112b03b4abe78c612e092037bfecc3b7
+    Status: Downloaded newer image for centos:latest
+
+You now have an image from which you can run containers.
+
+### Specific Versions or Latest
+Using `docker pull centos` is equivalent to using `docker pull centos:latest`.
+To pull an image that is not the default latest image you can be more precise
+with the image that you want.
+
+For example, to pull version 5 of `centos` use `docker pull centos:centos5`.
+In this example, `centos5` is the tag labeling an image in the `centos`
+repository for a version of `centos`.
+
+To find a list of tags pointing to currently available versions of a repository
+see the [Docker Hub](https://hub.docker.com) registry.
+
+## Contributing to Docker Hub
+
+Anyone can pull public images from the [Docker Hub](https://hub.docker.com)
+registry, but if you would like to share your own images, then you must
+[register first](https://docs.docker.com/docker-hub/accounts).
+
+## Pushing a repository to Docker Hub
+
+In order to push a repository to its registry, you need to have named an image
+or committed your container to a named image as we saw
+[here](dockerimages.md).
+
+Now you can push this repository to the registry designated by its name or tag.
+
+    $ docker push yourname/newimage
+
+The image will then be uploaded and available for use by your team-mates and/or the
+community.
+
+## Features of Docker Hub
+
+Let's take a closer look at some of the features of Docker Hub. You can find more
+information [here](https://docs.docker.com/docker-hub/).
+
+* Private repositories
+* Organizations and teams
+* Automated Builds
+* Webhooks
+
+### Private repositories
+
+Sometimes you have images you don't want to make public and share with
+everyone. So Docker Hub allows you to have private repositories. You can
+sign up for a plan [here](https://hub.docker.com/account/billing-plans/).
+
+### Organizations and teams
+
+One of the useful aspects of private repositories is that you can share
+them only with members of your organization or team. Docker Hub lets you
+create organizations where you can collaborate with your colleagues and
+manage private repositories. You can learn how to create and manage an organization
+[here](https://hub.docker.com/organizations/).
+
+### Automated Builds
+
+Automated Builds automate the building and updating of images from
+[GitHub](https://www.github.com) or [Bitbucket](http://bitbucket.com), directly on Docker
+Hub. It works by adding a commit hook to your selected GitHub or Bitbucket repository,
+triggering a build and update when you push a commit.
+
+#### To setup an Automated Build
+
+1.  Create a [Docker Hub account](https://hub.docker.com/) and login.
+2.  Link your GitHub or Bitbucket account on the ["Linked Accounts &amp; Services"](https://hub.docker.com/account/authorized-services/) page.
+3.  Select "Create Automated Build" from the "Create" dropdown menu
+4.  Pick a GitHub or Bitbucket project that has a `Dockerfile` that you want to build.
+5.  Pick the branch you want to build (the default is the `master` branch).
+6.  Give the Automated Build a name.
+7.  Assign an optional Docker tag to the Build.
+8.  Specify where the `Dockerfile` is located. The default is `/`.
+
+Once the Automated Build is configured it will automatically trigger a
+build and, in a few minutes, you should see your new Automated Build on the [Docker Hub](https://hub.docker.com)
+Registry. It will stay in sync with your GitHub and Bitbucket repository until you
+deactivate the Automated Build.
+
+To check the output and status of your Automated Build repositories, click on a repository name within the ["Your Repositories" page](https://registry.hub.docker.com/repos/). Automated Builds are indicated by a check-mark icon next to the repository name. Within the repository details page, you may click on the "Build Details" tab to view the status and output of all builds triggered by the Docker Hub.
+
+Once you've created an Automated Build you can deactivate or delete it. You
+cannot, however, push to an Automated Build with the `docker push` command.
+You can only manage it by committing code to your GitHub or Bitbucket
+repository.
+
+You can create multiple Automated Builds per repository and configure them
+to point to specific `Dockerfile`'s or Git branches.
+
+#### Build triggers
+
+Automated Builds can also be triggered via a URL on Docker Hub. This
+allows you to rebuild an Automated build image on demand.
+
+### Webhooks
+
+Webhooks are attached to your repositories and allow you to trigger an
+event when an image or updated image is pushed to the repository. With
+a webhook you can specify a target URL and a JSON payload that will be
+delivered when the image is pushed.
+
+See the Docker Hub documentation for [more information on
+webhooks](https://docs.docker.com/docker-hub/repos/#webhooks)
+
+## Next steps
+
+Go and use Docker!
diff --git a/docs/userguide/containers/dockervolumes.md b/docs/userguide/containers/dockervolumes.md
new file mode 100644
index 00000000..9c960d1f
--- /dev/null
+++ b/docs/userguide/containers/dockervolumes.md
@@ -0,0 +1,372 @@
+<!--[metadata]>
++++
+aliases = ["/engine/userguide/dockervolumes/"]
+title = "Manage data in containers"
+description = "How to manage data inside your Docker containers."
+keywords = ["Examples, Usage, volume, docker, documentation, user guide, data,  volumes"]
+[menu.main]
+parent = "engine_learn"
++++
+<![end-metadata]-->
+
+# Manage data in containers
+
+So far you've been introduced to some [basic Docker
+concepts](../containers/usingdocker.md), seen how to work with [Docker
+images](../containers/dockerimages.md) as well as learned about [networking and
+links between containers](../networking/default_network/dockerlinks.md). In this
+section you're going to learn how you can manage data inside and between your
+Docker containers.
+
+You're going to look at the two primary ways you can manage data with
+Docker Engine.
+
+* Data volumes
+* Data volume containers
+
+## Data volumes
+
+A *data volume* is a specially-designated directory within one or more
+containers that bypasses the [*Union File System*](../../reference/glossary.md#union-file-system). Data volumes provide several useful features for persistent or shared data:
+
+- Volumes are initialized when a container is created. If the container's
+  base image contains data at the specified mount point, that existing data is
+  copied into the new volume upon volume initialization. (Note that this does
+  not apply when [mounting a host directory](#mount-a-host-directory-as-a-data-volume).)
+- Data volumes can be shared and reused among containers.
+- Changes to a data volume are made directly.
+- Changes to a data volume will not be included when you update an image.
+- Data volumes persist even if the container itself is deleted.
+
+Data volumes are designed to persist data, independent of the container's life
+cycle. Docker therefore *never* automatically deletes volumes when you remove
+a container, nor will it "garbage collect" volumes that are no longer
+referenced by a container.
+
+### Adding a data volume
+
+You can add a data volume to a container using the `-v` flag with the
+`docker create` and `docker run` command. You can use the `-v` multiple times
+to mount multiple data volumes. Now, mount a single volume in your web
+application container.
+
+```bash
+$ docker run -d -P --name web -v /webapp training/webapp python app.py
+```
+
+This will create a new volume inside a container at `/webapp`.
+
+> **Note:**
+> You can also use the `VOLUME` instruction in a `Dockerfile` to add one or
+> more new volumes to any container created from that image.
+
+### Locating a volume
+
+You can locate the volume on the host by utilizing the `docker inspect` command.
+
+```bash
+$ docker inspect web
+```
+
+The output will provide details on the container configurations including the
+volumes. The output should look something similar to the following:
+
+```json
+...
+"Mounts": [
+    {
+        "Name": "fac362...80535",
+        "Source": "/var/lib/docker/volumes/fac362...80535/_data",
+        "Destination": "/webapp",
+        "Driver": "local",
+        "Mode": "",
+        "RW": true,
+        "Propagation": ""
+    }
+]
+...
+```
+
+You will notice in the above `Source` is specifying the location on the host and
+`Destination` is specifying the volume location inside the container. `RW` shows
+if the volume is read/write.
+
+### Mount a host directory as a data volume
+
+In addition to creating a volume using the `-v` flag you can also mount a
+directory from your Engine daemon's host into a container.
+
+```bash
+$ docker run -d -P --name web -v /src/webapp:/opt/webapp training/webapp python app.py
+```
+
+This command mounts the host directory, `/src/webapp`, into the container at
+`/opt/webapp`.  If the path `/opt/webapp` already exists inside the container's
+image, the `/src/webapp` mount overlays but does not remove the pre-existing
+content. Once the mount is removed, the content is accessible again. This is
+consistent with the expected behavior of the `mount` command.
+
+The `container-dir` must always be an absolute path such as `/src/docs`.
+The `host-dir` can either be an absolute path or a `name` value. If you
+supply an absolute path for the `host-dir`, Docker bind-mounts to the path
+you specify. If you supply a `name`, Docker creates a named volume by that `name`.
+
+A `name` value must start with an alphanumeric character,
+followed by `a-z0-9`, `_` (underscore), `.` (period) or `-` (hyphen).
+An absolute path starts with a `/` (forward slash).
+
+For example, you can specify either `/foo` or `foo` for a `host-dir` value.
+If you supply the `/foo` value, Engine creates a bind-mount. If you supply
+the `foo` specification, Engine creates a named volume.
+
+If you are using Docker Machine on Mac or Windows, your Engine daemon has only
+limited access to your OS X or Windows filesystem. Docker Machine tries to
+auto-share your `/Users` (OS X) or `C:\Users` (Windows) directory.  So, you can
+mount files or directories on OS X using.
+
+```bash
+docker run -v /Users/<path>:/<container path> ...
+```
+
+On Windows, mount directories using:
+
+```bash
+docker run -v /c/Users/<path>:/<container path> ...`
+```
+
+All other paths come from your virtual machine's filesystem, so if you want
+to make some other host folder available for sharing, you need to do
+additional work. In the case of VirtualBox you need to make the host folder
+available as a shared folder in VirtualBox. Then, you can mount it using the
+Docker `-v` flag.
+
+Mounting a host directory can be useful for testing. For example, you can mount
+source code inside a container. Then, change the source code and see its effect
+on the application in real time. The directory on the host must be specified as
+an absolute path and if the directory doesn't exist the Engine daemon automatically
+creates it for you.
+
+Docker volumes default to mount in read-write mode, but you can also set it to
+be mounted read-only.
+
+```bash
+$ docker run -d -P --name web -v /src/webapp:/opt/webapp:ro training/webapp python app.py
+```
+
+Here you've mounted the same `/src/webapp` directory but you've added the `ro`
+option to specify that the mount should be read-only.
+
+Because of [limitations in the `mount`
+function](http://lists.linuxfoundation.org/pipermail/containers/2015-April/035788.html),
+moving subdirectories within the host's source directory can give
+access from the container to the host's file system. This requires a malicious
+user with access to host and its mounted directory.
+
+>**Note**: The host directory is, by its nature, host-dependent. For this
+>reason, you can't mount a host directory from `Dockerfile` because built images
+>should be portable. A host directory wouldn't be available on all potential
+>hosts.
+
+### Mount a shared-storage volume as a data volume
+
+In addition to mounting a host directory in your container, some Docker
+[volume plugins](../../extend/plugins_volume.md) allow you to
+provision and mount shared storage, such as iSCSI, NFS, or FC.
+
+A benefit of using shared volumes is that they are host-independent. This
+means that a volume can be made available on any host that a container is
+started on as long as it has access to the shared storage backend, and has
+the plugin installed.
+
+One way to use volume drivers is through the `docker run` command.
+Volume drivers create volumes by name, instead of by path like in
+the other examples.
+
+The following command creates a named volume, called `my-named-volume`,
+using the `flocker` volume driver, and makes it available within the container
+at `/opt/webapp`:
+
+```bash
+$ docker run -d -P \
+  --volume-driver=flocker \
+  -v my-named-volume:/opt/webapp \
+  --name web training/webapp python app.py
+```
+
+You may also use the `docker volume create` command, to create a volume before
+using it in a container.
+
+The following example also creates the `my-named-volume` volume, this time
+using the `docker volume create` command.
+
+```bash
+$ docker volume create -d flocker --name my-named-volume -o size=20GB
+$ docker run -d -P \
+  -v my-named-volume:/opt/webapp \
+  --name web training/webapp python app.py
+```
+
+A list of available plugins, including volume plugins, is available
+[here](../../extend/plugins.md).
+
+### Volume labels
+
+Labeling systems like SELinux require that proper labels are placed on volume
+content mounted into a container. Without a label, the security system might
+prevent the processes running inside the container from using the content. By
+default, Docker does not change the labels set by the OS.
+
+To change a label in the container context, you can add either of two suffixes
+`:z` or `:Z` to the volume mount. These suffixes tell Docker to relabel file
+objects on the shared volumes. The `z` option tells Docker that two containers
+share the volume content. As a result, Docker labels the content with a shared
+content label. Shared volume labels allow all containers to read/write content.
+The `Z` option tells Docker to label the content with a private unshared label.
+Only the current container can use a private volume.
+
+### Mount a host file as a data volume
+
+The `-v` flag can also be used to mount a single file  - instead of *just*
+directories - from the host machine.
+
+```bash
+$ docker run --rm -it -v ~/.bash_history:/root/.bash_history ubuntu /bin/bash
+```
+
+This will drop you into a bash shell in a new container, you will have your bash
+history from the host and when you exit the container, the host will have the
+history of the commands typed while in the container.
+
+> **Note:**
+> Many tools used to edit files including `vi` and `sed --in-place` may result
+> in an inode change. Since Docker v1.1.0, this will produce an error such as
+> "*sed: cannot rename ./sedKdJ9Dy: Device or resource busy*". In the case where
+> you want to edit the mounted file, it is often easiest to instead mount the
+> parent directory.
+
+## Creating and mounting a data volume container
+
+If you have some persistent data that you want to share between
+containers, or want to use from non-persistent containers, it's best to
+create a named Data Volume Container, and then to mount the data from
+it.
+
+Let's create a new named container with a volume to share.
+While this container doesn't run an application, it reuses the `training/postgres`
+image so that all containers are using layers in common, saving disk space.
+
+```bash
+$ docker create -v /dbdata --name dbstore training/postgres /bin/true
+```
+
+You can then use the `--volumes-from` flag to mount the `/dbdata` volume in another container.
+
+```bash
+$ docker run -d --volumes-from dbstore --name db1 training/postgres
+```
+
+And another:
+
+```bash
+$ docker run -d --volumes-from dbstore --name db2 training/postgres
+```
+
+In this case, if the `postgres` image contained a directory called `/dbdata`
+then mounting the volumes from the `dbstore` container hides the
+`/dbdata` files from the `postgres` image. The result is only the files
+from the `dbstore` container are visible.
+
+You can use multiple `--volumes-from` parameters to combine data volumes from
+several containers. To find detailed information about `--volumes-from` see the
+[Mount volumes from container](../../reference/commandline/run.md#mount-volumes-from-container-volumes-from)
+in the `run` command reference.
+
+You can also extend the chain by mounting the volume that came from the
+`dbstore` container in yet another container via the `db1` or `db2` containers.
+
+```bash
+$ docker run -d --name db3 --volumes-from db1 training/postgres
+```
+
+If you remove containers that mount volumes, including the initial `dbstore`
+container, or the subsequent containers `db1` and `db2`, the volumes will not
+be deleted.  To delete the volume from disk, you must explicitly call
+`docker rm -v` against the last container with a reference to the volume. This
+allows you to upgrade, or effectively migrate data volumes between containers.
+
+> **Note:** Docker will not warn you when removing a container *without*
+> providing the `-v` option to delete its volumes. If you remove containers
+> without using the `-v` option, you may end up with "dangling" volumes;
+> volumes that are no longer referenced by a container.
+> You can use `docker volume ls -f dangling=true` to find dangling volumes,
+> and use `docker volume rm <volume name>` to remove a volume that's
+> no longer needed.
+
+## Backup, restore, or migrate data volumes
+
+Another useful function we can perform with volumes is use them for
+backups, restores or migrations.  You do this by using the
+`--volumes-from` flag to create a new container that mounts that volume,
+like so:
+
+```bash
+$ docker run --rm --volumes-from dbstore -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /dbdata
+```
+
+Here you've launched a new container and mounted the volume from the
+`dbstore` container. You've then mounted a local host directory as
+`/backup`. Finally, you've passed a command that uses `tar` to backup the
+contents of the `dbdata` volume to a `backup.tar` file inside our
+`/backup` directory. When the command completes and the container stops
+we'll be left with a backup of our `dbdata` volume.
+
+You could then restore it to the same container, or another that you've made
+elsewhere. Create a new container.
+
+```bash
+$ docker run -v /dbdata --name dbstore2 ubuntu /bin/bash
+```
+
+Then un-tar the backup file in the new container`s data volume.
+
+```bash
+$ docker run --rm --volumes-from dbstore2 -v $(pwd):/backup ubuntu bash -c "cd /dbdata && tar xvf /backup/backup.tar --strip 1"
+```
+
+You can use the techniques above to automate backup, migration and
+restore testing using your preferred tools.
+
+## Removing volumes
+
+A Docker data volume persists after a container is deleted. You can create named
+or anonymous volumes. Named volumes have a specific source form outside the
+container, for example `awesome:/bar`. Anonymous volumes have no specific
+source. When the container is deleted, you should instruction the Engine daemon
+to clean up anonymous volumes. To do this, use the `--rm` option, for example:
+
+```bash
+$ docker run --rm -v /foo -v awesome:/bar busybox top,
+```
+
+This command creates an anonymous `/foo` volume. When the container is removed,
+Engine removes the `/foo` volume but not the `awesome` volume.
+
+## Important tips on using shared volumes
+
+Multiple containers can also share one or more data volumes. However, multiple
+containers writing to a single shared volume can cause data corruption. Make
+sure your applications are designed to write to shared data stores.
+
+Data volumes are directly accessible from the Docker host. This means you can
+read and write to them with normal Linux tools. In most cases you should not do
+this as it can cause data corruption if your containers and applications are
+unaware of your direct access.
+
+# Next steps
+
+Now you've learned a bit more about how to use Docker we're going to see how to
+combine Docker with the services available on
+[Docker Hub](https://hub.docker.com) including Automated Builds and private
+repositories.
+
+Go to [Working with Docker Hub](../containers/dockerrepos.md).
diff --git a/docs/userguide/containers/index.md b/docs/userguide/containers/index.md
new file mode 100644
index 00000000..2de0dcce
--- /dev/null
+++ b/docs/userguide/containers/index.md
@@ -0,0 +1,19 @@
+<!--[metadata]>
++++
+title = "Learn by example"
+description = "Explains how to work with containers"
+keywords = ["docker, introduction, documentation, about, technology, docker.io, user, guide, user's, manual, platform, framework, home,  intro"]
+[menu.main]
+identifier="engine_learn"
+parent = "engine_guide"
++++
+<![end-metadata]-->
+
+# Learn by example
+
+* [Hello world in a container](dockerizing.md)
+* [Run a simple application](usingdocker.md)
+* [Build your own images](dockerimages.md)
+* [Network containers](networkingcontainers.md)
+* [Manage data in containers](dockervolumes.md)
+* [Store images on Docker Hub](dockerrepos.md)
diff --git a/docs/userguide/containers/networkingcontainers.md b/docs/userguide/containers/networkingcontainers.md
new file mode 100644
index 00000000..9355e756
--- /dev/null
+++ b/docs/userguide/containers/networkingcontainers.md
@@ -0,0 +1,247 @@
+<!--[metadata]>
++++
+aliases = ["/engine/userguide/networkigncontainers/"]
+title = "Network containers"
+description = "How to network Docker containers."
+keywords = ["Examples, Usage, volume, docker, documentation, user guide, data,  volumes"]
+[menu.main]
+parent = "engine_learn"
+weight = -3
++++
+<![end-metadata]-->
+
+
+# Network containers
+
+If you are working your way through the user guide, you just built and ran a
+simple application. You've also built in your own images. This section teaches
+you how to network your containers.
+
+## Name a container
+
+You've already seen that each container you create has an automatically
+created name; indeed you've become familiar with our old friend
+`nostalgic_morse` during this guide. You can also name containers
+yourself. This naming provides two useful functions:
+
+*  You can name containers that do specific functions in a way
+   that makes it easier for you to remember them, for example naming a
+   container containing a web application `web`.
+
+*  Names provide Docker with a reference point that allows it to refer to other
+   containers. There are several commands that support this and you'll use one in an exercise later.
+
+You name your container by using the `--name` flag, for example launch a new container called web:
+
+    $ docker run -d -P --name web training/webapp python app.py
+
+Use the `docker ps` command to check the name:
+
+    $ docker ps -l
+    CONTAINER ID  IMAGE                  COMMAND        CREATED       STATUS       PORTS                    NAMES
+    aed84ee21bde  training/webapp:latest python app.py  12 hours ago  Up 2 seconds 0.0.0.0:49154->5000/tcp  web
+
+You can also use `docker inspect` with the container's name.
+
+    $ docker inspect web
+    [
+    {
+        "Id": "3ce51710b34f5d6da95e0a340d32aa2e6cf64857fb8cdb2a6c38f7c56f448143",
+        "Created": "2015-10-25T22:44:17.854367116Z",
+        "Path": "python",
+        "Args": [
+            "app.py"
+        ],
+        "State": {
+            "Status": "running",
+            "Running": true,
+            "Paused": false,
+            "Restarting": false,
+            "OOMKilled": false,
+      ...
+
+Container names must be unique. That means you can only call one container
+`web`. If you want to re-use a container name you must delete the old container
+(with `docker rm`) before you can reuse the name with a new container. Go ahead and stop and remove your old `web` container.
+
+    $ docker stop web
+    web
+    $ docker rm web
+    web
+
+
+## Launch a container on the default network
+
+Docker includes support for networking containers through the use of **network
+drivers**. By default, Docker provides two network drivers for you, the
+`bridge` and the `overlay` drivers. You can also write a network driver plugin so
+that you can create your own drivers but that is an advanced task.
+
+Every installation of the Docker Engine automatically includes three default networks. You can list them:
+
+    $ docker network ls
+    NETWORK ID          NAME                DRIVER
+    18a2866682b8        none                null                
+    c288470c46f6        host                host                
+    7b369448dccb        bridge              bridge  
+
+The network named `bridge` is a special network. Unless you tell it otherwise, Docker always launches your containers in this network. Try this now:
+
+    $ docker run -itd --name=networktest ubuntu
+    74695c9cea6d9810718fddadc01a727a5dd3ce6a69d09752239736c030599741
+
+Inspecting the network is an easy way to find out the container's IP address.
+
+```bash
+$ docker network inspect bridge
+[
+    {
+        "Name": "bridge",
+        "Id": "f7ab26d71dbd6f557852c7156ae0574bbf62c42f539b50c8ebde0f728a253b6f",
+        "Scope": "local",
+        "Driver": "bridge",
+        "IPAM": {
+            "Driver": "default",
+            "Config": [
+                {
+                    "Subnet": "172.17.0.1/16",
+                    "Gateway": "172.17.0.1"
+                }
+            ]
+        },
+        "Containers": {
+            "3386a527aa08b37ea9232cbcace2d2458d49f44bb05a6b775fba7ddd40d8f92c": {
+                "EndpointID": "647c12443e91faf0fd508b6edfe59c30b642abb60dfab890b4bdccee38750bc1",
+                "MacAddress": "02:42:ac:11:00:02",
+                "IPv4Address": "172.17.0.2/16",
+                "IPv6Address": ""
+            },
+            "94447ca479852d29aeddca75c28f7104df3c3196d7b6d83061879e339946805c": {
+                "EndpointID": "b047d090f446ac49747d3c37d63e4307be745876db7f0ceef7b311cbba615f48",
+                "MacAddress": "02:42:ac:11:00:03",
+                "IPv4Address": "172.17.0.3/16",
+                "IPv6Address": ""
+            }
+        },
+        "Options": {
+            "com.docker.network.bridge.default_bridge": "true",
+            "com.docker.network.bridge.enable_icc": "true",
+            "com.docker.network.bridge.enable_ip_masquerade": "true",
+            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
+            "com.docker.network.bridge.name": "docker0",
+            "com.docker.network.driver.mtu": "9001"
+        }
+    }
+]
+```
+
+You can remove a container from a network by disconnecting the container. To do this, you supply both the network name and the container name. You can also use the container id. In this example, though, the name is faster.
+
+    $ docker network disconnect bridge networktest
+
+While you can disconnect a container from a network, you cannot remove the  builtin `bridge` network named `bridge`. Networks are natural ways to isolate containers from other containers or other networks. So, as you get more experienced with Docker, you'll want to create your own networks.
+
+## Create your own bridge network
+
+Docker Engine natively supports both bridge networks and overlay networks. A bridge network is limited to a single host running Docker Engine. An overlay network can include multiple hosts and is a more advanced topic. For this example, you'll create a bridge network:  
+
+    $ docker network create -d bridge my-bridge-network
+
+The `-d` flag tells Docker to use the `bridge` driver for the new network. You could have left this flag off as `bridge` is the default value for this flag. Go ahead and list the networks on your machine:
+
+    $ docker network ls
+    NETWORK ID          NAME                DRIVER
+    7b369448dccb        bridge              bridge              
+    615d565d498c        my-bridge-network   bridge              
+    18a2866682b8        none                null                
+    c288470c46f6        host                host
+
+If you inspect the network, you'll find that it has nothing in it.
+
+    $ docker network inspect my-bridge-network
+    [
+        {
+            "Name": "my-bridge-network",
+            "Id": "5a8afc6364bccb199540e133e63adb76a557906dd9ff82b94183fc48c40857ac",
+            "Scope": "local",
+            "Driver": "bridge",
+            "IPAM": {
+                "Driver": "default",
+                "Config": [
+                    {
+                        "Subnet": "172.18.0.0/16",
+                        "Gateway": "172.18.0.1/16"
+                    }
+                ]
+            },
+            "Containers": {},
+            "Options": {}
+        }
+    ]
+
+## Add containers to a network
+
+To build web applications that act in concert but do so securely, create a
+network. Networks, by definition, provide complete isolation for containers. You
+can add containers to a network when you first run a container.
+
+Launch a container running a PostgreSQL database and pass it the `--net=my-bridge-network` flag to connect it to your new network:
+
+    $ docker run -d --net=my-bridge-network --name db training/postgres
+
+If you inspect your `my-bridge-network` you'll see it has a container attached.
+You can also inspect your container to see where it is connected:
+
+    $ docker inspect --format='{{json .NetworkSettings.Networks}}'  db
+    {"my-bridge-network":{"NetworkID":"7d86d31b1478e7cca9ebed7e73aa0fdeec46c5ca29497431d3007d2d9e15ed99",
+    "EndpointID":"508b170d56b2ac9e4ef86694b0a76a22dd3df1983404f7321da5649645bf7043","Gateway":"172.18.0.1","IPAddress":"172.18.0.2","IPPrefixLen":16,"IPv6Gateway":"","GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"MacAddress":"02:42:ac:11:00:02"}}
+
+Now, go ahead and start your by now familiar web application. This time leave off the `-P` flag and also don't specify a network.
+
+    $ docker run -d --name web training/webapp python app.py
+
+Which network is your `web` application running under? Inspect the application and you'll find it is running in the default `bridge` network.
+
+    $ docker inspect --format='{{json .NetworkSettings.Networks}}'  web
+    {"bridge":{"NetworkID":"7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812",
+    "EndpointID":"508b170d56b2ac9e4ef86694b0a76a22dd3df1983404f7321da5649645bf7043","Gateway":"172.17.0.1","IPAddress":"172.17.0.2","IPPrefixLen":16,"IPv6Gateway":"","GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"MacAddress":"02:42:ac:11:00:02"}}
+
+Then, get the IP address of your `web`
+
+    $ docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' web
+    172.17.0.2
+
+Now, open a shell to your running `db` container:
+
+    $ docker exec -it db bash
+    root@a205f0dd33b2:/# ping 172.17.0.2
+    ping 172.17.0.2
+    PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
+    ^C
+    --- 172.17.0.2 ping statistics ---
+    44 packets transmitted, 0 received, 100% packet loss, time 43185ms
+
+After a bit, use `CTRL-C` to end the `ping` and you'll find the ping failed. That is because the two containers are running on different networks. You can fix that. Then, use the `exit` command to close the container.
+
+Docker networking allows you to attach a container to as many networks as you like. You can also attach an already running container. Go ahead and attach your running `web` app to the `my-bridge-network`.
+
+    $ docker network connect my-bridge-network web
+
+Open a shell into the `db` application again and try the ping command. This time just use the container name `web` rather than the IP Address.
+
+    $ docker exec -it db bash
+    root@a205f0dd33b2:/# ping web
+    PING web (172.18.0.3) 56(84) bytes of data.
+    64 bytes from web (172.18.0.3): icmp_seq=1 ttl=64 time=0.095 ms
+    64 bytes from web (172.18.0.3): icmp_seq=2 ttl=64 time=0.060 ms
+    64 bytes from web (172.18.0.3): icmp_seq=3 ttl=64 time=0.066 ms
+    ^C
+    --- web ping statistics ---
+    3 packets transmitted, 3 received, 0% packet loss, time 2000ms
+    rtt min/avg/max/mdev = 0.060/0.073/0.095/0.018 ms
+
+The `ping` shows it is contacting a different IP address, the address on the `my-bridge-network` which is different from its address on the `bridge` network.
+
+## Next steps
+
+Now that you know how to network containers, see [how to manage data in containers](dockervolumes.md).
diff --git a/docs/userguide/containers/search.png b/docs/userguide/containers/search.png
new file mode 100644
index 0000000000000000000000000000000000000000..187b8d9ed89e453f34eb40d46d6939e1a45774e2
GIT binary patch
literal 17923
zcmb@sWl$VU&^5Y?JBvFk1h?QW3&Dd+LU0QZB)Hq+1oz+scXxNU0KwheUH5z5A79mb
zf8M&cYierxbXA`pQ#Es@dw!`Z%VMIDq5%K^OnEsebpQY!3;+P_P~iVVg2fF-{{sN3
ziki|e80<d;KBD;@2HV};h55t5VDJCg8w_@FdHM4CzI%F|)%ox5+7TeU8Q@U<{`UU-
z{9HhZv$npz#0q|WeKq@TvAMZ<et!P=_$VhMoksyWIXN*lF@wFoZSQPfUtjMZ9K<Ii
z!p;t1f#mk~4#_F0_xJZh!z0fy7)ex1YfH=W^78HNEzAo5a|d*GcEX^5ztc07Rh6&+
z49g!@HxJK-M#g_~a_j2rtEll`AMXKy4FKQT`T6;f;1GzIC_?5a)Yng6-vE}RH!(R;
zKe<^yw2+yR?&<D+_xfH~Sg8H=TSRyS?ER6Cn|pzUs+E>#hM97Vk(>yhpt!93@BW3V
zipoG=Zy!C$(e?eRB6m>T1Oq+Yc;g>~oSyc%y~2@|*qG>z>6Y-=l(Wq_Ygez;g9|Vf
z<>~#aO?LO?8w^Ox^LTkQ4+mJ{W}=O0X7<luk0{9n0sxkA+qbVU*!2<#0QP!#vN{mm
z_OB*85*XTeceJ*2`Z(KL4giq4`2RxWlI$u=e%ac%+ZzQSF?aS2^{*Z|R1Cb|ZM<FG
z6fjU0w*E~iYIuLT<X~ZDtz3*wE&{-b&kwZv{Yn6OW<CC!S^R+ayLY|5wS#8(mDR!*
z;P@LUp~o%0Sj*Jbz{d5msg_^<%jw}Z5MG1IBQ7&8d}AOTK|3%oyICT-p?7lOaJB;G
z2*?gHF$&7YK}5P6?Di`fW_65$6ZM?Ph?jRR-dUWG%V?Rc4L>f(ignZ4^K;p@G3?24
zUgiZzX&4)aHN<(@)2H`VCAp6;Y{Cngzyk2m>-QYd;FfDE;E-(lb{=!<dg!Fo*|h98
zbUwdc{);c~UzNr_h!1B$0_r$NFHVoZDgq=dqZ*<OV12)UK}ETdu7&nu@2{}v@8Z7S
zzr8It5CmpBYfJkG!v(4_LEr$if-;5z2nGo7CJJ2tHg}}xkYFR(iN+YPU^OicW>}{=
zEX#Qy$XD3dGYSs{mTy8!E!d)~0n3zx#lTw%xZ}iBz?)^KYks%_03<u*r6e@nfu~EN
z)*obvkuUvfuSAN;@FKs1ygURabr(J3^tBPlvD%YHTmoJIJz8iJf38XO>pHr1Pj$8`
zNmO^N!~-Il6<Q&Xxt1<IX_VA&QuSsDbTwagtFx)b$G5+`UG`>Mm<KUOat;!k{;$c=
z=s)K@y^jN>ZxdC4*fc0GTQPZJ$_?C2%!1gzy1MEuvTA@B#3}PxV7UIvRkgMRO5_`x
zBn3jwa8&|iLdTqErV0&+Lypt<BiH@gM}MK=P0QHNlU4Qeby^S<FBMk->hF=&nci3B
zNDOR$3z_AVs8_Pbcb04@KN4Ogah6ugGX#md9#JADhjmkO_-AhM7ggMyWqGe5P%~_H
zz1)?{TyzC=r-fDf3C_B?DQq0Z)#j}Pf_i9p7^Wu1{DuRN?=9uY6|vMJ5`ZY5FP1Y&
z8>%+Cpxw)jU70MVi8HAbihPu#b2ak<9X@U7aAB(8KI6R7kRW+@xYM5aLn?`xXIkYc
z348B$ffJDmjf<v_Tc)C&w*&R6621#p09qgIAp5w&jqII|DA^rvjFR8BTmjoAH-F%{
zpyhkg*@W;jzO7o>I|g=VP^sUuM|J$%-^Y_?bXr7*A5DZZ4YGPs4GNCVXi*IBb#bF*
z=dnnMsy=Abj^IL+K`k<t2JKi7TGV7R@0DaZg(H792ME>|;MJ7S9a4UWD@1ueLV%Bt
zOo-cU(Cl6^YR8@P0uG!pIm0tiNr-+kR;{*}%Fo^zfi}jjb4S>+0;F}+w0!!YH4Go7
zho>oq1KKqX&N$X^2@PvMM%Di+Ir-+N!8}3JKI&%>yOTuu@}TgsXq%t<V(LdY-aG|J
z!eGFy(-0EvR~>EJrM3NT-ll{Y6xMHFo>Xur*8*h}jz0ZkjuS?!Bfe4Cr2PD<geSFl
zE-TM(d8T3mDW3}biF@~ujJkN@hAe-JdJSFdY)h|d>NQJ2P!ias{MGx(y?FcW0(py)
z68R#q3Ov*?dFNtLws2&VR4;tizG8$ZIQnpq8WlEr&b1?ByDD^o?K&x17{#K$dC<?1
z0%>bxHN*3GlLN&N%DL+uGrGwy+kzKt*8B)@bHXJ#_u*u$XdohJi-jrpQkGV$%wYjO
zn3y2Ae1AHANlALpqJcV1>>toIn1?nNA)ZjWLdW*P%{(Nef|wZ>){w4JDR`49c=7b~
z(#c(fYIbe-mI2(od$zQ%igiCA9$frWmIuT+uSwr>RAea%Wt>lwD`blWN?8re1A+pg
zq{{e_p8rDUj&2u0oeoeHrU1NYF%O~a`0)H(Mp`gsIs{VwD-yrh|I|>lo-|IIHHM~O
z6Kfd@f`pF|U=oS746n4Db&t_c_Y%<YXqi16@i7q2hC)$!f}h}b9%v;a@<(Fl4<{<M
zKlq=TqzqQR{}ot6q+C+~U2p#A|4WQKq(sxA$Euu<ASW~U8SO)qu2B78y?lry{}f$q
zVW^b?<ar98+ICi6Y?M%XE)4evp_vIWKB68}o!vEphS~g?F~$YnM+Wj|-YCVok?R@T
zIpfgS_z8}ym<=A6<hY5e>)K~=XX)Dmhd9moEk7rj?`)lTaB%Ne+UaIW&_*oC*c+?=
zz>u8G+wby_2nLmVd+T}FfNihX!Q${3HG>#)cOoy~$*cJF7JNS0SuJ5;<#o+hQaMRt
z&_phroay-G^%*5_rz)3?Zv6a$1L-A@>40ZMcO%WvNt!q3o4W!q5#V!{=99rWq8F^c
zg#B*hNJ!`3jXae1J*GD^441&Cnh-W!_!1C`=6WhneOUhGQ@kbPb4;O4GeS+TWqc=h
z$69(DXRL^3r?(h-fzMrK+Ba}3LPzcoAJ2|X7UPaON$$~Sd$I-O<ut*Loy+JEQ`Urh
zNwNCtxMw@tZ#&qeb&TsW?w8l2zN<BljRlw4o?n;vLH+yUdw_Vd1^b=jB$p0?KRVW^
z+q2R-GKS2C<uV}VeF6$!+fnrMO^p&es*t14sJSWIwU~N)6>ySQCF-BhvT3Y)*l|C2
zCwf+Lgq3(jK&3)N-$AX#-%=|{AJEs<fVeV#q0y0$<kOeG(b&9o6jG}n^iffuXJl2}
zq_$uGQ#e)gZV4YjkH@}}Wv4QE4#$@8?%Ld6Dvq_7@N|fsk%Li~-iRmwa(_J33Z&$;
zjroZ`9gf>mZA;37&x$YkBN2O(H0&Zne%MEF3-;nHm$?-uQtJ6g?xA-f6qw8=Z3mwx
z?`xMZ;`~UH%9Sd;UzauDI2p)p4=U}?y#>?m<iUwJZQsIY1n@YjJ-hD93MhOrXNvnZ
zAo1r0ZHBP}zvOe?ne-!m`O+X%(Hsu^FjZV9P4lr?ni;nY6?MredGG`OB^B3oKaB&v
zHg7Hi8&2Q{!jU<$sWyzW&*5!BMcbvKNm)uX1*G!BRXp|a@5OftPmV;$U~eUypQ~gz
z*{g|@V|ZRqtxRi1r%6s75^~gp9@Naj`qWc@A@Q;fz!^brI$?e0WMpbCLQQTnWwo(1
zuzUkgm*&q(`VbfIk}~`uFo}oRmFDZw_s<xmI0+KesbtQ-DT+@?*iZlgDnPKD%skwc
z(N(^}N6IxFV`zFJMtBo1<kc01UHa__cW=U1;DVA*so&1U)5Y_-Xw4UZ0ta!;S<=dN
z!;W$$0pCvj>0bnN&dOsM(_mj#HFgkfk9GdHdBS-lD?8%mLc}HuFX%^Omgyx}b4N#t
zd?CnqpB_QQx2|;4kEi<oWWg;;Rk)5`sO_(lTelI5j-{LH!WKk^!lB%s;^{fhg&s3e
z`|1MFGB|lZ5%YT?`!_HNJSc+{GEeVVg+rCrt-c-M@->x=$;>8PdTi9nui_<aeDzy#
z-flMMhMa$&A*8LqHs$z6bPk~)`6C{IT&t=y^Q(|164O@gFZw5Q8G~uTW_ft#v7odS
zFIbmT5fnA_9Qd;%e!-&wL4w8BZWBiNwvSbWIF0|!M5N#sZ)V@wcchDJ<Y@U-Ep?AJ
zA_6y)SK3r765l>YO43U4Xfr+Nt;i{rFErgWd_<d_VGBNa@!$7Ii<w`DH2^SIqTh&b
ztDrw3f@f+FGCoI6ACp8{{&!+6l<{;D8|I4^fW)}Yu6n`P;ubM<AYi^-V<Z4;mu8(1
z_=F2c%`!}_AjQ^gLFC_qU6K^|3%+^uXCg{*ccJ5a*g5BdK=P*<A?SeegoG~otYbsi
z%SKTe2p6eO4+1>J&WBq3O2q1rYZaiE>^Ck{B{wUsM&t76_d|jxVr{~gC$6aiAHXGF
z?9`c5gC!Uw;KGMUIFrAX+8t*^6$l6txCM(_VP2fLu=FxDJaEtE{QLHK{M#y-cOHKr
z(rzBB=4){iKEKRHJ#EZJRhRb!d4k!J_)@Y9Vbd={N2yGA<}Yj~L$W`JBFJK2F79_4
z(VM2euAg~m%TSU#<M=xGY}&Q_kQ7^3ez$ydR9BHi&q6VHydVBrfgNEkU`30bC1u5^
zU0Y9(+A;Lob1tm@+P+e(<=T~OVF&Y{;Cp*tvTikxcO^@ncS%DBM)p+p$;8RfdV^sD
zedFd<l^t>EM{mSWTMqC6WuGtJK8hyuO_4>c4`gy*b7e@fh6Oi*2byY(X{PZwyN)FO
zj``EB624pV<QUbSTu)4g1!s+Yht?0>0B8cQCiN(LgP+`hZsTz3DMCvGzD|z<*NeE|
z55{)AvsEP7nVq~?B~Kr500DzvfA0Bh^Z;tf03|de9!8pa2w}3&;o_$AIa@N3d$XbG
zo&<2<(D84Ip+n7wA!Nu9EjD>uC0^*ziK2r#bqcx0z;Zey^BXPKk;u|n8Co4*|Ay)i
zRwAGl1&bgyw>~w%80$|<jS#h@SGDV`Z_dAhGQSFT&zC7t0|5N7oez`J-Fo)K*YGZ8
zTF&96{gkUt>9#uos;gg!YI)mj+zUoC==KUFOJsA+h>6ClPKbA8r*=LIPWg2WL67_$
zbYYTuP;V)Cb+4hEmwW_Dl@mW=t|tJ>y$oEKSDp3S!$&vqQ`oe5WE4#Ud(%0|^YqUs
z)NM+5_+c~C`Ny}xjt6CbB!Jq+>ExVV8Wf!!QtnWS*P==+`RlrADsQv^II;@4&oksQ
z`##Za9zMle_Y>x54R^hXWX8h+n<n8(ZbWc)xI$|MJ*->rr|_Z&T!$+9y<TCycu=}T
zXoCQ|J^vcAa1pv>iPB9~8*7ON%_9->vnfDf5~>jcWKkP-ZPkgtm@hCczd^>C4o#-M
z03Bj((+!sP0<ZVW28-<WV6V;L0In6aI~FhnLhNhyo7}P%6d_2qSo7VXb^hElOsq8~
zz#CX{{`?V)i1r9UbN<?Pf<1H*75d?KsSpl4iXA4%;Xh4p3|umuM|$N3(;rA|56jyY
zS_bvndNN!!0YI<`SHka>uY8oE>s-I4%rb42ks!=MCp!;h@w4-QUvvKkGuJsa0uXq>
zX)`11)&K;+jEPwAbspV!bBamLhx7`ZP*Q7QuO~p5XevuR9p^9v>G8(}v$fXm_vQPE
znS{sYCi(zSv$lSVQI==?y8wYhkr*}G_U+l$E_DRocI@4CaPzER3z{z)1Gs-6EtEms
zX=1lIEdrrFlLneNV6O{8r!awM?Bgtc-9goC`8y{CA1|Hs4Od5ImX}{CyPwKRaRVbZ
zt9(?}BA+8UhO7<{JK9-xb+N?@@doz`=N%2vr(iD+Y+G+WWCG$90P-?R(=+H-MTTVX
z{O5wKD3Sm<H27ga*DDZxxI`0TKL(YOarH*xeB5DP62Kf*DMJ7)ou2bT<P0c*`F%-H
zl%R3KpOc#>kvy?gcT7T0*Nq_yP6qnA?uNT<3HP~>*u|W$3QDFX{ii!6mP99@ba`FS
z{J;zeIE89<C0CvjQ0v4EVN7&`KS)fZ>JIiMjm-!P=ANPUraOC|Hly4zp<q-@x9*e#
zq-OjQ=vd9bVE^J?L`O32`NI22LH(xBIyr^#CaAesZB-WT_cbgWbK5&5f+$Ue{HSl8
zsA>>@RhYRe9Z%1T3DLi9Jybq63l%6ayLKKJgS7h0`R}>GviNLx?M5l{@sS>CL<l-&
zl~P-oX2Z>wT_e9&_OcETM#>4i-6?q}OxF24`uo`Q8<F*}s(#zwG?Xa;mzowK_ps>L
zW;PUHKGmROm+*<*W9D*j-VDv58#ns!W8Qo>jg7+AG*t0SR8-JY1XYDR1D+_ty*}^C
zDfQ<kfqf6aQFvGkV+a47SkT5uc3nnukY58hdC{U8>`RgDfA{E^UD#fFJ%O#Z$1Y_8
zA_P^FKHXeyusYQIZ23EoYx<LTTd|L&%hBPQwz|fk(H~=<92boJ?2T&6cxx@uI&b!H
zJ9pFoy#3y+(M6;M%IiS`Z0jLN#ts>DuuuM|ZJoB|VkhJW$GYI;?u-fpWYKLUmW3yx
zo%S`Bd}!s6AtpD%HGLuy$VZ^goo9SsOgx@3IWVS#r_;}#H*&#4jNl|6XKHV;Fej%(
z1s`aR_LnF9H~%edset9Y&43%#E4s*@@WhX)<juTKG?eM5qr+W5Hjh3&{~bMD!s|zU
zh|$M#63F(f*LR{T%Omv#dMK0_>HI!Fdmt6j?RKm=3w6dWVGSM)Ah86h;>W`dL61ck
z4A5&X+b|BOVg1%gug^<VIRF;Hl$w}W7XDjub~zj{4mETMT)+F9*t3WR|7`pxiew5e
z5F}`TW<8q{!LH|7dvlqFm;+pL#K0v%(uR(!ylA$nT+Ey<%L0t`SiAme2?=HESI}rw
z!`%<MKx30`mtaLbw&l|TKSU)^jKwbJE_=p4+L689Vj|*-uz{*KjLK9|f*sFjJXG9O
zyNU@=gMkEm+)^JpW$G%Fw^;DM%8l^ZWp<^4XlhP~h~DUW?FH6Z9z`LLdwBv81sbhS
zG-yn;E1&ume(?mN0eN#>fJ!FA1s92Ov{Ge1;=OET<>-@G<`|_&X%pm(L%(9IwBxF@
zs-ncK6n$E9#KHfB#$RJ5oJ;HY9e)Lf&Lf6CA@+WblxaFJ`oDUhJO<G!E}$d7O^4h8
zMkJI%q(I<(SXm|2bHE4>p9t-iA)JxJL-!TAVEO`Xg;D?f`72+U`ri?~%C3_V)gIGQ
zW$fkmcqwyMRUKxG*f#n6U#i-lo~7ahudlV_2vmQ4{K0|18Mw_|S8P6bPi{8@e`s9%
z{nlG+Jw>6o<2R~4{Vb45lTOX<O?qo*ZfR*Q`|Zny_syq?QMBf7F<<@Abl-YDj{BHB
z>>MpEQAze(q-ABgVmpnn&wENn*K-MgAdyiBp!-(i736+j?@}jSWD#0v*P9e&>xQGd
zt7;>$%iO;|=8gw38jXhWSH?|U%cjjQWpOj#|1jL-s+w{4v`J^;EjR#br!_wRTz-_9
z$-EQ9k7+XKTiNDBBhfv1hW~^=#KIlkGyubE+w<o(pKw>x6(rMmC%U-1>GsyJaYVnf
zk95_it8G9^SwXB6vFe>oq;RE7QGon=HuumKwc19OmEYXy^lIApO&X<G2gl?{faLKZ
z7MNP5l_c&K1V>eg6ttY`BziD=lD+>=xJulmhSX9-4Enf(`D90h+ycw(G2&Q(556rM
zL~A2qAHr&xMyFZ-L6h2Ozu(*zFK9)xAO!i`&I&Aj(TA9gt4UMRy6=AU3c>DN%(K6}
zd*1OW4{4FHxoS`!_X*QY(OFbj6teUv4aHb`PER5K`RxRAl-_RB-G<04o#;jzPYTtY
z*W{xsSP@C`1bK9gRo8q?+tR-z2;H^bhEC<BkJ)V1bOjD<^JaaM;+iiSxE}~dQTInz
zyj)<LpKF^4wMf3#Rb^_*4|~Bk&VDs0Cv-Q?l+ictkMonUbiVflX^m4+Df{cSQ6DKq
zH`3*mLSN&2X8guAP!R#S_ehF~_9%v@-9+UNilwn0hmZ#9(I%vNJzmtLH4LSG8fbPz
zOW=5G_u*r7+bqwpp4+NuJh?8p!^WY&2U9UUKW)y%l#KLCbxBE?apXV%a!%l&Y4w)V
zN*UR!6DH-!)E6fzHwH<yE+$Dan6e~Uv<2(%%WnX}^p_DAC}@YX76+w#{tgO~RHpsU
zn#8>iuwkh7AR$tSnBVrt^-KQ{_|%hbD1P3vE&UD=s3}$H6IS}`?>HjD{-L>{HD2-H
zXX#dD8Je|hA`muh)Pj$X2z3rEXF<+Z5)#cvL%W8uTtwQ0&j!QjklYQ&xYUR+!y7?R
z!wk;8B*{_A`a=dZw({4u%W_rO%15uR>!K4{qoxZC=Nk|IA@rr!7StuGB6|tm>gf*w
z;;hs!=4+qy8O~>?&Wt(RC}%d^E9Q>vcy(aenZhy>#3;D{(y(URLXgP^+#XFq|3Ao}
zijHXh1xbnOu=pC#x^VXwKav#x4T_I-jbDp~-RoD*a?;P8*Sae6r_vSM@_%>`)tr7X
znHCYljQkOD=lrSN(5i66uZmroX}jrBUU9!nQ!BYuL@V1rKJQulzxK!fKNd_TZ1FEm
z<~Qu>qoDENko@b{fO>x}6)qzA3~k1zPxflE+Qm45>t`U^$Podqe2K#-V?2g9X@z)p
zW{eSOujvk)plx)y?3IcApB<KV-gr}9i%uq(`y)T~lM5VDZ*q37yr-U&s7FG%Whq2a
zfdV_!myF~AHTEdp_vJ)eyD$p<X0=YuO_&G@gIa7iNhr!1(;@DVSANC~2Fm&0n8qRd
zd@r?F&0eITh;e}v5T{g^a^#1~Nl(?-sD2Sinj!1QIE7VINpJ?kdL*6iJ3_y80EV9;
zIW}w`RkCWw%ILTa;h#J8p{N93GZ;WbD~Fg$3Qu5`h2HxVvl(D7A)p6h4`ZAO+<ZaV
zZiZ50JzBtTDz<`|gVC=cAdkh@huEGcLp<6)rC08&Y8MwPE#Sn(o8eU_SW4INW&l+l
z3MZ*Z#%%y6Hn7XsHx<g=6YwA1=FLfO!%ie=FJeyO$+y{YzI#hrbpT2^9l#oiBHP|_
z$-P%nq0;QdNt%Buz^)FNf!!sMwZP(&Ig>GU;Gcc-PSJ@Z^EWu0i@_Fw1h5>$MXZRq
zd*mes3p3PS0)d=({zxxBc@+iyaY0pr79-Z-a_ohJzzqArIN+8?Y2}#5PdKRTCo#NZ
z7kO|`Du;w-5!hIN0d-PLNH11R;$7SJ9KPat!KMDWtZdEYPkTeFXPT_X_g24F!%m|d
z`@>4xiY$d#R2|*)iCORIIm>F~zo=9{d%;ZsryPM83xk{#^}s}f%1S+#htF&Fl`2!r
z4eZ)i4ow|*jwc8L|0%3Zkw$Q7-m(CTcl&yB^-l5supZBs)QeE1F;t|HC|U6L?zQ4Z
zrA3YFa@*b$Vn(<~hK}OedX-<U?W?!`AewOIvE@6oVQI}jeMDlB8>K>HUr0}C`oUt=
zDpWZ$YTi0quE!H7{XId(3D#9F6;bztZu!TfgWlQG<)OXA_DZ!lJvoEg@F~H$2|G$&
zed+|e&m(VOpAAt<n#(nxa75s9(cMRi2lLL9vk<4jy%FQaCRt>bSj76sRK?1awMB7`
z)wk_ERvninIDgcc)n(6?l6=e9A%`LfhDAoLR4`j#l4|&I%Zf>z;O9V5d;$tMN;2PH
z1RGap^y`WxrFDTM&t@n@QUIN}uVtBLrXA)Lmdl@=7zn3ns!9zPx>A@n{I8g>6F;Q(
zm1F5KF~okSM_CJ0{brBTfccPA_@?~y0*Q6zA=T1*YhM00|2$Wv(*Q(4!lV8A`F_6s
z=(48*Oem~-aN2Eo{;5B&53z=OrMw7f{R1yEN>{&-L5=@Yqw!Hlty$X9;WrOnTj^O%
z(8<@=7G=aMY`&vU62nG_4mV8!|9<1^+#&mbhX+;A(L*x_^^yt|T5Dtwanwu$f=u5m
z=Z}|=`%JDYmn~sz(g*=Vp;h3ZN^of@(qy$40}4?PpWOteYIwMTvn{ozL5=lq{;lLI
zrapum+bsRy%t#c;zO_qLP|3YK?x%vJQAjL4RPXI%*7E~#_?_MIoI%QcDtPQ`qxk&A
zc>m$`hdL9rVrlVaTtf)G88(eR!}e8wi@2X1cJJ5!x^@ryOLaxgL=HB5`Pab(3+3s1
zWmX!`CKHl{x|k*Uu+Q(EV8b)JfP5C`gKLc?dzM%`MAR`UzBG@%OdkpUO^Lo^u{NXh
zTZ5MO5nl(b%pW8Z5}YpFwtQURO_5fxKNH3C{Xwr9W!+U9Vi0;SqgFy;ytAEmON7n5
zBHyc>@V8k-2C{-(Ob~Z`_>VJ`P`_G#-*_~d*udqBk9XU2c>SgIk@-IiT#>6x-gpTJ
z!}QuR*uEy*X7G*PnawEhv+(kJFB->Xk>P)K56I}jM>v>9G`_%Fh7`boop!5J&>dx;
zj+U1*q@a4bvxVHTD>$}SE#^aoh7hS!3#Ei!OQk7zbZ309J7-6;K^7L=6d`w*l6Bkw
z2l3df2OP>?HqoJcLyO2r!-t63sU!N1_QSD;gZd)epAkfsoc@Z)mVK#VZZlPGcZxFN
z%fYZo5IagBhOUQzSh&02jOD@BEi#i=>eu#To_pX{kKaRimCd7>J^fCdc61&gn$_x3
z@WrZH3;2V-fB-lQ;g(7iA+E6;eYjj!8@@V`dWNAq0MU7OMG-?cdB%7?k&j^Dbg5i8
zEM(wRl5J@ReVEoKZQ<8YCVy#No7=9UgT$pNqwGA57w8f|)6^hBkI0Uq5rq5a><-^&
zH{cZ%w6*hTcym*6nIgEf?{zcamALaJY2*P(;5Av-S4Aiky%%xIUZNRH&W-{zm&PLM
zzuHH`m6F?akNO)1PW-F(8YL9M|Lg1z(brgRdy(Pwr+;DKTA%a&q0RP2X?F~`qdF&^
zzAMUuUuzsFAqYfmWTuD967E=VFM62v?L&9x9c}1xjKpN0IHWeEUtvZUKb1+bav7ry
z+>NuS(t+qG-_Tsa+5w1*{t^F7@CdDFq~39;zm*DFaCd!MC8Z=PaV%FxYjzytpVRwO
z`v2i}?iQDxS{F1Md>6m@KCa{Zkxy9gv)dkW-OY-`!EAB<y<Kz^-VS$E)|1yJvt3ze
zQQJyB%gWvU`;(7P$J*-dro&z9;cx8w39-Two{gQ2{S>Eglb>WnIU!z9&Tz~$MGg+!
z+P;2NFhvQhT<+frlcaIZ_QV=SL&1+4O_D++IfNYrJ|;9hgP^|zh`k)0e*wQf4r2*`
z<Wl0u`h~a6Bx~t!hRn`q)iY`8oEGLdH2t#kr*1M11iPFh9mSr+ikQfWk3)FXC^bP>
zDyqZEddhO}ZHuKLV1dIz7;~IlR$-|-zN=hFxI$-wz?s{;#3fDO(Uk|&1=-2Z8cqfi
zC&MFb*%-<WH+pOuDSzN2ngB-@rZ>0#!#OEEQo$6F_RyG7%Ux<Xk@rBm-FFv>SgIoP
zv5cAv>-{p8M9Yt5-s+DopLG+>ufb-Q-T5gK+m9AIx&sPTU_(E3G7YkwWM?7?cVmV@
z|AS2lzyZswUbWD^uezjr<L1D1w^Pl4$@@1piE<h#TCBvVefaht?^YqL50hY4Ll_g)
zI$N?37pwaD(wBic^H7UZhG9Aafn))<dHC(<YOrf7t4<{fTKL0r95G4bC$#7!#53)a
zH4~qu1&WXGxPiU71)Btp@6P!dwl&%gAQr+NSy>qwC$nLzK)799LO3oG2EN~z3~#E2
zu&%qi^pIKw?EvlZ7lqH69)BnDAqVViY%Y6j1VIj&sOsNgo0cVYD9I$c%T%AU3z@0!
zn?J`yNAB0v<`q2XMEsF2)o*tD!%48jZIdJUJ;im9)miqAfTfHlUHeLiSbNH<K!l{W
z6fCi<g1{n;#dS#ez|b7(=z5+;QR40RrmUtVn_Aa+RQ6NU3z^BALz85d_DS)GL9Vk{
zE+gfopLtpIK>k@Pxg{^5PuPM?!zhiaRPj)F`p2nJhwe;xW%{@M4wb3h)J{`8?(YLK
zZcEeX1ei@?8uwZD9uZ1@)pNc)Q_gr0P?>z}pyn_Dn0)bZB<-TyV(R@uE9B%Wc3P*^
zM5ytf=~AzZ?;d*NTVpMseFN%u+Y=Ia{CLre2s1p1Pv=O2o!CzN?-76Z>SfXe?@4?%
z-$<enD3ndo=f4noZY>Bo%E5>5Ka7MN9e*KI!^S?@?-+>Mn_ysup0e$MB>soostU|?
z-)s<WfWNEqq!?ShFT*AYqNu#}j+g^+*09)WbY+7-U37f?>b7Zxw)_xvvD`YwHc~6X
zsv55TX()+7gY8K>VqZ9QAJ0Y5R_#g~UutCi(`|eFMMr|jnn|#1?CI0M_Dx}M&gv+`
zmIA2%7*}ehWV_&%pF{Ln`<y|p`5;*T9uq(>m-J+iX<GueiJ&8@qarv=7cY*8h^Wi_
z9zg!(D#O#r(Y}<9QoXZ7s9>~n53(c|d}|?*7+ac7maxX&afq{f|ElyQBb^dM!*jJ$
z{p+BW0w@4vlxjT!W$d=^U`6~$ABG`HMUYBq(ePU^n~~qoPyVU*v*%o3cKCadr#24Z
z(q-k`^`$9&Sj~k(F@uBv55F&|r)ot+s_n>O#lz2<MOo}<y5atM70_&_nu>$DL0>{c
zFy6i_Rav)j0|X>ebe`0F4P~DAx+cAy3toF#cZ=<64c|O$)5vclSRFIN`Amo=ATF^@
zy@Oli%lz!<pE+bbdQLd0uLQK}Ji)H{P4UIUfY*fb{v;=>HEsGt36x~~M@SoWwlAAT
z$UA^%Tv-RG<l<q+TPAwf?5Bk)34)6>9~oZypiAq=6x!P407~zI@zbNc5L*8^l~mUI
z#$e&;EcO!f!D5y#39I0c@&)1P{Xr2#tIV5x)4`CnpZ_N7*7?1%{@v!elbTI=LUU#2
zfGn`AaBMJP=6!R<jdz{bRZ|5kE3KlDZi3&O#9~M^pxUk`O(k+S-{-*)Sqc5YMxKgt
zBKN}M*BoMKY5W?|w&T<;(1Z^?VfJ1vskPq&6ntO5y1M0kxVkK*be?>r^AgND<{bWy
zCCoz;5qKQGiqBLwHDTM(%XP4vl<f6|1(8*$Mc1Z;S$q5x_jI($seD+OYC&=#G2QyJ
z7U_7BVr=gbYeA20#?a5q{x8gokgz!ml*eIki^Z<^!Bg1uMt5j&tfXS%HqjP=_12rZ
zLdloM(NDNOzhg~tCKqTuFY3!v;)Xo~v|S!ykWnfeN&&-{n5~Y8h%V7va<MMLgA)%w
zG9Sdx5#Rd!!CzQln{M^(-E1UiUE3+uk1L<Ho}PR=#B;0L7dHq3+&|&qJAx1-K>c0s
zT%Z1D@&966xq=ZeUhQ6yK|mNvN0hJW9yqA!413d`Lc(8?C%NwvAxS+KD31D(4&VO<
z8D;azad;u95*1%E&rDm!`B32vC?#b{n~X<Eio>CzD#c?E9sBnZgn)J(hQcas<col+
zO&vCj83(FPEJi_uL!|Z&+}`7&^~MAvpg}A_$uv?yHRj*J&|%dlE(^*3z;)#J@3FRF
zAs~VG4_waQpu^p!17MnfWDyRL`5@$fc=*@qIK9e5Ah}`wZYrR#<k!F0l8}GuR0u&b
zwe(PwsE|vpfMJjvqpt+WL>dv*OClBpHwb}R4ul&7mXHGlAW%z$ef<xR_`k4OF!=u&
zg#ND}ttto+TO@|axNg-1TWwQ-wO5=hEFz*)aEsvmK<B@NvE838dC9@sh7usg|2!yB
zkV>TaX)McpFBx&?A|Q0uI#(0)jjEpxiD{SoBMKb&x2Z!n8h|sdp<Qy4rSods!%CFG
zwC2EDzK>=8dL8}(A6AY?xX}Ki!JXAzcb$7n^nXY;K$J3dYzLXny1mM0@u!=Qs1NJd
zQ{~9YExHRSQ}b9SJ)8Y$Mg?wvqNgQ;b`%Bkt)k|eH;$7=v$O7e-Ih|XZtf!=NDgh?
ziC=$WPF5kxqDlso?<z~(LJNwU?3(xsfAZgD{vH(sP&+~cp{K#q#ee-rFr1^R+TL~&
z&TN?*@!>jUS@!m9jEEUS!amBXgLxGZg&i-#9lx-`Q_-Msso}t-peJtYTx0-b(~>Pt
zKzrg%m-XaE!{bm;FRsG*1Z}XL5@D}|nFj5!E?XD|ONa`lM87)1Y|N9rV$4NlnQAy4
z*+cX(wf$gpOcG=+aP%~|NY*@rnIS}r{y}ENGcjM`^ERJQ1=5X2446nHKo6U*Fv_ka
z)}-1(KI-0aHcRxP<+@h9xz*1idB*60HfmZlYmnV=vHof!R7>l=xz#vn`JFm_3o#jd
zVtvnZR-u?eve3I5-S#Jml!we#R_0FV!QeN+HVcYmK$sXDzeKL&cb0;o{R9TKUs*X+
z?HEhqm4SJA1rr8clbXMExbZM>7^p09Xr!y0+E$X5ZtE-ZyK<&TR;F`joYRgqyv)Pr
zJ|m`5sPMt)T#u{&Eym3ltO;>yENz}=r5tOL7S*-~DE_RAsb7M<{3;w+_U10w@4Jq_
zYK)K488%W>Iinz*XKjub&d~Bf%z<Aky?+i*vwO)C(%GQ0=hQcB0|#_}bhT>*=WcKS
z5VxrP+!p-dr$JwOW1O=69L|;-UWm|vl;Ssvu_pISU1F)N6;r7fIQisUSpPl0zcN@o
zPaCMle+lYc1Swf8_TP`Q9sEYy9%c*e>9GEz{Uc+(QAKC^RMXX^w2E5-sXgFS+26Cf
zB*JGy?1ycaV4BDx$DY+##);-t#+96cUDxPiUNXVJ1I8fV-9^f=*-yfM<I(i#59>Z}
z0gruMEdlPPAFgg&B8a9kzj(#KD}jJ$zocp}v=DL3YGE5Oy;DQcYs6$^!oIJ|-*L7b
zB_^Gsf7pIq`>8u)FE%CkJQ;{wC^99e@SJpp*fe_w_;)`UQn*^-GKDxTS!y1zSPp_s
zA{e9Q+PV?sER`G|^C(i>(}jIFV*l%6Zqjr%oUbLiRp~aUtZ&p*dWow3$L*BeLRy$d
z*Ky|g!+(_=er^eyAB`0xn}$VT5x_UqfA`~V8&Udrl>l&iYCu@l)V|Y06@`%R>)(c#
z17$A;c;#4l+!5p|`eAVm7LyyIA#BdU#e>192$9FVfNoCx^^?)BzcE;(OP1G75Ebuw
z-09_%R`u&wZqxeocb;UL>>~D3D3W@)e(x>DBMyx#-xz14vDvvj;r82iB-D);xZ~v$
z%RDSqMF`F|-#HHGgtobqY8e*D2M?2^XQ9t5a~n=tKkrnv-D+td@^bG9G!z{+(1!t}
z?BoREv)(7?D`ewm#1*i-KHy0q?A(q-EJRZY-ydweollj&ZEufA0oosvQE4D3*lXaS
zDr%Z5u^ZFV!Nr^|{daGh)4{z0-Ev{YSmXiw+aGLolbPx2)M(==ISMz}6`t=Gh|Oyi
zHs{!BluI6eAoXs^rxaPf|0u*&F|u}e#RW{wtF$RLu(a-#ba+3#yo`>fS8+(_F)O)P
zjdYBP{rVb<9F;_o5U8<(%KiPIj!5T>Uqdl{GUa59+VndA-e5+!U6*wY{y_HTlN%d%
zW1$aX+<sgTNfG7hi6ZFfUi62TNj$%ll(enf<Z8ArZ30toms&tr?m=V%(FK)|>#2Cx
z<4VoWPz;4oKe?bY?AqL}^3t6GC7{Z1E&v5(xmB%}AFa0v&2e&PXmKEc;bZp8>tGJq
zg7T*zY^>y6cTJ_;8WkL8PE=cFdyr~M%PjY<%ZV{bq7G70Iyau!ghl8tUes)5@3f5s
zWE52u+S4li(9&I7&IS+0a{0yN_DS3_IN>f1Cyp7X3}l=T)W%76e2tYa8kMKUnF^=!
za@tk9g2d~FMP!;^1}JY=Wq+%ZrKhS1)UbJUm%zmDC-)noyvJVttM4v*_?HfQ#;Je*
z%tgl}2S=?IhyO`Fu~<aw%Tb(g4b8yE7+cZHMW3zZCLhd@?mnCLFnRX8q_c1CI~5o7
zo%STA<n1YQx1)+)+_CyF^iO@PX@W(g>YC9vm7j}*-}%(u45CNDFfp-%*U74Xw|GU}
zh&~8r94!0XBjyDKC!T67X7N7?n7O-O4FEMpRKATqL6fEy-@hN&m|i?SZf?>wOh=L1
zM&2>~+fJY0Fc5GPN_Y+c8cPiF$hb3r`z}u(cW-xXoV~ofZkN_kWxjcF*f<Sg=p%cc
zIE(sG5_@@6vHZR>Xmbb^dckfM*kB@^QEJ016n;>FJuSe}U&cI;pHaf<v^4k1wRLn#
z=d8{O8gbMT2t+4=H!lD)VpUTz<e@{6kS~n&LX^QZoQnpAS;V9|soDl&qAQdXFE;$!
zaAIkAxgs33@d;=^qfR|YeDpWjb5ZE))zH!15vG9f)79P}OiVb{K)lu#Pzzt!=gbN3
zZd_~;)jG*QOlar;<;2u8>%-8dOjbOsV2v>4h~z#6bk>=w_{>J<U};|<*d(B$$(aZK
z{8t0@dl!F(y^K9Rr9UI0U^1t*F*REEL@S)h7$~3oICtBUC~tq=JaqQ)u|VW?_H1n0
z0^+yE9Z~-q{ri0VJeDVBc1lvh8phmTD_Et5(bs(dZ}OtgUCa(<(&5Z+B5P}%h}NqD
zexrdbPExEl<7n|J7skXGVegdR{jTm1@o`k-oF}UA@1*)-W~4fuac9J~Sf*aF9dmNE
zAqHlj^{~01z-Ft`T~38S>|@+8(2a;4E5Kkp>@Oko^Ak2^7-F)DGWhK#<iIP1mfRaE
zGLr%^XW8%?7d<}6dPzqD6@Qj3Ioqt*{9um|-1X2$Qczjsf+2+XQZszgrcFw76FuC3
zY$*=#Rdu!dmiot=i)fg|?dGX7$(44h*g*IK6W#uzPs`isDZbwg3m!J5Sf|U$75u17
z$Z!;fA0b!}2;9PzT>2~NgHl60vqwn_i2RrkXUg;LYFaiDV3@@1IDG1zg6v=%?aSrU
z$lo3c&B%!MeS$82)!mRRkK~E3Od`e1hlAxr%2emy06;UjIi3D*EI=+9Ww@paSLGNi
zne3=2QLhk(xly!z3Jb5<F=1h0Y$`vmi}fkk`^}jhm5M4KmrpzYa|@IMRQWZJ>t=~E
z2yyOj6n*u)vkZQL9Evu2tYSU6&4N`(uH(U=15dPDq!yPlFpzkTV8r^*kBLhwu{3UA
zs`I#~bbQmmr*g($tuG=i`)C1K)&WU@k<k=Y*@||3Y7EFvwR08_;;^G1atr8pVQS1@
zY7t*QRv~}Z67L-z_9U-V(q~YLf?pl*+xc>_{6bWg%}-$Jr-aSr$<tx;Q#bSH0~QuF
z`fL#k%c0154hZybs);gvY501bPVV8|_`JPSa6$))0YG?VDs&5X@F4~NShX2-o%e<l
z#_U2I&fjSWR~}2*N9Ws-I2}-kHlVYdLD-eHDCUIA;WL<Xg21tz{xb%+)fE09Ix(`_
zS?Y<YkGM+$N~#lNnd7#q;eO!aOVDD{j$gGL8gpUe<#iGWUG_%UL4T;~`EX1wmP+G`
zR9^R#+&ym&&S#pVVNRRq?;dEDgE)RWK9^e5eM9I+B&IyYFxKg;_2xtRE1K<IT^sld
z`Q0mQeTNs^M5WOi-T1q<r*;h(6Y6ne;bplFhrqgYCQcBm?lxg+F|XE%G8{p-TD9jd
z$gk`Sl-OAn1lLiV6v!vUeg^aiH?~2g$a(R`;7bED&ZERu8jrzwh9uyBm4$0T((j1$
zR3CH6AsO+p>U7ZJf82Asj}v5N)@|u3MVrs>tN4l&FyjaNt^GBAeoQ3x-8jd!6yDr4
zgV8x;KMHIvj6QMJDvUV#!Uq{qqobvJP6z1f>8S_@P7dhgzzdsU_`0W097f@ZKiZ$k
znxEk)A|~l(^!AgN^6Q$fiV6aWllk^lGdY&CWI0s$C*muGm*JrXu;dO9piNu_^q}77
zMn(Mk7N19aNc;fc^1zb&%PDwdt96}Z2_HrA`9pU`sCEFOe0+-a6E(iGfVmeSRT?6q
zjl#(iT=Y?;X*%!^JhhKL6odK0QZ6!h7R=iI6KY=*QsEeq5uqcG(U(c4tNQ@lJSv+j
za`(8lq6D0?ueZ0zr9}E!9FzXtOkAQw)+jm5=ORY2ZZP5|ph-P4gX);a0PU~j-NK3*
z@GeI_Fj<suQ0|6``@LNDfUGR`+%Js0yiC2w9=zP>UFVt9h8V3)0^(y=n!0?9wyqx6
zoyfo?0f$kvSKPRCc5|4UG1jd?GkHpW2i&{yOEgix=A<O>6|rfEI!uHh(L9t5r!0<t
zrl9z;Cgc$CtUYUoeZGGSLhQ95I2w1#ffAda*r7ee*)o&1;}k1My_gui<TJq7KJS4J
zS29#dS;bFJoHTH&3M<yVzY4(v8ms)$e#Qg%UGRm8)Cf<8CNl;oqO+Fygf*CLbGA+#
z+U9g9doGqKC^aEM5h}}_p3m@51lZ@Fm>ln&a9E}s6T-)u=2nQ45-a_oRslv9A*myY
zlEI}$=`YKz)Y4M0a#5Ss5i@$m9KP||5Gx$$3S7}Hs{h4noO^ZscxrjE=|1d8ntTKK
za=zATi`-vC9Pqa^c}!4Zm=3P9U5d@-H{!&E&R9vw-+I9iVjQr)q%udT2!-0=@(H4!
zIIyPCg9LDi+MIDm+>Ra#{!jJ_Er(M;5GYwWf5S=gKf^2-7-owT_KrlicUa*25tqVe
zi>V21f~$)Okp0y#9qG5_z#EgLbD-{j`{(a8dg7~VnQd4qe%~JV&!fIpWsOgXd)yrl
zu9dumTI;5Bzv!kf7&{od*t+bG?3c}@o*2OexYGrzf3D!SGU=QH&D7ZU2<y%t6R1%E
z8*+Hk6-q{`pVA8H9c8Ym0K;c1P3NLAa9`+MU5haS8ma;V&oE2fZL-fXT%@N7m)C3I
zx4$5aq>p)Y804@HB+S)r-r=$c7%|qir2Tj3f4<p|fI^**!5`|^ShVv{qSc1X%448l
zT#RV0KkDrT0SEffSWYxE(mTV|eIFKZABU@bh{Sx%#~8li2N$5^D3N!8Ymy18qNpkt
zv}>`D`13tW!jn7B1xGc6bN)5^zKLV7^=j-x_j|8Ecf*VLmcVOO!`y)I%|;a)AkwbV
zRyj&#jp4T`TyFpa4(oU7@`ZYQs)}D?oAvU+*aGQV{J*oyy}B6+d#ZkGLe29wpv|CI
z-6j+qmYLjs)8|K{e;EaJs}w@?lp=gr;I}7aGH^c}o1cEk7-?=SUfGkk*0=}VH4ers
zEmBYhW4K^I4t!WsB=pgFTVCC{B(nd|*Xa3Jf_N<C<Bq2?{KHQO@$9^cO8oHV5umqy
zC=g@z%Hm&f#IhkB_`E=U60<v^5M2!j=W-1e<TV|)N<~@QIyyd2xG>*;|L*cIcsJ3~
zwt&6B*99NqFYKqAt{XJapryDDtG=f~8IEe0XoG$mJD=A;*bPpMCdyCaf>SQYv;b4E
zet;$s4QT(#N_;!a?Uy3PWyWAWD<wtQlYK@-IWmmH#%1?mnW0fouHZg5l}&~n_J3(&
z>pSp+eQ0Kfqd8oPbmE{kE?e9+1^S85fT<A)GlV4a7Iv(-KknN=1#;xytb~{tbPgqS
zaysE=-YiAZ^3IAm#$SNO-Bix1z1RNGTQL=xg)02mL7U|26lut)e8%sw0wbkyO)KJu
z`a`S@+scVGaqnx(pSDiMe!%@{|5Z-6igP>L2|RGb<t@WC*o_bcMEKLU%XMec-lrsP
zY_C5Y8wJERD7*ZO0#{2*c)e&uZTc@jfrbQrc;0GH&MD}`j>3$%nd*HdKW`{XmCxkM
zICi01YYl<2n@!<ER>zivqo)X9lXbscaP*)2yAWn*j*$_{mvQ^Vzx*yeNGQ79mH%!5
zkY?2=)xByM)QI07im!1=4GlsdXZJ<`2ceAN(i<{?m*Ui`qe_s?hW(||NRZqMLYBhH
z|5*_v#p8ApTi;#&ezNAaesOx?H}-ufdf5OR9nCKr;>2c;lbe;oqrgXO?96Gog_UMF
z6hQ$!<oQ-|Kd^v5$V^l*;L&X~Fd75H$05a8Weu277fr|{qUq<XesBW{i$|Mt&qr6E
zw@m{ss|$rkMxWQEv1$HB<3pCmy9Kdj;r#MhdAWcEtf(ePiVjL@)gG}tK-^!#Z=9Dw
z9!Q-a2rd;cOv!MI&yJc(#!qb&5QGz<E?HI!8a9d4`bAct&i69}u|B53r5WYH(DrOn
zks7Q^58jn<9SQXA>T2^cMMG+(+?{@~=HBTu$C5Mw#l{=`yTz!e8_j3uPr?BtKfK^7
z*vn%(dCSc^HjD@%D{i0%7lu}ILoC)87*1>E&Thaq-<PuT@xU(6_|4v_k`>N0Q3|v(
zaT)&@ANy-HE8T^FiuE>Q67dL%-_&WA9#M2K^nlmt@U*krx^+<_Lg-niHu8#xf(%fb
zf1^hV6`INn*PKR3o9FxI=Lv1q?#-Wj2)3`yG8|+5Qyb=F5r$u>=HK}c`zo!!U|mo2
z&Y$}z%-l&Bk)X%w@T@TM3&J6c>0|{^olrgTR8N-UMBc=4<nMk_+V(%P&bhSo*b_ly
zK=Axfkwie+X+f6hUZ*MtMe&^RM5;PHO9}$*&f@OVIArh+(Amff=_8Ue{YEU&M)9+v
zpuG}<puPR~l}iay2|ztMug_D9cLy|ZmTe_#kalmR&Fv5yGu0;Z!7lZ67jv&S8&cQa
zWT6Cc`WW@9{9jABxVjp>d>mXRFlx-__d5gaC@CtpLhQj^w9nn@#7-bTieKnp@F5qt
zzYyI!Q9T|~LwGPCl)HoF`PO~gp(<cZ<48T@`3RNqoK5)U6ra_FD(4GI0fv`YwlOnk
z=gNG@9>Ccxx=9IUM(cn=yV#Q*;6F>U<m|mmL5{oI;Xyi6C~}#RSEUZ!-i%;LY%r$N
zste+9Fwl}91Ie748ERNEcXOu0gJhFiNXOAzTCCOd-S37#MjLu0XlvMWH&M~|R8sQf
zgVEePFwxLJrh%?&?R2BT|FF<VxSw7AlVbh$QYnX`JV=8bz?aCEOe^@!hRh|qe2TBW
zIc-AAy+VKdk^4L6ctk;Y!beuE=1%zQRYzi?z7j9S{=B-LV0UL$b|7uf^n@aWw&rVV
z+Tahh^K%AXIx?_1oqpWt_qw0zd*Yo~GyMe$zISKP>P?$GwS-2GE9Pf$3=qEoStmP~
z6V-o2;{gryLK-hECcISK0M|WV5TKbG#Twi3%e#cOlpwtN&_}}wU(>k8ev4FkX2Fj9
z-SN?`i`-<}!Re=;A54W?`@^dEYX1G!*6MyQO%RV0B7s)Or1jw<J0G`}ye7Vr9#O|t
zVj&}O9t-p3Kxs5v6!K#z0U8_ZZ%%+z)cWG+HK!dSZJ}C#TG#{QQCtmL{AYku=lHRp
zZkRNwGyjQNrWLKs^Ny%o#w31g&!^0>V=xAKYytcil1uGDv9U)VXym`@oOrfCIQDQw
ze4sX0xIXaOGpNiwQ=QFH02r?Wth><(P?pP2a^=WjPIbDmjv)k&Y-SlCYwSeaprhX`
zTmTeBxp;ja)V^xCRRQfg^V4}y7O~Q8#k$+P61R8b?CU_-b+MzD=TbBY0lx4iEcmz|
z4)9}b@cOatDkO7GFd?dngd~MN0x_ZAMOmX%pBNdEbVWEA>)DqRoauKD0L@Ut%7_3n
zDPkirG!T+E=JVL3PUx>QsQqS+M3~C9<IlLOF#ig)Sx#SJaOSZ|qn9U@X09S#y`s+Y
zSEzGHyr3W@YZ4lOvPIzlpFq5ND`0v)ep&%=O6u;@;$#6O&3>`u@VYXtekVlh^7*;4
zMJFYM+BVVPeAxXPmOHf14n#QgSk_ZR`b^!Fkk?>lRBM0@94T2k0fVjM;IL^swFgIq
zUmT#ZI?d4(-~LYk_XG(0Ka18}p%;*v6HpwVXyej$$UyK#$hg3p#@TlRV!Diy$^pc}
z@*qIChPP>`DY~b>c;!KQln~wV#$=TPa2lQCCZX1gs$8k^Z(E+7M?o${f}!y~JWkw)
zLgCmE(QwgQkQ=#$X^4f)h5Y^D@y4Zq&?7E6FA~xW#{z*+GAinEq6WtVZ$8Nn@|lQW
z10)=Z7-b=%hC?AfO&%orksgGG<QKI58<luds~V2Up65Y?d=m#t4w}zek#NRgH_p8c
z5IXv6J|$92q+2yd9A_$KUoWVMh%$?}xdNm!#^ps{yb;WRCvEak%5xxlBgujy!`nr4
z^g}LNtKS}E<K>Qd$m;e*L>@nWY)?J99%W_u=&~GyB<n<j)XEkL8a5k|06;2_E(A04
zh}IGj4;vt1B`2YMwUVz&l!GKb<x3l~xaemcmX?;zpC}AEW|z*#W?#_Lf8e^z*f0TU
zATwP+ypCA{1Y07SPMUWxOY4K8qkGdOyh;5Ekj~&>OP4cB9a2iIL4Zg+WYWpHp81V`
zaojL4R0pwnh;CFhasK>AuZOW03NHfU0xm7mPOp$d36j*%0#xFu8eT#K<-Gt%EMFER
z%bredDdCR?gaIzwLBW(XXnBwh1E@xm>`<;Zj6(znQZU&8WRTujFyk@a+qFZ|S@7$Q
zUXjriAS4%rvSPyLgk)o~Jv-ZO8!Cj<YBkBiZyk`~AHIEH+u`kXBlgsTMkmZH{*B}A
z9S`DyKvORx8D^ERoNM`jG!mgw2MNansrPGtoE4GmX;v`wk3WlL$rn)?BttKrr!<V5
zZz<(Q3E}W6g-~yB>W-cpD`@Ow%uU;3F+wO?`)tK(Ri+LLsk&Z9OF^mg7K+WP)F63_
z#e8!RTvvc}2;t&NQ4R6&N;DeHCo)cVUa#=*>#GmDSm+jB7Yc86VW2|cg*y8ACYODi
zH{5C%lKT3Ck~PsVB`Ae($EKj<tg&iEHw-0-u0}8#S_mMeMkLE#)MOSu1rP>MKDW>3
zb~4bbuupEr-TtnP-8js^dqf6dx6jS@^h5YoAKkM@SAftEpH=j_nvs*qjGAug`Ah(Q
zAAmgXRLQ$Q5F%74?8a7Bp|BHg*#Yq+D_S%3`h#KyGl`0(Y1yVP038K<&AO)Lv+;0B
z&F58|@F%pon*kTFewFO=iOk@qesP?Ou^X9V_Mx7(-T1wPy!D$`m@7bR6TtFnwpBEh
zH-GuR8$hgMh!>7zp*nbU5_jU~jY1(XsSpP?u_6E9U;u1l0)u`U!^w~bP~2dwv&=jx
zzn=y_6%Z0*>asEB!;If`-}m103J|bHLr!<nZT<gqejk7U0`mNS+B-ue24NtIRuP|R
z6*C;9y#x#j-9e(h#?>`4XJL8=&Jz>W*?vJLZShU_JD5ej*}n_qzbMF8x>V||=)jzV
z^?UBy?C#&p_j>coG0+M~)~L&fV5<&e1Q8($Z<G1Z6C3WboU=gi7tKjmKt9S)1*P0J
z;~If_Ya`q74D2eYw{j3XCO)ZvlrD{d<~>1#ZG?`hO<okH-pT@9xDpQqq;x4Do0{2&
zm?FZ@7TaTnM_e9vDOW(smjaRngp5n>w1|gXTIXsYthW=(6_9_C0+K{b&1--#Vuca;
qrLZ45jvh5|4t}awselwA1>^~#v<j{T!x_B*0000<MNUMnLSTX)%Ixa^

literal 0
HcmV?d00001

diff --git a/docs/userguide/containers/usingdocker.md b/docs/userguide/containers/usingdocker.md
new file mode 100644
index 00000000..be6daa27
--- /dev/null
+++ b/docs/userguide/containers/usingdocker.md
@@ -0,0 +1,306 @@
+<!--[metadata]>
++++
+title = "Run a simple application"
+description = "Learn how to manage and operate Docker containers."
+keywords = ["docker, the docker guide, documentation, docker.io, monitoring containers, docker top, docker inspect, docker port, ports, docker logs, log,  Logs"]
+[menu.main]
+parent="engine_learn"
+weight=-5
++++
+<![end-metadata]-->
+
+# Run a simple application
+
+In the ["*Hello world in a container*"](dockerizing.md) you launched your
+first containers using the `docker run` command. You ran an *interactive container* that ran in the foreground.  You also ran a *detached container* that ran in the background. In the process you learned about several Docker commands:
+
+* `docker ps` - Lists containers.
+* `docker logs` - Shows us the standard output of a container.
+* `docker stop` - Stops running containers.
+
+## Learn about the Docker client
+
+If you didn't realize it yet, you've been using the Docker client each time you
+typed `docker` in your Bash terminal. The client is a simple command line client
+also known as a command-line interface (CLI). Each action you can take with
+the client is a command and each command can take a series of flags and arguments.
+
+    # Usage:  [sudo] docker [subcommand] [flags] [arguments] ..
+    # Example:
+    $ docker run -i -t ubuntu /bin/bash
+
+You can see this in action by using the `docker version` command to return
+version information on the currently installed Docker client and daemon.
+
+    $ docker version
+
+This command will not only provide you the version of Docker client and
+daemon you are using, but also the version of Go (the programming
+language powering Docker).
+
+    Client:
+      Version:      1.8.1
+      API version:  1.20
+      Go version:   go1.4.2
+      Git commit:   d12ea79
+      Built:        Thu Aug 13 02:35:49 UTC 2015
+      OS/Arch:      linux/amd64
+
+    Server:
+      Version:      1.8.1
+      API version:  1.20
+      Go version:   go1.4.2
+      Git commit:   d12ea79
+      Built:        Thu Aug 13 02:35:49 UTC 2015
+      OS/Arch:      linux/amd64
+
+## Get Docker command help
+
+You can display the help for specific Docker commands. The help details the
+options and their usage. To see a list of all the possible commands, use the
+following:
+
+    $ docker --help
+
+To see usage for a specific command, specify the command with the `--help` flag:
+
+    $ docker attach --help
+
+    Usage: docker attach [OPTIONS] CONTAINER
+
+    Attach to a running container
+
+      --help              Print usage
+      --no-stdin          Do not attach stdin
+      --sig-proxy=true    Proxy all received signals to the process
+
+> **Note:**
+> For further details and examples of each command, see the
+> [command reference](../../reference/commandline/cli.md) in this guide.
+
+## Running a web application in Docker
+
+So now you've learned a bit more about the `docker` client you can move onto
+the important stuff: running more containers. So far none of the
+containers you've run did anything particularly useful, so you can
+change that by running an example web application in Docker.
+
+For our web application we're going to run a Python Flask application.
+Start with a `docker run` command.
+
+    $ docker run -d -P training/webapp python app.py
+
+Review what the command did. You've specified two flags: `-d` and
+`-P`. You've already seen the `-d` flag which tells Docker to run the
+container in the background. The `-P` flag is new and tells Docker to
+map any required network ports inside our container to our host. This
+lets us view our web application.
+
+You've specified an image: `training/webapp`. This image is a
+pre-built image you've created that contains a simple Python Flask web
+application.
+
+Lastly, you've specified a command for our container to run: `python app.py`. This launches our web application.
+
+> **Note:**
+> You can see more detail on the `docker run` command in the [command
+> reference](../../reference/commandline/run.md) and the [Docker Run
+> Reference](../../reference/run.md).
+
+## Viewing our web application container
+
+Now you can see your running container using the `docker ps` command.
+
+    $ docker ps -l
+    CONTAINER ID  IMAGE                   COMMAND       CREATED        STATUS        PORTS                    NAMES
+    bc533791f3f5  training/webapp:latest  python app.py 5 seconds ago  Up 2 seconds  0.0.0.0:49155->5000/tcp  nostalgic_morse
+
+You can see you've specified a new flag, `-l`, for the `docker ps`
+command. This tells the `docker ps` command to return the details of the
+*last* container started.
+
+> **Note:**
+> By default, the `docker ps` command only shows information about running
+> containers. If you want to see stopped containers too use the `-a` flag.
+
+We can see the same details we saw [when we first Dockerized a
+container](dockerizing.md) with one important addition in the `PORTS`
+column.
+
+    PORTS
+    0.0.0.0:49155->5000/tcp
+
+When we passed the `-P` flag to the `docker run` command Docker mapped any
+ports exposed in our image to our host.
+
+> **Note:**
+> We'll learn more about how to expose ports in Docker images when
+> [we learn how to build images](dockerimages.md).
+
+In this case Docker has exposed port 5000 (the default Python Flask
+port) on port 49155.
+
+Network port bindings are very configurable in Docker. In our last example the
+`-P` flag is a shortcut for `-p 5000` that maps port 5000 inside the container
+to a high port (from *ephemeral port range* which typically ranges from 32768
+to 61000) on the local Docker host. We can also bind Docker containers to
+specific ports using the `-p` flag, for example:
+
+    $ docker run -d -p 80:5000 training/webapp python app.py
+
+This would map port 5000 inside our container to port 80 on our local
+host. You might be asking about now: why wouldn't we just want to always
+use 1:1 port mappings in Docker containers rather than mapping to high
+ports? Well 1:1 mappings have the constraint of only being able to map
+one of each port on your local host.
+
+Suppose you want to test two Python applications: both bound to port 5000 inside
+their own containers. Without Docker's port mapping you could only access one at
+a time on the Docker host.
+
+So you can now browse to port 49155 in a web browser to
+see the application.
+
+![Viewing the web application](webapp1.png).
+
+Our Python application is live!
+
+> **Note:**
+> If you have been using a virtual machine on OS X, Windows or Linux,
+> you'll need to get the IP of the virtual host instead of using localhost.
+> You can do this by running the `docker-machine ip your_vm_name` from your  command line or terminal application, for example:
+>
+>     $ docker-machine ip my-docker-vm
+>     192.168.99.100
+>
+> In this case you'd browse to `http://192.168.99.100:49155` for the above example.
+
+## A network port shortcut
+
+Using the `docker ps` command to return the mapped port is a bit clumsy so
+Docker has a useful shortcut we can use: `docker port`. To use `docker port` we
+specify the ID or name of our container and then the port for which we need the
+corresponding public-facing port.
+
+    $ docker port nostalgic_morse 5000
+    0.0.0.0:49155
+
+In this case you've looked up what port is mapped externally to port 5000 inside
+the container.
+
+## Viewing the web application's logs
+
+You can also find out a bit more about what's happening with our application and
+use another of the commands you've learned, `docker logs`.
+
+    $ docker logs -f nostalgic_morse
+    * Running on http://0.0.0.0:5000/
+    10.0.2.2 - - [23/May/2014 20:16:31] "GET / HTTP/1.1" 200 -
+    10.0.2.2 - - [23/May/2014 20:16:31] "GET /favicon.ico HTTP/1.1" 404 -
+
+This time though you've added a new flag, `-f`. This causes the `docker
+logs` command to act like the `tail -f` command and watch the
+container's standard out. We can see here the logs from Flask showing
+the application running on port 5000 and the access log entries for it.
+
+## Looking at our web application container's processes
+
+In addition to the container's logs we can also examine the processes
+running inside it using the `docker top` command.
+
+    $ docker top nostalgic_morse
+    PID                 USER                COMMAND
+    854                 root                python app.py
+
+Here we can see our `python app.py` command is the only process running inside
+the container.
+
+## Inspecting our web application container
+
+Lastly, we can take a low-level dive into our Docker container using the
+`docker inspect` command. It returns a JSON document containing useful
+configuration and status information for the specified container.
+
+    $ docker inspect nostalgic_morse
+
+You can see a sample of that JSON output.
+
+    [{
+        "ID": "bc533791f3f500b280a9626688bc79e342e3ea0d528efe3a86a51ecb28ea20",
+        "Created": "2014-05-26T05:52:40.808952951Z",
+        "Path": "python",
+        "Args": [
+           "app.py"
+        ],
+        "Config": {
+           "Hostname": "bc533791f3f5",
+           "Domainname": "",
+           "User": "",
+    . . .
+
+We can also narrow down the information we want to return by requesting a
+specific element, for example to return the container's IP address we would:
+
+    $ docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' nostalgic_morse
+    172.17.0.5
+
+## Stopping our web application container
+
+Okay you've seen web application working. Now you can stop it using the
+`docker stop` command and the name of our container: `nostalgic_morse`.
+
+    $ docker stop nostalgic_morse
+    nostalgic_morse
+
+We can now use the `docker ps` command to check if the container has
+been stopped.
+
+    $ docker ps -l
+
+## Restarting our web application container
+
+Oops! Just after you stopped the container you get a call to say another
+developer needs the container back. From here you have two choices: you
+can create a new container or restart the old one. Look at
+starting your previous container back up.
+
+    $ docker start nostalgic_morse
+    nostalgic_morse
+
+Now quickly run `docker ps -l` again to see the running container is
+back up or browse to the container's URL to see if the application
+responds.
+
+> **Note:**
+> Also available is the `docker restart` command that runs a stop and
+> then start on the container.
+
+## Removing our web application container
+
+Your colleague has let you know that they've now finished with the container
+and won't need it again. Now, you can remove it using the `docker rm` command.
+
+    $ docker rm nostalgic_morse
+    Error: Impossible to remove a running container, please stop it first or use -f
+    2014/05/24 08:12:56 Error: failed to remove one or more containers
+
+What happened? We can't actually remove a running container. This protects
+you from accidentally removing a running container you might need. You can try
+this again by stopping the container first.
+
+    $ docker stop nostalgic_morse
+    nostalgic_morse
+    $ docker rm nostalgic_morse
+    nostalgic_morse
+
+And now our container is stopped and deleted.
+
+> **Note:**
+> Always remember that removing a container is final!
+
+# Next steps
+
+Until now you've only used images that you've downloaded from Docker Hub. Next,
+you can get introduced to building and sharing our own images.
+
+Go to [Working with Docker Images](dockerimages.md).
diff --git a/docs/userguide/containers/webapp1.png b/docs/userguide/containers/webapp1.png
new file mode 100644
index 0000000000000000000000000000000000000000..b92cc87d65d45c4cb5b255a089cdb54bbe9b23e4
GIT binary patch
literal 13345
zcmb7q^-~;NtoAO8yA}#Xio3SB7k76l#eH!r?(VL|rMNp3D-OkB7q`XT<$Le<7u=g)
zGLv~Gc_!!NOwJ^cDoWBAsKlrM002W)MnVk$fC~TsfIwu>f0hlx-Ae!f1W-}XkbHlC
z@9Xb>etucsgx=lV)z;Q-ZEd~1zP`P`udS^O4i5f@hps~}uP*m?cel5<kB*K{kB_f!
zZZ<YH-{0Sk4v!A@_YV&aH`X_fj$kJzXE50D?%v+%>B-*CZbe1q=EnNY&JOJ8V0|6B
zzPWL7bbNGjbbtSFa(wjg@VLLXKQ=!0^70Bhgk4-*Y;A8H9>I=a$2+@w$HylJu!F1X
z>z%DFC=_yYbNe5ky}jL=+w0A(&5Fv(?d`3~it_)^u#@BM-QCU2^{vg#ot?d{?QQ59
z<nr?B`t}C;A1m15&hE~@;K2XTJUAR58{gX5Uf)<>gFr{e#t#l*{e69JZ*M!hTlMwz
zP{{fQ^gmhM-r3sQ*_oM{*+1An*xkFny!?+C*wMkt%4%bCyS%*o?CjjYK>xpt{FgC%
zJNtkC{*8`~K0Q4-J3HUKzb`E<Z*T2PPEMNs__4LUGdw)p+S+n+bJN?~tEH)NIN6+$
zkr9+u*Vx$j{(9Ki+4=r_$HUEixH$0s{wyXU>gnnA`1(HZXW;ezWd7tX#oPGg@tqO~
zSlYP+zzHfUDC-zmzh1Aszu)YfK2AX|&Nioc;Q%Fl8v`2`0D$Vt`}^eK?fhUh<j*fz
z4HH>usr#+|xP(N2SRer4oLe_ETNRm9-tlm}F;<;wp{It$sRwVK>y}nk)G-$p5mgjq
z{&2B>cR1g_ba?*$?ykaHT#(l|y5=2S=xMGqIJ*vjWAytW(DV=X<0GK!S7c9u`SN(r
z_U+s4)4N|l;Mznz<mhf@6=nqXdwsap27oT_pBFkaBWw%<eotN=ZfFJ-Nm~Y4r*%}t
zI9vKB5fI{7$ibVdeg%-JXmVo=HkW3^1jRK>A6-2H;7#6NpPTxp8$%V79Tj-MIqg;1
zF}f%<)xW<o;O-oq2jzEHr3EJXyOd4tcV>FPQ40Y<ABsIh*B2%Mq)v8U5a}2>M#@|O
z(vGYK5q78m78xrw%UF5=ZCxS066a6Mcp}R#03rZ@9U?0srr`-ZnPhS}{tgJ4O+aJI
z?EW;GB)gSw?@8GBJm$sgo|Tfe3!=i{FZ1_bE>otnH%W9WmO-GwTWykokCNm{Xs3Rc
z?E8Yi7yU~&+egf16C!2^HGp15ujOXvpIv~1@6VcMAcpK|lc7J{)Z5z+_xamU{_gLu
z<RXo`x-{cZS5<j9d2LDYb=XsD@d)tvc=$Od|K<@ikmiAQ`tG>933VE^d$m~-?jKs1
zxMa^Q@vOPnWeebbQ}vW@!z41G=MoKy1mM^O#FV}Jxl8@4r5g~&_{j^C`+V;><`j{f
zr5{K<$gA`DOMr@Xu}>e6Mt6qNL;38>0^DjGe?}~v8yDhay}A1=nph;P&5f)ZgJo%?
z+SCQJ*MM2uuMI3<NH+>w{F0ol;#ReGI~8xc-ww$mh9hRYYO7nTPWK7On%@(b3BEa%
zgPhS{xcYWHj^|p<*tP4hk}oxMh_KonIC}^?<gor4H~)6zR6(um@!WRhyuwD<TIJMv
z+g5|VCT&>b>D<u;?J(GNo_t(`rjwL)vbFO4>f76P?oNyLuPO5ESbOkm7c^W6k&fA0
z^hYtr7qY42s^}LJ#f`Jb(ph4+i;xIlr<Jf*h*D^TBgQ@b(LyE8Vu@_p*EPEC8eq>Z
z<@Zr`+P+vx+poi~li!e8`^A-ObNqBKYzK=laeN`?(AmBtqb9p~#r4(IRMfbaPXG$P
zepUy07`TP)@02Qhn@F#UTN`pdcArBxs9_-lC970i9m4KT`3q$8YfzN6m3YX~f3>cW
zFZlwloCiERI8NLz)AeuGNYkHh(~k%Du3Dd8-H%WAPoGBiTn#%6z#S?>JB5(HEn9CQ
zzi!XBJ8%YpFK@tp?g38bTAUnSN~xH?9pr97frqG$js~IljN(rhZ`VIPl>MgfE?NJq
zFT7;Dwy}%faN;+nJRRnRPB4_?++R<8+Yg;%rYXmjwU{#-Q;<#H{4N2?bD%+BA(9A#
zeWjr~;c_?G^>J4WrrNV$9_t4Su$BIfcX)#R`$KuD*23c5wVNTo(lBDr#84=*FHvcZ
zH;+RVT(V0~X39X5b{bFQqfjx@Gx(d&VWnY^o|va!xBe!bh%I~fuw<9zuGuqk)$uZ!
z>5{PKi}tZmCDY^R!jS_d__~n<OPd{$M~kp-WP{A0;>^8mFPy2~+p5Ch1<cd-Pd+9*
z8#XnWPEP{)RMNgTnrhr}*`K=4&rR)8;lMmpv;pbq8#>j(^hiFXT!#dm<)3Lm>DhM8
zH`_y2G<Aj)s@Vy>v+=Nkv7@ahaWT^<x$tfoela0f%3YJ7oDn)p2QM>AMi~5M#*hm-
zVlSUl3t6F$NUqy~P)=$FSN$$&zth5ne8lrtnwzg~E5+-9t{Q5Gocb8n>eS5fSJRz*
z<@;sXLCI4Moo{Zxop+mSF0~Dy)SDIgRfe&&ZyR1f8rSYUgHmC6@7)%W53T6<>*ub_
z<KgYPHr?y8<l|v8v??gnrc;Twz3(30xw!kZ$qh2MTdE;*JE#d4@I6%u_jv`=QNL{r
z$&x$lDUojP|H$-f)ARv5btibE{s`3kma#Bcfz`{^m~aESubkpUVz^tanluB}s+UrO
zIyp1xwk6FM{g6Y0v+L;T2)NMr;g`gqX!V%2DTp{%dFr0_HLtFC5DlnAQt#!)`^j@#
zZ~p!3OONTw$Te>sPD>TR`u&I2+amV3j1^n`*BE<DLn|`<cCxSnjHUv`h3v5AxXaNY
zzqXy~XR!Vym0R2GAHTL|OOFtNmOoo@867UO{~%#8#%<@yXKyEqN-E$H>HC+HJS@Uw
zq^nS$UGRFYK+C^I{l@QPkn63pN&8H~IhA=GNZOsF%;yV*?wOPB$M37r?8y-o&f;{9
zu)eqyCN>5dt{-JHdF~7(MxfPvEj2aNi61##N~HnHQ4{jMw_({1tUMlG+5dGQj{d&y
z_s{;tll_t3IPl@c_(xIqrF+A_2HU|4w<%Ng7m-zoN~&tsMxx$XR29$oxo5r&*zADu
zu8NMKdx+C+PHrAlUP?>h`V+a!P)$O@zp^3H+u7MAedL|)6NP;Gp-wNb51sWgZz1fH
zESPLX>7O#t@T-=)!4xC=?5D4!5b@IM>|?IZsi_Y^$b~0@y|mQSFWJ$ZV>B-38iRj_
z>Sd*wtLY`1Iu^#9c=;)*w^i(*KCEjhpVrdjtLL3}iKyPh_{6PL<^J(<cC;>KOW{b3
zCmpfezczQW+y&oYuOvkt+P@x;8~eQtOiF`QE#zacr)WG>_lQgree~y}+->TmOHG}m
z%h!&`im8esF<Gv#U2puTZDsYNAa^QAnc;FFO&-#P!AlODKi(}{#}k*%<_^-Im8bLH
zsHWfVNT#PZL|z<yHeT}|-cO9E$&=zj89w*nbTZqojH#rF&08^i!PKm%qn`f-PgqQ^
zl1$0K_Ay-Q#2K%edWW}AmWDWUWJ;f~zm;{Z*4XcTZF~}mgIRpmof*oaH@@yO;)G6(
zp7!I0tneFp1r0*1o~VqNU2QZ}#aTk4Or8wI-j$gFLOOGVEL#ihaewWRKXiCro7*dD
zTj|U;h)|Gjy6Z98?C3?$Qi!u-m{nm4Hzyzal}lAF#YYKO@r~D1nqM!X{<LKi86}0U
zFrDgd;LOpm2D(@MyqUgXC>)jj;lOoBbOD2|rQc=mcOk8c!@h<GiJhSJoFS$n$wf%}
z6t06<@T853mtkjgvA1YyT@hqbmlbPJe<@}9H`bTF?B*!GabbCcM)XD!8+$9I9&rDT
znd>A$XF&&r%LHuJ(qw7Zjzf96)cfm9P>_ihm$%ZunC^Q+r+e?q&&U18-0?{)x<&=b
zX<gM=jKW`^xa&9#EPd*{{|S$#)~@0q%!M)1DkkO`A|^4Zf7NV6muXpYGtV>VEZgV+
zWm#+r7$bRJi!C>59_R+!^ocIC*w?riGJL7b#1Pg-M4<DWI*P39a0=+;9Us0ksF3cU
zs9HPlnyMtzAYecKyTgk4UO(t{*U1{1dHIU+P_^;%?P$99!L^+<NF+;k6d#VuV&VJk
z0NZ)mb6L6c2?|EjSd}7@o6<l>TF5l<^0kUXLqC}&s6eivv;4X~OJNZv{p$K&mS5u^
z2NAh7bGVQ0ah*Kk(}2LvPjdWS@yt6$q_O_>K?Kwn6P7u1eb&1P6YE*B(#WQLY9Rb0
zVBT;(27-DMHd#F7hA(`Ik+O4(!)o&Ka=MagDk_W#r>uogL!6m^jLd}P5oi%nhnf=D
z+M>FK{@|sm<Mn4>E*8aag5g4MjsCl9kzD5!&piWtk2&Ypg69ef2z6kS00@}QHJHdI
zbHtqD;v98yxRUYPQwBK$D19LwZbl>VH-#MmcU_R&pJIh>bEoPumRg7foVi@6LnybI
zJK!(;y}DgQ9_n?wnV|WQba}NkS=TK5PeoReqIkpFKIFEnAa&LlEqpyAiurp-65>^N
z9~lOEB!9GT2vL5<FM$t~DtV}zO{FlZ@Hsj}hngqpi@wTFD!-XfIQ1CPSsUX_t#)J9
z#a+<rbTjRuswiQW5h=@^24C(=-|jpqRgI~#4Znv6sUYGaH!+~Hi)#;=H=0<=aT|`M
z9A{^B>XG!TG933KZvHN0hr`L@$RVXqs*<qA9CoD%Bfdtp(PIm>p}sM>N7&*%nFHpi
z^9ohuY_rxp?K25oz(fx(G*=T6*WS!GRj0sDI=4(n?EBLCMg%Q?$Xb>Xxr*1Bs;Uw(
zn(1G#;w((F$IZsZ^*=?!2iNZtCzG_BAT)~2?EXk#-?qaQ#D+A`S1m8|W%2yt!!CEM
zWa<umB>OZQ@{!<VmSm^i1bP2&{)`U;&gG)FAXzQjVvmkh)R6ciU;)v}2@UzaLIwfs
zJ(p7nlP`d2x}3GARn?Ll2R>xwZ})ni9R0-UCVLn-8sQsgz<S&e_Wo+R3I6!7MwaF8
zxeGSZSJyujb!Me%36gYUgOe#ejTXnt5GV9bQe6BoscsO}@Tc{>5Vf&hjRJst?EvRb
zLGA6qF@W|J9zhEH#ja#?4uPN_70RtLWY*BWzrLV3iQGj(2ry361ui)7{M6(Sv#=}4
zD598OAp`p0<g;zxdj72cW%Y%)QWb0rj{0opy$0t(9Kbh#$y-)cmrzx6(DntO{d#l`
zxVR@F3V2Wb*jJTpy0`xDi*7j=V>m84QirnMYn&k`tlK?TfRBiz4eNV@K8E{q#*gz2
z%fafno5!T6_lgl-n-twle3EOjO*33-8{9F+F2jRb<IHVmAO<210@Zg+B-ZS0#NQuc
zz-tNZs*#Mmnm8Fcq~$%G6=W#+K@3nhi(-d~2wLWUVezgz5B8_cVvc53PWt-qD%7|)
zw3K;P<pDbME?P5XG8q%8X91yeME-NA2Tie^r!6#Ye?eTJh+-zo`T85JRKLG*wE%V`
zIyTcG;;`9Y160Zzu0qS4#X7%c>s}(J#{uvb$8k~u(;E3VlC8oMAK4$5{9`?-<k>)n
zx1#+$CIBic@pTS>#U8gTMVMMB=X23s`vI=(n_fyq+vc#e8h%v#t`<JfDa9UD1wj{X
zASnytFpnA2Cu*qf%TQv6{j`c7jh4~D4obBn(r&1OlElEDb8IbPC+{sP-G$D>i89dw
zmy-~J0fOQe6ZimqX+YQA+dHoZwEei|n4rB<0dVwEd`e-8$@7yIqi@y$KyA(=M{_?8
zC7CKl+KlTzLk3}MJ?OqvkD!AG|L*7h?ylLJ=n3aGMg-sMD?{|v)zu5aj}^~f&Ttkd
zMEcBADM!sfKj9F}xw8Q>xWdZz_Dw^oaAOAeWV8Ym7~fTRkn6W{&;$tY99C=+HN;fl
z#Tqgu1BZ`nqzYEx8F73OCXV4E(A8YELxK{f31eIlqZ}C!%y<?dQx1aw_*{x?&Nq5U
zGbL%C?TBLVuwrLy)Ye5VjbWeyVB7H#vQoImF330<=aeLq@&fxk0+S^gWsN}qtLX;k
z#hVOPDXB`-Xr<aQyF{lkgnvxH>Kb>{b$Ult;BYXApW2<9w#W2#1uS8>i>wXYf(2Nm
zL;?|xwAFzx2t15{w*2uURM?x8i8Za<q`Lk`|2!H0*@++Jw2%2&+i<_<3&<6)*i{jd
z>X;bYooraOZY~CT8Cv%VLyknho2uU`i{+qDw6n7S2KU|7Z8#5_X@iU$eK{KSJ*>r&
zr%6H(p2QJ?#AgFXLsp5W75)JXI308@`f29E8v9%U7?66AyVu7-V<Z(25$__gpcBJl
z_nw!-Y0q2#9bP)3`yG)waKhi~;-%!<VJu&oN6yRJVB}df5?|5mcY}M_J>6=Nys{J1
z28rOb$35ohcAML)KDmj8OYPaK-)3I;Iv_x3IIc$qchEflu}2`HN`*f_Gr<I3v^!HX
zO5p=V1Tp-~%)jic?M*De-Cb*OB};3NCLZ!=RJOS*s?4wbnL*o*j*jK=Wkb(i?;nPy
z6aYAVkfg<ptX6XrNjqsO{D*EArtqI)#`2N6ZcN-RkALpk(it$3iZiqWp&c{&1tqOt
zHbfBnVD}r`m6-;<v;d#BI6}|2=>spn+s1ni?wKFnrXsETSWjEp%FcX606!OJAuQiI
zJi2t!{>uY8&$n!C-iOtt3}kJxt;LsEk-)~6>`(W7YyK+(nxBD?<)v=Rkrf<3Xa4uU
zdBWSrelf4=&i?>E)$W&Y0OZ}yUbIY%od`M!wC(0|yZiJHrcteBM`~S<m~zx;*Q`IW
zV=5FT@UpU2)xOsE5W@w2Zlq8b6P1p{NMJzNor3sZNeL#}(yGfQrB+M|J6fu(&uAzn
z(4c-!W0ECN0D)I0@?&h2ECB7N<kwXq?J9Mbq<*(bM6)B`&xd4dd@av*7SUOAjkkrT
zuIUk_fP(%0J#Mp?nu6dhGMyp+PNw(e_1hQec;~YG?f2&i(tWn+Pf{q(yM}(S-cW$j
z$PjRunMr`#@l@C2ZYBcshQd&~b)(+nKphDC>{;idKfX<<eF$HODm=e-#a4S`hVqFC
zF70=cdP2E61G!v)2(2<W<_F7HjS`K5a*1-$P3;f2W!G6%AnXkJGce$nn_^?6O%P>O
z5@nIWhZiC#8rw(zA3%284oMXqs}GFM2Okvs<1@!5%Trl`Hr+p`ntjrPoN)kHnaR)!
zK2rsZ^IX2rA@TOP=J{W5?MZK1jKWX!{cE*#s@w5@Tv7w>zBeF^t~tDUOuI1kZt|Rn
zr8kdgci%AIABDfvV#XDR_5LKW%y2GcV}RFKi>E`pb3qr?`f$#>Dipwst09#^Pzv(=
zvW%2%?5!g0kW4r^*{rV|`<b1IX|s;rLAN027!!Wf1TaERWM835Z9`B89M~O;($m{O
z-mlU4Zj`<aSA~k897T=B`BSkpEh%3T+sW}S)n>e0N$a-s5gP5zy)3Jo{e>`voOzX|
zyFP*bwY@3e6OZM7c~liA9I_p^VE-PzGt=~yF{#1x=V_6tkJ5x%N^H96h?`-CfRp}k
zq5y&QJrVB=CW*;s*7yBu+xPGTq>G%8g|GYp1JPftYJ6#@{v5?MhUc06Wc8svgI4bQ
zdd(gvB4O)&MAhUmiL?+kc7l*)sPtYGV(p=3=^CafXo&u3{mbZfkbAv=sbAnB(QFr;
zH{Pmul7d~ePaRY|%DM0%q~oZHtAeAzDyTqCqZ!$O$!SbUvrbQD_U8mX3O-JtPPN8u
zbma$HOz|eOCavG@I#m>%ED{}XecOCRm80mJat|MRtf-J$ggwnx2w#xs0bxEwgkNv(
z-D}9vHXW6nLUS-F+I&vEiu(Jiy^zi_CxATY6s}qrARV_yny_>vUwziL^JR~l8P+uu
zi->%wqHumZC><A|{1~R(?L=KdMYl*Af7tIWp&JNPOva&=1#yHw`;z5~o)a}2II0Df
zt2YCPm_AETVh~q53@S%on*2bzRdKr=v<cM9kx0_$EFE+26g{n!#5-}RJs)hiZXd-}
zjbug(3Z79*HZHLtQq%-jx})P(r_~jFiI)d~HALVk)cWF;FhCE-!Av3+CQWkZ7n|!I
zs+vu;av<zBOi)DmBvHloVpktvm*2hU!V`vv&5cT7CJ_@S#UIWupgMtM>rr3my*C_f
zbpG#g`l07rYz`tthGG~@c*1%nn?4oM_q<jH_=PF9FBg!8XH_BT(ZUWVlo*=DJHADq
z&EX@Z>nY`#)+DM{9RzTVkjphmUCs6DA6nGKk6=9M`(&f=WGwVmwoXv7g};KfsLW2g
zS^~MV_=84&?oRYchGdJ4nb?qFu>qx0RVi+7@>oN%-tVN1+O}bUr{Sftjg+Q=+Cwm=
zCwnl67{m7d>P5dcCb-rdksS(*6@rZUN~<dME}AL;6M!A=wPjq$3vhkNfI)(t?x7*1
zMY8+uI2b1{1-38i(>}vVc=pJYdv6*7yJi-%j8@o(AEh69ZVzHam8t*b7^}q*^x)q4
zZ!wNmV@C`X%DNMns5Rory7T99njBBen>W^nS}vui=o==9$X?>ze6y~qSHWn|EMp$6
zbXPZ>S0_2o*N2b#TJPKdyOVLW0)Ep2C1`+cPBujUXvl)V7JjIKfQxWvQRc>7aBbe6
z|0|jhQpiET->;pIt#?!i&sqK=Tmj5TKS?7q^FV)qzs%|Vd;5RofsFR|)(fw?x)|PH
zj5dB5BFqt~oZxzUZR>ykCByFqa9ao8YXEf7EyFS}zb^u}{7pK8|1#pdzUiMInZrxr
zDMtCW99khqH(JEMw-3}jR`jYZyeRdSR{8<OI++!aCnk(!2RX~sQJU5V9y)b3B?K<f
z;BvnH4m-tPUo03S#`%Qy)=j7^jvKuImwn<&09kQn@GC5V-!d5RjT~^Ow*{L}+E`=i
zaFtOb^g(R7;37H*F-IylZwp4-P&6;7KBWYgS&x>a#cf>IR{#B<3fxoDLhv81+?>0w
z>EoF4O@~kL*Xo^4qJfy7`T#ZA&4|4Cex1iAE`4qR^^vhkk~aH3spI-)DGF~q3+V#X
zB`m@ve?I%+ewat>)!}|L7W-a3Lg?tCODwT~gXqW!B&p<;XGWW*)XN-DvPhj|#QUnY
zfB#HcXiP0veoH*O(WUE}CKDk8KL&RGqVe?V&L=3}^d!4S>V|CCv)t06qH0v&RxX6A
zaHB+tanj>Ai}lb1&X^!`)Xpj^0cMC)GRW^w{#STH05c~4s#b$Gj~%p^BcaVrwBMk-
zdS>tQyH{|ZW4__dx<ekzl{tKZj~BuFa82gOUEV=2UxYNN{CSVc1)0GmU_|h;Gj}Mw
z{_S4+jylAPQJe#WU3587eEG-qjED?@3uNYY{^E<}h7}@yjRhvc<u%u7IsajH%?ffE
zVfz-I$VnC(uwaLiL`jJkfQzU(G1Vu37GfXMXVt{-A(ipvOUPHET-xa3e_}72Urz3;
z=s!_(k`K$kPjal?G?rQn8|NMovqe=J;|1n#FxVCrO&EW?i^iZf;9mRTFto$t$gCys
zW!FCbbNm(eG)-G=DpVVv38h%m1_t<WkY=Fu1_#L4@)a$<cf5YtN6rhO_;&|B27DqH
znSS3N-OJxXW`KHAv~!*M_90Efi55pr|K2vf>KVA+_=9ZxO0o~z$z&j2Da7=*zJ3PW
z+y0jTQ@8-*M!L_#d3(}tj^(X;Ke~L5O#o%R0R*>_ozF>F`+1QLwy@J^cSm5X=c-3n
zXX_qyR=gz!IL3^qAT&jj|GNRa*~)8j5<H@*J<p#@>|iEKo)Gh@qJA-Kk4Pd~^GZYN
zJFrg9R-J%ECv?3aB&*LD3N2(X;1*W+O<a>6iD7ba#KuH&E;^@5JH<}G67wL~FC+LN
zdRwe+dd^OZqyNJ9vkqNmb;sG`XTYy7fM1HfwF5buymXf@w0?(@pm34j{t`R&o@U2>
z5`V2IovaShJ577Na*lbQhsgjBDR~(}57u@}fZeoS!3-<M4MA|ifJ<{MSr-$D|8c5W
z4D`}K@RAR3!pnEDYz`1$y%R>^#~8nNL!=TuZ{cD}k|pD}pZnT(xb8WBe0=uee>Yhm
z8Alnl(?}T)rSOV44rBgZ=beB)W@=f2X?u-qddbQfO~cwq&t@t*K9Rs-vaW~s=`JBB
zsVLvXAy1r@Owi}@TLjOgzRuU>QWD}D=4;c#nx)#~?x4px4eegNSA!hg01>}iL+;wE
zvIGo8T%SBjA3P__;D()|M>enje&>t!s`U(-sk-7CNr&C+4`x%^=)lN7p?LMY%a3o)
zT{@y0(k7OXy7Tp%yo!-BxNsSCCmZYDJvk8nj7M)y-Pnz;GmPUdn-7c}M0rhl0sbfF
z`MK`{vHhL-zW;8KS0;OxTym%8);DNax(Un9&qY|`poESuk4ApM7tc_CKiGwtBm1kp
z50q^hZu-2&ktNsP|M|BB%;J7PK*0Q)=)u3M<am$$#(r=3P~-C{%MxDxYz%Hs&B2VI
zA_}-Mvk2+ygYmruTc6(?m9z<>hwyx+67+d+#Mvbgn1w``$|KV?zR$Di!wh;jbXn{b
z2<9jR#b5U56;efn-d<*p-ptx_1iM!G1%+dP49Gz{s2D7oKavnUs~GyUeXxwYMyngx
z%sS=K*J54Naf{MAlU2E-sthsTrw;#{C=J&G;j%=3An!`DBf7IfUbe4rrxL}e8>sPW
zEmq8Og2=MqztD-{@oOjyz<VeO`yxG4jOs{4q#z`@ln_=#@B`E&;M$x3jSb(0NY;;~
zjj!ZJnP}J&O%qLeY5MYeyk5#jcNW@MqF*djcu-@<Gfz7fjtQzhWv_)Fxj4n?o$@RB
zzM5~YT5afM$BGu6UD{ch{4Pu)O3FmQ{W42I4iVs$k4otCsqJGx!IeQCRSAQaNeZg;
zc2`Fun7c4LXHhmg3qnufEzdM1#L4{8rgCSrkRbHXy%TIe_|vr;cc}Qdt72+gA>kkZ
z11Ov!qTkfk(zdd8@xI0O->v<cw2wGIi-F3FA$*8U+7m2J5b`rUO!O0SA=~Z0z#zp2
zekD^G=NYUAbf0DYxaZoUqmNi*j(@Qt4(vT-U*#$fHVf_Tq;|&BzqUvl@qk7eW`E!}
zBjZ(jau=g`qr;n){6&sVmj($1rXSD|ap3jEl*QIF!-L`?*k`2J>UDlcSQrNqaxEFn
zqaC1>_D^<awDe2r?8m?V^a1$4K5uj{)sme(z2mSo!D|ua#Rg1J5rQZ);@ViVh46y4
zR3uaYH-!`pH`p!QO5va?4g{bc;SAvbo{5QmK5b(T#m|qogp_)Ax*TowaD=Sg&d1~A
zSJD@T<dR}l2)aKdsl0=LF$Wk;Qh@qh@p?P?Cm`i2{h>@|{QX)(sr8-RhmTU#ENLM8
zV>F>4#(v_d+QC{0od`097^=EesfgNf44y^LM~006a!HRs5D+_>z3-Pr!LZcCFmXRn
zX~6)&qQxwC)Jk(m?ihDs#XbhPi56A-D|?X>5%x#bY#T1@l;PFisAYBCTZOoP+i*ve
z$qz9+(-(IP#HuR5%~H%0W2({tnrQY`LKyTUw&oTUy!jlM5*D#w?glDeW)eM93JGjs
zK4qC&hMCGJo+`~Ma)U1CemF7)zqh*)tn2BZ&J>eRX_T2ZE;W=fQRQ>PaO{ntmj4*V
zn1W|R6jNn&iOc=~KGY<OlSET^nt;th{xodx6)=uiR4<lK#6FVp^pBSCzwUI3{7mW9
zhAbfDX4(UhqJ#7sk0`4VSKwXZ_6so>|Hgolm*8$N%@G@kS2+;un>CSb8;AR?sx{M5
zbZPJ=O+HjvOJUM1u|b+7joYnm4~*YlYr{K*BXn%FXH{-jy0yz6cBkx*p!cp!t46CD
zCDuz*zdDtYZ6`6)4Gp_JGUIS^@ANt&zBOy#x63`M*RC44DajD$ks9o)B_9W8JCGZM
zd0un3y=3?LKcBuX^<fpB<#yklsTn*ONVZLd+HN$e_~!E+8@5fKP{u7bq-SP7^9qz1
zjk7MyL4C|UVvVA>-SSJ}Y@M%UUCs*)JPx**DQj*g%$-)CuYZJc+b>&<uNsFpM11+r
zlq;sa{HM)BzFhZcxbXd<nVdS$7qM)cC~f%C@FiZ5<ZA0G^}ggZsDpT*bI)kPc29`M
zZQK`nj+|-G9xjx{)(HiR7`7km*+IZ;J_fP+XULZGkHiZcVC#okNTT`6Pm0DJf3Wl$
z=zfxC_YdiMYPJb@9o*=e>2o-gYDi*sfW5#epZ#AG4(;T@QCM$BNxv*OoMJZ8C~i;3
zd(NwtEHG;H=X99E45iBdc+xHB7<uU{;-;*@WT=;KxNHulX`^nX^RU}<-tK*S%oH_q
z{jCGg3s#Frwc_9!q{pfI^8vNN+z{hft|ig@-a=a74{|%4?zb7vyub7$B=#wD*2Lg5
z(qr$vZ6TiEz#0RHGhxHY>S36?HfyhQV1FzcVJn0pr`>a4$a#M|OulL*YoVWJ_1|+M
zN!ymg-wP@aA(x$rlFu^{!6ZD8I`ek0^+(9<<|?s;h%=1T1KprqB7W4DH+9s@agO&>
zGht?_u%Zi}b+Qm!#JQK^HLEXSzVcBszOuDQ`+Es~W@;Iy<v3)##@vQKm%7Y1Pfn>_
zi;eXwPwxG8nW1amoiliEb8Pcz-WOc*$XfCet|%}VOMw_fKc;YuE-cn4r5b28ZxyMV
z+#x!b==`?4GkGSV_g3N&c>XD+Gv<~55AhR)5<>tYsZ_?jqo1l;Mmi@G$^7e=OrLW3
zg!s>6vm{I`qZSossd41OO5$FOLjn9-%=r#p4m^dAd(NG&o6<{f?XPEuRc!&L9c>1?
z<ISRqgpT)pt{iDhMl~bu!TAt~gV?P*ib=a^`|24VRP13epS6v$+c2N?Xd2;y;`D5I
z>)#xLf_Hm6RNZRLo~IQ{fpBiY)umI)_>8T{HDOz>_8ag)JQj88L`l$YhO!AhFl_PU
z@3Zkp@@b_;hrs!jcHg4v*wc@{<a#cI@J`en0`o&Co(rs$)S<B{-(=bf@9}3c<!okx
z6=(Ea{t#8uGzfI4%bGPX$SCth?u&}<I&!x{Sg|r4;!nr+5Us_+#6}B%>}YcfEy>7g
zfX}9WV!yH^0=Qz_sF^7TSd=cyr6)B#lRgzuYKUzYClR4iQu?=}9=eC8+KL$94QJbq
zvv{W1#@mj&k@6dM8tAfOE9BO^y2~DQR>fE48#Kcz!<Eu2Hw?QCNV}k$W)A7C$LZt9
zaz8y>Izm-b#f(^OyU*kqCl3u+(dD`gvK<ax7h*0)Ld}pqiJl*lX`HX~<Krh`0>9S3
zt0ySI<*p#hCAp#yDtb)g!@Z^YGx0`#Yfzz(<X7-vfSYB$gr+*{7a05(WE}S9>yl{9
zw+6e>ARKKm2p6pJbE)WN(@t9N{NCx;-T{rGaOqgCd2!`4>@jGE-rYJspSG|%IvBAU
z)qGJRtlp@((Y#?;rEVP`vESQw&u)a=q|1M1(-v-%Zij<W`gXpxwHde?*BlzOthJ1<
zO`bcPPn=H8wirgdf$I&89PF0LnEc@rXh$I4Ky{i9_W=Ge(h5qrj~4vMqs~<3$TSJx
zLUlFd_#|iv{;mkfXbdM(I-{pLlO`HYDsXz)X_u|(9gQ!HXbQ0sT5Ax9wMR*`zijHU
zrnlPOtq^=}f+#rgV@{fuXVn?3IFx)Atz^;OnY=ATPTSdwJ0;$16+jPy$&EM*0Gk%e
zn67U3Yo6ug#zLNV)KXDU(qUJ7HsJPf2cELE^tF+8L+1M~$WNCASyzJ^ZpGR28iE8)
z{MPJ?hH*`c?6c(>I0otb8s=8eQ}chv>&U~VUBISYL3!fOKIJk$GQ~TsHyu$oH(XcQ
zOl;9e?z5ph=$&}5?2{3j@tQh9)c65IA4hdm%dld~S*rumSiHCDI-P&!Y498_un}+L
z;Gy6FIeXZR8!=S39N&-FaA0mNem~M{-)Z#`cIYzDuQ7CZ8E-z-3ms`bJu~LKhYbsh
zK>1L~4cE>*p*-u5>)<L8L%|yRB~~7XrMG;aO5M=+dZ7{eqybSPsb}~FLiQjwsESFb
zNO_SQw|WDAfSOpof0<y*CAx3W$oNUH=XAm!1u|6Z@7!JE0bzt_Y24X6$^$&Km2m8y
zrcx65%9;`v@rN|r8A`S(xW8~4zeaQV%$H1(PGBwBS9OvECDv>hx-b1BDAy9@p2KKs
zFOJ@T@*2o%SLL1k!E7aGwJ<FvfvLeQo_#R5^>Q&zC+Q?fAD@A>T<xXJ<QVc0hBdu9
z+k4KBpTeBm6y{n5JgW!x_T&B=X}idG>^L*PYH*Sskq9YnMhW^h&xuQ2wL3Z>G9I}O
z$Lae2g@asl<et53>2;is`2X35a3|3R{MhUuL7?*b&O0Fj0+I_!qfw1Aw9*6qVFYTJ
zW3v|$@rtVHht2<<*Fj4(Gq?LoYeqs7f|}QwzwU6pbs4p|+vVk7<-iv2QMoj3Tw6=n
zylynL<~3<pn{VXr)7f2xySbZ}-qB5vLzwI`c<b%&)$@Gubocan>+RLGzHU^zbbO$#
zl7BuQ3s-Z$@y>P!OZacK6)|WA^2GB-WLW^h?!XreL5Kg(_@5B@+!Nwyx{m-~vQe`6
z?(Ubb=ZiV4v)Zy1eo|eQtY|m-+K_wyXjGOWCR4y)Q*0I!<5#B#4Nz}hg`+hw%j-tf
z(KBzNGb3oXg6Ns)8TGy+xIwoo?TU5mz5Nc>+cTYH=H`2#&%T?^=j|>(A9p<j@A==l
z$XXj;ZKb=Nw@2bp8FLGMn79uz?ff}Jdn13Nwhezb(MI{aIWp}}FH;(cJ$7YGjyk=&
zUk%84fa@lXY>1reUE<3t?>m8QfZ5)5zUq2R_*owA(5s!3_1Ztdy`CqEJlsB6s>)<&
z2pf_=M$Il^Rcpx`7c3Q~_=?)V5MeJSI-r*)Ak1LghS3cMrz)uTc<3R~9bAi0qBEUh
z$Kk@%q%BmiM+~pJq&x{yx!9?u#{;M>+}Y|c;9@ttexM1D*3eQ;TXFKnNktlfyqq@!
zt`vmO6Ox}Ush$#mX<Dk+l~^-HfK(1{rAuLUQ3vRYNyi(XaG=&vWY8~Oz!1|KKCp**
zGBAFsV8Sj9cri-TVGT-=E0{!R6FlJy@CzD4!S5j1&Q%co7?6Km8;9IO!~qBesZ_q7
z;Y8t{_4Do)xdO84BS3Wyf&4Et%RVSa^mz4nqQI0r1fn<^E+&d^x}(z|3a)5t>?BJx
zhQFyzJeld_GV+QD35>tN091#9J0W&aGG7Tx{qOzymw2e{@b&>ug1d0LHOb*vq+}I=
z6NvOTN_*hPtzLJfwFYXlwO?0Pwx*4md;B2Y_xr1&*fa^lDhC&1_A5SY!K?kJ+0u*9
zdon%5@7U(@=LDY^du;)z6N8JipErjd0KwJ)zU&OmK*o7C2e%sK*+qcH2T|P@>xN^x
zV+ohpCQ%1m-`j1uOO~ULXviV0(?*DlgopW&Wks%y)0HRhEVGvC6648;6!DV_^V*4^
zI$rLB?h$rBIAC@G2D_Kd630|YIy!sEst>6u#S05;I|T*%bZs8_FSkPiR?)DyXH*Rw
zQM~=v&mm7?7-vDswhN-ChEegl%Dr*3lT#%k`3+3p&2mJd|IuOg-G!}Fk{28}hai*!
zhilaNmp&Gpls@|U+)w+7UjijK0gJHhuaO1xhG6cg0Q^+re}u`R&y;SO1!uY==2pp<
z7&2%>7z(^yub%5sUAh>cIzIv7FaoA4I;8KX^WQ#ijhK3k6Ii8fs*6BMuCGzlfz_*Q
zFg~92I2;W9Ou+O;K@BBCkX5#GKB}HotZySQ#4*w6r^srLdPs+ZH%_Pq?>$>o>+&ZA
zijUumv)@!PXig04)XIImkWh`Hv1SM|o;^f!dhZ{mJmN|JTV7T6=V0MX-*hJ_5PzoY
zz+VNF^yEsl@fs;(np!lXXhFF^DyXmW&I+Ix3v@LGkczQhHaB3UO0B%>-=SoHa9>lO
z$`oq`(19YC6d*Tm<OCF#7`Cn|@vZkr*)Kbv#E>H_C`p|S17Uvv#T+55A$W!XOKa>N
z0Nv?A#1v?*Kt|Di1et3B&hjA2+i{p(z<y|*1dQNF@!XK$PxR%~<zDZk%E(i+6ny&y
z)Xw=Y4brE8e+UmRoCX27=JG7q7d!R4ryO6|i<3br^TNLlSOD;=i?m$8qsusAEp-7o
zET&HZxNe#^BS_k+B9dLCs#?X_WX7QyT2OQr=|;d6?n@ia(;y<U=+lc}hVS#Iz(AG3
zE;LM3q|Ik!YtbexkVKTJZyLr7Cx9wG;%QJ0c_^PXUaUVPci5^CG1Y(e4E|fqdm0U5
z!8r71Glt4%GeBW=U{3^GqGgj;=4Gxx?gjaPCmWp-7-LtGs02*{E4nZ5hP9Os*oZiH
zU6appf!FyLz1u2K*A=Os=EB$a-*moAl}X!^!M0lP;}WY{-S@l(-clj1K7l)Vyd!Jz
zJ-kBOuN8}7$F3}@gXcj!c>nYE?B*}0kI=BEWR+9qCI+JB=<87z?$;0(cqa0?Sh9Dn
zi#FX=l|9uIlU4MJW)Ga-%~jYCVg&mvLd^1v^ShBvKA68&tb6E@v>+zfkkUkX_|XXK
zZPW0p`o6KkZXgADS5smsaca)XNQdnw9`Jfd>F(q+UOo?nEq79~vZExONE9j}H~mO-
z+GT+kYe;f(XB#3HMM=0lvP|8EDi@bFs$m~{eBD$~aWaVlLgK{Dew24@((4O*y!Yg}
z(VMJrxgA-C%F`)h(){VfBS;Wef}HV#fFfj|a)c~N-liQ7aeT9NGNxy}r_%ZLKT$b2
z*56WK>Vbdz|NInfZ!#OkX9D(3;*8%PbmN~v^QUPpWcs{5l><ID74?C0$j92#$W&3M
zWa4@!WK!Q4=91-}={-@&67Q%{dqlAIpF_Klvwe||)&E91C+ta_3MR?3do0@Jy)6a5
zLu*L4TQK2)L~-c27RhvvABi*&QVYMBiIo(<fw+tZCfZtSyP7-78M6^yd$?Y*G8JFK
zOE}?N0>ZF={cD@L_Cs*cr|JWvTX#*5V1D?{`}Em3a0C+*6FY6`6?H;@S6H;|&YC>X
z3n?54Io_NexKI87CzkC|2dLPE>BaS}o&G==DfGFqHgpMy1q{qK8%r0U$PgU3dnu1F
z72|yWQu-4fH9@YFwO9P^9ETeiw)6gm`tiIGz=XFM4cNK-$qlT+{hs}f@x}}H;t>@J
zNdN4M<jE%))G8Z*04EVZAqtQDe^AWW6malBO40wldSLiJfd9YS56IZSAOH@<|4#jJ
h{6B#I$L&uz#h#lwnm}jk|N0t$tfZ1ejrjMV{|B|1AF%)c

literal 0
HcmV?d00001

diff --git a/docs/userguide/eng-image/baseimages.md b/docs/userguide/eng-image/baseimages.md
new file mode 100644
index 00000000..172d65a9
--- /dev/null
+++ b/docs/userguide/eng-image/baseimages.md
@@ -0,0 +1,71 @@
+<!--[metadata]>
++++
+aliases = ["/engine/articles/baseimages/"]
+title = "Create a base image"
+description = "How to create base images"
+keywords = ["Examples, Usage, base image, docker, documentation,  examples"]
+[menu.main]
+parent = "engine_images"
++++
+<![end-metadata]-->
+
+# Create a base image
+
+So you want to create your own [*Base Image*](../../reference/glossary.md#base-image)? Great!
+
+The specific process will depend heavily on the Linux distribution you
+want to package. We have some examples below, and you are encouraged to
+submit pull requests to contribute new ones.
+
+## Create a full image using tar
+
+In general, you'll want to start with a working machine that is running
+the distribution you'd like to package as a base image, though that is
+not required for some tools like Debian's
+[Debootstrap](https://wiki.debian.org/Debootstrap), which you can also
+use to build Ubuntu images.
+
+It can be as simple as this to create an Ubuntu base image:
+
+    $ sudo debootstrap raring raring > /dev/null
+    $ sudo tar -C raring -c . | docker import - raring
+    a29c15f1bf7a
+    $ docker run raring cat /etc/lsb-release
+    DISTRIB_ID=Ubuntu
+    DISTRIB_RELEASE=13.04
+    DISTRIB_CODENAME=raring
+    DISTRIB_DESCRIPTION="Ubuntu 13.04"
+
+There are more example scripts for creating base images in the Docker
+GitHub Repo:
+
+ - [BusyBox](https://github.com/docker/docker/blob/master/contrib/mkimage-busybox.sh)
+ - CentOS / Scientific Linux CERN (SLC) [on Debian/Ubuntu](
+   https://github.com/docker/docker/blob/master/contrib/mkimage-rinse.sh) or
+   [on CentOS/RHEL/SLC/etc.](
+   https://github.com/docker/docker/blob/master/contrib/mkimage-yum.sh)
+ - [Debian / Ubuntu](
+   https://github.com/docker/docker/blob/master/contrib/mkimage-debootstrap.sh)
+
+## Creating a simple base image using scratch
+
+You can use Docker's reserved, minimal image, `scratch`, as a starting point for building containers. Using the `scratch` "image" signals to the build process that you want the next command in the `Dockerfile` to be the first filesystem layer in your image.
+
+While `scratch` appears in Docker's repository on the hub, you can't pull it, run it, or tag any image with the name `scratch`. Instead, you can refer to it in your `Dockerfile`. For example, to create a minimal container using `scratch`:
+
+    FROM scratch
+    ADD hello /
+    CMD ["/hello"]
+
+This example creates the hello-world image used in the tutorials.
+If you want to test it out, you can clone [the image repo](https://github.com/docker-library/hello-world)
+
+
+## More resources
+
+There are lots more resources available to help you write your 'Dockerfile`.
+
+* There's a [complete guide to all the instructions](../../reference/builder.md) available for use in a `Dockerfile` in the reference section.
+* To help you write a clear, readable, maintainable `Dockerfile`, we've also
+written a [`Dockerfile` Best Practices guide](dockerfile_best-practices.md).
+* If your goal is to create a new Official Repository, be sure to read up on Docker's [Official Repositories](https://docs.docker.com/docker-hub/official_repos/).
diff --git a/docs/userguide/eng-image/dockerfile_best-practices.md b/docs/userguide/eng-image/dockerfile_best-practices.md
new file mode 100644
index 00000000..b7463a07
--- /dev/null
+++ b/docs/userguide/eng-image/dockerfile_best-practices.md
@@ -0,0 +1,495 @@
+<!--[metadata]>
++++
+aliases = ["/engine/articles/dockerfile_best-practices/", "/docker-cloud/getting-started/intermediate/optimize-dockerfiles/", "/docker-cloud/tutorials/optimize-dockerfiles/"]
+title = "Best practices for writing Dockerfiles"
+description = "Hints, tips and guidelines for writing clean, reliable Dockerfiles"
+keywords = ["Examples, Usage, base image, docker, documentation, dockerfile, best practices, hub,  official repo"]
+[menu.main]
+parent = "engine_images"
++++
+<![end-metadata]-->
+
+# Best practices for writing Dockerfiles
+
+Docker can build images automatically by reading the instructions from a
+`Dockerfile`, a text file that contains all the commands, in order, needed to
+build a given image. `Dockerfile`s adhere to a specific format and use a
+specific set of instructions. You can learn the basics on the
+[Dockerfile Reference](../../reference/builder.md) page. If
+you’re new to writing `Dockerfile`s, you should start there.
+
+This document covers the best practices and methods recommended by Docker,
+Inc. and the Docker community for creating easy-to-use, effective
+`Dockerfile`s. We strongly suggest you follow these recommendations (in fact,
+if you’re creating an Official Image, you *must* adhere to these practices).
+
+You can see many of these practices and recommendations in action in the [buildpack-deps `Dockerfile`](https://github.com/docker-library/buildpack-deps/blob/master/jessie/Dockerfile).
+
+> Note: for more detailed explanations of any of the Dockerfile commands
+>mentioned here, visit the [Dockerfile Reference](../../reference/builder.md) page.
+
+## General guidelines and recommendations
+
+### Containers should be ephemeral
+
+The container produced by the image your `Dockerfile` defines should be as
+ephemeral as possible. By “ephemeral,” we mean that it can be stopped and
+destroyed and a new one built and put in place with an absolute minimum of
+set-up and configuration.
+
+### Use a .dockerignore file
+
+In most cases, it's best to put each Dockerfile in an empty directory. Then,
+add to that directory only the files needed for building the Dockerfile. To
+increase the build's performance, you can exclude files and directories by
+adding a `.dockerignore` file to that directory as well. This file supports
+exclusion patterns similar to `.gitignore` files. For information on creating one,
+see the [.dockerignore file](../../reference/builder.md#dockerignore-file).
+
+### Avoid installing unnecessary packages
+
+In order to reduce complexity, dependencies, file sizes, and build times, you
+should avoid installing extra or unnecessary packages just because they
+might be “nice to have.” For example, you don’t need to include a text editor
+in a database image.
+
+### Run only one process per container
+
+In almost all cases, you should only run a single process in a single
+container. Decoupling applications into multiple containers makes it much
+easier to scale horizontally and reuse containers. If that service depends on
+another service, make use of [container linking](../../userguide/networking/default_network/dockerlinks.md).
+
+### Minimize the number of layers
+
+You need to find the balance between readability (and thus long-term
+maintainability) of the `Dockerfile` and minimizing the number of layers it
+uses. Be strategic and cautious about the number of layers you use.
+
+### Sort multi-line arguments
+
+Whenever possible, ease later changes by sorting multi-line arguments
+alphanumerically. This will help you avoid duplication of packages and make the
+list much easier to update. This also makes PRs a lot easier to read and
+review. Adding a space before a backslash (`\`) helps as well.
+
+Here’s an example from the [`buildpack-deps` image](https://github.com/docker-library/buildpack-deps):
+
+    RUN apt-get update && apt-get install -y \
+      bzr \
+      cvs \
+      git \
+      mercurial \
+      subversion
+
+### Build cache
+
+During the process of building an image Docker will step through the
+instructions in your `Dockerfile` executing each in the order specified.
+As each instruction is examined Docker will look for an existing image in its
+cache that it can reuse, rather than creating a new (duplicate) image.
+If you do not want to use the cache at all you can use the ` --no-cache=true`
+option on the `docker build` command.
+
+However, if you do let Docker use its cache then it is very important to
+understand when it will, and will not, find a matching image. The basic rules
+that Docker will follow are outlined below:
+
+* Starting with a base image that is already in the cache, the next
+instruction is compared against all child images derived from that base
+image to see if one of them was built using the exact same instruction. If
+not, the cache is invalidated.
+
+* In most cases simply comparing the instruction in the `Dockerfile` with one
+of the child images is sufficient.  However, certain instructions require
+a little more examination and explanation.
+
+* For the `ADD` and `COPY` instructions, the contents of the file(s)
+in the image are examined and a checksum is calculated for each file.
+The last-modified and last-accessed times of the file(s) are not considered in
+these checksums. During the cache lookup, the checksum is compared against the
+checksum in the existing images. If anything has changed in the file(s), such
+as the contents and metadata, then the cache is invalidated.
+
+* Aside from the `ADD` and `COPY` commands, cache checking will not look at the
+files in the container to determine a cache match. For example, when processing
+a `RUN apt-get -y update` command the files updated in the container
+will not be examined to determine if a cache hit exists.  In that case just
+the command string itself will be used to find a match.
+
+Once the cache is invalidated, all subsequent `Dockerfile` commands will
+generate new images and the cache will not be used.
+
+## The Dockerfile instructions
+
+Below you'll find recommendations for the best way to write the
+various instructions available for use in a `Dockerfile`.
+
+### FROM
+
+[Dockerfile reference for the FROM instruction](../../reference/builder.md#from)
+
+Whenever possible, use current Official Repositories as the basis for your
+image. We recommend the [Debian image](https://hub.docker.com/_/debian/)
+since it’s very tightly controlled and kept minimal (currently under 150 mb),
+while still being a full distribution.
+
+### RUN
+
+[Dockerfile reference for the RUN instruction](../../reference/builder.md#run)
+
+As always, to make your `Dockerfile` more readable, understandable, and
+maintainable, split long or complex `RUN` statements on multiple lines separated
+with backslashes.
+
+### apt-get
+
+Probably the most common use-case for `RUN` is an application of `apt-get`. The
+`RUN apt-get` command, because it installs packages, has several gotchas to look
+out for.
+
+You should avoid `RUN apt-get upgrade` or `dist-upgrade`, as many of the
+“essential” packages from the base images won't upgrade inside an unprivileged
+container. If a package contained in the base image is out-of-date, you should
+contact its maintainers.
+If you know there’s a particular package, `foo`, that needs to be updated, use
+`apt-get install -y foo` to update automatically.
+
+Always combine  `RUN apt-get update` with `apt-get install` in the same `RUN`
+statement, for example:
+
+        RUN apt-get update && apt-get install -y \
+            package-bar \
+            package-baz \
+            package-foo
+
+
+Using `apt-get update` alone in a `RUN` statement causes caching issues and
+subsequent `apt-get install` instructions fail.
+For example, say you have a Dockerfile:
+
+        FROM ubuntu:14.04
+        RUN apt-get update
+        RUN apt-get install -y curl
+
+After building the image, all layers are in the Docker cache. Suppose you later
+modify `apt-get install` by adding extra package:
+
+        FROM ubuntu:14.04
+        RUN apt-get update
+        RUN apt-get install -y curl nginx
+
+Docker sees the initial and modified instructions as identical and reuses the
+cache from previous steps. As a result the `apt-get update` is *NOT* executed
+because the build uses the cached version. Because the `apt-get update` is not
+run, your build can potentially get an outdated version of the `curl` and `nginx`
+packages.
+
+Using  `RUN apt-get update && apt-get install -y` ensures your Dockerfile
+installs the latest package versions with no further coding or manual
+intervention. This technique is known as "cache busting". You can also achieve
+cache-busting by specifying a package version. This is known as version pinning,
+for example:
+
+        RUN apt-get update && apt-get install -y \
+            package-bar \
+            package-baz \
+            package-foo=1.3.*
+
+Version pinning forces the build to retrieve a particular version regardless of
+what’s in the cache. This technique can also reduce failures due to unanticipated changes
+in required packages.
+
+Below is a well-formed `RUN` instruction that demonstrates all the `apt-get`
+recommendations.
+
+    RUN apt-get update && apt-get install -y \
+        aufs-tools \
+        automake \
+        build-essential \
+        curl \
+        dpkg-sig \
+        libcap-dev \
+        libsqlite3-dev \
+        mercurial \
+        reprepro \
+        ruby1.9.1 \
+        ruby1.9.1-dev \
+        s3cmd=1.1.* \
+     && rm -rf /var/lib/apt/lists/*
+
+The `s3cmd` instructions specifies a version `1.1.0*`. If the image previously
+used an older version, specifying the new one causes a cache bust of `apt-get
+update` and ensure the installation of the new version. Listing packages on
+each line can also prevent mistakes in package duplication.
+
+In addition, cleaning up the apt cache and removing `/var/lib/apt/lists` helps
+keep the image size down. Since the `RUN` statement starts with
+`apt-get update`, the package cache will always be refreshed prior to
+`apt-get install`.
+
+> **Note**: The official Debian and Ubuntu images [automatically run `apt-get clean`](https://github.com/docker/docker/blob/03e2923e42446dbb830c654d0eec323a0b4ef02a/contrib/mkimage/debootstrap#L82-L105),
+> so explicit invocation is not required.
+
+### CMD
+
+[Dockerfile reference for the CMD instruction](../../reference/builder.md#cmd)
+
+The `CMD` instruction should be used to run the software contained by your
+image, along with any arguments. `CMD` should almost always be used in the
+form of `CMD [“executable”, “param1”, “param2”…]`. Thus, if the image is for a
+service (Apache, Rails, etc.), you would run something like
+`CMD ["apache2","-DFOREGROUND"]`. Indeed, this form of the instruction is
+recommended for any service-based image.
+
+In most other cases, `CMD` should be given an interactive shell (bash, python,
+perl, etc), for example, `CMD ["perl", "-de0"]`, `CMD ["python"]`, or
+`CMD [“php”, “-a”]`. Using this form means that when you execute something like
+`docker run -it python`, you’ll get dropped into a usable shell, ready to go.
+`CMD` should rarely be used in the manner of `CMD [“param”, “param”]` in
+conjunction with [`ENTRYPOINT`](../../reference/builder.md#entrypoint), unless
+you and your expected users are already quite familiar with how `ENTRYPOINT`
+works.
+
+### EXPOSE
+
+[Dockerfile reference for the EXPOSE instruction](../../reference/builder.md#expose)
+
+The `EXPOSE` instruction indicates the ports on which a container will listen
+for connections. Consequently, you should use the common, traditional port for
+your application. For example, an image containing the Apache web server would
+use `EXPOSE 80`, while an image containing MongoDB would use `EXPOSE 27017` and
+so on.
+
+For external access, your users can execute `docker run` with a flag indicating
+how to map the specified port to the port of their choice.
+For container linking, Docker provides environment variables for the path from
+the recipient container back to the source (ie, `MYSQL_PORT_3306_TCP`).
+
+### ENV
+
+[Dockerfile reference for the ENV instruction](../../reference/builder.md#env)
+
+In order to make new software easier to run, you can use `ENV` to update the
+`PATH` environment variable for the software your container installs. For
+example, `ENV PATH /usr/local/nginx/bin:$PATH` will ensure that `CMD [“nginx”]`
+just works.
+
+The `ENV` instruction is also useful for providing required environment
+variables specific to services you wish to containerize, such as Postgres’s
+`PGDATA`.
+
+Lastly, `ENV` can also be used to set commonly used version numbers so that
+version bumps are easier to maintain, as seen in the following example:
+
+    ENV PG_MAJOR 9.3
+    ENV PG_VERSION 9.3.4
+    RUN curl -SL http://example.com/postgres-$PG_VERSION.tar.xz | tar -xJC /usr/src/postgress && …
+    ENV PATH /usr/local/postgres-$PG_MAJOR/bin:$PATH
+
+Similar to having constant variables in a program (as opposed to hard-coding
+values), this approach lets you change a single `ENV` instruction to
+auto-magically bump the version of the software in your container.
+
+### ADD or COPY
+
+[Dockerfile reference for the ADD instruction](../../reference/builder.md#add)<br/>
+[Dockerfile reference for the COPY instruction](../../reference/builder.md#copy)
+
+Although `ADD` and `COPY` are functionally similar, generally speaking, `COPY`
+is preferred. That’s because it’s more transparent than `ADD`. `COPY` only
+supports the basic copying of local files into the container, while `ADD` has
+some features (like local-only tar extraction and remote URL support) that are
+not immediately obvious. Consequently, the best use for `ADD` is local tar file
+auto-extraction into the image, as in `ADD rootfs.tar.xz /`.
+
+If you have multiple `Dockerfile` steps that use different files from your
+context, `COPY` them individually, rather than all at once. This will ensure that
+each step's build cache is only invalidated (forcing the step to be re-run) if the
+specifically required files change.
+
+For example:
+
+    COPY requirements.txt /tmp/
+    RUN pip install --requirement /tmp/requirements.txt
+    COPY . /tmp/
+
+Results in fewer cache invalidations for the `RUN` step, than if you put the
+`COPY . /tmp/` before it.
+
+Because image size matters, using `ADD` to fetch packages from remote URLs is
+strongly discouraged; you should use `curl` or `wget` instead. That way you can
+delete the files you no longer need after they've been extracted and you won't
+have to add another layer in your image. For example, you should avoid doing
+things like:
+
+    ADD http://example.com/big.tar.xz /usr/src/things/
+    RUN tar -xJf /usr/src/things/big.tar.xz -C /usr/src/things
+    RUN make -C /usr/src/things all
+
+And instead, do something like:
+
+    RUN mkdir -p /usr/src/things \
+        && curl -SL http://example.com/big.tar.xz \
+        | tar -xJC /usr/src/things \
+        && make -C /usr/src/things all
+
+For other items (files, directories) that do not require `ADD`’s tar
+auto-extraction capability, you should always use `COPY`.
+
+### ENTRYPOINT
+
+[Dockerfile reference for the ENTRYPOINT instruction](../../reference/builder.md#entrypoint)
+
+The best use for `ENTRYPOINT` is to set the image's main command, allowing that
+image to be run as though it was that command (and then use `CMD` as the
+default flags).
+
+Let's start with an example of an image for the command line tool `s3cmd`:
+
+    ENTRYPOINT ["s3cmd"]
+    CMD ["--help"]
+
+Now the image can be run like this to show the command's help:
+
+    $ docker run s3cmd
+
+Or using the right parameters to execute a command:
+
+    $ docker run s3cmd ls s3://mybucket
+
+This is useful because the image name can double as a reference to the binary as
+shown in the command above.
+
+The `ENTRYPOINT` instruction can also be used in combination with a helper
+script, allowing it to function in a similar way to the command above, even
+when starting the tool may require more than one step.
+
+For example, the [Postgres Official Image](https://hub.docker.com/_/postgres/)
+uses the following script as its `ENTRYPOINT`:
+
+```bash
+#!/bin/bash
+set -e
+
+if [ "$1" = 'postgres' ]; then
+    chown -R postgres "$PGDATA"
+
+    if [ -z "$(ls -A "$PGDATA")" ]; then
+        gosu postgres initdb
+    fi
+
+    exec gosu postgres "$@"
+fi
+
+exec "$@"
+```
+
+> **Note**:
+> This script uses [the `exec` Bash command](http://wiki.bash-hackers.org/commands/builtin/exec)
+> so that the final running application becomes the container's PID 1. This allows
+> the application to receive any Unix signals sent to the container.
+> See the [`ENTRYPOINT`](../../reference/builder.md#entrypoint)
+> help for more details.
+
+
+The helper script is copied into the container and run via `ENTRYPOINT` on
+container start:
+
+    COPY ./docker-entrypoint.sh /
+    ENTRYPOINT ["/docker-entrypoint.sh"]
+
+This script allows the user to interact with Postgres in several ways.
+
+It can simply start Postgres:
+
+    $ docker run postgres
+
+Or, it can be used to run Postgres and pass parameters to the server:
+
+    $ docker run postgres postgres --help
+
+Lastly, it could also be used to start a totally different tool, such as Bash:
+
+    $ docker run --rm -it postgres bash
+
+### VOLUME
+
+[Dockerfile reference for the VOLUME instruction](../../reference/builder.md#volume)
+
+The `VOLUME` instruction should be used to expose any database storage area,
+configuration storage, or files/folders created by your docker container. You
+are strongly encouraged to use `VOLUME` for any mutable and/or user-serviceable
+parts of your image.
+
+### USER
+
+[Dockerfile reference for the USER instruction](../../reference/builder.md#user)
+
+If a service can run without privileges, use `USER` to change to a non-root
+user. Start by creating the user and group in the `Dockerfile` with something
+like `RUN groupadd -r postgres && useradd -r -g postgres postgres`.
+
+> **Note:** Users and groups in an image get a non-deterministic
+> UID/GID in that the “next” UID/GID gets assigned regardless of image
+> rebuilds. So, if it’s critical, you should assign an explicit UID/GID.
+
+You should avoid installing or using `sudo` since it has unpredictable TTY and
+signal-forwarding behavior that can cause more problems than it solves. If
+you absolutely need functionality similar to `sudo` (e.g., initializing the
+daemon as root but running it as non-root), you may be able to use
+[“gosu”](https://github.com/tianon/gosu).
+
+Lastly, to reduce layers and complexity, avoid switching `USER` back
+and forth frequently.
+
+### WORKDIR
+
+[Dockerfile reference for the WORKDIR instruction](../../reference/builder.md#workdir)
+
+For clarity and reliability, you should always use absolute paths for your
+`WORKDIR`. Also, you should use `WORKDIR` instead of  proliferating
+instructions like `RUN cd … && do-something`, which are hard to read,
+troubleshoot, and maintain.
+
+### ONBUILD
+
+[Dockerfile reference for the ONBUILD instruction](../../reference/builder.md#onbuild)
+
+An `ONBUILD` command executes after the current `Dockerfile` build completes.
+`ONBUILD` executes in any child image derived `FROM` the current image.  Think
+of the `ONBUILD` command as an instruction the parent `Dockerfile` gives
+to the child `Dockerfile`.
+
+A Docker build executes `ONBUILD` commands before any command in a child
+`Dockerfile`.
+
+`ONBUILD` is useful for images that are going to be built `FROM` a given
+image. For example, you would use `ONBUILD` for a language stack image that
+builds arbitrary user software written in that language within the
+`Dockerfile`, as you can see in [Ruby’s `ONBUILD` variants](https://github.com/docker-library/ruby/blob/master/2.1/onbuild/Dockerfile).
+
+Images built from `ONBUILD` should get a separate tag, for example:
+`ruby:1.9-onbuild` or `ruby:2.0-onbuild`.
+
+Be careful when putting `ADD` or `COPY` in `ONBUILD`. The “onbuild” image will
+fail catastrophically if the new build's context is missing the resource being
+added. Adding a separate tag, as recommended above, will help mitigate this by
+allowing the `Dockerfile` author to make a choice.
+
+## Examples for Official Repositories
+
+These Official Repositories have exemplary `Dockerfile`s:
+
+* [Go](https://hub.docker.com/_/golang/)
+* [Perl](https://hub.docker.com/_/perl/)
+* [Hy](https://hub.docker.com/_/hylang/)
+* [Rails](https://hub.docker.com/_/rails)
+
+## Additional resources:
+
+* [Dockerfile Reference](../../reference/builder.md)
+* [More about Base Images](baseimages.md)
+* [More about Automated Builds](https://docs.docker.com/docker-hub/builds/)
+* [Guidelines for Creating Official
+Repositories](https://docs.docker.com/docker-hub/official_repos/)
diff --git a/docs/userguide/eng-image/image_management.md b/docs/userguide/eng-image/image_management.md
new file mode 100644
index 00000000..035b6b68
--- /dev/null
+++ b/docs/userguide/eng-image/image_management.md
@@ -0,0 +1,53 @@
+<!--[metadata]>
++++
+alias = [ "/reference/api/hub_registry_spec/", "/userguide/image_management/"]
+title = "Image management"
+description = "Documentation for docker Registry and Registry API"
+keywords = ["docker, registry, api,  hub"]
+[menu.main]
+parent="engine_images"
+weight=90
++++
+<![end-metadata]-->
+
+# Image management
+
+The Docker Engine provides a client which you can use to create images on the command line or through a build process. You can run these images in a container or publish them for others to use. Storing the images you create, searching for images you might want, or publishing images others might use are all elements of image management.
+
+This section provides an overview of the major features and products Docker provides for image management.
+
+
+## Docker Hub
+
+The [Docker Hub](https://docs.docker.com/docker-hub/) is responsible for centralizing information about user accounts, images, and public name spaces. It has different components:
+
+ - Web UI
+ - Meta-data store (comments, stars, list public repositories)
+ - Authentication service
+ - Tokenization
+
+There is only one instance of the Docker Hub, run and managed by Docker Inc. This public Hub is useful for most individuals and smaller companies.
+
+## Docker Registry and the Docker Trusted Registry
+
+The Docker Registry is a component of Docker's ecosystem. A registry is a
+storage and content delivery system, holding named Docker images, available in
+different tagged versions. For example, the image `distribution/registry`, with
+tags `2.0` and `latest`. Users interact with a registry by using docker push and
+pull commands such as, `docker pull myregistry.com/stevvooe/batman:voice`.
+
+The Docker Hub has its own registry which, like the Hub itself, is run and managed by Docker. However, there are other ways to obtain a registry. You can purchase the [Docker Trusted Registry](https://docs.docker.com/docker-trusted-registry) product to run on your company's network. Alternatively, you can use the Docker Registry component to build a private registry. For information about using a registry, see overview for the [Docker Registry](https://docs.docker.com/registry).
+
+
+## Content Trust
+
+When transferring data among networked systems, *trust* is a central concern. In
+particular, when communicating over an untrusted medium such as the internet, it
+is critical to ensure the integrity and publisher of all of the data a system
+operates on. You use Docker to push and pull images (data) to a registry.
+Content trust gives you the ability to both verify the integrity and the
+publisher of all the data received from a registry over any channel.
+
+[Content trust](../../security/trust/index.md) is currently only available for users of the
+public Docker Hub. It is currently not available for the Docker Trusted Registry
+or for private registries.
diff --git a/docs/userguide/eng-image/index.md b/docs/userguide/eng-image/index.md
new file mode 100644
index 00000000..c46eec6b
--- /dev/null
+++ b/docs/userguide/eng-image/index.md
@@ -0,0 +1,16 @@
+<!--[metadata]>
++++
+title = "Work with images"
+description = "The Docker user guide home page"
+keywords = ["docker, introduction, documentation, about, technology, docker.io, user, guide, user's, manual, platform, framework, home,  intro"]
+[menu.main]
+identifier="engine_images"
+parent = "engine_guide"
++++
+<![end-metadata]-->
+
+# Work with images
+
+* [Create a base image](baseimages.md)
+* [Best practices for writing Dockerfiles](dockerfile_best-practices.md)
+* [Image management](image_management.md)
diff --git a/docs/userguide/index.md b/docs/userguide/index.md
new file mode 100644
index 00000000..25099975
--- /dev/null
+++ b/docs/userguide/index.md
@@ -0,0 +1,63 @@
+<!--[metadata]>
++++
+title = "User guide"
+description = "How to use the Docker Engine user guide"
+keywords = ["engine, introduction, documentation, about, technology, docker, user, guide, framework, home,  intro"]
+[menu.main]
+parent="engine_use"
+identifier = "engine_guide"
+weight="-80"
++++
+<![end-metadata]-->
+
+# Docker Engine user guide
+
+This guide helps users learn how to use Docker Engine.
+
+- [Introduction to Engine user guide](intro.md)
+
+## Learn by example
+
+- [Hello world in a container](containers/dockerizing.md)
+- [Build your own images](containers/dockerimages.md)
+- [Network containers](containers/networkingcontainers.md)
+- [Run a simple application](containers/usingdocker.md)
+- [Manage data in containers](containers/dockervolumes.md)
+- [Store images on Docker Hub](containers/dockerrepos.md)
+
+## Work with images
+
+- [Best practices for writing Dockerfiles](eng-image/dockerfile_best-practices.md)
+- [Create a base image](eng-image/baseimages.md)
+- [Image management](eng-image/image_management.md)
+
+## Manage storage drivers
+
+- [Understand images, containers, and storage drivers](storagedriver/imagesandcontainers.md)
+- [Select a storage driver](storagedriver/selectadriver.md)
+- [AUFS storage in practice](storagedriver/aufs-driver.md)
+- [Btrfs storage in practice](storagedriver/btrfs-driver.md)
+- [Device Mapper storage in practice](storagedriver/device-mapper-driver.md)
+- [OverlayFS storage in practice](storagedriver/overlayfs-driver.md)
+- [ZFS storage in practice](storagedriver/zfs-driver.md)
+
+## Configure networks
+
+- [Understand Docker container networks](networking/dockernetworks.md)
+- [Embedded DNS server in user-defined networks](networking/configure-dns.md)
+- [Get started with multi-host networking](networking/get-started-overlay.md)
+- [Work with network commands](networking/work-with-networks.md)
+
+### Work with the default network
+
+- [Understand container communication](networking/default_network/container-communication.md)
+- [Legacy container links](networking/default_network/dockerlinks.md)
+- [Binding container ports to the host](networking/default_network/binding.md)
+- [Build your own bridge](networking/default_network/build-bridges.md)
+- [Configure container DNS](networking/default_network/configure-dns.md)
+- [Customize the docker0 bridge](networking/default_network/custom-docker0.md)  
+- [IPv6 with Docker](networking/default_network/ipv6.md)  
+
+## Misc
+
+- [Apply custom metadata](labels-custom-metadata.md)
diff --git a/docs/userguide/intro.md b/docs/userguide/intro.md
new file mode 100644
index 00000000..18b688ce
--- /dev/null
+++ b/docs/userguide/intro.md
@@ -0,0 +1,118 @@
+<!--[metadata]>
++++
+title = "Introduction"
+description = "Introduction to user guide"
+keywords = ["docker, introduction, documentation, about, technology, docker.io, user, guide, user's, manual, platform, framework, home,  intro"]
+[menu.main]
+parent="engine_guide"
++++
+<![end-metadata]-->
+
+# Engine user guide
+
+This guide takes you through the fundamentals of using Docker Engine and
+integrating it into your environment. You'll learn how to use Engine to:
+
+* Dockerize your applications.
+* Run your own containers.
+* Build Docker images.
+* Share your Docker images with others.
+* And a whole lot more!
+
+This guide is broken into major sections that take you through learning the basics of Docker Engine and the other Docker products that support it.
+
+## Dockerizing applications: A "Hello world"
+
+*How do I run applications inside containers?*
+
+Docker Engine offers a containerization platform to power your applications. To
+learn how to Dockerize applications and run them:
+
+Go to [Dockerizing Applications](containers/dockerizing.md).
+
+
+## Working with containers
+
+*How do I manage my containers?*
+
+Once you get a grip on running your applications in Docker containers, you'll learn how to manage those containers. To find out
+about how to inspect, monitor and manage containers:
+
+Go to [Working with Containers](containers/usingdocker.md).
+
+## Working with Docker images
+
+*How can I access, share and build my own images?*
+
+Once you've learnt how to use Docker it's time to take the next step and
+learn how to build your own application images with Docker.
+
+Go to [Working with Docker Images](containers/dockerimages.md).
+
+## Networking containers
+
+Until now we've seen how to build individual applications inside Docker
+containers. Now learn how to build whole application stacks with Docker
+networking.
+
+Go to [Networking Containers](containers/networkingcontainers.md).
+
+## Managing data in containers
+
+Now we know how to link Docker containers together the next step is
+learning how to manage data, volumes and mounts inside our containers.
+
+Go to [Managing Data in Containers](containers/dockervolumes.md).
+
+## Docker products that complement Engine
+
+Often, one powerful technology spawns many other inventions that make that easier to get to, easier to use, and more powerful.  These spawned things share one common characteristic: they augment the central technology. The following Docker products expand on the core Docker Engine functions.
+
+### Docker Hub
+
+Docker Hub is the central hub for Docker. It hosts public Docker images
+and provides services to help you build and manage your Docker
+environment. To learn more:
+
+Go to [Using Docker Hub](https://docs.docker.com/docker-hub).
+
+### Docker Machine
+
+Docker Machine helps you get Docker Engines up and running quickly. Machine
+can set up hosts for Docker Engines on your computer, on cloud providers,
+and/or in your data center, and then configure your Docker client to securely
+talk to them.
+
+Go to [Docker Machine user guide](https://docs.docker.com/machine/).
+
+### Docker Compose
+
+Docker Compose allows you to define a application's components -- their containers,
+configuration, links and volumes -- in a single file. Then a single command
+will set everything up and start your application running.
+
+Go to [Docker Compose user guide](https://docs.docker.com/compose/).
+
+
+### Docker Swarm
+
+Docker Swarm pools several Docker Engines together and exposes them as a single
+virtual Docker Engine. It serves the standard Docker API, so any tool that already
+works with Docker can now transparently scale up to multiple hosts.
+
+Go to [Docker Swarm user guide](https://docs.docker.com/swarm/).
+
+## Getting help
+
+* [Docker homepage](https://www.docker.com/)
+* [Docker Hub](https://hub.docker.com)
+* [Docker blog](https://blog.docker.com/)
+* [Docker documentation](https://docs.docker.com/)
+* [Docker Getting Started Guide](https://docs.docker.com/mac/started/)
+* [Docker code on GitHub](https://github.com/docker/docker)
+* [Docker mailing
+  list](https://groups.google.com/forum/#!forum/docker-user)
+* Docker on IRC: irc.freenode.net and channel #docker
+* [Docker on Twitter](https://twitter.com/docker)
+* Get [Docker help](https://stackoverflow.com/search?q=docker) on
+  StackOverflow
diff --git a/docs/userguide/labels-custom-metadata.md b/docs/userguide/labels-custom-metadata.md
new file mode 100644
index 00000000..4c9a1a11
--- /dev/null
+++ b/docs/userguide/labels-custom-metadata.md
@@ -0,0 +1,229 @@
+<!--[metadata]>
++++
+title = "Apply custom metadata"
+description = "Learn how to work with custom metadata in Docker, using labels."
+keywords = ["Usage, user guide, labels, metadata, docker, documentation, examples,  annotating"]
+[menu.main]
+parent = "engine_guide"
+weight=90
++++
+<![end-metadata]-->
+
+# Apply custom metadata
+
+You can apply metadata to your images, containers, or daemons via
+labels. Labels serve a wide range of uses, such as adding notes or licensing
+information to an image, or to identify a host.
+
+A label is a `<key>` / `<value>` pair. Docker stores the label values as
+*strings*. You can specify multiple labels but each `<key>` must be
+unique or the value will be overwritten. If you specify the same `key` several
+times but with different values, newer labels overwrite previous labels. Docker
+uses the last `key=value` you supply.
+
+>**Note:** Support for daemon-labels was added in Docker 1.4.1. Labels on
+>containers and images are new in Docker 1.6.0
+
+## Label keys (namespaces)
+
+Docker puts no hard restrictions on the `key` used for a label. However, using
+simple keys can easily lead to conflicts. For example, you have chosen to
+categorize your images by CPU architecture using "architecture" labels in
+your Dockerfiles:
+
+    LABEL architecture="amd64"
+
+    LABEL architecture="ARMv7"
+
+Another user may apply the same label based on a building's "architecture":
+
+    LABEL architecture="Art Nouveau"
+
+To prevent naming conflicts, Docker recommends using namespaces to label keys
+using reverse domain notation. Use the following guidelines to name your keys:
+
+- All (third-party) tools should prefix their keys with the
+  reverse DNS notation of a domain controlled by the author. For
+  example, `com.example.some-label`.
+
+- The `com.docker.*`, `io.docker.*` and `org.dockerproject.*` namespaces are
+  reserved for Docker's internal use.
+
+- Keys should only consist of lower-cased alphanumeric characters,
+  dots and dashes (for example, `[a-z0-9-.]`).
+
+- Keys should start *and* end with an alpha numeric character.
+
+- Keys may not contain consecutive dots or dashes.
+
+- Keys *without* namespace (dots) are reserved for CLI use. This allows end-
+  users to add metadata to their containers and images without having to type
+  cumbersome namespaces on the command-line.
+
+
+These are simply guidelines and Docker does not *enforce* them. However, for
+the benefit of the community, you *should* use namespaces for your label keys.
+
+
+## Store structured data in labels
+
+Label values can contain any data type as long as it can be represented as a
+string. For example, consider this JSON document:
+
+
+    {
+        "Description": "A containerized foobar",
+        "Usage": "docker run --rm example/foobar [args]",
+        "License": "GPL",
+        "Version": "0.0.1-beta",
+        "aBoolean": true,
+        "aNumber" : 0.01234,
+        "aNestedArray": ["a", "b", "c"]
+    }
+
+You can store this struct in a label by serializing it to a string first:
+
+    LABEL com.example.image-specs="{\"Description\":\"A containerized foobar\",\"Usage\":\"docker run --rm example\\/foobar [args]\",\"License\":\"GPL\",\"Version\":\"0.0.1-beta\",\"aBoolean\":true,\"aNumber\":0.01234,\"aNestedArray\":[\"a\",\"b\",\"c\"]}"
+
+While it is *possible* to store structured data in label values, Docker treats
+this data as a 'regular' string. This means that Docker doesn't offer ways to
+query (filter) based on nested properties. If your tool needs to filter on
+nested properties, the tool itself needs to implement this functionality.
+
+
+## Add labels to images
+
+To add labels to an image, use the `LABEL` instruction in your Dockerfile:
+
+
+    LABEL [<namespace>.]<key>=<value> ...
+
+The `LABEL` instruction adds a label to your image. A `LABEL` consists of a `<key>`
+and a `<value>`.
+Use an empty string for labels  that don't have a `<value>`,
+Use surrounding quotes or backslashes for labels that contain
+white space characters in the `<value>`:
+
+    LABEL vendor=ACME\ Incorporated
+    LABEL com.example.version.is-beta=
+    LABEL com.example.version.is-production=""
+    LABEL com.example.version="0.0.1-beta"
+    LABEL com.example.release-date="2015-02-12"
+
+The `LABEL` instruction also supports setting multiple `<key>` / `<value>` pairs
+in a single instruction:
+
+    LABEL com.example.version="0.0.1-beta" com.example.release-date="2015-02-12"
+
+Long lines can be split up by using a backslash (`\`) as continuation marker:
+
+    LABEL vendor=ACME\ Incorporated \
+          com.example.is-beta= \
+          com.example.is-production="" \
+          com.example.version="0.0.1-beta" \
+          com.example.release-date="2015-02-12"
+
+Docker recommends you add multiple labels in a single `LABEL` instruction. Using
+individual instructions for each label can result in an inefficient image. This
+is because each `LABEL` instruction in a Dockerfile produces a new IMAGE layer.
+
+You can view the labels via the `docker inspect` command:
+
+    $ docker inspect 4fa6e0f0c678
+
+    ...
+    "Labels": {
+        "vendor": "ACME Incorporated",
+        "com.example.is-beta": "",
+        "com.example.is-production": "",
+        "com.example.version": "0.0.1-beta",
+        "com.example.release-date": "2015-02-12"
+    }
+    ...
+
+    # Inspect labels on container
+    $ docker inspect -f "{{json .Config.Labels }}" 4fa6e0f0c678
+
+    {"Vendor":"ACME Incorporated","com.example.is-beta":"", "com.example.is-production":"", "com.example.version":"0.0.1-beta","com.example.release-date":"2015-02-12"}
+
+    # Inspect labels on images
+    $ docker inspect -f "{{json .ContainerConfig.Labels }}" myimage
+
+
+## Query labels
+
+Besides storing metadata, you can filter images and containers by label. To list all
+running containers that have the `com.example.is-beta` label:
+
+    # List all running containers that have a `com.example.is-beta` label
+    $ docker ps --filter "label=com.example.is-beta"
+
+List all running containers with the label `color` that have a value `blue`:
+
+    $ docker ps --filter "label=color=blue"
+
+List all images with the label `vendor` that have the value `ACME`:
+
+    $ docker images --filter "label=vendor=ACME"
+
+
+## Container labels
+
+    docker run \
+       -d \
+       --label com.example.group="webservers" \
+       --label com.example.environment="production" \
+       busybox \
+       top
+
+Please refer to the [Query labels](#query-labels) section above for information
+on how to query labels set on a container.
+
+
+## Daemon labels
+
+    docker daemon \
+      --dns 8.8.8.8 \
+      --dns 8.8.4.4 \
+      -H unix:///var/run/docker.sock \
+      --label com.example.environment="production" \
+      --label com.example.storage="ssd"
+
+These labels appear as part of the `docker info` output for the daemon:
+
+    $ docker -D info
+    Containers: 12
+     Running: 5
+     Paused: 2
+     Stopped: 5
+    Images: 672
+    Server Version: 1.9.0
+    Storage Driver: aufs
+     Root Dir: /var/lib/docker/aufs
+     Backing Filesystem: extfs
+     Dirs: 697
+     Dirperm1 Supported: true
+    Execution Driver: native-0.2
+    Logging Driver: json-file
+    Kernel Version: 3.19.0-22-generic
+    Operating System: Ubuntu 15.04
+    CPUs: 24
+    Total Memory: 62.86 GiB
+    Name: docker
+    ID: I54V:OLXT:HVMM:TPKO:JPHQ:CQCD:JNLC:O3BZ:4ZVJ:43XJ:PFHZ:6N2S
+    Debug mode (server): true
+     File Descriptors: 59
+     Goroutines: 159
+     System Time: 2015-09-23T14:04:20.699842089+08:00
+     EventsListeners: 0
+     Init SHA1:
+     Init Path: /usr/bin/docker
+     Docker Root Dir: /var/lib/docker
+     Http Proxy: http://test:test@localhost:8080
+     Https Proxy: https://test:test@localhost:8080
+    WARNING: No swap limit support
+    Username: svendowideit
+    Registry: [https://index.docker.io/v1/]
+    Labels:
+     com.example.environment=production
+     com.example.storage=ssd
diff --git a/docs/userguide/networking/configure-dns.md b/docs/userguide/networking/configure-dns.md
new file mode 100644
index 00000000..d248f429
--- /dev/null
+++ b/docs/userguide/networking/configure-dns.md
@@ -0,0 +1,138 @@
+<!--[metadata]>
++++
+title = "Configure container DNS in user-defined networks"
+description = "Learn how to configure DNS in user-defined networks"
+keywords = ["docker, DNS, network"]
+[menu.main]
+parent = "smn_networking"
++++
+<![end-metadata]-->
+
+# Embedded DNS server in user-defined networks
+
+The information in this section covers the embedded DNS server operation for
+containers in user-defined networks. DNS lookup for containers connected to
+user-defined networks works differently compared to the containers connected
+to `default bridge` network.
+
+> **Note**: In order to maintain backward compatibility, the DNS configuration
+> in `default bridge` network is retained with no behavioral change.
+> Please refer to the [DNS in default bridge network](default_network/configure-dns.md)
+> for more information on DNS configuration in the `default bridge` network.
+
+As of Docker 1.10, the docker daemon implements an embedded DNS server which
+provides built-in service discovery for any container created with a valid
+`name` or `net-alias` or aliased by `link`. The exact details of how Docker
+manages the DNS configurations inside the container can change from one Docker
+version to the next. So you should not assume the way the files such as
+`/etc/hosts`, `/etc/resolv.conf` are managed inside the containers and leave
+the files alone and use the following Docker options instead.
+
+Various container options that affect container domain name services.
+
+<table>
+  <tr>
+    <td>
+    <p>
+    <code>--name=CONTAINER-NAME</code>
+    </p>
+    </td>
+    <td>
+    <p>
+     Container name configured using <code>--name</code> is used to discover a container within
+     an user-defined docker network. The embedded DNS server maintains the mapping between
+     the container name and its IP address (on the network the container is connected to).
+    </p>
+    </td>
+  </tr>
+  <tr>
+    <td>
+    <p>
+    <code>--net-alias=ALIAS</code>
+    </p>
+    </td>
+    <td>
+    <p>
+     In addition to <code>--name</code> as described above, a container is discovered by one or more 
+     of its configured <code>--net-alias</code> (or <code>--alias</code> in <code>docker network connect</code> command)
+     within the user-defined network. The embedded DNS server maintains the mapping between
+     all of the container aliases and its IP address on a specific user-defined network.
+     A container can have different aliases in different networks by using the <code>--alias</code>
+     option in <code>docker network connect</code> command.
+    </p>
+    </td>
+  </tr>
+  <tr>
+    <td>
+    <p>
+    <code>--link=CONTAINER_NAME:ALIAS</code>
+    </p>
+    </td>
+    <td>
+    <p>
+      Using this option as you <code>run</code> a container gives the embedded DNS
+      an extra entry named <code>ALIAS</code> that points to the IP address
+      of the container identified by <code>CONTAINER_NAME</code>. When using <code>--link</code>
+      the embedded DNS will guarantee that localized lookup result only on that
+      container where the <code>--link</code> is used. This lets processes inside the new container 
+      connect to container without having to know its name or IP.
+    </p>
+    </td>
+  </tr>
+  <tr>
+    <td><p>
+    <code>--dns=[IP_ADDRESS...]</code>
+    </p></td>
+    <td><p>
+     The IP addresses passed via the <code>--dns</code> option is used by the embedded DNS
+     server to forward the DNS query if embedded DNS server is unable to resolve a name
+     resolution request from the containers.
+     These  <code>--dns</code> IP addresses are managed by the embedded DNS server and
+     will not be updated in the container's <code>/etc/resolv.conf</code> file.
+  </tr>
+  <tr>
+    <td><p>
+    <code>--dns-search=DOMAIN...</code>
+    </p></td>
+    <td><p>
+    Sets the domain names that are searched when a bare unqualified hostname is
+    used inside of the container. These <code>--dns-search</code> options are managed by the
+    embedded DNS server and will not be updated in the container's <code>/etc/resolv.conf</code> file.
+    When a container process attempts to access <code>host</code> and the search
+    domain <code>example.com</code> is set, for instance, the DNS logic will not only
+    look up <code>host</code> but also <code>host.example.com</code>.
+    </p>
+    </td>
+  </tr>
+  <tr>
+    <td><p>
+    <code>--dns-opt=OPTION...</code>
+    </p></td>
+    <td><p>
+      Sets the options used by DNS resolvers. These options are managed by the embedded
+      DNS server and will not be updated in the container's <code>/etc/resolv.conf</code> file.
+    </p>
+    <p>
+    See documentation for <code>resolv.conf</code> for a list of valid options
+    </p></td>
+  </tr>
+</table>
+
+
+In the absence of the `--dns=IP_ADDRESS...`, `--dns-search=DOMAIN...`, or
+`--dns-opt=OPTION...` options, Docker uses the `/etc/resolv.conf` of the
+host machine (where the `docker` daemon runs). While doing so the daemon
+filters out all localhost IP address `nameserver` entries from the host's
+original file.
+
+Filtering is necessary because all localhost addresses on the host are
+unreachable from the container's network. After this filtering, if there are
+no more `nameserver` entries left in the container's `/etc/resolv.conf` file,
+the daemon adds public Google DNS nameservers (8.8.8.8 and 8.8.4.4) to the
+container's DNS configuration. If IPv6 is enabled on the daemon, the public
+IPv6 Google DNS nameservers will also be added (2001:4860:4860::8888 and
+2001:4860:4860::8844).
+
+> **Note**: If you need access to a host's localhost resolver, you must modify
+> your DNS service on the host to listen on a non-localhost address that is
+> reachable from within the container.
diff --git a/docs/userguide/networking/default_network/binding.md b/docs/userguide/networking/default_network/binding.md
new file mode 100644
index 00000000..d8799f4f
--- /dev/null
+++ b/docs/userguide/networking/default_network/binding.md
@@ -0,0 +1,103 @@
+<!--[metadata]>
++++
+title = "Bind container ports to the host"
+description = "expose, port, docker, bind publish"
+keywords = ["Examples, Usage, network, docker, documentation, user guide, multihost, cluster"]
+[menu.main]
+parent = "smn_networking_def"
++++
+<![end-metadata]-->
+
+# Bind container ports to the host
+
+The information in this section explains binding container ports within the Docker default bridge. This is a `bridge` network named `bridge` created automatically when you install Docker.
+
+> **Note**: The [Docker networks feature](../dockernetworks.md) allows you to
+create user-defined networks in addition to the default bridge network.
+
+By default Docker containers can make connections to the outside world, but the
+outside world cannot connect to containers. Each outgoing connection will
+appear to originate from one of the host machine's own IP addresses thanks to an
+`iptables` masquerading rule on the host machine that the Docker server creates
+when it starts:
+
+```
+$ sudo iptables -t nat -L -n
+...
+Chain POSTROUTING (policy ACCEPT)
+target     prot opt source               destination
+MASQUERADE  all  --  172.17.0.0/16       0.0.0.0/0
+...
+```
+The Docker server creates a masquerade rule that let containers connect to IP
+addresses in the outside world.
+
+If you want containers to accept incoming connections, you will need to provide
+special options when invoking `docker run`. There are two approaches.
+
+First, you can supply `-P` or `--publish-all=true|false` to `docker run` which
+is a blanket operation that identifies every port with an `EXPOSE` line in the
+image's `Dockerfile` or `--expose <port>` commandline flag and maps it to a host
+port somewhere within an _ephemeral port range_. The `docker port` command then
+needs to be used to inspect created mapping. The _ephemeral port range_ is
+configured by `/proc/sys/net/ipv4/ip_local_port_range` kernel parameter,
+typically ranging from 32768 to 61000.
+
+Mapping can be specified explicitly using `-p SPEC` or `--publish=SPEC` option.
+It allows you to particularize which port on docker server - which can be any
+port at all, not just one within the _ephemeral port range_ -- you want mapped
+to which port in the container.
+
+Either way, you should be able to peek at what Docker has accomplished in your
+network stack by examining your NAT tables.
+
+```
+# What your NAT rules might look like when Docker
+# is finished setting up a -P forward:
+
+$ iptables -t nat -L -n
+...
+Chain DOCKER (2 references)
+target     prot opt source               destination
+DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:49153 to:172.17.0.2:80
+
+# What your NAT rules might look like when Docker
+# is finished setting up a -p 80:80 forward:
+
+Chain DOCKER (2 references)
+target     prot opt source               destination
+DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:80 to:172.17.0.2:80
+```
+
+You can see that Docker has exposed these container ports on `0.0.0.0`, the
+wildcard IP address that will match any possible incoming port on the host
+machine. If you want to be more restrictive and only allow container services to
+be contacted through a specific external interface on the host machine, you have
+two choices. When you invoke `docker run` you can use either `-p
+IP:host_port:container_port` or `-p IP::port` to specify the external interface
+for one particular binding.
+
+Or if you always want Docker port forwards to bind to one specific IP address,
+you can edit your system-wide Docker server settings and add the option
+`--ip=IP_ADDRESS`. Remember to restart your Docker server after editing this
+setting.
+
+> **Note**: With hairpin NAT enabled (`--userland-proxy=false`), containers port
+exposure is achieved purely through iptables rules, and no attempt to bind the
+exposed port is ever made. This means that nothing prevents shadowing a
+previously listening service outside of Docker through exposing the same port
+for a container. In such conflicting situation, Docker created iptables rules
+will take precedence and route to the container.
+
+The `--userland-proxy` parameter, true by default, provides a userland
+implementation for inter-container and outside-to-container communication. When
+disabled, Docker uses both an additional `MASQUERADE` iptable rule and the
+`net.ipv4.route_localnet` kernel parameter which allow the host machine to
+connect to a local container exposed port through the commonly used loopback
+address: this alternative is preferred for performance reasons.
+
+## Related information
+
+- [Understand Docker container networks](../dockernetworks.md)
+- [Work with network commands](../work-with-networks.md)
+- [Legacy container links](dockerlinks.md)
diff --git a/docs/userguide/networking/default_network/build-bridges.md b/docs/userguide/networking/default_network/build-bridges.md
new file mode 100644
index 00000000..73f35e35
--- /dev/null
+++ b/docs/userguide/networking/default_network/build-bridges.md
@@ -0,0 +1,78 @@
+<!--[metadata]>
++++
+title = "Build your own bridge"
+description = "Learn how to build your own bridge interface"
+keywords = ["docker, bridge, docker0, network"]
+[menu.main]
+parent = "smn_networking_def"
++++
+<![end-metadata]-->
+
+# Build your own bridge
+
+This section explains how to build your own bridge to replace the Docker default
+bridge. This is a `bridge` network named `bridge` created automatically when you
+install Docker.
+
+> **Note**: The [Docker networks feature](../dockernetworks.md) allows you to
+create user-defined networks in addition to the default bridge network.
+
+You can set up your own bridge before starting Docker and use `-b BRIDGE` or
+`--bridge=BRIDGE` to tell Docker to use your bridge instead. If you already
+have Docker up and running with its default `docker0` still configured,
+you can directly create your bridge and restart Docker with it or want to begin by
+stopping the service and removing the interface:
+
+```
+# Stopping Docker and removing docker0
+
+$ sudo service docker stop
+$ sudo ip link set dev docker0 down
+$ sudo brctl delbr docker0
+$ sudo iptables -t nat -F POSTROUTING
+```
+
+Then, before starting the Docker service, create your own bridge and give it
+whatever configuration you want. Here we will create a simple enough bridge
+that we really could just have used the options in the previous section to
+customize `docker0`, but it will be enough to illustrate the technique.
+
+```
+# Create our own bridge
+
+$ sudo brctl addbr bridge0
+$ sudo ip addr add 192.168.5.1/24 dev bridge0
+$ sudo ip link set dev bridge0 up
+
+# Confirming that our bridge is up and running
+
+$ ip addr show bridge0
+4: bridge0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state UP group default
+    link/ether 66:38:d0:0d:76:18 brd ff:ff:ff:ff:ff:ff
+    inet 192.168.5.1/24 scope global bridge0
+       valid_lft forever preferred_lft forever
+
+# Tell Docker about it and restart (on Ubuntu)
+
+$ echo 'DOCKER_OPTS="-b=bridge0"' >> /etc/default/docker
+$ sudo service docker start
+
+# Confirming new outgoing NAT masquerade is set up
+
+$ sudo iptables -t nat -L -n
+...
+Chain POSTROUTING (policy ACCEPT)
+target     prot opt source               destination
+MASQUERADE  all  --  192.168.5.0/24      0.0.0.0/0
+```
+
+The result should be that the Docker server starts successfully and is now
+prepared to bind containers to the new bridge. After pausing to verify the
+bridge's configuration, try creating a container -- you will see that its IP
+address is in your new IP address range, which Docker will have auto-detected.
+
+You can use the `brctl show` command to see Docker add and remove interfaces
+from the bridge as you start and stop containers, and can run `ip addr` and `ip
+route` inside a container to see that it has been given an address in the
+bridge's IP address range and has been told to use the Docker host's IP address
+on the bridge as its default gateway to the rest of the Internet.
diff --git a/docs/userguide/networking/default_network/configure-dns.md b/docs/userguide/networking/default_network/configure-dns.md
new file mode 100644
index 00000000..2703aca1
--- /dev/null
+++ b/docs/userguide/networking/default_network/configure-dns.md
@@ -0,0 +1,132 @@
+<!--[metadata]>
++++
+title = "Configure container DNS"
+description = "Learn how to configure DNS in Docker"
+keywords = ["docker, bridge, docker0, network"]
+[menu.main]
+parent = "smn_networking_def"
++++
+<![end-metadata]-->
+
+# Configure container DNS
+
+The information in this section explains configuring container DNS within
+the Docker default bridge. This is a `bridge` network named `bridge` created
+automatically when you install Docker.  
+
+> **Note**: The [Docker networks feature](../dockernetworks.md) allows you to create user-defined networks in addition to the default bridge network. Please refer to the [Docker Embedded DNS](../configure-dns.md) section for more information on DNS configurations in user-defined networks.
+
+How can Docker supply each container with a hostname and DNS configuration, without having to build a custom image with the hostname written inside?  Its trick is to overlay three crucial `/etc` files inside the container with virtual files where it can write fresh information.  You can see this by running `mount` inside a container:
+
+```
+$$ mount
+...
+/dev/disk/by-uuid/1fec...ebdf on /etc/hostname type ext4 ...
+/dev/disk/by-uuid/1fec...ebdf on /etc/hosts type ext4 ...
+/dev/disk/by-uuid/1fec...ebdf on /etc/resolv.conf type ext4 ...
+...
+```
+
+This arrangement allows Docker to do clever things like keep `resolv.conf` up to date across all containers when the host machine receives new configuration over DHCP later.  The exact details of how Docker maintains these files inside the container can change from one Docker version to the next, so you should leave the files themselves alone and use the following Docker options instead.
+
+Four different options affect container domain name services.
+
+<table>
+  <tr>
+    <td>
+    <p>
+    <code>-h HOSTNAME</code> or <code>--hostname=HOSTNAME</code>
+    </p>
+    </td>
+    <td>
+    <p>
+      Sets the hostname by which the container knows itself.  This is written
+      into <code>/etc/hostname</code>, into <code>/etc/hosts</code> as the name
+      of the container's host-facing IP address, and is the name that
+      <code>/bin/bash</code> inside the container will display inside its
+      prompt.  But the hostname is not easy to see from outside the container.
+      It will not appear in <code>docker ps</code> nor in the
+      <code>/etc/hosts</code> file of any other container.
+    </p>
+    </td>
+  </tr>
+  <tr>
+    <td>
+    <p>
+    <code>--link=CONTAINER_NAME</code> or <code>ID:ALIAS</code>
+    </p>
+    </td>
+    <td>
+    <p>
+      Using this option as you <code>run</code> a container gives the new
+      container's <code>/etc/hosts</code> an extra entry named
+      <code>ALIAS</code> that points to the IP address of the container
+      identified by <code>CONTAINER_NAME_or_ID</code>. This lets processes
+      inside the new container connect to the hostname <code>ALIAS</code>
+      without having to know its IP.  The <code>--link=</code> option is
+      discussed in more detail below. Because Docker may assign a different IP
+      address to the linked containers on restart, Docker updates the
+      <code>ALIAS</code> entry in the <code>/etc/hosts</code> file of the
+      recipient containers.   
+</p>
+    </td>
+  </tr>
+  <tr>
+    <td><p>
+    <code>--dns=IP_ADDRESS...</code>
+    </p></td>
+    <td><p>
+     Sets the IP addresses added as <code>server</code> lines to the container's
+     <code>/etc/resolv.conf</code> file.  Processes in the container, when
+     confronted with a hostname not in <code>/etc/hosts</code>, will connect to
+     these IP addresses on port 53 looking for name resolution services.     </p></td>
+  </tr>
+  <tr>
+    <td><p>
+    <code>--dns-search=DOMAIN...</code>
+    </p></td>
+    <td><p>
+    Sets the domain names that are searched when a bare unqualified hostname is
+    used inside of the container, by writing <code>search</code> lines into the
+    container's <code>/etc/resolv.conf</code>. When a container process attempts
+    to access <code>host</code> and the search domain <code>example.com</code>
+    is set, for instance, the DNS logic will not only look up <code>host</code>
+    but also <code>host.example.com</code>.
+    </p>
+    <p>
+    Use <code>--dns-search=.</code> if you don't wish to set the search domain.
+    </p>
+    </td>
+  </tr>
+  <tr>
+    <td><p>
+    <code>--dns-opt=OPTION...</code>
+    </p></td>
+    <td><p>
+      Sets the options used by DNS resolvers by writing an <code>options<code>
+      line into the container's <code>/etc/resolv.conf<code>.
+    </p>
+    <p>
+    See documentation for <code>resolv.conf<code> for a list of valid options
+    </p></td>
+  </tr>
+  <tr>
+    <td><p></p></td>
+    <td><p></p></td>
+  </tr>
+</table>
+
+
+Regarding DNS settings, in the absence of the `--dns=IP_ADDRESS...`, `--dns-search=DOMAIN...`, or `--dns-opt=OPTION...` options, Docker makes each container's `/etc/resolv.conf` look like the `/etc/resolv.conf` of the host machine (where the `docker` daemon runs).  When creating the container's `/etc/resolv.conf`, the daemon filters out all localhost IP address `nameserver` entries from the host's original file.
+
+Filtering is necessary because all localhost addresses on the host are unreachable from the container's network.  After this filtering, if there  are no more `nameserver` entries left in the container's `/etc/resolv.conf` file, the daemon adds public Google DNS nameservers (8.8.8.8 and 8.8.4.4) to the container's DNS configuration.  If IPv6 is enabled on the daemon, the public IPv6 Google DNS nameservers will also be added (2001:4860:4860::8888 and 2001:4860:4860::8844).
+
+> **Note**: If you need access to a host's localhost resolver, you must modify your DNS service on the host to listen on a non-localhost address that is reachable from within the container.
+
+You might wonder what happens when the host machine's `/etc/resolv.conf` file changes.  The `docker` daemon has a file change notifier active which will watch for changes to the host DNS configuration.
+
+> **Note**: The file change notifier relies on the Linux kernel's inotify feature. Because this feature is currently incompatible with the overlay filesystem  driver, a Docker daemon using "overlay" will not be able to take advantage of the `/etc/resolv.conf` auto-update feature.
+
+When the host file changes, all stopped containers which have a matching `resolv.conf` to the host will be updated immediately to this newest host configuration.  Containers which are running when the host configuration changes will need to stop and start to pick up the host changes due to lack of a facility to ensure atomic writes of the `resolv.conf` file while the container is running. If the container's `resolv.conf` has been edited since it was started with the default configuration, no replacement will be attempted as it would overwrite the changes performed by the container. If the options (`--dns`, `--dns-search`, or `--dns-opt`) have been used to modify the default host configuration, then the replacement with an updated host's `/etc/resolv.conf` will not happen as well.
+
+> **Note**: For containers which were created prior to the implementation of the `/etc/resolv.conf` update feature in Docker 1.5.0: those containers will **not** receive updates when the host `resolv.conf` file changes. Only containers created with Docker 1.5.0 and above will utilize this auto-update feature.
diff --git a/docs/userguide/networking/default_network/container-communication.md b/docs/userguide/networking/default_network/container-communication.md
new file mode 100644
index 00000000..6b93681a
--- /dev/null
+++ b/docs/userguide/networking/default_network/container-communication.md
@@ -0,0 +1,125 @@
+<!--[metadata]>
++++
+title = "Understand container communication"
+description = "Understand container communication"
+keywords = ["docker, container, communication, network"]
+[menu.main]
+parent = "smn_networking_def"
++++
+<![end-metadata]-->
+
+# Understand container communication
+
+The information in this section explains container communication within the
+Docker default bridge. This is a `bridge` network named `bridge` created
+automatically when you install Docker.  
+
+**Note**: The [Docker networks feature](../dockernetworks.md) allows you to create user-defined networks in addition to the default bridge network.
+
+## Communicating to the outside world
+
+Whether a container can talk to the world is governed by two factors. The first
+factor is whether the host machine is forwarding its IP packets. The second is
+whether the host's `iptables` allow this particular connection.
+
+IP packet forwarding is governed by the `ip_forward` system parameter.  Packets
+can only pass between containers if this parameter is `1`.  Usually you will
+simply leave the Docker server at its default setting `--ip-forward=true` and
+Docker will go set `ip_forward` to `1` for you when the server starts up. If you
+set `--ip-forward=false` and your system's kernel has it enabled, the
+`--ip-forward=false` option has no effect. To check the setting on your kernel
+or to turn it on manually:
+```
+  $ sysctl net.ipv4.conf.all.forwarding
+  net.ipv4.conf.all.forwarding = 0
+  $ sysctl net.ipv4.conf.all.forwarding=1
+  $ sysctl net.ipv4.conf.all.forwarding
+  net.ipv4.conf.all.forwarding = 1
+```
+
+Many using Docker will want `ip_forward` to be on, to at least make
+communication _possible_ between containers and the wider world. May also be
+needed for inter-container communication if you are in a multiple bridge setup.
+
+Docker will   never make changes to your system `iptables` rules if you set
+`--iptables=false` when the daemon starts.  Otherwise the Docker server will
+append forwarding rules to the `DOCKER` filter chain.
+
+Docker will not delete or modify any pre-existing rules from the `DOCKER` filter
+chain. This allows the user to create in advance any rules required to further
+restrict access to the containers.
+
+Docker's forward rules permit all external source IPs by default. To allow only
+a specific IP or network to access the containers, insert a negated rule at the
+top of the `DOCKER` filter chain. For example, to restrict external access such
+that _only_ source IP 8.8.8.8 can access the containers, the following rule
+could be added:
+
+```
+$ iptables -I DOCKER -i ext_if ! -s 8.8.8.8 -j DROP
+```
+
+where *ext_if* is the name of the interface providing external connectivity to the host.
+
+##  Communication between containers
+
+Whether two containers can communicate is governed, at the operating system level, by two factors.
+
+- Does the network topology even connect the containers' network interfaces?  By default Docker will attach all containers to a single `docker0` bridge, providing a path for packets to travel between them.  See the later sections of this document for other possible topologies.
+
+- Do your `iptables` allow this particular connection? Docker will never make changes to your system `iptables` rules if you set `--iptables=false` when the daemon starts.  Otherwise the Docker server will add a default rule to the `FORWARD` chain with a blanket `ACCEPT` policy if you retain the default `--icc=true`, or else will set the policy to `DROP` if `--icc=false`.
+
+It is a strategic question whether to leave `--icc=true` or change it to
+`--icc=false` so that `iptables` will protect other containers -- and the main
+host -- from having arbitrary ports probed or accessed by a container that gets
+compromised.
+
+If you choose the most secure setting of `--icc=false`, then how can containers
+communicate in those cases where you _want_ them to provide each other services?
+The answer is the `--link=CONTAINER_NAME_or_ID:ALIAS` option, which was
+mentioned in the previous section because of its effect upon name services.  If
+the Docker daemon is running with both `--icc=false` and `--iptables=true`
+then, when it sees `docker run` invoked with the `--link=` option, the Docker
+server will insert a pair of `iptables` `ACCEPT` rules so that the new
+container can connect to the ports exposed by the other container -- the ports
+that it mentioned in the `EXPOSE` lines of its `Dockerfile`.  
+
+> **Note**: The value `CONTAINER_NAME` in `--link=` must either be an
+auto-assigned Docker name like `stupefied_pare` or else the name you assigned
+with `--name=` when you ran `docker run`.  It cannot be a hostname, which Docker
+will not recognize in the context of the `--link=` option.
+
+You can run the `iptables` command on your Docker host to see whether the `FORWARD` chain has a default policy of `ACCEPT` or `DROP`:
+
+```
+# When --icc=false, you should see a DROP rule:
+
+$ sudo iptables -L -n
+...
+Chain FORWARD (policy ACCEPT)
+target     prot opt source               destination
+DOCKER     all  --  0.0.0.0/0            0.0.0.0/0
+DROP       all  --  0.0.0.0/0            0.0.0.0/0
+...
+
+# When a --link= has been created under --icc=false,
+# you should see port-specific ACCEPT rules overriding
+# the subsequent DROP policy for all other packets:
+
+$ sudo iptables -L -n
+...
+Chain FORWARD (policy ACCEPT)
+target     prot opt source               destination
+DOCKER     all  --  0.0.0.0/0            0.0.0.0/0
+DROP       all  --  0.0.0.0/0            0.0.0.0/0
+
+Chain DOCKER (1 references)
+target     prot opt source               destination
+ACCEPT     tcp  --  172.17.0.2           172.17.0.3           tcp spt:80
+ACCEPT     tcp  --  172.17.0.3           172.17.0.2           tcp dpt:80
+```
+
+> **Note**: Docker is careful that its host-wide `iptables` rules fully expose
+containers to each other's raw IP addresses, so connections from one container
+to another should always appear to be originating from the first container's own
+IP address.
diff --git a/docs/userguide/networking/default_network/custom-docker0.md b/docs/userguide/networking/default_network/custom-docker0.md
new file mode 100644
index 00000000..6178b06a
--- /dev/null
+++ b/docs/userguide/networking/default_network/custom-docker0.md
@@ -0,0 +1,62 @@
+<!--[metadata]>
++++
+title = "Customize the docker0 bridge"
+description = "Customizing docker0"
+keywords = ["docker, bridge, docker0, network"]
+[menu.main]
+parent = "smn_networking_def"
++++
+<![end-metadata]-->
+
+# Customize the docker0 bridge
+
+The information in this section explains how to customize the Docker default bridge. This is a `bridge` network named `bridge` created automatically when you install Docker.  
+
+**Note**: The [Docker networks feature](../dockernetworks.md) allows you to create user-defined networks in addition to the default bridge network.
+
+By default, the Docker server creates and configures the host system's `docker0` interface as an _Ethernet bridge_ inside the Linux kernel that can pass packets back and forth between other physical or virtual network interfaces so that they behave as a single Ethernet network.
+
+Docker configures `docker0` with an IP address, netmask and IP allocation range. The host machine can both receive and send packets to containers connected to the bridge, and gives it an MTU -- the _maximum transmission unit_ or largest packet length that the interface will allow -- of 1,500 bytes. These options are configurable at server startup:
+
+- `--bip=CIDR` -- supply a specific IP address and netmask for the `docker0` bridge, using standard CIDR notation like `192.168.1.5/24`.
+
+- `--fixed-cidr=CIDR` -- restrict the IP range from the `docker0` subnet, using the standard CIDR notation like `172.167.1.0/28`. This range must be an IPv4 range for fixed IPs (ex: 10.20.0.0/16) and must be a subset of the bridge IP range (`docker0` or set using `--bridge`). For example with `--fixed-cidr=192.168.1.0/25`, IPs for your containers will be chosen from the first half of `192.168.1.0/24` subnet.
+
+- `--mtu=BYTES` -- override the maximum packet length on `docker0`.
+
+Once you have one or more containers up and running, you can confirm that Docker has properly connected them to the `docker0` bridge by running the `brctl` command on the host machine and looking at the `interfaces` column of the output.  Here is a host with two different containers connected:
+
+```
+# Display bridge info
+
+$ sudo brctl show
+bridge name     bridge id               STP enabled     interfaces
+docker0         8000.3a1d7362b4ee       no              veth65f9
+                                                        vethdda6
+```
+
+If the `brctl` command is not installed on your Docker host, then on Ubuntu you should be able to run `sudo apt-get install bridge-utils` to install it.
+
+Finally, the `docker0` Ethernet bridge settings are used every time you create a new container.  Docker selects a free IP address from the range available on the bridge each time you `docker run` a new container, and configures the container's `eth0` interface with that IP address and the bridge's netmask.  The Docker host's own IP address on the bridge is used as the default gateway by which each container reaches the rest of the Internet.
+
+```
+# The network, as seen from a container
+
+$ docker run -i -t --rm base /bin/bash
+
+$$ ip addr show eth0
+24: eth0: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
+    link/ether 32:6f:e0:35:57:91 brd ff:ff:ff:ff:ff:ff
+    inet 172.17.0.3/16 scope global eth0
+       valid_lft forever preferred_lft forever
+    inet6 fe80::306f:e0ff:fe35:5791/64 scope link
+       valid_lft forever preferred_lft forever
+
+$$ ip route
+default via 172.17.42.1 dev eth0
+172.17.0.0/16 dev eth0  proto kernel  scope link  src 172.17.0.3
+
+$$ exit
+```
+
+Remember that the Docker host will not be willing to forward container packets out on to the Internet unless its `ip_forward` system setting is `1` -- see the section on [Communicating to the outside world](container-communication.md#communicating-to-the-outside-world) for details.
diff --git a/docs/userguide/networking/default_network/dockerlinks.md b/docs/userguide/networking/default_network/dockerlinks.md
new file mode 100644
index 00000000..cee84cbd
--- /dev/null
+++ b/docs/userguide/networking/default_network/dockerlinks.md
@@ -0,0 +1,358 @@
+<!--[metadata]>
++++
+title = "Legacy container links"
+description = "Learn how to connect Docker containers together."
+keywords = ["Examples, Usage, user guide, links, linking, docker, documentation, examples, names, name, container naming, port, map, network port,  network"]
+[menu.main]
+parent = "smn_networking_def"
+weight=-2
++++
+<![end-metadata]-->
+
+# Legacy container links
+
+The information in this section explains legacy container links within the Docker default bridge. This is a `bridge` network named `bridge` created automatically when you install Docker. 
+
+Before the [Docker networks feature](../dockernetworks.md), you could use the
+Docker link feature to allow containers to discover each other and securely
+transfer information about one container to another container. With the
+introduction of the Docker networks feature, you can still create links but they
+behave differently between default `bridge` network and
+[user defined networks](../work-with-networks.md#linking-containers-in-user-defined-networks)
+
+This section briefly discusses connecting via a network port and then goes into
+detail on container linking in default `bridge` network.
+
+## Connect using network port mapping
+
+In [the Using Docker section](../../containers/usingdocker.md), you created a
+container that ran a Python Flask application:
+
+    $ docker run -d -P training/webapp python app.py
+
+> **Note:**
+> Containers have an internal network and an IP address
+> (as we saw when we used the `docker inspect` command to show the container's
+> IP address in the [Using Docker](../../containers/usingdocker.md) section).
+> Docker can have a variety of network configurations. You can see more
+> information on Docker networking [here](../index.md).
+
+When that container was created, the `-P` flag was used to automatically map
+any network port inside it to a random high port within an *ephemeral port
+range* on your Docker host. Next, when `docker ps` was run, you saw that port
+5000 in the container was bound to port 49155 on the host.
+
+    $ docker ps nostalgic_morse
+    CONTAINER ID  IMAGE                   COMMAND       CREATED        STATUS        PORTS                    NAMES
+    bc533791f3f5  training/webapp:latest  python app.py 5 seconds ago  Up 2 seconds  0.0.0.0:49155->5000/tcp  nostalgic_morse
+
+You also saw how you can bind a container's ports to a specific port using
+the `-p` flag. Here port 80 of the host is mapped to port 5000 of the
+container:
+
+    $ docker run -d -p 80:5000 training/webapp python app.py
+
+And you saw why this isn't such a great idea because it constrains you to
+only one container on that specific port.
+
+Instead, you may specify a range of host ports to bind a container port to
+that is different than the default *ephemeral port range*:
+
+    $ docker run -d -p 8000-9000:5000 training/webapp python app.py
+
+This would bind port 5000 in the container to a randomly available port
+between 8000 and 9000 on the host.
+
+There are also a few other ways you can configure the `-p` flag. By
+default the `-p` flag will bind the specified port to all interfaces on
+the host machine. But you can also specify a binding to a specific
+interface, for example only to the `localhost`.
+
+    $ docker run -d -p 127.0.0.1:80:5000 training/webapp python app.py
+
+This would bind port 5000 inside the container to port 80 on the
+`localhost` or `127.0.0.1` interface on the host machine.
+
+Or, to bind port 5000 of the container to a dynamic port but only on the
+`localhost`, you could use:
+
+    $ docker run -d -p 127.0.0.1::5000 training/webapp python app.py
+
+You can also bind UDP ports by adding a trailing `/udp`. For example:
+
+    $ docker run -d -p 127.0.0.1:80:5000/udp training/webapp python app.py
+
+You also learned about the useful `docker port` shortcut which showed us the
+current port bindings. This is also useful for showing you specific port
+configurations. For example, if you've bound the container port to the
+`localhost` on the host machine, then the `docker port` output will reflect that.
+
+    $ docker port nostalgic_morse 5000
+    127.0.0.1:49155
+
+> **Note:**
+> The `-p` flag can be used multiple times to configure multiple ports.
+
+## Connect with the linking system
+
+> **Note**:
+> This section covers the legacy link feature in the default `bridge` network.
+> Please refer to [linking containers in user-defined networks]
+> (../work-with-networks.md#linking-containers-in-user-defined-networks)
+> for more information on links in user-defined networks.
+
+Network port mappings are not the only way Docker containers can connect to one
+another. Docker also has a linking system that allows you to link multiple
+containers together and send connection information from one to another. When
+containers are linked, information about a source container can be sent to a
+recipient container. This allows the recipient to see selected data describing
+aspects of the source container.
+
+### The importance of naming
+
+To establish links, Docker relies on the names of your containers.
+You've already seen that each container you create has an automatically
+created name; indeed you've become familiar with our old friend
+`nostalgic_morse` during this guide. You can also name containers
+yourself. This naming provides two useful functions:
+
+1. It can be useful to name containers that do specific functions in a way
+   that makes it easier for you to remember them, for example naming a
+   container containing a web application `web`.
+
+2. It provides Docker with a reference point that allows it to refer to other
+   containers, for example, you can specify to link the container `web` to container `db`.
+
+You can name your container by using the `--name` flag, for example:
+
+    $ docker run -d -P --name web training/webapp python app.py
+
+This launches a new container and uses the `--name` flag to
+name the container `web`. You can see the container's name using the
+`docker ps` command.
+
+    $ docker ps -l
+    CONTAINER ID  IMAGE                  COMMAND        CREATED       STATUS       PORTS                    NAMES
+    aed84ee21bde  training/webapp:latest python app.py  12 hours ago  Up 2 seconds 0.0.0.0:49154->5000/tcp  web
+
+You can also use `docker inspect` to return the container's name.
+
+
+> **Note:**
+> Container names have to be unique. That means you can only call
+> one container `web`. If you want to re-use a container name you must delete
+> the old container (with `docker rm`) before you can create a new
+> container with the same name. As an alternative you can use the `--rm`
+> flag with the `docker run` command. This will delete the container
+> immediately after it is stopped.
+
+## Communication across links
+
+Links allow containers to discover each other and securely transfer information
+about one container to another container. When you set up a link, you create a
+conduit between a source container and a recipient container. The recipient can
+then access select data about the source. To create a link, you use the `--link`
+flag. First, create a new container, this time one containing a database.
+
+    $ docker run -d --name db training/postgres
+
+This creates a new container called `db` from the `training/postgres`
+image, which contains a PostgreSQL database.
+
+Now, you need to delete the `web` container you created previously so you can replace it
+with a linked one:
+
+    $ docker rm -f web
+
+Now, create a new `web` container and link it with your `db` container.
+
+    $ docker run -d -P --name web --link db:db training/webapp python app.py
+
+This will link the new `web` container with the `db` container you created
+earlier. The `--link` flag takes the form:
+
+    --link <name or id>:alias
+
+Where `name` is the name of the container we're linking to and `alias` is an
+alias for the link name. You'll see how that alias gets used shortly.
+The `--link` flag also takes the form:
+
+	--link <name or id>
+
+In which case the alias will match the name. You could have written the previous
+example as:
+
+    $ docker run -d -P --name web --link db training/webapp python app.py
+
+Next, inspect your linked containers with `docker inspect`:
+
+    $ docker inspect -f "{{ .HostConfig.Links }}" web
+    [/db:/web/db]
+
+You can see that the `web` container is now linked to the `db` container
+`web/db`. Which allows it to access information about the `db` container.
+
+So what does linking the containers actually do? You've learned that a link allows a
+source container to provide information about itself to a recipient container. In
+our example, the recipient, `web`, can access information about the source `db`. To do
+this, Docker creates a secure tunnel between the containers that doesn't need to
+expose any ports externally on the container; you'll note when we started the
+`db` container we did not use either the `-P` or `-p` flags. That's a big benefit of
+linking: we don't need to expose the source container, here the PostgreSQL database, to
+the network.
+
+Docker exposes connectivity information for the source container to the
+recipient container in two ways:
+
+* Environment variables,
+* Updating the `/etc/hosts` file.
+
+### Environment variables
+
+Docker creates several environment variables when you link containers. Docker
+automatically creates environment variables in the target container based on
+the `--link` parameters.  It will also expose all environment variables
+originating from Docker from the source container. These include variables from:
+
+* the `ENV` commands in the source container's Dockerfile
+* the `-e`, `--env` and `--env-file` options on the `docker run`
+command when the source container is started
+
+These environment variables enable programmatic discovery from within the
+target container of information related to the source container.
+
+> **Warning**:
+> It is important to understand that *all* environment variables originating
+> from Docker within a container are made available to *any* container
+> that links to it. This could have serious security implications if sensitive
+> data is stored in them.
+
+Docker sets an `<alias>_NAME` environment variable for each target container
+listed in the `--link` parameter. For example, if a new container called
+`web` is linked to a database container called `db` via `--link db:webdb`,
+then Docker creates a `WEBDB_NAME=/web/webdb` variable in the `web` container.
+
+Docker also defines a set of environment variables for each port exposed by the
+source container.  Each variable has a unique prefix in the form:
+
+`<name>_PORT_<port>_<protocol>`
+
+The components in this prefix are:
+
+* the alias `<name>` specified in the `--link` parameter (for example, `webdb`)
+* the `<port>` number exposed
+* a `<protocol>` which is either TCP or UDP
+
+Docker uses this prefix format to define three distinct environment variables:
+
+* The `prefix_ADDR` variable contains the IP Address from the URL, for
+example `WEBDB_PORT_5432_TCP_ADDR=172.17.0.82`.
+* The `prefix_PORT` variable contains just the port number from the URL for
+example `WEBDB_PORT_5432_TCP_PORT=5432`.
+* The `prefix_PROTO` variable contains just the protocol from the URL for
+example `WEBDB_PORT_5432_TCP_PROTO=tcp`.
+
+If the container exposes multiple ports, an environment variable set is
+defined for each one. This means, for example, if a container exposes 4 ports
+that Docker creates 12 environment variables, 3 for each port.
+
+Additionally, Docker creates an environment variable called `<alias>_PORT`.
+This variable contains the URL of the source container's first exposed port.
+The  'first' port is defined as the exposed port with the lowest number.
+For example, consider the `WEBDB_PORT=tcp://172.17.0.82:5432` variable.  If
+that port is used for both tcp and udp, then the tcp one is specified.
+
+Finally, Docker also exposes each Docker originated environment variable
+from the source container as an environment variable in the target. For each
+variable Docker creates an `<alias>_ENV_<name>` variable in the target
+container. The variable's value is set to the value Docker used when it
+started the source container.
+
+Returning back to our database example, you can run the `env`
+command to list the specified container's environment variables.
+
+```
+    $ docker run --rm --name web2 --link db:db training/webapp env
+    . . .
+    DB_NAME=/web2/db
+    DB_PORT=tcp://172.17.0.5:5432
+    DB_PORT_5432_TCP=tcp://172.17.0.5:5432
+    DB_PORT_5432_TCP_PROTO=tcp
+    DB_PORT_5432_TCP_PORT=5432
+    DB_PORT_5432_TCP_ADDR=172.17.0.5
+    . . .
+```
+
+You can see that Docker has created a series of environment variables with
+useful information about the source `db` container. Each variable is prefixed
+with
+`DB_`, which is populated from the `alias` you specified above. If the `alias`
+were `db1`, the variables would be prefixed with `DB1_`. You can use these
+environment variables to configure your applications to connect to the database
+on the `db` container. The connection will be secure and private; only the
+linked `web` container will be able to talk to the `db` container.
+
+### Important notes on Docker environment variables
+
+Unlike host entries in the [`/etc/hosts` file](#updating-the-etchosts-file),
+IP addresses stored in the environment variables are not automatically updated
+if the source container is restarted. We recommend using the host entries in
+`/etc/hosts` to resolve the IP address of linked containers.
+
+These environment variables are only set for the first process in the
+container. Some daemons, such as `sshd`, will scrub them when spawning shells
+for connection.
+
+### Updating the `/etc/hosts` file
+
+In addition to the environment variables, Docker adds a host entry for the
+source container to the `/etc/hosts` file. Here's an entry for the `web`
+container:
+
+    $ docker run -t -i --rm --link db:webdb training/webapp /bin/bash
+    root@aed84ee21bde:/opt/webapp# cat /etc/hosts
+    172.17.0.7  aed84ee21bde
+    . . .
+    172.17.0.5  webdb 6e5cdeb2d300 db
+
+You can see two relevant host entries. The first is an entry for the `web`
+container that uses the Container ID as a host name. The second entry uses the
+link alias to reference the IP address of the `db` container. In addition to
+the alias you provide, the linked container's name--if unique from the alias
+provided to the `--link` parameter--and the linked container's hostname will
+also be added in `/etc/hosts` for the linked container's IP address. You can ping
+that host now via any of these entries:
+
+    root@aed84ee21bde:/opt/webapp# apt-get install -yqq inetutils-ping
+    root@aed84ee21bde:/opt/webapp# ping webdb
+    PING webdb (172.17.0.5): 48 data bytes
+    56 bytes from 172.17.0.5: icmp_seq=0 ttl=64 time=0.267 ms
+    56 bytes from 172.17.0.5: icmp_seq=1 ttl=64 time=0.250 ms
+    56 bytes from 172.17.0.5: icmp_seq=2 ttl=64 time=0.256 ms
+
+> **Note:**
+> In the example, you'll note you had to install `ping` because it was not included
+> in the container initially.
+
+Here, you used the `ping` command to ping the `db` container using its host entry,
+which resolves to `172.17.0.5`. You can use this host entry to configure an application
+to make use of your `db` container.
+
+> **Note:**
+> You can link multiple recipient containers to a single source. For
+> example, you could have multiple (differently named) web containers attached to your
+>`db` container.
+
+If you restart the source container, the linked containers `/etc/hosts` files
+will be automatically updated with the source container's new IP address,
+allowing linked communication to continue.
+
+    $ docker restart db
+    db
+    $ docker run -t -i --rm --link db:db training/webapp /bin/bash
+    root@aed84ee21bde:/opt/webapp# cat /etc/hosts
+    172.17.0.7  aed84ee21bde
+    . . .
+    172.17.0.9  db
+
+# Related information
diff --git a/docs/userguide/networking/default_network/images/ipv6_basic_host_config.gliffy b/docs/userguide/networking/default_network/images/ipv6_basic_host_config.gliffy
new file mode 100644
index 00000000..8d0450fc
--- /dev/null
+++ b/docs/userguide/networking/default_network/images/ipv6_basic_host_config.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#FFFFFF","width":414,"height":127,"nodeIndex":173,"autoFit":true,"exportBorder":false,"gridOn":false,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":8.5,"y":0.5},"max":{"x":413.75,"y":126.5}},"objects":[{"x":6.5,"y":106.0,"rotation":0.0,"id":9,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":20,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">docker0 fe80::1/64</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":19.5,"y":9.0,"rotation":0.0,"id":7,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":19,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"color:rgb(183, 183, 183);\">eth0 2001:db8::1/64</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":31.5,"y":23.5,"rotation":0.0,"id":4,"width":100.0,"height":75.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":16,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#a4c2f4","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":5,"width":96.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Host2</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":11.75,"y":0.5,"rotation":0.0,"id":60,"width":402.0,"height":126.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":2,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":"2,2","dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[]},{"x":146.5,"y":83.0,"rotation":0.0,"id":164,"width":249.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":44,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">ip -6 route add 2001:db8:1::/64 </span></span><span style=\"\">dev docker0</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":146.5,"y":27.5,"rotation":0.0,"id":73,"width":249.0,"height":16.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":35,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"color:rgb(183, 183, 183);\"><span style=\"\">ip -6 route add default via fe80::1</span><span style=\"\"> dev eth0</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]}],"shapeStyles":{"com.gliffy.shape.basic.basic_v1.default":{"fill":"#fff2cc","stroke":"#333333","strokeWidth":2,"dashStyle":"2.0,2.0","gradient":true,"shadow":true}},"lineStyles":{"global":{"stroke":"#d9d9d9"}},"textStyles":{"global":{"size":"12px","color":"#b7b7b7"}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.basic.basic_v1.default","com.gliffy.libraries.flowchart.flowchart_v1.default","com.gliffy.libraries.swimlanes.swimlanes_v1.default","com.gliffy.libraries.uml.uml_v2.class","com.gliffy.libraries.uml.uml_v2.sequence","com.gliffy.libraries.uml.uml_v2.activity","com.gliffy.libraries.erd.erd_v1.default","com.gliffy.libraries.ui.ui_v3.containers_content","com.gliffy.libraries.ui.ui_v3.forms_controls","com.gliffy.libraries.images"],"autosaveDisabled":false},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/docs/userguide/networking/default_network/images/ipv6_basic_host_config.svg b/docs/userguide/networking/default_network/images/ipv6_basic_host_config.svg
new file mode 100644
index 00000000..0095b8bd
--- /dev/null
+++ b/docs/userguide/networking/default_network/images/ipv6_basic_host_config.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="433.75" height="146.5"><style xmlns="http://www.w3.org/1999/xhtml"></style><defs><linearGradient id="hEFQTXIBbAaX" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#a4c2f4"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient></defs><g transform="translate(0,0)"><g><rect fill="#FFFFFF" stroke="none" x="0" y="0" width="433.75" height="146.5"/></g><g transform="translate(0,0) matrix(1,0,0,1,11.75,0.5)"><g><g transform="translate(0,0) scale(4.02,1.26)"><g><path fill="#FFFFFF" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(0.24875621890547267,0.7936507936507936)"><path fill="none" stroke="none" d="M 0 0 L 401.99999999999994 0 Q 401.99999999999994 0 401.99999999999994 0 L 401.99999999999994 126 Q 401.99999999999994 126 401.99999999999994 126 L 0 126 Q 0 126 0 126 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#333333" d="M 0 0 M 0 0 L 2 0 M 2 0 M 4 0 L 6 0 M 6 0 M 8 0 L 10 0 M 10 0 M 12 0 L 14 0 M 14 0 M 16 0 L 18 0 M 18 0 M 20 0 L 22 0 M 22 0 M 24 0 L 26 0 M 26 0 M 28 0 L 30 0 M 30 0 M 32 0 L 34 0 M 34 0 M 36 0 L 38 0 M 38 0 M 40 0 L 42 0 M 42 0 M 44 0 L 46 0 M 46 0 M 48 0 L 50 0 M 50 0 M 52 0 L 54 0 M 54 0 M 56 0 L 58 0 M 58 0 M 60 0 L 62 0 M 62 0 M 64 0 L 66 0 M 66 0 M 68 0 L 70 0 M 70 0 M 72 0 L 74 0 M 74 0 M 76 0 L 78 0 M 78 0 M 80 0 L 82 0 M 82 0 M 84 0 L 86 0 M 86 0 M 88 0 L 90 0 M 90 0 M 92 0 L 94 0 M 94 0 M 96 0 L 98 0 M 98 0 M 100 0 L 102 0 M 102 0 M 104 0 L 106 0 M 106 0 M 108 0 L 110 0 M 110 0 M 112 0 L 114 0 M 114 0 M 116 0 L 118 0 M 118 0 M 120 0 L 122 0 M 122 0 M 124 0 L 126 0 M 126 0 M 128 0 L 130 0 M 130 0 M 132 0 L 134 0 M 134 0 M 136 0 L 138 0 M 138 0 M 140 0 L 142 0 M 142 0 M 144 0 L 146 0 M 146 0 M 148 0 L 150 0 M 150 0 M 152 0 L 154 0 M 154 0 M 156 0 L 158 0 M 158 0 M 160 0 L 162 0 M 162 0 M 164 0 L 166 0 M 166 0 M 168 0 L 170 0 M 170 0 M 172 0 L 174 0 M 174 0 M 176 0 L 178 0 M 178 0 M 180 0 L 182 0 M 182 0 M 184 0 L 186 0 M 186 0 M 188 0 L 190 0 M 190 0 M 192 0 L 194 0 M 194 0 M 196 0 L 198 0 M 198 0 M 200 0 L 202 0 M 202 0 M 204 0 L 206 0 M 206 0 M 208 0 L 210 0 M 210 0 M 212 0 L 214 0 M 214 0 M 216 0 L 218 0 M 218 0 M 220 0 L 222 0 M 222 0 M 224 0 L 226 0 M 226 0 M 228 0 L 230 0 M 230 0 M 232 0 L 234 0 M 234 0 M 236 0 L 238 0 M 238 0 M 240 0 L 242 0 M 242 0 M 244 0 L 246 0 M 246 0 M 248 0 L 250 0 M 250 0 M 252 0 L 254 0 M 254 0 M 256 0 L 258 0 M 258 0 M 260 0 L 262 0 M 262 0 M 264 0 L 266 0 M 266 0 M 268 0 L 270 0 M 270 0 M 272 0 L 274 0 M 274 0 M 276 0 L 278 0 M 278 0 M 280 0 L 282 0 M 282 0 M 284 0 L 286 0 M 286 0 M 288 0 L 290 0 M 290 0 M 292 0 L 294 0 M 294 0 M 296 0 L 298 0 M 298 0 M 300 0 L 302 0 M 302 0 M 304 0 L 306 0 M 306 0 M 308 0 L 310 0 M 310 0 M 312 0 L 314 0 M 314 0 M 316 0 L 318 0 M 318 0 M 320 0 L 322 0 M 322 0 M 324 0 L 326 0 M 326 0 M 328 0 L 330 0 M 330 0 M 332 0 L 334 0 M 334 0 M 336 0 L 338 0 M 338 0 M 340 0 L 342 0 M 342 0 M 344 0 L 346 0 M 346 0 M 348 0 L 350 0 M 350 0 M 352 0 L 354 0 M 354 0 M 356 0 L 358 0 M 358 0 M 360 0 L 362 0 M 362 0 M 364 0 L 366 0 M 366 0 M 368 0 L 370 0 M 370 0 M 372 0 L 374 0 M 374 0 M 376 0 L 378 0 M 378 0 M 380 0 L 382 0 M 382 0 M 384 0 L 386 0 M 386 0 M 388 0 L 390 0 M 390 0 M 392 0 L 394 0 M 394 0 M 396 0 L 398 0 M 398 0 M 400 0 L 401.99999999999994 0 Q 401.99999999999994 0 401.99999999999994 0 L 401.99999999999994 5.684341886080802e-14 M 401.99999999999994 5.684341886080802e-14 M 401.99999999999994 2.000000000000057 L 401.99999999999994 4.000000000000057 M 401.99999999999994 4.000000000000057 M 401.99999999999994 6.000000000000057 L 401.99999999999994 8.000000000000057 M 401.99999999999994 8.000000000000057 M 401.99999999999994 10.000000000000057 L 401.99999999999994 12.000000000000057 M 401.99999999999994 12.000000000000057 M 401.99999999999994 14.000000000000057 L 401.99999999999994 16.000000000000057 M 401.99999999999994 16.000000000000057 M 401.99999999999994 18.000000000000057 L 401.99999999999994 20.000000000000057 M 401.99999999999994 20.000000000000057 M 401.99999999999994 22.000000000000057 L 401.99999999999994 24.000000000000057 M 401.99999999999994 24.000000000000057 M 401.99999999999994 26.000000000000057 L 401.99999999999994 28.000000000000057 M 401.99999999999994 28.000000000000057 M 401.99999999999994 30.000000000000057 L 401.99999999999994 32.00000000000006 M 401.99999999999994 32.00000000000006 M 401.99999999999994 34.00000000000006 L 401.99999999999994 36.00000000000006 M 401.99999999999994 36.00000000000006 M 401.99999999999994 38.00000000000006 L 401.99999999999994 40.00000000000006 M 401.99999999999994 40.00000000000006 M 401.99999999999994 42.00000000000006 L 401.99999999999994 44.00000000000006 M 401.99999999999994 44.00000000000006 M 401.99999999999994 46.00000000000006 L 401.99999999999994 48.00000000000006 M 401.99999999999994 48.00000000000006 M 401.99999999999994 50.00000000000006 L 401.99999999999994 52.00000000000006 M 401.99999999999994 52.00000000000006 M 401.99999999999994 54.00000000000006 L 401.99999999999994 56.00000000000006 M 401.99999999999994 56.00000000000006 M 401.99999999999994 58.00000000000006 L 401.99999999999994 60.00000000000006 M 401.99999999999994 60.00000000000006 M 401.99999999999994 62.00000000000006 L 401.99999999999994 64.00000000000006 M 401.99999999999994 64.00000000000006 M 401.99999999999994 66.00000000000006 L 401.99999999999994 68.00000000000006 M 401.99999999999994 68.00000000000006 M 401.99999999999994 70.00000000000006 L 401.99999999999994 72.00000000000006 M 401.99999999999994 72.00000000000006 M 401.99999999999994 74.00000000000006 L 401.99999999999994 76.00000000000006 M 401.99999999999994 76.00000000000006 M 401.99999999999994 78.00000000000006 L 401.99999999999994 80.00000000000006 M 401.99999999999994 80.00000000000006 M 401.99999999999994 82.00000000000006 L 401.99999999999994 84.00000000000006 M 401.99999999999994 84.00000000000006 M 401.99999999999994 86.00000000000006 L 401.99999999999994 88.00000000000006 M 401.99999999999994 88.00000000000006 M 401.99999999999994 90.00000000000006 L 401.99999999999994 92.00000000000006 M 401.99999999999994 92.00000000000006 M 401.99999999999994 94.00000000000006 L 401.99999999999994 96.00000000000006 M 401.99999999999994 96.00000000000006 M 401.99999999999994 98.00000000000006 L 401.99999999999994 100.00000000000006 M 401.99999999999994 100.00000000000006 M 401.99999999999994 102.00000000000006 L 401.99999999999994 104.00000000000006 M 401.99999999999994 104.00000000000006 M 401.99999999999994 106.00000000000006 L 401.99999999999994 108.00000000000006 M 401.99999999999994 108.00000000000006 M 401.99999999999994 110.00000000000006 L 401.99999999999994 112.00000000000006 M 401.99999999999994 112.00000000000006 M 401.99999999999994 114.00000000000006 L 401.99999999999994 116.00000000000006 M 401.99999999999994 116.00000000000006 M 401.99999999999994 118.00000000000006 L 401.99999999999994 120.00000000000006 M 401.99999999999994 120.00000000000006 M 401.99999999999994 122.00000000000006 L 401.99999999999994 124.00000000000006 M 401.99999999999994 124.00000000000006 M 401.9999999999999 126 L 399.9999999999999 126 M 399.9999999999999 126 M 397.9999999999999 126 L 395.9999999999999 126 M 395.9999999999999 126 M 393.9999999999999 126 L 391.9999999999999 126 M 391.9999999999999 126 M 389.9999999999999 126 L 387.9999999999999 126 M 387.9999999999999 126 M 385.9999999999999 126 L 383.9999999999999 126 M 383.9999999999999 126 M 381.9999999999999 126 L 379.9999999999999 126 M 379.9999999999999 126 M 377.9999999999999 126 L 375.9999999999999 126 M 375.9999999999999 126 M 373.9999999999999 126 L 371.9999999999999 126 M 371.9999999999999 126 M 369.9999999999999 126 L 367.9999999999999 126 M 367.9999999999999 126 M 365.9999999999999 126 L 363.9999999999999 126 M 363.9999999999999 126 M 361.9999999999999 126 L 359.9999999999999 126 M 359.9999999999999 126 M 357.9999999999999 126 L 355.9999999999999 126 M 355.9999999999999 126 M 353.9999999999999 126 L 351.9999999999999 126 M 351.9999999999999 126 M 349.9999999999999 126 L 347.9999999999999 126 M 347.9999999999999 126 M 345.9999999999999 126 L 343.9999999999999 126 M 343.9999999999999 126 M 341.9999999999999 126 L 339.9999999999999 126 M 339.9999999999999 126 M 337.9999999999999 126 L 335.9999999999999 126 M 335.9999999999999 126 M 333.9999999999999 126 L 331.9999999999999 126 M 331.9999999999999 126 M 329.9999999999999 126 L 327.9999999999999 126 M 327.9999999999999 126 M 325.9999999999999 126 L 323.9999999999999 126 M 323.9999999999999 126 M 321.9999999999999 126 L 319.9999999999999 126 M 319.9999999999999 126 M 317.9999999999999 126 L 315.9999999999999 126 M 315.9999999999999 126 M 313.9999999999999 126 L 311.9999999999999 126 M 311.9999999999999 126 M 309.9999999999999 126 L 307.9999999999999 126 M 307.9999999999999 126 M 305.9999999999999 126 L 303.9999999999999 126 M 303.9999999999999 126 M 301.9999999999999 126 L 299.9999999999999 126 M 299.9999999999999 126 M 297.9999999999999 126 L 295.9999999999999 126 M 295.9999999999999 126 M 293.9999999999999 126 L 291.9999999999999 126 M 291.9999999999999 126 M 289.9999999999999 126 L 287.9999999999999 126 M 287.9999999999999 126 M 285.9999999999999 126 L 283.9999999999999 126 M 283.9999999999999 126 M 281.9999999999999 126 L 279.9999999999999 126 M 279.9999999999999 126 M 277.9999999999999 126 L 275.9999999999999 126 M 275.9999999999999 126 M 273.9999999999999 126 L 271.9999999999999 126 M 271.9999999999999 126 M 269.9999999999999 126 L 267.9999999999999 126 M 267.9999999999999 126 M 265.9999999999999 126 L 263.9999999999999 126 M 263.9999999999999 126 M 261.9999999999999 126 L 259.9999999999999 126 M 259.9999999999999 126 M 257.9999999999999 126 L 255.9999999999999 126 M 255.9999999999999 126 M 253.9999999999999 126 L 251.9999999999999 126 M 251.9999999999999 126 M 249.9999999999999 126 L 247.9999999999999 126 M 247.9999999999999 126 M 245.9999999999999 126 L 243.9999999999999 126 M 243.9999999999999 126 M 241.9999999999999 126 L 239.9999999999999 126 M 239.9999999999999 126 M 237.9999999999999 126 L 235.9999999999999 126 M 235.9999999999999 126 M 233.9999999999999 126 L 231.9999999999999 126 M 231.9999999999999 126 M 229.9999999999999 126 L 227.9999999999999 126 M 227.9999999999999 126 M 225.9999999999999 126 L 223.9999999999999 126 M 223.9999999999999 126 M 221.9999999999999 126 L 219.9999999999999 126 M 219.9999999999999 126 M 217.9999999999999 126 L 215.9999999999999 126 M 215.9999999999999 126 M 213.9999999999999 126 L 211.9999999999999 126 M 211.9999999999999 126 M 209.9999999999999 126 L 207.9999999999999 126 M 207.9999999999999 126 M 205.9999999999999 126 L 203.9999999999999 126 M 203.9999999999999 126 M 201.9999999999999 126 L 199.9999999999999 126 M 199.9999999999999 126 M 197.9999999999999 126 L 195.9999999999999 126 M 195.9999999999999 126 M 193.9999999999999 126 L 191.9999999999999 126 M 191.9999999999999 126 M 189.9999999999999 126 L 187.9999999999999 126 M 187.9999999999999 126 M 185.9999999999999 126 L 183.9999999999999 126 M 183.9999999999999 126 M 181.9999999999999 126 L 179.9999999999999 126 M 179.9999999999999 126 M 177.9999999999999 126 L 175.9999999999999 126 M 175.9999999999999 126 M 173.9999999999999 126 L 171.9999999999999 126 M 171.9999999999999 126 M 169.9999999999999 126 L 167.9999999999999 126 M 167.9999999999999 126 M 165.9999999999999 126 L 163.9999999999999 126 M 163.9999999999999 126 M 161.9999999999999 126 L 159.9999999999999 126 M 159.9999999999999 126 M 157.9999999999999 126 L 155.9999999999999 126 M 155.9999999999999 126 M 153.9999999999999 126 L 151.9999999999999 126 M 151.9999999999999 126 M 149.9999999999999 126 L 147.9999999999999 126 M 147.9999999999999 126 M 145.9999999999999 126 L 143.9999999999999 126 M 143.9999999999999 126 M 141.9999999999999 126 L 139.9999999999999 126 M 139.9999999999999 126 M 137.9999999999999 126 L 135.9999999999999 126 M 135.9999999999999 126 M 133.9999999999999 126 L 131.9999999999999 126 M 131.9999999999999 126 M 129.9999999999999 126 L 127.99999999999989 126 M 127.99999999999989 126 M 125.99999999999989 126 L 123.99999999999989 126 M 123.99999999999989 126 M 121.99999999999989 126 L 119.99999999999989 126 M 119.99999999999989 126 M 117.99999999999989 126 L 115.99999999999989 126 M 115.99999999999989 126 M 113.99999999999989 126 L 111.99999999999989 126 M 111.99999999999989 126 M 109.99999999999989 126 L 107.99999999999989 126 M 107.99999999999989 126 M 105.99999999999989 126 L 103.99999999999989 126 M 103.99999999999989 126 M 101.99999999999989 126 L 99.99999999999989 126 M 99.99999999999989 126 M 97.99999999999989 126 L 95.99999999999989 126 M 95.99999999999989 126 M 93.99999999999989 126 L 91.99999999999989 126 M 91.99999999999989 126 M 89.99999999999989 126 L 87.99999999999989 126 M 87.99999999999989 126 M 85.99999999999989 126 L 83.99999999999989 126 M 83.99999999999989 126 M 81.99999999999989 126 L 79.99999999999989 126 M 79.99999999999989 126 M 77.99999999999989 126 L 75.99999999999989 126 M 75.99999999999989 126 M 73.99999999999989 126 L 71.99999999999989 126 M 71.99999999999989 126 M 69.99999999999989 126 L 67.99999999999989 126 M 67.99999999999989 126 M 65.99999999999989 126 L 63.999999999999886 126 M 63.999999999999886 126 M 61.999999999999886 126 L 59.999999999999886 126 M 59.999999999999886 126 M 57.999999999999886 126 L 55.999999999999886 126 M 55.999999999999886 126 M 53.999999999999886 126 L 51.999999999999886 126 M 51.999999999999886 126 M 49.999999999999886 126 L 47.999999999999886 126 M 47.999999999999886 126 M 45.999999999999886 126 L 43.999999999999886 126 M 43.999999999999886 126 M 41.999999999999886 126 L 39.999999999999886 126 M 39.999999999999886 126 M 37.999999999999886 126 L 35.999999999999886 126 M 35.999999999999886 126 M 33.999999999999886 126 L 31.999999999999886 126 M 31.999999999999886 126 M 29.999999999999886 126 L 27.999999999999886 126 M 27.999999999999886 126 M 25.999999999999886 126 L 23.999999999999886 126 M 23.999999999999886 126 M 21.999999999999886 126 L 19.999999999999886 126 M 19.999999999999886 126 M 17.999999999999886 126 L 15.999999999999886 126 M 15.999999999999886 126 M 13.999999999999886 126 L 11.999999999999886 126 M 11.999999999999886 126 M 9.999999999999886 126 L 7.999999999999886 126 M 7.999999999999886 126 M 5.999999999999886 126 L 3.9999999999998863 126 M 3.9999999999998863 126 M 1.9999999999998863 126 L 0 126 Q 0 126 0 126 L 0 125.99999999999989 M 0 125.99999999999989 M 0 123.99999999999989 L 0 121.99999999999989 M 0 121.99999999999989 M 0 119.99999999999989 L 0 117.99999999999989 M 0 117.99999999999989 M 0 115.99999999999989 L 0 113.99999999999989 M 0 113.99999999999989 M 0 111.99999999999989 L 0 109.99999999999989 M 0 109.99999999999989 M 0 107.99999999999989 L 0 105.99999999999989 M 0 105.99999999999989 M 0 103.99999999999989 L 0 101.99999999999989 M 0 101.99999999999989 M 0 99.99999999999989 L 0 97.99999999999989 M 0 97.99999999999989 M 0 95.99999999999989 L 0 93.99999999999989 M 0 93.99999999999989 M 0 91.99999999999989 L 0 89.99999999999989 M 0 89.99999999999989 M 0 87.99999999999989 L 0 85.99999999999989 M 0 85.99999999999989 M 0 83.99999999999989 L 0 81.99999999999989 M 0 81.99999999999989 M 0 79.99999999999989 L 0 77.99999999999989 M 0 77.99999999999989 M 0 75.99999999999989 L 0 73.99999999999989 M 0 73.99999999999989 M 0 71.99999999999989 L 0 69.99999999999989 M 0 69.99999999999989 M 0 67.99999999999989 L 0 65.99999999999989 M 0 65.99999999999989 M 0 63.999999999999886 L 0 61.999999999999886 M 0 61.999999999999886 M 0 59.999999999999886 L 0 57.999999999999886 M 0 57.999999999999886 M 0 55.999999999999886 L 0 53.999999999999886 M 0 53.999999999999886 M 0 51.999999999999886 L 0 49.999999999999886 M 0 49.999999999999886 M 0 47.999999999999886 L 0 45.999999999999886 M 0 45.999999999999886 M 0 43.999999999999886 L 0 41.999999999999886 M 0 41.999999999999886 M 0 39.999999999999886 L 0 37.999999999999886 M 0 37.999999999999886 M 0 35.999999999999886 L 0 33.999999999999886 M 0 33.999999999999886 M 0 31.999999999999886 L 0 29.999999999999886 M 0 29.999999999999886 M 0 27.999999999999886 L 0 25.999999999999886 M 0 25.999999999999886 M 0 23.999999999999886 L 0 21.999999999999886 M 0 21.999999999999886 M 0 19.999999999999886 L 0 17.999999999999886 M 0 17.999999999999886 M 0 15.999999999999886 L 0 13.999999999999886 M 0 13.999999999999886 M 0 11.999999999999886 L 0 9.999999999999886 M 0 9.999999999999886 M 0 7.999999999999886 L 0 5.999999999999886 M 0 5.999999999999886 M 0 3.9999999999998863 L 0 1.9999999999998863 M 0 1.9999999999998863 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,31.5,23.5)"><g transform="translate(4,4) scale(1.01,1.0133333333333334)"><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="url(#hEFQTXIBbAaX)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#hEFQTXIBbAaX)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,42,54)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.326171875" y="0" width="32" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.326171875" y="0" width="32" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24" y="11">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="11">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="49" y="11">2</text></g></g><g transform="matrix(1,0,0,1,22,9)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="107" height="14" fill-opacity="0"/></g><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="11">eth0</text><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">2001</text><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="11">:</text><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">db8</text><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="77" y="11">::</text><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="83" y="11">1</text><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="90" y="11">/</text><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="93" y="11">64</text></g></g><g transform="matrix(1,0,0,1,9,106)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="23.2978515625" y="0" width="100" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="23.2978515625" y="0" width="100" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="23" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="30" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="37" y="11">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="43" y="11">k</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="49" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="55" y="11">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="69" y="11">f</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="73" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="79" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="86" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="93" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="96" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="99" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="106" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="109" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="116" y="11">4</text></g></g><g transform="matrix(1,0,0,1,149,29)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="245" height="16" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="245" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="225" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="176" height="14" fill-opacity="0"/></g><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="11">ip</text><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="9" y="11"> -</text><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="17" y="11">6</text><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">route</text><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">add</text><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="81" y="11">default</text><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="120" y="11">via</text><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="139" y="11">fe80</text><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="162" y="11">::</text><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="169" y="11">1</text></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="175.453125" y="0" width="50" height="14" fill-opacity="0"/></g><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="179" y="11">dev</text><text fill="rgb(183, 183, 183)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="201" y="11">eth0</text></g></g><g transform="matrix(1,0,0,1,149,83)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="245" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="245" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="168" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="168" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="11">ip</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="9" y="11"> -</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="17" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">route</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">add</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="81" y="11">2001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="107" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="111" y="11">db8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="131" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="134" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="141" y="11">::/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="151" y="11">64</text></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="167.4609375" y="0" width="66" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="167" y="11">dev</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="190" y="11">docker0</text></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/userguide/networking/default_network/images/ipv6_ndp_proxying.gliffy b/docs/userguide/networking/default_network/images/ipv6_ndp_proxying.gliffy
new file mode 100644
index 00000000..698723e1
--- /dev/null
+++ b/docs/userguide/networking/default_network/images/ipv6_ndp_proxying.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#FFFFFF","width":616,"height":438,"nodeIndex":207,"autoFit":true,"exportBorder":false,"gridOn":false,"snapToGrid":false,"drawingGuidesOn":true,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":3,"y":-7.75},"max":{"x":615.5,"y":437.5}},"objects":[{"x":173.0,"y":117.0,"rotation":0.0,"id":190,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":30,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":0,"py":1.0,"px":0.7071067811865476}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":186,"py":0.0,"px":0.2928932188134524}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":"4.0,4.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[120.21067811865476,-7.0],[335.78932188134524,57.5]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":195.0,"y":117.0,"rotation":0.0,"id":83,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":23,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">eth0 2001:db8::1/64</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":222.5,"y":35.0,"rotation":0.0,"id":0,"width":100.0,"height":75.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":7,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#fff2cc","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":1,"width":96.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;text-decoration:none;\"><span style=\"text-decoration:none;\">Router</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":26.0,"y":109.0,"rotation":0.0,"id":33,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":6,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":0,"py":0.9999999999999998,"px":0.29289321881345254}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":2,"py":0.0,"px":0.7071067811865476}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[225.78932188134524,0.9999999999999858],[57.710678118654755,65.5]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":20.289321881345245,"y":150.0,"rotation":0.0,"id":32,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":5,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":4,"py":0.0,"px":0.2928932188134524}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":0,"py":1.0,"px":0.7071067811865476}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[333.5,24.5],[272.9213562373095,-40.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":271.0,"y":37.0,"rotation":0.0,"id":89,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":1,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":0,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#d9d9d9","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[1.5,-2.0],[1.5,-21.125],[1.5,-21.125],[1.5,-40.25]],"lockSegments":{},"ortho":true}},"linkMap":[],"children":[]},{"x":151.0,"y":115.0,"rotation":0.0,"id":183,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":0,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":0,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":179,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[121.5,-5.0],[62.5,59.5]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":455.5,"y":257.0,"rotation":0.0,"id":200,"width":150.0,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":200,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":5,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-style:italic;font-size:12px;\"><span style=\"\">expected Container location</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":467.5,"y":156.0,"rotation":0.0,"id":185,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":29,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">eth0 2001:db8::c00y/64</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":479.5,"y":174.5,"rotation":0.0,"id":186,"width":100.0,"height":75.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":27,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#e2e2e2","gradient":false,"dashStyle":"2,2","dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":187,"width":96.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;text-decoration:none;\"><span style=\"text-decoration:none;\">Container x</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":151.5,"y":156.0,"rotation":0.0,"id":178,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":26,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">eth0 2001:db8::b001/64</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":163.5,"y":174.5,"rotation":0.0,"id":179,"width":100.0,"height":75.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":24,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#a4c2f4","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":180,"width":96.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;text-decoration:none;\"><span style=\"text-decoration:none;\">Host2</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":299.5,"y":257.0,"rotation":0.0,"id":9,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":15,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">docker0 fe80::1/64</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":317.5,"y":156.0,"rotation":0.0,"id":7,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":14,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">eth0 2001:db8::c001/64</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":1.0,"y":156.0,"rotation":0.0,"id":6,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":13,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">eth0 2001:db8::a001/64</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":324.5,"y":174.5,"rotation":0.0,"id":4,"width":100.0,"height":75.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":11,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#a4c2f4","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":5,"width":96.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;text-decoration:none;\"><span style=\"text-decoration:none;\">Host3</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":13.0,"y":174.5,"rotation":0.0,"id":2,"width":100.0,"height":75.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":9,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#a4c2f4","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":3,"width":96.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;text-decoration:none;\"><span style=\"text-decoration:none;\">Host1</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":-142.5,"y":118.5,"rotation":0.0,"id":31,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":4,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":4,"py":1.0,"px":0.7071067811865476}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":25,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[537.7106781186548,131.0],[602.0,204.5]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":-181.5,"y":122.5,"rotation":0.0,"id":30,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":3,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":4,"py":0.9999999999999998,"px":0.29289321881345254}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":27,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[535.2893218813452,127.0],[473.0,200.5]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":386.0,"y":306.0,"rotation":0.0,"id":78,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":22,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">eth0 2001:db8::c00a/125</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":218.0,"y":306.0,"rotation":0.0,"id":77,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":21,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">eth0 2001:db8::c009/125</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":409.5,"y":323.0,"rotation":0.0,"id":25,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.square","order":18,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#ead1dc","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":26,"width":96.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;text-decoration:none;\"><span style=\"text-decoration:none;\">Container2</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":241.5,"y":323.0,"rotation":0.0,"id":27,"width":99.99999999999999,"height":99.99999999999999,"uid":"com.gliffy.shape.basic.basic_v1.default.square","order":16,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#ead1dc","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":28,"width":95.99999999999999,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;text-decoration:none;\"><span style=\"text-decoration:none;\">Container1</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":207.75,"y":297.5,"rotation":0.0,"id":58,"width":339.75,"height":140.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":2,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":"2,2","dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[]}],"shapeStyles":{"com.gliffy.shape.basic.basic_v1.default":{"fill":"#e2e2e2","stroke":"#333333","strokeWidth":2,"dashStyle":"2.0,2.0","gradient":false,"shadow":true}},"lineStyles":{"global":{"stroke":"#cccccc","strokeWidth":2,"dashStyle":"4.0,4.0"}},"textStyles":{"global":{"size":"12px","italic":true}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.basic.basic_v1.default","com.gliffy.libraries.flowchart.flowchart_v1.default","com.gliffy.libraries.swimlanes.swimlanes_v1.default","com.gliffy.libraries.uml.uml_v2.class","com.gliffy.libraries.uml.uml_v2.sequence","com.gliffy.libraries.uml.uml_v2.activity","com.gliffy.libraries.erd.erd_v1.default","com.gliffy.libraries.ui.ui_v3.containers_content","com.gliffy.libraries.ui.ui_v3.forms_controls","com.gliffy.libraries.images"],"autosaveDisabled":false},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/docs/userguide/networking/default_network/images/ipv6_ndp_proxying.svg b/docs/userguide/networking/default_network/images/ipv6_ndp_proxying.svg
new file mode 100644
index 00000000..49b2da9f
--- /dev/null
+++ b/docs/userguide/networking/default_network/images/ipv6_ndp_proxying.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="635.5" height="457.5"><style xmlns="http://www.w3.org/1999/xhtml"></style><defs><linearGradient id="xKnpNsEUztog" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#fff2cc"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="oGRgamfHfecD" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#a4c2f4"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="ubSpGvJiSkdd" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#a4c2f4"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="keFrGZTtpCuO" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#ead1dc"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="naovqTKySRGJ" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#ead1dc"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="AKcGbNDhiIrM" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#a4c2f4"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient></defs><g transform="translate(0,0)"><g><rect fill="#FFFFFF" stroke="none" x="0" y="0" width="635.5" height="457.5"/></g><g transform="matrix(1,0,0,1,209,105.5)"><g transform="translate(0,0)"><g transform="translate(-151,-115) translate(-58,9.5) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 272.5 110 L 213.5 174.5" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,268,-7.75)"><g transform="translate(0,0)"><g transform="translate(-271,-37) translate(3,44.75) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#d9d9d9" d="M 272.5 35 L 272.5 25.4375 Q 272.5 15.875 272.5 15.875 L 272.5 15.875 Q 272.5 15.875 272.5 6.3125 L 272.5 -3.25" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,207.75,297.5)"><g><g transform="translate(0,0) scale(3.3975,1.4)"><g><path fill="#FFFFFF" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(0.29433406916850624,0.7142857142857143)"><path fill="none" stroke="none" d="M 0 0 L 339.75 0 Q 339.75 0 339.75 0 L 339.75 140 Q 339.75 140 339.75 140 L 0 140 Q 0 140 0 140 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#333333" d="M 0 0 M 0 0 L 2 0 M 2 0 M 4 0 L 6 0 M 6 0 M 8 0 L 10 0 M 10 0 M 12 0 L 14 0 M 14 0 M 16 0 L 18 0 M 18 0 M 20 0 L 22 0 M 22 0 M 24 0 L 26 0 M 26 0 M 28 0 L 30 0 M 30 0 M 32 0 L 34 0 M 34 0 M 36 0 L 38 0 M 38 0 M 40 0 L 42 0 M 42 0 M 44 0 L 46 0 M 46 0 M 48 0 L 50 0 M 50 0 M 52 0 L 54 0 M 54 0 M 56 0 L 58 0 M 58 0 M 60 0 L 62 0 M 62 0 M 64 0 L 66 0 M 66 0 M 68 0 L 70 0 M 70 0 M 72 0 L 74 0 M 74 0 M 76 0 L 78 0 M 78 0 M 80 0 L 82 0 M 82 0 M 84 0 L 86 0 M 86 0 M 88 0 L 90 0 M 90 0 M 92 0 L 94 0 M 94 0 M 96 0 L 98 0 M 98 0 M 100 0 L 102 0 M 102 0 M 104 0 L 106 0 M 106 0 M 108 0 L 110 0 M 110 0 M 112 0 L 114 0 M 114 0 M 116 0 L 118 0 M 118 0 M 120 0 L 122 0 M 122 0 M 124 0 L 126 0 M 126 0 M 128 0 L 130 0 M 130 0 M 132 0 L 134 0 M 134 0 M 136 0 L 138 0 M 138 0 M 140 0 L 142 0 M 142 0 M 144 0 L 146 0 M 146 0 M 148 0 L 150 0 M 150 0 M 152 0 L 154 0 M 154 0 M 156 0 L 158 0 M 158 0 M 160 0 L 162 0 M 162 0 M 164 0 L 166 0 M 166 0 M 168 0 L 170 0 M 170 0 M 172 0 L 174 0 M 174 0 M 176 0 L 178 0 M 178 0 M 180 0 L 182 0 M 182 0 M 184 0 L 186 0 M 186 0 M 188 0 L 190 0 M 190 0 M 192 0 L 194 0 M 194 0 M 196 0 L 198 0 M 198 0 M 200 0 L 202 0 M 202 0 M 204 0 L 206 0 M 206 0 M 208 0 L 210 0 M 210 0 M 212 0 L 214 0 M 214 0 M 216 0 L 218 0 M 218 0 M 220 0 L 222 0 M 222 0 M 224 0 L 226 0 M 226 0 M 228 0 L 230 0 M 230 0 M 232 0 L 234 0 M 234 0 M 236 0 L 238 0 M 238 0 M 240 0 L 242 0 M 242 0 M 244 0 L 246 0 M 246 0 M 248 0 L 250 0 M 250 0 M 252 0 L 254 0 M 254 0 M 256 0 L 258 0 M 258 0 M 260 0 L 262 0 M 262 0 M 264 0 L 266 0 M 266 0 M 268 0 L 270 0 M 270 0 M 272 0 L 274 0 M 274 0 M 276 0 L 278 0 M 278 0 M 280 0 L 282 0 M 282 0 M 284 0 L 286 0 M 286 0 M 288 0 L 290 0 M 290 0 M 292 0 L 294 0 M 294 0 M 296 0 L 298 0 M 298 0 M 300 0 L 302 0 M 302 0 M 304 0 L 306 0 M 306 0 M 308 0 L 310 0 M 310 0 M 312 0 L 314 0 M 314 0 M 316 0 L 318 0 M 318 0 M 320 0 L 322 0 M 322 0 M 324 0 L 326 0 M 326 0 M 328 0 L 330 0 M 330 0 M 332 0 L 334 0 M 334 0 M 336 0 L 338 0 M 338 0 M 339.75 0.25 L 339.75 2.25 M 339.75 2.25 M 339.75 4.25 L 339.75 6.25 M 339.75 6.25 M 339.75 8.25 L 339.75 10.25 M 339.75 10.25 M 339.75 12.25 L 339.75 14.25 M 339.75 14.25 M 339.75 16.25 L 339.75 18.25 M 339.75 18.25 M 339.75 20.25 L 339.75 22.25 M 339.75 22.25 M 339.75 24.25 L 339.75 26.25 M 339.75 26.25 M 339.75 28.25 L 339.75 30.25 M 339.75 30.25 M 339.75 32.25 L 339.75 34.25 M 339.75 34.25 M 339.75 36.25 L 339.75 38.25 M 339.75 38.25 M 339.75 40.25 L 339.75 42.25 M 339.75 42.25 M 339.75 44.25 L 339.75 46.25 M 339.75 46.25 M 339.75 48.25 L 339.75 50.25 M 339.75 50.25 M 339.75 52.25 L 339.75 54.25 M 339.75 54.25 M 339.75 56.25 L 339.75 58.25 M 339.75 58.25 M 339.75 60.25 L 339.75 62.25 M 339.75 62.25 M 339.75 64.25 L 339.75 66.25 M 339.75 66.25 M 339.75 68.25 L 339.75 70.25 M 339.75 70.25 M 339.75 72.25 L 339.75 74.25 M 339.75 74.25 M 339.75 76.25 L 339.75 78.25 M 339.75 78.25 M 339.75 80.25 L 339.75 82.25 M 339.75 82.25 M 339.75 84.25 L 339.75 86.25 M 339.75 86.25 M 339.75 88.25 L 339.75 90.25 M 339.75 90.25 M 339.75 92.25 L 339.75 94.25 M 339.75 94.25 M 339.75 96.25 L 339.75 98.25 M 339.75 98.25 M 339.75 100.25 L 339.75 102.25 M 339.75 102.25 M 339.75 104.25 L 339.75 106.25 M 339.75 106.25 M 339.75 108.25 L 339.75 110.25 M 339.75 110.25 M 339.75 112.25 L 339.75 114.25 M 339.75 114.25 M 339.75 116.25 L 339.75 118.25 M 339.75 118.25 M 339.75 120.25 L 339.75 122.25 M 339.75 122.25 M 339.75 124.25 L 339.75 126.25 M 339.75 126.25 M 339.75 128.25 L 339.75 130.25 M 339.75 130.25 M 339.75 132.25 L 339.75 134.25 M 339.75 134.25 M 339.75 136.25 L 339.75 138.25 M 339.75 138.25 M 339.5 140 L 337.5 140 M 337.5 140 M 335.5 140 L 333.5 140 M 333.5 140 M 331.5 140 L 329.5 140 M 329.5 140 M 327.5 140 L 325.5 140 M 325.5 140 M 323.5 140 L 321.5 140 M 321.5 140 M 319.5 140 L 317.5 140 M 317.5 140 M 315.5 140 L 313.5 140 M 313.5 140 M 311.5 140 L 309.5 140 M 309.5 140 M 307.5 140 L 305.5 140 M 305.5 140 M 303.5 140 L 301.5 140 M 301.5 140 M 299.5 140 L 297.5 140 M 297.5 140 M 295.5 140 L 293.5 140 M 293.5 140 M 291.5 140 L 289.5 140 M 289.5 140 M 287.5 140 L 285.5 140 M 285.5 140 M 283.5 140 L 281.5 140 M 281.5 140 M 279.5 140 L 277.5 140 M 277.5 140 M 275.5 140 L 273.5 140 M 273.5 140 M 271.5 140 L 269.5 140 M 269.5 140 M 267.5 140 L 265.5 140 M 265.5 140 M 263.5 140 L 261.5 140 M 261.5 140 M 259.5 140 L 257.5 140 M 257.5 140 M 255.5 140 L 253.5 140 M 253.5 140 M 251.5 140 L 249.5 140 M 249.5 140 M 247.5 140 L 245.5 140 M 245.5 140 M 243.5 140 L 241.5 140 M 241.5 140 M 239.5 140 L 237.5 140 M 237.5 140 M 235.5 140 L 233.5 140 M 233.5 140 M 231.5 140 L 229.5 140 M 229.5 140 M 227.5 140 L 225.5 140 M 225.5 140 M 223.5 140 L 221.5 140 M 221.5 140 M 219.5 140 L 217.5 140 M 217.5 140 M 215.5 140 L 213.5 140 M 213.5 140 M 211.5 140 L 209.5 140 M 209.5 140 M 207.5 140 L 205.5 140 M 205.5 140 M 203.5 140 L 201.5 140 M 201.5 140 M 199.5 140 L 197.5 140 M 197.5 140 M 195.5 140 L 193.5 140 M 193.5 140 M 191.5 140 L 189.5 140 M 189.5 140 M 187.5 140 L 185.5 140 M 185.5 140 M 183.5 140 L 181.5 140 M 181.5 140 M 179.5 140 L 177.5 140 M 177.5 140 M 175.5 140 L 173.5 140 M 173.5 140 M 171.5 140 L 169.5 140 M 169.5 140 M 167.5 140 L 165.5 140 M 165.5 140 M 163.5 140 L 161.5 140 M 161.5 140 M 159.5 140 L 157.5 140 M 157.5 140 M 155.5 140 L 153.5 140 M 153.5 140 M 151.5 140 L 149.5 140 M 149.5 140 M 147.5 140 L 145.5 140 M 145.5 140 M 143.5 140 L 141.5 140 M 141.5 140 M 139.5 140 L 137.5 140 M 137.5 140 M 135.5 140 L 133.5 140 M 133.5 140 M 131.5 140 L 129.5 140 M 129.5 140 M 127.5 140 L 125.5 140 M 125.5 140 M 123.5 140 L 121.5 140 M 121.5 140 M 119.5 140 L 117.5 140 M 117.5 140 M 115.5 140 L 113.5 140 M 113.5 140 M 111.5 140 L 109.5 140 M 109.5 140 M 107.5 140 L 105.5 140 M 105.5 140 M 103.5 140 L 101.5 140 M 101.5 140 M 99.5 140 L 97.5 140 M 97.5 140 M 95.5 140 L 93.5 140 M 93.5 140 M 91.5 140 L 89.5 140 M 89.5 140 M 87.5 140 L 85.5 140 M 85.5 140 M 83.5 140 L 81.5 140 M 81.5 140 M 79.5 140 L 77.5 140 M 77.5 140 M 75.5 140 L 73.5 140 M 73.5 140 M 71.5 140 L 69.5 140 M 69.5 140 M 67.5 140 L 65.5 140 M 65.5 140 M 63.5 140 L 61.5 140 M 61.5 140 M 59.5 140 L 57.5 140 M 57.5 140 M 55.5 140 L 53.5 140 M 53.5 140 M 51.5 140 L 49.5 140 M 49.5 140 M 47.5 140 L 45.5 140 M 45.5 140 M 43.5 140 L 41.5 140 M 41.5 140 M 39.5 140 L 37.5 140 M 37.5 140 M 35.5 140 L 33.5 140 M 33.5 140 M 31.5 140 L 29.5 140 M 29.5 140 M 27.5 140 L 25.5 140 M 25.5 140 M 23.5 140 L 21.5 140 M 21.5 140 M 19.5 140 L 17.5 140 M 17.5 140 M 15.5 140 L 13.5 140 M 13.5 140 M 11.5 140 L 9.5 140 M 9.5 140 M 7.5 140 L 5.5 140 M 5.5 140 M 3.5 140 L 1.5 140 M 1.5 140 M 0 139.5 L 0 137.5 M 0 137.5 M 0 135.5 L 0 133.5 M 0 133.5 M 0 131.5 L 0 129.5 M 0 129.5 M 0 127.5 L 0 125.5 M 0 125.5 M 0 123.5 L 0 121.5 M 0 121.5 M 0 119.5 L 0 117.5 M 0 117.5 M 0 115.5 L 0 113.5 M 0 113.5 M 0 111.5 L 0 109.5 M 0 109.5 M 0 107.5 L 0 105.5 M 0 105.5 M 0 103.5 L 0 101.5 M 0 101.5 M 0 99.5 L 0 97.5 M 0 97.5 M 0 95.5 L 0 93.5 M 0 93.5 M 0 91.5 L 0 89.5 M 0 89.5 M 0 87.5 L 0 85.5 M 0 85.5 M 0 83.5 L 0 81.5 M 0 81.5 M 0 79.5 L 0 77.5 M 0 77.5 M 0 75.5 L 0 73.5 M 0 73.5 M 0 71.5 L 0 69.5 M 0 69.5 M 0 67.5 L 0 65.5 M 0 65.5 M 0 63.5 L 0 61.5 M 0 61.5 M 0 59.5 L 0 57.5 M 0 57.5 M 0 55.5 L 0 53.5 M 0 53.5 M 0 51.5 L 0 49.5 M 0 49.5 M 0 47.5 L 0 45.5 M 0 45.5 M 0 43.5 L 0 41.5 M 0 41.5 M 0 39.5 L 0 37.5 M 0 37.5 M 0 35.5 L 0 33.5 M 0 33.5 M 0 31.5 L 0 29.5 M 0 29.5 M 0 27.5 L 0 25.5 M 0 25.5 M 0 23.5 L 0 21.5 M 0 21.5 M 0 19.5 L 0 17.5 M 0 17.5 M 0 15.5 L 0 13.5 M 0 13.5 M 0 11.5 L 0 9.5 M 0 9.5 M 0 7.5 L 0 5.5 M 0 5.5 M 0 3.5 L 0 1.5 M 0 1.5 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,287,245)"><g transform="translate(0,0)"><g transform="translate(181.5,-122.5) translate(-468.5,-122.5) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 353.78932188134524 249.5 L 291.5 323" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,390.71067811865476,245)"><g transform="translate(0,0)"><g transform="translate(142.5,-118.5) translate(-533.2106781186548,-126.5) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 395.21067811865476 249.5 L 459.5 323" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,288.71067811865476,105.5)"><g transform="translate(0,0)"><g transform="translate(-20.289321881345245,-150) translate(-268.4213562373095,44.5) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 353.78932188134524 174.5 L 293.21067811865476 110" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,79.21067811865476,105.49999999999999)"><g transform="translate(0,0)"><g transform="translate(-26,-109) translate(-53.210678118654755,3.500000000000014) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 251.78932188134524 109.99999999999999 L 83.71067811865476 174.5" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,222.5,35)"><g transform="translate(4,4) scale(1.01,1.0133333333333334)"><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="url(#xKnpNsEUztog)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#xKnpNsEUztog)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,233,66)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="21.9912109375" y="0" width="38" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="21.9912109375" y="0" width="38" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="22" y="11">R</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="31" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="37" y="11">u</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="44" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="47" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="54" y="11">r</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,13,174.5)"><g transform="translate(4,4) scale(1.01,1.0133333333333334)"><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="url(#oGRgamfHfecD)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#oGRgamfHfecD)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,23,205)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.326171875" y="0" width="32" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.326171875" y="0" width="32" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24" y="11">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="11">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="49" y="11">1</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,324.5,174.5)"><g transform="translate(4,4) scale(1.01,1.0133333333333334)"><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="url(#ubSpGvJiSkdd)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#ubSpGvJiSkdd)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,335,205)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.326171875" y="0" width="32" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.326171875" y="0" width="32" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24" y="11">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="11">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="49" y="11">3</text></g></g><g transform="matrix(1,0,0,1,3,156)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="127" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="127" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="11">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">2001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">db8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="77" y="11">::</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="83" y="11">a001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="110" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="113" y="11">64</text></g></g><g transform="matrix(1,0,0,1,320,156)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="127" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="11">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">2001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">db8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="77" y="11">::</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="83" y="11">c001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="109" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="113" y="11">64</text></g></g><g transform="matrix(1,0,0,1,302,257)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="23.2978515625" y="0" width="100" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="23.2978515625" y="0" width="100" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="23" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="30" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="37" y="11">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="43" y="11">k</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="49" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="55" y="11">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="69" y="11">f</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="73" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="79" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="86" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="93" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="96" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="99" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="106" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="109" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="116" y="11">4</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,241.5,323)"><g transform="translate(4,4) scale(1.01,1.01)"><g><g transform="translate(0,0) scale(0.9999999999999999,0.9999999999999999)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1.0000000000000002,1.0000000000000002)"><path fill="none" stroke="none" d="M 0 0 L 99.99999999999999 0 Q 99.99999999999999 0 99.99999999999999 0 L 99.99999999999999 99.99999999999999 Q 99.99999999999999 99.99999999999999 99.99999999999999 99.99999999999999 L 0 99.99999999999999 Q 0 99.99999999999999 0 99.99999999999999 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 99.99999999999999 0 Q 99.99999999999999 0 99.99999999999999 0 L 99.99999999999999 99.99999999999999 Q 99.99999999999999 99.99999999999999 99.99999999999999 99.99999999999999 L 0 99.99999999999999 Q 0 99.99999999999999 0 99.99999999999999 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(0.9999999999999999,0.9999999999999999)"><g><path fill="url(#keFrGZTtpCuO)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1.0000000000000002,1.0000000000000002)"><path fill="none" stroke="none" d="M 0 0 L 99.99999999999999 0 Q 99.99999999999999 0 99.99999999999999 0 L 99.99999999999999 99.99999999999999 Q 99.99999999999999 99.99999999999999 99.99999999999999 99.99999999999999 L 0 99.99999999999999 Q 0 99.99999999999999 0 99.99999999999999 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#keFrGZTtpCuO)" stroke="#333333" d="M 0 0 M 0 0 L 99.99999999999999 0 Q 99.99999999999999 0 99.99999999999999 0 L 99.99999999999999 99.99999999999999 Q 99.99999999999999 99.99999999999999 99.99999999999999 99.99999999999999 L 0 99.99999999999999 Q 0 99.99999999999999 0 99.99999999999999 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,252,366)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="10.6474609375" y="0" width="60" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="10.6474609375" y="0" width="60" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="11" y="11">C</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="19" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="26" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="36" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="43" y="11">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="45" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="52" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59" y="11">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="63" y="11">1</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,409.5,323)"><g transform="translate(4,4) scale(1.01,1.01)"><g><g transform="translate(0,0) scale(1,1)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,1)"><g><path fill="url(#naovqTKySRGJ)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#naovqTKySRGJ)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,420,366)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="10.6474609375" y="0" width="60" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="10.6474609375" y="0" width="60" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="11" y="11">C</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="19" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="26" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="36" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="43" y="11">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="45" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="52" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59" y="11">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="63" y="11">2</text></g></g><g transform="matrix(1,0,0,1,220,306)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="6.607421875" y="0" width="134" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="7" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="13" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="17" y="11">h</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="23" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="47" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="60" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="63" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="70" y="11">b</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="77" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="83" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="87" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="90" y="11">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="96" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="103" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="109" y="11">9</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="116" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="119" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="126" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="133" y="11">5</text></g></g><g transform="matrix(1,0,0,1,388,306)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="6.607421875" y="0" width="134" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="7" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="13" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="17" y="11">h</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="23" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="47" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="60" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="63" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="70" y="11">b</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="77" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="83" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="87" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="90" y="11">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="96" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="103" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="109" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="116" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="119" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="126" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="133" y="11">5</text></g></g><g transform="matrix(1,0,0,1,197,117)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="19.6181640625" y="0" width="108" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="19.6181640625" y="0" width="108" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="20" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="26" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="30" y="11">h</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="36" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="60" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="66" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="73" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="76" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="83" y="11">b</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="90" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="96" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="100" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="103" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="110" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="113" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="120" y="11">4</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,163.5,174.5)"><g transform="translate(4,4) scale(1.01,1.0133333333333334)"><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="url(#AKcGbNDhiIrM)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#AKcGbNDhiIrM)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,174,205)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.326171875" y="0" width="32" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.326171875" y="0" width="32" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24" y="11">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="11">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="49" y="11">2</text></g></g><g transform="matrix(1,0,0,1,154,156)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="127" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="127" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="11">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">2001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">db8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="77" y="11">::</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="83" y="11">b001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="110" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="113" y="11">64</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,479.5,174.5)"><g transform="translate(4,4) scale(1.01,1.0133333333333334)"><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 2 0 M 2 0 M 4 0 L 6 0 M 6 0 M 8 0 L 10 0 M 10 0 M 12 0 L 14 0 M 14 0 M 16 0 L 18 0 M 18 0 M 20 0 L 22 0 M 22 0 M 24 0 L 26 0 M 26 0 M 28 0 L 30 0 M 30 0 M 32 0 L 34 0 M 34 0 M 36 0 L 38 0 M 38 0 M 40 0 L 42 0 M 42 0 M 44 0 L 46 0 M 46 0 M 48 0 L 50 0 M 50 0 M 52 0 L 54 0 M 54 0 M 56 0 L 58 0 M 58 0 M 60 0 L 62 0 M 62 0 M 64 0 L 66 0 M 66 0 M 68 0 L 70 0 M 70 0 M 72 0 L 74 0 M 74 0 M 76 0 L 78 0 M 78 0 M 80 0 L 82 0 M 82 0 M 84 0 L 86 0 M 86 0 M 88 0 L 90 0 M 90 0 M 92 0 L 94 0 M 94 0 M 96 0 L 98 0 M 98 0 M 100 0 L 100 0 Q 100 0 100 0 L 100 2 M 100 2 M 100 4 L 100 6 M 100 6 M 100 8 L 100 10 M 100 10 M 100 12 L 100 14 M 100 14 M 100 16 L 100 18 M 100 18 M 100 20 L 100 22 M 100 22 M 100 24 L 100 26 M 100 26 M 100 28 L 100 30 M 100 30 M 100 32 L 100 34 M 100 34 M 100 36 L 100 38 M 100 38 M 100 40 L 100 42 M 100 42 M 100 44 L 100 46 M 100 46 M 100 48 L 100 50 M 100 50 M 100 52 L 100 54 M 100 54 M 100 56 L 100 58 M 100 58 M 100 60 L 100 62 M 100 62 M 100 64 L 100 66 M 100 66 M 100 68 L 100 70 M 100 70 M 100 72 L 100 74 M 100 74 M 99 75 L 97 75 M 97 75 M 95 75 L 93 75 M 93 75 M 91 75 L 89 75 M 89 75 M 87 75 L 85 75 M 85 75 M 83 75 L 81 75 M 81 75 M 79 75 L 77 75 M 77 75 M 75 75 L 73 75 M 73 75 M 71 75 L 69 75 M 69 75 M 67 75 L 65 75 M 65 75 M 63 75 L 61 75 M 61 75 M 59 75 L 57 75 M 57 75 M 55 75 L 53 75 M 53 75 M 51 75 L 49 75 M 49 75 M 47 75 L 45 75 M 45 75 M 43 75 L 41 75 M 41 75 M 39 75 L 37 75 M 37 75 M 35 75 L 33 75 M 33 75 M 31 75 L 29 75 M 29 75 M 27 75 L 25 75 M 25 75 M 23 75 L 21 75 M 21 75 M 19 75 L 17 75 M 17 75 M 15 75 L 13 75 M 13 75 M 11 75 L 9 75 M 9 75 M 7 75 L 5 75 M 5 75 M 3 75 L 1 75 M 1 75 M 0 74 L 0 72 M 0 72 M 0 70 L 0 68 M 0 68 M 0 66 L 0 64 M 0 64 M 0 62 L 0 60 M 0 60 M 0 58 L 0 56 M 0 56 M 0 54 L 0 52 M 0 52 M 0 50 L 0 48 M 0 48 M 0 46 L 0 44 M 0 44 M 0 42 L 0 40 M 0 40 M 0 38 L 0 36 M 0 36 M 0 34 L 0 32 M 0 32 M 0 30 L 0 28 M 0 28 M 0 26 L 0 24 M 0 24 M 0 22 L 0 20 M 0 20 M 0 18 L 0 16 M 0 16 M 0 14 L 0 12 M 0 12 M 0 10 L 0 8 M 0 8 M 0 6 L 0 4 M 0 4 M 0 2 L 0 0 M 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="#e2e2e2" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#333333" d="M 0 0 M 0 0 L 2 0 M 2 0 M 4 0 L 6 0 M 6 0 M 8 0 L 10 0 M 10 0 M 12 0 L 14 0 M 14 0 M 16 0 L 18 0 M 18 0 M 20 0 L 22 0 M 22 0 M 24 0 L 26 0 M 26 0 M 28 0 L 30 0 M 30 0 M 32 0 L 34 0 M 34 0 M 36 0 L 38 0 M 38 0 M 40 0 L 42 0 M 42 0 M 44 0 L 46 0 M 46 0 M 48 0 L 50 0 M 50 0 M 52 0 L 54 0 M 54 0 M 56 0 L 58 0 M 58 0 M 60 0 L 62 0 M 62 0 M 64 0 L 66 0 M 66 0 M 68 0 L 70 0 M 70 0 M 72 0 L 74 0 M 74 0 M 76 0 L 78 0 M 78 0 M 80 0 L 82 0 M 82 0 M 84 0 L 86 0 M 86 0 M 88 0 L 90 0 M 90 0 M 92 0 L 94 0 M 94 0 M 96 0 L 98 0 M 98 0 M 100 0 L 100 0 Q 100 0 100 0 L 100 2 M 100 2 M 100 4 L 100 6 M 100 6 M 100 8 L 100 10 M 100 10 M 100 12 L 100 14 M 100 14 M 100 16 L 100 18 M 100 18 M 100 20 L 100 22 M 100 22 M 100 24 L 100 26 M 100 26 M 100 28 L 100 30 M 100 30 M 100 32 L 100 34 M 100 34 M 100 36 L 100 38 M 100 38 M 100 40 L 100 42 M 100 42 M 100 44 L 100 46 M 100 46 M 100 48 L 100 50 M 100 50 M 100 52 L 100 54 M 100 54 M 100 56 L 100 58 M 100 58 M 100 60 L 100 62 M 100 62 M 100 64 L 100 66 M 100 66 M 100 68 L 100 70 M 100 70 M 100 72 L 100 74 M 100 74 M 99 75 L 97 75 M 97 75 M 95 75 L 93 75 M 93 75 M 91 75 L 89 75 M 89 75 M 87 75 L 85 75 M 85 75 M 83 75 L 81 75 M 81 75 M 79 75 L 77 75 M 77 75 M 75 75 L 73 75 M 73 75 M 71 75 L 69 75 M 69 75 M 67 75 L 65 75 M 65 75 M 63 75 L 61 75 M 61 75 M 59 75 L 57 75 M 57 75 M 55 75 L 53 75 M 53 75 M 51 75 L 49 75 M 49 75 M 47 75 L 45 75 M 45 75 M 43 75 L 41 75 M 41 75 M 39 75 L 37 75 M 37 75 M 35 75 L 33 75 M 33 75 M 31 75 L 29 75 M 29 75 M 27 75 L 25 75 M 25 75 M 23 75 L 21 75 M 21 75 M 19 75 L 17 75 M 17 75 M 15 75 L 13 75 M 13 75 M 11 75 L 9 75 M 9 75 M 7 75 L 5 75 M 5 75 M 3 75 L 1 75 M 1 75 M 0 74 L 0 72 M 0 72 M 0 70 L 0 68 M 0 68 M 0 66 L 0 64 M 0 64 M 0 62 L 0 60 M 0 60 M 0 58 L 0 56 M 0 56 M 0 54 L 0 52 M 0 52 M 0 50 L 0 48 M 0 48 M 0 46 L 0 44 M 0 44 M 0 42 L 0 40 M 0 40 M 0 38 L 0 36 M 0 36 M 0 34 L 0 32 M 0 32 M 0 30 L 0 28 M 0 28 M 0 26 L 0 24 M 0 24 M 0 22 L 0 20 M 0 20 M 0 18 L 0 16 M 0 16 M 0 14 L 0 12 M 0 12 M 0 10 L 0 8 M 0 8 M 0 6 L 0 4 M 0 4 M 0 2 L 0 0 M 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,490,205)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="9.3173828125" y="0" width="62" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="9.3173828125" y="0" width="62" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="9" y="11">C</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="18" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="25" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="31" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="35" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="41" y="11">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="44" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="51" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="65" y="11">x</text></g></g><g transform="matrix(1,0,0,1,470,156)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="126" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="126" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="11">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">2001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">db8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="77" y="11">::</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="83" y="11">c00y</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="109" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="112" y="11">64</text></g></g><g transform="matrix(1,0,0,1,288.71067811865476,105.5)"><g transform="translate(0,0)"><g transform="translate(-173,-117) translate(-115.71067811865476,11.5) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 293.21067811865476 110 M 293.21067811865476 110 L 300.8749849214907 112.29312041376 M 300.8749849214907 112.29312041376 M 308.53929172432663 114.58624082751999 L 316.20359852716257 116.87936124127998 M 316.20359852716257 116.87936124127998 M 323.8679053299985 119.17248165503997 L 331.53221213283445 121.46560206879997 M 331.53221213283445 121.46560206879997 M 339.1965189356704 123.75872248255996 L 346.8608257385063 126.05184289631995 M 346.8608257385063 126.05184289631995 M 354.52513254134226 128.34496331007995 L 362.1894393441782 130.63808372383994 M 362.1894393441782 130.63808372383994 M 369.85374614701414 132.93120413759993 L 377.5180529498501 135.22432455135993 M 377.5180529498501 135.22432455135993 M 385.182359752686 137.51744496511992 L 392.84666655552195 139.81056537887991 M 392.84666655552195 139.81056537887991 M 400.5109733583579 142.1036857926399 L 408.1752801611938 144.3968062063999 M 408.1752801611938 144.3968062063999 M 415.83958696402976 146.6899266201599 L 423.5038937668657 148.9830470339199 M 423.5038937668657 148.9830470339199 M 431.16820056970164 151.27616744767988 L 438.8325073725376 153.56928786143988 M 438.8325073725376 153.56928786143988 M 446.4968141753735 155.86240827519987 L 454.16112097820945 158.15552868895983 M 454.16112097820945 158.15552868895983 M 461.8254277810454 160.4486491027198 L 469.48973458388133 162.7417695164798 M 469.48973458388133 162.7417695164798 M 477.15404138671727 165.03488993023976 L 484.8183481895532 167.32801034399975 M 484.8183481895532 167.32801034399975 M 492.48265499238914 169.62113075775972 L 500.1469617952251 171.9142511715197 M 500.1469617952251 171.9142511715197 M 507.811268598061 174.20737158527967 L 508.78932188134524 174.5" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,458,257)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="28" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="28" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="20.9658203125" y="0" width="106" height="28" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="20.9658203125" y="0" width="106" height="28" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="21" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="28" y="11">x</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="34" y="11">p</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="40" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="47" y="11">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="53" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="56" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="63" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="73" y="11">C</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="82" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="88" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="95" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="98" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="105" y="11">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="108" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="114" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="121" y="11">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="52" y="25">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="55" y="25">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="62" y="25">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="68" y="25">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="74" y="25">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="78" y="25">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="80" y="25">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="87" y="25">n</text></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/userguide/networking/default_network/images/ipv6_routed_network_example.gliffy b/docs/userguide/networking/default_network/images/ipv6_routed_network_example.gliffy
new file mode 100644
index 00000000..544fd52d
--- /dev/null
+++ b/docs/userguide/networking/default_network/images/ipv6_routed_network_example.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#FFFFFF","width":893,"height":447,"nodeIndex":185,"autoFit":true,"exportBorder":false,"gridOn":false,"snapToGrid":false,"drawingGuidesOn":true,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":-17.000680271168676,"y":7},"max":{"x":892.767693574114,"y":447}},"objects":[{"x":17.5,"y":205.5,"rotation":0.0,"id":167,"width":238.5,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":38,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">ip -6 route add 2001:db8:1::/64 dev docker0</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":231.28932188134524,"y":95.0,"rotation":0.0,"id":120,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":6,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":161,"py":0.0,"px":0.2928932188134524}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":131,"py":1.0,"px":0.7071067811865476}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[267.5,47.5],[217.9213562373095,-13.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":187.0,"y":206.5,"rotation":0.0,"id":121,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":9,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":140,"py":0.9999999999999998,"px":0.29289321881345254}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":148,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[130.28932188134524,11.0],[-79.0,91.5]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":174.0,"y":217.5,"rotation":0.0,"id":122,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":8,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":140,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":146,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[164.0,0.0],[120.0,81.5]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":33.50000000000003,"y":409.0,"rotation":0.0,"id":123,"width":346.49999999999994,"height":16.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":31,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">ip -6 route add default via fe80::1 dev eth0</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":3.5000000000000284,"y":268.5,"rotation":0.0,"id":124,"width":411.00000000000006,"height":163.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":3,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":"2,2","dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[]},{"x":237.0,"y":54.0,"rotation":0.0,"id":125,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":7,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":131,"py":0.9999999999999998,"px":0.29289321881345254}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":140,"py":0.0,"px":0.7071067811865476}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[170.78932188134524,27.999999999999986],[121.71067811865476,88.5]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":378.5,"y":7.0,"rotation":0.0,"id":131,"width":100.0,"height":75.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":10,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#e2e2e2","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":132,"width":96.0,"height":13.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Layer 2 Switch</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":785.0,"y":195.0,"rotation":0.0,"id":136,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":32,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":143,"py":0.6187943262411347,"px":1.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":"8.0,8.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[78.75000000000011,-0.25],[-798.0006802711687,-3.410605131648481E-13]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":262.0,"y":224.0,"rotation":0.0,"id":138,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":19,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">docker0 fe80::1/64</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":278.0,"y":126.0,"rotation":0.0,"id":139,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":16,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">eth0 2001:db8:0::1/64</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":288.0,"y":142.5,"rotation":0.0,"id":140,"width":100.0,"height":75.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":12,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#a4c2f4","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":141,"width":96.0,"height":13.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Host1</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":3.4999999999999716,"y":107.5,"rotation":0.0,"id":142,"width":411.0,"height":141.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":1,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":"2,2","dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[]},{"x":221.0,"y":283.0,"rotation":0.0,"id":144,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":34,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">eth0 2001:db8:1::2/64</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":34.000000000000014,"y":283.0,"rotation":0.0,"id":145,"width":149.99999999999997,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":24,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">eth0 2001:db8:1::1/64</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":244.0,"y":299.0,"rotation":0.0,"id":146,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.square","order":22,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#ead1dc","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":147,"width":96.0,"height":13.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Container1-2</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":58.0,"y":298.0,"rotation":0.0,"id":148,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.square","order":20,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#ead1dc","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":149,"width":96.0,"height":13.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Container1-1</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":317.0,"y":436.5,"rotation":0.0,"id":158,"width":223.00000000000003,"height":11.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":37,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-style:italic;font-size:10px;\">containers&#39; link-local addresses are not displayed</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":17.5,"y":148.0,"rotation":0.0,"id":137,"width":291.0,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":29,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">ip -6 route add 2001:db8:0::/64 dev eth0</span></p><p style=\"text-align:left;\"><span style=\"\">ip -6 route add 2001:db8:2::/64 via 2001:db8:0::2</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":901.7500000000001,"y":195.0,"rotation":0.0,"id":172,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":43,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-12.982306425886122,0.0],[-41.25,0.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":670.0,"y":284.0,"rotation":0.0,"id":155,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":36,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">eth0 2001:db8:2::2/64</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":479.0,"y":284.0,"rotation":0.0,"id":150,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":35,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">eth0 2001:db8:2::1/64</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":488.75,"y":408.0,"rotation":0.0,"id":152,"width":339.75,"height":16.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":30,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">ip -6 route add default via fe80::1 dev eth0</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":694.5,"y":298.0,"rotation":0.0,"id":156,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.square","order":27,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#ead1dc","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":157,"width":96.0,"height":13.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Container2-2</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":501.5,"y":298.0,"rotation":0.0,"id":153,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.square","order":25,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#ead1dc","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":154,"width":96.0,"height":13.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Container2-1</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":444.5,"y":223.0,"rotation":0.0,"id":160,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":18,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">docker0 fe80::1/64</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":460.5,"y":128.0,"rotation":0.0,"id":159,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":17,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">eth0 2001:db8:0::2/64</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":469.5,"y":142.5,"rotation":0.0,"id":161,"width":100.0,"height":75.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":14,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#a4c2f4","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":162,"width":96.0,"height":13.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Host2</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":139.5,"y":86.5,"rotation":0.0,"id":126,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":5,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":161,"py":1.0,"px":0.7071067811865476}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":156,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[400.71067811865476,131.0],[605.0,211.5]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":100.5,"y":90.5,"rotation":0.0,"id":127,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":4,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":161,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":153,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[419.0,127.0],[451.0,207.5]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":447.75,"y":268.5,"rotation":0.0,"id":151,"width":416.0000000000001,"height":163.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":2,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":"2,2","dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[]},{"x":447.75,"y":107.5,"rotation":0.0,"id":143,"width":416.0000000000001,"height":141.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":0,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":"2,2","dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[]},{"x":795.7500000000001,"y":307.5,"rotation":270.0,"id":173,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":41,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">managed by Docker</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":879.7500000000001,"y":417.0,"rotation":0.0,"id":174,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":40,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":2,"endArrow":2,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[0.0,14.008510484195028],[0.0,-221.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":898.7500000000001,"y":432.0,"rotation":0.0,"id":171,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":42,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-13.981657549458532,0.0],[-41.25,0.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":582.5,"y":151.0,"rotation":0.0,"id":135,"width":285.25000000000017,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":33,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">ip -6 route add 2001:db8:0::/64 dev eth0</span></p><p style=\"text-align:left;\"><span style=\"\">ip -6 route add 2001:db8:1::/64 via 2001:db8:0::1</span><span style=\"text-decoration:none;\"> </span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":583.0,"y":204.0,"rotation":0.0,"id":168,"width":272.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":39,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">ip -6 route add 2001:db8:2::/64 dev docker0</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]}],"shapeStyles":{"com.gliffy.shape.basic.basic_v1.default":{"fill":"#e2e2e2","stroke":"#333333","strokeWidth":2,"dashStyle":"2.0,2.0","gradient":true,"shadow":true}},"lineStyles":{"global":{"stroke":"#000000","strokeWidth":1,"dashStyle":"8.0,8.0"}},"textStyles":{}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.basic.basic_v1.default","com.gliffy.libraries.flowchart.flowchart_v1.default","com.gliffy.libraries.swimlanes.swimlanes_v1.default","com.gliffy.libraries.uml.uml_v2.class","com.gliffy.libraries.uml.uml_v2.sequence","com.gliffy.libraries.uml.uml_v2.activity","com.gliffy.libraries.erd.erd_v1.default","com.gliffy.libraries.ui.ui_v3.containers_content","com.gliffy.libraries.ui.ui_v3.forms_controls","com.gliffy.libraries.images"],"autosaveDisabled":false},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/docs/userguide/networking/default_network/images/ipv6_routed_network_example.svg b/docs/userguide/networking/default_network/images/ipv6_routed_network_example.svg
new file mode 100644
index 00000000..c97b02c2
--- /dev/null
+++ b/docs/userguide/networking/default_network/images/ipv6_routed_network_example.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="912.767693574114" height="467"><defs><linearGradient id="kKfylQdvRaFI" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#e2e2e2"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="okETWrHtmeUv" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#a4c2f4"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="WLczqDFsktCx" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#a4c2f4"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="EOtrFaZZJZro" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#ead1dc"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="itkkpRbaglyb" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#ead1dc"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="MpRBXNFHBTHf" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#ead1dc"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="tVySeLJzhfuC" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#ead1dc"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient></defs><g transform="translate(0,0)"><g><rect fill="#FFFFFF" stroke="none" x="0" y="0" width="912.767693574114" height="467"/></g><g transform="translate(0,0) matrix(1,0,0,1,447.75,107.5)"><g><g transform="translate(0,0) scale(4.160000000000001,1.41)"><g><path fill="#FFFFFF" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(0.24038461538461534,0.7092198581560284)"><path fill="none" stroke="none" d="M 0 0 L 416.0000000000001 0 Q 416.0000000000001 0 416.0000000000001 0 L 416.0000000000001 141 Q 416.0000000000001 141 416.0000000000001 141 L 0 141 Q 0 141 0 141 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#333333" d="M 0 0 M 0 0 L 2 0 M 2 0 M 4 0 L 6 0 M 6 0 M 8 0 L 10 0 M 10 0 M 12 0 L 14 0 M 14 0 M 16 0 L 18 0 M 18 0 M 20 0 L 22 0 M 22 0 M 24 0 L 26 0 M 26 0 M 28 0 L 30 0 M 30 0 M 32 0 L 34 0 M 34 0 M 36 0 L 38 0 M 38 0 M 40 0 L 42 0 M 42 0 M 44 0 L 46 0 M 46 0 M 48 0 L 50 0 M 50 0 M 52 0 L 54 0 M 54 0 M 56 0 L 58 0 M 58 0 M 60 0 L 62 0 M 62 0 M 64 0 L 66 0 M 66 0 M 68 0 L 70 0 M 70 0 M 72 0 L 74 0 M 74 0 M 76 0 L 78 0 M 78 0 M 80 0 L 82 0 M 82 0 M 84 0 L 86 0 M 86 0 M 88 0 L 90 0 M 90 0 M 92 0 L 94 0 M 94 0 M 96 0 L 98 0 M 98 0 M 100 0 L 102 0 M 102 0 M 104 0 L 106 0 M 106 0 M 108 0 L 110 0 M 110 0 M 112 0 L 114 0 M 114 0 M 116 0 L 118 0 M 118 0 M 120 0 L 122 0 M 122 0 M 124 0 L 126 0 M 126 0 M 128 0 L 130 0 M 130 0 M 132 0 L 134 0 M 134 0 M 136 0 L 138 0 M 138 0 M 140 0 L 142 0 M 142 0 M 144 0 L 146 0 M 146 0 M 148 0 L 150 0 M 150 0 M 152 0 L 154 0 M 154 0 M 156 0 L 158 0 M 158 0 M 160 0 L 162 0 M 162 0 M 164 0 L 166 0 M 166 0 M 168 0 L 170 0 M 170 0 M 172 0 L 174 0 M 174 0 M 176 0 L 178 0 M 178 0 M 180 0 L 182 0 M 182 0 M 184 0 L 186 0 M 186 0 M 188 0 L 190 0 M 190 0 M 192 0 L 194 0 M 194 0 M 196 0 L 198 0 M 198 0 M 200 0 L 202 0 M 202 0 M 204 0 L 206 0 M 206 0 M 208 0 L 210 0 M 210 0 M 212 0 L 214 0 M 214 0 M 216 0 L 218 0 M 218 0 M 220 0 L 222 0 M 222 0 M 224 0 L 226 0 M 226 0 M 228 0 L 230 0 M 230 0 M 232 0 L 234 0 M 234 0 M 236 0 L 238 0 M 238 0 M 240 0 L 242 0 M 242 0 M 244 0 L 246 0 M 246 0 M 248 0 L 250 0 M 250 0 M 252 0 L 254 0 M 254 0 M 256 0 L 258 0 M 258 0 M 260 0 L 262 0 M 262 0 M 264 0 L 266 0 M 266 0 M 268 0 L 270 0 M 270 0 M 272 0 L 274 0 M 274 0 M 276 0 L 278 0 M 278 0 M 280 0 L 282 0 M 282 0 M 284 0 L 286 0 M 286 0 M 288 0 L 290 0 M 290 0 M 292 0 L 294 0 M 294 0 M 296 0 L 298 0 M 298 0 M 300 0 L 302 0 M 302 0 M 304 0 L 306 0 M 306 0 M 308 0 L 310 0 M 310 0 M 312 0 L 314 0 M 314 0 M 316 0 L 318 0 M 318 0 M 320 0 L 322 0 M 322 0 M 324 0 L 326 0 M 326 0 M 328 0 L 330 0 M 330 0 M 332 0 L 334 0 M 334 0 M 336 0 L 338 0 M 338 0 M 340 0 L 342 0 M 342 0 M 344 0 L 346 0 M 346 0 M 348 0 L 350 0 M 350 0 M 352 0 L 354 0 M 354 0 M 356 0 L 358 0 M 358 0 M 360 0 L 362 0 M 362 0 M 364 0 L 366 0 M 366 0 M 368 0 L 370 0 M 370 0 M 372 0 L 374 0 M 374 0 M 376 0 L 378 0 M 378 0 M 380 0 L 382 0 M 382 0 M 384 0 L 386 0 M 386 0 M 388 0 L 390 0 M 390 0 M 392 0 L 394 0 M 394 0 M 396 0 L 398 0 M 398 0 M 400 0 L 402 0 M 402 0 M 404 0 L 406 0 M 406 0 M 408 0 L 410 0 M 410 0 M 412 0 L 414 0 M 414 0 M 416 0 L 416.0000000000001 0 Q 416.0000000000001 0 416.0000000000001 0 L 416.0000000000001 1.9999999999998863 M 416.0000000000001 1.9999999999998863 M 416.0000000000001 3.9999999999998863 L 416.0000000000001 5.999999999999886 M 416.0000000000001 5.999999999999886 M 416.0000000000001 7.999999999999886 L 416.0000000000001 9.999999999999886 M 416.0000000000001 9.999999999999886 M 416.0000000000001 11.999999999999886 L 416.0000000000001 13.999999999999886 M 416.0000000000001 13.999999999999886 M 416.0000000000001 15.999999999999886 L 416.0000000000001 17.999999999999886 M 416.0000000000001 17.999999999999886 M 416.0000000000001 19.999999999999886 L 416.0000000000001 21.999999999999886 M 416.0000000000001 21.999999999999886 M 416.0000000000001 23.999999999999886 L 416.0000000000001 25.999999999999886 M 416.0000000000001 25.999999999999886 M 416.0000000000001 27.999999999999886 L 416.0000000000001 29.999999999999886 M 416.0000000000001 29.999999999999886 M 416.0000000000001 31.999999999999886 L 416.0000000000001 33.999999999999886 M 416.0000000000001 33.999999999999886 M 416.0000000000001 35.999999999999886 L 416.0000000000001 37.999999999999886 M 416.0000000000001 37.999999999999886 M 416.0000000000001 39.999999999999886 L 416.0000000000001 41.999999999999886 M 416.0000000000001 41.999999999999886 M 416.0000000000001 43.999999999999886 L 416.0000000000001 45.999999999999886 M 416.0000000000001 45.999999999999886 M 416.0000000000001 47.999999999999886 L 416.0000000000001 49.999999999999886 M 416.0000000000001 49.999999999999886 M 416.0000000000001 51.999999999999886 L 416.0000000000001 53.999999999999886 M 416.0000000000001 53.999999999999886 M 416.0000000000001 55.999999999999886 L 416.0000000000001 57.999999999999886 M 416.0000000000001 57.999999999999886 M 416.0000000000001 59.999999999999886 L 416.0000000000001 61.999999999999886 M 416.0000000000001 61.999999999999886 M 416.0000000000001 63.999999999999886 L 416.0000000000001 65.99999999999989 M 416.0000000000001 65.99999999999989 M 416.0000000000001 67.99999999999989 L 416.0000000000001 69.99999999999989 M 416.0000000000001 69.99999999999989 M 416.0000000000001 71.99999999999989 L 416.0000000000001 73.99999999999989 M 416.0000000000001 73.99999999999989 M 416.0000000000001 75.99999999999989 L 416.0000000000001 77.99999999999989 M 416.0000000000001 77.99999999999989 M 416.0000000000001 79.99999999999989 L 416.0000000000001 81.99999999999989 M 416.0000000000001 81.99999999999989 M 416.0000000000001 83.99999999999989 L 416.0000000000001 85.99999999999989 M 416.0000000000001 85.99999999999989 M 416.0000000000001 87.99999999999989 L 416.0000000000001 89.99999999999989 M 416.0000000000001 89.99999999999989 M 416.0000000000001 91.99999999999989 L 416.0000000000001 93.99999999999989 M 416.0000000000001 93.99999999999989 M 416.0000000000001 95.99999999999989 L 416.0000000000001 97.99999999999989 M 416.0000000000001 97.99999999999989 M 416.0000000000001 99.99999999999989 L 416.0000000000001 101.99999999999989 M 416.0000000000001 101.99999999999989 M 416.0000000000001 103.99999999999989 L 416.0000000000001 105.99999999999989 M 416.0000000000001 105.99999999999989 M 416.0000000000001 107.99999999999989 L 416.0000000000001 109.99999999999989 M 416.0000000000001 109.99999999999989 M 416.0000000000001 111.99999999999989 L 416.0000000000001 113.99999999999989 M 416.0000000000001 113.99999999999989 M 416.0000000000001 115.99999999999989 L 416.0000000000001 117.99999999999989 M 416.0000000000001 117.99999999999989 M 416.0000000000001 119.99999999999989 L 416.0000000000001 121.99999999999989 M 416.0000000000001 121.99999999999989 M 416.0000000000001 123.99999999999989 L 416.0000000000001 125.99999999999989 M 416.0000000000001 125.99999999999989 M 416.0000000000001 127.99999999999989 L 416.0000000000001 129.9999999999999 M 416.0000000000001 129.9999999999999 M 416.0000000000001 131.9999999999999 L 416.0000000000001 133.9999999999999 M 416.0000000000001 133.9999999999999 M 416.0000000000001 135.9999999999999 L 416.0000000000001 137.9999999999999 M 416.0000000000001 137.9999999999999 M 416.0000000000001 139.9999999999999 L 416.0000000000001 141 Q 416.0000000000001 141 416.0000000000001 141 L 415.0000000000002 141 M 415.0000000000002 141 M 413.0000000000002 141 L 411.0000000000002 141 M 411.0000000000002 141 M 409.0000000000002 141 L 407.0000000000002 141 M 407.0000000000002 141 M 405.0000000000002 141 L 403.0000000000002 141 M 403.0000000000002 141 M 401.0000000000002 141 L 399.0000000000002 141 M 399.0000000000002 141 M 397.0000000000002 141 L 395.0000000000002 141 M 395.0000000000002 141 M 393.0000000000002 141 L 391.0000000000002 141 M 391.0000000000002 141 M 389.0000000000002 141 L 387.0000000000002 141 M 387.0000000000002 141 M 385.0000000000002 141 L 383.0000000000002 141 M 383.0000000000002 141 M 381.0000000000002 141 L 379.0000000000002 141 M 379.0000000000002 141 M 377.0000000000002 141 L 375.0000000000002 141 M 375.0000000000002 141 M 373.0000000000002 141 L 371.0000000000002 141 M 371.0000000000002 141 M 369.0000000000002 141 L 367.0000000000002 141 M 367.0000000000002 141 M 365.0000000000002 141 L 363.0000000000002 141 M 363.0000000000002 141 M 361.0000000000002 141 L 359.0000000000002 141 M 359.0000000000002 141 M 357.0000000000002 141 L 355.0000000000002 141 M 355.0000000000002 141 M 353.0000000000002 141 L 351.0000000000002 141 M 351.0000000000002 141 M 349.0000000000002 141 L 347.0000000000002 141 M 347.0000000000002 141 M 345.0000000000002 141 L 343.0000000000002 141 M 343.0000000000002 141 M 341.0000000000002 141 L 339.0000000000002 141 M 339.0000000000002 141 M 337.0000000000002 141 L 335.0000000000002 141 M 335.0000000000002 141 M 333.0000000000002 141 L 331.0000000000002 141 M 331.0000000000002 141 M 329.0000000000002 141 L 327.0000000000002 141 M 327.0000000000002 141 M 325.0000000000002 141 L 323.0000000000002 141 M 323.0000000000002 141 M 321.0000000000002 141 L 319.0000000000002 141 M 319.0000000000002 141 M 317.0000000000002 141 L 315.0000000000002 141 M 315.0000000000002 141 M 313.0000000000002 141 L 311.0000000000002 141 M 311.0000000000002 141 M 309.0000000000002 141 L 307.0000000000002 141 M 307.0000000000002 141 M 305.0000000000002 141 L 303.0000000000002 141 M 303.0000000000002 141 M 301.0000000000002 141 L 299.0000000000002 141 M 299.0000000000002 141 M 297.0000000000002 141 L 295.0000000000002 141 M 295.0000000000002 141 M 293.0000000000002 141 L 291.0000000000002 141 M 291.0000000000002 141 M 289.0000000000002 141 L 287.0000000000002 141 M 287.0000000000002 141 M 285.0000000000002 141 L 283.0000000000002 141 M 283.0000000000002 141 M 281.0000000000002 141 L 279.0000000000002 141 M 279.0000000000002 141 M 277.0000000000002 141 L 275.0000000000002 141 M 275.0000000000002 141 M 273.0000000000002 141 L 271.0000000000002 141 M 271.0000000000002 141 M 269.0000000000002 141 L 267.0000000000002 141 M 267.0000000000002 141 M 265.0000000000002 141 L 263.0000000000002 141 M 263.0000000000002 141 M 261.0000000000002 141 L 259.0000000000002 141 M 259.0000000000002 141 M 257.0000000000002 141 L 255.00000000000023 141 M 255.00000000000023 141 M 253.00000000000023 141 L 251.00000000000023 141 M 251.00000000000023 141 M 249.00000000000023 141 L 247.00000000000023 141 M 247.00000000000023 141 M 245.00000000000023 141 L 243.00000000000023 141 M 243.00000000000023 141 M 241.00000000000023 141 L 239.00000000000023 141 M 239.00000000000023 141 M 237.00000000000023 141 L 235.00000000000023 141 M 235.00000000000023 141 M 233.00000000000023 141 L 231.00000000000023 141 M 231.00000000000023 141 M 229.00000000000023 141 L 227.00000000000023 141 M 227.00000000000023 141 M 225.00000000000023 141 L 223.00000000000023 141 M 223.00000000000023 141 M 221.00000000000023 141 L 219.00000000000023 141 M 219.00000000000023 141 M 217.00000000000023 141 L 215.00000000000023 141 M 215.00000000000023 141 M 213.00000000000023 141 L 211.00000000000023 141 M 211.00000000000023 141 M 209.00000000000023 141 L 207.00000000000023 141 M 207.00000000000023 141 M 205.00000000000023 141 L 203.00000000000023 141 M 203.00000000000023 141 M 201.00000000000023 141 L 199.00000000000023 141 M 199.00000000000023 141 M 197.00000000000023 141 L 195.00000000000023 141 M 195.00000000000023 141 M 193.00000000000023 141 L 191.00000000000023 141 M 191.00000000000023 141 M 189.00000000000023 141 L 187.00000000000023 141 M 187.00000000000023 141 M 185.00000000000023 141 L 183.00000000000023 141 M 183.00000000000023 141 M 181.00000000000023 141 L 179.00000000000023 141 M 179.00000000000023 141 M 177.00000000000023 141 L 175.00000000000023 141 M 175.00000000000023 141 M 173.00000000000023 141 L 171.00000000000023 141 M 171.00000000000023 141 M 169.00000000000023 141 L 167.00000000000023 141 M 167.00000000000023 141 M 165.00000000000023 141 L 163.00000000000023 141 M 163.00000000000023 141 M 161.00000000000023 141 L 159.00000000000023 141 M 159.00000000000023 141 M 157.00000000000023 141 L 155.00000000000023 141 M 155.00000000000023 141 M 153.00000000000023 141 L 151.00000000000023 141 M 151.00000000000023 141 M 149.00000000000023 141 L 147.00000000000023 141 M 147.00000000000023 141 M 145.00000000000023 141 L 143.00000000000023 141 M 143.00000000000023 141 M 141.00000000000023 141 L 139.00000000000023 141 M 139.00000000000023 141 M 137.00000000000023 141 L 135.00000000000023 141 M 135.00000000000023 141 M 133.00000000000023 141 L 131.00000000000023 141 M 131.00000000000023 141 M 129.00000000000023 141 L 127.00000000000023 141 M 127.00000000000023 141 M 125.00000000000023 141 L 123.00000000000023 141 M 123.00000000000023 141 M 121.00000000000023 141 L 119.00000000000023 141 M 119.00000000000023 141 M 117.00000000000023 141 L 115.00000000000023 141 M 115.00000000000023 141 M 113.00000000000023 141 L 111.00000000000023 141 M 111.00000000000023 141 M 109.00000000000023 141 L 107.00000000000023 141 M 107.00000000000023 141 M 105.00000000000023 141 L 103.00000000000023 141 M 103.00000000000023 141 M 101.00000000000023 141 L 99.00000000000023 141 M 99.00000000000023 141 M 97.00000000000023 141 L 95.00000000000023 141 M 95.00000000000023 141 M 93.00000000000023 141 L 91.00000000000023 141 M 91.00000000000023 141 M 89.00000000000023 141 L 87.00000000000023 141 M 87.00000000000023 141 M 85.00000000000023 141 L 83.00000000000023 141 M 83.00000000000023 141 M 81.00000000000023 141 L 79.00000000000023 141 M 79.00000000000023 141 M 77.00000000000023 141 L 75.00000000000023 141 M 75.00000000000023 141 M 73.00000000000023 141 L 71.00000000000023 141 M 71.00000000000023 141 M 69.00000000000023 141 L 67.00000000000023 141 M 67.00000000000023 141 M 65.00000000000023 141 L 63.00000000000023 141 M 63.00000000000023 141 M 61.00000000000023 141 L 59.00000000000023 141 M 59.00000000000023 141 M 57.00000000000023 141 L 55.00000000000023 141 M 55.00000000000023 141 M 53.00000000000023 141 L 51.00000000000023 141 M 51.00000000000023 141 M 49.00000000000023 141 L 47.00000000000023 141 M 47.00000000000023 141 M 45.00000000000023 141 L 43.00000000000023 141 M 43.00000000000023 141 M 41.00000000000023 141 L 39.00000000000023 141 M 39.00000000000023 141 M 37.00000000000023 141 L 35.00000000000023 141 M 35.00000000000023 141 M 33.00000000000023 141 L 31.000000000000227 141 M 31.000000000000227 141 M 29.000000000000227 141 L 27.000000000000227 141 M 27.000000000000227 141 M 25.000000000000227 141 L 23.000000000000227 141 M 23.000000000000227 141 M 21.000000000000227 141 L 19.000000000000227 141 M 19.000000000000227 141 M 17.000000000000227 141 L 15.000000000000227 141 M 15.000000000000227 141 M 13.000000000000227 141 L 11.000000000000227 141 M 11.000000000000227 141 M 9.000000000000227 141 L 7.000000000000227 141 M 7.000000000000227 141 M 5.000000000000227 141 L 3.0000000000002274 141 M 3.0000000000002274 141 M 1.0000000000002274 141 L 0 141 Q 0 141 0 141 L 0 140.00000000000023 M 0 140.00000000000023 M 0 138.00000000000023 L 0 136.00000000000023 M 0 136.00000000000023 M 0 134.00000000000023 L 0 132.00000000000023 M 0 132.00000000000023 M 0 130.00000000000023 L 0 128.00000000000023 M 0 128.00000000000023 M 0 126.00000000000023 L 0 124.00000000000023 M 0 124.00000000000023 M 0 122.00000000000023 L 0 120.00000000000023 M 0 120.00000000000023 M 0 118.00000000000023 L 0 116.00000000000023 M 0 116.00000000000023 M 0 114.00000000000023 L 0 112.00000000000023 M 0 112.00000000000023 M 0 110.00000000000023 L 0 108.00000000000023 M 0 108.00000000000023 M 0 106.00000000000023 L 0 104.00000000000023 M 0 104.00000000000023 M 0 102.00000000000023 L 0 100.00000000000023 M 0 100.00000000000023 M 0 98.00000000000023 L 0 96.00000000000023 M 0 96.00000000000023 M 0 94.00000000000023 L 0 92.00000000000023 M 0 92.00000000000023 M 0 90.00000000000023 L 0 88.00000000000023 M 0 88.00000000000023 M 0 86.00000000000023 L 0 84.00000000000023 M 0 84.00000000000023 M 0 82.00000000000023 L 0 80.00000000000023 M 0 80.00000000000023 M 0 78.00000000000023 L 0 76.00000000000023 M 0 76.00000000000023 M 0 74.00000000000023 L 0 72.00000000000023 M 0 72.00000000000023 M 0 70.00000000000023 L 0 68.00000000000023 M 0 68.00000000000023 M 0 66.00000000000023 L 0 64.00000000000023 M 0 64.00000000000023 M 0 62.00000000000023 L 0 60.00000000000023 M 0 60.00000000000023 M 0 58.00000000000023 L 0 56.00000000000023 M 0 56.00000000000023 M 0 54.00000000000023 L 0 52.00000000000023 M 0 52.00000000000023 M 0 50.00000000000023 L 0 48.00000000000023 M 0 48.00000000000023 M 0 46.00000000000023 L 0 44.00000000000023 M 0 44.00000000000023 M 0 42.00000000000023 L 0 40.00000000000023 M 0 40.00000000000023 M 0 38.00000000000023 L 0 36.00000000000023 M 0 36.00000000000023 M 0 34.00000000000023 L 0 32.00000000000023 M 0 32.00000000000023 M 0 30.000000000000227 L 0 28.000000000000227 M 0 28.000000000000227 M 0 26.000000000000227 L 0 24.000000000000227 M 0 24.000000000000227 M 0 22.000000000000227 L 0 20.000000000000227 M 0 20.000000000000227 M 0 18.000000000000227 L 0 16.000000000000227 M 0 16.000000000000227 M 0 14.000000000000227 L 0 12.000000000000227 M 0 12.000000000000227 M 0 10.000000000000227 L 0 8.000000000000227 M 0 8.000000000000227 M 0 6.000000000000227 L 0 4.000000000000227 M 0 4.000000000000227 M 0 2.0000000000002274 L 0 2.2737367544323206e-13 M 0 2.2737367544323206e-13 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,3.4999999999999716,107.5)"><g><g transform="translate(0,0) scale(4.11,1.41)"><g><path fill="#FFFFFF" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(0.24330900243309,0.7092198581560284)"><path fill="none" stroke="none" d="M 0 0 L 411.00000000000006 0 Q 411.00000000000006 0 411.00000000000006 0 L 411.00000000000006 141 Q 411.00000000000006 141 411.00000000000006 141 L 0 141 Q 0 141 0 141 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#333333" d="M 0 0 M 0 0 L 2 0 M 2 0 M 4 0 L 6 0 M 6 0 M 8 0 L 10 0 M 10 0 M 12 0 L 14 0 M 14 0 M 16 0 L 18 0 M 18 0 M 20 0 L 22 0 M 22 0 M 24 0 L 26 0 M 26 0 M 28 0 L 30 0 M 30 0 M 32 0 L 34 0 M 34 0 M 36 0 L 38 0 M 38 0 M 40 0 L 42 0 M 42 0 M 44 0 L 46 0 M 46 0 M 48 0 L 50 0 M 50 0 M 52 0 L 54 0 M 54 0 M 56 0 L 58 0 M 58 0 M 60 0 L 62 0 M 62 0 M 64 0 L 66 0 M 66 0 M 68 0 L 70 0 M 70 0 M 72 0 L 74 0 M 74 0 M 76 0 L 78 0 M 78 0 M 80 0 L 82 0 M 82 0 M 84 0 L 86 0 M 86 0 M 88 0 L 90 0 M 90 0 M 92 0 L 94 0 M 94 0 M 96 0 L 98 0 M 98 0 M 100 0 L 102 0 M 102 0 M 104 0 L 106 0 M 106 0 M 108 0 L 110 0 M 110 0 M 112 0 L 114 0 M 114 0 M 116 0 L 118 0 M 118 0 M 120 0 L 122 0 M 122 0 M 124 0 L 126 0 M 126 0 M 128 0 L 130 0 M 130 0 M 132 0 L 134 0 M 134 0 M 136 0 L 138 0 M 138 0 M 140 0 L 142 0 M 142 0 M 144 0 L 146 0 M 146 0 M 148 0 L 150 0 M 150 0 M 152 0 L 154 0 M 154 0 M 156 0 L 158 0 M 158 0 M 160 0 L 162 0 M 162 0 M 164 0 L 166 0 M 166 0 M 168 0 L 170 0 M 170 0 M 172 0 L 174 0 M 174 0 M 176 0 L 178 0 M 178 0 M 180 0 L 182 0 M 182 0 M 184 0 L 186 0 M 186 0 M 188 0 L 190 0 M 190 0 M 192 0 L 194 0 M 194 0 M 196 0 L 198 0 M 198 0 M 200 0 L 202 0 M 202 0 M 204 0 L 206 0 M 206 0 M 208 0 L 210 0 M 210 0 M 212 0 L 214 0 M 214 0 M 216 0 L 218 0 M 218 0 M 220 0 L 222 0 M 222 0 M 224 0 L 226 0 M 226 0 M 228 0 L 230 0 M 230 0 M 232 0 L 234 0 M 234 0 M 236 0 L 238 0 M 238 0 M 240 0 L 242 0 M 242 0 M 244 0 L 246 0 M 246 0 M 248 0 L 250 0 M 250 0 M 252 0 L 254 0 M 254 0 M 256 0 L 258 0 M 258 0 M 260 0 L 262 0 M 262 0 M 264 0 L 266 0 M 266 0 M 268 0 L 270 0 M 270 0 M 272 0 L 274 0 M 274 0 M 276 0 L 278 0 M 278 0 M 280 0 L 282 0 M 282 0 M 284 0 L 286 0 M 286 0 M 288 0 L 290 0 M 290 0 M 292 0 L 294 0 M 294 0 M 296 0 L 298 0 M 298 0 M 300 0 L 302 0 M 302 0 M 304 0 L 306 0 M 306 0 M 308 0 L 310 0 M 310 0 M 312 0 L 314 0 M 314 0 M 316 0 L 318 0 M 318 0 M 320 0 L 322 0 M 322 0 M 324 0 L 326 0 M 326 0 M 328 0 L 330 0 M 330 0 M 332 0 L 334 0 M 334 0 M 336 0 L 338 0 M 338 0 M 340 0 L 342 0 M 342 0 M 344 0 L 346 0 M 346 0 M 348 0 L 350 0 M 350 0 M 352 0 L 354 0 M 354 0 M 356 0 L 358 0 M 358 0 M 360 0 L 362 0 M 362 0 M 364 0 L 366 0 M 366 0 M 368 0 L 370 0 M 370 0 M 372 0 L 374 0 M 374 0 M 376 0 L 378 0 M 378 0 M 380 0 L 382 0 M 382 0 M 384 0 L 386 0 M 386 0 M 388 0 L 390 0 M 390 0 M 392 0 L 394 0 M 394 0 M 396 0 L 398 0 M 398 0 M 400 0 L 402 0 M 402 0 M 404 0 L 406 0 M 406 0 M 408 0 L 410 0 M 410 0 M 411.00000000000006 0.9999999999999432 L 411.00000000000006 2.999999999999943 M 411.00000000000006 2.999999999999943 M 411.00000000000006 4.999999999999943 L 411.00000000000006 6.999999999999943 M 411.00000000000006 6.999999999999943 M 411.00000000000006 8.999999999999943 L 411.00000000000006 10.999999999999943 M 411.00000000000006 10.999999999999943 M 411.00000000000006 12.999999999999943 L 411.00000000000006 14.999999999999943 M 411.00000000000006 14.999999999999943 M 411.00000000000006 16.999999999999943 L 411.00000000000006 18.999999999999943 M 411.00000000000006 18.999999999999943 M 411.00000000000006 20.999999999999943 L 411.00000000000006 22.999999999999943 M 411.00000000000006 22.999999999999943 M 411.00000000000006 24.999999999999943 L 411.00000000000006 26.999999999999943 M 411.00000000000006 26.999999999999943 M 411.00000000000006 28.999999999999943 L 411.00000000000006 30.999999999999943 M 411.00000000000006 30.999999999999943 M 411.00000000000006 32.99999999999994 L 411.00000000000006 34.99999999999994 M 411.00000000000006 34.99999999999994 M 411.00000000000006 36.99999999999994 L 411.00000000000006 38.99999999999994 M 411.00000000000006 38.99999999999994 M 411.00000000000006 40.99999999999994 L 411.00000000000006 42.99999999999994 M 411.00000000000006 42.99999999999994 M 411.00000000000006 44.99999999999994 L 411.00000000000006 46.99999999999994 M 411.00000000000006 46.99999999999994 M 411.00000000000006 48.99999999999994 L 411.00000000000006 50.99999999999994 M 411.00000000000006 50.99999999999994 M 411.00000000000006 52.99999999999994 L 411.00000000000006 54.99999999999994 M 411.00000000000006 54.99999999999994 M 411.00000000000006 56.99999999999994 L 411.00000000000006 58.99999999999994 M 411.00000000000006 58.99999999999994 M 411.00000000000006 60.99999999999994 L 411.00000000000006 62.99999999999994 M 411.00000000000006 62.99999999999994 M 411.00000000000006 64.99999999999994 L 411.00000000000006 66.99999999999994 M 411.00000000000006 66.99999999999994 M 411.00000000000006 68.99999999999994 L 411.00000000000006 70.99999999999994 M 411.00000000000006 70.99999999999994 M 411.00000000000006 72.99999999999994 L 411.00000000000006 74.99999999999994 M 411.00000000000006 74.99999999999994 M 411.00000000000006 76.99999999999994 L 411.00000000000006 78.99999999999994 M 411.00000000000006 78.99999999999994 M 411.00000000000006 80.99999999999994 L 411.00000000000006 82.99999999999994 M 411.00000000000006 82.99999999999994 M 411.00000000000006 84.99999999999994 L 411.00000000000006 86.99999999999994 M 411.00000000000006 86.99999999999994 M 411.00000000000006 88.99999999999994 L 411.00000000000006 90.99999999999994 M 411.00000000000006 90.99999999999994 M 411.00000000000006 92.99999999999994 L 411.00000000000006 94.99999999999994 M 411.00000000000006 94.99999999999994 M 411.00000000000006 96.99999999999994 L 411.00000000000006 98.99999999999994 M 411.00000000000006 98.99999999999994 M 411.00000000000006 100.99999999999994 L 411.00000000000006 102.99999999999994 M 411.00000000000006 102.99999999999994 M 411.00000000000006 104.99999999999994 L 411.00000000000006 106.99999999999994 M 411.00000000000006 106.99999999999994 M 411.00000000000006 108.99999999999994 L 411.00000000000006 110.99999999999994 M 411.00000000000006 110.99999999999994 M 411.00000000000006 112.99999999999994 L 411.00000000000006 114.99999999999994 M 411.00000000000006 114.99999999999994 M 411.00000000000006 116.99999999999994 L 411.00000000000006 118.99999999999994 M 411.00000000000006 118.99999999999994 M 411.00000000000006 120.99999999999994 L 411.00000000000006 122.99999999999994 M 411.00000000000006 122.99999999999994 M 411.00000000000006 124.99999999999994 L 411.00000000000006 126.99999999999994 M 411.00000000000006 126.99999999999994 M 411.00000000000006 128.99999999999994 L 411.00000000000006 130.99999999999994 M 411.00000000000006 130.99999999999994 M 411.00000000000006 132.99999999999994 L 411.00000000000006 134.99999999999994 M 411.00000000000006 134.99999999999994 M 411.00000000000006 136.99999999999994 L 411.00000000000006 138.99999999999994 M 411.00000000000006 138.99999999999994 M 411.00000000000006 140.99999999999994 L 411.00000000000006 141 Q 411.00000000000006 141 411.00000000000006 141 L 409.0000000000001 141 M 409.0000000000001 141 M 407.0000000000001 141 L 405.0000000000001 141 M 405.0000000000001 141 M 403.0000000000001 141 L 401.0000000000001 141 M 401.0000000000001 141 M 399.0000000000001 141 L 397.0000000000001 141 M 397.0000000000001 141 M 395.0000000000001 141 L 393.0000000000001 141 M 393.0000000000001 141 M 391.0000000000001 141 L 389.0000000000001 141 M 389.0000000000001 141 M 387.0000000000001 141 L 385.0000000000001 141 M 385.0000000000001 141 M 383.0000000000001 141 L 381.0000000000001 141 M 381.0000000000001 141 M 379.0000000000001 141 L 377.0000000000001 141 M 377.0000000000001 141 M 375.0000000000001 141 L 373.0000000000001 141 M 373.0000000000001 141 M 371.0000000000001 141 L 369.0000000000001 141 M 369.0000000000001 141 M 367.0000000000001 141 L 365.0000000000001 141 M 365.0000000000001 141 M 363.0000000000001 141 L 361.0000000000001 141 M 361.0000000000001 141 M 359.0000000000001 141 L 357.0000000000001 141 M 357.0000000000001 141 M 355.0000000000001 141 L 353.0000000000001 141 M 353.0000000000001 141 M 351.0000000000001 141 L 349.0000000000001 141 M 349.0000000000001 141 M 347.0000000000001 141 L 345.0000000000001 141 M 345.0000000000001 141 M 343.0000000000001 141 L 341.0000000000001 141 M 341.0000000000001 141 M 339.0000000000001 141 L 337.0000000000001 141 M 337.0000000000001 141 M 335.0000000000001 141 L 333.0000000000001 141 M 333.0000000000001 141 M 331.0000000000001 141 L 329.0000000000001 141 M 329.0000000000001 141 M 327.0000000000001 141 L 325.0000000000001 141 M 325.0000000000001 141 M 323.0000000000001 141 L 321.0000000000001 141 M 321.0000000000001 141 M 319.0000000000001 141 L 317.0000000000001 141 M 317.0000000000001 141 M 315.0000000000001 141 L 313.0000000000001 141 M 313.0000000000001 141 M 311.0000000000001 141 L 309.0000000000001 141 M 309.0000000000001 141 M 307.0000000000001 141 L 305.0000000000001 141 M 305.0000000000001 141 M 303.0000000000001 141 L 301.0000000000001 141 M 301.0000000000001 141 M 299.0000000000001 141 L 297.0000000000001 141 M 297.0000000000001 141 M 295.0000000000001 141 L 293.0000000000001 141 M 293.0000000000001 141 M 291.0000000000001 141 L 289.0000000000001 141 M 289.0000000000001 141 M 287.0000000000001 141 L 285.0000000000001 141 M 285.0000000000001 141 M 283.0000000000001 141 L 281.0000000000001 141 M 281.0000000000001 141 M 279.0000000000001 141 L 277.0000000000001 141 M 277.0000000000001 141 M 275.0000000000001 141 L 273.0000000000001 141 M 273.0000000000001 141 M 271.0000000000001 141 L 269.0000000000001 141 M 269.0000000000001 141 M 267.0000000000001 141 L 265.0000000000001 141 M 265.0000000000001 141 M 263.0000000000001 141 L 261.0000000000001 141 M 261.0000000000001 141 M 259.0000000000001 141 L 257.0000000000001 141 M 257.0000000000001 141 M 255.0000000000001 141 L 253.0000000000001 141 M 253.0000000000001 141 M 251.0000000000001 141 L 249.0000000000001 141 M 249.0000000000001 141 M 247.0000000000001 141 L 245.0000000000001 141 M 245.0000000000001 141 M 243.0000000000001 141 L 241.0000000000001 141 M 241.0000000000001 141 M 239.0000000000001 141 L 237.0000000000001 141 M 237.0000000000001 141 M 235.0000000000001 141 L 233.0000000000001 141 M 233.0000000000001 141 M 231.0000000000001 141 L 229.0000000000001 141 M 229.0000000000001 141 M 227.0000000000001 141 L 225.0000000000001 141 M 225.0000000000001 141 M 223.0000000000001 141 L 221.0000000000001 141 M 221.0000000000001 141 M 219.0000000000001 141 L 217.0000000000001 141 M 217.0000000000001 141 M 215.0000000000001 141 L 213.0000000000001 141 M 213.0000000000001 141 M 211.0000000000001 141 L 209.0000000000001 141 M 209.0000000000001 141 M 207.0000000000001 141 L 205.0000000000001 141 M 205.0000000000001 141 M 203.0000000000001 141 L 201.0000000000001 141 M 201.0000000000001 141 M 199.0000000000001 141 L 197.0000000000001 141 M 197.0000000000001 141 M 195.0000000000001 141 L 193.0000000000001 141 M 193.0000000000001 141 M 191.0000000000001 141 L 189.0000000000001 141 M 189.0000000000001 141 M 187.0000000000001 141 L 185.0000000000001 141 M 185.0000000000001 141 M 183.0000000000001 141 L 181.0000000000001 141 M 181.0000000000001 141 M 179.0000000000001 141 L 177.0000000000001 141 M 177.0000000000001 141 M 175.0000000000001 141 L 173.0000000000001 141 M 173.0000000000001 141 M 171.0000000000001 141 L 169.0000000000001 141 M 169.0000000000001 141 M 167.0000000000001 141 L 165.0000000000001 141 M 165.0000000000001 141 M 163.0000000000001 141 L 161.0000000000001 141 M 161.0000000000001 141 M 159.0000000000001 141 L 157.0000000000001 141 M 157.0000000000001 141 M 155.0000000000001 141 L 153.0000000000001 141 M 153.0000000000001 141 M 151.0000000000001 141 L 149.0000000000001 141 M 149.0000000000001 141 M 147.0000000000001 141 L 145.0000000000001 141 M 145.0000000000001 141 M 143.0000000000001 141 L 141.0000000000001 141 M 141.0000000000001 141 M 139.0000000000001 141 L 137.0000000000001 141 M 137.0000000000001 141 M 135.0000000000001 141 L 133.0000000000001 141 M 133.0000000000001 141 M 131.0000000000001 141 L 129.0000000000001 141 M 129.0000000000001 141 M 127.00000000000011 141 L 125.00000000000011 141 M 125.00000000000011 141 M 123.00000000000011 141 L 121.00000000000011 141 M 121.00000000000011 141 M 119.00000000000011 141 L 117.00000000000011 141 M 117.00000000000011 141 M 115.00000000000011 141 L 113.00000000000011 141 M 113.00000000000011 141 M 111.00000000000011 141 L 109.00000000000011 141 M 109.00000000000011 141 M 107.00000000000011 141 L 105.00000000000011 141 M 105.00000000000011 141 M 103.00000000000011 141 L 101.00000000000011 141 M 101.00000000000011 141 M 99.00000000000011 141 L 97.00000000000011 141 M 97.00000000000011 141 M 95.00000000000011 141 L 93.00000000000011 141 M 93.00000000000011 141 M 91.00000000000011 141 L 89.00000000000011 141 M 89.00000000000011 141 M 87.00000000000011 141 L 85.00000000000011 141 M 85.00000000000011 141 M 83.00000000000011 141 L 81.00000000000011 141 M 81.00000000000011 141 M 79.00000000000011 141 L 77.00000000000011 141 M 77.00000000000011 141 M 75.00000000000011 141 L 73.00000000000011 141 M 73.00000000000011 141 M 71.00000000000011 141 L 69.00000000000011 141 M 69.00000000000011 141 M 67.00000000000011 141 L 65.00000000000011 141 M 65.00000000000011 141 M 63.000000000000114 141 L 61.000000000000114 141 M 61.000000000000114 141 M 59.000000000000114 141 L 57.000000000000114 141 M 57.000000000000114 141 M 55.000000000000114 141 L 53.000000000000114 141 M 53.000000000000114 141 M 51.000000000000114 141 L 49.000000000000114 141 M 49.000000000000114 141 M 47.000000000000114 141 L 45.000000000000114 141 M 45.000000000000114 141 M 43.000000000000114 141 L 41.000000000000114 141 M 41.000000000000114 141 M 39.000000000000114 141 L 37.000000000000114 141 M 37.000000000000114 141 M 35.000000000000114 141 L 33.000000000000114 141 M 33.000000000000114 141 M 31.000000000000114 141 L 29.000000000000114 141 M 29.000000000000114 141 M 27.000000000000114 141 L 25.000000000000114 141 M 25.000000000000114 141 M 23.000000000000114 141 L 21.000000000000114 141 M 21.000000000000114 141 M 19.000000000000114 141 L 17.000000000000114 141 M 17.000000000000114 141 M 15.000000000000114 141 L 13.000000000000114 141 M 13.000000000000114 141 M 11.000000000000114 141 L 9.000000000000114 141 M 9.000000000000114 141 M 7.000000000000114 141 L 5.000000000000114 141 M 5.000000000000114 141 M 3.0000000000001137 141 L 1.0000000000001137 141 M 1.0000000000001137 141 M 0 140.0000000000001 L 0 138.0000000000001 M 0 138.0000000000001 M 0 136.0000000000001 L 0 134.0000000000001 M 0 134.0000000000001 M 0 132.0000000000001 L 0 130.0000000000001 M 0 130.0000000000001 M 0 128.0000000000001 L 0 126.00000000000011 M 0 126.00000000000011 M 0 124.00000000000011 L 0 122.00000000000011 M 0 122.00000000000011 M 0 120.00000000000011 L 0 118.00000000000011 M 0 118.00000000000011 M 0 116.00000000000011 L 0 114.00000000000011 M 0 114.00000000000011 M 0 112.00000000000011 L 0 110.00000000000011 M 0 110.00000000000011 M 0 108.00000000000011 L 0 106.00000000000011 M 0 106.00000000000011 M 0 104.00000000000011 L 0 102.00000000000011 M 0 102.00000000000011 M 0 100.00000000000011 L 0 98.00000000000011 M 0 98.00000000000011 M 0 96.00000000000011 L 0 94.00000000000011 M 0 94.00000000000011 M 0 92.00000000000011 L 0 90.00000000000011 M 0 90.00000000000011 M 0 88.00000000000011 L 0 86.00000000000011 M 0 86.00000000000011 M 0 84.00000000000011 L 0 82.00000000000011 M 0 82.00000000000011 M 0 80.00000000000011 L 0 78.00000000000011 M 0 78.00000000000011 M 0 76.00000000000011 L 0 74.00000000000011 M 0 74.00000000000011 M 0 72.00000000000011 L 0 70.00000000000011 M 0 70.00000000000011 M 0 68.00000000000011 L 0 66.00000000000011 M 0 66.00000000000011 M 0 64.00000000000011 L 0 62.000000000000114 M 0 62.000000000000114 M 0 60.000000000000114 L 0 58.000000000000114 M 0 58.000000000000114 M 0 56.000000000000114 L 0 54.000000000000114 M 0 54.000000000000114 M 0 52.000000000000114 L 0 50.000000000000114 M 0 50.000000000000114 M 0 48.000000000000114 L 0 46.000000000000114 M 0 46.000000000000114 M 0 44.000000000000114 L 0 42.000000000000114 M 0 42.000000000000114 M 0 40.000000000000114 L 0 38.000000000000114 M 0 38.000000000000114 M 0 36.000000000000114 L 0 34.000000000000114 M 0 34.000000000000114 M 0 32.000000000000114 L 0 30.000000000000114 M 0 30.000000000000114 M 0 28.000000000000114 L 0 26.000000000000114 M 0 26.000000000000114 M 0 24.000000000000114 L 0 22.000000000000114 M 0 22.000000000000114 M 0 20.000000000000114 L 0 18.000000000000114 M 0 18.000000000000114 M 0 16.000000000000114 L 0 14.000000000000114 M 0 14.000000000000114 M 0 12.000000000000114 L 0 10.000000000000114 M 0 10.000000000000114 M 0 8.000000000000114 L 0 6.000000000000114 M 0 6.000000000000114 M 0 4.000000000000114 L 0 2.0000000000001137 M 0 2.0000000000001137 M 0 1.1368683772161603e-13 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,447.75,268.5)"><g><g transform="translate(0,0) scale(4.160000000000001,1.63)"><g><path fill="#FFFFFF" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(0.24038461538461534,0.6134969325153374)"><path fill="none" stroke="none" d="M 0 0 L 416.0000000000001 0 Q 416.0000000000001 0 416.0000000000001 0 L 416.0000000000001 163 Q 416.0000000000001 163 416.0000000000001 163 L 0 163 Q 0 163 0 163 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#333333" d="M 0 0 M 0 0 L 2 0 M 2 0 M 4 0 L 6 0 M 6 0 M 8 0 L 10 0 M 10 0 M 12 0 L 14 0 M 14 0 M 16 0 L 18 0 M 18 0 M 20 0 L 22 0 M 22 0 M 24 0 L 26 0 M 26 0 M 28 0 L 30 0 M 30 0 M 32 0 L 34 0 M 34 0 M 36 0 L 38 0 M 38 0 M 40 0 L 42 0 M 42 0 M 44 0 L 46 0 M 46 0 M 48 0 L 50 0 M 50 0 M 52 0 L 54 0 M 54 0 M 56 0 L 58 0 M 58 0 M 60 0 L 62 0 M 62 0 M 64 0 L 66 0 M 66 0 M 68 0 L 70 0 M 70 0 M 72 0 L 74 0 M 74 0 M 76 0 L 78 0 M 78 0 M 80 0 L 82 0 M 82 0 M 84 0 L 86 0 M 86 0 M 88 0 L 90 0 M 90 0 M 92 0 L 94 0 M 94 0 M 96 0 L 98 0 M 98 0 M 100 0 L 102 0 M 102 0 M 104 0 L 106 0 M 106 0 M 108 0 L 110 0 M 110 0 M 112 0 L 114 0 M 114 0 M 116 0 L 118 0 M 118 0 M 120 0 L 122 0 M 122 0 M 124 0 L 126 0 M 126 0 M 128 0 L 130 0 M 130 0 M 132 0 L 134 0 M 134 0 M 136 0 L 138 0 M 138 0 M 140 0 L 142 0 M 142 0 M 144 0 L 146 0 M 146 0 M 148 0 L 150 0 M 150 0 M 152 0 L 154 0 M 154 0 M 156 0 L 158 0 M 158 0 M 160 0 L 162 0 M 162 0 M 164 0 L 166 0 M 166 0 M 168 0 L 170 0 M 170 0 M 172 0 L 174 0 M 174 0 M 176 0 L 178 0 M 178 0 M 180 0 L 182 0 M 182 0 M 184 0 L 186 0 M 186 0 M 188 0 L 190 0 M 190 0 M 192 0 L 194 0 M 194 0 M 196 0 L 198 0 M 198 0 M 200 0 L 202 0 M 202 0 M 204 0 L 206 0 M 206 0 M 208 0 L 210 0 M 210 0 M 212 0 L 214 0 M 214 0 M 216 0 L 218 0 M 218 0 M 220 0 L 222 0 M 222 0 M 224 0 L 226 0 M 226 0 M 228 0 L 230 0 M 230 0 M 232 0 L 234 0 M 234 0 M 236 0 L 238 0 M 238 0 M 240 0 L 242 0 M 242 0 M 244 0 L 246 0 M 246 0 M 248 0 L 250 0 M 250 0 M 252 0 L 254 0 M 254 0 M 256 0 L 258 0 M 258 0 M 260 0 L 262 0 M 262 0 M 264 0 L 266 0 M 266 0 M 268 0 L 270 0 M 270 0 M 272 0 L 274 0 M 274 0 M 276 0 L 278 0 M 278 0 M 280 0 L 282 0 M 282 0 M 284 0 L 286 0 M 286 0 M 288 0 L 290 0 M 290 0 M 292 0 L 294 0 M 294 0 M 296 0 L 298 0 M 298 0 M 300 0 L 302 0 M 302 0 M 304 0 L 306 0 M 306 0 M 308 0 L 310 0 M 310 0 M 312 0 L 314 0 M 314 0 M 316 0 L 318 0 M 318 0 M 320 0 L 322 0 M 322 0 M 324 0 L 326 0 M 326 0 M 328 0 L 330 0 M 330 0 M 332 0 L 334 0 M 334 0 M 336 0 L 338 0 M 338 0 M 340 0 L 342 0 M 342 0 M 344 0 L 346 0 M 346 0 M 348 0 L 350 0 M 350 0 M 352 0 L 354 0 M 354 0 M 356 0 L 358 0 M 358 0 M 360 0 L 362 0 M 362 0 M 364 0 L 366 0 M 366 0 M 368 0 L 370 0 M 370 0 M 372 0 L 374 0 M 374 0 M 376 0 L 378 0 M 378 0 M 380 0 L 382 0 M 382 0 M 384 0 L 386 0 M 386 0 M 388 0 L 390 0 M 390 0 M 392 0 L 394 0 M 394 0 M 396 0 L 398 0 M 398 0 M 400 0 L 402 0 M 402 0 M 404 0 L 406 0 M 406 0 M 408 0 L 410 0 M 410 0 M 412 0 L 414 0 M 414 0 M 416 0 L 416.0000000000001 0 Q 416.0000000000001 0 416.0000000000001 0 L 416.0000000000001 1.9999999999998863 M 416.0000000000001 1.9999999999998863 M 416.0000000000001 3.9999999999998863 L 416.0000000000001 5.999999999999886 M 416.0000000000001 5.999999999999886 M 416.0000000000001 7.999999999999886 L 416.0000000000001 9.999999999999886 M 416.0000000000001 9.999999999999886 M 416.0000000000001 11.999999999999886 L 416.0000000000001 13.999999999999886 M 416.0000000000001 13.999999999999886 M 416.0000000000001 15.999999999999886 L 416.0000000000001 17.999999999999886 M 416.0000000000001 17.999999999999886 M 416.0000000000001 19.999999999999886 L 416.0000000000001 21.999999999999886 M 416.0000000000001 21.999999999999886 M 416.0000000000001 23.999999999999886 L 416.0000000000001 25.999999999999886 M 416.0000000000001 25.999999999999886 M 416.0000000000001 27.999999999999886 L 416.0000000000001 29.999999999999886 M 416.0000000000001 29.999999999999886 M 416.0000000000001 31.999999999999886 L 416.0000000000001 33.999999999999886 M 416.0000000000001 33.999999999999886 M 416.0000000000001 35.999999999999886 L 416.0000000000001 37.999999999999886 M 416.0000000000001 37.999999999999886 M 416.0000000000001 39.999999999999886 L 416.0000000000001 41.999999999999886 M 416.0000000000001 41.999999999999886 M 416.0000000000001 43.999999999999886 L 416.0000000000001 45.999999999999886 M 416.0000000000001 45.999999999999886 M 416.0000000000001 47.999999999999886 L 416.0000000000001 49.999999999999886 M 416.0000000000001 49.999999999999886 M 416.0000000000001 51.999999999999886 L 416.0000000000001 53.999999999999886 M 416.0000000000001 53.999999999999886 M 416.0000000000001 55.999999999999886 L 416.0000000000001 57.999999999999886 M 416.0000000000001 57.999999999999886 M 416.0000000000001 59.999999999999886 L 416.0000000000001 61.999999999999886 M 416.0000000000001 61.999999999999886 M 416.0000000000001 63.999999999999886 L 416.0000000000001 65.99999999999989 M 416.0000000000001 65.99999999999989 M 416.0000000000001 67.99999999999989 L 416.0000000000001 69.99999999999989 M 416.0000000000001 69.99999999999989 M 416.0000000000001 71.99999999999989 L 416.0000000000001 73.99999999999989 M 416.0000000000001 73.99999999999989 M 416.0000000000001 75.99999999999989 L 416.0000000000001 77.99999999999989 M 416.0000000000001 77.99999999999989 M 416.0000000000001 79.99999999999989 L 416.0000000000001 81.99999999999989 M 416.0000000000001 81.99999999999989 M 416.0000000000001 83.99999999999989 L 416.0000000000001 85.99999999999989 M 416.0000000000001 85.99999999999989 M 416.0000000000001 87.99999999999989 L 416.0000000000001 89.99999999999989 M 416.0000000000001 89.99999999999989 M 416.0000000000001 91.99999999999989 L 416.0000000000001 93.99999999999989 M 416.0000000000001 93.99999999999989 M 416.0000000000001 95.99999999999989 L 416.0000000000001 97.99999999999989 M 416.0000000000001 97.99999999999989 M 416.0000000000001 99.99999999999989 L 416.0000000000001 101.99999999999989 M 416.0000000000001 101.99999999999989 M 416.0000000000001 103.99999999999989 L 416.0000000000001 105.99999999999989 M 416.0000000000001 105.99999999999989 M 416.0000000000001 107.99999999999989 L 416.0000000000001 109.99999999999989 M 416.0000000000001 109.99999999999989 M 416.0000000000001 111.99999999999989 L 416.0000000000001 113.99999999999989 M 416.0000000000001 113.99999999999989 M 416.0000000000001 115.99999999999989 L 416.0000000000001 117.99999999999989 M 416.0000000000001 117.99999999999989 M 416.0000000000001 119.99999999999989 L 416.0000000000001 121.99999999999989 M 416.0000000000001 121.99999999999989 M 416.0000000000001 123.99999999999989 L 416.0000000000001 125.99999999999989 M 416.0000000000001 125.99999999999989 M 416.0000000000001 127.99999999999989 L 416.0000000000001 129.9999999999999 M 416.0000000000001 129.9999999999999 M 416.0000000000001 131.9999999999999 L 416.0000000000001 133.9999999999999 M 416.0000000000001 133.9999999999999 M 416.0000000000001 135.9999999999999 L 416.0000000000001 137.9999999999999 M 416.0000000000001 137.9999999999999 M 416.0000000000001 139.9999999999999 L 416.0000000000001 141.9999999999999 M 416.0000000000001 141.9999999999999 M 416.0000000000001 143.9999999999999 L 416.0000000000001 145.9999999999999 M 416.0000000000001 145.9999999999999 M 416.0000000000001 147.9999999999999 L 416.0000000000001 149.9999999999999 M 416.0000000000001 149.9999999999999 M 416.0000000000001 151.9999999999999 L 416.0000000000001 153.9999999999999 M 416.0000000000001 153.9999999999999 M 416.0000000000001 155.9999999999999 L 416.0000000000001 157.9999999999999 M 416.0000000000001 157.9999999999999 M 416.0000000000001 159.9999999999999 L 416.0000000000001 161.9999999999999 M 416.0000000000001 161.9999999999999 M 415.0000000000002 163 L 413.0000000000002 163 M 413.0000000000002 163 M 411.0000000000002 163 L 409.0000000000002 163 M 409.0000000000002 163 M 407.0000000000002 163 L 405.0000000000002 163 M 405.0000000000002 163 M 403.0000000000002 163 L 401.0000000000002 163 M 401.0000000000002 163 M 399.0000000000002 163 L 397.0000000000002 163 M 397.0000000000002 163 M 395.0000000000002 163 L 393.0000000000002 163 M 393.0000000000002 163 M 391.0000000000002 163 L 389.0000000000002 163 M 389.0000000000002 163 M 387.0000000000002 163 L 385.0000000000002 163 M 385.0000000000002 163 M 383.0000000000002 163 L 381.0000000000002 163 M 381.0000000000002 163 M 379.0000000000002 163 L 377.0000000000002 163 M 377.0000000000002 163 M 375.0000000000002 163 L 373.0000000000002 163 M 373.0000000000002 163 M 371.0000000000002 163 L 369.0000000000002 163 M 369.0000000000002 163 M 367.0000000000002 163 L 365.0000000000002 163 M 365.0000000000002 163 M 363.0000000000002 163 L 361.0000000000002 163 M 361.0000000000002 163 M 359.0000000000002 163 L 357.0000000000002 163 M 357.0000000000002 163 M 355.0000000000002 163 L 353.0000000000002 163 M 353.0000000000002 163 M 351.0000000000002 163 L 349.0000000000002 163 M 349.0000000000002 163 M 347.0000000000002 163 L 345.0000000000002 163 M 345.0000000000002 163 M 343.0000000000002 163 L 341.0000000000002 163 M 341.0000000000002 163 M 339.0000000000002 163 L 337.0000000000002 163 M 337.0000000000002 163 M 335.0000000000002 163 L 333.0000000000002 163 M 333.0000000000002 163 M 331.0000000000002 163 L 329.0000000000002 163 M 329.0000000000002 163 M 327.0000000000002 163 L 325.0000000000002 163 M 325.0000000000002 163 M 323.0000000000002 163 L 321.0000000000002 163 M 321.0000000000002 163 M 319.0000000000002 163 L 317.0000000000002 163 M 317.0000000000002 163 M 315.0000000000002 163 L 313.0000000000002 163 M 313.0000000000002 163 M 311.0000000000002 163 L 309.0000000000002 163 M 309.0000000000002 163 M 307.0000000000002 163 L 305.0000000000002 163 M 305.0000000000002 163 M 303.0000000000002 163 L 301.0000000000002 163 M 301.0000000000002 163 M 299.0000000000002 163 L 297.0000000000002 163 M 297.0000000000002 163 M 295.0000000000002 163 L 293.0000000000002 163 M 293.0000000000002 163 M 291.0000000000002 163 L 289.0000000000002 163 M 289.0000000000002 163 M 287.0000000000002 163 L 285.0000000000002 163 M 285.0000000000002 163 M 283.0000000000002 163 L 281.0000000000002 163 M 281.0000000000002 163 M 279.0000000000002 163 L 277.0000000000002 163 M 277.0000000000002 163 M 275.0000000000002 163 L 273.0000000000002 163 M 273.0000000000002 163 M 271.0000000000002 163 L 269.0000000000002 163 M 269.0000000000002 163 M 267.0000000000002 163 L 265.0000000000002 163 M 265.0000000000002 163 M 263.0000000000002 163 L 261.0000000000002 163 M 261.0000000000002 163 M 259.0000000000002 163 L 257.0000000000002 163 M 257.0000000000002 163 M 255.00000000000023 163 L 253.00000000000023 163 M 253.00000000000023 163 M 251.00000000000023 163 L 249.00000000000023 163 M 249.00000000000023 163 M 247.00000000000023 163 L 245.00000000000023 163 M 245.00000000000023 163 M 243.00000000000023 163 L 241.00000000000023 163 M 241.00000000000023 163 M 239.00000000000023 163 L 237.00000000000023 163 M 237.00000000000023 163 M 235.00000000000023 163 L 233.00000000000023 163 M 233.00000000000023 163 M 231.00000000000023 163 L 229.00000000000023 163 M 229.00000000000023 163 M 227.00000000000023 163 L 225.00000000000023 163 M 225.00000000000023 163 M 223.00000000000023 163 L 221.00000000000023 163 M 221.00000000000023 163 M 219.00000000000023 163 L 217.00000000000023 163 M 217.00000000000023 163 M 215.00000000000023 163 L 213.00000000000023 163 M 213.00000000000023 163 M 211.00000000000023 163 L 209.00000000000023 163 M 209.00000000000023 163 M 207.00000000000023 163 L 205.00000000000023 163 M 205.00000000000023 163 M 203.00000000000023 163 L 201.00000000000023 163 M 201.00000000000023 163 M 199.00000000000023 163 L 197.00000000000023 163 M 197.00000000000023 163 M 195.00000000000023 163 L 193.00000000000023 163 M 193.00000000000023 163 M 191.00000000000023 163 L 189.00000000000023 163 M 189.00000000000023 163 M 187.00000000000023 163 L 185.00000000000023 163 M 185.00000000000023 163 M 183.00000000000023 163 L 181.00000000000023 163 M 181.00000000000023 163 M 179.00000000000023 163 L 177.00000000000023 163 M 177.00000000000023 163 M 175.00000000000023 163 L 173.00000000000023 163 M 173.00000000000023 163 M 171.00000000000023 163 L 169.00000000000023 163 M 169.00000000000023 163 M 167.00000000000023 163 L 165.00000000000023 163 M 165.00000000000023 163 M 163.00000000000023 163 L 161.00000000000023 163 M 161.00000000000023 163 M 159.00000000000023 163 L 157.00000000000023 163 M 157.00000000000023 163 M 155.00000000000023 163 L 153.00000000000023 163 M 153.00000000000023 163 M 151.00000000000023 163 L 149.00000000000023 163 M 149.00000000000023 163 M 147.00000000000023 163 L 145.00000000000023 163 M 145.00000000000023 163 M 143.00000000000023 163 L 141.00000000000023 163 M 141.00000000000023 163 M 139.00000000000023 163 L 137.00000000000023 163 M 137.00000000000023 163 M 135.00000000000023 163 L 133.00000000000023 163 M 133.00000000000023 163 M 131.00000000000023 163 L 129.00000000000023 163 M 129.00000000000023 163 M 127.00000000000023 163 L 125.00000000000023 163 M 125.00000000000023 163 M 123.00000000000023 163 L 121.00000000000023 163 M 121.00000000000023 163 M 119.00000000000023 163 L 117.00000000000023 163 M 117.00000000000023 163 M 115.00000000000023 163 L 113.00000000000023 163 M 113.00000000000023 163 M 111.00000000000023 163 L 109.00000000000023 163 M 109.00000000000023 163 M 107.00000000000023 163 L 105.00000000000023 163 M 105.00000000000023 163 M 103.00000000000023 163 L 101.00000000000023 163 M 101.00000000000023 163 M 99.00000000000023 163 L 97.00000000000023 163 M 97.00000000000023 163 M 95.00000000000023 163 L 93.00000000000023 163 M 93.00000000000023 163 M 91.00000000000023 163 L 89.00000000000023 163 M 89.00000000000023 163 M 87.00000000000023 163 L 85.00000000000023 163 M 85.00000000000023 163 M 83.00000000000023 163 L 81.00000000000023 163 M 81.00000000000023 163 M 79.00000000000023 163 L 77.00000000000023 163 M 77.00000000000023 163 M 75.00000000000023 163 L 73.00000000000023 163 M 73.00000000000023 163 M 71.00000000000023 163 L 69.00000000000023 163 M 69.00000000000023 163 M 67.00000000000023 163 L 65.00000000000023 163 M 65.00000000000023 163 M 63.00000000000023 163 L 61.00000000000023 163 M 61.00000000000023 163 M 59.00000000000023 163 L 57.00000000000023 163 M 57.00000000000023 163 M 55.00000000000023 163 L 53.00000000000023 163 M 53.00000000000023 163 M 51.00000000000023 163 L 49.00000000000023 163 M 49.00000000000023 163 M 47.00000000000023 163 L 45.00000000000023 163 M 45.00000000000023 163 M 43.00000000000023 163 L 41.00000000000023 163 M 41.00000000000023 163 M 39.00000000000023 163 L 37.00000000000023 163 M 37.00000000000023 163 M 35.00000000000023 163 L 33.00000000000023 163 M 33.00000000000023 163 M 31.000000000000227 163 L 29.000000000000227 163 M 29.000000000000227 163 M 27.000000000000227 163 L 25.000000000000227 163 M 25.000000000000227 163 M 23.000000000000227 163 L 21.000000000000227 163 M 21.000000000000227 163 M 19.000000000000227 163 L 17.000000000000227 163 M 17.000000000000227 163 M 15.000000000000227 163 L 13.000000000000227 163 M 13.000000000000227 163 M 11.000000000000227 163 L 9.000000000000227 163 M 9.000000000000227 163 M 7.000000000000227 163 L 5.000000000000227 163 M 5.000000000000227 163 M 3.0000000000002274 163 L 1.0000000000002274 163 M 1.0000000000002274 163 M 0 162.00000000000023 L 0 160.00000000000023 M 0 160.00000000000023 M 0 158.00000000000023 L 0 156.00000000000023 M 0 156.00000000000023 M 0 154.00000000000023 L 0 152.00000000000023 M 0 152.00000000000023 M 0 150.00000000000023 L 0 148.00000000000023 M 0 148.00000000000023 M 0 146.00000000000023 L 0 144.00000000000023 M 0 144.00000000000023 M 0 142.00000000000023 L 0 140.00000000000023 M 0 140.00000000000023 M 0 138.00000000000023 L 0 136.00000000000023 M 0 136.00000000000023 M 0 134.00000000000023 L 0 132.00000000000023 M 0 132.00000000000023 M 0 130.00000000000023 L 0 128.00000000000023 M 0 128.00000000000023 M 0 126.00000000000023 L 0 124.00000000000023 M 0 124.00000000000023 M 0 122.00000000000023 L 0 120.00000000000023 M 0 120.00000000000023 M 0 118.00000000000023 L 0 116.00000000000023 M 0 116.00000000000023 M 0 114.00000000000023 L 0 112.00000000000023 M 0 112.00000000000023 M 0 110.00000000000023 L 0 108.00000000000023 M 0 108.00000000000023 M 0 106.00000000000023 L 0 104.00000000000023 M 0 104.00000000000023 M 0 102.00000000000023 L 0 100.00000000000023 M 0 100.00000000000023 M 0 98.00000000000023 L 0 96.00000000000023 M 0 96.00000000000023 M 0 94.00000000000023 L 0 92.00000000000023 M 0 92.00000000000023 M 0 90.00000000000023 L 0 88.00000000000023 M 0 88.00000000000023 M 0 86.00000000000023 L 0 84.00000000000023 M 0 84.00000000000023 M 0 82.00000000000023 L 0 80.00000000000023 M 0 80.00000000000023 M 0 78.00000000000023 L 0 76.00000000000023 M 0 76.00000000000023 M 0 74.00000000000023 L 0 72.00000000000023 M 0 72.00000000000023 M 0 70.00000000000023 L 0 68.00000000000023 M 0 68.00000000000023 M 0 66.00000000000023 L 0 64.00000000000023 M 0 64.00000000000023 M 0 62.00000000000023 L 0 60.00000000000023 M 0 60.00000000000023 M 0 58.00000000000023 L 0 56.00000000000023 M 0 56.00000000000023 M 0 54.00000000000023 L 0 52.00000000000023 M 0 52.00000000000023 M 0 50.00000000000023 L 0 48.00000000000023 M 0 48.00000000000023 M 0 46.00000000000023 L 0 44.00000000000023 M 0 44.00000000000023 M 0 42.00000000000023 L 0 40.00000000000023 M 0 40.00000000000023 M 0 38.00000000000023 L 0 36.00000000000023 M 0 36.00000000000023 M 0 34.00000000000023 L 0 32.00000000000023 M 0 32.00000000000023 M 0 30.000000000000227 L 0 28.000000000000227 M 0 28.000000000000227 M 0 26.000000000000227 L 0 24.000000000000227 M 0 24.000000000000227 M 0 22.000000000000227 L 0 20.000000000000227 M 0 20.000000000000227 M 0 18.000000000000227 L 0 16.000000000000227 M 0 16.000000000000227 M 0 14.000000000000227 L 0 12.000000000000227 M 0 12.000000000000227 M 0 10.000000000000227 L 0 8.000000000000227 M 0 8.000000000000227 M 0 6.000000000000227 L 0 4.000000000000227 M 0 4.000000000000227 M 0 2.0000000000002274 L 0 2.2737367544323206e-13 M 0 2.2737367544323206e-13 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,3.5000000000000284,268.5)"><g><g transform="translate(0,0) scale(4.11,1.63)"><g><path fill="#FFFFFF" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(0.24330900243309,0.6134969325153374)"><path fill="none" stroke="none" d="M 0 0 L 411.00000000000006 0 Q 411.00000000000006 0 411.00000000000006 0 L 411.00000000000006 163 Q 411.00000000000006 163 411.00000000000006 163 L 0 163 Q 0 163 0 163 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#333333" d="M 0 0 M 0 0 L 2 0 M 2 0 M 4 0 L 6 0 M 6 0 M 8 0 L 10 0 M 10 0 M 12 0 L 14 0 M 14 0 M 16 0 L 18 0 M 18 0 M 20 0 L 22 0 M 22 0 M 24 0 L 26 0 M 26 0 M 28 0 L 30 0 M 30 0 M 32 0 L 34 0 M 34 0 M 36 0 L 38 0 M 38 0 M 40 0 L 42 0 M 42 0 M 44 0 L 46 0 M 46 0 M 48 0 L 50 0 M 50 0 M 52 0 L 54 0 M 54 0 M 56 0 L 58 0 M 58 0 M 60 0 L 62 0 M 62 0 M 64 0 L 66 0 M 66 0 M 68 0 L 70 0 M 70 0 M 72 0 L 74 0 M 74 0 M 76 0 L 78 0 M 78 0 M 80 0 L 82 0 M 82 0 M 84 0 L 86 0 M 86 0 M 88 0 L 90 0 M 90 0 M 92 0 L 94 0 M 94 0 M 96 0 L 98 0 M 98 0 M 100 0 L 102 0 M 102 0 M 104 0 L 106 0 M 106 0 M 108 0 L 110 0 M 110 0 M 112 0 L 114 0 M 114 0 M 116 0 L 118 0 M 118 0 M 120 0 L 122 0 M 122 0 M 124 0 L 126 0 M 126 0 M 128 0 L 130 0 M 130 0 M 132 0 L 134 0 M 134 0 M 136 0 L 138 0 M 138 0 M 140 0 L 142 0 M 142 0 M 144 0 L 146 0 M 146 0 M 148 0 L 150 0 M 150 0 M 152 0 L 154 0 M 154 0 M 156 0 L 158 0 M 158 0 M 160 0 L 162 0 M 162 0 M 164 0 L 166 0 M 166 0 M 168 0 L 170 0 M 170 0 M 172 0 L 174 0 M 174 0 M 176 0 L 178 0 M 178 0 M 180 0 L 182 0 M 182 0 M 184 0 L 186 0 M 186 0 M 188 0 L 190 0 M 190 0 M 192 0 L 194 0 M 194 0 M 196 0 L 198 0 M 198 0 M 200 0 L 202 0 M 202 0 M 204 0 L 206 0 M 206 0 M 208 0 L 210 0 M 210 0 M 212 0 L 214 0 M 214 0 M 216 0 L 218 0 M 218 0 M 220 0 L 222 0 M 222 0 M 224 0 L 226 0 M 226 0 M 228 0 L 230 0 M 230 0 M 232 0 L 234 0 M 234 0 M 236 0 L 238 0 M 238 0 M 240 0 L 242 0 M 242 0 M 244 0 L 246 0 M 246 0 M 248 0 L 250 0 M 250 0 M 252 0 L 254 0 M 254 0 M 256 0 L 258 0 M 258 0 M 260 0 L 262 0 M 262 0 M 264 0 L 266 0 M 266 0 M 268 0 L 270 0 M 270 0 M 272 0 L 274 0 M 274 0 M 276 0 L 278 0 M 278 0 M 280 0 L 282 0 M 282 0 M 284 0 L 286 0 M 286 0 M 288 0 L 290 0 M 290 0 M 292 0 L 294 0 M 294 0 M 296 0 L 298 0 M 298 0 M 300 0 L 302 0 M 302 0 M 304 0 L 306 0 M 306 0 M 308 0 L 310 0 M 310 0 M 312 0 L 314 0 M 314 0 M 316 0 L 318 0 M 318 0 M 320 0 L 322 0 M 322 0 M 324 0 L 326 0 M 326 0 M 328 0 L 330 0 M 330 0 M 332 0 L 334 0 M 334 0 M 336 0 L 338 0 M 338 0 M 340 0 L 342 0 M 342 0 M 344 0 L 346 0 M 346 0 M 348 0 L 350 0 M 350 0 M 352 0 L 354 0 M 354 0 M 356 0 L 358 0 M 358 0 M 360 0 L 362 0 M 362 0 M 364 0 L 366 0 M 366 0 M 368 0 L 370 0 M 370 0 M 372 0 L 374 0 M 374 0 M 376 0 L 378 0 M 378 0 M 380 0 L 382 0 M 382 0 M 384 0 L 386 0 M 386 0 M 388 0 L 390 0 M 390 0 M 392 0 L 394 0 M 394 0 M 396 0 L 398 0 M 398 0 M 400 0 L 402 0 M 402 0 M 404 0 L 406 0 M 406 0 M 408 0 L 410 0 M 410 0 M 411.00000000000006 0.9999999999999432 L 411.00000000000006 2.999999999999943 M 411.00000000000006 2.999999999999943 M 411.00000000000006 4.999999999999943 L 411.00000000000006 6.999999999999943 M 411.00000000000006 6.999999999999943 M 411.00000000000006 8.999999999999943 L 411.00000000000006 10.999999999999943 M 411.00000000000006 10.999999999999943 M 411.00000000000006 12.999999999999943 L 411.00000000000006 14.999999999999943 M 411.00000000000006 14.999999999999943 M 411.00000000000006 16.999999999999943 L 411.00000000000006 18.999999999999943 M 411.00000000000006 18.999999999999943 M 411.00000000000006 20.999999999999943 L 411.00000000000006 22.999999999999943 M 411.00000000000006 22.999999999999943 M 411.00000000000006 24.999999999999943 L 411.00000000000006 26.999999999999943 M 411.00000000000006 26.999999999999943 M 411.00000000000006 28.999999999999943 L 411.00000000000006 30.999999999999943 M 411.00000000000006 30.999999999999943 M 411.00000000000006 32.99999999999994 L 411.00000000000006 34.99999999999994 M 411.00000000000006 34.99999999999994 M 411.00000000000006 36.99999999999994 L 411.00000000000006 38.99999999999994 M 411.00000000000006 38.99999999999994 M 411.00000000000006 40.99999999999994 L 411.00000000000006 42.99999999999994 M 411.00000000000006 42.99999999999994 M 411.00000000000006 44.99999999999994 L 411.00000000000006 46.99999999999994 M 411.00000000000006 46.99999999999994 M 411.00000000000006 48.99999999999994 L 411.00000000000006 50.99999999999994 M 411.00000000000006 50.99999999999994 M 411.00000000000006 52.99999999999994 L 411.00000000000006 54.99999999999994 M 411.00000000000006 54.99999999999994 M 411.00000000000006 56.99999999999994 L 411.00000000000006 58.99999999999994 M 411.00000000000006 58.99999999999994 M 411.00000000000006 60.99999999999994 L 411.00000000000006 62.99999999999994 M 411.00000000000006 62.99999999999994 M 411.00000000000006 64.99999999999994 L 411.00000000000006 66.99999999999994 M 411.00000000000006 66.99999999999994 M 411.00000000000006 68.99999999999994 L 411.00000000000006 70.99999999999994 M 411.00000000000006 70.99999999999994 M 411.00000000000006 72.99999999999994 L 411.00000000000006 74.99999999999994 M 411.00000000000006 74.99999999999994 M 411.00000000000006 76.99999999999994 L 411.00000000000006 78.99999999999994 M 411.00000000000006 78.99999999999994 M 411.00000000000006 80.99999999999994 L 411.00000000000006 82.99999999999994 M 411.00000000000006 82.99999999999994 M 411.00000000000006 84.99999999999994 L 411.00000000000006 86.99999999999994 M 411.00000000000006 86.99999999999994 M 411.00000000000006 88.99999999999994 L 411.00000000000006 90.99999999999994 M 411.00000000000006 90.99999999999994 M 411.00000000000006 92.99999999999994 L 411.00000000000006 94.99999999999994 M 411.00000000000006 94.99999999999994 M 411.00000000000006 96.99999999999994 L 411.00000000000006 98.99999999999994 M 411.00000000000006 98.99999999999994 M 411.00000000000006 100.99999999999994 L 411.00000000000006 102.99999999999994 M 411.00000000000006 102.99999999999994 M 411.00000000000006 104.99999999999994 L 411.00000000000006 106.99999999999994 M 411.00000000000006 106.99999999999994 M 411.00000000000006 108.99999999999994 L 411.00000000000006 110.99999999999994 M 411.00000000000006 110.99999999999994 M 411.00000000000006 112.99999999999994 L 411.00000000000006 114.99999999999994 M 411.00000000000006 114.99999999999994 M 411.00000000000006 116.99999999999994 L 411.00000000000006 118.99999999999994 M 411.00000000000006 118.99999999999994 M 411.00000000000006 120.99999999999994 L 411.00000000000006 122.99999999999994 M 411.00000000000006 122.99999999999994 M 411.00000000000006 124.99999999999994 L 411.00000000000006 126.99999999999994 M 411.00000000000006 126.99999999999994 M 411.00000000000006 128.99999999999994 L 411.00000000000006 130.99999999999994 M 411.00000000000006 130.99999999999994 M 411.00000000000006 132.99999999999994 L 411.00000000000006 134.99999999999994 M 411.00000000000006 134.99999999999994 M 411.00000000000006 136.99999999999994 L 411.00000000000006 138.99999999999994 M 411.00000000000006 138.99999999999994 M 411.00000000000006 140.99999999999994 L 411.00000000000006 142.99999999999994 M 411.00000000000006 142.99999999999994 M 411.00000000000006 144.99999999999994 L 411.00000000000006 146.99999999999994 M 411.00000000000006 146.99999999999994 M 411.00000000000006 148.99999999999994 L 411.00000000000006 150.99999999999994 M 411.00000000000006 150.99999999999994 M 411.00000000000006 152.99999999999994 L 411.00000000000006 154.99999999999994 M 411.00000000000006 154.99999999999994 M 411.00000000000006 156.99999999999994 L 411.00000000000006 158.99999999999994 M 411.00000000000006 158.99999999999994 M 411.00000000000006 160.99999999999994 L 411.00000000000006 162.99999999999994 M 411.00000000000006 162.99999999999994 M 409.0000000000001 163 L 407.0000000000001 163 M 407.0000000000001 163 M 405.0000000000001 163 L 403.0000000000001 163 M 403.0000000000001 163 M 401.0000000000001 163 L 399.0000000000001 163 M 399.0000000000001 163 M 397.0000000000001 163 L 395.0000000000001 163 M 395.0000000000001 163 M 393.0000000000001 163 L 391.0000000000001 163 M 391.0000000000001 163 M 389.0000000000001 163 L 387.0000000000001 163 M 387.0000000000001 163 M 385.0000000000001 163 L 383.0000000000001 163 M 383.0000000000001 163 M 381.0000000000001 163 L 379.0000000000001 163 M 379.0000000000001 163 M 377.0000000000001 163 L 375.0000000000001 163 M 375.0000000000001 163 M 373.0000000000001 163 L 371.0000000000001 163 M 371.0000000000001 163 M 369.0000000000001 163 L 367.0000000000001 163 M 367.0000000000001 163 M 365.0000000000001 163 L 363.0000000000001 163 M 363.0000000000001 163 M 361.0000000000001 163 L 359.0000000000001 163 M 359.0000000000001 163 M 357.0000000000001 163 L 355.0000000000001 163 M 355.0000000000001 163 M 353.0000000000001 163 L 351.0000000000001 163 M 351.0000000000001 163 M 349.0000000000001 163 L 347.0000000000001 163 M 347.0000000000001 163 M 345.0000000000001 163 L 343.0000000000001 163 M 343.0000000000001 163 M 341.0000000000001 163 L 339.0000000000001 163 M 339.0000000000001 163 M 337.0000000000001 163 L 335.0000000000001 163 M 335.0000000000001 163 M 333.0000000000001 163 L 331.0000000000001 163 M 331.0000000000001 163 M 329.0000000000001 163 L 327.0000000000001 163 M 327.0000000000001 163 M 325.0000000000001 163 L 323.0000000000001 163 M 323.0000000000001 163 M 321.0000000000001 163 L 319.0000000000001 163 M 319.0000000000001 163 M 317.0000000000001 163 L 315.0000000000001 163 M 315.0000000000001 163 M 313.0000000000001 163 L 311.0000000000001 163 M 311.0000000000001 163 M 309.0000000000001 163 L 307.0000000000001 163 M 307.0000000000001 163 M 305.0000000000001 163 L 303.0000000000001 163 M 303.0000000000001 163 M 301.0000000000001 163 L 299.0000000000001 163 M 299.0000000000001 163 M 297.0000000000001 163 L 295.0000000000001 163 M 295.0000000000001 163 M 293.0000000000001 163 L 291.0000000000001 163 M 291.0000000000001 163 M 289.0000000000001 163 L 287.0000000000001 163 M 287.0000000000001 163 M 285.0000000000001 163 L 283.0000000000001 163 M 283.0000000000001 163 M 281.0000000000001 163 L 279.0000000000001 163 M 279.0000000000001 163 M 277.0000000000001 163 L 275.0000000000001 163 M 275.0000000000001 163 M 273.0000000000001 163 L 271.0000000000001 163 M 271.0000000000001 163 M 269.0000000000001 163 L 267.0000000000001 163 M 267.0000000000001 163 M 265.0000000000001 163 L 263.0000000000001 163 M 263.0000000000001 163 M 261.0000000000001 163 L 259.0000000000001 163 M 259.0000000000001 163 M 257.0000000000001 163 L 255.0000000000001 163 M 255.0000000000001 163 M 253.0000000000001 163 L 251.0000000000001 163 M 251.0000000000001 163 M 249.0000000000001 163 L 247.0000000000001 163 M 247.0000000000001 163 M 245.0000000000001 163 L 243.0000000000001 163 M 243.0000000000001 163 M 241.0000000000001 163 L 239.0000000000001 163 M 239.0000000000001 163 M 237.0000000000001 163 L 235.0000000000001 163 M 235.0000000000001 163 M 233.0000000000001 163 L 231.0000000000001 163 M 231.0000000000001 163 M 229.0000000000001 163 L 227.0000000000001 163 M 227.0000000000001 163 M 225.0000000000001 163 L 223.0000000000001 163 M 223.0000000000001 163 M 221.0000000000001 163 L 219.0000000000001 163 M 219.0000000000001 163 M 217.0000000000001 163 L 215.0000000000001 163 M 215.0000000000001 163 M 213.0000000000001 163 L 211.0000000000001 163 M 211.0000000000001 163 M 209.0000000000001 163 L 207.0000000000001 163 M 207.0000000000001 163 M 205.0000000000001 163 L 203.0000000000001 163 M 203.0000000000001 163 M 201.0000000000001 163 L 199.0000000000001 163 M 199.0000000000001 163 M 197.0000000000001 163 L 195.0000000000001 163 M 195.0000000000001 163 M 193.0000000000001 163 L 191.0000000000001 163 M 191.0000000000001 163 M 189.0000000000001 163 L 187.0000000000001 163 M 187.0000000000001 163 M 185.0000000000001 163 L 183.0000000000001 163 M 183.0000000000001 163 M 181.0000000000001 163 L 179.0000000000001 163 M 179.0000000000001 163 M 177.0000000000001 163 L 175.0000000000001 163 M 175.0000000000001 163 M 173.0000000000001 163 L 171.0000000000001 163 M 171.0000000000001 163 M 169.0000000000001 163 L 167.0000000000001 163 M 167.0000000000001 163 M 165.0000000000001 163 L 163.0000000000001 163 M 163.0000000000001 163 M 161.0000000000001 163 L 159.0000000000001 163 M 159.0000000000001 163 M 157.0000000000001 163 L 155.0000000000001 163 M 155.0000000000001 163 M 153.0000000000001 163 L 151.0000000000001 163 M 151.0000000000001 163 M 149.0000000000001 163 L 147.0000000000001 163 M 147.0000000000001 163 M 145.0000000000001 163 L 143.0000000000001 163 M 143.0000000000001 163 M 141.0000000000001 163 L 139.0000000000001 163 M 139.0000000000001 163 M 137.0000000000001 163 L 135.0000000000001 163 M 135.0000000000001 163 M 133.0000000000001 163 L 131.0000000000001 163 M 131.0000000000001 163 M 129.0000000000001 163 L 127.00000000000011 163 M 127.00000000000011 163 M 125.00000000000011 163 L 123.00000000000011 163 M 123.00000000000011 163 M 121.00000000000011 163 L 119.00000000000011 163 M 119.00000000000011 163 M 117.00000000000011 163 L 115.00000000000011 163 M 115.00000000000011 163 M 113.00000000000011 163 L 111.00000000000011 163 M 111.00000000000011 163 M 109.00000000000011 163 L 107.00000000000011 163 M 107.00000000000011 163 M 105.00000000000011 163 L 103.00000000000011 163 M 103.00000000000011 163 M 101.00000000000011 163 L 99.00000000000011 163 M 99.00000000000011 163 M 97.00000000000011 163 L 95.00000000000011 163 M 95.00000000000011 163 M 93.00000000000011 163 L 91.00000000000011 163 M 91.00000000000011 163 M 89.00000000000011 163 L 87.00000000000011 163 M 87.00000000000011 163 M 85.00000000000011 163 L 83.00000000000011 163 M 83.00000000000011 163 M 81.00000000000011 163 L 79.00000000000011 163 M 79.00000000000011 163 M 77.00000000000011 163 L 75.00000000000011 163 M 75.00000000000011 163 M 73.00000000000011 163 L 71.00000000000011 163 M 71.00000000000011 163 M 69.00000000000011 163 L 67.00000000000011 163 M 67.00000000000011 163 M 65.00000000000011 163 L 63.000000000000114 163 M 63.000000000000114 163 M 61.000000000000114 163 L 59.000000000000114 163 M 59.000000000000114 163 M 57.000000000000114 163 L 55.000000000000114 163 M 55.000000000000114 163 M 53.000000000000114 163 L 51.000000000000114 163 M 51.000000000000114 163 M 49.000000000000114 163 L 47.000000000000114 163 M 47.000000000000114 163 M 45.000000000000114 163 L 43.000000000000114 163 M 43.000000000000114 163 M 41.000000000000114 163 L 39.000000000000114 163 M 39.000000000000114 163 M 37.000000000000114 163 L 35.000000000000114 163 M 35.000000000000114 163 M 33.000000000000114 163 L 31.000000000000114 163 M 31.000000000000114 163 M 29.000000000000114 163 L 27.000000000000114 163 M 27.000000000000114 163 M 25.000000000000114 163 L 23.000000000000114 163 M 23.000000000000114 163 M 21.000000000000114 163 L 19.000000000000114 163 M 19.000000000000114 163 M 17.000000000000114 163 L 15.000000000000114 163 M 15.000000000000114 163 M 13.000000000000114 163 L 11.000000000000114 163 M 11.000000000000114 163 M 9.000000000000114 163 L 7.000000000000114 163 M 7.000000000000114 163 M 5.000000000000114 163 L 3.0000000000001137 163 M 3.0000000000001137 163 M 1.0000000000001137 163 L 0 163 Q 0 163 0 163 L 0 162.0000000000001 M 0 162.0000000000001 M 0 160.0000000000001 L 0 158.0000000000001 M 0 158.0000000000001 M 0 156.0000000000001 L 0 154.0000000000001 M 0 154.0000000000001 M 0 152.0000000000001 L 0 150.0000000000001 M 0 150.0000000000001 M 0 148.0000000000001 L 0 146.0000000000001 M 0 146.0000000000001 M 0 144.0000000000001 L 0 142.0000000000001 M 0 142.0000000000001 M 0 140.0000000000001 L 0 138.0000000000001 M 0 138.0000000000001 M 0 136.0000000000001 L 0 134.0000000000001 M 0 134.0000000000001 M 0 132.0000000000001 L 0 130.0000000000001 M 0 130.0000000000001 M 0 128.0000000000001 L 0 126.00000000000011 M 0 126.00000000000011 M 0 124.00000000000011 L 0 122.00000000000011 M 0 122.00000000000011 M 0 120.00000000000011 L 0 118.00000000000011 M 0 118.00000000000011 M 0 116.00000000000011 L 0 114.00000000000011 M 0 114.00000000000011 M 0 112.00000000000011 L 0 110.00000000000011 M 0 110.00000000000011 M 0 108.00000000000011 L 0 106.00000000000011 M 0 106.00000000000011 M 0 104.00000000000011 L 0 102.00000000000011 M 0 102.00000000000011 M 0 100.00000000000011 L 0 98.00000000000011 M 0 98.00000000000011 M 0 96.00000000000011 L 0 94.00000000000011 M 0 94.00000000000011 M 0 92.00000000000011 L 0 90.00000000000011 M 0 90.00000000000011 M 0 88.00000000000011 L 0 86.00000000000011 M 0 86.00000000000011 M 0 84.00000000000011 L 0 82.00000000000011 M 0 82.00000000000011 M 0 80.00000000000011 L 0 78.00000000000011 M 0 78.00000000000011 M 0 76.00000000000011 L 0 74.00000000000011 M 0 74.00000000000011 M 0 72.00000000000011 L 0 70.00000000000011 M 0 70.00000000000011 M 0 68.00000000000011 L 0 66.00000000000011 M 0 66.00000000000011 M 0 64.00000000000011 L 0 62.000000000000114 M 0 62.000000000000114 M 0 60.000000000000114 L 0 58.000000000000114 M 0 58.000000000000114 M 0 56.000000000000114 L 0 54.000000000000114 M 0 54.000000000000114 M 0 52.000000000000114 L 0 50.000000000000114 M 0 50.000000000000114 M 0 48.000000000000114 L 0 46.000000000000114 M 0 46.000000000000114 M 0 44.000000000000114 L 0 42.000000000000114 M 0 42.000000000000114 M 0 40.000000000000114 L 0 38.000000000000114 M 0 38.000000000000114 M 0 36.000000000000114 L 0 34.000000000000114 M 0 34.000000000000114 M 0 32.000000000000114 L 0 30.000000000000114 M 0 30.000000000000114 M 0 28.000000000000114 L 0 26.000000000000114 M 0 26.000000000000114 M 0 24.000000000000114 L 0 22.000000000000114 M 0 22.000000000000114 M 0 20.000000000000114 L 0 18.000000000000114 M 0 18.000000000000114 M 0 16.000000000000114 L 0 14.000000000000114 M 0 14.000000000000114 M 0 12.000000000000114 L 0 10.000000000000114 M 0 10.000000000000114 M 0 8.000000000000114 L 0 6.000000000000114 M 0 6.000000000000114 M 0 4.000000000000114 L 0 2.0000000000001137 M 0 2.0000000000001137 M 0 1.1368683772161603e-13 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,515,213)"><g transform="translate(0,0)"><g transform="translate(-100.5,-90.5) translate(-414.5,-122.5) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 519.5 217.5 L 551.5 298" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,535.7106781186548,213)"><g transform="translate(0,0)"><g transform="translate(-139.5,-86.5) translate(-396.21067811865476,-126.5) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 540.2106781186548 217.5 L 744.5 298" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,444.71067811865476,77.5)"><g transform="translate(0,0)"><g transform="translate(-231.28932188134524,-95) translate(-213.4213562373095,17.5) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 498.78932188134524 142.5 L 449.21067811865476 82" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,354.21067811865476,77.49999999999999)"><g transform="translate(0,0)"><g transform="translate(-237,-54) translate(-117.21067811865476,-23.499999999999986) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 407.78932188134524 81.99999999999999 L 358.71067811865476 142.5" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,289.5,213)"><g transform="translate(0,0)"><g transform="translate(-174,-217.5) translate(-115.5,4.5) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 338 217.5 L 294 299" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,103.5,213)"><g transform="translate(0,0)"><g transform="translate(-187,-206.5) translate(83.5,-6.5) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 317.28932188134524 217.5 L 108 298" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,378.5,7)"><g transform="translate(4,4) scale(1.01,1.0133333333333334)"><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="url(#kKfylQdvRaFI)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#kKfylQdvRaFI)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="scale(1,1) matrix(1,0,0,1,380.5,7) translate(8,31)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="0.6484375" y="11">Layer 2 Switch</text></g><g transform="translate(0,0) matrix(1,0,0,1,288,142.5)"><g transform="translate(4,4) scale(1.01,1.0133333333333334)"><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="url(#okETWrHtmeUv)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#okETWrHtmeUv)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="scale(1,1) matrix(1,0,0,1,290,142.5) translate(8,31)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="24.326171875" y="11">Host1</text></g><g transform="translate(0,0) matrix(1,0,0,1,469.5,142.5)"><g transform="translate(4,4) scale(1.01,1.0133333333333334)"><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="url(#WLczqDFsktCx)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#WLczqDFsktCx)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="scale(1,1) matrix(1,0,0,1,471.5,142.5) translate(8,31)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="24.326171875" y="11">Host2</text></g><g transform="scale(1,1) matrix(1,0,0,1,278,126) translate(2,0.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="0" y="11">eth0 2001:db8:0::1/64</text></g><g transform="scale(1,1) matrix(1,0,0,1,460.5,128) translate(2,0.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="0" y="11">eth0 2001:db8:0::2/64</text></g><g transform="scale(1,1) matrix(1,0,0,1,444.5,223) translate(2,0.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="23.2978515625" y="11">docker0 fe80::1/64</text></g><g transform="scale(1,1) matrix(1,0,0,1,262,224) translate(2,0.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="23.2978515625" y="11">docker0 fe80::1/64</text></g><g transform="translate(0,0) matrix(1,0,0,1,58,298)"><g transform="translate(4,4) scale(1.01,1.01)"><g><g transform="translate(0,0) scale(1,1)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,1)"><g><path fill="url(#EOtrFaZZJZro)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#EOtrFaZZJZro)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="scale(1,1) matrix(1,0,0,1,60,298) translate(8,43.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="5.3125" y="11">Container1-1</text></g><g transform="translate(0,0) matrix(1,0,0,1,244,299)"><g transform="translate(4,4) scale(1.01,1.01)"><g><g transform="translate(0,0) scale(1,1)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,1)"><g><path fill="url(#itkkpRbaglyb)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#itkkpRbaglyb)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="scale(1,1) matrix(1,0,0,1,246,299) translate(8,43.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="5.3125" y="11">Container1-2</text></g><g transform="scale(1,1) matrix(1,0,0,1,34.000000000000014,283) translate(2,0.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="14.614257812499986" y="11">eth0 2001:db8:1::1/64</text></g><g transform="translate(0,0) matrix(1,0,0,1,501.5,298)"><g transform="translate(4,4) scale(1.01,1.01)"><g><g transform="translate(0,0) scale(1,1)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,1)"><g><path fill="url(#MpRBXNFHBTHf)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#MpRBXNFHBTHf)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="scale(1,1) matrix(1,0,0,1,503.5,298) translate(8,43.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="5.3125" y="11">Container2-1</text></g><g transform="translate(0,0) matrix(1,0,0,1,694.5,298)"><g transform="translate(4,4) scale(1.01,1.01)"><g><g transform="translate(0,0) scale(1,1)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,1)"><g><path fill="url(#tVySeLJzhfuC)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#tVySeLJzhfuC)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="scale(1,1) matrix(1,0,0,1,696.5,298) translate(8,43.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="5.3125" y="11">Container2-2</text></g><g transform="scale(1,1) matrix(1,0,0,1,17.5,148) translate(2,0.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="0" y="11">ip -6 route add 2001:db8:0::/64 dev eth0</text><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="0" y="25">ip -6 route add 2001:db8:2::/64 via 2001:db8:0::2</text></g><g transform="scale(1,1) matrix(1,0,0,1,488.75,408) translate(2,1.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="55.462890625" y="11">ip -6 route add default via fe80::1 dev eth0</text></g><g transform="scale(1,1) matrix(1,0,0,1,33.50000000000003,409) translate(2,1.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="58.83789062499997" y="11">ip -6 route add default via fe80::1 dev eth0</text></g><g transform="matrix(1,0,0,1,-17.000680271168676,190.75)"><g transform="translate(0,0)"><g transform="translate(-785,-195) translate(802.0006802711687,4.25) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#000000" d="M 863.7500000000001 194.75 M 863.7500000000001 194.75 L 855.750000325228 194.75228115011907 M 855.750000325228 194.75228115011907 M 847.750000650456 194.75456230023815 L 839.7500009756839 194.75684345035722 M 839.7500009756839 194.75684345035722 M 831.7500013009118 194.7591246004763 L 823.7500016261397 194.76140575059537 M 823.7500016261397 194.76140575059537 M 815.7500019513676 194.76368690071445 L 807.7500022765955 194.76596805083352 M 807.7500022765955 194.76596805083352 M 799.7500026018234 194.7682492009526 L 791.7500029270514 194.77053035107167 M 791.7500029270514 194.77053035107167 M 783.7500032522793 194.77281150119074 L 775.7500035775072 194.77509265130982 M 775.7500035775072 194.77509265130982 M 767.7500039027351 194.7773738014289 L 759.750004227963 194.77965495154797 M 759.750004227963 194.77965495154797 M 751.7500045531909 194.78193610166704 L 743.7500048784188 194.78421725178612 M 743.7500048784188 194.78421725178612 M 735.7500052036468 194.7864984019052 L 727.7500055288747 194.78877955202427 M 727.7500055288747 194.78877955202427 M 719.7500058541026 194.79106070214334 L 711.7500061793305 194.79334185226242 M 711.7500061793305 194.79334185226242 M 703.7500065045584 194.7956230023815 L 695.7500068297863 194.79790415250056 M 695.7500068297863 194.79790415250056 M 687.7500071550143 194.80018530261964 L 679.7500074802422 194.8024664527387 M 679.7500074802422 194.8024664527387 M 671.7500078054701 194.8047476028578 L 663.750008130698 194.80702875297686 M 663.750008130698 194.80702875297686 M 655.7500084559259 194.80930990309594 L 647.7500087811538 194.811591053215 M 647.7500087811538 194.811591053215 M 639.7500091063818 194.81387220333409 L 631.7500094316097 194.81615335345316 M 631.7500094316097 194.81615335345316 M 623.7500097568376 194.81843450357223 L 615.7500100820655 194.8207156536913 M 615.7500100820655 194.8207156536913 M 607.7500104072934 194.82299680381038 L 599.7500107325213 194.82527795392943 M 599.7500107325213 194.82527795392943 M 591.7500110577492 194.8275591040485 L 583.7500113829772 194.82984025416755 M 583.7500113829772 194.82984025416755 M 575.7500117082051 194.83212140428662 L 567.750012033433 194.83440255440567 M 567.750012033433 194.83440255440567 M 559.7500123586609 194.83668370452475 L 551.7500126838888 194.8389648546438 M 551.7500126838888 194.8389648546438 M 543.7500130091167 194.84124600476287 L 535.7500133343447 194.8435271548819 M 535.7500133343447 194.8435271548819 M 527.7500136595726 194.845808305001 L 519.7500139848005 194.84808945512003 M 519.7500139848005 194.84808945512003 M 511.75001431002835 194.8503706052391 L 503.7500146352562 194.85265175535815 M 503.7500146352562 194.85265175535815 M 495.75001496048407 194.85493290547723 L 487.7500152857119 194.85721405559627 M 487.7500152857119 194.85721405559627 M 479.7500156109398 194.85949520571535 L 471.75001593616764 194.8617763558344 M 471.75001593616764 194.8617763558344 M 463.7500162613955 194.86405750595347 L 455.75001658662336 194.86633865607251 M 455.75001658662336 194.86633865607251 M 447.7500169118512 194.8686198061916 L 439.7500172370791 194.87090095631063 M 439.7500172370791 194.87090095631063 M 431.75001756230694 194.8731821064297 L 423.7500178875348 194.87546325654876 M 423.7500178875348 194.87546325654876 M 415.75001821276265 194.87774440666783 L 407.7500185379905 194.88002555678688 M 407.7500185379905 194.88002555678688 M 399.7500188632184 194.88230670690595 L 391.75001918844623 194.884587857025 M 391.75001918844623 194.884587857025 M 383.7500195136741 194.88686900714407 L 375.75001983890195 194.88915015726312 M 375.75001983890195 194.88915015726312 M 367.7500201641298 194.8914313073822 L 359.75002048935767 194.89371245750124 M 359.75002048935767 194.89371245750124 M 351.7500208145855 194.8959936076203 L 343.7500211398134 194.89827475773936 M 343.7500211398134 194.89827475773936 M 335.75002146504124 194.90055590785843 L 327.7500217902691 194.90283705797748 M 327.7500217902691 194.90283705797748 M 319.75002211549696 194.90511820809655 L 311.7500224407248 194.9073993582156 M 311.7500224407248 194.9073993582156 M 303.7500227659527 194.90968050833467 L 295.75002309118054 194.91196165845372 M 295.75002309118054 194.91196165845372 M 287.7500234164084 194.9142428085728 L 279.75002374163626 194.91652395869184 M 279.75002374163626 194.91652395869184 M 271.7500240668641 194.91880510881091 L 263.750024392092 194.92108625892996 M 263.750024392092 194.92108625892996 M 255.75002471731983 194.92336740904904 L 247.75002504254772 194.92564855916808 M 247.75002504254772 194.92564855916808 M 239.75002536777558 194.92792970928716 L 231.75002569300347 194.9302108594062 M 231.75002569300347 194.9302108594062 M 223.75002601823135 194.93249200952528 L 215.7500263434592 194.93477315964432 M 215.7500263434592 194.93477315964432 M 207.7500266686871 194.9370543097634 L 199.75002699391496 194.93933545988244 M 199.75002699391496 194.93933545988244 M 191.75002731914284 194.94161661000152 L 183.75002764437073 194.94389776012056 M 183.75002764437073 194.94389776012056 M 175.75002796959862 194.94617891023964 L 167.75002829482648 194.94846006035868 M 167.75002829482648 194.94846006035868 M 159.75002862005437 194.95074121047776 L 151.75002894528222 194.9530223605968 M 151.75002894528222 194.9530223605968 M 143.7500292705101 194.95530351071588 L 135.750029595738 194.95758466083493 M 135.750029595738 194.95758466083493 M 127.75002992096587 194.959865810954 L 119.75003024619375 194.96214696107305 M 119.75003024619375 194.96214696107305 M 111.75003057142162 194.96442811119212 L 103.75003089664949 194.96670926131117 M 103.75003089664949 194.96670926131117 M 95.75003122187736 194.96899041143024 L 87.75003154710524 194.9712715615493 M 87.75003154710524 194.9712715615493 M 79.75003187233311 194.97355271166836 L 71.75003219756098 194.9758338617874 M 71.75003219756098 194.9758338617874 M 63.75003252278886 194.97811501190648 L 55.75003284801673 194.98039616202553 M 55.75003284801673 194.98039616202553 M 47.7500331732446 194.9826773121446 L 39.750033498472476 194.98495846226365 M 39.750033498472476 194.98495846226365 M 31.75003382370035 194.98723961238272 L 23.750034148928222 194.98952076250177 M 23.750034148928222 194.98952076250177 M 15.750034474156095 194.99180191262084 L 7.750034799383968 194.9940830627399 M 7.750034799383968 194.9940830627399 M -0.2499648753881587 194.99636421285896 L -8.249964550160286 194.998645362978 M -8.249964550160286 194.998645362978" stroke-miterlimit="10"/></g></g></g></g><g transform="scale(1,1) matrix(1,0,0,1,582.5,151) translate(2,0.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="0" y="11">ip -6 route add 2001:db8:0::/64 dev eth0</text><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="0" y="25">ip -6 route add 2001:db8:1::/64 via 2001:db8:0::1</text><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="259.53515625" y="25">&#160;</text></g><g transform="scale(1,1) matrix(1,0,0,1,221,283) translate(2,0.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="14.6142578125" y="11">eth0 2001:db8:1::2/64</text></g><g transform="scale(1,1) matrix(1,0,0,1,479,284) translate(2,0.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="14.6142578125" y="11">eth0 2001:db8:2::1/64</text></g><g transform="scale(1,1) matrix(1,0,0,1,670,284) translate(2,0.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="14.6142578125" y="11">eth0 2001:db8:2::2/64</text></g><g transform="scale(1,1) matrix(1,0,0,1,317,436.5) translate(2,0.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="none" x="0.7084960937500142" y="9">containers' link-local addresses are not displayed</text></g><g transform="scale(1,1) matrix(1,0,0,1,17.5,205.5) translate(2,0.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="0" y="11">ip -6 route add 2001:db8:1::/64&#160;dev docker0</text></g><g transform="scale(1,1) matrix(1,0,0,1,583,204) translate(2,0.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="0" y="11">ip -6 route add 2001:db8:2::/64&#160;dev docker0</text></g><g transform="matrix(1,0,0,1,859.7500000000001,176)"><image width="40" height="275" preserveAspectRatio="none" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACgAAAETCAYAAABENES3AAADD0lEQVR4Xu3d7U3rQBCF4UMBfHQAVAKlQCVAJVAKdEAHQAd8FACaq/WVY8KP4zNIEXotIZLgdYZnJ+txRoQ97fi2t+PxiQDTGUIQwVQgHU8OIpgKpOPJQQRTgXQ8OYhgKpCO787BixHQXRrYNL47wGdJn5JOdzHA0rsdgV1KalHsFCy94xFg3W5R7ArwWtLVYlpvJNXj0dYR4JGkEjuQ/l/GVh6+SzqR9JpE2BHgNr0pplgxDbD0niTV921b6VUurlZMAzyXVF/Tdjam+X72WN2e37dmPA1w+WT1Qqljxi+O31qoCdDKjy07I4igK8Ay44ot90cQQVOAhdoE+7Y7ggi6AizUrhinOi6awpxhoQ4B/73DxYV7oohgoldjEUTQFaDccsUotzjVhTnDQh0CcqpLARFE0BagWLDJFgMQRNAUoFgwwWhDtP9FDjlIDroCnOpcMd5Z4J2FMGdYqENArotTQAQRtAUoFmwy3lmg454lDcVC5kfHPfVDEEFfgGLBN9scgSCCpgDFgglGG4I2RJoyCCLoCrBQu2LL/RFE0BWgonbF6HbS7QxzhoU6BKRXlwIiiKAtQLFgk9HtpNuZJQ3FQuZHry71QxBBX4BiwTej28mHkURZQ7EQ8fFhJCkfggiuEKBYWIG2MQRBBE0BigUT7NvuCCLoCrBQu2J03Om4hznDQh0C0i9OARFE0BagWLDJ6LjTcc+ShmIh86NfnPohiKAvQLHgm9Fxp+MeZQ3FQsRHvzjlQxDBFQIUCyvQ6Ljzv8KStKFYSPRqLIIIugKc6lwxOu503MOcYaEOATnVpYAI/j3Bc0lns1+rbtf5/X722MPivqWQFgtHkp4lHf7wrG+STiS9WlHNdk4DrENdj0p6Www34+dr42v57LdSfJG0P6a3gvmU9CHpONGrA3UI/qQY63UGWIqPQ6yOW6KVe/HWJViBXEi6HRFdSrqLo2uc4imWekXX1qLXOcVTgKVYW4vebwTYMasbx+jMwfbgEOwgZYpTRQQRTAXS8eQggqlAOp4cRDAVSMeTg6ngF4jfAyNg0jvuAAAAAElFTkSuQmCC" transform="translate(0,0)"/></g><g transform="scale(1,1) matrix(-1.8369701987210297e-16,-1,1,-1.8369701987210297e-16,863.7500000000001,389.5) translate(2,0.5)"><text fill="#000000" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="none" x="19.3046875" y="11">managed by Docker</text></g><g transform="matrix(1,0,0,1,853.5000000000001,428)"><g transform="translate(0,0)"><g transform="translate(-898.7500000000001,-432) translate(45.25,4) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#000000" d="M 884.7683424505416 432 L 857.5000000000001 432" stroke-miterlimit="10"/></g></g></g></g><g transform="matrix(1,0,0,1,856.5000000000001,191)"><g transform="translate(0,0)"><g transform="translate(-901.7500000000001,-195) translate(45.25,4) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#000000" d="M 888.767693574114 195 L 860.5000000000001 195" stroke-miterlimit="10"/></g></g></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/userguide/networking/default_network/images/ipv6_slash64_subnet_config.gliffy b/docs/userguide/networking/default_network/images/ipv6_slash64_subnet_config.gliffy
new file mode 100644
index 00000000..6914fd07
--- /dev/null
+++ b/docs/userguide/networking/default_network/images/ipv6_slash64_subnet_config.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#FFFFFF","width":550,"height":341,"nodeIndex":88,"autoFit":true,"exportBorder":false,"gridOn":false,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":2.5,"y":2.5},"max":{"x":550,"y":341}},"objects":[{"x":10.5,"y":53.5,"rotation":0.0,"id":74,"width":150.0,"height":16.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":26,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">fe80::1/64</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":37.0,"y":2.5,"rotation":0.0,"id":72,"width":100.0,"height":46.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":24,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#d9d9d9","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":73,"width":96.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Router</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":89.5,"y":83.5,"rotation":0.0,"id":59,"width":150.0,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":17,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"font-size:12px;font-style:italic;font-family:Arial;\"><span style=\"\">Routed Network:<br />2001:db8:23:42::/64</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":313.0,"y":314.0,"rotation":0.0,"id":39,"width":235.0,"height":16.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":16,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">ip -6 route add default via fe80::1 dev eth0</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":352.0,"y":185.5,"rotation":0.0,"id":36,"width":169.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":15,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">eth0 2001:db8:23:42:1::2/80</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":351.0,"y":49.5,"rotation":0.0,"id":29,"width":171.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":14,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">eth0 2001:db8:23:42:1::1/80</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":382.1250000000001,"y":202.5,"rotation":0.0,"id":30,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.square","order":12,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#ead1dc","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":31,"width":96.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">container1-2</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":382.0,"y":65.5,"rotation":0.0,"id":32,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.square","order":10,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#ead1dc","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":33,"width":96.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">container1-1</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":15.125000000000057,"y":264.0,"rotation":0.0,"id":20,"width":273.0,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":9,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">ip -6 route add default via fe80::1 dev eth0</span><span style=\"text-decoration:none;\"><br /></span></p><p style=\"text-align:left;\"><span style=\"text-align:center;\">ip -6 route add 2001:db8:23:42:1::/80 d</span><span style=\"text-align:center;\">ev docker0</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":120.0,"y":178.5,"rotation":0.0,"id":21,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":8,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">docker0 fe80::1/64</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":13.0,"y":132.5,"rotation":0.0,"id":22,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":7,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">eth0 2001:db8:23:42::1/80</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":38.0,"y":149.0,"rotation":0.0,"id":23,"width":100.0,"height":75.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":5,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#a4c2f4","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":24,"width":96.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">host1</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":-118.0,"y":123.0,"rotation":0.0,"id":44,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":4,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":23,"py":0.7071067811865475,"px":0.9999999999999998}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":30,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[255.99999999999997,79.03300858899107],[500.1250000000001,129.5]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":-138.0,"y":129.0,"rotation":0.0,"id":43,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":3,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":23,"py":0.29289321881345237,"px":1.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":32,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[276.0,41.966991411008934],[520.0,-13.5]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":313.0,"y":40.0,"rotation":0.0,"id":34,"width":237.00000000000003,"height":301.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":2,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":"2,2","dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[]},{"x":87.0,"y":150.0,"rotation":0.0,"id":58,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":1,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":23,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":72,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.0,-1.0],[0.0,-101.5]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":2.5,"y":118.50000000000001,"rotation":0.0,"id":25,"width":292.0,"height":178.99999999999997,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":0,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":"2,2","dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[]}],"shapeStyles":{},"lineStyles":{"global":{"stroke":"#cccccc"}},"textStyles":{"global":{"bold":true,"italic":true}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.basic.basic_v1.default","com.gliffy.libraries.flowchart.flowchart_v1.default","com.gliffy.libraries.swimlanes.swimlanes_v1.default","com.gliffy.libraries.uml.uml_v1.default","com.gliffy.libraries.erd.erd_v1.default","com.gliffy.libraries.ui.ui_v2.forms_components","com.gliffy.libraries.network.network_v3.home","com.gliffy.libraries.images"],"autosaveDisabled":false},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/docs/userguide/networking/default_network/images/ipv6_slash64_subnet_config.svg b/docs/userguide/networking/default_network/images/ipv6_slash64_subnet_config.svg
new file mode 100644
index 00000000..70b140e2
--- /dev/null
+++ b/docs/userguide/networking/default_network/images/ipv6_slash64_subnet_config.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="570" height="361"><style xmlns="http://www.w3.org/1999/xhtml"></style><defs><linearGradient id="MVLBsVARSTmi" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#a4c2f4"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="idliOCdyLFTX" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#ead1dc"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="eprnSotBuoMn" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#ead1dc"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="iWDbcgPdOTMR" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#d9d9d9"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient></defs><g transform="translate(0,0)"><g><rect fill="#FFFFFF" stroke="none" x="0" y="0" width="570" height="361"/></g><g transform="translate(0,0) matrix(1,0,0,1,2.5,118.50000000000001)"><g><g transform="translate(0,0) scale(2.92,1.7899999999999998)"><g><path fill="#FFFFFF" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(0.3424657534246575,0.558659217877095)"><path fill="none" stroke="none" d="M 0 0 L 292 0 Q 292 0 292 0 L 292 178.99999999999997 Q 292 178.99999999999997 292 178.99999999999997 L 0 178.99999999999997 Q 0 178.99999999999997 0 178.99999999999997 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#333333" d="M 0 0 M 0 0 L 2 0 M 2 0 M 4 0 L 6 0 M 6 0 M 8 0 L 10 0 M 10 0 M 12 0 L 14 0 M 14 0 M 16 0 L 18 0 M 18 0 M 20 0 L 22 0 M 22 0 M 24 0 L 26 0 M 26 0 M 28 0 L 30 0 M 30 0 M 32 0 L 34 0 M 34 0 M 36 0 L 38 0 M 38 0 M 40 0 L 42 0 M 42 0 M 44 0 L 46 0 M 46 0 M 48 0 L 50 0 M 50 0 M 52 0 L 54 0 M 54 0 M 56 0 L 58 0 M 58 0 M 60 0 L 62 0 M 62 0 M 64 0 L 66 0 M 66 0 M 68 0 L 70 0 M 70 0 M 72 0 L 74 0 M 74 0 M 76 0 L 78 0 M 78 0 M 80 0 L 82 0 M 82 0 M 84 0 L 86 0 M 86 0 M 88 0 L 90 0 M 90 0 M 92 0 L 94 0 M 94 0 M 96 0 L 98 0 M 98 0 M 100 0 L 102 0 M 102 0 M 104 0 L 106 0 M 106 0 M 108 0 L 110 0 M 110 0 M 112 0 L 114 0 M 114 0 M 116 0 L 118 0 M 118 0 M 120 0 L 122 0 M 122 0 M 124 0 L 126 0 M 126 0 M 128 0 L 130 0 M 130 0 M 132 0 L 134 0 M 134 0 M 136 0 L 138 0 M 138 0 M 140 0 L 142 0 M 142 0 M 144 0 L 146 0 M 146 0 M 148 0 L 150 0 M 150 0 M 152 0 L 154 0 M 154 0 M 156 0 L 158 0 M 158 0 M 160 0 L 162 0 M 162 0 M 164 0 L 166 0 M 166 0 M 168 0 L 170 0 M 170 0 M 172 0 L 174 0 M 174 0 M 176 0 L 178 0 M 178 0 M 180 0 L 182 0 M 182 0 M 184 0 L 186 0 M 186 0 M 188 0 L 190 0 M 190 0 M 192 0 L 194 0 M 194 0 M 196 0 L 198 0 M 198 0 M 200 0 L 202 0 M 202 0 M 204 0 L 206 0 M 206 0 M 208 0 L 210 0 M 210 0 M 212 0 L 214 0 M 214 0 M 216 0 L 218 0 M 218 0 M 220 0 L 222 0 M 222 0 M 224 0 L 226 0 M 226 0 M 228 0 L 230 0 M 230 0 M 232 0 L 234 0 M 234 0 M 236 0 L 238 0 M 238 0 M 240 0 L 242 0 M 242 0 M 244 0 L 246 0 M 246 0 M 248 0 L 250 0 M 250 0 M 252 0 L 254 0 M 254 0 M 256 0 L 258 0 M 258 0 M 260 0 L 262 0 M 262 0 M 264 0 L 266 0 M 266 0 M 268 0 L 270 0 M 270 0 M 272 0 L 274 0 M 274 0 M 276 0 L 278 0 M 278 0 M 280 0 L 282 0 M 282 0 M 284 0 L 286 0 M 286 0 M 288 0 L 290 0 M 290 0 M 292 0 L 292 0 Q 292 0 292 0 L 292 2 M 292 2 M 292 4 L 292 6 M 292 6 M 292 8 L 292 10 M 292 10 M 292 12 L 292 14 M 292 14 M 292 16 L 292 18 M 292 18 M 292 20 L 292 22 M 292 22 M 292 24 L 292 26 M 292 26 M 292 28 L 292 30 M 292 30 M 292 32 L 292 34 M 292 34 M 292 36 L 292 38 M 292 38 M 292 40 L 292 42 M 292 42 M 292 44 L 292 46 M 292 46 M 292 48 L 292 50 M 292 50 M 292 52 L 292 54 M 292 54 M 292 56 L 292 58 M 292 58 M 292 60 L 292 62 M 292 62 M 292 64 L 292 66 M 292 66 M 292 68 L 292 70 M 292 70 M 292 72 L 292 74 M 292 74 M 292 76 L 292 78 M 292 78 M 292 80 L 292 82 M 292 82 M 292 84 L 292 86 M 292 86 M 292 88 L 292 90 M 292 90 M 292 92 L 292 94 M 292 94 M 292 96 L 292 98 M 292 98 M 292 100 L 292 102 M 292 102 M 292 104 L 292 106 M 292 106 M 292 108 L 292 110 M 292 110 M 292 112 L 292 114 M 292 114 M 292 116 L 292 118 M 292 118 M 292 120 L 292 122 M 292 122 M 292 124 L 292 126 M 292 126 M 292 128 L 292 130 M 292 130 M 292 132 L 292 134 M 292 134 M 292 136 L 292 138 M 292 138 M 292 140 L 292 142 M 292 142 M 292 144 L 292 146 M 292 146 M 292 148 L 292 150 M 292 150 M 292 152 L 292 154 M 292 154 M 292 156 L 292 158 M 292 158 M 292 160 L 292 162 M 292 162 M 292 164 L 292 166 M 292 166 M 292 168 L 292 170 M 292 170 M 292 172 L 292 174 M 292 174 M 292 176 L 292 178 M 292 178 M 291 178.99999999999997 L 289 178.99999999999997 M 289 178.99999999999997 M 287 178.99999999999997 L 285 178.99999999999997 M 285 178.99999999999997 M 283 178.99999999999997 L 281 178.99999999999997 M 281 178.99999999999997 M 279 178.99999999999997 L 277 178.99999999999997 M 277 178.99999999999997 M 275 178.99999999999997 L 273 178.99999999999997 M 273 178.99999999999997 M 271 178.99999999999997 L 269 178.99999999999997 M 269 178.99999999999997 M 267 178.99999999999997 L 265 178.99999999999997 M 265 178.99999999999997 M 263 178.99999999999997 L 261 178.99999999999997 M 261 178.99999999999997 M 259 178.99999999999997 L 257 178.99999999999997 M 257 178.99999999999997 M 255 178.99999999999997 L 253 178.99999999999997 M 253 178.99999999999997 M 251 178.99999999999997 L 249 178.99999999999997 M 249 178.99999999999997 M 247 178.99999999999997 L 245 178.99999999999997 M 245 178.99999999999997 M 243 178.99999999999997 L 241 178.99999999999997 M 241 178.99999999999997 M 239 178.99999999999997 L 237 178.99999999999997 M 237 178.99999999999997 M 235 178.99999999999997 L 233 178.99999999999997 M 233 178.99999999999997 M 231 178.99999999999997 L 229 178.99999999999997 M 229 178.99999999999997 M 227 178.99999999999997 L 225 178.99999999999997 M 225 178.99999999999997 M 223 178.99999999999997 L 221 178.99999999999997 M 221 178.99999999999997 M 219 178.99999999999997 L 217 178.99999999999997 M 217 178.99999999999997 M 215 178.99999999999997 L 213 178.99999999999997 M 213 178.99999999999997 M 211 178.99999999999997 L 209 178.99999999999997 M 209 178.99999999999997 M 207 178.99999999999997 L 205 178.99999999999997 M 205 178.99999999999997 M 203 178.99999999999997 L 201 178.99999999999997 M 201 178.99999999999997 M 199 178.99999999999997 L 197 178.99999999999997 M 197 178.99999999999997 M 195 178.99999999999997 L 193 178.99999999999997 M 193 178.99999999999997 M 191 178.99999999999997 L 189 178.99999999999997 M 189 178.99999999999997 M 187 178.99999999999997 L 185 178.99999999999997 M 185 178.99999999999997 M 183 178.99999999999997 L 181 178.99999999999997 M 181 178.99999999999997 M 179 178.99999999999997 L 177 178.99999999999997 M 177 178.99999999999997 M 175 178.99999999999997 L 173 178.99999999999997 M 173 178.99999999999997 M 171 178.99999999999997 L 169 178.99999999999997 M 169 178.99999999999997 M 167 178.99999999999997 L 165 178.99999999999997 M 165 178.99999999999997 M 163 178.99999999999997 L 161 178.99999999999997 M 161 178.99999999999997 M 159 178.99999999999997 L 157 178.99999999999997 M 157 178.99999999999997 M 155 178.99999999999997 L 153 178.99999999999997 M 153 178.99999999999997 M 151 178.99999999999997 L 149 178.99999999999997 M 149 178.99999999999997 M 147 178.99999999999997 L 145 178.99999999999997 M 145 178.99999999999997 M 143 178.99999999999997 L 141 178.99999999999997 M 141 178.99999999999997 M 139 178.99999999999997 L 137 178.99999999999997 M 137 178.99999999999997 M 135 178.99999999999997 L 133 178.99999999999997 M 133 178.99999999999997 M 131 178.99999999999997 L 129 178.99999999999997 M 129 178.99999999999997 M 127 178.99999999999997 L 125 178.99999999999997 M 125 178.99999999999997 M 123 178.99999999999997 L 121 178.99999999999997 M 121 178.99999999999997 M 119 178.99999999999997 L 117 178.99999999999997 M 117 178.99999999999997 M 115 178.99999999999997 L 113 178.99999999999997 M 113 178.99999999999997 M 111 178.99999999999997 L 109 178.99999999999997 M 109 178.99999999999997 M 107 178.99999999999997 L 105 178.99999999999997 M 105 178.99999999999997 M 103 178.99999999999997 L 101 178.99999999999997 M 101 178.99999999999997 M 99 178.99999999999997 L 97 178.99999999999997 M 97 178.99999999999997 M 95 178.99999999999997 L 93 178.99999999999997 M 93 178.99999999999997 M 91 178.99999999999997 L 89 178.99999999999997 M 89 178.99999999999997 M 87 178.99999999999997 L 85 178.99999999999997 M 85 178.99999999999997 M 83 178.99999999999997 L 81 178.99999999999997 M 81 178.99999999999997 M 79 178.99999999999997 L 77 178.99999999999997 M 77 178.99999999999997 M 75 178.99999999999997 L 73 178.99999999999997 M 73 178.99999999999997 M 71 178.99999999999997 L 69 178.99999999999997 M 69 178.99999999999997 M 67 178.99999999999997 L 65 178.99999999999997 M 65 178.99999999999997 M 63 178.99999999999997 L 61 178.99999999999997 M 61 178.99999999999997 M 59 178.99999999999997 L 57 178.99999999999997 M 57 178.99999999999997 M 55 178.99999999999997 L 53 178.99999999999997 M 53 178.99999999999997 M 51 178.99999999999997 L 49 178.99999999999997 M 49 178.99999999999997 M 47 178.99999999999997 L 45 178.99999999999997 M 45 178.99999999999997 M 43 178.99999999999997 L 41 178.99999999999997 M 41 178.99999999999997 M 39 178.99999999999997 L 37 178.99999999999997 M 37 178.99999999999997 M 35 178.99999999999997 L 33 178.99999999999997 M 33 178.99999999999997 M 31 178.99999999999997 L 29 178.99999999999997 M 29 178.99999999999997 M 27 178.99999999999997 L 25 178.99999999999997 M 25 178.99999999999997 M 23 178.99999999999997 L 21 178.99999999999997 M 21 178.99999999999997 M 19 178.99999999999997 L 17 178.99999999999997 M 17 178.99999999999997 M 15 178.99999999999997 L 13 178.99999999999997 M 13 178.99999999999997 M 11 178.99999999999997 L 9 178.99999999999997 M 9 178.99999999999997 M 7 178.99999999999997 L 5 178.99999999999997 M 5 178.99999999999997 M 3 178.99999999999997 L 1 178.99999999999997 M 1 178.99999999999997 M 0 177.99999999999997 L 0 175.99999999999997 M 0 175.99999999999997 M 0 173.99999999999997 L 0 171.99999999999997 M 0 171.99999999999997 M 0 169.99999999999997 L 0 167.99999999999997 M 0 167.99999999999997 M 0 165.99999999999997 L 0 163.99999999999997 M 0 163.99999999999997 M 0 161.99999999999997 L 0 159.99999999999997 M 0 159.99999999999997 M 0 157.99999999999997 L 0 155.99999999999997 M 0 155.99999999999997 M 0 153.99999999999997 L 0 151.99999999999997 M 0 151.99999999999997 M 0 149.99999999999997 L 0 147.99999999999997 M 0 147.99999999999997 M 0 145.99999999999997 L 0 143.99999999999997 M 0 143.99999999999997 M 0 141.99999999999997 L 0 139.99999999999997 M 0 139.99999999999997 M 0 137.99999999999997 L 0 135.99999999999997 M 0 135.99999999999997 M 0 133.99999999999997 L 0 131.99999999999997 M 0 131.99999999999997 M 0 129.99999999999997 L 0 127.99999999999997 M 0 127.99999999999997 M 0 125.99999999999997 L 0 123.99999999999997 M 0 123.99999999999997 M 0 121.99999999999997 L 0 119.99999999999997 M 0 119.99999999999997 M 0 117.99999999999997 L 0 115.99999999999997 M 0 115.99999999999997 M 0 113.99999999999997 L 0 111.99999999999997 M 0 111.99999999999997 M 0 109.99999999999997 L 0 107.99999999999997 M 0 107.99999999999997 M 0 105.99999999999997 L 0 103.99999999999997 M 0 103.99999999999997 M 0 101.99999999999997 L 0 99.99999999999997 M 0 99.99999999999997 M 0 97.99999999999997 L 0 95.99999999999997 M 0 95.99999999999997 M 0 93.99999999999997 L 0 91.99999999999997 M 0 91.99999999999997 M 0 89.99999999999997 L 0 87.99999999999997 M 0 87.99999999999997 M 0 85.99999999999997 L 0 83.99999999999997 M 0 83.99999999999997 M 0 81.99999999999997 L 0 79.99999999999997 M 0 79.99999999999997 M 0 77.99999999999997 L 0 75.99999999999997 M 0 75.99999999999997 M 0 73.99999999999997 L 0 71.99999999999997 M 0 71.99999999999997 M 0 69.99999999999997 L 0 67.99999999999997 M 0 67.99999999999997 M 0 65.99999999999997 L 0 63.99999999999997 M 0 63.99999999999997 M 0 61.99999999999997 L 0 59.99999999999997 M 0 59.99999999999997 M 0 57.99999999999997 L 0 55.99999999999997 M 0 55.99999999999997 M 0 53.99999999999997 L 0 51.99999999999997 M 0 51.99999999999997 M 0 49.99999999999997 L 0 47.99999999999997 M 0 47.99999999999997 M 0 45.99999999999997 L 0 43.99999999999997 M 0 43.99999999999997 M 0 41.99999999999997 L 0 39.99999999999997 M 0 39.99999999999997 M 0 37.99999999999997 L 0 35.99999999999997 M 0 35.99999999999997 M 0 33.99999999999997 L 0 31.99999999999997 M 0 31.99999999999997 M 0 29.99999999999997 L 0 27.99999999999997 M 0 27.99999999999997 M 0 25.99999999999997 L 0 23.99999999999997 M 0 23.99999999999997 M 0 21.99999999999997 L 0 19.99999999999997 M 0 19.99999999999997 M 0 17.99999999999997 L 0 15.999999999999972 M 0 15.999999999999972 M 0 13.999999999999972 L 0 11.999999999999972 M 0 11.999999999999972 M 0 9.999999999999972 L 0 7.999999999999972 M 0 7.999999999999972 M 0 5.999999999999972 L 0 3.9999999999999716 M 0 3.9999999999999716 M 0 1.9999999999999716 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,82.5,44)"><g transform="translate(0,0)"><g transform="translate(-87,-150) translate(4.5,106) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 88 149 L 87 48.5" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,313,40)"><g><g transform="translate(0,0) scale(2.37,3.01)"><g><path fill="#FFFFFF" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(0.42194092827004215,0.33222591362126247)"><path fill="none" stroke="none" d="M 0 0 L 237 0 Q 237 0 237 0 L 237 301 Q 237 301 237 301 L 0 301 Q 0 301 0 301 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#333333" d="M 0 0 M 0 0 L 1.9999999999999998 0 M 1.9999999999999998 0 M 4 0 L 6 0 M 6 0 M 8 0 L 10 0 M 10 0 M 12 0 L 14 0 M 14 0 M 16 0 L 18 0 M 18 0 M 20 0 L 22 0 M 22 0 M 24 0 L 26 0 M 26 0 M 28 0 L 30 0 M 30 0 M 32 0 L 34 0 M 34 0 M 36 0 L 38 0 M 38 0 M 40 0 L 42 0 M 42 0 M 44 0 L 46 0 M 46 0 M 48 0 L 50 0 M 50 0 M 52 0 L 54 0 M 54 0 M 56 0 L 58 0 M 58 0 M 60 0 L 62 0 M 62 0 M 64 0 L 66 0 M 66 0 M 68 0 L 70 0 M 70 0 M 72 0 L 74 0 M 74 0 M 76 0 L 78 0 M 78 0 M 80 0 L 82 0 M 82 0 M 84 0 L 86 0 M 86 0 M 88 0 L 90 0 M 90 0 M 92 0 L 94 0 M 94 0 M 96 0 L 98 0 M 98 0 M 100 0 L 102 0 M 102 0 M 104 0 L 106 0 M 106 0 M 108 0 L 110 0 M 110 0 M 112 0 L 114 0 M 114 0 M 116 0 L 118 0 M 118 0 M 120 0 L 122 0 M 122 0 M 124 0 L 126 0 M 126 0 M 128 0 L 130 0 M 130 0 M 132 0 L 134 0 M 134 0 M 136 0 L 138 0 M 138 0 M 140 0 L 142 0 M 142 0 M 144 0 L 146 0 M 146 0 M 148 0 L 150 0 M 150 0 M 152 0 L 154 0 M 154 0 M 156 0 L 158 0 M 158 0 M 160 0 L 162 0 M 162 0 M 164 0 L 166 0 M 166 0 M 168 0 L 170 0 M 170 0 M 172 0 L 174 0 M 174 0 M 176 0 L 178 0 M 178 0 M 180 0 L 182 0 M 182 0 M 184 0 L 186 0 M 186 0 M 188 0 L 190 0 M 190 0 M 192 0 L 194 0 M 194 0 M 196 0 L 198 0 M 198 0 M 200 0 L 202 0 M 202 0 M 204 0 L 206 0 M 206 0 M 208 0 L 210 0 M 210 0 M 212 0 L 214 0 M 214 0 M 216 0 L 218 0 M 218 0 M 220 0 L 222 0 M 222 0 M 224 0 L 226 0 M 226 0 M 228 0 L 230 0 M 230 0 M 232 0 L 234 0 M 234 0 M 236 0 L 237 0 Q 237 0 237 0 L 237 1 M 237 1 M 237 3 L 237 5 M 237 5 M 237 7 L 237 9 M 237 9 M 237 11 L 237 13 M 237 13 M 237 15 L 237 17 M 237 17 M 237 19 L 237 21 M 237 21 M 237 23 L 237 25 M 237 25 M 237 27 L 237 29 M 237 29 M 237 31 L 237 33 M 237 33 M 237 35 L 237 37 M 237 37 M 237 39 L 237 41 M 237 41 M 237 43 L 237 45 M 237 45 M 237 47 L 237 49 M 237 49 M 237 51 L 237 53 M 237 53 M 237 55 L 237 57 M 237 57 M 237 59 L 237 61 M 237 61 M 237 63 L 237 65 M 237 65 M 237 67 L 237 69 M 237 69 M 237 71 L 237 73 M 237 73 M 237 75 L 237 77 M 237 77 M 237 79 L 237 81 M 237 81 M 237 83 L 237 85 M 237 85 M 237 87 L 237 89 M 237 89 M 237 91 L 237 93 M 237 93 M 237 95 L 237 97 M 237 97 M 237 99 L 237 101 M 237 101 M 237 103 L 237 105 M 237 105 M 237 107 L 237 109 M 237 109 M 237 111 L 237 113 M 237 113 M 237 115 L 237 117 M 237 117 M 237 119 L 237 121 M 237 121 M 237 123 L 237 125 M 237 125 M 237 127 L 237 129 M 237 129 M 237 131 L 237 133 M 237 133 M 237 135 L 237 137 M 237 137 M 237 139 L 237 141 M 237 141 M 237 143 L 237 145 M 237 145 M 237 147 L 237 149 M 237 149 M 237 151 L 237 153 M 237 153 M 237 155 L 237 157 M 237 157 M 237 159 L 237 161 M 237 161 M 237 163 L 237 165 M 237 165 M 237 167 L 237 169 M 237 169 M 237 171 L 237 173 M 237 173 M 237 175 L 237 177 M 237 177 M 237 179 L 237 181 M 237 181 M 237 183 L 237 185 M 237 185 M 237 187 L 237 189 M 237 189 M 237 191 L 237 193 M 237 193 M 237 195 L 237 197 M 237 197 M 237 199 L 237 201 M 237 201 M 237 203 L 237 205 M 237 205 M 237 207 L 237 209 M 237 209 M 237 211 L 237 213 M 237 213 M 237 215 L 237 217 M 237 217 M 237 219 L 237 221 M 237 221 M 237 223 L 237 225 M 237 225 M 237 227 L 237 229 M 237 229 M 237 231 L 237 233 M 237 233 M 237 235 L 237 237 M 237 237 M 237 239 L 237 241 M 237 241 M 237 243 L 237 245 M 237 245 M 237 247 L 237 249 M 237 249 M 237 251 L 237 253 M 237 253 M 237 255 L 237 257 M 237 257 M 237 259 L 237 261 M 237 261 M 237 263 L 237 265 M 237 265 M 237 267 L 237 269 M 237 269 M 237 271 L 237 273 M 237 273 M 237 275 L 237 277 M 237 277 M 237 279 L 237 281 M 237 281 M 237 283 L 237 285 M 237 285 M 237 287 L 237 289 M 237 289 M 237 291 L 237 293 M 237 293 M 237 295 L 237 297 M 237 297 M 237 299 L 237 301 M 237 301 M 235 301 L 233 301 M 233 301 M 231 301 L 229 301 M 229 301 M 227 301 L 225 301 M 225 301 M 223 301 L 221 301 M 221 301 M 219 301 L 217 301 M 217 301 M 215 301 L 213 301 M 213 301 M 211 301 L 209 301 M 209 301 M 207 301 L 205 301 M 205 301 M 203 301 L 201 301 M 201 301 M 199 301 L 197 301 M 197 301 M 195 301 L 193 301 M 193 301 M 191 301 L 189 301 M 189 301 M 187 301 L 185 301 M 185 301 M 183 301 L 181 301 M 181 301 M 179 301 L 177 301 M 177 301 M 175 301 L 173 301 M 173 301 M 171 301 L 169 301 M 169 301 M 167 301 L 165 301 M 165 301 M 163 301 L 161 301 M 161 301 M 159 301 L 157 301 M 157 301 M 155 301 L 153 301 M 153 301 M 151 301 L 149 301 M 149 301 M 147 301 L 145 301 M 145 301 M 143 301 L 141 301 M 141 301 M 139 301 L 137 301 M 137 301 M 135 301 L 133 301 M 133 301 M 131 301 L 129 301 M 129 301 M 127 301 L 125 301 M 125 301 M 123 301 L 121 301 M 121 301 M 119 301 L 117 301 M 117 301 M 115 301 L 113 301 M 113 301 M 111 301 L 109 301 M 109 301 M 107 301 L 105 301 M 105 301 M 103 301 L 101 301 M 101 301 M 99 301 L 97 301 M 97 301 M 95 301 L 93 301 M 93 301 M 91 301 L 89 301 M 89 301 M 87 301 L 85 301 M 85 301 M 83 301 L 81 301 M 81 301 M 79 301 L 77 301 M 77 301 M 75 301 L 73 301 M 73 301 M 71 301 L 69 301 M 69 301 M 67 301 L 65 301 M 65 301 M 63 301 L 61 301 M 61 301 M 59 301 L 57 301 M 57 301 M 55 301 L 53 301 M 53 301 M 51 301 L 49 301 M 49 301 M 47 301 L 45 301 M 45 301 M 43 301 L 41 301 M 41 301 M 39 301 L 37 301 M 37 301 M 35 301 L 33 301 M 33 301 M 31 301 L 29 301 M 29 301 M 27 301 L 25 301 M 25 301 M 23 301 L 21 301 M 21 301 M 19 301 L 17 301 M 17 301 M 15 301 L 13 301 M 13 301 M 11 301 L 9 301 M 9 301 M 7 301 L 5 301 M 5 301 M 3 301 L 1 301 M 1 301 M 0 300 L 0 298 M 0 298 M 0 296 L 0 294 M 0 294 M 0 292 L 0 290 M 0 290 M 0 288 L 0 286 M 0 286 M 0 284 L 0 282 M 0 282 M 0 280 L 0 278 M 0 278 M 0 276 L 0 274 M 0 274 M 0 272 L 0 270 M 0 270 M 0 268 L 0 266 M 0 266 M 0 264 L 0 262 M 0 262 M 0 260 L 0 258 M 0 258 M 0 256 L 0 254 M 0 254 M 0 252 L 0 250 M 0 250 M 0 248 L 0 246 M 0 246 M 0 244 L 0 242 M 0 242 M 0 240 L 0 238 M 0 238 M 0 236 L 0 234 M 0 234 M 0 232 L 0 230 M 0 230 M 0 228 L 0 226 M 0 226 M 0 224 L 0 222 M 0 222 M 0 220 L 0 218 M 0 218 M 0 216 L 0 214 M 0 214 M 0 212 L 0 210 M 0 210 M 0 208 L 0 206 M 0 206 M 0 204 L 0 202 M 0 202 M 0 200 L 0 198 M 0 198 M 0 196 L 0 194 M 0 194 M 0 192 L 0 190 M 0 190 M 0 188 L 0 186 M 0 186 M 0 184 L 0 182 M 0 182 M 0 180 L 0 178 M 0 178 M 0 176 L 0 174 M 0 174 M 0 172 L 0 170 M 0 170 M 0 168 L 0 166 M 0 166 M 0 164 L 0 162 M 0 162 M 0 160 L 0 158 M 0 158 M 0 156 L 0 154 M 0 154 M 0 152 L 0 150 M 0 150 M 0 148 L 0 146 M 0 146 M 0 144 L 0 142 M 0 142 M 0 140 L 0 138 M 0 138 M 0 136 L 0 134 M 0 134 M 0 132 L 0 130 M 0 130 M 0 128 L 0 126 M 0 126 M 0 124 L 0 122 M 0 122 M 0 120 L 0 118 M 0 118 M 0 116 L 0 114 M 0 114 M 0 112 L 0 110 M 0 110 M 0 108 L 0 106 M 0 106 M 0 104 L 0 102 M 0 102 M 0 100 L 0 98 M 0 98 M 0 96 L 0 94 M 0 94 M 0 92 L 0 90 M 0 90 M 0 88 L 0 86 M 0 86 M 0 84 L 0 82 M 0 82 M 0 80 L 0 78 M 0 78 M 0 76 L 0 74 M 0 74 M 0 72 L 0 70 M 0 70 M 0 68 L 0 66 M 0 66 M 0 64 L 0 62 M 0 62 M 0 60 L 0 58 M 0 58 M 0 56 L 0 54 M 0 54 M 0 52 L 0 50 M 0 50 M 0 48 L 0 46 M 0 46 M 0 44 L 0 42 M 0 42 M 0 40 L 0 38 M 0 38 M 0 36 L 0 34 M 0 34 M 0 32 L 0 30 M 0 30 M 0 28 L 0 26 M 0 26 M 0 24 L 0 22 M 0 22 M 0 20 L 0 18 M 0 18 M 0 16 L 0 14 M 0 14 M 0 12 L 0 10 M 0 10 M 0 8 L 0 6 M 0 6 M 0 4 L 0 2 M 0 2 M 0 0 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,133.5,111)"><g transform="translate(0,0)"><g transform="translate(138,-129) translate(-271.5,18) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 138 170.96699141100893 L 382 115.5" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,133.49999999999997,197.53300858899107)"><g transform="translate(0,0)"><g transform="translate(118,-123) translate(-251.49999999999997,-74.53300858899107) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 137.99999999999997 202.03300858899107 L 382.1250000000001 252.5" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,38,149)"><g transform="translate(4,4) scale(1.01,1.0133333333333334)"><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="url(#MVLBsVARSTmi)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#MVLBsVARSTmi)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,48,180)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="25.322265625" y="0" width="30" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="25.322265625" y="0" width="30" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="25" y="11">h</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="32" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="39" y="11">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="45" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="48" y="11">1</text></g></g><g transform="matrix(1,0,0,1,15,133)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="2.9365234375" y="0" width="142" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="2.9365234375" y="0" width="142" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="3" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="10" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="13" y="11">h</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="20" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="30" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="36" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="43" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="50" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="56" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="60" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="66" y="11">b</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="73" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="80" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="83" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="90" y="11">3</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="96" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="100" y="11">4</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="106" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="113" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="116" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="120" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="126" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="130" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="136" y="11">0</text></g></g><g transform="matrix(1,0,0,1,122,179)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="23.2978515625" y="0" width="100" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="23.2978515625" y="0" width="100" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="23" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="30" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="37" y="11">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="43" y="11">k</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="49" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="55" y="11">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="69" y="11">f</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="73" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="79" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="86" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="93" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="96" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="99" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="106" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="109" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="116" y="11">4</text></g></g><g transform="matrix(1,0,0,1,17,264)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="269" height="28" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="269" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="225" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="11">ip</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="9" y="11"> -</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="17" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">route</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">add</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="81" y="11">default</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="120" y="11">via</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="139" y="11">fe80</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="162" y="11">::</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="169" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="179" y="11">dev</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="201" y="11">eth0</text></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="224.82421875" y="0" width="1" height="14" fill-opacity="0"/></g></g><g><g/></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="269" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="208" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="25">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="3" y="25">p</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="13" y="25">-</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="17" y="25">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="25">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="31" y="25">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="37" y="25">u</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="44" y="25">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="47" y="25">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="25">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64" y="25">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="71" y="25">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="81" y="25">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="87" y="25">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="94" y="25">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="101" y="25">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="107" y="25">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="111" y="25">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="117" y="25">b</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="124" y="25">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="131" y="25">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="134" y="25">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="141" y="25">3</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="147" y="25">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="151" y="25">4</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="157" y="25">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="164" y="25">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="167" y="25">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="174" y="25">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="177" y="25">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="181" y="25">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="184" y="25">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="191" y="25">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="201" y="25">d</text></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="207.498046875" y="14" width="60" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="207" y="25">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="214" y="25">v</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="224" y="25">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="230" y="25">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="237" y="25">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="243" y="25">k</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="249" y="25">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="256" y="25">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="260" y="25">0</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,382,65.5)"><g transform="translate(4,4) scale(1.01,1.01)"><g><g transform="translate(0,0) scale(1,1)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,1)"><g><path fill="url(#idliOCdyLFTX)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#idliOCdyLFTX)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,392,109)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="6.6455078125" y="0" width="68" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="6.6455078125" y="0" width="68" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="7" y="11">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="13" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="19" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="26" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="29" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="36" y="11">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="39" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="45" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="52" y="11">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="56" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="63" y="11">-</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="67" y="11">1</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,382.1250000000001,202.5)"><g transform="translate(4,4) scale(1.01,1.01)"><g><g transform="translate(0,0) scale(1,1)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,1)"><g><path fill="url(#eprnSotBuoMn)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#eprnSotBuoMn)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,392,246)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="6.6455078125" y="0" width="68" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="6.6455078125" y="0" width="68" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="7" y="11">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="13" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="19" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="26" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="29" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="36" y="11">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="39" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="45" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="52" y="11">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="56" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="63" y="11">-</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="67" y="11">2</text></g></g><g transform="matrix(1,0,0,1,353,50)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="167" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="167" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="8.4326171875" y="0" width="151" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="8.4326171875" y="0" width="151" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="8" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="15" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="18" y="11">h</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="25" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="35" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="42" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="48" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="55" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="62" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="65" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="72" y="11">b</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="78" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="85" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="89" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="95" y="11">3</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="102" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="105" y="11">4</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="112" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="119" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="122" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="129" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="132" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="135" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="142" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="145" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="152" y="11">0</text></g></g><g transform="matrix(1,0,0,1,354,186)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="165" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="165" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="7.4326171875" y="0" width="151" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="7.4326171875" y="0" width="151" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="7" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="14" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="17" y="11">h</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="34" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="41" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="47" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="54" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="61" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="71" y="11">b</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="77" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="84" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="88" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="94" y="11">3</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="101" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="104" y="11">4</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="111" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="118" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="121" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="128" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="131" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="134" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="141" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="144" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="151" y="11">0</text></g></g><g transform="matrix(1,0,0,1,315,315)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="231" height="16" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="231" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="3.087890625" y="0" width="225" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="3" y="11">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="6" y="11">p</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="16" y="11">-</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="20" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="30" y="11">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="34" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="11">u</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="47" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="50" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="60" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="67" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="74" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="84" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="90" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="97" y="11">f</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="100" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="107" y="11">u</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="114" y="11">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="117" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="123" y="11">v</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="129" y="11">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="132" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="142" y="11">f</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="145" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="152" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="159" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="165" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="169" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="172" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="182" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="189" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="195" y="11">v</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="205" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="211" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="215" y="11">h</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="221" y="11">0</text></g></g><g transform="matrix(1,0,0,1,92,84)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="28" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="28" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="107" height="28" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="107" height="28" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="0" y="11">Routed</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="42" y="11">Network</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="86" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="0" y="25">2001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="27" y="25">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="30" y="25">db8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="50" y="25">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="53" y="25">23</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="67" y="25">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="70" y="25">42</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="83" y="25">::/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="93" y="25">64</text></g><g><g/></g></g><g transform="translate(0,0) matrix(1,0,0,1,37,2.5)"><g transform="translate(4,4) scale(1.01,1.0217391304347827)"><g><g transform="translate(0,0) scale(1,0.46)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,2.1739130434782608)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 46 Q 100 46 100 46 L 0 46 Q 0 46 0 46 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 46 Q 100 46 100 46 L 0 46 Q 0 46 0 46 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,0.46)"><g><path fill="url(#iWDbcgPdOTMR)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,2.1739130434782608)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 46 Q 100 46 100 46 L 0 46 Q 0 46 0 46 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#iWDbcgPdOTMR)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 46 Q 100 46 100 46 L 0 46 Q 0 46 0 46 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,47,19)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="21.9912109375" y="0" width="38" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="21.9912109375" y="0" width="38" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="22" y="11">R</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="31" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="37" y="11">u</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="44" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="47" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="54" y="11">r</text></g></g><g transform="matrix(1,0,0,1,13,55)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="16" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="46.310546875" y="0" width="54" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46" y="11">f</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="50" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="56" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="63" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="70" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="73" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="76" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="83" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="86" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="93" y="11">4</text></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/userguide/networking/default_network/images/ipv6_switched_network_example.gliffy b/docs/userguide/networking/default_network/images/ipv6_switched_network_example.gliffy
new file mode 100644
index 00000000..75cbfcaa
--- /dev/null
+++ b/docs/userguide/networking/default_network/images/ipv6_switched_network_example.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#FFFFFF","width":893,"height":448,"nodeIndex":185,"autoFit":true,"exportBorder":false,"gridOn":false,"snapToGrid":false,"drawingGuidesOn":true,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":-17.000680271168676,"y":7},"max":{"x":892.767693574114,"y":447.5}},"objects":[{"x":17.5,"y":205.5,"rotation":0.0,"id":167,"width":238.5,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":38,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">ip -6 route add 2001:db8:1::/64 dev docker0</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":231.28932188134524,"y":95.0,"rotation":0.0,"id":120,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":6,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":161,"py":0.0,"px":0.2928932188134524}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":131,"py":1.0,"px":0.7071067811865476}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[267.5,47.5],[217.9213562373095,-13.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":187.0,"y":206.5,"rotation":0.0,"id":121,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":9,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":140,"py":0.9999999999999998,"px":0.29289321881345254}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":148,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[130.28932188134524,11.0],[-79.0,91.5]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":174.0,"y":217.5,"rotation":0.0,"id":122,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":8,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":140,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":146,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[164.0,0.0],[120.0,81.5]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":33.50000000000003,"y":409.0,"rotation":0.0,"id":123,"width":346.49999999999994,"height":16.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":31,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">ip -6 route add default via fe80::1 dev eth0</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":3.5000000000000284,"y":268.5,"rotation":0.0,"id":124,"width":411.00000000000006,"height":163.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":3,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":"2,2","dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[]},{"x":237.0,"y":54.0,"rotation":0.0,"id":125,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":7,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":131,"py":0.9999999999999998,"px":0.29289321881345254}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":140,"py":0.0,"px":0.7071067811865476}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[170.78932188134524,27.999999999999986],[121.71067811865476,88.5]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":378.5,"y":7.0,"rotation":0.0,"id":131,"width":100.0,"height":75.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":10,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#e2e2e2","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":132,"width":96.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Level 2 Switch</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":785.0,"y":195.0,"rotation":0.0,"id":136,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":32,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":143,"py":0.6187943262411347,"px":1.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":"8.0,8.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[78.75000000000011,-0.25],[-798.0006802711687,-3.410605131648481E-13]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":262.0,"y":224.0,"rotation":0.0,"id":138,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":19,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">docker0 fe80::1/64</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":278.0,"y":126.0,"rotation":0.0,"id":139,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":16,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">eth0 2001:db8:0::1/64</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":288.0,"y":142.5,"rotation":0.0,"id":140,"width":100.0,"height":75.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":12,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#a4c2f4","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":141,"width":96.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Host1</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":3.4999999999999716,"y":107.5,"rotation":0.0,"id":142,"width":411.0,"height":141.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":1,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":"2,2","dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[]},{"x":221.0,"y":283.0,"rotation":0.0,"id":144,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":34,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">eth0 2001:db8:1::2/64</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":34.000000000000014,"y":283.0,"rotation":0.0,"id":145,"width":149.99999999999997,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":24,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">eth0 2001:db8:1::1/64</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":244.0,"y":299.0,"rotation":0.0,"id":146,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.square","order":22,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#ead1dc","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":147,"width":96.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Container1-2</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":58.0,"y":298.0,"rotation":0.0,"id":148,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.square","order":20,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#ead1dc","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":149,"width":96.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Container1-1</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":317.0,"y":436.5,"rotation":0.0,"id":158,"width":223.00000000000003,"height":11.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":37,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:10px;font-style:italic;\">containers&#39; link-local addresses are not displayed</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":17.5,"y":148.0,"rotation":0.0,"id":137,"width":291.0,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":29,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">ip -6 route add 2001:db8:0::/64 dev eth0</span></p><p style=\"text-align:left;\"><span style=\"\">ip -6 route add 2001:db8:2::/64 via 2001:db8:0::2</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":901.7500000000001,"y":195.0,"rotation":0.0,"id":172,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":43,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-12.982306425886122,0.0],[-41.25,0.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":670.0,"y":284.0,"rotation":0.0,"id":155,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":36,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">eth0 2001:db8:2::2/64</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":479.0,"y":284.0,"rotation":0.0,"id":150,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":35,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">eth0 2001:db8:2::1/64</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":488.75,"y":408.0,"rotation":0.0,"id":152,"width":339.75,"height":16.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":30,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">ip -6 route add default via fe80::1 dev eth0</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":694.5,"y":298.0,"rotation":0.0,"id":156,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.square","order":27,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#ead1dc","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":157,"width":96.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Container2-2</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":501.5,"y":298.0,"rotation":0.0,"id":153,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.square","order":25,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#ead1dc","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":154,"width":96.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Container2-1</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":444.5,"y":223.0,"rotation":0.0,"id":160,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":18,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">docker0 fe80::1/64</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":460.5,"y":128.0,"rotation":0.0,"id":159,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":17,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">eth0 2001:db8:0::2/64</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":469.5,"y":142.5,"rotation":0.0,"id":161,"width":100.0,"height":75.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":14,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#a4c2f4","gradient":true,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":162,"width":96.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Host2</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"children":[]}]},{"x":139.5,"y":86.5,"rotation":0.0,"id":126,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":5,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":161,"py":1.0,"px":0.7071067811865476}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":156,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[400.71067811865476,131.0],[605.0,211.5]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":100.5,"y":90.5,"rotation":0.0,"id":127,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":4,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":161,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":153,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#cccccc","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[419.0,127.0],[451.0,207.5]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":447.75,"y":268.5,"rotation":0.0,"id":151,"width":416.0000000000001,"height":163.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":2,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":"2,2","dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[]},{"x":447.75,"y":107.5,"rotation":0.0,"id":143,"width":416.0000000000001,"height":141.0,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":0,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dashStyle":"2,2","dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[]},{"x":795.7500000000001,"y":307.5,"rotation":270.0,"id":173,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":41,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">managed by Docker</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":879.7500000000001,"y":417.0,"rotation":0.0,"id":174,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":40,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":2,"endArrow":2,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[0.0,14.008510484195028],[0.0,-221.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":898.7500000000001,"y":432.0,"rotation":0.0,"id":171,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":42,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-13.981657549458532,0.0],[-41.25,0.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[]},{"x":582.5,"y":151.0,"rotation":0.0,"id":135,"width":285.25000000000017,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":33,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">ip -6 route add 2001:db8:0::/64 dev eth0</span></p><p style=\"text-align:left;\"><span style=\"\">ip -6 route add 2001:db8:1::/64 via 2001:db8:0::1</span><span style=\"text-decoration:none;\"> </span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]},{"x":583.0,"y":204.0,"rotation":0.0,"id":168,"width":272.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":39,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">ip -6 route add 2001:db8:2::/64 dev docker0</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[]}],"shapeStyles":{"com.gliffy.shape.basic.basic_v1.default":{"fill":"#e2e2e2","stroke":"#333333","strokeWidth":2,"dashStyle":"2.0,2.0","gradient":true,"shadow":true}},"lineStyles":{"global":{"stroke":"#000000","strokeWidth":1,"dashStyle":"8.0,8.0"}},"textStyles":{}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.basic.basic_v1.default","com.gliffy.libraries.flowchart.flowchart_v1.default","com.gliffy.libraries.swimlanes.swimlanes_v1.default","com.gliffy.libraries.uml.uml_v2.class","com.gliffy.libraries.uml.uml_v2.sequence","com.gliffy.libraries.uml.uml_v2.activity","com.gliffy.libraries.erd.erd_v1.default","com.gliffy.libraries.ui.ui_v3.containers_content","com.gliffy.libraries.ui.ui_v3.forms_controls","com.gliffy.libraries.images"],"autosaveDisabled":false},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/docs/userguide/networking/default_network/images/ipv6_switched_network_example.svg b/docs/userguide/networking/default_network/images/ipv6_switched_network_example.svg
new file mode 100644
index 00000000..4cbf709b
--- /dev/null
+++ b/docs/userguide/networking/default_network/images/ipv6_switched_network_example.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="912.767693574114" height="467.5"><style xmlns="http://www.w3.org/1999/xhtml"></style><defs><linearGradient id="tTmKplTTMsiu" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#e2e2e2"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="oLPowxNiyzWp" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#a4c2f4"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="pXOyUAUnGLnv" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#a4c2f4"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="UNWdxKXMRvQE" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#ead1dc"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="yUmhFNndNCTB" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#ead1dc"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="KUGWbORyJeGF" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#ead1dc"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="emTEOWhvfKgI" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#ead1dc"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient></defs><g transform="translate(0,0)"><g><rect fill="#FFFFFF" stroke="none" x="0" y="0" width="912.767693574114" height="467.5"/></g><g transform="translate(0,0) matrix(1,0,0,1,447.75,107.5)"><g><g transform="translate(0,0) scale(4.160000000000001,1.41)"><g><path fill="#FFFFFF" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(0.24038461538461534,0.7092198581560284)"><path fill="none" stroke="none" d="M 0 0 L 416.0000000000001 0 Q 416.0000000000001 0 416.0000000000001 0 L 416.0000000000001 141 Q 416.0000000000001 141 416.0000000000001 141 L 0 141 Q 0 141 0 141 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#333333" d="M 0 0 M 0 0 L 2 0 M 2 0 M 4 0 L 6 0 M 6 0 M 8 0 L 10 0 M 10 0 M 12 0 L 14 0 M 14 0 M 16 0 L 18 0 M 18 0 M 20 0 L 22 0 M 22 0 M 24 0 L 26 0 M 26 0 M 28 0 L 30 0 M 30 0 M 32 0 L 34 0 M 34 0 M 36 0 L 38 0 M 38 0 M 40 0 L 42 0 M 42 0 M 44 0 L 46 0 M 46 0 M 48 0 L 50 0 M 50 0 M 52 0 L 54 0 M 54 0 M 56 0 L 58 0 M 58 0 M 60 0 L 62 0 M 62 0 M 64 0 L 66 0 M 66 0 M 68 0 L 70 0 M 70 0 M 72 0 L 74 0 M 74 0 M 76 0 L 78 0 M 78 0 M 80 0 L 82 0 M 82 0 M 84 0 L 86 0 M 86 0 M 88 0 L 90 0 M 90 0 M 92 0 L 94 0 M 94 0 M 96 0 L 98 0 M 98 0 M 100 0 L 102 0 M 102 0 M 104 0 L 106 0 M 106 0 M 108 0 L 110 0 M 110 0 M 112 0 L 114 0 M 114 0 M 116 0 L 118 0 M 118 0 M 120 0 L 122 0 M 122 0 M 124 0 L 126 0 M 126 0 M 128 0 L 130 0 M 130 0 M 132 0 L 134 0 M 134 0 M 136 0 L 138 0 M 138 0 M 140 0 L 142 0 M 142 0 M 144 0 L 146 0 M 146 0 M 148 0 L 150 0 M 150 0 M 152 0 L 154 0 M 154 0 M 156 0 L 158 0 M 158 0 M 160 0 L 162 0 M 162 0 M 164 0 L 166 0 M 166 0 M 168 0 L 170 0 M 170 0 M 172 0 L 174 0 M 174 0 M 176 0 L 178 0 M 178 0 M 180 0 L 182 0 M 182 0 M 184 0 L 186 0 M 186 0 M 188 0 L 190 0 M 190 0 M 192 0 L 194 0 M 194 0 M 196 0 L 198 0 M 198 0 M 200 0 L 202 0 M 202 0 M 204 0 L 206 0 M 206 0 M 208 0 L 210 0 M 210 0 M 212 0 L 214 0 M 214 0 M 216 0 L 218 0 M 218 0 M 220 0 L 222 0 M 222 0 M 224 0 L 226 0 M 226 0 M 228 0 L 230 0 M 230 0 M 232 0 L 234 0 M 234 0 M 236 0 L 238 0 M 238 0 M 240 0 L 242 0 M 242 0 M 244 0 L 246 0 M 246 0 M 248 0 L 250 0 M 250 0 M 252 0 L 254 0 M 254 0 M 256 0 L 258 0 M 258 0 M 260 0 L 262 0 M 262 0 M 264 0 L 266 0 M 266 0 M 268 0 L 270 0 M 270 0 M 272 0 L 274 0 M 274 0 M 276 0 L 278 0 M 278 0 M 280 0 L 282 0 M 282 0 M 284 0 L 286 0 M 286 0 M 288 0 L 290 0 M 290 0 M 292 0 L 294 0 M 294 0 M 296 0 L 298 0 M 298 0 M 300 0 L 302 0 M 302 0 M 304 0 L 306 0 M 306 0 M 308 0 L 310 0 M 310 0 M 312 0 L 314 0 M 314 0 M 316 0 L 318 0 M 318 0 M 320 0 L 322 0 M 322 0 M 324 0 L 326 0 M 326 0 M 328 0 L 330 0 M 330 0 M 332 0 L 334 0 M 334 0 M 336 0 L 338 0 M 338 0 M 340 0 L 342 0 M 342 0 M 344 0 L 346 0 M 346 0 M 348 0 L 350 0 M 350 0 M 352 0 L 354 0 M 354 0 M 356 0 L 358 0 M 358 0 M 360 0 L 362 0 M 362 0 M 364 0 L 366 0 M 366 0 M 368 0 L 370 0 M 370 0 M 372 0 L 374 0 M 374 0 M 376 0 L 378 0 M 378 0 M 380 0 L 382 0 M 382 0 M 384 0 L 386 0 M 386 0 M 388 0 L 390 0 M 390 0 M 392 0 L 394 0 M 394 0 M 396 0 L 398 0 M 398 0 M 400 0 L 402 0 M 402 0 M 404 0 L 406 0 M 406 0 M 408 0 L 410 0 M 410 0 M 412 0 L 414 0 M 414 0 M 416 0 L 416.0000000000001 0 Q 416.0000000000001 0 416.0000000000001 0 L 416.0000000000001 1.9999999999998863 M 416.0000000000001 1.9999999999998863 M 416.0000000000001 3.9999999999998863 L 416.0000000000001 5.999999999999886 M 416.0000000000001 5.999999999999886 M 416.0000000000001 7.999999999999886 L 416.0000000000001 9.999999999999886 M 416.0000000000001 9.999999999999886 M 416.0000000000001 11.999999999999886 L 416.0000000000001 13.999999999999886 M 416.0000000000001 13.999999999999886 M 416.0000000000001 15.999999999999886 L 416.0000000000001 17.999999999999886 M 416.0000000000001 17.999999999999886 M 416.0000000000001 19.999999999999886 L 416.0000000000001 21.999999999999886 M 416.0000000000001 21.999999999999886 M 416.0000000000001 23.999999999999886 L 416.0000000000001 25.999999999999886 M 416.0000000000001 25.999999999999886 M 416.0000000000001 27.999999999999886 L 416.0000000000001 29.999999999999886 M 416.0000000000001 29.999999999999886 M 416.0000000000001 31.999999999999886 L 416.0000000000001 33.999999999999886 M 416.0000000000001 33.999999999999886 M 416.0000000000001 35.999999999999886 L 416.0000000000001 37.999999999999886 M 416.0000000000001 37.999999999999886 M 416.0000000000001 39.999999999999886 L 416.0000000000001 41.999999999999886 M 416.0000000000001 41.999999999999886 M 416.0000000000001 43.999999999999886 L 416.0000000000001 45.999999999999886 M 416.0000000000001 45.999999999999886 M 416.0000000000001 47.999999999999886 L 416.0000000000001 49.999999999999886 M 416.0000000000001 49.999999999999886 M 416.0000000000001 51.999999999999886 L 416.0000000000001 53.999999999999886 M 416.0000000000001 53.999999999999886 M 416.0000000000001 55.999999999999886 L 416.0000000000001 57.999999999999886 M 416.0000000000001 57.999999999999886 M 416.0000000000001 59.999999999999886 L 416.0000000000001 61.999999999999886 M 416.0000000000001 61.999999999999886 M 416.0000000000001 63.999999999999886 L 416.0000000000001 65.99999999999989 M 416.0000000000001 65.99999999999989 M 416.0000000000001 67.99999999999989 L 416.0000000000001 69.99999999999989 M 416.0000000000001 69.99999999999989 M 416.0000000000001 71.99999999999989 L 416.0000000000001 73.99999999999989 M 416.0000000000001 73.99999999999989 M 416.0000000000001 75.99999999999989 L 416.0000000000001 77.99999999999989 M 416.0000000000001 77.99999999999989 M 416.0000000000001 79.99999999999989 L 416.0000000000001 81.99999999999989 M 416.0000000000001 81.99999999999989 M 416.0000000000001 83.99999999999989 L 416.0000000000001 85.99999999999989 M 416.0000000000001 85.99999999999989 M 416.0000000000001 87.99999999999989 L 416.0000000000001 89.99999999999989 M 416.0000000000001 89.99999999999989 M 416.0000000000001 91.99999999999989 L 416.0000000000001 93.99999999999989 M 416.0000000000001 93.99999999999989 M 416.0000000000001 95.99999999999989 L 416.0000000000001 97.99999999999989 M 416.0000000000001 97.99999999999989 M 416.0000000000001 99.99999999999989 L 416.0000000000001 101.99999999999989 M 416.0000000000001 101.99999999999989 M 416.0000000000001 103.99999999999989 L 416.0000000000001 105.99999999999989 M 416.0000000000001 105.99999999999989 M 416.0000000000001 107.99999999999989 L 416.0000000000001 109.99999999999989 M 416.0000000000001 109.99999999999989 M 416.0000000000001 111.99999999999989 L 416.0000000000001 113.99999999999989 M 416.0000000000001 113.99999999999989 M 416.0000000000001 115.99999999999989 L 416.0000000000001 117.99999999999989 M 416.0000000000001 117.99999999999989 M 416.0000000000001 119.99999999999989 L 416.0000000000001 121.99999999999989 M 416.0000000000001 121.99999999999989 M 416.0000000000001 123.99999999999989 L 416.0000000000001 125.99999999999989 M 416.0000000000001 125.99999999999989 M 416.0000000000001 127.99999999999989 L 416.0000000000001 129.9999999999999 M 416.0000000000001 129.9999999999999 M 416.0000000000001 131.9999999999999 L 416.0000000000001 133.9999999999999 M 416.0000000000001 133.9999999999999 M 416.0000000000001 135.9999999999999 L 416.0000000000001 137.9999999999999 M 416.0000000000001 137.9999999999999 M 416.0000000000001 139.9999999999999 L 416.0000000000001 141 Q 416.0000000000001 141 416.0000000000001 141 L 415.0000000000002 141 M 415.0000000000002 141 M 413.0000000000002 141 L 411.0000000000002 141 M 411.0000000000002 141 M 409.0000000000002 141 L 407.0000000000002 141 M 407.0000000000002 141 M 405.0000000000002 141 L 403.0000000000002 141 M 403.0000000000002 141 M 401.0000000000002 141 L 399.0000000000002 141 M 399.0000000000002 141 M 397.0000000000002 141 L 395.0000000000002 141 M 395.0000000000002 141 M 393.0000000000002 141 L 391.0000000000002 141 M 391.0000000000002 141 M 389.0000000000002 141 L 387.0000000000002 141 M 387.0000000000002 141 M 385.0000000000002 141 L 383.0000000000002 141 M 383.0000000000002 141 M 381.0000000000002 141 L 379.0000000000002 141 M 379.0000000000002 141 M 377.0000000000002 141 L 375.0000000000002 141 M 375.0000000000002 141 M 373.0000000000002 141 L 371.0000000000002 141 M 371.0000000000002 141 M 369.0000000000002 141 L 367.0000000000002 141 M 367.0000000000002 141 M 365.0000000000002 141 L 363.0000000000002 141 M 363.0000000000002 141 M 361.0000000000002 141 L 359.0000000000002 141 M 359.0000000000002 141 M 357.0000000000002 141 L 355.0000000000002 141 M 355.0000000000002 141 M 353.0000000000002 141 L 351.0000000000002 141 M 351.0000000000002 141 M 349.0000000000002 141 L 347.0000000000002 141 M 347.0000000000002 141 M 345.0000000000002 141 L 343.0000000000002 141 M 343.0000000000002 141 M 341.0000000000002 141 L 339.0000000000002 141 M 339.0000000000002 141 M 337.0000000000002 141 L 335.0000000000002 141 M 335.0000000000002 141 M 333.0000000000002 141 L 331.0000000000002 141 M 331.0000000000002 141 M 329.0000000000002 141 L 327.0000000000002 141 M 327.0000000000002 141 M 325.0000000000002 141 L 323.0000000000002 141 M 323.0000000000002 141 M 321.0000000000002 141 L 319.0000000000002 141 M 319.0000000000002 141 M 317.0000000000002 141 L 315.0000000000002 141 M 315.0000000000002 141 M 313.0000000000002 141 L 311.0000000000002 141 M 311.0000000000002 141 M 309.0000000000002 141 L 307.0000000000002 141 M 307.0000000000002 141 M 305.0000000000002 141 L 303.0000000000002 141 M 303.0000000000002 141 M 301.0000000000002 141 L 299.0000000000002 141 M 299.0000000000002 141 M 297.0000000000002 141 L 295.0000000000002 141 M 295.0000000000002 141 M 293.0000000000002 141 L 291.0000000000002 141 M 291.0000000000002 141 M 289.0000000000002 141 L 287.0000000000002 141 M 287.0000000000002 141 M 285.0000000000002 141 L 283.0000000000002 141 M 283.0000000000002 141 M 281.0000000000002 141 L 279.0000000000002 141 M 279.0000000000002 141 M 277.0000000000002 141 L 275.0000000000002 141 M 275.0000000000002 141 M 273.0000000000002 141 L 271.0000000000002 141 M 271.0000000000002 141 M 269.0000000000002 141 L 267.0000000000002 141 M 267.0000000000002 141 M 265.0000000000002 141 L 263.0000000000002 141 M 263.0000000000002 141 M 261.0000000000002 141 L 259.0000000000002 141 M 259.0000000000002 141 M 257.0000000000002 141 L 255.00000000000023 141 M 255.00000000000023 141 M 253.00000000000023 141 L 251.00000000000023 141 M 251.00000000000023 141 M 249.00000000000023 141 L 247.00000000000023 141 M 247.00000000000023 141 M 245.00000000000023 141 L 243.00000000000023 141 M 243.00000000000023 141 M 241.00000000000023 141 L 239.00000000000023 141 M 239.00000000000023 141 M 237.00000000000023 141 L 235.00000000000023 141 M 235.00000000000023 141 M 233.00000000000023 141 L 231.00000000000023 141 M 231.00000000000023 141 M 229.00000000000023 141 L 227.00000000000023 141 M 227.00000000000023 141 M 225.00000000000023 141 L 223.00000000000023 141 M 223.00000000000023 141 M 221.00000000000023 141 L 219.00000000000023 141 M 219.00000000000023 141 M 217.00000000000023 141 L 215.00000000000023 141 M 215.00000000000023 141 M 213.00000000000023 141 L 211.00000000000023 141 M 211.00000000000023 141 M 209.00000000000023 141 L 207.00000000000023 141 M 207.00000000000023 141 M 205.00000000000023 141 L 203.00000000000023 141 M 203.00000000000023 141 M 201.00000000000023 141 L 199.00000000000023 141 M 199.00000000000023 141 M 197.00000000000023 141 L 195.00000000000023 141 M 195.00000000000023 141 M 193.00000000000023 141 L 191.00000000000023 141 M 191.00000000000023 141 M 189.00000000000023 141 L 187.00000000000023 141 M 187.00000000000023 141 M 185.00000000000023 141 L 183.00000000000023 141 M 183.00000000000023 141 M 181.00000000000023 141 L 179.00000000000023 141 M 179.00000000000023 141 M 177.00000000000023 141 L 175.00000000000023 141 M 175.00000000000023 141 M 173.00000000000023 141 L 171.00000000000023 141 M 171.00000000000023 141 M 169.00000000000023 141 L 167.00000000000023 141 M 167.00000000000023 141 M 165.00000000000023 141 L 163.00000000000023 141 M 163.00000000000023 141 M 161.00000000000023 141 L 159.00000000000023 141 M 159.00000000000023 141 M 157.00000000000023 141 L 155.00000000000023 141 M 155.00000000000023 141 M 153.00000000000023 141 L 151.00000000000023 141 M 151.00000000000023 141 M 149.00000000000023 141 L 147.00000000000023 141 M 147.00000000000023 141 M 145.00000000000023 141 L 143.00000000000023 141 M 143.00000000000023 141 M 141.00000000000023 141 L 139.00000000000023 141 M 139.00000000000023 141 M 137.00000000000023 141 L 135.00000000000023 141 M 135.00000000000023 141 M 133.00000000000023 141 L 131.00000000000023 141 M 131.00000000000023 141 M 129.00000000000023 141 L 127.00000000000023 141 M 127.00000000000023 141 M 125.00000000000023 141 L 123.00000000000023 141 M 123.00000000000023 141 M 121.00000000000023 141 L 119.00000000000023 141 M 119.00000000000023 141 M 117.00000000000023 141 L 115.00000000000023 141 M 115.00000000000023 141 M 113.00000000000023 141 L 111.00000000000023 141 M 111.00000000000023 141 M 109.00000000000023 141 L 107.00000000000023 141 M 107.00000000000023 141 M 105.00000000000023 141 L 103.00000000000023 141 M 103.00000000000023 141 M 101.00000000000023 141 L 99.00000000000023 141 M 99.00000000000023 141 M 97.00000000000023 141 L 95.00000000000023 141 M 95.00000000000023 141 M 93.00000000000023 141 L 91.00000000000023 141 M 91.00000000000023 141 M 89.00000000000023 141 L 87.00000000000023 141 M 87.00000000000023 141 M 85.00000000000023 141 L 83.00000000000023 141 M 83.00000000000023 141 M 81.00000000000023 141 L 79.00000000000023 141 M 79.00000000000023 141 M 77.00000000000023 141 L 75.00000000000023 141 M 75.00000000000023 141 M 73.00000000000023 141 L 71.00000000000023 141 M 71.00000000000023 141 M 69.00000000000023 141 L 67.00000000000023 141 M 67.00000000000023 141 M 65.00000000000023 141 L 63.00000000000023 141 M 63.00000000000023 141 M 61.00000000000023 141 L 59.00000000000023 141 M 59.00000000000023 141 M 57.00000000000023 141 L 55.00000000000023 141 M 55.00000000000023 141 M 53.00000000000023 141 L 51.00000000000023 141 M 51.00000000000023 141 M 49.00000000000023 141 L 47.00000000000023 141 M 47.00000000000023 141 M 45.00000000000023 141 L 43.00000000000023 141 M 43.00000000000023 141 M 41.00000000000023 141 L 39.00000000000023 141 M 39.00000000000023 141 M 37.00000000000023 141 L 35.00000000000023 141 M 35.00000000000023 141 M 33.00000000000023 141 L 31.000000000000227 141 M 31.000000000000227 141 M 29.000000000000227 141 L 27.000000000000227 141 M 27.000000000000227 141 M 25.000000000000227 141 L 23.000000000000227 141 M 23.000000000000227 141 M 21.000000000000227 141 L 19.000000000000227 141 M 19.000000000000227 141 M 17.000000000000227 141 L 15.000000000000227 141 M 15.000000000000227 141 M 13.000000000000227 141 L 11.000000000000227 141 M 11.000000000000227 141 M 9.000000000000227 141 L 7.000000000000227 141 M 7.000000000000227 141 M 5.000000000000227 141 L 3.0000000000002274 141 M 3.0000000000002274 141 M 1.0000000000002274 141 L 0 141 Q 0 141 0 141 L 0 140.00000000000023 M 0 140.00000000000023 M 0 138.00000000000023 L 0 136.00000000000023 M 0 136.00000000000023 M 0 134.00000000000023 L 0 132.00000000000023 M 0 132.00000000000023 M 0 130.00000000000023 L 0 128.00000000000023 M 0 128.00000000000023 M 0 126.00000000000023 L 0 124.00000000000023 M 0 124.00000000000023 M 0 122.00000000000023 L 0 120.00000000000023 M 0 120.00000000000023 M 0 118.00000000000023 L 0 116.00000000000023 M 0 116.00000000000023 M 0 114.00000000000023 L 0 112.00000000000023 M 0 112.00000000000023 M 0 110.00000000000023 L 0 108.00000000000023 M 0 108.00000000000023 M 0 106.00000000000023 L 0 104.00000000000023 M 0 104.00000000000023 M 0 102.00000000000023 L 0 100.00000000000023 M 0 100.00000000000023 M 0 98.00000000000023 L 0 96.00000000000023 M 0 96.00000000000023 M 0 94.00000000000023 L 0 92.00000000000023 M 0 92.00000000000023 M 0 90.00000000000023 L 0 88.00000000000023 M 0 88.00000000000023 M 0 86.00000000000023 L 0 84.00000000000023 M 0 84.00000000000023 M 0 82.00000000000023 L 0 80.00000000000023 M 0 80.00000000000023 M 0 78.00000000000023 L 0 76.00000000000023 M 0 76.00000000000023 M 0 74.00000000000023 L 0 72.00000000000023 M 0 72.00000000000023 M 0 70.00000000000023 L 0 68.00000000000023 M 0 68.00000000000023 M 0 66.00000000000023 L 0 64.00000000000023 M 0 64.00000000000023 M 0 62.00000000000023 L 0 60.00000000000023 M 0 60.00000000000023 M 0 58.00000000000023 L 0 56.00000000000023 M 0 56.00000000000023 M 0 54.00000000000023 L 0 52.00000000000023 M 0 52.00000000000023 M 0 50.00000000000023 L 0 48.00000000000023 M 0 48.00000000000023 M 0 46.00000000000023 L 0 44.00000000000023 M 0 44.00000000000023 M 0 42.00000000000023 L 0 40.00000000000023 M 0 40.00000000000023 M 0 38.00000000000023 L 0 36.00000000000023 M 0 36.00000000000023 M 0 34.00000000000023 L 0 32.00000000000023 M 0 32.00000000000023 M 0 30.000000000000227 L 0 28.000000000000227 M 0 28.000000000000227 M 0 26.000000000000227 L 0 24.000000000000227 M 0 24.000000000000227 M 0 22.000000000000227 L 0 20.000000000000227 M 0 20.000000000000227 M 0 18.000000000000227 L 0 16.000000000000227 M 0 16.000000000000227 M 0 14.000000000000227 L 0 12.000000000000227 M 0 12.000000000000227 M 0 10.000000000000227 L 0 8.000000000000227 M 0 8.000000000000227 M 0 6.000000000000227 L 0 4.000000000000227 M 0 4.000000000000227 M 0 2.0000000000002274 L 0 2.2737367544323206e-13 M 0 2.2737367544323206e-13 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,3.4999999999999716,107.5)"><g><g transform="translate(0,0) scale(4.11,1.41)"><g><path fill="#FFFFFF" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(0.24330900243309,0.7092198581560284)"><path fill="none" stroke="none" d="M 0 0 L 411.00000000000006 0 Q 411.00000000000006 0 411.00000000000006 0 L 411.00000000000006 141 Q 411.00000000000006 141 411.00000000000006 141 L 0 141 Q 0 141 0 141 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#333333" d="M 0 0 M 0 0 L 2 0 M 2 0 M 4 0 L 6 0 M 6 0 M 8 0 L 10 0 M 10 0 M 12 0 L 14 0 M 14 0 M 16 0 L 18 0 M 18 0 M 20 0 L 22 0 M 22 0 M 24 0 L 26 0 M 26 0 M 28 0 L 30 0 M 30 0 M 32 0 L 34 0 M 34 0 M 36 0 L 38 0 M 38 0 M 40 0 L 42 0 M 42 0 M 44 0 L 46 0 M 46 0 M 48 0 L 50 0 M 50 0 M 52 0 L 54 0 M 54 0 M 56 0 L 58 0 M 58 0 M 60 0 L 62 0 M 62 0 M 64 0 L 66 0 M 66 0 M 68 0 L 70 0 M 70 0 M 72 0 L 74 0 M 74 0 M 76 0 L 78 0 M 78 0 M 80 0 L 82 0 M 82 0 M 84 0 L 86 0 M 86 0 M 88 0 L 90 0 M 90 0 M 92 0 L 94 0 M 94 0 M 96 0 L 98 0 M 98 0 M 100 0 L 102 0 M 102 0 M 104 0 L 106 0 M 106 0 M 108 0 L 110 0 M 110 0 M 112 0 L 114 0 M 114 0 M 116 0 L 118 0 M 118 0 M 120 0 L 122 0 M 122 0 M 124 0 L 126 0 M 126 0 M 128 0 L 130 0 M 130 0 M 132 0 L 134 0 M 134 0 M 136 0 L 138 0 M 138 0 M 140 0 L 142 0 M 142 0 M 144 0 L 146 0 M 146 0 M 148 0 L 150 0 M 150 0 M 152 0 L 154 0 M 154 0 M 156 0 L 158 0 M 158 0 M 160 0 L 162 0 M 162 0 M 164 0 L 166 0 M 166 0 M 168 0 L 170 0 M 170 0 M 172 0 L 174 0 M 174 0 M 176 0 L 178 0 M 178 0 M 180 0 L 182 0 M 182 0 M 184 0 L 186 0 M 186 0 M 188 0 L 190 0 M 190 0 M 192 0 L 194 0 M 194 0 M 196 0 L 198 0 M 198 0 M 200 0 L 202 0 M 202 0 M 204 0 L 206 0 M 206 0 M 208 0 L 210 0 M 210 0 M 212 0 L 214 0 M 214 0 M 216 0 L 218 0 M 218 0 M 220 0 L 222 0 M 222 0 M 224 0 L 226 0 M 226 0 M 228 0 L 230 0 M 230 0 M 232 0 L 234 0 M 234 0 M 236 0 L 238 0 M 238 0 M 240 0 L 242 0 M 242 0 M 244 0 L 246 0 M 246 0 M 248 0 L 250 0 M 250 0 M 252 0 L 254 0 M 254 0 M 256 0 L 258 0 M 258 0 M 260 0 L 262 0 M 262 0 M 264 0 L 266 0 M 266 0 M 268 0 L 270 0 M 270 0 M 272 0 L 274 0 M 274 0 M 276 0 L 278 0 M 278 0 M 280 0 L 282 0 M 282 0 M 284 0 L 286 0 M 286 0 M 288 0 L 290 0 M 290 0 M 292 0 L 294 0 M 294 0 M 296 0 L 298 0 M 298 0 M 300 0 L 302 0 M 302 0 M 304 0 L 306 0 M 306 0 M 308 0 L 310 0 M 310 0 M 312 0 L 314 0 M 314 0 M 316 0 L 318 0 M 318 0 M 320 0 L 322 0 M 322 0 M 324 0 L 326 0 M 326 0 M 328 0 L 330 0 M 330 0 M 332 0 L 334 0 M 334 0 M 336 0 L 338 0 M 338 0 M 340 0 L 342 0 M 342 0 M 344 0 L 346 0 M 346 0 M 348 0 L 350 0 M 350 0 M 352 0 L 354 0 M 354 0 M 356 0 L 358 0 M 358 0 M 360 0 L 362 0 M 362 0 M 364 0 L 366 0 M 366 0 M 368 0 L 370 0 M 370 0 M 372 0 L 374 0 M 374 0 M 376 0 L 378 0 M 378 0 M 380 0 L 382 0 M 382 0 M 384 0 L 386 0 M 386 0 M 388 0 L 390 0 M 390 0 M 392 0 L 394 0 M 394 0 M 396 0 L 398 0 M 398 0 M 400 0 L 402 0 M 402 0 M 404 0 L 406 0 M 406 0 M 408 0 L 410 0 M 410 0 M 411.00000000000006 0.9999999999999432 L 411.00000000000006 2.999999999999943 M 411.00000000000006 2.999999999999943 M 411.00000000000006 4.999999999999943 L 411.00000000000006 6.999999999999943 M 411.00000000000006 6.999999999999943 M 411.00000000000006 8.999999999999943 L 411.00000000000006 10.999999999999943 M 411.00000000000006 10.999999999999943 M 411.00000000000006 12.999999999999943 L 411.00000000000006 14.999999999999943 M 411.00000000000006 14.999999999999943 M 411.00000000000006 16.999999999999943 L 411.00000000000006 18.999999999999943 M 411.00000000000006 18.999999999999943 M 411.00000000000006 20.999999999999943 L 411.00000000000006 22.999999999999943 M 411.00000000000006 22.999999999999943 M 411.00000000000006 24.999999999999943 L 411.00000000000006 26.999999999999943 M 411.00000000000006 26.999999999999943 M 411.00000000000006 28.999999999999943 L 411.00000000000006 30.999999999999943 M 411.00000000000006 30.999999999999943 M 411.00000000000006 32.99999999999994 L 411.00000000000006 34.99999999999994 M 411.00000000000006 34.99999999999994 M 411.00000000000006 36.99999999999994 L 411.00000000000006 38.99999999999994 M 411.00000000000006 38.99999999999994 M 411.00000000000006 40.99999999999994 L 411.00000000000006 42.99999999999994 M 411.00000000000006 42.99999999999994 M 411.00000000000006 44.99999999999994 L 411.00000000000006 46.99999999999994 M 411.00000000000006 46.99999999999994 M 411.00000000000006 48.99999999999994 L 411.00000000000006 50.99999999999994 M 411.00000000000006 50.99999999999994 M 411.00000000000006 52.99999999999994 L 411.00000000000006 54.99999999999994 M 411.00000000000006 54.99999999999994 M 411.00000000000006 56.99999999999994 L 411.00000000000006 58.99999999999994 M 411.00000000000006 58.99999999999994 M 411.00000000000006 60.99999999999994 L 411.00000000000006 62.99999999999994 M 411.00000000000006 62.99999999999994 M 411.00000000000006 64.99999999999994 L 411.00000000000006 66.99999999999994 M 411.00000000000006 66.99999999999994 M 411.00000000000006 68.99999999999994 L 411.00000000000006 70.99999999999994 M 411.00000000000006 70.99999999999994 M 411.00000000000006 72.99999999999994 L 411.00000000000006 74.99999999999994 M 411.00000000000006 74.99999999999994 M 411.00000000000006 76.99999999999994 L 411.00000000000006 78.99999999999994 M 411.00000000000006 78.99999999999994 M 411.00000000000006 80.99999999999994 L 411.00000000000006 82.99999999999994 M 411.00000000000006 82.99999999999994 M 411.00000000000006 84.99999999999994 L 411.00000000000006 86.99999999999994 M 411.00000000000006 86.99999999999994 M 411.00000000000006 88.99999999999994 L 411.00000000000006 90.99999999999994 M 411.00000000000006 90.99999999999994 M 411.00000000000006 92.99999999999994 L 411.00000000000006 94.99999999999994 M 411.00000000000006 94.99999999999994 M 411.00000000000006 96.99999999999994 L 411.00000000000006 98.99999999999994 M 411.00000000000006 98.99999999999994 M 411.00000000000006 100.99999999999994 L 411.00000000000006 102.99999999999994 M 411.00000000000006 102.99999999999994 M 411.00000000000006 104.99999999999994 L 411.00000000000006 106.99999999999994 M 411.00000000000006 106.99999999999994 M 411.00000000000006 108.99999999999994 L 411.00000000000006 110.99999999999994 M 411.00000000000006 110.99999999999994 M 411.00000000000006 112.99999999999994 L 411.00000000000006 114.99999999999994 M 411.00000000000006 114.99999999999994 M 411.00000000000006 116.99999999999994 L 411.00000000000006 118.99999999999994 M 411.00000000000006 118.99999999999994 M 411.00000000000006 120.99999999999994 L 411.00000000000006 122.99999999999994 M 411.00000000000006 122.99999999999994 M 411.00000000000006 124.99999999999994 L 411.00000000000006 126.99999999999994 M 411.00000000000006 126.99999999999994 M 411.00000000000006 128.99999999999994 L 411.00000000000006 130.99999999999994 M 411.00000000000006 130.99999999999994 M 411.00000000000006 132.99999999999994 L 411.00000000000006 134.99999999999994 M 411.00000000000006 134.99999999999994 M 411.00000000000006 136.99999999999994 L 411.00000000000006 138.99999999999994 M 411.00000000000006 138.99999999999994 M 411.00000000000006 140.99999999999994 L 411.00000000000006 141 Q 411.00000000000006 141 411.00000000000006 141 L 409.0000000000001 141 M 409.0000000000001 141 M 407.0000000000001 141 L 405.0000000000001 141 M 405.0000000000001 141 M 403.0000000000001 141 L 401.0000000000001 141 M 401.0000000000001 141 M 399.0000000000001 141 L 397.0000000000001 141 M 397.0000000000001 141 M 395.0000000000001 141 L 393.0000000000001 141 M 393.0000000000001 141 M 391.0000000000001 141 L 389.0000000000001 141 M 389.0000000000001 141 M 387.0000000000001 141 L 385.0000000000001 141 M 385.0000000000001 141 M 383.0000000000001 141 L 381.0000000000001 141 M 381.0000000000001 141 M 379.0000000000001 141 L 377.0000000000001 141 M 377.0000000000001 141 M 375.0000000000001 141 L 373.0000000000001 141 M 373.0000000000001 141 M 371.0000000000001 141 L 369.0000000000001 141 M 369.0000000000001 141 M 367.0000000000001 141 L 365.0000000000001 141 M 365.0000000000001 141 M 363.0000000000001 141 L 361.0000000000001 141 M 361.0000000000001 141 M 359.0000000000001 141 L 357.0000000000001 141 M 357.0000000000001 141 M 355.0000000000001 141 L 353.0000000000001 141 M 353.0000000000001 141 M 351.0000000000001 141 L 349.0000000000001 141 M 349.0000000000001 141 M 347.0000000000001 141 L 345.0000000000001 141 M 345.0000000000001 141 M 343.0000000000001 141 L 341.0000000000001 141 M 341.0000000000001 141 M 339.0000000000001 141 L 337.0000000000001 141 M 337.0000000000001 141 M 335.0000000000001 141 L 333.0000000000001 141 M 333.0000000000001 141 M 331.0000000000001 141 L 329.0000000000001 141 M 329.0000000000001 141 M 327.0000000000001 141 L 325.0000000000001 141 M 325.0000000000001 141 M 323.0000000000001 141 L 321.0000000000001 141 M 321.0000000000001 141 M 319.0000000000001 141 L 317.0000000000001 141 M 317.0000000000001 141 M 315.0000000000001 141 L 313.0000000000001 141 M 313.0000000000001 141 M 311.0000000000001 141 L 309.0000000000001 141 M 309.0000000000001 141 M 307.0000000000001 141 L 305.0000000000001 141 M 305.0000000000001 141 M 303.0000000000001 141 L 301.0000000000001 141 M 301.0000000000001 141 M 299.0000000000001 141 L 297.0000000000001 141 M 297.0000000000001 141 M 295.0000000000001 141 L 293.0000000000001 141 M 293.0000000000001 141 M 291.0000000000001 141 L 289.0000000000001 141 M 289.0000000000001 141 M 287.0000000000001 141 L 285.0000000000001 141 M 285.0000000000001 141 M 283.0000000000001 141 L 281.0000000000001 141 M 281.0000000000001 141 M 279.0000000000001 141 L 277.0000000000001 141 M 277.0000000000001 141 M 275.0000000000001 141 L 273.0000000000001 141 M 273.0000000000001 141 M 271.0000000000001 141 L 269.0000000000001 141 M 269.0000000000001 141 M 267.0000000000001 141 L 265.0000000000001 141 M 265.0000000000001 141 M 263.0000000000001 141 L 261.0000000000001 141 M 261.0000000000001 141 M 259.0000000000001 141 L 257.0000000000001 141 M 257.0000000000001 141 M 255.0000000000001 141 L 253.0000000000001 141 M 253.0000000000001 141 M 251.0000000000001 141 L 249.0000000000001 141 M 249.0000000000001 141 M 247.0000000000001 141 L 245.0000000000001 141 M 245.0000000000001 141 M 243.0000000000001 141 L 241.0000000000001 141 M 241.0000000000001 141 M 239.0000000000001 141 L 237.0000000000001 141 M 237.0000000000001 141 M 235.0000000000001 141 L 233.0000000000001 141 M 233.0000000000001 141 M 231.0000000000001 141 L 229.0000000000001 141 M 229.0000000000001 141 M 227.0000000000001 141 L 225.0000000000001 141 M 225.0000000000001 141 M 223.0000000000001 141 L 221.0000000000001 141 M 221.0000000000001 141 M 219.0000000000001 141 L 217.0000000000001 141 M 217.0000000000001 141 M 215.0000000000001 141 L 213.0000000000001 141 M 213.0000000000001 141 M 211.0000000000001 141 L 209.0000000000001 141 M 209.0000000000001 141 M 207.0000000000001 141 L 205.0000000000001 141 M 205.0000000000001 141 M 203.0000000000001 141 L 201.0000000000001 141 M 201.0000000000001 141 M 199.0000000000001 141 L 197.0000000000001 141 M 197.0000000000001 141 M 195.0000000000001 141 L 193.0000000000001 141 M 193.0000000000001 141 M 191.0000000000001 141 L 189.0000000000001 141 M 189.0000000000001 141 M 187.0000000000001 141 L 185.0000000000001 141 M 185.0000000000001 141 M 183.0000000000001 141 L 181.0000000000001 141 M 181.0000000000001 141 M 179.0000000000001 141 L 177.0000000000001 141 M 177.0000000000001 141 M 175.0000000000001 141 L 173.0000000000001 141 M 173.0000000000001 141 M 171.0000000000001 141 L 169.0000000000001 141 M 169.0000000000001 141 M 167.0000000000001 141 L 165.0000000000001 141 M 165.0000000000001 141 M 163.0000000000001 141 L 161.0000000000001 141 M 161.0000000000001 141 M 159.0000000000001 141 L 157.0000000000001 141 M 157.0000000000001 141 M 155.0000000000001 141 L 153.0000000000001 141 M 153.0000000000001 141 M 151.0000000000001 141 L 149.0000000000001 141 M 149.0000000000001 141 M 147.0000000000001 141 L 145.0000000000001 141 M 145.0000000000001 141 M 143.0000000000001 141 L 141.0000000000001 141 M 141.0000000000001 141 M 139.0000000000001 141 L 137.0000000000001 141 M 137.0000000000001 141 M 135.0000000000001 141 L 133.0000000000001 141 M 133.0000000000001 141 M 131.0000000000001 141 L 129.0000000000001 141 M 129.0000000000001 141 M 127.00000000000011 141 L 125.00000000000011 141 M 125.00000000000011 141 M 123.00000000000011 141 L 121.00000000000011 141 M 121.00000000000011 141 M 119.00000000000011 141 L 117.00000000000011 141 M 117.00000000000011 141 M 115.00000000000011 141 L 113.00000000000011 141 M 113.00000000000011 141 M 111.00000000000011 141 L 109.00000000000011 141 M 109.00000000000011 141 M 107.00000000000011 141 L 105.00000000000011 141 M 105.00000000000011 141 M 103.00000000000011 141 L 101.00000000000011 141 M 101.00000000000011 141 M 99.00000000000011 141 L 97.00000000000011 141 M 97.00000000000011 141 M 95.00000000000011 141 L 93.00000000000011 141 M 93.00000000000011 141 M 91.00000000000011 141 L 89.00000000000011 141 M 89.00000000000011 141 M 87.00000000000011 141 L 85.00000000000011 141 M 85.00000000000011 141 M 83.00000000000011 141 L 81.00000000000011 141 M 81.00000000000011 141 M 79.00000000000011 141 L 77.00000000000011 141 M 77.00000000000011 141 M 75.00000000000011 141 L 73.00000000000011 141 M 73.00000000000011 141 M 71.00000000000011 141 L 69.00000000000011 141 M 69.00000000000011 141 M 67.00000000000011 141 L 65.00000000000011 141 M 65.00000000000011 141 M 63.000000000000114 141 L 61.000000000000114 141 M 61.000000000000114 141 M 59.000000000000114 141 L 57.000000000000114 141 M 57.000000000000114 141 M 55.000000000000114 141 L 53.000000000000114 141 M 53.000000000000114 141 M 51.000000000000114 141 L 49.000000000000114 141 M 49.000000000000114 141 M 47.000000000000114 141 L 45.000000000000114 141 M 45.000000000000114 141 M 43.000000000000114 141 L 41.000000000000114 141 M 41.000000000000114 141 M 39.000000000000114 141 L 37.000000000000114 141 M 37.000000000000114 141 M 35.000000000000114 141 L 33.000000000000114 141 M 33.000000000000114 141 M 31.000000000000114 141 L 29.000000000000114 141 M 29.000000000000114 141 M 27.000000000000114 141 L 25.000000000000114 141 M 25.000000000000114 141 M 23.000000000000114 141 L 21.000000000000114 141 M 21.000000000000114 141 M 19.000000000000114 141 L 17.000000000000114 141 M 17.000000000000114 141 M 15.000000000000114 141 L 13.000000000000114 141 M 13.000000000000114 141 M 11.000000000000114 141 L 9.000000000000114 141 M 9.000000000000114 141 M 7.000000000000114 141 L 5.000000000000114 141 M 5.000000000000114 141 M 3.0000000000001137 141 L 1.0000000000001137 141 M 1.0000000000001137 141 M 0 140.0000000000001 L 0 138.0000000000001 M 0 138.0000000000001 M 0 136.0000000000001 L 0 134.0000000000001 M 0 134.0000000000001 M 0 132.0000000000001 L 0 130.0000000000001 M 0 130.0000000000001 M 0 128.0000000000001 L 0 126.00000000000011 M 0 126.00000000000011 M 0 124.00000000000011 L 0 122.00000000000011 M 0 122.00000000000011 M 0 120.00000000000011 L 0 118.00000000000011 M 0 118.00000000000011 M 0 116.00000000000011 L 0 114.00000000000011 M 0 114.00000000000011 M 0 112.00000000000011 L 0 110.00000000000011 M 0 110.00000000000011 M 0 108.00000000000011 L 0 106.00000000000011 M 0 106.00000000000011 M 0 104.00000000000011 L 0 102.00000000000011 M 0 102.00000000000011 M 0 100.00000000000011 L 0 98.00000000000011 M 0 98.00000000000011 M 0 96.00000000000011 L 0 94.00000000000011 M 0 94.00000000000011 M 0 92.00000000000011 L 0 90.00000000000011 M 0 90.00000000000011 M 0 88.00000000000011 L 0 86.00000000000011 M 0 86.00000000000011 M 0 84.00000000000011 L 0 82.00000000000011 M 0 82.00000000000011 M 0 80.00000000000011 L 0 78.00000000000011 M 0 78.00000000000011 M 0 76.00000000000011 L 0 74.00000000000011 M 0 74.00000000000011 M 0 72.00000000000011 L 0 70.00000000000011 M 0 70.00000000000011 M 0 68.00000000000011 L 0 66.00000000000011 M 0 66.00000000000011 M 0 64.00000000000011 L 0 62.000000000000114 M 0 62.000000000000114 M 0 60.000000000000114 L 0 58.000000000000114 M 0 58.000000000000114 M 0 56.000000000000114 L 0 54.000000000000114 M 0 54.000000000000114 M 0 52.000000000000114 L 0 50.000000000000114 M 0 50.000000000000114 M 0 48.000000000000114 L 0 46.000000000000114 M 0 46.000000000000114 M 0 44.000000000000114 L 0 42.000000000000114 M 0 42.000000000000114 M 0 40.000000000000114 L 0 38.000000000000114 M 0 38.000000000000114 M 0 36.000000000000114 L 0 34.000000000000114 M 0 34.000000000000114 M 0 32.000000000000114 L 0 30.000000000000114 M 0 30.000000000000114 M 0 28.000000000000114 L 0 26.000000000000114 M 0 26.000000000000114 M 0 24.000000000000114 L 0 22.000000000000114 M 0 22.000000000000114 M 0 20.000000000000114 L 0 18.000000000000114 M 0 18.000000000000114 M 0 16.000000000000114 L 0 14.000000000000114 M 0 14.000000000000114 M 0 12.000000000000114 L 0 10.000000000000114 M 0 10.000000000000114 M 0 8.000000000000114 L 0 6.000000000000114 M 0 6.000000000000114 M 0 4.000000000000114 L 0 2.0000000000001137 M 0 2.0000000000001137 M 0 1.1368683772161603e-13 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,447.75,268.5)"><g><g transform="translate(0,0) scale(4.160000000000001,1.63)"><g><path fill="#FFFFFF" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(0.24038461538461534,0.6134969325153374)"><path fill="none" stroke="none" d="M 0 0 L 416.0000000000001 0 Q 416.0000000000001 0 416.0000000000001 0 L 416.0000000000001 163 Q 416.0000000000001 163 416.0000000000001 163 L 0 163 Q 0 163 0 163 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#333333" d="M 0 0 M 0 0 L 2 0 M 2 0 M 4 0 L 6 0 M 6 0 M 8 0 L 10 0 M 10 0 M 12 0 L 14 0 M 14 0 M 16 0 L 18 0 M 18 0 M 20 0 L 22 0 M 22 0 M 24 0 L 26 0 M 26 0 M 28 0 L 30 0 M 30 0 M 32 0 L 34 0 M 34 0 M 36 0 L 38 0 M 38 0 M 40 0 L 42 0 M 42 0 M 44 0 L 46 0 M 46 0 M 48 0 L 50 0 M 50 0 M 52 0 L 54 0 M 54 0 M 56 0 L 58 0 M 58 0 M 60 0 L 62 0 M 62 0 M 64 0 L 66 0 M 66 0 M 68 0 L 70 0 M 70 0 M 72 0 L 74 0 M 74 0 M 76 0 L 78 0 M 78 0 M 80 0 L 82 0 M 82 0 M 84 0 L 86 0 M 86 0 M 88 0 L 90 0 M 90 0 M 92 0 L 94 0 M 94 0 M 96 0 L 98 0 M 98 0 M 100 0 L 102 0 M 102 0 M 104 0 L 106 0 M 106 0 M 108 0 L 110 0 M 110 0 M 112 0 L 114 0 M 114 0 M 116 0 L 118 0 M 118 0 M 120 0 L 122 0 M 122 0 M 124 0 L 126 0 M 126 0 M 128 0 L 130 0 M 130 0 M 132 0 L 134 0 M 134 0 M 136 0 L 138 0 M 138 0 M 140 0 L 142 0 M 142 0 M 144 0 L 146 0 M 146 0 M 148 0 L 150 0 M 150 0 M 152 0 L 154 0 M 154 0 M 156 0 L 158 0 M 158 0 M 160 0 L 162 0 M 162 0 M 164 0 L 166 0 M 166 0 M 168 0 L 170 0 M 170 0 M 172 0 L 174 0 M 174 0 M 176 0 L 178 0 M 178 0 M 180 0 L 182 0 M 182 0 M 184 0 L 186 0 M 186 0 M 188 0 L 190 0 M 190 0 M 192 0 L 194 0 M 194 0 M 196 0 L 198 0 M 198 0 M 200 0 L 202 0 M 202 0 M 204 0 L 206 0 M 206 0 M 208 0 L 210 0 M 210 0 M 212 0 L 214 0 M 214 0 M 216 0 L 218 0 M 218 0 M 220 0 L 222 0 M 222 0 M 224 0 L 226 0 M 226 0 M 228 0 L 230 0 M 230 0 M 232 0 L 234 0 M 234 0 M 236 0 L 238 0 M 238 0 M 240 0 L 242 0 M 242 0 M 244 0 L 246 0 M 246 0 M 248 0 L 250 0 M 250 0 M 252 0 L 254 0 M 254 0 M 256 0 L 258 0 M 258 0 M 260 0 L 262 0 M 262 0 M 264 0 L 266 0 M 266 0 M 268 0 L 270 0 M 270 0 M 272 0 L 274 0 M 274 0 M 276 0 L 278 0 M 278 0 M 280 0 L 282 0 M 282 0 M 284 0 L 286 0 M 286 0 M 288 0 L 290 0 M 290 0 M 292 0 L 294 0 M 294 0 M 296 0 L 298 0 M 298 0 M 300 0 L 302 0 M 302 0 M 304 0 L 306 0 M 306 0 M 308 0 L 310 0 M 310 0 M 312 0 L 314 0 M 314 0 M 316 0 L 318 0 M 318 0 M 320 0 L 322 0 M 322 0 M 324 0 L 326 0 M 326 0 M 328 0 L 330 0 M 330 0 M 332 0 L 334 0 M 334 0 M 336 0 L 338 0 M 338 0 M 340 0 L 342 0 M 342 0 M 344 0 L 346 0 M 346 0 M 348 0 L 350 0 M 350 0 M 352 0 L 354 0 M 354 0 M 356 0 L 358 0 M 358 0 M 360 0 L 362 0 M 362 0 M 364 0 L 366 0 M 366 0 M 368 0 L 370 0 M 370 0 M 372 0 L 374 0 M 374 0 M 376 0 L 378 0 M 378 0 M 380 0 L 382 0 M 382 0 M 384 0 L 386 0 M 386 0 M 388 0 L 390 0 M 390 0 M 392 0 L 394 0 M 394 0 M 396 0 L 398 0 M 398 0 M 400 0 L 402 0 M 402 0 M 404 0 L 406 0 M 406 0 M 408 0 L 410 0 M 410 0 M 412 0 L 414 0 M 414 0 M 416 0 L 416.0000000000001 0 Q 416.0000000000001 0 416.0000000000001 0 L 416.0000000000001 1.9999999999998863 M 416.0000000000001 1.9999999999998863 M 416.0000000000001 3.9999999999998863 L 416.0000000000001 5.999999999999886 M 416.0000000000001 5.999999999999886 M 416.0000000000001 7.999999999999886 L 416.0000000000001 9.999999999999886 M 416.0000000000001 9.999999999999886 M 416.0000000000001 11.999999999999886 L 416.0000000000001 13.999999999999886 M 416.0000000000001 13.999999999999886 M 416.0000000000001 15.999999999999886 L 416.0000000000001 17.999999999999886 M 416.0000000000001 17.999999999999886 M 416.0000000000001 19.999999999999886 L 416.0000000000001 21.999999999999886 M 416.0000000000001 21.999999999999886 M 416.0000000000001 23.999999999999886 L 416.0000000000001 25.999999999999886 M 416.0000000000001 25.999999999999886 M 416.0000000000001 27.999999999999886 L 416.0000000000001 29.999999999999886 M 416.0000000000001 29.999999999999886 M 416.0000000000001 31.999999999999886 L 416.0000000000001 33.999999999999886 M 416.0000000000001 33.999999999999886 M 416.0000000000001 35.999999999999886 L 416.0000000000001 37.999999999999886 M 416.0000000000001 37.999999999999886 M 416.0000000000001 39.999999999999886 L 416.0000000000001 41.999999999999886 M 416.0000000000001 41.999999999999886 M 416.0000000000001 43.999999999999886 L 416.0000000000001 45.999999999999886 M 416.0000000000001 45.999999999999886 M 416.0000000000001 47.999999999999886 L 416.0000000000001 49.999999999999886 M 416.0000000000001 49.999999999999886 M 416.0000000000001 51.999999999999886 L 416.0000000000001 53.999999999999886 M 416.0000000000001 53.999999999999886 M 416.0000000000001 55.999999999999886 L 416.0000000000001 57.999999999999886 M 416.0000000000001 57.999999999999886 M 416.0000000000001 59.999999999999886 L 416.0000000000001 61.999999999999886 M 416.0000000000001 61.999999999999886 M 416.0000000000001 63.999999999999886 L 416.0000000000001 65.99999999999989 M 416.0000000000001 65.99999999999989 M 416.0000000000001 67.99999999999989 L 416.0000000000001 69.99999999999989 M 416.0000000000001 69.99999999999989 M 416.0000000000001 71.99999999999989 L 416.0000000000001 73.99999999999989 M 416.0000000000001 73.99999999999989 M 416.0000000000001 75.99999999999989 L 416.0000000000001 77.99999999999989 M 416.0000000000001 77.99999999999989 M 416.0000000000001 79.99999999999989 L 416.0000000000001 81.99999999999989 M 416.0000000000001 81.99999999999989 M 416.0000000000001 83.99999999999989 L 416.0000000000001 85.99999999999989 M 416.0000000000001 85.99999999999989 M 416.0000000000001 87.99999999999989 L 416.0000000000001 89.99999999999989 M 416.0000000000001 89.99999999999989 M 416.0000000000001 91.99999999999989 L 416.0000000000001 93.99999999999989 M 416.0000000000001 93.99999999999989 M 416.0000000000001 95.99999999999989 L 416.0000000000001 97.99999999999989 M 416.0000000000001 97.99999999999989 M 416.0000000000001 99.99999999999989 L 416.0000000000001 101.99999999999989 M 416.0000000000001 101.99999999999989 M 416.0000000000001 103.99999999999989 L 416.0000000000001 105.99999999999989 M 416.0000000000001 105.99999999999989 M 416.0000000000001 107.99999999999989 L 416.0000000000001 109.99999999999989 M 416.0000000000001 109.99999999999989 M 416.0000000000001 111.99999999999989 L 416.0000000000001 113.99999999999989 M 416.0000000000001 113.99999999999989 M 416.0000000000001 115.99999999999989 L 416.0000000000001 117.99999999999989 M 416.0000000000001 117.99999999999989 M 416.0000000000001 119.99999999999989 L 416.0000000000001 121.99999999999989 M 416.0000000000001 121.99999999999989 M 416.0000000000001 123.99999999999989 L 416.0000000000001 125.99999999999989 M 416.0000000000001 125.99999999999989 M 416.0000000000001 127.99999999999989 L 416.0000000000001 129.9999999999999 M 416.0000000000001 129.9999999999999 M 416.0000000000001 131.9999999999999 L 416.0000000000001 133.9999999999999 M 416.0000000000001 133.9999999999999 M 416.0000000000001 135.9999999999999 L 416.0000000000001 137.9999999999999 M 416.0000000000001 137.9999999999999 M 416.0000000000001 139.9999999999999 L 416.0000000000001 141.9999999999999 M 416.0000000000001 141.9999999999999 M 416.0000000000001 143.9999999999999 L 416.0000000000001 145.9999999999999 M 416.0000000000001 145.9999999999999 M 416.0000000000001 147.9999999999999 L 416.0000000000001 149.9999999999999 M 416.0000000000001 149.9999999999999 M 416.0000000000001 151.9999999999999 L 416.0000000000001 153.9999999999999 M 416.0000000000001 153.9999999999999 M 416.0000000000001 155.9999999999999 L 416.0000000000001 157.9999999999999 M 416.0000000000001 157.9999999999999 M 416.0000000000001 159.9999999999999 L 416.0000000000001 161.9999999999999 M 416.0000000000001 161.9999999999999 M 415.0000000000002 163 L 413.0000000000002 163 M 413.0000000000002 163 M 411.0000000000002 163 L 409.0000000000002 163 M 409.0000000000002 163 M 407.0000000000002 163 L 405.0000000000002 163 M 405.0000000000002 163 M 403.0000000000002 163 L 401.0000000000002 163 M 401.0000000000002 163 M 399.0000000000002 163 L 397.0000000000002 163 M 397.0000000000002 163 M 395.0000000000002 163 L 393.0000000000002 163 M 393.0000000000002 163 M 391.0000000000002 163 L 389.0000000000002 163 M 389.0000000000002 163 M 387.0000000000002 163 L 385.0000000000002 163 M 385.0000000000002 163 M 383.0000000000002 163 L 381.0000000000002 163 M 381.0000000000002 163 M 379.0000000000002 163 L 377.0000000000002 163 M 377.0000000000002 163 M 375.0000000000002 163 L 373.0000000000002 163 M 373.0000000000002 163 M 371.0000000000002 163 L 369.0000000000002 163 M 369.0000000000002 163 M 367.0000000000002 163 L 365.0000000000002 163 M 365.0000000000002 163 M 363.0000000000002 163 L 361.0000000000002 163 M 361.0000000000002 163 M 359.0000000000002 163 L 357.0000000000002 163 M 357.0000000000002 163 M 355.0000000000002 163 L 353.0000000000002 163 M 353.0000000000002 163 M 351.0000000000002 163 L 349.0000000000002 163 M 349.0000000000002 163 M 347.0000000000002 163 L 345.0000000000002 163 M 345.0000000000002 163 M 343.0000000000002 163 L 341.0000000000002 163 M 341.0000000000002 163 M 339.0000000000002 163 L 337.0000000000002 163 M 337.0000000000002 163 M 335.0000000000002 163 L 333.0000000000002 163 M 333.0000000000002 163 M 331.0000000000002 163 L 329.0000000000002 163 M 329.0000000000002 163 M 327.0000000000002 163 L 325.0000000000002 163 M 325.0000000000002 163 M 323.0000000000002 163 L 321.0000000000002 163 M 321.0000000000002 163 M 319.0000000000002 163 L 317.0000000000002 163 M 317.0000000000002 163 M 315.0000000000002 163 L 313.0000000000002 163 M 313.0000000000002 163 M 311.0000000000002 163 L 309.0000000000002 163 M 309.0000000000002 163 M 307.0000000000002 163 L 305.0000000000002 163 M 305.0000000000002 163 M 303.0000000000002 163 L 301.0000000000002 163 M 301.0000000000002 163 M 299.0000000000002 163 L 297.0000000000002 163 M 297.0000000000002 163 M 295.0000000000002 163 L 293.0000000000002 163 M 293.0000000000002 163 M 291.0000000000002 163 L 289.0000000000002 163 M 289.0000000000002 163 M 287.0000000000002 163 L 285.0000000000002 163 M 285.0000000000002 163 M 283.0000000000002 163 L 281.0000000000002 163 M 281.0000000000002 163 M 279.0000000000002 163 L 277.0000000000002 163 M 277.0000000000002 163 M 275.0000000000002 163 L 273.0000000000002 163 M 273.0000000000002 163 M 271.0000000000002 163 L 269.0000000000002 163 M 269.0000000000002 163 M 267.0000000000002 163 L 265.0000000000002 163 M 265.0000000000002 163 M 263.0000000000002 163 L 261.0000000000002 163 M 261.0000000000002 163 M 259.0000000000002 163 L 257.0000000000002 163 M 257.0000000000002 163 M 255.00000000000023 163 L 253.00000000000023 163 M 253.00000000000023 163 M 251.00000000000023 163 L 249.00000000000023 163 M 249.00000000000023 163 M 247.00000000000023 163 L 245.00000000000023 163 M 245.00000000000023 163 M 243.00000000000023 163 L 241.00000000000023 163 M 241.00000000000023 163 M 239.00000000000023 163 L 237.00000000000023 163 M 237.00000000000023 163 M 235.00000000000023 163 L 233.00000000000023 163 M 233.00000000000023 163 M 231.00000000000023 163 L 229.00000000000023 163 M 229.00000000000023 163 M 227.00000000000023 163 L 225.00000000000023 163 M 225.00000000000023 163 M 223.00000000000023 163 L 221.00000000000023 163 M 221.00000000000023 163 M 219.00000000000023 163 L 217.00000000000023 163 M 217.00000000000023 163 M 215.00000000000023 163 L 213.00000000000023 163 M 213.00000000000023 163 M 211.00000000000023 163 L 209.00000000000023 163 M 209.00000000000023 163 M 207.00000000000023 163 L 205.00000000000023 163 M 205.00000000000023 163 M 203.00000000000023 163 L 201.00000000000023 163 M 201.00000000000023 163 M 199.00000000000023 163 L 197.00000000000023 163 M 197.00000000000023 163 M 195.00000000000023 163 L 193.00000000000023 163 M 193.00000000000023 163 M 191.00000000000023 163 L 189.00000000000023 163 M 189.00000000000023 163 M 187.00000000000023 163 L 185.00000000000023 163 M 185.00000000000023 163 M 183.00000000000023 163 L 181.00000000000023 163 M 181.00000000000023 163 M 179.00000000000023 163 L 177.00000000000023 163 M 177.00000000000023 163 M 175.00000000000023 163 L 173.00000000000023 163 M 173.00000000000023 163 M 171.00000000000023 163 L 169.00000000000023 163 M 169.00000000000023 163 M 167.00000000000023 163 L 165.00000000000023 163 M 165.00000000000023 163 M 163.00000000000023 163 L 161.00000000000023 163 M 161.00000000000023 163 M 159.00000000000023 163 L 157.00000000000023 163 M 157.00000000000023 163 M 155.00000000000023 163 L 153.00000000000023 163 M 153.00000000000023 163 M 151.00000000000023 163 L 149.00000000000023 163 M 149.00000000000023 163 M 147.00000000000023 163 L 145.00000000000023 163 M 145.00000000000023 163 M 143.00000000000023 163 L 141.00000000000023 163 M 141.00000000000023 163 M 139.00000000000023 163 L 137.00000000000023 163 M 137.00000000000023 163 M 135.00000000000023 163 L 133.00000000000023 163 M 133.00000000000023 163 M 131.00000000000023 163 L 129.00000000000023 163 M 129.00000000000023 163 M 127.00000000000023 163 L 125.00000000000023 163 M 125.00000000000023 163 M 123.00000000000023 163 L 121.00000000000023 163 M 121.00000000000023 163 M 119.00000000000023 163 L 117.00000000000023 163 M 117.00000000000023 163 M 115.00000000000023 163 L 113.00000000000023 163 M 113.00000000000023 163 M 111.00000000000023 163 L 109.00000000000023 163 M 109.00000000000023 163 M 107.00000000000023 163 L 105.00000000000023 163 M 105.00000000000023 163 M 103.00000000000023 163 L 101.00000000000023 163 M 101.00000000000023 163 M 99.00000000000023 163 L 97.00000000000023 163 M 97.00000000000023 163 M 95.00000000000023 163 L 93.00000000000023 163 M 93.00000000000023 163 M 91.00000000000023 163 L 89.00000000000023 163 M 89.00000000000023 163 M 87.00000000000023 163 L 85.00000000000023 163 M 85.00000000000023 163 M 83.00000000000023 163 L 81.00000000000023 163 M 81.00000000000023 163 M 79.00000000000023 163 L 77.00000000000023 163 M 77.00000000000023 163 M 75.00000000000023 163 L 73.00000000000023 163 M 73.00000000000023 163 M 71.00000000000023 163 L 69.00000000000023 163 M 69.00000000000023 163 M 67.00000000000023 163 L 65.00000000000023 163 M 65.00000000000023 163 M 63.00000000000023 163 L 61.00000000000023 163 M 61.00000000000023 163 M 59.00000000000023 163 L 57.00000000000023 163 M 57.00000000000023 163 M 55.00000000000023 163 L 53.00000000000023 163 M 53.00000000000023 163 M 51.00000000000023 163 L 49.00000000000023 163 M 49.00000000000023 163 M 47.00000000000023 163 L 45.00000000000023 163 M 45.00000000000023 163 M 43.00000000000023 163 L 41.00000000000023 163 M 41.00000000000023 163 M 39.00000000000023 163 L 37.00000000000023 163 M 37.00000000000023 163 M 35.00000000000023 163 L 33.00000000000023 163 M 33.00000000000023 163 M 31.000000000000227 163 L 29.000000000000227 163 M 29.000000000000227 163 M 27.000000000000227 163 L 25.000000000000227 163 M 25.000000000000227 163 M 23.000000000000227 163 L 21.000000000000227 163 M 21.000000000000227 163 M 19.000000000000227 163 L 17.000000000000227 163 M 17.000000000000227 163 M 15.000000000000227 163 L 13.000000000000227 163 M 13.000000000000227 163 M 11.000000000000227 163 L 9.000000000000227 163 M 9.000000000000227 163 M 7.000000000000227 163 L 5.000000000000227 163 M 5.000000000000227 163 M 3.0000000000002274 163 L 1.0000000000002274 163 M 1.0000000000002274 163 M 0 162.00000000000023 L 0 160.00000000000023 M 0 160.00000000000023 M 0 158.00000000000023 L 0 156.00000000000023 M 0 156.00000000000023 M 0 154.00000000000023 L 0 152.00000000000023 M 0 152.00000000000023 M 0 150.00000000000023 L 0 148.00000000000023 M 0 148.00000000000023 M 0 146.00000000000023 L 0 144.00000000000023 M 0 144.00000000000023 M 0 142.00000000000023 L 0 140.00000000000023 M 0 140.00000000000023 M 0 138.00000000000023 L 0 136.00000000000023 M 0 136.00000000000023 M 0 134.00000000000023 L 0 132.00000000000023 M 0 132.00000000000023 M 0 130.00000000000023 L 0 128.00000000000023 M 0 128.00000000000023 M 0 126.00000000000023 L 0 124.00000000000023 M 0 124.00000000000023 M 0 122.00000000000023 L 0 120.00000000000023 M 0 120.00000000000023 M 0 118.00000000000023 L 0 116.00000000000023 M 0 116.00000000000023 M 0 114.00000000000023 L 0 112.00000000000023 M 0 112.00000000000023 M 0 110.00000000000023 L 0 108.00000000000023 M 0 108.00000000000023 M 0 106.00000000000023 L 0 104.00000000000023 M 0 104.00000000000023 M 0 102.00000000000023 L 0 100.00000000000023 M 0 100.00000000000023 M 0 98.00000000000023 L 0 96.00000000000023 M 0 96.00000000000023 M 0 94.00000000000023 L 0 92.00000000000023 M 0 92.00000000000023 M 0 90.00000000000023 L 0 88.00000000000023 M 0 88.00000000000023 M 0 86.00000000000023 L 0 84.00000000000023 M 0 84.00000000000023 M 0 82.00000000000023 L 0 80.00000000000023 M 0 80.00000000000023 M 0 78.00000000000023 L 0 76.00000000000023 M 0 76.00000000000023 M 0 74.00000000000023 L 0 72.00000000000023 M 0 72.00000000000023 M 0 70.00000000000023 L 0 68.00000000000023 M 0 68.00000000000023 M 0 66.00000000000023 L 0 64.00000000000023 M 0 64.00000000000023 M 0 62.00000000000023 L 0 60.00000000000023 M 0 60.00000000000023 M 0 58.00000000000023 L 0 56.00000000000023 M 0 56.00000000000023 M 0 54.00000000000023 L 0 52.00000000000023 M 0 52.00000000000023 M 0 50.00000000000023 L 0 48.00000000000023 M 0 48.00000000000023 M 0 46.00000000000023 L 0 44.00000000000023 M 0 44.00000000000023 M 0 42.00000000000023 L 0 40.00000000000023 M 0 40.00000000000023 M 0 38.00000000000023 L 0 36.00000000000023 M 0 36.00000000000023 M 0 34.00000000000023 L 0 32.00000000000023 M 0 32.00000000000023 M 0 30.000000000000227 L 0 28.000000000000227 M 0 28.000000000000227 M 0 26.000000000000227 L 0 24.000000000000227 M 0 24.000000000000227 M 0 22.000000000000227 L 0 20.000000000000227 M 0 20.000000000000227 M 0 18.000000000000227 L 0 16.000000000000227 M 0 16.000000000000227 M 0 14.000000000000227 L 0 12.000000000000227 M 0 12.000000000000227 M 0 10.000000000000227 L 0 8.000000000000227 M 0 8.000000000000227 M 0 6.000000000000227 L 0 4.000000000000227 M 0 4.000000000000227 M 0 2.0000000000002274 L 0 2.2737367544323206e-13 M 0 2.2737367544323206e-13 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,3.5000000000000284,268.5)"><g><g transform="translate(0,0) scale(4.11,1.63)"><g><path fill="#FFFFFF" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(0.24330900243309,0.6134969325153374)"><path fill="none" stroke="none" d="M 0 0 L 411.00000000000006 0 Q 411.00000000000006 0 411.00000000000006 0 L 411.00000000000006 163 Q 411.00000000000006 163 411.00000000000006 163 L 0 163 Q 0 163 0 163 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#333333" d="M 0 0 M 0 0 L 2 0 M 2 0 M 4 0 L 6 0 M 6 0 M 8 0 L 10 0 M 10 0 M 12 0 L 14 0 M 14 0 M 16 0 L 18 0 M 18 0 M 20 0 L 22 0 M 22 0 M 24 0 L 26 0 M 26 0 M 28 0 L 30 0 M 30 0 M 32 0 L 34 0 M 34 0 M 36 0 L 38 0 M 38 0 M 40 0 L 42 0 M 42 0 M 44 0 L 46 0 M 46 0 M 48 0 L 50 0 M 50 0 M 52 0 L 54 0 M 54 0 M 56 0 L 58 0 M 58 0 M 60 0 L 62 0 M 62 0 M 64 0 L 66 0 M 66 0 M 68 0 L 70 0 M 70 0 M 72 0 L 74 0 M 74 0 M 76 0 L 78 0 M 78 0 M 80 0 L 82 0 M 82 0 M 84 0 L 86 0 M 86 0 M 88 0 L 90 0 M 90 0 M 92 0 L 94 0 M 94 0 M 96 0 L 98 0 M 98 0 M 100 0 L 102 0 M 102 0 M 104 0 L 106 0 M 106 0 M 108 0 L 110 0 M 110 0 M 112 0 L 114 0 M 114 0 M 116 0 L 118 0 M 118 0 M 120 0 L 122 0 M 122 0 M 124 0 L 126 0 M 126 0 M 128 0 L 130 0 M 130 0 M 132 0 L 134 0 M 134 0 M 136 0 L 138 0 M 138 0 M 140 0 L 142 0 M 142 0 M 144 0 L 146 0 M 146 0 M 148 0 L 150 0 M 150 0 M 152 0 L 154 0 M 154 0 M 156 0 L 158 0 M 158 0 M 160 0 L 162 0 M 162 0 M 164 0 L 166 0 M 166 0 M 168 0 L 170 0 M 170 0 M 172 0 L 174 0 M 174 0 M 176 0 L 178 0 M 178 0 M 180 0 L 182 0 M 182 0 M 184 0 L 186 0 M 186 0 M 188 0 L 190 0 M 190 0 M 192 0 L 194 0 M 194 0 M 196 0 L 198 0 M 198 0 M 200 0 L 202 0 M 202 0 M 204 0 L 206 0 M 206 0 M 208 0 L 210 0 M 210 0 M 212 0 L 214 0 M 214 0 M 216 0 L 218 0 M 218 0 M 220 0 L 222 0 M 222 0 M 224 0 L 226 0 M 226 0 M 228 0 L 230 0 M 230 0 M 232 0 L 234 0 M 234 0 M 236 0 L 238 0 M 238 0 M 240 0 L 242 0 M 242 0 M 244 0 L 246 0 M 246 0 M 248 0 L 250 0 M 250 0 M 252 0 L 254 0 M 254 0 M 256 0 L 258 0 M 258 0 M 260 0 L 262 0 M 262 0 M 264 0 L 266 0 M 266 0 M 268 0 L 270 0 M 270 0 M 272 0 L 274 0 M 274 0 M 276 0 L 278 0 M 278 0 M 280 0 L 282 0 M 282 0 M 284 0 L 286 0 M 286 0 M 288 0 L 290 0 M 290 0 M 292 0 L 294 0 M 294 0 M 296 0 L 298 0 M 298 0 M 300 0 L 302 0 M 302 0 M 304 0 L 306 0 M 306 0 M 308 0 L 310 0 M 310 0 M 312 0 L 314 0 M 314 0 M 316 0 L 318 0 M 318 0 M 320 0 L 322 0 M 322 0 M 324 0 L 326 0 M 326 0 M 328 0 L 330 0 M 330 0 M 332 0 L 334 0 M 334 0 M 336 0 L 338 0 M 338 0 M 340 0 L 342 0 M 342 0 M 344 0 L 346 0 M 346 0 M 348 0 L 350 0 M 350 0 M 352 0 L 354 0 M 354 0 M 356 0 L 358 0 M 358 0 M 360 0 L 362 0 M 362 0 M 364 0 L 366 0 M 366 0 M 368 0 L 370 0 M 370 0 M 372 0 L 374 0 M 374 0 M 376 0 L 378 0 M 378 0 M 380 0 L 382 0 M 382 0 M 384 0 L 386 0 M 386 0 M 388 0 L 390 0 M 390 0 M 392 0 L 394 0 M 394 0 M 396 0 L 398 0 M 398 0 M 400 0 L 402 0 M 402 0 M 404 0 L 406 0 M 406 0 M 408 0 L 410 0 M 410 0 M 411.00000000000006 0.9999999999999432 L 411.00000000000006 2.999999999999943 M 411.00000000000006 2.999999999999943 M 411.00000000000006 4.999999999999943 L 411.00000000000006 6.999999999999943 M 411.00000000000006 6.999999999999943 M 411.00000000000006 8.999999999999943 L 411.00000000000006 10.999999999999943 M 411.00000000000006 10.999999999999943 M 411.00000000000006 12.999999999999943 L 411.00000000000006 14.999999999999943 M 411.00000000000006 14.999999999999943 M 411.00000000000006 16.999999999999943 L 411.00000000000006 18.999999999999943 M 411.00000000000006 18.999999999999943 M 411.00000000000006 20.999999999999943 L 411.00000000000006 22.999999999999943 M 411.00000000000006 22.999999999999943 M 411.00000000000006 24.999999999999943 L 411.00000000000006 26.999999999999943 M 411.00000000000006 26.999999999999943 M 411.00000000000006 28.999999999999943 L 411.00000000000006 30.999999999999943 M 411.00000000000006 30.999999999999943 M 411.00000000000006 32.99999999999994 L 411.00000000000006 34.99999999999994 M 411.00000000000006 34.99999999999994 M 411.00000000000006 36.99999999999994 L 411.00000000000006 38.99999999999994 M 411.00000000000006 38.99999999999994 M 411.00000000000006 40.99999999999994 L 411.00000000000006 42.99999999999994 M 411.00000000000006 42.99999999999994 M 411.00000000000006 44.99999999999994 L 411.00000000000006 46.99999999999994 M 411.00000000000006 46.99999999999994 M 411.00000000000006 48.99999999999994 L 411.00000000000006 50.99999999999994 M 411.00000000000006 50.99999999999994 M 411.00000000000006 52.99999999999994 L 411.00000000000006 54.99999999999994 M 411.00000000000006 54.99999999999994 M 411.00000000000006 56.99999999999994 L 411.00000000000006 58.99999999999994 M 411.00000000000006 58.99999999999994 M 411.00000000000006 60.99999999999994 L 411.00000000000006 62.99999999999994 M 411.00000000000006 62.99999999999994 M 411.00000000000006 64.99999999999994 L 411.00000000000006 66.99999999999994 M 411.00000000000006 66.99999999999994 M 411.00000000000006 68.99999999999994 L 411.00000000000006 70.99999999999994 M 411.00000000000006 70.99999999999994 M 411.00000000000006 72.99999999999994 L 411.00000000000006 74.99999999999994 M 411.00000000000006 74.99999999999994 M 411.00000000000006 76.99999999999994 L 411.00000000000006 78.99999999999994 M 411.00000000000006 78.99999999999994 M 411.00000000000006 80.99999999999994 L 411.00000000000006 82.99999999999994 M 411.00000000000006 82.99999999999994 M 411.00000000000006 84.99999999999994 L 411.00000000000006 86.99999999999994 M 411.00000000000006 86.99999999999994 M 411.00000000000006 88.99999999999994 L 411.00000000000006 90.99999999999994 M 411.00000000000006 90.99999999999994 M 411.00000000000006 92.99999999999994 L 411.00000000000006 94.99999999999994 M 411.00000000000006 94.99999999999994 M 411.00000000000006 96.99999999999994 L 411.00000000000006 98.99999999999994 M 411.00000000000006 98.99999999999994 M 411.00000000000006 100.99999999999994 L 411.00000000000006 102.99999999999994 M 411.00000000000006 102.99999999999994 M 411.00000000000006 104.99999999999994 L 411.00000000000006 106.99999999999994 M 411.00000000000006 106.99999999999994 M 411.00000000000006 108.99999999999994 L 411.00000000000006 110.99999999999994 M 411.00000000000006 110.99999999999994 M 411.00000000000006 112.99999999999994 L 411.00000000000006 114.99999999999994 M 411.00000000000006 114.99999999999994 M 411.00000000000006 116.99999999999994 L 411.00000000000006 118.99999999999994 M 411.00000000000006 118.99999999999994 M 411.00000000000006 120.99999999999994 L 411.00000000000006 122.99999999999994 M 411.00000000000006 122.99999999999994 M 411.00000000000006 124.99999999999994 L 411.00000000000006 126.99999999999994 M 411.00000000000006 126.99999999999994 M 411.00000000000006 128.99999999999994 L 411.00000000000006 130.99999999999994 M 411.00000000000006 130.99999999999994 M 411.00000000000006 132.99999999999994 L 411.00000000000006 134.99999999999994 M 411.00000000000006 134.99999999999994 M 411.00000000000006 136.99999999999994 L 411.00000000000006 138.99999999999994 M 411.00000000000006 138.99999999999994 M 411.00000000000006 140.99999999999994 L 411.00000000000006 142.99999999999994 M 411.00000000000006 142.99999999999994 M 411.00000000000006 144.99999999999994 L 411.00000000000006 146.99999999999994 M 411.00000000000006 146.99999999999994 M 411.00000000000006 148.99999999999994 L 411.00000000000006 150.99999999999994 M 411.00000000000006 150.99999999999994 M 411.00000000000006 152.99999999999994 L 411.00000000000006 154.99999999999994 M 411.00000000000006 154.99999999999994 M 411.00000000000006 156.99999999999994 L 411.00000000000006 158.99999999999994 M 411.00000000000006 158.99999999999994 M 411.00000000000006 160.99999999999994 L 411.00000000000006 162.99999999999994 M 411.00000000000006 162.99999999999994 M 409.0000000000001 163 L 407.0000000000001 163 M 407.0000000000001 163 M 405.0000000000001 163 L 403.0000000000001 163 M 403.0000000000001 163 M 401.0000000000001 163 L 399.0000000000001 163 M 399.0000000000001 163 M 397.0000000000001 163 L 395.0000000000001 163 M 395.0000000000001 163 M 393.0000000000001 163 L 391.0000000000001 163 M 391.0000000000001 163 M 389.0000000000001 163 L 387.0000000000001 163 M 387.0000000000001 163 M 385.0000000000001 163 L 383.0000000000001 163 M 383.0000000000001 163 M 381.0000000000001 163 L 379.0000000000001 163 M 379.0000000000001 163 M 377.0000000000001 163 L 375.0000000000001 163 M 375.0000000000001 163 M 373.0000000000001 163 L 371.0000000000001 163 M 371.0000000000001 163 M 369.0000000000001 163 L 367.0000000000001 163 M 367.0000000000001 163 M 365.0000000000001 163 L 363.0000000000001 163 M 363.0000000000001 163 M 361.0000000000001 163 L 359.0000000000001 163 M 359.0000000000001 163 M 357.0000000000001 163 L 355.0000000000001 163 M 355.0000000000001 163 M 353.0000000000001 163 L 351.0000000000001 163 M 351.0000000000001 163 M 349.0000000000001 163 L 347.0000000000001 163 M 347.0000000000001 163 M 345.0000000000001 163 L 343.0000000000001 163 M 343.0000000000001 163 M 341.0000000000001 163 L 339.0000000000001 163 M 339.0000000000001 163 M 337.0000000000001 163 L 335.0000000000001 163 M 335.0000000000001 163 M 333.0000000000001 163 L 331.0000000000001 163 M 331.0000000000001 163 M 329.0000000000001 163 L 327.0000000000001 163 M 327.0000000000001 163 M 325.0000000000001 163 L 323.0000000000001 163 M 323.0000000000001 163 M 321.0000000000001 163 L 319.0000000000001 163 M 319.0000000000001 163 M 317.0000000000001 163 L 315.0000000000001 163 M 315.0000000000001 163 M 313.0000000000001 163 L 311.0000000000001 163 M 311.0000000000001 163 M 309.0000000000001 163 L 307.0000000000001 163 M 307.0000000000001 163 M 305.0000000000001 163 L 303.0000000000001 163 M 303.0000000000001 163 M 301.0000000000001 163 L 299.0000000000001 163 M 299.0000000000001 163 M 297.0000000000001 163 L 295.0000000000001 163 M 295.0000000000001 163 M 293.0000000000001 163 L 291.0000000000001 163 M 291.0000000000001 163 M 289.0000000000001 163 L 287.0000000000001 163 M 287.0000000000001 163 M 285.0000000000001 163 L 283.0000000000001 163 M 283.0000000000001 163 M 281.0000000000001 163 L 279.0000000000001 163 M 279.0000000000001 163 M 277.0000000000001 163 L 275.0000000000001 163 M 275.0000000000001 163 M 273.0000000000001 163 L 271.0000000000001 163 M 271.0000000000001 163 M 269.0000000000001 163 L 267.0000000000001 163 M 267.0000000000001 163 M 265.0000000000001 163 L 263.0000000000001 163 M 263.0000000000001 163 M 261.0000000000001 163 L 259.0000000000001 163 M 259.0000000000001 163 M 257.0000000000001 163 L 255.0000000000001 163 M 255.0000000000001 163 M 253.0000000000001 163 L 251.0000000000001 163 M 251.0000000000001 163 M 249.0000000000001 163 L 247.0000000000001 163 M 247.0000000000001 163 M 245.0000000000001 163 L 243.0000000000001 163 M 243.0000000000001 163 M 241.0000000000001 163 L 239.0000000000001 163 M 239.0000000000001 163 M 237.0000000000001 163 L 235.0000000000001 163 M 235.0000000000001 163 M 233.0000000000001 163 L 231.0000000000001 163 M 231.0000000000001 163 M 229.0000000000001 163 L 227.0000000000001 163 M 227.0000000000001 163 M 225.0000000000001 163 L 223.0000000000001 163 M 223.0000000000001 163 M 221.0000000000001 163 L 219.0000000000001 163 M 219.0000000000001 163 M 217.0000000000001 163 L 215.0000000000001 163 M 215.0000000000001 163 M 213.0000000000001 163 L 211.0000000000001 163 M 211.0000000000001 163 M 209.0000000000001 163 L 207.0000000000001 163 M 207.0000000000001 163 M 205.0000000000001 163 L 203.0000000000001 163 M 203.0000000000001 163 M 201.0000000000001 163 L 199.0000000000001 163 M 199.0000000000001 163 M 197.0000000000001 163 L 195.0000000000001 163 M 195.0000000000001 163 M 193.0000000000001 163 L 191.0000000000001 163 M 191.0000000000001 163 M 189.0000000000001 163 L 187.0000000000001 163 M 187.0000000000001 163 M 185.0000000000001 163 L 183.0000000000001 163 M 183.0000000000001 163 M 181.0000000000001 163 L 179.0000000000001 163 M 179.0000000000001 163 M 177.0000000000001 163 L 175.0000000000001 163 M 175.0000000000001 163 M 173.0000000000001 163 L 171.0000000000001 163 M 171.0000000000001 163 M 169.0000000000001 163 L 167.0000000000001 163 M 167.0000000000001 163 M 165.0000000000001 163 L 163.0000000000001 163 M 163.0000000000001 163 M 161.0000000000001 163 L 159.0000000000001 163 M 159.0000000000001 163 M 157.0000000000001 163 L 155.0000000000001 163 M 155.0000000000001 163 M 153.0000000000001 163 L 151.0000000000001 163 M 151.0000000000001 163 M 149.0000000000001 163 L 147.0000000000001 163 M 147.0000000000001 163 M 145.0000000000001 163 L 143.0000000000001 163 M 143.0000000000001 163 M 141.0000000000001 163 L 139.0000000000001 163 M 139.0000000000001 163 M 137.0000000000001 163 L 135.0000000000001 163 M 135.0000000000001 163 M 133.0000000000001 163 L 131.0000000000001 163 M 131.0000000000001 163 M 129.0000000000001 163 L 127.00000000000011 163 M 127.00000000000011 163 M 125.00000000000011 163 L 123.00000000000011 163 M 123.00000000000011 163 M 121.00000000000011 163 L 119.00000000000011 163 M 119.00000000000011 163 M 117.00000000000011 163 L 115.00000000000011 163 M 115.00000000000011 163 M 113.00000000000011 163 L 111.00000000000011 163 M 111.00000000000011 163 M 109.00000000000011 163 L 107.00000000000011 163 M 107.00000000000011 163 M 105.00000000000011 163 L 103.00000000000011 163 M 103.00000000000011 163 M 101.00000000000011 163 L 99.00000000000011 163 M 99.00000000000011 163 M 97.00000000000011 163 L 95.00000000000011 163 M 95.00000000000011 163 M 93.00000000000011 163 L 91.00000000000011 163 M 91.00000000000011 163 M 89.00000000000011 163 L 87.00000000000011 163 M 87.00000000000011 163 M 85.00000000000011 163 L 83.00000000000011 163 M 83.00000000000011 163 M 81.00000000000011 163 L 79.00000000000011 163 M 79.00000000000011 163 M 77.00000000000011 163 L 75.00000000000011 163 M 75.00000000000011 163 M 73.00000000000011 163 L 71.00000000000011 163 M 71.00000000000011 163 M 69.00000000000011 163 L 67.00000000000011 163 M 67.00000000000011 163 M 65.00000000000011 163 L 63.000000000000114 163 M 63.000000000000114 163 M 61.000000000000114 163 L 59.000000000000114 163 M 59.000000000000114 163 M 57.000000000000114 163 L 55.000000000000114 163 M 55.000000000000114 163 M 53.000000000000114 163 L 51.000000000000114 163 M 51.000000000000114 163 M 49.000000000000114 163 L 47.000000000000114 163 M 47.000000000000114 163 M 45.000000000000114 163 L 43.000000000000114 163 M 43.000000000000114 163 M 41.000000000000114 163 L 39.000000000000114 163 M 39.000000000000114 163 M 37.000000000000114 163 L 35.000000000000114 163 M 35.000000000000114 163 M 33.000000000000114 163 L 31.000000000000114 163 M 31.000000000000114 163 M 29.000000000000114 163 L 27.000000000000114 163 M 27.000000000000114 163 M 25.000000000000114 163 L 23.000000000000114 163 M 23.000000000000114 163 M 21.000000000000114 163 L 19.000000000000114 163 M 19.000000000000114 163 M 17.000000000000114 163 L 15.000000000000114 163 M 15.000000000000114 163 M 13.000000000000114 163 L 11.000000000000114 163 M 11.000000000000114 163 M 9.000000000000114 163 L 7.000000000000114 163 M 7.000000000000114 163 M 5.000000000000114 163 L 3.0000000000001137 163 M 3.0000000000001137 163 M 1.0000000000001137 163 L 0 163 Q 0 163 0 163 L 0 162.0000000000001 M 0 162.0000000000001 M 0 160.0000000000001 L 0 158.0000000000001 M 0 158.0000000000001 M 0 156.0000000000001 L 0 154.0000000000001 M 0 154.0000000000001 M 0 152.0000000000001 L 0 150.0000000000001 M 0 150.0000000000001 M 0 148.0000000000001 L 0 146.0000000000001 M 0 146.0000000000001 M 0 144.0000000000001 L 0 142.0000000000001 M 0 142.0000000000001 M 0 140.0000000000001 L 0 138.0000000000001 M 0 138.0000000000001 M 0 136.0000000000001 L 0 134.0000000000001 M 0 134.0000000000001 M 0 132.0000000000001 L 0 130.0000000000001 M 0 130.0000000000001 M 0 128.0000000000001 L 0 126.00000000000011 M 0 126.00000000000011 M 0 124.00000000000011 L 0 122.00000000000011 M 0 122.00000000000011 M 0 120.00000000000011 L 0 118.00000000000011 M 0 118.00000000000011 M 0 116.00000000000011 L 0 114.00000000000011 M 0 114.00000000000011 M 0 112.00000000000011 L 0 110.00000000000011 M 0 110.00000000000011 M 0 108.00000000000011 L 0 106.00000000000011 M 0 106.00000000000011 M 0 104.00000000000011 L 0 102.00000000000011 M 0 102.00000000000011 M 0 100.00000000000011 L 0 98.00000000000011 M 0 98.00000000000011 M 0 96.00000000000011 L 0 94.00000000000011 M 0 94.00000000000011 M 0 92.00000000000011 L 0 90.00000000000011 M 0 90.00000000000011 M 0 88.00000000000011 L 0 86.00000000000011 M 0 86.00000000000011 M 0 84.00000000000011 L 0 82.00000000000011 M 0 82.00000000000011 M 0 80.00000000000011 L 0 78.00000000000011 M 0 78.00000000000011 M 0 76.00000000000011 L 0 74.00000000000011 M 0 74.00000000000011 M 0 72.00000000000011 L 0 70.00000000000011 M 0 70.00000000000011 M 0 68.00000000000011 L 0 66.00000000000011 M 0 66.00000000000011 M 0 64.00000000000011 L 0 62.000000000000114 M 0 62.000000000000114 M 0 60.000000000000114 L 0 58.000000000000114 M 0 58.000000000000114 M 0 56.000000000000114 L 0 54.000000000000114 M 0 54.000000000000114 M 0 52.000000000000114 L 0 50.000000000000114 M 0 50.000000000000114 M 0 48.000000000000114 L 0 46.000000000000114 M 0 46.000000000000114 M 0 44.000000000000114 L 0 42.000000000000114 M 0 42.000000000000114 M 0 40.000000000000114 L 0 38.000000000000114 M 0 38.000000000000114 M 0 36.000000000000114 L 0 34.000000000000114 M 0 34.000000000000114 M 0 32.000000000000114 L 0 30.000000000000114 M 0 30.000000000000114 M 0 28.000000000000114 L 0 26.000000000000114 M 0 26.000000000000114 M 0 24.000000000000114 L 0 22.000000000000114 M 0 22.000000000000114 M 0 20.000000000000114 L 0 18.000000000000114 M 0 18.000000000000114 M 0 16.000000000000114 L 0 14.000000000000114 M 0 14.000000000000114 M 0 12.000000000000114 L 0 10.000000000000114 M 0 10.000000000000114 M 0 8.000000000000114 L 0 6.000000000000114 M 0 6.000000000000114 M 0 4.000000000000114 L 0 2.0000000000001137 M 0 2.0000000000001137 M 0 1.1368683772161603e-13 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,515,213)"><g transform="translate(0,0)"><g transform="translate(-100.5,-90.5) translate(-414.5,-122.5) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 519.5 217.5 L 551.5 298" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,535.7106781186548,213)"><g transform="translate(0,0)"><g transform="translate(-139.5,-86.5) translate(-396.21067811865476,-126.5) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 540.2106781186548 217.5 L 744.5 298" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,444.71067811865476,77.5)"><g transform="translate(0,0)"><g transform="translate(-231.28932188134524,-95) translate(-213.4213562373095,17.5) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 498.78932188134524 142.5 L 449.21067811865476 82" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,354.21067811865476,77.49999999999999)"><g transform="translate(0,0)"><g transform="translate(-237,-54) translate(-117.21067811865476,-23.499999999999986) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 407.78932188134524 81.99999999999999 L 358.71067811865476 142.5" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,289.5,213)"><g transform="translate(0,0)"><g transform="translate(-174,-217.5) translate(-115.5,4.5) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 338 217.5 L 294 299" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,103.5,213)"><g transform="translate(0,0)"><g transform="translate(-187,-206.5) translate(83.5,-6.5) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cccccc" d="M 317.28932188134524 217.5 L 108 298" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,378.5,7)"><g transform="translate(4,4) scale(1.01,1.0133333333333334)"><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="url(#tTmKplTTMsiu)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#tTmKplTTMsiu)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,389,38)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="1.3134765625" y="0" width="78" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="1.3134765625" y="0" width="78" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="1" y="11">L</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="8" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="15" y="11">v</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="21" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="43" y="11">S</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="51" y="11">w</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="60" y="11">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="63" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="66" y="11">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="72" y="11">h</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,288,142.5)"><g transform="translate(4,4) scale(1.01,1.0133333333333334)"><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="url(#oLPowxNiyzWp)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#oLPowxNiyzWp)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,298,173)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.326171875" y="0" width="32" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.326171875" y="0" width="32" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24" y="11">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="11">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="49" y="11">1</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,469.5,142.5)"><g transform="translate(4,4) scale(1.01,1.0133333333333334)"><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,0.75)"><g><path fill="url(#pXOyUAUnGLnv)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1.3333333333333333)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#pXOyUAUnGLnv)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 75 Q 100 75 100 75 L 0 75 Q 0 75 0 75 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,480,173)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.326171875" y="0" width="32" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.326171875" y="0" width="32" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24" y="11">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="11">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="49" y="11">2</text></g></g><g transform="matrix(1,0,0,1,280,126)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="117" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="117" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="11">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">2001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">db8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="77" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="80" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="87" y="11">::</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="93" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="100" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="103" y="11">64</text></g></g><g transform="matrix(1,0,0,1,463,128)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="117" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="11">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">2001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">db8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="77" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="80" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="87" y="11">::</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="93" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="100" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="103" y="11">64</text></g></g><g transform="matrix(1,0,0,1,447,223)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="23.2978515625" y="0" width="100" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="23.2978515625" y="0" width="100" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="23" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="30" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="37" y="11">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="43" y="11">k</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="49" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="55" y="11">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="69" y="11">f</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="73" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="79" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="86" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="93" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="96" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="99" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="106" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="109" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="116" y="11">4</text></g></g><g transform="matrix(1,0,0,1,264,224)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="23.2978515625" y="0" width="100" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="23.2978515625" y="0" width="100" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="23" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="30" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="37" y="11">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="43" y="11">k</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="49" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="55" y="11">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="69" y="11">f</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="73" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="79" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="86" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="93" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="96" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="99" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="106" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="109" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="116" y="11">4</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,58,298)"><g transform="translate(4,4) scale(1.01,1.01)"><g><g transform="translate(0,0) scale(1,1)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,1)"><g><path fill="url(#UNWdxKXMRvQE)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#UNWdxKXMRvQE)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,68,341)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="5.3125" y="0" width="70" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="5.3125" y="0" width="70" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="5" y="11">C</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="14" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="21" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="31" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="37" y="11">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="47" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="11">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64" y="11">-</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="11">1</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,244,299)"><g transform="translate(4,4) scale(1.01,1.01)"><g><g transform="translate(0,0) scale(1,1)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,1)"><g><path fill="url(#yUmhFNndNCTB)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#yUmhFNndNCTB)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,254,342)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="5.3125" y="0" width="70" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="5.3125" y="0" width="70" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="5" y="11">C</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="14" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="21" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="31" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="37" y="11">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="47" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="11">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64" y="11">-</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="11">2</text></g></g><g transform="matrix(1,0,0,1,36,283)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="14.6142578125" y="0" width="118" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="15" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="21" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="25" y="11">h</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="31" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="41" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="48" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="55" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="61" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="71" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="78" y="11">b</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="85" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="91" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="95" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="101" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="105" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="108" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="115" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="118" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="125" y="11">4</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,501.5,298)"><g transform="translate(4,4) scale(1.01,1.01)"><g><g transform="translate(0,0) scale(1,1)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,1)"><g><path fill="url(#KUGWbORyJeGF)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#KUGWbORyJeGF)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,512,341)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="5.3125" y="0" width="70" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="5.3125" y="0" width="70" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="5" y="11">C</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="14" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="21" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="31" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="37" y="11">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="47" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="11">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64" y="11">-</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="11">1</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,694.5,298)"><g transform="translate(4,4) scale(1.01,1.01)"><g><g transform="translate(0,0) scale(1,1)"><g><path fill="#000000" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" opacity="0.294117647"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="rgb(0,0,0)" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-opacity="0" stroke-miterlimit="10" stroke-width="2" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1,1)"><g><path fill="url(#emTEOWhvfKgI)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1,1)"><path fill="none" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#emTEOWhvfKgI)" stroke="#333333" d="M 0 0 M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,705,341)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="80" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="5.3125" y="0" width="70" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="5.3125" y="0" width="70" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="5" y="11">C</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="14" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="21" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="31" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="37" y="11">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="47" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="11">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64" y="11">-</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="11">2</text></g></g><g transform="matrix(1,0,0,1,20,148)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="287" height="28" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="287" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="214" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="11">ip</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="9" y="11"> -</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="17" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">route</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">add</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="81" y="11">2001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="107" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="111" y="11">db8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="131" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="134" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="141" y="11">::/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="151" y="11">64</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="167" y="11">dev</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="190" y="11">eth0</text></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="287" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="260" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="25">ip</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="9" y="25"> -</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="17" y="25">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="25">route</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="25">add</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="81" y="25">2001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="107" y="25">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="111" y="25">db8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="131" y="25">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="134" y="25">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="141" y="25">::/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="151" y="25">64</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="167" y="25">via</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="186" y="25">2001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="213" y="25">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="216" y="25">db8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="236" y="25">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="240" y="25">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="246" y="25">::</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="253" y="25">2</text></g></g><g transform="matrix(1,0,0,1,491,409)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="336" height="16" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="336" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="55.462890625" y="0" width="226" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="55" y="11">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="58" y="11">p</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="11">-</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="72" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="82" y="11">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="86" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="93" y="11">u</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="99" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="103" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="113" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="120" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="126" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="136" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="143" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="150" y="11">f</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="153" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="160" y="11">u</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="166" y="11">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="169" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="176" y="11">v</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="182" y="11">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="184" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="194" y="11">f</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="198" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="204" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="211" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="218" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="221" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="224" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="234" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="241" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="248" y="11">v</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="257" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="264" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="267" y="11">h</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="274" y="11">0</text></g></g><g transform="matrix(1,0,0,1,36,410)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="343" height="16" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="343" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="58.837890625" y="0" width="226" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59" y="11">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="62" y="11">p</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="72" y="11">-</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="76" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="86" y="11">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="90" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="96" y="11">u</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="103" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="106" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="116" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="123" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="130" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="140" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="146" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="153" y="11">f</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="156" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="163" y="11">u</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="170" y="11">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="172" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="179" y="11">v</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="185" y="11">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="188" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="198" y="11">f</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="201" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="208" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="214" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="221" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="224" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="228" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="238" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="244" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="251" y="11">v</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="260" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="267" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="270" y="11">h</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="277" y="11">0</text></g></g><g transform="matrix(1,0,0,1,-17.000680271168676,190.75)"><g transform="translate(0,0)"><g transform="translate(-785,-195) translate(802.0006802711687,4.25) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#000000" d="M 863.7500000000001 194.75 M 863.7500000000001 194.75 L 855.750000325228 194.75228115011907 M 855.750000325228 194.75228115011907 M 847.750000650456 194.75456230023815 L 839.7500009756839 194.75684345035722 M 839.7500009756839 194.75684345035722 M 831.7500013009118 194.7591246004763 L 823.7500016261397 194.76140575059537 M 823.7500016261397 194.76140575059537 M 815.7500019513676 194.76368690071445 L 807.7500022765955 194.76596805083352 M 807.7500022765955 194.76596805083352 M 799.7500026018234 194.7682492009526 L 791.7500029270514 194.77053035107167 M 791.7500029270514 194.77053035107167 M 783.7500032522793 194.77281150119074 L 775.7500035775072 194.77509265130982 M 775.7500035775072 194.77509265130982 M 767.7500039027351 194.7773738014289 L 759.750004227963 194.77965495154797 M 759.750004227963 194.77965495154797 M 751.7500045531909 194.78193610166704 L 743.7500048784188 194.78421725178612 M 743.7500048784188 194.78421725178612 M 735.7500052036468 194.7864984019052 L 727.7500055288747 194.78877955202427 M 727.7500055288747 194.78877955202427 M 719.7500058541026 194.79106070214334 L 711.7500061793305 194.79334185226242 M 711.7500061793305 194.79334185226242 M 703.7500065045584 194.7956230023815 L 695.7500068297863 194.79790415250056 M 695.7500068297863 194.79790415250056 M 687.7500071550143 194.80018530261964 L 679.7500074802422 194.8024664527387 M 679.7500074802422 194.8024664527387 M 671.7500078054701 194.8047476028578 L 663.750008130698 194.80702875297686 M 663.750008130698 194.80702875297686 M 655.7500084559259 194.80930990309594 L 647.7500087811538 194.811591053215 M 647.7500087811538 194.811591053215 M 639.7500091063818 194.81387220333409 L 631.7500094316097 194.81615335345316 M 631.7500094316097 194.81615335345316 M 623.7500097568376 194.81843450357223 L 615.7500100820655 194.8207156536913 M 615.7500100820655 194.8207156536913 M 607.7500104072934 194.82299680381038 L 599.7500107325213 194.82527795392943 M 599.7500107325213 194.82527795392943 M 591.7500110577492 194.8275591040485 L 583.7500113829772 194.82984025416755 M 583.7500113829772 194.82984025416755 M 575.7500117082051 194.83212140428662 L 567.750012033433 194.83440255440567 M 567.750012033433 194.83440255440567 M 559.7500123586609 194.83668370452475 L 551.7500126838888 194.8389648546438 M 551.7500126838888 194.8389648546438 M 543.7500130091167 194.84124600476287 L 535.7500133343447 194.8435271548819 M 535.7500133343447 194.8435271548819 M 527.7500136595726 194.845808305001 L 519.7500139848005 194.84808945512003 M 519.7500139848005 194.84808945512003 M 511.75001431002835 194.8503706052391 L 503.7500146352562 194.85265175535815 M 503.7500146352562 194.85265175535815 M 495.75001496048407 194.85493290547723 L 487.7500152857119 194.85721405559627 M 487.7500152857119 194.85721405559627 M 479.7500156109398 194.85949520571535 L 471.75001593616764 194.8617763558344 M 471.75001593616764 194.8617763558344 M 463.7500162613955 194.86405750595347 L 455.75001658662336 194.86633865607251 M 455.75001658662336 194.86633865607251 M 447.7500169118512 194.8686198061916 L 439.7500172370791 194.87090095631063 M 439.7500172370791 194.87090095631063 M 431.75001756230694 194.8731821064297 L 423.7500178875348 194.87546325654876 M 423.7500178875348 194.87546325654876 M 415.75001821276265 194.87774440666783 L 407.7500185379905 194.88002555678688 M 407.7500185379905 194.88002555678688 M 399.7500188632184 194.88230670690595 L 391.75001918844623 194.884587857025 M 391.75001918844623 194.884587857025 M 383.7500195136741 194.88686900714407 L 375.75001983890195 194.88915015726312 M 375.75001983890195 194.88915015726312 M 367.7500201641298 194.8914313073822 L 359.75002048935767 194.89371245750124 M 359.75002048935767 194.89371245750124 M 351.7500208145855 194.8959936076203 L 343.7500211398134 194.89827475773936 M 343.7500211398134 194.89827475773936 M 335.75002146504124 194.90055590785843 L 327.7500217902691 194.90283705797748 M 327.7500217902691 194.90283705797748 M 319.75002211549696 194.90511820809655 L 311.7500224407248 194.9073993582156 M 311.7500224407248 194.9073993582156 M 303.7500227659527 194.90968050833467 L 295.75002309118054 194.91196165845372 M 295.75002309118054 194.91196165845372 M 287.7500234164084 194.9142428085728 L 279.75002374163626 194.91652395869184 M 279.75002374163626 194.91652395869184 M 271.7500240668641 194.91880510881091 L 263.750024392092 194.92108625892996 M 263.750024392092 194.92108625892996 M 255.75002471731983 194.92336740904904 L 247.75002504254772 194.92564855916808 M 247.75002504254772 194.92564855916808 M 239.75002536777558 194.92792970928716 L 231.75002569300347 194.9302108594062 M 231.75002569300347 194.9302108594062 M 223.75002601823135 194.93249200952528 L 215.7500263434592 194.93477315964432 M 215.7500263434592 194.93477315964432 M 207.7500266686871 194.9370543097634 L 199.75002699391496 194.93933545988244 M 199.75002699391496 194.93933545988244 M 191.75002731914284 194.94161661000152 L 183.75002764437073 194.94389776012056 M 183.75002764437073 194.94389776012056 M 175.75002796959862 194.94617891023964 L 167.75002829482648 194.94846006035868 M 167.75002829482648 194.94846006035868 M 159.75002862005437 194.95074121047776 L 151.75002894528222 194.9530223605968 M 151.75002894528222 194.9530223605968 M 143.7500292705101 194.95530351071588 L 135.750029595738 194.95758466083493 M 135.750029595738 194.95758466083493 M 127.75002992096587 194.959865810954 L 119.75003024619375 194.96214696107305 M 119.75003024619375 194.96214696107305 M 111.75003057142162 194.96442811119212 L 103.75003089664949 194.96670926131117 M 103.75003089664949 194.96670926131117 M 95.75003122187736 194.96899041143024 L 87.75003154710524 194.9712715615493 M 87.75003154710524 194.9712715615493 M 79.75003187233311 194.97355271166836 L 71.75003219756098 194.9758338617874 M 71.75003219756098 194.9758338617874 M 63.75003252278886 194.97811501190648 L 55.75003284801673 194.98039616202553 M 55.75003284801673 194.98039616202553 M 47.7500331732446 194.9826773121446 L 39.750033498472476 194.98495846226365 M 39.750033498472476 194.98495846226365 M 31.75003382370035 194.98723961238272 L 23.750034148928222 194.98952076250177 M 23.750034148928222 194.98952076250177 M 15.750034474156095 194.99180191262084 L 7.750034799383968 194.9940830627399 M 7.750034799383968 194.9940830627399 M -0.2499648753881587 194.99636421285896 L -8.249964550160286 194.998645362978 M -8.249964550160286 194.998645362978" stroke-miterlimit="10"/></g></g></g></g><g transform="matrix(1,0,0,1,585,151)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="281" height="28" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="281" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="214" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="11">ip</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="9" y="11"> -</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="17" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">route</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">add</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="81" y="11">2001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="107" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="111" y="11">db8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="131" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="134" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="141" y="11">::/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="151" y="11">64</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="167" y="11">dev</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="190" y="11">eth0</text></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="281" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="260" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="25">ip</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="9" y="25"> -</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="17" y="25">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="25">route</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="25">add</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="81" y="25">2001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="107" y="25">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="111" y="25">db8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="131" y="25">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="134" y="25">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="141" y="25">::/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="151" y="25">64</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="167" y="25">via</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="186" y="25">2001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="213" y="25">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="216" y="25">db8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="236" y="25">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="240" y="25">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="246" y="25">::</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="253" y="25">1</text></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="259.53515625" y="14" width="4" height="14" fill-opacity="0"/></g></g></g><g transform="matrix(1,0,0,1,223,283)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="14.6142578125" y="0" width="118" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="15" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="21" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="25" y="11">h</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="31" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="41" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="48" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="55" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="61" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="71" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="78" y="11">b</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="85" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="91" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="95" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="101" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="105" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="108" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="115" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="118" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="125" y="11">4</text></g></g><g transform="matrix(1,0,0,1,481,284)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="14.6142578125" y="0" width="118" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="15" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="21" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="25" y="11">h</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="31" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="41" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="48" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="55" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="61" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="71" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="78" y="11">b</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="85" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="91" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="95" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="101" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="105" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="108" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="115" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="118" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="125" y="11">4</text></g></g><g transform="matrix(1,0,0,1,672,284)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="14.6142578125" y="0" width="118" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="15" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="21" y="11">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="25" y="11">h</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="31" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="41" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="48" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="55" y="11">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="61" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="71" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="78" y="11">b</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="85" y="11">8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="91" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="95" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="101" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="105" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="108" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="115" y="11">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="118" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="125" y="11">4</text></g></g><g transform="matrix(1,0,0,1,319,437)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="219" height="11" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="219" height="11" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0.70849609375" y="0" width="219" height="11" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="1" y="9">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="6" y="9">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="11" y="9">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="17" y="9">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="20" y="9">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="25" y="9">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="27" y="9">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="33" y="9">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="39" y="9">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="42" y="9">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="47" y="9">'</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="52" y="9">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="54" y="9">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="56" y="9">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="62" y="9">k</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="67" y="9">-</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="70" y="9">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="72" y="9">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="78" y="9">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="83" y="9">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="88" y="9">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="93" y="9">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="99" y="9">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="104" y="9">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="110" y="9">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="113" y="9">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="119" y="9">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="124" y="9">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="129" y="9">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="134" y="9">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="142" y="9">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="148" y="9">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="151" y="9">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="159" y="9">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="165" y="9">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="170" y="9">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="176" y="9">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="182" y="9">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="184" y="9">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="189" y="9">p</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="194" y="9">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="197" y="9">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="202" y="9">y</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="207" y="9">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="10px" font-style="italic" font-weight="normal" text-decoration="" line-height="11px" x="213" y="9">d</text></g></g><g transform="matrix(1,0,0,1,20,206)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="235" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="235" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="233" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="11">ip</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="9" y="11"> -</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="17" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">route</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">add</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="81" y="11">2001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="107" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="111" y="11">db8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="131" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="134" y="11">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="141" y="11">::/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="151" y="11">64</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="167" y="11">dev</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="190" y="11">docker0</text></g></g><g transform="matrix(1,0,0,1,585,204)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="268" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="268" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="233" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="11">ip</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="9" y="11"> -</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="17" y="11">6</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="11">route</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="11">add</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="81" y="11">2001</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="107" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="111" y="11">db8</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="131" y="11">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="134" y="11">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="141" y="11">::/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="151" y="11">64</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="167" y="11">dev</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="190" y="11">docker0</text></g></g><g transform="matrix(1,0,0,1,859.7500000000001,176)"><image width="40" height="275" preserveAspectRatio="none" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACgAAAETCAYAAABENES3AAAC9klEQVR4Xu3a8U3CUBDHcRhAZQNxEhgFJhEmgVFwAzcQN0AdAO/Ma1Iq/PHjdybEfJu8ALWvvXzecVxax6Mb38Y3Ht+IAN0VQhBBV8CdTw4i6Aq488lBBF0Bdz45iKAr4M6vzsFFC2jrBtbNrw5wHyc+xni6xQBTb9MCW8ZriWKlYOo9tgDzfYliVYCrCOh5sKzr+Jz7ra0iwElEkGL3MbrzZR5+xpjGODgRVgR4Tq+LyVZ0A0y9txj5em5LvczFqxXdAOdx8RzdNmvLvOvty/f9z9KKuwEOL5ZflDxnLnvJRoAuI4IIigJ8i0WwX4cjiKAqQKFWxYbHI4igKEChFsH4qSt/XkwOkoOqAD91qhjNAvdmzJyhUJuAPzfSuT/oKCLo6OVcBBFUBWi3VDHaLX7qzJyhUJuA/NS5gAgiKAvQLMhkgwkIIigK0CyIYDzI4UGOmzIIIqgKUKhVseHxCCKoCtBRq2LcwOQGppkzFGoTkNtvLiCCCMoCNAsyGTcw+cceL2loFjw//rHH9UMQQV2AZkE3O52BIIKiAM2CCMbTTp7VuSmDIIKqAIVaFeNpJ/2gmzMIIigKUKhFMDpq+kE3ZRBEUBWgUKtidNT0g27OIIigKEChFsHoqOkH3ZRBEEFVgEKtitFR0w+6OYMggqIAhVoEo6OmH3RTBkEEVQEKtSpGR00/6OYMggiKAhRqEYyOmn7QTRkEEVQFKNSqGB01/aCbMwgiKApQqEUwOmr6QTdlEERQFaBQq2J01PSDbs4giKAoQKEWweio/38/OI9FnvUWOt9nbd319r0MPktp5BbqSVxtH+PhwlU/Yv80xkGKqnewG2CeahUjy8u5bd3+fm18JTmYiu8x7tryZjDHGF8xHh29PFGF4CVFW68ywFR8bWJ53hTN3LO3KsEMZBFj0yJaxuvWjq5wibtY9u1NiV7lEncBpmJuJXp/EWDFqp6cozIHy4NDsIKUJXYVEUTQFXDnk4MIugLufHIQQVfAnU8OuoLfiN8DI5XXmA0AAAAASUVORK5CYII=" transform="translate(0,0)"/></g><g transform="matrix(-1.8369701987210297e-16,-1,1,-1.8369701987210297e-16,864,388)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="19.3046875" y="0" width="108" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="19.3046875" y="0" width="108" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="19" y="11">m</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="29" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="36" y="11">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="43" y="11">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="49" y="11">g</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="56" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="63" y="11">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="73" y="11">b</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="79" y="11">y</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="89" y="11">D</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="97" y="11">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="104" y="11">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="110" y="11">k</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="116" y="11">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="123" y="11">r</text></g></g><g transform="matrix(1,0,0,1,853.5000000000001,428)"><g transform="translate(0,0)"><g transform="translate(-898.7500000000001,-432) translate(45.25,4) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#000000" d="M 884.7683424505416 432 L 857.5000000000001 432" stroke-miterlimit="10"/></g></g></g></g><g transform="matrix(1,0,0,1,856.5000000000001,191)"><g transform="translate(0,0)"><g transform="translate(-901.7500000000001,-195) translate(45.25,4) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#000000" d="M 888.767693574114 195 L 860.5000000000001 195" stroke-miterlimit="10"/></g></g></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/userguide/networking/default_network/index.md b/docs/userguide/networking/default_network/index.md
new file mode 100644
index 00000000..b72d1b49
--- /dev/null
+++ b/docs/userguide/networking/default_network/index.md
@@ -0,0 +1,25 @@
+<!--[metadata]>
++++
+title = "Default bridge network"
+description = "Docker networking"
+keywords = ["network, networking, bridge, docker,  documentation"]
+[menu.main]
+identifier="smn_networking_def"
+parent= "smn_networking"
++++
+<![end-metadata]-->
+
+# Docker default bridge network
+
+With the introduction of the Docker networks feature, you can create your own
+user-defined networks. The Docker default bridge is created when you install
+Docker Engine. It is a `bridge` network and is also named `bridge`. The topics
+in this section are related to interacting with that default bridge network.
+
+- [Understand container communication](container-communication.md)
+- [Legacy container links](dockerlinks.md)
+- [Binding container ports to the host](binding.md)
+- [Build your own bridge](build-bridges.md)
+- [Configure container DNS](configure-dns.md)
+- [Customize the docker0 bridge](custom-docker0.md)  
+- [IPv6 with Docker](ipv6.md)  
diff --git a/docs/userguide/networking/default_network/ipv6.md b/docs/userguide/networking/default_network/ipv6.md
new file mode 100644
index 00000000..ec487190
--- /dev/null
+++ b/docs/userguide/networking/default_network/ipv6.md
@@ -0,0 +1,259 @@
+<!--[metadata]>
++++
+title = "IPv6 with Docker"
+description = "How do we connect docker containers within and across hosts ?"
+keywords = ["docker, network, IPv6"]
+[menu.main]
+parent = "smn_networking_def"
+weight = 3
++++
+<![end-metadata]-->
+
+# IPv6 with Docker
+
+The information in this section explains IPv6 with the Docker default bridge.
+This is a `bridge` network named `bridge` created automatically when you install
+Docker.  
+
+As we are [running out of IPv4
+addresses](http://en.wikipedia.org/wiki/IPv4_address_exhaustion) the IETF has
+standardized an IPv4 successor, [Internet Protocol Version
+6](http://en.wikipedia.org/wiki/IPv6) , in [RFC
+2460](https://www.ietf.org/rfc/rfc2460.txt). Both protocols, IPv4 and IPv6,
+reside on layer 3 of the [OSI model](http://en.wikipedia.org/wiki/OSI_model).
+
+## How IPv6 works on Docker
+
+By default, the Docker server configures the container network for IPv4 only.
+You can enable IPv4/IPv6 dualstack support by running the Docker daemon with the
+`--ipv6` flag. Docker will set up the bridge `docker0` with the IPv6 [link-local
+address](http://en.wikipedia.org/wiki/Link-local_address) `fe80::1`.
+
+By default, containers that are created will only get a link-local IPv6 address.
+To assign globally routable IPv6 addresses to your containers you have to
+specify an IPv6 subnet to pick the addresses from. Set the IPv6 subnet via the
+`--fixed-cidr-v6` parameter when starting Docker daemon:
+
+```
+docker daemon --ipv6 --fixed-cidr-v6="2001:db8:1::/64"
+```
+
+The subnet for Docker containers should at least have a size of `/80`. This way
+an IPv6 address can end with the container's MAC address and you prevent NDP
+neighbor cache invalidation issues in the Docker layer.
+
+With the `--fixed-cidr-v6` parameter set Docker will add a new route to the
+routing table. Further IPv6 routing will be enabled (you may prevent this by
+starting Docker daemon with `--ip-forward=false`):
+
+```
+$ ip -6 route add 2001:db8:1::/64 dev docker0
+$ sysctl net.ipv6.conf.default.forwarding=1
+$ sysctl net.ipv6.conf.all.forwarding=1
+```
+
+All traffic to the subnet `2001:db8:1::/64` will now be routed via the `docker0` interface.
+
+Be aware that IPv6 forwarding may interfere with your existing IPv6
+configuration: If you are using Router Advertisements to get IPv6 settings for
+your host's interfaces you should set `accept_ra` to `2`. Otherwise IPv6 enabled
+forwarding will result in rejecting Router Advertisements. E.g., if you want to
+configure `eth0` via Router Advertisements you should set:
+
+```
+$ sysctl net.ipv6.conf.eth0.accept_ra=2
+```
+
+![](images/ipv6_basic_host_config.svg)
+
+Every new container will get an IPv6 address from the defined subnet. Further a
+default route will be added on `eth0` in the container via the address specified
+by the daemon option `--default-gateway-v6` if present, otherwise via `fe80::1`:
+```
+docker run -it ubuntu bash -c "ip -6 addr show dev eth0; ip -6 route show"
+
+15: eth0: <BROADCAST,UP,LOWER_UP> mtu 1500
+   inet6 2001:db8:1:0:0:242:ac11:3/64 scope global
+      valid_lft forever preferred_lft forever
+   inet6 fe80::42:acff:fe11:3/64 scope link
+      valid_lft forever preferred_lft forever
+
+2001:db8:1::/64 dev eth0  proto kernel  metric 256
+fe80::/64 dev eth0  proto kernel  metric 256
+default via fe80::1 dev eth0  metric 1024
+```
+
+In this example the Docker container is assigned a link-local address with the
+network suffix `/64` (here: `fe80::42:acff:fe11:3/64`) and a globally routable
+IPv6 address (here: `2001:db8:1:0:0:242:ac11:3/64`). The container will create
+connections to addresses outside of the `2001:db8:1::/64` network via the
+link-local gateway at `fe80::1` on `eth0`.
+
+Often servers or virtual machines get a `/64` IPv6 subnet assigned (e.g.
+`2001:db8:23:42::/64`). In this case you can split it up further and provide
+Docker a `/80` subnet while using a separate `/80` subnet for other applications
+on the host:
+
+![](images/ipv6_slash64_subnet_config.svg)
+
+In this setup the subnet `2001:db8:23:42::/80` with a range from
+`2001:db8:23:42:0:0:0:0` to `2001:db8:23:42:0:ffff:ffff:ffff` is attached to
+`eth0`, with the host listening at `2001:db8:23:42::1`. The subnet
+`2001:db8:23:42:1::/80` with an address range from `2001:db8:23:42:1:0:0:0` to
+`2001:db8:23:42:1:ffff:ffff:ffff` is attached to `docker0` and will be used by
+containers.
+
+### Using NDP proxying
+
+If your Docker host is only part of an IPv6 subnet but has not got an IPv6
+subnet assigned you can use NDP proxying to connect your containers via IPv6 to
+the internet. For example your host has the IPv6 address `2001:db8::c001`, is
+part of the subnet `2001:db8::/64` and your IaaS provider allows you to
+configure the IPv6 addresses `2001:db8::c000` to `2001:db8::c00f`:
+
+```
+$ ip -6 addr show
+1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536
+    inet6 ::1/128 scope host
+       valid_lft forever preferred_lft forever
+2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
+    inet6 2001:db8::c001/64 scope global
+       valid_lft forever preferred_lft forever
+    inet6 fe80::601:3fff:fea1:9c01/64 scope link
+       valid_lft forever preferred_lft forever
+```
+
+Let's split up the configurable address range into two subnets
+`2001:db8::c000/125` and `2001:db8::c008/125`. The first one can be used by the
+host itself, the latter by Docker:
+
+```
+docker daemon --ipv6 --fixed-cidr-v6 2001:db8::c008/125
+```
+
+You notice the Docker subnet is within the subnet managed by your router that is
+connected to `eth0`. This means all devices (containers) with the addresses from
+the Docker subnet are expected to be found within the router subnet. Therefore
+the router thinks it can talk to these containers directly.
+
+![](images/ipv6_ndp_proxying.svg)
+
+As soon as the router wants to send an IPv6 packet to the first container it
+will transmit a neighbor solicitation request, asking, who has `2001:db8::c009`?
+But it will get no answer because no one on this subnet has this address. The
+container with this address is hidden behind the Docker host. The Docker host
+has to listen to neighbor solicitation requests for the container address and
+send a response that itself is the device that is responsible for the address.
+This is done by a Kernel feature called `NDP Proxy`. You can enable it by
+executing
+
+```
+$ sysctl net.ipv6.conf.eth0.proxy_ndp=1
+```
+
+Now you can add the container's IPv6 address to the NDP proxy table:
+
+```
+$ ip -6 neigh add proxy 2001:db8::c009 dev eth0
+```
+
+This command tells the Kernel to answer to incoming neighbor solicitation
+requests regarding the IPv6 address `2001:db8::c009` on the device `eth0`. As a
+consequence of this all traffic to this IPv6 address will go into the Docker
+host and it will forward it according to its routing table via the `docker0`
+device to the container network:
+
+```
+$ ip -6 route show
+2001:db8::c008/125 dev docker0  metric 1
+2001:db8::/64 dev eth0  proto kernel  metric 256
+```
+
+You have to execute the `ip -6 neigh add proxy ...` command for every IPv6
+address in your Docker subnet. Unfortunately there is no functionality for
+adding a whole subnet by executing one command. An alternative approach would be
+to use an NDP proxy daemon such as
+[ndppd](https://github.com/DanielAdolfsson/ndppd).
+
+## Docker IPv6 cluster
+
+### Switched network environment
+Using routable IPv6 addresses allows you to realize communication between
+containers on different hosts. Let's have a look at a simple Docker IPv6 cluster
+example:
+
+![](images/ipv6_switched_network_example.svg)
+
+The Docker hosts are in the `2001:db8:0::/64` subnet. Host1 is configured to
+provide addresses from the `2001:db8:1::/64` subnet to its containers. It has
+three routes configured:
+
+- Route all traffic to `2001:db8:0::/64` via `eth0`
+- Route all traffic to `2001:db8:1::/64` via `docker0`
+- Route all traffic to `2001:db8:2::/64` via Host2 with IP `2001:db8::2`
+
+Host1 also acts as a router on OSI layer 3. When one of the network clients
+tries to contact a target that is specified in Host1's routing table Host1 will
+forward the traffic accordingly. It acts as a router for all networks it knows:
+`2001:db8::/64`, `2001:db8:1::/64` and `2001:db8:2::/64`.
+
+On Host2 we have nearly the same configuration. Host2's containers will get IPv6
+addresses from `2001:db8:2::/64`. Host2 has three routes configured:
+
+- Route all traffic to `2001:db8:0::/64` via `eth0`
+- Route all traffic to `2001:db8:2::/64` via `docker0`
+- Route all traffic to `2001:db8:1::/64` via Host1 with IP `2001:db8:0::1`
+
+The difference to Host1 is that the network `2001:db8:2::/64` is directly
+attached to the host via its `docker0` interface whereas it reaches
+`2001:db8:1::/64` via Host1's IPv6 address `2001:db8::1`.
+
+This way every container is able to contact every other container. The
+containers `Container1-*` share the same subnet and contact each other directly.
+The traffic between `Container1-*` and `Container2-*` will be routed via Host1
+and Host2 because those containers do not share the same subnet.
+
+In a switched environment every host has to know all routes to every subnet.
+You always have to update the hosts' routing tables once you add or remove a
+host to the cluster.
+
+Every configuration in the diagram that is shown below the dashed line is
+handled by Docker: The `docker0` bridge IP address configuration, the route to
+the Docker subnet on the host, the container IP addresses and the routes on the
+containers. The configuration above the line is up to the user and can be
+adapted to the individual environment.
+
+### Routed network environment
+In a routed network environment you replace the layer 2 switch with a layer 3
+router. Now the hosts just have to know their default gateway (the router) and
+the route to their own containers (managed by Docker). The router holds all
+routing information about the Docker subnets. When you add or remove a host to
+this environment you just have to update the routing table in the router - not
+on every host.
+
+![](images/ipv6_routed_network_example.svg)
+
+In this scenario containers of the same host can communicate directly with each
+other. The traffic between containers on different hosts will be routed via
+their hosts and the router. For example packet from `Container1-1` to
+`Container2-1` will be routed through `Host1`, `Router` and `Host2` until it
+arrives at `Container2-1`.
+
+To keep the IPv6 addresses short in this example a `/48` network is assigned to
+every host. The hosts use a `/64` subnet of this for its own services and one
+for Docker. When adding a third host you would add a route for the subnet
+`2001:db8:3::/48` in the router and configure Docker on Host3 with
+`--fixed-cidr-v6=2001:db8:3:1::/64`.
+
+Remember the subnet for Docker containers should at least have a size of `/80`.
+This way an IPv6 address can end with the container's MAC address and you
+prevent NDP neighbor cache invalidation issues in the Docker layer. So if you
+have a `/64` for your whole environment use `/78` subnets for the hosts and
+`/80` for the containers. This way you can use 4096 hosts with 16 `/80` subnets
+each.
+
+Every configuration in the diagram that is visualized below the dashed line is
+handled by Docker: The `docker0` bridge IP address configuration, the route to
+the Docker subnet on the host, the container IP addresses and the routes on the
+containers. The configuration above the line is up to the user and can be
+adapted to the individual environment.
diff --git a/docs/userguide/networking/dockernetworks.md b/docs/userguide/networking/dockernetworks.md
new file mode 100644
index 00000000..1848e7a7
--- /dev/null
+++ b/docs/userguide/networking/dockernetworks.md
@@ -0,0 +1,523 @@
+<!--[metadata]>
++++
+title = "Docker container networking"
+description = "How do we connect docker containers within and across hosts ?"
+keywords = ["Examples, Usage, network, docker, documentation, user guide, multihost, cluster"]
+[menu.main]
+parent = "smn_networking"
+weight = -5
++++
+<![end-metadata]-->
+
+# Understand Docker container networks
+
+To build web applications that act in concert but do so securely, use the Docker
+networks feature. Networks, by definition, provide complete isolation for
+containers. So, it is important to have control over the networks your
+applications run on. Docker container networks give you that control.
+
+This section provides an overview of the default networking behavior that Docker
+Engine delivers natively. It describes the type of networks created by default
+and how to create your own, user--defined networks. It also describes the
+resources required to create networks on a single host or across a cluster of
+hosts.
+
+## Default Networks
+
+When you install Docker, it creates three networks automatically. You can list
+these networks using the `docker network ls` command:
+
+```
+$ docker network ls
+NETWORK ID          NAME                DRIVER
+7fca4eb8c647        bridge              bridge
+9f904ee27bf5        none                null
+cf03ee007fb4        host                host
+```
+
+Historically, these three networks are  part of Docker's implementation. When
+you run a container you can use the `--net` flag to specify which network you
+want to run a container on. These three networks are still available to you.
+
+The `bridge` network represents the `docker0` network present in all Docker
+installations. Unless you specify otherwise with the `docker run
+--net=<NETWORK>` option, the Docker daemon connects containers to this network
+by default. You can see this bridge as part of a host's network stack by using
+the `ifconfig` command on the host.
+
+```
+$ ifconfig
+docker0   Link encap:Ethernet  HWaddr 02:42:47:bc:3a:eb  
+          inet addr:172.17.0.1  Bcast:0.0.0.0  Mask:255.255.0.0
+          inet6 addr: fe80::42:47ff:febc:3aeb/64 Scope:Link
+          UP BROADCAST RUNNING MULTICAST  MTU:9001  Metric:1
+          RX packets:17 errors:0 dropped:0 overruns:0 frame:0
+          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
+          collisions:0 txqueuelen:0
+          RX bytes:1100 (1.1 KB)  TX bytes:648 (648.0 B)
+```
+
+The `none` network adds a container to a container-specific network stack. That container lacks a network interface. Attaching to such a container and looking at it's stack you see this:
+
+```
+$ docker attach nonenetcontainer
+
+root@0cb243cd1293:/# cat /etc/hosts
+127.0.0.1	localhost
+::1	localhost ip6-localhost ip6-loopback
+fe00::0	ip6-localnet
+ff00::0	ip6-mcastprefix
+ff02::1	ip6-allnodes
+ff02::2	ip6-allrouters
+root@0cb243cd1293:/# ifconfig
+lo        Link encap:Local Loopback  
+          inet addr:127.0.0.1  Mask:255.0.0.0
+          inet6 addr: ::1/128 Scope:Host
+          UP LOOPBACK RUNNING  MTU:65536  Metric:1
+          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
+          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
+          collisions:0 txqueuelen:0
+          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
+
+root@0cb243cd1293:/#
+```
+>**Note**: You can detach from the container and leave it running with `CTRL-p CTRL-q`.
+
+The `host` network adds a container on the hosts network stack. You'll find the
+network configuration inside the container is identical to the host.
+
+With the exception of the `bridge` network, you really don't need to
+interact with these default networks. While you can list and inspect them, you
+cannot remove them. They are required by your Docker installation. However, you
+can add your own user-defined networks and these you can remove when you no
+longer need them. Before you learn more about creating your own networks, it is
+worth looking at the default `bridge` network a bit.
+
+
+### The default bridge network in detail
+The default `bridge` network is present on all Docker hosts. The `docker network inspect` 
+command returns information about a network:
+
+```
+$ docker network inspect bridge
+[
+   {
+       "Name": "bridge",
+       "Id": "f7ab26d71dbd6f557852c7156ae0574bbf62c42f539b50c8ebde0f728a253b6f",
+       "Scope": "local",
+       "Driver": "bridge",
+       "IPAM": {
+           "Driver": "default",
+           "Config": [
+               {
+                   "Subnet": "172.17.0.1/16",
+                   "Gateway": "172.17.0.1"
+               }
+           ]
+       },
+       "Containers": {},
+       "Options": {
+           "com.docker.network.bridge.default_bridge": "true",
+           "com.docker.network.bridge.enable_icc": "true",
+           "com.docker.network.bridge.enable_ip_masquerade": "true",
+           "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
+           "com.docker.network.bridge.name": "docker0",
+           "com.docker.network.driver.mtu": "9001"
+       }
+   }
+]
+```
+The Engine automatically creates a `Subnet` and `Gateway` to the network.
+The `docker run` command automatically adds new containers to this network.
+
+```
+$ docker run -itd --name=container1 busybox
+3386a527aa08b37ea9232cbcace2d2458d49f44bb05a6b775fba7ddd40d8f92c
+
+$ docker run -itd --name=container2 busybox
+94447ca479852d29aeddca75c28f7104df3c3196d7b6d83061879e339946805c
+```
+
+Inspecting the `bridge` network again after starting two containers shows both newly launched containers in the network. Their ids show up in the container
+
+```
+$ docker network inspect bridge
+{[
+    {
+        "Name": "bridge",
+        "Id": "f7ab26d71dbd6f557852c7156ae0574bbf62c42f539b50c8ebde0f728a253b6f",
+        "Scope": "local",
+        "Driver": "bridge",
+        "IPAM": {
+            "Driver": "default",
+            "Config": [
+                {
+                    "Subnet": "172.17.0.1/16",
+                    "Gateway": "172.17.0.1"
+                }
+            ]
+        },
+        "Containers": {
+            "3386a527aa08b37ea9232cbcace2d2458d49f44bb05a6b775fba7ddd40d8f92c": {
+                "EndpointID": "647c12443e91faf0fd508b6edfe59c30b642abb60dfab890b4bdccee38750bc1",
+                "MacAddress": "02:42:ac:11:00:02",
+                "IPv4Address": "172.17.0.2/16",
+                "IPv6Address": ""
+            },
+            "94447ca479852d29aeddca75c28f7104df3c3196d7b6d83061879e339946805c": {
+                "EndpointID": "b047d090f446ac49747d3c37d63e4307be745876db7f0ceef7b311cbba615f48",
+                "MacAddress": "02:42:ac:11:00:03",
+                "IPv4Address": "172.17.0.3/16",
+                "IPv6Address": ""
+            }
+        },
+        "Options": {
+            "com.docker.network.bridge.default_bridge": "true",
+            "com.docker.network.bridge.enable_icc": "true",
+            "com.docker.network.bridge.enable_ip_masquerade": "true",
+            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
+            "com.docker.network.bridge.name": "docker0",
+            "com.docker.network.driver.mtu": "9001"
+        }
+    }
+]
+```
+
+The `docker network inspect` command above shows all the connected containers and their network resources on a given network. Containers in this default network are able to communicate with each other using IP addresses. Docker does not support automatic service discovery on the default bridge network. If you want to communicate with container names in this default bridge network, you must connect the containers via the legacy `docker run --link` option.
+
+You can `attach` to a running `container` and investigate its configuration:
+
+```
+$ docker attach container1
+
+root@0cb243cd1293:/# ifconfig
+ifconfig
+eth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:02  
+          inet addr:172.17.0.2  Bcast:0.0.0.0  Mask:255.255.0.0
+          inet6 addr: fe80::42:acff:fe11:2/64 Scope:Link
+          UP BROADCAST RUNNING MULTICAST  MTU:9001  Metric:1
+          RX packets:16 errors:0 dropped:0 overruns:0 frame:0
+          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
+          collisions:0 txqueuelen:0
+          RX bytes:1296 (1.2 KiB)  TX bytes:648 (648.0 B)
+
+lo        Link encap:Local Loopback  
+          inet addr:127.0.0.1  Mask:255.0.0.0
+          inet6 addr: ::1/128 Scope:Host
+          UP LOOPBACK RUNNING  MTU:65536  Metric:1
+          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
+          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
+          collisions:0 txqueuelen:0
+          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
+```
+
+Then use `ping` for about 3 seconds to test the connectivity of the containers on this `bridge` network.
+
+```
+root@0cb243cd1293:/# ping -w3 172.17.0.3
+PING 172.17.0.3 (172.17.0.3): 56 data bytes
+64 bytes from 172.17.0.3: seq=0 ttl=64 time=0.096 ms
+64 bytes from 172.17.0.3: seq=1 ttl=64 time=0.080 ms
+64 bytes from 172.17.0.3: seq=2 ttl=64 time=0.074 ms
+
+--- 172.17.0.3 ping statistics ---
+3 packets transmitted, 3 packets received, 0% packet loss
+round-trip min/avg/max = 0.074/0.083/0.096 ms
+```
+
+Finally, use the `cat` command to check the `container1` network configuration:
+
+```
+root@0cb243cd1293:/# cat /etc/hosts
+172.17.0.2	3386a527aa08
+127.0.0.1	localhost
+::1	localhost ip6-localhost ip6-loopback
+fe00::0	ip6-localnet
+ff00::0	ip6-mcastprefix
+ff02::1	ip6-allnodes
+ff02::2	ip6-allrouters
+```
+To detach from a `container1` and leave it running use `CTRL-p CTRL-q`.Then, attach to `container2` and repeat these three commands.
+
+```
+$ docker attach container2
+
+root@0cb243cd1293:/# ifconfig
+eth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:03  
+          inet addr:172.17.0.3  Bcast:0.0.0.0  Mask:255.255.0.0
+          inet6 addr: fe80::42:acff:fe11:3/64 Scope:Link
+          UP BROADCAST RUNNING MULTICAST  MTU:9001  Metric:1
+          RX packets:15 errors:0 dropped:0 overruns:0 frame:0
+          TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
+          collisions:0 txqueuelen:0
+          RX bytes:1166 (1.1 KiB)  TX bytes:1026 (1.0 KiB)
+
+lo        Link encap:Local Loopback  
+          inet addr:127.0.0.1  Mask:255.0.0.0
+          inet6 addr: ::1/128 Scope:Host
+          UP LOOPBACK RUNNING  MTU:65536  Metric:1
+          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
+          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
+          collisions:0 txqueuelen:0
+          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
+
+root@0cb243cd1293:/# ping -w3 172.17.0.2
+PING 172.17.0.2 (172.17.0.2): 56 data bytes
+64 bytes from 172.17.0.2: seq=0 ttl=64 time=0.067 ms
+64 bytes from 172.17.0.2: seq=1 ttl=64 time=0.075 ms
+64 bytes from 172.17.0.2: seq=2 ttl=64 time=0.072 ms
+
+--- 172.17.0.2 ping statistics ---
+3 packets transmitted, 3 packets received, 0% packet loss
+round-trip min/avg/max = 0.067/0.071/0.075 ms
+/ # cat /etc/hosts
+172.17.0.3	94447ca47985
+127.0.0.1	localhost
+::1	localhost ip6-localhost ip6-loopback
+fe00::0	ip6-localnet
+ff00::0	ip6-mcastprefix
+ff02::1	ip6-allnodes
+ff02::2	ip6-allrouters
+```
+
+The default `docker0` bridge network supports the use of port mapping and `docker run --link` to allow communications between containers in the `docker0` network. These techniques are cumbersome to set up and prone to error. While they are still available to you as techniques, it is better to avoid them and define your own bridge networks instead.
+
+## User-defined networks
+
+You can create your own user-defined networks that better isolate containers.
+Docker provides some default **network drivers** for creating these
+networks. You can create a new **bridge network** or **overlay network**. You
+can also create a **network plugin** or **remote network**  written to your own
+specifications.
+
+You can create multiple networks. You can add containers to more than one
+network. Containers can only communicate within networks but not across
+networks. A container attached to two networks can communicate with member
+containers in either network.
+
+The next few sections describe each of Docker's built-in network drivers in
+greater detail.
+
+### A bridge network
+
+The easiest user-defined network to create is a `bridge` network. This network
+is similar to the historical, default `docker0` network. There are some added
+features and some old features that aren't available.
+
+```
+$ docker network create --driver bridge isolated_nw
+1196a4c5af43a21ae38ef34515b6af19236a3fc48122cf585e3f3054d509679b
+
+$ docker network inspect isolated_nw
+[
+    {
+        "Name": "isolated_nw",
+        "Id": "1196a4c5af43a21ae38ef34515b6af19236a3fc48122cf585e3f3054d509679b",
+        "Scope": "local",
+        "Driver": "bridge",
+        "IPAM": {
+            "Driver": "default",
+            "Config": [
+                {
+                    "Subnet": "172.21.0.0/16",
+                    "Gateway": "172.21.0.1/16"
+                }
+            ]
+        },
+        "Containers": {},
+        "Options": {}
+    }
+]
+
+$ docker network ls
+NETWORK ID          NAME                DRIVER
+9f904ee27bf5        none                null
+cf03ee007fb4        host                host
+7fca4eb8c647        bridge              bridge
+c5ee82f76de3        isolated_nw         bridge
+
+```
+
+After you create the network, you can launch containers on it using  the `docker run --net=<NETWORK>` option.
+
+```
+$ docker run --net=isolated_nw -itd --name=container3 busybox
+8c1a0a5be480921d669a073393ade66a3fc49933f08bcc5515b37b8144f6d47c
+
+$ docker network inspect isolated_nw
+[
+    {
+        "Name": "isolated_nw",
+        "Id": "1196a4c5af43a21ae38ef34515b6af19236a3fc48122cf585e3f3054d509679b",
+        "Scope": "local",
+        "Driver": "bridge",
+        "IPAM": {
+            "Driver": "default",
+            "Config": [
+                {}
+            ]
+        },
+        "Containers": {
+            "8c1a0a5be480921d669a073393ade66a3fc49933f08bcc5515b37b8144f6d47c": {
+                "EndpointID": "93b2db4a9b9a997beb912d28bcfc117f7b0eb924ff91d48cfa251d473e6a9b08",
+                "MacAddress": "02:42:ac:15:00:02",
+                "IPv4Address": "172.21.0.2/16",
+                "IPv6Address": ""
+            }
+        },
+        "Options": {}
+    }
+]
+```
+
+The containers you launch into this network must reside on the same Docker host.
+Each container in the network can immediately communicate with other containers
+in the network. Though, the network itself isolates the containers from external
+networks.
+
+![An isolated network](images/bridge_network.png)
+
+Within a user-defined bridge network, linking is not supported. You can
+expose and publish container ports on containers in this network. This is useful
+if you want to make a portion of the `bridge` network available to an outside
+network.
+
+![Bridge network](images/network_access.png)
+
+A bridge network is useful in cases where you want to run a relatively small
+network on a single host. You can, however, create significantly larger networks
+by creating an `overlay` network.
+
+
+### An overlay network
+
+Docker's `overlay` network driver supports multi-host networking natively
+out-of-the-box. This support is accomplished with the help of `libnetwork`, a
+built-in VXLAN-based overlay network driver, and Docker's `libkv` library.
+
+The `overlay` network requires a valid key-value store service. Currently,
+Docker's `libkv` supports Consul, Etcd, and ZooKeeper (Distributed store). Before
+creating a network you must install and configure your chosen key-value store
+service. The Docker hosts that you intend to network and the service must be
+able to communicate.
+
+![Key-value store](images/key_value.png)
+
+Each host in the network must run a Docker Engine instance. The easiest way to
+provision the hosts are with Docker Machine.
+
+![Engine on each host](images/engine_on_net.png)
+
+You should open the following ports between each of your hosts.
+
+| Protocol | Port | Description           |
+|----------|------|-----------------------|
+| udp      | 4789 | Data plane (VXLAN)    |
+| tcp/udp  | 7946 | Control plane         |
+
+Your key-value store service may require additional ports.
+Check your vendor's documentation and open any required ports.
+
+Once you have several machines provisioned, you can use Docker Swarm to quickly
+form them into a swarm which includes a discovery service as well.
+
+To create an overlay network, you configure options on  the `daemon` on each
+Docker Engine for use with `overlay` network. There are three options to set:
+
+<table>
+    <thead>
+    <tr>
+        <th>Option</th>
+        <th>Description</th>
+    </tr>
+    </thead>
+    <tbody>
+    <tr>
+        <td><pre>--cluster-store=PROVIDER://URL</pre></td>
+        <td>Describes the location of the KV service.</td>
+    </tr>
+    <tr>
+        <td><pre>--cluster-advertise=HOST_IP|HOST_IFACE:PORT</pre></td>
+        <td>The IP address or interface of the HOST used for clustering.</td>
+    </tr>
+    <tr>
+        <td><pre>--cluster-store-opt=KEY-VALUE OPTIONS</pre></td>
+        <td>Options such as TLS certificate or tuning discovery Timers</td>
+    </tr>
+    </tbody>
+</table>
+
+Create an `overlay` network on one of the machines in the Swarm.
+
+    $ docker network create --driver overlay my-multi-host-network
+
+This results in a single network spanning multiple hosts. An `overlay` network
+provides complete isolation for the containers.
+
+![An overlay network](images/overlay_network.png)
+
+Then, on each host, launch containers making sure to specify the network name.
+
+    $ docker run -itd --net=my-multi-host-network busybox
+
+Once connected, each container has access to all the containers in the network
+regardless of which Docker host the container was launched on.
+
+![Published port](images/overlay-network-final.png)
+
+If you would like to try this for yourself, see the [Getting started for
+overlay](get-started-overlay.md).
+
+### Custom network plugin
+
+If you like, you can write your own network driver plugin. A network
+driver plugin makes use of Docker's plugin infrastructure. In this
+infrastructure, a plugin is a process running on the same Docker host as the
+Docker `daemon`.
+
+Network plugins follow the same restrictions and installation rules as other
+plugins. All plugins make use of the plugin API. They have a lifecycle that
+encompasses installation, starting, stopping and activation.
+
+Once you have created and installed a custom network driver, you use it like the
+built-in network drivers. For example:
+
+    $ docker network create --driver weave mynet
+
+You can inspect it, add containers to and from it, and so forth. Of course,
+different plugins may make use of different technologies or frameworks. Custom
+networks can include features not present in Docker's default networks. For more
+information on writing plugins, see [Extending Docker](../../extend/index.md) and
+[Writing a network driver plugin](../../extend/plugins_network.md).
+
+### Docker embedded DNS server
+
+Docker daemon runs an embedded DNS server to provide automatic service discovery
+for containers connected to user defined networks. Name resolution requests from
+the containers are handled first by the embedded DNS server. If the embedded DNS
+server is unable to resolve the request it will be forwarded to any external DNS
+servers configured for the container. To facilitate this when the container is
+created, only the embedded DNS server reachable at `127.0.0.11` will be listed
+in the container's `resolv.conf` file. More information on embedded DNS server on
+user-defined networks can be found in the [embedded DNS server in user-defined networks]
+(configure-dns.md)
+
+## Links
+
+Before the Docker network feature, you could use the Docker link feature to
+allow containers to discover each other.  With the introduction of Docker networks,
+containers can be discovered by its name automatically. But you can still create
+links but they behave differently when used in the default `docker0` bridge network
+compared to user-defined networks. For more information, please refer to
+[Legacy Links](default_network/dockerlinks.md) for link feature in default `bridge` network
+and the [linking containers in user-defined networks](work-with-networks.md#linking-containers-in-user-defined-networks) for links
+functionality in user-defined networks.
+
+## Related information
+
+- [Work with network commands](work-with-networks.md)
+- [Get started with multi-host networking](get-started-overlay.md)
+- [Managing Data in Containers](../containers/dockervolumes.md)
+- [Docker Machine overview](https://docs.docker.com/machine)
+- [Docker Swarm overview](https://docs.docker.com/swarm)
+- [Investigate the LibNetwork project](https://github.com/docker/libnetwork)
diff --git a/docs/userguide/networking/get-started-overlay.md b/docs/userguide/networking/get-started-overlay.md
new file mode 100644
index 00000000..89d5b2ca
--- /dev/null
+++ b/docs/userguide/networking/get-started-overlay.md
@@ -0,0 +1,326 @@
+<!--[metadata]>
++++
+title = "Get started with multi-host networking"
+description = "Use overlay for multi-host networking"
+keywords = ["Examples, Usage, network, docker, documentation, user guide, multihost, cluster"]
+[menu.main]
+parent = "smn_networking"
+weight=-3
++++
+<![end-metadata]-->
+
+# Get started with multi-host networking
+
+This article uses an example to explain the basics of creating a multi-host
+network. Docker Engine supports multi-host networking out-of-the-box through the
+`overlay` network driver.  Unlike `bridge` networks, overlay networks require
+some pre-existing conditions before you can create one. These conditions are:
+
+* Access to a key-value store. Docker supports Consul, Etcd, and ZooKeeper (Distributed store) key-value stores.
+* A cluster of hosts with connectivity to the key-value store.
+* A properly configured Engine `daemon` on each host in the cluster.
+* Hosts within the cluster must have unique hostnames because the key-value store uses the hostnames to identify cluster members.
+
+Though Docker Machine and Docker Swarm are not mandatory to experience Docker
+multi-host networking, this example uses them to illustrate how they are
+integrated. You'll use Machine to create both the key-value store
+server and the host cluster. This example creates a Swarm cluster.
+
+## Prerequisites
+
+Before you begin, make sure you have a system on your network with the latest
+version of Docker Engine and Docker Machine installed. The example also relies
+on VirtualBox. If you installed on a Mac or Windows with Docker Toolbox, you
+have all of these installed already.
+
+If you have not already done so, make sure you upgrade Docker Engine and Docker
+Machine to the latest versions.
+
+
+## Step 1: Set up a key-value store
+
+An overlay network requires a key-value store. The key-value store holds
+information about the network state which includes discovery, networks,
+endpoints, IP addresses, and more. Docker supports Consul, Etcd, and ZooKeeper
+key-value stores. This example uses Consul.
+
+1. Log into a system prepared with the prerequisite Docker Engine, Docker Machine, and VirtualBox software.
+
+2. Provision a VirtualBox machine called `mh-keystore`.
+
+		$ docker-machine create -d virtualbox mh-keystore
+
+	When you provision a new machine, the process adds Docker Engine to the
+	host. This means rather than installing Consul manually, you can create an
+	instance using the [consul image from Docker
+	Hub](https://hub.docker.com/r/progrium/consul/). You'll do this in the next step.
+
+3. Set your local environment to the `mh-keystore` machine.
+
+		$  eval "$(docker-machine env mh-keystore)"
+
+4. Start a `progrium/consul` container running on the `mh-keystore` machine.
+
+		$  docker run -d \
+			-p "8500:8500" \
+			-h "consul" \
+			progrium/consul -server -bootstrap
+
+	The client starts a `progrium/consul` image running in the
+	`mh-keystore` machine. The server is called `consul` and is
+	listening on port `8500`.
+
+5. Run the `docker ps` command to see the `consul` container.
+
+		$ docker ps
+		CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                                                                            NAMES
+		4d51392253b3        progrium/consul     "/bin/start -server -"   25 minutes ago      Up 25 minutes       53/tcp, 53/udp, 8300-8302/tcp, 0.0.0.0:8500->8500/tcp, 8400/tcp, 8301-8302/udp   admiring_panini
+
+Keep your terminal open and move onto the next step.
+
+
+## Step 2: Create a Swarm cluster
+
+In this step, you use `docker-machine` to provision the hosts for your network.
+At this point, you won't actually create the network. You'll create several
+machines in VirtualBox. One of the machines will act as the Swarm master;
+you'll create that first. As you create each host, you'll pass the Engine on
+that machine options that are needed by the `overlay` network driver.
+
+1. Create a Swarm master.
+
+		$ docker-machine create \
+		-d virtualbox \
+		--swarm --swarm-master \
+		--swarm-discovery="consul://$(docker-machine ip mh-keystore):8500" \
+		--engine-opt="cluster-store=consul://$(docker-machine ip mh-keystore):8500" \
+		--engine-opt="cluster-advertise=eth1:2376" \
+		mhs-demo0
+
+	At creation time, you supply the Engine `daemon` with the ` --cluster-store` option. This option tells the Engine the location of the key-value store for the `overlay` network. The bash expansion `$(docker-machine ip mh-keystore)` resolves to the IP address of the Consul server you created in "STEP 1". The `--cluster-advertise` option advertises the machine on the network.
+
+2. Create another host and add it to the Swarm cluster.
+
+		$ docker-machine create -d virtualbox \
+			--swarm \
+			--swarm-discovery="consul://$(docker-machine ip mh-keystore):8500" \
+			--engine-opt="cluster-store=consul://$(docker-machine ip mh-keystore):8500" \
+			--engine-opt="cluster-advertise=eth1:2376" \
+		  mhs-demo1
+
+3. List your machines to confirm they are all up and running.
+
+		$ docker-machine ls
+		NAME         ACTIVE   DRIVER       STATE     URL                         SWARM
+		default      -        virtualbox   Running   tcp://192.168.99.100:2376
+		mh-keystore  *        virtualbox   Running   tcp://192.168.99.103:2376
+		mhs-demo0    -        virtualbox   Running   tcp://192.168.99.104:2376   mhs-demo0 (master)
+		mhs-demo1    -        virtualbox   Running   tcp://192.168.99.105:2376   mhs-demo0
+
+At this point you have a set of hosts running on your network. You are ready to create a multi-host network for containers using these hosts.
+
+Leave your terminal open and go onto the next step.
+
+## Step 3: Create the overlay Network
+
+To create an overlay network
+
+1. Set your docker environment to the Swarm master.
+
+		$ eval $(docker-machine env --swarm mhs-demo0)
+
+	Using the `--swarm` flag with `docker-machine` restricts the `docker` commands to Swarm information alone.
+
+2. Use the `docker info` command to view the Swarm.
+
+		$ docker info
+		Containers: 3
+		Images: 2
+		Role: primary
+		Strategy: spread
+		Filters: affinity, health, constraint, port, dependency
+		Nodes: 2
+		mhs-demo0: 192.168.99.104:2376
+		└ Containers: 2
+		└ Reserved CPUs: 0 / 1
+		└ Reserved Memory: 0 B / 1.021 GiB
+		└ Labels: executiondriver=native-0.2, kernelversion=4.1.10-boot2docker, operatingsystem=Boot2Docker 1.9.0-rc1 (TCL 6.4); master : 4187d2c - Wed Oct 14 14:00:28 UTC 2015, provider=virtualbox, storagedriver=aufs
+		mhs-demo1: 192.168.99.105:2376
+		└ Containers: 1
+		└ Reserved CPUs: 0 / 1
+		└ Reserved Memory: 0 B / 1.021 GiB
+		└ Labels: executiondriver=native-0.2, kernelversion=4.1.10-boot2docker, operatingsystem=Boot2Docker 1.9.0-rc1 (TCL 6.4); master : 4187d2c - Wed Oct 14 14:00:28 UTC 2015, provider=virtualbox, storagedriver=aufs
+		CPUs: 2
+		Total Memory: 2.043 GiB
+		Name: 30438ece0915
+
+	From this information, you can see that you are running three containers and two images on the Master.
+
+3. Create your `overlay` network.
+
+		$ docker network create --driver overlay --subnet=10.0.9.0/24 my-net
+
+	You only need to create the network on a single host in the cluster. In this case, you used the Swarm master but you could easily have run it on any host in the cluster.
+
+> **Note** : It is highly recommended to use the `--subnet` option when creating
+> a network. If the `--subnet` is not specified, the docker daemon automatically
+> chooses and assigns a subnet for the network and it could overlap with another subnet
+> in your infrastructure that is not managed by docker. Such overlaps can cause
+> connectivity issues or failures when containers are connected to that network.
+
+4. Check that the network is running:
+
+		$ docker network ls
+		NETWORK ID          NAME                DRIVER
+		412c2496d0eb        mhs-demo1/host      host
+		dd51763e6dd2        mhs-demo0/bridge    bridge
+		6b07d0be843f        my-net              overlay
+		b4234109bd9b        mhs-demo0/none      null
+		1aeead6dd890        mhs-demo0/host      host
+		d0bb78cbe7bd        mhs-demo1/bridge    bridge
+		1c0eb8f69ebb        mhs-demo1/none      null
+
+	As you are in the Swarm master environment, you see all the networks on all
+	the Swarm agents: the default networks on each engine and the single overlay
+	network. Notice that each `NETWORK ID` is unique.
+
+5. Switch to each Swarm agent in turn and list the networks.
+
+		$ eval $(docker-machine env mhs-demo0)
+		$ docker network ls
+		NETWORK ID          NAME                DRIVER
+		6b07d0be843f        my-net              overlay
+		dd51763e6dd2        bridge              bridge
+		b4234109bd9b        none                null
+		1aeead6dd890        host                host
+		$ eval $(docker-machine env mhs-demo1)
+		$ docker network ls
+		NETWORK ID          NAME                DRIVER
+		d0bb78cbe7bd        bridge              bridge
+		1c0eb8f69ebb        none                null
+		412c2496d0eb        host                host
+		6b07d0be843f        my-net              overlay
+
+  Both agents report they have the `my-net` network with the `6b07d0be843f` ID.
+	You now have a multi-host container network running!
+
+##  Step 4: Run an application on your Network
+
+Once your network is created, you can start a container on any of the hosts and it automatically is part of the network.
+
+1. Point your environment to the Swarm master.
+
+		$ eval $(docker-machine env --swarm mhs-demo0)
+
+2. Start an Nginx web server on the `mhs-demo0` instance.
+
+		$ docker run -itd --name=web --net=my-net --env="constraint:node==mhs-demo0" nginx
+
+4. Run a BusyBox instance on the `mhs-demo1` instance and get the contents of the Nginx server's home page.
+
+		$ docker run -it --rm --net=my-net --env="constraint:node==mhs-demo1" busybox wget -O- http://web
+		Unable to find image 'busybox:latest' locally
+		latest: Pulling from library/busybox
+		ab2b8a86ca6c: Pull complete
+		2c5ac3f849df: Pull complete
+		Digest: sha256:5551dbdfc48d66734d0f01cafee0952cb6e8eeecd1e2492240bf2fd9640c2279
+		Status: Downloaded newer image for busybox:latest
+		Connecting to web (10.0.0.2:80)
+		<!DOCTYPE html>
+		<html>
+		<head>
+		<title>Welcome to nginx!</title>
+		<style>
+		body {
+				width: 35em;
+				margin: 0 auto;
+				font-family: Tahoma, Verdana, Arial, sans-serif;
+		}
+		</style>
+		</head>
+		<body>
+		<h1>Welcome to nginx!</h1>
+		<p>If you see this page, the nginx web server is successfully installed and
+		working. Further configuration is required.</p>
+
+		<p>For online documentation and support please refer to
+		<a href="http://nginx.org/">nginx.org</a>.<br/>
+		Commercial support is available at
+		<a href="http://nginx.com/">nginx.com</a>.</p>
+
+		<p><em>Thank you for using nginx.</em></p>
+		</body>
+		</html>
+		-                    100% |*******************************|   612   0:00:00 ETA
+
+## Step 5: Check external connectivity
+
+As you've seen, Docker's built-in overlay network driver provides out-of-the-box
+connectivity between the containers on multiple hosts within the same network.
+Additionally, containers connected to the multi-host network are automatically
+connected to the `docker_gwbridge` network. This network allows the containers
+to have external connectivity outside of their cluster.
+
+1. Change your environment to the Swarm agent.
+
+		$ eval $(docker-machine env mhs-demo1)
+
+2. View the `docker_gwbridge` network, by listing the networks.
+
+		$ docker network ls
+		NETWORK ID          NAME                DRIVER
+		6b07d0be843f        my-net              overlay
+		dd51763e6dd2        bridge              bridge
+		b4234109bd9b        none                null
+		1aeead6dd890        host                host
+		e1dbd5dff8be        docker_gwbridge     bridge
+
+3. Repeat steps 1 and 2 on the Swarm master.
+
+		$ eval $(docker-machine env mhs-demo0)
+		$ docker network ls
+		NETWORK ID          NAME                DRIVER
+		6b07d0be843f        my-net              overlay
+		d0bb78cbe7bd        bridge              bridge
+		1c0eb8f69ebb        none                null
+		412c2496d0eb        host                host
+		97102a22e8d2        docker_gwbridge     bridge
+
+2. Check the Nginx container's network interfaces.
+
+		$ docker exec web ip addr
+		1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
+		link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
+		inet 127.0.0.1/8 scope host lo
+		    valid_lft forever preferred_lft forever
+		inet6 ::1/128 scope host
+		    valid_lft forever preferred_lft forever
+		22: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default
+		link/ether 02:42:0a:00:09:03 brd ff:ff:ff:ff:ff:ff
+		inet 10.0.9.3/24 scope global eth0
+		    valid_lft forever preferred_lft forever
+		inet6 fe80::42:aff:fe00:903/64 scope link
+		    valid_lft forever preferred_lft forever
+		24: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
+		link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff
+		inet 172.18.0.2/16 scope global eth1
+		    valid_lft forever preferred_lft forever
+		inet6 fe80::42:acff:fe12:2/64 scope link
+		    valid_lft forever preferred_lft forever
+
+	The `eth0` interface represents the container interface that is connected to
+	the `my-net` overlay network. While the `eth1` interface represents the
+	container interface that is connected to the `docker_gwbridge` network.
+
+## Step 6: Extra Credit with Docker Compose
+
+Please refer to the Networking feature introduced in [Compose V2 format]
+(https://docs.docker.com/compose/networking/) and execute the
+multi-host networking scenario in the Swarm cluster used above.
+
+## Related information
+
+* [Understand Docker container networks](dockernetworks.md)
+* [Work with network commands](work-with-networks.md)
+* [Docker Swarm overview](https://docs.docker.com/swarm)
+* [Docker Machine overview](https://docs.docker.com/machine)
diff --git a/docs/userguide/networking/images/bridge_network.gliffy b/docs/userguide/networking/images/bridge_network.gliffy
new file mode 100644
index 00000000..d113f4fb
--- /dev/null
+++ b/docs/userguide/networking/images/bridge_network.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#ffffff","width":378,"height":236,"nodeIndex":146,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":7,"y":5.1999969482421875},"max":{"x":378,"y":235.1428540910994}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":196.0,"y":100.69999694824219,"rotation":0.0,"id":140,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":61,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\"><br /></span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":149.0,"y":154.96785409109907,"rotation":0.0,"id":114,"width":150.0,"height":54.732142857143145,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":16,"lockAspectRatio":false,"lockShape":false,"children":[{"x":44.0,"y":2.7321428571431454,"rotation":0.0,"id":95,"width":62.0,"height":33.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":5,"lockAspectRatio":false,"lockShape":false,"children":[{"x":29.139999999999997,"y":2.94642857142857,"rotation":0.0,"id":96,"width":3.719999999999998,"height":27.107142857142843,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":13,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":99,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":99,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.8600000000000136,-1.1785714285714448],[1.8600000000000136,28.285714285714278]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":null},{"x":51.46,"y":2.94642857142857,"rotation":0.0,"id":97,"width":1.2156862745098034,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":10,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-1.4193795664340882,-1.178571428571729],[-1.4193795664340882,28.28571428571442]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":null},{"x":9.919999999999993,"y":1.3749999999999987,"rotation":0.0,"id":98,"width":1.239999999999999,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":7,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.0393795664339223,0.3928571428572809],[2.0393795664339223,29.85714285714272]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":null},{"x":0.0,"y":1.7678571428571417,"rotation":0.0,"id":99,"width":62.0,"height":29.46428571428572,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":4,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":40.732142857143145,"rotation":0.0,"id":112,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":15,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">container2</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":226.0,"y":155.96785409109907,"rotation":0.0,"id":115,"width":150.0,"height":54.732142857143145,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":34,"lockAspectRatio":false,"lockShape":false,"children":[{"x":44.0,"y":2.7321428571431454,"rotation":0.0,"id":116,"width":62.0,"height":33.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":22,"lockAspectRatio":false,"lockShape":false,"children":[{"x":29.139999999999997,"y":2.94642857142857,"rotation":0.0,"id":117,"width":3.719999999999998,"height":27.107142857142843,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":31,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":120,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":120,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.8600000000000136,-1.1785714285714448],[1.8600000000000136,28.285714285714278]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":null},{"x":51.46,"y":2.94642857142857,"rotation":0.0,"id":118,"width":1.2156862745098034,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":28,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-1.4193795664340882,-1.178571428571729],[-1.4193795664340882,28.28571428571442]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":null},{"x":9.919999999999993,"y":1.3749999999999987,"rotation":0.0,"id":119,"width":1.239999999999999,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":25,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.0393795664339223,0.3928571428572809],[2.0393795664339223,29.85714285714272]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":null},{"x":0.0,"y":1.7678571428571417,"rotation":0.0,"id":120,"width":62.0,"height":29.46428571428572,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":20,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":40.732142857143145,"rotation":0.0,"id":121,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":33,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">container3</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":72.0,"y":154.96785409109907,"rotation":0.0,"id":122,"width":150.0,"height":54.732142857143145,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":51,"lockAspectRatio":false,"lockShape":false,"children":[{"x":44.0,"y":2.7321428571431454,"rotation":0.0,"id":123,"width":62.0,"height":33.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":39,"lockAspectRatio":false,"lockShape":false,"children":[{"x":29.139999999999997,"y":2.94642857142857,"rotation":0.0,"id":124,"width":3.719999999999998,"height":27.107142857142843,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":48,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":127,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":127,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.8600000000000136,-1.1785714285714448],[1.8600000000000136,28.285714285714278]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":null},{"x":51.46,"y":2.94642857142857,"rotation":0.0,"id":125,"width":1.2156862745098034,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":45,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-1.4193795664340882,-1.178571428571729],[-1.4193795664340882,28.28571428571442]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":null},{"x":9.919999999999993,"y":1.3749999999999987,"rotation":0.0,"id":126,"width":1.239999999999999,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":42,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.0393795664339223,0.3928571428572809],[2.0393795664339223,29.85714285714272]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":null},{"x":0.0,"y":1.7678571428571417,"rotation":0.0,"id":127,"width":62.0,"height":29.46428571428572,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":37,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":40.732142857143145,"rotation":0.0,"id":128,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":50,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">container1</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":81.38636363636368,"y":79.1428540910994,"rotation":0.0,"id":129,"width":291.1363636363638,"height":156.0,"uid":"com.gliffy.shape.iphone.iphone_ios7.icons_glyphs.glyph_cloud","order":51,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.iphone.iphone_ios7.icons_glyphs.glyph_cloud","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#929292","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":157.0,"y":124.19999694824219,"rotation":0.0,"id":130,"width":150.0,"height":27.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":52,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-weight:bold;\">isolated_nw</span></p><p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">&nbsp;</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":15.0,"y":5.1999969482421875,"rotation":0.0,"id":134,"width":73.116,"height":102.32,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":56,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":53.0,"y":57.19999694824219,"rotation":0.0,"id":136,"width":119.0,"height":45.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":57,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":134,"py":0.5,"px":1.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[35.116,-0.8400000000000034],[89.0,-0.8400000000000034],[89.0,57.0]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":5.0,"y":116.19999694824219,"rotation":0.0,"id":142,"width":78.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":63,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Docker Host</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":66}],"shapeStyles":{},"lineStyles":{"global":{"stroke":"#999999","strokeWidth":6}},"textStyles":{"global":{"bold":true}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":[],"lastSerialized":1445538566750},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/docs/userguide/networking/images/bridge_network.png b/docs/userguide/networking/images/bridge_network.png
new file mode 100644
index 0000000000000000000000000000000000000000..314c9f7963ee006a5775a1109d8e99b172c0da91
GIT binary patch
literal 15878
zcmd7(WmuHo7e5LQIdmw^ARrx5f{Zi<-Q7|Gk^|BR41)rSjC7ZDcOx)#hjcT5C|yd|
zx%vM7=Umr$uIJtJ=HUf!&+L2ey>hR;K5Ko}P?IMnpd$c*K*Wj)ue3lQ3?%UX9Ud<5
z`!}&*2?)dlQhX(=<88K=2KLsQy6FwX_jAEyj{Ha_7y0BRxel)$IrxMWSyYR(FU>Y8
z&7Lx<*EQBJZLXUt@|e;r?v5DHB8#NNvnFS<j;dhpzq?5HULRCGUVcAwwS3jOvK|9w
zK1=u8KTGwKIujjfR6GHGI$q!ufG9IDb!4=ISP?I^xgN>=?*k<aL@-tmfd&S*3=S`s
z49p-p9ISo+PyjDSY3lPwr*^4*$JBuXBcyrIJg^eZvZ(TB&S$U6Nt}%OQt|zDmk!Ej
z+1YgcBpcO~5}pZJS@WxJ+vNW54Nf#Y>_?M#wS<J|%0tyEZLz+m)JPqVH`lvvhRtvD
zIc8`jGpi*&jKKb%SK2tqv|*FeQ-iHo9&WwHJ8#XLKXD{~9o~FQnx2+z?mD>R@U~h$
zKE##5Kt=RNm7LW1$t(5!&^WF8JzJK_452XWC}I!d>2GW0>KxB{oZSD7J#xGHhRbs{
zGhALCm*(dn`Sa><h|g_w_j^@Ifzi_F?Y!^BZXSz7BNb2XJ*8bnL5V@@EtCtf4)(q2
zSm}1K<4uZ2=N_30Z;!_7{Rk8FvLGc6qFwH@A=)A|w%w$EeR?$dP{mD81*bsfD`glr
zbbEXIt&3Bd#QCk<#lf*t`qJfGjMm2ZyRGBj(WS>IKYEGgksMwbt3=+RVx2KOQ-nIq
zn_ZkI4^xM!hu{@4#QP!tO642Xik&*&hp8d)2@r9afDf;vFM1PFeif<{NXDG?$u7m_
z9(6Y<H6F!@gqnl`>-+xS>(fD{MoS}`m;3(?iQq7-CL_YPD@h4|<$hvISM-}i@4L<1
z5o==Hto&%I>)#=Rr1y`0DFji5Rbr+iurLm(`W27+z!%2@S;Ohe+fLGSyuCzw%xAY8
z>bKP;lhqEY4CAKzQ2($Gb#*TSu8bzeP~G?>qfKy1KyApZa3rw6Cfa^yGli3rxj0kl
zOE!NzpKR0_2IFj1cwe1ymr{#@1TZwjFuV|*)qJ+y_xv`%7)4cDEbuj6GxA7!sGjUh
z>#6=SKznWc<=IGiaRBnzt$1{NWf;7Xt-Im2(>7dPgNLN~=4h4<DCH={AvVOU3{y0g
zX1+dK;$nh)yZn!Ii^{Xu{bQ9JMxq0*`qbnnj3vA=3(F??9t?<=%IuF`0dfLS!iXW<
zQ`76Z=#W+eao4+~PV0?4y2gzYlR3TW(WhJajMLiAQf$V{cb+MW7t_9b0ITM;j${Bm
z!_0&8pat}TtSnE2rl{s0B}`}scp264_7%sbycyK3I4(*R$VymrKW1vT>~3D34#k~+
z3G<%fDM=vE2r}S76F`5M;W&p0JD4ywUWO(ex4G08-jx2}<v{MTiH<;65BT`w{FeKx
zKX4&BtE?pe^9+J>n$tsIs%#t_{YwWWXYP~@-`9O&CVpjQUnvW(ad1RzKbgsh&E=Ck
zDZ8j^ibhwk(W_?x>I5Q~#RS(`DJj88`Q|?1n(AWETsS@kJV7001rCXclm8Z<y0%k<
z`1Vp`ZH}iCk56uMPER&5`OB%D*}PmLrFSk1;{w}R-4=c-$FBg=Ka|0pU?wLWO6t_7
zv`uNx1$Ftv`Ie4el`W83jf)Sylzy~-?u#8-wkClDcAW`$l#eGg?c_DgL#Kd=k~!hv
zksw&+t&lU>z~;~dWDsn5RH#6TIv|l6N+u{C((c=Hvv2nV-?M4HMkOBUWUN%B%++-M
z?7YmMcm+&KimZ2v<4v2db5}iO@N;;3<~8#o_p56I`xBmfiq$A#IFL|VPffz#B$LyF
zQea~^D+ilmieA6c_VYlqaaO2}`X<kN_J6uF?I*ib>qfa#ep7s{a?H?O?t#C6msFs@
zF~R614{qwO<sgaWkmidWPi{fhq&(+-U3KLi`8WMKPZ0*9vsG1!1K%a^Pc@&3H%(v2
z=k^1Rr13O&3OkgA%|{4e@#h@40~%!%UY!1hi&8vI^>>1rGWCa1@dr>Fq*@eVhG8DN
zKL?I+?)pm&?9hjlK79A@<N@!TU(~o?Y!HsLyY^RNS-W|jg`rVqTGW!wi-OP!Q{RMB
zZ22r=-(`Ma{0IfWG!k2uFk8U<B4PhAv;+7~;Qy!Z0MpP{8;x9Pt<yUm^jvTz_vCFC
zL*ipK%c=Bs*Y}pYH`rj$G;P#4zFTR+nQ@)n7fe?GB>0#ckQw`1kC+s72G&m-&AD|W
zNna(!>Z0eHe4qdM{97OSMxeIMk#mX7V`TbHaiz>DC)2Us<nLNhkKFq~a@(8U>U&2N
z2=HItchuAV>5KZ-m#wyM07u#up>%VoO49q*J!&iT#J$w^3(sla-#5;Wp(fg~l$wBQ
z9S}5Nl7wN;d^1Ml)v_jEx|bL?A7(AB>JdIcdNUsXkOs6jl^ab5O?{Tr`1fMiwLJE1
z%YVm|AHX$>rk`sSqLJQI_cF)^wada-N9_Kj0XmERf{6`oUmcLKWCKRCBJZD~pxJ3&
zO28S(bI<Tl9<0xC8UXvD|FM7VtLHKoFijb!42%p?M#QQI9KJGZ|2=(vI`5MYOw*7B
zYF}lBZtv`Dpn|Zp^#8!H`1PBN+M;uESQXXOoUeaM$H)VVN8$lfK0;Xi8A;PJFyM@f
ziwmMtE;X)?S4$I9Z1&un%y62oiP9@IDrBSr=qvbd)`5Y6UpwV(@dyM0g%p;_(JwcP
zj*4QwxjNGqV3xsLNOOcz!d?RhKYEN#0cPrPux#q)=EnN;skR|A?>&uq_cU6(`&I9>
zpcg_!`<O-UYvk$Pg0Wb_eQZF+_#e?5QAFlMj8Z1;*>4Bq<46DC18-s*V<0+T!gO?W
z`l{Xz>cAy9agxl>W!Y&04)0XsoR^yVXDhAPczAd?>w7%!c^i!x1OiJ@`d#}Inl^3p
zO*J%@UhXe7=hoEd*xTD@jeCmnA^urd2e0NgH5qyC&N5$}?uqBvcS%%LSHB(4QT*!F
zz$~$oiHV^FM<0%@;f+D<stQ5N$s!J{qN4gitUvzkFB$iIW8}ZNJR!U+t-1j=X`lf|
zGeIAdP&X7GA0J!aUSCw%j;04AU)%FpGQbQgHU4i&hHlyQV)n2p$8*9zQZ*EZkT7t|
zKk~^jdOLD2P|N=WYQ(~@U!*R5^Dole$Je(>C0)W$%yYLumz4D07oGpdscFvT3X9+m
zN8Qv2c%WUo{V@v?`l88mujv0{6dyNtG!7vZr0PJ=$S4^TJpSJB-W?I$`^=XPIW9|0
zx>S57oW^yI&o|FwV=0mZED-<p7W9iB{db}r-uq9IQq9H1kO)b?(^%K_9(+rN{{$Lx
zFVOEI<M<>`lDx?%74ZHyW#&VOk<bwncO)5LJIL4(Cv0O6R<_3MxmK)`<JBS|-MOTP
z+HCHFQA1{XZ|zn{_DvLCaeM72;P~i9oHRCWggHd~lYNaHN-7qlnu#f;iK2w53~aN{
zWC&}JOim4!wVX=F%s)2F(O!txs{R8{{o5s~im)2_*y^?)^{&d{P3i93!L<=^<orse
z)+dLsV*z1Q|HDBW4Gcz3z>^?pCRGD`KIAQ){ub-!k#tvQ;W_iUAQiH<z8i5{ju{SK
zzw0^Ejqx`e{+@DR*f?EUjjKHPi}gPr4CwFM%|iq3$T5NjTx5p2a>AR|3N3EWeJ|Ec
zwqBCR{<$R<#Cncq%SM)M!r<+EUj6m76KXi$S~=nL2|fvNyPd0DSl7z}8N~m@{4xza
z7X2Bl8T9c#?Ww^PYyZyn5D+r{_j_kyN9_K8B8vwv{%2U5*rD+%5@7_aAOFYuvHx$p
z@4n7dO?mdN{=3J{^mws8|K7R}6Q#g^F1<8A2w1UyBKUNFiDwght)s6$Sm(4bd2;A=
zJ@T$SBn~iqO@a1|o|Ow#pZo#fPg&6VHlxje<XwME@)Fpw_~R7XfL4mVMY+oZQqA!%
z&e&`;4vS>k)!gG!x7Svwn92lHFkyimid5QXz!H#oZ$Jk6NU7Y>qW9sAHsEh46%KDG
zuN4!$zq`S<-Eko6Pn!oM--qCxCb}6Jv2rL*mE8#a8CBNNUG>w&;7wpi;A=jcTXF8P
zv)YMQtg@dVX<WOAix~cGrmK3!)V}I&Eic8G34$EvzV6IAJpD4_0G2RML#tn-lq?j9
z?md16pA+^W%ps=prq<(lWrNtp8w#!Rtxs6J5o??lH`u!MamH!4$l`2YosV=V=>xrX
zb*)6a9vcK4X!kkuE5ve2)WQJ}TE%igAZBKS9usSs-K!fk!3*z(lSKxq;Bn;TIQu23
zsgVAmA&Q1ZgEeIg1WSoDJ_(|8PaYEFfU=w_(si{kG?)VG^;KAO#)@=2_@AqrR>&(>
zQqBt|L3mU;&IuW|TwX0Dl+IWl5V5cn6;?;=^7@G^NE60`K|=PEoINjh2RFl?0`tCf
zV0r*pSYa@T;MzM5|C5X``zqkL3#E_N-Bm+=>U9}w9D4C%Sb;w7DE#Y<%RmBbb~0uw
zCKX_28HlK|aw*-Nors*Kf3$8l)AY&x-OPBzV1Za<eDix3Co6w<U6ChG+AXAhfx=&h
zQ#H~x3kbyvv}00KCfY^Bnt#QB=jP@0m=F!KfFki9vI~%86(+nPdH-K*6h*H_$J!S%
zukRqO`s_KEA`oZk&40{We|+P)ZTfer&5F2}_Mz6>l_0UXH-E10BczSvz=jm$LZy?k
z&sp+Oz?PN%yev$Zp9OR2@9*LFI5aRpW-9o}g8)+=3}sefmLcLuGNv+#Jk8=RN*J0D
zK9dgBxINYkGJou;rN%HJ4+K(BI}CG9Xa#b;M6vMxO7!-M&z3Qw31%O7(r7H&2EwzG
z@Ew8mZ%(O!I=s2Cd%sJ5ron};PO?${6V}@VIS_(82*@#6X`Y4vLDsK;slOv_An&aj
z_vdaJ^<n75=VGt<KG-C!^MjV%?Cac}|1493)+y;|2C#e2NQIXhR--R}r-Y2sFK|_`
ze^tr$Hu?*vu#&-^-(9dhm>3zeTI>4E9X7J2j$?uqnvj7cu7_TqZ_Rp#;I<##bcXX5
zej=ovpQk6l*exk3`FOM?uKECElCP5VAf^E+o$qj0^92pFi0SkW#cgNi4mfHDGtRmx
zGZ#qu{<C{)(G}zIT|7co+<*!6nSlp;8jQKgd#edY!|;%=;Br~PSgn3Co!cZeAY67y
zQ1I*608ki%D3un{b|_JHr;`KgGa3d$z6z4dLSQ{)fMdW6xUl7{Yt4h0<g9HieoYo?
z(_U2w(MXELqbu-{uMl#N5m-qt;309tVDe75GJzg$cq67K1|}g%<+oSvS4qWmX)Jgo
z^k|eb>MY~AidIw2I}@)5Y5QN6bRTdP6S#CJRM)O0zfgL@{?vKX*8l6{G@t#&#&|8C
z%H<8P^f`v9{`7|D1`(q3G4%e5&+><ax+MNvz6YI6HkT#}!`wiz`jfH!<-e^~(-Pb1
z@_<Xpsws5G_>&4Kh}1c~pg7U5w-Fb~lW*HMT)v?sd%-7P+Wc$QJxQR#0dQT?bTjg0
zz7}yhyEO?M&ccVkwX1Xecc|tGK@TbEKCcxa90tCuFzgVa<Ff|4ezF9P^?Oq3Vm?xl
zft8cG+q>aFVyc=5s3s_NccYqoZQo$*PJfRxpNVFaZq=z}^wa%RzK;5Ga9y>8EXUE;
zmYs8Myv!)3tF?D7FM1Us_ahjKuW;r~ps9FzkO6K9QR~*Wir^`-(%xUd&RN~I*|rfA
z`7eFX`t-cD%pU`Ga4Y8H?Hmw;MxFJ28{D!u3m|=7p5ylI`n{~;D;TSo@ER>d?|abe
zcN}T%4@!w<(ow&8UhJ-?c`g4myTT~Ong)lT-G{N+NzQvi6!z60jUf&3#xt^}tEZX`
z-LiJV|C}Xypd~M`%D8^aRlQQjur|B-BYpR?4j2F1=D&zy^kG)NYEWnR4vj|$B6#fF
zY|9%fRM&3o+x~{Otyz8C`NLI<viu1aJfr{)G0fzA==kGMy1lbZ_d{rj4A#-tq^Gt*
z4g*^%>m3&gCLkGig4OTY(Kl9jNE=k8!yBiL+(kJ$xg%^O^_vfxgC`hv*PHUvYepDX
zf5Ufdje@|XuVyw}O2(c+r=6C##7{rmZAg?S&o;kz*qSLV<$Y3cy8Qq=6;8Q2$F-;1
zqxZOULg1mO8S4AaF_Z9++^gLHb?+`Uzx9DSRFI-b{}h?W?k7AaS%`mNzlg;;2E<@C
z6eqyu)0luZ=V=>QLh5Sw>BLu_lFB3z2dYxJgytbCsEIRHF(DjN77TvI{mK(**scW2
zS?F0?ShjImKOohUnK=eYj7a=daR#rifq<(6#nbd+0wHMR_{F#~f6~6>Yh@O176a->
zvkTiL)guJU#FsVQ*rDp;Jubt*F!$h9ypL8vjLH=hV-d!yRvL?qvuUkt(8ZsE`wp&{
zBtMR3CMSjMKT@{K;b#;qr8jugmzm?LRfJaXNu0Z()ubOn_BUzHYB%9nJ1j5=3O>Aj
zcn1%e!psmhA$<4l-M0Gm>|7aS5A{gL<`YlHFa<%+fd{YhSC%gE2Ep8FDK=>8R)T=7
zJ`i1hq2$SFXgJUGlM`rkm??`u9V(GYY|iS8oeMUTFoiUP&^DN_qMyXFofBl1V~|!K
zBwG<NV<5U)F|kAa_a1ByVS!2dM$*J};XZe_Hv>g|!^3e!Mcjp64J=i<%pOcx>sc=Z
zAQ;->(_g2a{XO60%%tbd9~>|YB!i6nQ!c2EQ1^daJ2fzK^n(IFMhcPseZ@*f{O+{A
zEy;|^C2f&zNhc4*0IzYVKIpPqy#B=@jlbA(k=u?P`o_1Tcdz2gY13|5i&KVd29Fpe
zIz`gNlQk#)vxUmc9$iJC+GkgUb3V!6N<M073fw1}Z1CUXK0*Pv4E#kYSuRkRp$QgW
z(ce+&42<zi_o4{TZB{wd27YmHklPNXF=lVNq@T{Cf5#hx^yR{yy9O8QjCY*!jQ%wz
z#erTupQz0^6U=-IzcNZMdoq0ISaZtG$$1rUQv62b_UXKo^CI*DFet9RtV*Lg$GNQi
ztMm15^}hB@-$Dz&?L8l2x8M=AjkkBOVKZpd%dxu1+lr6AEtBtk+g;0WdO0Qp4IyPL
zV}FyQ@R+m7ydCrT+2Z?+()#7-7<H*RJ)RNhI#J{4yn`uLFCqUAro_$8_Mp19>*GPU
z^VLveXO0iQ6$D?4ueX3`W@q}HW%J^ql)_8Jhv4MC3|7P7s(R3adW#OqE>AxZ?>}2T
zP39f~vK>ZuM!4YRX=;A650PVcmosg@dgxtZUD|H+=4&1D$C)BFZoF3f>rLJdi(sCC
z*n?MYPwTm1_&aOmfj7nGLZmpr_3Pqq#+}LU(F}g4g}ON4=4h7ge>xY8?0vHQepFJ+
z(2%RV^|C0{YuU$b@JYSGxL5N-Ovw4tM#7ur0$iaW^k`QtsratIMJMAeQ`^<j0d~yd
z%H6Hk^Szph$x0eWc&E0yBwLH$8P#MQa1EWCo7+AEZcH_(7hifY1uU5<r{5SnNsJ`V
zl-ot^g_0f0)Tx-6rN1l6HEd2&waU}@aAU^NjNI`qIct0ZLk(<Bmm056J#${<jA2)e
z7IB#F%g+cXVm}sL`JnAY0p?5%xZJY0l>VJ)6`O)5fU>^ndZ=Cyt9G8^(t2UT#m}$b
zi;kc^q3vCPbrK)1hB6Ms>6;a@lTKcRzqx+#$ZuB=C+^=r_oQb|Mpk}iJ{y!izmsey
zUoe8OaBeSo${JqClFo$C67t{+h_8Np_^ah?Ifn7}Fx2g8uYRydxA+$@qh8GBoNdOF
z6j7J>UdBL^+Jn3l=jc}dD<l2+Keiw`mmfzV8;)EkOn<rvRg9mZu<sa;J$cE?<_<5I
z{$={mJROxhGwGrx=@Ba-1mfB0@;Cf39O`=LhTW>cU$a)<;xcY_ZHq)IULeKyp+3O6
zaXb!7O&;436oTOE1+M(mtP$BiHyiwcnlU0s`84mrURETywX967n;Jwj8C-vxnwlEC
zsM)iJ1*v$ZCV8S0XZZ8`OK>eNMm$+2_5{Tkyfzqf5G;U^%GY{sDZ;hnchDkaH^wyA
z>ffA`msi9aaoF(Lqw&TEm)&yHlC7Hx1rMBc+IgYR{ExhDs?L((=lqziXe)AJPA$WD
z#9-&WJ`e*iL6OqrzepnVX*7K9ZqDLPFd}R0r?xZoI-<RQMafULSs+4kK|FbdkSpoC
zi%|k$*r#?nJMOXv{kk~Rlj?z&6Typ4AmXySevS-<ckc?T5`T}R70<ulDXk~qebms^
zvCcl7bNc6J6Jg%hX{<HxK1-ahFiMZMK^ce6jCFpx((y{MhO$m0^;t}L@2~4;ZFeoc
z#&?_9-+uK<-&S722-pKDuplAbL2WE$@VLG(ZSx0UI{`x$DNI7^je)p<7Xs!V)tr82
zeNrOszO%Klc|<{t-?ov5SO=0Y(c~<0oYj<Nm3OyiZ9?9M<{sQAjC$&QjIs(T|I32Y
zb~aI~9-@omLH@XKRtaZIRr@=J(wHi{8alzELhbxVHDe?EULQYW#M|e*epB=8dfd43
z9k@h$h%t(wH!NVq02jO{9>(}@^XE&?gXJd&tyg6r$R<tB^T$-M75_7?FmqBC12AWp
zEs7dRgTWNU1TA?8|CJTarv;eO#O_>m+-uBw%5hurLHNSEt?^v${U90w_6mh0gQ%(^
zbQz+V(78hV;D>gjSe|+YpVy*mC}Qa|M|uI`kJpk%!k2eUnaH}wRKb3jyIHHFGY2pH
z<c&VRV>*n`oeroJN^V~NUBY3bHAl~K<Q}gULP`B;`>f$D>|^=5j0RnhixmTSc`~Z>
z<7a9d3|p07AmV9R^XL$9yp8p5(s~$&V;+##uU`w9qd=4;a%5uv&H+cQ6NERX4bx>d
zE-tKPjGA_3Dkf-mSNT|xsxfAU!qy|U6u^t8cPZ~VIIP2rjDS4Xisv=VLK55mTmq4u
zg&N?R;UTIN2xPhjj>aPPcS{z|Ps#&Jg$~gH#H!ep<9|Y$PXHa#sjODODcn;~L;d|o
z&9`LPh1qtw%_AaZn5-{jYYMikmZjaP+;vb!SBz^kglNpyy9D;V%ap!t0gfRf-8Jt9
zrO5Oho6kBf+HJ+9rMd~ELc(JKX-}RL*)gS)*C1LuSuL<f_Ec~yR4VBO#)rf`ckPrh
zt+Yhf+@iRB_G)J)mC4NvB8R>kAOHOuw?oA*>p9J_WybLcIpI1iq);|9kskE&;8=ot
zo?z2D5u27SBt2v!=u?<y-B^e?mCF&VnTm?4=tRB(&)n6_V@j7>Ej~51gfFxf6Xy3A
zDQY_cdE3&lL`y<qP^3_Ya;=DsqCg~?%gP1~uwo0Nk=?b`RaKL<n$%?%C@j)~9PHS@
z>vhI~TEZEAON3mq4=W60mJxW{IN<%NhiRIV`2^zeI3%>Ys^TjdxJ!*JjFx$#!tZQ<
z+sm6Ul)Am)kKH%p`Z92WPma@!g$4NNZT}O0_Z?=ad)$}cb@#Rw2L4tv6jsc~xVRlT
zQI@(86|tOPmQs2?6_sUJx#b?2rC(TRJ9m2*(ybkbx?try6FY7Kx8=LU8VtOK%t#tc
zJZ1(+nQ=o0T1;37@5oQ(a5fF&p~RYB->X+WjO^a55h(xg&v&WsM>Jz3z9e;9l=!{4
zfe}leql4`|r1wd={@kZNJutpl^?cQIdMQDU&kCc(`WmK=+mh(dMFtm+e}H{s*5WAL
zzM9)4RlKnKUG_b>f}E#f)|HP1vAG{zSDiUA(`m?%xJq4^50fHxnO=^)6+#~O(OO{Q
zVr3qFWRQqC91EW*%*T99{_EcN&_`M>*R#wRdLfmkcyNR<)e%7#p{qZy430rr^S+pe
z6fd&8?bc{2f>)NMMIyR8=&HT4#|I9MmI9UWnKl*pVe5=Jvn-GazBa*f9q|7A9aR)e
z|5VGuGw!16H7wDAf?9slIu0!tWk^M8Xr(4T3<9(3HN?MYTY}g7v$~*%7b{f0GKp!`
z2?lj;1SxuNj(s0kLp>9N$$kR&6Dzlaz}s_`R-sB{`22XsosyrP1VqZ>ias#IH4jQO
zg!J6d5W-#_kTQMD{phV$KpE_-t))dl6tVX)b(?PIuf<Y38+9R!@WEfR$Iu~>FX1fi
zm}{O@-_~BFvO9Mq8bpY^uAoBub}VpPlEN{oE<q#)pb8?goSrUHJ0^P4m<kJ5CS!s-
zq_3+Kd!Qo;9SMobZiO`&R{KX}=5tR&R2Q)W*mxDCg<8Sz27z5EO<^=}LU8C$=gy6g
zlGku79Aj)|Vo9?vhMttv;mK#h?G|O4=x^|HM#C3T1d9}S=T*X-<^~VKL{T2Wiu8h{
zKejqWutiCbg3ISeehuj$oGxNC0<pjkfxyURZ4CrqDKvacUBYBw*;MRyyGi2u2a8s-
z+qf}jH)kv5izWs;*k|PIUfH8VC~{}oPj?Kkj!VwTV85433g6`gr`5U#XU7!DWIHgF
z{{qQgd;zfr`)OYe7SABbp+j~O2TVe>h!gq5Me-RCjfT0axh4+*h)BVzH)w1{Xe1Q`
zVrajw1@M4W@PUXym^cp~)-}p5Vvx!9#8r}D#fZvKG@THSbbmz7J}jY?A(%nbVo)d2
zLOW)1KQ3ofs^MV#EiP|0n)-CG%On@<C!e{vZ$z~-;1?L8X2fS&7j+ecJ`70hxh6Q=
zlAA|G@)Vym;RU^GC{8v?`6wcF-ZFQ|3JLa*Q7u(`!LXS>c1fOs*x|lTHsJU)X;44&
zY>SJ0H`{#;a{WlMoqShwzv4v9kk#bhFAZzPROD<}6fxy;s`u<3%IUMk*6U05=WRp^
zum;KBn7SEBDFlTX2_|lenfsq3By});yvBMo+r;|A{6N&&tMWrR+^|aFN6FjcqS39Q
zV<p3k$#DPX$Ntp_(lB+gFT-I)m^N>4e?8l&fo6#@-M9-fyy08Y3D_2_V>2QUs2)ff
zuK}(?e|D;qB-eKKE!Hgy;3L)Tv5UXO!_Z-?=#$HFu{USyovR-F6#)S31B32RB07@-
zS|#b7xj)E54(-ZdpGsVszY+g6z+iyQ&LLOUZLacs5uKu@t3R0GIO8r6jMa4bBu_t`
zUwP}wfFX;!k!3~R40qeD6}fnN=a@86RF|K^Wnf(=73kq4PI%l^6akP0?%H^XElLq^
zcxs(b2JzHce|`kOJQi&nTSZmnrb8pxyi`w&SZ9$Pip<c|g5LMRCGZhjTsv0)w>YM8
zaTGVv#Pb%%3DIP3C#UX2h+4eFNTUH$^;+)u?rww(v+aFQ9G9EGbR~F#1i3$y3EFGk
zYs&d*+;#eR)`OB1^Y&LT88F{NNljqGs-`qN14oM>&ceb%{Hvc&5uGs>TWYy@?wxF(
zbjv&m>y~>`wDt6;WG(bxrBizm%;Ly5kcF@zY>A{lANRjSbmo7<7Roh$`)b~{s4=gz
z3dDJcuM&VeozF02)2)M%_C$VHcnqZQ<K;(m#Zxf}DX<>yGmB~?b5oU6sNnbI4<+_p
z>xCc+frVdVg-R6?pl{y(J}l5wBpLN+r~|>u%R0J2nITIcq}fiHzDFn$dCcodn|z2b
z<(b$K)J@)BxE??*Zw|JiV5%)w`_1t}dFB>q@t@w+7C<qI%o~jAQR2;+oIq;{jF0HC
z1Fuo!tK=tZv`xjWK!WR2P(95(7`CX1s`wYxZI|<7edX{js+G#_WE+GhWeX=N&7?xG
z^hoAc2Rqq4T(=nOHgE%q31+oGWI?tdeqX(%epOR4{(!I`Y{7@&=n9dKi_iPHh4WOB
zvUrK_XSOT{p`#KK^6PHq>RmEQaoe}yC*(Ef0OnBKoR(pYLl^co)qPx1rPPB@+#wS)
zozr|*fnn<@ZWJHUj#bA;{PddPa3y>aejSm*2?F6mc1*j?#Oedy^0C&GOW!EpLj7Kj
z)i%~WZPMps{2s%Qxus)Oji)=whE&gk)MO;EM@6SU8`QptWcX|=iC0OAU>OLelNtwZ
zwTe4M3gw?@i;V*=+|u{IYqh*jh;=ND%=yK-HPamG?zp0NwRni-;JF_kJ??fgTG-;J
zkWaGbI8$pi^Jq@Ti0{PXBszKARLsk++;k?`*7_Zz14LoC#6fO0xs&QMA3RhSj>d7F
zE-`F9<0FH_=hIzrpq;SC#`@E%2#9M260t*bY6P9EomZbFHG7xV*hleBaF9d|wMwdt
zzT1bNbiX}rU#s1ok*1M;g`0a)V>;6_ydmVZYBcx8m}8=sG^!oTH)*=obH~i%>qD5v
zQ|%;rQYOa}i*Q?paN?sD$P%VEQ~K5)4@2xwXBROE5-hxMq<bA%Q2B&fQR$HkqjX8k
zJBNfnPI3BD#%!g=?1Q^jA%kPLryN&t7Yo1Q)b)!TMx=Zjh(-l6c2gYC$yq`^8!>TJ
z2Qq0x>B%fC)mkbC8-c|Rkl^6tq=653P&{M*;luH;?iR7pHcg%%!~vfG5N+iQiR=<1
zPD9a-|E(w(RTD%BI>F>8CiER=xy$`qjg0CQ;wSQd_mP3o261hwW>+8LntpG|Zzv$K
zU?oquV`hN8UD@ya`j;Kj9~Sf*ea`6>Y6TEG!TkPzD}H4ub@o`(_a=i(Uo9Wg_BEgu
zLJTX{(+Nr^K)sVCBsK}rE~3tHqOBmPQC|tyb0O$(Yq7mY`!ikYfs+1CYl9~LaF+T8
zljTG(Y_h0{WKbB~YwIJ<a8DIU(o2-=?6w1yZ_X64$_*YVqSI`}Ap?hc3P=lxPBh>O
zagT`Y@b3Ahh>d}I$!UMLZ|Pp-9{)~oi0yVA(ClPw&hUqoaPh{}w>pA)x#US=zGLk+
zw@f>6C)7*5Ddk0Ke}iy8r)^OcNy=zj5QG*a6%K{MgDa+Hc&`<Tuf{KkA7O{yw9be<
zjK}3gD&QE0r3T(!7;)7{Z3BD^fcu0@ZeMHp__Z71Ad}=t;$%rsm30*=%Z3$lB2K?^
zz6*6>K&M@}6TDhYvQe(bIm|*TSdehSGbk=tWP)yFo2fN(6WlwjGv#5C{Yct>ARaBS
zV+d}WxiR=^jMd?tDS!5Kw8%)iLUq}6Hd0q)J&ZXz&VFUB50J|ppJQK<nCluD?Jkp9
zw7wSK!H7#=QL><G7||5W&%e6gM~_luf^qYMtSc!*<EDC4YGR=2Mcq`AZTeQY2SC>C
zU&{-Hw9=F`?9NVlYl*SYlXp(@)3u)#ezm+NMnf&eHE3sNBt%;pm1Zat`me&>rpg1M
z78Taw3cX7ejW3psE98RKKjOc%4wDnxuQ#Tv^Mgerm4{VAhnUN_JM`W>t!D9{#_7zB
zpjJ)8X}6hiKlVd(e)c6FnWDv;Rl;^9uE!0+Kz?sAN?z7={`u@;MSmwp*R2X74Xhys
z0xv4Rrxt}<U7oii7tQEJ_51FqHU@5+#Gc<CI?^t#NQ|}GEMWAaGi~x-{w9Nw)m<iU
zK?+k`H+~Q1sWm5yg`g{nQ~Q1J!sv~kih6O@QN#Wk)8PX6T#Z0WvB&GT$E!2Ia^bAc
zov+RNH?07kF6i(v`nRZ=zMpS!>~|yM?_bekX5<@*yQw{KTLeCuhWTy8&4>Y#d&(g6
zKP6E)Q&>t2HQskx^8Cao51ZBH>+liVs-F!eNIS3*L`5x&%+<{QSQEOidl%g8y4%nm
zy_}!2^?aD2;(LyXlwp<G&1GU`uytmzw_<y|(#81>Zn)KaqGSI!%#TuM>iNBr90asx
zHqfu*>6&?c7dWlH>{k!ST6xFEs0eG|<t&=`?BspaV=ggP_?xizZD*d)#lI8@9Au#t
zxF1e&h3;E1VFpl2Q14GGT*VNqdi~XDr3=S?UmRq%ylp=!;CEpQ8!=%oLpPxKx4|fC
ziUU-T89X2J4X5w|>(70XhnJE|*HPG^^xPqnL298X+*(H+^Qe=r;3luD5K|YHxCpil
zAs55+8Wpu@E?|kf<<oXeKsSCrahWxD9q8j#^a3HX#+8!l-CH09#R**5Rjk^bzFbRF
z6}9CtXsF0jdcl>ubbiid1eVf{_Y*SuPgARUUv&bp!^j|dljBf5j@l7I2Nnv*(!#R_
z=f`o^(QX%(IH)Mz7<uC8nq|{rwRfjypNzSGg>Mi$=(2x<aAHBal)oq!{|bK#l2224
z6vakMhc1|%KqtS)B(cw1x%nV_^a!#^oF-zf=9Myba1#8D6{w?{8S=4_brsbM6P>YM
z589tBVm5#jQaJJ@;H)@npc93KlrK-JNRe5kaaHE8gS!Ray^8<mg+86HDOIB49o0rB
zy3fie&dk=<+XTK8g5RG7)#QI~4kBFT0Ow`%N1;m`C~$qQoj_TFv<vJEMpsN^52t4T
zEhXlczO$DY+lxL+S=Rj-Phi;KmhGmiN+YPD<u?zOKblrDtg+8-`u#CgMe#id8C}I~
zSYsIsjDVzb-H4PVEP0gv=lw~Nda%wB4;aF+5IZ@WJssOj(0>`!6D%H!I%cg5G^Fmu
zzJCuGsa;AVyNmx)LP<vZV_N}NRam3dYLr&~@A(IVkbm#V_~%UY*xr=R7XYr!AS5R@
zF(3ax-QM7Evuh17v(Bsknc1AAR_}J$>k@#9g>2PS+j!LtU5!OMrFF2UJ$)TIOy`+X
zX(XEi2x(0l6T{{2>n<psJGYYHSR9>OOwWrH>=a^~3R-YbzVI|GLTPeXh1w`c6T=k3
zL!RiR!e167dEWiSVe_Q|i{ZQ>PZf1B>$?4X${vOtdb(~IfM)q7@!*K5eB#en@Fl7>
zWXX~xE_z()!p1463MxlD7#X{N+Ft2n9LGEOL?eM-1ZsLI2I`&uvRCEk(F%+pRZP$!
z-pPHt6S4$Pg98UlMB+i<D0S>6;$`plp^)eNWZymK68c;YQ=S!`&_{jIpVR3Pi2(ba
z?VIL#)%qCcmKf-BK8cRD?uvBZ+5<t12a0|zczoJU4t+}+DMhkqmP@(twtF74u(UjZ
zd=4weh5xVcs^=bEtMWcJWOB&8Pxuk)em$&?of6KoapFf(Vt6Dsf7sTd#AHi=bZtj&
zv50BJk<84l-Fby(PE~G+mR=cuELDHMkc7CYug8v~r&4v>iczbnUa3n3)D1UR`3qM4
zOx=LJVPlz${m!=aIg?Bu1d=B9>_fu<K491ZX8=Dh(PN4~KIb)mL5~HRJ%03#isnqL
zHK>P{)P3VLM7>asJ9k63iklRz5N#1Wo@=Xrg@(sfu$Q;5(IktYqE58*be|N@U_nlz
zgPVL4ZT&oU#t#ckH~{Z!!}9xT<-Y~smkPtBg%{2#AK9A-ua+(Dn(ZhMoosQ#nCm|k
zlAb==93QZsXr9+IV{;It;?bW%m)wqbVn7GD>x!E+Lag%?)xpl?$3^!2!#rAL+>=wv
zSdf;s>iE=qG5sI?riUfAq&{xmww1n03Xm6rMx$X&W}AgJgm*tkzJ?k>*xoLv9uUOb
zG+jS_7ZuAJjC-1}Zz}w(!9H*Lc)(tlTFFx`aBCH{r(4+~H|+v~ZtIwektyxXk<EGm
z-oZx9ngj!EQCyxxFTd^h5<x0?vi<g!3p0NYxc+dTFJ0Ks>i#^GrgK5y7#FJ?6#Z~(
zcI4!Z|CPf^o4EX@={ZRLwQj8=r(FdUH!ok&3p}m7aY{F*p~32Lav}tiN&dHKlfD<1
zK8_x7`+u!wET265)H$%|d!y$=2;WJ8VW@AKCZ)aWuQ;8=W!=|Pp8fpXn&>{7G4&?T
zIu}<RJzeDh*UwEhaz;h&fKw>irt9Zl%t1x{l-6zX5&_HW*>^scy_e1Zb22u1<QS&1
z(4`YE61J~ueY?bmID`+X9uyT784-M;M+utC6uEC%GeUG19C9kWW14=$YXZinf=;Sh
z^5h5zl_{X(6I!{&xF17uL_Y8@-7D2r<a2Du$I@0CXNGrF$`N|-R5Ywm{stR4_4+rJ
zyzZ1I*P>1qVjak1#f%_Pnoqh@=y;Je0fpnW;WtF3+sSlX-19kzbu5j9kZ!?}w)f$|
z$y?HRA<D5p=rvTzGCY2p9o3>3-dVa#K`tHi@=u*oUHss<h|l=r#!p{q<Jq`KsP-%b
zS4E5IJ$o4>d6gZ0n!R^gGz!^MKF+Bt)9WD`j-HIgb$F2vt%SO7=i3l-)1sLiJ>(*q
zdlQ3LjClIqxi(Ce2Y`B2U4(b3;|ey)43pwr(vl5lN?ZrYiEHtViKBQSmbfH38z(QU
zj388EL%SMJVXt@=+Dp=|B`IM=APWbEIyDi|k(HdvTJrYQ_<7BOULwfP0nf0G(&Gof
z9kELRsMnF}@bfUNb_63jc{U9BDHR|%?o=4#K;fUaz?BrNriuZRl{V$RGV?XgkR{~4
zQc{_(vCFb_n$#Ay*kq%cZZZA+=c0U1uCb*EFz2}nMzs&S5q|-8s4~{e-j7|l)*w7W
zpm<XUg~YU>XLtZy<0Dp|i(PFzt>zA4=u*}Wf@+|6<LM$y8<<(1kWhms9;!>+S0y^s
z_1Jk7h1Yi#0X2JvQJ4Y!%dAin2!&0C7m;u3J;WcyrJbjcz!xR@DE0aKyhZm3RW|_n
zXeuaEFf>g1O8ZnUo*zhaG$jSnj!lIxl<?{$>+0zZ0O%n%sq}S){e{&x$-LI7v8>mG
zDPA2DK(B*`M=km<ag>tqGws~&)nf&N7T?;-XRw?Hr8mc>ts--6fo=Do!I$vx-1mR_
z{4}4KHtC=p_LiFK9fr@hi_7WSoa=0clV#v6@yTf((}svW4(G-Vs`iiX2e|V4_Uc#o
z5)H1+EOCrKm>vMb<89M@<itF-Sz&~$@9_e-#QrMRw2G^RcXn%5dL5Yg9QSjuOw%}d
zO)2xYu<Dz7#Kp$P4+N7+aVES8X!PA#{NYo*=)E4XO>A?0euODXzx?~4@y{b1+-nAx
z)AOs^88e=?i(!{v%YFxxyRDxUAuiVnvaM(Yq0Uml`cW@qLZwyjz)Mm|)`@)e1Ox)p
zu);j(zR)!Ln-n)tk5GBNN*WkhW=h|h5p*foUTRdUH1!^UM-<QYm!?FHdaeNq27Lac
zaa7xm#;<mU7K1Mac*_4RuHiM={7HR}tZ|&v8UcW}{=Pm9qwI2w=r=dp`g}<5v*Irz
zjtlhw-mu!_v11L?oFZ}(hK6QKDM)o^c{dm<#P6>EE*-?O+XLc`zv!lZqr(@cz-Bb3
zTM-}-6!`C_y#0$ulD;*W{`qO1$v}EU6Df6R*SO!b^9uk;>ysl12??iifZ%<ku((*;
z#Uz}XpXygAOT!%iQJFRtAD%vS`=xLXnN8&&-~S#?;b08Bu1p2+S%PO57Z*Z6rr&3~
zFdv(c3FGr1U$aWUQTUs__$S6WE-S6uUL5J(S&IPC$AB=4b}-!w4gg^C9^QPuU638y
z9sCU9Icq^6XVzG>_PYArM4kwVteqrK!j>z-OUkb_W)V(JVfPFGv=kK;HP@YhG&16<
zLph4^i{S?>e+iH6$pYaxG|bS3;r)Y${OqpfgzWZRv|r<L`Y_~Ea{(-wfR0|&nc|1V
z)XYqA{UxBkdH_`O`1$ka5iWTJ>&XsfntR<j#9^q%L4yRDvNr&f_8<p;*<;2OP^An`
z85%UoytfT#dEl{&i;XR4dIO-bjjJK_I{p>#I_D+smmx$^KYmEyM2$V85!;)qmRE(F
zAy}4$gEu^f1baCp0R+QG-4b$yyHLLpV0?StD_vCC<hG&owxzpibBO2X&^#+tf`;5?
zPB+neHT++b`Gc+$isj9hgO?{eaSnZnV@J&ZOs~<tI>_G^8_w6Ha1Xe8e8E5hcppUg
z9U~Mb)7WZWNwe`QMqO_@9D~FJjCEVL;H(|`<FJEpU>pQRhhUa;5Xu|_APZ+P&dH~E
zyC4=bVXVa?1c<3~IFuTfUrC~!YW)(xH)GsFTQ7d6AQGN5Bv_dajl+Jn+Bu3?Zpy&C
z1s)ISd96kNoNXo`6)wSR=+OY-G<+iqMJ?d7do%<R$)MP<2Qj7*7U>zTJ+#{gxKN^S
zEGjJCsIz51bybx^e5>MMjc^uG(Ry-<RW#^TI)IS(SYsMU7SQhp0mk|-^VzF~wJ`87
zC<3S%=E^u*@>(h7l`2>I(UM6c*6ttfoqDvk9v5J9vTd#XTHI3!mUxmJv9jYXY$8`7
z_QOOG*-vXI5=PGi^X$Oq;B>%rxlGI?FX%~;w0u}0KxTz{IZgpZZ_B7)#Ymbs@wZ)9
ziFwXdy{+;)bEXW#3DW?x^GuTCLwNK`?7l{sXNAxc`ZA3nK>>F3S@=lrF(R^b5r_Dp
z4CyyPExN^e_WtBmi{s<tj$b$X^1C_-2}%qNmJ}>TMn?2RiALLjVy)6!6(uD%Q_&@Y
z;qhxt^_p?mJJ-$A<l%L9u?2@>EE`dFuN;dk^B3}-+My&2I=onXyegBNAPmg85Ql*Z
z=+`#Jfb-RX2Qt$%ywuor81&X@nTxKy4BR^eQWg>)pj2htEO|jzFRUQv;zI`$>e8lZ
zq!leE)5ZggjLRW*2$n~}PZ6tfD|DAjfp<6Q*1Fw<jz<zq5fInsj&Dc^A^QejdkrYl
z62|QOPxy7Pj3AF9@Z6#70}4F-*(Z5$v<Ly_>i68bIz7+*#ll-tQBYXyx&{ya*}IKv
zSmSq6UaBsC%L_f~Wj_17JM%6qN7s4)LPc~Jhq+`j&8=VVl%Guw+vZgn67Y@4|F)`G
z7r+iR9DRP?qE>?Skev$0cdN<`Mko<SV8=toU(r2CW*KP4_HdJ+=<iQ<gYAm2EJ>iq
zr>Vtm9r`0p8mM2%(~}qeTkf=os}7`InFa{V_fd2YWO%hcf2s{S1)38`@zVCDt=>BO
ze%L9w@5o9aNOa0T+GjUvNnAg}BS~R!*brurX4@v*meSL!L01B&?khc+v$s#@lXSk9
zvO}{3zId4G9cn+0r~(=lH0>z)Wr5>+g#zW}zwEtE+@4BaXg&%p>Heb249&{<p_WOg
zDr?WM%$mip`z4y_2N7^s4+G^%GcxE$g(sD%Ky4c*iB%dek1#k%@2SmD<_39p>uPR+
z3@;@}xT37zF<7TYFrJV5B@2)@&3<ib!Ib=}UN=@eBq1A9PzyyMd>tL62<tMh*mP`h
zMqvf0l-RtzC;XP80+V<ME8v2Rx}7|@((Y|VrcdR-6f#Ko2P>rl4GtMzDELLM<VO80
zM>~18g+1jXAfKE<*dxS5#Zu^P$W7)&z_dX%CNP-Z5y3)(oLaTXa75-QV9N_nku=Ba
zdYhwBmzg`<A!$9z+8Ch(yhb$&{(oNPgXm!D7f)VipvSf(NxxMB4giPIq+_J1MoMCr
zMo$&TL=W`^P+H+@JmQ)NG|UG!TS#&UpR;$=EYk*;kfK=Tn=Q9%B6>A2xDQ(}y<3l#
z=uCM!55}0FAD%UN%=mnKma@;2;qf@-CC&>9RPQi4S!kg|Ku5R@rz2%s!w4cp|GPpA
zD7A2C%69gyCO?Cp$P#whG7S7?&B63W9z8CI5v1hSsFB8SsDF<~(mdef{b*SY-PG}n
zO^=Y5j7W-?!jh<~$X5bLuj_;OxImpnpDauS72cfzc|g~-i=>qge<OSy1h2lBzb9^&
zv+E&cUi0xf!o)8EnOj_M=FEf)V$V=yuGS9~Dl93&&OcO$S4zEbAqFWbE5}SuPRbB#
zWO$LLB)|zkB!{@rpij*74@}tAQfZ)+_(-@rEiShuqlkzI(wJxm%jG!;UkVrNjA|wX
z8Xrg5^&JzAy+(1~u51Dnl5aG;)~-VPbRw3S3~9fg$-=N5D_E4V_IX4>4+3^@H4YEX
z?=nfY;T~KmJ1jUA(;YBT3@T3(^(bdBzrA+8nl9fjCTau=yd|`q2+oANh9iT?iJzi^
z^Pv<3$4JomVJ-Op()!5xcSLXoC8#nc=&hOfxBDpbGv-k;yE+U?ODQEreX9?`X8KOK
zmW{N~exQc2%MbMX<d%ecM*wlCE3{-a{}WF*+2_uYjVBjc7+6$tm(Be2Tb9{)B-Gvi
ztaRaciw5Via$!p%%mF_{>pl~7X<=BicVx+UKE74Ssnx=k=an}jDkF}hDg5+3uqTrX
zP+YvPm>{h2Y4TrkbrxAckAGz2AyGu8F7yPMG}Cx%Y(067L`{Ch;tpruFy$mL;Q~_0
z)+O(c)p>4yK0tIb-k|gVy#o3nfrcsa#4^j5K=)QA<}J`6aVRfcK?zv8Mi2_<pTN#5
zp4GT-Pl8JWy$#ntNgZ+SLu@7i05J{P;(iu;-+zoI1)5R<|6v&e<`25x7`D85(--3Z
mT5``{0(F4@|GC`ZofXDqzBWF@1nBPuDZW;FRrbOh@qYpNd-(YP

literal 0
HcmV?d00001

diff --git a/docs/userguide/networking/images/bridge_network.svg b/docs/userguide/networking/images/bridge_network.svg
new file mode 100644
index 00000000..2e35695f
--- /dev/null
+++ b/docs/userguide/networking/images/bridge_network.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="398" height="255.1428540910994"><style xmlns="http://www.w3.org/1999/xhtml"></style><defs><linearGradient id="eHLTJhLUxURP" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="kiBCDNltUqyD" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="eyDhrVTkoUqx" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient></defs><g transform="translate(0,0)"><g><rect fill="#ffffff" stroke="none" x="0" y="0" width="398" height="255.1428540910994"/></g><g transform="translate(0,0) matrix(1,0,0,1,193,159.46785409109935)"><g><g transform="translate(0,0) scale(0.62,0.2946428571428572)"><g><path fill="url(#eHLTJhLUxURP)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1.6129032258064517,3.393939393939393)"><path fill="none" stroke="none" d="M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#eHLTJhLUxURP)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,200.4593795664339,154.9678540910995)"><g transform="translate(0,0)"><g transform="translate(-202.92,-159.07499694824222) translate(2.4606204335660777,4.107142857142719) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 204.9593795664339 159.4678540910995 L 204.9593795664339 188.93213980538494" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,238.54062043356592,154.96785409109907)"><g transform="translate(0,0)"><g transform="translate(-244.46,-160.6464255196708) translate(5.919379566434088,5.678571428571729) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 243.04062043356592 159.46785409109907 L 243.04062043356592 188.93213980538522" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,219.5,154.96785409109935)"><g transform="translate(0,0)"><g transform="translate(-222.14,-160.6464255196708) translate(2.6399999999999864,5.678571428571445) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 224 159.46785409109935 L 224 188.93213980538508" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,151,196)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="44.97500228881836" y="0" width="57" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="44.97500228881836" y="0" width="57" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="44.79999923706055" y="12">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="51.20000076293945" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57.60000228881836" y="12">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64" y="12">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="12">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="74.4000015258789" y="12">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="76.80000305175781" y="12">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="84" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="90.4000015258789" y="12">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="94.4000015258789" y="12">2</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,270,160.46785409109935)"><g><g transform="translate(0,0) scale(0.62,0.2946428571428572)"><g><path fill="url(#kiBCDNltUqyD)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1.6129032258064517,3.393939393939393)"><path fill="none" stroke="none" d="M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#kiBCDNltUqyD)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,277.45937956643394,155.9678540910995)"><g transform="translate(0,0)"><g transform="translate(-279.92,-160.07499694824222) translate(2.4606204335660777,4.107142857142719) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 281.95937956643394 160.4678540910995 L 281.95937956643394 189.93213980538494" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,315.5406204335659,155.96785409109907)"><g transform="translate(0,0)"><g transform="translate(-321.46,-161.6464255196708) translate(5.919379566434088,5.678571428571729) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 320.0406204335659 160.46785409109907 L 320.0406204335659 189.93213980538522" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,296.5,155.96785409109935)"><g transform="translate(0,0)"><g transform="translate(-299.14,-161.6464255196708) translate(2.6399999999999864,5.678571428571445) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 301 160.46785409109935 L 301 189.93213980538508" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,228,197)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="44.97500228881836" y="0" width="57" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="44.97500228881836" y="0" width="57" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="44.79999923706055" y="12">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="51.20000076293945" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57.60000228881836" y="12">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64" y="12">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="12">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="74.4000015258789" y="12">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="76.80000305175781" y="12">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="84" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="90.4000015258789" y="12">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="94.4000015258789" y="12">3</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,116,159.46785409109935)"><g><g transform="translate(0,0) scale(0.62,0.2946428571428572)"><g><path fill="url(#eyDhrVTkoUqx)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1.6129032258064517,3.393939393939393)"><path fill="none" stroke="none" d="M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#eyDhrVTkoUqx)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,123.45937956643391,154.9678540910995)"><g transform="translate(0,0)"><g transform="translate(-125.91999999999999,-159.07499694824222) translate(2.4606204335660777,4.107142857142719) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 127.95937956643391 159.4678540910995 L 127.95937956643391 188.93213980538494" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,161.54062043356592,154.96785409109907)"><g transform="translate(0,0)"><g transform="translate(-167.46,-160.6464255196708) translate(5.919379566434088,5.678571428571729) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 166.04062043356592 159.46785409109907 L 166.04062043356592 188.93213980538522" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,142.5,154.96785409109935)"><g transform="translate(0,0)"><g transform="translate(-145.14,-160.6464255196708) translate(2.6399999999999864,5.678571428571445) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 147 159.46785409109935 L 147 188.93213980538508" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,74,196)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="44.97500228881836" y="0" width="57" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="44.97500228881836" y="0" width="57" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="44.79999923706055" y="12">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="51.20000076293945" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57.60000228881836" y="12">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64" y="12">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="12">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="74.4000015258789" y="12">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="76.80000305175781" y="12">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="84" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="90.4000015258789" y="12">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="94.4000015258789" y="12">1</text></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,81.38636363636368,79.1428540910994)"><g><g transform="translate(0,0) scale(4.159090909090911,3.5454545454545454)"><g><g><g><path fill="#929292" stroke="rgb(0,0,0)" d="M 58.97 19.094 C 58.977 18.895 59 18.7 59 18.5 C 59 8.283 50.717 0 40.5 0 C 33.11 0 26.751 4.344 23.787 10.607 C 22.275 9.593 20.458 9 18.5 9 C 13.5 9 9.41 12.866 9.037 17.771 C 3.778 19.616 0 24.61 0 30.5 C 0 37.787 5.778 43.71 13 43.975 L 13 44 L 58 44 L 58 43.975 C 64.671 43.71 70 38.235 70 31.5 C 70 25.095 65.18 19.822 58.97 19.094 Z M 58 41.975 L 58 42 L 13 42 L 13 41.975 C 6.883 41.711 2 36.683 2 30.5 C 2 24.994 5.872 20.398 11.039 19.271 C 11.013 19.017 11 18.76 11 18.5 C 11 14.357 14.358 11 18.5 11 C 21.017 11 23.239 12.244 24.6 14.146 C 26.512 7.15 32.897 2 40.5 2 C 49.613 2 57 9.388 57 18.5 C 57 19.353 56.914 20.183 56.79 21 L 58 21 L 58 21.025 C 63.565 21.288 68 25.87 68 31.5 C 68 37.13 63.565 41.712 58 41.975 Z" stroke-opacity="0" stroke-miterlimit="10"/></g></g></g></g></g></g><g transform="matrix(1,0,0,1,159,124)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="27" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="38.66250228881836" y="0" width="70" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="38.400001525878906" y="12">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="41.60000228881836" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="48.79999923706055" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="56" y="12">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="59.20000076293945" y="12">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="66.4000015258789" y="12">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="70.4000015258789" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="76.80000305175781" y="12">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="84" y="12">_</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="90.4000015258789" y="12">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="98.4000015258789" y="12">w</text></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="13.600000381469727" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="71.3375015258789" y="13.600000381469727" width="4" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="71.3375015258789" y="13.600000381469727" width="4" height="14" fill-opacity="0"/></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,15,5.1999969482421875)"><g><g transform="translate(0,0) scale(1.0376509657550772,1.0231999999999999)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="matrix(1,0,0,1,81.616,49.859996948242184)"><g transform="translate(0,0)"><g transform="translate(-53,-57.19999694824219) translate(-28.616,7.340000000000003) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 88.116 56.359996948242184 L 132 56.359996948242184 Q 142 56.359996948242184 142 66.35999694824218 L 142 114.19999694824219" stroke-miterlimit="10" stroke-width="6"/></g></g></g></g><g transform="matrix(1,0,0,1,198,108)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g/></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="73" y="-7.200000286102295" width="1" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="73" y="-7.200000286102295" width="1" height="14" fill-opacity="0"/></g></g><g><g/></g></g><g transform="matrix(1,0,0,1,7,116)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="3.987499952316284" y="0" width="67" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="3.987499952316284" y="0" width="67" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="4" y="12">D</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="12.800000190734863" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="19.200000762939453" y="12">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="25.600000381469727" y="12">k</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="31.200000762939453" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="38.400001525878906" y="12">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="45.60000228881836" y="12">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53.60000228881836" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="60.79999923706055" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="66.4000015258789" y="12">t</text></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/userguide/networking/images/engine_on_net.gliffy b/docs/userguide/networking/images/engine_on_net.gliffy
new file mode 100644
index 00000000..2fe97eca
--- /dev/null
+++ b/docs/userguide/networking/images/engine_on_net.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#ffffff","width":277,"height":209,"nodeIndex":174,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":3,"y":3.1889969482422202},"max":{"x":277,"y":208.1999969482422}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":223.0,"y":117.3854006442422,"rotation":0.0,"id":171,"width":26.70555282692303,"height":19.0,"uid":"com.gliffy.shape.basic.basic_v1.default.svg","order":21,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Svg","Svg":{"embeddedResourceId":0,"strokeWidth":2.0,"strokeColor":"#000000","dropShadow":true,"shadowX":5.0,"shadowY":5.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":1.0,"y":93.51999694824218,"rotation":0.0,"id":152,"width":78.0,"height":77.68,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":4,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":63.68000000000001,"rotation":0.0,"id":142,"width":78.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":3,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Host</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":null},{"x":23.0,"y":0.0,"rotation":0.0,"id":134,"width":42.8749022673964,"height":60.0,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":1,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":96.0,"y":130.51999694824218,"rotation":0.0,"id":153,"width":78.0,"height":77.68,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":7,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":63.68000000000001,"rotation":0.0,"id":154,"width":78.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":9,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Host</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":null},{"x":23.0,"y":0.0,"rotation":0.0,"id":155,"width":42.8749022673964,"height":60.0,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":6,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":197.0,"y":99.35999694824216,"rotation":0.0,"id":156,"width":78.0,"height":77.68,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":12,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":63.68000000000001,"rotation":0.0,"id":157,"width":78.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":14,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Host</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":null},{"x":23.0,"y":0.0,"rotation":0.0,"id":158,"width":42.8749022673964,"height":60.0,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":11,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":114.0,"y":3.1889969482422202,"rotation":0.0,"id":160,"width":48.773475410240856,"height":39.0,"uid":"com.gliffy.shape.cisco.cisco_v1.storage.relational_database","order":15,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.storage.relational_database","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#02709F","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":163,"width":88.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\">Key-value store</span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":171.0,"y":25.199996948242188,"rotation":0.0,"id":165,"width":72.0,"height":73.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":18,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":160,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":158,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-32.613262294879576,16.989000000000033],[70.4374511336982,74.15999999999997]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":141.0,"y":37.19999694824219,"rotation":0.0,"id":168,"width":4.0,"height":91.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":19,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":160,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":155,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-2.6132622948795756,4.989000000000033],[-0.5625488663017961,93.32]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":136.0,"y":42.19999694824219,"rotation":0.0,"id":169,"width":86.0,"height":50.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":20,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":160,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":134,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.3867377051204244,-0.010999999999967258],[-90.5625488663018,51.31999999999999]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":122.0,"y":150.3854006442422,"rotation":0.0,"id":172,"width":26.70555282692303,"height":19.0,"uid":"com.gliffy.shape.basic.basic_v1.default.svg","order":22,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Svg","Svg":{"embeddedResourceId":0,"strokeWidth":2.0,"strokeColor":"#000000","dropShadow":true,"shadowX":5.0,"shadowY":5.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":27.0,"y":113.3854006442422,"rotation":0.0,"id":173,"width":26.70555282692303,"height":19.0,"uid":"com.gliffy.shape.basic.basic_v1.default.svg","order":23,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Svg","Svg":{"embeddedResourceId":0,"strokeWidth":2.0,"strokeColor":"#000000","dropShadow":true,"shadowX":5.0,"shadowY":5.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":24}],"shapeStyles":{},"lineStyles":{"global":{"stroke":"#999999","strokeWidth":2,"dashStyle":"1.0,1.0"}},"textStyles":{"global":{"bold":true}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.custom.confluence.c20f4a380e3cee362007f9e62694d34d947f28ed4263c0702b3dd72d9801532a"],"lastSerialized":1445555725710},"embeddedResources":{"index":1,"resources":[{"id":0,"mimeType":"image/svg+xml","data":"<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"no\"?>\n<svg width=\"60px\" height=\"43px\" viewBox=\"0 0 60 43\" version=\"1.1\" xmlns=\"http://www.w3.org/2000/svg\" xmlns:xlink=\"http://www.w3.org/1999/xlink\" xmlns:sketch=\"http://www.bohemiancoding.com/sketch/ns\">\n    <!-- Generator: Sketch 3.3 (11970) - http://www.bohemiancoding.com/sketch -->\n    <title>logo copy</title>\n    <desc>Created with Sketch.</desc>\n    <defs></defs>\n    <g id=\"Docker-Hub-Dashboard\" stroke=\"none\" stroke-width=\"1\" fill=\"none\" fill-rule=\"evenodd\" sketch:type=\"MSPage\">\n        <g id=\"Dashboard-Filled-Page\" sketch:type=\"MSLayerGroup\" transform=\"translate(-604.000000, -7.000000)\" fill=\"#FFFFFF\">\n            <g id=\"Menu-Bar-Copy\" sketch:type=\"MSShapeGroup\">\n                <g id=\"logo-copy\" transform=\"translate(604.000000, 7.071429)\">\n                    <path d=\"M3.75661719,15.6968944 L9.79845393,15.6968944 L9.79845393,21.5692547 L3.75661719,21.5692547 L3.75661719,15.6968944 Z\" id=\"Fill-1\"></path>\n                    <path d=\"M11.1692022,15.6968944 L17.211039,15.6968944 L17.211039,21.5692547 L11.1692022,21.5692547 L11.1692022,15.6968944 Z\" id=\"Fill-2\"></path>\n                    <path d=\"M11.1692022,8.16708075 L17.211039,8.16708075 L17.211039,14.039441 L11.1692022,14.039441 L11.1692022,8.16708075 Z\" id=\"Fill-3\"></path>\n                    <path d=\"M18.5808287,15.6968944 L24.6226654,15.6968944 L24.6226654,21.5692547 L18.5808287,21.5692547 L18.5808287,15.6968944 Z\" id=\"Fill-4\"></path>\n                    <path d=\"M18.5808287,8.16708075 L24.6226654,8.16708075 L24.6226654,14.039441 L18.5808287,14.039441 L18.5808287,8.16708075 Z\" id=\"Fill-5\"></path>\n                    <path d=\"M25.9934137,15.6968944 L32.0352505,15.6968944 L32.0352505,21.5692547 L25.9934137,21.5692547 L25.9934137,15.6968944 Z\" id=\"Fill-6\"></path>\n                    <path d=\"M25.9934137,8.16708075 L32.0352505,8.16708075 L32.0352505,14.039441 L25.9934137,14.039441 L25.9934137,8.16708075 Z\" id=\"Fill-7\"></path>\n                    <path d=\"M33.4050402,15.6968944 L39.4468769,15.6968944 L39.4468769,21.5692547 L33.4050402,21.5692547 L33.4050402,15.6968944 Z\" id=\"Fill-8\"></path>\n                    <path d=\"M25.9934137,0.636335404 L32.0352505,0.636335404 L32.0352505,6.50869565 L25.9934137,6.50869565 L25.9934137,0.636335404 Z\" id=\"Fill-9\"></path>\n                    <path d=\"M12.1939085,30.0475155 C11.2650588,30.0475155 10.5097093,30.781677 10.5097093,31.684472 C10.5097093,32.5863354 11.2650588,33.3195652 12.1939085,33.3195652 C13.1217996,33.3195652 13.877149,32.5863354 13.877149,31.684472 C13.877149,30.781677 13.1217996,30.0475155 12.1939085,30.0475155\" id=\"Fill-10\"></path>\n                    <path d=\"M58.9047928,18.7341615 C56.8764688,17.5965839 54.1761905,17.4409938 51.8756339,18.0987578 C51.5918986,15.7220497 49.9853432,13.6378882 48.0749227,12.1453416 L47.3166976,11.552795 L46.6792517,12.268323 C45.4005257,13.7068323 45.0190167,16.0975155 45.1934756,17.9347826 C45.3219233,19.2857143 45.7580705,20.6562112 46.6140693,21.7406832 C45.964162,22.1208075 45.2251082,22.4226708 44.5675325,22.6397516 C43.2274583,23.0804348 41.7733148,23.3254658 40.3584725,23.3254658 L0.613481756,23.3254658 L0.52816945,24.2161491 C0.243475572,27.1872671 0.662368584,30.1621118 1.92575758,32.8770186 L2.47022263,33.9540373 L2.53157081,34.0546584 C6.2690167,40.2232919 12.8313544,42.8217391 19.9841682,42.8217391 C33.8296846,42.8217391 45.2490724,36.810559 50.4933828,24.1136646 C53.9988559,24.2916149 57.5838899,23.284472 59.2987631,20.0310559 L59.7368275,19.2009317 L58.9047928,18.7341615 L58.9047928,18.7341615 Z M12.1939085,34.7906832 C10.431107,34.7906832 8.99709338,33.3968944 8.99709338,31.684472 C8.99709338,29.971118 10.431107,28.5773292 12.1939085,28.5773292 C13.95671,28.5773292 15.3907236,29.971118 15.3907236,31.684472 C15.3907236,33.3968944 13.95671,34.7906832 12.1939085,34.7906832 L12.1939085,34.7906832 Z\" id=\"Fill-11\"></path>\n                </g>\n            </g>\n        </g>\n    </g>\n</svg>","width":59.29392246992643,"height":42.185403696,"x":0.4429050300735753,"y":0.7077644040000006}]}}
\ No newline at end of file
diff --git a/docs/userguide/networking/images/engine_on_net.png b/docs/userguide/networking/images/engine_on_net.png
new file mode 100644
index 0000000000000000000000000000000000000000..a79aa44c8e8963fc39ca10750793c3ac26861352
GIT binary patch
literal 14032
zcmdseWmHsQ)Gi_d64Ko;beBj=&(I8=DoB@fH%Lkh-8Hm;bc09<0+P}>bV@he<NCh!
z-F4Tkb^l&|oHa9?v)|b9K6~%yM5?PQU}KPDAR!@PL%_07B&27oz~>EgRN&g1HerN>
zM2iHGmD2JwIrMw!nKXUznCYhm1|!pjqDUjxD%R81mZ8^{<-M<ztLQ6=veNdil-xV@
zk?pfFoM&^#YoHBIeypI6z@(>*2u76+=AirVl8(+t8u&X6Sf=QDqu+JI#Gjb%IO<1D
z{eEltZs{)PuES-tWjkkodTeYAi8VNomKMF41=&Oz%Ed-TmI8cZK?#L_q}!qYl;8R6
z0vr49#bt16YN~@@87=xO!81BmpMqTrKO*fvdCldh(+wo*CYsUrQ7%8ZCBuV<YzTG!
z<mIhXj=n2ZF!p=CL-_aPGB`I*2>GEs0T(ZLXYB1cIwmxrK<4@CG2+YLw*luEIQV=n
zbq%XSJwz~P^W9l5yMbtS4FltlhnAx2bv+5bQ$?rpdJHe3ZFRTKDowSslT+x&X?A*2
zKYAG+t`;;dl?eH(cqEWq82$H|63quCv)^)W!9yFhk~+S`%t~xE?#H|bV(#*Inkq{#
zN=8J4MX+QL^iGozoqNYp;%&l*bEmW}w6q}eSHg`MeL?L|I|*lUc6W1n@sgj67U^T0
zDEz3*tE1y(;K)}p;J{p^7$wxTd31D0OQSDV99LT@G7Zg8-vlSw8>qTNa|b_p==I(D
zR=t0kqyz2et0?DwhD|bun85fX3e4)wv8x=m{zQta_kR75rZggzF3AzfNXT>VmOfAO
zc;k@3c&(XLhpQ6*RKwt~eRs3Te51Cj!=JAZ48b+dN1jIGT_p@O41R6A$kI>;4zXYP
zl6Qj=Vvka-hNBkJPdV2EDya;NOpBZY+#&89z&){jGprrCY!yF7*c(@)5BOERayn>!
zT$fYfs45spd-!;8KBOZ78YMtKksZ{(x7*b5_4@jq)3S$loSP;isD2q3hV?BPjsbY6
z8%ea#M?RK&DI<t6_rRqeaqt-P>#l#jXfAb7HFqgNP$66z$`p?n|A9ft$uUrudAW90
zc;g^gxD$_be^z3~^QMa8Rv}t#s4{dL-i-kfercs3@fp<caZ+N@86tV_Kj|^+IxFse
zed~_X!#_D0@6<{-gRP=IU<F4<=ETE=@pWg=LYA&?El}=m*2gQtO`mq5_Yct_dqz3z
z#9JC^!W?)ws-&R}KCvI>E{{*9d-y})MjCotJWO<~B)HO+;du#!W<`3`nPQX#nux!1
z31aOXLKJ9czeMiP+v>MJAlNn6Kh5lDWwBIg`3q35e87X%V)hmv$byGZOzk1iENByL
zz@p0y5)W!wZSkw8n@dvC1pl2FmzNcmp17a;<V<f@Q8r0`|K#o)GETqV^E}H213Swh
zi>4w49+LVlQn%0u9y+}-ySw;)F4e&+CZSlQJm*sm?$hFx2~H{Rqegsr&s7%j9whsj
zW%6)BVriUnj7A}v?eFfIQG0UE(vevx{DAJ6%OxGi9JysLA!(Bk@gsznt_AJ$)lux!
z4o@iB4f{J{f@R)n!o+1F9i55*ezN5_$Z=Zwq#<Jm=HCl>S8$%9Hwgtfx{cC(=8Cq~
z3>&nd|5DC9h+ft<Dn3b&#mj;UnDfsibV!4sF-%oaIaE<+pw~@<?io7HU(Jop?R{*f
zdb1B0YxB3L$#HvjDx8YtHlK<M$YVU2d5Ll=8_87YSTpna{bT?!5zTd=O$=PXQ-TSN
zT(G2}Rjed3h4?T&lvFKuejvy!D!;eK)&=%gI*GMD8gP-9#NogtltmLz_Zc~GsdF`V
zD1fBD$3};wzm4E~F%BPYM-7D!a~P**T0xogo&z?ATc9i@z{+0@*fGD7?iN!<(#t>p
zWc?GPGBj)p1cTv;<d#S#^I*a6l-ok>jbsaTi|lUSQ2p|%aT+DxU^8scqY`|Tzf%Jg
z^_b=ki3?bEMv7~1s!+;VnhRG|J`8K}=Y6Kp{Ve-XaXu3l7$_0_!qtn2+S`)k&yo0+
z4!>#6SwqviNW6~1MVm!Fy=^*L(5Bc|sz=aP=<Q*v<KO<7^j85X;?&=LE+4&nSYnPS
zY~zmLIEnN?+~Mmc)}DU<@R)dg_6O_Wj&8f9LM5SPbo+~9Uxyi5Ii(I1B`6jb*o@uV
z_cp5|;cAF?ZLy`k>uwj=#uAfLX`hD4Qz8}=E){I-WK-i5P*<t{1*h;VJ8E+$ZR}Sh
zNr;dbO5YSOgQZcZ_fh-E1DW;C;bvI0x9oc@Q!EG49Qb24A(0Invy2@b*sBoYXDZ!U
z6N(#2Iv*5tBrZ1y%ci=9Ek}7iUq<DUsN;O6cxx|;p&!vzttdVmO^Vw48h?`U<<hjJ
z)0z}@Xsz<}GBErcg@({RcSUKz?vEED%WA3FGTQc3ishpf6$=lxzv=FO=nDvV=65e(
zn)|Os#G)(s%JLvT_-aX<_x@DBzVW0J8>9K~%s=lpB#QPuH()6TVerUXYb&d_Dk|9b
z_xIl%S0sGTMuh%eT@8d`l6;!h*3DPTl_;&K&|Fc%L!tZv=)Vxpz3verQKFVBZ*9$r
zicKEMZ#nvYq0zpys!HC|^G#LzsUpgY7j*3Gm`km0GI7-6tA{Ew>QS_-q`-ibAr*!f
z<<_cGDWy^!Pmg!2mNV}HIwn$1Pfw?|gMxx0qN8P`q@GFK?l8#8$*pDBRs{iP<iuBG
z<lbQy_U^X9_hIlwS@l?QroqzEQgmTqVK5l{R#q0p{dl>uzHqH4oP9l?*zNJ&OAZR+
zgiQfIBr_FR8{U6?*X56noxCKfFgT=nM+Dn59h5vDli6A6lHB^8TP-g=;dwg9d=eLM
z|NNcb1rZDeqvZQ>d+S|9rQtK*=23krZtOhBNGjsW()sl0bHAtC^&^GT@VmFbp%wDw
z;ezf>VZHQW<cdqyKrB_y^$BA73M2s2SFoUsJkIu5?p6!9)#N3iqW^H_$_AS5tIZN}
zq@I|VAcQ335px+uXjkZbxVt<ALm*B+cfj<_YB{oAUc#TTDL${Sn|}QGkycn(-&zw5
zhgxf+#_~6{ob<h<U`fz(G`5k!+W68~YVmSkUCEn4wJFM1R3dQY?&S`jCZ)IO>FLcU
z{S-t}6Gln&==I^iF-TI44VyAgHU2Dm+^&g7^dR-l|AuiLftdaYMh<v9%RP~NI+H}l
z#OyJ2>?m@dt?InBxj)N&vZMdfU^}xuRi=4;Q5~>kCx6^|$JP08X()EmOHf)~4lQ0#
z5n2j;_jsBLs73uDN8E>4XvMeA`xVuiLM&zX!CV~?gwv#*bh21Q=IUq(kCO7MK)ZgO
z1*<bcue$9>M2=4>m8;M1YN<qdKuzLCHa%FgL{%H!_q5_PKo#|q+H>`p*yA;#TrDG+
za)7<MJ-E8-(O_Em(`w-D!JK8Tw%M9zB;MfJRo7F8H`B@Op<_VwjERp59%8?`E4DiX
z&7%gic@irP_@Ty6gE{VZ-%UEaSqo?(S#O-AJK_!KAou(4o_+uup2Qu&MC7rs?1{iO
zHxR#^HB($zi*EZkh_9UWre-eDx;0@+;_2RnkeHZlWl~d3JnRJ~@q0x7mvTQa7~P@c
zLZ?Vv{PZWo2zbv@@{Y_328}Lwseqi{sPLn0J&OIC*O`T&KR(Uf>XiTvq*TDH>+VSO
z{>Y=Nrw2#!tAL;gVtX{Z;!!2|el-MV6@e(MmxmDz{N_!lFI`H2TYrXq1=nXW^A>g;
zj4ROemE`)DN5st=DJ#b$mnsQ*0Lv?nF6tvW=p%Wj#Vsh9DS5w!6UCx;ZF>5GQ9~u2
zPtKa-xA;{S1`ch0JRw*b)W~brAIL=5K-FkgR#~ZSUwWvn#85MKCE&aPE_!*=7R}X)
zZf<U_*JzjSoKcrk#N_sivx()2P_STU$4czsd@>6D_;}UD?p)|D1A{+Bxy*G1bYW<`
z&)2^>8K7Z5i?c7&ce3++^-`DrN~hZ7OTg3Jisy01)l?cAJ9{!gPOsR<pSWS&71f>P
z=us}9d<{fF<DjKlj+nl+C7?cg5+zOQWAuMvBd9z`0)nx-ySrz;wKApZezaI-0`43u
zl>Y+lHPyGu;C$C<lz=_b#oc)=ZH@n1@~QpQGNHYhUC4R@RP<tVYm1El_VFTf<z7Dh
z9q9SU$BA1ejq#6lpt9Vj`|Tk@PF7Y8a)Ou126%$Pj|;WE{rzlD+8;l{Z_~PSrxqpd
z4*2EXPxV?1r#-``$^PrIHLStJ_%h1O4l>HF^Hm)rr|AF~cDahXdn5g~6gi5vXFEmZ
znE?2m?h7v1m8NgKJ8GK-gXwMmeAVccEm(7)c(<;^-J#|8J2k18PO^kphBHdl-G-b&
zK1Q8aWhzF`ijNl*80#ew@>|6JzL}m6ALlNgJ90xN5tczY@>U5}VC@bll7%42fPBH}
z>I8@`1pTp83-#;}{6ZZCngnx@$Q`^oW*&!OW;eW`Fvnmj1V<v`3DA{ZlLJ+w!&14g
zT?Q(|biEw{6*vUff+S(9p)U!hR<O8=%D}l4Pb&C{rV_x$x9SzAwE0kCcr1cn#~f@a
zDdpn+T6w$_BI0`+E-YEN@|l}$q+x1GYx8b=J@xtt@cZ&(2*;v1!(98r<w6uz{}+l9
z%1sbb24t}XVJSfObeh`5lBnpCHHoJNrK5vk6|3b|MSS+tJo^xE{zc<CV*4v%e}5sA
zZ9r}kmYXOGjz5p%G^hvPz>m6~{N*GBbRmrbhoy|CULf&Ha|o1NV(RT&N(O0zYHY}(
z2<w*2KNm1p<hS}B_)LZTWq6(0z^kGn-|MyTA$Z}S9J3H6<jX5}8?ZphPB@*@m}Bpu
z?`;6s2qf}L+9i@4Z-4Abjv(fh8*zrU@9v84nabwZ;>P~%vEQ;k3cTbC^5ddGGJLJq
z>(R-DIiq&O8Sh<9n_~70xc7l`qmUkSs85M0L%0*bknVhcZmv;RAQ{!kHJa^`H)soi
z9)uV$spuaO*S4QeC`Ex7lk%fU>O!cwL7TMi50^OKnRJFu#nk^;61h!oHj^I^frP@P
zN94~i-2`5VG|qj7kD26~Wo(f@e4P5p)pdVrp}iZ!jOR9mMxl<mp_;7|_uzbwh0I7+
zLz7Vgs!l;!Se`A_<|R!|_zNBWhXFGOQ{X>R6AiCi-@Ewa8elchD^Nn{o+Z$hHN?}F
z-ORSde<K|q#YVbKX*N{Aj&j+|+CZx7!1Jhn1OO%2#5cXgP(Cq+9L-PtTyoqO(fv+=
zC?nZ5a8hyuoqnSkqBu2MN@U#@>e@f)*x#afVgwkEk<sPUM?hL-FgH6Q1Plc+AI%FF
zswb}Bh}l40p`xv00vl(g9pec(X=$a>wBYyN7Da^vOb?<o02JIdbJ&SIr*N9tUu<z1
z(pR1^RVGvsv%E3g;Wp^<@1SSx7Zz^)6pN+D2yx26O3qV@DQ2R&G<_5{K(3nZichi~
zlu5u<p}EZ_O&@vU_aLC^T{QJbYMI8va`oizjM}1ZAh#qQar#XqcUwWqAXf?N9Xtz4
zS$j1~nJV_n3&2{!IJOlzy{WJa81Xw<m0*9C+w8A%HFbM*sO(P4AQc-P5QZhmZSU#X
z8IeX}v-J_5boLsVm;*!K;y;`i=zD`dvHhdV3!KuOd@j!GKSZQ@rCDcoKs=&^YV2;F
z-xbvs*c+{JF7V8nctUrY2xUH5&vU3Q4Bo0fF{NIbJ?8r16XOVJG0%tmt?yK#x;&Oy
zhlzV&kO3IwBtK=)$`dt#@AWX5>I0V%7xkSLT^Sdy_&b5lYb*=+mTZCP5CJ}Z2xHri
z<Bf8Ove<q(SjpT#$XrHOR6f2z@r%Kh<rmQl&*BJS&Pb)++{9g$AKzqmi@h2CgnVSd
z+ZS2qeh{PFR^bQr_QV&BO_1%A85Veos7QG;_S2}SYM%~(;h^-fq{6M<F0b~`(N8u=
z=b|THv)M^>Pa$rhiNx>Zm?a@m25fcGR*!5ijX!N_|9PAR!Z?SJ!wP>kx|v_vKqRQ|
zyiMRxper#Xd~El~c#yeBhzy@7drw(hIe-X<jsFhW1KGH{t3=5Erc)3|x?dR(8NlDf
zRq?zdcwiW2`%V(pby~IM;jECGltTs%Ad(R#ZIyzVZb*cf-UM*^l!o+jFU{itmLwWn
z<|cO-Nrsu`A6ll7h91jA)xg?Gd2|`A`eSo;_bPvPg9|Z(Y(_TUE$geCrEnH!{b{GV
zAZyW_>y=)y!(>r>5|vyZ1Bbxcwa^*c$#;&(D1BBcH}Pbu@D&H$ES$tY<3fGyP^?nd
zrXRv%Xkg7x=R4zj5jcfAUeqw5HL#O0;0q$G6o*mH87_;De;g#&$b^ojPCiwMrn}pB
zOG)C?Svzx0NiSX$6*GY)i3X~TiGJ7r9A^K0tk>JJJV^56*+>{%<XQQahw1uj5ld?f
zUh<4sXNyEv59f)z{FYu{HGw$NwZo_n`0~AAY11_1xEXc!kFQ@IwL6CdiUz~1yU{aZ
ztJy*3&-;xw1ZX@{V!WDn_w!aFQyJ9vKV79ZGlGux5+?{aJq#KuwpeAB_mou<#`i%V
ze_=A7-@=Zm0OXh?W!JzybW`z*eZX2`Y^FQF&}7g0n_+5|18T080+NgWaOP;9IxwP3
z2uaoi$Hp@Y-e+y@UKkMlpsq$G*)9T)mNdi2uG)5#pxkr~pW4tq4!|yD?RO2~T~SxG
zrw1U-o_Khv_%GEwBJSwt<>-*zz@a`vEiE_~7BExc7|#z#kf`~@Ipwy-Rh~?>a)yM&
z7%;TmE&N0)iPyvK2GQ#&RCi5A^_}t6J``L|Wwo1__dD31xnE?Q^1Tf%mw{SzHE)Gl
zd0|r&p9P(ii)CU^{#5x+wJ8g#pcU_Ps(z&r5n`ClbIV&6Poy-9SKP>X)xkH}VD-g^
zlX_EkV3DUAI7H@ZD-4K=QfsHW&{Vm!X|!FNeM9gbTBN$+YPXifceu^(imn!-k@oeR
zs&$`WHO1pTxP{zEWIm?ywlXY3#I1ay5n==*mdBA==pun3Yf(G(5AryC9?)$rlsSvV
z{GCohJ<BCO(0C34tlA|TZ+|#z=$fr~_QPw;oR=FfpATZ~rMd0YfQk;c{-(w&fINM}
z6eLOaKOSPY#^OcpUz8s@OdKHOgRHRC{UI<R#~M0~al#E8av4q1AGD8bca>&wjI0?v
zASMy1UEJ-Jc|Uh!x3!>$UYnJiYiT}*2#xK<HTapHB7+7V$!&$_k3e{zV4v~ZEi8h9
z+TUy^EU<O@0)nh^k$@A=(O83S!5O2%dRA6@hPU>KC^^~Lm0X|m(iw_`k<XQQdyvm6
zCyn2}W169eRF0i<b!hO!f;i!65ad-yGT)GuDy$$wqS^%TOJ^RXCthuxA_+Dq_eVjj
zW06!$*IhP#;>kgkU-VQAHk0)nRIFFm`t_w{!0R*RuA}>@MEXSmNfdd<kSI6w2(=-R
zEDqc8>~Ho9uZc(%1Bke_89z8t4dE2<im9kTjaXt{l?;u9N!Nu5hkhIwou$XiP2z3W
z%an{6X6}!Faa*xtvTCrw_1@XJ_T-g#bJ#98su!@>5qyyzFVtuags!n$^1y)TT<d5b
zvpKu-m&5vsrbfq=s{4G+Vr326#Aaw6KAO+Kbw(7tnN&6FO@1vtPfQ@&>q*CW_)ZAS
zlmdA@u@+nCmkx;0<^*eP^=JjiNT%ahmtL(S_=O=FmBl@<E=A=^Da$uaL3dZjananJ
z&1V%#-s;^|zJnmuA&Kaqc?m=X>D%GIBqDQUxI<JHky5r_Y8Gsv^%v>iVwwVZk^;MK
z&tLqE&Gs{48R_~FDEFE6Z<zD8@8P9P-(^m-e7b(fiS~KiDJe0xU{T|50vyvv!GS-A
zV8ynAta3g<=EvNtIj4b8e`Ymsw&~se2ScSV*Il=J?B?Zv**sY<rQY_WNY<Yh@=YQO
z>ev_xJP-SZ)WpDwk=){cc`#Ra1VwP;h3t3|O40Wno~_p($YE}-suHQ-ZwaTGN}@FT
zD86GeE4vOKsJmtuPMTV;cIJh#RhG-mwTNV~RXKRP5D=Iu6gYkp<x+=BHbbJ(aZ5M5
zf(GH0VquYt3ywPbtP|H&ErfcBA!ijBm+zjVlP)2-Ox*J^0AK3x&8{sOGpVLr08s$$
zPTM+HUdj3qUxt>GIcJK0(w9oKXjk39TwQT`ztJ^iWAx9LuX^q)694wcQXag47A*X!
zl~zuZq|RC-NfvZV6XE!yZm3rN)x6@P38TEG675$6yxO{Q7*&xyNT1{%ZXQ+k-ji2P
zO`N)E_4dv6(ZSQwkxHi9eV4L`eb#@~U8@%N;W*M+#@?*w`QQCP$o2gv-u906zYDwg
z?`Nn3*Aw~b>koAFd$OhSfU{V1Zqa(Ps5l3|Ww{8X?O*jOmzt$lDKob4QW~)t^Cu-T
zq`>JgLXTs?l~Uo9z0$sT?;-|WoqQ@KMDBX04Oy9nnjJL#Ecl<)_5*`-y4O?Xr27g1
zL>|w)rhsIH*TDx;p%K^`1IJ(=MI=`;*Ep?^6`J+CF?he%au$+PZz(#wtDfHjO2~qx
zo!94Y@g$bt<^2o2(QkdBx1_?Ys1MqUABr@yGvybTio2pZ+4yPRyNf`kr~a^;dVMe>
zzTDO#P1*m=wI9~W+db6FUSXr0;%FZkhowbMIB2aY|3Q<Vt}GUhFgK}zefZ=8tOa7~
z*V5=&*PuY<$`sZp)C3}c$L_#T%{js@Nqd?+Wha{e9~XbM0=@i5Iwb$HqYyb6wZZ9K
z5FamRbbOKog!iq^Ivk6$MOBwe#E1G$RcG~+3B^&&XYagPBolMyG2Hp*5!bwUbTc9k
z4Wj%?PUXF6MR-(uaTVdR4D>&nCJ{}#XsQgXN6Q@@`vN-0V&<L){t_n5j;65rFvHFZ
z_}ZmkD;g`d&BL;<@1@`Vk_<3?I-=a9HO84T)cV(|<MY?Fm}DjMO|RR>19@`EwPx-L
zit`h+sz_(4giPiMeo2VOhLrp!Cm#sRq4WHk(fKCLhqx|aUBuEjTN>(RE_jXT=kQI|
zwm}!rIU+s?zhh#eZ_C55?Hm?dl;9NsTdN-zZ#Pja(}Id{*i|I@k9d&hhaYkLK$M0d
zfBJ<6hNc{Zgi>M%s}N4l3kapMIYcbstf>8A<yRXQzt!kPhF6MS!zdM@i#2AR-G=XS
z<h$p{W%6qH5NTU62VoDwo3rkvv!CuvmXMwN3~=tR_S;`AU_y3fe%T*WiMp4XDJ<&4
zOao9zBkpsTO6+fWJFP!bqV|Td>4H!6&8m{5I;4|}q}a_p+{=F1gM^ddY_?pqUBhpL
zHSQ&rO(L+b6y)5fMs?nOvzC)Zx%<%5bkoXI0O+k<>}QAngSQ)pMSl$0EjIi!9g1q|
z^ePU`M^+e*!4c^UMFQPpRGt+ZIco@_N2`5RQbIJSIxe}axav~kO%nXiv3SU~<Qp55
zy5iOZI)BgmRzk7%tw5E-xt$;g1ml|9m44h<h2^!{Y!J3rXUt7J>D!-T#z4yTeJ%s@
z`chW-@zm+{4lysZy*==TAW<uZ4$^P6W{qv5&K=-QxjR7dQV~3a6eSHs{q8KSeFB-I
z*?^TBd{z2AP_Yo>h#H1^Yx>wL+u+l*hl$A4=)wPyjCwJnW{~^mQv;3tINV6Rqv2_P
z?1s9JdD;t$(<g5wBLB^wEN%On4Qjk+QF)h?+ykO38)Ve8eSZHQ-Hxk0IUM{mFenCt
zGhxO2NXoC#kqe)k>-ca?_Hjc;Al(PEM9@NnrEJOrz4qa>lKIoQa&nr_=Tyf#>|SPb
z8lGwW=}E~fZE>@MuWSlq+^_ZUrW96)UT3HA@YUi);x#|*$;zp(G!Q5sCV&LDnVnXH
zmb24u^)dQ!BA}Khoj*CO>B~qQI?)$!h!7vqSd9dvMmoeygmJ^*F&xGZt?P*s1K{fZ
zmNSxXPgDB7&Bs`KdtY8K)H(Lw8S{fs7haJd;=4&%<Ua9slP*a@@unVMtycqUacHh*
zw%I5D`?%~YE?iE_hcO9*Q)ef{cyx~T<Tuhg8lGRzx;;!2SH&lBO?_qq4sKi{d!4E`
zy5R@Xh<O6hvx^hy+)~<&)S1AxtwzFIuay-SR7byQr}q5#q*txd&_)i)fhN3Mt!>_v
zC5Htb*C>RM0P8|1Lb0+J*m-N9K>iuH^WaFo!5P>mB4sKad{`~EOi4T;)iwz^xfUvN
z2OobW^U&{U`g|W;CY)HE?FZ8z$lsh5Vzmbk{rM|%qbLAyKt0jlxlLzg(jmJ-ct+x-
zr~@`*aWgVxVC}@w3?DFXBQMl#LUQ9-nNYZ!X$e_-5g3%`9X5I@_awaY=Qv~%9L1C?
zNQbf{^FTzG0C#BlnhNW#31;Kr$E4cx4zp&XHt_pi8CD=PP<5R%!*N1Pa9a#i9*e6m
zQ%$j+DZ$oX&~j>`HcV5v9OtrDTgyY$Mil$PSBUhI9qt}05~uP%cs!1~V?f9V%*_tp
z87I%mLeF%M9EFMt3p+RUVmN;`Ey=g_g$nh@P>KFAgU-z3NWEoXJsBsLX;6Yh85Ur5
z+Ex5L%anh;)wj0$sc^7uwj@5Orf*EcersOB?^a+Zb6rr$`DKNZ9bgV-{lvzKP`|>E
zn)RbKn~kSOHWG%!wxHaEB#A*5LY1M{=_2stYq$uGttEJ9LV<#4FMOsk=RB=hs)>np
z`Ie8Kx7|3r-3po=P*YF+Pe~l2O3;ir_w8|fy0X#e!Wy&=&KdX)Eu69OFcACI-|nP*
zUbYWZ3?mDQg{?dDkL9DVi*$SZ<oKix(8~z5@-saHk<p%D-%1f9G3!rQs>HdrjS2O~
z9}(T_W?{E;LdTs2IFBuT9lvWuj1x12BuF?v3?Ly9NB`pjJVT(#vqpB+JP<liQB*&6
z>|2%bUDf{poz_iw(^j_^>vuTT{?hV(N$k*fDtk4zC!%~ed8AVT2A7|4r~C;4RvA~s
z2vMP&q7vrhf~>~U;7k}2TZmoXtMk@kjtbsbIZ{kgxG8Vj$$78AcivwxaJBgy{;cLy
zi2_|j*K}w{mn@41Gg}nz+`>8bc{^;BV5Vrwq{QT_Aq+R#Y%kaynTTO~_t8Zcv=U{b
zW@VQ85pj+7F>SJm<cauY@^#*pTn=PQq?mmhXH#&l`%l`_RR?^-%KJf!usw?l&+Jxt
zsAhQIYJlarqhOs^^^s;!uJnKGyQlEZ<HKFIZ6_Mgt^rE7cWy^?;=&p5;k`mPHpmh$
z*Rw!3RyLqh#Pi`Tp~UT4%38{Pv!yI;f02AJ8Ae0x!zW&or~84Qu5_$-9S^QqB_$;l
zJSeCxOw7y+)h;-@kT`g+!aj1wRHIxWRV^irFTadAtDQd3UqTa#>mei|VOL?}<HKKS
zeb|w#U(p<1()2mPIT?57@F=l?#?rE81mJufvT{k0hF<#Y?k27$klJWrZD66Je|xu0
zJ&|~AWlvDA2~k}5GWl5%J7T7opMqKDWehRX6TQ^<)07S#j4#US?t;uZCpo!jxTDkW
zu0So9ruw4sKZXJ^N*It#z_(&zdV&G>i6DLb-H?x1dGDV(VxBUSZ9KyoNob1PKp=C{
z33rMyr<{a@po0TDENU^*va<e7^RDq`OEpf2qHq15!SS*T!t6!c?Gidr9xridNgWyA
z_g~nW-l2Lz>ohjIc!U)%A!NbzJwxk>dtxb^kRiMyoY)CF34;<C;WH4~_`zhvQ0b2K
zy7--caa70zyEN1ro$M}Wo-jltT}km2Le>-8kSztZI3E|uhO=<wG@1DlAVgvax5m8e
z7a$dm-bAok>ZOTtgQV<=p0Z1a4Qs2n#`f4;Q#s+)0Z6|0<mLnDyYMtx!lYbXw4N`7
z@_IN2MCHMs#PjPxKnyTob_1N9#<6vWddg1LXfZLo_r0ABC~c>z1LjqX-&Qv?B{&wQ
z(}^O6OuLoih8frp#co@3&VV4%KFv6~(PduyLM1$#?~?5IYrHq~rUH|V-FEMLuS1Ty
z0ZeN_Vjkp%FXLM;S%nUS+{vOwHysFtyj~tR_+zKUas<YSCT5Ox$aZY(K#%RK)#EPG
z;L|;kicz+cKK=7t83#X|L4EG8t)+Zd;n8fEF~$w9`p!bb6e|i#PGEu_@ETQ2`+6o*
zTT?2DzvvP_vWy`t>DsE&P*9bQbx_tSn<q;@I$Sfo^Rh@~K*J}0d90B6RaAcigK3T3
zq*KM|sG++mLGFKn=jM4T$IpR0dM%Z>C@154AuOQHpr*btJAd<ih~1)xd_Y)zsnb#f
zHEHsq3Z9mObwmE8(^9F_MPCV8R7Ms0l`D)saJ}%*lk6qL3-^CS#Pp;(k8|c7V?s=N
z>7M4=ZlC7|6j0f)_Ye;+W|K5#r*y#Oco-S}d&KD<c&Qv%#ua`Urlxg<rAx*TdMttQ
zVW+sT^&{ik8fT7&Hx%aD4f1~)%YC*(QQSlVQM9jQiZN_O*RUm~@~)j5+UexL<$_TH
z&t#ta;gYXL*9m@+L^UxnQIRmPb#l~K1D9iOh$M1NpXSskSb`AQG<>dmFL!G8Z_P$h
zTh`w+Ap!Wiz0Lk&RMY!!!)*=)`IU+?wC&TcrW}FAoVM1fyg$by1C}c!4K~M-AUS0P
zMxkQ%+G3tIG;U5W0E9Ip2)u6KwT3r@9Rl7iLd#lS!+_85>F>F|u@TxpxamUvy2VwD
zlgIHV|72}CbX@@J@E^B%Fi9K7V`=3<{tkT6w`rQP+Wjvitcce&4kM+43zT|Ho-L>(
z?*nDRtF?(vyf;}hm+6{HS=@U><v*8B6*7-ybh?EJv!~;fC{oG8`u1a+FX9?Chs7VA
zNk0T&^qr<6hN4?3yd~@3*?Bx{@(9eiv$+h!uDx*d^CEv?`Q?Udmhrzp@t#7D)mrk$
znUV{2;XToROJ!_Z>eors1P{%|liLDz#(B7;-_hXKnR4jq%d(PZrfqwSI1HQp6riOw
zvu4-uSUGP0MTmYDhoW<2Mi39E)}>q?<o1?jwu#R@0K5|DK#K|S&sY=eo1kw4zh(C&
zdKGLbs#NL9XeAw$DVCpKVBeO7kOkeFcvE|B#%-~*pG>?F6lFNv-=p~IPWb4m#XX#x
zW<?RqH4os_3ls*Bd8TrfG}M*wRRrdXW6Vi*YY5(Kw)VVohu=*j9h>+k|CUZi^ZCDe
z?SH#9DyYKFJKA0Mae2nZl;wcu;jI7peAOPy0UmXrr6tZ=MK!aQuXZ8xEtT~ora#_V
zh<|Bd6UiDq!uI)1%g|H+i8g*ynLFgF4lScG?7RHc)OsbC6q^Lw?C{YwnxbNkI_JLH
z5Y#<B9&v1F8~BEAQ8~umo_bpIw7qPpFP;MT{2YTaz4E?RyhCn{ZN;z?S8S|}zfRV}
zN*OV%HJqY4|6gd-ht-I~JKM*r9pln<JDSB!YESls3e)1DYHY(}ctXBtivN!wr~J?I
z`C*UE`wmSCFv5V7+;nlI!J6*Rp@*u;ef6Kjts`GLWGair0>d8cQjDmm8({$0u>&{O
zjuB)|(Ml}`eW@X(=WE7x+n1&rGLaG#pJdM+%3x^C*CNJ<Kl!<D)wS$V9#_b98Ni?6
zXY85xp*U*0whg)Qhh875@Cfcx5d@#^W|w0_f2gkj(dX!h_bFa**L-()3oj;R0BQ9F
z&s&Y^_(0;$3qSUJkUP!~O(A%>=6#Mj&=gS{0+s-z1=pvgow@M?2A;nCr+(MZA3_zP
z63oJK|E7$e=rs;{OVW9)<z^)BLEDyq5kxT3{U+ysWMe8R(ABw-v)cVG5XNv(DnFUR
ze*WF|t9X%KC+`0d;10y;&Uj1>I2K>@lyj?+-A<=OoW&Nc4@bD<5coP<VC>Yn6|ED(
zYR!LKMtN^lk9<|~3C>7jCIT=DdISJwhXvK7=^;zb`rI#O{sYU#S?mxMfAq4tct%&|
z9_Va-n1Xhf+q~Q$z=ACw4kIMU>Nr#BT%LD0^RY4MqFkW}xVcXIm$3c$h0w+#eEwRz
z(zPFQS5bkV3ATA0dbl3_jN*0Fx^(!{ZM_^M2=^e(X_n~wd#DoIJ5=ik2=oIBy7ix0
z+J>B6BH#PA+dKUBPh;WWoAu_O)Xx(|2z!I%R2sw^a&lJ$YME2~yp3+~)RIY+2<)tF
z0`gs=W72$#ZI7^(&^2Fq-TpLc0J2IWw}~7cE^(MC=q#!&oSo(IL7PjS$>X^s1FIiQ
zgC!&BIdNps%h9?b8odNF|38f48ctPJ>4<xenTr9R-5VX_;FF#64flu8p1V-QE(NqZ
zhN#L2(6GKpHfd%dBnt1Y{cWCjczc>pWtb%d>Kb8)V2;7K=!rTMu5@pE{@|-_T;W*M
z3s8$@?5|(4w)F{Nz4eUWHzWsO8!fV~L%9NUaaUO>#>xew`<X-<pMX5$SJ5Qh$QaE^
zZhJjf`v7gr!Q0{2k&57QKR|O!v$hPo`)1}*i=-B-uTY8>Ut?qIY^c?|(6*i|La&#D
zp7k@ozyIEUKkH~G8D==pUlDLDVo*LTUU@Lg(f75U`X_s}wa#(o0pI;aV*eMc!>GS?
z({5>(B}<iCY@p2yP@l};)H?m*+mH!dLf9UZ&1tb`fuZc(JuYOpqCGb)y<k7F_Ujc;
zI512g6n#&9F@{7#IarOn|JTBluIx|kCex4N=aMGd=CZeR&m{5!qMWQ6i5t~oU!n?{
zd$6f8moX^BzF%(lnyod*Z13pE{N}wHgvR6f_x+;FZ}Hb_01qhK@9y%$>Bive1|h@3
zOR$ZyB7&2#!eeVaW&BHx`U)kxX2w()O;!1PvhnA1Yw_>2dcVBeRgEX%o|21CqdO}Y
zjsIZrD`Q|b>`^oG3pP!jHKN?Jizb3s$oGB$zT1oDBOWgyBRS#}K9>hT<^`&%uNN53
zm0V#u(D|wt6da7qVbnZUd}(1j1%n@vrXszS<Y#lr({%q4$l_byb;xp&gBL`aN?yiQ
zKZQ}PvQEZ}PYBel=5(}XMoN^xdq-`@{aYiM+LVbp*K=d}GBxkJk+pPn5jWep1Bq%9
zk>9@Yd^Kvp2N+c-OP0S<I5pk$O#E-mi@X391|4J3xT}7rZ_C7#SVujm%syIP6a|L1
zGOVtzX-G`R8vgw-AsYaVeEj^p7Q>_*Chg6UaIlV23P(3XoLDeGLBJ7scx^Wu=(hid
zj+q$^s9kr5)A&bx|NeG3TU0kaYAQoMj{1vnoBM~^Zy(D2G&JytISoRaoBOkNa*VR1
zpaM_SddcHV!_v^4_S*x|D=s=#8}TW38yg$-ckklj<8j+hhu9UBT7kxYvb<byL0r`4
z#mqb1`KgYp<%;^!=?Y!5sZtGqAM{pP8Ozttuf}48d;?%+6eOOSNw8vL+6$@PNea@M
zWRBWpVKMR;cxD8m6s3C<K*;3O_Y9*0Cm~U>XR*T_ZAYz`J>fV5M@wyZ)YMg5HSUK7
z?Lbd{w%$5%;(Lz&t@XuCmaxk=*Ij7uzyM-IXayyETN?VMz_AQ6LPi$;LYKMhnDq7E
zy~ad69@dwO9d}*&Wq+zti@gu~6s(D46Zx>p1gy}4fc1%tPEJm)A<hswrCV=GnB>mv
z0jdvJ#opHo3_X{uG-yz~DJm6rVm=-fJ?^z{S}Kl+1ZhK|!FR`9??RVQA>)G`?*8P>
z$(8k!ztzg)gGBo;<fFR9j=fR(9>d^Y4L{c|RK{thCTRJz`J6*kvPHCof8=^?kpc7~
z(+N04(T9zjTlbaQZN3$~YOVwoKr*qVXB9!@`Wy+%ndX?xV@T2dM@qpWFL09MC#l&d
zwM#_DDjrJS#S9sA@EFi@dkNX?gN(DPA{Pt}{4nkupb4N%PEO7fzP?;=toRMFn5rr$
zC`ht!A7o5r;rv>ZVzK1Rt6O;)+xK^v7?J6DISRh{+lJiUcnHT>tS?4~=!ZZV0MSj+
z2}y1RwqNB&23J<z9q#F;l$WzztgNnXl?8GeSt$=&Sj&@p<)rT!nB-2C$o-I9E)?<t
zWAzuy2S*;wv!`3K)reML?GF4>*K=BC^Gs991ds_^Gi}?_?Hgg^#0eVM)HgKb6y_u5
zS9`Hp?#|M@Ewq!OcekD)))^j@tQ!AQ8j)n^gts}i{6X)W=BhJdf_j!>H{>6TbNC7&
z!)u(fj}5G_2(n{kR#Wtz`9nU<fAz7+u$DG0WdWc!$kb;bjNIE6Qd84>j%re{<DlRn
zo{z>8Zyi0<+}q?5_h4bWG2sBY`uXOlWKYH$R<)HwVwLi<{b5EQT$nSY#??kWr*(l7
zG+kznX#K+JaU~CuUtQg;YYo|4vR!yZ)HGD$_oi#895<95Remk~ihpxi+!$UIj0bdv
zWAZlT-8d2O{^HlgSdGO%*;%7*p|HBWv`ug%WAB@IbT5!ls<3$k0!>&*YWT7o7M03E
z4&(_Ck;uivtf~YaihM76rXdX-l{L)S1Op-|BOORCD-*QhbA^hrkAu9~VYWU#UTYoa
zVxcc?$_?$wocs|*UtXeoso(BP{gdG%Ni~gm#?0hS2R*gYRRBnG(~KVx*Bn&a&)21E
zjz8`bc5$|;Dn)%i`Z{3|dzR`*Q84j*J9VFiBj>dkF}LrhDVqT=po?PC>W04FN+x<>
z#{ilbRsqQ6&YIo3*bCD#xZa^?t8;VD<0trK9obGh!WjU9?!=4LAyA(HFR1hpHSsWA
zON)<_3YffdtE^En+}jPam%k2;R=CkCgDNpfs@NP2_}>9i0lWKJ6o`n1ETY7bFxa{8
zVtvRA|KAG^uBLWX^8X#zMW9Z<tnvP+32=&|mYh9~=kaP-zR}k)WzPY%c6&FD&oe&!
zT`eYb&p3Ve?{wOHB9}t`PGOhru%i^A<@>In0)zu5W8#zn(=-5gL5=hm4)n186L|GO
zHdC|^WfZ8itRg?bLQq{?tAE5ocyu=r{isV+1@HbuP977Z9PT$FfPG+?;Bw+lbIko6
zC;%@ADE_apP!T$EwiG~J;@@fcWOy5Iv$tnYp5H{Wx{a`R@sXJN^$Rnh`%h;2YiuoY
zFBD*E)N~f<aN5<*e@v6=gO3}*feHZIY!lBk1%iQm^pEayH>4`hh3@%3-;5Qvn6aOT
z<$*!V&5Z+aPJ1>66YZ_J>`{VV0SY_Kdr{zlw|ReaW-o2l7e%zX^a+!MtG=v503Su<
z-zr1?ph5m0jxkvondbmcws`Mb`~B&!=ItDx_~hiUq$I+Nxzo*GypGFaIMQ0hdsu*O
zvw~`)#TfYc3C#Lqy4U-nGr>_G8vx>^7(l07O<u+k`-}9yJ-tW_8|^d<CU?dQYiwt@
zuqa+DH*mAD{V0%&#wD3aBQXB&bZ3fl8Cby|8T*prV$_R^3-p&Sy8$|BK|OrIvCG(6
z3sefUW-G`#9&h&*Gh45geUgbAyf18G$OSQoh=?L0BZI1|x&M6C4_RC^l5>TkJoEWy
z$&Rwd&646S$5m}dKmM-u)c9OEgocM#q<=MTBL*0W^snvb;R4?Px~74jgykqDhjA<6
z$;pW)z_d<2GXf8Vg&p_H5Wt+x*2t(@x8A6!sfEYIscE{{=vZ4@D<&4)G&&*V;l;(T
z69^yFDs(EL{;W1?i-T=vqoPg=_D!s&^pNDFq}9i}V<8bx88`Y4Kz}d7Oz>jcIXoI?
z7IfRwGRK!V8|G)>;OK=z5|b{qOiZdM_s(U;WwRvwM2b~1|HwjJ`z5ayU7~t{*Fr93
z0Y&FnwR*n$)BArtI^K>Pz?8T&4D^&ZNBZaz)>@tc_US+iuOg)vWDW=jXsEE%FE1~j
z3J3|w+-B?gl+WAot%z)n2$5o$fdlx**`SsM2t5r0_^27F$;5!3_W$*-K~FdkvDqB9
Uw<+&|H`S0Ja;mab((i-+8=gxczW@LL

literal 0
HcmV?d00001

diff --git a/docs/userguide/networking/images/engine_on_net.svg b/docs/userguide/networking/images/engine_on_net.svg
new file mode 100644
index 00000000..a7463709
--- /dev/null
+++ b/docs/userguide/networking/images/engine_on_net.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="297" height="228.1999969482422"><style xmlns="http://www.w3.org/1999/xhtml"></style><defs/><g transform="translate(0,0)"><g><rect fill="#ffffff" stroke="none" x="0" y="0" width="297" height="228.1999969482422"/></g><g transform="translate(0,0) matrix(1,0,0,1,24,93.51999694824218)"><g><g transform="translate(0,0) scale(0.6084739830463705,0.6)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="matrix(1,0,0,1,3,157)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24.80000114440918" y="12">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33.60000228881836" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46.400001525878906" y="12">t</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,119,130.51999694824218)"><g><g transform="translate(0,0) scale(0.6084739830463705,0.6)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="matrix(1,0,0,1,98,194)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24.80000114440918" y="12">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33.60000228881836" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46.400001525878906" y="12">t</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,220,99.35999694824216)"><g><g transform="translate(0,0) scale(0.6084739830463705,0.6)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="matrix(1,0,0,1,199,163)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24.80000114440918" y="12">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33.60000228881836" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46.400001525878906" y="12">t</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,114,3.1889969482422202)"><g><g transform="translate(0,0) scale(0.4877347541024086,0.4893104486600422) translate(1.204592e-14,0)"><g><g><path fill="#02709F" stroke="#FFFFFF" d="M 99.554 18.074 C 99.554 28.302 77.168 36.592 49.552 36.592 C 21.939 36.592 -0.443 28.302 -0.443 18.074 L -0.443 60.746 C -0.443 70.972 21.943 79.262 49.559 79.262 C 77.171 79.262 99.557 70.969 99.557 60.746 L 99.557 18.074 L 99.554 18.074 Z" stroke-miterlimit="10" stroke-width="1.2853"/></g><g><path fill="#02709F" stroke="#FFFFFF" d="M 49.559 -0.442 C 77.171 -0.442 99.557 7.848 99.557 18.075 C 99.557 28.303 77.171 36.593 49.559 36.593 C 21.943 36.593 -0.443 28.303 -0.443 18.075 C -0.443 7.848 21.943 -0.442 49.559 -0.442 Z" stroke-miterlimit="10" stroke-width="1.2853"/></g></g></g></g></g><g transform="matrix(1,0,0,1,93,44)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="88" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="88" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="2.3125" y="0" width="85" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="2.4000000953674316" y="12">K</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="10.40000057220459" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="16.80000114440918" y="12">y</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="23.200000762939453" y="12">-</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27.200000762939453" y="12">v</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="32.79999923706055" y="12">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="12">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="42.400001525878906" y="12">u</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="48.79999923706055" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59.20000076293945" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64.80000305175781" y="12">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="75.20000457763672" y="12">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="79.20000457763672" y="12">e</text></g></g><g transform="matrix(1,0,0,1,133.88673770512042,37.68899694824222)"><g transform="translate(0,0)"><g transform="translate(-171,-25.199996948242188) translate(37.113262294879576,-12.489000000000033) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 138.38673770512042 42.18899694824222 M 138.38673770512042 42.18899694824222 L 140.13562398277034 43.15925299065982 M 140.13562398277034 43.15925299065982 M 141.88451026042026 44.129509033077426 L 143.63339653807014 45.09976507549503 M 143.63339653807014 45.09976507549503 M 145.38228281572006 46.07002111791263 L 147.13116909336998 47.040277160330234 M 147.13116909336998 47.040277160330234 M 148.88005537101986 48.01053320274784 L 150.62894164866975 48.98078924516544 M 150.62894164866975 48.98078924516544 M 152.37782792631967 49.95104528758304 L 154.12671420396958 50.921301330000645 M 154.12671420396958 50.921301330000645 M 155.87560048161947 51.89155737241825 L 157.62448675926936 52.86181341483585 M 157.62448675926936 52.86181341483585 M 159.37337303691928 53.83206945725345 L 161.1222593145692 54.802325499671056 M 161.1222593145692 54.802325499671056 M 162.87114559221908 55.77258154208866 L 164.62003186986897 56.74283758450626 M 164.62003186986897 56.74283758450626 M 166.36891814751885 57.713093626923865 L 168.11780442516877 58.68334966934147 M 168.11780442516877 58.68334966934147 M 169.8666907028187 59.65360571175907 L 171.61557698046857 60.62386175417667 M 171.61557698046857 60.62386175417667 M 173.36446325811846 61.594117796594276 L 175.11334953576838 62.56437383901188 M 175.11334953576838 62.56437383901188 M 176.8622358134183 63.53462988142948 L 178.61112209106818 64.50488592384708 M 178.61112209106818 64.50488592384708 M 180.36000836871807 65.47514196626469 L 182.108894646368 66.44539800868229 M 182.108894646368 66.44539800868229 M 183.8577809240179 67.41565405109989 L 185.6066672016678 68.3859100935175 M 185.6066672016678 68.3859100935175 M 187.35555347931768 69.3561661359351 L 189.1044397569676 70.3264221783527 M 189.1044397569676 70.3264221783527 M 190.85332603461748 71.2966782207703 L 192.60221231226737 72.2669342631879 M 192.60221231226737 72.2669342631879 M 194.35109858991729 73.23719030560551 L 196.09998486756717 74.20744634802311 M 196.09998486756717 74.20744634802311 M 197.84887114521706 75.17770239044071 L 199.59775742286695 76.14795843285832 M 199.59775742286695 76.14795843285832 M 201.34664370051686 77.11821447527592 L 203.09552997816678 78.08847051769352 M 203.09552997816678 78.08847051769352 M 204.8444162558167 79.05872656011113 L 206.59330253346658 80.02898260252873 M 206.59330253346658 80.02898260252873 M 208.3421888111165 80.99923864494633 L 210.0910750887664 81.96949468736393 M 210.0910750887664 81.96949468736393 M 211.83996136641628 82.93975072978154 L 213.5888476440662 83.91000677219914 M 213.5888476440662 83.91000677219914 M 215.33773392171608 84.88026281461674 L 217.086620199366 85.85051885703434 M 217.086620199366 85.85051885703434 M 218.83550647701588 86.82077489945195 L 220.58439275466577 87.79103094186955 M 220.58439275466577 87.79103094186955 M 222.3332790323157 88.76128698428715 L 224.0821653099656 89.73154302670476 M 224.0821653099656 89.73154302670476 M 225.8310515876155 90.70179906912236 L 227.57993786526538 91.67205511153996 M 227.57993786526538 91.67205511153996 M 229.3288241429153 92.64231115395756 L 231.0777104205652 93.61256719637517 M 231.0777104205652 93.61256719637517 M 232.8265966982151 94.58282323879277 L 234.575482975865 95.55307928121037 M 234.575482975865 95.55307928121037 M 236.3243692535149 96.52333532362798 L 238.0732555311648 97.49359136604558 M 238.0732555311648 97.49359136604558 M 239.8221418088147 98.46384740846318 L 241.4374511336982 99.35999694824216" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,133.88673770512042,37.68899694824222)"><g transform="translate(0,0)"><g transform="translate(-141,-37.19999694824219) translate(7.113262294879576,-0.48900000000003274) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 138.38673770512042 42.18899694824222 M 138.38673770512042 42.18899694824222 L 138.4331576707298 44.18845817237057 M 138.4331576707298 44.18845817237057 M 138.47957763633917 46.18791939649891 L 138.52599760194855 48.18738062062726 M 138.52599760194855 48.18738062062726 M 138.57241756755792 50.186841844755605 L 138.6188375331673 52.18630306888395 M 138.6188375331673 52.18630306888395 M 138.66525749877667 54.1857642930123 L 138.71167746438604 56.185225517140644 M 138.71167746438604 56.185225517140644 M 138.75809742999542 58.18468674126899 L 138.80451739560476 60.18414796539734 M 138.80451739560476 60.18414796539734 M 138.85093736121414 62.18360918952568 L 138.89735732682348 64.18307041365404 M 138.89735732682348 64.18307041365404 M 138.94377729243286 66.18253163778239 L 138.9901972580422 68.18199286191074 M 138.9901972580422 68.18199286191074 M 139.03661722365158 70.1814540860391 L 139.08303718926092 72.18091531016745 M 139.08303718926092 72.18091531016745 M 139.1294571548703 74.1803765342958 L 139.17587712047964 76.17983775842416 M 139.17587712047964 76.17983775842416 M 139.22229708608901 78.17929898255251 L 139.26871705169836 80.17876020668086 M 139.26871705169836 80.17876020668086 M 139.31513701730773 82.1782214308092 L 139.36155698291708 84.17768265493754 M 139.36155698291708 84.17768265493754 M 139.40797694852645 86.1771438790659 L 139.4543969141358 88.17660510319425 M 139.4543969141358 88.17660510319425 M 139.50081687974517 90.1760663273226 L 139.54723684535452 92.17552755145095 M 139.54723684535452 92.17552755145095 M 139.5936568109639 94.17498877557931 L 139.64007677657324 96.17444999970766 M 139.64007677657324 96.17444999970766 M 139.6864967421826 98.173911223836 L 139.73291670779196 100.17337244796434 M 139.73291670779196 100.17337244796434 M 139.77933667340133 102.1728336720927 L 139.82575663901068 104.17229489622105 M 139.82575663901068 104.17229489622105 M 139.87217660462005 106.1717561203494 L 139.9185965702294 108.17121734447775 M 139.9185965702294 108.17121734447775 M 139.96501653583877 110.1706785686061 L 140.01143650144812 112.17013979273446 M 140.01143650144812 112.17013979273446 M 140.0578564670575 114.16960101686281 L 140.10427643266684 116.16906224099117 M 140.10427643266684 116.16906224099117 M 140.1506963982762 118.1685234651195 L 140.19711636388556 120.16798468924786 M 140.19711636388556 120.16798468924786 M 140.24353632949493 122.16744591337621 L 140.28995629510428 124.16690713750457 M 140.28995629510428 124.16690713750457 M 140.33637626071365 126.16636836163292 L 140.382796226323 128.16582958576126 M 140.382796226323 128.16582958576126 M 140.42921619193237 130.1652908098896 L 140.4374511336982 130.51999694824218" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,40.937451133698204,37.68899694824222)"><g transform="translate(0,0)"><g transform="translate(-136,-42.19999694824219) translate(95.0625488663018,4.510999999999967) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 138.38673770512042 42.18899694824222 M 138.38673770512042 42.18899694824222 L 136.63596995202016 43.15585385322055 M 136.63596995202016 43.15585385322055 M 134.8852021989199 44.12271075819888 L 133.13443444581964 45.089567663177206 M 133.13443444581964 45.089567663177206 M 131.38366669271937 46.056424568155535 L 129.6328989396191 47.02328147313386 M 129.6328989396191 47.02328147313386 M 127.88213118651885 47.99013837811219 L 126.13136343341858 48.95699528309052 M 126.13136343341858 48.95699528309052 M 124.38059568031832 49.92385218806885 L 122.62982792721806 50.89070909304718 M 122.62982792721806 50.89070909304718 M 120.8790601741178 51.85756599802551 L 119.12829242101753 52.824422903003835 M 119.12829242101753 52.824422903003835 M 117.37752466791727 53.791279807982164 L 115.62675691481701 54.75813671296049 M 115.62675691481701 54.75813671296049 M 113.87598916171675 55.72499361793883 L 112.12522140861648 56.691850522917164 M 112.12522140861648 56.691850522917164 M 110.37445365551622 57.65870742789549 L 108.62368590241596 58.62556433287383 M 108.62368590241596 58.62556433287383 M 106.8729181493157 59.592421237852164 L 105.12215039621543 60.5592781428305 M 105.12215039621543 60.5592781428305 M 103.37138264311517 61.526135047808836 L 101.6206148900149 62.49299195278717 M 101.6206148900149 62.49299195278717 M 99.86984713691464 63.45984885776551 L 98.11907938381438 64.42670576274384 M 98.11907938381438 64.42670576274384 M 96.36831163071412 65.39356266772216 L 94.61754387761385 66.3604195727005 M 94.61754387761385 66.3604195727005 M 92.86677612451359 67.32727647767882 L 91.11600837141333 68.29413338265715 M 91.11600837141333 68.29413338265715 M 89.36524061831307 69.26099028763548 L 87.6144728652128 70.22784719261381 M 87.6144728652128 70.22784719261381 M 85.86370511211256 71.19470409759214 L 84.1129373590123 72.16156100257047 M 84.1129373590123 72.16156100257047 M 82.36216960591206 73.1284179075488 L 80.61140185281181 74.09527481252712 M 80.61140185281181 74.09527481252712 M 78.86063409971156 75.06213171750545 L 77.10986634661131 76.02898862248378 M 77.10986634661131 76.02898862248378 M 75.35909859351106 76.99584552746211 L 73.60833084041082 77.96270243244044 M 73.60833084041082 77.96270243244044 M 71.85756308731057 78.92955933741877 L 70.10679533421032 79.8964162423971 M 70.10679533421032 79.8964162423971 M 68.35602758111007 80.86327314737542 L 66.60525982800982 81.83013005235375 M 66.60525982800982 81.83013005235375 M 64.85449207490957 82.79698695733208 L 63.10372432180932 83.76384386231041 M 63.10372432180932 83.76384386231041 M 61.35295656870906 84.73070076728875 L 59.602188815608805 85.6975576722671 M 59.602188815608805 85.6975576722671 M 57.85142106250855 86.66441457724542 L 56.100653309408294 87.63127148222377 M 56.100653309408294 87.63127148222377 M 54.34988555630804 88.5981283872021 L 52.59911780320778 89.56498529218044 M 52.59911780320778 89.56498529218044 M 50.84835005010753 90.53184219715877 L 49.09758229700727 91.49869910213711 M 49.09758229700727 91.49869910213711 M 47.346814543907016 92.46555600711544 L 45.59604679080677 93.43241291209378 M 45.59604679080677 93.43241291209378" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,223,117.3854006442422) scale(0.4503927504622071,0.45039275046220717) translate(-0.4429050300735753,-0.7077644040000006)"><g transform="translate(0,0) scale(1,1)"><g><g transform="translate(-604,-7)"><g><g transform="translate(604,7.071429)"><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 3.756617 15.69689 L 9.798454 15.69689 L 9.798454 21.56925 L 3.756617 21.56925 L 3.756617 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 11.1692 15.69689 L 17.21104 15.69689 L 17.21104 21.56925 L 11.1692 21.56925 L 11.1692 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 11.1692 8.167081 L 17.21104 8.167081 L 17.21104 14.03944 L 11.1692 14.03944 L 11.1692 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 18.58083 15.69689 L 24.62267 15.69689 L 24.62267 21.56925 L 18.58083 21.56925 L 18.58083 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 18.58083 8.167081 L 24.62267 8.167081 L 24.62267 14.03944 L 18.58083 14.03944 L 18.58083 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 15.69689 L 32.03525 15.69689 L 32.03525 21.56925 L 25.99341 21.56925 L 25.99341 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 8.167081 L 32.03525 8.167081 L 32.03525 14.03944 L 25.99341 14.03944 L 25.99341 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 33.40504 15.69689 L 39.44688 15.69689 L 39.44688 21.56925 L 33.40504 21.56925 L 33.40504 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 0.6363354 L 32.03525 0.6363354 L 32.03525 6.508696 L 25.99341 6.508696 L 25.99341 0.6363354 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 12.19391 30.04752 C 11.26506 30.04752 10.50971 30.78168 10.50971 31.68447 C 10.50971 32.58634 11.26506 33.31957 12.19391 33.31957 C 13.1218 33.31957 13.87715 32.58634 13.87715 31.68447 C 13.87715 30.78168 13.1218 30.04752 12.19391 30.04752" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 58.90479 18.73416 C 56.87647 17.59658 54.17619 17.44099 51.87563 18.09876 C 51.5919 15.72205 49.98534 13.63789 48.07492 12.14534 L 47.3167 11.55279 L 46.67925 12.26832 C 45.40053 13.70683 45.01902 16.09752 45.19348 17.93478 C 45.32192 19.28571 45.75807 20.65621 46.61407 21.74068 C 45.96416 22.12081 45.22511 22.42267 44.56753 22.63975 C 43.22746 23.08043 41.77331 23.32547 40.35847 23.32547 L 0.6134818 23.32547 L 0.5281695 24.21615 C 0.2434756 27.18727 0.6623686 30.16211 1.925758 32.87702 L 2.470223 33.95404 L 2.531571 34.05466 C 6.269017 40.22329 12.83135 42.82174 19.98417 42.82174 C 33.82968 42.82174 45.24907 36.81056 50.49338 24.11366 C 53.99886 24.29161 57.58389 23.28447 59.29876 20.03106 L 59.73683 19.20093 L 58.90479 18.73416 L 58.90479 18.73416 Z M 12.19391 34.79068 C 10.43111 34.79068 8.997093 33.39689 8.997093 31.68447 C 8.997093 29.97112 10.43111 28.57733 12.19391 28.57733 C 13.95671 28.57733 15.39072 29.97112 15.39072 31.68447 C 15.39072 33.39689 13.95671 34.79068 12.19391 34.79068 L 12.19391 34.79068 Z" stroke-miterlimit="10"/></g></g></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,122,150.3854006442422) scale(0.4503927504622071,0.45039275046220717) translate(-0.4429050300735753,-0.7077644040000006)"><g transform="translate(0,0) scale(1,1)"><g><g transform="translate(-604,-7)"><g><g transform="translate(604,7.071429)"><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 3.756617 15.69689 L 9.798454 15.69689 L 9.798454 21.56925 L 3.756617 21.56925 L 3.756617 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 11.1692 15.69689 L 17.21104 15.69689 L 17.21104 21.56925 L 11.1692 21.56925 L 11.1692 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 11.1692 8.167081 L 17.21104 8.167081 L 17.21104 14.03944 L 11.1692 14.03944 L 11.1692 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 18.58083 15.69689 L 24.62267 15.69689 L 24.62267 21.56925 L 18.58083 21.56925 L 18.58083 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 18.58083 8.167081 L 24.62267 8.167081 L 24.62267 14.03944 L 18.58083 14.03944 L 18.58083 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 15.69689 L 32.03525 15.69689 L 32.03525 21.56925 L 25.99341 21.56925 L 25.99341 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 8.167081 L 32.03525 8.167081 L 32.03525 14.03944 L 25.99341 14.03944 L 25.99341 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 33.40504 15.69689 L 39.44688 15.69689 L 39.44688 21.56925 L 33.40504 21.56925 L 33.40504 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 0.6363354 L 32.03525 0.6363354 L 32.03525 6.508696 L 25.99341 6.508696 L 25.99341 0.6363354 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 12.19391 30.04752 C 11.26506 30.04752 10.50971 30.78168 10.50971 31.68447 C 10.50971 32.58634 11.26506 33.31957 12.19391 33.31957 C 13.1218 33.31957 13.87715 32.58634 13.87715 31.68447 C 13.87715 30.78168 13.1218 30.04752 12.19391 30.04752" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 58.90479 18.73416 C 56.87647 17.59658 54.17619 17.44099 51.87563 18.09876 C 51.5919 15.72205 49.98534 13.63789 48.07492 12.14534 L 47.3167 11.55279 L 46.67925 12.26832 C 45.40053 13.70683 45.01902 16.09752 45.19348 17.93478 C 45.32192 19.28571 45.75807 20.65621 46.61407 21.74068 C 45.96416 22.12081 45.22511 22.42267 44.56753 22.63975 C 43.22746 23.08043 41.77331 23.32547 40.35847 23.32547 L 0.6134818 23.32547 L 0.5281695 24.21615 C 0.2434756 27.18727 0.6623686 30.16211 1.925758 32.87702 L 2.470223 33.95404 L 2.531571 34.05466 C 6.269017 40.22329 12.83135 42.82174 19.98417 42.82174 C 33.82968 42.82174 45.24907 36.81056 50.49338 24.11366 C 53.99886 24.29161 57.58389 23.28447 59.29876 20.03106 L 59.73683 19.20093 L 58.90479 18.73416 L 58.90479 18.73416 Z M 12.19391 34.79068 C 10.43111 34.79068 8.997093 33.39689 8.997093 31.68447 C 8.997093 29.97112 10.43111 28.57733 12.19391 28.57733 C 13.95671 28.57733 15.39072 29.97112 15.39072 31.68447 C 15.39072 33.39689 13.95671 34.79068 12.19391 34.79068 L 12.19391 34.79068 Z" stroke-miterlimit="10"/></g></g></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,27,113.3854006442422) scale(0.4503927504622071,0.45039275046220717) translate(-0.4429050300735753,-0.7077644040000006)"><g transform="translate(0,0) scale(1,1)"><g><g transform="translate(-604,-7)"><g><g transform="translate(604,7.071429)"><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 3.756617 15.69689 L 9.798454 15.69689 L 9.798454 21.56925 L 3.756617 21.56925 L 3.756617 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 11.1692 15.69689 L 17.21104 15.69689 L 17.21104 21.56925 L 11.1692 21.56925 L 11.1692 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 11.1692 8.167081 L 17.21104 8.167081 L 17.21104 14.03944 L 11.1692 14.03944 L 11.1692 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 18.58083 15.69689 L 24.62267 15.69689 L 24.62267 21.56925 L 18.58083 21.56925 L 18.58083 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 18.58083 8.167081 L 24.62267 8.167081 L 24.62267 14.03944 L 18.58083 14.03944 L 18.58083 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 15.69689 L 32.03525 15.69689 L 32.03525 21.56925 L 25.99341 21.56925 L 25.99341 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 8.167081 L 32.03525 8.167081 L 32.03525 14.03944 L 25.99341 14.03944 L 25.99341 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 33.40504 15.69689 L 39.44688 15.69689 L 39.44688 21.56925 L 33.40504 21.56925 L 33.40504 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 0.6363354 L 32.03525 0.6363354 L 32.03525 6.508696 L 25.99341 6.508696 L 25.99341 0.6363354 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 12.19391 30.04752 C 11.26506 30.04752 10.50971 30.78168 10.50971 31.68447 C 10.50971 32.58634 11.26506 33.31957 12.19391 33.31957 C 13.1218 33.31957 13.87715 32.58634 13.87715 31.68447 C 13.87715 30.78168 13.1218 30.04752 12.19391 30.04752" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 58.90479 18.73416 C 56.87647 17.59658 54.17619 17.44099 51.87563 18.09876 C 51.5919 15.72205 49.98534 13.63789 48.07492 12.14534 L 47.3167 11.55279 L 46.67925 12.26832 C 45.40053 13.70683 45.01902 16.09752 45.19348 17.93478 C 45.32192 19.28571 45.75807 20.65621 46.61407 21.74068 C 45.96416 22.12081 45.22511 22.42267 44.56753 22.63975 C 43.22746 23.08043 41.77331 23.32547 40.35847 23.32547 L 0.6134818 23.32547 L 0.5281695 24.21615 C 0.2434756 27.18727 0.6623686 30.16211 1.925758 32.87702 L 2.470223 33.95404 L 2.531571 34.05466 C 6.269017 40.22329 12.83135 42.82174 19.98417 42.82174 C 33.82968 42.82174 45.24907 36.81056 50.49338 24.11366 C 53.99886 24.29161 57.58389 23.28447 59.29876 20.03106 L 59.73683 19.20093 L 58.90479 18.73416 L 58.90479 18.73416 Z M 12.19391 34.79068 C 10.43111 34.79068 8.997093 33.39689 8.997093 31.68447 C 8.997093 29.97112 10.43111 28.57733 12.19391 28.57733 C 13.95671 28.57733 15.39072 29.97112 15.39072 31.68447 C 15.39072 33.39689 13.95671 34.79068 12.19391 34.79068 L 12.19391 34.79068 Z" stroke-miterlimit="10"/></g></g></g></g></g></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/userguide/networking/images/key_value.gliffy b/docs/userguide/networking/images/key_value.gliffy
new file mode 100644
index 00000000..4e632ef3
--- /dev/null
+++ b/docs/userguide/networking/images/key_value.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#ffffff","width":277,"height":209,"nodeIndex":171,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":3,"y":3.1889969482422202},"max":{"x":277,"y":208.1999969482422}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":1.0,"y":93.51999694824218,"rotation":0.0,"id":152,"width":78.0,"height":77.68,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":4,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":63.68000000000001,"rotation":0.0,"id":142,"width":78.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":3,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Host</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":null},{"x":23.0,"y":0.0,"rotation":0.0,"id":134,"width":42.8749022673964,"height":60.0,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":1,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":96.0,"y":130.51999694824218,"rotation":0.0,"id":153,"width":78.0,"height":77.68,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":5,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":63.68000000000001,"rotation":0.0,"id":154,"width":78.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":9,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Host</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":null},{"x":23.0,"y":0.0,"rotation":0.0,"id":155,"width":42.8749022673964,"height":60.0,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":7,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":197.0,"y":99.35999694824216,"rotation":0.0,"id":156,"width":78.0,"height":77.68,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":10,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":63.68000000000001,"rotation":0.0,"id":157,"width":78.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":14,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Host</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":null},{"x":23.0,"y":0.0,"rotation":0.0,"id":158,"width":42.8749022673964,"height":60.0,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":12,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":114.0,"y":3.1889969482422202,"rotation":0.0,"id":160,"width":48.773475410240856,"height":39.0,"uid":"com.gliffy.shape.cisco.cisco_v1.storage.relational_database","order":16,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.storage.relational_database","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#02709F","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":163,"width":88.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\">Key-value store</span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":171.0,"y":25.199996948242188,"rotation":0.0,"id":165,"width":72.0,"height":73.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":17,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":160,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":158,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-32.613262294879576,16.989000000000033],[70.4374511336982,74.15999999999997]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":141.0,"y":37.19999694824219,"rotation":0.0,"id":168,"width":4.0,"height":91.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":20,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":160,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":155,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-2.6132622948795756,4.989000000000033],[-0.5625488663017961,93.32]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":136.0,"y":42.19999694824219,"rotation":0.0,"id":169,"width":86.0,"height":50.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":21,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":160,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":134,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.3867377051204244,-0.010999999999967258],[-90.5625488663018,51.31999999999999]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":22}],"shapeStyles":{},"lineStyles":{"global":{"stroke":"#999999","strokeWidth":2,"dashStyle":"1.0,1.0"}},"textStyles":{"global":{"bold":true}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":[],"lastSerialized":1445552948967},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/docs/userguide/networking/images/key_value.png b/docs/userguide/networking/images/key_value.png
new file mode 100644
index 0000000000000000000000000000000000000000..c4056f1145730f5afb1989e659ffe29ec7824d5c
GIT binary patch
literal 12898
zcmdse^;cAH)UN_c2qF#AFvO73-4cUzNVhc7-AXqM-Q5k+-4fE>AvJV2zK8F7*In!W
z3wM4vYu1@L`+0WnXYbDmQIL~FL-~mE>eVYWh}37LSFc`!f$x8j-U8R&q)F{pugG3O
zK8vWh>K^GJJF3nstR&O0ioWgU2gPUzi`xo^Wua1_eEmM5DN??!(zjSLJp(5?gZqS2
z9x%K4>g%DBh={qcup$CNsBbvLH~PoOMcSh!sptMXklRgr>qh%SdoAuespF=bw5Rlz
zlbfT9bO+BA;6o<<;R6D~Yd?y0N|3R_uv9I=YY|~`G7uGf7d0GOgshpB#m|mPbWcxD
zD_v$hB)G`W!cs#qX72NC=fkCnDym_y=C^UP)8q}mP<V`0f74e=7#O4350@w`jUz#^
zIbI8qk|NyRQE+$S3FLH-Q!(J5ZIHv{6RXG&?j9)kxj%$pkc*m-aN>q9Ym<X1wFbJr
z^J%C=ZkA|zW~%yEPK|8_EgOErRiiU3DJwr2pL+E4!q%XY@Xs-I#IJziMSXF16xppJ
zyNulTC-doezoJLy!3-y=MBU&eVZbAYr>6g>9n~||8yC?bR8e_ty+-%u05h^nC)aN2
zR1iM}KjQV7B9liw|8F8BBuH{kB;Mtwf*cDc>2SYROXOC|)SJLPDzRR$U$fEm9yX{?
zf{bB&?ZXjN0-x|TIoN1P(&b<hWvJ@R7FT!G{e$F%w9}l6_#5cd5#_z%aXg-ZdIP>1
zzf#6V7eL*u>TJ~JzMU<=)wxI4)Bg0A<fVnaDE2e!ky5z){tm`byhJl1K=o$*__WYF
zQ^((p^h6XE!w|H#l+1OAOAy*%svA-Lgq3!O-_(FeNe0^P>aVrFcldY5yi>V$5Yt93
z(snk*B3%fjKuU}9jgCX^?@fkEFIU^Yt1ryF`n`&9e`okW8OxF*X&PnK!M@l8Y>Ed@
zFLC)vMUm%Ny$Od;Zl~$5TckIVLz(lVJBoxO9@L(_-lQ=TpjD=>py-!aPtxn~Z{Z}S
zttm&INH^JzCy;7LCR6g`_+SJs)Sk7oqVXx@ku~i%bKmCl)4Vgq98Q$uJX_<h9h-)T
zuB-~hy)|)maL{YZ971GBa%U2#n5y`}Zs2#jI`m$EllUr}pj|MX&tT$j40n>Uf3crO
zi7~qp!fT9CS?;$|N^Gmk;rc#4kJgVLh(?(D^*RK9j%=dzTwm{Gx1Ii;|Dj&XMLgWj
z8*W3IN&zxfw`^)K*n~9U`2_K=h$=nQhE6|aB!5B`f*gl34%nYQuR0P5YHddEI$lz1
zTRq0+eO~6{MJ5QqaWx+nAsS-*+JFOv(KhdtGlPubmNMj(4wY1F$&Onn-ppNo5f;}G
zcy42cACYq5Fre}e(w8!1FF=K5<KjEWZVaW<R9&bHCrgoou~0wLIEhFNK{}hy>&s)}
zt}ZGM38Mz#TS}emmstb8^_6R~q72*a43ujUO{_{CQ{fQ&B$-IJH6I(L^V}MX#EUby
zh+$}L;A;Cb04S>)Zl^T}P{yG}SYBDnJO>4~(L<k+`pqa^4<9S{tL)d$7V_Zd4GEVw
z+cUqJN|jPKW;ob$GE!GLIJ(B>@LqchhVB{m{G7;F{$$Aa=EqI=0d^T@FMWB1n5GEN
z`%K3E$Z-C{KhyQ_e!wDcb7GqTBLnH{xM>N1W;9!*ctH%-`I8(J2onY(!AK~=W?4dy
zUS1m~yYQLRS=q=%mR6s?d%+J`z!X#z{c5*oEVf#Ib+g(Q%6o)G$F==V?#KYhS}iL=
zS>X^wl_aWuvMiB-jAdH(EaIc%m>T~YqKg5sr3ZCZ(;*;FM*s7^XzGhs>e~XB&fv*6
z<Y2Zaz(Lrw)b6P>0P}va@o-w55As7JM!<t3v+?aAG{!$!0HSb|(s;eGtQYtnpsck{
z`8JyX8Pxwn<}7c7|E+)Ch?UNMs;d$;KK$~Q=e-c;)-e0nBJVt$S5*gTyZblHz+n+o
zYW#@Elb_LXTP#k)#7#ezw@6Ryhim!n$L$6~Tu<<fFt9#OPiR5Buqc2vF>_54zi!Tv
z9`~kr5s=K}wx{=;J+I6ey1MXy`*TruyZccfO&_dGg+e_<1e&h-TH78PYe~1GA1>0`
z5^V?qSiClg?1h>_crbuXC+if;m-D%PWVR7N8qV02IH0)U?J!kg-O+Z#aF+-oD0iDA
z@dLuN@h3m-5*~tp?RifI!hes~`0WD8QTP24k}HeH51;`F-@@KyFAX2ifcT;pY4M)U
zi$IrG1L8TjQ`AD`(M=48&#at2h}x-^e{nxL*z$XQ7K1-SkK2HH5CDY6J>scBs<DKi
zq?f>SF+XV{k3wfTt>L+R?Bb!xbo~vNtTa#Q==<oW>Z?hAVZE$ujMJ;vuoO?tHU@@q
zQe+Hrsc<A!UCa>kZ&9Pc=;(@Cm|rju4#fdw>Hd{bVlK~;A#MZ`MbUeM-*m;IsyYIp
zbe4Af9SF}(s=+0d!m&~4>sx+MUt7nJ@Xv<dXhq>3RThOSljJN&9Wzj|NU&d7$N}*|
z5|G0-ElAcm69%(DKtRy{_xyBw+;Z{(A3wOiUqajCsBUkemIiikFmsZR1UD)HtiOQd
zG5-V+)X>nN1%tb?MEs&-WBr&r9x*}Xa_PJqG(vaCqGDn(2?>EkMYJFgs53}60b8UK
z@)9$V)#Y0lA;GJd|DONG%1`rnaIHAT-fK8Jb6Qwfe89xakpeR_qi6a&^B5W$+CE*)
z(L*Vk-n@Y%?V3B^_+O(y+<wNV%}YQPMMPe+vawC%N}_+3kT9I9&^f)h=!qs5`#?lg
z7F=3i|Me-AT-V!MFp`KThaVi)(3g32w4~;y^};h?aobYtM~!opK2MgHCu^h*yQ8Xg
zkdI@64-BiWTWFpSM-6)`Ee*sjbvgm}m~E8q(ht{1%8OIKV<=f1_Y{cuT|c1npT4TM
zTF6=K89yFLX4{*q%%oubl6^BhKJJ^&=R!eA39qK-RX15GW!7rrVL%pg(t|G4`@Lc1
zt)8CV5?TU%D=uIcT&do(Wg7S_hW->_%<fjVi_=lQll9Wdc2OlIXph!_>GaIZ#^wGL
zEhA%Jl|fG&jnm#Z`8INl|9euwvfoB0t8LN@yZ@qy`2yqOuu+M)tHe{KR6y0s%i7xZ
zgH$k=%bJ|rTpWWsag~86(gA=Fj!0<1wk=yKEKpR*nv(_sJ0E5qI9#a3Q7qSLc+cm2
zDBNJZqB1N6$J};_nc=#L>>m`g)poP0ym{p`rxVoibY$}<uiE6#$L%Bj`@LL7_sa=M
z(v6OPPt4x`9@cVeYLo)3g`W21?ZyOdvdYS2RvKDci5k|tTioS5JzFXA2-r+$p_*0t
zuc_rT$}S75sy;nlRr>V(;aV%>XR3FCO&5oLdp=L>D7wbO#WmdOkD$X&<F?D8SpE07
zD|EZf>=ROJI<~nHMB4v&cfn#l3BvhWLp+?wJaD|yGQ$D-@_g8|o1y&Oz#{}>@Iv0_
zKGvQ3%>8_j<}AwR5k67Z9lYv!A&cWI%|ZiII@a~{dY!$!pT)63A<Bhvbx6fhm@n&`
z?H6X!b)}Hc)PG+(y<W1Rm)}k{%}`u@ueaP6hG(?gXb12OsFPMH*R=m0R3r4bf$qAO
z9aQE0<Svd6%H%s~Rd$n)5_)!h2fbey^L`tccbQWp86&)R6mwe9wDZwwwN;}ovv<Iw
zO6anzNR}ns7=Msc@Os{ePCE}@$YDq3$_5j(B>WVnOF0;Nw0i|&3`_@^2WErlF&Q5Q
zO~>IMk8FIxWK%i8n|yYg2!=*RD^{{@t!y7YK<(d_@E#B19mcEaD(Yeiq~hs$Dq_5O
zrzg{%1u7x5ZWM82_>#aNVrN%PfenR&1ot}k;i&nNV^6`Wk8K8=oe<izVxSA&W>F-Z
zbo|qGBfa!@?RX9Uw#d=XcsKz(k+vFLM<WispQ-fD=g(o%Y1ZH94hYTLQ;b>OTZsl0
z>s2!&z9&+s^<|iD-4kbdJXmh3J<lj9DVcVl{iW62rds-SL+{@`p5XJX(M&;TC<=}{
zGzk%%r0mn}!`i<Jq);zV_QY0B!=R~r(kGD^#s_epClEK9779QC0v^{zA3}Vl`0jR6
zZKmHrY6v(i;?5<?-ig)X(0^U88D>)6Sew)HDd!K_&GgaT*8njWz=x9x>AHzrX3%y|
zg=OD}ZjuqGi&77_K~x-eM$AQ&g#O))snSXt9xm3EQmD9#U;e$dIl#ojE4-wKDKcQs
z@K{RO9K=YHC}zyZft7_fDUmfqr7^J`YDZ~y<LTAtpoX-GDJh|XUiV}I0y;AS9qNn6
zCJsYe>ApaQ#S)%z_!7tj%6T|$kym~AW8>{NQ>sR9NHOsV&6l}aJZ|U9(0H^^A)Xj>
zXf}~R#70k0>EACXo0p#WtSpB)pT<m2HE85BR6a{=Zg?dy>6CPH1jb$d#eb{mp#%bt
zUOJtu>bS|ZBASvGi|Dv*$N#B?ii?X6mF6azq=$@pKtcOYpB&QJezYd&Vqet)S{2@x
z(Q2?({g~S42V$vS1Azmbr}w42L0#2G10@}l6cj2&Qhy@;QHMZSNdNPX;;TcFRMDU0
z3$}O2dW(F=jbe4DS95x58(41~p2M5b^i%>Z2L}g3r}0IJ1>9AhG9if|G|YF%fxP1n
zCmof)*Goz(ltg)ueGM=VPEAqC^}O$lag;P#iQEmbdx~Ao2(Tx>t``fJo~}X`Mwgwp
z4w!)*9X@O&sLTYK=er;bOc2|=&rQo3Skwex`rM#Vy2jW{k~s!p<oZH)7G&HNL_&L@
zv|Knh=&Vo~Ybc1|pSNtK4CBVmXLM7t8ofSRicdUWFwHEEj$9oHL?cxB0<plJ-zR5D
z%X#1P0rvcGqBeCm?IWcP;yviL9kfTgs$_1z6-9<IpibRBx~zGrh0I*e-V(uNKnzfd
zke?KsJ^av#K0Lj$;4nkZcVeGH=XZCVCUPGxGXIrz%M91f<BsCCpLV~a^9P+N4jW2I
z3550zwb!Dfx|KshZ^$%Q<F>8Hhk^KBBBi86u*{#7e(6dMrg?p^w{*U}{YA<ktq%&8
z(+SbU3UJyHic#5HP<PC}UhK;IGD{BrrAjNqrkyJ%5oI-!#KOpwk3Uxb%LV;w7M>Ke
zR(s%K^1=v{b};zHz*YL3H&cJfg0PK_I)W8TH`EO%i_XcGps2Sw4xEu0IByOMGrcus
zciH$I`=Qu^u?XGYWHC`45{Y#7FqFRJA`T`Cjm~N$Y${k{q7P04d(1xh=kfp6y%glu
z>K_kQz8~>0ERwP}oc|jx3W#MqcIzA`Fm#j_MCERE8Ol)Wk3C<UI?)2%Yy(`EVEGz^
zEcY*#_O?ce%`ozV=`gqDZfLiL@aWJ)>?T8Y?K?5C0vQE|%`)oRKOwI#Dj7B^YM01v
zxZVR6*k3JP%9w54tHDeyqQqcgAcy_N;>%=SZA+&qo2)N_NX+U&012g-W?&MkadN-#
zq+t=HO}bmiRI5|{1`o=bAfRF?g@PT>^c=y=aATb#JOXw$-IJ>)%X;7cNLK)V37Z+7
z-G2YnCf>LkPH_d^ky1P?l#}o*n<6H<*KbNT00Js&ICzx9pP5R4Y6s5_mfj>jon7?C
zJh|FI!Uf-cvNoGqJjd3l8tFjBI=^Z(I*|Y-Lll4IUQr)-kVymDb{}DOrO*=%?R`u=
z*h)J4^I3x0_@jZ7kofn}R>f(P$$Y+dS9DD96uQ#`Nx!6zLfw=3kfzhsU59G}@|Mla
z-DNN3xE=a?A%QH~{==dIfo#qaNT%B5kUCRLcPH#~Mt7XrjpWbLc3ziz6V|^9_!l)^
zs;qYl&c~L60*0)VJvb;`Bd>OO+1=@m$I}=6y3$irJdP*^*$%fR@dJCNOQrM^(s93y
zIdP#{)9@=v4IyVOx>w(Nm;@@L?qKuv@CGucl{?IYr)OBVXvNk9&`e=TsiWRB1}EPc
zX~UZ>a4X2`ZEJ45RFQD0>a2bHJS_RX*~kqi`G}q0WGd>|>{+1HGbC~ek947r+80t@
zQOSqXrL>J-U_WCdHI}|(LG5!^q~spE*}{z~&~NN=j(d+>ia9hKX=pgR$QwAJ)W)S^
zk4WS6#<RRP*1Li_BVbB%0+F@a8SlHNfEQlPRn$d6qx>v~`WaXaSQ}y8AI8j@V`(gu
z>br$usxsU9u(zgg1h`P!J0Hrx8M%+4BtBZ?V8qn%O@Xs|ZKHuB<)pEm=*S!<z4!7D
zIa(&uw_LTO0{Kr?%wnqUwN`9gqq#Rj-)$QwNNEuG^O@h16p%Ra0R)nV?NzY#-~x$8
zMs^a@KKH>R(?)t&82B`r6YIHJ>q~kKOrbn<9wif?*vIn2R7P@k-KCgj6AZP1AVs84
z*xoAR_*V&+gru{QZLaambmYf*-gpHEH?5Sz6PbWWfs{h@b+2etsGDj6F{rVc<Yv_n
z1}DUdJu9xwm0=u^$E%Mu{Qk|dY1*(FJ_-wA3P?PvXKHW|F2Yy?Mcjuv$=&@KV=&Yl
z<<fp1$9{rU+!>|{($^xqb<+PWrOF4`bqzfGd;4L<P3?Bk@*aB`Y{ce;&l>VGc~;2@
zd0+U>*O88EI-}68=-kz&OUuyXs+^eb+Ae_SCV!M)VQgy$j5#@tcp0{1MUk35#}b4Q
zuoqt+c0b$UM!Vz03h!fF_$s@rK2nlrc}Uhp$Gv@o$X!Mku_z|qy_EfG2|;A1rY4se
zWd<x^)H4~y=0;&IBMQ-Xs;J+K)nf8)J(7{9Piwe0Fv-D$S@yP*T86ZpdBPU>+U_Dy
zL(LxxqAj!QpHhJ*2LTU|UojBG5%@Mbf4<fG>rL%mxZFBs;fj(}362@#uzJy#Psp)N
za{Lk@$Ui{T?Y~wpRXIwjXI8bumukmnm+HTZIXl;%mlUaKm^e_OI(}rXYpjl*cH`Ds
z_O`$z3g<`iO&(fSOVd-eS^oCt5b&PLk9|&y8O85LDmQP}|24%|Yj8--DMVctB0-*l
zaS%x_(i*oBbsp+0=jdL?574`{gq@(J#FeWBX5idBZ?e)@@5(?oHG&>_+8E{KhpT3M
zT%L8MU;}=f-~`Q9Did<Hpg{Psctny$2eMx`RyLD)R{N@#CB<rXK28-B>$9WFPCvFj
zJHK@rMY^_tZk7>s_+KVTNl&NaubK;p%<)jOtm-gYuH#?ZaVodIW%p2!S>1N~v5XTZ
z`G<`oU<-0dHxOY|2?B>5e>McX?K?mIq^+NiH}Q(o`j4#<*gW4vY>vc0VvM9r2(H6>
zJ@0i_v$q$eOzpRZS3Z&80wx80yd3)x?n^r8=CFiIx;0N*(bd6R=>ng{JNvzFOYota
zEXe#oEhI}~n=1%r#L$Pqam{aeAIQAgCI}(2d89NdHOlR?lnV6=p8Act-&hf;$CoiA
z3e7QHmj%CZ4+=LnVB$K?O@s(YNPj_KF#jkSMWPDo6X<OeXJ?@-4%0RM7tF!|v0Jyr
zgKPh$%|7HwgNc<`i%P)S>pk6CR$!)dk0y7wKFr*qQv1WGKU{Hx^o{c<$uOcKX+{AR
zz;^GUZ6G~1=UoGp!!jXj-xXRweI>4}v=Fp6oXsbVV~4yFd)n>vt;=v$1&uf#TmdE6
zyQ_$gg&~`EltVo&qWOB!vQ2Oe@=#^wmT#tXP2p0JK^5Safs?4J2){l5*9zPtj4{77
zFsB0QtBP!4WG&mWdgn6mcP{+kut)?_jsAKf@37}jGcE*7Nhwx-_4i|EPY`-(6xbMX
z;#NjZ=~0?RIn8IvBWI`Ad_6A@v~BWbpBpX*;zT5Nz^5J=x+~$KjV>LN?v7*nnhNnq
zv`k<%*05|$b~j1szw>fT+8sZu(QYH&a8Bi?H$RxMg<dHgN_K80+q<B_l(hrJkK$GZ
zmH9!BmLcT>F>%|$_RT|Su<d`vd@Ok_J1Lf}h6mUWdgu=pn!!H1qv<g5O{;k90W$rr
z1X4{2xMlMnnmBEY&w5DjPPw5uiUecIE;*$m3z$1X6RHU^b_1>4yK8;t2J7w8GTZB$
zn&3z=-((p7M9Mxg_M{stdhL7@rsyS|UyO>KF|l+hEJj0RWe3U3%1RhA3dT0cC+Dq3
zH^h9PU>`?sYw;(mEc^O2p$zxrWv4hNw}<_=urOs#XP7{6CvCzg-VY_s)Z1NQxg!*k
z^@v0R0u_l-G-3rcm{bt<$I_J*^-PXURbSbPJWys8BmeN04L&dJUTFS=x=#|>G<Vg%
zw8U2Zq#jc-fkj9XEJ=MSA}%XH{XSw!buN{u{_yLd4h6p97mBirGMho|!a3=-P!b&Z
zc9Y&t0!tePYntN4dx^(r)yRCpsTk*ar9?EQ6TAowBM*HIi?`S5bTg`4OcWoY<o5iS
zqj0<D1`y@t5)fMIUt!Bi&yCy9_u($PoUE>tsVRN~s@w*w^Mnzn1}L^zi)_&OnFS0o
z&A|?1J#PG=W4qO7r(VAgiroIXSCaaHAdjEc{d=ZYX3${Irhnd|hypuUr)M}DPYY8d
zIYqcFwAOdTaF@J%)&9I@Ns6wc40pI8qdV})tvQ0%$(3K?Dy+L^I`%i6wN{74QNK>^
z&p5=oeTCPYB-}Sv<lrUh53)m?5~J-u-Eqbc|Bi5qJ3+Ch@QW}~++NoXLrMxN6fuV1
z5l-5Y)yg#JoHX)dco~XSTPeSlrW^a7P+8{~_Wmmg_8|C5-`jzMy!aXe;PwE?;n@j9
zhl!;uQl#Z|HKVq-*3nVSW#I^h*j-!8OMnxsWu|05vHv@)7Qn#$TgYB?-%qVWnd2c-
zb)L1?#M1kVNmQvG5{g^{rOCJa?R2~O^IY>#NGC9tr~Eg8Y=p2liKn#O>-5bD?1kDp
zH=={Yo3L)KfiSy*^yKr|kMsG;WEF(VZ(_)wiLE<wt=Czhn};hY=?ktmscg+lB<s6=
zJX`Li8jUzw@&^@bwGP1)MNSX)XMN~+qa-MhI`m>QrRE^*Ai7VB+&yMSULW6QnDZ^3
zieq&@St_pVMWysRfZ6A?rwOK*AqtvD8;ABfM^X?Z<(Rhze;TK`Ep>E6m3XK)ZZ87a
zJyXAyy<^uUB7j9TZMjnlRAQF8eA};BD;?(fd2c3fow|<(aB4uMXy-*BFT+y%Y(R*-
ztJ`H}<RXErd(W@4jS2%34XEY!uGh)Z*p*~S%d5uI-|k&`o$l06?O~Fb6@`Ebq1dK}
zNxG-2kyd}>XZGMC@YtgEXNNKE$ZD~dBC%l=nfS!v=9HUfCo4Qhvv|-NG)A>Eo3(Zw
z;@-|=DsZHvZ^&=b!=d^EqsOV?W(un8*hve5x;-#F))>b0Ib&fpecQY(7DSG!I5g$$
z--JCH8o0yV1Na@*c-6Vw)@Bj(oj-FDfe89f&)N(P7!)Xwg}}rno`czPWsNcA0-0(Z
zk&5vEVP^=Mu6AaDl&H<!w(1H7F>df2r*T%ZoF3g+mi0zx*6Qsh$hk1FNRsf#%a#sO
zzT|?-Tqcx_=iub!sQzk4Ubfq)6n#N8GoFNGjd0C4Zhqu5SBm1{aTON5y%)g^%n*+J
zW*@qVk1%BU@pMf&-_^~Cmo{t<+%Bk~$w-;N)y|z?SkjzO$|0pNU3vX2jgpoeO#BH2
zvj1xMO=2kZwrg}4-NETuhW4XT>hoZhT-UUPNAW_7OZ%)40mm;%1d`-&!pZ^@{gXj}
zM)>svuKbYiaru^BP~@5-dvT<ZnHS<8OI0m51~r)xg1Ij-!$E7?d)D)P0+gqx{;R-l
z0?#)`nROvbM#_fMaJq~O8zG8abgJtLU)>xUxoiye;z?EWL_U1;DgYA+X_0Sa9B(W+
zznRD*f-lf4P0^{qojTAd9m2hgc&AD-y}P!{RhcwCRkP7XaklQ%rs6tCR5lx`2AwWX
zbQZVz{Gpx4+9MGT^W)s6mse|1a-MGEcVA5;&*t%K%%o(a=8Y>^nt;5^aBZ}?Q0n~G
zAi_kIS<a$X8ft8=JsF9e^5hejr)YH!Wv|bs@8c*M=M}V9g*5ZIekJ;B$Ag@PsgR3G
zZIno$<=vo~lEpw=(A5(7>2%|mh{&Ar;<}YkP@qoexsFmxY6y3n*M~VJPOek4skN+x
zWdH8o`Mzqoe{Bp=z(_P&OA~%HWl5PEzR}u-Y4xH0$x{rd{q_J0VtY)}lY9{?L+#47
z!5-#@Hb3|w+$c{I$cf7zMU}1%fP-hPM~XzGnNo_r#SH~H_~DZyGDMNv#>`^!m&^1o
z3}o8!63c9e09&2V?6E+pxkC#L^;KU<W$owK8XNv!8pAc^jQ>n#n;H&L_NDL{L47v{
zn^oMhr7VsA2=I2a<UvnsBO<4-J3lLE1sL8<krJKl-E<j)`l98(por|sy>_*HNXC_L
zd&2X>AX+a(aMB7`QsJ+MAx3eAmJ2p--SC@)6ecO8e&ls5;$_kf6+|e5gd+N;br>sH
zx){Mm7ba71PkKnL<@y0-k~5CgBmDyuc{aw(CUEa%iwxOk+iohQ+FB-=PE!j?Ew}UI
zIIjNlrk_7r1R%u#qWV}axa^<zId+oWkip}-1EIk&3V7g$<<IgyaZ#mv79%urFgaM3
zQj#4k`^g-0v@dotC_g$bI<5eNG9`{W$v=<x{nQ(m4^T|#BzqY^1|gOjh?2Ul!5v3_
zwy(oUvBRbUR2ls*c1`kVCj=<hu8&i1bf>WB>s_xkzy3$tCi6x1lQK$MZ=EFy0>v;J
zb)%M=)C<X?^BQF&hOfJUWNtV}L-WnKl5tq-Typ@iUh$YLMP-1I{KU@-Ka_?lBd#E(
zN23iM@jcKsMumTiDr{v{R^V<w@$coVV#AIEL57%r<iQ@jIb85NJhX}*S*X+#lD+y%
zL0%jg3AEAy4vj{jU%Fqt!X$pd0t6T011)4ac{*O+kBW+lDX>967{tWzqDrDlDg7Tf
zz)T_8l6^+ypk!q%D@G=$t-O#)899gwlyCmm)|r`+5slwEJzF=5M1XxJHmo-mwg(Kv
zUL+Jqn??!@0QUFy@wsiul$4ZSeg|a83k=5m^VlQEC-T_4rjNxjj~9ZnU&Oo<(-U!W
z8{`2Q^j1nSuxwY5k`^+_0S*hv6Py_hV{yc#s@fWbtVv5lKMQPE71Y84?=^1`-*$}&
zDF}S}e+r?-!bx!*zHH^_%nS<>kMig^uL6e<8l28pCf*=3>y41wc*g5k7#?0p6BF|{
zFI*lI9YU*X5|u%t=3U)6LK~a0Uv6<vcZ?xu=)II!_gOgwy6J;^XyQ^sg7hu^d5u{$
zl$P<0Y^EAcZ3T7Gel0;;$>@>pmzq=$GQ}MUyhW^~L|?dILPh82-V;e2^@s`iCi;5x
zh3oZmDUHFx{Jhywyk92%t97m;dlksRPe#+m8ySb0MwxbL8e!SQYLgu)?wC$!5zQnV
z*7|tMu69HT-+7D8*W3<LFM@5|6|~Ut)@x5L)@8HnqvI+JW<9IF@B@l{2;VBxyfdy-
zZ@-Ew@M9UZ>6zX*!=GVB8CH^~D4o9!nVh|HD|#hRBpZa15`}~Zois7FS(O7~PMFD!
z1?(eEb!!zl8Y1iPuQuYZYAbeb6!*P>h6@F#aVoP1C2Nel>TU{z=zqyy>J}Yx@OK~;
znD;<#RBH-rt$(L|{ZZ@U!75$tXq008(;(L*>L{d&OekMuhKqCGf=2!{8?ny7XY~zD
z9umadPf1FeP_DTWuoJXoWjfpINYjS4hd%@>H@hQ;X?ATh49lVAg-&z3WlYExEA85z
zXJTD%uG(Vqg7=HOCsL{(VP*zl3&-@aM(lIj0cB&G#kDI;$T!?AT&-#d?@bez5L^@*
zY_0f|T)Ub)2JGpD8T-Bxcqp1O=<Y7?VJyOOGuC$Frq{;^Cr`g?R%cki7Jn=Fj1bQe
z?z_dSw^4p^dD7Jx#h8}#uwPoHn<IpTp7c<8QP{B;c2gI?WAcIR8&;EJYghK&RB34&
zo&=-EamxjcCxAVWgS~k!tArv9k5+a0vT9|GH1+iF3_W0pVrr&KjY(|IGR&?vlAPy5
z7LIFBH<<?AgkbpOd{}OF14shVXffFJ(ZfZq<%QF46p%GDdmyM;PBxXc@w{z7th_i-
znPxZR?Qf|wy}P^jZIT(0rLU~_vT(G#2}VWkynkv^x2F7z4YgQXWMeuikvp!x&hzHW
zCly>y_oMvCUtL&uJ<#F&EsSOccLa*JiPT(uLh`fCtC6QR!R*&{_5r3m9jFs8Hn1<Z
zdhojJ16#DvYHV)gW3mtja#XpX|9+yQYTJ}@CYyq0Pur3tmEmZk?lrmDxF*nlWD5tJ
zjMEOtCbTm99|NBXzwhpZ@8N{#?DsJ)FU=i)3~wux<_KVp4ea0OLo-iV(XwE!T;;)+
zVP{vyfU;(A1mqpohJ2A4DiSsD{QSW+P(w*H$!m|GF=0CZKNT|<_tawWy?i*z*J8M!
znxWLTc{i+wlE<Q)P~Oxw<NwY7*$ZJ;60)JBN0x6L`-|b0f;_JGF-xrMpASin6qStm
zvadHYFp~b+jOh-;>Og%Q-#|srXFHU%H6a0cx1zlg2pg$e;+&8`|9%zp1H8?ErME=^
zorUkdGyh2DDInBca|AjiXnBmB8&)nI+(%oH#eB0^kmXeg`Rcr9vv{HK>y1-s=q8@e
zL^$@|3Y^4Pr|nH0re@<39G;+_sO^K*rqj!!VFiU*m7@YBhkkQjbwC?FsBOfV57(oT
zqL_rGOPyOloDs_5@gk7`MoxlQ?1&ICqZl14zQF`6-poURu-qn`KfD`8T$hS`IrdGl
z<=yx69sIfU2$@b!=#QI2$Mx1nHETeODhgZX=9inguEDNtLfG=m9v?u||Cv)h$;F8+
z-|BJ;muri*@KX!g_A{%D1Dq?TseWk2{?s#j3;TUi?$mwzo9vL=K#Qi8jz@wqv)Y?f
zx7F)aJMY(E88qIFF$tF*%i={RQJ9WTBhP}ue^!qYu+jCLax~2BU#EbNg_{Kg)?c0m
z45Ay!ITnv+3D|Xb4Gq`_csbd{kf~M0DG5;4uab(scV{Eh&+08VWd(nZGLok8O4~;#
zuV$_#pscVUzXOEKHZZdG<hQ&{OlVDEPoySpPvxIKiJ+{+NP*cS^U4XBdMvgc3L_XH
zo$t+h`H?Bpsi7bI<Mbq|R)AK`OI<-;%<0Q&k2D(a)X@PRR3M3aBT)#Q-bFk=op5QY
z?{_ZkDBN`#n^`$K??-Kc)lQ}xHB*Agv1R5j>nYeE{k4sXkkDPY=&Ym!quxywXilJt
za;42bt9MfEg2KL;l`B_nq^p#4Dtbj`pD7onsL8<|3J%u9l+fvMl8q!EWz3>Cgmv8U
zdEtxZHfD*@ac5=AqBK@k-S<zX-#P6Ue<Q@H&NLu(Wwyug8dOlHpK`@M)D>gBKOp!K
z&;X*GTqm_B2dDP*vM~eQ^^BD=h{b)rrc<|Y*(2QrT>2+}UW4@S>CtXK%J==3{q4IL
z!NEuqg4x?lpMjQmKx=F!J!t!z?@?o$qLq^BT(Hn;+93vlcoN`f_*NMTeYDKI*G5OX
zaBfB@KLxf16l+(s<3=JbDFizGYSuv@<FVi~U)~qb#zam<tXWiU#OnJ)iFG<UcaJ_*
z#UHiAa})JW%q%)nK-N}^I5Bn_7>#|hoMo_DsCm=g-u{Q!=XN8A#cZ5x+2`Mr^N$z+
z`tbB{W7O@B>^#GzMMVzY(uf;aw4A@Go(X&?YD9FNQ=9Sf75?|H&7ohc=nA(fAkSnZ
z=|`K#O+6VHb1oQz@{`N4c1x93lRee>`S~ZCRsI%OYB@AIZh-;T_GI@CvI5MZ=3Cv^
zJf)6=aG$MyN0YzIniX_(B7i9;$qQzoyQk-DR?Eg<@t3)og++Ib@$fVULuK1_%6aSL
z<YaVQT%LEmVIRtNu^Zrl=hqne8P6?gd6A?-k@OXfaPM##%&5W8na#eiv)ipGqtP@T
z{k<Dt1a5e=SoeEmq!*2A*%w#_wX3TuiN~P;1!tclf<)jWpUZLYc($18)6bu9{8!V;
zdy7}g8GEbR{&}qn_dBo_EvZml^tSYrl#lG3oD>WUsKA(BO?MJtr<|V-6PtrBfosiE
z*-aThQuv<dd@a`uP|TIc28zGx>gv;*n*rENX-s^4ez4roKj)oai0>r-fV>hF;gVNs
z2jG+jKE6(j#SXXtDoc-(HoTrdw4Mr`mJb*h*^A8pI-&J^h+axoR+VJFJK){Sm`&T&
zR|cJC?3HGxo|cpLccHtYO1mTU8F8(9CL*1TAn^^)u?&IJi-$FpB603Qn!eNT07WS|
zIcsV#O#Y<xB62c+Pr#1a=K64<@t~pwn<XYMG&J;d-48vbkCPY{6s;1p?x10ud{mEC
zw<J|kz93+sgheB#B6^!69u}RM8FjWbKz~yF>z4{LY&sjCLN0@!AeLIzf*Krp28`ns
zK|4o46~-p<3L<UNveXa{lrCR0u*K~#KZpt9j-LO?6e7jJ!O`cw1xA*onXw~#I(@yp
zv}0C(f5!~H<6HZ35xxPN|B3?P!Id{%`IGQSUJKw%aK*;JpFS!4foUWT4M|_EjgKdI
z#B;HyY1x_+OYmCS5<Iof4$#;gd@JAXT^Pb`$$<$d23=|JU)_Srxp`o`05=hN!vf$X
zStvcx58tcM2RnE^%G%%8O>Usts2gq955^i!0@55rp9lX;W!!bvqUSgwT)Q8OK%ooP
zegPitsI+s7QN9>l>XzkPtG_xM>z<cTZobtot#4#JRTfQSL(jum^f5+_>s!8iKpJ-m
zj5J*61M(cjb`ntPO@KdY@q-&sWz_gpq=s;4T^@mva9*nyaJM)zicM@4zy?N}>?`E9
zI@N1Qm5BB9H^!Hn-ZW-j0Zo|Hi0uVSpy8ogm3dvgjPf^eX0c4@I%ib9_1HhH#S{zN
zB#aJ>7v0Ctvn<Om@+xE^Czj8dy=l#2Xq=9GM^g^YMQ2T8_`y0=gMCM2090&pgPdTO
znxhQQ8OY^%62NS+*r2US3qZ?qGza8~!g;cotMh;4u&Q_gf<@i@CFAcUy(pyKsGbS>
z^aOPvM1mFTt<C50EVp>6Q0#;s7%S0BH2^}5j-ymyUl%9~xB%+id7tJH6MD(Z(B6v6
zP2BD~OBb~MRptEOjK$R&K9l3zt&QZewYDTcyHf3hD7-?kUtn{|q;MOq@CDK87`$@v
zDz}iVR}x{Pi2y7mjpTqXe6A8D0wA`GWb!MsC8&%2e>)(|2<ak8XR5YcSdfEb7gvfv
z@%T95;%rJ;F7NPTQy|UxuYto98kyTBl?15RdZJ66UEqz^mgX`1PROlvs!kBF<%25c
z{n&5`B>}^q)wb>^_q`}0O^#$q>jr>0J{el-RAsER*trs&voly`C$+gt&b}EobPco=
z|I?%+zeMk4BzD&85yYIdvSs4_&KiRIv*u0KW4kIa7n9-rRF>H1kN9ADY-}K|6K2f9
zV(|KZl~K(Q#-pqfA+!qpxvKNa#-Qxrhkf<_3*4_bBqG`_Lqk0xl^G(;OzcsXI!!cL
z{vOcU%<I!|?W+rTx7)oI?Uod&v4f1#maXjw0_Pdie7*rkNhML*q$;rZhdm^~7>Gs2
zI-QEiXQsIpXGHZ#$vVg8j_*BbPcU#wm{oq2Rx1r&0`tb?)!s=Fk<QweiMrJT<lxQg
zDM0$h?pR+C-@G1sfydPz(UjvM$h^Ra_hlJ~u@U%R0MBFfnH95^Jc5upG@n*(8XClh
zo09>5WURwtCMSd+&M)M0UK<{e4K+FJE(Y`u#nX4yZtVO?HC6K}1|j`=5j$Q4I&|9W
zW+muPDpya?yK`@b#{~fKb~-MGp55I1aZKnRe}>n!#tUMrykWKbm-*EA^t3+!+bOnG
z*Y!B!c*$5&U%rR|(6al5P#pS~w8ku|(hNfZM6dm$MkK@T@zze;t`A4ON?(Kx5>tlD
ztQ$T+>O;go`S1d{0zd<yz*vidjSY)y*%n^#;gAgh5z%O8BzeBZIP5${B8nsez`hyo
zjc1p50|31YcNp05$lY4r5&Y9P7dXe;V?#-7Nuk(nB<_4192`K~|FgO}egd;zMQa`q
zm$lqfKt&>cZ;MIV0Eo{}s{8s6#5lY<iy6A`j~pn*#>T-B5dj??LSHL&Bg)Dc#2sJ2
zd@r_d_8HAnNNZyi0IG!<^aL6JaKPZ;U<Cn<S`#!~w{4uff&w~pD*&kk+ih5Nrw5=k
zq1G$S8$c?0)8{}Ah9_L}OQn7Rg-<OxhS|28j*;Bn-EpWDnsONSB5gxhJeR5r;Gwax
zsgTh7DFEG->j-w2Pa8}X@ZdadK421;0Tt)uQ1IWb`?;rr=H9_^0_v<mj&WnE;%JeS
zwb<+pp#y3EGQ&8(xM1;qblnz+Pe`B>N$15D>m7`xF`CSS`~iuxcn?CULVNT6?|T9t
zA9aC<M;jXJi+^5in_%<&cvn<Z^s1-pX3a<MDearY2^}@{+shG&NTTA_s*5&uKQW3w
z7q0+i@^?xdn^6c9c6JJLl$z?$(bLcPh>2+(tFDgQT6-8Ae3~RaN-#}92ki1<LB$<}
rl!O9&RZdpsr9?{l|N8Eae~2X{ZN7o@f-}IoBd;Lha-S<i^?&{k;-TLF

literal 0
HcmV?d00001

diff --git a/docs/userguide/networking/images/key_value.svg b/docs/userguide/networking/images/key_value.svg
new file mode 100644
index 00000000..5f850737
--- /dev/null
+++ b/docs/userguide/networking/images/key_value.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="297" height="228.1999969482422"><style xmlns="http://www.w3.org/1999/xhtml"></style><defs/><g transform="translate(0,0)"><g><rect fill="#ffffff" stroke="none" x="0" y="0" width="297" height="228.1999969482422"/></g><g transform="translate(0,0) matrix(1,0,0,1,24,93.51999694824218)"><g><g transform="translate(0,0) scale(0.6084739830463705,0.6)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="matrix(1,0,0,1,3,157)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24.80000114440918" y="12">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33.60000228881836" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46.400001525878906" y="12">t</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,119,130.51999694824218)"><g><g transform="translate(0,0) scale(0.6084739830463705,0.6)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="matrix(1,0,0,1,98,194)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24.80000114440918" y="12">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33.60000228881836" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46.400001525878906" y="12">t</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,220,99.35999694824216)"><g><g transform="translate(0,0) scale(0.6084739830463705,0.6)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="matrix(1,0,0,1,199,163)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24.80000114440918" y="12">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33.60000228881836" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46.400001525878906" y="12">t</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,114,3.1889969482422202)"><g><g transform="translate(0,0) scale(0.4877347541024086,0.4893104486600422) translate(1.204592e-14,0)"><g><g><path fill="#02709F" stroke="#FFFFFF" d="M 99.554 18.074 C 99.554 28.302 77.168 36.592 49.552 36.592 C 21.939 36.592 -0.443 28.302 -0.443 18.074 L -0.443 60.746 C -0.443 70.972 21.943 79.262 49.559 79.262 C 77.171 79.262 99.557 70.969 99.557 60.746 L 99.557 18.074 L 99.554 18.074 Z" stroke-miterlimit="10" stroke-width="1.2853"/></g><g><path fill="#02709F" stroke="#FFFFFF" d="M 49.559 -0.442 C 77.171 -0.442 99.557 7.848 99.557 18.075 C 99.557 28.303 77.171 36.593 49.559 36.593 C 21.943 36.593 -0.443 28.303 -0.443 18.075 C -0.443 7.848 21.943 -0.442 49.559 -0.442 Z" stroke-miterlimit="10" stroke-width="1.2853"/></g></g></g></g></g><g transform="matrix(1,0,0,1,93,44)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="88" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="88" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="2.3125" y="0" width="85" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="2.4000000953674316" y="12">K</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="10.40000057220459" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="16.80000114440918" y="12">y</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="23.200000762939453" y="12">-</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27.200000762939453" y="12">v</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="32.79999923706055" y="12">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="12">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="42.400001525878906" y="12">u</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="48.79999923706055" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59.20000076293945" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64.80000305175781" y="12">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="75.20000457763672" y="12">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="79.20000457763672" y="12">e</text></g></g><g transform="matrix(1,0,0,1,133.88673770512042,37.68899694824222)"><g transform="translate(0,0)"><g transform="translate(-171,-25.199996948242188) translate(37.113262294879576,-12.489000000000033) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 138.38673770512042 42.18899694824222 M 138.38673770512042 42.18899694824222 L 140.13562398277034 43.15925299065982 M 140.13562398277034 43.15925299065982 M 141.88451026042026 44.129509033077426 L 143.63339653807014 45.09976507549503 M 143.63339653807014 45.09976507549503 M 145.38228281572006 46.07002111791263 L 147.13116909336998 47.040277160330234 M 147.13116909336998 47.040277160330234 M 148.88005537101986 48.01053320274784 L 150.62894164866975 48.98078924516544 M 150.62894164866975 48.98078924516544 M 152.37782792631967 49.95104528758304 L 154.12671420396958 50.921301330000645 M 154.12671420396958 50.921301330000645 M 155.87560048161947 51.89155737241825 L 157.62448675926936 52.86181341483585 M 157.62448675926936 52.86181341483585 M 159.37337303691928 53.83206945725345 L 161.1222593145692 54.802325499671056 M 161.1222593145692 54.802325499671056 M 162.87114559221908 55.77258154208866 L 164.62003186986897 56.74283758450626 M 164.62003186986897 56.74283758450626 M 166.36891814751885 57.713093626923865 L 168.11780442516877 58.68334966934147 M 168.11780442516877 58.68334966934147 M 169.8666907028187 59.65360571175907 L 171.61557698046857 60.62386175417667 M 171.61557698046857 60.62386175417667 M 173.36446325811846 61.594117796594276 L 175.11334953576838 62.56437383901188 M 175.11334953576838 62.56437383901188 M 176.8622358134183 63.53462988142948 L 178.61112209106818 64.50488592384708 M 178.61112209106818 64.50488592384708 M 180.36000836871807 65.47514196626469 L 182.108894646368 66.44539800868229 M 182.108894646368 66.44539800868229 M 183.8577809240179 67.41565405109989 L 185.6066672016678 68.3859100935175 M 185.6066672016678 68.3859100935175 M 187.35555347931768 69.3561661359351 L 189.1044397569676 70.3264221783527 M 189.1044397569676 70.3264221783527 M 190.85332603461748 71.2966782207703 L 192.60221231226737 72.2669342631879 M 192.60221231226737 72.2669342631879 M 194.35109858991729 73.23719030560551 L 196.09998486756717 74.20744634802311 M 196.09998486756717 74.20744634802311 M 197.84887114521706 75.17770239044071 L 199.59775742286695 76.14795843285832 M 199.59775742286695 76.14795843285832 M 201.34664370051686 77.11821447527592 L 203.09552997816678 78.08847051769352 M 203.09552997816678 78.08847051769352 M 204.8444162558167 79.05872656011113 L 206.59330253346658 80.02898260252873 M 206.59330253346658 80.02898260252873 M 208.3421888111165 80.99923864494633 L 210.0910750887664 81.96949468736393 M 210.0910750887664 81.96949468736393 M 211.83996136641628 82.93975072978154 L 213.5888476440662 83.91000677219914 M 213.5888476440662 83.91000677219914 M 215.33773392171608 84.88026281461674 L 217.086620199366 85.85051885703434 M 217.086620199366 85.85051885703434 M 218.83550647701588 86.82077489945195 L 220.58439275466577 87.79103094186955 M 220.58439275466577 87.79103094186955 M 222.3332790323157 88.76128698428715 L 224.0821653099656 89.73154302670476 M 224.0821653099656 89.73154302670476 M 225.8310515876155 90.70179906912236 L 227.57993786526538 91.67205511153996 M 227.57993786526538 91.67205511153996 M 229.3288241429153 92.64231115395756 L 231.0777104205652 93.61256719637517 M 231.0777104205652 93.61256719637517 M 232.8265966982151 94.58282323879277 L 234.575482975865 95.55307928121037 M 234.575482975865 95.55307928121037 M 236.3243692535149 96.52333532362798 L 238.0732555311648 97.49359136604558 M 238.0732555311648 97.49359136604558 M 239.8221418088147 98.46384740846318 L 241.4374511336982 99.35999694824216" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,133.88673770512042,37.68899694824222)"><g transform="translate(0,0)"><g transform="translate(-141,-37.19999694824219) translate(7.113262294879576,-0.48900000000003274) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 138.38673770512042 42.18899694824222 M 138.38673770512042 42.18899694824222 L 138.4331576707298 44.18845817237057 M 138.4331576707298 44.18845817237057 M 138.47957763633917 46.18791939649891 L 138.52599760194855 48.18738062062726 M 138.52599760194855 48.18738062062726 M 138.57241756755792 50.186841844755605 L 138.6188375331673 52.18630306888395 M 138.6188375331673 52.18630306888395 M 138.66525749877667 54.1857642930123 L 138.71167746438604 56.185225517140644 M 138.71167746438604 56.185225517140644 M 138.75809742999542 58.18468674126899 L 138.80451739560476 60.18414796539734 M 138.80451739560476 60.18414796539734 M 138.85093736121414 62.18360918952568 L 138.89735732682348 64.18307041365404 M 138.89735732682348 64.18307041365404 M 138.94377729243286 66.18253163778239 L 138.9901972580422 68.18199286191074 M 138.9901972580422 68.18199286191074 M 139.03661722365158 70.1814540860391 L 139.08303718926092 72.18091531016745 M 139.08303718926092 72.18091531016745 M 139.1294571548703 74.1803765342958 L 139.17587712047964 76.17983775842416 M 139.17587712047964 76.17983775842416 M 139.22229708608901 78.17929898255251 L 139.26871705169836 80.17876020668086 M 139.26871705169836 80.17876020668086 M 139.31513701730773 82.1782214308092 L 139.36155698291708 84.17768265493754 M 139.36155698291708 84.17768265493754 M 139.40797694852645 86.1771438790659 L 139.4543969141358 88.17660510319425 M 139.4543969141358 88.17660510319425 M 139.50081687974517 90.1760663273226 L 139.54723684535452 92.17552755145095 M 139.54723684535452 92.17552755145095 M 139.5936568109639 94.17498877557931 L 139.64007677657324 96.17444999970766 M 139.64007677657324 96.17444999970766 M 139.6864967421826 98.173911223836 L 139.73291670779196 100.17337244796434 M 139.73291670779196 100.17337244796434 M 139.77933667340133 102.1728336720927 L 139.82575663901068 104.17229489622105 M 139.82575663901068 104.17229489622105 M 139.87217660462005 106.1717561203494 L 139.9185965702294 108.17121734447775 M 139.9185965702294 108.17121734447775 M 139.96501653583877 110.1706785686061 L 140.01143650144812 112.17013979273446 M 140.01143650144812 112.17013979273446 M 140.0578564670575 114.16960101686281 L 140.10427643266684 116.16906224099117 M 140.10427643266684 116.16906224099117 M 140.1506963982762 118.1685234651195 L 140.19711636388556 120.16798468924786 M 140.19711636388556 120.16798468924786 M 140.24353632949493 122.16744591337621 L 140.28995629510428 124.16690713750457 M 140.28995629510428 124.16690713750457 M 140.33637626071365 126.16636836163292 L 140.382796226323 128.16582958576126 M 140.382796226323 128.16582958576126 M 140.42921619193237 130.1652908098896 L 140.4374511336982 130.51999694824218" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,40.937451133698204,37.68899694824222)"><g transform="translate(0,0)"><g transform="translate(-136,-42.19999694824219) translate(95.0625488663018,4.510999999999967) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 138.38673770512042 42.18899694824222 M 138.38673770512042 42.18899694824222 L 136.63596995202016 43.15585385322055 M 136.63596995202016 43.15585385322055 M 134.8852021989199 44.12271075819888 L 133.13443444581964 45.089567663177206 M 133.13443444581964 45.089567663177206 M 131.38366669271937 46.056424568155535 L 129.6328989396191 47.02328147313386 M 129.6328989396191 47.02328147313386 M 127.88213118651885 47.99013837811219 L 126.13136343341858 48.95699528309052 M 126.13136343341858 48.95699528309052 M 124.38059568031832 49.92385218806885 L 122.62982792721806 50.89070909304718 M 122.62982792721806 50.89070909304718 M 120.8790601741178 51.85756599802551 L 119.12829242101753 52.824422903003835 M 119.12829242101753 52.824422903003835 M 117.37752466791727 53.791279807982164 L 115.62675691481701 54.75813671296049 M 115.62675691481701 54.75813671296049 M 113.87598916171675 55.72499361793883 L 112.12522140861648 56.691850522917164 M 112.12522140861648 56.691850522917164 M 110.37445365551622 57.65870742789549 L 108.62368590241596 58.62556433287383 M 108.62368590241596 58.62556433287383 M 106.8729181493157 59.592421237852164 L 105.12215039621543 60.5592781428305 M 105.12215039621543 60.5592781428305 M 103.37138264311517 61.526135047808836 L 101.6206148900149 62.49299195278717 M 101.6206148900149 62.49299195278717 M 99.86984713691464 63.45984885776551 L 98.11907938381438 64.42670576274384 M 98.11907938381438 64.42670576274384 M 96.36831163071412 65.39356266772216 L 94.61754387761385 66.3604195727005 M 94.61754387761385 66.3604195727005 M 92.86677612451359 67.32727647767882 L 91.11600837141333 68.29413338265715 M 91.11600837141333 68.29413338265715 M 89.36524061831307 69.26099028763548 L 87.6144728652128 70.22784719261381 M 87.6144728652128 70.22784719261381 M 85.86370511211256 71.19470409759214 L 84.1129373590123 72.16156100257047 M 84.1129373590123 72.16156100257047 M 82.36216960591206 73.1284179075488 L 80.61140185281181 74.09527481252712 M 80.61140185281181 74.09527481252712 M 78.86063409971156 75.06213171750545 L 77.10986634661131 76.02898862248378 M 77.10986634661131 76.02898862248378 M 75.35909859351106 76.99584552746211 L 73.60833084041082 77.96270243244044 M 73.60833084041082 77.96270243244044 M 71.85756308731057 78.92955933741877 L 70.10679533421032 79.8964162423971 M 70.10679533421032 79.8964162423971 M 68.35602758111007 80.86327314737542 L 66.60525982800982 81.83013005235375 M 66.60525982800982 81.83013005235375 M 64.85449207490957 82.79698695733208 L 63.10372432180932 83.76384386231041 M 63.10372432180932 83.76384386231041 M 61.35295656870906 84.73070076728875 L 59.602188815608805 85.6975576722671 M 59.602188815608805 85.6975576722671 M 57.85142106250855 86.66441457724542 L 56.100653309408294 87.63127148222377 M 56.100653309408294 87.63127148222377 M 54.34988555630804 88.5981283872021 L 52.59911780320778 89.56498529218044 M 52.59911780320778 89.56498529218044 M 50.84835005010753 90.53184219715877 L 49.09758229700727 91.49869910213711 M 49.09758229700727 91.49869910213711 M 47.346814543907016 92.46555600711544 L 45.59604679080677 93.43241291209378 M 45.59604679080677 93.43241291209378" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/userguide/networking/images/network_access.gliffy b/docs/userguide/networking/images/network_access.gliffy
new file mode 100644
index 00000000..b1a1910d
--- /dev/null
+++ b/docs/userguide/networking/images/network_access.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#ffffff","width":437,"height":368,"nodeIndex":178,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":5,"y":1.1999969482421875},"max":{"x":437,"y":367.5199969482422}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":126.38636363636371,"y":74.1428540910994,"rotation":0.0,"id":129,"width":291.1363636363638,"height":149.0,"uid":"com.gliffy.shape.iphone.iphone_ios7.icons_glyphs.glyph_cloud","order":0,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.iphone.iphone_ios7.icons_glyphs.glyph_cloud","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#929292","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":199.0,"y":150.96785409109907,"rotation":0.0,"id":114,"width":150.0,"height":54.732142857143145,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":17,"lockAspectRatio":false,"lockShape":false,"children":[{"x":44.0,"y":2.7321428571431454,"rotation":0.0,"id":95,"width":62.0,"height":33.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":5,"lockAspectRatio":false,"lockShape":false,"children":[{"x":29.139999999999997,"y":2.94642857142857,"rotation":0.0,"id":96,"width":3.719999999999998,"height":27.107142857142843,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":14,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":99,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":99,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.8600000000000136,-1.1785714285714448],[1.8600000000000136,28.285714285714278]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":51.46,"y":2.94642857142857,"rotation":0.0,"id":97,"width":1.2156862745098034,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":11,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-1.4193795664340882,-1.178571428571729],[-1.4193795664340882,28.28571428571442]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":9.919999999999993,"y":1.3749999999999987,"rotation":0.0,"id":98,"width":1.239999999999999,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":8,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.0393795664339223,0.3928571428572809],[2.0393795664339223,29.85714285714272]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":0.0,"y":1.7678571428571417,"rotation":0.0,"id":99,"width":62.0,"height":29.46428571428572,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":3,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":40.732142857143145,"rotation":0.0,"id":112,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":16,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">container2</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":209.0,"y":284.96785409109907,"rotation":0.0,"id":115,"width":150.0,"height":54.732142857143145,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":34,"lockAspectRatio":false,"lockShape":false,"children":[{"x":44.0,"y":2.7321428571431454,"rotation":0.0,"id":116,"width":62.0,"height":33.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":22,"lockAspectRatio":false,"lockShape":false,"children":[{"x":29.139999999999997,"y":2.94642857142857,"rotation":0.0,"id":117,"width":3.719999999999998,"height":27.107142857142843,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":31,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":120,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":120,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.8600000000000136,-1.178571428571388],[1.8600000000000136,28.285714285714334]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":51.46,"y":2.94642857142857,"rotation":0.0,"id":118,"width":1.2156862745098034,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":28,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-1.4193795664340882,-1.178571428571729],[-1.4193795664340882,28.28571428571442]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":9.919999999999993,"y":1.3749999999999987,"rotation":0.0,"id":119,"width":1.239999999999999,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":25,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.0393795664339223,0.3928571428572809],[2.0393795664339223,29.85714285714272]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":0.0,"y":1.7678571428571417,"rotation":0.0,"id":120,"width":62.0,"height":29.46428571428572,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":20,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":40.732142857143145,"rotation":0.0,"id":121,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":33,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">external_container</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":122.0,"y":150.96785409109907,"rotation":0.0,"id":122,"width":150.0,"height":54.732142857143145,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":51,"lockAspectRatio":false,"lockShape":false,"children":[{"x":44.0,"y":2.7321428571431454,"rotation":0.0,"id":123,"width":62.0,"height":33.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":39,"lockAspectRatio":false,"lockShape":false,"children":[{"x":29.139999999999997,"y":2.94642857142857,"rotation":0.0,"id":124,"width":3.719999999999998,"height":27.107142857142843,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":48,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":127,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":127,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.8600000000000136,-1.1785714285714448],[1.8600000000000136,28.285714285714278]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":51.46,"y":2.94642857142857,"rotation":0.0,"id":125,"width":1.2156862745098034,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":45,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-1.4193795664340882,-1.178571428571729],[-1.4193795664340882,28.28571428571442]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":9.919999999999993,"y":1.3749999999999987,"rotation":0.0,"id":126,"width":1.239999999999999,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":42,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.0393795664339223,0.3928571428572809],[2.0393795664339223,29.85714285714272]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":0.0,"y":1.7678571428571417,"rotation":0.0,"id":127,"width":62.0,"height":29.46428571428572,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":37,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":40.732142857143145,"rotation":0.0,"id":128,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":50,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">container1</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":192.0,"y":120.19999694824219,"rotation":0.0,"id":130,"width":150.0,"height":27.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":52,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-weight:bold;\">isolated_nw</span></p><p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\">&nbsp;</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":65.0,"y":1.1999969482421875,"rotation":0.0,"id":134,"width":73.116,"height":102.32,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":53,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":103.0,"y":53.19999694824219,"rotation":0.0,"id":136,"width":119.0,"height":45.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":54,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":134,"py":0.5,"px":1.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[35.115999999999985,-0.8400000000000034],[87.0,-0.8400000000000034],[87.0,55.0]],"lockSegments":{},"ortho":true}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":20.0,"y":16.699996948242188,"rotation":0.0,"id":140,"width":150.0,"height":1.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":55,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\"><br /></span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":55.0,"y":112.19999694824219,"rotation":0.0,"id":142,"width":78.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":56,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Docker Host</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":160.0,"y":179.0,"rotation":0.0,"id":145,"width":10.0,"height":10.0,"uid":"com.gliffy.shape.basic.basic_v1.default.ellipse","order":57,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ellipse.basic_v1","strokeWidth":1.0,"strokeColor":"#00ffff","fillColor":"#00ffff","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":31.999999999999993,"y":189.1999969482422,"rotation":0.0,"id":147,"width":73.116,"height":102.32,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":58,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":346.0,"y":265.1999969482422,"rotation":0.0,"id":149,"width":73.116,"height":102.32,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":59,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":378.0,"y":276.1999969482422,"rotation":0.0,"id":150,"width":56.0,"height":26.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":60,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":149,"py":0.5,"px":0.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":120,"py":0.5,"px":1.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-32.0,40.15999999999997],[-47.5,40.15999999999997],[-47.5,28.0],[-63.0,28.0]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":250.0,"y":282.1999969482422,"rotation":0.0,"id":152,"width":84.0,"height":96.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":61,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":120,"py":0.0,"px":0.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":145,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#666666","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[3.0,7.267857142857167],[3.0,-42.96606990269251],[-85.0,-42.96606990269251],[-85.0,-93.19999694824219]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":103.0,"y":242.1999969482422,"rotation":0.0,"id":153,"width":54.0,"height":53.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":62,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":147,"py":0.5,"px":1.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":145,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[2.1159999999999854,-1.8400000000000034],[29.557999999999993,-1.8400000000000034],[29.557999999999993,-58.19999694824219],[57.0,-58.19999694824219]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":250.0,"y":286.0,"rotation":0.0,"id":154,"width":10.0,"height":10.0,"uid":"com.gliffy.shape.basic.basic_v1.default.ellipse","order":63,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ellipse.basic_v1","strokeWidth":1.0,"strokeColor":"#00ffff","fillColor":"#00ffff","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":278.0,"y":149.96785409109907,"rotation":0.0,"id":155,"width":150.0,"height":54.732142857143145,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":64,"lockAspectRatio":false,"lockShape":false,"children":[{"x":44.0,"y":2.7321428571431454,"rotation":0.0,"id":156,"width":62.0,"height":33.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":69,"lockAspectRatio":false,"lockShape":false,"children":[{"x":29.139999999999997,"y":2.94642857142857,"rotation":0.0,"id":157,"width":3.719999999999998,"height":27.107142857142843,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":78,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":160,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":160,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.8600000000000136,-1.1785714285714448],[1.8600000000000136,28.285714285714278]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":51.46,"y":2.94642857142857,"rotation":0.0,"id":158,"width":1.2156862745098034,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":75,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-1.4193795664340882,-1.178571428571729],[-1.4193795664340882,28.28571428571442]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":9.919999999999993,"y":1.3749999999999987,"rotation":0.0,"id":159,"width":1.239999999999999,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":72,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.0393795664339223,0.3928571428572809],[2.0393795664339223,29.85714285714272]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":0.0,"y":1.7678571428571417,"rotation":0.0,"id":160,"width":62.0,"height":29.46428571428572,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":67,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":40.732142857143145,"rotation":0.0,"id":161,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":80,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">container3</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":3.0,"y":296.1999969482422,"rotation":0.0,"id":162,"width":133.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":81,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":5,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">external host</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":337.0,"y":21.199996948242188,"rotation":0.0,"id":176,"width":98.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":84,"lockAspectRatio":false,"lockShape":false,"children":[{"x":13.0,"y":0.0,"rotation":0.0,"id":174,"width":85.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":83,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":5,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">published port</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":null},{"x":0.0,"y":3.8000030517578125,"rotation":0.0,"id":173,"width":10.0,"height":10.0,"uid":"com.gliffy.shape.basic.basic_v1.default.ellipse","order":82,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.ellipse.basic_v1","strokeWidth":1.0,"strokeColor":"#00ffff","fillColor":"#00ffff","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":85}],"shapeStyles":{},"lineStyles":{"global":{"stroke":"#666666","strokeWidth":2}},"textStyles":{"global":{"bold":true}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":[],"lastSerialized":1445536836098},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/docs/userguide/networking/images/network_access.png b/docs/userguide/networking/images/network_access.png
new file mode 100644
index 0000000000000000000000000000000000000000..d8bf6319dd97e81192a0ec0da138caa837df2f06
GIT binary patch
literal 30649
zcmb@ubySpJ*fuJult>GbGIV!$&CuN~AV_yN2uckD($XD+(j6ioEiE0=-5uw_-}`=l
zoORas*Kz4$E!NEQ?0v`H*L~gB?I%@bIV^M%^k>hWVL`ys>d&4b^a1}uU!VfN5x?8@
zefEs<8AMt_)6018>vJyxt((VohBI7A3^W?Fk~7*I2Kq>pZ`l|ZRTp&^@NC=82Lo**
z&x$fzqVKu6y5C3hpG!(oqP?OdcmaY!*B<>w+)vsKVM4BlgY)wz<XOV;^IV&Qe!$;@
z+sw-ry7IQRHga`lt!y~?3+(C|h>artD->x2wQOSi7kFU(%A2Nr0^RTKmFHMU*3*oL
zTwLZ_b0(EcvMZTVb!T{Zljs_#p4A2RHkwag3l>)sr?ff#dgFAhEZj^#vZ_rsRPeK=
zt1KB?`!R6c*7m#2G=jkm@oW)wW~);Wi@ic#ZV){sIx-9q5rT1`ZEqw}iaos&Kf?QW
zbB_~4U%2Vh3YuDqZ$KbQ&kTkA59M@ba0P|_56_W-AN8KGRqH<aYHH%Zn-L`tg7f>D
zrNuXrwO0<XtG?M*ioi$EwvCRC^h)}}g?96l_??QU*7W!St~fradHKl-PT9>B!HWv(
z$fFL)-YJ-j6$9&tL=4Uj5+7SL(r<w4HtJkb2-{T^^k9qGTVo!ij1h_1F?S<Tyq_C;
z{$^-v4lQm(QHPS2a`z#66Bj&7+sMrfJOJV80a59iIy!MuweBgm=h}X?b$_A=qsd$z
zw)hRXILNc$^D*xU9XLFoM76SXIMDlV-1UYCV*>Mfl-uFiE|E|6hym<@?MTB?K6cN8
zPAky7kCw5*VB{}JVaQ%cw|Hm&-1y;pM^`nsvA>;5O%-L}5JRuXX;rMCDy5B~LJ0$~
zj?N-r9bLXR3LeB8%)e@fTKmUye7`tM5w#8U`YK?E2uuB)j8oc=76^oBbjn`(H<XMb
zp}>016Vm{Xyz)bT0m7QsK;4uMi&$xNJY{#BQAU#UGFi{5R(JOEArd~8VQtgZSo4<>
zl#5l_jg}i$?pjr{YzPea8)Sip2$^#T{y)}G-=rOF^(ih?W{J@K(mqmWF#BBzM4pz3
z&f1x+^?q6%*Z3Kg;_EkPsDKeY1`5mohrW1*f(#Snvr%xSaq!|A*S`EPvNeUSuSn?h
z*C18b$dn>lWosHGFe~%(Az$KZr^;ELB?=7T2!DX#Gh%L#J+Sx%u<iQ`(u%pWKNnux
zm7x=2Z2p#5b@*Dd9@Q$OzX_^Gz@7D}G+tZdq*C|5R{KC-fS9KQ6TAX9&Fj{-bZzVj
z=qDSdU!67HLmTrDtHt_don>n6yX;On;3@7t=xxR((Q;yQb`2E4`DP{gxlc~Z0i0Hp
zUTQf)CB0|3*vU$Fe)#$Muwo}{-eoW?tD?hBN5E2*Z{Am*Gv&&3c(Vtg?-U0->#mb;
z^t5GUV9Uy$eFwmcb;jk+I#}rFR@2YB8JEhwu1|C>IE~a;_%+tOh-3S8-oO-`-wW$Q
zc=D7qdYCY1+ZYQQyXzeW?_8RQ+#4>UxZQ9j+Ov;r8$v}dw_}?NX-nX}Bi9RMW=zmC
zd0qi9kTD_B!O)MO@q~}z9UH$E5!L4_Bu)|sEF%H?O{0f#gGy#Ma^($@J*_<peS4E4
zcPB_1Wxf=DV<2uirMF&U#O>p-Z>^)Ot@{Z(yP1I@$pF@Sf&aoAym;nOSOGz-;cz)9
z<~QVHSmdsWj%_qMCOaO%KutMNp|sI-E}?r0(BdF*b;@lILkv*p@%Lm~T;SBn13ZTU
zLxkk1L`~oU#|czJoRR^G5B@m+j*aLkyJP_ep#vY0%_0OIa+QiGARy3icQSDNH%{!W
zu<%`EwUE~lrECmIfoStqZj{qu>!tbLpYKY>2y=}aX}0VxYv4*a>>i7l6ImgNS;Eb&
zM#p}Otj1+szQ%rzaC>{(M~mgwka8QjPdk3adPxv>g^&e9z^Rz<%Vh12RU_&_jRQ{X
z%L;0i=J;Fe$=schwm-$l2fDNs+#vL;3Pe3Uy@rcf+vEGoCF(&-k#w$_larI*)$di@
z4i{VdYy~zmT%ATlE={+7=NKC~Dk)*1z9h9~0u?Exe|%2v)nN<ubu~kT(1FPlUKbE9
zQNSzYYCmy1ub7!xPyRTraM)<q=0)!#CjOq1ic@xD7Pv@QQJL!>G2uX?j|288D<-8w
z_bTe}dFF|Dh1FsFOzoL<y$G6Vb}%g(kG^XtDwg`Ux4%Viwy2}u@VyLtyj|k(zj4DP
z7uK!Kzi(Db=S|^vehY8A`7oHqgF%<&$7$?;u7x7~9{g|^_}I19moQpsB6hcH^7v!v
z;eu~+7=x`PJGOwJzwP>($iy$Fe59A$7t?dz`T5(oZ;!4wv;LlqtLXIJ{iS$R?L9qA
z=X31&qGMdLv*h(R#tZO^xKpz}EKcl!zqGXUXeENeyz3*@4(a2~bUWiWHiJ6Fd$GrW
z8Ovm|;S7PuPoLB_M_hLnn)x!lR?+4?m;AlXM&%|2%8gs~^(xxvpKKNjiS5}hy69FA
z!_O{Wg)-b1VSSR2kMn4_DwvFsgarvZx{+=KBt-aY@f6-Po&7N`E~)6<KeWdOr>U#I
zBt&V^Fl7xgm?yo#e#W=UtwbOFnnSX4CEc;D^JIO%c~VQqY`jpZ;d&$8`F6jaPgk|(
z=F0I0Jq?YF#BP#-L#Kv{Ncdsf?aS2ERDQoJr_kF32hFL<^75bIM8?J0+J=VF9PfJQ
z!K2;szgiz|cCXeFR9+Die?r5fEq3L1T7DKQ_TXh%(bL^+wlSF6@9(?dK3(#6SnSd7
z-1YJP^6#8uyFET^+9Xh9(eG4=S-%F1AV5tmH5n5Zr?dHZGQjq3EFV%DL%^iXozY&{
zyEju!(Bas6u8p!@JuHYpCg^r_VCC(VC_aV)GaT?5H%O%yGJR<{tr*?=XU)1En!(GB
zn%v$bi!iLXa-lO{qep2YD<hzdf253{4~-o<m``>WB&1p4H|=;fm?dV?D7?G7>%3D^
z#HiZ#_;9Nv2}`2gq!semi}b&}pkic14-XGV&z>dCL4`CKIX0}Iwww+NeQ2x7%|%>j
za@SDJpPXtB44n6vv)_>%7CICjOyQ8yOWL2U)tE9gGBOIC{B@eY-sHZk&7-1gYz*H(
ze^U*bxj0(slF+TXyKH~dnxZu8v%LiZ?28tJ@^XJp=NvN4LIo*vJ=+?^+H~9e>S_Mx
zo0*S`!A0ZKmZz1Ydxsp;Bi1JA&N>?shaIT;=1X;2>ZZ6sjVRih2EqB3D&as1du4av
zKQkdN4rB~sTbQtAJ_-*~R8Y{E%B-e=1dW#NOq7h{1Pi6{-1IY5(nA|0VS#yN7x8lB
zYVRdqjQPu7GS9WFer8IP>6QG3GlhKQIwIovGj*Im5jskyFz{t6r@4b{=wvb^WMe43
zXgIiIuGUruDW&!_@NWzsKIpn2nDD*1dG5|qEg4c(I{Yng@HLT1!xTHtxM;DE8xg-g
zWQ0yMD-Nq2j0S^pjwW?XsCam45zsTD@(W~=O9{W0qI`P=E6Q;BT(ziQV?Ap6X_O}|
zG0_bl<a@poK0B*#DFQcY)|NP4jbhV=x}ZR<?(c!f;lKFv?oGM4K5!~HXeKeSEbQ&s
zIXNV{#tJ*u?F!QM)$!B$95im0?)m_Me>|=tW_EXVtlQ$nVeGR_bM85mR_G1^H^~m9
zVX=-i%f<M!0_#QxwR*d(y;fURL5W7~5__?XKn5Ob<#*rF6uw#x)opSsLGPcbvW%*_
z;E%WhmQ%W=)+8Wc0tUM%$0bplUEZCJlu<|~u)EcQ8pBrm=(04E7>tVdZ2J=#o`MY&
zEEkFU!T;t=%{6{6{WJ}kcvAvRY?w*(?6*`*lYzieU)y%>ddt=)y3EK%*G)!@q-n)h
zr+k&64n~qGtjj%=eeY(n1|c_FIBvrW{T*b^_2djKx-e0a$T6i3M$-Zsi0Uh03csV^
zvCz?q8qoGhK97#3X8v14n+gFbn5#z^-9mO4@h0lmg)Fy87h@RQ0JY6}e;n6ux1#=c
zqwD*1hXM>8*H2@U0|H$NY^|CyO`KjI!(BhReWwM1=#P#wYJWVWrzOlcdsc>kFxrvX
zNs=A(Wq(#V5|Xz&tw^pjIt=>X&e~Qo@Erm6URchp^<9pnVMxl?g?Wfsjs>VPnVx5W
zR^+A`0<Dz<h)_3v56$R0U#8mn>$@^zHgM>BVTOLP4i+TRFTcG!)IpF^A{bKYUuQ8?
znE|qjx|Ced4J`Awscu2nw|uTtiz%<jz9|#9jTxZa_pc#HIpslGqZQG6c1vv{@(K!H
zEQu7uPYY|L7cB3Nr*{ed-M|kwZvEaU(TLjR32WVOy=qyOu51Eg#qfhwAjW2s;KRxl
z$S_uDi?a*jK~_7OH;tC@?(io+c*5Y;T;Dz}beq~|SvJ9zb7p#vOXGK)WmtK_*-dO;
zaBh${%AnOeM<D802pIqezETPZGLTdcgJmUb2tMo%_AM0nV@ym<{{2CeKHT6sbG7(K
zUGtNmYa{Zjxe|gCg;J;8<~JnD`eS3M&4Dg8|3JN__|uJk1-I9H>yj+oX&jdrItf7Y
zA#L{-+mKTnpu!OTRyJ+lOy1DCN4a=oA0a-*DN{i8ud+afIT<77w(%VGZvCM9inC@%
z)g%dv(660)G3Qb%+YL+XHTYLBouUH{x`i~6$y6zi-AU2107y!FnUV5eG9X=Ef8inm
z08aY<;1^yoi?Nm`%m@cCV{pDWr&E@RfGhCAZ+bu>19-ybREl;e>i^G2>`20Ve>qpy
zHwh-7+54YmgoTHf3>nr^P`EQKJgxQBzqJCNx}7J$$IotQ5vC*$PGT|0m5O+2Jzf}d
zGlZpIt7M0?ins;>&|Zfl{u2~)r_xhb4-tE~Lb|@b4&ZW%$$Sw!Q(?dd0)etU4;Rrh
zI_q?@)L8N}fz5ispAaAM1ayKm7Orz}F^px8hllsYok8ZG1w{Y=jMxVa%J+z`FsPT+
z*C#>6A_=RrpW6|kIB5jFAJ*_>EDNv%j7Wk1<!g5FU{2uAPZI=}YXAu^EB~_`5zNxk
zQn%VF27U4P@(0-PfgLwl?C!Bg-p!5sBQ`~Bem*F$9V8$I*xFhac%x|8n&n^LzxhQ;
zH)|dSjoU6-S_Gdze^ymfTS;)`8%Ikn1(H+j_F}*5;r>?5$jDzaAtO%_0_ofu&9e*`
zi(Ymqr+>Bf54ScYS!9bMh52Y}6INAM6L1?TTplcN0Fd)+Z-z^iO>OuoQtY&!AT6do
z_~gfy%h1qJ_hI{EZ0K`ra_0)emp>YT`?BB(gVX;``L|hBDHu^N=mnDwT=Sb7t6O7X
zQPDd9&@u|e;r|Oy!+!x4N)BrgZ!!$L*)GaM^j`h@m&0M6zs7ONc=09hC`xqFf`69B
zh0a%5Vg%fu>#)D*Yh=e5N#S_+yF`P|Tjbv>DWPs!%d~)j#a-s=>~*Uw`qZx916M}@
zWgiWdI#3@0m9}SD6tJ#K?Cw?HUgU0#YTru-W}_zjW{-WrRUdP6b7*{g@Si__vKy2e
zUp$4gHiC2gXBuMMBnu75Ebyt%IMlL1t_lD1GzE2LNL*%!>30CqlP`FbJVE?GM#`si
z&K&ZYhJj7`$xV`gWAQ-m1nUsT8^go(xQqdg;BPY)P3d=6x$aH@79;ceI&hr*dnGwT
z46kfd1(!?in)jCaf&<D`#BXpFs))Oj;WEL`0K)^Pz$j$2!S;g*DZET>Jx8$8(N>!O
zcaA%V@g;drI2+sn9|kZS&Z7W2EQfb@lAQXl6KbtadGfsgr8n3jLMkJwN$JtUY5*Jj
zhd77mXjXGnT%iVTZg3S9*?ufKT2rUPSO9buQe7v<e@C~YA&{e6zR0h9UR3m!Qy8<p
zy<QCnfHR9N@Kf3M8z4-!5&LZEdj4+IbE$b`_e?A|-h_$1P9B?K0X<c3OvVOLX|p}`
zuADxI)ygUonseab{5PFHVcddg|I&(|>FJPZ@_!3z(lUPiR1^09PZ{;e0c+he+pw8_
zS^K|Jg#ns4oe#tVcg|BhJXKcx80tV!BEw>smNS~aj8@<_xaKQ!(lH#qY$o{g{au8d
z5fHrNc{l2M`0RN>|KpaV{8Z1#xpz@fQ9wdqg*Yv>`R_z@Yq0Z9LV9D#MsuW|AJv~e
z+6Gqd|Hxl~0y}(q6FP{+dj-eO@PiclNyOt)MuAqDwke{oLqyNg9TgY|df<qFx&^O2
z)xF1TE^2D-fAGlSiU*hl2aCCwMf>*!|5ZNsYP>Jgb?N%bMftuaMiSxx@Mr-m!5wCd
zy-AA=!f#CF3AX-XX??FpKJ%8UB$$hXLoM5;ep%vooA?+Sj2cg9<v7*GbXcpJ=B+TM
zFQYB{sR@&o2E5S#ZFHBmJFj&1HqmWXpe`D->m%9iaeY1K8)XBRdUEgQC@?EI?!+>;
z-KmN{ZT`(6t2t5;gM71tEU(f4(2KGuaBc9Jez_E2UC>}6x%$D`HH@9!O7>)J`Udm#
zpoFIS?x0LE<~Q+!ug(-aQpKy#WKdv>SUe%@OiUPWc<rn`E=xRhOz-HM-t*{Q>`sqd
z1*>xv1KHiLt>^H(LAoCG{B&up+kU=5tx^3N?{jzuh&}?7_$}*<D(N%jY36?xrg4&s
zL1@yj;ei{s&eFj(?HQhLzCfd)F38QzrIJk2hO>o)dIbOny4Hbi-lol(e!j9PVD%^G
zNRh%aOhB*qzmcFxvXs^s)H`4e@Ra+BeE7EJh>C-g?;$;n3k{>GPzWyg;`zIM4)-4l
zphAcIaNZs(NRlbU{TP;8xAub~$>4~D*gBs@iAsEk(78KJi~U<H5m->7%00@dR*#cf
zqk<kNoy{L5dew2Kx2AYms9#Oej(v8}d}E02vaD(^<%_%ElV5||aQb-u4Lz2{piWv{
zU0uq}no?KCjltHnLYvuOrNvTK_T!*|{srx6`$vE`feO=dpnIw)q2{TV*|wUb;gA!4
z1S<F)2O&0u6<FM{Yk*GRCP|+w=c=lI!%H6bja$Z9&lh|xHUJX2sGvSxub{qnobYj$
zMTGQb{2dW{wCk_vSLDq|rzYJJ#affRWDbVtZftCn4vH@lHkqLfh+pL{@AG`zaYlqB
zTOihF%@RF6h*E^brn>ZeBL{Df9z<Fo4nx-j`%YzhS5m_bzSob<qmCrU9maIIpC>sq
zDT<2*t~>*|*&<1b{Z^otg0Vl{SuPbm8r)IwuFk<PdkWzuNVIuAt+niEzwlIq)us%5
zxPIMTy$;UD0HIZ-FZLr(lch2IzbiOY9$L<WBhvR-@gcGHZ&^Yuz9GO!!Wls}4E_Lm
zH<l^;_(7A7#Q~KQCuLDLIU|{d`QA)<YEVcq)*T3hGqVG29R-&i=t0A3ZEYcy!0s8o
zbZspvtn<Y$)i4kX^^ei?NUgRtIe=gZaguC(l~~i!iguOr5f|;v6*U;hbGz5wo#?+*
zL-RNE&$;bMH%SEQX`O^`x(`^GZDPhtF}3;Jm#I}BpBP^Vk9-I*GzSslSRv<(z0*!#
zOS0GjbN$jw=9z)+0mJqBcZx}1|56PC5si$u?m$pUWJ{GZh4q-_*cRt9s`KAWB?u_!
z@6<5TAWmU)rXRlwwuqGC{KEp?pF!W~Ak*hFoHd(h?YGt%P9Cjg?Dj=z(Npg-&1BFh
zjJ%!no$(I<fL9n*pOH$YXg!5_u0Bus?%DN=Gqs3LbclXjSpMkSsc5x==;^<(c$p|d
zZ~S?wDE0Zu9v+9`G{nAF;TH0WLc*S-&)5f4*~>#Gd?Q1!U^OH*A|xpJx^X_#Kkqi9
zh}g7u)nW({3e*bH>NB58Q9fnmj`Hi7Uu+fJ?(gBEROH0|LXAdr-cym}4cq%z^g_%2
zh1i*E<y`7dpm@a{mV^4sG(7=CDFzTXU8ixlDerdFF1Acr8*{X5+~6=)N7QrhvB?v8
z2qpbG0bv<j()M`eetuqfpzqd9Xlm7r@lY*a+cjSS-vy;I&{gL5yP3EpZzOB3Bzf|3
zXSixK8c5+lJCPwO2z{D18G(tbLMZ$?5Wa@dK@qp+vC_oVtbZ_^c&Qf4Dmpq`OYhIi
z$%&O28SfZL7hOMm+Vey6nPPfou}IG({HAb=Vnj||%55~tZDTUAfR;gDy^ApK#aDSI
z$t(s|TjIk6DqjUBRgFs444!TsyDyenh3fAOCMIEP_I0Hcb?YB4oAhBhn7>Se^67%s
z#$L8LSt2w$niR&I_Xxbx|04TYH&Ise#GfoUANw-F&7*$Szw9d&@lFt?8`uXCY~>}e
zTV8F!lDUAL@_c`Mzsa-{QR*}iQ64+&Tum$30xETKqBH$b6W>;2L@8Ug9-Y$vjJBrn
z4Xv-~w=eNQ<f(FX*H&JCTEsbjQR(R!z2O`Xo{zZ~56>TUhgLm|cJY~TX<mYuV9eMy
zAKy$!CsSefWh^}Z_GntM@0kzqq+7%bBxNU;GmAt*rnFxZQ|cI9c=4wsc0Q3rLb;m`
zlnvc{JeLAR->>a9AGX>4%3W*WY`+8B7^6s%z>vWy1uI-bzFbDW^^Ee<?ePBQYBX*z
z3Dy-<0DRaZ<w|Zjao$f_xtZw;-&2^$;8VCru(LWZ@Xca)1%|FEoB<r@)KE8L(Amt<
z_ZI5B>@^Y5!<JL#LlY8ixH#AV)?*1v3x)^bfX4`WhTLmqmgnjn#a63`rT;dCN>v)S
zYLc-wo1T2A_T?bKnphG1^;Eg$>LPiWate(+F?_x#^9`xC#s%DQh=_d~qeedG-w~B0
zs_f_LBBP^`5p3Luuv#@X>jU9xYbpSbA$Pz@eF{YeC42u81h)#UJZ8BLuxu<(GI5HP
z6hZy7FhKj`+WHsNDE<BY-y9YM*Vflp0E(x$qC&>szx8J2ae8uc#-lFGN?jd>SSa*u
zG-RC<q4jNioDVw6)MgE>jaC!WnW>>mAI++O^+y9Hs2%EPfx;4F$2CR3yQL;~rVk%J
z#BLcP6;uvKvg*;+Dyyi7?Sx<Uym6$Dnlg$9Ynv=EES*bXqf#4h?<D&k3N6H3fS}x^
zi4z$7DAuVQfrX>e<83YC`lw+vo9S1NvL}A>*|BVgP{-R<qQ=WbUzK`|rkSB(-(8Ql
z1hJ|B%0YU&g@5#(pO==mLW=rU(nTO>PzrUy$-aS-`ZNI<B*D<_38a#LQSF&UHKLoA
z%QOmg$M<VZW=G?<q%6r3Y;W@CzDQUdd>(|{UQD5Z{LAXktP&70{Y=sMxNu7KHA^qj
z)$)Ck-c)G+NEP#Ibe@Tfzstz{)v-=v$h6sX_cMVv-@%mL6y&84;^pVdh5~DwH1Mg`
zMUaelnuvO7S8gB)RV#8c<G4@OdbN6oYvLhH$Fw0ubGNiA@pp5GxNn*X^4s4NPYM?X
z)FYbBwUtKAbrRbvT@imD9}XYc&3+(PPPPMVyYmpwwCUQfc;osNKT0Dufb477ubU%z
z7<8rJFh^eW-XtS9Td|p`wM}k1NKh8+8<)C=x6z^HeO1X+T@$7Z++(d_-+ow+Gd?qa
zxB1pp)nke3(RK+Opc9bOyi;0sceoaM6fH>zLqf$=&Caon8F-e&tQQi++VmpJ|AJUq
zXrH^%;T#~-LjhKFffL+ze=$cnVMx{I8VFFO&VwAiUVfQ|R^kmu!bpw3CI8-Vs?3*#
zy=@P6C6;x?4}qzbXLhLP5~u%F<_XM_&HZZWFvfSuU_k|8vb#Q6muq1cyIMw?2gp0!
z_5hLD8k;=Hs@j%MaUvJ59RNo4w@j~h(d}V71@g;^p2vsFcFKkfsy-#{%GL}0yNBCD
z>xCwsgQi{97N8LzH?heQaCh9RW^5dbEq3<`$RZA_k<6HHVq6J$u)DpFZyc;&V;OGt
z79j2UE_Vcbo%GQicOYRG*H{De{G-!G>ig2BJ6`!$ZGhFc7F&h>XiG{W0&r+zv$Ev`
z-TE5UoFnbdpqW?y-P5gkaF<(IvwY1}9lJPRpc~)TMEx+0-G2APH#_vcXy4=L48r#%
zcwqw`^NEg)bx=)-8j_16k0~!_z5}RKbp5P=n-ZT!+@SYa{&gXLj(aI84Zk8&be;hO
z-CH3cgY~ft9$P|y5Yi$mOgHz{zX#5+H%tDPWDYIIvTFc1@~CWo@M$^vfq|ZVe0&VF
z6U@7=2h;hmE8A{LXVJtBkVhgm9RqLE5ruCHd1Q8zmqphTHNF9aSBBq7pV!q&#CNkU
zRN>pb>JP&Q00Y=N{8i{U>+w$R>r(6GV$`2My1sJBSQWmA;D8*nVFi;0Es<7DYS$8T
z8K2S*PLq7FT-Bb)`^$gro1t{Rck>O-=&)%cPcmixl`zzHv5Emm0`1D_h?vg7pNtGr
z%W#)iXrR#j+4v+!2GbQlD_3;<ys=A|dJ`-&5VSqQPXSJ;BGY%hzr7UuQBb<zAqmr7
zBYvNeW9SAj)m_0z&lAHHo}C(i5FkuR;e;%mkXI(&>t7hH*8tj4+{K0S;$R`Fp@IL)
zOqYA+_=B0161FUnVKraVDDlylAzUj@XK*<az!hYc9KQ~*WeG4Bea=uv->tzT>pLHA
z*`RK=aR282)dGZoR(^GmJy<=9J-y3C{S6peU++tpRTLphY=czIt1RCGfpfkek%W{L
z<2}5}_tWhU1=;eRtQ9Ri8xjkR2HUdtK;y<IY#>F|@)2Nbr~!&2k!FyHeIOKD^o4$v
z+iuga>#W$|;AIC9YCGxc)KJWt3Huln%09n@YYse2me-%$ET6?`#m{tRr%q148iTrh
zO}GO>6kh%fATY>@44n`PRkGmXy}1(V)u3y~VI)pH-c15DX2~z6tA4aB1A~K#me)4R
z1zLDGIKe!&Q}h@SXq5{nx7>sc8hU!4BtlV3uF;!3+i!N5@(T+~T|uDjrgfg*U+41V
zu-yaPm{d|ZQQGe>()E*;1xIYov#at%sH4hf*fz-p-oLT#_KsqnL1p@Vkm<i^Yq5~;
zms6z@SVvj~&5wee`WrR5NdUACkVFcvU>VPsqmo=bRYcAc5v_`pza~!h{<xMKmIIh)
zaf_gr70QyQpPAsQ*%lMq(ZpPd1(0c`WILyWc=$L_u$Fks4|}_`4Qc>v_JC`VmP|5>
zQDdCwO|kwjQSTEA;ges~=zB$(KBee;sa)@4(?UV~UhoW|bsn5OAB^>VGM^p;KHTlz
zDa3oroM6~x`1D&D{A|QK$vxJ$X_<`5Ea2~Q!O-yhT|o%yAUnOB0UZP*S}iXO6C>2j
zdIqP|@I9Dvw4m>#3tOysnRL?~2JkdeS)%@$lvqd>8M|VScc<u0(dGrsU(~8&Dk|LS
zm0_*~m}fxWBq}9*Q^9FWe?5Z%$-748V)lKFIof__=<|2${a;GqVnlhT(9WucwCuIG
zQ^TFFo{J?Lh5T5{q}CgK{^RoxY^`Uov`P=12G9<GGPETu?n10<tWOV_w98fBDSqZb
ze~q?`lU&B5&o?CxmK?(q*j}_)*=T`>pIXcow#v?0_&1F;fPVI`!WVi(|2}+Tes~Ga
z%){Zc%^s5Q@j2Y)SvF2F%$#WR_f^5xIp+zoaa}neNfirhyTR>c)5Rp@(r?hAD|&TR
zFqF>IB72Kg>m%DnFRx8|D;q98CTd?`nSlOU?*IpVPR?0BXo`5@5d{V1Lkug6h!2uO
z(>5&+9~n70e4@}c?Z9*R>qv%xhBx7shi5pb^#$gJxrh(PYquWntGhctf-g$qF8V?K
zT<#RNRt9^gsqZswoSwG>UB3^XgEd}dL`)~qHHLyD?g!Y~i?^I*O<c*?l9@-l2fbZs
zN3y#I8a=H#&5zLY>V!NG%0=Hn(M5!3dD2O(5S;moyyq**urAm>4|yjb!-h)Q&i1tt
zsMB9X{1D_Ae$U02IuO}F8VPp``Rot?uUz*N+|0JI$2Dh8Hu6Zli4H&g?Y8gwkQVe7
zb6eJOnK*dBQaVF2TPPWB%tDf$g=aOWD3ju>{8eosI+J$rbz+YVvgE-J3^q;iccayy
z+S*RLEDe0u&0!e;=S`eDm#6~`X)S|0M0UGB?CuU3UGIZPide5`f;bRzG|zGkX}$;f
z=Sfi7WYvvTp`k?U#^;>ur)rarzj6@;erz@qcPoB#iiHIm#>dBh_=IiNV{J9uh-YDV
zsgOO^KTg^AjB8j8*Ck{6VN>j}gjv8UBKN$wVuU7IK&0bZW_YwZkT#!E`mo{eOLt+G
zKHxl(svUZUXRiknQh-f&HO)FB(}ecF*e))ncaK4)A2EoU-w+nPHMJ9`AND5kCb#ZZ
z_-+g^TIXr<QH1nIqjD6D3lh|cNf2u&NP3IhU0Ft!DYnzBrhz+31LJ5#o#Mx56WSLU
zXJ>Af5Kg1F3&n5*;WU(D3E2MLQo9LCb|ax|(0F&hW~^WEIDx!vL{dQ}O^H!l61403
z=7qn0M@FD~o$`!>qGB{+dlK(hh#4Wf((BY@Oq5D_*Ln6}3)f;+|0b;taACaa_qPm*
zs5tfuEEVESDycB2YdA6`bv_zI-=pU0wYbzTH9A>dJpMGAzGAJ1ulpxnA+de;MpTf<
zQOWfTnw9P#a#o4A`PSW>>r^b_59tHiFLZ`ONy76{U3I`8HY*xqh!K>*RqO<yWVUeg
zQQR-w?)$+_vVWEi3&h8k4pm=dF6~T~Y0ZjwhEFB77iCoMOxX~=-F&_s0Ltc<gJ8rS
zC^fy+ldE345?Clgrrf;VlC=y<U;=G#Sp3GWwaAX$=vgBLZL$bd_K6eMDNWNGwJ6$v
zRYib1vR`Z9yu&RR*TODJ1{($^tlVu!Glx@I3AOOn4Hf7x&)%4q)nMg&oV76JoOO>T
zUn)^<E7TUSNumFibgBR3QoPQyZb*H4GWH|)%P(a7SrVg==u_xKSa=dB!SI`taom7h
zihZB=S5Sp4B8=T)#gMQ9e;5xpCE9OtN&r_g4DR|_id?~qqd!rbF?g`eT4pS!>^WrG
zJ!^Qnr~=87eT1ccK6iH2xH3ayy_PGocdj<~BWf0f&KSmGyfFM?UN|^kq)EPv7XMW}
ztj!BEEoY$i`+2kB^MR4`siUfw)BU`44$1cHW0Q^kO`Y2T?)wS0pBhQKcFx;x7{j!&
zs8fqTUcEOQRL~k@4V%$0MBHpsNntU8MAuXRm+vy5$QROy#h*luv%`9|C~fY)K56Gl
zY5?xKNpIW1U1v?kRMM1!R30NS+rmd^`iEanbk&#DMu0~i;i+DI5u8uJDE}sjAv?K<
zb7F&<1y7p<-3us?hg>mGU_*J$XFK`NjLI?Pa|rsp**s-J@GQ2%N)cr#8Ek1PD98{Y
zyF6bAvFOEL<3=0yWIvbP+(3q*{`|ryQ5IyZnl3(eW5D*`x?>Q--m=JgDhU6CB~pRV
zxq*(%*d?_T<+ksTRF&KhXP_rbt``%7Mw4U#eo4`2EiNLYcykDkq_MeI#re0Rt^6P@
zr-?LxIX*(yLWv%PoLrlpJg4<Em1W%bEdF5C?T!JeP*t1dmq!r&9j(d2z`#-PlEOvw
z%<qbLrk^xNT{>7*v*QKm&3Jff{MFu(z^bFD!d*K4JD@U(*#^~OGKwd^I)(cPZT@m-
zAi$%rczF5ct{ip!%Ll6Rpn9mCBIgfSx(ydjo8PgUSTQn;>h8Cm|Mp----Mo_;(^VI
z)By6(UA$vsW+~mdlmr5`&34OZu!;0_cp`)xIYo|%9(rb_*~cMAFHX;?@Unf|NB>24
zbTsDo*CGVUI}sU(KA(8YUxk@yN4z8}&1NvsCi{#Is(7tOHILc}7WXk1ap|%UjYQ6G
z(2(*v`c>eYAGD~gN6u5Iks7qd)gMzUMV5pJVUp91td+TBY+vwEzxo|R!o#>mA*{lk
z(3Ja(U|Cxa{)zAE@bhPM0~B<3$2jq^sTG2jnB9H*O`mnQC8tfd@1&ugiod?_R3e^j
zu%~6Tr|!f*szj#6uy1OGS6Koa+oCg>Q>(AwBY1iTkmXF0Mm+U`j#?4@tOQu9{BJ$Z
z=P<diX_8Gmq_({Y!8ZYesCIFFfB4zV&#3-}x~+bq`)tc&df1TR#m*?c3sa~`+3MP=
zo=<sCubF8dY{4#y!fTjN6tq^aq<p7<19UAPwSqbfTYYK~t=!#f<>=&zm?en!w1Fch
z&kQH+iwFW}p=^+XVYfokwfvXX^Fl<w9vdSUmcpW7@jK2zw(d@SWLT%qdzKc~yqrzL
zcQWE1eSS5Bk11&628|G8Yi%<yhhEPRfp7d?plV0R60tu&mBQ8aR2<gEXRmz5qR?b^
z{cZwlAp428L;gwxp|lAQMzP1ZlkF=Y_mO!9a0z|~Bk0V!23A*RJG;R?6M!`8j&1NL
zM^5W3xvmiFV17-;X&83+EN`Y}OD0X!-$ykV5T4z?#@?ZB9Nqy+i}6-jp=S(i6@@1H
zN(-+>2VIA_SsVkzbUZU`2`<QrrB@C(!@?tS-e0m>FV)qqyfb3bCM}jUQ!BY~HN0fq
z`VEhnw%@N5jwF*QD6TA%GgN%<W;Z?MWZ*gi8LLo;g0bpSYg>K;URoj~ELr^nD4WXO
zkUKo5EU9a$IWy6R=c#j_8gl7?3%j=*DZUt~M#~KF<;Y0$)5gh5ncERnn!HM{PhOr|
zPoFrZi&d0zse~KX*Sf!FAY@qxOPdu`Bv1V~A$nubZ$G>LClbgly*QJM)Q~Z-sS5kk
zPS3w#E+WP3@tVHJFT41WoSbybL7SEuu?D#p+(K{T_2k=NSqw^wUrBMkdzOEBL2j4o
z-JNo&QMlvU6Nc~_nvGposLXC_fVOd;@@c2bJ%yu943(~X%XonA4cYcyv?R=3KnHSJ
z7GH4`f|7^`S;)cHCx~v+YZUz~K(<dmi(z7{-!n-tG$`d_{=wI%bJ~6;=DOWZdLYs%
zL!?b?Oi|oL%9vy0u}b3H`{Mik=n^uB&z`CCuKSIukwHXt+<t_F|2fsQ|3yF?RSB8}
zHw#Uu_pr$2d{C?x5qL+GFh{HNmkTy60|h`g+W)X-^YgYLPS)k-!tOhU?7N|uw7c_(
zK74^jcbxsbp{`B7JeZ2P?k;6X+Wvc!W72Y&WN~q!?svyUrB^mfl2VM_*WLKM<s%52
z8(m&`Aj5OfyJ_~u79}{peKFOFpRGxie{&h`w)I;A%S&il^25KkQ6T50dIJKq-`E*5
zP@OQ9zybB7we8*uDS4Gcs#Go2kdXja@sqRf_t3>&-)Z~dSarXP0a;5(CI>IsJzmr9
z%gm+IQbma|Jk{CzZv9JhCCyjhv{!6@Uit&VpxD{Zz2_vU%-QcpGV6?+{yES&Rfg*n
zN;)GartbdE7)R8k3L@b$`^OEG9<){%g3GK6D{wfe8QlhRA@mIi$$ww2XGZB8mo3W4
zLIAU}@mrI?GK0p54qyINi9Sw4g#6V<aaW?YeVdx+3`m^ncC%ZL)(b2RKa36vgCZ^_
z;v9zh*?N){$VMwPdh)3lhJ6({eGSms^mig1MBFt=)RhJuHwcqf2bP{bAzMJT5VY%Y
z{&FPOU?E19dYn60Pz(^3JdmUBq{*TJ=aS)S!aZdzQCmw*G`7IgJDy)ymoQxwhL|%O
zZUn6{<c*K=P2HZS3d|`SombgSZuSwEfH}S+TMP_yG8@7QD81!nNyadl5%k&z;(yO4
zY)us+n@=z$$857;qe<77iK}0JfAN4mSSSH*Vv4q~lrCfY{GZuspUkFsNLa$;bx~*T
zSN--m%a1N+by-GSC2<(*n9KkfG((tkGI7^qcbL<!n)wZnyF34O3V!~@6gFZ%qo^G*
zXa*X8`C|8aXQ1w2h+7wc$g0Jra4V4fP%@H%@5+F}z*R9G5bB&I3SsbNfjRl31quOc
z9Gs63YK{2cU4Z30<rvx?spZZEoTbrWih$+z8M{0Os?{_M;vm%OQ1cG=bOU``2GC4O
zJkL~HTHR=CDk>8oQAQ^ioP1JT)q)#JR(B;T{`tsn;*-?|74Z^-q0Z6#KFw9YmoAvF
znKa|7uk<eYxMny@c)^wPy4CsdaaY3V^v^r12e`}KQA8IkgP$1%f@)ZQ?YqMq0ea(i
ze?INL01w9hNew;oiG1E0ESu#2CzU^&gWx|$#c@12>hBref$2aj?p=+bjs)-^i?dJ1
z<S=icfunK8=O8*v1=$d^Y5UFt7iQx|Jqec|zd>jFCG8pczvG>HVFHlN_z!DeS9jSK
zd$RKLY|%kO#YD)xJB|9O0S7x}l^5Gz{!6E1qo?FOuqSKwZD2CMP&htKGnD=qvC?4H
zx3#d~3*I<n?i#Tr>zj;wlM&{H2c6f}jLp)q?^$W`A>{+1eL^iC%a!jXq}4_~X!x+9
z5**}nsd?xcoS!Kv@zA(93pPRBvsSnLFLV8#GS|al-$|^A$r~`1I~f&mtg{qsw9J>T
zRVwYS#Z-qlz^GZqU(~_L<cx!(y|L9AJHSW^JY_bY4FbImvY3&G@SS-HCP7<8O9bl#
z=TA!sA7QT<JBQ^ruiEM`jmZ2L6|bM7qDl%wjxwql)?SUTFy*KQB^BXE6KVFw?z3+m
z_-^sF3q~qJkJhTx;NXdW*a@p`M2F=)zmRDOUVt!uAPtuH5QpvW3@LHiPHX8H70`KC
z2eLx#E)0JA(V2pRgV^%)d1z|>rBxi(legx=rh)U_UWYiz%0cU3Dq6xHXL`~X?671M
zYx$<GRFvz6E;ktsOqjISS><k!*z7(LBz?wf`bB%P_8S3Ac9AXkRR=Y6!k;;$KE$|z
z_p}BGzXDMr@qZg?ID4{OU9l%K+*7CSkhSY1#v2{hd!`~?js`xUXYBnP<6YYP?uI72
z=+pJkR~p}M=3Uw-eew6WznNqMZRC|wsJ%msl0b6-fVOachxi36V7o;PoS#{{N^mYY
zruOaYrvJ`z9b+IIAQQZ;nDWhdLLSLxmV|(h%<l0<^Ar+~)7R9izj<M6+q>z)x^8IR
z4u|b}=xiI8t3%7Xj?R$JxPeg`{;{JOG>AjWvcn;yur#l}KPyUnEbB0KXtRe~orZ=+
z=>i7GR@CxjXZ#4|_$vQ9{d}HGh^-^!(e0#z9@YQdN29F@6mg~?uK50ts<GM&d&*+7
z?BHX55A_r>$TNArJ1xe$A4Zx+7{`yKZDXO(3#apt9E%*N6)1E&JE%V0M1-hJpjS2d
zz@dL*g<b+p`15P6|DrJYX@`BKrSe9do`lKojFb`H{`kR8&qBTcun{_a<mDp_s{St(
zw?oNk4eMnreZM<sh<@1J<)AOXHgDc$Q?eN^tk{Qg<C1P2o&tT<h2FPbOj{CFji{CX
zUH9MVfa~6(JD`{L=RrRl=3?Q%DlYBCkDC88&%jOYDa`#mw~g)o?0o~>()CjJgzeTf
z_)&1Wo~Rk<L?HAb!$m<tHJ)~y_C+*(7bbqkGMYMkB1?0I<V<;d%7CE1gtC0|5Sj=8
z3yC5Lb#5+rs<y^B-0v`8Av8+<(o~9-iuhwd-|^OLpD%dqW}x3)7q$)YSJW$@@x3tn
zYb9Alem|p4bYDETReT{DoNv4*<yzi7)jFz7fDFqlCa`e7Cxe}gaf&Xl$v7^;m>HLf
zn7o{~$?ayFj2aCz5`6Na(7;KF`&#zj^Jy+5b@1SGV<NZEugyx01~b}xNYK59A_BX5
znntf<^K!lFLWq4jlep@o)uSG8eE)wezKljsw@T;IG=zoD@eSaK`1yK1K{;aZ)vR<`
z!TPPH0W$+y>u5J%B|AqHUPmg>uBL%((3|N=95)L-(0Njt`~EBeAVJQAUkqtUP|g_k
z-%7MUAora=J3u~q^Q^5@e{zD#XEOlv!Tot|e_E^{V7YgcHqb<()=liBLZgQRk*4R#
zNr&A@A^R_|F{GBR79)8P`l>{3ztJq2K`vqr!-r|h$4*)a{=nL?fL8C;ToF-|^sd}O
zPcOe=)esgWv+GHsZ?vCY79w8Nn0Of)a84-zh;P{q+7~RJRPJt^*2lb{3f2!bA6sf-
z!}43UL?|jqK&}`AZrH4I)kNNN=ma3Vn=|R6*hK@_y6***qi@a*SB?&8E)bF<ZRl$R
zd#X^yEwYH=uV+-L_?uvUQ$A44nlk}-=cP!=Z&LIvi7_Iz_cfHyi5sra9u4AN7RVVS
zo{S0N!cKDe*i#Hkt)cTZt(uq1BEZ7~n~`AtH$SOLLocE8)%A!dbDqVbw`V(_l!1M=
z5)jbS(`!Pb4+$caQG?Q_%A$Z9J{HLwLh_11w`@!1t3Xk7X<3=Z8!jC!t(E1@&?N8=
z`v$o65_wjgL&co&bcL_;pj>)vDIHq{H5CJ!&q9uyCJGkpP5rh3%=cnXrZZNOpkch(
zQ^k!NrO*FQTNhyD9pVUOwMDu9gR<g|I(s3_Wo3#w%MRGy^c-JOeta0BImAcQVf_UK
zeReYEXSMfF^Ab<8K|rnktmIzT*+)%Ht$~Awz}DyNw>|5LDhsV>eH9M4Um+^@SJa}P
zTiF36vT8#!ep!_Z4i0&+**)ylySE6>@bJnPxBj45Shs_u(4M6U_AbyUIwwcXHtAz3
zs7M+{cgb_B?|Ibkpd4`bX4cBOjqXI!Y=6?1(AIH0a$$M{H=Aws<x3IB17`XF4JGR1
z@RAkADX(!-+Gj%~C~0dOW*+B2+>W}jzMMWx_TZDXN51@Jz}~Mcl2XgzGid`hqeBsD
z1#!DCCM0}$;u?56W@cu~Di#*`H&lZ@XInV|rv_PCP`lAwl#d=;L6S%vmNmN-7^E|h
zkXEnLF&I&6E8C4Jg{z10QvFf@Mw4MWBO*j-GPzEP;kT}_3>Fjz2M0ZIq1m$+a1zd&
zH&J!=WR2t%%o@-9EVDZ`5d3ViGd2Geoa*9^)F^>VtP1lL4?LNE0le_$2wOr6FE9QN
zwzfD#L=of4LRfe8WZl+oyMnaAb$^lbm7e5=S_rN5Hyg9y&MleeWT4%h;3M|DWVUld
z4cXC<HS9b+G{~@&vHPS}fA<HS(J4q>dAW3iy4>pknPk@DhjEwt=SUiRJBG6aK+!vg
zPtVHQ<9pb;S$F?`o;Yn^+3~sJX1gF7ea*1asO-hyV5C;yjgJur`sJ46*p8AIhgt=@
zr4ygy%k!((n-Yplu%L-@uq15#C!UHXg0Kgne&VJ5+(-ZR$Csu0{8pGZmj^L)-61s^
z9ySL5mfupbH=mUpcyt$n4x?aQ`t+V?ea2;6!+dsSa^QJcU8SEr3-A8el6G%8-v5qK
z@<sUgN7sG9qUtjx(T|J3rqFKJ^ZR1p49u(Oelrc;aRqvqU<HNKo3u6YCp~2V%Gn0>
zy@)j(J!M~o+5Z{1w7c)_Sj0^KzYScTY`BSt%0`Liq4Zg6|A^NH8Nv0B!xf|{w~s3l
zkfagXwK{%%8~}t+#79sN<*7oM)8%u$Kef~3)0<&utX@~;n(IHlo{!R!@~=5b=o`gC
zqJRA58vAZFC+aT3Q+uxKclf%j*``Lso_%~$9*i41oCLx)f2p(KQd|83w6Cc%ONioE
z7KEd-3ltH#NlDkPXx5&)Kis?fTbmx2%?!9j|F46Zse$p`I#3If!M22~tV&7<6AbFc
z;$e^gj4OUj;hv91cR~*)#N$$IWXdpa0Q&nJ9(%e9!*#&WO8vYG#?v$uQ1>AyO7&eK
zn&20H^8<=AO~!%3&y|JFgT{^>5>;?GdBlfZ_RHOhs}J_yXLcP=u1@88SJFNmU%9P2
z2v<8r+22Pizooo2vvFud%twlgT~z>ce(xyC3fLipd0>Aq0WNK0{aJs2HS7Fl*7eO}
zUtd~IZjQIE+^(UK`<>v==M;XgMnrGRn=*)uy(DA|#&>aE6ciSs0v)c-i~TuwmO`LO
z73}I}m~JPtLLOr{cQ>J-LPbaSJWnpJ2M}{ZQ>+75QK+x={c&DdhsPqIK=gGBZf)@u
zT|DOS_@&e;MRTxOUytKCKGY$xJ?ff<569GT@CxYbLEASH|7LpY$xR;9fMx{fX0G?E
z85Cgdd!&Ebf-GFyYKoUW6EKm?PXQxv2nc-}6VYrw0RrhFzIF03UVtq5FEHVS+DhU<
z$ZF8AU6`)9xC+c=tOEUSRnx^rS2_R#l3UWmkP6^p`uruz?4<}alz={NBvU-xUd%c6
z`d=<Y&}Di_D(M_8o+{w9@;)_1KBU{<0quoOKr?bY68M0ZK&PTj{*^`{DZ9KJ6Oix;
z!&^?|g|F8VwkG<%KT^*Xu>vwn)%{l?Uxhri{ZACSBPaqQquAPB<IyQgfB3)%sFyo@
zQ!+E*N$<X?2u0yAjV+zl3hv^mLhoprF<lAQW;cur*xf3}hHid%UVAx~P)oIwt^b)A
zPB~5HCa`l`ijX^WSg}=r-5+<ZA#J^c8M5_xBMVI_HHBKRx71h-rUWA(q0-k+$M7v$
zH`5Srr5Smxg!flFkIE2HQBg^Vd_>02@t(7<pE=eo<t6?ltLqQQ8PG+a<eDawBf_VO
z(Ih<Rc(jTgWS;ZEDx%lY3%wyBh$!^>jlv&YZ|*o7{jOcU^u)VfKWPUN2fh#za_Ra5
zh200{qm-<`2V$|iBc!K^GL$Jm+&`EhfXCK;$Jt;+7VHHKo2}gJR`vp;8=4nP0Up3)
z*DBCe>ApGN)oKqDob%nUoqk0@QAyc%@-*1@qy|yd)r|ytx&<X)W!Q9>ZZEod{j`np
zmZV^v0yryXUI%l+g9dfurMnI_Un7R)yN`iU?4Lx9SLRB8)9>`15&w=0{*A95|K_DZ
ze2}%oPnnJc3!6|8yI&)O39~i-s7nvA_y!;okqh1Pm`t`|pxIu^M&r?F5Gup9FEipS
zC(a&Dj35y;2A8CFHdZxg?@ew?s!R!*Z*nhldB=&KVd4ig{gKNJ8*zd5y<-sHT*LX4
z0fDJ^C7Pmsnp-n&sa<<j6)vU&(4~C|C^Y0yq_ALv>Rs&|s~JJG%U9i|i!I&_w+GEy
zzBP7@*UysW*Ecp8O$D=%&duyP#U75a&%>j~8CnR1riI^pvR=R1tiAE=h~;g&BZ0Y9
zl9!ff3{YvWA6D<Ciudxyds+K1HXw&;e>GBocp-$bo7sV0|C&C~#)A1>m6eq(?AZ76
zbrw<*E3&bC?!V{1uByj_brupYL;`ux64GJd*lJ0pWbX98T7caQP;Fi_EGf-(rp3G3
z#qq<@>icAqfJVd>$M*Y=Oz;N81X?Ba2x}-QxAkwF%e3FQw@FFG+9?<D+9jxv3#q8n
zoCtDtt;K*_`*W0FXg<>yQxBG~4XzR4ymGa=Y2BPjh2)AUI2oH}t9yK~mCT9XJqgU<
zGm~>ydTL#hj<0OJ_HXm5pf^kXKX(vsP5mU>S+8!-H2vCh@Ua7ODOlzVp?gym={G%P
zI_0q*?$7&7eQd7LVV$|ey>D6g^%dQ;48AL+H-A^s9Tl_)dWC@iCZgZO+7_hgu*R}s
z&yNTqq^c0NZ#&Fz9aejsqAbya)garLu^Kk08et=S047v-sG0lr_V!Tefl-_ezx6LV
zi3%y<Ce|~&n{O(CG2f4_%de?Bh|dyXu-qM&wliSJRJA>o|L2bR&!K*LgB{ymx0uQ4
zyxPrrXbqQdtjF>8_x<BBljkLY#y9;Wb_}I83hy)cvze>_5v?Pa!qM*{fsZ#ftl*Os
z78Vv1YU2fhmuK7KMWL#-xecKf+3htM=f?z~Pzf$Xm!FY14QFEt$A8|%%_LbbT|c~%
z#>8J0rZCz0H<pKM(}^RCnVZwy(<rSUn}L__KJ^-8bM5jHX8Jc{4G<Mo?mUfB*_#eu
zYfC2EACb&_6avEy>fvU}375%9Z{8ulM*g|{cAxZxivEublAPV75l%B@rX*-p6L;-?
zrmff=tdp`(oG}0e^4|>m?9j^W&!Un2h(R)f6hJ!vnQ6Y6XlQ<-52@LFYMbH8$Df1z
z-mZG3FbxleNwoQr%Ev(`<OI+@)mjAPFo03J6b7cDn5aWnxtqz~mI5D*^o$i#e;xm#
z!EN<9=e#5J){kdZ3yD^%*}*s~NG_!x_t>8;X_WgBp=wTb_Szz^QHMuC{q~Zhmo$&L
zCE3^qqL+`^M5Wt^AG-cDHaS{}S)4Q3+vHaN!4+EmSD3CZa6C;E5CBachg|_Gq(Z|{
z_~tkJIo>ae@u%_38MiIF@Mh-6+|IiZiom<?b3E~TOGIc8;nr!{om(tW?Vdnb<ktZq
z`u_X}qvMWL23?pztlnugLCQX35$4WEUlj#ZJc_~Vd45W7(IGTQQ+;%RkVOquJ5}1(
zNJk(-PsYZ2QrMXLOn)n4OpFHQZ(jnss5z2_((|qk62fVJP2zk1<qm{%&%F3tL&B9k
zbBmxTy58ottSiglB>F4?k!gn8T;D%0`FJX$)F$@2jL@X{$~;5@kRZ*~o7P0a{?gd<
zE-r7|^i0Z6T4(i?$>y;x6%~4tZKIB^LJZ@YKRAF-!eW@wtwfj%D}8oBq3Z?f$KveH
zLDp81!U7W&h{&J{ecImNOxnF{Tj%fBH;2$6O*&m&T}OXHhU%<FMv<Gn4A~4ha`^l>
zmIU0vp7T6B5O<M);X~sEuD~FWilIUf+!M!2qU1TG^<n*K;Or;{G4t72EZA$wuplql
zDiruH0cKyBt}FaMrJZ$HRBgNV0YL%jR0)Y08l<FCYKD?V8l@Y_hf+cTrH7CP>FzE;
zasUyBlI|`+kWlcu$LHDax8Hs2?>P3czyDannl<ZQ>yGQX)_MNcKEdfaH^X$(2N{&M
z2ER;KTKy9&xSX6a#~Z9qC4pZ=VVRJ{8y$nx4)54L-GrNt{zD7M@jU!W_B_Loxv_|h
zQV1&N-66Ygq`)LvP(DSKH<=_Yi`bN(dTZKK>UH2Rf(vq*b{vG4<OZsO%{&T=KqSWo
zX|m#0UMNF2{#>`jfYE1cHl=|DZ<Oc9oaXZ;XRS6n+q-nu-7DfNS=0o)^I0E2(L4g-
zd3UtiB~I~OICz8@&5H&Dm<Cx5B^5_XD&l7ajL7*OL#JV_pEQ*i>_T?B2;h%pk(a~X
zNCE+0;z$`(XcwE>TPzkz^EHlgrCifIb1X<cIV_b{CW?-JFLv!A&9ugZ0ZnMhSjpPT
zM#0;EeSzXzkFTY07w;|h13mH^eOvF}W5DgZF5Uo1*ES2S>ts}Hp4IdnE&wY~N(MB8
zJ>9_1LIU{P<u5&?BFwRY#YrftRwD?qzAD#qbre~ahzbEu)Cw@!KfT4eNtvyZ_&r+D
zq|`C#4SrwD{X<>()~+%8N&6S8&Q6qfqk(6E)LC<3{zjO+rh!Rmk0;@r-8>U5ouN@<
z;moyMebHs@gCEq&v1_ONs3>Bp@0z}bA}_m4D9*Wc7`BUjwah506fs!{mt$C6Ek6(E
zbvqg<hI}s*HCk*~5k`9{l({>kjg4aL$?aA?c7Gf#QD`y@5na7V1d?w>MJ{XWo{|?|
zvl<n4OKle!>y6&%Jt9QRcz(ys{aK%r^U(r+cf7lu5^qq*X{IPWUbT(~ZSdRE3^WCi
z85i*E&x|67rfQeSi2Lqt;jB%&|LAa-aA6Q-5xs{tQarfQ2+VmaS3r?01i8sBIkUX-
zPEQygj&<Dj<@tI4l#yCR8bLR7)py0!MAG@Ci^YJP7J27Dl4#WY5?Jd)ZYQQhAjGA4
zkz$)XAy<ro55KOPYj)niIrk@xOm{!A?D*1r+b{+Mi(WLZHoMp_0(3tFL#Fr_PV`s?
ziN=%34nVkmCyjQW3NaSiw*=JU*?q5|$oRFtZSg*9+^aVR21Ht1BdG`xWslF)fHiR9
zy$8~5>K0Z!u`O?_SEN1kR34KVf3&sxFHC3AzTd(K>`s$b<H6p}R*lP*9sSrguV)g@
zFJ>hm=y1C)-^1%Rd_%AOkK+Q#U6nI~4@vW_lEA~Z#YaTdtGOP_PBf^l{QmCp=h=B6
z0|etj&LK{le!=i<)OLR|=7#yh*0IM73p7D_a1~%3b^J=6l>T${#~1faXU}>_)G0$f
zFz<ER<A@v%oFLxgDygXek7><v^Rv-m5OU>VSvO_n(Y;=D#skk<O@uvu^dRb1=l&$r
zu3X#M>jOpKH9~V`03t-Go!B1}zNwC<YzV4cz)hxK$2RJZZ#z_ND;bJP&&^yx+xE7#
zRcfj+kv>3b8zePjsIu8f*DlMI1>CHG-uNVub@%WTtMAcFX`t;QUNC!B8I>QkpQW_B
zZr!*=ByVDp(I1i4?x#DTnImJ%*16@%t(E>|1xxYjC)!wkNeQ9mdXhcTFPef8^5RZ)
z|AngJ(NUu?-tCk7w~86@v1736$na$M8)d$<`t5>C{eS((3nqk(4>3DE5q}&PSp4Y8
z*w#&r<!5SuHU3OPWGpa|Emr@2nO$hNjjPUm9=0_8XhBk~+^VZsg*->5mMz<fLgtRW
z9%H#eHA#6Z-HRJ&Ghwo)B0s)zsfLlw0ak0BOHhmNQt<CGEyCsvXRE%9p}w=eq#R}4
z&#G_s$MG+qx=p9^goK}7*&B)ph#fz9%xKpjEo%CY{q@&P#F5D?TQc8f3FW%EC*8)2
z+ImeG(c|!s@Eheue|7xJoV*qV<|hgbBDAA;i1Hf^?09fMsgz+Gc#{ngdqXAjieHmT
zA95t+d9Q-up5g4406c$R3j@t$Q58du1PHIwUN2xiD+V+ebzxCu^xy=b6}ylIEcl^3
zCCs-ljTQ==m_OJVV(Vl99Kk!sK6dRA#)G-cWW)Z)P%2mmlq)pj#PYDo$w@T11Gq);
zP-A1dS{7#Sfc7?I7XrMmr3^?(=s$MWbfE8W(vT)$^!c_VTV~XV24&pgHOEklrnL*<
zKS*1<RD6V}f<X3_YYx8OjweC`Wz2#7ZN_yMixg3}&?K%TD~oxPn4ZA7VrTaw_U5ZK
zkiG;1O~4XBX(-Cezp8vJcL|^|09}QKK@o;9k}x9o9-<YB73$7$a_>qjZ<}-g!R$v6
zD;JLhO<IC83<$V~$^sWB95hF~UnX0&rlZ5uAT~Y5alWN~CP+d^Xj1)6s-qte{0^q(
z>B3dqfce(;OO8TqdV~iD_*xF|L<&U)$%H`MGs)Dar>9}6sy#)TxuXqEMl=auTo6fI
z<;dO$YGzSUgJu&S^%bv)DRq1F_fEkDDW4L|M&R+virlc$D>uxS88@!b+nnvpXYgot
zUhFUlay$RF3{z860Gt{^Z<SPvKdrL^x*(y*XqhTVGgX`(%{;i6&bq&|K(HI^HPh(g
z62j4!w)O(CJ5|{aH0RkPF|KQ=NT5TmZ^iT$1x{{4!v;sYwl5^b$OmF4SOX)+jBefQ
z{7(Al9?+xr2*JxNNOWJy@lq9VtLRP2fNA$55Mp-)rbq=`7DYw3dhS}c+~>TvB)YM-
zW)9S&JHm`3)Gu{(5`sk-kr&$RN*p9WY{>x6015T@9RCN)@K!@bV2#WG*Z9!G-7g_A
zc5UM$u#2;Cb3Y6yc*QthYE13}!YUjytgyg5qgo(STvC}d!~gtlN=?NZNL=k#*9Qlc
zb#!%$7qy~wvI`0n?YbASp&!1T9LyUvm-L!&=PIC4C7`FaTo54E*VpaiKIqcmg}r{w
z9-%s$T(9zuXK=;VnYwhriGc!7HOO*I*)DdCn!#`Zco*0>IJA-=o1S-LCxF&iviMI}
z<f;WON4IMg3XxZ@Br=*)mouuhW=zir=N)Xzq%67Ar=b;i1u1v2)&TAmt;zN3e)@=`
z)qWL>gqQO?qBPRztJzIhLxvDa&lJ4Ngl~JWvpxg_vQ=Ehe##MAlbN9d46#Fk<uU^@
z$2CXo&r#YcYPYTPKodw4^P(#$vWKqG=oz5%F3EY7f(&<0{9~Cm13Ppm(od1Ve7RC+
z&1<pH%#M`Etrk|uwr?U6=#ZD7Tb({UZVHt_Ss>Ri(kRV4$r+LLg{&DKh(Sw;1G^KI
zNh&cux)04Mf?<-Q9A7}0J(QTeCS+U30u70?gXag405^+Ww;B~}hM`2z&JfdCRuR_M
z-#^rrXZJ8aNCORd>(2Pse-EgYVf;p<+{n5*!7(T08#yvnz>-|IOmrLKM53E2SdKy7
zPmbWif{(c=-(buElCw}6ZZNax*rCuy>M=6#DS$ztLeqHuzdl`*;V-b@B;k4bbaL+X
zPWS1#v)mi|JrFp$s;j*FTF#BKm^Bz94LrW_@Cl-|@Vz9UzMz!lr~vn%PD9m>!;%8b
zq|xec`{u_G8rnu-gL0mxi-F;;*>bxu9a@RV+h)e|Y!Dmko|TW)lA5|EVIdDUehzY%
z^pqbugZmLMwI*YR_E5eaL@8CVFA2xe#?wZnJy!0K%i3UQ+zMpRa1r6d4Ds{s>3#5!
z5cwf8QrDcbxJYPX>V{20j)MFh5X|Jtpb`*nRrBB`?(037Ay&ls1uP7I=ruMudooe%
z<^Kv9ki~K>t8b?!a|#+3bj<$c3}**R$A3Bvw7K`@Y;w}B9oj`tK&aX24sJbA9V$i9
zlE#9cxpCZpgbUY#`w(O)KrFkxpbtI_$gevgR|S9IAi4xI*A3@DyAqZe{~<VRUlheL
zV`*UqS;{O3iEdl}AsRStFtW}6R0cm%nUM4%7!LlB;ZN?XHI8U9l6yulK5=82%8K<i
zUYDwIo|)`%Qat$)s0V%3_x!r6Qc_ldBd|jd5#!dX{wKbCnGn^@!tl4pn+=KG)?wt9
z{eY501@+E;c6RC?A|ZE1odf0jh4)<l4UUkL<`mpZ)xB5!HU&YV`k#`*zwz#smvlvL
z>X#H4yEnRF@IDVp`R|<GsqG<dZD{bwzQ)9v(~Bm5)=ZNG8<l=`zWr}I>mj<c`W+2a
zX<jKqFDA#~MEhf;pG`$NlN_pAG(QAc#uVu>u$8O0nufjJeM|G&QtPbY&S-6jl_9^}
z=!0o1Ecg&bV(1=vaD|n0*wr>v&`*TzejBh!JE|RP?HgPOW0ik;aB)R>$L3`np14yD
zL;VX|yhX_ew-*;g2M33$+PFUi<*n;)jAxfZ?QF~(jkw^glu19@(GY<s`%f<kFjLG7
zU$;sRe5`2y(Imy1=iSw9lg~kYP!=P!-1*+ni04;w51WJ(Go3@jzV=jiUH0GbL%oL_
zv31JuLN72Ygmb8+f;(zw_|e)fke;svP!La~^t$KYWC2E$x9WDpeW9e4pqN^x*1pJ&
zbS;%X2*e#aZ9qp5Ml7Cqv7qZ-`vtay5m39<9+WHw=sN^~X(yZPlM@rG8crarX{R(R
z_f(~s)*QJ{7v{jyw>p;CdNllz+sotq3~h$I%#Uu=oEr{obATLlBGhis=3z+x?(O&+
zX$qjv)eamyFRZIlKAU1oUfXM6bq!_hok#qqqV>{|&pk==f9E0&FD|;HQ>S?*W2dCy
z0UgdkkR%Zv;OVQ>s14!D*T1RDp_#b(E?DH}x88aClsZ)GYtRL_DaQH=?qG}9$W}NV
z=w^z|mwME8d^3?+Ffz2AouEydx$Az7C<u-^`01*hi^d2VBGO0O{p|Ve?RSB8ZSz#^
zHh6qnI^aqP-EG5OYk?o#k>2#4;F*GD#*-H2^xE$XpDHvRF8KYs6TN*>mWToeP4>7v
zOg48VB7C*k@u|DbO592E%RjZ$@zj$ClN8gFQ|EOff358aaxLhD{@fHMf_d@83gRO9
zkYAdv#yif>&Mw$yY<PlqBcDpfqH^a+k=Vei=84#hitZM;-T2HU|BOb0yyvB4g|JAc
z3&^Fq6I1IUcmtacXaiq4JIQPT`DYoryS{!q*(iIq^FCFqp7!I&ohaZfKN>yJamBk?
zF4mfa&|rL&%qv7j0Es=pKwwX+xmX475`Cgjmmed3aimhJE8x-C^2lvw^p5fM&OORt
z$AV!gW*l07Jy|UbyA9`o>I1-%x!gSes%2a(q3NYid0g^eii}t+{|)ewUIt;{`X`SP
zWt8N}uQh_H)1m18#(LRgWCj;COv-3sY-c^FHWvlN#NYF9aZrWPPotlue{kg)d%2lk
zS=I%j^VwG-&t>#SUC)JTv55mxEs6lsQ3f?CLn?C*0q00TxBrpEZDQRaamSI&+zg&6
z7O4PdY0HBmjpmXF&Jyl61an%dL=~s4pnrSEotPI5)2`BJs?UKrsmzWtgpvz=grIPi
zw9%SP5+*O6!zDZQokdDwpwWajuO~m0HVT@qa2w2aZaS;8OvLy24>Tk`WIkF2GtVTZ
zylxk8C2B7EU(HXu*Kwvx<=kp2MG5al=yvFf4;6>BE@#>y&)u9z>CIwypX;Ni@_2k)
z2FVwhYZ&C9AFGAitZ4jOok;y?<$1en@2iDxz5c8g;s>dzc`cJkUwt?d0T*Pt2y5>2
zl{?OycGRvI2;aTXtGUr~?yQY3O5;f{C=2z@mk6+AfN3<tvPiy>pWtV6#Ld7rxR!Kz
zhi1m_XL4m~d=7s7QxVdiXtz-5@wAVc%TZ3m89qRD=t2+{Grmr;_M5CpdAE|*qT<QN
zvE5DK`Nb|~Q|TlzacD<8mK)j;f3&ZfkY*TvH`KrelIt{t+r10HiS?3hLA}rh?Mkz8
zJa=QhwRyVaWmZ0&$BqTR;XUB<jaNltYRZvQ{A<<gw?QoT%E{&{aFU%4eu1<sOE^h&
z>G-HUPG8Ha<w1+ecfgAp5~sO0l3(1#9C-30dhod(n6K&{DSVy<D9|ZYE_g_irT>&r
zG9UkB0?zgv<(R~C;)Xs3Q7$R`_)G62|2pC4@=q^h+iKT-v*I}uAh2LVYe}JPXyjDB
zD+@6>z+|-3KZ+uxFXc}ZV@-3fhxmNdJMC^TCZBD71bXKwN!$%?oxoUsD<m1$9cg;;
zl~qkr`e-%`3rq>XZhRd8*Zz%;`oKK6$w+ZC1_QOb%y`SNtg~G~;jc2kGZv$(TY+iZ
z2imDO9xY4SY)D14PGq-EL=O1&3t7W==qxteKOx$FP1KY1+AG3DC;4$EZ@5|>dYEN?
zUWhmksV^aW_h9_@HY=W7a&a-qOFM^|r4e7UC)dpakmk9F-CXV&A^m*|BZK`Wvx-Ae
zrx?>xo^Zbty{l>J*@RBI(geb%Ft=}m{KWSOAlr}hgV-@TP~|v~y|SLW5p+NA9*Aqa
z`8aQddz)D9^MT1|hm*q%Zb8%h6&XtW2<3^e=ku-Ea;-u@&HUk*!HXg>r=x=YIbX(?
zY7?Vwr%#go)!*jd_1;Cy3BQXtB%Ycqy>e{lwqKm1y8OA}W(1ar>o#sfv$>C>I|1%K
z>d)XU%>u(FO}{_8lrJpEF!w*dB58bE?OrLg`F%;a_m3H0Z&LPNvz%7HGmaSMSBLC)
zA+Y=oKZs_i+XLcL!wx)drjL9+I`_yd+KIhp+uE@gdAuFl{8k18A!j@GOOE#{YyOs9
z=Ly+nN$?XE2efQA)Y~;$#LR4j<~6t+{DDt?oa<;F3+=fxBYbw>%;jOTGe5z*$lW*H
zREKG$^MXN^<lXNu-rr_@qQYi5jXUW_9XVxn0&g`x!%YA1GZ10!bl^N})P~8;+|9Ro
zjtM*5m;B2A{Vm^Nq3XmzB;E~P2HE?LYV%=bPSE5ti-MY1>&U~HE;wIH<6c@6B`7sd
z3!e?lLSx72I<#cbsl8rj5p=qtf&Q?9TdT0vdB}PAw-vLY;;YrYqpLV;ECkK*TfX1a
z{e~+*Y8`XU!q997q}~q}0(WM_(gPf&33f_}k%zTspuR2#txf*I$Nk46kIuAbDR{+L
zMI8?r=d!dbMl7x-=g-geAMs<2#q7q6n=Z5(32#uBHasba*$sPf1aw5xvnoeNpI=#)
z+dG)&NI|GK#mX#Rx;ElNdJ%Q|vhPCCSTS*&NX15}`Uc$gQd%Er;Wf(TvBjDMsLv%(
zPou{CVAhlgOSOx%u@d0a^3IMHJkx4(DYC9=Gz}0ok!ni6UlqKox3#~@)Q85NIByl@
zHl?@$Vp8|Eu;jKf7f|3KT0jBAJPpeob8e;J^!E23D+w7yjgX<fHYWcL%lP26y6SBh
zP+O_tK%Z1WRO-c@JjBov_3zPIT<6>>vOrdCw`GHY7`jb_4^fNc3d+MfS_2so1uiWP
zk6{zx2ZHV3`FW#U4klVB``y^K%6prR^AVYe50#8zdN24ojDcu6gP(;E{`}7cQT{fe
zrR1?&oQsOJfA&J4v5La%`T)HL2jMo5=azb(KlUhXGK%px?LiQvpM|9tvyq(O&;9DK
z*gOxCG~6-W{V%fV*XREO*>tHP7kplP!2_ontPPvQVHMyxDZn@=`1-c&7rI}pzgtap
zsOTDqW2U(rL?SVNU;n}D&i%SM*wIEmixW@uOBs_8u|3b^`I*zth_AySE`(}%S%jUL
z@(l|EoEoqfiD2sVDfWY&t)4b_I}DPdQd`8*Jyh|v{C00)T2YE`7ywk!S%a{lEV@4R
z!hO8XZtNQ{zSCmzw5lI~2Y+4rKtUvL_HRJlU;s2|qi^*<cwK3OpNE?;c|7K|0Ydbj
z%(uY6<+ZcqAoKmp1-@~>)_eAHtw@SB8nEJk`n1i&>fG5!2t;LkcJlaI1WnHFDs;uO
zzc9hfa&~=@Hm(=2Kvm(_Zv9Mx-{Z%pjFABM#X<R$Hv#T{=!6n8!c+0PWZtE$_LzX}
z%DXX=5g~ribOTUTJApnZ3?L5h-Wj{$^+nNyf#*|1XjokHW@hPi)@dQ|MEe@F`#!u$
zaL0B0NV`C_D@P$h$EdfrmyMHCdw=ZN>Tk4bx9ND0^9a<ja<mK8zcxM3wNFc8{Jac!
zxn0940=oC3WD!Yg?1kw$(O)nwfmHh0D1%bNFwilqWcnR+(YUm|U%CV)eKhk_=|lh+
zk<li6Krgr=of5DdAR(qq*vXL@!?y(*y1c`qfqB#5Lw!*$B)MW9Q-@OB6v~;Mt2c&I
zxO6q<er99`%ZBiG@5I$GY1*W<o~P_E{-u^ri>olqsX0KHp(q!!f52A$sQk=ed%WJm
zZV}7#v=hhq$ES8je;4rVROfU!;j4OdfV)e8{>w$<$3Fp?xacb|EJp%(EgcY#zQ&q4
zKU%E@T1<I)c{Uiz{^wE%@wZ7M7xrvGtyPkJ9V-qHE))zj;xDEuOz=H`@PVMk`!E`)
zS2&j10S94VV4%}yGoz5fdprMKj>}?46S(N(i@1ZJU}A7eLq`X)bYYi;$b<w6&tGc7
z^RLjTWBjjZPytX0^4X8GsV4Kv23^EImg)jhjBp@^Fm~<2X#yP52_I<yLw(ZZ`o2aH
z$ZYmPcNz0Q0HnvBEz3XBSv6CWi!EI~q8m#qEpa#CSzDOp!U+Gbx<O1NUN<7n{G+E)
zRV!_TzO!CzI<FvJfZxsoR(21_oShfUZPA#8sj+i8uVVA>!mjSs2Y{XgS}PH|><%Ht
z{>dLTA%E>Q(h*KTyP7rExyrmjnG_(1v9O`s0xdk?Y3FmCk1wykXC({R)ZP9_i-AFH
zjDAM|(Lw8>l+}E>LG8^qZ{C!6f7}B+U3qZlQzfp!L+D;Wv6$j@5ph{)W4^uu`{q<t
zX>{35l<3|OuqN2q-Hl62iy&7Qk)=j-hY>5ic+r8iJy~w_9C*Yy!oRy<Lw@)9Xg7#j
z^bvgXzXqz3m0^L;I_3v+%>n?fGFtC26}tPr9`GBhw7`IzpWR8L`hV;7W##$_)gQIt
z!JIic`ahQnl^W;t6T%<mV3yXc$<Te=b>MYSu4Gxal#m5Q+Hq>P>nEgUog>DLgE>D@
z956AX@Th$+%L!-ZHX?lo9R|Dgc)KcYfMl4OsdtDG39isJjIQI_eqot`)<?aM-oVQD
zt1Vs?{oLp{&5vV5^(fAHB8=V_b_Fn4i#N+Z%{sRd0#S^py7bja=np%emRiWRv(-;f
zl}5vCxK%#wfQS9PRzPSZuR$E*9}4V%Bd2v^>T;TzUr3$j`;1#|LKEzB0*!D4fq$U<
zaCeB4tG99&7wH;FgNQVpPnjEO)v78b_)syQLqsp!^x!f%d2!CP?$(D2AQ<L#)*vGz
zkU8!Q;_#3FXz2FTk!LE0WFH2Oy+OT|gp%?#P;-^OOk=Of%JVzzncwN!Dk&?|`TiGx
zEl5R+Zrt&Na94q+U8Nt!4E=#xXM9n=?8*BwMXE=y-Cq<J7pu`f{$@|&@jB=GhtDFb
z1nXi~8)+`QK+kp>h4{^a0Z7eX*V6OcJxT>2fYKRNtX;^#;6O~nZPp<9d_{i33l4vS
z^&Jh7j=U>5wEG9or^f-R<Ns^_0?~bmz>$gB(L%McE`Co>PeA$6rKgiR12||ofHd(1
zlu7e#Ck-@&w)m{<?sa+v%rJ^8eM;P8E7r}3jKkwGYQNc{pU6sqEXl*B!EQ`3DB|=y
z?EuvmUFa~03&9fvhV!@8)zuuyVLS_fV2o2&faQIC{O$vrFt>>yK(RHu+TqWNg1Pnx
z5J1qh>?a-m&G;*5$UtiRuhS{B2^T^{8@)ZFJ0dhJMn^C^@Fr4dS&4<nc5l?Fb+Ag%
zz0|D{jG2h0iUm2hpTOfXyOb<Gw3QWZ%EABy<F|$;oiq<7HE)o8nGMu6G%<>qtpE9Z
zdaHoh<F2%fiyi<_03b+d@FlL={*Z9FipyKj*6mMCcE`!b$8MCP#}oR|+|TUZKaWO?
zW<!x|`b3sDPe_;=7koKQ{q`T~9&Q(A=~bvrt==7$Q;Bkq_9(2eb&sw1-2vz>x<&x>
z6kXE)0}wKdaGJr)W`LRY(!Eh#D+KbA+$}Ok@^oA~(J1kC5`RcI8iQeFWxt*qBc&w^
z8=1<@$jWC@v0y9(4W>Gc?mayi{4sC!q=WCV>~Zq-oA8I2NIHe}C)Iq9J-t;w07nHd
z!PHt3>p6ZcVGyk`!}9IjdZ1Q}=ia0m1(ZQLI_5)3+)Fz6%v;;Ym3Njd#+B$?c%gP<
zV)GUet;PZ22<aX6Ix(Yq`w5MSu~n0wOZ?<gB;`haA81<L(|#!qy04tNE@*M8UCp2R
zM%prX%414`F_xqEvU`!Pb*PFzB9@@P>iW&r7pQXO1&j0pu7wa?8oH#lsuyp<1(sXp
zbz7)QDZmhuki?WElp!OH_72g6)$lCCJ`)w%Hwi|LiSzMYibprSMb}1sua*XaKt#BN
z9>??*lV$^^PjsRu(vB0MqIqUm&&2$Qkr};yRV?CWCVR2tfAypWt{v30KdI$=Y=Dp(
zTOqaS<cM;d?z4a$WB4}Q`Q3@@_Xsi6Ey0a$bfJaf4w~UB0M?J1k`k>m0<Zs_y`yhA
z?zjhG88Gtr8c=yS0%KzVxZp#DGZ3M(#K|}M7Q7p$0`WKv<tT$e^<p(%b!$y&9&Jk6
zZ4!`5VzM7?QO#=}#<EB+nzT^U2#IqcuaQULe9JA|Jd0t&>Hfby{1}lCdCL*A`hgY;
z?-5xrHVYmj-m(q@Pgr14I%n`;#T;}C3qOMP?Gq-dvUS-Yu6!P_P0tyeUsVA$dV*`%
zQls%Coos|bG@O<ZsY=Fxm*N<(C?XOWpOU$q>4^Fs@H;Q`#Bcs^%;k9bY{b6Rq@^Lu
zH9)0i`cpJq_*$9Fr-~0({>^iEIGKRi6+9BsK9&QyvQukI!iF&vVW%Uw8m@hvEuDnh
zT#MyvY8a8c+jCM1hJ81A;PNl~Yv|%E3r`waa!?=1(r6`d;FB=w1j<9dNhjmsPnasl
zAly(!P(>(kt984Pyd;Cd;g@5ke{ti*cK(hF)J9Ohb&|?jS;;38z1Hs7ao&&3<T?_A
z7(B7mwPN&CRYN3+wKzXW{JJLZmAT`rV9;nAYguZRvn0cW1d#(2t_tZHF?=Gt{W%q`
zj6j@RSgqnfWUx*{z>#rY>tzvRS7%7XvywhtMoDoS81~qH{Z^l(^?-6##{hPB9|1L0
znsSP(*HO<1h3uDbaeu6@^H3GTmq#Smh4AP{syu7=Y;>L<ca|`0HDQM<qc-0~QO9E7
zjT2+3!#C0&99_t~dt2@%CTs>|8W3)%!HNg0rl^Od(498U(oh*uH%gjFWu&t1p`Q8G
z!5&iXgy`wN$n;D@ENvkO<q-q#($Y$E;AL4oEX-fu-1;dfm+%C&?o>JTI_>d5M>>DC
z%D&Och5y}qJm2cPOG6zo%|5mp-B9e0M7J;zv~U_nLF#^WQ4fdBF@6GMwq7ma>qd|g
zq8BP88gG_;FwKKxdJeATGtNYTW}8IFEYv7Zq09wdU_?tpgv|jjvr&YkBqru3g)lr#
zQ;vN6EI?>d+rr)BvE5M6vuQt`M}zyBFAu*f*tP{C#&HM1TYv1UsA<XZVr5_?uFA)M
zT|=`@x!J4X>K$?jr&&XYVt=(0bW#iX$(y!zT!>xsnWudIBnoVEYamqNHL$Xq%U-H)
zr=W1lP_}Akvi`ZJXIy)~Ucc-vxN-ib-Apn+LibC}u2z|G8`akaFDbL}2h<t}L->U^
z9d!Ht15-6D!c@>`rSJYq2q;t!DQT3=asXjvRdzQ))WNR}lprYywsBvRJ8cGMlvSV)
z4$D%T#;C09!Xe_UyAco*GqG2=vN^kyVf^OaT>gE1TbZcIGA+<ft--xZb@HQ$Z)|Y0
zS6DwKp?B{HZ!iVjgfCq-c-+hESo#H>e#vFT^pP1->)ry{`ig-;LryEQBZ8BswCSNn
zgE9UieDij7uStW>Y$>!>yX6TPt!7RVg{^mKQjJ4vD7kmr*s2&@vOK~E9*9i<t@@S~
zeWfk;kozKJHTy@4swX>=-5WYoweGi*=bPT7&6?~(PR4*q#w(1ejEKu?HWG1A!UFeP
z3|9k@kQcqtT?RHF=FV6N5UAY&)yPa723~9+5qh&Y_kx!b4|LJwGz>7(Qd?iwdZBmD
z4nc43*h&p6qmQ(~A_Lb#Y&b8M(V=(VVnA<-r4rX7Fz~SBI{_$-5lw$n62}qGknqte
zP|x64^#309DlF{QPp=aH@>3d7w>&N&2?Y{meb&$GzT{x=l>yi)4LHC#OJKYF>gp;~
zTG}k*3F)54-dDc6!p`aFNmCuN{rKveDhQTQCAy{N7Uyag;H(WmMO+vXqycr^8f8r3
zeHtuQV+Y<fPy-az#bsp)0R24#)R_-}8@!NK(pM*xkcQ=K-aD%dyiNgyLahNMxyI&w
z-@(Nkh1&+;<pyHQD}dXdh>T}d$yJQfIcc{3bT9GNhb$0lERAM^C0zyNkfo+wU}jne
zk;l7NudrnyqP{1#S%|qhyZFJFc)?ij$uff-i9Qgc8h|8ER5!-7-M84!#@f2XPwx2O
z^DzLV4b@l;ITtO0fSr;$A&OtG(v%xy&8=-meKh<YTN+3tG7gw+R5Uf?$_(q3>HYTj
zd`>6yp+b|-7xMI^0Gu?biq~mVu0@&uy^lqgm-D^aOUI4GDSJyLz4xmoC)MG*4Iagf
z@+yTweHjv3#-`BL+Lw}H3A3mRf62B$Y*;oAUb?uqI^8*1q(207_&|zl8V7O}O|OHw
z;_IbK<7O@Jeh@!s2^#N}#jF?^ODuIR<Jn9_MKzgv9~Jy-veN7UJ3D)g&v)z7yH=~X
zMT~Nx0}Jhb>)>EDfZcfklHCLtt6FMaPCsx-7{){5h-)4-$GXSROIoh>Me&1d4oGoh
z=72-s8001cKs3tYzA>yBMkj~J%)~kKF28^6J_>;J7vN17`3_SR9G}74V_3~zUe&9n
zi)g~>`;DXM#P#_0=35&tiTgpey$<MYBrg8*7lD<NYaB>%)T(9IfJbpj!_YeZXC((a
zc3~#tJcD=`d%Le1y{UU=E~Nj5Gc)m-N&;u1SF>UMZ_{aNo}soVgQ@#5i1FiszX-u}
zl|hPr;Y&g`1E;*{=I5+;(RAX<US17g?ilI}x{(MW)kW()n3$Q@K_aX>#Z2}+>Hf!k
zRDJ}4j;xQ$L|TsJ`^KmE0=2Xf+!7#<cvf$?{z-UIhm;kP3q{C_-l0whPK%b$nUa1L
z_YDbTSIk$pwrnY@qwfkRPS^oFH+>dPuxI)GmPAI~gc#;BKuk0;sIh!=kGVG>1JU!6
zC4IGk#6wm#sH9Qa|Ci5p1!8YjN<EV{iQ~cbZl0wX+gV}qqOrIGOnf_O&X}dL+ys&9
zSFibuldF8(v+_ga4ui15E95UVC3d(8Bqaqb+P2uEl=#n^SYcHFTTlZ6cgmx7Ag4dx
z%8e-zAZqnKtZ1SBGO@$`8@NVv>O6tbp>%~Y5g1vKz#3NhG8Ce%t-U^Nlch^qC?J~<
z-dCqgHs2in%47_rDmuc&yLtD+?=j5*!eqZqGhk0T7u_e4Ry^Zo0&ijoAW0O1zWK?p
z;(ydjJpo0VK1cygj`;pd)0$SuZwWSq%sE&2w}X;d(#7?A+c##Fe@9Z8LPc}@I8z#~
zV|8?=Y`G^_JtOD`Vw1OE%39P4)-0H0xEz?jWM2YTr;a`=Sq?XD4XD(RQBvl&aPk!-
zB_!m%SXpF%+d#Ite*<cqPTuS15)hB~zL$}F9W^!lKEOZG^Q?LRREr9U?kidr=_103
z&^f*5eOwZg>^s8pQ|#EG&N_ufe0^`jN5^VKpxgJ@<<@}qMVnM8)8_JITUZ{!s-E7&
zqu>p{?C#H^R)hN%_J045ASqi9>khF;bhE7B7Ki^@oYFWX(Q|jQ7#Ad%H-guR?!?RK
zGehvIpQ)lehesr(Sw5d5AUWLf>02wtb+&ObB5c%;dVB83+jX!U$jB$31oI)SKcyl8
z8l^NxUVb1}lI06SPVW<@oF|dZOgrCC9Jh#W65Cu!U7uTcq9JlX1;lCJM&YS=H@r+U
zR2c5Nx;xUJWvvY6^y@lmQx){|-w6shYiQ#ERE8f+YR!flm<BRL=XeHImX<|F@L`Hx
z0)2T$fKsP?d~pcuKofLt*oN=ICx6`4%yUQKCuy5=k*$ckt%cuvd{VDYW|BiP4FI)y
zI~YDsQKWrhd_TgSpTO?pp}HYyGnqIh!{LD$r`>rh;io{W&+!}Z+RCgytW2B!wT$D*
z{Z*u&;d#_<GDON@ef2YE9)unKa^`j=6q9Tej-et&!v2&$I>`!`l9JNiEmGhjZSm@P
z+<gZM#s(R37VzpJM6^RmMMV-w+fEOY|H^|lPkpwoy+~ZtzWTMiyL%TMr|HuyAA+U!
zQ8-46G--SDZCVwLDk3rg3psX8M1mz-z4v4yHmvg&rfPDRCH>i}ty<vnu`h69gMwv@
zApgfm3s}Zt1I@76z_BWCc1M6?!59*7n^caA7Yhe#%BP>Tx^bHmyyGmz5#O;a==sZp
zRkXmH#-MHemGM}$I$7)GFkRB%Cv2=2M#C`lf(y~$#MFoXP>xE>w-CqwVLXw>^s&3g
zH($B0Y^Lz7+hQvvS#KYXZ$qBDltu0UP|q5%)JjXZT~#-8XDkR0{6Zf>25W@_Ims7=
zlOyOH;@;{g?*AnhGG?TpGSy=p+K#zLa*{=^kdXIO-hc$XsK<5^A_!QB&S3n>XOE^M
zAt7qX>+#@Y8C;SjAH;$ge`Egbpa+<xf6lL-G#lK77veC`&_HZ^Msz&z%ME=L3_K8V
z$ESUqc#2F;v6ts4ElR2>jn0Q0SRgc`m>?|5vy(3jGjUX82RTbB%?A14+~epu7k&No
zu`1#$Kabxr;LT~*(Vfk&nW5)x{#M0nM|-!z8ri~wnIbBpaA0_Brpq%4i{5pL8+7n0
zuGwv+UVE`%$XI**bdM}HElqy#!=`AoO=%^2+08H%A3D|nLCWjEpVnC4!wQj$-Wvlr
zMz1S=N+wSm@*4`bKNSF1`dP->D{-!xXS0u=wbPzsekM7}x(Oa9wD*n5y<;5ECH7AA
zYLv&zGczNH8kj8-WJQ4PK!H66#f$rN^)1|d{(YvPg~r<xhx?nl2xdRXz_{nFeC7UV
z@xS_diLGJZi(uW5X$|Z*E!qfQL-y}~dJ8d@XR~*yALKt~GG{oCFN55(oTxZUIWh<o
zSt<PI#8WV!7o1C>EHGvM0W%`1$LRZ-ke5p+C@%{x`8E1bGO>6X2txhX1k2bDv|O3!
zJMzc`0bW+%(O|4Tx9pva{v;T5Na!2w$Jb&VwU8b`y<IVyXE_j>6{A%FaF+$|V7=!+
zM!qVjansW8Qp7&>q06fbm4{z4^(>-00f-h45a|MS8C)~|k47j=Cp|0HB7@jboZOSU
zVgLzPQ9nElW@*oIBtg6aal^YUMbgwMc&Y+WRgHi7mI6jkAa)&zYvLN+cD4P}7p7ly
zt9R%2xGJ{Qg6B6_Di$i~Z}>H~RK}<K>er;Rx8?ja-QxMg-p2GeAi=YJuzr8uo&_}5
z&`_k35fg;EblAqw6coR5--&%LXRt>=!ds5kUrs;o#vq1O-^6v9tawUXL>b(ETREuI
zdb>>-<rtg?A#{-93P+!Z1o<})og_{1#1`kaeR_C_^tYQG6lZE3^UQDod;~(U3bUFG
z9Zr9f&*u3Y@3HSp_+!>JG0y-84!_w-S?y285ERR5?gdvj@gAV4ed6Fyls<p&*z745
z_zo@$X06Jxo0VsX*~aqzl{TX5msgeJpKrJx`!^?;loN@C>3yPsKQktu&a$|D+3tE{
zFE2ihq}+N$Xw5UW!(0>5fqQg@9={|En7EMP(QN@tDOhaH#A+>qu#^vKcSo5@{?8O)
zE(AKl^a9(i+~1pbFqKif34gZ{*69c)quO@O$uM-2VV%5S-=}Q<jP$^1kQrF}<(3iu
zJ@B4_eY-Vk7|^X|z^nyh`_m6agZqDPc7uIG-&@N5J*8MP%fM6jqiUr7-V6o%63QWi
z(Z3OhJ**gr5S*p43ix}I0PK4&6oK>i5KNB3fZ8<(4_>0jItJby^u7ep+f3-6B;%z4
sC-3NzaQf%=lJQ1@egDS|y}qUNDn^ku7MlpXk{1K6pe|qW$UOM}0EZFKi2wiq

literal 0
HcmV?d00001

diff --git a/docs/userguide/networking/images/network_access.svg b/docs/userguide/networking/images/network_access.svg
new file mode 100644
index 00000000..33c84465
--- /dev/null
+++ b/docs/userguide/networking/images/network_access.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="457" height="387.5199969482422"><style xmlns="http://www.w3.org/1999/xhtml"></style><defs><linearGradient id="gkKIwTXeLsVt" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="rJZDrpvntsPa" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="WEWeDZdUUERI" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="NcdKbZtDcomm" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient></defs><g transform="translate(0,0)"><g><rect fill="#ffffff" stroke="none" x="0" y="0" width="457" height="387.5199969482422"/></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,126.38636363636371,74.1428540910994)"><g><g transform="translate(0,0) scale(4.159090909090911,3.3863636363636362)"><g><g><g><path fill="#929292" stroke="rgb(0,0,0)" d="M 58.97 19.094 C 58.977 18.895 59 18.7 59 18.5 C 59 8.283 50.717 0 40.5 0 C 33.11 0 26.751 4.344 23.787 10.607 C 22.275 9.593 20.458 9 18.5 9 C 13.5 9 9.41 12.866 9.037 17.771 C 3.778 19.616 0 24.61 0 30.5 C 0 37.787 5.778 43.71 13 43.975 L 13 44 L 58 44 L 58 43.975 C 64.671 43.71 70 38.235 70 31.5 C 70 25.095 65.18 19.822 58.97 19.094 Z M 58 41.975 L 58 42 L 13 42 L 13 41.975 C 6.883 41.711 2 36.683 2 30.5 C 2 24.994 5.872 20.398 11.039 19.271 C 11.013 19.017 11 18.76 11 18.5 C 11 14.357 14.358 11 18.5 11 C 21.017 11 23.239 12.244 24.6 14.146 C 26.512 7.15 32.897 2 40.5 2 C 49.613 2 57 9.388 57 18.5 C 57 19.353 56.914 20.183 56.79 21 L 58 21 L 58 21.025 C 63.565 21.288 68 25.87 68 31.5 C 68 37.13 63.565 41.712 58 41.975 Z" stroke-opacity="0" stroke-miterlimit="10"/></g></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,243,155.46785409109935)"><g><g transform="translate(0,0) scale(0.62,0.2946428571428572)"><g><path fill="url(#gkKIwTXeLsVt)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1.6129032258064517,3.393939393939393)"><path fill="none" stroke="none" d="M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#gkKIwTXeLsVt)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,250.4593795664339,150.9678540910995)"><g transform="translate(0,0)"><g transform="translate(-252.92,-155.07499694824222) translate(2.4606204335660777,4.107142857142719) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 254.9593795664339 155.4678540910995 L 254.9593795664339 184.93213980538494" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,288.5406204335659,150.96785409109907)"><g transform="translate(0,0)"><g transform="translate(-294.46,-156.6464255196708) translate(5.919379566434088,5.678571428571729) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 293.0406204335659 155.46785409109907 L 293.0406204335659 184.93213980538522" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,269.5,150.96785409109935)"><g transform="translate(0,0)"><g transform="translate(-272.14,-156.6464255196708) translate(2.6399999999999864,5.678571428571445) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 274 155.46785409109935 L 274 184.93213980538508" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,201,192)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="44.97500228881836" y="0" width="57" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="44.97500228881836" y="0" width="57" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="44.79999923706055" y="12">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="51.20000076293945" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57.60000228881836" y="12">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64" y="12">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="12">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="74.4000015258789" y="12">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="76.80000305175781" y="12">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="84" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="90.4000015258789" y="12">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="94.4000015258789" y="12">2</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,253,289.46785409109935)"><g><g transform="translate(0,0) scale(0.62,0.2946428571428572)"><g><path fill="url(#rJZDrpvntsPa)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1.6129032258064517,3.393939393939393)"><path fill="none" stroke="none" d="M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#rJZDrpvntsPa)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,260.45937956643394,284.96785409109947)"><g transform="translate(0,0)"><g transform="translate(-262.92,-289.0749969482422) translate(2.4606204335660777,4.107142857142719) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 264.95937956643394 289.46785409109947 L 264.95937956643394 318.9321398053849" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,298.5406204335659,284.967854091099)"><g transform="translate(0,0)"><g transform="translate(-304.46,-290.64642551967074) translate(5.919379566434088,5.678571428571729) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 303.0406204335659 289.467854091099 L 303.0406204335659 318.9321398053852" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,279.5,284.96785409109935)"><g transform="translate(0,0)"><g transform="translate(-282.14,-290.64642551967074) translate(2.6399999999999864,5.678571428571388) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 284 289.46785409109935 L 284 318.9321398053851" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,211,326)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="23.637500762939453" y="0" width="99" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="23.637500762939453" y="0" width="99" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="30.399999618530273" y="12">x</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="36" y="12">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46.400001525878906" y="12">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="50.400001525878906" y="12">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="56.79999923706055" y="12">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64" y="12">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="66.4000015258789" y="12">_</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="72.80000305175781" y="12">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="79.20000457763672" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="85.5999984741211" y="12">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="92" y="12">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="96" y="12">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="102.4000015258789" y="12">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="104.80000305175781" y="12">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="112" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="118.4000015258789" y="12">r</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,166,155.46785409109935)"><g><g transform="translate(0,0) scale(0.62,0.2946428571428572)"><g><path fill="url(#WEWeDZdUUERI)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1.6129032258064517,3.393939393939393)"><path fill="none" stroke="none" d="M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#WEWeDZdUUERI)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,173.4593795664339,150.9678540910995)"><g transform="translate(0,0)"><g transform="translate(-175.92,-155.07499694824222) translate(2.4606204335660777,4.107142857142719) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 177.9593795664339 155.4678540910995 L 177.9593795664339 184.93213980538494" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,211.54062043356592,150.96785409109907)"><g transform="translate(0,0)"><g transform="translate(-217.46,-156.6464255196708) translate(5.919379566434088,5.678571428571729) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 216.04062043356592 155.46785409109907 L 216.04062043356592 184.93213980538522" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,192.5,150.96785409109935)"><g transform="translate(0,0)"><g transform="translate(-195.14,-156.6464255196708) translate(2.6399999999999864,5.678571428571445) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 197 155.46785409109935 L 197 184.93213980538508" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,124,192)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="44.97500228881836" y="0" width="57" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="44.97500228881836" y="0" width="57" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="44.79999923706055" y="12">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="51.20000076293945" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57.60000228881836" y="12">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64" y="12">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="12">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="74.4000015258789" y="12">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="76.80000305175781" y="12">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="84" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="90.4000015258789" y="12">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="94.4000015258789" y="12">1</text></g></g><g transform="matrix(1,0,0,1,194,120)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="27" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="38.66250228881836" y="0" width="70" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="38.400001525878906" y="12">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="41.60000228881836" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="48.79999923706055" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="56" y="12">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="59.20000076293945" y="12">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="66.4000015258789" y="12">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="70.4000015258789" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="76.80000305175781" y="12">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="84" y="12">_</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="90.4000015258789" y="12">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="98.4000015258789" y="12">w</text></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="13.600000381469727" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="71.3375015258789" y="13.600000381469727" width="4" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="71.3375015258789" y="13.600000381469727" width="4" height="14" fill-opacity="0"/></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,65,1.1999969482421875)"><g><g transform="translate(0,0) scale(1.0376509657550772,1.0231999999999999)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="matrix(1,0,0,1,131.61599999999999,45.859996948242184)"><g transform="translate(0,0)"><g transform="translate(-103,-53.19999694824219) translate(-28.615999999999985,7.340000000000003) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 138.11599999999999 52.359996948242184 L 180 52.359996948242184 Q 190 52.359996948242184 190 62.359996948242184 L 190 108.19999694824219" stroke-miterlimit="10" stroke-width="6"/></g></g></g></g><g transform="matrix(1,0,0,1,22,17)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="1" fill-opacity="0"/></g></g><g><g/></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="73" y="-7.200000286102295" width="1" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="73" y="-7.200000286102295" width="1" height="14" fill-opacity="0"/></g></g><g><g/></g></g><g transform="matrix(1,0,0,1,57,112)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="3.987499952316284" y="0" width="67" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="3.987499952316284" y="0" width="67" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="4" y="12">D</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="12.800000190734863" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="19.200000762939453" y="12">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="25.600000381469727" y="12">k</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="31.200000762939453" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="38.400001525878906" y="12">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="45.60000228881836" y="12">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53.60000228881836" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="60.79999923706055" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="66.4000015258789" y="12">t</text></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,160,179)"><g><g transform="translate(0,0) scale(0.1,0.1)"><g><path fill="#00ffff" stroke="none" d="M 100 50 A 50 50 0 1 0 99.99997500000208 50.04999999166668 Z"/><g transform="scale(10,10)"><path fill="none" stroke="#00ffff" d="M 5 0 M 5 0 C 7.761423499999999 0 10 2.2385765 10 5 C 10 7.761423499999999 7.761423499999999 10 5 10 C 2.2385765 10 0 7.761423499999999 0 5 C 0 2.2385765 2.2385765 0 5 0 Z" stroke-miterlimit="10"/></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,31.999999999999993,189.1999969482422)"><g><g transform="translate(0,0) scale(1.0376509657550772,1.0231999999999999)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,346,265.1999969482422)"><g><g transform="translate(0,0) scale(1.0376509657550772,1.0231999999999999)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="matrix(1,0,0,1,310.5,299.6999969482422)"><g transform="translate(0,0)"><g transform="translate(-378,-276.1999969482422) translate(67.5,-23.5) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 346 316.35999694824216 L 338.25 316.35999694824216 Q 330.5 316.35999694824216 330.5 310.2799969482422 L 330.5 310.2799969482422 Q 330.5 304.1999969482422 322.75 304.1999969482422 L 315 304.1999969482422" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,160.5,184.5)"><g transform="translate(0,0)"><g transform="translate(-250,-282.1999969482422) translate(89.5,97.69999694824219) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#666666" d="M 253 289.46785409109935 L 253 249.23392704554968 Q 253 239.23392704554968 243 239.23392704554968 L 175 239.23392704554968 Q 165 239.23392704554968 165 229.23392704554968 L 165 189" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,100.61599999999999,179.5)"><g transform="translate(0,0)"><g transform="translate(-103,-242.1999969482422) translate(2.3840000000000146,62.69999694824219) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 105.11599999999999 240.35999694824218 L 122.55799999999999 240.35999694824218 Q 132.558 240.35999694824218 132.558 230.35999694824218 L 132.558 194 Q 132.558 184 142.558 184 L 160 184" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,250,286)"><g><g transform="translate(0,0) scale(0.1,0.1)"><g><path fill="#00ffff" stroke="none" d="M 100 50 A 50 50 0 1 0 99.99997500000208 50.04999999166668 Z"/><g transform="scale(10,10)"><path fill="none" stroke="#00ffff" d="M 5 0 M 5 0 C 7.761423499999999 0 10 2.2385765 10 5 C 10 7.761423499999999 7.761423499999999 10 5 10 C 2.2385765 10 0 7.761423499999999 0 5 C 0 2.2385765 2.2385765 0 5 0 Z" stroke-miterlimit="10"/></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,322,154.46785409109935)"><g><g transform="translate(0,0) scale(0.62,0.2946428571428572)"><g><path fill="url(#NcdKbZtDcomm)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1.6129032258064517,3.393939393939393)"><path fill="none" stroke="none" d="M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#NcdKbZtDcomm)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,329.45937956643394,149.9678540910995)"><g transform="translate(0,0)"><g transform="translate(-331.92,-154.07499694824222) translate(2.4606204335660777,4.107142857142719) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 333.95937956643394 154.4678540910995 L 333.95937956643394 183.93213980538494" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,367.5406204335659,149.96785409109907)"><g transform="translate(0,0)"><g transform="translate(-373.46,-155.6464255196708) translate(5.919379566434088,5.678571428571729) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 372.0406204335659 154.46785409109907 L 372.0406204335659 183.93213980538522" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,348.5,149.96785409109935)"><g transform="translate(0,0)"><g transform="translate(-351.14,-155.6464255196708) translate(2.6399999999999864,5.678571428571445) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 353 154.46785409109935 L 353 183.93213980538508" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,280,191)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="146" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="44.97500228881836" y="0" width="57" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="44.97500228881836" y="0" width="57" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="44.79999923706055" y="12">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="51.20000076293945" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57.60000228881836" y="12">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64" y="12">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="12">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="74.4000015258789" y="12">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="76.80000305175781" y="12">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="84" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="90.4000015258789" y="12">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="94.4000015258789" y="12">3</text></g></g><g transform="matrix(1,0,0,1,5,296)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="129" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="129" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="30.149999618530273" y="0" width="70" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="30.149999618530273" y="0" width="70" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="30.399999618530273" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="36.79999923706055" y="12">x</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="43.20000076293945" y="12">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46.400001525878906" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="52.79999923706055" y="12">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="56.79999923706055" y="12">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="63.20000076293945" y="12">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="70.4000015258789" y="12">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="76" y="12">h</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="83.20000457763672" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="89.5999984741211" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="95.20000457763672" y="12">t</text></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,337,25)"><g><g transform="translate(0,0) scale(0.1,0.1)"><g><path fill="#00ffff" stroke="none" d="M 100 50 A 50 50 0 1 0 99.99997500000208 50.04999999166668 Z"/><g transform="scale(10,10)"><path fill="none" stroke="#00ffff" d="M 5 0 M 5 0 C 7.761423499999999 0 10 2.2385765 10 5 C 10 7.761423499999999 7.761423499999999 10 5 10 C 2.2385765 10 0 7.761423499999999 0 5 C 0 2.2385765 2.2385765 0 5 0 Z" stroke-miterlimit="10"/></g></g></g></g></g><g transform="matrix(1,0,0,1,352,21)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="81" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="81" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="2.8125" y="0" width="76" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="2.8125" y="0" width="76" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="3.200000047683716" y="12">p</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="9.600000381469727" y="12">u</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="16" y="12">b</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="23.200000762939453" y="12">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="25.600000381469727" y="12">i</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="28" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="34.400001525878906" y="12">h</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40.79999923706055" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="47.20000076293945" y="12">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57.60000228881836" y="12">p</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="71.20000457763672" y="12">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="75.20000457763672" y="12">t</text></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/userguide/networking/images/overlay-network-final.gliffy b/docs/userguide/networking/images/overlay-network-final.gliffy
new file mode 100644
index 00000000..75b878de
--- /dev/null
+++ b/docs/userguide/networking/images/overlay-network-final.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#ffffff","width":361,"height":263,"nodeIndex":249,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":23.000000000000057,"y":8.18899694824222},"max":{"x":360.00000000000006,"y":262.0000000000038}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":140.0,"y":162.1999969482422,"rotation":0.0,"id":247,"width":33.0,"height":11.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":107,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":238,"py":0.9999999999999998,"px":0.29289321881345254}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":134,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-3.2842712474617883,-3.971422467905427],[-3.2842712474617883,16.319999999999993],[-43.562548866301796,16.319999999999993],[-43.562548866301796,-3.680000000000007]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":187.0,"y":134.1999969482422,"rotation":0.0,"id":246,"width":18.0,"height":17.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":106,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":134,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":223,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-90.5625488663018,-35.68000000000001],[-90.5625488663018,-60.68000000000001],[-43.0,-60.68000000000001],[-43.0,-25.428571428571402]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":166.0,"y":169.1999969482422,"rotation":0.0,"id":245,"width":22.0,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":105,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":172,"py":0.7071067811865475,"px":0.0}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":228,"py":0.5,"px":1.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[7.000000000000028,-0.3795674614555935],[-6.5,-0.3795674614555935],[-6.5,29.50000000000003],[-20.0,29.50000000000003]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":189.0,"y":197.1999969482422,"rotation":0.0,"id":244,"width":15.0,"height":36.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":104,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":155,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":233,"py":0.5,"px":1.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[2.437451133698204,-1.6800000000000068],[2.437451133698204,37.5],[-19.0,37.5]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":292.0,"y":163.1999969482422,"rotation":0.0,"id":242,"width":51.0,"height":8.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":102,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":158,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":218,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[0.43745113369817545,1.1599999999999682],[0.43745113369817545,21.428571428571473],[-52.0,21.428571428571473],[-52.0,1.4285714285714732]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":289.0,"y":102.19999694824219,"rotation":0.0,"id":240,"width":51.0,"height":4.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":100,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":158,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":200,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[3.4374511336981755,2.159999999999968],[3.4374511336981755,-7.840000000000032],[-51.0,-7.840000000000032],[-51.0,8.571428571428598]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":23.000000000000057,"y":81.00000000000378,"rotation":180.0,"id":175,"width":337.0,"height":181.0,"uid":"com.gliffy.shape.iphone.iphone_ios7.icons_glyphs.glyph_cloud","order":41,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.iphone.iphone_ios7.icons_glyphs.glyph_cloud","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#929292","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":52.0,"y":8.18899694824222,"rotation":0.0,"id":178,"width":274.0,"height":205.01099999999997,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":42,"lockAspectRatio":false,"lockShape":false,"children":[{"x":25.999999999999996,"y":110.19640369599998,"rotation":0.0,"id":173,"width":20.88802989941042,"height":19.0,"uid":"com.gliffy.shape.basic.basic_v1.default.svg","order":40,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Svg","Svg":{"embeddedResourceId":0,"strokeWidth":2.0,"strokeColor":"#000000","dropShadow":true,"shadowX":5.0,"shadowY":5.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":121.00000000000003,"y":147.19640369599998,"rotation":0.0,"id":172,"width":20.88802989941042,"height":19.0,"uid":"com.gliffy.shape.basic.basic_v1.default.svg","order":38,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Svg","Svg":{"embeddedResourceId":0,"strokeWidth":2.0,"strokeColor":"#000000","dropShadow":true,"shadowX":5.0,"shadowY":5.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":222.0,"y":114.19640369599998,"rotation":0.0,"id":171,"width":20.88802989941042,"height":19.0,"uid":"com.gliffy.shape.basic.basic_v1.default.svg","order":36,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Svg","Svg":{"embeddedResourceId":0,"strokeWidth":2.0,"strokeColor":"#000000","dropShadow":true,"shadowX":5.0,"shadowY":5.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":135.0,"y":39.01099999999997,"rotation":0.0,"id":169,"width":86.0,"height":50.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":34,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":160,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":134,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.3867377051204244,-0.010999999999967258],[-90.5625488663018,51.31999999999999]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":140.0,"y":34.01099999999997,"rotation":0.0,"id":168,"width":4.0,"height":91.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":32,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":160,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":155,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-2.6132622948795756,4.989000000000033],[-0.5625488663017961,93.32]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":170.0,"y":22.010999999999967,"rotation":0.0,"id":165,"width":72.0,"height":73.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":30,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":160,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":158,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-32.613262294879576,16.989000000000033],[70.43745113369818,74.15999999999997]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":113.0,"y":0.0,"rotation":0.0,"id":160,"width":48.773475410240856,"height":39.0,"uid":"com.gliffy.shape.cisco.cisco_v1.storage.relational_database","order":27,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.storage.relational_database","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#02709F","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":163,"width":88.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\">Key-value store</span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":null},{"x":196.0,"y":96.17099999999994,"rotation":0.0,"id":156,"width":78.0,"height":77.68,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":20,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":63.68000000000001,"rotation":0.0,"id":157,"width":78.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":23,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Host</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":23.0,"y":0.0,"rotation":0.0,"id":158,"width":42.8749022673964,"height":60.000000000000014,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":18,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":95.0,"y":127.33099999999996,"rotation":0.0,"id":153,"width":78.0,"height":77.68,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":12,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":63.68000000000001,"rotation":0.0,"id":154,"width":78.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":15,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Host</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":23.0,"y":0.0,"rotation":0.0,"id":155,"width":42.8749022673964,"height":60.000000000000014,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":10,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":90.33099999999996,"rotation":0.0,"id":152,"width":78.0,"height":77.68,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":7,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":63.68000000000001,"rotation":0.0,"id":142,"width":78.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":5,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Host</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":23.0,"y":0.0,"rotation":0.0,"id":134,"width":42.8749022673964,"height":60.000000000000014,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":2,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":218.0,"y":109.69999694824222,"rotation":0.0,"id":196,"width":40.0,"height":20.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":47,"lockAspectRatio":false,"lockShape":false,"children":[{"x":18.8,"y":1.7857142857142847,"rotation":0.0,"id":197,"width":2.399999999999999,"height":16.428571428571416,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":53,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":200,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":200,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.1999999999999886,-0.7142857142857082],[1.1999999999999886,17.14285714285714]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":33.2,"y":1.7857142857142847,"rotation":0.0,"id":198,"width":1.3333333333333333,"height":17.14285714285713,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":51,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-0.9157287525381217,-0.7142857142858963],[-0.9157287525381217,17.142857142857224]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":6.399999999999995,"y":0.8333333333333324,"rotation":0.0,"id":199,"width":1.3333333333333333,"height":17.14285714285713,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":49,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.3157287525380146,0.23809523809532174],[1.3157287525380146,18.09523809523801]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":0.0,"y":1.0714285714285707,"rotation":0.0,"id":200,"width":40.0,"height":17.857142857142858,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":46,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":220.0,"y":145.69999694824222,"rotation":0.0,"id":214,"width":40.0,"height":20.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":57,"lockAspectRatio":false,"lockShape":false,"children":[{"x":18.8,"y":1.7857142857142847,"rotation":0.0,"id":215,"width":2.399999999999999,"height":16.428571428571416,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":62,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":218,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":218,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.1999999999999886,-0.714285714285694],[1.1999999999999886,17.142857142857167]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":33.2,"y":1.7857142857142847,"rotation":0.0,"id":216,"width":1.3333333333333333,"height":17.14285714285713,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":60,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-0.9157287525381217,-0.7142857142858963],[-0.9157287525381217,17.142857142857224]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":6.399999999999995,"y":0.8333333333333324,"rotation":0.0,"id":217,"width":1.3333333333333333,"height":17.14285714285713,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":58,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.3157287525380146,0.23809523809532174],[1.3157287525380146,18.09523809523801]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":0.0,"y":1.0714285714285707,"rotation":0.0,"id":218,"width":40.0,"height":17.857142857142858,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":56,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":124.0,"y":107.69999694824222,"rotation":0.0,"id":219,"width":40.0,"height":20.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":66,"lockAspectRatio":false,"lockShape":false,"children":[{"x":18.8,"y":1.7857142857142847,"rotation":0.0,"id":220,"width":2.399999999999999,"height":16.428571428571416,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":71,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":223,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":223,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.1999999999999886,-0.7142857142857082],[1.1999999999999886,17.142857142857153]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":33.2,"y":1.7857142857142847,"rotation":0.0,"id":221,"width":1.3333333333333333,"height":17.14285714285713,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":69,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-0.9157287525381217,-0.7142857142858963],[-0.9157287525381217,17.142857142857224]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":6.399999999999995,"y":0.8333333333333324,"rotation":0.0,"id":222,"width":1.3333333333333333,"height":17.14285714285713,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":67,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.3157287525380146,0.23809523809532174],[1.3157287525380146,18.09523809523801]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":0.0,"y":1.0714285714285707,"rotation":0.0,"id":223,"width":40.0,"height":17.857142857142858,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":65,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":106.0,"y":188.69999694824222,"rotation":0.0,"id":224,"width":40.0,"height":20.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":75,"lockAspectRatio":false,"lockShape":false,"children":[{"x":18.8,"y":1.7857142857142847,"rotation":0.0,"id":225,"width":2.399999999999999,"height":16.428571428571416,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":80,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":228,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":228,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.2000000000000028,-0.714285714285694],[1.2000000000000028,17.142857142857167]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":33.2,"y":1.7857142857142847,"rotation":0.0,"id":226,"width":1.3333333333333333,"height":17.14285714285713,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":78,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-0.9157287525381217,-0.7142857142858963],[-0.9157287525381217,17.142857142857224]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":6.399999999999995,"y":0.8333333333333324,"rotation":0.0,"id":227,"width":1.3333333333333333,"height":17.14285714285713,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":76,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.3157287525380146,0.23809523809532174],[1.3157287525380146,18.09523809523801]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":0.0,"y":1.0714285714285707,"rotation":0.0,"id":228,"width":40.0,"height":17.857142857142858,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":74,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":130.0,"y":224.6999969482422,"rotation":0.0,"id":229,"width":40.0,"height":20.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":84,"lockAspectRatio":false,"lockShape":false,"children":[{"x":18.8,"y":1.7857142857142847,"rotation":0.0,"id":230,"width":2.399999999999999,"height":16.428571428571416,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":89,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":233,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":233,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.1999999999999886,-0.714285714285694],[1.1999999999999886,17.142857142857167]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":33.2,"y":1.7857142857142847,"rotation":0.0,"id":231,"width":1.3333333333333333,"height":17.14285714285713,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":87,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-0.9157287525381217,-0.7142857142858963],[-0.9157287525381217,17.142857142857224]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":6.399999999999995,"y":0.8333333333333324,"rotation":0.0,"id":232,"width":1.3333333333333333,"height":17.14285714285713,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":85,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.3157287525380146,0.23809523809532174],[1.3157287525380146,18.09523809523801]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":0.0,"y":1.0714285714285707,"rotation":0.0,"id":233,"width":40.0,"height":17.857142857142858,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":83,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":125.00000000000011,"y":139.30000305176532,"rotation":0.0,"id":234,"width":40.0,"height":20.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":93,"lockAspectRatio":false,"lockShape":false,"children":[{"x":18.8,"y":1.7857142857142847,"rotation":0.0,"id":235,"width":2.399999999999999,"height":16.428571428571416,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":98,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":238,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":238,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.1999999999999886,-0.714285714285694],[1.1999999999999886,17.142857142857167]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":33.2,"y":1.7857142857142847,"rotation":0.0,"id":236,"width":1.3333333333333333,"height":17.14285714285713,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":96,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-0.9157287525381217,-0.7142857142858963],[-0.9157287525381217,17.142857142857224]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":6.399999999999995,"y":0.8333333333333324,"rotation":0.0,"id":237,"width":1.3333333333333333,"height":17.14285714285713,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":94,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.3157287525380146,0.23809523809532174],[1.3157287525380146,18.09523809523801]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":0.0,"y":1.0714285714285707,"rotation":0.0,"id":238,"width":40.0,"height":17.857142857142858,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":92,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":109}],"shapeStyles":{},"lineStyles":{"global":{"stroke":"#999999","strokeWidth":2}},"textStyles":{"global":{"bold":true,"face":"Courier"}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.custom.confluence.c20f4a380e3cee362007f9e62694d34d947f28ed4263c0702b3dd72d9801532a"],"lastSerialized":1445556943068},"embeddedResources":{"index":1,"resources":[{"id":0,"mimeType":"image/svg+xml","data":"<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"no\"?>\n<svg width=\"60px\" height=\"43px\" viewBox=\"0 0 60 43\" version=\"1.1\" xmlns=\"http://www.w3.org/2000/svg\" xmlns:xlink=\"http://www.w3.org/1999/xlink\" xmlns:sketch=\"http://www.bohemiancoding.com/sketch/ns\">\n    <!-- Generator: Sketch 3.3 (11970) - http://www.bohemiancoding.com/sketch -->\n    <title>logo copy</title>\n    <desc>Created with Sketch.</desc>\n    <defs></defs>\n    <g id=\"Docker-Hub-Dashboard\" stroke=\"none\" stroke-width=\"1\" fill=\"none\" fill-rule=\"evenodd\" sketch:type=\"MSPage\">\n        <g id=\"Dashboard-Filled-Page\" sketch:type=\"MSLayerGroup\" transform=\"translate(-604.000000, -7.000000)\" fill=\"#FFFFFF\">\n            <g id=\"Menu-Bar-Copy\" sketch:type=\"MSShapeGroup\">\n                <g id=\"logo-copy\" transform=\"translate(604.000000, 7.071429)\">\n                    <path d=\"M3.75661719,15.6968944 L9.79845393,15.6968944 L9.79845393,21.5692547 L3.75661719,21.5692547 L3.75661719,15.6968944 Z\" id=\"Fill-1\"></path>\n                    <path d=\"M11.1692022,15.6968944 L17.211039,15.6968944 L17.211039,21.5692547 L11.1692022,21.5692547 L11.1692022,15.6968944 Z\" id=\"Fill-2\"></path>\n                    <path d=\"M11.1692022,8.16708075 L17.211039,8.16708075 L17.211039,14.039441 L11.1692022,14.039441 L11.1692022,8.16708075 Z\" id=\"Fill-3\"></path>\n                    <path d=\"M18.5808287,15.6968944 L24.6226654,15.6968944 L24.6226654,21.5692547 L18.5808287,21.5692547 L18.5808287,15.6968944 Z\" id=\"Fill-4\"></path>\n                    <path d=\"M18.5808287,8.16708075 L24.6226654,8.16708075 L24.6226654,14.039441 L18.5808287,14.039441 L18.5808287,8.16708075 Z\" id=\"Fill-5\"></path>\n                    <path d=\"M25.9934137,15.6968944 L32.0352505,15.6968944 L32.0352505,21.5692547 L25.9934137,21.5692547 L25.9934137,15.6968944 Z\" id=\"Fill-6\"></path>\n                    <path d=\"M25.9934137,8.16708075 L32.0352505,8.16708075 L32.0352505,14.039441 L25.9934137,14.039441 L25.9934137,8.16708075 Z\" id=\"Fill-7\"></path>\n                    <path d=\"M33.4050402,15.6968944 L39.4468769,15.6968944 L39.4468769,21.5692547 L33.4050402,21.5692547 L33.4050402,15.6968944 Z\" id=\"Fill-8\"></path>\n                    <path d=\"M25.9934137,0.636335404 L32.0352505,0.636335404 L32.0352505,6.50869565 L25.9934137,6.50869565 L25.9934137,0.636335404 Z\" id=\"Fill-9\"></path>\n                    <path d=\"M12.1939085,30.0475155 C11.2650588,30.0475155 10.5097093,30.781677 10.5097093,31.684472 C10.5097093,32.5863354 11.2650588,33.3195652 12.1939085,33.3195652 C13.1217996,33.3195652 13.877149,32.5863354 13.877149,31.684472 C13.877149,30.781677 13.1217996,30.0475155 12.1939085,30.0475155\" id=\"Fill-10\"></path>\n                    <path d=\"M58.9047928,18.7341615 C56.8764688,17.5965839 54.1761905,17.4409938 51.8756339,18.0987578 C51.5918986,15.7220497 49.9853432,13.6378882 48.0749227,12.1453416 L47.3166976,11.552795 L46.6792517,12.268323 C45.4005257,13.7068323 45.0190167,16.0975155 45.1934756,17.9347826 C45.3219233,19.2857143 45.7580705,20.6562112 46.6140693,21.7406832 C45.964162,22.1208075 45.2251082,22.4226708 44.5675325,22.6397516 C43.2274583,23.0804348 41.7733148,23.3254658 40.3584725,23.3254658 L0.613481756,23.3254658 L0.52816945,24.2161491 C0.243475572,27.1872671 0.662368584,30.1621118 1.92575758,32.8770186 L2.47022263,33.9540373 L2.53157081,34.0546584 C6.2690167,40.2232919 12.8313544,42.8217391 19.9841682,42.8217391 C33.8296846,42.8217391 45.2490724,36.810559 50.4933828,24.1136646 C53.9988559,24.2916149 57.5838899,23.284472 59.2987631,20.0310559 L59.7368275,19.2009317 L58.9047928,18.7341615 L58.9047928,18.7341615 Z M12.1939085,34.7906832 C10.431107,34.7906832 8.99709338,33.3968944 8.99709338,31.684472 C8.99709338,29.971118 10.431107,28.5773292 12.1939085,28.5773292 C13.95671,28.5773292 15.3907236,29.971118 15.3907236,31.684472 C15.3907236,33.3968944 13.95671,34.7906832 12.1939085,34.7906832 L12.1939085,34.7906832 Z\" id=\"Fill-11\"></path>\n                </g>\n            </g>\n        </g>\n    </g>\n</svg>","width":59.29392246992643,"height":42.185403696,"x":0.4429050300735753,"y":0.7077644040000006}]}}
\ No newline at end of file
diff --git a/docs/userguide/networking/images/overlay-network-final.png b/docs/userguide/networking/images/overlay-network-final.png
new file mode 100644
index 0000000000000000000000000000000000000000..3031839348ec7663b7116c54377467a0de1258ad
GIT binary patch
literal 28072
zcmYhC1yEc;v#8PFZo%C>xNC5i;1GhlyDd&2NN|E%aJS%#LvVL@3yUxQmiu3Mb!w?o
zhcml9(>*=YU-x`hQ;|hOCPIdSf<lv*lh%NOg7$}eh!8(Oo?t7S#X><*K*>u>Xn7l-
z1t7Q^4P?Bj)|>0qo8Q`MR~Y=`<^4zi6i4+${E#S4WH0v>wx}VKgxCI+J|RKbGmRz;
z4v~eHvX&AB4)r&YGc2)}!Iz89d&{P`hw<HCRwBo#_x~z>U67Cmb9?<8<8uqT9@lxH
zqo=2*ly?>XuM2o6utg8OdAO*nqV}Ih&f+j#Ylw-k?^i<@EH=n$L~_(d0bTC>0;c)>
zr`^|7$a}9Wde#EUBhc>`64({vzg|Hf!-l+<ON+u<VzUhd_tVhP(PM30Ac%>Hjo^<2
z>kU9&ZLn<(@Tw<;r9L7d=>Z+_`^w5p&+vt%ZcsL&p%w;wg>wjy;ujJPuKO;}ab+IY
zO%8JiHZ#r>)95{<rgJCT=?fX?PM@L}%ifKLzdoR{k*F2^=<l^U)|Md;%=J+GM~qW_
zOd@^{LR8`N+!gmgLC$QSo)U>V=%Pf;A$7A(bbEe=1JQ>^Qt-Hn@>&j>DJ!5B93oJP
zFyTr-yOErjh_VQ5u|ay_MR2(9hvt^o)<EuI1na%+%_Carh({sziP!NDxgYuP52U`C
zemQ?riwJNlKV|Pm^`2WItm8HS&cCJBsA~=pVS?Ms%u5d^M^r1W@Rn4D%tL=QIqG4_
zI3dKzFgf%rons6G*?pzmd?*pt(giZ`dRfUY=@Y@_aiSgCGf@be?9zG$HODWR)7#Ij
z(0^R!sn%LKF-DUL#*Q@ZC<V5--(@7SvlxnV-tv~B4{SUA=!w4|FcUkPQ|x=#U1Jo(
z?3!eFr}98G0$oUw0B}k+tM8l@a4xSy@#?<f++ehEe{3J~@970$3SXxv|Dj>-8FRES
zNre6VE{siOGHJ#@ut`S%_I+32T;)H*mC1ujIN`_e+u=B)t(p73Y4Yet@4Xc<Omr|D
z435Z=SOecY@vF_B)O-DUpnANxc>Bj&sqme*!C*OU55V{?0y41$y`@WDa|Jn{$ThTR
zxg%GFV%l9FpgO**o3tX4cB?)4^2(x(p90#1Ak&;$#|41ZfDxz`g|H!dT(0x$G3S=h
z1^j|Wpb$^0*~%ou6$3HR@tvZxAzXB=#{2w&PJ(XlLz=rUjp;Kb6@uS0$is%Zyg8Av
zsT1(1J;2pF?f&tBkYQV#WL}<uC!yF915L>L+uTw;4+)ikRLZ=(Pt2tww+~mp<kyxF
zFS00Om3^d<NB1T|pxN?Ui5|PU#01p@x$;TEz=C#1({|i7`N#y+Sg!WGsW>+ennq_p
z>*Fz(y>+(29W{suLA6FOUG!|JBuSMv%=Z8*7jbC+$DO1=*L_#}5&3>Ui*fMkB@=GT
zjdwpFL+*U$OxpjtfMm`S9kCr&Q#=9kll|Bu5=wp0jN79Q+v+6g$Y2sfX^`PsmngxF
z3;9RFzD-rF(4T*3tE%DO!r*&!Q$K!pfM@JwFj$(2wL(wX{W|_Y_8A)_VyigPqx-JZ
zHFUCp;A5ywUjQ-wfZ6JfIg80h+8JDOrz1?!r?H~4B3WKD$?dUla<Y)*;Ri{P209)h
ztm}h<f<laoRNkG3LT#=t8JI3YW{M~050Eht3azMDZ5POc2QQG)vmy2zjCr%D#>uEC
zeZ+^G#A^$}7c({X#}~ID|A_xK-pi1SFK#-(9Hb6K%K#+jygvL6!{CyCEzX!D_R!L`
ztqu+9kS8g%#fgj|O9a$JD%QseK@4G&)G+NL>nE%XR8X4=;?{EAc7ZceOuF<qMsG--
zxC<uS2XN?svK)&WzaS^$)$x7&j{-YqxT=7@uSM(<U7bNo|FjbUPJE|(p(+OuYo+JX
z^>q3H8wb->*CJ5T1m}MU(!M+4fA7qM)N<(ecPpjhvd~F{)qJ-?N2K^2NUL~#bb*iL
zyO29_12w1II5>YN6A6Jp)%R~yHO|)K=Y{w+=jr`qqd|y=V>4^=|4H_4XMMEGGOj>T
z$Zbo!(-kBAyAqN<GPkFYK$)|VwxS5X8?cC-$ey)-46H`)ebw#F<FXv^{*g8r2lN%v
z?0#z?BUUO2AV#cXG_kA=k?w*?W%T~&T__{_#8?`Hv-jKfB|36fd<5OuySBIG*npG`
z?G3f<p$>q+(*1fxod!Oq*8={}7eOFIICKtG(GwE%=Ytn6@U|GbK#3dueH$%3(&T0b
zp*p36N?_8Nu`BR>K!^`B{Ch`8tWQY$?@a{52;y{v9+VF}C)=9Y*IXID(8*@3)}1N4
z0%;&}@_qkVPwXZD%(@fv-A8=&|FgChmp!*yzGwaXug&8R1NDTwQ^L9eI{ySjgt%+9
zyDb`YchtDAhsT1?2ceQ#&qae(NyZjlEtL*_r)?zuc2YURJ?!$Xz$5{P2_)&r#wj}k
z_EEgjc(==>ED8e8mimiU1(I;up@dS4w^N(+hQFhDJ$dgz(IDKsFJfeDBfMli!4o}L
z$<4Prx4pg{IvZhJ<LgIcf~Sdf4^I!2VxlCcGv8d+uiP&;kJa<pd|Ld!?*a7Q^^Z?)
zA;z{3H7|0z4qJLb*8ln!pQPdfb00~sJGDBSOFfUA0~$yUJVGT1e{h49_L0WtoQ!P%
zJf9?6U$*zd_poJ`_-E_^GTy(7j?coxabMg*cC+={KKCQ<Evl)rJE~ErmHPBX3~-t<
zEdJiibp|8pHSh?@5ReXn*ZoKq;uGv9{j%CPtOhr6*%#vDhJ}xdcydH5j}AtL=;i6J
z!e1Yy(cqC0`5!-iP;hWy(yQk5|D=}X@cL)?BR+n&ew0nh)|P2-aIk;#y^-L1qetY)
zod>Mp%wNBz*4JYPVh9SGn(+MY&U!!~4ty3}fFgS*Zck57X=SCfv^3n#?(X)5szp4_
z2=wM2#K1NU7xjdgKNpnXs*b$Q>zKd?-M3B#sK{N8kB{%%UmuK1efvhWva$j?$aJD&
zVnWV+7_-_sJfx?2&7&y$o6(dx97)dxy%|a1)vO!~+?bvYeth&TDk`E77A7GNdag@Y
zNn<x*6VIA?S#Gd`-@1mP*h))HMMg4dg$H@X;Im3vm)`VdIQR`O9x_93F6u0WUq8Lx
zcgI&&vaI<WX75zNZRNh+lz87v%esKJB#KH(ge<smaBw7TOSFQX!7lj~CY`=Kscc5k
z1qD>k*J5v68$oXYwWRZWTG!_0=7=wylF26zUU3a=ZA6*84%k75+rUr><@r9Tz2Y?E
zUV?7$=Q3>9zsRF1<L~pWfuHfIr>bQmTD#&45|DmrGvIz5JZkb967Y0KDI~PYNJ2%i
zI6t4?(n2tr$|_}LMURYv@-riYvFLec=NokYP#h@^VB)PrIyWtip2pXX>PSaR3(@Ee
zp1_deKutq~YEEQiWP~fk$HzyYy8G4FWl4>e1~MBo-)DoS&LGOrXJ9v|7v(b6$zKW}
zdV5G7aD#=<X2@VECH^w*6c`%xkQOANtNSr0=+$SN(d}VBZMSZSOb7wU-T{IkA|e8H
zUIbhSvvoXQjq<zfz`ed~zLAE8hDwTDhqL=bo4h?PPA@LfKb~J)48`(oFl<Os+w18O
zI{w-I01duh_ad+EdbE|6m8GVkkzNz_JX@kfM~=JwWmk;_c-acY*ohPRhk26UvKeSl
z>Q~)%!sG%4dV4$0eU&Fc-h7zwa)#_vqeaUEclaSX6Wa!D_Z5t1a9Q<V1YX9NMAbQW
z>|tRPyn*B2FfVAj18)k+w}V~}gZe42_mWf#^74QvIwt7L#P5p(@s|<BK{*aZ1qJLp
zMPOA`72eiwOz8WvlAK<<noc_RL#@myyMxJ~*9NuR=RJBcEDe4MP%r`+FqPF{B2!?V
zOPJ#B-+Ij5oo9Z<+wx>!gj3Md>Qa+kns?yq^8@%qr<<whk^B`Dc?kWg%(o6#p3ShX
zsVv2Dz#0}gM4M(9vfl0$b9s$vO8zXQEiRl@S}y2ug8O>D`HCh6?!o9s3yIjO@!x0O
z>GoObczrxg=dz0XGmZ%s2#ouV0Odp~3@Wvy0$oq-2#;{B5ClH&lJBm2ZQ?~DIuX{@
z)fv~HxTbIPLtN%YqduAFmymfW3=tZrMC|+b@j#xU#o9ykgnOwnXhD{LOzVCwcFv&T
z$N7qMBuvBB1^%X{EXkNP`BO$#c7Q9n*T;`SPE)7b^IV@Y|Jv!{;o<1`xTg<8j0LsX
z-imcQ=vdJN`_W(Fgp-r=&)e%0{Fd0&F!fGe-rP8B<YVB({>|}huS1gb{Ir2nC#{yS
ze=4@v(BM4?q@g7k^m1x)+5Ps^4IUDEr5xnu;GjSS3h$+|=uvrt`f*edYY$0$_(60)
z1I*2U{S=*OgFY*<Cp`=k2LWNHclY9C$b&)31$}okT?q5>AxYypl01+B7`yeyaa|C4
zW<mOPbT?j%4Uox{1B-x;h;*;h{g^WKc1@AzHIAoaNLh3}I4F}(M+JI2?S8FLtHadA
zYl@oTlgPCtv;)3frFFB+DH|CXNhTg{OWS1gp}w~83=9k)1q7L!7lC<To4gCXAr{$h
z3MB5mJ74XQ3j44HF_~*g2kF|wk0oU8s$wsVQ2yn18$O4mmrB~&Dg3Cv6F+%k7+DIi
zu)psC*o}o%i3R6z;BHqP+m%sc0ncl0lSm2l*0XjIfIpVwM3-JLWb<OrBE@zJ_uL>2
z7~@vgVo*j&ze<6Am}4S0@-?Zyj<RwrKQ7|VS!A0RjKI81hpF1U85&rtdoA$kTyngB
z6*jk!U^?jSKFF*u0`0IP#+w4vERo&j0mt@K<PfYOK<!!9Qt~r>=EbY~$*2Ro6XOjT
zYETaXIbvp*YXjx5+XkF}xs&(TON#B_dY@~{%cS71S_soJJ#PoW6cFcP|GtiA7B>75
zvtuW%56<C&bChYshANYyf4Phg!gWmMUbym_bHlkQO@ufntTxvHv7EQuganFLm4x3d
zsKHN=xswUC5KGL5OwHPpT#o6x1@h9udAV!p#<Rs4uvVnzfc_PU66~?s>;Tia%tz~b
zCu;!X^x;`#6%GzA%RoIY=7jn+2QbzbaTn(IuT}O4bkTOo2EC^xf4Nog7|}w|6_0@U
zRR6(0T&#oeQf~v(n|O!cdNYAW;43d=iOU?H)>|XjCT(qPJ*2Uy|MvF!BIz5r8_O5A
z5@Cx+q$@8>VZBzor;>tny8vf;vV6QF7a)KEO-8gJoq|Z~(VX82u*D~Glh+!+6weK~
z(=%n*XAQZ?H_q8o#Y2_I<b{Ue4GtKH#_N?+l4AM}c~z}s5KZm=&E)OY1ZFM8%Z0^#
zwWu=$0cS{cU5qyH<idt{YfS*5yr~j8Hvn`e<$>23DA)b=axoB0y)I;R8M)VArU>++
za<f>RbpwdYi5K=)V|F^0MwT3+#J0hi!*J6&evYpmR3*}WK!x_CD^O2nB3!}q*3|6|
zeDP7XL8L3Kxa~pk7Rn!ror!yKeMViPs%;=I&-2Dq5~;K#A}$X25XT9lo45yPc=wfh
zSt&2Jt^g?Iyh0)B*b;Z2B6nq*bwV37!~<b_2IcG8d}&8stY^Xz#a%9s%bT`*^T}3M
zl}`eh%Oq(pgzupq^;)8X@-9^HPh)nib~WtZ6FHB*<<{wQV|vo_Sg|#8B|^Ju+kcQC
z`*<~dosIx&#NXM$ZYebX8&6wp`!Sl%o<_{D1;@W0!ui99bUGPIB!e>8Be6x%iYDmF
zgTSI2OxFF%ii$Xn`NF7;TCx*lnP)+Fkd5=}nSoo&c)G8rZw)FM8j=((2Grx4X6!E0
zI?wH?kk>z4fU20U70%)C)+ZRzL-~9470gnVf;!!D@2pOk`XD=qb*DY`*pN^xsdq|<
zh)`=hyp4&d?$WHIXBTUzXJW=y-E5X9M9wrb%X1RVaz#A`JZ@b#_en)P_*NQ;8ws#I
zR4?~ITycX{m650>3<<6GKu|U|+wI-l?CE8P%OF62j!Znc5~;14ZUs|cU%x+pNGgGe
zRpwyEB88C{5=QbTK{or@BkOuge9*Ciwy)+e93LdrbyVN{Rfl0lh!M<SOC`Snl7+rM
z2KZhlnEW97{VTGZ{N!%k<zs6S!PR>8y9yRT%ZHniBN-Z8^Ejws1?3?&q4LSr$3DAA
zOei|1pm}^_7aZCk?<Z4S4%n`bep|?)^^;Bt0usdU-Ouc$M8|AIEI<`5kXD_t`ehm-
z1e>{*UvjTS+O_h>`>RG%Uy)mMVD7&{1sN4Rv&DP|Ci2&J47C5HHWL<(5u5s(O_aF?
zcbo1EbGS{o(Y}wFIn2L>ZM$GmpCL}{n~c0zCbBDSMk+J&>iViZpw|13`t@=klvd|U
zPv$DAi%YT4YMvZtJPjs|B)Nla{WYHNZNAcNUElSe<wpmaw7L0Sv0bm#$pi1Fn(~un
z*V&+>WkkF%CBh@5%Pqk1Y_Uq)iYBfH`Se>2(iHQ2(K#EWyWCeQsx#Ymv6*?3O;$eA
zC-)g)v3i2X)4ND_m{pgf-F{>c=ioQ>i^12h?WB%_?{@be9jzTTt>SN_um5~yMm{~!
zNJP$*lpG(=dmpHX`TH$uEEBjp6$>##=VFbbe%*az)^0sJHxcFYd!I&93%?TSMYz2k
z=&{ahN~!<MIIYj;DI{#`diUiS>rp<&bFFh0tH8vz$p6}7c4EjP$KZ4#?8few@zTM!
zFvY^F##jt_3?MV#_(Xv5uxGi?0TB*Z&()1mb4p4|+B+KVv&1-nwYQ!^kZprm`g>dT
zOO&AdQNpmQY93832Ro`;yC1QOD9hL0&>udRgwJ~p{Q^^#k{*+v35;lFq&a-kdnMf6
z8(WlR;}*l;<3&kJ)qAFs9;CbE1qMzo9*%&8b?BR9sxrQV@esCPB?F~w5w{7D7x!Gf
zAnu#`U-JPbvJV^5S>zR3mkGu0XH`%mp=rJWak&{X8TBD{J%YW__sQI6zOxhV<GK)F
z6EQj4^;sTE2}lnJJmAX3;?Y}|P@q%9zsxgDI6;>Q#s)EtFf-9Aq*dyE_L5LYt~@+Z
zhWOj-c};l9&_?>UIHGO(d(6cUPx6f~=^n`lT-sqbXFmxAVx4F2R~3L>yF@tdx>WIw
zv2e?*2F-u`x#3Vl_&u&G+ZEP1V!USg6>YqkD6YQdoqUIH_mMO5nAcWeq}gGS@vcBO
zi6QS`bnW~TXDCJV;uC5*$9A9L!RcAmwYM3N2C?e(Kh1C}CAoq6NBw%%nS**d*qf?f
z^SJ+bUw+G{%5zMAtNL9|2~c}vXJ*DhfIUasknGCq)7j-Y91?8hZk!E`w(b4<S0Vq=
z)RnjF;4(G)B+CUNFuDnkU(=UEHKX30m1>HC)lfkn-wF;s;bJj-%)^V{Nhc+7F=mGj
zfIQVE#N1o_D?HLJqV6gO&bf>3+XaJOwtn|9IR63AKUO=sA)9y8UF}f}`EXl=T$h!t
zuAxQkpPDF=WF?RZR(W*Pd^CIYD7Q=R4)^sv@w;uits|EKe9_kaZpFCohk|v6+oD9)
z=zDm^dfh-)l9(0C#9z&`m_BH`0rTgu^z{;d=UjS(zTd@-E%ApN#KWQr7n)0};=#0E
zZ9d!3Vc8?5bJJ)j?<h;NQ^9k1Ln$PZI3pl<BZ4@#pn=a)&rW2PpE_@DDk!1faJtlH
z4#bGm&VMeQFP|ZA;hZ5oZpcLU(?V~qewnx*8tohba3A;<9A<W4=`Q#$z;qQPe*H|R
z1N}TVsRYw?0UMu{Z{;lBiezqSi5&lD*%vll8&CrfMvJqousT~_zy_Uf|MG{h6c=>0
z9V^Sl<qxk7Fred9Pe^RnB7eo@pbEhXL4WEIMxbQ{@&G}`#v1~CwS@t`C)c7V;5lZT
zqYT)H#7_D|2(K~36ZpOS7rH!v;g+j@O-EZ)6aft9OE**?eQ`V}4RP>z`g<KB*|6?O
z#&zGqC$)*L8G-au<ig%l#o|sis<k^fs@>j}Lfnb7S(7tqzeMN9QhGUS$v@1iDY$&z
z;h~KKTwMKzGbd@;!5e^GOnU*5LTg_|`9(|ktZ6<w`6jk9)ABkUyC-?_OwU^F4#tY^
z?(gCNRH-W)wD_V`*$HwMg<l&8_Nw@p#mE*|EYwkc6aD7Smr=k(%QXXHI&mmDsHv%K
zr2^^6_*F%2leY#~Th?|?E~ft7GyWVT5exlk?&9q5<?45b)g;;W5zu|i#>Pfc`J@`i
za|)DgQ@^Iz^5z$<uHcF)C;N?g>8TyB11n09F)}pfUSYl!vC}=8I{^b%2$)n31cOW|
zv#$!x>RArN59en|3CTP0KqF!+p6Q%PWJF4Abn@A-YZcFf=_yH%4hP0N#^&oE+5~*D
zFNNyjO6uaG_{_3S7picCo$=YyIc1teJMcl{TAP^MDM8ixaw34q@lkF>7PFxc(y{N7
z-+u{Q8yP{{ozPu<0Uk<>X!R<g^sK6@sKhmNbEe%*5~I$_>b`NiK`GF3TkaJ#j-uAA
zWeUrc8EYv{$lT^$dF^*+R|OWS4Z{K=h2JtHviR&I)F^IvuLOa7isgsjE`Q17dEpHc
zs~>~<${}&$GP6##A!GIQn7usEii*W6sRgD>gFnm`imYgiaqqle;F4nZmzrFjL!<`3
z+lR}0OPrqUXES|FWU{gPzh1Mcg?FseWWc-U5i1{YhBsA%=!PDX%QY^P=dy_6Uqhr|
z(~Doecw5&+f#*$&B%l8JMzc8zBIS1PM)t=ildIa;FskH=#zOFgGHG`wF>vFs0}m7+
zA6Ww>qDcDbTh@Rb;!Sda5v_#V8wg76lk?U3-lfu3)tcy1MBXHoAg(0?pbijIadn6D
zY=cnvGKpnY+amvD3=7uUo^m$FP-i-@84JpBB~nEIKkNEv|CWWTFuB~_q8wVg$vIHo
zsRF2W%}&Xtpi9s}Xhja|{+$&+hQb0avh}FCg67O_Od{90VD!z|SP#<#+*&)XMlul!
zoFsl*%ZI?Yj24V?z)~C^=06W)e)qVqq#ri^#Clg|aPozS_H1GWh}DH}2<NDfVSp80
zUD={Vq`&8&Y%_}2j0I=rMzAY@;7E<p9xgjx?p9&e%1XQ<Ilr*SL(D2gD*0c#Qh8J0
zi*KjqUApHQePytc2YC?ol8tz=NQf<y*Uw%9WL6S{>kDREy7GzNC-+Ft+;Ex$y;AAd
z-^v|Uz8KOT8(c^C;)N^t1?NWMc|7Gr@GQ99SVQ<s_sxu==YD7Yjm&{xIdKXM*nM>G
zpbHWrg}WExa(Nv_Rv>Ud6oB_VSzO8{9p11bmO**8xTUB_nnb_x(mTXRR{dh?uILZP
zwWZ1sZ0dN{h;eUce<m`shs)-yvH%;~gu|%hb|Or$2xLy#<Wa6_Hn{n+Y^|c)X>A(1
z4B)XbG88mZw<E|-b8$yROl;d^eqSli9zU|J><4`%|EA%JnbL?z>2^pV!u!#o(`tIb
zYOKWD5g>MzD2YYHJ#<VS(*h$(D1`^3jUsH_SvSmgdkcx>6cOX98FI`fBQzWj-5c|S
zs4;XDCOdvA?F*e_X5qX|2(%i^|2_f}Zki=CY-=vv^m|-FKs3Rb$iBk707o>!W@RtJ
z0O>D3i|S1{ssq$~4|~y6y2$N`(b>zxm)j+ih2n=wkI<#sR`9<R!jF)AgZ5|^JE;%z
zmgYGSDx1q{BI+CAhE|p0&pf0b$q@o~5E$lTzt6PKJ3li+1&q&og~Xmw;K;Jz2;a42
zv;a&xo&#gk%6Ji5vJg@2zd6!m2;e(_Nb#d`CU0wYtJM&l+T0R5u&dr-YD&-~oiNyd
zuXtzMtHPyYLASo;54;3;BjtF>U<D~iOzhb@^E%YDgAi0!ar=c-wAcbhbe=9bER99)
zn{{q$MP0#W$-2Vyg{Fn1h^UB%b<0i%IR1J^OqJ>%fnQO8Dr`VJjK5#cYujnHTl++%
zmo@4|j?K`;W?9b>I4r-j&B6s$wEYu0Mz>~YeJZrnBwZK+(#Y$}4tj@AIofLKkUUUl
zJFn#w#K?++i}ak6_sCJN$2j2jj5}4jdnn8xF&p?9gIx84|HQ1Z&1RDLW+Bwu0D%d2
zGF`BaYe;8%)y{c<)ny6BN$sh5#m^V^72}3aWT&5~;g<M3RckJC%Vzr#748VV@0AcX
z1Rcs+n4wMlkUI1tCkw7`CMeajr3$O~u)~EE#<`DXq+$WxL2rSk9k<d*Cfl4t<GK`u
z$A-f2HzFTEW%OJ-zVhoIGmcb<2(vLMUQUft_>G)|lQxwJ=qRaqrAu9WKg8m3ntT*c
zmAiv`^g>>ptdoH0dW-{kl6KWViR#G9hsa=1E4=nYkqyH6A5>hL7d+94B>b3yP{AWl
z<uF+&(cqkzsx)Efv*U2L#x??sF75CfiQVnf&84i62MK7Hv!OxyTNR^5#kgPeG*3qK
zt6@YVzi77XV7vHEL6CVb^f<X=ZbYt-S)#6|q5=i$06Hy)g9+s%{0TjVBG$5Kv-w!t
zL5yZJ=m_M@cXN42{1}FS@bR(hhL<<mU{3mMsjjao@4^#UVtn>+n7cS?W}5ENVy?=b
z)lF*KYa(VpCE{3Yx<w+kR!3{(JuCbwk-dGWSr{5_-hJ(jvcX(`3j;|uO=vhRZu=2$
zUE{9-4M3+U4EE^{_-FC*VdI27AZaKWI##Fvd1LNslO#aoW|f4CW_P|5EuX1q*HZ>6
zF5lg51WHz#-(QBKS+U%_3pSoc1L)1tpQ$}sbIa{Xzx-rCChbfvwe_nY4k}3)m!VW{
zttPac)_5W`v0Qu{7MiCtlbBkE|EUFtZyr0kVuUuytkOE2IvRoO`_aZSZSXhXz#Z`9
zW&f~@?c8lSB-e(B-3sBB7Clf2eQ<rg=kEylxH^%3>pc)$|K3A3RpL8Dy7vXhSAgKw
z5}caD=ici7T1eM;8~@Rm`EevD&;eUz@&22te987<64k-BTgA@h&bH<J;XG7#`TA0d
zu0w)Zq1EL^#UwR_GaK7WWosrMwPlX!>qj3zHGmuQlLx$rbjSA&cn~2s_&z@K4BNh|
zmKUq_d%ooQ^0JeXQ5!#_)*8Ua@AXgls)Y)wj6`mP?T5nFUuz%0bA>a^vKZ5`r@u2D
zT`RbGIX=aulI@C5K8#=9ORa^p9ubpCy@CGZFs?QtVIcL}(d%>1i`xR;I^U|&FV{t0
zLXXb=Ny#~57Et$Ma>$D4dzpJ<9!t@4q6f{vvCD!wDCT`)W8(`8+c83=sH370rM#_&
zf1C$he?A<<;^66-$QJr+8-Bjpvf4!U&v%#@s=Lez?(M<17|O8lMwK`TOCYEk%C9{1
zhgwfB2Uh&mkzW(P;W{;$$9!zs#V6#)e;hk)XrSD{M;n)_1u3oFKkZAviQOvj{3#dg
z?-gOHLxi0TyZXz}!-=Dee~k`ZZlBwh`VqLPoNu85&7)Y;33PaN<kWdIunTGh#bB>P
z=b=05s)&c8EBbYH4lF1bzlhX41E&z<aJBQRTX8C`XMd)do~kVISPP(Lqk)wUM^Ted
z?@Vott&%eMDyr}BwQ%)1q&{7zQGcS_XxtX^Z8#w(9QwXu{Cro%q;_i)_WTSGYAK5O
zh!4}O{w-OM_DQV6AheJNzt)Rq>pDQD18qHj(hFsa3-5TN)6b)-ti4)P6X8%1&`nD}
z7jfSnuf6?tm(z1K2Desg!&%T9qP=*iq)hzUHRKAYd)aB!oxjTtkScij9&KsZ?ZU}s
zkYPIex~>spI<XA6uqExv;A4Kv_YA|(gQ}zF$HVF2Ecf@CA1}9a#;qZ7=)v*(Aw(56
zfdb4nm<c18FhT$56{ee7FD`f2?YGLSu%3e5RgZZyyJ%n(^RHwKdyC0cU~5)Q@i<4U
zDazNc+*LT(9|^?AQm<X&?_7Y)e!)IC^TYdWDIs1C4ai>Y&^P+T!dOwWo)F)m<pI1n
zA?{Utigqq9hhH?#iX0zxfDSS#rX>w;fZm)J^oIwHx9O3x)~{85+4mb9kM{L!qdy%X
z<+(M8!@$7)8dUk4fSuHa_qnV_&WM8MX|qEw9LJ-X2-XWqwC=q1FlRQ~VK#*bH4V1w
zXBO_iDVOoaU0mR17D0HG;;#GWftjhtmCG-<ym#4}$7=yiwA7Z1fM(9<NwHT6RwjJ}
z)87hK%F$Ko?we({XV0~8@W(DoU7{F2^G~n?ZH$CG19e%JnqCTo_limte;K_<E&1eq
z44<!B3RGv~Wl?T1z1<d!QD6Sgn8Sd(JR7iE3xA1@kj~q(c;PPks2fH>J@KhF<;LLh
zg@Bo7dtDayZD7t+A*qNXbl@S$k0l19<A5U#ARpDbUo?~KG5~oi=ru%|LvJ~9e`T44
zZ(rv78b89{_6g|M8mF<Lu0)l&@dVyw-@YJ=7fI8OPsE@!x{0QTYV@q?9^y!agk1c{
ziiLejDy?<R-<4gYP9!W?FZM=hF=yrwMf@WltPUMuD7P6{Xlm8%?*HNySU!@7zVg4~
zyEhOC3dPN$y?F1MGY``JfJb+YB~-o2psicdT=|Y2Dtfn58->>MS??#L4;A41b`+3+
z40Uf+MUj6ROqcP8Ddxje14kDF=U#V>2pI5Ul|1lhiN;uDqk!=T$5tqL1kcu+w;!Fc
z;M$MGV=DBL8*q|ceV9S!G9VYnjM&E;q{O-*U>LnNr)%gU!Pa|N0UP*P3Q~k($Ry)G
z@QcKp?Z=mW*-0SB#_JzA+9roT{>tbJtSU`5CM%AY^Paq0?TV2XihLDa`J7r!#Azq3
zUC?gN2}F25Qa7-sp2o=vsQW91^e>+!ZoTonAh7cDd|b}l-yaCA4+oj&rs4TkhR9%F
z5jSDwHhS3rB+x9?v%@^&fQR>mHDP^{nalEtJ<Al-bNL|pnW#S9W2?P3@2A8$=x(pC
zAKT-T^DDd1(yIRs{_4QZ<eYOiSOaCDf&a~HKh2E)C9v0zNSK)zl+hBZma9GZ1T2~V
zwP45kjnhowK1Zet4t#m-(CSy&i0&7!L*ZtM%3C!onf_sGk=yIr<fZF0)@li@bQzo8
zCa~7pWO^ztmibfNry+b$%GlJz2Y;_)P{6SzEwqW4<nir_OL+3dC*We{;}TA>pGgvk
zI>f$antqhXc}ola6Si4x-~&}ycxi?EiGG{&RuL_m=}Wy*QGW%&<UeAP!C;(}Qd`@h
z$Knj#)Xu4cm}9cKeguAE(0Xy-eQ{<Aoc{}8(wo|r?`EpmVKqyiXqpzFYIbfGFY?=}
z>(6=fs<47r4eH8@wUDR)<0oy~X{WA6UAV+rhQAJJMbW^DT*IVTow%kWCiklv9d_)%
z5zA9h=!=6$7&0@Fb7?Jd+4pH(om#|v%9CK7+bSb|_mv&8Kc4a*5_ch^9OMj#fWoZ4
zIv3moPslLb2>+b_T|5n{tCW6i6XWDc&maX_cY<cX`c#pR`SfDDeBY(5U@D0!M0!TT
zE_30cO9M&_3Uy_Mipcij!LQC{Gj!o;?74jdz>*q5b0idF2m|(&iW8y4IZ*o1ys^c-
zcH&ZDm`Fm`)_y*sc?k9PGc%2X!8wlOz!qzkBIvEgN@;Zq83c}B9Tdma=Gn1!;Yr*r
ztd+4UVx_i{|1ma?W8?Ry6#14lTQ?;w?%9UQf&M@jozO}V%rZG_crdrmZqSUny`8Gn
zF+ml6(dFJy|4Mf70lZptoD-K;*|fGI<Vv>nW-p7r!9V}Ig67C5tt2MQ+7d~8LjU6U
zk%wx3*88-wD3A@>zf+LK%EXF9@2g*REhKw0`~h@M8k!LZwvx4Pz(}3v-j<d}OWdKV
zqvA8#n^P}5xO1G&X%yx|L*hIs!%LSs^p@u#GH926I^$kVZgLA{>3W0M)CND{u?PnT
z0F9V8%2siL2L9c|_EC6Qt*Rf~15Q(}vIzrDv4JImvds0V)#;Fob9=?2`2EuyRPKC9
z`lB}!=e<Z-(*?`FjkaMk*W;VpRs8(YQac$_A2e*Uf?66OZ7xE6J6Q~sGy|w0`7cB}
z1@pyw`P*1oY!#n1{pgYFXA&|JzxLJCs>Sd?yzAsjxw5iy9-9~?rG)voJKe+1xB^Vq
zC28TJ*-*xyK?!WvhP<GGmxaI2M35vJD5Llyo{t?1qjvoc&joz_`oaJ9TTIT1ezDmF
z|5!3;wcP<lU2Cx=?@vAc<@C?tQ3&h%V5Jw|+1Y?FkdoTL=o6!XiBk*@wo*4#k4cSV
z+hbMu>|5_JQ<IJugFFWDmTaV5?CX_h(9dEU9k{zVhpUZiglXR{T8@U@-qBEXGRnl?
zPh0N5MPmDXWO6N8d<BfH25kHWy%Xr?SON7VgK{zUt_;BD)SV5lL^!=iEGt7znXHl)
zT>Y#j2fG|8NT|(E-Pi&8x$*{AT9!r4;sP|Rm#n>*-`PN{XEP!vUl0ErUY9D>_y5as
ztd-S(2D+t-Tl?ce{iRZO8_`_(sd5(Dq-Nu<W~Uo&bs2PEpa#Pg&g7){h<i;^u5?ze
z&6${0qeajdI`|QT4VdJ28jhuak%0upQ*O4QB+4{UH(CXh4m+C{(NW96g4%t3Kl^F;
zo=8eZRKUIt59?{oFBCRZ$Tq4fL^Wi1S{4k<4*jo0m9fpHJ<x5~B_a=Kil(lo#24(2
z!+0MyPdv}dzudU{odsOGDjq-l8*?mN^d6lXnJA6kcL!Q^>MvAjQ>!j+x}D8Jzs|Pk
z@q(&x9RAq0(i)hX28baiO4ZdAp%A;WLN&J(;f(dnt_g)?k_!c=*r0$`*$JYuwoSaj
zrPU%9bX$C$OXcpi#QJK+MlnmJa^~y`^Qn+NsC}^zsI2GGz$7iJp25Nnv|wEkY)?qZ
ziJl8@#tzhIw9^v&Z?{bZYGH|!>C_H(p+hJ-oX}E;LhOB=VSC=y9TmvLht4g-zeyHX
zibv{!6&mfFQ5^b3;5#okff<sG4#p6<NubMX{bZ1J@YT|q182*sKP;*MrBYicN#QW#
z<rcg$FjBzLcb_8?dIo;*-dV8NQC7&0A`o@#MTz`nNs^NR5L;K&JufeAAU37!iHiR&
z{T1LlQ1RMh+UTjvL^SYOmO_hK&CcDPg!SC$h?qpuUn{KCmj_3{pw}x6eKXDRi?3Ez
zbY79{fXz)i_pTquqe{cdDeL*kk1$&mcz=bvWKh#^hNGPR#lq8l22_y0Keki0<4}qs
z%Q96==7)qdesc0uuiXNcm<lRb<#f5KI=hc1K|4j@_04~V;b9<EBl4y>AxnFZ6-M&}
z|9age5@zxt_=%bWNFF#RUp58qFS1tM*#>@!vz1ODCC$W?5o*RrH)Doonhf&Eu4<FL
z5InZw6BLY|Em1|;UEUdp>1jiO_;1CbchR9XXC3q>4BeW#ZhvRE$SgpYK(-ecq^f*N
zOo`DR-}{1Ah7CC$XL=`4vO>pO)xED9KR2b|iIH=!B&M?_Oh@Xs`Ex;S8WFF}ZYUO>
zPZ!FD+tI<+eB#PBkkYBzNom=r^zZq-UmZ}!cMaeYCJ=!EWxIHA`f-*xIuGmuf8MK+
zm(hQQ-K2!x#8Sz9W6@-C_w+<Y68rQC8w=}1!Yr<9nZW5w*VkEBcOz1t*J)XDcz6sR
z*NE+fGC<A!$tPmy+{Bkda?$8lQ$=)dR!F2fK=~3>;``kO58T6f#Ka&cQmz{`*-%o<
zzSOwZs_&a5ANaJo$?K60QB9{Pcmomqb{%Um9Ni!t@!FlHI4#5<@l-uI@J!)hR#NY)
zFZfhe!2-S65ip5pfK07*3@N3e;F)j!7~|t~J)ZO4wTYDJm{?1Mukygf))P%We(3ZF
zUF^|Hqgn<@fJh9J-B0!7oEOMHcgkP8XRQr%b)(A5nQ(D&Dd_2C-}>r{w}5jO5-W{A
z98f!<buCf)ut6TxvvX+G;F)WeHqCm^bCKNfnfcW!)vUP`vgI}|BygK<Ma9nw4{+Ou
zeT&#4<<UC$+0!X1=uJ-1)t4K09bG#{6Q>~=)Fy1ut?RtEkir8h@Ee=I)nOl>sNiH!
zuRV~@_w?2idKgj}pBCHvOp`$s{4>ONjvvCOKvgBG#HnW~s++5Pf0!vN{hV<{q|B_3
zNOE4Al9E0WllFj*^x($Odb7l1rc<#Bj_Z1?Peo#yMLjU0%SgHEx!D<U^93FFtM?+g
zHhAzr#mb`}({5q9mb<_z+Q&!P$;*rQW|fPJ`pa8NK3PN#BdgU@O%>SETiPH)gHQ*b
zQz&Dx>4;mspHw2QmWEMX1c5Wr17vcLp47$mh+=f<6*ITQc*H9v^*JBzA43)#-!t}x
zah{^PyZ?iDurdB)9};<4hrZ~s^FBh#UYWVF%oJT;XKh=hl2g^MVL!t$7JiZ6rVRGJ
zbiVe%3)H<V_wrWK`G*-YB@)Db`M5@DS>2};aQQ*|KeTS#Rqmu1g^Swx^tYDqvm;O3
z;@wGrQe%t(X4r*M2HU6H$ESyF+0`uKehX`76?+y3{W#7=dT0|TOMWMXD&SQ_p;?mm
zt#`~p^lVIIF=~~a_e8UM?JuQI`Or8{oV!$Z2n`XnSS$7XA99TdBO^D<I4d2^Y*7{N
zE(pA~#x)(5nuQ%9`6O2qZQ;e6>K^+hn+KXLx9I>@pI<GoUCZjZX1RN_NY0v~*>_zH
z;8_HZB@fpFVF|9_Ngn3iIyNpzK!Djj>f<XRnaYnm^W0#sN%yTPRSnBAPhc7^Yv&M2
z9sy`vMQB%xRJ7!xI_lF4L_sq-As9If+ZFpBHpfRY0d7K6_+zpPk}L-wK9qhcDG5?*
zq^G6trx4a!7j^M;NA(zYIQmD5dA?g{rDBtp!s%x2E(y4)@zUOL?{sLhs?zQ}?xivB
zk3i&6nau05wklRlZ7ecZ%?m1-`V=%{kKiAUaWnGPyV7qHidnMK*tlTxyW6i_S&@A!
z(_zzHaO;#6ursD`e&@(^dgzY^iNvy<ybla9vZ@D(5n_J6hhl7FveKmv#CAE!^DVov
z@zMP?&Bp2RXXdw+N$Zec@>U%y+E%~L!-#BwUA{%{mu76L<VRZogrXJBcY1@Wm~K$x
zh>SO!>{WW6^Pr&b%yu8Kw;0*w-<h7@fq21xA-&vg+#lLVXvpGkQTyVoc7(WP(*I3E
z){S?UL4%x^!I0uhOyZ{DQz#QB>5LL$#{e`C`$%(9c<t}|IPL9$fX}*J3}lNA`aeoJ
zJb>)wHhnREtbm~PLI1rHy=dT=Gz2wxyG#;hmD=}s5MQ|*|3%IGeUYYzTsa8`zUejf
zobC>^E^D?3J2LecN_F2>z6K*aGR5lMt6s1u+zG|EY;_i(XX;GK0O?g1E%cFJj`9PF
zvmvE@5vuirCqAhTVBwKfTK`<7Dq#3@Ce9{dnfR?EmB@Kzr~8-R;e~(7Os?xf!t<9j
zXKZ$hHCH|%p5!zgC3Y}8KWn=&KQl08$ILkN_)mVf?QqTesQ76I)EaY*RR#?nXgc@a
z2f%}B^m5-x1X6c}6XM&FN!YA*)gQ|MGG5k}6p&bDj$W@-UHaRK_V>_~)Lv#81}Yjg
z+_ExT;(j-B9wHyDM&%eJ{KS`0Sp!S=hpbq@q=KW}r(X3Hdx6sVsA6#+HGLt@DZ8qA
z2Sn1Bl}%X9=*@eD3{~%{R>k>q_Y`zKz(%66rB%f23P9%7@jTK=nrZt(OINS)FLH;y
zrb8O}1{xxGkPh9dWz<?w`G=Yytseu&mrI`N)xQ-=8mmbm52y~@Zo^xL<)^<KcifpG
zO=z`jouFJhU(Rq78<SL!V|6#Af{uNp(nb%(Y$Xl4_b+6k0<UsSGQ(zXJ9nUX738t5
zL9N=Cy#rs)AC?ip8~^&hy0fRx8>=2K*4A>YxsI}0c52-0VgnZ|hBliWh#8LksLJsC
zr-*9kk6G}5CM4w6TxapfcA$fNjlJRl)6*5hu*eC`Y<(X{a4u{P{XAJY{&_+2wy&}z
z=%W(}lZ1;hvuFb^0s;OK%xeaIjLHTPh|qI$#*E}>8H3qnfHgg)Yn$^1!+^=1kakeB
z!?WPCCR!0ZSo?fXIQU20Y~>vx=gH~BJvcggmL-SqSk?&|*D5*C18M7&M~&YsL<V27
zs;UM$&@$OU3zT1=-{Dt;D!^FxjsqafAPAfiOX_{-obh#a->$xnK^_)_5OF!Nt&zOY
zWIB3cUpd~QtY|oG18rdkyyw|aZJ9i}>_5?=?2(9yLzDuN+;Xo<^-&)k)p^r@j*O)A
z&hb@wtGje@cfU7vww9j5`Ep%4bCr+?xcFFpq%2_OnanDC4jDSX0vGX|ld3|1igTV=
zwJ}-zcX@{kbQ$B<U2Cr15ZDPHTEp(aM2+R)Ycrgrwpc9_!?ZA=mL-LWzxdiT&wKFA
zJl65Ji`$`Q`@;%xJ+u||b>gs~icG=FS9O%Fh5+A!V*6dCIUx>~m9)hcv+KVsl@n$e
z!`Ee9i@iD~AD)LX4LI1VZTo)~*cQ=9n|cI(I6$a?^)@r$i^JDOGOqeNDXvlJJ6|1~
zk43^*E@|XO|K+fRnw@$i;@&8<Ir3b|j*-^?Ny5Yl%gxGK7!nPe#~L@qmB_5?6Fa!!
zNV(Lj2*Cwu`$96<XQGpGw~;lhJ$1i~8*gkY7$BXEH0d_ZUzPi8bbHa=28W9L>pLzm
z9;sQRHZE<!>}>>@MIpK;0xts*MLi8<mnl?tAsy~LAF-byr>utX+|^@xCS)A^chJ+Y
zg9V4#HPInrS=3x0%AXL_vKO{8=67Gm^t`#jr3={<6T5rMWtZ9XZQf^Lz0|&ZBPG+Y
z4=N}iTy!%0G5Y&5!M9~@CyD~nlODs#B;T9+v%}_9N3Kqy%u$H%%Yz;rSO0t8Snrm@
zHr>yTh@BzSfMdVTTE&+S12zqAemv9MM*|;e!OtXpbDp00j5rVV+?L8Vo#Vbe^A1Vc
z4{tHhcl$I`N*(P9&eJSe8y`d;Wmsn}+yUJJ?8pXbgU8X)#rd~QyHyPKXF^`>ZBHkk
zss4*NUWn!fJ%{SAN3sr87We6Rcboon0IVR;mxHcezp;!*4aK4P3Ky+_u0&%Z=bDI*
zD2xALD`J$T-QjI(X`@tk@?&JCt+w_5t7zP#_yhyKnQ5gFBWfbWzhL6|8-;|$DF55{
zcxpa%S-B}n&nD<9Xd~M|!Kp1HJ^kaF`>e7)3+J;}8nmeF??r<l!Zzl<tc)uFJ*=o(
z8|GQV&U{afriQo`oBjIMgck44E|<2Pa?~I^JR#z|8Z&pJ=l8oJ6nv|%rdc1hFk-iM
zdzt2Vy`t`72$sw7Ccgdq0Z?@|t*^%zZEDbS{2Pni>QdRWzsPrBW+G32VyTd6-*jN2
z*R2L;$!SowOr~L{Veh2!q@rzh7)i?@7vFbx>k~DH=vx>$H-Ql|5Y=LmTyjh~KQ9)R
zjS#J_yB>W`u>Y-3!ys*`&jY`(9t&7P9(X`sEPCs2=5E#O`E6LSvGct2w(yTsW)q$7
zpuHt=r;Gf=jQby4(5*@;>K(UHR|$+L?R4&DLWR(IJq$R>teK3Oc3zoZ-!OLX4@2c&
z)x|k#KJ|D*L)NZHZJ%SgxqMkseXZEX1(j)0zV&aDwRGK3C?8emxBc2t@_L_&zo$x#
z|AOFFEHWjkzdlA}RNTTv(#h8n5WOvUv<envMb@2ut)u<x<G{ASUe|P;Wm}I3Ed#Yl
z#&JVa!{ax2G0f#VFJQS?uRVCC0W7(^gD`9<lU&b#Nzc#z94-kZ3G^@!#jFK&2G-KE
z<4q9~)hkmP8n1?F7B|WLi0!Xm;|{a-4&=C>7?~lelOA=Q(Q@0Z9p8c+yiA?TE2~0L
zbkq2mVv7Rq>B0AiWQPq@`QZ>(5Nc%`j-csi%ToP^LT6U0ydWReiJT3uqwSkA`llwt
zZx9c8H$=-&=72+{dy2p6E0@x2FvkR`n+z574OPqD4!Xbx9xC3pS=U!B`_Pc+$*96U
zCzpO*^9n%6A0T2bEr1I2%5^AmwlLy~X0pX1$N3&osimyb-8?~-#aM%9Z<Li1y;SO~
zjX#@GTibyTiCKpyl?Dou;WF>AOjDV=Aad%5b&q#o5G-zY7FrCe#0^+fG>H_I6A9Hm
z;b4@FezBmI>Z461)A;{UtBr7xZ5wM@aV*s9<C&acCkwvv`icsoJDvBfF0+Ec2guQ_
zz*-)u7NhV<vDTK2gkR^UnHtWc9}EtmWNU#NRw6wv1I5@~y$qdg&+sVt03BjgjxBw^
zV~(J<9BgmyqEA19%6}pULWO>BjQSdQfBl)4SeRAtqgXqethpbz0`gXi`-(5&Ja=PW
zV>!CZG}f?Da<q>`b2-B4eUsO1UgJz+5}lPg@;9n^=pgSs76m4|>6Pi&tRJ{VtUp=^
z1O4Y<auJ@7l~{)qPHXSI;Xe@!ew~eG3A6drzwjUQ+r!+fI(wBs^b!A@nP{cX<ul!v
zgQd3qX8%Oe9>lHLYHV_{uz04%b0(!&ATH{{W?#@uwZ_7CUsBH$cB4j2jPAnCYDuTI
z-1A}eTYav_m!(zXn!3~%A;s*zu5}o&Op(9pNS#@>KBaw*@5<LxWeE&8yKLHuZ-kVh
zsv1AEVvYL1%O0(A@#?Dfyt6{Mz#50TaaqmHx#;L$zWvglDY#hma6m%sexLoYS7krz
z0)6SIAZwMMRf~0QmbC#o2hYZis%UnYsxx737H$Sp(-EJEK1+1|e-q)cA7ZU^#5E*#
z)7nRSCN;)k-6Yl=G|DHpGv5*GMb1=HdA5LM$mTSIUtg|1|6;4VNf30N*`aI-%xI3p
zHTs5;RVuBmDYU>o-d}HTfC0(TLjGic&usWM%682+a&nC`(N_Kl2j3{%PoRr>plrE8
z-_T)vGiZo`T55n6rd&zVn2O^;$_sO1X9Some9hGST~>_8;}IM615p-2x!}gN(?IQh
zzUoF+Bl;OR^_W=OCjc?mJC<@g;;H%d(8gpMn!#0=z&ptp_BSPfYF`yu%U{|N(}LX9
z9AOW1P(~>;gcz4f{{E~K`ux(J<AS_}@U+?%j{k*wOU)Ed1E;XA8o*Zff3Taf=^b`A
z2^W2kb*`<&Zc--IHAn~!Q8ECM|Efi#mZ9-i<u2l~+3pUS;G*%nN@^Z`ucCaOqp~u~
zUWLllAt7>}%$c7^luen4BNf6VuJ~tHIiMu_I`IvXLYro@<6jr@rUpO$Hh;cjjggI!
zd`$<C({UiZrd1g)ww>!Nvg3;0p;o(w;R4A?>fp0a9#uWSb9Ixs1OVWOI%l)G*y_DT
zq=}&^=gNV_@8g;6S(&^e&}@=}2bfZ#InQj;wEZwA#vW?ZxGQ5HrWCXhw076WUT)jy
zEjJ)*8ap9pATyEpF{6Th=FV9i@5F$GOyglzdPQZdj^xt@Dp>gF?Zs_5ucE#r!T5M1
zV^BYwz!BCTUEE2<x|#M!v*mMVmr#`8{ZCG_Ta8KRc5+Pqp|_4h$ie#Q>4oTj6X?<d
zgH%lVFC5p`*HY$Df!Z@l!WtFcJly{Huu^^L#2=%k5?T>6NTlcFNFxrz3b=+BDnjup
zmvXqpymKtWD{%&Ri~pw<;QM!^8;rQEv!haLa$%=~K1HV@R*{r<u01W5HMio0@8x8)
zhc&>9yOB#;ho-?)Vbl9Pk%(sC^S95AZNp`SGUMm#1tK;+jzrks<}{f(A}1~rZMmBv
zE9tULGnod2vh&G0!9QCtn)ZHF$_yz<*Z^q8E#mP=tRaK5Xo{cj?yi{;#v65$L5#<K
zAy|vkXgs2#an!PLTXSWax{wof?|9cbtu1FUv(ClU73O?Amj80vFDg#8_wTKN`>oR#
z>eC;ww%CD?T>A6n0qstceM`V+lGl!IXp_#Rg8JGo$4f%I4Ybc)fvanmcpl>nEHx6}
zlyFnc?fm4LJa4w#A?N?n%!?`6^jD=$-1S(0tq7?nq(qEC9B!{9Yp|aTRIVr9fv>NT
ztnxN#1<n*7w`b1u-DdSjuUOnkL&dYV!NCvDl>IUk=Qj_5ua=ssRGoqM)d~Mb2q0_#
zYaSipj2Tj}0bG3IR3oaXsOVdD>W<ypGq+!F)4nMD-7*Uc=5{1!IGuq9-{3Dl$?wyM
zgz^x-gZo{z@>2sfL%kUAk=&jIHi$>Ks8r>tUy3Q7OatN}tkjh}^koUI@QbNLmKUU$
z=z721b0C8&*DHsrvGItaO77=Zy{pC{)Not<eD%6_n8M$Qs2y36al^}q4IfS@5O$$~
z{HB=``~OvTmSIu7?b>GuVE{=<3F(sVM(IYnQ9zLH8itlo3F(sV29XdLQo01BYXIpQ
zdL;Mq|GdY3_p$f!?Bjhu@MR5at$XfSbzSFq{?@xa$7L9wO%s|FrseO24USxHkj1g>
zncdOFZg#G)!hI3~DlILeYy&B-d-yVuG9C$t>HE^nGDr{U?*<m>vh|>jysCa1_P?$D
z2Vi*OlJdY^x1g15b2{b3wy5Npab%>fkyjSt^N@<Ff=U7>oIAQ<i6|PS{a)|(TTyy^
zqXg>?WY_L>jqt!nQ#bvUFS|2+3@ABh{Q2Wo7(Y{kYiQYv6A?M>PTzN4&wdaxZCJ8=
zV68k>eBsV|ne6#SwwkGCd?i6c>+t8l8ss3Au#P)-kRjIz4nFO)AQmvd{J|MpSlxF$
zUmkh+2nGg0iWii;1ZL--%kO{zd(qJY7b1nR{PIScEHlY&G!C{dU_$vPy7^r|P-fGO
zL;9s2Mt{gg8{qNFZ>ykje;ZuZk0M1;Fq=`u6aQ$bqNaVJYDFAE>e(U$bjm!OnLBMS
zdjS^&gZ=ba;iR8UkYu~J8(-|qIoy9d`-S%{RKjha@5DV+YBxMC6VaVlOo3@F^go*T
z`&bYLR|6>hnr(4ORM^WHa<o_aMxPqTxU7px=)E#>n+o6Eu~V0iuZR|mUkZ7do`r1%
zUqkyu4HH*?qu(<3^X>{`CI;@AJ3yuQh0y6<?1fvNAM>3VQ+Dy%GAU=;3DIC6sR{`n
zpp7M<)ETF(6*s};<m9y(6PMnb;|~0w2TkD}pY}6qpjQgNTy)8CQ?d_UU0RAxWYJt7
z;;8YwNE(BUPkAAe5dHluCo{X=rr&>Pt2Q;;q4<3`J9*<L%r*4Yw~D7cQTrL%O#A&0
z<&)Nq<?nkEO_H1!vGYLFKmY53o~o^I_sdXu`%j%HUeBIV?DQzPRP3<7dqEYtWdht|
zDXE{59n}Ve$wtL}B+#p|p_e4OpRfDiVb5QXsf*M!DqBw4e!92+^QTr^I8I_6&%6*3
zvaP2JKkaF5AS*d_D#c;U&Y@lDTWo6su{>WY_?ej8&)NO&1<#3KrdYStjHvgIg_nY@
z`eU;&krL?oRmS1s$8A$wowlDJ)r9%11~hS$c&xNaP#_-c7`kLy*U4Gr!r)s=tZjY^
z?l2o{J4z>I&xX6jJZ5#XcB9~jgBLh5nu=B%#LrmAPp%YS2TSinRA9pcoXDLT3l;Iy
z24r8SwU}@(2P^h7^GNa1;Uxx(@`r7v&d!(no7NHTHuMFZ8*fOvFfdS{iwGN(yFW39
zP{BQ3UxrFa`ZhYwuk(@MgL3rjypLA`RxpQFIn7$0tlnQX@k&TUTiop#Aa^x`u(Nl@
zCC+fGVVB0yF)?eJLD$4sl|Xvwhv2L!gEM-iPkL4s=gjs=KP{Osmd|Gvw00uhO)LwV
zIiqS0KnQq43K!>FDH|6O5?bGR_33eFx4d?OlM{%4b^BvGV26w$w;NP7sBo8{1YG9<
zQmsIKvNq~teOX%@6`2K;_o(%_-6L3Y@ZfI*7C#6nyX4kSoeSA+m^JU=sA&rYLfLC8
z$iAm8Q4Umz15R_bpp%mmR0KY?*!#D`DId1Q#l&34C9j_GP6)~L&7WC59HHLk<<Xs=
zp9f2eKAN1!Fpo!z6p-M>9A9bxb#+~qq~=;b{E3Xq4>D{W0=)MI2SUT*fYBCwDKNRG
zoYm<kCT<bC@X@dEy^G{)hDQYZ+wXoBeT*EO{UVPJRoO`D{yv9Z`sZvLXYg(<lC}>p
zy3;cTgi3l{7qa9)wUz#?Ue7ck_9|*Dr;63{)s2lan$v+OVbp5@6;}y?CHXI^PEJ)k
zh2o3&IlF>88N+CG9UT@+AAQmCDMNor^Toyns$$2+))7G0hP(`u9X{ON1#ze5`?%s>
zndRV6qFsDW84I+h)$X3{(d%FIWq^CEYUfVjTzYJeku<|qV6clJUkSKJEu^ANvuV>e
zLwkK&vtC)X=nP0;>zFP}-6J<V*yzlC*Dxf`f6DrvjSBbX5fBlD!u+p76_zk*p<2;r
z^R_t{kDHDj-6kXu9jtb&mIZ6pZg(l)u`v15_^z$3y$sFa??;6TG_w~SLi)DfZ0tdy
zZdS3#MVFPzZj4X#=yUa3Wuz3zNAo%8P|oU%GanZ;Xn~l2sN}`v(Fk~pBzXK#Zi@(c
z!Dy1{eDi9u<jt%a+#tH~R}nk>hYyE>N%n8uiGzg(98poyV0!q&8h#Lgb|4T%O*44+
zjy3Slu*JHA#Z3l^A8Me10of6d$Mk4t6o;&V<VbYhyvb{3GV`8)>wTVok5z=6oYY>6
z7XYNR^K;L_;$rMtd|X_K5@!F7QZ&tjI&_K{^=k%hQ6l`nw`Jiukr{F=8~#$6MGnv=
zDK~8ci1q#$BYfYIlj_8H<EafQR1;yGITS+7qJbsB_Y#PVdX)FQ7&mNtgb=0J8!ENr
z+3T_z#X^-b6B%{g_;os&hxbrkQB7o@lk;%9ZMkG%>V|RD@es&Ugns7ulk-!bDdjr~
zom>>D$6XTWOH7XmqD3E-8~Ms=>uN)Ul2?RoKmUpM@$vbD#>>sENfoFgsat&3!-6%n
zJc&iY`%9%$xZ6n8r0V#^sDt`rgk+b4`r0Es;kI}kE&i9)Dp|RL%r&S`jR;&@T`o;S
z#VD~rm1=Yf{}+03ay_yiS;VKs7$N&h{>LzKa&iKq+rKe?&*>ym8vg@cIeB^TF-}X-
zi8s&1C4AsZjD)J0m<#jmU|3YdTmBD1s4Fx(lS6>VJtitmYGcDQc>D>tqnXYil`>Ll
zV-<4!?aiQhdQB4IqN*+Bqt2*9%xWh?oCLk|&^ITyaleFFN>LfQ!;4vqS?U)RuA@4g
z*&8Qfod#)2SMs5S*`Yhei+Z3S8WfvyXyxkg=u7IAHoqKwc-|9rEhjrWLg82(02uJa
zK8l?rp`l#KfyU-8>sZQT3s>rThape1WF@}Ei~obRBtAbStkizvakrT7=(X9*bf0#~
zlc4Y3dZAct*x3#awVW>0o%<{cwNf0~g^FX*{Q5*+^QX0U06tE8vd<4-%orHiqnW}u
zYoXP{*}oeUK#8Hn<{OnPp)doq_Vmg7Ux#Y&5?ky<O3{53xH#LUzJb98>}rKL5_Iv~
zv*!yKc^=>$+mK%<e*=mcI#0=q6Mj5yLmZO5M^)~^x?J%m-ei_|<*Nwgg;@&K?aYtK
zcwA;n6ygtd?iLbDj*01YKEAjx*@dIDzslM8s;XL*?^|Yk5@~34D(S-rw8q#X7E%QR
zSP9L)6I9>NQXYzC!y6QWODNM(i(j2G4w_T6&Z;11MoJdmLj*&k_@jhT_U8SterA2d
z1buksR3oND!E!g6o)OaG9(p&F%t1&&!Pe$us*dg(Dp}<3>>3*x;uwo;8yATD_z@d~
z{LKXVB>W+LU~0dFePgEF&S488Bq#{JpO{kz{tlfdwRcPXs$RvM{f*XJNum*cr(HU1
zu&L1<_d)=P^=2q4A~{Aw7Q4pGrqpi)>04U=i(WpzI7zdXsd+M3xdZAPSgws6H`4AP
zlFmhTlaY~Gxw>l25s|lTRX)XodEn7XJ!kYsCB@eTBaK@(r#f^7=-@tp@O;0ywY3*C
zr_4!xV(br~Hp2T!^>UW{rLQOAmbMxcy5hAZ`z@0sx-PVxMx-#1+32?l>~jR?Rno6j
z?x5KZth;9{U8|1k{$TPXqFppinAoafng3t{lLngqSXgp9mf<%ug4$n>=-S;)W`2}Y
zgVHNMo}hKi-}Jl-GBy`8Hg{;-beH~FEc<3~+S~yhf*pNnkBwaZxw2WE%PzUUnHcQy
z_%`YK&`d@W_e)uf<l0nH<DUuF4M11aZi2aCD)f!@yw6N}C>0+a8S(r`*$+_@m?Nrv
z$M91n2?(lr3)&f$L=r!oxH99jnYAPyTo~UBY6j95`it?n9_zq*OpYw>Psvh!t3<KS
ze~aR?m%B-1K`9X=TW9ut--^(K3{Y5C_m$ikW8)Kq`$u!e7%A253gChn(ph;mInK8V
z`Rq(^%?>nju)5T#eqR_r6O%mua54W?LVSA_Y^L<(?=E>SOMU$mSH)uL;f#?>;{w;-
zMZ$}72u`w^ur$rr=qfiGY%&Juw7ob7%4!A}J%CGq32YlGeX)vbm>?jDc>sdyR~x63
z26BytQo7)fM*MYn$E0f54L@7BdG6=;>tABkw0qpe<l3Cw8J*T7iUzgRi<}UL6*+YG
zz_>4%9f~WuBUm55e85Ea36)s2`_=1ipM&nFa*<uxoi4Uzgo&KNh39j?T^jRdslQjl
zc4eC|5op`UH$5!h4=zS70D;YLRud*5Z9HzZy@2pbV7Xr72rHzNKbfJ^;`{tl46w9<
zTWjkE#-+vBEw$2&!(PosE0x@53#;=h{~0T5sp}^Y_j;bRmwx^;9Wycgtm()>AFW-G
zp_#Cm4jHE%%&_}(t_B@?!RdexUpymBGvdj7d-rP~**Sekgq36}CPl&Z-sj~@R8ns9
z=;mgTwfWvoNn1Z(3N!pr2`0#Wp%tnN^RMM8>a-PObbtQI5RO$|my_FA>g3;5+sb;J
zE=Mbj)2f}bbvoabn~i)45IJAn&MAYL;D48ms@c8lER@O-bEUiiBhC-<X}(C8ZMj9H
zrcQKuINqip6EA46uBpiI+4c^pG5jHOJYusHaxA#TCO!g3eH2#wlO;)r7*`wuXA|J2
zgAP3dNsIiXHQ<ix|H0ySI=uov-i{2Sa#ApKMLB{on-uCd2gWeXXT)#!Gc$Wtc(yll
zfqk5n`I`$y>@)_`g>_J+rx}ti|A-ewMT@$)wULQ|5i?yu649lY;{yW(UW`;su+`%D
zD-nKJOT1g!v_5M43yr;HUEx(|{cej=nC!*Q)@7;ZyKkfFxV?j7hrwxjyKBhiuQw6}
zhqUdD=>7JPiAnMN!OV)({<YZ}gB_uTzKGG@zskx7!WS6<;;kU2otYVZLW37U0eeG|
z;aCT13H^(hK^eO$<yVWpdT=bzAaBQjqN}o9?<p)(MKh_Y%iu=W!yo0LMG#C*oe9`r
zIXCg9qskH^$6|9Zk<u&KA5!sz3kv;Y_T6rOXFQj<dR4&H8D~Mj$me6jBEnT<kEbS-
z7LNw$P!}YfBv6%vHB~s<WE7x7!)QORsCxmlhwFo4-hr=nnK#&QmiH!|QXJ-?Fp8V*
zc&YQiOr6yi(?pN^(EVKm`}Q_7(V?&}*M(Ut>TiqjfZT(ScwyI@)<Qppk&?2U2J;=9
z;G8GC_|hG8v#twoIadZc7W+Z4Rc3#K159*3i{!16jeKCg{;J2te8h;3s}2(W*smo)
z1X;@gSYW)Do^s@<Qe|l3Q$W`TQ1Nz&gJSXUWf2lyS!Z)d5wVsV9ua}i(kLE4!Ti#D
zCTubCt5=<p2#oY(vd)dszkaJ3{mqPA6#vSCyUTnww6%2N6L)(lN6e68dw^=Ea5Kd+
z7#UC3C@=M~g3_(9l#&hn$}lS@<WJWg%F5hKOo6<f<xIsX|K}&-0m*FPoM^HPBHFs)
zEn6CuW15QQ3JH(<TOM)t8lR&|$?k%YmAe%zUni$fq?y>sfrsBP`MPS&H%_jtW93`V
zDaw<XL%?H(`ksxzBYYT#rZiNA$k^IO%2B?1HNonsP{)lS$-T=l#q)8s&c~Ug4D8Ph
zz24c{FCeZYZRMUeT6`g`SZJ?zQTitRY9e}Hn5*wC2fyP&hslBq7J_10t<#n;PS9cI
z3kO1KN~RJg7wY|%YQeKmA(t*$VHR!EY<r21_PZY#j)@y>h{q~OpSF4jjgOfS`d0%S
zlY;1=!EooaLmGI-&N%+YQkG{^V*U$YfOYjw;vj9dCSRch_0XGqI1MA#^YshjO|ki5
z)gJ+svquSZb9!pNV$0SEJ&b_<E-FV0G*~4tUod#DqsQ5Nxh~;o?u>)HVdpGDxllpk
zw$Q<+0<<(w@b-x!-<+MN8Xr)ROL8}${+}kbHiv-s;|<%{O?pX%J1xOey!ja_Jgu)K
z?`!030#l8TPk(g${n^-$<_xjnHOh5@ACJWKVzOvca-T`!EzWM!@##`WtL!h-o%LAq
z?gMHQ9ZRn^%z=4tkG6XZt(UdZx%cvud)*tm7WJurBq;MvTQ&()sR~L$L_@UA6bbKa
ztD{Yke(5n)-#^V{?!hyWPRHg-NQu17N?XIq=7*rvV3+>#=Igyul>14!Md&uB#w<KW
zmT5rqQ;**MDFI>m5u1+wYOF9`N|ceyzccF#C7kOfGTju?blRe`@-y%~;CQsx78d9u
zMomf<5tD>Yt2etT3BsW@E-HO4tL2SWMVxU^ue+CPR^xDX<?KO_<h6h7Eue;;`OT^}
zkN|ML{`-KvvJ!z|R=y3|0;kbu7zhtb$7u@8@n7p%Jw*fRF});Yzv-dvVsHZiPxxU^
zk)@$Q<=~60mlwDRl4w1?HycDrzZ%z01w{>;<{G{2?OKain@QnQ;*k-?sP}VoX`hdb
z9OXZideBnTKVcD8xet_qQw3#iFB)e~tV~9yA<=*IF_n4`d!oeCUF#_;^s_FC_kp%x
zkb}B@0rB+1M<#qqsO?)qbxygncf*zMOfdej<UjIgZpJ&N=9Kkzf6ir+6@x(;Y%x6-
zvaC2PC!Ja~q@a)>2EW3?wYrMu16((2lX~-piK&+S5gE=n<P{((P<vw|X?S=zJt4J6
zsaA`yI7#)&W}(Uly{2>BrOCw-$88$Cor^CXg{<-ZHa7PrOaKUAO49!_iXPk8I)%F(
z6*-0BLBmniv$8=lU`igQ&heF?7=#oY&6@LQGsVq1oFdBCEtwDogn9#kZ&n*0)hb8o
zFm5mJ>#-<lJFCdDEsCP3b;4z9sP3&UxLU0FNRB3pRL6@D)9VHN_s)!nVT$9_fQ<f-
zzrB5f?3?+6pc+>b)OP9{jhc|CU0sT=hpcSDw1n3C8opmEL6{nP&lq?g?Wc0TG>mFd
zDXA{P!PGED{XWAzET_`Osbmt@<l;(>siB)+UPis2YGY}1`7(1i8W-=`siWkiY=q-|
zUv!MhmICS4>rqqEme;4xZPYx;l>cH_M+3My=3r-I;u%?dUoU}R$Ashd{$s!_UDpjU
z;~#B#$sSC5;F5V!TbmDx#IE?9K_26U@ri&kpT<{jbs=1~gfqmzA=Ubss0KCS2J^p5
z8ad>WpD?VdnqBj99t+!j)^q<#jMz=@iT?2GQ)?n4yfyJ=t1Yv|pVHw%w~kL0$!Gif
zXkQ++J*#bYqfFLE)|`Qw2?KH0?=*Ey`v2s=U!x5cO)Nk*RXF0Kshpq(khUO_hE%__
zqC*vZif(dd0d@br!1H+j!^C-I)L*=6MsbXJPZfpV2}!54xMc+&+y76OKZTxtMnHIA
zJ+peV$cm++Bp|xM)CG2--v%JQwy7Ea(%1l+KrqnvHoNfR2LY;oZQow9fw|q5>st$E
zk6>+}K#|<UvGuP_7TgC8!S93@l+L5gD(u0lvo4wau>5L@@J&Ib=nvfq2fCxy@2aRJ
zMa-N*w@gNMQJ?S(Hc=9*vi^&g-g3X2oYY?V@qvA3$6CbG_n%5GMnfV|Bwdc$&NNz4
zavsS%nq3B9dfrF4f6_Qaa%YdtRj#&cBG94YJ|*UoQp@;FPK!3%CeP#8f>&3Z2How{
zr!P2Jt1IQ9o{Xn_VB}uci^D8QU;(ii;Ff=(mP88Ak$02lG!|?5+{8+<J9r{w74-qj
z14z6@*<2khZ_lG4#UUsYOeqcKK^GMkYbDZmWwi_vXCwU0mkSQ^golbWesbh776BJ}
zrU4hz>k3*%Mr^o4h5fWarc2Kl{b(@H%iTrX*_MH;yA$UA#Kzg%ScNNKbU$aT_%B=f
zNRt3vpP3zXewQtctPl@Ly$oZmX+#OshhXP3kd~fW0eb9E`Toz9`IyRY)`g7osQ2B5
z!+C2e;GA8GzZAD6pwYRFk`n>Pr13?OzForyT6R9cds(yQ{*P<gPO<m)_v^g&_1jMR
zo~8-AWMloBZ}Z~^_>H}EonpPu3rDxp_qVhCkKCF|8||K|7ci6yk}r1tc-^i6fw>Q0
z(wvS&vw2<R9AUGqi6g=Z)L2RE37McO*Ov*XfcxG|$V@<}DZix=^eTRBKuKNU^CP&=
z#rem}!t-C@QMd+}xAF1yrR7zMwgz$Ua*_ya`6EW;K9$5(fN~~9id<1?3Ve6(&VV@u
z<4fPx@=U&(WSP?`(S)21vV<o+RJjDGT1&tVz7EShZTUFaNkc#o42)I7`UJ>eaLN%_
z)1*_2d%xRaI!zH(7uJ9^*>4)vufJ|fx7FzfXp$k*zc`#~%kdJ0=2fx(M}z+Vy6oc-
z_5a>wzg_0p{%6$XV>dg%p*;EiZiUR;7u1$K;c^3D)UuG0dSaer0RTlU{Qd1g{dj1E
zi3=*UHzYWrvL;mOkewTLp1{SxdDUpdHE|hOpMCuW9g3;1;DU$W-c8sLYuwAB-)g^m
zpkS!Pvu;ICNS;eG@=IDIdM4JHcfWZD>%Bd?eN1djK@kk+zjV<JQ~+O1-bBhSVI^Ag
zlLAgAX!$$u!v!y{RVmN|(6vRo2atBT-@ZLLV4$M|U9I?Yw_i5Y0Ju50kC)e4b?cG)
zYuo0dSCERIKPx|Thqjw{sjPuKwzOJO%c&LvSV5~@E;=>F{e&A6^_V8MRGV{1bgUtd
z+dD#Xcn!r*0V!U#g+yPGkvHDFB>5p8o{p#+#Kidlom7iZsi6%EbK8m|x6d$sscMva
zHFL3FYZd@=ryJ|$Ea$;=r@5wi9eXM0;f`L*7T~YV)xHV)j9yk#vZfD$QicWr?L<g8
z#F`ncxTX+fgG~(ivC9P6)N(nlrc#IW?^b&gA*g@1neX<D9Hisn&9l(VZbWJdq8zg5
z?tk8?lC{eYH~5Q)#A?OX6H|MTDU)VrS6L!Y>rHG5D{I2kwEkjDLs5K@Yf>vr<TCzE
z6>-D&Qro3wj1!Dh@SehT0w|fU;<*(*LFM-*GfGPCvWO&^q#@g^h3Mvlb3mi3`z&Gv
zE%^7CsWim5RB<ks7Xr{b&D~61ZK-WM?=r8DI@F~ZJXZCe1<<}*@isWH7l!q)>|$mH
zv$;+(ZH}E$BIU+vlO_#hp+DcN@)G~&iNusl;LB?fW{?GKj;@Ki;FmJN6gFe^*Uexv
zUvc<TuUCx2rTUCJQw}3jN+5`28Bw9N%fp^>XH$;Pwq%)bQ*6?yx@B|NGVss)%Pv!O
zgF3-E@G%k6P*`?!s?PRH!R2E0Oo>wz4_AM&LpLyzxo#%v2h(F!X5Qrx=f8TufuJDi
zgj4)vpt*Urs@LtW(W#q=*Di5#<D!HIf2b!E=#-@a#L)hBvW+TCJN0~S!n$bcsV_f#
zU!BV4{Rean0KEPEcl49T5`|cZTiZAR7fG_%I5GcSh@EvfrxOzZ37(JEB#&<^j31Qi
zTbxJ+C@L%V4&JrD+Z3_N0Zbr0?c)%=W4hem7i*e<_(@xTrk=YqX7^U|`g%wcA=J$!
zVcJqPQzOaT1t4{El&obx1~{?YZn{+sr5uZcK&Cq8J+7n2Rx`PzY5;5{Owog={#yt-
zG?8p2Dv7&@Br)A3SKI{v6QJ->Mp*|l(aa~cKw6SAUOio4VA)xJ0X#mS_FNR3z$=O}
zi-}2P6jN6oAr;WU#h;$ZOy2Zn;$u-JQLsIC=@JwAHpUEO3;2eV_$iChYz#EdIWG#(
z1HPBVxXzt40^xgwk6xNph#z60xyS0Anz`GD29$59SGRTi0m!eErhJ@2`Kd^T)V#6|
zV%Hf4M#L<U+qyr>C3qRe9byspY<;h{#4T+V^q`#ULvzIh2fWC>z%%d9S=-E>z!n2B
zW5(VOQ;5N87zX0v_wXxHB^NDPGlqGG1uy~d?f})l?+B>LUY8s*g{~;@@$+L0s9II>
zi{9C-0?w!bTLy?hxo7D@{A3I<*^hDu7Zj+<=K1&8{X5HFG=<F?L`Wl4?Hbqh0qj=^
zB{k9^=Ams2U%nk1fsvOd>Q_1t;)*)iM;(X)FG0Nq{MPGaZx}bj)|6waw-;PKSd+&l
zoCQX~Fp5B~gJiE%dVR7VjtA&u3{<drZk2Na?~@wY6@99$#sQRJbWn!oSx*tj;5c#v
zFQDC6zAF3vMQyqMf2Q?e`7=KeSYnXp_LVyb9`tb>?ahh*EQaaJ?ZP7?M&?#3KN_3j
zs351Or|GXG_ZJ|P6cda4dYg0NiVpDYH#`@8F9@16+@6Ijn`?+ah=P%0+jXDQd<AD!
ztE>CV{<oC9;-~T-x(1uJ&)9@sdM*5ql34ww`h{vBq#l&hI|N1o7)eNKAJbtpa&Z`2
zlgo%G$L|9=l#H`z;<K+ovAGsXkg7)MV_|RFitdL)$*|3IaPylfOSy223ipG567t*8
z?|LpjP5nwV@w$Bc;gW?t!|krGx7qP+g!;pA%4H@t637z1?6%$HKn(=CexJNUE*+xD
z?dCHDE*;Kv8<9x>qRg!MX|(B-*&kkxV8E$aCARr*i&#~k|Fww4RL8h&X%Pb<lVZV0
zK-A+}!r<>1Vx4Q1z1t>?P6z||egI?3ChG*V?8ds9nzHYlz^g#q`@j`~ZHR%GEu5p2
zzsf4_8^c%C`b-mfxPL}KQO>oNI@197Cwna+i`+x98Y<Cyx~<odwP!NC*cB#qcloA{
zh8fON_pVvJrH&CQky1P8H##L6U>_OOK&62ZZ#2n$YlWu;ua6yJFba=^0N=l~vsPdA
zXt_1_chx8Xfb|2&l&|%LObPmKXn{|s)?KGtB;?+g`w#sSV+do)&#BsXkI$;aLoVO-
z%z4$4%L`V`wFr^zrxwmfujwWhnb%STTNoR&qXfCTPg<Q{DRgBkyxIy)rQznf_YHu1
z0T8&_D215j+uC%UA4WyHPddjxfNR(Ky7(Ia=Qf+Wj+I+4#&@io8ayP)V`|?U*Rq}M
zkAk8=y;U`|mL2k@?amFXV!!D6Cxfce<cs}O`?r9RC!H=%P9(22lQlFn@Bq<z^RgMU
z;59c+Q1e>YMV<kGh?}ycy!$DtW=r8t(y93g(WF-b7_R@*ZCL-0;rg%N@Ll@O_E)|6
z0VQqB+m(<v2U6M*U$2EsTiBmEoN7DvX-!G45x}P&*EctlCmms8V#;^MvFscj&ZB)b
z&d8K9r1h&phYE8QO47FR%UFPJk$)OTMD&d#Vf`GRzw<oG)VHQnLqj-Zh}UiVe&31u
zr(hIa`tJo}<2~<47I~i!cg$3Sv8=2t{ZSsEqTU`H9g#}k-QC5fq&#YYwX_OkmsG;I
zB8C*C{z5XH%~cAHGN`!D!uY>VJ_jPt^aJb1&g%az|7{(<WBE`1Td^GN9?paJUkr5z
z;X;Swc;|H9h1hS1ms^U}?%D)T9tsKyUIAqbAT*9-+M55Ut_G>wS^pR}_xnYG36r!+
z9rqOmjwS!jYl^|jGThWZN?52i<VR0B@h@o`))d~zqv4V0(+ToY?qieE3CKwz%G(=o
zA~j4<Yi76xW!%32g*#xodi{pUK2xl=@fjLMdLtlki$x>q)eVW9CN>==9$b!Zy%$9C
zc><A%lloe<>L_7OxQ}}E7)bPzuhExWS1a0eR`WGOn%B#<^+?$CqB`fut$09B69mBM
zU-nEK7$X~ITUY9?R)rJZ$_yWUS)~XPm+~LOwK+Ac$CwvROiWBrV~$x>R8WXcHF#`f
ztTgJ?vPs*!!VwpK-0}pPgZ!3LgETC$c5oQ>@_h-u-|4CP&^K(UcfZ1|Y%j$ny;%88
ze)BmcyT_sK!u`cp)?{O|z#-es8@%MkQQjqMso~>}>V?x8t5;Xrzx5(daszE``!5$n
zzRWMW3*x&g1&1CJ%ss<DRy_BzMzD5uwBEhuJBB0GF3qWj*G<)gvfsuCdQ~p`*=%r=
zScn@>dHZGtVuw+gcQ#&;pvz6!cd|dMJhj`A@ow{eUul@C@S!E^Y2fnmaszCSsdoj3
zTYe)0_!57<(@sQ!og2e+LLV-dgP1A96FvT1Aq*4h-Td0KcfXS_^iIdLi8zAq&l=vQ
ztE!n0^;tS_;|;lc8>Q0Dq%ftL^H56*&O<V&1iBQlFi#*Q`(q3j?j9afh6-sh=$=Hm
z@cqKFT~mUn!$YTjabmh3VZJp}UVX`M3-e522R1$XuR*#gf8^9oMX}nyi&QKh3}43_
z&}NYb4b>FC6<Se699ws2r7Y;lo>ou{7LN>5jf|;bXdnnnBIgQzjwxGZ!-$O~X4pX3
z?K+mSVl=!K&wGB3dwXiw-l!lnEmqSi#mi=XBbw>!PbiGWi#PYd4qY8BfeevFDe#)N
zQweE*#uDcG7sW+cvj*PY8PBBXB$x}}+)qx;s54;kLr3=N{6xOid=b+9xgK%oHB>qk
zc!q=%<ic;}3^Zm}?1VAu0-_?bYJ-VxyN!C}3Lt@WMW<yytfsyuC=bfvceyOJ@y03+
z+oUiGIdLMJntZgM8x*cI^Tt}3@@y|`Cse7?cHjhd)IsKo`S*wVWi!mq(oir~tuW`l
zL#6!|_u8<IWsp^k8oHqtFuq97p%OvS=gFIP63qJ*=_~xVeKAx|O!#jvlD{!p&d^a?
zMF4X-dl6CjmOsIWZyZ5Je2=&L%n^-NRJ}=8YO>BGIm_*b6>wzHe&!9HXJ}MCVEKVY
zOt=+N>q!(?L0wb3s8<!psk0i$a8}Rj$L9>&m~OqI-CQr%dnTBg7C%T6Zk%&OTj)Li
zx#?JX01EA!yC^p~Tf|*eM?MldU2~L?g3|3VV@S)4$(hpfE4L1F`0zPdS@jUyUxrpm
z-?#0ktlj6a5p32?yz=9dTBvv3&HFPiLi1QSvhLOXOBUU(z!sMw*?K!FX(=1?aYe7A
zCW`~kDxP<#FL$mkFQY|Z%a8kLuLj42YhEmNohinlU`Pi``F!Ptu$(=+BnYfzD=5$w
z4#v9K`-+#>A6|FLhOCe8tOaW!BGpZ&E(o|4_KKHBCtAVMG^E}*7w`7$;hJIOl6)?o
zxfYM3X$aE7iII5(zG$pSkT=~A%r_WO@rw}zXzM^&!(-Lyp$!>?C4s!W;nBaKsDq5`
z)a_6|1^X%k=P6Tw`mBN@ZPAT$IC%NhS~gVb_|Mj}41|c-W1F*H%LxLY0j!h7_1;Ab
zYt8VjvgqD3d}a_CIxCV3{^!slelRRqc=^5Gg40V7fz2%k2S*<1bEZ>xWM)Zh#I$Ig
zMCeqxE%oe{s8a4z5O&}|Uj+8q>xcyxY+Dw_v^>kkkLf|=>@VmJrtS4SKT0(7LW#fP
z>kf?M!6QfVhQ7Q2OON57^pB8q$6?05Nb6+}snKOu*cl$}nbnY0083h4j6kt>BiYey
zULj=Rava2u*lrJJ^@LH{HkjdWM<~~0Yf1M=o*{f^IT1tN*Z~95GIacLp|pIF-u$+P
z-493#6m-H>be{d*7?fk@4#G}SJ!mnFuI%p<A8P#SLtOBWofBvnKScbSZ?pxL7UFLG
z1KlN>o5K&}vhKm&5tlP|v#6(iTGjqQ+Qfuyam`-tfQPR<FsUSdw5DYBmd^>bSf6~8
zf?tH#8Mg*MeZ`f^&z{(W=rrb_%6_f|%wdT8>}#=4T38>We>w0NfLDy-li!nlnh4z%
zzij3QVM{6Yk)h{v-K+dQ8FPFZDAKI}9R5Oa_TLmgNYlKJ5IhKrtSQqSN*iR5(u|)K
z3HD`QB?M0IF{b-N0?T`XptjFPrS-KAhWfH_!pO+x3f;*!W|^~epc>$?f?di4*Tjub
zSYMYu1+Cn95^J&LDPi_LU)jG7MrqA3!v_PumlD-38NY7q?M55&#WF6Bm4Uo@THS`N
z9{7Na`2Z7)3<u74?(8Tf>4i_luld@U&WGv@=vQI~oKE!RT&L8CkfA6TIcTBiO2O##
zFM+WWDgq0ifq)CE2kvJS@Mjr0U{)E{-(@JHGRmMnfyRRVej0@Z>{^ZrP;`TVHABaF
zW&VCjNGH=37gb=#3<lQJLWn*BHmdZD9+*W!H-S;cziVPk^#dD40n5Dy&Mx}c;&fm&
zMwzZ{a$uv+LZX06pW=@RfyBSVVMS7*{r!}H5cSDzlt_k6!rwJ9a;*OD^4|{j7Jt-M
Xa@4*^@DK0?HWX!f4Y}%<uS5R>A@+E<

literal 0
HcmV?d00001

diff --git a/docs/userguide/networking/images/overlay-network-final.svg b/docs/userguide/networking/images/overlay-network-final.svg
new file mode 100644
index 00000000..8ff3b3e5
--- /dev/null
+++ b/docs/userguide/networking/images/overlay-network-final.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="380.00000000000006" height="282.0000000000038"><style xmlns="http://www.w3.org/1999/xhtml"></style><defs><linearGradient id="WBDbaulTBpzM" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="zcdeGreihvVX" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="IFThKrznsSOS" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="XiKzsGTSXNUh" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="EtyquTIDLrxf" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="awBywGbvdTBT" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient></defs><g transform="translate(0,0)"><g><rect fill="#ffffff" stroke="none" x="0" y="0" width="380.00000000000006" height="282.0000000000038"/></g><g transform="translate(0,0) matrix(1,0,0,1,75,98.51999694824218)"><g><g transform="translate(0,0) scale(0.6084739830463705,0.6000000000000001)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="matrix(1,0,0,1,54,162)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24.80000114440918" y="12">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33.60000228881836" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46.400001525878906" y="12">t</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,170,135.51999694824218)"><g><g transform="translate(0,0) scale(0.6084739830463705,0.6000000000000001)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="matrix(1,0,0,1,149,199)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24.80000114440918" y="12">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33.60000228881836" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46.400001525878906" y="12">t</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,271,104.35999694824216)"><g><g transform="translate(0,0) scale(0.6084739830463705,0.6000000000000001)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="matrix(1,0,0,1,250,168)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24.80000114440918" y="12">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33.60000228881836" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46.400001525878906" y="12">t</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,165,8.18899694824222)"><g><g transform="translate(0,0) scale(0.4877347541024086,0.4893104486600422) translate(1.204592e-14,0)"><g><g><path fill="#02709F" stroke="#FFFFFF" d="M 99.554 18.074 C 99.554 28.302 77.168 36.592 49.552 36.592 C 21.939 36.592 -0.443 28.302 -0.443 18.074 L -0.443 60.746 C -0.443 70.972 21.943 79.262 49.559 79.262 C 77.171 79.262 99.557 70.969 99.557 60.746 L 99.557 18.074 L 99.554 18.074 Z" stroke-miterlimit="10" stroke-width="1.2853"/></g><g><path fill="#02709F" stroke="#FFFFFF" d="M 49.559 -0.442 C 77.171 -0.442 99.557 7.848 99.557 18.075 C 99.557 28.303 77.171 36.593 49.559 36.593 C 21.943 36.593 -0.443 28.303 -0.443 18.075 C -0.443 7.848 21.943 -0.442 49.559 -0.442 Z" stroke-miterlimit="10" stroke-width="1.2853"/></g></g></g></g></g><g transform="matrix(1,0,0,1,144,49)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="88" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="88" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="2.3125" y="0" width="85" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="2.4000000953674316" y="12">K</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="10.40000057220459" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="16.80000114440918" y="12">y</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="23.200000762939453" y="12">-</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27.200000762939453" y="12">v</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="32.79999923706055" y="12">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="12">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="42.400001525878906" y="12">u</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="48.79999923706055" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59.20000076293945" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64.80000305175781" y="12">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="75.20000457763672" y="12">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="79.20000457763672" y="12">e</text></g></g><g transform="matrix(1,0,0,1,184.88673770512042,42.68899694824222)"><g transform="translate(0,0)"><g transform="translate(-222,-30.199996948242188) translate(37.113262294879576,-12.489000000000033) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 189.38673770512042 47.18899694824222 M 189.38673770512042 47.18899694824222 L 191.1356239827703 48.15925299065982 M 191.1356239827703 48.15925299065982 M 192.8845102604202 49.129509033077426 L 194.6333965380701 50.09976507549503 M 194.6333965380701 50.09976507549503 M 196.38228281571998 51.07002111791263 L 198.13116909336986 52.040277160330234 M 198.13116909336986 52.040277160330234 M 199.88005537101978 53.01053320274784 L 201.6289416486697 53.98078924516544 M 201.6289416486697 53.98078924516544 M 203.37782792631958 54.95104528758304 L 205.1267142039695 55.921301330000645 M 205.1267142039695 55.921301330000645 M 206.87560048161941 56.89155737241825 L 208.6244867592693 57.86181341483585 M 208.6244867592693 57.86181341483585 M 210.37337303691922 58.83206945725345 L 212.12225931456913 59.802325499671056 M 212.12225931456913 59.802325499671056 M 213.87114559221902 60.77258154208866 L 215.6200318698689 61.74283758450626 M 215.6200318698689 61.74283758450626 M 217.36891814751883 62.713093626923865 L 219.11780442516874 63.68334966934147 M 219.11780442516874 63.68334966934147 M 220.86669070281863 64.65360571175907 L 222.61557698046855 65.62386175417667 M 222.61557698046855 65.62386175417667 M 224.36446325811846 66.59411779659428 L 226.11334953576835 67.56437383901188 M 226.11334953576835 67.56437383901188 M 227.86223581341824 68.53462988142948 L 229.61112209106813 69.50488592384708 M 229.61112209106813 69.50488592384708 M 231.360008368718 70.47514196626469 L 233.10889464636793 71.44539800868229 M 233.10889464636793 71.44539800868229 M 234.85778092401785 72.41565405109989 L 236.60666720166773 73.3859100935175 M 236.60666720166773 73.3859100935175 M 238.35555347931765 74.3561661359351 L 240.10443975696757 75.3264221783527 M 240.10443975696757 75.3264221783527 M 241.85332603461745 76.2966782207703 L 243.60221231226734 77.2669342631879 M 243.60221231226734 77.2669342631879 M 245.35109858991723 78.23719030560551 L 247.09998486756714 79.20744634802311 M 247.09998486756714 79.20744634802311 M 248.84887114521706 80.17770239044071 L 250.59775742286695 81.14795843285832 M 250.59775742286695 81.14795843285832 M 252.34664370051684 82.11821447527592 L 254.09552997816675 83.08847051769352 M 254.09552997816675 83.08847051769352 M 255.84441625581667 84.05872656011113 L 257.59330253346656 85.02898260252873 M 257.59330253346656 85.02898260252873 M 259.34218881111644 85.99923864494633 L 261.09107508876633 86.96949468736393 M 261.09107508876633 86.96949468736393 M 262.8399613664162 87.93975072978154 L 264.5888476440661 88.91000677219914 M 264.5888476440661 88.91000677219914 M 266.337733921716 89.88026281461674 L 268.0866201993659 90.85051885703434 M 268.0866201993659 90.85051885703434 M 269.83550647701577 91.82077489945195 L 271.58439275466566 92.79103094186955 M 271.58439275466566 92.79103094186955 M 273.33327903231555 93.76128698428715 L 275.08216530996543 94.73154302670476 M 275.08216530996543 94.73154302670476 M 276.8310515876153 95.70179906912236 L 278.5799378652652 96.67205511153996 M 278.5799378652652 96.67205511153996 M 280.3288241429151 97.64231115395755 L 282.077710420565 98.61256719637514 M 282.077710420565 98.61256719637514 M 283.82659669821487 99.58282323879273 L 285.57548297586476 100.55307928121032 M 285.57548297586476 100.55307928121032 M 287.32436925351465 101.5233353236279 L 289.07325553116453 102.4935913660455 M 289.07325553116453 102.4935913660455 M 290.8221418088144 103.46384740846308 L 292.4374511336982 104.35999694824216" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,184.88673770512042,42.68899694824222)"><g transform="translate(0,0)"><g transform="translate(-192,-42.19999694824219) translate(7.113262294879576,-0.48900000000003274) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 189.38673770512042 47.18899694824222 M 189.38673770512042 47.18899694824222 L 189.4331576707298 49.18845817237057 M 189.4331576707298 49.18845817237057 M 189.47957763633917 51.18791939649891 L 189.52599760194855 53.18738062062726 M 189.52599760194855 53.18738062062726 M 189.57241756755792 55.186841844755605 L 189.6188375331673 57.18630306888395 M 189.6188375331673 57.18630306888395 M 189.66525749877667 59.1857642930123 L 189.71167746438604 61.185225517140644 M 189.71167746438604 61.185225517140644 M 189.75809742999542 63.18468674126899 L 189.80451739560476 65.18414796539734 M 189.80451739560476 65.18414796539734 M 189.85093736121414 67.1836091895257 L 189.89735732682348 69.18307041365405 M 189.89735732682348 69.18307041365405 M 189.94377729243286 71.1825316377824 L 189.9901972580422 73.18199286191076 M 189.9901972580422 73.18199286191076 M 190.03661722365158 75.18145408603911 L 190.08303718926092 77.18091531016746 M 190.08303718926092 77.18091531016746 M 190.1294571548703 79.18037653429582 L 190.17587712047964 81.17983775842417 M 190.17587712047964 81.17983775842417 M 190.22229708608901 83.17929898255252 L 190.26871705169836 85.17876020668088 M 190.26871705169836 85.17876020668088 M 190.31513701730773 87.17822143080923 L 190.36155698291708 89.17768265493757 M 190.36155698291708 89.17768265493757 M 190.40797694852645 91.17714387906592 L 190.4543969141358 93.17660510319428 M 190.4543969141358 93.17660510319428 M 190.50081687974517 95.17606632732262 L 190.54723684535452 97.17552755145097 M 190.54723684535452 97.17552755145097 M 190.5936568109639 99.17498877557932 L 190.64007677657324 101.17444999970768 M 190.64007677657324 101.17444999970768 M 190.6864967421826 103.17391122383603 L 190.73291670779196 105.17337244796437 M 190.73291670779196 105.17337244796437 M 190.77933667340133 107.17283367209271 L 190.82575663901068 109.17229489622106 M 190.82575663901068 109.17229489622106 M 190.87217660462005 111.17175612034941 L 190.9185965702294 113.17121734447777 M 190.9185965702294 113.17121734447777 M 190.96501653583877 115.17067856860612 L 191.01143650144812 117.17013979273447 M 191.01143650144812 117.17013979273447 M 191.0578564670575 119.16960101686283 L 191.10427643266684 121.16906224099117 M 191.10427643266684 121.16906224099117 M 191.1506963982762 123.1685234651195 L 191.19711636388556 125.16798468924786 M 191.19711636388556 125.16798468924786 M 191.24353632949493 127.16744591337621 L 191.28995629510428 129.16690713750455 M 191.28995629510428 129.16690713750455 M 191.33637626071365 131.1663683616329 L 191.382796226323 133.16582958576123 M 191.382796226323 133.16582958576123 M 191.42921619193237 135.16529080988957 L 191.4374511336982 135.51999694824218" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,91.9374511336982,42.68899694824222)"><g transform="translate(0,0)"><g transform="translate(-187,-47.19999694824219) translate(95.0625488663018,4.510999999999967) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 189.38673770512042 47.18899694824222 M 189.38673770512042 47.18899694824222 L 187.63596995202016 48.15585385322055 M 187.63596995202016 48.15585385322055 M 185.8852021989199 49.12271075819888 L 184.13443444581964 50.089567663177206 M 184.13443444581964 50.089567663177206 M 182.38366669271937 51.056424568155535 L 180.6328989396191 52.02328147313386 M 180.6328989396191 52.02328147313386 M 178.88213118651885 52.99013837811219 L 177.13136343341858 53.95699528309052 M 177.13136343341858 53.95699528309052 M 175.38059568031832 54.92385218806885 L 173.62982792721806 55.89070909304718 M 173.62982792721806 55.89070909304718 M 171.8790601741178 56.85756599802551 L 170.12829242101753 57.824422903003835 M 170.12829242101753 57.824422903003835 M 168.37752466791727 58.791279807982164 L 166.626756914817 59.75813671296049 M 166.626756914817 59.75813671296049 M 164.87598916171675 60.72499361793883 L 163.12522140861648 61.691850522917164 M 163.12522140861648 61.691850522917164 M 161.37445365551622 62.65870742789549 L 159.62368590241596 63.62556433287383 M 159.62368590241596 63.62556433287383 M 157.8729181493157 64.59242123785216 L 156.12215039621543 65.5592781428305 M 156.12215039621543 65.5592781428305 M 154.37138264311517 66.52613504780882 L 152.6206148900149 67.49299195278715 M 152.6206148900149 67.49299195278715 M 150.86984713691464 68.45984885776548 L 149.11907938381438 69.42670576274381 M 149.11907938381438 69.42670576274381 M 147.36831163071412 70.39356266772214 L 145.61754387761385 71.36041957270047 M 145.61754387761385 71.36041957270047 M 143.8667761245136 72.3272764776788 L 142.11600837141333 73.29413338265712 M 142.11600837141333 73.29413338265712 M 140.36524061831307 74.26099028763545 L 138.6144728652128 75.22784719261378 M 138.6144728652128 75.22784719261378 M 136.86370511211254 76.19470409759211 L 135.11293735901228 77.16156100257044 M 135.11293735901228 77.16156100257044 M 133.36216960591202 78.12841790754877 L 131.61140185281175 79.09527481252711 M 131.61140185281175 79.09527481252711 M 129.8606340997115 80.06213171750545 L 128.10986634661123 81.0289886224838 M 128.10986634661123 81.0289886224838 M 126.35909859351098 81.99584552746214 L 124.60833084041073 82.96270243244047 M 124.60833084041073 82.96270243244047 M 122.85756308731048 83.9295593374188 L 121.10679533421023 84.89641624239714 M 121.10679533421023 84.89641624239714 M 119.35602758110998 85.86327314737547 L 117.60525982800974 86.8301300523538 M 117.60525982800974 86.8301300523538 M 115.85449207490949 87.79698695733214 L 114.10372432180924 88.76384386231047 M 114.10372432180924 88.76384386231047 M 112.35295656870899 89.7307007672888 L 110.60218881560874 90.69755767226712 M 110.60218881560874 90.69755767226712 M 108.85142106250849 91.66441457724547 L 107.10065330940824 92.6312714822238 M 107.10065330940824 92.6312714822238 M 105.349885556308 93.59812838720212 L 103.59911780320775 94.56498529218045 M 103.59911780320775 94.56498529218045 M 101.8483500501075 95.5318421971588 L 100.09758229700725 96.49869910213712 M 100.09758229700725 96.49869910213712 M 98.346814543907 97.46555600711545 L 96.59604679080675 98.4324129120938 M 96.59604679080675 98.4324129120938" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,274,122.3854006442422) scale(0.35227944162413477,0.45039275046220717) translate(-0.4429050300735753,-0.7077644040000006)"><g transform="translate(0,0) scale(1,1)"><g><g transform="translate(-604,-7)"><g><g transform="translate(604,7.071429)"><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 3.756617 15.69689 L 9.798454 15.69689 L 9.798454 21.56925 L 3.756617 21.56925 L 3.756617 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 11.1692 15.69689 L 17.21104 15.69689 L 17.21104 21.56925 L 11.1692 21.56925 L 11.1692 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 11.1692 8.167081 L 17.21104 8.167081 L 17.21104 14.03944 L 11.1692 14.03944 L 11.1692 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 18.58083 15.69689 L 24.62267 15.69689 L 24.62267 21.56925 L 18.58083 21.56925 L 18.58083 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 18.58083 8.167081 L 24.62267 8.167081 L 24.62267 14.03944 L 18.58083 14.03944 L 18.58083 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 15.69689 L 32.03525 15.69689 L 32.03525 21.56925 L 25.99341 21.56925 L 25.99341 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 8.167081 L 32.03525 8.167081 L 32.03525 14.03944 L 25.99341 14.03944 L 25.99341 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 33.40504 15.69689 L 39.44688 15.69689 L 39.44688 21.56925 L 33.40504 21.56925 L 33.40504 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 0.6363354 L 32.03525 0.6363354 L 32.03525 6.508696 L 25.99341 6.508696 L 25.99341 0.6363354 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 12.19391 30.04752 C 11.26506 30.04752 10.50971 30.78168 10.50971 31.68447 C 10.50971 32.58634 11.26506 33.31957 12.19391 33.31957 C 13.1218 33.31957 13.87715 32.58634 13.87715 31.68447 C 13.87715 30.78168 13.1218 30.04752 12.19391 30.04752" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 58.90479 18.73416 C 56.87647 17.59658 54.17619 17.44099 51.87563 18.09876 C 51.5919 15.72205 49.98534 13.63789 48.07492 12.14534 L 47.3167 11.55279 L 46.67925 12.26832 C 45.40053 13.70683 45.01902 16.09752 45.19348 17.93478 C 45.32192 19.28571 45.75807 20.65621 46.61407 21.74068 C 45.96416 22.12081 45.22511 22.42267 44.56753 22.63975 C 43.22746 23.08043 41.77331 23.32547 40.35847 23.32547 L 0.6134818 23.32547 L 0.5281695 24.21615 C 0.2434756 27.18727 0.6623686 30.16211 1.925758 32.87702 L 2.470223 33.95404 L 2.531571 34.05466 C 6.269017 40.22329 12.83135 42.82174 19.98417 42.82174 C 33.82968 42.82174 45.24907 36.81056 50.49338 24.11366 C 53.99886 24.29161 57.58389 23.28447 59.29876 20.03106 L 59.73683 19.20093 L 58.90479 18.73416 L 58.90479 18.73416 Z M 12.19391 34.79068 C 10.43111 34.79068 8.997093 33.39689 8.997093 31.68447 C 8.997093 29.97112 10.43111 28.57733 12.19391 28.57733 C 13.95671 28.57733 15.39072 29.97112 15.39072 31.68447 C 15.39072 33.39689 13.95671 34.79068 12.19391 34.79068 L 12.19391 34.79068 Z" stroke-miterlimit="10"/></g></g></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,173.00000000000003,155.3854006442422) scale(0.35227944162413477,0.45039275046220717) translate(-0.4429050300735753,-0.7077644040000006)"><g transform="translate(0,0) scale(1,1)"><g><g transform="translate(-604,-7)"><g><g transform="translate(604,7.071429)"><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 3.756617 15.69689 L 9.798454 15.69689 L 9.798454 21.56925 L 3.756617 21.56925 L 3.756617 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 11.1692 15.69689 L 17.21104 15.69689 L 17.21104 21.56925 L 11.1692 21.56925 L 11.1692 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 11.1692 8.167081 L 17.21104 8.167081 L 17.21104 14.03944 L 11.1692 14.03944 L 11.1692 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 18.58083 15.69689 L 24.62267 15.69689 L 24.62267 21.56925 L 18.58083 21.56925 L 18.58083 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 18.58083 8.167081 L 24.62267 8.167081 L 24.62267 14.03944 L 18.58083 14.03944 L 18.58083 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 15.69689 L 32.03525 15.69689 L 32.03525 21.56925 L 25.99341 21.56925 L 25.99341 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 8.167081 L 32.03525 8.167081 L 32.03525 14.03944 L 25.99341 14.03944 L 25.99341 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 33.40504 15.69689 L 39.44688 15.69689 L 39.44688 21.56925 L 33.40504 21.56925 L 33.40504 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 0.6363354 L 32.03525 0.6363354 L 32.03525 6.508696 L 25.99341 6.508696 L 25.99341 0.6363354 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 12.19391 30.04752 C 11.26506 30.04752 10.50971 30.78168 10.50971 31.68447 C 10.50971 32.58634 11.26506 33.31957 12.19391 33.31957 C 13.1218 33.31957 13.87715 32.58634 13.87715 31.68447 C 13.87715 30.78168 13.1218 30.04752 12.19391 30.04752" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 58.90479 18.73416 C 56.87647 17.59658 54.17619 17.44099 51.87563 18.09876 C 51.5919 15.72205 49.98534 13.63789 48.07492 12.14534 L 47.3167 11.55279 L 46.67925 12.26832 C 45.40053 13.70683 45.01902 16.09752 45.19348 17.93478 C 45.32192 19.28571 45.75807 20.65621 46.61407 21.74068 C 45.96416 22.12081 45.22511 22.42267 44.56753 22.63975 C 43.22746 23.08043 41.77331 23.32547 40.35847 23.32547 L 0.6134818 23.32547 L 0.5281695 24.21615 C 0.2434756 27.18727 0.6623686 30.16211 1.925758 32.87702 L 2.470223 33.95404 L 2.531571 34.05466 C 6.269017 40.22329 12.83135 42.82174 19.98417 42.82174 C 33.82968 42.82174 45.24907 36.81056 50.49338 24.11366 C 53.99886 24.29161 57.58389 23.28447 59.29876 20.03106 L 59.73683 19.20093 L 58.90479 18.73416 L 58.90479 18.73416 Z M 12.19391 34.79068 C 10.43111 34.79068 8.997093 33.39689 8.997093 31.68447 C 8.997093 29.97112 10.43111 28.57733 12.19391 28.57733 C 13.95671 28.57733 15.39072 29.97112 15.39072 31.68447 C 15.39072 33.39689 13.95671 34.79068 12.19391 34.79068 L 12.19391 34.79068 Z" stroke-miterlimit="10"/></g></g></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,78,118.3854006442422) scale(0.35227944162413477,0.45039275046220717) translate(-0.4429050300735753,-0.7077644040000006)"><g transform="translate(0,0) scale(1,1)"><g><g transform="translate(-604,-7)"><g><g transform="translate(604,7.071429)"><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 3.756617 15.69689 L 9.798454 15.69689 L 9.798454 21.56925 L 3.756617 21.56925 L 3.756617 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 11.1692 15.69689 L 17.21104 15.69689 L 17.21104 21.56925 L 11.1692 21.56925 L 11.1692 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 11.1692 8.167081 L 17.21104 8.167081 L 17.21104 14.03944 L 11.1692 14.03944 L 11.1692 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 18.58083 15.69689 L 24.62267 15.69689 L 24.62267 21.56925 L 18.58083 21.56925 L 18.58083 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 18.58083 8.167081 L 24.62267 8.167081 L 24.62267 14.03944 L 18.58083 14.03944 L 18.58083 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 15.69689 L 32.03525 15.69689 L 32.03525 21.56925 L 25.99341 21.56925 L 25.99341 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 8.167081 L 32.03525 8.167081 L 32.03525 14.03944 L 25.99341 14.03944 L 25.99341 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 33.40504 15.69689 L 39.44688 15.69689 L 39.44688 21.56925 L 33.40504 21.56925 L 33.40504 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 0.6363354 L 32.03525 0.6363354 L 32.03525 6.508696 L 25.99341 6.508696 L 25.99341 0.6363354 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 12.19391 30.04752 C 11.26506 30.04752 10.50971 30.78168 10.50971 31.68447 C 10.50971 32.58634 11.26506 33.31957 12.19391 33.31957 C 13.1218 33.31957 13.87715 32.58634 13.87715 31.68447 C 13.87715 30.78168 13.1218 30.04752 12.19391 30.04752" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 58.90479 18.73416 C 56.87647 17.59658 54.17619 17.44099 51.87563 18.09876 C 51.5919 15.72205 49.98534 13.63789 48.07492 12.14534 L 47.3167 11.55279 L 46.67925 12.26832 C 45.40053 13.70683 45.01902 16.09752 45.19348 17.93478 C 45.32192 19.28571 45.75807 20.65621 46.61407 21.74068 C 45.96416 22.12081 45.22511 22.42267 44.56753 22.63975 C 43.22746 23.08043 41.77331 23.32547 40.35847 23.32547 L 0.6134818 23.32547 L 0.5281695 24.21615 C 0.2434756 27.18727 0.6623686 30.16211 1.925758 32.87702 L 2.470223 33.95404 L 2.531571 34.05466 C 6.269017 40.22329 12.83135 42.82174 19.98417 42.82174 C 33.82968 42.82174 45.24907 36.81056 50.49338 24.11366 C 53.99886 24.29161 57.58389 23.28447 59.29876 20.03106 L 59.73683 19.20093 L 58.90479 18.73416 L 58.90479 18.73416 Z M 12.19391 34.79068 C 10.43111 34.79068 8.997093 33.39689 8.997093 31.68447 C 8.997093 29.97112 10.43111 28.57733 12.19391 28.57733 C 13.95671 28.57733 15.39072 29.97112 15.39072 31.68447 C 15.39072 33.39689 13.95671 34.79068 12.19391 34.79068 L 12.19391 34.79068 Z" stroke-miterlimit="10"/></g></g></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(-1,1.2246467991473532e-16,-1.2246467991473532e-16,-1,360.00000000000006,262.00000000000375)"><g><g transform="translate(0,0) scale(4.814285714285714,4.113636363636363)"><g><g><g><path fill="#929292" stroke="rgb(0,0,0)" d="M 58.97 19.094 C 58.977 18.895 59 18.7 59 18.5 C 59 8.283 50.717 0 40.5 0 C 33.11 0 26.751 4.344 23.787 10.607 C 22.275 9.593 20.458 9 18.5 9 C 13.5 9 9.41 12.866 9.037 17.771 C 3.778 19.616 0 24.61 0 30.5 C 0 37.787 5.778 43.71 13 43.975 L 13 44 L 58 44 L 58 43.975 C 64.671 43.71 70 38.235 70 31.5 C 70 25.095 65.18 19.822 58.97 19.094 Z M 58 41.975 L 58 42 L 13 42 L 13 41.975 C 6.883 41.711 2 36.683 2 30.5 C 2 24.994 5.872 20.398 11.039 19.271 C 11.013 19.017 11 18.76 11 18.5 C 11 14.357 14.358 11 18.5 11 C 21.017 11 23.239 12.244 24.6 14.146 C 26.512 7.15 32.897 2 40.5 2 C 49.613 2 57 9.388 57 18.5 C 57 19.353 56.914 20.183 56.79 21 L 58 21 L 58 21.025 C 63.565 21.288 68 25.87 68 31.5 C 68 37.13 63.565 41.712 58 41.975 Z" stroke-opacity="0" stroke-miterlimit="10"/></g></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,218,110.77142551967079)"><g><g transform="translate(0,0) scale(0.4,0.17857142857142858)"><g><path fill="url(#WBDbaulTBpzM)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(2.5,5.6)"><path fill="none" stroke="none" d="M 0 0 L 40 0 Q 40 0 40 0 L 40 17.857142857142858 Q 40 17.857142857142858 40 17.857142857142858 L 0 17.857142857142858 Q 0 17.857142857142858 0 17.857142857142858 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#WBDbaulTBpzM)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 40 0 Q 40 0 40 0 L 40 17.857142857142858 Q 40 17.857142857142858 40 17.857142857142858 L 0 17.857142857142858 Q 0 17.857142857142858 0 17.857142857142858 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,221.215728752538,106.27142551967087)"><g transform="translate(0,0)"><g transform="translate(-224.4,-110.53333028157554) translate(3.184271247461993,4.261904761904674) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 225.715728752538 110.77142551967087 L 225.715728752538 128.62856837681355" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,245.78427124746187,106.2714255196706)"><g transform="translate(0,0)"><g transform="translate(-251.2,-111.4857112339565) translate(5.415728752538115,5.214285714285893) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 250.28427124746187 110.7714255196706 L 250.28427124746187 128.62856837681372" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,233.5,106.27142551967079)"><g transform="translate(0,0)"><g transform="translate(-236.8,-111.4857112339565) translate(3.3000000000000114,5.214285714285708) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 238 110.77142551967079 L 238 128.62856837681363" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,220,146.7714255196708)"><g><g transform="translate(0,0) scale(0.4,0.17857142857142858)"><g><path fill="url(#zcdeGreihvVX)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(2.5,5.6)"><path fill="none" stroke="none" d="M 0 0 L 40 0 Q 40 0 40 0 L 40 17.857142857142858 Q 40 17.857142857142858 40 17.857142857142858 L 0 17.857142857142858 Q 0 17.857142857142858 0 17.857142857142858 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#zcdeGreihvVX)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 40 0 Q 40 0 40 0 L 40 17.857142857142858 Q 40 17.857142857142858 40 17.857142857142858 L 0 17.857142857142858 Q 0 17.857142857142858 0 17.857142857142858 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,223.215728752538,142.27142551967088)"><g transform="translate(0,0)"><g transform="translate(-226.4,-146.53333028157556) translate(3.184271247461993,4.261904761904674) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 227.715728752538 146.77142551967088 L 227.715728752538 164.62856837681358" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,247.78427124746187,142.2714255196706)"><g transform="translate(0,0)"><g transform="translate(-253.2,-147.4857112339565) translate(5.415728752538115,5.214285714285893) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 252.28427124746187 146.7714255196706 L 252.28427124746187 164.62856837681372" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,235.5,142.2714255196708)"><g transform="translate(0,0)"><g transform="translate(-238.8,-147.4857112339565) translate(3.3000000000000114,5.214285714285694) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 240 146.7714255196708 L 240 164.62856837681366" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,124,108.77142551967079)"><g><g transform="translate(0,0) scale(0.4,0.17857142857142858)"><g><path fill="url(#IFThKrznsSOS)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(2.5,5.6)"><path fill="none" stroke="none" d="M 0 0 L 40 0 Q 40 0 40 0 L 40 17.857142857142858 Q 40 17.857142857142858 40 17.857142857142858 L 0 17.857142857142858 Q 0 17.857142857142858 0 17.857142857142858 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#IFThKrznsSOS)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 40 0 Q 40 0 40 0 L 40 17.857142857142858 Q 40 17.857142857142858 40 17.857142857142858 L 0 17.857142857142858 Q 0 17.857142857142858 0 17.857142857142858 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,127.21572875253801,104.27142551967087)"><g transform="translate(0,0)"><g transform="translate(-130.4,-108.53333028157554) translate(3.184271247461993,4.261904761904674) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 131.715728752538 108.77142551967087 L 131.715728752538 126.62856837681355" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,151.78427124746187,104.2714255196706)"><g transform="translate(0,0)"><g transform="translate(-157.2,-109.4857112339565) translate(5.415728752538115,5.214285714285893) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 156.28427124746187 108.7714255196706 L 156.28427124746187 126.62856837681372" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,139.5,104.27142551967079)"><g transform="translate(0,0)"><g transform="translate(-142.8,-109.4857112339565) translate(3.3000000000000114,5.214285714285708) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 144 108.77142551967079 L 144 126.62856837681365" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,106,189.7714255196708)"><g><g transform="translate(0,0) scale(0.4,0.17857142857142858)"><g><path fill="url(#XiKzsGTSXNUh)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(2.5,5.6)"><path fill="none" stroke="none" d="M 0 0 L 40 0 Q 40 0 40 0 L 40 17.857142857142858 Q 40 17.857142857142858 40 17.857142857142858 L 0 17.857142857142858 Q 0 17.857142857142858 0 17.857142857142858 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#XiKzsGTSXNUh)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 40 0 Q 40 0 40 0 L 40 17.857142857142858 Q 40 17.857142857142858 40 17.857142857142858 L 0 17.857142857142858 Q 0 17.857142857142858 0 17.857142857142858 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,109.21572875253801,185.27142551967088)"><g transform="translate(0,0)"><g transform="translate(-112.39999999999999,-189.53333028157556) translate(3.1842712474619788,4.261904761904674) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 113.71572875253801 189.77142551967088 L 113.71572875253801 207.62856837681358" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,133.78427124746187,185.2714255196706)"><g transform="translate(0,0)"><g transform="translate(-139.2,-190.4857112339565) translate(5.415728752538115,5.214285714285893) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 138.28427124746187 189.7714255196706 L 138.28427124746187 207.62856837681372" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,121.5,185.2714255196708)"><g transform="translate(0,0)"><g transform="translate(-124.8,-190.4857112339565) translate(3.299999999999997,5.214285714285694) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 126 189.7714255196708 L 126 207.62856837681366" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,130,225.77142551967077)"><g><g transform="translate(0,0) scale(0.4,0.17857142857142858)"><g><path fill="url(#EtyquTIDLrxf)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(2.5,5.6)"><path fill="none" stroke="none" d="M 0 0 L 40 0 Q 40 0 40 0 L 40 17.857142857142858 Q 40 17.857142857142858 40 17.857142857142858 L 0 17.857142857142858 Q 0 17.857142857142858 0 17.857142857142858 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#EtyquTIDLrxf)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 40 0 Q 40 0 40 0 L 40 17.857142857142858 Q 40 17.857142857142858 40 17.857142857142858 L 0 17.857142857142858 Q 0 17.857142857142858 0 17.857142857142858 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,133.215728752538,221.27142551967086)"><g transform="translate(0,0)"><g transform="translate(-136.4,-225.53333028157553) translate(3.184271247461993,4.261904761904674) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 137.715728752538 225.77142551967086 L 137.715728752538 243.62856837681355" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,157.78427124746187,221.27142551967057)"><g transform="translate(0,0)"><g transform="translate(-163.2,-226.48571123395647) translate(5.415728752538115,5.214285714285893) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 162.28427124746187 225.77142551967057 L 162.28427124746187 243.6285683768137" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,145.5,221.27142551967077)"><g transform="translate(0,0)"><g transform="translate(-148.8,-226.48571123395647) translate(3.3000000000000114,5.214285714285694) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 150 225.77142551967077 L 150 243.62856837681363" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,125.00000000000011,140.3714316231939)"><g><g transform="translate(0,0) scale(0.4,0.17857142857142858)"><g><path fill="url(#awBywGbvdTBT)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(2.5,5.6)"><path fill="none" stroke="none" d="M 0 0 L 40 0 Q 40 0 40 0 L 40 17.857142857142858 Q 40 17.857142857142858 40 17.857142857142858 L 0 17.857142857142858 Q 0 17.857142857142858 0 17.857142857142858 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#awBywGbvdTBT)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 40 0 Q 40 0 40 0 L 40 17.857142857142858 Q 40 17.857142857142858 40 17.857142857142858 L 0 17.857142857142858 Q 0 17.857142857142858 0 17.857142857142858 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,128.21572875253813,135.87143162319398)"><g transform="translate(0,0)"><g transform="translate(-131.40000000000012,-140.13333638509866) translate(3.184271247461993,4.261904761904674) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 132.71572875253813 140.37143162319398 L 132.71572875253813 158.22857448033668" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,152.784271247462,135.8714316231937)"><g transform="translate(0,0)"><g transform="translate(-158.2000000000001,-141.0857173374796) translate(5.415728752538115,5.214285714285893) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 157.284271247462 140.3714316231937 L 157.284271247462 158.22857448033682" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,140.5000000000001,135.8714316231939)"><g transform="translate(0,0)"><g transform="translate(-143.80000000000013,-141.0857173374796) translate(3.3000000000000114,5.214285714285694) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 145.0000000000001 140.3714316231939 L 145.0000000000001 158.22857448033676" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,233.5,89.85999694824216)"><g transform="translate(0,0)"><g transform="translate(-289,-102.19999694824219) translate(55.5,12.340000000000032) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 292.4374511336982 104.35999694824216 L 292.4374511336982 99.35999694824216 Q 292.4374511336982 94.35999694824216 282.4374511336982 94.35999694824216 L 248 94.35999694824216 Q 238 94.35999694824216 238 102.56571123395648 L 238 110.77142551967079" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,235.5,159.85999694824216)"><g transform="translate(0,0)"><g transform="translate(-292,-163.1999969482422) translate(56.5,3.340000000000032) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 292.4374511336982 164.35999694824216 L 292.4374511336982 174.62856837681366 Q 292.4374511336982 184.62856837681366 282.4374511336982 184.62856837681366 L 250 184.62856837681366 Q 240 184.62856837681366 240 174.62856837681366 L 240 164.62856837681366" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,165.5,191.01999694824218)"><g transform="translate(0,0)"><g transform="translate(-189,-197.1999969482422) translate(23.5,6.180000000000007) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 191.4374511336982 195.51999694824218 L 191.4374511336982 224.6999969482422 Q 191.4374511336982 234.6999969482422 181.4374511336982 234.6999969482422 L 170 234.6999969482422" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,141.5,164.3204294867866)"><g transform="translate(0,0)"><g transform="translate(-166,-169.1999969482422) translate(24.5,4.8795674614555935) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 173.00000000000003 168.8204294867866 L 166.25 168.8204294867866 Q 159.5 168.8204294867866 159.5 178.8204294867866 L 159.5 188.69999694824222 Q 159.5 198.69999694824222 152.75 198.69999694824222 L 146 198.69999694824222" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,91.9374511336982,69.01999694824218)"><g transform="translate(0,0)"><g transform="translate(-187,-134.1999969482422) translate(95.0625488663018,65.18) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 96.4374511336982 98.51999694824218 L 96.4374511336982 83.51999694824218 Q 96.4374511336982 73.51999694824218 106.4374511336982 73.51999694824218 L 134 73.51999694824218 Q 144 73.51999694824218 144 83.51999694824218 L 144 108.77142551967079" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,91.9374511336982,153.72857448033676)"><g transform="translate(0,0)"><g transform="translate(-140,-162.1999969482422) translate(48.062548866301796,8.471422467905427) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 136.7157287525382 158.22857448033676 L 136.7157287525382 168.51999694824218 Q 136.7157287525382 178.51999694824218 126.71572875253821 178.51999694824218 L 106.4374511336982 178.51999694824218 Q 96.4374511336982 178.51999694824218 96.4374511336982 168.51999694824218 L 96.4374511336982 158.51999694824218" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/userguide/networking/images/overlay_network.gliffy b/docs/userguide/networking/images/overlay_network.gliffy
new file mode 100644
index 00000000..e4a6ed95
--- /dev/null
+++ b/docs/userguide/networking/images/overlay_network.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#ffffff","width":361,"height":291,"nodeIndex":195,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":23.000000000000057,"y":8.18899694824222},"max":{"x":360.00000000000006,"y":290.6999969482422}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":194.0,"y":200.1999969482422,"rotation":0.0,"id":193,"width":47.0,"height":77.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":41,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":2,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[10.0,-6.0],[47.0,77.0]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":64.0,"y":272.6999969482422,"rotation":0.0,"id":179,"width":247.0,"height":24.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":27,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":5,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Courier;font-size:12px;\"><span style=\"\">docker network create -d overlay</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":23.000000000000057,"y":81.00000000000378,"rotation":180.0,"id":175,"width":337.0,"height":181.0,"uid":"com.gliffy.shape.iphone.iphone_ios7.icons_glyphs.glyph_cloud","order":25,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.iphone.iphone_ios7.icons_glyphs.glyph_cloud","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#929292","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":52.0,"y":8.18899694824222,"rotation":0.0,"id":178,"width":274.0,"height":205.01099999999997,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":26,"lockAspectRatio":false,"lockShape":false,"children":[{"x":25.999999999999996,"y":110.19640369599998,"rotation":0.0,"id":173,"width":20.88802989941042,"height":19.0,"uid":"com.gliffy.shape.basic.basic_v1.default.svg","order":23,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Svg","Svg":{"embeddedResourceId":0,"strokeWidth":2.0,"strokeColor":"#000000","dropShadow":true,"shadowX":5.0,"shadowY":5.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":121.00000000000003,"y":147.19640369599998,"rotation":0.0,"id":172,"width":20.88802989941042,"height":19.0,"uid":"com.gliffy.shape.basic.basic_v1.default.svg","order":22,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Svg","Svg":{"embeddedResourceId":0,"strokeWidth":2.0,"strokeColor":"#000000","dropShadow":true,"shadowX":5.0,"shadowY":5.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":222.0,"y":114.19640369599998,"rotation":0.0,"id":171,"width":20.88802989941042,"height":19.0,"uid":"com.gliffy.shape.basic.basic_v1.default.svg","order":21,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Svg","Svg":{"embeddedResourceId":0,"strokeWidth":2.0,"strokeColor":"#000000","dropShadow":true,"shadowX":5.0,"shadowY":5.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":135.0,"y":39.01099999999997,"rotation":0.0,"id":169,"width":86.0,"height":50.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":20,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":160,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":134,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.3867377051204244,-0.010999999999967258],[-90.5625488663018,51.31999999999999]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":140.0,"y":34.01099999999997,"rotation":0.0,"id":168,"width":4.0,"height":91.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":19,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":160,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":155,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-2.6132622948795756,4.989000000000033],[-0.5625488663017961,93.32]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":170.0,"y":22.010999999999967,"rotation":0.0,"id":165,"width":72.0,"height":73.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":18,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":160,"py":1.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":158,"py":0.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-32.613262294879576,16.989000000000033],[70.43745113369818,74.15999999999997]],"lockSegments":{},"ortho":false}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":113.0,"y":0.0,"rotation":0.0,"id":160,"width":48.773475410240856,"height":39.0,"uid":"com.gliffy.shape.cisco.cisco_v1.storage.relational_database","order":15,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.storage.relational_database","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#02709F","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.0,"y":0.0,"rotation":0.0,"id":163,"width":88.0,"height":14.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"both","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\">Key-value store</span></p>","tid":null,"valign":"middle","vposition":"below","hposition":"none"}},"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":null},{"x":196.0,"y":96.17099999999994,"rotation":0.0,"id":156,"width":78.0,"height":77.68,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":12,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":63.68000000000001,"rotation":0.0,"id":157,"width":78.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":14,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Host</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":23.0,"y":0.0,"rotation":0.0,"id":158,"width":42.8749022673964,"height":60.000000000000014,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":11,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":95.0,"y":127.33099999999996,"rotation":0.0,"id":153,"width":78.0,"height":77.68,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":7,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":63.68000000000001,"rotation":0.0,"id":154,"width":78.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":9,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Host</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":23.0,"y":0.0,"rotation":0.0,"id":155,"width":42.8749022673964,"height":60.000000000000014,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":6,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":null},{"x":0.0,"y":90.33099999999996,"rotation":0.0,"id":152,"width":78.0,"height":77.68,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":4,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":63.68000000000001,"rotation":0.0,"id":142,"width":78.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":3,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Host</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"children":[],"hidden":false,"layerId":null},{"x":23.0,"y":0.0,"rotation":0.0,"id":134,"width":42.8749022673964,"height":60.000000000000014,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":1,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":null}],"hidden":false,"layerId":null}],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":43}],"shapeStyles":{},"lineStyles":{"global":{"stroke":"#999999","strokeWidth":2,"endArrow":2}},"textStyles":{"global":{"bold":true,"face":"Courier"}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.custom.confluence.c20f4a380e3cee362007f9e62694d34d947f28ed4263c0702b3dd72d9801532a"],"lastSerialized":1445556181238},"embeddedResources":{"index":1,"resources":[{"id":0,"mimeType":"image/svg+xml","data":"<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"no\"?>\n<svg width=\"60px\" height=\"43px\" viewBox=\"0 0 60 43\" version=\"1.1\" xmlns=\"http://www.w3.org/2000/svg\" xmlns:xlink=\"http://www.w3.org/1999/xlink\" xmlns:sketch=\"http://www.bohemiancoding.com/sketch/ns\">\n    <!-- Generator: Sketch 3.3 (11970) - http://www.bohemiancoding.com/sketch -->\n    <title>logo copy</title>\n    <desc>Created with Sketch.</desc>\n    <defs></defs>\n    <g id=\"Docker-Hub-Dashboard\" stroke=\"none\" stroke-width=\"1\" fill=\"none\" fill-rule=\"evenodd\" sketch:type=\"MSPage\">\n        <g id=\"Dashboard-Filled-Page\" sketch:type=\"MSLayerGroup\" transform=\"translate(-604.000000, -7.000000)\" fill=\"#FFFFFF\">\n            <g id=\"Menu-Bar-Copy\" sketch:type=\"MSShapeGroup\">\n                <g id=\"logo-copy\" transform=\"translate(604.000000, 7.071429)\">\n                    <path d=\"M3.75661719,15.6968944 L9.79845393,15.6968944 L9.79845393,21.5692547 L3.75661719,21.5692547 L3.75661719,15.6968944 Z\" id=\"Fill-1\"></path>\n                    <path d=\"M11.1692022,15.6968944 L17.211039,15.6968944 L17.211039,21.5692547 L11.1692022,21.5692547 L11.1692022,15.6968944 Z\" id=\"Fill-2\"></path>\n                    <path d=\"M11.1692022,8.16708075 L17.211039,8.16708075 L17.211039,14.039441 L11.1692022,14.039441 L11.1692022,8.16708075 Z\" id=\"Fill-3\"></path>\n                    <path d=\"M18.5808287,15.6968944 L24.6226654,15.6968944 L24.6226654,21.5692547 L18.5808287,21.5692547 L18.5808287,15.6968944 Z\" id=\"Fill-4\"></path>\n                    <path d=\"M18.5808287,8.16708075 L24.6226654,8.16708075 L24.6226654,14.039441 L18.5808287,14.039441 L18.5808287,8.16708075 Z\" id=\"Fill-5\"></path>\n                    <path d=\"M25.9934137,15.6968944 L32.0352505,15.6968944 L32.0352505,21.5692547 L25.9934137,21.5692547 L25.9934137,15.6968944 Z\" id=\"Fill-6\"></path>\n                    <path d=\"M25.9934137,8.16708075 L32.0352505,8.16708075 L32.0352505,14.039441 L25.9934137,14.039441 L25.9934137,8.16708075 Z\" id=\"Fill-7\"></path>\n                    <path d=\"M33.4050402,15.6968944 L39.4468769,15.6968944 L39.4468769,21.5692547 L33.4050402,21.5692547 L33.4050402,15.6968944 Z\" id=\"Fill-8\"></path>\n                    <path d=\"M25.9934137,0.636335404 L32.0352505,0.636335404 L32.0352505,6.50869565 L25.9934137,6.50869565 L25.9934137,0.636335404 Z\" id=\"Fill-9\"></path>\n                    <path d=\"M12.1939085,30.0475155 C11.2650588,30.0475155 10.5097093,30.781677 10.5097093,31.684472 C10.5097093,32.5863354 11.2650588,33.3195652 12.1939085,33.3195652 C13.1217996,33.3195652 13.877149,32.5863354 13.877149,31.684472 C13.877149,30.781677 13.1217996,30.0475155 12.1939085,30.0475155\" id=\"Fill-10\"></path>\n                    <path d=\"M58.9047928,18.7341615 C56.8764688,17.5965839 54.1761905,17.4409938 51.8756339,18.0987578 C51.5918986,15.7220497 49.9853432,13.6378882 48.0749227,12.1453416 L47.3166976,11.552795 L46.6792517,12.268323 C45.4005257,13.7068323 45.0190167,16.0975155 45.1934756,17.9347826 C45.3219233,19.2857143 45.7580705,20.6562112 46.6140693,21.7406832 C45.964162,22.1208075 45.2251082,22.4226708 44.5675325,22.6397516 C43.2274583,23.0804348 41.7733148,23.3254658 40.3584725,23.3254658 L0.613481756,23.3254658 L0.52816945,24.2161491 C0.243475572,27.1872671 0.662368584,30.1621118 1.92575758,32.8770186 L2.47022263,33.9540373 L2.53157081,34.0546584 C6.2690167,40.2232919 12.8313544,42.8217391 19.9841682,42.8217391 C33.8296846,42.8217391 45.2490724,36.810559 50.4933828,24.1136646 C53.9988559,24.2916149 57.5838899,23.284472 59.2987631,20.0310559 L59.7368275,19.2009317 L58.9047928,18.7341615 L58.9047928,18.7341615 Z M12.1939085,34.7906832 C10.431107,34.7906832 8.99709338,33.3968944 8.99709338,31.684472 C8.99709338,29.971118 10.431107,28.5773292 12.1939085,28.5773292 C13.95671,28.5773292 15.3907236,29.971118 15.3907236,31.684472 C15.3907236,33.3968944 13.95671,34.7906832 12.1939085,34.7906832 L12.1939085,34.7906832 Z\" id=\"Fill-11\"></path>\n                </g>\n            </g>\n        </g>\n    </g>\n</svg>","width":59.29392246992643,"height":42.185403696,"x":0.4429050300735753,"y":0.7077644040000006}]}}
\ No newline at end of file
diff --git a/docs/userguide/networking/images/overlay_network.png b/docs/userguide/networking/images/overlay_network.png
new file mode 100644
index 0000000000000000000000000000000000000000..9d728b818273b43d9a0e36c7845e0f53bd757519
GIT binary patch
literal 23276
zcmZU5by!qU_bwtLor+2~(hAZg(yerdbi)us41=^F-Hl2~cb9Z`=P;x+3=IR^!}ol@
z-}Bsi{~#XDoW0Lpd+l}Jcdd63`dL{97mE}N1qB6HPF7MC1?33@_~OMt2mbPvp7}2d
z3N?zHq`10=;X%gpWOb>T`_aER0(b)3)L-6Fqfbe_Xb-fW<|%Q0S#?<It2KM1x85jj
z&}}eDyOnS!`9+-YDXqotZyVGmuR*CaxI+)uFIOtw<lW93wAS6aUlwe`-((c%)$Nuv
zI%at7O%<e1OiZYb=U}`=4f{qLeS)#^7H$clvVHpUiPT5JcNlNsdmlfey?7!;tw8X(
zV>C8$#)9SXlRpE?Og|C=SNzz-KVph02<oO4{AUcJ*2u>@KciKmJz+qy?O54wLD4P_
zSrdG6b7S?GWk4X%3lb^nqQ}t+4@Z`I9NsQ4ko^GnkBE4i@0E(E*4u}?a9F0<3v(a1
z`E5|?u!uL`0?vxxXML%hsa_gS=b6ANSJNy%QRtv#tzDG*p}=4nX{%jSs9vBix2s-6
zJG`ep8%pC6qBK*Zh$*($D9laT3^9$dTWL_RC|hAOVq=XLu;m>r9PX~PSj1yqF^K(4
z$GW}odd<<WF1WhXNG)=2OcKv=`ZMWNF^m1Ft=#m|0A@lNJ}YX$Ct#%-eS6*_bmeyI
z?m86(veKj4j7A)Kwz5#Ie#6ntuG^0x!8N&-RW~4Lmiv}vUEcW`yL^@!nyUXdBB;Fa
zY?7C_@nPyP;-mxh&G|5GN-ZcLN#^O`VxgguK#4bNL!qzb&Qy8rRB`I7xu$AkslS|P
z@yB<cR0mHe{Bp@^`vb3wHpf-A`#Rk8d^llIsJ5E@3D`HaN$_5`gq7jbySJ)?pV3ey
zfaiQ?RkJEdkX&Jty(9!}Y!<SVqV1+X(Amgn%W})X*_{x!KAL*PjA}^ux#Kb{c?+N1
z??}rrR;UNcO1xc$hctk;{*+oKMXYr{-3W|Sx?|HER7HaT1H<^<)=;+*cpP`?fJW=B
zp)ZrBK#@mt>Y1VsRy$LFlvQCxoN8!x!1mUO%bn8W`f2EeZTf%78hE8J%Xp9hZN+%F
zW9Gw8Xe}YV(kV{N#kc}Y)5`hIh6YM=yq<Reg8zuyC^FwevTzk_I{n-$(o>0RWluPc
z!)k6F!g|60VNL#^R!OkhwVxfg)h9tUB0t0G<1;#bKsp$=O_@t6)cU(H=sE}((@54v
zpq0AZ<BnIS8CoRF@0_S;sQ*tPrJp6oWVjG9#2FQHIJ_&@8(auy!Up?9iJ;0~U1(d6
z&{Lzp#XdME>bq)tU!QgznXmbu9Zy-${;U;#S6w#5JjZ5vW@rBCy_G6jM=-Fhb6)g=
zdr#q6+z8Wxm?Tzk=9HSnE4xHrpZB9({g|e-D_c4(3w^`A;JES0r2g-tzR_ilLQ0ro
z;TgGZ6GHZGIDyztLXJ<mnU;M(j&J4~QXrL15zX&S3x-&ih{CXlWe>WPhc|ZbGd6o8
zq%2^51O)U9$j`1Zn!i!eraER#2wBhuh(!~Mv|7USy<K0m_qJGRg(AUQTyXkBWKBQA
zL!MiqLYc+6xz(kng_^rE+`{uDO$u?2cq$SWe=Nb1Q_V&Ac+Q<LUZTDvgql5zvWH0q
zyW29i=xwCE>*m(9e<yk?IpNwtcRT*Gv8$s@PeOOP%z7iGQ;#p&Yr3#+4R>)P`&rTE
zxwS%et28DoigJw0|0Cdo80s}c^@L7z$UgtH=>nQwuoZ2K9&hvruB}4Gu15I9=q6KF
z_cm($xs=ebugm*^(N{m6)-@Php2$xx$xoD9@BqK9>rSJwW@aJn7e_>bS9Rnd6|Na6
z`gXBIt+?{3OfP{4&qsChu~bKECV)x>eO%2To#uI!<P<6g9WGSOx5-SwK!8{=lhUH=
zx12^>Rf$!6Z%aig3p|pFmuuDdcd+}*V6EJThN>M=WP(2LjDh3!6kYqrW$?$}fky}S
z?HigM_~=^fJkG!c;@-~+$Ao|jQngS0e&GjtG+H!ZH2JGvyLcsv!8AVuvrH&b4~M^W
zs9aJ`-GsaWBH+7AWs(_Sx3Pr`($YTwqr{=twDzF`qmadah@vH+0&YKn=czmk1YGIk
zUz>`sZ{K?+#=j770H5ugrqWFt`t*?<IkY=k?HEA>T>$^$rS1Y|4ykvktgw;4nxETS
z*fM*Znl0yCL=(88*PfH|!ml1Ufl=7JK5yTm)lXjR`}(qFamtnL;Zg_}ZfYiuI#Sa5
zoDrS=4E~;&h5|eS=C}MP^nkynStALHuzSYjj;9=M#@kzn8}nWTXhh+YHn|^KXw7s#
z1CJ=UeQ1r*uxd#LOH5m1#<>%pAsKytY#T0)CuP0$(cQY$D^JYBxB`~bs`An1{XOkR
z#amcZ1`DT8T_4Q<DNBjtAUYzd>Q?T-J>scX07(%BeI&5-wbwS7PiV@2c_cLpc?Sve
zT1O7u>_jepGkgiIShDvvZyNzER~RVaK$XHiCIdkW-{r_^83$G0=<38D)f1i;v~@oh
z>yyhYljo8x$W^RG)`0AboM>=fj-Qob{fRM0{WH)pAa)D$8S3N9#@|iPd?`Hv(f=DY
zrOBeoZlywq*{vu(jxOXw0qfnuhuA9bI-ZAR-Zo9ul@iV`Xh<OR!#L?{(sO9PEmeVB
zVv3ja+0+tW44fs94V?!r8U3)etd38jt5lI>3GK^#iyf4z0UAF4uK#r<_XHX%R;=;#
zw8_G)kf|o)hD++N3b40#l4^tU%%}>ycC1as=}ItvcA*>(l~6mD74{#qjtR{oLOF*k
z2dcWMbh!y2GX+BmYwfzo>OXoCg_|0@m$2FbBLxJ@wrqxtMvnWmuz2=t4u%;Pu#+hh
zaSM@Hgm2l|6AYT%<qQoohf;YI@{}`JGz!&YTD&g@IH4!l*2|4G@$vD=ZMLdtToizx
zDjvbv9H=A>KYyl9<8w@OSZ?fJsIlFw8WoMp5CY3*2)b=_5v#=SP8SWvGAQI2ws=kC
z$PpK)V^+w-(MG2LerIXXW?^4M{)3X0a_~L_yg~>CZ>3n0vO<SbdA2U63pL^_hEw|+
z-S##D@I|AMNQl5@yc#_dQ?E8sqo^=Gt|s7Z09k2ZR(nR8y;8s&pWPfat5#{eW{Ixc
za--YkqGKD6ruWfG3vQ_CGVo)OK$I9Iu+6v~)f6sNgaVyy_3<vyP-t<gw8t^`@=iGB
zZV8E-Yt?gX(GYasf7=;?&*vEQ?WpC_(DP;|e{-*_EwR>q5nVOS=l0@F5k(QSC;W|c
zk=TBDXO87)CZZExtj`g8N_KrVsS*U~<LeVXSg7H?X^AV}y%svxueD3TdHwD$GNa!w
zlqPYilb*|B==Jp`r*A>*XKIn+pqu}B1A#UZwB%u}KDcm+3-FS2NHY>Kh`8R)Qpi`%
zKo!UMWLWVv$Zok&!|QyPfsD@~UchBbHUy6%JVDHHMOdP1GGB!+aOA;s9DJ}at$h}Q
zIbqc7Q89iK#lMCz8GL=ZP1cZaKA8BWA2R-13N#|Ho!pNuCmTmgp!pa+7PzgoIWZpo
zWJkspl{OAUi{4yo8Tl}<>sG%j@%v2Wz5o9Dz|ohr#&$Mw*2s6+V<6piLJl#+JsMAV
z{BJzl9N09_AbTD8w+_IJ4BVC@@nZKUQL6g-b{i?Dqhdy-^=nx3wf1Su;M<D>Q2Vo2
z$(QArO-}Gn0+&lJxNsO4=EG&yM_@hn({Jj}m(F70U|cc_Myy@0o;Q}SJD_LdGMhJh
zWqgRS5GttEMy8sI$h0B~@}bQ4&X${b$#qf*G%9kL%oP*)rx$QUR+!IaMn5<BQ2(^)
zITd7VD(J?aka#@n0cm-ve0+0v<jeVRf7v!n&kfp;-C1ezCcS9Y6rcbCp-PCMe4OAX
zi{Ugrz8q}${ndI@@KQP&y!E&P8?oYj^yYwk9<3}T$<V96j|q6_x{3~(_7F-hS#&&d
zkB@^fmdVtNDw%A1vt@j`cUkvmObsVJWah}LldbDi9@_ziB>k_&H-LlQp>(tXLq40w
z+@nlE=dyU&vEkf-$<)_N<!iS)O8@B%k^=L4KW4%1?NM8j7!r;TTC}fAd5K2W{>lha
zaqY;M=Dgk`w>gk7Y=gd*e?Jw9`Ay?FF{LVT*JzHEP<!}YkkC=Hn&{0xI_}W&0V}|!
zsb`Iv+!>Ec%wNIsG@vPB%Jk?UpeMOBdbrV&Xr!0Ls|+}Mj!$XFwgcFBu3que2mxE*
z2)*;r`(6w#OiljLn2Y^+)68}(%X1XD>}e{`jhLQK+m0dRpzn6`l~U5-uT6OE`d?YY
zja<j2q(^&I9p}n_E%`p&1s^}0m-(iIq86oLK5xmY9m*70thbMij$~9!Hm0Y{>|V=v
zXb$NgjBz#eIoG%z^}VM93{+d7_T@{=Jc>o^-gtIM`zmk}_{>zuQpmM2%dys$nX(|2
zIy~vnn;n`X`w~MzfM;YywvbE+N|aCLDRFo8sT6N<wjn2?$u{Q7jKm}+Vlb~a8@4mK
zyCS+yyI&c-#=eY^p?rTMM*L)jCjcFnYvvk=SP_b7Cl80<Hf|#9uH8Ob<@spQN=173
z!>(2v7YG<PEu3L=Bd}%!E8rngF@lVb*UR_r=6twJ;7@nhTAYgL`?x2pfs@KYO39LQ
zD56Krr{Q*J^J={a;^jYIvT@*avx@2b<HA+0JF47o;#HKFB^HKtOFl>g2q;2`(@sMs
z^V?Ke!xpI;55{%PtRXi&zV$lKQyNO>6@2T6fD(b<*4x<AXc_PdyIv(rw8xV2M@Ar<
ze;R#SM{@v}-Kcd*5i6R1^Jk01MxS)?yJ#<3Oseb61=}(nF5;r+nVmoW9r->qk$dk~
zn6F4FVifa^P0^{Wsxo?GYj38{N!3}#z23XuN^?x)gF)1KA}Lto7?rrZiADy{WAm2@
zL=m{eB*d7+11G&yj!+N*j=*;jtot-f@i^L5KHzl%rAzJJl=9j^d78;hz{jLZ^YMf0
zgxJHi%DQyF1$&#scJNuWnIQPkt{T)UmigegP+f2>L?2Oy({<NF=J@)n$YK5Z5F@);
z*bD#Xcx@7lUdWT)2)i}Ag-T2uaqfnX#S$TSJUL49+8gn`hN!Ghp(>e6OG}lMxrTi*
zNXkzZl_p~F(xyW$(tBLKCFAepa$%v^*TK`+N2aL1ie)>%$0p`oRmB9_xL@!u_&zYB
zLLV^--)|j#N>!O84ub(U^PkCF=3y0?Fy99sx<%@u@^<;J{>Cn^1}XZ{mPv`EEql8O
zThise$<cAqgc=vbh1{W<k?^|6$-XD}$6D6>l~-Oz>X_2ivyTcBeZoQor6YI_U*zm_
zmE4dt3ua0X?i6AheeC|>qOR=?2)rU?;IwGg<{uh*lYM7;k`1fk`?zTRv{I8Eu7+Mj
zwZYO1l~obF&Pj2aYT^DNmV=U38c0Q5uj|^4@iCBql%y%{xKTW$_cTb!0OO5+&zigI
znYKq|!2mabU3FL9+gO}itl}4uKmd4JSxJaf(906=Tsvdcd3_^We|OZ6{d)!|`e!o6
zfQsh$Zg9<L`+H>+;Qj9Z$Xnl<)#z)XQCoe-155L&ID2+A_UPi%7C$i?F$>@sHVcqC
z1p6Ze`UkhTb%hQ2v@fa?c&(jy+X!b7%>Z;ddd5DyM}|s3XUN&dq1|D1@$X#r0~!xD
z3k^lZbyy~4SI(yv8V^k(?Y+o4e6sd^?lDaOrxiZNrI!euD?>KBW`}Zj8d2mZ4dgrJ
zQJNV&8)R+M7+xh#>iX#(?o-S%*JVGM7vYR;&gB#r>0g?bnC0_`DU7o6i@X2rdz9_Z
zRdm{^b3Ivgi3*QnJ0SJBTL!~;0;8yW#zJ{P^*9~*8TC<>A>Y!wEGp!M#V@}lQiTE#
zG&1Bb!MFWrzOfyFn1Kgk@62JjCA@%G^{+hNhc%IxF|OscaVhCarosVZmnZF(HJ$X5
z&6%>V#>{3EU<o3RPoQGN)RId;PSU*I78&%zAxhbC-IG`{sDPN5Adx30ZNH21lZnZ%
zl(S^Cm}>r%AA>A3WPlrr1Cfi0zEMY;H!xUwSOxW)GXYi!<pc7aq@P)L`#cIgJ)UeX
z*RP}X;irb_l+s(`H{y#b-DdIfY-h{;j~NvKeoLfYd3r@^3==;_kh=JsF%b!SCZ9<(
zTWkruch{p==><gl&Iv2|sZqL!Y)>$#2VdTPRUCNYy`QoePh_!)HdhHrL~>M;P5Lqd
zlnTanIt$^wg|CPiC-B6#$$h9UzcA6}uT-Rsy_*j41w6zk<kJ$yM^$>|u1Z3=&mZ*J
zPULBdohpSLn?F!bleUuW1W>pIo?(s!cRei~Vc;@cDD-^khj^SX`8XT}gi9hKhWX{M
zG+QFGph$&dM|wvNytkwO1ZElVro-}F^6aw=Oba~nE~@hQkq$Nc5I3g6CuA{<ApM~d
z_;42~YD7f#WJu}6Cd&&(To^8^Y!<FTsf;9y34`p5;K@JCPUv^NyYnOXV{!xHL)1tr
zz+{H$`?1;c%<Q+yCqeBjlgXXQFP-2xudz#K$L@@m9ot=8&*!duw>3-0aLG$P{{y@c
z-ykWl=#%!jWG(#$C;WTE3$%H3R;u4}d<t>>KN_>+=%R8I?lL6o>YG5!*hzn=PYAq7
zeX^kPNwtBtftFhK@yAs~Z6$gNuhGm%p+v7Tjg6y4>qJgC4TulmsKnKfwKbP3=4B##
z<59GReBXzAMn$yzkWiJWpW*?owvjV@p@6-Z2=~j|uvm$fU-zRYee58~o+oxek0L{j
z%8i4l5w286=@nXG&p0;{(X+mA_1TS@lJ3JQb=aUZ>GhW9bML(GW@v-TU-kD2$2+>Z
zdU2c>n-VkxsQn}mt^1HGG%oa$E|j2*5;HKa#Ke{2oa-YsSf3Ab{I5;WpKOoM6#@~K
zQPLY{{uW!?8XcoZ(a8Bv7*9jL&2cO>h4F?fk9MzVckU>E-z3W_C2d`N*KHbh|C?&3
z^Chch@=Kh2_mm}CPE#<e!b4`m<JoY4HP+(%4tZUU-sHAtL62H(a!=+-O{~UfbyaZ_
zbm6SR@x1={=T}po{#XX-8yfz!0pS$>!h^+}K*uNz=?&Lrk+Gc<O&VU|8LC&`Pn#60
zcj<&U)IK1!1Kxu;(S3Y70x=mA3E{~!5KXt;@i@Y)s%`1FaPMHd2Zot{Im#UY3=~9?
z-;Q`^s7_{MY>$tm^JR{P(TTq8lh-L;FmN>tD?8QVlJO?D=0(jHTfF@E-DV@pRjyb$
z-Q&|#TCEl0k$AosDi1$a_nXUj*ve-FGM5<msEVkH=!z&^RBLT1Lm!%5yM1y3ABZ`$
zcaU@(ijCU)@az3*#;}j|1je+hA4w}R`6)_S{qOGLY64Y07v?G?rIMw@uXdhS*x0{#
z(njc{iAo{p`p%(uz7e&Lr2{NWc`1=#iM-FL7M7y+A^5w-Bq>`P<Eu#^>R{dF_eDX}
zM^v_?fHs;9jT~_VP_X$Pr^=O#{Yx`8_`2NFao^KnzO4xxrN<mBM%O2l`R7GhahoYD
z*Jk8!i8Hj`j^EpDJj{<N+SQj&4quC&jY)7H=2e8#LcZSvoJW~uJimkK^@9zh;G}?2
z6U*&yTc!k$Hgh2NjQV?2W0^lszV5CDWc5R@Lc^cD`>N>tHtK!1Z-7qWr>|A=y-I@f
zm?~N8kwP4%%@8jC<M}{b`9^1m*N#V`CsN^Mzr-=bmHhSBXH@_N004MXsCRZh-jnT|
z_r#1LF=rqr@RByO@5Q`j&$yq{ko`jSdoJrjyizGjNLNH^=(n5CVmCbB1E)H>xpz3u
zb9msB{lrYlXKvhy0c4R69AcfHFmMn@t+ylE`4CsML0WV{g;7OpCz7t`d-0gi{R4vc
z#Q3=WKdi$dP^8iE@Fh1TVT>0<rZL_`PA)iVYeJ#ID#V_&D^Xq-d$Xg)1SE#X3whNH
z5V1`%*~#lyd68zvMCg9D`}O4k$#07}peH|!%oOXtmObSiM=Hh#5^dq27iEuR2r=oJ
zX^N;=VRbk|?yt8Q$xm0?1BU0&wAk*;pILUkHA6Ly-Oi%IWPQkqQ<hio5j((uaTZbT
zWtfvnQZdGY(dnsXqQvg4ersLqO!l&6huUGni7^z^AQ=3wLa3j<iy=~zjpIY3_Rvf!
zW)tWZ1ZbdXGBtbf8<k#{QBH)V+N%_%a3o=g%w*VcN&(FKs3nlsytBBw!ZrANc_M~o
z6TpaFN{o9WDI$8m<#iE$#uanMp;P!K*@i?Y5W8SCJe3H;o@sD@KO`yJGXLE4fiq@!
z)wSwkGWa;gX^uaP$>gO(G7|fgT9RxNfhA0<EU@{4xF=CAa_($biAZIX3W*cPLgphY
z7_BA<8{NaF4Nd5H%|OZoW-ixdB-)uOP#b1>vCd*gq#{)kbVl<ac?PY2=9pQYKStb2
z+?K8!%Jlx<zwhseL}nQ2M?tTDWIj9`cjDtVWKZr{*a?eJ-oCLU>h^ghu=X!I>f(Vx
zNB4ICyEHcF&B^6SDx6Gu7gOlkRNq9sM**qmVRdV=L24-*oO=A`t!YnqDC;5a4B2YP
zd_)+&**)@_%jd>5`x%$<OtFqBB;(rn!*$d*VmitwVzcLmHPahZs2<`KmmBr(s<?W8
z!WV|#?cK&;80&u}=%PC($TL~}>-Xz?5uY92t8mfB_edr-QU<CUJfiI8zt9%(9){~i
zOicJxdJco;>%Bs!9A}gfX?01Y8Y~Kn($nV4Gs~3@X?$60EDZ@cwx_zPMK+u2ydq~u
z7EyuRxa2Go3atTq9F}g8+0Sl7<5*|7SA<P^m&dOJVCy_4a8tXy)Bu)3@LNnV!%F<Y
zSR2!EO3$-^TrTSs^x2Boq$-tNtrZ$u1snO%#2WJ}Is46AW>)io4yDpjX$vd$rm!Ul
zNQiksgEs%dW`AeiZeXY|?5Uv3_6Sds`M+N^t6nf2rI#cmq=?08>o~>K5B=%BvaguX
zdax{g)?z%Vedsse<&F_Th0UTg#Ek!biw|gOGRs1ido|JAGVFzkoS%N7*zHevsyp~S
zDzQJDs^yutt$u#t5(uQ1(rlcqKF}Wn!^fR9d9CshEnSBP`Rz%hYIA_l^I8CR^rO8R
zMIw=7LJZU=U8V;i5oZ!oS0}M|^Oji|pkcecNTO@2LoZLz8fd->oRwc@V_X*u^2+Mr
z`nm?v(bnGBna^`8A|1S+^d#E|IGXJrTZu?GHl_YU+L{mFw6ze<DZh9>HU?1hc7M^W
zWYh4;PjhO`GtgvNG4;R)fChPC#r=&XuT(iNy}Ge)+MJhTHA5EHWcKdA@ky0!!#l^B
zFIyouI4b+IYH?n^zt}J1!q*o#e|xm3(E&a}ojzWEk0toLheDH^tdXDX<5eFc;Dqkg
zKUdP9A-w9OwPnRV1V$-ub)OU2;}EE&xF5`0%HD9UC-v<otk7K>c&NKr&;ALHajt!l
z<Y6QK<7PVC9DiITy{dIzhXFbFt}yt>I{8`ZJf?r}sA!@XoRr_JuOCs)w8VGv5fRH#
zzv>^)O8AQ!0MQ+FN+#6a%}#mji!4#f+AMlumvfpeY%q=9y4X|=7u@-zefIM+$RN_D
zr;<v{HX|m6Hjb!O2yU8DK-HR0ljO98y9gdEez|DYo{B|3IN?JpwMTC`7^SLP6e_!%
z^>pF=%slJ{G;X0&)4zySZ&JbnQjH2$t@Co|I4}EyQq~+q^xkf+JU$jWfJtSre?Dte
zcNqOHTEvjw5u!$225lH<Tv6_69uNTC{jKdu+iH+w6&8avio2Q4w+Ur`7QKcWb5a9K
zjs}+O*~f5(Qnad3?BB~CBT)3a%%4@RV5+oP!ToSB!65e*^CqwqcO$(sZ2<7M!Dj!1
z%-!)^Yo&(kcy}(xb9aHu@2g)`JQ;kDXEb-}{bS4wkg~LD^1M$~D(1RX=1E9<B+<23
zzs2bEA1ykSQmQ%W#8TG8*;d_y>uX-zBC^5z66>HZ2BHba%O+AY?R@ERStc_-mi34Z
z$&3B-ITpV*&p6o}$G-0Eb?fIdYx~-X#~CF*Yf&=<<^mzGthJluSCw&2qD2wPEUNOD
zupfAdySTc-j!q4byCPJby5-yH(5wC|u$fCr3#bUf>zlpZ>R?!wnm%6_+I+p7nmo!1
zZ<6@Ix*E@{ruYv_SQ3a+C?V(%xAx-t!Nb=wym1`EHg6hS*4-UJ)^%GoLs-evr*#T^
zOv9n=tUFa-hE1x?^5Y3b1z8LQcrp1(u{oRH<<4l2m$s<ZcMFYAwhknKa-1_*D(x*p
z?O+YFdHv5f3-stzR?>9-u{>plH+3o?e*;;s*+5PHgX+m8sxk6Rg12*(3ipBzp)~qs
zJF~qt@i#n0uPbHn5V4JQf9yxHh41>K5X+V9TjOR>d_y_0mudCPbjUB+(kbRON}qbf
zN94@Cz&*O2W=m`Jg`e9jGM8MWnHmmi8k|K&CHQb{Y|&3%aWFZ>3H)7mPz<A@U%@_E
z!c^@Qd76q8H@+=x;X3UtL0kpq`k(DEIOCok``Hh_A;DO*U5gh?yi=oMPqH4ojPt3)
z%)0bE;Z+RE%p&Swda<+7A6IhoK|>)6k)YO5w_94>mqXh6uv}f>5fz@H`F7NIYnkwu
zW{v(E(ej9s4$o`sqey}l-Rbv<cVeQ#SMgpfIMm29d&k+eM#<l3^sEdS$Mb)>8@KcI
zKGn$#U`nWV;7f2`sXd=QzH1+6ewIOTX_hwkWfQiP<DemNF`49;@Lp}!qjc_9$=>V1
z`wINTfuWbrS<wrqA@v79;-@OIHbwCn-A>>U1EUnnhf*uL5gO!r)7Ic>W<-f{cjfra
zN_Y*I<#{ca+;$|*?M)j$!T)Fh=)O9zfMDTk0N%KJ`(u`*C}%wd>$liX(pE9!)VVLu
z#JVGO_t@QE@L0j>gK2K@TaAp|RhJZoZ>kGe`O>F)qVF!h;ECq>A6o|`i42%|Q86YQ
zw`gCQ#DLPD{3E#cl=(pHpWxHbCz87PjpLe;cjVO%-UPyXBMyE^(X6&Fnq3%a`^~3o
z*?P&ttPBv&538A4JP>gB5@>&}Ma!aWf#YaYmzCkRnSwmWZX_;!B0C0BYn(lF`Onmm
z@rN`|j&JWx@V;g5@sY|)xS9-Sk9}n^GKZ*@9mQi)A9}sXER_Cv+!&1Uun!#Z%ve=V
zOX**Wd?t91V-rcD`;2_I==ZRanCq7r{A^ll%a*Pm9PH(<N<VuK00v;HXBld?mkDJv
zI9e{uFJBrEm=J7h1SA9u9&O!mPJtelH@cp8dvn`5s&ZG=*w(#_)m+=+98LR`9zT!I
z6jd={Gu%veGa}zv;NGNKzeb8lp=-<8-n#Cuy<*&B360sU14m1Fnr0me+z%Fd8u9f2
zFVKtXGNPJ3Uhf_81n#Gl&@0O@)4rCYgDj5qnp7W7chpfW?L@2bAiKQf9<Ps({c@Pg
z`6Us8?#1&}6(ehS!7|gcC$9xG%rhG(-^A%SUT)n~S3M<J=&BH9Ff~k04_A%1RkpIn
zGhFtOW_lykGPe6W4u)&(h>X?f1WPO|!Z3f<`rNvU4>H{gJ}>{^DM39E3ZGg5{OA{7
znbtHKMflR>O>g%ygN!79^=9JSpO(G0(+Pxkxkz-kMszgvGc$9bqxS|sPRzUPClmsI
z=j&^ni}uGWYncyIV_->y_iY?|G#aNYX~X(;l2&tiMj2^|PnSyU3y`;m%S}pbF4ah&
z1oT*#QPat&hJZINKQq)#h?_LB+Pna>mn}E$p>#Y<mX9FrFZYT|(OTd+wT#rdf}|e}
ziy^#@0a&|9FFNX`%l!>U=n>}KRe^W=rT5PXq0Me%V^}A&;A59!et{hWb#?k)N^d(|
z{jzPNy*p;P%j)KJE8ETIo;SSAfl=w}?v*53L$+ltGeTi<UbG}|m)jS=q6V41!s2Ee
z7TLi#4rLXtu~S+OWpIaSe}7c*!N>GuXlg+}8IajrIi{^E=~a$StMemnwWkZ1DQyOi
z`l)o$LVlm!omNtAJwar+TbX)V53n?BB;P%O(K2Ls?ENBvHuq5=(`~LoP2b?dA5JSX
zE5R^7Z{2x!j?JJ~hUHid1nTjAe=%Vf<r-X&&%|%Gcmqe3v?Z&mfx|AiJ-G4g!ucfO
zn0Tk<X_f|n&DqvzkYV&Ac7XHzjp?NTr;~gA`xOdSZy-Wtg6J)?6t4*28CGCCL~qq>
zL|fG0eM@vI%N5Ju&ua4Wp3h@X`HshbSW9QNv5{awJiy2dU;Js7B*Oy{O8>eUwp3kW
zATrD1w9r@NMOD4#bG*c1(FvaSy3{K<cJ<zxJd0#EZ}L?5w?XaDjg@}fP?qRzYnofW
zcNwX!CQ5n#$Myn$^@Mx2zo3OI<sq{Q)a2@@qW}a1xyS=m7}5cOjPMuQPAzHLsI;_@
z&*F94I5BeLd*3-q^?rDF4~W42{VZ`dSDNp-hhE5CJ#FHNP9S_0PE1ZPnt>>=ZYkt4
zZ)f!M_A;5zBnedc^DK>(V3D_&2EV20EqjYAZAE#4oBuoir%cGlnuePz1GjFvt@&@W
zKYbk`$BR70CL9K<r3+TEBR|wM2XcF>KfK~zLJa8dOy%SW`<io}GH(C=J`N-4`{#)D
zTT=y7Y$a3ZN?;nO;!jAgx#BR8g-+T=Ok8`Hw=D2{|7PPyB$_Bf(yE6wf!lwuT<aSp
zedT?bI1o6$x4A)ytMug*D=f#hDiyK$dw8PFROD0$FO@*n{yZ-O)O}htbhPq%MJsit
zMEAmr&yy+Rc|Chi|3IDPC}oO>ckR6J-b_iF(~&=;BgPy->!Gzqc!7O#3iWS1H2JGq
zN<kA?xf@%8tlT#6o+Tn|DleZ#une9UAT|T$Z*xl`m29xmYUzJJ1Ko@%4Qh2<O3PM&
zs;q_V7e1_~_O}<|Q3zgXc_hZ?c<Y{ktL-=ZsD)oih+m1b8LS;ehGnsd{iTQskX#9%
zv?l)T2L{ql{%3xpM5-q1JrO+}WkzkSQ$=;Y40-*Oepal8@?#?GVDc>JjdlC+_XPjB
zdffP9`y`He*(>df?TBQ?MQ~z$6doYL3Af|^1t-?@!;h5E(kQxTE16G>Ik<LJVXYuE
zCR0QJsei?Nsm)A0;C7$m$(Z8@9}Ui(x%xc6Q{NR`YP}x{8?7#lvcrW5C4zlQRh&lO
zb+0tbb<NiT*?TZzm7ClTa@_W2G)JxTvIxgSO1h*2*!gaJP!up>m9PPPCye9>ZKBy?
zit*M=8gC8_cLl=|?*X+Au*CHJk=?>b3b#xmhXKoS6F3Rr>x*K=0=TG~ZO@k{5xnp0
z@QttSaaiGc7i!l}4zDIo`48il47_J|C`#m;5Z5}I@EAJmN7tSCAJ+v88){;;H}*R)
z>-C7Un87#^@5DeI``n;(3GfChTsbw_bV2!{eMO276M{mCTW2*K8_7Ptk-JK1wjN~q
z^c_tZYoU+7N#Ua3E!)Doc0WVq{qpmAuzcu4=y12U*<d7*PK~o=cTjwye1E1vC3w`K
zzeH7oW%~eDy%}irzg$w!4nGX>%%!sWkxUMP@R{ysg4X*Hfo0yhD>vPV$9EUq`05iC
z_VKVm634N{O?PyDnkYTKKhVDtmgn|1c!nBfpyS|!-!)QP4qJi(jix@tlnoN=r0$$Z
z=2uA~(ecLz#_Q#y*;H&bVFyGyU;iIs>CSn}td+f>v9T4mC^ue81dolflWojT(B@nO
znMxBuKgYm{_F|uAMZOg3>Q6D^RspeU#m2VW4wdcB^u_VD>AC#H6<hMCakC87*e8(v
zSNbrbayv%@y^yG`)E2+{FSWc-iLKrFgLl3$@TA1NOJ>llCrZzriu;;$wt%HBeQ8Eg
zv;+`ov{9u}gw(sL3{Jiic<Ulf)M{^5?}}CO_dM8JUVby<O;D*w<STrwH_|Kc6nnU_
zfjENZsbAgq`o87%C7OK(-2Iu)%14vh(u(?rIu3Ln&=c?SPkH;E!^+}*wUAk|19F1T
zy)MJG_?2!dtaO-J%A?h**1$>40)Y@Euv)#$jOtH4qq=+7L6&FMw0DA2+-7ZFE-zZd
z<O_y(P3G(3qP85OF~x$0`rJEaMc8j?tQ4-GAsLwJo%z=Vf?q7~TMR}#I3S;~VR(xk
zpo4{~(daXy9?qC~);dp)wT|pmg(hj9@bIeKxx?zJQ=-!9uF8;qOd~o*7l(FCkmnc>
z#Hd)MPEZKJ;E}cGVSN^*?4=01UdN@kFSk=iT?-0BU)sVtg?h{=GyK-?x0v~A5V!rj
zrl)I%>bz=mugfnj3Yff&<}i<$QROTLO6F;7;x)iRRdDFda{6)teT}u8G;=kl_2*k{
z9|9Z8%jW`#3V{7Q6v$T7gq<J(VFbp~zr=~iV|$hOAfI(jOqjhD<MxpUoWS60np4XY
zN<*nRi*IM!Y@L~A2A<U3P&gjxsPqL(|AHVog9BEwA_DRA?gaPS{`E5Yv>LBJ3H04p
z`C@9H$$&o^H?iC?+Bb&f8g8$Mr2gc$fJd7Ki7^!PS(r-je70ynwYTy+5nxd3;)a6Q
zSU;W}%(G{V@fcBhFx@#`IoswRz#7=L909gHtH8S`s+w447$NK;H$36ijabks5)p&t
znLP4Oo|1QkgO<ERqI?Y$E2X7u+G-nN%vye2U!(=!uh!I>E#u9XFW-4n=Un-izOo3M
z)h*09{L4Tg?RSu12$czTq41;RlDvU?SIEC!jZv5*#<yODm#A9E<uysI7mROmt$PLx
zZtfYq>}xz|5`Gnwh4hr+O#-$z6?4wk=D*C(xgz2m!b{XD_}+s;>GpI{|4z5b-M#^k
zhpc;x$LGg>x~dhtANwWoOhGK1c_s+o;ap>Q0{7RP@AjMzoa9JSr67TIQ+8cY!)$Sc
zXuj3OQU4`exZ9f>+ra#hRv#A<cS0d{oF6gQc4u=4S`W~r2ynyqu*+6y7$9xYXNHkq
zk0`2sW&zRlim(<}VEvL=&n6uJWf|jtK5MtQr9UwgDT~F~S(dy=X!Hg<ArJ@FwmI(S
zOI&4vE_g61)%n3whFkd(z5?icSpyE$9OM1?>kg)b<IY)TK+$#?dcd$H{+3dX2J*8a
z!L7q<mlrfyt5BuOWgB!$h-|gr8>my@r7D*@pUM?6yFrww)=wM!em&7tfiz$Gx~Ifa
zz01V8Lqm==kdqTg)w-hI5!I$*cjhhMwv}oNX^Q|*xuf^kx4o@$M5p_K{@inqI6)1i
zjS*#~OISyOTz~uhRp~WXy`^c9T7_M8E1zk}kWNd9ots;4^aUgBRvs<DcQbt*CZcBI
z*gY(>gQJp0Fhf2>Q}OLPQGgCeXWr4s4S4UY+9<fH)k&%^G(B*(m@3Q%r&$B)2YnBC
zkVCY`z4ru0R_eUh9@;MhPwBj+rzVV$uZ<rsDALR*=O=Mvidg?IN~KKSfZX(#*f_l=
zGnc9^?<e$uo{X~(wX^+Bu&4@AuRda&ur29S(ehb<nAUU42)=i<*Bsocs1%MAa&5c_
zJ!r`J86OF7CVSJJ<#Ow569x#|`16s2HG%!g{4%!gl+G|8PwmR_jwnkjv#QzDlJxaU
zgIZ-VhJ@q!W*>llnl18P&M`geItcjRvN4C}NGK-Vj`rJCMpYkAZws**b+&^Syb5$`
ziCPb6rl^reYM-u}r)H$$nxVZh$6Rj*w{gkfbpvG_ml=~f3w#LoU-GoCb9U#;O{j1~
z?5dBW4%Ll<&ur+Qr7dR=I59rbE}hTX>a}H{#Z~v2TNYt45JFysYw_h%-TuwqTE*!x
zk<}IxCw;lXprh&)&A~FY{K)cZ%uaNNoJd8aYZ~kEob2Xn-)kk7enR-W7(M@?Bagd~
z0CbNu^yy6%OEB*^WfcuGJftj%t}TSot!O~&$MU5HM#M*q;Jzbx*?tk*(py&c3k{B4
z*e7YlYM54g+M!CPU`U7UuzOWvCZ7Drul;y})>o`zZ13G^`3h{b25at7Pd<Lv?*OqT
zCUu?CTgKS{_zsa@)g-$Z{M@kWU+$3WAekJ8w}OIFj(pwOoYeA=`CI)k&@g6+l37pF
z=s$YX{8zdLu81a@gUwA&P0vcks__o|q9N&}Oz+WM`hDjhnt9zzaVk+IO!(xJ+V+6H
zy-Nm^6P$1FuKZ1(;R-bu7{e{q!ssCwJv}9rGJ^}~zip+VM$%VkyM?J*^Glz$5-|cG
zdqpk@$Jr<^w=`afV?TIU@UwZZnjV1wHPBYR9#-m}s`M3`^W5L%mPHYH%Gi-|lg=C<
zG2`Iz>;lZu^qPD6PPa3R<!{((*c0~66U@Q2QW%3w-8<0>^3s9Y7o%pk^9FbLv`7zU
z1+7<qJr-?G^|djxLhqw2-HG%QI%DlhZmIcfDcFEn)c^7_e(<F6sb+V*Q>XuMX~3{@
zsNlA%!z@Ez2Fk6^%1=*ECoeGSG?bTrCN18=O#)vpko>of2<1P>sabR%qzG8FJU1s3
zKT~*(*``&rV8NX%5>!sV_%wft?+w^LC;r%)Ui1Fu{P_y`i;}AH<BGG+@=&tGCkeRc
z-=(gW^`;Vi4QD$4er%n@vuEQ}(qTv<pZvs*M0qZgGbCM{?@R*5!WSwouv`2B`kQw^
zHS+JRqe|7HR)dRG$e&x57QNY++tEWdNnTvF%JU|bU^hpc-U-zoZ;hYO{*zkxMJj*u
z#9dnUM=cG6x2{dQzCY~vgd_zyIV{Jkq$#&;98ZgxRo=^c%W_?VFq_(D#YgBCC2Hxo
zA37U})crBia40Y~3MzVWB-Hd{s(`ZeWqDFSp1AF$GJanAal!W_^QhQXTq$$SOzprZ
zz8;#*$nEWo@B9`+OVf*ky!PU`k7+9KB4JOK_l8-MEgrDr#86?n;n4ss#TWI4!4doR
z_&R<@pPgM;cGEr+h`v1iz0JDQdzzAa#Ql;Gpl)7i=n+{B%E|{VzTCbe0|yf==Iqyy
zdq#oU!Fz8_rcu~iv@6{zw<P_GA;or52vTb~XpiWTxnaFvKsphLKAF`vn8HmlkK!9i
zes4N-Udqdy@?23u;tIvIDed4}ANpZ5jfCoMi|ORARHpZ6zX?UhUuE4`H8d3QrskZk
z#V3Gv-m{x8AlN~JtS-4~aj6JoLW^P$wa>&qM{Kh*zGq)p3j%%Ledx0!-d;FpN$_p7
zm>%%Y92E%hARYx<sY}?XmykOW`iX1@_4;GQl9V|AqJ^;Rbc<yn?N%$Bl=d^s@`JEn
z4J2q8G6RIAKpp4+*+1u7c8zmAS}`bXxmc(#thN{?P2sUkOot%)okg;&@uldHE#3;|
z9sB1XP*iYU|NqD8l-<5Q0~sHLZCj?mTHZGwJ#p}MKtvMVx6|2x`&+r@hxR<U@6`w^
z(`L7a*9B-bK)&}|Ys_@tEt~&c*i8|k3Zy8%{Y3{!l!$IE*^ZpF21JB^XztAzF&>s&
zMiX`>^Qk^wDWU?B(*$^DNUsJ3o^?5SGf+@n^Aeq;WKp?l6D>{nUJv6($FswrgfSS2
zCb#%{Dq&dj+RN21w4NyW6(yDhW?9p*Bwu)hQh&saW!~gx$D@F&Rd~oz;b;0iea@(~
z=6BqXu(ci~#tTI#uYpCpFXG7@o4>dpE-^<5Bfc*ICBu&J`?VjO13H!&4E!<?uitlU
z(1@G^eG5{5eUbpFFISuQVZ-(i7VV;%X9pNhgTa4L;)tUXYy7VeAcGed6v{lWl*6X&
zPXv8Zx(baJ9R(_?D)o{K|EjIVX$63)%SP+%AuAo^`@^pg%2+@cX;9jB?<KzC3CM5F
z03}Z)XjA@;ut$0G!~Lyli7rpW)!L5;@-E{YSX&zeC~!{{X>pz+0kP-?ApMH97`}k{
zr49ExcJx+?Id*-RZ=JkLWMDwrQF^-DZ{M27%`m#6GN4m%GHI4bSi@yB=LXSbH(c!g
z(Vh@M*#DrxO(RT$Cg%Z(YTTn*6Ht=c7GDl>wk>JjM2n<~T5t5l^bE8eHtvPHJ?s{h
zrDBE&p=$ry*xE|%v?|gn<Bbc>3otEvxGglCILX&byx%T)R#{Uoc_@_sqx_9k+|q|z
zg!!K!#{e7mt@d2<fRV)gBK3l=9yBS9K4znVna2gi2kb{LaRn^YFcPw$Onh?Nz%0B9
zb&qmLHu^3=XuBE8l=+TQt{CUA?E$J*aylZULg{n%MQv2e&{JxzUZVpBGu>o|Jks6?
zQ!2Iux`kP8v(b!vhyEhBGLlxZ-}ATNvQ!bXD2J?pWMgabD;(y(L09(vB^n>lD$eHT
z&f~5!loqWg^8jtBm|oII9y_-H(eTyDdM;2B%+n<h^|}M>Vdn}Fq>4%hl)~~HEoZ6{
z2!eY+8@Ulo=FqoN#{7G86BBll%jW@AGwz^(xp~R37MDVxi5eaoeH~K(Vb-kdx3%9I
zN(qi?{!gm2kbiE9!5$;4=VyY+8}IYgP&Cwz-k?c*K4m^miVw&~v2UL!zVPw4f=fUi
z6Rx2mi^=OUeh}mL8Yi9E2_q|F6;Q15=gxc^Mv<4!3|r!&D}gKudd&aP=%|xA--bBA
zBp5wPXqFW-h38-YG*qqp#8f}cTmnpp!k-UHF(H<-LTcXu8u*Abb$d2aM&>?posht~
z5s}L!Iw>hB|BX{1OOXuYes6rfy}gai8r+E|G*pZ?P)12)?b0Z!M+hgTg}1vjY4`JA
zg&XnN)LIU%v@5Vfnqt-&o%5PzNu?L+o!5(1#svQa1??B8ED*Lnr9J$?R$#{=2_`GW
zyXJm!#e6N<n$+$e90FE0W8vW7ebCG9@tb`Kq);DXBV`NvN+?opF8daHbd#Epo5ih4
z!|g@88h9(^2GzB)J;VA;GT>sz4mz;a{(*d7x9#O+1X1g9-+);e4~`;^(&F&^yI3Dx
z;?}Gg=rtVYq|R=B0*wdD2DSV)@WU$%Nofo6xe~wPrRq~^<9b1^IuHZ%e3RHNtqBOo
z-3^P!ys0~6izyLWT7K_cTg(o=1GlbtY?@$L{GKI6iwY0-+u;f7uLSRA){;Q!fjZ|u
zn|j%2G1^a@tit3_z$}cYL?qrU;H3a7+t-6Q>*i!H;qgk~1<ffapB&S2^UPY!ZaZVR
zS=I#!^jf@E8f%b4%#2d(`>24_o{Y}CelQW#>kOLbQDVaXb(*fzOUcBkC0t`Wy!^OR
z7TMp}-m~{ju@@<SwKHz(U?^yEsT=U`{p)oNEbZ%c%dA2P4c=^eI!u@~KZ)4G+QCOM
zl<ZBp&66F;U5Xw{fP>7jKA&YaXqh2m@QVIBO!kIppE(;7_9QF!jfn!yg9pBY=Ru$P
zGZ}>LsB0e(Pw`qdN+Js`bWOPvBeY$;7JtaI*w7H+S=##Jz}Il+=NhW~kLhT>o$Xkm
zraY6oM{}gh2>_%O-_Is?Ci6;%SmzFPtu9GwHma`4@DURL>}A`lJ8<{84=lY#{1y5!
zrO^Ab;A{Y;K?33QP3zSlf<0)XVz-kG9$)4%LkOiuacz{ihdQ3+(ayMe`FLH_M4WYs
zUF2(D@T&MCI?+R$#m>7VNaut#6GOJ;c0-OZYsbvpTU~O}Jb1qj@?jJ~|9*SYnm(h#
ztF5DS6=Tdz@R|VGi6u)9dAi90zvYWJHTZgXK_bREw58jo&AhnGwR}UX;|p#z)jWap
zhUy|>&ZP^@H#3zrea!9voDu#B9Wx*(^qcR<--=}v&5p~XQ{Wr^pdtq*KG|2bXE9D4
z)JtBCSxsL$F8KxRo+l8s${3rPfic>=3>n@`G==W7y0xv8t13q}i`Yj@m1eSDrjPdn
z#l`L8JDP+RVWY~jDcy-{^R_K6h%wm%X(@x}r@t4AXR21w@adMR&a!6tE6SK^3iTud
zcO4xZNL1O_{wBfqrRsx;;>00cIFvfiaj_9`5Ig+bZb8(|8b75KQUnxyHp5P$S0Xk!
z*Gcpo7kCQ|q%xaxLOv8}P1o2B6X2lM!t#a}xg-8%@Up@e&!Cc&i{iQYb|R>@Ch#mD
z54CwURhFZnx328z*sAXPE8Zw@n5XXZH>b;_DQ$Uu=hpzde_Q5Lvk-QiHdSCl3wF2B
zovhIxCLjj}wkRfDRf$s0I-F3d<^}3V<i525yZ+c5eRJaLgq49+A@lfc*2{Nhu!_)F
zpAL!)<0rs9*RxJ6nS(LZx30_KH9^XlFp`2S#5^9$^sxwPS}+Op)N6Xf&!x!&uW6r(
zOIMX1n1^xnBjRdY0+C`fto1=K{#XRcT^j&YoaxG~rLWj`wc>6^zf@k9B@uJ(4D-RN
zv9e=_iyRpsQR|ApXN*P7@Y8Z8S=t(xz{-}^u)f707SWHtq`E$?0>yhUZrsOjRga}(
zTW9r-%enI_xT#!yZh23qdlC5c1LaPx3n0R%9HISyN>*Uk2(7SEOVQhUtP;i2saD%Q
z*nh1cGK2Q+iIG=ZFXoB6T~E$u<YvUSkOj&;+!Ct@!*53H@NNDC9tld~4H+w3kt+1k
zm6OCO8*Y*p7_iSau0}|C<6)HiEzve48jVXI!z$uCh!@LPmRjH~KFobRoQ8(RPZ1S#
zlvsJ!q}~B0quIPKeLDD`MRm$8CXj*q#xl=yzeJF)_kU?=jBUj?*wZ7F?A)9Ys*68h
z1&mNfsM-#5+j;%m3R9TN<U;Tb_w@2*>u;@c+WM~_6+9swmG!nx{p0L8KAnY?_IE5g
zt&oOl`$bJb*MHOk0s_uS1^72VzC}Ps$p9^XYB;zhJgArmO1^#w6n&gpq+`6D1ni5L
zozcdYzzO?p=}WeS@pQ3T4XR6{r=s6mGz|+L+psJ~GubJG+~Y-kZe$}!8?E<h#QghI
zmWm$Bfi?f^VC6if4b@Y$??PGQ=M&mz?i5rOEoSPqfgT~n3_*>HgGHtg3isq{>uhJ2
zj<L?#OcyWa7$T_t`Z)k<xRc)2Gn{vWCEm8&x0?3ixwtI&Kf}(^t8>`G5Um*J$tCdv
zXrNAa!>GlBcYerJN0e#tf&&4easu6AD%W$r?jNtnSle`KY<dQIhgH;e30BdYLW!9g
zHNVBxBpE>)Y+Dsa0a3FI{$iuWE)f@=lf*p+m`*WE)Zj7M4xr2rnox(*mLjXZv?R@G
zi6+acnJp4lp4JO+2@y11VyQ<h<TV8w9gjH)>go0<pC%LvZLL65F_S1HdrfFI$+&km
zj-LIs;`PY}I`veadD`(g@NhuWQJREn0Xbm<Vt{pXQbjC5K7l1+vvnsgEyw%v5CkMP
zdd}B)Y-e6OrURWC0=uVVymrx#NCyyQ$Lx=t((Mt<{y3*m!7!dSU0&2TN<IiFq4m?~
zxco2#9kFY2E>h^{e^N`0bQu+y?PHBG8>Anrb2NG*3h~hAw0Iib=>{}y$xLmZOr&sI
zMtXvaG)ux0qR2|~HfW6Zz-2Rcem=hgskUF&OrK!31Fka05BnV@C4qvSCGmmE7kTpJ
z`Ohng1woDqA@E_m45g>!A<%$EjCTq2s>D}~2r3*)QojEh*e~I=TaZ5#W(??LCkoV<
zPMfwfy+?|ve=}&J_6cgIDvn&^NTQ&Srak^&fOkMY-b{eD9BFB-D&F*$Jwr@bor!h!
z`e~(|*zz{nD&aGrze_e!VC!`QAeJ2Xp7>N1Xjq6|g5Dm0?#^ei5hDNrU^4BEOh{nW
z8UVzLn|GHmK1$xl7NnSf@~zv;BS((5!|9?VPs;wS{{`TBUlyt?qhg>}z2a=eNOg*?
zPczzWP#;YXoO!R!F-t{+WRLp6{Wf7S2^7^1Eyeg{BLf?R%}42;2IW5hT*9M|4cMo6
z%PgN6?IXJhlO2f*tDBq{IvG;dhsM29?wPxyvQ`$L@rFA;Z{DMOaSM=4#7!4zrO9=&
z3p}s5I9#^H$cn};kd3BxHUqdp;y77fZIMkr{u%jDd-fMhF+a|!nT1tN3V&W}1pbr%
z!fcK>81&XYrB&4H%*sR~7{<#Q05o60)c-Y~j>O4O`Ali|l{F*6sAqx7oC|^NO0%cM
zdZH6{0sr?+egflu3znTKA~J4^@M%VNpF)oDm%g?@v#e9JJr2I%uS#Xqk6OoX14r}N
zSGWLUaty-l7QVvi#>1(^R{rhLV^Fo+ZzdV>3W{oq#13g_8884HW(72!7`{N$5vUWF
zPg{e3`gz5igmLz~T#D>XZE!-sllLy=hZ+N4uwlD&7qR`CGvmW_oPQd(-7v&blkiCI
z3-U8<%(9+Sdi=FodekIpiqQ94a5Rc=5yUP6gnZz?xOq;VQtn*5*orJUg$O;FfYGCC
zo>5c#-^DHv23il2PvS>sZpQwlWE#5-+pUL0;h?0@?L{BY0IgKsIe-4hMnhIS)^Sh0
z8PSWOc&Zg&KSo))ef~eaocTZ0U;D?AELmpkgl6n9r0iM7nk`!@Mo}1B_DF`tAcm1;
z?Aan3lqE(A6<H?hN20}6_B|m>cJ4Eu`-l7S{Rh5&^UM33Iq&nn&UIeb^?KsApq17y
zGzmP2BvyBNe-?`l%2IY1bCbNhNznd~#|zT5tJ0;eePEdE0ST_d<!<isp4WvUJrO)f
zv;Rwg$KJ)5qpV5SxXVpms1sb#-te1jLTaBqUvp;qq62wr+*|*qZte#dfm)xi*r3px
z*y@@?q`58pi;{jByYsMN9KFr^lw_W^yy~TtVJ3?OW$EEjk&<Y?*sK58&#HcMcKr^m
zMADpT6-^C;_LRqqCW|2S_ArTfxr+vVTr!2&pBc-)A6x}p8Rc0QebB$2XRLBfh#(|~
z8Oh!qH!q#X<99@YKaq9*s&L5n)Sb-s1-VsWUbCKxW>49(=+&!z7;^nRbeGg;eH*hH
zcIOZQFEYH<hr{cG*WgQ&Z#(^Sf0`nfr^yR<xLo>zNhzj{VW7x6wzmGU+m<K{(}i5Q
zB1C!EsYW=N!Vm=QQSr~>^MG5}6yz~MrmXoSrJ3@>|DZNfd<t=$YD=Mu#j)F<Pk%ef
z?yJ;$)U7g&Jti#S(Uddy!!oBxhPz^!zkR&o^ypr^0hvGLStQCwidO0+M0@v4_1x~F
z?ZAd?oX87MwZt)M`IJ}I<Vo5z<uhzHoB#&SWJWUlie}(chVH?`64CW}$D7GpQ=77(
zjlU_=wl@_kg(R>A55C4{RDFNcHxWxxJ9n|8n_4WcQg!Ay(fLc4l&r%U4En|=t;>S-
zJJ=>^At2L?nx-utin%!<67+@jDHuhZj8QATX=Ua35W|7${R_3NEqic593w>^w|!aN
z61p7aZ;i5TIb!pWz#do2BH~=NobLNrfB>qur~drJ0)d;SOShsSa6U(noTKXJTX6tP
zvL77;<sSz<{xBIAM>k+8H5I#HceqsI{X<`JDav%`2<>UQ8Gs<hSh7FovPLa~{`tg;
zS0Nj2)0O&^Pngxlts3WqIo1e{));w;ADSR8sIC&b%f3@;02A6X-Dz<`$iH8E*kIo#
zxhNs6a<<s=47+pK@!_`QK>(;pCuH0%w~^~(tB!j-&F%T%Ib_hd`*i~-so}LWn>|Uu
z$rdvcr1<@WKeNmAR!bVqI-|ygm&WSG8lFGv3v-a+^K-HlSXs}N##uwzmrk|jsM(z#
zqoE%#KOq73QX;sQ5w*$|-oI{NLCS_;4@E*Hb`6pfRzX|nj{hrMw@UTtlL0$;qRmw|
zI5Y%We);h^!x3p1S@FhY5wtI+CXs(Jwu6t0btNNdRr9!@Q#=A8!N98hXK}uC<$Cdb
zZ^R^Hf;Q}&VEr3d($X$%uyJZUaT}h=_jAmqJFadqh0^C@h5JYwXB4Am<xJ#ToG7^3
z3OR#DUmz>hnTNtk<*X<B_`tYE#53*Yit_UEZXX+WMt`wcPQp$&l@)U0QbXH*rC`_^
zlSxS?tzLOiC{V#y&aE@gQHtBMk<YE=F3LSLS!iYr#dG2~HNNyHIB3s_-#2Tns?j3M
zW-MPnVyT~2sK!Vfh~JkPks{w8;(ul0@vJR|?F+P8#SyPY?A4X6a)H(Q!kpD!dolx8
zS^*8_kLJ=W_qkc1d`1QA<i~+e3Nidj+Ef;^g<-y}9ouMVx+A?HQk7ee9inhEPk*~7
z9U(7wTi`c5)3#<XUVETsU;pYIi39E+{2=6s=aQlCBlVur!AxxezTgO)4l^(AHOlpJ
z+2=F}fsP?*Ax_ghX?pFGRY{rz{J1)DueiAQyK+DC_-UD5{*%B(&kbR#TFJTgcxNK7
z;%hpNNoO6HEmOgP-3{!>cs7Szk_(kWaF+^FVJj3r_<7mIyi}bc7D<0^`W&<H%ooJk
zz-f*96@Laq10<vSwChMNt1-z(KY0N!;wFji6Cd%teqO4Ge$4Yxx8|^Eqd(qXpABws
z)%5lDDhF7Yn3$N^8Fh_8Hea(cg4sY5@fhRVTEOfQd8JJ6gGIh(gDe9ZhoT4;*Iu)p
zvD`LZw`ij;age-)(j-}OZK~HN2ayOOn5n62+`;(>$gXWl2JzP{P-o2eoq*${0C;}(
z<4P=Db)hiaPT_oRTr#Hml=7!~OW_oq3qSBQ!-1b)7IF7>+iLIA>kJw>08T?N{;aaV
z=TPQ0XkXAh&)=mbeHes|*5laeu-VM&wUqlpcBQ&e3~sGStjfzaF-Hy@Yg8T#Uu|mM
zpx5$~&ZWZN`e$TV#H+q^du{ppxoz+cbd2=%^*siu;Lp8>+;ufutB-W>h#qTsDQ)hy
zbohh>GIaNp=&H^^XppnNL#($xOk^5k0@aEpCbX3$2$IWet5%AcddrzGfUAME^e;ZA
z_+4yJqFwBdl@}Af?S|>W(N-bfZb?y{-X>MOZLs8>lCr^p#P6W|X(ov&ooYZ!jG=#v
z%q00>W*_A+w1BZ35l2a}3+|ut?g06KrTtmud-xtudwYs5#Z&XtIYU`VI^c+ef)!+p
z^lWwwZQyS#D%1H3)t)J$_>J4)pjv)n>(V<KcP3l$3PDTPUR*EFB(LWxd%4|~?tQ_8
z0X&uQ6DX(dN4FAwmHeJv=qD7IJ7k19Z_A$6%2%!LY4_^iV3-=Rox#6y?cvQ<@yQuJ
zu>f+od%wQ-VpajG<^cGS$Ndb_P-kYMDrf{Ga)y3fnjg&C*A`=LiK-gx9a;~Y^w^?r
zEI-Sklc;r?^rSseP!Iv*GY2nzociJuJx+D&kIpaPiYNx(gd0l1foIpy60dA&aG8J{
zDU_CX_~+Cq<_@1%d0_%BPk@d3wBHlZev_M}k;6@^P2~)6^>RPPXBf})8o1<lO8V0<
z#eV?u+{@^UsS>Hp(Ab$4V%HbqHBbfTI@9v^Yv4>G%4hVAvJKLeI(-8$eM=>Mt4y&C
z$HMkst#(%wtF6d3<O9V?@w1dqY}at9n)MA`s^l1BUEN6XdVG9*vEO*pK%qWk;MvQ-
z&CEx2Gm8k+1UwYQ<uLD}8}tsm4MuK|Uqp9`V6bB;O`OBn%ICuD{nKGwRr6`nCzSwc
zKx}bAx8hn-)<4)fPMq6cFT3)G;zz~{dCU<7W^}$eLCMwnE1fqMrl6YIhmx4mBOEkL
zoVO=aPSK|64CPcnw2R-c>5kpNc9-apv6>yN4&i{Z<SIJhUWA|<nG!+<s+5U@;8r`@
zU-u^K+;$Ha<A`r6+UDlrS=5!yW&f;s7l2)0eBO(P(6`E`!$qa;9~w4i3(3gvdHsYC
z1+<s)Shuf(=xJnmM}UXQfcZF0SDpo>jpvj98x*Db1@4;B${-_^mPU4}WF#y2(Bn(B
zOm`+1<I}&<OGoP)e)^DpUED>!9T6Aag-j@6B<ra_6`re`?g)I%#wkgRc8!DCwg2*&
zHqu_umDRTTs?ZJW)m3Ow89MgeR~$JnY9P5)ayQ>7WoqtWWlWGYVw><xT$V0~%`o~h
zfg6%J+B1FHKZFl8hcaY4;h1}v&YyQB%)h^DY;p%wkoHSleZpY+JX*a~xo^}Nu$O51
z1W1hTV12SAX*(pigRLrdt`$JmP9bfOxl6Cy`!X$_sAor^ls&($-AI_TrSFDXvD{{i
zs$x<@uFoD$Mdh$o4?WSpg<3wS3*;Ocj46IzJ=^nG5K&-&eWKzsB6N*QCB)>kx7?*C
z>4sI{jDGg1JG#v9Oiqzj1?La!vM?vnJG>~iZs24OxTR-Bp;&lj)h57UT{PAZSn56A
z<bYz1;NW`>_M<ac?y6~h4yKEApL8ogUE#D{Dd>oGOEs8223GoFaF3pwN}ub^jeRe1
zqwyM8wt}TIpSKZo=a_U>eh~2QqeyLIlt(-Wv-j{BAws^ng9KLC)E9hc??g!9w)EBn
zn%oJ@V)b1OU;xwYmM#DfblnW|?HM33JtsW_@HJyGdU()Z_0RJxEG&sE)KurB)`ud4
zv#yQjB@)%u@Yk=iXyYe-l~Y~1I)4GwMP)>jlijyULPCO(b{4f~pIiifLFa#u7Nr8w
zWP19~GjVamW3BB`kiXY0S0-aGsX7KN4tzxIEET6kvzu<%0^Cvvqvw_)gx0vgd>Ft=
zvh;m?AJ=Uz^tVBAs8&6fTSOO&`1Cc!Qu)^s0x>iJ?1RFht53&mYn?8qi99&EV@>}9
z_;7>ujgMb4k)X8p3Vd=mT#o*Xe|j;}DI+~uS{*g8{LOUd&UdF9KbQ4sOc)(tb!PX%
zEWWFEHSA}W^8#<<{}xFvf+jNzeC_^PvjFp8jylQN^0j&`EzIOH6TDxB5((^`LQfaP
zs800e)&lMDCRvBKUxhkFf3!}<!hG!&|L?<MXaws$_MqCnxs<^xtq?mYd@cACM1J#E
zW{N^tXzyX|RZ~KkDnGvs@;Yh8;eQDPBp%V;r%cg&v>isb!`9kHjhxD|IdNH``oD^(
zFg%?IYPe^5$y@pFe_7y%L$3OHH~^d;@R>rvnNFNY5>&N_VHcL^)7(g~58L{7rr_w}
zKFK6)CYsB_xIV8Q0quwq+E^VTKWm5(TOjQWiT%T{a-l;AUE~#@R*pN|`wNkho(J?6
zIV0hq^pH`|*HT&tPmO-CJ9u`ogI2Q+VxDzgcLm&b)$)&aQ>3q!bOM(I*Ey*|Qw(OO
z_KQW@{>r<)dRj>_Y2@FtT<-HgwoDE`+9*gZDDXRWObwVqb~};7kN3yte&`$@9j0x%
zg_(<kP|7<UNn8XV2;vV=v7=I66dlQBz74ayT%VT!)kFT(U%$7Dk`3Eq4|<Sq0rP-@
zCD=RO9d>=3U66hq#P~qZb-)2S-**Hk9H~^M2NqfZuWwob6+?w%W8jdiXN4i{)l9W<
z2N)_?N4gKWUvcqH2tdbVjV4ifMj-GcjEHtl{H_~U`91+V-Z8p3MG%|$W_w%NMkB6G
zbMV%KO6<;LYzgiduwiCr(kwI0b5*)Z3ve>W8`{TWKy)kF1Xj=)n36~Gd!R3sAnTdd
zg+xNTsPYWc6`|wx#~(U7Q^XLISby5|ARwOfES46Wn|~6VFKbt0fIQkkU;IPiLQip(
zkBaU`-?swPq@Y<quPJZQ;JsfEe$<c`_~~LvLGwIS?s@6(E@v=o|94$0sbjqP0Vso(
z9Ff<Ylnuhp&ad~#tIpbo%x0|DeK_p>DxE_4c-D~$(C8dLJ_>$ygB0e=i>tkGxgtMa
zzG>)3c8}Ve6uJo{P5~czY&(H<POg6~@*hT4emL+NCsWBX?dScMf__!jWhw`P#t^Eg
zba8LtSr5+W{qgwWO7J>xSLTc#0$k4H<HPaejHxMSDzm2;+^_<=Bpzq|F&tm}O)Uw}
zow;p31~zV8GfPd_S_|VW5SEo_E8vF!)iMAD&P{D^0^f^RV7#6C!0gjwN~5>);dozr
zBTaXYTJe^9C)^tAFaLHyG>zygPYMAtR}O6$mFi<0hxLBHO+|aqx6L$DbegD|MluJ?
zNcLBf)w}tE@TOY7@iFL0`WBv0>V7oOh6?)3J}dGC2&+sYa?co$q}-O+8#Xi~HH}Xw
zOkBh^zktMsgR8Lfxo^n7Luj^h<Jb-JYuM_&<TwUEzzL<rrbvYTUA}X4sg047m;p#e
z;rwP}VcQOhcOAf0yTrn*Y4f(ya#lq0u%tzv#|pt!6fHUzarKp3uUYuZ8?U=-6Kmkb
zAgjw|hMz`m&VD%BlGk@Lb4lRn{Fm!;VKp!?P|k3o#ctuUq;R{$bcD(WP|CGQwE%A}
z?EESIQGN(ij)BIo9Zl4dv@bcsQUEm9+zWpIfv5|3vwbB`wVz9CNCT}DF`uY7mUiTH
z-YO;A|3W%}zdPgv=*iqB^i!nK|Gtpm7M317N&<xdZO*C<B5s|ut@D1UE~rS{^a@la
zwU59d7TqK5`{D5ZhN^KY@d=R-*?Y&NLYNcA(w9PY#4^pj8TD1XU=2SxMmr3|=^ku^
zX3uy>f&ltxTt(LryN1<FkNjwnjq=6*1HB43V!ItKQN^(z4c`L9QR3Ehq!l0U27qw*
zRD=>B*^h`BCWPV#O4w#rtleG5Y!&aJwFozZHYuB%<fE+Qe1P;(=*>FcwmBX&=-_@1
z8W$s6{~3pKcCfC~SgF@f&a5^T!AhDEGU!tpx4z%Beqmkwd<S~M9k_5yD#j1yR3+bN
zt-5nMvVP2YD!>R837ZtJm;`MN{a+(ZqId*-0!DgGWi#=s3G*Idtuy9N;6uD}H~4pb
z!O7&N5Zo54UK8r{acN;|cE3!twbX(iX2xsbysU<})6Tf+hP8$*tzhHdOyAo0Z3M!4
z>Kb_jIAhTPXj*5si_v}b6SDhckC8V%UKK(W5}hfK+M?)>l<{OFe1po2O4gVmej{=Z
zJij8Qc*U_7PU{$wT8+!TCaTSutJ}*MS4%6shC70#>f|?b#u&gM#taPv6%8&93OlXd
z96);QF2Cwa2x1>r)P+v41i0uW#6Vz57^fB|4t2_6x-eS->i0b+Hs`{FN7i6_{(uL`
z2HVg%CW*IE==+_od_fvB*0|BpYLt%gOtu9=dFTn643n=$Xhy|Ay9bSe{B7H@NJ{I>
zvbc>Es&137T*}5pT#{FuN0LskmH17n^Fo4#jh)#{#kvPt7MmBWkbmB@sOvfp2NGd6
zBW+U^wDdLQc>DOMAjLoLZo6qbk6_FIkWl48%nrb-h7Ttkd-nllOo0x5(}k--xPrBI
z%c(6!;7)YpB4)`^V4VXUro%6*L1raC7r_G$l>iGrV)zfKxh%#J9(K>IlPA?hn(c};
za!;E?TPO;98ms4dpvna)XC!e5YGnmHSKYg?6?uNAI_rJ)LlNH0bu*b-t~h)^pZYJ^
zD9&gGT3vgTqh=qHA(a8axkN|q=Y8*;q_LvbuvAw5&nuqE6LG+$+VYha!FgFZwW4Tp
zT5>T$&?j^f&&S$ORDhoR0wGsNp?vEn8NOHot>S_cOLDOXgzFELlJ~{e;<cV<EyplZ
z>LWaa3qBwa0OMj(;7!x`K-|8e*UpBf&nCp3I6#F>vPHFU$X&=sZ!x2ZjY96Jj4bX^
z%Dl)5n)-XffK5~JeL>2o#<{31xtVZR37c?gtV5Od4TvCBu7Eoivmh{9kzo9Z)U{2i
zYb&z@FaW@DoQSy<I$$CtuqdYB#P-VR(QI40T%0-J2q~WJ7ky$9387h!)Y(l&m8}OO
zIVHIWk06O%bn&o;lL2tu)?`-k?pT_Ti*fEdRzC=zLl|LFE{T_nbMp?FY*<V40!-~1
z%-B6B-jo!$Mkk)~&O_0KDJ}w}^UK$t?xKI|j~R>guj%q7{rLRMegv==*<b|G8&glx
z<IN^EnGs6eiFo1PG%QQM#3dcOiyA8yP_I*lTwJc^DhS(2okp7FcV6T_!G0e#SK-}V
z<tZD3w&Rs`knHK4Nr0(hofGZ4(Pj#hHGH$l_hqpQs_lU;tvT-Bj9Z!LdO9}&fYRnn
z$P5R1Q%&{0?%(AUN4Q!Id*6BX;m_`LFBfjzmalgWyd{B!H1;XL5KTpiD#q<8x4QY_
zf}%1w`y{zmDKZpmb3^CX5ygfM2v4c-4r|117)d}@B|mba+Y(7$V=i-epJq@HVnW{Q
zsnjl-Y}=o%w5)h5rSQgiiy6T=V%<+k>C|}k8ozzvrOck8P&Ru*w_ONk(Xw}65u`rq
zr>Q{XbS9lmOsR-Oiob+g##3J0!O!AonD+fW5&(11Cp3fFTldPJS$iFz^`F3@-S|MC
z!SG>u<y9(8`6(+%{)Acog?P9ygGbs8^pBYR%S}#S3u65*j9CI~0(TQ5FU5aZ%vP;~
z7oPr`M`lu`FA3qw-fPrH0dh|Vl?8H^&W;Kh&b(Kva+L~ZrVeo8|80O{nA^LWX>MY9
R6%F_^xnyDRQqS?>e*lpyD-8eu

literal 0
HcmV?d00001

diff --git a/docs/userguide/networking/images/overlay_network.svg b/docs/userguide/networking/images/overlay_network.svg
new file mode 100644
index 00000000..f53de124
--- /dev/null
+++ b/docs/userguide/networking/images/overlay_network.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="380.00000000000006" height="310.6999969482422"><style xmlns="http://www.w3.org/1999/xhtml"></style><defs/><g transform="translate(0,0)"><g><rect fill="#ffffff" stroke="none" x="0" y="0" width="380.00000000000006" height="310.6999969482422"/></g><g transform="translate(0,0) matrix(1,0,0,1,75,98.51999694824218)"><g><g transform="translate(0,0) scale(0.6084739830463705,0.6000000000000001)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="matrix(1,0,0,1,54,162)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24.80000114440918" y="12">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33.60000228881836" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46.400001525878906" y="12">t</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,170,135.51999694824218)"><g><g transform="translate(0,0) scale(0.6084739830463705,0.6000000000000001)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="matrix(1,0,0,1,149,199)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24.80000114440918" y="12">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33.60000228881836" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46.400001525878906" y="12">t</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,271,104.35999694824216)"><g><g transform="translate(0,0) scale(0.6084739830463705,0.6000000000000001)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="matrix(1,0,0,1,250,168)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="74" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="24.662500381469727" y="0" width="26" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="24.80000114440918" y="12">H</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33.60000228881836" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46.400001525878906" y="12">t</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,165,8.18899694824222)"><g><g transform="translate(0,0) scale(0.4877347541024086,0.4893104486600422) translate(1.204592e-14,0)"><g><g><path fill="#02709F" stroke="#FFFFFF" d="M 99.554 18.074 C 99.554 28.302 77.168 36.592 49.552 36.592 C 21.939 36.592 -0.443 28.302 -0.443 18.074 L -0.443 60.746 C -0.443 70.972 21.943 79.262 49.559 79.262 C 77.171 79.262 99.557 70.969 99.557 60.746 L 99.557 18.074 L 99.554 18.074 Z" stroke-miterlimit="10" stroke-width="1.2853"/></g><g><path fill="#02709F" stroke="#FFFFFF" d="M 49.559 -0.442 C 77.171 -0.442 99.557 7.848 99.557 18.075 C 99.557 28.303 77.171 36.593 49.559 36.593 C 21.943 36.593 -0.443 28.303 -0.443 18.075 C -0.443 7.848 21.943 -0.442 49.559 -0.442 Z" stroke-miterlimit="10" stroke-width="1.2853"/></g></g></g></g></g><g transform="matrix(1,0,0,1,144,49)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="88" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="88" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="2.3125" y="0" width="85" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="2.4000000953674316" y="12">K</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="10.40000057220459" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="16.80000114440918" y="12">y</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="23.200000762939453" y="12">-</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27.200000762939453" y="12">v</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="32.79999923706055" y="12">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="12">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="42.400001525878906" y="12">u</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="48.79999923706055" y="12">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59.20000076293945" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64.80000305175781" y="12">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="12">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="75.20000457763672" y="12">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="79.20000457763672" y="12">e</text></g></g><g transform="matrix(1,0,0,1,184.88673770512042,42.68899694824222)"><g transform="translate(0,0)"><g transform="translate(-222,-30.199996948242188) translate(37.113262294879576,-12.489000000000033) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 189.38673770512042 47.18899694824222 M 189.38673770512042 47.18899694824222 L 191.1356239827703 48.15925299065982 M 191.1356239827703 48.15925299065982 M 192.8845102604202 49.129509033077426 L 194.6333965380701 50.09976507549503 M 194.6333965380701 50.09976507549503 M 196.38228281571998 51.07002111791263 L 198.13116909336986 52.040277160330234 M 198.13116909336986 52.040277160330234 M 199.88005537101978 53.01053320274784 L 201.6289416486697 53.98078924516544 M 201.6289416486697 53.98078924516544 M 203.37782792631958 54.95104528758304 L 205.1267142039695 55.921301330000645 M 205.1267142039695 55.921301330000645 M 206.87560048161941 56.89155737241825 L 208.6244867592693 57.86181341483585 M 208.6244867592693 57.86181341483585 M 210.37337303691922 58.83206945725345 L 212.12225931456913 59.802325499671056 M 212.12225931456913 59.802325499671056 M 213.87114559221902 60.77258154208866 L 215.6200318698689 61.74283758450626 M 215.6200318698689 61.74283758450626 M 217.36891814751883 62.713093626923865 L 219.11780442516874 63.68334966934147 M 219.11780442516874 63.68334966934147 M 220.86669070281863 64.65360571175907 L 222.61557698046855 65.62386175417667 M 222.61557698046855 65.62386175417667 M 224.36446325811846 66.59411779659428 L 226.11334953576835 67.56437383901188 M 226.11334953576835 67.56437383901188 M 227.86223581341824 68.53462988142948 L 229.61112209106813 69.50488592384708 M 229.61112209106813 69.50488592384708 M 231.360008368718 70.47514196626469 L 233.10889464636793 71.44539800868229 M 233.10889464636793 71.44539800868229 M 234.85778092401785 72.41565405109989 L 236.60666720166773 73.3859100935175 M 236.60666720166773 73.3859100935175 M 238.35555347931765 74.3561661359351 L 240.10443975696757 75.3264221783527 M 240.10443975696757 75.3264221783527 M 241.85332603461745 76.2966782207703 L 243.60221231226734 77.2669342631879 M 243.60221231226734 77.2669342631879 M 245.35109858991723 78.23719030560551 L 247.09998486756714 79.20744634802311 M 247.09998486756714 79.20744634802311 M 248.84887114521706 80.17770239044071 L 250.59775742286695 81.14795843285832 M 250.59775742286695 81.14795843285832 M 252.34664370051684 82.11821447527592 L 254.09552997816675 83.08847051769352 M 254.09552997816675 83.08847051769352 M 255.84441625581667 84.05872656011113 L 257.59330253346656 85.02898260252873 M 257.59330253346656 85.02898260252873 M 259.34218881111644 85.99923864494633 L 261.09107508876633 86.96949468736393 M 261.09107508876633 86.96949468736393 M 262.8399613664162 87.93975072978154 L 264.5888476440661 88.91000677219914 M 264.5888476440661 88.91000677219914 M 266.337733921716 89.88026281461674 L 268.0866201993659 90.85051885703434 M 268.0866201993659 90.85051885703434 M 269.83550647701577 91.82077489945195 L 271.58439275466566 92.79103094186955 M 271.58439275466566 92.79103094186955 M 273.33327903231555 93.76128698428715 L 275.08216530996543 94.73154302670476 M 275.08216530996543 94.73154302670476 M 276.8310515876153 95.70179906912236 L 278.5799378652652 96.67205511153996 M 278.5799378652652 96.67205511153996 M 280.3288241429151 97.64231115395755 L 282.077710420565 98.61256719637514 M 282.077710420565 98.61256719637514 M 283.82659669821487 99.58282323879273 L 285.57548297586476 100.55307928121032 M 285.57548297586476 100.55307928121032 M 287.32436925351465 101.5233353236279 L 289.07325553116453 102.4935913660455 M 289.07325553116453 102.4935913660455 M 290.8221418088144 103.46384740846308 L 292.4374511336982 104.35999694824216" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,184.88673770512042,42.68899694824222)"><g transform="translate(0,0)"><g transform="translate(-192,-42.19999694824219) translate(7.113262294879576,-0.48900000000003274) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 189.38673770512042 47.18899694824222 M 189.38673770512042 47.18899694824222 L 189.4331576707298 49.18845817237057 M 189.4331576707298 49.18845817237057 M 189.47957763633917 51.18791939649891 L 189.52599760194855 53.18738062062726 M 189.52599760194855 53.18738062062726 M 189.57241756755792 55.186841844755605 L 189.6188375331673 57.18630306888395 M 189.6188375331673 57.18630306888395 M 189.66525749877667 59.1857642930123 L 189.71167746438604 61.185225517140644 M 189.71167746438604 61.185225517140644 M 189.75809742999542 63.18468674126899 L 189.80451739560476 65.18414796539734 M 189.80451739560476 65.18414796539734 M 189.85093736121414 67.1836091895257 L 189.89735732682348 69.18307041365405 M 189.89735732682348 69.18307041365405 M 189.94377729243286 71.1825316377824 L 189.9901972580422 73.18199286191076 M 189.9901972580422 73.18199286191076 M 190.03661722365158 75.18145408603911 L 190.08303718926092 77.18091531016746 M 190.08303718926092 77.18091531016746 M 190.1294571548703 79.18037653429582 L 190.17587712047964 81.17983775842417 M 190.17587712047964 81.17983775842417 M 190.22229708608901 83.17929898255252 L 190.26871705169836 85.17876020668088 M 190.26871705169836 85.17876020668088 M 190.31513701730773 87.17822143080923 L 190.36155698291708 89.17768265493757 M 190.36155698291708 89.17768265493757 M 190.40797694852645 91.17714387906592 L 190.4543969141358 93.17660510319428 M 190.4543969141358 93.17660510319428 M 190.50081687974517 95.17606632732262 L 190.54723684535452 97.17552755145097 M 190.54723684535452 97.17552755145097 M 190.5936568109639 99.17498877557932 L 190.64007677657324 101.17444999970768 M 190.64007677657324 101.17444999970768 M 190.6864967421826 103.17391122383603 L 190.73291670779196 105.17337244796437 M 190.73291670779196 105.17337244796437 M 190.77933667340133 107.17283367209271 L 190.82575663901068 109.17229489622106 M 190.82575663901068 109.17229489622106 M 190.87217660462005 111.17175612034941 L 190.9185965702294 113.17121734447777 M 190.9185965702294 113.17121734447777 M 190.96501653583877 115.17067856860612 L 191.01143650144812 117.17013979273447 M 191.01143650144812 117.17013979273447 M 191.0578564670575 119.16960101686283 L 191.10427643266684 121.16906224099117 M 191.10427643266684 121.16906224099117 M 191.1506963982762 123.1685234651195 L 191.19711636388556 125.16798468924786 M 191.19711636388556 125.16798468924786 M 191.24353632949493 127.16744591337621 L 191.28995629510428 129.16690713750455 M 191.28995629510428 129.16690713750455 M 191.33637626071365 131.1663683616329 L 191.382796226323 133.16582958576123 M 191.382796226323 133.16582958576123 M 191.42921619193237 135.16529080988957 L 191.4374511336982 135.51999694824218" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,91.9374511336982,42.68899694824222)"><g transform="translate(0,0)"><g transform="translate(-187,-47.19999694824219) translate(95.0625488663018,4.510999999999967) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 189.38673770512042 47.18899694824222 M 189.38673770512042 47.18899694824222 L 187.63596995202016 48.15585385322055 M 187.63596995202016 48.15585385322055 M 185.8852021989199 49.12271075819888 L 184.13443444581964 50.089567663177206 M 184.13443444581964 50.089567663177206 M 182.38366669271937 51.056424568155535 L 180.6328989396191 52.02328147313386 M 180.6328989396191 52.02328147313386 M 178.88213118651885 52.99013837811219 L 177.13136343341858 53.95699528309052 M 177.13136343341858 53.95699528309052 M 175.38059568031832 54.92385218806885 L 173.62982792721806 55.89070909304718 M 173.62982792721806 55.89070909304718 M 171.8790601741178 56.85756599802551 L 170.12829242101753 57.824422903003835 M 170.12829242101753 57.824422903003835 M 168.37752466791727 58.791279807982164 L 166.626756914817 59.75813671296049 M 166.626756914817 59.75813671296049 M 164.87598916171675 60.72499361793883 L 163.12522140861648 61.691850522917164 M 163.12522140861648 61.691850522917164 M 161.37445365551622 62.65870742789549 L 159.62368590241596 63.62556433287383 M 159.62368590241596 63.62556433287383 M 157.8729181493157 64.59242123785216 L 156.12215039621543 65.5592781428305 M 156.12215039621543 65.5592781428305 M 154.37138264311517 66.52613504780882 L 152.6206148900149 67.49299195278715 M 152.6206148900149 67.49299195278715 M 150.86984713691464 68.45984885776548 L 149.11907938381438 69.42670576274381 M 149.11907938381438 69.42670576274381 M 147.36831163071412 70.39356266772214 L 145.61754387761385 71.36041957270047 M 145.61754387761385 71.36041957270047 M 143.8667761245136 72.3272764776788 L 142.11600837141333 73.29413338265712 M 142.11600837141333 73.29413338265712 M 140.36524061831307 74.26099028763545 L 138.6144728652128 75.22784719261378 M 138.6144728652128 75.22784719261378 M 136.86370511211254 76.19470409759211 L 135.11293735901228 77.16156100257044 M 135.11293735901228 77.16156100257044 M 133.36216960591202 78.12841790754877 L 131.61140185281175 79.09527481252711 M 131.61140185281175 79.09527481252711 M 129.8606340997115 80.06213171750545 L 128.10986634661123 81.0289886224838 M 128.10986634661123 81.0289886224838 M 126.35909859351098 81.99584552746214 L 124.60833084041073 82.96270243244047 M 124.60833084041073 82.96270243244047 M 122.85756308731048 83.9295593374188 L 121.10679533421023 84.89641624239714 M 121.10679533421023 84.89641624239714 M 119.35602758110998 85.86327314737547 L 117.60525982800974 86.8301300523538 M 117.60525982800974 86.8301300523538 M 115.85449207490949 87.79698695733214 L 114.10372432180924 88.76384386231047 M 114.10372432180924 88.76384386231047 M 112.35295656870899 89.7307007672888 L 110.60218881560874 90.69755767226712 M 110.60218881560874 90.69755767226712 M 108.85142106250849 91.66441457724547 L 107.10065330940824 92.6312714822238 M 107.10065330940824 92.6312714822238 M 105.349885556308 93.59812838720212 L 103.59911780320775 94.56498529218045 M 103.59911780320775 94.56498529218045 M 101.8483500501075 95.5318421971588 L 100.09758229700725 96.49869910213712 M 100.09758229700725 96.49869910213712 M 98.346814543907 97.46555600711545 L 96.59604679080675 98.4324129120938 M 96.59604679080675 98.4324129120938" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,274,122.3854006442422) scale(0.35227944162413477,0.45039275046220717) translate(-0.4429050300735753,-0.7077644040000006)"><g transform="translate(0,0) scale(1,1)"><g><g transform="translate(-604,-7)"><g><g transform="translate(604,7.071429)"><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 3.756617 15.69689 L 9.798454 15.69689 L 9.798454 21.56925 L 3.756617 21.56925 L 3.756617 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 11.1692 15.69689 L 17.21104 15.69689 L 17.21104 21.56925 L 11.1692 21.56925 L 11.1692 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 11.1692 8.167081 L 17.21104 8.167081 L 17.21104 14.03944 L 11.1692 14.03944 L 11.1692 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 18.58083 15.69689 L 24.62267 15.69689 L 24.62267 21.56925 L 18.58083 21.56925 L 18.58083 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 18.58083 8.167081 L 24.62267 8.167081 L 24.62267 14.03944 L 18.58083 14.03944 L 18.58083 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 15.69689 L 32.03525 15.69689 L 32.03525 21.56925 L 25.99341 21.56925 L 25.99341 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 8.167081 L 32.03525 8.167081 L 32.03525 14.03944 L 25.99341 14.03944 L 25.99341 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 33.40504 15.69689 L 39.44688 15.69689 L 39.44688 21.56925 L 33.40504 21.56925 L 33.40504 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 0.6363354 L 32.03525 0.6363354 L 32.03525 6.508696 L 25.99341 6.508696 L 25.99341 0.6363354 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 12.19391 30.04752 C 11.26506 30.04752 10.50971 30.78168 10.50971 31.68447 C 10.50971 32.58634 11.26506 33.31957 12.19391 33.31957 C 13.1218 33.31957 13.87715 32.58634 13.87715 31.68447 C 13.87715 30.78168 13.1218 30.04752 12.19391 30.04752" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 58.90479 18.73416 C 56.87647 17.59658 54.17619 17.44099 51.87563 18.09876 C 51.5919 15.72205 49.98534 13.63789 48.07492 12.14534 L 47.3167 11.55279 L 46.67925 12.26832 C 45.40053 13.70683 45.01902 16.09752 45.19348 17.93478 C 45.32192 19.28571 45.75807 20.65621 46.61407 21.74068 C 45.96416 22.12081 45.22511 22.42267 44.56753 22.63975 C 43.22746 23.08043 41.77331 23.32547 40.35847 23.32547 L 0.6134818 23.32547 L 0.5281695 24.21615 C 0.2434756 27.18727 0.6623686 30.16211 1.925758 32.87702 L 2.470223 33.95404 L 2.531571 34.05466 C 6.269017 40.22329 12.83135 42.82174 19.98417 42.82174 C 33.82968 42.82174 45.24907 36.81056 50.49338 24.11366 C 53.99886 24.29161 57.58389 23.28447 59.29876 20.03106 L 59.73683 19.20093 L 58.90479 18.73416 L 58.90479 18.73416 Z M 12.19391 34.79068 C 10.43111 34.79068 8.997093 33.39689 8.997093 31.68447 C 8.997093 29.97112 10.43111 28.57733 12.19391 28.57733 C 13.95671 28.57733 15.39072 29.97112 15.39072 31.68447 C 15.39072 33.39689 13.95671 34.79068 12.19391 34.79068 L 12.19391 34.79068 Z" stroke-miterlimit="10"/></g></g></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,173.00000000000003,155.3854006442422) scale(0.35227944162413477,0.45039275046220717) translate(-0.4429050300735753,-0.7077644040000006)"><g transform="translate(0,0) scale(1,1)"><g><g transform="translate(-604,-7)"><g><g transform="translate(604,7.071429)"><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 3.756617 15.69689 L 9.798454 15.69689 L 9.798454 21.56925 L 3.756617 21.56925 L 3.756617 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 11.1692 15.69689 L 17.21104 15.69689 L 17.21104 21.56925 L 11.1692 21.56925 L 11.1692 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 11.1692 8.167081 L 17.21104 8.167081 L 17.21104 14.03944 L 11.1692 14.03944 L 11.1692 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 18.58083 15.69689 L 24.62267 15.69689 L 24.62267 21.56925 L 18.58083 21.56925 L 18.58083 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 18.58083 8.167081 L 24.62267 8.167081 L 24.62267 14.03944 L 18.58083 14.03944 L 18.58083 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 15.69689 L 32.03525 15.69689 L 32.03525 21.56925 L 25.99341 21.56925 L 25.99341 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 8.167081 L 32.03525 8.167081 L 32.03525 14.03944 L 25.99341 14.03944 L 25.99341 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 33.40504 15.69689 L 39.44688 15.69689 L 39.44688 21.56925 L 33.40504 21.56925 L 33.40504 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 0.6363354 L 32.03525 0.6363354 L 32.03525 6.508696 L 25.99341 6.508696 L 25.99341 0.6363354 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 12.19391 30.04752 C 11.26506 30.04752 10.50971 30.78168 10.50971 31.68447 C 10.50971 32.58634 11.26506 33.31957 12.19391 33.31957 C 13.1218 33.31957 13.87715 32.58634 13.87715 31.68447 C 13.87715 30.78168 13.1218 30.04752 12.19391 30.04752" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 58.90479 18.73416 C 56.87647 17.59658 54.17619 17.44099 51.87563 18.09876 C 51.5919 15.72205 49.98534 13.63789 48.07492 12.14534 L 47.3167 11.55279 L 46.67925 12.26832 C 45.40053 13.70683 45.01902 16.09752 45.19348 17.93478 C 45.32192 19.28571 45.75807 20.65621 46.61407 21.74068 C 45.96416 22.12081 45.22511 22.42267 44.56753 22.63975 C 43.22746 23.08043 41.77331 23.32547 40.35847 23.32547 L 0.6134818 23.32547 L 0.5281695 24.21615 C 0.2434756 27.18727 0.6623686 30.16211 1.925758 32.87702 L 2.470223 33.95404 L 2.531571 34.05466 C 6.269017 40.22329 12.83135 42.82174 19.98417 42.82174 C 33.82968 42.82174 45.24907 36.81056 50.49338 24.11366 C 53.99886 24.29161 57.58389 23.28447 59.29876 20.03106 L 59.73683 19.20093 L 58.90479 18.73416 L 58.90479 18.73416 Z M 12.19391 34.79068 C 10.43111 34.79068 8.997093 33.39689 8.997093 31.68447 C 8.997093 29.97112 10.43111 28.57733 12.19391 28.57733 C 13.95671 28.57733 15.39072 29.97112 15.39072 31.68447 C 15.39072 33.39689 13.95671 34.79068 12.19391 34.79068 L 12.19391 34.79068 Z" stroke-miterlimit="10"/></g></g></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,78,118.3854006442422) scale(0.35227944162413477,0.45039275046220717) translate(-0.4429050300735753,-0.7077644040000006)"><g transform="translate(0,0) scale(1,1)"><g><g transform="translate(-604,-7)"><g><g transform="translate(604,7.071429)"><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 3.756617 15.69689 L 9.798454 15.69689 L 9.798454 21.56925 L 3.756617 21.56925 L 3.756617 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 11.1692 15.69689 L 17.21104 15.69689 L 17.21104 21.56925 L 11.1692 21.56925 L 11.1692 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 11.1692 8.167081 L 17.21104 8.167081 L 17.21104 14.03944 L 11.1692 14.03944 L 11.1692 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 18.58083 15.69689 L 24.62267 15.69689 L 24.62267 21.56925 L 18.58083 21.56925 L 18.58083 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 18.58083 8.167081 L 24.62267 8.167081 L 24.62267 14.03944 L 18.58083 14.03944 L 18.58083 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 15.69689 L 32.03525 15.69689 L 32.03525 21.56925 L 25.99341 21.56925 L 25.99341 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 8.167081 L 32.03525 8.167081 L 32.03525 14.03944 L 25.99341 14.03944 L 25.99341 8.167081 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 33.40504 15.69689 L 39.44688 15.69689 L 39.44688 21.56925 L 33.40504 21.56925 L 33.40504 15.69689 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 25.99341 0.6363354 L 32.03525 0.6363354 L 32.03525 6.508696 L 25.99341 6.508696 L 25.99341 0.6363354 Z" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 12.19391 30.04752 C 11.26506 30.04752 10.50971 30.78168 10.50971 31.68447 C 10.50971 32.58634 11.26506 33.31957 12.19391 33.31957 C 13.1218 33.31957 13.87715 32.58634 13.87715 31.68447 C 13.87715 30.78168 13.1218 30.04752 12.19391 30.04752" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rbga(0,0,0,0)" d="M 58.90479 18.73416 C 56.87647 17.59658 54.17619 17.44099 51.87563 18.09876 C 51.5919 15.72205 49.98534 13.63789 48.07492 12.14534 L 47.3167 11.55279 L 46.67925 12.26832 C 45.40053 13.70683 45.01902 16.09752 45.19348 17.93478 C 45.32192 19.28571 45.75807 20.65621 46.61407 21.74068 C 45.96416 22.12081 45.22511 22.42267 44.56753 22.63975 C 43.22746 23.08043 41.77331 23.32547 40.35847 23.32547 L 0.6134818 23.32547 L 0.5281695 24.21615 C 0.2434756 27.18727 0.6623686 30.16211 1.925758 32.87702 L 2.470223 33.95404 L 2.531571 34.05466 C 6.269017 40.22329 12.83135 42.82174 19.98417 42.82174 C 33.82968 42.82174 45.24907 36.81056 50.49338 24.11366 C 53.99886 24.29161 57.58389 23.28447 59.29876 20.03106 L 59.73683 19.20093 L 58.90479 18.73416 L 58.90479 18.73416 Z M 12.19391 34.79068 C 10.43111 34.79068 8.997093 33.39689 8.997093 31.68447 C 8.997093 29.97112 10.43111 28.57733 12.19391 28.57733 C 13.95671 28.57733 15.39072 29.97112 15.39072 31.68447 C 15.39072 33.39689 13.95671 34.79068 12.19391 34.79068 L 12.19391 34.79068 Z" stroke-miterlimit="10"/></g></g></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(-1,1.2246467991473532e-16,-1.2246467991473532e-16,-1,360.00000000000006,262.00000000000375)"><g><g transform="translate(0,0) scale(4.814285714285714,4.113636363636363)"><g><g><g><path fill="#929292" stroke="rgb(0,0,0)" d="M 58.97 19.094 C 58.977 18.895 59 18.7 59 18.5 C 59 8.283 50.717 0 40.5 0 C 33.11 0 26.751 4.344 23.787 10.607 C 22.275 9.593 20.458 9 18.5 9 C 13.5 9 9.41 12.866 9.037 17.771 C 3.778 19.616 0 24.61 0 30.5 C 0 37.787 5.778 43.71 13 43.975 L 13 44 L 58 44 L 58 43.975 C 64.671 43.71 70 38.235 70 31.5 C 70 25.095 65.18 19.822 58.97 19.094 Z M 58 41.975 L 58 42 L 13 42 L 13 41.975 C 6.883 41.711 2 36.683 2 30.5 C 2 24.994 5.872 20.398 11.039 19.271 C 11.013 19.017 11 18.76 11 18.5 C 11 14.357 14.358 11 18.5 11 C 21.017 11 23.239 12.244 24.6 14.146 C 26.512 7.15 32.897 2 40.5 2 C 49.613 2 57 9.388 57 18.5 C 57 19.353 56.914 20.183 56.79 21 L 58 21 L 58 21.025 C 63.565 21.288 68 25.87 68 31.5 C 68 37.13 63.565 41.712 58 41.975 Z" stroke-opacity="0" stroke-miterlimit="10"/></g></g></g></g></g></g><g transform="matrix(1,0,0,1,66,279)"><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="243" height="24" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="243" height="12" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="6.275000095367432" y="-0.800000011920929" width="231" height="14" fill-opacity="0"/></g></g><g><g><rect fill="rgb(0,0,0)" stroke="none" x="6.275000095367432" y="-0.800000011920929" width="231" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="6.400000095367432" y="10.199999988079071">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="13.600000381469727" y="10.199999988079071">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="20.80000114440918" y="10.199999988079071">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="28" y="10.199999988079071">k</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="35.20000076293945" y="10.199999988079071">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="42.400001525878906" y="10.199999988079071">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="56.79999923706055" y="10.199999988079071">n</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="64" y="10.199999988079071">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="71.20000457763672" y="10.199999988079071">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="78.4000015258789" y="10.199999988079071">w</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="85.5999984741211" y="10.199999988079071">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="92.80000305175781" y="10.199999988079071">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="100" y="10.199999988079071">k</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="114.4000015258789" y="10.199999988079071">c</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="121.5999984741211" y="10.199999988079071">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="128.8000030517578" y="10.199999988079071">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="136" y="10.199999988079071">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="143.1999969482422" y="10.199999988079071">t</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="150.40000915527344" y="10.199999988079071">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="164.8000030517578" y="10.199999988079071">-</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="172" y="10.199999988079071">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="186.40000915527344" y="10.199999988079071">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="193.60000610351562" y="10.199999988079071">v</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="200.8000030517578" y="10.199999988079071">e</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="208" y="10.199999988079071">r</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="215.1999969482422" y="10.199999988079071">l</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="222.40000915527344" y="10.199999988079071">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Courier" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="12px" x="229.60000610351562" y="10.199999988079071">y</text></g></g><g transform="matrix(1,0,0,1,199.5,189.6999969482422)"><image width="71" height="117" preserveAspectRatio="none" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEcAAAB1CAYAAAAcAvy5AAAD+UlEQVR4Xu3cwVXcMBAG4Bkf9pIDbAVABSEVBCpIqAD2guwTpAJIBSEn21yWVBA6CKkgpIJQAodc4GDlTSInilkva60tWdLsifeWB7vfG41/yZYQ+NUqgGzTLsA4S6qDcVbFmc/nm4+PjydSymmapqexD7n/KifP8+0kSX4AwP1kMtmZzWb3MQM9GVZFUVwj4hsAeC+EOGccTSDP870kSb5IKe/SNN1hnIZAURS3iPiyqqpZlmVXsQItvFrleX6UJMk89uppvZSXZXkHAFtVVe1nWXYTY/Usw6FmfCalvEnTdJ9xNAGVeah6Nqqq2smyjH6O6rU0IZdlSc34EAA+CSGOopIBgKU4WiiEyWQyjS0UPju3ijkUPotTh0KaUgghpjENrWdxCCPWULgSTqyhcCUcqp4YQ2EXnOhC4co4MYbClXHU0IoqFHbCiS0UdsJRl/VoVgo748QUCjvjqN5D6zuvQ18pNMKJJRQa4cQSCtfBoZt+H0JeKTTG0UMhIr46Pj6+DW3GboyjLusXiHgS6krhWjh6KAxxnXktnMaUIrjbx2vj6KEwtIcP1sYJORT2ghNqKOwFRw+FAHAghLgO4bLeJ05wobA3nBBDYW84IYbCXnFCC4W94oQWCnvHCSkU9o4TUigcBCeUUDgITiihcEgc70PhYDghhMLBcNTQ+v3wga8rhYPi+B4KB8XRQ6GU8qNv25QGx7m8vNyVUn7zcZvS4Dh6KASAd0KIC1/WemzhvAWAz75tNLGC07h97M02JWs42pTCm40m1nAazxR6sU3JGo6PodAqjm+h0CqOb6HQOo5PodA6jk+h0BWOF6HQCY4vodAZjg+h0BmOD6HQGY4PodApzthDoVOcsYdC5zhjPtDIOU4jFI7qidRR4KxyoBFVmO3zNEaB0xYKtQPWjhCRztOwekzWaHDqUAgAt1VVHSDiGSLSNGNTLchbH3KjwVHV8xMAXrTcnYgTh6oGEQ8Rca/tto2LE6CcVQ71k4eHBzqb5xQRtxehSCkB8c9HjAZHNVran7XVRNFBosQhEFU5N3TkXg2kYzTRXGx4czas6i9fFEW9oe2vxyIkIYT1z2r9Hy7qLeoyTvfQN9oacrQ4BKIW3mlDyZM+RO9HjaP1oSt1cKw+zL6nabpr++mMUQyr5pcuy7J+XK5+66sQojUDDYU2Shz6smoySsOM+hDjNCuAZuKISKeu0ElzXDmLhgg1axeb+kc7rIbqI13+LuMs0WIcxukymP79LlcOVw5XjpkAV46ZG/ccrhyuHDMBrhwzN+45XDlcOWYCXDlmbtxzuHK4cswEuHLM3LjncOVw5ZgJcOWYuXHP4crhyjET4Moxc+Oes8TtFyeveZS8c0xfAAAAAElFTkSuQmCC" transform="translate(0,0)"/></g></g></svg>
\ No newline at end of file
diff --git a/docs/userguide/networking/images/working.gliffy b/docs/userguide/networking/images/working.gliffy
new file mode 100644
index 00000000..5831a460
--- /dev/null
+++ b/docs/userguide/networking/images/working.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#ffffff","width":376,"height":241,"nodeIndex":152,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":1,"y":5.1999969482421875},"max":{"x":375.38636363636374,"y":240.14285409109937}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":85.0,"y":50.0,"rotation":0.0,"id":150,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":60,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":134,"py":0.5,"px":1.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[3.1159999999999997,6.359996948242184],[180.558,6.359996948242184],[180.558,67.0],[180.0,67.0]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":196.0,"y":100.69999694824219,"rotation":0.0,"id":140,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":56,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\"><br /></span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":15.0,"y":5.1999969482421875,"rotation":0.0,"id":134,"width":73.116,"height":102.32,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":54,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":53.0,"y":57.19999694824219,"rotation":0.0,"id":136,"width":119.0,"height":45.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":55,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":134,"py":0.5,"px":1.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[35.116,-0.8400000000000034],[89.0,-0.8400000000000034],[89.0,57.0]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":5.0,"y":116.19999694824219,"rotation":0.0,"id":142,"width":78.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":57,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">Docker Host</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":113.38636363636374,"y":116.14285409109937,"rotation":0.0,"id":129,"width":262.0,"height":124.0,"uid":"com.gliffy.shape.iphone.iphone_ios7.icons_glyphs.glyph_cloud","order":0,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.iphone.iphone_ios7.icons_glyphs.glyph_cloud","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#929292","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":15.386363636363683,"y":113.14285409109937,"rotation":0.0,"id":146,"width":233.0,"height":127.0,"uid":"com.gliffy.shape.iphone.iphone_ios7.icons_glyphs.glyph_cloud","order":1,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.iphone.iphone_ios7.icons_glyphs.glyph_cloud","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#929292","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":106.0,"y":175.96785409109907,"rotation":0.0,"id":114,"width":150.0,"height":54.732142857143145,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":18,"lockAspectRatio":false,"lockShape":false,"children":[{"x":44.0,"y":2.7321428571431454,"rotation":0.0,"id":95,"width":62.0,"height":33.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":6,"lockAspectRatio":false,"lockShape":false,"children":[{"x":29.139999999999997,"y":2.94642857142857,"rotation":0.0,"id":96,"width":3.719999999999998,"height":27.107142857142843,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":15,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":99,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":99,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.8600000000000136,-1.1785714285714448],[1.8600000000000136,28.285714285714278]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":51.46,"y":2.94642857142857,"rotation":0.0,"id":97,"width":1.2156862745098034,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":12,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-1.4193795664340882,-1.178571428571729],[-1.4193795664340882,28.28571428571442]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":9.919999999999993,"y":1.3749999999999987,"rotation":0.0,"id":98,"width":1.239999999999999,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":9,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.0393795664339223,0.3928571428572809],[2.0393795664339223,29.85714285714272]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":1.7678571428571417,"rotation":0.0,"id":99,"width":62.0,"height":29.46428571428572,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":4,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":40.732142857143145,"rotation":0.0,"id":112,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":17,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">container2</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":217.0,"y":177.96785409109907,"rotation":0.0,"id":115,"width":150.0,"height":54.732142857143145,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":35,"lockAspectRatio":false,"lockShape":false,"children":[{"x":44.0,"y":2.7321428571431454,"rotation":0.0,"id":116,"width":62.0,"height":33.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":23,"lockAspectRatio":false,"lockShape":false,"children":[{"x":29.139999999999997,"y":2.94642857142857,"rotation":0.0,"id":117,"width":3.719999999999998,"height":27.107142857142843,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":32,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":120,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":120,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.8600000000000136,-1.1785714285714448],[1.8600000000000136,28.285714285714278]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":51.46,"y":2.94642857142857,"rotation":0.0,"id":118,"width":1.2156862745098034,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":29,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-1.4193795664340882,-1.178571428571729],[-1.4193795664340882,28.28571428571442]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":9.919999999999993,"y":1.3749999999999987,"rotation":0.0,"id":119,"width":1.239999999999999,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":26,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.0393795664339223,0.3928571428572809],[2.0393795664339223,29.85714285714272]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":1.7678571428571417,"rotation":0.0,"id":120,"width":62.0,"height":29.46428571428572,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":21,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":40.732142857143145,"rotation":0.0,"id":121,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":34,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">container3</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":-1.0,"y":175.96785409109907,"rotation":0.0,"id":122,"width":150.0,"height":54.732142857143145,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":52,"lockAspectRatio":false,"lockShape":false,"children":[{"x":44.0,"y":2.7321428571431454,"rotation":0.0,"id":123,"width":62.0,"height":33.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":40,"lockAspectRatio":false,"lockShape":false,"children":[{"x":29.139999999999997,"y":2.94642857142857,"rotation":0.0,"id":124,"width":3.719999999999998,"height":27.107142857142843,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":49,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":127,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":127,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.8599999999999994,-1.1785714285714448],[1.8599999999999994,28.285714285714278]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":51.46,"y":2.94642857142857,"rotation":0.0,"id":125,"width":1.2156862745098034,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":46,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-1.4193795664340882,-1.178571428571729],[-1.4193795664340882,28.28571428571442]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":9.919999999999993,"y":1.3749999999999987,"rotation":0.0,"id":126,"width":1.239999999999999,"height":28.285714285714267,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":43,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.0393795664339223,0.3928571428572809],[2.0393795664339223,29.85714285714272]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":1.7678571428571417,"rotation":0.0,"id":127,"width":62.0,"height":29.46428571428572,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":38,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":40.732142857143145,"rotation":0.0,"id":128,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":51,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"\">container1</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":185.0,"y":143.1999969482422,"rotation":0.0,"id":130,"width":150.0,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":53,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-weight:bold;\">isolated_nw</span></p><p style=\"text-align:center;\"><span style=\"text-decoration:none;font-size:12px;font-family:Arial;\"><span style=\"text-decoration:none;\">&nbsp;</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":55.0,"y":139.1999969482422,"rotation":0.0,"id":147,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":58,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\"><span style=\"font-weight:bold;\">bridge</span>&nbsp;</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":62}],"shapeStyles":{},"lineStyles":{"global":{"stroke":"#999999","strokeWidth":6}},"textStyles":{"global":{"bold":true}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":[],"lastSerialized":1446315118663,"analyticsProduct":"Confluence"},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/docs/userguide/networking/images/working.png b/docs/userguide/networking/images/working.png
new file mode 100644
index 0000000000000000000000000000000000000000..8539913aff6aa0597c3600d7c0c01cef7efa0222
GIT binary patch
literal 18319
zcmbrmXEdB&_%^EdE`}&kqmEu8MD#v-iP6jGL5LQ;ccL4j6J0QRXO!rj2+>IpJw%Ce
z9>4$lzGtoT<(#$72Om6T@BQ3uU-x}qd!jYf6$$aE@la4u2$hxOv{6t{V}U;m94z3<
zcPy$16ch#&WjSeGZ_`5)Y;U@O#@ESjw^p4tSih%R4^v#K5WuG(vFIX+C?Clz8Kibm
zWp;&0Wb6vqKB5$4{v|+#2+j-9Tyh#Ew}XcfJI<;;Ymy`I-@kpmY`knQkB%hzN;MS3
z#djp@|4ecSrf9u+^F}e73RNM9)Et8f6(2(Y4)*rrLyJRU?!hS|F-K@J_D??jpW9Kx
zA=s$EW#DcQS+G=+yc3<4O$1^*JNUnM6?$wj(BwgX^xw>0a=q|Hldca%*queG7am;x
zaw=}rYkyVF);=#SWMPi2G4fO9zd@BK(1ICbzjYZY607n4#fZE;usI*QMwkCi`AR$^
zy=v{JvP7tx;f$>9-#^7~c~T$e3D#vw)JBw*R~N1LI_@PjXUzUm<&x;NP`cDVU$42r
z3u)QAc-}C<951tgKEB)bhH^IYTf%v<q%r${OD~sVu!f-)vX?JPf9piR7hL`hvbY;q
zh_~HkbcWmi)~MkvaB6pW)$48WQQv*CSSG99A$E5%H%sj1AYwXqZXjIXQ8tNq7}^S;
z<MCzoF?A!aql@A-HlmRdN7nOV4Upc{xC{8AnCOXEp{-+^ty=*D3yJ(;;H9Vl)Enz1
z<rpA84ym3uh_dSHA`{`p^YwpRdy?;8_$;iL#qUEX6DB`5+c@QScQhmGeH3<r*>9#^
z$bZ7n>UR#eMVt_L^1uNpXa@zkz=A2f1{NeNwN09OX|M%PKDo&e-TAmv-h6xGxLdBF
zDiP`qsS%MWx^nx@+IBxbfIZg-+jx3z%m>J!7zK50XfyV6n)|l~rpYn&9wHkyc;2&r
zWnrc_Hr2N8o-MU=uXs2FzZ-ctZG4XV+X9$5;D66t3PWY{)VINsxV7N#yg3xpX!ly?
z^_|@aKipmQirLM1X`MSS{3V}z#Z?8>zo|IcIXer^uK6-0+?HuQ1W-EzCXTlPh)?`*
zNrwxmWSjB!w91kDlTiLL>tEKeFP3S?dN@2{C<164d!pl+;8*1TM`nTugF07nld~Gk
z+^n3o27558%iFg0gKNxlt8%Ymcey-I_uu`i=ch=#wjDJOcZw8wJO#lw!+^kZ8P{>4
z-mNr7Oj?WOFC{)4p`3RAdL<F5pXzi;P@H$^sPQ5vTZ5j5y>xliutbkIB^(6Fjs^rR
z6B5LaAhD=>c08C4w{+>dE4?hhbgbAb`Ia#=xWAIy>#zIp_q;UaZ13)xW^bZ7!|_`m
ztbmZh76w=<34?hUc-#3cq{K900Bw@_UsLI)z$6X9Sdr<x5*`YS9X&BmDeSh5e$z0*
zFt5A3*IM}!5Rj>I_^9=xoj<<au^P`EoGE&4-nI#UcHVm%zxj%Tch(hMeCmSjywK}c
z`n1Gs%-c5uFbf)ifJZ+BeA5aM^qoUcF!U(5>BsEKB3XO=SI^IDv<vaKCy}&)N{Tmq
zrymOUUA_DdmHZ%}1oN#7!2cQYaYUK$X#-P}uri*!e2ym~i|O9*z8<*K!;h9Qgx1K-
zyL@DCP<5d7H9fxU{qI3t-KLxh2{Cs*Q0Gr<;e6BYYIKfI5a0zc?MLN+q{o#+0V}z>
z!^eNM@|LYm%pYdkb~R-DEv1>~Z|HlYnYDnGNe_Prs4eRKYasgIprb)RuG*FeoW9x}
z5x~iU)^PZse9$Y2pDq90X9Vs;K#a6aKVZP)Cp4(6_^kNdUunO61@y}(*MkG4onuJJ
zdf_aU8G*ESee?J4%EhJiSMe5_7h}bscp9oupWk1omrmE(G}-@w<D^G1`O)H}!btdJ
zKz%+9g^q07qzQM6hnrXNV{rsxWfmntUS~!1WXS`?q&apoC+ZEQCFy?``b}XD8k~qP
z2=4a&y%qs}=we^edqH3zpGR#eTsp|Uq5qbWdt013QsLDqL-b<hV#Ha&R`S|P1_6In
zNS?!AAt-Sr&F}QR?yH{3FWRNFzjJfb^Ss=ah<D*E-H*XROR<LvYR=og!wW8ssXkH<
z>U`(Nvk~CPg%GvS6v=rQqvfA&R~Gf8&0yn)wn!(fJsOL<6!4O<&@)(F5NC6%(V@mm
zrpUpc&5bPh*(>LtY=5<};?qj3R&b=qixIdVF#{o>MK)+SWEi=Ev)TOUliWb8H%BPN
z22bPwri<$JpYU5~q;EwY!v*Gl!nfz2YE1#6-#XEM!uMj1TC)M>ZjkC>hZ>(2{+og(
zM5x5NetjGvIFZpj4$LE7A%5q&PsYiywn2rK4GQrGG5a(%5#$V*{K$|v=7CUptenUC
zIV`cqUP49Fsk(;%0qlhYks_$lzD3--yYX^XFG>qH9_2fJ>nIQv*&bs{K3;$AV*J8T
zt0~99<Y2h3u@<{oOet|W?ZLFAX4>yZr1<seGO$PzHH^4KdFOwun>~^`mu|;DOjL;j
zYPA`j1tzX19#!w|-XF#*Tj>p``)vFchJXf1c0wNAAO?qu5g!G;K7j)fHBUumQt7bo
zZqy)dDsC~(6w{aeuOC>TGbx_}$eAYjz`rYWnG4ox{NL_*PHK*b>WdM^zw7OL`6yEV
z{}E~4^n?VUB2>Um0ecpG_Ue}DQKZEGiF8kJskQV`q*VWj^lNCO*`x5zr5}~U<gXxp
z`MBxPGWWoGVH@5jC$W#4&+Gq2DxS3amHX%@Rv2*bE0)-$CBvoG_iTqN?ceHxv`;M+
z6tJvqY>xgZ%hR-|KafPF3Bx9%NtMD-Qo<u)b*@_qSub3kIW0AC=oayEam7-Lyj3Ek
z7RpzMrzX8OQ)e&O$9bV2jk3MeV6Wrw9r0Y)Wi>lX$es!Ik)D<4xu1Pn@Gw#qVbJCG
z(*N$_TZ2{PAFJhA2O&3Gofs4lcC}$+VRkm{{`Y#eM!RVlFi4aiP3rNRLb@>&)=@C>
zot`{-qM7&FKkO$eVVI83e;=5%YKC(8ngeZ0DBqgk*(>-`lhde8xez_qqvzY-<G#DB
zCJ9nV`t(VaSux>B0HOL`?Eid>+m6c3&rdFPqv_m9G#2jyEO&-~M!$;%k@|Xgc!aH8
zDW|SC2fcJythHcT4A${sBEduS2v;bsUB>g034D-yS(v}R{iUMf?DHWjXKz@Y<2RnA
zPTyvne*@i)4h}@@)UfFSS?vAQ&UOYu^$j@`fk8_wX{xleG?}C5Z9*t9{p;*D&qL~o
z1h+~P;6pYFY&HzVIC%2g+Oj~rrV!N(p3hFpO>|RP33TEyxW&N#9L^kXjzOpgm`k-5
z=;L{kc?(t0_dTl&U>rPreEYdFttz!PO!4AlLBL`Rh)nFL<>lp>FsLf07Q^7T0e3gk
ziHx!`Vz;f|PjRGZawUA55?_w#)Rh}GJ0rbNZC{k0|L5E?FZcO_$FhV~Aq;i6_jpwz
zU*n$kRjNIY*%;O|Hinq_onktzb@_KIG`p;sUU8E!4shK4XR}k(7ku*LaQ>~Jc~&Ot
z!2~)k&j+^{EVL67bJtqSftWk7xhklj*mk09S>VI{^e+1)67-)r8=_;8f6Xup_|W6*
z4rf*P_)M+ZsCj`iQV^3KRkZ!rM2_nFpJU%^>f&i$l%S$xMfp=^&k+A-`PEw84)dH@
zFW>(}{bkH3h6S50QKPAL6V*8(MS=EA6Ryd>4M}NtS?fX$kN@ARj7sgzO}hB~?KneH
zT>O(l9F=sAn8yq-UpRX3bJcX5dMiI9DMKWkr-7(gZ?#YiN(yF5_(BjTFK;P*z*Vq{
zipt+n;?iGJ1+oJ?X6n;`*D;A9gyzW~_m=9qepmsf4h#tLatf(~Vo1OR3xwftaD#aa
zgq1aRC~C$)5ePA!qoFuoVemGX<K?Q@jh#j7?)DzDxXytqy@Z(1XQcXg9I9rk2eE(s
zX6cqF<k_V~RT3(D)G!l@%t;+C1oS$DF1aEuaiFY2<UDfAcV=}-Y^jUu)B+~v4YMX|
zwEGd%bg-yuEAfAJke4O+hl?hv;+HKojvu~@wC%6O{uTZ>%v4tl2fHi0b3fyQ$|<Io
z_*nkWew0DK66);h_>>}z&O0J8XVCQQ&yi5Ak*e5o2w0tNHTui#r3`1ys#EDM`q`>L
z-3#HNvHVIiON1usFswj^-EcA!T=-mrypvx6L>WK%nak8ziNa__ZCxi}sG#oJiF<hS
zN>*&fB{xUa*Ws^Z`ydZPpcqG<p|DdAtN@iZB^*nMbOZ?_WwfB)kI_Q3+=gT7wmN;R
zECKeekjeTC0N{m+Bw`9eF|@%PPES%W9YKcZiNiAZB||VvL{uDmyhj)iHe?+6_@Q>a
zPck78P!j3qx`fAAYDdV*iq8#aN{Jq35-1c}ApK8mz5id-mW&xWanF)5=}hGWQIdXC
z2afhh4Iu<{Z$X!y6_+$X@%234ca@`XpU#)=(*NHPHInGCx3wC4358HkM?3rYa~yiq
zO&0q6GQGK*mMF6Txs1$`Ql*3wsZ0;|!AR+#S^LqzF1A`EydqKFbHV!3os&y2w4&*_
zVEE$%nSY!l4IV6nFvvOKCUITZAyFFt+uP5od1kf58n2I-Pp2#qd>6yvMYOE3?}mma
z^{E;0X<0;pe8LJF_o%%5^TXH*JP~{*Ch|GJ#E_~F=Mzr1fgzwTsnlWQVj{l0Gz3&Y
zl2Q{dBm**S5;d(qLGYxGX92P`{aDABIte4i;<#Q`V2u^+$OOZ|w|5w!P?{8ZzMbR|
zef~$m#!HIG+W)^vn;ACUVo}o4fRhAaomnsuZt$@6$8qkMEL1K6JIogcM?1(p#VJ^6
zs<bit@HWCyFtx6iVlxB|mI1%|nB^P>j<~Rs4-|c^ap1dXvUU5n?LXWlU9#)&cK2XF
z@#joSdlxA1>ofeY$)oQ^ioOmj-}IWSDNW9J>kI0~X<p=e)zBU#4QcCu9YN*25_*jS
z&|<vn^##W;@H?H=`L7qn-GRn3aKDw}6l{9PHTH{T7adbDG>CnIYCiM+Y*l5cV`XLK
z>93E!S-*q`f6#drwV5RNPwSFM4QHD&tsh28p}c<)IxIt6>ONu}2j(j<yAS#I>5PXq
zPu0q&v5qB{9Lsw4dUDLQ6ZfPf<xjaa`TG|;@@ecR(tOb3*#@b8Sd!`4!d^8$qUVc4
zjq^zCH*kn|wL@w&V9mdDV)UP}#@Y?f%DKS71leLV9);!zzSHvXN&-OT!=oP;1fVS}
zvF;3btoV|z2h8VtVWi*>7zF@Q;Td8wi2}d@PF_W~lR4sq@|bUK5VnyBo{46MgOMj3
zpPZOe!lAE<G^ta<(Gj98^V04Qd;aV|?)~p?xSR!_!9{RUK_Sn^-M_E@Yl&Kjll_to
z26@>X+ZRQVllzK`jn6*&KdI<N{y#%N2Hkv)b9P&p3YTY#!?$q7?U|F@YVJ$ut=n#|
z`*(bNyIB#hPiM80XkR0DokvvP6q*aBRx;9!0DdmRA)-O!1O%m>#u7;&+p6U9(snY*
zsl;lwUr2msIaEWR$34>fUGp>x)6<kP<M^H48vw$1y!{@fGU7!d#FUwwLzp%p2jCzF
zrN}dD)>zG$@mU2L#@K96wf+xkCF;$Kjiu?&vP`oR!S5t5ll+&TqFW!9<eYDgHKxOo
zj(|5U-nN97FtEl>MU6B^06z8IP=}3iV4oG3a$i7?cqHaq=%z3}YmCnxViMWxB0xgH
z55<rn2zCeqBvfb{J%o()A<Ha)vj@mz4I@XjC_50D;1ISH-DV(wsH17ui#}ww+CRNW
zeJceR<BiTma{w!T;3<);69l9@WclwXs{#LGBXunVWO0=}-k3Cuq)pf280Lq9muusj
zj&AoNUe=&U_iJZ}#M^rggK8=kYm5)ZCMKOZnW|^(>BI4iS@9`krhO)0q}(5}cH@~5
zJ#twVbK`FdxqgoDQOsL^kuT>3g5ib0Nj)Y66i`T)&_<giFWNR(EfftvC1s&dGf;~B
ziS@P@ekS-<;Z^YkKQv7D9nq(8*ak@pPWK>;)M6v+05F{Ye~;?v>(6w2_+xjmKmYF{
zU+t4fDgfFZp};;ggU6)d%(Y~WQ4^><F~stA-zFmvh_aFrh1>O$aU@da=KEwodfTAu
zI0pb?n5?HFOE<ZVnl$zFDAH0>N$xwHmPJnM{r`C)`$Op4%dJP#=L+TVkuJ9l0EoE_
zj3lBv01aFdGS>nq&alm$!)dWrdgyaQL+V0}nFcnUJITfIT3!SZokNQP4-Wx=q{F0D
zUN^grX9;hvOWBcLy<jDlByafm#iTtZ8t-9{Wnfqm!}DN~5rnChB~-A|?lns+dCLI8
zyLt#l$DUz~q}?>LYANYq=z)<^X%&BAWC*3;(vQm1O$@F0#Sq`+|4$o$J<vaz!8@DR
zgYh(&FO{751qD+?Tvj0fTqQTe8Y)!$_-qrqT&qX{Oibw=d8o%4TdO>#>HA#z_G;^+
zOe~IS$Z&=2WG>Qkf|bj^Tw15>%NGzL;^6bK@_is8dA-zbDjzji)WOj){1~l!OQ!=$
zy2POLOtR|f{wT-LOQ)29i5zkJ?V%(gucIISchmwf9Ep=2boWJz$d~)S&vr)lI{r))
zX-MAb5~wueI)zoddjAs=g05fkV$Cll*Z(gR>B4pa`6QwydTH3`u+tRH;Y**@S12Fb
zudztZS|}Zgg?qM+yT@i9Ld9U4h^{0pkE6fEkPeo5;(K}2DDjphNokg8JEGeaj}oXP
z6q<DhoNvbR#^|Bz>O)3sb38zucYl}NH>25>6wFUI2i%wJOQ#RM*VCzOo>H(f$G$Q1
zPkZKjz<;w_^zrStdfUlo4&T1yTwNhWr=*G20{&Ik%70REn`dW3*K37$!0zB<kmn@w
zKx)yC#u$fijSXeNHjklC5x{~nFyZ0CHdx?{S`Q3tS4Ag%uwze*t3O?U8!29|c&!~?
zT6CR_aJd8d%<S#;ANi=A)?c}*_>??PsQXO3R^-2b|6ZuL=J$ut#A9BM349!a&y(+a
z)Eddj$+<hHqd@_y^Z2cQN~C|%{cv|2j`e=<sqF#R@2-DGMNLl2+ODqrCIQzw$OH+G
zeO+mTnRL!!O91u*NV?u%sq13F=zKkt7!PrE|L>T*iIl#t=;LdZ3{#(SZ{lqM>yamI
z8xb_StG>q+=rqTJ4&eK!kpOPK7h{=%k>(C=Tg6x$J=^5}mitwnImHOauCF;OV-)jS
z_D2n+VBO*yz<MWP$+QO_1q5Bp-|p<}M7zMpV{Q0^O=7GNQ7=xbj9Zg|yifkP>mLsx
zjYwRs&pwCP*%0&IAdSnDl;0tk_;xF89;qoQ^~X<@7$qh1zI2?awCxtg?si_Tk{_El
zo+9yiqoRv-O4XSjT))yOdaZsaWhnY6d2f)2xjNvBvlD6q#Dn+2#6xI-=uedqc8j%)
zy>S@Wt9O@c8km@vxXU<X;(x{j!<7l>w|A$D24ZMawobp&YfMU9W-|yZx`t-wEBoDF
z|4LAjQDE$Sn;2uqLV{KM)ddovuKh%r*#RR7@@0lM?Mqf+%IVQp@xdXqfXF(luQP|u
zYdoyhRhtD!rf2k(r@*=t-=2Q}Z0+wgtN9FSw7Gn+*J<d(S7KHxc>I_4Be8-3DGCKS
zEY|D7LZ%IvY(UkQ%{SM{U=s3#D8fZ3X&-Ss8f(LF3LCjlft(Y@o{8J=bL1G-8UcjO
zU{7jG>cc5@8odlc2b=XxV%W+&D-Iet7)HUOli=PTD$3xM*qMWohb2Tvo|Ty6qqZae
zz&}{<`4f>`RJ=`$mz>oY8xkC#Q!+<1ZPsjP!88VAp+%!ca?0vhG0yK$G2;{1iMG_;
zD7Mf+)aoj4AMVy3C>Xu@gzv5=16OO-7^v-VmEcw8V!`PrOO7?u#mXr}Jvihd*<)Xy
z`BpKc1JUO=gDvwZ-p>lfXCLJ3Xs6uB8c9<|tD9F<yneVwvXfstT+{?o+{ehN|Ix+Q
zTp)J4I_V>J@~>skB*6#>kt5NEtNiN7iN;MCn+&{v&)<YhX3(%}U_~R{wo$ZKIQRKe
zM9`hSR6sE75$pe?QN9^|b=?IRn3;uD$iT?mi|%Ve|I-1=^X(LkBWC=npJoBq)&<a4
zcjvRnIE-racA1CMkAYLlY&mk>w>!My^jnnOSD5kilDW?9hawg+G69efC4-eB(<*`5
z5wVBcKjaFU<+MM%kLxF2t1c?QP1c9{M)2;*&VL=$PnN9R9eIU-L&~7$+QGa^FA6>;
zv$(I}8oqv+xil>z1>$4G%B13-mPz*<;xiRV<c(s~v+0+!!aR#v+1*o64WX?o+bXiU
zz2l@y!eo80&HbQI)l|1k9)OpK$!dOuv(AfRvHpV9S2Utd1_+92i^k9MR@`URWCkKq
z{sGQV{8Z2er`qylz1LEEFor~2VJ+~%Uu-jqd3WvM{>9zo!!0pTKZxF9E7p1Snm}J3
z^e!1FBfPSpk=C5@<3latJ<)-{`J@|&oumUpHtTCE)z-IUmW#Hf!k%If`Q7fq%lJyn
zO$nBGU@uru-;+UFEn>hi@#_fLtGZd{8+@pM{go_r!VptH9;Of~<kl^3K$W+Xg$bT0
z=6S$Q`;7sm_?uZ^j{3`;RDV`BJ7yf!_<1rC3Cwy52n6SA+I7L}tp{M6duK7@RtUZQ
zZT3L+54>KlG^apd2`@jP#Z9>Ql^1AwB`-xa1@F4q=i0bZw?=IBs7HQONybt#Ws|N)
zb1hjSI!a|>kv31GWBp?&@O_9JBOAWL*JWWtfEX+jWDU*zDgxd0#G&V<9jz;<JTs|6
zDM;FNc22qGr!wynNUK_kl08ez5^-uX^YCVyCnum?G*GT28@ebfN>Hgx%b+uogb2f7
z+6DF&w9*NlY>LW64DIZ!Pp43f53)8x5GYZF##3yQLrfJxpAlwPi6nX@e@Ge8a6DIZ
z$&D&b&=h7%H7KXw>T^&`xWElJGNxAkF*QcHFG`Yeaf$cyu7$p`#xSlJG}ZlWjlhY9
zk!qnSc8~B!%?sRutCCaTar_)sZu-yds7z}XJgnK5@sfM`GbW0O!BW&yLhg6k-jQlL
z6{Ic?K;OfE%r6i<WsJt9qrf;CX)o^lLv(GK@*J<gdWbMn-)W%uV1D4WX9F&4bia0t
z3ZLv$cLwax3W3wI?H+}eg6~JJ_0HYrIgttZvj%*-rzOeGoru>YuhEod=Kab-+fDvF
zaeOLPR`G`qTE?#eC88@duTPOUW#}-nP8X1;5<5$&{)Ic9OPfS<#iS(lH4^(QN7U6)
zCFJSBB^d6)2gT6g*_74H%;oFtk?gJ1^py#_GjcwM{4Fs;PL-p3$a00TqLNdw+2ZtM
zpsuA(yrz-#)0yxgy={hr(b$>k3g3xmV%9Eqi749&c!|{oMY+pZW*&@3|Cqqi<Mr41
z>GPx`8F-SFe6gj@b((WOIvN=_<xaac_2b|w#621<!F_>sY>2<<iQQ8^wQ@38%m9kx
z4rg%y0CEdHrt!Y4`-t2(aAw7;w+sSdyQ$kCry4zeC%!UFh)-t7*L{m26l?rWRcBbY
ziT3_=w({4o0yb4ve2Hwo;m>Ye0$Se8Sc!s4Vo)S3L~uA+jk8UzHzno8nW`@5n08|M
zL>CJyfkZ1Gba!L>0}ouT7O9r*U3jXG!AXxb2AaYldrteVJS+8z9nWPaqs)DUS?_9j
zCWR0vYN((7I{lhQj5!<fiEfsiIFgsOy%uL@Yf4r>LpW@QDRyKnacHC32YcKiekxp(
zpreABnIz(s!JJfD5*Wzc)T_>Bd_TCx9$ibYE12>yA6G6&h<zW?2%b_Y8-Ba>_t(Gr
zWXz$P^I46xX1=M+FgW{d(x(bgdKw<%#d}tKCeokm$G%OnM4aCItv!ChxXe#o%MNz*
zwFJ*1q<_=}Z!PKJUSgf^&&NLVKi6uz+Kjy%O%RtNIsV9H?JDQn#ya$n_i$^g9r<D#
z=S)Ad+Moz$6=#N#pmbxV_jmO*=rcF8XFD{f<7!upOiqBb7lJv{<4RQbljX;9(%3Bv
zTM5is1>wD4UfLfYP!aYC*Hs>Tgx)JbSBL8r!;nhO5@LiJnwx*!s}ZDQ9ZVl!c^sPH
z6nJ|#(;`h2sOs5S7SkhLQSk{ET7>iSaay~NRm1e`-3`q6?Y~Cg&(6+ptP`;;ktrq%
z=znHk{>rx6D@}w2zb|;FL+yOs{)mJ2D{D&TE8omM;xo29KY>mFK5eFVJJxij-(P)|
zjHz@y4Q;CdK#FV99Cz~%naj1n?v@PNFw%bn%?z8&eg4~}IiA!2=8xrRKM-&w<O$fq
zGhS&|&fer058cg}I3@DjPkNImgP%&BuLq+(((R?_9!^dZ{Gr}1TJr*jA+g_qpuBLc
z!(Q)1RgDYLgAs+hM64$B+^5`x#W6NP3_OhH!Prn=TrBrP`97ojR{n=$ZeCt@&C`})
z5~5dC-WCyJr~Tv{Y;20Ju%p*Gp~Y9W-%Px6TK?+44pj&lCV9b->&1RR%l^N)0IMH1
zpB9EmDM6vo3g=}X9v6*1mu?tVYY<=1I1s1vJBXRPWND#Rs{I_padlxhB9-mxx`zHL
z)VZ4~vmsz}M32PA@R)?YKq4yvm#wfq2fLBSbi$V^4`x9Ys5#=R#INNhCvs|xBc;f6
zO-)Uy?wk3VT|l_x&7e&pcM=>NRENLY!zuRrbLB`ZNte}Er_Kk0#uoV6%I5@ccAmW-
z;}7F{Cr!n-cd<Jy+Z?O>XG3<d^MJvF?aXZ@2#!WAWXJGsR?RttwCYy5?Sgr2B#jF*
zbL++|?HJc^2^o&R2Vnb!FHD?W+&S^So?gd}p;R+*No@EKOFoWW*2TKhy56cHnsJuV
zK{@Qr9>u8nTAj0=?P{H77JNH0J~j)>P)SPwp;}I2`H|G!6J*kdp^T&0JpYg<8ii50
zCpURw@tE~FcU{}K_Ao;9PlpdXw|j^Xcriaq#Z4{$v}PIu3-eqe<J!7nh*)&XzA4M@
zvMnVJ*wMQ#S)^_3W?@nTiA{ie7;CD-=zEK;@cU7*+a?O!w85UVMQ)Zo`}a4$YuKu8
zfV`4Z|B4|IiA3Hp<yo>NFH{@N)&$-;N*719#Q0+shG@t-&;dD238QR86k^+VO6+9y
zG1b_fTJH@l2NLCkuJ<}Wd%YDs{j4@GM@1dpCTIM(;gC8>WPB&N5k|fXfa20+m+qXA
zkrBBTp8I$u5f-pQzVc(<f?+F>s|J9ESFvodKn*_gncs;tP*5+K!mvo76|^B(@xNR_
zc4Io7rRu1Y9s}TO2lq}>zpENXRTv*tMI-F+q}rriUk=WQgMLwzcj9XCBRxHR=DTek
z_gGofZeJn#p;Q?C(oYX<x|%KhFQ(0FlV{Azpti5PD0Y%OpX#=Bo5`a|f7b_n$4y~m
zCAC8VK-16HDJjMlgX%1N5<M)Kgj>Pb&q!X!w!Z&`CzBX}yN-_iSC&|UWsoIT+UTjc
zXBE6>U8;LChD%PDOsS7&da2V!H-L)4>*+L0;PUrc_VEa9eD?~}!6rqDxcr+k3!jwx
z;?+*y*wLyltv{)e-4^P|V@!O|)ZfEp`}5stq#uSLlb<d_>NitgHONh!z@S|GK;Owm
z-`-=ghL4jdG19t~AdVA^uVg3A`bRE+9dbVGXQZE{da&4U5cYupl{D(UubUpoJ%K_(
zIRiEc1?X9x-&wRBWv+DJ!CZL?p2)XJy@HuCsW-D;EASvnl9!07=P|m*B1KuWhhp>F
z*wOP#e<me)A!cwXKp0O$py)6X$B39_+wSY1pEhNvSVSxH{QrLUZ*s0;CDm($4U=s=
z1nns+s8}?&{y4;|r)wa9cOS5%*5FCTb8BQ_^A{{Vf3DXq^|ObFJk?}VO7{t?XY-}k
zSM@Uk537)H2wzf>{}fh!D`O(cQe-Mu6!mM)tJ2r^S5}-nJgd!0Qcrg&kxit2@22G`
zaZ4ql%9T@CLzJZcmJx5UCeiQzJMPxlU!Gya-_wYFF59|}@<FOTyacuI1~BgM^yzA&
z7o^`aGBeA`a*}>kq&OS~WGGNm^vEzNf;bz=1e7jLr{FB);bU#k-nqHCDZuodB5Om8
zPn~B=)Gi4%AjT)b>#vUi9Gc2!LF=<ya6ZKR@nAVL_|p6@QZ7tWdj)oxrR7%!H$I>x
z|FWDecbyF<S{YJnVoV2XK7%Msox^VW=<lT-bITSI{4Q2V)fBCi{#79DXgqFfVWA~G
zG}~hViabCUOohNxt%lLaU*oW4(&Krv{Bhb#3}<Ovybta-ZwgaDC1+DYS60|z)W*%K
z%u}XNca#|n`1>`sjY%F<p<}cnR|&_W=jz&<Ej?c5h)WaHPm)&pB;r(P(HBAYPFHLU
zt8SykbGgEojC}-C+5FF^grYTPard)je!8Vo!RM9Yo&w<uSn)(GaT0udT$YSM%FhBs
z?N9}@2}$2EE5wl)Vnej+vck`K8L5fxIqWzefb@-s0ly>mSM;ssP~KScXIao$L(t;A
zbYHL}`cKyXatR&w239}p5~kno+u%QCL}#$W5Ox7rLCo8rKjglYkWYLE1VdLHbsN6r
z3!a<HSj(aikU=>T!f)P#Quq72{Y>i}v32N_#lop-isl7&3J!=-zjQ>VJtTBNEhYyN
z{89)F{t$#IgaN0J1~Fj6?fJ@?U{6cfFqmH5p7dFwsXysQi6`lzgV&tUP~-c(I<aPW
zMYV>>`dcobZ2Z#;whO11&+$7VH9h4%O3$J)A`6HQao139!aT2Y4BBfIUXj62XR&B)
zhee$C4kG^gnvdMDSeOg%{oG#CZ8R%2P4k02mG0_<d~RIAg(!tVt0Zx`J}jPEo1;dd
zE}^pevcR3pmoqY8!9we1A!bZXv>2Q{*_gJXtk#LhSl%vn{Ue4z+TUlF-47;^DT6~R
z4I=Fh`jL_5G|0W%TGWqY(qmrqYsMDX?bRt#5>=4;)--y8d-kan>seVttoz5f7!0UE
z_z>3cIZ(On+a|Rx)HET-Hx4O*K2J`gu;_V$QJ*=CaY*!!I!o9w{oQ9mZgh<47FVlL
zhw4Gf{hk*gX&q_woJlUDFtbqYbd~n2Lzlo$O>Z#6a=|BzQk6>S?g`^KBU15};_hff
zNG4_o+<=2krLFy_h{+0`Kr-=(-69ZUf>_Z1HkN*|T%DX~)ZhZGaw;V}O+V?#p@<TF
zP(8CEQ7)CD>Eq<S{wukJ&#GvyA$(+XWk5??wvJIKZrDLO=)U+*HkkvWc7`+GQ1Lr4
z$vH78qBnq`5*?*a;YrUc=%Qe*tGD%(;%C!;x=ZicvI=F?Kmp5%7ZKFI(9kN1^dVuN
zO3>^p%i8&_Otgcci~G8ng+H=UK_XzwWg1}IHc^~{I4uuqZ2ulcB)*|M;>l0(f$9dR
z+@(1)bLl(gd;$5-mD#eYAboOegE!S1_x%A5ohp?$?X6h8)MU?BTPV^<A)8&XFki<R
zy@`V7_*}p2shl>nuE%sM5$t|;!$_{WX~Ms6)i)HS8rPLe&9OMfr;@|d$T>~uG^MZP
zW_wp1DPr>yQj|yrbM{2an67^~BZXE>B}eeNp)5M&q3(mp^k@Wzbowj_IE@@SB^cGi
zP0Lmkq>t>V38}99v-ZzLDdG*Vq%r603D+s<tNmJgZfMI}T|Z@gSZ^?eG*!6GQsUbL
z={?hf#TT;<$11oK(4a$CI5m<oWo0ruLFU}qdyxyeQxm0P$8p?P`+^6V^=a5La2PWe
z%!eAxU@i+$AgMF4L@2G4mY=-|lfYA98iggb@&B|P2e?a&_#g668gMF2dQL+lhmqZr
zxNg15If+RL*@c@=V2Bf!xX%dI%9HP9aNWao8qskya*_nDLC$$)fE*N()#<hE<R*qe
zYUHMy-K`G`R{OBnFu-w(V<6ut&xrBkOBg`D6t$(NFQikG@uWib5!3#VZd)JvA{COg
z_T?p?mgGz@7}j0)3yp2s61@3hkTs8;WNtdA#RLLE6_V|BjaTE-Z%!JBC1*smT;Ok$
zq#Dg5FF1A^K`g=lkOg}$8BZ4tXL<>&!#Rg!c<j8#_T#&Ce<H-xaoqZEnQQLU<}bPf
zHdEYyRg*U0u7rIg_$zb2=uY}Rowy%GjW`%nT?x&X^Mv0*k2}z+kuJQrjX|;WV~<S2
zjyv4Woe$UW85g!!VUs0417)4|r??TgVxW!!2p;6_tSQUPf4U76Ef;O{cRC-6v$N1o
zgU!+6Ok6*#89q4Hy7`IO6AlUuih!iELqda05K41ytp-Rh(!cW3Dnn>Cr7u>!WgQ3b
zY#F~)#*xWl|9ZdJ{rsKr)}mMYPboi~P%J_f8m1Tg(JV%p0`?eNzcmlnJ!e$P)hyNV
zi_GS|5Sjy<s*FM5t_%#0Wa<&0@4QHYu~Jf;L;R#j_Uwo-$_H7)K8#98&CkzouAP2x
zca?t~_u;KMMDgw6`nI)crLQVv4*#ia3WjT#HRAynbe9AZqCUmKN9ua^47I%%6S8?D
zkW`GiY0&8-9ISM}GPp!!X!FPNOAPUvS3Qc-f>^mzSa1Ik&Ety)zM}cDjkxvbl2H3Z
zTp>I<Y!OzTMDNAJFZT?eT0kWA*<qf?tJU*QAgogYi+Kf@87`R&szW5*J3n==UzElN
z#f3tsyAs2Rw2HS9luAQK`hDB9?555W#P-=mqTwhKB?QXUZIycPV)Jyu*kL4}aRCQW
z7-}B<wxO;r3(kNuvJf2glVfriEuV3Jm{Wcy=w*8-lisx+W&4n4a1SF*Zhl9~lP==0
zgx`r+LM|i<R5?Yfj8q57&+W}!%_BuacAL*q!RGY?CS&?GL@P#zCF9j|&nP@R<UDlQ
z&TQAa2@c;74^gEe)TtI1KCoG?&N1ROFJX+1bXBcu%ClsR)SzzWin=n9M<mtsuE|JI
zozV)fWQ7)M`6z(I{;>n)gdWp-w<Mmf2J2-{!}fw?0Rh1>)vum&9rjj-UR#3tF3Zx6
zqn!PD;$CkRxwC{_jTaUU#qHIgnDg@sTE7mO<`7VwL&URJ+#2F8h&VAh3#3aw!i|TE
z1nY0B!E+KUKi>mMw>#zHVw4X`6-U=zQv$3Ic;Xpmh%Kyu`rK1Z!wrpdNdFkk)UYk7
zB(OP*+QxcDiy6O6vD7mGd*Ez-=X}FUwf~<ay{S}ZTa%aZ!iWcj(A}r!kL<z(YT)8~
zG4@eIghj^CRyz2x`a{gh*lfd=p7tIQRAtcyf9>D)IejB7qSvs%zgqK}lx-MgMk)xm
zfiNd^UzSsX5kD;t87*j}E~R*BU(oO2JdNdZQ6D~6Ce5lQ)<I9<`Tlh;FZ-%e&4dBN
zezv=T<o-7kiC#9x^-aB<^ZinMyUSI>ETJ#Fgkz)ne|JLVFE-Mhhh#kR_(r^#Qeg46
z&{k&r^@^fQUumi;inffLv!aC2{Cd&E8u+dHVbiQA)I70IBk7=!3I1|Ibc>+<@P};#
z^;&!D*~$klk*PUekXBI@M9kXQjPso|2tW443~(t%Oygw(?}djnNL4>=c5V_hbChK$
zwlnowD8Dod{Mxi_o&s7HwJfBS|LWyNZB?qQUZ(VC(h$CPX_ZD!nj&G1G7rNtmNkgM
z;w-+nl<;}z!@KMd_UwbA#87WzQ^6f<k-!}+pDooyd63#I)NFrczV)et*06#WXr{l;
zzf9xH`*F*?eLSD7_lffH?3IDU!caf`hH-vqP>ZWuiC$1JrB`}=)tI^{C-Pkzit0II
zoxYvE=g2T;a5}%!l92VbE~gMd5v(99`{0Jd(ls^I+uf@%^n-=#)6R=|%K~V&yB+<=
z@n$v{l#xEWY&M@Vplo%cX_4?gWdR{fasHPwHq6HL3@)?3+*#xX_BZM1<A;{1D-N)P
zR;sI2t8Bd~1#^A&ZWJuTL3h2bwQpCeq9{oRGf2{r7gK^z=NI`^K>7};%kv*;`}^L{
zC8@>6jP5?z@Q}h>k-(rkA>j1X^x1~YSj+^rIL=};N?4tr8m8JmhdPE>azzSFdP2n2
z7xz+Tgl3M@mcpnGA!mBp3-Sr^;|{Am0%6y$FCD{Ihtw~|`z5h0%!BjY0zMhC>^4kN
zLCYHOn$e*|o6;t8)0(lWA~Wr4bBeNRR3=g%a&jC&s&CR}1G~yUMu<7XP%k_;9@q_y
zq>lqk=m~`_V5k%h@P+_mD@kgV=lJKCS{kNwx?d4zHb|{%QH#|9OdV$-`Gxh)q?`#@
zHv31FqVpT01g8{!L~Tq9zpGg_ZT}syb8)}F@}7dv@v;v>)Ki!7;$Zs~t@HPNH=l>)
z&xI3K3g;z$lm+!%3wkrYf|U5cGjgaDc3~3}W@drLK{<BpT-~H2XGjfFt|#efUgSh*
zitq9i5Gy^-$N9F^Q{vw_*uJnl)eQ?CKn3Bd`}KM*!Q#MGUl`mg_3~xiNGLt+@(<Q#
z^l0`%k2AFT#vo!oaxVKDK&eG6>)u2HN-Nya%#{LociMSxv#Py@6E~d%IM2sRM|_mh
z<%eS|Sl1A9OygJf`-IB*QWX?1mkS$hWq9WDF8cyrXIjqwvhrVJkBxLA!EW{TxWw>z
zdBzekMr>EpcCdAKdNpV1#{dHb!g_(-p^eV+f4vjJv4wysof41A<!nX%)XBwvP&~a+
zx!G<13<Q>h1llZ(Yiic&!We2JSiubEk1wy%*1wX7kE&pE+kU7Dq5LrfZ$z3WV}gPo
zZhuK~7Zv}&AlZwPVTM`kEH=F_j?@d?VVH2rDL;5Kz3+D8?b&JL+CR0L>idpnM|@bI
z%D_lEZ^Dr08U5>G$_sZu)6nkd*VhH6^;D9gd1pcp!{>U9O+!ePzCW^+QS)d}{e;Mz
zGx_=Z%(eT!%?S;P3wWW*ASx2h%=URsz0e69sDYZMI<}Kv-wwl3)oPC#*Fx%S9DOVX
zG>&E_)(w%9B7fSZlEvSi3nrrZ5!=?zXP@T0D3>>G$TPHAEB#@vK30st>oD+mbovxp
z#*}{>lWh*Y7Thq9SA1z=jleqoc%V!E9`UOp-q-Y~`<)s{^JA{x*>IS@;KpJ)<|t4=
zwZF4R=-cls;obPDlRgsS@(7RQSH#5FVv_-dUjMj}B?uJZ`{-tpI8cF5JHI~IX=rXr
z2=G*Tb}==jJ<{}zKC@C5#HmQ-dE;}45jzhy(630^KWa_8rgV$wIAmQ|4+ZK;KiO-#
z-hYExG-i2NiK~@B8=Q<?((6<P9JzK!KQP2XsC|`q_m}D#_tT0eRlmKN$$0;p_=Z}%
zmTjlyB(RF7vXJ*z5ZJ-~An4Wp7imzM`0sINF&OHMdXv#Ii)&?1Dv(B~gs1-drJtZ7
zH?-LKF9gtW3Z_EbzQD_rKh6g@9%>+cB0X{~O+=j=Nwb~7@kyh~^WU6yKW`~QzzT$8
zMLcxbDFYRRpX`2i_>5c50rUJs7B|{hQH*CBu?$)2KIEoWx>7q|<oZN*#el2yGriZ!
zp)%nfg}=aD53ID6(S5_kz0@6ni1%ks!(QtL>YkU;Z@Tb-Po_w7-TR!;)@#-6wZq_?
z+^PuuS#gneJ|2>WBoMZg(%Ap8`Vv~TS{vPE(xN^0ve1Qie?J7gkp5=6`Hw!1;M`Dv
zMA@f^bVN~80SE||=@%-(jZFCIX>Mh06Xw=fo@CKOh8ChjG8dh`b$biKKz0yn)L_TB
zd9C*RWfaXq`Ei3uXF+n8kuG@1(qQe`+%P7ziep)Bjh7R&LbXsT?%}%eVDQFNevQ|d
zW607w?`Tfgh;F8xttf!JP^G^1><t5+!$>MeiCh6V(t77O%*r|jL1T_IEa*n)1VEGp
z47kZoVki@wzrjv{4l3J0f;~+uZNIKg;BB~`VSPce4L24PHnZL(vAgbBty{z5-{lEN
z)l|0zN^mqADh60|b<HBA9uqn@lZZT;lMe;6SKfP*Q$P*uy-TbM&{F=Jbmqwzbq6q`
zzpDOZb>W723{s{ShDQfISTPC2tJE_zYKjgp)@BllmA!E<J!qO3wp<zH%&KpY)Adq1
zHs0S30gLE5m%NOP3Af=dW5^J5wBsP8p3g&6GR4A*xtE-F<+Le|&RVnI8R)k~wT{|S
z1iE~CGhk@pJtVWU>q)k5E=(rDjL$Y9Tp2MU-C_0Bb0?$Gd5blxxhfSQAYdmY&Ew%N
z4f;J=X?Ks%*0O!Lr4?HYSFWsb6C5|vmJ#;w5Mq#w6!XxGJQuOo4%BF-LGW?or=b|=
z->Zv?^5XgCkUek5$6Ua>0|KHE!siQ~1Ail<VH2Y}Osli;UVx#pq05h)+rU%>nwdGr
zE14nIU|;U@eD4n-#V7lXGoSH7mm1>{Pm7tQ7JGbd1AQ6c#>TlC$|yxO5O>x$v%gOi
z5a!UA&peyVgsh2ds`*~Qf~7Z0<$>Yr?BCxB7wMN*6~=%-!C-+hjT&QzwWXI(DH;P~
zKuJ%2?zGHkk5o2I749&^itWcDmdcA7mKrL$6&47gi^B3{CwdYY|KoqHzcgN*$|2u}
z9^6zKa1l^Kul6d><G>L5P;PA3?<L$Lyl<`KDY&7nhVTNPUmiuCJVS*YZuRW=<@t(l
z9FCF2dRmR)>7Z&d8}`(B=}@rP{TnVfSx~uvY#o4w<_#iXDG@pd^Xe(M-79W(GMI%|
zVg*SWtggwgo|DTW#7w^<22e)%n@Q)nrnJFeZDp0}#RmD*@YJ<Vn#T7QGZjCK)kfa{
zfkYlE)<4_o-}(M^9IO|iO{8b_G+B+>^U|<Ze<({HA-!i<uT*lsL|0r<qd>HoOsH2;
zrCVn&Sj}#tmihGQoM1Ceqbm@G^o;D}l{;;w1)I4VJqkX*T{2eVQqk9PGNHQ|+fzAQ
zDl2MmtN*R0XTkEHzfzBy8`l4?)entUR&CK7Wr1&3drcaev~dHh=WRGm8}$?AFSB{(
z+CBqFO=lj&Y1*kj_r256)?q6IT+yVf<GM#J4O(gUC~2ymhb4V$4cN*B!jXtg=E9jS
zT4MhMLYvY0=mX+?@4-l}u=fJ^)hxIQJ`T&Sq3u`If5YBgTT#KSi)hOQySa(!RDvdk
z3mx7Ir+qPH-XGgr3O8(@(iVC1M#p~7P#V-~BCg{|xXH0=7#P?R11vP(>N!Sw+5>sQ
zo*l4tr_Dkb1j0saEgJdzf$_70K-JogAU(ZL<?iE#8|z04)%cC>@*pF-i!8uA9Wy58
z+S2|ERdCPGH#p2wZ>&#9L#eam^PGLM!uKOObh8Nu5NEcp>y~USE*G%@M_}`LQPi&y
z8{#OKIzLF#j;?3hSb=`9L`Wgz>q=^EZ8N?8`a|lWB{QAK)m=;3{oHqH|FZ^>ndgpM
z5pJ|}+H%5;!a^;4AH{6HITDH~e}<MhPYWpjsQ7!dy!d%UNp6pwi_qY$bzO4jijwF8
zUY|Tj{~!2Z#8i0KI0cha>F2h{hu6b|E^~R4sbBWKL`$TaXs}{;*omcnuiyuBHCCk}
z8<Kis>kACH8W@9~SnF|<sO7x^__$T-uY^C8%E!RSvK;hY?0lC9780V<_!D9Hz4~w@
zyAgR}2dc0dQTvn|4?rEK53Fih_OIF4+iTiFmm3T#-jdj!(4x*>LTmMRYxH+*f()*?
zI$F|!6JKRV;lktZoKX^P+VxA=OD_c!>FW6|Cpmlij~GKN1{qhDoGIo|z#Rs~G>rH{
z6P#h`ZyN3it@U(M^AemNd~&*kp_%!M7_=*{1ve9F|G0vR0f=cSCfWv6Nw|#ESDEq+
zUA;XdYnnSZXUG}NpF7UJ&_iH^grb07iY7nnCV$Qg(Nq{l3x`&_b!f(hFn5_Z%I)mh
z{E@5O-f0llce8O?<*4Wl)cCCD{oL0o3zI=V+%5CRG@V~k$(L{gSLAi0uh-eXk?(Rz
zV%P98=x1p}-W0}2FBiI7Ah11x8)M#2yo@xL=F5po#-z4wT<YBjffsk|M%kMqO>;S`
zh*+f)UyL$k1KY{#Y`6Ez4wY8^noVyE!(9cR;OSO-hrC706mg>7D9qQdPNqMJ+)dHZ
zkVyLpoWcP5h|bpCYyUn<{G|fw7SqQ8m*UJjhT#hZXzh_>Pwi6+WVD}G0tN8dOxs*#
zYinyEzpHmXN3FlgYHO!7YtCb|!j<av3nHx+-O7)CMC9$q2~M26MYS`o4?@uuX=G5?
z1_*qSOO1|-m2YaA0PYh3C9f%%>WA)9#|J@)^C?+?D)VCck>N&Z=2w?g==ua-KVSc6
z8Q)DZFfYLA)H+`6+yh!CrT2ILW`VY@g4de=i^qd9z!4-%IhzU@-HCAq-a%detzW~W
zJ<YcOQH@1dazl-mDc{m)8yA|7R;kAgp(kfkFD9ZBYoVrR_+0s=EvD=COto!21b;Wz
z_ox6M<;^s&1*rbY_2uC<Zb<}ko>y(ZzqGRhM@eF0V+X?G0Mr3AnoqaB&V~}dRzk-j
z$OmpG9Ccorx`GFRp0b9S|3#Yjn=cIXfw!)Yyh`BMQ_MSBp^@&LbR)9#aCPZFD5Iky
zKY+y-I@$H@WSFVvh<lZk>y*v_^c(J>0^mFg(0hZm06j0`4YGd-2jP&801|~Kuy6^m
z0mK*}m!WL}$6N5v*f}@~M4aX>%RiA+I54Nb`RhRLlwn=0!gULf26y3B38dqq03&Lk
zd9CBaUE_eXx&cFvMsT<TV*9J>>)fPp2fg3ve0=u5wzsDM8;}S1U&ZjnKY#x00Yov1
z?wvK4j#CBxYhHs|Daf36#PBs@l&1*$nRgJ-#8GtVx-K!G3(2(5?}?Q3J~8)sxVtO|
zSezJtNc2;Hei*KW$A?GGW@Sy6$|IL=6s^~Ne@?k!qh%|h2*@LKQXhb><*{R*Jf(@8
zY$OqdwZ-Q+F@6RT78Eq0Ox<a%ve8lBwj!3w#bHcChQUO$tZ<bC(;Bc^+_0{FcrBK>
z7E2?N#<?Z<@rYXBzvVTE`)Iv@)RS7G)Qk+a>ORLmDOHPt2r0}8y=oey_eMBnKWao?
zzzqj*{4Iup9tSlaQ2Xflf{}|BKqv=JVyW5TzawaLUdehq*)*mE&(7dAQ!mYS!yC_)
z_~hW=5N5y8e%wV)U}|WnVl^07aJbwYOBgw&uK7kwE9nFp1m^2y<;15(7oteT>>i9D
zq`|0LUs+mOx?3U<N1I}+(pO6fSD8(5I#KD1Dy-rgBw;`qe+L}u%2fj)%=LOgGPp+B
z?ZREU??euNw5AY=AMl}abghXWwS?M?XIcNav~%DCYJK}>TqAQj2r0!XPtQcTX*LuT
z?AMRK3$WFygA5W&P`(E^cz*&Ay=&h9uCfbq0Hqi2*(Zbbme)X=7^7UsZc54y7k;Hh
zba2C`F`oT0rDsl4tETm5mcMnL_hz&VdJ^n(gsbL}ZkJjMuEJnd%X065qkhOId}IrH
z*SKyC{@XcC2D@WFW2L)Fg(xV?tLaa%o5zHdc=wYk!n0_S(~At<KRmUj60RnR<%g%b
zbYAE`l61p3#G-KV^}+9|h431dH6Chy!Gej(=WHR6T_IM^m9XfGz0y1oJy-~bASCd1
ziynE49*BO6r^J8{Pp&2Fmm@U#Jf}bg(C*yf{}D}njyo^I6oUM8N+91g>VeZ>8p&l~
zNP->BO?(&*TWW0CQyj@A!T@_vnPLVX-?h{;XMYuhi&pZy*~877HlWcOo=4EdQ$v31
zV(^_!^~9Btb|tlH^LKQXe$+9^8rwF`!*dw!s9a)lg5a`Cp_G3YK=I?KWjQ$2e<V#W
zX(<>u^>W+}P@3V4qlQE(<8+hGus<Xy(<C@<M+V9`kWn$z!2qr)5w+;MeE4=<R!E-3
zME1+D?mVCyx#_=HvN0BxhYI8Wa0V+#>(9WfMzs!huRZHumlI|7d#b0W_ph;615qnW
zHS|afD{yL6(@LUXrIzcpcq{eS;Lf4|?a%XrHCFPjr;Fc$bM(%9-doQ#$V5MfOr4k^
z@q#gJG|7I_8d&KLtI}H`+WZ;up{*)?Qm^~(t@JA2Cp;OGIC;q+%@u6;z0=oggI$4z
zO#5pBU3dgar0@`<X?^0u$B*{_Vettyt{)MfG-ECuZj%}bkrGN4-fHk4G1K}eZt*53
zKF3}gpR0{X`l$$m-u_Qhy6A&@?^mLgM$pk`4@ZRY5Hbxb7vIdf=?|#PW?Xi3pPe3K
z4r7o~RFk|X{)rtX#*Au}hzTaIeN`-0AYoVJARX`N(|S6Ahix{DMmWt#0RNnCy<6q5
z;n=e;8Nf`(+TZDWsa<a~{x%-HgYEEw#2jcLhX?j4Cp!V9|G1EJ-G3IA%i?xZ4E#zf
zR{{q5`=mi>&$p8g5=EgQW=;ELcHw`1j*~CFMkA|z=eM1tD3@Afmh@IXIkKD-m4Gu7
zps8->mUVWeU{V*j`HV&&J&AO18VJ=_8Bh*!|F7+ywASq1$ytsf3cM3`NMHJ}O#Pvr
zsJ7RHmaJ4xdDeZLF6(|yU9>=yNqfeOL|%s`H;d$BJon4*A3w$8!n0_@Eqle!)o*8C
zlJwRDHaU148cj;nG$*i{@T&33PP}z~@$29&RbHPk1zy?Wg@47Co|m4XVUW0@M%Y1R
zs<2zg7N?%l8I#ubefe1R<)$L%7S_*l-!3evYMf@YiGkz8ufsY^x%j)UnrztgwK(+Y
z*8`kEKLc7f?z*a2a5Il5<wSF8lK-R&3I>@kCa`#YGqSlBciM8hFv}A|#|hi})D&NP
zv?^Oi{txmJ+Z0%q^Spwchr4~-pF$;@I(0*)vN`uRsye7C@M%sCS>M#85$_|U9llP)
z{lE*o2^ac9EKQm_5@*~}dD_c+*eJqn``<FA+LF^Hv-Jg19=e?FFzsZx0opO~dD<Pf
zw>wx(wB9?vc7Cz!RNK5Y`zLUwG~SO8UA}rJ*N=znvn}5Wv|Lg1c~{<f>IP4iy#wC_
z!za8=8?^Jka8I24!Sm+L;%DM=jljJ*i7PTMn5<g8S~gihUENdW&Fcc5r4k>?!Vh(3
z9kye+(J45$jl=klv{{9U%j}05(>ADku2G1xEVOtjT+rChrxxya(2*gkT!+!&-Vf;~
zy+2R&Rch`FSKvG$qaqlx)}|mu(UB#w!Q##Yw}Ljw?JdAv))I}(f)i8(+2+S5oKy<C
z-0=8nr`Pf3$zT};C59r7+2>6^q$slThVsv1lW|>>%ToBGcsA&S1TMx2%{_8Ft5%*|
z^>?9S_YFUfM-68unDYH|0PO?s;5cxk<$$!OP@+mlM2xei*hblgX3iyyOb7EVW=4GG
zc(nX*ZW7C)Zic3;lpi~Kn0Tx$k9cc;Ntu}Q<KzjE3GF>W4PuLm|9O?Pm%OTOJ3YT3
zT1rT7&Y_>NpYH$oZ?Npf3cbp{8GoWBejm>D>uKm&#lm^Q!#jijrI46h<faFV=Yc!c
zfxE^NK%4f9BZ@qM>;oJwVvN8YtX<QrkAY+xEP-3d&m^8y1s;h2+&Lc!<SA)Ky^{bc
zG+=rL+!Acit~wpG^S#F*1+>e3O~%e-urV`$TXcYXm|}#$Dkr)EH|%U$^t2Cb%wV(d
bpM2V^?Rx*%sy_n{+F|f?^>bP0l+XkK?n-Gh

literal 0
HcmV?d00001

diff --git a/docs/userguide/networking/images/working.svg b/docs/userguide/networking/images/working.svg
new file mode 100644
index 00000000..f39955e1
--- /dev/null
+++ b/docs/userguide/networking/images/working.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="395.38636363636374" height="260.14285409109937"><style xmlns="http://www.w3.org/1999/xhtml"></style><defs><linearGradient id="sPzEQVqdSRsT" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="fqfAXxKRigOu" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="yMasebRINhtx" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient></defs><g transform="translate(0,0)"><g><rect fill="#ffffff" stroke="none" x="0" y="0" width="395.38636363636374" height="260.14285409109937"/></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,113.38636363636374,116.14285409109937)"><g><g transform="translate(0,0) scale(3.742857142857143,2.8181818181818183)"><g><g><g><path fill="#929292" stroke="rgb(0,0,0)" d="M 58.97 19.094 C 58.977 18.895 59 18.7 59 18.5 C 59 8.283 50.717 0 40.5 0 C 33.11 0 26.751 4.344 23.787 10.607 C 22.275 9.593 20.458 9 18.5 9 C 13.5 9 9.41 12.866 9.037 17.771 C 3.778 19.616 0 24.61 0 30.5 C 0 37.787 5.778 43.71 13 43.975 L 13 44 L 58 44 L 58 43.975 C 64.671 43.71 70 38.235 70 31.5 C 70 25.095 65.18 19.822 58.97 19.094 Z M 58 41.975 L 58 42 L 13 42 L 13 41.975 C 6.883 41.711 2 36.683 2 30.5 C 2 24.994 5.872 20.398 11.039 19.271 C 11.013 19.017 11 18.76 11 18.5 C 11 14.357 14.358 11 18.5 11 C 21.017 11 23.239 12.244 24.6 14.146 C 26.512 7.15 32.897 2 40.5 2 C 49.613 2 57 9.388 57 18.5 C 57 19.353 56.914 20.183 56.79 21 L 58 21 L 58 21.025 C 63.565 21.288 68 25.87 68 31.5 C 68 37.13 63.565 41.712 58 41.975 Z" stroke-opacity="0" stroke-miterlimit="10"/></g></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,15.386363636363683,113.14285409109937)"><g><g transform="translate(0,0) scale(3.3285714285714287,2.8863636363636362)"><g><g><g><path fill="#929292" stroke="rgb(0,0,0)" d="M 58.97 19.094 C 58.977 18.895 59 18.7 59 18.5 C 59 8.283 50.717 0 40.5 0 C 33.11 0 26.751 4.344 23.787 10.607 C 22.275 9.593 20.458 9 18.5 9 C 13.5 9 9.41 12.866 9.037 17.771 C 3.778 19.616 0 24.61 0 30.5 C 0 37.787 5.778 43.71 13 43.975 L 13 44 L 58 44 L 58 43.975 C 64.671 43.71 70 38.235 70 31.5 C 70 25.095 65.18 19.822 58.97 19.094 Z M 58 41.975 L 58 42 L 13 42 L 13 41.975 C 6.883 41.711 2 36.683 2 30.5 C 2 24.994 5.872 20.398 11.039 19.271 C 11.013 19.017 11 18.76 11 18.5 C 11 14.357 14.358 11 18.5 11 C 21.017 11 23.239 12.244 24.6 14.146 C 26.512 7.15 32.897 2 40.5 2 C 49.613 2 57 9.388 57 18.5 C 57 19.353 56.914 20.183 56.79 21 L 58 21 L 58 21.025 C 63.565 21.288 68 25.87 68 31.5 C 68 37.13 63.565 41.712 58 41.975 Z" stroke-opacity="0" stroke-miterlimit="10"/></g></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,150,180.46785409109935)"><g><g transform="translate(0,0) scale(0.62,0.2946428571428572)"><g><path fill="url(#sPzEQVqdSRsT)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1.6129032258064517,3.393939393939393)"><path fill="none" stroke="none" d="M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#sPzEQVqdSRsT)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,157.4593795664339,175.9678540910995)"><g transform="translate(0,0)"><g transform="translate(-159.92,-180.07499694824222) translate(2.4606204335660777,4.107142857142719) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 161.9593795664339 180.4678540910995 L 161.9593795664339 209.93213980538494" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,195.54062043356592,175.96785409109907)"><g transform="translate(0,0)"><g transform="translate(-201.46,-181.6464255196708) translate(5.919379566434088,5.678571428571729) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 200.04062043356592 180.46785409109907 L 200.04062043356592 209.93213980538522" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,176.5,175.96785409109935)"><g transform="translate(0,0)"><g transform="translate(-179.14,-181.6464255196708) translate(2.6399999999999864,5.678571428571445) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 181 180.46785409109935 L 181 209.93213980538508" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,108,217)"><g transform="translate(90,0) matrix(1,0,0,1,0,0) translate(-90,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(90,0) matrix(1,0,0,1,0,0) translate(-90,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(90,0) matrix(1,0,0,1,0,0) translate(-90,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="45" y="0" width="57" height="14" fill-opacity="0"/></g></g><g transform="translate(90,0) matrix(1,0,0,1,0,0) translate(-90,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="45" y="0" width="57" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="45" y="12">container2</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,261,182.46785409109935)"><g><g transform="translate(0,0) scale(0.62,0.2946428571428572)"><g><path fill="url(#fqfAXxKRigOu)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1.6129032258064517,3.393939393939393)"><path fill="none" stroke="none" d="M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#fqfAXxKRigOu)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,268.45937956643394,177.9678540910995)"><g transform="translate(0,0)"><g transform="translate(-270.92,-182.07499694824222) translate(2.4606204335660777,4.107142857142719) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 272.95937956643394 182.4678540910995 L 272.95937956643394 211.93213980538494" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,306.5406204335659,177.96785409109907)"><g transform="translate(0,0)"><g transform="translate(-312.46,-183.6464255196708) translate(5.919379566434088,5.678571428571729) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 311.0406204335659 182.46785409109907 L 311.0406204335659 211.93213980538522" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,287.5,177.96785409109935)"><g transform="translate(0,0)"><g transform="translate(-290.14,-183.6464255196708) translate(2.6399999999999864,5.678571428571445) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 292 182.46785409109935 L 292 211.93213980538508" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,219,219)"><g transform="translate(90,0) matrix(1,0,0,1,0,0) translate(-90,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(90,0) matrix(1,0,0,1,0,0) translate(-90,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(90,0) matrix(1,0,0,1,0,0) translate(-90,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="45" y="0" width="57" height="14" fill-opacity="0"/></g></g><g transform="translate(90,0) matrix(1,0,0,1,0,0) translate(-90,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="45" y="0" width="57" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="45" y="12">container3</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,43,180.46785409109935)"><g><g transform="translate(0,0) scale(0.62,0.2946428571428572)"><g><path fill="url(#yMasebRINhtx)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1.6129032258064517,3.393939393939393)"><path fill="none" stroke="none" d="M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#yMasebRINhtx)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 62 0 Q 62 0 62 0 L 62 29.464285714285722 Q 62 29.464285714285722 62 29.464285714285722 L 0 29.464285714285722 Q 0 29.464285714285722 0 29.464285714285722 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,50.45937956643392,175.9678540910995)"><g transform="translate(0,0)"><g transform="translate(-52.919999999999995,-180.07499694824222) translate(2.4606204335660777,4.107142857142719) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 54.95937956643392 180.4678540910995 L 54.95937956643392 209.93213980538494" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,88.54062043356592,175.96785409109907)"><g transform="translate(0,0)"><g transform="translate(-94.46000000000001,-181.6464255196708) translate(5.919379566434088,5.678571428571729) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 93.04062043356592 180.46785409109907 L 93.04062043356592 209.93213980538522" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,69.5,175.96785409109935)"><g transform="translate(0,0)"><g transform="translate(-72.14,-181.6464255196708) translate(2.6400000000000006,5.678571428571445) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 74 180.46785409109935 L 74 209.93213980538508" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,1,217)"><g transform="translate(90,0) matrix(1,0,0,1,0,0) translate(-90,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(90,0) matrix(1,0,0,1,0,0) translate(-90,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(90,0) matrix(1,0,0,1,0,0) translate(-90,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="45" y="0" width="57" height="14" fill-opacity="0"/></g></g><g transform="translate(90,0) matrix(1,0,0,1,0,0) translate(-90,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="45" y="0" width="57" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="45" y="12">container1</text></g></g><g transform="matrix(1,0,0,1,187,143)"><g transform="translate(183,42) matrix(1,0,0,1,0,0) translate(-183,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="28" fill-opacity="0"/></g></g><g transform="translate(183,42) matrix(1,0,0,1,0,0) translate(-183,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(183,42) matrix(1,0,0,1,0,0) translate(-183,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="39" y="0" width="69" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="39" y="12">isolated_nw</text></g><g transform="translate(183,42) matrix(1,0,0,1,0,0) translate(-183,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(183,42) matrix(1,0,0,1,0,0) translate(-183,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="72" y="14" width="5" height="14" fill-opacity="0"/></g></g><g transform="translate(183,42) matrix(1,0,0,1,0,0) translate(-183,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="72" y="14" width="5" height="14" fill-opacity="0"/></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,15,5.1999969482421875)"><g><g transform="translate(0,0) scale(1.0376509657550772,1.0231999999999999)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="matrix(1,0,0,1,81.616,49.859996948242184)"><g transform="translate(0,0)"><g transform="translate(-53,-57.19999694824219) translate(-28.616,7.340000000000003) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 88.116 56.359996948242184 L 132 56.359996948242184 Q 142 56.359996948242184 142 66.35999694824218 L 142 114.19999694824219" stroke-miterlimit="10" stroke-width="6"/></g></g></g></g><g transform="matrix(1,0,0,1,198,108)"><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g/></g><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g><rect fill="rgb(0,0,0)" stroke="none" x="74" y="-7" width="1" height="14" fill-opacity="0"/></g></g><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g><rect fill="rgb(0,0,0)" stroke="none" x="74" y="-7" width="1" height="14" fill-opacity="0"/></g></g><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g/></g></g><g transform="matrix(1,0,0,1,7,116)"><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="75" height="14" fill-opacity="0"/></g></g><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="75" height="14" fill-opacity="0"/></g></g><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="4" y="0" width="67" height="14" fill-opacity="0"/></g></g><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="4" y="0" width="67" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="5" y="12">Docker</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46" y="12">Host</text></g></g><g transform="matrix(1,0,0,1,57,139)"><g transform="translate(108,0) matrix(1,0,0,1,0,0) translate(-108,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(108,0) matrix(1,0,0,1,0,0) translate(-108,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(108,0) matrix(1,0,0,1,0,0) translate(-108,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="54" y="0" width="41" height="14" fill-opacity="0"/></g></g><g transform="translate(108,0) matrix(1,0,0,1,0,0) translate(-108,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="54" y="0" width="38" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="54" y="12">bridge</text></g></g><g transform="matrix(1,0,0,1,81.616,49.859996948242184)"><g transform="translate(0,0)"><g transform="translate(-85,-50) translate(3.3840000000000003,0.1400030517578159) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 88.116 56.359996948242184 L 255.558 56.359996948242184 Q 265.558 56.359996948242184 265.558 66.35999694824218 L 265.558 107 Q 265.558 117 265.279 117 L 265 117" stroke-miterlimit="10" stroke-width="6"/></g></g></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/userguide/networking/index.md b/docs/userguide/networking/index.md
new file mode 100644
index 00000000..eb613c6d
--- /dev/null
+++ b/docs/userguide/networking/index.md
@@ -0,0 +1,21 @@
+<!--[metadata]>
++++
+title = "Network configuration"
+description = "Docker networking feature is introduced"
+keywords = ["network, networking, bridge, docker,  documentation"]
+[menu.main]
+identifier="smn_networking"
+parent= "engine_guide"
+weight=7
++++
+<![end-metadata]-->
+
+# Docker networks feature overview
+
+This sections explains how to use the Docker networks feature. This feature allows users to define their own networks and connect containers to them. Using this feature you can create a network on a single host or a network that spans across multiple hosts.
+
+- [Understand Docker container networks](dockernetworks.md)
+- [Work with network commands](work-with-networks.md)
+- [Get started with multi-host networking](get-started-overlay.md)
+
+If you are already familiar with Docker's default bridge network, `docker0` that network continues to be supported. It is created automatically in every installation. The default bridge network is also named `bridge`. To see a list of topics related to that network, read the articles listed in the [Docker default bridge network](default_network/index.md).
diff --git a/docs/userguide/networking/work-with-networks.md b/docs/userguide/networking/work-with-networks.md
new file mode 100644
index 00000000..6cd66948
--- /dev/null
+++ b/docs/userguide/networking/work-with-networks.md
@@ -0,0 +1,863 @@
+<!--[metadata]>
++++
+title = "Work with network commands"
+description = "How to work with docker networks"
+keywords = ["commands, Usage, network, docker, cluster"]
+[menu.main]
+parent = "smn_networking"
+weight=-4
++++
+<![end-metadata]-->
+
+# Work with network commands
+
+This article provides examples of the network subcommands you can use to interact with Docker networks and the containers in them. The commands are available through the Docker Engine CLI.  These commands are:
+
+* `docker network create`
+* `docker network connect`
+* `docker network ls`
+* `docker network rm`
+* `docker network disconnect`
+* `docker network inspect`
+
+While not required, it is a good idea to read [Understanding Docker
+network](dockernetworks.md) before trying the examples in this section. The
+examples for the rely on a `bridge` network so that you can try them
+immediately.  If you would prefer to experiment with an `overlay` network see
+the [Getting started with multi-host networks](get-started-overlay.md) instead.
+
+## Create networks
+
+Docker Engine creates a `bridge` network automatically when you install Engine.
+This network corresponds to the `docker0` bridge that Engine has traditionally
+relied on. In addition to this network, you can create your own `bridge` or `overlay` network.  
+
+A `bridge` network resides on a single host running an instance of Docker Engine.  An `overlay` network can span multiple hosts running their own engines. If you run `docker network create` and supply only a network name, it creates a bridge network for you.
+
+```bash
+$ docker network create simple-network
+69568e6336d8c96bbf57869030919f7c69524f71183b44d80948bd3927c87f6a
+$ docker network inspect simple-network
+[
+    {
+        "Name": "simple-network",
+        "Id": "69568e6336d8c96bbf57869030919f7c69524f71183b44d80948bd3927c87f6a",
+        "Scope": "local",
+        "Driver": "bridge",
+        "IPAM": {
+            "Driver": "default",
+            "Config": [
+                {
+                    "Subnet": "172.22.0.0/16",
+                    "Gateway": "172.22.0.1/16"
+                }
+            ]
+        },
+        "Containers": {},
+        "Options": {}
+    }
+]
+```
+
+Unlike `bridge` networks, `overlay` networks require some pre-existing conditions
+before you can create one. These conditions are:
+
+* Access to a key-value store. Engine supports Consul, Etcd, and ZooKeeper (Distributed store) key-value stores.
+* A cluster of hosts with connectivity to the key-value store.
+* A properly configured Engine `daemon` on each host in the swarm.
+
+The `docker daemon` options that support the `overlay` network are:
+
+* `--cluster-store`
+* `--cluster-store-opt`
+* `--cluster-advertise`
+
+It is also a good idea, though not required, that you install Docker Swarm
+to manage the cluster. Swarm provides sophisticated discovery and server
+management that can assist your implementation.
+
+When you create a network, Engine creates a non-overlapping subnetwork for the
+network by default. You can override this default and specify a subnetwork
+directly using the `--subnet` option. On a `bridge` network you can only
+specify a single subnet. An `overlay` network supports multiple subnets.
+
+> **Note** : It is highly recommended to use the `--subnet` option while creating
+> a network. If the `--subnet` is not specified, the docker daemon automatically
+> chooses and assigns a subnet for the network and it could overlap with another subnet
+> in your infrastructure that is not managed by docker. Such overlaps can cause
+> connectivity issues or failures when containers are connected to that network.
+
+In addition to the `--subnet` option, you also specify the `--gateway` `--ip-range` and `--aux-address` options.
+
+```bash
+$ docker network create -d overlay
+  --subnet=192.168.0.0/16 --subnet=192.170.0.0/16
+  --gateway=192.168.0.100 --gateway=192.170.0.100
+  --ip-range=192.168.1.0/24
+  --aux-address a=192.168.1.5 --aux-address b=192.168.1.6
+  --aux-address a=192.170.1.5 --aux-address b=192.170.1.6
+  my-multihost-network
+```
+
+Be sure that your subnetworks do not overlap. If they do, the network create fails and Engine returns an error.
+
+When creating a custom network, the default network driver (i.e. `bridge`) has additional options that can be passed.
+The following are those options and the equivalent docker daemon flags used for docker0 bridge:
+
+| Option                                           | Equivalent  | Description                                           |
+|--------------------------------------------------|-------------|-------------------------------------------------------|
+| `com.docker.network.bridge.name`                 | -           | bridge name to be used when creating the Linux bridge |
+| `com.docker.network.bridge.enable_ip_masquerade` | `--ip-masq` | Enable IP masquerading                                |
+| `com.docker.network.bridge.enable_icc`           | `--icc`     | Enable or Disable Inter Container Connectivity        |
+| `com.docker.network.bridge.host_binding_ipv4`    | `--ip`      | Default IP when binding container ports               |
+| `com.docker.network.mtu`                         | `--mtu`     | Set the containers network MTU                        |
+
+The following arguments can be passed to `docker network create` for any network driver.
+
+| Argument     | Equivalent | Description                              |
+|--------------|------------|------------------------------------------|
+| `--internal` | -          | Restricts external access to the network |
+| `--ipv6`     | `--ipv6`   | Enable IPv6 networking                   |
+
+For example, now let's use `-o` or `--opt` options to specify an IP address binding when publishing ports:
+
+```bash
+$ docker network create -o "com.docker.network.bridge.host_binding_ipv4"="172.23.0.1" my-network
+b1a086897963e6a2e7fc6868962e55e746bee8ad0c97b54a5831054b5f62672a
+$ docker network inspect my-network
+[
+    {
+        "Name": "my-network",
+        "Id": "b1a086897963e6a2e7fc6868962e55e746bee8ad0c97b54a5831054b5f62672a",
+        "Scope": "local",
+        "Driver": "bridge",
+        "IPAM": {
+            "Driver": "default",
+            "Options": {},
+            "Config": [
+                {
+                    "Subnet": "172.23.0.0/16",
+                    "Gateway": "172.23.0.1/16"
+                }
+            ]
+        },
+        "Containers": {},
+        "Options": {
+            "com.docker.network.bridge.host_binding_ipv4": "172.23.0.1"
+        }
+    }
+]
+$ docker run -d -P --name redis --net my-network redis
+bafb0c808c53104b2c90346f284bda33a69beadcab4fc83ab8f2c5a4410cd129
+$ docker ps
+CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                        NAMES
+bafb0c808c53        redis               "/entrypoint.sh redis"   4 seconds ago       Up 3 seconds        172.23.0.1:32770->6379/tcp   redis
+```
+
+## Connect containers
+
+You can connect containers dynamically to one or more networks. These networks
+can be backed the same or different network drivers. Once connected, the
+containers can communicate using another container's IP address or name.
+
+For `overlay` networks or custom plugins that support multi-host
+connectivity, containers connected to the same multi-host network but launched
+from different hosts can also communicate in this way.
+
+Create two containers for this example:
+
+```bash
+$ docker run -itd --name=container1 busybox
+18c062ef45ac0c026ee48a83afa39d25635ee5f02b58de4abc8f467bcaa28731
+
+$ docker run -itd --name=container2 busybox
+498eaaaf328e1018042c04b2de04036fc04719a6e39a097a4f4866043a2c2152
+```
+
+Then create an isolated, `bridge` network to test with.
+
+```bash
+$ docker network create -d bridge --subnet 172.25.0.0/16 isolated_nw
+06a62f1c73c4e3107c0f555b7a5f163309827bfbbf999840166065a8f35455a8
+```
+
+Connect `container2` to the network and then `inspect` the network to verify the connection:
+
+```
+$ docker network connect isolated_nw container2
+$ docker network inspect isolated_nw
+[
+    {
+        "Name": "isolated_nw",
+        "Id": "06a62f1c73c4e3107c0f555b7a5f163309827bfbbf999840166065a8f35455a8",
+        "Scope": "local",
+        "Driver": "bridge",
+        "IPAM": {
+            "Driver": "default",
+            "Config": [
+                {
+                    "Subnet": "172.21.0.0/16",
+                    "Gateway": "172.21.0.1/16"
+                }
+            ]
+        },
+        "Containers": {
+            "90e1f3ec71caf82ae776a827e0712a68a110a3f175954e5bd4222fd142ac9428": {
+                "Name": "container2",
+                "EndpointID": "11cedac1810e864d6b1589d92da12af66203879ab89f4ccd8c8fdaa9b1c48b1d",
+                "MacAddress": "02:42:ac:19:00:02",
+                "IPv4Address": "172.25.0.2/16",
+                "IPv6Address": ""
+            }
+        },
+        "Options": {}
+    }
+]
+```
+
+You can see that the Engine automatically assigns an IP address to `container2`.
+Given we specified a `--subnet` when creating the network, Engine picked
+an address from that same subnet. Now, start a third container and connect it to
+the network on launch using the `docker run` command's `--net` option:
+
+```bash
+$ docker run --net=isolated_nw --ip=172.25.3.3 -itd --name=container3 busybox
+467a7863c3f0277ef8e661b38427737f28099b61fa55622d6c30fb288d88c551
+```
+
+As you can see you were able to specify the ip address for your container.
+As long as the network to which the container is connecting was created with
+a user specified subnet, you will be able to select the IPv4 and/or IPv6 address(es)
+for your container when executing `docker run` and `docker network connect` commands.
+The selected IP address is part of the container networking configuration and will be
+preserved across container reload. The feature is only available on user defined networks,
+because they guarantee their subnets configuration does not change across daemon reload.
+
+Now, inspect the network resources used by `container3`.
+
+```bash
+$ docker inspect --format='{{json .NetworkSettings.Networks}}'  container3
+{"isolated_nw":{"IPAMConfig":{"IPv4Address":"172.25.3.3"},"NetworkID":"1196a4c5af43a21ae38ef34515b6af19236a3fc48122cf585e3f3054d509679b",
+"EndpointID":"dffc7ec2915af58cc827d995e6ebdc897342be0420123277103c40ae35579103","Gateway":"172.25.0.1","IPAddress":"172.25.3.3","IPPrefixLen":16,"IPv6Gateway":"","GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"MacAddress":"02:42:ac:19:03:03"}}
+```
+Repeat this command for `container2`. If you have Python installed, you can pretty print the output.
+
+```bash
+$ docker inspect --format='{{json .NetworkSettings.Networks}}'  container2 | python -m json.tool
+{
+    "bridge": {
+        "NetworkID":"7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812",
+        "EndpointID": "0099f9efb5a3727f6a554f176b1e96fca34cae773da68b3b6a26d046c12cb365",
+        "Gateway": "172.17.0.1",
+        "GlobalIPv6Address": "",
+        "GlobalIPv6PrefixLen": 0,
+        "IPAMConfig": null,
+        "IPAddress": "172.17.0.3",
+        "IPPrefixLen": 16,
+        "IPv6Gateway": "",
+        "MacAddress": "02:42:ac:11:00:03"
+    },
+    "isolated_nw": {
+        "NetworkID":"1196a4c5af43a21ae38ef34515b6af19236a3fc48122cf585e3f3054d509679b",
+        "EndpointID": "11cedac1810e864d6b1589d92da12af66203879ab89f4ccd8c8fdaa9b1c48b1d",
+        "Gateway": "172.25.0.1",
+        "GlobalIPv6Address": "",
+        "GlobalIPv6PrefixLen": 0,
+        "IPAMConfig": null,
+        "IPAddress": "172.25.0.2",
+        "IPPrefixLen": 16,
+        "IPv6Gateway": "",
+        "MacAddress": "02:42:ac:19:00:02"
+    }
+}
+```
+
+You should find `container2` belongs to two networks.  The `bridge` network
+which it joined by default when you launched it and the `isolated_nw` which you
+later connected it to.
+
+![](images/working.png)
+
+In the case of `container3`, you connected it through `docker run` to the
+`isolated_nw` so that container is not connected to `bridge`.
+
+Use the `docker attach` command to connect to the running `container2` and
+examine its networking stack:
+
+```bash
+$ docker attach container2
+```
+
+If you look a the container's network stack you should see two Ethernet interfaces, one for the default bridge network and one for the `isolated_nw` network.
+
+```bash
+/ # ifconfig
+eth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:03  
+          inet addr:172.17.0.3  Bcast:0.0.0.0  Mask:255.255.0.0
+          inet6 addr: fe80::42:acff:fe11:3/64 Scope:Link
+          UP BROADCAST RUNNING MULTICAST  MTU:9001  Metric:1
+          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
+          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
+          collisions:0 txqueuelen:0
+          RX bytes:648 (648.0 B)  TX bytes:648 (648.0 B)
+
+eth1      Link encap:Ethernet  HWaddr 02:42:AC:15:00:02  
+          inet addr:172.25.0.2  Bcast:0.0.0.0  Mask:255.255.0.0
+          inet6 addr: fe80::42:acff:fe19:2/64 Scope:Link
+          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
+          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
+          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
+          collisions:0 txqueuelen:0
+          RX bytes:648 (648.0 B)  TX bytes:648 (648.0 B)
+
+lo        Link encap:Local Loopback  
+          inet addr:127.0.0.1  Mask:255.0.0.0
+          inet6 addr: ::1/128 Scope:Host
+          UP LOOPBACK RUNNING  MTU:65536  Metric:1
+          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
+          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
+          collisions:0 txqueuelen:0
+          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
+```
+
+On the `isolated_nw` which was user defined, the Docker embedded DNS server enables name resolution for other containers in the network.  Inside of `container2` it is possible to ping `container3` by name.
+
+```bash
+/ # ping -w 4 container3
+PING container3 (172.25.3.3): 56 data bytes
+64 bytes from 172.25.3.3: seq=0 ttl=64 time=0.070 ms
+64 bytes from 172.25.3.3: seq=1 ttl=64 time=0.080 ms
+64 bytes from 172.25.3.3: seq=2 ttl=64 time=0.080 ms
+64 bytes from 172.25.3.3: seq=3 ttl=64 time=0.097 ms
+
+--- container3 ping statistics ---
+4 packets transmitted, 4 packets received, 0% packet loss
+round-trip min/avg/max = 0.070/0.081/0.097 ms
+```
+
+This isn't the case for the default `bridge` network. Both `container2` and  `container1` are connected to the default bridge network. Docker does not support automatic service discovery on this network. For this reason, pinging  `container1` by name fails as you would expect based on the `/etc/hosts` file:
+
+```bash
+/ # ping -w 4 container1
+ping: bad address 'container1'
+```
+
+A ping using the `container1` IP address does succeed though:
+
+```bash
+/ # ping -w 4 172.17.0.2
+PING 172.17.0.2 (172.17.0.2): 56 data bytes
+64 bytes from 172.17.0.2: seq=0 ttl=64 time=0.095 ms
+64 bytes from 172.17.0.2: seq=1 ttl=64 time=0.075 ms
+64 bytes from 172.17.0.2: seq=2 ttl=64 time=0.072 ms
+64 bytes from 172.17.0.2: seq=3 ttl=64 time=0.101 ms
+
+--- 172.17.0.2 ping statistics ---
+4 packets transmitted, 4 packets received, 0% packet loss
+round-trip min/avg/max = 0.072/0.085/0.101 ms
+```
+
+If you wanted you could connect `container1` to `container2` with the `docker
+run --link` command and that would enable the two containers to interact by name
+as well as IP.
+
+Detach from a `container2` and leave it running using `CTRL-p CTRL-q`.
+
+In this example, `container2` is attached to both networks and so can talk to
+`container1` and `container3`. But `container3` and `container1` are not in the
+same network and cannot communicate. Test, this now by attaching to
+`container3` and attempting to ping `container1` by IP address.
+
+```bash
+$ docker attach container3
+/ # ping 172.17.0.2
+PING 172.17.0.2 (172.17.0.2): 56 data bytes
+^C
+--- 172.17.0.2 ping statistics ---
+10 packets transmitted, 0 packets received, 100% packet loss
+
+```
+
+You can connect both running and non-running containers to a network. However,
+`docker network inspect` only displays information on running containers.
+
+### Linking containers in user-defined networks
+
+In the above example, `container2` was able to resolve `container3`'s name automatically
+in the user defined network `isolated_nw`, but the name resolution did not succeed
+automatically in the default `bridge` network. This is expected in order to maintain
+backward compatibility with [legacy link](default_network/dockerlinks.md).
+
+The `legacy link` provided 4 major functionalities to the default `bridge` network.
+
+* name resolution
+* name alias for the linked container using `--link=CONTAINER-NAME:ALIAS`
+* secured container connectivity (in isolation via `--icc=false`)
+* environment variable injection
+
+Comparing the above 4 functionalities with the non-default user-defined networks such as
+`isolated_nw` in this example, without any additional config, `docker network` provides
+
+* automatic name resolution using DNS
+* automatic secured isolated environment for the containers in a network
+* ability to dynamically attach and detach to multiple networks
+* supports the `--link` option to provide name alias for the linked container
+
+Continuing with the above example, create another container `container4` in `isolated_nw`
+with `--link` to provide additional name resolution using alias for other containers in
+the same network.
+
+```bash
+$ docker run --net=isolated_nw -itd --name=container4 --link container5:c5 busybox
+01b5df970834b77a9eadbaff39051f237957bd35c4c56f11193e0594cfd5117c
+```
+
+With the help of `--link` `container4` will be able to reach `container5` using the
+aliased name `c5` as well.
+
+Please note that while creating `container4`, we linked to a container named `container5`
+which is not created yet. That is one of the differences in behavior between the
+*legacy link* in default `bridge` network and the new *link* functionality in user defined
+networks. The *legacy link* is static in nature and it hard-binds the container with the
+alias and it doesn't tolerate linked container restarts. While the new *link* functionality
+in user defined networks are dynamic in nature and supports linked container restarts
+including tolerating ip-address changes on the linked container.
+
+Now let us launch another container named `container5` linking `container4` to c4.
+
+```bash
+$ docker run --net=isolated_nw -itd --name=container5 --link container4:c4 busybox
+72eccf2208336f31e9e33ba327734125af00d1e1d2657878e2ee8154fbb23c7a
+```
+
+As expected, `container4` will be able to reach `container5` by both its container name and
+its alias c5 and `container5` will be able to reach `container4` by its container name and
+its alias c4.
+
+```bash
+$ docker attach container4
+/ # ping -w 4 c5
+PING c5 (172.25.0.5): 56 data bytes
+64 bytes from 172.25.0.5: seq=0 ttl=64 time=0.070 ms
+64 bytes from 172.25.0.5: seq=1 ttl=64 time=0.080 ms
+64 bytes from 172.25.0.5: seq=2 ttl=64 time=0.080 ms
+64 bytes from 172.25.0.5: seq=3 ttl=64 time=0.097 ms
+
+--- c5 ping statistics ---
+4 packets transmitted, 4 packets received, 0% packet loss
+round-trip min/avg/max = 0.070/0.081/0.097 ms
+
+/ # ping -w 4 container5
+PING container5 (172.25.0.5): 56 data bytes
+64 bytes from 172.25.0.5: seq=0 ttl=64 time=0.070 ms
+64 bytes from 172.25.0.5: seq=1 ttl=64 time=0.080 ms
+64 bytes from 172.25.0.5: seq=2 ttl=64 time=0.080 ms
+64 bytes from 172.25.0.5: seq=3 ttl=64 time=0.097 ms
+
+--- container5 ping statistics ---
+4 packets transmitted, 4 packets received, 0% packet loss
+round-trip min/avg/max = 0.070/0.081/0.097 ms
+```
+
+```bash
+$ docker attach container5
+/ # ping -w 4 c4
+PING c4 (172.25.0.4): 56 data bytes
+64 bytes from 172.25.0.4: seq=0 ttl=64 time=0.065 ms
+64 bytes from 172.25.0.4: seq=1 ttl=64 time=0.070 ms
+64 bytes from 172.25.0.4: seq=2 ttl=64 time=0.067 ms
+64 bytes from 172.25.0.4: seq=3 ttl=64 time=0.082 ms
+
+--- c4 ping statistics ---
+4 packets transmitted, 4 packets received, 0% packet loss
+round-trip min/avg/max = 0.065/0.070/0.082 ms
+
+/ # ping -w 4 container4
+PING container4 (172.25.0.4): 56 data bytes
+64 bytes from 172.25.0.4: seq=0 ttl=64 time=0.065 ms
+64 bytes from 172.25.0.4: seq=1 ttl=64 time=0.070 ms
+64 bytes from 172.25.0.4: seq=2 ttl=64 time=0.067 ms
+64 bytes from 172.25.0.4: seq=3 ttl=64 time=0.082 ms
+
+--- container4 ping statistics ---
+4 packets transmitted, 4 packets received, 0% packet loss
+round-trip min/avg/max = 0.065/0.070/0.082 ms
+```
+
+Similar to the legacy link functionality the new link alias is localized to a container
+and the aliased name has no meaning outside of the container using the `--link`.
+
+Also, it is important to note that if a container belongs to multiple networks, the
+linked alias is scoped within a given network. Hence the containers can be linked to
+different aliases in different networks.
+
+Extending the example, let us create another network named `local_alias`
+
+```bash
+$ docker network create -d bridge --subnet 172.26.0.0/24 local_alias
+76b7dc932e037589e6553f59f76008e5b76fa069638cd39776b890607f567aaa
+```
+
+let us connect `container4` and `container5` to the new network `local_alias`
+
+```
+$ docker network connect --link container5:foo local_alias container4
+$ docker network connect --link container4:bar local_alias container5
+```
+
+```bash
+$ docker attach container4
+
+/ # ping -w 4 foo
+PING foo (172.26.0.3): 56 data bytes
+64 bytes from 172.26.0.3: seq=0 ttl=64 time=0.070 ms
+64 bytes from 172.26.0.3: seq=1 ttl=64 time=0.080 ms
+64 bytes from 172.26.0.3: seq=2 ttl=64 time=0.080 ms
+64 bytes from 172.26.0.3: seq=3 ttl=64 time=0.097 ms
+
+--- foo ping statistics ---
+4 packets transmitted, 4 packets received, 0% packet loss
+round-trip min/avg/max = 0.070/0.081/0.097 ms
+
+/ # ping -w 4 c5
+PING c5 (172.25.0.5): 56 data bytes
+64 bytes from 172.25.0.5: seq=0 ttl=64 time=0.070 ms
+64 bytes from 172.25.0.5: seq=1 ttl=64 time=0.080 ms
+64 bytes from 172.25.0.5: seq=2 ttl=64 time=0.080 ms
+64 bytes from 172.25.0.5: seq=3 ttl=64 time=0.097 ms
+
+--- c5 ping statistics ---
+4 packets transmitted, 4 packets received, 0% packet loss
+round-trip min/avg/max = 0.070/0.081/0.097 ms
+```
+
+Note that the ping succeeds for both the aliases but on different networks.
+Let us conclude this section by disconnecting `container5` from the `isolated_nw`
+and observe the results
+
+```
+$ docker network disconnect isolated_nw container5
+
+$ docker attach container4
+
+/ # ping -w 4 c5
+ping: bad address 'c5'
+
+/ # ping -w 4 foo
+PING foo (172.26.0.3): 56 data bytes
+64 bytes from 172.26.0.3: seq=0 ttl=64 time=0.070 ms
+64 bytes from 172.26.0.3: seq=1 ttl=64 time=0.080 ms
+64 bytes from 172.26.0.3: seq=2 ttl=64 time=0.080 ms
+64 bytes from 172.26.0.3: seq=3 ttl=64 time=0.097 ms
+
+--- foo ping statistics ---
+4 packets transmitted, 4 packets received, 0% packet loss
+round-trip min/avg/max = 0.070/0.081/0.097 ms
+
+```
+
+In conclusion, the new link functionality in user defined networks provides all the
+benefits of legacy links while avoiding most of the well-known issues with *legacy links*.
+
+One notable missing functionality compared to *legacy links* is the injection of
+environment variables. Though very useful, environment variable injection is static
+in nature and must be injected when the container is started. One cannot inject
+environment variables into a running container without significant effort and hence
+it is not compatible with `docker network` which provides a dynamic way to connect/
+disconnect containers to/from a network.
+
+### Network-scoped alias
+
+While *link*s provide private name resolution that is localized within a container,
+the network-scoped alias provides a way for a container to be discovered by an
+alternate name by any other container within the scope of a particular network.
+Unlike the *link* alias, which is defined by the consumer of a service, the
+network-scoped alias is defined by the container that is offering the service
+to the network.
+
+Continuing with the above example, create another container in `isolated_nw` with a
+network alias.
+
+```bash
+$ docker run --net=isolated_nw -itd --name=container6 --net-alias app busybox
+8ebe6767c1e0361f27433090060b33200aac054a68476c3be87ef4005eb1df17
+```
+
+```bash
+$ docker attach container4
+/ # ping -w 4 app
+PING app (172.25.0.6): 56 data bytes
+64 bytes from 172.25.0.6: seq=0 ttl=64 time=0.070 ms
+64 bytes from 172.25.0.6: seq=1 ttl=64 time=0.080 ms
+64 bytes from 172.25.0.6: seq=2 ttl=64 time=0.080 ms
+64 bytes from 172.25.0.6: seq=3 ttl=64 time=0.097 ms
+
+--- app ping statistics ---
+4 packets transmitted, 4 packets received, 0% packet loss
+round-trip min/avg/max = 0.070/0.081/0.097 ms
+
+/ # ping -w 4 container6
+PING container5 (172.25.0.6): 56 data bytes
+64 bytes from 172.25.0.6: seq=0 ttl=64 time=0.070 ms
+64 bytes from 172.25.0.6: seq=1 ttl=64 time=0.080 ms
+64 bytes from 172.25.0.6: seq=2 ttl=64 time=0.080 ms
+64 bytes from 172.25.0.6: seq=3 ttl=64 time=0.097 ms
+
+--- container6 ping statistics ---
+4 packets transmitted, 4 packets received, 0% packet loss
+round-trip min/avg/max = 0.070/0.081/0.097 ms
+```
+
+Now let us connect `container6` to the `local_alias` network with a different network-scoped
+alias.
+
+```
+$ docker network connect --alias scoped-app local_alias container6
+```
+
+`container6` in this example now is aliased as `app` in network `isolated_nw` and
+as `scoped-app` in network `local_alias`.
+
+Let's try to reach these aliases from `container4` (which is connected to both these networks)
+and `container5` (which is connected only to `isolated_nw`).
+
+```bash
+$ docker attach container4
+
+/ # ping -w 4 scoped-app
+PING foo (172.26.0.5): 56 data bytes
+64 bytes from 172.26.0.5: seq=0 ttl=64 time=0.070 ms
+64 bytes from 172.26.0.5: seq=1 ttl=64 time=0.080 ms
+64 bytes from 172.26.0.5: seq=2 ttl=64 time=0.080 ms
+64 bytes from 172.26.0.5: seq=3 ttl=64 time=0.097 ms
+
+--- foo ping statistics ---
+4 packets transmitted, 4 packets received, 0% packet loss
+round-trip min/avg/max = 0.070/0.081/0.097 ms
+
+$ docker attach container5
+
+/ # ping -w 4 scoped-app
+ping: bad address 'scoped-app'
+
+```
+
+As you can see, the alias is scoped to the network it is defined on and hence only
+those containers that are connected to that network can access the alias.
+
+In addition to the above features, multiple containers can share the same network-scoped
+alias within the same network. For example, let's launch `container7` in `isolated_nw` with
+the same alias as `container6`
+
+```bash
+$ docker run --net=isolated_nw -itd --name=container7 --net-alias app busybox
+3138c678c123b8799f4c7cc6a0cecc595acbdfa8bf81f621834103cd4f504554
+```
+
+When multiple containers share the same alias, name resolution to that alias will happen
+to one of the containers (typically the first container that is aliased). When the container
+that backs the alias goes down or disconnected from the network, the next container that
+backs the alias will be resolved.
+
+Let us ping the alias `app` from `container4` and bring down `container6` to verify that
+`container7` is resolving the `app` alias.
+
+```bash
+$ docker attach container4
+/ # ping -w 4 app
+PING app (172.25.0.6): 56 data bytes
+64 bytes from 172.25.0.6: seq=0 ttl=64 time=0.070 ms
+64 bytes from 172.25.0.6: seq=1 ttl=64 time=0.080 ms
+64 bytes from 172.25.0.6: seq=2 ttl=64 time=0.080 ms
+64 bytes from 172.25.0.6: seq=3 ttl=64 time=0.097 ms
+
+--- app ping statistics ---
+4 packets transmitted, 4 packets received, 0% packet loss
+round-trip min/avg/max = 0.070/0.081/0.097 ms
+
+$ docker stop container6
+
+$ docker attach container4
+/ # ping -w 4 app
+PING app (172.25.0.7): 56 data bytes
+64 bytes from 172.25.0.7: seq=0 ttl=64 time=0.095 ms
+64 bytes from 172.25.0.7: seq=1 ttl=64 time=0.075 ms
+64 bytes from 172.25.0.7: seq=2 ttl=64 time=0.072 ms
+64 bytes from 172.25.0.7: seq=3 ttl=64 time=0.101 ms
+
+--- app ping statistics ---
+4 packets transmitted, 4 packets received, 0% packet loss
+round-trip min/avg/max = 0.072/0.085/0.101 ms
+
+```
+
+## Disconnecting containers
+
+You can disconnect a container from a network using the `docker network
+disconnect` command.
+
+```
+$ docker network disconnect isolated_nw container2
+
+docker inspect --format='{{json .NetworkSettings.Networks}}'  container2 | python -m json.tool
+{
+    "bridge": {
+        "NetworkID":"7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812",
+        "EndpointID": "9e4575f7f61c0f9d69317b7a4b92eefc133347836dd83ef65deffa16b9985dc0",
+        "Gateway": "172.17.0.1",
+        "GlobalIPv6Address": "",
+        "GlobalIPv6PrefixLen": 0,
+        "IPAddress": "172.17.0.3",
+        "IPPrefixLen": 16,
+        "IPv6Gateway": "",
+        "MacAddress": "02:42:ac:11:00:03"
+    }
+}
+
+
+$ docker network inspect isolated_nw
+[
+    {
+        "Name": "isolated_nw",
+        "Id": "06a62f1c73c4e3107c0f555b7a5f163309827bfbbf999840166065a8f35455a8",
+        "Scope": "local",
+        "Driver": "bridge",
+        "IPAM": {
+            "Driver": "default",
+            "Config": [
+                {
+                    "Subnet": "172.21.0.0/16",
+                    "Gateway": "172.21.0.1/16"
+                }
+            ]
+        },
+        "Containers": {
+            "467a7863c3f0277ef8e661b38427737f28099b61fa55622d6c30fb288d88c551": {
+                "Name": "container3",
+                "EndpointID": "dffc7ec2915af58cc827d995e6ebdc897342be0420123277103c40ae35579103",
+                "MacAddress": "02:42:ac:19:03:03",
+                "IPv4Address": "172.25.3.3/16",
+                "IPv6Address": ""
+            }
+        },
+        "Options": {}
+    }
+]
+```
+
+Once a container is disconnected from a network, it cannot communicate with
+other containers connected to that network. In this example, `container2` can no longer  talk to `container3` on the `isolated_nw` network.
+
+```
+$ docker attach container2
+
+/ # ifconfig
+eth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:03  
+          inet addr:172.17.0.3  Bcast:0.0.0.0  Mask:255.255.0.0
+          inet6 addr: fe80::42:acff:fe11:3/64 Scope:Link
+          UP BROADCAST RUNNING MULTICAST  MTU:9001  Metric:1
+          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
+          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
+          collisions:0 txqueuelen:0
+          RX bytes:648 (648.0 B)  TX bytes:648 (648.0 B)
+
+lo        Link encap:Local Loopback  
+          inet addr:127.0.0.1  Mask:255.0.0.0
+          inet6 addr: ::1/128 Scope:Host
+          UP LOOPBACK RUNNING  MTU:65536  Metric:1
+          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
+          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
+          collisions:0 txqueuelen:0
+          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
+
+/ # ping container3
+PING container3 (172.25.3.3): 56 data bytes
+^C
+--- container3 ping statistics ---
+2 packets transmitted, 0 packets received, 100% packet loss
+```
+
+The `container2` still has full connectivity to the bridge network
+
+```bash
+/ # ping container1
+PING container1 (172.17.0.2): 56 data bytes
+64 bytes from 172.17.0.2: seq=0 ttl=64 time=0.119 ms
+64 bytes from 172.17.0.2: seq=1 ttl=64 time=0.174 ms
+^C
+--- container1 ping statistics ---
+2 packets transmitted, 2 packets received, 0% packet loss
+round-trip min/avg/max = 0.119/0.146/0.174 ms
+/ #
+```
+
+There are certain scenarios such as ungraceful docker daemon restarts in multi-host network,
+where the daemon is unable to cleanup stale connectivity endpoints. Such stale endpoints
+may cause an error `container already connected to network` when a new container is
+connected to that network with the same name as the stale endpoint. In order to cleanup
+these stale endpoints, first remove the container and force disconnect 
+(`docker network disconnect -f`)  the endpoint from the network. Once the endpoint is 
+cleaned up, the container can be connected to the network.
+
+```
+$ docker run -d --name redis_db --net multihost redis
+ERROR: Cannot start container bc0b19c089978f7845633027aa3435624ca3d12dd4f4f764b61eac4c0610f32e: container already connected to network multihost
+
+$ docker rm -f redis_db
+$ docker network disconnect -f multihost redis_db
+
+$ docker run -d --name redis_db --net multihost redis
+7d986da974aeea5e9f7aca7e510bdb216d58682faa83a9040c2f2adc0544795a
+```
+
+## Remove a network
+
+When all the containers in a network are stopped or disconnected, you can remove a network.
+
+```bash
+$ docker network disconnect isolated_nw container3
+```
+
+```bash
+docker network inspect isolated_nw
+[
+    {
+        "Name": "isolated_nw",
+        "Id": "06a62f1c73c4e3107c0f555b7a5f163309827bfbbf999840166065a8f35455a8",
+        "Scope": "local",
+        "Driver": "bridge",
+        "IPAM": {
+            "Driver": "default",
+            "Config": [
+                {
+                    "Subnet": "172.21.0.0/16",
+                    "Gateway": "172.21.0.1/16"
+                }
+            ]
+        },
+        "Containers": {},
+        "Options": {}
+    }
+]
+
+$ docker network rm isolated_nw
+```
+
+List all your networks to verify the `isolated_nw` was removed:
+
+```
+$ docker network ls
+NETWORK ID          NAME                DRIVER
+72314fa53006        host                host                
+f7ab26d71dbd        bridge              bridge              
+0f32e83e61ac        none                null  
+```
+
+## Related information
+
+* [network create](../../reference/commandline/network_create.md)
+* [network inspect](../../reference/commandline/network_inspect.md)
+* [network connect](../../reference/commandline/network_connect.md)
+* [network disconnect](../../reference/commandline/network_disconnect.md)
+* [network ls](../../reference/commandline/network_ls.md)
+* [network rm](../../reference/commandline/network_rm.md)
diff --git a/docs/userguide/storagedriver/aufs-driver.md b/docs/userguide/storagedriver/aufs-driver.md
new file mode 100644
index 00000000..4651e66e
--- /dev/null
+++ b/docs/userguide/storagedriver/aufs-driver.md
@@ -0,0 +1,216 @@
+<!--[metadata]>
++++
+title = "AUFS storage driver in practice"
+description = "Learn how to optimize your use of AUFS driver."
+keywords = ["container, storage, driver, AUFS "]
+[menu.main]
+parent = "engine_driver"
++++
+<![end-metadata]-->
+
+# Docker and AUFS in practice
+
+AUFS was the first storage driver in use with Docker. As a result, it has a
+long and close history with Docker, is very stable, has a lot of real-world
+deployments, and has strong community support. AUFS has several features that
+make it a good choice for Docker. These features enable:
+
+- Fast container startup times.
+- Efficient use of storage.
+- Efficient use of memory.
+
+Despite its capabilities and long history with Docker, some Linux distributions
+ do not support AUFS. This is usually because AUFS is not included in the
+mainline (upstream) Linux kernel.
+
+The following sections examine some AUFS features and how they relate to
+Docker.
+
+## Image layering and sharing with AUFS
+
+AUFS is a *unification filesystem*. This means that it takes multiple
+directories on a single Linux host, stacks them on top of each other, and
+provides a single unified view. To achieve this, AUFS uses a *union mount*.
+
+AUFS stacks multiple directories and exposes them as a unified view through a
+single mount point. All of the directories in the stack, as well as the union
+mount point, must all exist on the same Linux host. AUFS refers to each
+directory that it stacks as a *branch*.
+
+Within Docker, AUFS union mounts enable image layering. The AUFS storage driver
+ implements Docker image layers using this union mount system. AUFS branches
+correspond to Docker image layers. The diagram below shows a Docker container
+based on the `ubuntu:latest` image.
+
+![](images/aufs_layers.jpg)
+
+This diagram shows that each image layer, and the container layer, is
+represented in the Docker hosts filesystem as a directory under
+`/var/lib/docker/`. The union mount point provides the unified view of all
+layers. As of Docker 1.10, image layer IDs do not correspond to the names of
+the directories that contain their data.
+
+AUFS also supports the copy-on-write technology (CoW). Not all storage drivers
+do.
+
+## Container reads and writes with AUFS
+
+Docker leverages AUFS CoW technology to enable image sharing and minimize the
+use of disk space. AUFS works at the file level. This means that all AUFS CoW
+operations copy entire files - even if only a small part of the file is being
+modified. This behavior can have a noticeable impact on container performance,
+ especially if the files being copied are large, below a lot of image layers,
+or the CoW operation must search a deep directory tree.
+
+Consider, for example, an application running in a container needs to add a
+single new value to a large key-value store (file). If this is the first time
+the file is modified, it does not yet exist in the container's top writable
+layer. So, the CoW must *copy up* the file from the underlying image. The AUFS
+storage driver searches each image layer for the file. The search order is from
+ top to bottom. When it is found, the entire file is *copied up* to the
+container's top writable layer. From there, it can be opened and modified.
+
+Larger files obviously take longer to *copy up* than smaller files, and files
+that exist in lower image layers take longer to locate than those in higher
+layers. However, a *copy up* operation only occurs once per file on any given
+container. Subsequent reads and writes happen against the file's copy already
+*copied-up* to the container's top layer.
+
+## Deleting files with the AUFS storage driver
+
+The AUFS storage driver deletes a file from a container by placing a *whiteout
+file* in the container's top layer. The whiteout file effectively obscures the
+existence of the file in the read-only image layers below. The simplified
+diagram below shows a container based on an image with three image layers.
+
+![](images/aufs_delete.jpg)
+
+The `file3` was deleted from the container. So, the AUFS storage driver  placed
+a whiteout file in the container's top layer. This whiteout file effectively
+"deletes" `file3` from the container by obscuring any of the original file's
+existence in the image's read-only layers. This works the same no matter which
+of the image's read-only layers the file exists in.
+
+## Configure Docker with AUFS
+
+You can only use the AUFS storage driver on Linux systems with AUFS installed.
+Use the following command to determine if your system supports AUFS.
+
+    $ grep aufs /proc/filesystems
+    nodev   aufs
+
+This output indicates the system supports AUFS. Once you've verified your
+system supports AUFS, you can must instruct the Docker daemon to use it. You do
+this from the command line with the `docker daemon` command:
+
+    $ sudo docker daemon --storage-driver=aufs &
+
+
+Alternatively, you can edit the Docker config file and add the
+`--storage-driver=aufs` option to the `DOCKER_OPTS` line.
+
+    # Use DOCKER_OPTS to modify the daemon startup options.
+    DOCKER_OPTS="--storage-driver=aufs"
+
+Once your daemon is running, verify the storage driver with the `docker info`
+command.
+
+    $ sudo docker info
+    Containers: 1
+    Images: 4
+    Storage Driver: aufs
+     Root Dir: /var/lib/docker/aufs
+     Backing Filesystem: extfs
+     Dirs: 6
+     Dirperm1 Supported: false
+    Execution Driver: native-0.2
+    ...output truncated...
+
+The output above shows that the Docker daemon is running the AUFS storage
+driver on top of an existing `ext4` backing filesystem.
+
+## Local storage and AUFS
+
+As the `docker daemon` runs with the AUFS driver, the driver stores images and
+containers within the Docker host's local storage area under
+`/var/lib/docker/aufs/`.
+
+### Images
+
+Image layers and their contents are stored under
+`/var/lib/docker/aufs/diff/`. With Docker 1.10 and higher, image layer IDs do
+not correspond to directory names.
+
+The `/var/lib/docker/aufs/layers/` directory contains metadata about how image
+layers are stacked. This directory contains one file for every image or
+container layer on the Docker host (though file names no longer match image
+layer IDs). Inside each file are the names of the directories that exist below
+it in the stack
+
+The command below shows the contents of a metadata file in
+`/var/lib/docker/aufs/layers/` that lists the three directories that are
+stacked below it in the union mount. Remember, these directory names do no map
+to image layer IDs with Docker 1.10 and higher.
+
+    $ cat /var/lib/docker/aufs/layers/91e54dfb11794fad694460162bf0cb0a4fa710cfa3f60979c177d920813e267c
+    d74508fb6632491cea586a1fd7d748dfc5274cd6fdfedee309ecdcbc2bf5cb82
+    c22013c8472965aa5b62559f2b540cd440716ef149756e7b958a1b2aba421e87
+    d3a1f33e8a5a513092f01bb7eb1c2abf4d711e5105390a3fe1ae2248cfde1391
+
+The base layer in an image has no image layers below it, so its file is empty.
+
+### Containers
+
+Running containers are mounted below `/var/lib/docker/aufs/mnt/<container-id>`.
+ This is where the AUFS union mount point that exposes the container and all
+underlying image layers as a single unified view exists. If a container is not
+running, it still has a directory here but it is empty. This is because AUFS
+only mounts a container when it is running. With Docker 1.10 and higher,
+ container IDs no longer correspond to directory names under
+`/var/lib/docker/aufs/mnt/<container-id>`.
+
+Container metadata and various config files that are placed into the running
+container are stored in `/var/lib/docker/containers/<container-id>`. Files in
+this directory exist for all containers on the system, including ones that are
+stopped. However, when a container is running the container's log files are
+also in this directory.
+
+A container's thin writable layer is stored in a directory under
+`/var/lib/docker/aufs/diff/`. With Docker 1.10 and higher, container IDs no
+longer correspond to directory names. However, the containers thin writable
+layer still exists under here and is stacked by AUFS as the top writable layer
+and is where all changes to the container are stored. The directory exists even
+ if the container is stopped. This means that restarting a container will not
+lose changes made to it. Once a container is deleted, it's thin writable layer
+in this directory is deleted.
+
+## AUFS and Docker performance
+
+To summarize some of the performance related aspects already mentioned:
+
+- The AUFS storage driver is a good choice for PaaS and other similar use-cases
+ where container density is important. This is because AUFS efficiently shares
+images between multiple running containers, enabling fast container start times
+ and minimal use of disk space.
+
+- The underlying mechanics of how AUFS shares files between image layers and
+containers uses the systems page cache very efficiently.
+
+- The AUFS storage driver can introduce significant latencies into container
+write performance. This is because the first time a container writes to any
+file, the file has be located and copied into the containers top writable
+layer. These latencies increase and are compounded when these files exist below
+ many image layers and the files themselves are large.
+
+One final point. Data volumes provide the best and most predictable
+performance. This is because they bypass the storage driver and do not incur 
+any of the potential overheads introduced by thin provisioning and
+copy-on-write. For this reason, you may want to place heavy write workloads on
+data volumes.
+
+## Related information
+
+* [Understand images, containers, and storage drivers](imagesandcontainers.md)
+* [Select a storage driver](selectadriver.md)
+* [Btrfs storage driver in practice](btrfs-driver.md)
+* [Device Mapper storage driver in practice](device-mapper-driver.md)
diff --git a/docs/userguide/storagedriver/btrfs-driver.md b/docs/userguide/storagedriver/btrfs-driver.md
new file mode 100644
index 00000000..cc329e73
--- /dev/null
+++ b/docs/userguide/storagedriver/btrfs-driver.md
@@ -0,0 +1,315 @@
+<!--[metadata]>
++++
+title = "Btrfs storage in practice"
+description = "Learn how to optimize your use of Btrfs driver."
+keywords = ["container, storage, driver, Btrfs "]
+[menu.main]
+parent = "engine_driver"
++++
+<![end-metadata]-->
+
+# Docker and Btrfs in practice
+
+Btrfs is a next generation copy-on-write filesystem that supports many advanced
+storage technologies that make it a good fit for Docker. Btrfs is included in
+the mainline Linux kernel and its on-disk-format is now considered stable.
+However, many of its features are still under heavy development and users 
+should consider it a fast-moving target.
+
+Docker's `btrfs` storage driver leverages many Btrfs features for image and
+container management. Among these features are thin provisioning, 
+copy-on-write, and snapshotting.
+
+This article refers to Docker's Btrfs storage driver as `btrfs` and the overall
+ Btrfs Filesystem as Btrfs.
+
+>**Note**: The [Commercially Supported Docker Engine (CS-Engine)](https://www.docker.com/compatibility-maintenance) does not currently support the `btrfs` storage driver.
+
+## The future of Btrfs
+
+Btrfs has been long hailed as the future of Linux filesystems. With full 
+support in the mainline Linux kernel, a stable on-disk-format, and active 
+development with a focus on stability, this is now becoming more of a reality.
+
+As far as Docker on the Linux platform goes, many people see the `btrfs` 
+storage driver as a potential long-term replacement for the `devicemapper` 
+storage driver. However, at the time of writing, the `devicemapper` storage 
+driver should be considered safer, more stable, and more *production ready*. 
+You should only consider the `btrfs` driver for production deployments if you 
+understand it well and have existing experience with Btrfs.
+
+## Image layering and sharing with Btrfs
+
+Docker leverages Btrfs *subvolumes* and *snapshots* for managing the on-disk 
+components of image and container layers.  Btrfs subvolumes look and feel like 
+a normal Unix filesystem. As such, they can have their own internal directory 
+structure that hooks into the wider Unix filesystem.
+
+Subvolumes are natively copy-on-write and have space allocated to them 
+on-demand from an underlying storage pool. They can also be nested and snapped.
+ The diagram blow shows 4 subvolumes. 'Subvolume 2' and 'Subvolume 3' are 
+nested, whereas 'Subvolume 4' shows its own internal directory tree.
+
+![](images/btfs_subvolume.jpg)
+
+Snapshots are a point-in-time read-write copy of an entire subvolume. They 
+exist directly below the subvolume they were created from. You can create 
+snapshots of snapshots as shown in the diagram below.
+
+![](images/btfs_snapshots.jpg)
+
+Btfs allocates space to subvolumes and snapshots on demand from an underlying 
+pool of storage. The unit of allocation is referred to as a *chunk*, and 
+*chunks* are normally ~1GB in size.
+
+Snapshots are first-class citizens in a Btrfs filesystem. This means that they 
+look, feel, and operate just like regular subvolumes. The technology required 
+to create them is built directly into the Btrfs filesystem thanks to its 
+native copy-on-write design. This means that Btrfs snapshots are space 
+efficient with little or no performance overhead. The diagram below shows a 
+subvolume and its snapshot sharing the same data.
+
+![](images/btfs_pool.jpg)
+
+Docker's `btrfs` storage driver stores every image layer and container in its 
+own Btrfs subvolume or snapshot. The base layer of an image is stored as a 
+subvolume whereas child image layers and containers are stored as snapshots. 
+This is shown in the diagram below.
+
+![](images/btfs_container_layer.jpg)
+
+The high level process for creating images and containers on Docker hosts 
+running the `btrfs` driver is as follows:
+
+1. The image's base layer is stored in a Btrfs *subvolume* under
+`/var/lib/docker/btrfs/subvolumes`.
+
+2. Subsequent image layers are stored as a Btrfs *snapshot* of the parent 
+layer's subvolume or snapshot.
+
+    The diagram below shows a three-layer image. The base layer is a subvolume.
+ Layer 1 is a snapshot of the base layer's subvolume. Layer 2 is a snapshot of 
+Layer 1's snapshot.
+
+    ![](images/btfs_constructs.jpg)
+
+As of Docker 1.10, image layer IDs no longer correspond to directory names 
+under `/var/lib/docker/`.
+
+## Image and container on-disk constructs
+
+Image layers and containers are visible in the Docker host's filesystem at
+`/var/lib/docker/btrfs/subvolumes/`. However, as previously stated, directory 
+names no longer correspond to image layer IDs. That said, directories for
+containers are present even for containers with a stopped status. This is
+because the `btrfs` storage driver mounts a default, top-level subvolume at
+`/var/lib/docker/subvolumes`. All other subvolumes and snapshots exist below
+that as Btrfs filesystem objects and not as individual mounts.
+
+Because Btrfs works at the filesystem level and not the block level, each image
+and container layer can be browsed in the filesystem using normal Unix 
+commands. The example below shows a truncated output of an `ls -l` command an 
+image layer:
+
+    $ ls -l /var/lib/docker/btrfs/subvolumes/0a17decee4139b0de68478f149cc16346f5e711c5ae3bb969895f22dd6723751/
+    total 0
+    drwxr-xr-x 1 root root 1372 Oct  9 08:39 bin
+    drwxr-xr-x 1 root root    0 Apr 10  2014 boot
+    drwxr-xr-x 1 root root  882 Oct  9 08:38 dev
+    drwxr-xr-x 1 root root 2040 Oct 12 17:27 etc
+    drwxr-xr-x 1 root root    0 Apr 10  2014 home
+    ...output truncated...
+
+## Container reads and writes with Btrfs
+
+A container is a space-efficient snapshot of an image. Metadata in the snapshot
+points to the actual data blocks in the storage pool. This is the same as with 
+a subvolume. Therefore, reads performed against a snapshot are essentially the
+same as reads performed against a subvolume. As a result, no performance
+overhead is incurred from the Btrfs driver.
+
+Writing a new file to a container invokes an allocate-on-demand operation to
+allocate new data block to the container's snapshot. The file is then written to
+this new space. The allocate-on-demand operation is native to all writes with
+Btrfs and is the same as writing new data to a subvolume. As a result, writing
+new files to a container's snapshot operate at native Btrfs speeds.
+
+Updating an existing file in a container causes a copy-on-write operation
+(technically *redirect-on-write*). The driver leaves the original data and
+allocates new space to the snapshot. The updated data is written to this new
+space. Then, the driver updates the filesystem metadata in the snapshot to 
+point to this new data. The original data is preserved in-place for subvolumes 
+and snapshots further up the tree. This behavior is native to copy-on-write
+filesystems like Btrfs and incurs very little overhead.
+
+With Btfs, writing and updating lots of small files can result in slow 
+performance. More on this later.
+
+## Configuring Docker with Btrfs
+
+The `btrfs` storage driver only operates on a Docker host where 
+`/var/lib/docker` is mounted as a Btrfs filesystem. The following procedure 
+shows  how to configure Btrfs on Ubuntu 14.04 LTS.
+
+### Prerequisites
+
+If you have already used the Docker daemon on your Docker host and have images 
+you want to keep, `push` them to Docker Hub or your private Docker Trusted 
+Registry before attempting this procedure.
+
+Stop the Docker daemon. Then, ensure that you have a spare block device at 
+`/dev/xvdb`. The device identifier may be different in your environment and you
+ should substitute your own values throughout the procedure.
+
+The procedure also assumes your kernel has the appropriate Btrfs modules 
+loaded. To verify this, use the following command:
+
+    $ cat /proc/filesystems | grep btrfs
+
+### Configure Btrfs on Ubuntu 14.04 LTS
+
+Assuming your system meets the prerequisites, do the following:
+
+1. Install the "btrfs-tools" package.
+
+        $ sudo apt-get install btrfs-tools
+        Reading package lists... Done
+        Building dependency tree
+        <output truncated>
+
+2. Create the Btrfs storage pool.
+
+    Btrfs storage pools are created with the `mkfs.btrfs` command. Passing 
+multiple devices to the `mkfs.btrfs` command creates a pool across all of those
+ devices. Here you create a pool with a single device at `/dev/xvdb`.
+
+        $ sudo mkfs.btrfs -f /dev/xvdb
+        WARNING! - Btrfs v3.12 IS EXPERIMENTAL
+        WARNING! - see http://btrfs.wiki.kernel.org before using
+
+        Turning ON incompat feature 'extref': increased hardlink limit per file to 65536
+        fs created label (null) on /dev/xvdb
+            nodesize 16384 leafsize 16384 sectorsize 4096 size 4.00GiB
+        Btrfs v3.12
+
+    Be sure to substitute `/dev/xvdb` with the appropriate device(s) on your
+    system.
+
+    > **Warning**: Take note of the warning about Btrfs being experimental. As
+    noted earlier, Btrfs is not currently recommended for production deployments
+    unless you already have extensive experience.
+
+3. If it does not already exist, create a directory for the Docker host's local
+ storage area at `/var/lib/docker`.
+
+        $ sudo mkdir /var/lib/docker
+
+4. Configure the system to automatically mount the Btrfs filesystem each time the system boots.
+
+    a. Obtain the Btrfs filesystem's UUID.
+
+        $ sudo blkid /dev/xvdb
+        /dev/xvdb: UUID="a0ed851e-158b-4120-8416-c9b072c8cf47" UUID_SUB="c3927a64-4454-4eef-95c2-a7d44ac0cf27" TYPE="btrfs"
+
+    b. Create an `/etc/fstab` entry to automatically mount `/var/lib/docker` 
+each time the system boots. Either of the following lines will work, just 
+remember to substitute the UUID value with the value obtained from the previous
+ command.
+
+        /dev/xvdb /var/lib/docker btrfs defaults 0 0
+        UUID="a0ed851e-158b-4120-8416-c9b072c8cf47" /var/lib/docker btrfs defaults 0 0
+
+5. Mount the new filesystem and verify the operation.
+
+        $ sudo mount -a
+        $ mount
+        /dev/xvda1 on / type ext4 (rw,discard)
+        <output truncated>
+        /dev/xvdb on /var/lib/docker type btrfs (rw)
+
+    The last line in the output above shows the `/dev/xvdb` mounted at 
+`/var/lib/docker` as Btrfs.
+
+Now that you have a Btrfs filesystem mounted at `/var/lib/docker`, the daemon 
+should automatically load with the `btrfs` storage driver.
+
+1. Start the Docker daemon.
+
+        $ sudo service docker start
+        docker start/running, process 2315
+
+    The procedure for starting the Docker daemon may differ depending on the
+    Linux distribution you are using.
+
+    You can force the Docker daemon to start with the `btrfs` storage 
+driver by either passing the `--storage-driver=btrfs` flag to the `docker 
+daemon` at startup, or adding it to the `DOCKER_OPTS` line to the Docker config
+ file.
+
+2. Verify the storage driver with the `docker info` command.
+
+        $ sudo docker info
+        Containers: 0
+        Images: 0
+        Storage Driver: btrfs
+        [...]
+
+Your Docker host is now configured to use the `btrfs` storage driver.
+
+## Btrfs and Docker performance
+
+There are several factors that influence Docker's performance under the `btrfs`
+ storage driver.
+
+- **Page caching**. Btrfs does not support page cache sharing. This means that 
+*n* containers accessing the same file require *n* copies to be cached. As a 
+result, the `btrfs` driver may not be the best choice for PaaS and other high 
+density container use cases.
+
+- **Small writes**. Containers performing lots of small writes (including 
+Docker hosts that start and stop many containers) can lead to poor use of Btrfs
+ chunks. This can ultimately lead to out-of-space conditions on your Docker 
+host and stop it working. This is currently a major drawback to using current 
+versions of Btrfs.
+
+    If you use the `btrfs` storage driver, closely monitor the free space on 
+your Btrfs filesystem using the `btrfs filesys show` command. Do not trust the 
+output of normal Unix commands such as `df`; always use the Btrfs native 
+commands.
+
+- **Sequential writes**. Btrfs writes data to disk via journaling technique. 
+This can impact sequential writes, where performance can be up to half.
+
+- **Fragmentation**. Fragmentation is a natural byproduct of copy-on-write 
+filesystems like Btrfs. Many small random writes can compound this issue. It 
+can manifest as CPU spikes on Docker hosts using SSD media and head thrashing 
+on Docker hosts using spinning media. Both of these result in poor performance.
+
+    Recent versions of Btrfs allow you to specify `autodefrag` as a mount 
+option. This mode attempts to detect random writes and defragment them. You 
+should perform your own tests before enabling this option on your Docker hosts.
+ Some tests have shown this option has a negative performance impact on Docker 
+hosts performing lots of small writes (including systems that start and stop 
+many containers).
+
+- **Solid State Devices (SSD)**. Btrfs has native optimizations for SSD media. 
+To enable these, mount with the `-o ssd` mount option. These optimizations 
+include enhanced SSD write performance by avoiding things like *seek 
+optimizations* that have no use on SSD media.
+
+    Btfs also supports the TRIM/Discard primitives. However, mounting with the 
+`-o discard` mount option can cause performance issues. Therefore, it is 
+recommended you perform your own tests before using this option.
+
+- **Use Data Volumes**. Data volumes provide the best and most predictable 
+performance. This is because they bypass the storage driver and do not incur 
+any of the potential overheads introduced by thin provisioning and 
+copy-on-write. For this reason, you should place heavy write workloads on data 
+volumes.
+
+## Related Information
+
+* [Understand images, containers, and storage drivers](imagesandcontainers.md)
+* [Select a storage driver](selectadriver.md)
+* [AUFS storage driver in practice](aufs-driver.md)
+* [Device Mapper storage driver in practice](device-mapper-driver.md)
diff --git a/docs/userguide/storagedriver/device-mapper-driver.md b/docs/userguide/storagedriver/device-mapper-driver.md
new file mode 100644
index 00000000..4b7b664d
--- /dev/null
+++ b/docs/userguide/storagedriver/device-mapper-driver.md
@@ -0,0 +1,467 @@
+<!--[metadata]>
++++
+title="Device mapper storage in practice"
+description="Learn how to optimize your use of device mapper driver."
+keywords=["container, storage, driver, device mapper"]
+[menu.main]
+parent="engine_driver"
++++
+<![end-metadata]-->
+
+# Docker and the Device Mapper storage driver
+
+Device Mapper is a kernel-based framework that underpins many advanced
+volume management technologies on Linux. Docker's `devicemapper` storage driver
+leverages the thin provisioning and snapshotting capabilities of this framework
+for image and container management. This article refers to the Device Mapper
+storage driver as `devicemapper`, and the kernel framework as `Device Mapper`.
+
+
+>**Note**: The [Commercially Supported Docker Engine (CS-Engine) running on RHEL
+and CentOS Linux](https://www.docker.com/compatibility-maintenance) requires
+that you use the `devicemapper` storage driver.
+
+
+## An alternative to AUFS
+
+Docker originally ran on Ubuntu and Debian Linux and used AUFS for its storage
+backend. As Docker became popular, many of the companies that wanted to use it
+were using Red Hat Enterprise Linux (RHEL). Unfortunately, because the upstream
+mainline Linux kernel did not include AUFS, RHEL did not use AUFS either.
+
+To correct this Red Hat developers investigated getting AUFS into the mainline
+kernel. Ultimately, though, they decided a better idea was to develop a new
+storage backend. Moreover, they would base this new storage backend on existing
+`Device Mapper` technology.
+
+Red Hat collaborated with Docker Inc. to contribute this new driver. As a result
+of this collaboration, Docker's Engine was re-engineered to make the storage
+backend pluggable. So it was that the `devicemapper` became the second storage
+driver Docker supported.
+
+Device Mapper has been included in the mainline Linux kernel since version
+2.6.9. It is a core part of RHEL family of Linux distributions. This means that
+the `devicemapper` storage driver is based on stable code that has a lot of
+real-world production deployments and strong community support.
+
+
+## Image layering and sharing
+
+The `devicemapper` driver stores every image and container on its own virtual
+device. These devices are thin-provisioned copy-on-write snapshot devices.
+Device Mapper technology works at the block level rather than the file level.
+This means that `devicemapper` storage driver's thin provisioning and
+copy-on-write operations work with blocks rather than entire files.
+
+>**Note**: Snapshots are also referred to as *thin devices* or *virtual
+>devices*. They all mean the same thing in the context of the `devicemapper`
+>storage driver.
+
+With `devicemapper` the high level process for creating images is as follows:
+
+1. The `devicemapper` storage driver creates a thin pool.
+
+    The pool is created from block devices or loop mounted sparse files (more
+on this later).
+
+2. Next it creates a *base device*.
+
+    A base device is a thin device with a filesystem. You can see which
+filesystem is in use by running the `docker info` command and checking the
+`Backing filesystem` value.
+
+3. Each new image (and image layer) is a snapshot of this base device.
+
+    These are thin provisioned copy-on-write snapshots. This means that they
+are initially empty and only consume space from the pool when data is written
+to them.
+
+With `devicemapper`, container layers are snapshots of the image they are
+created from. Just as with images, container snapshots are thin provisioned
+copy-on-write snapshots. The container snapshot stores all updates to the
+container. The `devicemapper` allocates space to them on-demand from the pool
+as and when data is written to the container.
+
+The high level diagram below shows a thin pool with a base device and two
+images.
+
+![](images/base_device.jpg)
+
+If you look closely at the diagram you'll see that it's snapshots all the way
+down. Each image layer is a snapshot of the layer below it. The lowest layer of
+ each image is a snapshot of the base device that exists in the pool. This
+base device is a `Device Mapper` artifact and not a Docker image layer.
+
+A container is a snapshot of the image it is created from. The diagram below
+shows two containers - one based on the Ubuntu image and the other based on the
+ Busybox image.
+
+![](images/two_dm_container.jpg)
+
+
+## Reads with the devicemapper
+
+Let's look at how reads and writes occur using the `devicemapper` storage
+driver. The diagram below shows the high level process for reading a single
+block (`0x44f`) in an example container.
+
+![](images/dm_container.jpg)
+
+1. An application makes a read request for block `0x44f` in the container.
+
+    Because the container is a thin snapshot of an image it does not have the
+data. Instead, it has a pointer (PTR) to where the data is stored in the image
+snapshot lower down in the image stack.
+
+2. The storage driver follows the pointer to block `0xf33` in the snapshot
+relating to image layer `a005...`.
+
+3. The `devicemapper` copies the contents of block `0xf33` from the image
+snapshot to memory in the container.
+
+4. The storage driver returns the data to the requesting application.
+
+### Write examples
+
+With the `devicemapper` driver, writing new data to a container is accomplished
+ by an *allocate-on-demand* operation. Updating existing data uses a
+copy-on-write operation. Because Device Mapper is a block-based technology
+these operations occur at the block level.
+
+For example, when making a small change to a large file in a container, the
+`devicemapper` storage driver does not copy the entire file. It only copies the
+ blocks to be modified. Each block is 64KB.
+
+#### Writing new data
+
+To write 56KB of new data to a container:
+
+1. An application makes a request to write 56KB of new data to the container.
+
+2. The allocate-on-demand operation allocates a single new 64KB block to the
+container's snapshot.
+
+    If the write operation is larger than 64KB, multiple new blocks are
+allocated to the container's snapshot.
+
+3. The data is written to the newly allocated block.
+
+#### Overwriting existing data
+
+To modify existing data for the first time:
+
+1. An application makes a request to modify some data in the container.
+
+2. A copy-on-write operation locates the blocks that need updating.
+
+3. The operation allocates new empty blocks to the container snapshot and
+copies the data into those blocks.
+
+4. The modified data is written into the newly allocated blocks.
+
+The application in the container is unaware of any of these
+allocate-on-demand and copy-on-write operations. However, they may add latency
+to the application's read and write operations.
+
+## Configuring Docker with Device Mapper
+
+The `devicemapper` is the default Docker storage driver on some Linux
+distributions. This includes RHEL and most of its forks. Currently, the
+following distributions support the driver:
+
+* RHEL/CentOS/Fedora
+* Ubuntu 12.04
+* Ubuntu 14.04
+* Debian
+
+Docker hosts running the `devicemapper` storage driver default to a
+configuration mode known as `loop-lvm`. This mode uses sparse files to build
+the thin pool used by image and container snapshots. The mode is designed to
+work out-of-the-box with no additional configuration. However, production
+deployments should not run under `loop-lvm` mode.
+
+You can detect the mode by viewing the `docker info` command:
+
+    $ sudo docker info
+    Containers: 0
+    Images: 0
+    Storage Driver: devicemapper
+     Pool Name: docker-202:2-25220302-pool
+     Pool Blocksize: 65.54 kB
+     Backing Filesystem: xfs
+     ...
+     Data loop file: /var/lib/docker/devicemapper/devicemapper/data
+     Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
+     Library Version: 1.02.93-RHEL7 (2015-01-28)
+     ...
+
+The output above shows a Docker host running with the `devicemapper` storage
+driver operating in `loop-lvm` mode. This is indicated by the fact that the
+`Data loop file` and a `Metadata loop file` are on files under
+`/var/lib/docker/devicemapper/devicemapper`. These are loopback mounted sparse
+files.
+
+### Configure direct-lvm mode for production
+
+The preferred configuration for production deployments is `direct lvm`. This
+mode uses block devices to create the thin pool. The following procedure shows
+you how to configure a Docker host to use the `devicemapper` storage driver in
+a `direct-lvm` configuration.
+
+> **Caution:** If you have already run the Engine daemon on your Docker host
+> and have images you want to keep, `push` them Docker Hub or your private
+> Docker Trusted Registry before attempting this procedure.
+
+The procedure below will create a 90GB data volume and 4GB metadata volume to
+use as backing for the storage pool. It assumes that you have a spare block
+device at `/dev/sdd` with enough free space to complete the task. The device
+identifier and volume sizes may be be different in your environment and you
+should substitute your own values throughout the procedure.
+
+The procedure also assumes that the Engine daemon is in the `stopped` state.
+Any existing images or data are lost by this process.
+
+1. Log in to the Docker host you want to configure.
+2. If it is running, stop the Engine daemon.
+3. Install the logical volume management version 2.
+
+    ```bash
+    $ yum install lvm2
+    ```
+4. Create a physical volume replacing `/dev/sdd` with your block device.
+
+    ```bash
+    $ pvcreate /dev/sdd
+  ```
+
+5. Create a 'docker' volume group.
+
+    ```bash
+    $ vgcreate docker /dev/sdd
+    ```
+
+6. Create a thin pool named `thinpool`.
+
+    In this example, the data logical is 95% of the 'docker' volume group size.
+    Leaving this free space allows for auto expanding of either the data or
+    metadata if space runs low as a temporary stopgap.
+
+    ```bash
+   $ lvcreate --wipesignatures y -n thinpool docker -l 95%VG
+   $ lvcreate --wipesignatures y -n thinpoolmeta docker -l 1%VG
+   ```
+
+7. Convert the pool to a thin pool.
+
+    ```bash
+    $ lvconvert -y --zero n -c 512K --thinpool docker/thinpool --poolmetadata docker/thinpoolmeta
+    ```
+
+8. Configure autoextension of thin pools via an `lvm` profile.
+
+    ```bash
+    $ vi /etc/lvm/profile/docker-thinpool.profile
+    ```
+
+9. Specify 'thin_pool_autoextend_threshold' value.
+
+    The value should be the percentage of space used before `lvm` attempts
+    to autoextend the available space (100 = disabled).
+
+    ```
+    thin_pool_autoextend_threshold = 80
+    ```
+
+10. Modify the `thin_pool_autoextend_percent` for when thin pool autoextension occurs.
+
+    The value's setting is the perentage of space to increase the thin pool (100 =
+    disabled)
+
+    ```
+    thin_pool_autoextend_percent = 20
+    ```
+
+11. Check your work, your `docker-thinpool.profile` file should appear similar to the following:
+
+    An example `/etc/lvm/profile/docker-thinpool.profile` file:
+
+    ```
+     activation {
+         thin_pool_autoextend_threshold=80
+         thin_pool_autoextend_percent=20
+     }
+     ```
+
+12. Apply your new lvm profile
+
+    ```bash
+    $ lvchange --metadataprofile docker-thinpool docker/thinpool
+  ```
+
+13. Verify the `lv` is monitored.
+
+    ```bash
+    $ lvs -o+seg_monitor
+    ```
+
+14. If Engine was previously started, clear your graph driver directory.
+
+    Clearing your graph driver removes any images and containers in your Docker
+    installation.
+
+    ```bash
+    $ rm -rf /var/lib/docker/*
+    ```
+
+14. Configure the Engine daemon with specific devicemapper options.
+
+    There are two ways to do this. You can set options on the commmand line if you start the daemon there:
+
+    ```bash
+    --storage-driver=devicemapper --storage-opt=dm.thinpooldev=/dev/mapper/docker-thinpool --storage-opt dm.use_deferred_removal=true
+    ```
+
+    You can also set them for startup in the `daemon.json` configuration, for example:
+
+    ```json
+     {
+             "storage-driver": "devicemapper",
+             "storage-opts": [
+                     "dm.thinpooldev=/dev/mapper/docker-thinpool",
+                     "dm.use_deferred_removal=true"
+             ]
+     }
+    ```
+15. Start the Engine daemon.
+
+    ```bash
+    $ systemctl start docker
+    ```
+
+After you start the Engine daemon, ensure you monitor your thin pool and volume
+group free space. While the volume group will auto-extend, it can still fill
+up. To monitor logical volumes, use `lvs` without options or `lvs -a` to see tha
+data and metadata sizes. To monitor volume group free space, use the `vgs` command.
+
+Logs can show the auto-extension of the thin pool when it hits the threshold, to
+view the logs use:
+
+```bash
+journalctl -fu dm-event.service
+```
+
+If you run into repeated problems with thin pool, you can use the
+`dm.min_free_space` option to tune the Engine behavior. This value ensures that
+operations fail with a warning when the free space is at or near the minimum.
+For information, see <a
+href="https://docs.docker.com/engine/reference/commandline/daemon/#storage-driver-options"
+target="_blank">the storage driver options in the Engine daemon reference</a>.
+
+
+### Examine devicemapper structures on the host
+
+You can use the `lsblk` command to see the device files created above and the
+`pool` that the `devicemapper` storage driver creates on top of them.
+
+    $ sudo lsblk
+    NAME                       MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
+    xvda                       202:0    0    8G  0 disk
+    └─xvda1                    202:1    0    8G  0 part /
+    xvdf                       202:80   0   10G  0 disk
+    ├─vg--docker-data          253:0    0   90G  0 lvm
+    │ └─docker-202:1-1032-pool 253:2    0   10G  0 dm
+    └─vg--docker-metadata      253:1    0    4G  0 lvm
+      └─docker-202:1-1032-pool 253:2    0   10G  0 dm
+
+The diagram below shows the image from prior examples updated with the detail
+from the `lsblk` command above.
+
+![](http://farm1.staticflickr.com/703/22116692899_0471e5e160_b.jpg)
+
+In the diagram, the pool is named `Docker-202:1-1032-pool` and spans the `data`
+ and `metadata` devices created earlier. The `devicemapper` constructs the pool
+ name as follows:
+
+```
+Docker-MAJ:MIN-INO-pool
+```
+
+`MAJ`, `MIN` and `INO` refer to the major and minor device numbers and inode.
+
+Because Device Mapper operates at the block level it is more difficult to see
+diffs between image layers and containers. Docker 1.10 and later no longer
+matches image layer IDs with directory names in `/var/lib/docker`. However,
+there are two key directories. The `/var/lib/docker/devicemapper/mnt` directory
+ contains the mount points for image and container layers. The
+`/var/lib/docker/devicemapper/metadata`directory contains one file for every
+image layer and container snapshot. The files contain metadata about each
+snapshot in JSON format.
+
+## Device Mapper and Docker performance
+
+It is important to understand the impact that allocate-on-demand and
+copy-on-write operations can have on overall container performance.
+
+### Allocate-on-demand performance impact
+
+The `devicemapper` storage driver allocates new blocks to a container via an
+allocate-on-demand operation. This means that each time an app writes to
+somewhere new inside a container, one or more empty blocks has to be located
+from the pool and mapped into the container.
+
+All blocks are 64KB. A write that uses less than 64KB still results in a single
+ 64KB block being allocated. Writing more than 64KB of data uses multiple 64KB
+blocks. This can impact container performance, especially in containers that
+perform lots of small writes. However, once a block is allocated to a container
+ subsequent reads and writes can operate directly on that block.
+
+### Copy-on-write performance impact
+
+Each time a container updates existing data for the first time, the
+`devicemapper` storage driver has to perform a copy-on-write operation. This
+copies the data from the image snapshot to the container's snapshot. This
+process can have a noticeable impact on container performance.
+
+All copy-on-write operations have a 64KB granularity. As a results, updating
+32KB of a 1GB file causes the driver to copy a single 64KB block into the
+container's snapshot. This has obvious performance advantages over file-level
+copy-on-write operations which would require copying the entire 1GB file into
+the container layer.
+
+In practice, however, containers that perform lots of small block writes
+(<64KB) can perform worse with `devicemapper` than with AUFS.
+
+### Other device mapper performance considerations
+
+There are several other things that impact the performance of the
+`devicemapper` storage driver.
+
+- **The mode.** The default mode for Docker running the `devicemapper` storage
+driver is `loop-lvm`. This mode uses sparse files and suffers from poor
+performance. It is **not recommended for production**. The recommended mode for
+ production environments is `direct-lvm` where the storage driver writes
+directly to raw block devices.
+
+- **High speed storage.** For best performance you should place the `Data file`
+ and `Metadata file` on high speed storage such as SSD. This can be direct
+attached storage or from a SAN or NAS array.
+
+- **Memory usage.** `devicemapper` is not the most memory efficient Docker
+storage driver. Launching *n* copies of the same container loads *n* copies of
+its files into memory. This can have a memory impact on your Docker host. As a
+result, the `devicemapper` storage driver may not be the best choice for PaaS
+and other high density use cases.
+
+One final point, data volumes provide the best and most predictable
+performance. This is because they bypass the storage driver and do not incur
+any of the potential overheads introduced by thin provisioning and
+copy-on-write. For this reason, you should to place heavy write workloads on
+data volumes.
+
+## Related Information
+
+* [Understand images, containers, and storage drivers](imagesandcontainers.md)
+* [Select a storage driver](selectadriver.md)
+* [AUFS storage driver in practice](aufs-driver.md)
+* [Btrfs storage driver in practice](btrfs-driver.md)
+* [daemon reference](../../reference/commandline/daemon#storage-driver-options)
diff --git a/docs/userguide/storagedriver/images/aufs_delete.jpg b/docs/userguide/storagedriver/images/aufs_delete.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..fa0f0d2e9fbb1b9ff96b14a88e834ec4de133c78
GIT binary patch
literal 39059
zcmc$`1zc6lzBj(;PU$Y`?ha|`?(Xgmw~|UX(v8xMbayEr9U>*t9TM-x$LBn8&bjy8
z`+490f0#9E=KIT;HMM8&#lzgg7Xbaal&lm00RaiHfd7DpML-;Yf_My%DHIeGBqSW<
zV}OQ&f`NlUK!SlmKtMo3K}SJCLW4y>Kz)LWhJk^JiHU^r1p5gFHaZ3-#-ozoL?NNU
zf*42$NErX)@X!rlz(eps_Ci5m0FW3EP#6#oy#O%)0YE~6T?76RVBuikA)ufk5grx*
z_}>V3Y5)L*_60!Y15kNy05qjkK-jN~0xU9x;te1rrvb>3az-GiGwv7wiN-6#trzl;
z%he`w2ej;wIQx11WW6A(WZl|>#LP^K&n{oNe#y|#8%|RfmL&~O*U)jUEk+i(j6-`$
z2d1!6Kwu1MzsjTf#z+z=zl*4AzOJ*O@rZs`;`0l*(C&O1^_j8hc>#{kh8rHMXVNlm
zbK#)__6@1KAL<<#x$K@6hMbBc8I8EixGuZyvR93n#qEcxCd3&#(FSwty;GXJq1ENk
z4~3$s$Xi(LEG<U|NZEW;&{NXPD%N**!)BG+txe7X0?v*sOw#%R(!w+4o9&<tJ-sVz
zhXMeA&=D6?U+A3p0)aDe6O<K$=RTbR&p}KUD&LiPaejQhn3xR$H%cLM6;NCzcm#yl
zR6GD67$l#|M;JgX`3xXV_8tO6wm7Q*jE3z`^zja3W9kJ$<w9}-L6+2uKJq@^A?vCI
zI^hUH8ap90baNij$2)|scIFqTsAr2`fRb|MM--Ti3j4ESQV*|36h;gJ+EO05K^+5M
z%NVfJ91iLVg7GsxA!!19D?spN`QOlWK3?asWU|e=kZ%c06c2NE*mON=N3>FV03<yS
zKYv#GB=&3vZ_Jl9lVlYg{2b_zTA}pJVi6M2C=u^qCtKYQGMczYG%r@=J(jjk$G%X^
zBjz{+PQ7~c90m3DRY}L^CcIqtNQ2vpuNJ=FnaXbwpB(}(-F=KdufCe@@OS_O^oPr2
z56T=2)9gOH9c9CK&1Cz#8&Idxst<tEh6&h()a~{o_L5-mlfVjD0XIYu!2y7~e*|yd
zQU|;Y^!$2Z<OW&v`3R_LSRza32Qz${0f?LtSGo=X^^Q!DlADg;puo^D0Af)1PV}*L
zfFeeGR;Yomqu^&DW#0J{LZtivu&EoftvmoZXZ8TW=b9V<KsM|KX-qx<Bx=n}Nr@`S
z+-?{<BX&i@Dzo9hvll%5e)F3#b4hc<_c=j79|{0N?gg^57k)Bk<TAaQ?@Mv1rB$(E
z8@>4H@~1%GRB#=cLE^{13YfMFvpR=MjtITZW!F(O%xl;|>IKL}(!a{iQudCNMAtIh
zy!zQe0N}R<5clnbLK6kxip@YXnaN=HO+3kdRssM_&mI7e-|}#eH)t&_9!~Im0}u`j
z+Wy8>^Bi2@BB26sLJWZ?WAEWDKL$zL(^bZ|RavIZdt6_I+qdTqm-$Wz_)dX+27ueW
zO4P+PI_zPuo{(elh!j$yZXNe;zjX%!!a$9<H=gHnH?|y~4qhGJM-G{JD+JG_@gIXF
zNi&ny#{1T2&g@_1;`X63(G^KUB+p_vIDJvY^@hVLpE`peh)?wR3T71%VCYJ?8ggG3
z?7qq!u=;d5^Q*T2z<V}h@Q8T24j^X{0qmGx_M1Uqfqxg!V4D|(j^E>25fk&4-6KkF
zC0K%f=Vj9k+ez)M*4lg4lKR8g=iQ2t^Dh!q*XsP*nJ>s&h<H0_1**6)p=WgkW3*EE
z<4*?fvl4;o&oMZhW{qR7`*k|h>$Z1Gj%G8GS%eldOPM|_(f5U}V9n~kg5bVM-r`!2
zeLJ^9`%}_?k|T9=3nTrebCZFzG=Xq?*!b?rO)>fR-J>B&SKjDn(iMI*dOE3$Bub?f
z3K8F<^@Xc`clU4i7vLG25WI~1Tv7g@!9YR7LPEg(oUb9#f8lT)0L0~CEb!w95VC;%
z39_33Xsxr{;9d|9p!o#3D*wjH$81oY;;E51p{FVwSb7Ekxq`nDh*DURw`7~DRlCZo
z;kLhbhysXDI)9QNhFm)#ZYn<lkikb_05>OS73B2Y46TE!XDb9yo`s>y`622*Pz0ty
z6>W(^<;A@NxSH+@0RDEp!Jiu1paCYCBLJNR1oMsT5rOc92Xy1U0Axl0(nrxp1o8|W
zsHf}%MBBjzK#vHR6~a~;1ibVISi~Ly0JR6a;;0G&&`4h(rrm@^A2HaAa31cLnpUw8
zmnl14m3c^PFVjFik3$6b$x9=?YwRSxD+&Ob@&5pc`q2ms`i%hqy8!eELQcm3P|+bb
zQpVtUds6ffT9}8i2^59bZ_EHs51~xPz-0qr>>~mA@eRk^2e5Wop4P|n{Rr;$f}lqj
zsvxcaINhc~x^jCg0szA;fc69;8?Ez)I;vSQ7%+bWuDGrYI0pfF1vXj-*7ut=c-+ok
zzWnASxDf!LoC?e{5DN@&0>Yo6Qg^^C_@-d|F`yAW08+nYA5&QPHu&F4Eg<k+p&uY5
z_yUmza&Y_dk2?OvAeiZ=Conc-;Ot}gX)Re4jPu|D4&DHAy2*+1Ps;z><Z)j@1n%Sz
zFn`{b05A}cP|$F&@ISjb6#6e8U{XLZbk2Zk4um7C<s$|~A_^2c?~_3sE95{}(laQ?
zivGqLfU**sMq-rfM(;OD@}i&}sviKXoj^Z{P~RNS35V+g3IZ>~Q&L~=R)UT}00H5b
z-z0BHTS17oFp&W8aTSa}!0{rnz$SlQQ+N+_%=iF4w_l>;U^ubLot7S{+X3i+=<|I5
zA*-iL6l&zg4)mx6nraRZAJGSho#Fv#qA!mS@Js;&Em+?PF>_4@h>ib*{zEpngmVxC
z8j~~N(Jlj!*nN653;>*sV(&}fhX_GX)yJLoj;|>6@!TPISbx$UZC?m!ZD%!ZHfK+W
z0szJ4PyA5}#PU-&-|S>c5CBLH|3o24biY8HrD$Dc@q#-E^UtS_;$SQ}qz|~0+*NPh
zo8*kt0C?x(n$C~>h|1_EjUXYTPuUFa^L$3xFaYq5`KKbdtfVEta;$jfnkv!yH`UZR
z5b+XtuG4flaAxZu@Q|bi;}nIW;1soS2%KWLg20Jt4mb;^w*k(>H;ICi_m5scm7jp~
z(E2&xM4=PHKO9hHMI9IbQ}BwwgvS6oVX#j2Gxsxj?tTE?4m<{O4iEq!AcG)+cmdOo
zC^jE|SNcf&S#indV2;P|v&xY4>c5qKc{BqqJ&Kol13D$x3BPFnPj4dNp}>v~fH(h;
zFyPM%0C=Ykwg(MBfd>ODHVy{n6D%@TE^at<PI5MOQDrJ)ToY&NU;B0lc&Pi9et4m!
z0^7I<^+??U)6bMR@A2wo`bwmjRN4MlU@5-Q;(xDdHE3%0Kd?}WtF)>TQ)=L=M@j1E
z;W<KOwp8fo(1dr{A*CA^6L_DFA~VpwEgQ49wX$wij!Zkzo4CI6?qbmeXVKG6H;Baz
z!mFS8s&5sqWgXYw^f1!kIHH~H&yee)r<<4W+_yb!7BlEc3g$@9x*7_mhLXOhUddXA
z8O~7&?a$@frX;jl{P~8x=I-lIQJ0AnQg%-l#n@-2F{aG5NA}(`u~FQcSroV7;fSYT
z7lzTqba1;d>Uh+=g_bX(KkggcMD8D2gr93Nw>wrGj-}R+R<Nh+A4%s{y{bB$e@&}R
zpMa;RASzxxmCr5}&Hk;s{02k``d;1`5IrwV*i*2Ii((z(Y1=~)yJI>2hBAoDZvNf=
z<jF$fNJuo_hb?K(?Ya8hS|^v<zPV-?G#gaiC%Ex<6%p8E7MUuk#OX4ns%j=x&>_-<
z-Ei}f$Dqi=!SaLTS=w>^LbEH`kF1DMoD4og@U*hH^yn*)ff^Ct;o1!@UCCzV%#%Dh
z80`B@nB7R;UwsQkAcIf|S;7EGv7<7)e;4cEM~>x#_l?p#^}VO6h;-6^Q4vH;g^+pW
z@<b@lIvVy2LQkc&r=iOm{SCLnL0;CUu*zCz!xTg&x!>>Z@haPOHtb%hx?3*)7-pkE
zNN`lPtdDF!SPP5um1cZ*JY&|CD0mihxWit)MlmnjV~I%qim3s|^g}S{bB@Jfx}qxH
zUSfuOj)OQ1`d*Nh-s@21=uA~N?~{$=Vo6xlYbZoCdUUC=v>`93*rMSlFZb5~g4|bg
zN$~d3JZMCoY#)kOv*{*}K;sm;TN`FM&=ELQr~GdFTW0aYV{QEtPwrABl$x<V=*!Dt
zqduF*$7cZ7kq&22J-wAIAa#Ps>x5YT*5>ns1r3V>;X5``mC8vfGpJGu&7_9b#(>`2
zQru}Y|CW6cq#DVO+%7yX+xg36MQAzZ_FWl@h->zYVao@Dn@wL7F^o6X5LzIL{>UJl
zmc_-7)W&jY7|UcazI@&+?%gIe*go#h)`2b*ULdj#q<+~fj2zq02urOo3TNp>Klf)d
z@~<6S88IL%zeAjg;-&r2Mc&oGOWJC#?1HQTYQJv$Fu&Pfl2k6@$W^@ieA(m03wTmX
zj*$mIE=t2r_x|?s>h-lI%R7>5ud?kP!jpB4{#Ngjnfkj2;C%hfkIgKp1!60yrq#V+
zv$YW+>7jWQISWaqB&-H?)t^~vQ}WEzGTXny<SrnIh987~hv^t?2{?5V{IvZA#y-tl
z{L=ADos0WjMmL2~B^x0uj6EK9m9b{mOFdW^qgQ5Q^I9zZxh@%ze#>^oo#jE04akUd
ztPH<por&7GYVwkY-{{fP*}p6NnUyv>G8SHB-uqSjof4~E1z;@IkO<G2E2nY9aCdRi
zCk^PmH<+X$v5&V^PypFa3cUF?swp+Z(9uaG_CAi!K}bKxayjZfE+mIZloY`^wOK`S
zbhB`_ylLrkJ|?SD0g|2*<fYBz6P=-ZJ5nmInZdiHKC7eR^0Sfo%=01<UZd00Ys&Tp
z>AeaDkq{xLBE!+ca<=R42Owi$i1@rl#KJ}AmTotI{lY51CT1M>c1u|1usrSu!<&gU
zCB2=LT7g~pK<AEaq^Az^#M6J{ua$BXi*Ty>Zsa7?@pW`Vp(jp?Wfhs}sQZtkmKL(7
zlw9G@&?+)Dd*jG0Q=o?3NvTni?rq8Jre+6yVc`a1OjB5SR$^f*P6vJcwMOM|`QLc{
z1VSZp@-`BZ{vrR9R$TL{ukoGXm5Ea*&OZ{Y#4C1|xgY6kA?<j2|40-p4f^iL|D@3<
z>DdNL3%R+EVPr;X?3w|EhltVaIDxTEXUm$Ph|^4&72Z6|0-+uEC83~h4A&ODnwE6B
zSqhieeE*W=fwVuX)7Q(aU+pZ|uv2Q{R7Ub7L!)Gp#Nn}dH5C%VqLIe8kQfr4j~Qy*
z<7d}R^(qf@ABfqJIJCCT&bxViZkd%lNHH3~z8n!OXjdjJJjY!-e6Kr{p2~&HOF5p=
zmEWf0N5$4TobZGqnUpmCn}l0>Ty<gn(|ASrjZV;tc&_$Z>W}r9kYg%}LL}PJK&}i>
z*{kX@NX{$;UYMzuLk3(=<DziFEX!i-aLp5)$m6VVqIJLnbe-JWm+Y)2NSC~j&A2M+
zLKE|t(-ragR^PCQ&YPKbJf35}3CasC?CkEWBBx+4B1`h4jFmFY*eTu_Woo{t7LTK&
zllk6yIc8x&nQB^e!^gVyGau~-QB;I;C3{+^4wm4lz%<*_FzqWp3%9)D3Bm38M<w~t
zNB0bloo2Ap#`XAvUm7d!CV#NQLF5n{HB}6WNnP@Hh<8smlV0E=UOX$>+i8@V89|KG
zlxoC|oaENrNvRqX9#@`^DDS0by41tg*0f_^nrvUOV{o86a-&H97Nj(pf#Yz%?H%tB
z0}R%A+Jqr_zft~n5>#bFU{g=uIz|1G?9yE%6y?_N^w-!aJ*Ot2;(6!&iQ<iY)T?w7
zATCcAPnhrVd70T;@_qTfRLafC;ZdV(S8@t-X%>23DWMmKJ!dG8^|+vHK0N_F0QKp9
zQCSU4Y=qd-0(Yy?On;4Zk<nOJyS<o8EyRVb3@yif|8?ZZ76<Rgp`U9}Bp(#*MI(Gm
zf8&Ha-a??tZ0EHe@#pw7J3KxnAHq$ysa$`i!cL2;H0|@4?N<FCKnbu0kyMx07|8qQ
zSdko)G!*iVbiO><;I>(TIYF*qa)<L@W+LSBhQHM`Ggd?}JZ5UB(;M)I7tI(?RNQq8
zaI_?oK3V)Fqp3u{1g)W10}Cm~9{;{Di~t@=Su8M($KvC`spXsyN})yWefEaa(jD8W
z@9#>%+JhK!hQF~lBmc|HUp#oX=s6qJv2CIBVaZD|ZlYPnv;DAOS3&r*jyG#R;0sT1
zW3e}W7ZwFPV_|eUE0j%XcOCq&(!*d7s@Z~E?uoCv$6h~YVOKRgYm!v)7r0K1PsU7N
z<41*yV^d%AHqLH_-ea~`N}5qk!{o+7&Ak}$uap%f{@p~|%zvS|3|Xf!Z>d?}Uzqtf
z*8e-WC@T}u0i<;1Y7<6gLX>1P4@ljX7Jjw2oMfT>*lkx~2ZO98G&nZVC3p^NF)!1P
zkmFQl8+c8tpsLd3T`cv!oL_WLHAQ%%!0f3qu1qYzf5bdM=s8~c%)$~oK@Z8-Z;R<>
zD)8fFxLC6faSIE?r0w=QXGP!vaQxm3sX9}#?+<-jDunj9qFikJW3~dIM83mc5Te1L
zd6thOC-4(#Gjkt409k3abFe)r*_LAOQj4j{2kX9VeIG=rcb5l&zM{;jJ97_hY>Q(+
znq5<YTta#zR@q|O#NR|<jgFF=r#m$0<tq^UAiXBCYoGA%>(F&tAUW;_pQ|rwSbsvV
zc&pV*^tLpET3o@I#8yJ{+txuEL#NVk?Z?OG4)#`V6XHe^k*!SKOhC*p>s%Y%!R>4%
zIE+fpY%sO2mz#KSu)q2(X2G1WL|GvGSAib7=c*ZW+TNu>WdU71ebNTwup+P<dK(!!
zc()kAmxZ3Mrql2*D##-YUZ{Ro3*l8cOl{m%_#wVRmhpvW+0XNBK#l=PDYw>()djJ#
zHY-Y{i8%!ut%FL!4^sy;n>ybf*Mb*~zfBUf)A<}TvM)<E>@)^vO5@74D0M5O>h+^+
zn+QI;a{U#K<e*^H3$B>U&@**$c-_}PgY)mQ3hN2weA1fb|3V)mzqWTH6Wo7q?cX@@
zPjJzGny^QZ+ymhJN*bfR+DLwcAZ{GV=%%&653~AmpaXoui|0vG;_?7&2R;Cek#*iR
zK60jSYhBL&uSZ4>F<C>}TiXwxT}r^a$kHe+f(kDE-;3`Dj~xce6N~?h{h1{Q<u$&5
z1dHYR?w_L!EDbfzNB<mly<BILjmQ-mZO?cKM_K=H79r7^X9vj*B>Ju28oJA>Xv~9a
zEK^9~*hjy3JZ*{L6g+A%>l$Ks`ov{zz&u8X(p|olM9O^GfnwIpiuUt~IOncYz4Su&
z2%|hxF;oYKzsu`G`9VD5Pdda)3pZT;v6DUy60x@Iynag_5&AyhE_SyRwvu_&uvpoW
z+-)ieS2T|k+_xsI!GvDAu&d3W^4YG$JqIg>vd}7M6{WVHgr<UcoA+Z+>n_gcP7+_S
zE-|WS;vGe5N24fcs`^KL0Vfl5EQxSi!Xj*zL_{9FfW>t_yXGo(TwQPBr?^kBQ`7{S
zbNz#sgnGh?IMGV8<Q*jV)u1m^Gm4U%z4B->{+Ss8mjfZMW3A{ur@e_3an@FM_vDcY
zWx#RcR%x(a&X+LHHKh!m;eu62=#5uIA~86LR-W6lo%3YC@k}=0fJJi<I>mVaT4H}p
zwG-JX&4hf|bS2*_Uw!4u+deKeTs1OLb=TJzulE2@bUPmTtu=VR+>;~+cP8ioq&>FK
zN{VFu9@o{Q!Pn%wt&g8Th95_{9|!(-x5~w{;yh?)75j@XcPrNsFO~-bc2)`EB@Ob=
z4@ftgr<Y#uHGZ-PiXuEC9w73)&u>Tb=bj+3d#{MK-KP3u$4iL0d3U$}-tL3z)z|iG
ztHhLHsQc**a%vep3hF4~I-B!+rE-D*>#1F-Y+cTqPsKC;8&DvWS3Jo(DoV2YT>}?R
zf8N}*9zleeioGq<pCFCi=kM;)=IZruN=-l8>y}4oRNFQ%Y4(-;2~zJTl8HX=`->YW
zkRCM(gP9M&+^Sn%-+1ncj^#^BUG=wD#v^;r*<GoHZV;_G8uZs2NX_>I!gi9;craD!
zqlxARQ)l1tO(^vsTV`GRV3Dy*s}T*EEo2qItSk1U8JRNZ0P-Ow?9EGx*(K$H1UcWW
zIbdT6Lg5|&S^C8coF7aUuU~89u$82c(#{okf3#EzN%n1IL!*Wj_dh59GDcd6PZ<sQ
zO+jR4lb_i?J`Q6tF@}XCR|RI(Jd?Kb1Y#6b<5S*52P@?XM(j3^Gq!&!pJV1k!v;eE
zgkBl=d!oj9uPEK`Iz!VM%?p8dgSU52rNJLL`F)YwhnUX83NH*i>>CgL_PF=UR=*hq
zlrK)a2s21)TU5&$Hkhi6qB1)OTq}3DFf6wosbueK1usb%=Xca4Uk}UCc22R{5}+60
zx?c<F*~%cIGZ4QeOY4rX6r!H?Z<nT_BvHtSYIVM*3teJt-BrgF{bI4T^v2bEe}YQT
z$HU8Y1fCC#w&^Vc{W(=;QbK%EfxSF_f~F({K7oF9TnLt$<tE(xbgLGPD=bA;o3O0&
zQA#?w-sXO047)BaMS85yt6kaAth`1_hk2~3<PM^>DK+IYT6Ti?ECQ+OjX_yi(uj^x
z@oN}r{1B4c@U6|o>ITO+0!;b%(b&v(v17^t_8u0KmI3G2elCH>Ewz5%941s3l$r$e
z(s49)yu_&ohiqiZl!ZA5X$VovKG<)JDulpGl)apNZiL=XX_Iaf@dkEMJlH+nF(r_q
zyG3g-E`A`IK#?^fBHFt20T`>?z0t%a$&qKDj}ZsNQV5RlTFrfM5{z?DiCOZ=*D-Rj
zZQK(=Nc7HVB#@M+?U8UJAa)IH_X4@UwNcchCNW35q|S}HhY`5zSYP$8U!4q!g-}Qq
zHj@b9!AS)fprV`yHZDd<>R^~ZtplOvUBvKDIW=k;pkYTqCy&@Oy5nuX_pSp)=gh!o
z59AH)dX)8>Sqqf$o{7dhS<zgw<Y{pC3Vn@dwNIz>Mv_|rq2bn%|GusC`ICw@L~$&-
zT8CEnek2mU>J7S(&X0s<$r(HW?ypc`1xaF@EE#Z(bpx0OK<)$}IqfBjpyr-jGnLMS
z6+K*>UeUJHX5;{gcd|=?To?KlL+~`Eh<nydTxKXL$q&HwCHS~g@$tA55)uXu9v%u7
z3LXl4q7FXxgvNlugndHJ7LP?nA*Pa$NXg2sZW32ejV`LH=JGNxpNc~noAX(2*C%7=
zqo-Wr5*ntiYi_TOe;tJ)h(O)6sS(avwZeoCtkj#bU6yM{2JC85lKOuBPXVw0xyYZb
z^sRFJugqSSYed%Xr)x7-<NcT^lM+5J#fWLM?KL~p{SSfX%-1E&f;n>?x{RgywE;8;
zlCLTwH*j4rquw-gn51qdVjB_0m{~xVTrDYXH7G01v~N#{B1FASm08{ny_~BE5^vy2
zhkWma`JY76>ue!-HyIwgknW!O#EibTFv%pHvo{XNI1FgUn8=k7LAE_}OJl=(Wk_gd
z3gw<vFd?k?;?dQ4y?SrM`QdYlH?dWFYSaR{%xZ?9@KaqY(igAG2z*`C_YzOWXEtd{
zkF*(2Wn~WO$?Y5#a{S(Es4uoP@p_gMy>r{ZWv$ivbgQtJ^R_(HKtY0uj~W^~OpdWe
zZFk+CjPRVgnOWw}Kwh=6Xc7laNQCZw@4CnSpgwr~PEwjCOZih=3614AY<-ijfF?GB
zMV5j(mN>(vYfd~uevHBUtVQW+<Ik|L=}O9Y?2YgF*Sf!y@L9PPxj|9v2>58rkH&}O
z$?jyPaK-4__*5oP@plBwJQ3Jg3zW6fp80-ZPamq2tp?i;q4?1;muYmVFJ=XI>D2jX
zTX^%3{a{Z!uu@C9%-rWxM@`>w_5<Rx(X7}JFNV!w_)(t@kNexXT6XTGMxhRv;82TL
z&bC^8F15o*^qGBSZDP<8dODeBC5NS3gZ<Xs7bCkJYl=#9K83qCY-M(CSt-)>+|)*_
zX+9*Ba88oaRvg|61%8_;0pdLkdR||vK8PEMm!X(B5?9S-+q&Ts8pMtW=5a48<1;Re
zz2VvOGVS5xtjN|RA3ccOUp%`R;Et4ah+~_yAo(0>VP8Afq2oV{v=Ms`A#N8Dtk{&y
zf;-3Y;(TmRgxQ0Sg~_u-ei6=z1Jy%91M4=ci1tMq`vC)tKljK}5qf946<s$+ZR8{P
zl0`K&COIfwc8B?e_k;GIQQQ?NP3Ee$Qzo_Eyr=6tNk)ADETnZ8w7NawJ~c8aI+otc
zA*TzT-^}Hw6w?u6^L+->ZR?Z2t+E%_7FRy$B>jXs3<3W2N^X+M5MeF8tz5nR1Hc90
z*of_3y+zpfDvaYosElx2%_B%&l5%P2J(Z<S*?vk*kNGQlUk)X_caAzl1|6oIPu)s%
zugEeRrq5nOCroDss6P|9M@+U{C_9-EUH!_wbf6s|6Pgz+F%>SrF=4y>s^58zbV11o
zCOKR~@uD?!Oz{#g3-zF0LPEtvif}QHdyiCl>GZ{=|LlF{eFU=oLc^waO9f*7N%D>~
z&hju+VjZXOBH!b~UR8HJ2Z2U!(C2CiVS*Z{g_Rr*-Xj&hZAcbt%CAOQ<jeNPUAUpL
zX5NjP*DbcbAAP@By#!u%^Ge`o<5PYJHrz4&xKhuG_8)^=D8a9ZsvNy$<c1;ZV4-2U
zI8bXC>vsLHg|nnax6CBCF@&P0({N|{y#ZDZnnX^8!_4}^K%+r+bheOSW`vB`FECqs
z>!RMbOTAk<t!$x~P@j=knn<E8(sAkm(9)RT+eGz?<Q81%IoXD@V{cJ&l3qNg)`>h5
z<5_J?9f2FR^r7BJaoP%);LUsE#dFZHnx&#7eDAaZbJ2QP=Jtm6v;}P>lWv?~Urlt*
zFR-4n%g*%-UQMnSYw{R|vsFxi1^xFz^3tp&;m!0v;jLmyPm5wSj|~4=q*Y9g#TdW)
zUHmvMF<DVcI9=gaL>uo{X@)-wo9l=+hJn-3sI&rSIfs)$9nVqkz}d1H>n0(r0Vtv-
z_A@UJvOfsF@sww?EbmHb{MEPL939#;aFVzG-QT}Bp8~n4&ws(FnmhlZhw;+3k6uyB
za&YJ1^PA}#pA)+q2CR4ZQ71KiT&5l<9apB=4C;r>A#d@JnuW4I8WZD*r`Jvx9{UP-
zGR!$Pb!3*X?ZRYSL?mf?%GfMpH;{A)y<ng&UsPFQYP@kOjS<?ru9y(oE#45kEPJ7N
z?y}vM%{9N>=6)NNbsn>`QXzO*yVW9iS&<!kx>9{7@OdEX!hhB(>wM~j#BWBVSgrZc
zv1m2y575_Wb0l-OO#g*cA@k_yC2CF2az75q0c+KzOGsEtB%{!hiOIn_5{jo44@=R%
zAfS2SX=BBV>{xi~vhbk)t4kX>E~s7lgEkXxdiek5V#JYkQa5-T{BLDR<AOY`1b_GR
z(ILMN-M^~wj(B52u7JDjS2g}htO{!yaML}iGjt^T`&H%DYuT=PiCW%nb73AB2YEli
zIsj3|Hoxv9ZN*=Atz{l6EwM(}0d*EI!JV4i=+~UY)@nZ^=qH>yC=`t&xbkV@vDwp!
zMUDeXJ?7<V-8owB0%HtB$eL9}u2pEZUjMK~y2F@vbXs*YW^S0WkoV88VM8hBru-JZ
z*;czb|2W5b&A%8K^AonijmKLJv$H@yT&XK^W*v%DKd@9jHA%JH*IxSAUPRQ-k8`b+
zq(!+b`a^X{d$eYMUsp_rQ$Bb|r`!h_4!jlpx_Q$>*+gk`{wyWWo*7HW&<s|}lcYYP
zJ%iw~Q3t*?tiTiI4S1Gy-sG&&WUcXRxl7y(H5uNmajNr!U)OKZ-A;Hu$fciPxn}Wt
zNS?Y!{<D1WetREXpynn^;7R)3LXL)}%%@M0JkGa)F-=>Y$7$Ds75gn}Lk~dhp;vm6
z995`cQl6il`H?+88dDRlktbhUe)eNO=EIenOv5>U?<*Y1Ay9g3Ku4<Wp%N(e+;w$C
z;r^v$QrQw;N5I(20XvVk=Jh|GEN{|thw-mTZNq;@l5mMdkS7~={a)ZqMY*xFVQ(+g
z*7`V61*F`zP8a4W95~*ks~2;+FC}u6*2^ERZ?d=FY2j<qFshmy+nT(y)SnTUj#rn}
zy=XVEf%(BRuN0nab<gudnb@F1xTVZDFN-g`EIx}dq)}jhE<+)tV%@dW9F`zo2S(f>
zvtVDlpjM8NAgtNG<4vKv?@d0jplbwCzRjH+>AP2SMr9s?I_&$aj(r@p;_@~@ir~g5
zcd-j8tVe;l8SvqKO?CKPGGKx$^vH<q*7IHF=6eqm72%^Z?W=HwSm}H8Nu()rQ~~&a
zn!T-y=ogRUc`vtS*w-1g!?yHu^+9a`Jp)_5Mbm1)m`!W1_PM=E_FBRCCRC&c=B||5
zB$9xf)a*!N{-n>h4-zAOK5b!}<3Cug1MCj`&o%WgMyirtqrx%DIP;l`zZ}6NLe-A_
z;@TSqmE>t9@X1l@p9#rSyhPRHotytGm90a5MmhYf*ENiAgbw;gl2wxV%yg`02ulL#
zaOyt!U-dt#DHV@y<f@6y_;V<#)$_~T{lkyn&8ekR8l{^M8|gY-(+)IA2@SIysKmHN
z`X!nz<&$jUUH%mmU&<rdM8BjBYmyKeCO=R?19P^OkhfI-UJUn3{2Pxt-$dR@^u(Cp
z#+Xmh10ebyWCsJPF}}a?ZF?!X2|I7%bd|&nK7R|oZDhJt|Eq9!9uYnHf1Nz~@VimG
z%NI%!=3xw(0n4_GO(8u_Tl3CqR-6aQq4ntmpU!-DuF>+6%H8`<cu^jJ>0Jq*_vZ!8
zteY_dYtIJOk8;h9uav8=ZfUh|1F;wbMG$dBNJEfFW4c5BC4)<t=F(<sDt+#9h`K;k
zNth?L@<DeA@tlTu3!<^u3YUp`^nS@ZFB1*ay+842?+|qi|9hp6R%z!3=*j9oZvAI&
z{I`DoM+{W+guGOt-GnV;&xp(#B?s!}HQ6#zOweLcBCx`_)vQ-69aT%_`tO<y39!ZW
zr<(S>nY5>2#`(kvmAf~?d*_M2_3r4Bp2_s<dPy04Ys|C9p}~l1A!e|&G0iL=-HRIC
zHQdFBl-d8puNhV{!#+AgZ2q$4$pQQaH-+x5Od?lN%V?dbEZ4o|GvC+O*N07llRSn8
z0@(JBgASG=Hj20->G}INWM_J*jl5%HKf1Przzgxr{m8wc-TbNg+FGhkT)Fp$m8vbG
zB<44)TT7gJ+!JFa)e4+vDWT72b-6cJvI(U=*yr)(;jZN8#l%ge_PQrAz8!Dw{Wf<w
zEvS)}rax7;+Hm)#SSOi`tHZ{mEOp{dGoB6~q`;QIwEO;(HItf}koo+!i$J@{Zanh}
zxc$bV+PfJBX~I>GCcP3mC*`TY#Zslx?uc4JdlzU2`6}yLUD!TW@Cl+mOZwvPwVKm?
z5ysq-UawXsU<eE@>gX|Yn#u{d`t$d9<PV91Xb&wb(7irnIjx|vfwvyQjTc5Ir^;~k
zD+wgb*a99e)2gWrlae^3+UARD1DFd#dcUpT>nn!i1ow+oR6mWIFJ`fQlT0pkXXb-!
z#nIe00vB@lW1xF-1BaO8T}D5#_RvDrw{<=)uQ#mA=~HRu<t4Mc1I>$RIA}<#moXuQ
z!<kJBV|wNzlZ~J9r!T25H}-FYByMjnm$K}{CP>Ow7t*T_$CV6wyKdXm-nJDma&x=a
zVlFP5U=Zaqcs8MpyuAz>eH>%ucPY2+^`X1sHuVyA;y4kvdYb>!D{4`D>1~tR^PD>e
zb<*;Zp!0g=z=jgEna^T33-3hqG~jk^|A`cK!#w6-_FtMpDTjR*zwd4O=|zO?{})%+
zxdMpyNrm0z17MKB={S07Ttb-n*<#GnF?sC)Kz594P?^6zN4|x90KS*C_>kDaVa&W&
z^51;!w@t6M%BPxjJ)C$su3p^kS}1gyM0c3+e~UP%Q|6Jz;;tfz^;=XE%r6==NX>gg
z`zxk<ws?<O{IegCk^7!@tyvZRPN_p`@8)(pY#1arpA3#Ua6Z%g!0V@^+MPvRkf6qe
z=O$NqRfh3V*b|>_ys4&cbEVFGNRejatCxCx%3=!mGqW4#R}9YM-G%;|`_Bj_=Arm`
zffsRYCW@Jd`4*`pc&npj%+j)0ty#JPb%MN3+OoxQRjx%*)^P=n3{Y-1TaMPY@}t5>
zRXpv<xEN2h-{zco@`e`c3pJ%_676JIx=A>AJLzaYdCP@t>O*(lHEXjABU#29oE$^f
zFk<=C*eQUKnc{ghhuF707Zh!|@5CAk!zQ0wIcZ&Sxep@K=fTs^o!9;;p{pl=O||g>
z^0LZ)aXKipNOZ2Jtt6?h!=80s<AXz$xqXxB7OG`+bbaG#fK~c4^M=8<*|b8Xs7#nj
zi5)tAC9bYAq7ct?z2=HD?d<hea?`zds&1QBEgk^o0E8Lw*9e6c{atC_NvVh7BzA-f
ziZ<elN_C#^b?WQcc5a9Ant7)^A0BgSi0Lz)RCqq5U@{aA+v~Y<jT3b;XGfR*>Dw-z
z^!lDQUcu<?0!UXAekV6Av)YG`fV7%}>ik0(V;Z~##9Es%$s!}HcK!xxq-#l=-B8;P
zPew#t+A<%1r_3T6Bag7Jb;ufgHN+Zv@;>?qAKIpU>=(@mUlqrimok?XzfvBGaGKUc
zzRG!*kHJ-s&A&}Dy*JiP;M}ZrvEOvZtqV(^F^^hOUL;rn=W+0EAIsYWlnj1Ps49RY
zFYtxI5C850?pl<JHgo^aSmO{uY9%Q{NuiL$)H@WTkkI_rZbSGyjXX0xZRLhl8r;>l
zC0mTWm^g$b(G>b!^#k`6)$DsGVL~^r_<rrLd|DZOb<Ta3OD`Qyoh@Lto-r#<)t!Rp
zsr#0T>)MR5GlPH@tbt*|RwLhXZ&Gu?d5xyV)uan0s?5!S^j*QJ4qu=77F*Ai#bTpl
zy4955p9V|0X<9KmljdMha*{xIy^UHcgXaG)8Me3MXPNJ{v-irBE;MO=Fg&?SdVN3K
z3qG7NeNj^_GXHnVfM6<LurH`uX->O%k5TOchwcXw)?LV(!0tW~6VvRfzZ0S?oR`)h
zCyTu`%jvyBZ2yuevmSZhu9+(CwFmz8A?TB%g&0m=(X2ma{Fc?SM|gGR52}j;jeWb!
zI?f~pz2uI#t_43FvN4O3?+2v|JA^w@sLSbym3BmH&a>FBS!Mm35cZd<xw*!;-Sj>8
z6?gcVj6D|}<{*3VwquU!E}S%u8g;+U;4Qgkl(eOlFDxwz;82Ze2I$0Qrl?t(-Ql8L
z(K<zU8OQe$;4QrW&JH`Du8@qrgG$MfjUvPJ`Ru~s76<3LPfaIYy9T^_v>+>CKl<K-
zAAZg?v%@8(exRULfrc8EaQH!}1i46ed*o^fT&t%cvK)50%W8QewY0-x+5%bMhx4gC
zv>Z!|8@7+s8@V|1Xcfnk(w)+B-GZuCWG=avpLEz3B)WPD7`Z$#cIXS$qZc_ieSXd2
z@U}8Z6s#|rpmR`;BRS44qJ(ZJ`$@D<h-D=k3dN7M?Aby%${POu3niTW_FgaWiP4Xm
zt%U+y!oG{^w?S!Me4%S1b^+vp=AHaXVg>u$t6K)fJPBiomMG&of$@P;AB>#%n*~2T
z0BmVpsRqwcrOgA?{OH6bPnP=^!P{Jt2*;w@YC^Wj7uUW@!n^M)hAB5tSH+g8^V>VD
z5On#T?7wcgn&oTmtm=PD71y1P72|i<Sa?l$&WdBG+b(YjoEue}^1LCCns|?K?w}^M
zWy%geiX1~{Y4WzkcZLQEzs#LA2!gw|X7vFmBx5d&i!`57<44=_3^5!AEhJB>j$n&C
zJ6vt?eWinsoryKpvk}$*qc1Tnqb{R-t0-e@!S$unkP;z^Vy*t=Kn8Nr4=j}j07V0r
z-p{l)W0GG6xw03Q^!XY>g4Zcpz4TOcVVv585W^bkxI>ftQ-Acg`Z^?{4)q#RN8hrU
z@*<d;d6ZM6HGN$W@d+piyT)cpOzN&)=Gsd=S<pq9O1;jjw7^o^7@lA-WftKQpz`M=
zYREFdQL+eEiq?`7wf%w|qh-pU%wm)8CjW^*L2cfx$&_uskYhq%=VFh0sZ@{3b>@VJ
zonJZ>?Ewh<tT`X-fd)xu{B2J|MQT`=dK&qo6%P-11R7xr`?LHIwR@Y*CL|NBOy{vo
zt><|5Y3LfZhR0(YO2-kiWZk@DuFU_yU8iArn40Ze+pTcM_LQ&Kv~>JtHr(t54GZJ0
z0RJVefBtT|w1Ns3$C}MV!-ZOn^wbpMJ1dOM6^A;yAhGT-QBS$_mEl^x00#Y8^ZEvw
z0cLx<rv*i%K8cAdnNk8nsrx$dv(^F~&;verZeq&ct;EtT9ai70Qju?;-e)me6K$!Y
z?<Wg%Jb$yL8z{%1l=sZNk`1{E;X5&z)t9i-LJr~WvO}e$EtU;1M5z<lr^2k?L`vkA
zTy@XD%3m&*Iy)bXGK<7F{le>wY{s|wE9jmCopNH1R7|(q>1emDw>6_yne&+mi_@tR
zn2Q?nwwY`;giao63?q%rK9M1O`+j<*6UasE(x#Eo(y5{x0d3y}PCg~)JlPvLQOVSo
z<}?=!3u?c-RiA7>L69p<ZCWPIWnb%INK=Vz&aep56Ua^^PF5WznDP`GCN3e3w;4fE
zVz82{xNf(l@G<L+KMP-2j%sYeCmnuUnx<pH92=6#tCnWG)xL<xE|SE<I4Q^GcHyWh
zG!acK>K|{(EufMxG%;)zVYsg?<cATcySm-~l#lyRbR`c1I^8$)Fs*ok$lWv<U@%bJ
z+Pp4_GLMR3tnn;yi|5bM{FLqRac2mP#&bED@Wp4&2LJ&zkFe!kKD8Ki0}JzR?E?^F
z>K}s|SgXT$z^?DOkha68=Bh+>g4=pQNxAaPM<83UZ);dOIYv~LJRm_)OZ}vFa<~0O
zn#svI(feM(FgVW`*Y|#z>Re9oMW&}_RS!TsA>L9s>B$2C{u+-F9e{*@gocKFeC_$?
zI}+g6j>*}?R7{S@T)K`~MPJ6{Rx5v6Lw7d*{e1-y_LIF&<Ou#Ip?JSyco0uY3^Hra
zZxMwR;cD=AQYhZbn4-(|e-M#H1M`3_bINTb>=%r+L3<o3W5{W^DiCyEh&~F8J)>)x
zzUmZ;J&`5!9`}WW8pjWXl2*LUycRg|+Bh6qP3WKr{G+JgSX3Gl71kpK6*3>wpwmV#
znfJrOm|*xg4<X2fEu@&io0OC;|E0cyA17rnyil}?5u1Bb_<WR!L?dq;K_0aF&{eB8
z2bFQ68paN?&^Dvm4Q4`mLucDyYC~05c$yolw5biK@PNEJk-d8u^G#>ZIUhrB3Sky^
z7N~T5vV6Z6@r$bNK-(83i&!dx(Qjmib2W8|&ta=Q!$)!n;<(Y#aS}$tX<u74dnBCD
zs`^V4=WvVizNE!hAT&%YBWJWOHMTrd>t@o8;ME`){yx<}kBirb)hB!;DBz`uE=f^G
z5Y}`20O*tPNt$J#Qz6%JHdN6t+`J1lt~Sp<Rz}Q);GscX&bWR6a_`%EsLIHyw!UC$
zE5tJR=Z2cw1_O$`{o6y4HmJ)#tabP{G5L5e0Y#a&c%^)CFY)`)J##Q%Zs;EXuhuIA
z^!%rm-v^q*C{R~oqdUz}0Oc|QvhOlMc;8$>L`<hVn6U&DQmFcHIemO|Y{)i{(YB_*
zAYEi<4P4@=3og6&v!q=*PiL7t<*nf6oR2($DCkm^LdJ{zvGfxA&RMqjAwcxzcg&7`
z2?%Ee!?@0~auBo)0>XeSM2rdS3i{LBG3c&TsTfg!{E82QSsON>&@y=Rjlhf;U3|h0
zg5J$+EP)z4S^Bp*t1sdg)FkXrfdT}|s5eP`FVfqT;NjEDF<^q(8wT+utDFhR_!J^a
z!`AOV$W_%XokV?&%)qu5)zxK2qBef!#~+El|4beY_E)3nVKi(yq2@dnfH3xj-mW;*
zfJk^+A(PAJzknp^F-|~1%?yQ^FOHHb8vF5CwFyj-;>#)+B8-#o)Ir5R+P1r)tlYRG
z*HRKa<6d@$W~)E3hOZ2;#PS!|a->w<KsN4}8hjaP0}mfBlj(HgjllWJ3i<Vy<?r4)
z<WKCL@9&E1cnwfOjGn?O%ll-J#@wtyN=8~}>>wbqc};K#oQ64$`*(aiZfw2Mf#BO?
z(hk;04<_VG9WI>;^B?PFzZsrvnHr-6jL9?R1E@!KxQ%3MZWK}`?c3uc!#f6De`XUb
z&eB;5e$oj7v9Zru|Hc~I8~$~62Vr3#`%m&<Ay6m=4ta-~aMzjr{C%y}%~<v>_lvUm
z`)Zlg>5v^HAqy|=d4*rtZ)BbqWi7cXXY}^%f3gYoDdNdqZG+n%Zv1ppR4Ue*_7fMr
zjjy~fgHu7<%cAYV#4f`2n`gn3-B=-(<6Hgbw}?62RVgp<LYLrs$pW6O1dRzQqhe#3
zk}1=+i2}mg{q7TTkvS63P6*j!BVPkZyzuNfZ#UX$K5e^%_9%_Z{S!0*Gsq-wdi;|E
zR3Bsj3koOk<-O&44btVkT94-aTE0HF4!*C4w!hMHWFKLy8IftRF8gAvjC)-3So#_J
z$jEpR5nYmXERqe}N}m1{0DaKbHSjw=9w2h*7IY;$#sL#qj-<PjkD?STi&e8(LDYht
ziA=CG*F;nxixPRapxt>a%6rFiL2mC!R<Z668XPY`n98_y3d02}PdsL0z`j$XFyUN=
z+m-20+u$O<h-9i(<KoYxtQ-dI5{VF=dCMt@;h7wv?!U&OU=SdLd2xh~#FZ^fe99A>
z@S+G$M;=a2KDy?Jb~(H$=Q65~z5wAO85Zh@?4xKUuR4W7RAJ;2BP*2|?6a}bCv0<H
zR1WD@jyXUCndEkmFGWjO5$K<(q=ySjN+58SiDI(hc(D3Ggyv{Nz4RV_y{B8v3M<oF
z<uh^W^?t4B=%PopiZ@3)lBi2ql2osUjy7q11%s+%s;7B(;8-{Y7Z%^6O~Q`j9Bw|3
z!8~IXeTUhJ1`A&ls#|pJYBj&R3Z0FuCNWZ8K?0+jbdT_v8|(h^a~I!8tjh~%t;3#n
z%M(l{u8;YF@eM6vvRs{_9u1#_a#29|*Z^5ba7UV)^M!^kTBrSUUIWvQq(qi(fSB;>
zcTio@Hg$X?@)qe;8Ymz{iEN@c43N1@s@rR3QCkz#vfR|KAQ^PCa&qKEq;9+v<0XhE
zDzCK7nI9)(;^CJRADatdSXEz(IDX@j?53?pVu6IDgIrtoSij1aj!JATy&x;2vlDeL
z3|uk-KMUCmby*hn782)@k%Hn6iKufS>158#$(vX{*rL)%{$p1N$OcQP{VtK~`28G_
zR(RuV8D_lyD8iZsXg%>vuPj&&px)i#F_LY*QJ9^Cer5ecax)RL5Zcep<LvKL$M%F@
zAlY~LU|fy@^3r*tR}6IPj@@KiOMx<?#0Zmr@PO6ADZkVW8n?OI%3k>|k}n#O*az@n
z>wn0SInhcI<DN=uD{*I*3TS$k?dvSm)?3+*fBvIbvu!s%n^`Gf=-ImO4gV@c)I3{R
zXW_K|Pp}WTxM^YA$8PT~>ZA7@3);k_wX7e+1R@hxo*{~-RjuGu{9T35{8VkRmEw42
zrU1XE``*qUMPIOiM@`#yeS>_UTOWaiXDTGi&U9g+oV%L|prb*X&hEERy!Z0ZYz|nJ
zgy5n4TYM=r3?S&+6s6e|yJW`Yv_ivSrP&mvioT0>5JY`s%2B0_H_w?!|Hc0gL2xF5
z6AJ1@AT}AIGM2}47vmp&F$oc4QcX1Y%Y8V;wElPV(k{DVLwo_W1mGX~BHMjWM)DIw
z7*LVI-G=SOka}v2`Hk_@4l=EAKCObYvjpM=g2C5yCsDT(A_pDkXn3k9QOF{|0_LTq
z%3I70O_n1*dsq0)o<^&y8BC|M;V4r`ELAkALThE#QUtL;2~k{1^;{qhV9bSZ_c{mJ
zU<XLp7z=GmzLO1~8q9Y@+(GKnmPh_5vp`z53IoZBm!nR@gW5Q1YXLW^SqJLW=p-|N
zC3#Dh90x=014pQ-&p(-(qnB9A;|rrfa8<BDOnVkBHu(&8zXzpE={iHe^F@@&)5JO}
z4N}&O=aU;vf*B*cGG=PyvF<3;t-)-mA$wu~OgAFqwDagYsznJgIH~$X9Dod(RmTGF
zbxFq8$|RJyL$uH?8Q{jqtzD<&2}~Kh2KnYa0j8-vNX!;u{kYzuyEl&x1u~-$P!J_U
ztQF~HpZp+~IxUJ0tC0-Z6XZB?T1MqB|3RYF-{H`2<+AP2Z&}IzouX~yE|=bUTKUbG
z=AC6}V68@nPRVN7XQ!FJ5vruvOHfL)L3d!`JqImGL?5t*pKAV*kgI0oo?b89`XbZn
zqp*JHVEo6({M$hN4~t(?22KWl3@;X7GP!&=`&T3WzfyEOXLAe*k%9rw0b*<M9b24n
zT&eXuPj4(+ZnNCq<#E#a-+;mTgGBcDRhC`puz$PZ8EF&KukCOn&v6)!1^xZT)%hAj
z8}Bd1d;8OazjY8ob;5gu@f9!S1<%Qtx~M!4F@YZ~AHu7vRvD(6uJ~kw3@tBY{WKy1
z!fT<Mseoq6zOIDvD+R1|srMY0*r{lwKD$4E$=oZ(7WBSwcvz-MgmA7W2I<{j6)~*m
zx;vwY_)0OurcKwXQMEx~3`g{cU-xiW&!0ucnUZF$I~4;E!DQy6a{f|ZW=MNYC|+x_
z$hsO{d0gmy;EqV`vqGK7MzGOqd6hHguL89A%AF@#Lk7F$keM-ixtF==3v4;z$kh`%
zV~|=q*GHlQFZYo~-N;45puC4t*!Yl36B|NqsnJMLAzh6(7tnKQV@w<PlB8J@6||~Y
zD+yw0t;@f3o@qRRDuJS7AxC1jON)Qcfcho@i&a%r{FMnRBZmM*TcpKw%PBzweX5u*
zyyWyOKYNobYV`Y8O+9MkVxS)+FQVErfHYHjc-rn8b?Ut71!elZ*N{V!i(dq1rV)^=
z5SGDfc?<`4<k#b;lTqYEL|Osgb7myJh5^~A*Xe^Y;<;}X-dzqv$N<o~J>7g27tm!D
z9WTKxgTSVWX!D9S@rx7Za8D@cX+`H4BAazsnAJouI+r$V96YjutrRu0ZoUQMGJqws
z{2si(-a-fOmqB;%!;`)G=jhnW4*!C~sFAO7F=KXr-0otV>xWy~UDH_L(pHC~+usO5
z2c^S-r&c%VBGdEtMHA=TFW%SQDP(^K|E^2z&*(c=hwublBJY>b=wkH1vq|063&{u}
zK20baLU&~NT2}9PQSR%vV%|T}>d@%>1CK$H=;CVHAH`+$uqm_R-dD7;sLdF@glFK0
zbvYyNR0xU#eHq4nIm}hk+XvBUuV6Pgj+-OnXnd@Uxyc`j>WIP$Lx?e4#UAXrjdrWn
z^8_h1IItRc11ZZHuJjR|c0Xp4JwUm$12(C$j8$<Elip5X2X%_3N8*sHk{PxHncleF
zKHl^Q1*)>F@ryPB{G4E_bZkBfGijTv4oPqyjHe=PQ@7p#H`^)3Q%x)!g;e)F>}S{r
zB7!L6SoXNEJg|J|FGJ-`kV@^1KNJQ(>B4U4W6!+~0_?HjIzN7_Go&eg^&Ahmj*Ki6
z4PY?q2YtjI#ghVs>b|*^4%bH2H6?WXz}PGtDg;l4#}Bo7e5v2JiMTx!VR2GLs1Oi5
zoIlA3`?`dQX_vn2Ndc`(TvDVd+%z3-H59~*#<PCDc8Jf&Kma+_5jPe0^HIv-){Us=
zI5tfC2~@~UB0AcH$FZ}@dt_66MfVm&wLzQ!Q+nD{cfMlJZb`OqUO+}3e_F%@rPYco
zilUwsHogra_6xNS2dg}yHH<d%vvH0x7Ue<%l`Y7bWHfI-0^GIbN;&bGDg4+XV~R|D
zF)uS-?-)GV<7xHhFV&lj6|(r{j$T5i5mK_nI0OxfMu;U<6bzF(Q1YYnR<-2@_?PLR
zyr>!sL9nGWLLcC66V0xQw2qH*g_!UB5NVd^ZmIc7#)aT{+8YJ2uh>fTr%AO^AKW?E
zXypQPzlpAxWI!v=X3VP2@8drU%}?*6x8@AyhY|UNZ3+vS9X5K;3s9UzgV@$aBlnV?
zW*9Zcco(f}5nyu{FfMsYd|eCrl3P!{85}z0j$SAmz4!!ki+-#`?)gl?2OL%yQ@AW5
zh<5Ie{n}k=aH`sL6r~GLQ}0I%wbp8*WEqJ7Mp#T}Sq50hJPZN@a?vqpG8XWg8rKpK
z8*9%{kXbWnft(}dPa8M4Irc@;9_>8@hC-d__Q6yvYa)_C!w`w7r`Ss6PYFLRMBZZA
zjBwKt-;6G5Wfkzfj?4iqBY})<fU`5-Hd*It2i<sB6P)R|7Ca^m>mT%(91^KrXz{6U
zD-@FNf~y?PF)Tp{pFkyeopp&EhVsfpoaR)sC0%ByqxQfgX1RbsR#Tk@0LU|j3oA~{
ze+@f{Remw?>l6t5<L$?PT?Y;R#}z;ScLfB1@qb!-3xGP3rEU1&4hMI4cMb0D?j9hx
z26uN0kU(&E3+`?SZUF)WCuoqM`43sk?%loez5mQmUHx>)oMx<hda6lTRZK*BPDxmt
zKz%@G!pgNkW5<oD-+O^bA9<sT#W~tPFrDzXwVxk<9c%kXmS&Nos%g#B!*hFeH_hX%
z!9TJuBOS8FTb1`B{OkXXx!?Tt<QgqNtDflmC#xX0+crqu{<TpD1N35aEy|y`;jtsd
z;>x+lApO0`E)f)y7U?)^(;ym}DfPU@0zck}Pe;WT;>&WS*wHMjG~`=LPXC^@$+=T>
zXZt<-ms0%POH&embcqnC-pQNmir<@#3uW`?)$5dhZ&IbfsT=K8j89J!O$8#71Li|q
zjU3@~LjoH3RUCqGLY00<#8|QL4fwgri50xXg<Sf}S^LM=nDX84C>UxD8v<PXS&X%e
zB<ID1f$hCDDU*a&v&E>nzC$YeW;$Mk;vQtcPo*Q>IcI^-Z$BH6Q}hrqhUP&au2ZEs
znC)=Y2Q}8|t61A^ter|7n~a_oiDhDKlCU34NN`R$5_(DLUh=7TRWu>j4WSFpbK!A@
zxn$Xx$6}T#2QB*YkN6hOi6%AB!Xs%}d&a1H5dfPE6LQ2E**kAvT$9gX%jeM!?wO<x
zZN`GnZt>&+En#`y#TA#58*70=EA%5=gXa+repQL#wAF6f1bd~PIK{_b;{eH*c?Akx
zw;5+xICmM#6~Wtx;5>gTd2G+J?7}?z4sy0(#~^IN#O~s4HfH@~Fb$K11y@Z(`Yf1R
z57rwB$NI7;3A_0I_S^%C55v%$X+`?D)1*^z8c~lScrPV1g%4~rtfV-OUQaCRez4;2
zjwr@1zNg-K;FAoy&o!3i4zPOFjg>_keF!&F4{Gn4d8VW#yon6s{1#8R!##I-wZ;rZ
zGthL<CB_|jC3Uex6X0R8JnsNxv^hgSg3D6;$XbuO@JRB`z%;idD|SLZm36o2E2>xW
ztJYq;SJjvZ9r!QJpf7!8yLd{C$LC98qs=_u0O+YCp9jU&@J)mZHiq-d#_^^o?~EjT
z(O4^{;g}0|yu7kaE90vbeS~vIl1FY>)8^4Dq<^IJ{UXFJdS5QBV!KE8#*K69c8o>l
zd3K^w#o$Y4gmn9hNKVl_;&b|MmxVbE**m#DI;@$Fobx+;Dg44KXZQeA;CNU55y@;0
z2`SqG+|^j3hB?`EWdg!ArT(sBZEJ`2DPJ^P_|)b*|5+?5oAbgd1{-5=#w$ynv=vn7
zv5Bv#7Nrcve5N~+ds_WhWO~^NsS|c6zOCxz0=Tct(6Z=zl?~*+)IfXbS7%!>N{@g-
zUclXSDPW=V7cKcky^=ggw4RX6+i2aYab=CvPa`lKnd)kKcZ#S4Pkqo86miN30n>%G
z>)C-#m1@FT<(ra>uZs}Gl-fIH=?0kJR2Oj*?kV~B?1;p0Wx%A=Kr!=Of33x;T^24!
z<99#?-Mh|s%=)!%rHNa!(3ujR)BwSX^w1DaHCod#ZyZA8EW3ESjl%OrzT?#UB6{%N
zj=s6ee92fm4$Cj_FL2Ig=0U90RF#*gR#}HBh|8B!a-*sK4j2S}O5;sDcoKc~JQ{~9
z>tReOHG5v^GWo&$J3vQhUI9T*3NdXz3SP54?JMZ*T6RVDA@%LZW1W9R_I^>b470Ka
zi&5p1@%(100m1N%+nFDJ+nfAEXUvGYXD0?M6US4oO<!9Rl1w6Z27ifE>N+z~AS;`g
zq0K1`a-&O$)D6D{T4TZMhYMcundVyB#!yVQ+xQC}A4OWZ*qb67_A@GUwF^|rIKscj
z4dH=ss(60;38Je@>{RgZWaWP7^22|Z>8>r9H)x8w-t&W5^}S2oQJFMjJeQ3$OTM*G
zm<3pTxm<NyFmOZmm(r|yJ?GouVc@o)@6rSHm3nspbW{1UZh1Q{f*)o|2GBw|bo>VX
zk=~Md`n^fh_w)7t4Kowc$0j{&J*;ZozO^anrX(r@@ooC@gI~JhwSE!W@1a)=@XUUJ
znj>8fHXL*z@wT(^ZPmpBQQ|jYZL6T@DU|J?j%-~`QMyq#1@Vo+#^&m8@aH8^wLM=|
z7}8%}o8*2Yw!`7%uGSli8Q7ek*!yTZ#=r?0N;Q^#ADQY8)jG)jO1Z-Q^rMl@HbZq0
z!B7NCuweK+Gq+n|z}<I1zr7~LYO7Gp>Bg|uLDjo>IXAg&tRf5oVa&LC)c1&*wIUxz
zHPz`3gCM!p-&11T%*{D5YHqNID!r{uPJFLBjhGxE-n1oO52Z{}QExH9SbC+ZOq|Gw
zXc5xZ`;g2aDBqeiC6keSs~M}QQ^nnGDU4NBocLz5ZB9)wWAZ~K{U+mHG`Z77@b1iM
zIZNK$C{~=5_RD$&9QquN7TZwxd*4MXKbVzDtFDBh8$vVgF+<nbZvtd<Wix?2)-~QA
z_P8sNlZ|vF49hMZsvBLf&`sgixe2lQt=$w8FF5*+yCEHQXG5|R!epT4b$pFB*9aRX
zAE>H`J5;l-4(seUC3}da)VajHQMHe=$olTOB?Qp&9m)IooIhY@fs2o*dK#pAh|(3-
zP*!U~mj@Y4mgA-*<WVBXT1j>HH}LgPh6O{<Vf%6#F)qDQG1Fep<s8L_?GPPESUyU5
zMUQ+4S*d&|SkU|&vC>G|-hfl|*tJd<Wd_q&Z2#N3m%-<ki<2L_^*RKee&cF``YCnw
z{N2Mw72}rBgOhX4-Dt<moX6F%%?$ZK{Rs}(piC}GpeGYSyVZvp0`=*Ljvi^rkjm!A
z)Q$dDY~mB1?*PxCyZ1tCPLE&XuQUDIKR@jL2|Y8VyCp>4t*p14c*6y&iD@O^j>82T
z-u#BkcIgLZmo3K%dc{{@LUs%EvYre$%EFb68VP313YM5D0ll~TI{hRU!JZ6>99*U}
zzkBF%*>bz`VDHx?q?cX!;SWHinp~n8@!<B!a;>udy)#nwwt*l9<q7}S55I0&Mg|l~
zG8Bn2DKS0r`@Stt8PFDb1hjAElT<oXXy&fYrS<oTAHDR9)Pa-{EsKai5*z!<{53p^
z+*c?mNrrL?)ZqGM!vLvLN<)ZbANI8@LXpF8!cA!3C^fx1ythp!XIY>P@jvR;mAe(H
zM`2<#_zu84LHptC$)yP*5x(48y=6}a>+O!>S64q+E6lanRrCFJK`2rcBbh&NkVyV=
zY#Da3l7Tr$`FLbLNHjkiGk*KY(qA??>MN(%?EK~7hNYJ-XV|z+NeoBpE#Axi?ya4X
zlV2Yd=!`;BOsa4)?cQ8NrA5wGF!8C`eFtPotOx|<patb=2I;a<YpD)K*|aG(;LS|G
zv3+?<CeCgk+-aPZ5zvCl*-v&$&+}|Z!DwJQ3Kg?z@qtw2vv89M2UVd?s01fyNJ@(7
zzI~Tc)Y74UakJyb*ylNw$ql!Z_8J0H*37;AT8w#<imXI+WkbrlB$>;6v3%5=;ni6<
z{kq%2=)*k-I=UfYQ)R_hWr5d+`0Db6904!|9qfq^(s1=wG7;}mP#A>kH4;+udP0?<
zB;kD|6$9IJ#|cy+)d1+WJ~Bllk!JS_G}x@qKZG3@;9Lf|K=<NTu;-++r$`=Hw*dJZ
zz)Iu@!0)-U1wl8q`R@P)#{&{SbzGQ0%romcZoX!!P8TEu?lNFjzIaYeK047gJL#A$
zKC89e4JvH+T6viDwp}tAF(<mRW+ELNja_fmA()C3XDjsUUA^aSywI<2)HpOR%;Y0|
zK7YVKAu)S2oNj3x-ET*9#6TqOpANA!h(grlZsXdEq9nHxF;_}Ne6@eIQrn$cSVz+U
z4(he?Cdd*XqJLibxV-Tp2dnUr&E@_jC;%rBwa`%HhqKN9kc+C>i#s^1Zcii=k3^%8
zeo6>~kVU^qk^h~x&&$`T#$0wp^!)Gr<I%G}_wRl?<9*~;{QoJVtW%(8=}PQ>q7ISj
z)@l)&(71<Mk8<@6uWKsc=P-h{m79$(E=mUZg2k-_iEBTccmG~m@Bh+EAw%v%S+kl`
zmm2cb{!2EW?*I<RjlOVX0-k?Ks@@ukh?S4;4hiy}eTegM`J7Gg?Y9grLcPdTs;lCk
z(O*P*b5=h3nI+FYSu8vC8cN^3?3mz_ojVv%cdO5rOg^uAtOtLSV%#ju9amROKQ|{O
zTvcdB6r-2^+Wnyj72RpVJXqMZxw*6Gp`q{GMtpH!EF-iWZ^iwr!Z?HmqVEW8_sg@Y
zh!}Od0|5aTtwU7e-gkjvyn`_$c;vy)mx(*wu;yJ&-q#{gGtGu7Akr7m>{TL<IacvT
z##zY$`jDOSamG@X1O4*-EiCCw0eO2S#W%}-^!Hwj5!|Jduq3h-v$1@<!7NGe2_AVA
z9NMalOQ@o1_BQ1?R7%8s3;3UBZmO?msvQOAdk0VDnO9a*meZT51Z?>RK6|!!7~9K!
z&U>RDK6eXxwA>i*E_uD`R$=y*h*hd_a@23(Vq+crG8LV^EV$5qu2y-J+-g-sZ=bUO
zK(_Ijq#xmZfoBEEd*lWr_OED}zHW>;uV#|fblg3AvM_`=nPskL<t)_l4a@>i#Lrku
zRXH^`_gQEq;}SFF^S}dpU>Iw$7xOjphUe}J!59u!r6tv^zG_{Gc^~=ApTeod0#UUl
zLwujPKKf-xflh*GkICi?@b}njO<8g}^g7xR{rl@}JM1e7Mfg(_QhaGMlSonf`}YfX
z`-wg5qjs@72aO$!b^=s;<YXe)B9Vz-0q?HjGW{_(x@i_*yEVOzJ4c20gq1P8rS>da
zDGIf2v3|HoR)J$|+~kO8!pb0A3Kx~dH3Fupo9Yjix#vIl3cdag@MWW$Rnbg?P{)Ka
zLMjrq6#k$;?m61LNlr8p)d0FLj-nL0F&ungJmGI@KVSPg=KX(X$3*p7XT;1OO#QX9
z=cz9v|BlgXk&$xSp3BreGaHD<;{QvM7$&w$Zu{rm$w1cJ@bT@sCNouiS5;fkVf+nz
zAD$=0tk>hPp-FBYRg<QqYH`Z81_zO6#|=+B{`q)gAxa8@<oqpA5>%V7{e(9$#1XTE
zr}z-7p%~^mLaAKi)_HOWp(oaoS!y|REmPboDen#GgIE~xG+Tvtfh3k+I4j51gWZbW
z+0<58p|$pZJon$w-+sM}GA@I_DV$1G1i?*5flb*k<?gD^P1G!+M;80F44wL6#Cm{p
z{+=!Pl{t?{#aK!0>o%+*l#rGS8l0#Vj!`sHgY$LieLGAvgPut1?|}I;Z7IpJRRU(p
zee|1rUb8ewV*{nfFS^;D9kVuknCwadrWL6W*d?xBjSpvEA?x=x?cg<D+w|>_2Ern^
zy$L~Qwh2o=S{U|b4p7}nM-N7W1iWwVsNKt9p&tmGue-8}rO6m$W1x&I&JBrr5$j$i
z;={6}?}!|DpiU7nX{lo)2U$uQylC|z2~K*&y5b<`u_Js^OIM%V0}{&QIoz!%hTVQz
zR<h5U3+7xhvGn>3;#9?b1VF0#y@uCP9%ii#EFuCZ7<`@fDD4ZJzP5^%4tX5c7zVd?
z1uGhR_TU_71Jx3BE56;bT|C$q?R8+PM(V~HK!)qJr~rpN>`<*Y@=|1n1xDx}WnM5Q
zmos8-6b7bIEJs{O2NPS@kUYBee{!b5*rZ&c*AKe*sJ*FCS@O}2fc47-eWI;cX9Vku
znrdhhKH4=c+sPubd1DvxPkC2z!3E;`P8jRT<D-q^JJe>($Bju1gc6m#8^awWWZ06;
z^E`>h*t!NUZtU0rU`x`KGoRV;5koJ^x&-nmydW_1?O#>&SCVU?yX*%%*STa7oCyQQ
zPaeWoyzAX07?3=6W}T0G(ZmyOXN&o@zs6Wyx@0X2i6oVnlcG9k9CqjPVB~>WRkHR~
z-U05oUr8cKKeQWC$4jKbSVuGih!v_zIaT~GM*4Fx)->%J8p-z`F2|0+`(ef?nz}hQ
zvbLAqr`rXjcx`L#aljg>TDdD_zXOIlZW&|5WHysB4(+%b5Zia&Ac-@jt?N(I2I<<-
zr7RCvh?(>oyeXH_OJpL|%G%=V?F}%+>`z%wQFP=OWmkc6o#w!6l~CfkwbgVZ4~YPK
z|FO>$&2?XM+F)BI3o(tczti>6)Rm?OFZo1r@_}4qrM&?=9JN<q%J6*7VlZ6B^3)AF
z)qP582~39-mrAS@fX}3leSx*U##PRFCTneyVT&9FiL_bh7Gwrqv*>1JiPU`!^AYL!
zF>Wj`Ryp4u;&@_2N9l|u3a8EhspRxU@k_gl1l*Ki4U-$9R?G$&3)gqtpHx^eB}-ez
zM+8VKj9Sv<T-P*5NE|HR1=YlHf}wNq0(9Za<BMbN18s-yIPO-u$M(b^Z#N)`y|rXO
zAHJYw)=UO@bK1^!WPw+vC?f@Y2ZTR%{W9R~M@J_Z<S#*bpW;@4x;jNnRDSL11PUwX
z8rM2bZTuFM0!#>a=ZTp<9sqQL_8!HcQO*?&g$E@$&N*&YW9`4@o)S2)fB;4-mJ{{g
zWpYJ?rlO!(UwWkc1Vt@Nd%f*M4Gh(UVNgRLe6Hiq78_opaT8-@%VJ{!M$`Z_aMYGj
zD=6@^?bU|6yf%c+$2DWHh^c+WHmE)J3!5rV&OqP_8Tu#iseB~&rejkwBvE;QY!C?F
z>0JtX@%>|S&L63(nQccA`Kzf{Y{`-2S1H0lZ^-A@jw&Y9rb%h6#s{9^#7+i;!Pgz$
zltI3VFc+}KSA;^uL|4#GK|G@q5;5E&=<9>5M2<tXy$1%sCUGIbwKL$L22b~viAk6+
zPe=^n(m1y#)g|Nr9N$ud3y^{0g{T9`d&A%JU#R!<m_<;&kc_elWYh5=Ar$6rjlq<(
zE-U1yr#b@#txGhehwVK~OoyYuup$!<xe&H^%SQ@mUI|FLPoxS}4zLxj(1i=hD0mN9
z4j~ZebRCnR0hT(|&_j}U(~B!w@eUkYr6DJCgJb+As;rs5pdf^eg0~@3c#}0qg(WOE
zQI)WR0uhB}Fh2n}o}Q-!PG#C3j&S)v&dJk%nu`tD$243s%(*mJ92hBSXw_34$cz6L
zD#9vq9amL9jpwc4on%o{h_$kFPM|aP@g-8QZJ12uCrs=R-K|A(UyIx+2nf0$;$4$S
z{wp!kNcE)VJ5;s`qJ#63CT(RM7#lE3fF)5Bw3#Gy112PDSqvKNR|9F&{2}+<SU_@k
z55(;p)bU(R-t%RRB|}az9<mbE(z$am(@i(TGW~ZQpkczj<jBzA1cV!NcNek{PE>_5
zeXUM_90-83u+2*8N^p<SOh>1k>EzWao|iExOb`+uaj&L1StR5KS36`_>LCbWFNQ5c
z(U!VFs}gOBIla@ubOKagHTwS3<_%bGc&bR-^nQ~wG~_x~=`emyG@04Z(|~Rh(o=eA
zvoX~!ENszd>Yga;tHLZ8#pB^MB|O7rUKHzJ1j5v;_sALDw`#=5MJ*(iabPu#F%_)E
zab-KXJizu~Tk}6;QPi#agbtI<wI{-$yXCw!kHIEk1v*3y*h4j|u~BRxYlZ|7k|b-W
z#PNV(6Pd^7Up`RMKE@Y8IVM^4Jnt7&mS3$yBV^kzgHnpa%+h3C<}_{v=YT$Y_V$Ga
z6_p(%rjST>heU$#l5S0m9k?HQ9y7WIRPa15k_UAZ5v{lnrf+{~h=LS_smLRDuVc?~
zR%5`&ZwktS%79omR3MjmIWLz4<_+C>2vF4;5;x(s&_Evv4}F?Rz{$}$6ZIrQE|}X%
za6qwgPz(8Vsq^y1GJn@pnlb{l5-9lAlvqi<aj-VEjc`>LkO?A%u#Z8b&44zPA{i{n
zmHCR<hPgNXqF(KlnNVK)Mqq0Y0}cSe)vv37AFDSa5R1$TG>uE<9Ih5iwr^**i`2kd
zf^4uCDAQ1?PH+0qn%(yTd+taUZ9xBimIa%`QCpnv0ClUD6Ewd#7m1Df1&4e#T}OxW
z!0J_=Q-o^8()V>gE>Av^3#U|!%51uqKdwC?1?r5=0P|X=_il$ju0_b0+=a^CD1`_j
zph3(}S1(ARaOZU^+P>h{<HAT5LB5iye9359P{<K$fJ$DE=!VfVVaA20K2qU(#^bJr
zn5|z7$H&NW$mI5YE!F{l@;j@Y34wzUgvzPby2)46VW0>Z@}b&E9eShhoi-y;Rzq0>
zP0o@n!LF?w?<iAcMpBk*AW1lhAIv0N^d#E}W?oa92SOBI*xOi${CHR79yUwxFalRf
z-aHXfWJjT;YA+isa55Cyt2a$(0mD@;H)HqbULIDDIGhOoz})Z6QUHMyLbhoqH(M9S
zQ=jllG5ulC_~~$JN}b|2-k|S@Ym)L}jV0Q){7wQEHjQrsXouhFM_c?(%uze@Boy>E
z7C!l2e{u!u#O*JDNfc>}($wmBLY}rOT+*)Ta|V`Mx2ODKvzpg@==wdAMBSF&AB0i$
zO)iCGubYV25dI%1h|73pP8vH9l5JoB(hj*NfUrq{XgGHYRo^ZwuedhjY|@rOEsB+O
z9n#4IPyUj86`&3!=PP71?Kk-CG{csjHxbFxWzRGT3po%vPy~Q22kLoO%nE<2q__yo
zZ`uTfJZ=*RVaXXkzr{*nCE)@W4B&oL8ksz34YV?Qj2VDMiWfQZy*l6(!2)|B7|Syn
zQMR?9=edqDGeU)^MoC88G?P8^Q62uphY~hjPN><AvDBVRYz^(Mtf7|;(A|(Sd70U>
zZ_Y0JSXi)vW~&I$P{Af=@K0X`V}CxcAr)1b$i;s_(&QY;&IX2Kt(b)zuxi^qJ}}3%
zr0xHjYJC<WCq_Eoj7@hm+TJlDSd@Z`Nj0wsLmGfLh*3Kg$r=QU7?SezW33OM_jNog
zpbF8e&?)!a(>1J+<jmiXK+rb0VhX?a{}Q5=hC=iva;E0%$o>jWmoQvMdoCyUKH^Zd
z0777t)>pF&4g6}60C3Jz8!Ry}YN4j%jOIGZ<y&`G(O?<qv<uQqyW&K2sslBG;#irG
z*-_r+vBm_$WM%r~4N2}bA8v<Yq2k6fdzE=0_N@C7Tvs6){tGrZcj*xgA5>t(NA+bK
zM9lzLc1VVoqlR!*Q2KTJxh7B#1hs6yj}2EDbvxUFOWTw^;ru*hVFzvaP#89!RW)>M
z4f-k<Ez$VFkcNAB5di&t<j<YpR**+pG|HPv?!ZgWtQCdrq%lwcRd}hlkICCHu8(JM
z5}*!s%&*e<sR#4l5DCFxGpwaUDy<W3M8O1@Ex|Ym=x6%(7d=6T{M);efJMw{L&WBU
zFY+lNRtU(#9xT8vGf;C7R<@(7B@sLj`!%kVVU4zGg~6+~$So2Ua6&bYNDe?kro=(z
z`ps^xvlSD$a^>>=hyA;vx2PvLgRC)TAQFW}x<7;DZCFnwpTTC?37jDWmQ<$VNl7<3
zn~x+vf#xIG5T;+`peZJ8sFj4`^TdRezp;k(8U_ZW!{Bjzv%H|_sfBJ(D|r&v9+fwh
z3ta>I{j-AMCR0@NDR?(rkeM{!sn8Un`D|A(Xy{HYq9v!Jw0}c1o)cm-FF8M?{Z5jl
zu@@5gpl*c_(!R9#jr|Q7-YB2*3=p|vVA^X9dDQ_=0)}7=)De13N>NHn30=b-OvkUR
zCXUI8awpnkaSKs5psyUZeaB=}_k(QSG2z#3wEa7>-S(UC4-J&uRZvJ!;zFoe^8!A)
zpxhe5DH9#<qu3)1+=N*g^{qYw8BU53bzjL{_s?oYg=OX+w#LAB`$za*=|{T_H~kyp
zx?-9}rhR1C47z~F;+UvV!uJAU(SaYa+{i(fZ`Q5HBQSiiD%933y()>{NQGJIEF$5R
zV+mY*(9ifE68{6|5t*;ZF{@H+^Of?0G!?-`Nkth0i9B`QX<esy8IdulM<fo;QEb82
zCkG?ps=n{}<}el53?Dk4zChpwC>$0v6`1wdf;dLI<IGV6qJp%>iOz5>5>TejnAm%#
zu3KDT>o^Aj?m!=EGIQ~GF9#PKsHYZ(ua~w27REr>+2hBoC7;JK|A7T9?3+7x$RyKv
zAOm3J6l!<Rs|SJ;ptFJ`wT85NaW#i>B`=Q_O$9`pg<_VADiu!0-a{l*HVICFSa<0a
zAT%Eud;>iQE80dyaSmj_u}yg}Fr!MW=>bqiVZ{iFj=cM<o65hFZM$R9p9CmNf&r9%
z!Kn#wn>m`-#`qj+7{=#2!zT=P6`yJf$v`ngG7BDZUCuQe03E$-JS=+I3vhgPc;?lr
zpc?ho><$X-J_b%MW=lXVKX3OrS`V+WY~E^uwAD*s%r{vuz`34tc9Sh9@k{RPndN-<
zxNQpUcv3Y_EO#+jq9I+gN~ZS|Bnm-<^pwKmV!6_V1L@&psbLt4l%JfwB)|aD4VU+L
z668qWf|ZmZ#AVBwc&SMOpF1D2q9xLlW7!03)1)cG`6SEcSCAgQ=|?|8lT2>qSdXiN
znar3pK=1RF#w7;lIH?{u*pH7Or;2qfF)3pS%@7rO$d%NF>&VxUkSvTQhu<rJ<KU-J
zpA#<eMqacLJarH%KF&O60#>}meX-CXn@Xo%s#^Gz<aTSkz=|ht|D#1DS}GN>Pl-H!
zh&1~olTs!*CY;ILVoWa}c>IUnuj;=f-RQ2}lYxM5ey$oZs`)Ik=hHMP5Kh5227nqY
z@NR7cFk=R&fd7W2EkZXO7TJI}*<W!6i|tkWFBCm);9|i&P{F0Q0XoOQ9&5{uHgn~g
zmAZdTCJWr@=r*V%J2qfNfd!<nq8RyKN~{Sb{Z2zb86b#!O{0_niW~gU^;UVd5F1@l
zf946ni!QRU0s|LOO@4~VfDCW~yhAy7*$o@a0*uW4Kwg4x(Jf|xPe5U}x&OQcP~jj9
zDWxy03^yG%RY#dlGA^uH%9YSX4giRsK}N63L=l$IrXvU2jjDl5=v1n{?T9jSa<vFf
zV9_Da=d4lhU<DeJs(P`)I#6N2vkNYR2a>)Amb((a9%qrJtad!UKn5$~@jQ`AyxzuT
zrVz)0LLos%v%P;V?U-YipdhgV*hKJyb0sr^M+GD)M%+LpwqlsLEOA<xh>Rwxq_<KW
zLUMM)@@iPCbZ_fcY3KWxVZy*GPECCwcI*v-uGK4(48iwZ-43#;?nvHAfd*^^hbuK2
z2l10*YjbA^%=SI=<$Vxv4iS&n5#|DyFN?cYm`$XMg<J38wK{_)5@XrsPjwSFry2}i
zT_i=xc?as5wtyTjRd?E(f(%GJ7mVpkDC)^Xz>$%x>@|~UL4$!3!C*%DJjJ3+!VA!Z
zXp&_&gbbw0i#@H9fP}Wj$5wrr)d}{Bu;#gl$21~G0Ex*4XG911d(l&H;Z3z2RUc+B
zX_7D|S<?<r33#dimAHybcwy0vgq^?{#MHyGAYppoVEyTfT;j3=BoPdH$=H))?xf|w
zWJs{Sh#U@HSLM>iP*|u?FVR-hNz0<;`6I%RPm%^X3_eXW6rq}R42RXiiK#}|7vN;h
z;ryJMN3NjDROApTL?H5mO9P=~MiPuw&H+wu4Y>Ip4a|m?m^qph3(Y(phg4a*bz&L>
z<@=H^1_3}shKlkEmXT3EGxi&%sd@M-pv2^xg6_l84QYmv+cf6uYtX2(NMg($v5!x8
z^gM<jF_e?(xw}OmiEtn|B<#N=aU8bRtl;2T+fUsdzxH>$SnhkD-bJqT^7kQ5wWwlc
z&=7EJv~y23$nU?L-&sow?Fds5T0><Qtc!(ZC}x(v?`I^*OTc_1$w6k4zQ+#!1u;m4
zK&&oF1S6#e8o4J@%1GucG)txcfe8~5Cw6NZdi;e7tdY65v@nw>w*fmZq0F>-xNsUG
zC3e`94FsO2W<p9YB60#)IN4iZY!W#@N#D}-Kr-R=B9R?a4j;zpM)<OXVjo|zf)KxU
z9d5;j_(^_|_2N8HS16HTDXdTuT*x~I9+v=VljO*=aSSkPfGN{PA-c9QJ{;IW$%()%
zfw2T80U1mGGWTU2HW-;QSLC3$tc|1D7$Drb9$sXh<c5=2UzVZ<Os9a#rDtJ*6`mqX
zoP&4?{^&({LafG0UgV?hgc`X$Gd_PhX~QIhu}lRTaSv<U`x0YVI2>OFVL^nOXGpAY
z6hQ~sS#@!deaI@(VxfX|hq#1+G3I#b^2}?aZ5wP?3rY#@N(XXhMB-S0Eet~(F>nC`
z-aR`1QZF5^K4o|36H|F<FqA-N<Gr*(zXVBGoc^fM+N@geT(G{I1D5%e5ExciqAJv3
zs4VS4Zi-r_(01)`;G%E~i64JKG%M9(ipE3C#b$vee2jQSZ~)7>R9-JYj9X*4T~B^4
zjtZ}j<kZFhxrd=P0T~kVp!O3sPf2c{zBZk-z#vb9CRC!#bRIpGF)Y)1FfDE$@a#Dg
zdkA#^XVhubd^Z$Di9y2yo3<m`Fb^DqoWfpIE?Ppxcuf2Ynvt3^1o2ip`e-y~E@1%n
zYjSj4k|Bu@=Uc>lvOO-%^c4}#S~@hQ#tUeP+5|J$!RBtM5MzQPwPp3>T}TQreR38k
z)uJ3Kk=!6}9h|glu>b^d02bQ8%(V-8j(iri<fZd9U>0pKBsoL|wJ*9wBz+cPo~XND
zm@1ge1dufdbHDgr16n_TKZcZK+l{3c2p&#?Q-XE}OED6HtEGVN9$$zXup^32=$SM|
zK1qXtL=|=uoT~gBVQkMwJ&u7cxWsD{3K}xx6<BZ@qH$6hL;x<-H5Epou)I4Oq<l`Q
zn_XRy{3J!sobWmqlQ0l5hvOYx?`Nyygym7f)^cAr5*b$Kbmo~<{D|2)IV?E=22AZT
zEWVs;xVk+8^p+_28l3cpVZUe7BD#*j9&aO^+!1N{j0_N7;$Z@+viD-wNj)}@huu*t
zsk_NW4jj{ikbu=dd05!RR+l(saD&Jo@n<xWIhE%~uZv^Kjl~j3$kGA>HB@DESQv0r
z!NV8#<q>Q+SYTUsY_~}r<%*m~iV#|yt+N0gY4RjoVJ+w(bcjKywvNNNZg>K~HB0PX
z0tM_8dGCn868I5LYW0!FC<(%FWWd<mq|99~i5*-*7S(qE?>#^f%2>us(DiwlPv2{9
zFEIYDCBv7dF}=gbBsez0p-|A`00&JL^!7fm;n~(m(AUU?xz2$J#q_&hl+s{D`!DrK
z_P-ABBWClDQr)EG(aL0rMxIJ=xl75XnhVBsqdb2(C1dTb+gTt>LjN!yA7Uu|dKEn@
zz&x*ldm~3jWfd6~!C!a^)wBZw$|Idu)hv2eTBi?66pa)YnG{+SD~FtN;sw>9n933=
zD&<r|Qpy22EVRvvjCzT1KPRh+g)u6;U;&RPx6Jn9C>})PY>1OE!L(E$d~cxvyn7-L
z1=NpB3>t^j51>Z{&2tGFF$?uH$>%TceL>-mp};UOLGh1SxRlXI*g1uPsBEkWKSs=g
zgMq;UP74(*;LVEX3h8Vn3wbf5FBJ@{FB}f<4uMe>UR1I5%e3MzG(X5X7npH*WkhKp
zFCC~CYCL;hk~UxaQ9wLZ#Q|ADOFUeGsghpxbr@5DH(7EBrW_>;n;OKwA@F7zd{`ao
zvpTIQItU~1l~S1OBM>DTaUMzV>BY(?6xf9{b@Ao|=yuMfB)6oahc|W#=kFfn=X%g2
zOth~H6Dq7@2CMRPDuVWyMqIcYgUy$F=Jsr2F<#juH{kNTOiW`M6u26XZqU`F<etR@
z&7<74-jxX6!XZ{)yxqt>`th3xdb@t*Ow2Pijxr?-=cq)gH1>R~nsHdIeN9od$-r^h
z{f3!5S#p_I)a4d*n>ewr8D*%IhEw%3R7K}-O^m)FJR;lx+xnlC8S1IsSB66bcCS0~
z5Fo=mF-{NQ-vL37;)n-{$fMZ-x~P`7PQ2N^D7uvDzGoF!ul+P-=#nbap1E}tR_9#s
zxN4p=(QQm*I@ZTwIrYBh(HVl^j3Kpg87f6*N}N@E0uXpMo)a*94$X8dkD5!=zFQn<
zOSRdaCOXiXw!vX0%P&9-RZmjUymZi&p_RPaprr%~SMG&G#j50Sbm+#U7#jgLW@fCe
zhPbulTXf*^I1~<33ycV7;_@5lZgQ8^6yH_S<ZoUYe`<RH{1%Zpry)jfgwtioacI4^
zZHsZEFhA2}*rZE-u<hggkUmpc?44Spw#}`l_~5l_6<?luHg;vE_%7>Mvqvdq)$ZBl
zp<A9{mDUjRQY_!HM~fbmpqg95$wK9P#BGZa!4A*XRLOjY!LyahplsUKWsk%8L(zJl
z2JygYUgW4S86_M~7@GlVpo5F%MAqb`Q+yoGw~apt>_oEXESB`y*`@Mal^~DV=dgby
zd_2~gm4p&ZZf9qG#00Fr6M_b-Il@_isk*~HcIP>vy9wVCsyE?K61F~$Lqmwa5?x-5
z44TWXxS5X8McVT>#k4wTLqxSTUojOM;uG;eJB`N1xCy)@!W|#m$HeB|d-3t)-tX5c
zkcsg9q#okKKcHG_wq;iEreB=FjML^jKvj_KFeeBxf!^{{ZnZ<#+3l~D;|3wgI7?rk
zTNIpTowE&zUvIB@)Fo&5$$t}{&6oV3oS$Q{Pa)=a62Y^i=`zgg{L-_v#AXJGi)F^_
z?+I0!mOO=OdvxgAdHeTAT)OVMHn`T(&7Nj?xn>kBU)_qY<$pICns1>?-P+lgTeD}&
zhmRcgH%v~l)O(FQnvJ4CJX@1r$N+9fe1NyqTcR*tq4%5lPAbhME9&-i+?aST5AapF
za^u`Q<he2Nqhbdne=fz3io}K5OwSn6W%n;7#+@lZC&z$as>);?BWOfmMUmoQzXGaO
zdmx~7{;tKqjfEeLG!VAg=Va1cv!ZSP7vP82Cr1*Bxup;IL)NZ9L(Ay55|B6}baP$O
zTVw@gvIR+uDs)JLS+|#6As-v<YZs(OIAl2z>4bcpiX{fKu<=~=t*8Ep6)o=}L{CL=
zd5%oJlKN41c92uv!P-WbC{^HZGz&E%Woex|nrHGpD@MoiF>&nuU)bOz(iORI&=*TG
z&rFQqiv2nq<`<eiJ?6RhcA|sM!B3T-gXuy1DAb4Q>8I&|4xHQ9L;~8OIQ;d&SdOOe
z5p{Z^d03xAGpr9};`{`$lxw?Au}&Sl3T53>`>TwZY%X5A>W;_1s{M_ne}a0-G2WAo
zX|6d*pxP@8T%4Co<&|iSp7RpKNs%WGZ#n-h<9n>E@Kpkj9)=*Fa6z$)`4`Ct`4t|M
z;yK3!ZZ>uo^8YI#wa{>H$*i6$PouJszP(g7aF<IR^H~|57?1gtw0ls3pMs_;da855
z->Td9x0=5DQOTY5bBT*B9pTtDn^y#eebI|f-pI@*17CRlM<_HdsXRm6t55^<0Y~Y9
zxqy6lX~HENQIXi}uvZ3(8tG4v2&LJSW)$sDel~QV!%WMmvTvn84*<_l0pI{|XlPg{
zNYD((Kb`=<o}K_u6Z2}(NLiGVa#@8%R8&ozdPvAj1E+y(q8n4>?8eRszr0rl2ZIv=
ztkmdPE&&&>#_W(Pl8!DY+Kdt@56>wYuP7Qi;24<|rU)Z1jxq#_j+zo>JyME2{|$+^
z!;Hy1qJE~rdqB;lWapI<Hp^vmcj7PPFlQ5=W5klQ-`HW$8d?btgYMfg@9LF=8Hax<
z;4p42wze8l?$dVH*`Eblxwla1d)w~MRIYjb_3D9e%jigeLh3PJm;ctD?95WK%VyZ?
z;;p!U-%=Dd2IE20*j&M|x^kr^N9S6>n5AC1LDgf`qk-m~gTIj70Loa|$7_`1BSV91
zyl;z*)sbi#1BCifd@UGm&NK&GDs#h$NW=MkrPs{0Qd(qjRT4iH${BWa5ua+^7}VtV
zcA!dy9a#|JH>SKa`lurndYcDjt{3)V0o};1N!(Y+e4zRT;j83lw)J-RnB}tu&zgp?
zK7OEXI^%!!vFD_%-N~-~+}j_0#IBv_uI-<TTAk~#3;jEP)m%0@2^%=HYOGv-R6qK*
z509c+6H-A+4=dY?_QcReQCDj%rG`+Nz-fzW0{?-LRlYx=_;V?(_#@|CD}VNPfFSQ{
z`u3kq$}$rBe%ei5cD?gN^%DAe`|_>y0{WiVJM5VUx9nnpr=q^<MpT<Gmd%-p16Sg@
zZANvZwM_LFyKVR9-c}WnSKi4SYDc7V^PQR3;%&AR=F-E7iR5IG;xUn$lnx#)KLfaE
zY`<kuvM$IFOpg49QwwvJx5CS7uf39ZtIvN^&Ju5OVqB5)KwItqJBD`oH^G=lcfI_#
zd*<Rl7K0l$vfmd{uHj4fE;Cheqmiu$Kl`~gu7&4m7eC}A|FryoB-(a#Fa)w5LMG_B
zUZ@~N`n{!2dLXIo%-W@wGsxn?pzc@BMiupufIIs~Rt3+mi$Ie@DDv+lh-LOWKR){p
z7XG7)-vrP&^ts$WPTwxXTD0&hQO-YR{sTMvfL-VyQD_pH8iu8bqoZwN@lR~Zq0xik
z(%*^EOYC=!fyUndv+mz%{iB~OYRs%ySAjdsh<L-~5&yww(th@_2bcTa=)7dlDde{z
zGZWd9sGP;$OJ|Jyk5Iy8NBxbL`v;w$4ba<8eW-jn51Q3#|6fy;i)8nUMUBM_EmI4F
z$W(W#|2r#^*Y<8&(EiRpPp`v|qRH!C#{TkK((2(EW!u80oJV#4s}rM0#<ecAzbTe>
zIC;SQ(@v<kx>g(=e+Nt}fv)~6Kbn8wkWf#PegD+_gT{ctL<2PdQL(s$l}T9HIXHnL
z6l}k=0YME#Sim<mnj}kF_2c=5LVDel{W4jaG>`sHLBh{j95Nc1!_U<ZDrq({A~oQ(
z5NBy)M4K%uUx*KHzb;yrj>9eUqDt$_qR`+~tafk6EmeIZd32}g8B$Bto?Hwu!sp2U
zUnNAOstHx<8^<ND717J&rt;y*)oCSdVKWj*b!w!G$jq&J;O9$<CW2sg$jlenQ*EP&
z8FRDqc^_4>!<=swdC<-q=NjO=sbc4~8AY2vZ<`j99b2VXZWLO+RXoVB%jKoY7Z7}#
z&{SCUQqSpDg&t4qJyxT6#YaEIb*7xw#&Ozf1i#U@Q!d;L<*Kyj%ec4f*_*lwjZJ73
zePjC#%h>P^m4h`&@{Mqe{IZ|y>vYrH`822fvT{x4#^1OSs_7B6m+vG&&&U;mzi&_^
zS0hwdK`pM!siby>3>Fm_EH0)jHqCZy`cis?J+P`frSxj@!&D}rRCxTS?w9_x>-;bQ
zr$j_T{wNpx{DP|z{63<e>WUi-W6SAgM}5HAX_*~qQ7>oT(oGpvi5w_@kv~&UQ5dCg
zjGwk~N-9A8P*i#KZSv8qJv{w{bm!TyXWTiFS$mMnbss3MSjYN|a>Lo3X59UdCkpGD
z*tkc+SHdm+UowfH(cd3lTnZ%F;q13rbe7FTG}1`&$EML;P&lC(Mo-uFm))Nhcw+01
z%~_rE>XvIE;k7HAb%H@xjJflWdN<*_YK1*3#C<0zkciiGtam=LoQB{Xa67^yf&6|}
zuZ?4%JVR4T8#KF3DxZ%jQI*?T_Qhd>QorF<?d_;g2mJ$2SDe_~`?i_KEN8fH(QETU
zI#Sn#{>9j5!(J^5Uj8#xB0{L%%R`4Wj~CS!n~%IGT6`x;w{FAKo6O$Y4;I90sgIdP
zLtF`@$J^10ph%a+`aynV*NyS>Di8bNF^Q?h64It+85-1ssL|@%C=5oWW8p|Px}<OK
zpLgM&40@kEG3d-h%&@JpiFdbDx`@}G1-^aoWB(NMFHCID1MMbf?M%@^gEi`(M8b}<
zc=cX2&5@&pw7q+ua_3q+-5SL$T2}az8%mP0cy!CppNk*(w$RV8n@rIrbidlleN<^!
zjEgATu(&Mrp|9|(i^sCdU@fU@54+8PD|*+MKFx^YxO-ROC-`esymlzXj4#vl-6*-W
zm)g=it9L+PGE#9P5}<g#d!&HYh!zo%n)<3`JN5OOYh?e{q0hU&_-iXbzc%lq%qb{-
zJ1Y9IYMa!;e7j1<qKH~xEc>|jTQ~}?)algD2_pAPleRvjH5~iXK94YTRo1xm1^bnx
z$yxb^s=pNCx3jEng#8L4z|XpsCAsysp5Wt)RHl%mk00<OrTW)4*k?)3q*$nEeyxAO
zh^(ew^oI&$f$1vks95Hr%Nt}DllQi~6XCoyyIcf2eLq1#RZCp5<&1yq63A=$JBMAJ
zx#GUrLhgrVGy*te$Z&A6K+^7nx3mZjJe9EGHxfUA>(Y)CJU^sDGi<rK>{D_UTA1{-
zBq~F4atb~T>nBCaPrM+NelaQ(t;k7o8YVl_)~GoYL{G^HPW)u_NuSqR>tsyad5WMx
ziV^kinc|PX3G<*~&>|S2-Mfv}?e%M*4OO)*Ze=kq+qV@VCwq<Dhh$zv)zy7|I(8ok
z#}&t<8l#eKsAY%Ws&FCJ9)ra@B6<gytw0d1<6HxVnxO@{S$_uM^0_pkEFO!IK6cq!
z#+AxqrO^5%JE^DU{z>YGst?}_Q`M-osUnO2VDoPs{S^eBPgvkLdK@bqsCS}2?fmfy
zX!5`KR-sbWZwh9YDgJFP5A%Y1kA-p@oS>8M@#w>~_Fb{KUrL?BYm4!imc%qRwjD|R
z;js){7jh=^pCN_u+Id>c<JU#GFI2ZD5PuTI^x)i>(OpOoy^5vR{|WyW6Mtj%&k%wP
zw{ztx&&^=WmPO{qz#%#uyS{v(+<6C#$fPUbza_UDly7zGkL;oGiaqPwSV-1=tAEj%
zS$$?7ynpegWhr-X0-4Losa`DhHG%EqXUlMW4xaxPFeFK)jM6^dJ@!rNw$V&$D^0s-
zW#*p@vf@c8a?mR|`>PgyJqDfLtHiUVK6juq_*&|c&PWh+rSP43CD-y&tFmT$kf6CQ
z4afO2vcAb!46jo-6U+YwZIIC<K`GepCwZr8%xrk^7{+1ehwl9ygDESbUY7B*d5WGX
zBZ|v~N6_sB^iU#>3IGEKhd_Wq1OtQnr9}#QI)OyZtAzr!NS}gwCMM;Q2`j6bI&A>a
zN!Ucy0+Z`{rcTK**u{*^oP!d2e`%XSJhe^tv@C{N6XSSxl`&MLyrO9EW>tc9qfiDU
zU^erDyl+V}Sg&~#nGt9@tvFN(6ZLuY0{_=P#9e}A(I6US2`CX9bsz>1J`Llw<3;By
z?GyS4*ADE9J+cJv5*3u!PC3TgYQEkQc-HG#Xe5vHgB-jU2-Et)xX`lda(ng<IfrmF
zzzs309z;~R=)EqF8`tMNn6pv4?*xvRcyt|><n)&M0$HcXn$=zornSaWAO<Q$xV}cn
zWT}hSOY+UFG+;i+fi^OlToWt3w6+4w<TIzq?8I!F<QHDl4SABbOxRmSDGmS<1yIIY
zV-_VK_qLK)c2sw7B_$qn2o~`JTLs+U1AHc+W7^ZyL|^&ge87NCa%`Up77cUo>2ut<
zOlj$47Y`KaWzO9=R*D%$)t+4FW$xBXt!nQJr%_cg6^Z)l?>EHX)}ZUSc9<)Zu9_SE
z{#<{McWna64M#F}d)hPSx1A9s64`<!2?y<890<yBw&eSI`+Np=T@V!C*zz@jgusQ0
zZ0ngHXlxhV;lNG&eR(zZj?j5kyHWag!04|92LntzFy|n2T$O0j`fL2y5n@X`Jmy05
zSK=EjL*{Y+ZG)Fxtlt5tZkzW*j~YMW;yf;v7Z3IIsDwl9rQvpJ$je0pf^^Tqos>A5
za!e4BU_Qr<uDlT)iA_aCU<q)9cOeebph03pg(&TXV}kThW?fs#xh9|L5Q&?!8oGP+
zpfu#xxk@;TbEFyL-{LTP@1b`zwfgT0Cu1oLzYN(lm_3a76@Sk2sw%i954f<}MwKdN
zGFT}f_+u?ZkVF*1BvTJg`KPtk<COcrE5Z4XHI?z=A+vR;82Q_tD)R5^K+`I5*;I_j
z+0MZy%g(u5M;adIj$k3{E~jkn<dvoaudN=3iU+)~G{02j^Jo6``SW}Z7qMQ>E^p_u
zK#H-^!^1<Ft7$fqE*|EgW20Ay4@HO5?AO~{J+@e%+N5Z|!GOLY6n%^n<G9MY<~@hP
zyCv_k!h_*G(wVxg#Mz@fCEfCi8|={KqE&i^nh)Xn9k8RzmWp*tUiZiemY?Nbu@{k|
zn!o(Vnm4V06-qSsx9jWy<<eni9E4oOs4_SuL74y2a^o%?i8;^Y^7;`nlVe}WR2r8X
z$_-mf{_^~)S4Y)-Z8LFiyv;9bY^XTCx=7={BPyc53CG*`av14MfpPv=xFvFbVSZ34
zM0>S@z>L-}qdD=sQl!BL9!C@<X=j8f*(<NXiJvMp`d$a`^OpmGH_z&LD?A!l00%Bj
zjrN9DMNbRW&&v;_=)#9jtbXr(?%GUrq}SC3q@_yq<}+GBCFf72k1~0CjvdM_e&1X(
z^;R&p3Kfy&c(~QqSJi^u{*mQ?J-+xTP2(l;Hxeo*Qt9^gGqeBR!hdw}n}Ad&axqt&
z+Z@*gHRvRG^jNOXa#QGlJJ!1t%DSr9HBfU9^#+|QyT0YTvj`g!xK^s1L5UR@vBm{2
zpvbjp@p`1^;U#PS4D!Le9D*YKOJS&SVRd-Ay_Z07>E9~-kD%@aSLVew;WI$TGN7Q;
zW#=PYPHPO{(=#YO|2~*h#F<Y8K9W#a>FO|T58}qeN4RcT26QZj53_=lVw>v!SEAg_
z+Ls!KgYmN+ZpO>Z!!o=5$GN{G2Lk)xF)5|Dxk_{JekE#`qS<8_56Z;{p+f4k|1Y2~
nwIZJ&5(Z81^QZ`}mnHvQ5(m>a@F)L8)z#J$#g8&V-<SSBE#f23

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/aufs_layers.jpg b/docs/userguide/storagedriver/images/aufs_layers.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..45e959f612bd154d83329588be724960e0a1b885
GIT binary patch
literal 82675
zcmdSAc|2R+*ESrb#-e6wh?de)(i*EYskUmW>S!iaGey-DM6^}&R1_^L)lyYMTJx9~
zf}*II1d+s0b7BmFC;k3@_kBP2{XT!Z&->qdlKnX+pX_t8*WPPg>so8=9E}}K15O&<
zGQ0&~VqyY3X1oALM8GpWn42>IU}6GL0002&09K|;fMbj+PDV3hW&#{%oS7KyF*EZ&
z=fBs0dnf;O{rAH?J^%~j#JJ>Xy~qDw*MIxzKX-ES@^$t0V|*X^5dip+bc6@o032gt
z`uqO(!F-(g@4?E#!hD>Km5uFhW9Q)FU}xuKXJg~!=H%o$!8q7BczC%_@ch00`;fo4
z|GkUxKEck${<p{f-Eq_e;A3Y>JvPD2bOvyYkBOO&=?Dt|GDdowF+YE&=-&s^F=m$I
ztc)RXaxpqoo@5N4nfVxFu*X>#f-{9Oz6Y@I9p^uNNtadNo;}+cA3>Fu$+_$@*MBq%
z-S4N!sy=!Cii1;FL{#k5SvmQ0=M~h{H8d}4UAb{n@0PxSq0xhfkIc+1EUg?Iot#}<
z-Q0cs`~w1ELBZj#BO;@sV`5WM-=?K!ynCPd>2qHGmx8Z_-^$7>Dyyn%YU^5Bv2E=g
zKRdey28V`6M#si+L=t&sc5eR9!XkBjV{>bJhqk--S1u+1^S{LUPs#p=Tzm|<jxpAN
zh3&6gOveHljhT<-_~}cm{JQtp?0p2zsJvtsyq=u<qnSfS^*%-D$@6|rVOcfeS?XWW
z{*mneonWv2KS}nVg8i3VIKT;piXP)*<^w<g2lP*|=K%jdZOp9*X*e6Tpe+oiXjNN7
z?MQ4mJN-`0T5wRLbuUkN>FRuz?{>-`>dy)Jamq8M&ZR`{H4(aGRvYrf<`IA!72n{N
z*Xc0pVllY(Iq5;&`VeYO*7dzL;`x|vinf{NYq~$m9axD;(9!mhjcN^ciBikL3u+MW
zdC6t&I-j}i6l3wJYlh7HG6yC^8zqGw0giikM?r8YVJ*U7K2Qv6)=WqB{*8S{{O<nt
zTHjlZmC0(fYEOV!$$jPX_?ww!>(Hby)szH<=l9+Bsy-01=-NS2sA*JqIZTt-`<XaT
z%}7vxug<G^swzKJqAu;rCf9zU@YzTBgzmJ<vRexe4|(aVNTM<-Fc6dkmWEZ>UO#;j
z7Je^wPW0mV)XUS?#j6Z;0#I*@j{wv8SE`ry$v|AS4Hb)!re;K<#p!n_JFn@GJlE}K
zogtpW`A&K5Kdyf~|1K-59j+>@9nJPp93mPvou^oe=!I6OC&e@<QjMpp;}7|1W)MC*
zJbuD0;}mAw|Cg_N<81umj&S64&$;VmE)KaYQru6LdcL60dooZ5mcf;(`QJFmGTtW-
zZUp74#v)@zlS}ZEVU9NLZ!|J*@WW9Tu8DWsP&8*AKX*5c4J*&@z^(}$0o?Ve;w1A(
zkxm12TkhgBJPuyFyWOB1D6t+GAYq;cw>kp6itC~5ljNgyB&U%PVJFd`MJUgvhlzE&
z<|#E?XxX3siR;dh7bg06ab8nGD!UiM*VAT1?mpi_(G+=7N#6W45q+99h0p;M0UgT1
zgb>oM;rbrNm&3~GvkB;arHLQ1JX~K}`HkPa5Xd$k`R3~jwXM3o*9f+=c0(`kti>Jy
zSm$W@pBJipXx;5-Vb7~^;t8C4ib198xjyG%*%!$=Or7~r(=)&6KyQw)7ALZP+FR82
z22}sxyQ&;L243?15Lmkd+xZ488(mTScsOzdC`Uzt&%(U8jYjpUSKrqrjvSsAn#_(~
zk@#)&@r`Vv#muc{nRCw!no;RG@(hi`mQ&3m(UMF3bT%3mElI1?$<z;DOHsPoTV3?&
zC&9r2Js=yaVUe%stB`m0Nx;NOR@Id+DM>fiexn??YW;(OR`Am_b<LKLtGC49PGoQ4
zFjv7dCWt-7j0zn4LBBz&mv3tJ`f*3P>Or<LSe(|T9t4(!-=?1Vb|p02a#*^i+;g()
z0{inuwAa<8j;CSM#bC*#X#@(jm~)(3l|?QAb|_LtOqoFA%Kjn9lRuNYx${)=+Q&bq
zaNPINN^{`za+YxuLXu2rilwQP4kD&an;;3-q#|F@-6)AlavK(ulF7C->`p-NhXEXJ
z%4(unwOLKh^peHui3EYdyFRH)LXumA(35Bsw;JBla#c$HAj?a~m?}iShT%uZyZvay
z1_H-5tn&C4x&*vevChZv;@-bB9anW?f74ni%HDCo5ouVvE7YCWdfA?0ajko=&3;Tc
zhSy!Af-U@5_}Y9R;ux<<uIa$GBY+4EystNm0_gxLT^pp(HY`XqHbmPkN4Uxs3sie6
zE3iJjg@Vv-Fc#)^7HKpV4$0GOMn+GG)zM;zihaT`=6!b$cDA^Ik#l+JW5+*a_C6`c
zb}3&!mQb_OEO_|ip4wU!PI|9VTiugBzR4Dg<}o29MGAw(pklB=;}q;oo^pp!iQxR+
z=A<cuCklc7Po+CIKR036<S6>BE5^EEjBYlm_cnaKxd-<5e6{kvhOA3|^2oMkqV_?g
z?8ZQY=^@A2{U`7n2h~Ra#{`iM;7K|snh!I?hvWJQQktn4xmJ^-0eg~YDf?P~_FJ+t
z7r)Vr`H&D82XANuAtFLVp;@IJIdo|n2c*T;d2t;IgkPt+Pc+YPg`IT2IMK@ci)WLA
z^CaCtHu)9oTd)hm>c7y9rDP$DrLbuSNp0*)dERFoWPf6sIvdR#bmKBJ;u)Lz!qB78
zC;1a7Op5&C=5kuqhD#RQ?BIhJ_#CZZ{|+P?!w*+R8?|mLaXpBf8hwQbMR9%T(8=DG
zFe_*?4flnc{;t4_(w)dquBvQ&LT^;4P{U4`@`O>JK%^v%IdjD|e=DZQgE6z)Cj&PK
zW<CK(Hn~cguKepG08xdSSN5|QgCBt2^nd*;YyIqcm1AiCdg#>E1q|Eai5^Ni_jN6}
z8^bb=0Iq_k8+1d3x~*2Y4~rZPtF>!;eP0gLyPv-@=+^Oh^y9FoTwa}P5VF;K98D$?
z5@beXX~|Sotl_DjnDM>#LY8fl28Xl4EKgC4C0a9~dNZbngo%C*dx?;x-x+X7ah*Ht
z`aUe3bjS83LRb7+Ph}OoHBdY0OyiYUOv%H!IduI~%ui&|gW1`ttkqs#GH=rYTG?)_
zM<fv*L<IhjIi2)ZeG7eS{!w3pcGgSH>W~-&cMk~?kq#DRXwj%i%CDO|l`ae|DrxWA
zT{s_II7zqAMY^xJ7CxFwv90PC{L@^uzgF8uW1e1~VxdUo=XR1or#$+;zGolWvL2hm
zR7|~u_$~2&TWO!|%DyC@lcrB(Yf?;ljhk&-Mnh;3q_&#ypTbkpL-w_=WNIWA3;*ha
zmJAEkF2dpnaFQO9PgkU{){;V>FFf^w@{E}l5+*b!UrmYP3?&YP4C&{#H{441|3oZ5
zF5dU7#f~F-s)fS@*kT|=NBW)2OTnYav32)1k{4eYuEQ}hfp1k`)Nj1dDnwsE^zHx!
z>9_0NLixb5ut#Rc!<U1F3%DB#o8^PdBYHQo1+pLWC=&Z<vV;{a(oc-Ls~-UfTMrWm
zYc+vgJv{d()2X)<WZq)lKUrJT|M6PSOnYYNRA$RX0D)z`)Sd7Wtx9WII^-^<&L=oh
z&7<?EX{c9ldw<qCTztp<SPO6Uv$1+LlXI+kH#wWja?M4XzU}qgaZ+5Y7-t(^SYOAR
z?6^#Z2{M+0s@j_Ag#^Yoco5SE-(9Nj2Ysrpt#4Vu7E>?V6JBW1zYZR9_t;Zny*ZF#
zuo04F+US0O^`9*BB;VDp?pYR=e`)B_Mg}=BX%i`cn6eZ5eJE>(=s!h>GM_ekS%h~Z
z@G8>{R-|&3ws5BYzEW?9)mIci?=Q}KG5std;N%~My#iLT7NX$KM!^u6`E>qpX}Cyh
zm?+H~dn&CeiYWc&R>nz>WWCdVHR(&~HJDh7_p<E2A}qwV2k+hc^I?y7tYy`9xDFXg
zm!g3*Tl9ulrqrmII5eT04J*=b8=B#@wq<?Bq`ulWd){@y63T;d-cO2}(oC{SCFx`P
zPRc$prDeG9<q3?TDf;KWE5d8L=o2Tej3yodnw{ZJMKINEQBQ}~?^BDX@-gvr+3oZy
z%_lh9Ysixe)7Q#Ugl>LZKASjksZXr*1_?+P66j#K&dQ|rNg0w$D}-kOtwD34P|<RK
z()UE7orWqV!%TQDC^7e(Z2$>jAKc=LN`Le^w#%mtXi->%W+>YhOwp|hSN`V+Aa>YO
zEp?IhQm)~z|8S*tUU+^4a9Y6S@wqL1KZlcX6|1V6_&(W79;i6H1V5QYnw^aQP9t|9
z`1U!kyrpc>|FOUK%-CHS2?t42tKI$fBS6(?J17!)TrG?rHrNVeLWoY$Qnt;@p(1eO
zl!1ZXzRp;KGihz<j*ZSiLgXkvpXeP9ptQLv5k*rt0>p#W;hG28TfC7+fD@ax9?*l2
zr$>c6D}nq6NYmd=gJ8=q9`A_0>Q%FEiu9#+pde07$$}9Dxewd;n?Uo3%&Psxz9P6T
z#mh5<Xo8FwZMReZ{uc$R-9q`@N5!=pzMP2)q}sEF79ynJl37hs>_ZinI!<KMli)l@
znR~;i&zXCD&sh!zi;aq^#UmdQV{|rA8GcBbLQ-rcAwo)GPzf!*fTYyZ^{Bx6G^-rR
zR9pK`&0iN5)OO6j(5^XZ7<+QO<70c**01r(*9Nr$q6U)lGgd<O70y$5qjG66UxBAA
zCS2dZ>P%_+UmliMuCLA1?q5#(_-GgFJkcdq6>)gQ?tgPZT^*xHc8tq@((Ap=odNna
zS`4WzbE0|MHtc@n+?48nVoo~;sYrKU(?*x7eaLT0vxEpZCatvZ>`PV}@MOHg?t-Do
z^<84^le-<kZ3mGM_p1-Ki)hBh?owwc6H@$C@7HkSLYhAIlxO7*zT^!0M|PVGzW3fK
z14nU5<1^oRUoo-P7V+Xk+INtA#NUMNU|PiS_{=xouav`5Ta~<$-v@-|wbvzQJ%%D(
z<2w^IR!K!m>dLdBo8tmo!2w42pz?l%5~5ENC<Hf@`YeKlL>~%SOk03EKQ7+ITVFb!
zxX$o%^Oxl>H%XXfU<u)=a05zJ))##S9Me22M$9zpls3(F%-@;Rq-DyV;GMe6oD*8q
zrE_E78%EHhB?slU?q8)}AG+XKDfh#~3d9d{Q<{%A{BCo>yYNCY`|ftdliSZ8Y6^88
z4jcihkqKebIa7*5m3{G6z{o93c;=UH()|s(#H?nX+PvaoVQr5R<v>DkQ+80g^7_U3
zWircv#lO6&pY+-nhKhaM#Dx30A=y`T&M}yzb)lCK1GGXIpcUuq)zx)|opTd-x@l|a
zHcgvi<^9_8t5|~vIY}h6-kB}h`%~S%@+4t#`({?4OZNO_NyR3NI}l&c0sQWj|Bbdp
zl8YfC`QfY$>0%fBLxm}Bhcdr~Z{C|VEtsr}TdtK2O~cZ(5xp~x2a2FJZhkz`8a6;$
zDW+>lz4fnEF8vhZd;DWmuZlq;^B0+!BET(nX}(xVw+b?YH!^%S(zE(<QY7@)CrSY}
zE8#jM7I~6x0#0A94hDZN#!ujy2ENQ%J~4PS%Gvx@Si(~$wvwDQUPW$4gHvryV;}+*
z7BeuyzUu8^=_pf^m$!Z=Fl&f=S<lU+4xkMVqQKfq&|{mZ*N4hf@5lil%@ZW%zIRws
zWU6JHz`8m&*!TN_n8t^nIM3{7&zp*)0c=5~3@5`GNb=^R3wlesZbR7Mio_2O+V-ZR
zay`ITsjaT*R%ww)$oQwaYgOwyDK<TloexdZ&Lr5Bd*L5#eaoKM85tQ5ONN*gba#7d
zP9ja<PiSW~+d7wJquQsgP?E+T4WXh?q)O`#V{;}{utA4tyGrnooeIsH1;}=Rt{qBV
z6Z%ucjK?RP<h~=SZX9#s<vlCsBzrfpSJToL446})if#~!8B`qZN;BWTvIylui2TXi
ziGjFs*?M<Z4C@$gn`mFpy4{p%UY96#q6(jGqvn(0GfQM8R~H}T$zcxi!@Phmpd4FV
zA+FOD+j_VSwWOq?-2;|ic?8fKC<#xyzleKX)?54Ng4*(QK$@M~+0d%7f?M3xgwVcE
zU<tTH7I8kjQt6B-gYRNZ3PsKw0W8q5A>CJh3h-UQzVu0GRX}(JEm#uRj{q+CqzI|g
zS$8u?B3N(X3srNxWlMW+H8mDec(xu!@KEDjE;s9#W0Bu8+McBo%C@tLT1!1n6~r`z
zP&KA-blR&$_T{$5Rh0Z%$#6q`<$2Kr;iu6xj?F@GM*x<sgL?2eIQzjH#PLP&MG8-r
zKc%28=K`1=EE^`!*o)3EudD27%->9pWCo6(B7TmN3QD`7n8rNIj5Q(H?(}nw=~{Pt
z_SLK%9@qO!H!mMuJyd|-sJaqaFo*l&>!GpmWdhS9KYm|^XWQgk$K&VthuIVpSGx5<
z&MH_D7OQj}6b<ETIQIh|{cqGjb7*%lV&rVHRy%-%4y3hFxlE|@bipVys$AKC;WT8N
zt*P2hW++pQkP!HwI=Kc)N+B3kzkjg^sWAWI(WxBf4vmLOLOhNDV@X)B8bvvY!tlt4
zS4Y%81RC3d+U~mxR2Jum49P`~-hbW9U)(Gv_sjFb<3gLryOsye`9r90gN{J+0vB=b
zxxPjQt(C|kfnNJf%0U=Q)mrkUEH&&iLI3#d+|YQ8?Wbo=2jmE#CU_`Qv$?h+>Gi0c
zkT-+xtXrog->UTq6>$H(_H_0vBcT?2BDZM^l~MtuDat2;4y9nmWcB%$1J=>)0BUv2
zijH={VmC=YjNckRNk{+>KFsW1CNX&{wd%hcA?6v(nrTUY-RygXtn$Y8;UHwGTAyh`
z<e_*y4MIeT+R>CZtQ)9`_@zKq%dW@u=vRZwbHY`zM7xV6SALQ-9$z_+^aR`4Wniv1
z#)EoBy$Z_ck~DeE7A+JGDh^v}BY3eNqeUJn=2zkC-~AVaftrxzo*gggK~gnG00x!t
zh!OvJ1Q^f!QphsG+ralK?pT$G7BuS>n-vXu$WhCP85L8n9ehA-hS+M5v6*bmAz^~F
z3{pY#8VLC7xBaQ~LLVmw53%E`rTMW+w5|>bBi8j9=}q2o@k1^{;0iAl*@6%nx_~$}
z0gSfd-mcBlBLYP=YC}F=Evd7~GO>b`w}1ahDSu+{{<on(0Yp(`D>lPxf9;d}BBjiX
z5jt<_Ct;kIk|bfPCeI-;KmkA5<j>yAJ&F%siL;CWnr^+!;*PKG>6Fj6rXeZq1aiag
zBY-nqml_x)ek0S`I-kM_aJ2JJb0miLcW!)a=4xizm5ALv0&Lqc5;aM%QIh<!dMTnG
zC~yd*g%H<Tf5N5FiUVh=sLTwCH{-^VVmz-mBkRM#nfv-eiZ%z}S;G1#7X{OSR%6@`
zJH$eG=Z5lW+Ih4=k}84L*KUQx0>yy5*Y-wo&o$=Y&RU!ent1?8;qCg7U+1EAEUEaR
ziS|lWG#JJD4+HwK<sI(pj^Xg6D=@f?wWa5<;L;oD&AJM_b%50azU$VxEhmzUpplH&
zkmf@)F*Z(Zw^O6axZnN-s?7RRP+#8ViM{<p`YxE#h0H>_Q+UVg4>^M|706hOi*+cZ
zrLbV(2q4)YR7@+il*Mf14ag2ob*UZ`vMranI!H3jIHRtOc*>g%@mj+<kn~qdDB?}0
zOe6h(+zWfkKd6Tr#NK-QKvKwon#bLRos4_dt+FHE-wWf&%f%ZJ+8OQ&Q75n<Pq4XE
z0>RPzN5pR3%FzA>QGR*LhvBuJyYthp(-KJeDGU~562f3X;~dg!oNsccF1_%L7ie>_
zqjSdc#;4;d2twe~&Hf<)dkL7R#B#4H)x4+qB!d%RhwJrkFLJ*Tb&QXtqQ*V8dq?Qj
z`wy0Y$2}{cQD~7tuxOd<gM}-|*wVgOlyqd5yveQJ0qd~MIMx8Zypl`K4_%&=tefZ1
zZ_#!&5~yq2c?bEQ2gp>O<b72bIE)2m*J}u`L3xuR{I9yDQ3BFamo@TVT-GS#wZaq+
z%{@n>Op+ny1y16gbA6>~<-@*Fpb%Y`n+`n*J_9qcuRa-?acwBKsyg+=oo(}oPJ~Z3
z8Q^0D<U{b7P}!P;y^<KQlpAqp&`98`n@E3iNKhpwVhbl{Hu<50Q>9hM5B2sjLx~~|
zfA0{aHoYUyQ$S5s=nK@*2uEr`)Y%&9P-KV6_ecv;P22<ja^-4;4ZK20*{^u#ed4`$
z^}38(OJRLv;L9)<OSB|hd0-1901vJnO|h1Az~1WZYt^(ev{=1eo~NSryZDpSFQ2v0
z!U*vg%YXADM%H04bO&7Yn-Tft($CdX%3<B@)dRK{UU&qW_k&AVH?s3SNxwi*W_hkI
zMzwlJe5V7dhbp<PNx*m=T^GMI33=2zg)DEzKj6*nEy$d<*&x}O73NG@7}<p`7)T~y
zd0F9twG{a%x(Jb1u!mZ<L`+JkDABh}_t1`8y4e6dBOXx^;Bo#n*zMh!+Yt_Tqm=c_
z5#tG85&dBm(B&<P=Do<C%*9Q(F?F^vJ3+lT;L4?#lId=R^jJ?TYm@x9!qzT7C1NFm
zDh8L((TH}A0=#G6Gm0rAeKFk!>_9;nIbGb4Pp2$$JUG3Or7mRcgvPs(<DNzJ3YyOz
z`WL{jA7riSgpp&^zaBD@hm<|T*&_h9+HhDpvP}bUnSm^G?f>wlMwM99zw;b1dzJr6
zvl1CmmT(qnemg9cY$^fMUl!ju0<dpwnqk~0s}G!M$biWP2hoY(k*Mad<$g-vZ4-HH
z#uVtsYeRnboeU5EtK<u%rFMFc%$%NeH;LjChlk9M@2k+IYG@o3Yhy~u@aC0x9DFCG
z5_|96Fnzza0C3E3+DK&a+;+z2uBjf&(48<PFlDCF%dz^-+G_REj^v8aI`7I^243Gy
zBC@p=nX)e+xJKu4wEuiU*A6L3iKIv}-0b7aZtqG1ekkOTzm~pZc+k6W)g!>o4KmxI
z03&akXs%Ve*(S6Bp<iWdg>0IFFNP6S!f3NV$|mr{5ujg()_eqb-FXBczh(Nr>Gu#w
zdC+&FPsb-I3L`S~vso8>O8P{$?|#?bJ@H`HLrR|-(*|(4n|$C4WhiwfVu;}=eiTl*
zB7lQ*i9KhedUvO1f!elt$)!k@fObcx`}k`U4;i`dUPg2swX#JOAc{0=Czb!X64izj
zge`3+QNv!SW!XM}Y9Q^ajZ2KI;ihLg%cg`XxGI>-uHuDaziBdpi&J6t-h3X&3cEt;
z10uA|_5sl}PUl{p)t{WRx}U6;tO9Dei;O&-UFC5OwXaPSievYUzMn{V`G_vUpjf>W
zLTleKxYX}W44=nyV1%7|4Rv-T7g6XFL`pE46W^>$pUrquWUQPkoA-$r@GXKX9uNe=
z_TjT0(ZVUJZFQztQ|1X+NIT&KT8U=ejBAUEY_Rv|{?Ix_aC?rMvYzS?R5fIZ-PVA~
zCIl|S@Zp&_S|ek1uTxjU?Ws}iIczl3JQ|7!X)?LLVMsO04<z~87cZ)e-Aq|DDX@%l
zlS%eWi$2)w7qimjO5|7rGuUXeh8iK-st;S#sbe1MPT-@55m8dNiyRZS#nkQ<uv9^_
z<}Aa?GcG(c@43vztb=LerJWVpiLZpl;FQCu;cZg<v<K9p2S{^j!D~;yBI6j4TwQ_;
zS~z2XS7SswUw7`Dxpe*8OX<_h5E7Cu*g;b7!(yWAOk2WU?};R;nMQ$m2jD*bMeaH0
zJ<oa<uX&a#3*$sbaL$^y)0ZCvj2!_Q77f@YE0H*KFLdns201<9OSgZ)5uk-lKJlsF
ze!;q9I%IhxL_$R+5@*no!qnWWYH20Eto@nh(LoTdOn^Mh>>VX#L{wln<JecCGCu3t
zdj@)o-wJeEueRm6G@Ez_Ht_u*Md<?M@w-Eo1b1Sw14V=`jl?ksxs*@RK4cl{y1wHO
z01mDHk)t~G0_;g4&;=R#UJ#=bLg{Xm*$$&j=9EyoTUB8h&5>b}&XQnpzv`6vecSZk
z?+g;>gms@P8;h{}L^@4UFmxebC@q&#O|(TufW<8*7y(aismGM0l*EufLvt6d$nHs$
zwSBWOg}>2mtW)!tU4GG!<LBT`#|9t9?ekhN(mujyR@!&it93&(JMBJW9;!y>hOaLc
z1|EMa=i)h@@YeE};4$8JL89|LY;=Af9aW+!S051=V>KFaC=CO)+sRN7;iQKH({%={
zwZ1x|>8dybBNMM~1=N)OuXDt=@poAfX$++@AK4s&^3pyNS90R00yk)txpZZ!T!v?f
zcs-ZTH+>0;yIF>mky^hRe-R6e{J1&oNBjp<+=D~Tuuuvsc{{~G=VT@s&OAt05AhZZ
zPD+zQ`#V2&nAO1cue78XJPE>S<qt!qQ>!v}nj!pdI|P0mLm%pcHYwG?!_&6#Yx~E`
zCfZ8Ig18*1;}Pq^Bj-v6_`H1If-)|&6@kfz9P&XV3<vyKR2xA=eN6}!N3O8qT->X`
zsaKXQtmGT@ox(TsJ+ydl^!3)+43>=N*xzhg)X_suE^2Fw9Sd!iD0zd}7oo#Vz0q<6
z;93Qrp;^rluq)pz#D(1K-`$z(517KMc=1KgM4Fw`Y09e%<zpE5AuXILK&oC&m=5Ek
zn^sb0F)@`TQeFGM`cZlHvD;#v_Q@_8@RPf~+N$XZf}f;>-aQ10K%QI`C+l}W_+hQ)
z!zeveELhwQuF*JXA7g$XJU87VyL6sWvlU`?lRPN$-PWRUlR)EH)51}V-+(QKMXSKP
z*f$R#53&rSOj5MZJxM%w+AlgS;E`$OjqY-R7Z(9+U;Fh00r&I-nOYcbRxopZg^%QY
zEbDk8gx9q$pctexQ8Bk@{k7|9hdAOF&vReQ#}2Uh{_VpqFl6`$;MT_jccbZ%yt!Nt
zH3k~AeTb3|Zc}d|ua2aax|P|S{T1XYYxp=*EbYB*AS=I0*{00k;W?Ty*6P-0&1i(w
zA2c_z4VTjF^wnmmS^!^Ml^j%ZiZwzq#yl;Wg=wQ&-J^8}$_FKy%w*<gydqPZ_(RjV
zth+M?7>=g<>blyKdq`4?L_m+<oovUqxsDZP=;|uez`Txvp{CemqaDs_4`dBg1=8f$
zV$_pf94eHJ>NtINhw_7E7^M{SSy<Mi@H;7^Cgy{v%>}crkz=b%{8kJ7E%B?rdX0bV
zMvFr#33P!1n}a-c0*-UN0~>6Xi4g;fTEI9vU0&&5@!Q^TS5aH{-0x2gesO$$#@l@d
z6+Rj!pzMXh5FtM(>e&i0+p5HUd{LxxCt)tAUz%Cmr~2xWYI7h#>@4l&DOlWXnj3Ef
zd|b1;z}>ve{g{qs`gI*HDN?|y_;;;#SpKpku5Pezebv0m>`osP)c1pUc=aF#d<n)z
zUc)Ad!o{egFZ`^b@i@c>Z<2ACz@I?Pfd$QxfG~UGeYr^2*7RzN=1BW$KLz}E%RBSS
zB@8VjR34-tROwfT=#b))(Fg>PE(eXISWnzS-~$y1H~hRNqkb|6d8SE<(MXNfq_aEi
zm*L)LXr?AK4<90Cayiv($lD&R!>f8;;zG8>%5JS_ucA4bdlVbzG{`730e(<S$Qq11
zTUd*3h_83~>he1M9TL*^VXQ;6PpvVo&fIEuWohhc+3@(n>~5fz>6q!ZE9M|2%t?}&
zIG0~IzPMATv-cJi=qWCHpQ~s;D<7Z<QRo%iOH(Hw0eHfuGc(s-p;-}KIRaT&-0e|d
zIUz>GX2``rmZM1e`;Zd6MtAnkQrpvN(Hkq!TZ<wPKDL%~j+JE;YuJW+P}TaBO@cII
zcv(+BsVZyub%m~ZxzeD%RQ@pTMH8|y=s0e1v19+LnsxX4mF%bF9yf<u59;?nQrFs~
z+SY4ry*-ZrC2TAHMt$gxZVVq}IvpWL6)vGNV>5vXYPRz2<`}UHhaehwZpkENwYNPa
z^vvjOjlg8KTPa!&iL;iU{hb69nbVp}$ZNE-f$<QxH5R(}FjxUL+Iop@NNXgnsJ5D^
z(!34dt0i&a7Bcwltd1Mbs!WvI{v7D)?M!}s_oL&%B}&c?X{#gVJ>2&TU8}O69;vV=
zoEzlhJMZXu+&MzTS<`V|t3ya=cBfsJs@YvV2tK75j=+61k;@NOhm_5Dd0)_--L2_m
zJ*e$ahnmBCb-LHCZ!dO^AN<;_n?K}OpnfK^F_^BM8ZC?57gcRVNCNXh>7a@-%65Xk
zheKYc4(iNAdZwjpnz6Pjb48-iEhgtJTkY)&!xzx!5k0~C9#$bYD4MNS=}}=PV|LuV
z{q5b{QG9>Cl|21*!#7gs4?zS4R<vG9Uz%2e5Vz*CW}E{?*H%~N1-x|5MT*?d3RpML
z>Jtj<*n#k!rpRSZ371nmJ7V5-9OMcY2Kfrba!37I&$&E~=Y3KC*6H~jULkN>y?f;b
ze)Rj5PN;rC#_YrfkR~s`+(=Fu>zjUy<fa><VCGmUQOe}Z0@1icr9H%&?4<N-gS7K2
zxj!GOepmFx{gbKPk3)~!m`ARn&p=wb$JOIN$2-W6&+f|#2WEise;fhQ5snEb-@4Gg
zM@g37g-g}bKKO=&9sxKGl3qStX#tJ(z6|w$w!Ev|(5z+vXulM{liTm6>0f}HopAr=
zsdyER0e1xH1tq=qMynW7In_oh`XZmv9`wG^sXCRmocSV-d-hGzv5uM#^^waw&rAi^
zVnhg{xzxNkBDW^7q%SI<qs#<)uQ75n8@_9h>)52#(bETi6l%Nid;`>Ifh<<G^MKUm
zyw~%Ah$^FHtabmg9A<~<qE1l^9#g%h>^aOT;*vIl-JK5zbf~uSpX|fxQeJ5(EjNfx
zfpKW3hKvju1MWHa*jxQMa`y}z8IqViq@a|yTDd{r7hKH4l@E5WYa1!X(#-v-!l7*U
zy~QnI%A*g>jsP*ie=;&uo5<euN|pBbg1{YJ@>JQO;1u1ihI)%2;fCQ+@`Ij@4&}Yq
zkh9eD6Q|L`sXXD;*&FO*I@aiK6|}Z6VK?sfd9-_DIoL#K?n>HDyB;mwq5L1!MUQ<n
z(Z~<3%NT#I3A}L4VdGLgGh%|ASxZH1kn+*x?mEl`bV$SCFR>a=#Nq0cQ-%+b<zkIu
zwL}V!ZyV(CYT5`o>|KbH^YZ5URnAxv-QS<e4~oKh(44!Q%V~uTsOq-DDVw%}f}ild
z^W=oQr{H6&_tH8q>)a!HprTXYAatr#8O6~~?H*{1Sk_RRdfOpsGAKpo$-UGM_`B17
zJ)kEmJ^qc=hZTyrrEV93_tJw3)Ww6cFz0B<Q`7NoER@^3vU`Qukb3tO{$Wjdyw0ew
zvCeZFtN7$fml!EwuUw}mDjxdNTZA^Q57#$ghpkNk0iV?OPyYs$mdd(xPR?<Bx+Wsp
z%#uA47O{p_fnXn+c-*GBh`c`RmkuhfR2*05<LzN64<IRMH;{WwVmjyiK3hO(#Rk1T
zbtNseoH4IDYwZMzF(`r`Zb0)O^8#SzEf7xlJqjM1y!2)fEJ~UE@V4&5k5?WcAHcr+
zxvnme&TO(P3dO8?&w@wk{KCc<R$3~t^aC}uJ=3%aDB^BzzK48aKUn<XwRs@7ufIL(
zr=MP@%QDSV{T!5q_4Sf<$$vmG83fUf)Hqal1tGH94mg(OIHE2-=FR0W-_^$T<to@K
zgj9(J*}`vCR}5l^$I2+SGt1BwGPI$#`lhHj{PT%B)*r?v6E7K$HLCyHZH)e7-t%<G
z{&_d_se|v8z_|3fx6}zJOrg73F|SymilXZg<l~o8<f0u@bG}-X>39%k<sQTF9Ra9;
zD=wf|9ZeMcIn@c(0umRDv!sNgqrU8-JYMtTbiW4K`Q7dQzWOr=5Wu;VoaCN4Pm-pA
zQ}mstTgfY*{p;;)7`sWlHngy4XjT#kS-VrS&?Daxhl<WP1<r%}I8E2v>RN=p^waLn
zinj68+PK}H`=B1^Cv`qV#6_`0lA$2L%3%f&B${uxAG}c`;5N2>!Xno_>M-HUVHIjc
zf7H2UTpP+XM5=atg3dN`j#ocAp^ML+CbRuiN7Bw-APDFvQiDySkwOi6WRy7Ej1owf
zzJYzPpph=4JHV7SBC7P5ODrJWIbGjj<GT&ZUE#(-qU~Bc2mMiXJI=c`#Fn?y7jtvS
z+of*fGESqLQ+cXZtIsIO0!{mg;eW4opi0c5K~`K@Mo*<JE<&AuPQfc*bj&#fu+pVe
z^q|88O_0i3ojktuFVbW~S0wkjq43AFLdtwcju7o-A&jdX%HxM$5gyo8i?cNoTVB(v
z$qv%wd?d$;Q%Nb@MLh0WG#UXd@B9sS2QV%)1Zy7n;z;EenzYVMr7w+D(IzF5_Tw`_
zU5^z{J9M2p5dt#W>Wdda3Mp-c+?$q!G-;-@@_SiBG4<8&ohF{0ydm(a-ltP~zS4$T
zIf^wvODyyeyFsibq>*(rf#-9OuT(bj^ai{jQ6u>~4PSffmT!2Q=?_nNe^ky?W2}FQ
zr{!M~q9f7{p%_a-touQwYEUVUDKTn32D@|wh($<Jg-YJ?cjgkNZvHm*`fYGZJI*;`
zCSjOj0oJ|GRElXq{!lIgwwXpCG^v5uo{$cyb2L}nQsv~_2M_nm<YAdujd=ZI-&zF~
z`Cs1^OQNbuq%I)%YH2a@txDHTg1ejF&^m8oo<z2+&zY#B@69q$#Y4K=C1B{Xr0OFC
z?<D<R&CnWKQpFK~$#Oh8W4Yub)ONyPz~v3e_092)>l|92$11Y^p@>rB8fiIbDDnw%
zd3ayb3ei(FbtQ4|Va+gvc$u1BKo*PdzYyk>vNeo5-mIObF@0%fuD0HkCWl(yvM0mn
z#%#^Nh-b7&abn?@yd1G|>%2Ptpie&X8TG$5z@Fp1tHGnXMEqKO5>@hn*&tY~g9xnn
zdCJ4YXln~7Gq?Wp)(iaxdM$&sHtRe%lqbNSgflkDoESui+q#0SJX5WPydT#S=s^~_
ze)xqAmr)@G@0e)lMlWLb{kwZyc2qx%V5Tz}AuJ(A$J?Led1E@GrJKNKXIGW)Q)o)e
z(o+6X=dy8P<#dwI8%$44_IxI0no+s&Aa+C`!0tx?!BVv#x*?VMVNH<z$ku+Xx^aTA
z+=Az0xwB6{-fRCUq)OLIQXit*)Y0O+3)~2lm*X(y)rI%yDfOl9EZFbIp6l_Kv>ZN+
zPq2yRYeM-TMAMk#8Q~Bj7~g}zD~J8q2|{i#Q1r*_#twK#QtRusX`0cJIfD&C&NP0j
zHwz9z=qozxpMYx~0U~42w2~s%4O&r$IX~<7A$7)R&QcbSKU%N&<0PkeRy$CDv*?oZ
zg`Uh-MrtY<F3EtU)BCF3l+l)e;%&ypA^#9=UhHU`-y4nh9}TZm<)52qs=r!h2zb~n
z@Qmjohg2LTeTk&ho>2&tWcc3!swJYSPH46Vd*`C>-1|@03j!`xNU2&vxKN0TeWYRN
zDK`xFiXZ6whFsj&slLEDpYNXOf+mg61D%mSf)^_`2!l0^WrO;tjQO#)1BRkG*n+m3
z4&HkqBs+@jU~(bWapDKe)&rj&_!GPF=RarSNXIXWziAf{11erzv-2l0GCC`z5y0jU
zWaO02Fj#U4%0gH7A#y8I{jyBVv_F7}O6kvkPn>^PtK=ablkvtl(%ekZt`-G_JDSFv
z$h3P;={02!{dTe3*4@0YFcdjEb=!j}=@(GrFX-s2hmnsH+7v_0e!<vGDcrL$(FcW<
z`%CpfX16JS&A(>VK&xO`a-eRsZ-e(~@nlX8G<gPCUQHJO86M;)p;<e;$=n`R-Y==N
zSZzy`CrQ9V-r`L|lGg3xj`H9BL70hyB*bxARx45heVKlT+MZJv7L7hlOS_;J7gnLK
zRY_UR5*gpz>JsL3a;~d8pIunr3TTSmToaw3-%KKwBITo&8^ko@#k=<Xu0+iK3U-GV
z^sLVq;BG{=PySR<%|4|g#t1M>Blp5-k$nt<uZ0u7w-(shbbi5f>7X?96CA~!uHp)q
zMLS6aV`w{%k`>I>$Ai+Ua@>BHRgNYl?2w}*4}N+WeR5KlkqO*F^DP~oA1yI6et7RI
zx^5>y);oMX8Zpvr(CHa|x#t;#9WtHt0IoK`C_lMa&^pPcqVP*JZ;}u-GK(l)qR}Nf
zJM2)CK6h+KA;;HRPbbISI$ioosm)h*a5@bVNHrpx)k}c~>C7%qPO}bIa4prxSlwQi
zFyRN(hrGHI@<@_rpDaT+d^p6QuRgRJD_*BOJdL(0LFIHjd%{P)U1XpPg6*<=Eb8&<
z@JLSBo5r%TfZ$z(OV%M4Sr%FN<?t8cN;U0AUWZ8B;pHW(UJThp$0m=&f>!btO3D&b
z=w{7H|LtTE-)^8YR|^V<P>f6-5DD0@aI4X1#%`y<4l9=?LuF}7WOCRSOY2td?7F9W
zu*6xSUP#P{*j<i^gRvjqMFPMZ)LT1b7O4x0(<Pe3#*wI5IoXj)@iAq3Z(zcY>kHLi
zc$T+Hpm7Xi_uMQ|qX~C62L}G?SXnBavcY4+T|3^|$8<}M?>G6x+O;iw8}0M9YhFpO
zyQ+gxp6{{aWLWMEeWC}5ho-PZ>WHiKeu?0rO4!NwgMobomI~H=+~bW^Rp|#0Rs<}Y
zePj3qA`d3qdlzd;@x+W}=2AF6jZor#$V+P`m9P=}q8lFhkgw`DpU)rb5zLHe-K{<^
zNp5#Z9C0gGY-w0^=3Fc`YkaAUJ`>i0bUW4EjHDnvFIS6XK*q%zdLbc<U~YYP|1Vu1
zMDW?d^=iHkg%NcaZ0f^6*})4}%?wSxn&!!WutD3WTE{u#N5J#CL6alEna0vW%ca>}
zqz29UkiCDJz_EY^M&hxVpBjRl>xn4gl_~==wKx3RgzW_S11z?cmBVZN;|J6CQWDS0
zR7Ud-d!c2JBsAMX6#_T{*6^@XqnO3zX~g9(1m;M7uc|v4J#x-!ZdIM2lYHidn3+;X
z#tDydnnNfxHcaFjt(%cj@c6jvU1uVGuQ78YjAHK;As~g(2vs$qGSUt=Y4Ho67mz1r
zC`mX6F7>(m;LN1t_1)K>njEIUPr1i*924CSOLuF7GD3%=x0f<9`&L~d;CByRZQ+6A
zn%iLq9~!`e9t2*xcCqXBl=|>$UhL$T{))W)``CW3iT1_CsS&w{6UTJklQTCVIG1hd
zA+Y-4Z##ZkE)g0XjA|u_!W{I_l=0ed!-`=Uq-jGshZA3ZOEPy8>|}9w_K8S+3G-aI
zeLXGLyU;QTFb3mU|Ai%Zcp~;zr}R=G%FQS4aFPpUC5BPLwr~beB)ra)%m|mGrm~~)
z+*=Hsc=8NRP`;UvcloL3M7T_;LTH?ub_slYYgyA$ZkT~%8NTz9@`oIkj{v-2K|1dM
zor`LXof4pCG}SBJFdAsM<5#4;tFA46fboc&!#%om$wA^maSe{j{EFj238ngw!#<yW
ziS}R`!&RL~H!Q6VKRn+@y}cOx_GIH+Vc>=8`waquobQzUuytSe8_r4a!YEfqv4#lA
zMN^V7h_#i}wt;Bo$qMpS&N%`|uQ!aQs3$+)ovggWdMUN-0ZliEdY^1j_ZKOcTneIf
zt2~b#u9BQHp8fPuGdQ-=C!LxzbVW&S^=}XoRb_7UPx^|)sF7go`vhS{WG^Ju_#U;Y
zkh}mEomvE+r)a*ulU!h7DwTWo1NPFmMxKzP2b7@l?b011G1+IYl3oKTrg1Tl>9h<a
zvyNqvp##Yj2n#sSffnJ<^qn5wdT?PcqGcoIl8=w_M7Gc)v9{om)KF?N`s{^3oJ*@Z
zB@8bi_HhVheScr$PV4MD7KF3Lj5mHXGnJIT*3Pc;pt|`AgCLg(bUwgXGssHaM$m*t
zD_7~%JFPxD1@u39HWjfl3Q|W-{2D$;DK_6OrG&M4uf+9L!)`R2qq$;RJE00B#jGr?
zU(4e^oit*Py$o;IGtWWv0V%gbf!o0u(^*!qq6b45qA^gQ@?++(z`p7Jb7Dd2ujXBy
zPh&PN&z54hQL&?c5y@7KCdEJ`tGG-1!Alt#7q5rA9swTO$BZW~A534)udby<BTgF1
zjv!7*fpG!W`Lmq^TtV5+P*6`tM&HE#gx?&)l{```v1P;@AY4(U%a?kFFX13FqKHaN
zG+1&m6A?#cwxAGV#7S)(Z7U)+aVFKZSHStIwHHNYyG(d9E_}TqBny7dUK+K1>j0@^
z{}C|=6$Q(~uRl<(ECpu~K|CfhEd$26ZdJP?XYI95d(<z*jsLoK>?4+4v}r5pwFs22
zRH+h3Gc9fqaZ!1@5BLpI_7Z9r56har`P#Qy+;^%Baf-nck?jWPi-U+$cvzTY)=dAF
z_&AE$VWy><Q%-esj$Gxs4YD=M3E2yj$1ABZ+(>Brfy}f>lG;I_aa|3qjbz+y4HSja
zUd;_}7M(Rd(C|xp-2d)%SF=}dd>LxZqMcbFbBR&$V78+<Q055wRQdQy5YYYi#N_S0
zo`XE$@?R+vh8KJUBOU=_H7#B;%iiLc$(*M@3Z<q%q7yTv7~}-Xu}giOzJI?l>Fz~3
z+Wy=d(Ve6$*U9j9gSiUC#Ywtp6{d_)!#vj76qx=+W8ZRgt+Zsu{3m`k`pGkMv0ekM
z|42a~A8&W{{LOkwt^_45`x7C2FyMAjzh9q_zQ0txw=ZI_<kunmrQIHp)ID3iUv=BJ
zsfjFFf)beg3m>8Jnd%wgXQ{b-p=Dh7?suD&mk-u5&S0G`Ljs?l*lDw&fgDIH+Qcte
zyh$Ln4>#K4=CXD-E1fEyI6Z%Lv8#YfOi%W!>?^mWQ%bg8jee$-(RF#lM|b*M7D_OZ
z5S5*{LrGUK*h6@vA^~zg^>&SMy=Kj8ZCqEpn63D?@6ylNOTL{e_5FD6Q!L;=T0tO*
zi;E+`G}MJ_H;!jq?veJGlR3))NsGC#z&&#~CyL)NB+$b}B2mUH=TW?>)C>L~`2mdV
z5#T9`b~g}GwYHM%LQQR{%ZO25xpD1x30$J+lii{&3VHLi{UA;jMjXQ3<G3X*hdWv1
zY1aOtUq^L1DgKZPiqE>9ip{j5^H6#}5O*tA_~)$#QtcjQd-N-GNJQ6Vr-Z(Xls5YF
z@zx#okGzAZlW?Pkey}nur1cVm5H<c7z2FU!AAOR-<d9#%s`TUbDc$oy@WF~tDoIM!
zLgcH*G0_$KwN{tCi)Z{^+o<GqwK?cS$w2(JuW}<EAGRMJqs~WoGx7lY&{GSCGEonI
z&}^wfGI3^xc6%)?#w%JC-61KvPVb*0dLwLBkF)C(76Tb&$nDFNsOGiTNQ!BakSpSZ
zEu;+rVl$%VeA-?+J6G)#NQ~QcsT`7AA84LyWgW}!(x3hG@h*TdeBKwxii}rbZUlB4
z4>a3oiT{em$l=EAbc5l~jyWT9#%^yvzZm0hmF7+;W_|cZ_i7uQml0jdQ+Qj$!V$-4
zsnZ`sT7p3l2zi)GJ6bv%TeZE%G`Kp_R$0F@$lN`9E*)4_;e1l;?X6n?p`A8>;61(n
zV-uPsRDs%;`d&bpwmf}}83jsnY3uRhue*{BCY|2!M8}H7=saT!-a54rhUYyraUiiB
zyeP$NT9z(XU4+#ceVU6)saq@Tc-Q5@b#E{LUfNd`rAP54iO`jxk*7e>-1+TD<@~2*
zCZ0N;66x!key3mPT)cd>oi}*lTU7$X|AavINXR|*BK2;|wjnRhuGQ}9<bFLv-SgV@
zifE#qpqcYaJ;A$7|D&-4X84R*cI)I7Kg&)2$uiB9+BCn8;yXx$xZB>?jvQ)m^7!T!
znE5pGPT}eA8zq_2o*XUh*cUoO9lv-XSEzQgcGml#(6wm7w)P^lOJVanx_hy*mK+pP
z6^OS*Z1iD6pe6Tb(>|}+T8FCbC*A)PtJrh(|MWN0V@WZUG{*K;{E89LIYko8R^uOY
zBIWWU*@%0c4)K61nd_!wsoN<-7}q|)Vusbo2cIvCbzYy<^sFX7ClFm6qy}zr$(`^_
z)J@7U2{8%sUJf||$UgVp7ga|cXibdf>yL*T6}|OVb{!{pGybg?ic#)BTH_9$XU3OE
zS=w5MMG_eGVeow6Jw2hhoEMC8-`|qo|7=VoNEK>DwGh#p$rc5@HK<%^yz<~t#94zC
zoStx3_nh3drXUqQw)+<3{1Cagq8ljJ?dp+3m*gN$Q>o2!%@)U03f=_GNa-;WZuSgv
znG_MW?9&g~th%zLu=zu(d(p4f!OhM*kl+#8fxLk`@ItAf#BX)sy~7$9h_YdN?LTnk
ze?L=_;*gc0^Q{D2ck>}flyPHCzyCQ~f9<ywfq2=hn|h)=W?-)5CjNM`(CXGKhEZpo
zSpthPQUjXSM}Xg+ibF*M9U&km-N7Wq*-=}98lyJNTi2aCKi!C`EdFM+lx3n}^CN(c
z*hlB;37TgH|4$A2`<YE-+WQ4siWW%q?y%Dsd{So{NRk=rEY?ZQNW9_Vy$uVHzlja?
z8QQST|9`6Be}AA^-N@5r7d{hz&lB-X?Calt^xfgeJDe!nkTtEcT6-;UX1C}qbLlNu
zM<duw+0hCmanRTh=rIi)cWHw@ja<JuygV}~13NSIy<0&gHx-%2_1J4Z<*LVUUv$M*
zgrnxj6OFSscDpN*hg{TCscfw|Kn9ytGH$&xh?}%n{4VMxz479Cp4ZQL>3CMQDyGtg
z;|BfM!J<c+qMe$a%kR4r3lwUC2EGiuO*J}n^=53%k;1`EX)d3ZMov!YIuu%8c%w9A
z_ptZ_vruQ#<)2$DQd<LNUhluUUAdEdLZjO3<k<KpYiyxHH0kceZ(2=F61?u;)w^ZX
zd=AP+f4w^vH&;5(_JuX5$KI;fv)R%X|9dKJh(D{o3{&VH`vooi-7h&}>%9efS3p^y
zT8C<cJBTfIoWe0_PRKd!?siCQ^a&vqLGOkCd@Hai<2S%Ot(;_+)7vmV$7Zw9es!UQ
zBze`|l6&i2Ld@McC!E2eYNnQj@0nR4^L_We6;@y+Zug^OL1z7ncHj6t-_0*cd~S2h
z^7vx<cf2uU&ZKI3gZsN$-;134_Sw2zRUe2~f_Gj!hjw3m7W~*Hd(a#!%qtOJJ>ulh
zzAk4Y2NRo*{nz8~E^RBw^sIc`zziSmA`m_uIvZ`E?Ulq`k(KoNT$Z0Y!(B|xeL4<P
ziDnW%EA<|DpIlht{OMhceQH!Bmf^uS#GErkE*Xyt=f$nShsDm%l}=yECWEv84o1Mv
zCNyQhvY}RP{S78Vv>VO(jID453OQ`Sh;JfeGn25!p(^-CP+FmK<*gJFzT1GD{q?3p
zj_d(`Hsnd;G%U{aVi3}+e7)5ZG_O3d)$Tj;y@8Dp642FahXwSk#kJsih`o}o;-b2s
zeC7*mxg7wXQ6WN9iIJ##MS)0<qUEMp@B|5UD~~Gp?YeQgX5Hdy#gC!>hojglA?>T6
z;;xQ_WjPz=V3(ZpcQ8+MFq?Q&f-i6_V}4%3m$5y|MxuCSPOnY@_21{iAv_00cl)me
z>*Q>A!eRZJ``rI?#eUhSK|Crq9`bk2mCgbjXIus|U8y`dk2esLF0-q6Os{S2Qv7_0
zM6p)#^Vo0d^{Q9&x9g!Q*Er=f>)%Pe6Ps5XW_0go><d&$o>t|^;L3Tg^*Jp{Mfu(%
zp2oie?f!2AH9n|!sMFhbD*dCY!mEzBEg`Yd0j_xdeNOM2LKZB_)FS;xsI$zQH^t62
zmn5J0;<EjVE<O8wP&(Rk&6x3vZ<$h)k#}5Y?SDnnjZ5Vtb*_dM8glnw15RFTZS%^S
zO}=M*vM4#dX*v)kz{nlI>DGe?dHA{ECxiAwLVgEchn8n^c$GExO(sU!zxj5v&s=Z)
z@mLX$A)X%mCFR1<(MEjWZg=%npX{w-NaW!ON=Hkm=pP*CxCMS<qC0fvLQ(C^`(N?b
zdVPA?KE1fYxt4GB_F3AwE>PwjC2;I$<KYotu|vp+@yERaGZmXcL-paQk?IM5!AI(h
zNusK~+WXZZ#`NxXjm>6fU$D<;v2J{5*{JG?j{Vtx8J>hWo1%75vU_aNLF1F#;VbF2
zubp-0L7lx?^NFyz%&F6Z183h5ETd;+6~!{R6Kk|q^c8s=Z9aYb;PvZHe`x9GulRo!
zk~uXwXNW*E@H+y?^z8d1GwQvL09pa_rK&mqOm>&T*OBF4OCk(Q7zZfixUW9GrOOQd
zYkXHiumfC6suGT@_9{ffh18tQzl+nw(5$U!*HOlR-Z6`AWXyLqG0d++F#Lb9_ones
zzHc9}Lb50OItnR!BD-lrlBBZ72-$~Z8w^wSeNa(^vL=SCBV@8CNp{9EcG)sR#)X;b
zx%__r-+lk@`+oDhc-}q#7e3L4xvuj(kK=oMkK;U#?+L3sV*=XZWMVfs1dT3jQlH47
zKY`c*2Vug&5QGUsX3*-|9LqUE?j~cMr4h}e9!vVne%lt0pLT!g6F4*$dDDB~nTFGY
z?f+{HicxT@tf-icfMyRmGwtEY&xwg_`@V-mM!>++gBeDE*(~~adC9SY{@ytw*2Q#I
zl(JGCmaFG9cW(3Tllj1hP}wOJ+nXN2I+(dOA1~~qg4T0`o|Vyb8xOt<xG)5$_93qj
zGor%eT<hxgX9qXee@_6a$9HcwI%b}kjC{S@!Vt(1{}YAv4Aeh_L8W8omn!;lj%h3t
z%lC&%j970yci78Y4D1J2d8(vCKk53MyV>&$x#yk@rFOdqzvWHMj^P}TeTOr&Exnns
zund~Jw(s@nQy;GP<M+Qwz8d>$YBZMWHLNDSB|JB~iy4nwK!XEzvd=J44HOrBe4+DP
zal0lW;&2($ZT|N%R*;8Z)mw&vQ~H4c^p98xjm}VwqKa5Qa#R8Th_k9V=#uWw2Bmd=
zf<6O&K5Sz`lvFVxA9(XfVo+%Y)6?W2$~o{ITW{Lo!<MNo|GcB=KZ_{LkR(`9*4mw&
z=zRa8y83da&&YcFfC0G&rYvq$k=dBS@lkM|=Whpo1sb{d$<T(r9{C#R>qf&v;Lth@
z3P%rvLV?ra3w8#(4CWRd!pRI&I8573mzP?nEAkV|XZ<bXhqc}3JXzZwjixQWGgou&
z2^35sChD4F%T27nMM4_PCqX&_4NS7kiR->L<5NLB2dPR&o-UWL_~g9u^jGaid07Re
z{@dV+G?sOT35l2+g_@?te6Jl{!YW>U(ypbI`8+r~RD7rGy`kzkTbsNpYih@PnKz^B
zme=(*-kzXt|Ko54-X|<i>v!&dllwS!vnQsDNo4zPp#3USGAbAO_bi<FuUX(#tsM$X
zkxS_osl-nC*?$d-yi+aO{qHR6|IPQr?2wtjn6UG-(VWxIK#c%)u&`$NbN|?ji!aJy
zZg!pnw_KW(uT?eQ+Y31je}Cle8AA<$4Po*vz-gcS@x9s;ij2SF$qp4EO!r{kw!gsA
zsX{9o!AA>6FR$u3BXmb3sZ~wB%4<D7DmeoEFKR-oepMa~q1-YQgKa8XENbEWw|(lG
zD&{#i&XZ7ckc}5}ut+H5JP=r9Ox$eUN5!d9O*+WfKp#TyJ7d4}bS0^#%9qhS8rDY9
z+ZQ)4o%Zr*Xg*zLo#-@BwK{sur$7Ie;YU5S!2UoN%p|P?b$nA>*5hptk<e1*O14n8
zZE?ci(?9N<YUY$`;YF{UcQhnQ>_tA<mRd_B(74S>(iCwTKaGH3uXcxwlc;anA8fIB
zcLwai&OjTxZU6~1R*8cPfJOVX$iR*$pAH=7!5P<(^QwrV{mg_UwUTwI5$np{(Oc%A
zm&_`RxZ_qXxz*adnJa&qWm^%D>8+(zAKXXYibOD3QuDZt0hfp14#Y%hsV~tTsBIB?
zm8>B8>yBRi(NX`OHX<^f58d0=%y8M%&GJ8VLD=CHl*~bfar69dXU?&TSy61{@()MA
zduFKLt2~YDajNi|c$%O2wUqKnJ~L;!og+zx?`XX!W{Ot1Yw*r;1VzyC9U>II{yS@>
zY&O}5OOV>`qe1UA5O!NLpd$7U9k}Tg9)J_VfnAggB<Ywi;Wa|7bL}5GmJuzuT4!C3
z9Ib~hxh}OPxIJL=QS#_XEtS3Si}hzt3EDrBO(5|{?o>=b=B3x!MJp0%5XwCO6*9w0
zwN=o5IIER?X$@PKo{0>!jwIH8^B`wfnWWjO*?e_&T;e-of-w*2rLOB@^x%xU62CS3
z$QJ;U;+5b}i4cw^2zw5$`rrodz#MaEC8d4)m@d3xo9(yuU^&VW9i>*+Ajgf=A|g|O
zN4x|5HTCf;GhZH_K84OuJ~<hvQIQy?8`eYPBvw#(HfORkTDrBb;RJEB=W;u7Ts!%5
ztP`CPtr*@fnRtq!ta$v=-1Sp+5w5I@=k?5zk^&$C%_qCT-Z2_$&;b;YL@}M~bzkem
z^CuxEjIWx?7q0}6$@tsR(<9?YJA|Us3|wRev^3<_k4B-aF_g{Cu-x>gJJ!%I&5LV$
zxpyJs7iJSYtd|OqjI%H-ka_Oya5=QvVOy2wMa0*tI_251Lw~v3K#iwy5fIjcSF>hu
z5l;Q<3Q`Sq)o>XJwv%6ZuCF#e5)2oY^vCPS&h$;Vki#meStz&71VRn813kX04`7H(
zqK<~64kSHn{LSFeD8B<6R@oq1l_fL7JA$)m4t)0QC$D7gs~+~q5o$O$Oh}M6=y7|%
z#bs78V%OR{_r2j<toOr4lFsl{fyID<x8zBg@h;IC(h-Rc4L1SGQ~ewJ!w<=X>9*A&
zRBGs#-2iHOvoJQvnRJQ>jrxxBVYM-QhjQs6$HcweV&U%$c-edt6`1@Yn{(ZQm`rH(
zbv;i}Bf9^@@*9Rqr3~b4iTUa4Jujd1V)=Gt^@u7_v1{|GwfDNm!ENLfV4D;}4(mq-
z&8$_#)@cssqSu@5ISo_f-A<2L+i1C!y%RdC@Vs(dR_P?)*dslE2+<NZrZ_`r&)Vb!
zP=>@~V7e>}N?!EwTz+G{_H|phS9AD;amnfvrirW&0VllAQ^}NM-|n6FJ#M&9zbAfi
zmYSj-hW3;%;|FQII2M&$Aw-C2MhlI-j&v+T#2hcV>B3@bQ$WA#c0}S4SMt-apGD)e
zPAGE?6=FU(1NhGT^z<JTc2_!+aU%J5=i=Zufj0PKOP9Ax%}}D^`er$hL1QhgFf3JT
z%l2p`u!e~u9-DAXtlEj>Y~TH{Ayq%@Xi_=Z?Ptzfty=f6o-0@Ryb%0OVb*VDG{&43
zxcgzhR&f#bSQ|f2)&$G~IpRccoXAs>;68ljow`?CLWpg)`ULc|-AEjy-S;l4O_Fk6
zv#t>ZcA9WT=}ycc7Go@O4=yTRxMO%<JK<dC{R>ap#R}-{V)P(?S?hxxcj(vVg`gzD
z;Y$6XYvT)+Bd}A16;g{$<a;q$Zl(h8#ph>JhXZCVFx*TXb^VQDqNaxl<B}AR`qNCr
zkE0c*Lfm%fi@V5i4v407eWX)K!h*y>lVACMyl$<{9$|Wab2sK+5QbJllVtz{&d7ov
z7NDJ5=w+^W=d`<-261Y>)q7q9+C#_XwQxOGy#pDfYD|aqt@>t0V#Asco6^L}X#Op9
zUu81y#7X_JuaR~<9N~@oXZMF)n*Op%^B>?GeeWSF0Y=5HnMGON#O0PBEBo{M`%w*U
zKF2rNJnb%=o@cL(lh9!<kp?%2d8ZVjCBb$+elfw@nb$R)3=TA|72VhC>OSaH>>{1?
z7&u$J^PcdXw!5;&x>^Goeb4B&_IeoD2+7)6SU!zvrJse?BJwm&4KLDq6T%A8)YJ5y
z&o8sB3PcP&amOsLTM^N>iM`1Q&^FYu-h!29Mm}!NU<?v=lbTr4R8V5|yni^G6}R#-
zMoJayXk_U7ewyB{#8cF`%WPB5g(ea=0@Aus;eMhU?)y$u7g}Q?k{YCt2y~mH7sPk$
zWHq1;6_GxGVGS=B3i|W90~GOH2QrGM%8v@PH(s1aT(Qu3<YSi$u5(#k)&apdVs*%l
z1be(1<ekub3@HLQ%Hxu2H#q=K@YDh^ZsMwl^{=<=pWeGEwKMo|>JTN&7-SZnC^MQi
zP+x`}1GL)U#gm}C*K|e!(7J^ud`Ta`3;1WHSZ&PH%@~~ttUBARojTp@2F8+alzT*%
z#O6~J5rAtx#5Uv}5tdlXn#%*=`}BW!?|fYB|NRr^!<J5d)FYk@zv6MZshlvWB>hGg
z?3pCTdM6M*c&}#_tyyGjdEkyiT|-$vYfkPLzOGZd=@~Z4nB7kNULt4g<019@WvUt0
zB+>bAKWWZl8ZJ4ElXri^?oeOrvP=NQZJIiSNE)OI<4Q*BK6RAGG)&ppv?--dPhZ$R
zKA&#p@Kp&T{+*R=3&!aP8np~CZ#O`Z4J8`1=SY&Y!Mx66d_^-lJ1C??Z;9D?+c9Z;
zD)4=^ll=+i3RP;}oEm{>4UH(}ko4e;pebiAoa?!Q4$05Ez|rzjiD5@3lpO)3oD7_S
z#N%AiU>|!Fk~5Up2G(FWDbRUXG=H#EMSGI){rJ$(%q9M)hZkE1)ULGjC>>l4{pPeR
zzCY}}j0)MIfQXBG5&Gr8=re%{>I^nu2?_o{UdX3NkpgmOwO$2UuAm%n=<7Lmw0pY+
zz0ZwxDswQ8Z`d+cwDd)2_H`0YT;_~v;`AXMQ5nj$N`k+I8+umo+4u!TtL^#9UC?Kq
zjr7uJsmQ|3WCu49sslIpU5K1>{H@UFW_I9JF(Bye2NOUDO-l|UALfnsu{UM?=*-|t
zE2zHG$;=jeGx5tZgSlEe*t7*I*MQwawqYt(0R3D6ilv|q08d+HWsTJs8Q)o5GW#^D
z{WRfCzf?n|ufmDOW0xu*lDU5&P-x&m+v;y{j6FqNBN8Ay=xa;*K>%|aJFUZ`GRzZI
zmAA$I*+j8-Jkfi6Yq?w<BY=B|iv9uMj7diU;nuZsS7L{^BU0rjt=~<=aIrHM`1)S@
zE8S0ZP`ZGLHU<;JdE17N;e$vhiQWV-gS4AOS?4AqE&LzM9>8xH{wk{#X1z3WWzp8r
zFf+hA7r~|RnNT~j8;A3TK-?g;YEO0)SrGGGVroF>96A9)tWbs2BGilrDH0-Zsotg(
zyseY_$tjz@BX^Y)8IpJ+Sk6bRndNMwLcqvkqX#aXW)E2&Ff2xd+!=t=L=YE6FIc9X
z^Tyo05vvzK;yYhmuGC?4UU21^xg^+*&)1_HBa4I*pBc_Rx2#Fmbg~*Wb5eenfKFi+
zeChb{OfxsBc*El03Ia7d+JQ@~MBV`pGDmvP!aCz95SN)gK;M(rSL(V}KH;`y;Ol46
z$Ib9j*QVWZVo~7_ol2zyzL|%j2YfoP2^)s+m)Ahzh)7*xMoX@U4WLhGgAmcyFoOyM
z-t6qD;g0pHr<!{Ncc+*yY2r`mAxdfIsP5Qp+^2n}VQ}~I^g%|+hTU<1m3VcIi6Vu~
zfe^7zYP~mPdocX%kH_(s74Zs=uT^_%TTFY(zOt4+77SXdQA9ZqA~Vr3ej8`zXS*Vt
z2Y$y%rGFj%{VvhG;@n+{)AKBr@6!xy^KjZo>3Litq}rtwm4xF*%92ig?`x$AP~X;S
zX=wB8vp3c44;K<*XQ~?yj3**AdueICTu(Yn7T-NMGmmbDdgUfJbggd?#Z0(<26x4%
zXf5Kfb^O+Zm>r$RL$YZs)ZANt=&n!tv~j)&>Hiz(e?rXjDG9#}j1|`_h|}Kut9Ihv
z^a$J9UI#(=W<_!?1g|jvLi-~ZLGYo|-gO-V-q$D)fn8c*V^AW7B1}yn<FM2i5P~H(
zgtc*M&Xa$eYehzw7^+2|;yZ_WLf`_sn&xp)7W~uva20D?8_ESz=%>QsTrGWCXcKOQ
zU--$9us&K@IQW1P+VQZFVC;rJC={rVo<}F<@DhuX3RbvaxhE0Ow&2YOZ=|;QBZ8~P
zCnw<mla!+`#lu@#%uj>iM81edhL{)Z#vi2aIH9V#+7L*`VgSUSS^rU$dIxMZP6&x|
ztxG;jdDjmSG_$1LX1d(rGEVEjF{^B{uL|klz?jum=swV)x|ru?dfY2VzVo90M6~S3
z4<^Q)%@)*jP~=3EHfXJeZW5k@^0*6awv>t<H7rB9ii(Xl@odO^U^G=Y5+A5{%mi!w
z)IH$DZ5Lj!Gm&AJ`XNjbX$4IA&rF2u04u~8lMm@es6-{#-Z%PQrs0?@*(2WXwZKNw
zLQBS2_}+7FgOO5{*5A<!1wusmaxKyuupr8Unl+Bn?GORLpjFfSDG_(;;J(^MfgC1(
zqIJpagv>c)oWP4~j0sq}XSRGV4$e@{HP#H5&w%mXvMb>Yc)q=edPaR=h-=DOR`UhJ
z(xtMis1wVncHn70Mm8uBr>lwN0GK#8%P3YA;Gui?+*ph(HR^3s;Ast}U6&z<NrLF;
zH_@aZ2pZ}Ijh_}KVbQwuU2|tM=D{tujSE+ZIVIFwPdf<9st2`%+$ZglAwBL1uhn|I
z$YD3m`Y_q>Z;M-nSQJu9e;JI9;wl4MZ4E9B`jw(%#MrZp`*W=1;JG(qJ6s1oxUncG
z6~4On+F#r}5?6(7b8E7B@6k5{YR1)KuBv{bk_Pj)Hzi(Oypg7>+%mc-z9VAM-YiLN
z(he%7jfl|?HA&2Siy{VRN8_7iu}>67Hd`9tF_C$3Ijc<3-!~<0r!P&rUfkP5NVzTu
zm?nbKcXvsSa~bWhScp)w1lXOAfpfMgM$<G%u;}%s3mg${Z0E-;ZPjf`OM9Dr(xlAI
zj++H2z(P)b{ySu?)rVT6w<<pRX@yj9(t60vXGfa(rhvfNo!8TX!+y9rw+!n$S6%oD
z-{%)Tzy2*;x*=2j0~d2>p)#F+-z{ye1D%$64Ajn2R}jKwwPrX|sx{VIdcUQl!^_OC
z!~QXr`Dp3_v4!cTMTd}gR4uy+SqHdGvVqm6jkf=xgWz0q*^rl;;vZ5sFoh%eC*9J!
zaKHS1mJKrHd+(^4ki$t831PA;*78Ler3h48FgfeMsV=Hu6*ZO;WbRX#^tG(2jsLlV
z^N|ToS-ybrk1yFwci#5};Xdt5>S7E-U+gNx{1nYSBzGpnVR8b~p`#S6KGV~g`pZ$A
z5(3k|H$J+t>B&9lvs3Op>)lrI6e`qY@D9QbTy1T5vD+$Y57=zb>m6@UUHp)|FfsAv
z%aN^2f62}prRjofWlT{BPVyuvW<3jaVD1X#q1b|iQ@Lw~BdG|Hbz`((5MD#QvafUH
zd(d6u`sCp|-0C@#a-Ok;BXin`TS4B(5rK0t>w_~Oi6n>qIQ-+|kYrtDQB+5mF3B(W
zVe?xgmIS^A<sxaav~8(3F!-K!?12N;Q^6<ZFPkJQ{!K$y!A2$qKyW@GSNQ5I_zFnq
zuvFT<F@J}liyK3t*Ngm*As%n?srJtCS1{kLObXqnX`K*ee^E}OK?PkAKobtV<_0sV
z3ssO1eU%#V#qs`wKqZFx65hRGqQtyQd*72BQ6O&SlXR!h%^Y0-b8v48!LbbLjg3{l
z^jn0BP0!hMR4X_f7#X-aSdP7HA8>Iqt!nH`1pCmSov5+3JHQn2`*vq0s$D0fEx!du
zOhELQ_rozx{pi>oi-9rs6ZqJfjP+i@`YWYkJN9K9%3!qt%%*Uc_A!tJ*yA1D@1(Al
zif|eo>8i)HIC1l-U$$cxKWdCUGziXi*TaJUN%6Sahi_;l#(>8*0xhM=VI8pJi^S)_
ztVlJYhij#6?UrRW$hKXajt@jmBz5p81kW6SiK1Grt9Zvjsue$1L<fV)vkx$o;2{-s
zVza=oUx<2*k>~}hhVy&tBUjgH_fHB+!lrWN1-$S^DeRBs4^R|m5;|O$Zv1Dn!bp=%
zN!SmcwdV89%^+w|6_(c8%r6>x@?RUAA4)Xki#AHCHVKf-^#jj1JZA7%GfN*tg+PYi
z;i{S!!osE3Yl&0ZZXR>0L})a>U3HZFo1tT1{5lnPddrlTl#-{I!qL-pV<zkZ5<<;I
zIh%wxWbejnbIwpDT6Qy&bJ>TRtcAW~v1ya?n9Nv5eK$$vNru}zsY_xJXPO<sHc?k7
zKFb0KCCaw!r(>Y41YuChEVmT6HE%P5gch5i-nlBdWkxO5ZjX0J*8P}Pc_jT6y|`Do
zP?D7BG8A^<XK+R*Y63<M1?1m*_yXmSs5+)OP%~HqGlzxWSQ-<Sm-v<}E}@^kWt4!4
zKN?}LM0fNbmLJ-(;|}}Uyg2In6AC!xMnmuoyt@=}UG4*ysQGx&)86Z2O}(n8eI-4(
zy1wv^eV~6UITY}Ru9DDNdcC%O4xCJZ!S;k|GuEPO$KGi7D@e^RQ)f8)NNl4W!GRmg
z^RovwNLd__kksTqUl9%CYL)~$QI_CWTN(l~W?|<Z46&4FKRP}nnaNy64l1`348NgI
zNC#<+w_+R_M>Od*>fD?=>qvTt>*}9zs=vrL@09^|lr^~JI&YETePf2k0O31zqS^iL
z+?aaxFY5bc|AG~OIsk<hT8D|dty&uwW(_E30xnj&YpO*_8o@S>i#t3_bHz08m-4ts
zas+UXjlMBFI7d;<YTxgynPwz5y3@p?Jwk60SNiuxN#D-Pd>QLu5>e9en89&SRDj`G
zMf@Q77s;TNAOu4cci}^)lf+{3+=HE;*X=4B=i__$q?9^o4>3(?T}M?)c#>**o2pd<
z@i80Y?*I=Pa}No6yT9qdd><dus&aU=Mbj&L-h>nHYImw1d9_5ohL7*=1inK=f%jKl
z{mD*2yEBqnPc#1>;bFxH%wKkM!~f7R;avLg1~cCR#kh&kh#fRT8wS?pReaSFBSxNf
zsrr~M<#!|+5M+pFslRkt;#fHlc$J#dWHJxqM4*imW|Nj<ReKUJoL8IUFxG3gGryjb
z|0NHf&?<11h_;;Kmg2j}K*x??&yCUsrDf*3TA}08voJKejT20AXAMcJv`@zpJW2>2
z18srqk&mJp%#&_^amoo`UD8Os<kam>LIKhi$xV81kmsn+DLT~ryk7sg%{bi2GJoSc
z?5FYO+m4#QTj#!gtEz2w*7K?S2un?PYY*ZISjF5dpWShnbp@l|*ghVV{J2bPjv%qN
zrA;EaDhH9Qa{SFIAKc2)MET6*MHCSq+dYN!^$6jD<Q;WPu7LFV?2LERG#gOjlMje(
zwteU>berZG@!L4Bh!xH%h;P+`N?E;B*)E@op!e~jlMHiPfmEv{mZQL&O)?GXOtQIJ
z7B&cVNT;8ra-~diicH$nPH?+47z){Ar9^5%ew@7w>4qVYRzJ#hRl^7<dR?yj?sq-#
zu$ItM&C-bSEmwy~!s-#2Nk3&M%3LMzRYf^j=6!VS6`sT32i8D9GWi!XZkh<|g0gsS
z)V_NF#`EK|Bmvg<r&m%Lhv-snFyupYC69dkb-}oann>eb6*7P32yM${>UDXusp-jH
z*zQ<4O>^9H6tL~v7V*~}EpkpA+#iO6^&u)$p7Ec8X-?Q5x~hyeLv5q7HTfA6mO9Mb
z*`kPhjhcS?@GBa)kupqTJ!*~#V^3?@D99amZ1Z^Qnlw9gMzCVGZZN6Mg#6IxAWA)e
zZYIT&?UBHd&%A5HON1&F{I@@JbbbM(W7QsW?3R<TAneF!LZC<~d7OOYG;!jt`w2~6
ziFc*s>TKq77k833$QdT91ZADq61M6EH5q!-I;hf|XL`uM17lRnZGXi`82`GqL;=8L
zXK~<XdVkXWV&XHqjwQO*?<WjiepBX6uus#qUgM<jyg2fQE=`S83L*f3_WdJA{z|;;
z5()@XM)eB=AdW_Ef~pb*6zx~gpGg#V(E9_yj+r-{MQ1Bsf!mY|pp42j?|BOvH;$SO
zA#OSSq09TP4|}5fGOyV!g2r;?S)T}sSRAIJ__F2kwAhT(y!3KKp(*x_x`c$f&O7>9
zdBxe@E(%Wwc?a0d2PQgbx&ufiqW-}RV&~J@J~kj{w{1mra^FvFSM$YC`eQwn0q#es
z?PW_UmM=Ht+LK4^fE|*=>}IEp_xSQmb5<eZpdH3Zk#MU3BHDAgC<Z=|UkcJWtXjTO
zpPJGpZH>rouL>TT>FG%}>dF=Z{UGiC-Aq#4;3}ou1sq9^ov>pR+qoWLxK@Ys^{Nj;
zW!eU!A7s7d>PAz(#`&H+ulGtR;K6l!Mi-!z#$5frWj-4esbB`CNW!3)TSS{F!pM%q
zR)-I$@R=(;Ta=E-S=CDLJ@GNwaOr%H&>K@(g@O9pN0xKMz)IA6;9$NkgQ(Cqo7-l5
z)Px6VS4UD2dQlu(JBqC#W|L!l*lT~JSvmyN$KD)xzvn9Wht4nTl4V6U@&WkQpy(2e
zr-pN!y!N@l<!KZDoQ}~P4Q!3;3^srJZt}jB?JD1iRZxM!=}DudA^Gk_YN^r#mU-dc
zP!pmrjk#rp@TB=PpcORx$;djHF!L*;+-)S)_6zppn)2$vW!0&vp@O4>DnDu>-_h0d
zex^Ipiy+XL;l&;V_EDpL?a(<WD}Xiz@<U0mYb3_nY)m^I6mXI1F=UQ*axIMLX~@(m
zSH8@o!E>ZNY!XVm2Wq~yhn<(O@(u@k#ghFBhy0Gr?PYWXXHIEz^{N&Yr&g&ZE&2-G
z9Dn5?eSU$ZlvF_;%OYEl{?KjM&UtenL@Af&Ajdp%jt}DTs1x`1g11-CTYXLtd0c(j
z`3siO;Q9OV&nmApR2xYZwBr<<fOnXrO>rkg_-B|X@F}R+Lri{P!*4_54_&RQ>{<8&
z!^n*z>1PXU)QvtzD$GpWkX6n(m|LcB`(6ebOOZBB4Wu)bt^|J73br+iQXbP(`+W&~
z%{egxS;cV+A20p+<e?+W)|;R_ZU?Sf2^jYv^?h!J4ERH%bdT2pQ7#~_&8b#+>rrZX
zzsJ`ry==RU+u%_KU#IfK4X)Gm_#?buktYvJk?wYC!%c4atL9L4<mD2uXu;`kBDOMW
z$2#(BM^;$B@}9CAc2l)UPfFMGq14T?rw?08Omp8hgTrXiK?)xjAa4Lq%Mn#;cbW!i
z62MW;7<_sbcdWUrWqEnI`P?~!@6}8n)pd9}i$_WU8?rj72FyOJW;unCk4P@)8t_1{
z^JbfpLD1Wk^vBkcq#&4k+VxWwnX`8#B;SjEyWtd0rwX;-Ov>efy5hq3QOUXz2xx0F
za}CKhD!pQss&!*TYN+CLZO)NX{84$=2kyT(<>1D1ti`jW4{M=844m!2we&@X@e-3T
z?W5_<yaVzo2$$zaBv-syu9bg&BoN6kpP2dc=f9s{r0=GPhPX&?yq#}E{J!fQ3W@sd
zl4Z7C0QJ18L;Df{Nkvu(EC%U%>oEG}*6>rf*V+i8&B}`HtPnxUb+GAZEn5(&^?p^1
zV|f0<v-^YT2I*QMPbKdpc5dCcW7&E$$0O<ydtd`NeN!IyfDTB!94IoAe`Ao=S@+EK
zL}5)Pa`9Sy#!3C}=vPOi1br9ZXwdV<xE$yr@Dr_Scx0{+(pzU|xc!1&$;GTf<_#|T
z=(u~<v0s~K3?E8*3P`*r-%FISzQ5v{f#2{VK));$pKD!v@d@U&yGixe?&$)%KG~sQ
z8dy_QNwP2ix=E!iw6nv%LrgfAZw{&S#IAe7pEHKj2RUk2=GQBC$50m%t*U&I(6PBh
z<0Sr06qo-duN(BFt{ehlL(0i;DFDj7IaWtLaPml%ojG1qZv`*lnmit7qB+rxw0C;o
z^YiKqDj^y>J5d4H*eM?9qIu3w<3l5iw|0sQ<TlSA=q@TB<%x}_qx;Ns=1ncYIxia%
z8U&f=Ph5gqT^Vn5!`o|WY+qfHvw6^b+mX7o`FwfP*Xlq3rFl?DgDD?2@1;`LC^Q2`
zu+IWG6aDlZLiREd8wu7>U;u2EovCev#)rO4ERL1HR_1i_KD>R6_>J_<EWU;a9=_?c
zOgX+r;XYuYKmiv}%QCQ8xT@*LMi}!?i)m5fNH$#kKr$f1XTm`IxsprjliI}SX%4F%
zFX;pe0-d&-f1YbyC76+5K6Pd~saY5nyEz-*^~=imc5LkZIxHpV!DCJh?ctR$7DSZ^
zpGRgm#hm1B<(|?fTJ&1ZZ&Sk1O?M$xZG5*94O~n73^qZkgb1MeI(CgH5fdhRkXf1w
znsNs8P)lpdN#N6*i2x#SKCpAmCRYGR0dnoC)3&c?irPK?9D649_x7WaHKABjhWwsH
z#yg)pjOL{&+;<>}gj$X`lEeJGS|^;}miV#3mZR%t<3NVVz^R7oCs&WB88P{av`*_x
zOuh82O>Z0rBP~wYXy%K`Ffcri*qmz$i5WhYRT!FQInH~H(YPX`^19sd+vARD`gFsv
z2wfR5ofuFEA*yh$x~R+RLmiqd3SA#ikLXe6KY(V{<2D~bgzGyA>1apJJ)n67l>q}D
zkq2o804mo6aO`cqh-y*!&54)p$jk@Y=F~bi99uM(-ty(Y15TQp(AU;N^jE1zJ-<rM
zt>)Kr^pfUM6EA1x^_VlEa3{3ssskhp@=`y=jifb8%by!t&m-xfqx?Gt*O9m6hNK$r
zpNm^CuzV8R?L}<VKUyiy<{yw-y_^K6K!S>JofTjV^7Z8*xf>U)TnV|SXWuWA0Fx_C
zXGp*E`ArMGMiY(!Y27SNq%KqB(fq3AXdbTVacab^t=e>bscA=Y=vOBO*&sbS`X`+K
zbJeDC-?nja5TY?BC&h(C!P1n0IFfIN9aomE376W_TG3z)ZB4KI*Y~es1S0S2H2KOj
zOf+pAKb!CTgE3hD?STR!(2827LP)e26~ZjX)j-*MXOm<`+)`_(%FMs`LgMn!&a>J@
z>Zy~JU$4EVTULSV9z}ee?y-wENeolTG`2ij{i0?=?qbTdx81R<o)_;0p_<sYUQ>U$
zDTdJj-<J*h<>!H(d7Gdbu-NGF(OAn!@%^u7i0#XDGL04sVwQFq8ruEq;2zaqhS&@v
z(jVI5G_G$6{u5f=95YM6o3!Wh%w*m1<^oDD4K`^6aepo9moIZ}%;dW^QLo`K9(c0-
z1UH@ivuTUWZlXyCdM*j<VUb1DdhWQoB!B;G={9{UWx&y~o!~Ov37tK8fj;-8s>^*^
zU(Us>mO8vU#huh-L7eJ-w4b@sV1buTN;P}%@M5#2nT+L$w{gCp?eYHY{g>AM_7Y6L
z-D6!gkP2}x4&!Fs5TyqyHnF$<GR6)HTJal!j8X&B+v)i*HJ>D${6p)*M@6)ZT6-Km
zYIKy})I_WZ@AX_ke%{Rf$NRtRfX(Qf{cZcFDJG7b%eI<Elm=AWeVs$Bp+S~MX(Brf
zvc23h843LDIgn3KKJEJ>4L89U=HRKaDQ)T6t+0h1-z`ZIQA$c-L%uOHf<CcRt{e3K
z;skc48ZHeVWi_0*HPE)Ao)NV5r0xh-@eA_v<YT3v{IRyZ(J95PJ@mi)ztq(3ZV-{R
z(?T;Kh7BdC?Z$w&^a<2-!&|{^lsCm(FSaWT?=hwGC*Lwrb)zvODw_=ESo=wi9X%eU
zZQ20=r`v9A`30neqqz=r$>*O&oxBjv`Hfwy6Y~Ag8^8T)Kuf_7c^5KZpmP)x{mV0R
zg_^wCcRmeOcbAlB6$&TBPTiA}D;n)#i85rocV6M~_0K{$ViD2|B<$Pn1Y%8-88vfc
zi7THPV{)L3OI_T{qV+BPA{<P5cm6t$UHofMc4>d;6mUc`e_ietw2iWlY7<M+3zEXF
z@6Ed+g?);!phNbcR3`(OOX?2s=J>FnHLt11;tPkCI2lV`0dXf$0U9$<scrg(pw{8d
zSDW*UjceL%2^^n)09tF>{6Kd{8FeD*IUDk=s~^Zrq5R-HGFqd+y=cyD9hvy81jrNJ
z3$+8Pr9ryNz{ni@ZqI>y&kEi$RMs=A?>XZK^GV#PZF-+CElcT}Gt!CWay0^j^N^%d
z&kWfVrEIl~<V%<C%zS09<7YwQrlR)rgSQPTL9v;?p0kJg%n64spn}1lb1B^5{SJ%>
zi<`iF3G#Z35ezU^g$ohdb~T@wNK}3ZcXLi=ywbsS?b-GAyzus<_Ko|GbuUmO!%kAJ
z!Qz<90Y&3sd*Gvdc31q&$25zWdpQGA@%Tqs<Te#I5k#6e`elEd+?%9hfW%zqDCIJk
z46!<Pv`$#YBi74kEk%3Q7qpHUL{f8o1wP9(yFI$Rz};)w2==nUeP&s8G@(g$YSH`n
zC9B1u4C8^s-RrYQ+rPq*AKsb8${hL@qGkP`$@^zS=W*4W>x#rS@`Irr%+*$1NCVoE
z#9I?!os4-8>Q;R(_Jxbhi+*fqO1FxXv5HN)FE07oC3EBl)Cm_eEl7QZp>d1@0qQgn
z>lN5orR&mafLRUL4^~K-Ozy=!(vHX!p6QE6qn-b9-FI$PHZ?|nnUcya`>pn;ho;1N
zFv%|wC@`@#at~5XNXjER?Ry|W&&}AHmTGm6F&=2{=W$OgqQgDhBA-7MCu1X{bm@z9
zWz2R(18i}SCJ=`I+YCT)3l24M05vL1fYu{+c35?j>8DyH5Mx=J+`48lTwA)~VH#pN
z)?g#wu|9YsMfPN?l>Mt^!KF%^D=4Q{(SpWD%&8I*C@!<I37b4Hw@O#6P+?9js%Xmi
zf#8d%e4U#9XY_&#1jy7g2?V?}xk@oSM-JVQDfWiI+hj?$zOSSgSS&26^<_Bo{C2l&
zXl`&#wx#}8CSuh4i%^hGc;tDQSAnGpOh;#d<3+4Vv73XjqG!}geb73m53SRl<G(Rt
zrT)|3aJ1xwupv7TAx|mZv$<TZ&BB#n3UCZ~Y;yc((T^r2H~hUcn=d1ktp)o0{$&iJ
zjZe^YPp<3wgBsur^?;xw$$YT$5uk8=2cy*vpIhS*0#j~sSazvOw4tK>It9$NugWEV
z8xWX>DOG!YzZE=D@uXQfhj8f{&@r!WV|WLf+z{~c)(7OkUdF{S*z?#wbb;7KI_fWX
zZ@`qMK*N)GM=A0Z{M1~_c-M7I7-*rvvRcvqSSUkb3&R3;gu%ZSYa8-6K783R8N<$&
z*Am-0?ARNK`0iPp5D-N%D;uX)&9L?wZc2P|+l`t2SRb#3FHr1BgiDIRVxh!agor<M
z+%$D;JKV9=TRQ%iR80=q18z<JK5Cx+Bf>*!vFw7>r@@Ze02R{5BlrC1*k$|1w>w95
z!2;AgFgPC)vSt%kly%2g?Z$<v{76>rbG7HAjLR;YF>Go`C%Qvha(UIz3bhYNMjakS
zee@k-DRO?`1YO$TOqVo2fM#03cHe-O%D}tlN>-xzj~3v1DkwTp8^siKvG?{0c#`to
zFw_we-7wn5$&I+U*5;uYO?faUO|q+S^;TfQ??``2-YcGl1TQT~hQ7Z-sqY-n3r-4>
zgn?F{PrTo7X!VV&C+(!ZuKs29A`e(z9;IgVjD5R$(jwrV{nJ!yQzS3xewb3f{~4fk
zuB&oTJX{u|G`2FW|E|AW%+O|?=1>!p&Q<j!?B~&cSXm0S?60`C6m0AS%zw6qv=i7S
zU7IEQe}6(5G`iwL*!71MFhytAPV*(TnB#wzDXYtHn%adp9zcPC!Am3Zl0fggM?$t<
z-o;TgXtTB|66p^F_}<zePTeAo(I<+z8=;>}pMRyT%RkSQm{0q130vq#y+D(e?p18K
zKY=WE<DzZ4d_8h7{$ETAq#cZhv$hFa-UhGr130e&PiI+ioNIX942-L0B-G{Opf~2u
z+`yc!u0dRjxg8UOWBfo>Rg7_U^z^jA#>U1E10K_N_mVDsHlu$+H*>@eG<O!Q4g!Aq
zbUjE|vGbhLmhqPB7!Wbn`>ht(Dwq#+m(IR<vuzYEkjC8dJ`e{+LocLs@d^nfn4dmv
zyxumtn3w7G+@;B4qE79u`)wJxy3CvGWl2)RSQ{-&u>rOq2Eq(&hvpPUM}4KB!Z{&3
z#{@E35W&GbKA{NVa=FIlam<xL%*|?JvAM1g6MwBQ?TmYlvA$SUOd0J9jsto5!1O2B
zEUu`1-b1aumq{<9jVv^tZYs%lM@!3KF?y@JN1fwdJ;#g^+hr?|@RU#jLrOX0?PP5=
zSD8;IT<6n7jbm)zZjI=9SML?R_(O-F*I=v{ui#D31q~>p#k(jMgn#(u3ciKEQ1eG>
zq>Mc)8K(HaL0Br#$-j$72DDl*{Q$`h)4u}s>)sg3Ny3cRE0TF%r#X!^P2S@sc<QRE
z<yb9>%&uk@=qA;Kt=^{fvZZNNrgRBy$_2Wd$sos2BYxvRET|f7heXj>noJnRDfdQ-
zhMJ56wAYFojMmz-%$OT)=1;aQ>nmN6&Pu5lD4$adpO!&)2J03Oc(pCbLY^n|d<(Ng
zwbu8u^t0>?h5xeMCHurTkOsQB>N2RyrjRudXkPtn-XN)5p_VBQQvtg*(BAM!Un*Tm
z{)*D0E7_~<i~=p)|In(R(8C}dv$vy}3qdjv(d`6I!28BX4Z_QB^SFDR&~&P|2>Pg%
z?YMe~g{iQ@HP3vO$HfBT$+8hZ9Eg@{fGWwQ1)mW^F__7+wb37LvQ<nj$2d2AoH$b}
z2^Y3=y3X>!T+8gbnWyrT&s??8&uD=g(-2uwM5k$zD6jXW!QXwr>(q0P2c0JtrLLoQ
zZH^5yZ8{BR%(x^(znwdWoApAp<d2+Am3w<|EDNjWoTAwzy*};`&%&uve=1Hx{lDGA
z;qNT!)nb?um>*gp&Oqn@R11wYNn2w!s41uzG1{3&4#B`oN$9cbnZh9njj!xndfP8L
zy%PPLeDnz&VrLV7m3))Px#9N4O%s(|W95Hp_F%ST#Udax>U$Qda5B<Kd1A`OP=s{e
zzzLpAFMHy#dRgP<_--fGj(5;g0_dOj2<g!%N(;TLGIh2WS%G!X%)0Z$pk^j7Jn;3i
zPL)F7{9G~V``h=59Z=r#>>!59s|5*Qb~tj2<Y~p#+_%K1Pn}_F=bH&{GF^W_S^Jf-
z=l_Q;=3n>^@<Wl(7z(%aj9ms%>ptKOC+^<F61`*nBT4L2k%4L~ZFjCk-65Zg%<)vC
z|B}=+mJLI=d|z_#0*q+PqePb$0+aTG8FeJL$2-7x?#R^K!{JQ@f1BQ*@b~%mrzX3l
z+RL6=JaA)1yN=hy|A2u(psfX7glb(SeZ;BdEx6~7gP8|Im>ogFdmQ;Gsu{U4l>^Mx
z%mRvY?<nws)g(}M7hSwUyvp18+|zHfdQ~oUBS;c-yZ8aM?^l$cAm}*G9)^HJXG-`N
znU|k|0n(5baFm%+FOp)ScUYqaDOVlm-j(~yqfCb?giR|M;Zh+9aSJa-q$K4$JC&IC
zg5GHxfu`37$j)WKZ)h|@q@HJH#5t3m)DQZHZ0IiE8ZL?j_tjtjxS3{E^A#E_k5_%3
z_FW+D)=tbib>7H?Z8cpP=}M~YnEIXa>C?eV!|g1S<Cax<3AYnPPH^lvTugL)J)SXR
zktjCb_8rIH<dBfx85bO3GI$=t1sW<U|Dn-2u3TAr{F}s!#$evCO$r_OL#LQQp*ys|
z-7X5v0pS9kNe`UW@@DAr&L`Z5wtcc&w*67uJmT$L4)-pXU#`mx%yhFee3kd{m5;2t
z@D`mom&pwOdY2EebiS{XGdA-(hNHFuX)^4IKbAb%-eCUXp?iw8Wn$%|8Ggz6!4td1
zdV$h@PzWU47KqmeKF#wPJE$3*{hnL2(QkC4TnO^pv(k)_DXR(YaO)Pk8IGEZ^zffe
zQs{&xiCx4tRi?WsC=P;TcXV~}hD1s2*|$oU&c44j|L<J)9|9k<NBQp923E*WPn$V`
z!a|_Sn0UVqKN5lIos&OxtoEI1G8(1!5~R1i#TUs-cjcl+)Q9iaUDr1A<^}6{(#>=L
zVJ-^1)Jqjg*X4t8w_evhn;}%YWmSaXsr=Ru8BnT(O<v5AB*^Gjh%;!|f8%^>M1*zR
zK@jc@^UvibaGNxTyJCL7bu6alwB+c-omLyCwDx1a(^nrwfH-u4Cb$hM8iEgSJ~UMv
zIc6ekkXk|oGp78nTjV|Au%5;BsqJO2b<%5}e>l~Tf9UV3EqEuPFLASTg+zZ~aQOvc
zE|P3vCz&p)zdG$PUN#pmYjx-Pg89>V%hUKD&owRuFO0rI17~276b;f<aAPq#>p-zJ
z>^Mn&GifJ*bs_<C_crNP!wAf=y6NMmk1rNeCi1_weRI*U^r_Kj41NwfrhP9*eb8SY
zD4y#YTz?aN?)S69aqSJrCrMz(DWAU+G>(5gGDD|c25Q&rcGflX53M^L0!u>A%7Zla
z%fF}28r#3Kd3-wIcBEnbQCrKTd<NfVhbi){!)!8_*!r(p5)AMG%bBQk17aV!YWTOj
zQJ1b**6m^Ki`5;)gmL$bVA}<y?>r`6&b8_1#F(!r0Je$nnuoV!6u~RkKIDR`>U?61
zHN?J%_1`wo=!Ts9Qowl{ACxY7W{K)zQ<S8(fnW1gI{rD2sWqx~ZXPtm5IZ0Myc(sG
zRSYfS7II?n_f*56T-o{{q#AUW<H)=xj12Y*gAV}i`Qu9@R<({z!Rrm}p6NG0)+2OI
zIfk8cU+vqK2!ZXuq%y<34}Wn*5Ga}-98w;zsREjE`GB9IS_k;J%t{jR6*0g6(D9;L
z;fxg%3edn(@Mu9@F*$o;7xKH)?IL$|c4Gjg)&$IJUjEYMq&NV$d5oiZ%zYA5hfbJq
zi(J4G?_f=jk>y62=Owwopa;&WFYPZ(et9GV0?YV8XNH~dKw17@cwWkUCM02DuqOZF
z8`0<QzZ4DSMbbU3yqD6Yp^iBh#tOVQ5n9D(Qtpu)-1Z~6JK%+ffWGgm2{)7gkuR|y
z`|a)cQ=Q8q{|@N?WRbejcF({ntHO_+4e2|z#D)IppE*i6(&Fn}JT__3L#?t$wD&t(
zz5SX>#8-O<+wpr0Z2koLW<~%;egyb?&q9x_R22NYh*h)ju~8iw)qD7{K5fpKaG^1K
z;Oj>CnBeEnbR32_uzIN$K57gyyy1C&oXy~4|I0-yFjv=a50FWR+2OIhZES$aeIM&o
ziU8>jVztc-%F|?y_b=emyO`#A$mQ)cJ1PqT4xlduCw3!cp9nuWO8Uo<hIqlMm;?pd
z_x9(`0_sCkrW~%CBYav6eJ8>2z`Ssw{LRnZBe)s`WN!!E{h%z;(_Nn&-&<9OaO5#-
zY+!Q8Q+_Ebo{6?p<sYnhtD07{K>~p|Qg=4(>-8}u1C3u{ya=vlL4f|&55nzd=4l=G
zbr#Y;Sbu7}P@R7MbKJ=^o9y?>LE35Vh21Q-SPbh%Mt|n|H9ivyGP~>J-o5FC3Gl8A
zY@cTCr?{q<mb#^DW{kNQl{)&ce1R`s5p=quZ}yZfT*>23yzKK;ma}<J{`u0z&h~BS
z6$9Jzqa79WJ@$T;#8)+yfh8t>&Bk+J)$^T_fS6@c*xfYW(fD5~usAzWl31=|VDZ|%
zJhi;!JhmzmzkklL@%hmXiH8oNPs}A1uCti9Q^?eJn>*+j*h#1-+@7LVOB%^2^=LkV
zMW`mR%$pC))f}ic1!_j7r=XR$WY53KIs4t@Mfjy&M9dQ!i-)c(;BsJ!X#7n6&>KYT
z>9FGi3TKS6)jscvu@Crr^j>TWovr@x>gC2qY<!4I>Mbc{mqBsJ2ma{`{l9S=keXFI
z97opnPz6=5{o=@y_BWb7LQkhKGk)OUEK~;N)TC%pF7Gdwx!rZkjF7RO>IxLT{MaVy
z_{@ewi2du)1;uvnBS1bmiJI9Yad52`GmMLDzKDDvrb)WgL@diWBNP~AKUnUmt?RAw
zW!!ERuc$Dv*l&0*<k>m46Qg>Vux@aUV%7`23s!`vqwN(8lxx&C+R`B<U_tZArnW@B
z+Ydpw!zUXfeaVC%)4*OyPYH#sE#_c4>VqH1%Ma!-r`fL>HCGRnDMbJDf;(HieeRT4
zS|Yx6e1=^5B8Etq&4{LPAY{7Q!nl5@c(Ve5M&>p;iiTCm-@pI3!2dwR^hrGHh4XYA
zmN`2gFER3%{?9KYY=$s?aGCm6R}1OXOw#L%Q*a(YntQ?->#+VFB1#FaFV9*|axm+Z
zZm{g-lEH#dS_^4{)&-udAGq#%6i3n8o$aIEf&h03DAHHxECI)XT73lW%;y{&UVicw
zS}RTAQJcfIq4Cn4*2fac$E{YZb&I76%cO6HUx}@!m-}j{vt|4U3f_m31pR%%61>Aa
zZ}bmcY{d-?TPr<7)ryKe$OVgdqTkX=_l*_sc7ko)b&xiNQNTUN60jA6C1jJPVemg+
z12Cb9MUaYV(H;;Ak2R=!%Y$nB5vBs_Ve~qJ9613-J6(Ek2I~)ixo+<MY&gv-w1?8y
z_`l!Y6s!?Z0pCA#cVlQgy9CPPX0XK}<_!gO{kNH2;L%q;97XT&BA5U1;`#sj<P=o7
zfZ}4tB<|ZmHBIz@xJ)bNq@3Ht9p3%2Nr-{&sH0|0LjTZp$<9K7V9w6meZevm(G*Nh
z+rbBOUIqsL&|OtU(^%wDKs>a{BM^q(WBSj_f@}7lnf;F${KpLbg9d*i_<zvgKWOkD
zH24o1{QnCLELND-`{%Q-&Uvrz%@9tk4j3qul)2rWveov99bS0Q&7v;&o3}5v<$L^{
z7ic5-J|$qK-t^WA>>jT7HSB+~<wbw=lLpB8?tw9dKdX&j_cRvneZR5xlM%*!X;mZ7
z=A6JeD-rak-cWfvt%ED5?k`Asus<Me7wiX=EWa?On_j^V%pS-g+B#`EO(c^DnmnSq
zRVcB)Q(`cABKxfJS<{y$m&SU;f+XiYeT}Ch=8hYYlSpa_+CFoK7u|FHKG1>AF-4s=
zO3&$|>8NJui_3p=#7a7$YScxZ{u<ua1kYSDx_gtGMYcC-S+JXbiyYqH1SMFa8Z5dv
zqry%Ty&B1cbrW8<!4>N#)eUJQf!J4Uk7bMmIU-BBK3<p57W(<_4I6<G&@u)BXEvnU
z_T^t|hN0h%w-t|Bx1SfS;Sx_)A00QlB-UE<?!S}af0E+A{{27MkH<><|M@>x`t3mS
z#2>n6jX=U5x(D5V=w4RHSKOi2fwFwRXs5w`oyVvp*&dJevtVwao3I7t?LsvTfg6>S
zF;g2mF7UvhV(ii71E$L(wSATELeL*9dwdt@f7Eqo1&h_1Tp@NA&SgIUOGmewhy0IC
z>eXTzd(Y#Q38%vmbj!&yd#Qch@}k(Wd_4yHk*<g^$Qpsmd$E>Ciz{8j-Zoh3=E!xC
z8cHp?G--B3-0A7FPGhZ!M~U~dQ_*^^h}>39Y`AKP%9MxEkV=xic;SXOJZIX8O}QYS
zu1$Qwr&mmhSX46e>Gs%~kk{J+f{a}B^w!kOb6K`hxIM@51rcApAL`xUMYBIKh$i}S
zlVaChpB1$&8$@_u?V#j!Bi23B7k28T-Io{Mi3dKg7SjOh*qhOYkETx%f0gEA%19G8
zz22UcNWbRB#d&Zu{u@(XX3oP(yRQMCvOnp%oY%ANud(UlTCF1sg%%D|cP3(Iuyt{T
zna(=AW|!qcpA;k*H04^@>T21%QazTnJ~!^*{IVyz@u;I#b?5ol!(3l?Wle4H(ye{m
zKvp|8Qz2`%H{|w+3YFkqS@$8`CJSC5>z#D3YBrWh-2U}FJXpcS@dJ17R#pyc%gz~J
z+`i{4`r^~bD;4Fb51rTCzp|#Lwnhxy+m<hfRb_uH+xY40XI`A34PFY&WOl&OSm2&1
zPi~PO-`udn-zm<AKjPrTJRJ6}JehFo8>ltJ@PAZB%|I~@*j>`Yp&u*3{^UZ{CPiPl
zfb`7^1}E8?5_wMY8c3m!=2!pNtYugDwLkrRHAEijf-jed%anyLyL;O!HKOU&yI1tS
zE{42t#mFi$t>Rx`63P2^`92(lk3Gv4lE=rriiLf7oY=G@9#itAmqZ@RTC}4WC@wSe
z&Z^$Wfm|ca$X5K2?TT-!*F){t!N*Cxv@hKyOIPnL4G)0R?}5O5*4%8H05<%o{N_J?
z6`GtsH6*uCmpWQBBXZQB{{22S+MoScn{h)^b$u;%L|o1M&h>hmcM&xYf9&4=*^_Ig
zvX}B&GRxT0G%x;K8d!%ARG~Aq7CTF<E1by=TQ(YA_fna<(Hq_e*Mz5?z9i1|Tb!nv
zdkOD09tHk#c>D!Wm(_gv2`Jr6;Px+BS3yW*hS<m^U2&8w<$2V?;A|-RDwdA%?v5l!
z(TA2Vc~q7~H(x){bHlI1uhtU6!=#CuF_;~jBn9seeT6L;mDCT<)<>S*=)WrY##e0j
z{#mc<;=fOqtU+0khF}TIdxM?xUL~#Ngy=PsBZ=cdl(r@MubW>ca%#1^GjAl0tWXJ~
z&i4J6)p@btU8zeLVrl!9D}I3szk0ikZL77aEc%q3hs-gV>+H3oGC>S8+hz+UvRJjN
zC*%7`7LooY^d9oX9(?@P@GS!o3}dTjie#*)uvlW*aq{WvcRYE6)hsgP?Ah$A=KZyz
z`Xk@xLPSqFdW`p95Pg?Q*1u1loaDTF&y`iR-c%0`Xo1h4@3D0cy~vQp$?3NF9@Z_H
zAk=cSszgJ_vig0LNE#xKJn570tmfv8zvknoDmuzein#mq_a-;&XK;3I%ue9edM)#t
zbBu$?uH#)5Q(nQMMU{S2x^S2&wx%|z=wri+2hpm6ZlbYfroRl2z8D-Uxnek;CnW3G
zF@1E1!ad&u9%vw374{H<&s!R^oh)nXGsl}+8L|cXw5;7(!?9@_%qGBZz^`5%mYeOb
z=*$R}tXnT}^SgYSNr&O(oq(OWWGASLj$g3X15?`tRMlp?8&dCKK}9&ykXrH%FMQx}
z*QwPC-gzWL^f{mDvt-NQ5&oDkfi=6cSQ1ZNU6v!UFbn1$?ZOqBuA1u5GBx}y`905L
zlOF?1X#KlyO|{f<jmvuipx2qESgaeYg9Vl|31CI$Gk9Y4%jo<kuoa*KvgHcauGSg7
zDM>*ZSmJ02Swxt&eU}1#uXCj-kQ@nudJ4b<UJoL*NlP)b>-fLHu!4blV&6Lc>>JKk
zU6jHK+Dad7dUTL?Tm28+^V&ajQ((nv0>AI@U$xf%5nleS2K#>tZU5hfnsKm;hJkk0
zH8{7$n;n4CxJ^y~-0ecpxW(ZUEB_CB?;X@+_pJ@b27&_8dr?4Cno^}kML<MA={+h+
z6(T)AAd1qPfPi!XkxoQPq((Z3fYeARfzX>I)If^g?K$6j=J!0m^Ul2UeKY5ecb>l-
z?+H71)?Rz>wb#1Vbv5{)9Bk!J8;eu>$^xq1eJe(!v4z+d&7vdI?18#gXc-IuP*WHD
ztYw<<k}r#Op?s2d3Vumxv0wP>0w#aHSJMaGxz4#G+n$RBcjYoDFeu=d*LC&l0<3+X
z)Vy2@*EwcYkn*ONSA_XN#NC8Bi_J6hETMtfi(BEfPd_z}3g~Hcq&~O1_gxv@x}^J5
zBIrp8@1RP#Qv@_)+Jq7US@IwHp2y;tO&!m4adR%S3K}2Z4+@ytWtk|L^MAdE2+L6-
z7DX)(D7il~!gA7`m}?a`0s|FjZVE}%xO?TELZiH9y^oDRf(#*&a7B_Rk-JNYCY)?J
z)+B+aGJl&`AnX^4XJtI?Nxi%j&-?4b4&PPcRpY*-iqOD}9e4TtRAOD+Jd=%W?YL+t
z**@z0DC;xnmOfY{=*B(`lH@mg&hLpp&WDUNU22KCZyqeoWURuscznn5PC*k>k#+CM
ze39FTdgt$MHEhSsPChvrQ}uF39Y98U26(<*eeH0{5sAFwzD502@&SVnN{9eE7W<&%
zB05!rH*qmi8}MsR_-SrK;;DtJxEb52UpD$duOv%9cdR_|VrJBN&+^XV0dakHYDR)|
z2mmsbJD4<TzxY7H&$*3QpV=Fz3UYI2>=lSR!)?l@57b}3T*ls6YEdU1#QP$m?Ijw<
zo3x8<-S`UU=xkzM)xSITg8u1!(6Jk!V=qp*11V48rbi!0>xM+>%6d;`)Q6wig_E`)
zJmXTUIv2&H8vPmq5SPy~>)MV6@uf8%*&HDVOb+iJjoPXR)+euE?5q(fn<U&CG7P{Y
zL4W-QJ#D_#-Fg&~=2Q$TFpUCIv$eMRP&av7EE0R(F_^+yZ#FS1@G7x0fC6TvXrikj
z@q1LQuYn$UPt=2)Ke=3>ZA!T>k~!PbpCGP&Z~e3keMfg77>?c62-?plZbdcSoTD0(
zJ1p2|Nah<et4s^GN{a6Ku>+jq+K}mw?EE^{1+rQR%lq-fqBc9tqrvv0g;b@$?4G73
zl+uqurqR5+;XaAHHXy?3uh*~l&?U9^A;u1#l{lJCqKpXLhoXXY(;Bi4lL~o%wmq^R
z$><)zG}&3zB34En?5$YFD&6^3+5P0ORn)tHmtLKQr=?!g^$ft<+tF-_&~S9EUxjZT
z4&gKnfh7eo$cSpoeJ~2%iJS^`cuY6k7v3s*{bChdjjRvDwE^+5qAZv7dYnX*q9c<p
z!q?^0ROQ!j;}+Mew-_rKkG%l#oZ!4nEuuUN5fkPXH0~k2n54d)7Q8s<VgSUUV~6(k
zn^RkpjWac-i{pd(fiya{E@Qt%52a)mu^OYgvR^}j^qaCupKx`Ujx%7EDM)*%tLEj#
z&o7^SgndY#nJw*35!vqWv`69-uq=8cJ+hWH$;cR^2-!fKAXy)@T}ImcYOMb}CgT8h
z9c7oUkIee~-2ddwXo4MLKb?q*YLRehk#8CoP42*IL2FwKG_ex8eM;M9JQmNY)ZVe@
zP#9YYkdA)uxr3O2=0f{J)#`xE<<!%^PUblJ|I*`3K>^f0LmM{H#w!&&H1stopGU^V
zMTkI)F`wp5w}TxUX`^S<j}F5l`?p9A`v?vQtZkj_X3mw7y_r?_x%s2WRHV40U)0k9
zhU-(d$6AruZh53+Kt%+?UE8xK%;uWBmSzt0!uywY3pQzq=?XX>*QpnqyTL1l(Xcj-
ziG4O;`_y@?q@S}eiJWAITcX~IzEr_{KR^1?UwVYrS$+oH9i_3sFQ#>81Y;te?Xj@J
z!YA+D9#;%<SMg9Nb7aF^;m!7s;?0i@8)Wo0r9361gq$UD@23(v)5+Q?Z;zxmUv>FM
z`5ZLMX<ro$&9RM26|fl46d{gR;E^mV4d!_;3?CxmQ4-GZMSdyvLlUpR*<(oqdg7l0
zy<bS?4})F60xR}nBYSQ}tae((E`i3*Z@!7fhJU^phDyAfk^<Tk@p$#aA!R5{KIJ#)
z!x&n&WB+`7eo0rR(e1Ha@&i}vz{ahLq#p;63ETmM3G8GBO(`N3`bym(E{Tx&QiTfq
zdH2ehbmtM_G&<UF6)97nNFS^2jP*bk7t(S|u+*q$^KbRpHELSmUlRT6#<5?pEWGo*
za4qs}*hr_Q>JVHn7-?%z2J;=-t>@w?h%vfE#(WDiy<OlhcB)mw+bV<|04cJZfUOy^
zty(8z*NtnC;@xi(mICT`PKaLCVfwPb8XtJSSgq~|XJk%^3V3ZC`zV-i9J`X#jP%G<
zL&~G6AK)xZsFxIRd_PN<kO&d-3Vu_1u_aUJi!H>(<aUo!SgWHBxyQfjdH1Ia&HC*z
za~l5bxay*Cxb|!=Nl&;l!(lZJjv4v7|3I&FTH;8x%j{n1fNk2;wHkMU<Q-JUR_x40
zQn$a8a+IQrBFhHpyHeumg3vQ&5>lekil(+XdW;Mj-ZnGr)C!s?jJqv0P$(H6)2Jb9
z@N#ow&hos&lk$P@kNs{9)ypZ_-FbFS{sqXZP?@9QXcGN|qw1}LwQ=>Li;t0G<`Al&
zdTqns{tCe;l*U3~is>h0X-X1hO7L;s?RD5#%uc(&ee63n74z#qCG{I_Sb$}v-%RlQ
zB-Im)+EtxeA;KO%DB^jr>aQj)YXs+p<~{0IRVwtNCDi)Sg8WWan-1@tF3IJ|L4h@F
zL|Dxxm)oka!LUbBb4>&&K;EFb|M|};{Q#HIEcbZ<jMY2>TaBmhKrrH*8!(X{TSk24
z+3h>rAI2g1l+GqdmeTp3(jDliS}~M2niyEOZ&(8ge{WjqZ+7W*7pBGpDF$sdXYY;V
zZRB!=@Kdg9UM1DeHjB1O7EHq=+K1izRNK}p*ljgBBt5qHMXx3FKDrEYm%5hSjp8NW
za28@BU6rP=LuWfi70rK0DT?B?ifyGwY^SsYHbr9D8BlhMN*jZ`xQreBKa(@sWQ24x
zaUIqxA?5dPDC&KGu=I=mbop!duRU>erYE-d)~zidHRyO`hye2S5|Q(J1E0;A^Jm&w
z-`a#viR{z`wA>egXYLbYA4d*n)S+W&Em|e9d75rI{WCKgevO||{ca5?la&N)ggyb<
zkqg}L`F!dK8P;wsJU;-YjYpWY`{|VuU!vT#M747--Riyg<M=Or?=Q*SuW0?bXKQd#
z4P9l-h54@5!`3&FE?AMGyS1I8p0Qc4u!?A0ZHh07Uakelg<Kj}*T*wGUN%p))9*BQ
ze^ff~IF`SM-*G`ihC^6d<vvRvroyW{ui-^VezvM{tO|6pK1Y<-un_9jH@18Cz+;*Z
zUF!5>dEW<sk5Hta4kPARh%6I^NggyH9l@|4x0JS1cbMxux#-?4WUjotw5pA3J0STI
zy|qUu(u5W$n_i`r5$8ZunHyKgd2Y{NwmnH!?n<37>YPY?eU~<TYq3&ujb`S32O|py
z?<Z`K`^tptZn-a$)%&@#Sw-HufABDQ`382KgPPSyLo6AMukMD`(twy#^f%~4&(Voa
z^x0kEa0C}zjpfB|kT5?i*&^Oq5pjG#2hE)R=GaYt<{!(vDkd$`^-^wW)RGo<lJZ=C
zU7AuHtN{{*6b!GJyR*kJmVEnb&jljL-bl!V%lB7TQ?3pM+N7eMw2Da!gnz#MLv8Zj
zki1U&+1DlXE&{AS#_nIe6sME{v`D<72GgF5cHX-0dEc7G?>@eTG?K2^us@be<22ex
z$D>&}%|<D~fjQhG)vZd;H@~zzqV*|H;KdLDVg5oIK=*{idzTO?;#f}XQ$lL<990eg
z(M2ts_m#fcRDI5U^4(;OvhG<U?E$w=+9kLJM2O_n+8~`B<I(_mwVV5?n_Yj2KPF1d
z#Y2V})SCFybAXfM3BJS?!lQ0bMo}H2h<ldX>CH_aU)@q5%f6K^AJB6$KjCkDr&r|3
zJg=hWfWfp&WlQcbK(sVo-07w0lZ2{7;R+`aVnN6*mX|ZUBO&zg8|gJ*h80ao!l|yD
z1Ze)+0qVfK%jKS2Yv2gW`K;&O40CT|9~V=elZ@sN?6lDaL>uB1z-D&CcTBpXQqd$>
zeaG<gt%Pe&{VpZylz+df42lq2KG6^NB%1-eC5dxxo7~n!4h+_#WHIw+TsdoISKKSn
zZ#^%wTOaIHNd>Zpx*E~ZhB8tk<`JB*GE+U@1P;<G-7h23TYcphzgZPnS_hYYkrH8k
z!SqEsi}<}O`*!6_!(Ir4VBq@rQ#HIQE;Y?hZ$d@6b_45TXX6pM2gprmqdOriv|+xw
zoEG~8q0B-{mur6ET{AQu_feLkrRb1yx1vAten3i)ety>k7GiYH`N$U?wrHohM4NZ$
zS*vKU^5?zxXe#Lh^H)yJZQ$M9P1@}R$7?eAyHF#Pn;iFD&xIMw7^|F&WDpf)K6ZGA
zQdTj9cFm0x5+*8Dm0OXL@X}fx3{bAZ^Qf@YJrRRM(Sq~Fd9cY?p~HMr@fx71Oa`+3
z=xi7BKt9H%Q34ItrHL0Mt}_t$+ZxcDrwACcni0e&ibMs;QI>zb0g|($`_X3d5UDCz
zFT2>gz?2yUZa#7GQ$nPI>^Zm$5!%JVMY5LVbrZToOm>NK@($3bt;^;A>S6UVEG71}
zTvxjI4XxHyTW{J30GgcJ5>%=ZAE>}X`K_&2p{2c7-d9&e-xU3tc;!VY`GT#?nAxps
z{f_`0#6A4hD|6I7jeq>(i2I&goHs-G<$3>m8*ikdTc6lwslI4e=L;F|!}K8sgDEYy
z`#5iceVu>J#OQt=TAiMJ+W)b81X8p7s!7?6sE<#J-%DW04v}S8o#C&k8j|rSjOK7_
zyo2fg;{2`0Trt7pm~G?PBMac-%P8@+dUYS@Yqe;9)?fn%r*$Id6kFc4c_i&xCCn@j
zkgpA9=xqKpR({-M-wuTE``Po2TkN`cn_k5V<8d{~)#dohsYg6xW^B&WclBPx^j%ir
z9q@AHpnjnE<g$b3t_q2@0Q?X!J!A>&-H*8H&B=uT8#r15Dr7&MGsar*KoUX>2C}fP
z>TB<{GpW>H|1~+`>pnyE`Mfy!{eWe{zg>u%n&*RzY`EtKOeKqgyB`xB?|k%{e&oG^
z`>QAJ>6u(+j23%by4mLt?UzWXo}*>XBG19vZ3)Za@GCe%3Oc;P2h3*gnxm60*mQcE
z&h7rN#%S1QtDc+T*rN9YC?^F$jEEaRQj01Ko;NITjiVwzX|t)DZwI`|FTKQC3jTil
z)I!!$Z3V&&8tI3vpw7dhDjmm+Pd0O#n`5p`zq>DHtnQ`LGh7-Q@ER&w##f|MIB7%-
zu|ps`lLh<)wJ+;zLhQ}PP_?_Y`$lCO33|!x2nK+|4jeUeX++@?O~kpuC~|j_g*h{G
zGSl+5h0+1rozI*TqNO}NC&L~;VD@|y&}eg6ot1pq+6rrp+Q)QB2j4bd!KsW$EnpKv
z13FM%57{w2bWJ06qzb$+n@h%6_R@zD8&W7u+K>jmqG<KY!Q#%sp{YCe^YvrTzi3?N
z86&k5U$%(BVs3pI*>oHNKy_zVl>!aZJS296CLY?RE5AUieSh-i4c!^C*%hz#!+pqd
zNo<uV*5k4?pSd2~V0w?N>N;H+B+)q-+QL~)(#OYy4XKOflM-56L`D?WV}j3Ew6r9h
z%3h4Ol$r5dRETyER*=}DJ9#X+fOuloDO`aiHn&D87g|ud+Hz_{Xjvz+@3M^q`Dy;;
z=|<^y3vZY@7OrXB5dGdFLK_WHCl$?=RS4S?Po`nrcZa5?+V}6AC*SMw`rN1!-7leD
zFP`A#ieL-D2(vap0432g#zgJunY3W%REy^|=fWGK7&+L!+}M`eu$5=~di+?c%Da(L
z6e4E(H%Q_j!?bgb-!H*HV+`Hg(%?~RSEtd3&yCd-CRO91?POst65{5MnxB+o4&F}c
zX%<WU9%6N1M^ycUs4BLA>+lVIFaNt(j4a_`ZUin#{a8E5vChX8Q?QC)-hE26HE(!2
zIpczn84?-!F4r?KkZdGoDAzH2b)E-#ehBT%!tE?{zHUsq7O~rBcSVCuUb>uJ=UD+r
zjEO%__rc49w^=W|Gky|vH!qjL`sP9!3)b8{gDXe{=5@_uidNzemTjy%jAw=%%#N}0
zrhn43=Kx*1RUlSxKIvi7{UCEc$$s14TKw~nQq$&yH97mBy-fBj2@LGT?Pw0S8Fozt
zB1;F9-A?Mj8)tOF^0dr_8|PWC(m4j4eci+J@EA$}V*pfm3`P`if)t>e@K>f#l~N|r
z5sTSCahr6zs~d4ns;cU&$yssy6297X4D<#rJh!|lJdX&|<jd3rf}BX1nrT&+xSlA7
zc&(F#e(4vSjE7Y2A9Mbe{IdT(k);d54y)9#^JOx(Nx{^b0(^e)*Y;yNEX>}`>6~V}
z{`Ko&gHO@M(|%ytbI<$+Nh^r1kEV#9tR2b6rIg|P{VN-VAuuw&F2Ri`v7aXg<8D7-
zbGd)|msn8WEcQKZIEp1RDts!bB62@AKR%s)x&JZ1nhI3Nrc>(FvrX_H%dxRvgBM4n
zEV~(xHiJ?Vn<;PHUXQlOkuojNM7y!B3b8aHWuEb=P98F1%iQDn7s$*NRA2nNRY1~i
zlK3=4l2m5cPy>i|>;Kp-GY~cSEO+=3%OiRw=_jbVx8>Gz74N&*-2Adet+E)%8zS#(
z*CLrZ7w5Fji<2YdhQR9hYjVq1+Fe?ERt-c-T2Hc$3XM&<;%ai^_WH7o-6{fIJ^-??
zcGi2b=Mps6Mjta=H)LdP2OZGWBe-G6`$Sx{FO!>jy<5MD`In%w`U$gp!}Wbi93VNP
z8=%UtkfJn212_|93~jMUh2}!4gsXHZ89?%ne9Q(2_<*bpnU&0e=*|BF*ZahY-d0>(
z!nNBMjX#Hy`;7>+;yp$p4$Dq6)S4Bh#-^c<Zi)wS!nQUUfHiZTz(VWN$5BO+n%H->
zR$YM%siu?gb}E`&1SSVT?pb`Frx^oKL7(N{ASjR_{V!R*|DBivKqWL0LDQ%2hLQy{
ze}nYSBR~GzqxUTRxJf9@a0@R>jgX){ZmMh6+MiCe*l!}mo&kz>Q43UB%3_Nbpfdol
zPB4Po6Y?nuou0TY#Xme6*G5g?i?nT;Pe31ak+QD!)|UgPf@nf#3;pLGfd2Xa|K;}h
zTO}bx_3%GDVPA3|aGqrCKWNg2l86Pj-hOn1u*t@CWh%aigfI;Z`!}a=j{a||4h%=<
zcWZ%in6P}pp+1B<l1pv=<HVl7L6-sGXag`haQy%8MGXH}*^zSxywUy}B>rk1MUC$V
z5<+kO)G7Y{><9e^SM*uRwF+FXZ}1$B#oq3ow-|=cM^5kjYSQ-)xm{&{aJ~d6l`#aU
z478e|fn+5l4PZxqP+_<dGC@;@)J&a<ck|U|tK$ex6#@;ONVXTH76C5_Ru(?kLw7Z2
z1UxG|B@>K+k|a9tUp{7E8Tqh+OQ{Xoa`Ncj^as$gbO2_zXbwW*1a=bu#rtpH77fPw
zgLig--;c1NIMYVze}i%}6Uaxnc?)Wq>@o#B`wme7)Yq5WfUE@BWWNyr^1ec>m=KUO
z#tMKVCK?dBhbhy-z>EOyxD@vXcibtwsg`?q_~kbUT|rYoxJ&``7yaE-DwJ42mVpcc
zy>%>m4Y?E&1o0c>8iM(^chdd)Yjctc{`E&E{AKv3eL$+7g>;^VG67!w3~)={G{SC?
zOlFt>kg-u4nsf#A8-xdZCro1&cf>)F{8NHK&@P}k5H-IL%S-b#8j3XZm+?315q}Qf
zli=|+#LgUmFs7D}0b*0epjPzmWs(H|rZ5K*0|0QjsEPkK=vHnRf?x&(P{$Vdg#GM6
z3S|m`8wWBQ;C~(eKW!OtG;KtK%L4OU3wA^Q-Eswgw=LztzfOqmUk3lY2(*(&P|p1Z
z*^~eV4m$uk&5QnjPPy*BEjky72SSC{eZhwW;66YbrB?o%=@R~KT}h%Y*>IT_;sM@T
zN5l#L#iRPtc4)!`EviS+Z;&Q8;2_xCTHN0)2b2^4Zru=I%KqXy|MCSBUNl5I?ess6
z`Hy4%WljI%nE&ra|Id#3A4k|fJLdn|lK<H;|2fM4XO41<n@&#5*)D?3O;;x;+ww%?
z#ZD&{uW&GfghJ70|0U$YtXojn+m`gvKl{FZHV{kd-M0!~e%$}k`>H@La528;$S@R|
zoU%u2$m!D0(dD-`Eig*`cF=rOIN`66|K9}m{~es@`jN^1*sXUkmvjk7$;pjJuj7Fz
zNAD4m73l$lQgOdQy{n{kT8s2=&~7Rpk?&{&Oek1EixRW?sM|<V;o+zJYz{VCkL~#+
z<5J7l#vR8-iP&ZnTWT768~U6gn8i&~o#6OVGt=d%-^J0HrAxoYmriA!rhNIJqWzrz
z`a-N@&D*4@r6L_~i|Fl59J)aLWAv_3RBp8)im;Bih@eO^{Yu6g=y!6ZqB1;(?e*B6
z)QjC>c^CQ35;TRJe(2_8NsZgvVxjof69o6`=YoP7HO|-e?#X*gx(s0}(AYCumVH?g
z`K%;wlg&rC?;~rzNDuoGI8Ljl7^zi9&8}?HCdwNU(BVyba}dtK;AaP35EqPGMat_3
z;VyhG7vmUT-<G*^(m~LOv&fe$0*l|VB2=Iw_Q1@r&)r=XUO!ilQd9i;ovS-e=nH(j
ztrMFsxa>8H6jcbiv-j|mZ%$R*kqZ*K0}1@|!v@cV^flDRXXfEn8ZhA$yN~PGFFzhN
z4*e2`%{HIE6Ma+6xi95m>x(NlBozJex*H`DFBQ<-wiBd+dqjH5c?+df)lln+soT~|
z0gjQ~!tct^4z~>FQXaMouIyL+0+)<e`%RA2?rs%1^cGhZ%sI75JK(pXmxg_CpRu*s
zO=&2M#ZGVz#t;?jsQ1zPz|2dHO%HV3P|^{%@83eC@5p31OM-R?aT853<6C|htnXw+
z_FKRX_WtSTx{6D!qIdu>Exu&n@<e(!i?QBaN&lxylmyNE#(tC8;EJ?Zh3Si!?wn(z
zd8499dWx5zi~4G;!eV!aZ&xH!&YPipcol;>5!K8UbJ^Z)Z*(gGfbDRT^JmTUipe!P
z4aL{@%%O66W@jDcG#`Fbb5LmhaQCRf?pfXLI&?=jW618Hb8uqoK2Wua<F>bRYHztn
z*l!lA+i%E;@!Gk$teqgo#T>add+xc#Ng;+xx~wM|4e}+1ri*=wj(?DU@BU5k-R@w6
zO1@5t*iR<X6@DZI*N{FAZ^SJm1YC<&Rtwc-e8c=SvB%VY`Aa#1iE;&~E)xzq?Zv`2
zAAcqU)Y_~RI$FJ(y8HOXE1v5Qy_2qLxCYDzA*?st_X6Xum=De1q-pc%`Hfq2v;pg_
zcm-klH7@VfGM2ce8#IAWR^ktbrY=RMCNthhI4J88BfwU(OTbV1`n9@KHF<wDJ(@+c
zyIEM6*bJTu>u-xwd88ZgF?%tL)8R&35`(&rqUNy1w|KT{iwB!KE#q7D3%daHOMb3K
znE97f7&2O27GD;$;AFLHQ<U=f%5!t=MAp%r#FTdCo7W4v5R6DT?;L`04SB_`9bX~6
zXPLw^sZ>?*eSAS>HTy?$V%O=?B^{605!Xp56+U1eousDsF(FV(Qifrw_|Dfg@6E*A
zdqdJ$KW-)Io$VFK^_)0uaU>K$D3z}k&Hs?}&Dp^T=4fjE)9TF&{t?ZVQR(uE(`kLl
zy^a%0?rQR@IqC1EdR8jS=5^a_wnB5+6cd<c3<P&G)ca1R-Ph?m8#`1+%ykqHzPqT`
zd8t>?$8_$JUYpJP{J3^OfblzmB3(kN`jw_XvQ>Mr>Sbjm*En5zUf3Nb(NibGczHGG
zT%s?dp4`tzlDylnxv|hEb;Ca7X=D5)`#F3~*vCYNn`yzN4A_FCAjUjE68gQ==JWhU
zNGO^CPs;PgOUA5E)JzMv9f<>IId6emI{ctJkMG~%|Bya^lSb4ii{q*eh~temlDn#3
zIr6sKHvZ>9;rGlcuOe|yiE3VLJ?RfWv;>m0q&$1SshtN>3R*vC97b-^H9;SuEivL=
zJ*H25g{>W*_*hhumiNt)+d_E8WD3T{YFW<0ybUnEeJc4__r;dCQhq%;UcCZ|@?70g
zx~^YGTTbZFMa>K98ewXh9S2*N4J}fKRs3-L?X|aqQfw}L4ewcqm$xcS3_{o-(nqAk
zEgKaNeVS?OYDWT0oQf@(o&m+(P8@O?Q^Qi%+H1C)9)oOsd&L;nfu3)fh&hSQV28G&
z;0^4^ike7M_M@-dXZX^`ZY?k9oq6wo@o+s%*?3aY+c}u;N8Y08@@xCzcw3lpa2`^e
zM0lmg`B9{3ZEXXKYh3MXg4h~JeL?a?aBJoL$sQT?Tp1%ZKb)+~bnZRh!CKZN*A=tN
z-`JifjXBFjuTta*4Lcn<$BBMT67l0;`oe;#$#1b@nVam9rm`Q0y}YsY3nP_cnSC}v
z;mID<P&pfD<+ZG!k>)njg(P<<3J2{!H)MR%MG<pU{4_ZmeSvE^IbMx`5VebFHwwE3
z8*CL)A~NR%T+IDQ(lU&H*vsSK8=z3e*^Cx*@SN$`JHv~A`ysX5XZ4%M&<;fr@v?Ks
zSl>y3fnV?JP<c~<94E`J25_%u`tWW0a`gQn>fTSU+y|4$K*zwuA^Vp^`B^dC894V`
z=K7}NK(JfK_?tC`{B}2$oN??^$GDkWp>iFUzFn45W>&>0138JWd=Y>`P=<2&vpnC?
z+On1M$GXOh3h~@xfoB)Uj45Jc<6WN%uJ<KY_)riPv8s~AM2nZwBBa_97~*D2rs?oz
ztx1uMtDIKN-5h9Y^;O$2<AC+y+7>Z5UFKX18gFpH-TPkCxVjn=@hCW)XK@E<)So_o
z=oi^)`><{!=dJg7s=c4bq#6R^`E|&CHJE(Ppb$0>8Ttix$?q0^Rc^i2VNq6O-(+nY
zY8rXty>5e_42g+HGR$EzhXr6GK3zf4pM?s+qPL9Qf@NFxiBfExTsj5*>NB?IUi`em
zdpn6u=T_0(6mw}igoQ#Xa}7i)wPDXrnT($Gc)t5U+u18Dqz=)l3SQ`gpZN{4ANdVh
zH61&YfK=oX3=<CJaL0dxFg3qHM`nrv0VqNma%He`7Iy$-^TKG(```W#N(3!%D$oBY
z_IjDds0<V-isq3=Bp^jMZ0XkFHi@1sKx_wwsQv~aV-QsF@Fty>Mi$DYBiSB`liY6*
zyo`1^<k^wdzH??L8?7&J58W<Fd^Dejhl!8z&1_5B)D3r5pB^~m^*-MJ<qN$)TsvnK
zaq_D<m>)fxFK4}$k(%Sfv!OuMw?U&)GzX+bM&2jQC8jN^g{IgwPd&8wwy5RHTj1P%
z*S>qk%LqLW-Bz&N+bFpEpus?6*AK1l60{b4YIY0D-7X|cLKFGBXcx!!gwL*LELKmD
zJc8_`a54#JUwsq5uli`d_PChJY`w>O3twU-&b*phxT}T?Q%xy~Qrshm$JKULY^F5m
zjDP&b^Sneo?4pb4V{3J`ccM(8ZVRdg@8d(0+smf?Y8y^^U-t6Sa|@bQ%KkNdRJPt+
zcPQ-gQ@dcbMQzw8*m$r_lbe(>4>`6TsDy-mY~mWfZ{Ob;`S$$wqYTT@vQr}P^(-gO
zOoCP$8~i-s01%IYm03W}!19;7(n7?ePa|h-GB4$S+Rlqx=+kAbPls2bLyN>%A;RuF
zU340k7(pxGD-ere46XJzNF$ER`E7l@qJ6MJ^X^z9^kc<JaK*eZm+LqK0cSp1;|2zJ
z!mEfI53nn$(o>!`Yf307%^}#3D3{KINb6gE4J{zh<1&~@_l!ERo1!2O3+k}o7Lsuf
z85q<{4Zg{>GTH4PM9#EG3Fmbf`0@IjJgNfzgoC+#`+c!Sm~5FO;_D82uLOb}UTV(8
zIT60#wB0BP_2{`vZiA7U7k?~8w9zh*vP&uQBb$o+ZU@me?iS|ZtB$D*{4hPIZ7w;T
z4f)PjIoc+KtU&PV7Eza@Am<SJA(|L0bM9A}L&?hhck{zfM){rw-4VZ?+!t^4FgE<g
zESsr-$AuPg?6uglfe&gNczAX@h0RtG>y#!mD?s_&INeQL4caF)QT8>nNkxR2^#=_k
zHzxEe^)ru%W-U1HGMFD`gJ3yjbGygAi3A@ymxB3D{rPa<y?`S!<Ok5hrU;GQN6=H`
zm2%&cAb8G+#*q(%y|^jQ)dstaFR)+MijFpZh?!~`yzNELEXG5V$MgI;ns41fKEf%+
z`D5Ap==EjPo;QQT>}Ya)Qth6dG<A9!HEEZShj<1(zMgvq&M=p7deRv+9zsv3=;&oG
z@m(xiZ-{O8IZ)$#m(O{ls$}7UckhLkpbw1P?}byO-3-;Ms#QD{Q>?Ry=61*+8~tZB
zK%YhV^52^+G}B00cv(iuacX9hT0q6R=7nKjpa2XD2eW>~3TAP8OV?#BN)JB}tJ*Zr
zE__a>_fyrvY#w~VC4*K?%mv6+zEn97^^Jz%c5`l49-^-{6ZsQr44xHcI;WqxbDTZ-
z(@Ti(v1o$=!BgH1d^?b%2DfdE>r0n!nmiwpgjV*0TQ)bFQJN@H&__K2aLIDoI<-EG
zwSr|}x`*BT>m<DekVTW<_J=wguiPzAPTk<h+T^|7|9p@rYfS`iN*T377+@Cd_L2bq
z&EahQ=lVn&Q&5kf7`I7{p`brJnr^d$xvlB+r4xmxyi`q0&9`XuQ}?RrhGWf=+)7)b
z#GTxQ(i+GKe$*;;&JQb^e1woPaD)%yBx%P|*~#vQLSvqI&9#C{p$oTpTLzx?(YE}q
z)`Ki+D6FIE0m6U^SpQtJW7}YBpl>od`UlRYEpZZHqMAxKz{}G+pH&Nel``E3y0(l5
z<prKK<}eOfp_JSW!{_7Haf5@mN|vs07MfqH9ky0`HZm<!htaOz&5fsBn}#XxI}a<M
zPp%u}0a#{YZe)I1&v~(+<L<W~)RWuTlGsdMOzL>oSme`&urhghv;krE-DwANB6p-z
zxzli_&gfp8<G>Q`!G&2#TTAPXdQ@Z=spqlMC*x!E!W<46H(m(6+AdgITbmXH6t5G=
z#^y<GzE3M-bm~yqM}fIdDGsE*a#$aJxjTUYvep|gX9GTMq?B89&FFKdH>0(>w@yKV
znzxGVLA;>>P{XP*ZBcF@1-k>nOloGNYrr8{nahKUKbn5l)XEVO$YX^HMsBM0o`-+m
z$#QHl>*mPR@qU?G$l6|vomNLz=$a^`Xv;j=YZ<hgtebR0K}0u&<8yiTpuBKv(&3!D
zmZi-g<4=;I-Y!)mU9*p~1LEMk7^f@bXGQbe5y(o8*9@R$P=X3bELLOU<BBoCLTZt$
zq5*JmH$3b4vwFuQp0XmE>Lm&TDle6Waq?^*@tS{^FfJ`UFxU&W@f#l0&(#u+Yhed-
zrWpgcsnYHZ$i&6TO)#OXX1c{GyU}SveNguL^1#5>T-Oy1i*7$nWm0Y4nvftVy9j1M
z<{EZc9`6pnKp3%p(MSG*ua?0WE5S_SU;FeTbDax*BG+&WvYQOeeCxrBKn4NPx}zCR
zM0FyVDYm4NxpBhBD*900I8O0g6XM=>+=XDv7tA|u&ZjMA!_K6ONrx-;(?-#}O_zzc
zFn8;Qr9O_;Zfg8ovzMv=9AoeW<8}3fjn?)H7EOm_QU6ZZCda(?#a!t6kxc-*iJ(f?
z1D7Dc8{6Fx8o1!WM=gG&2V{P$$ub^aXtZ@zv)6T>5h<Pz_N1iM>}JYKdlV7e$!7x>
z9u1MSSu?-Cj^k0t2Dh`z5T1OhH=igS_@=_x>&`mp`8?QdagYc08)QzL9quaekpZOT
z@WUI44wmCHGwK^RIF60IO9~JJZoP5wuEBA8LAWDGC^^m{exd1c&1e1IiFH!n*0$zP
z>W5vMP5ymXQen}$Dl)Q33+mum*b-B+uG(MtoiASE=YbMem5e+765zUwp9IdiWs|zg
zT_H8Xn-hSG#n+bWfnUJoeKNB4d)hbZQvJqVG`_!JR{k7e+?{00a`#X~g#JCH%&9Fz
zbF7K!Y5C-;|AlezIZLH<_-)sI=|;Im9iC7NPwie?HaS(cE20sL)*8MPcbd+aytc9v
zS3%)k^RSm+kewSe%{)jcil_;V5jsIFXwoZI_q2mWW4l%#OVRznW<7Oyuo4yab%m=r
z(+*AK#C6CfB$Bv|Q7EF~SXww&>+r8jj%m*%m!uo(PxMb_xu0*CU25U)GB|%<_vWFQ
zK6B>C(Ih2yb;&r|w$J{c8k1{>0!n}<HWJQtvrrTyBGm2hR?@zLh&kxXJdFCID|eF5
z#96bgyPU18H-FbFURvKPRx&7p5hR1%>=lUI8>{#zn$TJ(4llSI<Ip_56umELGf}hu
zGP*v1*BkUj<_T}N=<`k(bK?A_#Vvw;)!e#%N`xNfL#PcYRebvSL#d(Tq$v)0_L_4H
zttwy3z497je|$Q!It&qlU~cxw*?!a0M2!z@83^ZFPx_H_eF2KfJ!!Xj`p$iVW=RpM
zqpx40z36Vk=f?2MmC~nb5bj*YPh{}$e7|#dPsHPkKURBs&)Wn!j@FEmHo4nf+zr<4
zzB<yz$d;FKo~tntK2PPLJWjsMZcm7;3sq(L7FWRYwY%_c+XTQ~6_L`iC2Hlw)Z3Tl
zceGmOv2GM&<L$Q+97X^l5Fs`+aj&}@Ldvf3vlk}&7*A{aKCfcBai}xjC-%+Zx_?||
zkO-sEg@y{c^^OddaJU_BrZv&2!-Zm;hB^r0BA(?l8>1zS7e8~1%238R9lVGFo%RbC
zuxNX9W8=~#mPdyVq!g#ONG>CTM<Z1VJ5C(=`MWJBjQN4z*!sr|x2Yp^r?9Xhk`6{c
zuh~2|=}Vw%EQNL73D>vLFaDU*k?B?qPP+m+Azx`#a6-sI_LkcVVmX8m20sZX3o>kp
zR*k9$m#}cVS;)nUgiTFO@Pa28mcQTp4ax~^QhzVXvl)#gE+_0kqXK~f@yA-<{jyF}
z_>iSeRr&LFzD~9)#f-=Ei)VxO6g~5kM~;U3DBoQjrtpWzAS=Id15{!83|6`_IEZ}D
z>d)47YF^(i$e1Wo%bbRHzi1%&0HYYA-x|!<R3_e^-6WX_v-2bHz6~uX&4`#6e(B33
z*#)VA#$nwR;cED4`oSN+@T2GbMpN}Cd9^yCJA3Y<uYJWnSH*O;9?t<$iccQ{qRq%T
z>^dnh;E><6pChv=5D@)JZEzz7uGDINPn(Cv)uQ7<&RB|#!(Gb=OW&-X<&TeJw`bg9
z9wtv)>zzLjrMua4Dsnn8Ht}T%DWK&H+>(?|JdR*>)f8_a)I~tui)PkLJ{<g5!^R%x
zsaW!H)XBigUavCNc`T@E@lE@t;HhT-BqO*qA)>vl%&QE@a5y7e`JYBv1P`VyMmTmY
zwLJkD(izg}73~GNuNdv;DpeaEG+><EWQW!OOBsCxJ7oev&`q)i91M+6t<6bI)f8*W
z?CRfNk^Yo9cU1%TPKS&TxdRfZ^gruS5~2p{g0kS?_M<hy2IX6MB=l2n7jHMs-unUE
z1%X#py07=_A(QTgZ(P372`(c~;fk_*X(O%~p+?%c8u$FVY+U+&Q3Bc-!8JkAq86V*
z$0-)i59goxaB?(Dx|lEP&Pg6<+UWsJ`|m*(K(ch2Fu(6f5Po%2vILfg>k9lTu|)m#
zs7mMP7E%JdgHxOjyUEk(4kLFT0lhlxdgX2wkZ0)BOYdbwEyo<96{8i*?sJ+w-~iFP
zp1-LxPAjhfKoVv<+~%?w2V>IEg5+c>cixY6;cEYw8p#S{{!B^EWbM%kh0NxLl*W@^
z>UqO%vV<G6NY$JD()OZVB@`aKRJSN`Zg}h2S?r?B;^vk3t@_HHh_fg1uC$95i}8KO
zYS1s<r91Vkz9EY}MX7ldGXMzEZPV%`_o`_OLqH3%%`D_-KleB2?nh*=DixTzP#;8Z
zDv6uc44@5$OUnBD(XX2kI>8nI45oRIBD<qoXAw{Pk-P0B4Ehb)c+w1fib3*cSvSJj
z=um~_1!7;$9=KVbOxamp=^h?^pbdf#fET3^2Zo6K{g!vge{D<V0R3A!RQs>bEWQIA
zm@Jf3mU!I0nldd(>ks7aZ;x&W=Yk0j(1#jeK?ESLPD^UH7ll~TrV*bZ9mq&<ty7F|
z1xst-c*Tb`wy*mK=0j!Om$-<RTL&GDuWj1v0eE0V;wxGdE(*N`q#5vKYsKatOSDy_
z(;%YTQr)K_VGR`~DfNXz2O+v|hwOm~`|Ib6e}lsLNUebE-&P0iU=~3%L)8^g`nGhr
zM?JwizaS(a*&zDO83_Ph{`xsnL^~7wAut{Ocqo|wCY5T`f|nqHEX8=l@)VlDP5VFl
zI@2Im#P^n6;RgWrZ?GOQD@#eZoZoCi;{i?vDm$7TfqVHI)Cs^t{`T7Y03<0rctx`y
z3IP28(7>;dLm?CGKosRFri<lBBIF_fJ_1Nqq6_{$(k1|wkt6>I)@29aC_rTO0=*5C
z751Q{N61*=T|<h&Z%_z5z!0nZZzD~b(4HQ=KZ=*21^4|19YZVx7;vuP2<;Fa@Jco*
zlSW~oT}k-2VgAFKH}?dLDC9I6kfiC^&X5GeIl^16B8Jq6%2bjt#Z35bgSZ<Vrp>%s
zyPkV^AWJy~P%JJgSd{(U-r&EEA%xA{k!_~`XV(5U|NqR|e=Y5Q*4jU7?f=>xQt=45
z-JM(kAi~lFS!$5cZ&0C$#j?@gcX8zK;7`QYBUC$L!lLy^rqMwuz07j*u8g!}cRGX1
z;&Xn%{ZHVyfb_yUcat8ttRKm*ebHyK&bi`MLYF3MiZKoRFe2R~Ef!nV&6n!vP;1Jp
zC-DiH8KO!FBn(s$+vh?`9tDY0b3<!0GpBX#JQm}bnZOHKU1#>cy4t0dv5xkT<*;*x
zFiJn$TyVyiH=Q#yovm>#jHWW2&}?gQ90NaY#mn+gM3ZfZh^RbBBsRN4&U)42!mzaJ
zguA_SsNjd152dM&Jqs_c^@nI@E!WpR8@JNY=ed0Aipkqw2NPl$+ZaenEj9T>+U(qG
z%PDWa<j)Vbr>l3B=MuVvnJEv4t#{gwV*O)Sk2^<RRyetPHX?CvC5UgeY!=92gwSIU
zPjJ|7UBVQ$Z~a(hK@E3oo)B#y1W>)|e%DNFeKK_|%VLIe?Ridc<oDvSqS(+lSNZ1|
zHcAZ@yCLQC172$|t2R@yDG5&T;Ef~szoV-E8cUU{KmQLJfF_4_blu070puH$#{@%^
zU{N^G<@9R2L410@vDo!mr;ArZmdTy;DGu#V9o$mgo}MEuahS~s!rkt6Y!_0wizS@Z
z#a<9?Cu`b-;INY7^PO~ZZvq7N;<ai&#okmi65s;?O4+YT1>^^C1(NXl)xe@y+Ig5n
zTcBfIUd?*5gH7G%aO$12XN^RQ-#mJ|sK@g#Xr$#z$OxK=MhDX}B+|!eioj&sthuUQ
zJt|)38>>yJ_+<gx{*X8ZxuOOCK=2-Zp_U=}eGfdTJ4=fpH0l#OmphFj{6d&8;?4@w
zeo$6x-6B^uNzNzX-V$k|$IDL}d%jw=n+lPr9)(|2%vM^$7=Owb*-Rao{QeoJKNzg_
ztiSoze)4LM$kGc1XJk$b5WTkQz)#@O6DQ^nowAWL7YUFy9LdUBx~1$?PA#(4jjt)P
ze5hNj3oP$3mjqgqI~4?uXt_*s>TK9sN-KoLXpPoNs}AGtH`LU&M7vZ}RGv_58i?*F
z_j>IWuQPu7rv%*#<zl1)k$y9mfM~O3iSRYBz!$YQE8inNpU#_}CPfeP_=XKkkN+Az
zc4@lneqzQbDTb_1Q6b$dw_c@55w~8!<q^UAi0Vn#hW_TPYHGetG*gUd=**MIm3QRt
z<#cxxj!h2PLSBQNw<6HzLd4yKn0~;$=LFq4XN1pUKSnu}O-{M;JvTo+<8yj(9{au2
z|5)e^^^DE`B#QVWPwgmtC?zb2-tdD`#lrst<9~bfLZL;Hh6OW)oF;V{u>d4xF-5L~
zj$}O#spWV1U%oBmv-T|W_Io1;+k>I#T@}Ql8~_%Nv*^GP%vcW9r@d)SQi$Db$z|7r
zON%u{270K{Z6Nra^_((`E{M$L(NT(VGd%*E?8VT8tOypg2wBQU02NLw1<x(!o<ghu
zQRug)0P=?q*^8BgY-DKQ=4iUIM{}_>OX?tHa9oxY05A(2381&r{eOeHfXF){6%N4u
z^MGjbavFl-ik5H&sIL?JNr*p;tb>aQ0C4_0_3^)bF5#~Om2LY0?AFc)fEEwHZvD@<
z{bR}h@TPyf<gd%*pY`_7Uh>aA`Ty<2X*QWdce<aMr+;~#C=m`#Ga2?!Z{@%%CwS}J
z{dDE))%N2moTOw(37T+^<xoyTnAYOULKWESeE0B?PMSJ@{pJ%Dnkavik89Uut7h40
znTiATzImrjiDJ0>kkkfLp-+wDbJjq`+1Sn~<1Z>lqsoXH@x7%I0)Dk-T^ky{Q?p+x
zSOv45YK_vkt}@>ou)3~|U>%-6i_f_NTd{EcFl=ZZU-GQ3E+=Al_p|NU;;z>vm6nZ#
z{sjp6A5CuLTM*dfykqWsKn?j0RAK++_=I3AbWtESc~Eg5wSgmgt<U?npY~nvQw!oP
z{F2JfA!T(#=c|hP4kT;uz+wYP2VGos`VE3$z(;~1FXzm?<B-{AMb-tbAD*g6E2iL)
zsLV;NB~tr|TRC)Wub<&Z&5tBCn3b&?6WVhL<^~t_SGi_1yuZr2JRW#1Bd(vn5gqi&
zOoDTF5e^*vr(`m}?vS`|R*zTs_TdC=?Q%)CFZ|&5C`Z}ChfvO~6OAJK-6E{L6d?j;
zGm885X6kQ{H9<g3<Y&Wn047=u>gL-DEs+>U=d*kV7;ll;6w&vzQC3))fjiWWq%RYT
zdXTwLTi3we#2@iaRNV7RrDu*j<o12~rG(8P0K197p9OjzN0l_s5V<Pc=C{t0WCm|r
zDy%-W^Jy1Y_ZDm!B9HJq6u5YI!HILtIHawG6HwH^V;2w%yNU#}qSjMCDv;ba639xD
z=uJKLjc=3cRk9O2l|wrL_jISPgPjcU?n<~0^CR_)u-L%bv8J@=6AEiG7sGhX7A$wZ
z<X69!qC4hGUtBhN>`;~f(I>SM3ifYO)76EMFqZBN=Jcn8x@Du$J$K=`@0u5h3ViP}
zuH%Qq;@4ET+Gg(1;dgXIA4iuH!+LihbU)#Gq-#YXeKVZZ1i`L~`2-f)APTF5%3HT*
zZ^SJ9$Zu?^i};=~fODI?%C+%6$=p{r^5mHYw4*OHGLZSzyoPW)s-Y{>4M_@>jH>BZ
zwF$Gy+(n&saxReYE`NM`>PFj^?H=b>3Y;3L$sID1b9rPB$4dhG;{Ek&-OdCXj@)k;
zfohj2?W0^Op2q9GM)fZ?a`Z~@UVH&orYI9$)~F#Ts=IJ36e}Xc7U1MDdhJcos0LP4
z(+T>>S_7~-sySW_S-a|Qo+fX7h^LFnxgH~G6W}p<M`8>8Q*<^YlfbgiLD+h=%S9~5
zx@Q;erh1Z!3=@pT3fQLxuf}Z_+!;S*a-Ow=)lawT`L*ah*;g$b1gCacdac>P;{Ynh
zFlLs}@O;=OSNid=VdvZ1Lq$h*k{5cz+m+w(Ec+Rm-4K2oa(bvm5-vqe13Ln~xh8as
z*zzjBl@R%JP4#0K0nfq)i}Hncyt<w4QIIGl0y|JsAA0S`<03i<;NK_bayw-wPV6gF
z-zjb}IjeRh6WQ_I?am0NY_GOo;OZF{WlY(Ui$zk`Pmzf`sQT_{z4+^#WEERvd<X-{
z0uPCUi{hn&bWx*w3CCs(idW>nZ^bDsSqe=rnVvlF&5<PHc(T~9ivh5wf~H(ZM@HJl
z9@zxeu9IODV~uFDL(Cx~npo#z66oNXpNVfBzqQTaXV&l4TRp2RtZ{PTdT6T45pFKk
z`NjcYCw9vHnPx~>-UPaBkH{v3_+~u#EQx+Uc!;8sw>~31!sS-xR=mfH(w0ow9wzs&
zrXQbs%l?Bsx3Ty=P$!tp%8-rLJVzT%g2}dq@Q_~Tp0e(?9^Il(Q0Jt^mB3_;GpG_a
zk_P%`s70sR`@NQhJY%(a<v*Qw+giKy{y0E!dc4Jn`VO)13GN3l9ZaBillYDv|Jx%F
z$%OU?W-F0diNJ&<(2@(`n~>YUZO|0Fu;V*;M5qD^7(U4Cvi0Za)<2E(-SUWoH8dXa
z?tz_C8^GBsLTdBn9-6C)AJmN#Z)q8o&9ADiVV=CNKK%K;qX(yV@~dvTM&U5@*(T0H
z5)FKsa-*8~cIIN^_~T(?CdQ>v8?0Cur{m7)<U#S=^CqBTdd~q#J<~f&MPVgs8p#vQ
z2^aF4eQ81zHIfxEsMDT@=#wKuWM4U&ci|Gf36rLf#&vYkXSCrhw_frg#d6<y+JR%x
zPjeaJ{6t8{I+D#*b-Z>i7qnK_pqQolEOBzi)nEC_@CAkV%EZG51!-+bmJg3*<hl#5
zSK^kOKPmFHWGLk{T5my;f*{+PLHW%XD{6KVO99-0kYy1ff{}u=&Kq1Dv>E{qr3M>9
zYV;SV$)c?ERwtIskNH*lCBF#Rgv<dg5#r?gu(CF8K4`4E_Q#cmxW%}*)Yu2L{OufJ
zrt%yQ>Bbx#EqmwR^PVpq3JQGv$xM`J69nBM=W2ahK|Uk(lO?GU^DN;M+1VHaM+2=6
zYcbWDBh3m0{h;@a^ez|b-<;Gw9ks;u{GB=P@ed>$vbbV*Y;BAzJA<N0(F&VehF|Vn
zwjp*6%IcotaBcE?%j2hV8($?gMX#IaPu{|?6q_$Epll#Th*jt?MqM*{KOqWN&H0(~
zkN^z_xJwG10`UDxXV#nLEfa;-+haTXD*Ez^u~iaTdS(wJ-dq{%20D^~TQJ;`F!da$
zW?JEm=+<-iUzwXn@AKRAen=@a^L1dq(gpuCc{e${%h@b{Bkg`F-3Jq|&w7OjNVj2g
zCCr!e7mkC*Ly;mBy`~AQpP`ShxlXb5P&_lKvgMBaH9zv^9X?52o2|^?!Y8|lV;27E
zjH92ZDR5z;t5KNp3~LjS>s1lu*0{&6Ta4XPd}BR|eAPT)4mNZ$+B5}J+&=qcM}M*l
z6M~4KT!T#P31mGU33LhBucH+ojz{myMgqJ$ycHDIu_mY4cW{f3$Z+2tA9tNW+l<Rt
z-}EQf?!^hXRK3z^EfAR(%^+fj<&1wWSLm2xjVept=SN?O1z0BkbCLbmzx&V$`u#uv
zN8Ht~YyO4kQ50O@?6>9iVPa}B#rP<DA;<3XwTHT?N{wFxHtqAP)HMi7vLrJwr=qmO
zW@^JhJ2~^rZIt;L;dJTAn^)hQ)9aeKs;gO>TN^hO3}!FAt{Tr6EQq5W2b!fNJeD&a
z*iR6O_Mty0{<DK&fnj6gg@WC26nEM1t=GmPmKASp-VB8nv4!l_i^XSo4s^XF2!DmJ
zgPoaVzaH7A%qN^FTT}MinQ_f{tt^a{JbuTV|LOJxvkdbarB;!L-E@WH(de`l7lD@Y
zBv<T&tl9*!-vfT2?U&2%lfbkhbUwUK>qpbmxyHu(#5HUG$ijH5yf?~ywMo|pP7i3w
zo_u}>c{6$c+PJze0W&v_oa5J5k%1c&^lP-)yZ*50Ew&e*?g%lf@oK1vy$~;7b!;Ji
zsbn--uTMX{o8H*#?d3`*A<VC|HJBOaijW}n9R-4igdYe=hhvOtf4Dn-sSDWhy(G;u
z2s$-qnwXMdD|GI-4O9GE9B)WJK**>Z`m2^)GvrZ2)wFz%<_kf(2PtK2FZZ!`vsdeW
z300X__bu8K4YExr9Y-lk)*?}c%O|u0)8fGn;7DQSCUBXn>c`9?U7-j@JBUqtDIh`%
z^;o<$rNFp!lR-)|_{*|}O8Mm0L_+70QTqzTz}KZ{@@KDO#+%w?6O`QztUL%M{8V;1
zz)2*0awI2f*i2;4fZ0-&==WAQIHx;z$bOG}pVk@J-G<{PHSFB1LO~fxaBZ&(?&iF;
zr={&2j?c|bFGa@2>TJLFQuDSqBJ9iwM{7z?Puq|n?MHQJ#Uus^eSW|6JmcqQ9NtSr
ziyF%%$OSUjG1sc*e0$)(8+hcef|Ufy&f!+1H|j>z7yy!_4Ad~|n2?j&xj%&mwv{(_
z{N~mC;q`lEN{G(~(G}`;&^%HS5ByBAE7!155u)vmjZwt?Cs))zB!-VU<eYg^&m;E4
zWIyqjZ0R`7V$xy2xpG^00%t!GBGx?zWvc~}(Ptua^aE-!O8fpN&%U?%`s50g>)ytI
zTw7I$7)6{Y(Z=-jnYv!V^s4ur#<>8Hvqy4u=aoe<6Y9d_%O#zS7w;9DMlZd!OHJrK
z+y~x%6zqgNx#|yW_L!JjvRcrlWLtwuIQC5FZId+%_XX=$p_)ri(r6Rrnt5auSfeg6
zEvn{BoF>m63;j=}!cxa2@D+aF(^}=}SaMU({-%VdXSDs09di9>a!Yb;Ood|@FwZQ_
z58-`1P_l)H+`!<G$6#{n_Du#{>qaAm(Px0lJ=OmIY45y)n(V%Pj};XaMS2TLl`7I}
z1O)^H1eFd^>0NrLK~Q=T5Re+B_ec%WB7`E+yM!KkPbeWki1&HV+&lN2_jl%;-<>;i
z<`(~82A<?e$j;ttuf5iHeHP}}Ok$}&xhhw?mmPblYk`x^mWVtNhc?UwPawj}JSP3h
zlyzz8->g41HDl}k#@HHdrW-bGO~GuRYaS74XgsJ@*CgMNagA=@rXBJ&kakd9Cp^um
z=|h}8@!5P64^>nlH;1`>!c_K*e8`8%C;1%G=YF!S-#Xz&V{M3eHU+j-tM$lt*g@;6
z5Z$pk+tQqGOj+vN*MCGNq0hP^->|0j8pI$@fl#)%N4HRM-p?A}t-y?N6PIn&vz0V~
zZ=+xv9okh0qX+EVtWhU@4MNjCS(RxBOZ92{(#>Aha1D7&)@?mC%7Jk!JmuVZ6n!8+
z5Y-Ix^@@81gzBlLJ9E%JK1B~LT-^CZKIW>+75Ws|&S-sJS>EJt%JuuyN%^9{ayzrk
z$;;_<IzSiu(V)TK=`;>e4X}dD0h{iq(i9iw(ZDjTyzp#<Gk8|#{-koBRb5gN!~Jhp
z#Jc9J>(;<lU{)18I~W*ltI66gLSckTQ=$EfEu}$S^(Xo}yj_ek0l$89n)AijO86bU
ze{v0~-rl~tmF>6bGfKB93)$@SE`V}&b{8899fo`O1>A9BI1xS&dD(bkHW$J-kZk0A
zwUA=*p27yd$OLDHn(64KHH7*XKzEsHxA61yDZ@-+R6Or&o4gXMQ~h*xTZOCqx~p1E
z7;Hmlk20jRY`e+75i`CG<Lp^QXyTBY5exlvGsM^#1>t@jmrFC;v0smqb1p<1`<Jtp
zAI7(C$z8g7`Fv7`_Z9ejSdhn-*j!2*HNAtr<l&IXCwZwaot#$JbL6&tK8A#fDzSX<
zwN??AjbB?LMoJr(o&20^@&`&3M9ip#vYXCzz^lNKja2i=quVJe4HcogLW*nETdy%k
zrMxMMrtYQM9rq^<ui}$9Wr}?ZHUUva3`@J>y}@$Ftpya0m1n^SQk_3(Nz-}rc2(HX
zlG5%<u+9Vfrd;!$h*!mBtdQvqvd*>*gG#_{ydOa-4&4mGIfu=6EAXGR`G&@^BTLq|
zunh*me5CvYy@5qR{U2AHGHOALOuascR#eb16hVj{^rtH{v)g^hJ*4=>+ro!!y4ou|
z%YRp}A|Y4scC6A|G`l^g@ili&`%hN}((=d3@|L^@_R<6<Jg6sDo}Ydux%*&suG!X`
z$ILb9v<cZ1OllP=S*@ropCkBLC84$Mv?<+oa|_TG(8R`VPUf#=N#Q%9zO3z;pmT`p
z;Oj>ANKDUD4Cc|An4n&15KRxK&~ow>$+=x0g=&|V$1w)%9@Wk18x6xcoUMF_sv6j@
zlon>4HW-_7ePFs|BCtnmV`_(?yO_J4ej#t-1(71r6G07K%8GcExeU;G95}=yKx|H}
z4a8*c>n~QCa*ybZ{@Qyxv8z5Qdgv#kg=^@HybWVdv8#r3c$b+^AWu>yraCi!98mVy
z1j4z2V-35J3ax%;7Tq!6TA#0v>pP9Cmfkh!X+)XEPGq(R8jP=}kZAhJPdb%=I+Tr_
zQ$G7WF_$@jx6*T5P7Me|VDqrF+hCm5)(!X(I|)#|CxA#Xrqt~szW_-$h`yO|RkB$E
z|1LR8d~{n-#8}sAS%uZBmrpd_nZoJknID{NC7Z>6FUbjXCFd<d_AgVDE`YwmoUK87
z#}J=qWH!6`*<(;6>^DV#9RQt)GM~k9&b1@H>x6wJdi6gWm4M#PQg840{CY3KtBbPx
zk?HkW;lP>+U9(i!^`%eD&6AYM_mavyO1CC)GI*veft%MgMp=^yjz@`lZzbSF0mUq&
zMwM_P?r2*Oy+`n2-^{sxOjD{Fa4kRz@^27H80o*9D(d$(V_d|L6C3iR@m5a)Re$IV
z#gIQsjugM+T)O7BQD-LV(nM2qg6wH3xL$M@MWSI)s;NHBfmxYAt`e!+;OA>DH`8`u
zMQF|KF<%{EQ8<N|YJS3ilKh|sZt7=>_TJI6j&fAP?Y`N8OTQ^BPhWQv=7`_QjudUs
z@L2PUmBR-O;m*3k9;e3L{nZzAzuj>V$U_Gy*JQEm2$_w;UW!~Ny3fN~{9spmOQphL
z)+a()m$FP2-|y7g#l0eEuAP4*(TM-J=f$6qUAbUOduDfK3xeNi0~+$2SOpHTGfi^M
zQZ&-J;wHZzUIV4FHGhuJ+eSc(q1?h;RpD9h*0!mciea^fn>ur-Ul!!c!vXl=`I!Q&
zrcU%MwV?RU4fKLt%}ICJ!*(ei==nhiLwv$IO9f}gYb!qa!LP!jo#QCr$hPTVgL5I!
z50Yu27&dS_gK=|;hrj)hNUBTuI&+k|V*b_#Dz2(2o#-GhI#vt1m6_{+vQ35vdXR`_
zwywcbFG$78pP5UabU3B_KEsLUpRtvsF}dgWbp19!kbIkT)pe?u|E|j179&OC{K0<K
z8Q|_-;_%~YNYyWrHc=-ZTB2J^-p(mlr}^cB+EHj~6HOe6vfQUT$b*8=)DtId_kkm(
zGMU%k6wg*FS?@=5QOD`L({-j-=c#<Z+|*d-spsXBVnD^He^g=D!1&7i=->9l{i{c=
zfB(rnK)C*r2%NAjs$gqe68r7{a83LSu7E`MkgOwR3am6L&?&FR5vCdNhk^@XUCSHr
zgLw;pt+fV`GZ>qPg@9C!K(RnrVrLWv$i>9Qny(P|TF2q%8_njZY1hZiS)xow1Z(^h
z^jR)8#c(5OZigBUgkidQl$g*W3Jyi5@B^S64t2%3QN7fJ*tgr?uD^E*jA&@i{851>
zqXxxcD__J}H%&qN-tg~JZmw}~zTza>os#k6O)DM7`JYG6TnD9KioH$&>?=)y{b>bg
zozNLcJbP0yabU*b*s%og<=PL%Lfl>Lhwn{|549><$1`SzudsZ#$hx4G4P9tSX{N>R
zyant9t33mt3mqvXDOq9TbG3LjR^J7`NSlfmX0v`(ck5?JG&3&kuB?=|)Be`*qVz(>
z>+I}O#H`8c4#K%%wMJpG4NTKWw=f&sd?|<+xu=4Ip<{Tubt*=jJ&JhX&m4RjCm7L8
zJYdlo<!`*Ux>;He@oM@w-e{EFEDbbHhZtY7Cdqu--dEyKgt1Mb;*Q?!>D=6I7<=Ml
zNygv5|De+tcg*)(ZvurTg$a7(mhqMCjORz#5;Rwq1Jq$B&!LhKR$E!m?J|S|#y{}N
zi2UtRXssq2@=(jeFn8mYXnexW8VawO?gso);7w@5{7#D#q)k6fCq_aAh~zOj?E?~7
zwa>D!*V8^Hxi{KOd$J#^qWR}XD!zA0%vC@Air47+E8O}6vBe*2x+PGC9M<&So%P%B
zgR2u~3Fv`+E$iMb@eM#9kvqefh{ha-OGw)c^Nyl>Op|t}G~?-iJ&Ao-A52Y|<wuAh
zcFjRz(+<&cCJK_EYiquWF;@8-3_#SyK21~Hz~%mVbtYt~hPpmQ6$3}&+qi4l;RBK0
zknvTmCmp53(PcKynT>}BW19#4;Xoq|A^aX8&+MUjV>7T#p;wpVbZSo|z9l=b2~W${
zaXw<Yo%+;rZa&u{B-%g;Ki;W$3vUxg5-YR?-OL@{54Zx|^hg&HQ)&R5iFf8*>aPT?
zelc0jhI*ZstD@h$0A-^y@3OP0%>@5|mv<GJ@hoo7AomB$<WX}VrN9AL^&yFC_I!Ga
zD{;k~7~@^EUSaPIU~VHSf=6$w8P0`D%B7}eG&G#aEWYSF-e0Y&ohfm_(ki@7yZT$f
z+W3Lf=_UYntoqlD7ykPF++?HNiMlPE3Ty)ee<A9?2MZ(V6lxasBOIK{jQYA9ye>sf
zyuQojGjS!cAwKmI<8u8hW8ff|n#==5bPmp%&D#39v}bZ^HI8hTc@WZ1ZW$w8xk7$&
ziGP&~<tpM`*$IK%*EKx31h7HJ4&@d;jcTT7+Lk$YA<Uk6AFKvYe<r!%AZQ_zdFrtJ
zCWEJA`y%IvUmDd)HfZd&9C>`qZ|E^z7OCNkDsk)SJV)0?gkw+pJHe4sH;Kbo%E)Zo
z(5#u6-QhDIObWrr+Ty0+)u2L7TW;+owlf_9-Gv3rqQ(bz4A&D(%g2VboU+x0cAVs9
zdkAn$)PiCnp7J~UCEO_@+*5?reumNHizim|gr_DMd)Mfy{!i9avpZKhJ;G$%DCvfY
zRM<GQjQDJbZ*vXS$xnMskzvxge)#hcv*!qt$V&a=`II-8R@_3ZS>B*Cf(4e3@A}bo
zcb_@{MSgmn{TSI8UXNttnu8}wr6JI!#NUWGnnzM6ntV2@?5TejC^%L#t=#)Od?6CQ
zm3kJb9H>so8s|8k<Nu1dg2Tc>epB42hFo5!uV}$qe<imM3CZ)N*$ux8p0~8!77jJ{
zIlGc<t@r$cn=3?gP^}_13$pSi_LZ)?ErQ!&V=@J0vlgJ^kB4oYneTO2Ky?WDvNY5V
z%iGOIl?iCMp9@X4iJj0j@-6Jq>Y97`0u*O1N`&Ey8U0@Yz<c_NSJ)Q=n;rxlZb-AR
zzBW`^iYjyd{M8~<{+zbxOrvU~Yj#rF+G${LvaFk4bb?*&@s8IHDt&i5;LHL7sFjsH
z>;y;GA2f{)+mXd_Bgf{+Th8-&sqa6(uv*VK6an7RcRZ1F4-WvLSth@Eid<P!<kt)z
zr4iUjFQlIeN%-ls6rJGf-xj&FTEJ{405iV%j6tS96LaX|yuIU>^&wE22qV+X7r|Pq
zaj1#FPJ#>Ib#Jk0c8Q?8GaI(ptvCJarje`*@<7$}yd9LGjVw~rJT6aB%WU?(I>@e`
zy~r&@HzVopisqZ$O4W;-M^KC7IPq+F6=c}*)IPuoPzfV;6)cQTb4tm48?xMS(c;!&
z-xV2ST{cnIpq^uW(riJkskt+YqUZc7tT|jGJBi;;9<IY_8|CteUe~~yxRsE78Dl4@
zN5eUaT2)`skB4OJxIV;|_U@l;Bu8pw=%dCDmTB5Y6YQD}w@HWz6P1dM-xTyrfy{wD
z%@=UKPG%3=uaiYbzn`?2G74I_<Z5z#`c094FibolWZ?QEU^WVped5iDow7i;j%;Y|
zkrlm@oOXh0lw&5<Pn6BI*sKTr_D72q&W)$Gd7IB>fde*T;|pTEfc{9*PQYboHt;uv
zpJEoV9X~q{2-Gi-@7OBd8WFMxX{UaP;YqZce?APWdKo<T_;uYkko@k2{+^zn8VT1;
z=nRzcsv&qA!VF%d?Y(s)4*ssJKaxx8l7-l5@(fonO<8}x+np!Aw;&P&jBgJ%cJ#ik
z@g$O~0a=Za^|OzOA73PDcXy|j?c^=)Z)I1k%}^5C9YAPU)WAl{Gxc)fI%c$NvRhD?
z*JP>gW0i-w6ua*}LJRNR2@ZqP%B$e*$Mwc*v_M+;rsj8PPW#3tQ;rFJ5_?xGtV~{7
zbyD(j1i3~YB}5kKMtPI#VF~vOVv86HCnQ#2J3at@mP|RCX4AHH<(%unwTph~y}Wa%
z;5)dnh(fa#f{&+={#stF%sb13$SlY0V(ka-ZUsAZlbN9nEzNwVnJ$f#*j{fvTu(Cj
zw$2UXnU(?xlDEB6W5jJseZ6vutI^t1$>$??6*?KW)>QZgH4z7=kR5)bce%rr6Vnbh
zuujY5Q|iKIuE0SUHCY52hLwy^EGt<JWXC6Eg>Z+K9^2I=U>0=VK5cis@}Vatg-Q8=
z)p<*11oal%+>5HX??Q$43$3C=cF1Mwn=x_>7w2~_?7#^DlZ|nrkNl*Z1roO)_XnRH
zKruk3Lt|WMImyJ$&TQsnbJEGBW)_jUFZCVZ`k=v;DxFbzxN?LmHY&Y4K+r^CCVA|`
zth~3%cFt2xam~d9dgX`CGK}BLwx}0Yf=E(xS{5y27W|X6>uH!HJbijVDbZNLmT?97
zD7o)>JZovi{W*=Gh>LEj4omfSyQ%574{62tzec{(t87ZHH{aUuBP%fUPc(Cpe33v2
zFgQG!IV@bbQK=jn)rK+ua&5z|waaCz%&GjfjqUhi91Hf0?3_)Z1aGHY6gae*o@jw1
zuk)l$s?^4{ncoTK!3>+t(k5m1A0~{xQd%`?+Gw}sbzOnG8*C=jpvnZT1TAynk~^A5
zkkp-~S;(GZ8gUrEFn<Dsyh4H2HOfB?4`Lj&P($L~;4AqFX#siF2~vsTb1qp=S<m(v
zzIn`5aaIR#MOgxwH@s1d^1AuZDC7Du@?BdjO8}1<TXvjQQn^rmf(*~p!;H2`Bh{&M
zi3u0{(JIR5c2C$Ss*6QatVm!+z(qk(sD`|^yE|}L0*;lHhtoBRl-SJ()!~o?owu9f
zcgq(CwZFKC<CQtnFi`5_AB>hXbZ<Far(B3RZOyj;+tJM9{{R<|A?w+Ua&nk!;{923
z!s>3?d!?(`?BN;fdmR>9#i>Us9n!0c);X>na=y<9e4mzYRcQ$$%414k`Ww!j-=Nf3
zP!LHS=l;DO5-HJZp){h%=D^_Hbs;~^g~2e`=XJWH(>MLQ57m$&yIUN4(J$aJa1cpi
zp~NLZ^OdVBClrolLxgWWoUGibdR+b@wNg?4;`1XNUf!Wbnn;C6z@U`v93>tc?YbE`
zIc#`a{j4V_Y;??m8pX<>-Gq0|$htZQSa?JXZMyYE7vd)saG&UI;MV1%2K-nB%r3hb
zI0pm;vZ_v+pnYGCdd4)a=%J{@gN{GV?{X6O(PNE)!EQb)Q^PS_X~=^-)E#>ZZs{8C
z5>iG6e8D9_F4Lqn@C@?XD1Cp2am|S2aZD+_@UeiZ^A;;CR~rrcF_;k)mU6(fkb?J2
zPR}P6JVg#7@<+u#IkO4w@E}j*Q$)}0HmD_jjqjVv(D$UXlNedaRN>Cm+efX>?gyiu
zqvn!fyVkPQr!WX??V-VvQ(zISMG)vn+v5Q`CN~2)xKIRGf_w!yUx=;MJv=@77wpC{
z^FN6x%LHpECjaG${fC0tza=#Op5XZ3$tdPSY5*9UI@m5QIweaO!dM$Qo{W1iR`BHH
z!84lkKU_q8gQVMi`bjb-<YFoEQvd`U5I_%NQx;!f(tMtxMpj$?mO{O-jxBy(Kvlpq
zR)Q+RWzrqm{Ojj~a7!-7g|kNwft~pPNeBfUp(x2}pyR4kSU;)*yzI}b5-<UHN<g7e
zaSYJz5lo&{`#1Mv7-7pK5Fl~<bH|^t`ZG)ZtdIX;i9mlW!~cUe5mF4nX@ZZ$*eJ;;
z1Zw|FNe68H=j?$lYBvmM0=%(~nDCyHCHF!uitk)1&&PEBvdXgXc)9D3=6a8>a({Vs
zp=ixiCX_!(!}P1S_nyKwOBWt$`mD&D-n7g)3u%_FaOI!eoM}%&{>vDmGN(WcaV`&W
zB1W=l#6_E5H*?tZ8qglsDGGqQCY_t(i>W_*(cK(i%~KZvc>Qd5O7ivo-xN%UJO56^
zbnq2UoLl?8>uBB-Y5aaae!t?y-PXK>L`{|1fs=GH=$R`}^}9?>VuO>#)JTf?3*?9%
z5K#_HvTkO|t|j-QfrJ+pNO{cvrZ5r%9UT$X{)M)5AO)1k0)@XVz;3-D4nwaygI6<J
zfQp?eKwIH3pT_q;?*xxM=_CgR-UN<&+b+Zat<KY1pTIaT7_k?GJ5G-~=Di1-15WDr
zG@^ARxC)3nbrVs0)CY;8Kus_F9qh+{`d`LvlEAxU5fb{;vIn-ZG7s8STn3_7BU7+J
z86aRn35YhM2mfKPLV+?1Ff|Dk^_$|}pU?K^d;2pd|ExEr>_4{T@0-g1J9ct>^fyH%
zAd4j0L4xaDqEMB9<Q8*mH17Zb_uu@Kd-ubM0mp&@r7_7KF)BjjhLcibf$ak_K70Ih
z6#eOy-Lt&j3pOyZRcROLc5H=qrq8q+veJ0kOKo6u0aeXQ$_V=oK4B7p?FVZR`2U{R
zhZanMGyzn|nLTOXTwC*-Vp<09U@(8Feg9Q2uBT^IX#e9Mh#0vCylbc^2m7@-d#rvf
zK=kidDE#jN!CT;Xp4dAM-e~OvDC9%UUWjbiTrp_Zr+(!WY6!qhWDWX859%Ouor8gD
z3#q7+0|*}6!#5>5*2Fot)6&EMv<YogUjVc*%*k={sO$X>7QZQICb=3K8|&+4bZ?ps
zDi?S3^z^P$@-*pSCk=_b3*#Y9)z{R%<1tgvbLyHvs_)pi<`cWpE1CBR52~b1{eS)v
zRP`IxDArq2^}y+URLIRtL^`ZvFk~~G)H6S_n?IfADpIeKIZty)axd!xMkMP|p+X3*
zdYp4?${T3H=IuRU!Ov>X4O2re%PD{QmBiHUilSG%xdyN7Y}2_4f!Il9@eI}Ua-JAZ
zYK(tzQp7S*b=`<vm;SZL713b-^?Dr>lX#A?@bs_sr2~#7Sg3F>xpoSlIc0+^6Mvj*
z<F>E?F-L^>^8ixt7j^r+54A%3)fti#jqM1`{yc*PCs*&kgGRhCL^@jpX+M}-O#4Bk
z19VZ55ccf}k_v9)MC9pcS>T}Og44xb2?g_6`y3@^esR$`0lq7%-m(d8S-cy}X2KDt
zfE(npIokVk2_Y7zo$2X-I>;lN2t^94_J=)1yaT%3fSGLR<4H2OYiSNW=h>yd#%`N9
zz+{4IqU#@rTvC!2fTvK$Iy`HGRkXow2Fm#xG}a7|)ByMF8r0xLEL8xDMn&Y#(+^Wt
z**CucRJB?G^#-3aMihNem|>(Z0kuT7R1+%Vo5?EQG8x+0HFH{WU)p`cM|r3DEAiEd
zWD70|i-@ge0I*K#@*++ptHy^B;;Vh|FPDwj-tW6Ct6c4A_;LXmv=F@#4T%F?^gz)B
z4iaR!JCaJ3?i20Du*(q2)yu97;oGgGL;ZLGL3QWvzbQ)R)x$GC*WML;WLny!CRko-
zx2Le<;4@uDHqY`NILfUZ>^+0LF0dAN&0h+4xQW2`k%x^(OC7fkP#0mgwkhU!0k;ry
z9quW|n~bD?YsLQB@#C9IoeCRN*sxZBX%9HR{!&1Wif$QRVyDP6l(wPPjH3?Au^P>e
z$#9AtrDv<8yjpHaQ7-f2Y{?`KDIysn0opO|wJXr_+*orFYvDsYIR&6iOT=r1M5oW`
zh7RCcb}-DnmXZl7xs&_c&@7o8eXG939~`@-vIePR@d*j_(i^&&ck8t5gCqHh#r{sk
zJnO3JutxpMy`^41WWLv+BZ~`H0xi)PkuU*YMmswiZ$3!OJWNq~AZN^{yye`>ZQX@4
zQ=}saoqiEl(Cfnl7_`cUCfPW73i1!N<sYT^JE}fcXCHEn4i*48e#-~|vjiF_Tw2=m
zSkODkKNU=e1Z2jY>E(Dc-5wx?V`u>&u(*Y}Cn>(#>F&Zscu8#E!D6kdUmZntn;y;m
zRVmQNMK|bjjlW8{A<=;lItZJ$(!!PRw0PC`uA}MSIutx1Xwy7;i?~y*%h?)jAsCmj
zB~Qa2&|IsDntSfH(XRe;9H~V&<lC^C)c^6EGwV|p-nFr&5JEL>HnO^*_u>hp2B*-M
z8E_Rf;k)zRaciz(jPt6LP1g&vwGWb&C54Wx<51Kk|66#m@36D`nGS7fp>NBHi7JUY
z6`Dfa!guyeo;5sATUTCHrsof_wLYURO<~<ssjhyoRh04Oev<mL*!9UZzv_CF;xSxw
z(7Y3NB1^RSj-uqkQ${sv6|WtSr1cei#;heXyP1|EB?AqGhs4T%Ar%>SXYbFk1N8GY
z>WTZ^4~T4~P_$Nh#{i%<tVvBd@k1|YAxCoRV1f!&KGCxRbaJL=pRZuxwPC9|BMwFl
zj^zgifE4-5e6_&<ga(i$!7dT?b~@8|;uo|G^ze|k;)tz=D4+ej(4V%nk1Qjs_NaV*
zR2H42Q$O$<7sboXLEbgrw0*jUK}OcN5Or8IYDUvKgoGek4`sQE9BuZbj<TMW&`(s!
z+ce!QV?Zvp=AW$=>2;DH&r09P8FudiM%rB^;KhllKNT)4k}T~1yl#-B62K5CFZwd=
zpd<D4V};#}a$ddq6%CMU(xb?UU$hAi<gJ@wL?hgZ7BM8i=XxGC3Urmb+J23@_x<#*
zjKrAFCLK$z<AM~~nO1yz7dbD;z6eN;GqCY=Vry8d?OC!#JOQ8e2LnqhXc#<iv5K-h
z0b!bFPos*CUL9`j`lC2|rsLARrt21Du*nb#DCPW4w2)Jy5>|7E*0%nAY2<hys4{D4
z;YqsNJ9oCl$2{iWR5&?K=Uh{^7&K3N`q!(btD7D6ZBlj3dlx_xlWIh|QmCIk-g7Lk
zj7Z&{yju(R&gUfr76wtAM>x1OgbpcT++xLQwGX23XoBN6qUO9ALmR<2*SGV%|C7yn
zr=GD&L-X3f1g_eT&Wxar_X`T?X>^7SCPmL$MkAdNVKDB&W4Y~W`Q=WXx>4arlC^tN
zJ>S2^GWJA2IG^~okK#Q1!R11wUO$HKYLHOSxn>UHvDV=9)c33#gPDQEv`zYYk3-Gp
zu2~(g^c#VSjtQcg8GdBQA?4aUgo@}pY&Pt9+fm9sc<(2@>sH?xYwv5pu8Yllgd$1!
z0rDujxj^cI^ug$n5RgpHMIL&~Yeyc6gu^Rez{8p^Y$)CzTE<rkd{#(JKY=}9c4YqO
zef6ojqko4>Qf+4W8UF7lFF>)7D(^7TIlPVzj`}_6VJS4RgF%Wwc-GF7mQ47XI(pT<
z(nWBas?g=5i2SV(4T;bDknw{zS!b*178^W`X9&mu_>|AJ(f94q`ny`^2Rc2nEU$4{
z>05QNe1tdNzw~2)W8_TBw#*vj1?lm4_3X`65L@-M_(S(EL@M;LROr6lmC!aXB)*fY
z*pG>O&oq8KzznYw<l!Vu@~XneR$J5z&*OUf3+;}%1mv8bw(`AHj?a-)PM-QaS7nKR
zTERAcP;it<)9ra^HEW*c?ujxtuvs}I#XmD&J7jk3X6tPn+r2ON)+#!O?p2Z_d)p1A
zRp85bNbVw}fI<Fe0BT3|alw0e9~+l46MF`F?2N7BWp_902ZjP|U%NACuAiYyLoLJz
zpdoDABr80m9YZMjYiFE+2HDDTm!}luEp?29dAuz75n1ujxx(grf;L4l;U@r1KbY!V
z7prPM+%B^$pC+s~IYVzap<`_kC1AUqw~C-KvMh9?jk&f=F=`HV$<CKnPcz@Ho4c2E
zDCsJAm-fkzViSu7`d8K07sr_auaXe!$>-UI*E%E#q&5nZ1!QyVzT00ut1T3Rj7QmI
z+1#e=uMTODzX?cF#nZ|4lOx5cR<^wzvJ=fEmY60)cKxhHi+hMlfB=qV&N?0M*9xYU
zm%@>com@Rx6zDbmGL3s3mjM~Wa0I;POvbC5Mp3HTOLJH8&l@kCFxsMSR0r6!87men
zfNwzcy7ig4qw7_pXpzXuQjI-RaW{=9TB^DW=Tn@}Z+pR|N|NvgMoxBobq;=nRZL(*
zAm7nUe%0`{#4QdaGHVXaqQwz;pKL5LV-XuEm-rn4MV)?Vl)|m+gzFK<I~WL(iWkNl
z_p1X0v`va?lsvCicIX<bT$+DMfAtrIbQgyWOUq?Y>+FO<d)n>~{H(w7$g@_AV{~2O
z=8dGfrVrGFxQPW0->(H*iRL>g3jn%QPccWj;rX!Yu|heDAzR))@=zyywo)N3lzejv
zC}&OYAPlY@C&fgUVA&|_iUQci=Bi9yt8(2nfAL+~N@mMw2B=zeB#Gh$u!Q%g6`tbY
ztAbg(cbogZ>=33+T0)sx@iOu@N#_6)ONj*5<QL5|=5mO3FPD9o>%yxRr*BOAdFObV
zJBV?(1vH33n9N3!8SpIg>eQ^py<@+lrQl)0RX36`DIU`Gio;ICT6jV=Am}>P4S^rz
z%Ow86`O{+g^g@X?94eSb3#K1uQc3R}aUu7$O{8JSJ-wm#(e8aXKWx6lu)$H<NVg4B
zVSxw6U~gk|HI5ne6|T{cFtdKS%=xyQWu&EO7t=n!59P+wFv_}>_#HsEJRf(~R#CoT
zfXwCp5U*NPU=P3Puk+^EvnDwWS^UKN@^aT3V-*2VD#wFD#<^S3u4ZbT{g>@_p~KkR
zw4}ibTsyK|TF|-7QM|!NSh<U>+c{Ph^Iaq*PVnBdy2Kx}r<Ev?gQn(Jr*K|&zqMfp
zOfR4<(djvY^gUJF#kZ{F8U8gb&WKEGt<>#uifJyXLb{bkC)sE%Ewe5<?7--t!!5^B
z?Wh><?jmUL*v|Y|n#U=)3pbNyF>uFWHQTCM?^h!6x%g+c(v^^wqnt;LE@6;LSfu=e
zO#=hsmlD`(W66PNN1;?_;i)s<sl}AoDM12P(x9<ceqJQl90Nos=B`oS`cQzZoVQ;S
zxI~00J5u2DZtFjnnU(tQnc4OK3p2C-Os!|?Ea?t$34}&m-XOD%Hp*FG0aa4O*0!*q
zu(MT-Z8?YF>ol3yx08ar^ki?inkWJlg!`!QK)E=5JT-cjdYxYKn7cf}CBMbb-Ht8I
zWKk7YFS#TasK@fA6D6^@|Kdb?W<}i9^Es_Z_O1@fb9rB(SY%RlSA<^e4$(v{td&4!
zPHBC!de5|<8EwJo6IZ+9oxYr^`1)uiU(}E+b^4_m9<IoNOSfmgFl>M(-x!)zuN~Yv
zkP9EO?MZlCI&9fhC!Wd+7G-<;eHX*`{AJDKZx$u$#yU8N*Q9Or<PSnWJ^7dZF_1XE
zmQB*Az`Y1fEVrwQ*pBy<S&4coa0ShHJ8YYf4XAGy56Z#w-tB<W9Hbp15f|nw6^STw
zZXR{<b}gJX{(6$Dc1LxRE1K@d`Ey<8KRASB$Jx-9q9pHH@c%U3Dw%Fd-W~^9E^v;3
z2$947udt^ubA10>4;LnT3?bW-q0Zr?<l?&zlpoJ)g@#ky%eA!F(T_RY3M+)7+XC;w
z+p|DJ{wg`dArrgu{V#&Gt{8>l&01TohfP;q6Ee1^3gE{0bv}YF8KphTVfeEfk=1Q>
zIBYg^ICUU$l{_d53FXAACW792e3NIv{@BvrcqAM1!*;3m_282fx#+it^jtTduWU!_
z_ke3ng9#2Y@|<}<apxT}D}+krOM8Ip&ENr3s*I=)Gj<<(q-dZVNtg@JJX$|SK$`*C
zSe9NWQ85Cy_)a?2OuBH6$?F1=&t@5XK+JXpZbi9aNWAyTtWxz*&WQ7z$>Vu1%LJJh
z$Q?AD9P+H#6h6o1#AfCfv3bVUUo>ZuXxxt;XJ<g-NDQ|+S?QnE9(heU@A)soK6Pbe
zed?scj_7W_q+&CYD?k8Wicn*%Tz?Fl#e&#mHSZ??p*AGCXyLN5j-8Uq%G#<zSf1=I
zr70WMnl7#+_E9Re45~bTon0Eu|2#?ET@$u;fmZkVU(Kf|{`HS9CwUk+?2(y>4y`kw
z5eX40L!!TFV}IWIEt9UIe)+c;JFlAwbh;Fa6wL=iX5@+E&<3pE#+Cy*&HS4kmhEEy
zLp)vPXxkUh+M3QJFH1dkxu6%<mv}$;E;pJ-_D?*l7-hBctZwkNEkovK1?U*V31w-W
z?Sbdu4{?1dpNX*f?VQt+g4Ka3&HMdtEY%X!^FO3`1w?+E<1eHzV9F*QcYq=c(g+pv
zlhiki)^APeD5ko)3W_F*S|3?Pmz3OgEIMEfF>R+^&=z=Y6<NfSk=1u1;9=rasWHh0
z^yrGci)U!XP=|RSsO`w~IH1S^>!(TO7vY>)kWrLu#QibZT8{S2cM6a4suoD?1=M?a
z@LZvD<GFbN=1=rH#}ig;YG%sy^@mNuo83G2)L)oCP`>wFAY)erT1MOS(Rhhp`sZMJ
zns0+p3ILfl(G>8K)1f6fjQ~3O7>36Up}cUlF_#0huVK}+j@K)jsV0hRm*hRC9IA;0
zCoc=yP}iYD)A9_tYqAAxmz~NbGPUJSQWujSThYV`alNkSFa&+@=r^ShXkX2l=tLf%
zmbs&g6Afn7kPd;`o%tK^>Rv(vUaT{VCxB;=2frMr80Sin6lu&=bS33kbOrlkpuP<{
z(kyqHyQRnt)u$Wtzx8DXS}7!ajgw4s%kvHQy;eF-7{|S+zMF+QVgRn*q1zUCBOQ+8
zB?FI{lht|>a&K+mfSQIp!Z5>4j00Q?8ui?XcB#1i2=S<JeQN>hxW%P`1wpk0Y4D6h
zClTPPMUZKyr>3AbZOolv%Z*B`I|b7U4NpEVUgTGOAirmNN~e*bR}-Fmr!=o`roQ2L
z+Z*UCN{se@3{=o)H@-M6t(|?%0LSPZ&8TjX^*2|XchcF!dX2uG7W;csMmZg9Y<a<M
zIM7QDnHZXG*h}yXdw+QH;WCn6eHZsjx@)J`XNlHNn(**=)QSL~>1$9TE@8D;u$s_%
z?5=`)+Y>}oul3EsO1Z0-DN@{a%!?o2)=@H?k-(4D;6ZI-_A?x#p4V*jfP|otyN{UW
zZ9>;7<;#1NuZ*7S{zSNO8#~LFH2^+@;z|z5j2MzT<IhWk&7EGHFBjYwkf~wQ)47{N
zv!0@ps>*n_RXTwY?ICBv`T})>Jc^kOS3C!tugk0~XaiZkMY?RANzOW!W;dt}eE_|C
zON)onKTcy8!yl00dz=<vpEnr=w50ITAI2$^U<<ZFQMcqp7aXKXOnG*)DQ$Plwrk2%
z6_l5KxRaS4<#elGHeBEZbF4L#Q_%4S1Dx$G#S=mpUag(YUb_0!Ug5r949!n&pZFTi
zvnCI`EtW1(X(oUFd1jmrE3QYlr_l}2?_(5EMqS$4gmJ6-1|3aLr{ir;^DD$M_c;^=
zv0o{6OrVft=iuTXzbixSe7nvF%}2h|{>FX7JVazG{<H$C!!qq)es$2Z4BYu)Z2)4Z
z<0<ZNW#aR5+r=mMzi~)zcUI70KR!#6MtYw*kstRl7JpS&S#3-KaMN7my%`2VPQ|E)
z2*Y}>lf#$wL83kNMWUu!m62uClZyC$jOCt*jEjhGvc<Qwxr~<v3^?>cFEW_SX3u_W
zT>fqz6!oBfgmd&Wvf*3WMCtaB82bS<+*<#M!0ovp8M+k@-OU^aIzcD>5kxUcYo}>!
z#>6qjVp0M=sk+flzK?&gjha`W)*m2Q*}QTpvTe0<nl}>6c^+(Q`LLPCRO%e(b%U%L
zbCF4Qf(V@etW`7{L|Gm*!@$nCXMMu=)n-rQXtHruyf;FAYURyZtU$+V&M$NY1X4ad
zg}N|vTHDZ6yQ`p$CS)bH<d{JyiC&#88zpK5LRCg)y@Iv(jiye&SnqLh=f+Ql@}6U4
zY`5P))ii}gm(@62bDt-N1$<e@L~g()2#3QHQ3{XRIJ2+}aY;r&7qU4D6)qtdvg0h+
zx(wI5jE}u4k><%r$oh{h36ZFEAX6)^IiCrBST(edy5S&M->OE}mJkrOiSK7_&Fiv0
zudQw^^W(5=HU>m5P8gNHkWbW~cdmwo9h()KXmVYRaQE*gq!(%2qrB)P(ElRZtKG+w
z_B0LH0L$A>t^LcvqX<7=2qZxv5sTb%gVV@MVN2w6DDCR69Y!B$I@!D!xicaxY?X{<
z@HWfVQ&vl5xg={-#CUck7VLO{&rez4VZVSQ!x6;a6grx0?uMc3^Z9jF3A}qWlCR@K
zZQokyc5y6P(9Q2ZKVkIxOXbXEyLV-KtBI5XPe~sSFj^glvu*mTVKeWXw6Wi+7%TID
zU&lZL<(>s7R8dzIKL4g}aXUd<_GS5H#%($3a8L~$B2JMJ`V*hb0;Y#{Xvry`uqt{4
zcdArI-@7KCdSAY>R4L+h=TEM=o94Gvz!o>vSYGfTPzmd0M^cAb1-L`Pr>Isib#(xx
z0WL5Miy*2TT=o>YvP|&7I>{PoRF!Z!o*zt635e^MpJIIuzJam><Oktzh~I36wuFE~
zhcNz$BLAn{(pj5i@znF0o&5e-H=iRFpCrIq%`Bd}Aw{_N_sz<VY<+FQQFaYGH#UA#
z&>mbIa$HEnCScdj_o##&>zVq8fuwrg`gBrCfVOVosnqcbfI89xe0@q{C6vUJZL(H7
zB(BAPDR7xJ>#YfT)$GISCic#F&-ZSztM<n6+R+um;)JN^tlt#Nv)F0!LfvRHAJqG4
z{U}!$Fx9M6FfnCIjdnh7T00nnXiRua1QR{2!T0*vD!PeC!x}tgqy*Il+x=OUs>V8>
z&tHR869mL9;+d;x+V~cD)B3a1B2Ae3O7n7%Qz?u8A1FO5Ahak8SSX6w-;AdT>q0fT
z?pr;`b>Ebw2y644@u{+GEG1KiLna`ia3RqFY)W<jXnBzVM)GR<DU-?fOxJF;5!FK!
z^uB^EdChBlKPGo_`XDfDv5D>&&{<rcB?|neP*y;ZuL}RBAZ~$hTYxSFwa*E3lbLJX
z`Arc!2FHvvfYGErodY>068>cN2$ZmIu%SkhgUumMFA;#d?ll0ql4=+lNe0?K4#WXk
zmk=rxSx${mBis+<0`C2$cvb=L2LX#Z{zyb6@ZWjnKfaiQ9w0NJ2Bal_-t^D#{+USs
zxVZi-nLozikL~?GYM1#30jvp`4FzDQ-}%8vjAnpp5_2FD3cu<B3YocH3v7&``^5bw
z_Q6anQqAUyS(IouO<RKc;y8~K+m(@{J6S6=@o&hS7s5S@yCkfuQJ&Mn9S6{zt;+zf
z>Nbv=+@U#p%8}3%`R|Bgbr1fFI^nQ){bv%G|LAdZPC)xYfBL0nXTpG>h*yhk6lI6=
zAakbdDjpyQQa|5W(5<aabPLskd5bN?hlKQN5Y}-!L_UDV03cdGm^gwo&@q_AU#nHV
zekf~Mi`|CZp{YGiD(gx0XARtD=q&oa^MG-d9W_^kx(vX3BC<qrh;S}^UPm4dz^cvO
zQcRkU>eU!W6AW%%wrHwPqqU5j67cWSR?<Iutj}pNS3sgQm=EjRVV{9|Kd8rx8^qhX
zLDO~Mdboq7_lWTQ!YS25j7I{;$#edm5Wf4~UnoKW)(Hd3!i5<+NoLX96kXE-$Uh5c
zFJpuEr0%Z`%TW*0x=3WON3(nMEqF?r4kP&oh(;t(#Gexn0NfRLA2#B6Tble@w2Hb!
z(mb}Tx35VE@jR}DOL8TQPQg`J*+$N+qNsjTxa?4nwD9e-VE|hK8R97ya2<AQ5)nm`
z@chD)m-qc=)r?8%h)e8!e9E<&0ojDltm9(12J)2>917dt76kxb)_zmm6#qCPFXOtv
zVrFBCYwAeJnX>(QwK*Gk3rKjXExl=1n|%_*$b6&?{<VPZY+02+L@G+-iZPu)uqRlN
zAGh7$F(W%7?_LZ|fAI}j<L;GQwfT7d!{p;fqO=wb*J;mprU!PA*=tX~IPK5A3*^L$
z2g=~3+F-%;@VDY3H*EtIzT%xw=uENAH`VcGlbBx^adyXMjR+o}%rv?v?+f9St1I78
zlY8Gm)zq>3v)9+|LAzB)0QjF~8Puoo;e12W9qL=Z+N*lLRrq|o9RH}I0wk~*Z{j?h
zMyMwu2{%r|B&b7BH%Xku(5kuekoi-;7FqFne{-QQY-kadF3sjWM||m~vl~aOr=CgR
zn9}<*^>NjOe=oKFU-}!tcKQXpxTtvMH^r|mKOk*PV^Hyr&8zs%{d?;4Re&(xVhnfb
zt(xy+0int1GtHm=iTW}1K{ytu42_<pwX7!UVyWrvn)&fJM;&)cJp~?Hh%$0Md95~`
zQM4(rVGk6m!HKri5%B#7{#JmGo=!~`j{EzC=H%=kMLWPY1rbvLu{mW2gedbBSZ%BS
zcxeOp7=K>!&shE!P9ne*w0(yyzJ&rM6qJ%6lG(E%@;&IDvQJtk!41zHWm<a_)0~sv
zX6>SnLAxGG9MAz8P92gsWn2F-hvHv|oL-<7g+c8fu0S+(AArOGKF9<ACqR|Pxdjmt
z>n|AI1NOHIp8GX_Uh&U3{%t<}@6H}W=fFGu&Zl1#>1HAR0^=mkJffQZH&jzo^N15q
zoCT)w<r$XkKCB#j%|Q|^1<)4K<@8G+FVv-TJc|h@(yH*V%}q7_lV^ALNX<~UY_NL<
zJx2S|)$1yLNwjAGNlj(JW^cK_3|=Q(-e+O!^{hED0z3M+e5qEiw%)0JuB@74ull9s
aoQ>^1*U9_;MAG~p`E&n=KSud`;=cjN#HF<W

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/aufs_metadata.jpg b/docs/userguide/storagedriver/images/aufs_metadata.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..378e36b84991376ffb23cec090b0a9944ac27d9f
GIT binary patch
literal 26599
zcmeFZ1y~)+wk|p+?ydoXyHDH+E))0Q8r&U%y9IZ52?V#`?gV#t5=d}JAbBLLz1H4u
z@AsW`?mc(kb>F$O>+Al9RMn{Js;*JhJ?qEfk4*rYjD)lV00@KtFh3rEA1eS+03;Cj
zGeABDNJt21SZHVn2xxd%SZG*8ctk`*cmxC_6m%3MBs63M1XL_kGz<((OiUycY+P(i
zTy#uKjGu}8j0^o33mO_80|@~M<3IiT(E~t-0|o-SAc5!r2y`GMI`BsyfCvBtKtMcN
z2l)L54Fd%WgoJ~K_^}LtdlGytev(2e8$JP8xzjw$3cp_jVi1D>^T6gW3`;D%V|e7l
z^@{*-e^nqrl|5@6M86$qUf^}IcJ@%0bZmYU;=Ekz$lf{Pw|<Oyaxg&+F7Z{csZ*7|
zC~o?!kRuELz!L1}e#IPd&wNcC9a?m|<{6#Zom@HTe7z%MDABW6_NW4^<5>SNw?_D+
zvHFzdZ)tA+qJCL(tS9s&B9<U0y@vhtL`e3C_Pa+t;hjTjXMW~T;a?Q&hqhFAeH1_L
z-Jc}np&s~Aq%oSzKj1>Q5b8Dko~j+1d8P1Cc@Zt+ndLJT-AS7qdZUiu-QJ#Cmj<55
z`tA|g?t{&d0Yej+!!G~;Q@o?cYvT0!y%OcFCoSh+83A4+4u=MRIea3%;wGRXZhiPg
z056%Tp6{qV32@v~J>D=rVN~$G=*1?<lhS8I3L!y=C&BYCwT}Xd%-KPcK5^xjf(McM
zHJ37$XaE2sX3pDa(|QY>a2q$Qo8Wlj93Yp%0m7gFxWtaptA_PT9=Y*iFBbq{_@=<r
zeen9Cgi|h1UMc%mg4DjRm^vnS`Gj=&FV=1c9;<`=X5rS&+2`ArH||=bcV8Ye`1yNE
z_X(pu3O>DrdLrzIR|V>RD+qGj6zZg(-!B1d8$;~<E!>lmSI_XHAhHAb<=PB0YBXeZ
z!$}SX5&(d-<gqH#5K&-#KdMx-{>vb$rP$Nz>AKvV>nmmxt2UjetY-iK%E_otg_Sl=
z*%cLqL_>c2mPzPAm#n%vdn2Lh04zSp;r`O+s0#pyt=%^okWo2dRY&k4SjUm_@&3(9
zfnPC%e^~?hDDeJ_=l6?1H5l#P=mJ1qe1+vdn>@&Vw252F>lOf<%sJ9P4lTIgbd^Y-
zSW4f<(4OrAzz|Xh+yejy{d~L)=6=npoZ^sXDjuP+mn;BaD7?z>uOtCT+CBsKPsu~x
z3_bB4&nT5ZR_krl_f}6LXYZShRyJKb0h`Mw27q=hy83r*z+=yS_SiKa`|aO#TmTRP
z5*iBTSGR@u?biGe1)#0?ivaqce0<`fW`#DreS(6n&)4htO6bQ_UglG6KK8BbG)wPK
z0`0Hj*fdi|XCx~I1-l+K&uz93M-L27K7!K6o%7fmD&>S98wGOP_wb*}29Fw#Q7@{m
zul#;N*ooeyxnBrCeUSUa15%gNKC!rY+I3@pL15ST@uw#-3XGkGX^e{I0?*)FNJ_yh
z006@|kWw{werftssqNz{&*?Lc`m)C&K+?@q7CBz7{bOX4r^M~qJl~W2f{^~{%TGL{
zyb|yea$>Xl?Ri1SPjK_ZgGGgT=(iHLDSE}3HvXCf0C*+pE7&qHZ~w(^)k8(b>Rp1h
zUfSeyKL7y#ZaaH}xB|hm;ipU(6Cecupuq=a{zFn-zfuMEcKf>jLVzzyc273|a6Z>*
z|HS(l{|WuH1E~Z&SHD42m*EEhV!b`eZjp0Ic{FM;yGG9F`uyZz-AKRy0C>a6Yo{P7
zXxBLL9Qj++wiV~w{KjW~0EqhV29Al@d7Xc4MU&=JK8_Ag*Z<k`V*@03Y<vGWasVKq
zAfRD@u)kU$B-%gaA+Gww(r5R6ssP}@49NU;^A{I#ve;zmY!t1gNuThON?fv@@FN?C
ze!2YOD2?6Q$z@+qI$3aeUhcHSZ9nW$#HGr$Iw1I(jp|K|Zj27)JFe^<CiGsT)JKuE
z%Qr^5>|dfs>hZ__)l80<@Ckcdj-~7IKjGKp<R5+^;8yvz@Gk`W;S&e{69jyvOfCrn
zcpUx|z)mqV@Qa+ZnN4K9Wjf|Wd%@iLSO#WMAM?UI!I`xFOIbz*w59wyq=Xk#7?L5%
zM}7c66GNKEp2geat=AZ%Dt$jw0RT|*wJhEJenH@`IKLo3Fx-^L;EC%rr>FD8biqmF
zeyT;_hQ8va@Gmax>(`?G((E0h*cQf3Q8=tAkCh4?zGT&?`f2oC^iMr)U)CB9nT&L<
zvw1_y1I|ZrbhgT&n`c(g*L2&jUqc~oHoWn^oeH)aJr=9u*6U4+f!o6Dzsw27@5vIo
z1M!L{L?EsDFEvH|nG9bp#P<hrl`alE8qJn$ZMj%sHEgl{`CX|!V`lbZNha%wr8SLV
z@=F5%z^m!Kw!UCp;W^Q3>YoMD8pXGd(ZQD{ZvLkD*u$1a@pjA1c#e&JMke`{Gh|0c
zUYFl5i1PJo4&E;W;NyE@JyHMTXX3{O&HiXM)T56D0R;{H+hY|P1{MMm3JxC!4+xKi
z%T3OMhAym#fr-t=MM6pj;xzcpMFPSBzV$D(%8bB1Fr*qeJGHX^g#!xa=@yTGxR|Ts
z(SktoKsLXQ4s0`<4`GUGUbg&~cg|eL>&Rc50(~ksH!9r!vP8gr#!}puO&m;j1yPND
z>g0pKaG?G3&GFj<*zE_@HEN$(;ojSH^SzeMZQ)<#<LSQb6upt&Xh386PL<AM>&_jE
z3p_>Ih_Ux!{&27T(O$K6myJF{^_a6=r#M+BS-H4;s{C05v}VY}0(!BKvOiiVi(_KE
z?8?PCLSosTI7V!DHHhA(4E1Bh+e!m%H3hoPhtB2`tx3D)?7l$D7+w4Zv?fL`tUS-J
zG1J_xyJZ%wdVAc-ho$Djl<GViFJl@Tw1Z;9=8$o3#m}SGCsUwkheKd~0O0>WEc8_^
zbW@BTyPi65sCXG;`pUWTnSWwQv%Cd$kfmgQhu9nl7F&9|CA{KTS23~Z(^)5*F-DNt
zZiTwvdwcnw=#!TWLt{3KomF7f@<_Rsd|HbG+W0az*V&0gxqA7$x{6T?Ii9Y)^rH-U
zeKj;FZ;rWv*~_p!$VJs2-D66@3h`X_j|d-qTCNg=?82J+)wF#*q!3go_Y;T6-g9^d
zyj&{Vy<uInEGi!=DN5p~m+Wyn5knFRFOJd9MxlW2@(SeI$s~@v6vCO_D@{Ki!4F1W
zSwqmB$oAf<sQO+wep{@`Rps<Wy^X9aK7+a~T+01mu3oOamqr`1=dKS6x7cpY1-`Xt
z@;&}39aL`O+u958@TvEdgV??<l&nM#`&Yc=FQd}<UxQ{N9a_`9>?2Ih)gNwR=R2`R
zR7uHJqUi&HwGFQw?^PN5reRh-s-z4nYe>lP$oqIHmI{<sDyD6;QK2v(NTE!;qM0bC
zo9O$z9ERtMDM#4EPbh`xcLQTL$Ss6>=ySw(oex9YHzUb735x--DbSs9Hi6pzmAF;@
zq0~S0jD2d<sk_gw8P(qG-pQ7%Ot4W#3eL;NlJ74W$ZW?;e4`4ay-gZa@-qIgT=woe
zv+UgS(ksbw0j1+Ns-6XN#5@HD?B4rtGN&%m1)U@(%<snk#`-D#2i^ae2!40374~;s
zGYemyu1>`x_+@RI<;YnD{lMFI&;EDAKADj(b83V77UFDHEq^>MEc9>*UQd%u-ui+6
z?iuov>np};ANk;05w+;<uydUnD6|b^`MWX}x$D@R3BT;4gP91r8fxnw%kXJS5Sl*i
zI(}mdj}L?3YT(~cXX+rJ%t5X4a)^AZDG^9X&S5PP3C)417pKM}*As2%XyZ*=EGUM{
zrLOlfzD*TD4z&H!ggsmwSmCQ>BT)&DkFL#U+xP>(8?g~Jr#jGABCVaf1#V~y5}<bt
z5>smxE64EiZ{!$vd~@`vv0Z@ih`z|FN;5f&%RweW?4htp2Z!@UmnSN^5Ui?GzFdUn
z9-HTa$3D^`=T0jsEk<V%-4ID>K7V7KmZ#Zys9d3BXE`(>g(p2Ak0BG*pe9EauA<El
zB!>Uv(H#!`ql1jo_w3k3Lkv@#uas*R%``U=(S6rTq77Pjeq2n$^p!GB#PMvVm?8dL
zBrTFkv<VT!LHcPWkhHn+3=BRiv~8gab(*0}q(3l;qqd@!E@QLR5*SSNfGCGcG2hp%
zeR*b??~abbR-UZGMAc#O?Tv*zyq;v7Wy0%}J<6Jvm;g%xZ@D}fTaqP&N?Qudx;CLs
z)ROuifGO#$?Or#IZ5ruj4RI|^f>-#0R@U(ehBMyqS@c2q@1%rq5%fAl;|o8=T8R}^
z<*BjeewyoNHm|bbw{3sfzWez-u8z*fG93z|{sk%89UmPYrj=QDXL&NDAAm5Z-aiJU
z{iH32rnUb(J9PK&6454=%}kt~zWP3>eO5DnZ|%}aKx8-Ymn8`8di<)S3G6h$a(_Hl
zbXGD{$EsmV!lOE>B=j}NnJeN_=7vU(cTKMxL0?<&U+esJ1ZITCCE3%5lUVn^4*>n&
zZmlc7Rc5&ZB>w36kvCtKv~RR|zW|~fSHC!rFhQ>3cjA8Ds%_d1x1JzueH_g~8s5vP
zDbJ5Jb4e^9ro*16X4xJr*ElEp)yUatQ;@&YS1(jap0iM8j`wNwj4J?B&$6g1crZz9
zlr5$A@Ej_Cb5@dQq+(DhXCxBh4A+)fSSm{U()ui-Y$RluE~<*Y?6Y>aRatW0G7ST#
zlZ{}AilszuQ|mV-vPw0=;@AxZyRj?!k@}D%Rbz9N<9Ae*F!Aczwcck1JOWKtj&<^=
zvht3e6>+^61)+YvCwEAF*=dRDtS75XANypawY0227*hSDqp8xCN4!R=){p&cUBQB|
zPDFGg_+Qk-nVl4BG7h|?f(<fJE{%Su`{nfJ8cwv0OOqX0u;K+yI?G%*sHgCog!P&e
z73WKO4+qXcSo!dlJZ+XG24%XD;h~+dLrbQHQf?o_rM<0{94URLm?V#j`WSue&iP``
zL=}NBk@@@;e6qQ{8C6jo)pY)SXqSdel_nXn0xRi+e#QdF^2|i1H@K)#LLYmNPWmCt
z-n%2z^Ib5if4Bg#aND6AOw~6Q*QDoKM90(LJa3fM637BY#gnr~sv0$G$SDqWYBPtP
zt(EinwWiCh7e`l26&<U^>$X`ORJ*li(#z<|M5Hy`YAyId8UNA6JAILpIxz~C^YLrM
zL^R*NqX-d%O29E=0~?m6o7J-N7Tp(=l|O3@XtuCK#F2oi&q<V})zT%IpiARuxB!=L
zryE)3mJ8eySEZKI%hPPd+llJ4S5*W}j~LU=Iu?scXxb@CtKAibSYbl8+KuwDE6+cd
z4uG62p%E%q7>^)Bm~-(+0+)qIl(<mO5mG&$N|j@Zp^5BN%IXO`2S()AZ^z?HVl^mz
zm=y&@WUjxaRCThT#TgL4<fl-y-#Wit`WK~fse1>28~o!T?(?01-sj^hJplS29^KZJ
z6{%O+h0(K2x-OOqK+ju9gleR}0ED@!2##$m6JuZfz4P{_Z%?tCBU~h9YkweTJVZ~v
zgd6pQGHr(dt^4EK2}d>MO8jL6nB4X9JGkg0Z2zwY_GfO%_QO4=`n^$P5b-*>><fWH
z?Sv$3zQ%RO(bx|fWxlw8&;|}ZzqvG8xHNT?y!~9x3b++=CFZhSi8MQ#p`(F!Y$+1w
zAhR*LMvMdEvoCiDvKZ>>*u8`uLOX-^Y4q+Kz6GpPC^OQk<20sIrMItnIdJv1%1m%c
z^*(y@HYFwTsHA%t9oL^Rnk>(6e@H|zl8G8>H;JjVOL8%dq*yC0n?t(tEPfM;+CRA0
z{k@?dxo#G>=Mz<BxbRzJB<#K;`sYdvLlJbcSklLdaSw6`DO>;8;+~491j9Zio-$Pi
z=iyH@rTV^fBuTbXMCU;3rKe3(My{ct4Q~HC=u~3Wbgme1f~=xz1$v|2j!%-w=w-ap
z8g=F&PcY?p)>N5!mEut)T{A(pO-X8-yfW*M`B<q~L67;VqqI^1gs}N)UgR+@O8S@l
zSzF3}c`4qeW8Q{QA3JMYl<YiJt+9)UAAn*;{xSvm7z^Y}%(>EyL})s(p~Z0fuk<p@
zeHPPdDE(aZ3k9AgRKpedin1=1ir)+OqMbH*625(itfb0vC>NjRFH^Un<ecD^+Aa5Y
zjkSv(doW(|mRj!PSSX{N%R&5C<I2ox_XSH%S*|4BI!571UkSe=_kv)aQz_!nMB>8o
zJM}pH>1Pd1uHF+A#*CtUU!V2J<QC+M=!qmXk>wZ5=2dB4!77>(fm-)fD_+rs-EWPy
z?%e1EyndEWf2TD_ALPK*<X37P4?<LNUhvFMuHpuPSl&Y`CA^m?E_JNx7yC$(PoeS}
zgl)ysp(0yF<8pc@cA-4oQ!m)D7Z4KjE?DN-x#}U-Yj{KNk0FAU(J%1dd$^aJIP#M9
zg&(b2VlG{|ICEK+F!;D60SP|XX449mFoE@IlW4N&3UbvetTZAl6R=ZyCfWexf6Tr9
z6GLxERHXysYpIu!i;+Q`WLwB#&7ww3Xn$p*@lw~y#Z)}FLhtvf@(+OA-Iwpao8OyF
z&)$SSXOSt1@tr)Ul8FHO(oPrl^Sv2ScuveDw9ca>yVZLk7;W_ffMfKBQ}RI3>`OR7
z2<+sb8EH{1%~rhN8F7{rFuz?X6XNupWgH-%N#a;IQ*eSIu?{fKvMjt_<>uiiM~rf%
zxacaE<2s~22)7P&iwfj%K9*d{v6vkn1UZAkA$`Z<1L`vB)C9U)sg{eZMzJmZG*+1L
zUG+>hR4$13J@<-<E0jAS2QX8PdxB+$<=|W=_)$F#=f86N!+g*8GCuzvliLC1fU&8n
zswV|pr+%xglKW<#jdr{t;#33C_#2(NEaxl6y=i?XMslaqEVfY_J%wShv$Ap*#u~@C
zeRioG?XRa3M12TZ+vJV!Us<Ij&)JMkiv_0k5`NKP?8~FaI}q=38;%$**IMyvXnHn_
zmo&A^I@&~y@7H0<7Hl%kOohNR{({i%2Y{LBW%0F(%c*6Y;iZ-SZ5{eAhqdj7r6H~D
z62CVgZvW84qZR+TZHQz>-d~)c;|XsnhWA`j&1|9FDXOK2;!rUW6}oAK7tKxN{oj5f
z4GluO&;0=y!k<0MXUqVpWnQRL^Y2Y;G;3@zXVKI0z$@D@`uf^@H0euxJ9lF91JGp0
zhi6%1r-fq8XgbjDe1zjdKCV@)+kr7n%iNqTIslT1L1RUh6A4W2&s3yObsYfn-x3vg
ze$#HDv`IaGV^Ktz66!MYQL*)cvb}`|lj+$J7B;h5a^p}#bPJbU*39eqkCmD+XUp*6
z3pP1>t9l!P&?7gpKLC`EtHH`YSA(H|P>9GdkTAa%gdbn8K>?s)&@nJc6Q{7qSYN2B
z#U~_9Z^L4Plnfo>@@ngPXLiuYg+&zeag_Z@DA<e~>v2U5oC4q|*^Rqvep@Ss7XmyO
znfEAKCRGd~jG0wB{s3$N#UQ5iX4(;#Bd)U!^=38dKZ{)Fx0iV0HejFdeP}OzXR#i9
zBJL%B$!tl#?3U-H^xs;!>SzX1Y@!%kYqLt~ONb!h%VU?Qc@i0vZ!JQQGtJ#-@hP4P
zdGGC5E(IzvvY$Lxjgv>alKMzH^>M#8-DOS%wspm{&s(+HchX;L{@Uz~xrj!!Z$GW<
z^i`)@()j$d1P>3I6{h-~KZ|j5WmK8u^ZjR8{wGywS3DHv{QFcIRE7J002*1l1xX7c
z&9aBdqm^!CzE||`-~5NHhx+?@lW|Bxwj)n6BONZ$(Ff9m5+_*d;dsp{R!|66Bodce
z!LUO=M`{ZqK3m8k>XNKHCyb<tTQ6n(uwnn3adVSxgS&%U$7|?5r$r{g(iajFi-g1F
z<3pOmnJ_&{A&aJL8VDTX-$5}PQn;-48)&wt%aj)Ay}MYB>M-shs^M|`WkI`xVS#}H
zQ2_F5+2=ut<q!f7yhd>0gXjKD+v?XQpxu78_p7O?7$iQ%D3{VXa_=`n8P|J^hPT__
z9aQ%Pykh!Xo<{YJgW)6boeZ#5P%2iAGMX?IPBMW)tPs=vU7Ju$iP_{{+4c{>>S8Vx
z)q?9f_ZX|pM7+rwe_6H(8&=NvLku%lOAP!OGNCs6wKSpSn^ujJN{Y+lOH3m!y%&7C
zVu{kjYM2Pau|?m;ifty@1^8et?s~=6+&a2UnVh5YSZ#yHsM>@0tIMWL&dpE6=ft{H
zOlD{k(SSswTTNGOz6jC>%1Ib(FznVR8UvnbZ-RCe%Wd)U8vC?uZN=tG<5jIj(ahG~
zSA)lN=mNdqT??X`t5F=njc+hxj#QwusqP}3GT)jOYPP6BbrC2jx^^A{@sfExC&E-G
zluB?|Kfs1+brq*Y8LXK60L&akxZr#e3e$m@Ehv%6LRSF_+h=d)V%m2>aIH57Nq?|d
zZ)78DO_x<yRQHq%)BV5`6oiJ<9RwiDdFF6}byw#g{=OfVydI}T^f@a5ArzOa!MW(1
z9)8eP09<iVgqR8~L?5ZFQ6hggsv1KUyiWh1Cq|8wskji*{Dk3|-t~H5Gpq_*9M%Uj
z2bxkR<Ouw>0u=eSlokx5z_PR;)$iZSpwx8S27zPxoahlF(yFAaMko>M;N6dS>d?KA
zfvXInaM6`sUxf(LpEE?he4UsZHEq#AD&x)lN&jMlAFV7mYTTQavRSuYm3gWxyUu#8
zooO#GY}_<vC<q+Eq(Xo$vB}x}9vXr-xhkKoP+`O|ec+pW+xk8?bsxKf^~@55L%HCQ
zeq(eAp?qP{xAZCldc51uj-@6wyJPn2=*WkOjb-{R+NKaQMe_;}w`Y5Thy5L|x5jtF
z**iq}ZChh-T)WlO>FaV>cIZOT0F5LyHe2G@^23B<iF6TidlEVaj3L)x6mQy%`#h}I
zJfvBCVnaUwn4{26S!gVpJ@K!&V?)q30O4&5#>2^EMG4mZGT~p+Z=rJSpbQJN>SR8J
zil5N)@`efzh1Xz%qR%h^x15Ai6p7M%^#$GTbBT$l4b3pKJ%;F<_UL^)182-BQ9YjN
zee5+|c!vozsZ>0nJ*({@6d0bCns-C|&g(fNc)AS0hCXVR#XRqRq;4#R*y-W)@Tx8H
z4i6V~5>2cQKEFFiu6SAtogR}G9I=^}z!Yef{9;1|c!hxZjfVRgh0zSCw+>AuSZZqM
z;$S@C+ZaRcFq9SU(_XWSz%(bO_wfCFF=Aq3U0!e~UZ2H6RKO!<baAh2Ow80o+jt~)
zM`+5T3~42~aUX}xm=X#$i@j&z+M^%gt27wG5x+ktOI*b2ZjZp`JuRlgH`S$YbxO4*
z$I|7+W^<mQQ{xNHq)p(p@P{jwQb_0nD6R)XYoN~Zjx-A$@Pup&+2Lla4np0A#4x6N
zQN(aauF-#e_aCrACJ3`=^Ql1A37Fxs398H)BZAFI;7c_QvGP~>W#yDA0@!j&bZLj>
zmf@<C;wq{##h!HO`D$!as&g1+*%8I1{~eXX-`u&<rROpj$&Nv&_%8qcti<iSGp79*
zRZ<1YZXWU6`7eYL%AmN!s6tb6T70RIU&Pgb$^yQEj;Vk{;y*xTZqRzy?~Nc>O&nZj
zw5N?H!-*Yf-z<92c6ZhLmpyG=tb2dC`z+}0eUrm4=rx&5EO0Q1ntgE)I_Yuo)9k-j
z5Nv+b`tv8AStSb$3D8J%Uk_s-ca*(CnECcnNv+ft^6N8SwQVfl6{vsYRdan`46*q<
z-5gAO-A#zO{p^=t#x1Jvt>2iRIAcSHJ+ZDQy@bV+m6{f1lZyfY*ze=Xmy{cu;ct&O
z8t@s5BzrLwE4IsI03@*OXOovXw(J{7&A65GSLBuBhmzu)AS-tA6%Mze=1?PyY9IZY
zBmzvd-RikpiCyUu!73uYz?+hG<1fu_NydM5I5{*YS*(dAw9DGHzwBox7O%ycB}Yw8
zYsFYbV2WlO%&Me<K%RlS2Ot_1tJS7UaT7B+U?fpM$4@ti4TrZ!1+t~e+9OSom6(r2
ze_AYKb(3!BB0z%ttg0Fg=Rc&g=*!Z3$5y7(X%seXAyZ8QSv_GB>k=i`!OHPv!<z{|
zzc79hyC8886gT`rm`xdP8!y5bfUWGekItZU8FjX@Ps``QS~;;M$(+o?n#OrVxM@HN
z5a#rEK*Nib+E)p6BCmOo<eYE8mJ;jlf?`x|lsMRDKq_O0)(=VMz~??&WF^G{h8q{%
zYSF<8;)I6ivhLy*^PZ0|)1oSWo~1^G^}wDz_@Y-imBpyLo-AYnGGrS!f;XdNs$fcN
z`sjo+wlJ5Q^^+=+13`uT+3~$tWM{?1MuX)V?D0}9r4pE$XZQzzWyQLCvxm0Pa=`3}
zJ*|-mgGyL+o>qkR4qNUeXDSxqh~;irqj*>%OBTfhi8lNx4CkR(bmEi@jEsh9UIuV%
zNjl7su1ncnQYwIqTa;a8dI_>I2?8`Ip2WU5p3^9Z8IUFf%Mqo7HvS&V1;SD-GLR}u
zO+0@|gK=uGfi;*dJdE55E)3=q$BU2DRrclGXMkNr76R4?z8WU;^LKB3+vxU|4UD9h
z!h=-gh`-Ok90hhGO$n<g&<tnBrO(g>yV52Zr4FsBBpE&I3v>ej6Rb&#rB!*#OD~K!
zAyEilv~f1A^wB)}zHpm4XjA=l3MO$q&%SLx)D2=?oE}*6kQ8Td5JK)BmnD9yVKOR(
zz**7cuVK-8rqzv4wQbT$Js>tCmFu_#XwI;t9DA-iWHL7bN}*tbXCEtwC!>YIil9Wa
z1pwR5z|t?}ET^m;S;Qqv-~;@sQ}-3ObGI<`(OxkQ4z^%t`13~%^Q)&?&}$N=866B`
zD||WeUaYaT6P+qf%$P(KNEwe<5}yVi07<76%TC$|Z2Y(kNB2yy*o#JCuBryV&8{<N
z>c*i@0F=gn?>n(o%D1j0PAFFxj>?Bi7<;%tex{9!6Oe|0aa0tLv<xyr-F-v~ZP*Nz
zLASMN<9G|^fz#l_)Q3fzJ$bw=bd&JJ0SC>2<<uX56bt+Ci(!-LWZMtVrx{aA^J7x1
zfkDcuoPH`>%t55)X}-w3>fUWfiDM_KjxpHp62-c*7h&$YY|OLyl7`L0L7;&K(Q9f|
z-O|*s9bQvHF_LYLCP@~v@Qd(e8?y}7HFMW;v?wLc4=Q4zE2#h|IV+f54Vs!b71}iQ
z`ZQDdnl`6U-U>QO04RiTfv_L=Msn-mWVdt%HG^;Q^x4~*On<BaN+xhYX!re;CT3fb
zb_p|f7AS=q6VzvnR|t9q5kC09s>V~W4_Zo(nM==~GLAP(U7?}^@!7L7rowW%R}^EN
z&t8^M<($!cnuRvAl};U@QElAogS0vzD%GP)n|&yrSgMmh#B`Q7h7W2+P*vjI?h;vb
zTHa<=Mpgj5H9bhqW3*saYn6)K##K^MUO+?cNxr+;GUiGd(J|JVk}}?6f`tB(2qo#}
zNm!crHAYEv=-`f=*tC(gPdq<>AbE{6I+cq}+`h1SHmFuFVA{gEWvB%dhHEX71BYqN
zr@j7R!-!PSwITqtK?>%1_qaat1K_hxD)~??`McMGwy=SFrT0I?3z6GL($yw_?e7!S
zw8d{blal7iTfhoRNGEdmKLAFENRNw?Qtao)#ycrJ+FM%q_&K~XhP)*$JT=G9QvAJw
zXw@T^op<|D_s_yDGP1P{4otaPpi!(}sviJ04C41m06I3&Fu|U(^d?-aTo|M^@E~ON
zG@@ke|DOM|H4s3S(X!fNiY=WAhlXq%G7Ia){<~MP>5JA`ex|&E!A<h5R}yDjAYKyk
zHuym!BKbD18+QFS|AM%Wd4(=bPSsjRQbuO=BRu2)x3CT7O)VuJ9bB?BqmgN5=0@rO
z5W^oqckJ$SJN7dvDKj~E7KzHmeb$)OT}&*{iyRuxh9)xmQxC=rq0d^&6VC!&5*!8L
zw9)+hegM8<iw1wRkafzO?qvg*)$UTUHOc8{_H6=q`WnZv$$7l$pYb}bXBg?!C4neg
zf`wPX8Ql)exB1T7%1Z&JAR9_#$5SFgUs`}z5u!GCs;D!WN#VNM%Ub$*+swRpZMYah
zY6U^B+a@CwmPC4WZn-)QHAEM5(lIBXurL_ESMXBRiQ1`ZpC-#Kn%Wu&g+uoWf;K^r
zmB25?fCYvoEnSXTc!dbIPzvRhd{Dl3ny?rboC=<#7gr2*!je@VE-T!+SXX51upi7K
zn3^%<w$3BJ%ylkkT1P9gWF|!4X9Z0sY&XoXH3ZQNecU~hCu@|>?cpQTE5=69Fz-4|
za355`PDI|!@<5Vp`G_pGv424@2IHJKC94r8%<E}C<W6)xLo&0p1jzQ()e#zMK{PVy
z5T{JZuQ0d0+hx@{M6B6kh(QQ(m?K1@Sp4E0<~f}i$x&*c4nux3<T0AeMVVH0o+{bf
zPpoY0m9$oFbgbrLUHjh77}(frgndl2Q0r_G)~*rRxekJf6iP6UpJ&JMhJZ_G9d?>w
z7TK0@*_2h8rmbI<;i478aMS?o`i9LgmI(Uy&a3H!>E$wubCdgNVvJx2Qdd^ulqT`P
z?~6If4k6(^Et`Y~6jdNH7rVaWh84idX<)#@+PbXVQei|_5!+!io{<NjwmnVw?S;bh
z8@N7>5h$qg&m}Rwj-~9vhs1+##DL9(!Ss1}CNAPO#Uqf(>)8Pj#zlqH<A6kB?4xrt
zi9xxmaBvjTmoScrH8dXoB8Y#N1m^niZaXWBHSc|v9J+nGoMHpWkkye6mmm;!k1?Q+
zIRd{ln4Vs1b=GoE^jmEy5$0xBNq{jP7#PIXmv8pAWjEU-oT{`@Q5lq<ZPImJoqkt+
z+E4a&{F7f0c^So5jaqOB{~jh6w^4_6uemtBoGhpC-fJ+E71`JxB&3ST7<oL9C1ioq
z{WV{L)Iq{!ME!_&Ba*!9yb_^trj7l8T&WIOs$OEE^fJ*1c6%^en;Ozk@s{qOmfY&f
znX0dA;c{h2vhvFo`Mu?^R1M8zl<Dux=ZO%{p?cB^#I-Vx*2RXgPNrAj;N>z|pY>PY
z85F@L@gCTl5~561*l!S%KK^lxpd~*$d*mn`dI~)6%Wp}WZg4-)F~o5J-N&H(8On`^
zk>*rqZX~9BxFR@A14TYI7H$o5G2aErdK)ib;a;razR&bCL3xvBEN=^jsca)B8X@I*
zlvH+$3&^vy&g`n?+zIQP1OY98a{y0F)Cx;VF=Bxv5@*beNlj_=UHgCoou#H!yeW`q
zd<yAIJ*Dk(jqWZ`#`}B_ip^P^zI=0^aF9EFpWqc?cRL)zcj>wSy<nMi4-ixJEhR(-
zkC;fWVfagbnZ^{RSC}u0_2S7Qim2C2uzMhk*XOIF^!cZn8qstzzqKHy*kmhLvZ0&t
zkz6}Rc=ZrpFdjrm7YW15NKvKnB?fHAofj_$M(Q#w-IJX4Y;T1V8jVEcS0=IwkKp1R
zaKum{KD4Pe^~JymetB|CyS|h9EHG)~3)jR9i=u&vr-=ou5mCskIby(~J7YWpRH$QH
zWLxxg+=8H#{)n4;Fmbc28_AhdW`{qX>*2U`bKh~Q6!Go)6pPOq{RYXnQ*6@(p!cB2
zvC3G0Y!EWz2Y`OnPz^^7yl=nRV~m<9LB!(}H>R6j_9k@PVH{PDDZ*o9ZF+!5b{|L}
zQchOJg==d_8~8Pdq1@CFPnAp(4H~k~4o~D`qw@SHo1&DJM-LThW{KCX9+Ok@cSAh)
zlVS8PD(*Eg&=)#RKBP0r#fl8ZHHv+hu*n}Djz>5MitB<WjH!h7&<Q{6^(G<UK<kwn
zhrwnVswsnlF;a){WF2D;k(=6L%Ugh)0+C_%MrT{AoypJJ?BhK~0vn<nQ^p`zoQm^B
z9p8q(HF^^TgR2u!1p%u|9){P&*F^NKZ@?fP3W;P17M2#kuPJQv5JRWEEeS>J{xqlk
zQzH#wTHdRnT~|kw0ons#2jRkMMArksl~J{j#DnHr)TvH&ddN$=x&O}0P%2j~q;}Ot
z$Dl4c8!%UI_Dap~<1|v9=CI00x!GQyHCLm-2H_XBHPi-3fe+sl|9=lmQ3jm*)s)!+
zwm1o4kha=*LjEI%=J=mFzi%}|R!dn?*|=1`<)$3WKH{26c9#z41Ya!Zz;S6awelcw
zC!gnqXo_>{@LgLhD-(va2~Cy@)w?nHBoWM>;SHXX-SDVd1;!#}vZ{k5U<`ao)S?s)
zDcBI57)@lF6~1hi9*Y=^DJ>l?Wr$=>WeAB^U|7A#3~kCx$!?u7c*U2`Dcy2P>NmiB
zt3g}mK?*gk<s8;3Td#;E?Hs*XDw@I?!HI`94lmPvUg>IR!9h%cIu`vd46TE4?0PNg
zLtz8dE_|E@D)mIf8vBT`A#zQfZEuTgKQ0&>x@^$IQ5Z2y6AbR+X%a#k@4cCf4(3Ec
z3_BoZCy7wVA(4c#9adD|<qm^!{JaW-nMAaj)G^`$X7`C(Z<JZUBtj#6VKBks!3UGj
zfE39#J2_+hssvaaAkMvdcj2+svfPnGW0Gvvc!Yw^gk=)%Tsx3Dh62AA25E>j!ZQKf
zL7M7BjuWE}j|gKJS5zzpG<1n^A>l=4jG!%{$4iY-sEw5S%Ui(<ixsZ105Y5KTpm~c
zU&iQ0<(sleQ=>?G*{E<jOyC5mTA%9V#cQQ+8B;k%2f?0f7j;nBzqt8raT)du@p^a<
zleR&LOD#PCAuo?Gu9X%IIe}Il2Po(j^Em>qJg9wKaOk5{VT1`-8HIE>b^y}wdoIh|
zinLgWTMbST^@e9%=qMITDI&Dr9@_F2fbku?8$Wy!H7#F#*)e=7`fR0h9~-`M`~cE5
z3;Y;YDE-^Sjs#aR?Pf)=YGfkKVy+;Zj+m3Ehe-P#zQfGt3@G&hIwpI<Vo;1C#FF1a
zZ#%|PZ`ttk1S2^-CMDa|ZG&O>j721CYJx>nI|{1r9yRL>blIu)>OJKHf(*rrA>+mb
zR(orK2#G=KGA@*tz4d+N6p==FjtH7P)Gc+}z!eyCCt4T9Eazxi4qAn%dL=?vUYTdt
zJPbk^+;Fzt=K>1}$w6&&eJU)Y{`(T$j{0ah)D45yxRd6xExV1npj4VPeYY2{Y6-`o
z$_*5QYfubGPz+drPM`by;orvRsYZVrt4PR&M=OCAMliB@3&Ht4j#BIg;0*bFC}qBt
z8fd5qL~fkAkB%g*ZIg57TgWT{HanMImP6z{wVW}IEh8ewQ&#RHRmjXGF#wKt-nt<+
zDDHxc-g7{OVBj$rt#Spi!3l><z9vg7UX|xWDh>0u74&)${LY0osNFTDoV?h^Z_5bt
z+Yp%&C&dIMV@(F9b@z_-`+iBxVIg+}5=Jee#}5lUCIEThTzz=g`Je9{!I|8nMBmVQ
z#1S0*!zh{ekjNB!+sz$Y_ly<L*%O>|A74{45GZfh^ZP$%3F`0LPh{_KqO%lUDOEBL
zuqxC)q~ypGDeY|u7F<e8l6BB9vxl`WVX%Mvo&Y0ltltcya9&!AFCQHQ)L;pr=u3^^
zuG{A^Tq17Oofu;8#xQ^kD1wHxx^u#VSXXHJr&-i;9S0s5o9-Y<ez|y$MD=|HRyn|5
zVGqu8ZMQ!|ATTAZL0Y6V_;b)Mt9`}<DT;Q(D-sokc@_CaxpJBcuRTDx9}F`CPjV7(
z7ADD^tK%i6(vldX3yQLTloiY;QWAPM+AQouFM8YZ7);h0cr2dCu)U76D*V8H7_+q^
zXOoz#NSNW`7sIJwVNw|!FhI-+=YxeXQfz=kouuRZF}E%8u4>-^K?k=|Q15NH&ilgS
z5DPwNwaF&JJV~2OBl9vUM-tMP+y=^p>P1XjDx|^)%BTB{?w@67g;XP%>XUT>U2u6M
zHjOibAyK@)Ro{h7(h(5Sz4i+khdQycj^h3SsN9<2AQ(;J9Z$@tlkSPe;tDc}aSV%<
zbYn*<I=`|k)LLe1aYQW68^NLV3#IXwSf@!Rq?&fzU7?FGp);p8L`qWubU{^z88+V2
zGRdf#4((DZtJ5@*sxdKE0}=2C(KZHeo$<KU04$ImD<-QHT!^p0o0NF?(rQTvBI~c{
zQt|^11AKroc?d8N(D!HrqAi~C#Y4M<3VY|57_POh)&9w}4hI)K(+g3%5}0iAc?N+A
z>_i*yLBZ(Em!Uzf4epBcHwjQ-PUQeDBr3FJ-yNGnJNcyYBNLn@<>X_c5w{L(u+f@u
z=Y<|zfF-}8Du_Xa&LUCF&M3Ae;<<3>aETBGgwbtS0x$v|LLEaJ?nH)omKnuQr3&8v
zE`<bd6h`Iw;VBBkU2ZL9q--HvtrvSzla|>ou-Q;?4->|rjYn<gD6U^ThnFBt)P3-u
zAAn!q{nNy1&b`booDl8x)~|05NL$uAQX9G=DQv<;jc68`_wfqN?&Cj3NZ1WCHUD4u
zPxWBy`le{QKcbGZ(s|rCI%M7c_X$Hz2&=>L9sNO5%*G0kkgr3EHrj3%4*0m*O`BWH
z5_%qFXD1A2wA$Z!E054r&H6VtE#XVX88~*Za5l9V%WPt-u|Jh=;?9~tM~mMFuzWrF
z9xIQotnZ?whc+o_z(8H@WkLsczuE#uri{*_C_ECGF^rXtNWx2f#UU%0dY%11?=P_J
zpRw)5qVjNP8Oi|VSbKz|VK7Ving}>$CF=@8;pf*_j!c-6lnK4rcVNvLv&LOFYBiLD
zc&)g-3z>{gi^#+-qEE)$)+>}Z!&p5!BF0o){RU`^+e*}_%6T#*M?6>qc}iHWtT_hk
zz0@^h1k^oLvfjA_-q-N7N+_EuT0zy7jdI_%k<;=IXvhOk&rGXVY^=GO*QX>Ywl&sV
z5<G&ohKo(8zns%G(Dkv(82PoVWKbLVOZw19g!dxkH;U+mI_*=zj6LI6jKJ$M!nAG;
z;jyJwbOLNaggnr%F}=+<1)DuwB;KH_b>ol+nsD+Y4!w;HGgG;6zYv+}xERi9wmp{9
zVc3&AzsV&{deOzhnnc>mIV&+wxKabk38r2p3d*bF6--HMF%Z`ikW))^E?dbA<rz^%
zD*_Ud=CJd-Y0e8wSl$Jr%LjeAU7gU`tF9$0zVA`aJ`g&mAY)aQqYJHn`&Cb^Bw=o>
zSgEIWH%VvMKh*q%nrIjn8$gq*6TVyh8s>M0(+5)^1YWoTJgY#3viI=e6>2hlk#>vw
zD=(}Qe|`!Tn!L#50n*TOJ^X2v5UFYNnN!+l{pZmrUsfp82ocfQcB>ad`Y2flthHf2
z$rZxgD7-tqtVqD_V3SpHj~FJRa(@ep^@R)?o6#%!1c?@&qE%Y1Ej~WJK)?J<;y}$g
z2@+qWSXc!IGsY+d02H+*cW2MJEp~iAhrvS_Gf-Q{>Zn~7vUOv;y*7??v@{AkyX-tR
zucF+clpi&uVbC!wCX?2!vlvLlZI@w<CPTT$`~y(>Du&8pZqBM9!HHVSHM~iS)mj9O
z*<Pv{IgteC?sE%LS(DrmzBZ4p;@w3NYa<!MP&Sn-02)e-CS-X<v!L`wS$_KpL1lhM
zYY%MpQI27CI6^|!n1DP>)TV~Gdv!8BBA=>4&_onmcDE*0XUytx7m>cXxTi%jhTA2I
z9O`&>PcC#?u;!Ed`C?f1O5KjmCQ2Es2;Rhh0X0Rk*n`V+W27&u`u5w~(It)yrG~M7
zX^)Inb67ei71eMWSem#Ov|%KW+j!;WW>@vK4(z3?a}UGCFb0aLLc|@ztHp%SV1zU=
zrxo0bmye$jIQKNW`xgz(ItB9KN(GvPnPw$Q>BuJTvP#)(YYP2-r$zl=F<SSSq;2d@
z*wc<dK?FxYuqxq-I?P6dwGzY>s)~PDbs@`V3fU>cMt9~Sk}8eNYd#hi(?uRsrXxGF
z<&FFAtt?|oNRo#j7q-I_6ac&<DJE?s_Oov~V8<%{0Z<gNI2XZGh(}BJjt!dG4Wi1S
zAZ5QJg)bR~lM|HsKST&L_yH)iCW}Kd=-&^Y4M}lXV;JRvb(fD+;U>)_0E+ck6FaXC
zv_xBloZ7>^+cR2!xnoq`OR{4c2j=d)ZQ<`A<g?afSrItF)~T+a(++H(nTIg#zD><H
zprZgIxgZA>6H)?+N^kQklNjZuMe@wp7K%YYW>y3kRt>UTl|lnZENgq<#B=U4buT3$
zF&%1hJ@q>vh(w7~1*0@E_XR|B6uIGgoBDYQ+k(9OIL=X$@QdE~^~2&#**GO(j8qn^
zZ7aXvI-f!aGTO(Lt6k|7dkO4inbxGSWxOQ}e<~4J#Sr9Dz!t%qcuHEochW=3GM;sI
zaN?4}c``+Ht8l4!%y+V{yFx5g&W~2VTF=|9k=an_8L+R|BpwczBEuW&zUUEVIYIQ^
z<bw0y&*CgER;^i4yJ(>qo_+lt-&KTR40<GHwpoh6)IQ}dzcdSUTBbQQNx^=?CQy*0
zVnI|Rrq0_3OT}GPN<+c2cugv7tveMl`aY_oB0ozO(_xh&K0bh9A6bJmA`gokSm&MR
zu;;iA2n)ZFys}Bpu!&vU#^k~1i43t-QpA>aesd=;nh3=N@tg&({3GvaZqWzbwp!yg
zqG?!)`bYq_k~llMRO*DXzt}#IqfY;O!sD0Bbm#ye6vShI{JCMv&pk4JUa`<I(4Zc7
zvS3vt1qqXpkW(1MKJ6R?eB90A@$*K_L9qSubosyKV2<%beYFhb<8dgEV~&1zkbCWT
zL_oaN7ZMdK8Y1$Uja%M6$|SI97Z&0~<8^3sh>N_J@k0)|(L)Bg>4P@8$vxLMU3yJ>
z#k3giUGj^`7oQGb$R1Ls7|0F2_W^sj__-lm4+p>#81a~TF2*nCo254G#efipg~+Y}
zJR!WrNY+{Y=j3b>2e5pv>WEj+P^0_090&61@_Jwmvmu1|FP~57qsQ?IWRzNS+s0U%
z=1>v+0H8SAB<yyriHee)#P1qFXVnkYyY}_SHY)dS$iHb`leXId));*He8K{m34GUe
z^o2v%*ze7x0BqgKuM{Wi;qEU!#4ZW(L04=4*9ExyhYblf8cjr?0RyyOH4a4A{}g22
zI>>&rEck)8)6Hq>o8&Sy*XgOJkon&9@rgF1*HkbZUkf}DMKtXMaAK`*<N@fk{Co=Y
z+U<7O+1A5)iG*8*a@e`nw^EVO2}I($w;X$@_dzJz{zTeZ(hS1PHRcCE`@O_2CP5?=
z3UPD^Wn4VD!?FC(a7cXUu8*RM&*?$Ib&RYo=4b|{E|R-kq~@grE-V)Y?hvAe%?Gso
zR$PI?;+hF}#}mF<%?9r(+hu`h)|i!Cdne6>9(b@-6NsiSn#b*8yvD*xQ<s1xdja-S
z8bQ7pl0!1a<>vR?sIeJ(L{Vdw_l#D011;s8*UJQ5Pno`{N3dI4z4V#7_Luwi{%<wl
zxPUjIZ6^M2ImF~wd%D?r<?!bIEywH_T3fxtjF<LxyF$b2<@)@?JCzeR0j`F&mhm^&
zUYSDbGN!iO@$o0R8}<ZgW-RyoEuC+b-JG&_?4>aI&gw4~Zav%|wCD>hXcLGc^{8DT
z-&_oR|1gB<yRga_*WLXt*=HtDBt~+KQ<<-RdT(tpq<-Y0@vWOfUT;jv@~Nktm4|~B
z<qv>eT6H~4&8MS+p{Vd$CHHu=?m3>kT<Vq>;<)UUUfCTh#{nyJ3zO~>tH`3*ny}<c
z@O_UqmCgZjI=S7&$mT%iU}5#KglSx}yBERtCj4&q=;jlJkB*@~0C;{<#*x>4DH5DJ
zW!LYsGnUt-Mo6&z{D6jN2wk`OaL7IYp!d5(2}J-2;Cle)9RLajcM<@c0R8}kK2=4h
z)$BLjNx2id<txDjCxUNGD0(kEpm%X&|5sd;h1#}HHGAnBuuN3{Er)_(_;NO{ot4kR
zQ}t{#9KWtQD86p`4q+CnlSXfP4|Vi%&{Ch;3Vx;`hbgY6m>&$9GYkx;K)bKmR*Jhn
zwKo`!k(dBY@#$o-8FS0oyAQE(R4s(<*(rTZd%0kq#iuC)Yd7?_+SlQmwrn*J)eSM@
zLD^bvDXNRYp-m+wS3U7ccQFL9;J~KhT@DDujP%woNr_HwMY|~vw7{bf5~DLF=pPJ>
zmXKCDknlu9PoR2bt@wqqSkd&R^-)(pyPT>^KYw<U64E8QgZH<*^f66&$Z-5it>xZq
z3J+wK^eoBC2Y$&yG`Vw@^F-%}p5vq%aHOx{#Tjz+V(fww`>>{BX#L9Ye!_MKKDLqB
zf2OAFL&E`m<5bY0Ht8@VT+j3xx`8XYe-%Y8Bn&LkKlYek&14J(eF(np*}vz=>XC*g
zzGr<L>6spP_JjaJK5k$I3H{q%SP(#TRy0y2k{4vciiRv81A7My|C-piysa<4jrNcK
zNBTM}j-~V`f?kY(@f*z@t-~xw`80}n>5G}dtF!X8ObeG=GAbm=b2sW5inUDq6>xRK
zLHlKN=Z5~X#=a>oNX-Q(qVS0XV+{EOr-KrUsm6~x^W0ZIQ}`3XXZGSF;gxv2{0Ae6
zRBB5;OnZ}vnqv5sMVs*EXP?L9EZ7V8oj%EZVqec;@QrKJn3`18O`CRo(^dRUDUB>D
zPE|tgI-e_zEO_0!PdBm+-9*0z`;)kOYG!11%xmKu&4YQKL&FffKM@FuM;U7WMCh#C
zjU;!Zc>@oHA7C#rQ-~%GM&HU|#VvfLxuQAPvw13)u$@4069C4~xApz}Ndi2)n6+zl
z0pdE&=c=RlT#RS=%^*L5=1&CX75=Qt&xalh)ONvqVuWe=H@mwxEY{xh#uu-K^gqe(
zZnjo^H%=2&xp{mYN^RVhaOP#PqPbE~Lx6wr`pp5D=y3$rVd+Ks69M_*abJ_iCdTl~
znFKsGu%Fvc{%m9r03hU}BMFU$fy0hYs))r3ViSfTA^**teB7e)r#rbg&aLvij5A4n
zx_ntpTc*N7&4#YBNUgrS@!!O%>bU;__~3qW9us(G>wC!WdMEkfwn^ynIiFKR;e19Z
z1SqjptSgTxUjK!0Ntq<RCQ~e_dro0C2AT!Yt#|LqDEy^~l8CD>oRzfG)u^&%N0#Gk
zdWDPhL(Ocu!$&ODSHNQ*`QMU0n4J%xM#M<cE}TkoZTBvqM;AWBtmD@)UxbMgml9i+
zf@Pl`rHD&%5A*DMM?el&sX+_Lx>RWEO=j%m{=tRsGF%fuojj@_l2FC-2f(I)hM}+f
zbt;3@*zHcsag-j&!TC@K=iqzbpsj=Uv$6F!%>fS-*$L(PZjRWjtRTC3!Lxo#nTd(<
zK2%bCIhRj>K#p_xb=UNL^RuuGv^N-KF3rC0#Z4<@6JZoYKhoOlA{jp9_33!(gk@_S
zQ*Y}^CZY4cnLYa8!#Mc>8?!<4TV{5N&cu;UJ3Z$bwwV$&&-$#;-~QKM;9F4*?J{=6
zwp80e7(=q83_-R33ohkCswAIBqi>7OA2$LL^S<4P(5F|pl$?CzOwheHm?pY=7M*h0
zDjLG+^p41L0D;9Zf}a&`)_<QW1Ye$3W|jN#|6lEkMs<YbjLa{{VM|@`M0gvr@;sD~
z;uH=wcFZ9_u~N)0NO3Q|+`OTOU%`nn#wo(l)ZOmJ948M4ECo@~cUcc?_4=7rL#P*^
z;Gq&kzaj@3n_>9MtNvz>&a#wE50J9Vu-!CV)~#y54Dk$0nN|JS)sQK3dCV=LBlMzS
zEOcQucP>rJ+~8FpXcSp$cQ6|f13KVq*lmyrh5`i_SX_=>Q{??iy7N#m-$_|KsR5@b
zwu#;RWKbYRdY4vOnDsJ#pP~D1Xo&x%Vxr{)m7^wN4fl{^H$&XW+mZPqT7o2@DPlpc
z?Ua$32lR^_A6oCqzh@+q)(TKpzHMkoZmgZ3f4MxWtz~7!Xk+^CVu>&yAFfu7spiqb
z`Wo7OVtfehtZur-`QEd!sQnG`-^D5eYZ&4qreK|!-09(N4^Bq7*LuH0JTpG%=hxyH
zgkQWTjiA07=U}bidLbwEk~5je+r$oTwvbC}H5YF8%7byvGKL9RT|N(km$g%KP$Xn<
zZUoIQ?R-+6t`@FsHrUT3_}1H29PI}{K=av>C+3t}?N#6LfJ0*JY~EGe<IC3L@t2ob
z-5Qa{g?KYF=0Ur$79!)sI#U8F?i(q8GoueAtCS8$GwdqDQykz!ZCqG_QMk##LgZD%
zV_zDzOK$mP9Gx%RxjhU;J)nE2mw%EnFV?JBahSoFNM?uq`!<Hd3hIo#>DwM4dYhTb
z==~KL?XGPGPx-nNghPd%Bn<-o_%c8A(JV{b`Bg&)@vcNw<E&J0jCl`iWLTKEK`M`Z
zCyt=EN`FFX!r-+9oZu4t#vE3V&*Z%PdUzqpwQcRIEBRBsQ!&XKC-Q4oH)7XU4&UIp
zz3PS}Kkb_M`W|3BzNx^CjXV`QxOtR#c9!J-)bq)y!)$7`fYY98`SM%(d+z#?#DcWj
z!{=?x{co~L1zX9YUAIsAS0bBmZJAbeo8LS9*OS<qf+3`DGG~y5JrG}O*;O!JnRdKw
znoIs#yP>XqJo@iq<)zvLO7S<BL{g9ZQ+50RKopRp1u7^W)uGcI$@2d{%hwKH^X*2b
z`{5_^KXxsdCVMktU5WRS%LO;*?hId5zPBp9@s+q|y-nfNrkC8JDGOrRVyrT5-gR~J
zW;$}oEkL-FRWr5s>C?11bF42b1W$^Xm&PZnaz^hMzhKF9J!mE<?!7fNZR(Dh+$W`{
zoH5JhJ{0)1rCF7!h%@q~Utrku%k8Iminvc2^k$w(({TFo(fYiOm~vsP<NSrMIj@Tq
z&2o4+*;`6$(Nn>L8E#Q`^Zy+3m%rW7ebOXJ@8em`p28^sM};FFF%_PR)D)f*T(xPJ
z{t+&Zh?9%^B3zcVF*YoHWH`l)w;P@T4(E9_J<_jAwrSNpsk7O5zR;|&vWk4qfGYP_
z{uf#o@7FC$lX!cQeU<g3Gr7vA%e<8@MQdIOU%Jj#>H3maO69u^Jua=xJDFlQ{j<CB
zfmmPDm%6`7#f4`1hsyp;5EJ{gQhxO{?N4EH6O~T<^;~z#=vm^1!i~o40@D-|la1!=
zg1f^my!FS%&yVKm%-25jC*tQvj#EdA8L!@o+U*^lne|pTcIoOZTg#@cyF@P`J$cFS
zbqw*~zJm#{@4&#!#=^qJ$O0ZD1P&82F$*dh1_C<^0z!_7N&$r%6^tAj4_^GJZ0z(Q
z2;RU0_8|T<?AWE0q(()g-z<NBPV(>1J@qw-xm=h230QHh*|W1d^k7AyXoho;R7mU6
zuNTaAIK2G$`1fN&=hGJ-?|2#3z3N=3(5{JLiwll=m2KocDt$_BXV)sZ8CNGno_V9V
zRQUG|=Ti@}*D0@EQ72{et!6{@?wf|L>CgT%tSeLH<?;9v5>~QX=<CPi-;Z^R^?>In
zve=wypQaSmx+$tnCs(PgTr?znk;oLiMO!DV2>m8>Rldw&_OVOSySSEUNyL76{q=&n
zh`G_HsAtFS_d^`tdi|TziAZk66rI)yo5Uz#)>YoVlPqz}um=xuMtr;6y?@zF-yYw-
zf3_g*PIdLiUZ=TNUpdX~`r<GpFgoewWy6YxOXJJlDKx2jXM0V!ruH)5G0<)9TrH;s
zUE6~Bw(|y^*1Yv=;)<R5E<2J+wryGcMbS^|((P#}ThF%p2XVPy)#1#Ni=K6y?>|Ez
zziHGLz150=KI>yRvQP8g)xOf`^mAoX#&mu)t*N2`t7W3}Z|YjeXsv6#1940D)Pr$T
zS0#Ul&|ddPK<lVa?v<IPTbAx$`01KnO3j94tM7hYC~uvwbNpe*H>GEVH%sp=2`RX=
zY6kz*&&7J%zbGv+SQR#XV%V+g{7$Kgu^Mk{|1HuAT;n-UV%57c!A~Y1_A909idt^0
zPcj!;8xz0CE?sEp(GztVb>UqHX8MKfvbs@P19r#Hb=<f6^Xp9yRu{f~|7?eTp4N(K
zof*_a*$?(|rtX*)-8qoN^nDhU>tqT($5=c(8qz)eZKizN)Rp2!c{8Hi|GM5f?__12
z^Ey$~_IRk!D#hhyD!E5lzeQN-pA`1rq`Yy}9oI9!xy4IX$N95$es$~&|6TC!N$Ask
zs{=1hU0zkt`&sXJ;6-)UyA!uOepB+eUB=@6*<AfM(WmS5H}Y#&DX}d*@V++Aeqn`Z
zY?Z*Sz)7#JY3&koc^{GZ!fat->G6&1D%$HzcI~**ccLorzIViH9<%)}aVMhM<aX@w
zjOn|byMNRBuUy*}Nk?zqsXuwvx&I7@ls~MHS}K2c+To~>IIhyTV;VmftPRh)w_io(
zTH?<avB&u=3X>&{CmcW6{~-BSn|<TQdNzpHpY13tS!wKha#o(t<)XCNlTGf-T=wLw
zxmxDV0TArl^0-KQVocYQaHXB1C)T-Ajr06Czv<yVx$JfsJHAy*&#&6v^kLye=c`k;
zz0Uulv-IocUhP`#ycnw_lfSZc3qz+*S@klyNMrJ@byM}7KCF{<edrvgy>`pq!oz(s
ziGCV$bwfqxtU994)%CplT~U~5lxo(0hFbT3JWHp%*eLvL?fip}wl8fz@o-~RiRRf$
z6E6Jwsu?$R`HLr>`#*)|-)Y;h|4IAv7r*QH!iBp3<oxRXnP|V;`&apb)mMZ09<R24
z4BUe3?6xUXuSsOz*DbBP?Uh%9642dy7q4Dw-k6whb^DFAnv?XpK20kN)m^8xcxz0s
zN_(D3=$Y~|ji2jRIe%1o?^SEJZOY~iZ)-DF&vcu5)$>BV=~K-YJM0DiWuL0Z+sL=}
YBP1+ruJf5~^G=~Ain#tyvi|=~0AAkRssI20

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/base_device.jpg b/docs/userguide/storagedriver/images/base_device.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..3db490d83dfa72ae2b67a6c3310959527e6d9893
GIT binary patch
literal 46684
zcmcG$1yo(l@-Mh?4Q|1L6Wm<_1b26LclY4#5FCQLy9IX(?g{P=L6X26lAC+K`)2;@
z&0A}xv(7qIwQKjOs;=(p{_Rbkm!7`?D3YQQq5v2eIKTk<2RyF=?*Rxf2#DVw2uMf>
za40xvC{ROyg@uNDh4AXtD+EMDBoqu(BxH1CL_|~^RCG*CEG#S})Yo`8ShyG<@}(0n
zNJvP~UGUJ*@K{KQNFeF|VSDZcP+`HUz{McIPyujMFbGtz=YD_y00Y3mA;7?Ze>X^I
zC>U@ESTMNf6#(|ng<ssgpv!a#zjeTKB;beME<6J*_{VUWNJKUs-(KWkas?sLgAdo!
znr3Iq<402DzF9Ojp7yV*d4JzUbrZK8eDraw9XsjZV|4NDT7CC_ZuAEL_Ku6+dc_a#
z^?HT}B!^_SalQE`f4aUeF0+1(|Ls&~w{ah&2LMp-hBdk8v(Eaos2;r6Bb7`jO!Q~1
zzS%NJ{ky}<?+KIERam%$x+A)2x{36kb3Um7E53y**WE8Yfah#yF^z@3%i(hPargI&
zpI$3)rd`+lMFCJcP%sw!7!%LTz<<Ef*0%fpJb0NSe<wRCWHI}<0>-2Gb~QWAfvWXV
zX7hxP*BSJGE+|*FFp!=2ctv#@GC!`au^h2K1OEU1X$gFnr`}Nc`nfW<s100GLm&9_
zwSNcc@gv?}ud9qfUhfzd8tr*U8cv@64f0h^j-r?0cZcmM%HVT;Xa6O_mVbA>6OEd_
z>c@h~1G$mG-x+UFJx_fr&+b;%^zYc}O|evCc6`)+8dl1?&VcF4iiR-pY`2>F?GwCT
z_U)AGJL1`ScF1gdN7RJcS@*#l<oeHC9j+bUaa%x2%@d&DN#L6|ck}<m@QQV3@3_?r
z!fhI|Iw)RuuYGOn&F!@V*5H^6C>;_jHf^zWbg`AIRxhu7{Ze1{CkpeHC>}zI*?qlr
zYUFlw2(`CZ3=C%vxhq`q0M$+WU|<c?hT)p$d-U4MM)T}|9H9=^K&vU05<$H75SlZs
z$of$FPP(@CCkXRh0iby1JwiGXeox5whsOP~IU)dn{xa$hCU@Oba+C%w_f`Y;E4k6$
zWi&S>|4&~~9<3h`RP(7`S4BTC5OC~B2k|>HEhAN>)p-3NGB&!bee^On0d@LNK0ZF*
zT*q6ME%uSCl~+v{tp)0MaaGr|a{mpjn@uXCuNkqyiF0*Y#Cn-*9r*Ie`ln=2RQ4D+
zjK7b!a&}ChTh7&^TBKOJqHBZMepg-0F88P(tG{dF!TvaOce}_=@g|A~3ti$v*7v>X
z7jv(kflNJq{ttJtUvn8Y+E%XT?N~gLhjOs#@pHKBcebY@KO#w))qM|92H<_$ha3ar
z2PKkYvIgmeu+4mVNMldapvCyhu|U6LH5nVfXK=+gU3BX*8ooY>e<HoiSm=E;a*AI9
zyrgVZ6VFS^R#Z=T_`IZSxqP6uwcB*XaxIr#5=~N#%^y8b2EY50!3Nj3pbY-c*eTmg
zcX+wy?vRfk<as$!DK!856Y_!>?rX!o5{)A^nn@=F7M6E<x<CF5%Ayx~UZQEKO4WBn
zjPVrJSnJeR`7iM*yI5Bu8rel4#@ngz-e4;3+b1Q6J3N|La_zX)Qr72}9GZAp0bYhE
zyELx-Wr(~-mtA8(LGVlKnA=~xo!Up=|C%E}mp%RxGL8p}wf(W`P(8mP`bj1MGoRK5
zW>6mfY~I)4+0Opl;B?ljk!x(JrpewE19iQa0UFP}cPu^|99bIJ#v)~R5}n7#(3E;J
z{!LySfAXMuyz|F<Y?dkv!k=C5K2t@F9K+`7{0ao6+J@6r^Loaje<a$#MB;HYt_U>|
zR;>9cA}Gke5GuHSuU`|}SijdVvEnk&Ouovv2BmQWd)dPu>HG4cmsM@Y$l+sb+LhZU
zSJ2?X%7a5*fI-{8j_H@S7sv*PCL!q70D$|Z>J0poUGHAHp6wU_Gx4TFphWAUwJ3Kv
zjS;l$R<ZNh^|vdj8@XbE_mw^aLRaal#{R&<DkZ_DPjF?OQsIr&*J<93mZfh108uS{
zR^fy7RlM+o2O8Sfi>m1Rcn#n^<JH98(X3e74nLujl`?T86Q2lLXI-1=Rebvb$9($D
zXck~=u5MSc-o;3^8}^TW)U7pO&a8P@dGck&A8;Lj2my%)#M5+ZHtTd!wZB8~e2E=j
zw3hd*b6Le=XmfELv$-ON_(-39RyCw&C+9}Um&Lb+|LE2B;COg;bmHRXeCM#aI=kMt
zZzkuaN3X-Tt`k#rmVL&{<LTAneR6nq{9~#p?NM)^?xmRgXemow!{0a&o5-m)?n|UX
zC;|x~kRM;|@_D{o?qt;9wZ%FW9hMjt4Wu6_{%#AQ36e9u`P5}T4<eA;Ss*fdFNakM
zw5`w{9nw55YUigx{?gpUikWL+>VAPovaPfj_&GXX$*GZ8wvhhaECqf@y<T`|pL!wF
z46#vjHYAz9(xQ6z2P2l`L;^bpk7~oVXWgxpETO1SrA4=iSNVeGd?flA1N}oP=m&o{
z0>9!X!)yD$EVrKw@4((S5R1imFQnWd526U(6=nZXd9}`68$Km4sPLkG_>1)#JHsDD
z+3`uVJU&udjS_*F|7gQGFxxwFp6P&ufb&zjN908J3;EJs?p@63{!N3DrSFF5UnKBS
z{qaEM9aQ`OS^dGlp&%fkVSd+saFoBw|8Kt`RyPb47*kWFDVl;FI`n_v#`n}FtogCh
zYK4U2JH*(Z@(J<vxSHH^Aw`qq_E4YqA@{c;E1v)WcsO<cW~2wozeY*YX$ZGFR^(a!
z76FuYh=9#DXsBKqSaB-AdbRV10e7thpeJSiFc5`BO<@fn3l<d2<+%UIzW)%9tMrG6
zQUA>%yVZ559EzvAL}(RO!Q`<17Q)o8<DbJyqtXoHv;4Wq(`%soZ39JJq>$Cy;;26|
z*)C3CaV+-_10lr<SnLk}VIWVo{9k28`2XSfd<DRcuKq9(vxlINNK&Aq!v$SkgcdJ=
zIy8Uz$e2if17OMp@n^9EXiO?#@M~@kTE@#7J!w3}<hgeI0Y2aRZB)yfZFlFw;u8F;
z_p|wg9*xG$G!#u|P|N^8_}POI0361URs8{Uz-a^kG{0Eh?qgL<m|#`wI=sy`U{1f=
z#;VAZsP<(trv?DHwO#<v{RV(=g9WU2uRx~adiX=g(F*{x<1Zv=Z{&K>4ZR=&0IU4~
z?n4Ji(zyqUq$%k01=KHB@HrbOw12{Dn%NC9!5sizEXxB>i7-H+@Zy_dsYJDu*2~e&
z<=hP|7u?@p@t}|Kv9Qeo_CY(yTXW747E~s50)NL*WZB4sSyp259V8DT0O=_SG+;6|
zsFvdk)5T#tk4jp?n)PfABA_v#*#yn-Vn(ppQ~)Wn8%9<iWT+dXKlC0O0BrOCcwF8f
zL!q<vU)=be7}o#*K%Q>;zv}P=z}kZVb`~y><o~Fl6a7_JJLszUOXGiLe`Kio%fY;v
z@Qpn72eBTNYn9v}0&M77FYoaiNP?sN%g6f{_W_9fhY*jmp7qO13PZ&1eHOXx22oVL
zI$SQ1|D^_EK;!yz(e9x8Hwo%uYE$4}B=F{cnz|5Bf2S@4%3tOGx8D$<Q$@*IJmsD;
z^)t1enodWq-M?@3eg?38%=muZE!shydp^`bRNv_TzQFGlU0uh1_0`)ZX_d~q<-_cw
z{crgjo}rfofC3#ZJm|LT&$NNEV(sGAtY_^IDd*C?NPY1i)Wq-_0M1`le;9yk9R+Oi
zP~Z;->F|RHB7VN+59d)|m6TSv#gJ8$uHb!+d1L!q3=!HR-L1!k0`c`$|F?jXmya8@
z2zR+T!EJ0R25|1m{Vj$;|6r$zD^k=HT+Z(a_T@3|w-kTF<;77A8R{lC)td~P)!$M8
zb>!F|Nlo(G9}dY)7;tKn|HFXc$8-ZbF4liI;OfyI=HuMI^vtLkq^Js2CyzD~t<O=9
z&tW*i8W}J<Rj0%w6=$;>Jo%FVu#tzR>>#Zv56zpXONiCmPvZ~acQch%DI2D#=XNNB
z)gWgbo?M@P$gp1hsF~^VDb0yO)>{l^*t3}{WGxuf?U-NWH^=kI1t6lYyFnAJtA^_x
z7hF((uK^Qi$-VvM4nS~I6>)UADM`xI&(i27G9AG8i`1-GxJRm*e(cjyJURjZ*sbr~
zFnHDa0B2SW*zn;?cK!`K{#h8X?<@eCI1cRs5U~q20KV-ou<Ps$N>)U}hZT!L?8!?V
zD)z}sJWq%>+z;zARP1Bok^2@!Nmhpd;K*+es;z2EFbsQ&(j>xV5Oxh9hkSiK6L;3F
zn<{@k<uJqmcRu=#zBaQr_vI&5=yqy}njXB}o?YE9!D;<I^F?zqDT`%xK%VcjCjL~a
zml5?~U5ALxUI}4NEdV$@lv$|%@ouKp`;`0cec#xNtDsSoo|PQ9Zu@ls04&phSuTKh
z1H685jWlu<<V0gPuz3f-kQSDJL?91gI0^uWj2Ym?VE~BXFb5pk76FKGkZyKNE=cr$
z(jW!?YGZx#1`Xk##`X(&|4I2Thx-(H{S1KCUjSlOT1t-yM6mtB{-Xe6Cr8g8bqz8d
z0INRu{O&3jMDb*1_p8bJ`Gd$;ej*RgKr)B|vpkexNe9XPqX&`#z~YTA#}r8XyMaFg
ze-jjhKJ){kC;%8F7#K7dEDSUh1QY-PD)``#P|yGjDjGTlCKD_QF`JUIiX#y-i-4el
z0~QG>ySyS9Bdd@qhk-LTxxS$j4yDV#kN_|=u;E?j3d0KrC${y)C9C%8nngD~gQ~Nx
zKAm-+koLA8uiRX|<DMO#{C{(K4(6JeF{9Z@$@l!QUHAv!TYl5@!3Hb4iD~x}W(ry;
zX8IVNk(!=zKR2pW!m#@0!UWxr3$%w2I2<)a3TflLmE-xvf}0Uq4qCFA{v8s5k$c2>
z--Hr{prb@>j;?+P3^KLo?$3`}AN@j_>3>l(>=ug1_5F-sPz>CWJ6!$qgB`U5Bg@XO
zV?_=RZSut9PD|9g8&`E-;ntZ`V9{<#l1O2~TYu)OA-g3Mk+PzizLhY3%dd!q+>-J(
zCOLM1qK1im))bFE$|%c7OI>>J*qY70uQsblg;Db8r+yDF(Z+Yn=;Ch{+Txd`nTJtg
z9!%1RC+(c^xbNj&-@WVe-H=ojURkNBwhZ8<$E+Eo4&G%^li#Scswx|`@E_dk#p)wb
zSsEk{ME0RZB!=#}{7#TE2p0s4x%j2G2S+HpZhV_`2oD~25=R)-8m%~Q#h<LVp}?5S
zfnYrJ=Acs&IsRR-4f+Y#WAzM;<|d8yoRe-wGE>>;$}Y*`qHtK9Z&!|jVv|uqqkW37
zS^1LG=smhI)HTsy+`a4;dVWv9;E?G1n7Jy)7VbkM2XWm@trOo>x#ALS3!0QNw8dJt
z0?U%xy!=P=9%MeZ&q_ps%o2OOF|vDMp|jmk4aUi^3*wp;7N!fT>8WuOIw<jEe7YB>
zZ*W45BH?LSUwP$8Vx-VdT@Lk4?ygOxz_FYdk(o$4mQ{5L!htv8tBpLKJv!?a!VKrk
zHidr&eyN@R7pE)F&dylpeiBLc2@c}3N*dp=Xz9EY=g0nKsIjQ3GiX`zi?k%|gf|SO
zqJH12hR=k2=^J-$+|_s7$m0hVI(%bc(?o_huO5@!o&kMhY&sU5HN*~@O|wMpRP!t~
zhF}+sgtgGfpPGrWidT3aN1Pt7nqx2M6&!20bR;SB-7pX%b`%wUIlO7Vs2`!1R@QCo
z+mwSp$=gx5=T7qbHS@He_PHfvsCS66m66l4;7##hJy|OprsoiPq*5JCf`r;_zZv$o
z@w{Ck$F`)4^#Nq!R{WID)if>d5O`B|*4}Mnc;i-#oC%T3mZ$Z1kq^^ro4DCCJ1~R{
zobNB0WRW!*Ep3+N9YxONKA=Cke&O$aQ+7NWHKAqBbjN^_TK%>1<0AVaM=acqDq{QE
zomOu}a{VE@ieUm&DUYbCDQ2?4va}Ws3|EAPBz9Nvn}$SXmN43Ns)$Qu)RK^2>0&kH
zDpA)GOgJ~a`p~}Wy8Mi4f+AGw=?bmvjr3(Dc3z|;Tx_KHn?na7!sz5{V_t+>k~pSa
zoxx~8x@Opq?aD%h+*J{i$aI|9XTSrwaTrB^v_kWiL(b||@z=}+l|WN@YY>pYudqS+
z+4Qn@_4QhUKqh-Xc#2@2P+@qCs$?yG-O~)$=!6Y8_=0IY5lzb@IE}(rxsf<JUp=DH
z@&OFpST^iZ!7Iv}(>x#lcPfj?ux`4&@dF2p^BIjnaRH;-C`x#U0j}S3_?w@B$DPKi
z94ze&7S>oT*Z0rBbgdfu7R0V_(jok;R-J&ANpE9i$UW22P(6&5=hAFeTnI@`M=$gD
zr-o~rrK4VMzO^nl%-cfV=n|dW*b%6o^kOQUx0ep%jzlLS#J5Uw#V*P#Te}`!Qhffe
z9=USq_3v})oEvhpA^6dUuZCB##Wg)c#p*-clzZ_VS;&l8my*P3oBbtJ>R`>7F-oSJ
z`1OHGmk?o{L7DUkB6B0w=9)evF3cl>yvZ|<xx=5-bD1JeN{0^|WzWD7|BlMqC)a1-
zzuiyT9zLmi>qFfW8jgFTtS4zZtGR1?V_9aw>wKduCrND)R{kxbz2RKw(eD+FPT%KX
zH(#5Z>in5DPilrjOxD3xrRjMcUv4k$@I%X@)QB$F@?uYH$46{!`pvJs?Vvrenxm(h
zoQNET^4B7gGEY=BsqJF6;q{|=;aOA_AGptQA|f|Mr)*WK=b}}o9!!|gV+G;99r3>B
z>Ho~o!!6uVp^~KnOItCSP{hG)R(VtqHl`2h&}sy`^zIbX8#)<(i79^kCT}Vh|3sJ(
zQrIrQ$OpVj=sm1@?bmJ@i4TyWY6%!_d{5K@P}2{Rs3py|-@@ThVq!4_m`*R8@8e~K
z9r7U~zCr~7ki1~9gHvP8i<jpIMs}B9IRQp@MAY~$o?PJwn6eN?(W*-g`%f50SA7s0
z=h&=Z;@(NH(^}2;qJfZRVlnuxeAx*6v_@z9L#Uj*Y*hM-??raQNO``r(RssQY9BBq
zPwE`i`J)Z)#*w-|15JpWA2@If{cZI`A8IyJ*G$8}-(5!mF$}Z@c%nI{AJB+i4Z?oH
zo9D2b|7X@dlFMu<izsi&5hV2)dm&IV2I*?dX?0~YS>gIB*Z{DyzKp7fk21!Id1}1|
zMOmL-kA7hr+umEnSIw@Y$-K*BJvBq5aNJ__mON9m-Fj61=W2Oq{S5q)seZEhxx7vG
z5jOj+Vg{Ch|6b5tBC<w}_h{>}6#{8drNKm599FEYGNMgmkiT&a8Na2`ck1;*g9SF7
z)5eFOdAw-8LHc19uSH{5i2A+?6Ee|L&O`%K!(rPTz8iDS)kf~}>J^Gv6E_;zf>JL+
z$l^pAvMGnrcCM=rNV@zZXSTi^>ef}l8i{*S;Ssw+p=c@?2Jee8<Xd7egf}gZEjIFF
zpMfMgo?{>G|0>Ip8U3Z5O5wb&dRXSPW^D@Em5Nn6^W*kXrK}o42KnQb4S^+tOb0D<
zqxUzLVn~}D;`m_-a86iS+qE;6D|?Vhso5+@4~d3f`Vec-(|h$f`J}Dj5>CGLW^jvy
z7ltiz?jm+{Hr16GruSP$gkU;jW%ry$u=)x<RXS?BM)U@dQ8g;WVik5UEqQ8&e*2X+
zU)!!&be0}K>(2Tq9EA?i+-4K!wy|XvS&zVwZ*@s|W0=l~xHi_ab6jThyinvw-aGsk
zk9m$h^1RDOErAN6492p7gow&{QxR!j`q!0q(1pe~fpL4ZjVfkaQjg9bCXR>NU4KnG
zS}Kl+l1*Z|ZJQ)0L6$7ah&fP{*TFl9ZCh_Pa@_mQ%{Xzm$X?FJ2+E>3aNDnC+}T!+
zP{oLdPFT6S@K6+DBpZ%zsXozuE>_3i=<sT`TSuoXAPcD_FQa(|@OWcV;Wwx%-3ZGa
zagCx?>Qgr`ztp9RrfJP{xnsK)?O<$&k85l@`l>9`QN?yIhs_Ir?dl^hM2vxv-qP7%
zVmKT@PE8yPe}H&f;E+C-w4+vas<Fe`ZAeqhwB}hcTpByj$5#1mt|Bka5q}`1tm3D+
z^*0%6cGgevXLi^~CI8ruRCSbsXOY3->!#48wNK!alNrVbc!gqe#E;<0Aw8w8HbA%T
zY#M3rGi>6BP&}z;KfNJ%J2H25PcZ&8%XGqku(a2HmB5Vb#%O1T9TKT!IL&tUfgDGa
zX62OESo}Z)Z`$_4zF!SY_e-bxS8POMd(2b3`KU{0hq#E2+RmT+?{-dzF<lFh9jPxa
z?XDF(lirZ{$*xc?LEP$iDDkbExZi*Lpt-wVK~HHvw%N1&?F`ENKCe)U5wV7?H)*IJ
z4`+ATWuS&BgGNJ@S&y(lI}UkdhoPdrj5&CWg^J<R5?`v-k<BMu@6kha6SfH&qp@;d
z8NO>Q;fsER?eTsj3zwzBpbu@<(^8DdPK#{p-Wy!!U17^VhP~d4`mQq*^VQ+Jt&t2_
zAXZZ1Hz6C&XUvzZIgCL(&M;H56<@3)L#jL|3eN~kOC8Ru=-_n}0I!kn$SI2dt^occ
z=m`R!N!2>@&U$oJ2m1Y16s4m0!rabaT7wmw{7Q5**=WTxKsvHCf%Ro+K;$c}t)<6*
zk4wo0|1zX+jAN$??_2@`+76ok8TxxqzDS3-QVVONkScuR&+Ahz(cuWe{S|^W`u=yQ
zY6zbjDjT8%rFaIwe1H#@{2t-_E$9<unch9dO4t<1Z+pN(&FLkKVo8%|!i1x7IZ2gk
z$MLN)vU%;}3>Jri2^CO+#UIF0PQiVeWe5gZacj40yEq`RgrabWi#d3$hpV$l%G8az
zqmesW3CORQEs(a~iM(zyMJAth@cPt!IEovl;|%$01ZPliW;@|idJ}Ka3U;d54m3uj
z8U~XXj@<?J?3EWXhlP+I)>(9n-+xu4W2*+Umd23Hv_O2-R>CHA?eFniXab^To~rHe
zDF;6$7)gDf0pz7sU9%O@&9B==!BXZN0s7*<o-kXq?@&Fi1X$&uvO+Y-k_8EQmhZVz
zm8$~7P2pa(9|`x-F1(iyiCSQYSl)EX=o?M~x4WFT#boN!^{$Cl@PV~vpUvzbkE#^8
zp&h5z6yBf;@OanMj!@%pM=0!2?-m_`ZMcjVNW%5HeUJi^%HW)=hxPLcBKsHV4dy}7
zvPab^`1A!z5_R$N?Xq!dr<T?$f4&Xe<PeR5P@;*~<8n~+m^7cZtb3@MeZ)CU5=MlX
zwrg`DD{5L#sU6Auqt_2Le^P7ZpR;yHKLaUa4y)Yb<BsC;j;NS~>3O$r`Gv1{W^`~#
zbr<r=*V}cLHb&CV2ER)$x^mQ+w%2whvaLs-q*a~R8Be$wc~Mxk<1MrN|DZI_g)tvU
zl1CEHzu6#H19S9QxGWm2)f*>cQH#Bv_V8NWptYm<-0Y!Uv6dCb;Q>*FI4t89GECi?
zgd`7><Lpm8%=XEBtnqs{GwI01_&s4%@{tP5i2%9WwaLg0=^8HD<W1E3)P0teSTnYX
zZ99}sdhsjL_)3Lg^y%`}wpF%ObNhfPfhIvfzE%hvHr5ld!jIgIM~G2}uGb=DEAp5L
zkuVKz@(tZ_D?zHnM;rw#GQnXDW*laVeQ-?NVl=MFO<_3b>&_@r{0kq~pdRmHxDdPu
zhKdo#EqFQFI)7$Ai*YPT{SAYLkjIKg_vWj6e!Z4|o!GkH&8<8Gd!Hv#WuZ(dnFkeH
zNtJ^KD8iHDc*tvqDHWum(W<z`aSfKmG%|-OlI6HN?@-rC(6^0;OwIJ5$KGV=;)j*t
zB+#<-#B_}snOjF{M2-+qN`6dqIK^pXn^&~P>J0GC7apNhIkn<_23BcpNM<sHU90PI
z3)+_E8Oc^AKS$1o@hDH2(N7po6ja5H7&hZmeaa(_mL(aEI4GvJb7yNfR~UK*MzOMP
zyRv?7Y;w%`E8a}qG|e6DJ!m4d8jIv393<m<OG+77d*LUzJOfL$(pj3XXA6{d_g2M~
zTdXbHVHx}Dx8ClaRDHX}ytT=w=lYcS+DpdX=4a+rMdK+0DN}94@T1{EyH%Y|{aMbv
z`_JrRWxaa4e#WA0?clLAX67vW-H5MmVfWWSy-TPLoTgt@-SV@1etM6tF)v~ropWkB
zeF-fEKe8)NSl0%{{`C@DP1sy@B~Nj5;kAhtgOxjP+px0BV3vL*nKx;@=1#4lCLN;;
z?tL8s15G%ZtwSmVac4<I9qU~#f%qbG3XiS|ODcO_;-TT!v2PE)|4VA#);;L+1t&u8
zs<4J)@-CBzyS^i@RR@=_pNAgkqlc?sYa{vqUgM!H8p7r(p+NgXVW>h_u!a@Y7&bCw
z(`|c#sZ}XhciRY^Yo_?yG_#a90z=V<)eM!mHEB398>iQewH;xcD98EVtCWni=D)}g
zEI6vzyF01KW~ijz-ij2G7b@wGWa!9pFUMCp;2ECu_IYe^KW(kKR@)#H@~6tB6T@rG
zdcagxjlf!wGR7!7#S9%0<EmHEa9q6RD4zW@^-p2u10SA}YJ#dn-inIYg=8<3xMNnT
zQrm8t4@M~q);lFS7RkYp8_XQ{s|ibiahgj@cG0;K!`Cr>A(;!$!xI=}@q@tKVB2WJ
z8JulB#Y5eBoZO9#i`uRKko}5O^K?x{WK-v`(1;U1^VOPOMJC-IX^T>LHvAVj!m<Ed
znvb3p+W2&Xp|ZzmQ$yPs=}TzP%mjp&wNqvRzj(DCyx%aavHu1H4vlKSU}v;3ZYKQD
zei1iTifmd^qMhp%C-orSTfa`6#?DWa*nIrg&XRxHNBv#S`9J4aRnx5*ds7?Ur+Az?
z!X3wj-DU`qQbJOaC-l0pk0WY~eRyiWD#qy)k->8@e>6Lhn7GL#EONgmT)1zVqHm@|
zrt3vUjwyHiVGu2!nMhq7URU18Tqa?qFt*9U*yt^bl?#1-UNvS5?Ms<tBJ)*sh_;pZ
zK2;%{!$&<WxSYhE3lQ^jXD)AGQ88{Dp1-IYI~`^fED<W{VoP&rxo?d@ZRud6p=omt
z<*LIOZ0{)?r&C1+Cqe~TLbUslHX+6%M78*bb=_(JDux}30($Rf#wL7U>|DvuYiTN9
zIsBB@SAWtv{xF1a;v&&`1~i-LTJYw@FYzKTGE%g=BwIuDS3aLEFDP-#${^vVz?~+X
zLHYjP3-JCByw!j5v3b-Uc27k>tVYkYnRIcLa74d!siL^Ks2M(!B8{zd|3!%En2{p1
zd;9kM>B|*DN?O$!lpFZH#?BpuA*IUL=DewlBZk|3ml<K9F$Y83zRRxNn{U=dyVD*z
zQc7RiBcR0`sop-dp0D3)7=NT-=Bcp1qYU;{aD2N)Ao=d;beP_w{YQ8w!lp@*b}BEQ
zB(mfEf^jpk*T)J)2TNNKM+xeumZ+^~z|w?+4~C}HF64~U19Nz%@t4P&9*_~u6spfa
zq{4+|J!LCwa;F-L=Y1kkt76$51SQ(N>?pkycHj#zR5?N~<l?5eWhaM#7_(F7{<vTN
zv_vms_4U&blcoVq*pP)wq#r}z?vIdvK`iDKwm4u6i*Y)q*C}24z2L)9`l6{jqUjqc
zxSNTzG&bA~MNaak1^I!@4VB@JGwOpe#qwX2gf+!sYU|WvKC2wAhHu*?Hjt`FWx^Ij
z*s7Kp_G^uhWbhOt(mey6Im!hPg3cBQ)O<^Exvp#?{Ic4xXyEF$3G;qf3ThbY_9x$D
zox`fRKdjW}I{PHEuhl6a-m&~-Czg;hq7p`Eg%yMo|E14{xj=)1+#)bl?*<#FCQYF<
z^3j6La43}Ah@$>+UuDNOsz9iA+yYvzxR&TsQ`#%c)mDU|y?@O8+g)7KSTpZNk*|!E
z!q>t^k#vEEb{?70mg2cpE*(cL*T(!Cxw2j#%^F!3f+4Zwl2Q_(t7H^aRU?tZ`4@y!
zn%1gtGR!n|w9@24ZRo`ip=4Dnm|8Z+5r<^_tRvwlS^^4!$!>-MNrZa35@*phb}Yl%
z2hdxc24yklp=^2B+dKrkMA>uU)w)tr7IfaJ;DUuA%bgn~EhKI_ed?hSj_ez#OHXam
zP$H2{Kd2%`vB8H$Gch&}g=OFp-6x?i6BoyEdA|X{JUCZqG}v;J+5*)u_O=MD{6RbR
zid`Nn$Gir5S6S8!I|J)U4`%G{)gK5c>0bN9lsH}~gh>T^BC>^cB#&RnE{26oJVPba
z-a4<pQ-2-&=)FAm3a0W(XI4TNPWpZHnnhjdp*4-G=ba$>D}y)~2Pq@i=F||*dpqP;
z>Yg6lgP051%CU`MbI!0ccP+WqO;}&ZZ!Wv*0;)U_>qwg|S{_bd!L+%VaC{6HPmD}2
zGVC~l`y3>2JW6q_UE%8VW0(xae@z=RTbZ8pK1r&Jd+kZ0w-|6WW?)gFP8>V#U(IR}
zl_b8wvpIm|VhQggjzl0RFWpm1siVDsS3|{XF8!32$wXQ*rxL#esaISl)|w$%wdq*=
zS^<0F_aSwE1-TsN`gl~FcO0x>YyC?awrh#Z?8abxyPvq~XQv!Aq?uDktfhWhi9nj|
zdbofkb$IbW1MQ|}!%e5}-Vc8DMp4%@U5M{n6;NreUR5k>3?~xQY}#K17-`j83?<Z;
z>3T7iaivu>_|S<6d$4^=fkWaMNt9r0l3*t9Of8m5GNl#O!C`FTLj&N4M!NhIXyo^<
zE#DTZ@u$Jb5ac_a+^ZDC;`SGWNR+cp@z=UWbtxv$Dk_Wi1sm?S-sit2oFcBKZOM=K
zA&`fvOh&6s^&*#xC9NOk;4%)caW#n#`W}y@CG@KI&1{c~65EH~vdAgZk3;JJ*l1OC
zlt_Nxt_jL$AwyN!@Dq(k_uH%-d7$XT)md4~Xh^@Yow2&Sww3!~;pUfEGZdX66F$D)
z`r}KN<!`{^Pg&7bg7mWYXDUC4a~320qBMZX+OKjUqQmgXxl)(lCr!Hy2y2@y&dYmL
za!sFCzF|`v-z%d8;cmaRc&58@gpPyV-7c!mC%TevJVB7%rHBj@rqXmo+fV1cR&>us
z1(2$qklk!2!r_et?%7M965GXj#Swpyy|!g8^;ZP~9vo+T_7AmoyBFS{?f;x-H3nkI
z0+fP-)W<s08_Fu<`z8Zm9DlNDsOjKaPWM769CtcfQoE&1x!7Y)=^U3PH|~axk}<wr
zyvVIAvd(Lx<^1WeR^eM=aWq95RRiqXu6GeQgT3EH!a=dP2am}Lv0BxJbi($uoUCdS
z_)-)ELkgm+%9`F`Q^4YlU(U5j28=ko(S`EhRc@RnfJmt68C`F8hPTWe5rXe{<>iOR
z9WeqWh6~_V$c&U7tz3wG!ysa7zdMtp_O-*dh5q&9)<jE>2p>8Kh7H?yPi?l_j)_DJ
zn@b^MUvVy7F)sO=)B09LRkh@kkPr-w>*@3%H57RPfjjE<g_dO5GCuDCksCvwN^<g-
z{z^n5HvINQ1!@{7^8^@3Iv#@lm_K0LpFL~o``4%)J&ivbH_~%(nU=!Lw@6s}<Vgm>
z8Av!ohqg;mh)|C1dSmuK4@d&slvF*qk*;U(Obc%Bn^?_HS)n#Pr$SM7#Bkq=@7>c9
z0Yu+WMA>~Mbo9ozK<J~K?8BGsOl=BacuwcX3;swA!XK+I=UNyeiFMT-HtyV80i@W(
zkvBB1XRtLyQ3sd3F+=q|3#f)!N;x=W-!A50FT2^y1&ABRK0DBquZcMJL{+&Js;UF(
zKkI_*%)XDCxHyYR9Cl;KOsGi*!w&9Y5y9@tRpJB2x=P^e(eGB^?-7}~;*8kFFElRm
z2}(j^NJx3vz-jeKu1LeYeYp=l-FBSC;jjO=zx`*q`-OI{K+WbxUHr*a2DQ7U&W&$M
zlt8rf<}y;f{>sZ75OTUqs4<(dBFjSSLVv}23OlJ9UZwYjec6cWn53FZb1<!PGiZ?+
z59jW(#iCW`<{#S&zq~Ho<vEH#rUoxbF<Q5L{@Bg^yv9fd&W18H^s*roOFMQ2ZgLya
zJy{+>9Qd#;hS&`2Z$ewVmUooWH)|_#H@Erld{Y7xJ9>rxWiegOGf>+23{3cC@EGT9
zvJ5~=k&H9qPiJ2l9J3>*sqrmL*Ku1e;IEW|m3-e7=x?fte?#$s_*&^rt&?kFsQSFy
z;Nl*-vMuXfW;@YDbyoaR%otK_QaoP6jBIdPBypQhU`eY(iwk$DnGL!{UBYB96}9fr
z2dbU15tcQ_s?lC~5~-nOzKN;9<5wx-k<8vB4i4HS@>`O5QJgN|5!jf$VVQI~Hav3<
z&%jl1v5#HxKi1)2v^)=G$IrlemsJDF%&<W6Czg;iaAxT?pHvgf#1V7+Y&z0i&ZPzq
z6&{J+(N(Y4G^s#z=Bk#=G9T1BO*OYxd5Wlps<iXBQ(WVyh(WHJWfNynv*HF#$?^2f
z1>{0Zc{uWL<*}T%_y<{|-UcD8Vv*|eK_|gWP&Uy~aiSws>&#N$dnq%F9tt&z$3N-?
zuZUW+Y%})hNe;(vm_@Mv8mlY^!AE#|pf&Vx>%WdaC1vEoI-{irI?2pl*4C;@iJ_V8
zvuaE|^aWo`phBXV%6gIVv4`@uS!lNBMDcl&*2x_8`^m>O>|%x_%B@n-6b;qKdG=%?
z#Sj&@6aN6VUT_JgM1KKW^>xIK9uQz_gxmcB*jhvX1F&`c7hpT_8?d#M4E?tLzW}x}
z7$CqFkF5zy+Qr%=^3Y0p{WK_6+*+tTEG(zvUwG}GQuqt=Vqq$85=qDK0op5g;NV&g
zWeV~G3$DP3W#dWSK<$zWi;+li1d$H%N8*AHa5LYMjhH0FI!QTkVi?Cmt4#3O$M!z8
zCUJ^L)g71Kp%_fj4Frrr)MeTRj1l7>-ZB|Wfs?St>%S)$A2Es=9BCCT2+-bcP`t!x
zbhO;Y>MBJA-YO@9_vXlQFHMwlQ}eUaL6h6SeiDEX#A28uZ0dlc9DLWuwYqe(Wx@l?
zUCY?7h*|mT&WHA&=OPW8OzQ4e*YFh*2(4`u!-xMje3<kPKCI2td={QKgZ5rMVIK1t
zh|U&~Mk1uD0O7;T|G|eNMAJ0u=2arwl^70(&{OOCOCQvXlZxI!n3AfwMaM`<zQ#vN
zjrlh`-2WFIPARF@`8PVO`7d-h8iWpK|3!zT{A8CvDD{gK9}*Q)B$?_tRs298brQK~
zo0ZPM;k?f;uKdd;_mzyF=u`!Jwntgp<@f=aL|e|At(b1M|8|V+KfpID`}{2I;9v?z
z+(_r^vVRn44V@s#B|6q#8fZ29qVhUPr8mL#sAb`weM0`_fZinCFD_yyMfdo3Zy!WR
z#}^73MLf^uv)@ZYle9Sz43v#Wq#m5T9{(@o-s;h{XYY1P_3UdKw3MXA+rjZom7msi
zlJc0ihb3oZa|n-4qTAM&jqfOSStDc#OE;3|Q$Wc5B?!5XXm8YrpCveZLGIZ&{vh`o
zl|L1qa&q@wwl>#4JM(78C2014Y}LD8-f`|$y_B(Pxz&nO%9Pxj#B*134NsaOR_WCG
z?BZtW@{2R?8q0kxC)rj)(&(bel1+i*=r3@uHyN>2XEZo1jhF3LHt|o)qU|aZ{vBGB
zFN3t=+4`Q5irblGHN2gUFTcrjytc5Fg39EDP+mjCB1z-KrO0)0hNs;#Kx2GR-jIHV
zp|WQD^}kOHgcuZ4@|jv~%=yh8*~~-=M;xSYzHLUuz<1_*)@IWK(wCQvWKMqU{ztdM
zU@970!Kj+bRzcrepI}}2f;PSI7kxE}hNnr_IPwX;Z6StXc!lg3{lsUA?@?>8Q{@;K
zMJx1tll1g{y*IWrmPC0DQ6FW%Ef62#llVLwXMWXw@dFMu^<E8XNm<8t3-ABs&=!9t
zsg5W{%^Ku-Gq0cNMf4$~WtR_UU0$fdzg1X#rXa<}#Y0rbnsYGmwLe)ZWC-WEoy~Hm
zHrG!Q##4MZ><=qTGp-ZuO_kqb9LWmdGYoa!Ua$5gX3uuVxJ9p$=a9%M4ze%2CGC>E
zJL;GrwINwx73wcmBJkmgrgUEA9lTn5duiBk?#*r9*gAoj3>g^EKf2hzaz8nd`MEL$
zfs%H8Jkd@B)1Imc6>Zq368CgJnPed=?$FjKF9t#LK#QR$*m8Jt-C`=~3>(XRPHC9Z
zN1sdc^Nuy|1k$WQdAwR?S^uA>7#`mPk9vMSUS)V?1PxhoDZu+o%5WU}rU#qp>m+E6
zv?gqcG#WzV)L?hgT%KP}h6oJl%zKgZwX%e$MmVP`K#HLW>}_bP+we=!m<&Ul$3z=Z
zY9h8PXW&&EiWmFW8c5YtB-%vCi{)^NWolHz=YU5GzO%Tk%>!4`Ou&wAU5z%1TpEKq
z+>I!yaL5;~tDzsR+*uoOAk|`nf>lS~h;#Tgn}zZr`k)NF2dgi&DZYRKs#F0icHn~?
z3k8A((YQ5qa_k7L$z0!{h8|HMMomFNvyA|TO~s1;E7349U5rOBDi*;8bx23*VwTW}
ze-{4ZQIl<HT13|~i&sCg%^~g05c_ndVs@NVeZ^2G8{U?oI9>^~m{E}0>FJQ6^~iS)
zqWjsW?g@8qUv7^EUAJ|;j~SBR7(kjW&`IwIj?;iQV2A2=U&agytI7VdI!L6FTCmd6
z4L?%q9F9uRADd`_Wh=;T(&$x?KAh?GHKBExH0*#x^REBkQBup@<w02^IXSZ`F&uVL
zXE0V&ywRnThvIb*^RC8QlX)$s<Q;=LSwagcTYUkq0=2mkYYfZ5k7y&oXl<oM)gF;C
z)K@9vna3=6u4kW)PQS_-_Uzj*qdC~_@WlT2p^a|ac2axsY?}%<>YC%2GT-;qq!k79
z%$g5_)qP+LJ<r%yB*<t%nD@vbAA+Q5L%=|@7(v@Rnge5r?gRDtjK1(ts<h)PhX-)T
zJ2YXzF$3I^iew*}j>Yu1fhf*2U7V&Hw#|?wY+norsUCi6K<)GAUgoO}hR~1@lUdOZ
ze=vMClphkS-)iJ69Y1_;%4Yn2su-7%*{XUY^~dJ;2VC=L@)_;=^FrLgxqh7FWk8-@
zlI9M&2t`g0OX(2P(@+b)&gK=-`8I2F`Nny1J<2VffIq7n@}<J+;(r~`n)+nD?0faa
z2g%IJI;}5SCpLE^z&P%Yn&HzotNG<cOS*#C@hn4h(L`1A9<fX@=}7D_x;t`Kbwboz
zenh!%o1Wt#G7r>oKwb_{Y%npFS|NK-KovYq8#I-fUZOFxsm(OGD=$QIp#_NOVN~?)
z^F-#5L9B0<s+**XJ0jL*_FpJ&Dn24njKgQR%>{;Na7z-)5JdgdF$rE`Egg;nXH%MK
zyjN}(+pze6cX#hQxN^-u!+`{P-il9cB-nx0D|UWS*}LBoIh6pG=T5uEJVI6m`(>m5
z!ille2L^2%9?xwqJVc`+<rBi|3O&sF-hGbHcrwVZ+huFiRzV#P26)Yn=n#W8G}q==
z9^E@1o`H_Ge_}O_kNH}PLxAp}qfGy9eQ!}?_;3;$_5D#jLgtPezdTHPpJL6JaNN#o
zBd+joMZJXugdk5oy3K$1?MW;_)YCC7eNUmRus>>hCyidPl(WxXD(dGeTRf}rn}olP
zynk`T?gA8^*5lufSlYfePEdg~KR0yeYEkYAjI2QBahnVM?Z_*FC_QYAO{bO0zay2p
z$-u8JdioSZfoC=GGE(O^v?tV>A{$g6{{7fX0D66c9mgcn*cNU(J}1+fTC;cK;e&-=
z6F;7Lu_bS9`n;ax@}`pJ!WB7WL>D*66fT0PB(SrK1*S+%p>d;OgPySnVO_d^)i@J;
zF)R7XuRWVp>*&i>?ap$hZKq%O(vO>kzgztlmGx+m?+KiF_K`%T|M!*u2j%}s)B<I#
ze(D|FXQ3M<^1tmQzYzzz_OnWOEAMxr*Zt8nZux4y|5L}+P!@Z`D9xO41iixl+m8RI
zPTHZYCHD!%F8T+A)m#s<r*zsV>vcfHgv)B47u%w3_{rjbM5xjDuC?K<6&F7$f*gk&
z+1BVCJ+Vi&I^yYVzs`3=;}=6sJi15E@!)suHF0B?^pEz4Uz@lxmJ@}|?$m%Mm_o%|
zdr0>>mx&|HaRpkZumlvwV(NzomFi;Uf!;otbeq3%KQ?sPjc!=oqFqdkQ#L?9-2N!P
zcM83g`c}6ZYu9N}BRGn>!aK3Tn3-4nXwHFmL+Mh7)J)s^R(~_TtYXmrevT;SJyjNF
z2k%suwbL(~XW$t)Oq^)=FwQ<z5v)fSPnpfL0{0p!C_RT#d#@(8?L*R+`8vTyML3-E
zBrJB;_PS&|+UkUd!{}Ai45eNhs`a?0diKmbhf_GRRg9@CN)uJ1hMr0aG72001$n3L
zo#y^}SKffg-X@H*nibmx3ig%B*HqceVv-V0%$50ubKjesNQJVZkw#8e1iqTpaiQ#M
z$fltqk3&G?cjyx3Zhs4bN!tq9z-rfWd(sGg2C|V`PR5>cjlVw7UK^XM8O_8&n<H)V
zq$rGKiPdShmGv(IW5m;FTG1h*X>yI)h!gD%DXkrbO+C%nNYZ1tU7sj~YO2pQFlT93
zq+r|SvuLR5BfN1fvS7W$lkFQ+UYo3*<Oor_@22!9)!mKCnFmX0y$yskx5KKHlA=vp
z<t%HcPsXKJ5<Q#=Z@NSi?ROdtT%O9%3eXa^rou5sQQZy*#t(HjJYPHY5b~Qz)8l;l
zL5yF!7VU<RnH}o!4u1Kg8V%oY;E_%zn;#bI(fhtsXhPaO8dz@WcQ~QpvK7%%81{Bb
zA@X}_f^;Wb1yLN5#YRiu@&=rl_)$(<@<NEi1A9>!9Lu}3Ru;3iG~Xs`lFdCnu{}{n
zPflt$(5F*X1XU_CQd?<|j7NvC`pP`jI*zLm)DM1An<|NNPpT9hw2tzO{=uV(ts-(V
zx<U96Cm5^!4J3}BxnYkT>`*lolLmhZLT)wsYvN4lQVT70ip<PDw$j1#>#SQpI%|FQ
zlNFV%2@*&7@WHlv*a9^yuE7~_EzBTOu8^$@D$4$F2^59%!MvmyRRQOfZCZs=rXA(5
zgC$Wi-u#xj0Cdyq=>u&uvxdnDJ8L^4!5X&p^s$(eKJ>v;#}DdDv%-nY%p|OF<wVfm
zy?aFPOmy=VB^YY8U2Rd3vQ>l)7nMlJ3<QQsdg`wfBFbni$=EdSTWp-EGp!kE@|$=$
z{p3BbKH_hI-rM?#d&va5VSZUOVgsNVpd_@Qr=GW)rrauDs9RZa+Jn2<*WPl4kW-H<
z<eOj&##61463QiQvo)1t4Uv?Elb3digc-A9Ra2|1FUqKwc7(MKVt;;Ui&SLBg*KFK
z^jUYZLTt~V#xe`VGJ>Qni{FjgvC>M}X*pF16g2bEfZee}7Yo}-J*~I{uY0Vs2-=`z
z*0l(QSL&CpiVuRnX#F&7{wAz#zS(869PP}xXzyOL>U`yhLALH^NI*fpP2sLHrKHS>
zwBFmnib_w-laMm)WSO7k)<bBKrs^|}5&FXsyB07?anq86Q%1OFEz?Bjd&9q4dY^&a
zIn9weT=)Zp2?IAB6n3}{hM~G~O`q;9!4Yb*(fC`aIFptNJV)V-ggLR~*M8pWXYU0K
zG)SZo+71<t6FtIzIDqEZSV^N(+_dme{#3G?HY__{D`oLG6PIg1G&W@sZ@BCx&XslX
z>&hl)EyRd2viLmeNYr6-I_34cvo<@?u!6<YLF{LMK5wof#9ux26wXb1bOfO_A$QN+
zqbQ1av{YOJNwhZ2R3=7cnaqplaoEhuJ<dHwB35(K-SWJgB9(5-iEOXMeuvX|j0*RX
zexKFj6+|smqg2~&x#5|H^u)!0Cy7aeWz~XSyu9)-9vuVCC(u&{BM0kz-1>&Y@;cns
z1b6pVSC1G{+~L|C6O2#sn4>dD^~AY}QR$<6>kd|%c0wb6gEh*G3%`_07rpK*I3=^`
z%9FhH9UCzmf~++8?T>pXpOmed$`LG683jURleJ5uhgXn~;b^(*ixQFA8RL4ZQ4CKy
zBIO++0R)g9GiS#i;D_AEZd!dQndcPpjBoZ6soX_rKT;3URIX$7k(Nfj6_407)OZDz
zhu5UDD18u*(e~Gjthi|e41%<(<1{TQH)d(XDHPt#ATAZESLDMBEVLuFZSAbFCUGi#
zaeJ3Um-w-Sjj0#&8w(R}wfgtou=lCEF+G^z>9Vbrq`iVU30QS&J6nisFDJAK;S5{Y
zZLr*Tr_hTxx@8vSks4hRj>}kDQ==R_Ipwxo3#c*<vcskyW9~OvO5u$vN)n6MHGt8H
zn-(9KFh*$GT70h}B=OhCQBY!agMC+XnO^4O2zThH#;$2G7Jp43T`Kyumu9>jBiLHJ
zp4rm<%7}hHB9u5cONzvprtJ`wCSG~)Zy%k*=EMp^8O&#GygUSJiHasm1!D#S;fYGa
ziBxWk8Wbu~YFb@nKVyn$bI-Q0sN$wI5zi{yt5TP!I?Dg%CdpHj`vL76C*39VwP=iJ
z59`{Xl}WT2rfR$UDS>TK3)G1i3@2}lZxAE>7jTn5w;@Ttj=?SuY*(c)v;|6{-2Cj4
zf3SF37>tV9h!2QJk3)(7F^t-&bQyyZ{bLZdR_)T+eDw4fhq}A~*3(z-tv3h@wUfeL
z7c3=)!{qvackj&#fCX*oLoWInN57s@akejO9}q=pfFBGqAG&WYj6BQz(u>`Qx`h{?
z4U2QRB<w^QUM1K6WxFF{e+WJE91~Wkr(B)5vHDW>#UNo=Z49FTHX~kK&dU{HC!=8e
zuTY%8l>;xh(`U|2*t@G<b_e(4mtJQBFk{CQUV+|*wKg9<J;ZriS_*)@>G*)RcpdfE
zboE*lAEv;=8Av`3h9rKy?>DtRbGQj8@k*fmXlS28H#B;<KRUrf0;`E<>zCfLb4-09
ze^u7^qC5kgw0bVkF({oSu_$X%7t=;V2Arv2Y$Nw6yl$x42U|{ATc2Rn*{mSh8=t6V
z2JYm|KOqD}*^BP6^gt2vh{sslH%?qA`6E-JcT;lt;k+2${}01s0zrm<g|1^YcBB@C
zr}kwAz~6a*b5!r+5aTsRks4NS)f%2Z1JcN{t;C0|-tnNn_-`Z``1+LeV*KjM@F;YH
zC5GvPZ0`cuUN#6{-l6gV9!xy|muZ9U(C|kI8xb)HCF6TPn2<n19=QH)I8e-Mw_76i
z#SlO-M-lo$qxtWci@<7=Sp{*hWy8Mx6Z0y&fNWm3#PDzEnV+NVgUmZ>UuF7o|L(S#
zDDNb}d=Nv$4hF(y*V=MV$EZ6F$|bWn%@F%sV!Prb*(GH&cG+LGMF#Z$L@)}%|Ky{l
zhIWsOHnONxrDVx{2Yvcj4HwG=j>@&`7igz19o#oBO4OQ-AfsVGPsz^99Ot*rXpB*e
zSm6ZwPN<27P~sKNO0@^JBZo<2qTwkndSRazv@C;!(0gM@6zKi<9i55x${ZwaG-;t%
zG0%WYrUq(1CBCeYNppCl4z3U^+5&R|%V@NW8L#Y^WEQgc?pkJeBfFu05g9tGjLcDk
zec`xQ0<9zV$L;deIugm<5rlrwihr)*^U1>ejU`x3aG4k3g4NhtXx~}J?HV$B5*KqJ
zpF{qprX16^9;~iiO{~G@>Sug~!KUKnjbR0Q8}xfIVFc{cMz?O0-cN?4L9c6%o9b;t
z#6WLl^lgvnr@CK6;UU#k6yDI!t)jL9+il<CRsoycP%FhP=^T{!iAkcsZbNGxCrb4Z
znY9B{?agCDEOfmFVz?_<!HKPHnY0G${Le{6J1Dl__7z4eBc*uBTF5>v!70GBTDwxO
zf9)hCpg%RE2fd`3Os6NJ2N7OkWb`x7q!sjrRsOai?qts_qDYD^mDZO-rg*VB&rjR~
z(?d*{XA3s;aO_@$q?G*HB_<n-zm9n;;~gSW>PTwImRqCDGDfdPg}tj^SG<9daXmz4
z_)1qzvzr!_EIE@TEqZB;%}k~(!h+KsQ+xt>e6W68Wh0Q_l#JPLld6*_lStBGhM9h@
zu+tR9&OgjV+(aw-Ia>2LPCS5OS+!2VuoyuqVZ=D?;8GOBA-aRk6kFeNwIL2e%#%}l
zB`ScIhn1H415E5GTcjo$W<hA~l7PCMP{`mQjDV_0F^U8+2hDdU%cF7<^n?)nkc-w7
z7G3Yw*^Qizt7}d(?bogWO}U1M5uX)D_eev`#7Y3;G0Xf&LF+HuBjDETQW4}EtRtpk
zyrS^5U?MmlLGNaE+GOrU*Hab8m<4_Nri!jBpL$5|r0wYhdWWCaD`zmVv>tkb1pXC7
z{~`lK{<Llt%5|qDp5^?nrBb<cyIa?H6?*|UP{<ai=$bdWhMPAU#8vSrpg%#uc04Cv
zr&k|yVy2ZO6*WqRmXt(T+;WtnvV<_C`<ePHpY<MeZ&SbxTWywhBU+5|6AM#>bZ&DV
z{{4+Z-aEh7j+W8|YK6u)H;yDMN7xv-opjR0OLW2(;Bw!P8%%SMhHkwCJ$W^m4Cw?b
z5ZW{0skLkGz>Hgx1f%Z!P||z|CGnb>8<gwv@+h{x-C!3xw3p2Z3FbN8uCU038a;j#
z{J+?H>!7%v=TUTVcXyY?-Q67)cXxLU?(Qx@7bmy|f;$Aa06~I#f+PgU+mHO-`+eU(
zx9<Dn)xA}>YPRa^oH^Y+J?FGc&-4W5Da`ZM_*CRR9qKLHqL=U$pdk*QP>cTRN0&m;
z?W}EIrm5$z<p?AVdsKI+ci0ba++Cjq&uSVixHFRT_4pezp?ux2Bb(94nf%m;m-XvC
zwp-K0B5$#VX@o>Zb=#cP^3yt6`4pPhkgbq@dbi%sT%H~$)}+aW(`2$#Z6aU|yII^M
zPj(Gn+-d;mx17W6WvD?k+^PAvkK>9mQ0wR1Sk3o{-6UT?Wir;6pEDUtHZ&iZDaR|)
z@e*IS4(<u6s<M7vfQU6Re?ngoRgbj1nk|^75+>+7X#^bYe1=0~(^XDuH8!M_3;GnN
z(wj<;c9?HWtOx?(M0Lx;o&9=Ub)@>fC}{Z4vudUNuJ|-ajuiF}Z?ukE&i!lD4*MEO
z?4C4V3l^;<y5w|P3#@HyALucpLxQ0BR)PD`5Oz#e&uS{Cr!kU_n(gRnn7$3yt~v_0
zvX?WS{SdSC&^tU$Jm{H&yQPa~3KCiD7Z2XB!IyJNLE&5)O&<O<+Eq1^?`S(7E2V!K
zSURO88TcY{oYn!|O8kLI+<s1sEcJq`v>#P}M!y4l67qI<D2WtxRoH|9sYiX^xW0Mk
zYg|uHf@;3WTK)l`cF)0`+1p@yuE^)mno9Kj!%aN6)4R#as19uUTt5+kS9)FL(pGCj
zO4+{{(wRz+cewc%Lx|&tjhQ0u57T$>%ZZb5vWowHGwX>_*7n0W@Jn;t%ns!0!81Fy
z^d)$RgHPpHzZ&snNW5)~fMCcZjHdYt|4ETdr;@*vQ>e#8^=#U;oZf<9%|P@e!Kdbr
zuMcEjLZ3C3kCkjI>QAxi2D0bv*@t)>v^J09=U$(*4!Zb`yivn^K+Lq|9-mB&8mxX}
zi#B?C<Ss7DKY2KTQ?C!!RVjAHnhM1G5>0qQ{qTG3->zA`7hksx&nkX*cl@7b|1%6B
z7a$pKL|im{eD*o2f6Ouy4E-tcsZG6jz>U?cz5LhAD*|av+k3RJXv7#2vf-x53%m86
zT0Sbt+2{I`dYnpwDAb(^;OY1UW1Kz_)c*U}LbNZ%uh3?j)$?EZb3SZ=-W|O~#y(K|
z0TA2WZ|}Mp7PiCXePv)~`!Touoxf6Yac#If$!P{UY|Z76&^KNw&2l6gSzZtN>t(!^
zysBY2+*qx=K%=~fuMT?cmW#5+oQT0O$)HK^AHeDt^*;c!Q|z}nG2dSwJ3^KcPuTBC
ziH-A2RhKJexT9=UW#p~#aqJYFj;DYtA;e!?-pvH~JZ6V^=d~X4_D-z=JN;7EXZO#C
zSZT9@oU2;%+o@F}$-W<KRTy*G%{vEeD^-1Vs$6FLwe{u0t4aGGz{6WO`{nY9Tj7k}
z72|;CAAqF8Y<4{vs+#o9XvM1bX1abYvB7ZaouYaGt>CwylBb`&z3)!%0?hL%rQg>2
z&wz-jew_865*!d6)PM>Hn4b*3hUPvx{OFqde{r7K@dD{g;}kQQp)x>Vx%ul0x@#ZW
zAHd-8#s9hfUy=`JKi?!CoPuaacORcaf9gTD&?`W;(8EB(z#zgQ!@|PDKvLyFa^_*d
zV8c>z;z)wvFsZpLJkl2>!pmCr@hE9HxTQ2SBZhD-mzK56Ju{@OA}en1c-%9~|J_87
zBMz0P_W}v0!-Wo+-Tr^P!WeVtRK4L4RV<fqckm5PTPm_WR2dT8-j5zd;~~AKo|TE`
zyP1&||At9F?NURxGh}g&u&Ds@?;ejZh9)fE%5pTj58_kb6^+rc+gLJuE>tMN#$oD-
zsR+p%q7j%9JQ_hYQLS1#0oN6qmG`e~N%UHJ0-JKuTdK>^&+q*hEYGnLYbM$ev_Eq%
zF?I4Rf?>#i%PM8Aq7f7AWR#`yGHQXZ@`E|enDqk<uJiO++(*Sxl=hfD_U2Qy(jNV?
z@eE<A(u!Z&suU@jIKFyukB753<tyH~#Tw~6?mkxFY^Yl?{GkE~zDT8!P}?f|<1mcr
zi{&z&c}$UV`%3%)fT^^=BpzYhDTB~H^u-MheiVl7#%skAA~>f!E%So8SXkWsnj`JY
zUS|((wvr<)8pFuA(HwU5^eQ)W8Y7+ge(x~e!d#=KeljKZz+_kfm`c-X<B(=y%dPQL
zJL{5raXg{mQ9f$@K+X%R<5DWh<{Q$11zTg;DUS(r=x{pMC1-?B!4F~mOu3v5*`8Zl
zK;rz8(Ws%_)0F2un2aasWP(;ykZhZfP0ZhsNoQdOo#*Vd$e8aVWaSqUuI+!?xuEFr
zP!{K4mA@Fr?fSj;;3o5(@{gFjeB^XIL!$v!!Mcg6d=cSnxh*mnFF*E!u|_naysm^Q
z4IU7f%nd!=SnkGd#qW(~+wSSuH|a)SiMm+Gg`(0}Q8lOyt_7x|Zqx#%ZrMx5TQx?$
zQF-J`i8~;Ysf5N_SuX5e?U!F80Rh*kGhsYT1<5Lhi#c62kSHnLfofS(BV952n+>OM
zH<PRPHc|%HGS5U`CE_G{N{y3RrZ;(O-NKem_4t&->{CSzN&ow#@$c#xOoDOJ1%e4M
zc~OEDd8LA7u-a^gKa+cggE^F(%&8Q67@Bd%q4Lx!kr=xeuT?9d)WOJB02Ij7I5ZA0
z9JmtBv|Z7|mj=twOsHaxt;Azg;3bKaH3(c80yc)_tHAuM*^XbM5&HwE@iJE~Af;Ie
zDDJ=JSiBH9R7;OnTY2N(pM3?2Bo!ajeNSv*<xZ<t{K1-mZs5nFOSys`%-1rsN1Ep)
z$Ok>~J!P?bTCQ;R(v|NR3Le^)Cq|>=`*@E1MSHBe<)BqE&C~;`NqdF30_lOk6AK&F
zN~9wy2i5UzX8~y+K7L<~FoAv=hGHe5{XD|4Jnr7f5_>h(yu%rOh9Oz6KwXCkXtzsX
z>fuMohw<^FU-M5vJtedPWMlBJHE&jRG(r{&qzLa|r``20e~|JrF3pAC^pxIFiDp>a
z2dxBm$?fLW(;mO3EfM>m*xkSLzENGQ$P2=#srYnfKJ2Xn<<`%aPletU5riV20A9NB
z43%lj%oLK<c5v(Gj2;;y?~3r@f(E1XPgl$DMl)a*=HIG2*sEB$t4;o-Q5|Hmyz#6-
z2|jDzmO>DCk^eGJLKUg9HVcjiHs<M`?8QYCZOElZEY@BhvrfT798pQ$HVUn0^#jo!
zFZXQ2Qui7-P)WWY!zx`<-DQkPB(K}12FV`)h#X3ziWZ7nFopRBf5n{uX<=M(0(=a`
zrTEf&+?jR`!$DG%F5+!uR9(JXlaiv;uY3$QjEW`|jH6a);Ee)%eT~$fXx|O52)A4q
zm&uW+Y+z_htggqiT`(v#HW3B|g)Q&~!E*Kb2`hPf8&Uf@!xi33(2xECG!gJ%U2O1$
zOF-tdekFKk3Ee`lMWxw(ky!2<6bsdkLngfr^?@T6*j31v0onjwBpb-B^#fbYF?m@N
z^+pisGcDW4xMX^I{)%^>k2@`O<OQ2TE!t0OGbHYwQv~I2ekQgFRx4{sdVc)H0KKy5
z>6NG+#jK(ph)$bo>D`GV>B&wV9M>LxP@tR{?}$e0U;5o@qX@-<&xEl%A~<0Q_6gkG
z{Zq=jgNJ~=S2;G8@K^QHL<Rn-ID6>YIA~-o?(+ih0Jw~1v-bKUKijDMvA;5w=W&wB
z3#kJtbE7jSuNKq*S)=&D(g}>=hyge9k$Dtn_r0;^X7l;JsHHgDy(w)8*{P6n(6T8K
z*}hl}!jRw|fggt2?Xi8PJvOLO^$%c_<4tqP{1Gp%>uh7AC_IOBTvoSMb?63-tz)Q(
zt_Ql%roF+N0E+AG<9I^0k_)bp7GItR+@@Vd6{ypq)>)Eo+h=8KRd%l0g|yezYZ7e@
zPfPVf>BSZrH@%R=xBcCs+aD^oIo|?4>6I>x^P@YGb?F*&ACkqdT;Xx-P;TAac(wVy
zY6(R)(TDu7V<SH9A!~^l-`e!)?=)WGmVmrF(N(5}Bv>W3Pl0PFmyesy?0*3H{7&!j
zlp%Y)5ne(M_(x6nspTfE_MmU>30zoqygwLa_O75fEK|09&)>xp8=xmq9scoDOndC#
zfK%k*y`g_=6vu&3bE7|~#?+wW4f1Z?{!Zpe<2hmeVYD>~Ewe`4o-1{lS4J|#@Y&^)
z_XKZfo5$YicJt5bm67Edq=F1X)}mJX?dmG8t%W7{x4JjJM#G<rPElL?XzO)#EAI8N
z@Redjm@n<KQiQo(1d_?|_%ZkQG>t^3P0Ob&XEr&(7gz=>8@J0;v;GcWg|oUfdQzM<
z;ptiJ38bntAKP!y!^L0<_+bjDMWHU?urj(l%NNiDv1q)@`T1oQu_L{hwj-#F)^0%M
zX!9T&fs3yWwJzUGzFep|r=M*Li@8&z8ltC<3FTq!6{=v0=;S}$%4M2^TkXaK)5#Gv
zT}?;V6d$X#V73cYu&!kDD-?Tv;}~!s6iueW0{NiZ#A(mXF)Up;AkEW)6Rp3}uBrF`
z7c33Tpf@jnNgdc|6$v$SwmY?1Jk=Ja3fsRlp!Yu-uw;ta6FkXOnx`_!47UsX6;azs
zr|q1@qhgJxp`bkqdwidix4v)~Gw>GJK4}|tBotoVB+(_ZHW-5mn?^CQQYiNVX7ja#
zeX3aU+IeYwU8oK!k&J^m==ANrj#xEJC&Q#o<FCu|b#*HD&&O<-<z04)zlyp<<qbpP
za+O9mhT8G!Qg76%YWLdZotD!mpcIW#5C`r2=xaN^Vr+J<6D&7g?01$MYXTIiy>2yd
z8=CV|A2MU8;AoSch{R|#Jgep}$P?*EY-xrVb1gJT6BA3UQR%n{2O%_+@+Mm)kbH(3
z<IM!kKfx{*p`D&^$To}G7bW$gzDitve!LgEyFGq0fb1Y+Z9qDeDBd0Ga9b9zC#H8n
z)V0S2QuK0Pke#g>?j#Aha(PF)15nIKe`i~%uJdG;`pWVSE|>qLP8S@}YKbt>Mr|vK
zOidUT2xg@zOb#3W6d;UB;sDrMU_ZYuo+RCr?fu!~LJY?ZUR-(y-57_;Q+MMXi`t)%
ztC7at)f!Uj{%hNg{cB<Ow2g+N=qkJ_%Zki#-67%UeSJTGy8g{x%LfM@^zVyYk`HyO
zg$f6h5=5t5bEMK_k}LO{7vxpZe4uhmV)kACtZj*=bI_X4h$2Z9=dzQWip5idjWUx)
zkPl?(ygO4Tx8)W<NILIpKNFZLIVYF&3xl{OVN5}AK>J5RY&@nyNjXaqJQj%nZ|%9S
zzuvE)-<<}Ju!mM+4RHP1_N2p%<?+HJ9i^Hh9fO)f^pfX9WZd;6kJ;zYNo&YP9&;Yj
z9d40o#mi{aWwtRwp3-QDGU66uwlL^1Y>2il<wiIWP{DnKK}v!KK`e%L`3M(EM2N-U
z^dA<(BGz`H0yNH9BvKL-F{_$A6;~bt&$)RPF+eKQ`X580)6(wK;!kQ`nwy}Ivbk_J
zd-qh(vF}s&h<wA3@X^tl^##(vB?j>t*3(xSSInTE_oW$t$Mks~E(x{u<#&SbtN7D1
zQyX=U2rP;1sB|-rjc7?*uk{-wYe=76tRlB~Y^&)9jmxHm<*a}OZd{DpF0;_6u(KAZ
zWll$pEQ{+7=p|!e6U1f=E1bSdNw1V%afjQ@-H{4>r6bVfR*m3Twz24@bM&z_Ho$#>
zWK7ath|P;u<a>pIqV3~!4+pxkFBJ*(I;#{HUP<rG_|NYtmS^`fQLU9i8T+v0v4~u1
ziJrNIOaHQQY@`?y!iRdfFpi=Vk4S0`^o@^u%A+??TltdlSRBCHJep3CiSqh5Swixb
z-!45yR)%y1d+YOQ>`{~Yc=T1IYwnYgF!+wG!e?46E{NI3*6i&&ACGz2C>ail-Mg0u
z3X3q*z6{(?`0Ld7*1x)X(EbQ1JNt;&Z+9bhZ5NM@;34_RQ9$54Za&W&0qQFhXWHKu
zj$DZ|dhi@VJkn(*jr3qPh09`>xUS;dZ>mb3bNqRt3AOtjV!_6*f)sdI3=0@9(%nD3
z1Qgr_F*V$_+P-Iww1h^pwola40*}d2w*`pyiq%y4wiX=@3+*Cmrj`{CFC^@=c_iLz
zdU;k6p{SK12P3Gp@`FzWV|OWj%Lm+tE!q5c(}*8X8*$@VyZBV5I2x4cC5CjxO1?5q
z0DGAl!LyCfqeT#uEn#${3O>M`+eNx$B?l(6Ju%!XZ3<6uR|Y3kC<mV<v5_-b>{1Bu
z6fJKViq<BvA#GB?I&{OSm|XvDoE64N^ZPS2xBJ(*u#u0x#orn+1kih@w){;+R4U%n
zN1WO;5giUlb0LPUXa@Nn?#g#K|A0dLc7q{(DE@o`qn-y_kz0yUJns4WYsQn2pR!<B
zCzjR-wi@x6b+UXr0d0~wkoGoPHF{!5KTz}!KvQ_4>@G|&7285A57jr*?L&eS{8~@s
zsMCOrMGXR1+QC7|6eZI6ZMG6zg&<8=#8{Zqfjk1?XO<2W-0ic(-msy=J8k{1)srZB
z^g^;aP9{2)zWmhO?=?qST4G!u^L9hoEyos6ZEQ2iaL+MM(&mc<l6`h-Eru#&t~37t
zs&*b=;vt{B$PF}_;su8*8uA`IzrG)O?hkrxR@?&aK=5~3`^^Uy=}(8~ZB0TrB@Wrq
znm{8DxG$5htA4Sa^#F#jNE%t)c<^|HMOB1%Q9II}od$Uu{2p{SRPq|xNcGEf;t1u&
zW`^81X6KzYAMg&B;KilnSLYLvxj%qHmb3-6Pz_<v*H?4_r@1X|vr%j)->P!1&pelk
zJlAo(ldsF1@OfVGC3!HFg>mg%b~KBhH{P2bEM1v!UP|NYL)J}ESTpI&F$?nuGAB8A
zn~eL_b<9a?V_|X7(CH4WU7*ICa;cBy#*BoY#!Xtkk7sug#57(TA80L1V6kc|$+Y6?
zR(xM`{cG{lAAs>yt%h^Vh0Jj95=}iNAxEk{QU*d`=r*nF&Ut;2s3&?|+G+bu{+eH%
zr*iRykS~)Sj&{=E>^BBa7o|vRenWbk>vT6=2@VULZtNc<Lzj=Glv?(2T|+v(4kyAX
zmi|q&ukya3U1fdYYB|I9Y_i|fTQDW=ROzNhJK!@!Gy*s;)!=Gd&tyl{TMR9O7Cby|
zqs|=d+4SDi?im)c$&OMW>gJW)ld1&aR5cf%r1{$PFa9VVMuY%!?ga(lT*_7=-AIn@
zPO8z>miCyw%M5pf)O#Qd<AE9a5pc+B{>BP{CTahlNdJ0XXEWz!S|AX&KB4>Xf-Xvc
zHhs{<^q+;X``i=x|E@axL1(Np_E*vHIL*uU(8K%Bf@|!T_y5#U$i+wPuTi7z{Cbrx
z1mtpv7){X3Ufp=abgcypu5^#>R?3)sIYoEd!e)E#wj$X4wbErS@)MigDQ%c&rC0cR
zF4XUG%D&}b)#H$?5;--o4zp~s1XoWuM_zh}VDA;3A&U3W?YSQzW#X--Cr_U$MIW0s
zu4GysU*g%d*7&%Y2aCD(TZ?m4YvhZj{)ASZyKmarjO^5Q>A4yG3I|z71&uxF3A&)G
zzKB*$%nG4y+LO`RwV*ExIn{=r6?4xZc_yMakDa}EKq&rWZxxPaR;*y9siC61Z@EC-
zYO&5q|2*w`gX34zNJxwrA_&2!Q)Ajk{FaQC)N;G=?<@F&Hyp<fOhDNRW$oxrYATee
zknIE{(|Q_X9Q|`aa-^TAa^x1vD^hvBL?^I%85?3K5ZIunr-$`$le@3F<E1J-n5ba2
z!^;_r^|Ij8tq945Q+?~=CPg<%MA2WUO=?(FF$gkGY4JdddNH~oD9~FD8amtbxKOeA
z$RbDe@V?>rDMLM#|5fhU*}ft1+=lHs?$|%)BblV+CufN02N5l!hwTaP(Q8Fa*sbo@
zE)pBGeE3WFI|k8CE~J-H$$z<b`F#Ja=xYl=hUc6MQ46}HtvbZButJ`<ZK)*wPC};m
zE!><$PfjMJ#10AFVKO2zWc7Vku~m!w#*7Q+`4n<MXDPS)o?S#RkZ02h;M9G*<j<5;
z6qCUt)(-C@EyEWS;T19ti=tLR3q+w1n*6$3So(F&ITs1*Dhd|q{+*8R61oVKhxXn5
z_DKmq=|eJjLh_Q%qQ$w^`YvKXv+7mhAP*=kFttn!{vJ(jtahbKLpbe9lZ3O;{BvB}
zomd6Bc$z01;dRn7zm;gh)Jo@jHv74Lkr6Q0Pf?q*efN|stS;}_#S3u-i>U;dQmw|#
zbrxRtODXq(=_i;&`wu{oK~$<D1^m<(B0-MaDO6~@^D9D!REvBo=vjue)eNZlR;7hM
zzFbQ!+eDA9R3cVb1WE9!^Uj4&KrJ7;`Ddqgt9PCtdsc0zrY|rev#*%5hd&F5ec%mH
z8nps0dytx!3^#9dYEycIfsTkJBHzAos%)Yje&B3UJ|Z?-X%XnuVk67Yr65tOs7Qi-
zpIW)jJ3@_Eti`Fqvq?MyhA(?prTm=zPK%H!6s#5)El;L;<85mWGo&-2<y5$fr0t;+
z<ZvWPjc)Ka3H1q92AVR7#ww)QEW!MOkV84@er`GY7jw~B+(9^c#^Jf};lGjE4fgzt
zr(sC?Nj5^RDIDsSBbJ*Q?H-i40diT9Z$~die1;I78mIjSsYL&fI*l8dCs!K3%8fgs
znm)D+qw&{hDPtwraB8X2p44b_uIxU^*#elF#0rg<xBjLSIGE{yz>+(y{i#-GjI#m4
z)5<(SCjDnuuT*n5z42wM(c`};RjF;uUqd&<`)erWafj5(gaBue)!b33ZI-yhUQoaW
zDCY=>`MDW&3|%mYKg%rR&zh!Y4yh)#fRAIg#wkFhQh`q9P(p*&ounRuLbebL%UXkC
zw#F+L!JlQ|z+D4$S{Tv{IYVHnnj<bF@<<v{7A;u713+LT$x`S}NqlH%+(9*SI^I&H
zO*s1~;C~^4^=HldPek<1e<K3mwIa4-VuGRmeF%0fbk;Sp;A@+``6sd6R4@Uim&}y&
zweH(g1<!uEgmn>R6l_M(c5fAr;wn~#xIazB=Ofj5EZ6u7nf)`jh5Nx{w9{7ojm%#2
zXB)`^FYp8!6>pQf__R{>TD9<SNqwJ`4FTrvCi3u?IAi31;?dGC$sFpi=ja!%f{l+9
zFOTdew4o=B<b2V-a(+@a)K_I!QRlLi{4pW98Y8y1UdJ?5JR69qPZTP=lglf4T#md*
z<Yi-mn{7RlVh4x2(NYswTeWYmwOazr-};&fr^Mx9pQ9h2++`*_OLnlhc;fU-a2n7i
zd)K+UOD~G9f1G*mI2A6t#uhYv=r2XQmCrFoi8&;p<@~lR_y-VghjC=aD*T(NQ)Hq2
z(VL7Z7g*3#yhBzPeD>0GOprX<Wo<PIwwl@0VySvW@w#L_st&c$nJADdDIg*9eI3#|
z(gMxRc==j-UFisFFMIWUY2!SowVDHIu^tb(21mbZzqzbFoFP(Y*?%NyyF@B#IO(Z~
zbDdO=(+N;n@(_L&<_}sW4QLD{I^`3s{|h*20PYuvi8lKbyt1qBl_>Xvgk{wg#G~LF
zAUC&@KV30R-@*{3zY<_Gn7-3$Hj$}v@<vz0ef}Y*_%+*%+#bJVKC%jQL}RerSJCFy
zFP^<U{CG{*M?+4>O>R1IhW#7XZCh_f?QOa~l_y%1hfnD01&>Xe*Lb`2^m6oMtIo3)
zeB#$-Yc-}hQIK4l^Q6!Ex%n^HSuX+L=>R*7=AHNEDo1vr5C_p$>Ya|M7Eh7?y|3$2
zoxl&nSKC0e<bR<1iX^zKE9KbrU4y@m6dCg8ZQ9m*rk6{18@2h_KFDXGS*jzp)O??b
zO8o=CdkNUQ_-~!aLW5r3vHGVI!#j|X*ls$`?ed_pw(8aLIGPPf=VihA<niyQE#lrU
zY+Q8RYWHZYdU?)NwBfvWteplI76}{uH4=w&aw{`I4frP;e|NeTqU!z~3gq|9LKOwV
zB&|4*8Q`+Y!-<MEzkbj}!TJUFg0t(vfT7=`R?AWQW>YrHXTKe!kIg6eT>&sQ1&z~k
z@g?||J2%<^66<Ut)Z@b<t^4ASdUq#wAAaVzf3AyV6_|hw#lO9<5Y$+yu^1eL&)fgN
ziSs1Y%nbeiPeG%|^9o6SlZO~S_o;(MW1>A2dES{B4(UG;&Pl&khQO%VUEk{T{@4`%
zRac>QKr&iy{uvq%Sr6H36#TmHZd&$lJLsK|^PqO^w&vvB)mrdowmN4i64-@qZf2uj
z`W9nF@RPy|{B^vDRY9@TrW%)$jV5%_k-(IA7{q&imj6ZZfbQtAm_}vzmDlOrYU2;x
zuDSm$FBhHsQ@(yTg9P=MF(E;`zs}`?f&2IT3n%~<6{jS~!s8Y*d?>xFg_1);<Ia44
z@xPK^i(`V?mLvMBrO{)^P=yG+IZiDWM#^IUhkr>(1=$+j`Uc%Y>a?$kO15-5eD_ny
ztrvZ24Z{N(+|a|R%sbl+V_J*q>{;*g^}!LWQa!44f?D@k1)0osT~aj4r>JM*kfU?f
z$CQ|o@1W{L!ObZrmjPnpO}C^JH4SPoK*{DWOB78syL~dq55}rq6YZsN-G(bESz>_f
zjgD}~y?KS8GC9p>meL|%e41E9Q7xDEUZ?h@gBuhxvFwT^m83f0t4zx>mfYJyuU#b9
zsjlMluWDt-`&ye@xWKJ6E@C94(6lnF93SFHqcXn~fki2}+FJhzl^`uQ$|4#z_WvTL
z_PxG4nT!wh){KLggW1Pm@5k##6gsY+VvBizuAU}Jzh}F%8*Np``CM`7eKfI<!ADEu
z=Z%d%P7>F1xC}U5xYG7!Ul@B$UFMIfv#PB%jmIj3OB-n#4&|%>s*ae^M%jktq;J*^
zdHAZxN^$P_`*nD0pop;9sm8vQ_~1VPtEszJzp%YGv&_Ti8>k^veXJDKg0;Bq7fpG|
z1KW-QiBr4?kMRxiwv>bFz@9>3IJE~a!NY=zHS?na6KGw<Pra?`@|B0HRhJ%ImQ6oe
znQ`p!(|1<a9GC9DZh=#VBq7?!t8V4W3^Uj#a#N@Bq`6{ifSzm)gwus1y;vEtEGi7T
zIltf<{y^caYbWL+?v>xu4K`tqFVJ>?Db-D{v5W+ccZHOwr(S$SfQ2=<MkaqNKn!MC
zR$Y|-$P&{&BsI9mWd~XCd~NO%am(xmtJp7LNL|9mO}q^?ipb0QEaiMP*adQ(ATpuT
z0m-THK=stX5k>{D)7LaKaZ^mB?YjwNCqVU56*^iGtHL|z;WtH*kYB*S5ZxeYn>O+{
zu#R<Yx$@N-t#Y7j7f{DCp*ZC<gLuSC8;^{b#I3L*>66bsRagJRJ@V$gVwR3y6JYai
z%x80O)v9Ec-xO(c8ah~=pwLS*JixMFZByC=^{RUOS8ee;7xy{>jwbn3z1VAu;X(I2
zr1#3tAj5&M^Adxo^@Yn;Sh#`}4`QsaK{U8ko3r2w)97qTpD+W}g{HLla@Z7>jr(|z
zf>R>(?P5g(4zPc9^+b%1zLlKhUIjjmYx<<@fa*f}5!#)YR7me%0ukqU3?t0i&KRA$
z@r1%8Y3E}MLLP_xUNn!Rv}(-RcC2d*r3Y=b`=qLpnm|STIb1zbmO)bc4&(^f(@z0R
z@R_A*UlX)H5pCyzMuY}sVar<gj3GbmW(+EA<LxcN6|c^Le}}3qpHUrUtyjf4VQkw_
z)eRn9)g6z>Q$y+aobjm{>x7og{PhEB{>vy<=QkfMZc9sos%Y(Hr!moCSn*1ZgC#p#
zQ_JHBpHJOpLMk;oATLGe-%Estu<O7f(Ippm(3OSGlF()cO}C|+-ph)m`3?tDS?TXv
z*|bVHFCU(A5-c!w6=8PWH48l#oYgfe9X6Lv)jE`xOA`ITh`Kt%#KSI3<bB(Dc<m}@
zb^ukg>4|8t!+zEskXy5aPH2Uwozkd|wIGKm+?#GGc#9p^GfOI4<r&^XfjHL3fyeJf
z8vo%n<nLD!;rzBJkk`gAouo8|>lo#{TGFFJ4#%$S{8qpll#p$gd=Zu(fp>b2H6k}x
zc?BFCLe@r%?wHhutL#GcOd*87%!tn7T6^GUQ)AWYU&1OBpkqRiyCs0?&{yWVUxz_>
zXIdNVymIsW@}6SdA01<9tOISnMzdX&<5lbXJ%COgU2?_dDz#t>tJ&F<FK>T5;S_-3
z(CKNdw;xTkWT5_F9i7;>A*2>cvuY&+QUc0jJrBm{RM+20s-Pi+LBl~w7tHFHh#{Mf
zKYuWq+ZGt_E^7%Xl0#v8Q8UjEX}Dm&`2H@`WKV!Ha=!%_NVw)av8&g?O&YP3yoqe{
z+_7coG4QO?5&LZs)b58U4vNnq<$6Wn75s`a^w3E4dQMSE0BWLNp{SW1@ee`6oqqB8
zu9f_>1f(l9>dlf!8ffl6i?b7|VL#=P$;4t5=FPCT;q|(=rFqFBSL!hkr0{`mvS@3(
z7Hb$%0_0tT5gB+TlCDuz^L|f0f-M1t8hunM8}COSNSw~T{rpQ`$Qsz20#VGmYNa%3
zi5VAk+di70)ZM<(Hv+9rabod5Z&0xa>#V(VEw;jVMy+;2!G9hO{$_>Pk#5s#x2%^3
zc)c$eGp6uTtoI3j;-P|rzXV<VW`{K$kxC3S`WJ;n!RN0;C`}Ic?wy=IIzH&rl~YV8
z8`nT?*blH6svT_AQe;W^noC<X4t|0u98OlZ-Nas7%shDChqY!jNml{Mgk3B-ThrV<
zEnz0o{to5T!*lrck#IWAUlGT0Mk1kgTW(;Du{Dc{^SZMoMl|NU>FxCShowqEo2p-2
zDN`J!HMY-zP8W!Z#b~H}?a!Yqpn#$U>sP1$j1!gdqKp1=3G4DQIXy{>EoCJvPaqx8
zHpwP;UV!J_&o($0v>W16rsLvtK1@YccnoPdq=R-?ZRxP)%^Orvu<Zxg0iBPS-nlD>
zAgOyLeg*}Y#4ciTE3>WCp=_pv#w3+Y>)29Tz64v1qC=Ekf*1nUXxURTe1qeTq@yVA
znsAFb2WRdYbLUN`VxQMoM1AA|jH9c6IVX)b%16b>yPW4&2nPwupP))A9pCW`{H!lX
zA%^alJ0{DuuDjFL9-i62sQs0?avZ;Kb^#*d6BX8cYx9A`IeE6-#)h>D$0QToB}mue
z!B<bpeg~c!SOZM)ag?*{31F+Q{EMvb<Ge|`5qOp3t~RiRkB^6Q-|TC)Nyv*E&Gg@?
z@qI&(H_TrMgt`~!U@(GC#Z#R<BEW5O!`_q5fRPoI>kAAJ6ZHrj-e!laftP)M+V+Yc
zTK@Uo;4M*n(e9b$f2ywa=eR1xAjIAP-??g-B3Y|{L?iLGX!_KPx<S?6*R%K#7I>W2
zCUf%eOHA~gYwEd0&bjgk<<KnP%oV=w40?FS*kUEDzyx<=q(KtXJg&VWi(3X9(IRPz
ziy~x)xYtp4R<nOPo0{5;xOqcJi*=a{<!ChKg#^9R?1lg+D^4#!jMUQnMYv9DP$fwd
zX8rWubv`_~<cB2Tg;+kn*nwRHN$@AD*^3tpsG;YN)#Oom2-(^s?eg}~9{Mq5>{64+
z){*=Ph#OlLy`y-r(V)N;WeffJ*|ddruXM`DO?qJVxgLVCWD;<&UJf{9q`cjp=%^r}
ziNI{TRKN6M)#|tj#iG{G5rZETY1--J_m{XdBdK_ftFOVj7_6@l>de9!DsO>70-}HG
z665Iy4X&oQsA&$~L#>3BwWd4dFjhHADhwW=ZtmjSLj!V<Ez)rYM~Bx2mUgt&(U<TM
z6wc+A3fLN&CN)`fCOe}CH?XS}@YmuCqZ0#5#mP`dXQggb36$}yyLIOZT}qi2ode&+
zoTEl!xn3K4A7g&uGjaNG@k8hj00v@Z7S1-;bf#po;HPQ8KTd%Max-z=JtSQ!q;Xir
zG3%M-kfzzOJY_{{kd0J3N`9(Dksg)bOH`_i%5<ZVmwUOB`DW@qGyr71616((&c%Nf
zQz%&aBQsPgoz41Y<sKjvrU{jHuJjwO&P0g@r%DjE@qE@>jw_%PV)7n=2zK%Te)$Jf
z!pb=BR`E^%u7{yEVJoI44|e+*`<ii`TpnwK6H>UNJ(Q@2-@F~hFXy91(>5vQ@Esr9
z-{EEE8!?fdrGy$h1#~xStgcT|xpHqmTpYEV&(XKA3&3$btR_eE%{{k#W9HjNnW*+N
zJD1uMmjT70;d=t&Iud%Rr{3HTuQE_oP)_y9&u<<5KE(S|o1BQ+fI*D)Z$BUIdc|k{
zWs{8D!5A)wlfI)|IGLdhp>F>r-0#`P#)5vB+zuJp9PSEpamBvm*k7UcyZYf&<9QdS
zNia!UA`{{O#gavO0!{Wp8jkF7nd9k^_L=f$Sk5gJS0LaJ|5-T;iTHG#&w~S!7W#%H
z!%!``{MD97GuhO^^Rd<!(D~V2JU}^}nm}kXjqQ_!4kBubDx60zqR69WcYWG+#9zc1
z`u;`CNQ`r;_XznAMBYH?=2%$RzRa~e=UqxDK0kK3#}i&P9Nsc?in2H$K@Vr9U0d(t
z-@#x_RNgwUxiS?CV}^AqtxdVEO-Ra4z0y*{F5l6DBvN+@_Q&#~%h+LR5BHIZ^d6um
z6$O<{E#HSdG7)eNJc*jv+S9Ll>smc_RNZ(1D}>^`$>}>S%+bRQ)r9@^pXUgvV*_3G
zk>9ITP{89673V(Q|HFH_=+zC4oy&*X46N-)Iy({^G!bvIjQU`B>t6@MR%yPbw}r6R
zB2CJuMu9o;dMvFvN+4eeYzv^DecD2oaTo#z<lN(24Tk~zV{Yi2Z-4`PC%|#Eun8{x
z#RSd{<KW&fF<zDMoJ!W-{Or=xsHA60VDw;mON5FaVzLP%472H|(i;a;A()I$eM65x
zmB69*{`<SYpF4y@<J^*+rV|zOC*h1@4GTRSt-iHsCZJJUiqb8ROSBah40yG?yQ&*4
zAhIr)8|bHyZM#mav>#GT-_#VDd}OGEs+u@SnKYri`Yc=1&4iJ)$Chf)4!GeoUvORM
zGL6J3<B>pfRwgCDZdp}&R8pFLto0^FvcPM$(!+87h;C@OSz|Pc)e%NMkZZ5YqWqdb
zL_v4(`&nfE6GW6^;=`I~*DtP`>7zWVgtd!N_eY#apt?fiW38$acFd`of2B*_m)8xC
zFhpj7Z<lQCqe_yc*0pz-Asz9MA|ulL<Z1Q3EDws_lMvT~^L;ebWP^pT`MmqFz9x*s
zBq(|el9^@}eUM|O78APo@yrLwwr%#lw$-jShiPvuT-PRvO-GsLyHT7E5`z0{RE&#K
zN7UsrL}9#hP0|`vD?|%rm-4_B)KYJkjDV_vuQh;<+hZ)ncf+%=%%gPGl#Jn(G>590
zU-xFsV+#te%R|J+hTkg%(&u{Kl0%Kbow7D*^iqyJLT3}fA#CKz*P$p83$-lPmQb(I
zM|=6%yL8Jb=({5erTj)}pmtuh1nBLMr>Yp0Yc%v9$`C4$_tZMI5jvie6xeoZ^4jNZ
zSc_YTg&WS<-hcd?cUYQL*@bAPH_CL*NM%^PuSm)~9F3AUJh<B6XeHdzC>{)l6ao%g
zg96h9R}5vrhqm`dg2`^4NoUvnuOffRC^>HTNe9GWDJ`%s-KS1A5}E24_@N`m=t}0W
z9x0ne&2t25JJq9&`O%ig=;0-D_@LG)4NVkxTg~5=Ro(O7mQsk;s2Q{9jZvZ-n4@Z@
z3DWB9q}gF##BeTu_DC|-W=cQdEdQg9h{Yb-b>?<hk<A>lgDh0~uQ{RUX3YGj6YL8d
zGPx#elHh=<vq4=@8#O#Nc_uzHd9+cv4x&ef8(Qp+g+hk-O;5PQrf~i7A?F_V2M;;7
zfS>4e8H6rD+S7ODM?2j@{8bOnL%njS{dHRLAFwp$Zp0@+;qgjn?=Sl;p_C`9+u~j4
z+kwG#npI<5PdzD~iIa!RQ+F4K-sb!AM#?h%<Si36;d;tc_7A_a<*X9Fga~TS%ImP`
z@D0~7W`d+lF&`hzHK(P~S?LW9PS}PJp*r9q=hKp10VNJpU#1mP+Ex9VaC+0S2@dL!
zn=)zkE-|BY<o*CG8b;d-0D1+8Q3r#1*)=zCmvVUu-93>kc#+dtR0s2X(+*I{X-y_d
z$cY@6o?ew+L{``31gUwy8B6T8_ditUum2>6cr}HY(FCrJ417y9NAsrbcfbR!MkW8O
z3k{W(aM#98M-yAPg&f5vCna#L3{d-XHLrnm!*^o8gy#E2+lPO((fyA3@@K4u(XtwT
zG?#~JLWpBD-2yz&JT=C9(8Q`)+b_cX!MkL_p4Pr>9Jz~Ysdf6YtYMUO$tpoAtQ)EP
z8e(U*2XR(b_XX~WGPMMSBvC)-4>=aYjVBYzxR!LIK%(O=WUU3*h_;A&6*VeyBW`XE
zYVe4fRTlUe8nh^iu7pQWmi*sxc*{z<YI_3RJU4IBk~W7ZoDT{T;o(;;SY`rI<H+s;
zs~+04K0!Pbh~T1FJ@S7hSZHLgbwv|faCZf;MyKa3(V-dpOo1(22J>LO0w)x+j@k;4
z%aDzGw-~F!r7m%y8;IuJrza5`Is*L|x1@#=mQm0eJ6fdjRG7nH5c}g&ZeceFW9q5p
zB}tDEI_j=xd>TcAFWx?Jf4CJvKsakQ!!_xtq0I|psWW99QF+!Hr0h-eA@cn)bRccM
z@zI4tGZ}6HK)$SSU|6A72uHNUj+60iEU_;Rk{_CP&`MI4v5HhKkQ(_y-RvMdQ-Ske
zf6RWD4cMRjVA@sK?X%+}?R>JxxI`4t#3MRsrjCfrwOIXckC#{pOsXiOB<d1_G_IdP
z-i%D)E3(+49zxD7QoY;6vshZPnH&7~6-=EgU@qO3vY>6v+&L?=gesDm!rU%z<OO0J
zb6%cyS-@*Ndd5hpyIfgCA{k}SH15$Po6g(~1_oVGV{d)kK;*a&8s0VNdAQU{=i|Sf
zhm}<6&@c)MNDSaBeU-CCAGtNJRf_J)C~_M}S8N2BtdzUjtnWC)A@rs}oICkN*yhW8
z9QBjz&x`qWlfk=qUeJ`UYsftx+FU#yY*7@Tt$Oz)M0;UFCF48!1ISlqJ)M*YtbsX7
zAcu<UflLPJUzplD3gzl67Wt=<><eBvA1wUE`lwu-F_s8GcGN2r*0!OC{sq875}8=v
zzx?|T$%{GpQi-y4=<vcX3*>lSSd<~>aMD=?8;9q!*cnJE=Ngi{y|8xfmK>IT=~pUa
z@a<*3Qh7TItUW^9!IbyNucLT`u{IIcN!%joT)}b{8mjo=51TLtWucX9y`wRS8m5!8
zU;DNCp!43EFJeh<DrGJqJ}qOo@+Jqwr}Z`lbeTJlAXcUI3Dc))(d3ph%`RW;1L+fg
z*I-GKQMvj3^R-3@Vuq_|-JM@JL=-*dSlCse*^)Y#2ggC;xfYkB#BE*WWH`%`cI%IA
zKMnbI{&J)sh7IRZ`rx+@M;8qjfJ-56?O~X0Z>lTu(qJh)_ZqwI234Dtov;g{^X%;V
zU|#bYvRK8M!@nBp4o7Z#)2Lvs%Cw(0%k>VyO^2fyq9C#o!SKRa-2CSM$&2FQS9R?3
zh7h(FKRDuE6U=^dwopkO_PfPPjX%rYxlE_VRWDyHp%KOPs6sJQoQ)RN@I*5K(Lakm
zWYIxmj%{hUxlxD3UY-?ox;8U-&5{gg&LWGs`XQQfEUgSJqpVE<3x3tZ#p#{uxJZgH
zDc_tPBjx=)2~WL8=?==34%AKobux3@G87w^c3lpY2ShdNRI|kuA}>}|hElX_NGL2k
z{%fUZCLzF@2M^tA<LJ0&)eJ^N!Eohuc4R~K_|$9WuMs54a=g6vaFHlJw^ec0>~+%q
z?Ej5ryn%HvAyGvVO|VD-2rA#ItSO&hb&rEdS8I8^4QBz#MrXHIqhv#u0j^Yx4AY^+
z=-VB&SaXvknw!x%qM@f7K1#&;uTCFUgI1V`HEDb-7PzwPS#>A9@x(3L<yDPBL*@UL
zz!Chos;#BxU$mCdVwEdl9_TQFX}Ne1n?HDpX1k25DbKBOeD0@ET8150<B2jx7B!*?
z`N)9dgU8`4Bzlapir2|AQn%m&;2EzEuOeb69%R#t66ELa?aafUrOJlVULq(ydi%|g
zn1JF`_XC!XmM>Z|OSfk&A;p+dvlK0QEiukpxnY)ZrtyhrU41=W`RO&5(e|<rZ5=WN
zxITV58cFZG*x5aFZ$629wriONf^9@IT(wyfrf|+_No`T!?f`z8;9jrnsK!##AYrYK
znUKKm0x{_6YfrehbXoR~O<_+h{2cDEJ(RODYHe3W(agy*9#w2cG9>P(t6JlFG0!Q5
zfZ5y8D5OlAA=!ZJ#Uw^aBZIc3=4WOvl|Z4yDqtk;UBCH_&e#@xG4XZbU*|#@``H(u
zPu#tX<LC4TK)Y=-F$i(>r3sG01RHTwN3PdyMvqvi-s#{Jaa7%Dj~L89)3x2fVnhIr
zJ7n~(paef|Z$ggtn8G7Tv;%FeK12+{n4g9|XbFhRh{Yab9}R*IYI{m3$CwL8m-`p>
zc;PuDnT>ZX9DHRz;K?fWKV&>-KP0Td|2^f<(&<B18*0!8N%N55%5`QAoI3zp_Rcux
ztP}_TV+rx!vUzyu)E84bJwoTc+wP!$pYH$yfIUd7>I5r4>m&RD=m4R<XoyW5Lpkoz
zjA?PL7;E+&-T?>CZ4h{2-4&rpcg-DamDV*A3U*I(S3Wf84CS7pmvms^S?^A>UjSXY
z4)k65%?ELh?@)aQqpEq!*~U#TU0>w#aj8t1;yUxWm9Nx~2^)&dHx_^9TVO-YNqHT^
z94Q-m%MYg(EKr}U7=@}sloSz^Q`(C<;;#~{A0jlz{_?Z8srkkSgc2quc2Vy>|7ZO^
z1^2Mnf3J3WQTr_SvF$%A|Avt#pb>G8VQkEy|G6Ck@xMKpHF|LdAiez`frdb->NS^w
z3DNX1CHwC<{~=LbUh3v&7n`)PF7YlE`u<7baQFLWHU&5*xOVU*_nD0>ed_2A;O6|x
zaz|`o+TQt$8r}%<Nbb{hiw?&fE*}8O?*y@;?Kk|Wb95VB3&d7A^T8DQ;o^xAstsPO
zH2>0Ja07K?LTRp5@ZqG0a+<CKVxaW(#Jffe-*C!tJK{kW`U|K!N7)M{F2oT+#Y(a#
zFLFUyyL&=05ld)jW1)<>TFe{BED>lpNd_6MY!4(rIXs53L^s#`d^5<vblx(SXpMpo
zBmHrnTAg+H!dY#sl40+P23#ToUsM@c%i$tP>!A>TaPIIYL<T>^M8$nzp|0DmYi-Do
zZa^(vlF$iv8(vkVXYRqhit1b&s)lPKF><o<8urbRLqQrJwVGsM;!vua0@^F-SVTHF
zBJF^ZKb3GDZD_dZJFHnrAsP(_;-cCuNJxCwMgZj&6OzO75JcR$sL<+5-UArgms5!a
zObL`C1C@7=qZqn-5-~lsoB1`E4*^xU<?UG+(_Ceu{y}u_tjj5p;o#8id(z>Ul9lYA
z2ns(AVg^kM+ldumMy-iFFGe_IAe0Rwf3J}G19(>lzxn~|ClFP}(i~9M8;I}`l@n>0
zIvyLcP9Dqhyqm{(9c+)x#(!Uq8ln_Q#+!`d)BOPyv9`vnziVhR3rQ}G<a|m$=xCcT
z0B>?YMi1??5)7>?1fepz_M>q<e_<>>_A67P&Z?Oz2}g9)gl0-|zSl5z;UK46$=8V?
zf2_s@xboAOsX505`1&EF*mzO+J{9}{$wV#3m}3913OFlqwno{Oa;KUxwaDpGxK$60
z4|7>7h%4=8ayEQHDjoKQ1k<t%9uW>$&G9;H1k}4(?ndyvWw251&<s68#Euco{bffD
zwded>g7N4|s|vXCh@%V^TX5K=D6X*gHd_7&r_Pj1mJfnC`<@xHhK+FJBhb1CA>m5N
zG$oKN<>Y6rlI6$EVoBXbo9)nxHi9VO##4Rec&3Oxr_v~j3o2=fm++k(=R6l9r<0LG
zXm!vVTO5~ncxX6|VZC(#spTh04I0PcXAzZ6D3a)$=(1pi95E$TY5|(|=68iI{BSMx
zy5)8W&<`=m2gDAN20@vei&3mDTP(9~7AiA%gIOs`Np1@-h$2uVeuDSb^Dh*GI+zZe
zQ?twIwvkqUQOmkh^=g6)q1Fm+un=1tjes}el?XaS<_*9)S=GiNWrM)a)Q@O{iJYjo
zG^)@fjNI55m~w(ao)l?EFx}3Y3ez^~wBd0MeO?3AfI01G7)GL$cshIiu4FYCMe2E6
zifX|EN19ar<4|u<3Aj7ON|N{^=7Xj*8Y3M$zWh{0osX{zzFmVe6%v!?o{YRg^r`xy
zbhE2)(KDBIGYKF&8!bi6oaWvfe!>tg5Oth(<6)uZ+ZrY*4j(e?3^3`L3)VmNHxz`_
zaXWPbk0YH^>B=}AxL9Q@A&&SxR1VgfYxld;=?i;CW@fY+(&aN_!qZ214%}wOr`oQJ
z-)R{`rCbzcA`=H3;DykH8V_zuVsS;24k_e=B@tH5h`uQO{0_Gl2@b>9I~|eO14^nG
zoCkW5Yy+_}%z8t-pp^yU;cGmV9~AMGSFo3DI1*6_K~bwzaH2~NNJhe8vydAN7El}5
zakrX-72EV*ovx+SC@BVEe^A6BNU?ob)HtUf<q1hkHqwP4WMS2e7LKxPoHG6cu!j{X
zj8@{geU`E1&=GCO)5J4x+9yFX#0xMiP&GCgt}U^;<H;^no8d$}_4eAP|HKH~QG7y8
z4kLox5F0KV#E$D8UWhHn3Tea^T?%bh#I+4b9bJQlAs^E=T{pMCchq)a8Zud8h1IMQ
zjT>(`hv0O$W`JnE8WjA1D=0*J1F_0MKs}rv;#A#2{q)L`tL4pK9gTyhk8Nccr72tZ
z?4JJ%TB|qnhFu)M4dGyL^~oMReTW3^Wt4R7=x6UR>UVJ!+_NF{T~SrSP))sosJOBT
z3@o6H9haAWXmR{WK{FAR7Ds8<Gvgan;@<;{az2dJ?L&5VVJgNmSmg<qy}xA?_@aD>
zvXip}5XZYCw7}<P{zf_jTnjYV=e%kxOU|Nlo)nt)zyz}=+YGFspk=u%$BPu(85^u=
zNBQgXy=(6rQ)QsR)aUPu^`)s%V81U*(_z@z&&tpb)xQEwj#8OmFCty4j3f3yvMqkg
z1Rra6WUQttOqp2eB-1f|$qg&oZZs6|G>a0F>h9qk3s+!u%!%E`)K?Ca-GA`soD<Tf
zHcgI67hEBZx91Lh5eWAZkan!*|8fPiz$|EB_!cJWqPiAhfl-Ol%CNL4!89T@V$00C
zM02El!}b|3P*fmZP??&q*vM^yV#X<>&afGm<LXq)1kRJ!pO<5o=grKZ=nk6<!CPHl
z2>!iMIcXDRtZxC<$1dDGx+{FK%^cq~=JQpI--D4-G3Fi;`ejCH#vNB&ECp>V=96C%
z@f<mJct}*8&k>mQrd%ySsww1*C=E;QM~qv&-t%9E>9g$t*gIjd4{9nP27D^Qp7aDP
zU8F8f`;I~rhc7Ij9PE8`jn~zWHi^yUnl%N#ETtG2dIyiY{6Ox_nVNC|7IgMx7nI>h
zZDnfdPLgcbLQXtYiQlM!BM=<Z?&XR3f<O49qM@y5kPUj;B{E0Ixm1G0!HGmCp!dEf
z;EeMj{2VI?rXNEBXk^_b6qC@mRgo%HZ{N!cSwZlW)B2sjS!~ku;7X;ZDJV3)GOO$(
ze==orKwl%i8kZL-yN>>F7R*3X+D@t8<<g3ZozDGzx8p~&oNp}<4XWkj%*i1gQ3&ri
z^DW#*cfha@nE*7-U8Jk?g8`(w)2m|(bHJ7z-I=wul>)Yh)$X^_;m2E}Z6J~vHP|=W
zG>4<zokX4?XK4(d_x511F-Hn(&00e@P++GXo>8vZDw{hn_Ruz+E;WoYu@@Zw@t%cP
z<eZr4#xb%bOju6Z#KuVBsIsh6vQz4w<m}9SP|c3NGHb+to+nmi{JP!XOzloyphOq3
zu8?hgi70>eQ<)>3P2CPN*M7+${Z1h|Jnrft+gc^skV(W=>o2N==!oQ1bLasz&Z67z
z{rOA@oma~W&u>fy(X8sq2}EU%Np6Nez?VKrywp+B1*>cdjiVgU9d35^FRGnwy5?TR
zc$Ls~Xek$(McFg3t1!U^7C!r+#sg#T4UL3S1C(rg!9n_BN%*8IX<3uwI_<YCt`&BZ
zgGELEu5aj_WzBZgRU;0*%5I9ln7bkeCe$VkMY}5DnUHW2Sxi|z$KH<)qy@tar3H{K
z>~gaa&%nxoM+`?i4w?Ei1v&cQI&99Y$vL51cL<@|>h4F|sTwP4b^ovGzB?+4X4{vX
zBqtFh4FgCPWKaY_$w4v$Lk<H-l%V7!C|N*2vVa0IzyQO51j#uFNX{8al5+-Mqu)92
zJNK^l)?Me1d)Hm7S9ewQ-qqDJd;h9-b=BU;=QI5cFbf7Q+f6Zjhq0Nm&FAefr%D!*
zzTpX~j#PzJqG6Ts32>F6Q)pLt4)W=lh0&LgYVqa;&ybdVvan@ls%{C+Bp<cAC+TLp
z|NDv`r!5jbiau*8q+GC>%Y3cp6&Kn_+MIO;S+_=FR799BZs~>J7Jl&y1Fv6T?oOHQ
zFd?I8QC^zT=mh4veNSeEQT;tR9)Y-&OD1-bT>L)uN&Eqb^g4s6MD{u7#qEAR(!1OQ
zj8=)GV{Y`6?~_`GCPYq&HMwGNU)ssmcNe-2$bmL<E}F=Xu(iDmCJ^J2bIV~$QXhTc
zvWExo9@DN|uwlD>R{qjk$^EppPc78(21YX#-mPUi)u*}wmj*J0f^;fs9IBG@Q(s+{
zx)S*f|E<eA$oylBZ|D9CfZy2`3;_xZEG#TcOk4siY)rsu1mHFT3j-U6l7a@83Rq}H
zPR#<kd+)J2o)DX`sm80{tIPmu0>EYM@`i2y`#tCNdzD4RUX9E2Ja;u<AxtHn!Qpf5
z1=7)af#ECFqrG?g^<FcfNgr9c(=<i{_e*hU!nTI@yM=X3e^aHkz5u<E9rrg2meBM~
zkU(}5Hy&ELiO|4pUpGE;IE-r5VbAzM+%!uYID)B2O2=qx_1sO~d`Z6zEzeS#z^YNM
zJ}b?8@yf5A_#)f;wo4tCN$(fj>gkWDs3$MxTlAAKX>Nn|uqoSU9JGS)tzPI%Rq#}J
zJmpsTka{zY!d1OqnrHK>ot%X5;%)Iu{3G%72LWTAwBS9JXzaUtbx0(UJ!x|ny!UQ3
zGZte=jJeNwdqC(Oe|xtW876uq$tXI>ib;F$xirlacteXv;D%3g@gA?@Vj_Iy{IQ4l
z_t9^5cG>rbHl7COw-aqw(_YS610n1rP?o+cua6(^c%~J`L|VEM`61vY(a<P<^lMSJ
zqdYCiLwj!=x)HiNrRl8g#U8Eg#m%yT-evDJ%p#*rUo$oT5Q`99xNV33*3g^SmX{o^
zhf7P<a?Nr?XI;$1+E&6xOE-2zAXp%XbltxUX7G%*xfetDVRvI08`zM9DoyTQraEvT
zJBi+KYJbfPFVBA}wiQ%RcmwxlS^z~K8poai`WA!#6Miqoqk*KY^<u83_$9I%)y7$Y
zmY*QwNX=Z#lf4kgRXZ`0;t@H)TzDnRyVvIZYdTEqlKWLgj~V+|_IP#|kEI_M>xg^m
zpRlAaddi_3v4&k5f^L(Nwa0p(j)V<)@M99v5q!Rnwkm~2hn5f@yVOj)jm^5$o+Q)(
z#dt<emM95MzDIcaULVR<8kR=!^v^z&9o({66B<o&8SJw}<aL=SqvTcbH>qjGNrxIx
zw|Feh(&AnlD_3}$Q@bFJjj}GS&uZh3)5)gqEbfRI&`+#?&RBDU(CWcUsv!0n^{#Qr
zR*wNU9a>aE-MYLP<!yzAX;FO7I^f!zRe<3Bfa3ANyB9`$f+6bWqofckV%wGnW&5N+
zZbbb1H68TPNS#?*L1P4L|3O*u*6@=ESO{(Dq98Ki2Pn^M=LdHwc{{LE?2-9x+fzV4
z{^$V_&ujWRKuNmk4nv)hzm=!u!C}&!0yQ^Ox>@FLa<A?!fU4LNP#1t(FWNXex~YX(
zRHE;j4+grNs0YrqYexp=F=(<U6nCLGT1h}lZP0W&C{!elK%(l{rxW8yLegoNEmu}8
zn7Acr?<{}!ebZ>?L^rlocek3B`_uS)8rs;>8nfa%hNq=t*)AiX^cyhboV^ROgBN4*
zbLu_SgPWLsV$n2lCmtcoY-0^O9))r0pogU!D&al*cr>LhvwZYveIHk}vT)rr5!$x}
zY4S^|LjCO6%dsYIa&_1!#hWlk&0mR}pvh>RH`roY=997HeN%&-M3#MqN2oDUoGE<t
z!UJZoKGGJWc@`QA_%5ZHxJCpQd9Vs5cSyfy`?&c_pLoERIroGxx1yOzSx!4oM344Q
z?vvVy`%#t(#7?X)j)-|i6a=>8$2j_Za;F^=$3%B7rWQoNQE~d4%lyS2nDG7X`!FA(
zN%K>N+b8K~9lXwqX@~95n=o;FkBfbh5oWCNs#8eRjMXH;+yzU_;;oPvD+#kPPkYa0
z187J1_y3p1%O;&3M`KegaOH1=Z1ste5y1AlMZ}4lJ4%@!O-4yFDy+1Z3+YV!WY$Fs
z(2Om>8k368E)fYM=IUfa8)A{3`VocO_9D#Po6PI-!yBlY9X~wBv$0<oy69gRQ!q(E
z1^l>)?eO8jsY}&XA6Im1ISs#(uU~&>TPbZk5|H4b;g~CfX{I)di<gBNXXTFqiM@%p
zcvnK53n;A7SsJFV={xQer?bJwSgxVt)h;O{#=5wzz4%F_*>2!9c6j3e&>;-ttOlUt
zH&kp$2<E%)pJ<l9X!=u~FpP}+haPRjZ-9ZBW`6ewVQRd|)J#H4xHa-bHdy5Pp=59W
zJe5h%c|$O_Sk0}3h?g_;8hSRatGnQp-lsUd>05q+R-<*^Tz*0LA*_3495{NT$=`{q
zv8|3@lFiQpU(*QZUffD9<Cw#Li~e>J;b&W(_#!{d_EqsKb;<-gSa8#~CT+PZtmaBh
zYObXXbX*&DZ**VB?IAzjC;J&Tvb1-U@gtO_?9eos2x6*5JbZ#~=tQfOl2ZZZoy-P`
z_6TWo#gf&tp;lR!No~afs@*Bkg6QTJ{1+Q+83f!C7-jY|xcQ5F^d(x4?Z6m%uu~jv
z4CD2s1!^lzhHCI$muj}O!Tr||@wkTDq!K|Z;k~WlWS*N!;ivR94R^>W2F)5x)!r3)
zu!LVc;4#6Eji=dzc)qgTT_kG2kTwCo!@v&Mo$x5gXwK|60T=y2G1ta~nv)M-uHnpO
zGy^-)@Rl8r=(8MM-?r-(wOJJ!99lvlYJY>?HP!E8*E8a>Ls7e*R<h6E_-O0%fMfoG
zO1~^V&yc^M^58gsuFFI#A^kPqBj3%x6<5u58T+W}dl7#D>gWyVD*9d7>M5jz+@I-N
zdac`8{Lm2-)eaLvR>v_9s%B@Mk(7<yx%oD}yb6#~<yN-`33s3IN))FdV$01nv)0@g
zKM7SPj`5;D_&u}n|I@2o+}=J!U!mZ?Fe>X)uDRXYAj8wXfEYW&BkZ{i-=8(P#VwTc
zJsKU_kpJxB-|1N}Ha!dYH4EbGl1mZp&xsVa$x@-W9{g{~FpOV#VB76y_Rw0F%BJx4
zTSW-#{kLSKa`P%P+Wq!_VKguLCLH-Qp7)+Hlsd0EI3T!FuSUz;34(fV@(mY;ot`pV
z)?QOyg|MmSr^aY(DqW7PEE>W2`I($6%iMDObmRrzCTH<b4tVoiasxkP%#p$Ph5NST
zs!Lwc*04;;2V0xl(D7u5IkMjud!__cRoDH!9Z3g$&LUu}^LPVwfV{+$A9sAVJ6rP$
z;}axj@|-slDQ*PSc0xs~M3%-IxrT=$^RN8=Nwag^q_nVj)kkkf4t=<WcM!TwX(mLj
z{~ME^r;)+KCDA7+U?40E41_VUaIo=kv2n1k$HCVlVG34qV6z3V#e!1PEFcEWV(R><
z5gQ~V^{RizX@2*w(J-MT#?|Dz&`>D~3WCr#tQ6#LKp+YxWDy^mxR7)&2@?suYpaIl
z8zY=?`e?9qYYMFtt-X$wLgX)uIr-PO^7EO9J;dpD;QRxqk2~<jLu+KKq>;o2?fMA6
zP;HdKmO$^#uL94%GCrc6f~L418=GfNB0mvGk-uU6$0=xJw!`io`xbY2>$__H;N_QW
z$;?6$mfdGRx^N!S(?{h5tv&2>8;cK7BCWN#fx}Bn0AmFX(>JU@&|u`H`~E^T`|)hY
zVBzu2m58at3PU|v0kK_ZHJ@i095Mpzq1U=Psmk}SS1l=qp@PhdVFkLF1Tr!p5cwOK
z>vm9(2X%96M+WH=W%5Za)KQ$rl+bvxTk+5n=oS+9OC{2^8VX6T#P_EMD-3mabY14w
zwKWMDFY8AI*El%qQf2OR7y1ylZ0H1L3duU6<8i%iuv+ofS;E0W6;SD0tZ(0S5?cgA
z2d>@(E5I4+L<HyG7lpj0YX^>?u^l+wY3Se)VjV#XdFeQCuunrZ_%6H(H4v4sP%wDT
z9Ui~p9kJiKr92t4Rqw~&JH9_Y*l%6=wSTr*o10IRU?x4CsRsHvefBI!Hgj41|Nf}g
zsgu5c&96N?Sh7vt(jvq34?M|-eePIKR#h~z;y&5nMqBVs!wR3WDMj$MnlMI2p5YXP
zn7#ERhS$OA_83Dl*jdL@OjnJwa@VD#OBqS<mG*Q0{0YTUjW=)uZ(;%`;D6yI2lA#t
z-T6?c?}PlRGZ*e&es1JSmfA!{(FfRYf4%Zxx3-$96m@?7&gZ<=NCUNR!!$eyu_=>u
z0T<(`sNU&aH^1KW@97b;t>2@r=r4n0J9q|t5`b5K`4Vt6Y^M3p-zoR+!t<|h_&2Hg
zbAwmpKNbB`?*22YzF9@bxmm@Nl&7)&cuLD^A02|H@!oH&FKcm5<jDWb$+DUpZHTsV
z>hV(>RAs183XfIHsfnz@8*}J`>OQ-OQAo5>tT~j7h_-w*&flG-pCd5&aIio1B}wt*
zN91-9h1yz>%#-^EQpLH~JbMyjN^d&jIG!d8S^Rq!$=KgUFyFNijERkjkBjk7BN!V8
z1DAr5hMbBObXQP_n&sLE25jIzCNMzt+XUX!Z0T3}M5Xzq(s6>*$3b<Fe=H^Pv)GR{
zk)-X2yb0(e?)l^G=sbOU6{Ue6wzOfhqzG%&Z6m3HwB197r|vC7n|CH9>P93GHo@17
zZ9{y5vv>%*=)XvKRKoJ~HG(fQ-FqZ122~mXgf4u*A2F`abfzA(5H>F)FHFJb3}RPI
z_9U?T^h&`j%;McP1b#?DEtlR&#|OQ&C~HkGqQRb<^%mtWPQiNv>^krTVGatQ&{tg8
z`fPC^{1VT~adn;ROZerx*b*#G^i|v~rwk>wX4CsO6&_ECdTR(eM~m}`r{0qbqr{En
zh;>-vnr<hkXpAT7p!z9=8v`$b+I2wXj@Y*?pB)GX`XSC9HVY=}67)oy;h5qa**g)l
z*<++P5j5Oyx(6S7LWlY2&24Ogo+#^XobLMmJK5Wj#P;r%vKqxS^Y~8vStk&;fUg8^
zDFmn9Yt|?=Ql<@OM%L)TWf=qpo3|tB?~W(j8Ew@kNZOJTV0ut2gK+8x7IASg5p{iq
z%yYW*BT2%W>C=WkMMiDp=8F&#Tf3XAQB+O}r*u($lg}%7Tq5@-(@DL4a_~yas|qo1
zC^^CATyEpKA-8wSSH+lcQC1KXuTFOOtb&-qJuDaMZ#A@*H%W3f<!QbKg>5iv<fr2b
zjF?rfxw=m>U0O1{AF{14wS{VL$o?jAg>6RXLe*Xl@jRGfRLvEGn-n1HII^HojfdR%
zZajXa{ByRhij&Oh1?fNkQ8}oTxQ_6W#6~>#@)Imj9>0Nb2NQN~?><Su))3D&)y%^1
zf!l2sE3Kjd;jqIcF%z6bHY{-9n(4{15iGGM`&5G<*o@JRir0ZhU5kpf;~8wYZ^xs0
zR8Z_;Gn=aXi-qo-p^vS`w}_vYy2Kk6bkzjYt$tI!12J~ybW1QYwz4=sK-_o+NWjw?
zbvL$>yO!SG$U8P+Vek%zE-EZq=db+yk{+;#x3`pP(*^@?yydWQF1-I9obZ(g_de{j
zga`B}G<+84j)iGY<@rJOk_GeXZ1#wef-k+<t_r=BIAEhlM6xhx_vc7*^snH56SjG<
zr7NG|f3yEHGj)HqBwN<lY~vT32d7%{Ng4N6_pz6Z=v5`y<k9sJs{_&D)&m)F*8AIY
zF99~He^6Z4JM`srE=lz26AQ`rRL>3Z@T;6W7p1k@sppK+WScgCMARCo?G!O@3XVO0
zSuNPHk9!F5{1GLrBd@F8b(ufRR%D3Cv(0wX=J|zTpjFCClp{QBkE*sU51S$}Zf8Wh
zDnH&b(J7wkM8Zs7<m=Be=oagmrWD4DB@Wx8r}$B({4KT#0lU8X&E6b^X1<f!UsUJT
zjvj1A<d5UKoE0WW5F*Dk&}#|kLpx#-LZqIF+pq&wWnRA0UV-D$T5KmZOWWU3;zl`%
zR3CsDI;qz{G7*&N-kdkVQ_hiPqk3`{nIpDf>-OFu@Up;Hb&v!N;Zcsv)rZ%)iWzz=
ztkJ&zgD$EAk;SuRbs~S^$R7ZTFXLfc$nr}lo|C%yrRj%xubx;=tT2)xk0?Ga{7Z}$
zpI}(5@S=1tzMJk_R|^{~VIXF+LZo`3-$AQBp=uYd$Ktrsi2CR3bSkRd1L4Ib8^2Ax
zrqRh_EY*ggh&Y+Dxj=_^U_pZ6C2LT)oT7e8!5h;;hGYA<Y_2(Uv%ai3<(Ka@2@eMq
z?kklI=skGY^8JF+w(UV*Mz%%Jj9Ohde(|fTgpxNch2s<&poFs9J#4qr30Xs`WeUOS
zr}S**55i@yCa2dzt@KjET(^JNutv$o%aq==(6W*bR{+~<g7Q_hi`LTino4P`dw$X^
z?Oh(gBDg9hkqGYdBe^L<k>@er_ZJ1-o%R%N>@4_?nl~%7=1?VcW>0If$BgM(#*b^3
zWERvUh(zIr2C#-=zwC^`C<M{GjQC2dEsyi@@-S>W&T(MGFm%`-u3|}>=wAUdXTczs
z!%(wo$7s5XJ@({3fZA`!TcRbjB)sGdV>a*A!9QiU)@oFtZ`snX;jMXk7dn+R^Vwaj
zWHd-Olp2X$>D5>NnjJ>9FoZ-;rR>BnXr{S}A%_CKZ^VCkQgTV+aNJ&aBQmL32eYH>
z;f6b?M%-gzpa|h~XzCxU6NLAzj74WzVg%~w9>%;FBbPyCOe+>gAHQG*nUI4`&`q``
z2y2vFic6gIXOSd>A|?26p1MEZ^w@0;WETqwzkkYWT}Ncs<fAP2R>X$Ht8<1nm_w{s
z7CZDBiFW~51&0ft91FTEoh>rf2&Zf^eDgK3!UkJAQ|AXs)TKe;Wr9pOWdyMmY{W)G
zX82ow)J_XfyFLW4X(w7&2Z+U6d^L{~8T>v$x@+bvrAZYoO^HW@?RDnsO)>tybIo?A
zhu!~BssNo|zus$g2SW$|%M0wa|1Y3^Rgpt7zFvc9Z|GcF8SVT7P}w0wy&Ds0P%*Q5
zm;kSe(qA;1msSi>2wh+F_K3zc=efvdsA?OJdRMVpxi>{aP4=JKfF}aA8N(nCvjGU#
zxrT7bQd?K;&EQMZ8Z?Bvz>O?-SQ@Q-nDqQ%n$b~vy&m2YgdVjq5f2q(MisUv@PEEW
zd7`|n#Pxq-f0j#1q>dQ=P=4N6s|%sXjWhiwN1_UAW>bc9ii&!a40E1J-L#&l?(CPm
z;|9bm7W!yz3>p%^5{(_CIytYk9iTe7Li?kO;@0=B#@br?hU3l(Amp<L%LbIUQO3EI
z*(*XZIk*i7r5unehBWF&G^nsb054dk1zq>@dkktz#(1(d+s18R(koth)575vHi>T_
zNO_TFI%lvKy<O0k>dUHT3ao&!QU$weWlVASH<VyvHHnoCCx^%f2I9&-;r=!hmTs&o
z^uw2!(%cleqD@|$O(twQ<W<MOgQp)A?=^uareqCBk;nZ`3FH|ABe%TYk@C>61XqS6
zQ^2A?x8RjDSS9+hAG&p#kfpquO&?wEWk>Z2jCdY%nX$zfOXkUHqPtv;3~@?t`&lnk
zQK-{Cf2#Hgf#6X-w(ZU=Z^u)1wqOFSw3LillD&Is=4XB%>M%CprvxqZd<}F#T+oDx
z4sqGuFdqAzxlNn#5AVyN+V@KD(K^<pyeNKsusvkQDpePG=OibR>y(kH?TREzvHe?$
zc*|*qd=fMF>VWeu{iDbW6S?<3T5|6%Qh|O68=!Ei5?{Qg01Dql-<L<%{l^|`J0h$1
zAN^CzGBRf@*ww%4Ql~gP|4cY*Aw?LmH~~~k8p+AnWW67^?8{{8lb59+pJaV>zr8;j
z`&)`|`{IQ7`Kg!i2lv+gmD%ny;bwp>+cPQ}?vMAI;%{x7iUe9NkfkKSm8ImT{xboT
zZ0J{|6kX4(si-MfeHEw_)s0+J=9a0+IHsc%|C^q=K)63L!<JKxvdRP{a>^*YCKm;h
zerQX6MO@?@x~jF*XDMGrFclR7k<k6tvE%_Im5DvB%PEd~FHLP0_-dx^LxOBxb+4A5
zUP}GhJSD*>Fh8&=)Zo1jxbEwDk+K5$ZuenSwCKhENVe2OOeXb({qlHEY3ehP?+za(
zMa%yuvhVJ>Bge0voB)pI$V~Q7&rb0d)aII1Te`l9B2~y1HzRLUYKZd@2a8;u{lbX%
zmh6zE^vA20NVvfF5+0ZMs1bN)xL`7ym1wt?zSzE;DY?-0E=27de1+@(tu|wkIZX1k
zz71%Q@kc^SDdXZ0vdc2o<C&zgK3(=uo*G{qSSM7G=dtU*Fa(1A#KqXsVHXrh=&8?P
z@9aNCU7(Ybzuw;-z4&`mtxEOverPZ&eNE$Deu+#TD0=q4GAWy5phul?aqR#fa&5$6
zVB_N9-~pd9|2csp_~b6&EhC1U^09irCl++$JTQNw*}rSLLnZYp@b?T3HYPBG11yId
z_$-4;7Ey@bXO{^pfp*02b10<67G0MqeWk3k=%ivd3^Nh3pI(0GX2FrS9tC%pz9I48
zfMs#g(_fAPRwvbUa?jz1mrv+I0^ROV<D(Zswz~{&s}YR`?nivbwTVN6W|{kpx)yoc
z;8aIh<y94Z_sxzJ?F2g-gJMa_s+cC#ebmRFiqHf0mz(F5pLsL#z-zmMl!^liDGnmQ
zmjV3K&lx!Nal4cT`4dY4Ma?hvZzEf5Yg)}^C7+nezGO3pJ+#mTQk)&(eu0@cGHGHI
zfJ8(1s;nS5wJ7`gmVgx3*$pf%FV9jB#i9%&<S>6$)qefVRjSD}b4I$dG0Javt@u>(
z$>i+v_ku)2LT@Utat^rDTgaknP9a&q+(?jfD6y17Ax6l!JL9RMYeQlwyJNSfTS3rR
z9YI}MsMNUgsb@4(4=kM~Lr68@M(P#r+snkMxClonU2g5uh?-558d~6#W~Dj=CH0fj
zZ=8<fCt~PAZXKdsE6N-?%!?!r`-QPzzxq%&dZasb%(kXoqPribdOR7VnvfVk!*M(o
zr$#jJCRX1j%0gSKTWPF1PwWsBzoH*ww1ylC+y<=Sw3Q^J86v4lA=V-mE)xfSHz*Sy
zsR8Z;3oGh@!#Kit=)uY0;M`brb{K~u2gKMuKmB%vgAU)hZ;#LRaedC{vHZ$PwCMex
zWtW`?9?6nozc5N`i=r;3hojn!gDC4|G`V7rWLalFuJ`3Ak5h+RAp5Ds4j8FBy+JXd
z>wS6`s%UnfP7RQKybExRWw$`a@NjhMf^@snC^>#h(l|G8Lw)o9+`eO(rdM25FA*nT
zzSLzSYZGn`#cHpgu`7}e#eafsv)it7Gl_l82;CO1TU=99Vpn`P8@g?lBT0)YSF20R
zxs|C_b7FcwqN$S7<M~kHlF~`vtea|O=62`|(E*!vWF{0rVQ_QV{fGtvY<8bJ@J-ee
z=;90(-J-o!QNI!75<63D@HK_ohiuSXx2^6o*I;dzGv6j0HKje+X<OF3rnoSY;q!K7
z&!nSB-)W&Ek7s!CEE$~8?BANT(HCno?bsf`K9fijcqPxY=Cuk@22bnVnKT&Ina|$Z
z>GX=-78!=S)>Hi8HR)%ZqWzi!agVGjQm}nrk*O%k%Q&CDr#R>itTeA0IUI8|CgZqp
zL$x^W*sg|yLP6Z2NSF{ocqYN042U3{B{Y-E7>6cC`w6*>28}-@D49C62$1f|xgAi(
z$2@W)@`7;VH(EYH0W?0LIovE&tooG7G1Qm10W^K#7MdVbVrV=N$H%SYvyJO$pWEoG
zxW-Yjc1C0;%3Zo@x4!mLq`pd061&!?yn3|9V*`a8-gGZ`uqx(<1v4>zBvQR=00eXp
z^QtFb>vU}Z<iDkgYE5}O4h*P;m0AwCYEF491+2XG6i^T4BAhVuD^7(NkVS2>L{jW}
zfPlG07!~_QCy)eLguQG5c%H_9VD<P}y9`%+%uR3jhbM|@(3a?#8m8m%+({b=X%(%D
zs`}$(_eKlwE|P!1lS<L}D>@fm^nsXCH@N0&*q0go=-MbdwPR-wN4+>bOGClFYM;9X
zj7}#NN7ZULl{<?{X?|(HFlH%Ld5jr4Av6B{yqeiFmy1O@!_)IRoat4-vlSQet4IeM
z`Nc&k3nW#4VQhzHta<PX^UZsXkcKECR~(I&bpgTIuj?VuifyN4PIhko#DMS|)fCy<
zKd0z{r0>y=Qi{ydvz^)^1L%wHTi8xGGIT@<{jlIR?3j$EKZ1<eM7O3LUC|#m1iI+m
z6Sd`47|W9f%gQ1wG}R<H=L;w1o`~`$)3Cd*`HyQ*pMSko8w@PJSp!s)HB+e*tSF?^
zcAd@#7ubLlV-+JQpT<h7Q0hRg6?<49v1QNVIzg!;90O?hZ_*q<!!s3Q6|7_Jf0GI;
z3MrCk`ms(w^w!n)xEbDS`_tp6G2hEkJ8qpsBVT+64??4dK8_3%Rf;G>Yj^#V*}w2G
zV5ZK%m>Ke;qz>gb>b3rH^8`QW(97GwrOfVfK`f#EjOHzzu1)a2c4{B5`L7eV39gUV
zUoiVy{lZ|4%;fXARYN@b&T(UQ@xJfoqZ_?@GZqsrt>7>0GjB?sEkO7>EyN;h5NnQm
zB$ufdL4(`=IH_zi5z2gIL!W2tT-avbmRMh^BiACYp46B6zpJ_LrdagUtyB1GG{xjK
c%P)+^<0BrH#{pP41myqb#UBV+`)mCF0PLw;HUIzs

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/btfs_constructs.jpg b/docs/userguide/storagedriver/images/btfs_constructs.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..45852bceead92b139a686eaa9c42ec3089f77fda
GIT binary patch
literal 63773
zcmeFZdt8j&_cwlZ62izSIW#Cj(oH3F7^hBBgH%)+=Ojr;=eZ(^icwKQ4N6HdqO)pr
zmM}UFrKah8Zl;===5Wn#UsK#}_viIIpYQLV-|zLjp6+|hHP>8w@3q$6YpwTMd+iZ@
z6E#D#cN>`+K@t)Y&=K$-Bw|A64LzMsL6EsQv=)M(sn8UO4Ui<bnhsvpQWB61c$WaL
zBT`c0ck~+CH+$k5{jg6Sk_K<!a#qp4Ie%ZH&lz7hdGg%F)2^4m_koWgD3v5?fObNX
z5)$bDlYde&Qt00lX=y1L*(tKJ=xgdUxoK0UPM<0(JALN#>2fo`pX{_*n3*$Xq1R|9
zXmhj`_<zP!*{SFg|Fb{Qdq{q&gu7(5l*9^1QeHwzUP4q1VF9HwKt8C5CjTTPrKDx1
z0FtK5fd|rO1M;P$BmuE9(tvRZKkz*yEiW@?`G)ON=I%QxyTWbW#w%e@rYi49EttQ*
zlBJ?~?84P)(-$Z#R9v)jmFns>YqhjD>1^Jzb>}WaBV!ZO-IfQetZfb+vORv{<SEC~
zPG>G&a=+~1>E#`8?RsF)jhn&Y5qIxJM%|Bo@H8&|SwiCTq!(}Arln_OW@YCT78RG2
zmVGGySXEt9TSx!)y`I_9+ScCD+11^{9vU9ujE-@~c_?2JkkkZQzc~AYFL}V1B$xwf
zS(GmcNe}Rnl9!fQzG2Fo?fYbpy3Jj&@ygVBJHno%7EDvt+|QbS>_X-A1u9z1m28wX
zF=ziBV^{xQarTR`zxk?%W`HFsDK8}t;UJ+vRq|nH;uw9HvPJmvWn7++?A~?CFkJCL
z-4^*ktJ+sjWK0I8svK|1j)om665}sL&^*F*9(g=)rwA(MBY9h=L!&f(Ts}2M$s6{A
zx3aNZN2&yAJVH-H1YP|G7c~fmOhwR);bsFe>pGWEjcgC|!@Wa@)Jswgxg!V<x#ZO?
z<Oq6;VP>pARs`*Eye@>>6ftx@wbS6yU+Ac<$S$g!2x@+#!5S5A<t+Pm!`vxwhZ&2C
z$SoH^Eq+4Xk*?JuDA0$sPy|J57K$M5x*&l*m8RnF;}J_{5WbMa6nl~cnlyhA)CHO*
z3IbN}U=M-NElu1KOW^L*)94jJ%RUgPjUot#&z0zJ60@j>QtjS?W6>O>M9>orasMHp
zf4u!2xJaLiL9R`Zi$zo!obIoCWi!Prb`4kad&lWFL=bpr24;NjFA<IO)<htRz3<_X
zl|Vw+?_n_8Km>LAKUQiK&rKW+KS=3xPzG`wYsT?F!+#J47wJt5%7Z^_)JROs?CuSR
z^xuga8H@SNHAWN%-+PImut{l%pqpbt?@Q8RUX^fddnSd4adlwq-}bMzz3&}K+#Ldq
zZd4xm<i;@(qz9qA&JaPLqM5M02s*WsgA9)I{F*W6#C%pxtSWghf){Hxm<NqQggi7O
zq+7@sCOI6K7#RLFaEqS^B0OI9Z-zO|8${4X$Lk`9bqK@tA;x$=z%gTgP526Q!bK1b
zg8ntNo&G!#RH(>=3FA{HiEBlr><Ps18!?>rfAc#btBIKn`b}2etcBPiFh?Rt=8gyo
z%A}mjGynI%bbp$loTwmz3QiCNcxvwm1i1D6doij9^#UP`lppy|qQc^T7c^LSgq+Dm
zMHA})mNJHlYLDc9T8?Fco8ocL;+Xxt4HQdbfhOI*T+FXn2_{*A{;ffis)ta&1IE|}
zjJ6Z0|E1QF^`?M@b!~ECp`4L-NXYhan)TohQA}8{U?-x)NOXw*x11RM!y;$}VPa}U
z(A+`ZNSB0ojZaKDumg+1l*6&6(CFarHfApW9}9jArqKt;EE*A2N6kWnIy7TK!c71F
zu#%5Vl4XdJRTJ<_?<VFHRXmEt)qgh}e19A{A)bN^px6JkRWt7Ux5ip5#J#2aQ&F>n
z$bkinajovz_8*Ld=cIN45&kr`VCnxfk{5*!QGFl-b<I9u!%ulRqSeD9OZjg7>MO%H
z^>j+pS1_ymTo?4>W`5b(*W*u4zHWGTTCvnZvs$%FzutfP>ZktGouVc9730;(9j;fY
z(t@Qe8i89+jy_=$Fbs#r=(Y!5eahj7?*A~W*dQG-D1z#yON>x|x1Z}XSw76DK=lQk
z`&o>uml`e~d1{wzc6x7W+ssc;`3OSx!6NdEt3cuQ0Si0Umvg+g8}Ys)F%tD#FTTLK
zP8}@J6G6{W#q#^^!xzFuk5}t$Vd1eo=yGOUc4!hocy^D8Y?Z@rCV1G11=_*CHTxn-
zX5ALdrSZtXiBOOC5B8FV$NUY#f44{vVdhe<Dv5)WW0MBIUn-+l3&yO#0`_Q*9pqr;
zfXyIQ2#8eX*V&kO-`^ZmM<tVS6&@~Q!osnW{evTeT#go8sLR45p1#1><)`Ec5o#v{
z`K|oTW)pNsvwQ(Pq)B>4fI@pE7Llb#MNkr#5DF735)AUmojLx0G!ysi0oskz#`@s0
zUgZ3A%q+p&GH^!(jWtGPQmd)0HDCV_h^s)E3T%335b#O-feHo#w37rzP)wyjqgTks
zy26R$?fwQ~{}xH65I@nZ8qCtgF&lL1fM$cK+kyy56gpinA}!U8{Y??aGbg9l60BtY
zo6#{IOtReV`?pN`P?<2lLVrk-!8ImM>l7M`hbwDfbR%BJ(Vpz!8efev{-^_)04&4f
zKV<?K*}}5K^%y90;uxtM9+;}wD-S1D4-BMP%^xMS0tqX{|1k-h$Ut;p5(2S6a#Si^
zuoXgui7pdVm?R)fLEG#9Buh4u$RutM@-<+XB7#zUlfh`61^SGC(C|rOg!KD@ZV;2C
zPX&v&70Y-t!V}`kl4g;LuriMK_NfyW=H70w+WuzcO;vyWi?JKHm*z=~1pU??g(VFC
zGC_GP>OxRcj(Dkv-RPumAoZa>SnL{pIsxeq_$I=a2{$iB5p-nx9U%;G7TM<kH=RW&
zKonVohBSs;*CvI!oZFAS{;>O2wj>psxou<06l2Aue%{0Wm}jS-21CQt`ge%QrgRZ>
z*abK83QHN%)}r<<?m-1W;Pi(d6(-*{ka8w)>Z(Q1Zsv1evlcn*w9`3(FJIV~IVN=P
zHS_XvQ+7GH{Fd2=w$bS?@XX$^ZOg0m4#)S}B1z8<^?3U=B|W(x80R#zu-xs)$;0ev
zdzV&55u!aHlQ#J6lLmnZA`f@_Go}zLaEpA+SeAvb98tBm-h!+Y#kcj{^)8=nSX=)g
z^TC`mn?B_)x^?hQ@|=bSTe~dx&Cb_Lf5bGvEH+`GXEpOMDfm*O4-+4d;(N5^)&+W@
zT#D18{LJUhw))o#8+Klte=ESNTJeNwyw`yj#!K!9UX?uXH~2P)z%)wlfRXDBUqU?B
zG>ud1ZjLkGn%?H^ej_LAAo08VvX#q7mvufASjcZzb(Qj0Yhg@-3w9yviIoO(g^!ML
zU6|yc9M>BLn>`)v>)f~G?izb@@U%vPne*ISCwbG8#!d^@nWrM2<wsv9jbN6Jlhcd^
z^P&n3mOLtQdy3GIg%PET-ru@;C3pJ^WA)hB`}!?u<~xooY?HguAbcvpne!=pXNOvx
zkx_p^V3q#G>ZM*^who7ew;f#(Xqk;)7C;B`i*?H!Rvk5Ao2Ovk()xzu&EpRKATWqu
z95&>W4tl*Zpr3eMaV&7&zSTG4V=o`f(F|DB@7`wP#g{><s0;Ejf(^nu0-e^E*!LT`
zn3l2Y>n_b)*frFcpBi`AuIt!P<3OxsyG2C7IsP@b#JlZACmaq+4Ll?(bZ;WAN&A{m
zGr~=O$9Hmdxiprw-QCSq-Z1h2N%w))Mk7W4wKIY-O%jyo0~MJU221<1$5Ugodg*$+
z&U_Otu7sKv+9bg??pNnq6vP|07_v^(5vB@c9JK<cx~g0q+WhKA#np;=IeDFt197@%
zH<v3eq1}Q{V{Z`N;QBk+axJo@A+A$;H~Qj)v9CB;WdY`&)AJLTcz@IhKbGUT!9+#r
zpx>vIl$Sv1ZMI?KAecPNB|f?|FWe+mS@X?{)#ay_LHe{#20b=ja8aYbj7=Cl&F&01
z%I%I9=sqkGL9=}|Upm)a@YHe$c{!!ktorsd?MEW$^eKh4brq`*eKi~|`v{G{T09!X
zjbq2P+6d+lS{S!-y%K$Os(n|slCEbi8ohV&iK(Z%`3%~O3q`IMh86_3-6yE498-Vw
zZpUBC?@EnGQOAK|chV&+7@eph;PY7P69F`FWUIh$MUY^f3wAq8NWJEJsMU-R<REi(
zw2C);!0bk7_wzHh&t5+EiZkTv<y(ci3FD?F7~wU~e8vgp^|r)gA;BT|XmcaRmQB3U
z%9!P8W>n*P=`f+l790Gyc3{N~vn4hk*B=R2@KTP5wmLLFu>Tu`y~vF!&hZG)(}h!<
z7hR8yi0?kH-`L;Z)+>`2zgkW&+@yHzT7Od@wP~tJ3)WGZYhE6IP=ET|^62@ME$2Ue
zd_RBL?ULPLJyZMriAKUV{eqKhOD4Gx=bx{g&1xJAK{k5cJIc0?U7Yz~sSYA9)J7Q3
zwVck=R-}ZLIiK0NpyF`z`2#k08ht&u1$=ETZM24ay*WmKIq<BR6y%`4b@c7Y6!S~k
z`ezpU;^Om4@}h5~SbttJ_0Wl^&$Ie7&-j1YhBL;|#)UB9g0b72x0*6miYkvJfO>D1
zYQbHlE+J}qMj_K@vWKkMj@Jf>3S8&H9Lx=^{#mVia{1<I3f_Kwtf_>4CHsq-rGd;~
z`Bk-3Q}3viiXbO|qj722{s0jq{h52Qg*1;+K%3b`SRlYR2MB{)9g`e1zcYFkd_0m1
zr>)4{uUlNTD{jhyaP{vij3A+b@uA~0Qc^-UPQP=2bi8_@0Efvl;+OC&qFelMhFP^*
zd_PC)V5h#bDp^)Jxwn_*Uo2D9jj{ATw`}P<y2{+JA=d(Oy;(5;$|A`5ux_&h1q&Q$
zpf@Jycv{uS(&Z!iMxS$?r>2^o%&I&$gK^TN^-;ybw+3fF+zBr}ZzLO<zt;1iCAX7r
z<a?O~UvFdA(hCl+!Uhs&RJ9yhWtaRcd~x0drt%Gih!f!rM&+~Dx8g6^&za}%R|wO_
z1yuYI+o83X=zAVZW;{B<bLS!X9r=bVV8Nsg)?K1pp*XhS1F5s)xKG%t;3;Pwkb=_q
z{Ra9QrK>2EJuWV8nx9=g!|m4Q?6H_%ULPN>M;~nv#tV+Kos04}R%$h3cSKlm5AlsX
zm5Yc=Z+1MWQ#bZ;@(3ACnlh9f*?#YV7IQvvhap4^@IbYsdSuXl)-OGw7vs3A$t9%k
zMfTk5Pq_S@T=<29ui86S*$wwR{Py4hH8t||GxUqL_Fuxx)bw<$UFT-6qb&)0;*uO;
zN1lgkjx*5A;8I##XLza>Aq#4#X+&iZ@J{!g>z8D<)%M4kB8x~7Wc}{l>2Hyl8HV3(
zE;RN!?%o)27vd|KE?D`a@404ZYS|VMgrzfd?ZLuBg#~XFL1!`bxH6@6TwOMvX<VF)
zn@$PMU&2jhHa&lk8EEZ!snOA*#@Fy<8#PSVRAo+F!^hj#8%@6LJkpZq*aB33o^DC(
z6s|nq!83<$$P&;+(A&Y_m6cj1D@{XfubCxwXW9*HJ71F7^wD5P+!=~x_6=D&+zHGG
zM+7-|KLEieu9GFy_va>$J{0B{XnV?)QL#4f5s;~IW5WIhOR5Bxeyg%q4mPA`b-s=q
za9+J@&m5fwss5Ou7nj%Ey7}={G%!F*xB;vHLVh+kn@N=^d)z~wri}}Epr@n|+hdlu
zRSvT<vHH~sa$D@q`JYtG7a6?^Ag!Z(dXGIbmxLci;1BJ$0W3ug8sQx)v+q0TP?H<O
zHZIACv~if0&V~gl4l`@?%#KgF!gPU+4lC@<$TVeE4Xo!Zj9g4ki#*+$6#@d4fur|=
zocSO+EZ9XThTl+%@i!T>^^BX%k_?o(arL|}SK^#>cos=arv=|TBJk9VyvtFae<Uxt
zAZ>WJ?M3V9W!QaOxTGE*oKW+$ildL)A7T8?#XzWjZqD(O7hZ&Z-90ZRT;|fs#nQ44
ze{FNY0>TOO*o0ghGOdzz(VDw~ugpD%o4bm!n46l&hJ$~!y**QZ_oc^$_*nei6SG4{
z4sL6fG|mEkg$Mi!NEHLgj{wQ*f;))c#)JL9_Kc5|AAd52eggu{v2C-2AbA1iN_7AT
z8O#%ywId)~0-lH0NunJg`E3xkQ-Dw@`X<wUP9=r_`orOmpo<@%VBQ-OiJFNqOk=?i
zBFKPx3B@tv9DbrJ=!%vg1udnDzqmhRvR6g4Gq%w0!{h?l+_id=U~q*}O6hG-iIEj|
zMmZZ!^!l4-WMVEkNcSXIyH&Pbd^Kdi!h;4lQZGXVl0~PR#u-~CB|r#5*Xr9>{c%7k
za28vqix~l9mqWj<HqeMvbb;8*Y(?cxdnFl@C#Ja9uX%<Vc6<v4Jo*h|BZ4Y(U@*oq
z@?pvfkfVqQW08edv|-`mqaq0C2B#zM@<edUVtnT#CLJLoWPnpwqSSYctpzv75R-wM
zziu+We4QmbTE^m#LVORgJj`p?^>b!!<(GyTUUYH8M$hYUN&NUGcIv2s(5uW1*xV2n
z1-VHNfLT@;u8k_+QUsNoa8*Un@nQncTt@`ijr0ePO$R8NdxCHs9<j(>4Dz7Q;X=|M
zpY!IRQ2URY|Fee_Cwl&0_w-*qG)belr&Rt5Uo}<4lm>XT#DKKSZpItc!jjFnS-y*=
z_RNY<0Jp#_IH}!K$2n@;u-vI!qUEr#rg7=QWMw&1lV!KJ%RUO`GDdxc&+@en3jh`)
zD)?%qbN%!?C@cjFb~=*XIwg<XH&ile=Mrl_>*a>KAL3TteX_1CLvl9e6^<E3oDU{>
zE6Wj?{sfrczi+rs+!*&6wFR7$1h(9_ejpPRSL!f_>+_T=HyW6oTbZIITstt(d9c#e
zrSH`_Yp+v&ughnYesOD0Ia3)(+PI}L1oTO5ex|g7jp>hQCQCN<P-pr&F{w8c9(*B7
z=gU`XyCWsBrS;DDu=P4pecplXS6bcul~t}C*?9G|RJX?eX3Fw)gt64-7YuoWjRI?~
z8>~N8(48yWil6BjRKhC_deYFy@Qf&2;O(%%)kCBHnwi%1s|u&*t$Y4KKA-zT7>sLv
zp|n}}3{e$qup5;7*62xSDS1S{x>U8$TNvLojqpah@$KOr1vfd}4{e6>nnmqb)DmbL
zX7xb4w}_$wlOUW+nF3PfFR-k*KR#1-J@wZc{Nv{TXAi+BiT{x#%4%Vz2y(;(Ayb7>
zx%*z6Zko<2jY_hWJ1$fEDrSl04)dC|mtQL?O5fI9#5<P@R*Ad_S_QXa#$4c$SJNTR
z4Qj3GS777>NN)}XH6@8nXN||!AYBLn*xcH&m>NDXOb8XVQPRV}Oaco^@eL~zTwcg^
z!U^GS29MwhvR%Th=ha?Ip+>A|r1kNuovpyyggEPnA2{qf$Ps!E-@&*(4PGtvMFgE;
zj4$KSgzjnGAWA+@ze{X{r3J=(Q{;2bSkd6jrtjTUR<ylsx9#U2V>9Kp$CbNbM@e`0
z9gL3sYPM*W#70cCaT5owry?fn#gR9F4fG#q;BD6flgCjjJ?vUf7`0&~_M7py_Aq8>
zm(*x6X7=p0E1L0OS4-XSZf7s$$a-g|sYjQj>Y04_wpop%9Lm-Z%%v8L)w>p*7U;HM
zmU>F^nS`KrRzgUUr=yjbT}IV2lLgL)_Jo<FsBHSW#oa3Gu$0=G_Z06XKyZGjrN*G<
zoZLHLB70LXOL#?3j*t7yO6jsuT5*EAJ?>2Xtf0|~+DCaA&$KM<6~8@pTB4<vo;gFZ
zA#;vx3h@K{7Rh7<V{h;VLszBdu%n6x7ZN-J_Jw~u^<c5jz6`oWy3t8X{=?PkHG;S~
zTK8$vKB~kC-xA@UcutJ$!p8jdRNoU=c$|b_Yo+hpqlrJbHy^VwSG5UHcY^ctXtG6(
zgKSLvioX^eacQkDnl7=$`U4HyjNz`@6vE%qy><PwX0p6zYl-b(5eDPnB!Xs+z>1!?
zUZoLc9<Dg;Qg=X3;r=uKZ-+j`?$-;M^LR5MN$hrTuS|fq5~4DISa1;bHQ_o)`Kfl?
zW6doI%gBx^f1)0keNmb+gFg19u%&~eg5COw9$K9&Y;M3GQPV6Wu=Y?SyYttuS7o=5
zXZvpBK78R>R4~j{uqBu9J~I5MyCb(R4?62s8g^&rk>a_!jSnySaz+TKW9RdRYwn=#
z9M+S8fc%*Xg1I3D!1oBOjwbgStm58eul18N%w}~2VL~}ilD0o_8e5%;m!6tx92u@+
z^5Bqf`R?_Ng0MqMSYRjZxVk&I>Mi&nOV8Gpx|hv|FBXM!_g5I!_!_NO_tj1KaA4fp
zxg8TdUw)41r!O})1=gFmJ_9K$6fN}nwE`2210bXAxh##S2fA|<Y+=)beXWw!X~AiW
zDGLbQIel@)HP;_>*S7~+&pbz;x<{u&&se!F{&`l|!U1LC*yx5-woOq50mFS;2FvH3
zTPHA2@O+`x@47F;=l;MY{*715Ztk*X7vE91>9L|zPSRrgio7Ta7~O!8xKsk21Q>;}
zYzD>`s&mDiBhU4<W=q$f&2b@LchOUA=AS+s>%2MEF{dW+?q3p0PS@W+@g2HHOxx&k
zY)xdEDZo@Ml-qh<FM5<zxiQYq1P5x5)%rRzE3mV@7HQnvbG|@wyPnda73z`fK>3Y&
z{`W4QtPdGM0W>bLn*qrtqF0^OgOJyhbpArmi+hDnwKZ-ou%(A+>F*?bRb~xj#&^>z
zOX8g`e=X6o{;W51F?OSL_TA;i`#uiLn0K<8SmH37JbI1`vtGW^rg4psML)W1Y!6&*
zmubi+X=&PeQQppwd;hTT#lT|!dN0D^3FKC8nTg7PocMZ~(qgvGsCp)wQp^>&=!EEb
zw8&8~JwYW7O03w#m(N*^k?Bj{mAL+8b?r-PlJ7Y2_^xLmQ)$zW31a{*Nu~s1Uk?PZ
z$}HIydC$1fU<)@*dvK2DWkEf|EQNN#)ph-o=)0^jyvD5Swi~UYoX(8-wxU)K2GBS3
zB5EHQiN27;@NKXZq)S;A$*h51(}%@WdCbjMf}>axxiloXG<Jpg1zq=av$U|Iv)8NF
z9vv!HI%F|@j%S>zV2%$nud{G)zNhuDJ@?jgJ8pHUwUU0VyDmvy^GsDwhLdF3+C~}7
z!c|Q=%T4MpzJ7Xr{z#`7wI(*{B4F_Wi<%?Bq+;M^a=si0SrL_Qy|#%V`OD7W7W7RC
zYq{lIVjJAlqcgfjI+AT0XwrInbDZhPwa)`O!=ghrtaKaE;I6_J!84Ka*!f&TN3T{n
zKU{(LbM};5EvwUAHHxjhpFc3Y{d9dT<Q(V}KjYB!oGsS-<E2JyCMG^ZLJYUXi*S6P
z0-5%<`4rcy#YMrUF4wKa#jZ4`E{x)gtg7YgA|I+%tr|F*^~UIqQL6C_7s=<rt1EY;
z-7h%hT_${rYrYEuK;?v+E!dV_t7p#E*;z$gqo-i7`l}Xhwjar~c5vCv<-u&`22HOg
zE3VC-p?s%E(esDDS~m^Y0(|v1DRf1ErMS{xk5s})^|+>YhPn{>ZjeT0<!YI^$QG|s
zyGvNx)b!DA^JnUZ%eZ@*;dY*?vI{>rIulZjulV9yF_@nE^p~U0^RX=L!J@R++4pR}
z4DWu&|0_my+vD6&_2Y*N?m~pnM~N>z(2)c@VKurGhIvP3W8}G({5eIes3Oa*O`r?_
z*?1;)>0u>vIrD05jJ#20SLCOwTAPN-BrQ(fl)TX%X}T0zsCui(nGK?+d#X1UH8n9x
zVpZ7JVzt<-u4ojiyOz|ysCZ83TBKXy?wasEl4ZPrp8ai!%Z~DOB{8@B&I82<Lj%oc
z6B?pMuh6NE1Q~&Tjh;ay#;t{P(_j%Rra9-@$EUQtR1?+J5)1DvAGZUAFiy=7=Ip7a
zHgawm8hmZ;lJc2|j1C?R09asL|INW}5E%aqzy1}<_)jL@_DtCd+70sfcc4qCAdp<n
zGE^}WyUVs4qto!~0*#aWvEmTzZ1_*HeRcmSzsWh1@ShbYj**ZIsfma6O>|Mw_JSd1
z0m4QBt-nQJXmgIx=R^b;9KnGA>^SNWXp}}s+zRm{{tUjxZj0kK0ne{hoIGqBD~BY|
z=EFjtwgA+6p@vjON_<5IS7;>2L4z+KVl+8s5yU_z8OfK7L6OlgVj&p=9zl(dCo~bW
z^2<<`DF8Apos3uWO~lY3s=I94w!iw|wl+Nw1RXI4J9tI_0s)})GSs`>YbHtXh;&T^
z^~r*rldcAUDlYhW{~n$VOoV4(f1{Te<0<<ixd?V-j4MCTsDg#7qX01DjkJB0UCg({
za<hQ>0X=yF0B@QIs3B(?FdeXeMqrs-*bu~DtHDmjpRZ5s%xnF=e$9Eux92-Wmf5G0
z@mU)-eV4vyRGDA3T_Pj3pr9kSm8sBooQb`fzm`QzjibFZ^=KwThAakNL1%Rr@5F_o
zwQ2s#8V$PUuAge}*gnE}v0AD~ASWh`rBTF?5-eZ|Lz|X`7d0EiZAxMmY1eB-n5n1N
zzV(a0@jmSG;g8$)KDyos1(XVKz?)im?qp7R$<*IjgskIU_oU8fttq=QqV9ai?xkE2
z)g?VE)AO3#oZK*pEd^mshE~&GDXb+ved>?f3Tz>jg&(|yed`fofOXPYu+h`CXscC3
zH)D1azhuFpj_6k1lW)TpHor-~{YCf2-aVB$it&W?Dyyw`TqIZ%Y1mZ#puP&PXZ2i<
z7KIXBk}Q{~kWrbd{JeLceOLVfnceZL^{$*}7bnW6yxqJlnUu4k|G-`e!+HOHIcS1p
z&QuVHZ(|4XGpIZp86Ry=nqVFlF_$XE4%CaFZu@x>y#S;q6UL0k5t!n8XHaa<ZeM*k
zRagb*;O>CgzYH*TBG5QA;W4RA*?K``uH&odSfH<oaJL`2x-rb&i3NyzCCL_nq(<9=
z&%i(MJdh|mbnOm9KG)~%+ot5fw+4~9Y#rSDl8oFdvNS`$RsdM#8XyhvM3_u%3;4Bz
zmGn#m9b{Mv#c@FPvY8XPj{#Hgv={?5uMw-qaIb%&E9#bbjK8&FC#sTvYlT7fGBoW6
z9OhC9NE3X=<hgy_2i}2_hr?u`6?CCjk0}G?L>VM6A?Q5Ne4uDqP%~+=ZxE$`kvaKn
z&}>|I;Q-W)UW}DnQqTt(iLX_`J8FHl;fKM4Xz-$M4lPBW0eznqgNLOoG|k=3^LQ`&
zi)0$GIzU4BTrsk=zc*<{E*y{|O(c`HiL*(>*!S0dx&Ny$ZIb5GsLdiIzJ_FBco+?i
z^!>M@&x6{Mm;y0{Bki|;<+A*jPG0s3t0z&+S;<*s@#75;xf5^z<`hMB(@;f5Hx|dV
z#HO=)WE7e(vwbKF<HC&xCrwcKaj|t1!f=kq7-$6uqm1ogqq7CFE|5Pefl;CEk+~?B
zbWUed9Js)NFpsu>7PS-Dq&i?=p$WP8NDOrf=KFUtJqq&gi=gYwX4gc)^*8~J=Frc<
zf{E~h9loo!Gq`I({xt#{-~b$~F9wi&Ck@^ygh%&ck`@Qy09J=7jctgQz`hER5p1m0
z+n2m9+_pRQ*6R||#vbeC$~QGjJC4Q0LR-3v+|B7f&A%@dXpCJ}IPR)}!mWchI@nqc
zN08A5y96wkMWfer<jqK&w#0g4q>|5WQ{2t~trD}D0ZBJ*v&|`%os1<2gFHXiCE3)?
zrA3;Ro{Vig*lqpw^^MDo>pl$h_Yn7WO|fvpF;nx^;mTcf5j0o=#Jf-gZC1LP+Y&5n
zA!FKK2M0e{s#}69A>TMad#hMpUKdrK&Q-@4gI$CYZn_9EoJ$Zv)CI8MxS)*(%B@m~
zXlHC$As1{xwa)LHXHEX*<ssk(A(GS&r2dp5@f=9P9p1)*O*$nM-s%Tq6VGDX+)P2l
z6~cB#f>m$eeiEa{doUcl8Y!xvb{6AU^O5bs^!s4?K;i-~pqT(NO8+3E*?T&kd)76C
zFtSe@ls2#(MNld33qFam`6;PS?;Ya1Qv^v6+OQ3Wg3#$lfTQ>{0#CNk+YV|v)`0@3
zvhnvLameDuEp*{Lb00)-2$VXJhBp82Iw7FL{_3Pe<0p?IXp+fJsjoH<D~(5$4g(Ec
zE`t0iLzv&CvJ1|@mt;NC5v<d9%NP#Ke0zi#_dx`0F-XY2BMhOss^eSWP#3}C){}2t
zY{w6Fdp}Df?rzGtTB>+_$-0NzPo8}567M3d?u$RHT3{FTmfPOE<+w|@#?7>^3op-f
zUqt?Vko1J2s>{sHPnZ>VeRb(R^Mr7VZbCvA=fb(=WtJt?`=7TjsB+2}IoIe-PWctk
zOuBM|?Bym!Sk$`U=qjqN!~GMgf?=xmUqLYk2AE6~I&}gYb_qO05bKl$8mIG!F)V1x
z(kQ{BAk@iEL!Eph4$QzKj6G#J$d^Ri0ohr94#>_XqSiU0w+7m0I1jQ3BGMQ`#%cI?
z25+A#nlv4i`r!;*e-m-mX)0JTBTs>H5s%E$8BM^k-4I|UzOfaM2y+DfVoMUtOKt%g
z88>?Dp%ts?rPtFQ^B47Y!i3t456Uj>ca^@s@3sLM86r_xFjoYnwrB`fkp+mKSJ@h%
zcg}#Qoe@aUWdeVH&R;jTR^qcePgUJLZ*@|^@gwaTm6?&h9$oA<$dpC6-#-lXsP*XI
z!nG6J#&zhaxZxp!j|kGNfq#GIj|QtpwM5W8zXDDlULc49HB6s4Sgs2tgbbFGl?b{L
zNczX8+?-(X0O$RD0NuEiW7J`NV`Q;&OQ&!iem>lM6s+C9KTy^`B^}3)+x);f6a!CH
z?l&l)?E|V)&&@_PxP-u6c>13oohzQleXB;S#$^95{r`WFe;4IDX*8evq{X#f<2~<O
zTq{MM;KU2ebauJus{e)Cd8=*u$M+oRxrB>g(`yH=jV3sXv{R6K1%wB<H^zb(jUp<4
zVG4ER0=*mlC+3>Z><9~WRI+lx<S`f3uHE}EX%(ku@GIxW_)WMGTLGX5TIlc&hdO0)
znZ$l&e!K{}1mlOnH}9=_^izS#kMNrgah^O9+XkVlYu*Q6cbY)$5WpN|NQ?-22CCSE
zFrBd!MvX@&r`!S8nkk4dr2>ow>_Zjb70K+bzOqe;34o()3{uM&+MZ6~^*Vv3=Y_cY
zNzbr(t`y)_aY(LA&?v}Egkw^`@OF5iT3|v{^x|qUb@*JUi6JHvpF0a99*VBARD1zq
z9a;1S3Wv7MU?YAL*lPo681&i;pkx3FZp2UnR|XixgG&fPBRj;60WA~*o#F1W+dsP(
zV-PgkCBZ<&GTa-UIMIFIRNTadt_64$4F<I!EU=9@kR!Q*R@{*B)%g>V8H&25fRaZ*
zI;e)05_bbGI0E3{knDOTv7a*lqAo*w4(e`z{3qxD0sibqpeG6nhdPrU$ATw0D5L{{
zEU>h(?@>2Cv6ZWfGVt4mBDEDv7Ki^B1!v-X_N6XBE^tQorBQs82nP8bbb;^0IW<%c
z{X8GE5C-iZjSE4W=ylNL3Gz>*GQ?s)sEu2(KYQ*G_pF=&0B#uQdwk@*D)<TjCht3!
zuoJRb1_%aVaj6WX2s(-q+xL0sAV}UD)5$HvaIpgc>=JUINvR7NQMl&hAA<E<oo*2%
zSM;6{HJU~&2AL1sKCseIDIC!Oev@@5=Hgx!t#6D~w!i9<9cj*)9JrJq^W#wWU-l&~
z>k~Kj1n-xQv_4oF6ZrK@!S*exi*G<YCNd6|Eg1muupx$Ez7JwTy9W22A_!OHps{D{
z`!&M!d;>>h54{Cjjm#aK!H28q<E`H?^Mx6p#)le=o$tGnd04ZQ@U}C=K%rahl~+Z|
z8G|*IoXtvBX*qJ3drrC^<Rndwy)&x*f;Z@#DS|#!1#!b#*b0IWHGnZ=<qhZAj4bD_
zwx(b6m4RE$)X#KOf4JRHG&=KnlbL4!!PXhiq2~7JMl0hB&I|G^nT09v8$!vn731gZ
z_EtW<d;6)BN*khd1Yb74BJ}0jOEq!t?%E(SDpbqlX@&<L?*G09m!pmZ-RlVL$d9e{
zRlwZL-NIC>(4WF6;#ou_cSSCWB_(m))L%U~bZ||$TH(7_ad(3*TQBo33Y9oSo?}QN
zjcDAgw>MbK$`5av!`8l+5VA5R*fwpN`j4+$%~p@cTThQ4RFzGTo!?osWxvw}j%jat
zz1c9{T>XWs*%*GcoB8mioNAv{48p4PI-XW~=9lQtil6<g*dffjTOAAGIb|=LF5~JQ
z6xd1+kIt;6T(>k%Hy`NM+WT=~Ud=9<j_u@}3m#UCTd~trt+*x6dSWFi)37tRM0s~6
zzt?5Ci;7P|_RV7lvZOYSe;ksGUUvNY;j9#=&XKm-xOW-I`TA}h_RDn{M4P$<<Na%z
z?A9|{n&@UsKb}`ZJ58FayO$f((umtxb<FOT*?}0B{x~P;qd!JuNK!q{n>-&hc`3V6
z7tcQ$d(Dk-q^oI>9qkrjrn^wnG^i+NhJjjuIa2bDHRR+S8M8Uajr2uIXWvo$7rSL)
zcc#5k-fk}28WnWOD|crc*Jo#DIyb=SX<q5W(;0SWRc~8+#-D6w9k<sFFH-5a;pkEk
zUDo&}FVj3*&8shCd{fGnwha3h4xC2HTT??ug$MPs>cvj|+Dgxh%v0$tgxP1d?z#NZ
z1qe=)P~miGkz(`;(kFK-<&}cm*OsCFes2e2w`Ni^SUSbd40-P2?JTNbdCsj&fwJbz
zDZ1OL{gNHOTi7V<OOv=i$Qav**Bi-STkHPP5&@g4_j0S%`!9Xho?7y<*!Gy6IwvLa
z#;H?b2fRMceqFAfw&eWk*o&K<mCuhqG3e7fUs27@C&{_Nq5e*J^CPb|&Ry%eDvN#e
zjMVD<n33_>OM<)dXMuS8EK5}w$|E3=h9fCz?YA@%4|-icaa56G|A=@mo8>{i6)OV(
z8QBc@h7Wn9A&S`sx~z?0qaeDY9YiVsT$W%zV^hw0p~_wj5(26qT>u<RYyzli1gR-t
z(?QHw&aTUQ?&(}e_o#Qc<wjxHz3S>a61_b9cpvQw*If_N^v6ByF8H!r&0|R55Yhqf
zwAj7jf}a6=wWbd37ZeC{nj!EnYES$I<+)q<yFB@2221nbQMr!K%k^}I-YW+VHC4LQ
zZYw_f_RYJ$XzKon9#V?3z&~A2ZdGRtnWcZBjwrqc<h&xc1u(+8tUo$eJxo+xOc^W!
zK5X;pj=N{J9|*oj9s}6+LyS5|g8hw;K@tqOxDOP2O0+srmHQr4VSO$XXw@0iDupG*
zU#8ZN>LytG%=xtVQ~jp?z1x??^j^7A22vD-ZR|neoTUH<$UbldMb5xczU>(!A+i|6
zq`G(H9S|x6LcJB<*XILava<C6Jlz#!4`4&bL*TEU1LDhD89bG(od`yYf#@5L`Z<6M
z%6lf5H#z=}C?~jit_W(w@1@KXlD)XPPlbT^s+%y43uBB7HgH+waTVLiwhn7pgDv!s
zTpiYeE$a}ap73WeF+VDsmKuF3o$6)hM)JHo-TT$X^BW$8X0@ls*H}(ax&PCem6ri0
z{=f@|X;aU*j<3N=Q~NwZu-utC6O|L~aPv!e==25n+qnt=;jPyvvk3s*E^x<P^=Mkf
zx<wCMuTaW5>xGqX>ZpUGkGnQ46G5IziPAB(>3@LxN9Tu&TIVl{%(;BoiIR8v!l{Kf
zY%11TCHid6tHuv_lkaOMHIt_FVCD6WKkM4MN6qbpv(CQn^+sQm53RgB{c&pZiP*&8
z3W|yFwgscUjG3wjmzW->Bk$Dx=Cz;BAbos2Qqxn4IaMXV>(`!DsdQIMHuF!VIjR+`
z{<0${)mo7kU{xI4sA%DRu`d5E*OkA?b9jd^juVo%)37dg!@XKc-^q6@UX%S9heM7V
z4(;4LO}$7>lG><vv?@=nEOu@>Tj!RqPIIHBnX|fU3&sCgy5^b73r0OEk_+7RBKPk}
z^$q*bw7<CFyvg~+VZo&buf;?r`suy85OS{9PK~lFhvRZ-*kJj_wE>Y1TZgLxR$Pgx
zAlcI!nijnMn%3`8ma{(KS<@MZWnAZHPD)DE)YmEM8roYVwSp{j0@u_er)D2XY1X_}
z`j@8tm$=p}f$A&YBkWC4&2-k6>;zAOvFqDjo_S`>($=Q!i<^XxH0~|V$zVw~Z%|#*
z5?*}x`+CML>Zc1IYxZ9t6JsdEcl`Xrio**2dQvZZ@od9<Qrz~XC7i<CfX^|@g0&3S
z4Gfv=Sn=Yj*#=0$7G7X5%`>F=Wk-zCJJ-{%dl!Hr$Jg)P<OUB_jV`+!dHY~=*y|!`
zsXJ!~f#g|whWtIgM=~q5?mx|@>lt2Dd9$f<#)g2XNbBj)fqmIG_I*7v>*_lZ)S$Vi
zHg~0K^Wb!#N4OS!)k24vZyuUgxu&}qnCa9dIO#Pc-?NdLUiDXfo|R;0xU;d&m!}tZ
zVibbzS;yWkAL)Mfvf(9vePU3h;ryiHdHW2ZpD(+Nudb9!A-8rcR?AK~+h&rOZF1<z
z6^8Eo`!m*@T_Snmyqg_Ra`jdX=`Imezm;}PU>@H+F4b@Iz@D`;qPp{>6#1pMMxiFi
z(b%zdky0E6?()#?ck_%om=E&9iQME}kwd)BLXU_a+bQ48H1$cN9^W$eoZNAF?JFtC
zZAB8donx&YxU2-LUk;A$sjOgb-kve2reX9Ws&N2OEz!<oVgh4TxYsgex3Q4yS8{*N
z=)|W+w(Y=}H_Yo7IJti&;Imn$!W^9+mpQsSYFC&iPm4cQD}R4sO|oxDyF@5O)kAw^
z>}ncqRu5r{ffU#1uw~1XFr8Z~-(7lG6kam_H8p(v@o*xIrdFCfyM9CZl<ng$UL0^E
z&^cd=<gQtrs`gPqM(?E$!*!h>y&VJH)z8UwpB>@%ei+FL9V5+r_aP%J;Ofw914EkP
z+3AFto^}V=u_-x3QUargUZu9R;ZQ^F@W$sAvtLYmza-+ejGq)sw)g=(P@u}Le*dPY
z;$mD^lR|CViEC@iJkDqSwaf98)J0a}xt7a;n@cTxz=pl5KSdAg*4%i}DC_HhHcs(O
z{{mnN>+4c~bU(0POg+EcNjkx_L*o8ga$|8E_m=r?L8@y8!~ILBf$fVg^5(ty51n0f
zdl5%)8iVWHf?r~H`14aPY+twhwPJR7X`$Wq%%#K&!8=9<&6pa2L>0EcX5(oCEL}VP
ztzwq5+_ZDMu!Hj~GoSQ2)be${dnPg|C0jV^gkl>6%Tg^m?98`26kfd#<E&k}-R`t+
z#s-=mbHQH{u2Cw@QirG#2AfVFZ++WKRL){|L?rgau3D6LofNd*T6b4W$2#j>Dhg5?
zC<Dl`$E4j!2O@KGqKl^Ce{{MWP8&>U^wUUuXdJjz>)gkWR(G4P{<S@xvQ3!etNp?g
z9=*+O&rcdP9ehGRN32y3-II}jB3z+RYRvd^VMN%~EhXnQ3s$ClUJ{mjVR?~qlC|Z)
zOee*|tIpRZFm+@rzl~tOD<c+BOolMjn!wxQJo4`E5*&531V>OQ49B%~6G49ITggcg
z6c<Sa&Z+qccE}O=O9Wk}gL=GX3T6|xwaae|R4Yj)Qo6j0?F(Zc8V>=tj8Jk1CW=7F
z_V-L^0}*H}gLtjYgK5=ZTZ!i*)kZ!sk?qyL(q^y~_%CfTLLC_tYJh@l3XjtkOGTqD
zGzSc-cED_hIO8VEdJwqi)?+2cWH>4i$ke^9{+!keBChi_)oyBVE*uRg5c=K=8U_A!
zG8#1?bH-+xYw+sO0HT}cBMCK8I|Y1D;wcRtrlDgF*HnU7s26<~M@(om_;)xci>CHL
z8IrCzY%}<k*%#;PIpuq2;b@uSAW2$E8KoSJ1Y-fy;^+@jmHHd|=mHc(20=9g5@*=a
zMxX>b0Br=qSbs@$*A#?sWX~QDnSl#X28s>>_!|(Ha^l)9zh8!u1B!dTNvq;I0qf|N
z#A(0?*lwJ>Kx<ZiQt$J3Fo;HbARj+LH5zQ9Tu~Y)hKzYVP5k{|)5PI0O#k68ML|QZ
z3D7nXYPx+zW6g0i)&zZxfiF+o5pQZ6P?40#zhlg<pVXt#D~K?UKmZ$x<G&5y2D)P^
zjwbWluprPxw=~5ivN3tTSFTb~`T3lPpiXWZ<Uq5iBp?$UeIUjdeebN6n2h`PoSP<2
zFAxCHP%KQNPDJ3?^#DBCz-{+^7nj0qS)SMgxJw-iWS-hzw$0$FIJ8Gg!zhtpbtj9U
zA+!9M09S@Ho6lvHiMJC7Wl77h`>B>-g9J!|ayDX!4nj|IfPp-K!O`$Y@F1AEM;bLL
z1{Z;taGkt~5IF3u?|fF=T0tr|Qos1}=a{e9B<%fB)gMgi_@cccXpWx43V@(a!mPK<
z`qfXVPcQ{Lax|oUjdEBPw_4P<s59TCvNw@O<({8Zkts?E`<R7jxl3Pe3#iMkU%S>a
zw6$Vo;`kZrobH;tSajD#U-6k&tN!tQnQsGIZEDvqum0eCu<cz~UCr&lzbs~lx@9hW
zQRS=?{;Vp!y;^<v=KAgTZe$%Xogoku&#|!ZT9v%d+%ow4w3>*<hjT&R!!F<1J-3!)
z*5y*a@%0Y}Qx(sh_v|+)LnBL*%~}#mXF9gfgE{8Ak)9Sczui1DcH*;7x13#+AI01#
zlS=AT?8vrN!zEXDShm~P`SzpGcK#Oo^?hUGaM6RP{H=6twRdJAx14RVvVbvYtvlp;
z!UM$TuTEsxuuAqJRau+xE~7UQn#xtjkWU77o26ydzP^?Y<rHYooFDI0aysl`lIlAx
zZSsPirWKi)L3?Yp)pso3moatVT<pnfmkI+_G?;d=Q@Ir{Jyj3rgt%>ba&cC)Tf#x@
z#^Ugq8%~9m(x$3T-?0F?q)0nzA2a_^m*rirmGh6aI>ev+@-Ryx?N|;bfH7o?ZU`SY
zhyrP@FdN)qY{89s*V{@`2WEWo#U~t@m3z1t-!=1SG@N4vin^$)T%+K;Do{}YYY|hi
zd0erP@pwP2VPd~1vk8N)AE3i_gNmKv#oPwUV~z@EE0zNd67PeBKVAZp(PUfSwA(nK
zFhcz+nxIK5ut#5~%>Q!_9;ke|!8-@z<Dl#u%QT=4N!Nmm`#Ca5uFJlf*x+?o%r_u&
z-~MA8o^%0?45)3lyYjs8fVDX=2OMyKHZ$rUfxxZ&?;_~&eu4iVK;Fjc&mH^(u<pQ?
z@C7Q%nmVqv1=ptoJVm-%qO8D^7klm^0*+6u6BHyGEAQ(0_$eiE`Q7G#KBqLBTJr74
zlXVnF&w8_p@<qzoa(jxOaF(#S*7PFmO<qtT^+pc<W?yT1evOtXQhg?~AmQf8PUo<!
zIaasXv?k~geT(6$2<wwZ@o_6vIEFXfos&3QG;CX3Gt8BD56iAFI;E2Op;IMdUtU|4
zR%rF^&pNz9`v_G!o&CHk!TkHm^qP!|)0T&uoN%}WvIX2=_l`vO=Q4c5&n2adcO4&T
zncWe4E4Ll)`w0(!zMpYw(ymP-$uUl6(1(lSdm@T1dYs7`>I`36x=PPcEju-!DQ8fT
zScjWqu<W#gtwU<7`mter{@$p)118t2Zig&4+~512d2@+PY~}ve1p}2S&Nad9p${A=
zyq?eIW~IE0RHnJc&YYU{t13qht%@wIyfM^odu-AET*r>J(`e5wDai_-=DM@03#(5*
zkPS}vQ{5fYWR#hCSH{RK{rfb<(AUj(mpy3ddQzf&>iVME72|QMVjD(uDM8q@GLnJ(
z>5WdrMeLOw5l6LdsoW`<w@2kvX<y_H6J2BJ*5FPpf>N*25_S!7)obd5YKOpfigMnq
z111rhF0_W87|>7sd}5#R+S&%U9L^%s^6rdx-j{VL62xi;eJ+6+S$PRF*TE^r(q8|2
z`oX8+nwpRztBZIHQcTL-!nYC_v99s1Js^ann=PnaU(f6OI8>Nk1TC^!eE#<NE!z^W
zbUVO?8jiA+^OsniJdrTcVDlsoTY`}{j61Uk9{tQe)I(?YM5X3F%&&D<T)FDP1+%Ng
zoq7>p&X7a(j=liKs(7rvF5PF-vll)4qhGyBC>?*qjtHGq^z2ln)yGWDd#33h8!|b_
z*%90ykcT<}d9M7dIu?BWZy=AH81jgqUzmr`V=1f@1fgzxRE7b3893!(z6r-MLyMIW
zDoA|9{DKoh_%|~y0;NW465ak&<-=uhdRTy9eeQ7k;Fbn^cM(Jq>e3My?C8<Pb+_r~
z2d{pN(fxPzgYD1i2YvIMeCtQPvUSwnmx-WkVgxys5G8c>LpKFD=w6?cH;Obsf4%Qz
z&jEsg8yX9Bo7{sRT#6U_Rl4prNiWngiOWWTi$+hwOeUiHrjY?^Q2J*A9dOkS($MJM
zJQKWMo@jgGHRLS@Ok0jm=C>1fils3$S^6}jdt|oQ30IHw`|kveJ5l^4E?7fzMz_f*
zNCRneKmiI8pb7Z3@u0YSBzoPfJQTp7*vKD1)k(ah2R01g5B>fYjQ~J^Dh=p9`Zyav
zqiqs3DDx=D69X<ZK{W-y6Y+@_S(I}!S_!uF9ZIy3DW-R_^O#?K|3oulqCrjFA7Dm&
zyCO63_2WsdS|7)4Mn`9WW7iY=4j_LX3x*UUJ81ByG*FulZavz7mc1i>8?sP{2F@^V
zgDf!OXTjMaSs(=zvd%k>f<+XzJVs{%OaE~Pl#c;W1~y9sAXJt)3=qt5mg_5+>B(KJ
zL>*c{0%**lf}=qES(!~;4;R=_+oA-E0owUlJ29%vBR=#uh(DKz_CMS(=!Q+xDbU5%
z&t)1sV}^7;sC||3+39j}cFMqU-MG86xJR}xt$96Q(%&#RvG?pSz8tV2F1W6`b*Sn=
zlKJ<<OM=Q6+w)1X7H7JXwcBVFv?auH##{p>=Z%L5o*H&Fxfz9ryXt7L^LgEk_X|#b
zF`o6p2wnsdM%P!ieu6&)w9*LU3IkMbu+RaW4QlUzDUb)?+d@*<j+@P{4Bnr(fDfX(
z;+p0qb0gdyh4&|pWAEZv@p@k5@!5J_U>{<IkY3Hd3m1m5J8*5=*$iav7(rm1N2Itf
zO$B{cHw-RCK{@DiH(ju6kE4J`YDG@LYz&J$JW2?f=+4&*{IZcO3CAM813vrsH{<|Z
zc!%97oNAy4G7`kz1|i99oZd4Ar~`XheJGR`2NNPley$>z+BmKVx(^rQ3SruJBDReP
zP+(#B1VNn>1dW$qQK}!og%YhaJm5N?{DV?OR`T^_fgc>A1S`#D-Htmy_W;}HW8`BU
z-phb?jUTRXnBPI4qdpD{RFl!tpyFMnFzq>l>%jg=KWTinuLp=0fH(kA+quhI3&8L4
z{LYdUFHgK6f7>*h_P?V44jZH%qh-rrF22zRP94B)#W78|!`Pu^++jLm$fqF6-w-Qa
zuBTW9P|GOR(h;F<vlOyol_uh64Dy#Cpu7QJ1Ju6};64cANX?F<XLr^LaP04=HbY$s
zY7x~*du*!6sj_`Kueuzzrn0HG*HJ-zuI*tp({Mwl`eV;_4fn4+ur{(jT2)2!ID~yO
zVI~aNVr@tKE@sj`aT^wgK4uACthLp380}BipOG1G-g9?P-j7G_Ht7_`E=95YhI>Ey
zp8y)z%>zLeHVU1~sMpK4OlWXt66KabmL{s7;w-k<U_^EIp+%Sis>N35ve-H(u9LWq
z;<DvT9ABably~U>sD<lPr8|G<qyAoG`3)uyZR30t7dfhd%89{$6ixCY#Yf%1sws)7
zBu2p9yQrN4!Q&;a{d;gNZN77Vl|=w$mmzT1$QDv&3yuq;J1PYmp8arM^tjgL9P#tC
zz5R;@e;BpMF1~InOro~M|7!RU4a6_C8Zd1wpEI?!zjl@!ZFLBJUg4yMy+dWa7eR`+
zuGn72IKaUnamYe!tEzBrqmKw$4zt~P97AtheXWm1nSd58f-KKdX&OZW(gy<f2pmct
z!MhI%t^>L&0XD|4BaoW|d7$o!%FPjaKPB~_$%|@5jv@(6I2P5d|7I}k#8^c_b8t*r
zkBS+>Er*#`kd1JqKAk$GAc7Q(1%Kg6@jTU>F=PigEYQp83C5+r7$uO#gLn_GBVMS+
zfiH@r1Sdq$Qy&W4rh%*{{gYgJZ|ywT*{Y9<9ma5U<OD<Las+$?%5uv=B7V#P>;w=5
zhp~SMheCg`8mUYEP6R5~b53EroePJdQu`<CxPQ`1pd8pId};GW0Dr>O{LmP#04lCL
zr0`EUUxNQhFV*3B9N(65Qfx_*vIw0~OvJcN<DaZ|{fl5?-ag~ebcc!wRr^1AvT}tF
zaL3@_rn$l=xpQBfA<EXRyVR&-o1T-Cb+>fR!m4eb$~tL~(!J3^!93;Pid*OR)wW_;
zdr9M(Ac+fSJEO%7HcG1V*M8ojPI6ZJnACiPX`1Qb=fYF*{zT}h7FG&zph8sf{j3Q*
z!2f&$X-7*kfDPv559gq68KhM@^tVlBT5@5u3^oFUZQ`PfI#6`sTHT=UzeEg_#(ktd
z_+G}bT@pctL8vQ&%m6$?vkea5r^)>Ou7#cQ6V!1KqlCK%TU-uHZXW~HuwdKgYA^bO
zE)=03S}L1OZNkw|YLG4|Z_pK>2;aD&3>Y+U9ObN}c-TqIML>(eEVoIZR&L_j2wWO4
z0EORv<$8=kOYyM<Ogmr=pxu?XClh>x91rxXpXUtFPAAJyC-O<C6a4yj-^Tc106Eaz
zdT1$bG8>4Fg1~zsW$~!o5==2zdz4}!u?yM^$}CXJ3=S%z$D>iZ4C>p^r$7llpb6w$
zK-B{1pmQP%wjF%cJyEe6g<^7mzY@V?pchboKLJbWC=~lQ@gV#LhW)RFQ2!(rmOx=7
znoj~_fS>aKr=XXJaWh(kx*Ga*B03b!1)>KCf&iJ|uylX;c3>^U0{Qy$r$9jF4kh{n
zzs$7=eF~JTpag(oilJ>1<cH`j0zKaZDjVm4h#Z_(lLaV>*N7&=(5@yc{Q-hU>tSLH
zfFl5$v*u0a*s`WOqNIZC<Rm^e7^@(&tPq2RzKccBo7QGmp{^>Gp6|_X?ZJt8$~PJJ
zK&AtutU_&W!gYbXSfcQH9O(YCepdH3>^_|)bXZWxI}ZdP;zcoF@*@?9kqWkQe?*8g
z7@c$oh2?;B@JlC?=OQwjBtDFmp-ZKDQ0(bJlkByV#UZidYti2D;v9!~ntUYPv7HPs
zHRuunp##|aM9XI4CNd<T^4SvQ3It1&Wi4b+sWx0af7Gwq*Ol+=s}VkUfUX=-LULO|
znbAW%YPUJkB$srzfBfb#i@wg+1-QdTDPb?(YK1<Q>>s<&d*q>7y`(dd#Z~ABw5dL0
z&85?7sUtBkrT51YX43*;`k)@nKkFI6oE5}0-*hl{zJAK0b|LtokfU#E?yXnf&ph{1
ztL{d*`x)sF#rs=tF>BP$7C>V^z`Egr<qS%$C+g4j&3%1X70C2wDck{m0j~sPAoE;z
za9vw5OYD91GTC}LoV2R-2~knjZoAjjdZfok*v%UbNtV5^X=8x0yTN9#XB1@byH5Bb
zSCchXoR6uz)QBrpT7{Q$irUMqD($r!ZZ};dmvreaVUzBmJ-cLw<z5{~bAG=Uldw%Z
z9q1{e$LRc_d*in_uH3a9FP|LbhLq^QQ#e_~d0dS$8zmXGZ15MVbAJ6n4z^DOWo&oM
z^c}5GHadCigQbtmoNLF3<tNuHx2#!$eTAw!Wx!t*J=h4B^AiAp=-L4B6$1=GjCnm3
zAYGt+gTJf@h;}Awx5;QNIGXtaX)TGLRYN}u+P|;+WjL0ARRole*bV*##j2n%sSvET
ze^j0Vwb&5MsUK1Uz(-N}C$!pBBtU#Sw{Yrz2T?g1{I}r9!Y-gDaL9i=j^dA2rDA_p
zr7nP3i(p^`2OY$RQP^zdX0nhZ4|i*cZ6N0SV@VKo|Bqkjxn>MF*ZeEPFnWef=B_pt
zM2nzMTw^-en$KD-RR{9G)>PDN4f9{2mItl$%1~O4A2S}p0u!7e;er1NI04WU+kjk-
zHt-h!_c^-(jX@7iH1NT0z#|DdFs-=G22hGi;({qrsd5FTznVId&j5N#V*hcl0we-n
zz6IeC*f;^X%M{ln(6|E3EBJXZ>hIpf96fjeIs$f(aB<sAbclcKGl*lpiC?k+^SCDx
z(j|%w!=6as$|mL&@HGz1xtI8U7^s(<)ad)ty$F$t)`!H4w-eA99Xu*V(+~zM1`V*7
zDX2l|)PG|t?q#DX$_xnN$F@m{_bI>?x)RZ$r)-@V@b$t8BEgw!^rtAqm2DHf-M)&N
zN<65CMso`wbI<?XD<I;Lz=^phXnWw&zW&;cnLNT!+Ki5XM%vP?=#ao1`lCIg71sXX
zcR4ChRPFY4FCK7;*2<ZnETacvVkT1vS@n=R=o&P2m^TR?%3MJQ=-v|AbuSN`{gQ>j
zo$|qOv}csopERTIz$4v}0zH5eW!b858QK##)`B(wKe#~__Y4lYPNXo5{~z|=Js#?{
z`yU?JrBc-HKsiipq#dOLQ4Z5dk~BLd38^F@B;;(AN;wvlqRcKya+sWR91@ez<Pb%S
zQ{+73IGCB9b$y2F-uHb!ukY`9{(GM9AN$p8GoR~o9oMzid#&|e(`|xe=LcDK!7Ver
zT))IxP5><fI85L&U~nTu1wl%`OeIAZ<c-SrppA(z8FB=vC4n(?Kx^S>6BgLV%f?bE
zLMOUEtQD#~?_&YGgU|)CntwgVHA@WQiO?xXwZZ0+_v0Rz?1;xi0mvyV(F0@za>DWV
z6q<HO$@tY!L?ayjDL=-2MZcnXh->D1e1>};J?=n1LGlBAfyoc1XoD(`sMCVyUIH2a
zfIuISnf1cUkn5j82_|IV{Wvadcu8xgZ(0H@S*<l6`c5(*<!%2OUa~~~)Ad9-#+dwB
zt1!Y^^(#l-8p)b)W2hY?1+z%?b|#RxR?ivbIE8~T5CS_D^RrD*i^)vlJ}=EFf}3!m
zZCiG%xgbXezvx<b4bwr~R%|=@^L%&m+Dh8pPRr1@64tV7TOpxUw!irr%SrcR4EweX
zPy7RK4Yg#hqRH#6jE3=uFrvnwolE>g!I=;8(Y?!McHLNZEayd6pC1N|4R?ppumy)y
zLbhlNjk6>UGQb!My>@^V5uE3e<mS*yx>2Ci>myHPp2_)*VDmAly)L+k5>CoK6Y{=;
zwlwU|kiGW1a^{@W;+}0T31vB<4R{`HAAs4;&w?wBA0RvP0sRYi93K1rC8o^KpXtrq
z%MTQNNND4QkMG1T|1QRWKelR(Aj#F?Sr9Tkg{$#h)6#1df4RNiB4~?%@(*z+|FE3{
z;YvUA4>>K<*@ymDffe~DZOk^U{2jAFDW2`-+6T9@tgH4U7}%IE<6z$W@s)gjn4hFE
zNN4hOq-Lmc?vSpK#x%6Q<DS+`fjk^_xIhu*g4FxPDke8_2v4T2{Rj@3LI3|J|1SG?
z8zQYf2(JH~@QM!_r+ED+>U)QDir8c<iqj^egH@9Q^MfLIKfSt1Xu{Wk{AjER@m0s>
zZ}QB`AJ^s=f7&4kqpEA?`^mG=9DePc^oC71ImK<}hi&JOenxeJfwAgG*mfLVVDv}W
z_Bv~~y9LxPw4%GGj7VkwVpl|PExd_nUCL#BRkJXGSR)tWUjXj`F#@7-9K9J-f^l@b
zVb{$0xx^Nz*T`uvgq{QVawjIC!I1b%VEPjXUIt$@^23PD>oav{u8D6mA=^I%y1FM!
z4`j0xPB%Ti3dcuA=?0?kdL$e#LodD}l^>HTs6DJhy^~{Q^3$gTL>}r-({}U>(vvYu
z2(*~%^PtC|-$3%(D$G>V>cDd8kPeRHtK+#IAkJa%@I&*92aup)BXJHp51WvdwF1)-
z)&;Zt;;{MRI^<#Y73g2s9Wjh(O3=}vLf#~Hk^sZSLr;{@HADqa7wu3f9q6ML6@)tK
zYu9MuVN4AMHCsw&rdb>xuta`DDfE8uj(5bvh)|LtdI)(95gLUc*dK=&y%B-+n6`!Z
z)^H-2@d3^NA!H}ClCLr5a0#t$ZW3Ded3B*Zgg9O$mO_W7YQl+cD9~CM<5Ywv5A*7X
z7f7a~<Ap-C!Q*snS$o5tV=L|tN7=A|g}MS7pXg;$(LSv;430YY(aL)LNIetE(w@cN
z1~twbwp|O;m21%1Rkmb}6UQpdDLQfaa<_+jHZq&_mGU}EPsdz;tg&Y-z+pf|g9L!~
zEVc=A*fdH%%JkL8<o-`ji}$65jj7$YT6e}g{6g2NO)^x|hoWrv@z;z&w=_uPy$Jl7
z#UqnSg^ONiG7}wN&?GHvUIfjSzVgUC@i227_vB93R;~ee#f05KE!sBKx!Ov50mT{|
zL`_tXDn5e>zKuj<z(N#4Jj(1HY?F|J^>C0Skr(3-bK$Z$&hEafiMVkJZ%^px@J8M-
zZ#sugrM7l4ggvZE$ZVMi5TyR%Ye_9&(hKhckQB}<>Q-nr*S$-=WgXacH@xqC$0_sR
z-hAsnIdPw)sMW=@YK)fS=4#Dl=ax3(S<4^WwsmKagwrdZRVYVYTi$8d@Ex~S-DH)(
zTebcWzbC+7PUfs1Wm)m&eg)1tC(zLf3k05ovi(0h3=;><IX6g@2mV9F1EfxG*sr26
zj@~u~=XX7zWEh1F;~&jgPd8ugL3%4<4%g>PpIQI;SrC@!S(qY+={GT0UCLA@9L#Ik
zy=`>P;&Ps+Xibe^%gX;YE=DnLzBe<go<BF<$Y7W?LiEFD5HI^^nU>kL<~v%|J|=F}
z6TTl^$1=*D`(@TUQPzeX?GL$(@`kYD69vqB@wSQGs-jj2=Z1uH6|NGL4Ja}_aRV>E
z9l7PEQW?M;pW97Hc)#CF>1=_AOpGw?Rji@+>BWw{wsAur$uDOV&IL1605bA`T?f?D
zd}e(ZEeU;RW=qVX&g0Uzs)XaOw?m3S5}Yf9Bp7vs1s<&69^I^OhV5~TG{6B<DnH9&
zClw1(!47Txz}pJ-8KN^pu~n4`=N{c-$b*js5Mx>NSc2UxV)6$p9UFP-Ap%OON(-U9
z<StHd!B_YjVS$$<0KXt=XUV~P+BrJ_`_=!BlSAf72y5CriCZy33}&oQ4)rB0R1sZf
zo8UHSA8BE{yl#_h#Tggv`SSz^H}+_|Gy3(zr|lXm$g_l9*~`lxJ_7rbI%F9Qt40aL
zbJqoAJf6M%cHrmqi|q;fLsrHfa}dug*!PvtI*4Kuzv0`JI5>aU#BdRblF)|O0mc}q
z<u?MygQ~oiLYms(Pj2>c<z-rM3ff1gJZXqx&f)=33mbDTi9L#E!sT&|IwH!7;Nf;d
zNOQvQt^h*nH+OF9|334-bMXIiA56W5+l+DDM~QVX>S^O=cB(?KL63r3w2Amtn;|uA
z#XV2kWvy`a)*#X6Ns!Lq#r;0p>F^HjG`~lhP3lN<Bk+pv5hf2w`NWZmc9S})ysSnt
zP@02ndBw&LPpbV7_q=jdrUYO8db~l!RzW&RZ1OHr<CH)Q_LNyUgY*R{>NIX5wpc#7
z3Z%!hK@Y)i4jPkiQV5^|++R3txfA%|j6z8F=q*d8@-?S%nOkhYer4-Wuo-5!V_q5{
zMESu|HaM}Wp&nSu5PV=`{pxPME4~Y*SX{z4WbyWCrPXuo;)s(|*JJPaut3R!b`Q+K
z{V<TXK)*n`@q_Px4}}lT(01<lDcg|AM}fE=S&&4avYZe55p?&9kDYJ27M^s*hV|1A
zj$1PQ0t*=J6k>#kfgUIU=11GP7qbKbNR`FO55aR__Gjt}$)k~j4Nq+2H`Q((O+acI
zXlYw$m{hG9#7`?v$Z|%YDReOci?~=i4HC>~m7thW`9YU6D1k2oIU+4^l0E;2QWl3b
z3tnGQ^Z}8rV59$G9AnB8+^87R+dTtN`0{(9sf)OTkg@#$>o6!(3moD9Cq||Uaa>To
zK(tQlePHQE!xtC`is^mPg;*m%2qll+Oaa79=U+Y`uoH)Kg62R%Q)cWdvRgkJp66;Y
zJ@|&M`(J_@{7)B+zS7z2zR_QQ$N7=QOf>+Vi95$Fc$8ApPym1~UnN9fZ=R~xCbkNL
zrxbcQ1%3-&u-<V{)PYVlyBI&r^8^i11q*Eq^^;ya9opCnOLI%;<C^y;yT%P%cwohe
zf@fQ(+?;t-TsE+UdR0&61$eO!JiMjD$u>hBx;L)oz}tI=@FrC32DQW3oTJFL4_Hh2
zwww9alYm;L&b191uI-xgyJ7c+CY>IWSbMXtT5ShuLFY4rLkA5$FB8vJ5g(|?QK<IX
z$=upiN?7b=D0=1mZa1f0wZ~tpM>Vof?p>9deCEMN<Bm`7mrAy0&Ng70_f@u&ZX92h
z8Ta&@or{I1?5)QA_J0TV|Gu~6xUxt~T8HGiE5yI%CY$#!ASh{c#$*gs+w^p6I$zrE
z6Ju6>Z{tPAnWnzJh8jaBzbCm$f?fhFt2droqxMzTT}aD#A)9r<q+H|O<|>+G2t_6+
z^zP1Wt6bvqM5ol;YTC92OFw@4ElDLP!oXN@*lf3bw1-`V@$LGqiF)CW*`*g84N6<v
zeQa(YWf;a$zLbTCE>^f$l-nOuUo)s9s(optQ6X`;O@mLIvvP{9NT}obM^*Vb*DDfP
z$=!b(QiyjwRCc6nh4ho0B;weSdKHR)^OAb6Ezg>IHukQR=rM{K_~WQ`nES`-xt|is
zGS#XAo}b<l-EyQBgq8JvTO+%=kjmc1J!Tqn{;+;k^o^3%Fjh0DaW9}BYKy3|%iHX)
zM&1jIQTh0=I(_+|T*XF}j==G-Ww$@Zp8B%NB0MAmHsFG?Wb)<T-Fn}rgfvS`Bz{ee
z>=cg+K5d$It9nk;t7Su12HVw&mUe{}?=?-0%&*Rv%#XNNalgg!_fX}N{kHv8_MCB@
zs9IMNt6Oy{n3IslX0-^53c7{rzN)G_Q{|-_bKG{hu0q7QtMNBw6y4P=jpumdl0}Aj
z8lB&9j?}w$d(&-d3}w=IRKaz%miuGk)>lm?O>HBU<*|i$C6!<`>Ykp2@SxYZiY;(F
zAe)vbF}2-sO4CggeNEwd(2!HeyR7d)=Bzg@O0v<6F3#{cDKZ6L5|O~6e|v#14t;_d
zL$G(vb1Xv9xqhbl7qkB62t&N#3-M`lqs`H=wEV=>Mzt`NyPL9AMK*61DAjQ|TeXoo
zZURCK6gNutigz27?j7H<uT0lT=g7&=q_VecBCjx#$_su8N07X&5)?qGJLk#iq^m>X
zq&MM4J%sLLh}E3@Bv`+0FM<}9wNlf@Ik%g{x(U2HdZ^bPPFY_PUi%1{(PF)XYm_#a
zlx1XG@3cO1^3oH<>U$Qn9dkU#dJESKyxm&cLE`6O%`huLTqgL}KEd&ytqGuvB1?zs
zbqoOUBZl(*ViaSyh*FZELwaMm?UX{O#I7p3!`iTILZ9Ql9k~tX{lO-%bBLslat%=O
z%$E};4VO8eYWwIGmtWuM{`qNm;YVA0BZ!DeKXlw@ep=umR&ua|hOMla*cfY{e@w#u
zzx_sk3z#fseM-n(amOf*<H&Z6fg3l25$L64t1K<~p+8UC)lxVqFJhkM?{A9?Eq0hq
z&Yr(bHUwz>Y6+)}zkJG!YMYlVW?bd6{;=M4;6aEwn423}Y^!f`>UL^kRf_Y4V_T~?
zF0|@@66O$J`%=X;Ry<)SSJTMTuAu8$)rpVH@iE1Z8m^DedH9dT?3RA~Siep0likQ?
zhYjZyOK6|_-<7ObuN?mB^z&K1f2XK*Qgo*lG#z&vFxx)$rfza?C=~v96Rj9%Q0rXQ
z|H#hbj`kmV_Kds`Z99fi<--kIUM<ScQ?d=VWM98?$Jxi0LZ57OD*Bex-N#XX?4`XZ
z<LlrJuPqMFxdZD@Pc1CzlU$N<rs-=+hu3G?3ENlPr1bSdx-7h(eV+Pb6Sqq=Q|5K@
z3(Y&f=e-MiXZb~sT2Zkp`Pe9Jr%~k#vkF6@vOk+V^9f0WCGViBN6aGNDaHNxFJEHJ
ziESOr(R;;8?YUjK>H{Kv+8S;8OfzfI3-L0VVMm86WoMnnGG<&W*S}a(>5a5leO!2H
zv~*hS;Ap~nyO_v#x?jUKm)XCyur%}SmpyaF(fHj9;+?)&zdNmT=ZHsBjZduTOO3o)
zRxQiwUxzLN-&6bXs<YumIUlN5&UrO7s5I`Np!`?+dU3<qAwC9$P9{*JMGWxqxn6U$
zG+92kpSwj(>7B3>CDyFZkcmsQT`H_Rockhelk^#z7aKS0YTe;J$*6m(Bdp~*&)T+`
zyFN~D^uy3`h2}gHCcSmM$UHPM^xCMB2s@(mWzXU6p>K{mUj)iX#eO;TF8AHuO4;^G
zL!8}V5bblu(xx`Cby`c)SjQ)nACcPRLa%7(IQ;#|`jVL4Zvm-^AvJW_eHFXJIgitE
zro-Kb`rEl))C$Jb_SlA;s`T;dvVw-bvFu^ZWdr8ReI(rQV=nA^@3>yAl`Pd8&fMJx
zUe=Cy|Cyoml5Vph=64OF&2!7sN_BTEU2r?R+l+MMJI+#RuA5AoPKoa78n2ygm8ylA
z9+o8(f4hMS*J!(M`rR5SF<OnM-)u7cEi9X+?0tGWNDU^TV!6qo%;e-p(Ua#G_GSI9
z9bWm`9;ALE^9rq1C%}uK6>gDWz1=EcM8fW(l)8aja(dmZ99_XphKkGDWjFn`KeaRO
zb$Za9yH&K~cjEP5o5Vb0D}Z$vRrDP<CJA?Z^^M+9b>4gla6tvOE5%ZH_ja4#BmCcM
zx+RsowH$hG3%&K@sCj%(6)FB8*_pH&iK+#IARWQ^aGl0W^6>*nL8$-YFFFhkYlM&)
zg?K;5Ai8OyUEq)~1~D{EA^{4R#z5~B2x)}MO>=@tk=ijfhw3T#+UKvI8t!-8#Ht*m
z;=<#6-&C^0cqrf`2+4)$R<M;ZRxnJ>eRj)dbeb0I(_exp+O!{x_P@{v3;~?6)M+3J
zkt!w+k)nWwU}_ro!?gNp;m8lWRKtc)KROtOL*cKmOvv924xS0VTmGkm9`rme@a`ce
z3KplS%U~gGYqH&%0aF9-2BtA|n;@V3G=w=tgK^Gyb&$IswE;lgeB5^Q1nTx7cmnZ^
zVcnpCdZvJU4A7BR^Kp;(oraHAGT1A+$Ahe}5B>aT0%*ka)(jCthaaH}t|t^{0kjcV
zm_HF)zvyQ$9C!@u3xFDT1L!%);N{_52QeTo?xhe?|B)`s2l=PHQataAM=*SJwCphE
zTLT~CZ@3x#QWWL_wWp~+ts?7-V_6O|;QhrRzaAFwmo<Z8^6%NW=DFLjCJD|Mq&qSC
zz6N42eocXZ;9wY3J+zDh1aL%z!SdhZ1#)_JBy(#7OMT3pZP}WCv6gWzXS|d+yL)`B
z`TT9~C-YqP=q_=#G`kqL!eDN@xLV_AA?ofB<V7J!6S=!`TNrU1CGdBFV!QerFNQNZ
zP`Fr?vsiuX6n^-Ci4>vZT%9+ecerN4N514c&W_BMClrxC6JJL!W2yRjt!$W+z2VjQ
z=#Jjw!JVf(^`2RNcGS38cIdr;cyFy}mDp4l3RoSTqOQkcZG+r&c%`6rS1VA!8mbAJ
zdZ-E^U;FWGI)QJ@hZHHi<z9qodI=*lreMh!4+kt!T$@2*+t}Xa^-IDzn{J9Za>V4B
z$$JCdXQ&uFj4wYMIaRr~*17YAj&sda=-+vA&%c5AEs%4oDURM;2TFFIHcRl4&K_!&
zY(ePZYsT*?9sZCk)+$|XvTkF`fJ{J_Gb7LkUqgR=ChJvBRtEDr)t%%b5wqp^j`6DU
z6>nP`-yMFGy=_^Ct82LV`|2<H>)#~elw=|-E?+L|^2JTg56NSHz2Fe}G|I#L4CP&0
zQ_@G({N{$wQbQG;5sH6=b$e#nTPmF3RyUM;Z=lD(2#>R!9<wv0Jlcj2){H8U#J==o
zMTq&}y?1qvRlH9%NlKGU{LQQJ=KR82J7on7pJp+$0wH15r`MFFUGHy4YE`XMN_uLh
zrS~*Dl)L!;DUq+?)@DzGE`FAw(p6-d_2pjdsM-HvZ%Os$jwhQ+_elw;t&m9;inUaX
zUT1URVK_Csy85Wm32%pI0i`LG9j#?*Ymz!M^30mZ5qh=>*&_}dWg$Nfsf{FNBfX|}
zeJ8UZJE5ru&kSxpN7rmvena+fL(}RvTej9R?g<YKNoUgqICdYLm2Q&fs3-(}Zck&{
z-?4Mqx+qt|RaNZZE?=$liSc3C?;RWR_69ufNMCBY<dRKY4bg>`Ip&$0W$F4@NiDG>
z&eD0%+hzPtZof-vs?nw6(XFj?DL46&0%^9BW0G6gRB;wrRQ9%ITBv>)6nr6MWW380
ziL=?)n5p{U@+}b?YA|o3n`c|s>rgS1=4R5#o_cAe9G3pw$La3X{cCQ--I7w%F%VjR
z+3$qX4z&bhLlrF-dFO%5>i)9WXO#t6Ln%>}>(qwS5>%`Ta%7|Gog?(zzl;(a!ias@
zUP7%Ca~c^7-44EQ7<H;}+J7c{t@r%IcXRt}%LWPU?;XY^CJX~}%QA!`BHOI(*WCKr
zal1U1Y(QL-&`hE|WDKYdC0DG+Tj(CPAEYFF<jHSXla=wJN6x-EP@9c^!AOhXMA3a6
zA*{OdQ4py<-MkA<`naoxV~e*^o9eaXbnnw&nykkIGmq6B4I=Mau}=mc(Hi`TlorQ{
zs`mw)AD*k{<)4Og&2`BC3=$t<13JUr`@^oes;MhCMUE04Tfg4&Bu37;E};X^2Vc^u
zK>;^0-N>>;ii&nvYiEdFRQ92^-G!m!=U?pT3fodv)-L1h^A0Zxn9d(lq?Xscjl4*2
zLfNc*Q9NIsg6jr*Q9;K@Z6&KF{9(fW!6`cDy^Z_P`HK$)ul-DNA>Hn{L{9DUWwcYT
zqcgZ=Og%~FaOA!cF1@0v?98IBinoQABqb$>AI|dL!V{;pQn<oNV3R9QdFn_0ore|S
z$2w!rRCy#Y41l4}e9V3c1WsdYdF~|6rqE*ZNio1;=NOSVmqOVV`0Lb>4OzSe$v~Ia
z?{RG@$;N`zH9}>|^G<Q2u7W@X#lFyJLiz;3Lg_jP#kV;O_U2s3#LH+mhva%o%4{~Z
zB|k<#Hr+MigXtUldqWqiHiaD#5vyp}A0)ZhFDtsUAcG>pC13Orfjlxmq`~(}F8?$q
z&D6$qtQs08Pu%=^e```7SRlZor=bUgJ6WK~TalM}iKl$9$g|2}RjhY%blMcA`{_9S
zy_(_VTIq>z`Bt2z<GcfDCHPU61vGldaIhhYw_m4-FeUv5jVGu-%^deHzcC2;BgxAk
z;rKxVJF_&hlz-gr4e|Sfj+~BBko!h|cRah5YcwVFX1UmF!p2WuN*vSF7%9aTnrT6X
z+ZDP)-yTlO(VY5=OYxGoW%crwZw&_jxj_nRSzWA?H)$+%@q^a8_A+;67hRquerC>&
zvQ_KTpSRRFlNzq$7kTYx>x%?iD_ytCTb5X^)Hs^&I9So`qP*tptGl-^JU&!ZSXx)Q
zrM~c6qW4w8L2CWs+^N0PqZzK3bZwm{H+187xYdm1rl+!D-V>4t`nHT&wsm@~x!ziJ
ztiCgW2Q$wsPx|ehc<H;-Mjac~KP_@H4bJKpeD-Z+*3C0jBbvtRHMCnFa5Rhz>R0mI
zB8_ymOk7uaD}np8OvkJKUe%H3B}+71tkttV=0}`pKB1jIr|n&hNqV?JM&vj##Lza%
z&1y(Ca-)x>@z%_09f{0`9xF%88-&`8t`#T&mqe%zGdlk76KvOmSygS(?IvPna!*%}
z{YhLyXto?O*Gvf+{W@Z(_H3X+=J+AME1w6SaK@n)>GQY0vh@xY%<?*#!aht0S~=O=
z)6V-{Ntp5Ng1Z1QLb>O$ajMSStq<GfKh=ACv*KDE0!F|YmE(Uy(aX_2!A)#;Mm0k(
zGo(&JO1r<qUCjAwML>|b(Bdw^(BsVQ3fm0yzx2cfJ(PKySRXl@-RQNO?f;B(oXT<t
zfQkzBrIBOFN=YSI_msc2UhK5IKyrWO)3-*ga9grpE3Jee)Pw)+3=<!+iY0q#c@AT2
zfb981ar1!?=8d!0_uRc>XSrwf<#%_#X}jw$<wj=Q3|V7iI+f))!N?woxK6Mc{H+JS
zoMYA=Y(smKL%d=C<Vx}Dn(nc>aRxKgM0<Xr?3>iRD?9cEEMx8ptC-^$vZV0D7N(A$
zhHa8rQ5!wb!z{6rkY?7stGQuvbYDf8<4xvMYST%2&tBViYo8x6s9ISrWuU)J&be_S
ze~g!Iws=J68gQsM%&`Twm<*~EJL>@JH`mO}OJgUNgfy>pk*oH)|K<>VW8|JC2LfIc
zK8(Np;D*|)S6tCj-hwLLx}L~4J{#E?XCrRACnOk`IEcin6sK&N=cpzjaYbB9_x;hl
z=m47l6OZ}Fdcv|c>o-xOMl?;@21`RlICiW@Upte8Za%IVA&EW<Z_N<f^u<g$Me=Dx
zDuE$FSI9niu|;I|g%g{!@J-K1ueDTssV4)cbf$Iy<br=VQE-$#VNqj07?o_hGT>E_
z&K?Vcycb))+7`s=GmUt9s(v6Ax1mG6xW31gvs9I*FIH-<XU<i;PF3^)AyjsjN#gn|
zl183v=YoK_0@9=Gi5tBe<{|c0eP9&l&;;43h+Le|Lp}VlwG;esKzql_asX}Gbz0+>
zOL2mRatHtvQ$Um6fGF6IifqTCXNbg6%|RQcG_~{8McJ9*q#t3~;CySku7)&4@ZJyX
zZqFpO9;esy2#A^>3$sAjxUoqnysI%d1_Cy0VG;@By7TYlys#$Ksn&wY0-=PBvc*$I
zl3qUoD@G7Qv1yYJSPO8;)sOFxm^Kr}5Bgy`eD`=L3LYm9X|b?xuy9}k8FYW}(+%yc
z;a~yhkR=b74_5II1G6zK9T^Bvu4zE`M;rnfMSf#s;8e_d_=N);Ob~C<dp>PBDD^Wy
zI;4^b!ZS+zDMa=NcmN<M0wxv(W_g!whxhWlnK*$T28oL_plJ{kSiq{CF>p$!sgQpS
z^{SulIaUSY*RTW>jLkQ&qMwDrVqkm=*b)svb`WMOpo$ICep|BJ3=4uB5!@Yg=$#yL
zYM>YvU(|JSIanm}_#bQt^5}2Kgo?q~1Av+wIuCz?Co#eWtn-jBH4{3$37f{QdN2>C
z;7JrNPl!O%4*{<8rsLHz1?HjoK$(Q+aPOgHHQzF+LfsdIKt=RQ6!ALE|C|cE$H-3t
zZ<H%AgIx@BS_U9In6<*R!cSn(-b(fK<C4s%hg|tP4!8p#%&wRq%mW<%^982rS8ftM
zWvo9W`ZI3wW)A8X*eX4R1Ok9``?Vw)?7=aoDSPsQtix_527yMA;<agc0&)RI1>@JI
zrnQG(vyW355x&?DufoHw9I&4Imb(cePC_BV$mOKt#n)}CZ(L_tb7>n?g(dapwRWY4
z>$F!~RIEyfQHTkC_wJ&&hu=X;m8dkSXd6$A-D?_kD5UrZ6tLTH=7F;3VA@U@X+8Hn
zn>V<>FBIq<xIk*HBZ&~c{n;MMS*ZgeJsR8(_@o+^kdos;$1v|ia*vPEVP95{{;or|
zA1NQ$TLY%vl8V-ANp$gcMZ=*hN+fZBI^NTs01Yh!gL*YllGIX7;HmVH%y(%+uJ4X=
zb>e_|Cvh_H{&;9J=q{*@a-NhGlfk?4qlqs*51j&_4KmCk^aiTO&j+zoN~Kd)$aD5A
zNK5B^g#@H0oto|A)FG{fPYS?N_BZxY>*mI{2SLAYJ%xU7c$Z;3(@nsDPzw-f^a=tu
zF5kOE{z8Ss9aCDK&p1z~=#EjdIkT4lQfg!=i^f|h1Gl;sZFEFdiL;&F3V_UgatMKG
ziwAG{I6f{JcF|%%#ePCI=|1UscBmV7kQ3^+mXb$B@1t=_G(aczI|k|-6l@Nv`i>Jx
zWy4=~5+xy0!+^ls!Xxb<%}fQpXM;sE!4pi$mIm+SQ13RAUT+1x%&_qzAD=G2ceE-f
zeTX_=DC?pJZk`%0a;lgoWzA#|hL*CZyoDfu+rcDm`bPbYbcQ&~hd$}YIJe!j+NN6m
zPD3!a*vxF5>yfi<8$GWIKXj^5pa-yo=fo2dULQ2u5N57<Fi1(Dt;w+e>oVy~JL)}u
zDCG?f*ehOIADjsrb-96YCdVA`Z%*GlObDqamC0DZ=>Yixe!v}Qvk##x3iJU<7tVEq
zi>_8ZtbqM*)j`l82;>JrIK;Ms(E8PX*S+FD<kxj9>CNakN*KB*y#&Hn*T7MWIZuE}
zuqwUje7@rAJbE5SvdViCLfGL{Rt^{f=sw7~UC9UCd8ERwb3#&BF#;X7d_7O+Mn0*l
zfrJ9X1MtkljET+krKI|jP~Kf_BdQH);!nbFzas9=V`CH|JC2#Qn_bmnOJB$isidTP
z4qZQY^yrPSAgO(ptFElr*;04s>|=v1-Yd5`)>@i~Za>tlOUcLITx!%q<!m2s$>IvD
zGT5qc(A&U}_dmf|{vG%DEXbodkg#gz$!JLTBouS#AW>>L4#PTwqz<1Whs?nT$LwWX
zVT>p;NG;7ET_9gi%9ClryB0Obk!T{ZoJlrS5acfkX>9}vPSq4+0)O{^_DVeejm2DI
zDa0zFz5Z2u*(6M^NIrW#7+{s-yoHdQn?q==r_QE+GcJHboDX7AOlK@fnhx6ZMhF^W
zQ7iHJkY+w{NZTg?WwQDRlRl(*!yfmfpd>t(!6Jvr<qlM)g9}O;<R<8(aR_j_{&$G~
zUs^>guVtVwRki^4y9mg(?maG(0BOz!5go40il~N7qqjP7P?S`(l_$zJF;A)O<EUQB
zinM#<`q!48hz$vUY_ycqYiaSlV1o*($_{XEX`Ci~&Ol)h3YE0ekB#Gmzj^D3epPw7
z@u98qL}UX5-G(0Xzh8rKPeBpc87-wUkh|Z*ZYEa`3|}O0#>=GLM|LvM4Q>u8W&1!e
zB$X+X`LVW{m>QtA>=W!ylwR?(l-zU_hXaqKl@}(^KLV~i2(>by7kb<BavGdLKY$nw
zzFJ5g<`j$&GF&;g%+Pnx6#u&{tS}21VCFfa1b%n}1Y__kP|QZ)DOOcxMp90PwoZlN
zK_=3>eB%(ROD~x9pdED`5lD&5Xg2&nH!N5JLLz=76ZlStAV>*pf+rEbOgMTJMeWM(
zhQCZmfud9c&?SZoTg=q7fMh)cM1vlNeglkGGr4VYs0S#PAE|7RT=+AzVTX`8pTik~
zPX*v9L=1r`Iw%NrfsZ*~ePjyMUZNot7Q$wwsh9$I;>dd<`U}#=9N|F-I+)9kgNFAk
z0^JNa51_CW8ZaA0wu-`Elpt9VCjwnV5&1KLBkF#rvz*jl2(M^pu>6b>l)E$!>2CCI
z7^MYj)OQxlD)PUAiibuDuSQ)5%CMOvMHF8PeS4-SNNI;}pggM&KbbIm{2;&k=V##{
zuMJC$5-lf9C*pzLCPyo5BK0YfxjrqUT}j?3odqRFhW<#cXeSIo1V;_;HQf2p{#jBu
z++=XJ1L`r1`!{ToLQ!B&a5-9iu6OE8kjt+{Xi)$REX4f<n1uj*%bWPS8a5cFprS-Z
zG`Fa*5_SQ@gk3{gHlo_P#b;Ih*Az)oC>n76z<mIV2*@sK5uF3t>`l&@kG#b`bXD@F
zO*VSZdqvg<a}({-4)_NTrG+ed_(JJGMEhm>-@HnoyK>+ua+ZB?$u}bA)u`A8UWj;U
zTKFOBVcwSK=cOpYEg^I5v&$s?IZKs6$y(tyOyPKdwimmJGzw=iuf5hsa!-wyCX-ik
z7P9foC`~KA<L>?04Ow@ueN}wXykO;#ego?Yac1b<n<we@yh76-zSuS{8zL4lkdV2(
zWeF^`d*NSm+R+Ar@SW+2BD<Ff?$<IrD_sm@8=I=ske;9uP^Q9Yhc7?M21y6l%Agqb
zBK8dg|Dk`8Ffa%0fNrouBnIs&^ZGA$u^HmMntvZ#tuBVZ!2&Yc)3<@y?V={OG!Pv`
zMO~hb2IrBWkPEblSm^|=ohG%*{A(J-P=Am||3BhK`Bj+yrAY3-R$-!N8zFrM3n0Z(
z;lPg-x5gKUo&ZrJAVh672u|y1H_-oK5vE^Zp8xb&p_KGbrogilSh6cuNo9Y#6>}TS
zxe8Z&HP6aSfl-X5L5!CP!;+wA+rxn78juG<I|z_pEj3%6f@TUtW%eo|_=Hjlh^twR
zJl#Yr9c`whkjU0it|$qXwX9H*L<6;Ud7Z-~1kmLZx_H>`zc2U&^>moZkC6*0u=`O`
z2+M<b{T~Vn{h-u=f<kCnk)p~!`!jh~SmG-lEidrfTghNnA}^~Mvz46~atF{p15x>-
z><@no{JKBLmx>Huco=&6Yr+#w@Q1}Zll<`uyZt!o3Oo=tP2QKhAMIll_>W!-i6pa-
zY#{tcQ3i>$U;t-LTflyxo`J^_2=22S;1NhpK8(#3aPv$X`BZ0QzM_OgUmRixf+aaW
zOZtc1`@tP}ZJ;Y4!>VQi^8Q1`>=_d{h(8@ue+$6n0`r2^wT86CPkde>5N!WoxQ8<c
z9^Xz#)C1v($`ujl(=JVH&dE?j4_$UJeUqujzJWf81RrFms7<0J0U>_?T^@*g5EFdE
z-Hig!7M5*+ZnJSH$qI88ho)m1{{ZV9xBwA_JsaYb&6o~qG~^)ku;A^g;^Dg}1`Ixn
zJ(7<;rpTgqWI|#Dg`<QQ<dQnp<3GTAr#b|C_Rcu};;~IJ-0l0$UA_kO3Tnr#ae{6k
zxiOuH0bXsmT*~>GgNLSP5_$vz2ev-)K;IJ7m^O=CH2K4nA9!TK!q$&lgTCW=YcU1*
zPHZivJ3NN=2$EZHDj@xFVwGU%OjVe*f~AC($1%K(G#YudTa<UFxPJr{%I#EQuM0`}
zn|=5-V?IZ_O>~*t*2x<1b>`JRW!tscd5rH4EVU@hnq?~yWpS_e@j8p^s>TAUIs)^C
zp}HY^tpn#lL@1%R8qfVR5WRb}gM5G~7bHd&&D(l5>xzZQBO6vkkm|kHON*5x@s57%
zmbF4%loFEPan*icm>+w@61yQmYuLp;+={>MLS5KRVBRvfrWLzZcW=L2`0Ct~+XDGF
zTW-2$+r^q%DC)bD`x~dUt;vhDgt~3p&VCqS;E#FDspc44wh@-NWf|6-tyLPZv%F1u
z*?0b}F{S;1YMD~=?3P{g&(!xiW(G&^9co{{x&Kx_K2KZ&f9Q&v#>r?}=lMwQyd<#)
z4)&dlKh{?Xezm$HHkI97N_c?7-zO~1b7e-9nrDPWQq!$MGJ^5NlaxZy1wB=ArTLz*
z*5f%*WnMK0EA6XdPT(p&By3bHdH2}zoi`}Czm<H<v!sxUG<l0oc<l^75>+yOLgMn^
z)7p>MM#{rGGz(8kytgIE7PLNk)Adl0ag0azk$%aZNc7q}&v8R`(zoSWlF{?#t3;X@
z(;YSBWIo?sGZj&OCg?W-o!wuSyn6U>G90$+C{}Y8D@=$oLy;;6Tbm+4M8_`9YxYda
z6F_P|@`=#Kf$Qf4Ux5LxR;0lo!YyCE;;DK0N5--8kL&L6wEeE$f?L2(c7R*@7G`mS
z!aK~npm{MbfW|wx`!#7y@Z$_E;V;P!1X7uFm8PRA?~X42Tw_ExQ=xv-T!nB<!e0pn
zbK_sJLzzS#?FMxu(qWh}nf1!ZpI2MV+dwGNq7L!%_~1m*zx+SW(6;yo?d_Nc%Frfo
zB87fQ(3a_x!@|4)a)dK$hK@Kw;d%=f2HprqOd#~H3<0z0a}N49l?XxA@3qEduzQM&
zqFfHbWjjSeNJ2<16;33n?4Na3dL2+uz%O-HXgtNO8Q*bcc7%~+eBAId<+$-A9w<0)
zuIqhQa}!7%ei+{e5b?H7m%oE`9-1m#*i!&P5dpJI5Pl#cqW6Q)gHG4aXzGh#k+78f
zdGHU$Q8oSVhiwE*Z3P1Wy9uy@D170<YQzxP4)6AOBz69!zRC<Ez}RnsAfG{x2V($!
z!qdcX(qAxH8ec9YL3tIB?0n^#FSEA1;@8L<n<|{S96<VG7u|F&AW9maDYC-HVaW)g
z27EVeT1EJgGYrhPAl|tI;z?07P)L?V)6g|CU49P3c==Kk$aS$P>VkXC3eC|l<lCcX
zQ7IIV$!M~<-jyrR<4j~%Ky#=b;Ity$ABHiVz;g$}tc0*B<58Q`Q9CFZ8Gby$1ws-2
zE0{l17*TVeO}xca8c2VI=zBP&-YDr%9h388WvkKCh*jhfpg+(Y@n_M{L6o#NI3YKa
zv^NAfd!Isy_R*gwL;prigN8nc?yxTW0<DE`JHBQyRlB%}(V$CD^bYR88*G|@v^^|h
zCwnfUze5)0pU1ptF!d<A$<%>H51J$u;;(Iw3s9LG*{yijA}eF>{PFPY#-%%=qwWv6
z7k+UslHY%%%fRN5%B7~T;j=F5_CA!-&6Q1N-2T)BHX}B1W!w2v!5i$<2_c;y3@~5h
zV!ff0<rDk3l(y;fxzI5^w>eI}h3+9b_$`~>Zx^|H6DrL~uw?K<hcxT}AF?LUJ*Fak
zq}#tP{i+t%05EA_JnfZu+4I->uBlMEYjhvnk=TG+qG22m-BqxUlLQ1vA?(}aiM1FY
zoKEiIkPm~TnQ7R8-|%<bbC3B{w!hop#Dpk~a|3qMOY`9Yprj(dut0mEd^&jnOyhC+
zp)B4?^|rmFjwf!Q^3175TqS1m9A$?$L8P)h2=na#Hq>i)mI#Y6JcJLO5Srv(fkrL@
zlEt0HP3H(Fc<FH?yiPs-c64*k@yy3|D@_{r?r^^my>*rSDrW=tk<r2vQ$?2yx}$}w
z`jeNGM>oH2{`1JKOQ~-j`#YA-?a`_A9;^^$pJUv_L+P>UF?bMKV+v%gc>Co6Ubd4*
z2cZ+P|E7oJ$Mq>9(X)N<oj&mvWD>R}P)-)GS7gaV7xIphiuZE%(KvUA5<q|40DDm9
zZ&1n6?4kN&0Qs@EB5+`mp7fswW&pEKN0&XntQ_1OEu!xj>~n)yCjqneb0^SG>7Z!}
zom?Be70^Lgj{N`9SPz^$7y;Q0TT@=P!h{K|niNZh0NVjIX01?NfP*%6d7Wa?-(<dI
z7aNjGq?bi%hYaYYANGt}t+qurK;X7fg3OiuA)?|M?BrP$YpY#k*1l_6HaL{CePf=Z
zZ^EI&VRsxpHZat;jL1;X`)2BKqHGNP5X)$}u&u^2w|6W2`R=907177N6Og3si%C!<
z57|zA#hCd<hKkyk#!y#5aT^cCB+Ymb>;mlYf19%m_Hxi|sGWCN1#0J=0+}xe3~-60
zUm4)KF&?O()A>J5IoQy^_ofvNw+5E>*UHhtk^xDOALtW~Y&mk*P;Y4qVlWYB-)8FZ
zXl^MGXHi2M&GGa!dL<Ca68&N1{Xypm60xH=3@bXDz)DVOQTlwswqNu}t+Hp`$Ntr-
z%bn7H?~^Mtd$$wUVkMMey*DaeWp-^>N!zmdn-f1y7}6h)sXpdB|J3Y1L@A-NtqC{C
zBU)~ttO^+s5EoiCX))oO7v%GaB$L=Vql8pB4(%N&*_qVUI8`;Jo02d3b#Lhi;jYhm
zKz?;OdjQZLE;VOw&*o#?*TdN`PrJK<s7x0p4E?>W)G0dpK9n;>@*r4m{Xcj&dUX*m
zy9!poVNj=k4SK7D#0Q=s8!VoM@~kC1fBFhiOAo9U0OTu)ZSq{v=*_U5KEf6Tz<Lk$
zKB0a)VYr|Bjr$ahH^#yP|Bkx+JFfL9?+?<43CMnwGKG4RK+E>ef$-i&3=2(m>3|T=
z$EQcZTaTP~*gatc*|y5$H^fQ2h9&IZ1TuoV|2c)9f9IV9=P&^N^sMoiv2gU(;NWkh
zbsX6K|29AWK9s3H%q#G{kMI*?yb+&j^x8vc*3AP+|5zNtzm4OJ-h?05DFz*a=FkRx
z^inkA2`q<ypPzplNZ(D;#{a)B^u9h@WK7|Q&Pju(W4bH?Y^To_V^>(6l&Sq}k@v%;
z(d+WkbL;I^Mb8^G{u*$`+R)h8_{OR$d*@O<h_e5c5J<s)*)`{t`psRrcRD}NULU?{
zdcHrtcQGj*3NM4$MwJx?k*MhnOA5VFPXYfueYni%5)wn;c^0}e>Nf+!@}sQN;Pmsr
z1c_zxv9$2|aCiivzV-jaQIH+n4Kz|eG7bN895!4dQ0ot>E5JPq)fL()QPvQ=_eDjS
z+AD!65Pfq6k>Z1V{aC*cvW($l*oSz2SAS(85a3Xe;0Ig`(=oy8zoHENYLW+`!GOh~
z%h)^z6eHy9pFulj=>D;IW<Hp58AgUkh*6n!Z_xf0V6vFB;2usCt~SW*(Ubb2_VH2d
zDWp3BTPx_6c<eO*MxZzUpf|!kAXN<L3}y-s{~$L`nb!HkXef*tR^5ESR~$Nv4Tf8@
z4YkB+&lEs99b%S4?SK=02M(qOeg-NgHl|-7MQpw}(Vt~8wjm0_dSUIbTM^1Yz~cxt
z0fc}LYD@=IpP!?S1`1A7tUW*zF!dCvFMs2Z)do8Q(lD`ofzmm#OAAni|HQj7jhIZ8
zZX{rDCA(orJffxG=SZST*<QJDmw?R}X3lirmHS_wBz-zg;AL4fhFmH5M@fZ5@o5|d
zehoDhsAJ2C!@%dgPpCEoz#|SoFl7^-y!qJ*@<oLCrSpX4Z^kSj<Ok|KA^b&9D)M>a
zP~byF3u8Ka!j?B5-YaYInlQFSo_E^}$W!P2d$ys^OtxWG5>L8WpZUJGgs76Y-D_o#
zhv~kKiLArQb~5M1OBe4@)Wv&ybY`>uxIG>*93Q;z9VcIk9B*(n#@;?B<VmKMwA;$5
zHrEhkhG@5s&e-*&jaNjsjp@9);$z`=xv2lx(Bh>bu@Re6j&?on*3mG{-aa_w>2qM4
zTshrt>r@i&+}gi07h1dFUq_fP$~zVN&BOgF!&dCj=f;W9Ov0v5>jpGh&Wx7)9u{O8
zn>x3o>^bey*{Z`f_kOot8T;{JqgU^?6Dzhp^nJJgq34;E$!Gr38k!t^aj@rG#Iqom
zrI(A;-qK^`?{D_J{mJETp(94`q)RRB4P#E~Q0C+iZcs%Xv{v@s8*@Eu(zO2T-GUf9
zM|<6Xws|okLD{(Rbr;nvWip(y$gD1ullQ{9HmEI5>hOlY?#PuvdR@wtrl}^Q5I?J2
zMl6gdYTZ}aqo1w=KCe$A#WRP~k;)IirS_TDq>(2_L+cS?d1{X*c7nhF0xo9K@)ML{
zLd;r{h}I2kcOrYJ9u5FNh%e=l)Ix{uD%!WmgQIdY9wFbdUh+Tyq-p*gxAzkX;+LGj
zrGJSq<j7kx<I<l27<?h#(04wc>1P`G1|uCprMAh;5WeLoRXcFkh9gwXb3U$}WaFbH
z`;+_@_S7vQ1=z>705<HNDJD#5xDPrAjSbzfcw;`PPoM&@a`c~t5Dtp6S)&?Xy11nj
zw(*3Y_OcW}Qj5eGzjK^o*sgku9_g9p1(bf;KP59PdotnG@a6FOWuu-pbXvQZ{JX48
z-zdA;kET?52@CS%*W|c3EO7JF&8#J)CJ!i^>Gba^?X}$)V7M+Z_R3a~x$67g+tTN*
zo3nGpiWO4Y2hKcA4v63H%uxJz|IqF~iFtGB2SU;}u4~-4Dx~yz#oFX>8bNq4PY{SL
z=Gzz@K3*vnI8yWCxU5`YiFo9`O9eY7vi1;Hh|5HOth_6ufsgQ`?O#GXa^&&aT)oMj
zr3P0|?`ZgJ?<ZxATmNB6<K>;Jp~enIP=Wn>?h{+*NG(U*J)!ZFnSN|{b;<0H)vGt{
zl+9k8AYGD~Dde@X$ID`Blh+=$cWZZsokP(H*&65a3k&KG8*dC*<RK<A;Ma3uo%@qV
zQOdz9gPqpqdPuHcYGl$%@r~ZfityW@q5YIie6upd@0?UDH7nJ9)ef@PfZ(nCx9`>4
zqQXqV=U<FUH{^=!59rkpX3Ce6my8&X;ziizrge#SUud#p_mX5!6@EFgc>KP|g={qy
z&q78T{te+~<gA_oJky?<Xq~!`nN*UIa%O}7g6vVDE1K5ZO6)6T{1X%|mgG)sx%MPq
zcqcd9XN_B|gM>a)^~T^FvWr|W{jLr1wuY7H5|7Q%b6@!2xlvlH+$bkLrst~`6|9CD
z6)U`g_s%{4x#2x=fN+x0H>!2VbKm&x$s{{X8YNsUa-ClJw)ClNyMaH#gl|aFWH0_{
z6nweJKy($<b9&wrB)a>5QgxtG^dH3w{#mby>EsZi<^Ro8f-^sw`nVT#k@y(`!B1k&
zaJNmOWbbFCBxmYC=vO!?0L@qz!yy1GchFZOyw4APMt)f};5B0m>8}B+4r8K)Tb@2K
zkt>4f6@-q9Ktp9du_g--m|vXLcbs59`u@KaCU{23cZlav5rkb!$Z(_;+9B6BsoRu5
z>;jV7i~{6*fxtY$9bE`LLB&XBUNn<Jf3dI^16GE7zVXTXktD$`ULxX&Y)AbD?<fX1
z5x|XtgTVr80Y4Q9ywMoOg1orXwOBHNwJe{CUC~e*7d?&m1E&E{^Ble=^&R(-Phty>
zyG9(ygz2Ea8Qowf&jT`*z~hYFwCH*T{~%%o=Nc<YlaU+@2R>K||L%h7xXuXpLIdO>
z9RPtsm~OzkzX0=xBbO|Oe}Q&@WFtmki+Kwi5JMCLmJd-0LIM;#7CP~h)`|dX%?u+a
zXVT)rjK9dYNCO)fs02S=Ktm4$LDSA1I7!eux`AcvN=P#UtRZB+V-9P0iEbzb{jP)g
zH*Ut1?T*&u&zE=mbL7jJz`M!Iqlx3ksA6c@#40o(%%u#3j%0uU`J{#561|1Z5yDV9
zNNmN@*u-;;G)A!mRkV9!Z^J01)O?O!oORlXK=Hu=u_L=B*Ka#I<o9yExvky%OAk+a
zJ5Dc=FIKT2n+-mh8lIT{<uovzQO*{sSg@FSZm^-47i?8@;uWYHG&}eXEGkNO<2IIg
zqeEL4jUeepe4S~&m^Y8@+B)c8Z@PI+yaj94dJmn4$IWKnD9pUQNZek1oE3C3%yCkh
z;ST!}255SFnh=3s>xnQD(2KEgh*O-dLvV@pZq7cITOd#SE<kK_|8GwMcvlItHB(ki
z>Gbt8uh}VotRu7~)?TZ;Y!~mT)obuFrF)o`;oe8g_o!%I5pk5wXbs+NV3Kgoi+C#8
z*t$TvZY0oFxM{1?`8G9Q?OFQ*Qxgpqi5TGoBPUMOw=El`76(#<Qya^leX&{GbIy$T
zz;3(D-UC)@0v~-(?tK5TI{+fzZ690>(^n4LuyNq)eTz8xXoaHqJMUxbRSL8ss$IQD
z(!5nJW%SW6M%&K6H16<JIsa~}Wur-Ky}pBOOwZtD>OvQ#>$f=z{7tJG_tmXo-TQk;
z$3;A({oT;2PqKJ-odrA2UvT=+8Q;TOQ&%9#mLaml-VhgdU)p{zuwBBXD(U@$*(td-
zK^MJKWsm$Nn<f0U-{O`1sp~33Q$1q8>t-j*pI!KB)2%Sk16`Wl-D##}7sV>VbTv{k
zTsPUpeDIi0?lV3Zr)ezjJz~u<xO8w*zS1iHL!G1e;f}cFNtyAK>+AYWj%M3urfFr@
z_$*^vwF<o<FLaY0(3A%p>T2N8S`8hWdV!S+H;%4YvJWbyo)3*!x9_*Ra}wCw8E?c?
z$sz;1Kdcv7Yi%~av3z6qiL;NEUF)bjR?!+0Y_u^k`e>a@{Hm1`n~ggj-F<rd%X8fF
z(-(wxXx*7`7+CYj(!JCDu!PxDxd^F^9<_NP7f*2YGBYmKP4*|>d=`GZNj87I)n9?*
ze}0yKQgE-vTg9d_t}2uM^t{gsh8K}ZxN5Q!V2KR*YA;fJa*FJx_$ftwWs&Qb2$wd$
zU@Kl?>SUO)L)*6%EM|MQ&53_(eC`87^k)5XN8;8;3yXIOh4oqN=-HKEhih?uD_-eU
zB-QaD;cBGe@7|CK2>YDUzWYnr+LP7$ilW?S-z@halRO%yq_Ta6bW8gin!Z-l)SoEV
z4<coRg=R00Jwx#+ziXneKA1hKQ)<#^MlxV`w?0tL|DCpz>2<U|^2pZX&Kom=$mg$}
zad9#0$ay!Fx^J7fAkL89uwI!i>ZVh2+@9P5Assf-i&vTwK1F=!zGVB<*l}^dfcjH&
zm7CiZLW$?Txg!(nlRGcnN>5D*9}Mg2nw;b*tMm<8k2z^H@9UNxe(58nu-zT6;7@&e
zzTZCcii3A!pet{9xZv)VWJ`jRvDpc(lDu7JdRSK21mr{u4{_Akd)G9L4YIX$!!^BP
zJe@!~wLj8KIdRAxQX`y5uNd!g@HfmCITXnDzGRro<q<5?vR-CgY1&`n@Y|*vRZD*-
z?hFqvJMCGo`Qw57^HM7gKaJ5GC3)I26g~~H3@r@O?p&(!E>qz2JB^x*T?9Gq&V-0&
zQ=sCxM*z#WekwP5yO|^BPqzXIyA7J>9xtzau8{G{VeE=icR$=m#oUJ=8JhEEf5)Bf
z1k>$liZ_YkaMDu=1U2&aQy<#s-OIg8v8uPDf7|ZZ`6MQzp1Avsk4OXOqPge^l7lIG
zk2$x%d}5x?mXre<7>b2O8fn881y0ef7Ku}Yk{}YTzL><BQvm2$z9T1B;KViTzW7;j
zC(H1BS#1<K?Fv;}N=rvYGXL-u|MaLVqxC*kVJ16S`=C~Fb9tygwSn+?CHa;Q-M!;R
zUb)g1S9<QH1D+Qgi>;okbo&rXDH9WH(8GP}8JvsppB<<6x&6Xu(Q&!=F1emOqysr<
z+FV_d29>$SofOVW;Q9E70g|jT{v9V7Q^x)XmjXc;qElB+fmUJk{E$vPnKKp2n}s(p
zrz>&h4zWZ_$-lfP&#1MZTC#>Mj33jcU#Z(-<vMm@RnF8g?;&or#93}*W{1V)=p=G-
zLNV29z(?d9Sr@#EPvGYDIUaJdhWMEV{aO0*&jhD(08cgWhW>4Pj*|-k#Xgp5z1f`f
z+D<5J6~24FR;AXSuO!!8F2k$CFPO?!Fy}-{lE)-cp{VHHk3O|uIQxEB0ICz59LH!Q
z-u!w<qxYBRUhkuh#V(@srvy;e1vi%&EA6>>cByxWu>pC@-6x~={gY|KbAXy*=c|yK
zu@`J7#cJ72I&JF9tuD=fq4BjNygIMbuhM&IjC0k5_R8q@Ppv-3jpHpj235()yx(mn
ziGd?Z!W^YAqQs}BbB90O33l-ha}6*aIJvp3Q+8w4gS`H~j)k_V#IbT{$EtZ!dm<CJ
zN8HTN#J5S`&r#*bZNGapFuo+SWz)?+=CAMTJQI5T^!?Jg4YqB#$DX3^d;<tqeGKWN
z4uoRfydI4z+kt^3YVxFU!{oWl9`EYj^WSml#Op4D%glSLdKxmrlQM6&k{8(=b#QrX
zBVg3mwt{*3SjX8@f_mZ&RUx8t@(5!!EUnnY?&ihm^<D~XQews_dVe>B<R_T)tPF`2
z-o8wC<=PMZ!CA96%v=3dXjY#1TEV|L@w={l+hj--EtlKCV0v*l6|5EE@duAoXEcoy
zGbi1hGcq$mlM3+Nhuv;?$!|ZA?;hLZVP5Q6*6M%2(=p!W_l3LKxyze6-_aBVb1$jR
zJ_>1F3A9T$+XruMH!rT-F|j?aMAV<zpr<n0A?CWN_h`M?@5fc%u-3)sO;P3U<1Vl@
z0@z;9H4{8rL*LlxwTcBN=IwqGb!=2$-90nx+@1vC)Xfg_-M&1&dH9pB=aF)eaUyks
zclOTkzNe4ZcE^r(pNW3dki&={6T8N-eb(GdT0BCYw=>?{_JpXJe6fe5hjg4nTu)ec
zX5czAJqN{<SE~mu3@j3|bbK!$bhnPDY!fXS(Qb8P<dHmY5orl6?%N{qudlN5azdOo
z>e}z#du5YGfa@m1*~a&o9$w+AhmWOk`e?FQvgG5l+B1X~gx8ldv${@OM(HQW*^Lc%
zW~ArWtNL7RxEG_9^8CvQvwbyYX8UXOWxTtkZYt8ggz4|rURLWqW5x+(aAZKBZD503
zvcUUON7N(7qD;Jx*YoBlw3Smfur!n;$Je+0DRs<PO0`es{gNd^=QVJmEIXPCtCD<k
zbUk5LZgv0Q;OZKOuOYTkNA4u5ib{KBT7KI<aDGY6njE5-&j%h<M!nK-BD<Zq)TZJ5
zeTJ=Tyq=;`$OD5<YU9b)Rd$&<3|7{JbcW>XMOT*`WTlO!g=fWdZsF{Ho<Z|<R(D}G
zC6gT-G#j-O<?;fzCa$RMbG1l$V~SfkD>s{Rk{dqY5_)y(MvhTkvWm=OH+zYELUE+y
z?N7a`sii%qZf={^wBVVpxrEc@@|Da+#xfg^2>(9ksNh{g-b#AzvT5mIXV2Lk-?iY{
zqKAK;7EtTGY^HjRU~PWGXZDBn=}BTV=|8KT%QtH0$0o-r{`FdTx%v^w1u60&o$2vH
zYlkS^lAq4+`SYWpocHe;VNJ&ytevS+O0|>fV=mcM993pbOQO%l)Q^KIdP$dt#*4C6
z?%Axo(l)(!#ni<F(QQ7}FL<VwrmMD{o_l<ld__w%s)(E}6q0Aw7QcS5kGJ%TSx?U8
zo7AcdseK2l8eZpTmR;O!G4=f8SEyOs-|q06wd>LCs)2dBvBu5&hKaME#VBqnm*I}D
zKDMy(3&1B(5K!GgwAp%7kJ#;QkE`8IF6YuVUT-_{p62p?MTFDI=m#qE1MAJeR-2sY
zaW2Q}KeuM`tYs+-Lz3L%9&+mFV-}@U%7o^#E=;ddq9{ebE#K~`MdsLriR(*x&Ssx6
zb(P3hh+*POqDUdpbNq`7WX<t9Z3>hX#5M&$P(+T!w$=^|7%qL&^FGRK#m>F6GyOG;
z{EXdV3~HPu`ZqN5h8C(GIoCW?w{3s1b5)qdhM4OOx-y#cl0xTtS+PjP{quYEK6o8!
zTPUVqaJqhZozc+Fr4>fjiZ6D^J{Q!w^5RJH;JCYZRq0weF;82cEQiiqrAP1E$3ACD
z%W_}%{LvGsnN(627Wp|dY+!B0E$-jXkIt^O`%<lVRis1mY+jsUwSD^fy|(JTCV>j&
zmp&_sEmpqxra354K<HCIhDE!S$$<~a%DLVLc?|uWS0Mwo$GR-98^_QiWY(%FW~<5H
zjtqU{BU`I+D!IufGGnwZHr|{N<>=z{=RNDjsR~+{cctkcZFf8+*#WoXw;kze;$%4R
z1R8i{_#tPi2;_*IhMT3T+&mU;!oNrp%A(?=T$nT{G1KYa2YxwuJ?0><R6&U=nK21V
zG<z<bQUc3=>K=8{XtvvfEE<0Iz$;buGELI%x>NWZFzmreh#a_T)820@CkuYm<X4Ca
zHcd;Tdm-x&X)6V~V>_qQ0;wq3@n=kX7S_b)J^~%tdmp5Cx2J$#Y^KVx5Q?qnE&KbY
zGk`I%YI25l(1-fAwuZzn7|=Cg<%~tOW2U_esH0fK`*c)0G}DB0;3x1v5Df~u11^x0
zGqK|TooO6?S%X1$KhXA{OxTzu+XYDYZZ;Yx_m^6N{P1NI^bC22d`^;mqBHCyK)5o5
zM*Ywkhtq&3<M@$(xDE`T->i$7=D(B|fTcrbAow2mxIDC4I}PO{YZpauV1XvU10w(-
z@K|n>&IHdKvwnY+g~7t@5$^sYqiOsgmk;Vg5FZ9lpgc#MBYOQvY0D@mPmoqn|HY3V
z2Kuk*pFaZyfs?uybM2NP?}j&Y;-Ek3El|(=jYZc?jF#5?;9Qv=!7ri5IB76)r^yuQ
z7#aY<s8lTK7J|P(-9fMbybdFemgPGiesEGl#TURl`O%{k45=U%4{E!fa(KROeZ`_L
ziWe21%LQrC4&OZ$9VEJHROn%soF%`BACc53$ZUF%9Y5eBQ2pf#>YT;Q#LK!NN=tO|
z##W@~2oB4SPKJ*PO(23xP@l7vLP$c+j8KyBC_%U<Sau`hMY`(Zpfc<28_#_`)RQPs
z)U#Q=#bd?64Qi%#ihIU_!hQV7k*$_Di)tS)?1(%O2iZ$K&1zhKpLK3aj)i^nQgCcj
za8V2Rj?)R-cIwrM%9KYZw)7-!RNo|7hv#gjl_*WhOK$*112<42zxs?5HOk|bt*s9x
zkB4#S#XV=TugbQs+nmGewG!5LB{APY1>iLBQM7}jTvQBnV2D4LeiF`GVbKQ1Jkqgk
zkRud|>IOW-?>6G5`NC?!EEYyg+~$Uc!2fK4|1qDCT)(V|RIKP_0ENnaJ`$~|jc1nQ
zmr}nyWM}a>+CZMWmiM`kL}!y)^f<*+cq#DWT7kw+9a1~4kOQ9MV{8yOd)iAFY*9S)
z1^(x{5j&PVAukQCc<N#ji#~k2=fAeG|39_y9qKV%4`o}12AGc=)BsuK%L0EmeV7Jy
z$*crmLjdx8S!r0b&&!oFLFUbZ1kKiS$-QU-BDhP)%fI6oH>m8dGXrr0hmHUQI<(&*
zoo^v@aR^K~;HdbQsnGUmQ=j+wm0|ErEx$SWg1i;xZTCnW58bAxfbd@1!@LiU({Ft&
zt56Qn*0KGON}g(~r>n93daDO3#}DJW%7i5ruarFX;QrRlILXxEwpW209_xO*`+v3f
z?eS1<(cdFUil&luIW-m0IbEcbM24I~rO{R8GTkZRD8j)!N>Pcagi=f$MWvckkrKu=
z-N!9N83s*qn{j<GGrem+Gt}w)-uFHKzMs$gN1qta>}T!0*ZQut*IpNwXI?f-#TP7B
zYtDExcgyDYzs~JGa3iDIxr*|r^=>qkBvw;>Rs5P9n$qRH>-Y`()gxPZrg4(D-aPOx
zf?rYX%<SV!tlsbWU17`SU7J-&q@H>vG${2!XbPcb9)k1>pCe<A^u~HNo?-4J{ALh<
zCM%v_Ap-1bhf6`oKsS~lit5E(+aNpm1v+N^355dz{J34u=gNBq{^MSx`D(@Y7S9k%
ziHbxMG5-I%b~gf&yl^z7mPPNIKC2s8?SL%oJoD$~&3FEXCV~FIrncN*(^<G^VA<Pi
zxKn|*n*G4~@-JqkH;m64y3f3N^2NtxI_V1^u1T?P^Xp4BqA713Yv-=_J7e7jC*Y7V
zMd&EF@=uWQ5|~&-@xMQ+C=J{n)2Ww9iNf~PV}de{P*Z9dT>KxuUECc@f0NZk`QXdz
z>(&!1f!nsW%Ps@UOEF!76~%LKgB0Mhl%Ic>y;8Zy$xs@&7FZE$@Li$NP7$_}!|7eR
zY^mCOD&G3@uiI~mU$>h}V!~k+K}11dr;}It7mAH7>g^;d0Lj5?X;Nd$pMNhufGrv*
z`u~&rnHByY+&PT_ZR}-<816M6oOunZV?G14*FT$l(0^gPqYG)wFehbvp!SpN7Gdu8
zrr7ll-2A-t%iLJ6Ba9UFb6;!|E?1y~>6WvS+Q1dd`-3<wIIwZ?RX@ir)8-SxZkM9i
zWX)-RCZ_wvKce)f^pgQJSf9Y<0k;G}_L}_{QE2i^DYl>znok4vfNVSc8QZ~4CX5%<
z_W`wvqKMo;HOMY>S|wSmr1hvY-(WU{r>qq<3Sj6*y`+G#MS?$+pKMq)K|z3}dWg>j
zI<xz$O<CQ&YBqZP<^6zMfzNhM!Vb3ovrr$iCanwxfjH+j7lo$?2#Hb&=*|Q3zReKr
za8;uyzet`Pq)1o}sGH4D07V=b1=oT7Gh}lu9J<sX>^_Ln+c<_L%i^FAPz*&eCZl%=
z2NT**B3mSp6hQ;43;hXoavIE6Y>ShJzeC)F+?wOAK=v3!&6AK06Lf-M2ZpMwHXnQd
zyGt|@L_?yQf-_KQJV>hepgokPc<H75HQy~R(wITp4m2|aZa}M!U}A2l-ZXle$bcuI
zfPJE=vpSj{3bfEg3jm2u)<v)p@S;B^kOr-<!7KP_9Avdaq$Cj!j`BQY(HW?MwLYvi
zic#JGZK~vT|G+GSFkqBJ1&kAjIAm~HYJVl}S5U=`Te2Ah){;7g?t2J&1r@W`%PnDt
zsO3x;0b*;+#&BeG%hM7ec5*e?uVM(Cjs?LW(%DFa^$7QSU>(D9nu_G{GT+M;Mv;hT
zQFTGIm-M8+b(Vpud;!@^DnJekok9e+uc3B!aDzsefDuxl1)U6hvPT#pl2O48l;TUQ
z$M>IxI%^XXggZWSa0CJ;L{ttZf@_HQ0|7Fakzon5lILR)EJ_-To9Q8*?E}qCnAZJ!
zANI<YNm4X?FdheOmjHafM6h!!YEU_p_BsP?G{_Z^A~krS7c?1t0fm#J#l&8sC~{a#
zpyW{Wata0?!De~M=;!j<;$(Y$Nfq+<VI3QT3Tg6991QoFBpVOXITgpq^Dc&izU^{n
z!BQ$#%>5p8N`zK4q0MaQZzXyh5rv1T$|>|4z#|)U5vMn2vk$Y?BrHxtgbT--@US9@
zwo+zEKh(@A%~0plgZs1Y`FkWa{fV9B$A0~KwECBk^Ar0n^)s+HX<HydF;9p|&rnZd
zLOs|ir{G%$wx;J#-_m$5vusz|NWm$qYyEYh^a@ek0W4STI;-!v3lCS+{6<o5!>AUW
zBu`BEk*W-(I}&g^aO47EWmw)HVlZO=V%E{cqu~r^cL3@fnufCahC$e*?7OY~e;zl7
zPnU*5TZ$D^zmZ70`!OG0cT<tAGK~FCnk>bJ<Qy1yj#L9wI7ga#lqC%Q5{NzU@}T1#
zVa-iMvR|E2QK2}y3!~wpuqFu)inA-2E#u(slwequ4dS_A>|&CG)Ve1OG92(Ng={HU
z9^J`cYn-516pD`-c!(9kAY-+c%DUdi#LZI{Vhy7czzR~Oi)m?1UsY_!=t-xB)&gr!
zz(&F6^lzjc%%8_^rPhro5;0qBh&h4dA4zbW0<}&V0OHH&gnmJbeqbP#YtpT)2yY9i
z!>JIxP08ipFzxb$f4$%t4LA4FFYKAl1WuT)?@w+cQYCQnE;xTIbR2pMR{+`M|8crg
zEx0gUOg7yf$%@sRVGT4bw4`RShEh@iRBjoNa?JkI;+ZNJb$%nwaD?q9{ng)((E(AE
zkENKhD*vP=n&xSi4sbw;kp9!kk&mTN`-gq0;fU(x>;(<dbIHJR$A07+=EeWKa49C(
z3-#5765qi&S=0uq{sOl>U!)vSqh>{EKZI5m{TGG{&Q7ODNL|>vz!1HpUIrW~l*Kdp
zL6$Eq0Mjx^-=Ebsz<Sg3a_4`VDdLeran280VEGCOSN)GWkac310?_@FEN%E%I2^AF
ze-N#T((10}GBDXkE(kq~?fN3UG@weSwLykD<k|2cIQpO54{GEm4!mC~9UBO-m~S*K
z!8&2i$>jDjz#kG#1@S^VZG(1tH{xp!Z9_-Uzoq|uBkM7{)m~V^*KK*tchg)cN(=3F
z+kxB9&%BxWylMZeuM=me9<`;_(JkO6UhVpMH0Tf;gAQ4#Xk?=PSK+MmFX?L@#^s#6
zXm;G_#j@t}@tNt}GZa@Y*aN|};9_8}up*9cC_#7F5qTIxkWAO=LRT>Y;M-BN4-+P8
z=UhPq!C*~+gqqZI9Mm-6EI=VN`$4=Y$e^+(B3ljx`JepW%2|1^l`|0rlLY9mS6Vre
zu&AnjbhDKJfD(;41$}$Zjp#v0kK#k&d8F~cfh79@5}9O2OvrVW8wm=*gh7GyzA{o#
z$Z$f67_~~XML!TxCh$K|CRz3bq#F&5CpS6<5*Nvo>m^lWc7c|nWl&J9VAxCgVG^tp
z5!7lfAJBFLdYNflCTJsF^mHL=_W=d5kP;lYpg?#VAp`3YF%<Z!QpDz3tLj?KqaHu3
zdiBb3_gFwfXlWg!=Xc0bR)Ncu=i6}!N@hX92p*KNFro*u9$_Z}tc78@=~3PBw><-I
zx%9*ssxM9TPv1UWWB;Dh>Cw9}b;!<HlynRba_Vge`X8v4UhyZtupM5r3G?Pa9U>wo
z_O(Y_S|hTE=!bU!-)<6`QX8fM2gCC`c%JnRd>wQ}fz&)bhAj?ZXK^~Kf^<5rP`w{@
zp`G9<(B?nrrGeL#n^qGlolMKd3wzuX&hC*~*zst6t(M|N>|=<<KdnXi5<Id0N2!;B
zVRW{n973Ks5K23ppoXaZJPE6dG66ke_Q?`GT*K?Cu4JqP0;r1hKmb!ZhMft={IsXy
zw<Md!$EMB1dO*>R=nn(;`Y4dQ6QDr;{=y1G1HG>m5y3hJ>f@8;G<`{GAP^p3rl5B*
z4_|Kz`#BKU*ilJI=f$91>zn)Y00hNY-fzAXN{1R8%Dn?2-peL4v|-M$UFv8diHvhU
z8~KE|n`{AI;A!cxe-KO&zKU1oii5o&gMyBU+IN|$%fFM>#3R8Xcman1Enl#@i(>Lw
zZ2#9~P0ZHh_9Ssnf^@Q7HV}8t{bn<S{3N%t#XZ+l&bqPEc_8OdB4jr0R}P{dw9YZv
z9-xOo%LXU6d-S`tP-nsl{J;pr#=a?%GeT!O%3g0Y?6s%T&|Lntgkt|n#%3(<SDZ3Q
z`nJrolu}J>t(p3yY6_aaG%!olxQyzZ-Va+4$Y`MoUuDUrO7Byn2V#O$m^?$d5GGHN
zPreUv;U0qXIO{8wMn#!41cJvEEZtk2K^`C&rUuN6>W|X>PpPAQR~KeerexUPIDol^
zt!J(;Y1=rNt@BhxE0zE3*YlUca}C~+g%OL-1|6ly{8NKHI^{=&%k#)Yfo}-UMLuhU
z2cKjHE2<}_i#`x^$^J(`K_bk1I6clF{s1Q{5{lPG0r)UJNGKeBWTx?ohgLM=+u+ke
zwkx!~A3RpcZRhWKkH}(%gN+#wfI9q+BE092Col>=fRxJ*+6cplq{kr?`lm(f77DLg
zHvOs7syzUHGwY}W3SYsBGo%5PPyp=5N?#~jO4dy+i0Gzf%ETW*NH8Xu6NBi#r1($<
zm_+p*07srSN_p-DTx$qM4<LNFMue^rNP#{=JEQ{-iIJ~;@I<6Uvb~WO0DlEJugKmc
zLllGu_0lCD?%%EpU+~H@Zhp5KwkGAt*f&Kf=dJxmEq7lzX~fnUwGm{8z&7^J3@%;K
zhAk&udA*a-%&;V?8+4dAE;VgJ&UqRX?#qM5EVpYt!B&&O%Krr^(uVq!tgu!^VuM6|
zS$oh-0K6?iQ><a??LWa!dvE~6YenYC@7zj5{7V(20@^I3$OW|i)gcgdCX8VE^j}~B
zXhVpaXbAD-qy_1W0|A4(7b4d#x)SgTL!Fb$Kv?3z(7z@ZSFGQy4O{$g)C37sFuaIh
z4n<vNkxUY`+E_%nOpi=Jtbf5902WT60$^og4NC$+Q32xVhj#)Ah=)6pF7iHkye9J8
z(OM?e24F7?H=snY-ZaV59?ChuoK4vvdosiWjc=35{p>Q#V?F^iy(q2uhY5{EkoUv;
zWC+>#KjN+-Og;$~0wU_8O%f@&atv!jbR^dX2nGx{a{te`AqQPJWk$<pfm}SW2>(L3
zV%d<ewT9rP9GqJeY27TD(t}uA^88bS)Xcsv(|`JsE4QHA?!f^tUREGm4p`)f<jQSl
zBW}<8-U_Kd!Y=2wG`a;L>L!m1k&*_xq<beQu!~|fX5WafrmT)B5TR6Glh;8kr9iqX
z9TEh;>o2R-rSCwHz~e%gCPdP4X!aM=m$lp7qOBVuxZB>(-_?2ZK-?at?UUaf->jW>
z=T3q)^fy1|h!J3en!FNU6>tt+@P=Il0i>t<poIlrPbm<Ne%J}VBf{qZMK=yprg0i#
zxuELhJ}zJjr;J!&dW1dn!^^;E<8;_KgPlUeJ;N@-UD$dO36(bfx!P+;VvOWSAPq#G
zD&;&Qw}OSIP1*j9bpLT2wYhCdtkYf(HlnjsA!zCl1rz{gaPJUg6UG=c?v=NdK=_An
zkU&mwS`oK(|181;9U5T8`>0;Xo7UGeQ0RfcHmL?RBO?lYkWhhC@Em{_3l0&oGG(&d
zcvMJ7_VN|hBr>9l1>PlCGA{hw3@#wTaFu2aRYdY7p#k8U<IkAWoCf<cPBWxZC~(l=
zE3BRoPovo1n|xZ|#BNG|cTCbiD00bwVL1Yh)0DoM(^Vj2LyakoETl(M{$`0M*cHal
z$3q8}zw{Ha3Z*(C<^1*uU#l#`y2u*%L7t5;f9ZKOi<eWpzmY24@;;rOnYxXChJQq-
zNr8Uxd_PO5D7CUYj<qNP?B5Vo6w=`}wHGPlQ}jZps#%ku6IW=kH}xcabij6U*xh?x
z9-}^PZ{BgYr=o*bmAB$!+J)8U@0R>}WWsOnZl`Fd+K{&5T5!*P2oJsqZrW*Cv&Gx+
zwSI{>^cM(AwV5)pIMvubIV>u8W5nA-C+4(pJ;%R{KDTSO)~FF?cd1p-Ugat-5{1^M
zwKUiIQ$l#^rW2b?P2Vr^f4jAGy(l7b*WH>tXZPtE2kQNPw>s18scqI4m}RH^OTXP2
ztoBmY!gA?ku`iC1^C{%QT6$RgoXF=>_R{M5u#^=0=J1tOJx#N(I<&-(FIr|cYxQ)G
zc`JhgtKp#4Qejv?u0q~|e5-EXmO9+YJ92)QeT<t$Ymck@(yUtbU5<q_A6@k<4>Dp^
zzV6{i_7r86w|7yM4o<<2rBpxrWXjFgTwZYY;ir#Pj!RM=*zEfy#NTdS#Mg(nj5kjl
zX|)MjqG!z!Zx!*x6Sb^_suQKliy2dV4RglfmlKNu*6!P<)OF!whMT|7=(%e>$4?4R
zucq)n=`7sLw3M)@J3Z6`OeK%>vh;nE^J|o!yuVrOo?>K|>og&71a183q>#<e-e3Co
zDs6G@-z{hF+~+N|xH>kWWC{60h<|&v)>izs<iYsruTCUpj>Y-`ecsfYUA=UdPQ#tY
zbw)q(5DHBAL8jX!@tFIFzePzo?V7Gmi$!O7s-GoSy6LB;Ji|j=_GiRh%PhI%<T%>P
zD!y@N^u9MP*V=a~FX08uhe|z#xLrYPM!8f+81bNPcBU{Sp*~zy=U$Sl=9K%aT@#Kt
z<O@G=wW@38ZG6sGF%`~JjNZDzE}J5>@^>_>;~W=j@o5t=R~H5apNa|hY?>Iozsj}y
zng6Wb2l_|HL0q!JNOy-{YRCFe_wg##pYtA-$1J(^-c+forYUP$%&HO-^J`)~N5gH=
zhtHh*R70)$pq=gTQuSciuPbaxbB1BVupF9pxmZc~x}atT?r|IU$)#vy*d*aTmgO@=
zBjWB<=j*jLUU=sho)R(E<mI$y3)X+oUB7Mb8P+&z?cH=*NQQS{U7T{xl(bW+r%eKn
z2-|-@;O)9%LE(<Fd0kx@nX~wH@3ppt8H`HOn^&Cv*SQ<a**JIthQEJrI!^kWmGYS#
z;PuwNfHKzLild#iusu&tWo=^R2iF}t{qB0W%?oJy(4LslF@3v&ZSJI;NgE4`pntut
z^I5J~y)zpdO}E9J?;PA%MZ@Y}V^eV}JfzU!J^RCb_Ja2t`6D9sX2kleemQ(0Wq|@o
z^AN|K9rh5*vAM@k{}`aVma51JnisGk(0l3AeLb18Kc~ASJvsbvoVMqp6di4)%Lxl6
zC5-aOX5;fhgBi=j>xHIq<dF6*-bnE#&XsjSpHuYhrT3?9j++(h@}^vWUB%J|++W5U
z&}JR!2ptz=>mHy7TknovsdX;ko@C4vw&(jU@u#YYjUVIA{99tno7R3l{As2t`AsJ3
zvva5VAOF1S_34XR5h@N>0g2dBmB3q!=dps5UH&RrYG30=39T>8pKFVShLO)YRlD9D
z`}Wqo!sxwc7u~+Pa>}apX7hFg8A;|!M<0+RUH7$gq6M)u5`}DLhJ{Zpcg)wL9Ze<E
z>>WbvFO__lx%h6_@R0JI3vP^_H0MKZc;OdjWp7U^tt#1EbjT-5qufM|&n5XDr>psf
znU}fGczWS^>&%e4H8zR{hYPd~$EK&p`;0Z4Q4xh3OI28Ybsj;yVF43s^d863f?4Bk
ziau6Ytl#IjVY=IT`lH|aSkJTu%+wnGmK66f+*j=B@sM2ljH`+4>kUuOF4roH;irYo
z63zQ#{?k)UcVgY*VlLQwcB(AB*-Oe;HmP1)@w8A=Ji$CmH(*VLrUfiqbNk7xDdpYd
zF$d{m86S4X24*&fbU(u$8RRzJ+Z}B*^T7L&on!0P9PfUIA`XuyTZq&lQr|t5dD3*5
z&?k=*t{IkuYZml}7hF7du+w^Y%*4O^x7|F@s`N(RICn4oN~7A}e{1OGvMUt}>B`+a
z4PVPOcz9i(>2UlR{eAZUcg#opz>V@^@71xcZ%vKcQ%*&HxUYL*mB*vYo0q<=%u}Tt
zhe)e+-08la3^m-okfmXOO$^YNu-aR@DJlobohG|cx0dZsc^qAy{nc>wXRC$*la28+
zL-h3DZ+~$7#<0R%@F~wtp^i;$SN`M}FjLfXvX(N%_nn|l!U}W0KQFdoV7GDd6_<*Z
z=3k#IEqQt9#e$_uV{)tt-`dCj0`ooV%7K2&VRkGsL-XsD@+;8Pe9xLt+b1B$9<x8+
zPO>Vt9{xC7kL4cmrG+_XYO&(j>t&I7bm97`Zxwqy@B_74{MUZ_gv$Bv@#DR$ojcQR
zExB@UZOe5NZq$Q6w0IX5U3uJj%-$T{<b?<CkUXUDlfp7=YA=-cyWdL)6>?5aUG+Y|
z(ly}D`NHInfr-DTPb|LGksZ#!Sd9ZW6ptgfu+lzJg?M3FHl5<zT-)~aj&DW1Lpmce
z;XwRU&ZBd#KAOwd#k}-AQ=*ibcJy@4_NxZJ`55KK_HfAzp6w?`u|sJ$TglalQemo!
zQ*A^}&yrsIdHhkpp4WEY<}YjYMT-l1ELYZE+?^eKrdA5rw#;Oou%gbcrLRtJ9C*j_
z`Wsm-t^7%CDb_7sDu?!!8Qe1P&s<bf6Iii`oT6}e+D*q>M|aM6cd)Q^1%OnCs6C%|
zmZP4rO4!K{Vb%s3*4v$M%lMVw>}HWiuS(OGL_s{^*XJ}-gEJNyAJ0FDn(d&pbJ3h(
z-4)^qU+EKgIBhNNBV;|Nk2hI$&zE9@pS*jZ%B?&6y0GUmgZv??;c2u%?B|t{!%vdm
zHW<xInB2&i1}3v*mKL=&a=_fzrvOu3aF?MOFtcQyH+UjltNoUYp6XnB-($4(q5FH|
z*D|$-hm-WjS_q7it8~TcF?_uo@&w#DpRU5t_4Ua6vtPWtIBObywV9zAxh17ctE9x-
z^_KnW7~2%Xk<M4$&ff@+DjOH|vgIB`=3=LuMoE&TGXgAx5TZQnc_H5?<gUS|gVmda
z#Tn_LoBmFHdc34Z+5S}hxX9%h=Q7-$y~=&)u1z}1dVsZ>-(gfxM%9U;3XdlW<3p1z
zl-f=kRoq>&_x=1to4Vc|R(wMz#f0f9+52<y?sFRI1HkRIGZ2K-f&-=?n7of1=q<Vf
zst2)$N%?xGr_X!eO;cWQT{O96O8qLKM<~x+D7hM)yePHG-k?+6`;Yx^9=cCGu|akG
zGp4JT=fG;5!xkUwVoJsgfO&b&Y()F_i(L+~Hh(NjO5BIRDKJPe3H=3GuJY4B%N%5X
z64_+vOVHe)T3haiHN7kkMFVdGayNiY>h)EAU-_fCKWJ>jGbl6;{EmaRHevM=^+J(r
zM0Qu~581}3X+s<hz3!g{qR<Cm3j5041vz45g|h?B5w$wCO>|)aZRkYCGMp$1jo6NC
ztp^am$sDZwk_1N+>0|xoi$i6|IUSZ>G~&KZuTR{M`h4bL&TXb+<hN}okgy`i%ou!2
z=(^mN3LXdKp`^j@kWUwhyv<N&H-NZah4O7m%Li-pwze|inIBrVDMsOGa2V&2L75dN
zU`@GXm}WckAX@`Zh0nRf=YN4$5&nS6k2$?JQvx5gQh>6sx3)ck<I1YC=t+F?2yYa*
zW~Ubh1^A3PS!Yn<?G;E_d)8%&W69}xI^lJ3s=bRAC#(LwTVYc$oniMPy;rP$g}(%9
z`-N2{1v5;YaLqi*<nEO6?y#w36?=z+<r^{Q9hJ*cIkEe<y<X*VLO*Ty+58AI1BHC)
z8<ub@`4?#srj(_2AWIYXNW^*dn&IMUp8Pn*+wS7)E>&AnZ`PGIK3$x$iPPS8{)E2v
zp+6=)n&S|kU<QczcTIqukeByqZZ=ibV+r$2jZs!b$^d)R!K#KGZk&*YBEiJ|1V^X4
zM~0n$C%mzL&ehj~>$%~T)#X@iOi{qna?@$e6vY5H!`u}|>Ubw;LA8EfzNytKXsbKN
z?>obv?6h>T_KSVnqs@G*b!zJ#Y=6uVT8o4NGyKRcu`z!6p6?#MbKXFvdk=l$!R1@B
zlE0Buw3;`~e||^L?a26X22B%A&2kYZj8}Sfe57)0z&;@OxNmSRrL`9}A=kW)H{O!Z
zoFtx|npR}0X@1wz_+b33m>seDs)x0vdY&r2+;&P~M)>6i;ZgSnEU_HV6#9qPg{Di3
zyVXYL=;`L#uQf7p_3#mm;I1!woB#O1Cz?mXhqq%RH!fT?EAEY3et3rt{WoK77%0az
zqbXJDJEWDO!u<LE4k81_$j8FBk29y8n7AV%?soOT`M0W@w{pjnh4?1Un0N5X(FNu6
zCLg=-TB^dWrz?xCDgw6D!R9h9C;Rprk7iE}<Ybq}UR)lX>~=sS;p@^ho#Y25#TL`Q
zT;fjJH+;^^7b65GIUbY=0UITcQrRKXN8=7vf{={49tj7h@WR?m%%??V-b=iBs5F0f
zn!Z8gx}{eOqNa}E*G5^S4p=iPrL%BvQM)<5MaZiYQ^#e^I9R2@J>%ZWUeZuJ&nt7$
z<b<^G)_?52l=ASc&WrkO!Zk+w&7Q6Z&1HYMLpcdaE%bco*<hXg*55GyNs4ddLs!o!
zm6&t&OVV$(VyW}xC&Fi*5v~yukjUMwNBCGFmn`0l`->*l*Rhx>fn(}(dwtygvbg)<
zYq~?Jwsc)|$MW4)pUt%o&ketMb<vYUw#uXHIXFNTQ(MG5>qUp7uwq-rE<YiA^@B38
zk5c=Ydnqqdt|TX$`x?A9)4IH%?ZU9h5%^!PuZ<u7(Y6e$y|V+3bet)^{+76&FruEn
z(f3MSG)uI)yk{Wa)8(kJ@{^6{l<KwVzixA&Xb<1ARq1l@r1yqPzLBP2IR*hc16=u^
zoO7ttGR$lHvgWw-OmSxJjm&$z{N(dzo~|zQo+lg<?EdiSrTZ}b%@_2dMxNDRo8!6z
zinvElApUe0pRCGr*#0G*n&-H<E-@}4#k?T(W_Uq<@w@%=V~(n~&bZa+vo|tGq46+i
zM29`1R6&kCRS{pjF21wg@<hz@iHZd^bC`L5`1#j`rwsV1E)KhAzV61Q33EnXNvl1R
zAZ+fb$BR7%_A$zK=$*=#TIbJ(+*xHeH;=n}L-UP2+-AAytbLJvcDoe+cyViB3Hec5
zRhG--#dy0^g>naaWEl&w>`2iX4czZKzMri2HM*BE=22$)GyO-DwC!)T+8#Wss<x2g
zI`8*w@qE%7TPRkq>0=lNtP?FgEgIFiR>&*hs#;vbndVPQv@-ne&u^LiAT1-JB|Tl^
z%qqRfTWgB--aMTVbeKLGt4(6)iR_LsM&nls=pzz^PLU#B!Sekl>u#{}iydob-}@Zp
zcPsEAUpsW%BFVWqp?>oo&7HV<YecH44wkc_HH+d(SMS<pGS2_5FEb~LTAcNZufI+3
zMyu+A<%vmqTz$qk7R|rwl19$F!Wgf->%vOARiZtRkX&OTiDrz$$*W;$Lo#fH>+3Dc
zOcwL^md;A=Xg6qHoig6$VC!S6#t`fC^<$F83u}X1xw`>4es_QjOcA)W3b^AAa>klC
z*58}UU(MokTKu=|D_Rm~T3%B#F#_7r&CaS^<7X4xXl47%uzlnRy;jEoH%19ZHNZwV
zEYAj~)ltb16OD&bL%idbwm;wSamUx<1yO!J<ITMuuM_3zUU;|P<-%rvy56gOk#DBo
z7FPFkmz&OER5{JYt@qVY)ILxYUwe4me~Izmr<GerzcOa0Zf{EDdA~h(;CH&qBFm@c
z>-1h7*~Cw3nOx61%ThC;NS=xA@CAJ5AhAolL6LZU)`Zlxb0=>tab4_UAey1(zVivI
z{Y{C-xyNGCUl{bBp{63xN)a4~=JDjyW1E-T<z>2=SX{5Ps9S4nv$3kqEneN-Tiavd
zhs9PM2D28vvD$k6;_e{RSb4W(#eAu%sLmKV50IOw{YTQl)PYJN-0g%X3qphZsKG`M
zuds2TVgTC?WuxONkQt!2o$wt(?cQvetFbG44>AS7YpEdb%=Ba7UR#+%GPJ2>?l~O1
zhuS3`V4OhWXcl@6)2NvX3LM!Ye&mP*>HK?z60C{WPxp{wdAQk%tTS`2k&PvwFdB{%
zbv@aVz`W*7HqxhANiYnU7WBjO7{!dqWf{AKN4AxAU9rq6(_Uz;mTq-ECCfqd!pwP}
z?a|xMx2g7OyyTqD*!-qYs=+>!E}*!TKpm&KmDp91LNRzst7VS54aD5&;71i;b+biw
z5_Jy^tk(T9#2{mWPHk8X5P~k73|Nk1>CRBQ9=jU2G|0<w&_IflnR6`vICwM$JsPkD
z-FK&hDFn|-%&9QyR;=NQFB{;{iz{8*OO-x4r%>#y3#&nt4p0W4Xa6U-D4u(j7-JjM
z2y*4K#cBk>)#9$3#K%Cv1vm6@DYZ{e+zD|=tK_tQj6_3q_Sfpc)~e{8;d~i-+Zwpy
z=y#*mX%EdT24+SVP;JeYFW?dGVu%D`!G`!ZM0oke6v*Dfk-eo^x*kqf#E7vtK|e>j
zriaq7I|zMQzJi;l++_7cT=w>OqE|K3H;q#F@rH9Z@WwKh@PcnLwZleiH@J2Kz)go~
zxOK)BW}i;hTyT+oS`4$|yfeLG_A9O<;M0zqOuq5u@3*zv`Nb{QA6ieJ`*+F6gpn#F
z;ril24qM|kP{YhG<z-WQ+uFa8P`kWkIiLV!^P{7ki-FH+FhK{FFw!?!dOGb4sCmP6
zz)u`@pAl&ywN4);{%s^n1~Oou*nRKF_&SD8Kdvm5)L_ig&i?&rV(qNo3dNDK@nF52
z^2BF1vc~^38@Nshd`SWu7f9mK!BxzA#*xl#?)!6ZuvDFLx)OTG%f{^EvNh<^@pO$n
zQfu}QIqXhmA{n<f*#gN4)dh5XY9iKQ2L(z0P+|@d^a-*GoLGWMhz|?-N2#C9xsoGt
zvSImh*YXpf9SyGlBfd@VE99#Wy@w+-Tnn>i?~<;bGmI<Np{fT4D1IX`+Np(2eUe33
z?jDh0#o$8rOPwyy;-GnR#gQHw;8i9>fFTffz<veDXoR-_D*}<?Ao;Z0`_EzRp9Hvs
zN_7Io4>UTngWwb1H<E^wacPMIPKZPXe1A}SBtDAyvbRh`as~iF!vvI-q<M%SW9f}w
z;QG**D*{frr2I3{i-}dlikFD&q$8RzaTM&o*6<&sL(aEisnNC36yYWD`flOiJ~wvf
z5IglF$!Zvy+Ym46AztK82WKZRF5(<m!gak+--X@Dx?f8SxQ<IF)k~kEeW44Q-V*O9
z6u&TnD-R!5y%bxBcEyIz>DQ?lV()LHccv#`Ogx#=VG}?I0|JLY>WiE~?rHaxbDy|g
z_aBpP?hEuJCQa!}ln#w3;r1DUl?Het$BLwCFC>}YNG2o&XT*FpSqhNb0wi^bC4ayj
zgp5Uhpxn+>n}8*pT?*CZxKaQLqy9E(osMV&Wazl@(Mqo1G&PIsn^K15h?w~;*qdNh
zzrasw$`Ke1W1TdZ@0a0u-&Hz;wc7vQj;fN9Whq}8w$)py3bbEX&jud7Ru~{I!E&wn
z?0%iB-;k`M_03|j9wU16&YXtdJc#!Io&nOhDE@`6bRfcVFowo%5YA%pWCWftMVKKp
zAb~;ef>;_7Y`_vnNih?EWcexfoHy_ey8Wv0L9&1qFBLfhx3I)9QqL~L1G;BI#ic{C
z4N!56^yL|Wf%;EYz@Zl9vk5Fu2W(;W=}6}df|P{&jdT}^%E}pLXhNBsm?Dyw1)PkD
zbhqQ+)`5dFRCyUv2;aG%Kn!IV8AQIKfCWP9kCj&R6_&avuPT!Q(NJr}&3Ld2Oy)a6
z!eRMphTg_`$G8T#iX&Xj7{XNvCUKsj_?HRbIO?m8f|^itlO3=nEHogLc0~c5_IOZY
zCM1CbLJ+BJmytG+?hRVIhuf+(7)Y=*4@kMna%5A4rkD9PSpCtkWV$bHYmq^#-WpEY
z1=s3iYm=8c7mEJ6lV=cmL+^swFJt^j{z^lkwBOr_q13!T54(O$&Sv~#j~8Y;jeb<z
zW;z{@`06_1vT70iK#jw-S1pr$971x2dqYd4VL?8h;G_>ndt4qjG4QcntR0UCmT5%^
zoYR}dg64DoQdfQc4J0o|dCbJq-v~y42JOmMf0PxuUTuPSk4Zmj)<Nt5%{rVjRy_9z
zUovXsA@<A%8IL$AWp1BiKYm>O(EeTIoV{aC-2OE<R5_Bn(QaT5pDs~#8Vx&jSWqox
zVcco>Eo4Y+r8dY_CLvqP`gamEAXDNWU`V1#9*E{rI`nan4wctTsZBp4^KWbPA+<x_
zcj!ad4nAlLf^~QV>tG##_eCdQ*vLT`kWZ}=JAVe+FYMtvQ5*IM=~DF=iuejrm9M^$
z4h5{?iqA3#g6qLOgS}g^=ywE8w}9KfV-~D2cOwS+<=W6Z2<clkJ)2}BVT<&nA$m%n
zca4r90OtrI#J1kd)AX+I(*Q~B$yvx6j}IX!Qbquz&;pmPp$<G*JtzS@m`4zR!ei6f
z0_ke`xFFxqoAjz~Phoxr_M)JcBi3C&?K5nWdR~&7Gv7s+*0InIjp{75{z2ViomY#7
z3%21=tiDMZny^ldg;2W!7V^)%C#02l3^@BVkArb=^(j!s>x7(d%8;s~%hhpxrJ{5^
zjQ|m(auC)W>Her-2vo8ACy9qfl~A234HE3|n4xz8T<A!!cV<DrrD)fOgcS$~97$M(
zKQ3)Q)*mu*IIo&A9#o%}jIJk$uB5)_b^~-in2@^%w^HiaJ?lF!fK~>}few?<H9$Ld
z7kjxxM3?DDsc#Qym`5w~G@#P?upA6u?*Iziqwhs~f!;r+z>$F8G2Z`(tsJmxegl4C
z%B?fTQ=}IN(|FJ@0F`ZX4K~qLycP->e;>J`t5<;v`&chsO(pol6YV3d^K2dgMVv1`
zLb*{-&Y*RSv)N)P!su=^4FxI?2MGUt+d&Wh!5UhePVi7Pq6G%C_r5|X+WH~W3g`hg
z>jNbLO93xmDpwLQNJ$XFCJm93)=sc){Kujt%+uRt3q->$7hrvc&HX+v#$uqz?{kFr
zzHc4a{tN%5(Kzq0VG4$M92IUYcXXI>@(YjqH`CKI<9)An?D1Q$Ks)a7_5D@XUYIFe
z30kzC;r0eF8U=q@E;kt@P_CZZ0L2Z00h$$&nfTp&^CeB2L=kkrVGVU#8cL5b0aX0S
zT*Cyc!{+=S7GoWl1Yo@|6N|=#agdw%WwsNwK202HosJa}<#5YU{8o4c=ZCWo2nKON
z@XYXYt0zyx{k)#QZSR@4_w^2a<a+ui`EAhlv3=E2y<q#3Eqj7gbRWDW`F}#*(*H;Q
IQNDfnU$c;8ivR!s

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/btfs_container_layer.jpg b/docs/userguide/storagedriver/images/btfs_container_layer.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..752bf7b5ba33d06572325521d0d768b03d32eac7
GIT binary patch
literal 67433
zcmbTe2|SeF`!{||$Wjwg$ucTYNg`6V(JBe;Dlrv8l2jOsxh<biLJ>+BrP9WfHS3Tq
zNmIz!$5LdUv5r}va}Ry`et*yZdA<J6qrB#xnRB0WZRa}I`?{_hzlGloEkAU?`~V~*
zBm|uY{~&%3bZtM*^%4YGT0)y42wDP(3TZ=&z?B5}JtZsziGWuj@OxfZSn!HmLr0g-
zUn6ghN<)jm3%FcXaa88-H8RfZx|7q@8!jF<!S|u55cEEp-wy4C76}O<{}+CQMTC(b
z(Z!2}MZ`qK#E{=5;*#P^mPjlS6O&jfAt5ORe#FF=p_WQ5L#~lYklT^Fz<;SFVoQ(_
z|93z9GDv!fkk_JiVWD-<B55IEX(4_kga(v~0Qn#yTKExKB)nKe6p$n#2?pdY2jmM2
zF9O7hEC!4V1%U6N#nK`&YqfWat~h!@Y@Mg9PSE`)OV;msUoLm-J6(1A#p}W15-V4&
zmS3|$O?~60&ANI!^mpzu*t>840kebVhmM~(dCKPWnX?X#PM4frTrc0a>E-Q%^Ysh)
z=T>M~`0YC}u@B<n6COTFe46&``HS?IuU=<m=j7()e<&#YSW#J3UGu5-b3<d(k7jC1
zYg<om-_KwD1HT7{7!#9I(=)ToITpf~5F|X$*1w$n55A-UUyFba7K<T#2`%ygzrxas
zMb>JI%IrQWcENMSI-Q^;vU~17d0#HRe)}=H+{NqPC045H_H1AvtO+>#|HoMH{}X5b
zGWM6RHb@GX=pt!hX$S*xIZq#JS87h_O=8M1!S-?tR5?vzXjPk$k57Kv$(+f0)rsu-
z^#`6mOy<Oxb9jMJfZl$b2WLAqn8AlsBt6(%Ek3l02T!T+C?=A8=m~+w<3pC?JQ|e`
zHS44*{}K$R1yBANp3lZwQ#uwA=@fg(^*qy+d}x-1<!P~IhRbz@#%|h#Mz;=^`|_dt
zf|)G%P!&x41QEb!VV>y@nqV-8_f}}^giR<B427q(+W8P|u!Ik_v%qZ=Av1n-EOtad
z+rnak!El8!P76H&<?|tO10Q0*14=lx1fKkGxg#I?M0V#xuoEBZB~#K(A>+??=oF?i
zS)}hTh3%Y)GjLBz@halns!={PKGnsCz$@|PoGCJ##&jl$@S$&u5CK?>@~DlIvlU`9
zzI1!cPa$OT=U{R^^wofV5SrbrQ30mnfT<wcX+D&a1?a&xlC1(&xL^T3WGV^IOLmm!
zyG0-sK2%}E)WS^6GYd1xlT3U%XFDyJ5B(PMK&GGJLvDj}?4H2?rY4;;lR)E=NrX<E
zDw<9qNU8&txbVQ+Qt~)##Wj%lLrw8YF;1X6d3=h@!On4NG5^Ub4SWQ6`@<+%z-ap)
zMmfYssFBI;Y(BINp<AEKhOu=m_x{ig#Lf#`DbSn-%V+SDtU&jOHWzfy;W-BSC(HGu
z1I^jPKe744e8~8PKo`7Vlt9N&-XE=5^P!`20v;>a$jrCc|FI+)VUQ1{ijcXy1U__!
z5A6c${cq}@5U8K}N`ntcO?ManQU4`@hA2N}g*#r7mhz!cU`Sj@6VY`k4N>)zxsbnW
zY6;kE-z=CNsK=PO1yLuk!OVY`77<7>A4t3tGmrxWJ3UH$rJ_8ru!qX|&^<sZcYZwP
z-U-2)h`|UnI!{jDB=oOvFhDqnAlQ5;AK1<M&A_M;tC%-xHk>;(N=sK+j=KJ|SRb)$
z-24KFEF$>O&f%u-faBSDjs;7AN&IOXIwV$b)Lwr6JNVNgfo8$Z11xjJfuZ96%jUT-
z*WoYMIAnQ&c97*c+_FvcLWMtx3U-2Enk298L}=DPqrz-tx;qO|@q#+B0~1058AZ=Q
z?J#W+F>Ka5v4Zc|UCf#u{V@EBfS$;`=8ZPiCDD~_C){+8A5w7Ze3~`E34Rv5#K^nv
z7fUBlV&hZrOA;z&x;<gC`>ZQ9A}^MEiD!5j9$c$qsXms*tIu_REf*+!L%VyK`S1@@
zW7ZvdIig9@jKEUbxuo=g@zCRJu*HCf_}A8ehfsz5;}FaAM=VpwgUa)(LtGNrIFP`M
zYdC?LESTbo5Iz?pFnPo)EjTb<{k#+_epw^lB;>CXgsmwwsegyVQ-9qOwvMzokSExv
z`w`pL;zM%08;z-{h*r1%(dyDX%rIh5V5edc&ojUi4A!6b#(yke9Jt57%Hc!m{eTXV
z2yrgZ7V((@h|lENR|cYPEEtS4&xt+n)R8ssZ4?;fY4n6p-XPeM^Dc}+I`+pA2s|Dc
zNX6d*kqYs<fXyJlrUEicJ{$hKU4cJc7!JJEi&;M8F+Arl^G0BFWENx#(^_FBX)+}#
z$aLY<SU6-58KeV?r!t1j=WPqwu!#9O34FxDenn?fgKIct?tiyyO+PTLzqVTn{52QW
zy7Ce+b_Kz@z!d-8YNbS?mFY$dAQEx<Ot6g?P6@wxwIW-5-q?qMC>EApglZMYIG;5)
zKbir2)7OR50GxTUT*MP0{+AEEbrMMDkMI#@iPx6=AqMy%u=D<N%M7{9y8~pquzVYU
zV=3XmD$swOO$+BCI0S$Kq$ax&LH^fi7>JlJaEtbm6kw^qy8}-afWcgo@`1Alf}0z#
z%zN#356~vs>~~^-i?i><sRbIh-2o@nrMaI4;53p{jWJh^!4aw+bw+GoarKdEiutTw
z+Yw=BK6Hc+jU_VBt>e6d`XSrFsbyhBp00u^e8_g(|0W+ALUSAK*Rze`T2bIggWL^Z
z>IOc9;o?W3A+_c!qq(;J@>-e><U+G}$xDw;`F>y0_4%JMr(<<7Vj`gj)z{U4GY6AC
zSYt|%Vm@cgo}$yLJ=)gK#5CO0z{>q5Lsv3P(5~JwhlkcQ%XgPBj5{{$R=zC0_O8@&
zTdR%NmTCOpz-<2^Y5YFs^K|AZbl967kI+J^e<pE{tCUp&wp#{RoY34B^lTp-W2hEv
z_geqc?9o&enJJ;E0c2s)Fy;7>%Zbl3!(MdQ)9h?PoOqzo+S7C6osH55&Lp=Boe+w#
zf@-cpOn);z6r7KXJ<CnTpXpUXe>6cch!Mq`7#jPTzOn`@b9H`~s<<C+eRx%KAW>WO
z^r|~=v(~%g+T#^Gn|SRurP|DLI=087j1S4%GH+Nj(rc_`)Dn7avCF#ZJuip`Io1cf
z);)Ikw#NFlD!GC!A^pYG*LI&rk$Tqk%EcI&D~79{vOoDCDs^hT63d}|TtoEurwcR=
zaNg7nu*ow9$6kgR$57K~w-`Ov=Fvv1Xj6J1J*<C9GF|*;$(Hq6F+=vcS7NX7p`ut-
zos=|mPx@#CWABU&6K2%a9K&HMO4l(hyZKP0A7{<4U$k)bH3KdEO+CTpTT-QU*BN@~
zS=Fi@>p8tSbJaDm-zm@Ep85Ss(%$}TYer?QyLgJzT}zE5RkxyXLq#Y}l@1vRyKGWn
zBo`AsCMiI|SWUvWHMhvs<IIiG6*Tb<o%$YZkbx$p3MH*{E0(>-DY5QgWYN`qYa&01
z-Mbk1f&HVKMH{tY*v=#~$Ri$o$u=KN6zIf?=y00Mg{G;Mjm3M7SXpf*v9BKEa+e%7
zUm^drU27~kUMJ|FLrx&-d)Y3a+JVNY8Hj=?d4T?_R5gMpal7wTseB9G1&!jUgN-!z
zl9`8*s`B9$>2p+jn=KE!y1ssBM9TI(@N;a!h_-Ft?#`GKEVvximfh<-D$R(sE2NWx
z@o4prSSj3RcDavV+)ROy!Sv5&orhb;&j;?gFtNVC=I((BamDr9RC-*5e>WdEP$9bX
zw;#~bBy}u(-qJ@<{T`eZlRSwF`axuejN>DP8g5-Hn8H1yZnn(G4ExSP`-t?Sl9U?D
zceg_?-S3m27(Kit`*f4{XVNpgJTStNp%jB3M*Gu;)?fm2-HNbbtn{cY>h#RCmv(Kg
zji)O!SyxkMS28Xhm=rR<xZ#|c*5_weRnT5Oh$N`f1Fv4Q4v?HlE!;QOMY*N9llEwX
zHm5}Gb=qc@b@vO-9J=46(;aAfbi$o7N@iH>1`A$i#`dY-HB#uYmKsj%zvblBZMnki
z$EBvRs~&o?Q5ur|PrpAEPaN`x<JS$zg=;<_Y0$Mk!r^=<Yt?8Zy{-rQ(Os*;M71dg
z6QpeQ1asTVbwrnxyVS+Fek5Y?b))PKtA>DY+Wpzv<yN0ZeH%+dta@@VrY_2V05bsI
zV2kEPpYUiz1+vR{G#|>=90&xCN0jNXn;G<s`P|67r~dj_|DM8>I9+e5XU@Ay^Mj73
zc8optN$}VvwNc5Z64kz<FTE-{44w0UCrMAJ;6o^!M~?+Fp`tl)CM~0r54qZRw6yz1
z810~c{9NR4^=+Tdt&gMVZDQ>)2fi!n#Pu27_2j`{w=K1_J)8Y4qrq*s&UUq9oQnBY
zwbOAwz1zYimrHI}dR<VfE}WFe>Ek{myLiYEz&eX~B22j{_?F4456s6spNg$Ldr2#B
z5jJ)!Y>HzH_u20C+H&>yi4QieNrtLt#4Z+SMnA#04nFRqjkeN#dhUAW_TQ(^i1W7K
z61()pzQlAqwp`P3_qzRrdHRuS;_r{QKtj{vK(Fb*8|SAhK~N_Trp!^U#51k;0>x!9
zpR#AvnYoPM;eAXu?sNL2*_zw*!)r=<hgnN0#9xm!?d6~BU2$s{ZFO7aHoLk>eVFaV
zYxIkM^onzwd3@>J9W&YZB@9%gjg5Kd)zlO<x7{)%Xe*j95-OFJP7e$?cO8Wv03Z=F
zK<c!jA-W<S7G;|CU`9y{;D{@t|0z|VmMSoJxKYAs%hZeLYx5XOtA2f9WhST9c*mbj
zxp)%oddosw#d%5DD_RA>3K8V)cWqlE=(81s9gQ55w)B69JsT)h@Cu_F=v-Irt9K+d
zmeh1^r+8nzXvoO1J!rM;AjHPV13O{yil^5e8g+kmeqeQt^<<5Qm4U<@>Ij!)vKi-4
zeab|LS<)RX%Dn1v#{@<7!Ys9C+MX*Q?^v~C$3@?_9*e)#u)j+M#k*X;m3AQqA7{-I
zf5W!Ed^Rk!RG6dop|STv{^J?{??yMazSpcMY06Fr{qphi0g1Q`b+I2}2V+c4YA9%g
zhLSAvCf<V8GOR1e%uSfe@u<?3Tw)L1tb!)mflKQP4I;VeMB1MHkk^REa39}TytXwh
z@>kqyi`kQVS84=98(cXuKzpeiE5>Ma1x6P4xX1Y)ykWPsB5t%)-rksW+o|M-yWY+C
z-XEE1(VtF7-Y?9<1!s$U-}?!9zZ2^?jVOe}Q`82=FwA1#r*DnrLn1k0m9V_#XwInm
zNBu78$2F1N*pU`3(ldsOB;n@F52O1YGalJ*dy=a9=YkbWM_UigU|ZptRw^HI!L<3;
zC`*)P)6utj=%LSFy4F<W`^7a8wrShe|Jwah!TI(Df5W);bw-EFkM_+)C<O}tE`NI_
z*>Ujc1eLw}{3^A^uUMmfwl1;GT`i~GJMTI=WUhQWupTiNEVYC95I+9`8%2~a)x+Ps
z_jZP$K_&M{(%-h{Yt1N!H`qQ}KGklLN}c#ABk!$vZ#&j{8ChUy_OcKVIhccT%Md0`
z@&Zg4?d`~WUVaw_ar`DF6Q)A*GPvgr-qN@pjZwjO!B{3C>833B2yuwBssd@jBx7>}
z^duObxriv3mMUbm;EHAgrFdB6v*}WX;LM#IjzJB8p#wBkKmw1Lt|SB*z(iylPW7d#
zAfI87`M^@+tjVT(0D)l!I8jUqNLX+p{q!jl^FY>0?-CQ7P!sH$z2NQKbnOvgG8y@Z
zi;n|La52{Bt-(O+#+DVB0T62r11r~s5N`Momw>zx`1QuA@jz%7vI=q~)QE^-a&R_q
zSx7q|h7Va6I|B*96jG-+1tEO;YhyklA!7PF6-81NkvU1HaU<7Yc=7u|N{4IUNxV#w
zW9Go$jr91CgB9?)&));~LF`zZIP)6X`1B5>QG>_up$#{Bt+}D@@KmcaaFD3?Hc?D}
z-l2iYOyY!mE+1;NBLe?DJ*y)86c7i3MiLOmcL8}o7lBHAh?0*8Z3Y@e*q^FBFZ@y<
zE0*K?XbO-SxVz9nOdxa~xl^E4%nKn1B`}`J!9Z*5B+s8$`V&GJW&(MrfZOZ%PzKBM
z8zfAcW5Ls8D+3590)*DAtb_A2#G9kQeTX<9L*zzY0AX;!cJhRk$O7YeD23dFOpU0M
zOezos^8IT=3u_!r0W(f>{T=TKry_(?r$=KBPXb^;oa7P)7mQ{0@Ody7FF^YPg!Y+N
zO@+L`#<0}VgUB}RW3lfoLrlRWxn$?>jgT-{lkE*`Da{Dn2{v)eiuqA73&wv=1TqA0
zi3m)BT6P@KB~bnN0_jBDyy#+Ss*spqy}6$u;8ly4KUlNd6d60g1<N3e!K4BeF(3>8
z6Yc$CZVE(BJSQR$&v4+Yq-aD=>0J;e0a=6VQT%5}+;;HA9OwFO@G=Oby<GUu3Z_=X
z0RW$<T;CxVM6DpmK86@EWjGL8#)p8LBqY;?1X~r@XcSE#3F~5?S%ffPA~C6AFbu}C
z<~A=QBBN8vl7UX9xW+-^KrHii=$8m>4??I0dL<cKnt^Sg91DM-0loZS`IN~xAOgo&
zF&7z9m=lj*80GQI0DaS?bdmAabe?5n89bwP8Xh$AYPVUz)`e>eagw~MVH8(As^~Iw
zWggdHF&wSZA33yEo4p0!uJknJw!@NDYL8uYKdv6j-2ZM{_19L3w`?JYdqR};5LXDp
z3gbgJso^{dc4Bw2JRdr5Va=5#Tf@|jZ(?$6G_URreeaAm9e~VeSuXKx6G^uylyT*4
zm!n@^8o`lx>^iO^%i4%(gnxEZUay}BWYv9NS(53%Rvn~C<d9e4S}%R)*t+%EqGjtf
zi`$9~lG6@s>8z-{5VtmT^?B)9dC{Fs(nSh{cZeXTxQ5-re+&b{e}4j(Z=dpaM^{Q_
za7-CBccwk$@Vmd8s9sLYOP|5yoWl;njuRIp6*sN1eU}~Sy_pk!?HMHLRf=ZH_b$CL
z1F~uAAYM1SlDI6SM*}N?+p7CP#+-M5SK*JVc4FGuwMt1Eu`zigxUXiph_S=x{`fCb
zBlKBrAYMPyjaB_bt$<{vmd(IeGGA@hipw(`-l&-x)k?rJXPxr*wAMLAEm7Fr>lMvZ
z9lO=5<XkzEPhL^Fp|%^N$oy=rfQv3q2}qwg^~#&-c5_|V1%2t={btI{-ne~FF%N$h
zq2JuDLAH><Ae6Ykw;-+sI7TD0nL|vGOq{wMv!Hie$@Vl+4u6W_UO&}L?+AEpXs6t{
zvhHvWEpTUU_`%O<i!2_AseM3)66uHRR`p~S(Z8fu@}b*_`L}pW-H7cb67(NaGtO4u
zkAF^Cd*zJEnXA(4ljD?~y(2|`>{QMFftV`dS#dS<dkI@8G|>ed=;Al@{#btx;0Hej
zFhu)$ETeDNL}U<@%r(<zbXWC`biMZdDCFJz#v9*r<x-2hDZAk0u#pH`QvD+-vM~R4
zu@*z4S2U!@&cE^ouIL#3<lA_-b=BFVmhH9ux}v|<##?t8iEoTd8i15C7W}~amKDh6
zM`Hd|)PpG?RP~C0^%aF`@r4QDi4C-hL{doco+rK0ycL>jc(%9elV^UQ8RNR+sxmcs
z2S1%xkecqo?VZ6eL?6-H?dfnhPZxiHQ4=~Hz3d$BQWxb^UZaEC619lh$-D1t%~YvN
z!d!e;ha|;qIbd9YoMFi6BIbddbF9`aLX)IQOzZkn4D@ZXv(}Qf9DS@L5A`MS>l@>a
z;hBs>lU7-_?(4QM?+J`IEAVE&o?&#~NNfU*l#McHB=pS?8HT%=$$jIYr8<p9J9sNY
zhe3Gl5Tl;sAA5~=#b(>*813sj;^hzQcdEEl(k?hc2dHE7%D|YKnz)DY#1ncv#Bs;F
zr^AAcZ2C~bSo|vg@6RviS-biAyxLC?YLXcr-S#O)ua3a@DY1H2$A@m^z6x^I%CH`C
zD0*eF#>!W3%$*tV$>v=5L(bB3c{-P`&28U;*}CKD-Ar!HuG;mgepJ9VNGgnhtPZjR
zcm9UNzS893?v#5R2PXO%etT@Mb5ssCY=$S7NB7QndUkiZ<+37YDYxbK6a8J4B|~@T
z)QKOD`~bb~vz|G{P0A%f_&v<pK9uYhZv#s7^ve<5Te(GN+AZlb$yYRWKUF66?paz@
zA)I7fTf1}D>=g#$Zu!s~)i4r%;dEf9qP08WaxEiFABAc4oO!>GtcX9{RP57TO&6(t
z^6GhH+>aMAjq-V~a`MB?uWe}Qy7}a>_FbWPxs@Qtx40(HWCKI3sFxCfmN9}!xU`<>
z@e2QlddHU3{Km{P3izYD7kj>alM~ZoSQpb?dW7(#1}$*theg53$c63w?g>q%m!X*I
zRz$i*uURl>|7-jK=52-uVfF7xmlUaY4A~iySlGqHoxO?sT`ojf+&+AC%jL<U2bN`u
zF%^bAHXIpe0430iId1eX5pUhP(9B<37(;nJjW5?&-X$4@SZ6sN`Mz6`>LXLVYxBgw
z%SEM0f26+=xe%PrsAPg7A1XH*<rw!ejdu5G-KH%!**LsL9|%gjXP77*a7!#~WUTMt
zn6h48@P_!_eUWnMkNxG&U6Wi%dCU`!eg2yTSD=~uc&hk)^sVpd)bgVoBVP0O6w2t?
z{<}}LI=-p}eOHy)leOjjW}~aNSGV6{x&5(1aEJkAGztY8iOqn}Ef~kNopF!t9&FH~
zET@sm-GxunXJWJx)%Cv(9p9~+b#9yK;qdcEo?lyX(bh*H?K`GB*?#3Wo*Yj9qxNvA
zioe!kjv0L0J61dFYsy@%<eTwqa&5G#`Ssz6o|)9S><`hYzy)z(>~&~6Fo%2u2tjmm
zDCWH}wTurb+FN!L?+}dWw4mvwetnfb%96oKCIR}RHrpRZJd1L5Pwd~Q_NcQ>^&aHp
z{`|U#Ct3-<K$f@geaqPcj;>0S9B#bVCiJG=^~Rq1&{9@Faza>U?#{c1DL3Q_Ep<IN
z&8>94_PRv=-SjkeemAtM(&1eFD!1_<boQ!BSkX0aCf_e1#7OJaaNfIfV-uI+n;Xu2
zN4qY~$vLmM-1A#VWa>)T854Zgd8D0=Dkq|*+(%z9^$+AWT<~U3&K-T7lhKj=!CC#)
zC1c*WGiTn-T9<sm%P>l6Drv!`OBs4Ux7l{#qIbXh;e1DN&eLe-`{&OEwQZ93wx?)Q
znT1GnfrMW3(cds@wpMJ8hy6dngZUU{%$znKhL$c$M$Q(%+i>@$KT%8|3djaCzzXPl
zg1l0v$77c9kXVNg#r%zs(gpFT^?3v<BY0JH-aZ3rwFR(XfC?=@8miFlPvFQ!!l8`W
zs4g&E06tP+!P!!<8A1ULC<8I+z`F(jjDRfhi{-z_3%Q4eID8};6S)2~f$f1~@NekF
z5gbv&0U$mQ1PCCi6QBqVYvP4q1x%Fp!#?CbfIF5W!Sfu5!H5HZWds8FC5j8qSuPUb
zjgJHOPD{r_LZ3NjdmAg@8C~G~ShlMKVZCtMn<|1PTtf^ckGO)m)Kr$%B#+>6Id##U
zjj4-@eSi<2urUE*Xt_j1Gq+>`nG%w5q>CgaAWlvk<u-O^^<Nk<_|?>4t3VdS!|`In
zNR&b9{2Rav2<Ahl{=kC?!}G`ih~bez0E!3<OHFyU8hns2kJBKbpNNk{f>&WhB+Ld;
zU#-KuIaR1W8u)`cAe5M3C;#L&F39VOs38*L1Z+cQ0}dwO696}YEr$fGYy@3`?^*wW
zGDl-f1rz}C%ng*0eSt)}vsMc>GR^x9CIFwt3quP*e9|_c3P8U7oXS@e_{s!85D1J&
zpC>*Q0y!`Q?)9anB0+ip*zf<E)wqE43EUCr1~81dS%46Fz{M21<`)<W^o2w21-hL6
z8Mt65z+TCJFb4@)j+U+@f}Te{DniKcNp3*xg0Qd2A|G&gA0!Ylz}CeOyailwO&H%0
ziSh!j@1_aTLM#F9AR<(%Kz$r82AIk_^*J8Qg@G;}fmsCjaNyP2VL)H{APs_)=J%G#
z2MI)$hz%D138{Sj7iK>JA!Y}{JM0E)WPN~+k&z(dyI8;&Vwi}mzz6~01Y<#IYq(4d
z5izogQVAImH?jp@B6o0D0l&vFeGMM73Ug=#Q~h#OM>wNode`{WC()+s$-rpdAZ)B6
zUn0)wTLY1_lw9CL&lptqbJiokw$%o^wb-lPVy03IMqdhL^P!jUtR*gbWSUY2i-6H9
z8~M<Ft@&-y4zze=p|Udh|4~_iycev12sDKTgk&E2*XjIxg|PDnas4;bUx5|PBHRxF
zwIc`s5=KlHL}GX(X&_*<?++;WBWdzY2pNu;*iFROr4NpX3zqOMQv;uKz!?s}7I6~T
ziy-}g7zzT)fMZxd!GDD4_)h2#jJ6O%tO$6*vE&7XE=&%@2n8bC0rCX<bKXlWxXpoA
zY3T?hz)T=9pxXel^?4Mch{2eequ>Rk2pm=$Pa?WOz&ikg0tn1T93f13@fW<Whz2(U
z1Gx?@3qx!J+52c<vI2ZP4(4TbB1n4_VR)cjRX`C~_mS$t-uVmOt<vVRN_oNy&bd+O
zF0w2W<OakLV@Fnzaz>0>FeMPu!l`TM4-<j&88iO|Hpeh)rdItp6S<R1_zek)0wC`&
z9tpyd{g_{9tP*)71s9Ue4cUs=EvT-k3j{dD?$QV8J2^h|AOH_^nC08Mj6AdS1ELI&
zoVW>RVbNJ(A1Uk=IWTu^*x>jets`otzh6V)j9TKp(A7t3*B5+z8WdwbCCu`d=;lL?
z#5r9)bc;Nr?$U`F{)hrefsxH&qi^6HkJ%u&NfdMW$*V{f-ZUV!BcCwz1+#)0<6Y4>
z6X#$(mx%R$ALp0yHR-jtCAa1aTAtkfqH8nbK#?aZFs5ejw~P1VyLdxQcJ|nppJW!_
z$WpzUy1f3b<K25WEYkzNdj_=be8zBAoPimn$)G`dvmEu$#hdA3&*j+7=vxzox<4=u
z^0semJjOB0Dm`~Nok}C-#gO-nBy{)<aP;%5wOER2Kw6q$E3N@uAG&abKmH=<M_QQk
z^@M>2Jngduh<G_4Dmx0IY*4|){F=?CVtPtSwc&5S&^+-gWF~cvBZ8)Pkyn#{--re=
zZXTB7#+e+t@$=?UUgj_2WG|X2fg0u1@!+~~=S;yW6i(Dp0LSBj!AHVLsNH59ebWD=
zNAExHN3+Tw0doxi+aF;aJGILUM1F2sJUyN#xH-QXkoieKPYHQ2A%Cv7IO-1OM@Kdf
z4>I>cdw8@jV3(2UYV(|Lfj<oZ+TRLjx3c~ZVal`$g!x<J)9*B{T^(ki5<{0ox6dU2
zqfg*1rkn%y<r!vG^xXd@I?lxfrV<gR_)wA`_5OD=R#7}m35UBkV)7@ofB|Zi5YO?x
zkm<*k+8$%15PSGgxaVL)`{iuSjJ#Y|R4b3N{oc#$nwTQ_cSTeMbNO>O*_x%t|0ZS#
z`pnyRaD=&pPzzuAgCl!lQ2iP+!XIspVVTDdeYhWCX`G~Ei0*Y*69Z!gN5uM#JYst2
zdag|sTTdEx-n6v!uq8gbcF8lmy5W`e^0_2U=jN|$Zgm()5Fv?5<G}fY7#uvvNd!{B
zf|GA@c$To5eLRi{ys&bL0v~#x4y51Ef_NgsfY-$~y%dfw(~Vahi3WXKz=S~5v6GT}
zL}<V45g~iSp7A*iq6~RtyBi;RQHPmqXOWP^CX6IDiEOE}d}uI>0_2;tO>DowH-Jb(
zk+ynh^0zYT$F$^WLZg?1lkt~r_pFl!6?90769;w<#M0Dq-t%A#5{w)_&4;A*QDG@6
z?cTbxy!wLnn`a)JC2o4JX49{L+jTTWRP>t2@n&-!=VxbX@CwZR46PdMVqGrw1oMfP
za|VuR`L5~W@tz1>UZwN?_|x9YjlPUYb2yo0ep5p>Gk8W>DSaxe_xblQ%g9wHB6!m6
z7-rJDxJM6@E-8K5b7ALd^;dc=1d7^Tx>#A4_shheG<tN4N7MaI>Jg7@vqu#>m+j?_
zyjwi>^HPz-P)2x6QjCSqjKg3%i*_S1N_nfadr3lD0tp^=k5-77@nuZxC28Q#7W(Q*
z!I#LK_1=5g>a$P2ig9v36UGN-Jc_rQYmJQeQS-jV5w>)yCKBKrB2W6wdTs{0vts?~
z2<cu-Y`(EutIJznt_iS2q3Cpv!Qle<RG1GR3bFuV&d4(YKGvD0s0WPC5iPehUdde5
zZY!E;_7?Pp9IoH!biVUa+vC`Q;UdreH=Vq%#N}$=bsytOwe0r#I;&>*d-0(q^%1a(
zhQR~7f83)l1{c^D)c)2Ul|4HBY6i=cg6mkcYph~JGDiYCz;%EB^9DzV@it{WH8ZyN
zR+As$iB#>2R`?^vh1R;YWrFsF-FQX5hv{CUcVK+xIx|fF)?4>=%yO?~=^mb2@(sc`
z>sM~Mn&zHzj&Nq~_ysASWwt(;n>M*e&6?9&;cjg{w3cg+dILPvbDncdJsnkT-OII_
zHc>lg_N>#^LN4VoH^^oG-Hg>I66&i5cVH;FAFhlVd7jDQeZ@$lKQ3=2Rcqw@h#Bn<
zu;58Y$T<F!Dv64lJ<#0IUh~DmA=lqYcFSQZNaF|Aa6*RY0a%`h)}&DqM}(2UQOm-@
zAHRIy)wms(8H8I_K0Jeu494n@6T5h`9@ahVR0mDi85QnOUVo9c`s(9TZtu4>k$YCZ
z|NL?N<_i<=v*Xv!PWLH^Q}O^WmkPBwqL^QxmfB=OS~d=9oe98QRNOR5)Cw%sv6eqg
z)32<HZ_pg=i|RYfE6-UpbTY!tqMtk6sXo3VN_0__$R%6CSM>5;dfbmB;_9t0eyA1P
zIjx6c?jNxkVQhYfD^A_9W8%b^QRD~3751(B(PxOjn+MjU*YVIV1MH1y2w%Xt{r1%)
zmtoeJ^(L<zv%XC|=9;%{PvWhx8Ie?8)BW9(syf`?`7z5@+^SI;HlfViVBSK7c^SGA
zwCpTj+F7h<?SemQUnF1Hzs1hz{X{AKgj0cCvA_RG*?>y{2|Qu+1Rn|;Lfb6ZB4us#
z41rNN#6v$S-DIct;<2pxYg>@eGj`@fD?)89`DisO{YG}!r=LmGd~Px)KrS?2k+?GR
z*@x1NH|NMbYqGE-Z!HSmm2CKoCt?nZ4vF~d$p&1WUy7I4VnR~>BT3saTpy2OZ-{A8
zAZT=MY<#fPnzyNLJvS5I&}u{&n8ihl|F%BnYBn<4N5WJt<wKHZhp#?+tDDP*{_&>p
zRDXU^T<%vNK0(Bs8)JVgxpT)PdwzS7JciwYVT|!1`X-n-T{>|09PcZ6`G$s^(+<o6
zuch@72R+6xJ@Q!|quU&%(ynT+Y*H|>PyIO|x}}aTTusSf2KNv)c5X;{E?fHo_`;8v
zOYr;7hq7Rg`ngBMRnXgS8%<9SZDf663oL}|{w}~?NuVxXeh0&r+*;Qw+qI@K<07(W
z(%f|$?0{8jU#y;9O^QzeTjr8N+^_r_v-@4F>5|pgair75K(E?^K6#U77eL&6{_M6!
zN5@6GjJ{lry-??VRY6sGC+Y0d=(iLAAIltgSbF(1&Ie}7k|{hzhGBGTMXzFtbbfYp
z-_j1hw?4-#w}K#INmYdWQ>P>MePJ)}cb7U$F50HV0VE)Vcf`AT;mIqut}=^n?G3Zw
zmE}~*JoMgD>OphQB22n=b7@6)rtkdA93NWx?LW<b+Qg3;Nl&Q3E-e*xOME_FtuX18
zy5I9n$K|8UW7XzM-|iTxheFnhe@^JUXWpl>!j2d`jU62q{XN@tqa&cOS~6NMO**Hj
z?^MUh>#|89LHAI?slv~gT&171Mfl5!gvZO?zuXam*L<rM_BD!y%`W|P7Sm^QWs`k(
zZ-GbHuntam_o^Mk&esav-z9b)zgWgQG-g^nDsf#qHqbD-<mBcX4adAox@xyZWbHd1
zw!!|S|Cy`poOV67KR7<Yfyyq&2ryU82CMnx1@T-Qz-=I+0vJpA_)DZ#)x+`^RvPE{
z*7Kor?Q>`z8Nmm!J3*v{6&!9yJNZz}v#uhAIhaMZVnT~%M;Zm_2=fOWy}8XzgnxD#
ziSeO}(_y^W8oOL*2Rx194U(j}De%t_(DGZBmy8*X0Sog=z1aZj{^>L0L!i;jnH!{u
znK}e&d)DVo4VTgW7Kx@2@Pl9(Of)!W&0v5EK7k6r-`vN)C1S&QJQQ85Y>f;bpvFNc
zb%fK&;pB9XwMN1V!}H5;B54?q8Ojq9N2WF5as%oifHDQ~fB$?jSpbDVQ8}edULdQ<
z!Q?VACXgss=k$Cfj)*NpBLHP!7GN5HSM!9BgaMc?`JK3+8Vca>3xHTailXB?7>B?+
zNcayD62R60fP4hxfzl|ACQuW$5V{Gf9f-!Jd4o-Y2x!}C0sKHvRx%RqAOcyaf=@Pu
zAQJ$TEDMfSL4%a6Lo~uE6-)psm;zw<6TlR>1{pX!`^N~dg$v;E{I-7qp0F4)h5~B4
z$XrMcWZpPDza2q%<AAcOgdreFfO`;hRy+GIw)!o!kV_+XA~kYeKq=!J0gdoswOWu+
z0=ON24^k#0AH|ND2{00{uwXoA9s!}aJ30c4$<`O_YiS4>)}XLo?8B2#(+BtfV`32X
zhzVd)0H)X0b9#1qoEl?lpw+6yv)tQr75;7ceUiwchfx_Ip;5~%*u{<JtpoUcjXn7!
zV5OTdP9bMob7Zxu&Z0*;=|k08t+q3XO=<7xc?pZ`S_jt{+IIeveS6>i6)#_HY`^~O
z<xY(<RS^>VD6gwj4fLxqdPmm`%s6q=@cJIFS`=LM>}(D-IJ|58@yINByV*;_aBA?O
zH;T$azx}}BGW*(t{hjl@E{YF%zv8W$+y1MDJuqy3h+`Pws=+$J^Ahwuf1?v`d2nv@
z24D^}jJ6FQ{h@B*<`N`X($X!J0!^z2?t06b#<ujx5wz^jg|_>oGkt7|visC27V_Tr
z$8-*|Y<B2mr|t1_D6~voZLm25cPzgCnXlLAo7497SNnJ1R9#xqM30^5?v7g0_j33s
zH4m>we-YP*4a#;+w2DJ2R!%ei?BTHHn}g5X_cZUE70W6RbM%mT_UII}eOdZ*uQstT
zBlS19kP4Hfu;}k~#y83=-kci>a%AI**o$M|zHHBXu}1rTet#_`U*ueuZpYK!aRr)t
zf}K6(ISDT9Y?^pvdEn5YhTQzlsm9mC{sf!3_&Y3%9{rDzT1V(2DUV4myj9yTcS)B}
zGwSn_z0{t`txY_5)qdRMgfsrUufwluA$dLjp7fw8!%mCtnGpSoPK_gt9IrHu%dE<K
zhn+i|KG?);5?&nHd(uWT_+T}zYX9Mhq+KP=a~|!E&&D#T6Xc<ph7^lq_|gfR{DAgD
zUu*f0jtN%Xh4S15_vT|_Sg==tZs(~VBjZmF{=_{D-JG@VQ<%#A&soIkl3>7bmkO8Y
zkx{Il?vi%)+s*cfQKxBRg9`yZ5*<qU@jkmIIOHwWrS@VB2XD6z%&azabg>shcy|%K
zG%9}$CS>i8?jQHexv5v5WaWBosB@qAoP29hpRn<D*Sej#Rwu=r>Ip+%H(|``3Hje1
z{?bqP*#LWYCO18{e-q!i1y4G=Mm^L+kLzspK3FsMa--_X4DE@uxJSXL<aZxBu323(
zq&6g~S74Trs+3SYBPmN8`srh@dLB+IM9UN(;}+rL)q2Kd0?JS6#{O*2zbYG2n`zbu
z0HI?sH?dT@YFWh7j~UN9qys!IopQT$he2I3_i?<;S*azq+9k?kbn~9%o%mBfa<h-Q
z@}ZxZ!v|zO2PCN<dseFOJGOJ@3-W}M^J}A3H7q@9n5I{~32Rk;@%yOWE?g4+`=_9|
z2izs=$aY4{;ok7?@Ce$24?RV2>vVxfJ+^(QYp01Jvor3b<A=Pc{%eMo8<ITK`$`@&
zNDUt1hnvZ$sYfd}U2>UfS#7pj;pe&yh6k?cSPQG(82mwyjMgw{!EeC!TXKiCu%pDD
zzNA(i<DE+A_!$``@F_%i-lH{6jRxYkmlJdQvwMlR4QB4rmU7N08tl`~Dp%Cb?LQMv
zQ}Nk%VyBRIJmp;9oe{Xl@3I-sHNO(W5dm@5&*&R-=o?sR+l^Jn61Fsy#4^)<*m;?J
zjdBZpqwJ#ZmP@aDksKKvfn^N#kl1T(!dy*|ZXmIye^PU8>M$}q-OH=I3zv<Dl^W$v
z;P*eTf8?GKc<*_W`>(s!vkxQFcFJqS2(6y>V7hc#^KN@ok~kvSVAVtl+kgyW;UF_k
zJtk)(2z8{$pQa@=0C?(2^TMz;kY&j9l@w5UZ~^ggWD{r{kLMf$v5_r?XP(C1v2bq%
zdk+%U2G((+kAQspEGLfkC*AHe-?g*eg11KhI8cf$Lj%M{SNPDJT5-)DCiSIOB}Lha
zj4}$)u)mzwpu5T4z28<ky)Bc<<>@Ou3GKLR;2awWJKKzq=^OdbL)hiW7zj7z;rqih
zkb?vLQcxu`o>4__taR5aD86;`O`59EokvZ3=1fghugc5ISNl&EeJvH@H6|uhqt>{c
zH694@%GjZ~bqr^7w8iA}>!{B%=aRM*pZ~{MUM%%%fJU#RB|1>AKflmI@>XN!VIQl0
zy*zjmW9`+~a-~<MS5Kq2^ltOImiuG#XNp;&{~Q2c59!R$rxUkktnwlq$eVuujZlB1
zy@U5PMJVQL)l|_LBmH#U9UkisHHW)9v`c#nJ$(7`=iMYnsvc@|ly246N8)I#=4s%B
zcq$Rm??Ftu^lAq!AdQFf_0JxF8!_b3<AbrxN92ndzPbVCdL((Y@S8K2ms<>Ia=}R>
zmY}ms80UMfJY4>(+W?WNY7@?rYy&5k7GZIXhfg;-S1&YKY2@sK_+dOxV*{Zn>oz!v
zM^_LWzrw!#%7!+^9=#Snl4apA^uB=H{e<Iq6YdLw>Sc5`_9LckEkTEwc8nRx5bkvk
z3!T;qTk3haZB=WgSKhl14eQ=Z`@Xk!b1&SxV{)ULkIx2iVcRO&a)PD{8O7U-cM0n=
zi{drXXZsqN4hQMwJ7_JIY5C#qTbyz}M0}o9>y-QQSn-pTtwZZw?JM=D#v)^T>XCxN
z(5|5_-?vHoJr%Eux+uOppDDKa(7T<+;l{)2z0p-D6i1fn^Ol)k<(H8Ois`7c#xu`f
zo{L$V6C`@3CD00*lAFt?KgVO(>o|^FvWY4#tT(L6-GKVhL}i8b(#%(KQ;ZtV9<I)b
z!aL25+O?kYp0X&FmhkY5xMOZf4D9GGhI2PHi0np@0!Ni)-{@9rF^+s5<3)JsI))Xo
zSJPon(<S!<+c$T#1-}<Nr~<F86LIQzXtpR2b9#%`lctdi1^M?c<$u^8uWujqR%Zz-
z<QR3pW>iS4k`{qggk4D^lt}FIV$=(~I@9L~Gs3hnM?Eh}`n9>k%deLn)~?98zcSDC
z+al=+3&&eEa(!@HNMHJ>Gvm$2lvUp@F)V}8Atp+UrfW>wDnB?>t)MA)?XDC?+mQUy
zFUxhcQ*XiEFZT9}b_GI&=QjF%m<Z4>>)T6_`0dyHYH3tPU&P$a`emKpTXQ8Jjy^BM
zHN8}kUMy33I_RJEyUH-jnLDU`&NY;F;U4QCjxWQeQdzv9k+<|TlT_7gvZOH2*3S8?
z<-t8)V{@!liq1uBIWK1S=3Z*ZFfHF9oDW^GZs9&2BULJ$iGHWNve`v==#a)levk7g
zx=$+-om2DCg|n6++$TZ|f?fQrWe1yC>9>vcKeyKGIO<Bh-cD;7Z2qL$*w%$Rl7=tX
zv+`uu0i6uE`#ENHu_qmKvN^|}UEYUj_2^j@u0>eiQk~*xK)id=H>d7krh{;QB%wS2
ze&?W}S@3&5M9BV*eZ+?(ip|*jal$<{QARetB-|YjVH$pYbMA{KJ(`khib`?9nW)wc
z*-g6NT_t>%XFbYKRa=gadHqa@b_OojC!leUE8uLgTO6}q(6FPd!@S?CrR-98wdmzJ
zx9g^wBQN3`^l_u>?&vPBm<(t*7o&4JrZUifTK1^vYJv&q&jwlXMEAIX+j^0heYs7!
zlJ08FwzdCQc>3JfT(wxj`i$!RxRZV{rlf5kl_CpwYgLdU^ixC_VpTNgH$k&;%pt3&
z(PJ8y@hdlFzs<pCTlb`86)u0f+b}G{m&%cw<sD4_NMmmyECGFyzjCi(vYXTCV-@GP
zg<(~jiuKV!k9&>C?QR)4d%kC2dK4S*<tnkk5(A9EdMKbRDr;TVz0VaYA?0$B4252k
zAbLnyV*VYY<8NI{(e$y9E3<`B&tZddcV`Ky?4tKVCs1eS#CYPyJ?Q1A7V3;mF(WLR
zW0^YK<`FV}47H@wt_saj%{z95t(tJ;^NU_{O-+#k5qWQUTf%h>6i<S|SUFj#Z1}BM
zq!%TOKiq60JGe%Uc2}>cUihPa+mHDCS9?ozI}M!kBja~IiL?A!dI5Uq9=4fciavoG
zpQ&RWr&siNgmK(^QQ`J08t|KXKRqSxYZ~)f(yU~s8eM-Nf7h3SyW?|0bH0Q1hE?P|
z>yPjv{K`hc`pY0QTCCvEZS0uZINhq}La2DTec*D1%9VpPZunQR6ZwjY1V@e}BR!m;
z%~9nBZz)}7j=DwA!};_CbTr#^88<rRe{*cO_`Wg2<6HYX+lYjChs)nAuGFz}?$<r6
zJypUM8ctEp<~}1k1?Zp2w_S2ml=<X&m$|R6NPXl$WWuprfA(YZ`!Xw|PR4LEDqWth
zb3L+g<CGBVQ8zhKS(+J5FQiqo#BS#(IhRvUkpfocI|nE>qZTc)x87xL`6f4CkyB*l
z8FJ2q%qHOF==o*F3cV>$7?|=r@-qDX>szKM(k9P{t+SIWR3`djcV7CUb9Wi+-4!=i
z+e2Q{fyEu~wF$f#y@a!yS}Mvpz~uJ&*E=7lJBMaY*WGy1wjtKe^;<@a_QCOKOwOJ!
z+e(jhosVBvgl4LT1&zXPWTqPVqn%+z%9ax5-d?RRtW0jb&;9}`e$zvb=eDC4@DDXJ
z?d4MRLZ?Et-%oU@?GZW-o|cIYqM<pf*cQx1XgQo%Wt(*b-q2Gwo-t%_rPoFI;8&%+
z%Z6}zEg)c_TT$9qonmHpTPvUD9H1IWdj)i(!+q?9vKTw=rCBv_u<Oi(tLghyGgk&o
z=AdK__SFY{OsN=jm#iwZxuf2+u2Ihzb2Qex&`slK?g#V4uU;n|q=L*_RZbl{`Ofsb
z=cm+V&NK1B&BHU-85|#KmTTTIoX1hyh!4Hn_1<1;Gi_MBc;#jt?_lw29gRm!Cq+-Z
zF1@Y&3w3#BoXh%0_tFkMm92;y5+9CA9r&=pkJ2W02@bU1X&bQB_<Hy6RlS;eeZH$e
zin}&k;)zr_rS6tWa*HBWi$1cG=@0h4&W|gOyf3-5E3Z$wN5?$6D;%?k+o5<ra96i-
z^xU-s;_uQ+=n3{O7Pq<#LA(=4J1TO)KvE9>7G9M=8VrP9pru(jsY3wG0XQv%qCh{x
z6U+IG36ff1H!L7(=bJu6#-Khsk`oQ`0mIyHlC*3y&g1kz@`(LAP_w`d=VhwTfZ#gz
zCLPU<XhyTFmAspvRzB2(VZSIgoACp2-qLOgd(m0=_j4BLh3+pY{5O|Uz(jSE*^AoX
z-_HQ43GX1KFtEyhm%#h-uK)~=&{TZ`q#ovG*{So55xjsKIZ6P^BaOF$S}bTZ*#ib}
zVC)T3AutUIR6aqkNtz-+;Gm7dADVBvwLUM!Kqi{{+AWN<FY^L+Igs(l7?5dTr_cBH
zf=*ea^g5^XZV5D>-$=i*2;_O@+gH*+yTL-W`A@0>{80|@C7>m6A#-y#-T;}C7m#&&
zzSR<2GZrXJLiht!XCjh106kZC5mM3z+o5Ez7*ZNXk|9WVOC}i~+z!6$0jU;Y!PviD
z=qjQ*7$iNTo@b5{%s0t?;fu`6VSyeH!6%@b3q%`Wd00x+5V-(N+V=pnNXIyOKE@Rh
zbdG~yccG8sO3aENupnp;Jm~jt;W|~+cNUo$;DT8zL4Ia(FtS>(Iwq_Og+=OIRHVV=
zKQ3#KHliXwkZA$qILO698+t%3v|y3}wG1+IBZ-qX(3j7Rr7Q;}kazAifbwB3&9Mf9
z*cyhafcM}@Y~n*3S<F#T7oMzC!i>m!3i?BYpK)UfxUsyIAY4rb`O?9~Xzb+ZEXc54
z-OGno2QgNVI6=>O4hWoK-+#s4;K|;I-vSD4hGxKMR}+Yh<N|p(UqT+^hzh^63d7j&
zfVUrM6tWWW0yTs26XYs%z2b-Q*~`QpI2NOe9w%mO&_F-r{zum1cc~2Lzz3!UL&2OO
z_jc1w)|K{@&i2daD$AbT*B()lPcY6tH!3H$srs3sT4rMQlvCrYjpkNsbjPBiFcHdY
z8;gy7pA5G3=U(V(PrnDAb=@$@O<JGyVDmQA6}nLM!PiG{v*+@fM#mj~<SrTCGHO!3
zc-T;UZGMZx#DjsgJGAZ6?#gJW-HF?iSn@QNX30I|_1e(h+A_EO+h7jmZr9fDc%4K|
z;_c~SJ7ry5^Jk60l_F+~bw<P#4qjS(^JjB)3HtyuX12U->#Y};&t~3!;aaHUGP`3Y
ze`1S4;F%2pV<E!#w>IqR@tesMz4P_7feikur2i<D{K&J~=1x{@Tl>_AhXupBvJt0^
z-^o*HRxmx9<61q+`y%S&aLM!TWYnYA6M%uo$BT>IZI8Is@1c&^9G7qZ@*(7M`h$U8
zj%}|$7+o+OJ)?W-PNZIrO(*S!{@JuH>+zABM>%$k6ZTRjN>~}Uh*X^i2G>erN7~J6
z?H*NcZ+~uBfmtzatXyN=;Gw0bx%XppK7(fYl>0s{_k+{5N{4&T-{0+?uD@~f7|zd9
z?{ltCI|;@be?EQZRr;5yQ*+)^6D<XdwCY)+Om4I+E*Lxk-mVvW!)GJ5@K%LVTI&I5
zW)b;}5sDA3Gl>`kSrdRRW0A)-yvs26>{SOU62rL2)Ay-sxCHvKET)#((tG>=fkIm5
z+ywiep5WZ8>agU(6D65`3-I^}<^Y{{{lR;g`0)f_n!1NJ#S*?3Dfl=f1;8f26($K>
zOW5FuP!!nyi1XNvYyyz`G$d<d4(`GNY(DS@n@1pC;4#v%1`N3-J(LfPxHe#>^0X#-
zR<!@ovbF(kxkv?n1jQTaWJ=#Pvzb9d!L@eGI6idYF_ydI4ETc|v?l20!Qi#IHXggm
zR{tb2I5);;ukqAs7h|M22dUcT#;*tU54fZSL~iy)6`XwM9kWwROkPnsupMz#AUE8y
zG`6q*gSC)bhO4JiM#CUgP5$S#+fpgVN4+ogm|itEl9GYLBhne9W6t#KRPLjJ>;i6*
z3A*-0yR~zAZBNOr4EO$ouQ5v^-#SSXg>Q(IX$Hk?4{CUS1-^(4Np!A$Wuj`!(O~+E
zRf;=pCx@rexvz)ZHw~+&tbiZF<m8&>LhHaRtOb30x%+E-+aZI;E~nJS#>7v#WL{z$
zc-*%moH}*oUR}A^`a8p$nt7@vXLJ!j>iac}jmB@J*HpWa!rMG5u!~xltm)(dhSZu3
zIerf^`<C@zdpx_X=kcx!<!X6b2@q3x_9N@XZT)|W4b`GEhRE%Ow_;BpIA21ZZ0H+3
zrnaro_xrQQl=>3cfpvvL8r%1VP+=!hXz4~~^lMzjF}hfY7fQ~}@3@O!RK|_8_Bvnq
ze8o~X-Mi19g-1zft3+u>X{;&--Y>r#4(pO@&M}tkv8mvq%@}GaH<QnPrR>QIRkHdP
zuO|NEh`2*t{^vQgHtE#Uz+HJv;~uk8hDams#(sU}Em;v(&ChqZ7M;wyts1q{c_+7b
zoyEFaR{~WpbWpV!>N7e_b4El(DY^k~L#LMU)-~eQ7q$J)V}(X~cq+$9yiUCXea7ds
z-Pw^TD(hKBvH&YkP<S+*_)jj|*ya$uE9}M4S?`!ck>^zz53bd^r>BWo?At8bA{V$$
z`_|%Xn+L-2LQk0a=e|uFA2)BzU20aLZ|(oAqr>)X%wTr0j_JgnN+<cJ@ds<q$z)bM
z(If4Le4~RveT5VP9(Cre&5tNHq?5}GR^3@MWJ?=$TPo4kMYrB;V6GCke4Fzb$E6{Y
z9#;m`vS24-%eW=?u^0JHTP5|I8*89ye3cz8?Q|iJVsUZ_qei48)wI4~ZT{^Qp1ZtV
z6$8%&jXXFa77sEIVT7f4^#IReEjkHAQ(^6u%`t<lSB+B|Zg76P1usv0hsqagj`^&$
zyxia#(GaH|JBd1rMt98--Oe40b93{8wG~e>*4;Yz-3&+z5`!f2_d~Kr_d^c2_MZL_
zhK6-^E<-f>#qg=Zfa%h7ce&BRFZb+hKWzy1l3J!3wg1#9#W#?d-he$wI0eI;rHq;?
z|7ayQ>=J_Fu(D3^2aAH~$23%1hrOlF=BEc63}n8(z9Xz`dNeAy#P1GN-b`4@^r*Bq
z`o=j5r~aNzQKf&;-@!WYO7E$0|0AWc{mE+|M1Fr8tScoOS-xsl)s@R<-Al96&z<S4
zkgLyVa+mt{=}F9q^LsUf%NNTm(bJO^>hCh-MiEwUteKvvI7}sWDQ86{4*T)F>YA+y
z{%O1QGViZZiInM-KX`l3#&c>WN5l>#RME23Ka$b-wT(RVFt`Er8izJ_^j8uc*q0w`
zmF4uc`Hsxv^%n{Xj-b8-So&>{6^iYK7yTwm6|YZc!WDidk5Yf1J-n`~&bo0lrmeX_
z`}_Jx=p^>Mh^NUm?p+gU&TgiYb9aeP4>8CqT6{47I<0kZRib8bvv-2brwMai&#X9e
zrJwg7B`i+3l49xSBr8-=#n#0e=F_#p@LK2~{CZR<XMKR^t0#k=gWEJy?)wNQgyPmo
zX6=%$b@GCO&A(c@<1~7FLU{^Z!wDwnZ#N@X_EoYXhFHb%r)~>h_K6CQ^wd5g74slc
zw#f0`o$XZ~M@<#6qiDq&1d55#88597Tzf@fpg%X0b^(1UcKZdB8`<L*eEXu@9x<=H
zL07=bUUw)|*==r;3|=x>6GJvpxL*`YF-iiUF*9xEu2=MoKcjueBW}){o>9|eqjB)y
zBba6uQ&a(5yU(w=g1*FGJOw4%GQ43Pbp*rE$gO%uVd;+@pT$p3(2FO_#sdv7zdlaG
zF>?<=?^nVQ?*J7B5hi$!Ob~s7)Fn<3wSrDsEC~H5<jw(oDMvvZ7(f{D3E@h3u=?kp
zLGu?@2URa{Ym2BMjXC+4SCBt}LE2tl1ZolL(Gyow7J+cduYwPm_hq(yApVc1(*6&B
zeB<x{?*j=O4#NTCSBYE@iWRz5!p@l{!h(`1k+n(C6>Df}C`?68Gw`753nWGak-I5U
zp+){E!eS7{g6>IUOF<cvf<$oOnapUUp$Vy{q5xl@*eeK$Ct1$dgpem3!D*EAUQlTR
ztyLfwDG08?lbM21f^w!Ih<yjaDGoYDK`bkH_7A!3-!d%HrT(W3n^GnyZ31dGM9~CO
z9gd%W_7?PX3Rc6AIt@T&k_T^XSuB`lfL^AKOo#lz4pY(Xi0F|=OOSvYbXm_sgHdqI
zFZAQbm?BSa^899M*BY?}D*&>?1PuIrjP!3mXY?dso&_XPAcz-0gua^xgMb2gnm1MW
z3E-Z_z1ju3x>q341L(vCq5QvBe@n2xg}w$LRx!;^9Rx3PQ{V}H!E1GQ3V18%6Guo#
zp7sPNM2jbQHUlus#eiZd${Lsp=;AhAgqs1J0#oU@w+!3{7A)RqF#k~bId`O|6hMMz
zcA3yTwlbL&R7c6b(3trSQW7`hDlA||xi$$10h!b2e+2qymiq^mKOyBKu=iFCVk@S{
znR~lUpLef(dWLI!%iCltJvTZEzv-1r;RAc`<Tq`#&Nq}jOLs}f6|hzSlR1}ynE~Nf
z>=C9dk+mX+K%VYFAz*M;{TpBhP@lQzLv8v^wb)b6Alk2vZq=`*33&~^9oKa~ezrmS
zbL$W*Ag!b7hVr%2i`A0<i@i4wi?RLxhbJM~vL&JhMYd$CNHw`FNs=r@rQr@qlA=w^
z6;VVDMF<U&kPPkGrlb-oTC}NY)m~H6GP~dVyk-jb{rUWk<NF-XAJ1_--#_l#RM(u>
zxxV+;>)f(v<?Q_u;TOxL1^zFrg?btD+Nhk--+{pFfp>azS6d#QB9E%Ys4Dz^?6YWJ
zlk~FLm#$t?A0J;D*5UHXbCHtI>9}XjJ0k+TmOr3;Q0r9KL+TsdD`km&SkTe-lc3#3
zdOffM`ylsTk=`f$_9vmyyOBjJXXqODB(*?2@J_8!UXOQp4Z=<+LVy8RC^icu3q5J+
zP_;_oZ)zv9ID$|7B4}B4kI*M$9;(|drwi5$l5Ru_v&z;0Arg5CR`<B0T6mX7DWsFV
zzs@5;GytvmE5gPNjRI?HJU3rUYEUwRK`iURnuxtJ&rn%_8jCcK{(Jvm0gJTAFo<=+
z_q}7!4G*GYV5lf$q}A<F;VtZH*bb;(T7|zEqGzmTuO7ayaQ=V{hc9dv+BC@xDn?N_
zqu5{vjL{^KIW66bh40EptrHp`EPv1gVv!_kj=aE&)kMmLd^8xf<PH!B#hgBy9{LYa
zQ9iMEYBcoc))2i<hV5Sp&N=TkhkBh<VIC!r@Z1Or_bSbSYtv2ABE3$~BQ-(WWLQAJ
zjMA++W*tM}Y+e`a3MzPzlz0OwT}9B3&O>2|aDh6;>B|@rLK{=K{vel}V8Z$)@TB$@
zlHPc3yx%C?C`UHtv}{|ey6Y$5v)p?kd&ygTZbUt1P@&y*gJX=|Q(0f>Jv1R5!5t(1
zbGs~$L0drp-?*2alenhCT;tIrwnpvIP_EZsGZR7uGrCu9nsd02fB3%7BiBR0>ja8>
z$35Ej*9+#1$-X7v*bEYsL%!o@58MdpM%X7H@q!sj4{YvSD~ydc&sUvhp~ha$eMw#T
zD75%&YfVzLgUe_Xe&F;s2aU+g5t#E34%dL95q8vTC;Ci)=OOS+>j-$JEf=p;E$5$e
zgG$v0s8ZD$#YEEG)w}i*Ot#D*h-y+9?`gl+q-u&W_&w;?RUnJUgkmlHV1kw!h$d78
zf0W&0EUaK^B-u25w*(fLWZ(Sr7Ya05@4C#_9=o0}J$HNWmq{RtKnn!<NZvsG*NHXS
zYU(=URvBdj`yfvrdl$<dQ$Jx=hAiL0p)-2%S;wdcy5B6Sos*KTYz`*s?20%$IXQpp
zhP~rEp9r3L(&cK}$V{40X{~8u&*>DOl0!U&to><O(=;C>f5;m;BrA!HK3`x92M#n7
z1X!MlJ{;2Mi;>n;nbcD@urhFV&f@1?r>;IKpjMCFSii80RBy`PzdE5ZL0BZeFR6M|
z=cE>U-cH8ymQ$`aI&TVW)w(vN=1y%Rq1TQ(k|-x-qIHsJ{nufZ=i^$J`gx>OrBj+0
z*7z8S-U=)baGXh>M7#mJ2XBIC>$M(qCQ+ICnsQy|l{04C+XLAFi{8UW1KL#m!mHq&
z$`fDKo}g7}+{uzKsJS1@+*ojY6VHT`v8-fm5gX3;)QGDlNdc~<b9VY1sFXAMvHo7s
z_g8dhpWPCz+eUwTgrqlK8#59QbB0iiN<-G3=diUdtgm*c;u=yWkxxj~JLFt`5*NPM
zG^aoMu=81>i<LTWYw`1>Nui@>T1tkm*u>kzNfG+P<`~av_)Gs~&WzZDiT9)``(v9f
z+@93Zd|>4S`-y}@8`WciaN(?b=lgV6RiuSHwqyD1*P?;y*z*pi=LSX}r1}wM|F&0c
z+?(jNw8F@Hc0kBD-qu+wG&LHYOuoB*RHh)>qAO)0i5VkQvHx~U-hdRRI%vD)$*P8y
zA<piVbGu~vV#5t`PEueCsUgA*bWjjjBD|Q|=e=C#fpH6e>Lt0Z<Heg^Y4VpD2P_i=
zQdBK=Bo#jAWl~}Pw-Gg^u!5wf(F3D*8}ZEJO}Wdd%$LF?>%Xn}v7pVRIsWsuJ%V{&
z5zU2~fvFjmt_?{(_>K{-t8zh_6ZU+}5XIJ*Ly{A?`^VwaDNMWOB8VQ(==g%Yd&|CK
zwpripsk}Y?cC`JCT@$QZ_&L4~a}q~A4A<IcN3H7W>Ni@!^i*TVEIVPmKquDLROscG
zOPGDTYu2vHg)X5VObf^5ARYuEy+v68D=HD~8<Q@40l|z|iO=ZPy^I9STMepq#zYx!
z<!xcwt3N3;w7vGaw`Z}Q^r>3!160!DLl1|Pl-8cY?1qw<IiXK<<vh(o4fC5Xy$so&
z$b+Ex6N3eUh~rzoyIg<&fO37+K_XJFD1wNuBq@AUKqRS&zu!ZPTEte;aH#VC*n2D@
z64Ib__O;#$i+nBeE7%EY<Mq?@r@L2QeZ!ft+Q;I8{@A!9g4fEFcaH5;X0-S6wZR9~
z-@HD!w7SdjnO?0UIo`gn(B;CM^-@0TUxkRxjN!`qU>P*CGZhP?Si*4yP+$P&Q9xEa
z72on{w-R~!gOouyYt~Jij9m^JT<=nA8c%6wZgng;7S(lLiEWf%%-%<zIrC_$1-X+I
zY2o$e{9m=F(JQm&z&U!|I9k3<WK24KnT~`k66h-NQGDuE8Jj&Y{L#m9cqZ-{E8Y}C
zy#txQb-#mZW3v60_*UJ#ljdqG^OW3qzRx-1#_OHDc3t{qHC8>!fUoNOoOp>oQz`UY
z!@4oPZKe#n`|JKbvIUM&fZ0UDQ4?NC6r8=Ah3}#uwwQ~Am-qWik7o0Bb7~iUjsHnt
zo6)B!QB3`oJjt-vkcn-JWZis_Cis}ox7g?NAxkMN!j5O9Q+WP4S@RuC&6oVB{JFNr
zx%*xxr%&EL^NROZzrEF=`MX!Il>VR~2i^r(2ivKzmjEsQ$1ts<y7rRyezB+5Tk;L}
zeTxWey5Dx)UCYFMyzE<D@4c@iHNG_3Eg9V+JCT@>YGfU=!+W;p?!fp98J0$o)ts=<
zBb7pm@P=O|r?7#(SS5H|Oan-A9LxoK2P{rDK_ur6ceZ1sx*(}WV%HpqsMM?epgd+v
zHCzgM(;!f6FaFkQ%ghs8(!Q`w$;0o!(AIs4`FDn{CoBEPe3kl6{%G!%`bmp&`wpLR
zKWaTD{eAUS=_lLD4)(dPpLaj}ZA(Vi<bQ!ztJRk++49$_#3Ti+ovVL@(De$9(WXW*
z`%kdm$OqYh%w`m{_eUF`2sXe=BcJ>5ktWJGJnPQm&Si9KLIK?XC{P0=YGg_(#`R#0
zACUw00Ui}5x)QAZRcGo*`e%0K;n*S}Y~dR922vb@e;pf(RZN2ey*Ua`;z<3D)a#)5
z)J}v@(!wZV067YPUB@NC>cYW{-@j<VJMkn4uE!7!&tzZJdz^-cf%_oFX^M0T8Y_U}
z@C1O+xJF76Jp>Nd6ukTrka{OaA+H94m)GzwA&(KI4FKLtKu}zSyc2^1?=Byacfony
zA`2sA2nU)LfxiPU1*VnP(g62GW9jk%r>3X{Y`ZVueBc#6fD=YN<RBLcc`SeglMwlh
zUBM!-B&s@v*#TJxig}$bzEHoZXeb92jnN0WLnIpV$?)-uH7d@5uvpx7-o}k0S+d#y
z-i7NvyghK22t-Z%<1k}`?j78J!*<}V9@11e3X%lo%P-WSNx2A6sxU?>3ciiIWg?U#
zyj@ugX-r#!dws}lt)U~=M5%|MK$n3H6ICnD+YIGPXrpNm;lN=SKu5VzPYQJieX`O7
z8*0XH@H@Qt6byT^lNY2FVERC}u^Ids7DAJO-fB|6vG&GtVOA0m^bl=G4;(BNp%JOx
ziqyLE>l+HU*SCZ(TsNT=rWC$h(&G+c=G#yo{fL<)eBT9D-nMyQ-%=gYTW8_(E?hs4
z&<ZCPXbgTM@zEddoj$}N@V?+hzG!trh<M9+5<98r!+qDxJw!D;X$3fMg0mt6{q{E|
zt0=JydH~adQhmq+N4!%z(AW^A(pvF;M5hepGDZ2i+ieVj*t+HAiC8`uZU~htBC$gK
zYbjr-2aWL|1~OU_zKvo4(5Vh_e1IT6JK;}p>lkfpNg5r#*a4qrXX2yhB9J=X7Q_mE
z68?F52<Raus?+|*>49F`p!v;1-T-P74%TY|PIc8kOm&q5ZZw$kgD-l?S4sa$13V)<
z4p>Z}DWbx-qANOBlNb#KaLLk!bU(nZGXT2&M;_oI;M3KR45Rj~Ho$#WR?pB5p*!m2
z?}<ZHunrH288XODXg5OPH!dzvb+!oFU5$bd;J;%<WG7?%i9|6&8H$qN$qKZq8UAQ`
zO8i!#spqepr2@;(L&(t4b!Y+6riMHuNXia4<ufoU_~YLY`IC+g5)0t6D-(2Jksvsc
zk9eR!8)@9ZyT|HyhqeToI=2y(h~7o(U?`79Z41xwu3Mv#WaDuX+-^ru?})j$ZOaSB
zbKK}Kw!!zH9RBnSf@p_i?!g}h*ma|Lb$bZ-dSL)~-$p<k@xlQ4j%E(gs6dfCjvZH!
zfUY7^kzf!5aK6fW09`ABngjQ)L^w<VobU{BM!AnSLbJAE2sOpOe+xhJ08rmM-1ImQ
zhEQ+sA(FcPZMU~10f2hMxC|OmYWVszK6oh6!Ny1EzH1`B(b0}qLQ{hzJNgS}2zKH_
z^Z^bZPNIMh5=F&eNPPHLoHTFt8RdremHW@qfJ$-SA<$?on2ZM+`NHr_pZ}?rD<?_t
z<)CKK0<lv8w4p-gw@@M!GtQioMI9U+569Hf42A%lSyG3^Vt(kCAA1HLI&CSw#;A@~
zZ{o1lzK8~lOAZ^-$Y}>V8Bf3waIOn<9Hn4W;>P+fXg4~k$P&Pr;o!3vkq%V?()cR5
zKon3!9`Mvhh6SAiQ3;Vu1qe>yjUzNc7fR^U@P?`v!c*vr08SPY26T_$=mjNcn<5ei
zT#E38cP37Tr9d?TNKv972s)7vrTa}CbS_3a3}jBe3ObWTi3Z}GMNJ{Nik1x=*x`-h
zBNmJm6N&IJsr<VSyh@}n;FOB6=yRdRa3mqhwNc*zZF`6SA_0L42_6`W=i{yrLuZnl
zVnfM>f2oMt51xTfB4$7Qu%Hp5(B<%1fg4I-fPZowqAsGNu0_P4M_gbe90^}C<skl3
z_ZaJ=(1I9)pu|dqS+|iAiy2A}L9b$Qy?W+=YZ~yA@KM)$16HZsD@Epw{f@zY2AsW?
zapf{f<)(TEh$NDP*R%VD4|q)!JrSb-s8KJTGJtoY_{&k1z*eXd7^j<2o1T8YpE$gb
zZ|C7F!GaY)76J$4g_uOka?G!|r<4h55-ge?DWoV_0;jz=K?YJcJLxSD>O=Bv9Kjup
z6$w!l7%EKAxiC@@gvxLV1AO5TI|4o~&}0g9w5}lOhQs?Jubi`VcvYL8kr0OjD2(&N
z-pQ2v&`b{lMfCr<7eNSB5TND)54aBt&rFFr{Jp<G$~(@8qz14L;%kX;L96ocj({0B
z9fsKmyYMU6IT#mbTR|<NEVhWa29?~52&G{0UaMR_ybr%jHf#6_mMqeDTKdA!9KhgI
zckOGS&vcK&fA>4x;|L=QXf<zGC?I5k^fn3|UC;>tWyj}R;>qo+;^g*E!dD+Wq*T-<
zw*4Sxy3%{G=hhP8R8O5UzEQMS1W$8|&v(ml(?4H-rT6aDRs)q%*Oups4#cjTvA_^H
zLAWwD#c#K^X4b3^Su9*ZD;B_*5%|djtv_%ndY%+kL_qC(t{Q(41;~qF0>XEBS1<+)
zy;ouN8W_8UlUH(FDs~9X3|^fhvUE<4?WM6#nou|k0p-sOgX(E&i*AJqUqi!~AI!K$
zW*ZTO>tWxjtd;1DLUWIROn7v*t#er}R{sWT59R+2ezYAB4i6Heo{pkc&#)01{N9nf
z^Atbf>(&RVQw85i9YdaW!Z}3YbBA0Ke-Ug_=<qtOJ(+#-Ff2q;qnvO$SrEr>X&)yQ
zJF;>^*Wf6^$z>?JmH&qhV%gS?KMBg>FH>K`-kKrN8G+vS2`O9j0d%YioZk93u<3&>
zdawQ@NJl^o1F1;2DT=S5N$i8^vZ3*>>i;AJVfVc>d_2_9`3J7kVHNL@OaEigiP(L?
zM(Fp+pM(Ncb{>FAVJkIK$$d@)o$L6{=7$gKXPxtCvK_dQ;<@e=__wtMpg~j7{AbXa
zfiT-b_aSA;N|3Mu5OF)j@lZ>NMl!Ra0`DMJzgD!Kwt%X<Oajn?cmYsfoFqEaaibS#
zE{ToM^?`gc2qQn}*$aza*c$kNb?LV=HvMb$n*R3Dxra0Y9wsM)G{6-wR7jmXg*Ay@
za~y)zMXaLd3rY2Fl1C;n4xhwkADN?~lZPl3#in$6qs?Fru^-=uc)yFvonWbKgtqwF
zi#F@Jp$~+?J>|XV+uWw-;!|EhoDDtCX%ufKI?o1Q)SiEK=M0zI<l`|PHa4P@HJa6e
zmKqES8F@7D;jfF{r0qcn7FI5qc(Q;=Zyfb_)aShH{e+24)Y`LooQ`D4N{U$2J;)o5
zH@ZS#@x48%VJN#s>3!9<<bx!0AInS?qu@*VvkpmTebA9^D^Kb959&S716UQ#VC5P@
z*iI;USW1N+LOq?4K5Re55f)Alf&>KI|EydrdoL^?LGDxXx7?@CoL|hDBw)^z1KY%K
zCv_knNqKVjKhU32IQnzVPlC4@3cGoXlBk#*&S(*R9u}EjK!1z93`r`iH!`!3B><C0
z=og8KBd^cl(s=d$VJ;!CI%IGIM1ZA;6oiPM1{pU<*@KDxMFLvGh#>NV{6&iq<U@qP
zgEb?89B9N~J6fbd@{i6H=~$?Al%%552HHx@uTxDx--5*~A^3*iXCDz%!7tzu+FJ?e
zU=-*#oY7kgo?>-XLmV}TfsBImSOYPA*O8DBYf04DZ_YEmYJBb?<P@O7L}Umcg953!
ze%#c6(|~)o$mYO`O0UCP(7?c+K`#VinpXD_XlbjI=mk4x4Xd)O4lp+G&Pw4n3z+J}
z7MNJv#~@gvp&_3D$~e*1eLEld{fNaDQ3t`_fV~#v0QBIO{BgsXc#u|ycfn=?_~&%|
zk(P30H*l`^;Lf!$zvVKizuK`MWhsFm2PbW-FvByTu=g$uGvxeo(e=PAS%ZL|$Sl!4
z0|$Q!7j;SZJicB%J{cHK8AE1Co<O=v(-`^ZTuggRIlHD;PAE&vVoZ07_;}#n#*$-c
zL94wFDD3Lo)4Bf{R}t<)*<07La9nr)qBFa$-cK~YrMuMotCbXcQLlajby{1B(ff{+
z4K~&b-(L-StUQtDHQ3ley$6!n-``U~MW`>sk0fKguq>3qK>a-#<pcK$_Uui$x2tSm
z$&R5Ur^L1u%G$xkQHQi7e3q(~aWjb7X{0!-+Lv!rs=o2}kksD0ohMh34)4@XSMv}~
zB1Vvz%pTt;p^Xgx3Bv;`kzobhmoNl&hRN&=K>kAN3-RjtN!WoEp6fH<H`Q!yX9(xl
zN(sG<nV?UIpb0^k>NbKoa+kXvzBP%xfr`F$3q)luR#Z1CNvNp6bS3t!!<rZIeiE)h
zeH*pM+o?Oknb<p-Nn-V3{v2eF!BS8i`PgT{To|bzUqR}(k%C`<ewD`$B618ez({^d
zY*AR3g?ES4pioC|X@Xbx$^6k9P0<*B5;pk@ccWx%8>O5zq)cTp8NP2JHJkmDu*9sE
z(Vy4G@gUIe-+NZ0&)<|L$LCY)g&T$RMy%yKMr4t|;H<A_Na=~cp~>Lez)nOrstk{n
z*csg;TqDHx@f%@!{%e0UNOh0sQlOEQ{E36o8K4x2Es7QMVe`SdLXkJ>k7g}U-Q{&~
zcp>EB4$1tpLnaw=!ct5oW6cTbAtoarzGl;|ti#7$tG_2JY|mQ|{hGU^t&`A`Dw0ta
zy*(@9ve%w5a&WYt7b;!v6kPpbz1h~e(UKn)(2Yq)u&bKXIhYM~65D_G(yAw4^X)v_
zQ#Z$DEqm83W&io!Ypt1$QJ;GGCJ>OWJfUuD7&gtN{Ol0tJGXF7gF~0f(tXyS)<w6)
zSt#BZiIy?&lez<Ui%}GDBxFdV=)P|DRwecuPr@onz|3eni9xXfZBhC#v5o_zE0ul`
z>qu6KV<{sb!`bnWc0Ni437|~*#r5|`jHNt)P)~Ota@G`GCJs*gNvL|mgIb#V677lS
z5;FYjlGSJ{loI0N-WarmnO0qYoI7ESVkW^ry_uXu;oog}FT)#)b?pbYkj+YsV8e?R
zJ!q8S&FH50-+1w8PQH>>Nt16_>%FCvYI6O2VxLLcGQd+lrm*cDE>io&KhYJYcgsYo
zdeAG^^5VdA82B`O_>Aym!9<B+h6n>RFJa8JCV%{7))+GbJ5th}EpU1dJxCUket73#
z*>;{_RzD7el*ObOfBYoN?$|<vcYqOK`G&;mhU#qU8#1$sAx&zHa04wTxrO-0Pu^Nz
z^#_e~J4xlsjrlxEqtK?)jIWXO&X~Kn7CM&sRsWBl$U*TYf)L|Wng1QY|JPQ4CfY(I
z<~p;7cA6%&ZoB)AA31P1?4yB_^Li-fp6C00YJvA`afX6tQ%~kBFeeMHg3xYTT0VAz
zl)Uu1^rD9!&b&zG80`(POso=|I!%1-4@Usx5IO?~NJZ@4)Ni2oQP?c3k6f`yxMQdu
zZV&J!4Zftp!HojiVlYpTjik+L!_7npLW+3P@uD?kTLl-3O^PG&{{^oCVeEeZR-FGc
zU<Itl-vKLJ*CF+;l3#3zAQOmL7{s5z!!*DhZXZIY6r5nvZxQF_AYWuh0MSMsbRC?h
z-?;!EA`61pLhu=mNBM(60R#QhPe%`-Ae4CM!+EOM{bCy@{}2+r7%9aSUX8n!@PB02
z0DB>FM0Babmt)0&%8{f;%X2A_O%miIiY<Iff>)q`1u~XS20P<z@s8X=5q&V1c!DpZ
zQBdNK_%P^J^yc4iB?QETf$X<g=usvL-@=Da$mRuCS>%Iy0D%YUAG(2HleqZrH-6E!
zk=#EpY~e9#fSF(<csD|q0IxoLbtDE2mL~$QaKtDRV>J5|1X~fCapGY#9w$hNCdFz-
zyUrU}2dIn0?a8Rx;TC~p7j$Y-BMcTucA*`VQqdPr(gg~P6W)4V5}LuSGSK!o)!{JF
zhnVURuEQ8JIN~#oLD-f@U~3GUdy}by6O)l$?_W!31td!$b_8cQT+}MSI^Gd!oIzeC
zmZXT)i<v&iKS;RoD$j`BVGs4ukb7x%;7pG{#prL8DdBocEp(!v+N?CF%f508pyJEZ
z)5~%HVtfb8dF^v7fE2dgk<nd70)4v3`#6a~GT&~7cst0&QLJaEG{<C%z2`cnQPF$a
zWqCFK&JPw3P7E$vSJD4hx18f3A%wlR(D9;Wb8OkIaoe3tf_gU14Cp!~lsRFwve)7A
z?JRlSx35~YbegW`Ilbn*R5Cqut@GiEANy3#SG_onNow0P*h})vb}|#wy`J8YZ#uZ~
zSl?#r-I=cst<+nbP3aEH>$qv}ZlIcEtL_!T(%{C}RjqRH3UN*Ba-SO`TkK|6*K$?+
zXnkdZmrC}z!idP~9)`2SiJmDHtG}Nw{F<NZxSMTQ=YP%9BQkREO1;+^)41y!lm`<j
z%TG?Jf324%b<H_y`Mz0<Fgqi~X#L8Nx$3s&U(U71pSzzR`{g)Uns3yA$uLe-d7qEA
zvQ4pdbas}FoAq$9<~r-37weT?cN`>B=*R3mvTNrQJI5&P_%;wI-=UZA&B0;!=R3=*
z_8mL2Jk5TWMA0GloXx#AmDHsT4z|&)Y9sTc%uUW*I~baJw%a{Yw#3c4j(#=Gwmv^0
zP$^sMM`UDmH)}=A%i3+XkAHHKTBqQ6-!y^I+0yV}LtU9a<w(h?g-k(H@v^nYtLp<b
zya$3bE;{k{HuXgXIOXoT_V%c{N3}EE!9-u$%JA;Ss`AP%#+SN|{xv|kh&4`)ci>5%
zz_=Eguz%-i0)w@1ZZ%(xeN~rw*irpk$QgTwXKf{)D61_jE{E>_WG#7mQhc5DQoF7q
z_M$gnDsKgDi-pfYVxI-6i{z~*NwF-@^3|<vC!4}RT^|@so3wK;YiWFQ%2hIFwN9hx
z82^^In(`{*6!$7zwx;SXFKtDr`*3-uq-?u{5}`3z*T+bFvhS*L##U3Kd)@#MGi1s}
ztg|Cn3%?n+&8kHF%xy%VXGTX+?HA)AP&?q1hpX(UeA!A-iozGcT6!i^*s1hsSmzq>
z<PjO7a3f)^W>*8&D5E=X0InXj5tdO<hi^ar)69y#B}g7v=Cx-~gMDdXJkwHN!FO}P
z^yn8U1+$JSpB|?@wbc7SdxkE!UT)dKoDDRA@`>UHrNv%_o`&ht36(<q#@$|7{gF?M
zlXY)yu-~fdt3D{z@b_1%D?B~VS-$nu+<4|w|AjTo<hYWf7r&=SD_TVFKf3I?tR7>D
zq|VsY=fV;(Ylea$_O!YRID77$D4%|yIzOsI<F@0RJCAI`Yr@x$f0<z(JoU2bwTWRx
zRa^5JXCBorJCnRPu_P`rrPKYAYz14Tj(Amf!SNLDM-gpCt`09w?6x(HD%@6O(CA-y
z+fPY)uA9x7OS{|`#20l&H`;nyKWueL@d}D^Z8*QG_-M(%GLKY?AD0ZbUs-#~y7r;d
zlMB*wotCCQG3~rlA8l}Oi=bwZUta58Bb(mX<1c?Zn>15F&dh7QnykqajifhLTc(`K
zsXun`Q(<%A##uS8#CVx3hY5TQwqu>@nRnbDk+kfF%RM<cWd*Mjuhdo@y?S<)VBlJC
zMXli!iTP)I&P3Bz?su;;qWOFCs_lntZhqY&yLCR|w;cJ;nK&jx&eGGC{UDNU^{sD?
z^uVUY2Y&pOulON+&-L|9^NE4Z;nM`+YmJQSF+VufGMDAeE}7+=so8kg;mlLZ?`mA_
zt8?OmH;>!$iKaYvVtCo==QBD%&9&$DGs~8)I3A<3yQ+o}#w%L(IHl+^eRP@uGduU(
z5C3PjEF;JIW&_%y_&qu)di6WbZ~|5}uRFUmkI*eileMcSW>MJ(&RL~Kx67AN{L(b*
z?>zR}v?s;S;GK3+?5yC$S?<a%lYCYZOqH*h6wNtvc3O7nnL(FwvT70|Y0s6%>3hh6
zu$TPVjkn&Er#aUP)HbFR&nsUmaOfPGzUaCAs%m1$sHi(f3hO>*+E-L+pNV|#oqL-r
zLrI7sne=L0v8zv?usN}JhH(B=qlIaqnj5yHKH2D*>puJ4#msrWAwfHM$6eQQ15ef1
zr|_MtjRslT#{vcvu)$Mt%%p2;Q@u9jDH0Qy83|7?`wF-7b;+v^W~Jqt92$R=^*-RE
zwNl`dmbu?zz*;)$W!sp#VHV%`Q9=E^qRGUWl&PFEs`2Me1ji_CHY=DWHAg$`$Q$DM
zE^7u?m~x6}@^aA1g2t*Ya#)jl{8eM4RF(tVRLjPHz;4p1PwzA4_HLe55Ou=zi@_;{
z$JmPF;Y$cdZp@i2HP3Ife0_VPa@p5Q+np}HJ(>)s8$pNZC;8y>C>t6=B+i>CSZL1Q
zAqEr-7QLhQZH}k&<iJcU-bYhf$F^n(Wa8@RLA1w$osxr7S_XC4kf}XXBzOTL&7p)w
zI9HDA{ilZRYMtN<FLDP9RhZ@fldv@(vJN#J2T_I&j3&Bkwk~^(IIz>5=RO=sBnxRQ
zpCc%8hRS}#zfVSmJOez4Fn)nsdm_-SJ>=hS?SXVsikr;8uI+*ANOc{V|43rSTKrzg
z(<0nPx&Uh+ZF^08Un!O%QGwvg$d-iI6x2smjLt;{3(8CU25KN6UT{2{ga^t{3I>d#
zKZ<gOnYNE0i--f)K!xMR-f%9nKNG)j2`dEpYZ`h192p&`=L1s=7@dD0lL%Gb5)kxy
z5KKM7dZNe`55?`L7W&E1H7pPOR~<uoqhJcbc>1lpK+JG-ax8*WpmZW0`6NT>%y5gM
z9H#$B#?h)$S)2j|`fJqZ0YGVsrUK=<@DwTfF7);ON@Ms38H0MmA2w20U?@WU{CEN(
zA08QjN}xbF;;6oOO>8#0@-Z~v0p>$=HwbEGybT&I+%HA)$E{enx=k9|fK(o&WAHxV
zWiP+#7p#%0!9$B8B?;9F=yAkyXCMw;_=x%rp+#h-Lk6w~Oj-1FNsn6#f5r|FQ5U>D
zU9=sU0C<MNdX2_%E{}Jk(@P-Qqa95Yh=pAUn2TlUW{9$!!h5H5!x>SpAIeAz!svCk
zGA8t@z}*x*yKXm-yB0dEcvNq{qPZcS{Wd1cVQO&U%w==!G)gyKmo>X2p*JgYrFSWr
zxq~{+bDbbu`(VQa(q%@x?jz@j3ia=%RZ%%c$GEvJrW0o#SHAP)P58#Gqo-_JKU;l3
zrt@}DCteg(LtGDAWSkd-XTRU4R^O&p0PU@c0N~elLM%Hl-5ukVk$Ux6`YSdFs-oEB
zrlJBB67a_@AtO*Vww+q|2<J7X@aEeM3TF$VJg2(5eNsp+Q@T_WG?TP)RyOg`X>2?z
zV6RJH+09!=*N;}*_|kFhz7wk-3ybY~Of|B<oqdt}f~QJ)`+bP&ON(d?JC;ySQfv>O
z<DZ?F()|ARpxkcDtmys5^0NwZBDOx+Fc;+NXxcm*b-OI$?6VK1=U{|9zVg^fn(v^Z
z_C)dO$RJ+Z{<||ALodH_yzd*pJm_GV*1Lk{`0Rw-o?3?0`cRK6_tQeww|_QPrtaBi
zR}g9<fBTk!j;rC3@0J$kn1^?wna;Q$u~A2NE;G7U6S+`1oL*BMSwo2;9fRwbJxNTz
z=z0aGMssFYOtW8%yT%J{OioYL$uA$@O|_Z0|EjgpsLz>wJGYKqO1l{IvfFzCe`!Wa
zZw}>R*ICMx6X&k#JC)F?lnkHU$)6Iqe{I0nFHxg=>KfHq_7<t-G+O*U9bLQVD<{vg
zl*}^=cewocYr-vsu?-UII?f*`&3DjsHfbM7e{d`6af<LK;d^S>o<h~h`ePoqIlH=@
zfW7y2h(p|TkiU&d$x%?tndU~>&Fr+A{kGKE%gi9oG}-rHvC93>Ynz{C?0vp$`O#Zf
zOhTLfe#q>}jZtJY0KabZ75+x~)++t;SZvQ4CC*G%!h?6(3(p-%ou_>$SZ7&_`BISQ
zwob{c4QtEdi`xsU9BKy6r8~F_E2BS0etZ??T5ho+nq!+}6dIcJwN|P(57=-i7p)*%
zcd>dWvxc7iY4M@b{<}LGx}NyeH{W=;`L9^__Dtd(r)}Efo3-s5RplDgIy;n2Q(irI
z(k^ctpss4cTj1gx=Hc;3CiHdJ?wBOIQPQ(=+?utP$j_E7y>(>%&7k*Zqy6@bE7-f+
zb!UgYdPrgw<8J!^-{F3o!N<w>0^&?P1_Ls<p3AmGwY6gj?;n@sX2=)MA)aLRTv{8W
z#l)Nr6K>q((eBI;EbAb#RmQ~Ddgp~%E-zkC@a)88bIrva_bUB1sm<%pn(G_H&db#L
zmf+r?W7V>&bVXEpM%wjHI`0du4DR<GxY86ten@5-VVt%0bA<2Aslw0#-2G+s&2`xF
z_2cmphkXl&s?7MtFY7*jOtdw9Y`%`3(wkIg&cr%5MY0X^QfgmiEbhIS$bF~sA?)RA
zOQlg~GL9TNdN7Khxzk-K<eN-ooIw%)8fnTJDpy`jt5?W)#s{%3(Z9kU2_RIiHGG+X
z1ivcLG4S~c+fvuBUR6r{S_gJczVCk6$ii%>-3{Ev${xd#n6pGRtKMu*?fl|8U7O3@
zPsY=n<%3s$UpZR#@P%=^$2IDL9WgO7;wRzD*Irn`@t=Bx>-W=VQn)I^_pKz7fRnX6
z#H#E7Typz2y`_;?K#F_K_>j>Eo^1Wic#JErtBlnj@Pb4q#1#B?e}$m<arO;xpN|gx
zgo3$Uk11Wt&G>xG4Leqk-B2X|`;AuCkAy{9mh@?S_mfpaL20Q9yK9w?_AabS^JyD=
zWtiBRdh|oSvd@gO1Y%Tlo~I7L_FWsyMsAJFpC>Ga3&rz>{0Cj;aOA#wmh<$y^Fy&Q
z!1--_RS`f{c2$A3(YDK<O1*VX8b35%|4!<aFuipvnwq-Tbx^$j;da~?q+v~k!g*N5
znxBLdc_@OUby`ZlmnAgXkV_m~QiHWA?T)z?6Y%Oq`R%pwWJluO2)}n9Z;h)wAoe+)
zTt5})|11(Y9tr&|jW%D2a-KHKdkva7_A0qU-b!Wa+y16(ySj_{^-J@WSAQq@)k-(Y
z=^nB&)l@nkes^|(Eq}8hioYI=CyBPi4CykZjPkYgIo0gYcN^3u<UOvo$eOWR`E>pI
zTUkq=WEf2H*;e40ulIM9(uMV-U0&+a6s9{Ecf4uEZ1<+!|2rhK%W9~H&L2~pS4p1b
zt>b1l=qY%)RxmcVm}Sh&@QrLY9eSfb+HAUQc~y#b9Q`Jkbbd0cXMMKMnsVz$vX|Q6
z-IBBoy=GZSav2&9)7-F)S~r`Qd#cO~RJfTmlQKT`$;KVmnw~anow2y7ynt1-u(Uuq
zRy%l`Q(@<UJKSLRwN)nBTU0$PxV(a;#}X{>1qBQl9#pkcl{Y$`w9!_cqIxh<P2%3{
zyyru-)9l6uqCc13$*QBuwCb)&D@$+~Goh^S$(LgZU}Pp(zI@_;Y`(@~oinLbX}SSb
zCO>Qk*V&pjU3(nt`LV_$>S=m0kexnzk1iJ-{%=60;?w(c*hRW6bway*WY?<)hfkL4
z+UI<}ur8wD<;T@|=R@atZF}{Yk*NW!B=n<2e&$}ZtJ>2ezPHM0WtK*KQ%^qGoNyrO
z(hdI84HdFmNlQcW(%p1q??11#1Um!#<h$kiviZi91_w8A96tUe43>J_&MQ*P>($TG
zU7E~{3W(|S+yE;%sjW)M>v30SWbfvg&u5U7$$h2qJ|CvOxwPwCKm>EzkZ~_HQ|+>q
z#J&Ar&+1t3Pc3ow(l}_^X0LjxAZ~l?yJHTw=A3+V+mX<<AnjCuPMArv71>9aTtl{7
znBJZ4;NkL}d!aGQY9c$US1wC9y9~lJWna8!vA0gp+1kR}xomIwDSq2A4?}~<rI%c{
zPx<s^Y23u#uq0ir-djC+MbnKIJ!ks4X&Xf3+3SXQ#8ewU(x6U%vGG`})Obar>TEq{
z?+LEzEF)RPyw8<C6e4UqTKO+;=i3f_=lbU*3a1MmXRKgP&l=KQ#B}iYB-LRuY3E`F
z?=3iB8~fSDy(#gH?d8d57Hoahbzu`-X}#}zUCmx2de?-x+*47^SLHiWnEWu=pc`iz
zCRo%csxDYLV}H?N`_$^5=DP=|XGUq6eU9HfIJ3BZc}}{$&Dn0M{WOjmTT?es@K8N{
zO+x}DyU72X%X4OrJ~i8=DzN*J>(kHn@pBIRSg_GyZl3#%#J?V9Y_nA+C=S${GcJ<e
zXfJuxPOl2v!WeAW0XG09CbL$&)K03rdNHs2lc2e&*}dUSYs`G(TL<Q{ujwa*+z+KU
z1(PrExBizHdILlX5w|os(OVV*(+eY^^ocGb432Sk&&wuKTfJ<?@SVNn+99eAiKU+G
z9&u2e!|}4ijY`BIdV6pRvDcq210Ka}*y+$DsWG?59A%i%bq`jvhq4%a$eKdD1Y+<(
zETQ&~p9II@D}|<s9SD7Q(M>}jd`W_np@eiEelO`S2d4r1*VRLMlYXJV>704OiA4el
zM2!vaqVKHu1HI6L?inJ1%Y#@}+j_XXFhVDo;dokL#Fr7<*Ki*%^2Hz>zi_zFa7U=f
zW~agJ+qhjl!m%U{h?AO7btd#3Y7mdZ4Ljm$hKMNm9V)yL73IR^La5-D1Ju~!ItlBj
zSMW2q3W6_^QF!1QAli5p9N6v>2;wcomX9UF|B(+vn4O2(1A`c_+TuIgL@rZ>C=gDD
z8U|5yfiBcajHEM1@R!4-5x<}dS;$L(+pRuGqYuCe{Q>zDw_)&5!tfBecL*RcLy?NS
zh>&gr=spf!@E$>2OpbxXIl9-UZTL32G#g3qfFZ2!)ksJE#S0qHIt$bLP<1I@<5tb*
zp$NOjczhXtulp2x%gN(M(4sz1*P-^HVtS+?zDLp*T0(VW3L~zI4~l||ZUw`$0jM0C
zhPyLo068_x^Mu2{QIR-rKJFPoZsf@?1OqCv(1K&2fdY{O%o&Ia3TrA6&a@U@?3xoL
zaLa0A!wtSO9jY8Mlc>{4HkkZz`E%~KxleCsn|>fQKe?y5K&ULihC8*eBN^CH8T_sx
zn1#%7qPop<V^L;?Gn9XD$=<U+Ug)1K;azLrvu|F#YFJXOx3&db$|@UTx1#$+_C)_j
zyEja68rQios=U=E7qC|<v<tec*`bXVN%!_LGv1sN9{pZrt>0Ahw!LRU^deTx%_TZJ
z-K2b>(qKnxG9>%q#zF>L688LifI<+T2|{G@Do;L-G7DSX9)sl&Z#1l%vodh&b90l{
z9)~Qd+*k5(Ec@wMOSqgz(17tr#e=H_g`fI-Et@TQe2Q=pjAD+l@eo$j1nG#5Z+rNF
zLd!fr;f91^V0mZW==G8vJP+>Uj@GyEb{@PH-rgh3<K&e?Cnn$dinV(8Y6=Ne9@rb9
zlTIu~J7CNL^(b*z_~ZxmBb}-2N#5f12p+u)k7A-np$1WS+WR3ssNrUf-<V^)#Fi3m
z6Jh#MQh^$OjQ<~<@aJpU{nlln3SYRH%4~ZugUTVM83XUH29>Xmdi9^b?t_m3>Pg^c
z3#?8yDv3vIQL1*t`vw08Yx4@7Ikto$pt5{{E#W_QLDa@@hefM^h3nqLXBf-Z!v}};
zg8Qz*9RSN^EzlMd+jrXXqv19Y{hYWRiM?xsSLe+=6t`yX7|G}AToc|{w*|aRQY`IK
z=fL7432A9^@*#gU%1rxiX|Q_P<bs59rDxjCM73qiXrXju9ofHjzVF^L2X%^^rTMzx
zS_Q*ThWo$I^;@;|g~Iu{Qp!ip7S(X)-A6}P=vYnQo5?wDnVUN`yFR3OXIJ`)uA@g;
zy4jc3ok}FHH+!%Cxh&Yc(uym{bcb*P4y?ij0R*Suu%PlLsMHmoY?({C70tg`q>g`u
za*#w+NM7QjgNh`+psL(*sLF*3+&s89-D0>xLJ@=p{}%nqNGSyRQhC6jJkU!)v}>dU
zSG`iCOzt;H`U%pE`G^0n6%Wx5kWE~qI}Z*uZWKc|KebvdWS+#Pddpb3dD}io@VERL
zmi1%H#IMqaD)vieDY-cA+i4nn@?)Ci^N-71?y_%EPkSw~>p2Wk#Iz(6H02c#@E1VS
zHI~wu&0Zv7z``N8CKVD7W^f{o*Z(BkV`5F-WZ}ynBvwx^lr)SsA$x!WdkZ8Kckyio
zdy%nFN1wl*414kMug0+9uM*n}t#Ls=3yd`87TF>Czn}d_V}npvM3;i9pZ|U5|IRJi
ze*drRAxUEqKJ=f}7as!QEbJ?(*-pKDyF#1D4pI3@P@u&I1!X9*Jp|M_@i*GIHkJD-
zoa*OSNDr-}X|8@>^5XIH)T)-!(}iYN-ffR~zqLFe!I*x`o$_1EoXRsb2A{noSjP^x
z93cFxXviDK0#Y>+U{4|4h9Q}7-YNl)m;wbwt;xV6q)!E_%{M^3)4g(QObIVIa4|-~
z)s7+SG*auCbME#y5EO1-{C^4<!mqRcCt#=uS)C$K>=iN#-0l2Ble6&}X`uJPE8Bky
zCnG}#Mb<?%7C5Sh3N^kWkRHSvhQS&5^^y>BF2U38IQFxsIT#8NIbh!S87lBvz!ZWn
z{&4{c9!jnU%ncg#(_y68brG-(0Rg2jh-Gg$=RvT6Z=+jU@ov!2ec3*!G8QNN#7$wS
ze{CBv9mQa;*Ru#kiVXDHf!DK8m>gkkaC;S*PoNW^oCL}yz+QyVN(`#l#kogm9o5QI
z_#+|>5@V)n2y5V7h)SfK_Xs%&oL_YlBr5y~zu6Ht>d@p2%|pR=ylhu*7C>5tTW<n;
z5*5`FhPjB|s=xs8qW)ofux_yyvY)+lnG)hGF;#@o)WNM#930pN<Tv7*D`9en`;M{*
z$U;P1ga{HfY)Sh(l-h)PJdmlViEyzkLTOfSH8L4jQFvo5F)D=c2RCuyt*{kDS69vy
zVP}g3(?@tn`Mf5d$svQ_ri2)?4**S_3k9xHT`3?%wFGDQz-ZC+F_JBeSTlau@ZFa4
zd^@^2sw;>ap_fHq|D&{!2!0HH!7zmM0aF5BH&7~8gbl-E7oU_NN-umD72*$H<qW`k
zQSM@tC~1S}u~cA%MYvJ)0jHCpqmzhGsRZ$&SOC0R2F-Qb5Gu=t=Zw?P%P`oH;(swU
zGy@}WA&*hh(L&(KEO3B^cRl(lyi`;yl#Li@fB9YFeHZ)d4k1(q1YaPhz&nryGEOvp
zxPEXt5w;it2`C`fVW0=RPJQSzRNHhCBoI!i3ldc}=*ukjk&xlz83Yk()FNCzEVZoH
zPN<^|Yihmo#!o`z8~9EiZ=V}2hsqv7%x=M>X^zxiWSIX2Ed<v(n+k`qu>c~X_aB-(
zXAovTM4Npc5{Fqo2@#;(Nlm8)=rY&`dK4Ummt-!1wos7fE}-a&qj&IY@<2zSjvZia
z)!Lw+9dbgS#iN>mv3<<{^uIm5a{Q|)!|bAO_wr#d3%Vb{K8b~p=U5+YaN_a)VbH&9
z=pWcNa1J>oWhA>Izc95f*(m<P<lfL=`ZV=zia!_|DW8Ko{{E{ZxOwlBlYa*`jqiN<
z@re)SzXoq+I6oS#f>uE-mo)2XsXu>)UxyJ}r#EEKLveLd@8{b2$;{h<-KV<LKk5AK
zFnPsoWk+SpS_`kx{ZWBtrxX+<Wt9msUrCbeMt%0}x-QN4io{ZTbuXFyNfyy_s%;pP
zN_Xg*?g{d5>k9H|t(ECtPw%*gfn^S;*rMIK;GSMM>8a0lcrGk5)s<jljUCwK>HL+~
zY_+~U3@tW~A2L#=EqoX8!gqAs1m8Ki=BuY(cw6;Z_k0?$^$eC=!KVwza8U;eL;NGr
z3ULSu2d+TIMs7g<Jq$tR%&VOM3PCl>nA=2efs;Dq^^1`j?l19WuOap0^?l3Gegg3J
zu)=7Sh9iX=(j{oCf?UNf#X_hJu{S$ND1x01e;W=*JT;t!{|vEpJ&7z(Atd~bJ4L5*
z$5<_-6+VmrIDGJS(4m$R9S>BDCORj>R0hFf_$7)Sh~$N!1f73`OMO5`S_0S!e&Ozh
z(Qn-waltcELx*Aq=w%}OD1uo)*0@qx8;OnluHfNfHV_y#Bj^wWk_XkLiFcC4Ih{qq
zPxV`Zh$I?{hratJaRzZ&^bQx38-V<ImoZEUst)uSjh}D$M8)T%{E}FiImQo*6-0i3
z4}t2Yf~GN#-{gz_MHkkio}r7hK(g`aK-CPq3g}OOj8jIVN3c<l%<%EmC_u`HW<=sI
zCmp;&xJo;G_){aCDwM+Q2_{GmW1nbXE&YDaF@Ot`h{%>89znVk<dn?t6C@Fj9eRR9
zh9O@EO<@Q}^B37%qYSPW)mvfUpmjYZV9jHViLuzbH0;ZR2y5a%qf}Hq*F&OpWVGU{
zPF|h}{=`}8iu%a^4U{znpLL`G&=%t&;sYCeiV$#HrUg2QxDW6dZR5KBLY5<W4+{1i
zntOzs5u?x{-Jgfr0j==>W(eJOJq2k9qNolPuY3GD%u2ipX9EOTjo}j<>I#>?;X)eX
zfFl57agPP~*}xIkXvK>9Vbw($@Z+KnUIqB-pu&ZJ-Jy-I8shXAIVpOCmEg&t*Fpg9
ztY}gWtty34Av#A~e1V~(2l~MQ^n*Im51^|f--sO0v@o1LK}8^g$jk7`G88v!%Tz2A
ziD<VTe|pm^bp6ol0-EsNa`Y-?4_WwiuJ;Ph-+m1n&T6$pws$S5&xSe$h{z$33MvBK
z%q#hguLHtb2ujoH4c0m;E#x;<0yQYq7QTB;hqodGTrg1lwEgsc2|c;t9K!$P-=);c
z^rnNQq>gW70io<;RD&8v&RK>#aQi1gZ>>ZV9aUEMfO7a%SzS-57B*&)q_N}1ipOoC
zHcgs&FfSl&PXvEsX+JiNZPm`RDj6_b+@<U{-^+IK%B-dPH#e=GeMA0WlwGiHi{K&&
z9CM=BG0#Wo$a7Bm`P4+2_n03st~|F$Zc`NBp2_gbSP~T&Bb;YmL3V?9!~4_6S;mi7
zggDxJh8}to;IaFNp1I~<*%G%$`RG8^;wIh(H{VRfsd2qeV;YS|v#U3zGpz#ajipam
z&5BP=^50i{@@ZQ5hK@_goQr)4wHl9(N=S_ECU|*x6x>9Y-Gc?t0d9J%MLzuyWkRcP
zyx?kvysehh<zv0aDAtd16cXR4`nI*~n*Dd7>ix0jHD^jsm$@;DHt%TqG1gUsbQjG&
zkr>tks?&eM{r>M%r~l&EvHQJlr(>jU2l0k?Afra20zVhXh#C$kkC-<jL0^LF5Pq=A
zyYGGg@d>v#bon3^!Ns^ZvjEaLJ_K-M0MHE|eQAhcA52i(^H2jeR2rNQUD#SDgT>W7
z;g!loBwWgpQ$(kRCpwrc?xB^VFd6)yl}OyieK<M<t1(;woVyMj1GrZMavSVG#5^Gi
z|AKD7`>*pWXstJSgz@A~BN9cdwrt5Lam&77Ly7BTL?ua3=tC-M?m~1Ki*Zqwjmo%3
z_d=^&==s}u66gyM=gtRd0~WU1E++s+0TXPEObtFK;8zU!$TY(r5eyH`9}0$hH2H+X
z)8aB5sH;al4oKA`QFuH;q&$G3%K?q=H(>7=k*E}Uot`nGd`6^k4+GyHh?_(TXJ%+&
zD5Dp`IfI)saDj&W9laeOh7fg}k6076JlE9(uS4unfY5huKu|x7+Bb?fAHlc5Vx$oe
zUeFlF3j#>#cOC;D00ZK;K>h*)!mNVF(hoC@FQ(-!u-Yq^A;KQ?3^1Ysj{!B@W$3o+
z>52pS+I`9^_52K!&s^FfsZ2ezo@*WC<AV|cu#7lT3JSO~CbA2lkE?rKuR2#YFjXq}
zIuG^dTX^Jm&HTaTY}LDM*Sx^AUCvHpTz>vMCY@P>%{l`C)%R4k%4-Oxky<3bm{lHT
z%dLqv+8b}}9oWHM<Qb$C7+bYZfppHaJ(PM?zs&*dCPd*S+VVU`7>QX!o`to#g+NeZ
zkjS^;H*t%p)wD)wh@Sl*^JnbGdc&%P^My9GL=SiyaiC{K7wIi_mupcfQe5u4U}xe4
zKq#c`*TDucw`rtPO}nvdXN1RoByNlfSm}t7_8_uo)z@8uSV1H6s4U2Hp;ET<Ffl+|
zCBcED+NAPce^Q^e0T`toG61tXtuuy*hED&Z%U^*86bL|jWYVFs7^Atn+9Jx;;$kQ0
z8XUm;Z_r+Z4|G?Sp>PhZQAQxM8YowxtJfgBKb};dB3ud85WOlw=}r>60N7Pox=bDe
zkcmULU8vvbp9QL*lZE7AlC87>b#dpe68p42LFcZb&SBH_`I<Jlb0G^LZmNir**^n&
zPx{QuMy#zJwFj$ks?z=>bO2D6MG6i8*lvd2poL+o4#QM681tuBAdF{7yDbJ?TZMgL
zsR_p~C$XWq|2%mSv<w)bkbbsMG|&nu7ONf{ho}ZAU-f7Aawgd{2xRX}xbv-WgJDHU
z>gKPP0`JJw9nEUHL3U^B!v$kOeAOsBbED!~+pw6FgXV?l3j=eTbt9gC(DuF0N~TZ?
z`j%T+ES$UjYv;G;;e-1g)Snsm_Hb?V+5Y2S@;ERSTvXt&79{>~0|>dLC;|biI&g$K
zcOYm_!#_w#Nll@HDZrv+X^vBsDv7Xvq?YEv7kDavSssdAEj)v&K2)*(avNOFO)N)L
zrEUPEtzpBq9lke#+Ba?l`Ui1v5DUl-fX4peDk_f@daT4+E0A3=CzTkGp`6Ba?QCqA
zWU=#JC)e+G{oC%Y$f`M?Zm3>ec8GaePrGcZrpuxyr3-#=Pq>ttHSGqobfa+1En@F!
z^;1+<E(2gCu>Z5OGS<LGg3u7gxQ7Wft*C=WRvq9DC^bRfm#g#{GGU(%6bJCHLRQAt
z6Gj9^ujx+$T>~QcrzmVU&0LI29B|;V8~{PvD$I|r@g~8>37yVa$cAIrw#6G9(0{&0
zpRYZqktC4eCJ8toVH?k4N6NbCM1aJ8lI92VNuLF0AJZ2=<xU*~=A{)YqxTfh0lOO^
zRGidH75WP-gnWn(^`?+wPYjVMu<x5M3Jtu8KfF^+$Tu)1(*e#&KdGHD^aBkPj+@L_
zHi-L8!WaP5+e5OdhFGcYL4&K~1y1iUWgto;9b8QNK>z1>{^OuK!_v!vuvhr@Fe#Yq
z&!N7$Y1Tyk*NFZ#X7S8|46%Go%~#9j7nQ>`bZY+^(!U1HTSRkaBSG<Mzj4#;dZA56
zq%247KaJ^M0~dstrSP#2fS~;U)l&Xp-<CJMq%wC=1E=PG*2bbeBS`J4Xajgh+sfap
zDtc#O@yU<1LT&BdaMN7P4b^_u6elC6hSz5vhJ=`hCz?Gl$$Puh#4fbDnigSmU-(W+
zxN;a)7!87gzBA42lf2m#-K8K8lYryjhRJA%g2d6qD%<k@)O%fWxnW0AB8AbXxkj-M
z%yn+NWbB>3;N^VH?Wr%n^Do`kET+aPr@SY<cDTsMe%<CO&uyKqprN{5Kj5R`gJO=|
zn%vpnR<kGWGaR#APrI8_od;!)LwPa*wJXxg`6j##-f#y;dBP$Y*Jth4ds9+U4n2}^
zCmOHF8y}(ELYN$#H@}m3!gK!H@)g3_$DP<AmT;V}ICE5Q(Gm`huZfATZgV=LJT*Qx
z_E96@L*6_VH8tIRq*lG<C!x&eJGB$e;hY``zAUr$>ht5eGRz#|y<_vK2Fw?+t%;L@
zJyUn}Mz~x0epFNLy>_ZYjf8VkR`MyxcWrr2kfZ-IiehQ}&zsVpNyLpHBZr{0Yfct@
za7;WPBbPxCLG?G-Bn$r|27iPwndNN|<S3?hcqE1mwk~)_a0^yC9VyU`L(`w*2JJ8`
z5-+Y84z`FL;a@s!IB0Npxnjm}#IWrP4;c;vLp+g1+Mjs{=ioy{8x&B5C=i1Ff~;m#
z-rk3NIVht*@lnLtKLgh-d4N{j(F=+bg~`F}MuPs|^k4m%)?%Ap!WW)xL5vpD;R9kv
z^8HmDKKU0FFP`ckL*sgqB`Ep}x{K^2iq^9_0w019$HVW?`BS2)0YWWtyfp)L2Svsu
zw9!+DKEoPX5Ru%CRD-zSJsk;+{1G4*g&5f5@n?SLxDy3up*KxFl6Xj|X(%7RSq<Ic
zHC-Ip!KX$<a`warSu4P-GR(?xS^`uOL=nKK&J*V%GMM;u7u64?0m;8=5r2Az=*lk}
z(%__I=%v8(*5EK8G&lp9&ofB9G%?2)V7jU)kWcCyCuQ&(KbNNdFMh5fL4reM3H=D=
za>!qwgR#SfcNI=&+j*bZ@2x^pZuQQ``c4ohV4XX^g6U9xjf8?!-;BFHk{V@%3$O}#
z@(+4TUt4Z%+Sue5wvgk;);cxPYhGZNggf|OtK*s#<j!wdCSVObp|$Pdl;X~M%;CDg
zO~NT;wt@V*5(A#=pwqTuLUB<u=hD7&ulHpspVnO5b3lF7{iDp-$l3a5XP8niYAZZ<
z8zTD~7OR@~37u~=UOKS%^=8{y&6npcebZ4DC-EWTE;$rBNN&o$RUKA^k$=oEG1r~O
z41d%}n^t+8YZPa7!u;BWIc~DIcD!=W-S4C2x_0~aB_GX|r(O+d4vM*3x@+qs+0B<`
z>>{b1sq!H>k{=V9MjdZg(2tO0US8X8QQN+9t2FOfQrsBHwmjgFsw2;JQ`yaSZnzgi
zG`(~<Bd*F)>B`hwrCO_B*WbEz^TN7$<+Ti^k;AWAWKhEZ#YOypm#1CpYd;h8yx;(5
zU0gSN^6H?&yQh79mJ0N2+lKQEJAz$ts0Qh5;UA<mK$*(-6dZx-1C~uaohQE*6D$W4
z1&DHN(9Kq=nD}BVQ2qTQ#la(?8i>xm!h<q7;#dvVTAO3Fp}z4aK@PXx?6Lkz8<0Ko
zB>nN40&f(lr}DT|Sa#aF)<5xlP~_$?73wnGdnJWgkk=$RM75QiKd6#d#97-j3#*87
zhNMrR`EGXkbH8QmHT~EPb}1?|utmHJOEzrrI?ujtVnu1dDwP`KeA84MV@@a%`#P6*
zDP_Fvqs2spRn_W6E)1S=<H_dvrOh`bl5J#L=Df{2cPHO)e`?s?2(43P)2&`)ZJGVU
z=gi(?Gfb=aI%UNAZ1(F-#KGm~g4<Np!ZZaB-yfY2_ex{bnUaLV-Lu*kGyaa8nKUzC
z&DPEU>G6xD*8T>VGqQ>Leq#4(i|V4&Un91CnsM~w<7;tKv<T}}9!9@rtC%Olq{dr+
zb#`AXh!lQH+<iwQD9XDgd8lB_;-uI$iyzJ{ODF1;YHvCHrEO5N>f(pgO4UQ|cg;#K
zjc%;Hu-jqt-p4U*=97f!*r3InIn^BxrB_;H_I)69^gUCdMD8!qmW{D<)tpk%%1vnc
zW}oQR)!B6Gp*FLA?=5Y`$y)L&c3%ts@cD6~HTz7%5?WINS*D}FdAzjprL&xCm!syb
zI{21QS9inLcbBExngj7=4JALm4jfOA&TWmcD%=vju?Q+lr)ITokhlDxb3b)<{ND0G
zIr)7}p+lxD^Y4GT<j?qer|BA3cHKO|3Hc*|{{<@cKL5Xf%X(Q9KN9H+@6-f#J6El=
z4m&KvS;O#W;M5+mpc4AHMJR#*$ziE{@gJcYcOr?aVGQMxrv_*&kiocfq6pQLxP)ev
zUhW1Pxp?Ht9mg-yG9*!E_jmdN7HEP0@s&F)R4oZEfF2~hr_mu$ohUH~s&)9%&Bi($
zKQ;j*+T+`x;o2DAeI{okHGwA#(Ffcq+yp%Z#5<l+fZy#1#nJE_{_6d$BT?6qU%}X&
zcszyG=94Lft3ptG>yV;hh%P8VG58N+RSI{v$bgzf0eg|U1?nc4#||iG%~yf&00OcN
zhhW6~g3xZB3H*Tr&8~-uLOBBh1Y1Ng7Ll`uUvmTJl4J~80T`Q6dK&3w9~8TRDA17*
zG&UCC&2R<wD<|?BNh}IZAof;7tc8}$^SU+YF`mo6$|+F?sJMoM)HUieBBXRh1Lkw<
zmJDZYeefwjdK7*SNlu`K5=GovGPbROv7@_N#-p+0MU^8Nd9m(%y9iuYXfkNj15ub;
zH+lRB2{Kcn)B~etqqfDvS-8_5A7Dpt6j{{tD3Qei_jL5|XKXtKF#>N-=h?a5if+Ck
z)xw2IL^5V2Y~oGr7%q9$F+u?-GYVU!JkNor5<U;s<WMzqRF9x2$6G682-kll9b@>r
z>=NeF<Bvs7qF#zmR!WPf=&iI`df?sT{X-|VR}%@Z_Rf|4Fxn>pPz=V^(YfL3f(QJA
z5w+f*=<zas_Ug+d?N`J+&wC`ey3_RNSlhIiElqu;b01tT@Xgfr<ND$m6Jxdo<knA7
z%7tn3VG0Be>9=@JSpGv#a6MnIrGJLF+4g~EbR8!+;eXu6N%nVu`#Aql%R|dPoUJBb
z!Xz5$B@XIdGwlj?_L#hh8(rYGrD1u%Lnn)mn`g~h*R54<N*@m<>U6hayV7F5+OyVk
zjEm~2F$CL`4Q+jCUzSw=ut+qf&aPYeVcmyCX@6BW3=BkN8>waYzP$eZxK?U=%CU%v
zU2_MwZr&HHo_Fks{^%(i_mr#a?_$#$0?l$Xs+!9$CwvM#@j=4DYhh=gBVl%?eqnR_
zImI7o(npi8kV7p~ifF9uMz$r+uHJzMTFX=CzPo5&plCn8gkwEJ;NoK1{@~kl!5H2;
zHwo=E4a5s(yN^3eejcOWAeU@*>Crutz`qYq(fP1++wKjTvWD+m!l4>p4X)94qi0qT
z{k}QKeyYEBd0w2y@s`-o3g0Dx`HKu~XB*!w*Kx9Ymq5H~wd9-nakXx~!K;I0^Se7V
zr!ltm<@^YYwg1~mbMj=Z09pg%veppgXi|vfw}gX-J4-&Dr=1EvGoHJm;k53}@IB_v
z>svNh4cVr~9P7;3ZFn#y%1}M*>&5l+CschiTBbAamC(__sE0=Vsw*!DKZ_CAzJD<t
zF0VB_xF^TdMXUVEshA4lnq4cGMF!qo>N<;&?;b!~J{OjE?AlMHsU1{lzJ+6bjM}>t
zLEg1RC8N!~A`WCfGmlITDd@YR{Uq>pY@I@db^s?4;6PQ~(G6|`sSj-SCVx9z*~~~U
zN%(kj)((RQ*#yE$H(5I~v>@2~#FVljSdap%_kULndQ>WhGX!}m%S!umcJ$rf(P&$m
zYFpEh`Xj~APWNcW^DXY?kHYHfN-pV4H#I-`_GEP}mvqnDb)ZO+zc8+MCxyAljx6))
zks#sKK?^%I**DiMACvX_KI^r<4k>@!l5pIX>E@cLI592_{7B7g^PF#yy)wJL8n(~u
zT99)rMyC75CW-qRvOz9QjWKQ%NSUzjWrgkirbW8!oW9~?gUQ<K=2rO=Pc_c^`-R?z
z%$ACMOZem$->dT`hTZDFp5rpq8n{8$&_B1$r)Zi&glcJ>Y4In!Leu+#>ZH{4dm-h;
zZRga2bJqvX+TygSHr8TAz%pYC&32*97t(ZXV*SCti2?GHlKjq+Wvbay?=@y>$PGRc
zmNk8H8|>rsZ6K~uYH7KoBpHBpsXgTDFpp9L)6^XzV=^8+Hkhlm#+-f5&fUIJd7rAI
zOYzDF%GW}YpN$E)mD!NtnbsQ=^Gsn+QEAT)VfBrprLKhqgDn#+*QW8CR;h*-si=Fv
zo!qb#*{fQUgv#Z#wQd()R2q3HWxk-F9jzR+!7+E~l4kXYb)@5+VJ@j%698|LoW7R6
zrre`!NAa~s3p>lI5;{{qR$CnTmQsDoHX&85>f+i0W?#GW1P|A`2kPB2z3a&uYgHH@
zw{>(luov<2iJe|g;#a*4S@D0`d(%KD+xLHXq*5f6BE(dbO424}8?AJ^OQn^V?j%W?
zq_QNJHcMoRqEx0LD$AsZgvp*1MJQqn$`)p<gPE)6IIltOzTf}z{C@BLFP>M4>pHJ<
zInLww9Q%W()7Mq4Pp&%rMt#<yzDx*~_MF8};?1RA$ygb@+hK1vU#><<!_?$kYNciN
zwA@+$_$p+@Z+=stR`Kl@iM!=Ec4#CM55i!TzVl1&KKVY~Mw_|3^kvYQ{$uBKBz9i?
zyFB(mvPMNl!k+&2&9%k;WCd-CUsz9IM6L1?4Ly_XakCvwe{ydw+0>KrrS9M!lGpS}
zflHmNLIv|NSqZ^gU5N^O8l5Rz`ir#2AXD|@3uKmtK60qyqR7qd>1?_5(Hg657d~N>
zjks#J;%dcbSMRx{Q#*Swj=n=3)jwm7sl$C?M5dx<YP9dEe7c>lAY1K1`&?h+Ypc8+
z?<ecI*9sn{@4@9{a%lteaWWK+1;zc9gM3}_zuPw<OX<_X)*GzG_nsh?IuEmUJps-P
z2J#@RQv#4gRwf@zaU0lR(&q2R`ZUShXPz3^Cmpa);4>J)LhA<`$@}4PLz_NO7=mS<
zeg<(|G6=@Ux8c-ZBq@oyWT7l31Ez_6kbRo;!$RI4pNnM`@*4bV&&_C`U*`DXvvJOy
z-PM;b-<OPQ@aW$XcWwN{s*7G`rAhS}F!7*QJPkZs?iJWYtr*Bu(X_(20@@1R5`vAP
zA-g3BDiCKhVV&ylF(rJSU@On(X9e$QMXvSq7YQHR9)xS0<xxVK<TxjMQ-lM77mTK>
zqzS$bDAhL#!dwC<Kh0A?v)mN#(%Y$y&+My{p!N?JYQtnU{wqmuJ9VmLS((Y&we}Cw
zS#s~|eQwTL{9w(i*9KP1<RDRXkjOhi^K;URP@NEF6h+B!fEVshi}BdXOQ#FwxW`|f
zAIJSM^SHiS<KN{88^Wy8;*?aGK{EtNmu@<K)j#kfg(@SMdzR{DQNxJ0KO_H=C(xx$
zwftaP%YTrRa3d#p?VK{xiHA~twutR;VUqT|8=&WCO>t1vZSD)}O?HWXyzS)+cA*+c
zt6EIq3a=_~(L7#!Vwi4oVeHYu=)73}qgra6Gc4zLZK*O^vu0+acEK$Dpy%gU;#E(=
z%x~Pi3kheXTZGn3rs=tjPds!>^|4y5@r6#2%nKeGk6Lsm->H+<G3Pd%(UER^9#L(1
z^sGx!kf3w<i!l$*XOeblRSG=}BKa$F!}P<YdE>kvL^*8Fji_OauR2n0vEM;8W^M1S
z$ipdtCfuC`A@juTf~hN7tToC`-&<aj*R}IAb8&2*W?N&b+nkF59=<u3>jO#AM>Dj`
zld6|1X|&nw&UpSZKbYp^ruHoN{Q0Dr*HUJkSQN1~>fZaOho_vlvGerNiot<Xoj-dv
zpX#G|;WDZG^Ml$=x|+92@Uo{K=FeaH4{p}^8saej%}vbDVCPA97p7UoPklX(v^d!1
zcrHF|?V6FidllYEQg@2SXL5d#bj-p&=g%>ja;;T1SncGq$&XChs53XlKy4$<l9un9
z<=aop-M4p>nz&eRqmoy>%l=($#(9-Y-zEPzQg?h#x)pJA-Vr8k-t9wGc@qz-dA!;m
zXrym`Q||lOrs>WTvSy{Fesw?6k<e3oAp-)TIO;i+$pY<)#2962PU_asc-QcH+Z%gA
z<tz3c=^i|N_4bA@7i4wc?A2I#QJcZ(<1+mWSMwE3>0?`V9F<Gmn!Y6RG+Q$Bp@oCL
zbU;ZaepPC^rqY<$mg&M8ND`;!G6Qszb33k7hWaxVj-6I&4lyYy`?|Ye`!3bM75CoE
zed^^LuA#b}SN<yYsHvM<oP)f}^}J7-IepIy7DbFvSifT0^b2bhGRI!I=@VRTX6d;E
zEN<}i<&WeGw<^w$`*AZ4GoZ*fy6L;szlNEqh3-j9DmfOvWa{+ns4w}p$IlyyAKUH~
zalRnW%slvm&8Lm09UtnuZ7!&>ygYsTT2ul?BGEJ3jyzR>z~L(Jv_;aa>~drR!k6=H
zY8hWUDUz*~MU2Jaa#u^<m46r9c{TaLi3iqG&J?8lV{+i+YUWt3agH>VQxxIi@~}qx
zW^PZwz_IqJ)N^S~J9cJ|F|<`XbW(4sRj4=S(BW%6nVS(BX`fo19{1AcxZ|njO`%6B
z&MXT#oZ})r_2!zxv%TMbaQ^)8+p9#+47#A$Tsq*=g27dl?k(vD2jlZP+RoW=w8jd~
z@*h3;!arwNQkkO}^{uM<R&B`yvGxa3&L?H-%}`K1T(rpNCj+a$Q!Mu~ltYs}sv`U8
zV3?*Q_49*Qt6uiXeN?dv-<Y}R!L70Cli!oZhSkP-s<oc+l&@HMI^%GuV6(oCZqQqQ
zwa^_K-oMS;G%j<}&#e=x!<{V|Qmi8^Ie`)vkACFpIglr<w=ZN3)3N<jp=D0Wk**hW
zkFeVtuIbu^Cs`NmzZ<hB3fx1h>lUUNC%IfHYr5IvSasU7qNehc@kfw~2@m+~ef7+M
z=+D|_Vtm<Li|V^)DtoWrEc+*Aa>w+E(+)iU>-_iYE(>-{|4x^Xt>g08{uIZUbMjgE
z?9Yi9f9r!%>3ewS(=FuQKt}KBz07#!Gb=WK*C?2CdMvn{p74Ykz4v)h{y<L9bUK_-
z^<zFOQFr5=z28=@KjzqLGxgH)z<|dx>fu|qW0f*_%lRGKcq<%&U#36ZTM+f(%%@HJ
z93$!PjzlP($;qI;(|`8bSbWCaBb!&10Tk2%+pX7Wvt`i>7Q7p*uG;#X#tgsrI$dTf
z--pM@Ws@<7g2npcb(E=lqn<c9aPG}@IQQ3)N8u$h)f*Sb$4c2X-u9O*Oo%Vd!IBL9
zo(gRFe$gN5rOnn}Jtak(=xUQ2@WR@RrX2as_ImXSoq_GsmYph4%0Jp43Tz?Az=mVz
zizOv0Wk<JY(6pZxCB&?>Uwl}nDn&VVyYIK9n_TC{daU9<iSwBExqV6Z=3_P?E#$e|
zPe)hP<TYQ*Zn&+ycC7fd6&<@4>wZ0Dfl;;I=Y`v<b<FRWU)APdAQuDrhNVpz>$nq*
zBG8bEDv#vNk8`W#hxhFY`C1#geY>-6rba9yO)clCIOYAjr)O(j4bI4Voa3FV2++Rj
zdG4sgJt{RJ^zV$6@C6Oat4tm!&fC4?@oOXT14>5qGp^UM$SpNG&p);G=simD$?nyN
z`m*4%YNun_?F+U>nuR)=!NnFOcWr09D>}Bz;`HGbjRDI~G?xtF>5f-^lmQ<o7+ulE
zxQsRU*<-z000|;vsD8mBkAUY_{vO;U1R%pf0cGH?r0<R7NuJn)9uIk5SvU2`8_z6q
zryUD`z;H?`bdFr3N)&=bl^#QT!7>*-9H#nIRK{maI+4@b1^PbUjy>ej-VFJw2J?Hq
zunR#k9>9OzZX~=4IIB9a<IX}9a*86ITizUyV!tpG+==#rPmZbt3GScZQ(SqWe>r);
zO!>@b(%0Ws6hIr&wXDH07Fbi{z#v4*ojoPW#ziH3u!8Yin((|Rn-$u5nUc;Bg%`oW
zFfV}Uq{^%xUEmNIHiS!mH}k;m0y4@UF`PhG4@l%3DpUg|0mwrTSq*TrV?kg%z%ekX
z0u%$&10<r37&nIfCCi4a5nlPoEP%WTBqC;nu%U=T{!uMPA~uhPs&z9&@$<j!CJ5)D
z!AA@y7ZDJJCc$2$5d()lvaKMGgKROH0i;7TszEtzQSX~k{X9_F929M{&J_)cI_xyT
zP=E?k{)_!2kd2%_q6l@Ae`+KOkq5MBJ<2bGY(9-uC}c=v={Z+G#LuJ1sNe?z7#&ZM
zltE^tMz83R4jd#hA_|6Cb_bdGM#Vfc^vIva6J+^Ohv^Zi!SD|tR}{Yg39TQ8N=L{r
z0|An?l7{oR<@f3-(k+UHOk0O1_PR-lAucanmif(oePP2wwd2v=n>H<4TYJHHeU~+w
zFGPR34wrAAXSAp(RWsUW<yiwAvn20#*=85?EG=El51rv{da!+l@y1=-NXpB8kv#gD
zZP^N;y+(ZB87}0X`?gBlUxbBr_ezveL{uTpsAEmq%dg6+47vJbWA9bU?xdii7JVVV
zVMpwWZgmFpRot_(UAiA1<ArAJF3WPvPcQr{tR-ylQ~%8TA5aOhn+Z<#=kkGuV_Qot
zwmfV}#RK9uhBKoo4NA;ZJgM5M<LZNFj-7hJUH0x|8GNdNGr4mKKcWIR3dN}Xjnq$j
zJt`!u!(z5ZT6iA8u^e01RBdJ58`TxT3qI`uTtBs91)XoKZ+^F){KW->-ng58ktT${
zqW8;tYzIrzY*Q9f(A7u2N9*}U5eVot0iMy+e)6|>D|dD9Hzd6WMd5WFT`<iG+;>Fl
zUkYbh1*K^}&lsQ3E@U+`QUtkVE8sQyp50_~rhwjVtGK97FxUMDrNN44%oLmlK*DDy
z2p)qDZo0pS!kNW0h9=9CJDTC0rh#^He|_KmfqPg3<_r^Nab(MR5WLxO1!6fSy7WNZ
zaL;ZmYhJt^zOi^ZRvXyChIYy1x1WY)d$9!w@w)JR#71is*$Np!Va5W`MCP%Rg)92V
zw<1Qi3&Na2J;8@j`~}~6&IQ;UMfG1_ohI6)?a)Ekh}b1#!Q8N#ktN`)t|EFo2$*n+
zyUddc+_-P~RZnmDl6F~W@5WCjWj;J^Ib@eIc#J67_>JywDDU|`+>l=omv0lnr|nMg
zyEQRMc}J0{p6SLSDcRXO8k{?4tJOa%AV<P!WGL8!#l=(cNQQh#pLY1wW6u`T`x-sI
zH_&?T71*@1*HZ5}_1b$sSvS*S$Bt0#>U%$9%QKQGMz#Bsr*2K;Y0s@!vDApMsx~mJ
zk3eJ&EnhCf1tW5ZhFO)!`{UAC+MRuq56Y%WxDvR)qfJ1)`ob!P@&u!*abE?!&J=>T
zAcf`Y?~ojQtPbo{qXKjJTw@fGgVFsN(^x;3Ifx2AvImw*NDsR529*UyaKy7SM{+ls
zaA4BE%QrS+G+FTWoE3R{b`d33Gjxjs6gAm?l*8Dx=5o1CD>l{ja9vH!ggk3|#j=|_
zWp<d1iD%@c|LwFeb%*H-0X=W*;KgQBYhTuL_1rBHxF$Ow75lh|hR>(-51CzIbZ-^d
zf(7;oiyt<?c9`7SK~X@Y7W%DN?_s(ut{__%EtF*`V6{*G+bagKddxIKxDNCBRunZc
zH$a@*2L2OJw>$Ev{6%*l1R&ziA<#DvfowkazAIJZ6NPi#a1r)Nj~9wd0^F+u>GmH(
zRA#3RW+O5VqB`rhU+FgcbLRgsNbj@u4DSEGj{hsqW6l4;)m1PNJEV1mF1vv5Qos0`
z5zx*~7Ka)irhKE)E=x+o(zjB>-*NKlN1Iv#U)C<Atee18Uv<}Z=GQ({NpV1Xj&2&y
zVPk5ta}h+o5x%ftcNZjob}%e{yNB5GgqKze>7H<hiR|qHkeY?9R>nx4LaaradHZ@K
zgCXvCC6wlF)ET@=gqT3ofC=HNK@O>@HCX;#6xa=LF$TF|{?}N|jlgP<ULjW+Ej&pD
z#8)wxQ9XoFeeq(fbFDxD{2ZoRSv|Sf02_~m#w<htL@A1vL9hVQ^oTS`h=v{yf*;yK
z>XJlFvQU>UqDd(7G~EO41xV)hFr;CfBK;!bu$k4!$%Cp9ilScM5MddkDg}xfw-H{T
z-#84w59*p?BK8qpMs+*pyY-=+0|?S50xNycF%4~C^VK(`S;Q9%xn>Zyf*t`VMu0-}
z6>;<w(dv-o1ZR*;0{}S@4Fx4b3RdK!NyE}+lZ(-F5M&~OAuPm{91aHWP#yx4qicfL
zp%r05x7lb-L~U$@FOf$}24;sao{<a;WBog+M{MhGtn#?6C}c%wkii`jj6M(K&_Q4+
zkg`1uPhh});mNh|589I9^cFy3XkY+;?qSQ|ZzzU_=p+LL&C^H_C=cU+yEB7C$wupd
z1jh)`?u_*Q+kca!2jGDSpeZm%e?&<$=<}$3s4n^o3Znlg2BQ<nT!g-WI*00^zl~0w
zA&FIq_CCMH<!=Arhkmpho~`ci5At84^G1=?B+d$(j#Y*%Xy?{Dw(Ax+mprjXHtIOE
z5<Q7hYUo48ToUQT&0nN6HUnyB8hGjd$giOh=W#5=9^fK;KU;59)}we@V{r`)FcFYO
zpP6<--yI-qfWf3>(Xt>*fPrv4<N}d8v{`7_J|egBZmsYKJc2srilc1?l?ojbbQ*j!
zx$6!r1PvMfb+H?hk=8#TT9q*hPzTMS9p%&lv3waTR^wpPp@UM3UW%(YV{R-8&H_rC
z!xH&KCD557?=fjiZt)KEF1ouB0K5?9ha56EefZ93y@dektW(1g_hLiXf27qYX${q%
z%4_B@2Nh4zg_?9k;yn%Yqs$ouhVUdXgfW33AR%Wf={H(17%tle0lY*Ai0YS^{4|5&
z++sgUuR>BjF0~lcL#XpJ8<mHK=%3*v&U{Eo&^@8?aV6Q$Q*q1qT+19!@@~r`=OuRd
z(63=hdpwLeA1Jv4Gs;7s?yEYg=-7Q&!{6bO%=EWsm+FI#3Wj=DGT(-B3BcY~4^<HU
z-4Nl~)jy8Z4q*5&-wyXS1Nc|_j*Ks&^Y>*aKqPK3z*qiqP@k{F%iuGMIXXgF<^&=3
zf}pkaT?>T)_%ud;v^5N$>3)`o4tx8~%LU`U@K^!Cu<Gz8*A@nyVJuk8o&<5g1%MO<
z3hTj3x(9CjBzx{%M!!1o`bp?}Q@qt^A^g^k8%plnnnp|!=12*(j`VV2{7=S|BHq43
z=@c!n0TzgLz1a!aVg>&%%8z?|IFWJ9ZICSqb0yyre+}jN?r<0b3i^~^q>BqM{!_{y
zJCU+tP{Ct91SdFi$O8FjB6d3fwES#E5A|X}FmnR1i2LrCPj^SV*#B%JWzj}1p)}lc
zB_;zbsoFh^!U@1-8}ZE*moV;r2B!meCH+q(M?vTL1}o6x(s8L$K`(4p4vU*doycms
zD_Uy@$QM{E{l@=fI5RXHyL)Ks5p^(5NRq$&=X6OOf9})&iDK3ap9LZ|D7auGHmD$&
zFD_cCHKQ@PAD=zB3zwsLV@-#UZ)Va1K!b2I|2P*8u|wqkXv0yoCbaoZMN|G-EYM(1
z0NPDANM{wDdox?P;y>tZJNR^TvMJrmT`^E8wn1$7E&$-!FqwRGjOb;gPRB6Ema@=c
z$U-1!W0nEdqyon=(A`9m03iCu2s^Q?58Ptmq;P-~nKvkcT_+gaJZz$mpmcaZT33P1
z(8XbhCP)O|;0c}oi(6vHW#E2@GOWXE*k+w4-eNXdmr?*noEFg}obTCbBq&+&=cSGK
zb6;aFQxX_ipo<l(;nJxC66$<(X;VpTw2NP0L>JMBZMfTFv6??ux2po5$9L?OUb_c4
z&tV69Bk>(RjBAiqu%9Ma7Mk@B1SK|RQTSSBD0rroyomm#6go>HLa)HrHn+6_3G~cb
zI!@+`@#xMejRMTS94;bZueolPouOPRnDfA**?rf&3`X?cyt&CQlh@8VF}rAnQIjsR
z<LpOlo5;=rJTu(9V<$ki?>a(fS_2U&b1WF;Q9&As$mrJEr__%zu>AJ_Ub5p)YuoQu
z_K-O!xJH9k_Hux}HfohZ{E%u@<1Z4>PkR`T{I!GOHI$=`Uom5X5F<(aLx&H`K;daJ
zAyi7$MCFqkdJELo^U*Seo=qfo^aCo6F;q=rq)oft&_)dRX&-K84NwzgI8i^10E0+u
z84;b1nLxB^_Xddp&8ms_(ZB&{8pToKB=P%bzXZLU3vTEK1i;h<L|E)MFJS+F81ja}
z5)z5XBsU~t!GKE2hf&}w&^s6QvP)>#N9GoD;_`E~dE+D8>Wby}-8tvp`%dYsQp&>%
z3m)EhxQH3T&RSEjX28ixN3dc))~)9XvmC!2<1r!U>AsW|vQ`oKaB$rLa)C&G%Hn=-
z0x{86-yxWp3;7<bB8mH;O2+GhwPn;V&ERz^A=@FMmsmQmxi=OgZzCbIk$4@FqlQO}
z?hT*{j(RQb84mabYdnn0Kq1PbUuE{*zyuBgd?l8xoloyqP6Ld0aVCpj(GRIhVn<E^
z;$Q=?3-n?P&EP5Ja0>8}>s9$|{xW|^2f^+#%r}E5DkBRg*MMZnyg`KlYu&evW5J=A
z0c0fdi2<k9#K2<}Dp<oAULQUQEDQBJ;j7WY$vE*E2J_V<a5GA<hVujvC%y;vgEH{%
zX`!hyMo+b%XQkK?L=*i8bBPf+32>>{@XNpiFD@8b6PCToc+|^fBnv^RCoHbML!p46
zoq^6Ij1yK5fB>Zj@R!qJjlfSQRiO0&z|Vw@brA5H7L56bp6>+oN&zf~`XmwS8-9$~
zhK2!<c0+@)`O8K7C9~E@&W8#&0`Q;skQPz63*@!~ozf|yn`Id9sm#v`fF-wo&tls+
zCJ%iQtigyjQ8M>Y;Og2i&GpH27S~4p7fBJ0*<JF->5g&L9$Neaj^18<(>kl&r50C&
z#}9mt-*KcMQ0>$|mv+pY=2q<7Vlq_Bk?L&R4<jSghyW>+P8g2Lhf0nY(Z`@-Q2wSq
z^mU{Hp$tnv(5a}pA<BlGNs=HQf_TRjaBxI~J^TWIDO9^5PSWWkNqi(f)&@Ncvn~q~
zg)XA%i+Y2^g@b|&lSlGbhm^WolL#(=I#Uu#0VD|wS7hj$jiyBK$AA5RVh*oCC*ul%
z8{YvM%Yn=?wSgy4AO)nHAutPJ&Iru<qq&3*mr_&aqEc$be$?KXNyWJ2Pf_&fRtG?>
z9tg{h4rgAHHbv~y5WUteBq9jA+J+;o&C+CH-TjaQFH&eAWM8zyKNlcCkD?@vfoTt^
zYA}ZZ*jIziKuIvm_%Yx4b-1H?rfymF>s#%b$Ck|Z<MmnD9E|49_OwosGJAuOs&cF)
zJ|#)fm0Y{p<ja@tH%;E=yQDE-*_+N31$Fw?1>*OMj77x&XlbGfFu`m!5s~3OG_nv&
zj2OCre~`~=l?z^)#0ep-71TZeeW=3HeC8;=2K32935x%nxCckLlmt3`C{$F2u2iug
zaQFfprSlJiP;YVpg2pF3L^Ba{APVN7%!45f?tgLl;p&6DCDc<wC?Iul#=oxd@YOT^
z_bQ%}k^&GhpCb}D`h{+znWI3#81dDDA858PQ`LXpGEx#j+EAni#}KI(o9{CIIl?A}
z@4p%UFtGe4g6E-yQXy4$+qeYap-2pjDoye)?m;ja;=9DVXqSld5)=8_{=Zqkf1V7(
z+(?dvI2F}-E&4ccF0X%mbBJ+6LhJ~~8shL_q~~yq@KT8B5{f=z2SU#_SQt9OGsF=R
zlN%99Ljvvbm<phAB$&w}-E>yyg~TeRl)#kdeR)YjjDwu}(JzI^2LfUie^Riymh$as
z+BC0D-G;^>V@u*bL8XsvBscgjiYp#20lOKMnHcfEK`E4>J1G1Dx*eoTnQ5{@5j7lG
zdAlB6ZU|uhG;GPb4z%1iI*$s>W9fk9B6$^#|L=)Zz006E$ZgPn=0)RvRGigcU^vQ<
zwckU6YfWjA`d4R=Q<NbLL2ye#n}(%CiKDbwR2|DmjNs!?ux6wXm@={s{3}Twkk1&{
zdjTo~(?PJmPEQnGjar0M5$;9&r8r5MMF_oHlSGyw>Pf`LQ8E=1cA^ym<WZju_;~2h
z*oZSAyAuMAM1`4_vv7NmXc^_jlo;k8L+tllE%6LdqD2FL4}oY)T<-vLHUCBWO9lp1
zN#au4PJ_~Ul<&t~QQwgtqp4MAmic-jF3Z1YQsS|KTd}94I;lfNDn?4-{kE;i{&OLw
zZ^x#9m+e<}9<N<S_V9eq?$qRu9&_?d9=lC^P~77Xk3q+dYRVXM$(hV)u4cWyuP(<5
z*4Aw~e)<)+1v^;TT-0{x<yKqQhVze%UPM{iEpj8NlyS893xs(rnA21q_9lkm9lkm_
ziCg3sb##5svgQx-!qSVYOcRUmB~;aY-Mwa$M}dCXo3Fw3)Wkl4TwZ=I`B_a&J@oj@
zP~zXlRz1QVHY*zYEzy^DS`w<%BG0oZSZr;-;Z=}yiE+Z_^(X!b2$~rNxc@RMft5r3
z+SQx=f+y$ibl>%Lrsr(F;{#WD>gOKE9S&B9i_WRGy<So>!+S%@pmC*lZONwXHv=sn
z6#Ddz<t1X=%`|VySi?^oUcHP&0Y@j}hSla?IsAS3V%qUDo4>ao%caf!`+ngJi6d%W
zlUsY;g~_p}=~Iqi(jAWYe12(Om}Aln&-vw+nR)M&C%3eVIZx8P=HIvb#VwUpr|2i6
zdNh+y%*X>Evxjwzs_a>;7@b8PFQ6pxE{DYM^m5vwty)vnFRSv#zLZPYXSF|V+j`Yl
z$5U;R2UgGCpzdKiPCbwQrK8UHD&*-X%hX9+>ZVG#%IRs+w!SJ$vw!3oKA>!xld732
zw(2JKXz`fJ=5HZa=LhZXgxb6cXBhj1PbhY6&h=2-%4?uEcs@g!o=sKUQYXE4|6c{F
zRjaN){(63j<a)}T(^E4St@2*;mgMD1zw(Q8jID4)G3ugilxt;i&a~vVaW-7`9!<{8
z(yRA^o3q?vaeK9C8FlpD8(;h0T~<1IZa0~~ke;nazry9)%I98<-tX$mH`JPe9r%W2
zX)j4sTMB&w;(DvSsjFwYU@^<-THqE8NsDjAC-Ul_r0sL^NH$dIv=v4?;6Ib7jI0)3
z3p;ftmr@21&iS`|8U|A`*_A0~UTp4WCDsMDT&P)DhP+@6ufw~|!`Z2>P)45WTD&WX
zmFR7?xo1L7n91d~$kdnDdn016(7&rriM8-D7|bDacd~t~$=nKh+D743-n70<hIBc<
zrA9rG`?>Q-d$|tTF5Seg{{2!DwMj;m8<yYHd{$x1E5#+r-0WT#-n{bAI!*I!_CEz$
zWdB2Fr6y{r4$i80_Qm4qtxQer51$KXEqgqF9W!9u{Iorsj-ONO9axo(Il6cphds_!
zg2TG9xTnxevDr|Cr`;o@=bXt9oBis}-ysv)e#TFANqeEHAG9(c@_A5M9hkNLrhhfh
zrO09j7=DWF=@EQNT~A+tdNP;n)8=8mxLnth#gUPD-z&Gc)Av!(LiMWCC!bF!IuxSw
zX69`1CYefgTryK9Q`55c8*q~Go?2A(oL{7AR!3ZR2lLOEoK`kC@H{0&_)X6@#O}zA
zr{0wZWetDkC-zZgDYen8Nx(e{ca`**c-YRPU;dty%-j0fp3~}oRVhpMTjWXO$q!E5
zkK8)#$nC85&XA4vl4GP@RYC{FJWg{%vuNG}k5If|@pO-6{Aj0oEAcG%Mt^2UY<K!J
z$K~~AibiGMlh68DtDfvy9JJ1;IK*&U+`bHLFc+G(B$E>*a@s7n^Qqj5x?~?u&DPes
z%|FToj!&C9kDM%Ya2!{5_vN#-YC0jD`&vo|b>^;%Un+KA#+}arZbRc64;p%y@)+LQ
zJ-ozV51p_A56j2)H43jYN<Fk`F0@J9>gsQsE~|P)7KRl3^KyOiQ8{IwpPWHYSE=3y
z{Od8UW=1}_?uV12n@_a%er&CjE(#VVJ=&sbEEi$lxahXy*U#}k$4uP+c+!e`jLfQK
zSg+(?=T`NWd^&YIO>Yu|oH%G{CN(ks(1zq?N8~D<<kdELBs8x3QpNh7*_!L_eSUB$
zpZ>Ry<w4=;Zcco`sn+5g3ZHaa?(m>FbyWoI<jncsX1?6OUUsbEd~!PJh=(g|$$7qf
ztxT>h*Xld{YTA}M4M$xAyWKCjEbsOtCf_(#?RtG+OZS_r-#4|*dcE`bnW=hX7e!X+
z@Jw;ZWG;h44%BYb+790TcOAyubKMqpeggAo{>he(><qcoYnwLcBtL$nYCA3GP#$N>
zb&sr@KJ|>Ref7qf%qsIb`JCcQFUgYyW>Es`Pp8gNb|v#R#hs2S;0%6Pxj%nKj^~y%
zw*C3Kl>P_r|5nlW=`Yext}_<Mvg<wAlMVGf<hkD%(v5r@-e8VJRFZRDjBrznflc;_
zqg9h1ke=;T)O#|$KV$tJ-#3%*<i9;B)<&KM2C~>+Brw|Ab@<k-;1(sx1Ty0@X64(v
z)y1T%X3M)@ru)RkAJ|-<@hW`Yf)I|9TEnxib1HYu3@qIvd?g@D<UjUQZW^Ek=v&39
z$;n&XD?0zM@LY7$QugsdwNPhfq2jy8?W@}7$U8gkm;G+2DZG%j%Z<aTZ2h~`?o&oF
zkC`o(O1>-@jILH%59IXoTeY&!fvyuLUl&+Ag=^g8GY2PlY~ukB_0eTr>c+<MDf_u`
zET7nR!@2h13s{L|k)^Q#Th2vQHy6+vj!yk+EHAgwG->SMv)DARqaKssFyA$KuH>rc
zQ)jr=!w2a45*+#ki}pu0ZcnQ1mush$zoZ{$EGsT_xt+X{r2P2RH-|5Va#-eCeOaDO
zp7q3!j)|;UM^Zy`%-Z&?oY2Fb{LS7GqebV_)RN~Mmduhjy%n}<Hmz{dm`Is$!C8p9
z7~m&85y%T;4QDp@;u3eVF-7gxUnDs`ZC~i#aJ|UX^i`g=_sWvLzRSDbKkfRWzrJ6b
z{bh~nSBj&|*S<O(zYL0p5<iZcSCQpjlg`a)m6LZ@_tjpQSa@zz@s4C~9oP1Q-Uov=
z^zxRDU#@H#@FerTw9FKcaDQjaY*G<(Jh_UuD$YqK;IxcbbLx`Y5nJ41S}oE8g7TfE
z<DQQxSu|mu^PI}_Qxa@vG~&x)b6#44H6gJvOGdnzEQv2XT1m}mQ{DMlJ&h*)t;*Wo
zd|&a{@p3P3XdKpY)9*Z?N}U(#{&qqa#fQq>Y8FVIc#2Bmch&&!Y0RaP1b_2f0&G8h
z5SE4e#O-ax-9Jon8Lu!eIZXSef<nYKkAP@zHTU8i)_L-*w10RNwd%R-pLA~*6-}<b
zMK8V1YNGb*l*I=U%2X;2y{y>uHQfHbsY#zkuHw6*sxzbo;$<09cxAY}@V=pXtD!PC
zgI;ess4Umsw>3B?dVPq&n7Z~Nn{j1nd+dB%e@yoAiv5(b+c7F$-~i^&0&bu11K4La
z<U<ObfGowA9h@cj3m{yh6K{;PY9`n`1j?u9$LaXRrfJtXw6;=xSA3f>sQfMU*fV3A
zt+UFcpbtv=L3%Uh-3Vcx;(rD8IGEEh7#5BDnstHK;RDJ3OfLeJkVqVqk0C{X=#mG&
z8gj~ddU+`j5FKifPB{sf7IkD3<=cCL#yMM`+=bj1pr;Vv6?zyOcu^3xhfWtklfm`?
zQG!+T0&ood1f>gx^W293^3s_tlp$CQb}UgoBm%)iLZmK$@-`HF2UZ+V5m4n_<n|)G
zz9e_}V=I1gGn<I$YZw)M7mdCS4s<VYiK#;UI%@CACLyJ@Q>zQ#)PWpgNhqiWtT01C
zH6q2{+No_PboZT3f<PG$EcYA#Ciw6DslrwJ(8s-@V=7w)?9^7o@9zx%{@RdvVRV_r
zVUOiF@{m0a;^L4>ck;J?mr#I-3R*}_=pKAClQnG(->Hr~IIbFN0u2DA^i?B2PtYC?
zV{n`WC~-I9<)Q9SFk`A6e%@tYvCs*lLXpS7R*sG!hz0!O%c2S(lt-jf)3<LV&FGYA
zQ?6(EV^e`oMh<8JrHm15qj`r(3YNd(UCrUTo+;cN(%z<R;yA;yZPA(h=j%+?MP4t@
z$Y8>{kFdT**UuKdK7|FaCGGfjryKZ^*w~uAuFroA$Sf{+ywP=u>Z(tM0=IwuO4#2R
zM>@%pfX_sSvM1qW*RJ*a0vllxPlv;zKj5F9k$f@nhYRmRby@75RF9A|#p>;mA(d7o
zs)f&0$G$%_K}`7(Q!vAsgWuz}=36lRJSg=Y60X6Vnuut7-Q<f&TbAflJbL~4w)vJT
zm8<6kDKU~>AM=a2@x=B-?wM8kt=oVX>~?)u{6<bi;{}iH)1yT%XUT@veW*z|_oz_r
z;$y1ta(8J||3uX-Gs5gU8a8FtY&<kgIp^lnn$_?sRbaxea;PsRyT;_HNS9=2yZTeP
z$-XP6Mt<FI#;KmfKk1T^@ba3;?z1<;HplBXFTFI;J6C1zH?fZ%?(q8gqm`4RxyJiG
zuVl*!<UeT{s_s9MvFru!=A%bX&gp8&9Ci6FXb3uDA<fOgk1Y>UoWE}Eq@*vF!1lHY
zC~-~JGLABw{M;>PbF2+tq?eyElU^HDS#|V9Q*TM6-L9KUjvoxHsWe}_Y0ipB=8yZG
znQv!>w#g2X_<e9^xjJ6mw7@oQQP<xe1vZAvr%jcT*23F~`JZU9W0w_cb*MD$x0;yq
z`rw2qB%K9^yNZ>tO!W*^*G3Dj#1(xzCoWcRcLgWgEBagzFjefk3he8Y72*$u=iz%y
z?pC!V`1bx)FzfnzHRsN0OT~U#tHNqu@yDa|C8_qb6&#A6wc%$&t$jyBt;r?&lnCQ_
z&=?@9aQdE?6%$t`Xr?_&3!M2jQ|!Xp*Lvau>^6<TJ$%T1=i5i}FItxh);_j&_1}^7
zY2_9P(?rXwd-i@l?)=?iy@IXT3dx_j)!XHC4j-5v)}?hBw7W-KFd0a^0W@mS3|%S&
zs*gZRZS?JqTfdeY7ZBopg0VB@`E84m<x8h%r(G_reNpgw)-_#P6|2{ZC*P*TVT-lY
zOe|k{PCg%#6j(aeON%A>s@>U=9=2NjWk`9$rVakHUiO(U=`K{AabWUNqoo2cD2-cG
zlBN^I-<@Z6844uK=lj)9?0A^Koz}dnAl~<98Y{6{&mgN(^Qqg%IxKOz^YTR@2X`J~
z!?EtiRn~G#GgEsQ-kxelD?<YWmS<~CJhbf|cvq~fK3O8=7nP8DK5~rC_Tz6dx@Jy_
z-@nN;fU4yAj*&S270>w%rWo5(e2KzM*4K(YiYsM&I+XlbmD~2?DyA7(IBmaeyj-2a
zv3gAJUDa$Cs^)m<J$zFT-K9L^^B(5h;+)FlD~X!sIhC|r16mzDpdmRaq_VuFaYu>P
zN@z8*H_!BW{)DjVwKty^N-fj7<48Kao6X(D7+Wn+OR5OY!luaQRD|o$e57h$9gBNV
zVNTr}=6txSecV&}oWHZEiEhU(n;bN;$U>E#$Eos?FJq3hOH^q`PYHgzqk5hC<sRvi
z!tZ#o)q2wqDgV`HuJ>}tp`?_<45fl;>%Y4(R?o<o?fJ%V$!8B$-o-6+WB&U3R+%g0
zsa3hf5BYgYtc1AhrHk9PZ%EM4mv<_5__5eGaLnB?u`Ww!*=)W#BbRw$fB~JqrPcFQ
zX7XrPJY|~|i@np<Yxzlc8J~?l>ax3HtVLn!X8+2##1pxV3ClM{oQ*m3QNlP5%RC^E
zjevNr@#zr6NzOH;PZY@LzE@G>jj@+&jk=S*oVLip)aC4D`zR+r*`q%tja-c1(f9EE
z29NR8Ih4HdT+G)tqog63s|lG4dg)vDhW?bZu)6Uvcg^*Sv@WrGdl#&ejB&mz{zHe%
z-Ri)W!?W3B!^y3lvtL}q<>g-0rEjX(mgv`@c+4W{b7^L}((y+B_f{<v#y%nSF%3Sm
zYVR=QS@y-go^#7Gboeox&$^hOp^O7r(l(KM`cY+iaur}=50zTM_q0$$>*>aqwjC-o
zAXy5du-a#e71_mKX!-0J0(CB>?rM64Pol}`>M8u_%@<0ymL2<XU|L(4UR;6Vg;?$@
zQ?KW9I(@5?%TAl|7u;|+yCPV~*~H(>+fiR9;dkmReM&KBuT4qOgNMz}sx@Qwe_NA2
zWlG8NHWS;Bb(8-JIG942iRUp?DE3-kusVrM`V~VBz9o$o=c<EGy+_``ZD+XKro7%I
zrqy0<H%41eb`@`Yrrq3iOEq+Q-w1sTSK?n8lLRYln3e*mlC*#9{!z29i=zzgHn4ot
z*QRlB(B##Ypn|~%Q<uK|$6O6tp{txI)?0V)oy_08D|ek+RI-I)`Z77B&h*JYel~6m
zq?PYU;{sO~wC2a{y+7v4g8MQm$pAIHcpbtMC9Lk9$Rn1q0)PX`VF1C{b12-M&8QU5
zXZK|P1$CCdAl3u6=&$kqLy<KkBJQ?l@X1I%z>r-O+4}(XK=Y^}F|PWWsH4p;1n&sK
zB$3Dwi7Fq>Q0@@8ZGkdPRsCeJHA8I$XvjcmsMa3`xg0${cyPW|k`v`Waw&d$cPTH}
zf@>Ifcc+yyg-$3IuRO2g_^so9J_*dbxQuJRzAE=lwuKdbzTQ<Uv3hw;W!*B4<Jz=W
z)0WO0^Q^Y^;@j1RX+OLS^pH&zIaU$0qWFL#V?R@%*$O(-Tlsu4|F5G|fsFtsiQ{rT
zbfK7s6R3RQkHCzM75~^P{uCiHq96o3kIe3#9g7UL_JS95<lU-%><yG4C|ARX@iw=h
z@#?v=mG=zonS#iwTJbG#r+}IO7Fn%83OD#O+`eXde{sfI5F+mRl+JOye0*A1XfjIS
zUETbKB>q$!&75chtdH;=MD^*z%m>K>WB6d?n`i*sE&!f*AB@Wh{V1K|MFadIDS%H6
zdt;=_L=d*Mk8o)SGWr(4#34>R14Mn6*$$8+<VHrsLO#oe(JvZsizyqw1r;U-8%U@3
z4NW@3gg~HNsJE(dlPn*LHA&Ue1@pAEXaoP?PNiN8konMtJ~RR`B_UR{ndI}P1~MSC
z$5$+F6U=jnwWw*;aSxDJwG14?`!MH(<nn2er}VG0R~IO;xvBd05N8BZoWCs>_8lm!
z;z~XYn|@G6aNfhI0>8WktrQEV)XwIo+d#Dv>MY1^e1h@lUB#cgR#7;oT}#QGW^Ds@
z_$CMwV)qYB0e$FlX}#G1G3@sB9luCmJSdvH41%d>Uq(*P8ltW81&!?4=xe_RK8uyg
zbOqiOGg2aRQ$6efNa7&QBo~~6ya87KTX4Hd#pJ<81z|LJaXR=|yNjy?T>&({W$!2|
zuoK{FfFEJx-y4k9!6-a3K3}kep=gJ17P9c^;B#kn_0-Y%R@N)?Fb)+E5oaU7Yb7Ap
zzZLT+^08)u%-?iLDW-7e!LY1@lpjN9feqN;&K=jpo_VfxEyevt2IbG1D>%Xni<ii*
zI<O2t!=)=^+JIdLesaZig6MEBf*8zqz~)Dh8<kh*lDWx0;Rehe-eE=;<D`jbw%8{M
zFqNz;WNg5$4L@-L%WC39VGWEbnC^Oc(R8gf$ivrY<k%Q*7ZM*MizwVZR79ZAM(n>H
zowM<uTf?6PN0U{PP>iSn77-=7oh@QK_xwLrpz>w*|M|?K^BCP`pr3Ic`k-tK?CvZZ
zhJP>IhHL0T-uTRdf~CdQn-PuuabRyr(&u^6c@UgeK<t6H7OsPPrbOWKd#(aWsp0Gj
zpuBS{;NAiCmWJiSMKL1A)x|zW1EE44S-}K2NavxgUHIfI<fV|i^2>~Xd{4QSQh<EX
z%>2Q54_Er}Y=ZLW{p#g#Ew-<Rzx^%zMJn0^>*vt+A_9hc!r$Ct&F;<?)K`s#u}5wu
zK@Al_N5pM#d9$mOCgOxP%CLkh;FwphmdIl$La3JLz6}jrkS7|rafm&bi`YXa+<my+
z$)lMDrIEp(f+&KiXd|Lu&^myCyMH8TYZ~X0r+ChHrEUM5rbB!1rD=N&&FSf*(sv~f
zA9_7~x=FH84Uh2oZ-+_d$_^6_!GF=bC`AU(jC5mpNGl|o=n!$X6&gTIp1%*i4@j5N
zXy68^6PD#`Mja*;dL@yR_aLSZb@vIcHmVwQ+#EjS_itjP+_r@i14cZG66*0WVr3Ww
zSSWb933Xh6-;#bu_b;b(6Ra8$@=Vy!-b|>X{AHN2n(r8yke6;Oux(V>8R@>LZO%y+
zH+d8dAO;qA7i#?dH^~zts?U%5GaxYlk-Ki&f#65v1o3fT^GNgz({M1*aDKmVg2XPg
zXOJd{ig%+xp_9>d!eQYS^$2l8tms^)43b(SVo*d%(Ik>MQO<#e=lxEof$H>?F^wHF
z_$*vDrdaw*^8ndj@SP`j`(&FFr?A!aVW3{5%b6gP3y*h=ZMY5rr02v(s;%|&UqN}{
z>{YCRV=utB2l<bKGhD48lfdjeuEp<aOQl?~rSJIc81ESM{3A_kPS~>Os!b+A3%+hu
zR(863LFVsHu}auSqKXm`<cw#G=^Wlj8c2eLgd_mD%7EPkIv!zOARYu0#Gi`d=m+zF
zIM8-91VROi5mEo|-55IB-%@zGSaMz5!k!MPqi3c*&!5+GxBP8e-_A7KwX1(F*FAey
z@*S6PHDiveO;*_PJAkHH7k}VIiC3!L0}%&uJU;l!uO1{TWOfW3`iwZM$q<F1b1JS7
z1pNin1hQu|4q0oY&EnX5tSc5=@dO!=6$q04S_Xr`oQ`Fc@Gt)&tz%pSMiH3;Wh%6~
z_*dQ{0do)|B!OCw7QPI31OJ~Ezyts+Ljw<qIUY%o%}w;21KcCJ7Q#jrE-?TIQYgSB
zBm|mTzSQo8d<uv;Q#!s5Xm||@FS`7CSSkX?5=q5_aL;;Y|He9Yf<~s=HE9~(f;xo<
zDR85v$AsXw)fCPV!Jn(aGc?rU3<9wRsro=x_aYGlTMMK-!j6e8>Tkryip9ZwH?5PS
zG?;TSe0nHZa2fZ!w4L}RStv<tQcyh`zsoAFbqey-`tmOxMrou!y;wKuv_}|=wok5>
z?*`bTp}nB=O9^mQb%7?u7x?RSvrOQxJN9Fp^8Er{Fu`(0cm_+j3{M~E+#+80=Ms!a
z4p`PF{^h$^mO9$v1?@0wbN>L(`1iOtt8+Oq?tt??)jDAy1#JSOdm-RPJJd&g46u{E
ze=MSBn`nc<@+H~@6~G)&!ybC0%7x}=4NMo1;jrfACkxkrV7VL6K=9ZhsCnaaI;+{I
zKmX+f*quMI4^!>q_+)ha2e5zb1fmJD?>=HDgjkaeL2uE&Nb%1x(e!Fo!#6~7!mN`7
zPq)q*O%!M$D3JSdG*61$`J1u^aO=CDU^|WL{yaQ~5t1PAB@`%kg@k;c-;68#(eJ|}
z?g)gu4ILBECiEa6keO-S%+cQ?L>{7K)+kCQWN&y{Fr3PN=m8|rP6Ml&8;x#S#PG_Q
z3KY1Q>+^>$W>7u4n5@uf?dz}{_Z$KOM++r~@C}F*;-dtTU<xI}Kw2n>aJd@y%<cFO
z^|WaYm2L5%Hik*PCUq|p(t?_8_D=mA)G^C$vE_a1Wfc^cC_-at<i0sRnqv{l38lCR
z-Ifu4MUbSh;Qr(oWC2Ez5)x*ht)L8>??VSR1oaT^H!J)?!T?d_4<V{i`i=qUJ4A;#
zA|IaU-wgln5!ToZU)a&7lkdbkncH?~`$K;H;!9${0HY$BLFEI!!uaUrLjDi!E}qis
zQM%-mnOBYEi?rmhlFo{C&%IseuM1k&I%fQC^S1}qj#as|=O2;m_}})v`oG|L@~^M|
E55-|C1poj5

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/btfs_layers.png b/docs/userguide/storagedriver/images/btfs_layers.png
new file mode 100644
index 0000000000000000000000000000000000000000..12b61e5b52db3d9f4f8a5734ac8ac5ed4b833652
GIT binary patch
literal 69487
zcmZr%WmMc;w8a^GaEHO&p~Ybaic68=QYh~3&S1sep*R$GheB~EP~5$^yYu+o`}^`E
zwpNmxv-gpk>=W@>Ng4x{1QiAb218axQWXXU&J+d)RtNz1eg-$t$O;A)>w~N$Slt8m
zcxCWxwhiak#oe2I{C+H=ydVzfFI1d0PW*b!n<IA3^RB>p`1@Ahg>1}bSdzA649`{L
zpeflN?Vi|Mu4#(4S^E1b)Wm?p{J)*|qyK+Tvv7=il(l}0yE?VnpmV9l=(qn{ay02j
zyQPL<OW_eJ_C{_s--83-;1ckmo0xj9IzUDta10ocjHTUdw|X#L!tyEQ+h9zkVYi=Y
z(=d8Eyf=mMzTI+@?blA9`}57i*>Xw|FPGi1bYv`wEHVGrxk}ynYQt`qgQ-sMyYU<m
z`JRi@)ppG)y;iTA!)zh<@oXW6#MhUnyRy|5$Kc@*G{Q9Lp_Aq2Q7S?X13iMB-9MSh
zp!q8OcAtk!{&0C;;6ai2&X6({AQGZ?0+opht~rE${=6wH3C;%M%Tsxo0P~rE4YqXQ
zRWo_XAgN2daLcau@xDJmQ-`D3X0gtEg5n?M94!>{H0@?(Q^rMFX)T+-3W=&}N@c|&
z{FwlH;vz#L$PGMjk|9Y%hJPYk0B2FWztZf_FWr7GBbBMeas9W$i414!-Ockpug?#I
zv6RIAFORb-Ix#+)mVOVHpB8h){EOeZ{Xg}VDLmpmf+liASfJ-|OQWeAx^c?6qKHH7
z?q}3}T;gjTo>$ig(|_aM@6ql1)P!}p)gOs>`FL}*j`DE6DFNlLL@-)F&RYz62LV(F
zv;rxphWlt9C_qciQ8!gkRZj4FdmsRRAu6v!Ww6ERTIbV7PjK>_eDhvYnwa17XBPlD
zvHRFciV(foH2ENaD<T8f1fqYnkRkEc0n&qf<3F1j(dwZ>jckX$qaMR@i_`?;4VY;3
zO{Z?&IGrptu6OyOZF4lxc=xk#%z!3MnP<81aPwp3CQVKmS5b^esg#hZoHBrqut7j7
zUj6(UR=__mAfMhQki3CW5{m!=DO94Owq)olB}H~T4zAG$P?wNF*g|BmAXzb?pazg*
z?=3hya~~cVb4Hg#<oHXNk7A3!YBtPYJGSs9aty~Y3G_-~s2?;bY#N3OFBLPsigJO*
z#OLeVc6qRTQ=#=-1+f+fTNA}9H%(S^^Oqd`pKEnVRvK*hc7rCNuDTfa+jg3sBXO35
z70pQ*kaNPI7MlHcBwQeAtO)V@P)>B<Ai$9iqU8!<<fS^~#LVwa5~A852Ao-#ftDB`
zEgdf5ud}1sz=C|lzXwc`6YSW=`zaD*S&;ByBx9W>keMYF^h6R+jtzVO1@*qO^zekE
z*?t|9;&e_zF=?$Lg6tvtG_F_(53Z0{u$O>JTqiHM5(x!(LIz3)rG)JtiJ@_QRvS_^
zzC;bE==)XGn=|)_;_Tsna3?>2ifP?m(9kp)zd!kdn;gHoN)kd$rB<R^Fb2(={tK*}
zI0*rTE=dB`b%ELHD3ClX;|w-bqlB<YdkAd`W}Z|ll4KiJP>mBv_%PTaj3kb8UP@ex
zT-2v!&8yY*NTZvIskWNlOl~yWY(M-|#@QUTj|-w_3kFJw?@I!fLqJZ{(A{^3D3Tz%
ziqi?~6fG34QEQ4xIpz4B_~L+80TWp&x1r;@*(-QV08;4q?2YCzsfkh)nup%&Lni4u
z>rEB@fjLkHIlLUZ7Zo872?{}??#7~yhosE}l<EdJv?BE0(f1XJh8GV>xLBj~fn=$q
zAV|iH#c?%$q#x*jG_A~iV+vHoj<}FKq&|+wr`wbAwr*jU{kXOwzWBw1n5-0`O*6_s
zsCI5x-~Dt@sW>I=KyKUtKVm*6-8=t)lIv`UbvSTOE;1*-lsazI9-mBGU{NwHx&oPp
z%f<qBVe-3BtX=ov`@>rE%<@oD5FJ^=S`hN1;Us_KLwNP*!r5nz_&`oO%7HSPK{aq-
z5Y9iK=7D55Y9X*FD)gKkqVAy*Zbl4iBnsf7=vC&!r3%$R<x0>6W_aJ7R=y9_^Rh4~
zgO4k7D#KwAkKLUC%drt_i&vZx0gxyMd|(4Cv(iRGSAozXadoMD$k%E_S!1WlS*n$0
zZPc)NdBc34w^#jq0WYF3($3EmyzKD~B*G=)Y{JuMH<3UAI^ZLA{t6S&Rt4Zl2DP{&
zkaTv3K%0uhueH&rMa@8hqL4x~Dt1$l)C6T9Co!}J6*v|2Sr-L}YD9hl4QK}0z$4gF
zg)hYfr|sqpYWS}2-Ct~P-h2nUZ+%~L8U&%7LM^9)(l~Ib9RGxaS>d_jb%9OTTP_E{
zk$-WQX<3k;NN%Yq_zUobZeL3dyel{NYFT|NEy?XfNm0DD#A-ul`9%*Mnbj^fRj^Fy
z{|u7IhfP|7WuScwIK<)9I>1>ifN@HS_<g%%xSuW9#UE<XNzkW73?-7t26nC^bB)V^
zVuFDZ^+4kmWoQ~H6V#TW@TNmBWby#YpAAQay`@T_dbuMko-~X6H)`$fVyNNpj#lHJ
zg5s9iR<Y29V(Cn_W1Plw#6-D2DXpl$S#Vlw0hJ9;95Yv|D6|1Ia~XFLD56b1BR!ua
z8q3!=T`elu%@Wr-IoeYow(vQ<8<D#H#t{PL$Anzl;Zh400`;GSsMwPw5|rWEsL<ad
z(R9#%nP*6Rr~PpreBTA^D_UAl%o22!b1z)iDLgH7X1nW=f<wV=LV)C<7<Ea8y9m&}
z^cwLN3e!&nb|M%fUU#DwojtWwTXsgAGLm<*erPgb=J0*fHS_u1f=eBy)u{_?9Fw>|
z=7sDC*+QZ=KG1s3r+Ypgx>3>k*@}?#Hr3N_Dt#slB|JJ1k_wNB0_x{LrZk&%fjc<i
zx|K>YN3$nN;nSkwF$L*?4F=SdDv5Yos!&c#NZ}PQf*wlp&nxcw2xPEBwUmeQSB?gx
z^wO<7`%*+H9g?#<54OT7k$tWynRt&5L*irc5x^^6NEVXJ!dnrz;=xFnVoMbTszi~1
zRdV?R!oj67p_b%31oM7HP45yUqCgTqxTBrS{`j*c^P@fH#m5&9;nm4P;NvrFo<t9+
z*Cxw`L!zmbtP4c%(*Ki?`)T3&vx$)S)@aW|#-t|d$L-L8+2>Gt2xI-tp7dtK`b4hS
zc4)B!@{iCChvN>@xhMvuEWlgXR8Xl_8zGfN@ZBmCG^nn@bCY42sn7@cm!8C8&%)s6
zafvK~IZ4u(fFygGETxr5nL;2vAE=-iJ4QN&?61(5ZUz;-5R5+_;UnrH`|-~b^cn@Z
zSX_GVi8&++^>}p?55b5|{MG2R%iyM^kul&~6c<%soRrsDXZ+fcB3<X*nzw!79Yw+(
zZA<qO)@>pe(elE^+reuKS|8^n@lpB8l|z~`4ckd)(ch`H1hXVtWG3&^jOWqrw^!1t
zl~uYFR?KSM=F`%Gn9HWl-UWEHuaae8yoc*)WsdG=rwA?Q(G<4JNErK-7L^M=>p88@
zDnF6()|ACwT!!gVTfXcT?!v*UG~M^XC$uzLP8ZLXYqp<O>L<^}2h5aP{JeUmbROec
z6B)vM^#U!hV5kNEx@+sr^?!X>w(q_X{hgo{(>bUpa8yxWDiI$->zMtcqcxT@;49%0
zi#%)e;jcU9Pwj2ADMNmQP+AcnQU%=sMFj;+{8ff^mFL~6`z$_?kPTET%O<N4Wrm=-
zHq2S$mTYcG3tVjs7!p9=va~`_v4ZLQCWdZoR!lna=!?i(Nq101bTh*w>Zl?eszd(f
zj<%JLq++52!eauNl!Gl)f?eD{Sj5YU^ZtX8*-jHyi;EKb7CbbGnXkUM$ce6MAG;qo
zWb?yLr(5zTl`i9IWz=i;%k6Tk=wqo(`^tz+@#(mNrx%FWx2p42XAE4YrYwRFFWYfk
zH(D5XpR8%ndeXGK5quH^g_u0;<@)16H4N~*N0>@rRP5<w{o(U;<8r-ETf->*7A68@
zj!(nLU@qSNr5gG@UknDWIE}JV`kaFa`zGt(tI2nOxMQ`kpfSoKH+U-R9@`kpRjMOz
zb+*do75eSBeYnb!17m!w5zi$1HNP>p8*0VHk!F~5XW$Z=LvtK@Q3P@p5+zR%3vECZ
z;E}a%TJ{Ds6{Y&}?HHkP@8}mYEXgtg*?hlkzae(OH_U(*p(Tw0RLRFu5ULV+;hK2q
zaVQ3<nOBa<-gq{vFsrNzgT!EfAZ`%n_6(TUT}Y;rNBE%xpo&F4oARU)cN^GAE;#}-
zRQk=yeLsy_CdX@@thM+?{-3^!a?#H44orHS)qEfNEMfal`cS5B)#!j1A|3OQV105_
zjv4OI^G>326JhH9B3Xr7;pIj!)@AyRa%Z|6a7hynPm<xMd=kwR+$M8KqD*PqGsmFs
zbG%0Wo80DT`)ONb`p|*-qL%W9ngiAN4~MkSBL<@xQwNp#n|Z^x$D?YNPwMV3?x}lT
zJMq#uOxP;@-x9B}axO-aS%xdxXqlCm{fP(HJ@>NzL#5aV@g_moJ3CU)Q*Zc~m91-r
z0EQ_?Z1yh~E@QMlx~@$^TVbZ#hCF-qp|J@nfi*2P?9T<-xo`~UbFR+ssB*G}u0Ipg
z`KC-|Asy9Sk0WG^TXePFUffQ_^@x)C%uXK@hH_PyM%UP_fS>3Q;#-lZNY6>2Td+o1
zWr6C_oO>|&o7a2kUG}R<N*`l*Ruc<5BE=5(H*X?Ti@pn<fUGLOPG*i&K*T|$VHvGp
z8B2tCqgT)f62j6OPk2))c%%fe4J0T_BlDmdg!wtx1mVNLhwSc#p)#Ml%D0O#^tyZQ
z@*k9b_eOAi&q%ak%nItcp1Z_>bMHJ|%VU|fS#F9J8!77C`p)9B7)B=U5%=zbh6_(o
zJmXqjKCOXi>jUkoe<L}%JXT%jecxX0UY+}QhWF3r&^S6A_Oji%!?;N5vYuzw{ok?^
z+l>2BLB{pe!yi{1en)>?yC0<V@5=?Xl4IbgV7qZ8bw3`KGYVi`!D9)3eYI|R*v+)(
zub%St3*T{*>b#zkzwVFhe!i4%$(nn=bB+$cVUXN?L%-)skz~Z|R_7F<fyX9=_c7JK
zL}gK<mw5wk46tfS<$}q<RMB3RbBwCXMS2=bb;o7AG)3)K*}~%tfv4m8PMc3c+N#D=
z<yCFp4|tn!*X=uRG=>J)q;C6(Qv@FO3;yGad9H6tWohwAztca3&pD`0R)kZp@273H
z&YIW#&?H9v-#zt60>R_)prn2l;CtDzdb1^253A^Q_8zPKo=&n<G>m_>pLH!?TCG*t
z>3`4AN%>vbT0ihZ!0!ENpN7UPw9$m`R-DtvKZ$yYgPZFp6fRDM^y&;$MU6jqw+>Gj
z0XyB%fh0@|i1DgxINV6#Z+tS0a*HA2COJF+-9L{{v~zOTzjA1Ij%5?#WK~L@9!v6-
zXu{2Yf-Q7{EgEITU4&Pwu?x{l*g&50e>r7@>j~m6=~ATPjuF!lBzH+9<uLM(7eG!*
za9eg5TO1%8_Dt-S2o6PI@9KGHBj85_bL}7+Q^`4=4$8h?m0lOJ`xa+nZ%;IxC;!<n
zcJuO`0S>GrT)?g8tBEiyXsfc|0j)X%L(IdwndrLSk$iV026kR8nvy{ZZ`Nh2=ZA=g
ztq~AuLANg|S!#bIq3#Xs=DV3g1MvH(`=0g-Vu^-uz3(@}mJ4atSnAir5hb2)PnKgv
zZna#Lelq0x;5b$pc8da90%c6<RpptuidxdJM6Q7b=AtzpS6!ypyw7Z@=2mH9_=C`j
zO8nkQi%jkk*LEoa`ChIAB{<_oi&q~MO98Xt4fbW3QLAL3n&)`ZKizvC6s6*<iAzx&
z)_-`StqDl~+P0g0_MSL*QTbInpH7-7ch#WNOl$H?(}WbX?Y{58Z~Zbpc9No*eR(?T
z#-pW$xW;RTQ-_f`g_m{?O5}@S{6yi+N1~%*u?!I&kcnTNWC$I&-T~h#plUM-awky@
z*EN9Z(@A{TM2EfA<bi%0on>v{QExRgK;k<ZbI0P(lrY0joP$Uz%vCj*oYPmd1WYoz
z-5(nnhHC`VQKMj~f5U`dy8-z=bo#g=fr|LN&lGKu%W@k@Bttg|jg<lU6R{Y*q2B_A
zG=f{~JX0GlM&@~SClbH@;kDH^8fZi6`jh!FF(B6UoxBBf4-d*@Wv7cA%hS=Ls_4Z7
zF2Xw+9rgt!ar6rAM)??d>TpylnNDAzV>O71AZLOH@n=ob+Pbk{$^FDyf!ui8D8n=i
zxTQ(UJ3%UifHiK^;)i!aY~x(y5{=$h306@k^>#Ilk$G$cmda!AxbNqMspi(*-Z+rq
zkEw@iD!x?eHk;W+dSRnby}VnNQd#JPch{H<ng@$>_dAtr(gr3aIx9=F&XGNERN<ly
zq1V-WD}n*XClwdb3?4ff8-F7C504s`(B`s{#!8dbEOUg;{Bhu0CI1w@L|pjlL!D^S
z2&+yu!6a|`PjI>?Fgg3rH$d(K$v_B7dL2Eig{X8tUw-JcAglj*4{|0(nkt#YFIXAJ
z#X3_nF*z=B#uS8vKV#{B+}sSw#fd(~)C@*CqQ^fDhr2QVV)k0l1SVZE@P#Y!Axxbs
zB7uIJJ6Qn{&3$tutHb@%|LufUOI(X_ZJN)d!vl10#21`t;{t<4NG#NWt6zx<FCs<0
zV+El5+c1<jiNy6{ULkNvHUu#8A<3Kx32*}kHs%`Ek>%X6eDmW84SgI*V4$V+Sn#~-
zA-ah~WgfeKKCX`;4*y`4B=+xL4R9dq$AVXqq=;e|3278z&p<CF3`dL56YsZ-bc$+)
zWXQFey0di4d7Ebh1lX2+@-D^9g&o9r{@_Ohd+xPjDxgMI?a;v=WSofy-t#_bB<$h$
zUy+Us*U(#FuN$TuUWCR)+&nNTjkeA(KZ{YY5vz}2md0@4$EY_hiYxhYCJ7TUvZP)-
z#AS_H3cFv?<J}{Cwd#L+zEaMiM)}lA<NqvQc}mP<`I+|eJZ*6>WD!P71g5M0qcO}v
z47ss$qOV<*9W;1WMlm!&4OI>FDeZer<)RdUv_K#FsD?>!Fvse@pH6~&|K1&L!sXT4
z)XQ-zj|)?vo>YS^qT!=olHJ#j-F>ieo0?K4+QvDc#nv@I0{=o5c+2C@OgC?2ogvs&
zUlyPtKUJlKCbP{T-wvvq1yz-xsru(Qr-HaAD4|mNz(>r0&(7-a6V933JsX6-EK6W+
zmnaOJ5t|zhDmMmJnHiiPwP^_2{EEVf-MyML$f6r}S`6EhM3m77mqghZ)xE)-(N9ta
zpI8s*B!7V=QL?CxgD4!}hwrsQpP-DNSg}dhLLxx5nq=G(9oTw~H2htG5h)hoa3Kh?
zqtsTgO6o(@`6#lcVuHo*(dX$QMrIZABN1PZu1+PI*69(=$YEEV@P=)MsuhQ*K`vFR
zb}TI?a$wRUh9`By18ykG%yU8iWM!H&Ot%8eRMlD}ow0Nc#ZHzp5%YF-z;XX`i6y$r
z=M=*OQ_JJDrNt98YZ$TU6xBIoKM+u_h}}|{5$kJG0I2=9vy_2sq2@De*C1iT`^S&n
z4@qr9{=gzRn+n%}CIh`THiVsrsA5=vKC^h3N@<E)Whf`2V${I*X7)1j&(`R1)Thmx
z@{Pkp&Km_z%*4JF30A&v5^4CdtRbgY6CB{JCBj8FnQ=M-E$JJQxXTAcvxJXFSF}()
znS|4)9qwvMQ9&G_Cq05=GZK@M30n9y3b=3vG@^uExW|dF+<*=JLJD^2Adz$)!z|>V
zbEMW44;2m3B{#l+$xoZR!v|I&_{<tD@U84M7@`a=$Mp^mwH0t-f6=nvE?7w3&hSB5
zXEG(blet2Re(F)r67|7m9Ws%*doRUdUf)v)n|7Tf!k7K2A-jHcGtWr_dbER7<NEzT
zT}umt28(#}9GMmk03Pl=3bCjB&IQqyfLq!CJvk^pDW<Om^p?h8GD)cSNfXlbN`~8K
zf-Y?s)vr~-`n=DOBa;^2HKM~U*+!jzKkP;oA%iGTrh@*x3!vM%D1!F+0}srlTA0mN
zijQOOFJ3|;L8J&QWDL!oz+x*L?gGBAeN0hN!ww8({4vL7W?#LN&=<AxHXW1QdbSRY
zb(cN0;6b;&@jl>uClN~o$x-UB?cPLcJ-&CVsh*pe3N>k26+Hm})xj;6(r|XG*8TiQ
z1(Kw#?1l6q@PTP&vQ(-P-$NrdVj%PZ0>2spJq?V$W*J)jhU1s=vi>dL-Wnl(3PAlE
z4@{tw>gtXOipqMa<+<T-?Ui!n9($i<m555g{beD5`-@SGshXlbh~y}O6K?YxblDIv
zBupjK$u5KrmxtI_xf;}xh8mtL0`#wXPe+V~x2sHFJ+T^LzIP`}u2`>Q2+~GpE%a9b
zX{~UJ&zZ<X;}S`Ch9Urg8tgg(wE>&07G^)Lu>pUy(a@ptlBU>&FyDe|2Ml{A>V)Mb
zOlYu&v7@>z3Nab-bkS0j2Co*Lqx_?leh6?e)u14Vjt~8W$;Ywejjcfo6|x|V)t&lc
zWFM*HL<A3~^e3m><EW`aC$nMcCmub^)8kIZMi5%zP;hBoS6T!^!a%{K13s@h16))U
zE3z>w?=}GtN6J@+6SH&Z7gxXXim}&X%V+?jB07OsEqt;f_LSgKzZ+@F=CP_+<eweb
zQba|&UUr2%ft7^Zf3y8~g++YUjQw|wa&knric1P!M1AbqG$7;M)B*{EiXa_D`E>R)
zsZyExk;LtfI6OY)>-z4bMvLy!mqc@wP8D;82R4g`tB5KcXw<8#`avxVY~e>-;&|yy
z;ljT`R@wk)5F4m%MPb75@E85$qpmUz8%wRtH}*rQHm=u6S)v+cJ^V$|A3&c2S=>%8
zs*F@GT>iZs7&Jyw`1C6Uo)j%`r|c}SwE1r43<nB>76@!dgg*ZUdD$F!;-njkzTuwy
z(aDIUw(AN@2;-dHqs?E7TTIav*ua0&{DsRxBqFOO4wB@y2>rSRr}6<bDLj#~e=M@u
z2g526EVt^!<_~LBK)c&uDqxv9+qaUy))Y)hpu9qpc&#4q+i@|QCVH4D!ANn0ELr5V
z`_;HM!UZ&3=CR_q;lN!U9>ZxGTu{b8M<z6z92`8gE!amN|C30=SkSuo(`I+?KLP!u
z2NfiyS^P{WI0BC(MlcS3%Ul7Kxd=}d`Mh2x!JH|L%jS`6CtznIt}Lny-Y5Miuw9g&
zQNrB<^!pry58NmS+GqF;lKX>ENK&|qObw4vKEorToPev=NX!16_FtS{rILW<{Fjof
zhNHlwO{Zc|l$be?+=dpY+=C8gruYd)M?)+el^~`LEvZ2)%;85W^u28b%8cU8DHmG^
zD)&Zk;q{K--WcAFyEVI#BL$tk&AG$Cq4kjRkm^{Gt|U?hZh!tJpjwu(g^Xn-?8ij=
z^{dy<u~K2Z6canXEf(sBmNo@tT^l|DXyWl+vKU%(_o`LjuNq`MtS<PWu?<{E+UYj{
zcbb2#IEeFuNOH$r;m)^k&#QIuxW79qh=J!oh^}^YlQ?g++=j)g)|~w7r>ZwR@27`s
zIz=kjJnUB>Lf~RfFRc9Qyf_Y>n^x@v)j#8)Ze?|j4E!#i>_~$XLo<G#R)J$C*!YT)
zs#p*+Px+rs`rn(Vf4fdgh%w2jOUlfg7pOWIh%p7Ui&{rBmc;Kr$Rv6k(K{mt#!2ww
zLJqltcv>?RCKCmqcJ_f4essYzjp#1$WizHJN3LR$24d*A?eNmuvdrHGmJ-{)M_f9z
z$`d^i^s)pF8JVMR`i88SX1mI4ThqvF*VLo+VtG&`RAIuJR4oja!!uyVJp0xR)(LjG
z4tJV3mzW#aj8Pc~^iX;BbKmW*BZBYApcJo;0QhSrD7FH~sn2~#hwj%FDm`%R4Ak%f
z=uIaJN|Wf_fN~-9qF%(ogq;iOzu~;`JpxnqveuPIH#tMk*TfUHgon@)%GEyc+k`pz
z7}TP1YaVxZ37+H2+mI;3nF4XM5wP##VyWXXE~mNv>Uj|sMo3Z&N(%J_hc}DQJvw`3
z@r6J5D^n?qlO=@lgaK(2(=5U~6dEAXWI<Y#TG8(_bPZ%lrj1P>!5jp{LScM&k%KFB
z(3|jL2%!)j?SvZD5ba_}*)&=HQgonFlWI$`zn?)Z`~!QxQrLy2;<l{CG5!hhP{()D
zD-hG9KOUsK8AuWeG!T&7eX<3zz-VKFQ3{#9ABf})Bf>QWUO%kKi9+}DnfkaV6c4ri
z#Gqnh+R@57oArMZ+!|i#?mXsk4an|KeAKs{H72;j99+XDCj@9UOBkqp_=2A)@w`p9
z<#IXVt5)Orq8n8|jP~m47VwQeXpMTD?0xAb?|l#gAlp-sp#>>mZ89U~4Wj^jNyYEU
z*C6*IXP_uZzs@-a(MVMoCrVPCHgE|}MOn@OXf`GRNW5f(dY%F4Ur@mtnjj!*uQV9A
z49MF=-9+C*yx94Rx!H!;QyGg#DV@u)NM<@|cnkF|VNfOSNPP=w%AP~NFCz1n8AhX?
zttISraRuCY;880QK~%GCzUu=4&O<!?m^<_MLTVujLh=5rPpMIpI+lnQ>9F(EOkZ?S
zWf6HC9v+wD<n7?{oTWiOuU%kNXRC9>`Q5^~1v*014~3jSpmlNnA@AO17APh^LSQqH
zeFymET;)%hGSzbvrV-;i*i$l?c@OBlWM=e~LFe;#z#v)y!5C4)t@ZJcnZ(N{wIYUY
z@-BV*u=dH5^V+ady(9?`FR)59;CvQc)vvxv&`G8$kt0qL_f_rKY1f!3>iOH^!p4u?
z+P4)^vm-n`e>?DTYKBBhG?(NzH_ZIDiXe-z4-kH{PFkjHEMZ{G8AzvdCee(16|lKX
zk)JRgWC8L)aRE>w1KC$4_MZucewKa7TcXmDc8A!I<0E*B(tj^_6*URXzgkOtb>pp`
zbL9=JD4$0U636`eef$X6cN6P!iSA@jn;Vv;dF-?Ez^%g((Oto8SA$nm>!rUgfK1b|
z6zP%LxxYunEjWznaKT9+sgXe}sX~dVG9!&?WbqDo5hx1pAaH0}9v5s9?*OnxMDa?1
z;3?H-@R0?L$pa{J#Xa;v;e5d6smW*t;F@#zC*Q0<t%`o~LIRIxU(R$2eGcv9*+gzH
zZ{=q<lj_^$_<tQ?*LgG;l8+2w=Z+zuXJC*P7I+t~)uI>aQm^){Y&H=5aY(H{h8Bay
zn-!wqD6kdgebA*l>fL4ktP5PfbhUqNjvENx1wyaX*LELN*C?You;4Hq?O*MK5U60O
zptbjSTQL*@k}>xJCL5zPGG|{9HeG~K((w+`UguW$BDP=M;9i``;Ed3q<37kcPx$Tm
z<7Pk&@#k-9{**8EhAd4hN&njP{o3?oyT(y}?G<|JPf%SCQW1t71SL7wNZd!`0RAAV
zD7e7KXVyuqxIWQAW4{3^WxTH`?akMcTBbrS&ffS=TcQM8f`h()hu~;n$OQF@-y-(n
z;NY08>AL1B>9+pZuDsXyqh7@5#Q$(3Fd?w2@%9&~dOb)oH)LoE=C#SRrJjj>c_wxA
zv*tzYV@h$A=b8_<o0P=$95weVCoi2AYgV2JajcKM-66B^#k3QKaRua=FT4)ZaSbwN
z2$>-YLcZ`oC+-Ymou}H=1q?(}34&ljbN=9pySTq3lD;7dgE7*eB~(de^!RyD=<T-$
zB<?)m7y1xy|31LL9fwd<rt^&grtOFO>Ktg#$(i39-G-Kz#>7sA6izM_EO?=JrDD9C
zp)|0z(uf{?eftB;lvORaonKgbN;?!5pFj>G=z>z!-#f@QOA7+x0$GE9!qGsJ0ev8#
zq;a|wdR}k-`~WtB)V=k0Jfxn<59W!E4LBo(f~bK+ZJ{n^)5DY85~w{52}L1i(b-h&
z8JLyyAwL#Z7SRv-fOW45B?!j2;j~n~g#`n^@B-$`iBjba@d+j{E~*MX$_NNY3rLkv
zw3k#$kGAd($~WDVU$McKq{(OrhmLtIF~GpV31wikS&kf4gyH>_1B8eD0-~f~Mg;|6
ze+W$T(j!N8%)*w7O5!5Rw(dGJ>V@cvbE3((=6^z;QVIXb{I??27%<hq#uF-|lKX=f
z4{n!IYr&|GMs^|*Ci|;q(#FI+GVnRWC-IJf%HviIsI?}(kqb!hv2N_j%L6`gt8}m-
zh{QW+BII_z-KovGbd{T=&y6FdvNtx5%MoiVh?>WqWt92&p8fRF@d>(!!oP?(^G=<e
zaV77z%jG$Ta{Xy=cUsvzfoJ#WvBen@4KdO7uzN-Gq>YQbl%pNHc#)19k&X+_d_(K4
z5J#nibYaUJX#!u5%&GRqSPCVnqGLhrTu^K`XTA6{(Ys;l@Ek>lIqHKs)ZFfyx6Qv-
zv_$L=^!CJ|Hs#&PY$e)`G!neWEE)WqUHTv0*qNpKOO7t5sR3%K{|cVw47zgK>=@f-
zE$)<v9j~GSf7>c%wO)<NnIC1rBV=TbH_Um7GM+zu#9D5Zi$6<G@tr@m&&m@-ptjUd
z=K9F35PIY@oOJqdmSMMJo&BQgCp4N}mp_>p_1A_a^6)&IcCd+lTD$GDnCUNbtTP>m
zGO@*+<Avo_R>(!+Bp`@WH|Xm3ramrK*HG~Sxd}hExMadMg1Img+GVN>O0e;Mm2v0w
zzZpe%PurYY%|^miPHS>kAx)`;@E!1REIs=p!Ud?2m0`d5i;oX@MCKWa&0KlfcXMk`
zG6aZw@o_yIzasP3vyl*l>JuWjS(>v<0B@79Rpa63k0FVPs-zKOU8V5a!zn`TntbA*
zE-Nka#a9-^XO*O%oSdvr8*QPw;*(?WpX~3VJAJ<0)p@zRx#-$Hfm_^rsF=kkhrb)m
zYy4CzjXYf$O$Kkn1bW?iXl(WeLwH=T&TsNnt^A~2QH9GeuO*4TbNQs8uRs`wzSz9}
zUh_uQbj*Hxdtga4nKI)Z<}ju2OqH!p>>D2(AfG29C3Rmx>r6AwU_`R{<q`)3#Kkc(
z2S6?05b|k0pFujC%e}q~-MQYxCElE_mUnJdMc*uEXA5~x<Xo-Qn@{B2iB5RtT;W~V
zBJ?i_)<m{u(LHeU@~U4SbeaF<H#KFB5heh8c=`mFdXjXD%hX~*ngRmiw2_VJU<zG<
zBw1f<BN{&CyPb}p_g#@M{cROE?YoL}7vVIY(62W>OKZHlb>G@?U#RH(ZPt&G*qvc0
zyK^TIk@1`YzI}ZoGg;UG-$%EbyN%J*7ns@03FqcaFu0{ZcsbD?YC7`de)^pYy_q{P
zs1ESk_l8pt$_+EQSenZA_p@CkPyB$9N#wP@toxmr#En9}+tubgI}u_}+<viozRh=|
zsLT=GX4_kAg!^HY$5q}7{IHgk<sW@z0$N_FDfm-)GQqaw`2<xwc2{2PW$b=)xqXYq
zYW=oV>>rKh>Af9zt8~Y5HW<fk^R6PG56PKe7jdAE9DAm7d_MGLt33Ipae|y!Uzj`0
zEaKN10RNi6Z}xBPabP#%2*>VZ!eRM7?ps+1q0=a0G`f97xV4R&qBh~gKba0&$k1!j
zSVQkmA%?J#b;4As_9Y>61O_=Ib`oD<w#pyRInBTAa)G@eIod6W=vU43j?zJ`Paa-U
zMi0Iw``y(H!PG_>ckVeIreg!Ir0YbE*K$UmR?jVsU{s6Zuc$}MkHi*y<$$G!#rIdq
zH&w{yHi?2!Y2+#f(=AqavSsky<+oWCb`BzfLcMBX5t$Sjt(A3MrrT>gQ<xj9>*;zb
z)12IlI6mJUDiaO|&VQ%2wh3q7<tLOMl1RtrbtlYxC~x5w6i6%|oz`x7Au1f-PHb;+
zKTH{IEvjkv5<IgJT$tOW=roBHj%la2SNg-Ur;96YS?XARn={HhJkDWfS?l<ff#+yY
zC!-sx9%2KARi6_Dl4CkhPcjzJn~Im}UudWAV3I)bC_!Wv;2|?4NE-oE6&As$9Sr=*
z#ShHE15Zv4I$4RwksuWp&oLe0+U3^nZQ`3t+YNbe^Lwky#MJvkZjTv0n29vqj)<Ve
z2=fbBJq1qt=v}QeMtWUocG7orEPbhwov9LGled%?%d4oo=!oM$*^t8`tD$!inko4+
zD=fnAxU~djcaJUaEN?6*KU?B+cjp+ab8l%U{<S2y%3M@^meDSqm{*=jrIeZ1e5P|3
z#uG4EH9R@JJZL8(;ay^~KWDZ-YqD`@0<-5&?DgpNB$^Z`XT|ebLLUhz*zTo{dMBe+
z+8u`q$Uc3eYH9bj_^$CFKkdn_cjRIXY!d+#I#(>Epp~PO-I;#|JPwrLd=2`V68Pvr
zVra_gEl9pJI5>TA<6}uMdta#evEg#D_D)?Ywtc!QP~S(Za-bXU4Zpw|&HpAxkU;N8
z#r@#Ecmu(J4$$tmAwy;?ITRfhnd*0;Y+~2zO|>^7_9tinr^w9IQV-z;x${=;N*W(C
z|I=`E`uHo#O8v&Tf3>jx{PobPH2d|f3)X(hPd!cnIvw9^UFJ(V6H9Ahj^l{Zye4|V
zGg(=63FNy(eJ!2Ug+u(w#jMJrN?b4x^#xgd(=Em^txmN6Fl~t*%4e><?aTa~_@fB7
zG%uNr&-(X<wjFwuAnGe-;P3<&lL1)0k2?}%{K8nBAMhDA-Kr4_N&w&wM|~^DI2uVL
z5%Uv%r7e6yYMq;}r@q{;aW|GmG#9A2l3jmT@!Sb^rrA9i8)F%G4$K2DE2~fH+uj?-
z$i{oLE_tlhU6REQ*!~+$O2We*`0`1CcMf{W%%e<H_+wevt#ydyN4<cqvo3><Hof%Q
z^!&H=U*k-5+EatQsV<I<9XTJA(p+4=^>G*J^Xh*55*RoA5x_(M9@^jl0N{Gp1A^lg
zMS)hOh(_VWJZ9*xw89>gAd%J6v6bF1^An<4`Wx9Wj<CKMuiL8D3+n=9SJ#F}IW@vM
z^?o~EDbm?n+>2xSwUo+N+V{9zB!Q`gi=T6)V}F-9`fZ?MY43mS+34?fHQ7qWYS#GM
z^6MgO`$|WLaQQ23O)(dJ@Yz0)eiP4*8aRa?K0Y^qF6rsJA4E<fp-_|lDXfM_sRz*e
zWlY>7YvBoG$bC&jLsi;pr||nON1@%?Z3U?MTaem}fO^;Y?39^#V7PBu*@cTZ%8{9f
zsUcgjl}KgM&Of0*I`;CyHVSi-Z-FYJ1sJ7`&0}O6L|puCGc|c#13$2)W&pAq8z5ps
z>yjZ*9ZbxbLl!aM;dGf@E=-053+apop(D(JEoi#MEe2z;q3hrP&MT-G%2g_`5G&5Q
zQ)HoIwSA-JcdCRXWvl4Pra=41&!Y>QdJ4uQN&P70@g-(M<Fmw!jFEp0d@9+~M7Bwi
zNjBS>XZ}a<XO~6w0;B{IJQ6q)W(NI6Gw+@t`mu5(6~z2k@s3VL#0T0*|Ce<kZ{dan
ze9sr86`NLy!F9#~Xg+|43LErmzb+v_z>y$OjX_Uy*A1J~BTQL&nU}ZX*m*w#Sr?h{
z(<%@3gx-kwdezPNTz{G7+TzdpvM-X7IG--Ry-wNr<NWoC_?K5jzr-Ih_3a`OD@F+4
zZ|D1ewz*1ejzL=_OFcfd!8-m`g-C_yTQPfsy5HC4iQSskCyxC@y=?;>OR`#}wIh=h
zlK3rR0lqKi!Q9Pxfy>hubpvKBu>dBPkpaqw?}~{qjsr4LalvKXJ$oUq_4YyXE;3bb
zhdKRecf1tuIf49KMpCbvsxlP&n<`meuIy?;Vw=WT{D*{*`>Ke;&HOZ5x5m~bK?P9u
zpW4`yUQstgISozeOka2*()4$0=}B1UprZZ@Bw)bLZX|6PS&CLQPLRiMt+59xEyCt2
zxWOYrMoGXHhCD!uv~CcY7IOSwhmj<v{co-Vzjc6hjm=F8+T=Vw!=Dp5$h$hcy>=F7
z#>QjZvcY`a`MyOA))+tgX%yj}BKQy@e0_cI4c{T<_Lt@JnV0Om=^$qvy}ixQ>R9sq
zC7Ah*a@0z)lI_oX;6Ts0Pt<yk9XDfS$e%p(h4qIxQVE^r1l1DmYl9uWB0}*Z%1%fn
zFM#R30S;7%`B^(Ipb^<|00aXWVN*7mT!_G%66h1aJ2Q(ALf&P6@qdGJUW!>Uo;$Er
zdyynP{%nT)#e90ePF+N=7|T|FUHbT2t>U)Rl)xV=NJu|TV#sHP%1FxgrKjircos=|
zEZ3Hh;+~xB#D;l{-t>xj%>B<if+J$Dzc19S68KoVh)S;W@2AS<Reaz%k`6*%dPmTC
z+anrelo`l<j|f>Lh0WV&aoj#<P&wr1j0X9NoD!4XVst*phjFBLcO<9{eV;YP{i-f9
zto2n-R*tQVh8*Pq%bQa7h2x-Y$z74DM_sW27q@d&-<~Ztr-pv*zraOmjrT8UPGfFE
z%X0n~`z!6@;^O`{w*JV_tmO14H!4x~uX@E_%x?<x!<E^HjtBvb^MP81IGi95S!Q4W
zCn!9_h@K7vDm)UOEL6-9CVogjKK?elc=-L&JqS0H)===$)XGe>JkeX9Q==WHxbBfE
z_QP?x1t`Cu!1jir=T&3N@Q@&?h~D7aM;wB0QyIRA^K@xOf|)%2!}&czI1^hxt=E4k
z5r)Xs+|?GwhUjN|IN=2R0rY122ZPXwKLUDTZ$-xpFXxem{NH_S)yG2S@EiF<!Ve4t
zt8?r>p?+IJpBYPzWBff2rs%v1`Yj4B^>cIF8ykv;(We))ZqBtZ{m#l*^EVbh)=Xo?
zYgH^g1>`qM5_T(PEAu)mh0jv&$?0)b9);rrjXX}~Yf+C&T+N%{AdQv5oLy;wlO~j0
z;WB#~;wC)^5&j3>M#x*kiu$-m3s2~>PYXO{#1+)#y2lVm7IPTJx{3`kp0Tm<@h!t9
zvss>lX*#}b76ejFCY+d_plua;U=!1c)$^t4Sn>4Ww9a0kSebx;K<9=buSPq`pDo&%
zcztw!5d(736Il9byCS&8aRVP3go+^kB%VY>b@3mIoNr)zabD4o{wZG~JRyBU?S`kX
zOB||tDPOebKBdw@Yb3de*R$wryY5->t5H`SOpX79k04w1Q5Sw9%r9K=5v3@GOaQKE
zk>pKPVK&OXvx#2S`Jgs&j*kCmQy_Cu>T^;F;faDATi^XUlpKz;MqUf9{F1I!Aa3FN
zGbEpS;Jaer)VW;af(P+E3om;V+s%idI6I`?o&XRT3-IzDX_FZaf-NLox(pJx2!jP%
zDDwb`kr%bFVm<zLfwg-5FMsYoy(Dp%D)<Z1%D?#9=nts%XiwNtcgW6dAMwz>)ZWmV
z-7<K^{P{k5!IN2arY!sTr`DN6%?&?`!>zN0?g_<vnENXFq;(WCc}h=%T{2jrYHH}}
z&QOubq8KBD8{aUeE9vj-!KRE67<<*@@zRwQ9v1mfpC;I%w2wGLQX}GfY;5zFE)%CD
zQJabgPC7mniLi>0)tS%A&!Z8$N1I%wTvS%lwwA~XBB0OV^iw}S4u`hFPw2#0is)o2
zQ8N*Il(W40O&#z<VA3>Ea=pI{9V<S|hV0&(V^UMz+gw&#yC550NaO<x%ji$Bh&qy~
z(0l~_W4r!q8S7Zuxi)6Z)U=KS3q<HiF(P)o2yEVcbiijxWVquWU=P)IQ4_(fsBySG
zT<<sgwC-7~2i4luS~Af#FM<I>^4f8lMH|sCu8m#w6}9CxO;@W>9E(uj#h$7BHcXr=
zYe9lOL;Mk1o-wbsnxd{oZ!?#_-SfrDQ6mh>(WCmaTUFL4nDS+CSM;0mR!)rNo9cc%
z$<0p?7R=N}m+KDv_^=xOAG9P5)kIFo+nP<ga}6zo{i!gQVqIBH!ErB@RY&yIKf@wV
zC^Pp@isZvZK5PfoWhVPUV(XGQ;yK<WxDz2!d`A19`Qp#KRAu(iu(q|Tk2W{4K3dI`
z8opkp`ae$R7Axl}o!ypm&(N~7k4uLNowfuE#00GHvm^Px92tgC*@d#v((XL$<?aPY
zz0P;P-qh#59RIf!d%eK&X))!z=<FfG^E@mo+2J6Or|7fyyUG-M-o(1vn@F7?l%ir~
zrggm7>Q7)?e(w|VI}fJpc-N|3y7zy_Uw;^P_j|p{ecNFWYrUD%Jt+073Y*7mxEUIr
zS)p*(6i0Ha2JP&zs#^?;Y7~<-jH3vSPY%@YT$*tN;{y-Pksw84B*2(I;x2#wa1e`n
z0at_fzV<><?h|3Qg8%-tQ`Bvq=XhF>o;U08uStsU{Jq+Is?{%1KD~FsX6JtA^nBQ~
zBB34KSY>CDjiT~Uso%M*q}kmi@{y?oh1$nf_jCvYPubA9p`*65q`btw=e0bxLN=FJ
zA8^C{c;&9rJNxnXm88<+g8R>l-rZvo&AUqp)7Yv}phob<Vr%?s_d%hs+z1Kg5XidO
zEFlojjm|0&c_7(Ej%o8t5o1?jD}_O}RGYD)C2w6kW5dgN#<fH`1~I;^6Us<2-iIqh
zi4T>X6Gdaf_o~u?E?86){RLJ58@5H77M@994Bv{%ThZa+;cE$7#WA96(XpdnsOY4|
z$|2+md~!DHPiuEMK9|GJd*en0yiPkq@2yl%U(!9Vc2}JzL`1niCyH~C`8+gtzhHn5
z-?;}kzFoH83orolY`MrQ^ZPztzpL+_p4Q)T*0$R3-!DP#e0j$yNr*($=e~YIbhJR&
z^$>3?j3BV@U2OYs+I}YGCFHn;;8lHo?!Y9UD0)39;q$L_fWhHxT3IYRJ|4{K=+|@Y
zEz(ijBZQefxVDFc>_&O~%diWF^@0vdcWw#z1*=7Fmd1vaC#VabHDMjlD_PzR>d=Hm
zRv{QL05h5*QRi^V$ybQ)JHr{P^TBWF8nS`p(!V0*f1y7wq*uxc_mTbQ8}Rjv$6Ia7
zVf3~ZeQP4jjE3*D<5$a3C=I1va?_)Q0Q?J!uJftBqv^kR?jbBb8wD$UBU|JGfna{J
z$;H*?9dQ(zS9x70Ig++GY0@RHsw-0kY`jr~%@>wx;RZnrxfV~Tyw%W22XW45^p7uV
z4jo(S;H%9FDHG%I(A>(<-Bz{z@1$Xdmbno^Xj|;_@zK@LMaTXXOy;@LE555+{IgEg
zuq_uwRe?pAtd4q^B^uN1i|>Pv4+++P3kR<<FwH(h9T4&^8e)zvy5^<GlMUM;#GNI(
z4vsv$TAc0+Xs&R(+h6=HpPr{+skU?ceHvGO$sjw*CPi8Pr8_d+z+1QcHl&DQlE)Pn
z)+BC%<Jk9e`qD^hP2EovYm@13(R}fU<)6ZKt*jXox-q{mdJR}3arE0#r^fle_x{C-
zz4E)r>@kG6Y1Nqwr}LOQv>5*||4i@r-cKeYGj=C-(T6K5E6WQ|#e~C!V6iX*=z|L!
z&SS`h;-cPr^x#+tD8EZyU0o3$$@cXI@6sWjn~tV@l9F=D3krfGH+1?Hk_I14Ar(u3
z5g&&`Lel1WWi~9OrjYqTQPf?d+5m%_gHMVvE59`;DCj)KcQb_0Vt~{KD4)vSc{MH+
z!qNTqayHGMpj3T-5$ivu-6}+qo+qoB@*&W=Y;FDR)qV2=R0c2k67R>d?Q)YN4UplQ
z=@XFmKY6aeF6;9M-Mjp{_#WrxS9E0<A&KX{a1ZS<>4Lzg?{vPb>HAx+f;L39o_z)@
zLHcKd=+rzSW*|H=Ahb^Ky^=<SJZ9Q=MfjBQrT$35gbu@X-(UW9Jy@R5F#pm7roymY
zML(rLMIRk5vyxuX_V37V>2j8r!>8fr{nbEeG7J#)lK+tYF}nh)SHLk_oYF*X-6rTA
z!eK5+NS&kl>|}X#8rk?G!s4d(OkI?=6^Fu$o)*nb@@MF_gz}eD<?^tnGEX~Kp>^1&
zs+qG+z4>WxjKh4sNrv1ZYaP!*vTPn>UUyVOjgRd|%WdD(j#_-(l__V!RWq98#;un;
z^0yo`;8S68KgPzQll=VAMAQB=Tkzbq_sgZ#(mZ`~?wI|q(^(%LSJ4O!qy2II%i!tI
zc7Cb3r9_wf4<kCmUA$ym?#JIBuGxn!oeVq+B1`-`4T*mv$cn|+P`N!N{)kMxPjwxm
zXl(rVrBQu$&b?jHxAS#+zTIK@@2AZ{*Lp($BX>o);?SjL_v5TQM<>E>k@H{h-A}7$
zl1;ChSpG7P@6vHkX}{|N%D<xFB{Bl&*AApbpT}_Q$ce)Zk-VsMLS0K!;WgkMwg|h2
z9<}4>==b9&BPNON>&^arfB%P5gi;$Hes@?R_HytpU$-955_n&vx^{G-p1AA?9Cb@P
zscUVnEMtEpu#I=S_(So^C~9Y0_TRG~VY<2mkd}dPE0ey)C&Hxc1?c&%T@+|>`iFW)
zXTz2`dCS(k5;T>gEB>3+Cn9iE+5b_^rDFyorsV7*i8wOJ%Kg2)bOjOFMR+NYkHv$4
zdZSME2LP&~-p8PvLpI}e)Kfc5{3rSbz7C#db7LWpeGobBi#KKIY%`r;GAN#fN!bM7
zCQ4E%9!wm+4glO-pynHMPqM@HCf=e#NVQ?}THsXJ*WiQB;ob}0&=H0~7Jxr8288K?
zAunPqh&-XYt&YsM;*&qlfU!m0&&5Cc=!hR~(Imo!j?bmr+pF8}NSv_h2s=D3ejfFH
zA>@TOG-my6LuV6Mg|FgtcnT>ToAc``WHlG#R~=Ai+#+Gtqpi>ElOv#5@+)p@$iuzi
zzS$9inagdchjC?8rKyB%rn<UFMRo2tf?(W57T%v{@Zw+tRkW33*`Xv%E!%n+ZPpI=
ztO0U{D+v<t2>`qqc|lrKa;0@OkGGMAeq=cyr3kH8DIPV#cV(cHnMMQM-pA>V{Mdg^
z>cQ8Gj-Qf3q#w$kWycN1dvkZZ_z}^24v$cO>Y;t(HeAl|rSF7Mnrb1s7-l^q$;NoY
zML&ud{@lO5Z{fXd2)8ypt*A)UUOGIcuk8ao7So&@DA)HAQOcX^%e_yn?(X(pIrLz|
zTm%LarA9GpNI4V#^^pD{I~4U1PA)t=9H@=^iCWN{$Cs4@bBHyc#RrAl>3o3H{zqvN
z`j{6e!KvnJ4;+6$9;KbfyDGiw<-}f1_dX#nx1IDe<tREKuD5!ucb?Z}bdUz|dkXl$
znBO~AGo{xt1Eh6_ji-rXM##KRcnWG8L#5UbeV4_PfpE)(^6hA(qV7jDyDp13d{O3-
zCg5U{ZN5LhL>fNBwfg+c{{)yT?08o%e&_hxLtWq7^ZDl8fxawFS9?3&U7zwhJuIZp
z*tw^^e+r1et36ciHSKsWjN}ZqwMl4}Ew{CoV2r&@6m>StVk($!MROl#N<8d67w_@@
zb^cS_Nd2ZN^LFaq{Z#p0tGzvq$A%&I$1Wv(3*pEMyXt2v)g6@D$rF}*h5$0V&zNuN
zONsM-<F+btZk6jgEALwGjQ*i`NI)N}%`1ZH51gEj*|96K{$uqgzFW-0z2vM$!JKcC
zy{{|G!|j#W@wHPUxUqllx={Oi9OFY&l}lqijI;?3tW7=Q-%X?ztrV^7z({XDTk_u!
z+fSK5Y?y06YL2K%R$IA24jTm;)Vf0Y@VcNht?n`F5o`&TU)9?o3p;zvC<hor*<|M+
zZkFZG#)+q!qYKo1a{{IQ=~7=_Y5z4=Xo}~8hqd*zyDu3bY(d<gxPOc}#y?cs4igb-
zpL?b4S$4IGJVo0s%9K}!c;Y<#qmcFC;=f6r<mGl|t`SP(2rcZABj@Gwq^GTaBW1Cc
zQy=fo_tK0MWi&HXzDv46f&QAQB}pL2P+lEEOyt_N!f+${VF@gx+%ZcRmN1i3P}m{D
z{(M1qMnc2iAAbm>BkpSSLD_xR`ZEd)Bb7S_0K!X0nCK7r2UMj*0e(-*>%Acc4+(iG
znxubGeOU<~FH^fae4pIX4<+b#*@|-x4h~oYuR}O|V53jp8!>vBFu&sE`S)?OKj4Ty
z-F3g6G~)RL%dqKaB+dH2SJbWK2prc7>dDB+irnMkMGN@;C)S2E-NxD(A|F4dZW%j`
zIrlV3CoSmE=$dHw+g3bQ>HiN;Ul|Z}7j#dvpuo~10=skx64J3OpsaK^NOyPF(g-Wv
zNJ%%Mq<}P%QqoIGch|em`;RYt<^JxyJ9o~UGiQdmsw?fzttk$kWpJM6YTl4oe=|kA
zY5H3)-I8+P-e4^P9LlUREZX-C2>WMh73RYLI<4XXMd>ATfk2Jv9>9#;4df1F;P)%E
z77)Ku+efp$IH~3?uM_zPYFrc(bN+1X>EN(Gf?J56ozV)?pz}^2$G5bubkq!gSmaaO
zku~x9pS?fB3y7E({lw7*IpWUJ=fxtNmibg9EBIsKG-)*K!xe|Y;F!DEGba34mF(w0
zJgmVDChUb4F<;rwEv#H(;Bz*uH*`$K^y*pyt<7wXbT12;pP%cd9E^i0Ajg}zvEMXu
zv#nzFfM0~)?YFAUL?FaDC^E(vj3sFHk@9lH%|JL`_-nc4MdBcEckLfd^Q@+l<Myy(
zQ@UpWi#>xS1Ii^%Q`T<Q=;TdOEYq!3YflDB5}ve`<_BhNC)R+<>m&n(qeDSr^USa1
zO(tF+kPEHPI(=NF`x1Zb*Q%%3k+@06r#Xu0wH>N-Z6$41khsbjcz{^=o9!Qv-30Gr
z1oA4=$y3`vy9U?I^Hn7k7_DK#c6O(s18(~2<ytITj=MF399eZCLoaADsZ!MfgufRd
zfBjLS-HV&w6-+zGZF>xMM3}}|0<^-?I9<Xo|LfLK#dsx<S4!aH^`;FDm-#&W#$iML
zAJDVs3#JLiW9Or6f7+V@)0Z0YuZ{(}eBNPx<ocl4c3S*<ddYLa!N$f0z_B4iB~R}m
z&DZ9C<4V?i-y0e|X0ROa8snF^KU?LP<)3>d?Jiexwjn#VYQksTKK94-g#-<WQ>kX>
z3m=+4JVVh5pQ>$#fmkPIULzRh$(u=`)c3!wB*L005@5q=jU;2eKW~OFtC4@cJ1WcV
zSUX*G5ef>`N@uXny&f@!mT$~dJs)M}&6`c>LXkk%m7nZOFp-^tfS-?{h>_=T_Z3hJ
zdEV>Lak9s-f7)HCk>%JE&GE;85r~YP4BaNTp~`Q%@l><{OlH-#N*z-dlk4a^&V_z@
zHq+TNR~><J$pJNgNfmZp9fpp$gx^+ygx!9AUSL=9M0!i94LI$otw?%|dT+@gJ48D=
zIJ^>58B{`V-sV+{WfX$fDT5iEj00L6?3!A_9t*eRa{<i1XZG!mGVS2^l_$(@+_k>h
zEplZvBP-vhH$K(<a!sO($UI94{*ZBt!U1FIUudpJI|nH6sH?uQ8fL_8c+!tfe>@FS
z%9>g4H1k;eD=&p+)lX6QmzgL?)xgXI-p*5{sGB_Z&yrzu1}%yt%X59V5uC8TS@od)
zll{>`mtZX;=5kj4N5oKh*v>aTuWh3$$HPN=JI7L{y1E&+7_-oP&&H-7nY(qFj+GUb
zuOFLI`xtOZ3F#CXho4-nHd3aZ8N^q(HAl?v5)o1aArR^lb4sgR%*NAp1^bqD;{)w_
znkq&mVWys+sCY|bRnuS0I#ai(^abF!YlJ>u@t5GG1cd%JHl1Sdk4{09>YHG12)pM#
zcX>m{OSjIDIKC}$CCp@8KttX^cJxd@A@WBl0=H1ol){q-4-XI6uqJQBU-QWLD$0B?
zymSL)km3_(44+5hk)=oF-f#8|{>DYGXCB5aSSD3BNq>&wR3uV;)FsHq@qTUkOCOV&
zho-``aF`Anc@EedV{1hlS+@9CV{QmR*}QAqzS>|h{zf2+gyg`Yb(0M5*B^1;H@X63
z8HG1gX<tolFE+a&RbvpO<otr8=;A(oaa4%Zql<twB};cN54{(2xPydZ81X)fsT=aD
ztK}adE$O=1B%|Zl%ZU|}tn7_3M8MNKw0zyFFzfXORJ~368I+a|l>HJ2ZwSLddXIz5
zzYL#Z_*F&6=t|3J2F?8X^_WD14eH5oE3PEhmM;p~7PLBQRg0Y9bY<~mjk_~_8mwf@
zO=G&qk&}(PQ;8?rMk}P9ismbbr8TKk=9D$%C_e}eti6&tz}tiH%{6=!iT%<iHQrG%
zpd(j&y%jq&@kld<LS@}&h#QJtzx_l+0MD-w!u%kem=6VR5j(=cqIChX6!4bS+QstA
zwU&6ZX2qS&s^4DpGW42!M^Q3So|O8!of+SHTT<R}l<suuy#QK<|KXTdv2c4HV8re+
zQTvKJjypd9t>-vWWW1K2yMU3(nu-?P^(G_^hc@!}9lKxNnay9FtI~gl=d2RhwiO)F
z-wia?OH3_y3ffM5%e@FZn8LoI$lNbfxA{|8SLba7B!XXI9<zmBHY>jIFyx)fQ?&ec
z{cxQ1i^77Jy@*I*`KhAC&u=Iq(i8~jTRY24%|gfVPNM9@LJ12S;+ASDFSB3dm=1*m
z0Q=J~A(6a4+~UN*L(&nh7Rz|C13X$#gJ&T-k9SAgEk$qmZs*JrsAiRehbL~MD(GdP
z#0u|BWTLc)=d2{}biFlvh7o!81LH?+XYmS=F60FcxEoT=l>SD;3UBhTo$u+MuHP5w
zci?!7l>5Mnn2m^mT{jWH)71=m>q%dg)$Z_TWmT+BH>0Z*Aj`rKl03?_AefVRU-Clo
z`-nz%Dv*Z1hEQ-s84gLaa>pWBu6I*$^Tbog61yk@@LB(q1u3n7${l!kNDj$QQq>J$
zT6n6ew!%!7as`B`!)KqqU?T%m>P*N1)8DA!A}b((13l>e_F1>|DSr3apAeM~=V)3G
zZ?*JGu(7Ku4PZ$YB8K}`Gt9`zu*#;N`xSFPG}4yf<>OEf3vS<9OsWifV)XAlVRS2P
zN|NJ*8A3UVv#>LSU2pxnCBoJw(|I!_pKvE-5<OsMV5A~GS*oR;B5^SsBfod*HT6Pd
z1I9p&t^P+gLPFfRl~e&woU1V=yY(b<@?=j>Imr{+Uj`ys_>x?E8)bp?sYvJGDin}<
z?p|O!S&oq}ulPJ<e5a0dW}mJBKg5aEsg$ReefsbHk^#-(=QGcJ(ToU5*q6C3p<1^X
z`_%KgV<tm`f3<Z%q~QsF*D4H9t?^~}@Sj?cQm;;_YXT5pWS1K-W&;6|qj-t}eFicv
zb0{`JN(+taE=1^B*?3H}>qJS6n~p18o>U&ehHUFnecSk6H_q#g1&PG7eZo6>H*J0o
zHpy2^#+Dmt{BH#SibHnv<t*!Z^##RbxQf#?j2KKWC1n)!*Jc0Qe0n=^;Y?1JL<M)@
zFk`8t89L#%LI0iBGqQsEfYq9>Gx3(%6;+s`B5wSBscXgsw%gj&V`{BEqB^`stPO?P
zlQ`62ogTz|a^C?^fml#7DpveQD)0e;ohSHE;u_FmB?Y`510xev==59%i79cOn?Fu+
zMEUa*D>`?2PmIQ2ri44-8fJ$RLOL<~<2_<K;cOnU^n<?Ml#{N$Ej5w!6YutsH8aXE
z*?rXqnH#pxZez554=|O$82_>=6uYQK>Y$>KAURl%l0dY3;8>G&o8GM1KRVJJ9$pnH
z(F!N^`FfvI(d|1kpfHBJp8O*tf*m^<R*k4qD9H2?Qh8kn<N7Os0X%(<0XIem8{$HB
zQKF+0O8DL_c6Y!IB;6<R`ah}|*!DB5J6`C78`r(4*#)bW;)ZmoGLiG`UX|Gq!wL5e
z%i7oCTRcPPh#N;F0f`5#);Wd#rabdadPt%E2gSMHw)DKL(E;t^duD2(S9yZJ+yz*2
zXJ4BMkUWvZ@{oE0Iy<?B^ij0>f86n%B7RHa(^O;?&wc^Ez*o$C%Xh%QsxVd;EnND<
z(x0HkuWV7x3croBAgtEJSXjEuVc8Opbb`!!5zDCFpYEQU%Ax*c7o%DQS$b$P)V*5N
zWa^BnjFR?>2k}8{dfatlQ`0gWq)DuFci%1ugtA0>R_!hKkV`yl{Prs_FDt)~{}JkJ
zI<&fmHNi^zM{R)UzQ2IifRtK^<~3@W4jm8ma*{wPTxbkAP{~G$)tUy5xd+PD1bwiP
z004E1h&zhhuF<+AJiD40$@9#u_eZPOP>ich_HioZjF8=E-S6>I%2e$ml_$#ze^|-I
z?My{xDeaz5@BD(+zLM_C414@t`*?q0PqW1`P8`7?T+hAz&b~U$8?}r%d|5Y#swJA}
zp~LtgHao#8SoOas|1jqvLLg80nxG1(v62{m`4-cJ^O*9#Me!Ps+%w(kpd-1n2;uf{
z4Udgs@L-yka)MY^W^_R1C<el~4y}lVBh0o1KEtjr!2|1A!dQ_(o!l08S;SFh>G$04
zh2M&IQkYchX>%Kdvt0Ie50?V3Pj{y5(<eGYa=J)^NGeXan{#E4q-z2ZLscI_5Pt#C
z7%D&(IWYbcC|M2kiWSKF9MBz(@vLA#Ap(ac%6iNL#Q%dBt~DKcT%@yz<wu8lc5O;4
z2=GP4dbYT84DVsCu^h)gi}L;%yx9Dsv+&nE6rs5NLxH8MhOnb?S|Sw>%vG}NTk|%*
zn|Jc<%&d}8+MDHU?*Hg@rc=9#Y2NRi3WWTk1Icv$Hf*_+q|{_Ug6J6fGQ;$DGOtEI
zB-<X~)7To)l1TCbmm#sBwj?7dZ^H-dd<${_)jdZ3K8iO2UfJHmiWGlqDVnOL<Xh40
z?XM}jGL;}M0{&5#=cQLMGBr^56)RuMqSS)@T2JyV)h>!0M)d35Ive{3hc8>{E!XC;
zB41>WxQn;h=$k1U*w~gf*nFg{$lKqyKd(z&la(IT<D>dE!$J9m>qSMw?F3g(iB`_V
zGx$6az_igB{COof*x4QjqdOR68<CNWQUF$CN+rGXmfVo1t#x5C!d5d>eN=MpMr_Ex
z?@$=|y-lj`TPYwyaFpiBq+oF&O}m2}nu%zrlrgK2#Jl|N@6U0^K$VE1kx2Q(yGzW;
zHMi1cv;LPU_POg(MB<LF{y(ai^Y7gk6jl6b6z~3}_$&9WJ{eavTEf7P<EHCp-2uxW
zKuz6G5Sc0{taghC0Fc#Ljk%F02?(yGPxlPS%dZy|J+;s<f{{Nm>QVc05K^Q5E`wUv
zjqAB+JjQQ)RdM<39+z`-lhV#cx05qaEBKZ6Bq)Iul$iQ8qLXl652ysL)A@FlA3XD@
z-;1YyxiUZZNkiU;zT%_VkcT-CG~Pjs)jb<BPEk-q3xwC;F+};>rH359zMlv?t}DPq
zN_k_0vwD6e3-G&@lvP&(@WtQUFBRqYq>YZUUtW#Gi3RnNK27e4koTcAo&(L$^l-2@
z<XazLKVmwVw_NZm*oTY_TmJlB?*E%TGQIrPR7uABo^6Js7DXxd*C$tN29bQhjXNdc
z@3*vDjfPblgR-YXRc3GjvW#L@UmzO${BFRcx5xLm$hxwH?-)=QnkX67>n*{bY?;2%
z$HkaPc1|Rn%fB^4x61^4DiQx3R<rk&9p_U8;shhrw=E*72gf(1u?))iJM%)P<$0w-
zryC}{&iW59K#-iEz)TM(r$pH56hZX*toOFOm7Bo7iu$IB>3PQ-8XTV5u;4`t&5j~E
zzfbgRNyQ(2RhSBvt0ZR^kXYukmbpM6Kj>%xBPKZXn7AwGdas*^fG^V)1VhIw@!{(D
zaONg*xY#@3q4n-m*)fxfk<>LdR=`s8c^k69Q@l<hz`8cP;cSQRe#y)YN~D>b7Txdg
z5LqZUG+QTB5X}y~;Lz37dBqPiPho}X{zXYlgoik6Dx>kk<rSywx(`0~oSd$e*7d|*
zHVJ1nc(nLw^=FF*f=SK(i*LR;y*wH2-GwNz8r$<qsI{ujHHA=!7CK0i6U<|k<|W-*
zLII3_9g0{H0o-6>(C2|q$ty8YByWZV)vKt=7L1cKGE6{s61^J#t&WQ@FXrcrs<OSy
zmDb}@c-&*rQM|LTYryT&pF%=L<DQ$u_hSrN;s#_{?j#Nx3_i01%wMO@38s|?DCp>%
zP!YKeW`SF=>}#f&%<`P$P30$;E~(r6e|m?T;h^}xKeoMJex1Us5BuAxB(Q?ndd%@v
zEOkb|zerIf*)6pGNg%>~>(o`e&R}-_0*3-_j{)sM$*!KW<CKvDd;g(hAwRD5L|-S3
z*LM6en4O+6r_>gIV|FJ!tQ1uLtv=qID!Z5c+xM}!4AQomR%4qQgZGUO@WXP66uGJS
z@dlSKbFs6pZpO6y@-{ZiZ%cF)HHfqc&1mtyv=vme_M;Yw(oG4ts81oEVZHk9^pS=5
zhNPo$BM6UZPeVNUs%n=wrB1aA%G9<S>n-SSZ6h=u5@kAHkvb;<6sQ4_@%+)o#e$1<
zpa^qPW`)i?xWFqQRz)6ZnUBg=Ky2b0@~+G6q#vSpQJQIvc^!VIyXk$FTW{lbz1j)$
zxR9DVMf}?K@XK&shfR4MU0ZtT$SIk2<|&!R9^MU;qXyI2LG85O(G}0Q_R6MBSE*i<
zDp*QCY0F-?W!+lueVQoaBYl51Q(b8}&z|jTs%ufJGh(eku=Kx>Shw%qF}2&NGiy1#
zHIkUc0(3t%4i5?B+xP{4yLm3p6vY*k7Yx0VV)$IVJP35zh%vy(ZY<bcE04flNEmx|
zwqZ=^)ik`+u;<;kKk^>yOwGtb*6^(RAk^92VgGMae093|U-n-amG$#qn^1g5SQ9P7
zukwF<=5twzBW%qz8;xr?+Wl)ZES*-y9eW!3C8CcC@k0prvf7F1N24j2Bb*GweKo@S
z+BC!<bmi9rRqBC=EDlgd1@W`LhOFW_-u9`UXbWVE(<fDid6vILjrRk3+K0Ykb1!#~
znnkx3N$JT}VwQ4h!xBFEqWpo{I~kmo@watW&Df6SU6*F$7uB)No4Y$QH1Z`Uf`_fE
zHusPH+G>BYjWkA#%YFsXtzff3b3<cpvnNF!KhQMMDiohclX4BnHh;LBeo0H$f9me-
z&rkNqNF2RgeQ|-6O*57Ln@x>#$81oB^2%ZO7qzwJu(ZRJ%w9hLN*oKaRPR8?%3loz
zErxplc?%O{I~Y}QP2(zIf!gwJdVxFFnl6>1zRD_V$G!b@{zp@o^2$RsuU-UIv50`0
zLTXvekpA11bMLohs$)bZXO?$(qP2+wpErq#WN|MulZ$E2DhpY7-OHcXX(;HEerqe4
z{gRG_ZbTEX8{XTRmr40JfBGX<R~C27T!NhJq`S2>*Rave$U3y5Dq#Nhp)gHGl7@`O
z_vG-rd#LEy-^9G0<}5;u>8a5L*MB=VpSijI^4S_)Z{ElJ*$L-<{VCA0E8dDi=JjH(
zhL-Auqxa;%-vuKd$*sZWg#^Rj&Dq+Q`=N5DVmww0p$`4K)LCgVjN;^t>o>BZQp<k#
zYA6vq-x<RIMDeSW*sATG4uy|_AwSanovr7Dyu7DmL#Nxs_tXPhd(WyxkF{pm)?ED;
zFhxScfiZT@fB>KU(&hzY0}{pHv9-w<#KU%OI_cx7A5X&Aatk+8>yLuVPn&gPuVZ|D
zAL9r2h{#g3?BgXxT}K7DMA%vBIUn6EXgIJBeRsr_b66^)`?r`lk^6kl3Uf1lu7~&f
z3CQHJR+I;r{mrFZULqK%koQ8VlJ|w&KdUQahpQ)zoNUK@7-FgX`##HgVw*ySEM-=P
zPPtI=9ryA@PxgU63Ag6V6iOnmjPvp`<?7O4=(nV^fYrvUm+Y4(e-~zYbCDfis}q7u
zPPiQJFE(A$++s-8c;5~F(S7ml4QE~Pw}7Gf0B+xx?DxgRe)TaGggGM`1mumvb>&|j
zXTF9t4*p}x?Kv+f-x$8x*ybu7T#H&4%fZ%9I5+0EoN7A|qBI=f`dlJS&uKI}&hK=V
zPn!0Ode`oNdd>u5TCMx-Dn#$~d=NDQnAOem%RL6N0K>HRNyf(tm*PJKD=P~H1Hh^(
zOy_D49Cn?A=r1rMvMZUmE^96xW+3FVjni%Ndw1M*!eRQgIySG~^XWQ;=T8`^cr+Nd
zpKImpG6D{(xKc787j*cA{y6$vxTkD~nv|t7E~m|s?&$Xq@`(*HU_35n{U`~*LL5}_
zfcw{)!2G}i7-J`ewp|&FFoyh~6ql<N9=JsdM({dF`>R-EFw7P=?q6OCI0#|W)}f@q
z=cIw(>dbuTrtP4*=-`B<J@Su1!{ZD}oR)7Vdf6DI6+Ou5x;e2lM)fS7zhqiu+x>>0
zHusH3Dm=<SZ*u7%^(|E`X?0CSvCGi#2XwGxO?2?F4ft6uo}BE@xh_sNt3k}Dg^^ab
zlzLDwL#oQgMso0K^SjR<5{9aOGC$Gupiv?cA91^i(aSK4I*fa+u*xoiRWx}Fi%vCD
zW~E9Q-y(6!@Dd6NgYI`IfC}$y#i_YDnGKg_?bbezHWviTNuTKJqDRHP)Y8^gRhh>^
z#CuXDq1#}>W!PcAw6rx{&opR(39K_uAha$us&&BbU^p2-F$5Gb0>TY;UaybBKTxjV
zeLVnStg3>DvA?q}lZJ><7IS|8Lo_+`C;8scFjxbln+CmrmPb3^@zWcV5f7jeI`r;M
zjSPW>c*x`E`VI?9g?dgUQiRI5xC+}Oev7?ImTsR>&CGuH-i9HHYcAahI6uG*WT$fm
z4zU9taezHu=8Am46PBAk!4B{TA6^vfSt?v7F&&>?+&J9-x4Zw*$L>+!?Tqo>-llAK
z=Fh^Vh7W$q30XVnBsUhS;vMZMg>UPUVNW*0L=qi>0(-I&)8;Dphi}U_(9#3Q!O;nn
z^F<%a1y8O-6Vdb(%AXN(4v>>~lLRn)vO`0BeL@-Wb}bd-?i{udPA)9`@uw-0f{4sF
zf-Za!Mm3<NV1R^TRa=!uHG_!YYr1E?rNy#EY0OMaVB`5+<<qA*(JaH(XiEZPK-!CZ
z2xKTYY?a~#X*5q#6daOF4E>G9wziFccUt(L9Zj&6P4CWDU(6rqoh+l^s?Xo)goQ(+
z>BGG8HLhm6&yU6{M7(8>x^Rfl3;GY0v?ROkMDYIXU<Hm#Jixa##;UO04ePk2N2Y&U
zJgg$&c8-z0W1b?OVi37jfG!`6DxmDvNiCfZaXm8tUQ2eQ=%zjclga2T5dz^^;?YDC
znzJWwKlu~OSWUbF^hZ;ER|J+nzJ!ONht@)#b30;y2V28I&cxlH{@oy*+UJeYHLZDA
z9QGMC-b?nECH&bED*GrdllC6|bq^dyvVfJp<unT~39F@)t250D{>|ap1nX6@@O!xZ
zW~WR-2imR7$ZL<?pcqpVm$<67pI$#p0k=tnAIIr~8OOjTK?Mkk;E@m&S9Ih@0w@eg
zlyIWMbpynraO*w+14k>R=5PR}cEC|wtU-0Dxhr6LE4WQFT;}dG7P$}w^c3ZEojjkk
zN|dmFQEvA79Y%jMrG0phbpuo=FH+DN*uxA47*Ijk=?Zqw1=ueCTV1$wirGxR-h=$4
z-8t7d3At>6R}~y>{W?`jC<!9OO7QL-Y~6|Gsm>1E*?lYrHtDCrBn*62w?OoH&NhGE
z6~K#EBwMZ*rV@pZOlZMD=Dh;)`KCdEhhXmmt2e2a^;0Xp&qF`gF|zE>(w2my>4za|
zrO+s(_+Ml|Gj|8T$wx2E6`#@(u^*min33N(IM4`z9*ZrMyBV$iJ^RAb)hQJh1E;Z$
zyX<>e^g}$&^t0`A-2Q`|xl3R@HIVBq;BQp~VjBiHVg&7fhq6}50yYI9a^&l1gz!Y)
z<5l!a#zpsF6+?{fF0}l>=fX&#zFR>lxq1My96HwoMKrSkbG<m=-^+o^PxSE9c`Uq~
z3gGS-S~NBsWv*S^&iQG(xAX{+MDfZ9Gv98*=+W`yfDVYI065J8?JEKjG2w7=IG?c0
zbQvDrLz1*NH6i@>HDX*6r%0`i5;8+3ng(p>Gqd3?Ta()x|Ff33X#HJy#-kk*o<|7x
zrz1280>Nin$f3fUKpNkdpmrEq%qhyid@iZ6U&=Mud0cv`IygXb)r~kb7*FaE0)S(J
z@Ats~QQ#%M)FVESwgCX0xAh}glU2WY%Tg7wCpUjAWE(X36_WyNKoF&qqYE5m1Wv=V
zK)_uPz!*K$9HaSdOpYehX}QhBcJlP-mqgUauJr7@Ov9_;zn>G3A3rUX0trgSLH9X0
z0AnnC6VoQb?jRdnxal$YUw9Sb--#fAj-QB5q9_Q~O#|dYr_wU~{;vq%W=5)RH!~04
z#)NXZwj>fVhmYI^1I=Fnx?_Q>gz!pQKt3mlTm=dGPT?PG1)Ok|!vs1>u5T=0+P5B>
zZUrv*3+t8G3wUyTCBne&;$L7!12~8eGUqS%FOO=#vsZ$s*(W9^$v#ya?-M(oDZdRM
zzRnUkPQP%X&akj^dKC=f!$kVye13cWUdo$@89u28SNTZD$b;9Zeu=V*Pybn@S85o7
zH!*!LNSR2@!V2f(Lv%5sQT2DDBh{t6S#Q&dFB!RwJBnV>Bn7hq-r~KWWzpzYjI3S3
zm--!v5Qt1>_XJ(Uh=Vj^#5>Ro{74+tZy!=1h>S=^WAUx4SuvTPzPH~-@xf;j@F375
zKFVlFoN@C`9z;&FCkz-Qf?MYaMe-+5F=oTZRnNc^(dS@;*9SR&&iqa{VBf^?zIOy3
zWncXyCm|+1TlTr1C7XOMkjN#WX$V$~J_wW9e`m~s*-Q{)2#Qz2S>y1mbz150cpz8t
zo99>l$tVc1vm_Cro{)BL^CQK&p#hGj1Fh(h&k@#dx{c8fm{J%*7=K+QCh-mowN=iM
zzk0q?LKF}+dT&S-I`_OMFO47%r_sv3_(9%CzKh@OwamrXOSrs<^uDyeA}azf$KcCc
zNVaj^9YUw|@RA$mwhDb4eoP8TtHuM5p@SU=!6rn=IHKss4x*4%2r3>qq6&160q#EO
zm^*2aE{OrCMjxCWW3#V7xBPjZR2~+DKUD))GPY~C#qYT!v7pDc#-PD_rZLyMR33G~
ztu!7?msB2HxSk*$Y^n^x?0$Nqk1Ji5gylzK7r^<B<@K7fqfn`q#fGNhpO<h>5g>cl
zOSmrs0*|4Y7cht$WoCn0^u5sz_;$9iNQZ9Nm(H<;nm38GnnH@?S66WQOr-6~S45A&
zSbZaDlv8y-wF=;f{c+mVMjJ!w^lyVzV_NZ^83U0%0q$RFfuP(A6LEM2GnPsChUeV3
zzQqVrZ8?WMXN+E2%q1<qn|~7w%mSHipL~A4fW%+Kx@;SSHO?8EDq|oujFJSTO8e0>
zt}@9Guo@UDuJaisAvi-6gv3mhpK7LZvF_w~b&uY{Km|cqYd(r3Oaj=%ilq!U>Il3V
z*#0*8UDZh@Tzs%XyN1(`WM2NI)dk1EGU}yvB>5Stgf_5Pv-%wFkmLq+<be#lqv^R4
z8J2tb81T<nt&<R|4#x&NU)ZL@s8C`PxMH#|2Di<C@S~X%fgLa=SQE1c!Br7gK$1}i
zPzf}k0r5VVK7sw`Ok2wWW_hVB=vu$E=W*aNHETzgtPP&R_b?R2gwfxrEzE*6j$EVi
zlax#6w!tsWywzA5N+f=)*ELqZJn!Vk1DK7`d?uCi<AmoCgwD~Ueq%sMBPj?_2&-H3
zzTZ^2d$1wgc-$MC9MK~Lj@)>5Le6VLf_ha?m;t6J8*M!JS)&!|7T))tg1*8aB-xSK
zEX?TBz-3JuIL16avV9Y1%tD845>!58qE_b?-Dz~_OUD|x-zT=eMkt4M`KNdRv#9E6
z6ns*ZkI*q`!$GDP(slO_q2+@pz)`aI@`>EgTkJndJv~^^a#;X|Eby}3Bmw&0Yl;h%
zn*+i2-{o2mbW^LyHNbVl;P)SU)}(Jc18wmNfyo#T!>A~G2vr&-RTk`H!LDa9rANeg
zx8P?al<Z0GlHZ9H8L+6Eq0CZ^XLGUmy><hh**x3tX<EiY+Wxoe(X?oT38B`;GT>b&
z8(j12K6el!9mqr(D#neE(kNToKga^!s=28VNGWndg@OVBxcJ~`B9n?>Mo0ecZg2=l
zTFff5aq>D%gLVXVZ}QNe-&Rdz6MwGZ@d_JkLI_TQZh4%Rk^4#Q)oRvBfAR6WOH0<}
z-Iv#I7uX+W;;j?#d?lP4c`SwrpRL2e>&<u5#{Z008$7_7`P(oBicke8lbvv%mHl|N
zrrgU0Zv>Ks&VhmOJ<x>x`5FJiVhYr~PtIy01|&y|Jy9mqCWA5_^FkdJ^ZOflTP2~t
zU)Qe7)LqJh$P#Pp(GnGc34j9O8>Amm-8k}DkyGrRbiDa<A?YF+XF(4aY1B`=daEjs
z#fYAXv;>b99{T6WpTcUJkZR{?#LO_(dVIjxqV#|*26E{j;#hzb;N(LLCGP9rM*`W^
z!&KBz&YcqLbpzbc@i;ujcVK#!x)#n5=eHWQMBp28P|*mOksoXy3rtji0*&Bk+JLb&
zNI}GyH1H0^vC7}2{d~OT_`c@`%`x!Lu4RvBs<{=?ctJ-}zODo4hd`rI9;|h5XjG%v
z>#z!LSwQh3RgqI1sP$LPxyk8&ALEht;SAbS5bk-HF%r~NIeSmOZ$~8Q2I#j#Tp~`k
z%Yu&qc0fiyfHFVCdnpNF&F4Qb9`AaL^1U=u4oz>O!l!y^HUcA>m`{>M)I>DS$S+J3
zf(+Uv813F;^OpLNCN@%48WcZiw=8d$<OLScZdGZYI!pvnTq9<DFK+uIRdN&ne&L`z
z=>ncy__0<jXx`TX6{7tgX3$}z-7vw&|2(Gg++XaXrx9KBAWr7dV&f@kL_1yIn48)&
zf~GM!lc(O(1;EAej*fE@C~1T`)p+g+d*}kS<s5s~h<@HNZ1+Q+XT552>bQwuZfI;T
z(%kwg;z}!g6}jRi?X7(V{07f>A^aU&pd`4nK{5b0RR(Em?nijgrwN&T>Zg|>&&xO!
z_oo`Anmr|hFtTp#wvfZA5{iTVez5X=tqgH|(xatwef%bt1mx1}|9OvE?!egK?5P|m
z(@uJhERp-yAlNIGpT&ds^{V94{d)CPzK!_cty9qSg_z82&@9&yMbuAsYE(%^%5vq_
z3EyIj-c`4SCPEx<qftQk46&H~4*b=G$S*ufG5(pVd^(QQS5&sX=cFngtvLFkb>huF
z(uDL^?zc`}Y{YMoC=xG_-7f!k!t&X{Z!rN;C8AKJFLOTphkNr$$718_zf>4f-*U{S
zGr;2dx4|Q<b0}{lI>zsJ0$@HK3AeKi1d-fa(yCL=%iw#hs4d226Noov7N`x0-rbN#
z(5;LMEv5lY4Jrb6@85y}a$i)Qb)(;*gx?{L7G>giUd`!Ak1nS#^6+;wBca|zvOuFd
zDiGO&*v4%Pja;)SWmL^vA&tjf+G1rhjaq_5$A73Km&FTPkO<sNlpjY9l^p~Zq0;V{
zEKqXyODvOp82zI~mZ>VhSkex0{rI8n2e^!I&L5y10D$=e^ogWafdJ(k>45_z&`1s=
z-|@N8A{lg0AgV=t4{Y$#pljmn4%KW?@jwo*E=s%--l3`8Sub7SqwR;+a)%>kBCo4g
zHF89N0CZ#tk*dd#R>>T>Yhdpv-2uvMcIKYxLB7aMdwv&NbYr^g>N(v13TV{h2pA*<
zl)Z$f`3W&DzN?Y?F)uAwf#|y8X9|}T>oX%p>%O5ufLYFfqf=6#&a$v$oKZB@lI5uk
zoO~`rxC+ZGh(~Mz^y;VgNdfA`4D#j)nX3H2&$3Ik=v7<=9DRj>yhj4nu;C88dSO_4
z>G(GY=`HeBs8aP@Gk)Ynoz_!ga)1UIfj{X}XJEJs?KLy#<wkF$by0dor(h>JRA2^V
z9*EOjkriV7gQ|M%Ka5lI$@(jBw}2>r2B#;1p>Hf0RLdQo4v7;o6@bGj!9`01Qm!0W
zH4o4GQv1$K#ffE)B4z*dpZqFtVFQKj0#I=ycq$T2l&%O;hbd)A!do*JAXh!-^Q&4M
zFGoeq7PR(nxf*+E(>rQ$c(4jse@6%=yLoQ@+VzMYo>>HBxp#uFmJvzb1N{<fIUvlS
z!0{ytW?yDkCx}po6ma>>5g?lc@y<YZF$L5_w2%WXtcal#)CkUd?(YAOR<IJc7$0i`
zuU8(O)*y&QT%-aG78IiK#4krOYj~lIy`faszx~p5#+x%X)H#`a#xN`#vr;10;5nPK
z>uWND`!P~L1}#WT9|9$H2zM@%@@B&<3K!RhJHNpUd4mZ~AwvGfrSlIK$E)d$bncJN
z{sG(|@8&>FhOwl9tL28M^pgOvc_5{~B;YYsKrBM|^PssGP3282U?YC7pXo`p94|B?
z`x?Y3LXRC$NhBJQCl=IUx;>|{AGlX5UDq%+y;E0(sebp{xPG}G1yBNY-i$m@Fo1hp
zFC~~UsW#0U&-B3#8NAI$U@=s{m&*h$@1Wt4e+An9avZ4LZHZLL{$F?!?N4O$j+3y+
zxRwudNAW#I_sL7FZbAUBFuYX*70K{-);D@Y6+mPy&`d=_@^@gKg%Y6cgcw}!7B#y>
z4F#!G)wQRynICIElWNF3356*t-TkVT0?L81gIIthnJ9>duIf<^MCD%sJLcied+4qu
zbHam`f0M>b6N7{F932kQVF2^)87L@QJBl>fk)+#i030YLOj>ZV@dE9K*AeYmnno--
z^m7&>@a>agB*K&Uf0HIZuxa+ko@*4pToQV$a?UM(05j_FhY44QbAB4TQQ_pTNPc#Q
zNKisEYtAledJpTBlb$1SPLv0LngB=`Hxwa80ku#9iFrfjwh`WDl;Bs9CVgnA93+1c
z7hr|jZ!01xZ-Q>k@Y+qFl3FXF>i)^=wfQ7xYQw$CJSE$ls^MfsxsI7;Da20<_!(i5
zAkAN_{1|0uY0WhUz>nlxv?nNx=~OE!laB-5G8L30;Fbvkr0|7+{zzX_Gop3|*o1?e
zlm%$dg6`cx*?Dm1ci@2jmk*~KgGs0y%CSl~nvMPxmXFeq9|1m=4Pw?0V1&6ep`v}#
zZ6Aya96Y!1-O0G!SGHVeFgNoCHNFaEmfISM*rkWV2{3?wZBhVLD*zb>m7@k)W5Vs-
zRtiC=(G6Lc;IHe<0PGD2>&&ZDlnebikR5^z*U+#hWG45E^Ket2HAZKDXUKGrF82Zi
zB!nNk;lcwjq`U>OZa5$XQ@{R0O1(d+3xxBN1EM5HUIFL9boC-5oWPt<&Y)N6XY?LG
zfCtd3Iy3M8fTa(*ZX~`3DB<)qYN&z4!}*`5o1dS;nr4%3il4R-qH^}Xxm8xS$o(oy
zP%*p+HnSuv8W&vMdZyiqj+~qZ{W`6E1?{HorlKQx2%y903aLE;FJ|7z-`@=kabeQS
zZ_RB3jm(IUOhmv9MSznTDWl^qcg7jGCGKzJxI_j*$3YY#mr@gM1a}T3g)_zit8uXW
z61T_l(k@ZG-y6F8EIf*jf35O9qqmSf`F&q<aHIYfHC9ve^D*-Yx-23Tlf(F?>Z0yN
z4q^-VtBW3x!4GaDerv)HzR%-}n!Ddbbd__0!aiq56xbucxlBwRPmcjJcc7m*U>Ia;
z<N~Ank&yQVp)KnWI+TqAUZ4R8&xMq}p#*ERp=xJ)C{rM7Zu!~%zJuHA4--q~#|LL)
zk}MGBv`4r9yOaSv<A4kDl%RSK>&N1%%hQR%_X_s>kqo<&p$nD5iK~I_cM({joy-86
zF*H<q%ba7!3cuR|PD*$mqxmKFjNk$#Swuk^VKBgj4tPWXy5!Fa|KJ3j8bLtiIxs_n
zp;JMmi5I|Oq-t1g$&<FNa_9q7##DBXp51L4>aL*-I`4&J)??P6aD$XPU1WPKvJf$f
zfgd*0REoa*P{VP7<G*kw*%wmkUDf!)O8CrN77vd;cszv3J@TR&2p|Ry@J`x#(6!oS
z6SW=lW-L?biSk9aPwN}17cS?HHF^5pI?x>ji2iu?XTs=k(?|@E{$0I9sm_Ddw|}&n
zenv4P;ahzgZv;V%vo#$vF#!J0ghX@y4b-_?2n_50xfvfJoeo<-wFj-sFB62wltl;J
z>)(xkLn8j=+YJXhM~lN}pO_wB(<NiUYs75=62E?BK4CctuP#n1kc^oyYDsHIvmX=o
zIc0PZMg2qK_yd2=nUwy)Wbp<UyyJ3MIxrs0g?<8Ug96Do@W3qe@G}qqOFa-w0XQO&
zqzEG6O?$>hcKY|E4jO3VYwH^5Xz5}S$eZ?1pPu)Ej)USXsTt38YumD<#I?73QpR(C
z*c2?tlWVM(os&WDk~kcnG^h_@eTM|ffdRZHuhfpA%+CiD(9A`CHmczB_J{XALF&iA
zNhgrgG4Nk3uq<Zx>-D~HZyoGG?ouGUi8LIMATICj54+dVD{Rg(W*$mU@VK08H*HKq
z&9<}RByKm`e(i~|aCn8p&{W`md!xak&@-rkCzUNO&4?onGDWrnKg0aMa9$?xeHl<b
zy2}~Rs}ObF5&;pagCm@XkQJm4@=Ep~-tb4~>n=5km4JqyPOE|P%3HgivS@bvDD_)>
zaUz60iy~i&s*M<CTuyzIw(}aR!VR)J+~55f)LeDsd(?T+v5+Qtu&&JOvp0E>dzlqB
zvXs$B&BhIP3pcPm-~nM~_YlFbrCa2sZbQK|kO;ELGDKEbGG6fgAIxTI3>!b3oj{zO
zN5KtGyQ3hf>#Y!ej~lS~_d~A|oW2Iq=4ksLwR9OqCX#tdU~G*Ngi^?f#pENSe~d_-
zwc>#JgDYx~;n();-UmlVF2?4KNrg`TeN=a(H$|fv_kxJ?YnG-*#xLmD(Gy8Ffb+ZF
ze;2ckWB{VMS@donAx1e23E`;gq)MH-&@2Z`T|EPH$M%B;KPQ^@>)YH0%~m_@L!s}s
z+s!FXC?BK4Qr&OsI}>?>s(hQu;<jJIdI)q;qb}h7t+$IDt#*N~MUU6U5+jOAR;Wo3
zPIaF+CEn)^NfLxz3>RIXL|3|`<?nwsc^w&jOS9#Sr2WKSJjs+K&t)iITvKv~SE(c~
z(4Y4F()xZv)bp>oooGk$!^(1stgFANnU2}t^ZZ!x)4l16rGMf7=E*(qLsk0V-l%MV
z5ZS#69pDG`#e7Cb&L;w6UO&T-3XJ^{6y2W8Enwj3;^}F5eAsRrw0L?tnmHYr+40mG
z)aJt9epnco)*-bsVwOR7FLAN^nVS2c`soBYe?DF~_MR3ciC3Ih#Q(zH#E+xy`C0NW
zl?$>vT&6#bGk&N^x?%52;?}jROW<Qp%QNn$wX~IhJGsG)M0w4-Adhd{--INs;<-_6
zaGURs<_4_-XufEQiT(R(nz7Ga5Ugyk@UF(FjwdDb3?H%^SQG`My{HGfGr^>P=-0p3
z0Jo&@yaRaI{)!;@-5;a(iKx37n)@vsDIR2ft>r;ObNDCs%6e<0aL38i)n=*gcZ=CW
z1(Bg&)$N8=7?IAiVsabNe3SHo^hrklf^@aq#OPaN-i{tacmkhYcap3##SFKiU-Of}
z0|)Mk;o0cje+N({;k;q$MW@*N%6Lr~S`oio7aN60$)!A*(KS5IZ<mPOeJ|TFuj+DB
z6v+EfkWfqjzhxrg`B~--@}Iz;s9AuQUKM#d7*YOqj>?3DJJ(wbQ{2Oh048gP{%*FL
zqi0V3>7J?eyd=zLqPW$M=k2$P8)QjpywODmGKOygJT(m8e9NhIOF1zvxC_wJ(<_bB
zCFK>qz3Pu?7dzUwuy(yXJzyY+Xiq-bL`@3iF+yDrUWW_rx=G096&q2y(#0Et3*Ue!
zhFGWa{=M2ReSBnMJ(vs-sv?-PTZbC%^!CXNAQO3vZvv;qrjLEMB?bX9T9^NQhE#G`
zZlek!5n`6vu854Ji`)Jh<o(5S#Lw`#Vs>%amt>!^+xz0n^M3;j0W&{#7H_`@`|IU6
zfrBY@w6)W$+d^k%v`$!vlh{n&T1@2JaP_5)8ug`QxA(Z_2)TsLkT0_==-|=<T`RZD
z*knjc!U$tl*%ORa;w11aU|;+GCHZp5d`HenU$YcKygA+hR?5WT)Ku8rnoM9aONmre
zYgPm#m+V=P<DsFZ;c!&X-*kLxQ!Sddrn^EM1NEXDYffFau{0evH))^~Q&kYko&^@5
z;G={mwYhJxKloSv9#)`_%LzJ}ak#o0@E-k6Y8X(UX&<M|&c-9<qp8psd7Li+(DvCR
z`z?NAK*9|#6z?GuMLqud0y6Kmr^ewbkb4+wA&`AP%>U8)da2=)CN7t#pRUc0j^&6`
zOQ8F8Qi!M*1yua&fVQf_N}ul#BTdaJs#n%se0RU-t;ytbaU(%GYCqSrI<aS{Bg>`9
zCDRWg(W_;XWuurQ>wWH(+%(aE1yzy(Y+s&cPk>Xa8Sn<(Tq#djz{?`9L0G3n>5|^%
zpF^S=(#X?z?Ii!{-<>6te6@0mP${)I#*hE>=@aZO>6q=SScyz~e_qeu;TK8N#=LXu
zB|7KvhJAio>+(%6LI`Ia`OQjveyxYceku$99?fD!)HN9y8A>WReaz|@4OPfN<>d?g
zNq;7U!%>I%Ais<sYTn;5clpRtK_rO!UKh47<MGUPD<>jC9|lWnGT0~jf_&EE9Pep#
zs+;NASr(d_V7-jDpUc;j*Y+*q20w8}Yj-w$naSUe&yk?$A`M2Z1Ng3IyOVWJgP%3o
zlT1!!-{$l+n5-ev*+B-dnf46Kf+~-JTV{2^i)9ykvu50EKrA1<PZ?zoEHzp*_T_SZ
zJNuh<t;z`!v{`vsNrRf|8jwu*Vb(=&?p9lVK3Fw~WDPk%7V!3S273#OV23-~<q1=c
ziTfVtUD`vP)?S*y4(alm@3@Y74LiO;-f=4H!eFF}i5gIvPaf>A&MdPbRyEa%0rGEF
z1uZsELVqmMcDJHt?=l2dLVt`fo0~XpS<&62K8$19sCr5J%-Ng_UBQ8+kt3rs?FG|q
zW!Vd=DkxLu9M$L2cJqhC2bo4qV@2z^`j1C5+=ej${xHng<+>!BJ>~8aSF$9#4@(%u
z7k4sV!b69mDJ|qXdff2cOkg=RrHn=Ka4-ZA>D<f&Ck>aI{nE!t50@wF&Y5qtA$?@L
zzndpi7`R@a2nf3On+6MZR4Vx0>{hFL9W8NhoJ}g7M>4QXDmB`vv>OD>n15$KtBal=
zZfX*+3_$G+lKITgF{o1hB%V9^yHd~#M;dz(&!Imbs<zB-G%|(K2D5WxXkw}^cXWr;
zcXJHSm9CQskR+d@DN&abn6hoa1y5oH0-pE)!l<FfJ$Z0yC#d`GU4?1>?LT8}I@k5#
z7#d?G1*L$KHbWn)({FV?+JcNj(TyBF<|Io;VeR%#PHDX~d3`0`pZo2&4P7ru#JMdM
z3%vI0gBCtKC0<Ls>OC!+jpWQ8BBVU3rdytD7iigwRG<<Fhj<&b16L9&iMk~XaNv>w
zz!Y%~qP3-3GrWBD+K}`|7L3pBqs(wReiT@;@*j-M1g5xk<(Y3sQnJq(wVYUN%^dXh
zV&}~fqGD}a8;PI<xxSLEogFF4Vu|*T)<|aQqXp;XB$E}lCU@rhFZO$10(djpD(_)$
z$_>!E_ty853X0exSid4!9ave?P0jF;_j@=zZzaIV==pJ|j0`L=l*tU200fcDaI;Zi
z-0Z?!R!)W;C7RR@Hm{CZGQe%wJ9`#PqraG7{T%-e4vKX%-y-GSE(X%2t<e~-Er!Gd
zEA}f{%As;oX*=o~w8ksJvR&PwWo=zfVk_ku<wmFbl1CP!|FX8(oWHMRA|Ti9q^6S0
z@qh_BP8g&ccZMH(jXX*c2G}_HH*mQ!)BGTjV#{s3;`TLYl`to`uWY<uhMC%bzD~pp
zJYT0ELQKSM6GWo>D)Audb}9+h=CQ53rnY|<;7x&wmbo-*cXNFltH0d4zi+feDFAV+
zV*f!c4S+*wa5<k(u4EX<3{E^`)~VF>S^?xA<xuc=YdGXLxoOR##Q^@v&pFYfqp#KW
z3EM;&bjwF)ca`Q$NA1ZlOA<A?7jkkS@eFh5GsGJ(FlMJW_!Gxr`$q%kUIM|+A4uja
zF8TUQ3;8BS%H_KO(T+lvFyaAbgrJd^4Gqmf!%_2{QQpzbVf$Efyv@R|YL>q*W}3i_
z2M@JPSJDd-0K23QL$B1DdHm~m71%$QOltnJ>t^Lh**~t9Yk3<4C60=HIIhbEh(;06
zUC#Zp{TH2v^XJEfYT=fDFI8*#9&9y@x9|#3Hq=@eu#vW>gj+3sB80eT{}XbQ{iAa`
zDS_$9NVyxdbJwXPZsBxO%t$t2G}xM?=x-j9w)zI+G!G;yO<%ULq{^T)Pp%DJxMP!=
zGsMe_Aqg}rhyPqr!8<LGdDZ)(-w;o`y$w|t_-P)Lx0y1>{CfFJo@&Ue<Z9|t**!r~
z@VVmQ*gmeTfNW!=k@olUs`lF*)07)JJj3T#Q+b>(Y-#H*;}o^sKdHk;`ahQsuq)n`
z5)3X<tf$q{K(_j@2SpiX9G5gKuC8Zf(l(NCQqTE*_PXbrW62m#lcEnsy5V#vAE4i~
z5gYv!`nAgS@t#li*ZKGeU6urY0Yy-y`ItP;mqeA<RKcfmDinEDAc{oucgGSnnwx2D
z37P$xK6%xXr0hNh0nx^xM#fn0X%&X&SLqtd3;DPW?$6hX3#qh)m;OA<Sbb<^!8Gs`
zB_Ft}-B_KZ^_JZ;a0@pMXH#$Z!WdkmF_fdmSbTbrL^;#E#4PK&L;_>iPBlJ#lz*i3
zr<*G?7mwDyspAw;HNx9^=$1m?F6J-<>YPkR`d_HwQJfgz3Fy7UOEhB7&yOT=>{Mgw
z3zsBfiUQw5m=?=W6V8*4e!;|(L0?#Ts4w2HeQ1v}=H&{anJp6#we@}d)BI{>KkJS1
z$fJ0*o1NO#mx)|0!Bjm#%e;)5!@5oyqRr=X*=}ij7w=tBjoFtiA%j1|8)<)2y?8TE
zYUh#h>9+Z%HQeFrRj59Z`IWNpb~XQQ!WQAF-NR}TsEf3h^UC1x?O)44xg$ddPOEYr
z^Tv|do!Q7n31GKmtQK~1ynosNRxfsT8ufXVE%n9WjYQZl+YHl~g`^-XS}2|?2T@k#
zz()Rs4sNu$qvK(DHA`7lRZ72_L`ts8zr({zCdpLvD|gQh3tL||$d9`(%DRM`6}$@S
z2w!C$Sv83z_A=o>Ca;0j(|_5cT&qRO3_8`4)b5<?yVY|W-&nZs#W|UO)bbY;t*OC!
zGxkHrLg`Bla5z`4h$KE|Q0nRpZU%WvklnTUv9AuVmImLi9j~1Ruu=Jw?*+Jn&+V1K
zi8^swjm4+Kh|*_1v)wVnL9h`rKl-uPqIvr8B4ghsjp~p0iIFQ;Av8YtMo0@88LS;f
zR}5H_#`5=_4x7+^BQPy@8pTR%0i3qxOJebY;G#0#ugF%C=Z$eBaTfz0tT&rK!>>N1
zE`SHz+~`!HzfhCx>vQ4VydSo#awH=+eKY8W0km2?wv8kH#7lKtKgf%+({l-GUOa%>
z4l3s2FTf7LbQ+T%bI=c}zhy1Fa|n9o7$8_merxUV`#|B~hEeUp;(21#k%4{lv>^Jh
zKX>WHE{$1UU?wpg>}Lfg=<ssmkR`@+5?RTNX`ow59e{aP*BQ}U1L$lk%Qtc<KCOtV
zB61*qE={6A3gc|xQ9wpbQq*C$@&8qKOlYT>Qz*`MQ3ad28l^GLcf=oLyN=Rzhy;s&
zzCUq2x}MrsrV7Z0>MDmyrZ%cyZNu{+KHQD<#iQbaA@qTGPx{mTd6}6nVKq8JWxu}k
zYul3>^CXmV-;?|k+3X%>!{!dZvTp(65Z^N%lgPwmDsvgRep-sH?V7!?;tmC7VHlt)
z;f5a#sYh`f2m$M7e`1NL$HJoo-d)m6L?18|*3DKN@bOu>=6-0y`u?Nfk>^*6{zVO)
z@H5|$kugfa?`izsD-<mcer$fUO?~l-&lGaij6u;lvsg|29pseWxV*d5FS8QS&l>_k
z)^@>T*VG0*eupwq-$hQnbF--!vh~`SdYeybM!5Sa%oj87%<HI6a|)n)^kSMYj*5N0
z)t>OZ>9iuF_8ZAmf4UW1&%u>Gx;=6ujOHPMDzenWi=n4w>4S?8U3Ua#&9#2)pGQ=+
zRq!HO^GGVU+DYOrRX(JyyqTe9TI@y9M(BZqy<81@l}d#YK;2bwBTGT5TY^8lLt)P2
zL%-i)G6-3m%m@(Zi}I_ZK{UT_j@FW6VdFrw`uFea+PcEinIbD3B0cecaybl(j^xa<
z&C|DWe0$G`&5{e3PUjN;ZO`j$xJs4tyTh#W#^-SU&C;@8G52M}rT61U)mFUadx!g)
z-0jZE&!Jijrunn)Ggv`BZ(1cw|A(o+42$ynzQ=J1We8zt=^46_lCA;i2I+1Pq`L$M
z85-$Ex>G<J1tgX3bm%VW{NJzl=lj2|-vh2|m`C^A=bU}^+H3E%lmqF#zcw$U=dL77
z#cXVWh}~l+aNYeL=Dwe1Bc$rxk6x`i@7WD&OFKr*l7IU#P}7(hIyCKLI<DaB_4r{u
zo>=gSws<{}Ir&5PVAf}mq7$XFz}~Kn$oH>a9=vj_RlYdK6IxDrrEo7hkJK+Mi6*Uh
z2ug^I#9~~Hda7N>fl@t8MaK^KG}QZGwm&CL;pXEd*=J&${IK+b#lO)K%mN=LbMG+V
z&qqP~5shEq+iN$G)<3#M)b4q|G&2B4>8Pvz9_+S2t#6R`mzG@o1n&jTkKu1>940}3
zyOjd_P))kAxp6Pv$KE-2f(^!326aEa-2cfhffuViNBu1ltt?#&cN@=@rRFAkB{NN&
zSL8}*D48p?K-Ff`=^Ssxg|Rfx8T@IIq!Tpz^oD(lOK#+KUF|#-SpQ%vK{R~h*P_^i
z8Lxws%CqalA17VZLTED?PFia_CS@0?YwD-2X4`~fE4P-uy+UL$$1UAbD}-BLTB-{-
zT5YSN2>kx3D>f%ENe%KuT$`|>w5I5G&&p|aucmMqB24omMHHpQ$DdhBenvIDiJ<Uf
zKfTRdK{BYjRs^GR4w$`+eCF?i`_C}iYz6fW1<&Z<1a>;mCdCoGFfxC$L;fd^^6$^z
z5vm(_n9xrVIUM9$x<-v=R+57Q2TR5fjDAP`aHX?=Q-r)YCWhqO6Jo}f9wE}XvSqc;
zyyQE@bXJ67Swe@6R*q3V4bzEPc)hm#Iz3ZZP14BUVS>jw^7~J?PHEmpSAmAubl)w)
zvHo#aj91G4=E$pp+!&E5xDs#Fht5$KUcQHaEugsxOb^tS)pq#1qeo%a8<@T5xa3hr
zrR+Jf@|LI2=t18DV`ov2FM`@TNXUHi=SRf_C&G0!a%tHDb2Y!w+MmMaJiq@4GWM$+
zMC_z($xSX*5<ZD?VnogFG^nX8GM3epx0?i1*)^W<h*h<enNL`3O$E61x&P|vcW-TN
z)cH1ON0$14rGvwT^7&y<_p-#uy!WchfN#@-$I5n=|8n<ye-vF~zG}Q^wQ`XpSw3ia
zureUySrKE!%dBfo+8o@~gS`i#-81jhwWaXmMr_Iali?C-u78p9W9anj<We%6UJJYJ
zdg^DSUA#s?|NfpVGI27KjC3x~@t22{eL@IY^4lnBUU2-4v}1OdrToWbZy#<)5E0E%
zL(cc=?e=UQx3WmD5p9H|t2>2{LOSC`AX>w(TGKGuPyOh5E$eKJU3f{ez|DkCAH292
zKtt}+?)62@TBYGE=e2Kk&KV<moVP&eiK6fwS~94+jqS_%6$Y!+R*vFzIkW!O;m7*k
zMG6K4$2(YhhINwqi6-X73foVQyQ|~it#sS}9037O;m4v>6Tj16q^3T|Fo~y|(NXcc
zgZDKZmrL%W9cM#qPY<R~H#EWblZO3~Z{B)|gN1&)2E~M?{$PTjbXoD)eq2eJs%jL3
zN=7e8vhWNxwsI~fDN2*Xh1F3DZZIVssP02a(ll!NYnTr>ki{elAK_`tW*<%Q!_-ty
z+~gGTI`W_XZtB)?a(QSsZgqT3c?oqglhETo%vw#J`R8SZz59l6(tWkpJG8#p{PcBA
z$DEtLS$%PT_wSEFA%D0r#D2|Uv4trd5AP8s22n4EJo8GtX7F$~cELsnI=X?6evxOm
zGHoPBfH2_G4!NHidsvtb-G9r^yl6C2VB}<AO{K^Z=Q{eHlfQRRucmepw-bsb(nNpZ
zf|<!#c3IePXMJ_Md4ANjgu=U$x!@%lY-ifKH!%GutuNMP<v~46aV=E!AoKHNr1^IF
zG=|9RJDY#j0L==%``z7~a95Ui5tFG*Tl-`tXJdlFyXmPwm!gL{XKINnSIO%fINwvn
zbI8(VY45Tti{Jxj*(pld47^H!Ph%3W%*~5kQ?Bj_W2XA{&7aWtRmA<(xWfC`>>j4w
zFM8+xzm)Jl+A?XcJo^z8t@gkI&G!4%om^fm@~P)*c79={3WGNWdRTI|itE2_qKF7p
zAxe?_#On)n0}`F*QYde@A)Oxt8Fub&$G@@gH~!XmbY;PPiO%neoBR9sx)EDr4*F3k
z&Oux>ZbQ-ELq7uTf}M~lEEF2^0AB|63MMJc&CTQ`cYpMZ${d2DsV1kzAH)BtH3Ih0
z&)8=x^?SDWYr1f)&g4RBoU47;<AVK8s|vza{xUR!YGYIcU7>4SVfIqdB=H5r!eO~7
z8YbXVX*0%lW7+`c=WlXZ$h+0#qZ4anxTn`~cfM3oOI6Wgu4FO4qQAdU2}nhMj)JGH
z;ezr})91kF=7H8^$bn2V;7=3T88DYMN59dUA#O>?8KRy)KK-QHdtdW%b*GUJN1tQz
zn<QhxiBd7qN6Og|epJsNFXn|0$tkMR9G>;vqnp4azidP9Fc(@G>af3tc`02dHf-#s
z`%Y8};{PaXu6fRtSA}I#Et2NY1a_;lJKutnU#wahXIrtZr;7Lpe*339K7g#OPQ3Zl
z?{*ivah}6UDem#>oiFpZ#Iy0Nm33b<|HRB-WxK*N?Vn>q)H_RL#%&TE4=y&T=NmGQ
z5F2wW7+#s<-ZYiC$AEYH5)t_EXjf8!9+RD!j3@0Y7vN@z@b076!mLv6&``puch~Mw
z$A0sQsmg~Ouh{0SMF2`wvfosSZbx$V{yF=T1ah-<Fk0o=TSta*qhH<csB(Pt7bZrQ
zzf|Vd>r8)KIdL@;v=*nheetZDGbY9GHLpN_1btD8sgj{~ucE}u$gdn^lGz0YADay6
zZMO$*Lq1ne`4PNO0P-J&`im4(#mDb!mqoxt2wNc`UrLzKxw7lsSt6uKW?a2~%3C@2
zs02OTpH;);;QN}Q-F2;EX?rfgW?+g^^4MjLBG{jq!7jc9(f&lx6+-U{Q796nlxg3*
zT#s5L&3U@qWp%!<i=OJTYLVT$&NP_t;vqlZ=wGX#w@-<uxORn9JZ=B(3`~EJWXZx=
zL30w$5Gbt^#J4#o#RUfCjz(dXc(KoaAIKlQuu&giGEt<L3LDMWPGyzzF7zlsndOWo
zRPZ4lWT)t%5im&zrnl!0O?@reyqx?(Y{WMHz#=_^k~u#@^2;i!Nhm@vJw!qH_Yiok
z`Q@jswIXvQkUMB8i)_nd1~Jt>&*tk@6s%4s{FrJ+|2$(XzIn@5gUYT4H!Gtljp)Ab
ztXJ`;1`st^8Jt0^aY`xTY<G9HtHPKstypRWewDiNR5oX_uZm=&c`a`A3O?#)_lQ@$
z!y6qD^emveWXYT_q!Bp9dR?K)dnVz%js35tI!EHox|`oy{fHj%Fo8L%v7evfOb><h
zU+Zbk?w(1M$<5XL@NU1~fxUwCe^sW9`w$RXyU7-=+Rd0J*k-8(;nT2wS5WL)ugd%b
z{;FR={)Ul#Yr3aoRdlOsg}4;^V+7|fC6r8o*c)e28Vm1{_{*D&RWgSl0iTF$SDAHu
zh8ki4_5|%#L&5Jz+-oLZ$yX>=F{~Bn)wOyvhqABnU@Yq459wZ#V`Vo&ET2m0`{X1p
zvQqEr=~(f@Xm7@E;<LFG1pAPwzl}lES`o9lj%>?58yECApE~glrU*^t@^tTzn5a=C
zs&r*2_1z(gc~U%*N;ZtiM@n*5VQ8khI+zxUnv>3@=qMU6Lg%D05{CP#uR!dXsWN;z
z373GxorooW&H6e%?&EyL20lSl&wTW)WQE2M3L{AI1;~2@j1ti{o)PE?pz6i44?r-{
zKg7D!NyE~57yB5qX(OmhDcWBSnkQ1#(l5vr<Jh8LG9G>_!4CgH{FOG}A?cb@T_)?8
zy95<w^tGiPf1Tbl98g>-<#NKDiZGr}3r9;P5%nak3BgCcMH{K!LPKFjLP7hoyv6z~
z#$wswKo$pHlpmFR(|VM4FZ5AF^%ybLtw=2yqGkVT{Zy*Npd{cf%2DW3BkNFBkxxdo
z4sjx|&~lDD{Ig@}gsBx7lp1cNrbhBFFu^xB)$&w`Y|<X3WaSHYwz&~cU{ZL@lbu3Q
zO1u7-ZC8tj&GI8%byHKW_cf%N_k&TH`Dj{iQl-PL<Ks@1+!SoKw~ldedKfcr!(SD@
z7xtI^vp(;s@}uYe-gv3jg-%!S&j$>;QxpPY%Xu`FSNraJndQQ*gL~+huj<X?+bp!u
zxrhs)>AYooHYV#-bF2--)Uq!NZjK?V7^@d@+tNsc!MEqRZ(PD=iJY4z;@c#XW`#te
z)G~Lr9+Pm2iLM>%%w?U#6iZ8#``Ej)LVHVre0eyqMRReiU>qg)73-nwa+)=2Pvi#7
zHk1W|DVy@$lkX)Cv?++2mkfnbvUXZ-D^+wF*f60rg=apEtHSnlE{a#y1biex>$o9P
z*yx%pO5$RV9AZghU2;0z?>GwJQRnLU>@SEJa#GF=Fq;S&R?_b3Sn_K9uRhEqvIno*
zQcg;QZTNJVhDb8*D|ANe!_N`k9`1#auDOjbaaP?v`oh<~MkAm&+?#9(G;%(Qp#@WD
zujPXxtafS=;74}2&*V|Uv{}RY1O7tkYyAqmQI}BnK;Y1$ucQI^R^7)7d5z=ToP;aN
z>F?q0X!gIKoiu7bqYE=db!IO#$3@xVF8a#j2~|RTdZ1B{ea`%MQ<is|LnA%yE2N2`
zY+p7v>~oI|2AP=EghfCtWp!Llo9|pCS88JZlQt6UlpH{ly;5p=FW~xDy&KKyTfP6U
zi5n8U2=<>z+vvXcVEX>*J->vZAw>nWq@0}w@;i$+61n0>x+k7?9@_Q{uli8Rf8y(N
z5_naKmhH_T&kugwuZ@19B}*a;H4K+^@V~XrgKA@DL3$WkZgo6-r*p3Ptn6L|Rb@db
z%)JZEjTJq7`LPOy%L!PW`;v6Ez8$gjDe0@Zk$zqKAvZJ>AIw;2P9}+%fAI|iQG5qW
z`ur&MtVVO%KBEB@{#ydK(8|sIC1GM!kAu+?W#wz=3migg?g+&yDGsO=?a#Xe-uNj)
z#>LOm_mLYp*V^^|%!wD171PL(W$NT-y=Mw(>HZj>xa=Husi$4Fs6$K{nV8T_fUPm$
zbN8sEPF__1sP?8hd5Lm9;d8xJ^MGMF@d%s$_^F)K=^s`_yR!jBaC0t!t3p)j90kK#
z)fPETDS8i!qS;O-^OwLNvHNGk%q=Aq^U|2!4gg7C$s{$Z$q?D)r!3;f+`3a0zT}*3
zo+15FMc?qOM!L-VuC=l-99E>sGN48jlo^QgktVBJUHPMWF{n8Tn#Ad0I;V$WWJ*+g
zUn9Pry2WN4@gdZSpsSFh>WA)^dp^xDn9f1~n3McEIn<ww+lG}>AvWd%#a7)lvC~)n
z0HPsmuc2y%A-{y96>-h{&ES~Kk*cm-yxfuzI`9v|=JLD#(A4SaX*kXXGAZYzcgRiP
z-njEbDMVR5!R>XoW{;U7*-IjNpG#vI$_)aZ^3o!c-d7LMB+Z`kgd$1iiy;=G^pgD_
z+Xvo4+jnX7_od1_U(@nthhUM4akg7dCPpDce5gKXzeO)y%s#lXveD50QyL|3-qVGS
zqxjCE{!<FYQra}jL7~qb_-$>9`cx5CiTAU-fmk7QD3bnz%bDXm6N<vxPi1jIz(MP8
z&M*fpMU?;fDEyp`Oh{WCwJSO*YJK<2&CK)#)ip+5A6qaxOmvN!rRAQD)42Ah?s2Mu
z4|ATo2`h4ex)hzvG|7zdI2qDTs~Dgk9Qyi3{6s0pSQhh`NeHapENb$2_bdoh0Ap5I
zNOEL!xb`4bA5!d~WqeMq*ontZws9x%M~shosAxqR+MjSVI92$;jCMOVq|);0%G7|-
z>1lW+{e{0q7WR|Y8OKeMq6SjBsr<mdsIpg);T>a*tm#Q;h7UiZbNgQAMku~IIC+Nw
zg@{;SNk~=)(*f=-2-#+(ehXqoB~RioBa!+MmfchC8=SS>p|;?=1t^{u;klKU6c=x;
zPCjHlj-K-@Kd?u0J&gDkrq*-1HWMvM44!Qc561n82)MZV_@ty>DZ+EC7!^S4<;gFO
z!QU$#OxKpttQDqoxADu1>dW-kYyuBb5I($2tU5*k1V(XCeh8KN5LKPsNuu3yGiN_p
zJl;cmNafh0iiha9Q1_)FdsbIAgRv8REZZP%^gU{3{*^rk925l7C5Ex$!3Rhz0(sD3
zQ+3iHcyI~$u`%o<K@^xggBD{W#jGJZ*|LA`pvOJe34+uEO&pmuo!%eL)CltZhlUuU
z%FdOGM2z7Qa^kHTeNm0aW^#|Ngx~68#YE2)Y^W!hgig4`7%m3??y(FGOx#*QY#jZc
zW0P_g?$)h9duf~<pHde{&<^;strs5t)g^H+*1EG#)oR7b6O^mL>Wj&7lYC}bioMp+
z%e8(JfRoXxpLcVw=Om_)m86A1JUo%$6?G^mP7K^_*b4~DU@@am546eQ#bvj?mRVss
z{N2lgZ{V7RMPH4Pe09qtWP4t@?5{tC$HM{p;^Nt{LBDrR;G0Wo8t|n}UUdme>5{o&
z@X31N{Z+8SZuv^Bk_5SMCpt&AJAznXzs|suqg>KM@Vx}#{pALh)VblOYb<j@5V!ve
zm=6^6Wc*-i0183<DZG&E{pTofeYoL$@Zc?jg;RcZ6=SDIeaNk|ipHLN(ic-hLqp(a
zpP{4<MiA{TJeU@X-E<ZD=pIu+UO(XrcP8cO^<h=r&Lxh_>%ADg{YGzY4;p8e0r(Qw
zTr9x(V~6OAz%iJ?D^p*kKJ9R|B%Qt~kGE9wJU()r6!BlZ<~bCmi3)Jk^%l}d+}HNJ
zxZL)3{vq^fxb&8uO}Dy`+2HEMM*Qcp%Tw!x#3v>4p1qeMF-&13H*;T4i<JL{ZZQi-
z6=Kl4eV=f4*KKxm^GAIPPqlO7JtM_M#_@;7GlZQ4yFs-ju<>*CTfnYo7EnIsnYdSA
z>JM}X(VaQ4W(&AF_7!(N(9;|P$wK>S5^@?mPjT5$(T;bU`rA<xry*+~I&qG9yqi%I
zhloNkY)3NcX*f1Ew)CtnJ3Cuj`GT%k=nHZ2kBi}k60s!{l;@RxJ*sA<;+Wo>rB0mQ
z6Vw_MA3pRHi{<;3O$RYgy1e(|fG0|VkYNyddn{-&b_f|RG?u2@m}t$*<{2BzM@u>!
z_w7o!?omj4W8mU(vFJG0VE<*S@r6R|@u!$T7N*;avP~JW@Cqfb2Y7N#b?Lvl^He}0
z-Wo*#t7J>&bLRd`RfVqjn?w5mpexU6`WyRl?eH2y5ubc6ysf@giYI+iOE*c<lfHsb
zTvN%DJ~RD<1qGTB=3;^hBM5Wxfc9!2Zm%mr<CxoEQ1EMT_fsR#J`@j?9%I6Pj~4?O
zxVyKR2)NizzFZOLT&jC7@TTx^Dp7}UNZDpj0h_5P?9@~{FaglL*O*$yV%sY1Rae;K
z@>KITer!+UA5W?EIQ}6=z3M)2hdzIW+!+csRPfOCgo9XX>HcxFX6%LNJrL^dF`?yo
zC4W5OMbr3h`wQyjDhPrV{0-OhB(F%cga(Wm`EDjhbG4L(mF|qqaMZ-K2Ak}0`JZ09
z{b_wE_-{yX(e+)l5vc%K8I3Bn|3MwFmCpN<-eo3EJaSFucy)Ezl}qlfNG)2S&WCOU
z?r1AK>%OqH=cm;6?5$zcz=tisz_4zp%&?@On+Xxj3J)&Gi4OAwIf2i_D@`@oMdO1z
z-Ou~T)GpfccrQ{roci;}j4Oh8j>bFgTJ^&6ss|ktMpfd+FK88j=ux3lm9J+Y2d?kV
z*a)03xeH*|p=NPw@@Af@buTP<In9Kx;6c@9x6S?yQBJt*0p5inYQzFCK`nS8C+dC#
z-RlWbRxi32>%qE&eR#+OY>iAD2h|X|TlzUercR7{r~Q;WTP|TsoX2*};Q5M6Y=aq`
z_Cr8*xWU=);$0{2TaipnhZtk^9Ns?8DR1^f)w!OiDz)w^Csn}@OU>N7iG>|rfdmG-
zz_Dt?yc5s6rT=Q|@4WOQqlR!Af86D3>s~8jfn*H`B`+uNkfVB_r*?Gsj|nif(OVEY
z9vn^r=&HjEB;W#J9ief72bLDCVPI0)(f9`AyQ_}oN1Bp2zm5B;{`2Z=yswk}9!r8%
zXt_=nQ9V_)GcR(I*tomd_pH&+5(o8K8%i&+26FyHuyYpzXZ`&wQ{I0;1~KZpbFC@k
zXpJdDR5E47D^Wzl7^<yZmP?D;uW`n@Ec*hs#SZV%cn-Ut0N)a0BZUk=qYYRxw*!)(
z+_z^AVqnd>pol;k{G1Qy_`CDN$FdvS>3qEhDv5RMCYKZ!;hw>(o$H6+D+2@>ekMOl
zYVB(wKWB>FNtC(R{&h{@@1tqd;$J+IILOzj?0<Mmuh}5lAuZpds-pkRMkPLgU6E-?
zEm<29xd)QiyyO|(-@Dh)HC7?jSEVbS_Rv672+DU$f-<qcOq0_Zf}qE?Ap7U2Rp@X5
z&w1-q=&>|{#_fCnIkIhf6nt3eex$b|()xQ!pU3dzK_gDZAvkDtMa(0poI}OB(Eh9H
zV0kprn^;;}w#eaL4KaDx)}Kt$ce(JR_(f|sT7q_pH;(dWb&bb^)YM^Jem$HiHlJ>X
zQ&LEJ6$<G*JUQ;0V9gul3IiuP(2W{SL?bcm;yrp^hznE{f(PF!;Dc*pAzf2H$IrmD
z!KP4p$~TU$Zt1i5!YG9TeELF*p8TgOQ3zAU7AD@;-~JlJY$(ar{X9l;jLV%%6Yb~t
zyJ2MZyOX63^m~?igHZ)T5?LetW(wg9SFYb)S?QU$QVM$>rHvacb}7*~Jx%82!lvby
ztFo2asC%z?am<IJXmbUw4(-0j!io#2uOR$^(4vZ3sdCx)XrmfDi^`GD(mr}c(DDm>
z3fj@y_-TDe`!8fqIB)01=q)rMvHHP3H{dZDyI;a@!P(}D;_3XyVy=k)+L=3Jr^_YP
zyydSS=w-M_JG9Z(^_$?#+Uth#e=m##-YfPivQA$fIplB3bWE0}>%8N3Gfo9FORL=+
z#UAEvq}%2o*B3LYi^MEC*}A#{_%2fIuMT}UjK}nz65fohGKQbyQbOS){hGZk`iRL-
z(OSx?Mz)ryPyxU>eDMmc_c(F_#(MpY9mkwP)aUiO5^7A`Xg~+*)=^Ve<F~{4)Dyk4
z-0vfu*TwS^6e9ais&)^%X%a?m|FWKVkC0EVp5(k#uN5Gv2+0O)XP@)!Sqa(@a=>hr
zs}<;$2CKp#aP1KJdqN`G(J@$%?{L<81L32fhJVM4UMH;jwJF3eE6kHw9AmO9hCH4>
z=ue$)MiR3%H+qgLP?OKIrHu(cMZ10<vo01pY!QiV%k{Ir_*wnX)Ro0!ja6|rP2uJD
zLnZS~*w7u~8+P+qo}ywbYeaQWx8&s83dZ_UG4KGxE|LQtBti-^;gCtzvm#0k0k43%
z6$IfGF_3#lEGRuGY90wFy$*~OvX|%s5k)8MjuNyHIRxwvVT$sdU0$9_#xw^htuM|N
zB)kq+F18GpHD`^1zwp+g>U4_L6%Nl1Z#*!n>BD}7F-Ged^yyjsT}Qk$mbsY~By&^g
zHBmhWMtuuKeNPCbBMAQ&HI9fC1S3|;?w9wGPfQCTM!g{<An_;|&+5GZdc@u{M04OD
z$;Snv`uPyYc|e|zA>kPh3LQgM!Tv{`;fVdYI9p&JEO!oN5w8!=-O~TQO+XP~vWk<O
z;i_sMt;@K(ov}65ZxcMUA6;ajP@1g{{&z@4lx!48uowE~pvWI%4_8<ELIHw0bQmJ!
z8m^Pi>}0IrAYk$wCJ%vw-a^4^QV3v-OmC#Wq(Y50elHeA=R*;LT9<RU!}5@GXast`
zh*n3)8U$j(g2F)XGzN&yV#f6hsw@<QmwPch_sBK)IlGJ&t>L{+F5GE#r32&gSj~Sy
ztj#MK_#)J}!@Q(<qTzEamz2^rJ8yd{5e9C2G^tSe;@f&9%6&(6G^l|V!Z^|$8i0BY
z-QY!oQi$OpBig{RK_D)G#|DREz^(_r(Cu<zvST5MvEis+1|$5G54aIK5-8AEU<QVm
z)&W7!j*he?1{p#@x({I8oF8~dFDzsiGx{Ln^768DU5P~Q?SZ;`esFH8U0*80_l6>s
z3kAE>a)E;>s*S*BFXnp+G|QOrziVjFy2z+&(C!t=+YprU<S!}6xG5ZkyBvkoPUAvh
zP>?-GZ!)YB6`Fz3%>npd4raEVPbj6wF$6*2nXTY=WM>;PGGr7|KHVhw3F&~wN+lIc
zp`bbSV|=?UL|cQjyT}dvh7<-j0&TZ|Cx9D4qWqCzeVEk5M=BfNVG=sDt{jklF`Qty
zFj2g&r0AKvA~kanF)EZVDs?$SRvoE>MT9@-*~lbRPEBlgkxP3+sGG#I@D6cVzzw+<
zAjic<DqPURL8wp#4Uhyw&<og^5r|3G$o2V|I0FRk4#-S!cnX1nfveIT4<2j<T`0JN
zQWAIfV1}Gb^gu;}CE)c_iC_msd(gU)@GuY_qewUsTGo`SQi&PqXbkO@49QIa8<#{2
zoep!R*Hcdn9elgSY*2?s$uamdVj5=Q>7HzlP6T&NuP#Uk8<^ESgZ3%P$ADeKwMF1p
z=Fs-ENFd<`MqXpZF)1N4I|N{U8{}w2B_C<1%QS569{k<|6S4Z42;Tu7UuXhK?RD3o
z2aSHimnm6whZ@XI-6w`2WNozXfYdUIluLGM>`%mRWFp2^+r%}{7#+)1qMEI^JH%JQ
z;D^Ea<+Yu7iagP&(LX<J4NHOP5=Pg2NziCmZJ6{yE4Tdvm>}g7_y%xG<6l=gOXrra
zcmwNk?+(P4s(ck2b`lT?^GQa6*}ztZ#W{N5a&JMIcX9}4NM4gw%l`*x;&5vPr#JcC
z4gU`;zH^@2MXCEv&3Y_NTIF!OcK~A;-;FemBb)K2JFPnIBLMGiV@vfC!Z_i!_-Ne)
z-@zBS&}wFBNVzKEnnkF0bUWU<(wd<>RDzh*lL{Bwg7F`&Jj=j_ih^N$*ho=oU@*NK
zT0WP!kNHzFdNJ1w(eDjT&1ijq+5lK+F0SbR;laayb@odC2L$&anw_(mO@ru~TCfWR
zc^#vgAGdQAg;|jJ1%Ap({}C9N`n@3h`#Vs#B_8~QWSr^eiZH_uJj^K<NawT*U@7eK
z5+k=@49kJQpn5M9d=rSP;k1tfw>2d19uITrzUFBXkC<!vE&ne{1f@Vt(@n{6VJe8d
zXxJ&S44dbrg2qNkK;GHQZRbSm@z)*!gD+vqKl#t}s%*l`B`aA3*WdDBLl@sdg&*lU
z`<aa$|HB{m-Ur0zhl{C_*wEK#NEs-Z$}0h;jX$sf$*&e_LI?v_?2wZne}a5P_9;p1
z@sP%plVUL0lL8We2xX)ez_^))ut7{yQ`6if*2W@RBB8IHCy-8ZI62gOTsyqP)sElJ
z@jog|RJ|Pw7w>&Xj!rKD#x6PWU$6r0&(`2knJU_1zil<*pQ+48(gs60AWRdw?t{dG
z40&NEwhq8>Ck!HrYcB|c-0!o3W3iACa$zUMFJ6+%1P>Oqy1~9>{{L62odup72I(aN
z+3$zewtz1%Bok!8A2whEvV!pTU!PCl58x3pBiU&t{T4Tdt3P~HaKwBKUuR{Y(k*?`
zy>ib=SMU?yZgm5=%Mh2-5Gm11^u<ysHJ7LqJGjIKIF4Owwr)mWaeBVk5MDv$SVKcM
zAT>ipY8rzdrJ<mgigX~gA()*y3?frX1v_&A1$*@(@B#a{FI|?<tcp=`Z1ZnIP&W`<
zyRZr$mU0i~^o59mv616t1WGTuznw|?$dG}KX<6X{uh3u@b>PSt?4J`ha&mIoH*+H+
zsz*CpGQ@p$U<cDKWy5-1NsZYz=`H%j=A9>DTrRQQ!ZUL%!sgxZ+{g2hBsH~T$p`>Z
zAgd{tQ)17YGGAP&;y5nLM#2g7xO!LR^+BGRP|6C)0qGbpbxoKHPWVajXI!etcDye|
zEqw7~S%`ia>^z}im~tis07^Sm@ZdV)Xh=#Bk_==YQo9M0Prybxgfhd=UV9%cl|F0&
za~O8t=$VM<Z;TShdH)$-4D}at#Bc%LPs;!Do$C4G09UfB(|?|S_-AXW75?r5LIZb)
z-?iAq0I=~{le|!k$9{rdAJ>WRVuO`whYuV70Io&{>NkMg7ZrmO!X@oGAHckrI>fLx
z5>#k%*cd7<84r3OLAMYWdS35b7CO)&-R1?tCzk>VnScolK)P%&P#i9|)+!l7l%_9O
z<3eGFYp^gIPD&?pahYnbw5}u@|2w1k5U&U~Z=NgYG)fQe;TDKY^P@qRz-Xl`C}nSb
zmr5om^O1j`6Hm^?3#$FxYbuwaz&P%QDsUxp!VQRMYYXCK-55eNCE!!2P*KWmDmK{l
zSM&eIDMo8cf5d|H-m79MJe0zt6zxgF)a8v3$u6$Y@?HXBm<o1?Rbh}eVIQoLAS$^L
z6JDC841rf5!KxPfiDNWcI!>xUjj7|mnDVe0O~zX)m;TxKKA*SP3Nvy1t4B(bWE?$X
z$W$4`mqz%Vp3Xg$hpb!nk7yh*SEDQJx6lm{^zJ7X6eQU+D)N^eg1JKv6sQc`Pnj^g
zPw`jg4+%e95Ua#Sc#;SkXck*<IenNkXjcI-{oW1wBMw`JIHb}|`vtA^6Od`>RvElC
zuN~6h$<69ZZFII5Ct-_QsEz7fRS{UGC!od=vlqI_Xa`K`$Vi6ZavzQ%9ri%QW3V^B
z)s!itz?5kr3~Y+=g#k#vfOhI9F-)ZEV45IWp1liH=l@V_-DfJn@+T!cc-t%a_y|nM
z{cp*&#WF!$Fb5K~&Wja&txn5aSviT%3n{>D4(<Idi8WvLtlL}Q@&tHQF7Go5V}UOD
zO5<F5Cxu+Njsb-iciVNDT41EmoO8fB#d$DMcSTKShQ9um4Sq%u*2bHIDaM04_+H|(
zKWS6-Dce@AzpA53ouG}wMTEUUApRlP^)>?pJ>~PsUsf2z2SVQfu5JZS+(N6Ll(Kzw
z5!K-EZF)-Dx7}#}TX8Y4+hQVk<t?#%yn+PU7Y9vpf)8k;u<Jo9c4Gr=|L6B|nS?ip
zvj6vZYgJD5pvB-L_uRI_rp2`Khdte{$f<pnlB{}<T}>OiabBqThaS!kII#XyTH;*+
zY880&sU0e>O(ie5@lH7>12#~Nk^g39+NVKspoM15;A<0@Tf_n?I%xz_YXZY()v@8)
zx+cC1mw~9zdm<1%QU2C=936ZB>&tZ(VFGrD8C2$<WFab83*z7;MA^OShz?aE=_V{C
zwQxF}eQxgO@OXct(VsfkLnsGMFP7Hsp17{R<k(GAZ)n&xyGFdayz0CXI}HJvZb*5a
zJzRe8ipdnRu}~Gen3C;4<G22k!7p`I$DA$cywQxsH)h1dlC>?Y0Cj@EErmb|?DXr+
ziXG(Bs8C)q5Sf?fqoVZnu?n=kY?!kR$Cn0%zUEC@L`^6rgf#BLgBEJ`zaxRwK(Je}
zknJR(Y;_=YMukR%fr09jn}m$^E8v8u3pkr-2NJYOf3S7$ZnNpExCCl%4E{buubqMm
zYhO|dx}5y|nP%~{Fxx2`K6HN2gC`M9PaerYFnNhv&qp|A+SJfc%UnKUJpC6@DP6ir
zdWK@KBox6J^;@<z#RvvzP{gX^%*K|w-i6sEi-OnqLcw!HFdsS)Qyug^%)IAwo?3oT
z-tZ>8Afurc459{M5~IF;0}s}I-ksS9-k%V91GnUaYX@yl5JMeK2Eq_aX4<~F3`!~S
zYE`uvgo6PcXTS+xS2}0^a^;$d%Lz#0h#c}MuRQ?ve%BMJogP5LQ_#(@>En)^gs|(H
zOr*t!Ol8RWFeH%RRw?~8w1a<AQD;iI;uY7QSJCfQV<@LBE$Bes*<M1cVAts(@_#&_
zaH3G~JQ`FL2b2k$ng=dal5jklk?Vv^8wea7W>oP_1uDvi2gl$9Kl<Q+p7+6+iOE0=
z{V?Xz7zoiZ4m{KrN|^~O<q83}Mn;0mfkKAh*FTc-JpPvlKr!t)YHQul9oEFaq>xJw
zs8giwm`>PP{f?OYq{-ilD?*{G|102f-ger%@{meUvkSIu$+AYxm7x81ubTM*yrvye
zswfF9Nu!rI0w=&F=hDp00u;XXyDQ17&I#IMAw?<IW?gD=A#Z!2lmthSJk)R{ei-v0
z61*qR0p|QQ!=ztl@%(#}xcH!Sy{`IQ%Iz?VR&g!sanm5t^-GF3uR*<z?Cx&=W#b76
z?9%FcqE0+we~VQzVVi;S&uHnMoU*AR6R^I!1_}_AVo{KE3qh$tOd;Uzb*VX4AZd8}
zUm^^@)HqkTw$G+|6BbX2VDof>=GXlVS2tkqEuRGE0=!KIF?1>%j3|x0hV~AIod5>j
z$jY!%0wqz90suMy5QmCPs0i*>>r2&`<qG*{JlZv|0hctWTi6VoNI6$vo?FO@^jc*|
zH9Ct>3kbE>Bf`=fz6bgPlt&eB&Km}av{ivD(vE~8CbHXDgWxgfv!q#tU_+?7bpT`Q
zzqe4njCPjOV1+wFREvIED0oOG2FNS2Ec|5OIu=2B7C2Fm4qAv+F<TCB_j~w>uwGa6
z;ZwrZhh_H!l!eBH3x)rChKbsJw@1K#FPVRN@goY_&J$<r4(*mY<`v%oEg7kBCw!Ar
z<emN~w&`0!M4K1!j@Nh?ye9u`*qk+!1icHf3KSkkDU>kEfJ#gd$ij&#le&f|08hw<
z?XVg^K@t^!G@n%SUU;c>TQT?pK-5IR^k(gyo#V>Yy4RSkC$Jb?MwFD-hZnvVs=?X{
zo$8hQ0N>=*jkcJJv!I7tjRQbI!0%LT%|5YAq!;6r6`q=~p*_}HgLm&x5kJ1T>$WFK
zc8SuDBbGqj91bDzixc2v7<xV`Tm{-74hYYf6C=_}NkGn6SA4(w3A*@X(0llprlIFn
zjgoVUk_dYsR00|*@x5U#IoMDqI?xv-X~Zf~_cR!Eg#~xfMi`p2Bnpni0NLz?l19Uy
z4Y*r(fbQY`|I!GoF2gxc*Y#S|uYa3>E%Z~BbKw3u&6D6TSer(zX9UwQUV>|^JlW#i
z>nbhfqf`xS_eQ1%aK&}0u^Fh>K`p@uQvR(Jy#K7858iMJk$I1WL_%ny+T$LnRJ)-%
zr**=;HKDs9>Nu!SqADEt8YymFWZVZ*JE+H~*o!X&)WF1U*z3;1Z&p#PG{e~SLtoF3
znr#7&3lq0RM7&juMBhA@DUw6$=+4BWrOHqrS3-WMKc${e6pl6$bZb<>U8WlcELCE_
zT`chO6+qGx4;$&k&(qai;ed{O&IXinD@kwZm-v8!0R*1aoRWzOg_DK?I1$kZ-3)gj
z4Rg5yOKXQgL>VOD(JkN=n8ttq#W>1aL-HvW78b}GyNud>xbr{H+$X-e1QyuuJ6~s(
zuqW%L=%iYNZ1Dgqfy!QNm-#lJ@PR8>+Es|4kS@><ds#tX7UMty=>MR(7QJPcS+iw#
z|13FR7=SQkfDq+p0KPDBHUSC*aT##zya49jnk;oXIPH4~bz%wAGdMjGJY8E4V9n3q
zKWIpj5b)z)z;>DHf8|jM{V;Aai<w2!VvdW{SEo|By-unu{_Mi{e=#Jk@3$r5NR_RE
z<CCc*f<#Y&)Km;|Spvk0ofzYrWAHI}@8I?NTnNV))2A?biQ|wH=PFAK?7EEC$ApNB
zG&?Bk{sGLVf8g$QCw*uCVLpw8yCx~TK?O?h4TZOXE9MeU6VZC78~<j-vw|yBE!!tI
zqz3}%K*2)j7Rh?3Vwc)*FmKb7(n0^kx!xh<wBPXfzl987ug+t!Two-WH@+V6?sPwD
z*`^KbyJvmzQqM((J<DR(eh#y+7=GK8M1a$MJNNC8efnGWMO`W+2GR@AN(P*8aA%%O
zE<6rr_FFLx>}-!ysY2SSf$FH9kFwkHN_xnb;@wqN2Tu2wQ)|aS0^la4y}SZy?h1zW
zG{YrnZ%TNC!kM_D@znR4du5ev>~>YeUbdYV<gF_aw5>}#Fuo)G^mhr*km?D4NBHBp
zBti?f+m{Xmr~bT?Cb-@v!79TyS*JS&sH>n#L+-gq^H)vVzx>EL3B{6Pt|vnT^$voh
zQ(hQ@B(S9rWE5+$5oHokaJdl#{tpL!y$OMD!<N33hMhz#&&-f4J~5;>2z?3FZWC8n
zNNC6VWk}(LpY&^VlPmZ}=|wEO(xfB92Bn0-=&WH7j39KVkrXy$rsTbBww9!mHnxv?
zJ0@wh#H&-w0hiFih6|IRB3<Q0UZEmQbwgaVL29A^^5VA}gWM`{PA3!E1MJ+1BtT%o
z{}qFSNJ4>}sjv#WdkbbX{5J-&G!Paa;{x)HdWpomgJ$tIN0+PByKO2SW!ei{RUtZg
zW4PY0CWvD)m?|~vHCc`$KhfO(Ws<lV1blNRb8mjzsvCA~rWi8AbKazv{}lT7U20v4
zxQ<xjuCQ?PIfq*-z+s{tF%9MM{B?QjRtCKfF+vDx)`E@G>E1y>+hRD-?$a<A&;Ns$
z_$;hJ1_&%=TL}2C%i2~i8Z;cpuTCTf0y@B))40f%FlpwZ3s@<m3bfZ1I%STX_hB2>
zJ8Y;0`gTi2MFr%0J}Ly`^ot(xhYPb@lPL$p>RC$$YB4`321kP*-5vWl^=dz&Fh8e`
zW0(S|WhyUY{ts9-7JYm9y?lRO#6DB$t5dV3WJ6#XnZ<$;DjLNHdvZs2eLCQEdhDog
z1R{*8|1gZbo2_^b<8^|jf6mly0n={41Z$qt8iRDvpfWndePB=~4ecp~l)NFfOhfJ<
z058WkVa(cqXL}6rW*z5w#7}sI{x@3t|ACgs*-JSRky?#fz>g7&{v|nED(%g&^PIxl
zK+FlIbUu56w^?mls$#AUgyKtTOh1jLzZgJ-FM6LUpTpSJ!>uSUPM6}idQ}AzT?XQz
zJBiP}gJB=hM{<=^_d?^xV9f^jfJB<~fY)14oGKK5mWWkSkmoT9;P-<Skl%%%+l_a?
zDIqtdeH^NcSj^JglZ_$2_?G*CqopPPP-)N@8A3<LY@n)k3^`krdgQ|YPJEZx3f@!9
zC$uOELL8IMol3GI2H`MmLdG}nC7qAgR!%%%al5oQ>i`9Sj0s=}lQcSnu+^gVMh>13
z7i&rcfl@`my4}BOdI|8lxnEiEnd87ue85dOz0>eA5E9ut!;~jcTxp<^w(-Q{#C<zV
z#%rVAWc*#?{7Xre+YpBM2}))7gqhp@fSh=Dx6tO~B%_venHIqGC2bY^JxAAhr}`Rv
zMum!eO8Pj~s~vt_bVE#F$nfzE$d_h@3lk@tQq<?~;rEsMZ4o)I<AA%JFVaBe*?QY*
zw3_NE;EFlqxYOP0X=ND$&%@RA_{g{))w}%<@F6=KkBS~ecU8<UEe-u>zGXcaa>u?g
z7E;~wMB~;Q68{|H&l6uA=o>GFTPQM$Ds(0h@4bR1wAARVCb03>AKHdX_4^a0xKHhS
zQ|STZmE<MnhM6vkysqUyj`1<8l`bxvZd)k60C=W_dE?nE-KF1)%r!X`Eq*FSkwCID
z>Kj=!U7K*Tv2<!Z+Zh<%+A8Y5FxeT0x@0DvLZ+*`A6<X-pJO(#*?G&gaJW-FoTDk3
z!*f=o?q7Z0ON{@W{6r#QuES)|7tBL&!J<O}N-n{dk;|`sRCobn<N!Wl)vb2{-dcVT
zN@-}HnmMGGD&n(V_+O2vC#5q=kkD9|H=^rdvr&NB(f_h<S1mUEtatjV!9=3tUwPY>
zk;Frp#?_yP!()-4JG1^$|LwEH9~8yjCV^^;X@hF_vuJUq{!i_7TBIhPS6LJ`9wwgN
z`^{z8HQ9W}T?W(`FiLD>FCG%KA#k-VS>58ziH>H^u;9sY1OD4J{3-eadOCgl47=4C
z;j9((Neqy>fUFmzAd6L?*hU~ZjEP5+fkdHr`xuDRteXGXN<WF%zwQht=k}Yv%c>AY
zMrJtmK3G}!PdYDClQ`xLfXG2h&8`L0O!HmNtGpGa=>T~&)6@@;>20eMx7WRwu`!w7
z)wSI&6iTs$=M^wX@%4v9pR1vN!%Uh+`L8Nf6ac)_XMZZC-2C5b4ln#zPiqXZg&284
z3pvoCg(Qf^K2kiG&VDH1J$>CJ^E%^-9978e`s6Hi#`sE7?&&?v4RXi#;ls{>z+?KO
z0Oy{-<8CmOGd(@CdMuoV3Dm!iXC8-&v_swW=}U{9ta(@uTelJGut3{;4F8Q)$G>aK
zR@qjlSZB_Y!pTwIfvWh`Nw`qx+bumtTWg>Agx~EPrtON0;lgB2+mp-hKiE2z`K23s
zi7vF&{(2?%fKPOkD@`;qJK$`vB*%|cZbVIZm)=h&!DqqB)e;Oe-6U~SbC3}3L>e2;
z@mw%XO3}7g*i>4}7!lFtD>{fS;34DiwV>x%6W>|jAQIYoH8O-e4uCAwA(YcT9#BvX
zz>}5LhKC2z+=#&WK9AK>r(K=@lOTTx=j{{oT?wq<veWkuJ+glqEabOcZaoN&$-0re
ztDiMph4ByiJda1AWRNOOt336)z=GV;|Jxpo6YlJ#ruGF2kMZEX)TS=VtNx~7ir_mT
zfz|ZOhV7#V=jJNQUr|k6M1cgJ>Aw#4n_bsk<axXf^bCggTLo10o<qn#sjBs;Mnwki
zLT>buRHqoyDlUGGO7_3o+a1KysKPs=I^rCH83m^hNGxq9(R3HokiyO)!ReD*D(24F
zoA1}|#Kh{dnmnf2Y>n^6K4L0y`j}C@JW^xqa9caFFPRlR&Pi1zy9w7<t2QH(OQCP9
z9!%vIEA`B??l{H|)ijtoWpKM+8u$~zN0k(Opg-wW^jKdlc9Cj<7nfhnVB|<TMz6VX
zEnGObIUodm{G6Ras2cxht)zq<ShG{CPGS6s4!wMnlr{6>dzqK7l}`oObJqx<;zWV2
z1sQ`P>Q5(e>@vo}N<z)|XT#%6&|Ylww9bp~S|mB#mzcuCCX=>>od4v!s|A53te3%y
z-SrKI-Nv8fH0QKy25*OKpy5E9i!aT+uLiD@D#&WxU*aN_|HwYzW=tAy+&6tC&n1%`
zi2t|r05slgt$(AuTskdBJHS&okPK#qp;yDBa2$mIm=OX7)WmyX@@p``tN+0z18lfp
z5Xigid3RS6c!l;KPBfSAXEG2JYyN&g;>~>^#rqWHp38c1I?r^8`@{Ry?_7(ww>FXR
zjDJNVh85rH+d16vG^+(uN4Yiv^Y;?}a%Ef&Z^_)77C+Xnh{bT7Zoi$>1(-sZhLQAt
zu$*>y9mpPANoI%{(!JiQ-h&f}LiM;38YK}~AuiO!sCl$-C!m@FJVYAxfW)ehaNtjO
z(6!OYkA;<K^TJ2BKOYTKA8%uu(4txXwa?obyDxKrcZS9Yg@CZ}UOvekNG~uH?f)xj
zsy%Ebv1p~aR;|=dqUAS}0o+Y!^f&3)8MRkeTBM)$+P+A>qpAasV4g|}V#2`y#?irt
zy<vs<<itSQea4xPC7xcT@l}Rz;(Sj|gVsgJVhhEKbq_h-2YJkv=SKT`EZ@E~Hoki&
zVyKLwhtY7KM2i&uy19KY|E*x52W_O1OGS>63H`%dZJw-eZbQkV=6@g@V7akanSiUX
zVXCEow*Fn9oi#Mb={*mSC~_GAEm0sC1`XO88A_?)y%ES+@!oVo#1C>zDbDA$pvBBo
z_*g%C_<p2gn;``#h_6Id3K-^<Q8hw8t}g*K)G}-@ozL#7V@wJU)-nF%fNo4dG(cQg
z-#|P9FmHPeM*m6LDT;#2>tHh8$r#xoC(1<moG(0ol`_L;&7ke=E{JwZ^n&rO4NW?b
z_x#OeCf!k1;Fe01pM7xp?Qpn2=k51w-!t^H2o)AL!1a}>35&rDv#6s(tXv#3s=&gA
zfo>jx#nBiCv^<>yVY$VL=VfP!`F6=7<78ibC+_P3YHI#+n^RS^FC*=d(RTJAwJKWp
zHX$)>el#b1b{FVG1BUHb{?+wfN!HH4`QTSW1#F_T%6*&8PN%jM!q`0`t&SK2DQ^y@
zBxX^{x6@2Oh52AUOI<wuSaCnK@z_2<flj|eg)s=I3}4PD96NY~kQ^#hZ<U)VevJ-(
z+ao30b^+T^d%^k%m76t9gI}=+DqAom$-|mP0)qq19hMR)82jVvy^nkEt{N_ni`Ivy
zOdqek;~bYC8F{hE-Whjc6{isPrFx_|YHV7vG`wLtd#m>!3ZA@W`1OBHcuz`x_UVf#
zti$nS|1caFdK(#~{SPz9H4^zkie-%umFhz@Y*@&F7MRgD@gNYD@>|ds4tRVq*y6Kf
zGvLxNRcqce#suA_9-vq>p?UZlZ0S*@dzo6+Md@=W9Xx+N+Y?T)5T9?RN1;jE#<aRz
zRaK>Nr{riz=TIsHVB!swU<H6Hoy_S=1qAtuJb=Y7gG@0B|NZ)yKuc{WkbK9_<Et1D
z5+6qZo~16{6TA}bHP~Xu%8LPofb;Ns7eHYj18L3`Hhy;h4*RO+<}|!s)^+e}U1=i_
zjOo4XuKA27tm@0Dts<@}1#r~IsLEHVXK@<;qe}Jfa?ZKNnSlP9Ni^CnD&VZq><<Np
z`}|hddWPP*b}(c4!uK6wU-c)fF!xIG+L8<;^c`G)`7bC$kCc#PZAh36{{Ki)|9fr6
z<+BC;t47PJw(kIm@^F^ixR1x<!Q1)Ch`2zu^Amy$Kxmhr?EJK6)ZA$wefG2CRQxmI
zvW46kt^ZpF2&VLdDNJJ%efE%cnrk+fLFh#AS2Rk*an2;3(8!U{&1YCH{6a~bM--gJ
zADi9^4kj(@5`B8q9ci(>xOuyl>%BT$<a~8})q#_@(si=#Zz`@^zcJ8%w9<y>Z)$<k
zBmAqd*4Lv$kf$>m=xjTzoJk+h(w<@xy4w=LSn&xzuwC|%>)_z|J;j@ixU{?xuK-$Q
zQ^|xo>FY!uwU&L8Wm2gZr*G9)AFB7{>HfzdIb$I;H4w28dHNs)9&oJ+ROhJ|4L|NC
zNZ&Tyx5q?kwKFi{IHdieuZitALrZ>Td&%Fl*wp-KT&$w;SIIU+#>+3%ay$z>Kic+W
z&6zH_E6PW?b-K&Wl~aG2x7}pQW9=mWVn>I|&*d;!)ihXYUIaIz^HGA@2)m>&nA?6l
zW%bVk8{Xt}m(f$IO1lS{jKMVidulaXb~{`<eW1c(ao3e(Bj0Pm&!j2CwwHK+SLOY*
z);ajeu(;0DXBMsT+~xeIM2^esu}E%*LmwTQpHiytj0zz}Y?t(iuOeFC>c~hJ-BPal
zdgA>-CR3|q2y+PNekxl#Vdh2a;3%W-@|if%@m>d-(*dA~Dt$;i;DZ}kAxw)+jcx$+
zL16!8&^7;L2!P`f7PuW2)Yl$?^8-+^<tzifngrs;rx!2tyEYQSN*@P99{l@Nj&Ww0
zgpQwFy;oLMj18$r)oy5Ps?zDdF|s*7B5s^!{G6$MeG^|O_`nGum@Me>AJ4~>2_mWb
zo7Yxq>wf<I>|bN%lIW<Pz%j_0V)f2&`3*14?#8m6{^t_2%-8Flse<0C?w2fAZk^k0
zSK?PTgCkQ8i;Pqclhyf;En>ceU$F_#zqq~o^jrM(;fJL8INkD)jt!EBztL@Khif|;
zEy777qt)dj%M;771YWG!MCjfUU2m3oLR7tfslTdQ@jHme<Q+cb{`33JYkQ)g`Hb}Z
z&+b9c>$v+a;>@zJdVOQr+fEJRxeREVUq6re*~g!h31Txm&R4QxOd+Ll7K(V8KGkqK
zty(eFUqJ)|o5e>=WYp9o(4`6kS|gl&Wa@^HvFjuS&L6!>gZ=iN^+AW-fD5A`;k+=i
z`>Miop^|+!_kN|-r}L+0?7QPfO7k?<q*0T2T%^<->=Gs(7xItE*(~}`57K8nKiz_5
zS8T(qX|{=+V@hG5k-QT<^Bdde)*@P*iQ!7Q8!7RJlU+14Mx0jjrwS%XwO<c<4)Uu=
zwOBgYHqYwv&*+|8J3l0;p2jSz!Thob+aRok5pgk5ri#!ecGz1%%uNjrFLlf%MwLJd
z_tFjR0-_5{cnKOs1so@{9DOiDaSU7mceDzMCn(p`!i*419_xOmD3gRPM&Nx8NFC2v
zlIi8a@#B-?O_@)9N!GSg|E_J%PT6?ZN+S=l+^UzlOa*K#`+~o#o4Y*^Z@^}$y5)Yz
zA19m3l<=)L(2}sJp=tys4?h(Qvt4y{aR2k1{#|v7aIvBu*l@i)yXA}DJ>m3ZGoD{&
z%w(FXb_pGd%QaOU@f~(Hl=PEIm6E~T2xY?trA`>JQt^$peEPe&zsn=|9g>}o;4`u!
zaU(GL{{b*T&%PoXX@QrN&FMB#9hctBl1W84BI^=SQKXcRWUex|hVzI<iX!|TELGY)
zp|7i^$tK17=#6t?>xg(x_!VX-d&Ed9c5#U3O1vkGKQT3k?_V}HHf}1vY;SMp$&77@
z@U^eUf5~@)&)=+fd3`&RGq+v1RNB+O;PdZG%Vqwh_{-3paN=hWRA7c+RLBJ-dNq<3
z5{j(COQYR!xh0I3uf$~IS7?Z&Q-l!ZBAZ0H(8H+^zIOii#7hP$r?tyqcf1xkot?K^
z-3xNP(d2L%9nPfMrUxxD7)A=(78Z#m4K6J=j>>>Qdh~616=l_CD>}9Fwu8CFbaqs$
zw=a6oY;n0m%gYmb<J&)Hjp}|C26-c^*$T3LUUHR!8Vk$+#d{hZh|7p=;QI=AoYsR5
zWE0>T?|u?$<u}fWJGLeo_n_IIo@|~H+8nDyni}{eL!3&;zorr{k%9mGYbs%qT2l!#
z)Ps~zBzmSpN$gA~l&qTRxKoD?9U|U`mOn&^-D){q&=RNrQWz}{m#Ma4l1&?jK7yUQ
zawop3n)U^k50|U9B#$y#dxOjTf}>(Ke<gLScFd--_;zH=0R~A}GisZ*`hbMWA?vIo
zz}1&8jh%1MQT*f5DS-ix=b)}nud3YsCBPe`;q-8sGNsj!*fh&hfL@=f(R^I06p%?8
zqWoIgc<F$dl>ua$RYF3&7Q-y7gmaC$_aa5;*U<`<u#Uc+Ek9eQO=~xNe@nMJcM?e$
zFI{20M9+zvGoM{mqnsj)8*LEC_g%Gyp}y2=I900!WohB1HvKm@W+Zfczi8^G7X76*
z!?6lA&8E_wITKo&AFDE4Q`%25qn!<fqHqXsT5wz9Tf*{q*VNQ(>VA@efdN8$q?Y)+
z9-d4=e6e>CAG=Pxbb7qoE~fqQ^o7%v)r)@rzVuu!6?gTG>GV^^xo(9LQ!UycQg!!6
zk=&ip!gwePVd|QgLPE|H6*qx_SiIblkoa?5^RPyzpy0Iji;_yLzC+X66XjLlBFyY^
zOK08PQDF6a^{sK8UTHG7jZf@N%lXUqNk3NAwT@5Rx;Hj$wj9nY{T)rapi5p`7d;{k
zTtS^Po7%UWN!)$ua(T~SU}=e=TXVo^bAEgGnab+jDVG^ikmI}Zs=u5~V#FA_SAI<1
zk({A2nHz@3844)lzO<aZsX5#Nu&`!m7@b1Mfe;%&^_^kVG9b;Pve(aFI*?i5SoBZ@
zw_~IDWqy7>v*n{r?9u4JDYGb07}xi_aBK*ho^W+A^R6=Zpn6S%5ABFH_&k~tG{mn2
zNt{Z^ASt0>tP-w12}+RvLnUN8eE2Z?Ngl4`{&MK+th)H)V}<oq7$hN-3bU7~e1Ach
zU$##=4_;AXsvVhKWa1Vyi_9ODOu2na=^cix>A$k54@;(8zNM^A<EyFTP*u6nBmAA8
zma77x6}Tx>>~R`n&(vua{mZn9Mgl*88NE<iyoG&pv=&@XZ8Hel>CC(zfd6aCSaH8O
zu(ZM@#$hqATt9ASF)_awDvOX*x^qY4hFAlZ{F)bnSeqe#!}>*x*t>Fm!AsT+^u6ky
z73Gv-3DT=}v2MuhH2Om;8k>Jqzvv6C49vJ$aEuu|zTgV*ECvc_#QHisyJ+_;oomq1
z3*@bl@qaUlU)r5+VxoB@z{r5#XPviqjOpj>ZkyE-5%Ng*?KUj=kh}%keE2y*7z_sH
z!x;kbzs=lFQZYEt?{wHjOL(LQlveFr*iGQD+jySWiI+d#sPhLyMV)=j=4Pjh>6n7h
znyP`j=Wf)0SyIWw&CCw$mGun3X^s_L&1`P}w(R;FiD{}iW^MVw+!D${fFMaQ#Z`Fu
z;@QN)j^5OUR!o;e(;B5|j;pd+L#JFp?b{MlAxvdGgP)gFU=2>a)q;I;L_6EBRKN6n
zQbtodBQU6%1`iHo6}<W+;UzFn`)Lx0DAyb48mD04oWu2L!Ifxe7hXoXgEtrCV89uZ
zdo$VrrJA8;7&X@U;?6$Oa6}Fk3ZSni5IB@u!V-kxLP!HnT&?m1f~-;ANz3sDf?t(Z
zA|x|dJ3gx?+iM%dFH1^Fcnin+(Luy-6Ymq(`+WfC2RTBKY;2ee4ShUH9y!)VQo>z%
z{7Pc?pNKbq9y@l7_u+}#%qeBL$6~(`LW&^deR!t}+a!Bz`~U+bf(Qb5q+v7PRLv~-
zmzP%VJH1OsE7V9tPGA81ur7r56)2!kk`QAi&;rmh#bbsAc+NNKfGePgXADT#_IU9U
zXCz!1z=QCCk+cm%D{_9{&Yp<IOVX8hf5FS(@=8LT7I;f)nxzX+KuELF;-jYrio*+n
z@9VYjKhX5ka^)+R#$cR`5`%^w2`|SDo@;l1#Y^0}D9q?EGMEXqTGkV-6ArNRyPGp)
z?p3)!P;z!Doxmqtc2Dj^m(n$5_M(%<W9U|g8}KW?oKz@-;oaGKtIg4;v>&@7+mkDA
zzo&9}{1ZyeoXw>*nAJLy)ww8BOglXR`P4M&X`NAHu-IIl(uy0kjctMD|6x6`u?IR)
zUf0y__JwGP+2+<6Eyv1OU?~gRmGf@Da%x@sNd#VE<!c%p57W3gi`Htxi^lx^UuQ1j
zCu24T?Jzkq9hY_wU>N+S>^flZ=Y)$Vuik)HRrcS>Zs{!Q>_y3?TP@7OvG&+MpScK*
zzL}VwQs2zJ(RWg_lWH0<0>7P-1&Cq+KA2P7I5JNDoYqcosA)vT7yWVXr8l+#qJZ~{
zXOo1z@kzr=PT_?N5zB?`KV?9~Zw%fgek!)LaLT;)?ghUe;HL;3*V`P}TIB{~_v94g
zEc}{a9%b*%=z1oV(RUEwyrZ50VyP6oWYDsjJGcwr<;~moSjTX)HV`kFDt{|F#LmeG
zF^a?$?}O16$bI+@2j=M5kX+gk|2By=mC(H>UkNuRRtc+;RZ7VAXi7L;Q;EpWFKG+_
zyszNtr=Q-rb0-^1_U_%gfB*gi2M+Asy_@f1?%K7BXrMiN_I&XEd;js`_Lt5!?Z{EY
zZ@mOp)K(w-X-DLgS^J)Dp<nI#xkV4-0Wd&5rfgsX6QyM#DDXh?x)E7waR;wQgwRkd
zx<m=hxdVbQfel|=!!G(*@sdaxjH{p{^?q_i2`CbeQ`B$XlRJr_nA1x!c!@pM<P2b0
zr8wy52`po({p$L(C%Am{sv5`_#_FC3!r>4V`&B?kBAXb5hvOyul10YbIpHG2K<RA$
zo!Jwwrj6tMg^yC>wABx&%M6|gqgONUhvU)`@bc!!yxtLz@N(-Z_LF$wYFe}NRP{8j
z)@_+`S_13E2C(C@Y*+3izoe0@67q|LgphB>5nJisgQevMiYA+fb*E3AT)#b**>=m>
z#2v|*AVJmO-M{{joYU5Y1r;KQL^p4HGbtTB01N;Ig~<%dNo!~YBd-q(!Hr6~`U^XH
zKF%px%`clffI1AV@>wI^KE2HjOunC$zbhpRR|j&4sZ4L6sn{n~bLRZE9#kRBXlzAK
zR&zU0En&$Mi<b-q9!hYXbp`+y3zl>c7S1>qclMHIl-|q8hhj3YEC}wXHT%=^C?#^@
zoAif5P*u_rLp@qphVWFyO+jk85uC!&DZAhcOqt9AYd6Xsi&uXA6Fb}k;EZ=a3B~x6
z;=iTugvIWOj@^kIy<sC(3HpDN5|#<EN~C4Nno210o0O1<RkG$g8BoGiNeQLaR6>SW
zcK!%T#HwdaC3KKj{HLCJ>iOrNfA-mD|L})DJoC&mFTC&q>3@s-J@?#moIdj}|NKw?
z`tL8DxwRu#5hqv@zbZF*zyQGDjm+>Y4}%13z!fHRpcGz}-#dqVYsNTEJ8xha1frl6
z#))kfZYl|dQ<Lc)6gg9?!DtEGatV{HFzRwO0stbhS^N@QkA&uOIu3AVcNqaZtfS24
zU?c!0w#vZXB)kOkXf{2<=Ijlw5IIZ+jHn<S1slfgutV?<gaa={c#dMuTR(2w9)*`O
zqlcvfP)B+dUhc`81V=&BS$hB;Ngjfb1zv)nP)Vx8x(fpq14RoFV!5R{ftRnHD4U#8
zd3hwvmOi=RLW5>|Ca5pVZ=32+*eiQgP2=X8Ast7v%u?B_Y**MTdXz14>y1H8-93G?
z%$iu*oKe-=JF`eI^Tr<NM0w`TzK$s;EujH5L$e2q>4oe_*<{P4b40dYet8bO^m>6q
zh#;p}M={AlB0c`VnQPTZa@)FzOaUyJVX?~oEjeS-V1g16vEmDch!p+Lljr_)=E9#&
zUl3p!jh7isZFt=l{Q(e#_9WFbKpYQTE&x<o#^j^g*%`AHM<8n3#wUq(fz<x-^m$Zm
zNw|ms6S$@7H<O-dyyUk-Hi@12LAd^MBt90iHrdEPWYFJ|Gg)&qjf}s3K4pJ;E-qVa
z&Rim<iBW0~Ycp?);)@7d#wM_SBP1Kg8;Pk2*J`qw+JC63>yRr3l+%Fd2JR;T?bbiB
zgG6ezI^O*xfbFV~+y}i<Yt=jO_<hKW^n?<wMk}H0Z&HF}LzEz2^<~Y?Q$kZWN{KMf
zitk_YJuh*IfsI{HkzNY=<KIuhjE`A$%&-WdA*l6(Vg)$C++BXhBFwOmGh%-*Kc;tt
z(FN)-J@0E*I3(k$U^YzXM8g7yLh^o*;!s%_J3&z3q)Be)5-0^-;}WjElQkMD0*^@$
z2(ua6{7=_vM4S<6x<-3IFF`tK0PKypUmAdYHMD#mIe5u-8U`8TDlKQl;PfpK6C~n*
zfP5l;PgHAIKtN1!K+<wx7%wBWU}c4u3%q<eb?mn07v=O9Yb~+I{}3+;wt}S6wofAC
zh8-B6D|d&?U=JQmgc4rb94@ij8mlbs$q}71sX=YDd%O!S&qDZx`!2h6ITUo*EK9+F
z+i53c+VAza9k!)VkbgSbTAG_0H_LxnQ9eF0jJMJoX^GQr&Fh*i?@{BYU2r>1CgaJI
z>*bd?!!A_cO1M^yC(IWN0)$_dR+7NViqUW0y#OzSfabMzU+EdZsR@QbD{(y%>BA(R
zRNIK(ky%@~7$v+kIi29;JE=KtudilkglvE@hD5S~g+TJk{T1L7>m|+js`MH)65W$<
zy#^aE9!-pmSb7Nx1<Rj6yrgU3I*W{ta*Eh{k>B1!ns$aqAgZ;T(n0uN>zJJN1U*I7
zp}bPqA--Yy$oinPyPqM2+;huVf8e?Nxvojtqe7_<BEr;LtrV9qcuS=0_Mg%zizS>(
zAh8t5OeuaJc|Qq>^-t`;C+T?kC5Ax(&TGE18KLybW?CRB2EYZ33n!|m^8cI?G^|oW
z2C_YZ5)wiQm!g$WaFr6|4^hJDDkT)*kN4s6y=XyCQ7e?t<!B`fF30iIsyO|ZU<o0k
zJOiL3vpJ|RzYro~^SvSkB#BdikPRW-N+)L6tq~9+c!!uz@K4f^P^<Apym3N^<cE4K
z;DLb`BW<_J1w-W$uL1y>s16XtHJIOPg7bmIU^7KFBR&?a5<bGbUK6HHIHhed1RR1=
z33VE}Y;Xh=CNC&eemjDfxIA4!49I|)h+U%Ds1hMd3<WC#pdGmFP&g=#LIwvaNgk*<
zdT`uAK&g~~9Zp#*%-a0~><IrQ>=uj!0)b~N)xzA0Jr?^dW6Mf{xE_aRiHgWsJYXg#
ziwumh#r<<+knFJ<LiX+9Wvh5jOa{C)*iMYj$lsb@1rQ+*!V6wsU%#pQNq8R~&!K2Z
z*kh#ChJpd3!5|{Q*YmytX4S*_rF{zJka~uQ72<j@12X4g8-x)KsWng{46RjzLu5XC
zy|#Z!P0otG+iYOKNC-E&dFLJlk>i|`fQ?_s7U7-P4?z*4Lm@!qfiKqI9mO$86)+?w
zdW3l91OR+jb{*PErI;CUj)JKaue&<}FvGNdcf2fU?=jk)q9wGvN1<c|aO3t}EU|;i
zY1RiI+&5RQ&sgRO<(2HxtTV8?3J-DZ&<Ji?N&#}%x{0o0s|ogJ77fA%&MjlmSR!EB
zmCz0$wXka071=a`d|P7LwSgf}mh}YwX2ySeat3&blJ1EqGO$gPrHOc1#G~yeAsr_=
zJY-_$Z(?Esg>m^WQ55~nspybg>2p!>d?aO~m8|{Ys#RaV;!?B{1};t|VoeeIX{1;s
zjQ-<PLWWgJxKsEq*-t|LSS8XX7MI<YP}my(eiDH2XoStMk3t;47ytk&fD`P_WDCUh
ztg!hs5;r@EaFqsPd?0XKm4rL9<?P@1;+pzMnUV~`;tJRhBO}6Xj+CkP<%j)<B+x0!
zZtOvWCrn<9nXiXYM}DL{+@6n1rlj4Fyp9J6jXzMNz+a2x-2w%m&VV3~-T*@v=nj`i
zL{5<-QIYMFQl)TY!Y>b9QSOWMg@Qskdsp5s4C_QW{Y44c$c&uKLNm2f7ish`MBEF;
zTwI0RAFEV@++Rd?#Ypi!vj!u~GWx@LJSVF@oG0A&;$vRX|JQhO>gwt?^?e0*?%bgw
zsU=`JEfMx1l}feF_pLJp18L%54h6lWX<7)Gh?&X-q)8GcWl@&25R!its!>YXSoupH
zR7J`P&gAlVu?9<=iEL6cs7t`Pxca*vw1<#jB80_hNmn0MQz&)A@EAsB76%MPWbtu@
zZ647)n>9pf&j7|}s5ARySPHOcV36O<$U_^;5#+GLH!h};8FMQPKCz|&Rnc!s0#lRg
znk4We=f&z<G@wm331ng_CqD<_#N^~EB=vvUJJ;W+jw^uwajjJ7hc?DgwW1%|O8wB!
z&?;0BU^h*ps)?vd64crRl=84mWAjk45ivO75fPqh3xr_6_Ika>UVDw#4=4%!d5?NL
z+OvCid>;X?W;MFHJ3IHcvv<#(GmmrToVoRH?6$~^w;vwuYV0;ywF6~*<6m}kbYM=x
zi3WG&D?!_Mo4nk3n;O|pwU<CR_k>Vh<3eW&;Zq+7-&GI7&lEp#fpAm^x7!E8e-;~p
z1Z>;34S$m8nmm8D{M&se*W^z^TkIxs)Xzkm7bQmvTY~Yebgp$W6=hD+PYewi(v1|C
z(a@+Otxr`AQGVhmNsgRw)RJ!DA3OCFrD%crTj21i07+GMiG1gL6{7zIIkHs(`u<<J
zdGdLy{v?>i;!mP-!UH>3d2u40W$A;e9(CmeqXx!*nZ_r%aNz>qYilC%xgPghM+?5!
ze-<Y~RzpSgzWNE>gO1Vqvjj_G5KOl~e*$H!y^j`_BonPIE8Ubzz7U+kQov0%lRsCk
z<s<z%GNpS#j#eYa`10`K!zi!h4LffcUwZkI;D3qA)g4xK!&ppCbR#~Xy058tM!Q}g
zG7#pNI)pMV#BS3{0g6RH_=+kB)mRgRM#l%j?@bXx^XEeNr?zk3&iGO-r>Y>*eJSK~
zyE^+rJTDXslb`Po<`^%E8e5Nv>Fd{z-4}(b<IB7E?mw$IV%voP-7r?>@TJEs&l=~_
zUi9_#Wg4G^c+s?9wkEV(ckbL-r}0Ucz}&iL->X@-5YLM?P+P*-+JPqsarK>#MZ{^)
zT@MG1XDNF>Mg%=@7g{AOXF~}6+=dV;vkoBUo=DIYg>Y;L(Rh}+t-ghjkKYL6Oa9{s
z$cq<W@7_NU^rZ~fwn%)Eb(?f=JU9L&{v?l0G#ix@Hzbb8iH4$-NztL9p-jh@SFc`0
z&TViWWOe<<zZ6HqSF>&*UNjmmdBctd93CF_wfAA@S`~KD4X3AZ!uUS)wi^k7w`8jS
z$(kV4G9iQqvK~a8SS*Bo#J2|F_F9N_r=dJYh44ozL<R>OiBH0Q1u!EZj4yY5a6;{U
zLTbwRmrIL_8rV;|%r<r`Z$&s=KPBE~9siQWQJNkNF{m}6{bD~ne|w*hLh|${;aNzo
z9S~HSP+xx%(AFf^V^n0K{Ch*Fu7%j4Ri+TGY6#)N6d@c1LVisMubL3?C&4}z;cy{U
zvGu?H@6+FZG^qY0AvI0XcwVz}^MsSNU1pshs+xgN8+z$$4-O7y9sd#;wlxtmU4MU)
zkV5kGCqc#{+GJ1dAm(zu<4c~X7)x<>6)iS|<C@m<WH~nif?lx@>1#BEa8K$%xXa%@
zME+y^N$|fUQ`fF6WVSf<o4vh1Xxi~*(3jo!A3Q>=kP2O%R8s)t$8|B%pqLuP7Jrgc
zr%q++Pr~4p3P??=9#|?6#+Q;pN-;hO&w^-&ByBQnEbHrD>z621QMOQAQz9y%rr~1V
z+0f85285$P_!<5Xezre^yXFt!F1rxQM?<W&D(3>>FH8$UOGo4fj2pQ&0>b{WZ~eWQ
z$CqI~HeX;>W>rqqMqL&-$aD?eWfx`XM@sz5{{H?<{YkD}yGE64O?WZ!mHPT+NMU?Q
zBbi(~P@b1>{7bI4-jl9Jm!Q>qQp+3f$@C$jjIGb2g>a{0K&+>ZzcXlZ2v>PRSQZkU
z8UcB_w6NoY<IT5z8Is!jOcaoa$z|h$DYD_ZV3H#)m?|gqx=@yx#`D6SNHz<rat4)N
za_aW6A%*oz#H^ln@NbjJ^o@UsmKL!F3Q^`}t9A*2sJn#77*?i$c?Rs3Gy;j<YD6LY
zJo151Mj>1q0pSuC!nr{B)Ixa0hH%yTf;=wd+de!K>|>iRsXxhA!w)6?r3~YA4=Iro
zyAc&7b<-2_j~_ptslL2;@gk-@S`*prT3RmVyTbS~q;$uZ2M->kJxt!5@__I(p@6;g
zB^}QgwmedAe={6~P~KY5P$oqPS7i;MEvN}0|7Ag5eDi!~$LXfkmtlO_-h;gl|Gu^5
zQ8}@jKdV6yADuscK2v`Z)FEGFYl2i~;ZG7$@V_KJN%DrB*}Hr9?)lpLpf%mFi*CdW
zSTZTB5i?|BQ})x5U}I{|{!$>^h?)@cT?khtflx9ULNN>BTp^T67ot8n3Yi!mYwK)M
zeHrxS`!~0=9ld?`%jKmd@l(=>J^GkLhy6i}v-T%piJhiLYNEk*sENem4fC-f`6ti)
zeP|VvH|!KZXubSNP^wU5(v>USIAMGfXg7+ab(3&|jb#UcP!mGo2nc1q1qfBO5bLsS
z1F)qI`R4hvzn!?W@y&rI)0ZLrwBvT`pRfG#PkjrOa0>3OASx0z0&A7aHb=&nS^Jal
zb#_A!v8V9&CkZJe&;4WRpCxbDWzE8Oe5v-|qMSK4j9ATyC}$Y}X?HR?M7jx{5FLpM
zL`I?!5bbLyM2EB5*GK~4UyO$6z&ZwmxAnSC^7AJr@`G3YvvKFgTRUzymBI-6vh&XO
z|M1DX-Jeb5bGl;&VxV%RlMM)rD<`gZHZ2S5mznyL07nk1Lg9*Vat!_?si$D?LtC1>
zVdueNKGt`?0x`)&8Mt8=8-}8!JoOVzCiO@H(THWy5I*vO@HQTVUlALkH5UlC#UH}|
z-4H_g2uQ`>s8pOS{p{_YO?y6XrXglX>>9uEjh-`?ZZ0m&i}$T7C*+6{RXGvEI_Z^4
zoICL+L7!#nPjchN4dm0-M4GcOz6>ed@nvUcC+Eqv124{f{YlisR+d8~Vl`;7(-m7I
z&S|^h%Hk@SV!|trhis7$4dKW+IsOoeQCJ|<AsQlP1#5y(L+V)*LY3AEp`;7p7uAGt
z8{<JJUk^gRM<B)NsevnZzx(=;pX|HU9HY#T==yAEKmF^yy+p=kMnz`hMNT-%G?Yxz
zA_gKSqD>{RA15LwSVjyC3}iaKJa_IKl4)xqD@<YiGNjb^D?pr*YX{m`Uw;z5mG7u(
zxT!?VhMV%X^_K^d%y<wUX$#SaWfnrykUE5`d>~xzdX;%XC;)`Q^&os|A-v*2^2{0Z
zUi!|Ct}T17F^|X6S5TbmFx}>l<L@Kr*oO9h{^ITKTw!XVJdZ%CoFE=<7gpt@Uhk8V
zCr_Tt)SrZ1H8AbbXH9Fux3hn2ZTr|`QTj5ZkccMMUuS%I;J^VCO>*r(d9Fnjdd2f%
zVMFKiKm%$xF{l$h)K4dTVncZOKscAFCm)E6!Cxte^s+5PZ2kQq+{_3F@t!aiJ974V
z%g&?UYd_tx=kp)EcLQ&Pkk(bY+4`3+ShL*lM)&r;y%W==Cv%RRn5ieRp4T-6T_SO(
zo;Wi8%haFb^5x4^No%4{y=+!hPhW0$^Bvm6nkl4^5RWt0Z`B-M9y)XgXUOCYyV!4I
z@8cCO8s)6EHl7AM_4ayA7s3jyh0sB$x2|g;+>R=UXyS$tYipwhI~KyR%3wz!cEeb;
z`iX$>X>17RC8mx`v$yU(`0I(wzk0WK>s$Y5+10hVz2}EJk8J+kvDbDUX>IS>wCm`m
z-Cb-+%3D5?V+)yW-K}KqI=WI`GAZBIP2rZ^nLsE{eya!MwK|Z^(U9F;K(;7EYAz5d
zX&{uhkd|bSR&NNITiUvQ{>P8s>Hh50&=-h=#<SGFm>k_OR^<foaBXeeV5`#a?(OZ(
z)Sm?VTRPuWHQ{-z7yojhT)z6{SNqQnefY_zA%$eq{<EKcbpFD~M4>!CUsGQq+uE?l
z)(&J+m;tL-{7ba!tOh+W9u8u;?nc-U%XJ%UtR}=n)-(|Bh-KD>J}n4^vx88>mjZdZ
zyj+?oE@7ZJIyN&`9v!F0QJkEfc{G-veNrBNG&(!K@NjJWaj}$tJUu#ID9+6fKN>5|
zFFY6-V?2|am>e%Wo|>I|Fq$Ki@<2wSA^Dn+DGMpYfs|GuPwGQvRv=>n8Civl31p`9
zuo^N`0FrYcqZP>HR0Z-xAw_{q8c41Yq~rt1D}=X{EH5t2&M;P6YUp7lauOXBQ(Bp<
z<6mCCew{kln#huY9bfWVESH}yEk>k}LQ-XE=VMuwPp%#K2o>w=PXfj5lWOe7XrE~D
zL?)A?`b6`oKZHv>ArNXpDC`5VPAoAXe07QtZi@@iL8OI51Urm`=n((mA`=nxzlzgL
zja8=ammjV0m&RAZ?#qV#<1i^HHX2CY)XH$SK=&UenKDcPTP#W^ZWWTN11XmUGFfg6
zS*}1z{GJMA@&AyKhL9YPWrZ+JB9J@~33`VgG7#<w7$CeA2nALlxjK-=I*?HZlF#!m
z%#}(OLjJ^rflN*U;iMr%2a$H4iZyL^p%5B{zP`S!{Ym&yQWMnq|JXa5T&;B^4DX#a
zzy^B47$guQ1_%TaAZ7^hvyPtjqkg4Q<Vxy$<DYQOy<Y~A<CLG+j$MvpmmM*|^Y`!H
z$)2S1xF7c;>`ABy<2sqjPWg20NeG;+KJwZ^&6HeuN|zxl3kNQ{A+bP_520EPLP&c9
z;Y}=p)QdKqg%IS_LV7r+L-Y@11qAmI1j56CkfI|9`LF__y4C?96zlKMq%B>qfG6gd
zXxJs$lXM>U<9@{cBsiSbp;qi#pWW?WYPs{HC7bb#C7X$g7Ov#WQS#e$pGP2woq|B9
zA=^dCGlWoQA^6}Q5VG5Wkc68M!U_Vdf#}zP4~Z4<O^C+BuYvFpcM3w8z8Io9=0IY}
z=Ccs)W(da?f<T5ei%0K5a1;>!T)lq%diDO7<Wi1_CU1}SFYm|wNcJSS2U`bxsKwvE
ze+OudUs9t6H?Gp00tZ6m7D2SD(FzDY_>VwvX9%HyK$r!=;X}B)g%E)ZLEt8Y2kk=0
zqP*vn4<T<egjYEQqMhcBAO!D&XuG;a5Nh8b1j$#gUM=lke*XNK2SrR`3qRud>({S5
zetAFcN8b_a;ZbwP6+80U|I(Tt%ak@8Q7!#_p<_y};ujEn90>ATGl>xh)zXA;z6l}U
z1LE#MIskDtm*!k-E)8Vv4%Jse2yzobC_y+H2x1QbqLC7WcOk$VNPOi$I|U)OeGsZS
z|6`ZV_j&*Ry{1<*G0|9io*#QZMvi;`^7-@Ul<INCjwJm{%bo=LOWNURV>SPKI}=?)
zBQYgclT9>XXKVGrc{&7{2Eq}L_~}$Yctiss8mAyA9S1^sCqj6y4WyYc-9V&LYlzBF
zhVb@}Ae1u)!uckIqG>`X?t>8OMurgf2!e1JY-9*ByAUo%ARGbV)=da^^;@-u@T?;U
z*~omKrS>H6-n~PA<(Py$$=9!65%}-@xF2H&rHGb`{k+hDp$WTN2Wk+-)%_pKvv;jN
zvV{Ylrmck_-3A*(<`F<rp2Sv^f^e=OG5Fl<+|odJwO2y8<wKH%!#;$7(;@gY5JK%j
z5GWuT`+Rf|(tZlUt=0A<U%q_dbu=-Fzq0&~efsn%I_^LJKiKTIIm=<*`Zq)F5K7UL
zCr@zD!i_6-TEIVl{<!mf!T?_%s)XbmGtpxgNuI})+-BQFJY}#ElgLLP#ODY?4b)HP
zfKVZiAk@+Z!e@mb`q<A9vTqln50HSM0(K$fVGZHsbwCK!0ikg0LMT0pAP5UW@C?b8
zFeU`I1Id%fcOl$0Agy6fK#1EGLd>@iGDi?ui4+hrd>2CA-h^<g145w!!sY7yFBu#~
z^=OO19FvzXUp{;G428poJO>Ug(SS6f7}BAw=rJ%n#Eg9|<%yd$wejb(p1~?Sk^hSj
z#>^TBZV34QV<7nKLLf8{1TutkK)72&xYZ58!J@B}v1lE-6+4~;aqUS!n>_$E<2>xB
zL$eFvZUcev5Fms-1;M9*Aa6qaZUhnY`yxEZfe`H)Lhu?Ae;{T-xHKWW>k){)F&zj3
zeGnWOLXe9g^{*YyS`TljJqeFHiizr=c1mFxGtTq_v=E0@JCUb$G{i^t=3Gji_!BlD
zTow?{HH71_K*-6n5Cm>Qc+e>bm)AgezZpWg$`Ec%QS6#7XZ0^>#^I`QHrJEe9RMRL
zry!)ihWLxp1!Qnhx;%=u0s_H=;NFE0)`x`I`w@gFH4vUS1w!PtfrbMiZ;v2k<|2r?
zZo7~e6jWU@A$ch{Bx?w@$%GK9fKcsg2>ONf)>p4rKuVjKG$Te$a-w%0$w43|hx1Jc
zjtn8lEJ&loGK5rQNX#dY66=H1>J-ShP6l$BVh6HRu?ynsWP}-Cx5h7NRMpr*$x|8e
zJetZFD?Z1R+-?Xy1q8<yg4huR|1E@26CoUf5TbDbBqlIB5b}8o(GR^{h?H+Yc(aQj
zgmNGRcOcEAZkdi0kUSq7NHsG&LGV8dA>edKo*7QqH*el7wI^XZ4>?@NB$6Z5Q72~v
zLN-o^NQoJcN)t|mWYy75xi=tp#jYg*-2E?Qzp}MijE%RprY+h4GIm9Yo$c^fZ+9F*
z!b}K>%#dc|tuV4NA!K3!$vef!+$TdQJu4v2o;5g5L69jR+`0+jZZ`yX18H_N+l3Hh
z5Q1=q5I5i%LRthNb#ozMQA%cB0HJ?LW4UxcFXj_bt<;%rViJ4DMup90sf3E;_z<3$
zAyOSj5CV2XY9;1C5Lg9Spp(}_EXB^<b&4HNcmGQUIrStSp!G_iH|v!^)Otenqno8h
zsE~R*@-+lu6GGSy2zQami=GTZh(?AG;iV8V{0Kr0&w?PSA|;3hnYa{$GGs#X%1v7c
z`h5|E(%S*iqDxx{KC%2$2ZVEmsEH!%5d`6jA>`GI7cZ8!mmfZSU~H+03Gr-VqUE0=
zIkEgon;ZkeYswH(njyTk5r|ZW2?<T;KvZFCh*XCIsdciW*nvDK#V!bv>skl$95L&E
zEbS#9p3U-lyos|*o+9r<$o*Lm+@~P1vt|u(mOQ-}0^#96NYTX*-ddjD<gA+-5K7Jn
zgj?$%oC}C-w7VgyYusYLt)=!PEJqM~8Ev=cY+_O;M-{dMf<OVm--qzT49S{s1ti{P
zvmmw)F*RWUNfq`Hv<`>~(xH?2$ou*8r)y6_s~MxI&1M&QCxn>J-t2@x6a7~p%BBp#
ze+wbh2n5Ltadw9Y2r_daVUx293Hy_PfSm;)$95s4D<EXrEQmB_K(;1E1%zTV7eZw@
z1qn--456Yrkg&<|_YNu`1YB)T!umm|o+Wz+Er5_$4TStOA^zS$K7?X$6O#8B4kZ>4
zg4d8ot=NG~SL_H78Oxr8Miojkhd!p{@~|)o$b0N*6g|)8_aVePLwLtNggiP0As_!D
zg!57eVRs>jRmKSe5ZoD3Z_hansh5n<u*8)R&0IGj`VV$7L>({smrLzQzJ2?~<F+v&
zVmT&Ga(oD9AoyemVRs>jWeD!MkgPg(AqcOBxau?@|0>0<Ce!U-LX5__nPIHP`Dn*#
zJhRnDKuAD_a5f;-2TN=*e-=VA3y40+^H&d-iy#CvAsi+ocOqq1P(XO@E`+<g5TbMz
z5=G(&qW+%`Ay-#GC`cKiKJhF_>>b-cD6}So+MXe}3y3;Q^!ymVTy0OHzh2S*Q%thy
z2%fd+NOU5R2?$}ALJ;1C0KW<0mI>i;1%yoNfEb!EL8dBpLB<t3kmZU!LGa;!th-(T
z*&RQ8n?LWxK!PS&DC?D&5lH;LuOZxWAYArANJTd!Vjcz?K7{vu6M}pJq0pERLe&ro
zlLMig34&t;qS`(V;V>cim=FY}LiWdHxqAVGOkO%aR{cwgmYE!>jwU%|vYDJ({{)0$
zFdY)Lz8ix36a=vv;_KuDS+3X}2)F)X>%f8AwI|^jG4Bpm%)8UnZ9I=Asu5iMcMcp}
zc0hP^0U;$BLb7K;$fhkso%#$Rf6qcFmp+7dd<3DsWeAmLE`(bn5H5Ei1iuM^z=2~6
zLF@>EzXL(w2!c;Ql>8bJlZR`FX0H1XVigdQ+(5|NQxLMfhOqzTQu|B#mv7&`m6BbN
z9LO0$6+4>RO~pKdXog6m#4-di2a+|R3Bmsqgdii3Zp98{u3{Htp<+)E4Qd=Ic8a2F
zPl6EVto@ZoptGe*SlVqZUACGoLqc5!B+|UKK5Wz_K{7=8B||uFLOAb2^x5J=a6cl5
zeo!<Jnd_Mla@c`L(`86D91N>6idKe5zhp=#DIY>zsv(5B43c&3We@})u)fbydy-F|
zKC!l0jtP#4Nf^oH<b?h~ChH$Tvi?~LA@eVWsMh-sYQbtqd<V}`>_Dzj>_8lK$|YHW
zJ&CoS7xpA8emwyh|MfKfuf~VOSbD5*Z*Bx3`MhrG2!t30#9s#1gpdOxki3>`o)8oe
z+%*J8KoAh5*lM5yQv9m{l7BtrU*GbqArJ;3+u?vIkSO62Sh{{J?d8XhABhqVGKT}k
z#}x2a<}*60OjCCOn$}{)le3fqL2wXUp3(qXP04}a7KFP%Brgcj;FtoD_7enw0)qeb
z5Q1C-;XFmLI}qaV<Hrx?`&j!$)52?n8Js!7e6)AtTu8CP;qD0YxfKo*<bUklUu*9y
z3<vP{|7y0Y!LA2`F&OO6<#^u8IUfiFX@0e~UB`1uy(rekZ?#5KH6}ipEN^dbKK;kX
zhm7Cf-~5RBL9;OfkU43@$ZQTnaElT>Skrl??!D#n^K%afrRNPG@9*yu5LFui@!f8M
ze0_aY5ClLt%4cgaL0lI>L|PCHbR38j>7KSAnx=36R%FiVZ1Bkj)3plI0a2<6h}s<i
zl3G9b|L*SY(DNkpZ;f<qN#<PPE-LJdfVkyB%pbt>^Rrj`8z8XVItJ=0Zhe@^AyyR3
zs$X7S9v>fFeF1*0x$1QK#e_H#5hRF6f*=?KLEi^KEXy_!k6I8J`yg`tAc(LE#M7N1
zh_$RHUNx|9mJSjT)At!#k0o6fRdUCt5&gpn6=d9FS^sdtP7s5j-5nx?4NO<96>+1m
zF;@_YM|sV}O8*amcyw+M5o3@ho-7{J!wL9g@Nhzc^c~UkLELTxS-*@ST{znRrBAI4
z18X6Bs}sFmOFcb3p_CFq?{2T1M4={*(_bKmf`}N6vBd942akx@(eorwHk^s>A0i$B
zS$h&WK#n-h94-s|LjJkJ83Q5FS7#4CnLDR6cqUq6-`It`Lv|_(2%6O(#ZHAm;r{;q
z=<_57ptMslSCYP+3iKn!F3?y)Fe5o1yIz6ZG8+Gmv5PQ|XYFnDJc-PC#<?0ON-^GX
ziixd99P}RwBG)2_jB_A9oF#%&GT#-<LV_iV`MSMMF@GOK$K2-QQ!cA*MB1VLFV%6b
zB!Wn-&MF_D34&6@`oSqV_L7%YYc=uCfxSuxp@M`puF?4=Y7seGGuCOcIahdNYc#mr
zZHVzWyBg)LAkybRL>58B69i2k#9IPHmbD;ZIO?qO@(SdHCQd%_I~h_6m!`?)bVaEb
zwR{rlC!x+W0fCTPED3__2SH?PL8M4ekZL@-f_QI$Q0semcsO)^Y4b^Mx>*u+SCSk$
zTtojNx1CxG_%S&4L5z2{>aRX~R(WafpbqRuNQc;|q1Zt`c4+@HU4n(DmDbY}g7i6s
zUqgU<M`#&E-w0FAD1%<Sg2<JQt15`TaT7#(f}jr&2!hBe5HuYSOI7BVXI+oI0`&n6
zo!+m~HBxeTI>l`H1fz!Xq`sF9i6$UzH$k=tf^r;0_CAQbeGnNF1SNTS==}2a_0@|e
zC8<M4R7VMKR!0z71krg#uKDFz<)t+t&AoGA?@I?M>7G-ZC>+v{B`rdvb@(_%V26(r
zMEL?lnRbGx#%2&-Y7oTLEyb;~^4}#dYmZ6}Pv_F<W_Hq}QUppI0cnT()<bm#!L&aJ
z(ig@wSIx5z)%P*RDSRzSzdF%j*Zy0?_UHe0|1w6N&Dk$`X{}=Cz&<V=+?rpKmqX_-
z<79DN8&Q<OwUMB&AQ*Zrh&ul`h))K@wSwdn-jyD6Z8kL23TRsX_m{o9>XjRL+5oO7
zQKZ#MtJN|yGcz+Y^RAYenVG|vQ5Y|yMENYa+0XL+q(>@Q_RJigGx7Q7;`PPI({5K+
zx2x)@s_wS``!Az8<FRMYo;Tij<Fn5`!`rwzl4COAPdxF2WndCnOO`BAXa)RVfBp6U
z+OpRVx;JhjfFx9wCUP=4)kD%o5+PJwB1!P}ArhRf&n`|N(oOJAAd;k0Qq2zQeGJ8*
zcnOuqCB6NQOnUq6=BsBU;_29ZWI6N@ebLGfKm72_GtWHz^wS@H_#r>T+mU8P;n!b(
zed?*F_66ZLnD$dKIMWcx#-91aOPf!oH|*okq4u9dVO>(vD<7*;c9@P^hSQyp?=His
zrQVZ?=*j<<NO#INL^9B_NnI!L{PWL0{q)nXzWVCZPCM<*H{TSCD`$6p`Q?{!KzPe7
zx6rh;YuDm!oIps69eeDt%a<<~`Yc<v?5(%nQn-5c>dP;`yfkzA<M-cx2gds#fGu6R
zbkn9y(@-F~oDvVZ=XxKKFyo6FQrLa(L@gzl1Cgv-=}%-1Yk3s*SyhC>(ECZC7si?j
z+v3Fe<nHveKT5Iya-f_L%Eupn{8wLnwRP*(@4ox)q?1m1_uY46OnV;gy6?XG_61$D
zh5FP}Pc@{|5P9|0S3mmbqxoc;g(MQQLI>(LH*|o2*2nf;?^6?@@$9lBx3zRzp_Z~a
zwE4wEg)TKer!Wl>{EQ^h{IFk$SR6c(h%xFz#O+NYi9EXVmx!Es=9!+HakTdD@WT(c
z!8Xq0t+(Df@-b`rj5E%d(e3^F@4p{-;DJ^lyu9LyEA}E@-hKDoKmGL6K8TkBYw`Cq
z6s+|)?zrPT!Jhj`#(k&I5g#*hRbN7=mFNm<>&QqVgk%~berpp;h?JVlNQ6}PAwoxD
zDTe<3CE`p^b5Bl_liCTRJ58<c?#c1n+St=2VjR4MV>rCzAItaTuME>+haKi^5BZB*
zZx-|ylXVOJO%FRfm*D07_urpTb@%SwaqRTMD3L}Z;4e*QDD*{%t*b2_yuM@m_U+7$
z^HkQ^ZQHg<K^x>0x;+y~++uQ4H3es;lVjih{rBHP4mo7is#URFW_%5xh}m6gDpV(q
zKDV-5eE5MvhSxY>d+oJ%+;IoygS#Soyy3)M!^M|GcY4F#hloPA^xaQ_v_q5A!}v%d
zu6BdGeSt`Y5qTv<cP>O{&pPWYvK1ga;e->^Ax4zvfCCP=@WKm;DdLYl`sg2j{BhAm
z7p+{m^0wP<Texr`hwkH#Kh`L>RJF$+f1G_RvgV8rJn+DS4m#-Ki!WyP*Q{A1=cAnO
z0x$E-n4Y`tx(iLAYVOsLh{`SUJYHe*;DZl}O+#?~`t|R;^NwD8^UXJxUV7<0_uNCo
zY3zRc?RWIiN4v#aZ&c$z36%YnYcdW>=n^NI=ZMJ<KKMYj*I$4Ayz|cc@y8zxQ7dj1
z2V?L0>#wION(?eOS6+FgLhb6TLaV?riR@*UU3TZ4ccxu!fo&yJj=CDF{rBJhh$D{B
zsJHf5;;7NjKmYvPbI;`qi#xHDMz?I)^2#f(<eYiB;f5QuB{rqZ+Fi705!dA9mtS^u
z$BrGYip~lB$oLYsQ||ic9~ISx`gtJIKR)xD_u&n?pG0&0BgK9@&_@%=%R&dr$0AOJ
zne3*ACpR0sA-6nHhdMryrjW6|@x~je2AO~8p@)=EjX1=TQiRr+5K*ef6sRWj)H|?u
z^UXI?SZdB(G#OwMq_vQuHS5-`Q$nqB`#I;F^U_N%MLl`#*IaXrhWw(#o-6$R`|q{*
z$Rm%?9p=SVc7W>r{PWMQ;_#A7F3}>!aK*j>X61y9ix68Uf2M0J3@wubqlV0gl7}CD
z*gPMIb-Qy0%4iIPmpJhhrZnt5(IKn<dc~I>%(&MMb>9=lh3V#w>$O8c_?|?_{ftE1
z<=$BlQPQ7CIkwsKTJB^Wddecx6Xu>de(bTw45)^{8{kQxjNszMi^1fsUAqXAq^>ZO
zz#&U;iK%K-g^4e+nuZWA@ou785U%ht!4s`OL^riX#1($|<(E8G%_+z5bI(2Z;)^ea
zpbRiDlRKhapj1H2av29azyJRGT!DZzp5dtJRk|JJp{1DTGnu;;uAO}H$)J}$P!EQn
z75koe;)xP^Z0-v$yr2tQfvc{%%FM2D1F`<9<}U7nMkyio=yM_uCPoP~H9kg_rcq{$
z8BZ?xf&~jy=7!@Lnm+sNv+fF<Uw7SgPK5qP9(m-(jT?FTS~ouYiKC7>$}gceN|f2K
z=$)Y+ncJzE#hL)?zE956?DH14E)h2lL4+pvA<}xEoZCkd;qi!yhJIf`-r}v@k(}VO
z+Z{*O{<Mg=)FQ&t@vb;q^MjX^l+ZeXa6C(L>o6%puoX&{P-pljV)I@%yzw}JBA=D6
z#aKhTARi&;8k(<h4&->-I+%%`YMpD&E7e5&cw>9YDW{MYCG^)+jz_5`1q9^Ubvv4r
zSD}VzO6*MXvGU1mU5HaCth$6%g2cWRUg|RKCMQU-3EDE?7Ff8-E2Y$d6W!OS6OH10
zxb?AfMhDeqg$^nkgkJNPKs8{CO1w4$mmE$l4X@Rz%>{(@#^+j+J7*$FCJ=GbB%<0l
zBFdXY+|`qa2X9K8dW^(N@f_(VF+4taka@w%$HF}6j!K(g=9puSVb){rrE`<_Xi*kI
z(UY8mRjO5Z8T!=2A|SC8=|mqVmI9IEqDGD>m0rk=a12QX-jpb>bPcjK&wBgqw^R5P
zD^_qAozNMD@4fdPCm<Dc6N=~jrkig1^Upt<41?YxmDinXtBkKiA7wMPc+lmfq~I=V
zqEJi&j9sdj^~oon6j0`z=Id;&Civ~Q-wH2{K=6{T)^NqLh+Hv1=#wAwn7;k?+i@!r
z!F-;6b7iJ3q%aFjn=kb)xoUo%)87)#yclRC5#_Tb;>NvBL`jQ?d&$P2`$<F_MtDX}
z(w&%&Id><1k{0I&FR3AIB5CF|YhfTYC)g|i5dG($f0`61%b|xJ%5@e2M_dm+_+V;v
z@4fe;Lq~#b0=3PXH@8|xUn_cDC2zm|cIl~u{xTX)q)98G0>k9DvN(W2;0nh_=h4y>
zXpw57Te;bsckz<WvL`H9G^-BotPEDp`N#ODkKEtk*8AY3k71u49isKl`+on@{Z6v_
zwz(wN-&|^L!E9~|bKcy4GLi_+T14>IBGTM{(j=lAT_ThBan6~DdqL5Je5|1q>XEh<
zUIJR;711ob418*i#kXQ8p=1j$B}~TQCFO)PLOL#wr)bgwNI*dVe8B}5BxY5j4xmy&
zYAB>QuqZgPc1hTp`OEl>a7a2KG&z#W1%=N)|9tM1_ytRam$gzi9nlN%YjbjiEfDAB
zFSEsP7%rfQD<hoA75SVj5_WG=M%>2e_NSkI>LjUD#677lUJ9Cnmz1-Wu+lV}lF&Iu
zL4t@w!y)LZpU$>+Pc~PgyOec3**c<5bN6KPV`N<-*zQk+)XhJU+Mq@TfaRdy^WvA_
zu*pen294=Z*fJf>?zpSAj!Ym@T2JZbC%)vNisU%WdPnNagOu0{-7o_$OJ7Q<p_<f`
ztY-8@&c-Aq=JkT|My*ETrECftQW0VFlz7))#wYG9or0I;?-mfUKYU+Z5I;$}z)OSK
z#Y++bFJ;9lAL|K9P?bTeLsExt?WC-n6&O_B?8$KN_h}mTLD4~B-|t@<Zuhs|5|SiO
z+N-yOpq?~{U*}3PYobo`RU_E#62Wc}5efAqqMtp9=yQJ}BR?<;fw*-e@lw*Sax$Q(
zi<dNkkah90lufqQ9ASUFgo}`7q$EL2O$XRyduXF%EMK*?m@R7!kd=2WpY)3_zGzY7
zGs^4coNkZ9ONTCe^2sMTH{iO-QdII22Fn6vmJy-{FJZP`kli9;5OACLvex?`BAr`!
zNe`2Mc3_wXoqQJtYPALW9QNR4EAJ{vO8~m>_d&n)(OuO>e(E-hO?rK~w+9iDwzr57
z-6j!_U>p(Z&?Q0_4E3OR31A>WaY7}VoZ!6GohWR&)B5~)h^R1<NGu)I8)*KLgaeyQ
z(BPAXlJ>Z~w9ixmrDj_#YZotOu7u{Qi9K$v6X0t0k*u0nVK=BPAveum?xx42a3o&3
z%iIU^9pvMKa*KgefKA{f9}B93msGEXmx!ke6a@a!5eACBXs(5qMwoq*dW}bGCIxZ*
z!ZZG}HBNUj3(Gzvy8}wIM2PVbLJar**fQ)xql5aY8OdIFX&meIdd=^IMMg({in2aR
z7vq)sT_S2uCZeP#5fx@j1ceascQTPomay+#yred8LavEJM@)@rP=Q?*{RnG373Y!|
zg_opLxpPx-P{%~Y*=L{KT8APVN!ki81%kDo#EIu8R3f0<H`uHK{d9r{)LgP_RyF!#
z-4G6SFrWoNsUISNMlqRak3Q%iTWJbV(ozNG=J4aU3M)(Bns|x%mNgVm0y75~_DqrD
zkZM%^hk9?=up!kbo2$;vyO>Y)ILxMGX}(}li|H~&rMHG%KGr!6EazJO8O)1}`Ncf<
zSPi2JZgm`QMq7O*OrFZKuxN<$t6%;KVYBk6j+mIr>D6Z!o1e!^uBIs`^-;{^087|Z
z>k@IUWH=%yw1}uMTOuwAj0W9L;)&C*Id@0p{@qFFJka`BB0;T)C3lTBaq=qhD_r9R
zS~8=Ya0Z;%U-KO#A8Nk#+G|QkZxkHpTH0ph4Gwg4KrA=%uvuqx=tY+S!c4iSkGPhC
z#Mi`+zx+{CDm58tT|(uDC?h<Rf5IXEl>sqU@(R*3R4LeIKGhstHN;0})~sxByJ?Z6
zSgj<GaivPSL$Bj;(s9hQY@ig|c!SnPW4Qe!6Ab&_MF)e%r1bj!B^&KGl3Je*2oCr8
zCd1^<DTK)M-(;APNb4g8<A|VuPM1h_rg!5@<4EoWLk>=5<?9W)yq~mTR<8iR+6ajF
z*I$2~*#ZQuYEzB$$GNM+;-FxjW9QDDkzlF?6jO*d7$a|qc#=*snQ|<`LDXtOls-$S
zmL>x{N&+DDD~>86!c83y1?TvY^9+YFy#TnD<Z%mXe`I&#0mRihWYSOu2b?QmAgVH8
zGjo&9dinsKy7E$KJ3QuL1k4N?$h6FlEJ1zf*j$dwKp1eqOiOW+LY5KpW|6BczO%j<
zI-NCp<Q6&J|7-6KbLC}q0F3W{5$^{6tGvIYNkgnMJvy8-cS1iH2g@Tk1w<%#`8_Rr
z{^G+X28U@fX(x3PgWOK<DWt!h!U71*)&3+3h`;`jk}PXiTj46aF*IAUa}HrM(dc?l
zTGU=DUplX`e;kWS<IFOy2)Mh{j+6MztkI2&Z>>_8-X;i90M%3qh`2G(9@BYb<jTX?
z-9^j^>Xe0y-)TJ-%+wF8hv_bv65^p5YV~-dREAm#tR&^4zS+ZeFU(YP6@;3nq0Giy
z=%wow)Xf1%3AgrkCapuQ*y|QIBgA7&h(M2}<xirzK{=g6k6U+6pjId1S8waC%k~1u
zjfwa%4ezS#d59r3JWp!)827f(kO?h5imCx8x0@51(&zUhM&Lxh18HW>ivp8qu7Dw=
zZi$l%dOU$Vchh<Tadm0`(#w|4hm5y;y-IeX)b}06WIz2$wtVG!c>dz&twYC6E1Jyi
zdIgAM*Dc>kb9cb29jnJqq@)}mGEgCoeMsG>aNJ`4rx4k^g2dG_Klamw2Zd3|7%bc}
z|F)Bp$m_O?*>yWCyODO1%Wgb}<leCd2%~L6l=cd7K7m9}RL{>y*lK^0X!B~HSW3n|
z@gY0eiL4!KI;S0LfqF%I|I2S}FMXU-)}B=C{V%3Me2?v}SHS*m3?$Ic(TFhmCPdy2
z5D#Jwxf)Wv2XW~D5$N+v@xT0ZQ3H}1zNL;|GKq0WBig?R90xMVXeSiH;W)=dDkLm?
z4#|PcpF$Yt9716N$pRbxBunSVM*mV`YD#L=(a+9gAXCI|-JfK)m%fGgi=R~N{nmjv
z@AfZqifuH}?kzraIH?HC*=|Z8ZcbDaD<-N*q8ra4F0FvXR4B)X5IXx^^;^ZbTG~l`
z--}IRnL*e|lq<!I<h(nV>V)b!gpJ*XWLe9}dwmE?X3qymZ0yJW17b{WssE+^rROXe
z^OR(E;+v{6doMc%=ghVF*8MMcd&vjvEfsr06r2i)S=mY!f0FM0m$|1^by9J3o}MoB
z<M#1>H#$=a{Bwwt4n)XU(}li{`4{hhx!cQV5l3gr_}|&USaFA)xI`f<ZnhMG#c{9&
zq1=Rs3qoE(96Jy{6Cy85*Y}C}v6`_+iS%EkB(oEp`z)|EI}?af><ioOUw);8Kgo@X
zz1ccY0HGX^81ieimu6}DrZ+CG!D_D-*9bSMT%n^b?(;hkg{KMem`)*z<p>dra;(4v
zLg8?{3M8Gt4f$J$dA4<#k1&bxTa6Px!%lLoka0<!5dzzUu*?p`u|nv-3*zX#!F->k
z{+AMYzG_k<JN*TZK%)2HOFNw}HhafUgsjg#pB8`dlZw6HI(W%5ow(&s!hJ{MJdUQ0
z3pUneS`V{+#)bIGg0U@#)K^G<Nx<h2=TRDsFq2rh-y)EFMa<Ds1t^m~4tRG~*9dg<
z6-Wqw21A}+*agxTOWX>f@Cy)Ee*_Wn01^J15V@A@14P!|4xw)>gh|u|W0^-?>y<*z
zwaLjTX(zeX>l~7EZLZdO?L!pxdk~r<#8tkkOZ`baXD{D}wO(sVh?ANfQR=Lp3h^l7
znaHwUh#aMzI2Yo@*PB5WlduzMBV$>kK#lSnA)-$pQA`jR?P^G^#5xeMJ^^CjKm+Dq
zeps<zwGId)gmp10^L<+1W3{fAz834Z8t6kLW+^1*MDTNR^h{#fI+}+bTZB5s1owzS
zM_}j!2D}Lol91E~K_E^J5Xw!61RNmrDZ~Sj_zH<R))gX0?}B)|zW||d3K9259u7is
z(*v5#O%FQzSyl-BClCo6A(DLsacTAbmmC(Oa7jsHkI$#BYhe;;Ct21aFie7-WPu&+
zq!id0MB4fghBrcJE`rc`7li(&K@i?mvAacujJ{rO?VY$g-v?!!iJtp}jk^QFjavug
zd%F9Lt|J`?g@oizcrJmAuag~!WcMNdn=6P%_REmyop&I0v%~66(}6Iimk|2VO{tJ^
zpTZ`DU3DOiAVMY(Cl4Xy3L@ehBGwIva96J&5*Co`iLQW*o-ir}4oIv0N!;aXE8K8_
z9rr1$o-hJW-Dz$>#F{{&{%JxK`FjwW2Z-W-15#?jONi(R5z>LIsMtmPKdRW76aR>=
zKZ(d!Z@bmoda``oYKZ9fAn6j&hY%;H5D^msxDFy0KZ0EC^6!CsEQEfAxRi^=^&v{g
z4G5hT5YmST??dVucuj~{zGiFEmhOKUGpcH-ui2?Rfa-NtA)RhS7-t`n1-1`iB%cPM
z(}a9Y#SZe8iapj=?Dj8dJBc-p<5ei^F9zZB3vVPV3T-sbE=7wS>8=prR}d#JA<h#*
zXAW_ffQYgJB5gMyp2JIs=XnM3FN_eECJ;uDt8ypAtJ4I+Vje<R+fs<Sph6h^2%+#N
z5QKpEnGkAkgorpoga{uYhn*5C#C-$eOP8%im-a6WQ2EnOQzGwDl2wOexXtB$x&pK6
zh|2LL#HEB})$v{kbFC10TndSrun+0i$+cn+2*MM{lZqYW&ntGOVuio1KS|CS8n>cE
z7f2z7aK`ya0$s{|xN>Wx4upIxgc{|5i2ej3$^ioV7Km)V1>%XVfQ&OUClHtB5N7>T
z2s2KI^D9Vh7nKkSZ-<CJhlmS8ZbQVnf>5J;fOvY^%ccEGGd0|(rbOa1B`$Tc(}85E
zUjgy|z7gUduMno*hp@Ukkn2h;cfWc|#SZf675g=WzN?zT)_Ut+JY&o=yvN3w4zYDf
z%rx<2V}60as8*=O++Ptze>)@=`nwIGa0+pL3i0>?;^Z?S)J`Engr7plyC8o4K7?jM
zJdjg}2Y3bX*c0M7hs2ztzk<*|g}5|A4#gxO?EfXidIi7WPa=_HN+h7BghI^aIn9pn
zF*{=Y2}DSRWc_mrao<0Ic+P!DqdF~+1+4>n{<YRY5u3LTe%ceFwO_P7m0}Hk3mjN}
z-k_+NzB=iS&V>kf)tjS06MuDM&4NR>xP}uy1-e9mnl<~I5I3DbtPFVyu?fx-i1C#h
z5M#op5Nkc_@6&foh$X=iVj}ef;tRkj#6;=?#8`Af{JagZf5HJ`B>W0uLB)X3IY7t?
z2sIE<Mu_u2flxk$fXnPD#K|edb9f1n0DsL0acKhas1xFL9f+&8pjp?y{P*u4e-*Fb
znG!~uDaoos8DXDec9gZ69mf$uX9964Ahi<fK>U0O5dxw(pF*6x9n!Cp6GGNQzOZ5!
zsElX|U$mE+R{od7D5m3ogN%WBDSuY|&xbf}$cC(gIDR<98?<_1-6Fk4fIi`wYzSEo
z`Ks2zx;+NqnenW>+_GiMmMvShklkKx*|KHJmMy!z+_GiMmMvR$d%0!HmMvSh?DlfY
ymMvShY}xJQmMvShY}xYN?d6s&TefW3vgLniaZRpR5dhEt0000<MNUMnLSTY<(!?(S

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/btfs_pool.jpg b/docs/userguide/storagedriver/images/btfs_pool.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..5295b9fb4e320c45d0ae44eb9eb24855782c324a
GIT binary patch
literal 43267
zcmd421yEegwlF%ly9f8+65I*yKDfIFcM0xJaDuzLLvSa!ySsZx-sF=b_n!M#y?TG$
zdOcM=tC#Oyt5@&YyXV)^uPp$ow78Tw01ONqzy$gLeysvT01#lm+wUF%0s<Ty2K;w}
zgn)p8fr5jAf`WsCLx4s>LO?))hJ!=GKth2<12qIB3@i*ZEEEv<TgjiI;E*6eGz2(=
z-yHw%+OJ*!8Z4MBcrpYS8UP#(3<3@8S3iId00saD2e}6LM}vlef(3(s1c&>z0)YLK
z@TT$)DgcG3S?mckgfVS*^xvtB^#=gJ)~!wZ<c}3WSme&F2LHJgh_m0YqkfLZ=jU4-
z$b;?Az2~@57!)^a>~4|M@rmlKD6)PZFd$4HbWkQXaq+wy8zaWJ!&?qx+z<R9PhTeu
z0EhNWXwR2;P$@Oc+1(rhl>7+>Z`tD&5=?2~?jLS6CaXTzwX?z;G%I2tB@7I8{*=V_
zR9f{<e5v79z{XgduJ-3xc_Plfj`O_L*tm!l=cU_zbc%ZDc<ZW0*_`U)fgU{@CQe@$
zGG%z*+{Bx3^TPTRm6T7X^Ln-M!|r1{Skq$9kH;v`#Q`|f&4hj|oPZ#JZR3?7|1Jp#
zLP}na6J&4m2Z8vu-Y8S<!vF<-LR_M=4Q#;~06twkiLbQ_0J6OqDtt!@fA1em+RK)R
zA4sV}7M@T6%erZ&yV<<@ATPk|4!dff=oram?*P!N`VhAptN^0!Y=N$}PK}=c2vb*c
zxg35Xzwh*Zhl`2;8D4=OX^d4%3L1ZTM7sOUH0;L=-dE;2i>^<H81Dg|cC~nkmXKxN
z5M7xPca)GHh%~*mYfdL#h5mBah~ao!V%KreP-mg5GDP5R=NrJLYCJ&j`Fsu)Wx;n>
z)(WX;$w`|%`*t<p!*evt-<HCfJL=@qH}St@^VH5)m+kdC@Xtm<g8dZ>AwkWpo39+j
zbNF(m6Gm##^&4K)C%v!TEC(b=O<gdD9VRT;59Iaikc0b0@lr4Y)+fz$XK!DNu?MBu
z7yb%~FyPI6VY3}NxP&949*RBkl>g94aUr?zIo9~Vi0`k!gph4yWBPJ3xMEFMpDY<)
z%G0C%i}(fGV9ttdD0{u;C4UP!aq2DV?@5(9iMttOWiReOu!S4lp>5aG#eTf5<Yl@g
z13a%q=AcY*9f@76Txh3Nw7+Rq(BD9O&sb~<;VGN)_r7RsAb%--2Qj4c(f$`eNu{sq
z$24yFo@)+DyRoSUc-fo{t`Uv)FTl}3Os%OoJC)ft0B==g%L@PktAykH%-M>f*;EWd
z-S(#t0PwD~mX%cIVa*6e%_a<#KTs?Zwv*nK_vIFc5}}IpSwR2*iHq+ba;5MZ^IT=_
zD2N3>s1;4N+!w7ga9+Kve0s4g?GLcV?%#(JyQpiIw6*qn@CPx0cP_|f)xb^`Zn{3-
zmUeZP>;a5UWJCnmA9klApjYB=erp1&;6iFSe-GdOi4~Gg?cw7DK#d#kupqX-Zq_NU
z{%%?5HxsyE$zs;HyYtV{CE?2NSzULZQK~M5QL3vpdWq3%oqn?b0E+iioBQx7`mTdO
zBX;oJj-iOcRJp0tWJ@0u=+?8PKX@QUN-)l&1Y9`h8~Kt7DVseuI>lGN&!2yegQrz9
z_5XthO0%k6o0(LrvJTr}w!~#)St|fZ>8#}1%53WoIsouIFPK&J!rq3~{4>+HWb@rr
z!-s`}vj+p~#z>>TSkRD^mLgUAPEgE-mk1hNiOtTaspzztisSyI-x_`5lI5Vri5fbU
zm!CbkS^U1iASf|TN28=Oiz4gBL_PX?!>v=K&z?1DBG3bpK{O%5K?&>MMJw4LpBhGi
zk{aUZQkc?ss&$>Tg{ipVC~|86yNr{fm`QVPGv!Qn^#`D&iYaIU8}HP&0ARdrVXhsr
z4>-lGCEZ?j>=}aqfC;rLLz=}(s}R^>-u**-gg*e#)&v=7IbYf+^6{0k$8ydDR8#Zj
zIv-f=AoTCdh(J#0YD37ZGwbp+a+Ecu?cXugdy_AfHf4zmfokhS=*HTW*e?L(?-~R(
zU&D6|JzK6~RohAx{9qr-$acaCQh?9fO*;QP`w;}fAr*<!61<JG&z>5IVS^BOg3}1&
z#BB1FGeklleIhX;q0}HWxOwfXIt{?6bkwz^;;IJ#(Awl)qt>4!=G=N5*?l6mFRK9g
zxwbRY%ovGs1c2%P*y;amTk$D|*dIXY`XfOQuC-RT=4sA#_qk_)4ghdCP8>T>v7G;G
zXbRE}frA@8xcfwaje`&|V9fIL3xE=te|Q+fmElfKaPxY2xp@A##|nysF?+_8`5vp3
zXkZ6O4Ai`xpI^EJe7Rl^>rbaQSBL+^{@we5wlaLsUiI%g82}Or0vZMk{Ev+c9QAMJ
zKfYlWX8Aw>N;<p&0=Ezd@>bnN+WjN7pZ3-K?RckhKu9`nGtxQ6Z|YUrno1fgh9-+l
zj^5jW4xt3Y3jn8e4dg~6NL$|%Zxnifs@9tawg$4HI8XF<8g@EC-&+mU-sD&!1lZ{_
z*8X5lPl&HpIWEgRz~i(7qt~Wzm=VR=v2S1G1uHvXSaS)*k8pR*o?o6Ph#9H86}mG$
zydN=pxF5=3bTgshX_gKQMy`p(VYwI`r1~<jdXP;&g3N&Y`%5VZ`kzs1-aax<(NyN&
z0Z!+t$n9JJx{hR0cnbi*Xpjqj4q)+<NL?TN=z+%HWcH(|x>6esg&M$tDtXB|09sIw
z|7je6>{Ir6(HsEfmu>Rx{?`2NFZrPYINmQQ{`T+Y4OYzo9uqECJjugGMd%DA67%~4
zXfAPJ<0TSGZHNTcGkujexFYpV6Q4k4VFc!dPU{2e6C=BF2fRPH>ZvR8oNfI%6U+|P
zGRV!thR73B?BC|>{0UywAgU(eC*>JmLb0wUmOXSqqW*un|8207o@bLZh?kRZ5k{%D
zkMrnHKcUR2aePD~p3KfVs&ZV`rYra%(iCIzopHGq3q!T{m_yAD)3;7Ih5i%w@*ndH
zy+HgfqR^|+D)p19zU>{>Ppfv|1T(~>zBG(-E37BG$@l|rF>iRl5Vi1(HJxq7UK|Ry
zn&MQOJj70w=(XIJ@1m6*cQENctH2k1lW^ZR35s`HGAj?)0R&v4=|KVeUvFUdi5%X~
z^=2apWw+GxY7>MT`j(aD{8_i^UoWxwG(K(h1!6OUyaG$md7d?sO`#Q6sP?&HJ{925
zB!2gR`^wfR&`oZfc8B8q{M7f3o-58!IFPsp07!ALwYKDa4}gdPX1o4$DMwDbo(MVb
z_6G<UtE<h;E*JxdHf-9VVnO*z;Mj26d|RpEJQZWZY5M~JfQHv~(h33p1<2I`S^jTi
zz)<NC?neoW-+Lg}zU86)p;pcDSAr$G)!%oZmO4N9kMRva&_32~&5_p9kssfa9exW4
z5jl1Y=vaNA0f9uJ*`cu_J)osdd#@|b1wlEmKi|-u0|2PJzLV%Wj7=nvVigcz=mCI*
zv}GqmzyiS4qLYK3XHE9*0BG-bMrv{=_KuZH-r`x80A7cK?>`wVE&{)SDmnm<LMoX`
zHuL%RU@V17zq`8H#|wg@8|ABjuK<g2UnDZ@6S;UKHU}|?71Ut5UN5Wl_&jd6{uutF
z6Z}7vE^x3vN*Ba`DP37+zY)atwmo!t{-A(e%#v89yMs_LU0Ej3g@xWA5X^LzHO5jN
zfj^+C?V_vx!{9fm*agdEO`m~y0MerwL~;+f*gYTKrU9U_;`TvSk&x=hN&1t{x!MM(
zz?rjhC^(Xs$HQQj#x>+{PGlmhz#<^^LF#1F?#sPm+qW#&4vrkEfK6Y*uoXi~;rcv1
zh6?aSaTED?4csS?;2%uF&;&tywQw6ATwe+x&N|JR#wH?L`4bXdfsBB>gMP06JZcC6
z06hF#2T5BX0O{5oBB}Q`%GvAN1Wgb4?Ba0t-eCA1;7|Ji>X*pRthj)`bS!<4t(;)(
z%6<>9&)^~`LIvoLyhgD1BYE}wB@aQ}cbS<g1lDD<<p}x`yj=6>@~OJ{OMav^>?LG7
z(^8u-Zr%{U!+u0CnZvpog{2-i!O&!=5cTJ!A+CFELnPmO1jacdT!Vc2^TM$CB~@<a
z2k!cY+gwWang6<~iN!8dZhiGsZWy6%f|<-e?Ft*u1q-sB>C5s(7Hh?*!2Tz-bhjcm
zf6fO~tTN`0*;*gw8^$avZh1Urf&aw+e{jPhy~S%~AwtgBVj_JdR;4q0`99i_1ZE@o
z6U>JaIIqeiKK2*iUjRBbL{Fl9V^h@`a)8hAgE4XzEQ+f;34*svfLbzB9I<_qB9<qc
z;*?vpH_m*`z##k<#KPF`W%a+`_;v?Ep$Rl<-5UyqZYJ|iGSD~5#`c(i8r~)&DI7Y>
zx26xjonjdXhR2kQH<lPW+`?;;Sht61|54}C66tmJ?oN<|-)oFYwbY4fBID~303cdc
zR$dt#y9I#JsTH`6`CO0ebef06DGC61#v7YjTbrK&ybBlKm;dkwfGyH1bQtH@^ku#r
z1<Fl>44Jnqac~>FzkAmM+I*`tzPb+yEr)X7PeW(qfv9*KS*OefyG#C{rTAZ!1CWNi
zQ8FKaPar-Qyu%Ht4jU2S`z|B}84v>9Q+F7%EerDZ+W6hT9;VD!3IHtg$}02yp!;?N
zS8rkg!>L$`mg%?GQqcO*#<$LB%>ls9-(Qh@3?&BDVVSn%cSsvdHF*+k;^C?Q6c5vh
z3<000HGhz{9X|Kze1mU+$n;#-yF<5!UxUsZ1hTu{9uui#Tb<0NvPIKaP0U{YFbyE`
z_4Y=o*7pSo{!4=Zl_@S%0O&CU7z8{t#9wz>P!N#NVBjzS3>*?zR5Wx<ENtcv9HcC)
zY(k1;?40D3BBBNq!hbzS0D}e9`F%Y;EB?kQz2xz`6`S4m?G$To)^qz1-O8)6#x6Y9
z=03)SC)1Tp#CGlftE74sX-hZhTANIwk2`@`&y<cPY|{5uRnMd^n-qfDd!eV^ac}ks
z#FaN9_g#{{%_Ara|5r%~<EZTyCnd}^eGKgeRRncD$`UjL3U{>BVhksX1d<E!gXe0O
zL@Ft5jz4RKzi1k{-ebH09QTYx-|KKWM$1J?)-%G{T04)tSr5Pwj5nlVL%stK$)Z2u
z@qZ7Iu=RzeoNNY*&ZqR7!3868;S5=iJPx}jy(F?H&4gwg9s!pnPZ<O5_P`qLJk__6
zPGb*_0;79B1fv`Ugkj#HHs^jkBl!!1ejA%(Phh@yu<NM&l0%xagXw-`ZEQWF+^ZOI
zy(M;B_s1dn^N>+{C*YS2<^cQly2ooN)TXz}UjQPEN-y41?*RC<t@dJghcII0LUeqY
z+H#q%I;7?Ar_E2RmXXudcS~A$Mi7@6m&pP7`mTyU*4Y;2+bkz$<t=n<J8}v&xPU7f
zl`2IQO=bEr3~Z=DK8J>sdxiscU4(VjkkuPZPuD{o8Ao1yQznz5s4?Wf0HPWO7M=yc
zqOg^|%oIPun-K&;6a3aMaNCE$UQ^f63i#a^do&<}ylwmT3dAe`31qdquaa@1H&5GH
z{sjX`&{r}k2U_G9Hsa#(Z1CJe<F-+mtuk2fOBvEGbszRhaZn{?38D+W@;XmpG_@A=
z=VDsX&Xq1(CRMGpGrwi1+g9%O`UYN-4sEvFkp4WeF6)SF9_FO>HZ}SfmVkKye~l3#
z@Lms#u4AvdEHyt*cO>g^?zvW#h|)vWcZ)xN!CEnYeKo!;tyV#kxD>!hCYfeS*ti}%
zfNUSPv=&K*n37(OK4;~>>{>IPcRtKHOs5#<R!JF1T<4k|y~F%vKP^MEvtmd#-85j5
zckpvZ=7)3MCsW^Rzrp#{FLcwh?0YlRQfe@WQmA;o-`%{woV?FYL-XZ$DdCUL+qKk|
zXmQ+Lng4X0wrf0ncBVw~)?T$1P#j$?bJRvX(cCnK>UutV-!8H!E+g<UTCbK>!?dx+
zWlz8CvIDEsDA{Mj1t{d=+q81SG;b<A%0(-+snW<rCAM0%c03+-+wb+Ei;wz9;D*5G
zHI_vC9tur1L4B{V?4lqM?E@`EUE#@sO+D5c?IeeX`!wT?jeyEhimp034ev797quQK
z_5i&3geHa28L=I9G3j+U*Zmz4YGe(#nh&|G#jKk7)Jz2`heok2VsWKD5}Zps_HhX0
zByAr{xK(n1T(w{r>VaZzbfu6LNuRZ88v@LB#3#e}Z<wbVF1M3k2SCqguD<5H4m&(v
z2ug(b6#F59a_bjBBIpffLnOA_;f3$-i9D1Tg#W~_tX$9+b}=|OAo=ZVKOz`f5-#px
z=Eij}c4MgH+!u{E2&KhZWBRacBTy_}t*uemj}z_%r6ZKscXtwtP&M^+WbK6UIt>!9
zL^D_nL)CWWcsl11x{R&8DBBnBA?pWgw|n<(Zc4W#9Ks+@`D1*Lp5)rhy~)4|tHttC
ziFHuyXvhem6e9)2$D=31)c$V`)K0`G*gT`tgFs{Z43N`ntD-Nj{7RyydX+p6E)Sk%
z;WM3B2cWCt+v2RLLq6GId_RBlaTLMFihQ1itdZ(`UwE~Plw8mymLRYp0+t;)^K*yC
zC=+B+5A8@v!Xia=#^00jV~>!>TJK9ax8u%Reng9dTDzFK<Nmzoq?dMQsM$PFtD&$l
z7oB6Fv3U}-5H3uxV5ym%YjKEhS&4Ww2Bj6POS5pyX|J@(N3=0<B)&vR2Wd+I_?Rm^
z%0bh7h!Ee3IeI<kMniFKqB?`#8z!K85iS{qo@Y6K*OPH)FQ>XcFyozgw<43x(v+1Y
z#-t`)R{Rg&p0cZfQAsYsh;^E|?^CU}e-u}v?DM<((HwP}J9GvHrX%exlUa2l{0m`L
zCkc{gaD!9DW@ElAeWv$t4LbVCkLI-RSwW9@)U&{gW})+4)EAvCZ8)Br+A{B)atU9Y
zrJM4Fp=7-#zOwt;ef3<lY?W_1ZLYJ%qt%*u<MEoT*l58s#=?v4vqACDc^Z0hk3RZU
zFDklsMeWCOnk2TXiA0C8d*{PV`O|NI;M``?oha=F7{7yd!mGtF?X`XJXs=^A5c;x^
zE%!V*Sq;d9A8%?1oelguJ9b#!cwYQpQQe@me&)t<P&}N*AjbdnmXY-x;5YsS@WI-u
zKP}49TdE)X9R-f-D_i&ym)}!75XT?)DEXqgwGZ?5olxblO5y7+*%P;zUwr%gCa{&y
zCpQL8uqo>V{~TIC@4s4e4U@Gs+P13>gWUX~Ek3az#M!+5rMtv<BAmZ%S1gu(<P8eh
zkO3fE7&B{2>ZEc95TWq<iatwRtDx}<uqozjF#t*NRV}E+=wU65y3Tr;@8jt5{j4IB
zjpqKgpzved?&X?;35p5-j6gK|ZrG#Oqd+(&5n*uuNB{?qBq4d8$45VB7}e*~#KWiI
zPQna83|G04nkFrE(|1jaz-oKk#U%A-{7&6_>%^gzwCPg77RU0cNE(5=ZE)~Yi=eMI
zF;MBe*fZo+I5y?)e13}ZlkdtA=qJo$fr%yHwu@WJzfOSKD-{b$LYxQo*Dc;7del-k
z>sYjWl)-NJZbE|7K=M6MQ5dO?u~Y?*{KwOm)VB!Fp`R~w`8(KjMzr<hu>?4lz{{|~
z2rS>oA)t@*9KtHLWvq+M{3XSY4-NK>Dy0ooW3hkNgGdrD(u?>z%W@+}Y2EGB9EWgB
zvE2knhe-6^T-$#9eYk%{>7F)LidHqb7p9j2+^mVP4u1TkFjI2hJFk0q{p7M-CtF}{
zvd~!i@#*>fko$(F=X?5$o?`u}cewWNA7(p6d~$~5hBme%s*fdC=Dn<$s1aY~f8v>U
z=wIXh%<>WP3F8f9@KYShK=*PPf|mRR5TGm)G|I011?Y;n()=Hy#KrwD5$Qr!(%-YY
zcbl(LAht3O__wJ>Rzl7xHI;PW{TQ>Nw~(JcIe;RmO;{v0ccJ-(jO<7^3E3g8D6q=I
zY1^@$GvD$Y1&;wiOcADGxQ$+fn)zM+!l$!R&Qy$x2DrM+)ORHbu*J3FbC#d#&yncO
z1VLP7Y54hDUkpY|Mt-oG&DT-S+jvWS3a`;mc3D`q*ZZM}=AaZacNrtgEp!tqGQXV^
z^~s8BOGd^?Po`<3s$i|0l7;eUuEkf88~1zvXl~b9N~uY<IX~mKkqKc|Xt98PZPASE
zeSEHH=1a0^J5>yiU`$2vS4X{KmGMCSs8Vb%{b)}YloYuf+D@SlXZP_iA3ASKKtHLt
zb#kg*pf~Mgrs?|<!eUf?rXLUxz}JjpsZJ~FHaedgwE9R(U9%zlLxzWR=u36vXbg(q
z<S)%v*3VwGJHJ}H)t}ov_*8C8HMTE5WE<0zLN~LxTPN-n-Y;~)Uq!7zZnJQUH4s_d
zcUCQ5{Ka_u@YV4X?aA1MjTk{j6#lIHx1Adg*i(eSf9e$MJshRY>!%B^$An&K1A}uv
zCDHb&o%qvCvzNfafAyf;VeRGR&Wb7Q0hxi6?uJ@Xm2z0C-I1l0%Y{SK6{WGpr!w%|
zhS=KRRqXYxWOWh4m6nFQxufWT-8Cyoj{h&3Hq43>ddh^J?#@v^uvYOQ)cBur%Bc0N
zG`xYDn4j50*BZtC&;{aO5?J{5(DbhcKuD>0v5Vzg^noCK?uMYUq(Yi$1-{hUqEtQl
z_6l>J0c6Gx!PgIlkyENIa@-4II5cYQfw(4XT+ufbgfJ5UF^N}ELxCiQC40*gC~T(5
zW*P(YIZj^Sh|={9VN-*d_@k_??^0ihheY)N@4!^IMjW4IEz8Ka-4|$RqnXvlX9Mi1
z9MEFkJ7jak>@`E%XYIv)-y@JiA1+l=4xg+Oc&8l2n)BgXK_5LUM7Dh_nI@vStF*->
z?bhXvG%;u7l<4<4^{i7WlXRV)&xmpigO`kPTT961v9fwVE|sf;S)n-G`x}v`tr*p$
zFJ0R7TS_u$@?|AMBvY)luMC4atUuD|;)bz?H2k%gGLWQN1*c2Wt*KRkyulITaQY0r
z%pGfdX$mk3?o_zK^#P4(yBZfZ?x=+|Kc-C|O6~O~Jsz0COkADCg{1@(dfi+-=B!kR
zQ{fxdtgooKV=AKDG4LB|M|Wp)V-Q0VcX8LFu|LF0%SA(!a?e;6MQ5<J?k7C$k+2UH
zJT2I=W^-%ozN*NNE;RY3TY^QHp!v+w9*-_@9wKIou>#6)B5sF`g-io35Xjp|6PYX5
zs|k&Nl%fuwmwyuQsw|v4S*Pr!i=uNLL+-!z^f{L_Q@)i-B)|&ZM=)N?j*)cVH^}#g
zMBX+xdSV*?NGzWiAgTj^J*zX%`lL_~uy8;iCkqcmA-72m{RL3_&`S@8bsYu3wxWJV
zZ6d)@lxIyXrhGVzYsJm!Br?8is`-W4&4OTqFA%-roa{rkHe%GI=p21<+f5PjFF+h5
z4tc-h`-@H7n_>?R%9v^S-J2&iW6~P2q}+D1v+s@N@=nEl;!qnFKU{@iX!^>;k_2$x
zeGX|r)X#F6wu#o^4mL?06xN-Ocdz0J6CrA$fVmGf-lo`PL?Y=zNnjpL_KB>0&<HnC
zEsLvit4K?*bOMKDp>M|TY!eAI;Lhe}@zB_ohg-lvq9EUCsmUB74UB7I$y{x*JBR17
z97NW~OKAVpkEnn;M6S$!!1zQswu?ydet>Y)fx_38L0sm2-57dZc<~f@%AgSqRYM}_
zZU`P_9fT|#Dn0BeWXPMZP+x8M${dTeY!>%`ye&d{2<AJ>=%9Y5sakIl^7=ehc&VEZ
zjP`o@eC5=;9<`!;zWpEsK7niTOk<A+3ay<bdtx)#DxtRRk}Dq1iRdJy3z-lpYWitd
zDpG`KVF)dFrm5eBR%@4?%#O7>uy&FZ2BK{jxdqLA{!nj0iT;DN2a-8A{)2paqxZ^z
zy_6B0fS`|e3batYBDcyf0Kzc$Mbm2KANhdzFZrOdHO!Sj9nX+oe5`Q8NC*t9`>yhN
z&)9|$LH+(Ec{z9h-7@XeOtU=117;YHNJ`@w0Du(hD}cm-mc>e>;3Opu5^^|mB7nNE
zxI8ycogs}+b>(J2HsvGLjjCc`ik=YDvSONI2oX0Yv%*$c_fUuN8wN*+-{Hn|vyXDB
zh>%AwLq;-mLL=iGy>gI!=3#y&u;C;WzW5x};*||oTF-K{QfT~i0>du5?}#kD<=Gak
zxv`JCrcbe_ax}@xc|j))%)(0AMxF#7XH!NVyryF{;iu4O>B={D+*VM%lN1?nFyxLA
zf%da8=HYZ)-@$IP%tKLn_w6Gi+2Bo#YFs|GJ;%^Aeb9%teO~YCK)=Wq=My>sED<z4
z%cxmW853*c3N6Bn_}&DA$3RLG?)S=4y#~z8b&4#jnljyPG~p6d0d{cIC5XjAbWLGG
zbv7d8wdYD*j=fOX#P0d>4jr%POb*^`-84OPu?_B$)X~-ibw55&vGgJlVO5L~G)+xz
zy&1Ij;f~bNPtVkOz<?>|e~wXXbq^8GFlm)GG1719>~ro^iw&?pt>h0TJ)ui>co9@?
z%?5lOkv)ZOK2{OvKfk-&hegg#{*k-vx0{^}!9Xg-jK)`LdOc^0#aH}3P)1WsTRjQ$
z>o34gW)3BARr_Q%8FKiW-S9hi7o9+tYIv4?gyh^3tzOwhL0NrL3HsAa^W<myUY~q|
zqJ!~FH;wu<p}iV4QEB7bsN~4mGQ}(Jq5`V3Uw~WfuatMstE1p53TaiUg~H1+I;{KP
z&Lz=F!Oicn@C!xh>ytkEJ=5<af_~<adFSN2++$2Jk9CUPdc!HCYX%aP-^x(-EWDtm
ziV?iPCBAFUw_RA5&+rr9OI=Vs<#S6gi0U-g?1J6g%BWH_ID6&P$qmzekay~z))yW$
z7-nSa63%G7#}RN@T+^!?^~}P&(V6o+o-eOMQVlJ3&^Y1?N{lP-phS*)in9tRKq_NN
z$Fx~Iyv{4*DE?vH2DV;47bQw0)DT{E;w#`;9&UTyFi|7CxRFoCR4eV0*eN<&EFJP0
zipkHqQFGZKxB^{EgjXpknyL>?lJJuEU<^x2L1Co$x>~L@&Np^|>K0C0zggtHLdF}?
zt;sWSW%GMDT0a;D50Szf&qV=Iwbw6ce#GswG~TMA%NluBvlS^jz=ozQPRvYE5pUS|
zDb$DVfp}!apz0?CpEUC+Uu=Odqi{a=k2-~(qrTWQp##X!u6GOP*B8z9u`cc2UZvTB
z0S%#D&U5<rVW-4HLXuP{mAoK)p~Dwmt&Pgn=ApLrF8&$%6=WW%NQBgSN;2G@kbjC-
zuI{c&_l82nW13-Ht)h}lcA7=i$sUL1^zq4RdlRAT!wP^BM%B*XGy0QSyl_FqO3W>e
zF7$|+Id#1(o1nDp_+hxn<`zjonWSAOr5`!Gm%}FH<<g!r(@TR(_}iXHu)b6Btb%LA
z_ORe_^G|7ns+G5LLp-1}@lz2-5;~4EB^el7loaS8R`Ct>vxSZHOC&yNilixmZM3f*
z=EH86rC}dL0bHYD>1OTlk^a5KDaPw?DBIHN(<lv*=tqTV%mgv#>ekWY;&w47N&RMQ
zBqPS$@>VAzIrFwZESjclB)^JoKj#S{zp!(mZjGRxN{4MH34WsG+DjC}QgWfK+e{1Q
zZ@J7UPIo(V<iUB<;_3f+LpuKC#A>O8vo`vgS(Wb9pe{I-LGlYwwE4V*nLkG{3RfSj
znyAZ@*Ca9!lvl+_!gR~B_e3vb9dG6~jlA$ey0R(CtDISjLx=0mka}uY;|SD8O^yy7
z)oo+y3Uh7#2alZYie&jsN!7zQv(OZMAJlXEJi^L5kwy?x%rM@lIZhhhb6^N6<3$v-
zF`|p43SCzBP9=>C58eB|cqu5W{oFGqRurw0=~)RIwI%*H1%(5skWmUwzqz4L@Q(|T
zqkus$aqS0#Y?W&f>B3qHZ3N*FKaRa;{?6uSX!5Y){DwQ0&&@89KLt23+4=(x_7FG9
zZ{Q$Uc!C;?=}W>!pU#5A8I~lBA1}WZld0+;8QsZI_2${bHfx^d;ojx54ntXe#NN)C
zhp!nVUrI{P8IHsc9^0v2=e3W4qp1^K8rDo;N---R4y<`gtz`9l-<;Jhg)&$-Heanq
zdZihz5J{R!Wpw*2fHU$$COF&^<$(xuZ7i*vbX2^hYumg!-}!^%y~1VowgtkJ+#z+(
z;|~qqy(iD9I+tMT$~R7~1IO8UN6ay%j<)3HliS^1G}e>Ki{ykxSSwNmR4RHqIcYaV
zk>!uF)zrQot7<G;O_t)*QBl6%j^ggHD|7;aGLm#CmRtJ{*GE^Nb#dHlcYzo|g#2`D
z@oAPz#MwkVYV`6ZGq-t^Z&x(b@T}4O2~m}agdAR6&ih}pX62~Xd*@H`R!HeQ9wr>v
z-Zn>ypwp@!>7V(^Z%M|$MNyyHO(RL@eK?E;QHn)SCUi801RW0$klY>-c4WPG54sQo
z%I}y)ezN<mR*q~}|7=^!mYV&pp7^6`Q%nbsyZ%T8aS!vZh~{f?`Stj@VA+%C0I2Io
z6I9+B#CW+dyP2vsscK6(&Fk1i@@AvbyHi{VZP|;z3pnL9mt&um_pMx6E-fSJ^u=Cc
zi^$H3zdiAE6{U>u!4@(r^MTvNyZK6SjVz=hwN3N(3!tp=&Z2lBg?a?a$Haq=?iZjY
zmO2;ne!3^_l;7-0pE&<MH!4T&XUKKfszQ?#red)g@d|L&`nKF`{(0`x%a7L_U>PRA
zFZ+eiN(rjV(_#ylm4EN-w)`Ga)ggvL@cZ|=0;(pHUunsbyA^%`Y(eibbbr6g03CCL
zMMi>!g$9QJoqPd}08nV?&={mFBxJ%$s)i0psF>u;tZI&*<7?}_P0wIa2z^vkb_z(&
zEvWDPAff^^N|@b-p=1k8%<H>i7d0@>FT@txxxV@9g$JA<=!Hk22?>O8*cy8)dWDX0
zE1A;4fY-dK$W=Q~RS==^{|5k@n%uTSzm}n~fNr2&@|I5ILZ!}jOaN?8)w(cU8X;tr
zi8Fd@{CDXCiT{=1Y<1{4FXA-qCmw{$47vx2Il~B^s|z&7q$}zkos!bZ_m`gBcMSoX
zs_R!S;qVL%oRiGjNy$E!0U>)E3jXpt3ZwPD)BPJ-4Eg7WFvfkL6C-AmB)r#9C+YFP
z3Nn+OlLU0wMDYlbe!-=lPit;|Jay4d$Y#32t#)eV<W@ZvFpNqA`4gISX;h(QEJSAn
zYIs7k(x25*<w+_>r5q_W2Vz+Do-D-Pg%r#ZCp$2<(hh#~80eg}z(7A;Xf*xe2JP@p
zJ5fxS%%OS|I!Lu$Of$p+At;=UQuBmsA0ERlCRj|h{DX)bdD*HuJXKjp!77~BU_=Vl
zxu&?$<KD1cyLem8T0c#=Gv&s+AdfYT4_vPECb%KTN2;d;^xjFQ2nB~(Z~LmJ$lFux
z8AC3QK((eifP-_ZgwpM-R0QfyT#%ct3j=>J91GsM&v3E@ehZfH*^yzZiui;lx+JRB
zq><g}u@`!K?qv$RV&1zD-k@5S<R3|WHr||P?ry2BevNy{8W!>J*Xp;l>#r+rmOFf_
z5on6=H|uRD$}nkkFU2O2j;g)v$8u)s^U<Ua6q3D;WC`VYZM5Gx9cn^opN-ho+A5^*
zLiIY+YLb;Nw6d%5M8z;ZRkL^HVOZ_Zz^3bHRTVg>i@R%_UCbWlpPZvK-5s}n%Jp$B
z^*#*|oLs#Bo}TAtf!n;({R?msxk^K!wtAP+*?n4RZmvV~+K8B;V)-eza4Z*#Rv4Q4
zQ^IGRw#lM&b4E_)<i!UpSIT<N<kw$-pXH<`@c32<gsz4eUTx0zF_;3<E-^%hNxH_t
zl&mK*pPUSiEv=<JX|&l5u=U(H3u^Tm%^TDu#HhX%piTQ|+Okq&?_>ALFT8fR%$#@7
z)^78h^2>bu(!~?fYh-P4$JT<JZ9s+hsymV!#yAbMCM!h1#+E2$Ea<8bhia*0G-g}x
zPqmjen=-9)LYHdrA}{d|C+(0AL!Ne-_wW7SxO1Xysy716HlU1}w++n14OYV5D`9A`
zM*hL_3qaM@Fds9FXfQy`y566al2>t%>FZ#-;m(q0tyPb2d$>N)g4db1>1kCI2;LO4
zGjT7szEQu5aclECfR31mUKmiVR;%tojS(Hqs<XCgjA|BF^9B1e*pIVZ?RHwJwxv|)
zz%e8(JI-(ibdH@ufg-VGyyR10ePv7sQd>zf^T341H2VOszA&4BamNMt(wK#5%G?le
zQaDc$m7>|AUa2LI3u6SmQ>Iq1YoRsWjD=p5-Vz*6sG`PzWx<{GCcr)fY%kA3Tusf=
zrBOlBg6hCiUZGTA9k(z?+YBkj<4VsW*HN?S_}JEyr6yn78#*Fi+qZTTSpiO4bKn5k
z2$UO;NM<~aqAiwWOe$!-c41@CL=2EMXRU-fB5#$2D}%O&JDCO2p-?nC6`@2Qr7xtT
zLPJ2%H)N=m!}A_h9mbo0)_WNj8acPWwKO=T7`kR}o`rN9(=1R1B@ik+I~C!g2=IYl
z!J>_wK{Lu2YdmP2Q2C@5H?H;Ug_nehcOeym+?qAI^5}gsrcAK}+>Y9G^(@d!8BeSO
zKaO+#BSVniFzcue4N&{Nr6YZ=d})5gL;sIeBEkb=|0l&~nguSeY$b1)zhdGGu`RM!
ztg(IJA$CP<qcBmsy<vDd(ISN?Ci>0={D+L|J$V4S{y0859GtVm9GMP9*sQPzV}VwE
zbOS%QXgckP6MHC;6Y{>Onx_Re8<v`KtDSV+cyd6`1%3kqrvsQFsjiP#FiJv}acJv4
zj$VVNX_L-GyrlB_rRtYqvueeJ5o4&eVh1zAiQTr-i=*LzSu|*MW0$4QZ+|)HdCQe4
zgb0W_baSgJNo!usj27$cn0|k8^i%CEcc~=4N;}*cnXWVd%u~|2oQZP4lW|jm67E1P
zN@<Tno$a%07TbfBXo=Yxw@gb*quVJpF-M!*&2$47RH+rviS2^m;uk>g_Y?@tyt(NY
zWy;GO{RzmqSsz_J^5vaQkM|YBSk0y)3`pkmDYq#aw-&_PcRJ4*aB4U3=w==nqjhVo
zEA<dOD3N4TG)3=X%>qSW$4qLMAq`Q7kb|^Om^;b%6P6IDQo_iJO<m9VaZSy!OxW2!
z)1SXoX_qi6(NplQdo@uXEL~kP-ye(PoKB=iOOmP1iCf7id|~hymx(AqTQAjNr%iGf
zl*rU!yE*5D94M=V;do1)!p`pgouL7P4SEd>>^RjHoe80zblUtR@=r@}&9b%3M$IxW
zFnkt9xS221(umjwSsR;x*FIy4p}26^43hA4<!Y>AmRR{NVPVL0skb%<x8ClLrJhxW
zA0F-3n_f<qO$r8NmB|oFv+(bVB7SGdVlL~cJ<+FL8I4&9-_JF;q0wPyjll)EHf=8U
z34PH!mR@uI-z9Wp>v5UERn1Vd5m#rx`6m+`XQHonDMSf)l`%KVSsAGo9`rO;9lE>4
zJQH>(^*aBq5F);o$&MFt?B<$b=(|y0z8`c2JLIAJ+U02KyhvP?K_yQW_`&}*nEITa
z$VXB(kaXRW`Ye)bE;R9hYdcm>#$88eWqS?&v#HZDac>E>x<LF7+CK;79OH`NgeEP~
z6F$=0Gu;^lXWx)7v;xtTF-T5BIYgqXRR>&ibx;0-<X>tGgu;dq@hO#7&|oquM{2%%
znttfyVYQ#nSI3easa{VzDota5t>?%3K-KMPo>yeDcrkvbdY08Soiba!d)z2<fjZr|
zA)S_}-~M4*L1Vx+KYZpF;D?Tx7xjSeLFJ3$l=;GIH=WOEB#xhn8%K{h0fo#dm90XK
zsb_K`cJX)CPU(?Il_Na8LX&~gJH%?`isPuvWL4v0`o;WkLs^+Z39nouE##(yFB?V!
z2?m`%u>P}@<vBD3l&4rMY0)fJZ@Q}63%1VUmk((v5rkh}w<2@xI$=EPjOJdT)k`&5
ztb8Eo<|<Mf1wJRA0OhqT0#d^wdXvKUl=M)VVw%cQEOcoWUX6ThW07x>#{yEqts5CU
z$ZOsV&99w#J%0g`YtB`&r5BGd`jfwbjzv_~Y*wLOZg4OBu0-{9@9@x75W_#tkQcfJ
z&Fb(^y>HS%v)(!5^6GZgMTU8bH0;%QJ)raL)=0V7J>!CV`qHjLB<<3*^fkk{ucNPS
zt8ho_Tt-iFKE0qHXOL}~dk+hXk0;@rXV$gw5Wzn9iwZ_$`gc!mD=^l4lKe!*cW6{l
zN?QN)4QS`HA5{;Fbv8p1J<{0?^e=J-#Mhs_R2u^2EwW>jjZ?c~^!!Wce52pZw5uK_
zG`>JyQ+@)ylR8!P-c2x}&^R~h^Q=6rPKYvY8!MU}Z`nVdt0HT4t0`m9TuMuS8Zr{<
zN*fqV$=hyM_ia86;(d&9>H2%O*JgxmytWeF(d4Jh9w#y;>fowsdr69J`o7BvpQ&sn
z<FO!_p{Nh_>CyMBjR55ui_fiTO13*K#xCEm98D)3LzgJBx|40enaH%jdv`R-hC8TQ
zSeK^kPHUUq=N7A5ze48G;aE;u_+YoDkK(kTZDCKIHa@&r0yTM*uA^JmTzE)I+aN1q
zi_MBAEFS)xhtB^iD0tuYinY(fpPTr2$9Wmy^(d?68uy|VAfqj%@RYx4>)gEG?z+&S
zQOQs@&nqYzX%xTnmA-iBeDO(`l%Wx-{hoLeQPg&NAN+OT`}yflHCY>iW7dEjNpRAZ
zWH_8JFAWK=l<|>haGl1*yphqqWr>6{@r~*kIH>(9HJCe9^W1xtzMuJ|bkGG~=AHs;
z_6wTSzNsPM<mLUC*J^~qS`M~slVg7#i_>m@P~u}dQv?#hEU3D|n%c6JZ2A^z{h3>u
z<C@jhW_Im3gwBHm0-NnfzW^MK`i<TC8voep>b4^Fu`9CkHdGke&q6#p;Bk{*tGa$@
zd^uNlm=CDRKQpdhG7_<J7(!z-WfI`M?CwuC$v_@JoDPg(bGz6`L0?31yBN#u`2|2z
zOZ<xOIfT!rJLOL<%00cR*H*<pcCVI^88&*5fbFj25b6Hm<)YIIzx_UOiiOeGVkN%q
zTMYnb3#@fOcV7FV3VmpkMf?7xzuS$dVn2Qca@T&)wg(1_P^MaD9z)B1{tIpfHPwp4
zjO03ro*RGarTxiOrN$)(^B%U(u?oH`2NV`z&Q2%%Yv+mGBA6ihqIKYibixXSSGCRL
zF5P3<Z1g<&-Jn3~3N;Rs<{y#e{AXli`u+|Tu&+_xgHAt30bLz3_GeR{Z;ME``=R!~
z%@~eh-}-Ca(I>%vZRCG?O>Ees(BHVSb)!=G`#uBh#MR#zeXXAdjt`%#ooA-mk1^tB
zoEm=ADD!Y-Lho8&u0Yw(c)z>rQ@Z#ok=~zlET5ISf%~Rc9766+5N1QH`}3Ms)tv7P
zCd8E|Ov~rkE#*VB%Nh9Ti_Cx%renzi{cXVR0{u5W&#_?VbVQ3$O_pik$><|Kg*{i9
ztBIH#)*DGFJ7uBawhZOxPK1v$4`2a5rAL#a>Q=D7BFEd_>1@#RJX^nj{+%*ARDFz-
z@JhsQ`oV@)a-8e<qcOb01N$4fL*6S2Q6XI_oRqF&pD(3~KCzZATp=){<&bw)nywN<
z@lDsj?*LoG+rrCanbtUN&<1m1yCS^4fpYWO+%H&@7y%EO1(5x${|gXO2M>#|8wGW$
zG{@8iV(I$g_QY=3AG4l%-RW&vbX~=w_!Rzq!~!`AyZ+<#id{rivi>wsLJ0fXu%9FH
z@Mp9MrYt=py34B6G}bS`kS2z?5B=qpH5CafN(VCj`HFlRmCd&a%__#=&&VQ9=R{vI
z;<*Q-IVyuU6W`K@+XW$nqvmWmM|=<J-jS9;f6CGpp0*Xd_9!Q_xh%~3iDY7$nf3rW
zR%@#JxFRSfoti&@jU?u5tAtU>7&Oy>gBhS{Mfd8da<Wt#h9ZAWbyLW<7WddP#deuj
zXMSGsGM^}DYrasC_G&HAXfm~`d0$TDyE0X&`Qc%~$7<wjQ~fDWY6nIH!oMDG_NUdz
zd?;mn?|4Z)9-&sXtd=#k6ZcNfK*@5fG!E^BS^yO?GS!-$7bG2s^AAzkx5lqpf7(f)
z7%O-gfwR#<j0`BhZ3HS{)YcjxXwinRudf5O?dxugY#$h)Vby>9caKPVMjmb%<HyWi
z6V<!QVGBP(_5+>jRvoS{oaeuKRWRbAZX~TLLnNtL|2N<N#ex5Jq0~xTqsHp)Cqk{C
z9UwXUC^t7xnauWTvc&dfrrlE_DqtFX9eJ&8t+&dl6j<Em|EInpJ?^%bUn(Kui0l{O
zOPj+8g`^~6p9`KXdr8qkh2{Hz6nF|8AFVo*+yB_to75sTGn!3C<IStID<^E1(<<jM
zlCk@rpOoKPjU<li-v3)a{09aytVW5aA|$V^y1hR`7t46;VPvy8=%kFy&XwI{<bd&|
z@&8M2I7+!8X-A!&Hqn3(WvK6w;xZt00ZVeLfDEJQj{42Y*O%;zqqvL~^2R2SO*0*V
z)S0cR#_cR8iQBU)5-D5}1_b_q)uN<bnmMJ0BMw&Pqt`~I=76bIZX+F!)f)90_Qk+%
zpyh|AXdBJb&wKlu<s1*N^-7L;5LQZKUhnJ}WMQ<N9U5+_f)Fme*tQyGsOz|;=-J4y
zGcq={8rI`#)5L+Qb^X`tZS4f{jy7Y$<Kw3Dc<s${)^uxGj9#5A<c_>vDd6@tHZTXN
zv=EBh(A01;AKj`eaugj!xJ#Y|5j#tUtFn0auP`00RCtWE;>I{>I?vfLEAiQJ5Hw|=
z+SgH%hy`ORIW|q_I*3fJk$XpRn2$~ORyqhrFO+%hmU4dqSb1!@j)$%jDnI!&p4A+&
z?5M6SiQ(Wof8v_W2|@s7O~jj<nv5S}84>-2dMsCpnQB;B8Lnf1>^Yp+d?fv1+t?E@
zW@RR=1%=VA1P%$KF|qtW3Qfa%WYQk#dNAM&Z=_bTPGd5V5J|h1J#g}q&<LV)sIKmM
zG{z%Ce)-Evl;lQ2Y1nDbD8yx?J8FuH-4j}aDn;){DNnVUIEr_>i6*>7lU|*zKut}K
zoO4fkt$Q5afc2%7a+4LGcwRjIic7R;jg7%^hJ1`!xy)YxQadHRh?Kmd${^&jh1A*I
zDmxkPNZG7f6J-CUo#yj}#GgBMH}e&1Av$xrVt%1sYaIG@z*-9`VV{a2{NRHk?a71h
zU!fl+cGlawYdz#1A8IO&Mq*^j`;!eCkrwq-Vv&k5$3-@Fc8jLb*kKDtY8s(Jv>%5m
z-Qzidbt(lFeV7k4CJA@D8GEHIDJmAJDQG%hA(qLGe%jpg5LmP)XEoa>uKxm@?H2DS
zJmyt8xC?T<%S5J>n+Q%?J!@TNyV_Jnp05kGckD^sze!hkH9aV8(YF>Y=aDwsYie&U
z`o?~ws@23Fnb~fhN9L#Ay^g%ENz}ih8%92G&e<MtIxGAojlizsdK<FhtGB_>ifH3k
zS)`7xm%T-xiX6d^)6JS?13LSrZgl#7&Q|N2B`sO8%#b|$X18NSQG}=gaCd}bS_hNC
z&Bh=r*K$NVwT`6n!ZG1OEo!x7wv?u+po!6tV*X0E1SnUMVV4n>!g}b++h|<)m0}Un
zTCI}9>FsTlO_idbg3goi+wN!3+K9E$e3eM_e0!<4H;ClKrzPPiBxtTJ+L`NdDVD%j
zV6_lxM<5}#Xe2FKa-Vj4pVdrnun0EOHEk$p>T{!35*jFS9c%IGUAk~U+fH#M7Kr<y
zPX6s3bPio53n>)@tqE*d#<46cgz@L5RRXdM1W8=eq|Tvix`b38vMKObr}IQ)T1)(s
zF>Ea)I@bisO|^C1z+p0ou<_AtX^)|g5UmL*X{rXV$?N5mP^ZH8@w8G2Ehjs(E~l+m
zwqI7y+EVbDLMTcpEj7bhvPN2~Hm;~HY&zyCwGt-7U3F?FMs3}kZO8(n+qeiUzkh@(
zmp>S;PpC6<il{~L1Am<_88Tn7wbid<K+6Bh>1WJ$)~?DivGR$drM&@UkR0uc9iyTc
z)_dfeA8N(@JwvEm%SKqI*t7Oo*#~ACbs9BgvlkOtH1iZ+ExtGm4!FQxS}d*FBDMw;
z61_`N)o!Si@f1;9X^kYDeaL2tc0Gq0ruh^>Ia1S<5tBe9d1fvnMLS<j+A`jqm5ff;
z0(QQ~_$CCcY4C|{j5J7P8=T8E@SV{rw&%ef^8M?*`C(qE+3vn9bh6gYB=WvIOuD-R
z+bvZHLe1xSt=V^82pI{RWV4Lg*g{7LcJKAslYRkOcsm-cIZ0F4xu*5EH<mQdJI4Bg
z2lXMDwKD5+jV1*X76O}NL6wz8n*M-Iy7rLDPV(~R%oIRMWTVz6ET%S>oIC){()wmS
zvpv5?xTiZ>H}EA;k7&GQ-c8-04MVzYzG2p0V5p&3CzdU;rIDm)MY(C#Hax>T;?2#T
zYR~|^!6Stk9UE&ytH~#+!QoYRNV^X&X{|>PZU_hLThFe11Zt($@B-_k^vFn1A=KpI
zPNfJh$DF;@eWIY1%v#mOKUR~rd0rl9HT8?M0wroWQjGBSA2QYqw6UeaZH~jOKhm$|
zY|JVy_+<G)JElXZr~b$RodJB)lIt2P^|EJn56wxpoAxcsW=t}#U2Z}Y(MvEpm+r=M
z1+IwH_@ib?B74~>3}S6a2Su~sGP8cSl8Y{z<GQhbP@d}qN>W`>GPgTTj>KIXd-SfW
z=?7Pg4YLh>S(p*=j+EoJUE0pE1wuccQJ)u`ILud}H26L@&SaLh*3^MLL@K|t4UNWe
z3?FkGM56nbRTGk%`!v+x)1|t^7DSaQiNqvUZb-^!9U~X<kimWN*jbS%L%WpJ+RC(Y
z2`_FRCBXT*s3}ZlJwtrlnn=Y{P#{)yzPGfuJsAh*#GFQfMRx~OPE5=;XP(bM8)r_%
znsr$%uZ^g}uq}-wbtP+eENnFw4||l=^x#FCN1ra$(dX==0S?sy1J1K-8y+IpMA?mB
zu`C$pi*@uZItM9bYO-B*%QlwV<)IgGTr(O?3QXB221a4?3c)t?BO0Dkxl%t5j-gfy
zBOoBr4Mqo~S<IFNoke1QXkEZ{Y0yk~b_=P9cfpX6FPh)FP<O0vI*%aER(Q&E-hCSR
zd8bx|0@E$}ee0Um&e^6urZ$q@$`o@UNz3XNAS|QYMT?ST*%aSVr6kPU^<s!JGsRNQ
zoNu)%Ac`XtNXEo&N;{cURMknTEkxLqkr=r>MnP=xcA8(vHS3w>xKi6ErOAr?d{%tM
zcuA?Hp5aL$;$}$-n&y8={p^2BeL5=BR-3j<=@9vrZxFpY)~;nho=+okJwcHfn0f;o
z*k#Kc>6Yp{#f|GbEEU;Y%3Agq9}JtSMdIBCcFU1kfYxWlwal5bEN%`sUdGH?X1pGY
z*$#G?qUCV7HK}S6#Vbf<{L~K2R6F`t?K@f1y1-e8bxF+I1=YbzN%V?Blyqo4t47%N
z)I%9k570vop8A67aS&NySnuc?-+jX2W<vNu#aCXAS!<j5YH&LYy<=v}imw)9wFqj3
zN*2#5junz8l!b5vWYV=pzW{r8^I4cmY-MG{l|WwTVGCa~a3Og)9xDh2X+!&1%U&om
z#q}W{e8)7x60IyIudh6XgDec9h<e#PE-|)0PDBV+pJ!zy6ZF%d*{B)Q>qsRn`&Vmz
z=t%9BzI}jyeTzt&$LiX)B;O?-W!|M_q+V1sW*TRb(?s)zIaLcMSmQ?=v?gMGIVIb5
zalPus(^W<i9IX>;K$Rs!8tD!HsWl>YDcgMolxyE`2Ucj(yha|D++e&W>GMmw@Rp1L
zABc`a`LU7_f9&*W%HVlW!W30PFSa@ZBfniy<}7*Vm#`<D`MG*bVM)16CB`%wbm=aK
z0p&OZ=|~kOWF?TrlREBgx1OoM_~w&Y1&l|rYz1`Z0`&R$WY*CusWmy~afAbdlC45a
zTqk=x)<ibS<Ck6?Ag3dK4u-rDC-H+zHtZUaq`<=EQ43Gcq>GNw&OwJeXMS|}0HqXM
zS%iO^Qbe&RS&qBNx;|2NzA^#d;l4(})@d>AK44#r#x-JB8Zf)NByHL+Qmo~y#rrjG
zs!ObJl4HipKt!Hie>A@1G<rRgOjh-T$x;2jx~!NhYpftSsZJt6>BX8RQ$I;qkX_c|
zwdEKn>a^ESw_A~-2Q1Wovce4c1!zaVoo@{cUy${lPf{8Sr$D;fVZyEaxvw>fEvB+T
zo*LPc)OX2r#_8|dHgeDx{g|{+DQwA^YM@*fB799B&=&ENRr_ryQR%DGa<d3888e<v
zsx=wOE%qB$JnH{L+gkuf(re*jV`gS%hBY%YGcz;O8rEJjGcz+YGt-*cUVF{VjGOuI
zyZ63S@+wIsl_}NC^ik`mThNj|o%6L<lwag{INwO0xS1Oh$Hf@FeSa{tR5^J?haUb9
zX$?9SRwZ1G1zFI;)vC4?G2tVIH#$<|kF`Md|9w&k%uSmOCi~Jb=u-dk!hMHLP)4?s
zJ&27CZ4{{Vwv+1cplRI)jen>9SH|Ye{S2{)bj}+RqaO<Ii9P|}Pkt*`mwGvDxhwAw
zNE%;hEMbjl^ZdC^LM&LW%T#}E)K#hyZd3lQ?T%F29Y|IpHF;1LDP4MCw&7_*ro8Cv
zFq8Lwt=@j0*QiiS1l8%|ef?+6qhyD?Dkv_3uI1A6_uA9Vhp>Jp5yh`KYrMPdXW0X|
zTmNK@nieP3Z5g@i_nYPLqTUCU;asF+jdm1==BkicC~bS9#GLq@rJ>Xs7JgohF3iQA
ztC{Vt7alZevUH?I1vn|~U==Y8dAv^5C_~W}##f4e3QfPxcJx~0&b&#(d<?lq6IXBJ
z>vJ17A?CoE$9O7%?dpNo(~r3JH&WuUh_HX-3JVA0%=c#X`b0g3rrLl2Qo}OD;H~Ak
zOEN#*?F)8sd1{e12GmJQ^@AR5-uD&?gr?uW<>N2cqidnOv%6!QQD{#MJ)RzS2I?<m
zd!;p@h)^|cH*UM;EK$MAUt-QOC8a)n3Ac&D>DojOIvW0^^@`$`AQ6{ohv(Tk#EEop
zh`TE7g@~S%NLswhdn<mor7btHdKCW{=-!Y=W`y8Lnhp71K%stl(pQ8>!Hgz(Ki4Jc
zx<a9WNO>|REmL@TcZ9MT^+fQdJ-U^}oxS?hqsx*s(5<aYnd%euQY`O5wgvU)JmVrF
zv}{YHDECuJQ-{;<!gQysC>yeC3mi?@^Ej76#W#wL|3g+q0x=Y+D7P}va;GBBnue(F
ztt4E#PsD56%~C4G2s7nRq*<G6rEluXi?KZRSUqy^@ru4U9$&DL@`<)k!s0(qY%zw!
zKlVZ~KiF;bvI!YeZkDqdK1}2(yQ^0IaGW{vY+#6TVEOT8@?j(s>kd)05Y_Nwm|Cj(
z@rJvb^X*JFie8063}P2wNX_ITJ1sVdS7$|8w10D#3<)x4+^;}D?YwFHmA#(9$63gj
zwK%J>B#kHve~_MFsN&AJ+MzM6f#Y`zntT_UFz-=0DaCyX5|eIA;aW9PdH(*$Uj9qW
zmFfO&Ldn_DN~T%McRl7fOX^6I_`JuFK;2$E6(tV5Hql*L<Wn~VS<fy$Im^irqXV<i
zh0V1oLmFN-aI!f&N@H4rC>dvzc-&X{uutPSx1K3pu(gl+rWG%RJp$!GS|U_VR0Zxi
zO`I(-d{2)!jk5Tei}n`QP@Che@O{q~@ac9=Pj%T5-CNnJ|NVy!x|L18BdVYC(hSzB
z^c70)=SX#~QTsh~l!kN59V%?ibC4H42v1wOU^19P0mt#gxXeV@s}S=`<%Fkz3O7<_
z($E#0bNMJqOkko6plYf^<DS(5eCwQX>^pxJ!scX+27VOz92(mjUXiD<y4u#Fwj{=!
zeG+!fXmV`(S#I#Winx54z9z1yIC+nop@Me!AP3`A8jJWn^ZO;%$&G5la@pl$*E&=-
zB$iGo1_9?%`UI|iZhihl$TC?VW$@cMt=)q4OtHN1>5u)qP7HEg5RslSd2n|I#WN|-
zd-}#r;$HCTvhc0%PJDO#G$2Pe#yw2Wm2(c<IxL}TROG4ljlZsFm&>Q>##=&ND{v0n
zTj$(tcPc=Q6zqW&5aLE<sACirF09e$AancBK&qiw{!!&G;GICwd%8?<tD#Co2Hf+`
zk&VB84u{#R&bDjcR&gC|v25L$U<<lB=Ptb3z^KlM?b`yTB>j<9i<F!7gExX`vc?N+
zD!6+&`S^an@b#P~%ixL|DYr(eWKtq8G$imK;iGZ_;>s+<?DU(<pKrO1+Fv(@+TW;p
zuu~g7R9uE!=QU&}rto_(kQY;0O4FXLum(iyBM6?Px89i9qyH410bzeT5iX1Uu~_I$
zk!<OD8KTN8LkK3r&KAq|?&uUCY?4Ux2Al-Biauz_j$b!cXfs{U4CZ>**Iwm<-!EY%
zrAjTO5B=sdsL`EY>_DTPOny!H`B6okYj9W~lSbaxgZ{y8f%8$E^spkwdOxpFjlDmC
zZ(U4Cg4c_I8!OnE0?~J~P(9i=fZM437XYvsxBLKkP>&wtL=xAkb~SoXkDcWt64!?R
z3-A|+Y~1(@0Jr&N`+-s(@E##g74+2xv~Z$B2KmRt2@3qbq&Pt0Hxg!HVr66JfPx#Q
zgoXiRA*K1<TciItXbY131xyaeZlWm2Qtpq7_|Xmap8x+Be#REpd?g83+{B3+rIrX$
z{H%}t3+P8z7XM!b<<?HwjetFn+1KWQKWN=MFh2v6XuPaMVOEMybjF#Nk%VH4sDv3d
z%GX7~pl+!3S(G3}Q(LG(ZjR;Cs8Al_9CY${M2)wV1JrsgLRuKbat<R|9}c0FEF<Is
zf6J*rzAteL1HdPnu(;+lbisEpaw+)kb;Mq^!FbR4!#77im$8S6mA56D`AQGqqf7RC
zAeNNdDOj${J&J|BYK-U+iSMap#=MlNc+U_si+(#)gyr1o*|a<_*XI^M;YfN%4U9J(
zD*HBy93%9=of?B>=LYwXpLh5W21od7m`gvp``l~8&DjmS<i}582xyU~A+S)7qaMx#
zJ1vCjG_WeAXNodNqY3&Kq-H2f(IHn5PF=Q8o0l&pB(z*82lYpb3dG{K+x-Q|=f0kJ
zwxcxPZmCGPp~AU3m1t{3P+FJ%o^At2T&i>Ob&?aaRl*ShYgd$Ubgw|)9`kEfXtN@-
zjHO*Lng&BOm+&WV9EdupSR4q2H0;_aN=_C}AXq+C7QdV~FnOyKmY7BrtDuyEH?jT>
z=vMe%mdI;C^_pMYRNb|Gsk4?tdF1Dg)ij+if^zZoE7+WnEs~8C=0%C00e-!047QcT
z35sB?V!Iwb@=8AiS%?XdeZZ^Aje{S4mUp>_7ro!|$ATIYD?-4vbi`Ia+;yV0V&+JH
z89!<g#H~t>dO!rpxopNsp;(ppu*q&1k8F?sTwSkq(2JeX6YcB~f1#j)n}IQ3p6Lo*
zul;L<Z1(!47$QmKwd_$<M8#%l`zD{d0Q+ysGsZ0&jSO}fMNJK!pkD?*#-r}N`RcL3
z({UA?!LgWSU2_Su_M~U%J&K1C-wN}c_jZAstl(<1w886#=I88ux8kyY&Q|DcQ^Lnu
zP$7fBuzNVchQ9Y*Xh~3Nb5qyGP!-(jQyY&+5)Vcr<UV+XB&O3b%XDWEKH6;4dwf-%
zk#h^ZRqWTC)ZI%;(8H(`K4wOtWZf$aP%Ei4e{ruHDSWS58J23_$#FcugcsNAU}jvD
zvpN6ulMSvYuoGr9j8x<KG4eX^RbY^%>-bBtKDzex+&YAg6K}GNloAd`Nbgj6!(2tv
zBVI@dYo(YWv?-F6fL82f!I;WjbhjsFX~ug2-{=L#@<kSU*fX}yD@=sC7**Ma%_@-@
z5*B4hX?Q*`dh{`R0q3U@P_qLECrq!4e7o`#dZ5$$1Mpccgh-wLIA~1++ko4CfNjOz
zLXWQ7L=}peDe_e)a(D7rp0r|N;2>CF3}X==nYgARM46N*3|-D*94t0_Qq*2<naSYw
zL%qlunpEGb%32TA3j=pd2)dYopH>6}MR(A9K3m>?QPtc3fd*4oR_)gprg+lB<aKWA
zE2Old4Mf~9t@vWc_T2IcG2tV=fNVs`BWtp4>-l_fr4|8J4{c*#fiVsxd3ftELzHN3
zH9rP#_)H&Uvv@!mfP&tM-~pd3UH~bK+r(a!oAjnd$i+k(1xEpGRYJ2cQ5M#$bS;=G
zuahw;inHpfHYM@u%h!fb@u`F5Eq^ojAw7t*Jd7HS+wQZ1_3WT#XA#)UEVLmXql9y@
z4g&fRM`+dJvp@%qz!!h+5mw((kgN6rMY+P&MYca{=yj>t{1+dV7v)DhXjDoNw@m5>
zSR(4b6<aVYv|o#$wBqq;HJEsK7EmdWe3+=$hcEhIx|90<zICeM+_yHHrU)1eBVS8*
z+FfN3*#$=lu?SrfBEm#=95do_dfuDcl@8RyDOPJP9g`NhN?>7ML&WEi;0K3mR;F!F
z;3dk}{PFM?@br=UhOz(rl>KnG*=I;-hZYBwC=D~ZA;>UT``y)2a6<pw93}5DxnYE^
z*PH0wPM@ux1?ys_#m(yK*u)W;XW_W%B8Q^6j;c4r^YblOXrYY0wjKIRgP*>s3~%$D
zE$jmNgkpwl_U^bW^|#6@{KOQA5ggNA#CRGxCEN+<hH__$7^Qj0X1m{(SAE=+Q|*X`
zR#-^V?;NTS#nK3)`tKFP<6GYg6&(kECUz}zR$e75Wq=;Lc2+0w&r6zzWQ)NF<q`$p
z`~|>EGI5Mz2d~xWSB-}&i6wxNn&sDN)+^;laL<2IILln;hJ9^59%!MsqEw8W9e+;Y
z-_f60Ys_&pyZ_0&^EuIs+o`}6z6e2ts$Skn>cBq3{La<lY8ns)*?+b3udCPWq)H@<
z#f6`#9j>JUJ!ER2sb@Gi*}u#EaX{jc66ju2*5zvx^}&(Tr!xpFzAg-yBo|KP`+cjN
zNqUI>`jbHH44NP^(yj5<-nI{_SGpe6jJLAisFqr_E$B+{r@?v>Z)7wjeBd6gg(ni~
zfBe8LKbXnUO_w>D=qRV;J&~igit9DBb<t&)pN_AWQwNebKj@-rPgNT13~CjkBB#@z
zR78pDRsI4lU-=*C#;z~9PY>JtLith+bx>X%FxFaCKT@_^m2o~HDV&XdpJN327GVwZ
zD#ej?VMc~z?jw59#ni>sX2yXpH4<TPM$;PCBD<D<xGKYzQ#iLYYn<ytG@-B0ynCsd
zVb|v;VHV{W!D&G_gOMsRO}1|wHjRde8!3HtL6;1_)~l3Bq{-`Mf0Dfvk(O#N>>>-S
zpPxv&*!!$sQ_cZ>|Dr8+)I622LDp?dIV@vzM-4dPe>#qmd!^#PA~y9#vFg+_OEUlJ
zO~i%z&NX7fU7gU4-z|t8M+P)^L@Q%E#BGv2T5xNC>(T*~;DBTi$w=M$2mP253?-Jz
zrWG#1%2j1E+5DtZf|LxA-d*YVR@T&64xdCOk$ji=diMN)Yh9XYUBL06fQzDeC5H{0
zb-dP5eMT(T(;4A0B=6pNwiow8GjL6&hlc;<VP!6hYh8fQj6v6btX%#~rJdv@4n-5@
zYymRUaMHXe&$cM9;3ptXDcM&p8>MI_StyQ8rkd-sk-Zb|0sxM_MG`T%Y{z04@D}k8
z%FaTZQSw576o0KXTsB)@oxB<)Xi6TDsl6^Ri5Qy&f28Y*9MGB*v~LWIG`^z$q_mm`
zDv(w(dM$x-zWv7N<Rq`9MGti%5gSHGrZN?VFl;$=j81MIh=3M`X2R-QfFGgq9i#&(
zV54O<gy97#ZGGZgI$AeQ&>Kq33M|y4(^gpv8DmLtwPCrRIEagVG1LnBLQgCqCxz@J
zDZhzcvWMU#aVna<;5H`XV-0}c!8pQ5zC(<d#Jc)Izqyp<sy$HQpGLM&_(4Ve7vO0p
zR#m?J(LDbW1lEynd#gc#en)8S%0ZSkMwfs~gm*DZa^=3z;^c+KvbYm=20Br_;=f$l
zbB?9>#x&4`@_jHJuGuEZLq%sfu9Tzc3KY^rPDipwM0!*UD>Y5}3zZLvG}fZ_3Et_d
z53L2No!o(udC>PsBxb;Ui$mXZJJ8hpH~Bf&w^nMJgI=Y56Sh~>JHAh5$sEq3$jgMU
z=KN$_=Or9Hv<LO?90%cKQ5&V9GKD1VrV6uASD0WqHG&|i*ou8$N=bakc%YpuvZo3C
zup~y27IUgdKn9#$*u77|FcU-1BX^s;6lFis^dTWjzKzp*1ws%$G}qzMZbKftS>&Vm
z6}r0t&of<P?l~c;r9t`I3L<JATh;e+2AH9F?`Be|xB4(aSV!xuIm9Ey{+2IVld%eW
z$}Z;XQLBm3D<mH^#oV(59lPvoe~<%sAd{?>Q)Cc-r*u9j*h`r_Vez!^4&kF$JzX^W
z3x6fkwGm!KgUfXDzALawVT!GT{;5)>7i5gBEG$a%>9aJHl3(i|x&g&*tkT(9jrAE*
z4-doH*d<1WH4uo)L*T0<L*n`%5?X-Kk&4x_&u%*Yco3r%)IIiKO#ai9VGlIRDCEu>
z0@IFrx&akLAdHdVk@R6FlOFPw%g*n4PO;}+O<1iQc&AW0%(8aqLY4{BbruJ#<SMJr
z+H(f}7rQ-hnX3z`9w#h+sIbr!+yEm)lm|e!yAJsNdj86j5?4GNa}(Dd3q?ao7<YM0
z9u4gbr+C3{N!)c}<_4qY(R6@iOXaea#+Z1DgdijH&@22KYW<e!z@?J4q^uOghv^PG
zj*g!GL<8ZENNqyD^uloi0=QJkw}lXDD@muxKUv7blA=k9TNEVKrB_5;)x)-Kb6n26
zcK#TfC&?W;3a^;F4*a>k)XxV4G_{&2YeG)s#54(#-f>PfrtR-ggX<7t+AEkx4mx$Y
z>tUwBriSky*;W@=z#C;jLfubut&nYD1pA@nb3w`j4TGCF-uKAHH?XL~6Rik8x8w3y
zfGTOqUj)I4LnRSTp8;0vc`UVv8}nieGT_WW<0#x|8UGcNl2k$Ikn<dy2DX<!J2Oqw
zUNDb0D1W?B_#}<q(ezQDZ`fQN>+)t&HrQKQ?dZM`QRaAc5fx~smzBm^sV9*txVp@R
z>%po}6JT!4ns(X%K3+T{R?$hh)9!L9gIm0{V{s~8Xr&~IRuGf0Q+6=qJ3KX*aJ3*Z
zpDNTh<DsHqfJ{v>d7IDb)p2w@Z2FoN1p}R0>g0Z1xx3@(RuLt;DmO&s@>tXeo`A!_
zjEdmufwtX_BqKUBBoiL)0tNj=;B^>Z2||afh8arCsW%oYe>Xbjr>+%~jDuvP9M#3B
zsL|;sPFi4wEy^qSlq#<;1dE`bRT|p%4J6FxP4Q(55teE3bztmmc-!0=H(hRf|2xyx
zX$=WQ(9EFaO#50WEf0RC76=W4Ij7TW6~CL?Oj2HhhQa8#f^LB|uv6Rz#%XTQU&nbT
z`rbyDVjezKb-Qui*nyR$v4QSpbwMlXv_~lpnVRv2cm6ySW+j^P7_t5y{tI==F=6JH
zZr-s@ub_kajrU?x+`cC~eCD~(d4-d|_ndWikrI|NafBTIDK_C*I&p(I<1ZQGf?=gx
z(fh&8SOi$v2<!#2oulv)d809J!2>HSY@W|u6=klYYkV{>t%vF26$x*7?Qzq*2}A#x
z0t2^G=cp(LHC&ds22vEl$RrgvlYR^ZBF13j*R?7lnyC9l{H}0r3TLXkdpeb#uTZ(Z
z2zF5E9>tp|(TsQ6_#8srik9zm+q7B-ZO{5J0^yoLzP;^>v=(2l0-!C>v-@!sgivjT
zjJekQ6}Y$ru70kH@RJ%$1oqlK6@O&Dr+{9;elGyeXiuh<_eWKxd#IVuQvbbX(qrC9
zi>Z{PFjP~~Z+6AGqck`zi~%}5j3UCg)YIwc{j1p~^0(ab*JQko{bZ^c^e)@VQn%z0
zk~mmmoA8dQy!Ol2LQia=s$z|RPOEaq*SwPM+A50aw!+w@zG87t6@W#6>{3H*=l))K
z?h5SDG#)`mdfNZvkR!sucSNR)?UG4tQt~a-MhE3DfSLW<b+}*delbI$s!54Vga>ed
zs{9Fy#7DsuoGpk!5?Axy@LHjCJUkx{B0L+H2FlA$t5$wO<SSN><NwKqpUj|uw6698
zGSq_|lWrV6b_?Y*y*%#SxnVo%k22$SdGWaMV;Mc&GoFvU0MPiO!d~_X7plSW1K0n6
zXl+o8AJ+s;IN7JINbo@vJq2j3t@$7&?Ay>6B0S>6k4e;Ba;_u~d6dLNeQbswbklQJ
z8rZx+YqDI(z2~^THn8m0Y>Gu{u~t#{W}yu*PBswq79Qh|SE}W$*nQHVqh+z7j9sel
z=wy(`y+3gIdP`)w1dI1G&H~T2<=n6{q8?vp`*wqhPvY%{dW|RK{84UOa##Do_tQfg
zb+WsE*8uAAe*^^ucDOpc4flXM6!H=V*Tlggr#i5=|Ar!<KjcvgB8AGq3cgA=(%F9l
zaM3c6fG~E|^bskPFSFa>_q!P_bbO(q!w}#3DRLyHSM;ZK3CH{e!xyFJJgMX}053C5
zy?o%vr|OMX(5?BE?DSN@?_ROoyJ<TyOUUNhC5j>J^<wEvz%JRZr~RD^t%_HR&Io*B
znD&tjf;vB<kDr+#SP_%n$y!mDn{1|j`CL(<z)TMvIt>jyAi*HT&7vk4n<>wRba?J1
zfg?wz+ZIehH-{-OdO5rVH<T-KCOVg`oo%lx3GW%h)B-d-KiD)x4EIuS)q*6Stslx~
zuAE$M;sU8N!g?11SjoGG8kle(Z;a3^a2kfspK}!<REACLf*p{bYH=xeXMWhL*CUEE
zup04Ss&dgj)Q@|-voH+3k>Bz;`kPeV)SODl;78G!QxH=pj~v<Y`qXT}HwuUHmyH+{
zWQ>Y+`13DJlFHsvS1H#gYH)Tb_DRKud>0Cv(79Qzap5(@^Boaw)`@wFv^q(%p_ws%
z4TxCr{UMHuDVYiU%F^LbG!#i{<WknT_~Ub+s@-F&%y`f1dMzW|HhcAH17Vz@x_PNY
z7vdJO*7oqTr!p=Jqq4Q7=llz^VwP(sMIZZ6RkTf$2WUQPTs6z){efr5*5wX&)#P4q
z+xyaTq;jYq0^##r$0J@)E!X!^{Bt8pvqfv6*jBX<IB9~SgKopk-Y6yYPPQs>rnRB^
zP<uP!;J@T0>95kTlY6T@NzE8r{NOKzxK|mO59UAqq4}ffR-s661!G&dJo}m@Zf|tq
z9A-a2I|uh;UqTF0a8@bJLG)D*{?w(hDMy=N_U(MEw}M;Y+v67}(Cy<x5lrYt5YCA)
z^ryO!<+qb+fx}PrNFJ?ZfY8s&zJCFZ|IkB%Li__b{txCz5C94ga0KFw$ix8&H%vkW
z4N3z>^S8VI1ssvT=u&=z4p6vP)7Lx3ya|G+Qpy3TC?|ltl>et6#IJrieHq=^7jPTE
z>B&ZYS-)kB;veEb=>KJadnd;ZQk#7T3rY?33dR6Dn-b6di7g@3N+l6o&Alt`dV@c>
zSzpZO&AO4`U!%usq(Cwks#`-VTvAQhIxci=-P;!XPD3`UL7QLS2-ohV|663c0<y93
zq_ZvJ#2h6f=NCNWV*|B95or6gc=`Zj%f7M>i6qM~lM&3inMk*g;aT%AbmoA&NaO*O
zvH*NKaiX<$Jlv4kU_TNH7`pb}DD@m#<0aL{9~db$AMvVuA$7Ac=5*XL52xDvzT7}#
z#9>{3Fhb$0NZm~c=nmX^!*r^yH6%Gnnthyr2k<oSz-Auz#bPiEGvzsV9T$XJ8<7GQ
zl1c*!kW9pi;DjGi&=$g)I8fna!j0&<m53P4lQtAk(PY|d)D6E%z6&6n5HjWV_z4&3
z_o8vx`J$S9w75Q6b(BXYp`ANaq*Ggvo`<OGhc3tKcV_M^3AO>JEhYKbsl~atU9@j}
zoIMB<XNAS}^@SjJF(iiZqyPs*f~1v=k8^gw(Yf4frBl4AHuU9}1DJ}a-N<R)8;u)y
zib>{Cb%2FuB9+lrV69Adbp4ZL1Dq*c`Na}B7V0z{w>mN9>JznJZwZ)&8(rQnE;^EL
zSJVxBt?K+jUoM_(+!MkT7FYvrlRVHt>BJcnx1)>9kcBS8GsUIm;4r-5_>hthiGBH)
zkZ#n>{IDyGXsZbt!g0A91_ksf;WbR7jRSLaZ^$7l$V28*$P}4H1c9f1*4Q9UwxU$~
zNQ?4wp;c)n72Pv+{#}(&+o?Vr;*WIF?K=Kz2x+3rT%%^4!70Z6z33fn58eW%0;N$|
zENshxOxuDnz=09msPV_ZO}H~|n?hISl>U6|9>l6@ayWQJU52zjX&Z~kud~#5;cq-J
z{L9ee9O+sZPt%Kop)1q-!?1#KsMGc8+1f6J`69U7xB4GwKoewA<lyvW%k;m10WrV9
zavbAhQ%UpC(>RB6x7k!Zb_}2J21@uOURhd}2|hzLCU3o1bUR~S$t1F2y$PNl?t{g4
zxoE36wNy9VnWs#a=C;aH#rUF!ntz~^MdimTeZbv$STCxm$FSB|Xf3hF`+GPftj9sB
zr9x4}h{x8-det?2`)XM1m*-@Tr^A0O55nguhm}e4RDOV8;V|)j3n>V)f<fJmOP{^r
z$8JDCE~`6Y{ZN#kS7gq!EK-X2l3^hKlM4Xy;*km$73%0Ug-mk0q(NfuKIlA&bPLN+
zi9k;<aWGV#4*@6%0`Niht|o9k$hBe_DccLQ2S!Uusm&1KXzHWdle9s?D~z40yV^+T
za~i`%h*s}$p1i+>+OQnK_VLnq`e;zs0}Lj?MW+)Gd)YOYx#~S3Mo;?R@V$cC&%v{d
zP}u8-t1`PAMu;)WM7mA_r@IjI-=PbBTFIGV(XJy)(8dRD(v%X8l3(PY7W@(VnWyM8
zB}T7cnk^;mff(b5^}>otkWH?Rp)hO-#VFMI<0jRAasnIvkdVxCk4D(IN9v?5ksz(+
zi1m_9Im+v~UbwJjr%B)kY73zk7QU?BWo*$>@NKmVZ*K1}D1)q$|1@HLb6S4{ibHBQ
zPQXd7>L??=0<%>@IOq{n&7xcc2nVGx?U+Of5GYFYUZUjlm8?UlG@En?MW3GZ)t(&L
zI1}phUhOd*k+nTFZJ=@%uITBpFki#GXCyDZW;^Nf^TtfSB_+X8p;Os?>>l;yC&1aW
z{z7xI!T^I9Po>xL@^;^Kph6V+Q^&_BGZIC{Gjx&&8Uhit2=G%DjPJmN*q6Fg9&a!i
zP%|>f8&5Y1qM0peFUvK@ar)jz7Zb~Y5oro?0a=ummWxPwI<K<$NrQg}JIEy|+<s=3
zd^JDO<Na_l-wO#4j&hRgY8j3J36&&UtrLcS?aa4LN<ogbp-?o>A(gU^KX^Q!S4?MH
zg<%Gxj#{Xs92E=p_A?c@ml!LT^}?liF|;71ZZ*h+Gy(x>#=qs$&>WyXoE1%<Kc4kL
z(`<c>e(U7m|FMI)2m6~G)7p!oA~=S)H^I5_hKih`gClhZ_VPd<ZzT)s66J=PFJS3p
zm1bo|E(SH2Im1ON&$ZN_63uoC7S6=Vd5KvrgWXh|BVUNy-~FcdL`*A}j_$C&4qI_U
zN3|}QZr{PGABH?007V`Tp_CK{T0VhJ>`7HHFdx3>O-Js2JC}giuEma^rjCn*J(~`C
z07r->;1gI_-agu^mQCpoBeJF)ylP|v3XOp7L(n)WW)g3`xy;ZuZMi((a6-(PM)w7G
zzJSu8{1=c<<J#+EB8Dg>>!i@uZ+Q`pc&+8fld5qMHNEJQedfZ#CWC!gFbL2>B*$bG
zhl<pefb3?KHj<KbL7Q{;K!JR5PPyd+x6wUFlh!7-`kEB%yI-wq6_40!?A3+dZ(J$p
zmw*@%t5%F+9D@$P(cY{14Nfl0#)WM`0lb}s-0nveNF$#=v=HDK1j$AhlLsM<Rt3uq
z=4Ai~*5h_sZeRRZN_{rs1LpZ#0T>5M>dD*i%V`zW{J<%$Df>4i@D|-a3`r@Wh-KeI
zk65Q(uN~GNVI0ZC`rxjDp&NkpH)Wc_k7y~K$A6)Yx!FDH<@oqniA=J6#3es9dzZ)9
z?71h0&vLS~e9Fh4x*^h)KXPXgLTz+YLU?~tz8lXM5m!k&X{XmKQdfu+%uH)DW&rXc
z_nXaM@5R8={JtC&fdss03ve3UJ{h`*cvLY5@_4d_<}Iojp$?fDZ_!EUFZ?!V$MYO;
zgwbcg2na`x&j~-5{eC3eDI1@EbOMuG1U7IBq%pF@W>Q2T_$kVvBnQDEZ?klOlShfH
zCF$RlK`zy<=H!bdtW*F(_^3OmqTzg8(7{uAycn^SH2-b%I3u212tkhsRvBy6qb3JW
z(!^0JDAZesM`8;#bobk#<XgZMlg97u%g@m_rhjHdP$oz<km*#AsW6Gt=i78^#E&bq
zS)%CxCea>ZDm}5wB6JnnEzNi{7a+q`L>6C?5<eOkbQMYJn9eslo4EOd%z2Jb)_<tT
zfuDPJw-TnFx)gGU&})fbpTq?!DiczjNX}biJp9nPCO}SfYp&aFcZ`(fl-<E^#3GVv
zO94FM<3=u#=+qVTH!^d{dPo7TJijys)P)!03q&%7CCJ8&1W~YF3u*PUK+lje%F2}r
zM1Xpzl?sGTCFHzG_zuffBH4=N*O6j?3oX-2uRxg9PqR~0{4-C>9qd0YnBiyDdj)(t
zD%pC}@DP#xAvUp#xDfKSho-DrXi*TYNkR}*o5AW}%wRxn%^uPOl*`BEi-Vfn`|^i3
zEqH8h&&R_+73xuk^>!366640(=0Hj?Aua816I5W-0(0a{sXEQ&`3<cSXvA86P|mlV
zCIw$`A~4_c_+b|Nkr3Fa66K~Wx~K-)X#xVhZnRpg<x{Y+)E>G6oUe)GhDi;ZQ)prA
zQKZ1Poym8#3=zZzeGBq-U|Ox9j1y4^Y|urOiBSp%W+^%v2b|$3e{qd5aiyQ@CjY{R
zVe=q{Rw4f-Prsg&Qabd7e8eqY4hC*jYBrI(zlPbvvX`UE;$A#Zmoi0t;0BHXrVSog
z87y20CXVby?%#7B3UJ^?;5h`HNVj%9QD>RfEcgkblqX4sE$RgQL|kM>+%Lg{miXtm
z%LpMamqaNnV9HJHa<g%%7xE@d|5C@u$N)@=3Z`Nl&kBl4Sgbrbic10wOZkcvQiB#^
z$<TjUmULkA=GsucQqx$s^Ubtm&twD@enVZ;nU3qg%4J*rm!t)>dO4}2J}JHa@NZLR
zqhV<Iiv2`b1i*k0rA^U%yo424W)kJ^kmto1Sx{mqux0+NC1q4hA*fSyF=TB#maAar
zDzJ29;fatL7cZAiawm>o{cf^{vTHc5x_Y@P@A<=KvRH3iP?)KpJd;q!{@6$(_;IEB
zX=;fF#DOE{U9~rG8v*=*cAc<6xe`X0SnTN=@&NRO%o`0@1?@S1ps`*GwU`T6wN;n!
zT=1jX=Y-LMsG1<SA_EeIi7zv2tO5l-2p61sAW=LiEU=$Q$s=MK(f336ADk>&D0R>y
z$_K8C5e!tL;<sz@qp$_Xfs7Mnn|>Dqu=vOKdh7+55{3#xC^W7rLxWGj3F39qiIX^K
zVMn1GG4@WoHh8dfv7OD4B(sciBgTAxlK|<Y?ERIPpK8|(FkhyqDXj0sjjdJs-qi?W
zvIZ)T;S8tlz^96ruca3td{>G2Cy<>mh_`Ew)Rh1bL5`v%!n1Me51&B1$3&L$5a)g{
zNeC^})QD4Q08TEaBx(ja-y9B5auM&1oG7CWV}hZ_6m2T>Pi@5g9S&)-mj?A)@c`RL
zyKwZoM1e^2YK&I-pjIM?pd(X(3-(ulMMfx=K!|p@2`6MPY=NLbpm*pWlyMX4<-K=W
z<fww`%H5jIoTyBM!>|5BY}?jo>_h+t%{}G8Tvp8>Dx)QvzdRl|x!DWwWlvg0BGOc5
zWJkG_OfVQt%Ng9gEge|vvVep7!>EDd8xRnu<jG~UP6;kKE?l`ja^<o?StcuudyDve
zo<J}m7Sow4j{err!e4yBB2S<LBC#gD38(}BpCm4B^&{)hl5ArTcu6vgue&XkKH<us
zJDz83S;fgLlodQ@5k~l^8z>&L(-P7-BC&f~LD8~85ZC2bf7?lBC2a9<Kp^fx2K&jM
z<ivwS@<hF)sYq`b1JSDd<??p=FwxYCA`s(O`)|2E0wAs_g8*FA;+uf-U@W=suEPC%
zv9!31b8aMph<%pW9D}$WPK91p-qngEo{c@!#4(u59&}$c{*BR}$>ZFx;NeihD%es+
zx5Yt1gZ8SE7CiOU6y5+2ba~~4c`!;SX9J~Ya@|pXCZmgFN;2OCuk6S8#c$I@F)BB7
z7jrC&VVCCA0|z*U)(EyT$bbn?{GcmV6PA&B@J!l0%*)j9gig;6Flyy2Q9WddB7diS
zh3O%3@MM;uKBih3cXZ<FcH(R+>JvD;zyPp<{{FWkM&#g<0qzV6w=&aM&ggvRY$4L9
z@Nhpof>~^2ZU<E_w8rL)&}hN}@Pt~mK)65AtzaOpeG6^z8TAktgwg>HQk&2{ZMj#T
zT4VHggrMx6y;CG42^h+Y+AB*|bDf=bA-ePkgV>IgVM<9|fp7-J&_-N&H7(MKBJe4q
z%Fyg(8VB+Hm-!tf__x!@{v@utg~(cgFkBE;0v&W(`;5$5#x>y)MjkbE#)5}=AE1?<
zH<IW-ojwUsxD#F&%dTPdRJ&&Nx6qD5F*NItsih<{FxeZG$-_lVu1E<A92h!w%jlTq
z7;HL*LC|)!j7gyRrDaG?vTHKvHv=^cf|RSrsV7S68I@`G+3wBO;WW?&*>>~`HwU70
zPhoBF=ps~dqM;kBCP|9Yq1~D(m7_;pp?Rx<SMl|_Ml7Yel7sgha)l}fuAlNC<&z-6
zaiggDH*ob)0LEVHIN*-IHX|v6H5|XK!y^%_&jDVKnM?b4DoW9fz+heyUTh2L0iP`D
zsTV?(&W0LAffbzFgW=xyag;fkFQ{mP^|^kGzQnP_j{?C-iB2LHgKWN)qXMFr@R-r6
z$QVMGPL^a6gLZlBQamuY0pKkwY+&Y1U~ij!BnX&^w$&SN?6`GvrkefdCu^!Op?S(}
zGW0!j41*xu{`zV?S*HbrCkRm9GU8w}_VHuzW+Z`A;5Mq?{wUX*QpD^MVVQnyr*jIy
zIKGI?k$vnjy$p0`{Fs8pi@g_t$@-8N)=i<{MEZR3l=%6s169XK1GW)gDfm?8uxHj^
zEcuo{3HK@-B)gHB*2CdFk6o=+?}~eeM94>1lgyh75QYi^Lk1d`oxJAcv?H0>e#N2<
zzdQwZ#U}Z)Y1RDEik74XzAYr<TPsunG}N3AZ*R?0RF^aNj0?!eF09KA+6o*A^5hxB
zd3|cx_9}owO2!7s{AYjvTDV-3n7`pO9LhkSdL1b`UVd0nW5kg`OKc?Bi@fXmp9Sn$
z3RDT2aKNI<R(rVI^2Q-~I77IpH=U9^7Bs-f3;}T1Br*D40>0PpidwM~CxDbqywulA
zLefxTr7A-=wD9|U1p0QQ<5BRUkJ(w_d0)iM)r5peML(zp+dpuWH1ea>sy&|izVRnO
z<n=-F^O@BqX0DR9UVP+Q`B5B9X}IeZqe=t65RZ~gRHd+(1{qq?YvRlV@`_u%N&`p*
z2r?&^tn?%@z|uorcHsgP=_+Kda3yW$k<k@HR(WSaA$-ux@Vw>i`ZPyd%gWmXpu(kn
zD5<4Cx1R+0HFU{<e`e<loPk>&X)6GIGk#qyPe_?p;ngHLlTki^B(9n%Q(e-42jM4M
zbwbh&5+2vX>NE@%{s0{IRwQHzjPb@>2GIKxh?;rINSG)OA6)d4BuNC*?1cI!LQ4-V
zm7W{F*~hX%X!6Vqbppy+`QhH~w>3oZ@#^7Q0T_ND-~3rztiUP2L36i;m{RFV)dRwz
zpL2rO)}5H1$Cx+dSB-wyBfaBiz<sb!=DJoxwv$FFP4Do2Q^n%PI3$rts%uye>fA0s
z-dh26DzajmqL5VG<qV|^Mu2@45!vEeL{nB0@rqHz4w-3MR>HyYH%sSY3UjF(C*g!s
z2XEp@f-l{%QYcCOL9104*bhoDuSUc#gN;q1&@vvs?vOp_=~H|Tco(xokBW~RNO?>Z
z%0q@lcA;b$hFTpZHauS=-&lPwffmk1sjY$g3s_qdCc(gZ3v5*=OB_WdM)F0K6l80x
zo%N%pO6$9=zF|t__lzs?g2u-9qf8&>{|)ir`e+m1$YF+v1+&uCc2AOsf>-XOOHHQR
z3;P&)7@}AU)hRI$B~rZ^g;i)eg3*(ofHtI-CaXlJnk$2q@CXSS`vdu{E_qCS-_|m0
z>Z9RFcKUEKtGi&b;8mPLxO?9vBe%O$LhL3w*Y{g~i_nKX8PfCzcg^GY@6tb*Gn!6d
zkUZ@$O?r~|MHlj`xJ;rzRFoa%A5;_s5(tZefI<8-YX{<^5C9NJOcV@a5@vQZbS4%K
zR8}@2WF=uzQ6n-65$E`S;iI4+AkaXgg2)0yzQar_Ijsd0ON0fol?2@8@a1BO8d7#^
zlq#th9Wk2)GL8S&LYZOhx1aMQP-MtiopoZK5kX0hO=VQ)3W_V)c{SXEIxc?A2cOmx
zZ;MHf|KG(1f_xi(Rh<){9Uc+8Bm0{-DYVZIbRvWfm)wjPg(a9gT({$);R+8dD>C*C
zf^*Um5sb81?nipaA<@^6g0?ykIoYaWXhhJjCOjUJScK$5Ws1xMwEgH6QlS?cY1|x>
zrdiEgVd7&FBnx50s%s4-Nn}{KT^ue4CL88uTW<XlH1&Ce3WH{4g^FIoUi`a?S%k<Z
z^o3?7MYUPD(m_d($_))H3@vf>YF(qCBnaWMjq!Ut`{3IqF!Wkc#qlfOa;5I#$9fKj
z_a`rHWjKADM@Se%W0P-F#ft{qHaE#gNJ+(?i;IS>zW-kLap}%j35n5uj`fq9|1liL
z>wdnNCv&{gu~R0H()c*@Noi&f2tm=9^;^E=`>|hSPkdI5FfMufD)l!}5)s{8*V8{^
z?{N5DSfdk#IFY!>+92eb_UDLh(Vd`zB+=H~OoI^EtRhp<6w&wve`L3nBR%d;jJzx<
zMERm{;IMrOl`Ic$&*0rh*fVfDwB}K$`MN+M&zr7Chqze%S<?tB>Z?OIxo#MN#HR=#
zQxmD^p~|@V>1Hmjd(~n>10B}p+&>9lXn$~sA}50R>UmkZ+RnvXlD(mR26x_A8Vsv6
zPY}}p_70%3&BvPo@NUy8CVvD<lHvVt0<Olfgxo9>;on_kn8PlN!Kx4%_hHS-qa<Zn
zY1>ziG<b%o$LjAF&WDnL4vfMon#oiX6KIrw;!NnbNY_aLCwr1A2IDR+rV}to)ERts
z(P|P71P49%NqyhKh%V@zI~O6?JzyL-2*T*kzeVGWH(7Xb0XO_g7Kg%Z?1G38xi;4&
zI5x@JEVMkKhwyJBwf6V~Q``aKO>X)n0ho8GWjbcgxJ{(Z_?~gp0eQf#r7c13j7PY~
zX$(@|D=`jAQ&%)7wZ|b7Eou@h81aXL$+W>)%RzwL((dNtzr_H-6g1>U#SqJGe1SR@
z26%ZYs=lBTXJa)R4_sQ)gt;T*n-XoEb~CCkcbU$@tw6PtwFv;ddCzDpOpnJ`&Za~O
zJisC!aJCyXrDCD~fqaJo#wD%H!F-JoMohL9F2-vy(m>mgdg?Tk>344gonMIO@(ToU
znwi$kP?Y?7Y8Tirh~^J-e$|O^HphJuO7El%#XVsP7ESSH83a386TR{MyR^K=5`Cy3
z0bn>J$1>3ZT-UWA8Qj9LF$pS(2nU5KnhC0qH7qPN?CaDCy7mjmt=smDEocAHdyYZu
zFKdV1Ldgw^ECcR07Cc{Zx|#!NUR?dS*!b1^?@alvlOsE{4l*f%ah-2>vpRKy!idZC
z@IT@$Nlhj~O)x;DFvB=^f$T}b(i-V;5QliU6Ecr3Ge@fhcpH+Bu?@D9;PvvqZ}n2a
zpBPWWBg0g-ydlLBz+ypYv9)Dm_v<Ejk#8@#*n&bPNTi&L+jpuGzaQT0e}=?qkEZ*r
zG@aO|s=Bf6Hd%b&k(6S$EQ|#TM(r=hFV~jn?1xtAOg=XLC#%R<qq{7YO9^mZ#lkdn
zxWak{1VU_0cei07Ql603^7Lm2Pw^g9ZcWYT<br1HX73IvKSM;pHLX4O@8)5It#yna
z=bC9c-JQ#ab6&!dQY@(D)#dp!o?>Tr|B)|Xe8-hdOC5&}PH1QNpW-EJ+ter<;aSPQ
z0BuAdbtPvRKH=SOhHFHuZ8MToZQL~c8rfKlk}*1!{bc$r`UGicnO^Bwo%e4Q&XY^+
zhc<dH2??e%?WqZ33WETdA>e5#|BcCXFH9Gvf7AZYwNl;WR=Kr-EBYe6Bwkb8G`;*<
zQN4q^+26s#TKrGrh_tN78jAgq?6_<2=!EcEz5KRa)+?q7Z)t|KIKg}O;`}u@h9VgJ
zs9Vxb>T~jQIL+%@NZzPJV_v*r7~#uWZ?5*%#sis;)Q2j+e=ol4LD5gx=PG~4Ulw&M
zkNkI}?WVlMe!2f{9b6F~RF%IO2GDjyzsS2Le$aohx+i}GesDdHj+A};1+1(lYP`Qe
z-z+|UV%~Dy{kyLAGA<x)_VXz4UNn33!2E34{n{$76EKEw*1^i4Whq!Fu1S|ewbfTP
zec}Jz&Tr9P6xBO*1F3q$KBT`VzG#0~oYTBQyf|OSM4kSpL65Mm!R?L-$Z+1&dACD;
ztk`@ys_u}|g|aq6ogU=8{@`ke=|tFH9^9k9r?YtD)0y8_>*Xs~rnkC9Hc^NyyJDp0
zf^4?2idJ)lck4R2EsvIO2+@X@7#)*OJH(yeS3%otO+8a2vambPK8nL__T1zqr)y*A
zjB6!kxNPl*PESADpFi1tlCQ0r#f-oSsi@^5RWhS9RD}1x%ENq-vzDIZp%1sDpC~eQ
zr3w$iTS!Vli<=ygWAkGFq2h4XbD;+wt@LFzM{+=Uu{XGolsv=0HqX%6b>F*@G-h60
zlE?MkIU*ok8wm<ut|3>BfQDN~#U;qRe?J{%N8-8BzV%*=c)cvg(cc9c5S&b%p;hTH
z5x+F2UXfp=Dy&f&SR)UilL_0xhQXU)8r)d0Lw%tZRqQV^sVxsQfi3%=(L4(1cWR|U
z6V<dI)v^D(Wc<wGm@VzHuJj_jw&GOOK`QhmHdeI%s|*aOf?8TjWyy)3u9yge)hdw9
ze5G++u!prZww2kt3vIo`R_-Ed4$;IWL+7fT=)&-59N7h}v4bhc75*jHouq6_mgj0#
z6sUOst5^C{jPjf;??|2buhdq9TPX}erTo}i1i#yT{&nVmqW-J+e<%Qo)rv)}-%=P7
zNmi2aHF<aJ{{r4s&1wvmVs$<v;!<2U(!ECBRpSoePVFp7G}ZQ!D$ngiOuo*I7dW4F
z5x!Y+l3-!$hh<9;4%MtL=_25L>>xqFbZ+6I@+inojv6AybUNDdgNFlq{<YlR93@L4
zL@No>ms>D90Rl7$M@(!h31+d*87I0Y-D^Hb;Fv|iPnsWGNVh-O6mLmDun>bw=5IlX
zFp$uG06nBW97A&)?QdRXebgi5%L*H;A09L~<BKZukLQ<_RjHq;xiLSVtsi_^4SxSD
zl2z>Tjp4*%`U}`}#2Y6(mfvHAJ399SdOGh&5aH%^Mr(ldxiEkD_J&7=*{&rBOE&&u
zc1V?BSS(Zcp|FLOrF4iomEL5V7#KT|NlFex@D3iqede2D4EQuuxVGwMrnF8sHfJT)
zpsxJB5hWJC`mR~6<Ha3ZA<3~LgKlX>sNlCPZ6t?YK63qV6Dzy`jx^Fk6Kz;jGznbz
z?_iQ7$midDNa(C*+eT(ubv_+Jmsc)e`&|5^UANn{sC>^y8;%)dhYK_>ToG_T)?E>~
z1<j{5yy{HjRi}MY@q>swo>Uwg3@c`y*DZvSzTK{k980acH-%PJ*zLvJ-Mg1tG5ak@
zqEy*AtTg)e6|vr-d45}XpmHQ^1it=*Dh%o6?VS07{$|%O+4A%^!ndtID8;&_wfpI>
zc-9vJ+&@NrkP;p3NBv;k6umcmqdvdAMaXQa$FF%_Y=w>}wR_rcO!9ep8UY)NFtvS`
zo#W$?pNJ#Gn?cCs{)*up_|5KL0Fl0hen>7p-Cgu&Y<KNRL6T$1opU<rQ$^z~m`=+I
z2(i={?J4VAL;#1wlb6wuxLDzeX-TW@Q|bSerZHTjV11;Cy+YI!K}?|oP?1o&V2wH9
zUrhT9Y)mKSd0QE;Fx^<E-dJsM+CRt9hQdC4-7`EeJ)P<%S)ZFg!tQGD9Psp|)RWWY
z!cBFgR4_Z$9V-Oe7>F1jPUBd+D9=6QS1z)uMrI5)scmTh^&yAC(l}gcV!xBz{}WlQ
z9vBp)Dt>61Y)2;#^&e@?I;U26S+KMX>oY795W0VLbwyOfa4d?-scY>&K)v-rF}iCn
zY$YC*1s`5F^_%56);rH}{qkA`{`m{Yb)V^2<#qoop+VTRnam1}ZTT>Dc}{C-ACzSg
zo<*OPZZjk>)CDtR9k^%-o6c^X!W~rwmzd(3PFB{~7}VH!EqW}2rpF%cq;3@&>>`C1
zt2!85J2jJsFKIa<%D}e9BApZKGS(mI77O3&9KUE{!P^xizGsOM&^1Qmy9MbN5USG}
zm-f#vcQv6JaSo&apnDLBs>l%>fp&vtf5*pg@T*g(B9^dkSv}4d-!$(_m*gB*VOh6)
zTC+SjjOn?O{MU0sWVNTR^;Z_D;JPizIMm6CA$_bOX9nlbaYu#_*DKBh(^)sMWZAy}
zo7u=d`{WQGUsGu(NR`W?bk(F;DT#XS5EBK{ROaL3eiLG&4KEzNq;qbSk!Y)<6ju}`
zSa7Y&antLu(a<f{vHE=+Fh#UDf${y35y0mJHfLmLhzra+v>icVv@;B;hV{C|pDfQG
zo)(6W+^cl%UD0J*MF5*kje{jL!e^Ff-#XijU>9zdD>M05#4B~aXL4R<4#_Rux<21J
zzcYQ`J`-{Z+;^+2T-%N4G!ln|)L%v0*`p#m&fJ-OTMA|bUwbYuS?`Of!gQ4`KYaC7
z6HF(o6#D5(N{N>*o0DaFT6wtj>9sgdk3@UC0vrvvp6jrER-;Fd@x4m4-l6$^*l7Oo
zoYsuy_Z-rUWv`l!u;~!it(gYhy7qz|ey^j0&uz;LP}H5>KRy4EL?};3<F6=gUf=pu
z#T?Vtpq*uSS;s;N<Zsvh(by9;S+;s<ARNyto09Q;yD--EN?%6*sqS6Atxd7Q<8+VT
zA(t6rKgl5%h)2V<DKeRR9vargs(TKvMvK3_#O~BBRXzR%Wc>s#(RqPObWk7_JUIA2
zwoCsk(Ln&fV-!>pW@Ta~VdI2?hIt_s=Ky5V!~rxGrQI7c5u;lO*1-6}e=pQw1c3{6
z411Xfb4glm<;hqzm!cH>^27f}2Nl7zTaQW(N=xhrqW||_B60-__V0osSo9n=cqd^e
z3_T|7u|**~A?$X7=Ab2lU3kg;uOX6!={>*EKl44ZRnL|QLnJz09F?h$jnIE#Gu5@i
z3QlB3Nu=PzmM<5{@6StiC(^3PaIew$!#S&pL{c|orh}icESZ<v+eKD@lH{~}Ce=oS
z4YVkU+J>+!HMY$oMRW~bouRKjI&`)iHgKerl=u+*76s_2GMGt369m9Q+apdRKC*2Z
z8Lavy(-HHoi?ztOtNqra4SSe9JQ5is6xeAQkGyF4m_Rz6TV$v*eJ@WfmsFel{RE55
zR>NJ*u-$j4BSq@Z26p;=M>(~Kr2H;<_eJE*egqV(d_xoVC$n;R_oebwxCfAM>Qu*-
z*$MIk5-(X2@5Y0KeH40hhL)R{*FhlCdSsTgg}Y45wb5b(`J?pWiKb1r%YI#%eH6v2
zCi|o?4NlkjL6tns)X*HeCH@I6+2x2$-}f(IdNIaE;))O>1y()(jaqoS68hEY_elYi
zDm#EDBX|RX5#~W@z(Gb2j!Um(pq7(TiJBNSAIdufT6;nmlVz=BWKFLC&eCBS8cyq4
z$=^Xn3+%LfN;!TBFUKXvJ-U_5j1`t9P!_>9(-(az!${@eEX_nF)0MGg;sAD~%cfBE
z=4;XzxF=P*bZ2i+)H%^RGs1SHF9VM@4p<f|3Bhi74Ytvb;8k<AoN9W+Z^1#j=>~o+
zXG3)E(fO-U6t)l~8>(Ivfr&FQm=*qrE^C?O0$C$da$mP$!3BC}xj(C3i5Nqq2RX}^
z6c|R)n2&S|in`<7+m}u+$tq1ryFd1spMTZw8&F0pGaxogGFnBsciXq<CE1IbX6o(O
z`6i!>Ui@()drb_pC_?bii4N`fgGYs;W{cdq?ApZ;alq7Anx>J3HenxlhIgViRFjG3
zJK9AP=o{`3etysX(Xy7g4;vU#cJ~(7$>|paPoy>pK9xjW5P6gp8OXTB{`${l*4l<j
zgeMwCP(DaC1VBE>Mm13WZ>3!aP!vs@Uc#c}v`9uI2SE{G1tiD<OJ)fR5+n$cCFdXl
zl9M1gNnCcxNkDRtC^=^dg0SSML~s4RPw&6~>aObQs-Eqce%`0wnd$23>YcZz=P(m3
zywB?Z&y6Zs+ErhGgqCy?Hp;hhtA9fMfde0%4|_<Td^bDKqlDjh{{~>EksJ00D*4{%
zp3)szu$TQP7)T$h{*mghgmPUhrX9?Z>%{X{!jH*u_JjYn{Stuez&~tbRBqq@;h8Z7
zWv-+XJI^r0Tz;aS*g50fZlhqom$!MnJpS*J1V!!hwFa*$qn+-bfU+6WUyWt-Gt>`~
zpS-m{w3EALFVk_PGps3uHAQFQS61+*=Xm6ZG$dug#fk7vZVPH+4cTM$BDW=bwBPlI
z#p%dlZNY1B6l-|eW6;b}&Mdvwz|CnySfx!!yJdt-x}c^-Kr%n;3y==ZHe!hMO{aML
z%o1V<cMCjP=&-L=B4obombIK85#a5S*~eAZVkUJ%@;Gymv(h1}Oie9t?$fC{-HjGA
zSv<c@@kTYX(|NhExus>uWv_TOQ`0;DRn@Sa6>rYku<Z&<oWwF>Y8V1ma47!njH&lB
z#_Sqe>Bl-F8N2<y=Tt6hS3Dj<!rc1Wb3Wu6V*j5OwXfbRdg#fV4>tl_E7os2V8j@T
z^KUN+9NVNX=;kH4OBRDDDF3_Lf0Q3VbF7-)iV?E+L9Lot%E0>|sc*JaniFAl^I)#!
zU-@5ja0ksp2KP7wb~1r6_iF@pDp64N<aamq?t!M?l7EzcZybLD7WB1P+mtd1o+1h8
zupV=@DLY+_6$b`ZSf?U22~6PqGz}It)&eRVw^JI#rDL??4>RG<WySD@G%FsLp}~C3
zeIg_@fuZVs$vkFB>2v}->`7(_t?r}naB}=Yf+USjsmGL(vM;ng!jPHR$?A$Pwd#`y
z$dn<lC$v-#BuQ=X8)ja)*$(mdcyF_wssc#W0s~Tr#Pp5gPhs2MKLPG$yf^2;_TROD
zQ}JKXTs16244BEq^$reJO&ylI)ctK|sG6n(zS!t-G#cAF7zD@<2nZt(jegDZOzJV&
z{xH5uPO@~N0hb9Wa9vbFeZ&*`1={Zg{KiNU4Jiw>ehs4I%HzsH;>S-0k@PI)Oh~C5
zFq!7AF;d6-9{Y4>89EMcd=>qX3|Fpn=SqN~P#?n?uLb*Ed~$ORW13@<j|m4w85u&1
zX!^?H5yMe;@um0Z|NC*GZwtq&=8hc1l`_|D^Qe4L(6BpKeCIx@mDU^=+%}?=M92zI
zwf?Vsc48Woz6N-+ZkEQV90m4eS7_M$UG%j+OaRwoYUI_E;Ox`j<GTsBT9)$VnjnZ1
ziu&3S*|I|aHqr1$s{6b7D|xo`ifJz9V+4U6xT9S7{Pn?C@!R?HT`kzMeK_f-UqQLs
zU}}xs53tYkTdlMfz95#a%B`cmmHY*w20{qvoW34a@L1;Iov!9(Dd*&Q1K<Munf;-E
z80<64L+y}4SGB$66)rR_ccPZ_(rN-zAq~$nY>+DhSLoK-=dM||+5E^yveiN$)G<sx
zbasVbQpiqhyeL(H3Yqm1j4*)QJC$Z{*r1cp^F7bnlD>WVTCL7?T*ZAwU^1Q2Iqd3G
zUEx#py`mDBBX<JW1fA_O6Q>5}S~-Am@e3_xQ->OdXdLonB~}#kHNxI)q(LsW7IT6g
zfE1B3Nc?e4phU9>+87l?1;`4zn?H240O3j?hicwY4!RFA&Ov6&60n5kaIKZ)^NcCQ
zD<(ZxK=J${!nxG7jB_!X9!-J=Uce_j&y<iRkGRmr$nJ2-A`x*Jo;&IU;U36>a7+>;
z!^7evx&9M?8FdL_MqRj=an}tTTrA*U6UKk#fB?K(%mPB>lpv}*_a9JT!XkpgFbE6l
z6KUhW!y-6;hei6D4%#~tH9p*bD{e~aN}h&{T#zwGvx3!W>q7^|<?M0<|34%ct~7UD
z&R?{X9t)nyoXrCBa?FD~>$r{_)Yq4C2il-%0Wn}8lO4h1|3CfUJR0gN0xGAXQ<Nmh
zmry<V@b)J_y1SV=FLpe+CL!|9rC0FeQ^vIbo{yhr_cnNo6;bS!P@;->v6~SAXK;It
zos|Lx=TZ|8GGJ`df=ZK2%lWCcvYl|v%oeMziVANro4!*(Re6Pvsj3Kbe{Q0XZ$`u|
zsbpY$<!4;SP%Bn>GhA(yo(uKl*~_xXecGGQWJnN=*M;CnAI*xY&~V%ItWGcA@ydkE
zoqW<ekWPJDE%km;t%dp*j0^&{yltXhpB+pNfR3B4@RC^S=#kyTMR&2tr=Zp6#MEl7
zE19_Wr_!~m+NiBxSSmRhx5l*-EcHI+JxY>PK3>ZV8xj{B5gFI%bg>Ca>4}W(SCd&E
z*ZD{{hQou5A+V^B`lbNAJ<;Yp#j%=oEiLhcFPoa}HH^rJw}zk|)rIrKl(l*pNNc7X
z1SivZ!)&#Od$@J0D?u&Qt8R-B*Og-Z69cYB+o(l#JFOLeEb)g#c8T)vlyH8ojqHlr
z$V7VncwluG@9g<gl`x4CLuZOQO~9BNm)YT<L@=#!4O`u039IUwP*p>(B9|pmP@|VV
z;`8>?6Wy!u%sT$N<K^gDfr+8}lz06zQ=e{UIu?xU*7tqiH16^j?|o(JPCG(Q8I>E?
zl%s+jhJ|00kO)y0Dx8K7Xn(%RLjxh8k^f-KA5Ghpq&@&i*nA3(D5a};kUimiC!kM!
z0~!r^MvRxna1iOE!qfnZLG`5&D*gmmsJRF`ES~h%tt6V{D|GutRUZ^<N<T3XG31Pp
z+>A}Z2jZ=HyiNA7ETK?fXOT_xh^nNJ_-d}ICHMoG?i!Cgjt$Y3iL}-DETVDuQ=jgd
z%ryR+s&-k+XlB$+>BW4yydM*elTKH@tD$_W)zBV=cUO#;Z>S${D39K@l(8YY{8It`
z1s)u7rqr<BFQ~{{(@U!HC($cU^6#upW$=lFn%&p+@U)0C-Bzgcz6IOXHx!LwwI@-s
z2fwuuX-kiz5$bP$-FFsLmHJIRNPu%;kQhZC%~u#k>iXC{q}%$!BE&-6^rqSKc`_Oa
zeUV9Xy=I}eTUIZ-ZDlU#ytAu<zn7|9F(qzRUfdGb_S-oA4zVEKGe|oZ=No%*de^J?
zCtzfAH+YbK@gunLW@|sW1%v!+4}oI;a>9+K#QN&j#Wo`h);fB1MszbBrmxE!9H(X}
z*<xEUFJwlC8@VgF%=kty6-hSUCw-_u?2?d2qJ`6l1W~dR`$2H^)`A%Kemif1t)%D}
zFMZYs&3_Z&Nj~(k_O)ehI^$y{KHKiP)a5P!@5-TZhp{7FPKm;LyZ^NE1Mm9Z?Pn=o
z+bS-;S1iD^=pk*Kz-<e=NhtA}$EQTkzES)VX<7!M1HDf~v2Tf<Pl=aBL!q1v1@-ig
z?7hA&9<gTv;r@pzg3TYb6|_~)jM&D?Ccs`$*ZGxZS-G5S;0L(=o|RqNy$aI_i|@e_
z#&RB3e6jC(2@ev@KPi7*zLEG`t}}IfG}qhgW%j{4a^>)0|JbI_>6=WIk_%%C#OdHB
zCp)g>cd9))R^bt8$_BH~*T<*{#~`@4U0}R1)>|NUF{?j3)3{mmb2zNc*)X`bx^n=*
z|5Cu&Dk71kva}CIy94vI4)_V+TdhCb6MEO`&_RSCYcrm!4;0?b8fZWY+M$U!5?2~6
zXtX&p#tAY|wXS$C7oMcK!%VBMj%{6H+BW%BX@jEv(B=!{w0AX##k$gFf1l``=2Hek
zn>MQv!Ykf$sm2FapHdL@gdX-Sv6MTT|5U;Xax2H-%TE9U=dpcTBd%}ybb95xA3rcJ
zm7BHL|GuAsFQy$m%YX$k_m0apvG+fJr!Y_5;9G9KmQkzCueWXPjDf!o&n*q>@Vj()
zKhlD?Pk!qB+^J7(b=6_UHSVfOe0Zh<(@Cw+@0oP2H{Qx1YZ-0HBkZ_0uaIh!RU3S9
zMlM3?f6jgob!cDgSMo(|vIY9P3BTfruII!I(hl1F<Syx3p)&(vpSdMtqB>qoD)lV6
zbSP@D`-Cguox1$f&_nH;La0;s^<1QX0u-;`-Xm&p<gh9YSft<kDszFkL3@AoP(KPq
zH`2kF)$H-F==bfhZd(X*-p#{&Wsx{Z_ukyE+7pdeU=bp*C$ir)H|uS<IWR2;HxgdT
zC-K(LLE+nSsUp&s)`+Ji3eumjP=QToB#@rCmH5TBce#TOob1{K2KU&U59`nMjA0yh
z?SgJ<bLds_lUJ4`+w9a8s@#(yJ>E_6vQAgr^1NH<r!$XsyFHR9t_+xmXoO+3!W;Rm
z#UZs(FNiWAFnl!%l@X=Hq=`h=2LTcsNQ7LDaqWjwGY{Bc4R(sDRa#CG`}p`_44X>d
z+<85^PCAoMK|^_fiDetFh_W-Sp4-_)W7(;^0lzP1Mn;E+MYDB(b0zE&mqcXv(R0Ny
z+z;p_;f2MQpBv|rJZt%n?4GU9Hw=7qj~%wgLfGyT-9q>?Vs%-i7@)+>|1zXG?P2sX
z!WBUS3QA+)N{`{M{_tyyvYJIeQ&uL$u-)hIYPZySn~9SD>i1XiwO@x*0lO4Uf0%Ux
zm`SUi-rZuZ58QMF)nbe5H5*xF{tE&pskxOSKk>I$`0!EqTYu-xSUXMmjpVNSXuLC#
zkp+FaRg1$5<v$>@M0Y|Ayib6AGC^m)2+#i&!ZnjnU%tYzp>XXai_asH7aFCeuT+`k
zeCB=iB~)wjEqbS_mDhKm((`V}JbU&DSMGyn`iAeRCfeQ3p-!L4wZe7KGb>(QClg=&
z+O5Y7znYmDOlwd5NCQpO-24g;-uZstZEOHlCX)i?b<;QBs%b4LRb;fiORcRdgbuxh
zeDi6)o8A@4!;r}><cJz_PxuL7Hk_FgdB$*FdXvBhf+!2Q?k&Rf6qVL}oo5_{2zOz$
zHK(&(cJ?b_bkt><1?(pvLJ14A22<jVOK){gKe<igh)L*-7UUw%nvSOFfr^gC(A+zn
zs>^#5H6&LBXz%VzBVS)m@XVajk)vG8*UJ9J>w+?gM{lRitZ+zqg~Vo_xxGq{BUBH@
zM%VVlgm)!sJw~NJVL~>Acc~V}L8!tr2yjqpW6^kJ{nD&zP?EH0pG<vIeR=|CBf3-h
z$!6K@NP0rOF0R2Bz?UCf65$i|zCr5!vVmXh+I&!hW)<hX-Lt6P+bm8Bz0XfS6g=(T
zf6+N_gl8?bagbWL@Lt$@g>ux~dTHu=?)b5j&uV>c+DdzC+G(ub*B$#6FV4a~SId?b
z;rzVYA83V3?eDyppnh;J%hx%=6!$0~-*AS?U@vKD+=c81WvYphpM;e}z%HZylx`}t
zM5&|r)wEg%wC_u##naZN3R$GRagVFj_Av{i?laEk<iLeHet1f_n<tQ6k$zM79{+VR
z$>g$V`A0E5@>{3tWfy}!arbO~0+@2MLR!<u2rkZ!6ppDK(2Mo`qvF<vjHajUub_oq
zd1lF?SC~Nwf6%r~=Y+}U>5gF0=C&4CW@pKgOHX<EoVOUXZ~$F2+mfI@3|UgO3i7=?
z%R48mbG3hFZpHNB9!bT8iR1$jbH<(@Hm)L&kIa<;jsyOA#O+!!4BY0?p6o2{O5k;^
z|M?OJN6pAr%!obUbf-nnT&1L(>RRCp6X(y)TrDPK<=HgO5`;bf0(-)Pdv+8ho>k)Y
z#`Oo>&&Um5sAT>|YK~(>y;;ttRVT@!0^t#l?H^3Mz%^c}R_g}|-Zht(MWCW1?N1Jz
zk2Ng|Z7&S+H@yWK4B6W0SQGO6mg%ONylMD^Is*!vZpDXX#Oac78ABKFcN9RBwVUbT
z1Q0Q}#i&4;b%=0EL*NI~#QI_Qc8V^mgkO~6BgAw)i-HcBvN64l4lXqTmF8xsoYL|#
zk~#dx_7|X1zx)i@$q^+()qs$QL(0wj1G;Q1jcpst3=Px9JnR(fc{AoOxK(#oQwcg0
zGA(cOxwN_Cv2W=zWwFOz^RSe0kZ85k5;M*`3-5WD@g_5`E#EqOTZ6f@h*)xZZR7oG
zWOzmdv+L3IarHwP=OjgV?-o(2wA#Kxz8&p_6U<0<;H0MfdNqsvJ-f}^;rBo$LB!L<
zcDGIiGGR(pntFt|R1O44UZwZe;BAY_RBLOR)*Y-tnnm&xxjKXzGj;j<=LU)Ufr6ab
zapZf;sZMvd2ZQjK>*Q+dUd;16b(b(_Wh#e{LA5VFvSj`UGyd*P<;mtOwlYEz>rK<=
z{jr&RvuNg(`X=v<SI1s5E*GKI18jz6;fQ3vIWrh!lX|_Li|wqAZbrhsAn)DRD=`R%
zq>`rO$_^X$C1W1_HQ0*c-O>)H<$K`h)XT3sV4p>$g1xi>t9$wb)^_@bdUM)Guwwe5
zcDj`12<81X4tF*SCpmY)rL|0&Lc(z73u?jU-GV{1&#wI7Qo<04-nSqDPiBjIY}mbD
zKt;9gY={PTwwxw6j*MnEu=1i<noCLhWm;Y_<B{Flq|2yL)`DHI!bI)*f}q^cJ1)!I
zu8Fbkeamd<zTAhf=`TCt)bB?-zb&*kUc?@Kr1kvHYT>}|j{Oajuv$1txWhQ_<*=<y
zkFWg%)L{N7i~O2Fh=qIO1`f`@geS;xG0_Q%U*U=D3NjW<cp`ShKd$WoY@hO1aDr9v
z?cZ-%<6!+AoOp<z0OP`b{eJ*?ZjGj4o(4B4T$UwP{(s(4e6L<?_vM28={6%eW}E+`
zv0GG;iWe_`nE82v-cNu%)s4-E5`~0m6Hi^_=kF_L!^XMn?H+?%Z5*||8duf&0$bw3
zO9?0}bMoc8Cm;@hVJ`IKN*0?K&|FCUdnJran08xmS~OKwKjZ`t?RO%4YC4VPRzgKN
zPd6u76JFk93es&sH=k=}9-~LAbsqb0^SHn>hD@Vb$@2M;Ut)5q#H7;Fzw{-^Z(M1)
zl)ybkn0{Ot6jr>tZL|h^Y;`$s`+|qJ*WRK%I^jl+@4d?ej)#|bUHFX-q5**#2J$B@
z2jxR1nH~32{R-_$x2Z^CysEoe`ax2d=ZH8@7$s*%NZaxvDjprE*AnUbt6Ih{=LfvO
z$!#Eon`0H@#V@7N>$$ghMY>n?>gs2|+ADOH$?i(k<qA}d-WG?a1LnC;U;*Fvz(^_Y
zs58F@DxkW9{jzNBIA~#f?TE7X^nr%vh_e1hhDHIi7wV>)weu@5ss}+`Fpdht!ti;b
zx+v95?}@B0QE1hT`Fu_&34zA5)M^TGw_mkJI$Hd4Y{-jFc6vg$l@x?f_@M39pgegz
zi?@VbCG>srxK)K)6+dANCbV1!e@MWkpC6ofVs5inqRRa`jw|Jv5SjO*Y^iwwjQH;N
z>($H-$^FJt+UxC67jAz9yVeal81m}I2t*cZME(00qY^a1#!ArY%ghe(>b4SUBcnI_
zkbRc@jAxXpQ&S3A7uQ|04Gr}Thw7tJOL$vN)YsBL@gPl0{Fhkk{=@m*uH30^kuf%b
zYEz_z6?Iig<e}W>T90<BrY&krSmjNeK*pjE&%ZU@rw)N>pF1jJ&6<3m*5Z9MOifsh
zIA2N0XMH+X3A!@SOl3nM9j**R_Jc5Ak!}t<QEQSYgve}z5Z7Wpr?fk{Bv$>*0CNE0
z+Z$@+N^gmYTL}Y9t?f9H5+dYckSp0Q<?xc;*dK6WmOh`+Q>(0g|H4Y5Z`eDhDKT&n
za8aais{L;JFH^1Ac+(%jsPDTXwW#EWtL0_44e8nsbJjry?Gef9&IA%0t25O1f9Fj;
zxj`LQe&?KT8uIVYMAtWK&a5#CIqPN^GU5%12Ybz+_t8R?;$jaj(PuG6#K~JlYvP&e
zV>&`96U)Q4N7EK1nPnuo`mAGB_Xf+7PyWpXc8Qg%;7T>>YTD_kt>C|l)fm4x8^jMZ
z>d-fd`*4_+mc^fXLRAbVEp$SjRACx=jaQ>+lx>V^e~W0d=~OFWba|UDw7xRNl__k#
z_=L9TKAm*(scwi1R<vTD_&8S9USTNtiMIOQ4DeN9pZG+)H)8V{+>B|ny0qWWewxU&
z94N5Zu_kAAd?pq5;3vQ;`t&w80+HeCO|xfmm@9PdlVz>RxGkZ{=+WbI`f%J&P}x<j
zpwEhF0-cNz{Q8x%y$8&`Ie#-~BABeaPAT%w4p}yXbfkPoD4UaE_u3x|V0|?HVK#pK
zjnDg<zm=35z#l;*Z!%4kuB55{#lt_YR8&#Z^Gi8}uaN}5fVfpF%1cH2$<PC-_%~IR
zB=6`*<A5cl1^fkga<c)-;S9#K2gHI={Tp^LPunZ=35LZdvbe`X<J+@&h6cd$k^27H
z)>PR3>Sd3>epBpZs@Q70EkKBLG9`AN<GTB~c`~)*%<ef7%Wma94_Ow$AdVdWBisRw
z^<p%TT&jQ@o~?(S?p<)*cg`!NfuP7z$3=6GuPJJdOk<M*%_Ya@_eINwcXcmwk9!bt
zYGtO1RY}By1s*=Ahs|lRc{xYj0Vv`&AtBiU+Urq%6+V7yoVwDjXa?@XqAU{ncUI-x
zeX;`D0r^sxQ=|Z)O?G2~lR4p1QJ^*Xn1I75gCY33WRwvXS||R5?&EvBH33byESwS4
zdomk;o=G6e{jL!jZ@unSCU9we2GwXRKu+}kNTEdM<|H=IFXlCLdCHYq6dv8~DvNjJ
z?eoI;i*%)07R}WsBX8+C`*&Nk_=0heUPxqhHQ7ibul}p0l9v|&A8L0ACco6NHlAn(
zXRwChu-n+rQ<bzhXxCh|>CJryGCPdWcqK4fj(l<3{}=tQ;s}z)C7V@U_<3|&{A2P_
z0#Uz!Ac|P1N*Yg2PKt0LMcVS5CPd0TqfJ+zy!7FnM}|_w%{jZ0JZ>KcKH+#}lvwo_
zX+F$&U2?^hM`UBi_AM@6WUzU=s*!tkf8GVtc~T#1n^%`>-3s>w?bs{?Dm1yfNUA>q
zGJE5Ha*=+&)zOu$p)OiTzO+n0$N9EEh6>ZjhUaE+NYIzN+Wu^*aF9^ei6#zx-6B7N
zfeMueu!3k<zxNnLM|x3fy<03>&0&@4z4|n^A$y``e>}f%D{&E^U1OOsFoHV8Kc+s`
zaCZWbgpUt*NL$;3mhy=2F^A6+gW86iJ4%HBUIkh&r*pKOQe?RZTzHC?A7qMz1B%fP
z6_bmk(>dROtbrChgIYkD9ChTlRaiJ+UAvm476AhTfB<D>WejP}jt`@<-~m!t-%+H>
mR?Xwimo8qG5r2C%&A~NpA_s!Z$cV>dwk85Xq(^=~XZ{1)sL8kh

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/btfs_snapshots.jpg b/docs/userguide/storagedriver/images/btfs_snapshots.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..94c7797aca9747e785cb701daee1c052fbf7657c
GIT binary patch
literal 19902
zcmbTe1z23ok}y2D!{F}jgKKaZ+}+(>0t5&aENF0dcY+0Xhv4q+2@(P%z(0B4d+*-;
zo^SvCcKbASs=KQCRLkj8-Ce`$%IgjQC@&)?1Au~p2Czde!0S3d5&#4BC;WjhFfh>2
z2yoDlfCPg8hk$~Ff&zzxjEsT?L`Ojdq9G%r<DdgEu^<5j9S08w3l9iE{}l4KC^Qlr
z91<2PGU^|W|5<qL2Vf#XVM4{jKw$!)F`-~Ep<V|8qyQ)Y009aD{uQ8MVBz2q5TTG>
z*8qrrQ=UryrrOt17eTOf(s2L)-R$T)002v_C<cI<6y9>K^doj2SZr&Nc33625^$~U
z+)erEK>8IWA@np701$}Cnz~kzbEq0^#v98^-fv{XTNg3Ys5|Gn#EqqRGXJZ*n|3Mp
z-+2nE6e(JCo}68IvU?b%6ac_NwwyfK13(&)SfL{b07yf07c~S>%nBVKbwiQ}R9-94
zXlOkUy#O$Yf)`Nm;pI&S1hKyY{^T4ecL2l->TBW)K+fT(L697hsAW@B7s<Qrsy923
z<X<AC-0ZG@Xppkj;pdFCi{<ioCyXx5Gqp5F8R@hbO{;R+-Dm#rUiPl2LWJ@K+x{xs
z|84|+Vz^=DvoHa?q~)hC>+lcfrU01a%PBr7zUN!$2+ID7t4C+tw_U2^6(jannIIRo
z&OZ%qHehFPWcCGTf>%yjO|8D!X>CA<uFfQOdBqd}*x5h@kWGC8Z0A@40BBydg=q@B
zWkv^l`rDTCUvmq8Voh6uE3yuGpW7iyBM3N64nlp+frsc1AUSO10wRcb68uScq;5=#
zkv!tXw!bS4%vuTp0HCG~JU9RzM`LN6eP!(@5T3uJVbG4Y;-(<<zmw4DLKooPf22la
z+=U-X=BCTl9`%!`{15S)qkVZagttho|9*fkwG@PtQ?$SoBJ4QXlj3Q+5vab}!dpA&
zo_WqX%!Icxud|V*=3^x)E(SpL$R(-*5|1+>%Nx$iU3Sn}aglfICwVx^Y?u3Ukv&5+
zAhQ!UU=onK^K!SyNij>ZDw9;$P5%kemD_|)p(MIQg{_pIu~d_>pz_`@>T`0pOD?2A
zp$Yt@K78x;i9*@-zui_X4T9+O&j14%=ERV33<dY^qZ|PB_c;G+kV6Ci$qXPik#GOg
zP`;4CEjaxff=2D{008Ggw;8pUmm<G}&|lK{IHx+DQmXx{h?!P$MIb}>bB}=hl}T&F
z%&A@PWaZ*Tju)|mUv3r8KSXa9)zmXju(fd2E2PKFeI5V+-mMH*0CZ;1vHt}CfCPEC
z*uNC`FA=E56JRn{Sbj1s&aG}f0Pur!1~L+3c6$L(XX|RkQ<Dz7`JkIh-ERIDNOj1n
zT1ZmamfU!?_RsHqR+jCHI5*>p-F{O50B<y$xpge8B9xVJ*BBOD+-@!xU7Q8bQ6WMF
z9ROHqF?4pw8w)?;h0TGSTxy!am`<J5_+P5^e-Z@A#jwH(XlRir$FCu@t6vZRUp5{D
zfZDu=$;!$QbUGS=UQ$XKjwl-HKcQK8R0RNpraRpyTG<=~o!>JXC|iqI2~K^u3RjX%
z2?D@$o)1+Pmf*84<Cr?0rf|913s(aGq~!UUkggeb%?AKzAl?7(O8lAD{+s@Wfi%!R
z0?}8&CP+y$Z}S0w!v`^lt|pN3VbXTd<34(OuPKsD5XUGAwYu{xyX>1R%}x9W0s!29
zQ!c1Uf6VYh8`4`z-uxV2U#DffoIYUn)C-yE0)ZXUnw5o3iW){dQp~NWJ-U!WtEOv$
z09s(;7s!Z01ONbF$lrexpz3ByU<(*%ktA%2#vm_7rd=<j;t`Pd4g<6pJ55G%;T6Pr
zU18iPxU~Z5I<qQLZRMJj+9GOEgTy5J%xgB|BU!z5NDEGSNxrrBdi03TaBgpDH+X1e
ztkV?i-hs$ClmcL<D9{H!Lp1DBjm(hJjLgvBjLZ;Z&i`+e`xhBTvR@oa0{jU}Dn}He
z8aj0ngyi%_7%~^h(g_k2k-L;E9~+Kz@UBn4W9E{CpPz?}*FkrSQvJfMiLC9t3md!_
zS_2XkK?2_HY=}I0GQM4=mYNZlws(8E{L0#sE2K$Z&?y<@{yc?L#U9ezu)Rn@w13{3
ze+2|cpYs9%P_R(Yu#hh+EHum?666L44+TKL#KytJ5<>*yQGhsk`Bd>K`3X2ArKo7>
zxK01@je|mj{++wGmRHqpCWaefNqT144#hKrR2!t^3GI-NZ3M_Xfn64(`yXUtddaqp
zE*<J4#<O<io%r_Lv>yKa{EXp_i53OEa?~@IWz09UK30`N`MncWs4Howf-8&~Myr<~
zCQ`;q#2LwAmIn%pWXZ9Xq4EEun5>qlOj*PP8XPiS|M-b5$&|n<^K&6u9AOgTl(|Et
zB~G4Fc08smn_THDKxM!KzMq_&byd!~hEwX}EQ^5nXL^DO58N>@@62_P`mvlH<kM|L
zcoFvssQO*=7;y0lklYCS)>GE=@SIn3FaBZmClUX$mC*dVPtCP+#cadt(_A<!^Oz`U
z@pRgOJsa=l^&%T2>ZOR2j&#p&K98fG<Xv{GEE?k(Ln~(Jwb$FW>Rdw~7`D(|+L+o`
zE2g;7j(!Edtoz`VIW*4ccq+i7Yi1?4CmDM!s26vVUk|T0HLtAre+e6xSw&`99f=ZM
ze9`{hegD4Tiqox#zL%>`SmH6hyijvlxy;Dx@RrP=_DhV}h$8Eq`}VL$%=N$!j>^lp
zJR_Rt$(h{I?OkKETQz83rF+<?A?8rvns#r3o&;&4wxW}>wz`vNbVO4np3RP}J<O{3
zHuun-d$zPb&VX>*BUj+Z`;;E`FFfjwGwG9V7{&DN!V&KA%l|3D7>$em|HV->YcZUc
z@hi2b|1*l&Cu$1LvdjwHJWAl+x@Rsk*8Br3o+6DDOIz_D^3-bR|KEUtl8@JCM2X6e
z<6o2<l9&Dy`1RgJ$nQmJNrdP{@!aYq*<`oQWHfVRz+^1Pv1jh%tk6f6A5%{`-Ugm5
z;AT?wDugyHZ>C7^OoR2ggo+QV@!=a85v<i(tlL3d@2MQf(caT}HNFDm*$v_qo7d@l
zq?gWaF*|~JOj(Q?J7v`=&7(eRu<)RjXPoy1^{mwetz6~(Er=R*Qc9ZyxLWxtt#fM6
zWU$PPNyty`lKva*{1IFC;a!@s|HHvo>C1qCUpUc*T;E&k4wNjG&Ax~)bEHmU`%bBm
zptJi<_Yw9YxG;T+@g8nXF~ZY)AfA-S{^~J(o45GA@7Ls$PTbPb&2j$Trj3XA2Tbt;
zqhnDT3;3+gqmnDkVHY;nX)ZF6n<^?B+R)A+#w{#o7lCITc$F<1jco6pB`r@f7O2i?
z=6FvV->+kaNJ73J6*j2lw+we2Eh+g@^vDJHS&ukWTt89!e(e*66ZO^3C9TOhl9k=3
z`)u>EdE_VJSNcCK{pPLPmieAB_|`y_rC8w&+#&m)2CtnQQ`AS33*56aB(&;}s+~aN
zS>bGAY(8vmn%jPh+G<`G43nE73Jp!)t;mO6mUSpx+GR7GgLg$By0LoHKY4pqH+I#m
z;wslEwS6Ko_oQ^bW+K-`O3%kmb(*T;Zs(=RLsoIud2SHb=MYb$cRoOsxV>+X;|QXO
z4HtaKFTE@rjS2H=8ZI<?WA}-Hs=*ql=S^Cd<YJ_P+dH8UMq!|-3MOFWJyHk?Z@%a4
zkBESFJ!z6?G$0P+vXK!*GEWRdP>UInSadU|+1fCK(Y}65rzSv4@vcJzdfCEHWnx1P
zr^Czvdn0hlFo85ozQ>hv9fnJ(bOgv6Rk5;=v73A)=<Nwz&90EgZU!t*79SiWC7?>q
zP``8()D0k5;>K{k&lA&=a>U=WJa7~rkE2oLJze2nx8GvSIN6Kz`H0^FzK`?`>r<g4
zGE=XNY(V5zHZ8TTMkRr!+&j8(yA7t!yK=(Nxish|XZ4F#l&%j?x^BoN?<VzK-Z<*{
z-r}_90a9RnbkM@XTTSk^jGF@dL|=`~iaQYyh+oamn0}Y^j%5qwNHA~`^|qT~kJnki
zY`4L=seG!dFvIavjgt@-1qaB@fNehP&>ZZz@NR6x$;EoV9)WiBIRh=_m{WJv`l;L6
zlGjo;d)UHgwe1ilJOjphe^thfif*E5m5fVq)!T@A80pT|h83x7q~WvM7z!&8eiC^i
zLo>QXuQP2@Dtt2hrXhXNal>2epitC0$cFGr+;IXmD<UTDV_cL?S?q0hqNtUXm(r6M
zd3aA3!Ee4|l~p|>jlcwi-MViwqG+es_u4v|+r>~14!>q&oj2Y4L}osIOrm4kS~M5w
z#Qy%v-zl|S>rD~!yEYPCH8oVe`u7#5NXy1(7;lcBsRGBx&$8}<MA6>+aa6sb`{H`|
zbM_>K5(^8CEm2E26iE=qfnhO2Q(4L>Zg82(A>@tQZ-oC)z@Ye$a)%@-;(nS#C)>b7
zIVB}4SgN>Z_sze`MUs=B-%-Es+ID&84Ge3E;f?S2lX^}`S>!tf1Q<lU<7|>t<B(w;
zgYlrU47Qg4e&xfx5WJQ|CaxwwUPL^s&tB*FlPvjd9+h}$G8y$4;=G04==HA8e%@IS
zd(@!iXBE(@<}Q{}rUS+OaF9=A$>GWt;n~wO*)>+xK%;V|L+>8P4k|Arp)<EK1!hP;
z-w@R+K+|_Pi*AV^!F2uu2FC#4eAfAPUni!`#P}c>cDxEXNv(_leWCnjGHQRFw{e7h
ztAnyzWsd%$y0)SR40E=H6`^?xD4Wt&)xU%?6{Y{X{Z9$*79@t>C409zaa>I`x^5jh
zwdj_MGJM1_J(7Vpce-2XE1-qHB<k;dWZW-0$Y-45#^gat7#@S=o{#ScCrqr8ABrnP
zCQ3AAEC$9bAF6Sz7$%fY$$ZE_5HC{(!$(0)R8PUtrN1p<{)EZm1-n+s=|0kU=b+jc
zKkjWEU#dJ3S(Gh}>$13>WW&FkOLnMwY;h^xzMRycQ*h~8yIl4PDA|lzzUyenY<4Pf
zaHdHZlHI6&8*dhQp|RPg8Bf~y0#&>l70ySgFj<7CIj31Uscw)M8R%$^+BmSYDBrwp
zV>VBXC3RObD}T{Yu`tP>lx7XhZ~CYeg=^d9YiAF9Q-5^@)8Lk`X9hP(XS3PK7&sdd
z%O39HPRXGel~h|?K{#s>o4P)TMx1R!xSMCh^L?ZR@w0!+H$iPDCs3VRs1iOIrZGi`
z);@g|GmGaJuj9P0QHO$Ov*Am-rNYaUn<8dm`~C7;z8hw2<)27A&}#<1zKiFcfYt$!
z*y{Nn3Vqc$#L@Oi-v8EKM_d)~lk~Xlu@pBRNikV<!_UP%8(VfA*6tf?`*(G$M5i3Q
zb660&p_rXv99Q~1xn<dt+DET?($i_iR%jbof&ph75k(w6Y>HzV1VpP(g0ivwMLy=T
zsmHP#o_M&lBdslx?3i<$22t^EKl!4yQ9OVO3|yDo#mog)uWq0M?xo+C&@9yQ5ln`t
z?hRZqpu7y}N%@&rS>D-k=*D@ZP@Fr1*wFo@1Sn$K0d?FSoBUGUGb*0L>fZNer@=>u
z!rg8kEJ8koQ6CH_m5H!0wk+l{sbf{UY6BrHkleB+>gk>}?XRZ}?8)nm#|V{^z`SwK
z8ur)KaH{)htop&CznYS91h%AQHkWZisY-;U0@38_j!HydaZ8wgcIm@IQ|Y?NRcC>~
zNCcyV+KpN1{9k;+TCafl_YjL&9%3;=>}5CvL<Cr*zgEYPMKJ&t6APOX4xWQE5r;}#
z&CIQlf?7;MGq|t;2;x#z*XqNi(I`NWlrj%VDVf`)<uP?n`u-0q8c7uT*L3==vL2fz
zv+`$bW#MKQ{@dp8ZU%?F|2@doKQwV)Y}%`B>_EJGzh8HF8n_S-{0lp<#j_?oTzWip
zG%S*BW#-^dif1<ji6UJ@sD)t(RHj!}ZKAa##HEPJ_og<xZ+BVam0<Z%DxuOWE=i3t
zk)7Bd@>fz)kywVY#lc%kjGIx_apHZ{GK?Fw<Aa|X+xp=i<@s2kV<6cluhNdilIdJs
z!Bj1;<>9zBZ}*0@e%(RR#9sFu){3L%R8<ZbJj4VYthL@q+n<x7k|UvoRbezyz|x89
z;!nxj(RQwEOvzf@o!K}s4~4ALPRyu|D@|)euF_0B_=f!9{Lz=7Ew9PrVBHR^^3A_$
z%2;5@d$56p$q2{a@xv8omiWmyqi+(yTOu37A~8a_DDU&}Pqhx=fMImsgz_2tPXXx9
z8QRKTbF>Y_+Hvv<Q7eos^>t^wuYeHRaU!Y822%Y-9UXt>9BO{N=seYL1AR<^(n=>!
znQx^sGi?%a60US|gUMFPQ>#$aap)XUI71uNd?Q_70Xp^f$1pUfwhOb|DFt-KPOXbi
z1Sx23hPO2|7f%5dWRxebfDx04(QJKLb&?h`CebK}#a~|RC~mBJs`gu6%WTexWG!=!
zZYiIa)>#`>vBq;XvZK(-jNTslCMv~9>DQi>6}36?IYtE!;Yy|WYJFsu{^@7TiGq3i
zw;G;GwX+QbiJX;n0XmlvVB{^ZklDP`Tehg7;y@e$u;^cnN22v8%Weicch!Kz$|^J^
zlBK9jAM@`~sq8-`|DE(NT#0_m+)eoZ67}R#%+_-P>`E3^5Q?cEB`v~u`Tq&%9g7!b
zA1E98iAnzN;BzJBbK9LaqN8j0$bSNNuK>%;?*S&7@7x|SzI1(Z==%|%b~$oDt@#B!
z+Y&hIt1kwUUT0OQ`CarRs(Ic{+r)UR_>iWA!@Stq$fG*>G9#_vfgPgD^H3{r_d}+d
zmHi}^hW7Z*!-GF#!SRidg}M%fXBLz3N6+b~kC$8US!MAXB4a!|Pu=DB`!|@CoKwOP
zNuxX^In-e-kad_elb`!4S{Z^ocW<(;@w&Rii(7#~w(>`}Z)=%I`jT*L8%1Fb_48FN
z+?q|5Wj}(;EK5pA1|{Isz%z4mF(-IwK~Z{JYB9~oI@Xd`<bP^rxJd3*mE{=Qz+<jc
z9I32zLM9bL=2(t3Kh|dT`HKAyi?N0v|HfL<oS=n(6WQTCS<3r|fT@clV~kSk+I7td
zYOYnHri8dp3!5W{L`@-aAs3rvheTa&b)sbEql@2!&I-72NfWDrsj}w=7heIz_H&@R
ztwZ1WF#8?VG9fbiuX8+aziMzZS!Ate+t*?#q|tKT^8FmHp`b2Nn%W3dtCC|VT`s*8
zWmr6`?EHQ=RLJ8O_Y~!9Uew6rNXvVmo7r<0t1m;kKAv4rhPb%iLnb_xSheMsm0grI
z%;UY?7tG~vKL_JA1<tN`l&L9^D_uUic&65=Jg!Z%W+iQ?S}-XmN^gTu7)zI|ub!#3
z6AWtQ-JK&Kb$Gi!lF`WHtDD1M_Y|o&rs>rjjgu#JFIR^!_hZOqfo$AEwxo!j_8RJn
z`#Au6m9CRqUP<vO+W8GxT~f9B6k(}Erqd#3tEGb0*{y0)3%s2`Bw>xFqFwL#s1}(S
z%eu<@g&u3p*30&Uw_5VgocE02a@adhU#8oB_1NgA=HtNJsG^cml3BF&l<{drGwogQ
zOKg+QW7+SKJEy{)DbXWZVtX5+)l#cPS2;p*T5NnYqG)$N^@P+MnFL!x9nen=#Ujc2
zWTX#p1*LZ0n+;W1rwUx&B?{7mcQ#lolr6?OIgRV_Ri3tt-oZLq8Hq~J`^Xm<o7mj8
zS?$b3-4lEwPzNVRZOlZqqjoBc1Wm^}wcMy3yD7J&^i$C0a;b})y9y^sMkfNpmGz|y
zCqwG<8hJXJlqte<J*T62!dojdqp7-U>x}sVB>Or<PW%ci-8tW79c>3iE(WJ!3V!!n
zNOG^OW;Z;#=9;%R#u9uLQKKhE$rch$Iao;f@aFjC4QV^<6i&H;;_%O;s%cjB#y%*y
zti}eq<Wfa-V?$5+N^Yve@Li3XjE}Y9uYe{Kr*{^T5yTmE)r{jB+eDzoanjDMD@r<U
zWkC`Z$y7`t-eFJsvw7+DsIS6%s`JSyJKM`d+-(c<KV$eD8955;)fip@+~y`NJRX=w
zjNvDNGw$Ps+`Izm-WM{P1615z#EJGxx`VYw*Q{PAs`X4+7Sj8ThF|K_K;w$G7w|+z
zD{r^t&SQa66OLi-2`_ryzI<jcUypxi@4B3yod0_3Caq$;E#_ICQ>kC|!|}0!jf3Qj
zXVmY_s8`omxDtk^-Ld{}-B<(*<&IdD)&ZPdqJU+Gj_?`##Of=&Z@(y6;Ek@Uoq02@
z(+JRqbG+Eljx|@b{BELtmc}H#rETf8_}s!1JVa%!%MOPM>qP2SJxxi9R;kPW2w|>t
z!6!yv;yy1~vwU!b>gV~eEG<ybBB@q=Www29nC|#3*4(Q=+1=1mh{$W^o5E0i!FsaY
zvLU@^%L?T2)2yVdg}PKc8N;(PA0{HG!IQjKaAz6%>N_GQ^R*S*T01M?i*cT)5ot~Z
zNBAPW4YWUnl636rlG;K|qjQp0+bv5r{qhINBF;~D7)|mHXvUfw#D4HdKiI|nIhbjn
z0+z5l-5M2^5M_1g7pc41{?e7;6Beky9Ts46*yHhz;u`UHa}VNE&xE<^6bCa%tJss1
zJ|@FoBWwENES6T3ot2~5*zS(WwxmxgYeuC#vG^Ffh=x|rt#mC*<D>KLG!nh=z78Gt
zJ0b-s!Loy+rdF2DkSwjHnPZ}PUeDBc^_VQk_(^u8oXl#q4(M`?W^@W^dhWXj9i+Zl
z`b~ZI3Sf=mVVGEkTcS&0D=@m4ld`qUx3x+t`m`49NdK;9n~0Q+l&x1LaZpWb$9XtX
zHQlN({Kz=l;Ap<d+Cp2^rX+{S6X{cNl3RVEf!wc%RfI^{!<q-#MFm<18_tv;o_$9z
zBU9~9n`%s{OZRpP0Y>ERzy4Y2g2Xk-qA`r@o?l(6nE+0hD-%mHO7hg!U2;jgA>YO_
zyv|Ef;92rsiu$gha@%EAdL6DheNJE5ibbZ>daOyOzE5fWUTCn_5PIeko%UXcEzbFn
zn($ec%(=XO;wtuZOG>Vvfq(SCgp;Xd%O(}6`ch3T>zujoGBh7dT?(WqG}7vbDIs&a
z;phndrfWsPYK5zzA)aa_{$21<nlV$<v4R{SrwR8()Ug4I@b~#co(RnkWfqa1k-p9>
zF-!Z!gSWM`2<d6$bcw=e`r5a0{=w_m%udqWOm=(eZqgIy(MFKMAc~hPM;H2T5Cwz_
z6f3ta{(4Zs)SZ)eD>I-i?slR0`9$A{0gRt8_#R(S>qpC`embLU!mfZ^$F8*G<+l|D
z=_@MVo?jmCmtFy$Qor6mo7*zlr!@DbF{ijc=Fv;=fX?W8!M-uz+1T;PsWyppGFy%O
zd&%;8g^&}?AtgUMR7ys9X7}6@GtSQY#R*MK{I^;ZyvW2~90`M6NoS%f><iT?nvddh
zB<Lif17^mdNu3Y)_m|>E(~1^1)hm#kz~aXh5d+ELYT+kii(R%+qWs@hVKX<;xn*c8
z`_j=>2RrQKK7sMuh%2IK@k7e>!xM^m?n@#<QwOH@`CqI&Oi}D^Z`1{DE5timsZTzo
zH{Qw>T^g$yV^)x#vAu8Sp?;SB`cozbRbjG0eMvC;ScfaGV{CBfurNE%#gXDBk>^)|
zr$@y+RwYX;QFJ%FYIPDtCgPfUhXZ6}+rlaIu(H2pm-tdeZK;8eKe^#&A<m?1mXuk0
z)NZEdj+Rg)ZMy@OE6_He))JsnAlZ;bj&2)l&mPdfCU)sz5aViWJg6ukKO`b_S8<PK
zGO{l>F`_h}H7MrCx|@up)pVauWGK};kY+-UHuQs4z{goiu8MRKv^prvpHdTEJ3f07
z;J1)ngwEk3ddXGXn>8wEWsO+)ytH=}RkHe9=q5tGajis~l!n@i)_}?lVrk+W21Yg4
zX2HZ6p(oiMePC*e`hb<Qh`U6e&4a@yr0X^)z!*q1=d|V?p|rT&PN&`OIA}C;6Ge=i
zqU$Sd5-VS=%<8#9;(n5$@4VIE{m3>qmY*+cZ83YGP?>6yErITRH&{8heNAFpO3bF$
z751?L-LTQ!i7;K8sG{wpg-9K%X0h#~0~({P@@=`a6p6HkSAnO1bg0ByBPe8Xy=|<e
zey+aa{@x0aZM`cbs{&oiN)xS&i_A%L)6)Qr5mEcRN*d}cJh`dN*QxMKq5)TF_`}R$
z6|sS_46%le^FGzufP6o(3F0`GA>$Sr-HFGvks@VF!_gQa?W`kraZAl|ay0s=oigk<
z#$qF|(U}l%TM*xTcxmG(-3Bcc-%qtDL!_=4QCcXBSLhTi-Y4uj>{kUMOq--dcS7{f
zNM$3<Fpa+w!QX&+UX;R=4OhUGZ^cwyd)R536zIEXaZeIZ5RxZd&dkbBh|T*77<&ak
zR+`K}0L0}13K|Y_B=h$vEW`<cl0!}0?7Ns-aAE<F0;Jk7+qZlDuLBuT%I7>X3Ir}+
zL~~tE`1cj70{^pXi=WBm%L3^8!}X(C+5IQ@z$MTt0O{JtGGX5XCrZJ*jTq_>{rgDv
z^f)`S`Yrs>_$#3PLpq<p=!Xmdk}{d$fGN^gE`??JH9st>SfK=%qd_(0Ge{m3f}neB
zr4tumdZs&Ul0)eWM_yh6$8sPL64IN*{dEaH;iJxBXD{o;_;DdF&)K9es#J5oWSE+J
z?`WE+#@_eQL=RtH4uWF3J@_<0)KpVdM7@}`Fq(ut>Zn-nY*AS1S8(G1Y`${-hbCfy
zJ^t`5d2o#l;RgbVF9)i>Jh$KxP#wX=v%;e@vF7exCX)uKHk}y}PFCV|bHD@|WIPHM
z6nid!i4e}IAuM@eZ$S`aN?0VY=!Xb9YCDOZun4VNpbX5Ral&2f_(z91Sek<BQz$NU
zSb02(Svcuu4UH|*!@Q8Yu#0}(<?Qin$PS>OfLh8RDGin-EkYOv=9}Fe@OZCtK0%*3
z4UZ};_i5Vaja^!IZnqetVftplUpJhCQDdSSyWjD05aG@d!EMP~h!zCH*D(;l5o-<f
zl->D*Sky_68Tc(egvKCDb)PLYm(vwPWxWV4HP<-kFIFd%3m^8t=tELsfY6b*HIT&;
z`8&w;n=DelSmB!p2WT_|I$|PMr$NJI@>18|1Ztr}Gq}Ooax+H7Xd&T{F~OraCm`-%
zp%{Og`3aF`2yjfzAc2LRf{WsB9g?Ga;I9wIw1|||Hqa@ACvV)53=Ux{`I3m(KUfcP
zxqEZ|ewg1fit+fw^fuiWJrT+*zJfWNhGxo>f_(OmGQ{f#^bs#+jI;n8&4}Koz^pEp
zA21;P*59x=D!*8zsOmY+e?UjzHPHwsfDULy>5?9T;~ZdqARP(6ydkfKwM2<8WQYnu
z-Zp)qU?6OeJLrv}`dX4Kfwf~bkqJkB-se;Zl`)Lhqo%S)cEg}D8iq4vafa(2osC;%
zM`89O#5w?D&$IfFcLk^+WwBS3%H{f)uf9D~AczQ0yQK7`6pURfcfJ=Xfir^bp(+&6
zZ%1M3X<I@&M}u?)tm}<O+G>3&xuW{i6}&gi$;%22{X({d4XFXZ)GdvDr+Y4)rLi;0
zdG5>+Xx>p&eoNvb=EWbqc1USp*n`0XIECGxvrIY}7uCRm=GU{j4`F(b?mrUt&9Rl`
z$wV;kKJgV`2a})xtBS$@bxjt_1oReTy2zTj$b^IXCc=A0)j2ljqyNa}3Fwgrx~xyN
z4ObN-=_&*Nr4nddKm~3SpZU&=sp_En`wYqoLn4eR!u;z92AE$U2QN<Sq6i6$A;14D
zu}R^QAY1@*g50ZTm@!iGyHquzgm?zMdxqOh`V*FDUc@mupd7zV)E?tK1$s2Pd+ZEv
z=*$MlnCUY-bpB&u>Vg8=D7rm4#lZO_-W~MUdW+!wDY$1~Z=|mHcwV)1<<ilDznwt7
z<Pj$}X9|Lw80rMvj9>)*ul5qoquuH_{{1Pn26a@#y~*>2jI$WT_w?&-nRS_hb%(nX
z<)M0H@97^$6&pe*TSYzvyeG&eJJu3KM}?`}|FjaOgrY4t7wjt)yY1QyVqPS6)$hkL
zj=#uflPSMHW3^!k2>F>>%)pEkTU0(=E>6;lPLfsZ5(Y?Rmm^Xwuat-HNLLSq#h66M
z_T4036$=xH^gl!8h5CNE!FurmG6>x*-4*PJKm;rhx2HTP@z$%BQ!qqW?^bM>ioE60
z1x%j2jQf%G!N{W?sCl6uK`Y_57di9z1yu!w^E?>UUwr$a3iN(?-xw6ydi$IVOWKoN
zuqwm|W#uRa@?8~(yvU@PTta0it+at3oyfIz-PQqXfu_1YwNtqEwhh3-j);2(>pYDj
z3ccq?Y&(S(Gs9snM&x%#6fa8>ZrqvEKqN&%gMA2fPC#aPqgqSNW&l5+2F(%yk$@`+
z;*?oC<=}FR_TQi^r;H^2b`Jy+z)M6DhZ|ID68*mF%%`Lxq#QY;pkQ=Wm=$mREra6T
z=PxD1UO_UXPD43noy|0Z4<_k_J%w6uM&Ky~IDm*(*id9ii^cPjDQ2K#>p=L*o}?bA
zzT~PT18N(={eJw7vbGq$>+NuzL!bP_-u0T93d0q}1LF^15j04t{fAEw3%w>S>)``c
zr8K)SWRcS6p?T5|9Kc@0AJ(8%UDDyfKwL7$$yY$=Oqna)0W9fKMjZwev~J!6l_>lB
z{$7T>!M?uVaA52%n`@Q+UcfavEG5L;NBgxij%L!-cTYO{#ip9|AQZ_tDf>YHt7asb
z-XIMv>0R=RgT`c9eZe%jZct4wt<#SGiWxx1?8t}fE4ZDhmfz`Ayw3J?s2njAv4HBM
zPgtW2^KQL4=p~d2o^lpi^&Wmw7{sVc4cfRpkO-k(fycPZfX9G){-8)n^xmW2t(lnh
zAb9@_2(CSlBPpUMCvW{NY7T@6lXB(xnv#w?sU>8N8*G#9%$`pXWenWS1c!;quovU(
zC_xqDlO!1ui`^cwwJ3O~;(hg#CW6`#D?-qB6xZ!Xw{btt^PxchRnYguA5q{&2-U!f
z&a=0_qg>$M3&#6mzCkAfFdZCZ>T9^CHNi;j`&EbDbSF)|vAiY(&y0Vc($0l)L?mYV
zb(g>&Xyy~TsaMb#l%a3Rql$$B4;NvB^bJ;4OMDKQ2Y!&p!!{?~9*B9^0SqNUA2$EJ
zbDghS@eMGfdB?*V(5g_<E5<VPW@kr!!o{WO1|bnH_<DDO;&&K`WJjKVCE`oy_935K
zIVWcjX?u1tGwu+9(l>u1YSO_?B<p<<?6mVa;>e~1&jNJ#i6v#<F1_0@n1C+2{I-wC
z(-LvBToLC>R8j37!C})s`#y6nhokCnQ-X&Ja4TcOos}D1>k|lJmfga@W9&`f!Bm79
zgHQl_YzA3_kzAtj%$*VeIcG4kz2jTe<zQ$YRYK-skxujgVTnVE1K<(RaTZtgq@e?S
z9rFuJkegJHI});QB5-YKJ`NjC83rCghpV=uCG@gXqd`}~Z6kui23~S3qR)e2hZ5jm
z4wS)MQtNRv!lR?{qbp)y5sBy(@AOjyt5*PIxAC7A7!(Y|0)zOW{^d9Gmj(7`ga5l&
zaN_JWg=zt0hriEs_n$5?qQGCd?a{rFtZK2NF|O*eGNHj54Oi169YSOm7w<m*FVVd9
zNdf2=8>`-4bcTn({rHVWK=8)(6H@2NP~bES+pZ4)p-J&>@$ix8k{hMBzj0^u$C_Fa
z7Q;}{3NVsZI*3UFDS2eWpRxcTbui5*Y{U4#6G``NazBJ*TEk>cN;f`6QUbQj)SJrK
z3~~ZEv!S~~{=^GSiM%LT6fBJykW6tHg(U&KwTgXDp}vM}Bo`gtt9Xk}cajOUPw4t7
zCW{|)ukfvKVEk}3%=lp08(1jQrk|Z+XqET!5e)4{IIz7$dajPJ1gx|9B$Y-3PhBxr
z$v^CaVGp&T$Xt6q-V*Dx+UKj(Ze%d>Ihr$~^9j8Z4-%Hzx7K^i==-e|JogH~h8}`=
z14g<CNN}`-lScFXmPj#}j+^fhTa2=U##9jdbmN$KhVwRtUUn2QeK`c+3I%o)b+aZ5
z>18+cDbM*zo*#E5%O}kdkM=aI_tK?@C_x#7MB&Vlm*l$Qh)#d@BRFh<{7uph*FHaE
z<@=HZO=_an;yG<Q9dJAIp|v#P*C4J2J*<~0K&$)h4A&1za9H~1gkJIN=&@icOE%8I
zIqYCwQgd1uFK&<yhq9x}89AtqH&6sl0*1w2SW}7(6f!(bDC<hS;tzijf8oP0%<+*L
zV${W0knprVLI1gvBkppeIt7OWU8Bw=?au$>n!(~P2>n;;pSh5G(k1XyTgms+f4ffj
z^M9$ZPd-olWQR<#<l#*OYJ$FWy^S!SAG-pW*nPbp3KW4)uK;!E#F%K>NIL=O+82ey
zB+dK}N|-xUk}53%fi@4n*`NoI(t~i27{%5YxKOT%NBlA<LC}eodAdwS{Ze!565&xe
zQXXz#mc32jG2i{PX7CE_K0-leoCit98LDtnv2^Go*+eC+Z#e?>WoHZCsKNmyWW}E>
z97Vop>4_FNKPu-Mq+r#TM2tk}%lUhPt4J_G@5rJU9U&`_a&<Xl`W0YAl(BZaz(l>L
z`8i3*IoWTd+)p8RmLrP6dN@HDNauz|GZp~A7jt4gQ$Uo-kF7CBWbRH-m?kF}G-U}>
z*pX}*V#+AQ&tkI>lW89UMhUq&8j{f!5-h4r>-PulbvM|hEIdnfsh0*i*ah${3EMTo
zZ2%*pT{)2M;NfD;PUZj#l*IC3f}SOW)|4)i>JQG#%CtFFpTYDcy#vz?B6)@S+eZ0G
zPoB!i9Bq@uFZ3U8&CKH?4lCace>_GRIu%JPs`(m0l8Mmu9?kPfPB|yXtPHppjmAX@
zE8U;}rUe;kN_g<&{fGF3QFBU42D`k|yR7Ubm|K;_R;U-zT-?S-D4_uA>`_8W+77j%
z<9?EuB2>1ZpaUP^D<B0Kr!t6!3kPTOuF%`EPB7JlNJ7Gd(Ck6#i~?BZs*9k7NVmv(
zrfQ#q9Gp)FWp|iwo*S@0r6AP*UMYugq?+u&GuItjk*exl{OFfpe7by722D8<V5DMb
z@^1J72uNGaiJ(NsYQlGiLm|4Vr{j=a0t?_rOK=RyKzwB4yoo$8UeME><9P^G&C?a1
zJfklt_l1T%ixIN1&}^YUMd%7Q-w%F7h!BuI5KDKqSnMgw2cpzeCvn}>J-`>xV7sOC
zNC|&{b^Q>jkL+a<ft)_DI7*9NQW0TjF#&r5)JLSBMe4(Y2{gwFzTMb^udFPgO#!3P
zWu_*no0u?}QkSP8QJy7Ip3$5sq7~VO;sT`t0BP<#UJp!Fkvn39+3+DhHG8xXH*I$(
z!lBhD0JB6g!lvV4TlQfcL8>2lMmcf<a~M6kKiTqsKh#zgdm_^2C*MN%`7F)}_BoG!
z1ytAKeP-0xBRt{zelAKByAFusWR`}WzAL=1^HKLIQva+}0q);>1vrZ=Si7^;bh_+>
zvM&@bpV*0qO&Zi22&REd`EjBMzK}jjM)4~}t)t_^pb_|OIC+M>0<?4;QGSY5?!-A1
zI4lCokDtwz11Kt-^M9>sJx~QA=1#`E!SO@C=cQ1Yovi-q4ObahQQQ!`e$uXhB6nW(
zqzGln$Ro)#!SRjfd84FG2UD?9!`Vy5PSSily5&9)(H0S|aRH+XJ~~KLp_#XWILJ3w
zdugWdLBbtiXDXrQjjs!DFQ)fPO~@#Z+#S1l_4+3z1O-~G)39Y(Y+w-<kPpruEgig@
zlvICYm{7#=5<v8gDmioBK+iXjuOlAMH-rLa&t=CgfT+*!`@K6vs6M7DZ6Lu*^G2Z#
zAQd2zIMSx{7ve-9*&_FndZvDBD#j`!s2t;hN%(M-Ev*C#Q`dss6!S(;nF_WPggg@n
z+I`AlBYJQ|bEOie{w?_2n^V{!ugV)N_C_6{(bZ=<2p;AV_LA{P#W+CHe=+~|;s#w)
zwRaGUjm8Amh=?p<C6QCCAe0X}{LmClA@Re0@Q%)8=Y)zG6fII;(mB*%N~%IVbxD1C
z5`}&x4hXQq&q3hcPe4y^3T)Iy!kjsUE51<!aT^9EczQ_7KG~z3<L$E*g=WI;Ld~Rl
zLrIG%sM3hhX<9{qDUxHu`muuWB!bhev|zAINfYd)k^Fvrnh*pSV17U}X88)hpR@oa
zGHE0A@<Vf!iRqe7P448Ywp3?C=*EKzYK9e=z8_rT2Xhh+b4gV_Nt@X`1rZ9qmrO*0
zjhnD)3&crBkkfl3xAy)5?SUna$t;V<Fo1iHgM*2yf-}?6EGK^`XMd2?jcOu-q?au7
zqWyOeZ&41{)TlK|exKxsq3tGt1T?xTqLHaweM0(BI#Kv%#ki>7eDS!crP}r(hCW>U
zv5vK+DhOEy2??r81iL}eo|e{k8L8rowEIjT$;*db*l&oi!^YzL0INMpcZ@g0P+Y#5
z8Sp29jzc5%+}t8D)Ei>vf#u60n9Skn;y8{V+1u{puiUA_@UVT*H3rYHZ`{_+Z1cMl
zo$B1&2Ah5jIZ}BFl1w_7x4?(c181l`ZKVYq{qZ3F_x<O{;_4fjbLJvbG`!(ua<Q|v
zmsXt!5<%8ftSXPJ+o;$FoeVmJP4}0)yH(2N%RMxzqrPIsNr4><D`qyfq}-bh&NGXK
z`B51#ZGolXnN7X+U#sng?TZn48xT>DuvPM5zk8$MMUI{3p}R8Oi=_(_&IGUy?Yg=5
zBgd;3o<q~HNjxneVH^&^z<YjR0=P=r_TEHyF6QJ%0}*$m`s$BQ;MC4tf>&UIdqd*-
zspq6Wh<ZNzPsPz1-UATP(OJt^1GZBtZn4m0bHhROnTiyH*g@0{Fs3p}9{53Z1^IL3
zaAf+sEYHY}OByX3LAT!z($RmT*+RSz0jOeNrxeqwa_@Awn-y(THUxYi2+EH@IU9{=
zf-1;y$12hh*8WJ8o1702f{&yN2lK_Yjp7>}^%v(Mi3f7%7W_oS09X&@DjpOcBl#6=
z$|O*FXnw0qe*PXe+hJi$pYy<QuXLo!3#<=(kVGvySJ(&CMus<NbQC-CKY-Ms$Z+*-
z-e^z&94);t;fpTPaZOTR8fMmW_3SJmPXIyO5L$#JVi)za@b{dMeEVEF8N6Uu1U2{J
z!Y?n~QsH(D&z<6d352ANiS)2uIJ+u{a4S|4XtY>DNk{_^N1>7ak)PLooI=P{zm7uV
zn)^XeO~v7zN*ZDQ)Zv2JIx|v{Md5kHZ~L*8yB7H1$9P?tXEe~lO83hovP~{b{x-Kk
zn17tnA;0$e*N!JN6y$eR0C<RV4GtBh7%m<KCl3(BAweC4K%@Hit|v4U6e0lPnp0M%
zkVOVNiF{JyMz%)hJ<HV+mD8knS!m;gEo7UqE;ao>$RsnK8}uV;-)@<EpCG#O<KE*H
zKoGbs_agQZReTVuGRw58BI|a|^v=A+;bW|^#+Vx{MGyM)-G<vo{l_|r&{`hC6s}k+
z<h}!7JQMeKD(5u|uDc51c^xf`?${!%eMSFuoX^#lQ$yx^wU%K{)QP{>ZY;RW6@r(s
zn`*3q!jb`C`HsPcP+NP}FCLl$(dqE(Qw12OqSq0ZcX<aGCt2TnAV*{uOZVFxL{jr}
zRILd4?XF_BYU-VtPOI{6w6XpztFfY=_2<uZCcU!6V>Ue>aKX1O??tb#^rmWCLe@Dh
z$=<wi*`P_U(i0mIl5?$<D=ixNvG~oB82LfpG{fyqdftt%9&bWJc6-b#gGz^(MTePf
znTL!=7v+8ND`1$s^-sg(uS8!vi=lA}A#?YB8G|LZ^~Qwn3xG?%#M>*6PDcZctkr;&
z-HnqFw@L8Q5d<h(=En}o!?GB-NIzVQIbo!FT2y6!F7A(}W8jq?^Wj@K3?I}{aF>!&
zS$e;Zu|BVh_9l(W-jb2kovhRUd}R9n2@tC0kdD-m3tr#;J79OFk_oFpXx-G{W7+uZ
zJ~i=Q+@v-Cozycs{!~R=COX_MeMl}f$L@3{C?Ov(QA~4l$4c>37C+AJ);Gsq=<8oV
zpNp4}_^bo&8kzC@IGQV2O!MuaT|$LjVvfDir!?_h9C|`R-rI33-(5Q-l>6Gmck%hB
z__M-EV7bGyf9H!YKSe_NiI<p~=Q!$KS$wx~zW}{vcfSy@RBMUbvT=VGO)IgrEwOR6
zo6l!v{OsZpB4O4}h@w=%>i_7y<?svp(4Va>x0kI5Y*K|~KJAk9UZz&#lKB449I~I6
zr^wOGM?+%;zcE{iL|Jy$)R%sbtz4e%&V{GuStvkOvEq{Gd4=597E;6g+pE}f1=MPz
zLbK7}Cjevb<zAfiwXuG+r7`~s_cWFBY{l1_<gI6D^hWB%=`J5VP4<M))dJx+i}hse
z`35-x9g!SEL$el<ttdq9U$#AB+8cwuLssqK2Ic%`%}ea_*>AN{bl<QLaITcW6Gxd)
zeuPW7YoQ0@XzNvZwSDs<siklFX&1jVD&W*P>GudC^EzfST~nGrp>VYZjiQ=_ruA)@
z*@!bUEm+YmkNWk|aG=99SS5XvsLjw}^m!)gh_@u$RuRD}mvq^>)9i&`L#O_w-?m1V
zMeYJU7r^lfh~aU{4A|yf^XOk}dB5o86hSV&*ka&ISJQNOrr$FE9&52h*k40?<@$!y
z!0tIs`!7ZVpWo|dBM927P6wGS^LZ8a>q@^BAUxNk1{NcuUQVSi3RO-5Pk1$r>mx_&
z=mdf-UtQR<oCJ35*G13#8b>o%OcI$qHa1=X8VvSC?Y?ro9}Fk_rOdRO@9(uL{p$;K
zgnqJsk%deL>YRktac$FR7_@5H4pevev#_LsU>Z@GmX?Riv@34ZBaF{{y%YGa`y!0z
ze2SSCM8K+5h9<O8fDv<o1Y)HyGwqg+=>8h&gA(+v!5eS_(7W%0;hfLCRypJ;+8sab
z1tSx8f1<r}qKZx=F<Jd_uj8-&Vd}XhQC&BVe%@TUt31of;h>Aiqqmt4#a132Zd0g^
z0tKVLWx-mR&&h!D0Fw*eK%L<}fxa^Y-AEI(7hU`SXRuNH&VIE~tsro#k|f18v#~k}
z&V*nIbV0g@>pkPJN6_v;(Tq^5XsD%_5L;mMQKxu}zA^wmBu<q-cN_c(;!k?o_~0_d
z`V;t$W8s%%K_D0MK3tiqI?Ts}1(_@LYF{U9k##pZ7R#UjUCwdRP`8Xy@rUG;QTGF_
z(+Co$k@mF2>k6+QPc<)}$uUwl$_#5VpY-kr<U_yP)W20?Chc!ZgWuJ+7y3lCd=Aa0
zrlxVyCBZ7PN8d8Xz=*hf>X!bs_6V)9_kxt+<eM<isdz<|7<v;fed^0-04|6yrvC~W
zt)-h`oq|MFH*$Mz5}Me?$PKCiodFHh?}Ny_azV8&wv7XC0qTZdc)L7t(naf{($>AL
ztjDDV`p}mG_jT7&664S$nz6k&vN$)2j*z`@G@QAyI<hdg%cnAH4;=Y^!~-LBrI8BZ
zrfx`T8%s)EMJfq3%~B6E6re4orlJ|hNO$syGVgjrQequXO6<k&T8(co5ja0fBdN8D
zC&gi+706IlDT<Ti+0zl?h9@Mly@-#i<>9V5sIDljX}GE7rkTda+JLLUXLPNl!$+$q
zO*8d}LkCyR!(D1nOL6n<ke1;_3xs`B&Fv4z)EM?FpbWAPCJgy7!$83z!otG9BmBJ&
z2KhBK3>M@tl0r=U&spSmDo(QoAhvoRNMaY3%RH#@np#!EHKc#`@1Kf7A&Ejh(p)z&
z8vkWbjX*PDbzwDOMJ|c`%tz2AyihtC8uf#$KDaq>;!B~NNc2MJ?jQi(-lexMbcg^7
zCeSp>BzXiFJ11H};>zK+*I+dy)IWgmeiKZOgvpFT>FaV5!}CBdbB*1>6S*RVOE*me
zEw&dEdOe{tA;Ge;*5hUUyT*^+=WyA{K<=lmzQ}mpWa)nRQrxYvQf1kc8NsEab!?ge
z9pAy{S3o=G-YyLLZ{0V=??+9;!rKHOo(<>9O=#=z4yT9@Lj}a%brn?)U1?7a_wlJx
z6J|YbeqN<RBm1d!siERKVU&Kr5L<*DfS5c!U6e#18WhUBRDr9+9lH|j)y#y>O}0j@
zG>+PTME<`Mgl;by(yJF*f=oHM;$xbaUo=lDP5uDHjY>F;!irf<k`!^`6y@kLX^p~i
zN(jLd!W;UjTmT}V9G!nq3Cq5Cf9|tebyy@fjS2$CMm~rTz$s6l!v}7M(2cKObAo33
z-~Bp!e79X>&Duej!s^B8ggW_)DUJ@F9u=gOt&k;>v5~#E2e*pWqNO7Qx{yfE!_Bss
z)naSg|LA;FMJxtGOsVC8w6dYHDKN-;ZGUWB)y5A)Xq0O&iIF=kx~j=e*0#r{^)aSJ
z_AvA$S9d9jBT5S;^Jr8w-A%=7+H2lBZvOK5hkuiO5SiS~G~=9!uSjL_D1e~Pij-2b
z@#yjy`;tGhpG}JebCC4(<|#eB1F=uY6#I+FL^{<qMP=&5uv$o!Ra{olvY8eOd}JqB
zwDNt_kz8y?Vq{#@JvnAr2=-;?X38p@#&1r!$gj(?Z%i<~^C<$!1iy69^lfwZk^T%Z
z{r1T;`45g1+ARl(!JxNOAlZPObfJTE+JD2b5&Y*N5%%rYAI1=k|G@KcEMEbP-Ky!7
zAavyPoUx$qiokRPI7Q_{MKYwIQovvML9Y)Tq9RO4DZP6s25heeK(lwJB5ETY1GWz-
z$W?RjN)aIhli=*}+}Hl`WP!!buD9Q}LMd&U{%s}vLVEkj52;VieFp6;d(`jGipQct
zNtU3L9t=&d7&71~(63~4i}{Zzv27j0z9Ejxg88=)rIPH{k%Dq|rm&FurR3p9$>lQg
zoJhLr7VpWPo6M(@;!u8i`>TbO`CPUi{=oe$I#;=F5u>+8-&Hk%U)jT(akTh@Me-}k
zwbqMS_J@tc&%CDJb<}+EpBKfo61kdOOf(Wwo98a)a_sJdJIr~-ZMJ3Eo*<exk?tZY
zVP^tA9CE{S?9A{}M&r{3_W|^OarB`iz_=qCW+K4Oc)CCHc%Zra9AzWm9PDHZl%d=8
z3Gn0W3e5*8D<chLx*la?Ck5|i)BCw1jrBsPkSt{xxsm5|$b9r?p#b@>5PvTe{+f^e
zEEE86nDAIQ*pyThkd*=lrvwnh%|jjZ&xHbH2mjAP;d6(wfpm|bkf47WA3l|qJFU+D
z8tAcOWu(RmTsEtGN7(Fp8GO@S@d9|F%$J=HP-~O6`ferj&7RnxBg=ilI}TZzC&PQ4
zf_MG?%lB1v-gR%uaww`zP84}*DwasPNbmA^@rAwl+SRM-##-iU%K=N&)OEM>P|xSm
zV=Te8MpzLoJG&G2Lgf>nfit@zuT*tfqSRoA|GFt9|7PLQt!<O(J{v>YDZ(${{ZrWk
z%t^$xX!0vy-_TbS0GIOKTp`Ktv>b8#zWnphfITN_TZssBJUDbxA=1-kz-iqKEb!gN
z2q}&5BJ;kc{&?-E?e>02;@N(`+D^{BTeNW%&nn-@T`F!(DKiV&e+tYFBcLS7l%Et@
zMq@F=9aQ-h!6Y}X+12ZjkBeRuEV>fWx+vO9F7}2tu{W{p)G}pxtgBLHzvPpK>--lX
z%Go}uN><{!uAkI(AKz(|-{hX@n1I#_otwHDDw&h{EQNFBof({JtHWHJyvQW9iuqt&
zvo=;+KAf_mBed6@|Ec0nA6oC$OMEKDxTCp~(b|~k|0hrw%TdzjX{jS4{qI2Q(>#;Z
zpyzWprUQ&FQSTCbJx_2on(6<MkdJKsk6eUjl01*r)%8~Zm3@n9M{SjzPJ?~hSuSJc
z{^gZmO_&LL=Gvxo<%-tzW39*<sSf##lJ?TO+A1rZAumHO6`V!4`=6xR<LqfuPR@mk
zj_m8Vh5=0wxnD_I%^hFtTeSRjv_{rfc?|vEDnZyjowc-jvugK07gg@nZDJWZWCs=n
zu01KUKFkIzrFhN`xU6rfhCdtyAlYg<;%o%J$%-e7LPSA^R&EPP+8JuDU3iY<2&8w#
zvmGhji$DAA3(8(QE|PaT6uA6GQ)^<Vb*I2gz}r76>B{3nRKJg}1O^zcgnHnuC;Vtv
zF4x{}=V47$E-5w@U`Sln3t(r3>D5lFJ4dg%1Y^5FA47b5Cn{Liwb~y?WXuirHgc_~
zV8fd&Y!5tIHcJJ_ioz6};y<~#9_WXg+9NU4Q3vKQFsV-kbX`i-O*8qS@7pF%*j{fM
z36+aPiEIsRSaQcxDWA<MMgLgYa@TzL)+a+4dB<>8e%s0$d*8z6idVN$X}wEA%|Fpd
zKaxGK*y@?(7!jxr%KHDhw)Su)^fyjQ=Ws+W9ZoJ8wuy~gvO05(3>$K5m>&vF4C6SO
z$g#?0aTLpr&2cgrxnH(PG_rOiw=#uhT@+f1l5@t^I=|8H_j`JN&+~nr@B4n<&-?!M
zectc;e&6T2TU>Pg6Z#xfFr<PNEUT>Ys<_r6KTa&#1Hm1WLm!~{vWyz<<prazJ{x@N
zMXBr|ws_DFf9^4Pr^leGV2pjICx1iLC;a%kjW9t+zE60c>BIwvWAO>+vX1+NAN<<@
zf*ZUnl4}$n7vVIM)%5`d!Oa}0ZJt@(2vdFofh3KSL<vbxxwXxGrSaIkJuT&3%O4<+
z#6eQL9Dex~@zc2w_S@=-$ItHB-M)z#vbl>zB__*|w}la%OybN))kj(Z1EVkPrf91%
zZJ}zi-W&Hq=@duakmYdUF6}r>I8w!@QuRt`T2V)>&D<QpbeN?4M6XN`X^43@L$7e;
zt%g!`4CJm5*$rsQ9{<`g`yp+?rNUQbPyo!8;>fzUT4x?dioG-5Q-Pmh=f(0`yZnT)
z&bHT9*pE(MGH1%Fp57nrPA+~aIL*{1Kat?(_#sN^pusqIU@??UW)pRFsBiiEV?Js@
zGPAbpvoI$+uDd8N6_@}7hgJ6<6;{2GVi9d1HSVt+kmI`eTNg$di_pU`sG#Klqs9#Q
z45}1PT1=>L^4B`DE1@&<n=eVOCJvNHeBBzm7U~twVRN1ZldktiqI%|xEV~D3!w`oG
z3fmM8={=n56-NwW0y>YnU(p#ZgX-58nw?VjP7I<b4yi{>a*Pc2W6)v<LhYsiAuM;}
zx1SoHc>7b;A`dp|kdikbAnYIntaF3V5q`$)Y!6zzr~c(xg6$er)thwbbqBb3gB6Ku
zAeUn^T}75ah1vAEq4Y>mBHh6NQ%cK&1!Nw{Wpc>Lh-`Sltle@8{8YEshHv)Rm?n$K
zKb>U0T$3)I8Y!MqHD!ppyHO(by32>9&dKz9;EV;n;En3pDMSH^9NH`kfOkqvG=tAt
zXnLG&BAobr0?tCx4}d9MZr)Jylf&w*hX0zK@GQ^qy>K-w#7squUgg=`FboC7oba-W
zJ>hMYUSjFgOE{Z`xLYIn$#hY>$$Q6g`#e3a6y70^>$Mp-g>7N?fLzk^P6~<EYy&gv
zEzllKfB=A5RGK`UUEl!#Av^8rFQGlW2h5@Z+V(T$GBRYhg%UML&a0LCn4@*%PitGF
z@I#wd?lvXm?K>2|Y5|N7C}|$s>HyyF14LJA*aWoS(K4}?HvljEQ-~b{4?k?x|4Lu#
zf35D0R4|?Ne=F67-?_wE>RfuxRsR`VPX*>VegtqINKED#l6r;ArZx|p>F?SBbMC()
zyuc)^>&0HbAdASqs}l<AUo}aA8&#$${w}?G7qfU-lVUf_a5Y@*W~0GegL1+)7f@-n
zk-^W|Sz0uw`A^8nDXRuUgiiP`Qj2+`^n6J&ma}L@OXbQy=Z9uB%IB3BjehIKYHIdV
zpC3&>&zVRn`reM!cVV{qzDI_{s=oTwA>{Hbr?ii<%wgqL>gIcW(l!<h4o3VDsZ_8~
zRO242J?Ghf-|lGrL)~>48Cw~>x5gb?>FKQ8<2Zoxcipb>zlAd1Qrv!UzRr)>V|0rv
zMknlQR2N3`NnCU~IzcW;o9y$0^V(#Of8aK7(dU-r(A7;<PDY=?3RzF2P8|IZ=1oM!
z(|p>C)OK4q#&b~&1oiJ*Pd4~`FgvF!-|iKz`p9{n<95q~xxfMOtvgu7hfAaO)z_$R
zGUCv<<i^AxBq5IfrtSP`$jM-$&5+jZXx8)ObRu@g<RP2~abiYm9Hsqz3B|r#H+qd#
z9HO!9JA<{qkm_kg-?pKn4z&;+484fWI;8as^}f%z-`vX;oMNWGYg<F(bpT1MKhpCn
zT7)vb4O6f8k*zhn0GSs(jml)K0AUOtOx*iGn>>SbbZF&tlWc%HCI>3!qkaKpXv_b{
z+Wwe)W*;Las)dD=T~k1cL@)TK+FSZ#J}(O#`6by}MPi|R3mgGeNkDqO=8K#g^Dyy4
z*m$-OE`9_bAgs{wRnlAdl?H;J`5>q8&%p6bvZ0*3(o<(BsngWRl>tBTVD|}d{s`XB
zgo-Dx25t$2Z+Y;l_yt(qmC>)PzGh#*%ayVJwd&ClCAiGDk~1mXS$(LPwe4<c6HH=)
z&<Y!;E2s)%n-<!uRKP$}KaW&8rT)s0;?At<1^+NRn|$&L`PqT4hGMX*iy}EQ*kP2e
zkbB1Vo1(iiH-OV;gB<pFZ-)5&SmMC&df7Z}zz{=h6sc}-meft2fDXP?U7%Vz^Uu7V
zUu%rff2=Ml_^UMtXp30rBlX9xqjMM{cJH3zpfsAVHSKCQqGioiJ~sYyrtach6ENRB
zb}wl2XeJg1mIND*j4l@+BOhzPg9r0(OJNjyyET-fR-kwMYicHtJUKx<NsLFK%<JfK
XfGUT6drl4fkCjoakW*&#&&<C8ht(jc

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/btfs_subvolume.jpg b/docs/userguide/storagedriver/images/btfs_subvolume.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..715199d43bbabf2a546b99afe1c5686c65b9cd46
GIT binary patch
literal 30522
zcmd431yo&0vnYIUcXxMp3GN)+H6*yZ6M_VHcY*|WcZd+&-Q6{~2Escellf-8f8Kic
z-goa?|Ay7Oy1Kf$s=KOM_TJ}d?r9Bx3Y3zS0)T;m16V+RfTu-(H~<0+?D_xK1r7xZ
z1qBWc1rGxQ4T}hmh=>4>fPjdMj)I7UhKzuKf{luXfq{vMiHL%Yi;ankj){r!%;dQ`
z6gU(d6cii=5&{y&fBJgr1fao!wSu)nfT01v(ZC?kz@EAQL;x@V7$gK3;9nOk1Qaw3
z7&s){(*gh%>}Sb+VfVS;FAB1*-d_MXp}fPNC?nld5IlGd3jn}6vfV$-=Yz7!_ed!K
z02ng0AWN#dkhL;%WA3X8irFoQPh$4ApmI|A_##+)Jd^O5X4mf&(=&%D89Z%=3w$qU
z^)>rDw6i43n|6W=GZsZaOfe|;I}v(xnu>L}D!()zc0_1iZ8l6+C0c(!ju@`q?-krE
zDVOc22XPI-AWj*2k<C@&UbL9?zE|<hrQ3me-m3!6l?70#cvwvDD5EkVNL;}ufY`~}
zGb;MRcr6Tl2>>v#1Ccyy7=l4~?h1l6E&<Paf^-@u7I;>-iql=>xduq97rQ&OAPmoC
z^|Q{OLDjq;x_RTU8Lg6sr*SoHW1L&BxLQwUDZf14SVQe14{#uftWJFX$$vaOw}^K`
z%9D+RYLtAO-~_MAxn->Gd*$_uxA-k)xz}g!n*Lx5GdiS_zA+miXx+n<<iWqp77<gs
zxNv23IDA3)(K+%r86^7bX8-_Pw!ivWc7XAMum7xw3@QNZaQTPdPZXFU$&d(0-k;+J
z#p}z)q-;+N%5xJ=AAuAC0E$p{sB?k^Kq%~!0(Y_J;e96Kd|=-+GAQQ__BH8l)ym6W
zCw6b*m|gn5=h2ZR*k9c4c2c0F`b-R?%@k{-twj(((Kx;{YH_);Z|XLRY#wr7bK+w>
z*&Abdyk5r0{hJyvc{&)GLRPPQ{-#)cm%i5yyG_bAeEH#rfz=x}q?igiy^l#RWkCH3
zfY20U{tN)XMC{u)KkEkI??rqbin)x>Kjj9207%}{V}_i45airQ8T-o!y~n?S^2*us
z%>V%EhVjH*h_hqAZs^g0`{8Hsp9UyoYrB$8z3Y%L2aR?zw~&C>e~d@$S>`=2+(yu}
z+A&wCQ0ZpR-@()9_a}$uKH@pWmW8E5qP)#dV^xNiTg|<B#K#$9V;R1c$qL6gKV`Z6
zXt?y<1e+nMYT97caU-U7a_{<<@9K_sXWPWfyW}r+nhFx}mxVjB?R$T1iOl|@co+cy
z!2N|Lt=joTWqLmsNRPjgW@VO5hpjq-#`v!SB2|@weD2>c$Zp)tL;OY}f2$unddZ5^
zlwycW(gX>B{OuibJ48be!iR<*7aU^&f7RzR-+X!>;8(|iY`x$Dc?WD{W*X|IqKviE
zNx<Rn9MTB<ubQ@3yx)*c>V1{=`zbe~GsUl33)AwgS88Z;UXy||KBUywW1vp>%?|*;
zcw+&|tAd6Luxn+N^G8?EfjY;}xxT?@x7Kl0$iAR)r?vi<noywV!iwy!Q8&1MW1?Fm
zIQcz5@%Ho27QsQ0AQj;CcB**Q#=Q(D@mH_%-c6f>THt>~`{V}zu)XJ#0RSN0=VpO2
z|8zls!XyDG4uV1bHA(`Yz`!9OVW58oNpRGEs`!k99ts5wN6`lm=vo4zf<U2|0l`(K
zgFt=jBLoJ=7*fpA%w&+)fp^3R_(o^MO-;TZes??U`KF##elgGNN9Jn6mAhJeuO9%Q
zRkIs&F>9+JVVD}yq(|+wn8#Am;4S$!CFPPpeXC{-0KhtGv9z5kP0A@vQY~PvZTeM@
z-v!jeU_}ECARf#^@ah17Q8h>i01gNOlM?{|P)v_OSp>d%T9AZABOn+BVbc!)AQE!i
zyl%1!%ua|{@{AG9Flbdxb+A2@+3WS92|D`>03c`cp0${;d?`6-&$>!=cv%<m%9?AY
z_nuK!>vwtN>daizt2fdN(AR{X>5Ed8-zs>raGoa-ewIQ|N_aB}N;!t6=#&9q(dZya
ze_s$Zk}DvXOaK?uJ6dHR5YgKi1VdJ7iXR;Jb=lfiv{EZx^Y(`uwJ{51*^is__Okf_
z0KhBr_mjh}+-{81ZQ?@O{RBL$y;{_}A1*N3JZ^VbLC$4RK0Y<~@j+`MoglUDNXq{3
zRh%6ku1;Ic+0bhM0R5#=4rt_%1wk;xq#cMO8Y&3<c`4jy_yGXKzC)mt$kzdctBbP&
zrCPPyP)+dkD$4Lq+NS^j{I!0ww?KOquCHiEUQGek3!h}BrPkD&OEW{d7m9MAxC>@5
zn1T|QpWg*<hrnDgV>@5aVYa}2qO)tgZ`p7B8316IcbZhQM)r2w>1-qJPOVcT7Dt|D
z?EhUk5!7fARSYPtG9BP_TCVyC0Q_MkwcF$ru8-7-V*s!}sq4fEgY!fGf*_^&3;_Sb
z@KR_+ltOii5BdO5e2g9d0Mr|1<$xNd-Oa7-8ld05aIoRW2fHhPKUK`Z49fTmOYm5Z
zoiZbSB{`SBP@GMakKfo?c`30R{7YUi8MrOC21>G>4YTuie+mIbYX13OIso!9PygCf
z!28!hOCMP#J@?=H{i!IxGxKIXLeYz1+;der7W20ch(HiCR81|+EcE@71V$aS5CL#`
zQlo;#wQCvFyRcCp@E<SVKinN0v}F4W0VEU{1Pu5ucZc}j)dfIWfd(JkWDI0D$y$B@
z0D)IMC`EK)(z#k&&3V(CU{=i$?3KUvj8nk)(U|p7y;VW4UB|xk;>BCxl8<YHh4<Mh
z7g;5|AP$5H65mhQN{$<+7QNy&r34j96G&b*3Q6x<eAq2j1j*J*KAmmg>^H&@?0|T8
z6>0tx>1+jR5&V@BXgLG8D8~B?0L&kOKmf4_sL?GDa7PmJ8N}UOycv{n_5z{7u0QF6
z;GN5u@+cG>PK`#DSJIM&Qq-DutJsp>^Oq<M_iLaDm?!_Odno>m++9pb(4pIr)FL@^
zl~9qgZMX5U4~Q4o@IJP(iS!jY=Ca2!g4-}(906VevZA5T?4cjX&7T0fpf+Gu9$7(+
zD+ob=G$dfI1)+Xl*0->vAln;#7My|41C-9sT!T_gr>pkRY9?dR-g4a;&z?p6%%h7c
zvroA>vnQ1{pz`wVlbn>Y0Rdm9_L1?*o=-~(jkvQoyFcRNSw6N@gZiQ_rEp+;*I-mA
z!RUCLcmVqez`xR{wWQ{GGs_LCuXX<1B0=jch!$o<90W5x`~1(V=q`p70Kn_Ge-=8S
z3xpGN^%MaBaJO{*5Bmn8wE?5*nIP4pCCl9Br?qSwKLl|L3<8xf+{C9DOz4tufbv(e
zpMTOfz16g~Vo`7M+P=NQS(+2tC~tpg_`b_AO#|X;9A`CDyy)`%rpUQx?#H#&Xot;l
zRJOsNg&>kYVGLJeZ&Uz;psEANnE9|j%=G$>$`}2GKyc&+S{@|tZ;G4_(DZ}&TaI_v
zp~D@5!K47_KkSf6)b&{7tx#i?tv2A73H6dsfmw&v){FhCmLG?s{9iaCuBf2beCTX6
zVf|Aq!0613u|`N}{Kq%@A5H#j&X2=WCYy$psieZP;a?IVE|2^D*>%MbJT9;Qr5|8;
zn!<HR3Hue_TQx$wg9Ja&9NpId5Q<TXd1E@h;Qjan7(M(`coDD@`)u|+nTWMtq=W;{
zTaSck9#Bd#=?O}Q%f~?JKV8qR&W8%JIS6ntcqj-+aENCr(6kN(4FH3I#l=EJ!^Fm6
z<>uiNLB}9v<Ah`9B_roh#-pMUb@*d*1O^MXW!zukq>~pR_UiiH?h0;T^&98%0Y=iN
zCCj!c8V0A)+A;$+AX@VYF^^tv)XdqYYrDs?{eNEuFv^%l=iVpztJM}nl0oL1B1^Wq
zefSU!;$u;xUAUkPK9Akz;fBwn_Jt?PnH7CyXVNM$C^TEJc5Ket7V@+LH``9(OlD#b
zG52U>Z2j8sbU?!o%H%`aHkN|NS_4W~$r>X#tez~_6|8sQ{omN4Um16ODkfIKm^oid
z%+p~NrNJsCEJiRYk!P;qNjp}b^~6ild6{gat*2iyzW1eW<51Sjn-7DTUS^b2OlMw`
zztTOvCrF@>FewOTNC`PCn<p+lOyC24QdsLwQHEGAT&r+287v_V8yhyC8_prIs6Jp7
zKMPm4;W7(gImXcXsyZt;KmU-`#!^C@H;lZ{;`ItyStjEu1X~Yy$xQ!g&{txq7T}{W
zZfD!N{z+tV{iuhe8<lBzw0!*at-Y>us-Hc!2r#A(hw8_4AqlCDU=M2-qo?^5ME|<i
zd_8)i#Re?qMu&L3Kc)tq=?wLSU}<X@xokR$wz{m7`O!2PxBwZJ2GZaRnLf<@2tkP@
z!tfMF)FOMn3Ao>~*MouBW}(S)6J5_cGeP`axN8BOcwIcKrU5k<#z%bS&~CXl+qU;2
zCR?(#WfL#9cvN$oG_lLJB6)Y&`gY5u2Fb`}OU|N%C@l%A@P&Db*a<&i6%~nTm_7lR
z$gkeRIIC9cE1_)lG)N>)W81_@X9rrD0_|#KhOje8%lhNzJqpIIVs{b1Y+oJg8lFQX
z{9%Rk4=Pi}U;FRC8T|CG(Kn%qt^KqZ^{@9S?y|9Tp8!ZtfP$fpq1)oguD4Hs*4bP8
zQDY^vn;&agq&N<XyWtxRhxsVm51eTF;Jekm&QPNcrML*UHaaPk`s<8?iOde6X9(Gu
zQu=O9yhAOSOFMYZK_d)h?As3le!7ODJ2ge2-=6@ke-{Z>7}c|kdh_e)R_0VGZwpp;
zUnR4oqZ30!oW6eeMwb>2dGo&`xBgE^RxaB2tw9(j@RYEGY#5$Cs|qW*e0oW592HCK
zRF;!!XH9Jy=JlA|GzVY)%+%N7uG&wN25S5j`8SIHV5WYQM2?tzP41T$wiT?Dm;CU5
z5ew%0Dzd1OJ*#=ZYm@Hq{{{?opi{o{U;P<V+~qoS)XooLSjrrdar+`wy7F)Y?`z{*
z|NH*q8n9<R^iWS?>k3o!peVL=Ou82<YJN-csx8_c%5wko==}tkJ=op7_jz0i_tt&_
z{1)u34#xS8(u>tQnC~oVTB_^chQrik&&13LPt3MFdC;<v;zOZmKcC2AL>l)EE20Y6
zCDBVGav#hra75)f4Avmc@`^{$F*CvtyvI^aXIJy9y{2_YlR--jqGor}zAT~2L*r7z
zlEO}A3MbrAcu&Pj4!@poX_>rrn|7YLwv$F^KwfH6-We~&mXX-swwosmC0Jyjqrv))
z$-fNDTKBZBtra~Ae2bc!5l`wXb%_zJ^w|!ziyUeBxBV7QwT<2%-+vlR>lAjRF@B1t
ze9i6;n%AyR0E}vWhn~>tqn7@(){yTkI!dI1-S0EtZ8Hm)sP&>sh{f&rxIH+Hr#Rxu
z*cbhzlaDNx^4!RV12a3FE@EWQUMdSg*_fK~U<q;r;~y4w`p9=j-u}qKk5DU4HvNWz
z<WBF-($2tJPiWJ_H#a2uZGFfB#WA=yI9eAiFXC&T<`has=`QM`VvTDk$&vy$bGaqw
z)cz^{xzGF{6c8Eq3{hFyObxxDFPn3zf)caVEmt=66M=zMem6XOee?dCVir3E%-fnL
zz{j7%c;Za*{^TLsODR1Yof_`7gNNXJ9}wBA@0$~8f+-8~u5b%(u6SaUTytN`$h^Yx
zRpovn<SW>gqxB>MBHhZ=y{UC?p3OZa49N-1S9Cyu#`6`6K;7*^zB0VRk3-n~eU$K<
zEkq-f@!J%yDAW%wCPsu5E99O4is<Ey=M9p<?D;?$V|>=-JIT4D=%hYO77H@ED7=^J
z{_T`Bj*eW*4kP@0@$boDnSp%RaxN*PcL;oc8JdnM6PLb^*18;TR~M!~6z}Iq9qjtt
z{2aB8jL)bhX4VA`#Nla`Ec>;|Uh{H-HU(LYs-sdC6`4>gSGoH9ig}zzamTZ!j8}gx
z*P}D9NUWO~&^i1M6{KHUbcVf_a)Lfjj|0TNS?2Ky+_pFKy_I~GzkAx!_DG%4A?DOn
zC;UKOHQ{`#zuZqBABP-Gr(gK;{i^w4rR)99*-K}S%9eI5{S}5vd#qWW@WYI5*Wr!U
z|9XKY-Bds#*=2lYCj+9u_4dz^zBYdX1ZvzX`XXesa9J?~0QfFmot#kmkf^CxKd1y|
zOZ~f?Wxku=-y_^O8RB~JMTW^>H%ZN%6PotP;8h<qwYyoTnf7WBIP=v&Gjd&fpl4DS
z_uNr}(Phq$ny8&m@ib;0m3GHA3Y9c?$Z#K<>kQ`25QW8`-tGaX9h0Ie)_J!pq`Cdt
zGIPtf!opdtHW0?h?s`Nv>0UaD-zO;A^0BiI<5fu0D5|_;#$9uWs#cXssuH0X047=|
zLPE7kV^!-5(y@wBkyfwUsDw?$G6lY9I!!U|+lu$_RFD*4j@kRAvoT5!!a~lcB7p?#
z-p-Zb+LmrpTh@V^Ej00f*iY`%X^MLj-J9ix+$?mLjp7vSlD6sY4ybG<1#;L_ag{6(
z!&)Cr#QCN8`g0|6`<Qh!1xku?3GK)-sKdcL=`%ME77A-FB9%n~N`<U?2P9%%01;V`
zhGs^FJ>)minmx7PDH#hdV4X%SGrok@>Xj!j#EKQ4i)EZ`4Sg_odjfnJZ=33CONd&(
z#+K=eM!XM@PfWbn?wqQKT_ny?{OnyLqp76#M#w>gHDvP>R}Hipc<<%$yDaGnjI?qo
z{D0GQq3MTk%h)G(N_g))qBbNk*R)~FsNnc4w1gy4v@BWCKA=e7R`S?<*r|C$i4t<(
zfuTvJHg(;$S~nG(1Pd8$AYcuLrSFj1I+S(sfNe4#a*<<OV~D-Gl2UMI`-Cxs8u>+k
z8C&>;g3L0V`Xoi|dGhWJ6lBJES`j^N9z$#j)(`@DIT3uposP>I?7e;f8D0Ev=Ygds
zlB_38q#CutOQOVL1Bn#IY)Vr$E*@UosrI_?##};p)L`8t3f&wjJXIwWy5gds@kjjU
zh4ady+R@I(*F~!Rw1>3JohWUdq;h&vGPv<CA;_JA27j(yj{^yC2^KCC@MAm1q&bgj
z1{$@u^%$KhlKC_T3Cm2QHEMh5=Z%wW{_6$hN(J?)k6Q>yzl8c@HQ(awmM_~Q*9y<Y
zpO#p{ztOm5s?ma{VJD@b7nh{@-;hy90s{S*y}HtC+7|n1i933Jx+YoPo$1Pzxqp8$
zar>%U2Uju$E=yp3p}Zpl@N37%pCsf}-9%CX0@*2>O=Fb7fDGg(fQYzbM0yX7lk^*e
z#1Da<$*}hJ!H?Zlqy4@OmLYxEN)FN1EWw92lq*z=!6tdmKE^HXyOFnVg(+Qx34^FA
zxAykz%<vJ6AB>h+2N^yS7@5LTOK>O5dDX)d)@FWN*lD>R?x(zM-)nOW4$IA--4#oS
zqwU_6BpBwjuYuScD%QZCgjGRHX2W+=?i?)8p|UJUh?+_7Su0Fmr)lk)Zl14$Xl53X
z4c_n=NcHg+Nm4DgJf|830!;#GeWRH5)sQh?k;b4lQ|}*-lMe>Yb3)muDw)9G`RjwT
zC8E9Cj=ug#YD$%pKs<9G$*Z~@gbnrgh2`(HE`<+;tePvkQJw5ESUDWrw5PvpfN`m@
zX9=8DmZY<pd8iIaVSs86T&pEAxj2OGftxV+7kSm?kLGCfDsT?2YRsXGDI0rp<0irD
z^)l;Sc!E8ZBP|!Z@xhvDJ|BqCXQW7ZCuqm|%-sE(2c2kuQZ>qw#eH`;y`h2E>Mdlf
zdtQAXQDejOmj)NXdc}2I&WNIoxm#!1Giu94rr|?h67&V*r|pYOw-w`#r1g?4=uV)h
zyGhP|@oxRJQ2%ucfu{LqJloQ^%`5H=NjS$g9bliWNyD1k_=ZNK&S_=y8Y#I_c?XNU
zB?T=Ti_TNIrZ*q=m`3{t>bwdK9A6{q%K`+FL0I)h*%|giG|QgLoYjO8xIBMTTmp25
z1R_JQ;i=sMcP?@7?l(Z;L@{X!y;<#zc>c_lw%x>1^#<SJyAZz20yL8-wX{JQMrdXi
zzR|V2FPVH`IQ<RJTZX&+?x9^*EzbLY6!-h!W0|~=NbQ@b=gHAd@>Mv0q=%>QBv#Oh
zMA&B|Pjf1GmnO1s&O(_zU6+enu+&E*r=e^2@0zLJ{w6m+<H1t+Crnq|({tZE2yV>7
zL{-3E<kg5dX574u+`W9R21f>CV#~^bGu9K}(0FCy31Bse63dvi`ExB0r?nBCM@+1A
z$-|pI)?OFpG=%(ZABnaL83k_B(g4BCmoI2xKsIh$i_h9zTI1;CkFD*`oqG$G5A6Zl
z`qmRbm1GmW%JvVhas1on`9AgufSdFdyGigs4a_#!BsWJx1y@(P@C&V8T+QCuMI6~l
z)ju;;#~|b4F`i6+&wIq(e8gQ)ibnSaH>1dz3%9&5pJ~_Er(~p9zIsnFJ4!wM1))Y#
zL2&e)lZiyZ-aD0>rhn=mpZzut28oH(xa)y>we=TE7!>}{Z5rb2`=`zQ#p0~#3;N&{
ztN-XC-*X-hl`Bl@m5#s#gMROY{}xqRQNC5kdB)i1LJHjA#uuS}>Kck}%ICEhkNTnv
zPj`YS(5ur^d~ezt&5kXejCQs9Pn*u~IX@1Dd1Y5Dx%X+Whsp9dr%7qsR&Fa9<A#vs
zaL&{fZ=u#KVSD$OuP~rYc-&^BoiVtKrp?4jzkM5IK<d{J>>(ZyTD7nIJ;Li5M2)=#
zgUcAIe}ulDLKdTWO1L%25xLaNaAjg(uo==XnMct&cFq)@*Vew~??tL)jr&R(rCO4I
z&cmyTmI;w@jLFK=s}{^_jGu#hVe-Y9MB@JUkR|=HfX6XkS1apbw(kUg7<0iNX6!<;
zteZyCog{zF^T&t)f7z<fo^Wde)6SRnn!SZIy;QY)4%{^CF65pn@7K!b;%rb1Jysjp
zWa8ys{9hCBmw=K_fYLy4&fC+d#`EhJQdGbRy@Nm8sr3)PztQ}}bs(8aael)bUsuJZ
z>zvl3&V!Hc5N1XnBLh^N8LKH$MDCyx4$W!c+;>{atdIR9t-i?{Hf$l*l_S5QrQB>3
zsow*m(&l%{mp0*3_NOM1{LeApduhvA>~p$!WQX%-#G31P2Dp-Li5FREllkxN6n3sF
zIrD<TxUdpd;F!N4B&3ZpNH{(LG(e`p0y;Jst2omwa;RgA+?KQactktmp{vVTO`G$2
ztX^U5Ms3M%IRW46Mc6&9En3sv8!Az~|E7P@aSmVMtDZU0BCI8GP!EoN0-fV2gPwze
zLxMrW!9qjBfy02#@j%b#0FY2<=on;dDv9H$m?EO8hH>!|<gD!KjtMn&(4=B&{<$z%
z6dXoQl;X-7nzdiPcD+00k}!4%NXq-;cn?k(Y%SCBAZ7dr+A4GTj4Sdb&vndkbdWG8
zIM}$*JppLG8|NzB32<1v?$~4Hs4)1<@ipN)MMkbGQrz%ZYjEGr-b-;4XBXz&TE12s
z<$1zogkqa$yPzp<X&$iyg8yN{%pY;qXLR++Gt$cZo=Rfb=N>{sg!bx*GBihdNBKU4
zHIhx+BiuWB6G2GO0A!`wq+*&^!nAv8Ka`;Jh={?QJOjDcAdcy14uJBtgDVjiNU<o>
zV#}_RCbfMn)adz4d8XWJH82P4o8PoEBU|lkcfeGp{I3M{y_IOoCii8t<ozr)+~ZeX
zaAeI+=1Wha<YhR&+1w8qAKIMFScM0U9e~M&@`bKlC3+h&<D)tbi8+$y(PS+<95ve_
zb;QSKh*ITW@ZCy^8Q3I8ymL&9jhCJu#Y(r17>IN#U)EHn=zDOHeA$x6ebzy{0ha=Y
zuf(ZQKr^7_uX?_(s?LA0PvjWF!2Xs-@ipI&M*eQ%!YRG(OL}0(hkFVB6ki>=!q+C<
z<tUu|As*KXr+V1cJi}PJUNnWvy5lk`yfK1RLxx>O`JdvvvZNEEn;q$ZtB5>w_H^B@
zl1A@o1X-a<V&Y{!`YCZzKuioZ!%NpG)e-?!WNG0I#rbQ*i;?<xlZRUHhBu0+Xc$y&
zn3#uGZuS<l7qNgYc}l2w>8@G>-=T|v`suoUit;<k{3x~b6CAE^BES+GC~(_+D8jB@
z9=0$(H)$M4#Zkm>yl>mTmU3m0XpvwH&|w~wnk10wDi{W~ygS-$xU@jK6yDqET-m!P
zxpZc|!oCqx4dnDgUx0qiD`-lBJ2*Jt*uXga@i;D_`>hufygibx&dl7`R3=S)VS=xc
zDa~c!{j^coG1~SIorIPxGX{<_81U7vPIo8Yswf&IXtF>SgmIa9J7)@v9oi~3xbpO1
zy)Ivg*~Fap($Hf>Pu|9|Y2M|1&3)NQ89SH&^%}ZwGD4k>p<k{xv&;*nAd8(meW^c<
z%cPkVGQelWLhDkvpu39-xUZj>N@nwj_jz+$;E?)&HBgvJUD*+fl9v_CuxK7$E^2U)
zu97{bUd%a_PJL@cwr3lzMp<?gk5iuayES{LGQCK1BZEbZrtm&we5tk0^idEbcZmxH
zeFq?Mfz}1n(Ftgc#GV-8Qe!ktoX}OgK$VG}fc}k&Lt2!zb9?G>DzRmR<?F%bhNtwi
zXK>-}otjZ(ibtb*hDV~q?#eT1x4MrKE^WYdPqxzmoA`$}*$6i<3-sQbofbf5S0mDC
zDF(fgVA58aYbQV(A&pn!&$Wiz3xLc&lt)jPkf)O-&Unu%`!xrba<Kri_)wk6!;80>
z&;e{H30F1A&NbuozWFvwWvu8S3)w>~fwCciNtL2cRnePghn&RxBiZ$vjlbWB{|Whb
zlK)^1+RDtBYknjVIX;FpAPjRSz*Bs5c7PxA36Rh^Y0urk_%R~@)5~BeYFxVDsBih7
zL3DO+`A6IVpQ^qhnh0j^a_)xvjTpK4xK`TBjx>S~{|`W&FcStjCkr@|6uRe-mHq^P
ze**LgtL*p_c8mQ7yW;=T%m0CTgtq3YSiZubk;~@#0a|><dc1Pd)s&=&>|nGh!gOB$
z#M;z@Yb)_s5RsZ}-iAJOW2BRHB*(EFX7;9rany|}?ORu!;N1UBkuhdj#jgBN*ykKy
zSWQ)*@SLEbg?Wi=NrUB;H=x-_$ohfd2|#*!-|3_4X}>)91Zdf9eIDJNPo1C6QBcZh
zwu^%O<ufFf%H&itlUu`hK03kyO+&?F<U#=b0sCM+-uGm*8<Q+ssa*%a=(2+_b?)R8
zzmi#1j+KQ=*RSZb2^)D)bdvD8$$7?h&c~>osJK!ZHaKdDK-cw-TdJ`Po}`UKS3Y_E
z)0I>IZenM0;x0jkR}!R-Iz<SwZ%{8o)a58B)1)R|>c;zNlnEuEU#Au3G;h_F0v5~k
zxe3+VOs9>w!6>q*dc>|VI2d3duU^Ts>NqpbcebxZiZ>DfGvRv^nq{g*+PMk!V43Nt
zM9k2b4Q%-0>4Cw<*4M6GS<I~P0mn>K*oT__h+7f+T}k;tRN@QdFX1qZjvLqylpCV+
z6P#hy>}nlKil9Q-fJxbDjyl;Tcd|fN!`WGMTbVY^W+z28b`EF%uQyIlfN!4PKy&_G
ziTUlaAXNRR8c~0F;Z3K^1m|_Cq_v$oc|#LDdnYjVRL;oOW7^2Cd^ej<fcayxd;+kq
zc7{|VyKEk@iGfcUsfCMq#hUqaGR)SwzphNSW`wM}gb_6`S6ZZ#LxkR=kHf!aq+Dv8
zichv&mQ&w#dzHMM|KtPIY^WiTBgG3~1(036WlY$pog(X=tbyOu3bKL`Va{+8i75q#
zw_qy^o11h2Kg}@-n9GzbN<sXHTGqlsKdEM{n6dH6g3YAmGUy?&HQ~k}?skE|vmbH*
zz}rj-b+NK^7OB*@J!tPGE5&BrlY+ViQAJIzvy)+_VWAd7y`ovH8y9U!M+H5Ljh8ze
zcy=C1$FCNAeH;)5=Q;LaSDH|z6vK*6EUj2(C^nuc0~U@uOj4HjxJLFxK7sQN>W5+O
z_uInU(An!mj*MI7f$yADC&CrpskNUzE`9o*_0wYAXE4quzpAAI@o~kV>X7?fdtd2v
znGy1xU{tkJPGPU8-_z*x78!UiEAi!j9n^^vu`M8}j>~~9mT&E>!`5^;iR^L?Egov_
z42l41#$njYnRZatI^(8$UUv?rlJJ~2bW531eFm$UVkEP2?2Vc_EZj;>bG+=2WXfHw
zCHK50Q28iZmvIrY<Yt0e$-dvxJdT0v*jcXcKtO+{lBOCPALl&e@^uisiUGes>YeM?
z(v4hCMTX%BeSreGzNIGS3b>D{#Y2sQo&h2&%hen2T{m3?_FJfF3{otC-SJj4?TQ_&
zW4yJBi%KYe@yA`s^vd<ODbYbXWc0-2cDk@eh54KlF$=KW&PT1ESOlL#%nRnQ;QC0N
zaK&nu0F3GS=y$J_g6XkFeX=3d8L}RQV2iZ`@4eBKE8kq+lIQ9VKLIMUA(f`OjwVNP
z#j-Y(BdAOe=j8v1^k)B5Qmo}<axFZ_d9~;Z7X0ofrFZ{(&i{FG@dm!BoYn9t5?qwV
z&*B!Ag_7}u<eyQVwaSt%6*M#6Avsb6dDXd~${_~{>nQ^QIxI8OOEH>4%W{Srmjkg=
zLz1rC%+$(R?(UQDV`m$K+yCEyVMR3i2@J4$7cEO>pl#{H<|5vgT@tnDtw4;r*HG_}
z0O5A-6W}0PZ)pBj`UUOn+rMgRZN5tpgy2{r>-r+W(!)+dPN7dhWu9flaOs0O3?~nJ
zLGI_|ErQqa8%hgADom^%t?#hW=g&2Y57;QUskT)$H<=srSGixmt&wobJXd=H1P>NS
z0!R0?cY}#joE3qVP&608nV#JiW-qCv&%-Q(vz#UBhGX+?#hK3{wRtNs!tX08sm|!7
zWT%78z@QKyeH`i7Cz&l$-`1l0;+oC`b~=)_$Fm_BYX`p<cYf98+7*j)G>figTX%?D
zpOZCb%HWfQ7Vo{U=waE_z~+roK?$X&vK#yoNc{wGJD9NfWY!#)sglI)K$YZ4yfpto
z)3itTvQXD1F{TH#2z%%Cq}Wzhc~_&FG=WXwV>M7&rmH>*oXSep@l=d{q-_K`lQpN3
zv4Mh?@5uJcjn%F6Qr`O2&(%ra-R5PsPLbNYYGSx|eY{OZMs^cP!NPS<Hla^k>D4@)
zSY*-o-Tv#q7p{KHj_)A@ZXF8f`}><6_;U8b;B+9>@##0!Syl213OA^;fLn#}3q+Pa
zp~I=JVkev__~fQbJ6j7smd^NCzp1`-A1G4@wn)nqEpNof>JcbtF!H4>_Nh<Iv^ld1
zqZx;h@_sli2{X~iKnm{=p0pNFS5TF*oI10-!pK8y9{qrBf8TTKRU=(EsYWkDes>m{
z=47R@&(&PRkx3fuQ~a2JGCuD&9I{-#19~b~EcP<xo{nC55;&$0!FRp7j=>_&rJ@>t
z8E`jgO>Ac^+Q!(79)zTwC!%%-GAcjOwzQ;&4QkD$S|STasX8d5Mux+XsW9qn#_%_M
zals3@*2zv;9|9Ey^6=9|Ra#`ilf;T!+UVj`%;vcQ3U4FLX;LM*RkDO2KOMr$(0Z6n
zdg!>a+hK-i<e$D>_=tA%+gxpJ9=05ELom+~tn3_lAaRq6)NaQ*oAw#kRPd{ukp_n3
zM&>G2KSatl?*_6amkr8A2U5?FuJ%una_iHoGTt`V1Q(d$W|CGa=C5$B>YK!dNvzu`
zD)1`%Pmz`A1e-HOtA1GFjOQd7L9i*zVjQXucgX$pI=Ey%P2pWBt@(8Xe%Pl@cA2!&
zpdbchlMSBXc_f(uYWJH_HQmoef;I74c#2p&oN&aeHvIVtRHj4CGcH{n{3`pors|Y<
zo$C+wV71dm^ODU1<qNqbd@Uwr_}ZmhF<=MpCX(c+WE|_~GO~R7<j76o#opl)D<ynD
zAH`=jb#minS%kM`R!T@Rlx@XE;cAe0&#uuDVWhzqNzctQnT6#)?+Qg_oZ3~vl$I3X
zQ=5`fmrWoRKC|Cdgp;3z(x%lZv`vCi@*L*m;~R46oWVKg8Gtccq)RNk6v^O4ATKcq
zp3F~3mChfuls&qC5AWN*)wy<oo6Wf;U}r*NPwVF!!b>raHLnnPyU|8hlTD~)%FVGE
zepJ}w?f5crZZw*qHUsah+fB__h_`aU#=Q6c4QW`AdXecxeM1pA0e`3KRd(6){PgoM
z<g_+zAw40qwm}C8$x3)1qgFoPQI0*wf5E7Lp_ay5y}(W4Bs{UQ@BNu-(mcjTdet^^
z_imt;iQ;Vu@F;8*i|%FIi;e$DQd6u4`b5QB(=>Cl5$Mud^J^>34=5l0I1}j$2wNx%
z_mmSf=h+?<nwx~ds8iji*V*M~`L!wfQrs&Y7*o8^iS=lxXkW^##OkLiJ+Czd1r#;~
zKN}wMUM-6W+a{5w@`>eRrEKn`DV*q$frch9BEK1(C&{zYdIH$ZMhi<#W$5ue+RcXZ
z3*de6#EZFrEv!B!ZALG6!N|JS$?PZ|KcZ%;??{`Vm(QeAhq)+&#zn?@xdHq-VV6W|
zIiyg(6P9k%T9{<a#QB&Q{f2?tA|pvZb0WjEDsN%{cQXBkd_LsmhEoPxw>tV(d%$gS
zz)_&Fm!-Dy+%6lRg2w<YS-%cW4HL|~1yl0D9)k_H^Bl1U6XtaCV#Suig%Q5tJa**5
zx2gQaIn5nALpU*C6-Kf<X_Vybuj+L9a%!-^h@NhV3s^5P`H_ewCbc*4Q-ZPcmOF$z
zqCdp55DZ(z!}a{XX3a&1GMQMc;h?XNW~=j2Pvy_B?5jnu!`3u<=tnSWV@^{O*8x99
z5PMi-eog+I=DqGdZsC);wMo}i%7L=Herx^kTDvH<6MTCMlfX!4^w5A`7_1OI5i!F@
z&gkp-`jz9EK;H8-iy!IYA#_KwgK9;sMW4yE%ec^a@2n?p(y6}C89x$Ph<L_))H;JL
z?hIE$-osI%27RD)Attt~N2_LAI)5}r>1IG@r$UpToY9!~ohOX%2sr=_A=6ZQ(bjE5
zx{*$C+<Z%hdiUBs{<)J<oGjQU7PYW&Kr6yCoBUSgBuIkYu2jQ`#gkl%;yiv;sFu45
zcwqj=I0*UzB;4vb;?+nUAhKgieV*XO4pAKA<x+!ay@{Er<fOHaa`jd>_e&<B4TXp5
zAOmQ=w8Y{MFZnf0Qw^OSY-v9)-X+?&EWmXZk+k|Aypuui?H8J(fQz%ft|WpCFeZ_h
zXeoTD8mDaAi_EeyX`u*1<OozVPF<CN|0-JmK<_G52`tY%;JfO@+iX@#L<URv8p73b
z^7ms7ba>|=YI;}jgli4fj?)IRE`ks}Zqlx!g+hF6`GsXoR>9WSnG&mLAuD=!G5C%q
zWsTH3X5wCui$R*lL6{|Yony|S8EL6<UKrf#8f`{)roqdX>B$cH#C>l!yFR&wnfF~=
zh24Eldj}jN)=2ca*nOv(PY{%|3r*~Lqi9n<5FWFOF&Wu#gZ`};w9@Zc5p7O2m7w)u
zy{KqMy8Q|yds)NBxr-0rOLECHuF~h<NK5$$=UTk3a5?8JUdbC~Xu^FE21lfuJNvSa
zk_^ukBZxmlU7bc;M30nMqvGfj3=eOJzGt_km!YKe#or9Z)Bf2}i9qpoZOS<BO0!Ub
zUjHL{{=Mhtrd<p|Q)h(@JsD9vj<QO82G@r*2G+**hq3P%gswRU1_?Y0Ei8Yljhce)
zR}ic}rjFqV&%!-aL$-_dy+PlT^a8oE_=;*rsQYWTn0^UUW9ApQz3Ac}$M*4m9{3<h
z@e8Y1S<WC+wy(q**<U-$(&;fZCI-El<Gk7riO0<;3uix0aM8DDsJqucRV7w<C{o7c
zxFQ_8u;WTKl%tgexcWQxzkNPu{o}Bfq~dW)cpyvZug6)B_9tXN)E{+9@?{&xUg6u4
zR-q{zf6+)OYQ*tps-Ut~`JpmAi_*Z^b>XRLZhFZi<U8Hlb^d&|eQL!vem{}mjMTxF
z0w1SL_}Lo&LyFeT*KW+#PalbCEqAD7aCI_ywDe8l=v&nJ59Mr7?=&-Y*L=4gNq+Dm
zoyE*R!KJ$Ld~u=SJq)7a6MLCj%&3DD?TSk>W>Ep>rs-0Q>?{0NQSVAD;Zo=V5HK!=
zjr5Gm1nXSCI_;SD)Jj4UayL{J$y0q~F1qbe?Zsx$tEJqc)=oFzI=e(y(lp|b2n<XX
z`=P-E#oN&`n*G=4;JqkgiU&QS5NG(tiRJm&^yd=tIhGIKxA~$J>-DK=CNj|rX-t0@
zJ8BCnp}<#RY)g#Um@<TS?2X2(pKGC}9MCbJ)UyVLzs(_thSS1gqJ~dlFYjE|n!NSQ
z{yWRT+!;AqMHNL#bBOY;44*rK4FzmP-&G24G9|e&ya7Dw;hKycoN07@Nzong_&tXT
z$_;GtyA6HAiVqiXUEX!R-^bAv2ZZIl{j~-e@M?I5hv7AW`Qs^uA)_bBo{s_kSItvV
z!VoqLV$yX(KMjfUD;NAXWG)p;A-!hFgors_&<W;U11(~NXS`Rg^>I*DBc9&5MsTfS
z6SGZCacIhWXitk*MA>w$p#s<Ax8h3c_neu`kt<r~yTQx)iCvxV_1k>nWL3BWH7C+s
z)~r<g=ERMaae{YzwYR-PzOj4od@f@;Xv4#)wX}!#O%d)v*wH(}J2ZZ<%^30mon&e}
zckJV!FS6wGz-s0Zk?;)tEqBB81V{-=`gne^wHU_P#JN~uViuLOm5|kC7OtjRIm%<U
zVrX<B+~q1!cRs<)i{7M5$M68P0W=abO8w%AG1{()Wf!{^``)wvkaRlp4IBc0Jclk$
zB06(P^|v+>wm(}HdAlD(N!dy*Gkz44XMb$9N+P{#Ih`LUWR~dg-pgpmabGlE+#qf=
zYix0t`|ub$BW*YXwIlHD>irit!~L*=TqKMK2{80J4vZvH-ffNG5zLr2rTbLF6~={X
zJkTpC2Vp#gR?cBRB1i||14JGhT(3kNgbH37z4p}Nd+2=*5xS8s-WQeZhhD^nn&dRp
zSs2_sDN8h1^#;_hx|N0oYO?2_0L;anQ$tY3n=)ESZ{5Qyq*u$lg-&oBwTCJx0?S@D
zbgSkh=4ex~lyUNJj<oFy-L(iAKYM4Thb&OFcB?IXY|~_?sZN?v)Xgc!fr~lH>+u~j
znW81rCgB#6K&1{#F7&=Z5a}U|On8A|{slL7fZbHLQO&~YI|i)inFloOa<`_n@NVOV
zPmr1nL>0H>HQLAaU$DY^t$kq2HDBnRO8yTM(_g*gGP3`Ih{3v7TgqY8vrfGF`1}};
z5f${I9RxTOBn0R^{GZ?7fWB5HV-r;oF?9TLis~PiOUintT;njl{`&VD_`;}{+#E)P
znNf1S-KLnDbg0>0Df*59@R+p9xne>8ep5$O=mYoWt@S5D(7!ZV;06eJ^v$QodB7Aa
zlk>f9M0F*mt)gmpi;^3t4a3AW_ywht^j6N3Ta~28&M0~bY9@0KA1aPe*gsK+o?Dv*
zX0Jv*qo?6=v@4cvj>sHtkl9rbH9lW_t~^|~mNj~%nHEwrU5$yn3bL*5g)(mBlq(D_
z^|1b#GKwsF5ME0%lbQgeRn(Xw*P&KmIW_@AE@~tF1{*3Y&;>g0gCFA@zYdd_77dPG
z5glGZeUJ^DV!nEu>=_WX7AM@;k66B%2aQoZ%HnGN`qjpVFYjRdb+{-L^P^)AB8GYQ
z*ZRbW$mxcP_ctAT8mxpM1;G!P*VM<V%L=8|;x(smB%;GoWDIUQWOt?z;Sf@$`9q_k
zgQPx5B<pJKV68Vj>%=vHW=^|UDb<@Zp<etQ%U@0t8n8GEi&63VK$<$VXf^F!?e}+O
z<H?Ykjn?JLI4ULReP5tjLz4j*nH4GKKlT6;qCvAd60tjZjM+gWn&e04C1Yzi=iC^V
z<B(3t#u7y7puKM&_)xOU__kVNbur5|#Zq}YA=o${&P|E3iCml-RpQQtVRVAtf~UGk
zD_1av8a#tCK>z}QI%)m|x*n(As!bXEo`Rw&zx(_<Exjp1?MU=m&<pHQ{bBT7)^WK5
z%2}^t<R5gv+moj+h2Eik_ONV};Z=^Lw6IR1Z8O((R^`FRVtl2Tf5M4n4k^BqIo`}k
z+xiVYWZ3*GJ<LMm%$AbW^qUsbkcBAnH4mUxVibe^gEUI`c(4)@3gdKeNCyVRb_WTP
zkr}`8j1QbV0ahMjmTn?3nioY;?h+*_E&n&zkkLXPMt_k(Y>hA2B{|hesK;D8M2B53
zW<%YpP)`iVR@%ioK(8jxfNmZkUT4Tx8~<MVe?mK#fEz*ua5fCQqs9s0Hef6_i0r5{
zzmWUn^Z32rY}X^EkGs}5X!SXJbMmj-B~*O47sLbJE8|<HTH_xB?Rg!Z(q8A$SKCB~
z121M1-K%I%3{+PBE9k9o_WKRscM=T(ahzKWhj(2HSf*2(rLz|r57WL}uZFe$(*XLQ
zj5}FD6_t!@Lj>Ax7yNgUsivrSrENrEVx`%&n+>S9CmT)on1U5YZ%s3h7^xXQr^LR4
zvmZ#wW7Cr`FM;QiLadg_$PW$=5#b^WAeY*u|8i}XmXv$^l6m}m9vx2jHi;ds6@#n{
z+9I+F)+9kC_;O1NqqZ9#x4`ao<ROh`)B(FlrA6|><P^X1xp`+UmV~T6dS_ZWr0BE<
zJvxl+(CVXVY&C}q_SjzG3o&s#(L4NW#(*!Z({Z#p)WBOhly8VS=#}$y4ne6enaBaR
z@kG!<kKP6kA|-@Cq%Uq%BAaOjC=2Z*4e0#@iK?r6IhXfS;WTl39M13h%X|VR5eg%G
z!z0bA)A}64Yv^1QKQCz9<Qi@7KoJ?mB=&sJ?^~s=`d-T3w4~Ao8w}f|2|lF9^b(uZ
z#veL9o6|u<A3H&o*7}^Ln1bX|IWrB8(Yr^`U+Nx+(<q+!CMj?taYelBJx(oOOR(Ms
zg@xtD(m4ZXm2C?Sw;t!xWH-4+e{q&{b#;c5999|z_&AMBaYxO2Y<T2=QC+4~6>6R-
zO5U=qW`xp}S5ud{4uM_vws3Dj%2`x?r)`%;fQ6TlH#gWX<}1c_3|eV0&q&vf=q1fR
z{L&dFT0aIx2x(LBI29OfGG@Il&VZ13FkON+7S$uWD~&wMMwaZlud=C`%Z3Jtoi1XK
zj$Jy{Cq$`TLj<1z18Lq2Em-VlB&F(ud5mft20=qkFSs`a0Zz{H(W3PuJu`MIW?193
zakOQGnn+)MrQvj5PVA{0>6d}lfC@9+*IVv^;7e|_#RKrDUtcd@oxM3T%KlalKxnqD
zbxgzVhIM~s^){p}g5HB-o#RH5#$}4_e6=@)Sw9*Bs=(~L5snEk8?-$LLbN#j>&8$l
z6CKt+U`468zW^3<O7*trE`0lKQN`OHbkx^78&$HVSuxF8(X8uVLy!r19sd26!Ko|&
z{ev<AH_rlEk&xk7(0afmelJ01gyV&?G;o>3fUv6mfg!Yib`13F(OI_SL|XWGut1SO
zr4L&dM?P#!&MY8Xot;&;d4XW+h)4!~kK(bUZ9uv<RF|otbVeNZ#*gbgOWfW|AZ(|l
zjTlvl1JuZD+qiOe8iW+%J3US{){i@6sN*JN?pfYJ=v*o?LyIOx<=H*Uu4wY<Y3_E>
z4WkG<+<|=RQ{hk;h-a=9YHa@DVNoU&Uh#w4H|(%<7wRR8U~XaPM+=Z+#{9DJdsf}(
zd)@SS1W+Z3is^kRvqizn1{C(lTBK~MY;dxzNv5`YO~_C^HeYg_tZ7~;VA9DW#n21M
z7)bO(^{oh5k`-<Ye@pY8B!FjAT&>CL5F~FY&$4IN&R<2W%>e~|Te%mM;49>v!d9%+
zkR>c3+8rfq-)bVicy$Xnb(d{r#d#q^KLAu0R)LD>?}H$g7E|b9iDcv8w%L5V2!b1e
zzYN`LJ_0PePD7@Y1G+@%>5fy8@?<SO&>A|WBs4>oyRt9mX7!`c_t#eJdJVif&X3<R
zvvDa-K)eX$gc+KE<;735c;qNmv$yWjq@&QuxahdM_pqJb;65{j?VlY-LXwu4Qz+gg
zJY|d}qKl4<S%XX|Kv7m#4?wp>QtVaq5AHN56b!`hlZjfk=-V9{AF7a6%b$xw*FDs&
zCG`}vL}&<|fFvGTug&x7NySd9C8vISK%Ot!k@-nQ;thcoVl4XbT|=>aaBW{F`$GP^
zn#-Llgl3I9oP40HLPyVsUJqxtb6S4+K`=iyNC5cMX>b_t>oRPvf*!dNN{N@mmt6|U
zT_rb4{Mnq+qF_`wh^j(hlMob&t1>w3BT81zm}1HUl|QlwTs@-NRg@d5fPv8!Fkik&
z<GxmewpnwvsE95G_|9Ug#3Is|6k+Z^0ZgmC5+eWUYfBIg;t9|!0Qv;5jRN2I6bcK!
zIMEHt(}l-VZ8L2T)oi2HWq-0r@jd_FZ;&DjFdHHA#V|&<>Fg0r*jgMtand|+$bk?=
zc&1^b7JCm9Q-kVZ%r;7xTJZ}XLuS8|1aqUVUpn4qh`r|1ZPJ_!Jn+F4J;XRtD-NC8
z^YK!~LlfjUqlAX$v7vJ1-7K3tou{5FyZY!y3VVnt2^0%s;?#^t36>RU(H%juxHIwN
z0jt4J40B4tt-*{9?Kp5vrG#-5JCY=u!xRlwwyvLCA}da)P!bK!L+!3KGKz(Zmw-ky
z&!5T|z%=S3Yv~Yk-@#-dNR;cL17ZVA!)npW_|@#9JhZzPGgJh(&Z`5RM`&T<!_We$
zrM={n`((-^K4E&m1{%LZL+O{C*BsPIQ}N5T3Y~x{ph!Aa4ODwGf5?TNB!Wg~BM^j2
zPBy~HKHEkOb&mMyyeL9uLR@@O7+d7$8n*0fsIZsivf4@v?5%8~0=3Uh#l075pDp<t
z)#{<Ciu)PjEp7`tNR{Yua6*<!g;Ikg5inzM!v<LjZ${Jc(#7fT%WjYatPjc?Vt!zh
zX%%1h1XE&dfwa{Tegq2%(#B5y*w>9EHs;9^8C54*_`AkDR!fzx;??5rBwXBA+7apg
z-eV%z$pf?r%f-7BGt~$#<PoHWsC2|7qP6_a`VAr9{443@Q|4-viOhsJs4FW<&(HA@
z@}?60)ZhcPC#=LwBy#8H2~S<>eJ-{SDz!B0Mf>^qhwUd?xbA4I!x^I5&C-wPMsYXV
zaLtqA{XBaZn60&5??dskgviA>_^(!`u*z$6q@>@Yu8M;Nx>&rX%@T)Pel;qg6K<O-
z6Rm7uH?Ge9Ewj3PW+_*@Poa9gh@k}h63!Z{?~NiXuS-REH3s@?8<k@0UbojV(ySly
z$8yX+$AKd(?`KDl{<OHr(e7A=e%n{#w}aoo=g0V}w16Q#w%-%ql6@6Zp98-Tfsx3k
zGuJm+=QuNgKiAV5`+?UC9!`?ZDd?w$*{tCp${!?ky+~*TfeKFROfnnzCp*Q=L-3g*
zOgB3C!oe1u1q;j!N`^tsR#WWMs3g;giUhD~83<(YPV<dEtgXhX+)a$%(4%atq^=u(
z4k;S?^g$O2)Vo?V_k{$~8A@yXx4SpLsUB)Y0#iFn%66wjBKR$IBGX*cnIaLd&KVss
zl#RgcsS?Q@vA?Mvk$W~kQLvl2Kv!F<?CpdrmFvZQulub@r5;sFkh2N?a1s69td94N
zzt*IzF$XqulDCKPYbY1;uWeFLRFsLjsuDg&f2_lW%aC+Dt<#)gAbxk?)$7CCcKf4n
zSyTzCn+jaDWNoQJT3T!gO~6VhQXfQ{!TR0@VsdViunf7&-@-p?^G~6sr+=|Q$rI~`
zvQ<^7e&IseVjMml4kWeJqtIkmtcf~4EfIi|B&7m(NO_mP*1~uP@m{(Dl88=1R7M~f
zJIm9x+&9aI(r@hyk*Bd4Md^9pckpGVPHl|g@zM8{vi&(2d-8;wReB{ab&awJ_<piw
z1Drn<$Iwl9lf9X>D29W5$KHSmhn%5jizWF~dEYv<>%Pu}L_o6SOfY3Ussskoeox%p
z?na*{Q`w%cCUQIG-EA$goYg(abU+1wmjpD>Kh2?>$h!0BN@y*Lb)X_3L(R3J3;kuV
z6n=L7nC!IS;>&&7+#IUR644;?@Jco!IwMc@p>SolTL}8<6QN6rMj0}e7e1c983QI%
z!XF{AMfZyFImrn`TZ!l~MkH|aE`*8^BWRSVI(@7UXi@Vu5&^IMuIYVZ%)Potkpkd+
z+WS|NIP7}-Gf4yNAxmq%B&tlOJzSib2+T}heQG^0c~dAi<-S0|*wqw5pyKzHlK7+o
zUYrW<qJ+m@DJVGbmEpHYVk;a{Sg>3#zYB(5@<X@JAemahHzR0^oMzdR%k!N!xjHs9
z%4{MA!h1CUH|%FdETqddOZ!Uk+1LFmbQim$*+SlTf4`lMd<zrC%z$gCQGy{yxqSkF
zjtE%MK)+Z9de;{k;`t|ep3extK}QCVP#D-~=$InVs90?5oTOx|9OM*SuN|nAfBirY
z7#J+z2{34_mO}nOzIcPZ+T8fq-Smy=lcVkT2>T^HpN;=K(we{+f63%q#|(RpaV{G1
zHxH>X-lRU=%x(gArf)g7JPDs5dsvQliHdC!{CuE|0T-wVz@@LdjJfKb`47u;Zy(;9
z`b@o_d{f#rAw|i+a7Cqhi6qZi+r+30D_Pioscb#Wtty8qBN|bIO`j+4YA0*cV$x#4
z<|r_s(L(iMJ3eWq|KhaC#p!>Q_7!kZbZguoC?EpTAk7L$EU<Knpezm2olD2kji8hQ
zODx?;cXx?MEK7)VE3I^=fZx7x-|LO<yVv{8%s%Iw|D2g~=A7TmdFDUQdA81qp*ZDR
zDMm*z#>e|P?*LYXM$JXT4|Q7^;D}8Ge{Z>%lUPzH6+oBF4)*$<^Vi<#gHVom0d{wV
z$+}?kqy?|gv?{yg@7^N)*Ttd*XPP0ouxDD@oANE2JkKe@r{&Z_Jd^ls#S%EZDqnct
zCjr1B%gnZ0bw`4jpTh{o&9<9ntxa-cBJR3Mi>poa&OFqWeIZe(y+y<3)L(r-rpLNn
z=3(?sq^O5u;$tF9aEgsyND~XZ91(}?c3$?MNC<|iReyN!)$=}twwwxn*ayht04|Gu
ziq`|G&Fd1bhx}Qs=YCYkxo{Ig<@tex_N11@!Fgg_ti~2olT&A_>k2J{azwbta!T`y
zbd*K7%}m6?OvIOj6kc9tOY_05oj&0ALnop$RA%Lx4qN3ty!dDUF7M{uand68=UQ*e
zCG`U9Z`=OoB-^eOhdtE7%&M6|_WDy?@0Cnxin}Xkg~h~ROLLMo&!)vn&p)Ks4GjkV
zDa$`W@IG~al!;#NDvO?Z9nvOtjHy6DF);<m^PiJKP2bP_sk?8(H<_%_wB7*k>(SRq
zS_h8Y&cS^~_8*gKn&Iyc6J4pNy_*Q!m%bFx>_xm&J@cozG+pgamxkj!jBU`8b)G$3
zap{bW2*Y>Diy9Q#FzKHaW{O75LNFnj2`?}xo6Kd+#1zOC&b-rYVba?T0j-uIDEdzw
z5Rqi8KnuGS6=j)5GWlvGKF_D;2*ksN-*?!rmaZtos(w@lxoC1dO(1_{F*s47%z1}5
z;{JR-^OLktMw{GfeqFIP!^7y-{k<^)W}Oz2z2JPau=w~g@bm@d!65J@43bY3#gY(+
z5L3^3tp~zb>c8p~_HvR@(6C!G&P-o&WMP$A+ISl(Oi?s`BIfs=ZyPGNXw@xyf7mp?
zc;MmWM^@t`JgUn3v*Fe&gmoCqT8}M*#dVRI<aQ0o+&d2wyk*FBt514C$ki91RG|Y+
z3~GX}%X{%JzP$EN_D+0|9zA&QfwW7J0ij)pP^OT2%jb+R61f@#nQcypKRHuf-kcJb
ztd+l)glBEjrP!P+rX-j43hmyl58N7|5v>RajWNB!D8fhxFp6G&UnZw3teDs(VhXlu
zlO-jtq(Qp!re89RRBOf+Newa3xz#K3?n(1nWn_6Yr&rq_%`%jo`Yy|NISpWD3iB;F
zHGgYx&=^);Ge0@G-q6Tj-&|fk<RBOZz55RU)XvUTUq5yBKY+!4(opBMXDWar@@ptX
z_(&BV9sX1a-L4P6^tTD}Tn(d0)&I|^t|NZ$L0gQkr;f@(-}f1R{QQd!_u%jFi}mt>
zs5eHG9P?cRR7wIyYz?W+;%^YIsoy=fomvlsN9v@nhMUyQk09x%Xd$?SgJLTs)GZNQ
z)};u-4`gP^&6rF$=ZCOtK+_xjP_<R6N%Kk<>~3>n7BZVB3q6^u7+qmA;f$+{ps?m}
zc0&ChXq3*D{`zsN&Z_QM_cET~Tqqp43l6rHvCKygcLxpMv#)WBz(CsDPlo%Y+w00#
z&$b#7eH;xe*IMm^7->arEpN*}(y@T@3YS*Y9*osS@887v$dLN!8MvEr^awdC-Am|~
zeE)@qm140selM|iGG8%D^p3i2fsD+J)Q5s?t@3>YWU&^;dap=oy4<Qy)?>B|O2Xj|
z8hktejPP1v#{+kLdCBC?)ieHuXSXWLMM88OFo=QqDmWxE3N=ChFpt?Niwa2{zQ)}z
zQ^+*v=FMWprUB^TtujD_sweaph;UfPM18L8N>GXjoo6su{LrNbh96Q)*9LZRBtWXk
z!tUHb^H@)Xd92}tPcpI}+OZ`UIs09@9~_KUj^VDXur08qQQ`H0iOa+9s_})(_P%c-
zfBVFEgMlopS^CemdKPIkZmxLs<=tUt9jKWk`lIsoR89V}O)&w(?y`PU;x1Eb81#RL
zz=xHRXjLxnu;Vh@UCa6bb@b2bH_IzE9ehgdCiIO;W>2)HN*dZVe+4Yuuh-U9!O!G#
zXWUIYEqcPYbf0#+Cy(5!omexyvo-MyHOvgZUhL((k|6iT$%r`p4Be({JiGaQ*w|<v
zr@M1lefehGS?htwZ~zm8Mp-aG6GqRDwdE||Qy3K6rg}o8g$!9XwaI_*@{q<L*_fFu
za9TfRg|Y$>6Y6}=(((c66WJPW7`!*Xg>)U8)?k&8_|2L<0^W;!2ytSCf#S~~#gC-a
z*G-FArFOC^=?@-EEp^~mHF#hxDi8Nq6o}$aFzjy#kCD4=v7hGcrY%VBJF-hG^UFG~
zN!I6kE8q`vLc2Y!WmP}SSK$gsNFOLpvd)Qk+^RD6O1)*XF~=qVsH9PFhU`pJRv+@e
zsh}7^Y6VgCS!u~u!)2>cCeHayLZTA~CvI!#9zE0iF#;tgOrnX)?J*T2YK}JvuXW(2
z^;R#z>go-ku%{lS_hKTzw>ZZ4#)T~$?`^rEtkZsKDUbDQQOFkVff+iyS*}D1y<na)
zEs#QrVT__wTKx*j;n2BUiYK!|U7u5THOdEyrX^6u@^F*tou?HFtU5$63E7i_(jnZ3
zgx$mh47YX6mij?x#A){+#Ld{x?mMsfXwEmcwU0aFIj>><)fmu&N$nlE1;Lh}#V?Vi
z?UZ2PJp_9k^(iEefZ@|SVP{6#p}%Jc^-!x+oCkiYj7)tO*|Be+u_66LNaoGO^bXA*
zs#(!vymL8<8FGwhLak=dJ@|yMe6f-NFf>KGX9|&-_ad#VayG8T(H*O^1MmYak#^?q
z=Z2%yO@bAzYgmF-DnE3!K021#<B7}i-u0haAL`T>M%k8jK+A?uO=}BH$yA}4!dzvs
zqXE8^%dVQ{=RDrbQ3_;$_a6qQQ?0-}!U3g!FDyRUE1!qq*h{ZbJ~LT7D&L?xR9-7(
zQ|<Uh;-@MMqq9zz555Tc`*CrV_%Dn<D7?DYiP32dC47?tV_bc1$u=(lBbmWw?E}%R
z|J9I=t6O-frLf9E&efc>Za0PFn#BAd<wtG>m9fDV>_>ba8IYxFTY=b*idal$Y$F^!
z)|*4<7&p-0^sC=*lpEzX0gmITM-{5NY%(#cLb<uN`jVEOJ$*|iTCl1~>)b-{4Trbn
z><dfxn0!|z`k1bw#o3OypDT;^LSWnQub#Nd@N#HUhxYuvjgeEYAE$Xw*V3SkC)7Ok
zKYn_T3{ZANc}Jf8s#C8gqUkBDK--u>i?^yoWlD<Z=eoHckXLsW5=h6Yj`gAQX4>=$
z+r`HYkizoxEN(>mGZP=brRp>jn;)`t@R~lJ7=V8@_vyk73bOg>L2xtrOh6`nr5Mj2
zpN3DlyDu99Pw=<}RtNbyt^zAj=~;PWM?mlYr@rau;zZyL?SrhiiW0lKkVG$N)iVn<
z=hBhrku5eV<+nHh$84Z!3U0Id1)~cBi5qpl2#Per)7Vh+6i{CFzM$Tb#8K}^7-(3S
z*eI9Ls86Y=1s&z{8G{Hl6%w9(U($4hk>|;CHRtM1dTyy#`<P3_CT3190N&VxoSF}R
zzA)iPpxsP1sQ*9wOxy2eAR6gjEy58?+_&od?qJcSMBBAm1y`P#81g=%Ohn$f(m&I%
zXz2DWAx9_wUcy!-GU=ADN;V@Jozuj|_*uZ0fz&`hmQV{UA2xx8){I{j<4GbYC&WfB
z9ONTFbiaNqhpb6H*EM~tbwX9R+lX6>UsbqFLNhfonkA1ON_R)RVkeU*`(p{FbS>_N
ztK1?GEN#-pGJ<1@aWlb?mmB#5O=SVcv?Dc->yNmOU98YYT;GiC!t(^%i3kh#qTDm>
zQCV84_b~B>XL@B!?-416k~+le6+zI)3f*l`?MW6*<?sF}!q0%n1^Oj3x88YQr|HK}
zW*>v9{3uRqN3nClAN|Y59$@c1SeV}blNb_PSN~}7OM-IODG;0fpEsI1<$ncHi0x+P
z`O3~*@%$+DUg_=0It=o~miKa1AKZp-rEi|J2zC<;ZA>LMbzdx0&n>SIe{~V3XW5RH
z#Zhjk?k;pQG<npWtlWt1nB(^5@tc|NxoFACK}1;|-T>|l_kA3UU07hTf__)(3zNC9
z4o5oZJm!?gIk;Az;hpT<^XveAcTZ)xrDJ7oF{u}t{V|W<q+yM-Oi(2H<}wzYKEu!%
zj%{l0dDp*=<9T8DJqKgUvC|!(Q}6TxZAOU5;4Yoq+0$<srp6dT8bc0;xZsAuNs3Y%
z8mBWc;!^R+rXAE}6?JE$bKjlHMq@rHXM<tXz-}ee;Jl=WuF1uIf>SM6a7*2^iTT(`
z!xTT}^J{rVF9y3x4U>3!%=hvpSg7hw`T9DJ%?^^%Ww}2%Qmy3wQ#|v3F>W^mZu=!M
z5)yE@wsyBi6&9FFc^k}g7iLaM(Z>dg(SXnw^-BJ4Ft#L3<>ANkt6G~tgIi9%MrPk0
zy@^m<=oHd-*jQGY3{f$FSjxSR!hWxe33)UVwYpn7cXmg;^Re|Hz`7&Qiv<UJdL!Ne
zdzNdl_;#Zn@p~b8ZsMReSm{_A#zwSzoASJ`_F9^ssTw(1T86_p^BY&WM{cH*-puHu
zw8gn^Ei0CbHic+oma}^bY}3MXi}vwMPmKsHoH>q_N){J6K9^YltaisuMq9oxrlQ+R
zey#+}1gPXJeM{qft-t2tsLbq{ts^pu^HR}K!@-2Sv(5X-jI5Hr>0~`NypeX|!gBN(
zWwr2dG+|8G?bgm<#i}RYmn+(dMg@cJjyf_Q{sx9P*dgoU4YhHqI7=Z4K<SUAZYk){
zPW(vZM<=SVYNG)-(DOJs;e@r+F{8w`+gV#+TYY{R#I~HdJkPFEF&BN9Tvl|V;Zq{6
zNm~-FDN~X=p}P6s0@}|4=yfL8G>X;o<rDrn$OXLfq+J#`wfBW$ji?dI(E^VGG1cw^
zBOYJL+oj%N9G{~2eEUW&v?|sJs_2xKrvpPvUJ@kYU^~^(9>o@>U%54U`_&6int`&t
zf#<FzpP$6Q0>wYHzX!{o&A;NLdKpix5(<>b{g%2ob|NEVT0a>VB*PzeG8gUe{*tZ!
z?ZuG}te|`IL(kHwp@P+oeA0QDhl8QIPd*9E!y$OHMzRrUVD+gG2W`6L_yy3LgRSvs
zNQi%kSyBokUG^}hB?tJOMJr54aKtMqa^S>}=yuF}MS>H$27h&06-t4JP@S&K70ty+
zb$3!ciHt-uZRQs21NYv!z*fXOz{$-IpyLN~EDB&#6Qe(t#KD&B<i>9420oH}^sGc+
zIA)gKX)f9iGJnfXgxL0_eZ#RmPJX?j{*3d^I_HTN(f0YxR<C%RW7tZM*RTbmG3++a
zh<jlwSx25@<00t`1J>ZtcGDR_(EO>N@9WN8f3mwr9$TlX<msU{^$LoFuZIy$M(B7E
zn(RE+38)|Z_B_dC*^|an3NE@IXbPq3qVk8<pS?I+hag7>yV}CpQ!niwrPe;)JTJ*y
zhg)PF7gKK>&}ButQu6qci4QGH+}_Q&&sd)L9e~C%>vt-e=joU3oASwgm-Uk5`YyMT
znUhL6B&Sc1#hr68OGn7vM5?`@dQm_CH_H);Xs&)l4-*ds<8<XRV&+JUx1PxqJix*U
zQJWi<SAG)?KTA-fFgGp<pXa=wI1^y0hRjcA_C&jyz3@oJIh=NjGF6+z6F`ken2TQ#
z6e<MxAVNy}JZrp$GU$;MJDNXOeCYBe)_LVP!FiOz30m|4ZV?TXnh>+AKrE5%{R8~4
z&T>c1+8=1}Q{@elOe(Mlf)?HI5VQ+t;Kp7|712I8k{To>cEM>_E=r4$!s<iRe-<^>
z|E?Q?jd=?l?d22t`~NoLdHT<c>a9PluKr+DiO2|vNl}a{$sdd=BQJoT$;9aoMiu29
z`8P&&tpV5*4drp)jHuKw^vT(pAU7&%Igy?!;cQp^b+8;B#CQeRZBGQxm@_kS?o!GZ
zgYe`s=K+8-&cch1I6;!dr+Z(SbnPMtZ_sXoY>3DskCW1!X<|p|(s+{^<2bA)qg&if
zjD&GA%x=bQxeQJR(jtnD4ir_$_$yTU!l}*OzoK)b6IlSo7%cPLWu9x4c(XpBuT>N2
zD&kc4gGTY&yyMwsJgug!>8y1-vc@;(lP$dr8S#d8az1EY**jbf&7FR^ZoNS=(f@&3
z0`&!*;Etw3aLr17AfmvKE?I@ze*oPf{escxMzK0e@A1Y&pleLVB-akOo%B=NVWfK0
z#6~ZNxDDuxPeEZD4722jk2Yp9%<K@cw;oh)1fZg|L;RaW>$fNwYQ)MyoRwf{Q$8W!
zK7&R+`K#QB#JgJzVbw7;hduX}T-kOhnlevxm#~Vww(WzMwKu193&%e>Cps4<5Ir`W
zjkSeEB=4fkJk{^DeQi`T@ODbz>3w1Sy-@w?3o<Lvl|}K2tnkceAmV!=3s->o>e_Di
z&ZS<4ZGic3r|9OH8S^!>C!M7yorChm!h&csizn9$^B-uH%sg~fED~-5lqb0;=G&N(
z`LVXgCk06$W*yOg8x(&^0syc(i8Uf~q2EICptm<njS@+J5;;qqK04a@A-^OrAq3w7
zt{lt;bjr=@!zbDQyC6Bay|v@Mg>thCz#Ept_v>rChk3>2Yup&WHZg^k;p>_`Kh}e|
z)&s0LF40(gv6U!MioW$e7skHjVLC2!4yLzOE*&J(EnU<uX7*1w&9jKjWz^ek?r{3}
zjAAPBt~tk<o8JlsjUgGprJ8Z{yP(Nlojw8{fl_9X_cEN|;?ErqowZ7tpQJ;|qq68l
zmN|e`%%srx=^E2SG3k_^FxXupXSO83TP_4UiJEr!puZ8xIdb7VXeTMIEMdz{85Fn(
z^JMQkTcPh0e(WI?y9&EdQr0|{Lpy&p2opMRV8K2Qjz}9|J%}tAXVIpjKxTy7C<{_G
zw78$c%BSW&4Rvu~@o|f3H6ci!#4=AL!4vP)!Q~i8AzlYAHr^`vwd|b3%C(ugE4U&N
zET((YthiLso1E+3qS7$}NBf1n%6r{(_H76*sK6+K^`l<D-6?Q?U4d1Pg*Uc4QAk)J
zw$@tMYC8`(lP+vwv^sqwRt#0Lck826P?aF$WzAAmf$EnHG5LjrV-x_YAATKVtYtuc
zbm`ZFpU3IM0KC#N{objuuEsy$iD0oU`iAq69dp(Fkn9nDa+x`YF%8j$m--5e=dwr-
zX_S@kQtFx!5zlU6CC$<p;M}FOyiwDkrPN_UA6hc!u72*44g49<nk#8o&}`WJhg|;#
zjOaQs0m@3}LQyVt%Lg7!V)3+QRikd4mCe&6?Yfrs{D~dTN*i}yh0<9=qtRan!-xAu
z`CPxB=|)dH-Gf{cKYE9^VCkQIv9u{26O*d5H9jB>=)z}K;Lm(t?~NOMPm8Z?dW`?Q
zFHe=sLmAy;B(;U<@vF{<OmCZ|OQpIesEA~FGQ3S`%$=#l_(?3NK*AcS4C5N52yx+6
z7T8OjjAd?17TY*-S_~sO8J#z6m3bDGOva}KSOJH{_!2BEg*Z=RptP!2DboAUE#4D?
z;jYRYh<j9%@Q|i_dl*A+-%4aHlb#1NH50O2_k|k|khpJbbuktXQ>PR@GD#$d8KZ(u
zT-%@>n4?1T{h?5rtNCZ0uM}T|pJ76r(&)JxxB!-Gy*Tvf;q}$H9a1d~ANg$$`ixT>
zo<RuPc~>vkV5XYeeFzT%rH4$r)w;~Fk`-qrw!G<zxfeVUiwl!hn{*lMh%iBJvB5k}
z&{!Wbf{5_skk18NqAzB8bgMv0(N!pNVAO&pebZRXk&H?g$K~NeLw^K~JV*M3rSJ#)
z?n!{xY$(`(Rak~5g+3{rB|UlOxXVMnni`<b4y3q{pH#L_j50r4ZI&ov?x3GOk*9`D
zFtLXAKHtUY&5e1>4BDzCxWFOqy9|>#v>@+nEh}>rS10rsyWC?B8UkPkS(8Dx77X@R
z1#zD{sOoEIO_0`0|1Xi~4^P8@0hf1FK(usMs$QvG9b2w?`l+MylZoqfjr{q|<-j2u
zsGY*EfJ)1D>{QF>eMy|kD8nB4;~uCP&+hw7p5^g;U+z~OE}H>q7YA3=IBC(#Lp`EG
zH(5g|1IM4gAQO4FWEMoS)^9X_pt;<QRk-aNTeR}F&p^PkCuQ&xflMq5t);Cf5wb6;
zm#-K%u7^-h0IfEXjdArzQ=~dLgp@a%57V3a*;F|tE@bV|DqLFeYw%a={aSer>4-{Z
z33|dlP5c=p`Yy$tZr6K4-sNCk-o-Mo!QCE8>j5Oo2gP~mj3y2Z0ET#R+Y=5lWXfOT
zUVq1TNdxvB?+XwgB*`Nh&q&_$rFqJUvhoGKodwNe^K;;o=xynI?~tWN4QMA*7*I3u
zT7Hl8{Bv6ZTE)t?O3Wm>rLc<{xH7_YDZJRSSjB&shmqMY9<2yt#!fX-zGgI66p3<>
zb#O9cfzw~_;TmJwr~ym0^)Sdy&V0(~*$Dn5Lv<dPuqn~=SDlbqDm$6ivDZQ=;LDI5
zMd?9*&b=NI1cM!`{eayyY?q)XzZO_I4xdS^wZTdrcum&G%UfgR<PUsUXkJh4vHsHS
zrK~DhHKj7+B$K7C*QPgiPe{L1Ldu&})+SrKxT=lAQ#DyFI@JQ5;c_}RRF|E>epgM#
zf1n9o*{PpE0BzOx6h#;+nYv7H#}!DVdS+_=rYG!w=;fWe!`5hTZdyH5db4S}fOMq0
zSo6Q{@zXf~F{N=7atXCUO)+xTj8soazG_?qL0HW8zs1#Bz%ED5lu@eND&2|2++Wvx
zNN`zmWj_)`W3vR;ETn-?0WZ12nH{%(*D5kpjsp4<HuooePKBrIKlYSL<Mi#_p0f(J
z&JOv3=53|1LncUlC}Y%?g3S2BYR}mRAV2x5oWp3~LlZ_rJ?-jEb$#Z_jS0o<l^id<
zg<<2a?|&74@fGsml<&34U&XBsbW7On-+j%;B&woOf=&FABtOrxTd#<^>-ne5c}IGG
z`@fp(MzQAHSD5kw?yyySCGHkrN2Mp+96K}=-uqZPvZ!mYtpBP?OEBskUj&VjK2e!c
z7)K9x+CLoMCZ#;NV9QjL_;~RX>Ivvkr>WcqjEjtF=5$ln^?ums5hYtsEGCv@A+@IH
zX3iuC47)J?Q?r#o`FDupx_{lctqXZv_hPL0#_=k}>-Cw#ce20r?hiC(BZlveUvGPJ
z(Z2aYtzjdtu7o~g{ZfI3iH5}tn{{1EGECi;Op#tI`&gYiAngy8`L`3NU+8HMq;QoX
zSb?8F9@L_Q2%%tSg*!Y(CO^<>Qkw@mtUC)UnIDi>5-`i)n-xCaufBYp5E*%q^;6~Q
zTu5EUiS$zuWD=?Xp%zL-g5(AHu?pvnwE`rH=^T~S!d3l4HQwWrtsd*})~Ys!zhv*(
z08q@eRBMT@6iDq)n7KFD0c&*~QU~lO^(|}W_!DQ!8ip)>1!UeIveX3auTb4c+`K^X
zp`xh2yhBIFMEN>EzlE|J`JE6&@u3VLIFY2PY4-i!=uqcZ)tyWGC_+?i#KZ-Y*vu*R
z0Ki-GI~$6Dj$%W9pxIeSJqsgxC<|x&m!PA;{bcP}GVkmKTN&b;W`L`eJ|gZ^=BA|0
zMjlTsHpi#&oGe^hE5FY0+=r}1)62gOs8M?YvM5P}RK%))rsSh}MnxRnSzmHS5*QNA
z>h<#az|<h$#@_5kWLxJ_0{x})%rXgV{33Mv?X)`{5;ae31%N-cerGHZQJQR2D_o;w
z`phOy=3oTLiwii`Ez;B0>OddW>j)f@8f~dRCod<-+;k9-8UJQuW23c_YiA6>6%qVW
z_KxRWeN+3Ru~(x$K+cs1r4620#g~A)T#UWs{u)N^tI_<0-Vd~stc?7kcRI=sC33Cw
z4JH||rS1p+EWj1bx8eW88dE&I4WZ}-!G0236=~pq0Djxw<I%fk)NV@2LVBJ-mDYh*
zDBZ$7Li<QTMkXV~wr|Owtr>!((d^OYkRB=*lOBQwLr3%pY26&Hb=cso45|~};Xlw!
zHB0*@w1PncAhkT_5678Oxzed|U#{+txb$!cd-|NLZ)DR*jl>tNeP*xwv=90eoq~n?
ztn%9Mo~)2wepI2PR@^ZuZQKd5owTJ{PJFwf<+qMTLahg4${Ai7Uw)t=$zmfUEWSy6
zOlLFIUe}e^Q7!g1cq+Zk8SLyI>}E=p(~K%(OGa`c4w{T#9-Zp~q%ug13a+!2FC`j@
zDvvGaW*%kIbzu59s|PwV%06-~I9Q;@1;=d8h%mYvw6^<vCaBojvMs6{zSSXi_iCU0
z==~qjgo{P(udj?VZ~J?Z{zCL_$5<1?x15o6J+T3q6zd}(twru&op)k1&#yqqn_2o7
z0rq|!37QXQ$SI|@AB0UdvO(G+TAi_^BL}NL`Errc9%#aC&hB0Z`+&URHlBAANQZCX
zajvtk$lqOO&%~sep6_dD4bhTDv{Mi!7_S*W)i%5c;M(kaRLlYKpprAni=`7O4HMWk
z&k|Nw&;#-<Px0@v#V7D3KB^lFvXef~>L?CZKVr%!C)?wSrxBy{sf}FtmY`7$#<|Se
zJQBQ!&9kl8V;U-FE%M<Mnb=|51Tu*%X$B3)4guLqsgk#3ru>cj<4W>ZArEd!0+kfh
ziSqXRdl{8bW*D6&iP&<5#U)ABiwVfP{BsI3qX}MN;HD9^g7)06W?+z`o_4YVAuDjR
za9OR<i8Wtu7nCT94QAa2KZ2>xDGUbWXNK8y&DSmM>N%YOg?tm!#RrsW*9r+-#$Gr7
z?>o2xK9TqRo5^jz&3FsU-N~@4O46E{@~Gq)5*4{=Y3)rXg_hq?g-JJ7&&#v58qusK
zM&zhYDsv`}d^SV&jFDul6TQDmwFC8NV=io8f%FC$g?gKqzx9ASLQNk`@nSFY<(xF|
zCC<*XUm>ND{`?(qL#o6JU#hld5BG)A!O@YD-5b1U5yITIxlOl<!Yc)d!>`mSqdH^(
zYafMWqY{X<J(Ekka|8t{MR?cuZ<Jcp0Qr<m;MdxuGGD-EKhR?N%JFKBB-D>(&W&8W
zCUuj?$Mi&5qvqu|77UYJwzno@hoTOlt#$zqD`(~2ogoFj&oC#h%PoZNE<>;P;1hey
zqkE8C8cKn!$dzXNV*ENFjp!Hl(zTg6D$!dzq-uJa`rM@3vF@6!CEHtP%SQ1o3)}vc
z<6fps*W{WrQwtB6T<2fA36~P24$5fGcSM!eRs{q|Pn>!X?0tKeBK`nU89O3rc}N=@
zTM`gpWzti(0Ok0a)odkp-97G^K|`{zz_ue{{FFwlLdMr8@hJPY^x3Hg2ZV*1N;{iv
zG?cU$8!6s#s@uyqgTi@oayIovsmw09BZVTx*>_L4>_Y}xW5p&ax3{;gCsgg83FS~f
zFL_(4l*i{7=~&VotwOWPXJ9Pfm@KF2=oeMO-HOWS@CHI^$|O@4@m1}V<p)|covABT
z#ewoR>9~}S`+j!5E}NJTX~C6$@5kQhmc+k_wq{LTe0K;~*SeX#W1=kr#@>=gZJ=qV
z_Z4Y5m$YX1qN^gJaC&BX60c)dqO0SAr?c>Sa6@RGjjhDeo(rln7~zs6ud&!JJv1xX
z@0iozXej})GH>B=nDS;B>hg5jo7Gbg5N#ks^;hM#{g&6`rbt5vjiTxQ>(ViYVjyS!
E4<?911^@s6

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/container-layers-cas.jpg b/docs/userguide/storagedriver/images/container-layers-cas.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..63b159adc31f1df5e769af2f5f45d127599c4519
GIT binary patch
literal 139325
zcmeFZcTiK`*DoBTgMf4aAxf7jNRcA3(L@9bq98;>dWrNPAwhaaKt(}`*iaE7HBv)I
zK}3p_P*M;PA(DWG0}0_h{_ZpP&fI6_o!|4$bN{&Weh=))$>f}zz4l&f?a%tGwX-w1
zLx$`*ZDVf(;o{<gTm%0gI~2%GYh-{g1mfrj(SkrA0uVkf1IRA$ObBe3xVa#_;42r{
zu5ok!>-FzB<lLVBasKzsIdKRN_yV4acAb;>U*~_Xvkmw0361baM1r5EK7l~0^LC~o
zCn3AIxc>hC$HC3Z{rBMG;o;`x=i}%9+XMuK1qB3z1o-)dM1+KdcY_DNps1M0ZqdKz
zf4}7K?SJnA|91=U3;ey}zjo}jL&OERJ@_QKxs)Nh#JRY|xpulCP_U=G;Q0I<qW?I!
zc5(CY@_}6v5(Y1*-vf4^n|l}7SzaDcaISdpa|n+(ufzd^<9w3my!e&FqzrH8mkFqx
zsP2$HKTKCWd_6o-P)J60ubjM^x`yUKEhA$S(<5f)Cr?@1*xK2jzHrgylI!IwZr(S1
zeEs|b0wW@$qGOP;w~~@mQq$5iG7Adt-n(D);9>F8XU|`}EPwU-O-*fGeFOe|V^e2W
zcTaEMhmZXuqhnvkCnl$e6zcr9h3|_$mVPqU)_?zDZUCEGf92wWaQ_dn{-<RBn_S|c
zT)V(I;Nkx(7uT*BuyKp?@E$PWlQ@2k-z!W~+3>c2)QSAE>JCAb!{_PJ*TaW}WK@kP
zYK*_4{Y$ccPq4)QPm=vl!Ty(AM96MXMR$pFi$h?LZT8blO~`+5V^?gK60Yg<qh|;W
z`ZVnwh@kHaY6y%Yj*+_>U&K<T3ZRDS;DHJoo9{k8iWSWEuJE(;9&RTuji;Qx=Qprd
zmD%=dc6f2#;GSl`)Y8d^AM0BiTvvv^p4MK3roicEU=a3xfO{U1W*&;07yJ!V3gLVy
z{r+>ds*DIxx}YPJH45Zcd`21UKzP&uTMA5KY3l_cy-lUHw<JPw%t38C-^PFP&~DyW
zM?Ng_T*!s;%`{dVHQ6v7WxECal)z=3HhJE%O(Tdn)obD&>_7rBfEu)mKwPDMnlogm
z*UvjBo)7Y`bkjBbMYOnCohWr%t+^p~@jLs?MkfwXhbEx+ptu<LuE(aXjN~n7p2-fx
z-zg$0bi$bi5j%LF*LsO<_f@G+cx9}$;`_*QQRo)Q{Z=5np_^q3^=*u*{Z4AQKf-B(
z+Ma_;1Ku0~2YOy7T5a@?14bNW8<%79-Qv}K2bOa7@Vje!g`LClKMPdNGs|}%iRaiB
z+f^K$!Fhd&AWx&}uj&n%U!RWZ(VpRj_a3m5aBuc2MI-tvDfFv9wQB3}-<F5nAEc!B
zhMO#DGrw;K$D3KB=IIq2!89^7845v#&=(!Qvc0U*<_8Hx$(dRA`Z0@R-2Fbc&)vdE
z7{?B!!pO-40k#I!19lP5knN6nKN{-YlyQSlqdBO+$CXgeFSn1Jsgl-#*9#nSY#sc)
z1Cc4-O0J-e<h<60#UZ*b&`xWAhY_(HL0kGNvl*y0&2F);M2_@bEGBAS$~x2BkUOJu
zEoHxbD6KShlc3f5Z+FhNx|3zBAGlf9v@qR<AD=5OqE%ZB_f1uK1aIPLFX{+YX~Sc#
zJ?OpQs7bI@=-7<N?enB=xcJ<>V`J`5wF1tEXGXz$`F4%%yAhG7{eJuP4upIcBf0|#
zB4iy#4s;h!<mg1%S3a%xuN!Fgr*-xUoaed!Yibc&vQ~ja$(m=rrG;#o|GxD7z;%O1
zIZdax8wu{vv*+MP*jnHty#Rg+e>+qGWi}dx+3QpWtRtAo8>W|NQKDZUYY(qo^u%`O
zct%k2fCKuSFhQWm>8mc=nxXj1X!^mgr&sh>G7sByBwW)y-fMeAIh{fe87QtDMMT8I
zdS14bX#sW50v(3trs-p>^O>7@{{_{+q5kdOom;utHt0ZX3(;$gUakCtfBAwH>{J)V
z3@UQB3Sk9==r5Q3j*@1;|2-x71^f4nY!1r%`DulPJNj&^bYuGEY(JII0zxQayl?cb
z>t~n{f&2i?1stdI_mV^-XW_k)KhT!b+hs=wzczcEtb<s-yeutS&QNiE^zWJ0(<3N_
z@b7PbPtTB?7y-Cfr`vQji3RH$4Qykpv8Qd`|0T^J{ky%p7`IQq_B<0;;!x$$yc{30
z^cp=aN!u4+yf8jgf+o5<Z2gE=v_`r9dm7T5_wU;nKCL6-)tk@bq(Yo^=ye$txewFN
zanmJ#s(&v?ujl>y{%z6f-?J^vf86gs?)M+}`>&PxANTv8kj+2t_aFEB5BmKF{r-b~
z|0Bfw2mStoe*YmK{vjX!As_xBAO3$uK5X`}f>7cJK+SX|N(w8`;xR8`zTVwtSm!>_
z-26bb<XUyhHt_-FnAF`9$9WcPjknCMP~U~U5cpcI=l`*;u6AUiX@U?=f8TiV(d)C8
zHJOgfQI#~@z`JwS(w)&MQs<8G{@>bA^DG(EB|3k%SRO{vh$Mj2;E2aZbd~OxnNuD!
zP36qJXIcN;oaE0dH7mhxF2ikIKVjYxR;sB(3Gh1Gz8#1JGE-siZ$f&hihODAm#Y~b
z6j{?XpRxF^2C9|V>)%yu)7q`pP(ME(pE&rO>u6OmM?+MF7<cPxg+p_5$gk$0(F;rc
znor-0lK*@22>;!AiT~H{<6eXU2N&5|2*A16maXSR8v<-#l>KQdgemuy)rR=eMc?Rk
z{J=V4pX>0~H5gk4LB?cRS#buoMDxhAe5`Ks7x>JORkemX=g)U4Ur=SuR1!w^??7$~
zZBbiypUC@q&{(^9z=4K8Tf`2&c`khG>&1B=|K*U4<#AF<XQn33a#cw4X~O@RR^_=k
zpO(17(VYf%A@(9Y^_4s?KRz!e(pItS=epaji!-{f5ynq>FC&EUS~kchqToC}+4X<2
zwSifoL@y-v`~)TlOKh5BIk&aoN7<g$#2!nUvb+9t)bV;QRn5*<?R~RK_n0sKi#qOk
zU&7I=qRM^N)^l!+&HS>?IOim8z3%qeEoKA0&{jVDl|f=lHFJc$>3tl*Fos5ll{lj)
znWKs9>h`p1C|!1_p-1N<UOCigTs&|;=z;xp_k`Pd{Smo`nQG`GJCKf0v@#MyF=fl{
zK$vn2jm-K%XqT1Z$n~~T*2S*~@0yyLyg{$FE6;sSUA<%2EovQG{v;08H3XPrm?0Br
z)qpm6M(=G#A^9z_i?^<gv5`{fR8yoQt41lkp1wE1V@&yvFSk0uZUyHx_LlM<Uu=;T
zmn>ne6D+5C-cZhtoG5x+F^I9s5p@QKF$w({Q!mSwEWZdik)7lL{dv<KgnZ!ERZr28
z76pu0x*jcboT(mr((NHn@U<&Xg&(gj@<LKo<A+%0`gt%fCqUJ<3owTBFJt#u9blUP
zu`k`OBK_>{4936q><E(b9Wm|lNfK#JxVB4zYgd9**;9f(N0~E;rC-1bq7243>X<Go
z&XBoZ%I~;?#_l-&t3mjpxq}Y=V=W0zQp<rOJUl5bI$;SZ>254xj$jTe-XBiCpg-B%
z36rhUHHjCG`gULB<mqC#@$Z32RsZrdB*gre#|J<m|I3}{_aI8!)@U70CyahGjRxO=
z@E!sz_;ToQvRGn^J>$ZeVk%q;ndDqBe})cEBkNf|I(Brx>1cPl+{07-He4=VEq%Z7
zY>5hvurNb`nYE2W#j}jj!&uQscq&2BQt-O5i=#wLk;8ZhEb_`zlIn}IQ<VHL?KE5O
zwYy%&piiaOHQ3Sv9HAow`svllz6-$nIWdHy3HJ4srGe);uB^j@rV_z(ervwdbvNb*
z%$EAx7<qtJ9$QAc7hWq%GazH9rkNN35yS|Z-^kNFTc((^LX&w|=B7wdZ`AtWZgn-c
z{iDS5fW}9m&KNTcnT(tEV?Kog8f`D=&zR2v6$(ih4isH^*GAug<XDOzH#`+v3Ixv-
zT=`TmpmXPp%FIC1nYP}}5Z(m--(2*8-U@~Wg^<R!R%~`tC%l{v)aJHY7bsS{b0B#4
zeDvYlk1j2sMj67)5jvbLxyTXBdct;P{ORdNL+L}wkqv9Q&PT_e-DD1{ntXY^UrzPT
zo9sK!)E>M^wC%Ox19dGM)O`n7fKzJ24n*2&ANmuFKN6dEtNzW;TP7LQqrTA$8Jusw
zl9`HE6i?9igS*>q*xBt*IDY;Z?20BX4@{!vVd<A>vK*muI<~vkky5gn2ChGCih<m=
zp#81hFm!xzRgvQ1poPCrlNv~KiA3HwA^K%-O)QZ>CW{fp<}oxc#xz;1lXSZc3ZyU`
z+IJv(>f^bOH|D$?ty7deQPWf~3IDnN(L(mYhfEXeZxss-l*DHVXu>&o4iiHU_v_W4
zter2)XcOg(!y(i(YTx96X1Y&#S9AfD)H8b3al!q#yuHq+3hmJDH!JNu%6n1mdw!z)
zLD`AuNfP}mn8ZYC^up_9S6KALE-W`Ytit-GeHbO@l6$3hmxxwva#P{Z{ewPsUrB-8
zSsDdD70+sN|5<AxFo(A*QN}DG^Z@4&P(Ls15y<L73)ed|Psgk8{oeY}^J2y&)dIUO
z)d8}r=GlJ5zX#mk<0`#N1yzdW?plVc@VTBh6i`VNSX6G)*nuSF5*7qWP}quCzz(Eb
z;WT6`kLk1hBoa<+X5OO1y9pv4uibtqnGe(ITdfpNsAm4u^vkx((t2iIk#O@w?e5<i
zm9eI5DKU;v5gk+mJdUk9ii#@-8aVUR@zx!P0OwAm!;w%KV#t>YhnqKwk5(UiZ0Kz9
zr}L2u3{WPppV~6Rb|5wJ&oN6{uHYolqv7m(h{<Q1ejUP=h2s;kVGM9kpDh*FPM|v=
zriQIFP$x&(=ic}m299qTc06(G3Pbunyy0WvTdX?CbH<)j`hc%>;>7p?hG>T0EBCZL
z@MA^dX?w3#m8IHNiJ)CE9rL8M^k#h)G!nNh9t$rg2*bWT01%vxXwud}f9_5&$*vD*
z!Mm_ic;+v_m1Vh1#AJn9hA?i;Rz+qtYah8Wsw-vm#%fsQOwB>xl=iiG^i;c91r+bf
zmLj!7=}vk3z(g=;V@5+Vfu<yROPkWY!wNQaiAY+Nyq(Ir-kDmP^ZO^nzdecWy;&~3
zxd^%<za7ZEr?Bh#EFK)^UZ8aI4ut<G=HoEBoy5H4y#pC()l0BqgPM~MT8#~xAFM~f
zZ<mx%)4Cm?l7Vir%olC>idDCRL<UzzKkcjfT73DLkc{c|D}BPf_7HZAK3g${ZhH!!
zyWS1wBLu<(e!R7PSh1`mfY0oO*c|tB=nIB2FOKW8m5%N}G_z`UAk`bEcOb*E_qHPF
z#BuG_<Sib_zI|T?pHDx}Z%TE&Ae1OzxyN>|5mz^-4~v)W#7!?!&I6+q{p`A-z5d$z
zQ@@l*s2CZ^5RnBZp4&dDXZA!lWhV-J*gx^sl`58nmRcgvZLokDf#N~v61dQX6~+YW
z8ci;H?yFbRxz<`>|7_RZixg=+>$k7Mk|l@aS56$;Zu?I-LadbS&Wi2x0>@9Cp0~2_
z1nJds{B@v`WD5hES%3T0rU7uaM|F>zul~W7O+7s;$5gvab?73G&=MgOJM9iG1Wwo~
zoEuO!9~2VdJRBKY8FH!XRD(mM!@2j3rAL%g=QJW+@3bV4o7ivqEM5CxblX9Dv>B$u
z1%?>Plr6B0iu0NGu%OT~R11AVo_86y<UiTZ>l&F;qUdQDS1^smZ!fY<pllg2(4eri
zAtDM!|L6xy&uiZObu45r@yCx@!aQT@p~9P*N0Cp&-tIuI!>46Cb|Co0l~xKY3(akw
z33&I=?Tzc)lI^7zDr^sT>0D5@c=Msa=I4oKQA0r<c}g1>rsG)AJeDoxFu&1mKso#Z
zd%K}n<m1HI@<mLD;@OX(4cpj$xJLgh-s(ol7Uh=fAe?SH-LsubAeUk5{Z?K?HB8vo
zP83ng6Ue^Y=)yP2tc!<m{vlPn4HEe0Vh{iH-A=$PTt`f^I2~y29muF^B-d{&Thf8a
zhSJZ$lC2Igt^;R)qbTk95Z8{*v7Z<sG>|2%yj_mDCo^;yjcPHOiT{p!TCrZv5y9?2
z3atRpEBN4g;9Dj_zX;@NLj6!TeA2s{REz7@7XxnBt)|qXtn2B0-6h;UK}Ip=(PhcG
zOA7_+_r*hp8~HTy!tV0T7$k_{HE{!QK*x_Q!{3Lk)?iD`Gvn#d<Uf3PAj-diIMH*@
z!(2GM==50Bk-BBSf>;&5gzkaEuQG-oG==t4TNjykx8I@<1Y+n{U<nuqS_w#1gmy6i
zze|jb?pG-}tz$(^*YktCAOR}A$;QNYzB%_kM47dBLE@iz>b^nGmGX>W5W1$!i2SJU
zK*k&33foKE!*U1WS6T3hvG23pHswa>uKdY&madC2og|_pb7i}g5CS6xQE*+*%r;RV
zi0qWy25WlP!0;`n#2r1mMLcj1KN3Rw<fVE>#a?xt?+)S^j;*m2gdq~B_tQWvC({w_
zISxHC8=kyavKD~9I9fIuQee><5*1MCN%Jw-{P{u!Vxua+ZxJyFiBEcpx=zo_Xj54(
z6&*#nPzF!-%*kcS{mBuXKA#%ma5~qABs}9@A*XyrD)szNZtnbi4@LBD&PQyGEe%E$
z1N8Z6?v%%3Owbu6W2j0=Pm$pmabSWY?OPZFR$^V02w)-*{F6$@MR0`*wo1T9!`Qf7
zVR@D?a}M-WcYuLD4E@}o12YJSU_7G`R#smE!d>HA8`&)})XQ%Xh~n>y192fHo#SiP
z35|)T?#*^luEx(kvE$mZw?;={I*xz}T6zS_5mKS%O_fmjdl0)gU-snjm*-mQGK9Ni
z8lrQIb}g@rPLjHOS3`@0x(y#N*;()N<}{VuS$omrq`D2Z6!t1(G1F3kWzRMM!sg+8
zK>4{53ZVD~X+B4_hzqjM4y$?*{>fNv{n+M9yn<9x%50MnWZUm)CQ!)yGK}%(2Rd+Y
zdzL3#d;1|;AvD8MUkC^~J67*_DpowhlNsVNuBMDJ4US&!kG=8U;x>d8n#pE?;=5xy
zY&ZwdU!m178gJ~ph+pT{4kQ=N0~B>zNu>3ZD&3ZKWE`r-uj~HVOC7M`NnRAb>mzV%
zGaYILBGf%F@>6gnJhuY@H2P9GdI1=P7B2cYRneU4A^Hi>8o1a3WavorzjW9X5Wj4z
zntuIUi0I0J>n(}LU|tm;b|45R;&XI2ta_*$mgQImmBe)NKevAanw{`a^>%Xr_rQ9C
z{lX$F&fELTL~olC*x{8qH*jrf153>6KUX|i3P(-`td=V(8RZ9u8dsx<;g3RRbcx3_
zv{YwQ`cr4L7fHZDQU`8&v>i)7t)EeP2q<CHQYN}}WxLU`y7N#jLei5F_s*LR?+DE3
zve1~B0pXfd_uKXPP~HdG3FvxsKWyIw6T5w%BhPm5(D{+YknC)NXQVy~wfYjwOMC8W
z<y2B{IanGx%W{pLp~<zcR)Fgypt{O_I=}>hN{tHzvu)%yF$BkN(Bc>a)Csm!L?^rk
zzOqPt%uQ)))lc?ekh0kkuYOc78~$)ZVpr%rAwdRf&-0%je1F8!Np5$uXTs5nc|2Px
z3@r$X?uh2&e75bNy*BO5(RUq7ONZ5?@}F%dj>P3)eb?MSuUjTIu3rcx-<<4;H-%?x
zScwAL^l6Uhh3#Cn1!KO~QyjQwQc{L|4#f2kt?n2FRr-Fd3px3T6;dE6b@+M04&=4E
zVQ$MWkvs%24I1+S#t_Ysg<+ouPLlPBDirJrfecI34=N9AQy&kB9CWzKxKwF)*n#)0
zd~%`yjn;oRW)hBUSB3p*hdBp<9D^F@@&qyDazZso%^2X4hZ0@8O=HHp?98#u`~-Io
zdqnf+wWqVq1G70va=m8_QE-mn0r0_s3~cWz@$fvX9g$vYOn2(ZiK7@UZIu=>xI6QY
zi{xcSPJh@yGxsV|GpVwjhq7rF>FraE9B`RUG~-NfA=r{d91-7opy&1Fs<$XLt9QYX
z>l#JdWpP%ux~+9;398zTTA|kjFN#hcc_KD-deKVluOI5ju{hhpNXu+7qgXh4JEz&d
z!(JIHtIlOIgEub?8@(<29$(pDJYX`Ka5HGliHe~Ou}-0Qw(q|L*27qV=pidp#@W1=
zJyb<^^1{oaXX-^dM_jQ^b*-7vWAc%X9hYknVcFp#;TU=tvtk}c#4#^z7g!kpPSi+_
zJP^cC>1o@8wWCLJ<mwxX&U{^cySl3T=Vgnp#D`(`5ARA&@SL$(i|B!%XNTdBcOVV2
zG#^G5M}PzZEtV{NkCmQ349YP?9b;4yQZ3~wm(dEf^xUHIkFgTTvNws1PPOg=dVaAE
z2fdY_N$(A$6Nn%jHfBU{1gj}dV(cpunBcr5Y~4`m^>LlIY;W>WQ`_OX<z@?u44!bO
z7Y;rL-{+U<9I8#5c^2W#<IKOJCcQZU&eWl8JVy-~!x3_%PcUQXq@EqfZq6WjFC#6f
zoM8qeRs4u<dfwFgq$qFKkMYFcS*PwO>%4_Wh-;;ENr^FKS5hdL%u->%cDslX*Xy|#
zNTE7dOr0O?zNL3Rvij}iJul^|bZ`4p-<#bW5Z+7QlT>gF@<&UXN&>V=v^<6iSvK8@
z7j+nLtpG3`ZCbz|Dw93}bX|QX%S0=r9!bt#<~DqeH<WS7*hjnm_K2$ZdTt37Mw};4
zuw~LHPVEQ@^h8YQQ935G?jXu5P7&XQ6`Pt<mASxe{CF~V*O!j)4Ap=zg^JWWkjATb
z#KwiR*JJvy^-$VhE#14_%F$&jZa?NI1Ab&gf)%&D-%B8`cf(UIsk``PWyR;Wv>-&t
z%}y?<IK_Q;_8LmQUv=@oO*%0Lfdx8-BLu5Le}vb?q+6OY#5_wn1?Lfbz_RV|gk602
zr!!w1rDxwjwaiXFPdRlOvZu{{<~@Xkm?!mC$}$mv3UxJINtK0Qt8fHI^y*t}SE6ZQ
zVazyW@f8yrGhbpk_wAp@K1#uS#faKnpu_B2*`z=-N~JukEluY`OpabS>(0U`e>=Iq
zfA!3r%HOKDB+RP7SrlPh@Bn04JSYSMpR#IGLPhW+xjiS0vTB9S=puCMmcFMt7HF%`
z@}+1|T45ku#w8JgK&N-mws$BQPDj{w;Bw~_7|IR|zaANmOp)`L!kHSC3kCGD_fBe0
z57~bIR(0NZx_N<k^BDinc<D`TP=Z_AEd=r-ELSjCeJrNLb_PPIV!{FD_e)XU^t3bd
z>~mB84W=;$?kf#n@%3XH0&Be`5APrPbU8M27k*jh-s_IarRa(KHL>?6@^yx-Mw*8c
zv~I@A@kD)3Fwko=K-%<CU*K;0GF;ORFzSDm66*<R*z+k-S61$Q3JJg8(=wiXMC*od
z-60h-oYeLk0{Mvp%aAh-tIg{e0#1EyAk~S?H3l1FXs}ulo`8mTS3}oO<?HOBBYLKN
z_|WjF9`tq27^c>iCP;+?W{bANC>YCe2hw?%IvYpHVK!2R#KCt>qX-N|`V02r7^+fi
zrHX2S(+7v`#fMXsg#32gUt;TvEhCOnL<3h49#SnGMTB+_Wp72Ibw<6$>R%PvjYh?v
zS}MLO`O|ezXV~uj4@2Dq&PKn^5j|ZD*+$}|@!PE^;Rsgj5X<Z-_{H>hG`5Z<Tt(5c
z>XA<N(*qeF7dDh`+mUmoc*L^RfejWIVjdwN2nie+V2Y8{N!ZsW$N5rR-<SH3hLYn?
zt7=hs6MLL&w|jT5znhJV*kJ?B8XxC`z9~x!)>YJrF&LTL8b?Mo0f-bPjJv3J&kurE
zgF@7Ww;jQus2zy@5UerUG1W=`5p5Pkc@@^^^K8lON&-kM0GduTGe)01J%*-6-yp|i
zT1f&UJCLqovCa^Oj`5~!;@8I|nz>sX_f&V1)}kt+uCtfV#$FiydQQpw_7@#YeaeHc
zRzuKf-ZJk{b)w~ve#~HPbXfBvZ_6+I34jWdtz-y}CKfr(L?}suP=THbs1NmObi;{p
zZ4-;1^W#fa+MK8H=+(o6X1yl4^}k)vk!&$Aw#A}NF;h|_u-{GcjjS_Eq`Ip7`8<iA
z@*A`+x+{5491CP|QVKh_JO=BS%C07a(5A7Ot46pz*$&JoYa2sp(i)ljw^k-QiJ=dM
zQ}cb@aNqzIjFgD$T{V+Gnu?Oy9*7-?u!Z&L?+<z*E!I!FUVZcmSC-WN$j97cW>90u
zU${toGBHA;yAq~LdOf+px?bB(7zE`cQ^GjRyu(O+_zVemOYIanb|oOBhPr-k&x{SD
zC4k#TAzZP-ijvp}fkvEzgEjnh2(}camsBUlmO4z;XwL(2c^yB<72rByyup!w7|?9?
z@t~JK<@?g39NvGb2=YdtmO>9?NZ)sz{8V)avOBdo4^XpZOKJ3CB{4yyENCsETR+{3
z9~gcOa68m8G}1T+fJ+K-NXz5pXD^wlG$qc?350sx%eTvU*OABVufw&)1wYEx*>1hg
z0E0eTs^1C?hxFr!w_-ZB_^{L=F>uie$a>BQExd_(U3E!ccQ>E#qZ1$89J_ys<Z7=k
za|C@D%gn!ILJ0u6WoXYTHz3xI7G~sp$Eqz%r0A>~>nqwyfA^`sarwT5JF-k$Xh8n$
zTS|uRSRBZ3OrJyC#?akKlNYFbSR<JlWIsY2Wi`H`ScwTTZqW}C|8w#E!<pTASYNJ>
zQe0awYbj^0|7iRmFr{B1<SOX^ye$16=6y*~%d296MOFv#wfDadCpLGE7v(yCQxdjG
z<LuI2&fM(d2*vI|gi1J4>LBqUT*!*xi01)z2Uz;dORE+%tY72Q;}+T)d$mvcchLJB
zVFRHzhW0;rZ|%*n{du<_=kY=%ej4YFmOY~RIzF%>ys0j-ZTj~Trnhq#evmT)r(Z&F
zp`fPnF)2F`Dt<zx-*?=x7$w3P11uO5;;H;E7jSvM^MHe<*=#S?DWqSIlF3(NKKkdZ
zSGqIBdbx?3yAp27nA}vo=EUc!dMk7N^ZK8fOkfAXfx6RioCN3|7@co)2T}l9X4*I#
z%u_r8Giz+Fx*f>3VhC&3|4o;+#4!JC<1H0H2fDg_k9~pR*LVIZ<~k56y++eb2&z2$
z-A0hNZa-Nz|AU;R=FF!PuT@@eKW>Bl0Ig%FOBf;JZ_@Pm<>M%$cd9Xr=Mj844Udvz
zuHFb+cU^$86?Y((oFjDHN-drEoqCyVHlLSX&N_W$GBrBK3vZ)D(f8|Xd?JYEMS-ML
z;&V*Lc}p<_!@I*u4>-p%LLFu7+QxOc>AiSv`wAXt67uPSS?S0E(|k?U>MTc5S)e~?
zMITV-@5W5aL(@wS(fMhv6n)-7r6g}e+!J866PE?ugNU|25IG;5l{3>L*vGEjp9=H#
z-?GM~{Vs7ARzL=?1baEeArBnO?~sSQ$$XXo?xj<Nyg{2Wa`L(eJj+V^zpDC2&I<L0
zoS==}cz&pN#Eg6D;upRb(f}MBv7g&%#`=Jng*79MCdYC{j`pr2)mh!LZnlXWsQ<0T
znh~Rl%O(XY(r2l1oqSx1M7|im-B0{6o!sE6XX?NaTB38eTL}ZV=fxz^pJ8?PHrOgy
zdNwkXMN2x~D%laN#7FTK{}}7b`g*a>_f*KVOFREBUTFY?CcM8u8U+W%bRY=c1W}YK
zBN55pXQlk5eo$+uTYpapOG!9=A$2YCgy_<x;c|oDR@crL?omWK0os1-J$?4zaC@VB
zw~A=S^b6GTo*z~wD1+weu|Ej$z_$ISu2w4cp_D||q6O~ox(fA?(?<S3mJbAf;a}c?
z&?u~nwk&aUA4c3t*S?I9A=~a|)bwg(e03$2{SuP*d6IKkHM^m=eKBCkaXS%2C;2P{
zx(_C1rK^{WIt=m)-}99!w(laWrkIM|dHSEHpbxX-X<69gfAKlp4L&u{PNJV*1rGFq
z)*IloZ>c!h)0~d${9x%_rh9L_E66YGjoakR8Jx`N4^Q53mEJTj&f<vt1SL{u3)0h8
z)>$z0=>1!M8M4&3M9ILMaN;L|_xi5`rNoopcI%P!E<ya{{wy7XRvEc|2gL#Hn5P8b
zX1LD#Wm+kt$Fb0s<F5d?XVWYN^i0UK-j5Wl2r`=YTskFh@TBVPB!j|RNzHdZ45C0F
z&y&YMq+q;<06lQ?7=+CYw2JkJP4)G9@*u=7PadZtTTc2=rhx~(ntmBm(i1llUhRLd
zn1^Os2ST<5fGn0JXH<TbE$!3+-xCSTDpo3DnJk&B5SL2@{Yz-X6iVj8N!~S~cZT+%
z9IwY$PFbH2-)MV_>qihz_(AD06Yab+(@q`Qgd$5!)dZm(eWC@-R|b)B86+7nk3xY?
zJp*ZX0e0jLM1<`%@03Q&EwHr9-z*G}IYZ3Gk95Ko2~%DVY>r<Ns})TXeFCk&=t?HB
zrCA&S{0mHnGRDVx`?b|B_89<I&UOJJDwgo_%-V|O-YvMeZCI3abwOD5NrPg4{DDuQ
z**`x_eP9)Fgua5h>BQh)c?gcqxq5&?d39hE6~Pd;9?|`+vap#S;M(-Kseja~Mle<1
z?2F087XQ6_?Dj)3!|+77Fi4c@0~&;GMA9vIx|Jb%@*EOB{~dR&s2G>)PQ8=6192Er
zbsS>4_-RULT$i$|Iy>{ok9(N_m>g!(7%{Xftivc9Iy4t`gCPEAC{alZBRYkAXE$n^
zZqy*cw4Xa~|1cvJWp}yOb|F-)W`%3Z#~K5s?M@8=YU&_&$r}wEWk{X@$`}egP0$qv
z8LsqmoM|OXpIsvkRt42;N)AOtdUyz(l$?%@%g+da2AqLCWc^`jqle@XD-T)bNDE3;
z-kas(@At@+hDWtVSeGCBwY|@@lIs8Y=Ivzrri%@vojVf(*m6Yk0oFWjip10d94e69
zy`EZho7b;V@L_PX*dV_P_H60T;gu+jxL75bOa2d^W!Fetyn8k2HvGlcP0)Dx!PWC)
z+TYZ2&2-rgWU1K&_a2<_GE$Az3swMocP%|0--DAwL5H7yeKv+V`5N$~ghYurIpzwE
zyNloKj(@B;cToO}>7Ed+llvfXJ<@D&b?X3Gsq12sqfEK&2Q9WBc=FjUt0M_>hOuH*
zI)4-lUa~KzIgcA}m>zmNJQ%WAm(6i+naq(@v%2P-?+J2=yd6!9@@_1kp0*Ofit-QJ
z#E7>^9jB0Fe+~o=?iNA3nZDw5=ztBXI{KY$9XU2eBI(Y}W3XU<TsnsQ7GxB+RlxXC
z{A4dwp+)0$2to;Yny4>$Hiy-Vb<I%0=fkEmGy>k;iWTYT6$1gH0$LT>%n`V-1L6D0
z76UNkS$h<e;XQ9twp*6?XJ8XU&-wU@uci6Dp?7fjaq-ki6T>I6P($ux(8e)Wa&IGR
z7pB8}2SPb_6%Mja4L4wPg3QO4c%VeTM<>wfHLp%hQ*1Mj`k7tNHcF1Ho1*^w!Lh}?
zIYRtY9H1Ek`p}*>bw=BhEqsopf_D|t!DVbJ`s1sQh-<YcEtrN1aSyoPu|B_@wTE#3
z?$6|ayec`3K(}^Z1+<;ml6{@>6Mgy_a~AKweEi0kQC=Ean%?k2@hR~mbNOLay>_0V
zne(Smzxzg;+#xC9r$gL032icfsD27|H^{T3>m%wlQKm1Z1HxwKK7RM`&=J=;Vebw+
zzt-qIQ{c}%PXLY-GN;<M(=g=wX!Eai3K_bf14x1<vMs+f+K+q(%s;AHqY;J{H{Rz9
zttra1@-vOMiwTq|&;#3(L;(ex+&PgT%4(uUYja^J@cnDHgonrJ;~H8MP6r@`DV@J}
zwe1HJj1N%9+753w!pK;d@Gte*=Rhs>x#_LDdw<G0kAyr$VDA6?7R9+vIEM*z+BAWu
zlbAYzm@Ru<2-*zPwnLUKpw6g+e!GnGVVodqY0C0Mp6oKgH>E5jn_qfCXW8ZBr`t%y
zb}MJ4^KJ@qkNrjYc20m6z89NL!h@mSls>a$7-bA1-BjYuua)&X5HXwKsi5d*E8mLF
zK;)h^C0>lW+@*5Jf4Jy7n*%;c6@2a`Gz{GZr=LC<Le86H^<ZQz#mWNBUq0m+ykm%`
z&Y9>pIgjU04IH=}R&-!%SNIbNE6|B1#h}HnqKOzNM-4qUXTrcIv#sZcGR5&}x@-%|
zkfl3dGH2XyslHJn1yLtZNxKV?i$<@bQm?+^U(Rak&i>TlVq>oX5n_jfy|4+82MO#v
zFmF%?3&M&0^mcmR;*Lv&2}MQcXykSrxE($FHk>b=;yt?1;d*}bv*___Bo9nS2caQ`
zZ6L;$D53fid?Lr&)EGXm=$JI7!4<~^z(1?k);4qI>Y1bDs%4JA0&6cAAMOI>H9<?U
zjhpZ$#9!FwdSy86@U9EZ>fe{_+dt%9aWhtppPU#;usq2T0WCQ3U&vKRk|l*qMPwB}
z`$>{&gCc9zySBcqO}bAyXoc99`KHdQ<Oro9k=Cly1>xaNLs)u5A6o`XU1Uop&1-Z*
z`PniIk+z&Sj$UEZJQ-{CdqHTu6_HQT%zU$AjWzFBmFDw|d*RUu?SH`e;vv@VKvKa#
zGU+}c&?!j?KFL1JAe_#l$|T=r?894dMwaCxo#j{0d72AfgY+7Jfku}B$d>UYfxQI*
z<H`Di`3NHtFCc;z1zf&yQR~0%_L=Ry)ndv#j}I1POniSLHu*QrA!$U&feE1u=5-~`
zg*^po?d!*b)%cYi;vSs$pJv!zfP>jKEdm0b1;@v*rEQtDnTtJqhy;SbA1Qiy>Tj2k
zm65~fTBGw<D@VHZZtOtv4w8aC^z%~bhaRkhSOuI<A4`4E7kvwyJ2GAsvkb4T%CG!U
zl>gbJv7poBeRWd6uWQ94d&Dm7#hn7By|M%G9l+iu{L9*~u9C2fHiN*8Hj}aM5AhC~
z54%lP+=pr8%&WIP&3=3$3YNsEQ3VNJFhB=Kvu3Hy*sG$&7^?GB-0ka#KbJm6Ehsc2
zcOX+rk^WM<#j5SXBMP^w;rTH7c}q5EU`fw0-eR%=i#`)smZou(=5J0#pVLK-bA=A(
zHTb>6M7PilwrKxniW^aVU_H;kzv9AEC=5d*y{tOV0mz^ly#7Js{cvwiJOZQcVLM|H
zszTnvp56-ouN8eQT^r+6c=S}bnXYf#tDL?t)N>@>H?v@T4PVr>v0BD_fj*4sh~n%)
z`pvJhWwFftbVPQYyS_LQ-n|Fz9%vpyyr1|>-{^5Jmz*4gBh5MtSK&-x=%>NOFc9?e
zxOP}xU!VRHeEWLXV__DQcG7*_US(Tl$VnwY1J+z<_4Rw{?ad8P8()Fi80C+l+gJ>7
zai*X(*tDYdTWMX}f#8nd(j>1i4W?)1%b9n1`U>|at62N*Xz&l&LM(mqe%R6mz}v5U
zf%#woHDeO(C}ma$z@Hh5JZgG@zFkzZ@M5eu>%{%J2vHaD@=JHbN(A~3P2wW9E5LN5
zq8PJvyBHNkCv=w-Su@77BA(5hekDgkP4++kA*L`NU!#Y~;6?S&WjO-nW#C?B!2_l%
zIgAT^=4m}*LhnkoLjpxiSxW0p8C7i)p$9G%&x;{UKV^UFzsRHMEWKaJlmfd=zz@-m
zvUG{;vkY5WEE$`82*7q>rfZN+U09*twCkUHi9v`XCpKaVHp`N4@a=zh-hFpFp9zdS
z4BtFyn?_ji8;AWyzTtq#E-BVZd4Rs^2)NFZrVms5vSEJPdYUVR?c=vjnV*@sWI$HS
z-pU+Qt#J?G+U+G3tl;V^mG=fiF2K^yUIy1OX!UGf=MhT}ja=pGuZSqMuh28{5r^Iv
zBD1^Iitg=Iz@z#e>7RxG%beY_4Y^Q2HTRivpZrJDy!w+Wyj+j6;`STHk;Be1j2~Sh
z(2@LUH*$?_-vjDvr;l~yw@jye{A1x_`$cH0izBcE`lVhtph{TDGwrNn)FJ^#-0U)z
z81fwBGe2Z^p?|GqsqIHPYI<|_%k{_LRCE~1f@@h~>k_8kkF7o^H;NLS69K&roTXyr
zWeCQ$0WA3AJ_+xEHK*CnoSP6UmF?2d17IZyTj>g83Uz8=ckyB;>jwSZd#{JH!F9@1
z@zUmN1l3!rY30Uqm=4mM#t2APsERPLu^4Z}tH3$!kx{3H`#x8yrW9wpPoKT~W>;V6
zO+zQ?UvT<G1fYydBaolMC0d{i(=Ngu%X4(UdDn#NCPe*gwpF72eZ|iMQp0IE-!2BI
zPB&cK@1Xp+e-c;90b{d{cj4%-7(TWOv=>2i=p)Hk>HQp!-a_A=SByI|TMn2@wctzP
z)k_ZH(l<(vxXF533EX+-JT=4h4FnERq9v7JZ}~YqgXNop&xt{EO7Sk<{K@9J#O|S7
z%W4(P#T**+rUA=>EaGR)kWKjQc(SVytRuX&)hV2#=MMiPL2L>9QioZQ(z0#P{*2Z^
z_gD#TmtnkP02Kyb59%C6xK(u8x@Grn35Rd0*DcaNsP<{u%iASO*58flgFygSj>spV
zhhEre+inHfZfP?DE>LzQ@e)#t93<whOv|WtiTw1iIlvEF`z-D0zOb48MAViekf_1{
zp)`rP#n4D0%C*QUy->{g#H_|V8+=vr(eR|GFd~&+z%^qZyguX#didpO8yEr$Xs*m%
zMTY@jZ>2gu3xm@Xug)J0D?s8J3FOCM2^b=kKtF?++7e46i0J5ze6}aDE_^i>ycA;V
z-h55EN>A0r**)-0ipxc3h>)2^7N|TRLhLXoV)6m2EE`}76+EW}tK-ipXJpix+fHKM
zp$4*Ew+#|L7Y=nash}s<Yk#e`^Y?&(vc(Y$Rci+_*?`c3nK%h~YFiCACRSBll>8wq
zaa7Q%{s)X66YQYD7O(L1b@9#XF}FCV@(XL0YD>0bJI3>~Y%m?#D%(#8<Tr3$Oh7r~
zQ}G29bR^WMgHk`-O(OQXH1Be%j~!SDVV$!;m4E*H%rX@0sRxYw2n53~SaN}IfuU@t
z+ps!gi=%ddq$wD&6h8HhRQqwg?DMaOa|RRqFCcLmD}7;Vq?IW;^NPo}0w<Axs$Yu{
zW+v4I_P-oavtT^K57;_0@NDrcW@7DV2uKz|MY1-mX(IKXOb?r~`7|H5Wx-w9#`LQg
z5zamU(^Y+T<J=GPkhVvK=Cpuh10ApQm9sPRb9MEOdJ|Vi^>h%Gv{ju|Wq&>0#cX>i
z#yhPK{o!(Us(X<8zwm#A(T|H|nnQc?0F}jdg+ab8?H`diA-5kzaZZDX7+<R)%QNP$
zC2S^#T(oBQx`Jqf9uXW(kR^n|Ct;M_huWUNv-7}h=2EckyV2<><2fv}v<tZK?Ln&L
zbwROH#y>zxp`)RxZ)Ibi7I9(w9tdnQp|zz+R0nK52?$hhqR~|C@uAmqejQMOXo?)j
zZ|4c^g)qUucZ0pBs}obbLF0{LRP<r@w1hC0=X1tHf@HH=t{A|k@(u6$)Fnl1TIWAB
zHOh4nyg2!ml3*Fb5#yrgmQkGmmDYuY$IXrikh$2qB)jn$wvep5=*|aYj#JgP-s8UD
zrd+AHX^dK?FMy%0iomU3`&%i~|Kx1vbo(jWeY?HaZ#d27LjSw{Ya+qy8vu+#Ao5e3
z(oy2`is};{bVBA^wb3XG;e_a`9m@B7K6G68eDdJ#=eq><i*LT5-~dw<s_n|;#NWsn
z+=$@`GV$NnsO~BB*4_tAW0$PFL%k3h#A}yx9Z=MxiwioRj;nJ2g>ebCL5yaOXy5kT
z7K^9-#GH);_CfXXs>%ihmaa>b_FYM(^wXOf{5%=+eR}nvxBcG>=-U1wS6^_<<<Vfh
zLx;(qzuOi172|r~l2&@i*=S^1pXb3Q*4Y=RlzX4f{aKsWdGkpyCcL6?Qkl1qBNPRC
z`-(h{&{2j38JeNc=S2PvK&jstc6fOhGhzImPs5$*U+dI0d)6T(U)A3AwMWkU10*_f
zgZ)%*fYUdty#qPr>AJMqIkc&61@frxJn)=Mx6KKTFbHdT`qDT;L#+Ln&NoH9;ee>!
zpJvBUMHi#8*C|Mz%yUoHy=LTmLQf?ma(%l2eSo3#!0Vyub(ep`!1Py#b({7q(r@6h
zdfjk~R@2deZob*9Fh!POPNSm0AHD?366W9p4Tc~9=7nJ0s%etjQMUnR#0bfq5whJ#
zQYwj1u#fbLK5yIqy;CLkl6$Jn!daN#@^=iNj$=ziP{2r{i^6>I9A!EhC0yy(Em|1V
zraJB?>(*Ac{J1Unwu_5Yt@yscSHcDz*FT{j{O2mYK@6bM^M(y}HSsN)1Q*8Xa{6N9
z=iQ;{mn`n!rbFs4zbv(vDu~f)?iJ+bdXzf}H{LEHkaOpR!8<C@BhWh6J{*xifo96j
zch8xI$hH^jwZ>KWo0_B3%8xbBXVSgy&o<2DlrQr5%J{U04{i8m!LA_@1o8_{iS6e`
zVv?q5e;mXF=a7ec%#V$-0k-S4UmA7WtHlJrf;lpRwD94Ev*b63alFVeXg)!XKrU1Q
zCn(X517=cc^?RMB;1s9KXY|?C^eRgQhKk*=>Q~ESi;iO|7acZF)i|j-PfHirdexh%
znyC<4(O`*X3!DP|TRzn|FXGzSraX#LqtZ+}0?L+S+=9O>5eM9t1f{6N=yUse&A40z
zx+`|?lV?#uzQ>d!@(VDdt|nq?hI)>g_Ik=PWRw4Z!;m$nHdYx@pJN^*R~6z@ASvA)
zr1ct!<*BH0d3VzhOv^|YG3~$z31li0!`W8>Z;>~%KbttWjhc*ZM2%H4BK(GeXHM=>
zjn=@O-crtlusyf$!Mw1UVBx*fq&~BOQPjJd#?hoBx>vL2_71lkplmC2H$`s6kDdP^
ze^KIiWd0c$>&(SVv-+P5PnSMz9pDH^(>JJnpwmmo$iVzpb4&RdP6_NN>Y!=Y9N%ap
zPJAh1Y2ynqz%5w$*MiF9OUI>WSMoGx%zI;x;6}DIxyd9zrLSX17NrNKg+m^n?4AQ<
zP5b-9PAHG}W52-~%(KPgir0sq9(mso<6L{{7UG2K(VtLhlsp5>fzl(yQd{DoDJW}=
z+g{sP=&8bPhnJrsU#)_*lc8!Xm8-P1WRAP`rVl=3|NOoQl9V(50<2rtiK@YtEaV7R
zGis?LC~jbw5!V4zYSDh`wiLtR8j*By7di1+K=+KPd$CbN_NGF10jyu>&RzpSEXYmw
z?BRR{pX{0^%lU#nwEcj@d<MW6n6CTs(G>wNflH%3=0iz;f{v6mIHcFH65Q-=;BRvq
zT{hFOe02rprujrH14DjPh&s%0?U{|Z0tB(de`0E9D^v4S4^ms>+U4O%h(A~4?eZqC
zCmvwdN`}mRrd&9L<GE+dfU%{z99zJtO$KynmijDVHWG+odBrz<39vG47^aSbsfV8j
z=Sep?s)_!Tri2r!7Y)N5c1a)Fi=H}nOwNjHwB8Zg-lSXF7_0QG(rxm%$To4e?$^%V
zr}q5ZsW<zcEPrvG2dmTCgfX2D!N<G+e*{f$`x)UzUIw;aO3A#nu8?xS@dfgP*xms7
z=%RhW6))=!n-*T{AAxu}b4%rOoMY@+y4Dc%WlYCjj4v!5%17|gpFVk-VcL1rf#SH4
zV;Myi@jga>WO6(tBm`kJIVbEclOZEV$wJ~U;rWgZOJDWo{sHE%_xp9hBvAXnKAb>F
z(1)^GU{y%h?&7oeq7<3;-d-N?j`!{5EOdU{{iZ6pLL1V4v;DU*lUIrhC}bT0J)sUq
z13f~Z2ObABVkk!=I$_eftE+!nwNEglvx{A3iuMFa%=8KO-BdAnND)mR3Ax&zeReMB
z9r%-42z}yVj*u+qiN7)yJ29eQCSsrEVFv$sdiOBU%j(|JzVf4Cc{lpT^7EQPtMahJ
z)(c(x!t@8V3LB3Ptr$yjQDO8mLjr*$F#@@SRQoFl7l7Z=Yb*n?$am~3&=QPWzvg^$
z^Qa5&(h25PP5;^7-@fNK&o1qG>~wQGNfLGqlwQX#4HM+V$5v<Hdl3+zxm}FT>b>QZ
zq?1~PTM{h_o9T%WsUnY7Y&z@73bkD<c^sp@I(k}@drfrI1z2MFgCl@~`M`2+^{ucN
z!W3*LOl+x5W7KH#5A7&er4n+kF78Qa)Qv2ZdCX(u?y%##3lI_e(jL8%;;5p*=d6Ip
zp4R}N&F5u8YmP3`j?xR~?``AK>y9E$(si-f^$0=IN+Ioj%~ZeqjZAyh86{YeAoRj}
zFwJ8PK^1~y*OS+N3#`8K2x`aFs4cDxJll+p9&gI6Akz+a60w;bhmA7FqX})fn$g|I
zvAj8bLNE4-rS3qy!Hjrcw-eEuBLZ&%xGRxy?sVDiisr{QJCL)ZmiFEzMdlvv%TBR~
zebt}dd?<YD#r>{bBJG>dcJb2$ur5m)C?WqUqz~BAH!=z2yKTB9)LyKgbnXj3AG(7z
z_GDx0DVJF9@qNP4w@bdS3x4=WsV<~J>7IF0roB)(7`X%^oYn<RjWI38cM#-}5xs{1
z*)Hk<Rhj$FgWQwEK8d?w5?6UICVL0RIv*3l*nqY?Fa#WQ?Gls6bOeD&eh$h=OGfhp
z8=Y-BfD=P>sC&yV!Rlauv;Riv;fA_o;gT49tm>&$uP|l(M>gxh?Fm(apXjpbZCt3+
zU+WxYK{*pI0SyB^t{aD@J=L4RTK(a=c(tsQ`>tc<=OnwahxxJ%uJQLjC!;IQ9fL|>
zI-IPGkUpqW94?@h1!X$|oAmKt9r}@jL7k;CX+0H+^RZbvy1{SpG8dFnrp+H6Donj9
z-wy`Y@dQ732D}!rQa10X-zN{vK*>@(-22>0%jv5foc&|y+1G$WS9t98k$zvj?<O9V
zteS60_mAiWfm;f>*ZMf32kFrjj4WpMc0Nk79Dtq#X8kIVN$?V9z$vb>?G8tS+flp^
z9eU3WpZQT~;nQ0irOWNEAG!6J8jL<L%SXNsubW6hff?S(s#Rv>Setnu18Hl==)vdB
zGu8r4*Fp|mc8b+jcrRlk@aB1l&NIjx8F(d(`~*rr6Ne*i%!_rAGUs@K7gYTu_+Bg7
zuGoMwWNz14{MSmixuxg<k-@t_ZluZ)g`(Aciwn~q0FV<ip3j4#hv&F~e3lLRi(6lx
zHZ~<@umb6HypH}Dn^Jca=B!<>ubwEV7MJmi^<i-T<YasA!Zk7B`c|MC)M^AcJ2~ht
zp1OHtL=Pf|!~^r!Jv-VH?Me`>`!gPe5&K!D82aRX-zQhCm2aC5g`|}`RGZ5ESYm8l
z;5920({U-vi8xBt=t4-L_R*bE*g}@VWY})t!CQ0M4x}V}bOt`_t_`i7N9AuKKF-SV
ztbE*7e41cs%MtRUh`3Y5*phL~#4nMGV8M;sgz->no66{KnpH2~`=++WB8SFY&FeYG
z{qkq;xm=X6hwO4hBRP}sTGQ@4DNIK_rgrsqBq@z!GG-Z8h687y4s|r7Y-XV1@}`(9
z_B-*7+=YQf^n${nh-}y81t~5DKYL#+9oqxnhaqQU<Scc`*xf)<uaf##ShZE(bN}K<
zV#+qDs48IX<3fi}U0#DxjK%TJXOiveZ9PDkpUGqT#&P`n97?H(`J9<bSgMV<=Kefq
zWaS%8?sc#x(xD7kWjcWaI>Fw*{mKZNM3T1BN6J9cTuXVzbz8Vzh<INd^<y~>cAt;G
zD{XOkCgI9sSFT3h6NGcDP^3y96pA6g1eqRqIuX-_Q<(B6+OpNmi!us4bV2NsY=(<0
zk(83pez%%A=XA&tewgN$lX$-eoe5eEALt&vIHJgAY97snB^jtBM<=AW94`k;L}_j1
zm9qg&krU28m|1%Udj_7~OFb|ecc*dH8Gw@~vS=9ccbEi{=_CZ?!gkG|hXS5iQ`JX(
z<<AuDK&Bf;w(od^tYvfDYB$~SG~Vjmpw&!GZblbJ2zL}u8zSSRk-i&DF<`-u<>Xd-
z8F1(=wn-6V#^;QMT34>JRo^*C7}xNMN(5iK(=2Pz_Y=3$Ou@<`HNf~Q>KRDbUX)+V
zGs5l;Xz)}WJ5}m8{YR5_-QhL<S}4iz!&Lj{Uy04&=#oiEBz{W|Fd^GRkZlQzqF}_`
z0sV`>$rnovx7fvz121Mh)V`fzGG^|r6}vdwAL~hw>ji5)r=F2-U~5Ua97AyZsN-MJ
zpI;@qGZPqoIZ-0Ery2LaQGMHToI((HJ981Fqq{$^)VGxgX@w{I8u{!U`Zc;C0m4ZT
zJtQikyX0HT*?TI{+-xs;RW)V0GKeFA5L-46ec`88-`Non9|JAU+JB)wzdQfKk^RqJ
z_llrE`{LVT8v!}2<D8iWCb$)lHh-VQ<fZqlcIL=fhYVl+xelK_F>x@zujpmx{qEh5
zD}*K2#o_p-N3N1f6M_Lo(Hl+*I))!*i}TI+gQWU@LCE>}r4JQ@7GZ!Ij{X0z_a0zT
zX4%?kDJm)`N=AgT1w|#P<WwcvfJg%-awrv)P(q31SPBYADggmOp(F`ND3KhCj3kj*
zWGHf`$ORR+n>qiPf5w^9XZqeb|DCzlejeIxkgxV$-`Xp@>s@QJl@9|BE=A6op9NbR
z4*0ujuS(TYU2ru+=dfBQJc=jdoll9Lf1xhctQvY&CjSQKm=lDt3d@gwFbLn+<+`O&
zEy<an-}6o}Ew%h8)d{27DS~o9?>8XV>yva-P;4rS@cVBi6L@-?a<d^9v-fhx*AuX$
z-)hP3qvAX+Ifi63g%9D?;&#{RiD7N#9RHyXMWHk@#=b=Hbo(&vm-`rVRCK<#vB!rr
z+-J)VEI#Ow0lZI~7<o4qSuFZqY6D)R%Qe8we=&wA<~-3IEA_I$SEH(}Q6NGmKz=1N
z=;Ao5Fb1qN&Y++kN*3Lm7a(nFhYU@k4i2~k)^C5C80eP%++UUdh2KRl?$9w-82y{-
z5wB3aRyY&-p1%hlaQdv|2#N}F=q&%)WyZiYK6q6e-)DL=X9JP%?C@r|QBt{Cbl>RI
zX7hwu<<`|uKsr3~x2&$`bP+OTm(>OLao}A#HXAu~zMwR+ukD)r)%+-b<M9xN>pt{-
zyR0rKok?c7x)uw;Kcq40lWfa8i3_)<YNa=x4)k5rb1`gRZanEzY59EzQla8$XBsKc
z=XnDoRfJM-rpVxlX06pLo=-Dz?y9unzTq??Iu`>9rNsJ$(_-RcYpwIpW15lluJ*3`
zk*ezvm%bpLRy)Zu3y<@0(GSUuV*KE_2wzdher^v75`FciKF)UD+{NHDs8VJH>#IX$
zw?d=UHq${Vc2)bz7GQGmp-4jX7YJ&mHI(XwAv@wLu-nJcD|xBt<?Zdg0g!*SzccB@
z>cLN%s=)2PMjSpoGu-Q@REiOC0xgY^o*7g2eC-l4LY)NA`DPC?q4Zj8!P5MGlp|@e
zeeNdt6$xjc&2GiX`7EzHg|%*Zz^IDx?1PLiA9x;F?mcR(H=WGBXA4CE>1bsqBB!7R
zOeE+thw>`w*paZK`F^(fUT50#G+9?0B3DkaTG{k*C*2Gh!Jgmv>L;B0a=<fj18||d
zKYB=kf49scILo=I;@>^2QmOEK0R6;zj+HEkX^5U(99{SgYW`fXCWCGq{L7HQ<6pL(
zT!SW-3)8C+`{;@;$x^K+J^0B+V@kI0qEuu#`{z#Es1)@_uiiTFQ4X&`50T;OBrd;&
z+*lTkj$D%qEs7=X!c6A*1<yTMCHLHQ-*W}(KTJY_N?bp2ipp9*lnI7E1hMBG?H4dO
z*?BZ@X2DhpX+_ZPT9~|`AxOM2E?*)n-5GiQw7H1$1Hc42vYcKG@<6Z|vM73<kWA$;
z8fNzpqP<<`QPdm7bJKkF9SE^mHn#f{qVICCO2?vD-|wY6WPC_^IJdqzW-*^gD%gnR
z#FMhiPmmc$8GBSk@kBw=`p5JQyM`@A@-XU72cISi7)8+H;=|A8qfA2kuCW}N)=hfr
zu)wPwP}P3=$<dw!9c2&_yo7j}p({1f6Az(1*XWfooAhvFLOHs!9<lOb34`5W1Z2aG
z;ABsWQN;7|Lx6V?%UEYv??V+$cd4#QzhGHBF&VyZJ2K=;n!*0O>R-Z+&0fD3B(qn!
z1wjrZ^;hG$6**E}khR4J0!J}NXWRU7xtXSQ!gInk%-kZM8#6)}&dJ_Wy`q%LFaka4
zA=OD21Im#uuk}2!ZxCS}h0ggHDw>y<>t#+5Kk8?5F_<e|!qo+09`<C9EMq7LM}c!2
zN#B9&@wiVp=+z1=k=gP>FuvA*ZA(#6@zR;n$>l83NY~yk0_OxQ1uh?A+BbgInVPqa
zBBGeAybh4+-X&PZ*!W@+rZ=+nd-V1Dlgl!LORuxaJ_v@~4L+`;a~A@bdV34e4D@=$
z!EzoCt>WbZUpfa>mb4kP6r);1SZh6EU}zn6;5R>U`;!lJMZ@1`f77yL00v)rxqg1^
z6WERc8riheUxi{e_PE~ep}SGe>NjexE**|a5ZvUy>y-W5ks?}a?~MbD4v&NRov&+w
z0(a{eS0yxf7p9nemjPN=j<hQZkjkOHQ5({iXZU$B${mhd36a0XZTE4vD=kM$u)J;L
ziRtxI;h-olM{QgqYg1IMBb|qjm2-j4qKU=#d;5%C0;`?elJY;WUQvyc5%yLe3Hg|p
z+uBR1Fcc47!?GEW1*)Xu1iw4r=QSmC{nQFVC|aKfjOJfAvw1wR72LXU)qDz^-ed|u
zi5iE8b9NxKP+=U657!0))W%+DHkRfOd<^~FdLQjlr`G|pkUqI6g?goggnnsT>YCJ(
zAN_DtJ@+kCFDLiGMCMrW`6<C)8-6*L!5+<vc{|=+4t}Es&*6aLn}xBEvf{@uNBbMB
zlE}VO>fR=L8onxyVX|V;%-I4NVF&KsJLtqHCkG*?(~knG)*E&Y`yEIjBR%QFLsu>;
z$GZ)AK+#GDfkCf_Vw(p`iV4zGkd*S$Lv++%vgGb%W9wV}Gs{VBH6K_Pe~D2$2zzvC
zfk%*G+kF{M)O$&nap9y?(IrVk&qtS-XP@t149&D!w&s+%FKEEl?5kt$`Q^0iz)_yN
zAy=f*<1KYzTx}w2EtkI$v^pH7S-acYyE%NB^h2*E*(E&t6!2kJe;_v*$I<h86jPuK
zqI5a0<{=(};;j*MuU<vDXhHi(V2wQVl_FbG&#?Zm;1#WaGX)16hq%-0jGhR{K2D{i
z(+|B{R@ks0SA#(XeXa9FiDWKKk_pz|yj{wmRG9ei`{N}k?t9*93j2<2^_#_=I&-+u
z?Z7ELtFd9S5b%MZg-062=8`x9@_AO5;Bf;Zoi0UaiYY=O?W>vO>zwgp2j#xjx>>v|
z6-svDy;{(|W+I{8w$`N5zdt#+*r@X0+TAN0YTp3@mO?$jvjaH`T~4Go*%s|UJ}z9q
z>&``xHApg*a7eCji+DvG3km0)J9uMTQ){t9x&2<pz2cJB7aHtNUk%6<-go7j@`K~b
ziic-Y8CJsSM^`~JFK815U4;eLfSGYhH^7pdFt74VxJFtlcr~3+tVUGEF4(F5+GXY3
z@YAmzGhA&r`4NsiaLM6o8MD9N(gnR)p;{a;Ok_&D!HkyzP&N<b$C-k*S*OUDjqn4>
z`!fgbM=JQYn?E$TtMKv(17v>Bc=vFCqHr>KxO&q~EAL|u@`P?YPrz*B#-Nz!;>~rv
z;7VP@gM%MfDnV=TR6VGcIKKo9Fs1?|wRzeI)(3Wh96c&3eLTU`MWQOdASUu9ioLBx
zX`+kl-vZIU)fLz<8A}$hokVotdWAMz+we$j@~NdNxUbhK1UZ~MH{#`!Xbc-{VT?^M
z`qYSDsH-*6exz(l7{T}GjbN(LOvr7hpVv_j;qMOGoJM(B1t~K_Y@hS;x__}fq3|}*
zU*xNMy7v+1KGnb^>Lrp=*1N<Rr)^U|;v9Samkx)LQ=x`N*SPgZybnh0(P6)!8d$OC
z%Jeygtw>rxsoEH#f39vghmp#*S=XmI+V9mm%<9;pQJ*d!ExPzvviHRG506KlC9gAS
zM?cv|GAqP&pvm&X8~V!@bxS=d6?8=s);FpSOG>7iu)K22-2Xv_$@8P@<D77A-OHyx
zW8B8}o{hjT834P5!p~=p;d$uY@Lc?Y&9Xgl*dNC0QZS157i{;Ci=XS0j4_Q*vAQuQ
z8Ps<DQ%^Xj6`sM}@cO`Fi&q9vG;|e9Up4)Z#4?H~209YJ_#^Y-BeXBQ7KQDOtqe1q
zhRHA9?kBoC6$~|}2*0fsHoMS#P-s@$+Z0A-Th^l=3LgWlW8Vz5U*=+7Zs%igyuX4X
zxSy)eLpwWm`~KE*`6~~`OZA6tavqk$UGGMZ#3FK*{HYc~{_8By;RlvVuL=6<b%`l*
zeQa`Dw2zdKJkxYC&OT1lEyI+veS|c;A?ar0Z8^zc{aAN!e?gdP2Q(_U<e;EU-9@`A
z&^S2Bnu{7QKrEoWl)}^G2K1&E?6HTvSjcK4@aGF25+i6P7yHU`-fS!We)aFUJq~lc
zPR?Qzzq|x>keo}Wm?H&Okcl5y>Op)U&#R3gq8B762dS2&$Ep*k3gk3)!#9g>c}?fE
zN;O+)U7E0wk+^wJ<T}?z5;#o{$-rwos7u*_B!v;4p)2jt_xds9a|NK=ew6E(!@FCK
zqy4gM2vVa3^LE5X^N=$_!5wOomEjeutD!+5ptS?LtX7N2)uyr$h;f<A5|#ARBwP?q
z^59x4n`PXY_Ol&}Ed!8#Ezr&y|HA%l^C#|Ow{_;OKu-hHmVjUJ#jv1zS~Jko%cc^P
zL)B0!E1Z5*m7GT62G>Y%)7!V7EL*&=`J&r5MA^*Au!N1CGw;l-IEfV-e5$qItIR`y
zEIcy&j31zBUJRrtUk^57zbn6GZW)7ykLH))fkh|%`#M*eT?LuLyFZaTHrz=pHCTUB
z=(4kaDa!~AUF*g6V4FWLb-J5i=o?hyt(m*>OBm~Q#!FvT0QdyF)8R+Mq!n?pIAMN@
zB5eewmAHtH1m}2YFE{@Zkzn;)E#KQ*NtLrpspAeR)2mQ#DvEj>xxq?KA>lSKG~iJz
zp%~zOtI@15Npfm^vQ=xUp*5?O8#@oufwf;<@ZLq2#6IJEkwhV$sWs_maF7~}jEmZ8
z_Xuq)(L&LW-4%GmL_K&iTSt~ya|PJ6%`R(PxSEM6wVCL;!dT*o?8T3CV_s~h_<`Sx
z4x`>!K4}AZ?0WSmu35TlXR_mkm8~3F>`@j4-uZ<K6wSEx&EeW%Z&PO42M-=0U#dG1
z%Iq>+opU3+A$e~5?um%-uYTtyc_Lnai38U&Sa*?7K9XoZQ}&KED9enztxx>Su``(=
zu_=bhnaOX?UCgd!h4=@^9{vCU_QH==zErA15ukVB^9ts*iAFqQ1t5VHba@1rafbt%
zj%4T+ppoX7lW(lf<`<kY4`mRCOQS!ceTJFV@ZQiv0QV_7dK{HNzIHvgO_J>W@_2v$
z)z>wJCz(&58~viFK@kT8JZ$ZP_~_AW(o#in0VY@KZbzwx>xaJ946E6ae1F?M3CVjX
zkNx+9TV|2PA6UMk`X|iEpy<k|@6}Mw(ox!wK(;3`;aF$Cs6sg1edAC2DPrGNKQ64N
z7MQB4Lvd1Di68|IqP<tNTL$f%R+O87b<d^<9Yq~5cER4_XC$4C9_71iBfsvTp?nO9
zJ8iCeH~L=gg$m}+*zot*_F2fegn)ng7q~d4Cug+a8SIpYJ9*|K`C28M6gU@mav74p
z%oz{(gzNQv;(FgI6g`%k2X-K>hTHPsYKND=M`AcV_R<nSjuBpSv!_0p`s*@x=bDrE
z_>HB5Mfh;B#6`Y><0Mb*WM^U-wrkE_K|xr!kG@hK>p)nRwd3#TZ=WzU8SF<n_M66F
zwZN>w3g>^@IfGz6B6PQ2qYWqCL07$KhZCQoZP8Viz-ieBe@Jf}obt?>-&Bw&h%HCN
zl1Ix!a3EP2$w4zv4VE`I5Z@ip2c~6)e(4e|y@PTU%}elgcxfYktf=ASflx;3K|KP;
z^aFOUH1#x-Awz^su>*e0%sViu`%?<9u$mDHZ<<dPW51>1I^}Xpg&p$m`lVL^{i0VR
z9x%)ZN8tjBVd*5oC}$oK4*DTtMWy-+QKvg{jr6l{29JVrMR{xHF5mN0slo{!$Ka>4
zn#DwKznE#faKn1gA*a~Q^}Wk`;dEK8%XW6o>*c}7aSzNccqz1ejc8FD>t0<9pYIr3
z;<9qnZ1e8d&vD1+%pQio9@u0%*2@z6Qw(SE#9XQ;=uLkIT49*z?1&&ZQHb6F0PtV>
zvtYv$w)K4y8wd$oxgCfO#%)_Zpl$T?K=zG*;=EzWyd{Fhmd7jo$7+)AGUk^aTF#J>
zD2Z|Oa}b5xf(Jm^=_1oGzHay<EYw9!qbutLmwfHmAPuX1`_L-XF+fbVUaZWm?GG(?
zdo%!-N%TyS`K+5i&^}zYg#M2GH0mnnnNzko5i*#G+||u$D>8-7BSYupqMpNZqpP%O
zDH~AowE|;LeB&S{*J8f>(SSWYoqxS?x4+f<73i!^S+-CnEoM_B$&@O2(@cj`Mcv~3
zOY_@queIM&GH%(`$vMt-mlq}^Klt2uSu3EV3@e$tKrnKBL+S~!%rodUoNXiEHO2qO
zrOz*Xq=`K>J>6tg!<6QLkNV2Vd%WfBoPt8Hp}g0L{^l*{2%5^SJ?d8r50q!|bHwzf
z)DInRUq{C8|Ca5tiMHtI^!BJ9d=MCNsR?JA>+$4&?cZS8!j!a#+1-C_pJ}+mz5H&G
zA+Ue%XDn~uJvOoXChIh_yZ`h#7lc*IJV$1MWWkdA@S4zUVVoA?@sj73Spm|pzC{mR
zpcX6%c*?g4^#tfX>MfQ)aYy^)e)6S>SjR)1wq_S53C;Jjc}TxdK50EUlx6=%mYcUr
zLA;6YYurZnp|0nVCWs+WKdwD(UFGViFU&=JRnG)YZC{s{@+6SlM}4u&SYl-0s3%xW
z!W?Ilbn|!>jsLRet?Kieh8sD|S+a^8iaIx#HVcpj?geDs?U_&b7z@nv<~VVlJ4du~
zXoJOSL-|WKQXSf7G4Eiq=*nN|=R8EnIXD+*HNeUB99<AsFTQAm<U~1dcq(6EY}U*d
zE1Wv1;4o*RN0r86@WgO5@jkjL5Ks>VLANvdKEQz$9P9h3nLVJG)ih~S51-9mLa5y`
z<*mJ6^dN%65m|199L|bb+2U`nejt}LXkp<ltfpOU<cbyeW15Ny*&Xi`0A+%S%nk9i
z0VX;)f+ZU5wn3bIweP?Yym@oaDw|DUmR$YOL3sj!UB?r}v>;dJotHluNn3KKzo6-{
zH8d^6F5yL-7LfX&o0nI+ewfsNCw;~fRmjzJR?zqV8T9Y-6^|{@b>}@3;SX1($FS@A
zn^}5)=$)?DatL$y-U@Tj8JyorPO&ZSZ%*;8u~+%@t&yM`Qnqb{78pnWvF+%9X1J8G
zC9?T2Ssy`4paQ`kf^T4Z(8QyIcA!on>;!AWe%X3w*SekIPH5}AxvX!ipR8hHxD;c!
zIhRZ=zw)^!#7f4Xcc`(ggVa4_@pT8n0GwC?njLnYYVh4dA;YT$1_MJx(oGJEIR@63
zP+)OMY?H7#c4NB`6SwumF~2_@!m8Fl`At6u^zI=PYhQbpxIaJp5jcdM>=2Kd{s(g*
zcGU%1c|ZaPqbiCP>RzTzQ8M0rXa^Dx*Qr@~O0jTXY624+yJ2>KAJnnDNxh7siineM
zd0hmmgr#WD!%2R&g%or|3DmN+*Q2Fyil(asKmjN~<JdrpoA&58AL5|dhSl=s3x_hp
zX=VEiQ>EeFwe?fjOPl%$V?j^n2$`OCDmQBHzcG*HaCV1TS@mb-ubwAnpKP<v`I6U_
zi1Ug;eBFZnp$&DR|6vQf=E$z7%Nu$AmY#0OWMtX)3|joPh_pbAX19~`ms|&`R6+C#
z95m;U&tYp>0??ce(4%wE9BoXgK=Lf%DpTx(<wbgHO4`0HOmQvONwX-^GD|Y?KXy;b
z8U0p99E9%fJ}|fJ>~y6~hC$hI@A`fS^pbQ>@!0z(3mv<=*Xt&gcf9KnHnO!s4Q=A5
zwY%&T-<S6eQC8}0yYn#b(SO84j+O5P!I8R`0QCX6GTFuAHtoHK4Ka{6z3WS-lu`6z
z9N(!oEYa5tP9Y**6Qf-ml@7Lc;5og{fCe>2I`16pY!@%5n^KNe(|aDH1XXyS(}l#r
zmmYx9wvR^363@U}wdfAl=(#VH3z~37M3-Mj1+pFIna&L7WX$l4EX&9d4v}E=uc`9h
zlrn5uG@NV9>)veRhdqo|JS*nQ?})`Gw!_^!v@AZpvv!-RXZe#@Ut&2OmyS*Yz8sLN
zN%D-0DwEBF79iKubC9i9`L%?TV}7==NPwsQ<2pD!D_rf8AtQ1-AuH3lMbv%0osJOb
z`xz<xj1>M?r0@++>hppDmD1dSyaXxMVevXBDIBy>(ERAf76?$(N`V<@xEGHu0F1Iv
z^<_`-f5-ykvd*RHXIu^nPsm!bXc1L#>>hfk2<(ceu9I$YuH#aN#uik7`iG*QVjS59
z4n<d=1zxWTEShVKg{%(B?(}NVfbBGgDcCZ~2Hcvc=Kc_Lm)THxNP=HL_0!r57iI|_
z?F77u_{7S7;MmlQzkS=#4Z-^6ufo*+n5BlE1f%7E590JNAe1U3(t!_Jc8W?G<QB~f
zlmR~I!v}`Rv;ADg_91-5jz9vRwuiX-?A`YxZCXSrLz}ci+gU>4QT+<TUiu4t-Px;{
zKM<xEqpGyY=ixPIUaD%l1D=)sjbD}od+vOmYnz@d+TLe%^QB0~4bw)c!;tZu)J@!H
z;c*=K!c_ed`5KI;m&{*fQylf`Yuu*QRzi;IG<q)S8H*in$olY`w#49?48e2hEoCTi
zN6+nEWESP5T&8uQqC)MBoZQ>(ZJXG^WNJPS;Ex|Z53(9mZLo9owhYK>hCx=N)8O52
z@MSlvIrPk<ruV^|Pu#caki0+Of!yhbnkZM%RSV=JsQd0R(OG2eM_A{=iR3_N;Tzgr
z4#5>eX{EX8!%Y`oikz`{nWk*7JiC>=bY`_p!}G`!wzPnRY{@y8K_*9HGTksQKjnWs
zR%lu;70;dAINaSIW3*Yew9WT3R`@rK6(+nGL9DQwR@@=yd>}jP@1_+*K5^aRW5#n_
z7?4&dT^DNh>^@gGcCvVV4q<%jcDDXQ9w8Nzq1G5fr@741Mi-EK8)nRBI$F*Re~elI
z7Ud5`KaPk$W`)6ZqbwZ069IR1y0W&CabCrUrg5et{*&R3v9a@+eDEVSlO7ln{7?A9
zD7H41u^RNq0Q}+Lj9cD!?<xIKa8hSxm0@O!*(&wi69k;$A4;r%1ayATeztXEZ6Wb|
z=W=Rxe_o~;7_In6jC2v=`5(b5K%#UvLzhQYy-m+KXEHLjcn)<r4kX~5=?cOohVq*;
z$yCg1m=gL=@gE<#@)OxYb2t7Qb>}te{?f5-WVIN^XZ%9^t#_|1D#Dm(P^hZ3r{3%j
zr7NxYe@+U#DIt<2`x_^eLtc2eYfe1OZKgS|y}OHF%p_V-_j36O4s20==vLmxQk<r9
z8&=xm4<RLgIRDfO{NcUw*Z)6>!hfEu{|}z5Q2PHQ2y^X63})|72<HDj1fym}ad7Fl
zNsACG^+bU&wQMe5n)FVX)cdd+^xu50)y<kO>QT$fhd2N&u9(_)ViO(+X9aX8A7BdC
zv0$Q8pb~#?%ENEWnQa2l1qF^<i&f=E095HkCvbHmawpSKqrzny!>nR~H=2h9Wolpf
z2d(Kg1Tu8PnoK7V5%s)2X|Ix1yk=YG#NCEjhc%@-8U$*aC4_uxJE}Xutaew&T+jab
z4T6c(YSA3_4`mjA7~2`8{WY}am;JBivVI<{|M#%X5rDxsFCdpUb-LHZ_fe(DI?ED(
z4A`wRwrm<|;pohdv(3Jq%)v>p)V1RHB53=dUT$n@`&`DdZ0g;V!%w_1qU(A#L;b@Y
z%fc+avGU<*az*w=YG3j;3Q|FxvCiq=xz6}^*DkFx6jT!J%xvz+J`0%h;(bdS3M5oD
zJOpvbp+!zguVA^mxVyMyz*O?fZy!h7)R|qGe{Hv)Rq+fb$&A4KC`v9`Hf+_IsbcS>
zs!a}NWibyKecqEF{+;i`*vF^tF(hpNCSB{!h9kH~<1HAwrHe)A=yh4}_@2!&c^Ryp
zpOiE>w4j;1DasPv_=MZd!1qjtx0cv>gU9dL(C(d}YQ1%5#`|~f%sMJFhOQW7+3+U0
zS(^TWT>Y3?HIVC6Z~!Xx=2(gU>;e0bXvhY~GIl<ca?(Y7)UR$S&`mdmKQ(`dk-*uZ
zj&!dJxc=JM<ii=iGtYcsp2|3U`UIkfX?Mv1yGusT=*A;-!Y8?7<ebjmerNni)L?#~
z-Nr4G<!uW|)~(2w2NZz5sSnz|;YHYYZYOY4Q+1pr79h5$(xJ&%6^@mZj+ei81)c}!
zn%IAq_LeFEuflP9s7Fz5pxBHuV}4z7`0aRFp)X&8;=Ln5!>@!gJ*`Z4`RRb35-zrk
zr4<5UI+nQ`EBL2tTn5vd2$Bi0#VKbTr(2=$>W=iN?u}P4{f6{4Yq8cYc07RWd))!b
z!c@vY#PV2z^2w7qenHYgQWSA9u<}ymxd~J_H@BBsia-(0D+{{u0DKCP><$Px-#{TV
zDVtztT$FV>^Re-iu9nsUvRCQodmM{a2<P!+_K5I~5<{>@Q`aF-NrwF0uU;;<%Zm>O
zE`@g9N&Ud`43EV3ELGx}>2e-tIwZ%tOo!_Y=L~0;>|EL#F24&@5xg{hiA}vVjblT*
zV))rMbbg&Em#cj=|3mR(!V!nl#f1{CwiO5Zw68e%ghV$iBCF7-;Vn7sUIM)i1pmo~
zo}M}go%fHpV~U(OrOx(+g*&_FNk<Lj!Ys~L+@E>G9i??hwlMkOmnWLErJD%>!V}sb
zfA5Ak*<rv$VsL=>F;&jQyS&7Giz#4w+SWI~?a_Vn>Y_j@&o_B<h912-^cS^xyAgZ<
zl($@T#_+vcLca^t*huqC=F*Atr<LuTo<*LF+{?YSexRI=i$LEK2TSe~rq_XYlWh3X
zQ&;=#1Ivk?<Qq0mQ}Zlx?A7yTb75vO6~x&|ZVOQ1l@oF-zG>sxdS}+(Y$aZ2pfz_-
zQTeKSj3c{VBUbD0iv7QO9slOv_eiIBfnk1)Uf=K=5>VQOj=9-STY4KbptEmivFQ0n
z@NJzGLYL0cBgBe$CBQ_{+r}6cK*vVc?mz;d+rM4~7X$9w{N1bg%5`YZ@Z%G3OB{vA
zZ}%Fabsg}rd(hxh+YlQPEVK)q!b45yaYPWP^~2W+<M_?!pop{sVc&tQ`FiT8u<Lod
zKmUu?kpCR~`{zIZ-f0eYai+2d(tj(dLvM@$wdh`-HAk;pss;_o(Cyob19Nm0z#6I)
zr=5vyod=saOCW91Yhz`0AnImWqlM_+K)NQ5xI_z-N72LTO=_Qx;fJizujr4bE72t#
z02QVJTbgwz_4n97e@~JtxCP1%MCd#PjQ{ItMz5u7<36PiHRHz-K4AM`$3^`7CSd=8
zVE^zn|6OZvXz}m5oBy<he<RF4y~4eJdW8x2`A5)gom9QD$Q{U6K)vKf&)6v{)`J&(
zh<+Z}J?8CC|NR^M9jEcTZ~kBL_uicrNo{Q8(ZA<2uxmgY@clBxx+0Ro7;OV%mu6kS
zc~fJ9#%i@_9vU{J+W7d99CJp=A?^kYEMl9B!a)`2^g2e}-@dS3@~%JA{Vufc#Pj0l
zBp1^w(zUCssx^lX&Xm|K86tS$k8Bvnut8MbOzW?T0EHiZ_n~ADm)#gl0~E6+MQpyg
z=yGqp!l~i1z7>Yg6&{u~FPm82%1fYZdZE5<8DsstQbICcp$5?`VQ%=6hvTJH;5CK9
zeplUATKffv{PD|vBe2Ye2?IlhbA4_!ycW_bMkZ3fvf1GFp`*!BjKQ_q*3@a*YZxDL
zn716(W9d{JnTfP<mg#p)8z~BtkzS5%=eqaQAn@_NsUxR0aowL*F+S)VX&*4Fmk~@M
zPyRsB4#e$mFnPxGYu)54rJziK<>%f$&~sAjy--$9H3lPQLg~6+xEs90ak8{E;#;Bn
zTw$N=i#6?`RSliZc`7z^`g2u2DZ?)HZqWXl3VYgjeY;TC@9Q|gc=nr<^*(`%t2kl8
zUrIaSpA~=QY^Qf>fmvh$vzOi|NaUha_Az@-zg?HwtOZqRe)>^;K&I2qa51`xx}bDJ
z<QlA{1$jBP?JFZiWRC#&N0E?My_M2=={ru`&&mzHGCc0GwPCbA&pxd-I_QR5?Vt1j
z2Yp{0*&rRtWX&(#E$(<I)0T@Op;{2*Y#Amf&>VXAz1h<jx8)z(eJAvEg^ob?&44tq
zlp}figt4g>Hp%Er2Gg*0kok7@toBp&Ot*TuW>W<oMXiQ1F7telQ%>5vc{sQKg)h`8
z5?3+@JmXhjPF7m4|5rxk{Fl>>K^gH8z6X_R<w1kwJ6ev{NhFq`96oHhc_K31?%_T>
zs_kstq&ko2_~VatX0IEYK8FUqU7bP1qq7lJN@_%w3KOwmqoT56LY^`$K9x5uM(yP|
z!(+rH!N*rVguE-@Ur*j0(evF)jtqu9b!Ygrl7hF2nLZzP=9d`9Q(zD32Bu!#$GnYM
zbK9Pudj%_bmguW7gn+&?6vsPHQZW$?Wan9z*`7!mfwU!*PRTdbXa?KaVw(l_@^7ZN
z{HOU~5uts79iN4Adoj#*8;Z6}WR<1h`qw7&qZ3^p2A!;pIQ4qg;EBt?-3{C~OfLhm
zyKK2+Y{AzLnP%OcPq6naFpOi07O+S04F2N8c;;<>h1QdH7B`wTPL?b~k+6jChn;e1
ztvO-Hl1nZo8AtR$a(}b64DV@dhjVkEyR_niFbQ22>U<*gxy8Lz-&H1&QecW~-ZGx^
zD=!I7^w<8Cwj`N{@M>+?;tymNMjfs{@$!0w4#Q`@^PRU4r#)}}yR!X$Z{2!hQ}f{z
z!6B~!d3<2rk!!UbR(gGRBUiN*yU%WG5DFz&YohP$b2Z%>>_17bBut4@kGs>YwP_$U
z-dK6YLVmhQyNjh3;3*$5fAQbtlL^mYpk2gI9Nh&<luaNmE(S65U;Zz0(fS++t^eYe
zem>x*5PvGt&%^Z7p#1;Js3KWL{iv)ObPjyA_Hma$Iwxa4{If$-tlB(ColFtf@tXF>
zgBv~t3U=>LTF5F1uN^K#^!d;=Q$~eA+7?9*Yr4XZ0s)*^ch)+pSM6@d>?G2EUQyl7
z=J6M~`}@$3@;n2lOJYNm^a<Tv%U~YraSghr8R)>y&H@>uy2#x8;XgHckTDyJwCCk#
zsZYsU_G2suW(`%!-bY@%@;N_IH18X^)2B^(weILrW2yAgXw-r-h1sMYh8OY|lXSS3
zLII4=yfp$3(PN}#V(PP=Dz0<Z?`FrsI+7>T_Ji+aACValaTr5X6geJ(yKl{|K$Yl#
zZgfkVnch|F;GU{iU4Ai`iBDeLx!w)Zq{#BTgj+D4_ZgkEKYjWWwG0#<FkX#;6n^UM
z?;frr=g+pSW!|1|*!M&l{zW{o`Z>>h$mPb;F*8ibb3{BoC#p7rJVTPGqKoKv^GK!d
zi*X?=)?aMAk=S!RgYh%_p1!t!qt*qzzYaO@s_Cmy^n*YoQbKehn&Nr|YOnWpklqdB
z$tw<%D(F6|-;)|9Yt}~}6FUm~pqHXo<Jji+F~vR3_I^Mtzo}LMjU@q3%u)mp08D<0
zwgocqkXs;}w<F@WmI?5sW(4(Vxnn{xER&&y-hrFggsPycja^W5564!@Dj2MBGLe2_
ztQx&KmW3XEiziQb%&9<ipP{V?D-_H>@?=c<6?pF4mS=q%f<)Mz6^P}tr&9qoQGX5~
zFNLIGDtQjOIVnz;L&&$Ob$x*LIa15Vrg3B>22`M0LqPAX7eE`w-u$pET&!i{?01$0
zc{;*w4a_mE_uYX^)f?|X@R!ibjqo3~toJSV*19F*Ml4#qa9jAVcLe=mUBXj_=eBbh
zC|dZa0Z)z}WQF;0T@kC9?4E{uXeo%MMHqmD|7uHWKdx)5I{=mm`6=i>DZo!b|J6bJ
zsnI_erJttbFHPD{)A1L+<EQEPXPFMOYDDg^U#T|EaAvvklTnN7=~`Y*)_nu@5WXyJ
zp^%8_2oOY8!?(`!gD#iP5e4*ML(1Nw^p2a>^=VO~LWZKdKv>1v-XEh>lddQDJVxp}
z?HX+grz5CHL_Sk2pdU;IMTu-22z3bn%}k1P+}Q7d2GQ(o0PO1%b|CXeP`7N?kf-c@
z_Ma6u7#zfd-57E$mL(352P2GDcObS=5z|nTh7Yz!y8;h7j6i!kQw;b%SrkQ$sRJBC
zGZQ>L%vA3Kx>6L}AXrn%1g`nsfowl1`oQwxzrrE^6~8b1*U=v$QD>_Oh|6>b5)-}y
zd4i{veqbp|AC;#(Ef>gY7P?dW4OZW}21HlF!v3$gpZ{)617wRG$Qc1p(Ar=HSaMrB
z;+|gppGrvMNiJx5mG1Di6mtGBvDOyjex7`07L+xg#(mafqTEC`<WheHS&juzrFH{k
zaTeFc2cT3|<X5{zYM^#WU%oSfdQl}ie!N?12SPcq2ww~PR$hU_fL5~r#0v5R81xhD
z4Bb|@K-~M^_i%zwCm9ZJNd+^|>q^ix!BX56ppQnNzWB<8Yj^7P8qwYqsPO*GT^0Tg
zpGOw#YH;Hk3;7J5`Znr0dSO>TwYVhrto?2^;6E#0|0;iaJq5zz!cQjcKnBFY@ey9L
z#>=5c0*6;`qZdJ9Q1E8Yrj&;o!WN_)y)R~6it2l|=%AvhcYhSr_x@+@zWE<~E-x0;
zDgR2z$lxk7EcFeB1z4*a{W}oVOwZ@WvYBm558?aDuI|=JyAKo5)+}4nSbyw>$Sh)8
zL)2NPirxubv4J0l&l_~&*CGueE5qc|QNSwUcdb%AJ<Nd6!|^+L`R)k;pG;>0Dt0#e
z1G<L*3|G>B*gN#rC2>#!1#6+d7elrJz0Jb|y=9~YI|1XS?rI7w-#(yz;jAQa8u+}K
zs>x@tX9)r4Apb63xNivZ=}l@UmhuvekDKrc{vjWJ2AjnB&n+~PLrN~jYIDg_pz!ZN
zV)KeOGh2O!_7{@F$2{RG1$Jyh>b|do{9o^F?%BBMviL;!XbG;jsjk~=54qsuur;fQ
zv@QRkhf1f9CLMrPW@8_BHqMGB-nbxUrGbpa`6rN7NOLu;mNITIT!yiMOt_<4l;}&l
z>L*{$ozcF@<$bB;DLR*{iV5NC_7UrvWGpr0ll7}bj+0HTJZsV7#YW{><&B1UuTx$P
zZiH7<voz~ISaQOEm0?8nV7+A2ey2l6M~|`xF_V<#xTWGLn$w|V_YDt{C#EmH+?^-!
zxy6gckek0exq;Q%f1gJ<T_Nt}jmuB4insH-P0_EKse)w2q$Zn0>!FLC5AyT6CqhIO
zG=Y&ryO~s_2|i5^lL)yYaK?QFo6GfL4OHK#rd?}gV#D+K(&gF_oEx4c@xd4ob+`mu
z!_r+ZHsc1nWwR=8b$(_3bjw#ouX@Ve-m@q-j12)bvR>K}@7tu607a72v7Y^ii*FTE
z^DEWKGcA$$HjQ(l#ZmY5u~cPVtCKFifZSdSdn?)Ggt+to@=_dQ94S=J4pG%~jN4nj
zjH$`gHDReQ=Tw(8ntp$%B_-0vm^q7A(c#qbuY&f!rW@c-r;QARm2@q9#7esm=KDut
zWkwlm6>Ma53uJUP_kEFkpo+0$s=uI24R(|P!!s395G}U!BLtq2(8LD?x9`2St6!R9
zB<j5a&F9atd^q0Q$XB8cMYb8yqgR@5L|(BAB|tMBPl#fxpaE{fJr6K7C&c1YHT^%v
zR<H=LRcytoYNzsD;gBF_Eul`QCeLr_iAxRbKm@*0EnJg_$#E+-oZU!1F}0Rb)*_4G
zC$fU!!%8iVI}nH$cMrL72XeD(eWZz)dEh`CX(H;|<CCWZ81uD`y0MIMgfByh2jWLq
zUO`DA;@gh3)j~akT&O;sZ(Knn``4}`KHucBTF1&$P^9XLK2&wf<-1|muMW;#PNC+%
zC3<617#Tl@WZf>lq4Zl?$HbeITOLY^6toF5zAv4)7z)N%@WqA%A~zHaa>olTsf6&U
z%QuoHUMaEL#jMJ2p!&n<H@;zaAou)%n{w#NJ5YuKcK{zD(dh3i9@>p+v!5!Gk@&a}
z8gbN<^yzEiKIUv#t*VW(<KyDa({tJhi0(S*d??XGyk<A<LR(pF$ouuqhbB;dWfFR$
zMU5CZ%EAz8jGbQ?F@pP}Io4?Kn~2K|*IGqf>tl|qGpz~nY_z!h0bFz0(Mx28ekx{F
zBPXvr(?+`0@$oy(SqZ!?k#IqIR@?Madm*}~dXzujVzidj=nCyEP({`^daX7ePbKDb
zOq_g>^E9dyb;4l>;(&8>?(lSbzXPemzlwu)!SfvW6e^2hksHpBxWyN`%%YAL?R$O9
z;tAiOF{N4UeunB|v@h(uQU6T7w3}y%Ra;R&AIB>uuGefYAr{YD^KOw>m%-fG=c$91
z#eO~X`s7*Gw;rkaMSTVbw6x6@OtUFBJS;FowGa?Sep!3RQ>tud`B8(Cy18}H)+W{G
z)cEHIT57gsX{MqE&U4eh6$$YaDM@w@l^tI_;*37zbyRIEQ-02{D^J6dt2*Yfx5B%q
z`;!Xy`23Zw3xp2@9hfl<9BrCI_krnY<;!PkgYydfOBH@GIOA`_`f1_Oy21_VD@r_C
zvQi^xtMGZccC=7<iC0U#?Yx=n%zNid_V*F_79weNZ^FG+tmooqhx1sfQ7kTd3DpuV
zUTq7+F42idRaaBhH+y()JG1%tDqZR>gaeq2MZ8>y{E<&s`(nMo`7rf|HfhYr&9|Fl
zA&i-BQ45|skkhTt(DVGjrR?Jvy=mO=SifGN&ftc0x4_f5gRuJc2!%q9fLp=NA7d<Y
zr!ipSP$h2vG#296qJ6zkzB?_+SjFaS(iuBwjJcnS3gdl~FJ^F=I}NoifEyq#S;E5B
z+mdP6;+b5xRp>2rVMUAu;;k@Nh`UYFqeg23d~#kKN`Gl(Dxsn<i?thl{QeAk<SV)e
zm?)wJJF)}$9-RgJ-W{M++a=3O;4XI3aFr-jw{6W}EmqAaRInff8O^WE*<SM{=kxTP
z6oDr=CGsz%bpUkV=*X?R-CaVZ<jfp?I!GZEt=~5q&Qq&lA#0YOH#Vy1?O0RZIL8i+
z0)bD)J^0Yrz^Sx}&2~-NWL*2&Lpc>>LYv1o?+&7~51j>EKi^eqgYrzbcI(@Et*?AO
z=xQP3`^)d2HHB&4c_u4ZKZ<%uKTgJwKo@t-&|&Y@-wNBFqC|w=G`wLDdD>j#QFKqa
z^02BzM;iJ02%c=M&ESH%O<Igk30#n7I5L>D!eQCK6j~v8tkEvim+{p043(KIWk*V>
zhKc#<cS`nt#DCdqgfw6d-e(;~ZGA1L@OF>S_w^YAiiU6j&Mf|BX%V~LnS#0e&2^Xw
zATVYuSN#r8VedcbXDk|I9+Ka0%et>VxxA~1Vl^T=t8AI;hwzX7wpUN-N~P)hu!_CH
zX(Zd{B;1&E{8_)`8Mgwzb@kAgZdb7r+80w>uL&@Zumv#(jkH~$VKz=+n(oje+@r5A
z1o|}WK+5mxy`vs157#0$5Yq&7ooue2^G7Te_0*G?wZH4ZzLb>LClpx~UW-sj8YI}W
z)W)4CBssrA<(7QjU;CnkX)N*HI)BYmrC=LyT}CZ7s2ogmeH728`Oxu_f!R?#mxJ{@
z+yW`qJ+x1W`sFYr(e2Rzs%9xjDdce!;8q%*l9p)BC>rN_io_FqXmeV!|M-l%myqLF
zG@Z?brB1I{bjoL4HLRiLspgUSjM7v&NTZTF;XFl!D%b%#X*#{R%~um{Nk8>GC11~`
zPVup#jN>nzL92vtlO0Gc`~X#=3nnsq85wuJQ)K<T5F)oP<EX&3yeBeS<`7l6R<{P)
z=e6{iOb;bb%lykOT0?tKDN5-}2Mv^`@((90)Twf2zsNJ9e(PJKHRMNPGz{lV^J&^g
zz`IXf@doerNUJY;<+dVx2XbE+MLUtVn|G61={MB;z=1nsvja)gEw9KrsXM*-1?z1Z
z55oBKbNheH;7dOJ81F({QGchvv>U(volO7F+~3`l|G&+bq^ACX%<BsD%J0!V{?&f=
zLp1w$t2;H08xtOCCU3P;0^fULu+t#Lb>cs#i+Mp6b{|6>>$h_AK#ETE3bRVQV7?lu
z7$?tQ&^e7VtQwUQh>nle=N>dd9yl4qU$lKwwr@KwFoE7^D%~aJvhcCptCCGxurS7@
z*^UJf@e2M-Dv@&21+Q)Kohp<#zy#=E{jRLPWrhkC>Ij4!x>*`J_|_@w@aCw+D=A^=
zg2Lqk1$MS$NR=~d89_=1MFVOwI?V^i9d2Z>pFE$EwW%a9f~#z0Ly$|V<;Ue!s;x9q
zjRtsw8@ZYc-sG6cRa7njW6M&7IBtz#qblQ+lUvWe&aORQ#9VSU>A0`#H<t_UPB_U9
zuQTLumF$piz-t;z&J{RbePk`W&Ifmxmw}Xm@VK=sonj$c*6N?vAL#lfDO3Y3oD|@4
z%Dd;(_6g&h$;t0Hq(-m10*oe;J&)Mu7}$E!t5qKB>%eza6JFEjP&YdGpzxx)<il!G
zMM%-Zxo1vO5Q3c92s$Wgv;69S%NOZyOiiDPPi+pES5hTR@7zx{wsN)`Fl>=3t5G{I
zsCDZ*<@nc3<nXI<!OqMWUd%CM)UnTfw>4%AuCG--zP({1gJhXIZg<1ExI@*-MVKgE
zwv4#l%~=~?*y%uRQnVj<VB{;J+*j`_$0+z(Zmz`<aRmRcm9urs=#Z4CQf>*aLA%vd
zq&ZRN`7c+q1>f8C50w^ZcV<Zj<`w1@#&nOubg#cp#C;Dz-nm1@jPhBxWG+c9ST7FN
zoj8v(59M|{X2fy(_H^@1V_3KPFace$4h=x?OVSiJ!hLEurL&RJ#e4-l9c->hiP7JR
zKQlfvKXvk$U1(32jmAb8xP<^M)kUZ_xjZ^aY-$jRijVGD7krDXw@mE)H6<v`iJ<2h
zPHj!tfjq|Z%ouv5(J*$zexsHft6Cw~9aW<qN2X7~8@X(?2T`L?kL9^LwL{EB<YfxX
z1vXbbD=tn|VChN8JNl{mp#Pwj1SR*LL}R{ZdewUC@mYSM5~JW7+p9NYkEwn!Ztjpz
z6@0n>m286$|72{uOUfNmDei1^>abP&b%;}5p^L_z*}FmOX?HUs3RJ^t)4pkGs9Q~X
z@=>Hc&UM1LW(>z;IwLm#{nNaK!|!e8<ywB_*CU}p#X(1-dB#Ue2^)Z;95#sDftcp(
zK&GWCQiAhR*VS=RdR?5`qY~@|duOP<H^(ltypI@pq9x0rr$!L>Q1U1+^qlAlZuI6v
zx*DE`D4x9h+BLDaL}8t)``&vw-Oz_i{_qvp9CqUv2)9+G+@}`wNZ0hqexrqsHq6&j
zHBgTu3DVZHIlo?R#;qPZsNlaohL_#ScYh_8;`-1jOr1NYgs-_~MO~>O^Zqgu!o&av
z02V1s!R3Q3_5FgY0Y?K%<m&USleruSSI>8Q2PH}+77*=wvm9Jud%T+EKVmZ^Zy~*e
z-uh=U95BCqT+8nDlTYeOd+x~-LS1CQeS==7`ZVnlXY7Zs+0u<ef<6eF$&QC~g=WkZ
z44p2esK&cGdfEk-+tg$Vk9CNsFIsoM9P>n0eOKp<PM?i&cq%=mVU+UHc&*{Es^;-P
zjb<I;t54Na8Y4<uJ!#2a>@I<I#VkGv?Q2Ci!H$d=g$UhS6PNU#F$$s`*4A(g-@#3p
zE>Sf$N%}o4c4_AwExGo*`RHsRbn;%;FxhBG1k7JbtU-`3zXR<1j97&lH{Z}tdF#ov
ziOf~bv!gt{XU>#wHXn6eYL&ctIpFg$hgBz5Ub~gPXK9FotTL*>(rZ*x%-nakZI)0R
zrnx`+;o#{5`GP+0(G1QDrfj22`)A`Ax;UHka>D9n5?TERyl;eEQDjwsHsa7#L(3Ml
zBmAcU()DJTs$)Lq^-HIsri+-A@LbDP;@wk`laC^*f?i*)dH>X9GvRocEzvYtuJ&At
zLx#IWWvX8#;+gz#(B#eHxX-YrlmjQ9hka7D>)O1;*L@LL#n-1MQj>G3K`2ei4S0C@
zk7>#MJ%iSIo1D^xE20yH&H*Qxk9^YN3X$cw`rhnO|Ez`Xr?4R11}`P8(WVW%<;b+;
z-l0Cr7Dr_2)$nRT`<iRQ&s0_CLs;CFCfc|*tjT<thO>8!3IY@ju@;=!4MiXP_Pf@9
zun-J6bjm)6@Y)J-Tv0jRK(s8RD8ryXwIYD2S3sG(cmJc|S(y`=<5669TI}u4H#G@I
zIV;Htg{#+Tt7Ru4?|7H8;otT62As=03R++O$B`q3A=u%1Xzg(Cm?6nn=2&%xp~l9$
zyY`q%GU*tq%jGb6+XLy;gEXw;(jgD!0)nENbqp*j-nTGJeeySj{in>3{CngCm!B`0
z3g1s1u+j@1Fl?2|1IAhe80)o>5EV<LsUks99XW1&qB|3P)P7=Mu;IegbWK2QM`W53
zPw&ZJl?YN9=;WtMwXNJK82TCHiPCGEGR}+*V?4oEeid|!xQRq;SOJqUK^)#*9Nre4
zdzqF?Qyo(;3z_V8&CL46rmczXjRWjMi1M~>2yE%X#bC7srNkxs9xr*1gUhHunCP6|
zwpXB?y@liDx5-BXvZT)~Ru?KE^+wmg%*gqMM6%lL7#_!x=+chEvSzmBX4kceuZtGd
z>#j(Rr;Kg}9^8S1{_o?VFt@d?Q6whzF=o{DsHwVfNztZIxWT8VZ5r{V*~g5(9U3yB
zezi;p=o#CspUCX8QX8(50J8le6TfEtAJF5E)to{*qr{;`uS0GCw>3`5;P?^3TugsS
zONEd3d7Vc0<fNfzL~{2`;7Kat02D_9P#i-O%mMRf0K4dKfX+XU4BfMfcybm1CK5o;
zv$KW)6G>e7JA4EH@+%Ka_XA@GmMCjX0M@e-i5~BkWTBh@xcOSxN*M$F5I{iBo*6+<
zK-k#v5?rbB=N_5g>!0~o`5EFpkk!&w8hn!pK(~#w6F*>_5YHCGaYBE@GN03Z`8YAV
z4H)`^j;G=1Xvc4H8b*#Kg~3c}hr*jy^&L!lWLvW?)VfC1V=*KTxqMF<P0K~820hwD
z4r8KBx|{f@ONG+yuz(W97|Ds-H!i6~yG(6-Tz=R!QTzU4^@m&$GY9?6-(EaX79XD8
zZ$od)m-h?yu<{%|a(i}mD|fo|t*I;X3w0r5i;wKbpVO9&3jkJN0d9WvxK3)>^nVok
zvZkWNHj3x+a9q;(TI&Nhta6KcN(IZlg69AR>u=#zadmu`{_?)Bp4YRGnsYbRQl*-1
zNW8&`Vh|j+gXP88Gd*MRY`GvM`MmtkN;&^eJm+WX^skUc{iCUq*8}=@XzmTN@}o8f
zIbF@W)SQ8%x*a`kc)HK}OqX9wfK8n4LsgxJ2di7xL_9oc@dBiim#yS~eI=bc#(Mo?
zlQ|16ef#L3_B~hlGtkwvHgvuOahx1&9>!zz&3EW=WQkd8^jX(Fw`X3Pcj}Fx5WIzR
z=OauF>`d_c>mL2?>P1%SQ_bP<w|59>V?ImQ0{Sl5d#r8=1Y}x%$7Cns_2^em`*&V=
z_9+pvr#&)2_`~Yee-irgf8r?Ye#Xz^@UM9smRUxo7WhWRz03D6Kk_5yBQ@~c@AQ+)
z{js@5^<3`{tAqs6on#y#C!Z=qp!dCop`@F6q;sVt?Pp7znsx=sY1W}9gB7v^1cq#D
z{SJNi7`C6nJcH(h8>w@ajb7IuuxQTDdGpjSYikc(jHs=Z636%*{~1nY`|ffkgK9U{
z50@|&)c!bQf28UDfX2lonI|cWj&PZQ?W!r_l;4sVzd^1Nzk#_z>`<fhBUn;si<Q=`
zz|zpxS1GrXT<^_$IIDPq>gD0qYV?};G@8r+D$HzZRAKlo<cp67kS{ZWs_E!y<)nz4
zkKTb?hQSlcE5KMl3nG4-YYk4_1CZlaiF6Jua9Y!d?*KbGAWlDv$rP)kg~KP+>euvo
zprj0{%nsx#9bjJ1083O7U6n%`rZH_p>5y80)3&WA_rSkcP`{Gt0ThP6c@$aKix;FS
z=xgAj8E!l|29{gGxbfQ#BpM2BL)`oES%0&a?x=h82JEW9*tYOI%a6~36Aj2H`b!!M
zs3`%q>!{^+`#iK)f^P1C{zv2jH8k;|oJBWdFw?ltfAg%rk<y&TXS8|iR_HQ~V}tQW
z8UKxxfXrEbiu`ZH^i$;E#QfCqpN8cx%<oUb0{p_?*x#SFeAg5I=<@#0xX%Jot%ip>
ziGBb*`p_1=aseP95h-M@Ywcp)qXf0~Obg6n14okO+}f!}dC0gtEoTQeSw-P^&Ua;1
z0p~KbD*g_Qkl<)6zMu>siH>D9FkC|eU>OfTu!sUy;CXaI1^|{fqz2G4XJS2{BcK4z
z_>ph;=XP-x%s)clD*Z>eV3rKiyKv9H#n+*Vj}51*c_l7?N^QC%3vr8~0-(qHIl5A1
z33lE(+(U|NBGpnG(TTs0?|l5Gv@a*Sf5Y9T^lgKzh+O!GE!QVU#L4FnRQ3=Xx0NYk
zYZWE!kp#Y1itoYKNcTt~tAae?h6Y)&(gKyS@Je*$X|LncFxlnS0L5#cde1Dz6YpEl
z-c3^5Dpp-7N&SQMZ%VXD<8g%oAmkKEp|XV$M)+cJL5dGi`=^2}u55HSGt?%W=VN^I
zjxqA2xXNOE{f`Vtc0C{J6EbmBo5@41yu+ctD<>~Uzhdvffg;PUhBI$=AnqsKbl=Pr
zl?X7ao|ZIg5g0m$i^LNXJpi(z4CsYEI}m@+VkJ|DUi%YP2PX#*W^-0#@p-8mXumD&
z?KXrcx>}XoO7{UIY{nhPaW$$WDhLF*5&)EZjb3K=)b&!PWvb;+;mzBT0b9twei;0R
zj{?tTS+G{Z66qG5xq3|qQd>EA&<9Wo1}a^13$#1&j={H?ce#*IstQyG`x=eBH4jK5
ztAN8+ZU`Ejg28mD1E849LO+cmTMmO&e+PRxa|(p5=e9GbJ`_WY1sNT^F3Pb&_+hC(
zY^2L#9NO3E4zH%Rrdj@XQh}wzPtm&*d+E?gPYo51ydPKk!$#H(wiq|^_*((?DKTp(
zJc0XhsXy%GQ|njwPm%w%?)((_Pc8pxSbiFopSJwZp88+ceMV)%t>E0s_Ph<BM5Z&C
zRJ%XFw41(u6D@$a*{yS4*4FWU_D!6Z#>@cV%Qw&d>|FRK)wWX?vl74Lhgl_saNobZ
za($lT)|CdqI0!?T#GTHCH52*Km6cImBMtpNtB=uDYKPA?Nn9F%>=BHM*h-^3@ftcY
zykIf9Mn;nAglDL5*C(PHMgpSs{(`N)J<;7mVB}%2zxM<p?lpuZ-2^P17le1jl&T#_
zzOf}Che_dG`mbhoSzomj-#(ja5W*P12Ps1|&;kO!yq)#wEr#Z>v&+BgZu^BSCN_?2
zy`KJB{dP==`Nc^|pFzE#s5TlvTt~3QsQK&!wJanOl}29N7SVhHv&^lr{an4&i%pxp
zSk&5{3;9QiFHMMC6gASug5HCk_Me+I+(K>yg9x=H15`a(Xvg^+h+go}iOJzgQ+%Rq
z0O(L_#r|95D?jE{yRCM(0$~i-_l+;;f)yI5-(*Sj{X9?qg!A+%W~1yO(UWuTc4t=R
zyaR<h1{wHj{CNH0a}AHoDj?2MTmhvzAIZ?_sF?C>chtw37!OtCyXXPICm&|j;p1__
ztI&;1T9yZ3)b9Vk*n97wrrLI2I0_PxCP<MQ6c7*)LFpwb0s<l+(o0lCK!ivK35lTe
zCLo|9MG;V1M0%0XtAO-gLhmG$upl9x<@?Q?_q@+ObM~Gydw=uoZ=OG#!C{fCb+5Zz
z*YztGEs*XE#{T$?7!W)-IgrfjlK<;zvWdMCS+jmQu2A8GT`-M@M|1`!?rH3}Rnv6Y
zeiH*G6vkBGMX##l<}t6y2>E=t`vS!B6h}|ZJu|I?AW`>e57$T>M__B=(JPG-Ul4vg
zAbIR;(A2b@xMNNNEjKsA>ZElP;qs^bbsaLZBj&rpD^$z27lLb*HSo)73fRB;;Pg^r
zm;i-KNc2-Kx%3}|SdPCcI<dXElm&1FOJllpenTn{)G0&g#NhVu28ce0q*#EfA9i?N
z`7o*0@+cECU+fGgfpW>4+BS-a*m*y{a)KFlx%)ggDR-8@62||mHXQ%&@^kIPKNMbb
z&AV#(=^GT>9|PVfQqX^~z8Iv*<U7Jha^s-bNo3(Ul)^Smy{-5EFLAMiXsdu?ADY)!
zmuxePEZChC)er0P@VN58&gd}y4unQH9zy&2A}kzi4Pfxf_7slD6;^uE6TB++=X*bv
z`CR4VGcVX5#b4t%2qog?a$<2aIiNp`Bt;ajC%#dmf|T*+<$PFl{p`$?&9}BT=)|Rs
zT<*6?kaV!2c($qwxF$t_dWV@<TJtGwd{(-=H_WG-p}xBM!Ry@0Zu*NaUdXnJZl;g)
zlP-blc0F<?{lb9uSKs$XP*Pfcd+6J}?YYf3nqOYRk9MMLkK%BTV9e-tf#WtRdYUyu
zSPrXugO6_OJ)iqVop(+sh2F^#jt_Y9&x+VzR+QQD;9vEvVl<mi{(5Ew=pm%gy|`_Q
z(sc3zu&=35;Ror~ZPl7_Kw@~;ffZ!Q`|aTW5RI(T359Z404$;4g~_bc<{edR$-&qC
za+j8g&9xS{i1iu;vWRb96A#A^O1zV$<)oP7r`pua#QJ&E$2;`9!aSR*5AaMHb(o@s
zmgL;)B>zq;0>2L(E%)|Gp`eq3L$bMrZ~Rl=5WYKgIAuNVVe3Ql0ilR*F{`cDhmbCh
zy4y3p$KRT!eHmgRI1{A)2|RNfK7!Q7Q`A4y#;4O1eH%h~YdR+&aU)c}Z!cWxsms2f
z+sX6ytKSwayh+m$#XcutM%QL>;c^Hj-<Qn-7Y4H`dp&)1wOJ#s?%3Da1?4hd8-sMy
zCya%6xS9PDGs-mjGC93qw>X|>AzAn+#Bn~v(fo5<RpO)j&#psXU*9nEgq>WS65oM;
z-~FL|ciU|-AZc`Qd#7LJddsuthsJUYomfsF#{VTO#sBL>N$`2&opvFIQ)=xqW`hX2
z2gQJK{)+mE^6iB|;o=12!3ERFGUJkqp1Z1^iYAH&(aMQ@X73cAD(6Wk*dLi6h;Pit
z;6FM}J~kaO{5rv#Ewi>^1p>fdP~c{H0~dxPSb?zbnY+&LZSzgsx-2McQXMWq_rh5z
z0eDO}m;52^`*<g}dfwOz&Gu3JmB_arsh$f8p0ABFq1?JYz2h2na$BcX(>Rk9_w?m|
zL-hRuA6e!3ysF^8#YpG$UOKdth0Xe{=NfO<4SU`w?_VYP&_ebzmg-7CTp>!UGDzS3
zP;W)*-e>>Jn<Mn?_-nh^N5IQj73^p+o-3pz0NPnRSo$S;@M!E)_2x0XV{xkhZ45`i
z9mhBCzppl*GE8_=cwjc=>s^hvF>ct5{OVK{@}V!F-piGcbm&SWcc;7CMQc^j1t0JC
zS>>+cK(W#;#NBxr`BGh`=I9fJX4ZfSh?}deEPtWz<ldXx7Ucu+h1i=*tKE9YWRGqq
zH4N9;$_|vgwW}bS<ny}R%W%*f(cOTOe==(a<X#NO)S32l{FZw+R-(^ruiv9xPC8Wm
zTyOsS#hvS*l<$|T)8p^)SB+M6tWCvuW1zyj99xKDvt|}v-^SUT5if?k0zLgvX;P52
zmi%~hK}@65)bY7m1HMQ1DQbW{G@1&Zws!Qfv{qIREzo`j_90F4wDnVYaO(5rhS$oB
z9D6w%JXNo23qOBanKpB|16ChN{=}qYe5IUoG_&K=bFX@YYI;L%(g?qqthw*q;(VqF
zeSEM+<g=5{VQ|jqhTNB^p}T%xrraT)KZuL?dXeh{oX2oaF!aDDCOzxn<R)+8azxy<
zDo?XM$*i-&PqQz}e<)_t@}oTx1ELAl=0FZ%93Nen;EJ7hy0g<I^fYAhwl^R-1*kG6
zylkcWB$pOF(wEIDD%Pxm1-U@#y|%$b8q#B;XyY_<S-};j!^9|u{qN?t`}~9k15Fh7
zxm%x)93@fC<*2@2ij<3VbF;(yW7Ne)>}{>DIPiA_&j_ruJn0><u4!9}5peyKBgIVD
zk53PmULTreVOdMC`qt6OAC>>=`TQjbPDk6R#~{6RJ}S}vLC9U@Ac<bD^s(xev9uzQ
z0p;=$yT?Dh3H97DGAldcqN^SjwkP^r)fFiYC836|ufA^{*Y{qocF*8K9qYgNnZ;e~
zZv4=VH{xZPI%Qh}b-ySa`9Ru*1pPiQwd<$x@5crgPX%<mG%1ZfMQ$ulcNmb|%y*Tk
z?x+a<gnEvDp%(2AZNZF5m=by-MZv8*_(G^=@2<RjnAEIwTYIB>-3(nD#H&R|X|4<9
zL)5SWl7?IgY#G`mjp9YO<9Hd}JxUmNVTr77(y$K(gT<!A%Z8JJ^||V*mcm^q8w%Qk
zUMD@GNkj3vm4{#C^zQY!mgu#V|0t~}uDHz^;rr9Ia^<yO;r15kBk@f;k|}YQ$EG0P
zncZ~AyRGPpQQ-bdSfe7TaEFvpm0$(%;+ga;%Oj>ib=svpF*bx`OEc9r!*#ozKhiG3
zdRt#~0Bd*0@J+_#u-8Yt@|{RO>=c7PuU_7GknH)O3vq3G4M9&@s%JJ34Xe>#SDq(*
z_|7L@Rp#phbEz{kn@Jyo-UHlb<a>8j{H=Ju<~Thbkf*=!%q<ua<@U0@$5v+Ohx1Hp
zEK*$sb%FReeHMFZTjivW)cDQZXKm}u5E^%O+S6CsJ{iC9DhoFHcqgao^FhJ5fyN@3
zEtM+%X9sgoZC?HJxp`M)>L8C2OiOXhs{-6r=5i9eUFts9&$oKe-1zzV^;tT|oM05_
zl|kj97=rJ%0ZY#?t|m&>Yq{Hocc|hHYF3sI+`Ogs?fEtoiXqK|312Z76pWmQAMwjM
zbRSec^(3Dpi{3rVb6WN7g19R3CHyk7Eg<tbRiU$p(ddcS?ZTYydXC>QJ@?y#pziFI
zq!xb@UF+P%drmuD8kLPK!PE=#wHS&})mB3El*5R~c&znC^8?nB83NeIyFCkq0AfX3
zDm+IEr8$Y%CU>WnbMv{b^LDUj(kj0p)!qJspzFK<Q*RA|Y&EiCnE#NWC2Un3cI@-9
z)KGo~LF>4Qgkd>>-W(_I%3lPcTMh5jSej<0FO4mcBYo`Z(HYa)a^XO!A0OgBwn7tW
zO#}8`9okPM?O*Ofy0MNCJA(OHK0@Pchl%95{V>Wo;>9)1Uz^F={hn@oGMbFyAqO1a
z-E(4|LFSGp&sDb)4Q3QVC@vy3hO3>TBb%di)0gcBj<j~$xM!3;=jv$<MTvxl)?`f1
z)uso;iu6(id|x)nOL*lhKX2a4i|2Iq7Z-^RQ&hCSt9Z4lyfOXsGAEl2!cn;^G2eIk
zD(S8^&!ZQzKQkEPp##I;m#0LDqQN+OIAa$+soH8(jy~R?cszW(b6Q5}gcZ#>zh*yN
z4El=ixNYC&)c}9PYO-2Ozf{f8R|fgBvP<*OEirhoVu$|9gL_$bSj~Qn)s8)hxqx*{
z;~A*YyBfDr6+rqZEb(J#j4m-Q;FjStwbf`)>J3t(gcQPX>jLmy<*N9F=%3$qkFqqO
z1H`j)PM=Lo9zRxuFvdSw#Nq=CuGK~ifk$a=QRQ2@7>P)q7@cE^v=Wdzw}c}0VgqaG
z`qBJ=O|2l1t7-+t<ZTyvL%Y1B2^IVY<jR@*<=2?pzWY)^#L1y0^@`~LuWZ*Bt6VMm
z@#FM#1BeHQpa|Ev$0xhlpZ(K^G;B_?hXR#@B@(`DM&zP0JO=;FnajAZu*9mRyr!(8
zq{83_d+*yxbjFVD9{Dci5mDg<RjeQ_Ay41lnWUJtJ;<8uCY7*5vwX39<4k};ILL~|
zLD!TAYn}lSv(NH%gX3n!FIYhs>Bf2OGNg=o;(Kee2QLo{%SQUd2E@{V`HS5vu;>Pn
z_~TnqJ5i{L&=_l{PIvBs^^b}kM~T0%>q{s9t)Gn}O(*8xnAH4n#`!A^|9=WLXy*PS
zc1Tz_m}r9U;s2ccKo0*un>|+IA`zSvI00UlJS9w&|0s}}HBx9Xo|G6n8O@ca;(1Dm
za!k%@&Y@+Cnc9P6!K&)aIxiIWZ)mY<F%I87t=r57MuugI{NHp0k83X?!)uI*Lex{$
zM5-FxAb1yqJy$lW#27fg|JrD;Pcm*fc+0Z?HVVT246+ptb_PC=slQjNI_{{<l%He^
z`|cr9kf6jl_Ef39s`5eo>z6S{-WkHF)1P49d)D*txKR!Ks$&%&I$)s%#H)2pjtAT@
zR8HT_XdinSOuHvsR8E$ocB%6mC9Cr{;(tS!$0=Rm(#R|$QuGaL_f742_Gg)a6X`ep
zHKqSoPoBg>xxeTQAmsOdDHI^?4*zSdE{B0giItY8p4vO&ZZfjfE}#y1qq&JE7E``B
z`t<7CU%5fG&ONAa(Q>O_RWEhWJp%1Sb0=C)jXFnO{mFXTDl_@vGsxI{JUVfB<6~)$
z=&Dx%+IV2i1E2WH65Eu{VmWcX{X}<;3wv1Oxx_5P>xVDRW#I4F%7*mo_zMODqAmMM
zl}c>xj%`ntSzGEB-yG>4x_c7-HqW1r=pFxb7dOt(#ATV&64|MgO6|&OWH((&D4~mf
z^bmSGenhmkcg4oGsL<B;B}v!<TPRZX&Nb<raCBuvK455oVpjU1>NE>Ny%;`$9*bc)
zHREf8bFVZ#XfIz)bG`EGmHl3Qo1&0Vj09*-FsJZpujj?^6kqRy1bwpFgp<9q@Y6?W
zB4S+<mrrPLO4mR1?Rma9)Eix<Cf}E;vm>FS^2E0wD?fSPsQ%Q|gxj-MHMu35W{&O2
zfrN$<wI<9dbv9q0I`2Z9W88_wPxp>?KJ2XbxeEQ#g6iVo4h6=IR2Y!x{1u2HSX!)n
zaR|L!Q~PLw_N<9ri=IQwJyV0`bpCdt=qz(iUJ>%r>|H@q>dEAV>oL<}v}BN#s~|VZ
z_c}h9vwz4ERduxV3Ehrh9y{DJB0fq&eqo~59kt9>Fz_fB!qPxuYU~3yY|QFdAifR#
zbHV#zD4pyHtD`FVsDvxxHtY9-Au@uH%h3A}P^(viEbz6R#P`cZ8{di0np$!86292g
zFD%ZjzPAkW;ip^kqG?(eF&w@LW(j&^$;ileOO*zf6UVosC-#;&Qg3ydMiU0Vik_^_
zgG(TOE}$>@!Yv70v4vRa{DmU2{ra%HyZR8@u?rf^wR!b>1#NKWX@1Qw;VE~^;#HT{
zHypT<FsErSbA#bueGkV$;}LfB@T^3%u{D9>lOWqL%*JVM5p$gGz8P@m7{83oGeS;%
zc@<fkBEqw+QSDbE-)%MQx+Rh0TDiY<Z{yKt?Dmydg)5#p_UOWvoDC(r9H0^J6M}N#
z_~5Oal-tSCk<pq`CGYBA*7u5L7`mdpQBEe~PFd$&(U5zS0<Ruq)*gO#BoPPf5wnM9
z&##QBM?M)+=kGPMFL`>o@3nl0&<9A(v3Nh>?PtpREVIcksbUoA{u=n46ZUH7B;&~q
z>6z%y6EE(2nktP!?rSk0gQ}gEaVthY-uX&jSudAsxt?NmG@t%$UYaXLuCq}{>PKyA
znI@I(cEokH@5dDu!P=f1A<x%Yx0Xoym}|T8{7%f2S@IL;JM{D=!_5QT_zszgw7haT
zJ2N01&k~Gb_EKZ1zhb-UGdBBnvy?aNr~et+`;WxiPP~9TGyjm5m`?DYZ3*ORjMl41
zOIm#a4Fyz}3pZLU=?)A883`R{`2;?*Mj+o!*=+2eVtZvRI964?T|I963#?w;aK!O#
zVo}mwE&=#=ayg?&A1B3WrDcvb8pdlaO0;fqEvQ&cf_`gb`k0D#uj^-vtfHX}uAfGM
z=ik}cKlSc-?KUnq=zA9i-lQDh^_j?-hqZRv6fG;U;)=bbbXQM|_GOR~Uu;9gfx4)4
z1X^v>H^<1NxZK5bY|*e1b3tqp`XH%6a9OF9rj#`r+gXZZHTmkrWt1bayRqcL05646
zl4DO}a9q^zm}*#Tt!Ql@^*BYPzhF~1r2lSzx%DUhTAyS-mFs(m4<9_c)g*dq)qJyC
zThcj8qmA{`H{=xzxFhtVQi|Bb@h^m4Kabe0-im;+pb&)dhFbn%;VSRq{z2iI^5CZT
zk2)ewE}-v^D2-R3GKD^#cyH8ySR@ngp8F=gcG|aRq;F*};7W6q)X+*vb>!tOURazS
zoz|hNaS!=Z0rjWl02&5B=Ol(pLk+EzEWOL#*ozz&QG5VO)e{roO<QynKEOZMDUG3~
zc5u(e?Y8?=&l%16ODE?p=Dg^7acn-`0AeOXRzul-2VB0anksiy+c;XzpJymF0bBoc
zt3+Kn4pkKDXV2mio~-6E&f{@C?c$hLofQy+!!K<(7l2Y-OV@;4rz*)R+pK3vv5fKy
zsBiOPLXuj?go2p0wE3M8^=Rhr1n9;)x#)<`oZv>ID#J|cKRa>HpQhr4GE3G2Uo_?w
zhG}ni`01XDon=KaQhBJo;4LjW*S#$xQ8maa${`^FkC?Ne;CRehTo@nDTZf}wOpAqG
z>XC-;^(=HN??fm`qfK0B#@)Y=EyU%7cZWI;mwnRYj`H?;pun7I|8A<ZMp5baAMe>h
zCL?cm%wJJrRC-9SNP|U}Opk?X_t#vXK`;Q_Lmg7;JC>SOU*`Cf9!=0Ia!UkViF&P_
zr8hf{dxc@ExiNOMSeox-W|s1(>bsu9!8DC(*vN7J*CT2HYw^GWF}`z_V>1B^{oSnq
z<n`+uHIm+{ji>0<yeYYmRc+DQV`o<@O{ybGwcACM#6`=e0Y?=)c0(o?b@kWN-SGfX
zjjHmJ#}9<RDU9)YaKaUz`qU||M6B1!tsEj-kU>PsjZ!XCGm`7KiE$kjeF4TG*}R0{
zdi(qLAlH?+=O5~QMDY^ONDVw6`hh3Ra27k-BBe*<TaV29)g@7n2oxA&0p-jL;A*97
z#^UDl?4%Q69DsgEsuvE7g3u|e*y=Pt5fSBakJh<RkX=5U^KMa{pRlnNDVG<ZVo)Bx
zy1hcu=3&;MzVH$zK)U=DnkHR)W>^|9z;(~@;EG{6%^fel{=_gv-sIJe<AFyL2|*39
zqr<JXCjh@0|8T5aXuqodm(UoCt`Eg>-(An$cyMaB(WiawH6*`!`XmL+lSL{jh>Mk1
zca;2u{lzU(V}%nI-1XTK7jnIAZ}#VO-XX*<Ccp2+yqnv-H}=M`{>y|&Nr76`txon}
z?{}xqgb0;sF<<0aRwaD;PXLbo*U!K{KB|Pz=dXaZqLU!QQd{4;yfKymfSM7uQfCd$
zJmE3TTKu+suGEiR^sEx=x1}_&V(}c_qVI#pv@oI7?yfbL4-IpYf=1bRxy!yWuG9at
zabLncX}P=KU%d8fGs|FK*35D|cSqeHd+jKd$~{TBMvR=$_|la*ww!yZQ2M-L{JHMq
zhio+Nz7PQx4X(PLKV{((FBqU-(<9W5`0lb(gcJ2SEcA%7Q}xQjK+u;*C=x`@ET+Bu
zVP%1mw3`5=lP7xIil2q?I?b?9Hq)IuT{k<T1hcsH^WcpGdkmOy*!3Esih0+A0D<?t
z0f}DEW^C*}y5}A<*{W}A@m>mC#Bfs1V94qylcE7h?B`kwz9*bM#;HBxOi30p(XDC*
zyf6LV_aRQA&czy$b%?G-B45Dryd9Z6u#LL;8zL<*ReQ81I>*(*51(CXvbp5sQdm%<
zlKpmumC>(-zpibv?x7-$D6gi&$<IfFImX$g+G1#8q4SEvJ{b8hdrk=h?S!6Lwbj)$
zK|*awRa0DUw~L5?^(#ikbQzCUZix@~y*Vn0{!LZR)b{sCl5NtMdiqz}eABYR=66Q6
zT2neo2W779JyTmBhNYpw>P+L-1&zMxwiUs5w!ZT^fZW9OBvzJRu>~F&KD10u6M2o-
zM!l<K5~>~9{=HO@mho8Siy1x$gu9O4@9G=ZL2Qm&M{$(!;^0_W5-zU@8Vq+taQea;
zO%LxReARYvc+%Z=qU5f^&*m7tubT!-wxu&jZrGRy-XJ_*Rnz(LSV$x^73mwdF``>(
zx>kRJ`PntWxuFVu79GH77S8On5s>R_D=>gBzqQ%>&@c17VaAmxi8+r)d$8-4w&#IL
zJUnEYX^WyTgDJDs&-)5mW-REkedbVXgQ~bg#vl_0qF3h=0Mk#I;@53I_eYogICQaV
zah`xbq=`KPL{jU)L{0<Cf;B!$LJK?MnD!<gyFA%hcbgnNFj9E4?dmex+CdMC<;b$C
zxEk}6?~Su&aUl@<1Xq$=AIa~pIq^O{<X5XtRts9wnyLBBaz>$Yp|<cbTPXsWsy)d<
zZ8(itZZ1Fu{f2OC*0TEc@!yb^)l-6d`MI(j0!P)Z{MYy9KFSplMU4s3In753mV`-S
zivIgmiRv$!HE~CAO)tI~cF3|A(miumewZ!ZI=S+z&pletq_zq{8D4#!zHx?pV>O+D
zDs(B;A=}Z%@F+=%(wXPu=dS1WdM-vyLZWq_6H$_0*V)4vkfaaBifgjU;gL5xsx4mh
zoV{2VbBxwb*xiDNFa|7$$Y%K1aGLah)Z=Yarq?4~<qQdF4^?-p_hYD1z77rP3>OGK
zLA9f9OgmdO1DCk$bm_Sv_xVzD)t8U?&VPu?<mX7J9Jb8)q3$Qj<u8%5?0dv+WaAL?
zr#B|YAJZMs%Tz%6<HjS<?R4Srj~L#e<Zm(j|CQL@+5oIgj6oYQ#SV?tST^7HJMHD6
z^X28Yc_UZcwwu|O7VQp>#ovOw&m-%g`)a|Q7tP-_%ff06d;4}h|C7)L&#Q{I7@5N)
zRk3*zbO+Oz#tp=Q2%;@$EhVzI+m*Ad?C+BF?DMFj_x!x(**VltIH!<sFdu{wEes-F
z<`_p+)R<4`?&4g~kUFf)4)9A*S9{k+Wk)3MW|GiH>8c83Ih0B%VJRfPNuG$`yu?T2
z7I5jZeIhPAcAgFbfm|G}hXo1n9i>rWpfs<MQ^Fx<EV{dO@%`!zx)pomtaqzu26!2S
zx$2)F<3Fe(`8Y0MTpPfA?EJb`m7SisLO3F)j0XpakS3ZK$zE5Fef>*@zLy>|O)&2{
z4zP3=6I`N~qDpByB44KHalp5}O#!<nkF8Ix&0t5@>cL8dx)A26BaFq&+Bra@ojSy6
ze3W)P^CxTge8(5W``Z$*6zIzs2wYEH4m~!_jHdPbwI(1Kv}PPCxH5)0G#T33{AOIr
zLS8Q=AX|IJQ%r$I;wkD@!=av&4C1@wjcb=Kr98RF2$2u+UOM~q`EW6c6D$wGKb=LY
z2F$`P6S{Jo_*gRU%&9kBWO=-0Ii(IL;L~5iS>>dp8=q^Iy>oK?mb=l}c0HJWQi!c9
zUT1#4;EQIZg$kef>g!-R@s>kSEJ;*|t>Kt;kw06CJ#96a_avT!Z9?AO8)EltwZ;?5
zCtd1qus%tEQCU?S_ck8FfcLj6%Ys|w!~Elpw&CYm@4Bs4l?6Lsg&F*i{0(D2%UPk^
z^yinH1GMz53coxUu>a}DQA|IO)0S90UVa}ey=CnDXBW=@%WGkOGa&v{OaHU}N&Ezz
zY!PEQjfn5Djl)Bwqcv-tFWR$LisVHHL})g#`}ZEXdNc$n$Fuhx6@t|WkX4|5%th~>
zSIv+#N3vdDW<arR#pd&kXm<rAK2L688UnN)9$2dmu8a)SvuYwD0_*C6Qb1nT8(-jk
zSRUmrxxqf~3Lyt~FHZcVfoOsdVseuKa523#FV)|s%3qpgq#|aMcrVgMmT%s2T)a(|
zwMS{KGFAwl1E*JK1u!!{FV;~C_*8W@xL%R<MQLdX*bkv{Q*YHIc-t{!uw}jTC)7E@
zopk&(^9o_5>P`wQnNcRT>+RlSyLj{YcpbUwf0}P|Xg8&a^`m$*yS_X*430_88IS7p
z@KJ7Lw3~eU0)7S|iSh=YqYkACxGh=wnojMsjK$k)G^RLnsBc$HOcQ89Rfn%3bf|Oz
z!}lBFf(XGCH|W8_YV;hAvS5_Pr?F#L`dyhqZ->E-*yjM${OAkL5j$RdFGZhFQ2W(6
ztJ=@q%8^wrHUApv{Ys1<zeXGTZ;1B~=@|rt)pB*?V=WLpYjo1?$L=I->GghN_Z;Lf
zSc~Mkdn}HaNo5e9#qvy*B@@OQzh)LR`Wa46X-P{jh-SAX%jEgPWGfLT(RJwpaOWde
zevekmU{Zp!^!c?W<7(^kX`dvFc0|dawMq{;2ndobfouKXaS>q9sO<eteiG|b+*SR?
zXY$HIoBF%f4323-=ug~n%*-1M1C`ZJ!Ll@eN^UT-UUoGjAkpe5#p^(3;~b^{^~cBk
zf3@EKo2d22iu>OsYC&Ua1y^89CGrDuk!|Z6!@<zxL|j$mU~E6J4x2)iqmIf@GzjQQ
ze3ycjqvwWeOMtpnN;oE9p_5nZ=a(7@NK;f2_Xa{C&CS*1O|7-dy(~)ZCc^#451Y7E
z`vdta+yy6Xd`1Jdb`@~{79v?PTTdZhL!jHJr>Y2>u@9VboqXQET)msp^1yBJs+-o0
zD*TO&a9^=II!mPi&IAoo522@pVFb*P6Rr<s<E1tqF|ltPjm*!;kk09>Gx;4DgmDWz
zFfq(DOG4TU&tbH7afzGV`3_8rXC3`@8dhBUf8dNqz`cvCQU8bD`u}vV`1b&oo&N|{
z^Z!cgitjZpb3a({Il-HIJ#5a(W}&+_YO0+D8h5K>`i4d^HQTpteAyQ^q$}X4r<^(Z
zT6>n-H?(hzQUao9;9;jn_{*j7KhXUqRvycX^nB7r!~D)Q|B6@q3k^}C8x27ZrL*9k
zsF}5z+R_ps!-cgxzDa8h0>anrJzS1ba>q}LmjCR{NO&N$6jdeg(~+k4OLmv+cthW<
zPCmDwpFf}FLhtI^`|{4xy(GdL4cBbBhjwFG9rs0&csFFXRjQqIi%c1WAAM~+&dfr~
zdW~oIPq04+FEiNq2x2UwT=g)=s_i{#HpEBj&py-Js;xQiL_Na<3MQf$Kg|77mjxo5
z1lRzp!Y8&Iy>mopnB<0~9xpVZlZ%ac3gA}JVz6@*eC@o0Az2^2MmdntDDzt4aFcU^
zt~5(zCaLr5n`ZgX%g<ag_-LcuO1_=F?Ly=2{lfU@!*9srbUsYI4)wAPFy1n}ALr}x
zc--%c9r8W<yrrc${#v)J>}j?;<}=hZU*5VZ?M4Iok!4HfbY#|w^3xl<{*Go(KE)2i
zyXz<k$Lk0$W)pIPuTCEaTzj;8*Ijler47O~TwIRR#<26hIPw?(?b1sAK!bS&Yh~&@
zec81GSSe33ul=-K^UpkXBk8;=ry=_nUPu`sB>r(CRDd!}EAT`B9rP3ih1!lc9mwlW
z?R=Z}Zz)t;Tfm;Cj$%q+8>M+&nSgxH-EaN#Dgwie-%2ES($c)f`3kjZlQorAuE8?W
zd4EHkdqOeAO|mTPzVBOx4$RzF2(S`cT+U{KWaYXQ!xn;v;tHNYJ!|OmY5EFyT*$D#
zMM@{wNzK^E&2ye0e+_rOoZNCPKpfnB;WLp{E!DD5;B2b8RnI%79wqTuoSCTgQ(1B=
zvN{@k7T~;|9)$R=-Pkj_Nc$V|%BoR0Aa%BI2$zWN^`+u!QQx4ww-8St6f$9Y-GqFN
zI#%^lxiwl^j$gUCd%lXu-UUm_!6rPRTiAn~7w@q=OqnqNn>B)*d)$SsCI*kWfV-+}
z!*iX*rr_(FymOKi_rYvn!0?0(uVyh}^Bq%6x|6e=gKPEq^78P95hA-Lh7f^<0&vFt
zBgOo`CHmID<}mdvY`!_OYNV{}k%EPS*%l4@xf@w__XI;898D0{Y|i?LNExVH$r10<
zy?98CB34O&hH4@1pi=V~ZrhcGdMOrgkp8381mDMn84v(pD<9LSQkBj#rJC(u3Hwxy
z`OEJ?tmj|;+=+Qvy};@KF#%GG!6Fa-Lyg04$TcJ-<t50k$fR<2g8EfDaGR@u1669D
zRWc4skqa0P#fX3JK9)(ZH(#y};u4R3&WaUI|LX_A|ME59EwlW6$A6FUzfQitXT{$u
z52*TkulRdE{`&;^=P3;qk&+8AkEhQXc<|_C<%|8KxixH<czyNSL(DmZ;qZlvI%BOx
ziTxjxD*LUFJEua82F~?)k|XoNIVJqf$1H5B&VOkaT|S`?dYwr5i-gu;*>rea9+$Ev
zP&<|L(65H$-aVw|y~+zOJrEMN>Qy)tAaTZ)6`Vr+>?2Rc#;MCtOlyH3b1KogEAv+N
z50kv-DP_IhkmqTi_ti&emat(UBz7kYiG89Be_0}t`g~s}dZD)BmhgKOlc+Q2#9pcx
z(j*I?7<(S$JXG^l^x#~5BK01$S|D*R<Oc!T2oh01vf&(t89?`mCBYb;Ncnhuqu=AE
zwqH0{aLxbe?l;4D>;(k7*v){iBwmuQmF8919&P_&<&HaeeyMfUg5>x;mwg#O_oHuH
zcX|>1#1}I+-Bgc%SEK1Mlai|4K=PsEEzn|;Uy#B-`xy1ut?KIi&+=!_1hHt?HWPMc
zPsBDMn5<UEtfLp&o^|-f(?d<3dOoN>JgrS@HkeM(d}M*KN1T=rvqy4R2c2vaTKD!^
znl9a1FV3X)z_|+LFicjB*~<cQ2B3?@<A#q9N@~IqQ!|Ykg!1aVV`%7F&(e&~VObpQ
zE1+*5*v36s9h%JQ*B@Jsg@;zeXG^es8%)|SZ?`_QB3%IX+=w1^2`g14UGk+F8`_E8
zmaClIt?K!g@1+5>+s@+>voJt3?V}X7)$gNL6G*l1Jb#GKd~g`Mgg~0Dp!pW}iW%cm
zZ)?<iny~V(emb4{UVra-x<u26;)9~?XtguN<<46Gh=m|LQ3wCMOneauwwD37&mbJ|
z7&B8n&4w1B=*GKv%wX0tGeLCtF(I(hzJG7y`5tY^=E`X*@u7gH|JmP=PGLTYj@ZLa
zL|pPT=T#&iWJckdo*j-<m*65y*W<>@b@~fEF=xBLq-C_qw#ebEc5!8*yU-MBUlP5X
z#P+Ou@|yYtXl?vDy?CjyXN;>J!H$9wwr&Cs=3q3PGUXKn`;zCvJRi<nBj~vJ(VjY=
zc7YkTXoH`-%g0n-`<Mu&@Ns~QwKM2`3}-D9Mf@lk<wSIt<!Zp4v2jx19CHXeU)n$4
zpV5$VusL5ojueh}HQykf3y3DyJ!9#&G@x)SkphUrt(X%OIf8W4A6inBs@pT-xTWuf
zRVi;ZWsr+2TvhWP>bQZwmch1BEeSF1R`&-}FafI;9GDmHUyi2jLpfDwJ;PlQiw>hb
zWa<hW7ae+`)=#nmuS&E=c^%cLi=mDYwHwJ;h;L?{GF{?qfUM4*kuU0c&eY8ii<=L{
zC<(}`MGbXVUx0ENm--_7G$0NkVkztzv)H;WE^r)q%<6mS#=!I%EzVOmST^8_^FwAu
zB84eE$akn|h3NchSy{9b_=O{@hSWMx_1LpMPJS$D23ANL4&UII(Ly>%*0|{#1DqPP
zo9vw8E;8@0Ws0QE8pV)d1PyoyPhln*f-(dSW;>0MbI7q!%OMoT_d8>|b58qWYtFc9
ztBml)J}sq&3DPn|3G5pNBRqpQO^=I`(0w&71Zk2Qv9*a*TIxqJF9Hh3_4++^Uba)i
zoxI$R*XBGEy61gMkQX&*UHr&QldKO;GE1+XF%0!&z#K9LR-7KR*X47!s#h*m8WCNi
zNf($)k-fZ9?&9;6>)Gvo3+2Z18uV<s!qKm>*YPldt0;w|n&bn}fGKVe0TD>S5U(`W
z9wQnw0(<@iH(Hy{FsbY7((hTVy<IHYks;NY8c07?`Ji*=tI-S4e(H~lHa$g?C`vu4
zL4M+!J$!4xvs!wL_b#Y1!a!G&Pbb>h`(^X``<%?Rk`{iN>8O%;`io%H3;%M;X%$ir
za6rV7Gzb!?`+)HmM=DJ}h4m=Qndoc|1Uuz}O)<<DH0k_R19Fe|a(|Y+y%8%!8$UCM
zVFn-B11*8>t<w5BXE3@%QX%fQNWZKyS!n(QG$1)f9A(#z)AK0V_wOFWEmiBc)q9_A
ziq0~rHv*Bt`b*TSfG7#{wt9)qr=CD51HpKG<JrBX`e>w%I;?o`lX7i>QjoKZ@DTph
zx7;2#2y^}Q9rmw+FHLbXk?908>Cx7iatd29Si%WL`4d&@;fx?vD_tky8c`v{i@e*v
z=d4$4@kmG4@)l}k>_+Y5b7m?Z3TcjK&@4}bZsYY%wah?2mHr);I#ASJFbYUC#OZOC
zW?5g0%y+7K<^CBq+NX(oIHB6tkjoH!-gjJ30j7%n1tZu<k6j_T5PDuvG-uOCVggti
zrrApK)Sw!;fm(@C4PhU%bmAKSy3wev3&V>$k5r6luh2B3{O$1k_TYP(z>Hs+eKd7q
zfVTnc&ezO4%?)65lUhuZ^?td^slcS~ZEMgqofmy4dt;+K=0+E{+!#vnC<6`li~kKd
zU3+F3!v~+qu*5YXL#Iv-<%9j_7=6tUfSq*UELhIbJ`{Sw^Z8e<t>l9@@~0${I@!$G
zj_tEh*g?uWLX>hQdDfv0M-Nnk*?*Yobu8*p?^aI29l~O^9K(jRNyu4Ls{F~M)6$H?
z#`(t$dr!dBhhSpUglP)<%em5?^#%J`CI^xNkobUj#hiGv7S>PUu%Bg+XfvI35vtVJ
zT{E_iVX%5U)oVWxcafvM%g=$reo739n*rYtAWB_`aqNCK_mxXfcHXhDqjC9~;Nc5r
z2P#7W`LXXD$&+ZdzB9v5GfRs&0g|F(n-wh0BGDp0YGf5cTxKG~h03Fsj2UIE58{tW
z#J;}PDo7_tQ*x9JpUD%rItX`xF;Sqv1_5>#5Sl~6oRZ(?ymFPIm^sh7NFc0kQO4iC
zBDAu`Jc?3rd88^T?5aNkhrwsc$}y+FM#A7=z>2ZK=#xPCEV2p9v@&M1ANusFn&ug@
zug$f`X?kBp!XNY(xC91U`iTVesNNTBZ*8`v@2i30djLfo>1LlQ2iPO-=F#Uu&uSJ<
z%+o0#wrQwVu<Vye!u1-NMx<IkYeTf44)^TD`bVMeiRh`U9O}e0BjzC%Q1U0e0_Shm
ztOSN`1uaiNhLlt@c^GO4BqBYNiaO3!R+5vb51|+PI5ZY6OEUkure1Iq1fR)I24knC
z4e?oAAdZ8|x|V(nt>9~RTi=JuTA*S6(z0~WbI8k}WDId5oNwIX*JY!?gwm8pDe5fX
zUg|`hN|OUlkaf}Ha26^ng@NeM8XL|vUBVKvw-&A3V^a3ZGgZ`pY!ohBIZzlFE}V30
zfwdvGn|eERp>A>=!JvK>Ku}LH{f0m<IjPG7nt7u@HMlv`qR;eX`o=c%+-&#Anw*-P
zv_AW^4=<YlDfWvn3X@{5z%y^oQJD@6)y1fj(Sa4zzS@hlbJ#7@7iyg(kb)l+>+3^3
zr9r+*xj7)ma(pd~kqCQ%#8RZ@Vox}`V%@SQn^|S+7sZa>n$$5|FkG<aINQDr2Slbf
zumly7ANT<*zCLr=?`Dh%dU(zR=e$+zMj7X10m1iObAyEis4s<u$8}VPue6+!a5=Vg
zuZ_mb9Zt9%mc%liM?GcvB{u?P@o>Z_=1z*I4n;?lh>b3Ry-E`Tz#<x*sV_fD;d2+Z
z3!kdB)1+|t^jfj4`4~`mw0X>^{a&o><@KT>zQAj+kBH;o63@p8)QbD2*B@q=l378?
z)O15EKf=Pwsa7nssf;Hn%jv{KSlpED3Ty6!)wNI8wq+h~&oQ<tHV3RB1i_JI$Rx`E
za}98oOR5q?A#I}f52A!&e@QB=;W=&56c8f5IUfzF_-@K(C3&v1qc8YWk-7qZF1j}3
zcnY60+lGk=w<yFeq5bHInubw%pXB4Jsx)3JXHQwZtA%We1MYe<Gsjk)7yl3rOu(53
z9viA_HUf(n-Y32DCriGc_<|%A@-DR2JXoe#=>S2AXn3jg3yedjRzh>yh5nN9=<4{N
z@KitP>=9$>mupea;}B_7iKCiYHS|c;#Cy@er_#GA7R>$5_z^_6rW#|p_M*XlV01uU
zAs_|L5l5mzl<V+4AaPc+&lF!Xn!j#si@0TAvm<Y3x-an9kw$winZlX2V;HZ;5<=zS
z#CJChcm*!%j?Rf6=c8G+7@u_RzG^UPKngpmk~8-*;Iw&?^xQgnQKTnK#M#QXev2tL
zDk>(}&ICS%#nsYLTmG0wJA}<9G@`kS^|fSvL(WMQky3`#KWVq$KD^MoVViXgc7Z|<
z&YtTOW#GxVYU0iEH2HzKMve-QI9Oy#3ch1SrCVpoz<x!k;eV(!DBn~@C*+K-Byr9?
zH63~_dAUW6;~oTl%*^rMf*k(=VMfHon4(!1g~nP0DdeM_-J*lTn5cRAT)!K4hJIF_
zw2?W6P^=0{mo?}@!T6*XL%fG+_z5~zGxETwP))F@jEQ?~6Zw{p)&d830mBv0JNvRD
z2H@uc$z0kL$sX|Wf7O2kXQd~CV#0_0=KuGle~-Z5Bk=bK{5=AHkHFs}@LxCrVK_F5
z;yQ##7p60FEPx9R?72ul4LdX>7=u*$imhT~4IWE9gO_qqUK_Cfh75zGsNS#E1{+_A
zLe@Y4=vOsNx|HRS6HvTi>+?o?Oa4H`qt&H#2b&J&d@%x&M6Eda^e@ik!=^qE$s#3Q
z>*Fk{&jS$&#GEiiRpBC~t1In2aV@JuHF&R~Ll5VVBtI^u;ry?5nIfJ3<5uMFyW2`f
zTvQGD^u1B|?m2`jdH}ZV0%wJ<TMXcKlPm#OaZ7HKferg}f&5{GdA7jP?ADoOpZBgG
zu?QRUC#Tg)e_qlW{p59V)pz+`95B3SeXQlJb%@;11-9gpg>tEqa`}Dd$~}~Joas*+
z1zjEYY5%=)q{bNhFZ3MCX@arAK|E%I3{uPTmSA8!%2v7+R7E?62=-D*WihCzaIO?A
z6O`yMxmVeyny3jQu-^4uo6QNUy%3O0_BX8>RByz!?S!eD9#t0wPCucV?5bMLK8DJ7
zJXzRvx+9w|m9kJ4A5|rPDB!B!P!S~{d-h$olor|cFuU3>4GfHEDZe2JFA!w99!g*B
zJoYCG)OXqxz~o~b9n1SyhEo{Pp4v<$b3!0d39KVNh>cdi2t*T|jf#flIwy7eq|WQ~
ziHBV*yb!42xfb#O7^*!>4B=(aP194<>Ha+VzBI9K+G=;*q4}MNWpR>{j(dxQJ~D@*
zv}X_2Q*p2l>3{se|Gjo+ZZLwy#w8mK(w+XtQK&L?k+L)c`^(l~73HJyuo?IapNFOP
zkRzCeGC~{JC(|v!MG>mPH`yr$?VnF%nH8g1?)a;P-T(Igg=U(-(o8xV#bgLYpX1xu
zP!$@Zs)FR7D!{L~SkimhT;k^7Q4%dRlWmImu4R&X4eVY#ZwNK{-}YJKSirHsUEm=I
zPPh}27X>3MMF<Vno&%efl~)rlygL!y9;>U<P;!0q_QQ#``q0gx8*@yFyjBo_tbcqQ
z#|~I`aHgIz0WBw}^pS+jYeYn>B+96Og?;Upug9%El#&C-V%8U%pM`b8?s{x4CO330
zDP5$qcp(V8VRS3{2YcehTiq;1dLR?hEID>u0iSVH5L=f+l+_@bk)c#J&tKU^m0>+O
zerbqwzKyd%w=dr}622r~BoX`&qITn7I7*;}T9NuWlpJBHx#!e`qpbvi8a^Aqyc52A
zWZ5Dy4q6ONMQA=kHknScA8Vj+fa+~-YL|EUWr`BuHG_aO`gJv-`F=@V%}U303r5qR
z<%(v~U#Xt~obuNWlS5Ud@zX4;0vCTMCzX3;uY4Qp%C}*Csn*%@F*}(L>2Afp_6a1B
zNq{K|0sS)_+$UV7N2*$9dKzIY8o3%o-eyaa*oZv~tdyVulVg#!)X)8o4qi?+k3vqf
z33lJBrF+IQ@C$Y68>o->Bp8G|%`EQQ4S+bl*Z=fE_;fRJzVWQ+Hxr|tEUy7WXdQ;2
z9Sex0B@?Ep^i~8j{Qd?v0a^FFyon`rBd@ZU$owwbH%Om9X9(%~>2kN~@<7Smrh{le
z6v}uKhO)5G$R2G(A{o6&q-CK9v4M+P8TT&+)<GB{%J<$FLZO6ek~v^UP-%W&_G1Pc
zDnJ8L{;*L`p2vja$@=PBcMr<Zhvs%>35!dMqG`_3vn=Zx1gqKM*#73Ui+~0J*EDr8
zD(^yZp08=kzTw@9Q#ZG7_A%bKTb$!qWjBPj!wHt~k>OeBMk$$L(iesgm<px);ZU$r
z)!rxP#KW)9<UN!?kI+wj!(Y^PgO9c3?ckkXdMv4!rvcKWCUAIDKwPW5E<lfTmw>7N
zq0l06BBo$=5;M#B4(oKNR^uV0TITKj#KF%y+fGtw#BDn6Fi;cXHysGK?>Pa$Zv)SU
z(Xd|B^;zlQ=gP}d{6x;291XWTr=p{GF4>N*+_zts^cIfFU!J0ep07fNV@^?|iJA4o
zw*17{kX;z3FPh>~*)Nx>E<siaTqf$~M*}adz;}`c@RD=@W5SOb#VKxZ^!6Kb>UXTI
z9Yt>wHd1p)!pW>>T?K|aqx_g8Z)UzFB^#H1SHvb#`KWbOBpj%h2tCSD4FCm1$Cj(M
z>Zik}7zxzaoZ38+)Qujqw87H`j7d+sXM`?!NItkjM~|)glEI9?!|GX1P<yECJS;CL
zFg%8K+4<aCC(!4EF2#}W1%sbqZuTsMyTzA7;RTun(8KFbRlDIa41iCg2atI;*<$EX
zU&+YRX|vj70sG1N=zCo%Gp=#lT`@X^5fP9@iZsEYo(dgC>Et@ro*_)deg!(bDu*}M
zOWLHChDA)ozS}5^IgN;4<hjvwTw52@2z!NQ2SjFgrBC@@X%rA3#0Ky73YPSO&Z_)y
zgHpCzeeDbNZ28W$+CERkI#tfZ>lB7WKz48;xbIvIpa+%`j;Q^T%0*Ejq=%Q<OuG!0
zAelx-rfnUB4-zzas+UAn!n^gKi?AEg`9#)8*v+M%dSZDg>tscLsk4RT=0kWZUxZ2M
zygsUcpiMowK_KHPYksqN<G&$1wnDDvk3i$aV#Mv1C<_qJbRwm14iDcmq(cU)@_z=-
z+zi$4z1qnnWKe!KW~_Viez<x>#;Lyl1G8OXCz*Qk$8U(7C>4((`ynz-{>m83V5!Vo
zLXItj1JMsvFpodB9+f85hGSDP&ansLoNy8oD0tNBv^k56+S!56pn4Zdj5MD^yFmEv
zpOo<bE<XpnB=kn2ln4i^3EAWE2AD}HQ~=^W3T##oj|7X#WV&(8a#o?WY1`iS^cdSv
zFnFlHj#)GUTZ#4@eMBe>_kj)05C?BC8(<yF(X4Ba5;*HXdGj`%>;c-&)KLTRhy#v3
z@M_#{HptFHo!dS4=jcIP!_+I{=F3;pNi-?HA-Ym)ONWPG3({s#cZ9q58}f~B`p^i8
zu&Bdr!yCW?8TvM{B9y8*_=BYsB>htB;OvUiV+=E0p&L+whb<xG)6_lX=Asy-vQ7DZ
zaVGW*pRv^(Zf;1--a!EwL=@1V8C}pL)RVy)iP^3Tt8*GvZ+Xcaic`>z@}&F`(~j8t
zGZ62@6ByIAIcY$AYeR;R)TohMf4CTkoWpR|MbCd`JCOQx<=Bo|1Ep<}<xS;eU<Ks5
zAnYcE^C+(tM*YR(dBxYRY0PDzDT2YgT`YtowEU|KHZFMDtzK?95eOipkgS1V;s7^F
z6fb3GQaTyvUKCak*kho4qiFuQYnOjvI2dA#9DTx<jPuv`CsX}ktQ)OIgeF7isy)X6
z2Gn~_9%X{vD8TAkGI&fy!w4JGV{qzA*nv9^_yt`(!I3-@Ex)8iu#I)_9mh&N{TSj=
z?fuAnKtb&Q`hFneI8F#NGte1+iI-IC#6SNSsP>*O>ektjMQ7uz^R^|ZOxnL8Dd4L3
zUJeGorH(Y4>1>#KD~tpD#3)L?VyO0_qp~m@y7vkU6(Yusf)@MNd0vKdyFA<xLX_$@
zaNn{*UQL%O>Psfw0EfDi+Kng=C@d9i=!uvTAfEAcAKcng6pfkFtNdPOfO|%m(q<3h
zn3HuGk(JfbL_fmRU&P!;hG0sEDO^6Jd16izl4T62G6)t>iZ0=oxEt+ybz~D+i0qtH
zWjxg``LO-CYX|miS5W<_ZSX+a0xm2yOml!U(;vi};U`Cy;{feOIG<#6Y?LJGDwm#(
zh14eh2<{DJ^5V%kcZjf7j>@+>n%y}(lEU?pqzUvB$6z5-Jir28U!!^0>_*EFXUOVQ
zH_2Pke5NK|r1ag}*SSK8<ub?IZ*lA{HDSZ4ynx(HfOgZ=rQwo4d-AQYo`A2b<#A({
zmZJM<7AH;kE7kPT2AKL@*f;G4STK&Dy+Y9hA)(NzGX(D<LZf-#oj{*YPI2ZvPJHF!
zPYDNcxy9!!d`>ql^zv>&KzeO7S{0BcDp2X+cmr<gfWfCO!n7e_C~#Ka*O^UsXrIg0
zru3)oT}jpTVO}@3uRAOqMu8WvDY+<6nbnWNOOatPLR2$xr!ns<H!5A(Mfz^2!DK7k
z#s7gzdHRpVjeTtC`kqRF_MM3Bsafvzr6_$qVuj=U4Oza+Ghg|F6r0hK;Bel+&1B*r
z7^igLLUL2jNdQJtJIW|EpzXvn-9R$=R^J9xIC6qLb!N-r^<1vI>U}IP4{p%i&bNDN
z6~l7=hXm;<Q9DKsM5eB)tMo8VI&-B-h2l-~oa{wXuGosyT(Pb%JFosUE0@Ctclo6J
z_6bM;2hoShEOQizh61bP#^=8wtu9QZF7jF-GftN3Ir&yCtGeG0NZx%7w*-S|-tTUW
z_)||cl0kQ+`dePu(@xVTC@58XKfL+5%E9y0rUB2bV(lx+Eu+=tVd}b<59o#X=7iuN
zKvS=P!N1<X%uE)DlKrV1)@l48i}|9*+yj4-ca3s=IJHk?n!Hu&*Sc?h(7K5#ls6Lv
zm!~E0aSl0ZMP+g!mN$J_pDi7(QTYhum=IEb_C7Q?FReJ<HXrp}WH_xunFDhC7}!C%
zpKJ_%*)z}{Y@~cvlFABZH7Si_@bLWk?ZVx03B4}c*?MAXLcxbCeo|5V-(3`iVl@3R
z>(ih;mdX*9%A+v{3sIN-g>u1H&O54)XHA4BiQhZkdkgnm9AYoRCjqIOqcy`PQ%;jf
zzd)*WCYjaA3`PKXJ0-)-TW5hOt1i7J-07?7p*dFNM2&WjORCkaojRuk?@4^%=F}1_
zmQf!CpG&2e;`Iqr?}S$NjcmXb<5~<};EK1vXpJE|=O}u1`czNGsD<-o9mkA@ELx?<
z@drtY<L4f$p177lLqg-k;Sb>lRzf6D|5e0r4Qw5a4o2j89q5q3jJsnLR_1UNW(lRH
z>|TVBjY;5M9#n+xPX8wVrOKxn8!5m;DE!u&KRv3^Js>9%T~s>OHz<;7QryT6iJBoi
z0VU`*V0fhjfF<@5OyvVsGfPdWTrJ5wH=X4+-nbb!1h{a!e9|hbj8O{WoI`h23Od9g
zu2Kin%V6ssWIpti`i0k&D+9HX=>93m^75)7&mLOfh5<Y9?qNjVSwZ891MkrwMd+KD
zS3xmrJE6!3>KRnPFZ3nwr47I!szx)oARHImp$E8Kb1r`bNY){izcOyvR~PXunKZSp
z+Gd@&{i@kD`-Y$My|W#UUZCsI-P7f`2E<tPEVjvj27osAuBAx=248+d?0xfY2dHm$
z1YDf^nIu(F5g~JND@1de)wAPh)9ljGHyjf73Ox7Vudb^3%=ScbHGtu(m-()~RPvqb
z0T840bTChnFwaWZ%tSSN#~c&<2Hi26+o%HX^b&4n86H}zu0`zze8`C94g8OLn-Zti
zbQW%W7UOmAFZ|FP-i;I$r76tW_yICKScE`6z#BB^fD(HIBKpP5QPZbU20UfU!$xr*
z-=F-9s6s!;B1~+&H;Qr)gngba1vMN5Ea@D95iJT7frKf5SF_@EBl1#~`lz%pjfi0Q
z^>_!G_@cbiN-YvUF?Qg3m&C2NlKp^TDl0Y^!*!K~)i*kEO6ub5*qUx_)ye7)jZE`~
zHRJa<)y<zmbY|G#qPQnpV@c!9=>+$sro62%#BsD3y7v$YLY~Z)E9ldN*q0RbDM1@f
zzjMX!_IM-hw(qyA0`4_e>Ia&luE1x$!30zvkUdr~%qSyJhsJf3Tg!t&0&cT;`p!B;
zo1RAQb+Gg^$9$Vj=XkOgTNuB_vufVg+%F+$Jhcx~rqGBPWuTs(2F%lh5g_BDp^nH=
z9(<K?WMVP^cekP^0lF!Kk@oK2X)lwR4CPotFu-T9)5VBZma!kylfD|WJ)s~kM8?w7
z=3)!OyN{_e;aTs_SF;8rncbR;dw19LK~Y7=2b463<~jrDomsQ>QnLJt*6dp2`_M3T
zNvEVV6ib!MC5wVfT+c5{Bt@qP1}WJN?!)V(0pb0+tx-7sf3WxF(NM>4|L};?hO%Tg
zl{G>rJ5vcsXhYVigft;L8OD+|O9(|wwvd?YvW;EHF8ez6eI|?#Gp6U=_x_#xxqsj1
zKIgfgbMEInzu$Ade|&PBjE~RzbG@(kb-k|F^}3ASq=SY;pBV&`XL7^7MRP(7fs|?1
zMmS*>mTx&}*64Y^%g(~099?(H-H#mxQ(}pR6OqxwK%2u3!nsXjxzLWp9c<VODW<H6
z(#RlM9{;=cF`f&bO9CFIyS)fDe)%A<ic4`na7MZr%S3ett&dP+{eE*|sHzM>!my^_
zjaPeuX<V{*VBg1!3)cvTM2y$(&LE(3oPJj@e#kO-orPKbCI&a52XFdOtz0=6LdcmH
zeVl4-<RzbT?#7err~F7Q^~Dq*ma*!~K$5OEIJp8piEMQCJha~|+LL@WN^HCT#W*gu
z5EfpY3gc2@pihDolUfN~$wZcEFeuC|-+>1au&q1s3JMH3Tk5|UhuyWhvIi1`BRHz+
z09BK63hJNT4bP-_L?NDS@~-%b4B&1y>YU_c9n(IwS!!$6a(7tQzYfUe5|Ox56P~uT
zqa&2-<|B=&{W>!ylH5-y4N6(z++0LoLmlpD%GvEzZR#mDgOJ<6VO^nhJB_szYE5!P
z-OHPpG_mL={4^NoVO$7l0^`ie8*z}hD3#xdqKj6C%9+3CLa4?`y8bJ9M_;&!mUxOr
zwKf*!ocz8g<Dn$3cyVvl5I>!cC^|Vsv~O+Q^aB($1dvJ$wNx!8Vj@+IDmg=`$G)PD
zY#9t>w5uGBejcnH(Vkgh8#yYk%|H^31|G^CY6GT(^z9!-uI-V`bRfj63g(bqqH$$c
zTAJDFY4hb-eIlXl`T5if941+waL+qeLnCHFWoX?PCaN{qpNDBgq#tHFO<i<QT?ATa
z>2z}p+|RH1d4|SP`JMT<M6zQ3%n3PF2I*szRab2tjqB6&y9B%t#;zWCk4wONy!Smr
zl>^?R4qhZ5ibmmb+QLe6BV_AdFQR0t>@rWXs#f_QtmAX0cx$DfO%($th39})n~YDO
zK0zusD+f!D>9qWiB-kMZC=aGR6gl?5k#(dReSWa|F_DFUT}RC7+8}v-`vqjG2ODo5
zd*(VU5`QjI7v}EO?NZKl<jU)9dKjoDAFc;QaVaQ{Tm~6XIB8wVtDXh~+vc38ECLIA
zbA{ear|52V(~2DL`}GZLkLyB)L5EKD1)q8d{+>)saTjjJI=MMj5gH=kLRmGFqq(~Y
zkCLLXQBT8eJA|i|+Z(f<;ywJH`fH(Vw<8l%zqr-<^=4tp{h8r68f@sv$2_K0NAXon
z#@gi*7)y+e7(IzXJC;n*p*{jO^9<a>WCQaUA1R<RP%GxC-JGPmif2;2|Ft?Y=c@#J
zQGV5r`LM{?(G|6?O&81RwA|au01aY#E^h>5We_!06us`1878@@&It{B+BUH^BqyzE
z*G5i0oPx{TWjBtAc*!&}9V_t`+$w9_42q^Pe>?~;Ns*UUG4J0Nsje9j{V7>Jp)({1
zW6EP{bQ22fajF^xzkjVpWa=LH&;`%mc5$vrzNP8oS6z1brkc4CyFa54Jg@`7a?m$D
zsgxEY9B#-Q72;f(dX2F{y=4FQ<}k**k_6CeV&J`+x1C-&o}yacQ?DZiZ<0?H!<%AJ
z1J6L~+rKGe79eL4E!{_HU3jJ|2Hc*jO|P_HQzg?|glh(NRN~9a%Nc^qi!p36$G^y$
zgu+;_7Nq0lFw@gjJ_;@P62>*{>1ZA=XS6s8+5E$}DWP0Y-t;vo^GW;UG+SwgdxD|(
z2m>4Fd()x)m?D}?jl3bRK`EjEG!Ck1FIta~rSmjeH@1CCzoPQtKuPf7%3x_#@qpI$
ziJ*HEbmtS-K}>cSe-ID2LE)^BG(o#Xk5Q9km?v&wS5{_R`E~GO-Kp|JUEDXA0+>f`
zeLUq9z~mj$WY1V%DN;OBwHhf}pFgXoCY6uoAg_A6)tLF)%Bh|aE<7tTAu{>xEjlX>
zA@&^Nq%oNSrV$$O1{uD`wG7FZCE=Qop_XDp4(exDj9*GjA*T+?41X7J&4>P0P5eD}
z{A8E=e8(lm2^#%D0gan_{~)D69muV;B#DOB@|!I0@_gK1_;8^rKuoeX)%nJw3eR7>
zuHGI2M<r4v7IA=zP~U(o#QEE+O3P=H#u{JZA|%h(_Qy(`poFn<UzI6s*QUP$-X!Pw
z^K@-6;}-n4LI20o+?eUFlV^yxv>l0wnn|P*UbCxt*(1;I+402uI_J+Ge>JLXx%4XC
zJsJN97FS?3QogPDlWX{Czf|siE23o}*)d$;*!Ka|2T#jPo(_qA5M~lu+mpI_{FJ~c
z@gVv`erj^G6NkZShY+KwY{_KKXo5nB>a`gkRCB6)kx4Coqm#W`uARCtx^8XKKJCQ3
zPb%_~oE{IJ_u(SP5T;%hKV5)0ikbe5IhizDuP#;mtJ-45hfTkhl=52H@F1u*%*}<3
zGxBL=*qIw9Pg1UFzhv-|3^+!eARfWxLSwX(;T1_Mx{=pc;LOOe+_CSmlVi>IwF3Qj
zt%8NQ*K*_fuWWZy*>NobLPP~BPcH^DqfilT<QSyRT^y6vwNqTd<I0&Ga7n#QXiqIz
z59XbMr*c-2uT??sYuTe`LxPj<#O_jn$Xc8CLHI6wtJ4i3x+ZiW+M<Me`8QdAfeXeI
zU9@D1BOu;fq)ISGm#$(?F5Mr$cKPkZ3S02AbUQ(<hYy0DSij3eMLm3Kyf7I;Ip;f!
zFTqk-^K_sq>5wiNUJBixWuY^(8`W+6;`zE8<*1g#>pcemv1grq2|7(!d28OV7qKrf
zV5N%U7eXjJ09c_NrJ7b0k%F2KXVARUcn%#$x629pMLsF{QrCZW@O>=^@^j|+p`>`3
zZr8Xj8j{4W<x_4`0mu-9oOX;9;2f%c@%yqoS%>52r4?4Xl!PJKrm|hhh_~N<%=tNe
z<k>5y9p?ro5Ff-yh6Afeq^dw_h)`7pc;MHkHE#&bI~##{=FbJVtZdo$UzR?5Ae8zz
zMt9F?{N+n@(Xr3KRGYC!sdB_2vK{F9$1^RN8iec^gkZR<r5$J5wkeA1U2*iPX`e#H
z{R&xQ3a<r;2nnInvA~YBOXCsKcns0NYgCCr7V+k;khpuX<ZEj`wPSSeV#Z$Xu+!}y
zrYO^T1(*-M`W}Zc1kuI=D+;E5Qp~@=wMJttZuH>GrFCvcaaSGV1uZUX#^~F|i?-|6
zNQ>ZTD>kO`b!T~Yw@!-mp@nDEPLQp=aBh;frZpUopf#O8J>7A)|MKNiv5X-s_ONfJ
z@jP~&pLn7k564fhB7(m`{f(oJVUpF-#KUd}@{=@#{88!jA;;Np7w$cax3}jt4$<2`
zQV@SjM|NEM>w<Lu5|IzHR{UD0F;Q>zQmuVHeM;DGwl8=g{V3uaQekcPZnK1DMbH+<
ztwZf{v2xwCek9QZKaxnk3dQ?OPr=a-`oX4TU%n|caJfe1Hh$2-wONdhH@+yqim|<Y
zs%ET_z9)QdmK;W`2?24&^de$p$fP&_QNJ6U4}F=$6kH=&jpF|Gq|8J(q_b}C!$Z-Z
zUQN&Bf)3$4QRGpm9?%zm!TGACDMD0!NHBXD!A!kJ6CmLts2)Bp+0vmqKiE1dGy@tY
z7UI)~1-G(n#?zeq0Y%RN&2y0B%TMdUGT76EAn6uMIEm43!+yS!XTE0ijbg?dkEEyW
zt%>vN_A}&nqaJjDmI_1`+6gs^jBo!GkG-z|1Sbqe=6mMd^UCPYA8jG`O&NO@FG!{g
z^kmiaOC4)sRjL!s`iE~le~==Dc^(akaIPm3<C+uQ1q84ya4xj%Ov-fw=3sCB^Ezu6
z1ryhF&fa^Z!{07(xPA64E2<FUCG8RbvzgL_Ep7$50Yx7z3po-t>84PxJp6rmsXD|!
z3CYiyf)w@Ca#PnOp@5k<@&3B&QVT6J6>pF8Xs_E67s-E7#XZ{4q&$>8%MY*j<t!q?
zUr$qP(k>jVMIMh2<{ID@emfHyb;ah~!&z9&F6JNEEE@y>yu-}I)U13oFXW#Ijdp9r
zpC1qmxRCF#c4A}Lx~$^nLL|~^-R5e3VOd<sEJ4~I0Rx0xGa7U7K{`0#449WI7fPp*
z^q$VES5tpWD^R4o^3$VqGVcEllb7m&#y^!E9e4RobZi_%GGnG!FyUvE`Ac{#uo1O%
zW6&FufJx!VD@@nbYz9Z9%;|mxTrAkgb`rfzw_UytfZfA>2LO_N(jEGDPn@n5vrEzr
zxAL<vUp6xJ*(mhLZn}D2_x)Ph`>|Xjqa*fy!Hj7~YOH`_qb6~6ma#4r1Ut4ZseHd^
z0v)zeX@L94ppZ*G`U$-A-#2fb-t&H_h-MeB_d6R-^#IEUAEylgk+kyGZf^9Y9su8|
zX*?u}Hv2fhIj5lAyMt+@6UY`Tk<n|YlR0I*UjsYz#vSAQKVm=QK^zMS8Z_nek|jX8
z$3`_7s)a)i@KI4DesFsg3C4$bWO-WP&fOJ_=O4fH4JpI6YjrlA?z=b4ho7PdoDirg
z*kDHcXN3So7fv<mbL&21c}y?pV*+Q{g*>lo5m>7v0vDlbG-nMRf)-C$l0)hnFCgkz
zMv;W_HF}aG+2;WGq~``eYSnE*@P0MGPMFk1JZ1WHpW)KV<cUILHm#yjee&ArtdJL0
zoz{2mdm;P7VKaC;$2a%T#~>y`^qEGE>Rn~wI6X(cz2BMd-WKLP3Jh5LG#!ZKh7@Qg
z!erk?H^Es5ag=_$(GTW6g06^teqaC2<K{Pdf8+_hxYXWwE~KJ>u?10tZ8U&y*dyzF
zIjRy2Y81#X?*7EAr~6Ii!#tw{G1G<kV`$A%H!-Tg%q~r&@*A6$dN8LuV)qBmi0HW9
zOAKjE#uU@edD@%MRwm64f}+bt8u%#2^s{hCsJtG-zKODc8}(T1mtk|;>d9<g;p*?3
zy|g1R(;<~=T?+scjxJR}Y_#UsExTZ!{OFxsEja*#ek6I3g(Uv>75$s`((7ZHWm^|>
zFdRaLmDJ`z%rvN>aH8owhf;Y+j3Jwu1{H&eTPEgM%JQLT%ElLvgey^=ppU~V9pMw&
zEEA{4KUcgL2>Vb$Zk@Rb&v|D&e~?J!Fq_S8NDe9|=|_IHP*gE-^WibO5Z&J)1Ckrj
zWy`SXDM(7_#TmpYG$IC5BcGBR+})=Tfmw2;+nwk5-5rRZ{)S+r-egC15~Nv*eKyOM
zKWidej=Y^E;*5zN>)AwXt3RgL_pGNyszDWh=gR2KsT+wX+c9>!<?RPN?z#3~O(mPN
znmF$uCSti6LZ_}P<}Uqv2#o7OLg#m>16T^EnXJ$IM*h=uKR@+_f37GYHI2LQrLEL=
zZ{U<8fO(K%T@azr;<bk*sz3WZDwbYDztHf{Mf3k1zOSu=Z2!Q7ra+cQW-0?nj4l#B
zGz>opre7yR7+QVV)cyrjB1e(hi|pCNv>D9*Tu~xxuOleumhh!WGMwBRTK)LbAK0Tk
znlYJU-*k`W5nuIlf_J0!o%}4<_=HPq+#gtD8WqIDnkQx%X)NGp=U!16BUF`sy4;>D
zQ+}PEp>Brs5#*vhJ8%&uM98xpKB;zNlb0rmA0X~aj3Z`xXeYo3svuGzh;Vu^ztvnY
zAWBY{<N!sSz~)yw*y!4eonC26yRTlK?k>3As~U6tx7f?G47uX6bd3DX=ppKLzOlWG
z-PH2^<-oOWx%4u`bSj)^kitmDK@wj)-!!Q!K`D>DZSy;_g<jbd^WAwrc*2YB+>A?=
z?6)o_KgA87RT^K_G-6+DiU&c&ID)AR1DK|Bo%ke#C#K-N`p><xT5y^NIAPixe<9Ww
z6=?6w1{0}D9(9=QyS0}w)3m8Su$a6)P%(!@hl26eETNpK=X<M7Nc5JK)%{cYC?Agp
z;VToTGsCa1<Q_jY-2_u=;jUN|9Gk(N+`4$gPMh2G?)>Y5HLtyFj>k@lx89vinfvPf
z3vg*_;3=uPl$U7lWb(^{WYuc~mGhiNVr8aw;#|T_+0ScP7$1#8s{HRakz62n$2^gc
z9_1lZ2*%N8^sID)_xk#}=HEo#n|qv@<m|hD<b@S9=DxumOvXc!w>LT0^3uK(8YVW&
zw@+hEQ6xuN7wD)Gpmiz0q%Ov{q4t>doqP#oaST;^eU~2bmY(>D1^w+?pl(s{=pdK<
z`g)Hx``xoQBCpmN()+>I#Gn6%k$iZ7=T46zMy6V)V7%mPB)_L<b1D;U3d(Zx$pTc5
zWw~LD-570)t$yLlULjw^%@6lekKqPxiP3L?YIGs-L@N@24bwTmE~8ID8TGZ|#7X~I
zM_xM*Ux9&AHF0lUJ$LrxhqkeUChS5>>CeKRb<izHy$bIDe|)-cS1sZnnu==&VbsSn
zARUBoW}v)&m^8T4!7uIwB)JxB;C2;;GL11kDohhc3^?|KG+}5^rC^jr^N=vDct~)!
z34RjdY^W6^WrqP36#-oz(d+#-1CH4b2J9!=HI5g5GdvtcSI3Y_cV!Mke24&Kk!Hs+
z4cgIbMB6&w!#$lt(Y3twGx@$-jmFlGDh7PpGIdc-HVhGY3wh>_!%YsqZ$-b)!Tkb{
z{F{>uPPKptKvpX+U%Nkx44h&{Ji)vXU?6FStBU%hL2>s;DR1nOMB-7xnK2e3A5HFV
zTDwZ~9rxq!iY)c3&&5n9Z~9@0&m=sJ30kE%G}~Yr5k07Y95sE~^ZZVy2u?67(Da*$
zhDGivj<cr{PqrRE!7^;Rw@5n<_AUdt7c-p$FN_ZJJ&iJ*SPaIO36)nD{>o2dE5mv)
z1l*iR7rqht((r9j?AMp=!;k1797Wc*;}o<xqtJ-tLt%+G$D-NQ3j9HMz&3#(+(>$1
zx)gQzLA4J@osrxlm1BX$jFTpi==LUA?4U%Q4a5O<e_&4$5paeVR89iR>sKMcC1KSk
z2>8R#&&Z6LLr)}<z49|C%Abyv$?<*3c+URp<z20DB1kY&fKBAWPf{<~&M+y=vaID5
zELB=m4v#`1M!h>?I~m8tZg>PpV2VG$=mT!5wc#AVvI01<UJO4oPNZr9MZ0PjFOtSA
zON*YN8<yKM)%!|uIKj});z<C9kT#dsyj6h08MwH3x)?a%zaiFnDStoBQp=26+ae*z
zNT`&Q*Wi1iwo>3UDZ7zLsk8}SnCc~Z?6UX??J^x9i3QoBJcg0iMwlARBkY(Xp?p1r
z0H}X@gsG9%mMI1_TefM#zI+B@46^!lB{|rgRcr8g)%1fq%nLS*SGL#LVa5y5YyQCc
zEx7>Xmjo1sq(gZU1JQ=r5L;8~v0ll`(Ew_^-<<V4PTMLYqxEoySh%rK@SXOETknVY
z9t|zKvC}~vGwTYow$#(bwBsa-4*GUA&~g?A2&N<Dszoyx?X=jqetBgy;hm9=^_jk_
z-(Bz6JoTBU`~AdvT#=n708q4&-E|b$3QWG87=c<L&<!gJYDgjSJW}|q<-3;+eB|HQ
zR2rqTT9|qcG^13vCW4|a$SY_bzc~&*3Ya~MNGjhR<$|Se4`@W<M}bttrj(RjH*uXs
zU}-l7k$9!j?5Tyl!?1tq9hI7D-}prg5f$Qx)+1%l;93kuhY0L4m<D@_wr7!D{^XVO
zTqPZ%p1;m9#z&Z6X}bC}C86+Xti%e--xS)L<W1f?c)f#pjb+@~WQ1(*kb=`t%y=Kd
ziH<z*AVnEg7Ync3Pk)Grz4i9OJq}Yj@whIQ8sGM*;;uIoVOnSH5y*Dt*I0%p?~T&l
z{Ercr30%KSfdZ0)*2y*R;<&5ukBBndS}v)Bb_}?Y!_EWv7mof&7HM@k$beuJCg4wE
zseff(_r@sjiP@*h(%W!3#M3gTQj5T2?}AJ`aJinKLs5l<oyCT4tFhH1zTwx|teh~I
z!?kHXvw07QW!TSV#W_h%7uzQtnl9GE?hV%|5%AY@KCyHfKuQ|ZqEWtTXtjgnM??g$
zf!PZshzL{ttX%DMyZb9l*`r@w7%Sf2_-YlT1N$+2HzrnAVq2O}vl&`46;vx+LG($9
zN+XQ<h_C3e4npgt-)m15mPg(H?!<fRl+1WF+ZJ<a&)uu=SiAs!`U@V8cqTpK-8^-)
z8qoe2_Ml&0B)Mi~wZRY}maI3Mhq>p&GR%SjmjW;Oa4*@}cj>NJ_j~mcu)TO`O|*;P
zE8qdt%c}DM^4Gv%B%$+yqjag5q&1tyW8sPMA%rdSF=Lsq>%|wu&E@;FxDM<!VV)Q&
zd-?R0p>@Px2MzU3pEycgzuzptJg~MsM>`lPcQ1z<C|Th?;HQVAqrUw^N=uq56Vhek
z#=>Bb<M{--(49b>&=C^%VHwFTM?_}<?S^IqQ4ax$;3DwTDfrT%bq=@BtLog<5C;im
z7Tui6*LOb2`qyQqTep)dlB9*MpS7nLCK%Z#^aOm`xJ)+#V*0g35`80r=r*-3LlV79
z1SpcPfM>`|R(w<<!E5`&Z0`<lP+;Tpo<>*W_Sma~L$LJ1$8&i2g?tuBX^bpPYHfvs
z`YteJMBpTR5ESAg;B?i-_Ib<lqw-iua)t{^sBrV)OenXo%(x~>3Z{7D9Vr&I{W}~+
z{Q$N+h+9#PY-mfcpbqFWkoHU`rx73sc8^jF`z|}p9Nc0o9dLdBaIDjVp|>bRD~e$D
zOo)LceoB-da~p4q@UN6!Ya_DMW0|Qc@WeDoRI9Z21<fLBHb6K+#ceOyf#B@?@M98@
z<qd|Y`;4ZDsW+za)A|JjNlimZwhi6Potcn#eW1=5Q|Vf*r#HEBD{4VPX-_rg=Uq^)
z7hxH6rQ1sc8v(G30`8;lK_pTJ$U@a9mnTh4sJ_s3hSS65x_lQ1Cxkp=&KtcAt!|d>
z3K9}8YJIu#(Eg5R3cx1EC>AEq@WaYjDqF@ZJ54=OHPGeRZr-PkOMD%R$!Bgv=Z-Cu
zz2yAa@zl2zm}erMcoPYUz*}mx$^9gc^)QNwPUaZ(5lQnyKU!(V`xq+<bIe5cwS!^G
zU259=d7&sn0i&2vorh8eRQ^`N*t$2F3GyI@Tn%$nH6~#R@*mRe27}r^Tt5aE<j3^!
z^vXo<p;AB5?-wH30eV8zLvqpvfM~JwYdo*&<1e132CotH+Y(`DxisyIeb3`ow<;#w
zF54dsdvfQT^@R&Q<QV=6Q5f8uDn;bLHQ<7M`H3~bQ{N!R+hu+0!~hvU;cLQ+&G;Jf
zF&}p5{WrO^e@Ldy;mh!AnnZ8}GZ9&V#k4jvu~ATs<#E~`r^9UmRt+kn)h#-!^R~3b
zHy$0G&MW$6ZF7J10pNqei{RAL<ui+GDWnix$lq%g8wux9wVSEZ*#@=Sl_^#<QmRHY
z*nZJK>e<)0r%u=TWrNDjjGA1d3srS&#y|?YGl)p_OHf7&fa^j?ThnesQ4W)TU`?YQ
zjY!_Mbh{+#Z`P-=o+q78)|#D{eY3>}(?@M2iO~agBiQ8fG&Wi%rm*WfQK7C<xHT9Y
z;btdRCG~Gg-5!lxoxI*NZlU8O<|4F~->7)*dV0|DG;ITloNt>Y??F7`=@b*1m$<%B
z?llvA;#upBlF9*_aNWIg=Yp5P0AB#^$joUm>Prkf`^55*#(=4p^5y(T7o&^l+IODS
zNf8Kn@F8beF7o+?!hlp-?f29L`@VX<TLnet>Mb|!Ro&U)RzwztP+8^b5QSJkP=ff;
zwj>l7UxPNu(*7hLLSk&fj+wg0eLk<lRajhpx|Qz~d(69>dpD2E`AMvRXPkip-a|cI
z^@(XoQQGOL6I9oOFV&*NWow&|x_#{?FUf6{hwp(*-9g*;n+C2XEzaJt2IVw>q7d~q
zL%{hL9706s{gR>@WDWzSsYIWu#Y||)>YRvKq>TI6HP@|HiH>7;=w}kNTF`aQ2Ke5q
z0@9S1v<BMg13Vaf>)1e(9Z=QGwxe;9^s$67<KB&P!FCQ`Ka7ga$u^&rk>9EiGg5t=
z@Er$<8Bp0yfJ2GO?%P`L;)#1mYJH8?BQD;FyHD&6NAu@JN|^Nuzdf7y<71}3#@=1F
z--|Nm7)~R#dav@?uI&(whRAM^+$T?|ZcCDJxa2n1NkJo$RL*{CevX`qimua3NcN^l
zSQm^QD1mb{Jx6{^e0{|L5);5uZnoukhN0a)L;ThB{ITO22k!=tkTz9YqT9F7e_*m&
zysy*Tr(bkmSqH}YhN^K8tSU&7CXYehq}4m%;ouSKJkR!n!?H%NIUQdv)_9d=ZTGh6
zsVyue>**bpKubB2G3}@qai|qv!uh85yr(09rB(X%?$l{pPRmQ6JAIb3cN@>%*_-wK
zO^1i^;|jU!q__p8E{iaVayV?ymh1z3lM0pVAPH~n7=}Dttz=6ufQ+$hJFD1J$cK7g
ziaI~*U6%hAx-ND8*kwET@Qkai$6H0=%oo!x$fF>>3<U+(YDQ9VgSs*a(}asg@RUl2
zBqAM&DM0L)TfQ(Ga+rHre(HMR4IV?T#-C3g-DUO=6I`nlqi?1O_%;fhhU_Tz)a%er
z_KLvyxE46;wh!XQFG<mgppxOoMRy7>i=AhcczcA<cS+6f^D-W+>t#Gx*EGt_R<N$s
zZn>Z<n_f819IR{EA(FIe^Z!`aE4&d|?sNZRU0V@ce<fjA&|aj?CM;|9X%fq<V;$~{
z=OD5KN^lIG6z9>yhuSXg?#lmeysRgsBmC<@?8A=<PrR`pud0^@w&p_CCE3=Gt(y@P
z!Y?EEp2Np@CW~>Nm1N)vI1{JGxHf{e5Fhwrl69ZdTK+n6);+efYH3uAeik2qAZj`S
zV?RMtg^a<cX@XQ&=odj6mgsn#C3NzVax*SC(|XvtJnVef?W&imZRnQvJX_~Hmcqa7
z84{g%RCK7NIP{pv*u;YmysVq=(sZh^Xj1Xi&B3$^R6vTkmh9LAR()Cdx#$lFpe7(8
ziG9O_3s%3NcO?0X6Gv@LiMGA#E4r7Arxhqxb82KOA^MG57ry;0KlL@HsEyB0w&-IX
zeNUkNKRTC>;$EZ;*eCIZKB)-4794fs<X5$NLiJV)vT(7X8}6W-?WZbnIeItije)LL
z@(L-)aj@n*up>+hl6Vsn=qoxwmf-hpT$@m@&n@=zjSEAyqpd-}qFR*b0%{$H2jCMS
zcl(XZ51wk9W2TPOlGFVVm)sBl!fU|=C)&HsM7n5IzjcoOyizn`4lmfb%0fLkAmTX2
zHf^#<JHs@pF?8<AT;1-$F2{bDCd~KoGLQgai2zeIjQX4Q&xClLKiD3)-1fDASxvsk
z{|^k!vmFh@DC=Kt?}cZFs?vEm9xS`A>)3Sn^0UErM{reF)I^5NN>E_Rws(g+rMHtS
zhIfU9V_{O}AdJQe5evbLCQqxMahp2!Hf7E-JCe*TqEnaY7E*!N3#bISuU4;D4k{IH
zvz}uYHH>(8GLZBSxYCP=Z>4C(&u$(czX@cnxvw0Ze*XtHrgXe~*-`}{mV!eKET=c*
zPeXByYracG1L$UCgWFrsLG{kFm3GuU^KvR23c!qn+yRlp$1qV^+f}&FsHFzRq4?TG
z7mc&+)i1aodY?w70L$9k%SG%0JZP+a!2v&=fDlk;)8B%OANFrxRpLwR9dwn<Ru_)?
zA&Al~)dpl+aDti5w2~(l8x`F?JW<ys<AzHLef?PE+PCN;$vcURQPdvB)n@c6#T?Ui
zvk>sTUSRg+P4`;0z!T%pcZe1}r6lISPm|RcAKT)juGww-3>x$We+m#W6EGZ94HPB^
zvRu@CW^Xi-FiLWuKh-rBJb&9~<Ky<K*`3&kjV@ImCH?4&93x8u#+|RG*7bbsNb)`g
zI&ymH?J;RZm3tnr3@0v8)YDWgmll`4n#LJ?vxO)jIB{{g|H-qut^7>FLxYM9wN^0c
zWP+zRu1J+<SovLgmT>m`itD?(n$Mj7L2~C<B_oQyD%+<NdnUK=h=xdQ45+&Ial{aP
zbX?&H+BGgnZW{dx@<@Swk{1ErzbSjRGVE4B-P1f~_te?gqx*a|Uo@*kTy;+v$t<8W
zg3^H$GH&faA(ARJO3uo+tL5*ZHnNUSToNAUd-<KdK>Ok`!7Mvym28oGm3TY#Y|qXr
zoOQWu#nRUQ5Xar!(8f#l)pJizhpS~eK6+?cpt@{_-!51E96k<$t*v_ymf-1{FLlLk
z?(oDoLGg~2RBO*u?>T?Vc*eEt%oXL=N%o1++h+OCfkuYR(Kfd(<MY=&TNTYC1QfHy
zV@zf3W>)kp#YjmK+Re3RYKR7*8{7HU5hB0a$TvUDx&Ao2%Wz7&5T^@SP|mGdDu1I`
zW;@ry12iWNb+CL;ZH!Lt7_Tx;&0HK~ygaX%<u2~}T;Dv#G*w%ZV|kMMAoWFos*+U>
z6xhNe9io-RI&M}6CD=p;Yj9kw=<>GRB82HkHtT=<yw3LX8BP-_rl?w=6^J`!rM9`F
ztE0kg$EBt%s&pus5#L6AuBnn*xwpOu3Jbe(Txe%WxG9!i1^9P|HfjZzIg?7e(rnX~
z+(n<352+Sx96K&67ZDMAb<RrUV`gj>hq80>d{{%TWeL8R2^Z#S))5UfYz#=kzrr28
z4Fi9~gp^r)SDaO3*yWfj$q*v*-;xVy9uULbhb~YqS)k2{Ye|`-=}YAN3&CS<<sXNH
zeM$7rL}lAljaSATS&;JNEJ2jaPtIjdcH|#V=$pEUt%|mLToIssPbFq3pN~{!5$-Ay
z8)vE(!6Pw@0eZCO0D!9tsN{G+cqi?rk<7@h#gGeepXHP(lsfgWyfWqSYwhQPCN5R+
zj|FXc4W47|&a6H7R(j95Y!XH7mQ1ff)Z>e7$+)14JNcNVB+!&~1;#Tle#uLizv5y>
zOc$Lf|J9t@i?q%mEVHT{^LOhnrl`@2RoA}zyRT0)l+j-j_vAk5b=mvoWc`k5bv3zv
zfBE}DiLo^?WcqU!$$4cyEr}nYSIAp{v;6}z=46<D_3`8mj5*UOwTj05q`Qg7t=|*b
zVrmdtdg8$rPp{zVVwNXD4mEUVPtL~Z8=g;jpB9{}xTPt8&{XymD*G@S!=ohl<m=Z<
z?b;x33AZ=#yQ|3#`)|F>QV&5cU(vdQno-d<yRs*_;Tx@oumtxd#ucYJkxGLo_#xzU
zX+ik!=P@e=c^AJnD5{o*W+(QR^Ve;z`uAsFQEjKz=y7mYD2F|ZMx>Yf@=^a%o1j!R
z3Ei8c9`^;SBg??<x(Id`Go8};8WHIc<D0bu$+t@({|s{!>boX3_J}!s{ExS(GF|L3
zfvxOW_aw9oRn>Izng!%EpF!mfL$$|9{FCuH+H;d8>TT?NQ6CrtrUQ<WuM`sB%vcXK
z<2fSLxf8l3#YR!dpY=K%0>5)}x7E=LZeKBPlZfGQcAnF{pO9W99fdgBT_1gBY#B2O
zA4NVZF-wz<nVXebE$2<9eCYBX;=S=Ssgiw0OgF(Sh+`Rktd`z{3Z^QOzvp<yPBoI<
z6_7SIN#n}4&rj)c-jOvwY1n<5dYD)iIYU|Pz=ZKg?lk9Db#fHl@Gszg@HUW*EkTf<
z#WdQEcX;IS7sV|z14Ei^e6OY(g3*@;6tYH0)yfKEh+^vSq=8ENmQ#r>ue0*O^Rc2T
znF#aD4E~XhyJp6gN2?s+=AN&bEor}1MlPlgC*N*1FK~+UZ_(F>ZML9Lvxo*W%xj*Y
zNdG~rfzk`<TMnP1ST35njw(2)6n8&*N!NNlQMM+W>^$$h6eSf-&Nn9C??ubmT8k9U
zcJNE-F1^l)GqF-VIsHM)DYc@&kr1-Bh47<FFxPxuAzPm7nR^uJ<{-Z&H2w6*;|S7Q
zPt_+`hHr-Z9-0>Fm6j)|g6Zh_%rF1)yKvvs0sEs(0aX1C0`2kJ_l8<`$c&AMJrNol
zoM`stv~bh;<`>as7ohnihr5~_4c_%Y-trpA+51UswB{7uKQJBZf|Uy7Xdq25n;?4d
zMmdod+i_LE48$_`K&$Y>Awc{_Rs4bV=_*qW)dEZ=-~y)YE5HHCSH>~R!YMxf|K4Z?
z2lxEHZSM5~smYmgnx55FKvFN50{54e0NQ~Ge_+3#SRMx5N#Icw&3hPo{$|7ft6Utv
zaqD?tMVi1uuOF4F)|f#SL5?j3AA}m#i+=IalD<U8bW^wQcIi(~X#WEF%{*>xkMfNA
zH<rLa!w_fdsAZPd3`PF<zJ1#t*v)U(F@vT*^amq$PQ*q=zsnUGT4t=@1RDz40>nE^
zLnRm`lHJ+Jt{6K(isK9Qed@HNoyN_;^Wz{LVIzH%)=y)x7j5Qo{@EK~FP+w4F|0%r
zo8ohC|Cn3%15h|SN$~0DW*j68LiRL3QCMNKfL_@#pmMKqqg0x@Pfav_ln@wEY-^X-
zhQae57<c0f@l<w+25hO}JLMOh@DQpsj|~`tr*8I<*>a+Lil2P2vlwt>cAMireIp$I
z+_d+fjR_fh)#YzRP|<MAF)>A&r527~FG{0wokoiI4k3%P{f!AsB`+akt->f2L(E|N
zxakoqA-}@k<SjoXG7guwh#Z}z-O`Lc2n5B1-lD-_*N<ymd@c7Pd7H-`ppUVvO@Kj%
zP&jdT88cF8R}uHayG`|5;f9K*l1qzH^D9IncI2w3_JhDXl|#70bBxY!PR|9Y2PF&p
zZ(NeIY}RzwW?|Uy+>txpZ(em47~PAPsl)1Akis<HA52B%F-5NO)Rv^aaKCiR%FL}!
zRM^CeH&{o_lRf|y3FX^PCr|LSJ|MnJba&R1&~V8bkL_kYq7f|g(S5}wb@+T0ZtPx*
zp8jg%tNGgH%T;-BDTQm5mz5@!T1gToUAp?Cc4k>2XByLS$$PrGulpC@HS#x}JN;ue
zmTogbAT>Tx?OvR%yLeAr7FV8B+0fve@zAd61Vzu~O7r|clS8brtj@V5Sp(5;IJbkW
z&yGygLqvm+&19aU(9f}Q9cQD?XfaSY>8BX`iq%=E%Ke}Z+Xl`L)xYf6T2^*~SAW>g
zi&vvW)uCHUy`q~OLpi6|&}J@q&zUGAQNy#0^8qrucYQ)ubky|V?D1tc{=kmMEkIfQ
z9aTHBHUk?D7t=~(33ig}9bD<Q!sjJB?D>y)&*pn~*V#?gBa5XYuAtWQY|+9|zl7#(
zT;T5%w{6b>LO>rVCQf_Q+d%PNPC3u-V{9Qu-Glk{v6M7FZn3YPT}q<RwOwxP>`;rR
z?^y#>#?rTg=tdsJ)1%jqOey+DUy5qv6I1omQH`ZTc>R`szhwE&r=-dRxRyF?6N;RK
zr{nZc^v)8pqdICNEr`-`Pvns{_1F+?k7JgHxlkdbv_l1A7AZ;*)py#GIE07?1Gv6*
z60pGn%EX_-z9VkWpO)YA-SZqloUK>-+e#VZX<VOJD^5!J9L6UnJl|Yb?keV?(Z%&`
zMLr@f_5EdSLVUv)hZJ=rqINNlHu7aux;cf@sPrkTjy2z#`0j4Lh-+terf~wlGAI|Q
zSAW$CqMZjeOTF8qJ}ci&V<+(mb_LFBE@dna<+d$+2N{lTlgtX1<5N*keB7;~n-<!{
zo6R4iDRWr{6p)U!nG7J-PK(l_f{V*H94Ne7m@*T4mljkNWJ^&2`j;)Q_oEU<UyW%i
zm0Mk=JiK(=04DHLZS{5DtKc}Fnbn-ZmBEb`^szg-yf=ndxNI4hQ0c}?UfX;3tK)~p
zy|FD7EcLjNEd%2H{LY<U<LNpZO;QQHG-A8q!w8ulFgg&e@g1L~9ig7@LjxGvtl3gD
z^&wg<10AdwHTXRa7L!`B_YS5c93sfK>q|f2SbdFh9!fA^RZToY4D+p*9J$yTbYI}u
z9Kn)(pVafDSd|wg`UY>sWYcO8mRa?!TKe*H*{(A;=R^g5cw;<>1+JrSEWK0TrE%-s
z8g-tK)=#xn%QvT9Bw<3X2=%SG88AIBE8A4dFp$&b9}|xiRC0%v$&AHbGSDa|YCq_&
z6{qsmLS9aul@2+5$!{)j>zLF%7GbG4JLgu<V0)z6QHOXyu9i}7MX9xqUf*Rad3LLj
z2h3P`1%s*irl7_yQ^I^t`F5O9UJS9imWPVl^Qa8h63}(MILp2G>@bHKJ*(#v@fEH1
z4)6Cf3-hA#u|^(66P)UB=!n6HhW-HcKH)+}((i|sEiHXRE}1`XJ~AQwp8M4D>f~;n
zfWox&kx8l%X}v7jkyc52vUQVfK1eRnSq;|B-^KW92Qh*qSbhg}!ZW%vDJBa;C1$H$
zrfya09&ce?y7KyiispO~-&9=;AYB6dF!ka<wY{y!SG~-s4sUg=?aPGUdO}9+O-Hm0
zA8}zVS3bwjpP?kS9S=X#$Fn(AP-|;Nq_nz^X0IQ1oJoQ2zG4a59?3sv_~b@WfdBaZ
zEblcXnjki*_9X<k7lIqWC?5lSXxqxT2PnM;QRy?$8gibFO_jm<IR^=vm-L>K3Vs&o
z-+nHuxH(xJGP@8nQzPBHCI6RuYRopSKeT*NlB+BZGjZ?1)2HRPw^uva*RrjLWp3R|
z&m5gt8%lW7vp_vIBM~j&*{I*UUc4~%vv7l6g)>iqdiWY5=#{~`6JeMobbIr-9loj`
zE$2}9;-1q22cP%))eJRf(-Mp|;L_KnvXWS$cZ3eQuqVt+g7?s^v+i=^g*O-kvVuHY
z3iHfSqou!g`u7qQVoUnUcRz#)(QI%8Z1%!q>4~0l6JK5Ga7U;9;@yWv1cKe*qzwCY
zZOQqwOL?h&wx0+!b6vFK2Vv+Gjpv>Dx^EOS7w5e+0vIV@y42IZOZ!hTUfhwCMV^7a
zXciG`lg9ksKAO6OaAjUiRh*A*SD9s;^=RRZelsb?DPU&0obagG3Pez<aRalFo&FzP
z>-c6bXKmi<__R!0VRoLp)#l{^R=u~D(=Jg!?BFd`JNwxip``4w6M83+tHS0@P0Wij
zxm^4&HC^z<q5)K$4C>Rq4SbOs%Ismp8#keZO}@v+FEz4)k<J321b)>)3ava-jjJuS
zy*P&#pkCv?5qLqg_|Wlk+*v|R2Kf~fIg1OgRVl~b`&A&+<65(2fsf&nkvZ<3CYB*8
z#K+cS+xOYY>E2rBvn~!%J(UR)J3t)z)h&0B;re4cI&$)Su&|-gceY2bDkZQ#3$HW{
zX_9Q4??Ph){n9TQTh}~X7uX^kBG7<v1{+c_(^?T<WU@)oxl%d|0#dEV|ByccedzxU
zUm34`LK_THC1=bg;QBS*Dr(p7UR*d=rd`*fuyfqopBmPk;oA@Yty2pcl!woP7VczI
zQWDv5)QYB~(152fzz^6^COT4X2d>J?I+gbgim1IVWbt_G3X=6l+00k*o#DJMu*s3r
zG21o<ebtK^kkc%aL^A+Jt$W=3b4|wcKHFoTxjnij+0V`I65;WciT)v;xRK3IOIB;n
z|ApN=^Gt^c?qHDCr8K?BzuFJbWN!kZ8OLh6<i7uFRnvK;oONtWlh>>n`=R5@p$hIr
z)sM`X_uiR0+-l6e#};ANzH4Uovx?$mhp~ZDvL~c^%1xaEqp}jT8L)LZR56k^6+}mM
zORkrjd__pkUPE(MKBf3;-1`B>D^IsMa!I<a>bwIO)Cu0mC$kQ5Gmz1-r>9H8ZKBbB
zr@kw)Dl!JPztvL8Q9sK9%8jh5#%^Dq3n>4p?RC{U{la>LHR@1~%u5(8JNN6Xx29Uu
zml%CF(IW*DrFO51Le@c4D{N~3a*i9AedXt*q<v{}M{l*9%NL)5t%sFmBq3#2l--kW
za@wlCF2Btj7>!pNH=@+g$Esy=MS?3c>~=doSG_PRruRDO62aIqK6iR3-%iVtpybr+
zJE@IBpXuM8;_&SPc++O-y0k{@)&p%5N0A3Gv9QWB++BT$1H%{sZbaL#UsXXQKmB=<
zW7vzd>zicxJ))BERUvssMMibMp%3PE3Pxq8ECAnzKYtMYAyu}pGvM0j1oP3evlX}(
z2ch|HCkz19C2;TU(%lh`iWn#?>tvQsnBk<sC)FMHY|m_=PO%C@r!2+oQb1{GSRKGy
z;r1j4@jI)a{om3t-+-yB*h9F;%l-H5b=FzlJB4-BLdzHmKc>wAd;n(xJSa~kmR<>f
zrqQ`eJe{xM#SU1UXDxxfhQt!;b|Q3pUZPUsfvx-D_Z|{kr{5YJm)YXk8#4a2QM#^A
zApf?Lk}CMvcCo;@t2GzrLo{eQ0q26sn*rQ^n^JP1d%u#$^{4MM;jQ<t8MYVWcYiFN
zHGV_A31NJQt<6KGn!jnk>EF-MpHQ{ksHDJq0+hqUl~vS$*e2St@Lovco_hI?ddR`2
zT1FIxGrw9vD)vRg@W{Kk?swT2Per`+k-&nHXB2z@rf6UiUdgt?X_`;yQ0>XPQj^#f
z8QFA_e%`;w`u(8CdM>E;U=BR-w0@8?6*Fge<xz!6@091_I%kIMZ$@Sd$08>1?@y(^
zglYKqY|jneS~+eZ<<=c*IL}au!X#QP0)Ax`3p-GkfJv;e1Y>^dQ9<7MXw30|y_9s|
z<4^3S>EJ<~VU5=w&;t{`JDCX%w)-l*;svPa%T%KA3CbNzTL~4!s)e>7hwU>#RTglP
zKY?u44hjQw>aMImu*{+!Mv!yXv*YLfR^ur=8;I@LuG%_WG>A;Yk-t#@EjWnufbZ+r
zA|L&`b7E`-1wGTLy(^LQw3aH&flxILq_F`YS#AphoDPu9ZqK+_Vn8K4|8MTxgIGg>
ze6~-weVYXm##7%X`eWAr&Q#Rr1Pt%P|EuYe7!H=0Ax<wVoZ$(|ui1&5v$?RoA;_vJ
zD{#E%V*pE99>{AKv)91_F=W;fBey3nK^o-GW*(H=Nqo-bqxKK^$JXI0$^6&ZDy-%u
z8{U9QE0rVIM`VHJDAnA~FwL=819$nU4jX-BqFn^3=f@GxJ^%UD?c=pB2gQi#6amhI
zT*>TTUsbWpP><C8yWxll%eRVVui@VPo_is1Po@&OZK)4m%uugfITJiiS&Uj}2?u*V
zWz`lx{kFX^;ON}x`$O~E4VY0;&`rQ5N09I|XjZoGTnsV2zL_<C^EPXmYPYSzSz8?U
zJ)M(j-{BcRP62R%j`{XYp0q$URK{9pRdC7|J(l`v4xX@ZQT)|(MBbyfHy8X=zWlR%
z7<C@Jb!kke&L3C>k~V3)^vl;77!xOcA@dJxTpCQ%29)dPdqZRZoW#Zer~GIbn8u6J
zZNq=AH!L-xZLuHzz~~pECBf|89`zT0&3;=Nn0E<2OkH5<L{{SgHrI~y2lgeH#&-6#
zTf^ISr!^h=G6@xebgP;-!L9kjfN7r!ijh^rjzQ&-5&sXNxK_T8Rx7Be^z2xLn#kJ1
zyR9+hR>M*ldj#tw#}<&u=q&fM95iaBX?{fr`1S$4EBFcXWd+dtWB;jA%v2X;tYeHi
z!mH!VD99M~dMKs$Uasbg@C5O%@gJja65;C_IJ7#^x-1Blz2sqJl+~V`BjjP<WxmKv
zH%DsCdX8zdS_O}Lh=`@pffZ_%__35RqPhAgO8kq_J$cm&v-!I90-_d3UF@1iXcIMD
zwJ7@w$I^p+9~FPgAa9B_RJ1Uv89sEqxFX&?Imh0tOW+SoF1~x<w56`*gWTqgux!gr
zj`TH?IOEhsW7KL0#jvAe@kc*;5@jn?USMFl<Lx-6-IU;1$q#QJ$#4lv3g6S7kp!d9
zZ=FscWShQ(_@kx>9<4sQgwN5A*503&5}d|57xPBUN*wh2Duk+>x(yziDYJl>Gar64
zpo_o{H;S6LE;wbz`I3=7-nyIb>2L3a>e_J2F8R`so$xQ_Z7c3rHgz@V4WYEeeKdmD
zXvKX}(*Ax&XiQJ4j^cXk)vsW-9G=4s`+C1|(vI_Zs&h~hH>c};|NfWcwt9xsab3r{
z6*SciQD)bDO2)r$;#~TwkrYGE<mOs<Wj{JaP_MjJgTHk+Km78KYbP^{74A5-Fg>Np
zL%Rf)ATq1TaGSkbcDpXG?hoqlHMN`E47L@FM=C1C$WEnSjR(bDTwGLAKjiuTsuiy3
zT`Vdr>vg?c!4<0~KhS)RpZS<geXG-tHBGM%_N}6^uad;lWptlBfAEne>XHsUCdmR0
z3L*?&>N;#MQt{iAzg+BRvKjY`iM}WQD(Az2xxpP&UR%J|@;KEl_Qx7BLbGE@I87Ca
z@l@N6j-J(0T*T<-Vq#ZogRfptLHv{YKQJfWi*avt_S&8>KTJ@hPnvs{9>iXDO#dDf
z{h$Yr!k$`E=kDK*@1v?Xp+46okhs?~ZO*ZaiSGK@(&rqCdw7t4r4x0tvN-Mr@k^`6
ziH7-$*q0}dD*k+Jn>sy|aQE(78nF0Mqrn9gM-asbxZz&!+y4SRir}AtR8*tau^5l(
zlM%A1eje+_s$P`a5Vo~a(5^@=HTkia#KkkGxf1R!=?KjZpJMjv^jhbz>{6%++i%ts
zxG@nBF7`#{?}XF;&Pzo)Xo_ct<u$oH=Hc@GmFa3X57d}@OyaY%FvG+spVfk7axY1^
z;e1;LWT_ePnBMf(br#1-QeU-ic-Z|n9?vEflM2lXU-3Hz(BxKVhe)Yu`OBo?ulv~_
z7VAi7{6c)@4tHH;%vO`g973RQ94ko=%E}6tm6d;9>U(I$HAg)mXSJflABvMoPtHEG
z(UTFH%hAED!W^rWq-A3R#w+Wzi6nz4T~v=`Oen|z#D_~Ortjomj$d;qYcKoJ9;6}n
zG}uO|Bb65a1R1GZf<Kl)bc}y;xnj!mt=6R1!E)l^ax32GU6=5=XSwr6h1q2(<G8%>
zZI%$wS{Yi)2RW;WOsdIJ^j{Z-^LF?U)S3$G?`0<l{WdT~!a>uyDCD0mpL{Xll>_$d
zn9zTCJ1poS>|O2R$jv9Uh4&NVJ`78E&y+XmZU)tgM;rIgmL@F-J!=@3xcu}|{f~Pr
zs}C<5UU9Rr<yNe<{_bKjWII@`;g;K0CXrVaQt2ometP5$fA!p>RHaT=EUWsJ=TjW6
zDe_}Rfd*bB^`%m?VF`pgR~fy=uXWK)Gozx@v*Vc_#Ofh^y3O8@+eqg}>Q5#a2Ro>D
zb46O3nQ({F!?*h32@>=K(RE&eK^PB$?DjLkUD=639=yvn8^<W<uA|6U=Cp3k&msQt
zex+7Xvtev;9I&bqrGNC4{6Fi__^!!rd~EaZOMEFKHQAuafO5u7`an3L>dOq~Im@0r
zHWW*~xPsi*m4taYQcvpw<Q@4Jd7lNy`^D9@;}FoBJPHCLkwP3uiiVs(Xq4baKK$=M
zFZ#a{&0JahFT_Px;aC4#i)jCSMLD`3R20N9gBfM3cX_5R(Kj>jHM8T!;(XFClE09?
zl9oUQ?)p(7c;{vmwn(7~^m5onwMJI6e0k29Do~Dzdr)?}rihL9<+s#>+-Zli8GJr{
z*N0YowB1nr>m_eH`CK$)-^D82X<yMgdX{*NKZkw+ISfeH7Bl!!9Z6UCDIaX3@8w6Q
zAK5m4{yh0jPJrtVtXp1bF<^Xlc?AOWMi6V<Zv3h?6t2$R${$G-K}EA{j-1TSmH+7(
ziC_Mpf~hp7GZ3Vl$JF25=?)w%f+PrQ%JI!95m;-UcO(UJ@cYJq#G_iv?63a7zVaQ=
zV6X$e^c+vCW*)~#Gy?TynRBo*A=!s3VRB{kn$Z0V8($T#`2L?>?*Hvz=WoFCzti=v
zoaFx_ZADMax(9_3?1-X19>U6%-s<}&z3ttSpS6Byz45_w>;CZD#zMZp4R%m|V+pQy
zBVmB3D@lVQeXk6KXR&NIA5|$yviX`3D8y>D>ukk+_6S^RNAM8-2Eqn8ItC(>QsW@s
ziJ6XxMDhv~Iq~K7i4nGgd75yyws|gDi5>?f6RR5kz__Szw@*;AZt1V>y!x$1<%9l_
z_z>|~RoS=NR>+U=lI}IeS=?}OGlrOomK!KVt+VL6D36c9q4#zY<F~%Z2t8b>vv1MJ
z;d{%{zalXQAI_#7Pf4fRQbdEPo`b0Zr29|Aq~+#^S0a0yF~4qND)sw(ml=ZK$bZX1
zkstB@kqdRe^H0r<FrQAOGHnR{``$&&8ZVp{nNS=4&&`ehKatD)XCR;!@qev{OG!L^
zHDb^zt>GLlR=_rS{GSg+55or9|EvWL`#lAnPoyTb;Qzp^ELv%?CPTv<ApQDJ&dz^#
zTYnGH695GeDg1;P9&!X{Xkz>loT!W0laW3I3OeAwKT4sx0klwx2halJL8SX1*uIXJ
zr9VhD0YVVRN|ZhT_gijQ@Kg8uTiO3#`T7(AI$c>J@b-?7uv9!rd)-$Ua^WusA&C4e
zUPfzM<&@tqE|G;(rc=|LO{=ZQrr-d3<Jn5qCrMM!V%Wcenjl=?>4k4!2t`+${<8um
zKa}};TuO!bFrC42mKS1Om%`_XAb%qcjqI!<i&n@>My<wWcck)J?i`~jZvEno(w9%Y
z%IHI+5JW;q#trUCiy>|*7D%01i=J__+IjU)QC}L<j9`KFu)$xxcczxWro~Lh!`Xd%
z9Ysg0RdRIw#h66mzUC|y)L6Y|$%x=PV`(sjEV5m%nf?PC?Y;&dalzPlhEJ;PCSCa%
z*!|{LhUzh^Zj!WMWW5ehQi=U947#ZRI#S@>ZezmsBRGwJBQ=~H;qL?{H7z<~ud2M;
z7TVq^Xb8_~%XZbg<&-oZTd7)3<Ayh4whjs~Q%iVg0#5uv<NX7}uDj3x{pt^_WpyCu
z3%P&e@s2XQJz5gvliFZX8R!bZ?(R#|6tt<bh~Pi4MGC+!@L+6C<&L-*_-Xk4G-?j8
z=cgDZ5L1vr83&X82R7@9X%vJUX_(S($^qve7%%Q#dbGXz%)fs1zZT?Q7V@tx^DiIr
zFQ@viQ|A9*@4cg%>ehYXARtOHf*_rsG^HxNM??ffL;>j#m2Lz?sTvXmDbkC=E2u$0
z=^!0xp#~8F=@1l>fYKoW2}=|5e#>+2+2iiL&o}P=?tRDo&Kbi$6dfb1tTor1^Lgg;
z{K|jj*f_qIuCFP|glp8Sc_m;Ov2Izfmp?82^lW|6v>rJj6QeO0Qt|-8h_*7hSaQKR
z+ve3JY<n4qYcqfQyE*pP9$tlCo~C$ZP`SG7?-{-;B;3q)-3q@u<ARq?Hrjv&j`6;i
z<c&hSz}A7ZR)y}lnr}_0yOhjT+vd@rABN*Ji*RSUm6_CwVO7Qm-k|NaZjA8FJz3EH
z1hyBCBbJ32s%pLz23{$(WtCC|+TJ}BFP~mwn=iP8X)!dO^U@(<hzWDs)|d@2iEDVe
zK38AKI06NasI`Zise+G~{Un^QrbjCKjAw}!Vzvk-9m~9TV(~>sO&Vor&6IxKf-Vc-
zE+dmPf(@YE5*KbB6rQ;&_!Q^fZB8)ThRKKd>$ugj{A_h|rcTaR<Wu^)?V8Y7r041E
zDHpxZ3R-ra5ccbPqdz8HDK+G|*fw?GJkQ-Orx$I7g##TP+F{O3x-YN9zJly78C44J
zRlpYt9KZ^rCVWp+$?vSZO^tR9XL_`RkKQRTnQf%XF@Pn^?l%Ne$CRPb`xw61YYe8c
zVE2LgVT+*9Jk?c2inxQ@RvW{SD)hmwlA$ha?-%Dd`O2RVo<OqI4=PBu-28}R+-a$g
zH%Qdum{b6}Mg|s4k@;@y_WY|qA#=|#z*iV$QbHQctHq&AM*pwgRKHLDRM*?zm;OB<
zzh}trCG&d^`Ms(BjxztHW1}SoiRFzEt{Of)$7}H`g3mHemti`MNv-h9TMS%-vuR+B
z&UCA>J7oan{?GPFw@kEq6eKd8<BF{<EkAz-F*m8SegDXRavlH2cIpGLK=+@tNq==m
z{}Z0n-<oHJaIp3{0m8$|d|)&UunxQ|^YtDFgKv&`(V`s(B1iv(6mn&6gZi0D0bt1)
zEC;*0;+W}f_PLl2u*kR2-NFTeiNIR%?RUA*-2YZxvaL$y!3Mf6fS{#OV!L0+b=SLv
zX6$88WCe;hXexJZDv5>+?zjEw%qmHA-?9GtlIjzduS`9_lxo2|_>KytW6rjwuNq|=
ziGbSZ|4v{s!9HzOz5i8Ir}s5(Ju06$rdyA_0}fc#PSLHSTsgw9JI$r<d-4LvE~m65
zPl4PetItmO6koEqG8xaDn57LabK4l{-!S`XGwx``1~W#yfYpP5LQs4=pA4I6+1J2J
z81QfCy|jHWeLSIYuRmB`bK#^+?2Rzi3#vEm&A#Go5|_6IroLZL=rn{f#|GHamfaK-
z%L@A~$c^%*LQgPjT~u+)du{ntEz?odm4aoSV9_r~PB)%J;gETGFnvV|A#B_p-8_F`
z=?9_F>B-j*!=FGj^sB-DDvY;(^*#jtk!}bu{~5mE(pa9h>IoNX<@s<TuhA+@A$qR}
zzCb`9$4u1}W0n=`zWnpC)Q7bn^G`rb`(OA=6BQ7Di2?DKDSOg2m2dynD`5p84gc$9
zRQWHhNXXB9{~gpk|KlG2e)T;4sqqh8LI^#(E%@(`U=afU&?am;H7C6I4b%Q3|0|4e
zpVS-cMQI&uz1?LsF4fs9eE~iy_Wiuu;$B5A_tt)eMN#MFvI^46lj5=s*Qnb1uQ()A
zUVUquooF#A1d=}+7da3R=L(N0A9ED2Dq<6}mnuUK%<@cV9Vt+1#*!PJ&i4`z&5hKT
z8}-e~9fF=p(!OKctcgAfY^cP|a#W2=5v0>XTqOU5WZtRdh8vnz34EGVpp24~Qaba)
zC2~R|WXeg0KDnq?<GT`zArht>I!gu$B^7bAgqMD9mqPpAUNLbUWoQ+x5F!S?RABE1
zBfYd-Ecv;q?WdnNvqTd^OVrF;<8A+rVQL>_#j|24+vpSY#c=oXv-969d_=rh$D;Q?
zFmL6(5MNii)R4`->NMx%>hL+2J+JX`e(+Gq+x;b<ME(EO#qxjqbH5koe=LyyKY#wU
zi?iP+FaA3;=NAT1H-(KMNHy(tmVGz;{qaWm*!s3b!4;4=r30Ct(XMm?tcdG2?KrkJ
zX@{E=HV$8u^6UFJW^K5(3T}5*N~U!bfs)y9-dWJ-cQ+cPmgnl?TYuW|M|$`ncVDy4
z#J7tT<OmCpH-aR=QtARkm;<xgv9`_WKWb-m++!RsEo-VP-gYj%mV9s#`}*z$>n8!D
z%!4b#g_mBqS%#;hb0jP%rQ|%6B62nEyQ`k{Sj9dr=Y*<8$N7*o6>Ddy)bpCV1NTka
z=Mow)wdeDTfzTe2OF7}!X~w70Ph9xnp;~dsyhE@0fMjGVJxrx*?uajwm#P@rl$jJz
z>6E9MV_vW|mVQc9+rXfMS+|McM4tpj<DVu?MhCqx4A{3KQs8fA0X^}!J}M38BU8Wd
zodZIO)*W6AcqSy0yrS$BviTEcfbiji$NQ^)(eWA+_LmT1Gjm<!?B2I;=e;nw2^6(P
zg-x`DGNiWs@VEW1gAG*F=FqaOqP`kgC3a2-R~_WH6&8vAN^J1C;?QQB)UJ7k{h*Ek
zOCMfg7&P&m?3on>qTkHkoYncX9?Ww0NIx>T97m9`?mAh+rg{FnT2ywiWqJ1Le3J`|
zzD+-+!r8Eh^(O?sh5B7yb8gBzbE#m$dl1&XW)h)BH*f<~y4rLRP~fKQcx7~1`Yh7A
zLMzpNAu+_|<&@YV=b|mJas6{dFCbZPT}1v_Zj5O!RkK~~2a7%K#?TMNq+c@4xNPg<
zO`C69>RrrL-nGg5F59>`RtbYi_}VczGx6q6DbivWTo9!RuoOEjJB8I!{nm+rk8{0v
zzwQq`da^U7T`tmm6`{v4`V-X82YW<sAAx!4>C!1hlw~n&YIb9newMzTP|SYh$NIO2
z-z4#Ci$Zy?33l94@y}=4h5}aarZ)nw%EP$GmOGOPwK)cNyX`{ykkFZnw=%tB?YiBO
z&$TWaEtcPdc0dVGTcB_L3TfcJ`N(GN%#yUCRK4Cc&UZf^O8aTgtY*3)I~f{ekPj&2
zypmmqrF{>47Y_Og!I$+9Yn^7Jb}UFd-Gp&4wE*WHk&Go>bPP%WQwBY**UWmPM&dSC
zHTRKEsKSh?kz#R81+J^_W?p`v8_bo?Z0aL=Xu6n(hNlol0!=qX+@6-4qN|<eQumd;
zX!6d0#X5YaV$*7`YG>8*g3zrX%R@Zsx_J)9to!<&-(r&}%sm$P@=NIhppK}AjcJ3A
zspk|AjGiTp+?@!%-gtU<5qldsYzSix8y=#Je@U<;D(IP)yI-aIwLDhuXlD)Mj>_m8
zT%%_fOOszzc%QdU{2cyHLxDMM$UVYPnSWupdMQRvN5jHhW1!`xfN>0-5u%jwJXqe!
z8u^f7+KJ#rnVO55j8v#d#jX3QR^g#<z8$-}{(SO2-9C)Z+10{|YO7m^uX?k(#BF`i
zJ_xS-^(p}}Wt)C#|Eas_cOnGIhzHCr%4(PHek^%isx#!&jQ>-Af0Np*f$09*=g(Ul
znaW(OyLi*-pokT8$jPr%X4tus^bJLyPkF>V4)|AT*1aC`6zjcd=ID`>;^J>@Z#X?9
zu#BjoVUZ-ONTwY1x$Z5IH}Bqjyk75^@zFV$OIRhvZ_Rx55#Chele2LlaGw|&U+aqO
zl@O;2KD#x#+$WJ+V<A@ZDEhL)OGg_>sN4jIUzqkEwWWAHEeb2ywv95UJooNzcFa@V
ztBZvk-+8Z;)b$Pz)s~SZZ-R=4{7Xew?N+ef0fq$s02CL{SAq(qnoP#FSQaify~!~s
z{V>%)xYi-GXrR+uq^(m4ZJ|6N#3ri*y*MhGWYyo4E*i-BBS~H%RWy03W9Y)qBb`h&
zkVxgqW%r2zl?T*Z#w@f3eA4O&kUK2aw@+DpIhK{aU(M|#QJf1eAr52(7A*0Ceo&F8
zWy<nS;hHa_Z#c#XgbDfUCQ6v_fA=SZ??2{hWWJ4TV&F*qp|Bc`<n>$Gq!#$;B>TXF
zfn06yFNd5dcqA6^Jz`4L>!QAY?HFv~>3My0w=~t{zDnm%ELxg^>50(vv%nL$8ze%M
zZ;3jFD;KgIw(pnv<{!qkBfRbwL9GD7jA@DEDt_1FG?Meh3B8F5+SA7d4V<O-EN#7J
zzN!_UKNVk8QCDABfb!WZL77u_$^OOpQ!~pdNRRhYYG>CLgKqXpYl}P3D#2a^)zlhj
zARnkxveq-(IM(3od35PYNQ{>-+siw>xYzgi(9=yx-wFnbfPk)s%sXQGH)Q!v?S?2q
zVQXWs+Rd(3L5q>^F#a&~ms_Ap?BR35>tlZBZoC>R`R-CI`4De=Ex7p26DP}?zHv`V
z@YabNS;nc9!gjb&*o>v~fR^#Q%n73>>855!jaJ&+l}Q`gWmr*^-b9<&oM}M0@3up~
zYGz6xcQwl-cR_J4N<!5D`KgQv3#0eE<Q@&susTc#!<a-KAXSTGzM^R}USB>OeP#J!
zrf7=zy-6eL?BKUK8iGQYTd5b>`Px?eHKJ`~ex3Jyvv)h+wWIBv(5CVGrUQQ5%yJ1+
z1@)1(dPWK>SU+%o^jDtCb1WN@x34tB_-4)ud)S6w*x)@Wc~q*6L%XsF=k4m<K?q3N
zXwf4%n>K6GtOA3}EO$4axoHrddwYMh5)u|;9b;6w4g9@MKvkt^PfY`>^|-Y~NZ3FG
zYw0f*oHsU7;z%217VAyhJbbps?WUUXH`S^ngjWRm24rcUmhiVWbY;H&krI`TfT&Yl
z^L?+z)Yl!gmVXM@^9|;vc4yw$x3@;z`<y7osI^=E5y}lCEWg>qkv>pC2Q<N<H7eN>
zv<nNlGPmTJ^qLVEH~okFTbG~dXH&KHVugjvFw@P()t{I`Vfpxdo#IxGBU&<LHnKYp
z*m!UOZSxtE2hK>zHnd64%rJZboy9PTAAUhE4(j)}9`x(BO3Un<8B6(N{^^Z_9JedH
zX^x{i2yT<&uoBBlJg`n$et(;q$+v_rt-Q8()0$(%zCK{7Hu0vxD&`75u1wCH|GC_T
z#q@t%YU5zsnK0A{8v{bSozOWYzM-jRBP_QB*GT8V5ErVAaH)PybrYSBP@X$SeN*M>
zGqZkc(<}1mVCeDp9}3}T6qe>Vf!$8*5x?Lh!H&BsQFZH=s~nTErCdw4LZ0e-ct0@a
zPUmp?(a<9y+DyU31*kVKF`Ao&xvf=hCC`uXMnZ3!xT-w<zICbxF^%8Mv9DY*$s-sS
zA&+M63Uc`d==X`$ynP>S0dYyWK14!XW)2a0A1UovB8(|7o`X8yzTaGKW?;%%Z$0c4
zCg^+@Ued!p1zi(vz<vm~fQYecAZGE^Xt^kUfhg}(lGLDY2+9T}A6eaeWZx8l>ws}A
z+ke8-+9Z=LWY6X!)f6j-CVgSn3STkez@>nFK(F<PvQ~KJk=irZdAE`|ii{*vV-0b5
z$FUYZ9YEUIsR<7~8cMY~;=a-J_z&1e&QiK{m>((t7R|W+`s|3x<73I=^Df?lQYQ?i
zlE6mWt)4rhBW?`_F4l{0(q~Ub3}BvVt>wIO25ioaF+4FM*g4ZT4*oVD({+obs2;-N
z4fF|>^}Kkj@ST$Vs|U>6SMHFTtP%t-1DqfqY4gF_mkY}cn!BN|G09%3*O=1pr$9G)
z<cmFUPg$r|*^44E11^b-ecO=lGd;9iSv|f7Lf_Ls93YITg+y@NVrcD8u0O8VuR16j
z8>0D$RY*!4`HV`d44~%IJe#O)g>RguSF>FSomq!_-(KR5D-@P~+8rBd^)aRiL*OFI
zJ|^A|;CWL{(u4D9^gKJ=vVDN@V4nvxt!Z)QwbzOk0Rh^UyZszBN}e}rq!1qCpGgb{
z93%9Ye%MdE-7azJbK2_jAoH1uMH8>DI$ha6ePLPOhjPHgeqI06FW~1t!&raII{n{1
zJOBE=e@WQr^Z0h<I!K$5Io`|cr~*X=rjbh}|4jWHjsb??YD|s+31^V7lZyhy5BOO&
zna5fvL+c7e*F*P*j`+5TQTJyErrmBxEUKok;J*p8CACKerb7)BmqaQf8LX59FtHff
zS-royJG$VzQIK}SV%kyMPTLln;}4I8huyi4+B9)ryN58YS<T+QQ%V?Mas*Qv+FuG#
z@v*@Y<>UasbmvLV?*5?t1hcog87VnBu&@x~wp%o1v167K5U2np(#(s(MlB|l72N}>
zXB-658r~{ASJ1q4kX4&iN4Diqe6dYHMNH5t{wS(swW6>LB@fJa`_a$2hUGXQstGH2
zhklkurx^T4q6hH=TZ%Q(lPL_CngG#qk2Rn$kblpG3P_)wFv(o8Qw`v3Kaw1nk$fJ#
zd4)7~d3iO+Hc;2;!q2&H_e|IAD;<E8dG_%MY&bIF)&!*}bM|Vw>e(%=lTz{DRUS&P
zP&PXQgp{kaQd(5PDsO)J!)`;`Q>k`GWk%xZb~(RpXo^y&_LCCb3awDwt7U`;TG-b~
zvTafkg~(myb91ZNOP=ruzv}v|W~*vYTb$k3F)YUtF}-ioLO1%4u^j6|O5FX6PiJHG
z)S87h6YbN6O=TZzS~Xm->~UI|3!g&CQBq=19>H9$_uc&Vt=<$Be#UyH_uCxK5UXtH
zxpHqZFHDf+9mx~~vM1ff^~3X4(tML>aen2T%`FKZ(gmJ1>Jty;-koSsj+fd06Fiv4
zyRG;Ik8QR%&qv73bKrkyDBVPsYn^S%_%L^vN0C?F&p1)S9Fi6V^6ZKB=WsQ+N1jdF
z_GHlaQGB{fXySI;AKSX~ZSX_m^WU$$rzO0V@2g)Ft>2vdZs1N!1IqJ(oJ*hr9cjY1
z76Z*S(qpAhTs`pWZXb)$!j9Z0kByrmbFpwA(9PkeqDUsrmo&uZb2^-RvOrPm!r91~
z$E+`Mci!v89FUxh9yYD9GZ)w?*3ps)`gzZ9S0a`?6xGD>NM9{9WLA4PSYc@_;^jzt
zIP<PY@U^)U_;4u()QU3HGb>KrZST{EmffrZ&|4Gk26ba|D<1t>3+Wu}agu5H14G(W
zrxUlEYCP~wiIqa7P6No|4FnH^g@lNDDIeQ?uQ0jRz$oa;08jl3$!v3n;wz~IFBcOd
z%!G^Dco@MWU|6^p7G*b{L)V<_HXAn9`4f~KeipJ{>WwXT!x_^;sqUiJYn5m(+rUej
z3wGw8ci|w#nx{pI(%T!NJD5K|0K1$#`xV_UP!Rudu$OZrwf9Ei!eX*+a%>h5D;L{x
zoo;^9viRmpyQpv-XoOGa8QeP-Gs#m@VVA>}U%o&NoOn~*{H4m`@N-*!YkQo{RPNr3
z7AbM^fL3=odo5+=nY&N-THAy0SdKZ4Wk*bHK+g-cUNv7`t=RF&vlNEm#X}$L2eq%h
z=XmkTmgVIo%kU(A`FmfQ;~k<ukPZ;&*t4iBb(G0<Ue8x6nM~D@AkEtPE$^B!8Qxl#
z1(G@J)N(I3q@xUz*o2L_1^0G^8Bv%G`-=$vmD^uCKZ1r&Ul*pwWEb1Dd!;hQfENPt
zPs=Ot={<K{w@T~0I)5bw{}y=uBG$n^3kQ>dvA`^c?qvSv=kgx&a#Qxhb1eE$5-!T^
z)Vpz6>TdLACV8OzoNp+<2j9|k-`%~BXpL<@0RgFx<#$mAo|jxEn)NV`=MH|KgDlZ@
z?c9`x^^K%Q!!6mL#19D(E|FQa#N4R@%Mu1n6x_N}uFvi&*$>`zuMK-J^1iE4x6i#J
zk!JHcl8FmqVj>jIle&I0t{0MzonJOJ9d(Os0o-jVb89oi*1&RxxjWe))G?|rMwCxF
zMsYu+W}hj0^&KP0YlrGyP_X!yFlttZ!qC3ed)Z4`6294l4I_HikFLZFys^h&v-eUQ
z8szWRG`D*xtCs5Nb~Sc8pLe0LSRRxL1>2L!lmyp)?wrZ%s!YB62hWXMn3D83DTh0A
z2>q<$%nAXH-%Q#1g49yVTl!f$=;rnGxX+d2$MtJGjr91%7Cb<PtJU;QfVF3w-IXiD
zdNc2afypiryDX~wy!lA5*+y;J?bNOa>G;07$gc^?{L#`2$=a2{051v3!w?@2R(RYJ
zPP$LR_${zoH0Dp;eZIGiP#Zp1{7%6oD3J5{j~~Iy3n928Oab3E$f#e1BFZrjcv$!Z
zKkR5$M&<Sn?9vi1jn9j3{GxPGPWlVE>^`)6lYhA>Wv!XGXE=AcI_GlTJ06YdOXcck
z6!R5x7lOr216^Tj<x~sf*!EB-t+-7^zYLQm=T)iD<GK19ogP~si1i$B1JtgG*Rq_1
z%^U4^=ktoPEX4ihlC2Wa8oiZn+A(_Nb|?E%9~_G_Yc?`CRRkHT3&Pa(#@*7lq+WCJ
zZJ5Z8ZmfQ+KjUj>`<ctb-}-#Gz}N3rw-nxZu4AR5RyHC|QnR|yqQIzkt|crPrS=9q
z=n!ssWUgp>De`}xJ%HC0=^5FX;|9ACkO|_bzA=&vD!!zJn@#-Ta~*QZ+Ds9rycMpa
z&+RVTax{M6%IMQpp09~5@5ZdNA|k++P<gWC?*#3?kS^!HqCEM3kf8mws=t37Vfp{{
zzU=?e%5VNBot1=TWMH7bu$LeJ!9?i}x!$z=3FFRpEwFAuG9dmZ+BlQJ|Ev<53kCb@
z|0Mp3fc+;TI{zlH53ZJ6Xv)7rd29Js*mFLtOTT&^|84&KW=;P+tNS-=`mY6^|8J{D
z{i9Nm!uOkh-=TcMva5mGrn@@5Z!;WSJl&A~^B%r3<;mOhv*#nuNNrcXDk?uYw(xWi
zbrtGol}<C1%4_?a*JRkR5RL<@Fmntz5z9M_@V{a@!HA;6=-{D(afGa^u>Rr1&$(2L
zJIF8tRg@!9rX~^ZOkmDi&^62^6LjT_TdHh0k-v&I+Dq93jYFBB{I~$^D}O}5dpLNi
z#sQd)fB&YG@*f;D_%7(i0?2g-+0Q(=vV)Uk_JTA?5{ShDlH=)j;=!AN{l1sq<ML}}
z{#ThVR~4sNr74h2#0`{QL;4Vj8OvQX+;<e~pImmzHg4=N@<u$q+#l2o`9ojut>5hK
z78vTP^df&l6aU7t|Et<83fo!C1Fe5TG~}2h3_To?fAt^J$Xw{VqQ6p=q%uk$PQQt|
z&<0xh#Rd;OyaPOTCV65zcc|RDDzu2AX|&gaa8PM_i?O}c%oAhzeD5=HayICHO7l>3
zx(%koyoG}<g&sxhXYz+-U7}hpJ~q@^;qxW%6a30lrwL~1#=^*~bPo^f(Kq_Fsg!Bf
z#0L@Ve-l;>i(UT;N)vJdp5R8g02u0Drz+TG6ZHCc>N8$DbkUM5T;H)CpCyPTeY~Uk
z@v5L?&57e}X5e0Z5!2zxR6x&x;JeGPcq|tqoYHF!T+ajGT~uVY|5N=?4n*CyNB!2s
zmTBsF3zOThn_a@z?PA0Q*6-QzR5);AcU`F*-HUkJ&;xzU6t5oH;R)?<;wL;!YRgNe
zrGISXlyR6A&ybT=IH`>{bz*=(J~%x9(_!1D%aEbqk{DVPEt+pLWizoh!Sb%fON)1;
z@N)m_=A=7GrTeYjgJsOvyg9NVd$;mha%jh>DtNdcdVl~*-S$>O!)!X|_+`@<KvB?G
z8Q-9#!!Bl$C!Bnfop?pHHbuY56@HPZIl~T?djHMS6~R<SUEHhHH>bmy?=f5qJ*q;_
zEF{J76jkeSrNrEsPjX*sXAY;IAJMJ9Og=L+K7Qqqf0rH&0gloKhCAR#zY7{@h3-`v
z3IGA5p#*&tj%p5Mb!nx@#+H7tPz=0b?kV~HgOs(5vb4{5{uRk<EI;i{1c1eP9H65{
z-j4&{k1++>g^e}jp<F7az<NL>RwcBU5xI29zo2bG+4|cD@v}&CzM#i;Dh-`|O>*32
zNsXJG5779(Qd{Yt;h4WAH2=2~uK$qv{Ff51|M>9#$<Of0^=D*1;|>g%H}&|ro3}KM
z?zqZz5L(w?j2*Ie_RX&bJ#K{V2s`Y9-cT4R1;Mxsu3)Mu%?n5%<p_kdPz7T&l$1Y9
ze#V=x%RIiV_xx=xGy_ANsZ5km1XjVlBb@?$tnWt#9k{!??eE1@iv4`kP&82FHdtJA
zsYt@t@kL}2r|KmL<TiVF%31^cEU?>+r3B&Dr6{YHsfF>CZ7={s>Upv8j8weixG<tl
zkK%}R7!W89I4LblzT;|pdK-)VV^Z!<$o_8TXACEb1N_eN21-D@emDtpFf4;qQC=b*
z(&aLiH~OtM-uam_-;EjpS%Yc;MO9X*lN~~pdf;-jVvZW}?p0xkOIU(2+4RAta<B>q
z5KGEUx!9IHz0UlcSxK7FddAxxpj6P1S}e)eD9xG*k!Mafh2n?!FdYN;CZZ^U)}K&%
z^Kd?tQvGN}i%F?-!XGHL!mOmlR<ldzYE&}g;y!$Ex{|uz@fN1ztRXKNv<NjG;sh|X
zSg@_5LlvFRiuu0hMi|1Qg{b8p)2BXWR9&WYkGxOq-r|)w&Lw@`?7cT6dIYrfxRtVx
z364@Qd+*~mshie5Xpu=nVM18Mj$KM{#WVG-^TYjj=C%g;hS^lFMXR2?rTk5Nks&rs
z4?*crF^nVVfJbfI)JqTNE5#V@<3TyDg65Q+HQm=^Z+j!yKRs7e>{h5f$j7@&xTt)4
z3bF(z&Iim0cDI42_egEPlpNX_APitTs>4Q|KW*OHapkhfxzuuBwAp+^K!3^6MFFaq
zdSLKWSmj7SY*zY;1mx3(T-vwn2*X)(@j=Had_j7IdF6)yK&5i6p`4)&M!CQiDDhi7
zvUD!09?jn{#z>WgI61w+N~O2>K~Km$=tXl#twwM#xkTwY02hs)GS`!2LB_;jNU#i(
zdY?7F0KR#<?1gi=(=vHj_0JsaoC2a|GVw)<5JL=j^~)F^gamU0N4fMTL<Bj<tM5y$
z6i0^4@ouiY!cFct?uh>3htGNa{%u)?nkrtxQAqNbQAoS6#x`h<X{bT~>kXW~r3_z+
zL1FKl07@UQBB?yqt+^?oWYJd#<9E}K<};AM`+9ysBKMt@{^+@{ZUU0ZSGoqqKd&(r
zkdDFjp8EZcf~hoyzmDDWdSrpG(|IF-VXzWX3E#2=JJFkTC0!gdKJtMMb}EP5&}#+A
z2{Mji&G#~xvM4*M7XFtfsDQqPA&z8;>`php7hjh??RwGp<J#uPhZW7UYtRkXvmV7i
zMwwjpbT%LZe9XvR=AfM)b)Nin3@d`V9ufHZvqh<y2M|*2Hgm&3I#%LrVfL$#_1^Rs
zW&;t<bg-B6VGLWfxfj>8$xKBCf5dcjxJiyO4`Vv4;n(1>uy`7eO6NU9LIr6|LwK-1
zLR)F}54?GSwykA_voxjZ{k@a9(EPf&>HByr<q`~#$y!&CLWO}w=N8>*VJe8pTI}Jl
zQise%>rZcD&HlhEz4rD_R7`ukU+DTfAssnWCeJ)jPEJXhqnKi&m?x-(aXXuWVOiE9
z?_0*}a()C<Rxny`GEXr2UVDYkh#cqXCS5T-qcDL%x;h)}m4kKzmC3Wb6uG!sxWG-P
z!pPtk?D@l$B;5V`IpwOJ@mjo9gf*G-S8wqNNyKV^vO=P+^avD;63XCR?3@*)!n)xH
z0E7eJYFH^4rxcuItss1B#P7n&mQMW#+gd;I&IkQz?;P(o9)@UPuEPk>-j{0NtV+Zn
zq5D>t>QuX8B9;fZGw3IGrg_{u$6{nb;SGrM^g7+$`!Pd?|43`iL~Gal?piSYT-dL<
z)In(`H$)q%Vy-bbDQ!=bP$op&y2X1;Z6OT#8I6zgtI+!K7OLuPpW<aJo`8J}C&puI
zf60>~0|0FVtpa#VY)<G0_l=CsPv&o2J`-ANzI2IY2OYmI`rt##*DTle)90<vrk~k6
zL)~5fLBWtP>y9K$r0#A~nfjlQcsI2=x_`<mjk>PZG1CFU#eU%!%>Y@;QmInSS(f+j
zIquFQB46?XY4a-FKy0^!$Z&A^-HyBc!MU@u1nF(xBNtwIr0>6mYLL(McM&^O_ah3N
z;NUj@^cCh-CH<%(?mLe>&Zgx$mFo-;?#t5~r!fFCjwCS}3&vEW>dZxj39sL?%|GX4
zfGE?*2*wRcat7!Ue+oTG7@v%9(L(00NQl%}I4=ilTNA!UE{7jH=2v!pv|aAi_gv^F
zD4>Aoz#c(^#7l~0Wg_|@#Xm##9XW+BECgww*{LIywDDT8K+;#(_DIy&Lj)T`VXp}n
z00ZPOYe~ciSP!<!wW5lc65V$6?eIpWI!@T>^U4t?2ZHIr7kTyfV-uew+($1(FTSlD
z4M@h+!@59Aa8iB7yoz|(j4@^N(aykG9_4<=mp5ptL#IL#g;Q0J^NM0mzc)&D2z05$
zrvN8o+u;we94alrl?+FUXc&5Mydv+u_#MKQ-#Pa8$pr1swOd*ywrtOTdVFGoQ7%D&
z6Il=8#6oz@RctqwWv^*sW?kjYO19@#$(LopsuHyh*^#Sl_NI0=F{U;T?&Qy|ZY3~z
zP6Ni}V9>AvUQ<Q3O~4L@7*INIUZ=vdyp|*7to@|$nNa)Q?5@wlCG_BJ$im(Z{S>&_
zoB^pv(=Sg`dt<>K`@~R>NN?Bu;X)vupr@A;^7fCGB8b}g$g4`+`6!dole_PPAq=qa
z5_N6^+Krv=nxE`mU7FY3O)->pF<{`WRKqn1U3XZY?>lpU*-Wn3n|RlhA&vz5C!NPU
z>GBNInq-X$lqgm8gr6+8o$dBHdm*+%Icuql`iHd*8o_*BtA9T95r+62Q3qQ;NmoQ&
zoKVNItb+Ke413C_@kNUh8VNUEI&2k06lXSAn5U@<k67EHl9E&a#oitS5BM~fal`^_
z_2SwLrPpqRaSNqIj-lEoZ3aEd{5fe-`#5hl-RxPMZfBO>(-dyXv5wSzEIUw!pgRpu
zg>~X0XT<<fO2v8XJZ4?^9!iO{L<(_KZ`SIZUE%Kkctd;cCXU_W+5U4EIl94#W&@kr
z?!vq^T?bDHY_9<ulI@p5z?m#+qA_~HQA4zFoT0lbsKOjeuc?PWI-DQ9uXU657M$ES
znA0MQ41p~08nv;VDx#?U4j#kTD4Wr*s0lauKKmR!e&Erv*cF1gh~5w_W>)%!9oc9r
zR^Ct+{M}|iiZ(Tj^TSPjfF^=2+k&NGWO^?TtSceqka1YO2s)p(Cnh+?miZnJ(<vL;
z7#|$VN+ceJE@j4p*zT!0GobYqdgz`~Wv``8$Gyq!_X~~8(H2U<UD+&o;e}J-H*Ax(
zj-8JAaN;u*(Gqd?uPc=QR?Pbw!|X3n<@*P{Ms$+>q6&leKJ%v4UMJ|PxAnmA+h5d%
zXI=Ocl8B%f2Ta4~7x9nVB!N<5L(C3Tz|}>xxiqfAe{Fr!OS;C~pjJ($<>N<luXIgC
ztAXqt&~o7|yb~G)uQi$L2{;JAE>d=rD^WUvj|y7fX8K$caXEiPyxOUBFIxjq)6Obw
zR3#*gH@VNw&q8MEgHt^WbrdM1R(8)FW>|tdjv19BLEn?~inw=k{z^Ks^!}crg;?j8
za@T>z?$qv1lSDI4Xm%rFI){0nj;@04o#W4^HgwHB(mj+wE|T{3s}tVX*g2`_`jEZ6
zXKbX5gDtUJ5R$4*Zp+JipvG_{8L0HW6dF^vylYuCp&sG%WnJY~z%|G94N|Z?^?f2|
zb#*#OBH=;dDBjEizH~YC(462rbuk(=xxd-lP21hKLLigBZTu8H8RhRN+0dA6cFfb?
z79VfVD%2Bk-2?(2Van;EC=Jm3M-<$oNthUSN<|7;$$!54UUaqF=P!!8+Xd!|?L$&e
zK6D99J(A?=OujQW9Ys?GkaXeYwi7h~lJuJL1(&$<uEn%W64%sB_hfXO%kT=9KABp&
zB|9cWI&XO|njhr6s_iABMNnt=icv6XsRQN1Ea=?M6ODhCyNU>CN}O^Y%rKP?=aP)H
z><>KkF|A5;@POnED?$TJ8*r!JW}FJx&#<F}WX;15{UERC-LIzhAy3&|QB*tMuc+$h
z<w|X;7fK{%fB$fT^*u;5#!Z=$wAR=uKX<`-cc4Yom$)uy-K;ekXc`<CD)VvXY(RL0
zbh=$<5#(sQIHa#q4tNG`m-2h*ZKqJaSTZyYeK73CZjYc%PU$nL#^(B(<|hla>C-)`
zGiD#n72S?IJb(TYxq9IQYadz=-HAPjKFIt8&cR|5oPC)IqYlNZ=eTlNx7B2akuvcU
z+BYKE>gQ--Po)~7O|wLvpU;;q{gqrD+@oN~S?kwHm}K4E$Xh$mcsH)PqfUm6lc6Uj
zs-Rjvr^+G^3Zs66)TY%alOi=M43gs^RLl%W9bTnin4F>{B~fFbi%6a4QR&+C!xVPy
z72hx1d+BvHai-ksagKaojC3d-xrhK_tZ3kIC{G3i4kd$in7;Adr~E7n6lNFfK<`@X
zYldJGMIyQsr84a2UQ<nBmLwHBcZhihVKln*qsN}dD!NF7dbL11!1&@nw|1QvAY9Sv
zNs%+k{vp<waCuxq{CvN3)IfPpSG%b=cUZ5u!uo|1``R)J2ur$G%afAITc0L9v0!g)
z;f*6lYOq}8wP(3{1_C(+=?Rxx>jDS<-)dsQKyR;vB;ZXfg>!+%%PQwzkrn>fRQ4BP
zUfXJvw3Lc_qCWB>jqM`t3(<XQDHpnL4~$#HEI0%c(A@8gOF(dchabIZcRKFa7;1Vg
zm@SU46J9%G&W}H3uE+Isf!bG&nC4&}oTJ##4vwfOGI<$#pHRYk1tnQomk%ndRPu(~
zW`6SuU$|_3%<(;2Mq-BBFbI<b_nBI`H7!a5tps>MnZdgmQc6~t(tvS^II`0|_HuJQ
zv#(io=7YyHcTqZXYvN1&hYDQta^&6BzsC3JZ{AV=+_nB|yiM&{sa>>}6s@)O{Jvl^
z?y$quh2kbXnLwGZy}4%gi#p5C*~Q<Bec~7dU%oTXS)o56UMW0;+IVGIs=9TaccyJ!
z6E|kx>W}#Em4K|k^Gx_#+(W*r@*lIRA(*DgN$x@_8w}qj3{+9&@G#0%D8b!g_`BZ0
zvLI*GVTaCn)IHBCsez`(>-cY-3#`e!f^r!@(<t-pPMA&*9>o+Jncw=p$2X{_&9ZWp
zU)icu%;V)kHiYmOg^|A`>iw_or7|+O5;#`(dZPTUOl<eFvbBP=>;p2N&JFP$>C6)3
zYD|7cP+Laazj6kK1;>~SGS5m7Km7iL>|TZa-T%-Jet+cmxcrZ)@q04-UL=3pCw@<c
z-;?3L>|~I*LKg#VW^vVmosRma{Yot>%!4tq`GKL*`ygAorV;{Ln&Vu2)W+=$x5|Hq
z5wcKW>tE>FjC(*Ub?e)Fdjnxif;Sz1;Heb#a83O-<ha%6AGx~=>x;9Eh-f&)1jCDL
z%9{l<>YjSd%X$InJSxHCV{N(p$4g%AvaEi0iieQV?93qv-o582xxEyU_;GRFg9nh0
zAFH~!X$yT(jQ!?5$(q~O&Kkd7^xp`E_umOJ`1@Y}KUS?O2f#y-jx&=}Zr*CDpJq=<
zd4T438Sthe=O;kJ%>#o`cl}AqWw{bgpZi&1&8L0WU)d202^NvUwx2kr=lF5{h)4`8
z$_d2yH{fB>ZP3YrV>Xr(4EyVaU#hg*c`fDN(fenB*z$X@7=4@9z>HDdc#!LbF8h&9
zn~x1G)r}Sj;gi}Qbot6u54<-h-M&k+1PiS87%v!D+uy&ggjNW%TO{vxTUx{5-ELCj
zbqPz^D;pPU@oX_3yl-f?PJfJr)MOyeVLCM7#B?`Suy$e(WRa~IYLhK4vphhQM)Vh4
zjD|C<rIxZrBa=Lk_5nFZ4(9XV?*0kMf8+Xq<&0rTUK`t9F^;&PGQCLi1xO_*?U8ju
zY1B1p=0k;!(q)hc|6O1LUcGSk=(%*$>=XS`s4^+<srJ(A4+U1h1{xMnjBOtRPBNOn
zM$eqfSUKt{>AUI*T4=KD61H?2FLW%mH`DaYf`Ym~NvO#0b(SQ|<_h8@a~w>=9Wjyc
zD(JeSU?*sEP*F&7J!{2=OM$t*i-E0$txb^c2L?1+EcS(LIX9ZQNB4g{Ba=*^!XCjW
zL8fb?RI7PREJGmTI@P8<5NHZ&_=GYh<9I5td8_PG$JMPLzcfjD_9P%({Ys<1yiP83
zxI|$)fO*Io9HcBaG+2VI!o=x|lbT@(x&g^85&6waZOWALSINCyUJA{DQZBP)eKIw=
zYVtzkIdZ@qo*Q6^8Hyp+{|s0+qHGee9j(ZAOs&#piWjBq@`{@__0Xg0rF$<1$}=pK
zx>k7ZY`vG+%JE2k77{$jb(v#%M}Sheeh}<y9AxkT3Se;ybBLiu!X_fXUL0|z4{XC6
z_63I;bxgK$FCkF0_Kt~qy8h`6Q|t1oKlZZ)vq7(d_Z<Y@gG1Y4@NcUitHXViZ*-@s
z$(CcfGpn;=RQ6aJx~f3!DA%{HcTbYuuUycByf=~rE5MhcXzc*vF8#s)<qljt%#V4}
zc?#??nv>GPaD;;aZw<F$^u)@B&0EK+8nVB~0|93za9-wcVyno+V<ctLIfa&M#Zplh
zI)4Pa))(~I_||bQTAtzP*FQ!v(+{^M1D-vsZvxdrFib8-iV972ucR*E5om9#;b+r%
zFD8kI11`x;R1g#BvKBTv5B+W^oNUab{=xUQm(`y&MlK%mb0VIx39x`eqs<(Ii^F}O
zP=-OvDDxyruZ{Yss*AL4k2e&z)U%i%*v$xL$PY-#H($THaL(F+JD%Q8&gxM)1P*C%
zd02A~VFF8<;|4;8H|vxx{JbL2`uv3I;75!khjc1L`r#STG5c>llMHbMx?zDeQnQVH
z@0A8D_VnO&Ox)2~HVkmyo~O3z*=xrK91R)Gsi$8mY^p?KYfYojIw;Ojv`m<aYYo*j
zawkcr&O-b``-Vl4t>)VP4twjevP6NW<4+^sN<u<v?Z0`)fhChQ&;z7vZXZK*-lPV2
zQH%&1_OFnnl*c3?11pwk^}9#T?An_tw+-=|<lf02Qnvp#ojCtpjhNLl0GkKjFZKYi
z-L)P>;7F=<Ho#bFofh)aoV+Ye4KV&t-zTUrwQ!lk>TkHLzqknU`?~+bDJcO%x%+wn
z&VwNqfSZ*S4u+h$M)7|*-yvHVDyyGk8*4kfnDJ35+NHY!#9<`SPgW8x{77MPPJ-38
zZb~IXAc|%(W+(#0{HRs3p8cwUfFi5fWi!s>k{s>MK9lgcl}v5&7k%2t?s)Y9$LLcs
zhGLD0&z@|b1LUy1D#BqwAG3F(864#|?*&z*WY3ZngkS2Q)7~D6crv*N>oBlqa!%8a
z08&<fCr6h`6h=ZlVxPe1_ew#x)lXgWXRy+4;ptl=zE2OUC~;(;(R(rVt*v42A!s%}
zM6l@rJASW=&{KxG6kLKJIWtQlf#adRj=zlwW&E+lqn8?YSklciBPuR!$4%~5XhuV}
z0s!@GVr47}T&QdT6s?5Xb;DUWFY5eQU6PF}?gUTI+S`>-yDR%KEmv>UUp%SJ{yf<s
z<KG_Xz!dXWT`NdyEq30DeX1g>5_PdA=OR^gnk_omVcVd_@|4gvtS^f_M>@f$YFn}p
z-H)rrtb-tKHuJj4HX+neipm3=Z$M<INZHS<*hBf1GfPeN@zu|(%@+qaE9U$2!b=c}
zueGWttI-_@%0)yn7SuB*zDl6Gq9?On^43#nQLn{CJ0v(MV=?!kT<!hxYJJBPMb5}!
zS=?M|*S_M%Odwk-zzNve9ueHgY?y}zLGq=+eA1!b?rfgQPQ<!<p&MSh{^fmSYlsi3
zTi>koc<HTMrGAh|RcIl&T0i5s)e%CN4pD|t8N#7MHlH|mcv*{JOW#j-lzHcDPq-KD
zQ+V6dIQqNLrlAJ23wMNp0QWm_h9vN#5b*OiJObF0f_q~%3<Buq$9d}L7Nr8QYwMDY
zw-SmD?Iad{L|>0eZeSkb-b-U1Lw`n4ED&NS9RQIFJrXu#*EUjEGurmW&vUUri(+wd
z+h00aW=2E}HK>-z{d^xwC#K_Oon8`>$<qrw3=dV$60}FN56foT>-dUSC~}=PEJ#Ow
z#u4NHgls*AP4_bUXlbDTRIxqWH)X2%%3cYa__S%UeWn?N1i4Y64@jTv?k8HZKV^gr
z|M2{<@j;PValwPg*FtV{10$5`GOWRSZQYZyNW}CEMS&5m*6I=F(3<ziBDKKncnsKz
zw62XmX!0b4M)|D9!S{o6NYRJ;!rTe8539Wec!55c2+9M9CL*S`X-<=EI_4w;e_~j^
z>*$VwUI$aWaoi*A<=5!76+5yQ=Jc~^W3#zapUb4-+L(@$`pEf83Gi(U<6w25Yb9qE
zu`r=-=#g(|Ntm???+mh!KOr!;SG>#BnLV0d){YjGcYWBW2ts4llIYURnK_CHRvcwZ
zF$F8|j||!Oat#F;XQ=0xGQ+{hl%vi*_SyP1^1V5Yi$T7pMa~Hyw-Zi^#|_km!YCI(
zCPCKv70|Aj%aO`Od$5-q8y)-y`WQ+z!qCsTtKo7*&YQV9=JR3S%k6{87rOksFsR|R
z8}JD|@sE(X10d374t?TJNVO#Pr{P575W$;<qJ*vsgEJ(M0Ut#L<W2z@7N3|$dMlhA
z-S9H?TDPsj7n<>C`>BDJ{cQeM!B$oRWpmAls@ugpq&wMW&`+vEJle%^PIjfPVhNgs
z=v>(ce;5vZi^xS4^@gW-!|rSIhb7P?fftxx)6fSlL8cHII`6AQ`;q$UhSo)|)Ld4(
zbPnddZTJaoZ_{F0gKd2t581*1`dXxl3~~w}!-IRQTy8_Z+tGG<v?8dvN7SocEj;zY
ztEOnr+h$8n>ISy%Aa^UO4lNCUaFt992LtY|K6w}%(TWUYnR8j5+<2N|;R{J`efiqe
zBN@~A#;GhE%bS39Gff>xqlaNS)HEt%=QvTi`Zn`i<)N0Xu~y7abyeHP<E=-up52uW
zOk{n2l#SL$ZiWK#a8MB!Or0ZNVLJ5Z0n@UZT%<oCyuQBPB|c8CtaJ_3Y#XBUtyc=a
zC5@Qp-4cs_^0p5w^BVeM>)`7%`6%Ut4oxtXwc0-eoaIrYix`L-DlMHIxYdGFSYx{F
zwIQ;$*72u%T)_v502^PhB*a?~GN(uOeu!2N^F+adW+lgit)R<t4)x;_gPq6|h6v4B
zN2!C0(gi#-)q~xr&JvWu9vDPGT*rQW(Lz84v~qxUVd4pGDf^}|oq^s|zJANPG1|V;
zK#i6PS?_DCr)^ULr5{}+M&!`dXBYug%vyc~tk(htnPOZV&u_D<qCCo|&p~p<9Hj<4
z&-C4wDqd}GaOec<_9T;gY3~_I5X`&e#233)4UT>WR`J<;>zVnb7hY|!mzS291c<ty
zJgoP;i2iX}nsk=gY|J^+S%ohZ3w%&ga;k*m3_D5%Jbx@P@mN0iHSmZe>y-d{r8UHw
zMz>r?R;<|9fT=3sXv3_F^#>8nZKZ;AwN$kS-N}Hy{TJK+33JZ>```Z;D4TyJZu|GO
z_#s!}hk?lcPBg3yq`=3meP7p{wP-GVe2DKrzV+Z*#J)(YkqY|{IEoA6u^I~8wj<9m
zKM`76d#AlJIzkCIFQ~n<Bqv-tz`>1Tuui4k(R~2T0<q8Z2vb@M6|sJh?h*E8)^nmw
z6R5X@brtJn`so?H?d;+dBl7gz2(a;j3NO9_FB*=zPaR4EcMKw8#sb9aB(_{F4b$r+
zgv9++jt(ywGR(=ZnVHGboLIwaTO7U7!|yMhk>OSYF53-2d8i#jF~L313{j|8c(LEr
z1XxuX|Jw60mPvn#<76y-g1dvx=IGBbN?_%B6w!~B92?hmG;DuZ(0#0!YuKGD0p&=|
z1aF_?ZyT^|?bUjxLxq316Rt+_o`JQh+Y{{>{F5}{6edpzb+R*sU_rY}wNJjq5Dz8)
zp$-)bv$-;sv{zpvmeyzJeEagbG$Y+3vKP#*dwAU31JBTrvFP3e`aP5kWi|(n4-jRX
zqzJs|8`n3Mi{8w#Y^3s}B`ic*yn(-q;}fqg6S{qd_yAh4RJrKQ<a|xnK=<J&mMIU@
zP}ld8F+Mz^T{tlYZ^cx<a#kM0D%Poak`x|!p@ty5kZ$?<QR3;ZPxxZb^E{=`Fb_%Y
zm7o>FxR?iCxzAU|G&mLh!m+sc<oAfYiQCA!cl2o}tGRxv_O<?J%%MZX4<Q%lPJzDX
z%h3WqY`{G93wYxu=q?2RjtVQoZSN)Xco@!!suiul#dBxVepLUidUkTYy0!G|rSh9U
zrfLL^J0xB?Y9B1L|5x`M%qeF|0QB^q5U@bw$p*YrX-BX#&eR1QVHi<swYo07oHMt3
zXI6fr=?2?*ubM{Vy+t3E&(Ue^aF?RW#T43S;28ZVx(88HUqyAN>FyONG32O=9ex2N
z(-kkMg7gbkf=^y>e{yO6*y$DI3%hnXxxMt5oi<&I$%zE%AlX#YE-0W?(*cucIkB9J
zItvUG`sx}a4K(pJX}${elWs^iX?~8+oV=lFAlmOA_?}}W0uAPJ9ktk6doYIkfTE!R
zz@-*HGENxN38!Az=(k|bjC<pl9~*v9*(8u!PY<_u`$h{9ITx6qx>iRyK_wc^y~I?7
zi?p2%!_eMj4;oxpCG*rbZcO}4kZ(RiX&BI`uIG(1Z#z?v30V^Zy-`Ite9IkB@Vz2Q
zs?2!nZrm#%le&_1>V!ju@*{uQAjk>M5r0XDwgJZl$X;?@JVSFYvyJoS9OZ81x+xXg
zJ13|gF|P#rqytE@j{a%lCMytXL+7c;yL@ze<MyF%r-cf<@HAgqX+hv4N!UAedy?RK
zG+lQEOSu)gZb>mEdv_ot!bTQ}S}6>(HW6yp!@Bj0vyPoGWNqpqYv7}cOJ76r6o~7H
z-Gv=69_pT7>@}xu(<JKw?@}ip%;8{_xCRkStOi%DqtaS1SIpbUSzm#tPfE;B$jNs>
zzM2sqpmA3akHJ&W6)QjsZUV5=p}^|=n*?gcylgAo45jsHL*F%c{)KTjUpS$ZaO~Z?
zGf|7t`n6B+N6)@L`}MguJb#X21|@_d_Np<&XLI|R(qSbgIo)kipN`P2gU?`*?;=g>
z)9>U*tE$VMg+K%)A*W8TF3T(Q;R2A)6hS;RCh3T=RFAqF+oZU-P^lD;;hh6guQ*y!
zAZ=`a-su3~IK0axJ!IwHl*AlW9W)CV{=gWc;CgXlpD`VyhEhPd9JmF^J&*)+v!9?v
z{Os-)m<BI`dH@AnuCteOxVt`bHM1oWC$pHnTB_z?R++*aAFfST_ock)me16_LJQ!0
z$ua&1Q*NTAnKreDH9XE7!%>3#8;Ak17(NY^XgL?a1_^ttZ~PjfVWxhYT1$1rIc!L$
zo{c<XWa8}~SoZ*a_e5m}4p6XX@F~wR4}??PE%r)qo^vqNSr8?bfZ{5fmW#hW5gamh
zohs1U-N~!ePH4OCyO89OgbP_!JIwpUf2R`ARhz#BtA#NRLrHTfwH->}5@L0vOtkVl
z$L$S#d9-^XX*KD??fXRrMXWUW_)fs(*HJn6k4&#orN?r(jZEAL46$GInKHPrGiTx9
z9_gk5@r1{UYYyo_FT`F(^vO|kp_5GtKR^I<Bv{q!(9#DJQ+7?<-Yb3hd}X|wGI+0R
z+oZ~bd*cJWQ4Fp7G|?1(<dGjYyjq^0bib9_bL%KPM|s0E)5x2aGBruW*Ma+wJ(zh$
zGhlR0;7E_#i3v0tBa9L~Tj!aF)SA0#$+t4gwcMBTfGvLFQ1jFCOB+uNX=mD5H{mm&
zHFPm-4U~vw4r2D_w2y?PTcr?co4jdnC)l%>j>$B{nJ@fMjmVcpt<Op93)Y!m&1T-m
z5E~H`bE~LqEymFd8gkU{`(Bt6a}=$HYo@mQ*_k4r$+Xs~EFAeLwRij?JJEyX0XzCJ
z<JaNMhXLk|kq+Qfi{p^cLyTi}leGhSZa@Ut@5bUfp&%=r>*=tv6nEm>UCxBj#-Eot
z=Dypv!zsvoFmQEnqW2$_N!B3st?3&Tv$#RQ=O#9$TLHQmv@yH1Y5UH4$i6TkO9fb_
z)#4dg#rQUy!QaK?bj$~TR~N-fny@+$R!BDOR*4f#Uv}fBU}D#^od?j=!+Ixgmw&}S
zd{VRS1)(GjY6lPmnFql-2G=T+^DCv0R`e$%`c=6PxH`+eKOKdW1X8TF-EqBy9~M|0
z)DukI4Kqg8?BS%Y(0-cBPrufIH9=M9E}5R9>)ho+Du+lhgnNk()RG%>p&wv?6qLb#
zmzMu;$$lAD+>jsrDN95m0TzWiy}z6z>U)kTq9*JP*;jE|O3>_0__OPcU7OD)!*5+<
zNdXNch~*fV{#Cj%SkO0AWt^d$&ucPGKq-*kZ3dNotB+rBy2M%1_w_@$=+iH$;*NL6
zczaN=e-BSji~of9A?N~SnD0EYAWal}54p?%^s&7vkWP<1YA6(T$x;)>7dC2?WjQ)`
z`Pr*FM~7kw_mZls#4Y|$9E<jAUns^*P=(QgIXKG#q`gK@A-KNpsgOBh!CB1bNcaM%
zS<+2vwK9i4OW*MuiQl}M%37P2dfTjW6gK7DjuA2xVSXeWO`*>Bil}r4Jf0Z&qFG$&
zYsWi9_>%8p_DQ}+>~hh`gGmQ@D=xe&RK#e45@=W^=Q}zZ^W&`G2tzH9uEw}P+3Zq*
zI{DhU36JKr=GZjVRM(s3C#aerzx98`@8`Qb_=QE9mFCUh&0=yk<bf~V1>^CJI$jZv
zQXu<rT=o;}&OX+-Ju$d`MVjv%*mF>oim`4#Z2ao;<toTeGVWyCN$_{hVSK@c1!8@Z
zDn-PsVamebpsp19;K1ICd01Q%^Lh4@^c6#ow4D16(&kc<=KSw-@uA^-I%!5G0pr<>
zP;f1(1w#Q#%#EQWH|5sMgBqKBs7voMK{fOjpxxZO_o*A^(#7Fl+ojX~pZ31|9m+QR
zdnBZZiIOcQds&~yn!?mWh9p`LV#+R|WbK(|L|H~CLLn;BVwtRy<uS%sN=gVBWfqie
zau3BFGt+zZ7kqztkK=vc<9L5DKR6t>x$g5kuXFjFpHIpg%ZF0r8${^D5~D~c3HIs4
zl;KEd$7;tYUzw*zV=8N#+sMGzABVoF=qso=yz|oAohQ1{>*L{5cdTmbxiYWv63-F6
zjFwnKRY5H+h00;xAq>xoyiTm_-nS-yvk)ShC4glR*s?^tcg=NZZPk|-*zmF!;7mEU
z_5~ajLK3%*_Df%Bux{{Fn9iH_F9n%j(l6oQq&A#yh1^i&YqkW!Pd2c9;W0(e?7`J$
z-}YCzpy~UG@j$ygiM28kYm;)&AsanjFkgOb^)~zld;>>V<9WP<F9oz5>Um+Dj~G;&
z^?CD~!J3mg^$qRA;f=^)(+>^vbs%*x>>(Z5diuFY*)?YS2%G`_xL8o!X0)MB7zZJy
zG=+ey^}*0>kZ_9WgaS3abAD3UNUxNWgEi2gxX1ZVQX`&;b`x2Tm`H*VAQ!%E<-?|4
zw=o|ksPIpG%=sL$&RwV632XYQbKf)H($k`|Zcj{RU%_hxpZ-jc+a^CnPQ}z?uScWP
zCp8;+sa+}>_DzjE@y3fq=RcC=5IJtYTyMMZcAorlG|7Psz^SaM)BtckI{a(8M}H%_
zN<LnmjZt<Ddrb^!z6b2)iMdoW#bWUnn_s+q<;i&P%0tvJNsnhFlw1N%D4QzWdLDc(
z!MLexh6ks&%SDEHL3R5umyax)^?Lki&R1fH-RN-9YcIYo=gYm57CH83cljwNh}-kP
z!D~<#$-GM8)<SSI4uGw+_Ji?5Q!JOo36A6sq(J%Tf98y*r0-s#Q(2Ro#gy3EjK!h9
zG9SEDal0hviNHKMs>gF$Re^m#e_}Iu$H{5Y#PNS=B}P2^YUtFIM^X?^HSb}Ve9v6;
zzxSs8D~P(>us_^<CJu44EKjr`z#VfDe7|EvR*^4KP)pF7E76BXc=R4$8QA1esLb3j
ztUcU?WD8Iy{xdng6!&k`Sw)Lp&C6-Re;#j3{q@OJf^pYl<rn!AUm6@AkZY%%rUvSj
zej-l=WpGei_-A=HRHb;|l1+)K-5h6YwdR)kCa2U)tvh-5BQ(ziSXsC1?3mPBV8Z+5
zImArDUg1Y{9d)sh%~T8{qT2L$3tjR!D1Uz4fJXWFw64({kYwI*u;IMQKl@GX-jUm<
zjbBR4o5}INf(O&lkS%(A4fq;FWuv-LsSKlZZOX^CYyNEN_V|b;&k`QqHd5b0-f%&~
z;=%4J121F$OQ@19TMy}QOJPGJt~imEO@xjw-9T?5Y+eY5dR)+9mtotZJh?AFvhX@j
zG$dM^H;&z?Yq|dz_jlGwi#vBK)o+We*PkW#x+F7<xJbyOds39Q6BF_QA6oWhw(y33
z<>AXnJNU=B8VBn%ajG;yi_nRIjteAMDb-c+I;(VVBgUrQV>#cB!)b(l#IB*0Qx0oo
zeU;iwgK0N0SBb6h*E-AyBqHs<Qc6MkA8&w;VI<(;o-rptwTW$Qg}zeowZDjr9p3ww
zzXc+smNws(*P}&Ei@pCKGDC$fVz^@DFic%!RyzV7UEum!0BHj6I95@GX8yl&`6n(U
zOzXCJ{Pl1#e^&2D3snvHL2+C)L>5Zd2paej0WVr2)7o^-bMANID_5_p-Z6Ce?sOq{
z_xiU{s_*~a)rS8G<oW-?@5vxiuo`e%zuTA+X?rmtMyT<L>Mzrik{^u>*vovne*U2H
zT{rZk!4~9abClP5)T593Y9m!TjV&Zg?sxx?Cz(AncNEUw&0-}TLEu3qEzZO{*TZ1U
zu-Ow<jtP0&>Nxa0+B>cH%#+6dUL}4L%p4(>kzgbZ2Wkr`BF%!znqo2*y1+oW0k_?V
zj+1qKG<$V`w5UJR+6Wad1xBorWA9X2<o)e<DrzQqZ)ekS8&IVt0qjl*27D%f`nHT1
z#M~Z_?RNh&k+$HJaY|E5bV@p7hZ>y^@Z7w{4af0Kg_=%&gQ-C)s#BQg+_evaBB2U7
z&C0V9B@%D6;n6z?h#HoNwFd2joc$c1J6elH7H41V(|vrBcDSSCA*u%r8?JE&S*5T+
z_!5meZm}9NR=}}u=8)wl7TWiW{HP4|rQ6n}DEfWTYk3xUB5I}i)H3p1`S(kWvuNnb
z_b0(@qYP^8Qi@R1nd5{T_xje2LS_5cg&ui8yUDe>(Go(9|A)Ssf>7zU>%Si@Msy<}
z34Kf?09G@bh@CBPB+CfoNFl|bvhTEHZ#e65eS}1H(=YJX7UFIg`43#m4*L())nb^-
zG1w)D^$A^nP#hOa(JN+iZp)p&ExpBhujsEea9#p@l;Ap-dd?Z>vDIfM2~i8BGUW2w
zHlN6jlAZMlR+i`GKHCJ0UA=W#{FZ~~o{6vWK@Y&VuXHprqZD$*-1swDWPYNsN*?iY
z!rr1K;AOfqL}zB2GS4uq3eOh^4CD>fV$wh4VP{ef`Se?7(3vl@I{-L^e_*r?UCvj6
z0k8zybzQvru~+=jPL+eFx3Gr?C}(a&aW5%Eo=OtgO<FPo97;eH0hd%nzgm&}c-~hf
zN31bicfN05RiPF_KWNv<A_PLL2eBy;Q%Z&RWrC%9b~a;TmB4dZl&A^)TQ~?}dX|A&
zffF1Wy&PJgbY6PctV<?n3*oYC!#Q;;1Is&GYp@{eq|ulXKe7{XkUMIe3c&nDEM;68
z6A^uFFRanC8ds=)wL2@nYE9_;uDiZc@7aO$JmW1Z20Ky34<kp&Nz~f0PRw|{>#J5c
z1|qY26C=p-0W0xW=<Z&pbB%VJ99G)3TN?EwuH}73FvnV(Lw9Xxq}I0D?p$4y(SO;W
z`l9Zo+VvkAJ4Jrwk%dD{$Pq0KIzF<F4Fltw!ccnew|l|z$C{}co2M4<FwA<s+stKK
zcJw$05^1lgb^lSh;lRfX1|!?0LtM!ze9^dacm+H7Bh$*WS8%)ON~fJWP5$i}?$WXL
zGj6)IGPg3HE*VJ@X$PsnO9=ScLW_I{HMzy`)%$=0H&c^-OoTn|nx+)qPJLtb%{uJU
zGtree8Xz&iF4C$AuNmkpEuLFX8Bg@YFe|ei9a?y;Yn|IuGb>U{vMzEk3Ebt^X}tBp
zxLQ~*h$chkqos6a<7J+9`ek;h44QOB<rMZ+_;9F)cfd+@F)OevH)_ZAz7jD)5sX<i
zgbzY19Q>p?C^S2XDTU}vL&ZWLq6^fWSMz*dghFGVotEa>+bcd6bdV>gqF|Tj@kuM4
z?K_~clt?SjXEx;OfhVDtJl|AJHfw#4@G?7P+V7~1eY<-(MDz){6O=ec+<#d(cn{!B
z<!!9`3LY71!jZvooL(L}nUDQ9%p|nsUD2~7ldrl>ALIRQ4i3C6wN%Obuum{qV={$V
zoB>&C)}Y!jK@CRHO00&%nf;`(E-$U7=bOW6edV+BDAC&oT_vV0_;O{d#ZV-FH*(`N
zUs6zr37$x|Q43Ms%{v<Zw6|nmW8K}*t7bVycRL)_#d6n-2XZrSakpLQ@26es6-w*;
zM&yDMNV*I(Kf*ySI-He@t3YpQ-yDx#B|w9Ncrg}pYrF<FX!2sTls413$zWlolhnM{
zZPaCSy<HNf)WC74dAMXgC@h?4Yj2;=T3l_)6<b`_V&t8_d|_F`R5mHiw#V)I5lfb<
z#9d(fXQ(r~a19he4tXbW?(uvZ=#T>TmAg84QJ{5W%@h_#EG#m2!ro520l<&3!+ZFm
zS*HA%#{3>(=lT~zgUITce{yW~Beu3h-0JJ=NZFjU#q1P&j2<b?M?>zVY_epClF?26
z!SWuz+M$LFg{q5HA8P$-ZDn8V(eGj(Qq){~xQ)m#Vt17)0MgO{71(}9dYc=YYm2pQ
zjZoq+9I)2FLw!f!F>t4VE*8ySC@!QCA(u>B7Nr-n)1s4^hL$vY=YCLNbf)&zO3kR#
zeQkBQOog`R8bBC^o|MQ+k|Iob6v8WDM2F$IaI7h}@Gj6(HaU&&6L5NBq3~(SMY7r6
zt%5HFvi1RIW9gR<p+PQXAIb2;Ojrn|!C<sqZyd&Tm24m6$3XXuqW@KiMX9fQD@;S&
zD*5BdYVOgA#~#X>_q_^I@VDST+6bTf6CVFGZO+1XIAHxe!x!=?=&aO3@9+&-eRoAC
zrAnt{vv4TKY;(ik1JfGUlhf-g{@TK9P>KT~QfwBGB-HQ|LRp~JXTY4_2p1pig)Y}Q
zSMBO6K~+^v1JUyDLTuG#6#X7PF21y{jxPyWF=b;=ikM`)?&M!14fT(hVb$dm500+6
z=qoQqeZIJ&%8Yuxe4i9}xOb<>A1)IyaFR*Qd;{<^jnK<*SsdFiUtmJ7+STz9qo$u^
zdu^MFcDa8z+Z(&BTJwTj|84ADO@+aL1an>fB<So&Y$DJPjDmr?_#*gcQTT&lm&rbO
zsbT#7WrM={hEYa%i>J$9Cy~bG$Crzj<s_}82qe6QAX_La91yCvjao@S6!t(;OgJ`<
zu@sGx8lR)cduMs~=lnsf<>p-RCC%2A>Fos^6I))ZCt^(az!oJe2=6WndnQq1rq<qP
zKv`7n<lHb^B~+eWj~;@P7TosM3T|r;UB^#aed&La;Jo+`dOwI1hCk+h5Mga}SJ=U4
z4CNwR#(`qv9_CdGA06yA)T=!tfgzl*p@c`nM|hhSx=VJzr=T&qs&2b}M9c#ny1Bd8
zO`3l`)9P|nX6~5&6`wy#*Mx1beE9_>Vv>~xJ6rtI1<LX~rHP@MCtfNwGyTY}z*tlF
z(br39O7>#+bf=5ABKQDDlI#W~8tw}}GFQESW((xROjbVws)0I;KW1Y)I8cGbLgRWM
z1lo#81o4RrFJT>;a2JF>@RMIy^Hepxoc6S)EMbqx_n_^M)3wi)8JnMB1@IiJ@ludW
zIze}K^5922n(bo?M1&|g!;U<u_qm%}Y6`ZI7BnyU7%Tc=JvFyI>)5_19Tg?=%NCra
z9$YfK8ZMv$y$oiSs;1NHHc?iol8-l>>`D^Pu{OgCY-0T6_4^00(d?bFN9z4`NE;bl
z)P~?rQ1j_oEL!s>I!nd)p%w95Gb7}DiEQ($;jUV`+?Un+>b(j%c5Z&|fp2_h#}Css
zqaNF6;SHgIo=EY@_&C7i{{ip8795WK5_<LB4Uf?{jX`#vr^2<vFNhMt%`kd30ebWS
zF9M<*jJ7o~qYbxV$|vUXQ|uA)%a4vYcOfKuj*B4(;MLL)R8|ucLG+`-TC1f{!IVWt
z0310rkQ~SOucoYQz9r^$TbpMLvWPa_lh!@${@`&4q~c|ghe$C4x6=(`gNAT~30>;t
zy74rGGPv!q;aHC^vhHJ5baj-P^dps`2PTX4N0V=w98$lBI3sos(Qo6w&gCq9>Se8U
zp-9`|DPPzH01bIhn%y&SRB%zfe=c+4rd||J(OyDSs-q^`0oGv+p!lao+G5VL(c8|z
z6TVGZZ%^^W+VeJFtts1l-tMw<)C;XUJJrS9{lrH)KtxXB2mSF({61J7c<C-kezCjy
zFz1bp8vdVJrv+rCkBy~i<q5UoBfFRH+g<-W(Qa-xZ`^u6>he6MQJ(u8v;}pc?*)~B
zZDll><zwO19Ok5)dD36W=V)cyW7h85ZDU8sco7IqYS*6?+KgE3V5>Ow`l?dGob|fm
zysX<8P4|(JUv|qMOF47<S5DxGL>vF#i1@G6o+ZE_(aSX{^9*Im+5jR7j&x~7e?+(e
z-surz{sW`WBQ(eK6?SX4qjI8z1PC(O8z9MW7K-34f$;;B&V?ls$aY<}hL)o6q3j7K
zACzw)`)0{gUBf~}jqqm8gp;vCQCt<Vp_ea*0g-R9enT6+GL_$0bwO#Yb6^LK;px4=
zkjlNV9dIFZ#T|cP`wLMq<mO2+PAo5^fQ<ivAfGtPAO?f6j71^#H$r3VCEy}+xye_A
zzK?Y(VN!lb>2$`LclJ%#)em!$k5dw((+x)K!q6LPhgKh=(g_wsT0gOt*@;V96Y3A!
z=!dqOwr34i4F6D38l3^iOrK_lSSzRLUHio<K2^R?VEv--m8ct<@hdD301;bCW6GF1
zWg{1eyZIhE>0HwUPP}Gg9mDRVsdF;=-jd$lJv-2MKc^^cWP^mtg_uZ`#$PDWg4RI9
zzoCRmo4TSt-x8M`z2H6KcUWKB!S>sp-QS*(0ayymVN02ihtW+cbP_|t$??@#${2ai
zd8Wiq&Ec3U)n|@G%CQq7)IGxsEdvY`!$L8mTbN=5-{Tl#VCQ*&M;s7TBrz$aTt%=r
zL1-)Lu#x9^kd(U#;-EWFRb7GecJMhBO{%8!Q+C0G69Gvf<H-mV7fUw+!@mxqSd0$=
zcw4(9lzoHT<`J{XjhH$z$X(PLH8k#h-yCx1*ihi-?@`Bnnx{YF6u~8KluB)gO_wg>
zp*jfLcwdVmgaPjD>VpQ24jK{CZaP@k_}$kTi5OK(_y9wPUJBusVBLbn1*m`({%-76
z`!2rR7=~>EU*}YYIcg01A@z^F)U0{oxKFgJ>S5}?4?UuKrmx9toF>x5gnD=!aF@*Z
zsnuI><c8NmsbtJ=gyI?R(0yT%tY<$h8{Y1%=1zr$d<*;3kvUC~y<JQ0@72okr2Zq^
z!QTM|ci@nQsVv+U*q?S)*Zk-34+CAP10&uFuSs%l?+<cXt|EkyL{=?GHvn`*loiY!
z0MNy_UQ8o3ov<%HwRiGh_`%NhJ*`lAtT8OTuwiST&AnqsIf+a$cG+Bn#J+oRi$9K=
zTmqF+K^7)Ba(vhh%I?CElu~<Kc7@iRZDf*`q8o;TKJIdy&N2I|Do1R2aP%*yS~Zj2
ztp_60N)c8PJYu)1;+T~u3xI3Oyda-(Dzy5j5~u@=c}exmGT%4koDQPoMxQW;`-;0#
zEl*^%B-&^IpUa}oNHWowMN}vd+g3ihjAj@K-L!^*XECj;e<Lbdbp?Ci3}}K*Rj`tK
z79ZB#BA&s?mYyF>BR5q0_UJ9>b!}77f7w@+CAxS2Ir~G_FDjlu{<QUh&TRP5l9dj-
zk}OILt^i5EmPN){*-(t1-Ijc2px#V^F6o8FM1vS&+g1bwCUjK(W9%x(XX~z&6X$e2
z0Nd9^BmM(<?g|(y2e}CJM)ZCb(Mphm!rk#s&L6A}md_PRCzp9^m6TS@jXn<x_20Dj
zG-+>{h{h3Dgd1257xU+v!ZIvk(i-FESaO>p+ePv-T=A>X`a-y}1Lb9|N2{OH*|Vk&
z6`_tnT1<T>)dVo&7?{uydT0uAsf&3y;+zF(;T@4x)~*2uKO@rm3eEF2&i7YBO1&M=
zEfUZ1b~v;v9>~zQchnMHvr`mfv^vtF6ES_V)L=897AQVuV-!l=P6kgtIDigm3V#|Z
z)GBqL<esT*iZqFq@wsb)Ra^<|(-X4^<E`wbOv!hkM1+H?D%n{0`k%MB;F!+us^dv#
zM?Rk@1JM<Gz&N?%8;F_8Amk(9xeXmYFt?;CVK)IS$OmRBe2?CWKlg#k*5P52+V+J#
znUjwic>d{H$pF{YE@@`OFAwfRF!$-i;~rvIv#pti3#;{lJQn<v6Ml*vNjs?g!0TuG
z9ys=cPuTjdCN-(Z8C|`znz}r%)?d0#G3>I;)cLOuHumtf2Kkok2dV>XBE8i|gLd`q
z)q&Ki^U#;#SccROV$}Dczg0i!_zv02_4?zAsE|kY_`jU7L@KL>C`r9wZN#d1v~d(D
zK;Tl2XJT$N{2KBWh;Q^aW5QDg>A&6q;oyMG_K=r7#<kW6{KSS09`J%uLrWP~*kBAw
z3~_<?mQ-&X2Gw8d$jP<NLUAe^NfrwkrDQZt<uAN<&OM(e88w)?_eFO>l*KR_iUDis
z)%-JpB7zh?2x6w3hqE8zWq5w^skjeAT5ZXv24}Xn)fu0^0VW)?ysF~u8u#xdk-8G7
zTrlle>SaRixbapm*b-t2C4cff=<NWeo*RrN5j5j{ne<qK!U^40pKjCSD+gY@6j5>b
zGWZ)YLY>DhA~!5>gxAbk`A+7|mYx?at4~;w+r~pE1<Bf$(<C_$$rAj-sAs5ya)%$H
zZVFZZaN{|;q*0Mod=J&+4Nc&<u9D@$jggz?%&$JFJQtD4^_qA$S<YJAR-WW`?_B9C
z5bh`UgJlcssynCz)2YGlbm&*Hoe!eI-bCN~fkA<(xM%;Mk5i;oM%awqspt=H-r6J2
zS?o!6X#-Xh4cKzBGjUx7pb;$fIiBQrZ0W@tR<#+~%eJ`r9=)yh&71cLX5;u^UM(yE
zA-h%8fI!aku;q9syO#EsknrZYHTkQ#bfi^m{s+4!_oo9-yPX(GJ$wkAPlcSkaj-8y
zmovHDyaPShSHpO%GDf_5f~$zqSyBJUm$$C582WTebj&MjDo$@@MJV-JK*IZM=nK2n
zdvCSt%#AT3yUAH48m&BPI+x7NY@EqG)@8f7wyx5i9oIMb@^g07{3UydSrx?p3Eivz
S|IGh;Brg7^cR~C;{=Wb*b)h=|

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/container-layers.jpg b/docs/userguide/storagedriver/images/container-layers.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..00c30a204328fcb20dda606b44663a723a9e41ef
GIT binary patch
literal 46046
zcmd?R1yo);yDmCE+}+*XwYa;xdvVtSr9g2j?poZ7JG8h<ac_%Tp+#G0Y40pu>+FB+
zz4rO{xo4cQ|9fu8Nb){;lDtXgo6MOngP$uuKL8ktvI?>Q1Of%HgMYx!bwCP$hCqIK
zXwXALLqWmALV*qu9v&7R84(#784(Ey1r-ww1qA~Y2?-4c9Rmvs8yg!L4Hpj=3l9?;
z8|zmkzsmk91q+Lag@S~F^}p<X_5+v*kVU9sXb2_%g$aSig!~)?NC5}{1u6%D0Dn3-
zco<j&XebEc&ouzyH~yn+F)LUMfWEwf+};7-?;-UCAR8Kr)EodfKDQCw$Me@XC=Sj5
z08~>GAWQQ}Oa<<{-IriE7{Oiu@O&ZUql?d~*AOCGm%FkM0h_Zx{273?jYQdi>oik-
zwnPf8ty*Mi!YnOwa4pj_FK#YX0{}35#N9Q{>_k>&47G!G1>CIYPeHWiBRXoPTotR+
zjacY&TfL`_RS`4Km7I_P6hR+xGSio!7YpbSCkrh8EZid{<sA&_iJp!39eC;b0m*c3
z9f%on7AH?7y#sLo(B*T3wXy|tb?x9<8AX6vmik{P{1mw#prKa*D`e*sEL)Twj6N=S
z@hgMOTklY&lmgR09mYZG5E|RyH4v*P{(jo3Q{fN*;5zFHf`8Efs5k9zm`SQ}9<aT8
zhTq`+5p9rrg9CEO1H8@f^#O){DR^qO;ba(c1OSj%)n8*oA7J1RtxN9<G2Y8gaR6|v
z`azYj(#2kDoKH)?ZnbAm(KTiqn*-*+j9XP~%&P{UwEU&&@7Y!<uWM~gR}+;4sWI1l
zXDUE0gf;ExCe7%-+Fmg5%LziiTD%_~s$fe50HWhJQN<q~V6?xscr)^V0<JVMKXxn^
z@Z|vj)!Rf$y7vLbGgGeq_99l@gaQC~7oU(z{3he`JN%bm?vFjGPwih_XB<BBDiGYf
zQIP;A16j5D5aDrh*Sj-s@0k5loqy~8tDQsINUHfyyeVIulT_B+$8dz~k0kxTS=oQ(
zj|aP#kkxWtr1xKJ``<L3$ojhu%w44&ylroRodd1GM9=Re_@MytY7ay#{OUEUgck@b
z>ntvCJm3)4bgdCNLz2t4KLN8A9~)D=0W=wtPc%e9L3zehDkgy{pWr%Q?PY^c2<RX-
zUg5%C-qn*`n=LcbpB>Hwm=?XXC5u)DJE8EMMyP~-0>aa+j#Xy{RpJi?@N6xHsC03D
z0#DUU#I>;z{b2JjH|~XNk+NGBpRg>786D}`WGv%bpw$->v(%|69)P9rM2k;6iv}l>
ze03+dyZ&LSyV4zUu(?$7UVfh5{I10Oo|I>VE-M}!#l5AO7B|8tO9Qr3)&IUkM%(go
z#=-K=my!8{_cNoQ={-sK^nT`Gc{yhC?D`+(=->MI#Q#nE%AW)1F{Sy?6QD_`=O2us
zne)Le0ho}jf3S(eUGoPrgsS7OdV`ND=wP!pkN@FeoZtl?O3*?5dqqll*O$BU(&tf;
zvyVjYslUDifb`wRE{=rhXe5^^rYzH+{-I59teu322apZkgpK!<Cy|@6D(|F$Q^nHU
zRGM37XTCz7PjdWM<vVOD?^Xl9-rf5K+}{QIJ^TLHK^%b8f4jXJS~-66jLTc;-;d(|
zivGb;!M}P1V7(6e2Q`ntwdI9^N?;%MqI@$pDh{}CGXI+edVL3ggU%pVcXdrAdRw60
zvv6a}$J-nL{#pY>v9&Yr;4E7K@BI%;6%M*!0AjY`?5*b!3;;t#PsG7iL3iD5l}3Az
z{#*Em@awn#A;43t7>dLRJ~3WRo4kA}{wI#+aQ)VxUf$<!BwRoJ?H?$rk6!!dFX-rQ
zkgYSK)2QF5XD#!r&PEJ>@tY#tpMZp&UvbgPuH(p;j~7J5)`dOOHc7mhGh{@lJp<!@
z7eMm~`{=<zmwh{FrQ<Q19qlFhsivNt$#H4E^o_qz?x_RO>%`5KJgnbraxrmm(Lb1Z
zKl7&+zi|K%19wPba0~pkL;i_@F*FPW3KkCjVSj|e0D&1P^@nUoDF+z4+GIXRz#DNe
zCSEQ3EwTTq9qz_H_(4Rz0wYM9D#p4xY74Ng4!0KUT%j`lE06FxP#JpZmI7U={}t5z
z4+Qv{3-ez%ylWI>V=LI_YcRIi9^ljd@)wA57sLiR4ycDO-jakm{Xqa<aq;074todS
z9|9(o6^Qf|kig(y(7!pz>c)cr(aHs5$os_Kl3eQFNXaNx&NK<eJAPgXO1+@{Fx<?|
zB`|<Q=r=U(J4zTk*vrW#8b%<1Y2Vt4<0lTLNN>RabpKq!e*8d$l$e7tse$-|gxk^k
zOB(wXf|Wc}_V1<ZP~wwRO)H-@%TWNp{iu~LaJ6i|@CWt7vNK<VKC5oBfVUBt%`~Iv
z)bPr=65KZcKqw{nR|GKrI|)+}1krXs{K^B60unOZ1>fs}No3*&1fY)GA-DZHvf2xd
z!S|OB7{Y6rOO&0DrXNAcrzZFTV-7Idr(fw=0fke82L#Z)5N>J;0MkA-%?ZTZHT9q3
zEcki>Ak?PI`Bhe)Q4E*`S!;shS(4?E6Y_0vbOQjLHPW&Kf~AW#@FfC(Zn1uz%N@7#
z2<!_A7mD>CB^tpj(A5t83jarA+rgk@^v8^nih}~O2N-~kx&jO!YyXpCJ~c&4&fd$6
zmhVx)(Lp$WVH@i-&^^AP4i-dP%%q(5iMM;J6nBa*4$k)Spa}vuGQZBlb4XgvDv?V#
z>|PIU@r27(#LVs>1rXBx6@v5g2Z!Q8LVBnVc`o=tqJH@h{i_7fe{b?Iun=fCsNW_J
zjR7h<h%Wx1GV})6Wx)3Z$Abh&{4ywX%s)&Xfjbx+@ok>ohfD~Z8yE{OouP{c3*P~k
zhmg2nzbm4eU%7As@h_p%kHrPndp=O~bpv~yiNDG~W$*s>(8|Q(NRAH}oWSc;=&Yk)
zfp4|FlzpARey92a73Bli9Oc9)s=xJbHGZLgI(H)Rha|oT1sKCmdp$@1``rgHfu4K#
zTQs}w1ry`~vtl;h3bE8K+*No-Mz^2AJ}}wTwlM!_2Xmnh1ZkA6Uw4|-sn=Kzt?zqN
zfM6QE?)c(Qz!*$IF7v<;bjW|we~b9{ZeZfywTxgY{*X&t5)8&38V>@1_lyBdz(Zgj
zM2P3wuh<Pk{6WMQc?rhw5ctjb(Qn@Srg2A(o5$djjm)$@noQxcS=I3;-&TIH%Xp;~
zmrr9?daa}v09a2xSy;{VWR@D=1cP;uz+iwOxKz&Afgz;#kM~mJn}oo>%6U#-1AIY9
z?-&d~=bE?a*0YQRrbxb1`~m=&H)Yr5nBeyhfJO%D0y>EGO<?`Dzy~lju=s!gEU#a%
zgpz=1w`-M)XGb#y?(`$8Ck$jD#iCru>-L&@%73Ek7kBHp{9Do|S&_5B3W9m|MP+d0
zj2!c-aLT4~@BU<DO#s90Cj{Vxuy9A{8$2-w%aMqv|0)hZ{YeUb5b;b_z!+BA{6T_=
z4F+Q*-<J;(B0mKf|4$3Tqibh$!foaRY}51zOecW+v=gCf8^=q2ZP*MSur%01wSokq
zFVZPl4W2Kw{1O2`vGEIYR^z$Aez^5!Fh~Kr9A_QMLe>K6`_8>Uh?o1s@b8oa+XC63
zYdq@(Lk7xVFa!YFtB2@cCiwMYzz;q>u+UI2FmO;17%1ppy1{^N1yIlg5CjY?9DYoE
zK5=YZ4&F!VcodXWG@Ry$v<zHse|%I!5Fn3iC1sd9+)LZ%5^zKI=96rbPh2_?3?=fF
z+DWxB8aKgslLxbYEnlf);|i;OC10u2I2D_135++iQ&<-AmAdqf7!1mVGoG;7X*a3*
zvz-|n#qu09p6xk1;W?;TZ;tC2fV7D&wPm{|U4OQZ0v@Y2HCHApHrKG(m$OfF)~_<0
z)MPe!3Ep<u__H0nol#xSkL{?<UK;T6XWM0S=|a6d?20O!NLROQJcFWVTb0V6sG}$8
zvBrAJ)}HQjUt)0Bxh64>mvm5cB44h&CZ8W$LrKbO&*aZm^Zt>`+T$w|jZU|{=A*;T
z6sOfS?1Q3X))YBAY7u<VWiI~^&sEP_EBH!gkqn;2*MZ5GtDdYvBS%dl_^;<W3ri~x
zdzM}}5NU|u*A{99&-t@gOX)yruFPa3Ct<Z_{S9#{kW*%#IuqgW_K4s&&b1a+Mt|(^
z$xFG*&Ywtg&==F__}IbM;JHYeADiTuE@E(d*!k4Fa&5u3=%}_R(orivwzLf~x4l{f
zU%@qn-`&ukEipuSaVYw*lZ%p?Uu$2}c5x1A^UK6Cb7O>MQ6g5>P=!0ww}Dj>{rWsl
z6&&;)?70*d0xbkps#hUmgw1G-hN|T%+AL-zQ?*R2(%E?)65Y`%^EfL@1qlW*&c<aq
zk;}2Pr0mvO>#t8Jl_ytbtq$oF875Q}=V#l^I2DWnhNZ^t3dk{={7&vM@&}Di;A37s
z<2^oUj<C{n!+JiX@6L2Gvg#T^B<a_O#%ufdJqo34!Pk31A7T56S2o|5lB2o#zmOFz
zhGVi1ox_xMdKl?APj;=asPCSTzx}vk@zjjTi;?d*-gV}w>C+CyvusIj0lL=3orOhW
zE!7KoVwH`AT^JjBk*V4~M|_l51)IG43Qw-Nm}h*)PY)=ix%b-=n>(;t)aqB7tJIeo
zO0qr{JdxMn=Ht=Jw*AIQDrkgC`T?)|U5i#7+uX28X<U~Qp-(#3DT{0EnR7w&VyH9U
z^fJ*4p0ITU#<}8Y<HxlE+xNByIDHf?h=W4mzU?%%FWYN`N@*AEdXn?(-{p0N^ZUFT
zXD}AM^pkI@?jd?)_D->A&~)?`D`MY-wdb|)G~<B%8Pq86yG$$ZrxomD#{E`S?(z7<
zrG8LC)Sa<&h&Q@5c&2Bh@w?4KyV6gZTBSF3q8S_Rm#bf`5x!99wMDCts?;M39JjX6
zVH~Vx7_zp*+D&Lp*dE$!;B_%bYHxE!w`)r#JiXANm+?+2h;P4sHt5}Lquak%*-EVU
zINjGYipZI3vNc+IL8R>zE{Z25r2lO8X5MtoAY!~$VV2YbCTdx${$Rzws1vG6Q+JQ@
zl;(7^nT6)H`J%_g^#KjZaj15IcJo<xPtMsb5uMKv({UvpzWk!Ked{{gtW2v$&;4UO
zOh%bxZ`$MGb<HmAb7m!`r=mSFOkoCyMnQD%Q|ENnPjWQrb`nSxm|RdBD_>PnGr{y^
z8mJ{OEAh=nu{M`{A)3ned1fuj=Yr`haP!e$DgqCqq~E%eE7hoUy%|f5X4xd|(TR&3
z(ZxNR+`Fll30u=`A&tfGPKp{qsxmR7QKyZMzhF%zoHeP8&#@ook9l`wyJPvp4ws~@
zvl_uUktE|g@y2Gd_{$r!Ewh+cg(bG@G-~(pGE%w~JC$C@mGb7uTfd@Z8bc0CM0`h4
zN5h6GN$V$IDQ`>>qj>DFkl3D|sJLypk=&V^uDETuo7|b5tJ++8MC;8FEjVY4CAn>&
znMU1S5<XZB%PZ@ts3iYIQ9W)y86Qi~HK}7ae9%Akd-N;~8?|Xe5ptQlu?)9ED!g`L
zdyK~>16l{IH>P9^@!79fHOKkO<HYu;+Ry7}W0dZgwp;x9jmZ-hW`<aKnv&a0_qyt&
zT!P!&G1Ulcex&ZC6DDEwEb;A$2Q{745pu?gUP~r~KJvyY-ns^~HuA=5KDq{+x^l)e
zrxgvbgrsiOuZsq!$B@JGuJPDQUN&0HmZl!>dXJlmunNkbWOw_UIE|iUkO|^;YRVbE
z{`|Hw1WRzM{28rE=@@b(X>+=80u39vkGg>Znw+tw_ge#<H`K3~1nt=Bms8XANH?jf
zZRCvgJ!UQ3>!@F`v>(-XFDB#T<>IWGIVd2<I(8bk@$7~V4b_Eh$p{zSr)W-zyixEp
z@oK9Z2#aRMOItcNzGDk<xIR<Q>o=408k#1s)VN45E!HItKk~XqlpJef;ZEhfS+?8E
zY;K!=9r0#I?Hm(RuYs3Ux9P5Zq(e2Kq~#VZ=c<ixt?MVCFm^OA3IFjzZ!V#${qWvo
z{0Aw~F=ZuCwOi6588quLDx=`Sk;nfd{vfwiGt&_N(S~X3p>(4?_o4hWv5JpD^>L27
z+nPZvk|FIC@A7~I&Zsq>4R0sHkL3G%Wc{kHtFxpo(|o>*@NTYu@Wfc_8Wp?hf?27o
zTmOmw;BVx>AU08LHjelCKl6z;vdwYt7K&z_C)<$l%R*Kq-x2<uNBS1$%tpJ(Rx+GR
zj6&BFqG0fMtlvdZkDM#kd<xXn{<hJ_Q;b|#Ju-${cem`M{0@Sh!?_wI+~kN|XU3)l
zTog>*lwk>I&*Vgl3p8db4i-F*1+Gc%;{T5W$c{T5Ib_r(!d^cCu3b8bi%6d%eaNZb
zJw7g1%NfZp)yOYVY2dp*zs|oBvx}E#kN6k#%O%%x1ND0uu2An&_#Rc=H-28@x3&Ai
z#;%ry0dF%06M1qiw)$~q+4gJt_pF8?z0-_{*)Acu4tM{6(O@CIL>e)(%6sy!WYj-`
zcCNm0U$6e4eM9HuuJg@$tJ!6G_V*N_O_d;`FCPa`rmuPzJILbZDbVJ+E9hiDmPC9~
zMAH<vpl`XIq#48=o82R%qZ+e7NKcAYH!(FawR;UiL$rfOqh#OwvZ<&j#6UKVBCATf
z1^KXzq2le*b8IYQ+$@$B;w&|`H?DeKk(E9qONB-L(aB00@S4?1kD_n2Cu|b@Ft|_O
z&{#^RjylL{IIv!EU<a;8FS&$j=4kEBMsvHk5dRassdogi%)W-GC)*o4;3>21EYj^t
z>O6{1Zb5^)u$5FG6qpUXKOm0rXt17os?AFnF4zz4s!g-E|IK@_IUqJ|&Olbc6_=sp
zR-BPN%e_n@=BPGJ=)go}L6SD_&d$e<OJ;zQKyWQ%vou$UHkK#JT2NoQy36&Q3_245
z79#gZpi>H2EAFA46dKfv>zy}axW+KV8jPu_um6eOK~1X#uV&6!Z@H~v>eks&i+y|&
zJhrcHlK>xQ3i-e{TKD;r_dY?<u46eQI)SUc&csd4Pc!h#C!?U7?4cyD?+QNN*q$_f
zR|-^K*{;5s7_i&SE8b}D5q&Ifk|mFX5rR~Cl94L>+$Dj+sCX3b@B+5;Us5QnB`)Ja
zS#~e)ZQGrSXL{q*&G%w;O=Kc=eqS1PHT5}*3$A+ubp?*pI6c9?pkLp3_v$|Jis9&k
z(S^+ju34)ovFyiFvb~|BODd?3<KlT;gLU6TO1}i=|BdOfO_m_8cPst`n%2yo9Bu#S
zHT0pPeM>W()h3?Bb@naQ-f0O*UVWO&SvqPX#B^;~b=gu%lEioHZX_%bqjOG=qbk+C
zBJ0PK=Gq{fquBiBVgMm&Gc{9BM}`pzme+8qR$tj}f9l3tQ5A0hp?d7tRmo-W>O!%U
zp}T5EQ9llyk>851*k4?`KFy}nk9k?mm9RmRl(iI9yE~{?F*3PDTZO_~<W=gDdAjCP
z`hgN9dE1XBi8VNM{+rEwBqrZagIz9^yhCETSW^{L3?1pJWtP*7zVl^l-ueE`GS$VE
zNbhpa{5d4UiBe4Li(ui~(J)=4iY%?hw_%4YS>$h$PG*7RqPr&-2Dp|VT?`eN)_vMo
z1yhng4zcpq<<523HGb+V>@70=h@#pDy@yPkKBsHPuvhzq#F$~`lAvRx<D!H#!@EjY
zS<Xzy@U<qJb`x9cYBtXb8Os3eofPk^S!)PJr=~*$y6$+#<LKj0bhUFb;(6&iJV#y8
z8BQ(lk@aW^X{MI68{5h=ju=neSzhdI7#4fQ5>#2~x~mDU=o;|oGHW%ly8V+myzhSW
z)$Q|-eCUA<U$@U><jVu`bKl;mVg1LY9p6S1=JXwH(CR6B*VQ?@PaZ$Jm5DFYUzY#B
za6V_#I7aWEFl3$Uo*2(fWfJLj+TABR6#jKX07sgH1BtlO;i#qC!Ug4D&%=4K#rNwS
zXZOi2($P&D?Op!_b{B)aT3`<D8JTeZvIZhIF+!PbG>q=u285W}GQ>@55at$f3rO2|
zL{08tW{p#Gr^^0!!I-KCs$%a;<r!U|UYQ_#_5BGX&D2Hh{{*OAvcEREdYZKq#`0<z
z6P>qU=JRYMo|=|j_b@f>^!ugP4VJ!jQ1EqOts^h!vN%)pcBy!6FRNy};c3u#QA*oK
ztul&<-+#$By_Lhi^FIIWP+|(r{yly1;8E~&SAl_)o`Z`*&D|rL`A3r_i3;f^#`6ho
z&gr4kYf6Q;g8W67-iAp$`NS<^M^fdUT;YfQm|B_=DZ5{|DUTPN>wT_ya#K;*=-(in
z5tSXMoGzVsPJddNDlm$XH_UJ?nL+hOa(j5O0G}g%iFd_sn$}(Y=Vd><`H*n6o>9c^
z=DWt*DTll59M+RhkHK2XkJZ|on^<Xc|Gaxb$AoI?s|w$99s6n1?pN;}^rhB}MKndv
z%68DogiZ-1)ss*g+a5V=Q}<A$*q7qxJ$7b9rPkp`YJy#9cvjuH+^}2rILElB!|v;p
zyOrHoWuK^k22G-b0Pn`T4Ju-s+SBW_QXR$%UG5EB8j8)YK`r5m#62BRA4*C)_c`&k
z9VzUa4;${H9MsmMuUNw~r0pk(2V^rSy>Wcw6|5I#O(Wkr{Y~Gb&UhH90?_k!6y;ms
zFgth*l?f^m2{3Q%w#XVs6}>&mHka~>=C{!2!SjU0wxDczTfEG3ZDU0;n{^fYbDKfy
ztU02!#n)WK7$q-<M3X-{6+3LY;4*ti#*L2cDHuL+<Hf}lW7l`9_)FW}48=xiN2Q%v
zvRb&v>rZNjrP(=OFme!{Gg+-wAyK}R+q1L#KK7#xM>FE)ZPpl)aPvrVl@gMBzhA4u
z9vo|W)(*m24qF0xQr#XONo~}-<8L?H?vX5kx#P*G^n$tPjfPKgI#YZHb+aoLHMsg!
zqDJ*^y(42TSeLdpFRB99n4>?A`Y&GM5#z0AaU3mUpGVs_XG)(qpQHW+;NxQoL<qP}
z#YkH4wY`%R7#)^sd{VG)l{B<B@wU2j^X(a#6x}PKoprFC@`;^48M^-c@&<P(wD2V2
zeVjfsJN?3|))CLVU54Z2m64tHyXI!TIOA&Krn_C{DJ|D15soHJYvtEFKIL?6{A81&
zE*4eQNPG*Z0}e~23Y4tY65@pwtCg2<t2k87Oia?QC6#n#XSf}g9cx8XM~Txhu2iE_
z^vVvEgd=6xMm2#g%T>GwVTnD?vlI+DsyFM89dr5aU#{x!Ry765(5z2PFsgK&&Z+6;
z!Qz@b4zuwRv%%$5_mwjr1%6bO-OXytkWo%A4!)20rW&?-imCA0QR*P`44LZ*YU`I;
z{=a!w1J@~NFVbV7;o=N7<GHFchRq(i@Kc;mTIF}ngs+DDPb@d@YBu(pd`}06g4(+s
znnX!eBOK>u=u(M09Nx1QF6f<ijEHvX?UX7$sV?t-UDe}s@idm+1;4!ab>u7iCpn5$
zOP$@0U$ei9YAouNPBG1$9@j1J1m<MVs&;Bf#MB;@4|Kb1<%w;4{$;KI$p-vy=KTMb
zKqJzUl$583UTKkRK0wnKp%99a0!K)P!lg{`IFn<H<G%~;?OSI=xL<yJ7xXuuP`~!j
zgbt6Sfz~7Fte4U@&oQ%MWbH5s|9g|<E?y-er}g6Hf3NX_>D)a1C${xZ2{AC9nkfSM
z+r_5jY-dX$N3fco$d+D(r%u%F*VQHlvUeNmR-$C@dSvGAzcv=2>cPO%Iw~9?G@zQS
zR4G+-K92rws7}ocXE-#|wOJ#jg6|i0@=;f0r1(Rp^MR)`FGj6kt83{yCNrgoXU$K@
zmMN;fiy+7>r|uz-mZVz=@w8lvjtjtPJU(xfPKjEo^50C>#4)OdAPP@6gd!Wzu1heP
zI5na2=j{$Ke|y><cB7!WXvoq~Y<Dyq`Oi#kz;(%qAQQV;kICI@m+x>%DMTrcs>@!)
zP{5T$-ci$n$V%eX*$&Fvm^z8n7az1d!aZY{<|MO{I7>3!=Qg>m{i`-G7^`yQBV~r0
z`WI1`>`!V&``C{CZZt}kFC*@hs|}N-hPs_An)BQzaMZ2$%i`@qE#4YTofb7ujO<Ep
z%G2;onr_^M`wJj1QjPFxmsFl-7{`nuwdIu6U^e()MTFT5;;epMcby-Wui&q)Z(XPO
zsO3mh^X>U_x4oQYW9285-e>=8?F{F2lreOaIFMKrVVYIDHQ3bhf2OrOMWg>JEO|Pm
zBw;ZiY1v|r`KDTfs@tArPcMa?m4K^wfl$XS$8@P6Kf^1JA#Xla(UU~7O^3n$q)b!Q
z(T`b=u=B;NPpM85b6az*+d%Vq|4#treXD|7ws=*ox|+Z=V|JUjiou}s(~N^MQaM%n
ztNkneH>F+Lhwc|8MTXT5G&7s3J=1v--&)6XY&Kg`@En?I)ATeJPXskP2Aq3NRQ{7s
zoK1ND_#ZR>JB0L`NlUqaccOC0swk|FIGR87&xii^CaI?C2@(oqQqkT1<0n4E$C`Sr
zdbC9See~$Kv7;MqYmWkPE(umYx52gyZ6E#2>7n`2Q?94DUnP~D3^gpruy_0^g&Zc6
z(>o2^@m2@z-s#9^ygd;he5(1kUk@V1rZSqM?~_k>eU57?E~D7iyv9$?7oO76W+vw!
zB-y4T;=I|5U)0ywIAHr=P2l$_i(o1}F63pgbkbt~9g`wPEUo&@P8JOYeHr3{fdh@P
z`*>w+gY0_gj^?HG&8tJCcQNZPli66CXsP6d{8a5(oCH?l3bh7PpPv5xal}mmYZ;9Q
z$+*oVn=>n^H)ofl?z^?5M1q(j2UOJZvKF#vrn2$VEtV3~=1}{swr#d$BF*rO{DoxG
z_#x`HWDBke*0L=a11U#cTH8Wz+Kk7P)#as2W2`-Nl*77j*U(SfFaku_ndzIYyoQ<O
zi>z$;qp`QU#?yG8RsK3ZF}AHxan0&{YHxkqgtAigsa=P;a<^;glq=_KUr4<H>Y37@
zH#_D+x18oV>Ay-6W7w`XE6qzMF!CZfM$4l*jv6yI*`!N_>q1edgl9r#F6cYc<|ez=
zj^mHqA?u^ARm?emO?S~a@$|&CNnFy+9EV1ewKqmN$p*FGqZB39jFZpZv!6IzJG;O>
z4(rVf=j3U_(4`M?CVR2^E$)%Veoclz^ON(U@qXUL8<(x6UBWB_%F3UBQWcT+AeQFX
zX}4gZoJQL4<qO`Kmg`l_#2c<JzEUG3=y(!E_D_R63hl0yT?f}C^&OQ_!@adPE19w5
z=2Fgj%pDUtlEm-2IgvYdj1&}NF;Z1s`2B=XUj@CzF{af-Pp_}izHVC6sU$!0y6%Fr
zYYVzd6LI>&FLRAZ)>>ku6#ae?cTi`{;Z)_*+Je<>{P*T&52BRZhH8P2&mumj<Kq$|
zj&qDneKgUHUaMkN2=%g|T-rvB6mosm${e>*Zmc-rA|vuau37nVVX8(rOm26|e#;(D
zsrC(j<CBnWU5nOSm!o$w9hg$gN{`7dRrYhnauo+9s0FMBM{Y;=+S(mVHHF-Aytle8
zRqT%T%kA-8JknE~DMxd>vrSZ3>pC)a@l&__UNuiP*u20evB6hla$4=F7IaD))l8m}
zj?6tsdm_T$b0){pzul<R$lru?y48H+?0OzBSwG`$;9L?^OExo@@P*U}*~J<8oJn?z
zY$74eW(#ijqLx`g{^Xnzb$_!Bm6@To<jlakoa&Ln)a?GZ6Sp3Wj~$lKK|^f;U*ws;
z>4aq0e;JoP%6V$-PuZGViOPRAi?(p1%r#)`JUc|_yvo@cmeJ(RXM|d-#kda7I$7UX
zrCgPQ(v`>U=p1Oa!NX%|B&X8()=4sU+McN#W?RXLe!|(gapjd+{9y)F%VVud4xyp`
zA9mzv&FfZE-ML3<Rsue|WpA||N!M>*6tGrGsV=k}I2l{?3G**2akUOsrH}{`y?R^$
z+3r5I%}hl$a9b5@)5xTv@~fu{Z_yjfLlrKUz1}5c93NBnt*j_#FFGxqYuu1_RrE~n
z(=13jUiCeSn{6Jj$EC=eT+@to;Coz7Y&SSeydL4!j<UMyKQ1jlMWJgDoFK98ufw(<
zI;SX-P}_uI$#A+m-kB@23YWgP*OAeAU$Azfnih2P#s6rk{I1rZY)BMOhR0sE;P5B#
zCJ4Oep#AHf0~8bt94aCl3@kJ(1b{$6!@vTVSd?(soU<4>5*ld@xKv!?nmQKl$tkIY
zP4Lu`TH3nL`{wXCxYd*TDQH3(X?e^oJ*2Ec@!dR&ikttq1c4|9fnX?ba>j^H7d1Z@
z6)sKjxs)5Mj7(J-#l;m(TJT^D9Z`p4lGq!X($E?s)q@iEy#R*fS;y)2$BW971gjAx
z)>oi$Iobp|8Y?Py(W*k!y?y|L%B<6_{YB-8ToD-Xniz0Y7OvmkAjRa1k6SinAwXkt
z)cfk-if)WBM#jna5`>Miw-%MJXO3lVSjqx}bP~^6z|6H2Vl!I65}V@nJO7vh7mAIM
zWsn;_%I<i%p#9CAT8ptZDVP&E(dms?GFUoB1*M{r8n6V`6X6TSG_+2K;B2(jegnd<
z6=MpdVmY~ndBPx3aKIhqv@5NQTHz2umK91EBsvQEFeCTfFHSVb+4&4d$AMmC>gmVC
z^bCz^P*;pRn3FU38P;VESnuJDNK}p6Gr-acxT8Jb2b-S#=!vPn_Y|;<dH&&dHPX}u
zj;eC?a10eBg9qebOC^|b*Hv`jz~Ksqp=n%bYu`!WE$bJlen8P;%<qS1xCL9Hh;>3@
zNNI=08Mk%B5Rfe@pF?N{j;W4;A;An{{paJnxT0B>bBw7H3y>IZHojBn^rG^476T+E
zeow$0r1(6a(9k+c=RmG;*#>&O*~G-V!C{mfwpikG2h25;rLK@c!Y+$_6ud(><hj)L
zXQc<(Ka6p$7BE-;+KqLwpnWUfXNhr&8_dBFU|h=1pbY|JeeyOjy#zQSw~D6f6_poB
z#YJT{G2#TcyuSdj%va2&#u6LbV7}(%J*bOFP_N!75t#6-m#DRv7;CWm4;1>|s74-0
zOA+5|3ii;wipuXW&nma20B5@wb+PCV0Psy~unTZ@J`K<hAZL|P`+$F!PrCx`=<2vV
z@Zr{hDG2i3!8cKy*yyPl9yvUy`?ic362)je+*0t`*Ra><V7r5{Jvh&^%u#D0z#8pC
zyGav$@-<_Cv%T{;?Jhc4Yi9f=Ay<<s&|mpKkObq*aJyVcxTI0)&@NI;0Vg?|C1#O2
z94=zyZ$RKNu7La^0W?zBz!p9@<I@J%xd@90{~%NH!HtR&Xse+|n1YXydZW3sk<Di~
z>~f1c>)ndVYh(r~B<FQ;0@b{T&2|rP`omM@hgIO-!g0>mueYHoy4=Gy=fR@&(bu>k
zy1@>jPm25m0<7&U<dtR|xJG=Nh`WUv_51lrd-gjS5yE?`*&u4GMVs~T1YTVi&lTM3
zjs3Vkcx<i-&e9WD?xGos^I^1m1n>1$*+aUL4AhZlV=Oa;v=Wyg<>cpZ8etws5P2s_
zl77vNbv7#K^fgYU8r~FWV!PQGIIXYN*v{n$RLwC(@;7HB0HGCNEM7Ry2O;VD@Ji;W
zec2N2`2Y~GVmb2F>3*`?^3&TN!dmtogqpXb(1F-E;izQ-wY{fw_QHwOK2;rjvg$jQ
z8Pj509@%FUc~F|Cb0o8mGBAK2P|)8dPLSUAC#E=`%IeSPSUrjKHzJYUY3ttB7fOzL
zTTU96<}->?#77xNpfYAbydVUpM$2OzJo+fX28L^=M*gYA<-EMPl+rf7A*l(OhO$b0
zB93x)h*LsR*Gs6|Dm3s6N#UYqpQZj(3kUNDQ(ppW1SSPyq^NNvL4zMYM(h$+HlI`)
zucknpF_l(S6ah@=M4otcNv(_msm}{u^X#I!$qZp81RUo!S6bSYOh!_AjPSQD>8C|Q
zTo&5pY=eWtDEiPg+HfBuaukT9WK^zVVl{pOOpt@c=r^~FQt%(yLa~+bsmSG5#==5>
zB)9)a6<i`heF<!J4A>I*h}8WAMnjME-ouN5$F7Ecg$|9bY}q!mJTz(})6ol1RuF6>
zeCJp+w16YHvG!XbhDR|f6$FrZYwS+y%rBDWSg0NL&cu<KwnY^}bLH8Rvz{f$4CH<C
z(JwAqZLmF^E7E0C=k7Upj3Tg<aw{RdIJf=8lznTER;LMP!sole@bQ%}S<f+NSSTzo
zS6wbu#_|hZ_)u!&pupbN55<93)Ko|wxizpw#pr8Y{RAk=xahqcPo@Y-y>4FAdU_fb
z@87YA>Bvo8=?7LN<Q&%D>yY!$THIBMx)u#wYmW1pjN4J5Yw^ZK<7$U-){RnVp-RZn
ze-mxMiSf^&fK~Lk7k(=3cY7?$Br1v~Gv{W=^#j>p1mSrYjE)`#B22%=nG{Rq1VehK
z<AsgAT=m$nWBi6Y{RZp+#?4aw-h?Kq*3-fuhQas@pK$_?H&8Xfi8q+H4Y&PK>wRsk
z_6yQh;W%3Hs-uUMGIG>UQ!9((SK&6ha~S0hTvh|>iZQk|80xY;^4kk*8BsT)Qv3Fa
z(qm(+ix^vk=+!7%#tDw8W8vPS@I%^9R~^)%#si8tbqw%pc>LtLwJY)4aAxUjFge2O
z65-YqJO$rgX^6f!l5UM;m?V2X$OaXYTRI81YJ*EPb{V;?W7HNMyNFqjV3UbDs7j_$
z35Ti3Ki9gA%{|!30FSS_&tWXUKGE77!>vF@|58!@aO2X1c;R@NvbQq@Ya0&Qn1#oZ
zF6<`0mc5K$3ZrP1OJAO(pDCXF>IKd1F*g_D&Rd%xIyT<NE}mP1dO0vd4BKx!_=u8U
zSRfZBvrJa7qShFAfG5FYzy=HHvU3~9{m^yr+qD{ER|nk5YgvAO+o97>?(6RyaXSt^
zEIH-0U=1QhkJI*a_{{fH)L9WzuX4Ax2dqZ%4+I+H>{g~ouXR$@Ook7c*drN7Ca*Xs
zP@}~Klr!=a^$rGlm1$@>-0X@8w2i4EF^<|bvM7;PP8P|aIqCfbOvgR6qYJ+~8cvQH
z>n@eSjQX)U2v!GO8^}(@;!Q;*U>m>ZsZQc>Vyol4NM#7tO>*CrsN%bWWeq8~Q9-5V
zD-xk@9T>`r5N5b_uHlvU(OLge+MU?i_gG80vLt`@OwsI_02A%o)ly@ojZrg`Xl#0O
zGS%a2ew^ILOG&ZkK0DIxJ)Gg@dXS}&EOE)@mQ(XW<H|Y`Z=Nllx3?|XFAH^~%gLTS
zp)bfTT^$igk5y?+lv9(6Ief$j<3`>hpbUp1N$g+%kM1R;`1N~ei6yVKS&M)hPJ5S;
z70Tu6yXZ&U^XIPyU&XXiiaK#xq8V4xEGvlL4jR+D5vgf!_FOYO@5*`c6A(M6LT<>g
zV-yjWU54zFNz^_n2*O7CP;P-z>=ott{AqGkgB0e(?)Y`dMUtUdDY}lKqpU%L{A%TQ
zaRm(&h38EZ<2;2qrNxFsz7=1+=1wIzIbq;_C<8dx({-v>FX!mJLd@Zu%BL&_W-R23
z^X#=su43h~YJ!g_?Cz+LX$oJ_;zYJUkYU3_u6b_X)?UOb4DFe=GE{g2dwiHJp~6A|
z&3iKFWdUZUZ^r;A!IIC9h1+_LO->k1fRS%Pr7A`l7*_2BC=wmYTEL3bn4#i@j0&}K
zDbLHnl1vJKLZlFRe-E?pbtMM_!u%JR`|ccx4;3LYT{>8d9Ba1(Y~sYI_ShZed$Ua(
zi*-2JjHw}oDr>1ZLItd!ls8)>T@}(@i<43i5M}7h3*#Os3L$u-dBP_zmd-g}`G~yZ
zGvu)=QGGlXi&ue%F%+7TztOyVT%erpV!cMn{D-pZ-(pW>8d?bC(pR;yI~b)GaCWgZ
z?KyZue*)?%O`;C7w(wqE#khm=s`Ost#Hg|6@0tzz<8vQz8V|v&nKJ@Te5|4Vv$jZ`
z9u0jP>MCVWQE+`j^{$3&TY7A%kA!0pn|n2Y6)I<t^aNSJ%j$fzf2s^Byw!Le?z))y
zkyl|Hmb?9Q8Pt0A&V<`^vq}FM>GSq0Kbv`otHt<Ez3Xl*zT4K5Fpk&e2F<-jQE1}S
z6G60gU6IJb^8L5bbn_4w{!th|kcQ{Brx%4-z)iDeF*JM+UjO^fER!psvtz-%Uy`fb
zZM=LYE$6yr$g(vTzqTE)k`kQ}oBbzEP^i`S-Aje$i3<K;{`CW-SzENp({%nyEN8A`
z^be>vxBbl~0|SDV@V?oe_8ICyfNR@~Ay?CosqBd{g~Gx(BXMfSX{*7lqs)fL4vP3$
z3&_$8)U<8gxGp*)J6TCRlM!g1sCslt_tbd?9GcH8gXL~s`}1@)JIz_AZ6aWQhIEot
z8!M;El;KHBW^(eI4F)b4Cd+jmgCuCQIoqijQ1d%mJFUEaE&CM2FmBe!Y>;y`)Szsu
zpi-tpAjP%fS1q$4rlhXrK3FzSXGxeoFa<VsCzzZ-s_4uGJIIZU&TBV5LyS}M6NrX6
zevF(z8#&Gg4)1-3qA?fZRGBz&gddupZftwNM!TB=Jzo~!F+(}SH2VbI2&XSZMWA^c
z?%-5T7;HtvNd`b<$X&CBh8M*ICv9N3L?1{l$x(i3e$X$l6x;5#5D%23)BGZYhk1f+
z>=l|o6xbA+dr{1g5e`7Te8PQTSo&<{0j#h3K0k1a&hYH?f+Z*MoH-!$k&)m;v2Dp(
zKMkgn1OeJ_-9kY~v!&_g#l1{gmDA;6WA`?st$QtYUC(VtKKnQ}*{{R?<~$)$OECX9
zV>921{Kfa7UZj}>bHbz?)fM*5t@W>9?^H5h_i|J7Wd>v2zaxDUZr2r-jl2Pu#j|D!
zDE(0e!_L-HN}0%+6JQVjtxK1bAXdKdynPhTYdq4HqBEivq34Wy34B?>rJw5~yg`6h
za9eAF%$XY^Re)e?$kQZ^P!XDity=a>--r?`!Vesj$1D3J9u6vH=Is0qgulih*3)u?
zrew_)*dOKoHHvWi(3VM>&fLNJT)zPrm<Y_k8jw)`7!M6JAQa3+0^f@!`&>3iqQ1b1
z%)1d34%WflVL$G~%xH^2^+{L9Algaiwcr;F(PP8nv<Tp49%Wo)Ho(3~iow8z&FjL9
z8jdmAE2{D4EKZV7WlQFB^fwC<aaiEH>=g~Z!b{-rF#ChW!To4rb;XL5VdZI<KoGHd
z;us01Y-Z#nf^g`!f+IyL%N=%WO{(H_iVlw3Q1-oiZl$dsCueK#&(JrYwU9@dZ9a>-
z*V+Djzr4)%HE8^d4>cTV8L?zDP4<J$HXc;^K%mo4zzccDnZ#y9nHY6&9|LQBZ0~+a
z*fkHsD6`UfEw@PEwwkPR&Npe9-U8z?@PMp_I9i#J9=r)Y;=3S0PbcVuVyYUn@e>fQ
z^<mV(!rK$FKsKj+5t}2nTWncol)G@`4q34rWW2MV$dA;!n$HkHt2-)Z^CvZ%S2ey8
zd{dU&ap)bS!ggT9QBSD;ktwe(r{!S!Hz?rw_V`D($3fxZJ<r~ZRP{ftBaYjFhQS9{
z37zAMaMn-2@V{L2FD<>rH`Pj#lwx+nApah)rPR)dMVmrtkv1wq^uJi2Nnf&8RFWkM
zS4Z$q0PH9hADaUau2QC-T*rSLfxoEm_nlShSXPR1l&Y`t>ApGj^ZC!l@;}z(ndd=S
zgOmQ)!{<$upD$8Fl8QRx^P)$QocrbB%l9wFILPnN-rap8ysIAi31q(gcKGZ{^p5-)
z`s>K|QlARH{GSKRJQB{^HK`5Y#-dlon%S@+q511}?vE(4=$U*aHCnzMe6&5Ts}Ho&
zRHDoA<3)&(R_*`@#08jiMylD4)7+0II!lfH8_&S2_%&Ts|GxwC8TNRJ-Ai=j3DGFf
z)Wpy?ioct0-9109BV=BFFJ>jC^DOjRM7KxVw~^a|=$}A$w-`9wp^?Y%Ro##4%mVJ?
z?saa^&xp>)-+v<C52XKb@%esSY#5Eaf~@L1x#!vC4fnO)idehj2y;-kFR}Y<csSQ-
zQP_a>i>J0uABpWl+{a7#hYIM4qEcgVl%i17$xI5Beal)+wBxHLEH%U#oH-Uk@l@$j
zhOkLKt3->Fh9>H_?e@sZil*5LN-IvgdxVD!#4K}o1Z&|~W*CSsH%TyKVg=g-@ivv2
zXDZY*GQ?P{vxj|<%nT@QJ1<X4NKcqe>)Z9<$EGSH?Ff(9*lNs^B{e8ipPuZNh%35p
zkU~VEJ$3tmbH>XLrQ#?;D*M5m0Ye}Z0d2O0gFE9{w1I@zk;|+wWjfa7t!#G17orko
z-BL3|80o+Q*6!4?qS`DmPR%&4wE32fDmuoHOU*r3lx>mvR7G`+;eZiaT1lD|uQh^N
z8wqa5;9h0%mpRs9Pp^~_YF=hdqZVnVDpQ_Sq{rcfTMb(-zkon`;p$UwZ&p3#r3*+=
z$qi(cb7`YcUcx)3Nf)EjH8-R%`^ZO2NY{UnH2%oHbuRWLBl1k+2Z!6e__bbK+R3Ma
zhJvcsefI;V0!H^ceGI<g*wQlHF?Iy2muMu%GLscaXRl?gk1YW!!(Pqc1M}&!^{Q>w
zyXut&M}RSki@~@n;JQTBeBnhL^^@5>b5BV9J(tD7KC$)zzVQVdHt9!&X{L;U4%f_s
zG;Zppvf14g$C3q3v_j<O&58|9Ef{Q5B<bUJhmfj(QAhSLn1OuO?$$~fU7lT|kOte8
zCb$~4ym;X+6HJ;XgIR&1`87|C<sj&y<H<T!xZKFTfx`qa$L9T{t&^ew#~OGC-eir!
za#0Kx5RNB$KueWL2XTXbq{`QNZ3!cU#}LQJ9ZkdzMT5i4UR_&;B0}eO+pij7v-R$K
zl03tzE8Wya<GdvawAUzuNgTb4k~k=|^@!&l_?hhQOF8FUUWSIyw;=?lI^R1;Uog+K
zE$~t56N)JMzM`@qEgnl_Lrn=Pp5Rv*OX3VJ<Iv|qIhLNQmLDyvRL+q~;`?CgWU%2I
zpmx8v^({3hjzmmdL}!QA|Br<y$Za`Z_a^|}G2{Lx6ZCy%@F(!jl)OXkYu~^%^r9)3
zUft`!;lQeI@Ly1U_guduT#8};1pIsh_sDnP(HGEle8)^*-~PGuE?9Y1ZAoyAqh69d
zYr$Hd<GYJ?J|cc5-Fo%nb&-+3?0XH?9%|Q$^mj>Z3reo?>&LWhCC=CXmlC;T8kW_N
zs;C17{-Z^7o87(;P~jo$>J70REKchfWZX6(Qdu}>dqH>Xn<1OxEv!_m(3wv=Te7K!
zbvWlz9_?k%uQk}olT-PBDba*iog2FV(IB-Wyrcc^pRVP&$O^HnueE9ue?OqUqyC|{
z1u+ZX|0m@iVR21#h$KmHtgFo9z72S8mDd^w{tK!wG<=4&Z%k}5otU#DCg0{~HW1V=
zEcQq$bX0lirKKU%E8`5F`eBeS3E9~q0r?4t?QsGAH|jqDp~yt|<SdaW<z37qnxe1M
z>HsFT4P+E2b~v6VAovyh%yV%Q<`p?}3ygJ@T^5d9bFVk?0W<Egc*I7i7wam7B5t>1
z&ndkHVHV0@dU}CA&-aI?7g}7Q-WJK~QRg293+s*hH8WjY`?JLYnR;-jEw%yiVGOjD
zVPe!^E+nVh6oho5gGrP}OXGdPTx(Rqi}=hK5@z2&iy9He6$pqc5}uaT?IaLfg*mU%
zXZDQ}Cvu?-xM=5QnReMwal?72Q=-AXasRM4BMEJ>Mtatj_LxYVWsh%^J}lZ|)%{MA
z9}R8}*~gRsUrQ0g?{Uhh>&Ds=+vISv*H`Nj9F-Iwc3yK$3@19w`i+3poH020!)3B)
zr$r@(3IyP}2Wm%@w$;}GoPvFf3=cZaj#@WlO$Ua1fm96}&C0cv<#zB&sI1920`DV5
zdAjYjYa|V_`OFT(Y~dF=sYzJdp9&n2UbDkE5k{i_lR3qM8+uAqh4@BvFwSxXRTJ|>
zz>jKUj3Xf#mIa{B*RGO#T8eg^>>uvJSfsieI^{l{6u4nos#p|Tbj=|@9vyms?)HX%
zOB1n~os6R(VLFY{aGy9DH4)MNPR+R9vXOh<d2tw)DR0dE8H@1MZA!RJ4z&Ii6?qzX
z1Y|ry>@+IiAWPuI9c4jKEXu}05P<f{ASRWL=c>{wREvqAHxsI#Qu91`noa-`sHG6W
z^Erj<Ie5%aiBn9{I;W#2#Lv|ktV8{x*EQ{<a2idvi|L_*bC5k`7^-5oK#82=V~-+_
zI~Dh^K51Nj{fiW=wPAJkX3t7l4_p0GR8p7JLOt~=vrY)=a~J=lNS@piA+f;YfUxbc
zgdbT_E|hyjSWzV}Q<byMp!dnXc#}laT$%WsA|2av5vcOjBTBmvGfn_J;;A^|G~zNw
z_a<FcNfB((u~1>TRwJc@<`}n=(qtQIPv<Mx25-#w9p)8vm6d}%h!LAsr~DILHfpTo
zL!Yn}oImr$cW#ASf6-Vzrl8PZBGuu$IbDyX>_eZBo+@qZ;|=-fKMp@bZvhS4QLAQ@
zEU1!Q#S6O`jBJ60K2?xC&{#?|TC<C|f>)Bp9F9<W$=iQ}?DoHB=)V_=us+w7dAzS3
z-d&FZU;0-MD_(z@S(#ZhW&b|h{a8fe`^=C-pfM65&3gHhs`BQ5G?>q-K2RSjVzz2=
zJ~`<Ju{IYjN^FUZ<pmywPWAoces~_V&oen<GJDQeXqw9=YEEPsn56ZLQ%t_{b!I_{
z_IqWuIVRUK`XgNadF-p0oTKPF@JEWld#bX#|4WJ4F-pf_+4F*&jpUC$0|apTY+A6-
zCd7t|o-3^u#bZS>tjN`c{^KkA_D^8aK1WA>l?$z-Kcao3ZTE7)lU(0F-s%KhWAd5B
zu|PtNh#cp2WW~N{{WZzR5?OKP-N64>DazR;a+$9hk%+b|qb_c%e*&K0eBsY~f(*~I
zT7LrDhASQ`c0+cJSa8BtZG@PX#1pd6kWgxz4F;Mwr)aq?@os1+B851Z9U&VX+E+%n
z*#b<eMz50@m8A$c0R+D=xUwDGG#wUu>0&w!fso}<;nk%?>9%CSm*Own8Pp#UXZl5y
zt_;T(MYU0XG1uULn{DGyFQ<NrUWe0fH`9xa?Moqibzc)JgGQm3G%ddOhR?X!W=y94
zP!T<5OL9fgis2=Jvg0~x46Yc?x&G3y&IQYEj0GjMeeEPJ)!T+-pa3(CJF&Nn6QGSu
z|ALek>qyfPj2-7qqb@RHW1PlKPEzDNUYL{=07F8@he3V}t))@SR_>011-pc%*V1u1
zCJq;nO)HDbo&Lo{3d(*D{8cWb3*$yj-V$Fpbvik9k0J{zdFSzW7AfWR=CrqCuNhf5
zRl}umF&V%EaSX_c5WF?po(kElURYdkloS6lOTHpO;TE9|1pEha>xR6@E3(m!rCUYx
zXtuQ)dmJ0>XtXGUPz$@&;Qfwq6s*An3M$g#kW^gC-gT$P=df>1xBh&gU0x{tJaAhO
zQ9i&MbQa|LRoKS$CL{R8`k<6xZ}U#XO1$SKR*5x?pA5aY`j7PTxiW4&SOJ8Rcu5NW
z88)cs`tS8}(e)WNHf44-MM<YgRA)rSGMo<l41VlmD%cWc>no*rLO!j0)b9x+X95n-
z>yNoSs+@V`c{pYA#3;pKNMeF1G=oovELxh1X=L69q;pG*CxgegUlFCp5ps|KDkV>H
z>Ofr4k9Ukk&ZK;PWl5ihjAHA8k#umB!F&DVg`Q|j*P>tKRZ7%md1_)Sii#3*OIpUl
z!Wp81!w1>xnS?K5xNeEXPm3U8w<%DuXm#hSnw*V~uzln{@;sGV5RY@`pTcIaATj&8
z*O;trC93SzVIOQFc~kDV$wPbV<gIcX(p;vAI(e2ZEF1>$(x8RCkb4x3BflLT|1^E6
zexr4_<k69(sLVVweDaG|=A?ln2KSVxuieYXrb@xXV+J_UltY&I1Y$EX&mhb(+<N`z
z5jT7WyS(2Ko(aTzQvU>Yn3GMT4yUvul5thYsfy?z{drwpgD_&Xw9(VSJ-AnXeMt@P
zF?$1gbKk2dTLr7^BFURhNF;R~s6-KV8potrOHEshoE3>C&9Tx&3CU(NugD-(Au$+>
z33;pp8*NC-u4-JzTi8Mqh3!$HOlsv!Wd@m&gP*LwUeKQ@nxTN(h(iFkX8hO?d(}32
zSVj+Mt%~mK^AY7-xjHJu+@bI`r~&?yLIDfgX62}IZeELSOawD|h{HF)`d2+FXp8U6
zM~X~z<Rf3On=sUD*2;1ZEUxL8gOy<rsE{z0Fd!K1hAqSLv3WWhB4$J}6`qK3p6Cow
zQ3+r1+_uirm@<fjnqZTutoyac%tyQArm25GA+9OcbFqzUO!pH@O-v{;?dmsCS)Ok;
zRGPO^8>QM+F{Em*sbNU)*1&0ScDQ?nU$!Ma(l(IOcx!7<van6m96St7(l-(1q<#sH
z{>NVUx|BVF1fZfLTX>0+JR9Au*?Xaq6a$ca<F2GNO{N_~qzWB9)sJ8eF}|!!A=9y;
zDsq<O@YZYjY<2LRaeH$8)mL@%SUSUj3iGpwWt5N-!?IajSdXxYn&8p+KB!a73$0!p
zdB*J&j~Btf5TrfW)3ij-3nMnMZtfXzbvuC*l<{y@C%5Jk*Qm*r|A)P|fQqYG8bt>m
zd~k=sCD`B)5`1uX3GM-chd>ApgWKTlPVhhsC%C)2LkJKEnmgY)-}%qE>$kJkd-wcn
z-S=jCS5?>a?A?1$Pjy#ybr;HmF^60ik7rK3PMln|DIYP85I3V)IbVrFqCw@mfp(n1
zM9dY+ytXIa6@bE<YFF|;0s!?;0GFbusM+8lh$+UlcAaLTfuNtm;5$i>B=Or2*odKu
zntSY_CiMN@QVP^LF}_c>W2KMZ?8yxqXCo^^<~qtC%Idj-AS7ACh)<<;`Z?jU`!+t?
zRHA(sJwx;dO!}BUNO&*1Om23@5@zT~ufE||6nHNcc`43CnMjU^kIrfzvP35VI2$0J
zJNwwww!{>TMyl(n*(1beX7kMZSdFm{>DZMuVkCVP4pGO7vQ?}n_*$ppBve*th$-_M
z(3@2l)>(6f_C2GmE3eI994k<vDJc&1oXDb07DxQ^bILrN<$rJU`lADVd8qZvqJtg&
zvD;B?%bX6l@f&c}jPm|h%qr<gaZUh%)1Bp7@*ssa8Pq;0za>dMr#Y&=+nnsNYuc~O
z{lZDMI;=tXi9qaS=v&C{cIlz07m7d|(|o>hxr#J0GX2O-vC5BS?wI0`X{)3@u<L0E
z_sc1{Gldl5^lDEhUHmE@M`Temj(8<@76WxW+vC=+%`dM-P#AAcq}wbp3wzK<jawVo
zlQCSh-OZfkGqoT?0RG4=%1v0_r;dOJPC;%@k~iYa?!PRDOY4!dn%RIJaaLnWN6Y;=
zd=%|upbjTyz*t)DSGUi|%(gwnbert&=GP)CpG_W0C=gG+DPFn?)ELuK2fN4G-@as}
zoX?Eq@ID?W)lm{g5^SK-{i$v}>WM0o^l&=UxtJ2Q%|9tb4RAKtdH41Z_YG?H2UeR6
zJ=tE-w?sDS+SXe`Ae-#ZQ7%?omAuzz5^S)=O%iT9J2MrP4-^85(bXE-r<{ywxmmSY
zk9{wdGMU(85Hocssfi5y;c$=>wN9}{zs0RNt&vJJHmY%+R=Kr=s1i+&OM>E&!AG4r
zh-xka)#Ey4oRVOa1BJnyLm!HprmL_$DYjKRKB99G{`WRdpY{vNTliOU*K#+=(-5qp
z6po5OZ}<={XNxg_j8b%v<upc)%NG*$3MZn3STKUq5jHXE=QPXiD_Vy){bNU7gxEWw
z(x$`8@^<*mc<lET(^MTv@4#9CkM-LxwlB^KL-ElBW!dE*cvHbezQgkNu<<ymHMH}h
zJP=yo?eKmd?=N}5eObWDI8w_5!U@PdNWB3rdQwNMb^qTr$NRBv?TxJeSVjN4NOk@9
zHrnXl07#kIgk~oehU!-;YtkL8gn<2IF9nH9#gD~ww@fQq_z#3G6&R0^!a9gaW!bDs
zso#J?)fw<_zy!<T|2N9!eAb1g%@ntiE`+tA40T_#{RWW#JJlvb)a0aJQ>?#I0|&7<
zBL^yel{9TN=D_uTD*<tjTv^j=s3Ml+M3zYV&;LsS{Abg@Z2tobDcPfynO0gi{_eZ~
zM$~rKy7=e~<e(BeJKHiEr<NM!s(Le2YC1IWrrDew30W5FYGZf<3mIP>D1We*ZFE1B
zassQIG}^}}!RI&(LGrOA1TEetH6uAnoD<~dKruH6g%z8*;8&-h6*L9Gr|f-;vmQ@C
z3K~4z;6)Oq>}YGcV0_O0f%I^i47~ATUE+|JfwHcMnZYDAQ3_#OC6UjvgP1)+uqAU%
zIj==Jh^-X0R6qTL{pR%PDA<Nf(odOK-flx{Cs9MMp`4U+U<1!DmZ6?V*u4@41Ux=F
z-DwmE(n^t6*W2Np2b3&YlqC1fEQabH7FY%nUJJHkC927xT4RM2{$OOXBwrboX+kg2
z(9>g2s61t&AV&eW1>)Dqa&*1M3erNM?Q}bznjJ$n(7`{afCozfK)pjBR@AWOC^1A=
z*iyl4#5@fl1|RW$Iz(BlteHpTZm3V_Onrm+462?hAo^0Fy&NTiYYP$p+|lQP$r2D-
zkM`a5zZH(imM`3z<;=|UfE(9~tvgXn)7}c7aH~%OKWr~-mvc$0XOP!=Mhe-gT2Fxp
zzEx9KLhYj77qh5l(U3aBR4kWTM3y;`Ne2@&HVHA=DxJr_e9DT`!2>-(EE!QM2f&GW
zUb?okY4eYudh7r_twCbFDy@A>7(C1nF?W1}blk!o71@e}kW@lv0H}4bC>o1E>mZtm
z0&LyCts*2i_*53*BwU*J?TRhGvkDWi8O<Eh(edncd67Ef6E+*z_`VgR6pAsX6EfK1
zd`GJxRI$N<R<_={Z-4Xcna%peB#$m!T^{ut*|DUaU}&cYoF^wdy*Vz42CT}a@6d;g
zT!-%kD{u<Qoj!MzH0+FPdt>Wkd<2m0%JuVGA<;#()g+0DVi1ubcit`VoIhD>a~&@y
z{N@%a-^6@Qt@G{bWt0PlxhyahH4QRiAsEU7`}~u7r$9S`@1;ZAWJ44@s9DCSOWQbE
z%%zSI%z&du3>{o@q4jlI|7>vD+b2}C_;!y+&?n_vHzfq8G)9hs0#!}4yp2!(q4R;Q
z%Z8M1S66C>#-Wm#Exaa??_dDpXx&^%yi$SdcJjV^qvCAjKapO48H}P>AoWW+Y?TBa
zY>04QcDwFgXn%WahTB?3BZU2?MLP{h;Ci#YBt{tY`Kl}~`GuB+?x4B~I<E(CYR)mI
zqIO1Zja)Wld$)|6Kv#WJ#ARQydk<8Go#RRsQq)Qy@pDNnyA82fCw}Zl$jO7lRs)zm
zOJ_A5`+<F_bVtG)8jqtvcc4Zlr+xkMgF7?tBfVPokp_Oc$&1XL3w&mg7oCHo9C6E$
zp%OLEd^~>|2r5124X1r+X6M)DI<JeLP3jVwj;NPQie~%$$Dz->k>cG0e_k-|>0d6`
zn2(gKOPj9z!0uJoD7Z*wDj_6sb)gfzqpibP`DB1va@F+<TcLaxeYKP_ZiO5Y34SDW
zN5>U*0n<7nHvA13h%~_;L1;%K>NIWa&>hAPrMwtFH~ybWxBsf=mXJbjQwb_Jtb>I`
zzZxu|^rNrTENh_rzm>?#uQ%Mh2{i@+mka6g{=+VX_NT`BZ-4?-b+Hk%q%4k32kIQH
zYWuo-;4|IwYPf4Fu0=9ZT{?El+~7T*s%CQbbMo@!nv1AMq&o2;gkPMV93w>%hmdIK
zI+c7g+eMfNhEoo?)Tagp%gwrZcV55=R;p94ouZXoLu-uFb5M|^EcOm{g{Qv#&e!@+
zyGMY8p0mI=6}N<3n%?Ye2RX+WxCME6U%vi_^K#ck%{cz#ldS9=>5>vd2{l9_fPivY
zM?+gJelu1zQh2Uny-NP3OG38tyJ;NptD($N>SwR>xw5K?ZZ&ookbjYYsW6WLnuL2f
z6$4Wa#n|GQsU?7hdE=ny0Ny<#ogX9uPn76TsW~(c4s}#Xo`%&Lr*kD3NUs`YXId@r
zBr}RlLtB*w0BkvvT>Z}qTH?8Gq;sgdi}(l2&|LA;+4xn~ksb>OD$*2q=JihZI$3sT
zB_hFX>ceDIJ1R?s=T<vRs%#GeeqIsL>BzfF0}aIthOH4HFDjM}h^1y30t=!fWOqJz
zsA@Pc7iB`5-cCXWF_ZWrms-Ga-XKsR{HTOupuw`%68BdtknA^rfPi<pN<q(8vs6nV
z*Ww<=qQj`|>SQj1&;GuO?Tvh9F0Zb@JIxi&PPkP==12q(w2pMi*YCIV@8-1;MuK=>
z@l5+vc!Gq3g(XX`01b=`NWRnj{iPGAo$Fw@(MtfGDr$c^)Ty>cryEl_MizzNAZUBo
zJ^wY6Di0(=iK&dv>cxDd>+-iDbEoDSE$#DHO(tcWPh-K^v+F87ox$^xToxC{t+6zF
zgp+f%dT^089CMrSy)L1l0d;1^HTx}E?wNZg7-*0&W$L+%dmO0DLuIIVfLI`tf!0Y|
zY9~4r6;U0hhCixvT!`C5UJSfkQnc7YW9LQEtMlF%a%!xhpY$GtKA-F6k4{mjXx7G~
zN<f3qq%AVGG({_sSB{F8bM7*D7Lx(!6xNwQJ>sPREF&esN-fD9`FgEgv>9z$M$Bod
z$a;LQF)bpEv2F4c%m^bco{BBSG;?asr`)1p5ko2os&H+8W70i&QqV;_57&Mf(j@y&
zy5}S{iDOOJ=GbIhIVXP|%c`KNl7{m|Q6+Fmg0a8o46MN+uSaJR2;uT0nrDZJ!6Lwh
zhSIh#Gi2D4dn=l*U%37MfAYV24hYwk9w^Y51@71R?9^45XRBjII37s@b+OeLXmqou
zHf}|Y@v&}vD>GM$l3q)$K~jf+6&!HIDJgxYBys7t@Vw8yC9Q&_DDx?iK#}Lv3~_6U
zP_?9r8<G1lmg;KK$jHlZ)~hHhJXFk#xQ2OIClfg~YX(6qX!07XCYtvt2}O*3n?eVJ
zOld8M3XcG1$hC%=$?AoeQ~rKq!`Km?E>><M@(%KRFf-Dr?DRl#kLBga52{jC4#+e^
zNq1O-xpjx&+dzcto(?1M!a>F>7I;de*g8s7Y64{lL~NwlJxGQ%Q9G-?^TNKX1CmNW
zLc$-Cpo2mM@55d)H!VyI_rNH624{pVyyHa}Ai+*&seNqW7LGP}F?wkOrK>#kw=S7u
z1SAsSPryivfjfTWu4`fw)3J1gnTowEmyy#~w9`u3CZXLPRN~#>h1`Hk%W;=2&o1TI
z0Z9j=LDt@7Ab|WJJ5U(KfE$@E_Idd05=xPkE=14}Au%qK!tymeWbzmjA+Fe*8;2f4
z&xjoid4=9+C{|uHze1oBb02fh%g7i8kpL{sR@MUiX)T>fHenHLE9OO;TwC0h!94lq
zn5nYSRXGQ2I}VhVs%niBS7Y43S4&9mx64-uqLt+cUWhX84_4;9PEYK@qTU6YJ(pU@
zwNkE|lY86b?cCYvVL>c1kkUo-{&i?)>d^UQB&x~SK*gpBlT2J4jtvC3INKavbjj?^
zOWD-!sO6F`X2@WTQq^f$VZIdOF*;r3QC5=q;u~Ys{3e5zW4|%wM#~P}Em{|_hN&(|
z^y5+Bzb#Or)QCcM#MB{%e+d<e$h+qNRr2^tL$&#hokQ-G2voHSb-k3#fEV~_*Odf1
zBg>UhX-K~TL~!bqsz!$G5i%5WjUp>z=Q_zZ5?QvXVQ+JeC_u~6B6@wo`8n+b<w87#
zO#wSBs>2`Omxc-Iv$4Z^W%D($;V1_{v!u*U%I8MZaf*y3x02R8FmB8sC8^QbVQ4zU
z=}4Wfe3@j@AxO1Ikf;}iSD_@_3YToNQ|M~Rnd~mdyi!-><&y-G@r4`X_OzvTzKr8=
z>D@X3x(Ca%z*LTwzVOYWHY*tjr8|M?Q!2Ry69+>R7sP_n_<97F!umy`kkPpfkEy00
ziOG|q4UmcbT1X(V&fIX{HX8s4yW!w_R&^~VR<ut+Lks7FiEvl~-0>LTy}XuO_DAR+
zB}$UG7AtM1g6-I8w9PqMc{gS@K|`cZw3u9rQ5oV09qW%V2ve^JN(ahch$V`trSKJ9
zh-mP&d0Y#XL-DuPAGM3AhqxF8*vsnxAQf39G}?IpkB0$&F~GnfJd~X!x;Ne`sVgV?
z)uXx>l&QW6LsgM>CW8k5CKy&s{yF3#<bi{fE4hYoVrRuZsd{&~0?YHnGmRR_;$$ep
zh04BuY<yx$k+Y*O-Qb8uXGUTqi@;rl%e-!Nb}+Npb!tFWxhO;PCNG`u1KzvcX&uX~
zd7=r!`8_~kA+pM-B{?UuwiC|5(si*#v9s&b%mfl0-e^CBVH^HZX1AYZ>gTM?4#0HF
zB@t(9R|RqNQ6@u8sZ|vA{xpW(Y1rWm39`>FcO^Yzm>AP0F`I34AbG)upvpvP*u0Y1
zaPWcwmvU{4{6G~UJIg`lrYQt$MTVu1o1cNhLdQNdVz^T8W;SBPJKWy9=va-|A=`>E
zFcOyG)`L#R@tRI#HnuBfHx8T?p@lwa<;KsDj|V{Nj3?jVb!sto6oc@q2@!q8<;W&Z
zc5n*c)PiNTAmJ&+I`J(&E!mEI5%cyd%OST1s95BQQ}Rs*)#BwOCaDooAw470g}k+{
z#x8rkK|VU0-6GYiq!4J_oXT1X@XD9Jl-gp6KfTcMXsQdzshUBv-`;6eHAK`}1L;&p
zRE`<r#|%6m3lQ=`Y&?XI;d9^y$`L?<ko*xgJ&egHaIIj<ee&Av5NkNuq}%^RgJ@{c
zWsSuSB`#f(1yR9(TmkNR5VaR<8Yt1HQjm}?J%`lNG1_j!98?({y2QmAudPw9mY?40
z+%Pu}e(sxWS$!JBy*+Zr+tW2;Jx9BOZK9$@24>rH64<2(X(LI}qHrd%e2W{G5x4^h
zeOPnS*v6@p#zv21+0KDY>{c2qPM>Y{IDPlCsYA)lDeg0qv+KV_+Uol?)u#a>%tjGs
zK>^yR6^3nbQR&9T_v|k^I%=Y!q8^fe8&(lfqT&OTsr*`vR;<(As_U&10oUsYQNK?o
z<Iw3Rd`AQA^UQEz>M=H*VMVqUKs)F$lIGVy>%c-+H((L!wxy{ZX^Yc^AS--_(=d2$
z46J=C=V;*gQXa{bI1-UC3ji&tr4#gp+8=Dm#U&?fW`*w}+rct|0=1FOr>i|8X@sU^
zx0M;7rK)`M{jfAV??>`L=j{^BC;rsY-qEGszVb(X{A8TGk1HPkJpO>~8F|EUk_4rS
z33-=Dho9*j=y++nLWD@@=6O;NZb3#ly88>o<XK>rMI+uc-%{?N7QO7)tNA7*K`iDI
z{<-)^Q+#GBx#2NYCL$vnwlw9aNKC>G4Rr#ir^wgmQx7z+P{8Y7QvJ~fT=+gpnhOEg
zBQSZ)v6t<SC2V#Cbc{j-2!$!oRNd3vUW>TmnS7`)cugr<s6MV!Yh_rDmq&v1QC0(^
znau>-&-B+Db_aAmO6m2XmA*8w&BZM`f*9+-U(lNeO1?eCU~+|`y*-_+J<(9v07{?!
z!+q{tTBw}P4?}6ZPtDxM?>vPra5*Eh9GIR6P_{7tNYI)!z0Xr&_hDzH1aga9k|yRC
zWIUb4gMt8G8Qe`U>?i9bRk?1o9S^(;3PP(5nHSAW(x$_4({^yWVvDru#1soTGVPS#
zsTYjK6=>FD$wbDvLaHr5Ck@>VX%liq7RelTsWznLVy@Duo$l96LPN2A?K>K}pT*t3
zlILskwT~ZKAQY?L0HN)Lwd_yQfmqbNcz_QNf2_pk1Obo{u?CQkG5!cC_(wz{L?}Oc
zh?J(qS*N5M2+XSylvrS1Ke6%S-@*(?fb6TnB{4LyJl6Q&So0PDZ_g)r_Lc^nl$|n?
z=k%nnY+uq#)?E{z6wqT@v!R3^%Lz0ASo-tNRw6Ux$r-I3Dpv~?0AUMil^-~4m@wI?
zw=0)NSY+7x_qc@lLW`G%@r-a)+_Y3N3_PYZ10Bidjl;)OH5_FQqTPgi9Yc|$Twj!q
z2+B0dvwy+Obj(WtX45ySYDC|tfpHfdW4P<1Y=j+9&|ys=E<S4Va09K#4B2TRhi=}O
zZ54KpM|*T@;y9^aS3%qk-@v-%i@?fWO5D~t3tkdRE~>asKsl?a=42XgBE@K3B&!$R
zao&?UVIy9Pyf<U+Xv5G?(vb=_Au2{EK>v5CXT24ZB*U>Z8xb!+QhMaU-|LPFanjob
zURZmr06fQI`Voc&Ye|b^t&n!6bMzhTb4fZeVx9r&^hIJpvh8qRfV4HI{SMYKT_$&(
zuS=*JOcujGO;sb`5*GIbfqOe|Ug3PCu^6u88whvCs~hTnl9C1yqp=FgNMkVRIrt19
zGb^B?I`~X~VZS(#3*EFdMKTiFV|3#s(b%H$NDw5j^*01d8--!_ug#@QjK&__iFBk7
zlK2YCiV+GoVv8XSquW3Lw8d`)dHi}7rBTB}dBP0JZj}&0vEa<!Tv$br<Z*%gUxl_J
z;XkI~7-;SvBEExMvq%|`%83r2Ff2PHHcVzdkUHJ6FJqiPXDUZFf4nCsG+=qI4!>}~
zB4Y`F{KRrS1yA1hK_@*4Urp>n$K;i*sWYT$D5MEqy({T*vycvBl?Hak&^yMQLW^Q%
zV1~=YSW84~sKoTH=2Bgq3v((InKGCS!%7yID*{U!cWfGdag8GDXX?KJAFZlKnTeyX
zFy2XED#R_i1p_6CkSV!^>Zy>@)v%HR!%8uo2`X$c^8<%+rr}25B-sp=A{dIuFy^%N
z(xq1_NArLaeAc9$;zohNzx#yRy6BR=?*06uWp6YoXS1UiDQ@?qeW53dlCY*I>9UY9
z(34i<jB~f_6RA634>{Qy>4`4R;s}&szyc|gLk2n7M*}e%{hmABA$cr@!NE!Avm*tw
zWd}c=^8oKGQUn7tTz`yq0uVD3TW+Dvl_@E?A$uYWmm}{U&o66wLyTU6)bFzSS>-y%
z1wJ(HnUq8}CyUEWWTHb3l}i8tf^Jc%mCl>mAt(0c#v|>}I7|&tN0d7e=XqLsegLzG
z&G-Z**8}ou0*R_5gA4)Ggj*oDYke`gL}0jq`Ug(qo8Vs&F|?V3*w3X*+CpzZh(KQQ
z2~_qZJ%_eImGNDqXqa}F#7|<yExgdwu2@jsWDk}DNFX{)<d6~z^Xg=GA({74^uY%}
zk-#Bh%Q`eIU?N%L0Y}Ft84o@{on_oS&lWi+nYbiz*sAjGZeWH2DT?{NBriNjOGF-g
z39RenP7Fk8%wXu4!R%NTxhZ@>Jk!~mAlyX}v{ouB{o3s;D!EzTUU^pO+UI2;HHTgQ
z6j%`S4R*xFV?bw#H$?C{_ja9^bLkSCjH?OGSIsv8jyfPmGp3h4Z$^bZNv=;<!cdFr
z<YW|dQfeK9(S=GAu3(5&OoB;c4Q`2(lx)9Wg`th*1O_j1b_IL&NL&C&S-j@IuD1g$
zZB~d6hc16$vlbxSGkt=xc(a+TAH-#JZdwS4rWESvB~HyiXkA|t$t~X@3sfy&q#f^I
zY1LvAHf=~rZmtLNGNBUVaZQqY4s(!4Efu@+aQoUk>BR6Tz4!=@|IXyP+90Ic!Iiw4
z_O-lHb$Qi;yR=uz)!*yv&`C48`|ZK$60!O5Z$PWMM<*2j(k{3&Z=V;5-f4=%*n}Kx
z)@PB}EKV+Awq?@4nA@nldK~e@aYu!UBLJV}OOLP*b_eiP%3y~7uWfwJhjQwV5nU+e
zHn(BP#y%(=Pab5J<5$!{?|<TcOVt%e{<ukrlep=F*5XL|ICO)%D8UgsqRob68+2L@
z4l14S#`-D0Rxs~6@2);gtg=-#LyU2Dj6mE-O|jHoz6G&LZE`+UGx*rU#8|uvhpqTO
zdA3W;HN<L>@us$v>e%#L@MxTi3;`Oo=Dz`!mCfn)`n(1rHN4)iC+Q+LvFq5@8u-KC
zTE@V+27rxjyU68;RDg)<>N_XU_Ay|i)2KaNYH$IgC`KSr9wbSMdB+Zt@r)TI0Gji4
zY}~5rvjwvA3$Ht0X6-YhxiZIF;1b1$Rj0mvAiEn55(c_(oBuc}*sPR$#HW)RtnQk5
z3nPtdaxS_WeQ#F_&B|XB^B<c$ynd(+Z5-xxr-zCn=6fEKU1(h7QJ*K^MvhbVBixqk
zsl(3?m_OVy-u&2=4sWtW(Jwsg=Zbmv7~PPKyiqPC+%kD_rEi{-PmvkBBXyI=AR7sK
ztAnX&l^DHtAR9@@q<~<Jr99xDU|3uh{>g9ygB7+VtkEyo0zq_ge=QTKIxGq7rQb>#
z;$i%^g6QQrSn>15c?Ewh!%UM3lVmBgIBTBd)Zimp9q742#3;P2&3em^LdGCU&>tu3
z&X`CI+m`=-FN5m*8_;=%90sc>z!>IZT%%NL51gQX=dZ5%^<5b=K9@zv8J&mA$|vuW
zr4RoUa-(*63$iy8#(V#|@<ZvGMErF@RJPcc)ymbZw~rE2<jMFan}5&uST>P$fRGaU
zQ22f|6iRE^>+pG)o>!B46AMJ?)jp~{6$=_vsyc;y5tAWO)L&gzmCUdo+fyU-QP7)S
zG!Gmlcd$?B7!c;Go!=PB1!)6Gn+DKKx?5W)!K3$-lJ#)T{2WP2{_1C!WHJg+#$9Ko
zZ%k!(=_U(qu70?o?`PMGU!tNEfV+254C%)yNaY8gjJq3h(oF6G#AI$qKqPVv&;OzF
zJyxA)DNs1jJC0s{OwOX!*&#Vn|9$`psK|uw5oK$DOR<CS>LxsST%*ZOUto&Ib@Doi
zBej8k11PUGC3Pbk?MGbR(Ucou<0^teV&`5us$dhTLr{*T1UFJtlvA5RBrIBg!8|+B
zj@MBuIjKVE+=f8w_F)$AYNG68#<OpIxRYJ(K-v!+ua~|L5JV<0Xi6%vBaur5zF>0)
z!SCf6$u~YqJtHQ(<#0W`_O0@DzWDVU;7eZ7UA1ypbMRqo>tWxr?C-xz(cf+@po>{}
zsCXwy(eBh0EE$B13IzQ#$gZhJu!<#b<j>RJ6EagJtfMdy<+ZgqEi~GWWC{H<Xt9Eq
zgA^qoD?<O%jPcZ~yF~-BjhWM*dY4O&SE+cdUVdM6zX%~5896C_1<0*CUIuqPWg|2N
zgXhaX-sp+rBmj2(l87nC8=Tvqv6d4G)<mfSp$bTn!-O5k!{!3hJm|6@h?|cXI1~Ty
z1BNTHSOIWhT>4Yb%*_;)bbjusRF6Y$zI9jsq^~=#RiKXyh9P*K=aLInU72Ai!r9Rw
zEt=hlmp>80>65W;rE=%{mOo#9sRfk{*JLJK4y|Z_g0zx}ZkgcvP|N|SYB4;7>bDr#
zfvwRpYZ@-8VYjL`0Y?IT0xSVw(Ayntr6}AseN=uVr)QiGwEu8xcsDoS;GTe^qVVs#
z`J3C(gQNglC5aMsh<m3PbUzDAWgI{Ol;FKiSjIxKCr539+6;t!!`O_QfS>B%g+&FE
zy799I(?p-+(XtJqp+LI3<Ag+9qoGcX4N@9x-INLx$k$0fEuyvUEv{^Avu(nV3US#p
zJWy^H<^(q+XSrd#M&i-rpl&&04fYVmJT-SB7fwkqmo*z=^V>*AB+3Lw4w>#b9b%52
z^5Fw$j?pVJ4cTuD>%c);=_n=#c;Sh!r;-vmo)h|RPk%5JJV`;D)a@Q9Pj8EQY-zpu
zJl6K=_Sv5;5+TnxF@LCj#XM(H{UU`CBrfY35{{#4myWXk^Urqlu);}$*%z!E@PUr@
zuQKG?v(D>nNA#2y7jsN9fi-PNjd;3sF^amdBTOFSZ;b_$V`8~N06ot`DTPC)LaXGT
zLGbEG&4pmzNpel=aSXz(1{KbF>CPLb0Es{UBxg!pHOQn5h~3mOW<HPB?0UW8uX>YX
zJbbunr+4wMW%hbEmX)XW+geMVo?18dP#(8F?K0;}{SDy!RQU`_Fn)j9z^JJ?4iWxE
z2}g!~!oWag*=1%Edz5zK$P`2WCD3ZwNkC52X!TjEQ+JS0p+g+2gwTBv*o<oKK9AnF
z^=UOWy`YqGne1nbvPNUIoXnivITqpjH-)6B#R~KLv$Brd^_F&=_?=mkwpv`<(}iZ+
zk^`UA>tYT(kZ>%70QsU##Moyit@*J%=DRSYh%FG%;g^pID2$xPoJ=KTF^qRk0xv6I
zjWEeNn3NP9Ehp$0y1lOc>q;+SD?&j5J^y|9>q0sHjxu^^Vvk`FZec`nEj8c*GSn6s
zh4-V<JjTVn?=9hHQWc~dklqJ@n(q0QQhHI1_3lrTR?%@^X#$^M&&!MO4G5~=ehppk
zh4qYAa(?~wRy^`cu2B(Iw6z9E)ofT`8-5xBc#qX085CQ<-WbPsb@?<G#V!c7Jo@-H
zZZbljG?L2}NSSKAKuyaR7cxS|PD2|XXk(`&9Xic?A7N*u`SAStGlVeu#LP5yO;(~U
z5@2WfL#Q$_AK!K?0@o&CiM|*#K^VY*1HBH}m%lOe?Vy`5jsc$^zWff!1iXz6zc_%=
zuMVki8$bh8Mo>^%iI6qQJpnp{0Dj=`XdW5)%=9Bes^(N*!+`_6-PY8r8^WZ(P;13`
zsngQ@kMkG=WPK`vKJhA@0!lWYVNEzhP%s!N+N1yjuxd5z8dBTM#FZq$_YFeiy<QVr
zYFdysOHCU_LN2_R@)5ekO|zS-(BhJTPjTiyq1(oQhOv%`j0LROXHaSE3~Dmv@r_W-
zUtn+(>?fRp`^>Prbmh~DrK4dz__{S>F?u?Z@|gzP2CZwbp+*mYe%_XViUE)i*Ji&u
z8k9F1`VFWD&Qz|zh}g}9d~+>}&)K^@HF52Aipa<ucH>vX+;)8=$TBL#?;>+)Ouy^C
zQf=Q>Qi@Gsh1zsulxwE*;-<VZpl|y|*{w$*yS-e2N*g^5$S0?Y@4)Y~bOrD825kWb
zM7aw(-A<(og4rTrti=Ws21n*WeiW|4!@y8TMHY(n;H}p)Nk&PQI2SrMOP5mQx_K~6
zpTHcq+8Tm_82mLcM9FW0LQA2gvs>?DRBd2G;XX}Ny-=L`M1J|72V-h)`T;ctPZIIt
z?@p`+N6KlCU#JTtY*c2qS-r3A)Gvgil)2c5oiw~v?Rk?d6)I4N^BHrLz@l@0U*~Bv
z9SGHQ|1R>|_YGcIHL11zjK7H`o#H(boaf!e%p*@xez|(0vdcUU7m#Bw%kGT=0$f2z
zUgnRM>#A-Nu7P+3ulndm)yR3ibw7NQs2&7<(mdT@26AKENqkKE5wBTwBl#$8G4n-&
zcRhS)(=K;%<(1%sfK(lC^xK7Z!xKf~&z3qAUW0|Utk65E64lox`2QwQPuN*}{??Cv
zDPbD>n{-oLb+mD17)H8={Igv?VsOB2ut>pm-1&C-uVcD^PDWOCW^;gW;9a)cH|qaB
zy)PReDJKiQ`M2)xA8K^nRQwMQF3}1tkk4LYQ~W+1`4P2WfznmLv^~q-#(LgfmOY6H
zK!#%Yd?}C*nf7Oy7*HUI!H^z^R5p`BlE7(P9+=7zlWExA#4%-(R~YL@)BqT4kbHeY
zs$;GdD2-HzOl@UH9bWbupiQ(P7pI6mZZfvz<OyRu=#k5lN$>KcOJa0&;#TPn=5S0=
zmKK;CJGYw}M2w~I0D-)kj0EU97%Vm{$f%s$Qh_z;=!x3k6yPG$l*Xa9IruvEo~bom
zKr+H0B&CS21%>GEZ9%s9^H!bXPXATPAR3p2Cze)Vq6ca|0We4sf=WDAiPeG18HB@3
zK!w8AHIi*2T$DwOMpNG7@w$H?9|SBijAOm~@txYQRQg$%`H+VdCzmO(1$nx`33pJ;
z#UnE?H=F@jF<24=0gt-@AXUt$K#E;^H>H(8!qw1$AI(xp?1cb=ciGD5R9R9Fa-o2_
za6IX0R$v0o78XGI3+5&Zdgu<aevr9Jdbd?GA@aNe32zT-1?tN*h>|UOnomr#dBhSQ
zt)`lEfGy@3+Ii}z66N39*nOnpQx;_yFDFaWPO$Cb?8R>YX*iEU^BILWP-3`elZlJ4
zzrX}@G)q7;*^yKz-r6QS)xdWB3=JdVHLoZA`Va}Q-&I^{L@BKB{b~ZpmGo`+k5s6|
z&nTcF=lp!qOP?fBQYTFE$_W&kG#2FggI*RS73zYqqu!hlx_b>Id$BCGQGRV1*<Y!u
z%_qd?>n_SF!%-%M<eRveAxK+D!%j9O$2;%sZ}xos$mWO7j8?M(epPCz{O?333oS6;
zFyu7n<?xZIozaEZT*mC@(dJ#R_xv?){<TairzJNA^?7PigbH<##2Ox@5DrJikN{8P
zfKeDRk!8nv${QA~RYk^K@hql;-gkh?@l@B32LbUK1ZXf-kiBeSzfQp*rU8x)IeL_F
zIyTin7e03H!&va_<<bL(D#uS^l8zQ{6)AK4ZuH?oa8DBwMK1E0tyX7`-1|@$$&*fb
z(=jF?#15K4$-Ef}1*ocaddB4>*o^(-maaT2$=ssW-t}ZJ=1>B8Dk>!bNP&yu4w^xM
z7FaDFFj>2v(ov?^;2u-MM1ovUD^vPe2*ww%l?qCSfa7{sGKcw-)3<-QFD+7-&SxYo
z<iJ2=GHe{#^4g$dULA4eIu=O+03cWc7A+6OCa({~i2|?!d#D-$#ez(_eHSJNS{Q*E
z7;G@LT|=GCPG$fYGoJVvc_6DKLC1%$U>OVMewO2kash58_*Z122aPjNdYd3!{-jB#
zU)F)h2|9SP-OXj}Oo|K*iY(6rpHw@b5eT+dY=m%DVOY|8l~sTxEqe&1neG-)m=i?(
zSN|{z8r1*AI{42Z4_;jZ?RBfqO1lP9I<M@Wt2cGW4AA`sgso6w3qR8Scxq1&m&z0f
zr{<zu=|PntOB(Lqv(ZD1l0t)ld|=xt3`nYs?$MD-t_s<tKT?`>3Wc2^)<jWCxYdQ5
zM&(Ul+w_Aa(LovHPSg?6(Bz}KKu5wD%8jrnMh&T?1e`F8U&c+wG)Fm7oH|I^<+Z9W
z_H_`^G;j0zCyBhH610Ems7YC6$J=AfXrR^Ao0H&ne^f-bB7d`N&{R;`Ba;@b!Aol4
zHeHmoeiySesgH>cDj-KMEdn*51kEDWArQ8o5f<^WsYVk7@*?q?u%v$GL@(MYv`**z
ziH7q&om7yXx(eyTj1#6#y&Qod9q%o=R{tXX#I<GENu9Nt)}4zq=Grc$d$gNMKFfFF
zpH1$PMw1-2EC3Bq4@NV4rd>uIC8|1Lyb}P~HBSg(fI@d{X!}j`c*SKjhzm`eve4T@
zi}g8;VtBDBf`NiCYO6hvs1#)flLJ;{ZgwCxpq!y@UaIbt-Wi7?wX{h+jY*QGduB1v
z**W+%6m73O(kGINw;Matm1<ZBouD#~EF2^&po%Xgs~_ehzs5p3J|amZRxN5t;_9G@
z`_e2D3xFgE0Dy2B6BUZOD2dnS+nip<N&}t8*v(<V&|z(676DRr410^(q4Y_bmX|tV
z@E&(8Y&0a)w{=Q}WwNj~Fp<qVnHGl_Di&k)YXPqQG%6;5v@6wJLns#(Du_AV9L{%T
zmI?!kZ88-jS$jM^U986~kw}@GfSZrAFwC#}X@P^g&KNB_U2TBfu*?_&eaQ^R%#?a)
zOrbQ1BWbZN(HZ(#tj5fsHl^O@AK|<NvN7!IzS<<n0{q0D8gceFY$^5tLENqtJy(7W
zNpl_!Gm)kY-{hCNf<D&DKBcY5bjTR9=qg0gfR_Lw4TH@eMD}i>JvwB}^62JHAWD-D
z?B0toTsgFuLolEpgxoRdgc^X?hWg1r=Q1W?1)yx!d^gC$WoTZP__26)ZG&6M?Ta*1
zfmA=y0toYLws`1G#@%)Uqb<6tU$<hbnV3wHoo1$&C1Tgm$pTzu6QA4h>Bvs^E|%`y
z1Pl^>Md!BXw-wj|3+U&Pp^2j-3mQY1U)<77IuHw{pSrVS&?U^@HS}Q2S}8y<>P)uQ
zi}5e65i?l=1OUW57Rp~=h#jR7QNa<rN~02^5fG9HXn=_5(Rn2qAp97lLSR8DMkYR4
z^ZdW;8I6pD1O!Bj?=%Qy`WC(s6*v$7&>C3=7yQzrDxUv-giM{w_kQ`~o0lP3S?XNo
z9v%)m)wF8P;>{rgBW0;|ZK6%*vvjONxklaFyHi6(RBecS-02JP=EBjPsi7BH?gu;X
zTM(3)^H3Qaum9s4DHdzQiQ$Gs>TGtTvQvW;eQcR;q!oG*c}4PygB=1Zl4s(D0+wZE
zaA*wi<$27H;M82rocxlqR8mSTqc;{7e<8^oF3<ahaG&QIELfCH4bJ*E-M%pzYx($B
z;O^f%HI#f(n`@HiER?I?cv3nwc;(-;_{PSjFH4=Xx^>#~e6TxKUY+w;oY?bxw7XMY
zogME?V`@<5GqJ#V!enrGu2!ZdBCoB)p%ag!W|k`yo$_HCjO6G6yDxd0n`$bN{hV8G
zO#_BeF%q%!q&aPJ=-Wj^@8HrQ0ji*A-F=C7!>ysuqo+u{u}6erV})|G?o@7fFSIu2
z2|iiu3o$)f9?C_}YH?G+rURPI6ScIDCv19Cr4Di%`f3>^WMR%?Hp$`~2UAR$GF4?N
zNe+0m*@^?jVjtaDSrQHpdXmpcoJEq}NtY?q!;3jSy1m}!So|w6yuoV8HfRUWOhw~v
zQ+{-__#C3I#&(_Hc(6lzj_WK^xaxH<*(8xLJ2gnFMdB=;zeBG#6@`Z&MVfCEyqeDS
zcj#xQ2F&0E#_BmPT4B!5z1qZII-J)GZ0W0~xTswo;7|=wsrPQzH{F{m9yy%oC#5)x
zR=GRqO>G$`tF`1&E@yf*{nFbZ)SLQd23Iszr+KF-C?;7o5^byo5|wRk+CYIT>#Kp@
z$j&tVz<{e7s{ud6Z0Y4-_Pir#d3`fmR;(_Gf`2@d8@DE>#&;*7q7);jzvpnMw4E(s
zrII4zIPT#Oz1*oCTDqe<Z??3*xV7h$Agc&yn7u=+-@#{Hy!Csy`8wlrj&1TAz`(QE
z{`kzex6$RupunXz6eDe+rfi94qS5<KLRC*N)_6HKkTkZ8`mry^WUg66noeU*(AnEP
zZT?}!G1Gr=O$}*h^Z1bT`y{#Dl|{KRUNT3`mAz?Wk;%0@yGrs7PaQ*Q#eCu?*W2a;
z$^hHG0+-WVUS))0Oyk&q{d7ymV1`ssE>_d(Uqg^|1k&5Z2a%l#C$}$s2>u6LP$I(5
zFSUcsgDT8#=rah7d2uCh&B&7e%`6EgYATJ7Vu1X3RC>w3>z&|IN+h|{Xs@NXghCr-
zk;|}x;X+%I;Fq-#fo1R;{=4P@#2!g~LehCp@Fp(*yh;JZDo}b|J}Lg|Y_9t8XO@F)
z&3mZe&dGh9(naofDs5`ZvzWp+Vit?OUzg@1BWWRU*p{TFB(*iUircCdcE)djz_<s}
zW{W6nIhJA+x3^HsaQ89o&ihRI5&iu2e}Gjjr>z>TmkotUReO`&{zU}wpoj3`8MsO(
zWl=ps)ndxPbCyQ%Uqt9t&7r;1JQMt+aPxGfEVyP-eqi-PoWy1Fc@o@$W^L8dz`iHm
zRV7X_>M7KQ5sQ6*ckYb@KdgH4dh~3&*idN=ohIn)L6#}~vypXr=pdecbZJI`MG?bj
zKjYXrmQ0-Uhx-chWmA=N2yP#@y9mYj&F6OtX4b=F3<hC#S$#IKaXbfpO=r5F6mAV-
zO6lU%Ub=bPCUTu_Q!K$Vc}{}Gm$ktqy{medG_9Yyy-2f6UaMR<P6qq%st=k@r>lI&
z-+R+!Mb<DXs=h3IxaNKDN4T<(m2Ik$%ft3*(CN8xznkOwqE!5YT{5}pL%1DdI((Hc
z#{7!n+uyEw{}7*ddH*OsRyMZqWzmOYrTA^m>D0`aZsfO%Bk#oX*PqnYtH0(?=V>4O
z3}|@F_kG;Fl{cF{d`a_sZntZuKqlJO#4wH2rZ>awUqlda8i)%eJr!uL3V2$@MINB{
zC?P<CVNRU~c=CVz%{JW!5YM`eId}5<blRrsa`*n=;?o1a#7Nn~hvW|nA0LZ;1CD+J
zif;WL|IVCla;7_^6{TBPQ{XxNUQBlNdh&_dl;;U@RaE<~_VLnOHZ$E6Ve+c|pe@@w
zQ`x*veUK-^;tBn`?*|}QefC4?i*I#epxZw(7y;*+^h)S(b8UrXvlUK-5mpG@>lhn~
zZtr``OvwkBJar}~pF)yP>&SPC&EBj~zb5Lj-vIc)Nn+ubYd7(QC_P4~Y3iNuna-Wi
zW!<Fj`zA%zua*qJ-R%oDJX4-gq}K0Xai}o7N<~#yxM?<Hon1fXMVW+s61?O$z)e&j
zx2bh%Rmu+5Hi(8Ba_;VDwLL*?VqxFDWt2Yul%W-~32tdAP(pAKI|AR)33-s(O1kIl
zUS+Z@5l&%;s-8fKx+m9cAF=XmSKF~|ZJPAE-><yo`(^Xv<FB=;tttEWH}|m_vm+ng
zcRhUZw*C2Gp*{GokM-}Eq(PsIbd2x+{F|#G+vF{%lCYyq2ubh%_*>H<0eNS=;>vmZ
z<m%Nw;v)tDr3r^j>6_O+y=qQur|I>+tDBLy^rwZUu3m%#Lw&|AckHApYLFnXrn_tw
zP#n%=*nYUm{TmP`&1?11y-)C_Jk@lM0<yADoU_RFk-}igTaFQ60%s+}PKr$*=1a01
zTDBkh+s~3JDyYBYIO0OhDY8nP-Vhqu7_1t+^ewchnUokX9QcEdMRSo1VQ=msJIs=8
zp~;EFMCRPMvSx>Bdeh_-PKHKe#BY&ofu4UC5y~Fq?vUtq3tV&_#Ji&(#CLa`J7aeb
zqUI8^?})q#%0D@H)fj-L-uOxnwsq%9$2HYQ7?1{AeaaHJxrR@!*y3L}u^?c9zpyEs
zda#ArKGa9(oEIasAYg_5%N{rH$0~2$=>)a$CL~nC7Pe?yQ<!cUeg9M-YtMGgtLcRR
z2F9<;|ET?-wd!M#9iqIDd|8g`g;bj_IF0@>a885rU%;}T1G|bF{|0nNAan{50st~1
zG7Z|FL23{>1wy4Dphtmdf}}Jo5(yc2-Gb`De3AuP=9aE!+MQj}?t%FY6MyOzm=XY1
zDi2oL4}T`IBX_rVD%obqtYq5*y*GUSF7v|Edh_TdpPN^6hRDbLf!;X;x?rXHd%8ws
z{_*&?&+0|iaw7ZgkJW_tEZy3l62%+;J;k-nXZ!v`avts3a`8sgtX^aZ@ulT~e@GAE
znc?p~qwH+9^LT&p!5Hd&XL{m$hMyMo^*bVu&Jgq3@Dk!&LlNz4KWzL`-h*_=pJv#Y
z>+&_kfo3#rmy2)>!HaZ%4Y5yS{VU<1rnbw)KCs+dBKkDFsSLq|Z=YIDu&QK4tIJRK
zmK7aZPEGuTIP4D_`SO!B?hl)e6+!%X2GYNzZ4WCwV;eU5Zw})FsO5E2(Y~dYk>*}O
z^y*~%pTM8(mi)tHOz&5?Etl#4elYt}MC+IQ{aEzXO#f20J*>+;!zJIDT=Vp+q1fFo
z#l3)Qm$R>qVgVjIE9>{o{A+s~thfH0M|*iV_dIJ|_ik5bO=*p1&Csu8h~8ulr_4<-
z_kCB%Vya*2J5o*c(~QhB4~ZGC4ed6gHGN0d;ew5~HFMo#og)<O*lYpM*YXJd^a=TA
z5W~8W+cO{1Y;{w#(jgr$8aX38m=~?I<7U5UQQbb|gS45+k>=!9<<fiPDa-P5*?4={
z{*mS`XY3{@EHR5-y;i57yyAl?S{cz?kVDVUznqQuPsf#i3eh1;gF@+n|2ZH#jlQFZ
zOQBKSlNz@w@a{`L(t_W{R5f~UPIDefO%GYU2O4EC`h4vw4enQOv4<Y()_vIN*UPUc
z&mrR}Hy+vauNONfyCxyXuMJZTaAK<3yV0Ebp)It!A@&>aOkU@>D%1CkzXy3AB*yAL
z2j3cRqwRh&K74KauS)%K4hj8V_jIv$^5^k~zX5b1KicgdHDmomeba3z!a3wVo?%C&
zFk0y7gBodiZR&xs98Y-4p-%eJExj^6)nR#<ua_fM%sk#$&wn#(%aNBayMVYXeBC-{
z&i!8gnptYLaM}9pCw`eKM9aYZub&$zlpFQGzNbFO<KB11S3y|&I({S$EdsYCQijJm
zr85Z?rbIka98>Q`Fr=0=XNwdczAcn3o89x3AC@zHc`Qn})1!IgwC#up*YK@=E|lI$
z`WNUc+D~lD`LAeqxv)RHnEsijhj4Bpd!YWqU6==9kVQvESXoe!Q4kKpe-(&`$Xz6)
zgam>JBMUJ)uYe>ygn^L{EcB;+1>sf<1n@JJl{@xka3?7eEqcoXmalRXJA|KoSX-yc
zUHX28tL`Fmk6Ce|;1?wLtODPSrR)RqD%0>)aa&Jj?sS?+vi4%a*U;&!Vx9uT=UDry
z>W<Pek%;pA`v|5N0^}W1<xXw;{{d_fV1OTY%wd}%RNZ0v4=_8OA9*6S2q$<}W~3F&
z+O!2l<XZ>fM9<171VhIhoG82OT3T=|_!o`Q>$DejJPg=RI7F+7uTrRIvHaxemeHOS
z#h>Em&V9Sa7<;+p7qZv<<4fno(y!HZ(Gz%pEA>^BL@S=3Vw@UE?xa;x=a>Uzz(RXb
z2DPr@gg)3n=PF@<lfzH7K?y5&$|)&$uVqP5!{lnwfdeyra9KLQzgttlAIyIJQlm^9
zF)*cLnd4dYNc;=yiH6G?`B70r!J+HyZB;r2EPt<ZVez6p>gvUvyP<98Jm`z&c#~Xt
zmX4yN;Np2A)Iyys)H)?*#X99bNyaq(MMkCVdFCWdZq;B)#iZ?d`r-@(Nu^lg?gUz(
z)Mx1gGAbuIQ7KZIB%3cPM<Ymv&EvKjwxl%cdEu$(1}7@M&EqWenAT4$oh1Q?Jf*(u
zALOMng7heSk!(JdLx?Dlv!Avz60>)9oN@B3mwO<0YFP`xUE54!nn%o)6SuK+woz+s
zXQ3)=rVP}{#<3%++P|rkY@Q*msAX5G4$|7KIgPyGe^e(px4X{;7td28z?i7GDxVVx
zV`QnyPlZkUWb-y^RYE5+#;B}h^X)heN0V<Qu0qB0BEJD7f-IfiS}Q7q@V@k_D%N?e
zMmeg6)Lv?laF}efj{*ICu{@0me{6Xi56HDWn1`_*KPY5GS8)?WX<0Jm+>y$0dA(%$
zn#b-?tloAdksDk?I&d4iWfoogo$%e%+MQK^<8MHH-eTgfDB>?c?adhN13zs2fjXnn
zEGL`l3yII41nA|*A3w;^r*iz_czU85qsDry?q9AuXtYn~sLDW?SN{O2&Lfnc<{^A*
zVozW`>^A+7(h+r1X`Q!_gZ1pQx^qtnS5c&YgprFfdYCk9#Du|t&IU$cF=jmQ8*sY4
zX#7FYK}~Pl#s&I61mrjuE=nr6eUKk}+Q-b2Z~ZQ2)|KxF5wiK6`oZ@x{UDxW<@=wv
zk~U@VX7+7<hPph$WK3NJW9JUzNOd-+A2AKs@eHbYEgqS$Ev_tr0%4kOqFgv~W%3kt
zm`BXXUgd!|nYy4&gc5V5bY;H$Bx;m@#w6uf?nPqn!#pR0(`8HXy)j#@XSD+%Gh3Y1
z^A&f!y|Ssb-1o?4^JzCnmr>Rcw~<K$`#lq4u6Pw(WFs=ijD^M#Oe4zPy@d&H^~D$r
zUPhTzSX@)H=GqKiB`7EBL~AEy?$P(TF1wX(mg-+T)3jC>CJ?={7DE`JBSYibKVe>W
zW~bq20|~NO*2TK<t1?%jX{#61|KYOd0qXC3KVt@1n(e(GczAYmc*gt?8Iaq~dU?H9
z)ydsbGKZ_wJB9Ot_kRjlQj;qkt_9^dJCOF;LtVCQPyeTYoNh|Y9Uh(!mD<@}a>3~%
z*3@Uw?R~%Y;HK|*zCue4G)&<2N<qunZELMzLl}WU`ZX(gG=)|Uql!0+K}m6z;N)hF
z>RTWa!iU4T*SRvlORLIEIC>$Lq*?Y_Z`hW3SmO-@bf_@fLskVpWZ>5p?Xr&lB{3IC
ziJE@6O@NNy8a~3=8H<|Z#mi9Yo5W1)$y3NEb5o~N+)UYaC)<!l5q{$EIbMnO`+CjO
z?%b47fu6PVt0}CU9=6$KrFZPHEUgbs?9*=}PpQ~bd)}xr_t1aruXVo$rL{)r4NNk#
z8yUVRq(eO{ojZHA!&ea{C2s2q8l2rKuQ9Ubr`zmA_#H<Fe|-1lr7fHb>NX2!8^I%_
zR?_Io6N=^Pck|XmcUE=%ibbVEVTRo7$aWA$dB82S6<=EKka!@oa!*p`<1sLP9f0Pr
zN`3D6Y;A7IXKL>H1W{47h)=hgv%SCan2%3hf9iRm*W*hzV0Ud=SqZ<X@iEd2D<S_M
z0t81@`Oik`*0gSU1D>Hk9dG%stGTW9)rFGlRj7zN|EB=@q3q3pvzhWG|Lds&Uw`HC
zn&i6=FAhxA^1gumc^*Ff21HDMS&;bTwVJYha5sr+*!WWH&hS$~)<=p@1uQyMWNmGC
zX^8TnP}}EEM_OgK5*aE9J`RBjRDJ_cn@NJBPd{%n*xI3_kbtV6<+mo1;Hn9zC~Auj
zfUM|HYtp0Nxi!6#i^S_#a@$Wx1m;L}g>Tzb6iY>!5N_4fKJ5#8*TklZun3h;Br-RP
zv_Z1s7ENSfba+T2u3LppaUA}<Ah{C=)poB@r=*mM42OwAWlVGPf%<CVdhMslFHdlb
z7t4|pPtzXplw&zi@f~nva?FU96&o3B_z0ITpE77s%2mHnZa!3ESE?{FON}OJO=%b#
ziVGiKup)PGW|?^Jdlbc5o}H>9bg9@pj$15$L+IZu$~CQ+-CXvwk|Lqv^B{*^{Ya5p
zKV*8!rJseSL=fGuIhyss!+)w;v0d*+chpu;DdEbNOMw}?>x%Lt{NaEW>*&jqxuoIF
znr`}$NmNHg#FP31pqEtL338dOF?;S~Dl;4$%)Ic8E1ULk{l<KGaEDq_+#aWVG#$WV
zRdKm5%2UoSNOv*aAE68S<0~Z+zVg8zzbl=4{(1U=sq11NcF!N2Hd#?~`LVvh|5ePf
z1~qvt=~eGF1qFFJSCEGU8pA`O1T|%t1`!YiiO5495fD&b5rjkxkWoP(R9+#(@)R&4
z@(c)(V3M{}0xEAbKmwGffFwu=kU$9cquO8X{c$_(b@t4D=j?uGznwjMzL~STb3PYJ
zJFCoeIaa*GY{n|AA#C-lGJgW>Ga)^nQ+2s#$+v!ICuohR)@>p`OTE#2R|RS!+on=h
z#&%`jNV189;WZ0VLCycnT+s8IQo<a#k}9D6*lMRUaEi3QAX41@A}74y%6syWJjKR6
zIa_j7J@e-WfPb6O1t;u-GnSh5Fi?BA6dg%%*Ux>_0Xko)pYu3)SI%Rb?=Z@YIuSPD
z4D8;^#)hMN{-yiWWuR#jveEaA8t0}v#q;Y**C_Bs6UySvXAet+;Vu_52O=B_hSQ}T
zCMuor7Y2;aYt>y$6v1`!&Rx$J-3^VMZp%HHG9LvFQ6<^MHg{E+?+ri>dqsewpvR9j
zjhzh6X1z^J)+|a-xjMOi@01qUxptniQETsY7*>25WCx)UNF^6|JAC_l`;VTfaLn5O
z`X0J91}Z9FwEy4^?C;`^{pb6DBwFoFXWGxYoMGpa#J+RPljT#-N-e;gVU&J;2Bhm0
z4TYC=%zcGU)tyryiz)0pl>SEj9v=iRc5=Qf0omWPCFi-9$(BOqOrTG4-!B5U>#@M$
zOV*L2iE0J`sk09&!i!zAbL}TUZ2NZOIa9Lj&GUdGZ!eJHr#=0=aNF05&#dH3MmG)}
z^2xUNOh^~WKpiWz-jds^4V(roK8DABjgA4?_D`q5eY!3s%143t7*#3qR+b)cAHa_Y
zWUq>j|M-VXQ6F>eJH7y7W4cB+mB>vy!TehwoD!J|GDRr+UP&b9>4Ilc9AZm<Hz3iK
zvS|oqw^@Wow64(!rChDuj(Zcq$q41v5|Cd{V%>jb%%y^G{s`Z}OmdSxnE!`^T&tto
z`s7;ec08B}&Oj)$OF#iViBv$QNW}@C{w*tS(}T;+jQ8fuw~g}d%+IjgV5?KAs}#1H
z0Lg}y<{tM^rM{e{q`P~lQsYeOAR|jauVzfX>PvU@lOHIU^-mq#iic`#Lghb5i*GI=
z8QWBVAQ)zfkgO*V)Em{>d4l_jEp)w<wCQqM_LzcqMbejT;Z*{HyXS~%O#>a`6C91C
zcg<2_3VTn#hnJGxVr`)S+XEnruhSu;$478EbpZb^*4D_J4)H7ObyN@#+<@6tz-&+8
zwfe5va<uFAgAxb`c?Ad|=RrJUONr^7OZ2JEnB{SF&f5j+l}RBpzfz`Hnb9#8fK@cj
z;Ye-@Xk?>Kj08nplX$Y}5>InelFX_(cpkfoIxIGzMdFxl5{t4^?}S+GazzrJFl-bX
zB$3uuK;sx=hS!h9RRbk~-G;Zr9=je^`!Wepa_)cZfMX(T^A}$Wr9z{zgkbW!te_3C
zaWx4SWEVKv#k1$C)3Y63Md?t!=BH{U52kO_!r{uu5L1Oz=u4@k#4jloDjRe5w<LXk
zU`vi?|A;v9!|gO;eN$C=V6hfgwidZdLoEi~p;e{b?CkG8PEJP^0iPSUN`J@`H@UVM
zGhSCx1B0q7kX;h%D7a&wo%TkmrvD;a0k6OKw6Lz*JPwVI!p=p&sBj;PP_sw!_lopu
zDDQ5GUU;f`3q9ViwWRWo`_bRp)JKN$in!=roOoI?<;j$Gn|AAUuFb?I#HyoN=C799
zAJn|O@`&&kwG?jFHyVhGdVf3Ujz`!Qn|BC}Bt_0y!N1fDQhyrU$h->12;$)k-wBh`
z2eOx`8VUk~f)k4fTy0}3)*nLSBt2gf9ZDh}yq^`-)}ec>?Jz%5s54$D>~Vs1rxf*1
z%9!JfhxtO<ZM-s*qbLEry2==gP|3kyaxZJfbw8QgUt?<7la}TTA7dM~H+;a*Lu8lx
z!>d%ZUs%cP&xSE`nPDXA1Rt;G9x}(W{v{jd0fny<GepKMo9Jgi_3vTh`;@q-ldBhr
zIQ|{OG=djuicWNL?^^Y}Jiv;u#DcXd&{z*6@;kx5-P62!IIWzf%afZ2{A(BQZluFC
zHr-lzg;mu|4!9AVz$9Ca_~n5=w5<Cz6Om|)C3fjIbG#NNKo^&1Vy$<@v542I#48)K
z6YKRS{tp04(5AJnvX}&nPKw^{+kYNGRm$IOSfi&m7oB+BwL#I+ExBO6l*O3ie!sH7
z4$aoL$KrAQG{TUx8FpwaiBPOn-^wGA7M>BkV2pL;Rt1N#;P^MREZlM8)AE)t1f$Ya
zxCzW)3G+gwC0%N~;M7;_9GcJJc8##F{EYoBIo&f-i<G~rKSs&u_eZJHMBw;)Yra-E
z;0|<J@@7^XO0%6&D2&~bduZF-;n$1TYe~cU`adsIElgQ#WTb?FTaw16)?x9M{&pe8
z=$9J{VvmZT(GAp2I4vOhh;Lks-iWMRYzyVCT%$I#Xda%c5WXP;qu$jyLX&tG%AkVD
z@Snuh52}%}rul2M>-#%L@H=4vt?~h_-R#=nb~;AZW}PFO&X|r_kZ5e%WSce<4=8Am
zZy@^nL7(eQFdn?4({85l=TTz<U{3S*Lqe0n=3?LOtZ4q^-A+PU2$waOj5gN*>gGLb
z+Vh6U%DB_3BYu~h1FZ(VUzEv{U<@Nu+EtUXk$4av%GJXb-0)f+hw@R_ZwE&m=M5Vh
zSn@Ykw(T-%xv~ryvRH{on3@i+?v<tyjyzA{4>80`hn6fvl4xCOJ;yOKr!34!rd~}-
z39o=l@b%~<{z`xp#9vtQSkH3F?Q@j(&Y=XdvE|$vXmd<jLi|4MxnbXQAa{-!jE}q4
zU8b&hjTVkIi_hq(l5+ZD1U7y~5p^w6@kbTR!ico{3l2PD>*ED>iojuzXw#rCfM+Lc
u$we$UP<a4%O(kLS;0~Sx>mZ|8?^l=pZB5HVN&8&X{-UPBV2LBQhW-Pw-L9+v

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/dm_container.jpg b/docs/userguide/storagedriver/images/dm_container.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..2a5cd58ccfe54fae696e723c35f337d46dbe5b37
GIT binary patch
literal 51563
zcmdSA1z1&G*C@K^5Rg{7JEgn3yF(C=+H{A6gmi7XV}o>esC0L45v5xRQPR87_kGX*
zo&Wp)d(OGfbMJGPi!sNXbMzc@&b9WM{#yR^8NgPOQ<MYX;NSrc*gxPG6p#iG;1Cdg
z{~;hEAiyJ`A|t^rbW~JiRLn=1m>7>RFt8ru;b39mJ;uPmd4hw7Pe4dWh>87__$dJ~
z9w8yYgAh0bM8pR!WMp&#EDS7y|LyBnFMxvz=L$cL0EYv><G>-{!2Rk6$N)G19v%S>
z4*2InMnOb^gGWF``?U(7{^_{W{-+lJm{w@LD|6m)kWGo6)%ywjxa|Kty7_dMqi-m^
z#N2QxLcWv%%kBCF*;)N<`zCZ9uRH~cz4q}v0B16@E*=sP_=-ohlzgGawZXyt*?C>Z
z^RLljW7Uqwvc54wsQ`raV;gU#p}kj&3o1%;6MRRm^`Vy$+aAHx*us0lCu?D1Z{`d<
z0;7s%jC39QTuqD@f(%TYPb#rX#Z0gBHcI&@1eBZ(MbKFgsFfXV!|ejr{O+)jJS$p)
z0|qK1<h^d<(g{7kvDBtJ#4qJ|W8u}*^?V7dXX<h=hZl_b!aBRT<CWY`xAq;6^)1q!
zcEH+&XZMhZAXe_Yj$H3(^G_JIut*2u!HDsq8a&so{peV%6+44?rPj9MWc`X@k~jRv
za{wSVT~JqFO{Z1g#t@Add#N^l6uso{Y1it<gj9P@_9DF{ah8yr_O)T$MGILGd{>Oq
zMT1}T;Iz3U+?7)!{NPOi0KgYlu->G|B8+V|d2_g@Ms5p~KjSyN?AA}6Ypr&6eD3F?
zv~gW&i!#x%oEATQcHD3+z>-S$-rd6xrXPRDtk?-Ptc#fJT)PDzUR%opd~N{!Jjb4l
zUB|8<nk5>%@}za_U5+t|^nfa7ZYUJ*H9Z-l;MnP@@V4cJ=$)$o*YzO?Hs(ld9>K5z
zzN_v%tN;Lkx5qsX7@V2Gb65cY=$E|@1(L5t@Iwi(Kv5qGg6)Wh0sv|qDFFZ_vPVqf
z%gDd-Xt-n!js7UzwHuJPvbR33#Q04QXSOT>lj^Si?zm#;M~?0tU-nw}f0Ttl-c|3r
ztJtx<yAS+j6v1&Aj8{&KW^8TXRs5Bazs@lSG_UWsJV3t%PyZaOcUE5JM>Lri$Oj<j
zvBEP|<`1#M^uR78e+!=ZIR96D-<rhuE_I^;^y?45JAQW&W8M=w5!wRqJ#`X)T44q%
zM2@V9u-X4`wwV?^$uIoZPPIDnJSc~%O<>Sh5io!h_&oRzA3Q@j03f=3`k}x0J3@b2
zC2fe5{?P|(LS^k^GB=?7(+PucNEy~Fhlu~w0m?=U$Uib+&4`2+;Mywe|3MHs&XxK-
z^iLh`w96KNdyh=6Z-eCmYeGn9`VkDkT~(t4z{-6vi$8VOx@^n2Pf5y}(#nlr5wyB0
zmp%Q7q4)}%u_5om>raiT@5{~rrmqFo&wsOhohH5Z`Wj6#)k%YE{9?!6*>lsu%y>$#
z@#UuMT#zKx17uOTFzTF5O28JBd7&OORh^rH)9x&xap_nE0OGub`ZQw>tB)b=TpNNJ
zJfA-WS|o9`JPW+`_C`sVXqKP#+RaaIRl9p%ZfiF*`>CyGO;k8UdZnQbXCD=~T?|*K
z|DhEZ@Zz!W=ktp<al3o6?u;#BdNr&+<#<0VVZl+KUN@xHfGXW}<rW)6Ku8J4hdM^T
z04bgN9Pz?CF~f!Dc7dY82KQ}x7lae3!9N+S!*M?a23dss4#=m#k*beSf;^5|tVwcT
zKHf)gZO7f#fgvqRH)qFl*+NyJ*MUzC^}PDN@8+#!h*~eiWwXFlUcRs1(q4ZKb4>yu
zPb*e!2gp3QF!{Csp3Z8q^+Y)Go3DKyWG%k{P9<6a^5%(r^OY72$i@4=1`KIQ->GkL
z=&HC&@vGRvVavK~!sK;7fKc5wdlC#UObvqw${kBqR>7DIP(lGzo~5~Xk8E|9SKf=1
z0O@_^pev|CPMB!T_*^AX<K7q=3J1&`>@FhK5wM?#izf!8GM!D<Ia2Bv`#(kL>m<L1
zKAv>&LOAcKPrmu$dc3=67`JX=dN?FrxG;XQT1KsUDchHfPMqIW<D>f`CbhnP`+2#2
zl=T?pRg7K3;)?dS2SG^sDUprI@2fCBiwhr;pqtNHREF;F8ac*RBiRVv!7m(xDpq;(
z2WewuoISibrjl65_Y*#Jxw)PSLaher2xXPAmW|!e*CXf&=UUC~_)jsrV*!97_xqcb
z=3o@@5`52ckcO_A-lV8_gqO+-3bW}2f(0*Km(`B>igWLkz`{j>JEIRv;Mcq4w^Cc}
z@uDI>IzfMn08l6jugL-n0Q?p`>r#N=l??{e2Vh=Vcu+wqDFFza0dP|Q;Qk&Uy({DX
zYZU%d@vt+Jz`^!D*v9xDc19$41VlJwl;8Uz{C}8p5B&HS&QGmR$}+b1cLZY%F#<2n
zi^bJNhAoHBrvgQWp2g7U)B(WpbwU%uW)CTBMXg0b`wXY2-~AClXeD|Nz(Icm$)QZW
zvWLxiIZvYZaAs1mpW&b_wgBLDw?1=qww7&oa`ko6E*OAs9huIRa{=@div<9$?e_pc
z7UX~7=j+4WnEzV<iaIaR{7cxHjLsd5;skRQq4A^#{5bb^8KyV(fIDPi6#WeUC4jZo
zC;=dJzMO?SZ-7Z*+H5pnRz^N%%X*JIAp)}ldPpe$+aEv62R}%=VSdCZ7GuCl4i!TT
zV}@V=5KG^IK>*HD00v<z%-*Y@_YX)t%tzP-XD0Dbu*yF`0A}(7e1!A<p#TWB9w2=G
z!_xGyh5Ro54;iuIzacd4{+94ZF3a$r${)GtXMfdx8wB4K{8#n2LA8{B)yVE($kEm9
zAH)7MA}KEaBMR1no>KS6i9fvr4A1}JhP5!OefZ<>pI)8Z(0??+TFQn0@)71b9{`8~
zUpGG}!3G$BV}OC~CIF#`q%#cP$0bmP+@9ONO#-1avNPsAoD@AQb-J4n`li>;M!7@g
ziV5$?7gAsupp`8b6bxT={2YMucjl-vcHcgKnduR?&I(Hme?3)L7Ab*<?g8}1=3oHn
zxXnMJtHnRE$A4$0a~u2;cx*ocqhnGn7Jm<?=k;3!fZ#pGI0^h`>9zp!nrcTdf>$mK
zI8|r8M{u4v1OTjm+{03l0N~dp{)MdS^cw)WI)?e@TmT>xZ{wE+Bl*Je4vA>ZuPGSa
zBnvk9>vH6N=Zo(QPKG@KionxAEp_Z?pjfz8FA+{TMFIef_vXqgMOW;mrno-|iD|;Z
zrJn@zTr+p6QUQRB6aWC*1%@F&M!^W-0a%7%4lzz1E|dUTThjnQcnttTuUw^k0NvE}
z_W;=~nbAcsI-UnC*;L;H<VUcm!>*XOf6D(1QT{9gz`s5p1HT`S|5^qRu>X~fp!;WB
zeSGZhQ|?^32^CmDA(?Z)H;BCa0an<1Ho&%cGv}d@!@vTV5hi=w!SD?e$S%N}`iBmd
zDY(E34Oo)hpx*#MMYH}gfErK*3+$8V^OcJk!Nt>_YfKkdnsuu@`X3a2lQ7;qnklao
zVWl{Zo@m%ZfgSH9!6g8vYhPOjU|-|`0FH=yF2Zym1}x$|y*=-7N<u3Z%%1~PXAgQ!
zZoiR-!lny+t5YDHu@#o7$u)o}^dQy8aUK*)1eI*mY~g$fa(O8fSIH{3{2{lAXtMaF
z;Aa4MEW8&C3jmz9BMic>!tUSGP6zs@%3Li0L;mTlXntr$QmuO^0Qidehk}6b{X+qu
zSHe68fd6AwL>~!6aj6Fp521qrU8CR!{4YhYVEn25QG}%X_o)B2kwCBDuin@10Ra2!
z<v+}@W+dx~gFnXop{c4{`$rh8g&>Wj;<ulFdf^-TJpU06Ytl1t`s4SXZuBwCg};@N
zs|moOL(!vI5)A7k?}WuA;F1zROmGV4AvkaG?QG}0#4Zg+WUAW%kU&iZ0C06AfzkL@
z@tXQ!46TP+SlC#O9)=Y0C>TAeAs9f|t!K;F&j<ju#I>YStIxo)0D&Ma6_yL;7VusY
zNHQxD0NnX<?&+ewz^eB`>;UeoH?SOeTGa%D=r^c%4FEI!C~REw`T-#2LN+iM7_f%G
zp#HK%ZX%o}A8d>sOhmqnH<dt0aDst!vp@hLvJngm1nGkt57(pkU;ys(VKBh$xH}C9
zT*83h#hha>mRW-j0Qd-f2C(uKVcCtO+WcF#%;7Si4-x?Y5i*b1!?^k=qg@~3|C(gq
zCw-KHsH^cE`j@$VX4q6IZ~0?>u0Mc&Tow$VysjZ5eg9tyZ~>5EkA;#s0D)H`Log!R
zso!^i;Or%gFD2}c0|4N+|NL+Ce=fyg%Yq;_@bFR(kB9_&B!EYOks!h&AOWza13UtJ
zLTnsdK1$AK+!DO}8c(Qro>S9vq0-VZNL#r4^-c|k3jYf*POxf)<hy0!gGWuF(cy(y
zE4EVAq%HgN%%AyUo~E)m&u-WH#t2)0JaQm!W!U>VvP-0XPRU{ud83sWe0Zci+~H^G
zTYZ2bHG6ha*vI}sDCQ&APbj}EvQdN`6QdN^O)qVLe(s6amk1+%QB`EqVAm%G)~6#*
zu^7#K3&}rAKIu&wxGFVe<+O#QrI|J)5(T(rm%V0xP)_C0`6@M9ox4*CRZGPP%xPVs
zuT>M<!|(J4qZxTt%OIQ)%)}u!=Zg-m8@6T_^yIwZL+UqGZya3dV7t^2)>EYAEJv(n
zO%{cm9QOr+AyeAUjke#5PQ)fQr(>SpFiXEmk0L+2^y<UywbI!L3k264gVR?woz}!|
z_>r0nhE|NA9XblPi{DYD(dg_ozBVM0DYdR_dhMmJXjIeDCHBThB`3@8c-!)?NacLz
z`mNo$aft3g`<R|0VqH0HyA2xoY^&Foo>613QP3p_7TBegE<YT{Bo1!eWN{L#Mm@tD
zqdMc5^u4(~Sw9@JF#SS;KZqU}yy@<R`wKwyWfi6HUS&-qR^~T+r0i(wkPw&-?a27X
zw3zML)TUg`cW&phYh+!?^c61GZfH%4OgDL9zThKhM--${!?(fV1@(mZ-Ej_J7-Sdy
z{Gt-yq)<JNL3W>6i9y-6F0a6*TqI&Jgc?}>6bZ3ai>FkiZ6GnnQ&S$b3~3*!Cei4B
z0(oRH_FyA6mVxLPlSGn)0M$XBl?c*aB;#DlCdp}q+%|`<Qt=Uw3!-VYNsl-G6Z7xt
z)F7FF;;5RwS9MvB^KERjkpS-Oj8ruiMmkARo?WZ4GMEUno%ROp=eNUV@5ih234wTL
zJYUzP0*GQNUf}R<5u;ApBB-_}2RYyJ)Ezeu-RxbYq8}8Wt-LVp8_(>Dv1ccK4z{X>
zn3bbU4oq<9v!0bvY7OcrD#tV8ZcT!H&|VM5bIED>ghi2Cpf0pCUh=x%JNIF1rER^^
zPjpRC7dUzBwiKoWNA!A}_G!$U9CdbbVf9sG0iU<#@lV49Nf@C?Ut`l2Kd<C}eDiJ5
zTzuauKaB^WdWv15{%HGx7;B=pV2prk;hR-jQtrXM$m<_A%#AT1t4D&whI_8aDInHM
z)I7MMZW?|8p|3Y{_VLR5%RV6_;1gq0bMm4a?Ca5wjYj^5?}q1=3>=;fJ1V8ETxB}y
z30yT;zvsJpt7#$W>6hcVdT5R!%sDuha%`negzHg(GN4TxZg@RYntK%TDCl!vPQyp>
zF)h&x_3)l%G4VUG7RPC6laQ6R-Z%?n?OC?9Ocdg7yY-&1qJ=#o<(i)FOP^x6Ced4#
z@CO#kHV4U=IqoRupSL4alVI$XD0)nd@=4eAA@b)Yp+1ElZaQ}@kgM~@Y6Tk@BCpg-
z$D&hr_@!crL_HyQvvrA1S$DaF^QHAWBdGJR`M?&9RID?wN%(#@`CQ|Ki*0=+keUsb
zu&vavUSrkoW)9c6S-7F;js>{k64Q>zxNRE^;y*v24m4+8YR!+AylEsbiYQ3R;z@Ur
zBIZfKa8?!#Wf<)~-hA8BFV;XOmh*U?t3UgslKoC(!Q)(aZbDz3*HmNytA8M0y`r@E
z!?O$4cAsxb&;u``gXv>JRJFmk-k7m*KHW=-*!uk4-gY&ue#JB|1_KA;No;Lpc$PlI
zFnwoTyHofvBZe~xB9F9{CRdCxiWNlNubEW=wLPDcDObaWR5Za7@|6Ta!&r>AXW2U^
zsmAmPGrbm>@poS%zm4Ya*Z;^Xwu)ggao;sMe)%W@^v#^IaWjHkYqLKZRqM>g9Nz-5
zaDWFQu&BJVBQDP5S~BUb@iDRr@lhwl)^}JAY?F*;ZO4+`;f7wD`08jtuZ*qbG^Tou
z-rtRA=NOXr0k7B6Ai`}Yarue9gWUKk$^>>DZqy+0m$IkzZ8}{cSg|*Q$qh*DGKi2K
z1I-$C)jbU?(@d+PW+Sm3ps9cNr0p`5eC|3=D)o05dAhnD%?=F{s=Ra~i1;WbNvfzq
z*8mxC0?`O~Ns`W}7doVnv|ZC~;2p22^Ee(YQ<ER6xtrgly_vriC?b=ZSeqX+Tj{$G
zBF{1UF)4R;n}c$bKx4mw(ezl-aX>6wy6C$AH{C#$8*x~CT^RMP0I5=B_m|#{OV+nO
z_e6!&$)Q6ks1qBfOi%mU_Ui%RXKs2Q4fLq642OejF@{IHo<16A5Tc5-QfL{XpuAg&
zt~#4MKVCZ)S-(g<n4Nka_4$I;4|1Iyg^l1&rbJ^2SgK96;$WlBdQoA|NJjt2W|J`O
zTtNlLWBzQ3)NqyHZ`_ZLLG^EKM#9BTHkGy|%2s{bF>h{3VQ7iFlV^&4MTWCJZ<Q>f
zqiOrTa6sqQWQ03yjVu%I>Bx%#Z~}k#Qx7r5o_<Cn9zn^`bSs6n+2ApnoEKmE62Yv$
z05uEZnPY~@pQmD;(EcT7Jku^!uTx%V|3dwS16HgpV!7UJT5*hR`iZzagZv=r*=lDl
zX|9Kx=gi2GJcH?Pl<V0(7;9{A>##VbCSI*WQ0O;WL>+6=DO35ot*97_SQMl2Kk)o}
zl#bN@^n~lgDMI^oTjaeFn}hFFK&o8h9{q?LZ|6{91s88C_FBz1RGsGh!s6*DI#DUP
z7ARI}3h`PoctVtTH3alPg1>fBfa6<J8Wt~Y&E`eS+k|@PIoLXQH1n*wN-n!-Gx3Xp
zDJ`PAsVWLF)ZXpVhPNqnQ|ImCSJE`ww#APYB{R?VOrp(7C8Vrt?qDRgZi`O5o$}Qc
zUVq!bx}IG?rFBUiks$S0yNT7omTX?P*m%=vLY#Ot6x0DTflT(R3(kZm53L&sm3`f5
zbpgL|4Q~&>O>`W{vMHKf@X<4NEkL%^FAIye<%dXS9Eeh2fgL8EE{mPFmDr9)#*cvM
z<$;P!GZ=L{EDqF?+nn^<M`7aC;NL#--F}37l6k;rutm8bC^gs;k}GTUpx{j$$f9YD
zh%}Nys&<+t>%dlE5$b8*h*Mp{U|b0c!b%o1Z*%M{<J&FPi%wM_M#Ur=X2Q{Kie~ky
zC`dc0`jaTeOj30lRIhVpPp3M+aPuL|3Q;dgJe%*ewnZAr^1qykFVO_0w2gaPM^*-k
zM-2Z0OycfU&3*x`->xVQlirO~u3z3$(A>H4U-A0iuctxiC+YZ0@l%_vX|}e4YUF+a
z^tD0Iv*lmFxWh9(9gRf_{UIB1<=Q<lD`6YuccKE7*6v^9L?mKuxYgrOXFwG?4G;rM
zeret963S|~GIBr4M{Z_zU)<@D-PK3ZI&9M9^2Xk-ob`GC50yV_i?!Lc4RoI2Oc~FW
zy$~6b$Ckw2Y(s2hXC~{X=;4z@v9!wdWeIOEBl=Jed!`&%MXGb%YAKje-5joedzKh#
zw^)+Z!|}wG3nk9|AF&zN$r1R?&(BC>*`g~e)>l*gjSqL7^-~puHf^xNj4sbhJ}s%|
zQeSoi9IYnT-e~%ptwaA|&P-{Ete-XZq8HKKc<PRxZO@h&6=6*+ad6IQl-@fa&1q2h
zW}d~o%k=<Dz|+Dt%w!^C+sd(M((vh^ybZZ^<z|XHTnX!&%wDrcf6M&D6~FRk$V|t7
zsudCpmZx;c;_%hAk5Y>&9ZKVS!rZwPW)z$Y+SQ7Ao)X_3258Q?(>xkE!4V2GFlNCO
zY~0j25c4QL#^SF&(IDQ2tNB+@1%A_5%x4~K^1J~H$E1MALM1g3&PF_0|K0H>&*H7{
zksfwC$$pn-#4t_X6BTtFqhQ?0_sVcNrDU?|Z3mnRtzk^np9{BeLa;Cu`V_#3C%4OL
zqUo~uIU@XsE;qHiHWU)SfP9#=Z^X)Mim}3Anz)Yj@($48yb@IX%RjxF8DgK8lS-ON
zW6Jmk@(dURx*FI%)CCrJ9JT6~l;D<+JYUz+q4x)q&O3x*cpwbVd#5Z!(-oCqFpv$+
zZq=7QCUqI^!#@{_2nd=S7Yq3Xh{1Ai@E4#I9Ub>{Oh~{L_UqhtOyMV_l_>`yh@8ol
zsNXEvLG;YTTq4r*-{w9?IM^z>Ct8Ya`Qar>V_XWnSCK%ZlrD!4_}I5caemfIcb2^E
z@uVj7`?Oidqa{hdJq}Z(!-DSr+a^Qo$;Zg&doOMpvVZP8gkqsF-!@e`C^nxICiuF=
z{TTPH^J&UvMj*m3KyNazNEh>-E5QA6LD0d<RFhKSyFvAMi;Ks1#)6koI{ZIJPJcUB
z`BH3#IpP;UBqkU+ExyxW*q1qsYE9NhWBPw`Q<?Vt`&)J*OJdYw%nFyVHPss<9Cj1%
zINax(yA139zjEu~rTY;?>i%qR?Hs>l1Vh{{3j;(<T~0kC2IV`x+~kOusxuIwON|py
zlOkYyKU<kx!pP=R7~hN+VAk#%Sk!$&J}D$!{p>N3m$u)Rjl;;8sxD20WZ4R0N&-15
z_4db4TK#6*rWJZKJ@3ic8=ekdSU&@mMaGoB`6>BAPx9&c)BR61iD{=zTuP|~0S0Mn
z+Bo%z{Q&gn+o@;Yz|!L<CclmOjcU3k9ZXKz+=`gmlUn%;Sg19<@p&g(85#5T)grUh
zIH!V!>R1bNuRos8MZ-r8PMMA~gWnd_kh8b>bo`Ar8wudlBMA*M9J`8>@cr=3BiFyU
zy7juAOY6|xf<W}%{cwGx6tM8^y?-q8gq%<4K!XdFp2)&&9YrU@7fM^ngMDu<0*(%B
z2`=s$FIpex?K`{VWG(m+Azu#KU~8fSD#G6E))cSSsPUHXN$qNPm5WIXOQmr|Z{pb6
zT@3x1et^Xznm>)qX{81f$q4Vnjv$3o4v$xe?I5?3zL!dP@x-utkc>E%p>prz!98Qp
z$4usAt1=st=lfd%pAx~5#5Z1$Kt^0y7Wo&OL&Iq=2D14+>{2>bSY24EW<E)Zo%<PA
z(jMa}PS|`ypc{2#qCPm${pn?xw4FaG9He7Dh*Y~JfNw_ROk>NRFNJ2dps&5QVs;;`
z{1IsL_+<Fn_F4Ax3$aB8{}f`DFhr@f0aBk#=Q|0{jzt+xHY_Q;ZxXPuEa(odYM803
z8^$`>k$NHgu(~Cc!ha`xWxTL!mhC$WaxhA9roA%W@IE%HLxK=<HCM^G4h)K=H3a!c
z`>-!|1k`}(C$1eUVIRkgjXrs9JL~5UN8XJj7YPTBw|{C-#N;owHjL<5>mruIt>sx=
zyzteB@H|k{7~Mrz^xxGmjKnY{qf%i8j6>IUd{DI~8fLY<Kkl13CHs;b>TZ?<>Qiqi
z<T_ATqc^0x{a|MLfx@r|O-B4!YSK7_<3^+#!@DbrZ<ipzn_Z4)7MN-{6^iiDLeF`7
zb?Rz=tU+zKtsDd8WaOuM(ax58n#U9J<N@o)l!rZ4#bj)T#5r!buhbxVXQy^d(XLp$
zRmE2kk;IFYE0Rue74p8DopEUK3I^6a7&~$m!BSy)!P-u+9Eg3j{!DvPfq|Z`02YNl
zA0@sr31hoC`j0d!xC>HkhgseU7=^^%Hh!XT<<_zrUpi@CE|lU`L-lYEn&N&WRYiGU
z`)%%JIoHmo!~3e?%VkTE?vz31$7Fi49wJw*;8I#LWPk@<npwJjh#U?0ry-%dU#Qez
z($E@cC@LXx^d$CFt&d}t(9_!zvdC!Y`7wS(pPXIV8-A1`h8!~-%90x6fFK=iJDjFN
zZOR~tpnGwrWQIlxaWJpfHOO!7zv7N|d#`3#9NJv=a<E0s-T6b*%hD43Z%KMQTRoWu
zdrLgmQ^uHtQ@6gqmy*Y>;f8x^xIb%((b0Cw)|d<)ucds;kHQ#15;<z(M0^UV@S_Xe
z&Z2tR7kW{#Zv5?YjfIR!M%t5<lABXjZ`~3`pESIbkJsUmsD_9_^NteZ6CJuQW~jm}
zP3+d2{bs{VCpeV7Hqg4HWYjdjK6OT;{}HO~iHZHbt_FSB#ezR!S=flyL9&gRBphox
z7E`V-VuyEHCr4uIg&xvMMg)3@gtLMS`uD7koiF{gILqZfBQWZ2#*Jr3wKaYL?OeJ{
zq-QUqy-FioR7t5GCf&D~H)K&u%1!tJQn1G_B6J#B+{$otcoa``OMDXK8z+8@$K=v#
z^iRp3UFy*q9Lsk>U0o3p;!WsfBgwk-6XdvPp7+z*G}kUyRH?6S1f+6J+?jdXbq`eJ
z<69qJZ*Pcd=W5i=Sk%X2VXihOuO;Uvz}BYxuvu^@_J-h!(XO?<ke+NzXY1tXk}!+O
zQMG$R^S?)ZN6eW+Q$z&j>xP6`WJibF+#hq~rq+1rwLeI4_^;4XIx9`aeL|QXGd-D%
zg}U!$bODwB74hHF?7bAuX)YD|@2cp`B*gT~Y6|=gQ2qvr7^Y@=Z@Hrx#A#nD4ogcq
zmtM&<J{PIpFRvd;r*shJVH>ePsBzk`;kKo>G>uSK##B^a&wo>=nGC`a+Z(^dW0i7q
z@)Q<0cHC@kj9;7-Hvaz;I<04|8KvwUiU3}#A?IrI8U3=!5*Z6aGvCB3w`e)AB%~xI
zT9=K!p)&}WZZ6koa6?j{6U!8~x0(eqLfNM!P-$ku%&st>QPASA>!8*RBJ*%X$k?^c
z>k#L^*19{>|HASMs6p3jV=_W#mYt)pBgL<F(Q5vnw1mWB@?W8ngX9LI#v=ID3jM=%
zEsneY4e8&q)MSQB4H3*kQ_G+F(gUu$$YEfE5hEWaqt6hB(9}N${2R2?vIHsC_^aJg
zgUl7f@SCv#$l_OrRtM;y-Q~a=k90%bv{9Y>nBRUde5G!{dy1-4ed}k!ZRM5G-@Wwg
z3%JLx(KQ5<Yv8ioPNzQ>@(rJS(vXUV!ppeajtZH6*u&cJ1;p-W(`)Fqb|#OyQaVny
z+2|`ey{g-EgkCkKB&8&*0A#hOWS*+bOE#>46jwLv^f$wu&@DF?n|RZu`cs8hyOCOF
z(pb<QcWWM-T+%~>AA1Ns^m1m)rwz@iV_oCl?u5rO?+Xk_EV)W>(mS9tvmrfxhRz!c
z`OrBQweDnwk?dbUTJBB_i{_+f0lJ2JLqz<SV$G?E6k*zBsgGyPoP)K&0(a}QXsY;H
z=_RM$<^$!gu2?=K-Dy0cPD5+Cz9{*AL*S}-c**p6RFV;-jGs-O=8W1K1(xQMKn*ON
zC$fAt4SWBOnAjloF>G5R?quV0SL2c|Tn`cVCCF~K0Tawc;zG|YKGk!0j{8`BA?>Pj
z4{@ew7_r$-LfB78d}>)R$m}?)9ue8_e9*RV&I$``yfORuIDtS5(eT_jAfUOwvri~`
zLbiQ5$pW&xLQMvm%@~p+%lM9{L$_uzXo`%J#-Lz~ZPCQG)cQMKhBUGD*&R3fra5!_
z;pXIbfHR`Bf*EH4;k^(Qs@RSZ=eiMjsq2jV<|0Ob14d4|_No2U@qTKV*$CcNE8#jD
zgExKQ#u$f7rb2&rrd+yjTgL2G>xe}0@=$I=5i&W(;O6roM+H4(hmHAn0jXbzH@ybH
zYg^H>lUd!}QX=1A$AdftRol|yWfzzsLO;jNv3xPC(6kfPxyk1gwJswg*eb0Q?Apje
zqS_L+9(A0jHnoN~n!~?3W6{)lN%XRB$lTMtcsW*i&7GVGKUpqCVWM3~C<7#w%|lH<
zu{T_5gg=X;b^f~U{FAH_XKa(twHPQO!EOEsik8%2SKh)w8#b>}jA;Eh^o?&Rs))yG
zQ_ZLzqrFC714jJwE$j4#6ik1eD>f92ef1Fb+1$Veq)Z~8NGccWENvvGMlPXxxP<1?
z<$Y(hNsJuOS!$v(Cq3=!rDwDedfcFqsfbD1kKs04jzfHFYvqqWemgKvq2O#S+-2R#
z9{E)NbsG6wOp3*A^Jg3s`VWRgaINu5oQ@w}G^4RIapXHljW=Aqk<R#7iH!K7d}#YA
z^V4K|blp(bA=S5ratZ_Nfik0Y_Y`&{mNt~Po+%{%r0}M_d5_Xh3ExGt?>zpKU0=)B
z)AGBb$I%QvLooK2(-KAlpZuPU{PQSp9Rvk@%A~HYw=*bNxe(DaCF7C=pw7s)Z5K^S
zTo8dzFCJSdqQAtX!*K#n;tboPYI7j73e~idE$F8jK#>LTQLz>igB*P-Mu<(4&{Ex*
zbkjaE9~<Qf4_I(CiTLGtb9)(TRugs!-*eh~t>A+jGj3#|Xi>VXFN9lj$~2^&DGn{L
zZ;s9gCs>tVmKASR3kf>zjcu6gn7PE#F<K#=L_{)6{}2(HCt+7e4Sw?rpxu9VWc-k$
z$hltEBb}ORZPg}Js{?DUM#YrJi;<IA!$wW=I(m|XH(3GaQ5l)86GFa&SJuL%Qv%~E
zacgr7ITSe5Q+BT>F@wuFY$p#m`JVdg1v#r!3tcMY$30BtZ||;fv}^h^2xqVr!m*Ec
zPTdjJ)R`e}z!D|qe*+f5X)GFHhC@<A^PP)U2Hw=%&WXtFfWv<S;yKk1IOBEZTp$$Q
z>0E8~-w=>-Q9oCsiq;Mzm<03wm!NzHbq7_8WUkgK>gP(o;+C~~*Afzg34X4Nmgfh>
z{}og}H07)YUak#|_%p3TaMJ&mXx)yU7^g7%FW_1p_5oBA_5l<g5gr){`4RHN$z(WK
z6#+oR!NsFOqJE~CoPsZDk@N+dhD+PE9+{F;LP|>~1YFp_tzr40cZPuWc_@#xTM;4M
zi*Kj&x-N}<vwwXUMH7d87**Yuju_jrC}g6<9AccsVrn$!x3r~EB}m7U)QFSr;aSsb
zKsAHNTiJE$t?-(aHrZ8)@J!E6yy)TSCPwtFR+7u?Mz6+p9OapDRY#|tA+9f3>#Ar=
zW3btqbt+WV+g{GKomFeWPDDjjYjsp_5BGGbQWZ@q$#r3)1vGNamS>%+)n*qAat&sk
zHjwmj`xmo|6+6Otc){2(M)pE9hz54frh<SG!=)a5QpuV-4iABpr`pe1r*bD8+2see
z@PcH0OM8DB#f}v_9!*rW`gLN-{uZX4BUKDL6vEX?7=mcWZ^B+0MTfR<97n%zl&Y~E
z_4X)^{y=Zdz7wySSatE+EL;&@mG@wx3$M`^gDklu&;BZ6+Co9O6i<5(`-=X9!4z-Y
zgAIeMIS)I2jnYcDDzzp%24f`vi3)9!X9E|^!iOejn!Wi2ofL~U7|mI~MGS{Z*$r%J
zypRy4(2rh2XIxHF`~{bU4V^LcQ&Rw?6n2&_ft+g@R9hyWS4Rs*JuWk?(^}y@)JscH
z70q6K07H-pvTCY#DNqwX;o907FA8s}x1@!T+rKS=@lRLG5Xd41P)mo;$Rryt9K+PW
z;-2bM-~_{zpw;?%-;2MXlVFx0NPU7u#J7v3GF(S{g#uM$Lk|;I*;l@omJJqo-EM=Q
zGO@~)QF@1}GvA_6wWSSposGn>shSGVO9;>7L{{vZdn=fZ62chWacI%gzN`KGDHF~%
zs_E&hCx%1G#$4`JJ%0%k#%H98FX?RD!gGziYPWL`{dDfQyg@y?f(d5+7f&8Vx^C?r
z7(=xcc1Now%#6g;7S#tEm4u*f`wE)McKo}oJ7X*zcHTN#(PNC7%B&>>As4Y!qSIkN
zr0~{I)jj@3(V1<mNF=WrHab$dl4b7<tt_Sy4?;=A4RR9;!f5OmtVEzA>P7_SEKyRW
zy7q8lNs+kWD%l!n7YSAZX~_`8&|;OzDV8XsZB;_J3w1|qaG4$FhN<MC;@dMecEl_a
zRrg427f~S!dFbO-&SjqVW*z+vp4IAXZ(drNPKLWsB9K6%B6<<BWdvR3XY4V|MpkAB
z;h+@f8>`^LnTg&`UONLeLZi}Fc~P6t%$KMZ^DQ9#>_U_#nMM(K7zYmP6cA<OgQ(2?
zp4u=E4tM+;YTC<SX|^!7R%SM$ZFnsc4ja1iDt^}Um;02oZ!DUtCFa4Hr!cP9?2*$2
zp^pqrJDN%i<G%Ybzk?lhwZ4|!#%I&2Ad$6G>i_RF$aE@d8R?=*gfW4PqQkPtinna0
z=VAz2?MiQ3P&JI5q9GDn@=5)L+RV*BzQPH)^4Da@f+B+GQ0*3Wi7`*-frGAfj+1=n
zmUzrXe$@V0T{8nzL3IzD)b%J1z3wvibbn-&a|3IeewNZt)$wLSF$(3vEWVxVh!}FQ
z*t+=I0)GXrkN$?)I9_NLJ580DN!CWRo@*yDH7Ct;8lq%@X+$Qy$Q{+PCYKU~hsHLC
zRsD9$@BXJNn^1Y5Y&maPw!V%~X82wp4I@G!-$(qCoWY-2_NMu-Ck4V9N-LwDPi{h2
z@KBSS<yvN|we>$iN{?<t6AM{Az^jUZQbi#p_6$E0I*_c(c9YX3mkaIRpnQdYr1ch@
zZuz_<#CmmsEES#}hv8oA9-~bcMNWN|S=^Y~zsMrja3g~E?1=`Qd?WR%y;(FvX@QI=
zD%o}3npfur-cP^89-)n9bN!6!ZneonC+Sz(|BmuW3O_FySHn$JRA>oG@C%5RTkCwB
z;)E6zHm=e&YedLzsg<?l`}##UwNY4UlR$CBqsm#x1(W@ANGG&aC#Le~rntmJt%m!J
z{yxH%sBzDpNpdO!`!h{$Q<?ecP_g?x<0liWW^-)iaQI{vhKu|ZzGo`PTPC@Ru5jJf
znv7zpZYK%%>%V}D@NnC~roLt=O<5|Rie{OU&UG?=1ib1?P+7z3+?J?PVN(|_*uK(Y
zJRo}d<4R`RCtGE`m{-U3C8Q}yGqV%y=Ea>6_?Y%R(@aNED-kK8^k-|mx*1JcQtCE8
zvoo|H9>udiLpGANo&kb^tPw7^m+axjwk+HLPpWn5J7vZ!*G774mp9^#)hr5`ubdyt
z6NRCq29hF1CmiF2xXs~KYSrX&5L9F`2^HmgsHv#FD_N0RitY$W*EslDUD(A0DbwF~
zoaCoj+d7O;(k+rwy}Z`FC|r70mWa<a{M7Y*`K&B1vf(T@>)Ql|(^n~IT1N+JbGY0&
zZAm%X{b4K8y<rypJ&77Agu2O^ethWDCkIi6C(&h^Q8BuS%ab$O%ZRpD1KeDUh1TLZ
zwj<4LefG}NtKlFNkqv1@riRd9XtY)$_ynln@k-K8e#<CFrF9HD3|3}kJ91M(;7*x}
zy<{othEx1fe}=%1F&m_J8*4kVP3KIv&7{k$_2Dh;V%hUJBJq32g?akVk?N=PP0xy7
z&Tb@QcL@~;<c=0j@>m_e%vG+S;-Rtw;JL@FZ1)F>3gVQo{oe2n560!Ya<rwBvQ&V-
zkg(J49>tLfq}maf?Uc$I?;Fg_MeR?f>z6mne~lv%R25>puZ2`P-8Mv_y-y2A$v%xD
znl#}$FZX}WSTwhF^P;|R%U~9xXIaT4OT!%U3y`b(8k?Z3>Yp(3-8b+dzwSlGYz4HA
zKBeP^>v%dx*cfV8)JyIhU)XcS4Sjm0TswB43#5nQfbdLbxR|8v_bbHqW--o+6}U&^
zD5sctUW>eiRf__X6WyPhDe}?lO%<6qGAGgZ-H}Xp*MTCE-t>Z$%CqFYj?xjiMiRJ6
zB{J%^)Kjr;ra|4Z5NGLD%~eY2w0QR$>Q-HqKpmOT4qEFKlR+g$Tl8K8Py-{l#0q5q
z(U`MfO_ukCo9HK*@XuM(y)hZ@!|CK{3_#88?89(<MkRfquC4ANqmI%#`!Y=Rl%MYu
zuX^EiPAd`&&jRb0Js~_ZicCh??BPLsua|xSI;Ot>`~+pEzAaA-iv(3W+Q)66@V5ve
zeabF;r8=eaXb`?QaHNS^d`6Z{dB31;Gh<O_ltO|qOA&*y0cdGH$<CR_wAHRkDN{b3
z^N<B!`=>Q^X|DY$r6B!9UwkAX7@x5zSVt$(3m0V<uHCnV#Cj{uhOj|tNn$lbXho0A
zMQzV6l`fPpU|F>Z|M=d;P&#(uqfyXksUjqhIp;>Sp6#CcVl&z(dG(vpxma>#HHJ9E
zJcUInn;WSi72b`$ea=d(Jsd(<?f`We9;)<S!{Fz_E!<f$s;uX^HZCk?&9u(v*%-}J
zbziD-5<B1W#lt;OEj6`O>1c-im{M+}-$3fJkG4OZnmyT|H0oG7s=bEQR=)O(EAgsd
z%!T<N+Hvekra=3Axn-Q66SAgM5zb&EMZ^rA#YiVm^rS&yj(f2$Wt`~(NyYEDp3Clu
zCPA=9;y#RuG);2zy*y#zbwyQ`ayp#47`lq1D0&HAh~_ngpi$E1_W$sw+V^&`as^@P
z(CI&xSvrp}PfFX1XP-UwF2PS!YT1(b(SJ=5q@+w|-PEpAs4G;w%tQ{+s5E7g#a#TJ
zko1^MrDA}U#}R$aYqU4F#nX#wfTtkzU8U)_bm)LPhCnGk3Co%X)2f1C#91FRlkG16
z=OFmJrXaYPsz@u;OXs`P$8PQ#PEw3)ylR=y>eN`>3)WBCAST6^_eFd%oi&{2aPJR{
zX>Gig4lZx4O{2Jq;_PPx<!}2-;=d+d!^!*zIAop_CKi`1=Y!5F@&_#_2Xge_>qhc~
zXfGw5QD5e*vS6|Wia^wu)ZV@=7shlj>QkaxdWJq0-E$8yHCjX%ezIYfzDTIsRng2j
zB1M<(hps2p+q%|L*J|X6l??lj8j^+8POGR@^oo=5B8&JLj>YGkGc2x>N~#C-_9SR(
zy%xo9#<st8#yJZI{R}=-Ra_kBUkqhw<+Q-!oQHsVeQlwwobC~QDr3=fG!+j!2;M;w
z=Jxc+#bNH^ZbN<!S|N+(>)Cg9P^h}&LvGl4N4}mP&~3{%TAi(%>1JU;>(--_w-5C~
zz{D;cjm9<6R6>K=d!b6lcmiSRrdmg2se)1_O12V?9YtaB{fnXGX|54-mNNZWCI-$2
zrkY^x7j6;N7TKIr)_l^ud*0xWMeh0~YUfbQq?wiXs(Pv<)plsE>WHiOhZUyfAK3+^
z0&e0WMrvoOgL3>*rOU0Em3UL@Y{cYD6dFvKGhDd|RC?{cGr@KP+*lBiK)T7|HGj(O
z<`iA#mQcEoCTcHwHRq4nr`9TViUTcX+Th*_ZIh0(2*euP?EXwVie^U;x-7S-2H0|3
zJ$<hF!nNjyOeZ(SEw!P6s}nR#NlI0gn@9?en}dTkQy$F}!XuXMJm|@8Il-D0h?k~O
zG&g?Dg2T52JN4p|<&YNCrOG=d{)s+oJO3-5s@v3$sM7YAH~mnP#=9@FOSu<muRKd)
zV4I(sacGLv3l)mKQl5IvRMY))wBf-F@kkZB*FQb}4U){F9mAJ{cwkNZ{GRMt>EkbR
z{|3=Xhe)CdppC-5Pyf{qi8gk4zPBI88HANFhw|-z6JgbXZbXxjaYB$2vC$N!Y_BAc
zpsy5{p!+A5%tK81Rw@%SMXIh7{u?$R0kl@#GnV71s6;Kfw?5D{JUp424#=icU=lZ9
zO=6aV80@W%n_sr#uzq6gl$#HMU|h^Tu%4SQ2S4nfOV-lT=3w!owzG%I1PeZntcU_Z
zRAvLc(AZA#3Ldvd$6ri{-R_UG@*Pzs7*OG4x+Hj_qOvQET~)hhxcREAz=tBL)HaTh
z`<Vgr{?s;3Z*-SlWOu?W6D8wW2#CJ1w6w+7))4`XHPF*5YSPc1wsz3lEW~Gf=F{g5
zXJ!|d5N~EB^w8V9w@uNwD!=&`mn4y=_hIDpQKoJj#4qu<?f2nRIkFNS{8#EYa`z5U
znFt>E%eFEkO8egq9ah>fJ?Kb{MlH&tPknHR=`Y(t^iAWPzD8x%&kQhA@QN*GWGOmg
zydKPy>7VHTD-4xnbV5^j>M#|Fr$p%!@(uJhd#jaRf}JoE=Vs=dD!25ZczBehS%sTU
zritf=+-fXz0t!TA*+n)WQ!2j0Kk=3)F#apvv{{i8Dk>9YaD1?E2i8C1c7dH}dKe}p
zc75v8Qde$1KM9EPpLjF><x>cUN#9Nx6pvf67l8R>hlj^+YW(aW-aJ)SNmZvjFrO$&
zt<N=&qB1+^{_?5m!c{49LcN8aKEx>#C5|g9Dp`?!_91-#A=*?Mm@r+i2z2l%)(F<Z
z;`d-!&x2uH=n4yuN&Jf}ZBv(Yx<FG6<e9#B@L>X{`lheEe*qZ0O7CKR0lu$xzn5L)
ze*(qgv3drr-Q+Lk&j$J4WnaH@zn;5R|0>=Xq<<1*6r^~!d+B^|wHmCQ4LfH}9h&U-
z;fmv*=1&ti^uh7H4fa9D*tdOe(yeWRaJE^AuL){rp%jfXbJ2};j7W1`88RC-VY4LZ
z*~$ZK%E{o_qf7k;?6H^`Mn!LIj!DMo8NS!*?*csNu@B)sGL<Qj>ghJ2rrXJCz0Gv#
zY2ec9kM=x{tyUV@c*Z`aB_tKt%xgdKSyQJIik@if?hcp3_la(6$%2|R)s@SgosOSP
zf_8gpK0~LnGFeKGG}UyNa*4x9^H6<Xyz74A&RiG;MN#RCK;Z>`icbDbtet+I%|>&f
zD$OL`qOMXe=cn0o7Ps|^+^E~&a3+PHa`x}OETD~b@PPXpr&_|q3cxwWvha;WPxAu9
z)j6N~h0tF_e<cDPL@jNTrKYQN%*O<5pfrJw!<hylAwaF&B*Ts_TVWoSas#NypHHX%
ze8V)V2ApP_Wp1=%r;VqM1`?>8pKjIlbwE&?ND?@Lo~zO|x@iGGZZOvJ?-2^Jxv$M5
zrh_k~8*k*;Sr|jU_&R2VQ{8}y|2l`$RHgSV1PLxOZJ9<uQ1Wd!!V#wfdDDH$&D7EQ
z!g)X4yueC@4l{-_Ew6x6Ad@PG0K;sA$cB_QW%lEvBYaG+#ZIcc#7!Zxry;&ECzIWE
zt6^L71MwXWZYh>$3|>;mBh5kA=@@w_ybvYA&$P_F8y^U+o1*aBsi6%QmSKF^!4(Y$
zhtI;IbSsQzSi|Y6CI}=u1F0~SCsfm1pQc+|s5W4=$k1l(HZWxPmXRoEYn=_0epqjv
zP53*7&aSzJnZ-Tq)Iwh(vrIAZ=Q<t}41*$T&0_s=uo(1-N@}aTO53H5{0x&zm{Uva
zI8IfG7}(xi^k$=dFgpllNmWrCFC1x^-)htCd6nHbd}D`O!?%;<i3!hE6dga4H!L0b
z3wT`k$m_MO-pSs~dEo>jgf8vq33F&OG<_Y_6~fs7jcemgENlwss8ZyKOn`saB;rGG
zSGf7U_V_V5Qjo3BH<laep%C*`auM|V>C?~pmy!As1x;Xx1VmyU2dpa2&3P@QoM58b
z+47qVUq9>%gU)vP?<thd4i0DNl6HJCLW8s=rjs*Q+2l_N8F?4(ZWbf0iDadh8;stY
z96r%(snmk%%GL;>U1H-Anp)5}ChE_Nk(ZNg8|RmQ0&V1&Bug8ZPM{jGcF^?7I&``z
zTzUQr=%vqAf@g0gT*Oa|!;A6}RvjtTD5<=avQwwem6*E;c(<x~^9z7w!s!!vj}WSQ
z)g}TlSxA4Vtd>K5k{$aq<zy_otNg!-wpAxb8k$R-Ddm#AJpClu1qzyBXPj8<y-_pr
zP4e<QK_Aa%><20)m{z$-ioE=9#}8wJBbh7f74U0%y?gT+XDXdOa5h!jRk$O*@%=$Q
zb3`@YVzQuFZ!EVr>#R-@##}s66`J}8y++}nL{NB^{)EX%*G^G`M3J81W4e$OXvfs8
zyj@ZC;;2T7CnnAIn6{5G(-1MN0vaOfQKi}`$lk}+@u+m0N+zfBhyHfYYy#{Z95y#N
zOcd(I-q42A0oaz35$ot3-$IP~Q&4V|FIV&OTj;XWVV?_OyNB2KoMMxpQ!}+<1ev>i
zVlaj>KPM5d>V7p<sWEuQsoFYLRQF@D=uRC}YxZoaa5ngpQeinofO0E)I;Mh@oq5`g
zl6X+ZCOf6p&IB{HpL6CHyt#lW)V%B+ADN4F?p}t{t2`W0{_$^7`#mqi)K$+#{+|=A
z6qVv>>JAy4-9ae!oy$qO-r31t8z0Dh<yh6cPrFX)9J>SuL3&D@{vE;1A=V(FM8%6o
zp`2|r|4ZPJ3AW+q&?!VhAIioLNO`EN-y~m#J`#CoTua!p&0w>><@`hN3mB_7mHGbW
zKT!Nzw*Lo>IQwG3>J!~|SBdRdBEfRE8?t$ONiRF-NX!stXS3p7Gr}r(%zYJ4G^Hzu
zQe`S+U0=mfDm66+%gU|xxeXZUwNdBg^3Bp3o<zw_Zz{f}bc~{JBq{nMg*F>gs3cJ<
zw|JkP_9<2^7rd8DjOYwAG@h}df~Ms+PcOY*=K$Y9Kdha#kF|cEF)s0A<#w$CgY8Wr
zZqrO<{ZTiP)3X^9l_K;-yS)<7Gv>ZHl}E`1T+|Qjg#LeP`lkYRY#9TAOSAbNL^7_D
zf&{VoUgEO;c+fok(bE|3-3o>>y`=@6g1jMuqla$CK0rT*q1;hUx4ivM*7!fkgZclU
zNpIDKO)vyXUM}`E+iz}*C?J?gv@V&YOA0?}RgAw@zK7l<-J0LT*safd=JNYCo>Jyh
z@tvqw*Y8Z%<!jFpS~#wJ=?&AB8&tJ%BuuM%ex?jssCNqnZ&VdOA$@kWn48F!Ic=mG
zLC9VsDYXt;T|+MRJRz)tF;bjy`jRRK_LNf<dLT4o>r`c^lz5DQrkaqgil?s@L0DyE
z>u6D|@<5;M_+Uy_hSd7Vsi3pwweVfi_m6kv(h{L740ju(GNU}Km4g<8aaxj)w>8)O
z4F<&44P#?iYyK-$WclCwd`|WicSjR-LB`S*T8$?Z0X*k;LV`Eb5rivLkonl9R2EG#
z`oo4HHvRjlgoCVmmrfoB=kf&(h;g~9&UOYt<fB4<i?=l!ny+dCeYHmqo%dB_ELvXc
zwiImJduzxPcvcf};?K3Ue`(gJSMppKK97=ljqdz2ily~Rrd9qI@HCB$fNHv^bxv2`
zW=>aLt+(*5KE3sR{9e3DzDHCmaGmda*~p%#faD2w-@7aK5T5>vUqH*Sg*s0donfb~
zth`~^6WlpQSIiCPd&VN;B+wJu&eYu&k#i^hEUkBvX3N&<+s0DWw_o_mwQ2;AeykR@
zeHe5z-Cows^<?=PUOvabwVJHk+9Wf#4Yw5v?Zk5(O>BbfYs*}Xrha`}YW`%Yc>R%-
zk=-L67b^$J^wY;*@!V=Xe4nrODIqEIUZkqu?YuaSxi^yumA3)~bB7SYogrB;N;fkS
z_i;Bc@VL=)CJ!hopc$+-?Y6%32=o@0Pt<v;fVQSULWxoAJnUEcE=Ogo)Jmm%E>6Oh
z*HPE6G9%K+H<f^iu2urRW7=P&9F4&x1WYThKkV1<zq!D$cE;RpBs$K|wOpZpbz564
zCdI_OL+y60A=?<;Zs<7>Go++dQci%JO{FKu8CJr^77n0%d$0P)OHl7UR!|G}^g>HW
zy^<_%cnOY%41U2VJdQnpADY%dRRNDDfnfn*V?NXhh7+xSp@4kA7o3%WiMw0U_009=
zo&%QaEEQZuTB<>7U_=^i4Nf?R7|>eM<-jk1gSKx16Lpl6bB(DEoNAi3j+)_Ho=d<Q
zIuVZ_u@Lse2(y`<o*Z`Y9jlRF6JY|cu~s0%x4jzqI)%d_j1G=U(70~ts_!ekx4asD
z3qr&^gav-g>*ei+^)8+u>waCOE)OFFQKjp^rX;OXr&{N*6pX`p@gDZ$)Iuetv)+dV
zyvM@N%F+-ACUH~4DJyM0D0#|^&9Q)Cui^u`o^QKfS6Zov?9WxRl$h;n7&aU>uH+rx
zt5>~SKvS2|I{1Pr$GILMbpH#O6zj|{9zIxR599&i@LcOgpSe0!?2+jk9!0LTDvjd{
zbxw>bbj==jYw~k`?1?pCOWdhL>VUdVIg0FHC8e|Y#Zb1}BkMw!%sUutG;-k&_d$wg
z4as;K=q=mkqx5+eTFC>iKss%6RmV~38GBL4aTV#radn5~=_z34C}k&nT_w#Y)<;o8
zr?@vvRLlkLlUil3G`Y_3=8WWsb!D;^o7cC#s|E=uGiPb(V2KtIUgkDm%F*+7{CtDP
z+vzfzXBb(U%EUZZ-VgJ7=fgq+eZK32$ZFWY34xi*Nk=4Aj;hE_htO<zM@6EtqWC1e
zS;=kkR~C<&XmpAGsak{nzC8zpvC@q)rD%faFf+83<OB~Dv5ze&D&6)6VB>bEBI428
zsK_KHk#h5^3cAk4f(pEh>Uv(z`3e&2eo|%dno}FR!}lP8tiWcb?w7dL?yWWSd7wZH
zHf5>i)bbuQt#tMk+V2NLf6Z;`^H`=eu2E-@4t1L=ztI21-dh02(JX7CBW8KT%s66Z
z*<u(mGcz+<%#0&uW@fb5VrFKxEwnA$vUmRf+`D(_?w+#|FJ8Qe7f}_J)m>eXoz+m4
z`6c0!d$nIV)L5uK(nf#d@+W1t^&h}!%8OnB3#FzL?so0yxVeXPg(=Zs@`cKBgLE)N
znWx6v61%x#USQkUy>}XwB*5Gbr?En?KV0?0hf`6zmn^8z(rp%COKX`uO4Sa$$F$hm
zz;@r}?ILMIh}1qYkvoMCYzdy3Bn1~qC+Qx^c?oAIHAj|<q+|i3QPmGgU_*A^D3-YA
zbdva%GcY+u^!zpxSLP$7!en%0QXXxV(77<gtm&7Gsz@%^Xl?$rE^M4g&KKI7*BV{v
zFX8^$(wWf!>Lt%*uVdNgTk+zTF#H2xHKYZNsIPf%3zckTk>=uells;$k;MEw6sX|H
zBN=n8LlI6lDwM{b=?-D^vbK=CT-Q!PQc%bVe~xN!`1Wzb<H--d^Zsobp2XYlL3XTz
z4nI9Kb5|Fi#RC=Fn>()`YPY+}pCt~QxS0mVD^~m$>`OFom#*uWC$v7DDJETu`}KGk
z1tz5!Htr-Fit<zfC|@46FvgxoAHh}wg8^&Cdv~W3EWN0llGkYJJ~$hwewnnaqfS*|
zvC7FHhhK@E`Y%L@abJh&hr!u@$>Nf_zN!k_;mJ&CdRAGkvYOKr{C2W5o|Y3?xJ|}Z
z7FjN?(HA@f^smYNL+<soC3SmD7!2+Xtppr@0N-<MAB=pf*_mv<Nswmau$qzDpk5xV
z;cZf}DL$RTv#JPH)b5uUS7W|gx$@uhtnu>~{3>Diz6v*^y9-5+W@-I4ngV<w$0i!*
zhWGn2$PWG4?@{w7x+qVM<?Z8nu{xyj(jeZcNEXXS)j3%=Il#aC=b&`C-?*WdcU=Hq
z?jU2Cikws*_;N5(l^41Uw79B=4mqNeZ+9#f<{JfNo6FfBmoovt8qIG~o~zDf;?2Y*
zcW{u;kh5hOC9lXpR`!n;j*2u8YBSQ3e>*HSA}B$RHI2oQq#7IH9`Qe)BnKO~SQ-3v
zK6+V)US2kj%<Vrd`@gOzP@s(xfs}LYuNDL8x;kH4{@J$wt-k2A$|=N9fNZTwFNHEg
z7uB1t397H($KD<gM(>;ee+HP7ySzIlSEAfaJ1wH(vbWV*AM8-x{wm3>>;C4j|0{W!
z{ik;U;5mH4N}4MdHHx3Nv3@mKP?LyrG_O(>L%v^Ed3Nl65bgE(aYCutvCc%+BECII
z#@6y|YjeLdK2lJY^m<u!c80gJh7y%MlZ3SUH69J;2D&0E*9>dTjmW0%_FFbUpiFI#
zCx=x};r}21!2?eFY*2CKv;?ov&ULI*kQ-z2JRR1{Sm`?fi0lP+4XSwc&Z%M=-5EXh
zH9ZiDOvYPGCR^JP$sb!u54rI>lhEku#b2pkC^yZb(0ApU)#ZA-Db?GQWyUn2hRdVv
zhyI$96QD#qZ6NiTI_1WuiISTvBa-G1pc;t19{j`m;@ePWz`O#_O0}02Uk#aQi2H&i
zYfkhNR{>jOT1dZ&T;hQ1ZhxMw9$Q0|mR`gPW%+Vm+wJ$hkKF+?TuM|?FQtSoxl|An
zS}~LS+j@=z9!ZQxsedw&1KC+2*4+R{1D4Q>Jv%mw1UJz6=l;(AbICNPvAil_fyCck
zfLAE5F?Mx~!g44rn@2Vqw2dM;kNGDOE0|92rO6*f)Mp=#Sfj~#rT~8c_au1t%#loa
z8RCY;yBTre_urCTU$Qn-22uO38{{NVA!WB%@r@`>_Kp$4N}Yw>&(*JRlRvqJ*YU3*
zoh}W?xZC`rP7L6wSx;32NA)>Yoz|!pj?p*Z8kWK3?7n$(-Jq-kG<zp?yN~(0_6OWv
zTzG<?-hGM`RA;W8UKJinmL68i`uI~L<>YgTJxVQ|VdZw9?q*MW(c}v#o_-mU*Qrfr
z?rfr%7SX+9g@9J!t+{Gxro_qqmSEAS^>)#=_M-3}M^R)w%55UtHmkk6q)oUhyVUwg
zA=~AMGPNJbcT0^rkH3?v9(Z!{nzP^=ziZeR+6N5N)Rq>b@HAvxiB;Fm1<~grCu<k^
zq)ypXv^y*yC>#OnfTdho-iyv5k#aK?XnATx5%o(v-zHKrF}kPx2XHv+5k%i^g5mS;
z^wL#{YDewsz5uISjHjCqe@%Y>8GViQ{8sjBoZo7ZsS{6Z&F9n-tF#Wf@-mb*aD3wq
z<{v=zN+M6sn<MpSO{C@vH2+VC%`3)k?d5smwZnM4v1c<KWkgoKaupTU9W{FpVXm69
zmiIC4%iB>S<ydQ*7R~?)pO5>Zqm%WEm(uMA*p26Qm(QbU6GS_5X1)j7scg+%uUJaW
zBcqLuN_@keujS9kzP+SA==*uLK0m2VyXkPT&n7GPTX0YVW<VfS#xCbey9;tRerA>u
zgpQ=L`=H*ydzPM>d>1YVBZIJ#hiFD3d5;XL(Peoz_m4FdwPgL|MUiBM5=XAe7(e(=
zl+Wao!4(X6E*~<wlTyXpHv!S=vyEw9S?XaZE%KCggG&I#oNGGRa@{??_X`I&+?c}j
zo6hHzq>ey7OU%t0j5uripm&-xsioG$>NPx0fs6_b<*V5IU!6WBOTR!EU5ltk?F$@>
z8KDZG6KqKmy<GaX5fvl3hV~xG+}x$w=`r&B7;z;2<7S67c0DIt*Nk4#>hG^mHMnxc
z%PS@pkHeaf=#2Dlr}2NZ1UlT9T)(5Zoqs<jr=%z_Gl}<Rsr6n7r_N~120h0wJU$_;
zue#4a=~`V>KX6}u0;{ZQ-_4<=EKa=wTSI@PF^|%`uYA?ESgr-PRCbrziHvoC+^VVT
z>a6KSHamNXS-wBbS&6ZvtC2L9Nml(lU-dJ?$!Cgc+0_>kBgo3IKqA&tjpRNETS=tP
zsfI*Kmv~Xmn3#3`B+H9hsmr*6jmD)bfGb~qETTK8nFQ$qgP;D_Pb)%51I<@=TV$2y
zfWVVok$4zuE7U40^mowBbAZb`1p%+O_NwS>VmjT~239$K)X}VJ?GBEOn;KNHHRda*
zvsEr8hKk_M%sPoZC)oqU#Cj0z=j!N`7sDa_=En|7-?14LX1N+FzGwPAMJ0~TJgALb
z{c*`y3f&@(mKu{5qSQ!AJ-&oe#G=j4U!rkm^*I$)i(*UPvi1v*$LlkXf>l;rhKscU
z&3f6>8``#&bW|BCNzFBxUz4$ZvA5cAr#z|EN!zJ~yM0t_{RKQ~=8K7H-Xn?%A2<pK
zQ)(hR5s1lpJ})queLFj4{pi=s>fH0CW^#j3vew<bU00@ft<R;EFi?FtDXJhFpd0yl
z$GBw;{oPX9Z<w6oW<h-oC+{<T$v00n`$LLz2$6G;9itxYl${dwn89c2SZ&W~!oW_?
z9BQLy7>oA3g7?4TTI{pE*EGx`E)$4&LW+$+rE&|*-Z;9QaXGSOZA)(@Whx?-;1v|*
z2k19lJKI+w<SkAP7$OnJ_~Ft*XFdkt_hzwC6iXEX2@u2jS7HPGb>jDb0GwKh+~WQj
zMnw>XLHgydNHWEPKXd{?iZ{CErcBcIk_mcRkudsJnX@;oBz|Kedq)_hwH3_h!n~a2
z*xFHf6;34bHC4J%2X0+AwVBW9l9EQN96R#_t4Mj$cG-9gbuQ_Di7Xj;XM0>?cWn!}
z7?*?_s`=hn*7fAIn^#llxkKLY_6v=3<P7!C)i^r66-KAiT6rp+23%A;8n#QPQ!;XF
zaAv$jXro0h_6_6WA;`fCKP=twqqQ14CuljBt<^~GF^0sOd@qW`4`SP~-7ls3gG#IN
z@2s3aIU_6ambat}&u;B%B%RzwHP0qhSDq7-x+5c$u0V3+c`(qU!JKaFQiqT=XHelt
z6tmkVjy@y*DB^=YsE+G9%Q97uToeBQK+h{*qSkL`Us}pb^K6woW@_mQ(>&zqq_y1G
z=#GVMRz1GTHppI*%ga`77Gz+&q^f5`;_NzLE6){BF-E-Pl8_=;uWU7S($Ui!Eh%%H
zRAgSKI&Y@>{Q>+^4$)PGjiu{DHojJ;Bg+=D1k6lT<a9#vlC?nC9x7d>s7?CB)pNM9
z{F<KiTly5ZqZl>fS`5AmjOpHuD&`hv(UI}7`d_Zg<$KfVgk!26Mn^GCRDJRzsg>=}
zKQM>J>96&kyh!EMQ-nL9`i-lP+JmM0ZcG?7S5nI=HAhi;jm*wR@|1VNguX3~G+`<h
zLlNYvCiC_Yn886EwTML!c}1?V@=9#ga)<gojVw>OS-MX|<^I~lOU~4sC^MZ=wCBLp
z5n`v#+sC-ho|V@Fh}<kv(3?5D?&VZz5d9y3Y;Xm(i{5fwsCaC2q}A%zXQ{mJMaY@;
z^y<0Q=)%%Ij<G~-98Zmi<oG^%%9p7*2GnZmpDAhPDc5L;ohQfg=9R9zy3a}EduQ@{
zqX%g#cio-jv`Xq%q{9m@C3eQ}I?N+vxAMQmq<K3V%S)1)SF~3z7wfoqn$r}QOx*2u
zHk@6ab^R@9w2(!MGE;N2>%GADrC=y`*rLMY9JEWooOC=Z8go1lRw$$;|Hc8f2MdFW
z0$pdmTQ7YH6U98OafWh;nQvBTeJh~U=XngWBcB&cM9`s-ZY~=nLu<V~o^5c|(<CqG
z_$ijCb3xwg5KXU!Nn0}()VVr3&$hg7kE%zVO2-#XXQ<bP#%tIrEqrWrWn;yJ?8bBR
zAM$o?1SbEUlcg_S{kTf`1)j9jsiR+--P^WX?6&(1N3nvfH&5Qxrk2{<B==vAR+-b4
z+FqH6Y8)ZkU)vdQNsf9`xrP;R<muNE)g*CRe=YsXQE@X0AGHO6FD6gYg;BMprgd+B
zN7?l!06$AA+FsM{B|F~~x3lOa+*5hxQR-ibN?gb52(X6mpP=6(j*A-3sgk~X*e8jc
zYyvC)*U8k0q5?xACrcsESgY>}_WxJ1r~=C#e*h0EP)&XoAXIn%FDNr4DA?)WXs1ws
za4Jr5wL7z6pj+q?RCzzOq~%`K^yt5$m%XF<1IX*pK!WGyD!6KRB!uJi&GW8#XhUo6
z;K8*W=SGfS(Nwh@4W(w4T}VcGPSYH>A_-0NP@U|I6*1u}Q<jRmpe3l0zu>pzk&@OO
z7vDOTTh8!LjG0c?f7M~ArH}mC5IYnO?um<Sae;Tx=2YmDl#=Eli`fu#lCH3(7VKBL
zs<k488Rq1X{x<SM4pb}l7)~i=oXgB4bc}^xBWU`z6|D3-Ek$ad{`E>@OjZ7`{#CaP
z3C`meH|viIQG>WfKxeVkta{VOhtNjlsSB{$#};j9b$11p;~L?4=M~i0&Q`2r;ut#+
zwmS3dl&W1Pta=)FJ;qhIA`{_h4`tQ@)oW<7g_a}Gbm3$`8hBJ5nGLHyPPqdP2ABZ|
zgs#d?GPkYa<#8U#A|X?R1A?+q5{C);k$MQSdOXztslzG35B>viHB<5Dd$suER34Ei
za%Les<{9cEX};+dgtWNg8N$oOjP1eNwmHfGXA&nF)$(xs`wOFL)1^4~7zF$tTaD#v
zYZHBL#{sgnTwfk!+M&dnJ#=WNIQ`YISm4U=gw26H(@h#NzSJ&x-^x7?Ptb=2yX+&e
z0aw%zd>*M;Xt@Z|(4p)O(F;{|4C1Ne%8VRhFRGsPat^WBW>K1NCX+f3yuT8IX-p<J
zphP5SB!e^EIhOCc4s4B7p4&Bl{dz9|@<z7<w>#U^%T55EistGBZI01Qm)|sKjd-To
zRCjl15aL9OtdEr2a!gn1rwiP&476=YC<T;tuX{d=U@@kMarv#Aw};I<RoXeAE2ae?
zlR!>k?H9XQ2Xe8<ae469Ci>J19ZktIkSP%Kj3P#T<BV5zk6%W-b6fLDHd9g`nG?Mm
zdAGYa>`#p9{)4Qco_6y>WgLzWrCqES2R}0fU~{@$89H=GSC>Sh)N<*2mC8v?1X(Nz
zEz3|ISHPA7H$DFs)j(^kJmi44n9d6|(ZKliTQQ)ZpC9m&Sbgx>vM%PkRGB`ZPW8}W
zA?#^e9JZWn*{MPZ264*f)uS}m+HV75jfl=twGc1vKo@<^MtQi;8abIdX+>^Lr*hti
z$No!rST87oGrglcU*sTTEXMdhjKf<@>0*?q32mwKW6ryb5>$as)%$3Y_*Y_d)`aoe
zilvin{s{(-9f>W#;knC@Pd!+OQ!XK0wh@GRtkWczkbH`6Gl=790de6M1F%xI*gnrz
z{Vr$f%V>SIu{v5PdoF==-RGwcaUhoY0g~Eq1FS}YE{9lR33)8)Rsn;ki3w~tEnjY@
z<slw&s@3%3-mv>(E5m2Cd%EXPF=Sk$41bY!XWuKkn}-0LPPlY*bzNFx67`5Pu_qYH
zy)dVfUa<lE9eg;%&mDp;*so0fKigZlX2(*@yd(JDGyR^$pbwJ8>fr1uGQjw)l>Ew^
z%m7*LFNyJ?Du%fRAy6w$kV(1`ZPi1D^3xK~w0)``VU_u}atHG2c>qMgpGsW@3^%BV
zgs=kfThw?pP*C<}kKEU|)Y9SyAAXK~z!+1FkYn?@$E|@iM8(1)dLvj5`dZA@)iWNw
z9&)f2W%w{Ia6IimPHz^IT{YQs8hG<U;qTm&*uAx$9_y6K6>7~Lu_W%4IYFnmts7Z=
z;-^?>g*BbO1IrsWVM~yb#8M8+Br<YEC_XZ)x!^1{!k9Qq#<+r0Uo1yC_envl3~B0-
zOGv9qUOWZaPBB-TISM#T7;t@AQc5*b%&E+3B(?=BcCFQdWcg`Yj;*6QF@OVJVyIZr
z8pL*}x2f=+LnG_#C(k>H1g!Z>G~C~^`&ERet)hq*+mK9bpPFs3ls}}hTdSE0W)*17
zWCJ@wgf!}QRN-*X3CkAv_6<Y%ScvuDu{EjcCyjtJw?G@m0FsV|x74&Hm0tJ9e07Rk
z={W||_G13+22Oswzl?$jOvX3vy?z<7;!wlqezy(>`B^q3-iR(MXjk$$W~W^0eFeoD
zT_uzdW!N+*Yv9WdbLz>Ee)~iNc2{5^m+!M%jzeVTIyEgF)(vS!8pXx;EtPU<_$56c
zrp(Le4?-o<fZ@mI@#hq$zsY@?u-BN)Yg!|O$fp$sk@B5M*G0(X5PS6D4PpEqgfUwM
zK`<2SiOf?QV(T=V`J+xG!jIaJAu-fmKGipaeju0#)f+u=%PUJ~-7y7$x^)?jZUk62
z)@q{dpHrne<fYOQ1BscmoauZ6QqFCb$>8Wz9<(Op$qQa?oY)drXLZuhRF?r3O^8g4
zsFaGz8|o6HlV032qB{81E3i*S8vXX5aKcz>+{~eFw&xt8hx)`!CkOS0n#;>7X^tK?
ztNrQx56WXA-F!{*tL&XQ1Xd1X>Q$S7ZQ3@#l#YhPOM8|U2!8eeRP&nRm>AV7<6gFH
z{1nlhL}Ry};lsI`@(y&?!1BiY9sb$C_Ay^$?nXk^Ls8n;?x4F4IxbNy7s|8@YmMm8
z10hGO=W=_qdaN6z2`?L`^l3P?#M=r{dTC67Fq+Rwya_P2X=3s0Xa3fS{8Ew<AJ^{n
zTUuI?RG74ZUS>A8FF@je7{%ABHMDdTdW8)B`X5gPpZ0umr4i5<2fvFyW<?QUv2mfV
zA4?`D1D1%}k_0(VHT4QJ5Lnd<C5W&bIw(K8^knCy&G6?E6B{;hS;Gon$zgUIxhGXs
z!1dgVjdD=-+NyGxOPjImD%gflua5eN$TzcMO(E=5N?7jYG$8M~9i2*y(8_;+mF`f3
z{H!Vqs^pq46b>J<j3qzpxJ<D<PwSq|JgQSai9?(t(sL!UH)pru!Vh20Loc;UeLGZ)
zpR9`lV=lWM3UfNk!p0h(c!LH$beeWf_w4d1m$yD5&I-2A?iAg=EoZT?hr5V$4JDjz
zq_NMy^*Hr>p`r}I;mDJ{vZ{869YTxNMi7gX0#Jrg)ofd*031{?l2b7~w2#skJut&0
zD{_|GUncO|_VL*3MMM<CjzwyRPZHKAm-xQ7+{Nv(d6i#<kq)=oYhz=60N$T`OvY})
z02JRLcMg|4D+HfC8Gi{m@71=oESkAb5`aSS6!>##^gB2NSU_{h$zD-bE-;&*bCho}
z{Wp)Yq;4Po4hJm9Ts$zI+?Lvp$=R<v*;wq;GXSOqW;`_0a>L7OCLCJasGo)HkD5}9
ze*oi`W_hYc$y(JC@=Q9j4aE5=v=N!%Hee49ac<|03aPOKZXKTnU<i6pmZHXL+NG)8
zas&d5Hoo)n2Osm8q$EhW0F0IOC%fa~-fZIMVi3y0mFKwPSVEhIO#^W@U3Qn<dKqmD
z9SC@P1;!RvAGESxUcoQDhFV9tm%s);+e4=4s0KeafVY@++j;O%Pf+p#rAbE2$9Q+2
zt612yK2%UlA4C_wsx^<S_3_&-)t7~GVl6Efe67yua!_M|CnoOeTYi_Kqo^@kgwahb
ztQJzN6`9vw$xvAOSLbS&{_fmcD@-HV&-rqSFTHkg)~9Hk8y4#k=+b|6t^_xxLOE&L
z9UC@dMYym%H|Pj2=gGM04!6aD(M%py|H5Lu3Ky|NCTiL}6@IR-2|SUCZ`OFxfEq(M
zebCC-Db`3H{w%Q^_7_JgM4oY_JUuH|tNFB@*E21B`Ht<s$Rab@#YtjQF0XEFCwA39
z+f?pp{JV3P)S*z$K}`oaldE4BD|MLu0G1Q2@XUp7{TCZTtXbPNS)y`0%Bt(A<jVPX
zpDTZ~Qpx^imnGc}FI%$@)e}R8VL&g^wjjap?4|cEddZZ<s}{8#e_aZLDv`JcnLu?N
za;IK`SAIJ%oc#f))a8dL?h_@WbMmSFq6hr}nEc~t?%0jSOg$cb0k5q!6-b}eK!`2%
zA>{|HFG3ExpYM7$=V?AzTly7MviycQh2@HW5Mt#Rrey0J-z;q;Bc8pWp)8?03>^77
z!7jl%ei<XTt;E188*riLSczrl@1a?$5%OF1N6tI;AAv^qNn<@QyA%?M#>$Oai}P(I
zawu!1oAg3o^vwkM*l&^MA$Y^iV!Q?5%t8!(wzgi!Tp>4ow{y8^#7`#QLtyh>ZzOd<
zb90f0nXBDeYgR|<Jx;1s=aNkr{PMZ3GLG5eh$h#Tzdl?&N1>E^f;O<Z!E%vhGT}Z2
z)>ZwBOJRDP{Bh<u0w`Sg->7$%C%H@Qu`!Q2BxDX(mXKC!w#X)eSN~$y4Q37HrjtxZ
zs$%IVSH!&QBE<&~vJ~riI$m92uYNeDNv{hOp89++Vi;ZnSDp`D)yKJXTx$%?LZ7vR
z8(GY>1*QVTouJ&qNTVZPjT(L=ivUB(Ie=DCPZ#ZGnMA7cH#2;HgQ9TMOp3W?_d)?}
z=1k8n<)tb_g$lUAKr{LTzG6Fd8jRAk=2+^aMrBnxJ{j{8g=mEkIPv;}3M~9YMQQHa
zN^SqnbxxXAs_e4$ZuC^tz^r#7o|@<^gGKbTa;el(vDmCOdCR)gnyyQds8K_72IN@y
zNcML*HNT7gk_IfVu*PMwYwR6F_F}@`r5q;S@9Kz{tt!$LSn~2h<3^N#$mf{&%f-Vl
zZ(|bCo(H&|m?Fh2s1mv=NVbQ=@aU#|_s6aJ+#&+ka#WR4keU|UUV{&yyuULUUboKT
zX*sNLmjH|ysNHqSVo$~L6qTL)_yhO=W$(lYieQH1XVt0M)fzcoYR)+Sm!{pw2&!m(
zT52R7%9!+^nhr}fL`Wh@nz4(*F(Q-dDvAY|rQRGD*n!AnR-K0)&=3tnU+GnP*U${x
z+ag~_Cl)y*%4&xdtnZaMjc3jgLKfshvGEF3gZo`btDB}4<i&wJdiudXXF4@JM^>@@
z55TIGAgf?@vF@H(px|o!-kd-`&}2Yfa8mVRy4Y%{;!0dJp9nbtH`(13>>9L&6lAY-
zQ1J2j4<G>C=4TnT_UrjwVb$a6Z~vkNjhE|SQI(6D|KlMJ9IVpk4m!oO@At34XCK&2
z;_v_B$V`y&2ZEEo>dyQ%5XAm5`3Abj|Kk74B$;C4x52~n_YdUnntpYi-P{L>1e<&<
z^>JN)qkrxG*jU9b^na67rF}8{IN(A4Jo|ow^M4?vM^AKrF127(vHpF2J+`CGLjPR!
zCi`2X#ePq+|NkRoaesIV<2$8^FHbVh)I(B*oUut`6_mbGYYE0m^4=`3)slGCJyC&R
zn-1PK<i|2zjKcy3732=Gz1p;-wC^VbWA^HT?{Ljar|7~zNhl&nMlUO%i%=`}kjSM4
z22eX+JD%V==jiNBmQ2%PrvueC#WpS9fMEl(m{A^R2q!q>Q2X_v=q|Dm(wTXm;yf%x
z1l8qB^sJp1DnxxiA7FD`BdI%i$_d(V@O4a5q2&|AfTz~PZa?4VB_52b%g4qC_=xpx
zC<Cd=EPP{>6ai~0@v%Gl1--QNw?*C74VYn7R5)b-v@QFyuXi|Ii7gx$yivSv?FneO
zOuIcs*d7fVFRKglqyA|`UvS?mAVjtY3l&98;x^bO_(sSqUy8iLD@T#bVm)a9_K8o@
z5}eJ=qaJnn5>|<apgjpS9HGce^D)T8-eC1=Mt~FDaotQK!Py*8Z8N21ajMchT-gFO
z<Q2ll50izWoDYp4N`iA%V+R=c-tD#TR#tUb(jF4bDO%?1)tl5qvD_r_QyoGP^xJTA
zvJKb(<y-y`^tQ0rfg1G{v_VPIpoPj4pS$cz67xAqy}^!C`kn03xP8X-7xRXe6zqwe
z(%+tZ?+o>1Sd$>5sq$w$h8x7I7J$XOwM8{c`r)>e`KL4YhcMb3(`7v>TE*c@^NOZA
z4%Ev!p|LLXH>wMxW1q_IokWis-6c<JN2D_>0)vHm0{a1+uM!z0*wl8AeaS?7Sb!%g
zB^==GyKy@pCl8TOjZLX3uo1Fr?_yB1`s~Y%FP5gcItR-Hi>NLil?2R@?rK0z#UXg%
zo<q|d6du3D9~x)%)zpl6g81tk6(Vz4!P+i{Tk1FX5j(|+rP$D3{>l`1Eu!DJqt%ye
zh@OLvmu}{_noS4WX5SI$r|n`2fCk@1g|Uj`Nc*|Op0wlK5aaD?8rU+d*JZtc1){Ep
zRm^P(W0@eWm>(^giJC;q-p9D!zNN{d%><|djP}1JXK*r6u$q^k+}*F|Y}LRn37XvY
zFdW>6xi42zXM_y<RcvwZ(@yG_wBRbwz_@$mc&W&hKaCKMAf8#v*rD9LOQ8+rrd?{#
zyDBHK-^+ZdU(z+D<fHT`Y^V0jWkE0lxb&~B9vks~8j8Wf#aCEF!DnG<w$r6Q>EKW;
zX<cj@cgWt8%$3dvr{4wJaH{zF^}`5C$2`Z9EE_e@OmrOKd@WgsSt3F&Rh-ozm9#A5
zf@7IGw!PFW%A~$d`&Q-&;=mA4o$X|`QbWq0i?~g15G-h!o#D(=?yCRft4BQ^GLdEb
zsnU)5q`%$#dp+f7jy&2Wl|@y;S(Bu^eUut}mC;z7ldc?#KP_wNry!!E$a_Y)7Bj1G
zu#y;DI~O5hs5R5c7*{Adfg-%BylYenjyYlR#F~)7jG}b<O}I2E{YSRxh6~!Ii9KDx
z-C^Qw-4ab?xj1e5H}X>IyTWENQ!_WY&g48F8I7jQ)nD!4`j^X%0tipO20+Z`5hJ6g
z8mz5__2Q%OdOB1DllSE7mzE<~4lxGaJ7o2m<w7!)S!`I^(ahD_-?XLA3O5kEkUIYX
zNRNH0Nx^Cs1EZmXXK-1@d(LvAkV(55O<Z7xN(!w}^n5<At8f3f7en(iz)fkDbWafi
z-RMqY+I7qSK&dl5%Ey(<h~Bi#pbJ@yuV9p4Zr#O77+LOST@J4(7gh3ZG|<`qei503
zioM;e1h0o8TOe>1bAt_@p)mh|*I;2C6#)rJG9gh|c)roboelaJ(ny8f-#l*oZMWXY
zw*F=1EX1sW7Tou(a)`4lrA@(B6qUCt^Ff6kdHfpNIBfNiUVV0{fV=k<J1UbdX7-?!
zRf2{}!Ah9gr=ob6cFEPA3KuKQi(JNK&TK?J<1v6?oSxuN0RcaHxd4X|mrB8x&<{FQ
zV9@Ecn-!=m=5u(c=u)*ee<Gl4p#-ps!suiOe;N)<jAQ0O#u(>9{JQ?kD8ME@OG4Wy
z(^V7K+BJQ}(r#Xfg}WJ&ql_G<ok1w+lp>_|{SZzjzhOB-3qC>&#<MFN`fy3(FvN++
zLTiYB0@bR^Oe$iY9SoQ@#(o*MAE2t$SH+k$z^@~s><2eeTiN<1zykihHB#D}APyoC
zU9*X&_AHzqFZCRw=zj+^88H3;qolXNcaB>Y$_UBtFSGxC3LVC&5QVX;?r^C3J0&QW
zlp|m%iqPyIVU&<I?d&FcO9tD#-qiWzI8B~5g<2WrNRlogLd-5qZ`59fF<k&*R&Ho)
zA7pujm|i<ud1oF&;hN66?38fJ!|=6&8ykmXGjp?KnwLK;vwfy6Pnwj2F<mqAD4fMS
zgXOfG4_gsu`pHVt9M&qQu!Ss$h&R_c=@e=$68P=lUkr=FM?Ds*C9_sqeYqL0O<utc
zdnVi8biNL(K{H5Ow3~&4z>AdVh?G!fq7G69KUdRHeis=7EMEZP4NKRkObA(0SUK8U
zu3<5<5tgN)LFj<dzG@x){=R&<nYb@7zk||(=VJtsyqE-D%s3VOY(Ay>^x4wW?+R0K
zSTCoOC{!`rFx)qzkInzabaakze^_T<(@2;EuJPMnxBr#ntc2cDAqT5>!?uekfXp0A
zVU6Itf9JXB`)pm-&5sRky&vc)1eK?xDx0$(%9SN#tA+y&pzqdUX;M=&ikjDX#|F`y
zY+V=wv@4xi6vI#&iGz<LIwBevrS<HHS}ur=YC`-~u>`IVGlWCQifbL$382I{5_f?l
z-t48Dx8?`xRCNAPj}zB<%yHbtb<1nL86|K(Sjxg>#JO4Dl$8#h3j16Jn}F4~=7NbA
zQ-rMm4TIh@3BXM)7V})QdP9Q`KT9!LrobQgqVYi4(5VN3X;}GICa?;-T880jAcBNV
zyrNT=3sPFszFChSjFf)yTzoq+Qwf4~t7dDkR?eVAE9SpdS(u!fxc-%q?M!QPqKBlu
zltwQe>ZI{?wk5Pbh*`V6ow9wXfO>NPKL2z)7G?j<fKjDIZP<+km3<&&+6(_3%tNpg
z6Mqdt(KxbL*I>jBzTRjs6YWUsM&hqp2gt>Xt-9t#5`-?lT?+gfN0lk4<iP;*Q=^3}
zjFFv7$?ylwa%k_jG8@gP97zNDT=`&>(Ywby(1-$LJ&n4qQ7a+dx!h=j{4H{6)3R+?
z=QArKRYex;591CU9MtjtK>3PHQ*>(m{ZES00pi%$lbQMIFuoY;Uy3Fo1a7NMG(D|m
zx#PpaERC1%N{(1VhiGHt1h$q#YzWa1+EiLx*3uH_pQTZq4>@MjJ5<2>{xl#Mgy{zm
zHgr+OiPk?Lh7oJm@7#c!M7hJNpHgf%pZKuT*UFwzCZ>y#e==i8kYmVyPEIdtWX<vw
zqUadYgNDpruc0$8DlPXqD5K1;bGmP~&1HB?;iOzsG)2>ICs46VBPKRKwBuPK6)Gkl
zM(8(3peVA2vixNL*%_xM#(_gIiZLpg9r>-w)gEkDLZWiEsW45le0gu0G^bOGy)`CP
z?K4H!cGcV?k9`Rwv7<P(?O0(ylV)ZXm}}IYh>Ua5R)Hk2qFTP$l_4ihhGWiQtGd>r
zj)K&*9c?0r%&c_qMzFPND8JZ@a(q6^UdL)hwK|rbuAo1F5;K~^T#nmx#(%&!n`N{X
z4SUZ%>WyBsP>Zll1(MN0f7)SVh?9b4jarIgJZw0e!Ppho$itJ0Ze@OE9~DbVSPXq-
zJ&lS;C@cJps<lGd%p&EXat9S=nLP97T^Fo2jXi!>HlQ2`R&qojsCyh;jV<A6OMsTW
z-?)^pr=?_N_<7-hZOFbMS%?Opbd24KMN|M9d&9;<ujk)?T=p#9zez4x#wnLTHm>G4
zwtEiHkD%`{NO)z8Lt0n(ZD`irrcd0yfm49YRjr-(HkuZI%nd2-G+am#K{NrC-6ez=
zF=F#R6cMr+BfO1q)}`@>jWAZCo3zS>-cfLFHLy@=(<|mi`I04Ra*xiK#;#rrAys{!
zy&sPVFeHuh9$zBF4nHQ1Rt64mfV)G$2mPVOOkYl9Tu6gU=*?UJBZ+*;B*-b?7S9SZ
zOtQZl2gKN~w-H2&H=Pos-96nwXV|OBscbAW9W35ZJ=t3u!B)s;UAE?SSQmj&>D%Rj
z41kIl>eu_b+i^l#<Z{G7cExUS!y4Ck5|%|wG;C(sC#{HqxHL@D7an#)WO#K;Wi}~o
zvQ+m<qJf=d83Jq+>UDg@2=%N(&hFKATg9j1&2QK&lij9@4Z5Y>0NUA056QL4$zyk<
z67ECj%wPmM-nA=a_XNZxHfU3qe+>EQznL+<zM!8tLHBmDo6;*Y9*vPU^?cNeWLT$@
zRh*f`VRTvx@xdHXj~@{946rWhN6Bx@u4Y~pI8L3)k_W{jqY0w$Wwv{Gu_>~t1=eCw
z4A}{ohLKyydIzR_^${C?e@P`%2(*wfouIE=BIPnJo08@8UyqSnrQPplEkw4?>W<S8
z;;o9H9qaHLqZM@s%D`1CjCrhk<SLN2-oWL8-EZ!*f}G%HY9(OJTz9A)k%gKf?2u?Y
zqzWp)?<F!z#Mb2GZPBM^TUnvc-O`r^IRDmgdOS)`T!Z2^--WZFnMlK<Y|@#+_9il#
zg5^_Lplhgs*dgfJ12-|>8fo^sll_lH|5LKK-&RcxV^?!|P6H>;(KDua84yJ$*kUL<
z;70yD_I?BF%YRCWphC9@(s|rYyAfG}t|Q-+Uia3P-AL|4C=q)7AKR_zk_fNhg~|?h
zvO0r!-Ew!9|FO|ctWP7|{y#%%;t4t!dJMSDKYtY7ApP?HCW#l*%KhdKKpwi|&I*L?
zv%|tdH{Id?b}$MD__rN*pxHf#+Z|<S>adt;iE7J{Ysk{SI}CdVgo1U`8QSv2(4{mh
z9qn{`N_gt#9k57FSBeecMI?14qLzwtY%;C(j-8=vFp4Eg`uK{v-y?KVZ(%qf$0yQ}
zSl6HLK|g7re;-5IPmSkyJ(Z)8jI^tE{a=5D*3FS^xu#~GJ4mILD(rg*wZnjuU6<B_
z_2gc&_IJ<SC}A^<%c}ZmZKh_!bXOd22+4+k$+*I;$3ha+#W}!Ls(P4dDya?y{f|1j
z@Su<?6?wldUA0*w`21;QG8dQ}PQy_1E+r*1X4__Io)~=sUqy+r)?x7&3F6V0Zd>U<
zEuTih*~_;8%Fbh*fYw<ub!+%~Y@U6ZR?F;|Z9L*E-H{^OB@|X7jJ=a7>R;uG0T>o<
z4Y5)N9LRS1Ihp~P@($+4)^`wMH+A@02Ok(knDV9L#@lX5T*b?9S_h4TH<-v2@6|pN
z3(c7n$&@Z(ed`^uLRW5fx)gdpMpz$O2SW%Q6l_>p2wWn3r_nKnK)50l-yGQi!_roV
zU&_ATYZTyqpFNhVnzy^Jp}7SwkD5xObR;c-hJ}Eu1>%k6MQ6|gN&*}9`L3H`>l5^W
zQ7zF-M3F@0%mc3TNceW;VO`jLXOW(F;T*`-w08Y=?6&aqJerQZW4+9<62NE)51(*l
z|NIcbuNY*ed-!}Rw+DPj^^(*#(toj?u94PLjD~pc>)g8mn6h|<J~oZ1QXs52hP@dU
z8f>O|LY+YG=w~eOgs;{4o=t-B5+&Z9*9CT+H3|oUBL**T=;@0LpcDo_a^G>J7=4&>
zj0(d-XPgOkiMWo;b(mV-T1<JEe^7T9cBpyCDNH7BEJ_0=8#azFOLu!TOj-ijlHVuq
znXv$6n=yp{H@B|YC(_iYfem(J;8wLDr43pa(f6$9qL^U4@6rEVlJ%TyjGHubm@yLZ
z<>~SV7$k&@R@pw=voLE4wyjwygG|aS_aEE7efcyjQQUyEkxT?zHxNd~Q2)LLwKM$?
zuKYRrG!KU90U)gUEMh8En^+0A_<k(=INZIi_}fQ85T{^Faus83HFZ3a4ZW}26?M6A
z)Cq^As>&t^>~Qd;sXN)dY0Dp{aa;?jx|97jG-D=V)2+JERc-^}CoK&#*&JK^c1l;W
z=BVreey2TZkcrTO(g;5+KbwF^^JF2DNX%oq6ibA_S%$n2@ZJ-fCSB?Dgq=cG?i7Y|
z#0BP~LudFh7pGvfh6c#df&g)0_uZY)`?KTuWQk|gXcr0@=+$M=N}kJ*`>><w?{%-G
zxFo;6O(fAIcqkD+UfL(fkdnZWi;2A&?}yQ%fFp^$S?tO%?7dr>YgwTvmZ;W8f(O+s
z+nkBKjeeylV`+~*iOnV7kAXpa+Nz>-V?X7G=f5qons6L?+E9R+;jNQRx>olCSgSb`
ztd}EADtJiaGt`B7t7%Buf^_W%a^IUiB8UUmU4rZ10o<vqvUJ_{?lx*`v$0E3SDTpS
zdPt@DMnb<MsSckbyF^T2+U!X&;>1wGVOj9j!Ns+%Ao-P*M|w@}%2(}o4J7z?r8H(g
zbe}(<)KR1bd!J=}qRdcB@y?F1xTv$^(Wf#j`LOhuTp<Jcd2~YqGM=ENTZKV?V@*@D
z{=$1uLZke^yWux%*7U;TJOG6AmVkWZphN^U-(C<d?fQ!TSlQsl97;y%GAAhhAo)<}
zHyM)B9x0TUbVL^`L99BfEg{8xC13HrU_eu5ybNJ!)y{Ek<o5<59u)_sE39ypvT{Ji
zcVaK+-_d8k9y0B!J79&{zr87?n_s#;SB29j>&l(!xRCsoO#?R9dA9bGD|76EmqdDk
zLp~RQjWD{dqD&#~N3AHtszSI8=<#%vC2Ng6cz>KIAY)uSD=Sv4t}3g(E{@(ANAyZc
zj75?LMMRZnm3wFEV6^QZ6QnV^lqUk0ai8W}opv{e6To8LL*1$|P3@2zuuZ88r&9zo
z=n+Pkl4i2+AH0+!Q}x<}p|cu`=arP2^7A8`;g5>-WBuE6Oyk@qOllwt&h3NXUV<e`
zTNUsyD4&G$7+uLUyq#!cp&Wyl6R|o`j4=WRopJ*xk9l<cX49NwH<D2mLr2kntR1&f
zlBzrci6|Jj1QacHEbgM%GPO`&sz-x5K11el)J2f`{>{&+V%cwr5?7on>5%g($({&)
z)Vr^hpU)Hlp;16M1Q#`R)pjy11xb%gesn<~rUVg)S0#Qa6}Eks#DX@XApmqd4ZJ6)
zRLeN*(W}!_YiIoWQa(0Zm4-~Hu}>ai2D(C~;v!M{U9O#i(G+Yl?RRYQaY=MN1V?)P
z?urJZHasiUK<c>yc9g1pUs6tGRrxv;eCPk$WP#`Wm`=3J`|3+fNV${B2fqW-wuh#h
zcTB(kn*{iHnYCyQsd#!&RA9!T^5KrEUMA3n&bN7jq;JGpMkQ67<AxZ54I`VUHDB=f
z<1P`j0Dx<oG-*5n8@(<ZJt_K_7jmOLHunf6S%BK@(db1Px;PKiOL#dd6MDyx^n3RF
zUschi2(AdzdTaY|GD=_+FIEvnzOTcS)2wzfM&>x4Fg&XW=R75a-<iF1e*Xww`Yp3v
z2nhGC6YUoDLNNr^vB0(~z4jPD9^HRye7U>~Isu_`g=)dfQ`M^YD0x~$6R=Rhn>2QW
zED_6??A;qm#OxsE(u-EM(8-)e!h}|8p{B4GCZjIex@DuLA^_U?VVRIwK^30489rXI
z_pJ@EVUJG<sl0>j7%LL-F`;#7WboZjso)%uo<WXYrR%!dF8|$MRfPzF<-F$ben<==
zKr4dqJG({M@5Ye6D0MinvpAL~;Z~8M?Is7}=yZ3Rb(;pGF6A2iO>_vCJuf9u!gBV}
zc+yae<xI*}#7|00U^v_?mYi4%@Rpsy9HEm|aycFgxCf^>QUhn4DSAt{BuEmJJ(suw
zhuswsBM=fej~Z_8QIz#Kok~iE)&VCz|NYBlHu=<PKP<>kV$UK!ie0Bu%URhgIUOE_
zs25A$*DZTx2v;H}_S;fF#}Lh@UpsImM6MY;=+7ST4f<#hv=;-+@0dy<rqj{ehh7`8
z(yvOSrns&O_5KSaV^oqaI=`Y9y_8r#9~=e!0h|dsJ`6X1n;TB0k!9E3-9O2HAVxQF
z%UaaRuPF`z0Aj+-=Ds5?duLKhPUxah{{n>qc#+qedvSDP^Qbh$Jk341jfCIvGi4qV
zjgr<}M?0>FQ_Mt!S+#T_^3HaF=+<q6mhytzNchwGnt;fUw3>tr;9kuswN=^K$*2tD
z-R#HF%`f(~bsbs@(|#B4bEQ)y2}R#ZO)(XFt5^w7yuLQ+Ytkkpa8Xz8E6n7HIIWF+
z)g{~O8Jq(;7M=$C3W$e(`FJfx#Hh@jU+$)T8~}f9rsT%r$+(P;Vn|qHrJk_K$C&hh
zNnNH?U@IgE)D2S-5qGo&h(O)h#vEk&VprKJB}mCc<}pi2XZgJZizHd8hqACOzP)-f
zcNRxJH&CwTwhPr2V19W6|1-N;$|vylP^%V2Y|mzu>vfmQGu*H4BAbyFm=$9U`WW*m
z(L#%RzD3P@8pbl$o>y?F>{d$89!N(b^a^&LP#QU(-CdvM9zvF%Y5z4R8!=kz&-1&Y
zPP;)r8OhENHH~0-aqs7uPFC_m&t)PN+D6Fh0JlBxbdtxX0kiAJ<ATWJf@=PIt;~9k
z8=t0)Lcfbbx4uAeNp!o@r#U&ZoUf)Wkj{+lSHr(cLJM=M282tMGJMKa-&$AAX)!no
zD*J&s{yAr+ELcI^Xp_#6-NyAk$!94c3xXqSF#0|RRy(>V^K{hy6RsFJ<DHL*U<+6A
zkX>oen21?==tvwnNVysOg%WNPb0h3*@fs$cEY1Cd9>y#@CV!xzyCpWu><<7g0VPs3
zjM<LBxvgOTmua30s=LEG8cNoer@nbF2e%NXe6-<uG-<IA6gzI4e38|i_M&dLbjs%8
zS!42OB6pz>=t@Js;5eusfH};Sk3^b}iCyeh;Xj9wfe47o`<d|=x3<h!N-B1EP0pe1
zES6e!a@6BG@q^RwjBeATUZ>AiL)kQ!oFBp&ipZAyc74xulPfzV8BeKT1HCBWw@feH
zPpYW;aY_(>tww{@XpbtYNaD@N7eV8REZxuk{e<DFV*;@=TNj85C@xd4nB;~blJ<wU
zZn+9W6B&DV^NOCig3&ZH3l;mwA6D~VI$hZjTi*_4g~)>E`t}LxydXlJY)KtSqNrT%
zZgUtp9ggj!f(o93>%tfuxJYK)vIbM(BZ$=^553t;wDLoea=*_4jxv)Ay`S-M!s#~{
zQB}X6Ive7>GgU1J-7B~u#h?XM3D75#EO265`U-wt-<4l)QnmZ6RPcr2x7`(<C*4ki
zDRlo&zB$h^&fNjQn^}y<&+n;klmX6lS-22wIQ%0u0gSu1-{>CzlX38O0kB()2SIep
zghxdI+uy^9ZKjTFn_7SB8#b{{W#sQgTW_YhOBRy_FZA}XAv%I3W7v{PAXH0;nDc@q
zZN4`SREC1#-lR9U(I=$Qw)9C|QPG_L5SkIDd8QBsIjGPGj74&o5!)8Eydh#=kp2{g
z@%;~gCHzxJ(N=KkAAp`BA}J%~jvr^|zV=Rt1p2$*5PI}%F4OHkF}Zp{vrd1t_}QFX
zC1Hx?i3nLBICA4hn&~`<D05d}Yakzx3ZP^nQ?FQ6Jp4H#W$KAlfD%P&zC4-IK;z-5
zSdUO=O%_qSXo#VyXGvfPIZNei2nZja@f<|V<Lscqu#*1l!t#;KkWpl&-zaXxTR{;^
zc_CyvrTl10A{zfdAX_KNm}D>mtK)ZJHfM*>w8tqAOk(@_*#L1Y!QzAMVK$B2rbC*3
z>e-Q*C~QQ}6w|I)#^xe_GiUjFOO#B}Fecj*b10izwI)bTNmXj<^C)bW4cpll(V9Sl
zd}Q0Hr3<7ZM9i;>GU+quK8Vd)jLJ<~y)Nj+45uRl276FrAXP=8lx|hnMiW6Yi;)-M
z_*n2G#mNQ6GF~Ve8<TzT52^cbhE*xbv<QQlaLf`$1WARI4|}pI0hNCM#YOWVusu9Q
zr{mYj$kz|6IEXt>%d7}$n}X^+L&fRpcb&xZYGVx-m0<C$n$$`+^_5VgJUpy@WEZ7J
zD_M^vbQ|4v@yYMgk_P}OcobRPh7sLrFntJ|y{OYzOg@sDTsiut9z3G{7J;c9b;WoZ
zTHM&W7!Pm>>e?lngF@^L9Tcp9(2$~(uNYQ5<N~yrT<~ZUMx%-BmWNDLtRq5g5e$#T
zqJBZ>(-W->bCLNB`(m8mW~F!%8Cx}MVec%%EK^+lT_FNz8Qdq++XyERlb3sEONRvu
zAJl_XoZ$#yy86M4&!XF6KAy_4jLRU)U@VIRUteigQ>@jnQ97qFIlo)%9{uGHpq^w)
zySglNKV{8naK;j-ykQ4BywZY_p{keuYakmiY~4#rDsss!Mvc0#lg*(jFCS5&u0Jan
zdyZUggh|21$zJB#Ks=GsB=!*uX(uzc)voM6g8L$pWY(akln2##NO=4mh4FEuM?Xwb
zSYiE@<c9=;z8sby7KOxij07{cDabDYiV1dK7`zx7vm%Hb;2}vfN%VoXuS}&|8=o>b
zR4q4NBpnZGw(bZdc5l=j^MbV@yu?NJ7$sTH(Jl~2C(dNgG3*6R3lGJ8#NZii(mNKQ
z(B7qt8I<=ypL$*sDn9ROKT3XdN;=lGh|3M?IuZE;D1n1DlLFIIa`$6|f(7hZh~>x+
zW1$|9V*s8lsbw-7^Djd!Lw1@QlLRjLHRH&x-==;gh#XBK!xFPoal43Gd3KC{`F-(V
z3*=E#+uD#Nj|WyDBG=7-q%Ju0ee!5}X8;|}x5Wa>-aK$t@JXxXR64z44%dH^h&M&x
zjM&8~nSLw$0A*04%S8bBze@Z8v<E4am+(C-6rNmkzkGiCKKXw~9Fit~{<y&XIQ#4I
zoyfv}5M0MK7^9=ZQ&~TSvR}@F{IYre0O&MY2DvYC{>l~=+Wb>Qk;z{#+kXTa+NOuo
z-@y;~<o-seDm^#*>3wc2A2*vGuQm{t05FNF%owe4Mv;_OQo0O0;{rXeweSHVr;^J_
z+NqugRi@ir1TBxTNulReP49bIi>TWAT5eAyg2ohPCPM?VB@oiTo|cy4$^8WQdz(Fl
zw4DKdc&1C(O|tJvew%y$5k>?Alb|k8o0v0$Kz%TkUxShg0C?Z0wEh@Z+bohC`0{@L
zTlfiiQDBja@<*tb6OFH9k?|`gX8fQ;f~wBo8Sx7#uHn+&?*aLZFZQpgJC{DtOSVpr
zFWFz-Wrp~h@A!VGr$jX+-CaS4Y8I^s^5s)lV=9Uvy}mP!br0rSy~5inM#oqc#O?Is
zP`!LIne;X71ee+p1bxSN#trL<m?xwC7%}FGM1Q^5NRrEg&P1F5RBo;52cUPj1Zmq_
zsPd{+uJU|vvLst+;&=wowr#&Hio1_eN<~KFL8$79B%@W3Sx%K$Yee=67>w-uO3h>p
zU>&6{LHumLM#t-ZN<y7mgZ80~ki&0C5e)ORCp>iXZ6p6JJq%4h#bGb_nm_1U*J7lV
zV2fNHhi&Qt5lYmjh_+MIfx1A1KLC8&qD^9gKLA@XQ=|^QE|OsZNq9I9?C!4>R4@br
zDs73uYuO)4AEDD4<K(x>S=5k!M5U-lcoKXr-`mJ{HiPgpT$e0Tn{KX*cg4QCi{%Uv
z6JI@T#Shz;s@?j#<}1(uR*VvC*+`fnF!Mk^qrivz8mEt1^MbLTLZWUIOFNM<xrE@l
zc@OPYbjz|RZ10O}cxD;SH=)+=y?@!|X@_)}<Cg+V?IallO5l(kTQtoZ%06iQ0X*_2
zpry#V%B+k}w4}7Djeg^V%h5&fK6E2QMrwif7ViWLAq4usQz~*~6>6A<2-@l|8&aBo
z>AQVe(YT_R*Fdhu`+6b}v-8G-|5yyZ_78x~@v$vCkkHZ{oqwpNLB#!nqDuzwCe}Yb
zV;3gbf@Czh5>q5t#uGFAk|OH<he;;M{O6?5t_uE7&+GBsu*J-$E4ud~E$X3{y)9*^
z+T+H>7_ax0%a-RQd&=nvc?62!ME~f3HY3c0m=Xq7_esU?%em$P5I*joQ{Zw%xnqW?
zw79#5%C=h*@OkQUuR<u0iAzYoN+*GkR)~vA$3X5womeKE=GC08V6?Cx?=;TuH9R}H
ztTlGpn%GmRyJ^Lp=u_j67ebb_SVxmnkc>271IW?2Qnd{b5P<?2-UzqJc3Sa!${qBd
zQ~sCcz5=YOtzDNC5Rj6VR*-Iy?h=rc?(ULK>F#bRLAs<%x)I4mmmn?Oc;~{c+r77*
z|3CNs=ecK%IT_!0zxR8`nD9K4xyBp;OK`a8Pw^bDPD}=m?w$6r9nI_4$xylC9h{t@
z`K>ED_$5~QR74&2FNzBrA9cJZrh$UFcRyxdlN)|Vm%YKo=CuYBT=J#G#T`D49xCl%
z<$mXm*fCSC;8Hq#f07=7EtO15NLj~dhjnfaLV<^new^Z|9DdfA(O;DE9F9L^J1-Um
zb~-)D&^CH3ZyD<v{)#*Co(a9;t1<$nMGNf1bNrZr<vrqwht3ob()7y4C4nBckU17G
zZ3fTHRRjn==NaWUNLqVGKJo0+`yiVG^}d+GFBP2(QYeX(2v>+fY5q(1Hcnoo(F~mL
zyG17Nh-Z>wuBcW}Uaxs;X&xBYri{H~pyUb>A?*GjD31km{Wg|22%VVVJ#;j6um^v=
zf`yX(aJ$nreV>jPO6Zb&va61Q{O<Ma9paOB(lu@Q56~XIqAu%#zK1~NiwtXQqt(iN
z7iM0!EtHk{Ich|WAPBqVVB$kckyN0zSP=V2pKPGGcP8xXghiK9S?v-SoCl}1ip<Cy
z+AgTXBU}lR+@D^HE8gvnGKi@XCL=z<Uz4m0uYG6^yJ?}F+i|6h7OPQG-ibq^DS%?i
zu@T<MOu199U`@weIj=NdK$$HNNa-!;CG@s6rHEVkuuY86WtJKNxOsS$JSDVps=73+
z&m~FDLLeK_{F48W<MgxAehRYX@}=&*i4N4T(r`1ZA!fGdey=$VdCpKFNE{bLVpJqx
z#md#ldK3gBN>f~HGmGa3(B~-32H{?V>Ec)nw6AAEKTa2vZpDAu)Ghd+H6JE8L$R|K
z402yblHZ3*J>j{DOg0>ysEn<uIw`T#aMzG(l`nxK%z9GcmO0^XAB4Q03_`wBzi7lN
z%#gpl?Pjzv_PB#^XtGuB<}T#P)4<VP!<NIYLJ+GoIb{}psIX$Y-uY8A-kER>Vmpa-
zRzG&Vfzn2pLA-D*(e0NB!bGh&d~hmfRz$gHJ?q%ZSVOs$Qyrpm+E8m@(8Z1G7%}2)
zup6&TZ6e>6m3AVT^im2^L<X7(Fo=DCeTC!rijNM0h3FH_UHlCY^icbxhMLb?X!u4v
zv(2rN`fo=axn7XEevn1jL36S<v<z<D{M@yL{iMdX!*dzl7w_oZ0>%?jy&Z3uo44N`
z_Ue^F^w4fAGpT54OWU>5@9NIiPczazo&U@N;ohS+vmYrKv6fm7w(cvKZzY+|gEWU;
z2Q#Twk-2unX71=)pM(n;1VNfKE;87qG6ts;`%h33v%{vb@J*27grfK4`-JhE2OG(C
zl6=v5@Yqkrs&zS;%Ra5i;zFXA4^j<DmHhz8&4-A%yNB_A#JIAC_}k~Uwjl<>OcM_1
zoa8~};w+m=(GXq*@PK7R9DLG<-J=OH0jh)6WXwKo!y!K}%jd5jSV5;x`=KT%y@z0I
zwUDqJM}@g8dcH}x??IgF-5w6z2h(vx&`8v!))ASa?MuqwU8jo^i2AP6;bZu|uUdXh
z+Y7=-U<+%)%87~meB_&(Mr+zHzSe|C?v~&Q6}QI&*Mb$u1)fw>I8#2P6}9G??=va7
zVYJFaK4P|o6H~xAc99k+P>PO!4|+-!jsd|kQ=W0q95|*qDjzw=uOe@V*WS1)dlbOz
z5rg+QB}5O>ek4LpI9rwoKH^*<P;x3ckN>@~@pE*c3YZvQzL%%4$8F_ZWn3_7)Xj`u
zu$|;SO^UD1)Dim4)~=rnqCCRN9WlZm@%A>ESB&s54-i<MRaZL^z7G=tPvKcaD6F-P
zA{MJRQirWwNG#(jM3s$s|MC$xQlY|38EL|7H!*`|BN++b$OBeKQmiZuh&{H5CO3|(
z2HQFYX~r}Yhp!Nx?L-Nu&tl$lxkG*8Z(`QU0Nt6@#`(~jviKF^hKnb!+JzWnlq)Vx
z@6((94b=0QsHQf2vT9TURyZ~UCk)o2MP&`Im6k7R@WS@;t@t|wmrI!t)VX|7>QA8-
z3GiXERY!VFEw=Elx{f`m-eI(=t9Nw3BC8XtGBT=Tz9j9VgM7v*Qo&M8e<Vzy3vJdw
z&-HK*vwO;XMr(fouPf<9a6Y1T0mqW$V_m%~=L$>$X*4_kh;#oWi)z29VLF#?!W-lu
zBOBaTQaH%EkE7PxS#Y`f#KfYB_lp#u?-UgapfmO{tkOkE(O^nqCzJWKpSay*A*$Ao
z+3`h*CSz348dyA7tjaM;Y)*908BWs-%CT<*361veCe~NSHE7<28O$Zpme6Ck&R`gX
zF}wQ`xB4UGR|tg8o~#vCUU=eS4GXFUPc6!!>k_!+5u51qF(?^%{MCIF(3=dAlRCUM
zWWhaeL{7=(4N3EzXo|3~SjHY7ahoEsF+W3AG@GINAr>1_kf|3aVy-QU*ZF#ZuP&oa
zXi~-+E*tfp587A+1aF4?ykws2aB`Tm+XDi4eT}|SbI(JpI}EC)jf*9<a~1iYy6%p*
z7G4(YU17E1n@95>5X3$=vphf)9?HDKB%yGW=!6nCv@VO*vxTPXyUhnVLdGEp=@tNg
z$F+<ql@hvH=zd9gNaVauO(Rbj3BQu|L$|x0PuY*ZglQTng+%ASTMW%A{UZOc_8Be)
zTr_c-8D18hnY@im&^D8FX_A7tLoy=068UZdKl8wS570AWuWFf6<Ha^o7VQ~P>z(0H
z%$7Cj8Z^5+Oh<n$))RcbWYcoVCGRkn69{paYawWQ0?cPkEYA=mVKKY)+&;p~CzKFT
zoSy^;L(2F($IH3f3|EF`uwkIz3!9TbEj+#vmiOSU4k;zN0>~*_Y?vGwt#jY&ydKJe
zSk|z>R&TFMBboo<3gR0QGN;E{G?K!@G>=T`37CzA<=JrvYYSaPb7liaVc}Y7pHY3D
zN^>zyfUlq$B^X*`e)(bo^UO=ed(j__!ZyWcd!!^nbSaiV`^js9*KM-Enp2mOmC)rW
zLetN~!k?0AJuIc-8x%r;6!Q;2GE7D~<Bp!XSNU=u&x`0QgrJ6D+kjZA$70O=={&0{
z?&eh;jg%_s*rF$BFLxo|6Ad@tK?#Fa4SRI?W@D4iW7sS5dQ@RBr}eYudt@KW^t`y-
z8DSo(ylq8b7aiNDGUo(k15j8IDXs<fHt2KS*s~O`hC?kP`;Pcqjr%tRumWKWq@5lw
zvCGNEhzBms#4h=$Fm|09){3SYX_8d8STeQku;FXwLPGLc34euP)48AVV6n6(m7+4>
z;#Bj)B6maqUl>M!tR?QMkA8pJ>#iJ0X7b0!Z2|^yoz^IU`zF0u2;MjRuU(JEO(CM9
z$`q_36Gi%vko-|c?%$1}Q80ekYG0AgZ>S+vJN!kVYQ=-GJ}CzJF&yy}GCrm&tffMg
z9nUs}{dmRHXGkF=PxYMaOYJCppPXsZ!x9!2WBbq99ZJ)SfeSKsWvPAmBsUyq{gxYt
zN;5+pC|swXPAaIg$vozD(-nT^9}H@_ukS?QZQ>)=?KhK;TWA8wB+=ssD}dE>@1+Cj
zDeqj%R|vTHhRAd_s^XKH<b~x3?|T=jsP7x92(O}NVRhahwnOnsmCrgb?2(lbm1&-4
zI_zI@dz<rK^LtHFL^Au0^iC1x)y=&~$|||%rG|Yop%>$M&@JO}36Ce_L=?vRRMI-C
za`H4c;Z(cDW|Z6vLISFWCiYdZTjnzM8}+akt7n!3x(1U^YM-hsz0|3uX?N5`KK}~Q
zHziE$cEkX!7i-zI>rE?$(`@so+{Ql>4^0>3%QeLxq75IreKC~AVYe}w_Z*x_XZMmk
zp-aV8uip$8nW<CN9Td8YKy2p(I{t|?(XrD8$||3%wpM^+eOjX)Iz46DArL@Sv@*)v
zN-_SY+J{UMaa=FDnj3aZrNzgb3Qt<vz^|LZFO0us_&Wmkfr)2-?Uf+?sdGXy>2IZ2
zStXtAuMp=Hzz7q1Gzdr-V1LFtkl+y};D7f}z#0!Q_t7z6(J)z185o(E`DBPmShcZ8
z$?kkx)&U9<5+35F+ExH9FfW-6nMUYQFQ~`9oSa10kxyXuyz(o=@G}Y{EJIRk2M6cn
z$+t-RjGVR77|fM>qBXe>_Bojur4eH|t=dcFaF=u)ZPLlHjhwS*K88DGBv7PNklT&6
z7x%(^scd0PCP$`|7h1{<chUfX)&n$iM%y}em$;;cQ=|yzW92)R2RgavBzIcwHHjGo
z1<kcNC8echlZM1R5Rse>X0|ml3_acy#I0<o?J(y`TaH@!7|!gWp3Xeck<2`?>dkEF
zHcg4gO(%=*AOCo8E-jrIXsThy?h0-Vj|EbSi)@D_&46r545vkUlbGHU3P+qUKhQkx
zlcVg=g#?Pw*(6Xlw@YM~`R*>G*!$dhN<wZLo0JAyr(rd8<6-&wSFcvBFD6nmtdt;g
zaiND?giSDW6r)tZnG!)RzGyR%;jBNWIp;w^MUNl__qpO#p~s6Bs)abKzM4;J2gQE^
zf;5S8^<ccTpBO|=@TcQ%%siF|ZQQML?$V=+>O@fXc&jTfS@?<cNy$a`lJpFH8k`=z
z4;|SYQHp3?m=ZR%Tgv7%GA-UBcZN?3{oJO?x<QU@la9YQ&d$`!s4RcQc*dv%g6%XB
zyg@&^H4XNJ=LVxm|E>}BC11a^{$Af+k;nb(it`T+OlM5X+#}~zu8Cu$utrhWYRLG;
zBR~TYvgSgw<>Y*`wT<&}cUdBy38pLYK|!@rgB$*+lBKB4^j8`%&}K>3Y7b$vr6I^&
zQX9j$B**5O#}|~ZC@&4JZImd<n61YDa=8@vZZn(H6yy<U_y=Qj+6xz~HzNI4VF~B>
z^aoG0R?Rbjjm1iB5G)dyF6k}N(exIIyjLLy13W4gifXoKFZ#hoffV$6=IU#M78R=r
zwc~iOfjlL`76vBtNm%zh|Jn0{@`piCOGeI^FLI*nv-v6G;?PXLW7Qvo!X~Ak%ne_R
zb|+S`CoPS;V)89(g|02Xc|fumu)1gP2x=v1wUDF)&AUxObKlg+X%cMx6A3E|f(knE
zotPMOGlNn&e0{oI{}Ff-Y5jCSDazLFq_;Qdhswi|&%(xmc3IUz+grCPiK&rlBt{0&
zYOcmRXv|F1`l}rk{hB#Xdc^0Dv(RjARd%9mrOi_lW7KFZ#VjHl>hXo%XTC@qDr);=
z9t0Ylp*0sTj=_k=*XJ5lA&(HC77}O+2B9$*0j);{S}$nsmliK>v6EdbG|*EFw6dSp
zC31$u(e6p0=rh-c`=3S4L!w=QdXqtnbtKgSyBkF@qM4Xk#2?Z(Hg&D4W+~DL7TQ1V
zY<ox*OZhdX0ew>vHRb0|ZdieS<^O<nGmH5twMz7(C0&e-T}nvKtOoh=1{=0`ZM{_I
zA7C&?j8ZXk|2g>$>&?Qw<AlSVE3@lnf-U;>nX}1DH_i#I;hO!@lQYMnmW)#COgOkr
zsQOnWuc`Cz{<}tjLw0(rkjQKhsPQSFGG43YiXJn6!v#oh&eAspiSKz50`(nRV$XNv
zoVG*&jku^m+|!kFUFZ&Q>AzO<J1wW=-dkyJGPo&jyPS$mKiyxNuedSg7>Q(VrZK}}
z4Z-US)9otPQ!X!3p7<wVQXo?HUdOu~)*lfG3x|e5S-b4LOc9wWlU_bv8W?|87Si(%
z#@_<|Wf8_ACoN^Ob3fvvZ>l|~(X`4*Twy$H_GpF)*p7G41sm!dpL}X?qUNhQws<}c
zSJmo>>yp}3y6`6^led^9FF#oie-CdoEu&s0(<l9xz#j^K7~;0=icsd4&*J*ww1v{I
zZ^i%4`J-Nuu>*;mPp2&tAuB}m$!iM*ye4O}M<K`K8M-=gLFX;JIC;@@E*LH))N|N=
z9`jZlnnS$zh~}U?wb=ZxHnm)@jhh+2P^{{2cap!+|Hv7_Syh@FzjUB~&vK!zg?ue_
zHbtUuT6{_!H^&g|D@4Zjerovk-UZo7M%b`e<HWJLQa%0M>&AJzrc{pyy!9|Q%~r_g
zW6h@*BW`+&i}ZsF5-*L^1cK?M$cT1&s@Ukn{DSH@g}BmUM8GGFKcmr_KO>R!2vOCQ
zrHk-dO~G>0h?COJ+F|bY%9o|<4;06TPF6#?->xtB-(%sH9j;ftFdvsgc4jvP6;zuR
zCl?wP{K|OKop_u+s6eJJ<o92&s!g--c9BpjUkI_TJYoEm&X3?MV^Ugv`lg$*2N#}`
z8h#~hlR9Q)@1|6@X&tZ{5dXgd*gT#s<37toxu|Az(oM2f3L-B$gfd*R=JRU`Xg5QC
zWuy>N7;<k0GnKfcI{uCW4kxGD!|$mnAm-?jB$XRScX0o;9GLnzxbaOZ#+Bdk>$89j
zrE@OxE7bE@=}$y=JwR@Y+rw=cHh3AI=-C1s`SQ*YxA^x_d=f5A)Ly-dpfgiGSWE1j
zNiic-ABm4zOPAs~VOkpi7GGZFr^aS;ASYj2$ZF|bF<J~5TK0T=CV$eu4rl0b|1xk4
zSaQ(0k+U9_w?|7ACD09CON)j0%FC8<y>}|<X+zC6ZGXyJ;T~tkAo0P;U7?|DN82^Y
zE|N=up@A!4(w%2a*YJCkw2m9uFL^r&L-z)*C{NMe-pCy~IojRzjBKtVLcNK`q6c*-
zdm0{WU8O(qfOp%aIEe7$HE*_dFj|tX4U;}dNNI0)E&u(ptuAO(CTKQ0ozroW%8isO
zi-6J=mVF3EXPWNNPe6xuY!3DVm2ok0w3zf?GQNd)H%|FdW7#V<wm;<@R5glB`$^-k
zqMN=L$WgW#tMtW4`=RE;F~E#?{f-J<6-JuGcu5KJN525fWNUUoMU^Us!Gi|L{jBk3
zG!rV|V#S}utbghKiTwB2Tyio;tD7j`37!KD0(c^afxQcJ=XQ)Z@CXkHg$7L`8zrX`
zow)>qO3J{<$1jsrP7Lg)j;?KE>s7&|`^8(}`@=i}FT_=ifvZMIUA$@Scs$F{LDx2i
zaM+Yx2;Q3VLfEG;LbiC8ye((_w|**y`Ns_*EWl)Um4X#TmE5a}L0L1$c+<oe@#2$e
zwUtr;_}w9Yx1tv~2RXJJvB0|E(?njau~MO}==PL8H%KmFHAt2|Hb_>O*rOR|D5M#c
z22=ot--S|YdWtATos(TDJNJ}bxU}lcR=BiMgjkt<caE)#{Hdm`YuUzw^lc7NiegXu
zPM;EPvY3&TkL=u(mw!Y!5KxCpYh=BjB#i3asIql=^xg4I>MO(#*Uw7b6hH;a9Dh?H
z?R~Pfyt~_%h8bCK1w#TafSP~hI+pyoBW56`p1%9&;o)!7mU6T+kW4)4gSdKsop{EV
zIXG|JLBKM56^!m8)C*0<-6_JCB@H--Um+&#Ycoe{*5}g9?(3d^dSRwk2$J4!P$g|a
z!k5Mtpo+|Ht{GR@f3eo-8XnhOR_#9tHI1*1Xl!9koB6KwKTt&IqIFnMZmD?^>RhD-
z>~$Eyd+n$e%t?QKYJsUW)_KUGxFi>wtx<z+$`s@2zsVxr#gtW_P@r`|5R!tqH~&bX
zfxSv^Fzb3!BNSL`bgO<=7UVhHU|cld5~}1f67eMDR15zr1gyr<+5R_aOji$gkX)4T
z#u=7tKli8fgJEZ*#>#n>Jvxc@CYABr=aY-d7fA-wZ*L^akD0p1`ibOe-2X5+?36-U
zazcJWZq16iuMm~rNPVX_1OEv72fxX)67%$uXFKMKD$Q5VBa5*`7Uz>Q_?XKNwI#zp
zMhm+L?4~{>!+(bsHVs&TUDrZjUf)$u*N%{$Ll$FCsMVMVJ6gC>6hHuDf2erq>qY%W
zg%n)PstCJQ5}05K4!^CYqa^qXu;|6K2%9O{gP&^ZCS_~@2e55|TNJLe1||S43csza
zC)Bou2~7CjWS}X)5o`uK4}3$fPHw*8k<MzVIAphLA+ox0%MkW7Sab1|j`>`=-8d}0
zao~=5oshI~{f)%Uo7a1!bfRgLcXZAZeA7R0bdy0bq6KnJ&lp|3puVJM9=&j#E+lK_
zwdGtn{TG>y+*`ThoOkCy?EKNA^$SmF*AEF98`s=>0-BzAN2g5)&Q}UqdpU7dG&%|B
zUAQ*?sZ3-8)V=s2;gh)sGJ=QV@6FY*jz2yFLLD8$IAW6j@*~~n>WN5;YuwwgoMhZD
zqRKQ9A6lh9BNbzi4WPgqYdrhOsS&`qOWw;;azcyC_Cneg%(?Y{4*(a~6c>7cNFmS<
znLjDf7P6Pl&qGeuN3?ju6eAYx3i9@c3ujVb_a^n|6Rh7~I;O%+a}G$OFMa65);Q#n
z$M%}KA;8`l&T4jdD77@lZqW#B)@X;@nRk;$3F+A1WYMbO2|hobZmKKOymnwZcSItp
ziT&JS>5h50_0ILBcGJbS!ND#LuNCDBDH)#upMe0~JQKL2Unk^M`fD++9`#Er;=|u1
z65GijxFp1h3j7|f-z3?aruix=g|~9K&*J`XvYAiJt`FyXIWr78=6l&Hq_$(g#eW(+
zGnWWW(eA-bzQ6MR;B&^!feA|aDGjnez<(N?^QDyUFJCTRFKA@df$x-63BxJ(buZ>T
zhMO2?IsG~7;$Ww#6dc`@c`e<D8n&vGfLou2L-hHfZm5=8Dd;p6c8VUOI?vQz*R3xB
zvFv%)KI56S$Ltxe<D_wk1@><J&ZEP%PMqc%t;&N`q8c8Qx#MZ-+kX?{Zs+A9^u?3g
zS9x0Ha52OO`Wn4wW<W+L>C+qO%!ESDzuLo<bnE#62{#9S0W<eKh%*1``3IS<CCJGm
z2Z+p7@*%#|^7${7Y3WCm9QD9Ut$h3OP->6-G{&{JX?6a<%9*V(W&VE%_zH1U3Oo)m
z-F9d~12g8JfQfUk-#auhVKMHbp#vS7d_a$;3^6N~_8n3ZvWNVF-yVa2CntDdQwKGO
z*nuDxCdSjJK`4q2*gFo->8A$*H7@LccWq<40z;kS9pXu#6NBx~!3gRqiJ5V8^%mlF
zv;Md$3;FM<5i7SPW=8I#H!w2_k|hAEzRm6m!W2&y^3$7DI6c}i6ox4o99fDQuJgym
zxlGlLO9D+JxVlhyD`Dx&^j&jsF<Cm2_=^A?jgNF3+=E;>NCA)GV*^Jcqev0W5+-Q-
z&5zKC6|?u|19RXE4JrBi3t7s`Pe~&2OBEwIHDY=Qih6S3Hby>0wA3NJ?i}ypGjwo>
z<aD8ke4vsDI7S_~hgO+<I2%G=wQXN|fu@7`Yz%c{A0&ZtBVN`ay_$2W0vvn94oAYo
zKqu|9d+q}tySisrh}krYi5(g!A~{uJm$eDLLf};*vY%`@K14SbtW9`XvaT`Ikmks-
zYoDbawF;t-QDmU)rcI2?Z+*s-!bqDKKOkZFs1h9%WZqG&tM(_5OuQ!25BB8ZVA?qT
z!~GqgjuIIkoNf;RMg_HW7A^0(*RRKI8>j2J6?lqs(_W9bjyjjSaAdBaG&pv#YB!i3
zdxj`Cq)ya*a$&Xy#$>9Ner)J!e+EY!)>eds))*tSFD6?*!qp{5q+LhnTJmqF*JEqp
zU7*TeRZ59Exk-f8kaBvum9CV-WYI&O-SD_)?LZTC#%X$02T3xtr?)3QXpOBWxKWm~
zmg*Pnej26tnFy;khW*qmYsaj#JPWa@+A~gigCe)3o_?KX1@{&2LCRpr$T$j)`%E)q
zAylVQ_LXW|+xo{HoE;QF&$9#I1-bnV*VdKu<k?~A{<;)UR>&7sa6#!ctq8*K@AS1N
z=LuKC!s_%Z*D+VVHB2d!ja5!)XhRTn+osB@0R#T+fJoORm_#6+jfM6N{NerC;HXTj
zjmx}Kvh0bu8E{?CEo-AAtRRu)(zZVDUsmo&Qb0P?TM%Jn>XNnG7M`CVbR6)q30Vi-
zQBXlhBjLU)r|b)KEd3WkL20ZGvwMOHq6MZ|ZOiHTCk|N!4+nY*5r}L}+q&od^CJ|-
zh5b7Jls|CHEF#tDF%7J&FwF){r{~v}0TJ6<;hbroO#>V1@c@}xz!97uSxH*-P*S`Q
zQT!*FogHBX@uVn4Y@TC7EPRG&yeyjS<oq&+yaGC!$D2WR(#o38k63-hdy!?a9MomE
z0lK;}&{hZgZi1mBRw0c!WLX^>X@%PhFw}qH8&b!rW5W4i9BmVjslAmc0L!Rfewe`G
zSsiPC*LfqqnMSwck-i=Uw>@9Q)f78;VU{jLROz|REB&&^=fvtdU}M)A)no80MA<d>
zFewVC<%B4&Zk7L%?WX<clq--I*a&UvTl~T$%INF?@ij2yUFTpu{V80tWUg>*enlLX
zTvnfg%CitkSpzDXZ_xetta4qfkQ3?afc`Pwixyz2%amJ_;0E>{ppua9PI`R_Ryjt=
z(P~M5-Dhsm`sm+Jw&m|3pOIb*XH3dm2;UUHJ+mdgRQrFmFAMR~0@sKiyo-yksF+Yx
z?dw-jF{7q6Feobe??5loo;m9flZ=~J+TDgLj~T_(H2k+^{&oG3bsZ0ZF_!C*o_A}@
zC26kk`h8Rs-$HVw&4Mj!Gdg60_eHg=@tJZEg(UED#nZPat&m>n<8sAZ{ElJjk>U}V
zLZrB<2p<(GIml#2%Wn}0cPbVq)c+!K3(1aoZ6~(esi>2KconD`cB}q7u4<UEUdbw^
zCxn|>I{$^;SBUi~2ZxK=26uJw=9aF~bre-k72dQ&$EC-qYT0(j@i?D0<}*H54c~XC
zaYl0;akh2Q+7DxEC^#D`xPdsE<nlT4#aRj^SSg+|>{J(#Gjw_N5nHqrI*KD!8`#LW
z2y)&XRe&)@j8)4H0$B2FtFD*+W>ww41G7~;<?O}P(w6iVMLp0j^u{TBL$4=fKBPb9
zBQTiUq-jp6%U<aVTvy#H(d*~hZG(*(Ih4h{<8v!@lXa`nlY(3LLmG2^l+T!Uv1{n9
zV=&)7@SEE1(Le(+5sp8KiK@r`Qh44zkuf1{e-k3PFZ!`N3cCqAfg%^!U3Ap7zBF{R
zbP*-&We=~P(qTX`Z&CWzHCEDcL~aBry$d~^w8RbLn^Su&+;Oc|B0S&^36I>Gm_lt}
zVE%f{=w4Hu8a3E1Dvpb*sHj#{?CS%m{D5LBvRYX9r*PFCzeDKp&G<bL94l{%QC?TA
z*cT(4&TmcgOT8ae$ZI8QZ*#P~;$az)*>fK(X0<RWG?P+OHJu(+oJg*&8h`hu_<t`b
zd*Z-m)H&vseI_ucmDQ=DT=<w}qbE=e(?GYV=tW#`MY*CPRUa6q{s~f0AdgFH$21^J
zdupfqcjsUEu@`pR=7<0_MH{v!K(b6~{FjP<1W{@5IC%}^J7w;_BYJ#u-_zA)^6KN|
zwAC`bgr}Y6{<+tNRW~cj3X!AizLd<q;EE}a>;)3Hjx)x1T6{;-b<ko$OF5>qZ=%Lx
zTtxX&(5EP`<ouq2eFCS;2ia8njg~fpVm?(uE5vjkZ_uuHwzLi<_Dos=o4^ky-D_~U
zEf2<cL*3^@J6Q!gQNr@iMK^Fm_?8cz)5$kD3X(;<ysy6z$_JWPdT9+S#~*HJ>n*m$
zP}!m{oA~Y(T0jMplYY|NZX!m2)t87pD^*}USS?qnE8z{R-H>@+25#E3wahEM-Ax|K
z0>Z~`7NUK;z?>xfV}yt7L~k!`{+-r*$-Ydo)lpAWz~~r#w%6+iww1^+e`S~)iZI4t
zlVh4X1!iyjitr=$!M?3;0+{#=+Az3-7N_#y_o`ayq(zb}Try{q#>&y}ar9_u401!O
z%H!jiK6a@p_e<cK{1&P%kDp+g?ow0kH^a5iqb)Lc7y3U96^O{T5^H_$bp=LEK*1uw
zeIGXgEYyKU5|s%pi_R#gvjlw6;FpQcDt`|{OzPD(@`Xv;rb58hTlf3d4WQTcx+aL&
z9$r=#$KX*Ip17VgJB`Wuqp-U)DnJ?SKzStMOF7cZSIYigx@ZT8sO^+A0v`Ojc(8$b
zsZbrH_`VY)&}TnjoOOs>vag$W2Sc9(YWri@KuO1MT*e!y4zg7&5`Q^m-z)D9a!%iP
zl5lH8)DKc%Vf;^zA_zCTGp<UF(>?E=1PWdomM=1$DRNarcSqRk4fFbePgfz%LP8aB
zy?#o1<515DiD`<Awx%r4gYu<0<%2#6LhkX1YyI+d0L;D^)N8LV?_l~Cexp<+4Gt%{
zsk|iu8r}6xS<Y9~V2N^gXzL6S-c{LGTcY!iJM8T;i2~mQlShnk%L`-tE(sCeI)#2q
z5y>9&6>8!DHW?+Yc+e%9Ye6WLxizf6tJQm0cb}|qG#j43Q=eT8Isl<v-Sfp=n~zR#
z*1<L*%a6vPVaIfOqXZawwOblG|0hn?4uTKXmj^$$2(v^p4d1x^OywRw4zQ#t@n*6y
z9WoSiAZ6x|xqX)iwaRMGk^jKf>NHo1;ADF5Y)j0#Ewy?R$CDA2m$-y+RnAWWN}G9Q
z{j&E~zg?jYaD_Nm!e#_!=>0#XKK<jPA~7hvd>Soy<@&q}fzB^}AxntZZCLcaV5k|j
zoNS*klM?f9pc{$qfaM=F6_l&L#{llLze`o{p2PQP>Sd#o>J_t(KewyN!|Mg-r+FN2
zhvJXcC0uNZ@>4hV{ww6g(+TmR^rQ6`>>uY-H>{qsM!zfohuF)f(QW`DD=M<=qk!i-
zQeaaQlg7RABV@A|gN?AM6U^Dn<4_v~qPi-w{(Bl`57%EjjeN;Xe`Ff|6{6RHXXGZY
zYUaylQ()F#_cZU=NqYDA)TQV}`sma}0};@<CqL~<q@=e)wCO6Xx4G?}eJyRW?XD3~
z<@t7pJEE}sB;uGmul)F%&IwORyf#LWNACo${uWV%eFTW3dpk|<<azleh4OXG4+o<c
zw<sA{S7OG>3Q(iBXlf}xwri?Bx#=GNcrr7yOG_$?OJg+Y-R17|pUOIr&RkP0u8R}u
zsu!j~zcqLA`7rN3mK6xTFO%hW|8b`9zbK$m-4Y)zD*S8iuO(^q?}a6OR?WhI(w0KE
zkwoxfActv9#NcDNHIZ?=Ng9+T@q`)3y$usFgpk}~ptOIG{xAa}xaFaYVZR0b>^4V=
z7wpeAbS?{MN<92D&69ra>;4`G=V0$}b>RFZh;8z<A=WK{75h3yx=p84)m#X25?++a
zSNj8Bxa-6lugM9=U3nOzeBj+_dBtSbN(nRmSdUGB1CMdny$A9GEWQy6vWW{gSDEyV
zjO+bX?(91^Zb=z*uH+X-NNqjNcILwrvJr!(%v5(6Hv8om9zx=XDt?MZ^1Ts5dT09#
zFDDmSMke;yJ|D7{U%=fuqv5uhsV83{cqE4txMSR1?&#=q)ju)HG~_yWh{)q^8IEE8
zG_1d%>6NI0LI?iEwLKB(*<uvw0pXMBn}<bJ0L5D~G^&Cb{_kK|RFX(fPxfDkw=ohV
zpGGosuZr>hS0oMm0}Uh%#7qXi5B1mrp8?B`?hg}LPT;c{!^A%w2x*@+5Rm`E{T3Ff
zVrSKBr{0~weS2r+u5f2(q9z%-kun%*dDNSVan~dmNI_DJT;ZXT6c0bQ4k<kkB^gI{
zCXe1CfgUjAs@uu#t>SjxiP`9lQn}}NU`7{qPAAAsoL2fm{v8`nV=yUXB*#)Iw<+GE
zGLuvucauTXei_v_RB1$kxcV4gbYzMuv0wO-QhP<OgeV|!kd1?$psz6#s-KLkP7^ks
z^d7DD6a{devnGgKCDdz&I$!;|sUPO4(y3C(MKxFV6@Hf%dB`RJ60gkGjeO^ClP|H$
qR|wyIg{A!CJY<!;;NK)D&$KPNP!PdJ4Z{C|gsA)#VuSZ9=>Gs6U19qG

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/driver-pros-cons.png b/docs/userguide/storagedriver/images/driver-pros-cons.png
new file mode 100644
index 0000000000000000000000000000000000000000..6a13f3343cfaa3361b46da2df241af568c6fd175
GIT binary patch
literal 105762
zcmeF3WmH^Uv*&TwKtiL9OK=i2xCeJafChrQJB_<ra1Bkc;O_1gEVx5(cc12Y?_Kx3
zbJu*IHETW~=d5NQ_CB?%>eRn}Crn8}3KNY84F(1V^Ru+L3JeSq7zPIJ3<U{#CUws6
z5c&hwQAJ7=rfiI44|;%LDk3ie15+7;{%C**Jw~;Y)^db_!RmVbf_+Ob;|o3c#!2Ff
zld7$WldFM)F^rUhv9XP#nXMB@9R>O)FCm}BMbz9thpng$_`QuUdLd60w&6oW{Nz6j
zl<}218gc+&@dSWK*lc@>xV>yyxMmc4xS6nHLPPFs&YeWrk6Geg#&A(_L_~aiC1uz+
zb&>T7GOUNY@%o=Dyqw@B(<W1oKNn9UQ;M3lGqo-1Q%`NWw%^qxlmc-?Q7HcF8ziU5
z@Xvo8{_`8eH+LfBfBP6p&i@Uk=!?Sjy8@^6pZ^3{-1j|M*xZTKww=d<u1PqMKaUk^
z{!j~<<SUll<SW)2ZnC(=y_(M9x*C}{6rLxi7Si_-Mu9y<N1>qh83++{?|-~2_PTef
z1t06wx;}Zdk}OpBlh6bj1;l$?sdZzKs^zihs#SYGsim)Xt4D|gK!>UL`G{U?wFy^i
zF>Gp~y=~G;!qYHLLIZJ8DS(t&Xf0^e+Ds}qTg~f|`b-PY)Q;N!HM1Aa!!GLd3l*2s
zs#lECYtt<KwU+LY>zf>|-OQ<`>1v*%$H4(>91z>(`vgmYP{B$b82d;;40f3DgSVJU
zWUx58Ju7zDmZ?t0iC64EnLhiYJ)^9tR~jXnx~4QEQfqglZSgmGylAw!jolNKBFq<e
zH}Y6Wv%p0_kvIsAln5+M5>XFSBk*ZRXFWoc(@Nmm-)qay_4zD0PYyZ#_a#xwZm~T3
zR(rS+VSY#f5vFHmRPE<~a@wWx;j(&>c>;I35qY9~j;oW8QK3?7DO!_y{=F;qt>y8^
zo6|x$znDilj^62Xdu|F$T%t^RkS?$%0=<Hr!GA3}O0(k1<N5IZg>v3>Za7+X2#yMh
zJ_H*>=!o)&8$<B!FPL+?JIrELq{)Grnv`u4IXK%pbBxUs4VwrYio|+M0IpcHiu(qu
z7ppr_<To#aIfO*f3;O^silVP4j6!iI1^{zl2xjX##m!R&;#0CclGyjYHDTn`KXtcw
z7BGpxd4t6En6czuIRBo>?2=-Evp<LT?W0OHN+*F)wW4)=)d9@wi17b5ViTA{rwPn&
zh9h;0qq3&oqj)l3t?F`xlx&0D3dVz;e8T}ab3BR-L)_ahjn+!|iblH{#Ol)4KtNZx
z8W-_?CJSHZNR<nPfn^SeBMS2XCyFu%oZL$&!6NzXc>8-zOnN=w`tfccZvS`Inq<0|
zI`S2X;791Nf@XT-UUuz#c6QnGsyx4URfkinY=CsD%npAv$y8!|T4$~9LaIch&pMxd
zap2|%a73k_V=b~<%!lyR8y)gr7l6-mwp??S|G8oQe7vjH_8$w;4vejs*J#vgy}5F#
zR{v*Q!gl`KZW;!D+Fx@e?Ud+nP*dCp{5MnlF6a(5L0WMXhIfDDQ*xx95DcL9mWo3`
zt@>zrhwd@0ND-Gbu@gp@r9?wRQ@LF`3;G}x|G{Jg0G2=aQ#un*BRjIPwPfE<`uSu>
zPP58*rda*&klRm%%wow%K<*U%PSW@9dte@o-H}y~SUt->Z@7+2RcvjqU)G?z7UK5r
z2DCtTk|LCy=Y_%`dTqT_Sl9YgH!m}mcFxK(6cWo+;W(~Qd;XAbQo<%ZynE3BkDa2F
z=<~P<q)jAYud!NgQa@U1RE7Fkvk6K(mHjD2A<kSkkjEYk-g!UwYL9EI^x|i_Oo(JO
zNl}*1vwNoGdP#ZP<bxf?j@5isF9`$xPunG1(b^c<g;`DYZtYzf`tgk4U-ar9f0>vl
z8k{~Ny<F+08&jdwkx<A<_uh@x^5<j^n9czM$K$8c_nZ3DVnzMHA_hu@<5>oj;KQ2d
zyQdc!X+DI#gy90yKcjN(G_up?>gxNq=2IhCOLlWK$-7Sa6p*^pr;G7)C5I$y9evS2
zd~WckjGxbs34|VlZ-M1L{efr!iBW<8V|e&b%t#7Qo{2**=d4a1tz1g19pOi_SYB;&
zsxg{4<cJ`2f;0gc+u=r(dW#vElYZW8pXWv_0!qhWbjvSaQ)(=~d=u?72jw(9DZ1X4
zpDZvDi&SjWlco+KDFH;Z5>NU<MGNeg3rV&-g*u<fy=3H<hoLj_h0Z88>?Lt5>YztZ
z&5mV`bsU3-6{x@Z6>#eQLBRiVaB*jhGj~L(pk_MIf68@*-}(G}yZ8x{J4K*qDo6Jd
z-g_@4GJ1kU?689V597O4oqW3CxfzW7f_AQkGfCre^dBP0ZbMRjEQ4q<vVYp}I>z6B
zK4JemvIG~<Ve5TK;Cyn&+B4}k+o(Ft8Sq@#R41^KA%T`^f~lRRbbRa5Z-Mt7L&ZDX
z=W0e%p5EdMuE|)2x#(SIeln=IFPb#nt}>P1-C<<S@p3}SviqG*<6t97`IkyjVqg77
z-u=S7%f=uS+DPhJ<OYmWbmP2Rz)WS^{vSy6{%TX%yqLv@Lu?cZ=o%auLxasX;Cr4<
zZ~hN!^9J*T@-yA7Dw@yn3y9g=Q&iH~k*KQ|xb#cu*nk|FW@pvXG5)DTnw%%+**yo5
zyI8k{D5AH_>CaE2S<?)`4#5%J?fU+Aa+76RQh4D7BFn-1h3|xv0%F>PiG3VUF%*-t
zz0&uWnnElla~kJM)P^VPiXYa&)1i3Yme)A(WOip7(h#G|PBTF26cUx5_tSyi0o(23
z>a&Sx(4e+$tFfqzz~yhTV$0bwlae$p>jg7-C3pA6gEP@w9MB4KeG$RKK8`^=pU8fC
zcxKnPmDs{zykD(f4E`F-RmGIyqCj1wH2yVWBQnz4#}He=`mdkktZg14D&OT6$+RVz
zmP$eM4SGj{U-B`9XP<IlF@<^vyjJ95$e*m*h`@Dn=|8cKR!X})|CG&GzA>&pdsDq?
z9PV2c0{p{rs4$<Qh3L)F5lXzpJTZ_y^p^2*q14J>1!J280ybUPrSfXG47fiM3h7Pq
zfqKY$lZV-RK%@`=HxZpJ966ZI_mW&UzArgRZqkt~A8zA2t{4e}c%W5neTDSkZomXT
z$M|Rv0jSX9=D1X<7bY@ZtI8-0x(jSu&Vo@HW?I~jL2Xr?S#WNyCyPJ6iXX9|j`_iy
zfP%=0A!%HgKlJv87NU-;T`VNVI$T{-1t47A|8l@vSqk}sFWuFcf8P?e>DTYy{V7X%
zLlg}3_LYe5+!?(@nWO_k6O6#~2m#AKg}m}<g|0F((?bX4+@7enPPcZtEGPBWme*=i
zg{pL|Wvf4<Km>U41>)`xIi9Y%TtI9RvulU~d!i#WEuc-zfJeSbRdVTEqQ!nZAhO1Q
zTgE;qnVtW8X(Kds07kwkZXa!Cv>E&E+Mf3F`TW{;8f+WQ<@q?3E1}kpdB|3@Oj7)w
z$#s^&d_vFr&KOU{V)u8hM-;A57dmT;zGzU$$Sl0e;hcf!f8>QKo?ogTVw;?l^U2QO
zX~|}#%TZr5NMC@~+OhS(M7J{!fmQj^ue#&sF)LhAVf{R8oo0cT#|u6TF>IYozwDRC
z9S_VcHwuUAdDHY*71w3w<S|y%Y~m&^C0T`-CdixQcT@M8ins2cAMQO~^nAV?$-o)#
z0%y@u^xv`2Rg7oFx-8F+I%Rm%=JY<j$)}@FX~Dm#-wZfl_NLInE3%Zkf4}H`0Jk0K
zs8m<DqgC)ROn0XRslRf(j9>u$7|~s>M?iq6S2u+1nnv_|jWezkLTYZ;&D@GY6+=1Y
zfPJfg{AIZDi&Bz*#({cLQDThlGtANNHnQ0Ta}@sp#C_lzXtGU0!%7JlFU2%C8U6Tk
z!4@G-nf#2-A!@T<La)-_8~09<S0<H@U^)V?{s5=1%?Mojh>Te3Nh0>>K>BA+!AYKy
znhc_OZdlNtL|DH$c%PedBs$g$j-yKqfhce3obNmH;}%V)X3}N^T*p{15!@xT!9{42
z2p^{wlA<|`tKHi&5PXUWWmVP-y;aI~@UG%u&`{!b;dL8y6C5hSf!N~mHm!wP%*R?*
zxD5h@8|RF_%k@nfj3vQa>_zXIWy6;4{~17zb*P&P<PdIZxhL+_GI7wYdLEU$N1RSb
z$T^ao^xKq9AAtQMvH)3q7^-HBZvI|MB9)3Vd6IvA$h1ZT=}%Jc*_n|FZ`mM%OdX_Z
zPp&)rG-?dJjnE{9jn~Y;76%<#CJf3b5q5h&kU4mBXtB6NXLHFn_xM}>>U{flL0vO%
zEOT_i&5mTpz#B-%jD-DXRz}BW*w^`BWS*1vFkV&-8UZ)PjvU4X{+c<&V(aW|uarPz
z0yTg1!*DC&Jl!lg7DGTnGVAPvZ_iO(`6#0DjT+2i)mj7I)+`JB68fUeb|yy8_Al(f
zN^IwC#C<a3u=C^toMTQ)4LKI-s1!Y9ede8SB8{jHEF1Vr3UkQ=%p{XBj)(U$1sVA(
zYe-}05ab<d8BOaS-%ecc!jV}fSPr-~mc6gHQqn&%&GnJ+gEAH`9In!VPZG<X&*+tw
z&|58T^9RdvK@gwY>NPN*xGSIRHy+?7)eJmJd@&^6JBPbVyhNwRJH&H!8#vM3Q3&ge
zf!ZNl|Mv5j*ML?Z09b~AS|+oZeB!ZtHWBtZuB4M8xObvi+MI$*8E<1UBKUf)R9?P3
z6lo@g^~6cHSrBt(|B64|h+s`qnyyXPZ+3gwFDaj1YIJmN_+4><py}KljHz0pQOe;d
z4OlaVL&^Y+9#|yfo<8Y()!a)4wMZivn{4&Mve4n^-L<_Z1#TQEeU<9xbydQ1{P{_G
zeA+we>IzQB3KCD&@@s7yJ|Sh}Svq11n|0^|64%(Atb6WcnL+KRgdFFIC4A!$Nt&jt
zasFTT68Cc^Gxj+n?6~Y3BCRN=sxh7-WUc!|4=4OT4VIiy3|E<rF-Nn~64M6bXrdI1
z+83#Zlu(%XN=-a)CCL&7Yl!2?xK)^e&5ybC!k=o&`)dow)j;tQEJ`m8+zW|`-vNyX
zMN~_Q_lZLR6Ax5JHfWJ*4^iSA;dLi{L()rYT~saKC0f&@E^6$w4KN852nNXRB`#xj
z>GH`CymX_%ddJ~6j6oi5+$vHHV=iHVY}e~4+O6;d5s%38M~eGo)}5u<NiP1k+kC$&
zqn=6+H2b#+!jSdGWqDDgv5oM<*|vI*c(w$U1q15P_vnIaiii&asG}%%%s$bhmv7pD
z5v6O#4nO8%K%O?+TD7MqYzmF=yL96ooBS?^1oT2PvZ4R3EkAtDi7@Znc_fEa`?}io
zd1@}vK-6Q1^uP8ogLJJeYIu!x4`XPgu?)l0(!IqjdpGHe@qp_4aU7VZ^y-l<zO9Lv
zb!7WIJz*icqe+=+?yGB>J>mAqnlKXmqy8DE-w!KK+n`LB9-&6X7OPyr?fL7rZO<zr
z$i*SX77+yb1zj3=|2~mwA$QUF`h(sNQyZc2^ahQ4X{Jd@9M+-nK5w$XO6e_$j@sC_
ztW>H>gbCL{o8B*<A~N~pDZv{}&R?}ySSt5F+Wev$6f&RZ(Co&JZic1tDJT4JS?eq-
zd&SRky+o6Oj`HB*bC*AlhmC(GP@teL?{UT9nP@SW8?f)SlWE`QFK*>=t<@?CT8bo+
zmtW$sA*Km*fu>}$E=|NWmIbp7NWs1?d6K<D!Wd*ZAe1R&a_=nyW8aTCEm#^F`$tvn
z&z!lHU8qAC_PK&E8(sch`oR66(#VRFK#7PNxtvGDK<!NTpZf{^EENjkWEqEFDum19
z-m$_PF0L!na8EKrRL8zEYVJF0%d+l@8yW3%1$pQ$nlIM0qB7KaKWKVj_CA*@l9t~)
z^NA4~uEAl+_O_9F5IdggeAtb-*C7TVjvd<<y(VBQNe5{k&B|^l6bfM1@|>&XrHk}3
zE`bYX37AHLRFL7}SbL{M;QrNL-PK)AGqv_6pFk1BJ8P}4N8vaIhZh_=1Dq*Rs29UI
zUe~~-l6r%TbIa2&s$@r|i(CRS<(UJ|R8(h86OC8w9<9zdHy+I7U}@yZfC)XgbLYo6
z_-P*u@MLZD))IPjyNq58AMzJE$MTR{@9CogKCF@T%W;~RR4VGbgpz>vrz2ZhwW9_3
zhV3M6Iq4$P(QNZv_HR8X&ZC?&?{op)`XfXiOfaH^DC~_3cD1_`ogdWuxm_(*$K^rG
zxpa}%R$1%0J$^!Fa!ibK2_x58x<_<G;dOV~*u@l%jNi@-m}fVP$tPr~KsKjJtY@yN
zjjH{~ryTfO>(Ac@A`p*5Zez(Hi0EEFs1#a^_`jm-y?gvEc>X5ULN{lma;?`&XKR~q
zn0Qs<X>DU0*EqVWA5z6b>kt?go_t&wy~;r6Hs9w>&JlbND+s~689_*Rko=CJ1jjQK
z;WU8Gxd3}jwF+a&OMt$h%rVITgx!XbfE}wHmd3A~b-v<?zJtAyTp+vi$c`oe2l=up
z+LPRLvG2hzw6%%du){cPtJVFSw9WYic@cfe^NQ8%@oVuM?5?rRs|ww;(L>!7r1#lc
z@BBU^ley4wv`oC;lK1#qk?#Pu|M<}>hVS4Btraupqi81FK+81zy8+gHq@1#hZRT^h
z=c^~bl$IameqOm)cH_vpI)JE8bxm22%(bRnAI&hE>LN;WQ6ll5)Id{G4b~*R`c29N
zuA(}0*dgXEWOp&Lqc(u`6T_5LBWXW4Gkn@<Uk)dT^f-V&mq{r^ALM?y0{*JT2xsj*
z-*~?QsEuVfj;b-PalF*5<ELsL*i?>t;UyOQAnxZSO)RYSnOC^%H+Rjiot3)t&kCx0
z+TLf%AH5-pu@45F_H+XT#|cF*+N?jVf7x);)&3guY#RTfbO}ElQ9XjAS3>>t9{)0w
z_^$nYbEsh_%V{yWC*od&Fz@8i%~K8O4en*zZo>1Oe2td@M&-7OAdA0Tqren2ZLk{V
zJr8_AgeX3H#+lY1AZ%fxFQDubNANq+btS!pC_=psJ>3@USr=d%aj1W+L<jj)FU)fe
z;d`YM)Z@IRKg%6iJs)DU5J_h7C`*)A{kdz%W|b&#8H@FhdvR2MVEI0YMICs3ShQoG
zx>}j{)qOMSo+la%-pRDs(=y$&raLNcRv_lH6P&Dc8;DIg%U9nbV(s=Fy%`rOkCI&*
z(0h_8x0V?mg6;>doorjtnU4bN2(2sE*NYxU2uR^i+I5APG5kNK!W?9K2-<Ih#v;IE
zb;h0cuzAWjLX$BK$}aR`Bf3=1{v0wNMf-m~uZLI~qHc(igrcJly>%A`JGC9KIJ$85
z%Vqt-6qD{xv)}w?uFLf;aDm;&d&IZ8!qv7_4};^M<dY!m_PYIfIFJ%NKFXc0#93&|
z4r7zat6JWAsy&t-b%w)nq7e<y3Um-znH9Rtnb-F8tK1Bc%KXvICj4vRu?Q;ycWcUa
zr^M4lr)+1s^SoKpr|ib>IOL|tfXVz%MLyTJmKvjYLCrGH+vW7yP869ZM~_GjQz<{s
z#_d(+KL&tzEJAl&)^5_y)7Tpi(8sI2k0>aHz;`2t2q5ii*H$Es@>tAsq;BL2OjWqQ
z!v38oeN<c6_J&ao2yBtO7rqmm4M-OR6!Na^g6}oT&}ZB7$L*WPqKt|2B-H`x8Il02
z2wWt~9s4cJzE5mER|g)L)L<BA$~%9Ik-Po3nKnJHo!CA_<Mv|b$h;zCajfjLO@1{|
zJZGzhNWhVG@nTd+W#9z7B#wTw3!W9#@982{dHVW}+mH4e;^Y6+oJ=(?<_u$c3B5ZY
zpA%}%kg0soobgrLd_%ye&8!=A**$@kb?p7DZaDo$xe5|vVkOsm1aExH{aQO@J8}kO
zVaA}g7kzt53G)V=X&aDCPfrf>n7z0slHqpOD~o`S0~)$mz}SKtf~{|gC1?_N_JbBn
zuOC8n3>sIwj!<bxhDdZSJ8i&n9q1p86t;{a-BI635=&4RbtbVxuvz`jRY+;wM1oY1
zm+F|(2w?Xl_{c8|;uP-Ya+vJObR`u_quR)2y;TsmeKtNdJ7rRWF5h-3Mu!g}9Md>Z
z2^-LwyGFxE=dVIH@=FjG3mO3Gqs08ykcRNBfsaE2iKD-}^W1$ONCv#DMepUjI<0n=
z%R*#7^)Q+k(8I-|*SKrr23JV}{m&(J*JZ7V;|K;AF+Qt6Gpj9hYb@b2BgU5B?GYqm
zf1tjJZy@jTq{!bgw<6ISeb1u<023Eu)IVW62U%dTA|D?hJ`e33qdHFAbxUzJfzKyi
zU_PgQf^~C{cZzBo(MUo2hH;*kB8PnU#{29#ph*s4i{OROrR{D+Davaw=Eb8qQVDBU
zdpQy)+BRTb43>RwbpG-OeM_uDsw4jbg97P2N&QPq{>Z5iGdPPl3`5YMmbC}{PJ~bl
z>&R_M`l>BdJIlG3Efn{CEWyC$Ztw9nj26cIA(I0ZuR|Sk5Bo4+O4a?ZLf`<}dBEj7
zN03AO%g5=WDK{!|MHi4g=@4NKQ%2rz|Di8{m&{%?3_uEr&v+WA2Qiuh{f)?`Va$xB
zP^iE6DEOv#1CE%?gWd!X8~4$sqodmGH#t~vPS7;^eklW6!i)IBJ{4he63dJwVI_sW
z5%vad+RcfrsItCMY#ei)NEcFHe2fCWa%s!6N2Wre_7{@tgzVj`dPRY^jPS6|l*YRz
zh4!19e(<$%{e%QV&i$Szdv<vWnU`OE(Rm45Yxe6Fr}tN1Kq0V^JfV0<5H?{xeR2fm
z5R3^+Vs?bwks~Jv{KjV^d@Ez8tXK-|U`r~y0_Se?7eeCv^UgHxE255D$Ag-6i}Mzt
z=@e7shd>}1@9)4L!Uot>ea(8kF-u}zdbV0WyGx0HKWDiT{yv9rVRd|g(dTLK9tc>t
z`cmANZA7leu^=URITuQS()Zrf8zvH;&8j1mx{u=*&|_!S8Nh?7)4GsdJd3W;u1q!d
z0^(679`U{4<JMmiT@W6p+IZmGxke>b<j$psZ^D?e)M0hxgZ&JQWG%!SBp5==v;FCF
zpSTh{LQNF+(Rsqh;-76F){lxQIEZ>_!shN!TQ0bWnfANZQgfzUPl$A-$=MPF%~O6g
zUj5M)NDd+Kv4g`9a-{U(*vW8=p2ypc;$Be-K*s(<<<GOKXfZJC@`JUp3Ki6GNPxY5
zB|kv`-(q(sl8Ed^Vdu%vBfxbS_E#Vdx0uV(PkDsL-P3WpVMCq3&9A4{=F*lFeAhQz
zs@)2sjId!m{p_I#TFS1*N9C$(PN;}weRKBhz-xU3VJ|Vpw`Rk5A?!$UuqY7=ZmG6m
z5OJeNR`67X$E)qb`%jtt_$VUM8XBnIRZXb78jm)HvBNRxc{)Zg7$FfsMn`X|C@&P}
z(3G@6ecl?SDK#SLVm@&9wUH~x(l615Hdh$NuUql7;QPY{eo}|c%V6|k-~`L5dgH~{
z2O*|;d%B`OshEk8pdp{cD0&_rN2eAJtZ?;9UGgcaJ(rY2%*e~PHhpx^BtWg&-1cL(
z2qxtnWx?Jhv&i7(i?xypIJm<nJ8^yb>UcX7WgslM6FG3AP2b3+FFn%f*t0s0v<AL`
zy?fxT-FUL+r85Wt>=HfL*#CiP0aJQA^%E{7<H`5t;jpLdzaLjn*lu|)!X1+8jGHsi
z-y6<*|74=Bdp^)x@Ld<z(VjmZ=D@@dRFL?D0k3oqA1QMl5Q$c~+yl$b6LyB+UM+<k
z76;o$w=^5|b{3S5YX}p`{4Lg@1iRwlV*F~sybu*H6%W~X?c+ORf9sRBlG#GW9qF<^
zlA86F_D+dXU#z$tuWAHubXwop`Pc^~TNx>{`^S-T2%*1QWG0lfZ)rOO@?|jUliY5O
z=vjz`1AJml06rX?{lf*TlE#Qs9vOW!gs`;+>COH0k-L?c`u^5(RhT*{J4k()YujyB
zQ)9bcW;Vg>+|<?^#qzP%?3B)CS^{uyNF3dqdh#;4KY`1=z8+DGAW4$2e{{B((JjyH
za5E*2Z|N|jiUj=Vq+|EX`jS;2tjDL@jH;>Y{2i6y>U@|rUFmtU%2*b!cra%`tT&SI
zgHDtXJ$mGQ?m8XMIVUCP4_A7a<P<4w46<hn%mxjrW5fVlJ@VkGN8G)g_LXc{_GOrm
z<<gWwK<n*iMQhrbCi+#qZTHfa(^97q)NdbVJ=h6+j;_HPhv98o#_;ZOIw!e_Xz6Oh
z{e8P%E!Xm4s_6P_32Jb;TM}8Whg+*l2OTUdPwI$kR-uwX+v0()2FNW+ykWk<#;>dE
zS+uE+TyK=`?UhnnsFk24gQb=6Pv&F=@hpjXXyGS^`Z8X=!a#A<65AFakA9yfSK+Sr
zEmg*4iFVlq_WejdA&B~uO@cz^{IBcXO+;n8p~o-&k&pnDg##Z-CN_UU8FzZDGXvQl
zVO`KTfqCyXjqQ6tJrd&IMhJGIJeN?I+SB%bbNRx>blCLeTO*I`6=9dg{`f~pr1p&8
zKWs(>2v-=EvT(c1^scK5^d=iw&ne2D$yIly^bfB&PSHiOGOc+-4tVM>Y0}EyP<#9n
z9-e)cjw5IYK{w71wpi~C4IW+JF^0S^);(MZHK0aukPlhyVca>KpyJqxCI<B-!f$WW
zZee?>p)5J0a#)~JrT4@-_3Tb~V5X&FXSDt$fg99G$`7~x&F6mSFq?l@G*NyS;Lp+V
zDCoWMCLq3HX85CBE-jU<6@jf?D=o*xQG(*W^A~BaG51Uk_Nu~IzjLx7mxj}G4$%%A
zxMV%M`e0@5Dr)$=P`36M@F@1e<wvPjzfOc;eD-G)J9nf!gpOUDMK@zshiE<h-8b-4
z9V|kBEPcHqL=K}^f0Pkq>XVVN4!PP+9`s=rzYsT*uFM9i=`_woWOG#AjQ~pZNvd^^
z!Vc<+fKOWGaRd(yBRADe{CxLl()UVaAS%a>>mjpMi=9!EWsQ^P8A-`h5iIl5GupGo
z#9pYLH?65B@wD662+hO{aWJSFxxzd2Rn^tE8*d4twu~SBN}7jRnn$c~+t&^lZheB|
z@mSjc^S)vB>pv;x(c6fXa=xi3K~36^l=W@Z0D<=2hUta|>`l#-K5IPL9Z?DbowV*8
zwTHW_Dgfe<T_N3D5sM`<Ot)%hY5PUIQDaZ(Ie*d?l2<53I3$gbs)wLY=>X%ZREv8D
zM*@UZ%UIQ6RL?o>H5!Bo*Jr(xrA`jpnm=Il=^Sl{RaoA6qg{5?TcT@}rgkuby}|MB
zXqKxc6qlZuYA+|YCwcc<M+d=G3JwXd!Hv-8b_548Pc!E<cpZTX<2QF+%yn9ZK!Q=V
zEd#z4VpBRUU#4kj4pIrLD{1&sb{C@757!W#+H$p%hqWO$_?QvY6c(HD8Z%Ryy#!pr
zjZ_M&)0a&bJtqIiXY`01j=xD<OpW&^OteF*Zer!^U%%N&KodKRFZBxFpRUS1gmn6h
zhs-v_mx4KkXzn=$eQ{xtkRtWtCaA9M?U4!U;wb2)3l`z15P8)01iy}=N|xn3ep+=e
zAnV+GmrU@`9^pFwok4#W&(*6gg4@0oX;XEMBjC2D(0PlsWQQ#7Aw;06P^qI3J9QQb
z{coIK)v|17%mgREc&dDgaABDU1GUNxwz~^jubhC|;9fg8O78Fknf>{3GvHyAEdQQ3
z*~p;UL)Ix!civ!z3b_}?XxuRo4dh-o+zZ-zd_u<aVWZUFiUO4O7^ef;*cMRClX-);
zcp^<2u*)2Ymur_ZPJ#e6liLZlE3=jm8da*saM+UqBV<MXvp`e{`*a}ka0F{x;n!LV
z<1rPFPpTw7UM5~2JSh5ro^8Me&j67~1bDrg?idc8k}wAZnfAtjwA~85(;p#W9%pbt
ztbNAc6t%V(&z&miD&&!l%?moM&m5G+;_)CXR)=9BnGKEWs1HFO=sBv$wGo)JoqS__
z>Rn)8PK!3)Ww)+ni55ReHlg7VhLK-HkdtnhNJzrXa2bukG$a&7;$tViSK`UVVj~Di
zC#Ir^)1i&uG17B&wO1y8SM1-PWLe*9LoiQ1!*>CX!E*baY+#oR@b&lDgiAGNJl3A?
z(gI$Pm@>*{O!|7rIL3_raUyN`@oykfu8xxHEgMQ6d-Z3oha^!Eo$(*cjZyrccL*tW
z&3q!){24#8<Ip+~WR_fi-v<Nt-mXeL`eeRI&eU7V%FG-W97D8b$LnY~a1rwSY(kF#
zEyFv?CbSwov{$E?S^h-v9c~Et{(Ygrm)C&}4kgc$4JcQKQ*R*ua5-Ta$p!aX3%iQG
z$wQOiWx06LPn4>|PzAN9s>IuA%{ABaeqe7k8JpgY;V&iRR$$(pq<Pn$qzPg-ZB%_Z
zy+ytK5Ox%eP30v#41AI<uZN2Appd8@#w%?2)CTyG+KF-;-*uQgOBmYAkh5McfV=%@
z&Vykd_sZjjmh*Vzu;J_+mFpuMx538yQt##6kmNbjf?kk50_xD?O!)!lBs0rO4@}MZ
zLt!U}de7QM5A)Hrzq|kAc_{<Xex8=f1+vt(NXY3sWS@E>RpvNJse%<|w%m}3nvX1*
zYyctLUEL<Jj-=!~d%8A=3GGB7tG}~1>hu!qT7CX|Jj{xb#(iVEhlw|G^Qr)+mr7G{
zCjjEt)^f>)Z~;CrpcSiG_`%q)nX?V<%cuP?f$k2nzbE}sonIZJ?}VcRL#Gk<=M{D5
z24-`N<y#p|Vy`&pIgHxvTr7#yM+!uhHluE7PGZH~@!u6CDGKU0r=W7ku+4ajwQVTO
zkke7&=D-A>&$=AFtMkvp@ugJ4;7_?F0m6lfA|eTMXW!Rt3?<3ZQI3ad<G70~)2YDJ
z+Tyorc-_F?iR$S*Zht7Mi;#;`$V8NA3-6br9%u&m7?CCAKn%V5ecl=Y9GLqGaZTE=
zJ4}&m^>f64zP#$bPy9&?4m0)maAvY81!z2rD#hbCK<%gL-}w6kFR69SyQT`E+>cwu
z;Cx3teu6bI9RBpRR_VyEMbR#fo-TFUE!F{t@1h4}5~M#3B8eC?tv-K>zy-+nbW~sd
zs=hRO`KEsh6)eZyEjSRDf?*@g{3t}03c}c>X)lvEt;dA)PR3{GV|4$7^o=!ItH55t
z<`I8!92ekg_x?-yrrx!1*vhYF5X|0%d_{5d0<DM0mUo+6op=|_7Wy=_SL-%!FYIcf
z3=|SYVs!;Rd;c}_n<UFq??}&nsV9^0$NjVyKM?g5KyLdjgSVi+kZ0EBLZkiXtcdyS
zuRPGnisqB@A@^d*&UmG6Y5s8XDi|`mQ6+!OY)+7uMAH8#AzX$>4Nfua=WUOZkC@!0
z7ftn{Cw*Q;zS*nl7w}owSx_3z|8jaIez9O#-b?7<4?|#9qA`=v@T#KILZ%=7GNK9n
z`ltu;H5rY6cpk+!HlD%LvR-Xl4wNo-W8hC<Fia<Y`g|woYUrDt%+m1PQS6Z`qKcOA
zBt2~5%>UhG1jn1+QkK&V8s|z5L}T(LUzmp5Gmo%@38b;6B!X$j$c^7f_B7|7EUeFf
z#x;c5F1l7?^m_H-xO7<jaEAu8s?Sn>i3)dHX@iy}56J8}w-iuA+n+A^)pGv^_NGdT
zGSsqumRp_Czyj}xNb;@FEuY|g@*3O_n{qS4u1|0NEZh`pfSbGhO9PAyxBcq3aT@9&
zauP?&<P@Kt($XD&wMB`a(gkDwaE7q>88Gh2JTK?!70InoS%Y<H$>S`Qf_Ja!5nZ(G
z{vA2q&JI<qYh+h4Hcg-RJE3nZGo~mFi}5i!R)&R`&#IYyB*Xyq{6k6SU%(ro_<vlQ
zvI{ri{M`;W@}=hlQv!Enl?=XStf{H?STB7Rv$%#)jpI+$_l9@Zt6GsC%?O^FnhhSV
z?Jpo(XaF9gXbQlav@D#b@TUg?&~Hm}n_jyX_m|z-BMvxvE4F(ETw*%S@c>GsP^Z{?
z810`kB+E(#VGs0+ndk)joRKUXd_zdio<o0cCs3P(Vw&1zklE`D0%ICn0wUUu9RETC
zOZ@k0m^&N--_l^Ls74n?AAw>Ry0AE9PHk78@>woW_?-!6$&U6*&j_dCR8CoQ$(HyU
zNQ#Im$XfVJELK^F<3|B_xQu<)W`k@L9ni3}6hGg`N@xxLw>-;0R3>xf$doowaN`H2
z%_N&B`c0oS<L6J2U+4PlA@Y%eE*`$wmj-3D_98bEP4ga^SZrv57wf><65bxqnU3aB
zT*?Na%ujBw?Jd$pJ6WD%&Nd`FljCv@$V)mcn3a$A&&i4hEdu2@Is;eNyjGl3HD(iC
zfoKsPytn#<;p`*xYiel*?fO2c#vc|&0{jRF-7E1VNI+#)^$a}7c=U!o9H&9#e`8}m
zuJ@wN4h`QKW!og@Sj7_*nJO|ltAC@63jMS?7-R)g-{h9>v)SQn;CPelS^EPH4V|9F
zidTeGgiJ!=SevXI;5F}si`okWVMyfqT~d^ZpVP2DOE-g=jYu!>-E`4uf?FUftJTUn
z9`?*j@!vgKSgA58UB3(q;6bZoTSWA%;_Hsa1^4#m1hL48?TP5pwa{W1ECZu*mvlDl
zoqTYlxUavQPV<vyR<p~nnh!ZxU<mKny*Ri&lzA7K+*7HKXZzOt!kK%EblYZ@dH*6m
zf%t%DBHGC5ZN)aC%ttQ)X6I1PHP8>I0EfwE0PIuqGE06;mvg8T?b~r=6>EZ2>KQ)S
zAorgq5-T)gIaGTpN9`2#vB=scxbLXq25{(mOoQdF5a|t>Cdq>0NPip+vDC}ON3`{Z
z(dXE=R`XY(o=4X})y}Ug>{Wfd+%kOQIOC}fv8GIetbe>;RM}<J7I3p-AV=F!*XyD8
zi2MV?zO(@x&@2}BG#J<7j(a(;wM8=97)9B2HD}wN9^^NGHW~D|_(a{obxip4Q$IOJ
zQp`){AbnACvmoVL7w}^xs9WOec#-N1w56;P@nT5dJDY5rA8&~MUHd<3n89y9T=<KI
zIY|U|yEPukUi~daF4|KmUYJO;PB{HQoPgdqO;C|kHjiIt{z;2_Tckx@Zb7rL5?sGj
z^xyy;9UzV-&!%a`$47^6h|K%TmD@gpdi`|ki!h<gLIsw}?1l>F)%5+6qw^O@<NR=K
z-bE`e<G{v@Z)M9IAFJp|_Y<jK+DEv)9qvv3ooi4AvJvUSd2?HdjfdhrF9-gB_Ix4F
zJe?Mn2+-YRz4+gc#ytPPM5_})U2Gtb^z+pelwU^w9;qYxXk*j!PklOgJy-KV)%mt$
zG<(;Xat-bz=>uKw5Q=0nx;G$G3N08TjG&_fR?{8kcqCScPMUbAi#aL`XLFK#Gv2nl
z?$(bu-4&cS>!6r%LK0+LfPKN9J4UTXUq5^wr7pC8t=bxO@D%xc4j-v%TYjrY8Z3f#
zLo?GOWZhUnGnuQH_HodPfzxSM2~TE3T~pUs^jMPg6B)oE!x5<wcGlispj@G@bAV=K
zn+gNK))9z?&YCYlt5tcB<9*sky$mSzO&0kjVGtZ*y@Q@FK*5pdR}#Xdx)~iM7`n)+
zd78``E}9W=k<b{{Y2Oo5C7g!y(j1qpq1;C)AhM*@+0O&|jROR&Q44&*;hv<oH%%vR
z+j68JCLd|SAy?dhL$J@o!r^{5jk|@be~ef_iG&1*qi6w$mf4X`hBVkk5yZ;ZTUu+~
zY%C0bCBnWH5X^qd-jb@Idw#pk`{%l67z9xjyzAKQo#2bFiuXp8g?2VNlPNuO6eB<u
zprYAY1X<26@@#s#IMspj*;=?`W@mJ}w(9X=q`Tih^3};;C0crPEjz^lvbL4r$q5at
zT#Ta^#5i}RLPh#S9N+?OA`e$AL6IlDX+D<nO+zyMGRqew$Fd;Lw#fJH_R*Kh4OnMu
zY2wy=i;zhcj?a9~@9<NBvI}#b+nonAGtb075ZycOR8~;Lvf_kx=)=6+Oa?;Q)|y*G
zoOtsDWC(>7DzW*K*4nw`plQ$Aykz1755erZN4c_Cs_^|styoux#CfE9(vptN&xc5w
zZRV?(g9^#Jyp~6RAM$AFZ*y_N?o(=LK7`oH8p%m{fc-0yJ96*^Ye*TxUqLCjA$ir*
zbfEFlAXdGG^E2?7(N5sn^*!dzi--}TbI|4d6ZH_v;;!K*#NC8=T(!RQ_4W_a*%|UT
zUkzXk(f%I6vSsNfMllVbW569rMyb#-eNE)-j-fy89i2aBZJ)Lj(dihpC%j8Q<>J3o
z8cFeY@MZrs-h5IV{iiT%J5TE1+<*PoMW*XME+<=(0ilj^Zj|{bGDawI?`Dv-xWAv&
zhA6)^O9MF<+R$rZt>i#ylA^EqdRDjK2K+Fs`ger>K#muV{nlXF#LcP8O{gP3EfHI%
zZ2eh9NaR#?%)jAQEDL6cdUxQ5n)!5o1S*Y`PS`e{trxolF|)p1BeYVye_c&i(ma;=
z<5fJGX%P7^+h}2x2aCba_IIrbwY$Kas_UkiYu8Xg-)s*mmh(0D=kMQiKj;3_zuL()
zgtV7(F~f)|wd_XW*w>Nb%Y)mVUWsT<(2aT?={W|9bMy90gnic&#Uc7gaMebuk<Dhr
zgUP5Wbg!t3)qs3XXH2~vcrKwem-q9L9O*rwK~0laDhPdJNIu$=uqIZpNP9YU3w`?!
z^qH1#ndiCQ-F45g3oh@w(HOMWSQ_0$`HMHKN@B7gJk@0Kqun4)av@h7)*o!42dyhR
z7JxIGOh3|@TnbyK6@xQ0zIqaQ>$^cka=DS;{>p+c&nIU|t85)l>vfnH1nXHg9cuv&
zIAgp!87+kN_=!4l^brKuawOrbr0ic|S=rrkd$>UKXT4c?x3zunpFnS5K#-N&vajp@
z$pZA>wh__oDFv5y;?$3+@D4xUvlrkTGqWDRU_XNP=HrA<q6il7R_F7l0&ZV-IUT4f
zSbQ=aeL-?)p0zO+6URh%ZY>{s8;kc%FPbpm!EQu86_%~scOaSkJjl|hof)dwMO2mt
zVQhML|2>Lkpp_`ICYR#rPx5Shchs4x(IWk67}LB4Tu+x4DmZg~rv2Pe>h)&*#*2PM
zNlJ-cMB{h1bb7!87X;|Mt>yulw1x3<KVY&9wD%b(Pt^NSg`3RWaXei0S@05>ZL8x5
z+vs5^hS6DI$lo1Ien77{y|*QJribz4*LHi4jaVW2wB>lcOCu2j1uN<5uOtFuD?_2^
zW<oM@F=@PG26Au%aBI(Tvx!z&+i~O1v$cvqmPNC4(zR1`!B<m}Av|)dW*h4~Hyo9{
z_HClA&qKtso9)0mM<Tb2^;8PrJ=|ppWr+$B%ytwPGEJ?#;E*{V7~Pj*@L1bUXc1F~
z_SyC<a&0C=*d~q)LhSDH$4?&m1O)xGCwV(uSIYRH76^0|>}aF??kNZEoQg_K#aa(!
zypf!9^H#HS?&L6`GKvFXr_S*u7TFlEHBYGDKENA$30ve^BTL-Qkx~d2!P>fecTRC*
zO}ZBnYcl=mUOAn7JjTWxgVGSC;Cz*kR^)z*TxMMjTDDoS$rNTd?y&}9@LIFBC;=Zf
zh8VB-1*`Ny*~V0oX2$&Z_tygn;B>B3B?qk6cFbpAxK%D29=hFnT`#{AXsQ>uahBd^
zv=_kM+Xj>*vxaumRKJzS9zyT?03kL;48Tu%+TON+axNB7ZN#EG7|2%tW}^#C&C(M9
zZipdZ>tG_~l3P{WC$hB4Bg?$_kee|ZNnCJ3MV@_aMkRD^lKgV*e&OWa5N898-kF@k
zfr;<y1s}&gUM=2pZ`IhuYtdXj2TTYm{_*zp+YY-q{w;|I5Y}h%twdg&YxmZ^sv+e{
zc|k@Z0wC#+bUND&2ZL`~c^5L?j?2o@nj6MV(FgKW0B^b>FGaq*hSb<FHe+pbHPRuO
zOchJ%-~)~~eW-tlnjWr{7rywp!5+hJP6!D$2>o>#MY8`vqC^I@y|_fY$?$VGZeL42
z82Im7xRyJumDa!;4l@eyKmueOX>l%Q)5e(UjPBdciZ!iT!r;X-&WD!F1x`L>ZCbO*
ziVA-4cePFeZMa|wK1cStj@rdgX}V*AjE9!gEetA0GS6QoVxRUP370KGT@zBk(lNmY
ztC?Q@9xrIAV1JZ*H8Ne*?EZ3Zzh5Z&{<BlJ!bQdaa3n`0z=?+tk4_<ySRNr@3<^d7
z99M&Dq@e<uqI9!>kTS*DqT&t0wWA_hatR-|k|G~|0mw*|>oka}O#wma@{P)&Fa-@2
zQq#z#2AoN}*Dm&&Ad()Q*u-{zO1xu^mmg&?j!?%FR$E{2H*6V!4f!@fVjR(y^=ikn
zH_%Rt{rYzGgO_uH>hCWd#sJA!eJ9jNOq&5-HZy7tKAd>wwJI#Cln#FuU4Be?1II0O
z&7xy0DhL59D_FF(`kba(!U0hy)xZed?IOZdH;N19xZh|iKA9q7ixsNksU~Nf5<^F(
zel!~2>l-Pz<X(sN41c7^ml|(iH|)c3emJU6FWoI9Z%7C@Lqv~c`gZCkVs^IC3sv>@
z?1mT$%*3L7TUK3H!S?33Y^D>3^VR5o*5JK8j12BzY4_M4QC^-47>EOnuu`c>^dkRu
zt-+t?3h~rwO+U#=_?P=b<pr=@Wjh%iH7-DeHsNTv#j1z+b^6lJI1ojfhpF8qlpxVp
z8TUZ!?J@A)_dY~wXA|c}J8&!Q&rU|(ETA`$IRG1F<GxJO(+Aj?Fyi1*Us%r=xp2mD
z8{4&Wn}?L9WDxs%x7yM4YBr8-<ktC!wnLg)5+7ib!LkCgK_cYc!gaky2GBKx7sFmE
zGDw^l`pyV$RH?>fA5G)@kh`TX{yQAnv);<aff`Io3_*NgpWN-n7GnBRZ_@>Z(Q1Za
zRUT`8>HQev2saT@;zAk3Na6pYQ#djbXIbyHhuwoXQdD}-s1P1`hi;S=u=B@s>^m9*
ziw%n<AbosCr2i2>P4*uXu2HmMH&YTBJ)k;nPRsVNu;TC`mMf0AGxJR*<`k{^9MKtI
zc)@F3`?Gc6<JH$XwNie`?#2lymFCV{u4ui9Z0)gs6>ME{nT8L{ze+DQ#5%C7LkoZ$
zFH76QXZM1<>pq{c9nVSbyDsMmc0a{4&*wy-sidbk%iuZxHJEU>N^2n+IdS{4CF=tt
zHm(YmHAM4>{L8Qk1XG)@7E;#%FDQ9--jVm9%b{R(BmB+Z74S@+mt7jzF@+Zm<@R!6
zQBc`SV801>d`|R249+5hO5^GHz&v-X#N-3J?&~ANhx(TD@cWM)^vI$d66IReY9$}W
zr!U@)nosr|j`HjFMX6@`+<dCu#vb_|zu&@14IVpkZ+uNL_#*Gz1VJy+Sj{3gHbKLU
z0x!%e<5Z&>1|8#97QC;_-Oz~U4upsIhe6o$IWPTud{hqJBc95@r8zEXBgetRQsnty
z!81&PuA!*u$X-CB<{@eVBevx7szH|#kyof5TfBng4>?fxghANA&3{fuP~|8grs>{7
z{i}va-8pgUBhc|)f8+7qdSO=?{|mHj(c(sn(Y7TH2^i1)@n}k_ynZY#e|A2n6IZG*
zntRo%?$Oa=_Cjs(r&KC)ymd71BSLF11zlVx^5Oir>!K(`D^FuT(k5tI<E<S8TiLOm
zM5&-%GZ#zgO*ontRSfp_i>)voCzEdp4DtWu;?A!d9cSX9ET}p%PYfwVkj&@L5UN6L
zP0|;imx8a@#3t8BudvN@-bu82NHJELKwzvBLuWZ8`hJ_iwS??wqrjH|;kJluLU1Ab
zn3z;SJ{-P9SeW3#u6#04j~wO|Ukv#-X6%<Bq2mL|#pM(fx>GTOCPubr!(`q(#sSzJ
zOM*~%a1e?KOd=v>7Z02ifcx+voygNqVhDJ&wJ9Lx{bH7=gTlRZtU@spAcM}n#0n+Z
zk#6yF1qA)|GQt0LnGwN8^KwwJax%*+$eE8-sYwfor7zM{boRVdJ}P6^jkY+0pJ}rH
z1Z6gnziP>&e9q*fah@5!2NfvXb-J4<u0!pE8mr;3;kJ9(f(k4_z;ufGbcq@@b^mST
zl`afI{x=rz=e<#bhqlXEuf=L#lnFKkb#^C-AfPCD3<b!&wtsYjeyslK#){Jug+io*
zL@+taO|>)n6c-8_a?UwQ7xlNVl=QK#mT;Zqx#6QRA0!v14-xHu7A7_xu&4T;_~&`9
zfaf%Kj8NI1XkhuZ?TXd)8`1MH4`%IREbe6p--=gt@l;{lJTVJ0*0JgdSU`95af4UA
z(l%sX7Ui?J`P0vRsb%ltu~4R~{hvZ_xM!iLCVwYFtF5hIPS$FL9`lN~Qu{#p%INyW
z9o$lJjkVH``<lX%V4$*Irn6gXWGg>Ut`$zaUWE{OAj~ylAWpo{R+VBIpPjI^=Y#bX
z6i6%4jUcdu|D82cGO8>p&E@yddvCp1{1bd%$kiQEqG6i(o!u}d0SYwE44otw$IQ0p
zaarl*zrVK8+-~Mh%?q5iS;MOQ-2JW?98tCpb-S<bM;pJ7%uf>d-}vOfSW0r))ztq^
zBL~LHiRNMd8^sKzQKWI9r0xGd_5bEdD5<>d4EzT=`iEVYCOS+J()+HMT~;>^6~xN)
z%9F)BuT$~@8&p-wvtGN*Euhb<7JtgKEk1ZPSg=DW$TU*=W@_L-NZtQ|;il$wmf0^(
z%C}ZOpgmISPg<TilfqQfT_iD$HX$Pd{}(bpnX}&kTMOlEYh51Q{$Xupr9Fhtmj4sX
ze!HIPTP2I;XH^sQYW=U|ZK|GN0oTcW-ysb(zdizA-oyAzk?#1EWbVJLc#F3gORb1-
zl~l=AJc-qXRHeifsB*xFotj5I>qK9g$M^BQvOwC5`VI+55i^1b>N`^MQiGuIuXkL@
zvo9EyBCsdn=-F*{qt{}-mq67(fkV<<E0yo>UV#|!NO+zmNb=`GSMZTuQ9CO@(GYtO
z%{rYdUlQt{B&A*vZWIdlp}Hsa{bSafVkwOyb>ul!0*ot}#HM0LcxTNR$^FpaRAm-u
zrow>1u?&0#)Ny=_s)YVK${jo6JAtX>QXes(4N!9VocqQ_`*th+W+oAvt{9BGHxz4x
z9eL@uUZ7X-VI<4$pVteV#}*M^mslpLSp<<W$bFq=RQ9<upmLTdKr&I}dA%Gz$HYIE
zi(Ly`28x+K&r1-bGK*HhCoW6r*ayAx-z*GBU1sQPxBQ$hWYrSV*M93eTVrCQ8gBoZ
z7DC%}+e3uF{>rxJD4EKx&P@Q){<sj+j9$u5_*a)p7x}N{gD3)?*q6Tj!+C#>{S}~$
z)oMDfFyH#tI2j*(uMV-n$#eH8ou?~g3qSI<(Pg0Lw{GjiKMU8BnXMY987W+OYFDmO
z{hcTgQ#3rl=>h)LWxm1MyX;T7eeO1l+2*IGHq}>oNYMPH<V?iL;rS>sPtz+|Y`qRe
z_?=%y^c=8&@dPzY)+NV04-D$%Hf~uI`zf3hfw3g;ngVKDZ|P#ZS{0wHM+K|jlDtND
zF}^3*SC||%#_4_&+83>4uHZ1Va&<5R4H-6dk7EBC-C%v8-t3gZy}NE`bicK{AidOX
zO&aQ62jSW1y0J};x0Wy@<ns7rz+jh)js)aaPF+xC5BndQ{1$TWbuChFqn447F|`&-
zH4VkIY9bihp*NR3UPc@6^7s44``DHruUQE;v`gT4rOTHJj56p5@;u^HS5f(qOe33=
z(%SRW`QT5J7p+2u*)=|yt50KccnhWJI7L46342MC4SE+gsJ{Q}E(9vRe>#i4yD0id
z=ib>CMLbhizsjXOn0pxijmAv-i|R8XrXcmnT%&2p*Sja^Vhet}2fR|`Z~K%g@ZuGh
z?7A^Mz|aS?l9g7^gNo5mT&kK*_~4iYv>}+svlt&W?K-Q8b<uCLe($da-Zvc-VZOeR
z!FuUH&s_GEGe@2Lm$8lDUf%uk@@P2L4EKX#Yx_0D?`JksO-IP$ncJXLIG&7xb>eb2
zOQZOec9r-r-MdI6b9T21UYYPPa%+S6K1A9?tygO7>5lHh^pU9|m**ta;jQ%Z+1b6T
z96i{J7%X0SSey9$dyzqRa1mXWn`r6R+94fvK*#S74qMXB2c`AJ7h|8w*CrLilN%j(
zip$&XWkOC`Z$PasRo07Kt<W~e640z9OY5adt0ZB|?M4Kjj`Yawu`gdoOuZ#y;f^Nv
zF*kJCtZ-CX5dPz4{zbX>suMVmmfR?sYN!OwTCV7nUwpsjUdmAbwdq`Ca*rP}c)b^V
znhuOtT{I%-%Y-K5`DvH?#@FI>Pqqv7<@1!i;<0rV(AQo-r$;msa~)-X>*5tO@CsmC
zUlKW7+Eo`c`~zFd09PfmcM`tH<)(OVMsZKiK;Km%MGft4`>7vE2YnyFhg|wkuE!t$
z7kh8{R#nu->k>*gNJ_Uf(jC%WD!3@=?(XhJIt8Rdq`NzmkXm#vx*N`1zVF^=?-PH)
zIbXcIymZMLbIdWv9M5y#KS~M5QR+CMuM+a;qyjU+;Ys2_2>ZT>LZ@Bup1QJaXUnj-
zWj>&(j*c?o6$v(RkDcIw`<87p?)P3OK@?ETz97Doud_L29DqmxLqwE>ieC#ee|zb~
zOWkw2U+MYMzyiTm%Hj&$)Lk`Qp(@hU<ku;C^|ZRqV*#zj%1lcU1OEk$+pfxQ`j(l8
zu0Wf<O+2{MBuYofINY<i@B<48hlEW!&v=$N^s>Sx?IiWUhvrOFdX@BMG<;gdU{l^?
z0kwrl$saERpuMUQaO&rz2_Sc4MDj`*Tyj?jbJY|(6ak#NcmqRWnW(_3g&zImt9APp
z06Avz*f^&(1#!Z$ix~xLQl9l!Nz!RPm=oAffiicll=8Ze)K?ec(HS@l`7(J6OBXb}
z2*E#cKAswh^Dz_8xuhOQFj`e#&f&}dO7rWqY2$fO*@90u$7O#PN!j0AAt<=0vK5uU
znEhgzs7t|nn_F6mFyah+|EayC++^X$8rM~q5mP&p<Ks!uIV(cg$PkM2&r8OQYQ@T)
z?NI-R&%|5OP}CZLQr=@{WDOkRjS)Em1F++w4Oqo9j>F4Qvew!A{79(&#9(Io>hJRE
zzROSSAJ#vNFNp+Qtz%3EqKV4d+Cak3x0@WBm>`yH-}`+JyW9Q6`f?q>Oi>moL_t9w
zyaoT>YyvnpU~M~<z@^fAeB2e~r7X(vxz+}7{f{R<IIDSndQ`vMPlQ^7=IZmI#69uv
zvMOLOnwl#DAhT^%diM=Ok6dB(%@q-Xz7O!vDtP3BJQv4^0?E=35uML9noOsHyc6Cp
zA5h2%J)r}^e^GNPVqC)V%0oo3&MXc&!CM0F@e0?Q`ELJo-Lr1+!DcB#I7DR@_N8FP
zviy*&tc0CXee9J5DzL?VPYIX772dLAJ$q~4KJjLF3RZHmayqnp_1P)yem8M&Y-M8u
zSjutbbAPW=KxzB(g<ocaM83ZF)433K%05xH_RB=%KlPd9>=G*X*`*rA5SRR#4$hZv
z9+)@pX7$PKM0h)&oC)B>=}>^L3^WhltNt|6Kgwj^(qEO)M{^~wP|t*$Q7D_)siix<
zJ;Fp;_xrBe{X+b_dMcWV`cd<(I_-4BU<&Jdw=xI)<JkvTyjv$k?)>#I8k5BV`1=>M
zips4QMb$u|Tx{s}dP|VV!^{8tO(;3+aSDnOvVtt@Laj+u4mE0*5|wW2-R9x1$-lsf
z18R4@G3B39F34h$5`2q0BTp#XeC3-M8~s(o>lrdKoqCns_Th5DnG2Ffm9?yQz{Nlw
z{<P(%^t|ghp0OM@bJ96q&@#DLN_Ho3|K^?av*OWUgqPe`3c*{^-j}f}1*UO5by>8k
zlHbR}VgMbiwd!&4^`T~f=UNcT18;ycuH1Lh=UwR8^s8<by3mQQH=6(s_xZz`$P?Ac
zXGip7H}Aw|wRrrjr~`0(ossxFx|yegesV|_+l{$X_iIm*q2|x_pm?X{5h)}ck%@CV
zzg~2QZ7zdlf!XaGugjlbX|$T(*jLO|Xtz8bat2u!y*sImxyytxmfVo`wAMi*tGHRX
zAt37I;4So}#O0IOdVN!WpfeTVv?bz*x%DT7v2jz+G03sIUN#IYS#|cswsfczM19jo
zyreg0*y)4GPkx3~1Sl!=bpP5_v^*USFBYXU&tD&y9)WXGp@kEiR(ya091UKdzI5q1
zlfek@4>3|^huh5%_ls^eO!A5a>Y$T<_=k3Zl{R(0y=I`n$2Z=2s5xzQ5WytkDV!t^
z?WneSdrYp(E^PXegBOc@BH?x!f2%!yXrA7P{So9e&TXntD*CjqLbrvH42JgC5%XB5
zy<=pIV3{BAed`7%nV97^Na~i>zG9Gr$?rFoc8f3rwA#1(^@U@b#tGW)_tiH|ObSu)
zA>ObuF-7S@@#R*sn{N-uO$axx10i<?)-^Fti7Ilx$oreNh;~P>T;C3(dD`x~{y;<>
z;mUMa2-anT9)}hop1tDsWc^&z6<mf+Waxh{oue$UU-((%XI|Uy&@9KKaOcgD54t_s
zg%r~7p|dnz;#H&<Q36t<uHl5RG}5pr`?`?7<8`6QsOAMMJanSC<_@)%YUD2g9+CFY
zFYg&*mH>@Lt8(%R%$)eorRSD|jcfRS<psv*e1l^m4|=Pq^3(;~cJk!?rhzEW@d7<K
zNODWukK{UdL1wY^V@0;(s9G^k@KgqpTpUSh3ZMdD*GmTaF&(yNY9tY7?<NG3h=)+V
zX>Q{WaRUkujoFwX+3m<Tp5p1^4O0njqGDAKZ4Xt-)El@T2JFXp#*nBc0cb<5-E=H`
znPA`CavYm=A0puJT?EqsWr*4s#WBFEi8Kt{wA?v2mVU1@wD5fHsB4-wIl#(Gzdur{
zT--cRrEk3{P`r-l67<9uTSpm#$i#HTv*9rM$p#J~PCr*b@9MxgRG`Ab>*}cr-LrJQ
zQPK`m<UX(vsPpndDOF2=HLb!iJRI!<3$dp?4*sUsy6Jr=xpyHMn2Pr5k#z#F5$)d7
zAglOE=mYKv@dk47bKqLZOz7(bigeIW`?9&F=(|)Fs{Md<G!ygGaWxj-JfPm!Ks-R@
zf8J7Z!+rl&jvgWb6rOmFKvvgy2t-%7FrVytdO}czzjal&UuQt@_i2EA41_pR2YNLG
z(edbWy=##fT~>W=nu$ZL4?RQ-l54w%U}~T{99Q@oHwF5t{@@2F&4FUY8_z>1Yd-;C
zU6*_Gu!e^U&cgE@KCOBRIu5K=3B%6;eIb7+)%8@<j7T1~b>y6KMSO7H%^0@D3vGHg
zlgYlNmWf46w(au(_J)H+h<S>?hzO8c^{~jJDH>Nit(b+wcTfCYS}`8Bp++FeA_1b+
zzI`}JGzf`@gjb!oM?QK!vthKHG@(O?Zt7aoX6$>)B9Z$&YFw%ae?byOLK_t_AC)-i
zof7rQEUawv`#@?)rtmvgR{XaFYn}*ahU$-z7X`<TH5AH<pN|H)$7zoa4i2_;nwGok
zO9L+#?j*g_w$dVhSr*1}*ahR3$|MuuCubij)Z2nL`grhXz8!rXK5Amg<tZH^-%^@z
zqH+x9b70xP;#CbN-#@3G=1FI^Dm3}asPxsM52x_x4t78BHbEpa?<Tc&@D9d=`mTOd
zW<>FL_wbjhN;ngCJW;EDw@=M@#6-En$lJfRoW~Ws$&?U<k-yqiwu4Et1d#a-1k{G3
zj&AhAH|M6KGT&QL+E8wDe^p<=-5@WDOs^la6(r3Dw#GX64NE=8tH|Nviyp03j$uiE
zQFhKoUrYthY0HFD<334n27*7G$DTV$#!|BcUMi@cFu?Px9B*Ig)4n=N-2x?ZESA?{
zgUnVHMn;*)l7F&ve#WV<X1_N888uqWpl)2WVBFN5Q0`K%)`vj%qjMx=9v>z}gG>M`
znkPBluR%I@zpyEHzpZS%xvI7^>H6(&pT@9@V&j4xp7NJlUA$3Soc}nmk#W+vlEu2^
z3TcPEW>}7EJC`R7J$KdKdeW{c|J<UfpM;!ejBnEN#WNu;G{J3~&G!toeRYBfig}6_
z>WJ{L>*YnOUOQGQvaUiZeu2=*`z2JHrL>)aBSss(c@Dph`x-NqEAg9S&jd%O)`<ay
zm0d22?<bg&@Lj%g(}VDc5Fd8FZhJWUoFVQM?#+RI2zu@6*P4fLat?orrzX*<pI7=X
zoHFIuMzP5;8mu&=wu41S3o};BI;*(5<0tcKsYHKe;l-M1iR*DSl{q+Nq^E{`97q?D
zrlJK(%s@x*(H#;we^Tr*<*0Y2aMHzc+DGbnC<YQ#I<u>f(;b>yPR9Ru-Yu7l&ON|H
zGwBtW84w1pZ)G0omxrykYfm}^T{VpC$+8j(vG>psaf-(Jdl`|S#v;oOsyu+o(OIoV
zI#vC$?nXanY<IBNJT474W-@)xav4MNL7$3flOtPwr1B-R?c6_wp9(ntIl5Csn>5oA
z^v4V$o>1#B)j7)V8S}8XpWNb~fck)9Lq_SRa>2O4RpEUx&P%6>F0Gd3w&KA-%O;Je
zlq;e;p8j4&_y+6*NtBgAvwy39wiH@WrQ2$06l$R2eG+N|zFnB~H3jORu&-}YohA5v
zfO1ngGA`X7*C>ce^>Zs@3tQ`9ZJGnZoCvV}6o~tb73R~PtERxtyauudO7neFloZ)%
z3KnB&96E-vfM#Wvav2GgZ*Y`?egL&_vWkQ`Tt-aiF?yh@9gALUnNs-kq37in1jD{J
zuI*rt-E0nOqz%bs{}h%lkb3<U&jS|RNM7SY6tpkweMqhz`Fb`U{sC+WKk3Grf@`)m
z034M&za&4M27&E2U_lCSB?)SVuc7eX<v<tKf5zpwNTw4IQH<2@sFoiL^I*WDPqs))
zqQGtfdK1<>VQt;)D;Y>0;fgTu5DEnT#*OM*&{%r22pbt}7RpC1N?g3^|J`Iev;3!T
zlX#y~a$#7cG?OBdZw<fLza<b&JORPOUhtSUw{%FqHFV`TOI}GJtgf^iKl`udAf;_y
zJYu2M0#P@bX!<*=A<n75h*ru?suS0hpu%Z%(92;&kpK(B95$+3CUxnu{s`GwzE44=
zye~&s1ck}pe6@&)&P#1L2+31uY9OwIq^UjGRE)D0S+ri5+_}d7K_vQ2?$Fy2X`uHd
z-iM@hB~Md^Xz_}6JM#Wi;8}B3eeU_wz0J%|AM`FBU_+P59EB#aVtwbYD3=lV9M|Na
zKI(ZdBED$WGPd9-Hix{omFTvGdM7DDt0cBaK6UVMMKw=h)ijl;$9#17`4{X)duc^L
z$H`+Q;wC6kF5CFKzU+tJ4<hY6kVV|>U9Oq6PNX?QvW8V3HQ~GF<x~aoP3GPYlj^0H
z3fF!(i{;6PBgJk}5U(Z9wO41~JL{GNj@gbzD`N_m5J$OPpYnYZ5I|;gA(yb;t{V4N
zw?)8P`?ooLyK4rUCM*-q<Wju>cm{n@fwK=jN1<V4>bV$k??&_1LIa7tffgHq4(NN-
z(NTh%eil876GO0#iFK;iNsQ0J%Uw}w*~$3B`>HQMhyBO<Q1o-e?e}6W;3?F8ksiZ%
zfD9IM=m4No-D{Y+?_)3{H8G`eUujCf5>@PwSDdJl(aF4G&6Qqju%yaTD^I@{_I_a@
zqTx`@8C;$CRUcqWqt1{>L)>Ah5vJlE6a=y;a@eZcI6v~ZK4baSZYsN(v*)bk@J%Az
z;7g_oZw$$)^4G^0UHhn+$-bYWwm=Mf+M@T2Y1m@M911S{d7<mJ?_y&-yQ5OiVFVzh
zC6%q6@4X5Pa!-4y5i?Yk@T+_jgioujoIx-LW+D}2q|VB5YCub?=&?r#)KErtcAnbk
zhns2&cDp`*`C~}<-C9!XspZdZkV<EaTlwvMt)F>;{11P_5!OtovkJc=7GuR<d<cQs
z&mb*OZHU#2Vu|mVM}lFs)OTbA>-#0bN#{!kvQ&3TI8#+qkF}JZB^BwQQJnA(UqJU)
zE}noP3knm*#x(G*K}TQvk!j0GS)>OwU6mnA<3@BNgcjyG70y%h=FNvbRGw`Pmj5&w
zgm6`dJL{;b!xME=i0#MxL4mm$s3&|KBJ@@KZIfQ|wrYu>3^#v(1PKB%p`qzm8n(jV
zMt{^e(JZwV%v2j-==1?@0<NK_cs8~mq6zVic#&4y8VWM7zU)p9CWWvpFXR#^1JCSt
z2eMBw<e?=tBP#G#Db7SC^G*eyOD}6`Y4sDyJ^EXP6vPUQ1gpc};q~H=pdO8}vdu7^
z+olplbL*Mle+2Ou4u>pP9jSdOq;t0zK;`m3$9F<B=zcY&;PzIN<v{8iLgy`m0OBwc
zN%^i|cLOsYYh4w&);(JKmwbT^q8Q8r648iv0jF@ed!wHiUgvpt-G!4_h<n3WpnuQu
z>1VLSBA=qZJGlGHN=lzh6{o&%K$7rgjBUMwgu$^bSvbOeAi`6^C*T)GdGR)E6KQ9y
zhEkDA%lYnWJRMcld~}Lc+0kT|Ki4q)o_k^4n~EQP*M=sd)kfE?2@N$3wI&mtV{Ge`
zt&yoF%V!efMG!d24E=OIi4&46jT9>AIDD2Cdpjh0Pu~|++uh7*ap$6I73<$Mw-HXV
zy9P=?9V?}ALE<l0(vNF(@VW_Yc~)&;AYm+U_=|+g3#>6u^0_v1gHOUF9%O^<_A2yK
zcAIZ!;_7&38i!uRsvP64x-D@c@k_Kgkm5gfQtHFh8r;Bg-bDC&4Y}~`ASC~x80+|r
zX{F?4waTEE&&G+dhM>HNFcrcj?;+|A8uztyTrI&S*yS5V^T44FB5;rOhgDg8hFajL
z7Y+!r3LW*wa%ng@>88jjF#LUCU!>N4$`Th&{_1upoIXz766vb+lWWxP@k`vooGb9|
zdu>3as(;=Y`5^lx^+m1_asS-&uY3_^=pVE>m`0u$D?zD^H@Al$$9WUn-W78act30<
z(cyWVoT=JYH(f9CZ8!g(U~tY~Yxwqy=YY)ncW|=6;qL56)6Ubw0e8o#n?mX*?|plK
zP}I3Y`)F$T9OpbTh!E*)c2_Wl#pd5#@)`MEBS*96iEz8?R}$2~kyi4)p_^r=$^ClV
zzE-P!b<%4`lCT6@_OCQX%el{ZW}0xW&xxd%nG}vFL77`Gg5>0$y<%^yTFGoIZgz7I
zTnggb7H6c{Yj-*c{&Gq83<Y4b=4oyAUJ9TIG>S-9cdpbb0$6Mb)qH5#6Jo)IMh^JS
zdQwfnFsL@baAbG`{REI%{nj8EYWhQu&CV766+iSf!{V|(l^))SD&LYVI241_Qi3~f
zq3s@04!{<G!p~gdxyzh}14E2M*cRMGEKO}KDThuSZnFo6Nr)<31w9JZMOU781I|t}
zSc>%A*I(nFn_eF-EFu|gW+@;Wkc_yK>^}YTe@4onN!eN;G>M+SevGc@YL;z0x>pe+
zF3J(FP581u@U7G{V7(`uE?OQn(542-vodMPwskz1iVdXkqp9Kj7Osiu=&^CC;ep|R
z3GNTjd_hnm(Z1#Tb8Z&BiX-I1{28G2;ZqhMpHKx>mZ0iH8+L7xj+s~2b0x~B5|}2O
z6Ns{?8$nZuAopO=er7xp)kuE@0<D1}L<fod*HZAwx}}7$medT@OrllMKK)0)z33LS
z5siCw*)>v<NEDfEJeWN)>%7f|ty+ezUnBVAQu4vSEzl@a%7leEFy*Qpn<$idlW!u4
z3$Ar6Zw&ZpvFu}@u(yLB$O~$l$Wha0u;NwS*~=}AbvV}8Ve(O9UVPjtG1p#yyZ`Cc
zO#V<v>S)DcAj3_u56P-)9-2(+xx|+E2>yY#^j$Ph#$MCqpTK3if(}(tDuoiep<srm
zKM2+#O+yq-dqK+r%W%)D6z|pNR3XKZboUaXnjel)RjYWYHqA-Q+V!!mNMs47+?Q(2
zwey}9N4zg{r%df*e~rZ#e{jhiT7$1$V4E-WTs=rR{^Js5)n9^CKzNQw9i}V7!-vsa
z_dr`gc@y}{54k`;5cc(5@0Gg9FqR|}Wb`iDta1Fqq>lK#L2@<WxT>_R4e@|hMAW41
z*&#1(rQpwRJ$mxy#T%c^t%ax#mukeTm;I**s4@I2qeGY&YhGG!tN*-@h*tN<5zs2~
z#R8;4B-M3f3~apl8?+^0`KG(lVn}l)IK|j~*o*Tp;r){CPAB%e@xi8RZ&4nvkJUW+
zeeU04;t!ih*a!BS0VF7r=~w8{rVK|D_6KE~pryYwErbRn(TC0psF17=0jLc?r}^x~
zg#j6{c4B~sSsTM@yIeI1FOnTzOLXj=cxH~nejNd?sSm$aTwcH^_ZVWZ_t%_U#SJYU
zPRQUe{p!TDMV~p@E=aZjQCjAHt;uHo9UeHh_E)g*q#UQ4)y59Gw{1la42tPPTB^in
zP@H(PHA&>->HR@<rs|CUhUr@@gI7P77rPB;P`sl-^3IjnRZ>y->G6W>%zVqc$k)CM
zUHM#Yy*aqUqn~#W1#^tSelJfs`v{F-$0%eElJCLJ8zY+SV))Bw1kHf*4%?DFi!UZv
z`7pta^ScbvdsceG5#aUt-_ieu@$^aw+;Az<2(5d5;~TD?gUs&$3Q|tadW7|aLlTMm
z#e!mujO6;mMQ#~(Uc(twe-IrM$WW}#;oa14!Bmw<I*ET9sDszW1K>}7%j9(8qb+_1
zd)Hpu+$N;+COqKc^%(^HJ})9~F~XZp9`z1en^lAxw|6Pss2{Z#LdAlm#E(DvtzBgQ
z5pZ@&*UBv6LI`=O*6>kz-9}=2ZV<;O>k5{>w_!MFha7avE@Anuba>X~4pHDu+4_jM
zZ?^9FGDJ@kEqsgUVArxHB7aD4Rf9WHK~sOy`B;o@I{~w(_1pIiXJCS)9s+rMrEj-f
z*-Z%e@gj4Nn;kri^oEd#Ro1{-;;xyfAl{Zp*!YIc@KPas&Z6!th)^@<%Zc9V6i<6j
zec*L>fuPpzRj3MhdpdN|wp;EB_0Cux(#|T4$rj?qGt}^t=G!^tvqRFCAp$fp+o&2l
z4b6ybWE`ScSKr%w<ZS|b8F#=iuy{lq&Fq>!%#f+L#*@f|?b>oEb)PKx?f506{xu<C
z75RA{WNshr2p>K4jdl;r@q7=0!y+)*40l%`&F7*(A5})np6D#l$8BDKa_(_A+-O0q
z_9I5rH=w-5ZhVhnEW{a5@a|n2`T#<*OJ4`{Pv%>f5pvR#Fk?6HMYVHOBc^N4xMp!+
z2d6XBR#$}|Yi_+CFLS+)n*pHSOlSF=F3M)Cc61=-!$sTtAkOwInRsI5ol4@kiV^wC
zS`en<Q1-vM1v2x_{vnxGpmFHEIH1O64WBwKtdr)zkF3EOE}B;tSc}lLjObm`dyD&F
zeHWohMks9*))#Ez&{F8otI&M0-T+DU6CDvyYgx~6B|hv|@s#DxylI{rck>Ej+_G-l
zz)K``qb9w(km#s!tNr?^?kQO5cP)OwbZKP)u2(BdsiT6n<dc+8SL&Rt4OjF-E90MR
zP0#S4)WlUXhxHUXX4&^@5J0t8??^JDHx?4;A$&UP!<opql|<T@;Oo^(c4DPECriJl
zsk8h;3gOf7d53EiExpgQDxukTwo6Ie0->-CT`VG*boY9A3KNu|R0@QUE9nTbS44O8
z1s33;kDY5Y*$;~a)_n{JlB!hv*O1gMOD9rL911XdaO|+GjnM908Xvy;Q2`U@Yg$0o
z?LO-5A%2!FW5;_Q$W(tY*nxzWqTq{TKs4tFerYo1SzIRgYgHkjp~Yb>jomwgM`O_A
z65OZ39U*7$DIU~NvDn1e8PEotS`H?(7u&{g)y)-cHPhP-2Ff*yDB!5>E|?U*#?Max
z5k718!q40g3=7T*882R)h*JQ_bjdjMh7&KRI#0kib#+C^4Nv_i9QQ>R*oSb-_9g&F
zh`UTZAhD|ho|*k#;;M5!9ZtC?r-%oGNN@V9#vHu8<Tb10?t}^IKU7XdO|aXX(x))I
z1a=KpjTe)mtHF;(lhuhBLqT6w4r%oR)~$gzddvA5!!nvF{v`!YNm;DJh+7*;{dc!9
zOsf#uu|JIEm2BU1>dXx#R)A&c`jOvo;7v07cAzG_NzAQg7#!jNIm6>=h}AnWx$pyQ
zOyC*ZF+`>B^+N&6gcOR8>(K}c1|B5K<|Lxujhf~CuD`Hm3yeO!7+uQ597sOI)!ljZ
zbGYxRw}(aP^9N*BYF$ev)v8_-BD@uICiY9iV1ncd-)K?8M8$j-{rgr!KZ-S)H}Dc7
zl+wh!{a)WWVIxMk-Wbh}k`!!5Unf}?+E?9&Xr3@p_XMwcG`XM#UcOfbPleJ>KjGxu
zfRCA|y$dHXqt2hYH#UEL`D&f2`6kx~I2M`z<yxu7D{D~aFY!qld1&iFOuBJKROsrC
zFp$`erkxObjXT0G4ZwM5IP@G_p_vC&(}fXwW=Sm5Wy@Ukr)j2e$tmCVUFgsm#rGXg
z+I27tqjd$G&82srVOvF>=Yx|iO?>7LLTu(orI%PV@7*GZUD@GGr@${Ih759HuHym_
z7b*gKacp??pqA3s&mms*K*x37Gv7t(Vpm{-XtA5Z;T01J+TpoTHvZVB;AVf@Y#tCv
zb&c<u{v2N67vB8)VP463ga8aufizV}SCbRaF`QP(pvr3WDsIjB-|DfGID+n#95~k|
zX}D=dBgNBIl2kiHz6>1B6vt2-61#(u1W=f;4F_nq6xwfTNhMLckc245ngSCeT4>bz
ziUsH#@I%Nu?E7USC=7x_Zf}5P0{n?CWPnP4^2aDwf%Q53KU;uYzZA-_Xf3VZ9U5Ab
zYtC{?UZfqvACnFQLO2{o_xBDjHTDWo?FO-tix?1Ty4KV<*gRvYR{23v9n}`X%}|1f
zj!V(fA~%6wHf<=lmv$wnHF<42NWI1d<T&5<*U^JIQF>U?qwzXwHJ*Y^GRu7_zdd}<
zk`Xwkx_BrI5*8R8U{ShGEcG3}d)Wh>DiYFN%hHRUF0jZCezA4XN+IL-tkaWRAaUO6
z#n`NemB#ymY&U&Z)p|*MwiId15zciqJIbx=vpfDiKO-ED@WzFN*8X-Vfevr-<}awl
zgjL?A(5S1$#i4*}ilYxYALLb=m!Gy%J(ufL$lE9A(x#=Ol`Bb|98u#x4GGQvGzie!
zg}=&>(RDpyV{^;SELOH?s#;o~LU*zX06fa&==c5rTUgLbQhApp2=@Mkj7@)aAT6_Q
zyZqFyw^V1D1@4MXV3@cwgORQbFR$m`{=>6_NSKRrwmf0(WwFZH&OZnXE<IY=eg5fH
z>uek-eN`~<h`}=I{mq9mL9HNeT1ks4NKQ-ZTXm7p)X(OAqqw!7yC}7~t%f2w&T@lS
ze}j>6K^I#M;rZ`U#fJUv_lpOk^%y$&6EIfOKYH~%JIk5bQqucwjx>5APuI*ttvmAQ
zUcpLf4zFnyn<<VB62CG$vh%ao=*Hi|Cecf-V@R$4zA2|a#()=O@dX7}aPOwYeUxLN
zNIFkF371d<i-yEhuJtp#D-PtHzESx`yHx&w!r&Akx>klv4u9!wmFhYg?CRpAU2j#Q
zNcrUYAid)9dJ}gF{;)aV1Hx#Ar@r72C+LmN%js{-^3IaSYVKJJ0$}N<;T)4o9|3WQ
z?cD9he{W?T>ke}qY$tbdK!;9|?1!GNAT=I#fi+1&|6R-_ZXK*X-E`q8+D}i3Pu+@3
z2n)?8izDV8YCn9>b<8JiX|Do>=@E+z!!SHMFchaS@?=GQ7rAEp81nvg9*ci|dRQGy
z2J4=5>JPG@crr9{5Va|GJwJ)Ql+N{Jw4VI6ie}w=?`AvZ9^?X;nV~he%LbALxZ8QN
z+!$TdUX*Aay*Y_LZAQ=Dq_#k{RVSZ$zrS7<aby@(O>EQGaq<H&wL(77neakStqhO?
z^U)n?wpk2F9P$s}cMlZj{<Rw82zppT=wrPB7sPt))3RK!yH`9fpNu7dsY5k^lM%+e
zw)nUYM^suJUdR0H(%Ri!)HWzqX5=uE$%F>LS^h{97Yc(_U(!&$-j7lZoTuE0H~%3@
z`3TI?c6UOjpQo*95sue^*Z}oI&!*^yez}+YUi<v(#ahedCVk)EKg`BX18#$PJJP;y
z_GO7Q6;Ja8+7RYf5namsqPO(#Y2#Dg#5<q=URR0H3$qpaNq{q;FyDkmsgwK~^J+JD
zESx263GvS5ea#y<BA*J+jR<;0h6`#M_COg>n;}<Zw0w<j>l3uOA>UwLI%biJ<1q+R
zgz$Y@H~TqoJZ$1!m?Z3{-0AzI$iUqbU9QT%9*nCvM6SFUDcl2`A_w9Wvi3R-e*SXi
z7`MrN*YF#>7ceU9-T2@UF(`y%8}8?oj>ix91K9G{%V;w7OOn9Yp^tCg>1TK--q#I*
zqfkNOk({%oYvTh?8iwbKmfN@Eayw-d+~R^LkQ7GJ!qw2gd4*x$IgUS`!47jg;Bd5S
zOT9sjX7Bv;y452;np_#Uug=+HY(X!EUeC$yL~d-qyga!gn^C=7eXfR5LYB&2=$A)G
z2A0QnJyo7j@4AHaOHlh>B70e^|2@E>IO8!Dp_0^REa|O{n?d(hj&3C8M(lV7QKIbn
z8P3bCGJOdjIdYN9(?cPGc7vG0TJ%)7#dkYN$(YC}M++>t@>(Q>f_c^hG)Ki+TBXnB
zpR9Tj{S7y!*Gn0@I$G{bD~(f|u-P_FE{<C{f)I|M`q_N*d*RU7)7)NDobc&a1xb+4
zxi@zP!p$Eo0@7eDyHO5a5poVH({Kx3OHJl>N0wu&xVPPVBt!}R7ql^?KCwKq_1=z3
zwI1QtoQ$pF+xU)GM;a>ooMCU*AED}TRJ6c(X;2J~B5nc(`z7T#%*_eEOPMln%7oiW
zX^fieQlwS23#nQXlQlf;R79;rdOk3N6`Q_)@p!uWSsNHIxPV9@++b*ZxA#YY6gY)H
zOCHZOauIC$E|JQ;Vez{vyP4{3VBKqmTc-#@wY86j_mr5Hn@|sr8Z`335}c<!b?45G
z34n%W{g{_m?5d!dhm6l1D|%<0IS6lfp#W92;S6>!;s)+ohD|qw*Ez#MB`b(aq2(t!
zwPyK1SUS`90lcxOpeNi=m8enb^O#G)-4VHzSVey>16FdFMkhj>;Me=TC5&62(5x5o
zTsBV^r3Pjw*jwf=PC>qR+jN>Sm2LgOcl%%Cwy+88I5{`>3gSMtYh=+>Sj|D!t*Sep
zTafQIZ#T<X8tmGyQjp&uGzeDbJ~6))jS_UFaV0WHJ&}{68wV=9-qi#g27%7tvV{xt
zr^%PcIAjl_R%z$hHI#qvi&Cs$jvrCCYLj&AH3kkHpW_a(w4R4Pb=e9zNoY0)S#5jX
zdA{)oNR;bRcmfhu?nkJ>GUBilC=7iuR#JxC3->+z*s6cS9XA(n6?AncDF9Oe!P`H-
zUkHYp<6|Uf(C(NtkDoaOkVO}f&mo$gMkMmXd8{Pa^C&CnA3+N(eyVv}ct+eH)dfe&
zJUcPby}vTXsGU#ZKa2^Vn3Err`?*H|JJT@1LwetF<H^Z_Y_W_nvPJM?xH?(V!BRNd
z*O_6kxY7oM_^u25LEZO;<>uNZ787kNr!@8$3BC~4!{7R=GpX1@v>vFmH;`qM9nDZg
z<W5EU?QM0(Fkz6vVeN9d;j7%o$%3{cpuW>vsc(VPij1b}r$h7vwD`2yg1!BlAq48}
z)r799IqJ#<qOmEw8}eLpln|tw#M-b!A@dzENu5KF0LKM3VVh=%^C;$2+|xt{g%$-l
zr##*{vPbg07*T%Z;**YuQ0r?C5!COW6<>R6bz1i!Y5jCAUBK1K=oRDaG;*#&$oz*P
zel?)D1FD^*aSSoAcmRn{7yRPBCiaV$jNuR<2MOFrd!RL1ed>V}c-9k_Cj8xnxsfM(
zv>U_;Z?QieeCHxzm-3G=b5tz079oKv+P0ZFK7Xy7i&cPI?lDDF*7-%VboFoNxj<4a
ziKZ=VG_pb%`ZU7p84l@0gVNQOdLCly3{I)ZFGje9ZLg~xWqiKtC732iQtXEcH8raX
zX%fBU9)^$>la!J*F1<$cV0fRPR>#dd^-UxB+b`0C>o=v;Gu1YPlD9#}%U5?LGK9Yi
zZP!yUt}3UAYcu;OZ1P=_?9r9=4i`@J!q~qHovn~A&cjHeM5D4_8<0HA**U$WX>TmK
z*~dYdL<k_;wUU%_Ue&uAzpkDI$VB~iz%%HXt8Z{?Kk&LY5q%<oYg4FDdkUR;7}^9b
z=VbTZOeRLeQDldpr<q;8J1x*D!I$25D!|9q{aZbW;EnD3{Jo(9>MxIC#Rn>Oy2Z!9
z+ml|r$k@@v4#A%nEJDADBkk!1Y#t?Ix?IU+Hd?Jy?QM9)c{ZBXSNgX`Jug7O55$JS
z+iWZ?zn8}i>=4#+((&L-h(HoeBZt_ecVP4w(39tUv+Q=zYz`w`7ELPnF>E>hvAO6?
zXhFij9CNe`Dn9e++j@%Q)xNIaT5~HGAywHW=|T#{EIzem&x1+<G+rw`6dS_d2$}0C
zdM0c%WuIp9$JRH$*=|+)y*zVBwPsq+?}u_20jI202z+LsNhvbo!{!XJ&koz)^#To2
zeQNoRoU*r1#>{G)3{(?bGb_fXB2a@F2?DdF`;gt@Ltr|-rxI*h2M~DOc@nZMxKD-#
zs(^O8>H&+VO&($Jc`t(R#X1U7mjN}~DNeEXek7YIcEcp1``OC@roxp2Ltb9AJ-mG4
zua#={FKRTHP54#&)_Kfb;jiSX3lU{AV7z<HGB-2lv~q7Xb&Mr>aK0JMp6<aT?!eeP
zMI`U(uqF1VL(ZJHF!@YiBfmCU1%H_HEaK2GL8m3f3!n0Jzz}ngO%GO+am_j6NgsK_
z{gxX;PIMv9h8NAQ8u2zSF5wT8tKV)LtM+nO#3~>l^no2Q2a<qXw8g~R4OO&2?fEP&
z-qU{VMNV&@8pg%}={1bW`YTQb1ROS~ot(#&@2usovcAC4G-|>x<1Pay@ede=?Dm28
zPVXkO^DqD*L5YJ;?Rmo}lUlpnO2E@${ID-2w)hFte%NDgWxlSm>&n`cGMYp!xe039
z$m)^yyXhx&D((81;;9wbo#ljGTC+!AV?j0YELoB4BmTKbTk)L9j{76K+567Ne(Mm#
zjx5A<)zHL^?V<82_2pdeDQj9f+**ZZ+B=E(hST#Y`WZncea<h1JVDs9?6TcWn<mUj
zP6qKALMND}cBX{CP10Jnf>+ZjFYW!{6yOPETU-wCHLfMjASPo(!k%>^80_yD7Q7i%
z_vnbPU_v;eIbm-6hVFai%nC<-=Sv#x2X6o!RwpwS4sf(Q(aPWb5!o@8eIJfYna<h0
zhH0zj77O3oss3<3>nBhuA)a}ShVec61|HmRm_spEzx8VSokM<GJKlqYfWx*|dzSk~
z1W+k3gT5Mfi;Em#+Y^B71FS^iZvaxYZ;@p&;Y)hRo7AM5tsYl+xAS3oK**V7P8O&b
zK;Q`^+2O>cI(VcHpz`67DAT@fa<wqYvU=MVy>$FFPcyI<1_dnwcUKbmbm-kpH3!d8
zOa~22+pVNHl{}vRrD5*$8oaCKY72tuSk~<XYc^RQJy7@K%dZ&--fqqtQwPydlhh`Z
zyv@fumn@pR5Ub_W5YDN3<Uh-#Z@hH>H{<#bYdl(A9;BY7{(j*NpHK;CZegEG&~KZ9
zGszJ?N%daHfzH2nrSF_hKq+A43j<?Obr6->6v8Ke+3L)%T;W2+QU9HSvXCmysrCZv
z-@d=?zOPsZVak5A+kY$5iC)xtxdgYRwpg3ljVOljr#K1?1yFv+HWPWnTq~@?+KUp!
zP!>*$wAbv;J5ar7+=>naKieXZ`#+UXCpi2E+t-adPiaYgG>owU&#_j2xC-4x_TV8j
zBAVn}V56ZL@-a-tD!`Ct;UC=(RVkCnecaj0IG(ph+CE4oPY#>=g?F4V?8}%?v7wFP
zpx`s?1A9%Wq#UH);#2dq%DkrM-r&@*3lfDso2(wDb2G3gn~RlT-29St|25{eFBZT2
z<YB}x7=wM|)h_z3+nf%o&qS~6tzYs(_>!iqMIom2IA1_i1*XU?1rH*cf8gJP1D|d(
zDR_3y?e9^n>Ok9L)<VI|!%1f~w4>|l@nVvmwE1fs85TQa7pT^9eL1Ef-iObNPEnJD
ziL@p}0Zx$e8|+rArs*Orc1x%jx{nf67zh|9RfMlJf$XRm{p))G!T_4vaH0ln@IqFx
zX$@m89sZ(6(*S0sDvaJ`d^8tVA9zt}pDp5<(S8DbP{Cu@<^J@QkdkswG}F=*&a2kL
zq?kYjt|>%{T=u?2m)FgFo6+x`-LD|C_r8uoYOUz+tJn|JYc>^mTG(>ah&_f$o7sQq
zCnY_u4~rB*$|fQ@WeFHafSfp>DH^~~wlICAJL7w(hc1Zx1*w<D)d=nTULni3r?AX+
z*>!5U5YIXj>`Tr6yT`@e*}xvRu1!VF*s`x;?GOe=2{aY|LKg%i(N)h!TT5EIe}(J5
zG>c9=nn<IILYZMN-^YrwPjfF9vQ+Av_qVW-5QohHj~4M?0f~gv@YYhb1nhNd-fZmm
zAEY0U;zXaD?ysu-Y#P9FrkAh{R4b?q75OEuEhs^?kF}$$Q6#UE!~3HM=2Vj(xLJcu
zE@4Xuylm;{huFaG!~Db1BC3m>K=luKQ*o<<X{<?%=YST-+B0f*ENT^1i67g8XQ$dN
zE3b+qYHI6hf4=d1;myzIsc7n{Qt;n2_oJw28A4dP{#4qlx0;XfHgZP4t0M)EtbwG~
z7z!KNK3*dN*`UMZ=9i4hK$|q|m{!1@Y)|lr6HYSg=0NGh-&gm(NMBqT8)?X8i&&u2
zdf_m%(&fj(8$#~eJ=C#}TkYkJzjA_*h8QRay`lT@fL(c%5dc0`%3h}axlD=Fk!xvS
zE%z$<g%1${-#a}n0ofN#1SV34A^yxnBpQ#05Z2#^&;+jEo+=2_|7X84Q`ODpBKmH?
zzjh-MS^9H?pcI?W5`;Iw>crHM;GIx$?XKHEp*7Hh=NhvpuN1%Z8|3i}sj!r0L-JqC
z!OfI+15e9h!txp0Ab){`M<CM>c*gjEQKRz`_>NknJ@P;aH^z}Zl+jJK+HB(fXmZ(W
z9T8yS$T7NieuX41Ap%Z+X?y0wjM!OeIdA>hH*tCrqj*=nHL4S0B{**VQ?3-g>*K2@
ze7cN=d=>?=4WV(AIEAAB!Z_2Z_b!O|Adqq`07Y9s2{TS=!Tk#5h%^T??RdUCBmW!8
zxxz(!<s;7=%cV<(Us9G#?2qk0NP&*Vb4VG`###^XP%*-v4PbPhm%m>1dAS*b*QP7f
zm|UbA?RD+%$@V2>%YylF=x_@x&%X&CH%Tr7UI76#>PUT~&-qxcx?f-6?99Ni<8_B?
z%36cJ6nTy<mNt+Zq=G8A$_i$7&3H6)i4is4L9hOQv8P0G`$83m1jq%^yog(sj^q7)
z8AR++$ROAl=cuyCR@de6<tf)v*g9>21ns}@S$Tu^4>BLO3IWY+;W;YG^ukx2i2{(+
zVsNErofCO{!n^KVYa~i-!^^!tz{6;it<zefFN#3Vy*pUb`cj+H;X^OZRVw-Yji>?&
zkm|z^@b-+1c+mS7bN}++gv4|`<b_rLUHIUQpo2zS80&Fw0ibR>0pN|+BOozPS$i0r
zp|$Wgayg5$jZ+q}$A*$=RQw@akc!sU&9sP-1n(^jfG-YftZgWPvJG>H$3#E0B{X}l
z;T#W&KL5lZApYcRnOF57&WGEO@F+$mt=7n!%FX2!Bnd!Kr^p4+%PD(&*DuqmHC%V}
zc3Yz>_{tjrNGmM*wo7{jNf!<_j&E_%Y6LPDq8gk5SSygOui-aTB73R<gyJqp%DQ$T
z<wiZ|RsRRMZUWFeSu&^oH=okt)!903zXNB5PP-Gc7tj9sPmoWZx+RZyVMP!KtLEMt
z)bFb9wJN0xNdf>@hmu)y|BtInBr_Dr4WOnvu?8r;zZddYiHsEb_C{|)6TjpgCQ8uY
z+N=W*;B37l9mGQmX&51%yUBSpxf}7{e;nlD&F=X6A7-Rvc|JrPx90+2I~(AQH&g)f
zm@(6;*%{n3$j1m$^}~ESCo8<%s5xiV0-YkDp2Po;agg9AZ@Mnsk1y4oA7x(dCd+)6
z8cf+J_cf|b6lP7pd@TC=O+U{A0R}WgvGH}2=fe~K3t$L6m@AVD+5!IJy1GthsX*gy
zr-k-tumW#p;ydph30VXW;OuB-b^xx^{p{;(tD7CEatQn8J3J^(=d$9VHfqPQ%|F%>
z9EHGc*z=0p_3$$(D+0U4jm_wF3FE;v<HVBgXW%~6k2y$aiM#!`q`l=__z$l6Vtjw6
z*tK=LwBq~42gv2K{In%(_Odf>ISHBFVW5nF%AI&RpiY8%A`wu%zyY&Xv6}17Wx-*h
zH&yCCND-Q=3fa6mDM4TQR2td7q;+?!1pL!y3&6B$IaL#4x%$0a;JG9KlGb})=IQcl
zv;H5*J?xY><K?pHdo|#OI785iQ9AC0x$i?G+O-9-A^EFjq68_qSe(`9#i%Y8NH*QQ
z@B-jQAl&*t7aB)}HFxqKc<YEBBLaZU|9=19U!-6}UH*648;KDPfbIYHzxMzC(f=5=
z|Idzud>K_5J1{NO<AHo(Ri)J?{c#r25+Fr+YBWc3hhmrrxbGoA0G^8lNao5)`xCn8
z_Z;GxA30EBoFsTF2XyoL5D{tkKli?G{K2#P|8sD7;VmOzp5Q+GEzS*@lHxv?Q~7r@
z5poT^MMwMxkmJ!HQoZPD{5{gxOg+(JV!9pBV_4hX_-l(kJF82)ml~r8jVXT_cGmCm
z^#}66p=9?KV)}6$kQS|)`9o37YB25-U~0~255|I(&WmkaDT@VsBQ|*Q1poQ`|1;_P
z<bO%}R)Z#e*9?95&!-0c_fz-c+<@++6kTtQ7~$aCyt)cSQoz??5%>6y&6X8EJ8yiL
zEs^?Gwn6dIfkNsne(k(EV5vEHZ>r)6T@Dp{4pHYZvDBOXlUPnM_UwK!%2qxp6QdsX
z?%f!fge>R31aH@bhNO2~_rNq{Bs_)l`-9jzj?ajHO1tnTn>ej<CJ(?=Zwr?QYRD-H
z`Tp%3?!;T3IMDt_jQ6Y8p}Ex17SGo~|HKflVL{Gl85-SeJW*KQfGK;1j<FRB`XO%%
zr~iG3`+q+~;ECgZCU++y5S~qYT^}Zc{)27PoOIK)4L)1Z`_vL}r13fTYmaLd2$+Vc
zK%ct=rI*kP&M5K^gZ7P=_XD}C`QM+;8}Wx>Qd0f~Fd&!n$Twxm1=6N*qHtv&kti2-
zfY56VApP1C8Ya7-AZrS|deYZb)Y~rW*Z|SdhvUM)Ro_JQPWT0c)q6f3w408KLQ(N3
z&3m|O_+UKpf2s7MvPGgRTqY>!BEi9Z{|n4r5N8OPDYe|_i_qy-mKAa6Md#hSg6gQC
z8MeKpFhSUOcdC1FMDGU<W6X}h%`K#2XDW$7oNt0aKa&@L_v$N80KBz4-x?Ok!i?4@
z0~3m&#33_XL#myFpb^`*NQ?g&f5U$<>f*nj-T#yLjU40x^wwiLi=WzD5^;R}pxC_M
z@LzJ-qJOtct9(o=1Qtyg;A=DilBQhXr0oKQ^{LQ30DA|ToW1UK(*CJh!(?|NTPFb%
zZ2Y!B00EP%VyPR-1f%EEa4={94&Ng>&3WgeMXhY734Vb`U{9h}?KBQFbKlLHvKVfz
zyt}$KeZk~}j#d(d59|Z1L?ppKAqn}b{W!O=+(|WHw8s7?F8&Pss2<OEyGlc(3_n)g
zH_<DZ2f|-P(=gy|4g-e~iVTsJL$oxhLcpV+PE#0;TBAb0b0zpYUKDoFtKCSZs^3<G
z$QRwWygr-0|L*|uF7JQyu|GR{YOtVw##LuHUu$GD5LI<AyjV@a#PhuG&D(g~5qRNs
zwlTOi#<+fcr;;z?6dLi^sC=+Ge@Iz)d%8rPs*-C91bWjyr7){Os~eleO7FdDdvD~d
z-z%#-p70p<1QVlnpxMoqedCubl}n;4^?ka3)AyD}^+&Jj>-aclkU2IEK6^&w&#OcQ
zRyCW&x<BiRu+6F1WagOZJe(#;z@C_z=Uu`D742ZvL+8uW30<<_P6|0!{-R84C@mdc
z)<4|%);a9uzG}P{J9w%^jX%+)gR@CVxRML#QyxYOp~Cci2(-S0S2dSNk8rVpm-pH7
zS&2W54vu(ULdma~zO!S+CpP=}GF05*-;@+#HZcL@fJaA7ynZOk?ee%2>v$<nWJteN
zDOb8Ziff$Awvt%?Q{rUC4b(fB7PFz*ubNP^6QHUZUuZ4@!d^>&B1>Em=6+~G-r;)K
zI8ov6QVktTiG`w#X%(d*a>gggSW>};0Zu?RrlqG>MdtT-mUf1yACU{ijH``91Pg!_
zvaC$j=z|E-Fyg<kZ+Tt!^$>ttr+6_(G{-b2=<oS16{Q$XefJ0hPmLA>L(S(TY>A62
zleh>ELc9&BRRe)Rf5omW^**ureAx=a3ERTx^bzN|4^SgLD7OW+EYFn(8N&5p2Q54^
z9^}8@33^nIn<#;Yfgv!CTbG%+;9~tMdXIcbFgjsgMt1y-WSfLhsP-xMqct!F9Q)q$
zb-*rb*5dG4T(%d36l%571o%MJqw%cyW|&Y$!aV5i8psHL@AXaDElCd$Y#&sOTHMR7
z!xPwvBR$33&vic6X9#<_X07iQi$0ZN;7UAROewIXtM2HwVsE@c@apCf+X<9#j~Fa@
zb$1_6jW<Ot>!Z=F!FOvx{c<k?q4&P&epk=ve-?*F@4Ms%e6u&EIq@tHmboBbfIQZ+
zYdF`-9L;D-Qt=VDc?Cp#y8#j3%?n9B|F?*5QMN7^=VeUd-=~t^2}dt=UwiFDGm#78
z#z#o(G*6O~_e_B3KFeO}xDv@$H>*wgxrdXvfmD$F;Y{fwOh_Gtk}Szollu@>d%NE#
zzLP2Y{X}N544R>mC9n9>M`@9Q;7kTW-&bQdy>jcwXOk&Ixv<ioVVdN|>a2Jrvi`Yr
zH9>wksMmO1f^EX@0)TJ2Ddz81BN2~|)2~9}VLmHTIc9MVi4}7aOxWnN(~pnw&3mZG
z*5N_yXdOK)6-Lvq`Lf%7bRamEGp7DOzjC35g>#)!Cc@oj2ihdkUZ!V9J=2fi(Dg8K
zy#!<92hqxT;O-?~1k$`YCv&*1pef#;%57Vf?0Qe9w^zJe_?EbM1(GX&neKB@+88`!
z@dNJw4K}j?9y0Y1sJglbZ=z($riJ*OT<)IMD1(vEx2k!E_*c<P?(-!*t|OxSF;okI
zPQt^?bAy2Y510&~l$+?yA{|Z>bhABt1kNwh+SPO#Z7Xl$2swHV9R^vloABo-pN-ev
zf?F#pm|cZ?=2H(n!Jm%l*NDMOM5)uHxD7w`&lxSQH$7F(qc65S1!Ij7gd3d&r-NRb
zWQ;di_f(}u;L;CF1-S<j3llJZHUPZjKGzF$$%M)9ivihTNy-9@zuTo!4%_AnljfX9
z<`K>WP5xAN=zAU2&pUAB1#|}?4qh9H6NR8dsAM0_ja-QqWwQ-fD5}HfIuIe<3o4#h
zn6^))xR>jkUp018sQ$B2kM}khKb8bGOy4~FFw@*Y)a`V^Ga?3x32Ip54>xlMpnr56
zV2e<Y7L^Gt=QUjK3DLoZASC}<ZgJ80r0?UB<%kbdXB@y5d3<+UNq__W;kcEpl<H!^
zEEk}!B&HE;_qrNvmM$03!K=_=l2>C$%2#!Pw+K3av#SWm8sdC$pfS#KK}SoC2la(-
zb~lK>P%=3fI)^6{;PnBFbo0k4aIp%x3azj|mG-~Eqi~3R%g?FWg1rkohDlS&{5i)>
zK@^9c;@+xVt3aXT=Osl>UedasrP9P~sRljnxip0EsA~d#k#q#sV(};S-5fL3i>vlx
zVd5P72qD0XkQXz{`v5K4@W6w5`oMU89~pHl>{aut68KAp2>%DJVNA#$X~-+9Ry3??
ze|8A$0Nb!An!nyt&=)^Q=<?t_e<xwLac-KX9$3A*zQ68ywj-F$LSO#`D2tTq%2P1!
zZtB3|j`v)>x?aGYt`clbkDZ?UP}ijY{qogo+_jBoSMRj>WPSO+A0TLXRjSIhm{!)U
zv-v~eO;Y0Nqb_N(e<OxKszk_%bmCK?PVMoxZFE|0KM1U>SEs4V0CS4;7KmA|P+i24
zb&EJkS9!mIvhej;o(;9_3}XX!XL5l5<HF5A;011TA;8ig>?d12)=lS~Q`~j&>um)^
z<$@@;H<RC(J-9xbiScAR#-lazNmbQQ_#WbdW2rHCDc+lpUf+Gj8K#^_b;=6&4q0g6
z)c#vq*PTa!j??*m1&X?+HV7Uh)BQX+JWp^G6XL@h1meBJyoRqLy4r7r;t7+hb*1$<
zcR!L(xKduN16k`+fKXyvK=g|CXdp#=t5-RR;@qtpd-f>;6!dzqT@1)i5ApK6QrPD-
z8-=ZRmT|7b+_7*-a$z(RRAPWH96eT9woge15fs{`iV$3F(U>nKIj`|e(K-6N#9u>h
zI);j~Ha~_rzTK})aE413-DnuaTC#PaT_d~~8YahQ(|$eig0!V_Z1&<80VwN>k@shi
z@dc}!c)sz(TvC$S8gF)1sPb!STS%NaH}8@i5g!3v0`))!Ig*h+^iipOX5bfRmZJuE
z5y)BrS{IP(&1Y>-tW(Qmr~<%Z?T1y39mJkR<x#^_(077`>k-uWwj~R4KoETc+terN
zF(gv)GkZvjEcPmco2d%KQT*p@`p2E?&oKVjEuF^8hvD491%7>;DSu#v#zCBrYW5tj
z3>Fyl06;vIDk+dJR=Rle7V(K5&#SD^Z+0Db1Hon8se8NGZhDIA5r4#|i&Z{3?To2S
z3g3XNIUU{(zQt`=M~c+?BA#Kr0vO!Se&s%m1wX=u&>yqy2TR;sFWG&<rBnQEk;1l-
zui9^pM4zhbs;zhzX+`e$=#VYL9NycpGFd{);OoH32bfmA?qkI(j}^U=5`f;HJ`QA4
zEGQQKPHkw8-+#;8AGUM{y1y!<O*oVNf5SLUg#IrWr#j>x*X>4;sXhpE^JXFWI*2QV
zm|H%qx5rMem%)gT)8KdfLxj+V=a(FZM<D-W)^IE+c=PiXU;Kfw$KlVxu>|{sT10?x
zFGFs=fQGxptEcMwHY4}{0?06%iUiJhZ`o$}VbOa;LYRPMQCV%tk5w&@ccjXFfFIUe
zLf!}1v(jmLbp^doo=(#wtD<I~6tmDR()T^fBTY_EARuVU5%b=DD0B7>Z<MqkCEW#D
z3&zrqDTFm1xc|<f+Sez@d!E(?rxGdpM?FxpB#O4NPZG}a8L{n#ME)P_{pCX(PuQ-D
zLU7BV!GZ@12^!qpJrIIxaF?KiyF0-(5E39b1b2s^0}Sr&uDd6{ckR8-+UGww=j(i!
zf$plOtE-;tz7*)9oH`0S80hChIqOtIM+wK>uzoJ)=Vq&HIg!yN)OI+=^YWsEMXj{j
zT_!Ln&MyA}yXtZ!aNX-GZD=_YI=0LI;%Lz_xgRwlK~@WclZ_<=f)O$!S^TJ=ZoIOj
zau;VgVQP3|aa`kWG_DahUOILMg^z1X$pGe)lKZ&seSu+TOSBp3)Xga}&o~j~(~y(#
zf||fX>yKb%CnjYqoMnlvj39p{lsieCI_HHco@<)Is>%AR;>Axu2?(qj+rI(AMXhU)
zrkG5TeXvIfJvy6_sYAoY!gZj8?BjLp8vklR?y&t^>)av3r<uULyQ1mA;*UoxX3GGp
z`s52FzwBLsZL0U0p^ty_C)4+wq<P_+4x4Iig+Mn5mw}#DLo%i>U9Hz)^}*j<Ea@l2
zk;S9CWhuJ<#U4<)DWiONwiIIhc#0PLAK}jYy*wX7k&&)N8!7eSuY(@wIer%oI`3b9
zi&N{04SP0_$d2RQ7+1m@6uDEcID5Iy3vBFWnS7Y2)y#>r0t!X$vgEwP%imY)#(X<I
zzRx}6i=X^a$Y_3G6W$4&jM=a0y_DrEdcdjI3z>EEvO{*lx)UgrpJ1p;A3b-=f39KO
zd$Z$9Whzr1{|6C(HCG=DMtglfQ>l-+7glbM`scR-iSWI;6&mGQd4vseU9I{YU#3{;
zEX;gOeVbGZYVst@MVn{sd>38kiB<}YcYzeCW-u1w?imp3xX&9TvfXqvVNK7P8D`yZ
zY~U_h0k69X{~Bg`&$5G!pZnpgeXI6(Yi&TUUaF%_!bCG{IkgplAyDBQfTNx8)CGQW
zZmF|$e!2y=yW`vLlF>8})}sqOA~m)WgbI-?aUJYnOWHYu=Ta<wr9IAAk{Cy<GrtG4
z=vcv-pk~p`IGhd3;Bm#RgpFr(OJk-t%f8P(co8ooj|e{L8r3Cfz7U7MU#EE1!Xo(~
z6Z_JS3SQ0_PO`|>0*-spB@wNMNhxbZ-b*z?oS4)l2H)!gLQ=6q8z=a|9kykfwMBrl
z8e&Y)Z-ELgMM+E?<h8CH6(B}lN%>NjCBl-yI?+c1w8@O$z}h(+<|3641Dr->aFn*~
zp~!F~_40srrARiw{i&%PnA?;FGC6wOTG*f?mN(9;D1h9Y)b$QnA?{rmiV|7kt03!#
zFi<Tvu&c7DEy>^wlDYzdJOcIhdn5?DG?{A>S|d#e3tV98`wR==IJ6DX4eoaj8=Sw`
zvjseyhG+c+s4+ddFZ-E}Ks0O{qEfx>3{mS^HmR1W`kt0H!mlnkz8S&}6!7gG+ycNV
zQN}XD^J%0OV<qAn6s~V?r5oib(6CdJ2nM^4C=MDu9F*8S?8fu&tnX{BA?YfItAk48
zp?AQp@y{6hqp5RD!*U#j*HE6b6VQtKYj7T0$1g)=E~uB=WhSCZjTqVoQ#;9bLccb(
zn{@#zUw5DY`5x^PkTkS+14sVQqJOsNPJ4zMc~2!&h+^6CVtFSFkL7JFa##fyyxCj#
zjs2Ym4lPO=II{>sHWn3SmEUXHQ#7Ws?GSICmw+H0UXMj>jK_eE$*t8P(6NteqR(Np
zf#tflJaW)Vc0t}$OT;lSRg2QewwUnNhM>_tjw>O|Wl%b9zv$?ID=2l-B}p|OTg<zk
z;>h3S1q13|FuW-ec;oOYwx+3ewTo1W;3bcAc}GBVfwyB@Q;em>XgM8$$IT+)bSuQ3
z`6n?wK2<->?_}#j5{BXfA(G2C5mnXHeGB+H0}j26XD^P9=laii_HM6^PA_K}Cxqeq
z;emUFRz>TBvnEfQ_02}d4)Oi|N2npT1L#3mM%ZvnHtFc`beS4mrpEG}z4xcdV*YuC
z`T8lgL8+&lxbjf2R<-ZOxrmdBFZDXjtD~4?oI&^9n7~pq!Ru!&a~~ck(nild&r#_8
z{Hzn=XAy0cJ}pYT3FMQ9y$4Fl<mbNz-uTf5cPNzCT><M#aV!fco7C6X#3&HgvfF1|
z<Vh~g`p`se&22It_zgmjuIKL$^v0sMR9SGAZbE_gKBKaT_$U9%<9>@iY3qf{vWH?8
zRrgeR>qmq0W8r#hEPo8OVU*m5y-~Tw1}8N`z%O@f#4U?TP$snyXSb(ip}bmj&Rx)+
zo;r#T9{h|E|LIl*?%Ji!vgVvl^Eu(jSGF<`=biEFtko{}J_WdeOX?Sp%^_Gkin7?W
zZ+03-H6MmR<2R`_@z)(X_djm;N^3xy0Z)XGDFtXM^awc&+h_ga$p@s6XpN1Im-ey}
zaI?UEoONdY9Vj;3y^%o3>`rYWjqj~|OYdcxLBDKlarVSMAZo{r^!k?#5=GI+ck#LZ
zYrQnZv{^mSo_uLEmhHHS&h2Ff@ldtA$azl#;j^6onTpmEij>6R*P*zjQZ*UMr_W)h
z`_5oUDk_X))CfO~R7Ut!5^;H-nw?9AJ`iHeLxo_V>tXf_>?GS8EfnsTC#uWT@f(iz
zH>nD4q#6;rqN4%g31{1iz!wu=OW)OC!t^*{RuWl!h{|A0<j1;6iy&JDO(VogEWH(f
z6!O2;y7v|mCkvPWqFTW@H;a*SIgP>KkcDo%tt$ryRk@kxIllh)Rxe=8;3Ut{{us|f
z8L=g?qFV@cd!(m~RvV+7>n{T$lK|`v{#XGI6I=ARUJUJ@S8`rDTzM;Bw-DIjO(F$f
zynUCj$r;5imGK0WO^dpuyYrmq18q9iB@uGF6Qb|mY~!RDor$cQb(`m^z74}6eFNMz
z(yH@5g>Zqf975*LlvV3Jr+pOmz#;`eYGI2M1fJi?d2o1scN!m|D;=-pC>!#AcWhj`
zm!Mqr!_m8265)Hmcih5(hjA$Mt=fZQSV&viF#;LvS5X#~Kx^F?DEcJ1VW@m+1zdg=
zdm$rGvTG!6eHY1&*wptdMT~oU-Cx~ytyN>=Xjkc_CHFy>-ZS?Em7bzmD-X~VjW!1;
zi*t!`vrIto%n`)E^o4HdO_5NS6h3#Ho=!P!OWfC{s0rHXvr3$z$U+Rrye(?PhD$pJ
z53u4}BcITeyp5^hPp0NEPl+cpCzaB5|CZ{GxbfI>w!@jFn*{yQj}Q}iCjX!H+H6w+
z6#gPOdQrL{`)}Wiha8?Zq3b{nB^`YU*$r3SI}iBXj!=v^gsJ-IMZ%(lQHA>V^rAz2
z(_A}*HT*0<%>4S3Ma~ZB@Apdg%L)~)dDp1>)z)@$GQ=B!6%er~Tw`_e6$6a`h;M(Y
zw;a@@0KY*yehNt2fsDwQzvYw|ZrYT17I+P>PK~?$6^Wknz#W1r%ub+wo~Ky92jO6>
zGpbn{-lORL_Zx(Od;VzFms$jv>t~oky$qAVE;-J)#NM4&USWi1f$Sl#=T95r_k7~r
zJVt}xb(EkYgj^gN<2%vpI9E>*Z@h*%u_o@@2V3|u_s;7Gji$n<YBvZVw0A5)ROE*Q
zki17e=!f~nN8g0q=PEIz0vFa&<N|v*%$GlXpS{SCDL}7FqH%~+jS<%SVy>4aSEXVY
z2^?&c66y9PSG!C?5aI8GxHO4Y{s8eAJy9Q6#i;Zg7?JCZzO6y&bEd2pKs36UVQl?F
z7LLEG)QY_}FCiI%az3Y#2Hjh90aRUF4z7*Y`aUc~A5~i2i1RRKhy`=c`B>^&?#uO4
zwJEGIu7slgI!@fAnOtbE!6gWt08z0$0|=OGtlwqH$dV1y(TGAR`5VY1^@Nnp##a#7
z&nx!vypCc`k7jH>$<}31F+?4j=!d+xogg1HhpKFZLJWKX2^BIvcTX)GO;}l6aEA>3
zjY>Nm(47Z?Z5{%<%h0R{gN`LoQT5~s&Fs0WJMqwiVP9et&`Y$;vAB|=W5-5iFP;>q
zr2DOuus=To=dJpz+`YtY`%}|#E7T@fys9}wqnA}{fPuEZI@OU#guGd5aN`9uI6XCz
z+bf7#ii&p4_xajaaA=%s&q$&W_!Z2`)@+9uIhTnAOk1SzEq*4=6S$YSKC&r_Csjsm
zH>ef%5kf2Ll8c~x31G<%9ilp_G*bR>93G`oo7~sBw5@HYT>e8d$cs^Nb*8KA<>^{f
zsu1hUdJi#+^V!5~g<0*I(jH#lLK4W`Kj{t=quDfa?aSWX9^n+=n7o~Ru-t5IAhZ(2
z7g7qgz|M`kRC@@=?XV7tVi0<$Ta_rJ0Zq0>e@EDL1=BL42lYS;22IrP7;G{RNqvHW
zC@PShV??u`X<xM@9W;d$m?ep}*pF0F(z&q#)T5Rs@ViSCw}0A0CvZ<2YVU)g`G+$<
z9JbH>gn`z&6j7DHFdd&+v-E?8#I)CqHJpCdW_F}a<z086O9V_4JKGf`rjgO{m){C~
z_bv4QaxI#^?l0kGINxkzS=@g8KVtK%le}=9wu~^BBYscEq7<C|37Qs?A3DQ*lthw=
z3}m7?8AYQT>#ykJG^lpY-KaZD5_6w}>1)F5#+Zb6m|Et%vxmQ~q|0x8-UV2L%5iem
zn|DgNEQ83bp6x1r@sh?`?O}Kg5nT)H;3!H_e}8xn6f*ERY0E3t1W8QFeF|@tiY)K*
zSrfiRrS3FD8-!2iPmh<{QD2m75HcoNw?YarHciKBY09B-+{B`0vBUlypaMs~ta`1x
zt+B5ogxCl~gUF{m{-XQpG@l0AEy}$=-1uc)A=h=1oIi@l9@Ng3|H!mkJBa7EV+NF^
zb^}RccC&IjfLjw1^suV%Q)kJvGWzpCYrFD?u}GhHs``iHxL~Q>AknH@%Y$_a?-PHt
z#zfdyP2C@cAnnEtZ>B^G-gRnjH5oCTbWwiR?|QqgEDQw1Cj9{tXB8PZax2n!9P_u=
zIJNsQplO?1Ya?!lA@O|SnA()_@#jH!O00SA^)^a;X~L3m!(pGH@fEnI6Lg6Ve@1d}
z5St~|B(a~qtwKMiTt(-ztcRa?65jw)^GHByK7fJp54e0NEUv5a$ng@KW${={?`@kx
z(`V_)&kb^FmuH0MItX7PjX;BEZWp-)f2CEW`)yEVo=!NdkN}KS_vyv2Ue-r_ggNZI
z<<5@kT4h%jIaiG;aSgTHs+sQoEOO(|vyjaB`IfR`8qiJY$Ed}&J>4w33#NRLhWnu%
z!n#5_eIFM-TaItI{jmxCXnTN2@Py#cd-YxHLfc@`xT=>0SadI(<#T;Ri1)r9yj*|k
zPtEyL&Uy$Lh|oLg)rP%QJ}<J8z%^)gW>UDPoRgSQx=)7!VF1zZrJeB}K;;Vr$$0m^
ztiPUBgaL-wGXFlrUyo4!9ih2#L%fq?7qjv=Jo>Ed*9>PpNQ6tY3)zpI7G789Z7{X@
zT`pioBf&EAjsqWuC^t*r!WL+1=I*18@)STC!G9|=v^xWaG0hzMIAyBIXS3j!QA`es
zTx}+OBs9*5L>R2psEG$d6Ax4BBdT8wG22neqSk&_0KQ@h;|H8TOicWiU;gO8sZ=;|
z#X--ppiLc2>C3N|Tg%SJNF>rc_yy=4p~H{0ZEhFf3<y#MyEV?rW5+SG#f8Iz`n~y@
zgzjVxaZ_!IGxH%LTX15x^B##8;ZPoKAgtY5ES`NI3JEIZRnb5Ctk0#W%tOUBcmOTV
z9%Kpxl{|eNev$QBe9Hz|nnXQcatq{$5TOyZ0uK!81D1oadOH8JNWnHaK1z_CM|G+<
z(%=!W7rrxaAulJlmSP$bNBP=XG0KeePOZaU_g0ey7B`T$F<Zc5V+L-GS0b*^Z<z=7
z?8W1SzYNE3)ULQ=8)^}Jjg1p69`7grW)Z9P<`%xSHAvX3`R@u65x9j-lo{V_K>uRV
z50^MG0T{C^EABtyC0pAS2!-()&>M=gkiFtB4p5&)C8%BADwYYgv>p*GU}Eetn0Hc6
zM!e4WI7pw<KGdS)m6!@<Ye3yG&(-ZV9pCXiux{QH)bnVEd|#2a{Yk)T4A)7xF!#$I
zS4idKx-Vv;_<A6+&UY&WQD`oOK9_TN?jbEHQbPEBD0~h|0zx3U)Q8*{6$AH_E)Fux
zvpKqWG5&a}+`rG_ct)g_3;4(3gS6lLDR-WiQk(Me_7S2I6fZ{Oe%7V#`5fXH!4>$b
z-`=!`L!CM9KGt6t;h5s<r)}gbHDjLZZ|wWZa`{t9Zdr8XM>CO^*Rxh3)7bC<UU4pl
zc1p^~C_hJp0&dm_R2mo7h^|&<RMw|<BHHu*6;EzLo879ruWggoQBjrBU12!=+1m^R
znan3}gJaBuUN~2_^QL0qb1;-NvWe^O?2Ze!;JwYe$1BHg2r`)ZO8+7Yrr*3<9|p{K
zQN)+?`tC+jQcgvI*TO0?020iaG{Jh5Y5e&LPO5sgJPMHU09Ecs1GsAYlk62OSZgEl
z1yO+#E7}u`1SYut-$`H<wj7U4vu3O5w|Hut^WfPUo4JXg1zER+XjphukkudeYH7Ns
z1@9t}GYs$BmpO|LWpoA}VyYo5UV(muLZ{cUR8MI(>U4YE)Ll=LJ=y(S#IQSGPaB`(
zxfcDHY>A!VBRbn7>8SE;ov_J8x($gc`An98!GB>M@fEaI20Qa`snM{NAmdx{$5=`~
zcoMu9Lyh{0xW!DMH9Ms1<Ua%mf1w$HjI=Uf|B9f^edh+hj_36EzP0|jwtqo4A`;mk
zR(~O(lM`yZYY+mgxSR*%#+U}U3QTrT#*Rbh-o!^`O-<Yj^JYBf%^_dH<sP`*$0~hf
z4j;rr^cn3yWgd2<LGF~W%Xgl>Qfpz63ZJJ)#kA3zB(r(jAjrMW+xK4YDq%1z+Y~km
z1Q6ZhE1qd@(WPb#gQ697+H&Pn(<&{7m@3k$*Zg(Zh+F(UY*}yHY)$2YIj<MZ#pF0G
zAW9W%^-*LM?^unIkP6hgf4?d4GJNpILAC2U@UT@gN{y7JPRh}_JM001RH4szEG<%c
z;Z2-Gv2kwQm5yhoEi6awpIurh8fRpy6P4KW(u2(0`9G@W!3e)BrNTokLXdFdn}X*9
zC2oyyOgaq>jn<U2Gbf1q0gk|xu4tV#x7UmFk7#S2Lj(Uq0yi`U405T|!A^zQ3J3@7
zM>BajC*IN!cT#3G250`43ZN6xV}q+n?0Yo_q?!{u*w=p;NRWHv*J}>foiATxrBJ4Z
z*uJ@5DS81623h12Tys#hGBO=)uoE1MpZIb`wl^Q<K_kY4w{87Qril<T4VBSQmpOkR
zW8bD3A$!8kW}{DmMUjtP4~xN8U3tztMi}-+(WA-!rgsUg?>FkKvjNUJsybVQ=jfMm
z4BoY9D@sVn7Q%=8dLAMM^ac#et_tFMOJ|!qzMr42Wmnneqh<rdFz_19#XhIR7S1CF
z`k5otkY1?9@-2YP)}MZKZu?Kgq0O)rqyNt7Vh?^V9f<n?O5u#wq?>P4=?7jOM7#n|
z;rlbC0v>W?8yk#Liv@Cu?=u6Rrrq$cOu`k*=k@ungAe}2{<QB<`Ydg<K5aKvoqF1(
z@LA)A^Jf5q!*pt@5^Y1hfBQMX8#%&<*tKda+pA`^D|V=yMml!Jy5Y5s=gjB4DD=5&
zAl@;FmrFV0JA~+45Dq=?V1ZbOR&GOn{C06<uPRbXJQ4D2U*N}OS*ROmp*^fq#pqM5
zXJ3wWULp^djuNx0`F&A-^;+Tw+^wHAw_jDLe7iSQK}!#wvVf7;Hwr3$9D%hptO8Y2
z7r#d{pHhPfs8lp%c|Cd-3WYc87uLXur^-I^p$5^;Y-mq*nh*g1*J96B7Vxy~z}o2*
z7|x`Bx16*}^n`KjKL5=&eUmRpeG2rBv*$e+x7=30nRaI!NFa7h&xl1Gq5)moMd%2#
z5IHbyhYTP3hi^Qdv^p-E`VJ^RAo$MNmGepDp?B%4nC)%UPM<kDe`{jHIselSNgmTq
zM2}=g>07{zci?{0i$H&cu`#CC>T>C%f%u93ET6Aa!FwO^%!-M3g3aZ-x=<tXp&mYw
zIOuwLX`b_!rrYf08+S(WiFg!Isf!CsRqm~MtVayJCIYS^sV@?hW{LfeDtU=kq?j*`
z9C!2O7M}|aTZ|hY1_9PLcno1TelYXx596V6UUH`(zJqCj`4qymKS;Yzp@SPIx2Si_
zQLUk;@Q3yX=BMXF?b9S8jqaDu4jsq`+dCh#oih#bbCbw)t>$SWoTjgURYw#*gLx8O
z_Aa>=an?F$3_n~~2iXT08C@JQTmzC>VUDk)<m=hR8ku<o@19b}fcg;?RRXUQCEDFP
zWT9I8;q9c?O!>5R#>d64uFbb!@YJjzeH0mS!frZ$MkLxxf^q0`#W%of^R|x$Px%mi
zm*&k^5by9)c_}EWgC%nM)ouaA$iLAG4j3&9Li}a7+x4(_zjgN}d6sD-*+|8AKJgD;
z(}cQ}@N932FcvV3KN9)Lw<|Q9$OlIWu6FGhk99fUZl-3aaMn?iCpH#G3MNS7m!6pk
z(a9=b%6kqEQ8ho^?bB_<uEz>51tkGzxb+GptiKnn9uLfgIr1)KzNGygx-LW%KNa~0
z7lpy&&0el_bA>fuFL}{zDAh%a86{T=63#w9j6J8Ru&Ox@y`pn_re|IR9#dBqx!%TQ
zmvJUT+I2s+%b~*z?)|+%X-Y*u9@R{Ikt}EcJ*aysp@3@ln&b<XnHQrST>@A12nOiJ
zV2~`HzKlazbD{FpErC$0N^)ul%)9Ms?f+p=UP>qtV@^b`Beo4Vr@$6^Wc%?xEjhpm
zk;N&W$S)GNo1P^zj6yCrBPt)61$s5awx^DdcYSSxp9qpoZE$w#0{aK)P#4?K{<-2!
zL~cG1Kc(7Dwx+7kZ>Wujq5HS(lQWQ3yK`YmmRb92mbyH1ryO@P^wG<^DgiPNY%pOs
zLau#$h3E33S{ddLx6?QXpW67q@z1&_Ddt{P&0m=!EMz3PHQ}<TC(!zHd#f_nQ4V^~
zg#aA;G~tTy=u-}!lv~(U@x=BQl6abj<9wxqJ2Al)7blalBx%n=3KXNK(1>^h2>%dG
z2IaBLQ2u0TP97l7zIE(e1o&4eq$G?x-h1NLjw_!H%G>NcroyNS&ogNZKNi)nHF!vQ
z1nSndd_0b9MceeNYPPfdSZ8=ssiz~il!^G?z(t){jUt4GG1=5dG?w78sYQ4X3Km6W
zj@jJa8LUakwk%wNxM0d_M-bg>3f`H$VU7_^0pkNpHV4DuWFkN6w%E`kk^+9#uh=tn
zofMFDedBH*4j3FA&j{`)p$#Xs<__!y{FxVb{Y({8G)5~k%yTld4Yd5gQHo$Jj!3hN
zGu}6l#mu{wS2GJf^<0QXN;zQplqngMI-E}|eXaxT3xaSoE~ZD>mmr}M$jU#n{cC&A
zPBgxU!$jr1+UP>it+daa^Xt3?n8jn8c-HQE0;!<WG)WcM5Iy_AV}^H~&8xUl*H1nd
z7|(9!yqgJY=)m9AQr!F=D44Kq?|ZM4X<h%X?LG@#e0W0z?kEkn5i9VX8;Yd+{Pd{E
z07g`+^sCYWybW`5qa~^Z0(u*BN9BHcM|OpHpIRY91N1pIz`kIjAyJ8~mVf-TJeR5x
zLj~-q3N@>ASQQ)NL+KZuZ%M=(rg+icvqRwZhI#|njOr}>X`JibHr`c#>8tnJX)0Hz
zCfI1C3MJvG88CB$EzoTQX6&BN26fyTGqMP|hyMU9AZ6t93eo&rcTSdVGKOkyME2P9
zqaC+(q%XN0UY{1ci=*p~9cb7LM%zVWPk7PVn};vreZt8MaCZ&yQsMki#8bu`V73UZ
zY+_bXUcPJHQ0+Up%|S09l-4tY>khq3zBvtMI0|1UZ0H7E8^CRcdCUB9h-UCwh-2YA
zw3e*PeTe_STe)4?K2%)zsl3OvZUXI%70rN5v9}Y}d|R2rPafg<VwtvpX2UkY_{y@v
zK!52wD&0tDyi4NUeuVZG)oVCMk=wJ}_(YqvdX|1kVU@7iLFN9}8)!blPYBxFVRbpi
zw8>m)=nb*M^}#n19hqhK#bQFjAk@Yqj8>=@!<8`oW*{Ga(X)xcz3-D8N`L&LaKxP$
znXI6wYz!CJcH^1&u|bjVInTWnhz=d?acx+#o>HNUduIQ?E!QWyYlvfeYhSR={GF=S
z+pC4#->8KunS6RX#%qU}u7k7hWsBeiECl}Ecf!FJy!7+$1wZ>+%MWA-c8=5i+bLX=
z<a1~(1X=cQt?l8j_;j$$mE&y?RH1BS!}jHDOiYCyQh_cv$-Hdq6<h@=gZ6gk!L1SP
zRbimvkJM<TbtIanprh${&)V?sE|8m0y8Opgq0(Nx!oxYsKI*L91L%X?MS?_jpj_WC
zq{l9??7!;@?T&WMSnV2Fvg$?+s0k#K6?%!nDzWN4Y!cLPU!hMX&vAD5V_k?<yCaKu
z5H*A<GnPHUsgrBX%G9U*5QV7Nuux1}C8eSMFh&`s(`E@wDFm%F191(+KS4<u4G++h
zei~UUW6{q77Alz?j5Z{$yT)Qqs4d0a{poh`FM^z2iHxJw8`?#Y3-WzO4esQd^CkuW
zR<+lFvR3K>ZsD0~h{b@9M&pE_wGi(dx<HIW#Jzdf9ge2~1ku+7==fO|L+#rZZ6p^L
zJQ%lvCFBluPuC(@(p5N1A^`_b&(^~!LX<-qeZL}GtW$D>$`Vb2OUQ0_^6{k;&_$fC
zvgTo9sDS-V+Jkagi8bQo<{RX{HaMEZU6jU6T0u-7>cMbMeyx3W*LJfsHdW#815J9P
z*r<xi8`jYA28Ds?Why2|2GHPiNj^?&mGAT&Rx3y%#wPl!1@+NSjl*r5wbq6N>D^B|
zBC*K-!t0X&QtG=NR2Cl<<bff?H3{#AF`AzX1f>~Qn!bV&yul9kI&3IC6`wray4#w1
z{RyG}A6{yP|J_R+y*+b0>H1#I(T`o?vzvGIcMPqjmw50<Smk{~IqG?_wg-KV#ndPw
z`dO9%nN*5#O=HnNG3#ZYY(EpmQ7lwkALx~O`(BW6dju$~3Fy$_^a`NZSt`y*;U;VF
zZPHxJhv?kC={n}LC~)JI_d=Krz2GOHXpkBtd<2b#M#>y?dE@E>yON!z)*F;tG7d}-
zg>_)wNeQoLXo8{KGE?->H<29E>nhAx8J`xBsg(aw{=)P6?^(FQC$g-da!H{I$*ym0
z|3*q!ioSM=Wt;gl|6^gfV)*7TbYYKadK<pYl>!-<oGL6O0L+>M5`l^uU`YN_th$rg
z=6U)m8FRoVvY7YMtF?B>wNMF|m~bI);`RLQ=j>J<2H&1QQ`pv~<ws9)=nj!#B5JHC
z?l_|<!g4(9UZK~{97O(<W4!;lsOzM+k<MreSb?Qjz!G6WbPvPMK|vfhTWJT;8rL1u
zjx&ddPyaK)p6o>E^SeTv%~)PF+lN67>dzxCSq%fIXM5f+rL!Gb>aSjJ`F?&2OwYi#
z-yeV5PtxH<fannlSaKIaE8%F=b5E8H^vkb({<bvnGLaKurMx8l9!;gPvQ9$e1sFco
zLWaL=VsV!Mx-pBdMyyh(4dnM5VDJ{cQ^3V9Vs7Tq*&v=p-I<OsBhqS{z<9!C!Rt(I
zE@O$zpBxL;!0ThlEg65h;Awl-w<MgiNZ1^GRDC6{eqv!l`UAGZgr;F~EN}W(?Cuqa
z7*{^WkM(MmXw=cEy*RWG7FI}FvaC_R_<f%YnVwjX;MFCxj+4qa>7$XG6Gc+eM{c{}
z<2A&i451s~oUVsG>986wxb0|Sg=EJAO;Ke#pN<LjTvRgyP9LwAKT$}M5VS`1of30=
zNu%NPU)`M1vFFrLU6DHakNK5(YF-N!yKO!n<<L?6>ZoG8zW>!5E4C&)9)6PpMqVMS
zxODLtlXk8|98IY!Ym8)YL+)AcRuYwk!h1OACrYx;w`V<^`I$uqgl92D6*TqTTKFV8
zK69(Az+w;iFd>$#Q@mJcc59}^q#mi(DlCKs-j2~{2tec1S2D6!Uv%fnQz>W7Vn28g
zEBR;G4EA%?$g_z>@Jnt$<e62-oxoLpE)pTX2Z^M}3k~*2Pus&LdIS{O4>K0J-rKX%
zbx<;`yl!C9Y4NP}1akHfqBW~4q3P9&{FP(1bIl&rTyY-pzmyQ0>~M={e?3uUJX}o*
z?y(q{Ju^8cke2T)hzRaFm~TpQnIRY~!8coo{!o%(L+HV3B|>6-N3T|5hTi4_|4aig
zvj8HY=6=%H$a4y%@V$gC(`8AAn8vi8Z~fRpK(^?LP8~-!+`!NRA_T3(6Jm>H!4Cg?
z)6C3=%`&^rL=3O8Fp?7L;Nc<`379nBWJ#k$Kmkr#iOCUutq~x7Yt__Vb%TOgWw^LQ
zp<&sqbh4r2aJ%@qnXRy3i}~NLXb|uxM?Z+<Vf4Jk{{^=hWSv`*Dj?Qj-#7W|Ge^rP
zZ3*dAf!~F!Cyta*oWXsjslqpQS~sDji_tR#26Jwj=tSW3blbC1FTH~y9(7}kTs5#J
z|K0DfN;qV>4bFH+D!d?#UZO(;gsKa?Fd$ZSpxE}~-QqF0xQlBiR0a9PAQFTs2H1zF
z=B{p!qb;aHEM$bbt`T}oB~KZY-|WWUuHvPchOYK*22ucIi7B!pG_XR^+2{lweE$#o
z;QkN$0Gf&G0Y8som?`Nn&E(W@Pc^T!zMagLgY#}G>arAtjuFuB`pmNp9Ku2db)pnb
zehvpY!prG+XB~ZH77LH`QL!@VmSQJ#P<aWp?70N%HifhE#;c<3N-P;#{7$ZC-$Ox0
zj$&}i$PrIk?nfAPee0XGx&7r`_4bsEsrT>LIlIn<IPdi*yIgYG5hrGmEE({a@UwTz
zn9vcD)K{5IH@yM@mGXZ6!8wpock+lQ+6z;eJ;ZCpjT!7H3Ss@&IL8^FyO;u~Vg$EW
z3C?rJ8mT`vfD>orS&%sU9h#1Qyylc}d7op&xHJQTuJtm-=^GNsWXvYahhY!rq4)J^
zDoOk0O`}20vYPY(KE7V%^z`8S(A)FvjJSyc7Uu!LntgHN`9IcdzJ<1l5P&rP!c*&7
zL&kjNaGPuy@E@_G{~xh~T__BAvE$rqC99M}GwfqVwyT#yt+~~BrmW}GU~nT~j9xxk
zM3qfuUCc4-OxA970&)O$a9H7xx!QVJ#X8~6=x6}ri!;X;bG#e+tFwB=2o#0A=cXg9
zkrW^jkkmz8)Cwcbn>>*K;b!$~1_kvb;vvQjg{X{UXDh&M1&xjLNdJ8za-MA%`6k8=
zV;pKau+GolUEJhq=X%w5<_|SEmR3ia7f76_6N#NAjTcA*?Sd@MT66={X_2y+LPS`}
z)`6ggKk^6~U+8|k=^4PmlAjte>%bJE)TxR;>TV3eM;9OYl$ln;Lx`LMFhoz%*lOMY
zh*jvY>g?<oFX!tGc=vuzRIyh}R*Awi;55Hlvjjd@;5k}c+u>2)Dh1NSsF2yW&e`0C
zDoX@yFsjr<Lire0^1|rfkPc_^P6Ed~yWcYu80rBl=iY8>k*8t=#>XG!%XlO|r5FX0
zP35`LoBxO>D?mpp2xP}OP8RjFXPU<5Ew4;NUG4&GE)jy_hPz-FBNVt8qI{2zvMru_
zX|Tk%1hTrZZv{(?jN_3x@%+x|A5MLk2e4@4@8at|7OT=!LxcfXETK==v4;R?Ad6&a
zwGaz3O@YBHp3xpbKni$i*DaiPt?(lEUQP-=ihF$fS3f|ZrqT6ccym1n7#K!)z^W6*
z&xQU+x)}iyPAJNtm6(i!;Yml7fEh^m*MG)q7*TdcH2l*EXlvL%K>!KlLV`>a0BvOn
z_maDK=<~YplX$J=q*Um6FhG8sV~kSg+ZB@2UouZ0X-&ZVtE;%0|NT_R|NPWt-=S3W
zS{Q|xTArQWwC%*3!?$c20F+8xEE&1;2Auo3`U_nWiBYcxgMev>wlTX8!v@;G8{?A>
z1`03zAKq&bN?20|>KPWxorMmfkB`fKba_PHh%gbg^z1+O2_5f0_6ZQ8QUF(|^!i}V
zQy*7M#_6wS%yZkb{Ll)5Tq&z&7!0>#y?U*-cUo~>dOCDnI&y#WNs|HQows{yT|$qb
zX!ergpMBn!eeoas#ri+o-1qx+K&4w^PwuN*MkcI(xZFH<KpTV#^T(6f{gDMWZ?=-Q
zP8|Q~m*WDqL^cc#4o6S`0o>Kk9w=y!@NT+^#{T9F%g#hYj1@Fj;?hzThE%rl?E`0g
z99RFe(!v|104yaU1MX<`!xlRW)V=J}KzUhWYu{D|Q*71(8bVvR`D)KvUOAb=Jeb}a
zK&(qGbA(DqPF72&Kbr>|AHc-g|0nBPby4>I|M+m=%|G_=fBzI8{{R2ce^>7RH?9P&
z2982n9LfJz`j_er6HwtwfsX3wB1f|63Nt;<hcHhol?=}<i>*08?(`P064~bPe>&7_
z(`O02I$)DVqngVv)EAtF>EKG_38#M<2v2{xahNv#OX>XK99D$s8tqbH+N2>aW))aG
zM4g7+%#eTJ{jjQ70xT23>hrv2t=)u@tIeDqneUXybnS>Ez|zC+38MrstT}nG<HLaN
z%pb6cn@mu1f}IfCj_P7v9|FW8VAZHH*p&XifZ#Z9gu$)<MFf|5za$0f1S0+9;Td41
ztaUilvD!)<`!Ukg%I1ZJ1|sqw-Fb3$wSt`2sKQDGRS^CwK<3Ny%3ipH`N@GBAcFBx
zVQhZ!eM$)5nfd=ROLxf2z^iI&eg`rrc2%T_fdBQ4Ap1Box6QNMqfduBiI<F~1(4*y
zdDfl5a~2Bw;==aa@z8GfTj-<JRKA>sV;r@p43&Spkn*+dFDchw_E&|YTd4+`Ik6-~
zFEu`<2?EMLcpCIvLpwstu3gyE)B&|x4}3OqZ#5W-H{BZO@>8Y?Me45oWD-c2`0}6b
zec&r_%}9v6nePni=ct45sfkXVVG?O39+fk&+qmSHNNlwdkq+-}AabH?1@=dKPuQmZ
zzogNx{@s89bKuM7i=er@1g}@cW&8tigsYWp6B2%MH#pt_HXiV_vJ8%2JQ7S0Jy3)X
zIGEYR`3`ZJ7s);E>0(Z(c#&wp<z(#f<x9X-#TG;N<NKm$#fVaxl-(7IOd*C&QL`N%
z`F1+nPu<BV-)$HwO3Omk13!PUO(R_@?iIioHb;n^0KC4XhL*nE<MjsY&5g)aH^V5`
zKM_!_fv^qOMSWwCH(s2=VYVn#TSc84l7^j7|Eofvko?)RV(zT(JEJ;}DnFHE@Bc#(
z17$XDI6<ySx8dr2tp|h~2nboIDs!s#Jl@|0t`2MfY%odMUceNff7WC8KYsrF4G=_*
z56RMJ6#|N7t5M4JR1|f9Gd#<Ial@*@;LrTvW;7hJh;SGoJdOkg&|#S^w0UN8@NFg<
zP6EY)^(}_y)c@Qd1HgJL6-9)@k=gK`_18+KH(N>j3Wv=sE6o4*1Arz54>YU*uxk(I
z;hQU61g2_Sfj26n7}rsmn!Wv1vC2G~uTa|oeWA=;y<@@r)fMy$6C1F29(XA_znOl<
z!ZR4ULB@Y=qruc>U{&|;%F76?L3hr9K&K2qVF3Il@ET}kf)T~sxFP&}E?n!6Qe!nO
z2g??->I_2L1NhnT`!KahK%Gpb#sCuu!@R?aFjklG9lGG-?%6O}wChu9&h+rX!0R#l
z6G-b&vH6l@-%13!tF}h672p;9qHMQwI?TaG22eS6SJ-L~-Z>k$iv3asB37USd%X2}
zJ!WV_dr;?g71(4t$Cq7v5qxD@O<!M_n5{FKSy<8YM=M?c=KBOb^KO13!}|}ByOjYX
z!-fKtghU^KY$@}Yx0k)7_9a8iO~W?Rh|CbvpufP9Wq8S<GWugh^H~ImFu0k7-|ZK9
z_y+)ybuM({s28a2Izy@dQJnmsg<WntOgizA>Dqp0zWqQpXW|cl0W0Sv)qc9O#u(Yp
z5P1dAz-?D8K1aHEgRfmlioa}F19s~@!rR#P0Ea(Q)=LXP=oAbe^Avj0yC=Uc3FvVd
z5fMk`Wir9!(YT4xt+{pZ#6b@tbk?LjQ_Ejov>iH4r;I5uc#}+zjiB(f-Hsd77@7Bv
zca3B->=qV-7k8@benrN64?*ksH8ZgPn}gComQ=gDF$-&n_swePUgLJDk5bpky4l~)
zH5Tz`jJ3|&N_gmmP+*pd1}cQj8g^bQI5~etnEvUZ*K%R2IyEUh4HuFPU$$2Yqjfnz
zL(Mqfxl%bDQJ9w={A7#HlViA-e*t>yqSWs`_vtN&HKd$!$!`1K)31;1udv~0y?~@+
zm$@3gbA@Vd*ND8#Rk=aX?E)eG+rx?`=C{H)-`;fh+BbC<-u5733TEkCtAujeR{S9w
zeZCY!X8v#D%RJ$hx)C|w@kl>xqyuDoAE3BaAoY2=^l?#&UqtyiMVEuVV{8PtdHI$N
zZOyjM{{gq_^*-Cx`Cs?jo{Au$ZpWJUT(%QNxJ6Dq=q*dfYjOky=qs8(h@=TKt30Yl
zb>_N28G@%a-?$WqF#biq7mKqcRWEbtXG9Cd(NEECFe$kCJ~iq$4S;?u-q_mre7U&Y
zfO=RhceL;|yIz0wR76iSPE>?V|2Sis3o3YE7orl-BAY9Ju@&0O)42Z#B>t2FdSCA`
z7PWW3=6qzfNpIW0mPK<JyjISi@xH#isd*%WVX$YhSRlbdU{S9MThI$Wi`uRN8Jn(i
z-U1G}bLxtZT()a7JwY2kV3O%W)3J0;ZG9CkCO`^wpqORMuw9BU9{VC8e#}SoJB|l>
z6SFXxknYgfKOb|D#3_^+^m@TutOrOMs8=E_2j7nw?d8amb9l*8IhDMvw(CTLjT#xx
zAiIk>Knsf2a}MxXJzJ-h(r{Sh0z7pTurg*EBjF#(!%KIxhW!bsZc7lra4RT{-7Z7J
z`>DOfl;V}{wkZ&uaHrjEmJ{lehVb8G@n32DS8|up7I)5@FFETDwQT|N6u@G=n8^*t
zZUax!*i5E?o)bcTdw|{CYrQ|3T(yPP?YdHDp3(>rWyjfd)2;{{kn%be&WQ&&$==_U
zTDfDi@O%cM16rO}^@~cK*ZHippL?y&8%Hi%BhE8^dWfg*J&HO+;yD^oto7D)@47BT
z0<p^zmI)sQIcK>WqVF>Wak;myD?I=!x~FhClFad+>WrQ>Ng)+C(SDcDG$U>#iJO81
zDLDku6ps98p1zD;ucdG0!Idf2g~J<Q9_2xFjH6IbWyCcRz74Qe94Lv?u~>C`be?Qx
zB_bk?zX+B@AiWM#FkkR$Ewn$phc$!sY}Q?*a}H(dCBovmktLooHgvm#z3!0kYS#H!
zuJyxM#!q1>@Ub-HqF1XVNdyzIw(kHyY{BlHH59d7yS!&Dg?nL)8DR?LXp#D?jR>)j
zfVnF3(jPdVd42ujx>K;nmGo5-+60|UrdS3Bb68fS2^T<=ipM#(EOf#%S~s<-y*Jl!
z!%H?}|LWTFVvoYiVu+-Z!I^u`fuG_sqN;v>y4Q{$&dkan);h~pq}*Qs%}MB$4zg<O
zY>FETMqSIE@>)H#fzm0$y$GwnRpK$<k6r9`?vPH^3-4R^Eu3ZIePhuWhVbEZH05Ji
z4O<0IkuH$X>eeU*>`iHzP&lLnKcpH`yeh=oEwjypo;$fh8r7#@m7E3DB!{#<lUFv!
z`Ey(47iEFj*mb-RNRr7x7u)bLUXW%q=o75;8AD8>Z4Z=@!chuwxnrWqZ$cZ`yIdJE
zOg;AJuiVL=TejP<VM6Gx%3K+5(Fx^$PqK&%m1rT>+%Q!n<ea4zuYFb`K9`boR-*v@
z7@<3h>Q6tc%Nyx{QEn3J0lI`WvrGe~T$cuopPF~%S|;$^68iIR$l<T6)_so}w*f(_
z^r?(D0LX3)e=A7sqwv+$!}VaSnUo6{FE_djW1=r|E$9pRA5)~BgM`oYcTpFE_5Mm&
zIW;p!<alW432%T~>%AIQPq&b4fjF{t&$i1r0a8oX^!A7danBB5jG7pld|D6eJ}hjk
z+;*|}n2&`B6JP={J6U7;Bm1R49!VgquV|^&&7yr+!LZn>V%0N!5=Qg^FBODjQif}w
zZtw7hm)9<=76GI8KD>`p&G*sB@?D$OwJpv_aT4*>NJKx<sQ4U41I6Cr5D{wE%RRK+
z5&@!QjNyVn?_8xt(;sz{2Zf1KvO_7mvLpK+Vp5nE7)4k2zPs1}A=_xvh;lQqJaEq4
zX?e0=zowikX3xI>oF98}2p+?GexTvaYBn!$uE0fCkmeafU(Sr4|JA#{)~ZkZjPE03
z-r16bL!x1-wOYYzg_bQ<nl}^E=102Iz#;J^mxcF1B_00lIkV!}Z`2}I{0v}IVB%Wr
zv(XRIaKg(;>t0Od;9sOIUq+`AX9_T{Q&aaFSj~~vq#mhR>_jRfyjHX8tluXwPNei(
zYzOzJDE3Sgc`jacVqDHgzv>N!js{~~k`!u>I!H4(W4N~NGq<<}oFxnRK6hex>P3l+
zgMoMp?Ux5vA*>rvMp6dC3%t>D)rvTl8ZRg-{j4p@BihDztB}Qg-8gbeSf&^qRmOz=
z-!VhdYo|mF*+f$6Vm-jsT?;S#NF4`EkGv5%&o~21d!??}i{dcS&Curl$L2d$`X6<W
zTws#$SDYn2+Sx8Lf9j7Y#M=j+r+dHkUddEHq@v2uPh<?AXezXeIJm{iYYa_TeF{P~
zSyuLpW%DZiVZePCHD3ZA;e)Gc6I~4Pv|X=bA@<?V{QhLJlUVA!PhPoS33%YS?fxnp
zV+3?3G8~aA-7A0U3fFZ8G(&5Hm=Ln*HI%*lCCCoDE5fG7V;qX>gCfbtAs$#{p`F<g
z(!|-mdf&eFHO0cu*5z8!ib|hJ;@Gt6|5k^#G_(a{-TjeCE$uBN3wh!2NWE##Psh(Q
zMtRnda;t;cN?=>~m!9WtQRSo7irNT9I7LW4L3}EdIG%6}*z&FY%U}U>P4=zfIIvXQ
zJYN(G1NbM9pZvEE8H=Pa)!_LKGS5&0z`xGO1BfbB;=4~kV@~PNaF(ZjI^%x6^Mr`w
z^Is5NY>h(~F@4IdP64<$FV45rehPKP?KQf0G0y5qh^k3fbk4`px{70!Mf1a{p}0l@
ztD)AnS))xcXiqON3SLZ9yYz{Y5uU|(wV%M3?~@3ON))QiR9x8qnnW`}o?!4e21Jf}
zUmA|aKS<ZM^8`3aw^lqfu-hr+yBxEeQjam{Y+SD&a?)4xo&WZ{Bj-Wc4Dd1{%_QL6
z`Vb~6WjG5TroNHCp22V88s_EPtt_B|9spog`P+?Je~Ti4HF@h&F+nkWQl+%MN0Gk0
z$0mWG0rHl92MH7|Lgm0Y1A=rNFo7H5*CQSxvF+P<+MAX@j;<?g<8i6c60-K!lCq<Y
zfuholJXA~*zie6Pwoo4`vKxjJvB0_ByIZv26usBmxzysS?|{`#0<D@orzWFdr0)iG
zVFIzq!JA##g05MVBa7rdQ<+(ro@F}w``D0&7&2E~tpZ*6qs<2=a<jju-!m>+;$qC=
zpABW1&LS@$wi6OLOy?J<CFZ<@eF>F^i(fBEcKvWVfyd5e?NbNJ<vd2)X7eHu-M^kA
zrI?3JmP-<deGZ3oXk@$zo$`z=u-SY0b~EU1rs@mv3?*J1KafNGcJ#c*J@jgy6BofX
zs&2E`#}{B%cGf5C;TkDYo^x96{Sr(0Zk~NpmYO1D@Low41cc?I(h>F4HcJ%Xd=L<N
zDp2i6Ad1#92J~lay|ZydQ}iSqZ|KHzf{jrK5DB8F<>J2wOr$K`9$ydhR(~}=p30hI
zzxUX7bslSR-oE;le4phUqn{d5K1T7r`1t*^2O4;r!7m(3TP@Ed{$m?q;I_=rF30}0
zbl-m0jJVtrDHpk|`t~R2R3jR>ufVRieqhz5PX@ECI`nU)rPt4F@VpI>hkI?ssK-qf
zn=;;d>uh1bzgrkpZmC$UT#aBOa^iZLy46u%QT=#malpSvG5a_iWtC%^X!V*=Wv<ez
z=^OhqaZ_x);-A0XXCs*W!bI7H*0ZW@HS3m<`oH(5S-s}=-LhX~JqvEp>0IHz$eO%I
zZ(1DT=aRUV?lM?z8_Jd*=Z!97Eb^1uR>vQ;@OaiQ>&rO@>nY3LX6Cq@ur{&GA5|C#
zj74QTRgzizz`?<lw6LT5NJW!qd{H^K>i9A_Ds*r2X;5goRn<1P?kLqOUxX1)=-nQ)
z-u~NVo|E9k=1UIKtyk49@*7n5&)yBRB%QA(nrpTs`2zN*SZ%ISEYk9GDaZE-UEY!2
zy}rJpyBB%(?=j<_%&Pm6>S1nMNV7C*IVFQW;dtd~lBkzzK^n^v8AOgARP{c~xy-N&
z;@!9sST^pHw8E<%m-LIc#vK<)Xl}lB=BLR_<Mb&qWSwz^nAOMmg2bBGR^6oy)6$@h
z4x)%6`GPl#zl=j>-~F<wpKCP2!@#x}#o^rdZqfp~K<Ro~w6!7+@7Huf7<s^6N5M>S
z%tYWrjlMEI^{&wm@}>LGLj%DRzuT?TKHIrawt=11*5&Iu^Gu^Y{eufIq3((t&LK<d
zY|Q18ArW3-XrX6Z(*}22rMQ+~G8&S~)2G9n<bzMF4u3gsfwyxnyUSdmrNB!q&zmx9
zVp9E`<~xVN&$(9>_$kd>73-Ps2!oj@WEC-b`@_gt{I=3pZ5L|%FRgse2Hbw#i)~Yq
zdZ!V-LXQ9iCIowMeiI6OI<L9uB|UV#bZK$*aXog|J8tO8X1T4|Xrnbrg_zGQE0am}
zKGS-02`!6i$978kv~@30bR6f_u`Nsgkh%66&!K54-we1fc+`EmUxrqR#k%_kFWs-I
zO3&HuEp&rpLw@vcb3!3B8hjOeT(-*a`UlsE3@hWO7R2N1cl!8b_H>XMI<@}Odx%t8
z&rjjXNfKeseLI~Lbx$d9jVb|t5<^<TH+i~@Pg{@EDG=M+nJC}muUtH;L`jU(5yaP{
zBU=W}@;Vte&;zew!sXFQvtaIyd7)x5Pt^~mp5DE-<B##Nn$2co1uw{WTXp81U#W=D
zphv=nukyafN}0jDiE5bhmQiZMC*1Sea-rMrHdr!c%Bvt?^jZ}k2x~Aq!deu8kgsoz
z&f9-@=kmVKkSndH_6^*8hvGk(dKtv0Lt3F`<>()_H%Ighv^nVYjP^guoJ`lrlq4Qp
z4(8{I`m6nFLkWm=Nq3j0TXa6`VwrYA$B+xy{*`LY{+_H936JF@-p0nD*1;G;D&-$L
zLs)2AN|#zfrxFJ$p!>x@is;D)$=8-+sC@wWqGItph%XqPn>7}OdK-c00~KwGwD&D0
zGyBD<mOo}}7Z><T=LoqS+{SgZ38#<`f}Ort3e(JOATS*2%!;cBN-RBTZ1`)~s3a;r
zWtK=O)CHtSa5ZXEmw`_Z_^&Pu7q~m>?e;$Mk0LMbxAuzk89a2x2nJgUEy!qAm(Z!J
zo8+IbP?XZI33H>Pbsj06QhggW&?+ml0k<-V|5=V4cfJ_qcYDp`p1qFr3ZuM%`fyD5
zdk&=Z4|(Yvo}0c2<4L$6`J&gUSiN`QJS{q}G2_i?t)@2jTwlyju^gqq11(Wm*0fXn
zO#CJi_HXXyr;+2onJjt}KIsmmbzQTxgf`Xi&c>vcXHnb<eQVo8;Me5A|5aJ=eR-p6
z(|+FZ9n$CJ2Ir;n&nWy#U$&3>eIv;y%^WP$U0}5+i`|pD@$2!DQ&%RhvrP_ft1sE~
z11}I=GE8zE``xDDVnV)Jn?`#799S%v_C}MYPCrUIW#}EIYhiFn281be>lCLRT)KbE
zka%n=p&%E2y-atW{<{3~w^Qef7#o>u-TQQ5l!n&OPUM!9aH046QW?_fBj0};(vd=Q
zYK3Z@iAitVt-q!Sn|DwieG0}Bzm`8&T~dNry8X&p2Jg%L_zdifT|u_)2;6K?_F6&6
zE#${k=h<bOUCQCtalAOo?-Iae<PRDx&zE=G<x;WfI_O?LT}{XHj=%J*AzSZIPeJjd
z<PLs^9B*v?TJKJr?s}HQMtz(qa;84L(;KX_*UJG{DmJ?|AN{ew3Nai>u+e({veBV$
z)27r|^7$hfr_)IO?Fkd{bK`7!uI1vI2!%*%Y)US0XH9lncW<ZE>tfSa1od%t!7O*q
zQ)@TtLkHpxGIYtTZ#02Btg9a@!8Mw`DHq;z|FFy7P^Y4p>ON!l*{tu|#ka)wBcydz
z>+kuw<{j&7m-G+h%#f^CYn(ZwyCHmcc9Rgd*IPrJIe*j!meW$=DTuTGwtNV}Y9$}4
z;GU-2*MIcRFC#1bzB4rzcZaKX$N=2TDZ9`2#GU{;1l&h^fMx%-V*YS*TBl2<=Y85!
zXUYA!-Y%;wZ>nH}ViHI~EZhR+Pvs1qb&S{+KbhB6*jsnsh$=>I@^jk164+YFg_w$;
z4Sq25Znadd8GFs?{|aiZq{3X6^S;&K`)mi~<Wv!vy6GZr6f&>ki~abiq7KBzdBut0
zJt^Aw-B8xZ|Ar3wP%$$tkU?&9hqCnK%6VC&joye#Jdu|x4vOnSZlP=9viZGk>Y}ix
zr4JErivsC<5@?kYFW=R^H8@7eaJP2tL~}d1Um5sL3&hBg?Y~CM7#xxu$=`doXvjT|
zaIf$p(nckB?*6decG=X5@4b8MCnTRx#A_-ZcYaMt@>z3rGar4`mXC#FnGvOf?E@G;
zMXS9Rx6423v$CQm?p#XjV->h6KCB2q3p3M$)ty}k$(;)tEl=D#Dd6DzwBPO9f*2nf
zS3^h_lGvVa`h<0V+^Lr30Vku$Kk^Ds%z>5ncVOatFDdDNr{6p~Dt*XV>#Kf`ZJ_A0
z_;l+w>AEKcoofpr)YMd+R|%hLP8SBwYHixM21;heU32WJ^TI|CyIW5w(6^26=g!Wb
z?XVUpgg^MO)uL?4#DZ-rLbp8qD$;RXNx5NHR`YNE%f{;IXT`VPaGTclH(P!W5ASoN
z$yaV5KEA?Fm!<ik^{q5l?t#bsLO9bWySF#%T(f`qd_s4?GFNdtH*tIrZ)Z<iCBf;K
z+T&JVnq?GaF2>v`LB^*$ribzWi@f&=YwC->MNvc)L{v}|gkVDv0Tn?hp@>NDO=$s<
z-jv>hprRs81SFA;q4(Yr!2&3u1_Gf3rI!#OkdTBVcjNDzbN^5G?LM9T1mCyW?6THe
zbB#I1n9U_C1C_T&@ORtAVqu_&I*C+)Q5BO4@ow`R@m0Gpbgz(HSufb`wAt^QO}q~3
zQU_~(?X~66jQF0J|F{dWNJUCXv4|Z8<(JTHue8rJTn+^fhRzyq<SR#ugwqvBJ$Ge1
z(V!76!9a}k?>o|*!0W|bTFp(|CgSm_7a8+rK_$6$_8kXh0K@40PKr&<KlQSd#zzn3
z^)%u<mJTGtz`hfU6TLnQK5-NLkC2ZS5@al=hKjWB$`Zs@CKij8ono?Wd{j*PD{pw+
zuCR@9Z}6*s>F&0a+f1u7f}C8jx8=PjYvJ;zcw6{`KC<C8^y~`UkiO6lO?YqnX$Dfc
zVkI(>CRsbH5HB?GT%*`A1oR|4e5*%18wy!P)X;oCd}*9^?<%>HyP>Mz`j&jfQdY~N
zRg5#Di#EvoTyk%_^cYi+j_CNXS^rm1;0*5hr!@A%O(x?^4_`N^rLN(Dg|4faW={3-
z-?Q@-uHb`Gi?1tJF28=&jby-rYG#A=zfuuc-{KP3CvLf}248hInJ8tpiK}YaikuCM
zEQxa@a$Yw+iWO;U1;4W!dIM!QGO3+TJ1fYVCiYI5LY?WVCg^N6a9=>>K{mD=xj%2e
z<XfqHd(9)0BBp<P7@;pQyfz`(IQisvQ3ToJ5siC#=38WCv4`CaP<yM~5H`{M?=eq!
z2wvl@&CaF;2^W-1QfM=c5UL4Dtp@tNZIkqeGuwQ2#w&3Jc5zxVGAoai#taS2H|u5j
zFBd(G>J$cx?nGED9jHb`49s|>mGv5v3VUdi8;m1A$X+SpP;lVS<=AU>O>-V>^-Aka
z1FJ;~b+n&%>S1N0Mz=c_$Yj=df1ZA8dBm5xZ|i1XaE))*dGUvG?u&tF<xQ+e#Xc9I
zDPE|5<*R_v%KjLb({_0Iz0CaJY(k(*rc)R4u(@0j+2A5mg#5zI$O+1+(Qizg4zziE
zo7(35D|@lZN(0w`q$h(*PHyGfU79izA33qfz}~R6Zs@5FutwI-243ihh238ryB_%r
zE(N%1==XBOoHeAcQ)KvJj?<pIlDrr#XU41D(TCuU^uT<&(9qV`0ZPvw;fpF!do8=V
zifO=Q;txLrQxtzCI4*zoXg?L!H=OG=U&4ENKP(@U=Zy%jbyF+1nrB)%oW5oMm5t;%
zWBHki`)=L7hnA=jJG=d!XiM&xCoy23K<g<eUWR#TPpnY?`H?0)(b=id+T;wyq73-2
zUTvaxg7@O)B_T~ZrMQgX^7pMO&y^|8YJL+pW{l?3LNN`g)0ol_N)=SJh_eR(LvP{n
zt#=iQd_dq}414#lIglz{EGJy%Nfy*TbcWD4QJvNwz{w1?Ux9ZHjj0rwANdoLsGb!f
z)}ogL6V=^0urAj4xk9rFFX&~s`o{9N<K_-_qT2oFPL?vb1r&;R=vM)O(*YBPc9pEE
zn-`LIe2{Kkp{^ocIP}P`Uk}<y=jZ6$I98!beHUO_sgd#PN6-t{<89doEmHxO8Fck*
zV_EJZ=X2nZ?<T4X#J4kB3XQaII^At~X)y4!7dSigSHkHxG$Raj@!H0b!(VV$2`)}s
zi&__Ilp)m=I3mD1F?h%P?p4L>TOs=CyoiAJnrY#Id$(4aFhP&nh#$kv3UewX=10G-
zyTBlfXP$N9H(yDx{QL`=y<dq)_lFIowO{dA9IuZ41lgNmy6)z(Exb+v$&?E=)(($v
z{AxqttR#GC4l417Rd5SGx)^=yVH&QG`hMlztyRKIXSy_!(VfuVL&|Pgd{FON!DL1(
zVAQ4kD<8nTOd$%)T?nvB3x^S<GoN&E75gJ&&~0vD6)^cOz_Oek^AmZ9T}_Z-+DX+7
zhg!Ep7_lAN4~$o@=Ju=eg6DL8j%K|bxw^sKetNybG+?;g`mW_K2(mWhd!dyuQtaKq
ztdYWon~=|#Nl)ecSMs$H5fgYlWmA;m%I|JUYi;;5zpy<)@^LpeZ~3NN`8<suAgyDc
zkmF?HaDn%W4CS1<9@sBjWDCC*m42V{Vx1EOY0;dPl0S?lPByK47^#p_(nW|VD-Fjy
z-I>1>np38#5fgn39EFVu2S@deR`!`zGYO4^G1l!VmAdUG@F>#n#m=oTV!##0<C*sc
zUpojk3Y*Zlmo>1qF8!GmC_BYKsxMvDHYSbe`&)8Q^>T*&n*s_oKs;$!;qOSFaXGwl
z5-PpR7--l*Hn?QDfjqmE#~_L!HNvY7RlIv#tnI6c(&oxDg9;Dmiyls2E~S#zsAA0R
zuQr%F4o+^E`cjE2X{E$y4ojPpJih+WB_+237c&wvWbb+7)48mTVO;k9=wg!c>0<EQ
z4A@)JA57%8*a^ap6!m?eFPfElG+$?7l{p$w5mACi=x;MCk1@}?LAR+xi(jFE^@gy~
zW-m;0ZJ1`@)2$HnN2KW<<uy!WJ39b$<4S3UIbQ*-xz{=PRR8{dOV)_r*CwE|eIZc=
z_Ox$Z_F@a+u7HxI)IFmUvvAPr5TcN(KL{bv!`bo!oQFU5Go8D*9@P2Z(i%d>m|eJt
z%5HL6MWzq7G=jInvd&vJ{Y-%v##!p^p5&0c;3VlFU6}_+Rvha_2kSJXKNerOtl)#o
zS_=2rM;|mVzz%*{Tu}OK@+jYFr8NR1GZ!Lsk3q&15<&y?a4aY~;=5#~tru)<QD=V#
zkWj<KKqs4?JGuARJnP`7;9pl^Q4=N1E0%`~;hmlL6_3kQ&w*;~0xB~;7Mp>%T--;<
z?G<Lzqf?s@Zj%#9B~Mp-w*y8Vge?6QZWz^`ILy(Im|d?(#)WXU3!;`^2GfxjOtddw
zsb0J}t-P>eQ;N^bpT<44d(=EEg6b3yMjhs`<5D&NhNfhuO<RO<Q{ZfyS0Jd42cj-E
zOepllUsiCb?ySgIkIQBSl~RM%3(hH^AbBAzDzAIr-&vmf;zy7uvF&Mxy)y$TnZFb{
zjCj&NT3*3l?Py*g%z8w7)eM6U#f<VMD*S4L4yXlw8Z1sBOt=)6>gRLjb-)g`$~}k_
z|NJg^BEjWHJLO@bsUv<4F5vlB*HIEAHWKk3Y^fG{uhj2E_=$3uhKCLQb{^+~LeR=F
zyWh(fDnyDr2EJK<%`#_U%DO)Qpkb{gJgH#E70wN1l9por-sIY-)2k|$Dp#M#4p_>a
z7g_TNK?x5wzmH&B>-SSqP*J|~(T5#MbTr>q3R6h1-#vZoy>EGBD@H_caivwYi}~C*
z8NArhAB9-t5pu3{OF{$?mjj@g8cyh8k7{D_yGZ0|0}i6PE!MnW$?<o~Xouqfqr6IU
z7=~K@#!K+6K1DFCp<}pP0n9lP>TkE_Vo5KcdyWhnPB81EhZqLj`2++lq<m>-fY}u}
z%Ak@jxR1%}&9@=^q=w`Z{DDF3IeaIGceIi4{&T5tYh#8r<eaxM)%juF!}w@US$#5=
zLab5K_*6aYbAuwnAvinTJl^~0l-q4n(vw$cK9q_BMmm9fWy}WFP)bnQ7?nns#3$o|
z6@!RXv;N^td-1-j7LW1*R@+`0CvDA4V8>^7x}>jrWZA_DG)%G<q<c||3H1})S==c7
zoi0A1GumU-;@gANQMnP~hl5u+jIFS1PL*9#EKgTl)fb5aK>DL_eayNumGAnsYY|cR
zoO{n&UN^U~@%)yh5qG9p{^z9su>Jzjxy|47%R*nKM<^%mqRRY7)82h^%d{JhpCI%y
zo}7`gS+aZkQik2uR1mkmQxWp^=^oR4YNhb1#j|#+1)v|-ZQ-d(8wda+%P4GkXzXm}
zi{ZD>ve}+86lpG2tUwfu@Ii{F*YTGAsn?JF(Xz4?J|`J@Kn}X|6)b17xpzC%byr&p
z&7D(IoN;}`%IH&0R87qqwCBo#C?!cL8MbT7hA}ISlwy%K?~z73p{?QoUWo<zW53eT
z>aVtq>m5)=Ju}^(yxzA<R&KdtihN`4f3Tm)j}p7Fk!;r<nvq)}`7A>zq{g;utlANc
ztM{0ioLm76_Ulj=ynwzc{f!rrUfa(A`S#1UW8rh38Otw4x-Hdl=|pyMy;i@z=U-sz
z4hd_={MkUIc5u1C^P`&zM&p>PZ`})fR&*-<oFARE`SgEoGx46N3X3NiMyxvC)qD!L
zt&;qY>e=>Me2MP8O0=bXxjk)*OPc6H@v|$_?X7S}Jv=f3eJSx{ITyYy#Lx0J!s$1r
zG?}h?)o$2xrPie*nj;Wek5|L-j+hKRf4QUmQTlLQxeNUF!6b;)i1f{?1h`evgzwj=
z&pY$U5=g4ZgpY>S)rAt{T&7i>O`9_&>KA6SWi^jMHCq5buAD=?u*&xT0M{uKixgm!
zHCD*}?d^rK6lc)bmR)U78S=r|m!|mtyK8umdZY>Jl4ZnsRR2LX*?vOoo!cnoqFlI+
zK}5yNon&L%)5^Q{b?QFGevgrOZV0#5i~cQ@y$jwXA5|w4PCAzvM&Q?)UHjzZ<Z39L
zfcRYrB_KYOy5Tug^*^pJ`r`5gd`Hhgy&jUhGZc3QSh6u;SwsZzzm0^A(fMhuZ655V
zOA6VXMx=V5NA?vGdf<)Z<LMA@U{ldjywV>ewyt;!`_2CqSdgEs*z|b-S$`&GC1?KY
zi$TFV`1c^6uGCyLIvFtx)O(9Dm^$LY97NBYUr2c4uzstv@FahYQ<pbQ7X5(qupIps
z?0Ot{?3|W-1aI%QY-?{$kR050@~CROxzTNmBo)O9@-#L5_+;2y?FX<DG{+pyXm1T{
zmS=O%i;n&v9o-Uuc3=@%8FCsL-rg&_QfxJqdD*{zcqq&Aq9WSIYl9l$>}C}Q8I?H+
z)W<Aq{eA|mrFnnMRuug`Fwxl0r}>a3$Yw;kwqfi{pE(&X!xjF35psU-JD)d~s(u0I
zZ<=HxOtp8eqh`aF?Wv`layqcn+sm&AFjbv5nW=4@gD!51XwR?%FHijh?W^E)F*4+D
z_fJGtmI!;1vDr5l&&r<-%|G9b`RqQUS2gC?Id`0lx^B@}v3x7A%nMO|asQUD>1O{%
zW*XLY7-mMdcpnF>jK3{*Y1%o_K*23=;L=em2@6w3uVJC|%`!>n`9N>(95Ex1vf;Md
zhvz)mH{GY*rW2u_fn_$!3v5N}7|S=&Fg=e`FaNZ%6@9V^mm0xLq{t9&3N@Dd`9)0{
zgOml%2T00>18>3o?0wM3TCc=giIL4ylhhx9wV|AioJPX+B@p`xNl(`biF1PUIeiOR
zUK738L}mB1sgT0)=FoaLcTP(&wj^~qm{8x~x2q5@*xWq+E$BcJ(grFOM3{D%rfyx4
z31A+o4e2_3SD-uV=MFprw0*DZ^P}6CQtN8i-2NvBf2sV&!?GuHb794HVZ1UBCjX<=
zi>>bIZxPCMVD{8&3lCSQy;z>AsW>-;M9RD2L*<W#Jt>x<?C1B$F!JMCx4!fAfuM;G
zSJuthQp=686^O{zK*VDJ4<RI7K<sE=ouA9~y@BM8+AUe}Yjz=e*KV{XqBSL^Z$nN?
z%fTB3;PuuP&6Y1P^=>uUZb0mo&vClz_b7I@w}XCOdu;!!#+;-9_xj&4_d;hk^WOjd
zjm<ZH000sGJ4AU;{Ezbv+y}s$|Bfgn)g|CM{~bx3NA_zk{~cRwx%*J|ze80-bQ@SU
z{yVzaUn>9apV>m9{xAC{Mpcb3CD=zs-v_j!btQse%N{}S)7F$RhY1nN#S*>tgN_Pv
z6^<=(#g4Rw5|7t)l`cSBUbI7l*ST|6%;za=_yejVr6t5D9zd>EFWvt1U7_LK3Cpso
zZ@?&?ELA0#8C7Pv0p=F_*}B_wW2Kwo(>HGN_EBN7LHp_MLiuO6GnG_K8NLN~yfu*c
ztny&bh<K5Qm8`c5?#@)dzk5KEeA&0>2<r)Av*iIc)s`a>MqY&L%`(|`$Z!89(K8vt
zO?NKv?zxft+-4w}(nYULG)YITNT=i3!#UYTAQeb<@;c7R0?ep;9JrY2yxRH7TPo@S
z|G@x3*<b!md%i+kPQSC-ThTyT0WZ!ryjglTg0OIKJpaVf_n1DJt{}y!*Z0}jL<3$b
z7o{!m6XjI0>R)k&%06-!R#<p@Nyudfi<}ftMSma=4<Om2U{~Py1Mr33TcpT6$4(JZ
z^>}V>bcdl*aw<#(m<YEG``S{fI8*a%YmYAgvF*zOFfQFhx7F%N**<}=KOj$8c#xmR
zs6Q=$$fqfH>zm?8kl*dDhyxhCahk}CB3n^L&8Bb_O@(zUn+N1g_MBc@VC#PAPP?`{
zUO7klSj>uKRD^_%f}Oj(VWtn}jrBnsDiMm=OAA0~djPz>@}=DAaiY(2({2G;Dp4a-
zsHu4SIfP9XqJiYxJ<jHi)I+iJ?}mqx$AO?McWu`VI;i1&J%B4*B>OoWe(-vBbhcy5
z=QUsnQ&j@qh#bbVKgtbGJsl)6R2h!Hhje?0ZhZz}qh1*P_d52HdV->0{&d%`Z0@^k
zj}d|@?bE@R$`R9;f(dpXJ6#?SfX?hT|9u(ey28U2b$O-fmeCi?twx&LOs-wz&<>at
zQ|@dHn|ii?%}Xi&T{C$-=<Bp?t0zeLkg_UynY1%bU4(-tOt_zs*QUJa8y7az%!k`|
zG4!Ae+t#2adEo0E%jGS3RhUl9aa>nwe6lJ+T1uaoGIIw;%HD_df8#h(dr{FINR#2^
z+yX7)Y~u|PKe$Lc`H3yX-<_qyrpl(b>){7WMrq}xXhjHeZvO?Gy`Rkmw7sYhzjm$a
zThsH|Nt>sC`=p1s*^Ol4A6HE=hwhpKBZH~E7#2lj6J-_9gsay26m5^HR@?x|{2Zle
zJFhJA*&Hnrv7`SbHjDxz;Yj-PrCOlN9$=0~`IMJ;5rFdG07#)mdYEwD4PltQp4Mk5
zbl2PeisQSuINPJkuxjtSsJV(O7T$P|X`9SFP+BKouUlw_+W(eYrq}TYgq(YG(s+%I
z0xOo=D2j@Jb2a)C!riGkxbY^h%*VS^UEW-5Y~OVhw*j0xp2xo>i0BQJs-46Pvph%3
ztrzX$2imF~yI?QaIdN=SvQMId?W~%IQ{A(3IWc#`V(aSETe4P$zaxopDX>;~*>AOw
zFM;hIq=@9>P|!Y10i*=b;&9##VI$H~m=<2sGRR|Q0dqq(f+bOMo7H-8Jm@Pf-L-*p
ze3(>R*h`_T%XWotzJkZ(5P=5lshwzR`QcRGRZErg9?ac*?S;Ryk&6pvdJWjvmBswi
zKKse%n^cRX{0#&I6)88c$<KTbv>ka5G@LpP>?sP_TnBR04ynBHpy6=Vl3}RV92Fmt
zXLf9JUsIo|yJK7B@B+&l6t$F=47{$YlkR+&C>DPpw5l?8f|xnbi!KHqZYXzIIPUJu
znOb{gnqs6ckF95f)%|zls?W0;&lsIP-b8a33O!Gq4)Zo37*}$ryw`q8x|-c&(gdVN
z0beFdAa`3|gf(C-hy6W*KJg&$6n#!aj#qt81x8TWM|IH1#=q(t;N7|A5AZb6x<DKS
zHYBbhA#*4F7y$aF=7fgJdBJQSn(=9MB*I>@KPfhaU_{(Uubkc=UONBXwPm1(Yv`SF
z#{@51EO6r$5}x)6uEyBonhm`Xl!SV!%_W-}B3r=C#5IMPUlRJWB4E8Z$HV}?s3WqQ
zX>SzJnrNA#u4aV#Z+5~!wbOE<FX=5T7+6jJm@w0s0G4bbwvho2Ymg_@4X^osI>3JT
z69+dyiHyYDIDev4OlcA;ojWr3_O&PTdW)RSPADIZjVh7aA5?*2SDrXq>{jKh>8|Fl
z971T-f?l@{B+8bW9Q!MgCztK<QkP7vK<5IObdh+CC$@WhYuqKU%?~Z8c)0Cp_TBs0
zCMCD>#b)oAIT13<$c`P2pz+OwsR{H?!m5`%{+Z7~wi6H?;Ln#1!TrMkYh%4e@2N?%
zaDeGr|2x!uB_5~zroQ~J(gZK_RLkwi)0zE&Uv_&d#U=&VZm0aBr~)_mx_9ykSC+IK
z!EPKFn<Bh7rX3R7m*a#?)?Lak0_4|+O;7O$!Wz8%zTgTYdr;ZYv!2wa-6u#EYA-?>
zZ58iwz8Pzk*iw%Q4kS$f(K#~usrVO8rg*JuA};GLcCWPieQ2cCG&!Qy#m5_d@Gx7B
znC|lO&hF-{ZO<oD1Nk4Lf3;K7c*vWiekgM|^?f<j)MzV_mq!}4R|6LUr0SD=wvj-G
zHE-|7FcpCNupbkaYBYhOO*3@?o^seAG&>FZ2vcDD3{;<`M-v+gtS4${Xbc9pUAu9k
zZZ%tE$h)~O7GglpdO!Lnz3}1b|DEsD8+J^esyLtCd0ci;3}|xk=Jmy5lNn%hdCl6w
z^^V)nWorvnz$|}p!gqiBR`$5oQ(olNW#rptdB25Ez@Brw=Gyz_xevN|^mB%J49jcz
zI4xWkV0t(f`37^tHff=hc+q&^_OlsP>*IYCe!=3$ZT6DI!A~f<YQ{Hj>?^>_<xeL@
zi=Z-rXTjJ6jypBj@GW6c<{Fv0kjX1UjW3FpGlE9fYfw6A`@x2fE>}H&6XY}I7200i
zlh%5t*bx}yt_H5wSbn*3KEeqr{ZHYK+9qrmcrWMWv>Fv#EScpW>}Wk2GC=lLC~}x&
z91TT6`23vdH0O>5@IsE|-Iiu2@JQiXs#<Fc!f{p$S-Rs!T~(QKMwDysl_G6SWI}r8
zXh<WO2ugTmGQlO!D`umwHGrU?FCOL{kO{iimb^S%v)xwmw&2y3#elsbVY0yX=1VV`
z5s$pph;Vr5AZ2-4i18!PPpykaR!%bO&rtBeg2@BvioNaJjT5u-ZrP#atR2c{6oj$)
z6DbmC7}}Bu9kiu9UtU!0x<{R`T_{Ox#4U?X6#|*SU71mWTvvO0k5cdhN59A(1^+UI
zMv%|7u*gn3kX)E<bANhzk1Y3k$|x8a<VgDV!B14WY|<_3akUI>>RIPD`g!HlimCM&
z1Jit5kt_<e&9Xxd@Ab#d_gCVt5?b9|4^bVDwQBwynJZc$#y-WfH#3iKEXu4Y`jgH{
zuC<qXNYEx}botbN)lXFcG-dB?TT*uFmuy~^?a6S)TPH=d&q8`7BdG_UHG^*$Bb_HR
zW{9Q06o%?UnfP)iWy@wItU_dja#(selF^>MG{*O~k<}u?QbxSBMX|EDbSSm_O3ou9
zOms*5TFVZy7LR{|pRG(@D1L3W2Ccl@a<$DL6=zB%zVp=C7S0hAZyo|<Zl=3m*%6Pk
zl@ShI34vL#M%)&4aUm{FT5cjus-DzVHBa#zf6@R1ROC68>2UKctFkOZuoGEGdD8RK
zt#9G}lg|+w9h~~DwSDi9P!eGM^#u?;@2@@vy7&*!-*>=&kK8q%Zu<bex;t;3wnukl
z=}OB=(spVY+ricXH*R|9G9_y_N=hd`n?z>U_0l<o=N29wn`|4$xD9>pmH%@{ajJX{
z?~T?WYmhMKCtn9mSIfToJ1DPEG-q>XbxP4nU3<}gI2HtZWeKre|GX~aUnE~Qhks$!
z=q}=hCsPL#*T|h@X^~7$LTTR%e8n`%VL?xZ1!Z;tO?3KI030~P*?-E`rxjhtVlh!K
zvEN8oCm@kYe_XiOU%LL*O&{LUe6oXtTkF20pN`-Axn7t+AFl0}`!S42RTSX-__>my
zyRHtEUQ((E|9iByV6MHnK#XIyc>$tP@zMG&kBAT1Eij5Y2S4Y$7l!ilyOglD8{y}P
zHAN%QiZF}#OZ6id&+!#~2pnK2jax}pKfwlVK1a!LHh?jAyaqav%zZ}QNdHxY8TZ2p
z)W#>FDYFnOED<8~2XS#biztxgMfM5FaWiVn&7@2rDtq_LL7(<PYlAL@T>6RON{?hh
ztfm}s%pPeYBOR(dG@dw9Q;pr&PYN1uc@1(e#B;FjsI17|4)yl8Ly14`XSJ)~$|knT
z!!#dTAr~Vx$4Nr{AF2JH_SsYV^9isfU|pNnU<SY*+|-hvOH#KH4~P}E!1b*G7TH9d
zpPzwBa0UPP!#vnMu7Gd=WV?2D_nM8d>MX@HH~#)dw=1j*jD7oixOYoWpTH}<9{1C3
z5nM^YnFP0_G|3c|GO{v#trlR#v1!tCBev+Wb#p3PV1nhw?nrnR9-)`1Fp}EI;h~%f
zSZ-9je6T(9=tZ1J&eET^BEEMjJl5C~DF&_!X*yFFran5A^Pxz0SpaW%ogMhlkU}Bv
zH9Bv{BOC}kv&rlKfcFK^Nf~^|TDhq?q8mZ*fb4B9U-(-v3mc17t4~d^T~uAXzxW*@
zVaO{dOC;&fgFf~tR%f(}G5=&OIlwC5>xIEs9V~_LAxw2*n^)`~%4{W;hDyUZZ$#j-
z)&)4uExWIYFqbcEa^e%uCqhM+i1JhY3e&-rR}~Bh=?QMD>qCB}Il9@2Rh0T?jZeBB
zax4I;;Kcl1wR<ZwYa|96T)9g6;&)nN*yGIP)$$2WWnV2)i=5VA#6=YN-WD(Q5v~E>
zk18B^nTC>zoT%Olhe|35H<FFJ&bDPUz<H!I-zn-qUGWC<yhPLn{&Zv(>)4W=p5~YW
z*p_n&8@g1{Z#1^r_;J$30e>=Mk1$^8Fdla8+8X@=nS|&!8(WmjvdQ#dQAZbt@pQrH
zuB^Vu*MszI`I71>flNydJ3B=7mzi6uirv|e_z1olrl8w&=@sl4i}G%fcyvm};WkyO
zf`|XqHg$$wh;5gXndiF-Vh(I46h~BYZfW+zExkj)-B@*MrwT*7j+hxLd674DC(9AJ
z+j;)ke5%uQC1phoC9+Ydd*JuU6tVFfHHX;fV?10ucgnqlH&;r%mw~9!xfJ~1z`N0@
zzhjR1Bz}{n-GK8Bd-6ln(ut<${!st6(CofqvV2iTBz?Skw47AvxH-Z7`qA5KO`G%;
zcF-Wb9$DolinB|%_SU9`V#MXe-Uc!E!ci=>4pK?j4`Sg@t{0bsrRw^v`Z$&I7#QaD
zrjm00m)F|vx#Fi0K<jV0dxN4}Qb5_N^K<CZt3U<4n3ninAHxXT`36??;8)G<X$MWl
z(CbU%2%`t|$uIhbwSJVqR@4gg;f0=mmDatP$i}DQ?V4SAjG>xPLq-b^Au?7nTaWa*
z+@`pV79ceCoDvud_b?1E>TNbw{lY;0nd{P96{F)q)NlgAF$us;Mqljjw{Fh$9OGtV
zyKXrIJ=!Jba^{$|$;ibGP)`R;rlk4ylLyPvPfl?NL0NRXZO@ph*b>ke^-YDPthZT;
zR=qQ(ZqltV(|Ns(WMD1REo8UF`{Dt=h@0zFOFfUP8M}6j`$Pd>(H)=Z$=6`6oc$b|
zqE4R!@)7-;NnCRISFv_s<pB3$F2%6LB!sJaZ&N}`$L!LPFOfL;EzyUl5=*b+j1qHH
z7PfL1-n4i<w5k-MwrYvW`UNZOz-}eW?OZ~!jY<bGXm`lO5q8)_s9eqb&CnzHoVOzx
zwuRnxt9;<PqhVtL{oD-L7{M(92O`A1R)^r9Vv9KqcnhnM;rTc-1<sPAxqhd@%C~Wn
z*<LbN+l8p}%}al>`ZDZ>r7L|{;bGg#1L~^fy8h))Dr-e(%d~eQZEpYSfLLvR!=K7I
z*vhp4NexQLI(NGvs?&052J-u*i0I0Ty!DXsyTSd-9W%3<4@DlnZm*bqAMxp&k^!MK
zGE+pU5r=<3sY%e77-_~tl+I#8A1vDP8qKy>P^M4%O-uNqmC7w+D&W(VYN!wCl+lON
zm4b&IB1gY$!xn26-X~boiyV(l_bWV{vKAK95D^IrS1B-{yj~(9=wf7<Je<JtJKMsF
z7p&t(@d~VSTwznJDXx+wd{*!i6sS(Rqdy-BuMwZ}6W$B=kcSdIHWu}|DrPR3;$BBz
zVuhSDs+qP&=e~<f^Y5kEVdO`5hNz69rnN+#2f1kte^_);a@JtvVe{?Qd)dM^TX<Y(
zQ-#$zUBKIH^x9C4)t!>mS<psY^g9t=6;IHlgwb1DyL$BpxiJUd+zhp^JaPYbNki;(
z>&Bu=<Aeamo$0j?P{-u}4zavyeAZzI_ZNr7zQDGHR|37g6}DdJ(>x_t@<Q_1#N=GH
zUnOWDLzgbJ>X$<nH9T|p`Q9DsPfmjamA^s8;ATnMyS|PKFF=JqhU5Yw>-95*pvT_2
zwr1)uGYbgrLM<XprDcWX$&vWtfJ+L8y`)oDll5_khFr&CvYChLux7FWImUm=U&-nr
zKwZj>AQYtBZb49UYyp~kyugT#G3!o#p^ay3Yaz3D)HB(!<ygb)O|CdIMJ?G#Z@7PM
z`OX%x+0n}=H){6tv}MzkSyL}jma-vGNjy<DpMOF-_f4-IxrMqDw>Zvd-%0&5NVslh
z+|7rnTon&2qqsf>=5r~-V)xSWn&x%>o8oInvxK}L{@zb0#$AXA0WU1kWy8vIyn3+j
zH#YJm05XezP?nr*s{V^s^j{k2Nd2V<_}K!CRTLmp0LsU;FILDMg7-^=XCbCM*<)g(
zO0Ue7?M+la=z#A3BQG-J_z}STbcJ(;osx|WnhsfP{%~vG|6fAmP@*Zi??>s;9l)Kg
z<-;wP%z!kB3+KS^lObJq;`5xJMmrdkY#V9lBfl$8n)BTX1-c?kN(X-fh-4zysA5jr
z_S&n%F*fq05#u*SMZjyDsKZEr0`ElDT*buLgEt1hwdsi*T40ApVz$jU4%ls26_3}6
zf*)b!`D9Uio+g@qa@NnWrjyql;Dt%r{*pU0l4Fx;qxq{99(iFVsJ-Ju?BGF0t{7^M
zS>h%FezeWYy#0l<tYxu&dWLZUm;Io!E9(;Ub0j3j-y6b^@|6~AN#C){)P>^R!OS*V
zZ0n{S5i90v+y2g`R`iv6i+3pMF#g7nqwb|_bFWKsY<!@@)TC>c;gatF*gl^UyL5IZ
z>25G;laVBn8J8VdCmV_mNQlP&?hv#u-k)V1M1hBq7fQpF##gKVXlk&?mrw2O#VPyH
zj=ghlb24pN#6gieEot1-^bSA7vrBUP+8Q-quUcnc5w7j4u1N3mSqtDtMX>OkRu3om
zr})&LAWdsGZ9gaSKiajr9Ou(kt>^a`sC*rRNAp##3I{##a4r(B7@I#mv>Sy`k7nLE
z{o3`h?EDq?<LmG)P@@w{WqBYJ^ZpaeI?hW@a_o@x#36L`k9_+lOhc%kmx#eC(E8}w
zC9W&cz?!#eCDo*Y>z_xl+9f5n-v~TfY6pn~e4Ik`>E}7mDake#e$}Ka7S7=TA;q|V
zCclCkwDT!Fv_NOkybD1n&bWtSh;k??h~S^*q*2$Rxji3u!Fy!UobFuu9on8LuI{0F
z0HM!kOY;5wGaUTx7twbu5eqZUQW>7VxxlAJ_;s+_oSIAm3INGSjpLNDnnFV4rq|^S
z#Wr=QA~~GznRLGd-O-Q`)Z$>Ez>nbQk0(E-OVMSCPrK~?F}DvGR%y4-)EgxM+@2CU
zXTt+S1&CjNje+@ElpL(z#sLpBt>Ux61C$Fx%iH^<W#2E)I--^VgSO{io~;O6O|jBn
z)~Sm(^SDn%O!<q%sGU4D{OxRUcV$$qHt(Bg-j8jT0N1r|sl)X8UQ94}jXNy3z$?67
z(swOG`AAuOcur2NtHYxC-nR(w9QWwhChy^^heVK^%dn#CV}sH-FnDr=9c+w0QN69a
zW1U=#MM~f+)i;=0<j}IE=M~oo+?TXgQ-UcqBAzRMyvq9J9wyuZM$vU3{DX~@{hY^R
z5m}x5pq66%dr|P*h=K+qZ*J&tkhQR-Z=1s((-U~!W$L$1VW;~t{juU1hd>Ui+q|SJ
z<EyDx)=1K|*z{3k55m8{o)uo&pMA5#?~Ks9g8MA56Z_o%@H8{-t81SeUwJ_$-V40h
z59W~K;#-3;0W2f%$({5|0M}k*Adc35k^|(fAeGi|`iye8fNO_nirBQT6BWcffvb$?
zZG?TlLlOpS65AZRs-qX>?d+>(-bws=W!X~%y&@h-Y_FTPHpe;w8>HAQ>?5x5CyAOA
zyS4$I;>R@$wFAmf{)<%S9)-I1thS4`%G<los6v6~Jzj7}Jc+rEl4gbJx#@~FlYcb&
z-KPs!HAoG8cFa=_1CYEO3vm_>E;6hfSZ1&PsmlJ+Se><J6^XW*ywYU?&=DF>`#eI1
zH(S@N(L49CjtaB-4<j$R<Om3o*06VRSoq^PwYW%*HX7zkgY8~bEOL23I%dS?-Hpw|
zKou<Wu=WErGaTR#cqsCoC?e#`&1zo%w#TcwAh9nsP-e%chI5m#GfBUgb26+Gx5#Sk
z_s_6IO@((jsZ?%98uchlBzR+y?sSBCUF9F06vVHU==_COe)iRw)79e~*_)Tcz}JF5
zqpo|N4aK`fUX)UKD*=4<+wIP39zpBz^zn~(Ej2}=O7pjKQYi7^7N_rB35CiPHROrt
zNr+-%+ylOYDxD7i-~Ms?r9E6kE12XV=#yzzgZ*YU=VPd}sm$V*a}v38^}~8IIh!~;
z@qk9-61x3`cpX3a*&XvT;&tujV=iWd;pOR|H^}TKPP4$L|Hs5%r~xRp%KN+bE{Auz
z%!of!WvghirzGgJPTL7_VXll&<(-d&{D%y}Ztlgv3Oj<16JbxTO(qDMV09iEo)K~6
zcu&Ep*Wb4oo1WA)8AStgsY=a@LM~|EFW>)iJZc@S2>622*N?LepCtBHM&28pyc66e
zd{}tfk>Vb%7?{rb^U<<R*0=xa3QJ6Q1=>A~q%w{j-z1M?l}t!(L7z8+!pf#_spR<2
z+?#!9cdU!a4bY={kI`H`h}H_d5Q4pEO-8pJV2dg-XCAdY-SpMmIvp4scEjG)Qm8#&
znJR#vxp}zV?(}HcV@HqKYaitS`h>oknp(z%lOr!pP^zaa_^ty(>89v?Um8a(ZE--_
zX(z`vQ@K<oBEb8zw&_jUt9FHt7K$|5NV$j>wF5g^R8$o^wCM`(0G>S(8qV_q_Y=E5
zpx%ylsjK4cz?^GT_;m(clt@`!eZaf?f$>CfaMfXzFnLdrqVF_Z+4XH*kyYvo`CU<C
zHV3;h3y;OPTt8d4d&1Q{0UpQ)K4GEHHr1F1p_ax3y&B)_1R+6NnofI!;=XN)VsLLq
zhjl%;op}CLGc)XZLl64V2({L13K>@#7kuEM(p!L|f9law^*=GZuxTHZ*FFd%mx<W;
z!E3H2n;A_%alTEs)S}shyep{H4MpvCFcvx;z3;>lpk?LS`GVI3Psy&PC5Z9dX633X
z;qIccJ35H9mE*I;KhePUevBE1nfsiuQ^L1i-&JAsMZqXuoRAI68{XL^6dO*6t^!QY
zTC7Ib_R8WWeFGp)r(Rv=n^S*MvRV35uSJ=$ZEE@MPX8HQ#=>`QxoG`X9$|$$9<q=B
zQ|n2-0)us!9slsq4V|uZDdEPuK<iG+cSnFJ9Cc*bn00=IS53c^%8B4Qh)IAd@SiFk
z4g=2^OP<1y*MP#&AKryVI<4>~)uU&WU-DFYF|cQlAa>d3we@o~^jLcZmz8f9%Z}b6
zE?I1PSYPq5lGy(&<;A>Hjzrd2E`UZ)en`!~h`n)+Lu!Sj8BP%4kfccsu#ecQ+;1*m
z3`CUn5d(PXH?98|KHB(3QI9MtLxD%exg~<q<QJ+gOg*zydtN11<!=1LG*d-)gwWd5
zQiSpe<u!!=WB)fA&Y%V*;$R>}pg7<aGUZX35%TTzxB-h{bb7RH<32EvgnUmXaj0LJ
zlO72+CJ1nF)uy+5@00!g(5QE7Impl&hp9B8jd)m{Pb5G^H||gO+1f}Afz~qw7(0yC
zJjTk>SS7%hZLk@^P?8T86XhbDJhpf3JzRR~2bl?Bi_WCMca4)n072#Y6`lzGnqB3f
z%Rn1gosM{cN@%uy)ycKOt7CN&uLQ)_?Vsc7+?<Ki?czMCgW+(Po#|Nq0@nX{*ZXsh
zfO&waH{^pnv5jO?>{(uDKkVIsgeED2PYkh}zEa6!6CHb?b9==Ir!ohoP7U>?)m|90
zfVPR*MW;18P4b4EROh8eeDyQwsW(|#1Vt6sGOLtte5XvAjNM?q6+Yn_*^g)M$dTF)
zqti3$ID4MdcXHrQ9v!ou*qqSG@C>_Je=tjbZfxh-Bi=s|yR&pR9W0VZMg>Ys7yy^i
zak0kVZ19&lfiKiEkI!1^gCgN+=b=(desj=cc~)lC2c8EoZkTrw|E_dW;{L)9>;AmU
zj%}(MNcdKF{^r-zUt~y%E*)?~5iU*p{Xawo`or{UGYzW8xrr_#sV_ojE`}Y)-5v7(
zD}axD%9Nvv)CLFqMTQLLe!YK6_CR_9E0UBYk-8V*J~os(R5&xoybE>s1~P6s<*86n
za=rmtU|6;sXLl0?^?GpUtBKJU26~|$AWfW38A2WA<P}-d`MF2OvjV?hb`j{dVErVH
zn0O$g>8~&o^u>IK-LT|TI2ZxcVtRM55TDSUmHCAN1LE>TW2I#2XbSHjFu6GTLAM2n
z*snbz1@+JRqes_|5LuT}WAD3LNWG^?oM5rt%?QFiOf#)Ao{EVsse*j#X1~8vpJX7J
z*l&xv>E0k=M}i^`8*f-GM{e+5HGJ-%dc*cA{`{C;5aaUh#(GQV)`bExtKie|wo;vq
zdl5^<Bfw&|Y~m$?*Bc6W#gmWSVrn?S30gl@9$27jAK_TalDhO@ogW{Ph!=s7rYpxJ
zW6YSODMfU@hQhYv306CK<7E8r@I*6gze&KJRE3mW3y#bc(W$U%S)R#!q3qQV&TJOG
ztN8cGFaSzhCycC@)vg5tc=E(^xy!4C2!mNIbgkF#wDIRgZH(U3CHa-9i3Eu_pV9L9
z=UuNvYGJ5Vq1{0Tja|}ti&Cu#@6p0U`2C6^@mtiECQq5g4?0zO1J}k_?<s(!0Vo{t
zrlbDoye$r?eJ~2BLCb;|hlJaFeh}k>>zzLkG%GNbLR5;@enNVdjm-=q4nBVGHzVdD
zP}Tix!RJGn3WC(hy@NfA6PSF-A=H7G!hj4u<tHfoO4VT=V6L}Tn1OdAu+K}6w!Uiu
zDm*sDb>tM@;X0;XXTeII-RZgqxd<yvqOPY`mOY;o=yW<XN=zW=ZJQ=9G~D$jR<bl!
zr33M??!AIJcJHZ~t}5f#Zp4uK<#ue)no6XbJ8EW>-IeuqF(Y3v_OK96v%FQ|_ejK_
z%F;;TN&_P0xZ62le`WwgX{1oQIca9Jzj1<-9-0jU%r0Cq9ozdMi-VAl5o4^E9%5R&
zq=4xd?1NP*<(B?h=*Z=C;-!b%8-1)Hn+O9pl+siw@^RrxC#Z0JevzKKURoGtMdFi9
z{iuJs*?Bp%AI!#dTcizoWO%2TFae1HsRQ}LABl0%Z6ltXYE-D~2(xekopOV;!M1@o
z2o-XNc>*h4@!q0!wt%q5T2KRGXFQ}H`omq+W}{<tDG+gZ)cn8bdXJA|rv~&$vTdcr
zl_%LdXv(Q&IuI@ycRxBSQN??uMO7nhI<$1W)+w%dxZv%w?UoNfR_A(?K>Zu%TAmA3
zAb?RL{&WM~<+k>X2Xz11hO7Lu9Lcz}!AJ`+Xac4%@qXGE+rwdnM$I-_2|PtO4sa|=
zVAO9eYELMxQ5W;kc&BfNDMVf2*<@n70QjLWc9692#m28ptkg8A^%?lI@&n^%d}|XA
z_2U^iUGm=7mGP|i07af?IRoJB1>+&I=4sj~PyfkaM$a8forWm<NEo>RZ#Y+K-TG~9
z&wi<(hW7JqIhxPLS>yTK`2DhAdNQ|lpl6+<FkrZRM_l3kxvjP-=#Gk+u=`~o|KV2$
zaY!Nih2=@TGQaPPpGmy`cJKxC5M#v>1#Ez-J04cKHF8Te0RawBQOw#Fd-CMME~b*M
z0jA3p5*qF*z`m&!kfsuv5GC(oO}OO<4ZJfW&ru4B*l&>dk(Y5rmFaFCIv$U;s#5$p
z4(S?rdwZ)~-b#|(-O!A1-Q7_A?Mi*hxV{ts;57H?1v@Bk4glb~LWkTM7F!G($2r@r
zvZHxWDuQ+1gnUSl)2blJUMkCGN}#1;h4f%s)NpZ{7l&An`;)l>=S4!u7xJbT>A?fO
z3bD#JhUCfhGIi@?v5Xd#Xo}%Y&!N!mo5pnCA6?eJ8CDSe<14a*kyHvbY-f3XnS;Bz
zU>4JUovT<b`y|zq+MmAewlBc&&04UWgMC@OCGd-OVm-4S*fg8uk`_@C+f^2LP=^Ph
z-|I%i&QhCu2oz~PdTVvM897H6Em8nbwk>cDL;cBV#)N4KwZC!wxv<9u6B{y6r>vN1
zx(DY=Z19_H>vqw?pX)eL+`=p`_s0Kl_z=N4x1vUi2H?}f^0wa1Kf<9zJH>042igF8
z)k#S=z0EqeK{tZoGpf2SGk(@1GJI!1{jt{*FKRob<wNzv=7fjh<t@>Ay|X*y3Au0u
zK<d$|2bgK)=~tK^h9=ah=qKLm+_tXyzMhD`s=qoZw=y~2eo3*;HZy4O-zfF4-XfY2
z3>%`GuAr#;b<V~B8KHh+gYv!z@&#4_&<iX04fNy8uYmH3#2bVRB70wR?`PXGO^X~2
z(iv#QQxro)WE2K8;6Mj?M4E0}3Yi>Ri$w6m+=2d$h5G9vep2d(bLU?K+FBJJyk^MQ
z3g0B0w;q*?5dBM`?`Mdlm;<9g&1!sBu@!ry^*zLbE^Y<!9Cqs=UlL#v8H0l-3>-O}
z1^tEVSX?pw$5fVujyn65>!&bmj_&hisE|%Wz!n5pL%Rqq0nPx;L=Iz2@~S=~ZRZ(t
zamQsg)AyISHhoZ@I+tQAe#&zfF?DL>qcJ+yo+mf?k}i~o&#**Ix4{+F>8|OP)#rE}
z)A)f%(OTt}6Bao3(ml^iJ<8K0D(`s0NP+2WOERZ?=tjlzgbLo99{To6EHU&M5%hIc
zt$)r(7u0zikWvI*BY@c4GOe;3NCSU2tPTM!^_T}C=x)~u=7FrG7q)E-ZA=eJ#2&OW
zD%PrEm5m4SSQUyK&NQk)ndjQ}gcxX4taEe7yASDNHw!^t^^DzJH3n@-VO4M?@+`h}
ztukk%E2a;=&MrAyTow{4X_u|qf@EfqC`n7eS;90LVqiw?LXsW#beNz=%Tl}KLcf&f
zkqViNa_zM8?$s7c#`AY5;sX+Y)v=7n4W=XjYBrnO(W`u1<Mnf>o?F=-738pT!7GX8
zw28lTs%=#H(Yy9hCb%Vik2*@<k;k^@$BwFv{Gne+CBCp>d1?8_n=+KH(8~^8v35aJ
zT5kIomYF4rdqV#b94q?jm0M|^yZw!*#EFlSke2k*?^a34CBgJOmh;AeR@yiT-Rwkr
ztTX?K&o=*&!{S{5{EzXEYl@=d>Pvd!pQ%kn-TS5C!|Zw0h{e>s361&}(RaX$FZtG1
zk!eXq`;Sis*LbM^jU7-^v?%xea)d(=z?$3jg7X(<N0mTsecF|riE4jRIz{w7m<V2#
zy5B!^>I|7Smup=-sHk*>NR*0#G!BF^<kH>eB~tHg_$a*vFX*|p?yE>{>#w@exg4B@
zLtQgOD=uQy>sTIk!52b#cf%fbG0={Q8jC-4{*Pb-<CA_5<2GF9D^f<B6lUTLxQv<L
zpfV~TQxwANMg{}Yjn~v~tCkNvvcGSwS|iu}{3w|0@uUYA60cnws#_?W;Ej(?91B20
zc3wz^ITqqiOt}my(;1^}fFH`uS-eC!N5KMaZ)<1jmK;#bH89Lzy|;ywJ*8Jar-xcz
zm!57;n8y-$R-RYz9H^h#7mGYJY#uwlGOQUv->oY3S>*fu(yG}cIWmQftviS#Ot;C`
zgexRkEunBgBlqPEo2Hw%vW!CPRec!0typs22Uf5JpRd~8DgTsaQlBDFDdu|4pLGbH
zY)VLHGUyX-)a_wIg0I41NrAwz4zEIAD}LNDfAsZz$`^T@uYhgeAgQ5D`R#hksuZc6
z7}4)}jmjIi(=`hr@xNbI`oR~-4DfbA!{!n02oL4)v_QN-QM1(Y&{w51e2AAlBN4e`
zUfbL*;P>3z!{4RzV*|NjqRfi4<wgbuzu^r`n|w}b&xb{!cmU!RS-5Hm=F$6(P7E?-
z^L1nCO5NgY-niZiRTgoXw)$j;LUyZgJvSTH>6q|Jk*Z?|yfQAoWc=pKO^Ngbg4NU4
zWa=w8unkpnW4yPh53&Osoo?&5_pFWAdOga!Ah%(BHqYo{>Q_yvmZgi9*8}$PaFcsG
zE+oKY^8rPdeiI<-2zBrN+4?Qrcp>f}h~sAJAM%7x;^=*V0mO?-A2w703+@7RxQi`%
zw-s2`bP>-}l?VkFsDfaH{_8qvJW=fvu)xLMNxV~EE8ihqPVqWRb>FU+jCyJov-ajp
zGJQcsV%P^)-ta#jcwqhW9K)Zj`#9d;UP<%3Q8m&n8FU=ax+k=&)%I1BaXMs^Ci)BU
zP2v2$)=bm_=T%rFFFUf3ans?xt9|Z_hOC81#I|uQuqW`XhkP*R^XV|sUNtF7d7qXc
z?}wO@Zoevbeo%=}X$P6XIVFsgm`f-c$nv{Sw>3+g8?JGpmi*vq;SXN6aiwRCRw8f!
z7s`2`C?^xVVXuhyQ8_8BZlv#n)BmR*d7#GhFh_m;T<7D?>+2T)*%gaU@G+IHn<W&|
z?o`*yKJ9$h3tPHR@UwOJ<_cA&NEHO?Tr7^{-Do_}ZCD)632eA>Ec}yr&FVw1u$Z0^
zL)zZgZ5kW!rCX5^Mmy2yAMt0OHA<wK%#c(xHDS4?Dk{rz@brp(0)7lden=lkdmg#T
z5?_}9;xhe?WCZC2E-eu&z_r!&pUmXi7I(GT++U>80BJWlKA(5V9PUEs>&DI;i08^9
zjcBTSLOE5HR=(OEct!iQwDVK!u7JZ3Rb<A8Jqc>UIBulLaA3@{b!SyH;=Nn;XjmYN
z+fgG`HYYZTV=VU36ND~2%lrDN^*6K&TOB#HGy6_3fHc_vybVRqWX-pV093G(FO_BW
zs_++N>kDC)RC~)F+u&{wA#|sz=2EvbLFmjUY0k!*@k6_RB7p@Wpp!8XBLs_qkBFP5
zs2)h7Z5s1{0w#G1?o);**kQOD1%t)ux6)I@157zK>Xl4l6rdo<cpQ6vpMV2!kh>9w
z2@~*0NTl1!9rw9~?~Q;?zz>Vb&KQ9s1O1Gw8AVvF;r6LN2!I|vxG??Tz`#&_HavY1
ze6Eq&=;=0HR8K{Vvs_k2yk_<Z&5wY4@1AV-(+8jcugCh|%WYdn(?~!5m$qdhHoO~D
zayS2%42w91KwSHQn2H7nzp%=S|ES@z5Cs0f{}Q^4vmH?l<mdkwes*<KHkN^6x#0Lu
zH#hf4+L4Mwb^)Rx+aa@8|5MpwvMO*6knX<wx#f}ceD-Iv2^AT!^@8RT{I^@on~SQ-
z8?ybG+;K_Jg@5-5g~O=Ue0!e*oa0>D9TY_)%kRFuI>{gP&SWMZAASZ97+JkYEb_@F
zCAN&}A4t`G(Leoxl{p-C`2|1;7SBN#@>Dyc1&1qa-8f-!XC!X}E}wp;)cGDK#oqn}
z&w0zKkQ_U;xeNXCwi0$bS@eSdM|=nTHHghf#%Wg3em=zzCLKwZao=M*z0b$z30JU*
zY=);GDd`5X{gJ^cvXMr`EBu)H7ltf$!yrEZ%)W@(F1`S`E3fGMJO+SZKJ1|8B0qN0
z&rN-=R$@`JKLhh#SMDI_50cG2%M+L{!fY6&aoTZLfGdu`3i*sFYq33jm<^I$wn+Y}
znXv3zvrq8$L|s>P8fZs|O&tOBFj~U00F~cs!m&3W;(a$LvKnAmcX(Nu*8RV77!yJn
zSQucq?xg?z$NOH9w){uKl!2(wivDr=7gt91x%?~j?oJ9o?S9#RDga@S|Ipj}2Ladq
zt&KFV>%6je)R~mP<1Lj0j$geiqq6ioLB9HFk>y=QmCJ|NavJuj_l1b?X`A-nO7sx}
znZn@4i0;OJx|k9xtXP0v>tPN=(C-#!Ejn$XAYyg?^4i-U5eLjb=9~XsafBHeAh?HE
zvlieBtuEQJ0QJB6z(B(l-F^APXpx7dDauxHxGczLII#P~Fs&e^Mv(m7M8=03MIQ^V
z`zuK@-+WRV5?1}V)hRXXw3aPgjGlquv4*i*1<J$*-0M5v)}Q<m%*OWg&HvP<m~|32
z|Br?x$>aZK4a@&ulAjmR?N@BhvDLUQ<EYNlzcQRRVTNdc{ZFX!pd6=MH=<+yKZGj#
z6x*nG7q$;1nTL_r<@TXcM5J=ZKM?`9sK_hTt0Mkc^2mv0Ies7k*gtM-EU}AvAg|j!
z&H5a2)qywZMIc(?6A%&7U@HHe(S0_TH>zxxh$X@bU8WoZ*QOU1*tF93r60=^)CYI}
zmp)2M7&wi~bcVG1e&Sz@+3?d#Px+^J1g?_=Q}8~<cFs7(yW|hMXjm3wBeFIaUAV6S
z*gv#*fIogu7;l{*|4~ozRt;RP-T5Cfiv3emeF53W=>9ebz+fG@xVU=vl@F79`HsW4
zRvux?9?vdVK=&Wm!iR>_KhTZXv9^Q<A;Wus<?!FpbCNcf{Fd)33?RRCwe4;F_BKEV
z5!)%SfYs6Qt)8okKCCm$G5@mJuEfT9nEgMAgsM~<`3K&s{C`QkL{Dq0X9KqBIKd;!
z$E)jan}y|8Ro(O-uTq=f$%ldN;=^nA>nOi(K+MdZF0St2wAA|lANI~OsHrV{_j(XG
zqJRZNX|W(u1XKt}7f?|kbVR8ly-N!n6b>RPUAhpY_ufkoPy#~eJwT8WdWTR#xoe~6
zU*^vJazEUeJM+&6XB-uGlD*e@*ZV%t@7bL}*+Rw!MahHBn)|d>rgTOv@6X?W)Z$h{
z@-tpkG!8TEPL|CQbxK)<;WR8b&h#&@TAlHp<t&=c@&oPZk+dO(z}LqQJ-PqBmjKYI
zzDG?9nK3vgiaR9u!SZac*5YTaDW$r-Jc^y|O2&eEZgk{*OZY9^uG=Ujd1=e~bgM4s
ztI4LoJavbI4b;)6{&iuXlvupa5l`aeh?;3y3CFKE>Ns{i0xFFDf81Tb-IsUjYLtZ5
zS|nt6hF$^mi#)%6eg&2gn=#LAU7?6*3yvNCQ7B+<K;OHT=VL!VB)ooh$6+otYS>=v
zfV3?{MsfDFT4-9UdiakX5fE2np;cyOP6nX-X%Bs`_C-evn1}HU7-iKaYl*JUCI`nt
zAos{d4mKt+mjY^*_30fA%g2}=K&LK7E@=sse_jqSZjG$W+;Q~gIJXH3v1f#_pX`0>
zYhfNGKUJ`4$fe;Sdql-MTBYg)#=kS@y}GyEddfEf2-OJvm@YM5qyx87l%P14&+By^
zR0cz@33<l76t2t4v)2xM$j>O?%B+`4PRXDgVP*>kF2Stg6BKd@Wp*GFX)vt_D*J@W
z393h87I}yX76-KIMXOr(?J{Hd(zDQoOp_yz+3<xssn@>-pJftk69a<GvYc<+WlyW;
zr`kCsvE~~#46toc2Y_Fw%2X9a+Lq&VOZMsjM=$%(!E632L*(L&9aM*;0R}8Gq2X<+
zrKAu<5P^iH@&2)`_>UU&dnLfkSeZI|Gy?gF!RwrUH(^xut1@9eJ0GdmG~zU%Yy21L
zgKE!fiB-`5wjEiODHYm$APM^mHLQr;ay39yr^@|ODToYiD4w?hU4%TNw%$xN-Ap&F
zI;T?Z=_W6%Xr<~4s%Ii4Vx3TfW4DhMQ&p)UQ_4rNUGr@@nAXDxWkNX^drfkleoW{}
zNRW<q|L;o)ku18fHv(?pF0_Jr_;nS2qnN)1`J%9QPWKH+9<I>>8#eIF06&a8Z{_!h
z>u;3+M{GoW%W<(V6|OzzGD)qOm2hlms7xKE2Q~%{k$o`7X&d;VKRiHJmT~E^hH_%E
zN%>T`tw}T`9^Jl-2ZtO1HG-t!w&+Ez70?818L?}^k23cn!5WCX`TMG_7E<|3M5u&I
z9}r!#G(K}%Xvt$8%oj89kljgC-*+$O3gD41$=tfKv;Y>C#XYdfT-5dd8OzZBqHb(5
zY6GY@etMx{uR8qjk6#}>BIWG5iANmJu-ev4m#!3IoIqj{F0EH}=<#(CUc6+u1=5&t
zb8dvRl|h^Fkxy~tb~sTRF;5<hhehR8#?rRI{ZuVjRXq4@IppJqj}A-EcPURNdIpzF
z{_J<COJ00Vx_elQk2yv%TC^`g^DOKebFV7E>Kh1(6Erix{C-;}Lb86puj|iAQnYK0
z4S*|G=jG{`GcH9-0+D6=_Yi@Zk9&YO-}>^`Z``bYl=J?x(8-N<#dE_ksfb`cN_Ela
zS<drcaxFi27s`JHH$smc%fi;$BnD?MMkTSo#^v#TN$oLau|s~*Zf=<4g!(ttP|Fm;
zzF02zMUfyT+nO%Kv3QaFY;Z|kRT|ZR&w#e0P8DH3TyB6{(5kh}Fi5y5;`$8JFS^6`
zu^OU4Tdkc(l`Y8Y{O7wlk)cKI&Oc{8rh=gIV@&ej;5TjmM0%-P%C_05b8k*Tzf{BH
zqCK=WnABbo?py67^JZxUsDb3SO@K6j0GXm~An?KJ{`ib#rQaEbVf)*C=gyPg$~vFy
zWv*57e&7BmLQ{`ZO%%$tFt(WCxDy7}DsjdKvtQy}CIZS90X%A|{E9m`9_$)B?9HX)
z?2|kr$Kkag@2f4|dCa^usX#_5Qqs$M=9tJJiWFcHw7LTZeTp%Y;P4#P2GpN~G}ZLU
z?b0uFY)uP|oaf_}^wk~@@TvSwFJ{su-0iO3m{U<P2!-uw89up?+o4a^vYDJZta>Qc
zG{)2y5PPpRHI5><+;j5#f|$Nk$58F#!F2$nfZOu9jYS6kcilT~$Q3LbLclL-4fI2F
zy1Y+HEh)C{4>;O7SC|jv$dq`qZlxBzI*^8rWP^-iQeH=ph~4X8!qvux04;|&T4gb4
ztAqx0{3gvC$fGnKxB6wx%Ukf2v>C`DyX?KefK1qvRCRDU)Bz3}G8`*ou1X5~2EYNn
z5>Pmk?0I`+=KZW|U*SRxdbLGA2_7G&(&Kc&_9&bMB}oI%WY7+mLri8;MCN@=Cz&2*
z(Mk`bx=(|t`X@aZ7W{ciX4`UD&5C0l4en^L)4i*X-C}~TZzF`)d+hg({pR7lyt!~2
z#D@=VfYF|W)eB(l=KeeDNnn@@9WUo#XX6oY0}WbpxVTJ(%34Wsdr1N!!_q=6)$L2S
zpTESXuNr=Pa}uc>lJwv^sS$PvD6hkj?_M@17ok@C)y;9kur7&PS>o$ab^AXeK7pZa
z5p7X^#l#1*@nl1_f|Li+m=x>T3P*I!uSWlBRX4gk*LYE9Fm~jeT7Mgy*9Sr|ty&En
zd41jnH$3!vC2}d=Fc9>1jAz`noOzc;`3ArIDl%@>IbAqR&bpY-5p=47%4hT3QKF}N
z96NO^&VQ5fq10RHBsJRFPDM&^nvc3Nc%T4wJr<@Vce)*pkxsIM>^g6hc2O@lhvEvQ
zFOr`}zbMmDYrgL9JZp<FAo2;*yeL~fBN}<EaqfA?gN0<%teOR<g;_`i;J)__c`hPY
zEBp0xdw^vA)`DQkuWn-u{>mQu4q7s;J(sp<@@j4)r47}1gPG*?!bG<T+ri-+BLz@(
zmk<`V1}%GQ47f%6U6qy7CO2@wx=NS*6eLzvo<wAS`?ucHX!;r)TS?XbPnYkJ`rOwl
z3kNpFS8<)H#dh`I9?`wbh`GDPeUX^(LHS8itb8H1&)n_%`zK3(xdM!$Zsu*4WNBX)
zsc7j7-nZ+u*ea7Orw$HQezAP#Zr&gzP13Sf>upGVu-N&2Cf;X8cH952Xh(DH1dH>j
zGTRUCSXF^=#0&32-9`c7)1?$6AUUWHn5t0-e->mk5K{m0hgDth*<2m-XQeXTZ$y$y
zWtD!VTun}Zy|Oemt8kz1NHS==t9u>GLcw`eHTQB~Zv{}H62%#_pMBz(eNX*Sec>_g
z68U+dFZ<ECTcPGV$y=Gk&lUwPu|!|JC?&LOM^LE}P~VJkClJ-@{VarP3&&A5HklCp
z0Ii9uwC?spj*2Mq<ZnX|=W?S=`Jn1PG!V5q(23=X*shH+H0e{q6v$bI(J1aYE#&J|
z)k8)z{XW~UnQf&FjT=8<QN%u!QmsTz2cNa@rv`5Cm06Ed`7)QuC8)yL^m5sLKO%`m
z#&mnLQeFl4sE2UQ296w+4c&luFY9;{{vz-D($%>Aawqw<)QU=vVaz{g4b+P{^q#+-
z&rGjU9eQ(Jw;ru+&-2_8<1bYB`@pROR<b<0wGQt{39)D4HUSx&qATG_T-#AA(9~Ao
zlluLLoYUXND=T&;))DW?k1Zs0r{}rsmoBbhPsmvvDZCfk(Zn)|e~$tO{6fPnUuSp^
zJ?VrVqBzrBXl><8w|nndEh_{y-1nK5T87opv-NM<bpjv=DRVS!T&7e48m92S`ZjvS
zU$TW`QMuw8#)${-F;Pz<7EaoJsJlJD7H=j=Z;@dxa8wnvfhF%4Dzd0OMaJ8QUMsas
zh;?#~aY)%d!jqDh4!@)M61F2BqLWKug{8jxNT7oy_Vt!xzan!CH+)D!4lPDZLA#UP
z==uAeZ;}~b8c4-(tU}G|VRzY?8)b79SO5A`@vCc^`%4tUIeQ&n@Wwh>LhZnaRO`&h
zr!`={H(-=JmpjNPA?43(|DL;#StP;eSZH~Mf;s8XPi)H}St53Vx-}{aX$AAp&l>YS
z^3;?IE@N3#d$MhEU2ALs2ovV|bN6Kqt^$g4O@3XFK(XJ5D!=x8$9Gy^cfE7eHk;qX
zpHC(iaq3(aJ)qD|ehAkS^E;EZ8*UM9I;T~{e&GYG8@=g8M~=uUypHl_(vw%Xrt!S)
zas3_6%dfZQ1e$~Bz5GDK$w8SpckS~IKbw|+{x#4x-(78@w8rC(?u!y>%;;ZuuMX~u
z&<%e-qwfPxaD%<};f~lE`Qo2!pmMz`?Vu{*RqLrgw2BOyZW_;5ma0bGEj455ipv+N
z1Ed+A(j8{Bl#i1gSjpd-QpF}i`NE*8!nJt6UM)@Kk}n`CT7iaZ+GrU0)p;`0@o#VK
z{9nR^V^+5{tMV!djG7-dg+Jf^{-W@eA9t!3!nc(iAN(`fpM>TtbD<sCdZ~xV&CHL7
z_Q%FVU#~?y>hy09;rG?$F?F&sts${eg>*(4X(7ZGA^o&iuK637ft}r__=VPgH0!VF
z@<-OZ!er@QJR3=|_5Pny5!tnd0zj9lRCSf8S@Rri26gUGVY|#~%_)ENc9qT#TW6Lk
z46~(0FX?B?zU=^xu)%dSRzA*Iotgzt*>zUaQhxuC-Zl_llb#n$TQbr2ZO`n7b{-un
z_GB--ue4A63B-v3uQ&7Txt+I0W9cI5{Ur+z4#YM)W%AVF>fvbx1)cq3Adku_l~T;W
zr_}jXoC_E$BU^4pRjB@m_aqJh^V@t6=O9d_M#A4Gl1G~$7n3<l3T5;=f!1fDUW<LT
z(R=O44>MvGr=^BH-$&Pdu0JO(ef%NZq1PzNVs2;Ktds0e-5lk0H2gO%|I=)3I!kPY
z@OK4{#MM$`FaQ`HF#@I-+?wVBcmHN$L*R3f$Z^-xG>6RAxXK?v;k%IZG{<s6CYqJR
zYL1Z~@M6u4x#%$}WSp+dlk>QJm?v9@^9yYW*Q?f`z^=6E-diep7WRM6hcR;8n@`Ju
zpGy^+`0{VKv7EUiECNw#0zsYQRKm~ScpPmG?0?zV6h@^8&OxylBF}RsE)^h4YzVqJ
z7LubBe`hX%A%3NL1&#Y%RaU9K;?XX1Ol@OEK6k-`$#d3dG6C!1f0*Su*?4`+@Z#gI
zKKZp@-#l$4mtn{EJ{RfD|CIltJHzXuXn)PPo39M}C9my577}}hBQx4nK>s3#+CrJf
zj9lug#_|FwOf;3>v#dZiG%_r|kl%J%foXn6xwURN*t%=}2(X<65k!a7*K_@kKgfDs
zHpe^GeR19CnCNHzb8gI%{`pmj9nQ(6jR{IcoHQPO_*`(reWkW*iJMvNGW_MY6Qa6(
zKBX=Ru7oS1G=fWlz@ShPo1aYsxC&Rq@l=DV;sbcn*fuZ%&iDMZ?7H6Ft6tV+r9+^x
zFMWjGA>Lqm@I9NFE+zIpK=g)~EN(K%kg8k0D>Cd&{cPR1{wpn34A7m<v<fUm%BdL}
zs9VYkT4`HiCdd-^@&uL2c7~tCYr~8%!^qco&x~n(+kqTk7E030`8sbNCd|<oI3A(}
zyM4mkldsb~sa?fm77vnQpF}Y`XS<Uh-^C{~+&KLtV)|1u<m%JLxZ>KQqH_8buG8lR
zTwt$|ym(8oWD@Ayj%^VUPQ5C!z&HVNr~wG`arU#+g8;TO4|+|*Y(<m?_Q8axd|KUc
z_MGec+gh@BI!|9bi(%80(kmFMxTqx76_JG!A$QWv+*_q3*75S<YhLuc`-Qrte^D0U
z><4Fxd^-5`(A?vQ-(W$3txs8cVe5br=#EfkJvOM^+qJTd9GA~nMk;vHxMo>T^1Kl3
z2%>+@A=VP9R0sCzK809m?iaOlmZFi{ku_ErH{BVvfoE{5R~_ki$#`2lpK^|x8%?<(
zIeh5vEjoqT%5h=sXVfX<m4BE%S*mhhmD0eM9G72t-ItOUnL7XUWMhM0XnWh_>Hdc=
zii`rdH9lFaWe5h(#&QX)A*wkApz*u4a6ibW2ENYy-41VL>d0(QdNB9RWg*#_*E_4t
zjXElUS&kN*<Z;#E;H*`xS~0$`$2=uxXIIEQ&A!tb`OtGpogU8?Egkr>SeuI8t8<cB
zNF$Q=y`z|f$GO@gO-W`Zw=Y^pET;RTpDw?4j!BeS*;N6i<;_Mfi*yZ#)a&sFq&rdu
z^3TWDpI*JchDGfbu(A5xn%{VW__gbh;wdrlrrA^nTS0C~ReNtGziVSpQWk%X@$y{F
zoKC9DuaDA~mxA?YX7FBSm?SMN5pOro2iyEhV)~?892MRoD<YS?bwo_79?z#gl{lPd
z0mypm?T@xIgZB9LTTRqoimturar%7^y@?Xo%zT3QU<IE1K<WfQ!&@MH7P1++&yTd4
zlfiK3*K|i@^-CVTDC4}Y5*V74lw^jI%v6RwYOzR4;d&l7^OlnJeZSrnL96E@ol_+}
zirhW0kUZIY0ePC&>(TZS`vsfVUgwaOtN9ooXTh#6c~|At616n%ne=9;bPX#NI(i4P
ziVq{MIE(^XnJUo}xUTa)zqsfak&5V<-@dwckQ$1v=~W-3z9ng5!zecPjvws3FXOZ~
z4w_Gq%aHMG<J3@PD<r_tv<|t@pRNSVg;v-Ley2^h84Vyf2(r_i0x8);K|kE@;J}Jp
zc@p1nt`0?Yv1BY;u|jCrLpy{xN_i{E6Vaa%Z$UXH4#|o~^>gtn#RR4O)nJ<zRf~27
zQpyR1x1o}<jGJEZLNJlkNhVFT79nmS!xpw<`^Vvy%iBm>8w4iNa1E2XK_Ek=TF#`8
z%qV9yDb`(c^X7Q{(*%)`=u+DI=R<!^?%s#<`peJHuj{omZNHkejU1fLCw@l>B{6!I
z`F>|)X~NU+pAsYTDT#^S02})>r^jlklsfmskSU7iV&Z?|3p3TuO_JrYrQfVlGQcE_
zj{~Tmvs&nZ@K&#y^)5JA7ykN8%U$DwQyZU->MPU-Wh61Wl*SL9l{;~BIQ^=hthn1I
zM>#ED?PeIY^MuNKe!xbtC-u~MdyDd*y!JA66=xo_-V_Zsp!;Axnq>DpFk}2)Qml|}
zHPT5ffK#1{)pWJ$<1$|#U5_|3(i;(d=bFtox*AO<mJ3~`oH@2R<0AKjy(6Y2VZr>i
zJp1KwAmD^qB_uIqVmm)ouUHPwyXVC7;oUhZZs6kX=&!hPcbu2$s?J9KbyDn%<t+0c
zvD2*BYIs?JL7HRmU$c2}PttTBUZJ&V>1Qv6>fZ&9OEYC1@s4rG4fT!b6kq>G!BSs8
z`vexC-P8?bPX;MyZ%U8EKB6*nToj?<*{H*e7+L<k`$i6teE{mw$>m~6Sr%>jNKw75
zY<}0n9?q?=bSajp4%`L<FJ`2!g`0^&cDh!B2BMNwNRa%%-JBQY<9miH0ayDfR8KIJ
z(GD+{-jXm{VIr5`uG>AcEk|V5wwI(`3P0HTy$@YIVx#u-p-t?e*Kv9z4HJJk;Jd93
zlnLycQf^#D^n33u8ctcV{!lG=4Z2jaQ32)ReRnEB2Ygihg#$oF)w*qg=J7Ts2l7b$
zqvg_YcROxUB@sk4&ZMZzbM`sCJN+(@k+PBJ^qA7z2XRTN`aEz_PT7tQl0`J%%u@N>
zK67(XWNx3h%#s-svOJSgbUeOX&Fzj=&0wSwQLlakT!987o$QzQPBn6?dq-{7^?Brb
zN(%kiWWGn0xR$>}-J0tpTTdil<78*ZMdy|LECM;kL937QSK&f`4aDkrM;1dNF|o~!
zJTM4j`Pgu>?~BTjaQ&9KzJ{6+@G%fR@wXRjT(DLuO)W_ncT%Qi=wqd#kO;Fv`S4bZ
z``p9T0>r)!=Ur>?o@0oYCv?yBRdp?ZfU4IHJu@Vhux-3IK0?lEw)5IAS9vz#e#TSL
zQA0pIDJHSzNU<FrcCWEnO7m9WTmI2azrt@)0sMd{&oXWea1`|7E2(2r&r2Y&7-O=G
z!_2YQ)%BsVALWWe%D+A43-Ve$lo?d>^7BARQf^Fsm#WLc_hoKb0i$9cB8l)l#C=}o
z@j-tx<S3BvngBg^tmFLGBTI_y+t$2)+PqKL%n`6eu8a;A{mI9ruPw;n{4->*zQwHN
zx53Q#CC46+y&>fH6Dim63z>tq1o=7{F|k4x){2XELH}My*bOjxbb{LRYgJAQR#=pW
zkkh<6@PrLpT0YhncA}b(g$BYwD!brlaGIhHR3V~@Ml;JSdH>AkB~E$oDd;M%4`peV
zzl{TqY3Ri!yJ3@221YZ?xl74t`}Nu;B^8xWhzh!t{p5f$GyiMsD`L?A7H@)|OgmvD
zcRXi4*lEsII3l}&(D_qKWhSN3X7Rvn(+)izViPz|{nP}5k<z!pBd;5&;asbsfS#Dr
zL>od*PVNK^a-mnqU1^xQ<$$hpeD3b`dP2u~AgzaE4wTu+Ga!I*6duyCYY;DkT{tn<
zV>)AcV0&}*cbWR2$!v`J!L$E;So_8W1Y4OvTdl*ZmIttZ4?TYa)}L_U|Cuc~oDKAO
z3Q!m3Bu{k=5TTgTjLkf0VEuiSM&$n$0+^`uKioj*bNPQnK!k)}_ugEHLoUI?(WA!f
zQD--VmhQ@zE#BoWTeizj%5t*O!8lr}zjPDKw^SS|PvGRb0@$yw^9k)lU2W{XMzQ=m
z+O~40C<r4N17?cV5K7Wwq`l<!6{6)>%jQVFZOiM==78_&4lhUA4jc6=#v1h_60FMF
zP_|_}FJ6`9KmVmie!&vp2w7q`7tOU$_8-jE)Qy08U|R3@3fOn@EA4m=zH(q>Zx;!4
zluITIs1J<EdT;MWIhw!p!WD;_<L{7ub@a!_wM_wrH`J|N1jAA+c~QEelrCVRTvu~!
ze%(`}Vksn4jm*`zg;d_V^I!ej0IzODC-D{4d>=na-#%b&9fywvT9|4GkP2B|0Q&MK
zyH{z?r|9ZF3dxKZt$yx1+pw`_o!-i~acXw3T$k4U$z)3FRkA6qWH$tMsFqg<da|%B
zLAJLP1<pMFR8UVFa>hx!Ou%m&Z#%5-7z*J`!7GdEE3E~*Z?@9uP|yLxfCB>=M@`nj
zZ~JSjO=T3yY3j+Q>!wO^oEx_)gda>p4N!;v^HD>L59q%#if4@$Zw85uFkdaFsaTim
zISBSHfxkKau@Cw(CYv7QJ{%ACX5F**uO!rIkE)ye?V%je`*|EF;AYb9$&UN}Oe2sn
z=sE=cS@bmCc2br`#yZ|uZBe4~IxKSZkCO|Aek-M+w#pA`ETISq_}t@h->k&(nK;lB
z{yk`Y^AqrMGa`DOJKm}Zb^9x^TB>7?bxBK1X=Ckid&`xc-H$eZ`C5F{8>Ju!rSGF4
zsZd-v<JKtu#y7ILMoJAx7m|jL(m(#t0TB?q5{s03C`-F@QMR{MTO4r2%Rnb>ZNmi*
zmn1R0rOgTi?7(OSNzV~Psv@@P{7xd*(oh-J!*w$7&$L{f-C{4Xf2hPV-~3>mLhYV(
zLbm41wsket?4@GQfoBdqN1_AAcgM*rJph{}IHya*+gqbX;{;=zwaNwEotNw#-ejo&
zNscg(Pg{_VFG{&3tbY?4fdQ!C6ZgwPc~-Z2E&Frsg8K1m>pSXUo9G`O8RFt>(L>Ch
zn_b3{d|X^b8(VH^&?Fd)%G6A11Kxq*dX;nJIwr$TWPi<!6c8jeqcZah!!*KBs}HaW
z=ai~2>BbvfDYnk%cX}^Wwe#hT%%xq3tFsUUZ<}Q_9F_NFE-g%3)cgYYJ^84=rJhIE
zzh6X{z-EiULrz{^Wa|442~yi_t&(QMO@=aEKbFyIXQ5=-V8LS34y3~k2p|YX?*(_*
z>7k=26h#y#X9IHF^VEOB3`H<phb|=t`E`fGk%pWlb6v^)P$9ImMlp9_hzWv|QPO;3
zicWR+n7geVu5egJlsM;^rF5~_`HB3-kEhttFTGfn-Zu31t`}nDOYF721##~_aGG#8
zd?#jm3<~^bS!U$RhZf?Va&3x(ZQjRSoHA|+pp|wH$7+$vS0X-=&O@K~o1dWO5hACi
zI-_a_`m3_OJ^)}Ay#U-4k&hNsu3n=u;jP_N)ecJcJ~}i3lMI`mgI8yMSKdxQ8r553
zHPlU^pq8c(KyfSmi~WZfXo#LZnc%*BH~Dd3k#X+i_lrs;(=P4e+d5F7gAjPA?&*o}
z%#h=StcOePVR*sj3iqX;{*ZtNxWzbw#&<D!y4AyT&=g<c99`LxW3bW;v8a_7D83BG
zH?byrvBOvPISQcohvJtTtPY*oOrs;c931mqB|)wR(~3}ZpiudqXwD<u4ZIW<knm{H
zPPs2?2x>wR+Eiv!cn3^uIfJ-uD}CtFR-b_6oO|tDH{oS5D6I*$#Vd9W8<<0$s@Mf3
zw_e0e!StyWD?1-XR4MkProJ_l$)K&bvw@1sXLb1&nVk%gw6r!COa<G%m=lgVjw&kQ
z+C7al{GLZ7{XbPDmrVcOrYlH~!_K9nY+9+<pt;a+nYCs5&C7c!Og}T8^7p+CVBl~a
zZenpBG4PF+Wp(|IMd;q43n&jXvZvq65Eg>Xb1b@ny!F;E`YKBqpszDP@$w7<ucL#!
z@#N0BR5~XU_Cv1wi29N$lMHNYW&@#eMu;Atn}1elp*#<%R{3Z)T=#IN4!0R`MSS{|
zcKfaQj+wF^_6mUZbeuPWHik6iaA{cI<FMSDM+cjSQj|cskbdY9L?ST#$J_Yd2K&>0
z1$<EckHLO{v{XPtio##0dEVzAZ{1!!4@3HqOK@mh{0p_M_+B72?Jk$eG_ki~;3t)b
z#Ru3Hqj}?J(e|C{I5oJ}nlEX|%Zxd=fpw_pM(x$&w809Vtu(>Y9$D!(@a`S&L>Mv2
z1+vJ<eIX6>V4?jn_8z)-!y-CoK&<yiqCv8j*pSVI+k-Vaf{iJ$((q^>i%H=O>tVt7
zz5DBiiAAM0Mfog3)*&^K>b!9Cb93H5gBvrD9q=Qrd(crvh%!TOzPb+Q#r(L`eT<9a
z4vfY5%b)!t1PvzJ^Oh!?vt2e^-B!=bGHtIYm42{@BVb!47IOk;j@K>d7q(}=I%mS<
zdF@i4jQ3<~@(D$VV_4mDxUcZL6Rr5|CLRiDh|Ye=Lb0txYTMY|>}Au9?Je}2&ygtg
zv#vrkj!0qKI?3j%Z+?pJ_t=WR!ALTOpNe7`EK6_&k3Mcd@%0siBp~0FtG_DWvNDRK
z<@K!l85?z)1)qHo7bz@}tAxoJ2#JM;d4k4iCVjm*F}AM|8&##EZ9McSi&?XwyD|yo
zD}B#<&;-SM(2ehjHy}lMt?V6iCJq>yqrA5o3%iU<5C~MK=X>oWF*porIRv3)jdL*@
z3%K;5lSnPYx}0}6M7{9s40Vf8J`6UX^Iq&qTt?5~scn8_T%jY{F#pkFqSI8h=R2BG
zL^#XF4~DKew8PA>E8||io;8iTL=9gicy8#e`*T#HcnR+{^#jp-L~%FWjUZjLSXJ9M
zY}`^=uaMGpfON}kBdPb-Jlwx)25SU{Jc)l!<Mbn(KDi<G1sS(z4btJnR*TNc&HbXa
zc4PLLTP}yGpsCVYqrXDE{Co4y*yY+}LxQjm!GA)RN2}vL^0gx<hpEI%yjGx4031+)
zQ!^3dnm)0J_J3j)4r7#rzn2c4Ba4mY#|;PtE-*rC46eNMJkNY=fM?v`iCZjMcz_p+
z21Y2{%O?vx1tu6hQP1hO)K(|L-|wBNnjU`#NQ&M0CnMl|eVxsq`MUDmgy2u={m6=<
zfW9HaTRTq`zy26cV2I|mb{jU|(nyv<<d~0vsc6idow?q<mky0B!9&JOz1C(k<~eg<
z{;L18UP*-RgBeN`h+v2xQw~Ne-K*mzfNzIs`Fr<q)2GB@gxBp8m!-Ht>n*i98!}C<
zY}dwT$eax!Fv&uCm*^+pO{|`?QGIemJ1x&geUVu*EWoF;+{9$K;%(ZFBpewR%Te5q
zq<v*TF$H;-umJ)u`iX7)GNkOxf$QC3FB^kc5G!*%2#EfrC?76E1Mcz=$ITj7q_|dp
zHZbvxKKq3_q$`(X#zJ{F#$)M41gE{e{E;u~^8!I09lM^Nre`c+uS!AB2f)O9?Mc~1
zK`NM7UXYk^Ph7HoBfoR`4R`+S4X;|w0sa>m6vvO1MbIZy120IM8*u@3$Is|nD35#T
zo>;N%5eH+7Y8|iLX)wnq=<nUDJRsr_fYUju&bD*Bn*!t9Jt}WK?*k{&m`h_TU)>^z
zxE$#!4yArT_mg>Vj~&`M5YW<DFr;m@)ALm&WhFt+*6JR42LtZgLxKJhSi*rtdOUuJ
z91c+=s}x7g2GYNdax*Q8shqgTXQpz;(Q2WJFiBmFJ>4UObF$3wJn#27lR{;<sZmxy
z5HWu#`pN=QHdx75KRrnI*QE<;PrhFL1#Lh2buI}@*^e82ZS_qdMFiOw(D!wgj~W2#
zFr*j&`jrJUQA4_j8P4$?yrE6e^g~D?K|(8`V}22$XR8Eeos>$w=ss|q=#s$i{d`?r
zH|$)e>nB>DC};3t?1s1JQQqv`F~K?M4L}}DvpX;$mg4IK8*G$jWCUoIF#t+mw4vtI
ziLSLaOFrl&IVpO+cj!dRMxObuDB=<=jvr2kkV?zRK}stOwM38#6${c%3VKSV8p&u1
zzSa}zx!W30M<YZ@{$fkbVuQz1dggYEg@SZc$%#^p{p4rby2I*B8T%CztN`jL5`s>V
zeTu*7-LV<lpKCByU|<5-f~QLk2Zu$exCQh}U=E7+>(NT2^n<e$%tMZ=J8OcA!^Ot(
zl?Q!ZJ10z$`FconkhTDL*mstPOqcc_a@l){#Z&g(>n^HyNI788)jYmgLSXl3JRwpv
zs3c5VW&CO2K=M~Gtqz%N1kC=XDU^C=L8@76VlwtYfpC-|ElE&<oc2_D#CGNpS9MzG
zU!_mO*&|MSIUdRap(GIYnCAQYRH!3BG9OxKZ1o!%ZN<${Y95_zD~AuxajDwZ>pyUO
zSJ|0t{GyJ~E^Za@wDY}k&p|$BD}dlCGmN3Nf%u~D6ttquJnAX6tzUS#zfMVea*wKH
zSdgROZNHtZEmyIm*31fnO}Vk3LND>@;;{|gubd&mddz%nUa2k0k}zZsFmZ!+m;Ek7
zNi+MF%QtKk*}lK1LZW%Nty)a1Q8#Grj|G|X#^~6fN_Am_r+m5eNsmd4XKf&3G=+G*
zGG|;#E#=srv7@AuA}ZFYoQM0Hu*XqR{0xavD&I?@YdJ1`n>0D!V;;gXaEXe=%1n8E
z`;dEE=oPLzm5@9cRDAMdiRi*@QJUm!G{_S&X|eS(^!L-$HJ)*<oupw(Y)&^tSp#>`
z2afw|U!VGi)j3I#su`Q8WJ+KFu{mVEg#V-%pY&E;kkf1(Tgro8YXZ;yflK++ihY^-
z)cz@8W*Hh6-a8IPhW(By$k@H-_E)ynRVwO-*V>LnE}5#&FJ2Nj<qy@|Ji2oA9Y7yx
zg_o*d#rVUrcEfTRxmu*p_X%WKQF)mF0SvoBv~pUds0tQ_Rl6ENovZbTwe7m7V1>d=
zg`iXGW~-WpI*H&dahuv-%ugWe;6}XKS+l(e=J1+g!3(TE++MEHXv#55f1QAQzwfRT
zj%n@KYTlb}2vo@QX7;;z;cSf0Gix0iOnsuoBykIw6Du1dFdfNBE>XYw*fCGtSI%wG
zJ%!~)p;Eh84~2Lk1RiI>WWPvOe!N26lcX;x`i$cjS-^AjvycW_crIbrgn;JRt-j1Y
zw*Nu-qGeKItG|Awdg#Waxjy~lAA8Fyp@(_@u#X+z<ju4|36O>0_i&lZFN3*Gg?<qL
zZAp+S!zGWaI^0{Bd?%TX@^VWR*u6AjW2|;0k;OxQ>5wBtH5X;%xJ+CgWpd8o!4fng
z^*it;zL(%{(@feS!ne)BP;+gpFub0qj$$wKPT*6tU}Xuj%dPO!ny{EJ$%L8P^In0|
z-@=q<YMQ`&$hsYXMs(N<np8-LfbO+20LFlni)z&u^^EYPSe9`)`ip0u`jD<LHvmG^
zge7a{Tsb~ruY}s$z6-CcY&AY<4bW*3Ki5lL(fTfBEbdg*M7x<)5a2s#XMN$)PIJ?X
zVja$IJOawKZSu^|H!dojTG0~w@m9h<mgP$2whwL%uFEBp+#bI)IAHU$RG~wuGa)y%
z^uF(e-;?8yDv<!N?v>#5m4vN=?5Kioo<xl?fV+sYZ~iHp$_@xIN;B;YuvacpHd-1k
zwQ0$^$hWVOi?Zt5kwRv)6rTjkx`gf2`%6w(9!epBY$fYZyPXY?+=2yOpIE2@Nb8|P
z?_6W*HPRL-@pujM@h!I?>1j$|CWlc;LHbmPA1SD_D$_&pD;}H9&G1X^wWO~vekQ(J
z-qJlFwonZvHGc-s>gWzfUauPp&Svov^7p<4^|6gbU+ch~lOG@~>fKoMAlIBDa;t0q
z<42SEH-&6r!ydZDQFN$i1Gjqhu4cFRZ-IOwQf^_cz~^&UvTSwc6CP9+p%FEB=*0@~
ze41IVG{RHoH01&tP%-?bk#j3E%hfkLH4^ufL1d{dw6#G!j3qKzP{X4feNoxf@H<eC
zBvPMb6Lm$<{UfIf`o4&fuLXPRq+f(6$ow4)vB5to#lAo3Jaq0MA_xIok&xbq5bI4p
zBz5hnpoi`kH@tr4I_a{lvc7m>Q{A>G|NQPX;(d+m$A}-Cvy68W-8`IG#=h3EcmroL
z1k_}DH8*UgpALFT6q<jR6LyOZL{qbNyJV|XT}fwI=H*h6Ia<?l8p(&~%G~%%+@l-6
zOFWD85^0oWUL}xr!VN$tnUI#1U_n7HlL3U?6{^_qrw*=e9mQ|;_p${0fmdpjF6*M7
zq^4(0Ux~Xhu$F!?VCh+ynVH}X{bmYLu~VFdOyLT`DXuBO3F`bX7!5o(P7izavy%~K
z1@}@a&4Vbk0d~YD>#*Cp7GZ542Tti!`TSCOWI;Q3Uluq&A*5iu1OSU7bs`*jJihTG
z_oxX2d<hKH1ts}wdv~(1T1Tt?$Qsku$O>%5kIA^FmO9S?-ARk)^0*xPaIj(l@}uov
zJQwHQ3C*LPOl;|YwvI{o-Ktd<O=aH8s4N&NHpLaiUQk<#oli3yKl#blC$ES+?uC45
zK;@5*WVA}$otny4f0x@Cy6DqqNO&9x7Xk$RY2OL+#lIqrudS?fv+ZKE5P6xd70>5y
zGz(z_9jqrjS0(UtL;hntHw@0->j9!W(1@?Y*8qJ2V=qFF$*NOIl7{-_o+G0X#zJvv
z=}~51!}C=D+Mu&(3VWKTUNp)&Q>99X%qNXR{M0J7tK`;T_2$tMv@s>S`dMVXc759<
znO9fg<0SAjJUnRsUOc_gTxyH_ejcf7FbrshETC&)2nLK-y9uAw7Vke<nBUCSugqL8
z<Iy(37`zP~!{sQ!gf#jeZ{ww@JfX+|Z5q|wxWjDC>df~%C{KdiTz2#B@2+~O62Re0
z2fTDJICiLO=+mE8;(E0@UJtb8{2gMGasdbkK>QP32gZBpWCwRxn9?=sdAK8KZEO-&
z22vERCfmapK4)Z>-=TW>j`dt7c}k&o9j$wirP=@mJRuT9NoK~$DPS8x3+DEo7yQb0
zn@Z?av)1KW!T@0A+21SoLXYz1r_Gn32RonkP(|x4p@zMTwMp+X`#^4OP!`=;w|85+
zsoak;^5fJkzRh0l6>1N53oPlOdb6pwC4WPo?X>*_kPba*#^;V2AkXzltM-_711cqy
zwOKNKm7E<iHyZm~L|Cpata;o?O<QWnxb#^+xT$hBu31~9ra7o@Y6Mc|K&_xI;A7A5
zhQ){LEXycwJkC54Z*^J<zl346gw9)x$P!SHGZP!mq@lCF?qPS<kY9qJ@L$Wn`^>w)
zZzf2LI@T@;Zp*Pf5GH)&OTv^2bbimtIqdLWd|n^;7bon4*-=T}!x=*;gS?O^zBAT9
z2@?QZV2175Gx=3qTDWwau5-kYer@^8WN=(nV5|Rp(!nO8(43j?`{}Ia-AoJW;qpHU
zY~>fKZhPYPQ_W`B7)YXX@~z3ktnio3Vc1nR7Sk_w@4!(Sxj2}D$jN<C-1O&2aE9;p
z(YSyH5P>+RKABBrUs2Y>JdVJhjnR4_3N?wQrU-z@eBJjaRU%!q&XM`ho9QvXR2IC_
zBJTSlOLupWe@XBu0SPm6)$(sO0E?lE^0~>=lO`qAedy9l8xjeUM0H7CxkpO=LO~R-
zyg7!@v0vqXlz{xO$yVg>LD!xSCd0G4<gc{$y9Ua}<^y+1m$IJ8YEZr7pmJHhKe-~P
za~T9u;syd^8RZ{)VmUG{gBCNB@_yQEKC!mQYrz5+teB;KqnYv!$f+?KaPB+39huq3
zzt%`fI#@fq>?-AmI`HDYqcTpH^P>cK&PA0L)=z$j+^X*t{it7JxB}qcj;UcQvJBtM
zJa!H-ARVjRW$PAE=Yxgp+~tGBmxz;}+grfgR-Ln6shEOCm$OpGUjoFU6yP}adr-%b
zBei%h9K?Ai4Ob25wPu(XPMG(!2?0<`tCll>DucP_YqJ(ST>s)swm&OZPf8reo1v<g
zZ+W;w=F5!&JW)iYg>LtW7wd8Of6&|D5LdF{D7JPRk};pVIHF&xxv{_I(h9m(5ue1_
zy{)YMKMU4gR(jN~q>+u!v#0~XM&OkZ7$!mO3H8aQTEeYgNHr`0S8r=XCL&Hy&_#|e
z@e`9!`@7p?5zAi@#-bpEqmA>e2_)yDD~}QCOXT9>`aogfh8lxe4i*?7g>^r=lu*at
zSb4`}^ZMp@E~{s|zZzRsYy_c`obRQ+v982naVmWpPtR~_MIQlA(hRQkAEEi9ncaxc
z=}osTckMQi31vN)w8gmygvj2{na2ch6a!lwgs^SL*rKlG@O)zsddbviVtcplbmlaG
zm~FZA%7)@$xgD@%;?n~f@mh~`aY~J^1xAvpg-XRVpf^i(p&{ewvL7{-Su8M4H2U#~
z3J$x@%d@lANo>J4K&<3FeFksy^hXPO05wnO*L+tkoat`U-Z<UA^=n;dM4c_8+spij
z?){D@kyH!uIRV_ZRe&>nyoGOtjIOI_*m-LW002yW?wc-_i7%-YnDn-frd~4-`72Ew
zlGK6yF@<KO6Q3{;02?t4?xLL^kR@e4P{1&0b8|Bcr`p-F&u`ykk`P(GUtBU(N9Iv%
zku?5rLqcMXO(?xLkNOw9{1s<Sj6=g|LG|@gvxiV3rxrT|{5LvAq-|%$6#GdYxyEP-
z11dz(WMZ(AL}i;h{gjzIENUNnKq$l{ZM@>t>AI)YU$=}G&7ZPGE~2?A0>o{HG4PHk
zFF~T!=)Bytv748w_|XNV7Z=yS_Ko98jwAo2?P*OKjpysM#77^mBStws-(UNF(ONhL
z=n{{OT8Kx|0Z>LyQ9r-As=4>M7T{*?Z&OAIdy<H7PaSR2j~_n>KvEL8ocv!UC3TOW
zHuW@UdK-<{hBh#Rwut^UL^d(B{bLO%rn~MS=rS@pQU<+TAHG$(<049kHvFmM@4Y_>
z>pF~lh>L|=M#gc`i=ox?jhz;&Gn1eZ))&d@eHpQ-bc~yjAefttr%jN6Hj`)|k;uNL
zE+Yrer~B@=*2+;MN7roJ2!bu|V35Ex7vL#sm$bXMzcH$g%*Yhz`x09Imv``6BO15G
zyTwO9l*xJgNhn_ldnZx<?WS(Mh9=vl3W9-LG&AGL^YGkGS-SlU0^-hKfb7hqtv4yo
zd|~h5`&2E3D1G2|mb04e{7L|VbQ)bi;a7!&gRcedi+)=F%7`V=)!28aG=1uD>ZHk-
z+C_)V&B+p{8TO3@2LD)bcVyHEgAKdIO}KD6<CCmw^!ZQ4w&YXT=hS89z-jdtf$%Q2
zUcR&=Q+Ht?&Ut$XvpA|zMtu3`+}>5S`6JE&1kLeS{Y_Dr#A%J(P=$=ga>^S7Z1RRy
zDc2JI8vT5>N&6RJ!S^Z;E>zoK-GMH|+8XuY6#Urc@C1?iK{=3xT$>8fORKu*+6z1Z
zPCN{JtLOWoy9?(o)6Zv=sfF|df~AP8h~`><U!C`n{S0pm4GUL(OZLz1EH9}P0wpcq
z#@MRjmKv2u3TTCd4%3ZXDowEEUH(?)9}BfIBYlAvWzP)uu%57NFXc&@%DD5SHmokc
zH|K#<0e<z@AI-7)+Z4Fx8;=rul3ve7UtpRGL%BEF0u16hyaq=ct;4itZ$S1)Afb6x
zwv-in=&vl!F?$8s%ZKm<IQWvi6&2W{?jpPD+5Ly`w?)U3x+W04Z4F|H2`MI+pAm$E
z1aa*0#4DlnR~d7@j(z66&CCZwrfC2MWJ7cO<!9W^l%ytKe?odkPB?62s^pxyh-aGy
zFa<g8)lfp9R$Q@rYX9f!>rs2ojN9$lG9?sbK24+68YGMfERNKU3eFM1qTz69XUBb~
zM21g6bTt$L5;Q;r5BjK&G>4(6{aPGA8lC>FY{&pkc&S`uA4VH1qyIS8UK*QD8MG%?
z4Y}dJhX#(0Y#xAygb7Ib9HCQo-52)&R$J_@tnLEA#N?NTW=uY-TQlNh<@CxZkwMpp
z#%toV5X131Q5OWW!)K()UxC<ZT_(V5aFkee&2c8Y4gTWv-8k*&ZF)6l;`+`vQ!|u)
zg>cNmAx1KmCQ8kLI--$Mf>N9q{qJ!1FYujQ@P1L%*uOVahQU4vOqTEf*=kOHp@+|k
z3_xv4sH_Z**3C2Yz8cl*4`!`Qy^}g1KOMc>s&AEx633NQ3O_(*(gL%7|6J9=2=ni!
zOap``nobjI2~DoJww_k!Xk8C3i_Z}K3g@1N_gCT)w9z)z+uyX~cOP0X=@=UY276s-
z|AyES{PT^s=tZC93FwcxB){0&>@iu%)3xDMwj)u)6#s}h)NlMF@!+hVB$z##vwK&!
zw&6=KIb&!{yUbQ6+TgAEKtT|vl@{g;T3=kP#8$kg&~8~fOMPc!4mh!ai|JSifDrw#
zBz9F7%Ty|eWh@a`igmi<UnbcEqyYKmeHHOQ2S9h2<GS{!*k;|R*!a++*kQ{;l=jIZ
zU*Zzt0J)?v*&y9R*z7^XfuOYlL)mSv-!~b}e+`a&u<XtHyC(zw@XePS{}UYveMtY4
zw0V51fM5Rq%M8sZ{Mu1q(5N6K^%gS8kA7K)*u(k*_CR7_!~5_1dT^Kt{@&i!!jcPd
zaR|wrmXX1+w+BsV|8=~cII+uN8|Ta<Y;Pp6dgbn`e{!z?<oWMcNdEf0&6xXkNmoRX
zIXtvrP%gIKe535_fBAFX%@_&KDq)aKZCz=LM?-saneo4W{>CFx^J~Y%kB`_G(**O@
zT<vl}(D=+T$Cc&A2gzOwjrFnw8s_8N#V%QxHE<@f76U{|x%zj|;Ye<s-Fny*$i$%g
zjPys@2qbFq$LOg*RX_xQqzSDer^p3j)4e?CcA$=Unr6Np5tOhi!L}5<3XpXlL@;Wa
zh=b3>q$}wWu@v}Ot172C?{}lww100#;99RTt*51RfN;E5GM7NsZ_8gOAj}YE+<_`A
z!Dbbg61Oc25V?JdiP?PYW|YpWsI^|%kl9jDkqku|W|{=!8S2FTeajDcrytEGr}cZh
z*#HLHVZ!hQ0BHbniZZA;ixyp}=>h40SjBAN`?W`Y40;7URJQDjU(8zV*M2Zmhu!5v
z?<8?Yz<(<UYc|>)ZvOj&-;A_;>@)=$Y-G-`FoaX&xwQ`Z0E2~*b)don;`lcw$*g*;
z)=@|Mn4m|$l)(_mTKF;r`N1@wccCFqR8G^eQUdyM4+N*cH4cjx*^G)f{Gityw7(9d
z4~3JEu{dZ_<w(59>%a|kF~V(!^?o~zUd6rp-K7Hmx;et9cD|YYt&h)Nnm-fR;uN0#
zQ77_PdRl}nf#S5Z#{y_psaad5qJ2m;znM3p+Rsqp^^B5$m%tB|ay;317~V?f(bNRv
zi4#A6HsRTSztKdl=|>2dD^Lj}V+%7Yg|=|vJdh#-bQ$n4Kk=l*r`JNZ0kd{2Xe+_$
zUmF$pr<qTLH@o-}i{Vo~KGERgX$JyzLX2tTX~PDN=+n5mL4)p;r^_s<ynuoXwCwY}
znMg6`WgYG6V=k9y`?~_qS1-Y<x&8NboS6DplR0+-XnDDM>N=FX)-M7UEPy6x{)ED5
zF6njv(!V(dO0Zdat|+l<r1?j72|l0N8Y<5zAochtSequ{ZG+x5(WYVi?E*I{eR~0V
z##k)HKQizI5jj(Kvt0k<aZ`S=&bt}<@<;-b-$1#6JnqL{kSh+YJmnRtd+nktVxXTj
z=DrdL98OJFOb74&x!4mAj9XeeZ<TqYfWa0Qdmjv^8m+t~?jaYSi;8>hIg0XR9VDCg
zUEsQX`}T%bNNhOdmE*A#PXZR7O{V|+AwOF?WnYoD*AQq|ZxRll1ac~kneM+%gdS0u
zYUI*liN)zmq9Uk#m+TFAE2l1Keo%h%pVvQRVKv(WvA&3K>ju!Q!LPIfYz7uQ%+@c|
znasd9U;;ejg6CAJS(J>)r6J4(5DyogR22i?m`%*KMclua0<x)(k4mYrd|^g~S_s6q
z%*P>n=d~(ce+4qxjMF=!zkRcBJVMK{)f$)jSXIYw6e61c_@)3X_Yz2TWfZdc!hOX7
zLassa_Q$UW(@C!7R2E>}0a_*&MD@uB)IadQm1HNT&RFcJfBPPA(R%zwl%88A%YWST
z>g3?Zxd5;2QU&0f5Jnt2O8;|}%X+Y3bK;FwU>$%iL9b?p-v6mDpbz5zs=hd0;4{GL
zBC1$)`9z9!Q`IOTH9{1-Sy~OrgBA;{gWb==^=iW;VJu7ocXi`>?|N$Y!DWUA_{o4}
zB>x#~KmPak_5ckc!j&_T5grj@wI2SJ8y}ZUewkcI7=C=MGlP{HD%l5>GepK$epkyU
z)`7D4jU2>|+6Afc|A^o5Lo7t!3bNASu{d0H{<B@|`gBr0NZsiW62-34mc?SLcX_2i
zaI=`5(MA3mHBX^*i~s&t+c{T-Ne4VOR2=efFW&i)ZwL*E!}j0z=~aCYf!@pspA&pJ
zY+|u<mA7xlb#f<7qraEQ`;Q(cgb!pXzqt+F$(|uP>grR3Ud3u6BhH`pE$xLaPy0hk
zZLDCG+n?2k>z~eBO4NXp@{We_);+MkRqKGv*%9Ux!>Q&_!9i%Nj=QL$qq8Viii3^=
zesQj0!BfwyMh#gH?5qEkw1=FQMv0Yr9qiqkbP==}F~cnM=N22LC`y6d#t`ajVS%4;
zfpC4cozLZca4!^++`sqd$qTt64V#K+Xpq)+Fo)7k6<xF9lZ^%P-pkMke=o5a9gY-r
zUbez$ATYUxJ+2uRAPX}slD4}D97i`msQteLBPb#~MDr4lmJy~klBam`4p=UE`P<b2
zN(Kui+SW5GEwNqMw+|~0Tr=eOa!2Om-ou@h`HzK#9(C+CG&QDm6X-wJbPQ#>m6kuc
zBv;z=t!&GxB3WuWvB~KSAPPtfDOa!jSpgHTga5P>Xe_Maq&Bc=yJ?LAe0qo&xMhDd
zfE=Z_xvO6^Sstmh379IOfor5~mzwvmS0y9|OAO~}=Tq()*Qg{veuPg39P93qJuqK8
zxX0*2nu+R@n7#k;!-vI^{#1vF-K8vV)Wc2IrD}ZS&-$%XyVk*=BZ%dc-#9?KcqIhk
zHgF%xd9Crb^1l7)b4HjjE~hsAI9<)bZ_Hguc`QLzEt=L@z2E;_@td|)whMNgI>HB=
zJy`JNENw!#BT6_+nk#4+@i6Rjd{TLkv?_%_nY;3AFBW&ij@7!SkE9Gk8`^OQ!nV`O
zn0QqJG>dVvWU4HIc7D(mKQt^~@J#|sT?`mLe2;w8)53AJ$F&#j&Sk0h953UA1AQnY
zb8Cl^F>Vb&!FT)C=JvTZyEebQCA&xr_?$I=X)mKJFjl?ioc0F0*;Xdc;yqf{u0d=|
zn<f6yUfNKRd;SXzgwH2PQ^%cd=cIval!jIeAm;^N!npwmKyvwx^{_zk>tE9RAjDRb
zV^if^a;L%m&YI2Kdw^F(33hfuZj*x6j#zkWTMR$u-5DrTTb?~_DG-E5+sLnMFLa^b
zmz~eyoFw(HHGxopboeY>CFH9)OSsu$R97d^wuwqUx%NItjg(}q6n&?Da|MsDjs4Pa
zo!kh>E=n;;OJ+F^*Qm<4hRZ{sv=@LOu;FvD0-%Ik*peD}Dwgi<Ze%+gLY1CzQK3FA
zYp9s?(mL)T+!m7TU0xWec!eksFL3b(gU3N2tdJ?4OK*b3!8B#7GiLv6E=Hd^Z*}|-
zG`J+1@k~}MSZw`0HPCxp9w$76Dn*DRP_|!B2^%b&vHZ$0Wd>?zo{xXg`<*eUm%B`U
zZWvugpW?ap6;aTH;N|?g3vGt8IJ`~tU`yWSe!Y%KDr{im6TIJA3UOtE4(^h3GOy2+
z7j6Hsnw(I+`;SC(7U(_>7g~g+^!O_|rLJ;4muJ__>bgkuBA3)E|4w0AnR4jnQT&>!
zpy3MuydZUAND;j74rss*WkkxxS@k5&4VnzSV+BPgF}+cKCVLUj@2s4XS&TJ(80)mr
zZUu8iQPf_Vit6*y8O@a{d3rz4v&YV>nlTIv&BJF!1k6yIhj+YiYkC9j2O?sU`LaFD
zn&>7kZG(mR?vx<FX79O20+VTnYLpxG@7v_T*7u%jF$UZ}FBZq+<mDe?GcvtlTgj9D
zP=3L3UlF9#Wpd<rt_+i)y5xf`NR>Gt%Y4^{6~gP7;8yC6(Aw9x_crGy<zi0vBR@<J
z<Z2-zrbnIePB+yEUnu-t2Fj|GXYb5au$#D~?+MmCFK`WJ>0cbQOwSi9cuRfTKJ)45
zlMOQ{PnbHy2U;s8iI&kdr%TgrE~rE&z2O|38ivGnm|!br#>E|LjJCJob`>mL9{0uh
z75_$~=X^v?<HHVHOq0{1mm;k5^Z4(2=0rxCi@kpZT@@q?FKavkE6PyX#D1cec>~9k
za`@|cGTGiwF=P7ApGQC2N!F4EX21f^)=#YBRc&RShzO7KD>?+N)h`s3b&|PSrA3qT
zX%3Uk1N|UBBsNb?DArdm@GOYOemN8H*BO{Xh9t{Y?#9NEO=%B=E`rdcqDr1CX2U&I
z`}f><+6r?QVtJ~!hmA|y)1y`dVD#x@F`+~?gAbCItmPNFMCg~rnAI#f)kGfWYX1r}
zTMS0{t~flIQNZ<<ndacE!B|3Vb3fsZXYq?d_=Q6SFsS1F(}PKLyS6E%Be~n6)CLMf
z1awe?^3tE>>#^is6EJDJTn>Q2UcLICB2jk?d_3!XPWee@o|2@BgN*NuEPd*#)+sNS
z*zhw7Xk~0h);Y0s17C|58nQk8i$&MkLSnSrx_OMrE@3y`l>`eEM_NiAm}QSHlYMlK
zKH7c#akNgIa|9&hiCxN_Su+kj_qfy>l8r=iH?rKsbqi`(&R3KRMF`i4<l*^7fY!M>
zW9iScsxB#3D#OuNqLNGN3K(}-a1@9v$Sk^}rH8G~+`WhQ#*)#By~G6U10Gz-TP3hU
zVDX1UA%5Uo-<I=o1u^hT_s3jyA&awdhk-u}K`!()HGOidI66{+eN4L=_fD)ZZ|}Y;
zPS&lGFu^5LC+M`a6JPqPUgNbsH@Etqs|XR1hW#^KVV4YQ+vaQj6{?vNfH+g28mfrD
z?=_lrjqcKWHY#q_OmfGGfLm3n%bfSmWZx}zS(`A+KoW;cafQynTRyb*nG+gOV-AD8
z_Ztxr1HeJ5Ni~qKFZug;l&8*5ZKd4-(i;L?SN<_Me$xGa3Rrs1m%24rA?p>R^UEIT
z;mQrBJrUVTY{F<n?Y$WR5OQ_=%0Povoa^!?1TM>?v+EGw9`r&sWYAu%Wj$-+BlQU2
z`WEk>*JpZ!XeE#H?Qv6gc(M_`3qCdGQUAG~be!F7Ki;e^Hb%;A;kaJDP@=X}u$i|9
z_Ew*X2+&Mg4~c?wfu-k&i9lxIdsX^W!Mz<STo^uZxGXlb9<bHEHjEG&H3DP5=ML^7
z3~pFd-25!SxW<)J3cx`EcR3=EGiOx>t>R!Afxw+j=o$ZC-F<mD)N9<g>XagFloM*w
zhJ+UTGDuQ{?8lxXvW_fc9mbL*S;|4#_hp2_SVky{O2%#&#@L4$V;_UDy!Ui;I?wYy
z?{z)T_5Sf**Zcd!)ig8wmiu@A?(gUOS%!=7rxoAstfKBo{Mh+Jg2O_WFN=c^cHoL9
z$&^34I(AR_`_=+2t)~yiCE@&gA6%ItXpqRL=T?`-OWTuu=4%NFRKS`*W(~}(O0D-^
zG^qoEV5UMCyA;f?0UU0r*LaZND!^bXQ+(t<%897zae6bWl(yogM>YPgYyk2(P)<ai
z4r@5KfV=QKv7yUzoarz&*HxbQeJKFoy?9#T0fiJxr1K`Nr@GxU1YL`Y{jZrW<4HDG
zH%}Nm;WnJT?5@@L<e9kR&NOpIYQO)YexYH}x94N_L-L(wvAbXY0kRtNfWvbzhX_|@
zzU}kfzqKX-9fT?BGVSAaa8EK$i_8(T(*OJzyjQ4a`Dl?PrNi%djGY4N)OGNnUZPlT
z<3$Wo9lBTP;Zeep=R2V9LDECV{X6Be_o=xLNUiL0E}g)}Y04V_RTC?B29mBnjN<Ta
zSY7%Z(f0J{xtVHd-~pDo)WBrLb|l`+96PwrhV8XS0Q{5$(b5!IRDLRjM8+p{el|ZF
z)E3<8_x;Ws3_CFY5r+x~?3HNS7h7JX_Mdxif9NiUP2fa-UQE{?1%+S_SIqf{T}mfW
z9530)Mz?~VI;;sUA7DOSjNRPMf7w_=RwlBZn0ssEG8c3EckY!$60QU<s$vUsb#GC(
zQ9!*|&THfyaGR-~ALs+Cm$hj%)0VwP4s}?Zt*&P7Fr|f6N{U&J{0w(*jr`qL$)D*6
ztr?5iE6F7{)l-T_17gOf<o>#VDaS>J?OZ0I`nsd%j0BjIhbIl8$N*vXUkm^I={;uz
z$P@XcPhDnb0N<~bxpXz=^1cgc2bzvaM|Pp}os0%PVs5IxIoI%baKmdRwfjnw3veFR
zmQ!1~GjiAI%<@|9mxV&HET&bqO|2279aD~dz$Lvl*4yX8U}mzMQTJc}4j3S^#IEuc
z?U5sY-@k$6utX?}+vtY^-qx3V%W7Ha4?A6RMxF$}Xo5d4+RXg$CpD_Jg3pkhRLhyz
z|Mt9KMX$!&c+GonE3_&=F$B8CYdT@R8Oo7SIUq#97N2Mi(|R17;3FW(?jN1_(6q+A
z1P~Gk?Ra@vFPE_2tUr#;XXwpuJX35wRx#@|ZQ_Qo#NbWhLVuOiHpnIp7URq?dUg7d
zn^sQ~rSz_3&Sz_e?3OE9gPfT2)QHc^?c8A8Y<;D<RpFHH2AVz2T`*tG@;8Yu*%#-u
zAM~uOwm8A(($E13GRrhgFao<0A-t<!Iz{}x@zqZ$;7NcemlPdwjz5xkE2h^AG}E*E
z>0g?8J(EaA@i4XKIa~>iys_^7=B=7?&)2K1WE;Jjm(-mJ@5@06f0pr25@}A?>0<cV
z+`w+L&YU373(9_?Z!_|%!u;_m8AifN<(_PZ+l+Z={LU{puLhiB1%Tl>H+9dx+p2}@
zdx1~!0rtO3n83RWH%};GpOZV<;{wNvMV#z-7K}iE1#|oIyFVx*Uz=aB<PCdY(Q$e3
zeRJ!s2DHl`_v`ouGu3ZEepQ?ENe(PBdL<v2MXgh_((eSG73g%=W0M_WuF~FxryNRJ
z1ukje{n6Y&T{eV%<s@_7JiETQQ%hZX4$5CF$DDo|kD_26?Ca*03L|TGAKbp3-X8GF
zWlD16fWXOovbn6{RouWDw1E1fXH|Ge0`UvDQJ&h9uKS;yqv`6-U8sPd>Wa4+)x{6;
zMg3R*V=*1qXRsKz2<pVi{u0kbkfQ3$QvSo_c~SMhFnKmedfPnq>(m3;aJu2I*QyeX
zT8Y0;A^3R>?9R^@F|7Y?9kKkB8*go|%>JfcII6_(mH;8dZ`6O&-yNy`;J3KXdt-yn
zKfR(B78tC4SL>C`ZXV9Cn_PE)mr{bpid{vVojh_X<ZK6L$CA~Ni?Ab&sK`BkJ~+Bd
zr@a68k)YG5WK;sV#lJF_m|MMpl%Wq|=(QSz&}A9=I~0IwcLRjr=XU;|UHQ*%DCzVo
z7xNY7=YPSLIqhTdVLWQ_n<QwTcqNgPkmOvWK`nRLwxA0~!I^@eTfo@<qJWgtLrK|Y
z4?EWa`>tgK-LduKPZaDt69#dBr#safzn?vRodoH+J5AyxnDB{l?WW0-WZiv|>Lj^P
zzc9FLCd}dt#n<8G-wp3-IQ_~tulx$mQa<xm`Nls(|0NSQL9eDox+E4vTzpl_pjSyq
z4;AD@2d7~l(mWia4*fGug}~|OO5UBO_`Mz{vg^3e>a_2Q7eSZy&$WA*8K1OANjYCb
z3O&E8^YvD*%lE|A7Qzn37x?Wg*q<w`-&O{$BBnYyUQa2kjWxL161Qq$JJmzrH|8#1
ziNMwVsjf(ziVs|_po&T$8TWHde?B%&0yl0pTdZPk^|2U&C2>2}nYJ@P(%qQ*_bJSD
zC@b#pVySzZVHvs1Yw+h^M_hm|`v5<Hy9t0P2%zy4ux1?(xKo#-k&s(#I)SkBBM8^m
z&yE1n#bAk&=UhPPhq%DO+S(ELPYgMx#9DTlsrTnNpD1oW+N+=aArJIcY!^m9!y>PC
z<!O86j1N@1=Ls8Jewg(rPc8cN@!7c9k*3IUywYs1lf|sM(kyi7U2ojZz!|5!I^<vB
zLWGe_D`DuRe9(#LTLYE4roDZEkg)J|rZE5|W{9~SRB#6MrE#q<y4K~wg$ua=M1ZlM
zk>mJ&cwECA<X`^S@{@0R%}tvAXpiIq6Pk*_T0bv2HD8VR%kSJnZ2%|Z-9*$Wx!hU)
z7<OPNuy1bXq~G%ihjgiFDbVzdZa{e?ou<^4wpOS_3fS92e^LK&FI|%r1^xg#TVS?^
z*;JXww5}d#_z28_ocP;CegM}W#D6b02a72^#%E2Y70SSROx0$2GWC6ul#3+i#k*I`
zF&=lQxa>Qez#rwzb(bOeN(1?xbA#FwRT!JBCHrk=^F}lptRCUtnUFbr2waXC%;@N7
zx8x<qlz@mV#|}>nH@=A|kRp|^zP>4-ojL<91Z~S(XKU*Tt!H7mE<0;1lrAwqv*GlY
z+E~bhw=V*p=%oN|j}64op3TWQ`(jeQJ!}RMwpLF}vI*Ft-hpYVa#yU!Z<@z`(;-r%
z2cK6vI5_aem8>^u&f*%UrBYg4wudFe`X*c|YMY#2K&W|}@Z@>#4%u@1-j5cPd<#8Y
zQg616xe5r^3Scm{C$w$9<ZMp|C?wBzXm77c6|9fD{p@N<u!{KqIi<3}jP7fU#-_+6
zF`a?LVS{~}4!RWJ89m+mR~Xy+msvWyy)lJWQxVarw#77ij`<v|avls62{6zqGvdfx
zY81u_)znHc4m}HOr@S0d@eQFB&I5@+W%9ZQFjvt{@o263&!J`joGV)bRvvwRQ**J!
z?m#45ksMA$f^U1Cp1@JO`3df!BA9y93a58%S|nU8wY#9pia!b&&jefOx&w}#br>i$
zN$B#ktR*!f2eMwDb=yMlQO6<^*_zuL93_TUooTKwv-02cJ3_y_;g@B-PB+eoR#Y2=
zO6b&L1p0jlc!542{SZ#xYTeJJf`e6=)Sg_OP20(`HpSA|Z?)JOe#!CnmGvUk#*zWo
zhvl0_jQaAHP1!>&a=+`WW^R^mA3$rDQ^awl*s+kbCV><ftZrjh*V>!Z$#OlDT=M$o
zp;Mm5xGQfM-Zjp*X$#GCT9M!U>M3m1Cku_gD(VX;=94oQN&S@06?|LTIoQu}ETJ)a
zBMsaWiKV62<b1&Wrdgz?@#OCERZGaIDnkT_ufGEj>y24;C$my0Hp<U{%O-e%u1{a|
z3|rV~5VfLbV&c%2cbI+{x|&Y7RlmKCtFN%phA<fPIhPQ&Q(nM>r2rHE*I(J#0$EkX
z72z}U@KcgbuM`qi^lEARmZX-j8ywU*m3=(}xQQ2Pr{7ULkX)iqEA&onN}_78!feMo
z(NA^Wrc(@33~=C{e$8|Z-!!2C1+<Kxm<N)^N1ItTGw|y1B4JZtEpA)JWGRB4^Bi$k
zk1-r~y(P}%_qDeIvxIiJu|0(VfbR1pr%w4iCaughyt-;VGssRfHjgE$kvgCqF?U5?
zmDgf<>&8I&QA*=f82eUXCwn4aHKKvT$87}ISgjn9Bgj!Mmbo%ma{~x^GcKtn{dSC6
zM!k5OSjvOhwU+xen}qFc*)nf}uqW@{a}F<J+0h?#R?k9UK5ZMbk!i07wg(4Nk+WoO
z=kzg3db?V@zdUhkmV$D3Oi6b4&Fl8GsO+8CjxtcRB)$+cv!?5;a&~Us+f*H(^x-WS
z)4p&5CctE4XAY9!74bj2(d^@Y8B91eA{xNMrnLxAi(A-4Zmdtu;)M9B*CvywE1kKT
zyzao%JUbYI9^S8*D;(3_jC`%&R{;vzXpk9r0bMoE|J}KgU`rYTJtnFde-O6NJ)B&0
zc#TaE1?u^+8F|rFT>@ImDmeH>7~mXjx=90j$}%$QjOcruK`Z#L+^y=T<YESwh05w>
z2|8WBe9oUvcvzy{b~!<Gnu{C>u^eJknNu39$#~S9rbfRpq9LAqkXUc`ilibOsy~9Z
zgVZX@KAbA9nJslkZmZyX>s^?w-=*`5MFHI}C#W1H1Eo#`TEUtk@|10=iTuYRAur{Y
z7AoQ+KB1Mj(DJQ~_5jM@xtY(<eYv*W8g@{>x>zs@jP*>0IyFh#OPy*?Q<>FMQlS!h
zTU%)>^q5|sZI7m$Vts7oY2Rsrz|3G56w}o1g%v>(xs+5(%yEpZJePq*MYN!q^bROF
z{N?Dn{w@fY(EdBPmv%s{4+!rKq3j?nlaz)W!X9sbyh~*&OmQP4Mc8ito^uebLFD$P
z=V^E&hg6kr&sR^ay&PMo1wTE@n!mtvlS{Yp2?y1z$drrxU^Fc!IJ%0IL80K$g(9TR
z3k0CP(j~NVoV@l4TWA90`!i-%_bOoh-Ll_t0)!fT*+XqPO90lS2y|e@T58zzy<q(&
zCHV$XhwmYdaH8!=zH%;zPJ7SPaFg-;7V!gn@=&?GGK(R_Su^sS@Ld8fMaUj(mLaBH
z?I+->)T%ngIZ|^{@BYz!zd5`cG3{N2RlEmw+H*r+y_`>|?Fu$|`UR*zX3P*@j#RWi
zbs*N&3ZE=<9lIrWxG~MJ2t;sMh3?r1gFjoujhbFjH3#tmAmx**YPw%=rrleHO|BE&
zxzMKjF}Z0ZJgK2wloxVP=*Y4N!Y#u~o6t~Dy!C#%$*yyAr3kapr^ANakXFtBISXBJ
z-<nT8OFHd0bG1^{O~^^7@PtmKt#xstLt~m9w|(dAGV}E7)aHKDvUFMJs8sc|ibzHx
z*5ie3@`}g0Ta%l5545F3nOq3R*wk!WZaru|@{AIol@X5{OLi3I8_+iS3H(i-TMobH
zWwfp|w`aG%5-x0>`N%O8WrHE;f9Ui#93<X2j|CYIbLwFc?2i$v?&S~I3a**Abfmvk
zC1BU?-)wsaRzkT|RnpF@S)>vrQP`r04T3$>YzoYs-nV_}Ox+}f+?Hhj{35((vYEBh
zlMT6yy(FzJ@ILp^qLq2ptqJq=3vn2Ou2o5gqgf{|vms|UX6KxxUq+csebN+2dxYBD
zEZp>?${W?0RyuLr-ds&O{2HuK%lWmuXFa+v*{}F%4=e=fD@O8XTMLRmW3RkP=a;WY
zL$E`LzWe{4GL%|xPH|=&QG(R=)FzlLPwl}#A4>rl!jpX_THN06X@-;A4vKp0FD6<N
zYC1<oG3S@eeNTzJ#@uP~5K)T=hU`6;lapf$d_W}oy4(#{Ik`8c))M04Y?2qJGquK+
z$8YdQVlwo+vs|O~)sS`7?j%gn=-NUMprG1QN*<|y>;MZ9!inRdxMNZ_luM!q#OorP
zT6Cl{7vSBINewTo2rVFn9kbb1dtIyJom*+RqYr0Jyfj<(_@=hT_gMC31L=nskv{Z0
za?qHS1(75!9>PkI<$zoFl7@hRw5LaB?axKB`_c8A^1z$XGXS`53`7rY?Wuy|g~gxp
zk|stY#448Vid^kJmE^)dS`))bykM4l#OCv}<Hh<z$L=%?+k+dkSpN^J1ejGy<_22O
zTktX35r@&;+IXenn_8Dt7X}IF!+ut5sVeTcH1?(pTk0MvRn6zVvAXzn1W+N$GjuVo
zsn?j3t8;&L`|YNvQ;ww0jK++Z3{>&Ei_+7N&#@~Xk9wY>@aeLJ(NHZ>CeN$Xy}xSn
zp3$>ulP}}ejVmgI)2V*GE5(Ou(4vPuxzsfiy&mQ??dpU&^k>hjb-OitQC1Wo+XU>y
zIH$Wy?cZ8%mh?&f<?z0WB19k^NEGo{cUM67AE<`TgpCb7&b=!H@lz3zMm%D2M@pAG
ztlxeq37`qfMMqs2-;*Vf>fL}<ku}6zy?;p~=uWQtvj!33jckzM;AvriIFq#ypXpJ{
z<Vcx*(=_u!Y#Cqrz}~Ehdh=F8ar@9?eHS?YRLC{R!6zfnE3KOk8G#Q;`7v{(E-(YL
z$JCoeAz$(trB#O4xl{TZ<J`&uD2is&F>8(wft9ENp5sx@H@yTH*-cZ_i6$Z!t;_Ai
zQ?Ewug?_|V&aQvQs;oV^=Ni<}Yo3+}ibiLdgd;nFGJj87riS?uMZiz8JA0NOUePu`
z(s-ENv%9n*jNi!8A0Eo0_Av;9TPzZ3iWJ@!qt^1PJn1`g8^VBZye+)Ccb5st^oVNn
zF&;pFNhxH=^t7bu(b(yQ>HzJFPN5__T;;5|r%O2g=d?+;KR$4m+E$P}*AvGP8acpm
zBhdp_cu$p(yGB(7Nxq>)_6-jUVnmAf#uw}1QrS-pL|@1*?q#MTFUYL97t(b8uuO3W
zN-0>uSpvIeN6a_Y1m6>>!8OcoO6f{C1+RsBLmVwufPiwiMt9_K(06*x;A_xucxLn6
zK+oC8)|Cro_iUdk^!#GRb3rbhN{7xOTHGYcW$-}@f2fqK1?GqVxrkQMU)|JlfReG+
zR<BTSqt?H#3j-1#0VvxE@5;Rzc#D?!(xG+CzLvW}+GN$rCkD0D6ltHm<ltZRx73j(
zFflLxu783}`UjO#Cr|w;l{zS>cQz3Oi4*F5n2VhLc67)nZI=b)t12N#$Z5VCZYZ4_
z0ga(gb)4(bJr@PtDvYQS3_Zc)t;iXv!pSY3U(9xY)DD6iM9c;$PKF$Y+BJuV>z+x!
zcllK4A0>6`WGickjT}t0)4T**z@Rju=l%E77tFD1Hq^X_r}ioO#&0s{+6r^?3j5nq
zDD~m<DbG0TxY?}4u`&5D2cdDI0%RzkFI8^CYnXys$l9pMzZ$@0>w{{Glp1=4IdQ5I
zq%y=eZZ7&f937ORu-dj1Yr+a1aow`xOO<YcrlzfHj`h5Mx4zf(5M4(&p=1SV&(rH-
z+q`@<av@8UD38uR+3TOoVSh8Dy|`A+S!Pg7UQLqCuQOB^)zw(C9mbK&RW*oM+f(44
zpHzuqZ6Rkm&wcbQJbfvQWZ2hLV(rs6ML~(qcb`?~`m><0DyHe`A^|^LHDFFjd!$Iv
zjttSit*PYz3+Q0f59-qLzy8Ep0}*^(BK|y*mm$a-kml?5?Pur<(C&#iD3+qKk*OLn
z(<hj?JYo*{&0jb?LnX}6E<7X9dg5E0Wcz%P#7($f#8H2xXm-R+t0?F=CE2R*U>qoj
zavY5_G1JK-0b2-sb4eTNwD;E5t!Y^gM2f(BItJFGO6La*eW2SgD_BhRB^R*a3YRFS
zr(c_U5#R-I{`zQgUb;%`3a(7wJZo$+e-`w*Z&S0Z8Jk=@zy*5$#0~zt7*e*<MT8g^
zcGa(N{xj=!yb*kH<nHZViMydatvCY@OLcYiOTR%!DP!~w^eRPfvz+*1AG8xl$-u<R
z#y?pcaJ5JEwbS5M5Qp+|((Z%(Yc@W($WgjZVCIKUVKU6+bd(?GK4|8=s`b{YKUc6F
zM3YUw+!7iTZTCFIuGXNp>IQwo=B+|rzFgH;B(HN@hGU1!@lSTf6e%ZDn@aYA)2Qg#
zklkmgS+b7CL5AY<M~jviPwSx_vOVbbpy(^bJ8<(opJoq@G*s>pHNxX*Yd?E?dlXzv
z-^S#~uI8kZb9W_6N_>Yzc2!qr!(Fb=XQp9t$jTZ!wbl8(*6Y84#FZCh{3Y{Y&Zwl$
zOjUNH-ACZc8oPDIOH?8>%y)oNCD4=FZN+T|*ma&cDqO4i10p(=e{{e;vha20POnu^
z#LpPfD5-y96{t5VcSvn#EIsB<Tt%!tVsa2FJ?w^&@XblqQCyV(u*bT%ysNZb`U=v5
zM=}2R5qOVOz<u8ouUb<S)MM`NXGI`@#=;i>P4gAAEWY3DMZd@v2-vs}L4!Z0f+58c
z#wR%7($u=<rMJFzt8(8{T)KtzQj73*OLu{Pu&JK^ParaeiwQ?Lv`$V;Zr8eoaRdhD
zpWQ6Uk6)v=%w8o)%+2%~iv7aRe(z#cQnq(Wqlldzi4O#a`q!xq%WbX3Xp<c~b(Zr7
z0LB+gK^SWDZggKlQF~b&tn^yU{6?Z%Z7k;~JJ~}l(#OD&q~r4oD+Nvrx_HjYh#Q`W
z(&lL-J&923etH7>57SB)z?AuhjFq_`AlmDtA@L<pD#JvgxS3~ktJ)mdwKS}sw{ieR
z?f8do_XB9m8dd5KU;=302Y4-{AkLQ7b*pYQ{iTkvjN^AY#<M3U$2oZu<2eRi9TE|h
zAf<X*MIP{z|8=a)Gt?~c>$OAm4w(-u#iFdhS^K#i_;<t{%m4fhRU6i7w>QjqqqfqM
zEaT428*8?JcVf$U?=#uL!8_w|zwI;=VpWBcUvZkEuhD=x9EYrzq-IHVllaUKVbjF@
zA29n46Z|%bqYgZj)J$>cRhSR#uXTtsjTj5Pk$zn*N?Zh(4rSca{O}(k*(IMl;XZV{
z;{m_>WNz*xcL?(R|BkQ<rd(}&^SgW>-|8rP<-TS)^s>%;*T%4)tN6lC3fqsrKFqax
zc@Ee117BUkA4X2aqaZ)$!@ozHx;dtnP%9^bh>17Z@IcUdvU+=d@zQ<_$Xq8Pv@GA>
zuW4S{P@uxW22*Ti@6c07>ec_%br51+5&ddSy}V<qX9O%^efK4y>-oQM)^a8i%RYbx
zKB`!)RXpzd1qyCpb_m7!Yj2nzIU+aNCNQsTu@bNt-oJu(g#GKT?)(GeQE*b+E@o5g
zg9LoK^Ya^^tKH;jb5R7W?aIliPKnj^!sO_0W{OAf*W7c3cU3c-);)f~tz*}gzn*v^
zI0%-_VXsdk5N7Ya-}Qt3y6Lk@=K)D0)Je}-z%V=B(yza=9@M_#vt)MQ3xOM?ru~EY
zo=V8juDJ5x+h0Pqpy{6rP*htQxyLg(?B&a2U3LC`m8zwu=5W!djG(n3L_vhq&Y+A_
zp~J4mUpD@e1f253e<G)epx=yl>-_Nr<*ATw!?iz~FVXD+A;9Sg)44G1T_3>rdXL{q
z)v=hGQhx?B&YZb1C%M1>1%4h2Y!_$;7$_4wwE$^MHS%ubw`<<mug;HnnnQuP$bArb
zr`P;DICI9}3^LG}Os*TqxJzQv#42#v6Ax2;nw*c%<s?{K`+=xtmG({ur%{aj(W396
z%%|Mv4w|E!d341B4z)C?YYBjDJ-#A(a|9lEd04cmc)Xvlv#qIf@*s>X(V8QAm0Q5<
zTl@%S9!r*Eg0ej${{bz<GR7dSmEXSIC5g8!ln3ph&L!$cUD_hdF$YCng-$gM<knjr
z&Let=)^8rSL|7%54tXXGoK?hYGbqv{0ED&k{(OAJq^52=fIOI3{>JfkGlb}ZG`268
zo^N1hf~=>_SLyY6<k*&<(?mDlW9Z(u{tQpXNArxY<eox;i8a%P(RX>uwNEWz?=hg^
zlVl>4K`p?Z+ddCKpZE!;wcryLS1z7q>HzLCFm@`sTJZ*6Nerkl)kAZM=EGtyYN8(b
z|A3O&QQ#}KB+x>Ci=#B=02M?cNZjjpyBL5Z0K!IX6nE#QL0=~6olVOLKNom_LbO(j
z?5Pu@c76(q3Wo_A+w$cl#o7#8wusTG4d1A(#Lq;r9%T~OUQv_NK$o#eNHf(Z3Kv(M
zmHg7-mp&Foqs=J~md(#aMio#xR@nSEWJXsC!pX_Ls1zK^l8DXHvKtzVyA-cFa;wGE
zMS^+XdX|{k3&gc;eHQyu<&bj;QLAovx7_UW3SzxqrMc)9)n)0>Ev`B{MXDtwJ9b94
z75!#ubvSRR|6vllZR@pG*29vt0klRBtuSQnc|4qhdxMS~a8^M@E7p~`P($bi(>+E5
zj^UjvMCsK*?b`8Ue&zsXTXX;PlUI{&%fEbJDl5R)*qD5d!Cbc{NGJfQiKn^f@<$8E
zAQ}l;6$B(8U*>|CUdfm#VtxHUY4Ty=jTImmDFvMK!Wr3)tNvGph0ffwI|C}qGX5aN
z1n79-p|vj)>&HC>&5k%5>FU13+cM3n-@hzSeIC4*zzV?26iMgA>Y37(!4iYHYEo($
z{f1Tdw>V*Ht$DfKi=rBGjXO!J(x%!JR{a@PLiEtyTxzdFxes3depBQ*qK_%^$Q?Rx
z%9Q@cTqu%N(y8x0rNA$fbTrj3-Lc>rU`@!;m+x+X7mJK3dAtD6%YwbJ6*wRGHe9T{
zc1Ws6d-=KWK<4xx=_f?kq{a!#A>SL^vG2Nq0dt6Z?!7h0SAKw8>i%|X0MdtUd9w}(
zQybUY$_MKE-@NV@hocC$K0Y-WAHN~;h^y{P)Y_8fSE+h?3$aV3q;0#=o4ixqGOLL3
zPoQ>QY89)qL(<_r)o3jq!0nghV@p}cg7jCDNfbHycq|o)Hvcj{9gx43NrgK(muz~}
zVqoTqA_0F-CV`2O?RhL4&C7DLRgGYx>Mo{$DdLiJNAuQO^ew<Ko?+d3<flz}e_YtG
zO1BzVm*T5$>^^1Md^AM^vUvQSJ{nxN{%UMNdOBdYcp3xhoi%Rl5hWw+v|Bx&)<`h<
z4F;ugwUzxd2$@o9U=(5~&`?}Di)zMScC&K@c0`az&}Lz|d@?sH9R@g{6>kDblSwXG
zJ<83!OFd<DQb+B*)l8q;j6pK=n_8nh#6&2YtwfcP|2YbKl9_KcGf3Qysi0*LnO!dV
za6};l{b238f=fS$x3XRM=(jpVub=DvOOEPCEL)1+o@ZU^XgoYnn&;ee=@vHXH@E54
zKvhPq|8$Nm<KuSykrZT4G}1|hyH&Mb=#8;wtHckeQ!}J=wO7Rvgsp%zWR~N>6a|OB
zQiKDaS=1DJ6*}JOp0V8S*`a>3bl(NjPWsymqMzEs5PSE%)bO(HUwt&X#h9yH%IAeu
zeT+kCRk&ZWn-BU7C~{PJbpYi)70d>+Kfc<e@&P5jwepM3{Ly{T)Z!9HTyaHm%XPE2
z_mxpK)y%rv$H1{YJt#%^;J03pB$KeU^_w9VN*=bQde%ModQ46`vo=YxzZ&D-((9{Q
z<c0_w4SAJsE*eurGMRXgc|wMKO%p0|U&_}Z<s8*rIt&vStDUD=wv=Cl+$>C?1pMp+
zR`2&``w(`}6><M9h!T}MTp%X`ugxj$5a0JaZS=9Z3mTPs_}vK0Hg%xVE2nX-_o4#_
zCzBTCmP5V@7;yt^x2(bdF4gy<I1US%Q-6|x8R(n&gAI4;C%&<&IGmg?T^+wM@)ssl
z&wSITE3zY-K{bUJm`X;fWzP%XPo=*HuzRsS6nk%Qxz9SfTI8ihkzY4TwVOQol16b}
z<)og~?1m@eXq$BFJUy}cLFX6deP<t1l4XkjO2I_wNxAcw3dnoOI>enP$5Tr?b>*Ji
zGo!n+q2FHz{9?A|mDt{$j&J_je*dVKQ{F=Bw@dEd2NLuO)n_Kjt3p^HPcxsM+Fx@t
zLKZ0C%nNMq^<~0Hh%1@B>P*2tAW7RdLiXMqxxQb3sC!YbiaW=BLOmm`p@5lsi&<Z?
z<;l8Zjt0<Oc}hbX6A2v_Oqow?_!<U}JUfOzANg;X67!x>%%Rq)!=6%AP|Uu3XlBTn
zRJ}+5?Mx+97q82!$q?3oBYz*y@`yjZ|G$Azy8mT{SojR^xZqomX&a`t>`DN~@?4&D
zokmI41wASImIN`coJ5t6(ZMe|J9U{fFW$F8gZG$-WWHbJ{K-$6YaTjzuD)&=F}J{B
z@kaV(%dRikC+FYYSXBbCljSrc>6~FZrsrtHvj)fTq*D0tgx`3Gx5g#}`8rl*$xWIg
zU-rTdCgtNIo?ZJl7#VQz47_Y*HeLBR_Vri1<yL3Z;cS0I%f--JDZz$*83u}LcS5bz
z1PH=AiyaB>3~dQL4YmWO;dhgzJFv8jEs%5arSDl2du9Jys}SMihJ85$Y*J6|@Im%Z
z`?B#DJH9ttyBfyTVCTf|BmMg;VwkI|d6q$wG3+__4$ipX89++$!rv2unPoUJXDm}m
zA@P^*tef%GAb1GeptC%V!Lpi(Rl4A4jJ>fkwp~D0CNtAXT{<&-7kA?#B&~k4Lim(?
zn^!$WeL7{NDOgvKhV`nmuE}jlSkVDTqxh$(WHpQ+$tsdWmUNs{-#MBnRp#VynC>cK
z)ez5Vb*2<7L*)*eZhOCmes@gf@d3Qf8TstZ&d6PQ#%y=5rRa4#r_^JCVx!;3V1fRS
zDfK+vNrQs0T$qrQt2Mj%Y?G}Hw|$4`>ZQi$k@KMC<C>$Q?-KcOjL1!doBfXUmh+r>
zlr#7VUWNnq#()8;b$aY;w>~sRhi>CqWUJ*RGUbML?>K8DJ03e+jb86>1E@uJP7=l}
zw#$4!XO3u}ctCVFb9F&~WBQPkfl$e>`e4@<21yh%f0V4Te@DQXK6!Roh{eAO_v$hk
z)e<Jjc0=4SLU8_oDS7pZ3c)v2IV6~c<4qctNe4753iEJ6io&_`Hm@;{^A}F|#1y1~
zF_oU{Jxru<&!Ct=BkMH>2~LZW*`lVBJ6^SH1`QASFEL^SoiwuyuR;5CHPWl*wQvQF
zZJ|-r=3}}>j<EvT*wy5X>YjDMHzimZ@A><c`Y&cfbM0;ep}Y1#b!uqdu$KA$Xa7bE
zL1kCPL<{dSLU5E22>Q?J2b;bFamIY1ml89TUmOlc2%ck8?Ji1822a-4z4Rf+mW-}L
zb;7c#lhvypcyT$Lw~Up7_#9%sE{wKfrQN6@R&>uYMc7=*nP*Qvg)x_BvgB<t7b+43
z_1SQh!}*LgiFf*-p@Tb6hf=Gae(p!PYl4?9L9U-|v2Et^cdBpjm+z4l0;b)SpdCDV
z+`;ZXA~N=+aD5u4hxy#oEt0$ukiL1vuD#jUe}+CF%+<+?bk3vFIxHsc!XvZZId1%+
z?8?ZErLG^}FPN^b1`nY17#*hM7MIc`{+jiLYlRBe375_LbI=z=-fXxHF5T<v090XK
z(eTvBhGU@XL#aQYpwYvB(CY@OvWfRt=oOxaxAmpaT)IXcsEETZ8`6rYyG8b@k5Vv?
zMjE;q+5bnx@bc<9t~K@C)H5+7wsYc#w3ES-<rNb#M2uq=*_nXho*J(tPSc8V>-DEi
zt2zmwFWhZ*1&~OYfMK18snfp!L%pvb{YpOE32NC}W}AbxYCa7Hr)P)feVpi0&qrSX
zVwzfMFSsBbTk49*yR}6!Z}P`up0V5Wog)HmGGjsw((hK4Hk;R^d@0)(IC{e%h~apY
z+Oh4O=lAfchgrq4J$T3h7LHoz*z9;FK$ks>VQ52811nBa8f&K-G4W`qtX4$)@%^h*
z+Eok43i=HVXW>^gu=t3lMwMT^FHuEAA1rW-bT-!S;$CZEC`L*dV-)$V^_xK<<V?rs
zya`{3Y3CNY^|TGDEK-QXJa9!t(W2vYolOrH340{kJKXOyiotASGN$?h6hm*}+gNW@
z-`gKMD<c%M5ELz#yg)Y`iNFf|_n^VdXnKz_|0gw0fn1DWtk{rG^OG~{n!BFN5X!$|
zKhI^cs0M`}cJ~BP49&F%_CNq-;wo|j%BEZ%eKAxNFP8Q}O}t5~eCU#+S;iVre76aa
z56z|k%Cn4zi0nhcMa`MgUgTD<sb@_LIb(ea+Ffi}k4OuF_m=K1vKu~ULZTl<`e(vX
zjv0F(R%ZNvPloA>Q7!QR{BogDE0Z|t*CI`KySX>jZzjo*==EM2Jt03iqPN+am^eY}
zI^FBS886Mk42d1ZbBz8EjDehcd8Y2*muwIrFxeTcD2XQbxI3a)|0B!*h7;ekx{_zn
zt>^hG|Aez1Gg)U5d<Dwv@0lyq)>(tXL7p>12P_$h(<>iY)h;ami{-}L)!cloQ|_~4
z(E~C^)Pf?A+IAB=3kg1;j$_%|^VZLcp$vJdJDk-k@wuLnV&7R)X}Z(>PA>%oJeS$h
z#}NC4kj9>3XS`<O0~25zXt?uikUsW&dQUpuDNU;Fy&n~AJ139^m~<BQ2O)cdBr-w|
z|2iIkaiMyG6#Tw7sX-(t!0H`gU_$O4_14MLIoIXzX}|kqTY#Z;)BL~ozMb`hj!uP3
z8WUleESv6XC0)26$$~HQECOhpP6^ymuhRIsyLz5h?z9B%RTFVd>;DlN_dmz){(t<&
zJ$=s@;b!0(<_3HMUJAFQsqEY{O<6hr*qtcte&9U4GXQ}mH!&Iv(VyG@EhzdwJ*khr
cU!O$ol4|xW8jQZE$J~oMs#-UTZ`=?5UtX6-X#fBK

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/image-layers.jpg b/docs/userguide/storagedriver/images/image-layers.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..378e36b84991376ffb23cec090b0a9944ac27d9f
GIT binary patch
literal 26599
zcmeFZ1y~)+wk|p+?ydoXyHDH+E))0Q8r&U%y9IZ52?V#`?gV#t5=d}JAbBLLz1H4u
z@AsW`?mc(kb>F$O>+Al9RMn{Js;*JhJ?qEfk4*rYjD)lV00@KtFh3rEA1eS+03;Cj
zGeABDNJt21SZHVn2xxd%SZG*8ctk`*cmxC_6m%3MBs63M1XL_kGz<((OiUycY+P(i
zTy#uKjGu}8j0^o33mO_80|@~M<3IiT(E~t-0|o-SAc5!r2y`GMI`BsyfCvBtKtMcN
z2l)L54Fd%WgoJ~K_^}LtdlGytev(2e8$JP8xzjw$3cp_jVi1D>^T6gW3`;D%V|e7l
z^@{*-e^nqrl|5@6M86$qUf^}IcJ@%0bZmYU;=Ekz$lf{Pw|<Oyaxg&+F7Z{csZ*7|
zC~o?!kRuELz!L1}e#IPd&wNcC9a?m|<{6#Zom@HTe7z%MDABW6_NW4^<5>SNw?_D+
zvHFzdZ)tA+qJCL(tS9s&B9<U0y@vhtL`e3C_Pa+t;hjTjXMW~T;a?Q&hqhFAeH1_L
z-Jc}np&s~Aq%oSzKj1>Q5b8Dko~j+1d8P1Cc@Zt+ndLJT-AS7qdZUiu-QJ#Cmj<55
z`tA|g?t{&d0Yej+!!G~;Q@o?cYvT0!y%OcFCoSh+83A4+4u=MRIea3%;wGRXZhiPg
z056%Tp6{qV32@v~J>D=rVN~$G=*1?<lhS8I3L!y=C&BYCwT}Xd%-KPcK5^xjf(McM
zHJ37$XaE2sX3pDa(|QY>a2q$Qo8Wlj93Yp%0m7gFxWtaptA_PT9=Y*iFBbq{_@=<r
zeen9Cgi|h1UMc%mg4DjRm^vnS`Gj=&FV=1c9;<`=X5rS&+2`ArH||=bcV8Ye`1yNE
z_X(pu3O>DrdLrzIR|V>RD+qGj6zZg(-!B1d8$;~<E!>lmSI_XHAhHAb<=PB0YBXeZ
z!$}SX5&(d-<gqH#5K&-#KdMx-{>vb$rP$Nz>AKvV>nmmxt2UjetY-iK%E_otg_Sl=
z*%cLqL_>c2mPzPAm#n%vdn2Lh04zSp;r`O+s0#pyt=%^okWo2dRY&k4SjUm_@&3(9
zfnPC%e^~?hDDeJ_=l6?1H5l#P=mJ1qe1+vdn>@&Vw252F>lOf<%sJ9P4lTIgbd^Y-
zSW4f<(4OrAzz|Xh+yejy{d~L)=6=npoZ^sXDjuP+mn;BaD7?z>uOtCT+CBsKPsu~x
z3_bB4&nT5ZR_krl_f}6LXYZShRyJKb0h`Mw27q=hy83r*z+=yS_SiKa`|aO#TmTRP
z5*iBTSGR@u?biGe1)#0?ivaqce0<`fW`#DreS(6n&)4htO6bQ_UglG6KK8BbG)wPK
z0`0Hj*fdi|XCx~I1-l+K&uz93M-L27K7!K6o%7fmD&>S98wGOP_wb*}29Fw#Q7@{m
zul#;N*ooeyxnBrCeUSUa15%gNKC!rY+I3@pL15ST@uw#-3XGkGX^e{I0?*)FNJ_yh
z006@|kWw{werftssqNz{&*?Lc`m)C&K+?@q7CBz7{bOX4r^M~qJl~W2f{^~{%TGL{
zyb|yea$>Xl?Ri1SPjK_ZgGGgT=(iHLDSE}3HvXCf0C*+pE7&qHZ~w(^)k8(b>Rp1h
zUfSeyKL7y#ZaaH}xB|hm;ipU(6Cecupuq=a{zFn-zfuMEcKf>jLVzzyc273|a6Z>*
z|HS(l{|WuH1E~Z&SHD42m*EEhV!b`eZjp0Ic{FM;yGG9F`uyZz-AKRy0C>a6Yo{P7
zXxBLL9Qj++wiV~w{KjW~0EqhV29Al@d7Xc4MU&=JK8_Ag*Z<k`V*@03Y<vGWasVKq
zAfRD@u)kU$B-%gaA+Gww(r5R6ssP}@49NU;^A{I#ve;zmY!t1gNuThON?fv@@FN?C
ze!2YOD2?6Q$z@+qI$3aeUhcHSZ9nW$#HGr$Iw1I(jp|K|Zj27)JFe^<CiGsT)JKuE
z%Qr^5>|dfs>hZ__)l80<@Ckcdj-~7IKjGKp<R5+^;8yvz@Gk`W;S&e{69jyvOfCrn
zcpUx|z)mqV@Qa+ZnN4K9Wjf|Wd%@iLSO#WMAM?UI!I`xFOIbz*w59wyq=Xk#7?L5%
zM}7c66GNKEp2geat=AZ%Dt$jw0RT|*wJhEJenH@`IKLo3Fx-^L;EC%rr>FD8biqmF
zeyT;_hQ8va@Gmax>(`?G((E0h*cQf3Q8=tAkCh4?zGT&?`f2oC^iMr)U)CB9nT&L<
zvw1_y1I|ZrbhgT&n`c(g*L2&jUqc~oHoWn^oeH)aJr=9u*6U4+f!o6Dzsw27@5vIo
z1M!L{L?EsDFEvH|nG9bp#P<hrl`alE8qJn$ZMj%sHEgl{`CX|!V`lbZNha%wr8SLV
z@=F5%z^m!Kw!UCp;W^Q3>YoMD8pXGd(ZQD{ZvLkD*u$1a@pjA1c#e&JMke`{Gh|0c
zUYFl5i1PJo4&E;W;NyE@JyHMTXX3{O&HiXM)T56D0R;{H+hY|P1{MMm3JxC!4+xKi
z%T3OMhAym#fr-t=MM6pj;xzcpMFPSBzV$D(%8bB1Fr*qeJGHX^g#!xa=@yTGxR|Ts
z(SktoKsLXQ4s0`<4`GUGUbg&~cg|eL>&Rc50(~ksH!9r!vP8gr#!}puO&m;j1yPND
z>g0pKaG?G3&GFj<*zE_@HEN$(;ojSH^SzeMZQ)<#<LSQb6upt&Xh386PL<AM>&_jE
z3p_>Ih_Ux!{&27T(O$K6myJF{^_a6=r#M+BS-H4;s{C05v}VY}0(!BKvOiiVi(_KE
z?8?PCLSosTI7V!DHHhA(4E1Bh+e!m%H3hoPhtB2`tx3D)?7l$D7+w4Zv?fL`tUS-J
zG1J_xyJZ%wdVAc-ho$Djl<GViFJl@Tw1Z;9=8$o3#m}SGCsUwkheKd~0O0>WEc8_^
zbW@BTyPi65sCXG;`pUWTnSWwQv%Cd$kfmgQhu9nl7F&9|CA{KTS23~Z(^)5*F-DNt
zZiTwvdwcnw=#!TWLt{3KomF7f@<_Rsd|HbG+W0az*V&0gxqA7$x{6T?Ii9Y)^rH-U
zeKj;FZ;rWv*~_p!$VJs2-D66@3h`X_j|d-qTCNg=?82J+)wF#*q!3go_Y;T6-g9^d
zyj&{Vy<uInEGi!=DN5p~m+Wyn5knFRFOJd9MxlW2@(SeI$s~@v6vCO_D@{Ki!4F1W
zSwqmB$oAf<sQO+wep{@`Rps<Wy^X9aK7+a~T+01mu3oOamqr`1=dKS6x7cpY1-`Xt
z@;&}39aL`O+u958@TvEdgV??<l&nM#`&Yc=FQd}<UxQ{N9a_`9>?2Ih)gNwR=R2`R
zR7uHJqUi&HwGFQw?^PN5reRh-s-z4nYe>lP$oqIHmI{<sDyD6;QK2v(NTE!;qM0bC
zo9O$z9ERtMDM#4EPbh`xcLQTL$Ss6>=ySw(oex9YHzUb735x--DbSs9Hi6pzmAF;@
zq0~S0jD2d<sk_gw8P(qG-pQ7%Ot4W#3eL;NlJ74W$ZW?;e4`4ay-gZa@-qIgT=woe
zv+UgS(ksbw0j1+Ns-6XN#5@HD?B4rtGN&%m1)U@(%<snk#`-D#2i^ae2!40374~;s
zGYemyu1>`x_+@RI<;YnD{lMFI&;EDAKADj(b83V77UFDHEq^>MEc9>*UQd%u-ui+6
z?iuov>np};ANk;05w+;<uydUnD6|b^`MWX}x$D@R3BT;4gP91r8fxnw%kXJS5Sl*i
zI(}mdj}L?3YT(~cXX+rJ%t5X4a)^AZDG^9X&S5PP3C)417pKM}*As2%XyZ*=EGUM{
zrLOlfzD*TD4z&H!ggsmwSmCQ>BT)&DkFL#U+xP>(8?g~Jr#jGABCVaf1#V~y5}<bt
z5>smxE64EiZ{!$vd~@`vv0Z@ih`z|FN;5f&%RweW?4htp2Z!@UmnSN^5Ui?GzFdUn
z9-HTa$3D^`=T0jsEk<V%-4ID>K7V7KmZ#Zys9d3BXE`(>g(p2Ak0BG*pe9EauA<El
zB!>Uv(H#!`ql1jo_w3k3Lkv@#uas*R%``U=(S6rTq77Pjeq2n$^p!GB#PMvVm?8dL
zBrTFkv<VT!LHcPWkhHn+3=BRiv~8gab(*0}q(3l;qqd@!E@QLR5*SSNfGCGcG2hp%
zeR*b??~abbR-UZGMAc#O?Tv*zyq;v7Wy0%}J<6Jvm;g%xZ@D}fTaqP&N?Qudx;CLs
z)ROuifGO#$?Or#IZ5ruj4RI|^f>-#0R@U(ehBMyqS@c2q@1%rq5%fAl;|o8=T8R}^
z<*BjeewyoNHm|bbw{3sfzWez-u8z*fG93z|{sk%89UmPYrj=QDXL&NDAAm5Z-aiJU
z{iH32rnUb(J9PK&6454=%}kt~zWP3>eO5DnZ|%}aKx8-Ymn8`8di<)S3G6h$a(_Hl
zbXGD{$EsmV!lOE>B=j}NnJeN_=7vU(cTKMxL0?<&U+esJ1ZITCCE3%5lUVn^4*>n&
zZmlc7Rc5&ZB>w36kvCtKv~RR|zW|~fSHC!rFhQ>3cjA8Ds%_d1x1JzueH_g~8s5vP
zDbJ5Jb4e^9ro*16X4xJr*ElEp)yUatQ;@&YS1(jap0iM8j`wNwj4J?B&$6g1crZz9
zlr5$A@Ej_Cb5@dQq+(DhXCxBh4A+)fSSm{U()ui-Y$RluE~<*Y?6Y>aRatW0G7ST#
zlZ{}AilszuQ|mV-vPw0=;@AxZyRj?!k@}D%Rbz9N<9Ae*F!Aczwcck1JOWKtj&<^=
zvht3e6>+^61)+YvCwEAF*=dRDtS75XANypawY0227*hSDqp8xCN4!R=){p&cUBQB|
zPDFGg_+Qk-nVl4BG7h|?f(<fJE{%Su`{nfJ8cwv0OOqX0u;K+yI?G%*sHgCog!P&e
z73WKO4+qXcSo!dlJZ+XG24%XD;h~+dLrbQHQf?o_rM<0{94URLm?V#j`WSue&iP``
zL=}NBk@@@;e6qQ{8C6jo)pY)SXqSdel_nXn0xRi+e#QdF^2|i1H@K)#LLYmNPWmCt
z-n%2z^Ib5if4Bg#aND6AOw~6Q*QDoKM90(LJa3fM637BY#gnr~sv0$G$SDqWYBPtP
zt(EinwWiCh7e`l26&<U^>$X`ORJ*li(#z<|M5Hy`YAyId8UNA6JAILpIxz~C^YLrM
zL^R*NqX-d%O29E=0~?m6o7J-N7Tp(=l|O3@XtuCK#F2oi&q<V})zT%IpiARuxB!=L
zryE)3mJ8eySEZKI%hPPd+llJ4S5*W}j~LU=Iu?scXxb@CtKAibSYbl8+KuwDE6+cd
z4uG62p%E%q7>^)Bm~-(+0+)qIl(<mO5mG&$N|j@Zp^5BN%IXO`2S()AZ^z?HVl^mz
zm=y&@WUjxaRCThT#TgL4<fl-y-#Wit`WK~fse1>28~o!T?(?01-sj^hJplS29^KZJ
z6{%O+h0(K2x-OOqK+ju9gleR}0ED@!2##$m6JuZfz4P{_Z%?tCBU~h9YkweTJVZ~v
zgd6pQGHr(dt^4EK2}d>MO8jL6nB4X9JGkg0Z2zwY_GfO%_QO4=`n^$P5b-*>><fWH
z?Sv$3zQ%RO(bx|fWxlw8&;|}ZzqvG8xHNT?y!~9x3b++=CFZhSi8MQ#p`(F!Y$+1w
zAhR*LMvMdEvoCiDvKZ>>*u8`uLOX-^Y4q+Kz6GpPC^OQk<20sIrMItnIdJv1%1m%c
z^*(y@HYFwTsHA%t9oL^Rnk>(6e@H|zl8G8>H;JjVOL8%dq*yC0n?t(tEPfM;+CRA0
z{k@?dxo#G>=Mz<BxbRzJB<#K;`sYdvLlJbcSklLdaSw6`DO>;8;+~491j9Zio-$Pi
z=iyH@rTV^fBuTbXMCU;3rKe3(My{ct4Q~HC=u~3Wbgme1f~=xz1$v|2j!%-w=w-ap
z8g=F&PcY?p)>N5!mEut)T{A(pO-X8-yfW*M`B<q~L67;VqqI^1gs}N)UgR+@O8S@l
zSzF3}c`4qeW8Q{QA3JMYl<YiJt+9)UAAn*;{xSvm7z^Y}%(>EyL})s(p~Z0fuk<p@
zeHPPdDE(aZ3k9AgRKpedin1=1ir)+OqMbH*625(itfb0vC>NjRFH^Un<ecD^+Aa5Y
zjkSv(doW(|mRj!PSSX{N%R&5C<I2ox_XSH%S*|4BI!571UkSe=_kv)aQz_!nMB>8o
zJM}pH>1Pd1uHF+A#*CtUU!V2J<QC+M=!qmXk>wZ5=2dB4!77>(fm-)fD_+rs-EWPy
z?%e1EyndEWf2TD_ALPK*<X37P4?<LNUhvFMuHpuPSl&Y`CA^m?E_JNx7yC$(PoeS}
zgl)ysp(0yF<8pc@cA-4oQ!m)D7Z4KjE?DN-x#}U-Yj{KNk0FAU(J%1dd$^aJIP#M9
zg&(b2VlG{|ICEK+F!;D60SP|XX449mFoE@IlW4N&3UbvetTZAl6R=ZyCfWexf6Tr9
z6GLxERHXysYpIu!i;+Q`WLwB#&7ww3Xn$p*@lw~y#Z)}FLhtvf@(+OA-Iwpao8OyF
z&)$SSXOSt1@tr)Ul8FHO(oPrl^Sv2ScuveDw9ca>yVZLk7;W_ffMfKBQ}RI3>`OR7
z2<+sb8EH{1%~rhN8F7{rFuz?X6XNupWgH-%N#a;IQ*eSIu?{fKvMjt_<>uiiM~rf%
zxacaE<2s~22)7P&iwfj%K9*d{v6vkn1UZAkA$`Z<1L`vB)C9U)sg{eZMzJmZG*+1L
zUG+>hR4$13J@<-<E0jAS2QX8PdxB+$<=|W=_)$F#=f86N!+g*8GCuzvliLC1fU&8n
zswV|pr+%xglKW<#jdr{t;#33C_#2(NEaxl6y=i?XMslaqEVfY_J%wShv$Ap*#u~@C
zeRioG?XRa3M12TZ+vJV!Us<Ij&)JMkiv_0k5`NKP?8~FaI}q=38;%$**IMyvXnHn_
zmo&A^I@&~y@7H0<7Hl%kOohNR{({i%2Y{LBW%0F(%c*6Y;iZ-SZ5{eAhqdj7r6H~D
z62CVgZvW84qZR+TZHQz>-d~)c;|XsnhWA`j&1|9FDXOK2;!rUW6}oAK7tKxN{oj5f
z4GluO&;0=y!k<0MXUqVpWnQRL^Y2Y;G;3@zXVKI0z$@D@`uf^@H0euxJ9lF91JGp0
zhi6%1r-fq8XgbjDe1zjdKCV@)+kr7n%iNqTIslT1L1RUh6A4W2&s3yObsYfn-x3vg
ze$#HDv`IaGV^Ktz66!MYQL*)cvb}`|lj+$J7B;h5a^p}#bPJbU*39eqkCmD+XUp*6
z3pP1>t9l!P&?7gpKLC`EtHH`YSA(H|P>9GdkTAa%gdbn8K>?s)&@nJc6Q{7qSYN2B
z#U~_9Z^L4Plnfo>@@ngPXLiuYg+&zeag_Z@DA<e~>v2U5oC4q|*^Rqvep@Ss7XmyO
znfEAKCRGd~jG0wB{s3$N#UQ5iX4(;#Bd)U!^=38dKZ{)Fx0iV0HejFdeP}OzXR#i9
zBJL%B$!tl#?3U-H^xs;!>SzX1Y@!%kYqLt~ONb!h%VU?Qc@i0vZ!JQQGtJ#-@hP4P
zdGGC5E(IzvvY$Lxjgv>alKMzH^>M#8-DOS%wspm{&s(+HchX;L{@Uz~xrj!!Z$GW<
z^i`)@()j$d1P>3I6{h-~KZ|j5WmK8u^ZjR8{wGywS3DHv{QFcIRE7J002*1l1xX7c
z&9aBdqm^!CzE||`-~5NHhx+?@lW|Bxwj)n6BONZ$(Ff9m5+_*d;dsp{R!|66Bodce
z!LUO=M`{ZqK3m8k>XNKHCyb<tTQ6n(uwnn3adVSxgS&%U$7|?5r$r{g(iajFi-g1F
z<3pOmnJ_&{A&aJL8VDTX-$5}PQn;-48)&wt%aj)Ay}MYB>M-shs^M|`WkI`xVS#}H
zQ2_F5+2=ut<q!f7yhd>0gXjKD+v?XQpxu78_p7O?7$iQ%D3{VXa_=`n8P|J^hPT__
z9aQ%Pykh!Xo<{YJgW)6boeZ#5P%2iAGMX?IPBMW)tPs=vU7Ju$iP_{{+4c{>>S8Vx
z)q?9f_ZX|pM7+rwe_6H(8&=NvLku%lOAP!OGNCs6wKSpSn^ujJN{Y+lOH3m!y%&7C
zVu{kjYM2Pau|?m;ifty@1^8et?s~=6+&a2UnVh5YSZ#yHsM>@0tIMWL&dpE6=ft{H
zOlD{k(SSswTTNGOz6jC>%1Ib(FznVR8UvnbZ-RCe%Wd)U8vC?uZN=tG<5jIj(ahG~
zSA)lN=mNdqT??X`t5F=njc+hxj#QwusqP}3GT)jOYPP6BbrC2jx^^A{@sfExC&E-G
zluB?|Kfs1+brq*Y8LXK60L&akxZr#e3e$m@Ehv%6LRSF_+h=d)V%m2>aIH57Nq?|d
zZ)78DO_x<yRQHq%)BV5`6oiJ<9RwiDdFF6}byw#g{=OfVydI}T^f@a5ArzOa!MW(1
z9)8eP09<iVgqR8~L?5ZFQ6hggsv1KUyiWh1Cq|8wskji*{Dk3|-t~H5Gpq_*9M%Uj
z2bxkR<Ouw>0u=eSlokx5z_PR;)$iZSpwx8S27zPxoahlF(yFAaMko>M;N6dS>d?KA
zfvXInaM6`sUxf(LpEE?he4UsZHEq#AD&x)lN&jMlAFV7mYTTQavRSuYm3gWxyUu#8
zooO#GY}_<vC<q+Eq(Xo$vB}x}9vXr-xhkKoP+`O|ec+pW+xk8?bsxKf^~@55L%HCQ
zeq(eAp?qP{xAZCldc51uj-@6wyJPn2=*WkOjb-{R+NKaQMe_;}w`Y5Thy5L|x5jtF
z**iq}ZChh-T)WlO>FaV>cIZOT0F5LyHe2G@^23B<iF6TidlEVaj3L)x6mQy%`#h}I
zJfvBCVnaUwn4{26S!gVpJ@K!&V?)q30O4&5#>2^EMG4mZGT~p+Z=rJSpbQJN>SR8J
zil5N)@`efzh1Xz%qR%h^x15Ai6p7M%^#$GTbBT$l4b3pKJ%;F<_UL^)182-BQ9YjN
zee5+|c!vozsZ>0nJ*({@6d0bCns-C|&g(fNc)AS0hCXVR#XRqRq;4#R*y-W)@Tx8H
z4i6V~5>2cQKEFFiu6SAtogR}G9I=^}z!Yef{9;1|c!hxZjfVRgh0zSCw+>AuSZZqM
z;$S@C+ZaRcFq9SU(_XWSz%(bO_wfCFF=Aq3U0!e~UZ2H6RKO!<baAh2Ow80o+jt~)
zM`+5T3~42~aUX}xm=X#$i@j&z+M^%gt27wG5x+ktOI*b2ZjZp`JuRlgH`S$YbxO4*
z$I|7+W^<mQQ{xNHq)p(p@P{jwQb_0nD6R)XYoN~Zjx-A$@Pup&+2Lla4np0A#4x6N
zQN(aauF-#e_aCrACJ3`=^Ql1A37Fxs398H)BZAFI;7c_QvGP~>W#yDA0@!j&bZLj>
zmf@<C;wq{##h!HO`D$!as&g1+*%8I1{~eXX-`u&<rROpj$&Nv&_%8qcti<iSGp79*
zRZ<1YZXWU6`7eYL%AmN!s6tb6T70RIU&Pgb$^yQEj;Vk{;y*xTZqRzy?~Nc>O&nZj
zw5N?H!-*Yf-z<92c6ZhLmpyG=tb2dC`z+}0eUrm4=rx&5EO0Q1ntgE)I_Yuo)9k-j
z5Nv+b`tv8AStSb$3D8J%Uk_s-ca*(CnECcnNv+ft^6N8SwQVfl6{vsYRdan`46*q<
z-5gAO-A#zO{p^=t#x1Jvt>2iRIAcSHJ+ZDQy@bV+m6{f1lZyfY*ze=Xmy{cu;ct&O
z8t@s5BzrLwE4IsI03@*OXOovXw(J{7&A65GSLBuBhmzu)AS-tA6%Mze=1?PyY9IZY
zBmzvd-RikpiCyUu!73uYz?+hG<1fu_NydM5I5{*YS*(dAw9DGHzwBox7O%ycB}Yw8
zYsFYbV2WlO%&Me<K%RlS2Ot_1tJS7UaT7B+U?fpM$4@ti4TrZ!1+t~e+9OSom6(r2
ze_AYKb(3!BB0z%ttg0Fg=Rc&g=*!Z3$5y7(X%seXAyZ8QSv_GB>k=i`!OHPv!<z{|
zzc79hyC8886gT`rm`xdP8!y5bfUWGekItZU8FjX@Ps``QS~;;M$(+o?n#OrVxM@HN
z5a#rEK*Nib+E)p6BCmOo<eYE8mJ;jlf?`x|lsMRDKq_O0)(=VMz~??&WF^G{h8q{%
zYSF<8;)I6ivhLy*^PZ0|)1oSWo~1^G^}wDz_@Y-imBpyLo-AYnGGrS!f;XdNs$fcN
z`sjo+wlJ5Q^^+=+13`uT+3~$tWM{?1MuX)V?D0}9r4pE$XZQzzWyQLCvxm0Pa=`3}
zJ*|-mgGyL+o>qkR4qNUeXDSxqh~;irqj*>%OBTfhi8lNx4CkR(bmEi@jEsh9UIuV%
zNjl7su1ncnQYwIqTa;a8dI_>I2?8`Ip2WU5p3^9Z8IUFf%Mqo7HvS&V1;SD-GLR}u
zO+0@|gK=uGfi;*dJdE55E)3=q$BU2DRrclGXMkNr76R4?z8WU;^LKB3+vxU|4UD9h
z!h=-gh`-Ok90hhGO$n<g&<tnBrO(g>yV52Zr4FsBBpE&I3v>ej6Rb&#rB!*#OD~K!
zAyEilv~f1A^wB)}zHpm4XjA=l3MO$q&%SLx)D2=?oE}*6kQ8Td5JK)BmnD9yVKOR(
zz**7cuVK-8rqzv4wQbT$Js>tCmFu_#XwI;t9DA-iWHL7bN}*tbXCEtwC!>YIil9Wa
z1pwR5z|t?}ET^m;S;Qqv-~;@sQ}-3ObGI<`(OxkQ4z^%t`13~%^Q)&?&}$N=866B`
zD||WeUaYaT6P+qf%$P(KNEwe<5}yVi07<76%TC$|Z2Y(kNB2yy*o#JCuBryV&8{<N
z>c*i@0F=gn?>n(o%D1j0PAFFxj>?Bi7<;%tex{9!6Oe|0aa0tLv<xyr-F-v~ZP*Nz
zLASMN<9G|^fz#l_)Q3fzJ$bw=bd&JJ0SC>2<<uX56bt+Ci(!-LWZMtVrx{aA^J7x1
zfkDcuoPH`>%t55)X}-w3>fUWfiDM_KjxpHp62-c*7h&$YY|OLyl7`L0L7;&K(Q9f|
z-O|*s9bQvHF_LYLCP@~v@Qd(e8?y}7HFMW;v?wLc4=Q4zE2#h|IV+f54Vs!b71}iQ
z`ZQDdnl`6U-U>QO04RiTfv_L=Msn-mWVdt%HG^;Q^x4~*On<BaN+xhYX!re;CT3fb
zb_p|f7AS=q6VzvnR|t9q5kC09s>V~W4_Zo(nM==~GLAP(U7?}^@!7L7rowW%R}^EN
z&t8^M<($!cnuRvAl};U@QElAogS0vzD%GP)n|&yrSgMmh#B`Q7h7W2+P*vjI?h;vb
zTHa<=Mpgj5H9bhqW3*saYn6)K##K^MUO+?cNxr+;GUiGd(J|JVk}}?6f`tB(2qo#}
zNm!crHAYEv=-`f=*tC(gPdq<>AbE{6I+cq}+`h1SHmFuFVA{gEWvB%dhHEX71BYqN
zr@j7R!-!PSwITqtK?>%1_qaat1K_hxD)~??`McMGwy=SFrT0I?3z6GL($yw_?e7!S
zw8d{blal7iTfhoRNGEdmKLAFENRNw?Qtao)#ycrJ+FM%q_&K~XhP)*$JT=G9QvAJw
zXw@T^op<|D_s_yDGP1P{4otaPpi!(}sviJ04C41m06I3&Fu|U(^d?-aTo|M^@E~ON
zG@@ke|DOM|H4s3S(X!fNiY=WAhlXq%G7Ia){<~MP>5JA`ex|&E!A<h5R}yDjAYKyk
zHuym!BKbD18+QFS|AM%Wd4(=bPSsjRQbuO=BRu2)x3CT7O)VuJ9bB?BqmgN5=0@rO
z5W^oqckJ$SJN7dvDKj~E7KzHmeb$)OT}&*{iyRuxh9)xmQxC=rq0d^&6VC!&5*!8L
zw9)+hegM8<iw1wRkafzO?qvg*)$UTUHOc8{_H6=q`WnZv$$7l$pYb}bXBg?!C4neg
zf`wPX8Ql)exB1T7%1Z&JAR9_#$5SFgUs`}z5u!GCs;D!WN#VNM%Ub$*+swRpZMYah
zY6U^B+a@CwmPC4WZn-)QHAEM5(lIBXurL_ESMXBRiQ1`ZpC-#Kn%Wu&g+uoWf;K^r
zmB25?fCYvoEnSXTc!dbIPzvRhd{Dl3ny?rboC=<#7gr2*!je@VE-T!+SXX51upi7K
zn3^%<w$3BJ%ylkkT1P9gWF|!4X9Z0sY&XoXH3ZQNecU~hCu@|>?cpQTE5=69Fz-4|
za355`PDI|!@<5Vp`G_pGv424@2IHJKC94r8%<E}C<W6)xLo&0p1jzQ()e#zMK{PVy
z5T{JZuQ0d0+hx@{M6B6kh(QQ(m?K1@Sp4E0<~f}i$x&*c4nux3<T0AeMVVH0o+{bf
zPpoY0m9$oFbgbrLUHjh77}(frgndl2Q0r_G)~*rRxekJf6iP6UpJ&JMhJZ_G9d?>w
z7TK0@*_2h8rmbI<;i478aMS?o`i9LgmI(Uy&a3H!>E$wubCdgNVvJx2Qdd^ulqT`P
z?~6If4k6(^Et`Y~6jdNH7rVaWh84idX<)#@+PbXVQei|_5!+!io{<NjwmnVw?S;bh
z8@N7>5h$qg&m}Rwj-~9vhs1+##DL9(!Ss1}CNAPO#Uqf(>)8Pj#zlqH<A6kB?4xrt
zi9xxmaBvjTmoScrH8dXoB8Y#N1m^niZaXWBHSc|v9J+nGoMHpWkkye6mmm;!k1?Q+
zIRd{ln4Vs1b=GoE^jmEy5$0xBNq{jP7#PIXmv8pAWjEU-oT{`@Q5lq<ZPImJoqkt+
z+E4a&{F7f0c^So5jaqOB{~jh6w^4_6uemtBoGhpC-fJ+E71`JxB&3ST7<oL9C1ioq
z{WV{L)Iq{!ME!_&Ba*!9yb_^trj7l8T&WIOs$OEE^fJ*1c6%^en;Ozk@s{qOmfY&f
znX0dA;c{h2vhvFo`Mu?^R1M8zl<Dux=ZO%{p?cB^#I-Vx*2RXgPNrAj;N>z|pY>PY
z85F@L@gCTl5~561*l!S%KK^lxpd~*$d*mn`dI~)6%Wp}WZg4-)F~o5J-N&H(8On`^
zk>*rqZX~9BxFR@A14TYI7H$o5G2aErdK)ib;a;razR&bCL3xvBEN=^jsca)B8X@I*
zlvH+$3&^vy&g`n?+zIQP1OY98a{y0F)Cx;VF=Bxv5@*beNlj_=UHgCoou#H!yeW`q
zd<yAIJ*Dk(jqWZ`#`}B_ip^P^zI=0^aF9EFpWqc?cRL)zcj>wSy<nMi4-ixJEhR(-
zkC;fWVfagbnZ^{RSC}u0_2S7Qim2C2uzMhk*XOIF^!cZn8qstzzqKHy*kmhLvZ0&t
zkz6}Rc=ZrpFdjrm7YW15NKvKnB?fHAofj_$M(Q#w-IJX4Y;T1V8jVEcS0=IwkKp1R
zaKum{KD4Pe^~JymetB|CyS|h9EHG)~3)jR9i=u&vr-=ou5mCskIby(~J7YWpRH$QH
zWLxxg+=8H#{)n4;Fmbc28_AhdW`{qX>*2U`bKh~Q6!Go)6pPOq{RYXnQ*6@(p!cB2
zvC3G0Y!EWz2Y`OnPz^^7yl=nRV~m<9LB!(}H>R6j_9k@PVH{PDDZ*o9ZF+!5b{|L}
zQchOJg==d_8~8Pdq1@CFPnAp(4H~k~4o~D`qw@SHo1&DJM-LThW{KCX9+Ok@cSAh)
zlVS8PD(*Eg&=)#RKBP0r#fl8ZHHv+hu*n}Djz>5MitB<WjH!h7&<Q{6^(G<UK<kwn
zhrwnVswsnlF;a){WF2D;k(=6L%Ugh)0+C_%MrT{AoypJJ?BhK~0vn<nQ^p`zoQm^B
z9p8q(HF^^TgR2u!1p%u|9){P&*F^NKZ@?fP3W;P17M2#kuPJQv5JRWEEeS>J{xqlk
zQzH#wTHdRnT~|kw0ons#2jRkMMArksl~J{j#DnHr)TvH&ddN$=x&O}0P%2j~q;}Ot
z$Dl4c8!%UI_Dap~<1|v9=CI00x!GQyHCLm-2H_XBHPi-3fe+sl|9=lmQ3jm*)s)!+
zwm1o4kha=*LjEI%=J=mFzi%}|R!dn?*|=1`<)$3WKH{26c9#z41Ya!Zz;S6awelcw
zC!gnqXo_>{@LgLhD-(va2~Cy@)w?nHBoWM>;SHXX-SDVd1;!#}vZ{k5U<`ao)S?s)
zDcBI57)@lF6~1hi9*Y=^DJ>l?Wr$=>WeAB^U|7A#3~kCx$!?u7c*U2`Dcy2P>NmiB
zt3g}mK?*gk<s8;3Td#;E?Hs*XDw@I?!HI`94lmPvUg>IR!9h%cIu`vd46TE4?0PNg
zLtz8dE_|E@D)mIf8vBT`A#zQfZEuTgKQ0&>x@^$IQ5Z2y6AbR+X%a#k@4cCf4(3Ec
z3_BoZCy7wVA(4c#9adD|<qm^!{JaW-nMAaj)G^`$X7`C(Z<JZUBtj#6VKBks!3UGj
zfE39#J2_+hssvaaAkMvdcj2+svfPnGW0Gvvc!Yw^gk=)%Tsx3Dh62AA25E>j!ZQKf
zL7M7BjuWE}j|gKJS5zzpG<1n^A>l=4jG!%{$4iY-sEw5S%Ui(<ixsZ105Y5KTpm~c
zU&iQ0<(sleQ=>?G*{E<jOyC5mTA%9V#cQQ+8B;k%2f?0f7j;nBzqt8raT)du@p^a<
zleR&LOD#PCAuo?Gu9X%IIe}Il2Po(j^Em>qJg9wKaOk5{VT1`-8HIE>b^y}wdoIh|
zinLgWTMbST^@e9%=qMITDI&Dr9@_F2fbku?8$Wy!H7#F#*)e=7`fR0h9~-`M`~cE5
z3;Y;YDE-^Sjs#aR?Pf)=YGfkKVy+;Zj+m3Ehe-P#zQfGt3@G&hIwpI<Vo;1C#FF1a
zZ#%|PZ`ttk1S2^-CMDa|ZG&O>j721CYJx>nI|{1r9yRL>blIu)>OJKHf(*rrA>+mb
zR(orK2#G=KGA@*tz4d+N6p==FjtH7P)Gc+}z!eyCCt4T9Eazxi4qAn%dL=?vUYTdt
zJPbk^+;Fzt=K>1}$w6&&eJU)Y{`(T$j{0ah)D45yxRd6xExV1npj4VPeYY2{Y6-`o
z$_*5QYfubGPz+drPM`by;orvRsYZVrt4PR&M=OCAMliB@3&Ht4j#BIg;0*bFC}qBt
z8fd5qL~fkAkB%g*ZIg57TgWT{HanMImP6z{wVW}IEh8ewQ&#RHRmjXGF#wKt-nt<+
zDDHxc-g7{OVBj$rt#Spi!3l><z9vg7UX|xWDh>0u74&)${LY0osNFTDoV?h^Z_5bt
z+Yp%&C&dIMV@(F9b@z_-`+iBxVIg+}5=Jee#}5lUCIEThTzz=g`Je9{!I|8nMBmVQ
z#1S0*!zh{ekjNB!+sz$Y_ly<L*%O>|A74{45GZfh^ZP$%3F`0LPh{_KqO%lUDOEBL
zuqxC)q~ypGDeY|u7F<e8l6BB9vxl`WVX%Mvo&Y0ltltcya9&!AFCQHQ)L;pr=u3^^
zuG{A^Tq17Oofu;8#xQ^kD1wHxx^u#VSXXHJr&-i;9S0s5o9-Y<ez|y$MD=|HRyn|5
zVGqu8ZMQ!|ATTAZL0Y6V_;b)Mt9`}<DT;Q(D-sokc@_CaxpJBcuRTDx9}F`CPjV7(
z7ADD^tK%i6(vldX3yQLTloiY;QWAPM+AQouFM8YZ7);h0cr2dCu)U76D*V8H7_+q^
zXOoz#NSNW`7sIJwVNw|!FhI-+=YxeXQfz=kouuRZF}E%8u4>-^K?k=|Q15NH&ilgS
z5DPwNwaF&JJV~2OBl9vUM-tMP+y=^p>P1XjDx|^)%BTB{?w@67g;XP%>XUT>U2u6M
zHjOibAyK@)Ro{h7(h(5Sz4i+khdQycj^h3SsN9<2AQ(;J9Z$@tlkSPe;tDc}aSV%<
zbYn*<I=`|k)LLe1aYQW68^NLV3#IXwSf@!Rq?&fzU7?FGp);p8L`qWubU{^z88+V2
zGRdf#4((DZtJ5@*sxdKE0}=2C(KZHeo$<KU04$ImD<-QHT!^p0o0NF?(rQTvBI~c{
zQt|^11AKroc?d8N(D!HrqAi~C#Y4M<3VY|57_POh)&9w}4hI)K(+g3%5}0iAc?N+A
z>_i*yLBZ(Em!Uzf4epBcHwjQ-PUQeDBr3FJ-yNGnJNcyYBNLn@<>X_c5w{L(u+f@u
z=Y<|zfF-}8Du_Xa&LUCF&M3Ae;<<3>aETBGgwbtS0x$v|LLEaJ?nH)omKnuQr3&8v
zE`<bd6h`Iw;VBBkU2ZL9q--HvtrvSzla|>ou-Q;?4->|rjYn<gD6U^ThnFBt)P3-u
zAAn!q{nNy1&b`booDl8x)~|05NL$uAQX9G=DQv<;jc68`_wfqN?&Cj3NZ1WCHUD4u
zPxWBy`le{QKcbGZ(s|rCI%M7c_X$Hz2&=>L9sNO5%*G0kkgr3EHrj3%4*0m*O`BWH
z5_%qFXD1A2wA$Z!E054r&H6VtE#XVX88~*Za5l9V%WPt-u|Jh=;?9~tM~mMFuzWrF
z9xIQotnZ?whc+o_z(8H@WkLsczuE#uri{*_C_ECGF^rXtNWx2f#UU%0dY%11?=P_J
zpRw)5qVjNP8Oi|VSbKz|VK7Ving}>$CF=@8;pf*_j!c-6lnK4rcVNvLv&LOFYBiLD
zc&)g-3z>{gi^#+-qEE)$)+>}Z!&p5!BF0o){RU`^+e*}_%6T#*M?6>qc}iHWtT_hk
zz0@^h1k^oLvfjA_-q-N7N+_EuT0zy7jdI_%k<;=IXvhOk&rGXVY^=GO*QX>Ywl&sV
z5<G&ohKo(8zns%G(Dkv(82PoVWKbLVOZw19g!dxkH;U+mI_*=zj6LI6jKJ$M!nAG;
z;jyJwbOLNaggnr%F}=+<1)DuwB;KH_b>ol+nsD+Y4!w;HGgG;6zYv+}xERi9wmp{9
zVc3&AzsV&{deOzhnnc>mIV&+wxKabk38r2p3d*bF6--HMF%Z`ikW))^E?dbA<rz^%
zD*_Ud=CJd-Y0e8wSl$Jr%LjeAU7gU`tF9$0zVA`aJ`g&mAY)aQqYJHn`&Cb^Bw=o>
zSgEIWH%VvMKh*q%nrIjn8$gq*6TVyh8s>M0(+5)^1YWoTJgY#3viI=e6>2hlk#>vw
zD=(}Qe|`!Tn!L#50n*TOJ^X2v5UFYNnN!+l{pZmrUsfp82ocfQcB>ad`Y2flthHf2
z$rZxgD7-tqtVqD_V3SpHj~FJRa(@ep^@R)?o6#%!1c?@&qE%Y1Ej~WJK)?J<;y}$g
z2@+qWSXc!IGsY+d02H+*cW2MJEp~iAhrvS_Gf-Q{>Zn~7vUOv;y*7??v@{AkyX-tR
zucF+clpi&uVbC!wCX?2!vlvLlZI@w<CPTT$`~y(>Du&8pZqBM9!HHVSHM~iS)mj9O
z*<Pv{IgteC?sE%LS(DrmzBZ4p;@w3NYa<!MP&Sn-02)e-CS-X<v!L`wS$_KpL1lhM
zYY%MpQI27CI6^|!n1DP>)TV~Gdv!8BBA=>4&_onmcDE*0XUytx7m>cXxTi%jhTA2I
z9O`&>PcC#?u;!Ed`C?f1O5KjmCQ2Es2;Rhh0X0Rk*n`V+W27&u`u5w~(It)yrG~M7
zX^)Inb67ei71eMWSem#Ov|%KW+j!;WW>@vK4(z3?a}UGCFb0aLLc|@ztHp%SV1zU=
zrxo0bmye$jIQKNW`xgz(ItB9KN(GvPnPw$Q>BuJTvP#)(YYP2-r$zl=F<SSSq;2d@
z*wc<dK?FxYuqxq-I?P6dwGzY>s)~PDbs@`V3fU>cMt9~Sk}8eNYd#hi(?uRsrXxGF
z<&FFAtt?|oNRo#j7q-I_6ac&<DJE?s_Oov~V8<%{0Z<gNI2XZGh(}BJjt!dG4Wi1S
zAZ5QJg)bR~lM|HsKST&L_yH)iCW}Kd=-&^Y4M}lXV;JRvb(fD+;U>)_0E+ck6FaXC
zv_xBloZ7>^+cR2!xnoq`OR{4c2j=d)ZQ<`A<g?afSrItF)~T+a(++H(nTIg#zD><H
zprZgIxgZA>6H)?+N^kQklNjZuMe@wp7K%YYW>y3kRt>UTl|lnZENgq<#B=U4buT3$
zF&%1hJ@q>vh(w7~1*0@E_XR|B6uIGgoBDYQ+k(9OIL=X$@QdE~^~2&#**GO(j8qn^
zZ7aXvI-f!aGTO(Lt6k|7dkO4inbxGSWxOQ}e<~4J#Sr9Dz!t%qcuHEochW=3GM;sI
zaN?4}c``+Ht8l4!%y+V{yFx5g&W~2VTF=|9k=an_8L+R|BpwczBEuW&zUUEVIYIQ^
z<bw0y&*CgER;^i4yJ(>qo_+lt-&KTR40<GHwpoh6)IQ}dzcdSUTBbQQNx^=?CQy*0
zVnI|Rrq0_3OT}GPN<+c2cugv7tveMl`aY_oB0ozO(_xh&K0bh9A6bJmA`gokSm&MR
zu;;iA2n)ZFys}Bpu!&vU#^k~1i43t-QpA>aesd=;nh3=N@tg&({3GvaZqWzbwp!yg
zqG?!)`bYq_k~llMRO*DXzt}#IqfY;O!sD0Bbm#ye6vShI{JCMv&pk4JUa`<I(4Zc7
zvS3vt1qqXpkW(1MKJ6R?eB90A@$*K_L9qSubosyKV2<%beYFhb<8dgEV~&1zkbCWT
zL_oaN7ZMdK8Y1$Uja%M6$|SI97Z&0~<8^3sh>N_J@k0)|(L)Bg>4P@8$vxLMU3yJ>
z#k3giUGj^`7oQGb$R1Ls7|0F2_W^sj__-lm4+p>#81a~TF2*nCo254G#efipg~+Y}
zJR!WrNY+{Y=j3b>2e5pv>WEj+P^0_090&61@_Jwmvmu1|FP~57qsQ?IWRzNS+s0U%
z=1>v+0H8SAB<yyriHee)#P1qFXVnkYyY}_SHY)dS$iHb`leXId));*He8K{m34GUe
z^o2v%*ze7x0BqgKuM{Wi;qEU!#4ZW(L04=4*9ExyhYblf8cjr?0RyyOH4a4A{}g22
zI>>&rEck)8)6Hq>o8&Sy*XgOJkon&9@rgF1*HkbZUkf}DMKtXMaAK`*<N@fk{Co=Y
z+U<7O+1A5)iG*8*a@e`nw^EVO2}I($w;X$@_dzJz{zTeZ(hS1PHRcCE`@O_2CP5?=
z3UPD^Wn4VD!?FC(a7cXUu8*RM&*?$Ib&RYo=4b|{E|R-kq~@grE-V)Y?hvAe%?Gso
zR$PI?;+hF}#}mF<%?9r(+hu`h)|i!Cdne6>9(b@-6NsiSn#b*8yvD*xQ<s1xdja-S
z8bQ7pl0!1a<>vR?sIeJ(L{Vdw_l#D011;s8*UJQ5Pno`{N3dI4z4V#7_Luwi{%<wl
zxPUjIZ6^M2ImF~wd%D?r<?!bIEywH_T3fxtjF<LxyF$b2<@)@?JCzeR0j`F&mhm^&
zUYSDbGN!iO@$o0R8}<ZgW-RyoEuC+b-JG&_?4>aI&gw4~Zav%|wCD>hXcLGc^{8DT
z-&_oR|1gB<yRga_*WLXt*=HtDBt~+KQ<<-RdT(tpq<-Y0@vWOfUT;jv@~Nktm4|~B
z<qv>eT6H~4&8MS+p{Vd$CHHu=?m3>kT<Vq>;<)UUUfCTh#{nyJ3zO~>tH`3*ny}<c
z@O_UqmCgZjI=S7&$mT%iU}5#KglSx}yBERtCj4&q=;jlJkB*@~0C;{<#*x>4DH5DJ
zW!LYsGnUt-Mo6&z{D6jN2wk`OaL7IYp!d5(2}J-2;Cle)9RLajcM<@c0R8}kK2=4h
z)$BLjNx2id<txDjCxUNGD0(kEpm%X&|5sd;h1#}HHGAnBuuN3{Er)_(_;NO{ot4kR
zQ}t{#9KWtQD86p`4q+CnlSXfP4|Vi%&{Ch;3Vx;`hbgY6m>&$9GYkx;K)bKmR*Jhn
zwKo`!k(dBY@#$o-8FS0oyAQE(R4s(<*(rTZd%0kq#iuC)Yd7?_+SlQmwrn*J)eSM@
zLD^bvDXNRYp-m+wS3U7ccQFL9;J~KhT@DDujP%woNr_HwMY|~vw7{bf5~DLF=pPJ>
zmXKCDknlu9PoR2bt@wqqSkd&R^-)(pyPT>^KYw<U64E8QgZH<*^f66&$Z-5it>xZq
z3J+wK^eoBC2Y$&yG`Vw@^F-%}p5vq%aHOx{#Tjz+V(fww`>>{BX#L9Ye!_MKKDLqB
zf2OAFL&E`m<5bY0Ht8@VT+j3xx`8XYe-%Y8Bn&LkKlYek&14J(eF(np*}vz=>XC*g
zzGr<L>6spP_JjaJK5k$I3H{q%SP(#TRy0y2k{4vciiRv81A7My|C-piysa<4jrNcK
zNBTM}j-~V`f?kY(@f*z@t-~xw`80}n>5G}dtF!X8ObeG=GAbm=b2sW5inUDq6>xRK
zLHlKN=Z5~X#=a>oNX-Q(qVS0XV+{EOr-KrUsm6~x^W0ZIQ}`3XXZGSF;gxv2{0Ae6
zRBB5;OnZ}vnqv5sMVs*EXP?L9EZ7V8oj%EZVqec;@QrKJn3`18O`CRo(^dRUDUB>D
zPE|tgI-e_zEO_0!PdBm+-9*0z`;)kOYG!11%xmKu&4YQKL&FffKM@FuM;U7WMCh#C
zjU;!Zc>@oHA7C#rQ-~%GM&HU|#VvfLxuQAPvw13)u$@4069C4~xApz}Ndi2)n6+zl
z0pdE&=c=RlT#RS=%^*L5=1&CX75=Qt&xalh)ONvqVuWe=H@mwxEY{xh#uu-K^gqe(
zZnjo^H%=2&xp{mYN^RVhaOP#PqPbE~Lx6wr`pp5D=y3$rVd+Ks69M_*abJ_iCdTl~
znFKsGu%Fvc{%m9r03hU}BMFU$fy0hYs))r3ViSfTA^**teB7e)r#rbg&aLvij5A4n
zx_ntpTc*N7&4#YBNUgrS@!!O%>bU;__~3qW9us(G>wC!WdMEkfwn^ynIiFKR;e19Z
z1SqjptSgTxUjK!0Ntq<RCQ~e_dro0C2AT!Yt#|LqDEy^~l8CD>oRzfG)u^&%N0#Gk
zdWDPhL(Ocu!$&ODSHNQ*`QMU0n4J%xM#M<cE}TkoZTBvqM;AWBtmD@)UxbMgml9i+
zf@Pl`rHD&%5A*DMM?el&sX+_Lx>RWEO=j%m{=tRsGF%fuojj@_l2FC-2f(I)hM}+f
zbt;3@*zHcsag-j&!TC@K=iqzbpsj=Uv$6F!%>fS-*$L(PZjRWjtRTC3!Lxo#nTd(<
zK2%bCIhRj>K#p_xb=UNL^RuuGv^N-KF3rC0#Z4<@6JZoYKhoOlA{jp9_33!(gk@_S
zQ*Y}^CZY4cnLYa8!#Mc>8?!<4TV{5N&cu;UJ3Z$bwwV$&&-$#;-~QKM;9F4*?J{=6
zwp80e7(=q83_-R33ohkCswAIBqi>7OA2$LL^S<4P(5F|pl$?CzOwheHm?pY=7M*h0
zDjLG+^p41L0D;9Zf}a&`)_<QW1Ye$3W|jN#|6lEkMs<YbjLa{{VM|@`M0gvr@;sD~
z;uH=wcFZ9_u~N)0NO3Q|+`OTOU%`nn#wo(l)ZOmJ948M4ECo@~cUcc?_4=7rL#P*^
z;Gq&kzaj@3n_>9MtNvz>&a#wE50J9Vu-!CV)~#y54Dk$0nN|JS)sQK3dCV=LBlMzS
zEOcQucP>rJ+~8FpXcSp$cQ6|f13KVq*lmyrh5`i_SX_=>Q{??iy7N#m-$_|KsR5@b
zwu#;RWKbYRdY4vOnDsJ#pP~D1Xo&x%Vxr{)m7^wN4fl{^H$&XW+mZPqT7o2@DPlpc
z?Ua$32lR^_A6oCqzh@+q)(TKpzHMkoZmgZ3f4MxWtz~7!Xk+^CVu>&yAFfu7spiqb
z`Wo7OVtfehtZur-`QEd!sQnG`-^D5eYZ&4qreK|!-09(N4^Bq7*LuH0JTpG%=hxyH
zgkQWTjiA07=U}bidLbwEk~5je+r$oTwvbC}H5YF8%7byvGKL9RT|N(km$g%KP$Xn<
zZUoIQ?R-+6t`@FsHrUT3_}1H29PI}{K=av>C+3t}?N#6LfJ0*JY~EGe<IC3L@t2ob
z-5Qa{g?KYF=0Ur$79!)sI#U8F?i(q8GoueAtCS8$GwdqDQykz!ZCqG_QMk##LgZD%
zV_zDzOK$mP9Gx%RxjhU;J)nE2mw%EnFV?JBahSoFNM?uq`!<Hd3hIo#>DwM4dYhTb
z==~KL?XGPGPx-nNghPd%Bn<-o_%c8A(JV{b`Bg&)@vcNw<E&J0jCl`iWLTKEK`M`Z
zCyt=EN`FFX!r-+9oZu4t#vE3V&*Z%PdUzqpwQcRIEBRBsQ!&XKC-Q4oH)7XU4&UIp
zz3PS}Kkb_M`W|3BzNx^CjXV`QxOtR#c9!J-)bq)y!)$7`fYY98`SM%(d+z#?#DcWj
z!{=?x{co~L1zX9YUAIsAS0bBmZJAbeo8LS9*OS<qf+3`DGG~y5JrG}O*;O!JnRdKw
znoIs#yP>XqJo@iq<)zvLO7S<BL{g9ZQ+50RKopRp1u7^W)uGcI$@2d{%hwKH^X*2b
z`{5_^KXxsdCVMktU5WRS%LO;*?hId5zPBp9@s+q|y-nfNrkC8JDGOrRVyrT5-gR~J
zW;$}oEkL-FRWr5s>C?11bF42b1W$^Xm&PZnaz^hMzhKF9J!mE<?!7fNZR(Dh+$W`{
zoH5JhJ{0)1rCF7!h%@q~Utrku%k8Iminvc2^k$w(({TFo(fYiOm~vsP<NSrMIj@Tq
z&2o4+*;`6$(Nn>L8E#Q`^Zy+3m%rW7ebOXJ@8em`p28^sM};FFF%_PR)D)f*T(xPJ
z{t+&Zh?9%^B3zcVF*YoHWH`l)w;P@T4(E9_J<_jAwrSNpsk7O5zR;|&vWk4qfGYP_
z{uf#o@7FC$lX!cQeU<g3Gr7vA%e<8@MQdIOU%Jj#>H3maO69u^Jua=xJDFlQ{j<CB
zfmmPDm%6`7#f4`1hsyp;5EJ{gQhxO{?N4EH6O~T<^;~z#=vm^1!i~o40@D-|la1!=
zg1f^my!FS%&yVKm%-25jC*tQvj#EdA8L!@o+U*^lne|pTcIoOZTg#@cyF@P`J$cFS
zbqw*~zJm#{@4&#!#=^qJ$O0ZD1P&82F$*dh1_C<^0z!_7N&$r%6^tAj4_^GJZ0z(Q
z2;RU0_8|T<?AWE0q(()g-z<NBPV(>1J@qw-xm=h230QHh*|W1d^k7AyXoho;R7mU6
zuNTaAIK2G$`1fN&=hGJ-?|2#3z3N=3(5{JLiwll=m2KocDt$_BXV)sZ8CNGno_V9V
zRQUG|=Ti@}*D0@EQ72{et!6{@?wf|L>CgT%tSeLH<?;9v5>~QX=<CPi-;Z^R^?>In
zve=wypQaSmx+$tnCs(PgTr?znk;oLiMO!DV2>m8>Rldw&_OVOSySSEUNyL76{q=&n
zh`G_HsAtFS_d^`tdi|TziAZk66rI)yo5Uz#)>YoVlPqz}um=xuMtr;6y?@zF-yYw-
zf3_g*PIdLiUZ=TNUpdX~`r<GpFgoewWy6YxOXJJlDKx2jXM0V!ruH)5G0<)9TrH;s
zUE6~Bw(|y^*1Yv=;)<R5E<2J+wryGcMbS^|((P#}ThF%p2XVPy)#1#Ni=K6y?>|Ez
zziHGLz150=KI>yRvQP8g)xOf`^mAoX#&mu)t*N2`t7W3}Z|YjeXsv6#1940D)Pr$T
zS0#Ul&|ddPK<lVa?v<IPTbAx$`01KnO3j94tM7hYC~uvwbNpe*H>GEVH%sp=2`RX=
zY6kz*&&7J%zbGv+SQR#XV%V+g{7$Kgu^Mk{|1HuAT;n-UV%57c!A~Y1_A909idt^0
zPcj!;8xz0CE?sEp(GztVb>UqHX8MKfvbs@P19r#Hb=<f6^Xp9yRu{f~|7?eTp4N(K
zof*_a*$?(|rtX*)-8qoN^nDhU>tqT($5=c(8qz)eZKizN)Rp2!c{8Hi|GM5f?__12
z^Ey$~_IRk!D#hhyD!E5lzeQN-pA`1rq`Yy}9oI9!xy4IX$N95$es$~&|6TC!N$Ask
zs{=1hU0zkt`&sXJ;6-)UyA!uOepB+eUB=@6*<AfM(WmS5H}Y#&DX}d*@V++Aeqn`Z
zY?Z*Sz)7#JY3&koc^{GZ!fat->G6&1D%$HzcI~**ccLorzIViH9<%)}aVMhM<aX@w
zjOn|byMNRBuUy*}Nk?zqsXuwvx&I7@ls~MHS}K2c+To~>IIhyTV;VmftPRh)w_io(
zTH?<avB&u=3X>&{CmcW6{~-BSn|<TQdNzpHpY13tS!wKha#o(t<)XCNlTGf-T=wLw
zxmxDV0TArl^0-KQVocYQaHXB1C)T-Ajr06Czv<yVx$JfsJHAy*&#&6v^kLye=c`k;
zz0Uulv-IocUhP`#ycnw_lfSZc3qz+*S@klyNMrJ@byM}7KCF{<edrvgy>`pq!oz(s
ziGCV$bwfqxtU994)%CplT~U~5lxo(0hFbT3JWHp%*eLvL?fip}wl8fz@o-~RiRRf$
z6E6Jwsu?$R`HLr>`#*)|-)Y;h|4IAv7r*QH!iBp3<oxRXnP|V;`&apb)mMZ09<R24
z4BUe3?6xUXuSsOz*DbBP?Uh%9642dy7q4Dw-k6whb^DFAnv?XpK20kN)m^8xcxz0s
zN_(D3=$Y~|ji2jRIe%1o?^SEJZOY~iZ)-DF&vcu5)$>BV=~K-YJM0DiWuL0Z+sL=}
YBP1+ruJf5~^G=~Ain#tyvi|=~0AAkRssI20

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/overlay_constructs.jpg b/docs/userguide/storagedriver/images/overlay_constructs.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..fffe07f5601263564cd0ed181991e30bf2c8ff20
GIT binary patch
literal 49536
zcmbrl1wd3y+c&<Hl(c}7vUDs+cS(15DczltinNl#(#_J{jndt@gmi<n^tX6F&;35{
z_y6Af4`<KJTxYJBb4{J!43Be<KLOaXk}{G2I5>C!3+xZ@2nC42a{mkn2ypQ5$nZ}A
z5di@S83_>y2?-Gu75y0&20A*{GgMRzGz=^h6dW8JBn&)sJREc^Sn^2-90CHu6Bq2l
zK}SW0QU8bG@dp401@ImI6afwg0FMKQfCKl~1t0^!0RYG_^8kMbcm$+p$SA0AXo!ys
z0F=L;-2VRiF#rHJv=6~D7en+LRQ#kr)ow0^RQtA;rC8Uk*KDSki*!jS!fOOFP4&Q+
zu^Fd)r=n51kpFG3eEY7Jr5Eccp23%^knz{FFh_XET6k5innRf1P%z4UNZ%N(F>{{A
z0)^)TzTy6zaFuNm`KM|cQ|HW#gO~P;bI+l+!^I2n3*BGcM!H`d1ckX!w?>@_roHX|
zeKa~hEH#JvvK<7SN!P6uCXnoQKGmcgawYLf2BCY?n+&qslkAnLvEMb0%UqGH-sdJ+
znLGH7r$=e((q^2oqd1!zgq3q=9Cuz#6V@&gj(COV6gJuvCoI2%a+Jrk9*@p!TMRSb
z>qR>1p=?;s`VO<tdlPeWjK=+jdcHrXgm7z4kPB;<zgbtxWtZm`94R_#KOr_hE){5S
zp55NpoL9^~q#f}vu06}<ObEB-L|5TvF}#p9Fef%X%$sgP9$ARm`O)YA+-$ZmaeuiL
z6jqx^4A~-rY`f@k`px8COwcekl$4Bg6J6vs&y%eu7Ly+I7d0(OXSua>>u8J=2XgI|
ziT-FH>sv%O@fsg<As?RgcAL#|O9-<y!n>r+o+?zMj7MB~cS%Q)#HL7Gcd5G+Lbp1s
zy>w^x%_fnOUHy%s3&hxGeb``V==X@y=6sq%e<C4=*C2EL1nZGguNzZf*}QJ)r)u|r
zgC5VSlAD=P-f6=T+?Za*zSd8CT;o2m_l(w8VvHcXIXljtR+Ma+dmKNDom2T0Q(>w0
z6l^2U0M1bpz_W$}N4PRQA^_*4amU<q-W1boA(mm1KI(^XuJIG80-~UChCvB;LM7gN
zXgEjXvP`6H1I;x9@5JUB>A|z4qj!Kw(h&g1po_?}WP5E4l;J9f{3rb``fp6bCubKb
zWlI<(HA==c6Az;`1%ly5aX!IRWZefZ9lSq6yb}Q&y)FS5Y>Q)Xkdy?3x9p$WjW3bg
zI`Q!=+w5;m%1F^lYUGT)sHOH>$;9WYUZ=-#(JL#4Ym&BA0&LQI02oelKN0lnH~=<~
z?vE8OUAPB6xvI9LY!rS=%f1%6c|YkFGNVghk$O>m^Ik0ehCG?~baO<;FG^SlSa(B1
zWYHL~LCzaeS31EUtQ;^28b+qCVe&RHf-gRI+}7~m>c8}eHHkEeD`=KEYo9x`*!gOf
zoq{#8ub1~N)HU`I(0~4%*Wa+#%afK%U-SG%p>q7qq~H+pFc=S`{*H&;v}Uo?_Y6V4
zo`am@PK%3+2`=NJqfzLJWUqnuY|I9;@pgxxuIR`x!!0|oCW9mG$E;$|j4pNM2hoTd
zVHt2wDu0fk;PwpJJfjDTgTpI!F5oV?rd?TBFzlrZ*)}BFyU&{5;SKCs&#t_Iy?@a&
zrEZrjZ(8q#JB^RdzDG~3!HCHVs!>MV?&pf0PbwK6k#P;09dSEnt{N8%p3ygIo{|wR
zqGx*qSY#x8P-?K?evlWmKbPkib%8rG>WUi`2)5F_g*n;YQpl>IM1rv5t$v30h?|y+
z>ldS&Dv#}O(*|J$JZvj&<=W<K4OlPY%G`LqE*b0)OQQfrT%nfYLiG&9T3&@UFEj}r
zxWf?)=eaSHK@m81ZhFExyLdL!2Fh^60sNfKatJB*j-6SyH~vrw`&^SejucCOx)?4>
zt5^tk4UtvjI{*M?6#xKhBR+JkA9u13$@`65EYnb*8i;2zf8~@FySdD#59)n+qI|qO
zE<U19tqbt<@?o6he;P&{1(+=k>}Mnt@(WpPAM|2QL8ONiA!{(>cq`JU(Ipm`diOiR
z`}@B#QgTU$d&JU6F~2(3Uq1^um&i51DXGzV-`E=HjV^U+5qqD4$WHNzZsOM^cZEOC
zcb&;`7r#LcxUF|xLeKHiJ{`3Nz~Osy4MqyT4qM|RnDB}6C4DCpqzUt~Pg_g<LmV^D
zrpmtGU^pYgaT1#*QQd<!tCiCOR8#tZ=DW{byiSdB+*SE6E2>5YE>p^;M}R~oU|ZwE
zexbqmP`sV8b?mV$tfSZ71FekS?mu;O%)Vw(@wgk{-D1ilM)T}*x0|bK)uR^5mL=qR
zKOI(^bN4~i_vppx+wbbow-0u?Wa_Partav4Klmf#>agb-RqHcHI+IS{FanVIijzMM
z9b^EP`+gJiZr`uYf8Y`xOV8UU6fXwh&*=|*pVFrFqI|ZxKdD^Hl0%G_7svLjXBw1|
zAg>!@^#~A5@wPsh1AV%_Wvf$6GMs9%R$9*Z-W6}cyEKE?g6pBRQvx8_D>pwxY^#;B
zI7)LLZ07!;kY(zp=1%#Rk66d@>m-BlisxWBoj}qC>udQ_5?<T0gi(M4jlz~AywL<X
z;yZvtlvDuRNYSN35H7h?-LNrT?O^6~LdoRoOCGacHlvt4DK>r9TjolcE|EV|<ukuL
zKQG7LgNB@7l$^l6UE-LVKlFdx{9$u1(bKex@UK%Z00{x{865ndc^4l0U(5eV!`Hp}
z6C><tKgICh#{MGz6(iAS{>lC$MpF~BFzP@M0wCC^11viJroO$?7s2`<WDD47d;~-z
zw~}-H;}OQtcU5gbA=A^Pp75-#;EyzPoDQVWpRfzQ%kd8ZKtLG)BmPDIL-~I)!i=jV
z0bJ#5J(a}z!0d>oCh}DJ1tci+C(J6CIJgX0F5rnsuK+6q0BA=(C7%cY)nu3&001Te
zmi$90{lXvzTYJDv1l%P2q5QGvPq9B)n2i7clhmIy?Dn_BzaA<@!>R>9l6eP!gLPAw
zAX!VJh)@6k6E;x&i`GAd|EV(XPe}mauNcPh=jlIU1ed>@0asr17t=rQ|D|UUu>V=~
z?-<@_?oS$S^Yv4Vxc4XeXN)=}@<avvBgQKTuItTwM$+-Dt`E?e_&4=4<0}y|mnCdC
z_~S8z5&tZBw?B%WL0%`x1LPr37mXT%P~Ts&I0F#Fe<CJ#z$?7_Ljd5~08sHeP+|1s
zjz1I(c?zy*K#KI!rI7oq=MN)HXq-0SEMrFmRuYT%;q$+#Pwqf?<_Hr97s!KG5bz{|
zRs~iF0FWtpN<I+)irFwV002w`Ecu55zQnVFC15%LUa%i5{LxP}^Cu0v{Vn1z!r%OV
zvZxuNFdG4=H30zl&?gGaz7Qii0D$EFIP)p<MEkE^XTVb-z&~u}eDhb9nE3S*_3wZM
z^Q$U0;AtHWhk*PH6%7d<2?+p?@C+Fd2?YR$i--CWi1UK*6{WTgHa-CxJJ)LpPBAr2
zEjJG;+Be)hyrOSaU8z|)MBHgyBvsVkIit~uOT7Qb3L6d=@CZ0Uv#iXa8{%bg_VW4J
zYKAar<4Y6xl4AAsBOqvr&)aEct`*z$H)+}Npy}^~D8e<|c}1?~dco^`+xH<&sXf!K
zt5ch~Cw^q4vD;Qnzn~!?0_HAXAXf4*sbczSP7liGuZjfC<?C$gSv@GO^5|R5`AR0Z
zV{3OJ^Z{vQhra{ubp;GVL)CF=4X%%<_*P!NKPqRfS>id$XB{&^6cA+AY%V8luxUDw
znEa{P+^d$~DHU-7XP-}O08O}ScrxO{CnHV+9+$bAm+e@g`6JWrcW(u1JX>*ov0fLQ
zOfRBvXm?`82EVs%a#~X8bA9<8%S-L4YCLwGddBBslWXqH?aU-{QUsioui9VQ%a^A{
z>$d)^#c<rJMvHwv^qe##)jpz?k?hQ_c}hRJWlhVX(|O;qlE*pwP|iD7%avhg=HR-E
z&pl&uAuMKs$$@L3dK&_H_0Hw!SBh6uEV%jW-Q<#TmdC0lTJNm*fx}{C8`MD@tZ#Xk
zmhm#o+vc99T0Sy4*hsv{&%?nO6Tn~o0yG0rUS`zCm*`0j+73*VAW<Jzk@iAdt({TN
zZ>s6%Y!<4-I5DGTWH57GByJ|#y}mEU^A>dQkR>JsGaS_t7Uk7JAUPl2xxbX$9RmRs
zN91%l%^FlwxZ&PxNoE%}N=>>X@7jwRe!3udPWwH?Buq0<4|qHsId$z)yV%U*WId8?
zWw1%;jFxx`SMP4Sj<L##Un8T0Gy%V6>YJ_|o7^q$d|Pb&H6lcDb-wgV!slm@eaaRU
z$YO&Vs5ND-*=xxmnQHsPy>QL6l7%0QiaJO}hq-C8NWP&U&Bz?WuB_^_YCtKVmU%DO
zTpdBcf>sa&QT1SMh+;!q9%)gjn<|uYN-zl12$_+-<z!9b!%9<+N$1z&aTC}Itj@q^
zt|hawjZZ7qa9G>ba(6avEz7k$a!zR^YP~a{=4Y)Oe=((FF*v0Pw;>L;D5EUPwxWE~
z6sEQkiqTtb@zQn|Qo1bb`8o!S&FEmh{Kim1twzQH>AT>acj^3QnEHOPf(lDha4!1C
ze53i|FLg~00*!s6FRZv%A_t(}JgoM=tn)3uk?t1|JF^xa9Cq!Y1z9oX)$6)h9k0vg
zRI9xzq-%32ib<!iTd%zCZm$O8m+i-M7OA_Js#TmV@g0qPQLCN8Cmqpp&(W$|te3MN
zmN#Dx+&0Lyh#L0cOLwt5fOg;Zm1u^s{%pu^uUTH7?~dSdQ+s<%*Bq_gn~2n0ZSt}l
zwV*az#*;ae5LfV4ppr`S%o)6-r*7-Rt++m44s(cP_92ykaz5}UgPu3Hll$4sb+&>>
z`Q)vF`lY9_8PUG#^k7-VAAeYwm$5+$1s+x@1yr-{IiLLDfJXN<Tg8L90*ms=AIksc
zk69T-n6<Kj+Zv`8q0oQzhs~2eoHi#)4>r2J?Ucv$&A6R4nh$@+T)bQF-LHlkmXLVf
zyL;PITaOj1rm*Imr)r@MqT8DlRp~0U;<0ZcABh<*OE??u%0Cp;O&-_15o@NSt}WW_
zOz*A>BwT|7Y+E;bihEgBx&wc{Khsz*><BcNdw;6j2hviiSqu^Tg8l0Ve8;>y`3pAK
zhzkl)+ccl<o{YnW8H1<ciiM!LqI1d6#HPt{dr)TWP6(L6uQ3}M>O5`?8(7}J28yZO
zXv>pNuPK$|YM1;Pv3CWGLK-1PoJ)K@Az~3R*a2Y+_KyIy_aOR+%2#NgxKi2$yXv5N
z#&@EyF>u^<y{V;c>LMy;QWiZ?f4GZ<j>oQ4qj<+!Z_8TSHk?lH$V`$r#wTX`A|pQa
zE+w>`d!kC*Mbt?(xbogsaU)1MyNG^3MN5<nS0X2W9FtE|HN45@ESBkB2+euA_Pnc2
z|G}YJ5Hw9FI7PVw%&5u7mg_6)O5DXSD2mbGW0z4(_5~t&66*I!Ijs~(l!k==(C41(
zwySxuK|kpPIrS1p5@gx>F5fh8ewjB9PsxuER&!jV+@xE-C%ZN6z)+-@Y|<_6LnguX
zW{idu8zAm^6de$rjmQXwTja(AVV~&5U`1c*CB!O4iA%6h9CnC%DBy}TK#233_;(da
zX4uy+hWY|Li!uWHAOpdlGUn7yAiwMr;Xg!selYGb{`J5;u|+NX2=I)us6VpVDv73{
zYb<xhID!&#mnjlOoQ5|PC74wg5v_=Vt;X?ahg(Ls+*=qiDvx$o=2bumE53lG*QM@a
zF?g3-g!w~S77fc1%mLG5T#2B|y)QN<ek<}5Xujk8{O%Z^h-RB?CKbslCU|xtVmTd9
zAk5Kwmc>RVwME-H^2B+H#b)1z&2++=hOJbTxvvDL&d}`zJKXis@b^ZM>&IFqLA4T`
zdOh5c8{#`S(JwXklR5GlCjvzSI-@N2N{0v(kgArOTHVH^UcQIg_Kl^a*y(z^j7-X?
z$o1&=Ja<XmAb=*nGn+6V<+_y_8&mF9{w#y6$DCjpE}T=dun#^fs$qO%fn7$pmoH&2
zIREuWtN9g@4K<28OLEDJQXPXRIam7}wOV6!CtD=M4r_x*+Q`yNH~SW~;-%SO?U2{J
z_M?P8#Ac<g21OnP#bw^&l{L}5=hnC8s<Uq{vB{IOhfI2Zzddtu?26%Rn)WV+obe?m
zAz(Ru(s0wyz-6MaZs0HG`Ks}wiRNpWQ+?Lnr5Qtve<DWt77rAUwTj#&_xuY*gjwwj
z3jQ0djbOsJNpwL9!xK<ZRARqy*D^3e0+n7QQktM}4u!ax(<CycqxG$WrA*}pzOm|(
zGU{^4tc)gh7%j0`*&y>9x}%vQhA6(=w{#y@=a^$J#IU8*HIw<nvum9_4oJH!_&*)&
zJDMD(d64=VUQEZwl9=Jim%3_K@f(KkOfBS?#np=^?!&*0*RpBhd<iXe(|S?&w$h`H
zaIGYAr=`_MSpw2H>!em}V7L{w?(xlcCvRdHQWPmLNB3YJabiKbs)Zz0Mi&aIt0$U*
zjx*{|8cT8vmL-E*lF)UJ6sKcf;5X3X_7wD_hv1q`91?nk3>&d_Bvuly2d3+{NWKV^
zUUt)<P^*pA3$N6)j@2s(3yZO8lG&M$+_cLH&*DkOs#z>iA$}G)ZBbHi)>P#7%LKc~
zVW5eyx0#hkz2v%MZ<Ed*lw#{@mt^);#;rna>QFm~N)JKQkzz?LY<<u-^{7k8o!N(_
zi*`L>@0XjXyKb+<lJCBCafS+$4NX-KU-T>2+5@|KEb20b9#1r^X8q$z5*3G9Lq@B+
ziK49g5baiazOtw=Ow3w+(&;uO{sse}=kf*d4S7?wRs0v9F1vO%$%c%tzt$5CRa`l3
z>-gOB84QZ6SkT|gM=l=QOD?=P6)A{HX%do0yj@y=yYnuYlB<Y|qIOrat0&F1E@#e2
z(uh(?=^pC$k(rtrMdv#gbIC+(@}=q~2c`qoC&go!>4SG&Jtk6lODuZ#lVVU#G+2;h
z6br04LUN<w`F#@s;h&P=+u)Yi<j>c^IhwhJL}HOrvX(NV6h*~$3#)f?-8$1V{U+jU
z_n>~LU(J+}?UX()6%V{<gRAF>)<*|ri{6kLAmgB4-=?3$j20-KsQ4|I6T@0bw4yvN
zDw~*v)B*V|^bs%uta=b;0UHLc`m?ZzyBorSPWq@-l}Xz>9oxEG<r=j~tvm(k#oN~R
zj{sA0CWoK#Y$@Fv4~|~Jl{e|p+3vgWs7J(8EajY#N5F2cp^d^LU@{WIp(1;Xkt}^!
z)y#_(=H4N#6zm7&N~+wSs2WuR_9sY}?QFQMT|Rf$7iXuj>U5;jJ#sqm(s6Feog45u
z3(0*>(!5zeR<!fO)$w4GU*BPYHXST&$TlQpRvPO02v8BU!&)Np>@)&vE{|i*hVRcv
zaH>Z@wTP|v7AoUv>_uWuhgd)E^1sO_^>}XN=snrsl)-jdxKHRV*Qs4L5CugaJdx<1
zb(($z)T+8!tf!z&teP&2GL=ns+XA$Zk*yM}SbsqosfxRV6?7QiENSZTiw+}>nNnv9
z%BIjQ9o~L!-L@&!(jGpfJY;h;d7v<pK-c9evX-4FJ3*?<{CNoM4}~jDRcYy%wC805
za=FgwG9_;~N3c~M`HPXVwH=MOtMdcBO9F=7bzF*!8zo62S=<f@%F`{b&<M8M3i-v)
zmgvF_2lrC+uum5F`>59<;?(ff2AbMtg(hy$H!e&IgAU2rN_Cf`qpsJx+Q}n4PVZ{}
zZIY-o=ke^F^~o;u(DBHZ_)f3h0HQusce_EqE+^+*Jvd*k<vqkEw;?bz(-dMgAiS}X
z%*%5!7>`%D1NAe{--SEP*Ox%5a_4e0YgZrqWL|ND`VtrRh{;BbO^G3WHwVMEJnJQ`
zhpG`Q&eQjua;9zzVZ`}^v{3zstp`T^9ZPGOszBo{{QZU``+?NcFB#{DoBi=}ucmeP
z>@%1}q^i1BpepE9Wb$=E%S2Y)D+)~N*lNSs7e1GqJo7j~curNS#Z{@cDj9ZPx8(gK
zj<{}#x;2paGhPqZ&ozs`vk`k{)O*DxIB-;bi0CKBF|AN>?JdH>toMwey{wctO+oOQ
z?}k+}TefnM<Ye%^)(UQU->C{DCeJg`?I`*33QdZ+D?tB}>jyz`fKOUBrj8Cc&`bYU
zP_gB>|3ab$n2ModK6JKsFvC=idibmDIr*`T*}%2Pde8F*0ojAQgGWF((e8pEU3+|s
z`o!Xb7o1oIkI#kMKn!tqK~hvz#fqNbSLUL@VnW8`h-Le8_Y{(%R>4U2>v#Nv3GH-e
z!L#m-Q-#J^P0$~+N-p7s_&UiGDLDCZJESD8)mCnPIuv0H^1d~Z3|5@MBQ26R=W?=Z
z4wLIc=|2o+=K`7LO%^1ltiK7Yw;Vuwj^?H0muO9T(<(}2#ZSL3+Hs}GuTb^PBPS(_
zeLLJ9?ujF%XT#^o`e<|Qa&x*_VM3X{HPNI#x$^AlEug(WAj7*^L^#SVIm}~@#0x0y
z<DVK{O*&ZJgI<_=&o^!4fF_6!Rsm0m!ceDIXG)Pt-;=&F{VbKNV(pip47R~l9(bP7
z5k^}>k-nLBq>53R^@WySTfNgJ%BpWL27OCXW7a6jUh=C%_k|Im(slp)gYN<CoQFwe
z#6w9;4Tnstl>*M_JWl0A>?W^4s)0AZM%#oBaSnjZMRtd5KYmLIK^j4A>&2l^R@o6Q
zjh=Os!2`0%^dWTdsATS5Gn-&u$0<sKC~Y11b+gNbwJ)WzhX&I9IZ>s2oOnBQk`+gS
zcx=?@;l-YJ;b{4}{v~}G5PnCZZsd&?<DU1M=v8td`C9nKbJ|ef<qf2zIo_H~9-9bC
z&L*`+Iqx@g4>1PYlTu@fR<^PsYi}FS6-Jw9$S*}tdopIq)X#hUBwioz1)!&@t_b<G
z)H42tJdZLH!(|qbWadMQCt*{#_QubW2OV<RnTzK+MisuZIsDY?ZcF#@m4uypQ`^yh
zYJ+t>hUeminJd#}z&6e0#Ysx|H@tGusQF2oI;g?d>wQL3RJgB>cIq|X>oG5F*w;}p
z@jnQ$(eItsN%W@)=t67Uox8Y(3@eO3IYbPUFudZRrm|NxvM@EF9ZVvoS;`}%W*2&A
zbujlWv7*;J&W|Q>J*;&+Zq!4pJGHy`E0p6Gw*{3%)D;O^nYBQ<n}%Z`O_h*MTzR!3
zk$VM+ov^e$1FeF5Q_I@Q2mW8cbhUsCNA;_3Slkkv*S+GqhQG6lr}XyE7DGL2y}4HF
z+Jx8IcqUpM7}>L}K)iyj2DI+Z9eC7(Z;mEN?WX+|=%6ngttmR(2hlWIN2(E*_xy(B
zIO2`<j#-UNZA}PTD*b-*zP@edq_El5&z=dpbP?y|>1A8{F`ClPnxQIN<vXzzOrc}j
z7_c=I?9;Yd$D?1D3p#fH7BqGKJxpxvCrfR>zl?vGya~rF`WDHIrAb7NmhD=W6X1dU
zgGGlX);Q2f!Djfk!_$^16`=Z3RW)X&E;@lze_U>cqiDt(kcFti+c%er9N12?vPr4-
zE=5(>K@mQB-&;Ngu)Q_uBTRpv<0mUtDA~AadaXYxm{-XqQ4ueZWYXMZ7thUS4b7cC
zvzO*@y4|^ANz;|%6LP)Q?Aia&7$yeJki%ct`)uvhJLH6AUhGGsg{2NjD6;m&;V;J=
zu&Y!fG;mTl+9x)FIL$;dSCh$pl**f5`j$WfPCYf}8$B!}b+BFv>?6hwK+X7e`3T_d
z=NMFw7UFG{aj<s#TK~36ni&`LP+LeYv_$Zo^oR?}Hhq3;lJaoHC=$JxxT!$lxB`_n
z*caPK2M*{=U?ycTK>H_D1a#vSG|Es{&2q^ah)&M~+BKh7s%!7;E^Bjr?+$f92bJFC
zlvNC?3_p~04Et$_dZ{}pls1Z`T!_A*^kU2tE5<u{$=Y_zEnPM*SvttqPx$RviB@Z1
zC}F|D3se8=LCt<dSej}O=g%Y6Ge{iELWQa{#W`D@kj_|927`8^og5QYOTqkF`G}(Q
zayq~2FwUh}bq=~a_I&Y1-Vv9lS-g|!p+bn~!qpeqPmEvLi<<T$Du;&_rb?`&Dy85u
zxaVYljeR_*<Ir_@<GM)i4(+dxb4ajEScvxVcZ@Nt*-!b9TuQ`=u+gE^x|B)Y+cYdr
za_PL0A(zmjYM>OS_sTx=MDPk@(1B+5Ia80^kQQwxw`B+Z7qZAlfV5(S!6aGM?NHf4
z%JCPGg1B<|(sgL7Eh!A=(EfRp<00l$YDPK{8E<2d4Q6WQO_|^#{gD_SSqdd(lI`^v
z=NU6LE;qL;jZlc2p<m#(RW&(}d6!pNjMB}6AMvI({$bIgms5ivpEDXt*hRrSY|GeN
zhzh0`j~-X+`+6RqS+OiW7?4z;7li`^Qg<o!Kn73}A`1Jy3mF+X;wXj5RK9YC`fnCv
zTWcF@^^aFi2-isy@{|5J7EzaOIPtDt-mM}1##u@>DKpcWJsIu5Q9Je9Kn{7_n2SSo
zU8cBA7=bL#+)2r_;yZ6jyYl6!>g>s+%h5&1eY8(yJKnd``Ukyh@)jj!a%JN|lp^Y?
zW(}4>gHkVpsEf07-c?MApXl9Z1k1<!ng&IVN9uJWNg=WaU*AwnjD_e%kB$|2=#O5@
zQrweI;B99j;3`EE44`7xNjDk15ovV2ghP_b(E7e9-?(q@YiLS+ncDY}6WR1W<{<Oe
z%&s>ZoRn{`>lF?jnYgKF-D)F_<%dsJNvO8oFJmlK)gS;Ag5D})cp8%LhV<8}6d*$8
ztXE;akS%dQ!Fg*EOvJ3z{4YfATOoKFfqJd)b-RRuSVEbvPUq^>jDZTAp1JU02aq2K
zJtA1!fjAMtD`CItNtGS}%arqnx5?L~S+}2ErxP*ZOY`$$NVO(i($u9)hZw!<M`)4v
zbt~hxa)s<bI_$Wui!e<6qEx!~>^%;oW^72No9w-JyKbcQbwlU&%ZbhubtQg5`9>gz
zbt2{9XrZ_2+C0StnfBt$l_0#+*YGU1qB;><UP;c+DJQpwqhi_@wG;Rlq%NT5bk~ud
z3$X`zbLM`u((qj+PTf<<&2#VOv%2pRof#v^A#^miF3ydwHhV2g-Hx>y)mY>g4*`S>
z=o$mh(-!o!4y-eGg9_5{a#eU3{Z#n2O3R97;@eg+x$W5loxOD1ax4@o8;Z@)?8<#J
z+hzE~zZ>7<ojnNZB-FWQS3q9`lxXVaGhg@*;sq6-@--4-d2;Rh#XGTHms{BF3yr%O
zO_;u!+pFrS2%f8{sF}jqYYPU=<WW_xk?^x;(<=l~ng)%pI_EDh2hF8iiEr5SI86$a
zhe|vTHa@@swb>hVYOvAbUqf|At$1^WL|R6GP39OTrQ#M`fvQRITY249#`{U?kry$a
zlMWdYXj7sTygrb{IMcqG{X&Hv)HYA4ABGkYTVE{L*lE$M&3t|@r{Kn_G7Y?pw9xc6
z<~K18x^A^LpSODiaK)2|iE=_0YNZtw85K-MKV(x`gD{330Sd!*y4Q4UU$Z%(__}x!
zb^eWdOdkP!Oy9IV7OZUJQ`p#x>e<b9^dU>c*6qn1o;huQ#)_H13+8U>XG03o6qFn1
znsg6-Yd_@bv=r8g*km_#j3zjl&#<FA8Rx#xd~J%*-Kr;U6*c_n-oe5^t@XPKQNR42
zJ8StP03G73Jfy)|p43~vuZlY>D!e(inF0ch@NMRYbeh)|w$iN2e>Qu*sLie@CCf>e
zJ6$itu*<MpXs=SOTlo7+rIIC<Ow9~?g^GSM#^PnZ+Z>@!e@Si9drfMW{Nz$EVrQB5
zI$?e$4%v@{BPpHk*CR{s8mR?&nJ&ug_O4Yy)ebetyDWNMqH*U+qu1v&Q2Bi?+wt)Z
z`(}mK5e@QzqGt9i+Rqk#{ro9uXSD_r{E5jIq5OJ{$I5%{W&LqUmerUQ;qywg%0sm!
z@A5*9FN<`D3rLDqy(Lwl_Op4k+d0m4ed@P9%c)WCM$mfWk0A6h$uEY0pf-oRjQ3LC
zPNIY&n2&VDjTj4Mbo3mr-{2j4SR$VsRjXiMkR&k)c=_|<i|CQ{HsxB|8d){Q(4b+-
z&8H7wk-GY3$YZY@{6>jBT~b}G+XV}Hiz+|Awlz@r5{joR`UX+SWDTKfa^o2g{Edeo
z;_&&9$NErc*c)YTrTK&>e!2Yb98V(x12QP#mtB*@sMz3ykJ8lXDdVRV8g>4k1=%Y7
z1Ma5laZK7mYd?!yWI%Uv+2Npu_Nav46xCYxK`Q1Gxl^^H^yHbT!;3g9JwaZPDH$Fm
z!Uutyk?7YG1AbXvh(@=G`{bYDY3)C~<EO2CdnZ-ne$6hmzotIXY20uegTO3teJX2j
ztSK_UtCt!z4}qO_aVHVU|03Dx^eW}FM8Ig*iB3P}MSENTik~H-e_TBGR=srL)x-wL
zp2A!5vce=lh=K4kDE$m64a#{ewt^7p8yx%(q@1BQ-XZdRH9mZMIM`?Sp)~;^eDCCu
z!5jfnbEG`K)s|Sep>nS6-;z^>`AiM53myT?1L06B3aL+kMA{2AIJ`4w(YMSAyRJ&I
zj{8jJVwD&2p|Lpl%GelnLPf?v1Vw4;F1#h7(8ye}42Zn+2^P>#ovca>$MzM`K}3d}
z>=Dgve|FkiuHp<wWbXFG!m^*34*rd51|1~Jj{s*#a{zDa!={1<z{UH1AbH?`uU&G?
z`|FZMVl2iIB4c69b<Xs|*41r1=OWzj@fCwj147Emk^1a^L)H=CKjbU%>uf%oIgWM>
zH75zQzyA7A8!zGg?+p1*nE%rX{DUu+$Ib7(Ue-<Wm#%1gf8IV0cV*1~tls}yb-gY8
z?SgyTHCAW1qIGwJ6zcOYnE$7GX4p)K9bOWb7n25^c{b1TEJ|)S8)Vz{S`f$_)!jNS
zNEU<Y*ASHXok-*H>n7etA&LWpvflyy?4=6_^P0rNb`?p@Li^l>3S)4M1=SIe?Y`~N
z0AF)#DrR6Sx!wTz^l~-|*mv(WP$GVyKLWsJNOrI3y#exKXYVNQQg=rW>gBT95?*hs
znu`q<6vj}l#u>-pocc2>V{PO%xJQ{SxC|t&r&b=4h)SQ9zuPBzx6j3HGDRB&+P_e6
zi;11hw^d!tU*SH-N!D-DyJc7faSI)5`_Cf}5;?z8W8m>}2S&H>^`7E|K_SR>>#c7e
zm?sID`RYt~PV*_NFRx#4zi2y3Ywes5p{+LHy<)048LXi`W?r|(k)G9Oabel?w7K_}
zQ3?*|`p9Bcw;TQJtLiRYR(bn;OiY0!T5;FaykeFW8<`bKIyB@p4p~9$Thlsdh>|f-
zMU1S{Ey4^r$tLE)6OM4<1V_5-Mo6$;y1_Ex(m;anZe~j|D>1fh()Sy#AgZ@`7y8*J
zATXb*qp3~3pLHTU@e{-*p|@)gOu2tTrbn*jgd_jCiE_|x@|R8NfmiZM%9aEL&W&-`
z_bnrTO+4}+qbmnZr}z63_sl@w^}$EL+LF?FQr<NlX?w)X%B~Z_X@brp;3cDQR;YBG
z^G3p&-hp1fhB$wiT~lEw*~*tLL{UYVkGReDq^#pb#tbn``oCW}pM-Y-^$rXSy2MfB
zvVnT`8G!~4CPTB(gT@#-bHwtR6*J`YkV6qXmJwSZeFn$mWt(~*f@GoVG`o?X0XrKd
z5dQ^^;H9z##e{&Yd>GF)H%^IGWS)*pAgUA#y|tQCP#eF)82-qKi>=~)03PRpUmyRa
zvXEX?O5U-Nkyp)ojd}hDpozu>fyUZckPS^jCI9o^<u57OuUXm_t!#S#{^V|>S7YRf
z0uMX_=CG8>*&>((4fP6JRqtvSn74-9Nfqh)cs}Cj8^jZMZ0!psdRE3>ld=gOAJT)X
zk8V0DR2S+SCYEXZ2ONJt0=}i13rH3JWZ!&vCef{eDWE=YNaFfdVn`g_@dPCbxZM}w
z+Y1I#>|^0FLwbZ19JRs#5TAx4pn!B}3z_=0L)P|BcHkob0eHEFaGAnDSr@9*13-EJ
z@}0z-val$nhrncSkDlNVA~iT6j+(4D?1aP+Vz0P90?1nY@Yq;ND`T+q#f2tK$Z2wM
zSma;E{9Flb(<JZw@4MF>=)6(ZA9;IiS`@uvca57G;d_NKns6JX6&iCk*N)@-vz`o)
zbl~GbCg6qRM0zFP(sY@w!oGP?$40RqinU<t<30|bDh)v2JAxOY6h2vE10ieuuo%62
z9ufY7#FK2mX*~y*IWyFu!80TjOfN*eWvF^~5hV^Z=?WR(leHWs3~W;9+`;TuA?8bQ
zCOtWVfkVG$<YORT<a!$IjqI;K=Wd!z7%mcA?`WRmC8bIz-PnBmx9QUJMr|NHKhBBp
zC=+KDpSv@^w_mkAq=x(@Tdc%zDkx_CXre1=hBWnp1N01Ro)gIiX2&&)KK9Mk(&2x-
z@D=IRi<&dxO`d@E{^}q_U1^?J0ku>5KF&#{tPUK~&YUg@75KAH%={rW%=(_?YZ#Y8
zWpPSBqS45hUju1SaitDAUHgIKzxE0&dJmuX#bGi~9^8eyV8Dxx0~FwHap3R~QM8yT
zC)do%1T;59*Z1uuawl&Ah(3OBI6uK6A-Tl)6DzX6_L%;l_5ddhVT%p5B0dF*T_9>!
z{d@pQpP;b3_7_9)cE;#^Dz?4vk&1nd;Wf%@jsj`@Qy}X)k4M-{_(?YT7&hx6#&fRR
z4<Dg2*tFlKEaIxq`d@K3P!*Px4auFyAvY{=YJ0t2z&313a!9*<1T?mOr&joHu$RG(
zr8qdss2My07MFj<LYn_mR`P1xyMg8nQr(wcuNVD%{7XNmF#nGP{5#YCBi*LK#w!_h
zJATPISX9Io!?75oJ6QiM#{WfqE00+nhQb>UKlt!R+Zzc=YjD>h|8I1CN#cR_U+(W+
zzc(>B#6RrCsbii=jC;>bCVK|8>oT=2t)C0=1#i6H0L5>%?b7yU1HjRD@RZ+y;!mw)
zd_~rAt1^SU%v>CyTm3#GMlo|2wzm^&^{15-phh$PB%ORMNWPGivFib(Qd=L#k?YH^
zo>dTvf|K^ZjKaZ(ZAlMCt{<X=@*<|acm#|({QlI^rue(z5%5~^m5ms9sj1!_F>~RY
zjc$#~k+A*(I8lhUnKdsy?fF6kJfj|2+`>C$O^aKcl~|1%d*9`XM?e);0{1UjFNL*J
ze;$Ee?c2_Ac9*=~{B87;S({7|%U)&95qW<hJ9b$Iyxa(DM~X^}StZsbAB%`88=-!p
zABGXhQ%@77!@W1}^APFt-<fcoPM5|&^O)CJ$yp7q(xLIp4C*-a8>}h{w4Ftv$mF#E
z9C(o!rLOedSg|~HO!Sx%VHGjpX1DXn^$Yy^34P(X0H?b-lr!<dYn<TSb6zVG9EMm<
zuI>J}AS}!Z6sPSO92})=8Ok+`$=!fm4FpJKa_6PFsicplTJMIkCWx{#o(Gw{ED_~Y
zB$}Ma8zOyJh|-=eAb0Y+|5jxXc2emo^wQgJtIdzV?-5`&3qICm={$TrGM|CF@p7sB
zB@`qJwZAlJ&>$@HV0r{->3z5u+05A6cQ9;RtiCs}+n?o6@GmZHwS)2|cpv|U4wtq+
z0(9>ougI~PFB-W^H4zM^{kW-zd|etXZknL8|8FUKqfqMji>nAh_~ET>i4PSbS9eSk
zcVUq$-TMx!+m8TC#$&8p8b;21vN3&n<{7&q>(c$UB>(r91|N<gMsvPk!{%M^CAryb
z*^SwK$h=#<-9dlbgTg8?^D?Z9Z}l9?eakY5W;m?0gXE^!yBTPR{ip24hh>TOvry7J
zZN(vajhP^N@_*R|kbCEB8urSrK32Mzb<xwd0mW(VQd>lVIgAR7i!n*nDNC23pvoC?
zFx2<ucUgW^UuKc6R0yAIXVk1bqStHn^>roJFpQeQka!nrsf-#ROHn({sjaVFO_bax
zcq-zM7hSH_RMG{K1@@$WLG!1=z%;c9gu5;AJLDgnMOghxGHLTRP6J<JgW0G*O+;#!
zL*o>?zITQdK9B0UbIh<>$g)+~7|3(>85Jr3XQobU75D}@68!U9?5l98e9`LWhAL)f
z0idxPbhbS>sM;P;2S06FDWR+=qQ2!@#L^~t+|i~>cAwDripn&wOrd4@R+jjb(t6N=
zh;QcG@U<oh`59hxm-zEgkzs`^OrW^9910F@xNT<e&EWHCDN-XRL_88P53NWg;bAx3
zA#EEV$&u&v(P=-AHAJw)PV>5TmGL<gvnf%EzHW=3)6|?yu{xoi`n9ZiSII$6%7M*7
z;!bj8E$e6v9{#Bs5mBT10{D<?XP_yFZ!ob>ZT97YVC*}aGvk}()+S5XW)ts96%ms4
zin0wKZ8H*atzP~3M(Kq5D2^D%<v^jke)XJH@t#LkJ@KA(@H!%HNt`)4b@sBWKkui;
z;%~KyS&<<Eb5NOO;S2n#fi%iU&(Fz9gZir5DF?33d0zHutqpAI?s+jkcO>7|+fO@a
zfMom{R%i=AC2OWNq%PimUne%@2_1CP@LUCYS|{ts)u@vf4^-5xek@VA3BFm={@oC9
z_zv`M0NQVz+k3E~QLAM;R^9E*X5b^>B*-70sfW`2yF>rQ_SqVU(bs-vP#ROHu1vG=
z^up9dKR7I5EYBGjuf`x@kT3tc&~(u+kVf#uF{>gy7lcuPIxj0ap_V4O7ziHF^k07j
zkhWypU0xF#dFdIosND(t-Ip$x9s!1qqYpIx0RsVrEMwKdj-Kt8wRO=gzT~wzZULp<
z9JI4gS$WBy(<Yj#sz?f&v($x!3`K=gXB3#RjFO4%uLp3R7jrHY@9ZWW%BmHq`)OLN
za5)^i`sx3@%`Y};!7Ov$(lQ`dI5ob&{<^M;`Rzww!>Dy&eY<TXb<wJGKONCXe?o3V
zO|P9o@Q-qSxrLKA7BsKdFMb?bq&S;*o3trYg-^RWE50-C5;k?<qq+;JSb!2n@bZ*Q
zPbC?AxfpZsYO=cN@;snBRLvPKPi{!O2w|Q_oa*N%)d$%XqoJo{x7V;EgJLuU)^!qw
zYu1pC!?`RMmCgOywl95$PiK893yF3%`NlTu+S>`p^Jz51G<aEzmo*_eu8ew#3Q0+J
zvAFUdmST;I%^C|zESs;P$_9#(aD)3t@boA2e3Z<34tKT2Sh3fUX&GKk3I3*c+plU4
z*@`tzoNe^!-ZW`urLp3@qLDMf;HRz~>C9=Jtf#G3f0sIZnO}dZd;iZ5G~yFpB}V_v
z_L$qQ3%HACOcmkTdW^MCt9H$v=<sUHQ(Vg23jI8~5!vgJp02JYpU{+MQSxifm=lb!
z@ICvkjvv`yxBLg3uy!7zGXw#2h)9#5ZyS6&8S<hW=wPLH*n|7E+xX2g?^=#NRI(6~
zyekW1G`0|2;etTi^|&jV{PKfH!C!DqMkqXDtxnxSY!lxLEi{I_Sha~Kpb=PyQU}i~
z{_M8g4O_q==YBtj`Dyuk%UbtvsY_0vIl-dv{QE$ai-?z?;9Z*rt5+@<Gt5@f9$&1}
zKgcIfRA{&da4!+4#5*aZUquSv%VB}dg^)~RjNA;k;%6yzz<P=nh*9xM`?bk<ZXH|+
zXB3?z?^9*8zAZ)J3~xqxxSOmqAhZ@*HM)0jGGE!^mN;;vpqHwD{=7_8;BB}eWpnN=
zLNRD4xNvZ)fHadNSt?}Sql)g&zQThtR9A+5X|o7AX3X<>1i)8gQF+U*+YZO-e_eQm
zKP3G2MJTJmm!F3=2?nP=nt8t#w6~V3IY~~j9{~b9Uwnlhc=f{mtKPcst2F1}&SQ?A
zG@RCnUW1u~9WSO?!yrY-!5<>bA9Qg3tqE*~3@^SNodw|xZ^J5!x~x&te|P8a*InVC
z_p;a9?uYY-dBsm3&7xIf%nCKgfrVtd1S^y_$BZ^t;r=1XMlr0=->r6cLeTd8kynp^
zuF+p~RE?P6>gifzh~I2b=4MW18kq=wW;rSBREaRzBY@SHyUOdRDs1DbdSQFttPZtB
z-)W$!b8CjN6KxftIfb24mN!G~<#0QSx(>bF9twOoytT6u`16D0|EC8_3QCd5MUfee
zNJtZeCd|L3=5^X`B&cd^jbXYoJ520MQ6v#OW)shQJ<~c*XuWGVjC|R=g?~60!K|gM
zzP=RP7akLVzy4X(=so&dw_a%J?!s7Dsv9>!=OFH>${?b?MKKfGX|+_XPHxRju7{9u
z-iyk>`)uw4T{f`8#J4z?3TP_IW(4ytlEpIdCVo9hIpKk`ofKI6&eC|%J#~N}(*M55
z@Bp=Vfu$xBq&On|_L`)>H4h71qukm!u-&&e*bO=Ut|}KI-j)xCj{w%1zgA`bK;{>>
z=9dqS(I=R!{W<Zjet#(nEJ)p0D%U$=uX9V{PF7*ow`_L!(xhi9jyOEuT8?yU!aWb9
z*;$FJH;<O;GpaTqwL{D9`C7k;5P|fcJ(z^>l^p#wI9dYs2@zTOTLkF7LxWJ|t<KWr
z(oT|(`cdC0u`>J2^wk=TCvjb;dABDmrvb0+&ta13x|$O3p69XWbk$%|J40vw1Naq~
zN<w&JEfIO^v(z=O8sYp=jM{OY`fjmuy_(&(t-`ZM!1ZgRjD5_HioSTbWWH~3CW67D
zev%pDaqJ*`(eMple_&?e?-&imQf`FH)Hr!pL1AvCD5a2;!(LfX=SWnEa4I`&!SUNR
z-^fnw7iNf5@G@eD+crGMfTKR2AP}UViSlDR#$7(AX^f$y-O^@?9poncD%Xl8%!xVs
zeb)yI`EbM04}Q@nsL1)dakv6vLmBbNg^z&SE^onh7b9VGVgIWA!K+fj)ytnn$u3Of
z!wPk<vrcIHBlM2|MZU9e|H;UfwT$!ivR3YyeJqfhm9R9?p33R=6sG^()p9`nhF(4l
zfY@$NReMNv+lDRa^GUtBg?D=uio$&tOH1qY{ps?5d;JsA={#(vINyE_19~jV-anMq
z4hc`!HHO^O&FX!h-1inP?J81d&Syxw+P=8hW^ip;8Ic=)1V}PE&NYBGHdjF|SQmDG
z^Cbn7%g?ug+8J|Bf6^`=jbW`XnP=MzOIInCZv159)UoNKP`i*a<1(@X(mUoOb_it~
zQ(6QY2j3M_C~=v`vpIJ{y1s^e_i68}42;w_8PVFxW*7un6Aem)UnZgy1O(VsUf|)3
zp;3J@2Bz<xi@TP~g>UKeoG6F3P^df*)6Y!6gNYpBu!cjUPM!0GtCoObzM#%R<v);M
z5>UW&t~m5s7+io{HbtNjF4D<;W`0HoCBDLI(<?e4EEpw(aLbn`RU4Y#BRjf(YB7$=
z`BG4i{vMft!<dZCWU_I98(EGzOme1SaeI`Tj+Ud*wf<7$hwk5BJ)9eC5Vc>Y2ND#X
zZc!Vwc=hsFcAX!B?hLZ7DWV%%)go}ISh08w<T=Sxpd0QGmTl^1$}Pu31M;eIM7^T6
z%iCwU!`FsH_p}pgtGQDfsNO~lJ_wTKRq9hl-IJ6+_SYJs+ie4AL75a=p{R$QiCARi
zRM)srr`-cx6*aO#-0sTXgZfdW9q4`rhCupguvjl_69WTxx$Da;3?>vee{18daH%YR
zPQ4C*e+2LZgwjzZ`^^qy$h&4kUKhr0R{mlKo`f%o*U#NFhlZO{kK?c|3Luo#S8drG
zUh0SD0$Jp>69op3_ttcWEe@#!6JPSaX;`@W01-@wdgM2h?+f)tO@ZrLE#^*cVlQV)
zZpnmI4HqslOnUd^poY~4p7%1|HjHNr_zCZ>h+oyrxKVo*mO%_SeJ$pW|6_(3-zf4z
z7P}9lmFpMOhs9vaOOW9U1-%yiBLii!*M=3gV)tM9-1eV!3C~UD|NqJAxqmjMJMMd5
zuh<RiaS{GHmjZsdt+oHHT2Zkt;K!DZ-BSmZ>?z0z1WK+J{Rj2`_th!?OG(Yi2nj_D
zqZPC2Ga(*k4<gql6qe<{>Zm1x^|Eu)RKJ~iQjg4o^(%>n{Z?cP@+MHP!45yq{kT2f
zvFLp7QH0a%2h0&+SG~yQF?Xli>_xZ#i<$CUYZ}KswQ?}kVvy@-vc>;ZC-dngEdwqS
zX;g0e7w&{qgBsp7pCuX*z*G$cw*;peDwv;JifB;5Aq7An8Y&e@Jk<3Mv>XnROX%(B
zi|Ap94kPHDUKAGzXc8OpQ0m~@yCpNP2hY0zRo>!iEx<O%1hE!EX^c|m#8uT|t^R7)
zg|6|+vnycvp)fI44N=?`GrqiB&u=NXj;HpNn&qVKpG@#ZSt{M2s8UJ;a_lGG-S{`-
zUJ>Qjh0Nv$UpAt=HL~2QesnD@gIcRhbm^Zhkyl$%M;zkYCV#ELYuC5v_D}pWw$XO$
zlvn=uL_-wy?+{*Li3GANf;|WIc98qHba~<_aqu*~^}|#z!xh_9mG??jFBda!2<SUC
zo;)`plfYv49?>hsL-q%?klwr8b=I*9foDGL9eoWY6uqBP=zGPf*Ksg@dw!Pck?Lz{
zf&G*B;b-xP4AxVdPc71L?3=xgIO}~8otyFzzF2DWNvD6%-45Z@c~R1uxA|WH=yxLG
zjX1wsnnMJ!)ID)rHh+gkd|KoQx2QZ>6qokG2@Sr@|9#PSjT%EZGZ)%gf#M4paDu9$
zfFaMNe>rp*F=DN5Z(kaCJzQkN=Fwqt3@~ZK1IzXY*y&q4?8E-S*ldKh2OWl7&USWT
zLa^iFIjIpUSTN!VLvG82c$1TMiHF3z{I%kE_hG{)U??IA^d<De56a6FIvD!=;sgNa
zAByrj^byeO+E+tr1eYQF3&@NXdh!!y#S@Zi4A-{0hJ(YhEkw0tXsEIO@-8i>9L0js
zJPC`uS+u$eBQi(xernh5vTgLh!m0!3M$6OVP1>lfm(zS<F_HABfxjqkQiu8@0MhVs
zxAE#j=R=>6_I6YrQ_=RuqQq?hqNjwyuicYV_43t2tV5#0n#DaPo=w}>o&33B*fAe2
zcbN^Q{BP{0flQ+V0=5$dVrot`UDf{%!lj(JObs;P=*N5=`fKL|N9&{8&}Yxvw;(49
zZRx<ie7%G?xgVkMLd>t>X;5QnVG!<(M9%uO`e^@Uu&D@%y43d#WqA%%EO7uf^x!k1
z1~!FJ2Y-IopuT5`xXIeyDTpd#E+A+97s^hYbTq|_Ku4;2Qu@whh>u@m3^sDD+;`a6
zos&C$DGhJwXA6)NS=|l6iRirAb^bS49){ZfbJh9?s0(w)buuki>u)%u)UXT*zx(17
zQneT%LwgCN_rmI+EK3#-LwUjg7hUr)ZE#L*w#46(XgsNLlak3fhy}p*#^4#?P0?;y
zmxPdWZcV6>yQhFaX&zT!aE#KkCaYKyB%DP)0dbAh!=cX}<d)(xr>K1N<h}KGqK3NP
z%zme1Su@-wQ$aO?V$r|SFH=Dc8Mx;0%XsuyGa1jjW!R0#>Gj@NMY1Lk8Be+5`VxP!
zl_%ntn&>}#bB>?%(B-ia@Ao%ka)+C)M#w^Y7C6Ki)gp+;&8Ppt&#|4<J-o#NrR79X
z{~hNNx3*|0#i4t=?aQ>7DoL$v%1ga3FIkE;i6$i}%^LR1?@BSi*WG=ld~y&2I5HC7
z#L(n0+-IgRlm{M29T6T8Lmngg4@i*AKp7633gg9{%ux&#pN7cK#^m)2bv9-nt(yl4
zB)jt{tc?y5e=c}|7zTUOY#5^FJOP2%K(w~2JXMYm>(T^Z(F#?B?h1ubMa`ezywAf|
z%B@UZhhc)U<oHuhsA81#udM(WCK!zpmg&0s2al?yAV2F3Gn};dSF+~yBl{Z)yiNTl
zbZ}oIYrst=9g_g{qJkZOwd>LXVDgg<qD02+#7c+8dP8J_zo`f%_t;>~C&j#SGEgFq
z?lzv#=ba32y4eLpaljVPR!3klJEr%CeN$wHW1%gt8%|Db^Y!e2GPsr~(e@;2WHi~n
zNGQ`7o!R2zSxy>$QX9(Zf)w}W;`gk-zFL3G-*6!ta7VD}AL4ggDv>>C)H5lxX9!!?
zA$?_9Zi1J5Z(tT%Y?aL1XLzvGE?zmjn?pLSO^mN;I-6-T3W<6`!ZQCI62|*MeV{A@
z93#z-nTfC`0Xo}r-h6_>;LhzN6PUD3Wd?o?bV)srI8$$X1RN~;i4zR1e)~BD9JHDG
z7@~d>-9X~@_d(S)8u8cSkUO3*g3uXkHfk(0PkUXV%%lM4o7;fU3?LSHJlm;Fk&jn$
z_XTeZ4wJy0MO8Y;^CndcOy+|KJMh)_?KFQC<c9y^Iyrv|cA$$;S-OMw6t>;QY)&T3
z;8QnN;3M9zdei(0Cw7f?UCm5D_vC^HnWel#Tn?<%yD8nUUr<hFUTLfE6(en+B+moB
zXt?LsM%Mw${U7$;GAfR)TNg!xB#_`iLy!g<3+@oyoyH}>-Q5EOX@W!J?lkVf2@pKE
zOM*KD2?Pkdr;@z#ef#Xa?>^^_`|pm?V^odqswGux+Vjjc`?>I0F&5=)`C5Qo!*b(o
z1!T3T5;eNwo0|r~UBwB_L9CXmmh^bY>r*d}ga7nEV+<n?dfvIhOkPl_MeeAn9@ylE
z_VF1}vVS|e)PH$MYkvRQPoJ>9)<@ka`C*ym^@qey%W`?IyuzkBruLAQb_|WU=5o<{
z*3VA<Umu=!u3wx?YCk<PK-pJ4!bliO=}BSO6=wV1Cdjob_5v_V-~Q8spd^z3GroRd
zRekEPuUhVjyi~1W2=(L0;m-f=peU%)C<3b}Hona5JZ7B2?pGu4Hq3s)CvEWm;USAh
zdiz4hu-{LPNAGHa!Md={rlpsx(Z#e_8P=<2pw!4BC8#`<wbd9h7DlbnQPe9r=(Gc@
z6Hi#1pBTc{x9{lZTT`b%7|g%V*pphW_YB)qN-l;CS16{J{}eYvdbs&)Uizh3*P}!h
zGKui;xhKL>fNf+ZQZIRx&05urUL@vhE4}_Jo6<LFB{xdner#|xpNoTe%+h;Sg^!8L
z=@Zu6NRt9*UnERCUxOp<5R=QmL?|sE#oYZ)e95kq@%!I~@pHtGm##=;0QFVGKFYo~
zQ}s8AMlI{YYio&i3l{fHZh7(fjo3yQ_6y0T#QC}5S!}~IG}1HTsfFvfrqHb|akCT9
zi)<IbI)+{NG%IHXYTzPK0;m^luFQ?!i<cc^uW(enzWGvU3}?0Z8Cnb<@x@_U$0#pQ
z3_Zp&s3Mdn(Re0g@T3^C@3KjCw<nGm*MBU|(mOEETukp78;e+cPznO2{>{(y$u~x3
zTgnlZAuS>1w3q2|c!l@<uORFttH=9#e%;-kvYoG$3k+BgLV=B&fe|sn#lb^yE_3zU
zAm2veqK^`3*5Nc%afiiEDA>^h0AR^L<epbAy7&)-6P&}#yHVfi-FU+cP?bf~>P@?=
z+8yEIZs84c!-V{Wo)w{ZWnOgXhSErdfSXF(<TOvkXCBD-?1~+fR#7u_e|%blPD&oW
zJ$-AZJltIgHOgBu!0(i7Y+>+^wENZ6p}GPZz0tC`L-Wu<lOV$QM?>-Jp_PB{#d>79
zjkoOH!M<q@-t4&VicuPX$`6_^T`=Of?un6Qov^Ef8nT-GORK*Ir~);#@2p+gcPR4s
z<~e&elvSoG|H;}9_SvfApZ@o#Z-g4O``z_Qp|xLzE97EE8_N%LnM)VSD)H?})e^s%
z$xeT<${lHb-q`crQ`%MS><;$N{B81*cN^zkS0f0sGlmD;DY9OC$GB>(NB(}LQxfhS
zt&mJ1*qH&1Wfmx$uZeVSRS`C|aYOw84YOHsRzy2sxTwp^j6W=_ggdNsylxMZY4JtG
zx*rRS2%}O5a$P;Y9q~nEGsl$H#39LrgAgJPeI<C?GAm@Rb9VhYmhopVnbQ_4hK}6p
zhU3(ec5&`Pr5b01ld6N;Y)^`Bspu_NHW`FI%UhZ1_7XI&>auQAUrW0^#9ESeggYz`
zw)#kl?$mZX2LEdUUEi6hl5(f9Z&X4Bd4`woW)fYxPlTDh<2#zQgq7+araNi#=<|gK
zZ==9X9M)bkS3xd3juLIHxsGgq=Noqi@Ovpvvr<L^31j3YUjrqM#ud<BE#~@DKX+H?
zcVKXSl|n-7!^CCJntn2AftpM#z>|Mykq&o$QcES~K4?CpnkuW#;SULmxnrSbk%1Zw
zcE5N$iXKx9b{IX5N#FA)+sFEyK^I=09Bh|J5GETWMDr3)`LIjEM>i-=PufCS8;A1b
zwW*Nl1MABOF4DWw1@dRZc4?ORWSb4lnxVE<u{st+=4zfhaZ}>Po2%|(^763s46McH
zjC3%zcj88IiMaSm*U>EYx_VheJ6Q&s%XQ(EU4v;p_1<5M=VV+=I3C}M3P_!?>_NTI
z?4Ybf=<c#E#pg@X^@Egj05?e_iL<d9J<FfjD!v(>Os&K9NTIH=l{#&&7RKoGf}w7h
zp-k^B^s@{zK>4W+A%}r0?N}x%#|PW{{4&^9Y1)@JtcmS34f1${wtPQkx%9KmPuF3E
zevVYRJ&x{5@E6^?G3kwYa(3gT;+_2mLYs8m(iPXadiJ+9&OZPJ8o*4Ihyj^|yNil9
zV73ydsX5PT6)AAOhUryISky1%eHM{mij87<$x+Rf?$(w>?F{8;=4ENXGnK{fnYC=u
zFws!2()7qHY+>i97}h_xdL7xgC##V8X@lfQr6qvXxcD+BAm9ritvrWp>A*{F`pWkF
z)1b-vtf3HLetW@5;W?N;J;A)s(ZMK#i-)N2<A$nBZ(-$~Jj>%=4Q>!^sHi^y>Cnv#
z8s;Y^{A4pQ<BU*JpGT269`Woqcy_n}QC`{m<+6%;KSt{YltLkqK~(^e1Gw7I8;by~
zD2L_J{o?x~KsmVtz=(^jXXV-Y9xl$Qs?3+P6)Hm%6Poa1Ki}mJ=^81?S%duGu5*pD
z&9|nhJ7^mXTTUv(QS?J&5LLM&EAE;Py6?zd9QH}tE8Ur}m%u-r@VB$G*==0Jp&>ow
znawGS7dGsP=_JOxElR%e{hKpVY(Cr=WT{FB9GEc!Mq%FSEjhsBy1kjnvR$#QR@b?|
zbP5t5e9;=iVuH>^>dpS6C!4^jA?=RWtkK_uncMyYk1WNf!-Ngqym)WhHUptr4|ka6
zX5VpRR+KMsqa?(`^73qB^waoKMkbN*OsP*4e(&PjBZq6ywabv<#5H7TAstP3?{H$e
zn^9WJW;#JSHU5+R<|iiiJ_Aw?J@*9+2~Bu`k;WW+aDjp`cI&|{H*`8lTmWgW;6P}I
zAkg_SZ}lZ}$tU9VB_~Uf4%1k;&ir7M9hrr(5EFO$_7$CY>8R$7d-E)i<Y)clY#(eY
z^WAiy_)kP{;zx`>;AF|wJyN$VFw{V`N*|3fY!&g5$SpY?X8w3r`H5s<aY-uwjSs~$
z<-sjYut|{|YS@VE#c-i3+%}uL7{K!ypUeAQ$u-OWoe-803K?>K%(7g-ie2*~WZix5
z%~7+1N@wI|Y5=3S(ZP+JFK6l*N_%mVFk-&ed`WKAbuByXqdthQ&tXo9E)s=hIBb~@
zA^e*}{HDBJPhkyVafWvcJ5?5)l(b=!L(WM(jSqJgd3N)~)jJn3X`A};rKQp*0@jmm
z|FunWMmbLQp8X|th}(r}n^b#CaBVzGOvSYQ?y<4kvYC6mhm)x^=4)ZhZ5qP;o>tV#
z$qg&cjeWZknzRy&x-`;23QhS8ad3OZX;jN;`|89~1?@XBWi1)d9i>;drgV%14QN4M
zfZEBv>?W#bFLIDj2tTU+y^V3>SO3bohGWgKD-KXr{Gd3IIvWWWZ1vMqgLXRJ&8No@
zA8kF4E6}Hd16<br@B377>{L2d%#e#R)%Jp2H~bKby+}N?RKGiY<$n?*tX=NgK-oV!
zs<zm+QAo(Dy>Be}I(JtdPf`IJlg_1zv}Bk*gxs6es~iV|yIRfoJzNWVo%Bh{7M!;G
zZR_+7Jj%;+(`uDgI5?iZ`}Uj>Qnx#bu*l^02f}|Q^CZq&r@2J(s)|@O$hCr)8SpZn
zIl&*h;QM#u=TGY<xXWta(Bav^ZR07IP>&W&>g--M@-C*@+17|N%kXtaH$Kc)n$gh0
zE?jSfZF#ilTUN+UPE2dy4yyb}dUkQ}2g3J%taiY@HIPent=Cirn+pA~kuM`x`&pM@
z5cQmvJo%tQaTRQfAJkTmt#n3ePCc2syW?y`OxQ9zb6ue@*~#sZl8SU%)R`Z3G+|S0
zvpTQ1=j_!wWVek+_%>J6B1(_4c;xbNa`nc^M~VBr!uxDQ;VbvR0Ez=H9Ea}VcpBP{
zzP2O{@f=ogX*l8MC{Y|DI`exrLE;2txvx=6k&{Xn<AvK#K7>0zDoI%u5m;TuWxNcw
zaT#2Zo{xKz$UB9${-VKt2Vc6DSY}pH*^`SvxwZl7F7?u-5w!0^$u;Y)TLWfnlu0>Z
zW%g@>2yK8WOpLqrgf3Orw_oz^!0Re+_H!I$OXCI<<pBbOg$Hl)*6Dh@Z28IjOUSO2
zg4Bf;i8PyueD?VEuz%`%Ydnn>YhobZH8qZ23KLA_bLgiwDTt{U!Ry7dp<P9;T&-c2
z;5ZV8s8DeP&nGe{uORYfY%={QEwDKAqCRX15wy$(%S-n$b1@cv&9PoY3TBHbXHcnL
zYD_G5*E7AT+(0o8p#71K#pUTxw6k*X_?Gh8B<4VxvH5XgQ@|l=e&oitGQv_wQ4Fo-
zL75>`n_L*o8FpISTkmA@a47eo1b_P3Or?mqP9^7+fV>&a0p3@t>c8<l<bEiCg5@Ed
z1_FNSHqJ95VF|sjKn~~9<M8+AKO`$L?_Mh0SAL-qlaO5d>^jgie*X1OeD4d8y~)sT
z_ar-tv#YZg#aF_&lVb0D+|Boa{<S|9)tBlpM1@OXffx$G$bE-qf3}}@#yM>P*_+xx
z_NE!{Q7Ov9sRuNkJYQIo!u~~|Bo3`IDAe$-*Cd&>6Y^R=6Shz#my&qj)o63=OJ#N1
zYGQfE6;~}01REAu9bERkn)^Ta@zpa6)70>@TbQI*r(M$Q(CpqqLh%vK2kC8-VqE0s
zYoekTo@JQD{}(O)r(@!*GA6solS3<FL<@I&T@Sam)hU;UHv$FyP@ku@ht6@~t16w9
zdPc(9rIMAsOdIw&TYQFTt5gf8R&|)Yqgb-e25qLTT(4mAhWYZvZMC}JNDPFw;^#^x
z_fDAp{ibq)F6%aqj)A$fR0)>PB9pZ8Q}^kA%hi)ZiLF6Z<>B`Zv>KsJ%fFz`E9S>q
zAEd{OpFMZ}QXPZy=er6I5%-(=;eGo3(LnP(HISnVprk+Fa_KrsS4ZU+>U9nveWWW=
zbovYffJxa|7!f>06%*I`rD!)0$pM5|3fShYdpzaX2rvDxXIs8noIFL`8FnX`V8(m0
zMi;VBL-?UR-LH}Pa$fW^R~+`ztd0k^p51#T_w=JC5@+MeYi&%!O6HrTvfHNLS?WXE
zz1s;9t6#m;WR>*%?9Qsj;Cs?f%0J|kanwzjp(-YkKcJXTKv1CL$yRu&zV7K~qN0JE
zX_y{?foNHS{YehDP*BJ_J!{|j(aT!8sWtv~K{C&S_bb806BnE3d#*S7%8$#f-S`vW
zQ~hJGuqTJ>RoWIF#agAc%fXM!t)Q>)@}~mP!*{DMdtXoS&FoE4uCPxSW2KBtGprm;
zQ`4dcKVb^AN>Pdt785hc?P*0QV(@nMy7+FJjMsBZm8s<NtKHVzg_}$Vr4ywpb@;%G
z`+;obko}9LFl_!~FJqb;Nq!+7`Ov*n!I!o4a>Sp;6i0w9drl9AFp+Zk+b-FJ63MYC
zv_)UYSp1&iV()ga-|?`&*1)lR(rmYO;fDp~c+V*Nf#MJ~fD%oqI-1KD0*Banu&l+4
z^l~fAISxKsCk5Fwo5q}CC2%dXOMed?Ogko~{vmEU>hUP<{&}r=YpBd02u~I`40>n+
z!fjJ4|NlGxubxok_kOdF56*8!?PBfc;Q2`d_UR3)*WvGO>yo}~=OmC_V18zd-Y}3}
z!5y19@b>U_^UgFB4ZD=MF#wiU6Sg4N@>$Q+9{%pdig4DR<tfrYF1>|-5D&+uWNt4h
zJw0Z~{`q|GrHboQuh%Hu&ofs2*btQ?*6!j&Rg~Pk?LjoOdA$OB^l~?z-rx9+t0;RP
zQu!2raPzk7i6Qq8sCK<E%*gT+&X$)ByOiY7%Gkg7oGq+NCRT@;R}HMXq<!1UpKCtI
zDrEO!9zg<4GHjLuSz$-3=*!EOdW6q)!biojDB8u?)tx)m@R&zUTN;<~NI&Ft8z^rl
zB_<{gs;a50=5FogWeuYJf#CQD0#G|p1E?Jc)c!_BLqkVH!9YPqL_k7BMnFNu!Nq${
z#rA+*6rX@lOf_yAjatpv#QDt=B1#VN*G?fcv=Zt;xl>PHa0Y{3N@~1~Pe{x|hrFuc
zaw(Ynvw9$&2v9w66Sq}Tb~yO;h^tkwJJKuZ1N1~xHVAD)66NJ$%JUK*2<W1rqfLv^
zuUgMW{*A-VU2TDpd?4s)#)G*jZaDK|0?g*N=5S=k)b(T9i?Y7ByE^;}&$Q#|C)<lt
z<cc?Quz(rXHOwJ?69wd?rH1?KH#*-DPPRWF+w4_VZ<g{|+;Pr$Ky#wg)oBQHj<!4t
zE4CE3x;y5D8Vh@CVcv5vjmW*qpcG?AQUish^2i|PQQKoW6relod3AH*paK5{-QwKd
zx$2*z9ru76Y86(Mvn*F!_A8V+@*gd-E`i1Bz9O!c=eAcBc`qf=0V%dc{NJK;qtm9O
z2(;_&ub{erAY?i|ss@IO+@f<}2y9?cbyb`w|Ki?~id;EU!Do(Y;l`gInHfuJr1)g}
z5zs`1`ju5F3oi=Ak~*O^#mtts?oHqNd%dHeB{}`a{uB2LYOIA_c=c;{IR!;2j+h|@
z287f4DKrxGNI5W@VI9Y)tVQA$+I~VqO~sEkpiv^Eh%r|6!;S^)uTRR4EUW#s_x#08
zu9`B+MzcHUt5{s$Eq};4A&AR>K#hi@XhAnI#iqqL*4@Th!{jW7NwJ@uPeJ9=Ni4$U
zs`mza7!kogQ0W-8i+md=<E5<jsPGrH@Qq+{hSs{(tEA$br6F?HKG|;PR4aC<bT*LN
zytK0^xj{qv6P*U`q&}>zELf(k{5XWTu+&(5_$@6PcXEJE9O$5@0#8`W3I;z(jc{Oe
zooet<_;77pc%=0Qf*T%%W@*vK&UYj7Uiw7_@D_9OvmONuAjX`*zSb#v({ZnkyQ*cC
zjDfet@%Z{x5yI5kP_A$JlorGra+YE;boXNIie^M)%RANf7H0l%sDd{MQg!r1SbNW{
zvR%YFA{*!qay8Q1l+<Fi2%nNo5n<A3jtAS^YKUxEr`fVi5&Rrd{cwX;QNoKW7|AOv
zVX`u^vpU6xZY(KhDamK;3e6B-5KuXY@uJ5fI)!P(_elMB=diOTMFEJn700i+MW}CZ
z;I3-!6<Z&tzCG)cU#z-6XaosXs4GSV5U0S--Yc~JycXN*brDL!9|-$lZ58S-SNTnb
zjP-_&*pCdRfZj1*VF7?OWC3-{JWZ<10JB3K_g-r+>@k+3Y)Zh;H+Hn>6z7!d>0&_%
z-+lEgDuy9L<M`AEY4LH@D|NI65MwPXD?TR#Vp;jdaimvLEd%A4{&Y#yMfDSJWuE%a
z{k2woY!tBfEGoRrWRHj>R!Bba8z@A~S<hzFA=R~Hs`h;vz^W>G=kh=<0j61cTR)vl
zhV<C3G?MGF^;tW!pYf@F#bvi$Aq!e(_T^BV9}7ZeF=E5Tn4WvVR`x~z_l)S&DJ4`*
zrkJCY!m5bMBXMlI3byIb6<!v1YHKY7iLM<f$dxO<<RVPPNpN1=$4HUzD<H~dZvIDH
z%yKz^Xwh(?Ulyz~*m!vl2m4j~{8AjiaAi8ub{RtH5F4h42uvFaWrw-ynxV}g3js>^
zj`SD3K$l5nTCI6$dn)2SW^xIEwsI{p+Z=8VGoB4#O_*52TirQe7q~K)?8FUdHobI@
zrLcwU^`ewcSV&)cpS+hW+LuKi8H_zUR%Z?HPGK|Si2&Jtca-M&U7<Cs1Jv<}c8}1&
zXWw_tj8*&qgHxg6<*+t?zXukMiii431!Y0@ZUL>#Awsv+6@uPmj?`CyF-SwE@c!yZ
zHT{aM$aEAavw6RS2Km-ReV0qupw59QKEVm%TH7HW$ZnzSL{;s3+AVMXcBnOEqP5mO
z|BWu#k>i<LNpmZWD)y$vvtX+uN}7R=*>OzFtH8?EPiB#|ju7-Zld?S6*}hGnX^?d{
zRisYMnwE|$%FwDOu{^DjIu?#+;4VYz$i(2XBLri)*}9~#B`s}ThqAYw6eK6RY?=lX
z3nemzVqH<?{2*1fLZ&`qM#!o1#JoN31D5D~ss2El`mDaJhjW3ym=efx&sz2(b<i87
zP#3zF%yOC1J-{_!>%V_In%1$Kw@a)e8zQz!Dz?a^HceK(F(CXl4^_7&l$O|B6>)T}
zRROF!cW;^B=&xjG)+*lhwq=q5N@3{QErhRzT1G$kpwR4qdA*h@0(XgvW~xj4GF)cG
zveQ?cQxC7nT5r}4a|U0CWF+0xFf9kFStC9uKg7W{%w*Vn1UsM_PO@{GWgx0(j7rEe
z-}+3@&_4_1ip*iJGhh4z;SpI(1|9RN;XQW^R5Be%(v^`M>nDH;rKc|umSbM-*KmMA
z2mQ0OhKzW2ddcTTT45_{lBA5TYp8HdqT~7qyh)E3^1y1Ys+L$g|43KT@|lGo$!84i
zXBa1M9Y=EB3lG$=vl>MC5*8|-6M`O0X<2^GY`D^{q}c>l5Du4jhzuIX8($zK+Lji7
z?R(lc-kjSa|5e*tYO2UwGotVINMbj#LeItnds-685J?n-ny9s*uOzGI)hAkKrS(-J
zBD6wY+kA8!G7nR~*Um4rUs0jL)%*hibArlW?R5Rg5VFx4`rK}^Je<p2qQ1F-k$JH2
zxYi$BCV7>p=G>GZ%fgDzyYAgomVGWs(l<`LP-hqL_PMF=dUK^AV`o&GalH9y4JR(X
z%W0`5{bi*?<&pLe>k4CI6~(y-kBr-Ow{%;tDtON^lv{Uq<Vgi3>#4+HW>a*RHp$$I
zL>Nh>=20s*3A_d@lfT8XQtQ)g^no}Ljc$q9D%Oic(hxH||2uCd>t+Gv$Fl+kS(1wh
z#<fzbR(+=YW8sCV$B9W#hvw~kH=?0AP-7}SymyZ(GQ5-MP}h-jiYz#!>72SX=$zMp
zCBAQM6XDg&#ws-!AMZg7YORp$Tc8T|8z>QZFtzwn)<^y&J>x1;$8C+XJ!bAR`!cA$
zo0H>mSYcLMDv7W`UABNFw^WZgPo$-_SnZ6NzMQIyZSw)A5Z$QDSYc7D)Ug9)-d=m!
z14s{nm<Rm~(BbaBP0E=lB2k%XVSn`?Pm|s--eg6BgyKY%PPrB;&7lG^%4#KFC}6-&
zAHEzqoh$uJ*2id=r1gFQx86JQxp@qgsHnmVN!>CDocgl&vm$SV^*r=ig(S@-Z`*0R
z)IHd{FaTG9><<Kcp;Kd~m(iwosxp>sA_U!BP$b*b?1aRkQkYrsGuvb*ND>X|3}ne5
z?xp%v1v&i^vo5FzqOajQ)1@rv9wn1Rs>k)QXX4^5soc1Ff`<J0Szr|(_iJ`^EVz9d
z7psRA%Y<=6z7=<AzmAWM;liGr$}>KA<7g8;;hMG=1}WX6*d$bj_T)nCIQ#%J#2eva
zSb|<r|L9qRl%f%6AoNhP;LNISx)6tv<}i3N=P*C?a4Gl2RFu%S(bzl1I0ch@yxh7A
zQB`}{m5lmU7iwKfek<3?AgnF8jBNC$!*;%UeDqALp;hk;3=llUQPZFvv=uiry;3n%
z9jD|aw5a$lhhdvx-(F0~<iabj!!mH$k(|@*0#co;t;try>AHm{8NO9JL>-f=i#W6a
zE0egX7uU@(+lwHEWx2b@#m5#Y8UF~8z}8PJoCqFHTUlSLV^_Z*N0g<Qf662EnR~M*
z6lr-VzFoc8GcYp5R_L+JcoYYl=$XBd)ClM1M%l}}b9X}`M9m|yf>6;3tB?Rwi&Axv
z;IX818a~O1%7gm8zDiolA?0kk&4tBd6LUuj2Kb{E!mhUsuP>Z*shz~?pSqYaa5$!<
z=b6hX78&TuO4cf5<V*x_p%AOq=(C=K&#@S+>(@KtcX`pBVg_XUcF7M|YM7YYL(}0^
zL)%9IzC1kgQ8cIWQx^(N+=k3@@o!8q;>0SabP@=n)t!7VwulF5bsEfUqt1ivY?EYl
zr)xInGU@13-L{bFoug@{Q@qxA5SBjU$$gbeqPDflFQ7v&qDSyMS407}6OTXWdm*YI
z9IW_$P$Jy)xS}%Yz`U8TQyNXbfL4JRa-=G0w01)(rx83hOeZYUz$M#=&W-Ctj+x5*
zgm+Op&-}B$1|-7zb@8)$GXrzuA|szjeElO<w#LKyAJ;N93eAGh^}d#<E@}7^=a%U>
zH6nW};t2Ci;&i)3vpQJ&dt%TgbFSv6N^G#r1^te`{p%;CR-*igPRo#BMyi612got&
z)jdrWxpgcEZmeYLTZQC)Ikv>{Zv88$j~s9cXl>q>RhUJ^dB<7}dN&#>PG-@7t3VWw
zK<E|j(2om>V;o|GHPTacA-Bi+)%L^;%}Dd%-;!k2O3p+Sl!lrVmks8<!XBkK4XUAq
z3}`Iq&TD`VHyWqv5`1LqYAfYmD5zE?G{B4-4<Ni>b2`FNn(r{e6jJQ4!*QKIuwdw%
zKt2*07guE#JoSArX7)zk|1G;lWL>SDh@A3b)@!DD;s&>RJZ6?9{3`9-?PsY8309?i
z$lTpZwKNiv`X=T(rB<V5d3~3e?rP5V)A8&%CG^qr9#m~9N%FY(!INj4>53Da!-;*|
zUvf3RkZn*-5iH8HgT*_6C#Bdlftj3$*T=RD`R>~p9~<PnBTGyw5&7ML<hTei_0=BX
zdj=(W+dmLE<>cozg-d9YWQ(TH7#LFBO!DhZFF%o`9x1#fb>gy0bUQgEXfV6f8riNQ
zh^mf{g?UA6?-9ReNPWfq)Q*o&8|nE-UQ|h=JcWvT*z1*ebCa~C)cl>2FL45PSX;T2
z0;dRGgsr{MXXd-f*|D&c;vs{6)2Ff!tsR&GnW{M56IfkMqMBgE__XU=I+i|05n4tW
zwV|GPTQG$4AaJ77J=!3uMk)^CTcy6lC_gnaSs~>3O<p=4Ltg(W@uGcovx=RIB&*Z}
zZen6W|H}cxPx7Q{d6bKbl4f;iajj*8nhi1;>08fP>A<&BM9hUD5H0hOEbo~-uaQq0
z^Le6*seTm+v@|ok#2}jYdc#ClzkQh#mZ&1+9ZJ#(zM5O==zVYGDk2Wn!I}<jGVAz7
zG(*45oJ(JpOd?t_&06U<1_*5l_GKTZ*<>4JB2Sz_RR$fXs!nzePs?&ysDru{-hY(T
zkn|VGNt>}eD+oaH%^|6Jp{mKXY9!&RxWg&a*;#e5bF&=qH2FP-yB9egkDS6ti^RGH
zdJk%0VR-_UakjV2meoGDVH~E=BBTaQBkla-WH>KX8Qv>>$JMHDlFxf8zDu*Vx@s5_
zk*1-cy-4Yx68o}Vut=?=CYWz07{<fH%GpnwiY!H|*Y3Pt-{F3(CqB>w*SA}tl@gJj
zpdGlTS3u$cJvacific041#>_J-aY4P4odJlhCTY>J4w08Po~R_>rQg;2(Yn)rJN#C
zv^%ghcGN6sb{WH@&Z;<_pqg53hSWetrJI3)j*~su8LNS25hJ{oZ+1rZTbVRO<K0N^
zyB^MBI;VaL6f@>$X`}`6EvIzOeRvAPO$rklA-B<nLM$F&npKyFprxiJC~q`dy=xQ}
zs{o6u5Cel?Z>!iyEc^T_JI~O&FQIu4y^vl~RAVJg)uVcNWRBwDu{$UVepgl=<L=2a
z1}e{|a+V^XANSda%2=mb1;@Jw;$jN>>vY?X^Rko?^JQ~bG6Or?bH`L)s;Mb8qjAv;
z+sbjyGb|8z^&!znO-?RBfj!#W^iW<*DRX@q30xJ$-WE62LZ^N*96M%Q9$m%+=NP5N
zi{nWi<>oHtKDjwC3f2cYJU7qYOj_x40{VI%)?wL^R%;!_I=dzU^fa%6A!=28)1Ggr
z45rp=`!Oh=M{2Gyc$3)~yOOPfiJ%>PbGulC3j*}&8X4tRv^Y(wR0cX#EI(8g8hejO
z*~GQ&#hem8PUP>htUuL14V>rajz}`SNqm!o3okBS<mTTBJab@{i2Niw@dK)|<Y+#q
zCxIeKQ>$5ihrssUj;7Ks!s+9pH2uovxk8PL`539&oDKYfkAAr%lYSY9N}H@(&KAl>
z1SGjXGwB8->%D5*)_C{>p4Qs&<Z?hY!6m-2h)-{tcNAt5X%Bv!Rv!_Vg`?obkY8Gw
z${;m-;Z2Z?ZN^l~KOICE$u_IHbT(Ma(yDjPJp5Ls!EN;UL^(5OcgozUOwz+gxous<
z3ra(CTW0BV#Ig%KW)Yhd;BdDYvOuOWni=dFl1kjAK{eEJW(Nr3OF1R(uTxXeoqW`6
zOcth#y-sZe6iOkC*oUZ3Hq$H8-Em_!=QS2ts7mfyt|Fw-3uvC^clW_yKoDWR@Tj8k
zQK4As9Qz{V<}o|v1k-dAz4g%PAm)T~`fTw+GMSzIJnaoxtbIDM&ca|pns|e58GHs}
zaky?CX_r%=S43=9tg!DwD@H<FcGL?zg)kZJC1xFasJn~j5+cn@4XfJH0(p6S19b56
zt=+I9XT8;qJY^*>ovu@|axQ3~<)}0jwzbsl=c1f^ruJkpe72O9*1}-x!V{au_c=v7
zff$+aH%S(f=H_GZ>E%I`-n~f$<@fwW(TmEHi?-3DiRDb3Fq?>l^j8<*iezJypy|pu
z=2QmeRZ(yaeSl3VR4yjL+LU8>SYC)*ksU0eiLm5p?!to8Fr{9HkNTXM{`@2fccaJZ
z3sNd4V=s}+V4_?lJSwr6fyBsk>zXuytSnYN1*deX4aG4%`86W#ThfYUb?e63ghjnQ
zz$n1?)6$%K+-1s}TF@cy)9ARfl8QiP3u&<To6r3?ZCp(DQ&%c$@o|DuaSwF(2f36U
z$VS*V!B`h<<0M*LB}F&#tpcwH9#TXV^`ZJK5ls2bH~G9#9ov>XG?I1V>UX0y2ay;j
zC8^!Iho?UmQ*OiL){M<9sRnj#`x_g3(vEKtC=Rc4FFT(m^5}8d=akW5d`R6~j_XjW
z)cv>utz!Jxa`2H){8e})RY_-%Ru!&38WW&b8yy_MND(u<RF@!718AR#9|7&2?@slF
za)`>k!d{DltWFMSdmb#b{m8*UY?z%&n_FpVSl>%_-s&he%}OjO*;z9vG1+lnvr=Vr
zl2ED;X2ocL2iM|MBRPd1D*)UyYMvzGXmogqz%Vesoxr$fO21-hmh|JkzFqLMa~iep
zEghqjT>&0uAJmj~FgTa3`6#(%@~<qR!97w_xMPUaHdU6WXfc+UCk}itj7Z}W@pN(s
zep9l#er`NQ4e<0_Ho8?D*(d6O0372vZskf2KEZ@%pd~{l5Q0~UstmWq$*-@Ucr|nP
zkJp+OWPX%A<|0cWrBS_?`5nl}cwYvpXtklbeRgMYKvcQEgWxysuYVD?N0;Cc1417w
z%~09*Ewh%ylt|@r<5-zEDo!}#cpRx4317hvk|sQ<?!ITyE<B4(h{`3hFjaefkn5T#
z5obG(^(5bdo?$_@)ytM3-%qW=#Il58;r+0mbN%ByNP)ae2fpH^O<k*cgM|WfA8OtC
z*;HX{xek?|D#y%BL@0>QBxYok2aKJUyHFeCO@E_G&GLO{o~-smiBv%YmW)nb<U)&R
zYAts48>SC=tQ(~2l8Q=;E3GxJC*aXFb(}tD&I2oPLnZdOiw*ibb(}E_Ep5wHi8I#y
z6!U}<>27qDb|h7pK;4bAH*A|jODFZGB!y`Q^%xk+lNn|E=iZgd5P0VfDMW~aktJ%L
z=|e?O1sozZILYB6CYyG)vSFo#MHOFc#l3^ks)Ii9wDjRusJGoEjim7OcnE=wQl)lM
zL1t=On(3Pj55oBR+U-lYog>sey&xrvrY3DZ5;G#JIV&Rtlj@50>(a{x3-3>c0}E+}
z{^ri-%x_8-B;eYMa>lW+%%;l}WN?xsfghiAquTl5$ihPiZeBPfrVtaNi-y!4^8-$*
zETyD8jTMfJfXNC9imWJEXc4-Wm3T<~N<*<v_ecwOi9;r2g3Buf$4gPO+$pLgA7nv7
zSqB?J4pv)?O3nwFra!4mTO@s}y9niv$x8Mr$o3!LU0<D+f2Foqn61fOt9pGYTWvq6
z^{P(;4uAHM+b}#Wo=txacGLn{(@?wRlM&&iwx|?;5e_%-mSm*5oi?kl^NUr)EUVBN
zCFKxPk{!v1eawUKBrz>iBGwWSZ^jFz^!eCmRFd-$4lD7qGRkq6m3>w9F^>B6M(t;v
zkaXTkfb*>_OH-F*8to6YU9CU1o0tPTj`>{eyQaaRYs~KO=y#KXMf>N@9qJHxhfqzu
zhRalxwhD7Eo*Z;WcMW&fa=1$Fy5GX7pLC>?RG%ttp-gn4#(q|mT{c7#oR<~rZ!T7F
zvz%wyacsHZO<}LNCZH3ZxC)*eQTGuN;oxU@WvBZ*MMD4Ex7Vo_xU%|58Of>c1N%W`
z4=q-&18AS4&)i=WM2VGNRjKmK`G7?m8K?hMx>WAPen}S-N*Ex%s6Jg<23N-0UkM(c
z%&5voSF#{)e+dzHYXtzYyrNLq=2YELWEuoWgy~QV7@LwG$=pToQQ?;|oUI;+B=hu4
zU+<Y{gH5UFfyObrqKDovSq3SM%I(E(t+^8z`|Suo(0pD2P=t#&X4sEG{0^3?IvIAH
z3a^F(T?f{J7HlLkf5kUvY(jjsMSH2tv@%1Ze3Gdzu)#Q~^=H^_lx59@h0l^Qt#xSi
zWM4TdvlFanR+vQdb`4^d%}9fBXl<emHum$T`F>&w>h66;yWj9^<10SvCrfm<4I>P4
zGThkQLHb0{&m6lI>_{h<7x<^^0vB=dDo{?@9qM^wL!tDg6dK(A9u_)T1s@ZMXw7M9
zDN6c~l)f7|@6|KTCXjM{JTfZX!*0@AT|=0-9fe|EH8K{R*X$UeiutswDzC5K^71^K
zs9j^Aa|uba=OU6=0FXz=2?8`XPCGVMK7`={fy<x*1NCssb@|khYKc9}T)ux%lpm1F
zb;o|{;e#BI=6M&VcvLnwJ!5~QaWkg52dB1Mmj=)64Di@k>w>AT^l5319TS$Vnefb^
zOn<_Z2vb=}fMz{GH1NobROZDDIq}X*CfC<T8|~&5gRB51?S*9BoA_4@N#$Re=D|QJ
z3kc{fsQKrse5lk64!P9l(okDb)Yn%Y?OTgu-3O~pc(2yDe_7RtiYiEnPbqWNA$qHk
z%2EO(DfKH93X-`FsdxYTi5<n%@W=r9(Q}rWT6~y-)J)E33C;h0+5hAll_h1C?omct
z`DAAA_h$9`izUe{2r1J4dB6WngX*oytS{L2Z+itBS_<Qfr8VcmO#hq9|C^swT9sM)
z!J6sD?{{oqdP+&aKeDdBCTCCl>NLfmjP_rgG;l;ID)XL~*G|O8)(eu#xJKaM#mVIE
z<$2pwJ@^)hGLaW4^e0}&xl{P3Anq71eL~6=SS=}RYiVwNoF3#D0&l5xi??iaWLH3C
zZ^%OZiJNbh5}|02ck3f^@MWPE>jTS>g`|wZzNnIgZu`sNnCqadz`F#4*?bPue_bQz
z#zE~z(A!V_S&jr4$KNDHA|nsKEVGIYhZJOf!nFd-C?Q~T794a4l!!efdDH{=e<ZAm
zG3Y?e6$*-$6H{Kx?A4<^^5aUb)m^Bqk=5B^eN^7e;R|^MZO~GC6)U#4F~B~z*d~dG
zvMP-8;~Bk<eFJ%RUaLovKrk-L6IQ&L`?Nn0bliTJm~ns5v&hbHNyy$c1rq4vN6oZK
zNww-t6jTy{EouDqh@j|qImpqi%sQAL%J^dI)?Rpp5#YBtR-N|5pl|Wyl$fo`6rMWy
zWsqIf|I%z$MH?zCk*3h+$ylfW`|#5_K|0DU2_4tSP<2C`o&(s2Vms)f;P+F>@i}$<
zip^+kN}2rjU(Qbs2r&z>`|hW2@;d;FydBpN*_J8n(b9Sb56-%TDI_K|j|zRvPkbl=
zMP7ymf3*`TKyGY-{dP@O-T4dvb-3LRsKc$9zAk4`WprF-I7qXZ6`2{8y(tZ~`;jDE
zG&!g!=cn@IG>n7h`Yo0*I0CA(R&?xE{!iwCi>Rk$9KWb^F*72th;*n^`JR>G?qthM
zr0qxd9|%788dX<RTSK$#YVy_{;D}j$M7Gs3#Koy6^+-XT{*;WB=hf;SK_$|EDHb#u
z{I72ubl4lZJ&7$DlG?^u(2bdOAMt{%k#j&69Flvy;I~%*0n(#Iggb~Pbi|a(K<5;1
z(>(2*Ya1th{hI(m*r@}WZ~wx0(n?nL74qmWJ(TrK={NA49woWkD3iCU&nYRoqDTs`
zK3K(Iv3#Sc8lscl8mhI&oEw3|uiMshpk+TEaC;2he;zv9NY3y!G;~9RzGWpw&<yG`
z22p<~S;EvcPbk`o8&nYpTk+s)PTHXwX}4rJAb2htunsjaQ1p|C`Eo7UI(CVLXA0rH
z$x9#ZOnTmfD{?xvUmE7B>UxAD!6iboManrGWUnB|8(e_R8Ejo^_GJH&TK3{yMj^59
zNxDM<rMzNl-U38Vj?1gUHTv@mei(LBYrl*D^8T;sTQyJX1G&)=W<3%b6eLK-hR&#Q
zY$Z)E41TVnpB&aZWlxvcHk<KCU=eKvwIE57AN~vwazMyg4|F=^ev?t@pCm`Wls&mB
zWAN2CvUnhR+zfC_Yjn-i+E%raxW|&B-?_6UQR7&(e;eN&6ULx_JZEGYg8AbU%{K6O
zWJ#*tC^FMLfw5*7_QPIjQH4+DZ_MY*2#@~~_V`Er6TdBc<$>yUI;RTDZ(@vUdsKD=
zzaraB2xrDkNPX`QguX42_8;ZNSJ^2dCjmoA_nSzk0Uu;aqU6iwTKJs=OEL3+0Z(i1
z|I|BaUx+CyyJ}BNK2)IB1KgP<v3VC9x1QJ&Y)$=>hWI(T|8fj8s(+4wQs=Sfulap;
zXIh2kJ_bxuU*9*%<Ng_THAR6(2_9}Ggrq=-P`j1~#@@HYh}d~!sbI~#%%x#iW^I!?
z5^Jwp_045A63fqcz4?L0HSLe+i1Bz08yD6QmC<2%#qy{S=UQ-OGtHXDV_i}H{P>KD
zrLn=rjSkzIN5ck5eVlKss_r@laRV+Sn!kyO1aAq>(7jOQu3u4>bz>giAR^-O&j9L!
zg{@&<3&$2(kot|LWLv+Qhgdlzrb%P;dIr9<QPHzx!0S+^y%Y{N2l5{n2H(5d>x)_O
zxgaeFvhW90(68B0^lp2LL%w8to9y<3s%7$9LjlWLnggQEdZ035-3|y(OEC_)tP39u
z9lg)aA<0+Om1=s9(aU)I7dr{~2wtvsFUY>)YWltUWx;teBg4oD#9Z1{fyn5Vm+de0
z?DLD^3H10amxv&vpKSwzS$SULu7sIOXzQk-wrZg0_$XFUd&Ndr5PVP>_;dL%n8Np8
zcmG9uX8bGd=|ve52{--IR^)9T#))?P#jCa#{_-b`{N`%|ZV4DuiJ;!Y5v*l#HT5=l
zbp)~xX->g-Ju{qB6WY7B#qXj+hdc-V?IbFHA;QZFp{0O!rCK6^F+!)7*p2glzwCeV
z4V1{7_A?)Zo3=krNPkGjjcHak9a+I7w>FENpOj&P`hR-DFq)E_O#JrsI*Y`LI-_1;
zzDa-M|4{>fUrcY1k{l2Zuc*<FY#1p_mMY&!_hb8in#y7-ccDeP7f`OLPr`r&o95{%
z)pOZ_yuCc|*XjC|N(?wAOt<7zkpK_b01>bm57Y*=rh9@;5y#azQu7mdjZ2h%``goV
zxPuR94D|k{t9kyRs}X7cp{oa*F+==X${3tx`g-=id>C6;;GY4U0zm3EXEE?SetV}V
zz2{v+snA@3L~8?8c^q;@7ruCO^rogkS*|K^mf9@`CY{z^%l-x>Fkq9c+KmS5NVQ(7
z;0qQMl=nde)3s>cWvV6DR;InzC9f&5oxw{e|0E*A<H}7J(S?GmHd~J)vuWy9GV%Eu
z{Foe-?K7aj9ax&&y`dwKSKjh1>F;5rO(s8FZnR>2y`JRr_1k5prsjjTcFYPFn>kf=
z1+&^AByS(gSjxn0Q5!!9&5hT~DERDO>>!ijJ6faxUt^JPgOmS76i#X5a;!3nsyRtc
zqp9hCG7C!OAc<I_k!vYq3DHg4a-hMx#K0Hl=BLW}iH0L)J(xQ_0^ID?`O5T9eH)cX
zxqN`r^~<N2@Yeik@dt%w^KK3&L@WOk3g+bUKP9eO9h(<$n*R|w<#`%avTtRtpqXyt
zc#K|O>=6ARIi*CBziC^^rbiI;TfoC!E3KrB$F{u_`1|F}0Wa?_k+zwrp9dl(V<1xU
zJqRpO_W1Skx_p<7wjtXjN;6h{uJu2IC6hDU0C~VSxY&yz%63A3R`WJF41L?HlZb4L
zXMH1e`-i@Z;OEG<xxk6SL>-I9c|{|dacM{iQ{aI$UzS5(Kga0z=D)80V(C@im4WjI
zg7-~8ib%1{sNe)Na&slI?uy1GWcu$9^K+iZ$_h~n9as^ZTyCnUY~S)TK!1O7tS|~S
z8ovYqwHeRu<-{<CD`-sZa9P*dZ1P?a!;r>VuyirwTzj5SlmYIKo@1X%#vu@Ch88u$
zWccdtwgAH7XXvOKc~C3)pfyg#AFH@NuxWSERz<7522epAKm<hBI`b3xS^MVbf+Acx
zTiOqVGXfRnZv<*332WE7|I9eSXf{zLRE0xXHQcyHyeNxC`VVYVHPecbnPr^;JnwiA
zpY&e<F9(V3{zGhm(%tAb{gF;uzRh^0EaEKFRA+;$J>t9+A`&_>Byf7oD>8yn+%2n6
zLUYw7*;qrWq)kHxHGl@W-$>M~`XS1-Dp>lg`z+A9ty@xO&dU#Hf+u5w>i)iSD*M3c
zhjH2h(xP;Rv$2x7eA<#31umCc@goHk12vMvB7#EVO>>)9R)c7nu8OHm>E6bd9~yy@
zw$=14&^6MT`;r1)w@!4vI5rKcG2Nn)794Avq_%2xEWqE=srl1#JmVu3;$x6rFjjb3
z#2_1%InaY>YpYw|@ZLbeQ)<>uh@4LxE-}!|F*=Gk?-XAJX{Bb<pm`}1zqp5y#-#aG
zPe2`ED@0#Hp~5YeB!am-|6y!`UWL$(wdr>x^2En~AQ<-vG~mlCsTSO7MahiJyvSL~
ziZtD_exCuAb}%a}2{yKONEm6JTC*be2t+bI-NFoIV6M-n*^#pzwoi<bJMx%&fGLw6
zw3}~bWfN7f$cIUBaX%V5F^7X+bN+f})rC`iNtu>rkYl^62=}zNeq}F6YmQE8RxWo)
zb65($fsan=J%=Yk!!)aIefsPZ(&2Z?M+T&H@+}5>Sa`4s?L(3`0{WqQUP{s+wTdOL
zWQbDHG*`7Lx5sCwyp5@DS|%F*VNi4EZYd;uQH#i9w2z}<5|^XEMTvL0S)-C_QQ$#P
ziHK>=sCgvui#t&{9g=46{29d`2LNJtV|41JTzp-X`_i_1lIC=|Z6krE%ra;|yR>Ii
zEm0kxh%&{uC@a}=QB|!=?NsAod6N5w3FR}alU1EMpd>Xa5jP~CIiZkA`Is7pqgl1{
z5U4?tCZc?fb^%la3J^~PSuCe`(Rzs;AETzlPcHW6SVlxBX$>#8ii--04N@JH<4FW|
zJ}n@B;cvc)vicwn(WaJ$@Jjtt@i<WRP1tBqM%<c8u9TK0zY@Otl}zTlB%`!aJJZo~
zrRpPEE_S&jE%4}5!gjhW=R8%b=lf<Iiqh?@9z!X<HwD}uzWKQluBR3k7J|}cTUTY=
zJvFg1lN3k^=c@3gH|w0w*}I+0&B})IN$s258LV43>8J}7_{4RZ+_&s?`^U^^K0BUG
z2gQDzWE<F8aoS#JalIe;@#Q&qp*A|ap~7jB*fG)BEPH<Gh>f6Jl9>|QCE|K-Faj(W
zW!csx7u(#F5IqYW^|$LIP?vupAkkAFPCzkwM@7Ss&L~s1|E*ld0n8-F#>2ov?=rpg
zrVcl}Xg|E!mBaLKpd@J~x6U*PM{F$Lsz%iCvd{IiJ1eUrnD36L#*emlj(qwWbh)3F
zyL%P?mO_!4OJTS{c*=gM#w#*FW0%$pH`m-y#W3FTqfT3C9Ajx){#$JtXV_9H-{Ujo
zZTY}0z&_a~G!r08>}TNk;Nj`>sJ<RY_!(eC1o=|iHO7@;%BAv)K{NBNk(Hl-A59wR
z!O9;JCZ9%Nb;K?D6?v8JYtX%4w9~;SToQXN2I07~`5fYAy$uyN<nkMY?tNrIto<D?
ztQwFipb4Uc-?;w_ArXODa2r{GtTyrty<x_&iCJ#2z)WtklCCH;HlD1aSq2BX=}2n9
zuJHuBA$7qxosJZkc^tPxWP%1%*a}~)IeC6?2o-9c7*~j1N}^_{sEsE<EN)fjL;@ex
zig=`Q%Z_^?zB$S&l|%~OaAzW>&DV@QXEA1~X}XsvwboQN-$sf_BVw?i71JS05$Kkx
zLfD6-DGaREt}0qIvdDhqGeB_R%x5>VoVT9DA!fh@F}^J<^DwcSd=TG?BQ+xD45_oO
zPpc672qk#0lSe}oJ7`2-ugZ_ixy2@t#z%8nyVmk5Ky&3v$2Leh@h-N7jYU-)B^hkH
zD347|BZj0nn=BJWn_EeL!yD2|d)We|DtYNVZzVL_>qnp8d2ua2b*op8(4~5=Xou&T
z;Ks#5DU-M2(HjA7YRQvmtKsjh;xc%!808K>zp%j_G>B{CncENt{<rd8%g)P>Xk;=z
z-cDADmgJQE0Q=z^cNQ*pQ9W5(cvSVm<u(X)duPvI<!i*-z?537xKsNXGYw~d)R&Vj
ztSCmEc)hLEf7#kU5V$T#3S`JNp<$^_u-UElV}c$RyQH-+?j=hf2w0!WV~C@Cn7f|`
zS!pmaZIm)U&uszU!iRh-c+s05QU=m|#niH%+Xk&l_jE_X{g#V4OZ{*9;3Wf{WMT4l
zqroQ3&d*@IY+<rCaJ6;oxtG>gEo?j6)+Lf23WvC{;rjUSAd^s4_t{2xSfg&d-L`{K
zlDjuhnpaBV4+O-IaE1>8{zm6LTR##*42(|XWVSSJ?@&G)9F{(yC`@Jq?5wg=$wE7H
zO9Q1h<3|I<*3Afp4v}6f8^~koAyUI^I$pJCy^Gq=W*?{iszPzb6Yo#(gbP=lw+hr|
zyY7w9xV&qP8L|!g#;$GmO>#o${sfE%(im4)>&%{R+efJJdcY;pxpyLrUN(CYBMC{h
zNrm>p%Xt1vp2Z$#zLk#cp<GD5g^C=*YAIV_5CeE7EMYW;-`PAOtpH@X5uZuS{c*C<
zmfd!VEWk%yRY(l$FzM+<H{YiR?`F{_wbVmt&D(OCB^h4w&~fpA*>MqihwXLx>d#9Z
zTsgGQq1Eid?LWg71i)u#ZbucrH-#DzX)P2GqtCW2eyiX~o-{yn<?UnOT`n)tbJW8e
zsFoX56~UERTI83pupo#;&Z;>NB7o`&i18Z7F_^FSWx%XIz+d1}$Lt^WCLJVu-joLJ
zXx~3hT&dBz5t3M<fqTr+t_6F+5aUhNFXnFGP=B1J=WG+#n<@FA-Gx*wj2d;@N+T+(
zUNojy(9`~eG$r@shsC9!;%&MjbMn`%W_Hz561pX-{cNM84gSRi{3}L2A;{7vf4Qao
znXbQpI@X^+U8acCpFmynw80Z{<2h&WV=Phy`A;wF_uS4jBB7Uom1o;7OgJsCI$YSm
zrvMl=J%=!ea{4B3#o}k4?YCd9DJdKC(o6ctVoS^~45`cGln248BC93E01EUB9^^E(
z@e5vF0pR6-phK+sox)gEB7lWkb!Vk`p+V>K%NGM!I1mGx7ia6^w&mV6^yA2om*@wj
zIrWs&$fl?UtD<nA&z}&bKo(1uBlw@R#p~uac3L0{Lzh)=mSq_kEWJr{pZvp6eed3$
zS+b;outRRmwhuVw%{4qLz7D<#$Pmf3W<DTFHJ<Gh|MB%F!GRs8BeAK*T|XhjH5csN
zx4>zcHwHY8?)uBvNALG^0mt$8V7FKJBE0B6Z@!DyEgRxJNXd!dt%Q8D!XD{(Jlw$l
z$oaCGk*{*8osrgzRMdvcky-mEHcs^g8XS%tn3^$$GzEkOLdjSFrKzqCVB_5hSxJ96
ztM5kR>FfT&0{?tvRUL<3JEAJ9CjfKW-0=zP!v)hX<Oh@<^|Hz1e%O1U%yGDdp(Xu#
zmOD>p0s0J9qcqSdHPk^3ZQT6QxG)ow1tpA4@ej<~%^`-R!=x$9SCaQ|X;YndN*L4@
zLXQl1o#Pc>m~w5Hk8f7JRr!gyGGqC{dsSa3Zma=LXcX)~b>W7w$xFSNjcN_yRFDzi
zKFsD$W9XLfx5w342Kl5FAJb!YRQAqHd}F4hhi=3qJq9HR@JS2o=-IC|q0dgG!t3TS
z+o=ByZw&(Q)<0vTtEyjs!Ia|1ybC=V)kn<$7u=G@odWYDk_pWt{S|(pI?;}7Yj42-
zKYuI+->`PyCXrp5nQ#!_<G0s}(#6r$LVfwu_9=}MtgL!)8sP<%1dPPVhgPzPX#Isn
zrujrk)3?&7Q2ZHxk$?N0i+#{`=-k?^K|KoKYYr>`T@{b%DP3VYC?E8deO#T<D@Xqc
zjj9dE5Hl@s7X!%k_6Fb)dmv{v84KVyX#PTsWdX#@mp=+o&N{PnJ_Yl28=O?AZpyVT
zs=T*6-FB8asFL;>m+MYgOj?UePyeU^-`d7@WyaUjb1fxL&%(B>$w}M>4jK72w`SWs
zs(FIC#Rj^k*YILNLEo9FEDB-ky|Kst;r?}tK>}b~!`Z|+kNkJ->-54OOunO&_k_ac
zdjSuhakzHAjY(}W`p`eJ!n$U%ZJ+$L=AR4c;)Z}<{=+E#LwESe35&XNQ_f>Jyogqb
z_5Oh%#+m<g^#9z)@V~nI3a}`fy?q)bRJuXByQD$sP+$pZ0qK?yR6<3iyFq$sP&$^B
z76Iv2x}`-z@OyR_P|thL`@Y|~&i`EB^>;^hW}caO_IYNXncv*^{hJM?;Y(Wc5r4+4
z$gV&&cKWbMZr}U$mfA_m(i41di^I>Tf03z5DQV#w?!BJz^WJ1L`3DHxA9qufZH~cG
zb7#Yhy%7`@bKj69Ib!;<k!}vUCtRCc19%e@ZE0TGg)8=Fr-iO(`(i+VrT0(V97%?7
z$G8ckN&zK0I2D>SpzxsjOn#vM{5dY)$q%R!G{<N{ci^xpVy^|9N&#Sb&1n{rGY}SC
zY;BB3{q`K+fKyH#@Kx07f&q0IRsif+=1Q&hW@R)bgx;U%5;&(hlWxK-2)w{d_@yEQ
zBP^F+>tIuQDI(7#G{u(QiYUu3!eIQaKBuV6652-=O^XU99dx=(ibw6QT`M}@sS&Ub
zf+X579<|D=i`3^aySnm!#Rb4e!cB=$K9z8dxzzv%j#G_SSjr9U5_wq^eQ$dkSd|p{
z_~?$yOdobv$acvoVpR#x>g1B=mEqoXjuMj*yo0xMze|1wRgR|sV3h9%x<Wki&Y|nJ
zD~(54FwX^mcT@pZh6V{Vsat(zEw%HQH{A&r6k2ci6wy^Db)lG;#yOj|65TRT0hYq-
zd?*1Tqssx$Yip412~C?#>=nZN99C-Q4Gb~T0Bc7Em~`qEr#r+(E<?#AfN(4uqwzn(
zDiA&%H$wI0KpzsmXwsnW4#^A9>&g%GnSTbMn9S6wa>H?b2*<8XA?l7AgL0C}Jr+-`
z{{*|fz>R6<rPYL<MVD@5rwebNW7ospT;8jVL@C7`W2CW~dvdoKGYMi*RbL4RL&t!u
zDl~Z-TkFzV&8>BsRe(d4>=Hl;ppWJ7%gqUa4&+2yt*Vud0OsJz@8l#JCMzC%K8%O*
z{k$rqj>oX80st8EJ<Usxp;R?zE;{flSul<L#+sVrz<r?E3kMg>n<hDW<utQ7bsA8L
z>H1`)(dtqmA?Z<Tt0PwKj#}+hS+a&qelORdin0dJ6(${)#8}6+e)Hhk@s}0h)s7I(
zezQf6@K$t`7q;PX;7~!WF!nNuw>mU;PW@sjbL6(3WG7@UVx0Nr_`D*ns?G<rm9-L=
zsHjDhlxz(|gON*i`9zz8JM-{3Fb=a5*?ehCEgjW&EL3bOBad+JX47}X6D7x>B)tX|
zyYK6>)7}i$Hqyk4U%}RX=D8A@L7uQ4F8u&N;ICpMa<gsWzH~PnN0ho?swHLl3HL?+
zDP)bc#d85!CxzU$|B0Uw$ELycLI8d?yB;nna)#(caDLK7lrr2R81WdbVMJ98tkjg@
z5U#4aBF|7@U!Gj9!t!xMQn_&PY1CW!I>kt7Lz)B(058HSeaYgx0Vk+cfX*|K8M>f6
zoZaNpKc7wfxZ?dV_63-P?}}kO13S}f-_dcR|9ZxLz`j9kg3;89^81#7V^E(9JS|LC
z9RPCW<A+*Csb*}^o{Evr#->zIfzbv{2kQC&r&Y76lI6K+R$&7O-3ZJDN!6j60PY^e
zX$2c^hyaBWHZUt~YN*fU1LoQV;;J&7YF2>DwDFVXh=u}_H~BeoYW!BAM2DnYUA<P-
zK8dwbbZxQuCQb(B(2YDd2E=D>Z37_Oz55YliNO<&eXNEZ6DiCZwuNMh@?S)FKR{Ud
zmM2(;4<*MsW?2-{jcqUpEuz$RV|nZZ-|Mm}>Dg!}>gj5dhlP}riu^#JzdZ#Yuz>X%
zv$OWlBB!9E;bA5u7xLN|;wI590e1h^9!W?UKhC(|QQ=6hLW)$eODkRw)huNtf9obG
zpk}fCLR%W)?2_7VGGDs$pcLt)!2O}^cqdZ3%PN^IFRRuVR|9Uz%p4RYG=?YdPp59b
zQKc*atWo?fp!dE+uzb}}Z-jDY^Uu7RXnZdGzIYpTPo~aPbsnP?0PJ}ifIXqC89JXK
z+}66|no|#00XAp%8`EqJHc|mrfKk;n3*J~U@K}4e@&h<2**xmqkS8F38Q(cWVYOW?
zS!4jgSrJlvQa51|w+8Jmz#}J|I))ko-fr@#P<t9`KoZuGslXH-n<7L-0Eqq#MqKSX
zdB<zVSt)7m7sbR%HQovx05&at?_F?u5Ae(M?|L%|0G=#XYoyC@Xl6cTs0PD|;Vy>P
zS$&{%S@!Sn?+*lz3)1BXAYCr-<wpXE!0N?T8?dqs;0!&?@L#;-38IIJYXo(>k+kmz
zu$whMOWnxwiA#3Jb!<y#%h1L*kcQ!%i$QJaZk-W%)=609^zT32ZFno6`pFjHCt-L)
zk0hFZcjzejL(oSG_v(0)<n+-@dX48U>%@6l;cpv`bi(4(vX*D#%c+gk(sY|@eU+?-
zrt*dd)uWjD@FMQ1%tr~}t#-JSzQZu<{YIW%{?LyB(jHBFAg+q79mkYUy2+WIz_6P@
zXY_gG$oa%xBFMIo?F*g=D|<Jnr&9^P!`wLA3el|6K#72Q$ci<<!hX^1Q)oK#Z5O*-
z1p!8VUY4my?cm`zlcgQ4j^*d@C-(I$Y2X?UvRDE~pfgtlhFL{7z7ib9_ldvNBYBsy
z5dH<40<fS>MAcU?P2uqkp^tk7Fi!Vzu*{lW1k(=$I;hj&TI1N>g&m3a?OBfAD2(*1
z0_G6rtj2u29<4GNsm3l~BwBjPg*^$(2-%ib)p$h`INtyhPAM>E0WwzrxGv@>Kc7Sb
z7ZU-=B3x7@sk6rpTfYJ0kkKb3U@GN-PNk5==_Le3h#NpGgd)>5f@pOz7^s#{m;ovq
zhB$VSQOWyeb_FuBGp!Ni3MjNbs&jo+o2BYA9ky^?V}6wF$<jwJN^$39iK|pXdsMGN
zla8)7w=z}^D(^x3Kp!sONX1Go4BlSX%AcVU#y>mW-s6crGq)uE957o`qz>HEYg7C1
z?EN+-G)Od?@dJz;m~utBM277Y>0JT8t*C!?ihpe4us8L)=r0AK=XyGxi^-C*uLe8E
zKNf&~*nnFOIq^NR3>(&}wk0ttb<!g!YjXea*?!hzdR>=pap_v6O({#c6$Mk+mRi66
zRn&hkLZ)<smv@A%v-28K9tOiU?zEVteTP<UfMQS0n~X*$+8Lq|fO;Q;FAkLG@JEl}
z)DQoZHD|(483dxm#|v)8+x<+%#<7|BJPDEIiw?kN6G7Eg;RPQ#Dge8x%29)2@FN~x
zFOu8ZP4X%yKqWUg!ae^i9*?w8M|cP(FXqtNX+2hnV2ZW(%Mk?_U@9R*)3bBbI6#PE
zs|d(X?;E!6#p3Bd1kESKy*3YyG4nrS7m#0Gxo4hD;U=Tc<)Yco3zEr|%>m1xc}KBD
zD(=+yXT;Q(qI}3F2Uo1hgliZzv5xq2Ajd$x?TG#buu1&`fpJIA=r#y%LoK4rcd|y1
zOPif*f)^`$NLX507t2<wjk`p@$RKwyllihjylkf)dZI@g;e?00dD%_k)uC?um$lZ%
zkpu%l`pEasjY@$yH22Fmdr;}0JJL%1y1wDFvnL^cy&ntxn;T5V2CO18A}RpeeF|!T
zkSTkWFzDGq+9@QsIWEb>#jZbB*Ka2xY&|#gia1m|QAP#i(*=|Z9W_3}AJGV)2cRYk
zk>8bP@sr);345AY5UAzGLBBZN=!prV+LGtg6mGO6mh#eFA$wpqd>7(IR{?UAdbEX0
zSqB|F8nw^$#R_LE(@okMLf~0dEaOq>ZY!1S1o{<fPv+e4TfQ8(+s-(xfz6t}C3Czj
zw$bt3H_6Lmxs=f411j-0-z>to2&)BY&Brym3G+m-nR`|)m5WXww>ew;Qf9_!8(V8!
zDK3u%*MecRJa-5A(VK6<Q@wif(CW}q5*@^_=&R-SL`<^Ep`4AABk5+k&K%<LzQ?j)
zst9<gp7>Kh9;}Yz>Rrc78x7jr!}EMtlBw>z&SO_HR~s9hFy2V;13}QErFKG1?nYBJ
zE8t%##IRtbHC=Htll7~K)yUn;R}BXMMHp1uLnP>v<J}Dte^P0q(U7G96BJ+mExO4m
z8$PVWdz$`cU4Te~29Pg_ZYx~kr)#EO!roP1y_X+yx*Ly6zZCD~n7R05z$H40Rk80z
zj04Ey0YCmgL5E^#!bV?JwUjfBc7|IxdJmhLHfK^nvlhiX17S&(&&`{Cmapu7$Lg%%
zP~B6G=QZSBirSq4c3;rtl<~liX`<p-$$g~P$QXscCi36)7gn|+q+7&JV_c9KR18L0
zlh&=0ln?k#5=sJ>gmzy@LLpoZJdHfcfIrL+1Wl(q??jV5K#yLe^_YftDdNB93o4W@
zC>baEflwrxYqy&yJy~1ZGFdS3r6QnTN7EJ9jcPu4yaCitVgIJ?9b(2e_-w7RWZDBa
z6H;1R_Z`g*gJXdeQxe@b(!fN3oP+?vs2O0H>Cu5kPW`!zfM#tR2{O@R_DX8$m6una
zalldQus$-Ix(HquW3G8zScW+RI601}e>KZc!>$qYCRlq4SC7(#t{m+vl^{ox!W>s+
z$?R3?fU3Fsv5L2csQB<hn$_0Dq|4cFjL^q9vrU#(bdj|yXy7OpjgS&`GSWnk9an25
zM`vg`?iS7v3_+yjT=m4Qj8o`t$*AH3dj&qi>M!UI6waI}85*O=vSlHeN+(bq%q1|&
zTX{^(;opL1SQ>uQg9Lo#Wu$pH_z<(HXV#jYZ|s_3I%Mf`3EAaL5t$0y?^D25T}k7Z
zQ7n-sWQv8B^giZAOq;YZ%T~E80`V;DhZ$fDyUW$SmJ}|yvtJ+(249a<0pg`xU76f*
zTy^*Pp#@hq4Dp4xba;Z7zAq)n{{bPK+wFZ)vJrSY%(X>R##&F*HcH`(h<=csgW2Yo
zSw+7ATi$Tawt2ao%S(N;N_()CPAqmYhz>`yiIpaoT}xL+tXxB@FIq*%DZ67KnANfv
zSLSVbkXpaWd!_7^H)hw!al|*%4p#spq4<bQq>Npyl*qp4Fl&PKh3c;Vl3*ddf-i_S
zDRoRP9&j}OY-%-lN5}Z2I5jh;lQ%xLAtsjDRAi1~kmn}$_uMOL>a|Z7CyAa61QZUh
zWv!-`#pLg~1Zovv*FN2%N;{Q2xlEE8>t0wxBNTO6Ft0pTK7O1#F6>D_oY^xoqy@H8
z6ENZNt-I0SOv}ne^7st!n6a<Nrogy$X1<MEnhbq_uDy~K1Jm;|l`6Ui)0Ua#G-W1J
zUe40~s*ojgy|`|Uo7LfZ1k$|$<406W%0Cdi51B8y1iWXY39roZU*V`F8zv8rB~dDj
z&oH!CvN&Dz00nXxK{&1O%dc_^$*C>7@ZxRuGYn0Cir{IQEX!h&wY+^_K4vs)c_2A#
zDbge%je%G$iak=f+GYAKsB*QXJR;#WcsUO(G;8Iu-r%e{C>V{Hrt4aHLe;1dO|V_i
zKv^&o9uc26BXia}gP4t;o}IjXQrZ4>{{avWBj7*&jiZ?3jY*N7I$HOnhk^ZwF)r2U
zhK`Uj+iR48s415Dc4nD-ep4F8C<>yZX}ZK>DaPYg45OEQFdbYIrBHU=3a&ub$f$}<
zW#0Qj>?#$m^hEluM*7%K;pB}Sm6ogGY6>@DmX`8GeVKd16gmc$oVXbmp%mb$D^+Fq
z0{)}|kkCI0Ut76t5)<RW%tF=zx@P0`A1FMq1_A`NiO1QWjb&9_ahk#N>@<n7R@S$~
zT9e_92PtXh<+U!%@_^I}Yi+5Wr1>>u<}|L=xPvJ(nd<VjX#Af!Q1Z)dF}@ejE0nWX
zE)=7`(}2(t=!@L4{AT6N*I1+Wg*9zpCQV}f?l|{ONCg0{&euU_%FF~nnrMXiyTWzl
z+K@S*a0PVbn;aHAO}B9Z09`pHQ=Qr12-E!l@dOgy1sA)8?%6TjCicQ5M8z=PmO?Hp
z<;Y$I#kbnx4&8?pQj&yINebQ8A+F-Kk3zwQW}R6<*X(e^1!4$Cb7vvp3!Dyy<D^$Y
z%)`Uxk(mk&(pjm^Aot^Ax&z*4<^j9D4r(lpe~g;o*}K(0`I-H?YbEEAV#RdyWI7MF
z22*Cabas?N{Y#~)Z6R*6YBMq|PI><d%{2;BvK!K`S&hr$jjLah3Gxh2dkmB%RB7sT
zgmW%XuXx5rXX=2_!rUB*CG+{Zt-su#4qnY*3SqZw<(P=XbC!01h{;Ei@)<L`bZIX0
zhi?T(?gR_bmXw0-)Ns}b6foScb+O?h(v^!TcVf$H`O5Fj`IwWTm0ZvjO|{xqtyN{V
zK)34`t?f!}K0x<}_KNL^eq(?v*4x*8DjNDE5u~CNxqe%zr+%%JO_b$s`h>>2-b)$g
zxiky%T2Gp)Kp67GmUINV0X*TEuRXG4-Z@7OI%B-h;mD(F@c#IHFUouL1ikQcWydGR
zo9$RO-TEGzTl;J~uYVvEoEo{PrwQZvbr~D`aHF@7zZD6P!W+<tf`rz3msJISz`)UI
zwCNKxxf_&Vb*VnbrqEi2`-p1(>c@vpn%O9A^~?7AT~t}VpA)-Rg71#MV@!OKbNDh-
z$F720Q|_8?|2u+AF_S48^@ZdS7HuJwg(Xbw1Q|>(<;(S2$#FDJ?`Y|Bxz&G;4MZGH
zB+P6bz^;?@jd;U(h@aKZcT{O98WQbhq*i!6U@EUDO5;1Eg@cx_H5e_PCz@tw1>*ZK
z!P974PIp^J3eA^X6!9%iJsrlR=H17Zuac$`c3;}nS`Xi22xt<FMlDuqEvHo8Z(1dF
zGgqBjK)k+sm)eChpCK%<EN_P01QWk)xIsR#P(4I3Xl>vMh51Thqes`H1v?P|Q-?*S
zM;H+vxoR<&zr~YRruU<QmHmQ(S4o=rx?g&fp|+E~C2|)@D&X9{5zZ_2{>q|GSgd*f
zs-_=(5l5`4qw}Xa=qim@MUXVG&o*49_MEUtb|;flCm=nIUQTj?3YCd6`*KqB6}WM4
z=J-V7tIEt^QkV9ZeP}7hejffHjD&1f#(_E7M9~+}H?Rc+m3%0r>B3^13=W|2x&|7?
zxt1A|Ho(GcDV&fcgbP^PYWBM)Ph|ihy?9R6&gO#rYGHbrd0uj#bA$tj)^x~v<?fty
zrjddRN;961L#S4o`rboSmroB+A>&~Q#jglt3PI(7Eukeg0DN{};ZGWvmB^>Y(T$_(
zZaEGWC8u%TMFWqN!I>6XyvA1oqH2%2a*MQfr0^tv6}F=pz(mO_fYAZzF%L{^(%=RV
zs)H)XCwr{sDJUWiHB{IIEYl6nd=bjTx6XFdX-xw*)OqX*1GE5Sm!bVLJqLxafx$3<
zufo<j0Qchu;H#mcm_PAVe!v}w_(%XIpaWJ>q66ju5}k0UtQsfxC$I~s*c{hDF)c=M
zg3{XEYeD)w!1m4@7T(!JybS|^@t;>(KWy&JE<QYRauzwcQT_Tf>7oR_sWZ|l&Icuk
z1J_EpNi=%EXQugm+c7HjzgPYI1daB2fo`VhX0vmD^ZzuHm(0Tl_R(*OSiUth01P{V
zp=rmwEuf)3qRqzZ=K&mP!~n%5oRhkgNHMkUeujf{02*$nLl8gUoXEZO3l0uN7HO$2
zHgS;y)|}Gk3b^}X(@;e)KxUUdVtFaH3Xs`EgU^aL;6n8ps8C(&0*qD?#k^^%X0H*L
z$B`<W003|5DoM>K99@YVgdoKcij9)#ah>O3@lAG4h9H3JeVN$T4YIURHzTdSonNSr
zhnq*1zI2(etWZHhzOB5eme;W>NNs0!fZBs@`Wp8A8X6jsT#gF8(CIrdzT-U6(V+Pc
zU3h*1T$)yI@63e6I$e7!VbN#`ZcQb4dn}<uyz+F;T`P3`pj{bL9g_;O=NJ-8NaU@(
z|AZFY3Wj(?_KHJdV+0#?_MZTC3Il->rr?DPkLT-i;DrE^35n8KwE^V8woam<qZ@Kc
zftbZ5R2J`q^>r^#oO}icxzrZd9rc#ZQE;-`8k}zSy%RRPYj9#TwgogA^CfodNUeWo
z=tK6tQ~wk`Qln=qB5-yet@ia3Hj~%mG>Oqfl*YsQZr#DQB(fddN?a$P^bS#$tWH<G
zJBKks8$nxYy)G8dLLO&`;yX`~OlKr7_o9-2lXYiWs^M*t6YERH`2VDk9q$Jb;kllY
zE;&Cw=6$Q704ggCU9E}6QDJ!jt^!G*O9}%Url390h1rmQERNH^(?3;mETJfDs9PO%
z+9Rx&?sNBQ$uxKW?8hskCn>O=sb#(GnF4$PY)o3;<U>0?=B(ov{?PF`FP<Jt$O7Fe
zp!IzHgvsCyeIZsMsizU{u<$+CVbgnot0&|VN3ZtZ`e$I4+ka8tRKln`d7H00=&$a*
zLj`Q*$bf@@goK2Mf`kO@;t2mofQ*8Kipa&wuX<e)?H&#u4;^fCMkGYUO9&_9K}o~I
zdZo|xGX4v%tlpIM#e&JByi?rGvQf8{qnckM@4-rXN}?LMz2tMf+r77~hpkO1-Gp7O
zCdSMd2!tcGOYis{7Vn-{>)P(Z)0%X`2dU6QNXBEq?V?Vx<h%9Nuiux^MrNm0n#5>r
zKNqczQ3fx8Lq$zvNt_$1=|`E`8GDT<vRBvidx9R^Y9?;u4l;%Q88CR~+2XWyo`mIH
z{7Gc3k|Ch<xJbjRz>?-g8+ZyfAs6lZR)*K&;iY15FWaw~U0S817B4-Hv9G=k&97Kr
zt4Xk5=qdXA-R7j{RZsiSgq!P>ir|AKZHH6-)1GqCO*y(rjvxc#8g3Vp<!*kq>yvVf
zm>EQ}7kRCHf$$_r3D~z-Z7%ve4X*+}Y`tQP6;nL}G;vY<=V1Ytx3Q%94`63FKU}V*
z;^l6flJ{nY<9nI7n|L<4Q;)t=&wf%_-p2^T<iu*{+;(!aSmNFKY<4E5PEPneJy2?3
zhh7$cqBeIRCWRPq9a@hCislFfydGbflF&AKXK-lwWZm0BWwQFK8%2#*QG+jJ=i}k%
zX%Eoi>bi)_i2?Cpc|oN%s`iVsSFk|+lwFIneBRdo>b0FeGVx4FfAMct+AeKBI?TT+
z-h6Ax^jO$yp|=mXYKhXU4gC``SeE@l??+~5Ea79VdE;yEsC{o;dWl17Q`}n>B2FyL
z<#&;XMf2xL{)eUsO8SmxE&O?DG7jof8<nfDPG}(SHKP1{x^h?;ophM}^#=k~ujWg)
z;?boZ5``GG6R}tJDfvKW9jpBFNWL=*x58Dn>%@{=KE?>|5Pgv^p<ToJPbbT5SPy5C
zjjFwYaflBG0TCG)2?-73d>}$XKtu_Tm`UryX`<#*RZ|Bc<6h^MlrlDPDxtZ@^R#&D
zY*e}|fpEIc-dbn$*lANzpaiiz47<R`?mn{3but}<@eZ`%|9a-DPwc%Vr=L7?r|mss
z_jkYCL3Unms7xsn6SLg<ni%N%ynV<X9`zCqJv;V!zBfZ8YsITDHpBds?clqMYcl$y
z$B~bZDhz`Y4@yTC4pv36drMBp@QA$oZef`H8e|BUy`4QNe$Dz<aap2S?46^Um-z4h
zJOr?R$DB`l!Sk0PJ#ZWC&`X0W>yJT|*U_GWB4g4h|7*RT_sE)P$=Z|Rr3tatqXxZ&
z$`h~BE{@7BO3&;S;=7Me^X_S5{2EjnZXKsAul}0#uj2BR2o5PjgN;S_e;(4jr;Yfz
zSYP~QVAAsu?A^&ib^K!pP6>2chIVE-^s+*N8(M)Cyr*z4TTQ#{=h@~vDRVhng5q7r
z9>)g2W$NmCYE4gB#28pPebsyJN{O~K=ItP1Q`Mk-kiu3^)Hr#}`DN+LL!#9m2zU#z
z?+(aP%p#q<wLg6q=?nf4WPjh(nU*Y`c(NlA*po+K!{t2LwkRve!(AQzTbaMkROv_g
zwEu6_G+<-zEqfgJ)!Tok>qyYa>&>>fj<@Uv=g=u*7w0mizyHM0w-b%)S-%A}`&Zut
z`v(6Z_uo#cIZPYTUt*5_x5M(Nr?JH{&|APGxerNs4nWkeuWeDqwzwOn2&gpG<H5UQ
zJQ>zY;)C#h+|Pbmy>FCmVzPO}BvrI}&8EhebR!K7lJkEx@ig(d<MQbe+_XbPg<5yW
z2<NsP5;6)t0U|1|Di{BC$$MxxXQmx8)U-Ptw|SzlZqjCWpOyzF{?Z3u^P9ZXBw;}v
zvi}b=*4!8B=}K4UJwHfTA$Rf)bsWce^`l2v<cELb`hmc#p5a<t9nBizu1&QW8XS+a
zz}!;2-5E<%q)5OzZ!Yceq`Jks=b||04jO6r;Dfb-vPt>nppn*I@||S&xlBL5h-`K$
zs>g()WvzN0cd#pB4i2j4q8X#M`&y(07YiF;Ekxqr>Dzs>WJ@i1_8yao?aNGIGPqsn
zEcN@_T3X?V`F1O66rrk)l-aLuW6gRhZA%G2{oiW<sh%3rDUF^Rzvk1*O5?LL?NcoE
z3+;S0v~QmO@?A~bF#mMvIC*!4{P58mLE{~_Q>GM7P2eY*PLkp+edp|)Q%j}HpLL@q
zV2XGIc;`CRI~07>xya)qv}A)NEeyC-L<EyB((o$q<k$yLciVLRc{{(AdF|3#mYbA-
z`AcR;znT!Hu9!w>^{c~&De_C5y`o#m9&?#7gPowT&+QWj=}(e&--F&)EidwOujDxF
zKAn$;b!b=Zk({`eX`5fRHq{*T(tx;sS3u}t<Bsyz2jYuV3!gk`Q%Zpbyb7+;^=i{@
z7@ryd_u^QrA%JleTF6;{R?w7Cac?HUvHOO367Ox2iQZt^T&GN{X1<?!*;oTF|2o6X
zc}{%N9_Q~BhBo)wLA1Ihwl36TFT|_YVb=e<;6I6>^iaAzu`K-PlDZ<*{~U~d`x9A^
zD~C`wy5f~63MOII^ZY+cW?NvlB?kBM{jKsNJDW#g1NC`wlg-~7I&j2#@`1TSR9@M|
ziSz66yj!5Ort8X#l^wJ5-n0k9qiQPWtK*Vqx4Z1TV_;8Or+>=`+2eq#QB+Lgs!vi6
zrFNb#puhi5CuM@-m~=rWvA}S|duHLGqoX3imzqB<JXJ1kDZs*OLcUHd3D|eIG(7i=
z&kQ_dM3{khrwMR0KkzGZk#SCEeT}2P9Izy<ElgA0N6_<M&m>Z_dw*JFHRpX>`>XRE
zvZDtL`JcRBDH^pNNXQ#FG=n)Lzy}giu)~k1LdF|VejuPNPd%19y*+lkm&{=OH5;B9
z{BpcUDY&=b)i*X#tt342YfxZZUGx4LRa%7qmm$I)?WDnsZSBRM2fCDRq1G|3@BT7G
zs5E}ATnE2){9_3I9Jqb3OS%0$5xh%vDyXn{RcVnZTWFK2v&M+~2g007^1Z!!<44XC
z<{O)n=@dM_h73Gc*UF>!)B`Mk8Mr0zyn0LgT;BhA2vRw2FP0WI`^zB9IO{OBuXZK=
zk3sTF)4>xDqoK`*q4QI;*S#0o0lKe_F-{DK&u<zTK5sisdb9cs(!OIK<?fX|djcF{
z+B&(@dUO@u@xZm$TYR93-fqZdJ*wLPZq4G8rb8p(V6hkWQB6G)#)za=4O00>f+C+n
z7tXQKlXc)7)h3nI08w}Ow}XE(^TjEeSjfNC#-q*?p-}fzm0fW_awmKC$(N_*4h26P
zK0iSouPWVM1zoB7HK;29pv!s|h2wuDWJaED|JwThHf}f&iZrvm;H_QvX;SahI?&(k
zd%J)B=*p=C^RG{1g8S!z=o9?`Xy1+BsQTueXKYmxr)!%<n8^Gh>;3=L1npew!FTU!
J;3rnb{s(n+DNO(X

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/overlay_constructs2.jpg b/docs/userguide/storagedriver/images/overlay_constructs2.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..bbcd6e0057728f878d46cb97cb1d77edf7133356
GIT binary patch
literal 84972
zcmc$`1zZ)~w>Lh32%>Z-Ee#?d-67owNSAbjq%<fX-64&1cY}zM($bA|gTx^PdFKH7
z#C`62?|bj>_y3=n&)zd@$E>~fTHm$yo^#IS_~jgcCMhZ*3c$d?0u0~*TuuQ(02~Yq
z^n?RXI5=2%M0j{uSok{#2=It^k?!5Qi-d%94+S0d9x^&I5)vvlDmn%x78ce$RGj<R
znD@~!u`r>XK-<EDt>EGBVBSNzhxz~fxoif|5n+;H_u*jB0a$bxICPlHR)7$I0bpT4
z?ttGP7}(ngx8M=s?p#g+h}Q)dvYQx)5g3S(;7N`m$MLc@4TJP4hTu~S;n#$zW4Gqd
zw~Er9Bur?~nyAMrcTHm6Rp^=|;4NgerhFWvWY$$J+&mJW6=7DSmY}8~tP_(m_n}KW
zNZF`b8KND<QeRW3UcpkID%rNqtYPo^*xcir!V*S+aJsN01tv7tlMlAyoHur2;Hp=t
zJGm%TQHkH2Dd_xkAj_aOZm8ONNO0jDEiFxniQ&`Qk~u-9`AYS6Cjdt<d=Pd1(Ro%7
zxLw;%_o;7J+qz$TK^5n$gDY6kc!Sq((2c`+%(Up|C7@Z8x%NZuS%3e!YUBOWSr1R~
zqP6wvXQLN=Fy)_s4wg~Ik-7L+*%dDU);=4^+^Q1;TY#YPDn$8E(8XhRWZ}T9N>PK>
zB^y)2UgNQO=pxL70C1Z#LL5N0PU*kP_1PH`Em`f;tfzEPlOE?MW)dVUO{bPHRnePG
zmIdWk{Sq+z0-b@;(~%S0*}J``?zB2t*PP@GhH;+}t2r}o0C218jRO+vY^tLd?Qlis
z)6f=nyg5la-pO+x)|8FP)e97iDpqxb*BJP`0CwXnbE_ajWSi+1Tsb{nU|j^}8P26$
zyTbd)63SnylnV<CoWBk5c^>@K30V1tBG$jza<X^{Sk#1Ys5S6XhrTliv6-I3%jt>r
zC${zn0GOU*Wjl}CuihMZyeia=vQ8dp)PtmwE^{4VPx1t>YPyw|gekV}{N&woXE{cA
zU4LXvwLWZ2c4yOdTVq9fD5RoZe8W~tX&A0-W<0cUk~j74YTt<srOotIShRW3ixt-#
zt{MdH&(0%p(vp;zcLEM_(koF@Jt7dR(y*&60(ZVi3PW7U%|lmVMu-fy?dU70TkAir
z;w-?$l)La~ys$fS)r;5ICa^M=ncm$yw~OCN+Mm9+3BLkr=SG!sR?G*n<O}roZa)EF
zCMCKcYeGolnB#W-!9!3o(4pCQpnyZ8abb{1(9#&CQ#+_hJ1mL(=mqe3q)az)L#{Lv
zc0}6%tPgOetoP;kf@0r@Aa8zw%5_E)2vPR0GBRh@5Z0*d5tAqvt=)M^{I(QYneT@b
zcMTjkvL@OBm$r4b(;2xe{l1_6NvN68l9V`w>8^BsE*&!EZ)<j5A_sIpn@}P2@g)&_
zhhG`|n$R=aHAy;>%H=|(d@4Ez(5}nOsI48TjuE!Q<-4^)YumYxB=<u_2a%Q*NqZ6(
z<F>t4!hd=Wz%;nipbu_E6mu8CJ$DX=)?INe;JRjpAxjUUvuf_PlQUSh>M69w&%Y7}
zF^c=HuW3!W1esZ#!tDqdSvTX-ie+uG@!BY1vh~nmj94s1Fq~SLKviu0?y>ja`zu#B
zZY#fHJKmAR3l7fNyM2YD^3;`-m}>j<Iz?r?S+o1KJW?x31p4a)KQoHkY(}>rnQ~&~
zZ)<m+5Gt-n4^*7Ev)`Wl{^s`9^7>Zdqc7IpcFb0OIp24uGipB_`W)~MC0|<*sl16a
zI`u(Qx;;W_y0Eka27bk$|GK027-1hwzFTKsx696A!P>rsls|&=jDB*_39+_{VcSXV
z^oAQ>>OJ%LoezuaW1!`-FGFsW*Bp|0I`#Dov;Px-JhrYbCsE#B19GLbA^?gB4pg6&
zb8rS$m30}Z<D@C6`ceYNw4c@jsHyo!!{8906HF-oyYjvh=jh$O(+Lg1;Y1Mr$oh%=
zQlhe>@Ax$9P9Bf?NkQv7Tmrgppp!ssQNYy%)reI7tovEfSK!Cz2;n_^Ct(sK2r3b+
zRfp+jvEf<pxUT!FSMiXCU?cdmt^H}JPJG5772w%iD-v360Dv&j??P9g$AOajTbCWI
zuFO<L5d<{K;qrI>pxjvQr+xzPO9rb#6Ah8ALBlTi1qy0yC*aKWp3W91D}7KtRIgZ-
z69%=xn5Vb{Yu;^tT7_!fz7B_K3@Rm!j0t^>;|Dl-2UNOkClWCWUWC<R0k*E5Ir#Te
zR1A4*?mp<Uc?AN^NG;fBe`dP;lelO}o`4whBn@*%x7jeNjWdgW4Ffe|r2;-eHBdiM
zqClLPd4ZSF6Q5&R!KZo&C|Zicl=EGD#H~C#uYu`z;S;SL*J9Tn*a$^so>3b)I|pTO
zUYs)+biQq!Jbb3i^L;G@esvePy$LBIr0>T2R`-cjC7$o%7_)T#P^&|x1Ey=oCH{wc
zQXl`f&`no*F(Q{x<N6BE9H_}uRT*lK4uD4Jw!W5(u=*9ay#>j#9N0=L<_<=9etKgw
zIov5Y4sQ<D61wQ_Dl0{UxXE=1bTmDABfx7|rN^Ze$=cyiawr!Mom>>-`h%cd<`4H1
z_s^7@BxOFnQe0QR097~b`=`yvS)2C@do8j~XMBG;-avWeBD5L8s9nLX-G}?hYK1+L
zbkCd3t+`wtIS|XSMoT<N=q{Zm7EifGbIqPx(E2|NC$_G@{GhzrH;*kVrV=U#&J`K}
zfYATAQMjLf;M+BHgZL&z<G>daGzemZ`(5aGHz6f`7et`gYCct|{2GB>!Ap>rM9e#{
zpTtQ+l?`Tft7N-%<;dj+!-+m_r43gX<n1;jlS>91x}DcX7}G0fQHFyW{ZI1;A9<zk
zefv0CCq`SeU49`HcfRK~6mr;BH=YQ^WT>6=f_5^>AW`+WC}v+-r-+faVEo*5QcQS@
zn6Dypn~}i1{({oJf!f?-3JwI^9<~nCV1xP$bNlIO71>YI$w!HOuF*>~_itNw&+qMh
z2-4Aa>vu4|4|U8;@A8MsYXWBr6lU!qvfc-f*Jcxl2{qdNOYU63bGn)+o64sVu=;iD
znP4m<{3$NQxZW=BD!9lC@CR`Vqa^tP^F7Zw=p<&N{H|cU6#2K67j8`710li9BjTEU
z5IHe@oHpM8a50;fiDEYpuC($5oF5QDK73pM48|RnmTC!IHU3bKYyA!n5?|QMfNm1x
z?r|V>6E2K5Jp>!TzPxwjq&9lDKi&KaL7_+vMLo*$D_1;Yei04U0`OL^p`(d=v`LcT
z;KSfy3DgqIv}qvemjJiMDkRXI_I@TL5sai3;Z6rFrD$E+Ht&P}Px&wiylb;oZR*#%
ziWxR~4RL&$&6(9ecUzeLHBQD5XRZ3#7-1{)+Q^)|S(i0h9a=Q>xvx~)fkK0HL@~tB
z0*vX@O%1Iz_6wNRMAEO6-wrHNuh?Ilz{wx39P9#-<UGHN4*fb>&;dg`)6)wMwHE-;
zk)0}Dw9b}Q&kOY`_p@?9cE9<?f>!f})<q`I{6_1F(&_d-RTUfhZV@n7w4S&|EsyP;
z5Q@6DF6-hmb1#CTp~`?pPBdV}J0~mFceaD(;~DVXHom>(PI^K3(awKiHhE{SkMxB!
z)J75y%4_n66C5UgeBbRmM3sozIcLw@+$Sm_nw->N+p0}upO=z(T(q(72nKz<)=Ho`
zeN@Zn;;eZ(wK$P7F%WTR_cQKDYG?~ND8weu&{_!!m_1qfjg+Py2qx&%;iU3o2cVdL
z4a^EGaIpNeeN{rG(*>2g++FULvM&JU9j{xTfV<lyg|%~cd_KXx0B$XD#z80c=7S2x
z<@jLW{nxM@fPsaBzkLhgDk_IX`&Id0lDqN(z>^b!Uwz$P++YJ>h*`b@_{2^i5e5%T
z;PTH90XV-!06F$5<OsC~i5nlii^t9Bq*N#xqj$C0jFH>D@ag=~9|FKFyZ0cX$wPRt
zSzQyI=+-)yYhuj@40~J5_JqA>dM(&Ea{3+e)=FuYyA%7>;w0P@!`RaZ*1(62xZj4k
z^_qtr53s0aZL@GTsv}2#bNXa-?;TpgY;5CVGWcAslJ{N!hZPGjVIctCBCdida?`LC
z0Ncb0a!m&Ys{jnNH{j41fC*{`c=@0>4$Jxp9Ekop0OPF+Pzrz)crZa88zu*CxqV9p
z*fgMWh2{MEYq)P01^zbN!Xws?J<MBsibKmKHRCU*O<>B$n?>kht2(7*NLAhksa=g>
z_~Nd}Qnp4_y!+R-RQ{&%`P#2=hGne>lY_l4c&ZNdJ4996ToviLR{Czl2nGf7C!fGN
z!OBHN(vk4AE?L;|G6snqTp&XZI!^)M`cYosEqWiA;_Kut0Wdo8YoGqipivJ1hXcT*
zJ^`!25P>O7^&u=JIVxYOdmskUj+qrm2cAHi_veTMh^J#LppYMewCm|of}jBi*K-Kc
zt^^292ZBl%YSZJ*i=PA^Q;AxhT#u#jOGh|t?S7k{EopwAwDT2DgkoPI4{TiA)GoMY
z#=_dxX1{T^*u1~ptshu>zhV&PwPuQ|UjLiDROIy8_&<&NN;ZM&6=stHA{K8bDHt&-
zuaxJXxG6sieE~f9X`KD%xq@-?0%(E(gD#M1Kr9JNta$|ho-=BIc@;_`gDR}`$M}Z;
zG55;f^cO1lD+aDA-sslm!pW}X;n>lp8grxAl{`Xdoc-eiO7*hcY|IuQiw13sv31vD
zmit=C!LSs6_@rkQGB@r@z)lEIvS|=#yDW9A9n99bldN=Xv<be87VeWY`fxL@2LP-l
zTLA&NSVQ8tg@E#>8x2M&SbGSd;D`KqY;d}Vr~<$}e&%7QWr0jyt92p(6asgkJR?Gr
z{~td5|BO;_w_#v!!C#{k9NNE>FIxea;5XV|fAtBobUyS9z&&HA2b4EofYe*5!eB~^
z^#p()oCTC=AA)zcF9FFbBEOLL;FyIa(TBuWYX?DDAAmw-fj+PV`6tw;D(CXe{(Kiv
z;t_5-P@>FM(uO@W6per#Sf#c(Ht35g7mr4M#OcIK!`gnf{*K>>%k2{2Y#Q_e0Hik5
zhn-%G_BCGEfj!AC_O=}iZ11PO`Xx3vRdkPpBy3~Vf9}7jc@KcOs`mwaAj}mFm3Aco
z0H)SH&cUb_g1rIw7t~;C+YG>Jm%=QcLP@trpMlj^54?cHK>%+9qyWY*L44{st$q(M
zLudi8DU^ue4sBZa>=STb%IPoN6+XKl(sa?Z(+{ihuqvvpyL&Zy$6+e3TagEHI2D#Y
zn9PNxCg0WtKs+?^-9EG?aE9nDc8QbBFKN-u!Ru9wLMj7!c1;k<YGMXP_?)V@-qM_$
z87>?oUa|YfGrx}zl(h_W=VHqA(@Jks)~{;qz2!VUgAPD7%?qH9-GwbvgEGs0MO$$j
zd;;LR<4*##*x?`*&NB;45%q2}!I00vdHX<X_Sb?5&&L-4rpr%)x=$R1@&Zt@aV41S
zd02aa3IOj9olNllW-h5;0M|qOGtDFA;ALCrPonYD`V-x234JfFYj<(>B41mc)ZFY%
z&XmewS7E+l0XrYHfhFl8{J@1sOviwTsPwwQVfWesqTRBW3vOcAP*{OqJ;ClPA#y&W
zzl&kT{na3+?kD8zfTTrtJ0DwP#G3z92CHs^55Z|C9{Y<7kjVg;4_<JIP~8OjGr@$%
z>KTCf!x`Y<fRgV0cn^A4zXK5Kbhf<U^~#|{YY0e$EfWHOt6BRC?R#IO%(4rfjf?nv
z$Bni&YK}_~H7q>bO6^;p<a9YN{$S^@nc`k|J({9t?wwT|BRw&NJVU#-^s!rB?dI4i
zB?_`0Va!8*9@gZ%rXPwsL;dZIEge=<{Zg;x7Dyz(?A5%!A&~?Z+M-@q${dgm6CC&D
z6Vrdn8=Ut_DFD1%o6Y@;9_wo^lHFGAO!B&C1|6F53uyZP{Ra*NITkd~EI>?yy@db+
zexOW%q1Y{WEHq3U*4yY9*iRoaGP4K>k&u!-VPbnm&Q9^-X6F<J5l*50?t%8hf6qYz
zsrSrT)95r`nEf|AfkMmh6yDD4rD{!&8rx$H9J(ONwjjN>GK29li~m4St$v(%RU_)A
z#ti|d4NA}(FSqz7f(DL^e@|9Ir=bfKi|j~5q8`{aSP%LvoU3R3D+nOJ)^Ta~AE|R9
ztqia5xqI+>xDzq%tsSiGg@sL;J2OZp&p*HtOjU78-9iriG`>Z5oivYww^zw8+RZIU
zyQu;e{H+Szb&G#!7ElTKq#+r4cUqpUbzXBaiRk5mNRn?EuJ?jyU|de`PcmUOUM5uk
z#GS6tfbaP-ri*$pitJM%sV#1*@mOCP+p{YYThZgJYT8<BvnGvgn4e`9!OEetd}fVY
zMaNVs&e2*BW*rnE3mn(Ymcd>};6#rLqYA<eT&Rywx0G~yQ=9eCXIWw)TR(~y&1_?b
z+3wJs+R~V+HmA<u{vi8@ciFN#NhH=xd~Y)M+H<(F;}(3%kmwFH%?Xz>2NV{_6=Gj0
z5m8trRiWu%vc)E@z2?Q{@LA&jR^-a;7a=@_=?f}~GZ8%dC6Lx?OT@bSBd7Heh%69^
zf2JO=R@RrSoOIqrPQl$`MbqVgKK{L({e=Prr=%Z_Cvwc$l7!koR<{2%Q&p5?JZ(*T
zI&Vv#m?lyU3a@%T$!g}nOoT#h!U&;E-<xcjrVA8`@V%ov`8->a_M(^F#e4$_8=8Ek
zB^-N<Vv0(t=0=9}l3FSChTMKCr1mMRpF)a-DZb>+FA~G`@reby>CZX0H7+$W)!5G?
zI7dLRDP=`ChpS{V8t~lUxt3v;Uk+`(!x*G|{*D4Msd>6cToPMmr-YG-0*^#6CyV;x
zY;3&cOWJlob6pi@z<mY_)V<@q01x;R7ymlf7j|gz27{%`Jxw?Xlz8M7kPvH%^{5YI
zh#JFTnNc!kdS8}*xVpoePb8Tn>b)$slttwiWB38FFc`&s`%!_F+$MK1M1sJKV^O{X
zFOp-}rad$CH&OgIF(Z_0bRznr^cnuF)DYDxS+tsX;zi|;eMBOd7P8pAd7qb@AkH0M
z_QHbQP&v9Ufv;q!aQ?;w)H?5@AwS$<-pPAd;U(GX)1aQV6<x_e7r{B4qivZrCdRSs
zUvQN6w5^gW{{;C#z2c`o^WDWyHUh14+%rDR(|3)?zlHL;{o}T$e}B7p(M1xXJlpV<
zQFw&v9G{%nSnnDm+7HEfvqU&}5)B*eWB3l$W5i%aH%lvONM(DxiSEWK@bQS2H0?H&
zeB{ovfwC_cF}V70==MQtG<|rcY&XRa>b?fQOqZdgInmW)zk_qpkb}tG1AXiZk^ZSc
zan}3GXVo4|BGy~;OV5t3jZ*CODlx|?5#uh;;wsTY_qA!u2kX2G8DErErJ@%NRj?jx
zXl$?un6}T=%WJLFY0-ZeXw86#=V3Qkmikm@Dr!l8u|Fnh-8AyUmehEg@L1{C05Lc(
z4>eL@zG7s0DMd!ONQV4vyvYWkY_sF?OXY7W8a<D=PWd?GR<yBAtwm3za?V7$=fRbl
zVb_j8Lpc4?-8z_4R6-eE*}m|23G$&!0IxOF&3tDROKT?LU7{kB{J_)&nFk%_lgN0?
zhb(dD6NMdSSl(6?uqssHQn69OS&<j=-AO(NuF+C$%+yg#3GZYek%T;c^@Q`YmI`@a
z^jz=L6I*$YPOn-#BHnwhy_Qcwr;KS~L1XtWRaA0Gdd=~TFEf7HB<6HN&cpO9yIjV|
zp)Z`z;+b+1@<wUQ@;B5<*rU%7ca0aJvkt#Q?Rur#?&MA1_evMO&-D?Uy4tm*5Oh4-
zSl%AyobN|*yEt8J_GCIvgWBOMd)>P(;T&T#g`{69BV#f?K*TA^NV8H2!e_Kgtwu0v
zBdMakHCtpP(@5FU38zOOXtB?*a&MSATSa*1r!9IcNJDA|H9}9bWRn|z@K#VWstRhF
z+G5HJMVwJ#Yb2|1jwVZ{FefdGR8eGN%i1Y6;Y_Ct=EaK#@Mb?OszK+iY7?XqETLy!
z+Z4_ot$03Ih}piqc`)TRC7GxpGL(RO(uv(v@fwM8Jc%|@(Yt@32YgqEk3#qJ-UacU
z^X}QV$B~e(nIRv-6@f(^$EMc5NkMnc`S7IU(?M90;U(Z1%!Bgqja{0@YhwO1=Jn(G
zS}HuI*poePjZPPX?}*JPhYxK^8gv$z_abRMjbV?mWXd>H*mC$HjgQyHJF{3B-ImtJ
z7iBx}965%{+LJ?Bwrq0rL%0b{|A{D;QGxC@4*3Jv;mrbOxkLl;s7=z+-~NxX_o4UJ
z)Nn`t0yP~S8CS6CLh0!l5}dHfNU*e%9m>iLr&!9$Vv{$Hm;5>}BSiMoa1Sz=Y$3}K
zm^t3gd0}R<s95@7;Wn`jc^F3x=zNrSk{*6%f{hjb`RdO7f5Cyf&Tlq0@f)fkk(WSI
zdyD@{lDK9(={iHp+P%7Wi_HfzD_B#tRZ!=*8%$!YfPnX-k`qNJeCfZL{GRRKc+L#s
zIY-S2GsKPRfWhSth=vPspS%RnQ-dQkesDP7%q&90pS)7L&d=9S#d<u~gGC^y8Tn#H
zZHkp()-60{kjw0j1xJg!M2$y^M9>)aI8A8knL=}HsEJ;Rr0%201RYt!1^qO+c(_d5
zPD{q=tgPD^&&Ok}?q~S&8P2cb)Ie2q;6_DDEi0UxDTC|f4qP7Oa8rEDy#z|-hchFx
z&NRv*diU^BmYOetn9&eFWCr-BHYgOdQL>JB&Rrf!TSjM@%(AvZTGEJLlj8S_1Z<8&
z9v7!9+H&0|#am#Ajv3Svnjtya2wbIkaIL|pq<+;@V92#PXaoCA46l7_Oi5nF#XQKo
zG0@7HP5Fy1ef?f@(hrMa!kz>%r!mX8$<)9}!(q}#SbT3YxvV<XQ%r|C4dz-mBD?JF
zlT0XTDbbvWJj=JQI-M$HjMH2dut6Ti>sb?0zT4sR)9|~{jTzxwnUSjeD@P$2<B{M9
zi+(9u4_;ilqUsgtFB<$=+G~1xi9w<(eiCEfUhyu|9+A35KZOy?8x^jRqRK*BP0KZ!
zu2Qt5;*j7{aE+iz$S4S0Qppy##CVan7Wi^*FjirybU41J+@jrxfGt$5zB{}(d&3SB
zBYU2ko?bD8kg@YtOIbYUjsq(@eWu$wqst96vdC0H%^4vz19XUd1RB2`;$J;ecL(8u
zqGVBh4q|IU<O-XFN8a-fDN=eO@|_YFY8WUQ?Ku;L4MdzID0NBm2^Xdbm28nxBk#1I
zMkIMZw|&~4TTIHyG$Y?WEgxWq&FQv`br|uUSJ7slz7D&_ko;gk)uGx&ktlb`s9wV;
zcge%q@;Oe|ut7pY-n%%t5f!p`8V*$W;aQm*p#&)vR_WFCE^z#~q*X^R_iu0=l?+6)
zR4|Z2<v4|^>;tFYBk@a8hlV6hqG+$;|Dx~rYi}Z^Ycp(al;iSY7+5{|$uD5G#Nn8f
zE8nZYXnh@r3(jVuupXPAi(dKVIl+J{6`DJM*g`G1?S!t2|Ez%)uDpXV;`M|oVJyd1
zAxhV$t%wf87mlin<xjZ(T&9;YZRpv*cGdL^$J1E@q+~*DtHcn3F9SXQhC~dp-1h*x
zq~f(}Akme-h;t&cfvz&3F~xN#_CS1rQlBAw#L^b8C@p{TI?21aO1PmF3n^8yDnb*D
zr=b+O%eE@~pOli_n<9E5z8Hxk+WcJ6;w*n_k(Nkp)P-7m3E0XhmUPibbmx4>;L7Z?
zx=&mDgW%Qp;>QlcBaZK79qysrTQ=YHL;p2Icnw{#6XlEePmOKY0cU?^{KXj?feiKH
zXYy*1FHNXv^J=2iSd(QpV*l%m&M*C1{(w5<!n3&K)X|Y{e0(x)W4&j*cA~hVedV*R
z{Q-!_RX@o<1+4i)0dE3}Zwr0*K8p$}v8=1%zUvuarnIFHP#-NYcxuyLAKuE^$#6P1
zc(6!kt;RrA_|#{(EsF$AF*d8oGU*baenKM|^>`5CWB9=!RqV=(gAmy{i|#|W0rldg
zy55ne6j?cRMv@TGtU9_Fy3`3h#!d=DRxypD%+8fi?zitUM4xxm>o-bkP)1Nj*M>N7
zK0;13?fsnHdn`fM6JqpTJP2(C7b2cnNAQ(GaRi+|m*P`}pxw*==rCH@@dnuqmQ}HB
zljFwR(U4_DB{*zDE#BE;Gt$edNT7GV>CK|4WT}oNtBaSj$lxbq!#^!I_?d0MAxRys
zsp@kUBSrq16Vaig(?^`U|4hT*DvReGaoR`YuwUUxCm5d4U4<v5={sBgdpO%VQRX&u
zPr4)Vb0{&l86Vk4*LP;QiIDv~tPUk!F?)5C`>k0ZWuO6thE>H`JjGz-kxa#EoZpbN
zS7$q!W#DsP(eU{%xdp}a7BPo)X1>Gtior5elpWndA12+$j2`B*vP5%~W2~Z6Jg&g5
zv!IY0Hl!$bAoHKrOz@MyL{gy-zYh6%0&jvUaIFFw2w&KP6C#^;m%w|`mLSg{ezE3M
zrrm=e*8vwptF>m7188idN@6s5TD>eW=4`~vXzO8?!Sz$+nTu;AX6G>h`@7yzGn95Q
z>dlukI_&(qD2Z<SQ+ZrNT684Kto?NFVhG*FHM44u6~nqUOXBOat)K0n7(4iOYlLFN
zE*%r8;TK71pg1r(e)w4$W1qV0p}y?a9X0J-{LX4r_7KCch@c*dg#Vz3bNvImsXdKr
zHya6mRrkeTOXD+6&u@$K8ab~XXeQ{amqg7NaD8zI-y|6oD)duBDJT5v?X6<tQx1=W
zmwNGEu2!qB?C0--tF*D1l09fdT2k?+H8(<%8`O$E9r(Ro#q~V9rMrkgmi0YkYI2F&
zPN=4m+f~!g%Ea-=&)URsr7m>#>-ILvRWf~bHAXU(fGj4&f6Mu5Irz#4x*Vib)X25{
zFl5u77|Jqjlf4+iPGDNQDAR#w#qqBpzDywujq$)PF?z{hBXqTSV7E>IM#v$-p;V?Z
z`_{_u&4!WHUl%-MHM?CTFp`T`1@|9GFex;qZ60N`xlQzRP#=1=(tiECFg<E0wJ-s%
zGwolWATAummXl~48N>bx;jX+n8-YCegpY*v)LN~=)4Z(eLXDfX`QIF&GZybvNdE-7
zx*WI){;oBi2m$93xa|=J#xe6tPM@I*^Xr-TJ>}pc#P!BtQYC&xnLZ}CJ%=9>UTL(8
zS4lK>qA1>ro)sES7d2AL$-D$uy42H12<>P(?quTCqvphM>9Ap0h-S@@m(LH$>Khpn
zaq@^-O9#Hp#M8VEpj^Rq$j(~xO#mer_KFS>b?BLVY;Mq-MN0=xlXCsSKKuaVqUYnj
ztOpd?m_f!xl+FI#2@g5G^Hl2=KlSWiH%m-tkwg#|3Ztnt8i>*oLrIY<&7mMoc(-I5
zn2pCCDcvZwN_aP?Q9w$r2<D_Kxa7=O;qi+!^BAe>oUGPpk-X4yz1RSm6cN6Z>Dfpn
zt}s{XuUn4cS%fo^$lk3IpRWUGv~)}84h#nmh#3%P2<SpG{PCP;S;HnDo9UGi=}Vb^
z@F{gb62!zv=}J#q!m36#H_sZu<$f?5x){pOKw(ZP6S^rcK_5FNJ#KCl-e>qcnORwI
zy-#rtmsKvO4u{^Hg`<Ey))0xgh|Af*k$D5Dvs9Z0jOgLcd3T|1t!RcUb>$|^X$~z;
zD9}=fEuiYkiHsYVUD`7ma>;p4o}wQVB&Z_X<{%$0McL&`H(V!2MHu#Q#^-a3t?tn~
zE_X&vQs4Ut56TPkPGu>?9z^E`G-VpHOFbRRq(h1yK9J5ji+XF{suMN6xnIwWd7Jr8
zfviJK?uX7bGdYw9f(6Aj!TAc==UkrW(f*V@7AsC3ToI}i+<3Hw-O3_b4ePmUR<OzI
z>-WwL0>AxzC3K~4IG)DfvYfHU4g%uWhewqask=XP_X#VTY1$o_#J5(sIYayOE8;wo
zO!LUSD@8a-D4+2owL-T~Jh}|=^b$?avaf?Q?S<b_njL==6u!Md`1XAAYlZ(8>}vWm
zc3o|=5R<j@AtX6_SkSWkTt<x~Bn$qiP!Y-ee?9PdmTmQXrMLIwxclh7i>${qWZZ1+
z{Mu3CxrxD2WlcAJs?p&7{UB#j_~XEcl-q-_{$2;d<P@A5qIHo(3sJw7zn6|H%;f(+
zxP9#V=dHe#KbGSB?M3cMzxeb10tEx844}dQfgCCfw=*7aqq3uq?s~HfVcj_rtGYox
zbU1A?*f9&`SLWtt#yA<x4bt5@%${wFax3`#%2Y_MYwA}$*p?*B?J!fhshKtz^TjcP
zFi)t8_;(fJC(lF8B|hApzS#x41X!;j$TJ!Yz;nPg+}yzrqvF)%gb45uVkKiGV|i;P
zYI<)FHxD<HS==boD7;r3JV>C$EU!5vfAUw)?rX<$*L%Jk89J{}U{<)PbzS4C@o?~P
z@Si&%i4*no+xi<u-u^0;cv_CZ^xrxtS;Wa9VQ_s!pajDn+|1{-ED@j5n>rYf|Mw1Q
zlgJ5supe;4`1f}GMZ1T+jm0Wyiz(Wpuc*G|Iynr1`|F{(8$2Fya*eUYqz)VN9ob(g
zxZ1cRn#0;fKPHCK783*tHybWdJXf*zyUS0wwz-X}lI)niY41!RdJx7xG1g`lMd2e)
zut@eu!yH>OvvqVXo0)YrOC?#4KJOBkt9tnA*r4BrC0|Be#U<6XB_?Z(%!rfwB<J{g
zXF+U-^&l&RGA@sY!hwh%tKpf@oh+)L-nF7=tA_<ioM>9bQj73{h6U-1!CexZxOrwq
ziSa5yt)WS@fl&mK`-J-SCBa%!a$K@DNFzENd(?-{DhJ>7_cXdQvZdoc2q(D9v@aEx
zF`h{Up>xEX@UUV#P|N16<#7tWYG#-q`4!p_@tdZmU{7)?&p}XHNYf}X77%JR*aN!6
zWnfM)lDE<GDBBz+z}N5yG&Xf?m%zQFk9a8x8M|HI=CK$_Gh0f^E`jd!0Tm?u{^6uF
zexl6%wZ7fWEuKrj*ssM<F1NI{?Wqe3b~>3R`O<?jZg;Nemu9wF^1I$god$tE=bSsq
z6!pwyX8VM`BJb&ul{ztvFM(TUZZ1=x52k%3x9#+~B;~Q*Ze{j5TPS}^cMvE2?oosy
z`s8y?H@5m}F&8<c5A6yWo$1_s%oJ?T_2O~GUD#1R+Haa=5b*pcexl_2vMw1z5w@zO
zc+?<=kp%%SnR>$24|(Ul6*c{RTZ=KxVu8#r(r)#IW{-1+g`aSEM2)XY7~cVzDBauq
zwQSa39a}`nFcV|Ze(-_ONpH7pKB(pXTZVhuaeuwNDuuN4C7ze={gAn~{;@^k2X<`V
zC`kW{R@Z$JIejB#m|(Dh&W=`vV?wzZq-{ND=zcbXw02x0ql?~udiwxcy8GA4*SBwf
zwY|9|#Y@RMBu@8a+qk1({a<wpju86L`M>gTeG88Nnx)^j8P%4Gk+PS-8T31FLTCW^
zyBRn{#9Q#-&t?#y?_I&~#GzwEMBYNfBw>_SD0@iCB=A&GH|>dF`e!V%XL>fwLa*V;
zZKDQQgkRW|&+p#6hrPoO_aUbmax|MVH8kboYAt8EzTL=M^Y0<O<nIuEeg5z1`>(8*
z;4T_r<3Gur@D=TO#IgH-$;F7U@#*C&kV1JLvFZLp9uoK5qB$cB>7Vnfhb%T{+~f%e
z&yK`OgyDvHOLnhmR}5TreBHqxT>a~aQ07!h_(5;dpYh3KBIpvJkG^Niv`F0@oI%eN
zT-){UyQCR34@ap8_0)F96pCq5vql_MYGADYY{)uVDV_YjzCF2TV}wmb0vEe<Mli3H
z{elT|Vv+xXMkn(fWlctQ#ztlJ{%g55-bNMfQ{h44KKE3^EbN#fTybNi8B3QTqo}7-
zj<S>EKb0dDql09Oq#udTrf5WY5K9;?9#il8@ov|=4@sEhRgRQvcf5sMq?AoiH^SW_
zTJF;pp1@5L(x`k1M2nx})TlT-is$a0B+dwkp+j&PlsKuLe9<|jAtkN`AH>L7-=<N=
zX3~RIMbJA+yHJo>VXeHg`3a1kQ5h5MT;GmQiVKSM#tIYb-5xCfzjsKf&@0Uy80yM+
zl%vm8BoixyY1y#bTNIv=ywinmVz9?noX%=qbBxMje7HKWwFJKG1>a3|D(;3k#a#k@
ziG1tDo-31>rY_ay%~fI)h_7~MOgya5LbNr`w|+dNxh<*Bb?!i|{yCDf*zp;0o#)Do
z=q1o<M(l9+@lrp+9$SL|S3XY9bk(Sj?{K;4LL5^v78ey$<zA6e+&3)sl%Z#1qXiU$
zNogVG<wg=xx2O}boSAjZ*b*l4x0aeBhjx}RHK#M{<JBBLZO<!;vFPC@If;d_M*XCS
z7l7^7F(?nD>>!fEOwiZe8Vw9_RM0RSnFPkpsb{~G*ZSC}NEtr+X!eBTWsS<kj}n*_
zE*^w!sEo!cz1|kSqZ(+?ZpmXWd3@AjK5v#+5)p;k{W!K;<2(#|B9xL%blu)z<lJ11
zEtW<X`JAGGB9H_%)Hl0whsdOVvp-{dud$-ml;{x|WDOXtS+;iA?`IsC<F}YfoFNTa
zZej^3u{{t4HErsPC(l0M^gLBEYCMlOFlt@F6`QI|!JR^4>v>9-T;`u?kL2_+vH1{G
z#Jmm&iQsySroRn*7)TvUb==oVRLo+jnm&y4&~HdvPSJ;2PLmnAa%1%IY|4+JZ!WIi
z<=of5H}W3me1!b3Nk`wcp<`@tMp;dC-f{K&20qdq%Fso@7(`~X7x%*X*qY@0z?w5i
zB!vNcE6lQboBOl)V8_PbjzZPv`YM_S7dWF;;>~9&!a)Ki#Z6f1yxJew>56w{t-98E
zFuhx|U-!zHL)87P{e)hwy(GFCPYtWfIm|1!+3O+u%TW4$i(OUISs%Cr#_m#BAm?pX
zOQ|J@my5jj_W2Z=J0&s|i{u$iy-utF@0Kugp4%#bGCraZx5}rR-`|BP^BDd4n1|Zf
z+G~uVd?fdHDU-WzKQ*xp+cP46F_B8uGFFvevq%^VVLx-}!s4#5x)VcShO_vr2G2*m
zY@)K<aZ!!irZBm7RCd}7-K=wCQXbj!A+4QCvDHKGWEDrU$%K>E;<6X@`Dyzf`%m!Y
zGZIYo#vPuytGZf0GKa}IBM?`6c;w<bq^8URW7>dr@1=WG2EKgdECs%XA*3YGQ(Lw=
zFrbh=epT~LeH8BL96pMrqHYyh8a)=aw5|hdtfOXJdt=|mTH7NmOJnVXXv^DN9>#%@
z?TO_;KFl|NHuW((`DzKeufxi(S<~8L6UfJhzY-f4>f?pF|C*oa18d&?mp>ppP@r`V
zo=Rx6vkV?n4`i!#s%c}4sLE~>_Dn0=pdL5Zkk-(d!;*i;Y!IrUwK#ODs3V;<vOyS7
zt*={jXY?7#N0`p?O}3)vmhw^LurUY<`u<fW54x=ND<14ldncQFWfNjiR%<#$Pr!Yk
zBYesxBRY~UIy`}rXnKp1bCS^4_gOVV>}%F#@S7wi1MCISiqDM=F$pug6k<jbwzcvJ
z>uO4%=ri-d&#w2wF>g!SC+E;Gm>)*dBb#TGhbzH9Km4c(-*Ik`PZ)A(s54`BBAh{e
z47HG>-XAI@Yl&kC%x4EXvqE*NA(?yBZ~Up>1PEh2{mYq-#OB?Uaihi4!<$_EA`F9B
zXV04?->oZLJkrUMg5-I`{I5yI+c$<oznXm3;SEdwN!}47s1!@fD}9UN{tN1cJ0d5N
zH^k`QL>Q5AN%uR8SZlk#3;~TldSy0gYADgg&RW)Ty|<CGCWj63zbE}+)=)TUs7qLL
z#QYPU9A03${06P5e!FQd0)#jyS8OXKIs@!Cv-A#}rIpCG3`vFD`$KJMC}q2H+eqtx
z!erILyd(`=iwsIW4fUCdD6F|Z@e?E|JgtPNEfZumC5aK@X%epSRQ*q~cDO_Z3N`9%
z-o8Q|AOJWUgHIu@w(Qlet9s`IKR*!C2e)GV`F0o!yyzT4Ku`0=%QV4naPgtHWkUF9
zLM@%5txWitqX;xwnV-}r(S*`ljb?LAoMK8z?AjV?dMIbdCinF>I%n{g@NJEMqx79o
z>%Bd4TkH~emOH2Ku-Q4IIb5cb;9vj6F;~|C)8B3qaCOL0n)f!V$g!*PB+7NbFB<&*
z=yT`vOnsD)H-3jCHYP!PvYgFUad%jHIrVIv9?pXy(dq(?$+NHdm{Aplc@tGNEqwFG
z;7C$I@WyR2JM3-66gun3T^g_NFSSQdAau^0TEh;~o%DHlF|1q9JS9u|IPnq~*5NGT
zLr7?#w<|&w9spnB%CjzUjuaaCGj6{?kcdtWcwhO1U$`IRZM9{ihH1#;6iGgLXRN2?
zES$^W^HMce+4q&kGL@Y=W;A!<h@UNRKZV_<1=wWJqb|M-4^=4$-Py$OGDU$c+#9X_
zdT=8WKl<e*{uImAx*b9kxE^~a)G2U!HK)`Tf}UCjsiWg)6bEC8e0!IdS-^c(bXOyJ
zp>V?5I{|0R>IC7r=vU#puJ$jGin|@a(q4G3Y_00U5xj^z;x#k82rQ!pIxJ=65_}SF
zqx>OtQt!_TmC6nYBfUsIoi*Z*lE?7!1uKSGH!5#AbXRAX@xGubQ{1mM>%E?;?Imt@
zbkN%fb@OzHd0kX^{LTDr61=LzqL1-obENinen}d18b1Smw@-0o{dR!#U^iF4IV}w7
zEzhIBUh4g#mj155#`4|Vg$JtTQ2kT(4ZXFFnJF8=CHz0kWTbAq<Mct~hO<QZbRu2n
zf1Pv{UIH_?UfFw9OphfZ^rS;aLSp1w0>n@#2sol&E`aw@`FSBZh~qWvdM_=DDQK|@
z70M*r{)btw`EMT0hVY)h;@`ITPsI5*CHVsbK%{Q9<EfD<WubZ|Y;kydM1`rhz(T%L
z)OuIi#v1KTr~`+h0Z9saHdj9(<~P$>9K|m$Sl}}%i}=qeYgI=Do;Ih_o^eB``V1PA
z9fA6%ljmfwF=E`~asQ}Ik}-t7y>9ARn)PeJ%zSRC(pGaNgSQ)O$R<gX4ch*exJL~N
zc3N@|243XEnG`n2R0x|tS374M=~)?>gy@^xDEfAKP1>uUv_{{AJ%@^I&*=gaJTR(`
zdq^IePBCt!;l~|}Ck@~Xas-*p1Z-OcS<29CB%vJF{orp#kHTfO2u-gr?Z=DrVY4_&
z`d-fa>QF%Lo-1J?rbq_8JGZ)bP0@o2bmCZfYt11wVax1{uQy<M4P&)$0F1?A`8@dx
zSBfK=yl3l~#f`If!YaoclRiCuKU&RPmga1AqAf2FsZrL{waFohcOaSlj&+-kB%p*p
z-h@pn%k*|+G#H6fBRoj297SIge$b8lGtYPeDGJ@;@iu?6dC^pM%oZ#NK|k2yzM5d(
zm5v^s7a8}#Ve#}O@;iWYP*K+}z}+|m%Bu!46vfg_H(iWwBCCC^ezt?@V-&yG-)=Th
zo`^*Jz}QgIHTe=Ctx|kuwM;gR;2p?H)tW~%P?v=lwcv4wbhJoP>}^;ymUvaQe{2e6
z4o9uqQV!?vB28Z<p99&p%?NL6%?gG1zFKKi8D}rmim9AKF;@vHTFR<oa2}CH^Fq?5
zrjpz%MMIRHsoy?(W!5!i{_9Qf{H^Lw*36$`HN@&WLbhy6g61zwijL?b`1@j1u4^Q3
z|Gc68pB$8*vANbI@Gv6?DUdr_eqLV0Hjw8L^=@u@od^*&f$DR4&Gay&(8rIccjU!<
z#jv}mcVx^x7r6M;t``VL*^}iN$B+1J{|yOmO2Kd2n~Y4+ZX@{E#pxbx`-6J<NWOb3
z<K2W9LwTT%;Wb&|hMayy4h4U}(63TLj1EeRFAQdd*~$!s?L?7WI)X{K6Z3zTO|bqE
zdKE~U7QC{XAnNn`wNm;^aJ8}kMw7o>we@79r|>U*A_Vm*{&VnzY3Ek?fEN3kn94<J
zzknmoygn}E?a5+cOsXy(%mn)+L_BK+#uY||_B>q6Z<8YF{jc}r%z*`MBC@nv_cJ23
z)qy#lc4!a~!typo;l2s-U2W>P-B~6~LjBNy(25R`{17Sy{jEK(1eYJT5Al0LD)BK1
zzMq6fH5LD0na-jVzXYm}26OSLR%FZYS=G}c3$rrF{0t>c92>XClMFBt*~CXHt3onI
zTB^<|>pq6bZt{HXs1qkN84TW)c1Yo(F@I=TfHj<zu{7RIv#onOTCNnoRyl9fyY2nf
zk86ePH?TF)8jG*mQ&X0@1SDkcg^Z2(M)wwdjZ(gapY;$OcQkH>_0gJ_kQhb2Nqilq
zb#qe}f7~Zm@NYo^bEYUdTFmsD=&K+)U$cuked^^$op$f|_J=!IoVa8ssFCK=8YZgl
zm6@|ya;WH8`<Cpb{#qP$E!P!{v3pm?WFYefVHJ5cJG@`J1oDrMnwm4DEdeg}qYLUp
zbp5Fd!Ak&j{w25dZn9a?=rMoAx(N7vHM!!VAL07RI8)YHNF>E>Q>474tdc=O4<zu8
zGDd8+l+cJeCd&`1__%E=<cph=TB2bcBH3uUlpCG}y*iPDEn;z|EmU3Dyf-F%T-Pq>
zGOtkNp8woJfkkwDeR8}Im+5uUk>7J#`tT!FIpYz9h-51Y)yi)%OQgLt*4lnbN~t}w
zcGiD{p8m(YpLxP2=5i7adB&p$kGPf8gpa|0&KQ;F-K0)AWNC~V&5ys(iJwwl*`ytt
zJJK|tJ^n*W|5zYE4d9Q6)#`jEd-K+NRWa|OHza6Dm~URn-ucWyb!!g11n=*wrp5%u
zE>C@(yACe?)O2+QNWfJ0lDShPK<R_$^)&a^*MwnMljoNJA@T2JMm-GRCGZdp@fPfV
zalrsx%A9##nNVDBT~o$Y80yPM$VbRsa)Y>$qW8B4Vxr|-x~LirF=xvIzN<<9k^oK0
z;Y|VaRl#r3{6j(ZFPZ(l#UBOze|m=SabA|Yw*~{aw1->*j}M@cJ)}w76MyDE;OjNe
z5@TL%L>!%@to;dle}S+%2+Dl-OZbCfHnM%bCSVGh$lOU|q5S(LV7_~jat*C})Gm4d
zP~%rSuSqsH29O<Ju9p4ITQ0i$BQl)l?Nxh*sPxq+S;VVP>HT&`Ce8B@rI?rvN0&4D
z&fozjbM*t}85t4Qa^lvev%YfJfb=L6?G>)HhQP{pgGk0y|KLroHpTsT<m@R^yCSu{
z3R6Bsp;5m_HWcr2Z)K1VAJ;*~Y9A*__V^F<yRIv)rD6PJqI+l`n#CW3W)b;C?{V_5
zx%i>9ziCSWdX)UgIW>%tq=4hI)$d6Bn_qA<iu<Z?WXZ!Q9NvA=5z-MJt$!SMq`DC?
zvO64)rhn*tFSbNe2lFb*i91Q6;yD$v4JX*936IE4MGnOIsHTU}Aii;XMCj*=={+4^
z*J|_{bv$IO;!2p@tr#pDshHtvo_wi??8CX0VM8YN^88BfNap&FvF-F((>o!~oQ7o&
z-NlL03>G-b7eyOO@(`K}D9?jK1v@0HwZ8!wx&vRMXxC(3p<<2qI5XECIXGIVap+S$
zM#ecj3_;s?iW1jVZq#AME$tX(e2~Y)be`X>L6$jEVIIOt`L_1FkhQlJI>8~$NvbPo
zD?Q($eR-_IC>_#JWV_V)z!zKZCOO%Tkp=Q}(U<9~HKLiaat651w#+R&u`hx82%mr%
z)__FigcCIXR}1`4?!`o>W#^;rCQBHQihXe^Qh)Rm|MTS0FgBS%;-f5kK`$W3z_OdQ
zuAHrsyE!>HjGirt+)zp`omV=N5G^>T*?y37IbQJ*B8Bt}rGVCGOnr!A!AUc6@-UW~
z5DS__rn!arlsZO^K55sCWsmElrx1lw=EtMzN1L~!Wdo;sEA+`NBhD`Y+MtE&{ibi2
zJ{J|s=!mRu*3`yGAxEOZddyhcxeqNAJ?q{IQKpD)*l;`0;8Oaw*1fLxCyiFD?2H&G
zblWacbwi5eekM&`DD!?~u7N2Kn_DO9t;t%ue8;I`x%fV&ay8|%+7l&l{#oAs8krcH
zJ;XR6??Q*Eb8IpeHIMQRc2$=2$WSk~sMiZvg`Nw#0}tjbsdMxf@0GGhr}1S;MDdG^
zoUa|?oNdZh>36X0?KV1}>uNn8j^DvD+Ksc8K1O18l4j4wZw{V~--)xn^A^(Yfct?G
ze~1^PU?Q)--OT_?hfIa4o31r)dk@}0QNg%YKCxN1@yRTf5v1R~1=@vcZtwgPu#@Y4
z*?n=r((4ZGC(WmHd^h`_<nh4>@pjSd<{CAprz~TQKWEnbTRxqhiWF$^h-OD###e~7
z>#zA$)9kCJC(oI6<>hR_s<_2B`HsAtuLv79)-iQXb6O%&plh_E?z3Lot6bVuz>t<o
zB<y9m*m7=89a!z&81-LsXtVUcHT%{4S-)+d+asD%Xj4Ayd*ja)r@^Xk&7-e#@JaI^
zzasxUv}s=y@ZYm?J;7I3wBV~N@F#<}z&}>I`N<#vgHG~vcMpwGK4RYH_2&WIw6cc+
z&z}7LsUSbo(~)#i_-Hke|J^C{)RMeu<>gs7b$QVL;`Gr{ctj7Ywat@sOK7*7I$#d%
z9G1aHRhS<Ln8%4XK<6R7|5ojm9HQSGj+!o5M&+Y!SSq~huZ;^WBlb}f@e$fZ{D`g_
z`x&#D#K|xmEc3uM#6d^>M0z6f7A#A%7Kl0(!yLrZ)}!(gc>5(}9w*>#GnvyZhI^I%
zvoLpC=t$YU1b2hPE5)_Z@tf(G27i~qfn{GwoP@0rE2YFk=FmR;Dhm?uok#ybIzVy)
zYs4n%l`Xu{vgS<5!}*y8RaQDWuqS?^j!zgO73rWI;^)UfL0UoSXeAecB%G|0p*!Dq
zN4&5zIWZ`e)JTDRqw&s~ldW{LUk;_DMohf)!1-_$MtFB5(VYa(cHOWC2kksys^8AD
z2TdRBh4JWjJlK27qk9bR=ijC5MEnW@J{rr4_To%2Sawn8$IJE&D#d-I9dU@aoi0)5
zfRercM{3fjd1C!aZFNU<w+<2(hg%E+Xofb3Om9@`F9^AsBhV84G%>dMvhndw$h3ly
z9!pm^v$O~3C7ZLLp&*rHcUGO?JiYy<<qc+Cyk2=z?*ql2&}<`YR#Ae2<w%Ty;jj?n
zry<8g&0mfKRIwYPmAL&y;LGjZ0u!_gXl~hw5q9MV)YU1;vv;_?dX!JOvaBRLJzZe(
z^MjS#F_-5XM03Fnf3md)L2AShQA&qq8f8aG-c`=A+>gHXJ;{O%NcTvENAt)QRD1IB
zA9?yT`15^V_xrl<yyj?_7P(bF#%k3$?oPJEjeC2>8)iumUoxGtI31t#aHN;*jiWq8
zuj1{`$P~!vcXZVJKP`2w<CB_01S*~mo)quU=q+WH3!3NVu8h_67%)g6PU5d?`tT&T
zs(G;76|c{b7R_=d{Xt!x>53NcWt~tQ0cNx=vD^_m*QHeiHFs@8)Wl~1-6eB}s*geS
z?TP3)kw`AOq#k7*^-fR@9xSU-FM*C7EDpmE-<wL~94Gjl;`<Z4nU01^OnNR66K@p8
zwTF1}GaW4$%9!W2x+Rz5QZgN16b4A04af~sx{Aka*<S*%GW9n5xewv*Kk`5El%#mN
zD6Dpl%yn1VB(o)0AEBCHJ+U6Hqlud7vx1~BS>ddf=jU+RXrGG_@gJVq#6n-{MqG&q
zQV|GzjWxq$$;bz3(APJE(c<leBWbuwM3jU<%`4oDSnv1tce3T>NKFz6OxJITbQ^<B
z%YO7YKUxT_Tu7Kw+2IRhsnZVZLE6by*`Xa3MPkI|Q9fBqq#?B1D`E$vIV-ntGb+K&
zGm5N+Q~@#gM1sGCdxn;4PP)J0Oc%lvG;Cc4>Hr>rZlj8xCMNrMVL_zP4{Rk2JN)8t
zYo+mb2z_(-+nU(npOwW+1`uY}N;YWD{5`%4yL=Pjm)H3!QUp=dNpE_ev+?jpBQa6Q
zo77yt9f-;yq7p+q{i5Pkubz&Nt&~|lzkQ(lpPc$+t`r6je>8!z>3d+(m9Mu#Wr`7d
zM|{$W<h}L~rI4tS;(bOwJYkj>(E;Ll8-6clH1UFml+ff(Ov~=eKQo}r-OrDpxjX4O
zh@_pyEgm&Q^;BhPzLH_^;{W*^S{QW0c9oW!IJyL+`TQd6R_ch0mpW~&8(&Jlqde3q
zb+VO(%6H5bOcQsmXrcPML<G@v{2g>nuje}(RrDj>`13H9l84v@gL2O0-ZM4TgOco3
z+DaW`R|cm)Ev+3}2?k6e=<kF`D=T#}rhQhDr&3xovGFz3L`Ff%epCKP{YB~sQkh7?
z!}>X;lY2rbUI7>iD6o%ps2{t^`#%pnd@usrG7&$BJgtluS6eYR(CMTly^)Qmgqy@e
zk{q58aW72Ro)nWbwdM8U=e)qKx}SwghuBK65osbr2$($K-TcdQ>FF}WTW4@$<;qH5
zytjVFxua60O++j!k#LJg*YE_0>)3rp##NHmJdTUsax_rL^Vud<n9fqf2ye_`EUk^<
z66x#Ahb1LLoG!{nv(uC*CoqY|P)xr6;a2+FK37IgeE;)`bk93{;z;O)orhR{id-_~
zn4Ei_r8U`WB7Jn@PDMofJ&th|+>rv$9g%ile-qMqqx1%oy)RRo40BF|$c}Sd=G71X
z@P^nes;BTSyn4wd5q#`|6LgUibP;NjZ!5J(7pXhreuNkLV!t5$5J(@ljux43<|Fw&
zi&U=?yA>;N*v$yumOT0?Z#nZ83-D3w4F;hkUyl~k&&gBlC)$~r53ob)LmAo!1$LUT
z>T&6Cf7}J%Mg^v^lH?DPW=IUnq)dsD3g0Q<)5|vqC4)Dbtor)YtWW9$QLN;n-4UGx
zVvVt?j7ZPoLY8NmE-L-ogrHXwRHAWqUg;^3u$fxngr>ELPs2s{7|-BnRHpk!P%Ex1
zF8(8Se4~m5`}A~vZe+^RiqdnL&KM|#mf1Gr{Wn|RY{U<3Tf7I_8G+0G`KN(dy<*vt
z>9mZlDAF-v`74bgDys3mDyo5ny}OS-I!QV1TG!P*AGk0n?3`T{49Z3#kyk|{TO3ic
zV>2ncZ|xVxc<WKCF0)#05Dv$#ze!+y5EW6a=YTHZE1j)*>A+^3DIsq7<OU+z{M@|9
z6|%WcDz}04@DLe_gb4U@(Q3hrl{ey?!uGfB2pZ|?fJ>Re1^VJ=rTU^6Wpx+`(!LzM
zLkXy5w0G>)sPl8^Lxl$phz6<e=mh)7D1}Q=+utSwzsg0fFkT;>i29x>){a@pmCE7b
z$r+KP5+nVS!nc06+OsLzY^6<JDm@4Bi=rKKp%#w-la^Fdg@Q`p>s+4cPd<d<xZyTK
z%}YR=<}C0_)c@h_Ex@vBqc+i(1_@~dq#LADkWT3?K|oTvQMyy4kuIgB8>B>$6p(I^
zZcw^B&&Kcj=bxD~bIqAE=XfE!JiPDP@jPp-`@YxOd+)k3Hv4_~yKZ|gvmKyJORrAH
zoHFI<Z1zFh?E7HvFNVB0Ce7}yt_<8by`*^*i&a7Q#U`}ZO6-RPfoY^nh~Gcg+@@&O
zky6MWs)2YOag3~UCS8<;un&0w^}0joT{>LEJX*vYyvvhMhaJLtalNQ65~Ft6A|-p9
z<Gf3ZfS%5tB<Cy5gx_3zf8c|WiJLmP;aJp~TJD!$`}Sa72m1<QcDg}(giG#(d!ciB
zq&-t(!O#D_9~lud%Z_Y6@85;(EKkhCesPyMskc9b(30Yqj1%jLYWuV}r;`IW8dLXZ
zYN%h(aWXw*Us4Eq8Re0>lce#2=+>kr)^=6TxPG`jcD9F4vIo&{Ha_`YPhxu+{*45!
zdmPQwri!Va1)<6R<1f_r#^GE9UT9Y(asS56lG7)TL5}LxOQ5^^FIb_gaF>~|p2n|!
z?E4<D+>@nctbT?)bhxCaEzfA8m-waES=(>qUUFVdxk@R2r`G5#C3Lq9<>9{DExje5
z#nJn@tIyy2M3zK6j?aRU)5pq%(keZWv`UH+Qkiza3GXft(Sd<M_0enR%(iprJ?$-o
z3|yYU|FLEy{+_|*&^ILoY%kms!>u}*Y~^K>G~af5DJu5-O+UrhBLPD45^L0jIf;=I
zDLff@IE;$1{`v_Ymow!H9T0mdSM>u^^TIgnsGgJ^max@?zygWm3lx><8ztm5!&e^W
z+20BWYf7*7@=I`*ND(a~sc~xu-!hPH9NZy{+gSAzv>A1}XG@!EuAP)g8nnx9>PT^Z
zNd_UvdZ72SHGzs3ziD6L5#jc`Of&pkjOxmMGe>IdC^JperhCX#>KvMe_5*J|1b$GJ
zpfjsyrs1j%eev2_;vlcYZTNhhPgFdx;$_5@$RdQv*t{ocMia=hn)v5Z*_5_hj1N~c
z`o1@@aQ#hWrd<g>I{}&lVJ4vsI&b7MKdKfwWN?!=FiR*Is4W<a3M0W`U_Fp>>cYdJ
z>=wiCmfrP_m};Y9y+^pN9J>G0{W8f|(Un+UNmrdQTC>QI-Zm%iwKkI35FafTj~U&w
z@2*-%+RZG~YehdlP{)7$4rUol%WC%hZOPF|+WpjKd_&G3rGi!T(%T$A9_==9ZwHHY
z@)kCF$f$D}(l5td2bLD)kMD0cl?Qy0af-PXIqPJ4O7~(wKNv~Rtpv>q-#eCTXDROT
zI_8M?l@(2o`b^H&>n~lxNAzX*4pYobWMX};QjelhtREKXpcrd;>O|!xe(|y1xQ`mM
zIVAkZ8ing^={u8OAE!|)9up+FjZ&Wbz$M*`dX|5-{4W_h2O#7V!_cq?4t0(^0`&Zb
zAfwXra)PWaSl%W1hJOYGEdnJ3x2fWnL4K@3ewa6oA|D1%%aOwfhE85o6oDnFIGnc?
zI9vTaU@v-v!#(GPwk=x}4qB>&DU}mT5<*2!-E<Oq;HRWcZH>2O4%b}o2&&bPwEbK;
z=9M`g^oy^C?9<&KNVzj+ztk<G(vcD;z!v8fdykiUNf}vU!Qyl;HNHC~P2>fuxuw)i
z7!AVv7t|+D@fx@c9t5Hd_k4oyM%3DpR_?^e)FZ=)7>-aSco?yKjGS#|<zx^pG6Yu1
z@1UATXfsmzO>0`z>O{5cig*6uHK2G(^`5zSN%;pIO<#%B2fN2fWU9M;CFYVUM*|*L
zONk+Sj{#C*_5|QSMKSXpTlSHNf1lRg<Lu&7zdHa`aw=;0H@}hNK`Ac=ZC}}3OKQ>C
z+`>U?7NwA%Sr8@oj5w|l@0|O`!-26suzSS6_2{X8e!YJB&YMmcilN)m7RqOW_=ciC
zec%#XQcGGBn%5z2$D|2PJ`3~GJH)=8cLaZN6g`i?XKx+EMtW_jMixQjFeGz>xY6wh
zhh-a%ntt5|4y`xO)+Ab!og9`G1RDBvJzl~h6#`8)2$EcGUR7)ZV+B^S50af6RirzG
zi4czs@J9YWc}b0fyIYd=rffGU$=SDX7D|avcirvPi=!i40@Vq;0a;D{aDg{6-6UVY
z7suu(FL{xwHSBI)EF!aIZy{v-!JEW5p3$c5a7?wU^ei-QNi!yB09X1Rl5D|e9P!7E
zQDjei0$-B9H}aTERmvLJG$M~$8S(aHkC6#(Lbq_mwWN(K$1jCH!cn35Nj_!}73a(*
z-P1%wz52iO61V7=EWKCW#-|~;v%k~K-{s<5l4lQPy`#my-16zLJ)3-KE-ImBykCgg
z59-pAu9@mPs;MD+vf}K~1U%vo3~!TT{>xv!%yMsOcgmozXLl-94>uV(40)7E^P9!z
zjV2MS!H5V|I_iWRD@X0xKd^@zeodUke>s`9RE#MAwYLnzB*O9Pc&ATy?od|B;cBWL
z6!)O?L;f&fy%8JGDzN;Z{Nw3dlLJT-Pbc0{&7>RlYq^WBs_)yhsEgTF1_>kSg(cyJ
z{F#zyxN>?Q;0Tl#Jgq^7>!(WCRlp{a$5EhtlSYO8Lyu<o=>x4_g}?hQp-m(zQ4A`m
z=}j_>r!VDgg*yMnk#>Qfmc6BN9M>i{x?p*fZN+&msLrUJ$Q5rKkuGaHr5!l_*@@p*
zdW>`A3(}Z3O=Kzdpb<~Vuwom3u#!P=P=vRh1``UtW*LtMoZGiejEeoFER=a@ok){{
zRQGfs@f4iPHS^FD!^oagh{!{EFg+<Y<cYG|Vbuwlv8q5KZY49ieBAt7_97qO4slvk
zCVd&NvZ`<B=}YhAWNFE1T?SFCvxYiddbFN{%kpumqdNKx71N4p9hvdsl+;K4?<L0a
zz3pcpq!mUQQ@c<M&;C;A&_+7$&ceR^^_kk^g!%6wM2fC!VhlYv7Rh<cqvC>^Y6@K5
zA+^}m+K+OCQO8MqBAwi2Vl9TitxGIB3KKgn&~OuSNT|72Bg1P5aY~gDfC|eWZo(ar
zpyn@<8ATeY^RP5sc954?bJIqTfT_5<Uk<g2+Ct`CTwR)O-u4%FUbDU%9Il=*f+23b
zPqfxMIRWwlae?60Tec!WNFRg$SxE>r%*9c6)P2^(8E_hEh}Y8tme1)jr+6ASt+j~!
zBaZ2z%98vuf-=!>0*j*FxXGVSvrpjP6{-B2m+|wye8_#y)|?a=u^YNSgx(-6kJBxM
z-9)LGm+$WT`geviI?@P>=pPuq0Blc=s=%eP30ZGo*!(wdaI$7ztez4tcE~7OBn5^(
zODab>73yr9?xPy|PEEJL0mig4HL?0Mc^XWq!Uu|>(T~HudFwDaE-@hTIj<ShaJPuF
zc>%}&R#+~()5N*lt2g=J$zwnh!6H^x^z>ZyZ2=2A{lMViw`Hp3UI2N#4~oItT6G*Y
zLljhxPkMz4>_doD&a=hL{ahD4mlS*F?|fC#4FXJ=fbW~MjdubLI{Biy{3-ZelBaA6
zl3B?vkAR2+Y|-RtbT`xLJAO>nPeg%-&(S+yu_G=0r<c;L@YF@g#7P!UsknVg0}TMr
zS9UXuT>rbxm#0r1|Kaqg093ugtBsKROVeLL86_&~H=cku_DGWEA;U|uuq4e0x#y$I
zg1MN)=rd*?MI@uqAH^&`d?9@pWfiuRK`VKLZWgnQeJ#;Xb1q8~=gp}j@>1%<Yb`mD
zfJC=KR8%uRJl#sj{m})A2oY~gA9Qp6x8F=2R^<)IFrTJgW?Mp(fk?2z;wpiK+p~O1
zApwLgd9Q?2;6!t&dg<ftpAEpb$1xp=XIx{?3X}Y(bapko$ltC^&uMt!`+lXU65mz3
z!eQ~r3jA3yRd6bd^sT0`;1n->V{{(5?pc8}$H(4*602LlMh;wZA4^A5dokfn%VqUR
zovJfb#|bA!?0!%&|35R>Z6chhhDt^}00f52JAt8Bz5wVsdO8S_Ag^I!vBaB720{~z
z#gR?WF}ws~>(a+fk`&GB5f4Ne38SBpF3elh{hKLcUmDB(DhO_*%?<De|7P+LC_Pc#
zsaCzhZwLFdI5Iy#dg{G43&q_Ytr%)gA+E7}4N|#R3f{P}rR(N8;?qf*eWBSaX=R7*
z_u4FPIEuINYGVq||Ke|!tGtgMsR>heT2D_?`pRA0f^x#S!`pLvdv#aRBvuYL$#-iN
z9or~lX5vlKR@?FKapMF&sDwxIY*?XJhe(gHaiFN>KBx}NOwlCYq_@h`Wl*DyE|gnz
zA}%2?j1sw@7D=E}StM7w@CSxF56N5n%xR*nc&$*dqTTdn2tQ=S`6e}r{t*Aro=?f8
zI7C5H;9AwY+TwxuT=%zO`DCoFG^qnWJ*hbRD+<>c25F}UtJSQO?>o$Xlx&7`=qp%o
z@=D6XQ>FzxKyOAPl6?^uNKBwDdGE=<y_ZhB2_El|^QyGCIvX=Rr!zErFWKx%gc}Q(
zD?VeD{-O+&th8e978NsRTeq&Tyo=|63d^CVLOCv4QC=5J9S{L2nV{bRvqQCQ?BW>N
zY@aG+(TYso3nbYwCyw&w##nrx^`jOAD7^RqnIFQ^snK<YpA$-3k)^P(d@YwtG+TLJ
zkZYsg%E4x2@ph1v3Jz&EQ=)v+;c2}@M+QQ2r@=c@j{!Fq+05wstJ<$E^33mlR==&)
zIKc??gO{y>psK<|czEC%0g9C5CrmCbtvzB#>Li>Z8q?SKPZRY{ah#-5u*SlX!;w%F
z<LkVzkb2gdvaA>kkJ!Il-`2!h7nLSUiC)H+=EtGdmdZU3w5~e|(hJrk%9GQKjcmFf
z7ph0iyh>lH=q~5|1CCe8^TA<CB()%FEsw}R<CpM~GJ#caML=Sz_=5p6V(K@nT6(l1
zh!?cXxT8hV7IFN1#4?{;cHpXOrm66AOWt!$-p}FjqW!?I`*)>+AjoZ9zGk7A*ucVN
z*2FOA6x0>}N+I4Xzez7C6UAc9RFSN@^QXZ2>t*bflZWET4BhX3Jw0{IWHfyxbwp?T
zI@jd#k*IXoX5|f5tCrr#dMwE!8Pij=0p?oqRW;YIDJG$vp*&LZ7o_02ZHMLdWT0)@
zk^+6By_r?^9}OWI$Oet`?qF%(si3y>5HjixhI01$6$R5L8bC0-jNYA(CW77z2s!cc
zpS}1i72JUt<1)p+(X)3W7r4~d@1oR}wQmOq;+XJDUO>sL6B-?I;+~PU(9-Dq5+P@6
z9X^Od#~P*;hkwy&lEEmw+WM~g*K>v5*X(qwpWelTm(yPCG$c03k&M+&N9UdOpV!#8
zrP)<e_o%^?muw2Gy!{`1MY-1+mrnhcyp*X^wcN{9Q!YOMVAjW-HvnIi9BXOHhS36E
zNuH6)CjY&$bGcWrLgHxv0Z)Dpc{P6sy0o)eE(s~4*gYQVS8_;1-67!tJ2bCUD|P5d
za6U0oe~#3Fl3f^`rGcLmvwr0FCI;7mc6dG1yzhGbk1ZdqWz-})|F66hi1^6YyRfA<
z32&i%hXo@^%fD(#Wpo4frZr{dsJLiSTpDkBmjqLWS1`9*FtO0m_Y5$V3=;l%=iM~@
z%lCLWIh%KZO8fXOLqaB;0Okq}qnMAvOVu5{<&!y;DZuv02J*xPq7Z>bM>Zz4Iw&E?
zOPpq*T9xdxzl=!5`l{I*F#`$MA$_`3IWuNG?#u;j7C)$Re*Kddkz-p6{^48^Szma}
zwVnVr_8$ojNkugqlL~*_RsM@#*$3u7Flqh~(r=VL$;sfBi{zq-`m#qiCa-vWV@O}>
z9BcUCd~!yaed%yXL(#)ZbADS{OHutpbYfA0C`f1Xh%c7u2EFSBCuWr}?%Ge+sE?KA
z#_l9!Y5eku-G_$}%*_I=1-^yTcSv(6?G9yREPAe>gaHN|SrUGDCs_hS0_I=otQ;){
z>t9KsB>cvMURc=K0Rk&P&jhOiWK<xZuY*BA0`J~w!lu+m9|O2Q04_j?0K`~J4G_bO
zzPnEY!Km$|^S}8x06<D-pp3^~vIqRw1=KiB<}&^R6@d-W^){uIPK%b?e*}uXq~sfh
zuYja~u7-3)YXEJeCP`?*WxZ%F!)43bbf{2QF8a)vcj84;LOq&SW45WtcFQGjzP-IL
z2uxJyWnS$LL(&2zK}e-fg2=u$$cKNx{iH7=j(|AN@iD^5Ab}(W)JZ^EEy<(H8mkDz
z*>Onfkr23bPQ3>#u2W_1H$hwTVu=lQS^=B9S8_vh5$;<>J-(Xc?Dib!2-;eAnV8_e
z&aRxb5l|j&TUP`W`^CnmFN)Om`L*@QKW3gOytHHe?_RPxzA?rVemhW7pib=`H+{$5
z`4&-(+cu!Q%NNJw5U5Tx*PEGor{ZV59jF708No#LdC~v9y}Qx8>r{0fJiOYsgG0>4
zxN-I8LP%%a3|0T~ypp{T3y09F^dv1jXBV!QDV++xaZ)wbV$Fr$l$aSLa}h}z%MDet
zCu*vr(W&dF3G4@nC9^(Eu!M`H>t|0ZWsG~$68Sc;R?QIGH&|gr+B!Oq1--zc+!dFg
zmVqWjpIIjG(2z_^U5J&yPIr)gD(7ucvW|VXY~TsUaC5i_bDpL98YYTsh|}0uDt(ZG
zr5Uy^jr0pa%sG4=Zcn#xvNFQgCB(Tc8NE2f882v+G6IO7k`aS?mc};#^ng+hLA*Ht
z&1$tR&j0?(@Pz+!YRQXf#zbj<t&iBaa<_}Ugu3g@(Z-Ysdl*z}oG7&US)W}{rI_lF
z-pZ{YmxO%KVs_D>dQ~;3kGGCXC`UwP<{eS+7TjC!Ms8C<{Pv+r<hp@{5Y8nDnSLv`
z9!g2SnKX0Vz3`{PQ7mgsijPe&=4>Mq(P_0UXps61N2v5UoK6#QSr>Z{xxMwT*a)H>
z7fS0%?*!yCeju3tt*ojSM~WHr9?Cz%BS}e&h+mq@9rONO*F=XS5Ql1z)YpPRYHS{F
z7<hx87Nh^sVnd}0Nj{cP%p#o31$F)L+x&odepDQZ^tq{HG~Kqnyqqq0W@Q|_#!5+9
zA6naa9B%A7{dFmGt@h3Fx(FQI4@Q-Td-=}VmN*P4kx7p>hmd2#Lz{7BI|8lO4UOf`
ztGHWdSb6Z)81pr4nOW9i2P!qjljaGWxZiV`N(MXyjsgmlQu$SPB>hNbOa-W(0AGGk
ze24sHyA@Lk|0jh&hIu0vftK2ML{{LUcUX61<R%xw-nxV#d4$}Y_9J_m&(CR|9%<Ts
zV`YGslf9zx&8Hoa{_!Ta%0l)@8{(c?E^6PiTO2`Z@3`Q&$K854yR+iacA9CgjTo({
z$)mfA%EnRLYQT;6HFe4)^x?kg9#a;Kpq3QK$S4ZxtyyzP8^+PbeRgRb1DJSB!rbid
zc@4h#r=9>nZY3zM%6U3lTC9AF3#nj|9oi<ZWbN7r`-tv>C2V^C-FS+VJ%wl~hs2!7
zE6<Jwj+F_H(*fd&x6X(IA3!Ms<UcNTkPDgYwavL@f2)t#3O~LZm~K2;U4q_0Whz}|
zcs~nR9S}HqBVwd&^0m?X_G2fy<Hhn0{9IRzZr3a~7TDy8@d>L$6YhVq2sIdVx;>?O
z61|j6W#YxE-hHa;+pk&GnoLps^^t>lpl(R?Zk+<@w8_;!f5We9O-6e`*ib$GNCiAq
zrRwf)kJKklbw&EI!QYr(cs*h_FVSD<zdvoA+)%|=IH1p#J>d7yv{v=MHUu^T4Dka)
z4(4J1Y~;=mT{!r(W|eR<(cM0TfsH(yHokf!0XC8!v0K@iTx{d@NEF)07q8A!CT70N
zKd@uyK>|>}40ymHBJ{|UzYQ~RFdQmQ@hUZw0H?T-!`x2n<s(W}vH#RBL&aL|%t7({
z`Rk3W|LIo@d>B>sFITHrjz6$p3;)x%X1#iz)U$Mp$PtLzxhY%H`l8W5rxSDPdC{)R
z4QbO7RmqCsl@5C3t1`vX$n{V0^Fwf$GlKIZE&BO(^i%d@ea&TS4K8M+QASeyCcV;8
zcscXMN&UczL|RNBY31tsDwSi0EO?UQ?v~SXBEq9*mr)76pMKn#;a#kAubUXQ`>4UZ
z-4H)NnCQd4G#^Gs_)$5?y+CW;fweSP(AEbV43PzTl092LMzt;^IhbkGuC@DW|9P{C
zf2Wsq?hxDk*hbWP&)llZ?nSB&0XrC*>Cy9K3TVNSXVuR{-cu}Xez(?ebkF)l#=o|T
zTX!2YqP=zQO++`cP8kx>-#GKTbcoN6l;4zwyi}NBN^&xojDH3W-+VJ)Ir^v<+?5XO
zlPWF);%~PSr(31y&>YTxPL1-+0{eE`N1MBSnfsX}$m?DwKW$eRX>O>~PS=u7C2pMp
zors$6&{3`V>6Q~Du{cV)KTI@g;O$v_g2+o6ZMkQ_BIy3J;e^QI<TYJO7CdQ&n~;u;
zp&s9?Zh_Xg&97%o)q$)U2;f6{4T6|6sXDwjH0L1%f9<$ml*?SS#*W$Z9vQHBx-T`D
zxEiI8uO{!mLVfJZn_cH#U2RuirC7Q>3C8Tq9*N?2K&RR6dji;@L9cVsa5Z)OrO@5S
zjC;R__kMe^uCEvoe6A_9M|UTZo^CgY1}EA18l2>1J&n^yb0ckD$ToWMR}TJfbl_@B
zus=#3I%^F+*vR0?92}x3-NrFW6(<3niS}`lzf*gc*b{cxraxm=5uI|qVX4SiJtUlW
z+XGKiQ>*>FmU@(^^7>@G$I3cp%-C5qE3`y}znLK+b7<pUu8P_NqGGAN+>3$LL!1Mb
z*Y17Db~s+IW;W-j!@fJeLbqt%!#T0ZnN?)RTw%;^m)#$eRM6D;$?=$}yUYAd-s{J6
zw~i$k6E`v_bRvD0+zFnDUULhE)d9J+MmyWUNT`Z8*q6T6w+mlmX-q=;`QPNZEwp>5
zt5OxJselfhLIUw-;-f?zt?vi>1jsgG=Wnp&z0%$-R?KfktgrvtORP%Ix$${k1S~0E
zWMsi#w6$2G;#7WKOYc@2b4yr!`~;~1GE^t;R6CDx-be3|cA2^Rk%SUux#41?>x6O^
z$Iq0JV}0tgZ2q$Nj)$_&#Jtj;huXDhlb6oSDSI7C*HvOR|GuKe#Jm8*#Qf8NKd`2M
z-}l>hjiT%7U7b&b^%e99rQg1*Uxn>P1AXkqGKQ`a;KA#plLmF~#U|Oq+qFF-o0+yT
zzx(?dUWSvoK1IUz+sc+Vy^)@?g)BSvAJ+Zm-k-D-1oH_xb>6T3yQ9T5nyRPZklXfs
z@B4R(6qdJcF!<-!9b?@(`oEy14`?A=l;y>tBAEFQyeUb!j_UGWV6206%-@T+EAZPy
zu@H?Ll4CsicdF^)=@XQs@kDsq_-t=ZI;jIfz8A*$0+(_>84xrGbMC>hI#9Y|4=!qc
z=i|f(3*4j2sJ5uQic%A!)s87)wAECQ`no3}Ggm<0MOl+FzvNGaTSYFBcF9%p#t?SH
zws1c(@R@7Q*IyqDuvx;e#HfP@P*4yWIp)y|b!KyhpOd}O^^X~bj~7Eqb%ilD$QwL>
zqwSeXV-6zNq3z#BBJQd|FdJdPwR!|6o4j>kQ~cWZ!x@;%7Yj5L+9lt*UOjDhBJQn&
ze=*Vl_r=&*Yk%RI_T*@1nX~2?p%(nUcA1^p+X|mN+0~vwKQe3bpDfH=qTKG8%{NN|
z8`QGg3D$^T-}@tgb+0qK7@R&7^ST-s#Tp6dRf#)mRWbT)vop7uzY#|RJcjaR8s((^
z;yIcldf^MXw|MUzM|Q>V*=`;Xt7@3+qBap(V);{Ii&3?Xd`!K6kAZk<AF*-g-iM!V
zsa3}L>piCnRaCGlG(>E1QokiW%i#J3MZ3E#X_o5W-X2I_cKP0a(}~lYjj_xzGiTv#
zj{c->iXc-)n2Ph!3sffwlBY9Gcr8d%)QxavsfeHPay%87_(FM?F&$SVvNuPa)slk!
znYM8l#U(bsq<}kx@hK3nyluYEIpshrt}qq8z5I^%fnb#CV>Ef}2T~~{RM;%j=*V&b
z8F=@E5FFVsEa1C;=wZDUXN#-M*>1tsf#3haLGtO-Tx;SJY9oXI8d7Q8``rTxHU97z
zxII1J$r1dSr7+cV2$i<Ra3wIMygJdE+^&#F{C!~qG>sip`jlN(U9MkyC}EXhx{8y-
zvEjT9ZsXFkW8YQa;E+p4jxXy*F<V1YkABJRSf>ipJKKo`zL`ZaGj>+93l*#p;Y!<X
zpK$cY*QIm^k%BYomx!~2nEz_OLcJ=S)C1MJ(d`p0BD-(v&aY6Z$DNc?XL>^?R=8Kz
zFzv^AFEY|qDPspK-DQx#bsn5m;9Qbvxjaw(4CCR=fy@z>Y8i=o<PlD$2@5{Eo|~z+
zp$y{doCd2vG5^;*zyeEHpD*=#;a|(fkYb_oPT-)n9c{CGbI(au5+tO|nTqQ+Ai`J0
zgdgKHOiW1@5^RoLfH(E$q;AIN=`Z+6wL@R%cMZSi7&g(HWL>(ke=JF+_tL#j|Iqh-
zaHp$2JLWQ0ehi4X*opyI!zxN3H6cG5srp0}qA*l*W=$CZqb5D?Sk3v|Z6A8nI+C>D
zA(}|A=l2nPEVmNIgJ3khL^HPUz`h2zIr8e(HZ8Qf^>;#tk&ka%nR-AJkF5imw9-v>
ziyACNvMBhtW3@bpU-ma+-+@r}cbtX$?qVd53+e1<&oa`7sXc@;ht@CxyU}`RWE!W*
z3lkAGNl>1{Zx{kwny5BB)|kr}v^xxKU~=kh#Js@i)Y!EkCH+iZn0c^)O3I6U->PG^
zOv5_6O=%N{+XEPbOR*6XHPR^==PNz{4$I)x)IQPTMkzj$cesG3I@NmsriP(GA7O@r
z_3zH2y5asda%oMNF7o#RGh>ZC=+{2~kFk3}wiH2%e_&Z=+<RMMjWsgehr#<3JLTX8
z9~h2Xm2#4(Fhr!7Ye5&E4~p{}E*Fwfywdk4$G5e<F)W>9;4PdPt%E&JsS|nv_FU~e
zUGmih9ee4U)tLZ6|Cg8DD0D_I&kD{o#tE@*)fzO8-=L3`Yu$qN3G@8<%}+okUAg-(
zJ*xpqA}@x?2u%&|j0iYT&=w}xThfoA4I)g?AjHRfnIY{yQ@_mXT<qhGQTYKf-K8>C
z#mxOlLZJ(p=vMcc&Eb(0tZHEuIPT%PY(+*Kw^S#a<6e!&EW|FS3lmD8`%TWV<lVzW
zhH6=C`P*&vWMv<SAjD@TO&;5866nX=PRT^EJ@QR$ephlKBI}<T0>4le0?$^TQ+H`r
zoNbaVzA%Q?8el65*XKIYZ&aZ6Ud*I%1}}<%2VvM993;umP<G1*%61frALE2D>v2b`
zyz3D6LvV}JC$Ep^PBlOEyMI?I!mg>vlQc9#7!j4o&Q%#M+|)Q`y2QV^=Nt0>VnDmB
z*-j1T{;&@RyL#R8I&jT<huRnZrSkzCLSAVUE0BYiPq;-y6wC(MHd+*SitFIb_+d{V
z2c0!7<zDfsNcgpvL5aYJPEG@V!dUY#3`Ak7;eA#BT*%PT2`#%d9=1~*Jbr?RsF(S*
zMWz{Dvz$VMdu6p=u`F{?<@Kb7H6q+MV<BLWJml@ip*Qb`5BlpJgE(t-j~)QjHe}MY
z4x&oX)8h^7OYwSL-JR(2V1q$4s|MqtPxPpKmxaoig05Sm|NJP3g-uhZ&%euY=_E-p
zV%xCIfsaCjIRQx3%|1r^8|((A(lHcJ=6U2?o|V914#S|$%#iuk9gL&O$YJfH&x=ep
z`&77IJ>NQQ9o_RPoH<je+t0T7KRPV-3%O8}O^DCOHuay~;&@*@X}f1`+Tn-NVH_1^
z`l=V#y4mh~%S@z|=PZQGPGrkx=ZUt{$*v1$F95t#ajLt5V8w}2S9{`@=cL_}%0+3u
zAj)X;7X1XC8^RYY{>eL@cHDI~(~U0&T#&Sg12QH-`1G}eayc-w4DJ#Q21*td>5oxc
zw$sD>7=d#2VR27zMP&hiM5n!#{Pv>+xheA-;iMHSa%g>^<wM91zpc2@Z=2||r`O{3
z)bogQw#-%2NxS{Xt%IxsJ#WABca7r`$Xj*Ni<)zuTe5PW_=CqqQO^~Lw3~fyW&*6x
zpVf0bX1rD^Tk$IP`lN5vXNB%t72uiVdwTGgKSzuVy?f(#@C;S!@yyPi6W9|}3Al!;
z6YD(cLBXI`%37nJKyW~Z4Qu?hlKaU%;6x}&;X)}2Sm~8%-CKaNkkBW4Kc*_ogA=!w
zCbF)xX_$WKLU)UPsg1RWkb_@`6(K%CoJQglch2T#0yI^R&7Rm&Or#W7TRpM~%B*ng
zm!nu{n4J%lgYTmY332a+O%d=ok2|N3Il<BU-%CJc%Q7E$)0*>@F%RLhaWgr6!=nl0
zw1N@jhiJHyxD+af?5Cw?$2ys-Z^3+s)v}Xjf5#Ju<eXW+-CD1_VDlTip?~}9#o4Rc
z_C(~*b^R;1)EH>YY}91c->zdd6+-{OeuA$g<;;@o!vmEgm6LtmXYa0h!as1%Ud!8`
z6qA8@&sl^ybRMNpkMa7+b*$#e^q1>plg^WGJU6U<V{+;Q*0kIbzY92@kP|E;&zb;V
zwaLTX8=nV0z{4v;4VFlwR}|!k(hQb<wBVd_z8Qai#{m|84xINfm^OWCF(=0CxQ2ZF
zC%+A#0Z6}m%x4)%Uxv2TPfF3<-~pUYl2St_fQp${ZCU;5MAHN%bEgv~baWnPD-}Ia
z9W0=xYvSIjM~Ep-8~LGTq#yss&ky3|GHZHS!@M;e#=%dqmcZkSZe~zI#K|NA&@Eof
zzAo?cr<T2pYyE_fGjNp)LuC`#FGfv$k$-ygphsw2RP;Qt<BdR~RN0T7!D0{Wii4*l
z67Qv=BMO%jpPOH@ptI3^4f3Xeiy2Oh^3y2m%<Xl*SbpHGFYCHT7(H3!!>)SyJomU&
zatnhR;{;n$)^#!0J%PhF2wcgFg+b+ZFz)U5b&FSwNaUw6wKt}8D86U#*P~`MiQjNS
zq8wPd$wm0Gm1>k@aLw{UE(bXU9T9Z-NU^MFtteM8Mk=KqMj|uCw=lTCP*#o{>z`IJ
zZhE(Zo7z&QsqZ+YWPP#Xb9)%_NH`o{)*`^oV}JWB;i(!Q9(xiS6f4C@hAS-Fxd8KL
zb(aqBfOXJ{6$O{X;0F@LtIkO~YOq;N(c=e(({qL1AE(eUm6=|`Qe*pxkKH7u(C4Q0
zatXDmqXiFDIiMkigqtV)`YKv8W9@!f917cPjO*$l0iPY*5kOAr-$g;vB{Hq3N@6Xy
z2O;43wKteu{o4ZIGKCdkeoS5s?WBf}9h9KR0y?#P^ozWump{>D4}<iBe@+UxUG5Q4
z=wZmLk?O$)y6F)Jo=G;Blk~^;JlB^O`<~zKow%;$-zb70(Y_T^%Er`AhJI7*fC4}~
zQghVvZz>&Aneqja#lqVrI4iW<8tDsbNT%42<l)?nbFukoQE5>c85`dr=hJc7Yjg#$
zv2DhXCODS{*vX|9b2n2BWDc!p&N*!DhM3%3_BoH5%ejCh$W9jh#aKU|LI&+*$M5&N
z1cy=Ht9KiFfVFOCGtK6m|AB?S4v?g^E_h8{i|QoqmQ&9oo)NE*LjkiUm=cUvYmtHf
z<?bv-Mi7*NGx9)bz(qIq!86C~ElY#!(}@hO@~@*-sW1V$4>)ez3vw*OVp7<eCQX`e
z*|x~z!w%F`gF`(Kg6Rk+t_9ezw<`&-$%+V69>z=gG!n@m5LfGG_`}r7mY#UQkWsN4
zhKLynP;LBaPtA#tC&{z28c^#Zg6d?54b`@+g{|=&3w_qr{psfTicfaLt~07i%{<xk
zFr}#4$yYQLH<;|~qeeRTfa4ZzfjLMEJy<$d#5r)Xxsdt6lmX_Er2qN+1_<V83;d!P
zY*GB>sj}Q^Pyn?Zow}@3v%~mi`bwoO`!!#VL`UTjAgE7xW~am#e*U;sD}zr3Bu(vO
z-CgtybBP{W<CEq-WqVtuB>NiBD!!Dnwh2WZZnEfQF5LO99jaWD6)^QxXO|9tU~kA~
z4BT$&CT^^u_fnyfh+Qt}=VPPR0B{zhk>U;TS=0JGc#r6z4OD#uJ>GtB<=dCm?o!7;
zu-AXzl}OPDQbXjophIs9)cSPa_W(-7IYRoyLV$O+-kpBovSa6JqUQG)Y$2<~i?BJm
zfauZCn>@4cZEpcI8Xm`oR0gNYnY6|};e8L$40?gWB4|VnpLf1oX)|IK5*{!*bBP2l
zTh$t+F|satmsr!L_ICA<XH1+2R~R!r66PQC<tRmD`BzBvc6V6=PVyw<%msOyAI@Lg
z=a2(;IJh@~UNM!+?4KW39LSp&mO)h?e3+kZ_uJ=XLQyrtmM<TOGm3*2Z7tKfJgS`z
zzX!v%#nY&WL_pNM@Mzxo=kOJ8KByZET>ds!N~@#*x!LFw<eh}2X8<iBu>x-tFq~a{
zQ+yi+Aes6C0>rAn9Wh)IU)ACNfgu1_ES+yX?*jz-56rRUbPr627x*ZD4!F}6P#T(r
zY=xuCGZq^mQl1=f{NS=q$Nlm!!B+}^>xk$^m;g9AE$+>xyH^^M-zq}*eEr?QNMW91
zm9T`|!l{9HxkV%D4;>y6!;oR}Ssm`PC+xcelW=<4uYPGTA}Ten`)&k#CEZVQuU>mb
zT%ZHrp59c=F1`JbqH+!8QeUq?2iqpK9B;VX%F(wg5#_7F(A;5Tl)<1QL6T(*9nbi^
zktg4Bikp^I4mnS(KYIJ&`sD&b#MuCYpy2bijpChKkG2m+c`m+EZ!H=8Gxe%%%FLg7
zRi;Pd)#lEq?lHP23dxh@WBmwwDfz!Wkm^s*{35}R#m2RJ4hEgUr}Np1d*f$-n+)JQ
zOl`Ve=C*MvjV@2wupS5C5eZ@R4Z3F0lpQ+v3gfyHcY+Ni<Ddg7$iK4~wmx?IZ7Lr|
z1;ntZeuo19Z+2+|CPT96YyK?b=M;OJ=<*UFZCQv6Q;vHID^E0=R8;~F{kB!f7Z4S6
z@iK&J0E_BJNeLZ@#V0Cs)EDL8#PG3&OcCOvh%P9AEr}jgIy^6|2~ARWw;!pzQZ<GH
ziz`jL>4N-(0(*G@^}9RyTpIajYr8tWy_r!_58ct0W?fcpix)jlS)%B#oR-e_GZ#D;
zSK5l>uMSUHLc|*^@n_bH-uWy+W>N*Y|FfB$fz~HF8q=tc{RJ?KHgOPMMgy?GxLuld
zd}{0OKWIe;z?O9VgYg@?{gArj)_*uUBj)rmpbT~_diw|C$Rsd-(QEPl!F62V`YuO&
z5cn6(M2g?ornQ%~4u3O@2il-rOy^+=Ta@(PiW$EW#KD2;d3jkUkI0+G#~)13!o7Pl
z6J_5FDQrF_>640i7Wsf!ex^{k8+nlm1r72-m)CxbEEZ8$q=v%l-FGVEtPYQ;k#@;n
zGyGW9UK`-F+t;Ghg5-fvm165aEVcg}1P+>l379DSICYZH2@t5v!qo#Znrm%0F&-g>
z-C|?I#w76(d#3K!V4wc|u(QU3B=5~xGrcwRVd@Vvuxmn!jZ}=&)_Hi6LBPaGTb}JV
zAv70Q;qjoQAr8V@1aOO`<|q!+|8Eaqcii?rb*PO<|FrKXph;Z9=v&FIUh!BIP=~Cu
z=07kHFckHZ^}t$vf5hjwz@?%65ae$>5|j_Xw_bSq@i%9c2Q2pSs9r(~we{vBIAbU~
z5cwRby_~fvF5dA=?Omd0g*$?AmQR$3;#mPgT~J!`EENcPred3rpr@9VVC8_uUK(SB
zHV8WgkJ#x|P9tI(6TkckIJR+|L%Gc#Sai30?}1$(Z<?16e{)>hBeLuFQljG1fW0WE
zo>d!NA8lMcVJdBEg0!HQ`n0?gMijSn`@E{fZFU;}zOi^m1M<9wrjYVRhOy5m1cU;e
z`z99N-pPHXHBC3rkv-(UQ>8X_w*hj!5Cz;5<9k#iSRju!DtGRZNIejx`1;Wa%lVqk
z?)WH@bn4tQt7un%ibkjOvMK1QnOcNW0sXZ`{Dv_P9ghJaq;b71@DMhv3GROD&jy5q
zl#R;q-vC(%Dzgra9Q)&c4SC!AvToANZ+hq4NxJzbf@Cx6%fMb5?dsg{E6#bO<WmHJ
zkyD9B9L8iys<)M<7$aG^LR;~24|NIDQ{uMq-3a{n#OaF2cwUFix$s0|_mji+2%7P5
zozWhA<f2x?MLxun!P=@_B?zc*ICrp5zjkg@0rVKs+=y`gvRZZ^@)HgoGyItN1LIf1
zdpNP}FJO<=)3I9MrPy*}L~(@7%p8(ODiz8XbKywvm=>ZLe_%n@;u)r|(PclfYi9?x
z*JIATg|V%j69yrRkD0r6F}kYaQp%xD@6LYJvZ@;kOQ;i`j`gR0?!Q^su=fy$0w)#8
z*jLWqmK?`nsBv7;q^(}@#f`)@&}G!$SO3_{U?IQXdH8_s8|8w?Q(WtJ*^jU4;HOTi
zpa?57pZ$gQMCt9VW7{Iw$-;35h_6Mp6@O|^B$#2}wR3BHc?Aq9uWW<FkSIc<>OjG`
z_96XFmST<hD@$c|Ls}fmJLR+At;vH{B4B3fFiU*@z&vu4Jqukf<Q}{ksYKiww-eT6
zGh)L&zsawHJ>Xv=?+#Y@D3?cJ0>g0NBa#&8nWDao;PEYbL3t1xk}*K_mWWSQoLrH7
zDo3cgC-BY4mlXfltK84x6#;^2x$*N^jp!tXWX6<M2!w$wZ3&oZc*+|1Sr{gzvDVg_
zxY^1*VI$%*>tE0)F{gL^JMu-OZR-4J2OPO>v-&NDMSwiQwEtIfW4kN>V3~mYe$biU
zZ<Eiy=p}p$6kiw;&xSlcwu$~cPJ6F_8;qyrU&7M>THetfP$^C%r4God)2Hhd8&Aw*
z+S$>3=#o$HWGdlymUl3%qykTjIx?JzcRE1r)`xfPh@>a1QY3bKULw{9_w@^^7qNV2
zKt1bcA%?=AFpoAwHAE@+=i=D7_zi)S=)DrQ!5xYlSx4{K*2cCcB`I_6Yf{=RP+D?M
zO=>Fn?3(3N`M;qid!vxSj9+}6+#S(A&Hb89Jdx{@pl{bm_U<(Ra$@s*MRy7UlL}z_
z(FvN@G)o+Y`dbS?+N*^FkJ^IhK19?PH38kXeRcvollQ<LawNEI2x?Nb-j+8AyFxM%
zTG8ey@65OosdCN&UJ@AM%h43$3z!9r)|dV}>1WQ8XEBzp!-P3|zzDUaXH0v`2+T+m
zu>BlXhl=s-Ot%lLbD}=6tYrA@1ugnTz9b?-mPgEa<RuXajA}f^T3l4y>4%mjW{Yv2
zp8!jL)(|grrzgI5xljss@BtM41$(i}?W^BX4qlA#SVa&?@2CTz>4+~%8S4ubZGn9Y
zwqbAthw4ZDctHUezJU&>WzRdtwIVaQa<RuMlaIO{Z{mcdvNG`&Y5(>|nL?$wMyAE@
zWKrn=4HK=#h<SbMs4bb>nN{7S9jJujTMDB@2$Va>UmmcMX-tN=qESYTjk_%xjfufA
zHGfT4s2WC$d6LGh`&h}?gKIpnXBk@!Kd6yb7PZ@aaPs3l0{kY}OJokzI1#vWgdFu_
z%vbAjT=g>#20A~&b1jN0GQUb&JOTp3*;T)o)YUXo%ftr{fCz)U;o3pHG0Lh4s`ANv
z2b8~8HWyU+YJz+0QGg7<*Z|i86=*Izgv=4_Dkmpqw&JfdM-w_E^XE*J+^d%$Rq&~%
zdzs-V2$|j7+A#o;mXiZJ7qp&agNiMdUi6Z#C{U)LZmcR6+&S}PPu>DZKCe^u+xWH`
zRn#vJWfeH&^v$91<M-xiHNcwhiucfO@X$=Ay5@=ztc|r<0rC1NYY@^Y*Dk}FonN8F
zaZeqSiGKe<dsQ~hMVdnaHd!X*efInxNL`}r95&Gt^lqDct9OYR<9nYsR9#44Vm}u_
zKr|5SdL^M$ZtL+ogh$v9#CH{<6Tl1bPX>X2);c@uV<=d@4?f4_H%g%``4dzC$S$F@
zi9h0&4wWKNYM+ySe*7|HjO_ZroJaUB=w#7dT=^^n;L2Pydi;79w)w>8dGR3o*cmu5
zg)faKr`2o`AuG9lwcAbD0QjMWs0wIIEhQ5+V>m~{(u4m)wY(EA9T6&N=_+Nkma-no
zkxT7vYVREYP0xDOs}OMUm8z-$>qMUi3^nV2VC$a`-w>(bUf)zZh}DU*-cj5mcBhh{
zjQl$31tC(v^rgwDAu<1&W|>2_^=oV52;p}SBctuSd_bzdH^1U?Au}_WUFGV`3yDeo
zGo}kydgP&|RiEf@?p#hEzN;HTql0{*he54h3$I#}!|RYChDB{&LF;p~5RUmBGE#f*
znQsbFv8;B19OS$xI?;>sAH$~x-1*-WjWs`ORITIzu1i=f<@$1J0p|})<_Y<29bR)%
zWG0X_%W$f*_?z9EA2)rD?*3>DpoopEceXd;Z3X|?J${noqrI_&_m8<=q1~t?6poi@
zhgr`$##aqzJ?*W-%Ud58G<Md|M=<5MT-Y%ZZ^@dLSkdNyhG_K3d=JFJzRILfybqqJ
z0W|no-JNC@O!*RF2MCD>dWEL1#EJ(*l$>r~)d(C=(jSm!_aSg9P?c*)#lmTq1{Ge*
z4rPmYU;N(qAN;@<3(Pa4HW!_dLWWpwB1Ieppw-$>D1ufvq-z1JTFsLlqeyPz&yj69
zd1sqrvFs94I*!Xm^c(ozl}$sHIjJI>UN*5h@iBy{Nc8ivaRPeP>KY;C&7kS7{yq<p
zLaDb1>XSw-BY3@oYqN~RL5?CK6`FEIk;KA4T71TQDrAYuH;SI@KrB-zEDO0vCHFAF
zrk=nQRGq~0F}PgxqLF+66R7cYnis0dU7Tzy>LZA7e|<|eUB8}gh`TKwbalqO&?@$N
zFAwt=LG98U_ide@=f3~hPqB+#f*WMhmWj>g%WuzZf)Sc=MJkT^mU)CO&&G*$fRS=+
z;w`T<+w7SX(RSyuoiUWG8Je&(II?N7ZB>+TY{c8SEO?5Pdz4E;)dH60Tc=I?1sfFT
z>pd^TUkxJ1-AW>3JgA8z`N6fPPwn4}8x}?vekCP_5RA1mk5P&Tu587IuIT;m{=v<L
ze_j^1tKN=OnTH6w=5(nn2s4_$?*lhSD!IA(4!pX)4U)I^4$9p4FQ9mry=1yQu6wrp
zmp{)gLF{*b@j31@BQ+xd!*jCt2=OgvSN|5IS-R@GcDA<$7ZZSda?kS|crxJL^w$wk
zMLXRQW(q&9!`59KQ?sXFy)C@nd)^>6=rUTcA4&-)`3HuEL}{zaV<GMM+mW(9^2+P*
ztwV3O@18W@5)1@Z=95{C$%>29)~I7;hdD2hdjt#n^#9RBic-w#8#L@;SioD0wVJPp
zbuzNSl9Fxe-uU%~FI~HFX8U~|AdJ9gGgl^~=t(h)Q;(9`HLf5C&G#d->W-96)x7Gv
z5J|U0wTis|04&APt)cnNFqbHWdbJR28+)iOOV&UEAU@@z(n!w?dKB?G?*Cw-s5~TM
zyWs4w)^>kQ?^flj)4mWkdju!0JOva7zS+|ozoV^ZvhDTFf+xINfC5vY!Vlk(R8Yk|
zX=tV(n>%v&?J}6wgBJN!*u8p`q~D{wP4rq}&N^VnE?e`NNp#E|)l0WTm!G<(KnvWg
zHCmX|Z>Goqr^0*Du=cV})dH#`h7wGEhpL)86;=QzlIS&)cB^qij7KsrFATI0XcyxT
z8T?xzWyY_&ZL83<PbU_FDE3xq`jwC#JZcS4FR2>;X(@R|J_3U1iX_L>0@vFT(3^59
zEBz7Xi&P@b-fq-VcG7!s-mrvaI?SQl^FWZEC|-*L4f{tbe~oaU_(v(OH$9INWDJSk
zAbxtJCC8F1!;DStzEx?q$ND<AH0PFF8Ta=KO1LMgjaV>@`QhwdCIlxlyJrE*9m0L)
zmAPAle_-^By6p|m+;X5O>hp1)Vj$1*HE{IE1S^EYDL+s^oe>MYJMR78&1*+s^%o#=
zeSBCH#1t*Niar8=tQ=2;!4Frg1!@BVayUC2lT4>($lr&tmhs~ZI@PC;B8*|h^qpAJ
zoOT^-jRpMywbJFj)Nq|a-X(aSaak{`<#C>#W6+{jF~FOU$6_trmo2$RhbpneYW7Pp
zN60^Qng~fE90eKk_r)1W8C}~CdQdCgK+PFclbivI_IJXeH!|9RN7*e{d!Uy^2f|hm
zsG}VR`V;^F0aIXYv*3+<qCIiiS>`bsgJhiB0|4<T$^r4q&7bkPU-}=+5;qFPH*L=v
z(9_Vv_}^{{F2Ii!^-;vIXyC^guT^BgAnWYpLT{Ah9ktXVr@Wtt9G`O&b}YnD{Uvly
zlh@-K<##AaA{vneQz`=)oPQ4ws`1Y{X;OpA&FrVPkLBk~r4Dj%pD0UOGnPH#F*87}
zrB5feha2OUesseqmC&LqmK-&JJSiuYk1ZC2t(5z;v2-{mkexU2s1#8uCBxuX$U}Q%
zG@Bgzg1%=_A+t(<U|nza5*B6?ZGc2RkFo;*Jdc<#L_0MKd=4ZhuMcMY971@VSqDHV
z1wnZPxf#@T*q@d#0TpKB1w9fT0_APv+&GfW#k+8n;e2b(f>?`6=}4g{8p+xOwGxEp
zYgMtlD)>i!=a;Rjw(k*f<%?K~I@qVe(^=GQ38+Rm)d%37h>Hu4MxS!hz;V1-v(GF>
z9h8jk{hjzk(F(&5tJi-j(UM4akJVl591+HZ-w{_PK`7L-?t;eYjB0YPsZ<rNgiwiA
z?}uQ*87Qc9=3_VZjAJS0$u^?X#!eKKr&y}uiEV7DP0}4%mD-%2kraua_S?9Q{3Z9A
znL7qhTy=^*7vV;fezX7N@vwfr%))1Y_gIs3th499VZ$5;H%CAktNx~K*{#z%q+`1b
zd%$-`#4X__fr4cu3<Ms``p<i=qc-DQMhTFsV%f9ue4kL{J0-OI)@%D$BLj^l7*L}L
z*utzmgecv(n<^9!%wSfV5VOr27mtRTL&#8env*ZZ?%CqAx?Z-*PlHLatXPh_Z`38M
zK~3Hsn%xOr(*J?6?j`tn6|7!^E;BgkKscy62Fk&JI4=ZXMQw5(*R>Ch7d$Q-2m3!V
z4gNUv@||z#$}J8186jN}W4%u=f9NLaeY$sys}rN)7z}GTutrt<m)L7f+f21i?kmTr
z3$4Aq_I~H#$PejfWzAsz9h6w%fd-)*o;lmtN+Pk6v60zujQa2K?L~D5_Wc7*VaOdA
z4?Z$5$bwsY8JNFf{1VYkS2Xh2V!k;r>PzODjZPkojH3)?UYy{UC0G0z+7>+3Zempn
z9}*n2sZC<l;Xkk#rxKz|hq8nR?W*mdGKa`Hp8U=>KL!OT$T&`*@=HZu+@1lZMCraE
z)Dxl_@`4xnFu2b3z)xuUuJEfX3^jy!w0z(A71&yFa^hLme^)&&UNkCm-xfQK>Ut%K
zM*r(hBr~1xKLuh^314*dGTOa&DmCS&d0xDCfo$vtcot_%p29Y0EV-90`{PPKbR2>v
z5)P6>d(F?l)z=S}%x^&NNbP+HtV>!0*}WB>_Kxl|d!sC!{DBP?qMerqv)~l*2mecf
zp=|LU!EGGZNORwh(dh>y3l!Pkf^ItDlk!ZU+o27r=z=f`DN|@dnJ5*_d_gJ`AWYrt
zot=47-l&<jCpv@`TsF_0v;%nro2{sUWY0Q}27pjpYtKcf<s@VH(O+cho(|eYn0O5x
zh1bXQVLyVPvhu`BF4@KTO@CoE<AXIGo`y-l-7lFi8&np};I^ZTuIl1iw0Z(PtPG+D
z^12nnZ{hr4?fym`>`O#P=;tBV68~x75d9qK8vY)CxENahsxqgBhWotzzBgETFweYi
zpxZ;O)wjGn%YtUL32OHE$uFEFlpe6NA2>w_0?6MwiO*HfTTBPFx`~#FLf|p?SlvmX
zI!PU?nm7o}jK_b=xPRFjxEDwx+#P)*Zh~;5cS~k<K>d_WOzBvG!Y@4NWNdnn8P?Rj
zLjlO)*VDKE5;%!k&{1cd)U^!>YdzbRF0}pi&D(Zj{*tbL+dWDiSt~a#?5xd!DoS^y
zn78rse9ov7v?m~I!|Hzy{G^a`eKZaVAL9KdXb=}rL|KBN#pRw87HccjcZte-CseZ$
zwLJIo;HyRsQBzc!a@Ov#D>*JuD=xBGuIP|Ju7SqXMlozs+g_nNitGvMpsJ~p58g-_
zxAy&3@BpnFuYSg~SdGt&Gpf~hNwhNkQtoMdzV~{q1vH+1G|<3vf0$G~Yu(BeA1y6u
zM6t;*vK2o60q{?%A(P@KAb1h=H_bA_3LY_DLZ$E<2^B~ujmYY_g(#(HzI}1*JnTNe
z+)6nchF-bRX0H*1t=yma*-b3Yx;326+ubz$|MClxP!3wfytad;NWB!@WpEZqxG8-?
zOe=<E>K_*2{O*J`T?bUdlC7%6@2Ahm>mfi<cVlzr$+QEyIGFsLPCN@6?|MPhFPmeG
zQ142(X)#pL+OcXLgo>pv*p@$ezfVq8jP=+7&YVVG3y}>KJQc%+=B%c_WcIIOMV}-L
zNIx(Xc_FctVzp_s_qgbU{GxY>S~<wI8?;-UNG%673WSktw`qf0qSxb3-8MgZtTv?U
z!$0o5_x#&Em6+M;n4b)z&V?7k?F!vj-I{*Bo^{JUOJ1&oYS$HE#j?%)?WYTUwtj|$
z4~uTqju*9l*NL8fPG7vV3N(l^j!`F^%OyZ`#QU)*My2~fqdWb1@z1B*UVyh2yzM@V
zqS@>e&gTCE<0A?-ZiWiKXP&H2_Z!?d3s|tFxV66ToHO6vYY(hgD*Zq5A}1hMtev?d
zGQUnk*3|235=6AQ^uv|`kQKJS^x0{)`rC(6-`aM2AcY7~ZKc@3y|xPV25Y;!Vl4Z^
z>pe4f;<uo4?W7UXw<IM1*=ALbvK_7ZM7ixjcy(1r7+!~B3zlxeqfxc9Ggssdppx-O
z7YUhy!szx`?;U9uB!UX6(Qqk;M@fx<Yx_*2ilqdc0IA}2_zCqln8*7CRez+AAaKWl
z&wQ2%Q>$HWE&6fLE?6P0OikKo;Z#99xajhW_dC&zC?1bkJW!$q?Sc8Rlk73zYG{B1
zyKYvcRC#tCP&s^{;%*&$)zUQuaUg3!JLFh2{`2MS9(lsw9oVL2IIcKPJo5;6?<cMv
z67`-y+D(c95YS6BN&zoLeQ6yDsWBSSWnWW|;y-L}Ok7QC5;sHAZH5+#X5FOH{=X&K
zX1H_E=a)w?Wd;c;Q2qBiHqA?@&AjC8T|WaJwPn@wkc8+~$do9JUmFuBLi>k&(m$I<
zu*l04j-r(5LQl5r)(n|-+6T;tUTj2i*cHUrbKy2MWX$3FfQ#eR&zkQygXRE8IT__s
zDT#%8V*rPb)`c=v@j3+nyy(S?3rd^$b%zHV_s-57O2-QMeQ&_RE3AkyvSHafS$^0M
z3rR$G_1HRjsO#CzN5*ZT@3|0Yom<WAcROnx`%6VBfIikL@8Yov)nl{%VW-_1$yrj+
zK)O4hNSUVou1(67$Y}C-6DaZ$Z7+ON=_K(%Rvt!UEZ^2W@$lkuJda|n!CpO9u@6R;
zdt^Y2v6aV=r7mw@&s&Nw=4}7vhhU#;-UG=ZVNA^&GOW!fBQ}VtdV<J1J?@nc@^D&@
zar%AYio>y~DxbNIDpJQ{FJ1qEg=xMfuh*H~0ovB8+|Yax{;WSJF4xH~)E8EO{GCnQ
z=^HV)SS$<<J5yt=#T5vlb}J2WrS!61s}Cz_(N?KsY&%+pWBU`n1X{6dl)BmGc1th6
zPf*$pdPS)wKtiS*4jYIKyBCyajZgf4(e@TlQGM;(@D#&P!w}NlCDI@W4Bd?)B1(6R
zNGSp{bV!4gz|bLG5{g4eBi$h?A|N7Sg2?lo!Qb<bZ@sbJcdd6V)?z$z_ME-XKKs6}
z>%Ojigr!?~m?mC~F}-OQ*otk6U=|0{znluv&4Cd1urPaQLn>~fQSfT#OnsT!r!Xw-
zL3BVAs|2jWh}HuT$81GW#%!kZX7XC`*}?V(f^=|cuk->$dLM3YMm?TZA&X31><jYc
zQ@@tSnN^m@sS3L)Yd^5N1I4Z35tWpRk2ry11)Y<PO?5C4i32){`I57~n|{Q~630)5
z7n$~UE@LK7<}CxO8;F4twV>=9eU7j*1NJ<>5}#C;LdkQ44aiBYM!u~sH?#0W5{a_b
znIFG@KSzDO189h4vF5AaPM%-YS~)rg>M`|~@AcU?E;|Z+oLeMjyj1YalTbh)A;$zX
zW3foT*8zhFlItU1^)|kjcq4KlG5uy3tZus65!CglzDy?4oMagp6N$yTU01S(IYx~;
zE6vW!)#t`NR(iwgo{jZ-(#6fE#$<PY_LJ<j>+}+dD)G%fy|!aOJ~I|EZYrH!1^Qf0
zKprM<fqpncPu&qO82Reznqny-)e8(p`J=D|VRz0{k(teq-=6pmEaVcWHSnO5A`^(p
zRFs^+!k0`HrP+_CYhPWOY52^20>3}XSui4k`nSA;dQ4;{{wYbIHg)42Wa@B;A+pM8
zc*2ehWprcb#i|S)e|ZTlJWX+CD<GHsdIYPrMY1SrDB3SZgcRczSz97%fuSjH6Incs
zfy>};nUR8HoA<eL{Y9GSz9S2(QvyxX1_jszmlR~77zVVxk+Axf_@M>jw{f~1za|L|
zLg^Gn^^Kddg(lFSU;G^^5aK<|O~w${eLJD_5qW=aY~9F;t;`4<buy^`o-}Kpx>>^(
zBF;71!LxBc`mUF)qh{i+yl{McvE6oHqjrAjmuMSRj(1l@@?GZ{mhx=|O^0kXmiyX(
zg7lXh-dRtgWo0kn-#kT2TdK=6pu>rJ89*fUm_HKr(xvX_EQNKE&1WYWK<NxD0+oyj
zu7L3+<t~sRlW1KeYQ#$es+>Lp^b7CC_D?{Z=P7e*Ln^+5DB=#L@M%{r1u!s8YrkXg
zsGvn%*ve-o{}lphBV7W1*)gPap<7ke@sO>hBv4%GN%lM=qwM@;+Rx45QHFel`gf%V
z6Ys2p5rSPLriYIy>E@NpcTb8&WK~*juU0^;i<jLQM9QB*X6{=ECH*9GES~)pGgK0j
zV2QN_7D7=5F>5lZyEh~~O!}fd8A=P|MqSg@#Nk&J8&ZBfu@notAd;bMS(B(i7SF9W
z>tt*BdN;K(&y3n~stPSj$Hfw#aSJC?u|q>=3jE~E8F2zSQ1^>J()1R9y0{4CJiRhN
zvi(z~-UEu2#O%xFHX3*>QEl9(a~|NFN!U(_BrZQauQ>+_>j7?UBHWB9ZTSsI&WRE=
zq4khZAoVmdnFJnDI)=q5rQ<%{)+xX%a&HT$Pj3o_f+T@FHU;1n{snRY*0Y>e46&Mv
zHZe6)dEGihRJn;v3qMaWIg?^>3^n<x-5qk60VrUiwqtjcfM`_2JK+n!`NZGHio)kj
zwn5;z&7MGEj)+Q%ky0z`my1t`FtoC1qlcJQexxE|;*i|2R|{rO0ZoUB-qmOiq9h$p
zgp&Xn-+p}w2!ttjAG?NdjWgF71Lu~kk>32Xk+^jN)TQN7-L?{!EJwoifm|B-fg#)L
zjl?RkCd~(+;RYg27b$C}1TZ5aa)CsU%sX}9IlJ7J3K2d>t2XY*J?%d=35U}7ByTL1
zO+9)57$60~D#N)QC%R<|_~fRW)sg7&)zg|Yt#F<fX}5<PwulEVoF<$f$htk+uw`-V
z2|EhDL0N;IQc^oIo3{e0FKBoo32{hrKFnJI9YuZjC+a-bZ?t;`sKLD>n}G?RZ}7hR
zyJ=9KylH-w(VV~@T>x2E)VjJ)@&EOKi(7F4<|#~}UO6wn>k)yH#eYIuMlHajfZAg{
z27)f5$oUg@Zl^#PzyGkj7-AOMMl3OR`uhI#*9!rtLLpJ$)g-sAs&B+B60Htf2fnIv
zY%)L{hc#yK+`~3h2PPWo&@YM75{c@289#yCYr^gPxxHT(e&_i#{~jRg0K6R_00GYd
zJ_@32Ox#31`v}*kj0rRtb$Je?$2Mu768GkXq#eY#pK&|*T6Ot(Yt7}~0Vpu<7zWA>
zsidKbSK$ik=~Z~5U@~ylwvAX?Q>=bfdfdnG$yDLY_SWnRqEIt2Wnvb{^CJU!27M7X
z^0a}*JxCnQ*UW$^%`!t`x`BFB{vqUeW6Y%lxNx?tD(`S2jORc2+Id=Rz5_kH50r=c
zol|~%!#fbQCv@wc*<9cLAYT;Re%0{7>g$u^`P03#fN;hC>jM^eh&YM+ryps5zw>3)
z+t`i8nmKu*ZoTm5zp?dSI|qBk6d*q7oVx#eS+V~dpZ_*#ILGGztd_X%1q|q<%_$K;
z60xw7HIugzYoCz`a0pQJ36!Uj5*GsA*5&@-W4?h<ERiHM#&et_^!OF;eP92V-?buN
zWG=M<RMD++zd93Q)F!PF3pz??4U~_{D?GO|7<(vkA!Px!3iZytB?iE}NmiCmiJavg
zDVkVB=4}PS@Xp_+rtX^(qu#BMb8{N#yH@g<c^u8h_C*VebL@?{5Lp6x;T_m!hLkHv
zdbgFqQeRE9G6~8c&r8%g?yd4s*}484U2af)B*2)LS|5J}dW={H3@jGvNxqfyv)lJ_
z{sZi14p#e+Hat&lY3O447(O`v!ktOS{@Y1csL2iB3O0ot{|nLw1l#O}lPT%T9I=3<
zbJ6yb)A0T|)Nfy9Ex7Z1k%(?tvDe=LT*brNsYKWqtI@Id=`r_IBY?}(x!xaB-vd-V
zvUw$uM9CATE0?Hx;ZsT8)?0D4Jy+47p+F(UZ0Gt~3t%SwtD~8S0N_8#o*Ai1HPJso
z()$`%o{-TofK{VJ^Mz>!amYQa*U+q*o_N435&%?%4V=^t=A}%CaDnno7l;E`K{~_&
zhz>8q1K@fDBz&;Io!u(YDD3AebQSnULF5$JSt;1>v`v$R6$=tqyt$SReBR$C|JqN~
zUd^W|6PcffF119dUgmv{3L;?$=yPPHJ{9ce{$u6Pt?xI#`xB6=9{{!H3NbMN4F3n#
zPbwsQ+x7h#yiyd<RiOhScGlFoDajP#5H`W6?CNe_G(gr&3ti}CIQh<LRI`nj$=tok
z<y{A^3(G5^4SJHVHHoNOq8xf@@^X<mn5AtwQ>RBFG(VGa)t{Piwo7_H{gcP3ROiGE
z%gQehWG41|qgK!Jo|un$EqcaTeee|oyeFnA`saB&0XaZBcLJ=Pm#A*+k8)4bk;)I_
z4_EQOdJ3kqopNrxpe#||eUx2V!bR0Znz+O}>(m`eS?{n;s{aP+4a0tKuae)W_hu9d
z=s0g@z!p~*=!`me$hIOLtoG(9i1UKtjh$D`hq9h6LMiv1%XfBS9r3}>Bb4O~+Flse
z`>iwTzmfYPJPN0fxA#}SU8P542cp>@tpc_EmVYYdO00vr8CPdLU)Tn<F$~r905`I#
zR=#0<TCm0osCWMagj_eGW{LPEdw$MplsXQudIab!05h*5v7MM;<C01aScgV<jI0dP
z051!`M&2NTtICAIvtlx33xK6t`a_fmTzgY);twqKjG-2o&+kbGZf(eQ1!&Gx0tpe>
zB!ApLO&y-AiMpIph!5{}Y#s5;tF#Wl%FVY&<U)W;Ja4SH&14mjL8qUqY;Lz*ac^5F
zmO1yj`Eg&28=9{%y)*+jpSRKkGW^qsTwq0F6+m{(3u(A5ZJ;vr{O8zDK0dE%|6Aj4
zqiXo^`#FtZ4Ir4u*Ls_9TGfQa|MkH<GjLE2txbF*xL60!n9*-YH@iv<W&Z?qoeP}I
zzbpj<kZ%rPP`>`dprAvDYWf;w9iU?X6@%*lSXKN@Z$=EUXYS&;yahpRkbjdgw2tAX
zQH9k_uSdPYB8kNn(>%+c#zfL~ULJX7`T!6}dRAH*i4d8P$I}7-ZIp;@5epHQi$AIn
zLyl$+k-AmvBB~#n{vN9Gw)pXviY3xLpG;T)iuIqy;tU*!+AE500114|r&qSlcMn+O
zgiH2-o7bj~S|N`3jIAtbSl4F{K$1ngrF9yfe|kP^>Ye+DL|H8WiAUjEcMGDG`x5OE
zfR=fZ(}I1;YQks$UD%VJqVT|yDTb#+ilctk_eD1zSxM9ZT|5~CmYN2Eb)ZYwCBVX?
zVAPbe?@QKgOVsEfOjnnH@0V!-q(P{A-&*6J5$$O7G9;|P1(e?Fth&FtPIc`qP$9g@
zFi{HxU&c0<V&eJ~xNkf8fx@%BIDhc!A5Ws5TCJl6$imvpJl58vgN@F9Qpo}ewH7>=
zJivnKc;*Ygfj8U%vQ|+RId2C5-gV0F0aB2i$fpiK<JT^><>n7A>Vzd}5Lc>kCHnn`
z6jvpf;U7~P^EcXf&;3b|K7hZuQBE@rgg~15pgX><{?mUoOR{-}X+)Bm;+z@+dxnMq
z)R3n+v4h~I;GaDUnp$~4@FJglreaX^HAL@mP%5bfQ2xz>%mJF)`<b4KxxiN(qNp6c
z0QzLPL855m(?804_>@WqAhyuT3xFTyuWytQ{Z<q_#PdcpJ@uY8b<tBkOVm6z_@`UX
zpU5JChc&X1I6ma_?Q_z>qc7?(M2srW;0~m&H5YC2V|>ZNey_<a9?X%y!eZBeVP&0|
z$UKa+>gX<dbs>pWt_fI-Z{~kT0xP-NY7=qP7*@t7-g%b3&^{l17xo0A%Qrc~5i{}T
z(#JKKTp%#eTf&Gbbj7re?&mGun+I<<UhS4#R3pl~JY{luKOcNUGj^Z%dg0{Ht#Y5g
zswJqym(QWKaftvUMW#nILJ7=~4`I*Uin|TFz_~zmdF5lpPo2(lwM6VPF%xF!iVOm7
z`E9}f)Dv|Me*;1xw~>hO%z0Y<lbBZX6gF%D)12FJ7V?S0I$Zok_U*BT_lrj#j{{D-
z&TRju2d3@%ggm<N6X(29C8^0BfI&|eFtNIlue1z^l!y#h`~|fn16$xl7@xZRyPctC
zcBSw3z6+(!_yCRrz>alwP&$g$`8=eiZ}|}URzqC7GO5Ye&#G3I%#r@kFThHxnUDl8
z2WB(l$T7f&dAG9wkRqX8`yH_bVV9~(U0^M#T3sW;h6G<LfOGRk*8oK{VnFBho)>T(
z{Hb&GCa{Y`<kWcIr)D?C|82kiqvu+s3aBJvfISzaB;W_jiL77XdKa)IL{+2Nm+$v8
zb=~Fl4uCkoBJz&8kE*#JsQ;Pi`N<P?Sfbi>z<C~7SNe(dn*i2^=Lh9&-;rnLhi5Z@
zr?C95Tj=}Yzd&oEL_>q$260Xj-A8sep3ngGWPoBL+93Cd8jYt}uU#Ab)p-xeG(=5T
zGugJ;64Lye(GdgJKcb<O<*Yi>ipI>1SM%7*2gM49CMT-|2+ukZoV(wx%w?hA0I25b
zh0IXl+*zQqa+!tT2o*QA(edDos}92F|7LPgM!%gVwZWrwK?r78OQqf2OELavE!``;
z!c?*o8j;y;vvHQxF*hm_A9I;I(`yS5Bw6%Q>AaDaH#?AVl&~?;?F}_GnLsCXhnIPA
zws7zdFbJiV43b$O^JB`dPH~_5@%Dh<GsWoye;x-4Hi`iP-~8~;c|LRULhv)uM|A=K
z)JxPuK*6T+;uWHMiyqiE;gfS{&of?tEWAt%w#i^(;3%E<Hn{}|MCBGsBmU4m%HAU?
z#Q=zWM%2BWGmHQHaTCs?R!93V`9?_G`ABXOxk-FLndNV0;~TDX0Dyj`N{kYjE;<{R
z-hVu1b1EAr$AdIr4q@anl)^krEI5gNIE-(QQf-aw4mtbbl7uE0N{L`>=6c24<eA(o
z(k?=1s}?ZS$+U9jPMeB&lN>osS$c#TaFJohS9ZTY%(+7{E;L>>-L8ny6?A-p>lo8-
z-lZd(HHppO&C<gR;47G-R!n&^)D8B_!-p98u5eUUkgb~qYU!maIH<dRq@=wP9cRa<
zS=j}yeuJcP4<A^5L+ufIJL4x{N>mQjc#)YM`wj>>0G&z{LH$+i^t`@BGiJiW1}v-w
zL!dQa3A)Nc)bQQ(JNrxcWgjKsEtG*dSfg~Sl(?j_0UFT0q>3G2@-F_R08c{B@jH>I
zvwCgR_PZI<OEf-Zh6rr@?3!$!yfG3bfiY0%Z7?Dikr0q&h#O;4bOznH)Y7J`CU4lB
zg3_dAk3fx|F=R*uy@q*&FJAbjtIJrWU6w4Es#lCtl=!+p!$<-{n>NZnpkP;nqa304
z%@MRl=K6xJM;C$#+aS~%W|ss;7~)YN<fZXV2wmx{B`p(1Glw#^Zffo(e9VE5ofHdU
zI_{{3_#7Et3DJ&jw0j>1nw}bnkhSv?5|K1@K<lZ&VQLIDTx9B<%z2S2iF&^6J-!vo
zebbPLb4_38%6HE2pb}^XvC04{f4ckqera`$$9YJS5ReDFRIEl*lMm}o{_5koq56NR
zLE^BOp3dD54bLz1wZpzA`dq308NLhvEWl*Ep&tRs4SLDZ&6nBcd&lbSZZ0u~b5Be1
zVSdQQ4p96TUp4{>s}Xa{8u7)da|`fm!*4UM(_AQ(Ur9vw_Ms|rK<Si78f$+N;YX8P
zYLs?ZrVfX&8Q&^-KCmEP=AB12@sK`3pB9Z;@^DlT>>fRIq95&;d3<Uqj#TSM-?a?l
z#blx#*q5MLSE=bhh16ohe@+~?wdoZq`bPR-XzT+KlJYLE#m88&!H50RR47aR%NquH
z>++bl=1i7g7cxUSG9#`f+X1igx7zOAeAZYN>cNDiIZ{DDHs}U6@C5`_Iu@35LBO*K
zu`>j+7DKuG;v%5KQbcPHLLHt-#F<=PlC6L&GIG)M=ku&YuXENp|NatVwe~K(D)CW0
zR%r&T^b;lG?(c;9x{iT)OZol3Z1>|7P;|>HCgxnQtFYwN^n7~jE|39G@buGe#$Bn;
zSoXX+A5#DE`^}&(&r1ikR$VhSqAX|Mt3N64cQt&OS95JysIlJV@LX0hF7o+lE7-E|
zq<+UU=*CUpgoVAc_wyljBCTEhuiBI=pJ!h^Q>@1=f3$Sl&uHq7)B0x<AHYo4^9KlH
zCi3!tsIf)18VF;+)k_gm(887f#V$T8xkb#H;|rd9LCqpmDCptp=~wQPRPI)-i7U=b
zdJ9A@1||2=kw~FF_Lk@bup%>K?c!nxcX5p{ab<dE-_Q-%n{||mUZJX7mj0F|d1AVW
zsY;;_P<~SX$_8g1frrKV<uzFS6o0brewALb;q#5c*^M!+*Y9c~CSB_+TV}2-HU}1{
ztRHllxYk|k?qXSA$Yx|eXzO~>8F1^Pew}#Z*E$pT&(8DV$xrZs_va0+to@f0EORH|
zA9&i-#}_Jr0upPPDd0&cgoJpU0C$a8aPno=F+1-H!@3p`PY4gr5<P@;($)>t8^a|N
zW&nqDzAF&ezkDv5M)aw2ieK^Z3s-N(D(YF$i~F80oIe(}lHayj6kSaAjE?=obZO(a
z{CvpbI_9}uSpFry-v<`F+Z@I#m#9d0vmO=6PddLJDzz(6CHoQDaO-kC<L;qdQD12O
z-m}x?dIrUz-R3W`6Khpx_FJDyiUz`RZ?^;cASq`*;z(*WE{dF5zIA%ncK=yN?;+W#
z;BwEC$%(u-j?aabgZuZ_b-q#yehDG`k$Mrjeg36Mt+(i=maRjU>;GgIaU?|)y-}I?
ze(TxYo0lGZZ<g{<>v-7b)C;`4=S+>N&zic)+Sk$c_a$*<R@m+@la^2Szf52nzeK{$
z==NV*ZuqX>ymXzjVr-C8-Y=I^;wW%B*iF^2w)MCt<iDTt!sPEMS3hh|V44<GjUK%~
zA9rVQj$bKgwfL1XEBa%(=tJ{S|8#r&?BRV@(bvhI&$F|cRKUTr`>+3=w2|rc%>IW@
z>2YkvujiY<81#G%5>ER{t-W%IY{#qi`Tk<q*kp=!uSytjX;(iE$@cx6v=I>8;dD7E
zE-o9+iIoN3Sn(g*&cT3<=l=6OjeobDGqXRugG(!J>ivS6e)HeAokQj5-{a~G8h!s-
zH1<I~`%y>G=$n5&0!RP-5jgt4{)7K*3;(^bf4BSC32Ns-_!lUxQ!kM3J?3*(e~%UN
z_@)x^<Jf<G1dfXTbM$}w2f*L{Z~x%m?f$nGEc+Yf(K?&r(Y!&%J@VEo!4e1EMq8V*
z^sl4+uy&)HoZxkD@d&_+#NV7#j7EQ_#xBt;!hJ|BmhVh0W0=IAJE1T8K|&2TFCLC-
z5zlUaaD<_ae*yW;vK2#ZM@otO=;m*=Idxn8PTVd5y{Q=vu{hpzj4T{0d^Cpb)qXnC
z2YyY*i@R56xy*9*FrZ$61eCukNSG(ZV<Y_Gf$WRu@ts?=-^mRHnd<i~!I8Y*hSjTR
zoqea%Qdkn72sVFY{&59ru1|_#9DL^wk-L*6cqiyCj>58*(CrVNn<8XAN_9~L3yw#2
zy?T~fI1bGtHab7LjSDuIYl`|pvVNiY7fNEwUagEfflR8Qu?$xz%XrPinahRMCLD}X
z!tShj5O{)u&4U<SCY`vMyXv^04%KG?bf7v$(hg&i3d&l94Aw=+X_O?4NuTmdRT4>N
zj@H0sx%M*%h0DiS9W_hJxGwkchrx5UYd>yzO3ONeLckCU`iiw%%pe8j!}SqH>lPe>
z-nn_ewh}$(7Nizm@BLEM&L36whfgk$<48!1eH)1+yz2LB)lZI8q2*O`7C>pUb~oJ^
zCbe%T6i$%i4bv8z<A##7)+e2e8rb8XuyxbZMqV~bd*CBQ>XPIb#AlnYfWqxBJBrUr
zkXmRk<QlZgy)By3T--o=?JI9ZiHX~>t>X$}1MZ|oVke{WJIw7b_hS^gQc0rwO_&i^
zA%-PvxtflHC3_?Lak9KkFJGu>iXrzeB@OPtlpLM@-TwY~w;_Suh?2~Z|CDu<3mkT$
zwr=;+A&T<#P4I*wR0+8QqH<(ljLPqHBs-zoXMTX7V2z24)P*}l7}l{ep`_2hAQAW2
z%li}t!meX_<XIXK1sn7QFPB@Et&>(5J(-|25wHp+7dv$j;WWu-^{foUQ49X;j}g5<
zry)u8(t5wFfE@a2QXTvovKgS9^>y#HbbTw{$TxQxG~PSwRAhw~{<?&Jr?xJcaDax&
zZ?lnb>K`gX68AI%!!<GmFQ8a14bNAash|xXdxVH?hkP!qyH8?uZy&qxUCxKjwYf++
z0V%^i%Q9I+ZALZGfTjq|#!bmzCCeX>lSO@Z%s|jJvJa%mFgjh*#owrsa+Y}YM&Uua
z@}%=U;X<8B5M=^(1=_x8E`{<FH}Ly7LWmY#PnuAITNmSmAG)F}Dj`$Lbhn(i>!#}x
zP!Esy#ezZXk^aLPWC$-Gmh0sRYB`9G8QtZ>L?GUq7H0^T1TpuQrz^DNS)s0s#}4lu
z@`8r!6g~1%W%*udP4eh;?pIDU8MIEoZ6UCVmikOYpbTS1_y_lD$*}345|_yNdUIkz
z#k!&&&oEyhea64ZxrAL}1*DI{6i<BbUFwwB+~n%fEM}F%kr`xDWY4uiCF!n_?`!T~
zOx4DT4}X4AiIxCkrzET#1i^L@Oj|wg19jGxi<-cVav(|}`smrGAtRx~;NGE7byKPq
zH`L?Kw5=_m5vXpju5RBd&@9`{p!q#4*F+v1Xm(Q!rNKh=Q?yxSd;CuvB^V2`N7oOi
zi?4s?2M#Lj2~UA>jjZUXZKseCH~38jrk-ei#BwV__wBp%V-!iAK<$O4_$3>z7#UUr
zVjDYfkOY%NuWj5zHM?hQ*=zN~zcZxqP^cYfiG=F`Wvz~3K}t=LoZ`O+NFGNW%;l+h
z(0zPbm$n;+v|svRI#H3evt24hqVW*qqDpNJWB=rTi=9`<fA`*n76K<frT<99yM`0P
z<XlPzX1i_53uxwd2qyU&Xm1$A>NF1<>o;Flv4s{_6L;oCerqFJqfx?4F?G(_6dX3+
zz_at~Uo;LwUk`%WG?-+RCqW0B`5m2WG_^7vSOv98(H&&VBQ|80Fiz>e5u2oz6mbk3
z-#MmhzEMUC{tGnyk>$jdkgp~8`MS+^e0>&6LgF@$-iA?9+^hjxR_Xy6MJJu{wnySK
zH<B8hu*LJngZt^qW6t&0`Ed{S(N*-mus4Xp(kjQ0bU81)`eHG@ClDkCteA1qAdXj%
z_)Oz1Y|Ia(Xk0K3>o^74SE>x6M=d3C@4XaY(CFY3-_rMnn(k}Cufh#0eZ7tEr^}`<
zd!+TsF|+Glh~A$u!F56cY%oJ1e0QCjhtyIp<>Jv@lw_8WC{PGQAf|^6A>Y)z$b0q7
z_Fn#FQqvFy8)P%xW4blc9WE@Q#a_a_x((Psj=|IkCMhI^O15{Q656z+fI&&?niJJW
z%b<MFD3zE!yb~OZq;he3*{TD3hyZbs*)zCbMb+WNj;<Rm7!sB>C&0mcwEqGT9CTwc
ze)&8BZGn_=G_S6i!{mafyiB8?bLzc2dTO#&6lJ<rCx0CyGU*ihT#o&+2aEKW&)hc}
zs+|X4dW6@=dEj&&;8HG*cr~jBg{y(|4lF(ohZ=h`?{GNCE-K#Cu}XTGF_j}v@~N+W
zcOmnALt(>VkOquliwQe|6(fx<mDNp#@>IlH^SIeuASsxAU=Ip@C=^-dZUYO0lXU&D
zh)6Bx(oU3O5!EoUW2kI?i8mTq*7t)el1unK&G@n`Xw3{#E4>+s+(E<SwhGc~C4=o;
zP7Fh&5OP>FzFQl6qe_~;WKZx)Jm;p-y|h_y7&(-OjT9u<g5|MF5K9_safL7>tVxD=
zfru+jD+$WDaZ@N2mq1wFIba}xD^YNONbS}wO3L6BB^<SWQH#>KL7lWHMTzG;ks^@-
z*Ai>lj`%_{^y+nYCsuT<>_Lr446J)oHkkRs;r-%?Yr5N$&R#Owm)!AVG7|i9*s6#C
zEIP;Du~GU}#llO3dJI&=cw0#>{E^B8Br2b!fJ;x!?&c;_wi}f#b~uuZ4<i<2_`B#A
z^w<LQaEF%GtX~XG31VcwYpyOyuHpKM`!VCoJ`&aZ4u5NAtZqc2#yi+%ln4#g6c4o_
zv-}c70(9_LFP4$k;PMEPdjgm@T<Us~&yO=BDcEs^0dnm^>I2A#AuM=F-mqrbM^$XW
zbuHXw>|$1(P7yryy@Uit7-TKs5jJV&755pVa=)#d{Fd<`>H<sDjjf}dC>;~`&3)Di
z84Zm$Q#i186Ld?pg#C~jE+ns!a@W=HnB3iUJZP$5axE~qj+P{2P1Uuk{aUV40}wi3
zA>u6(d+6~^PuJT41?tk3jfa8k3q0BbRB)={eHBYkePJrlb}^hb`!@Fxlc8!UJWv3i
z!rRK|wl`a2M8}}RQI_Jj%)XU8a6S88C~CO%6IB!q)fgt5@<4Y(AI9T31uvU&&SRpj
zVgNVBf;F7rY1m0+_C7+waX!c{7^DQ>F@z0~!p@^prdV#&!B(8^6%sIp7Y()~)AuT@
zxcQwgBy(njH^$&uPXaP>1B?sA&ZRPpNDE_*`9dBIr=zF94}bsyht;yEHDWcLPOy|;
zJCv6id3sz3OdKF&Zx>WxxcniLn}ApN<hQgh<bt)xD3qQw_uaX)0~_IQshH;vDsW4H
zie#AO0jO;~9>orp22n!Ms)wm8OZR-*GlRyLpd46W0+Ka5O0_szxH}MvLf?lJy=wQg
zw&ba8lv3?T%O3udd`9xV_3npi+8B{IV=&d?yd$=!5g5J7%>it#`AyXt?jbbBAvU08
zD{KNX<}9^n6&roQAyWDs7BLnTBz{J+cIcy7YE~7s8FcrA&HT)ic<yXJA=Ahst15*3
zlwlH$38Y$BN8*=Kw2}?QhB|xfAjk`W82AFy-UIf7XtI$b{@WQaKApa8iTkVxQj9#h
zX^L@+{3r(f6X=uDDb(BQcRZQ8OGosk9NPlUdn~Ai@t0J6a#T!I`cnmJ*{4#O-FRQ!
zqDJk$EJLO^Rl8i_QRs5>PtL3341S*-?!q7B(0sSZ>D{5w4@Gs-Ue`EKOe(}F1yb&i
zFr!eJZY@-H@%DEwOJJ7gG}aSP)wrdcZ@?YiJ%lUVV19=Io@80}3-K9uEv{cUyPcsP
z7zFbY>lYOjhc!~*6v0qCKOS-}sQnNJw01Ai`eMmR^mmFq#<@#Xw@rJBL)HJ!|49QX
zf=F>Aa!58jYeWf>ap}yPUIz@YAMBPax+PjIp@PXpX{GbNpAWb~^A9Le^^WcmOqnl$
zwQ0i<g7c0za+zPj?4<r{4Nth(y9r?f(r=AP)z;O%nyBr!EbDm+sHdzYtzw;2CVr9(
z^Bs?WB1rI{dKKw@h!VP$GZbH~AtSpUvV7%iVsS|YEo^Y#N6is$8@H&?c(E!?G{dGw
zu7|P3?Cf`wc~#3l7XSZWb0ytQeD<z5zSWClq#&W$O-BL<c*+l{qEcOxli%2x$EN;N
z`;CApK)EnbT%$Sg*4IbM+~)9>=Fix`N2XA0pq=K71x9T>T$5G7mtJd)W3uR1L3iM%
z)u%q||C3)klRIu>;9rU-qNL}I)7cV`2>d91By)w&qyI_K=<;k#!_vWTa*a{yqV!0T
zSR)z1IF^2w&}#~)y7QHy0n0_5+tGnc*%AjHyw6*Ks>Ktc%r(UltGH^~_)V5VkU2Bu
zWFdkVp7%hRK6v8VgM;Q}{ljdyo5Nh68>*mk3Ht{O%<?(jela=vrW!N$>C;0%6#h=M
zkx_F3{bgOpd}<qWr(ecDhyvo@OnQg+hnZJoBO6Q$L@&fQ8WDuN&WdPXmr{MdpB5-b
z2X&faVsO_KmtgCslXgm4+EnMhkLH=Cx`x~T7bxMiYB`e-)=-z-NmvR=PLYrR5;E1x
zstWSxY)e;Y&NCi2B7N<4I&pX6xz~4(46-Vv9m6Lb?60TZJ{n)r0hR;%1P)#J^AV8x
zVOsA}&@KBad6S*MwpaS7htzVmU*;=KBX%~aLbaL;4q~pvMJ1^@xY|zMRZ&m44dIQH
zq47ix<<ZW@ZrVfW{c*iZ@;5=!1MZcUmEAX?&c_-hQZ|jBQz9byCbx|#>wfiik3N?1
z7kj-NEt_vI?<zQVUz_fk#0Ng<3$#19u_iQvL~jbl{CSy19kgfMhNA3LUpFls;nq&G
zua3gIZj;kF(LK>58zZNE%R^(|FD&R;xy!^LIq<A_iCXB1DMHQ7)Gmas)TI{fa6y$Y
zH9~1GpfF~bG&BD2GJ90YvL-bdrKKrYJ;tyi3wwZMO5}61){FWHpNN+Vc}RZYEDQtg
z9$eC^t&)^O5f-o%GAMpYv^^75J58naX}j@OZ|B8`%V?AxCOrSD52+b_{fl2T5Zz3Q
zxYH{o)(1jZS~Ch#e^4AZ<SmMNsxXXha`TZ%4S&NtZJ(()@7Kv)P3<|YlUu0UNPM4z
zSX!~O0NqBq6BS=r0uu_Ps{3X3NWN)+_t^oX*&n3vZCg?R@z_8kvBf{a+^`siO@H>e
zFqF=>%Mx|U?uZ4l?$3KDReWf#A86u$)RzYam(*O;otX2Pcx+y<6Gk%S`->K0`7}-#
zn)Mio>x%v)5S*fwpx?UHOxJHu*@?>*_fN6s59=zk)$ILs%Z?4RkBV;uTf{I(y&xow
zG^7gUF0piJq&?xCzeo`|sHZcbH>O!ZQo>=8?vG7c#ls3{WEbpHWjLjLc9-XNzSo}~
zFT}A;$PGUR?41gba$DHts6yoqgmmf*s`heDpQaE<0{fmBi@^Ios^fYl9>0VB_WrOA
zZK#Aat2)(vTE!z6?J-j9KKQLv&Ogge+>DF&27Zc=>nSWro>SiI(-gVnG&W|=aT6{P
z)2(#+<=s$XvtxelOR`2m7$!v)oI4F#V;kNnFi@c7y-hf?*=#Lc&3v^T`N=r`1HU(c
ztN?^ld2_;Maj~lJp$pV4iU}4^Y1Uc5W9$Lv&=9jHVPCpsaq~)4&>U-5XX}NtAu<St
zgrF`Rsmv%TK}kZQg0j2L0|9BUt9JOzktmbphV;DQE7`u@i+Y%TUFtq94Ev^<95iQ$
z^4omeGDF{NjqellgBO##hq}(fNtrcP^x_|<&NMce)<tN;!NM;61JUpKvI$eLaHY{@
zH<10BKS;PZq>o7k(xLX%FYc5?At<AmlJ%_{nle7}jy;97tUVT)hD7;RKn7B|NI=6}
zXZQXHp&<y#aHk^pPadl~CkRI=2{w|I%rJtJxiR(1y^qH>uG)i>`(B&sXXwp+rRpTk
z>?O^uVKm2AZsKD~%Ub!ZtLxi+Zly(~BK8{r2DsNPb2b<6uHN}Nhl{k(iR?=z#ROf<
z&UDzEK<?S+)<hM={pmuf;DK;nz4Fb=-+f+G-l~M|dBJ3Ionm?T&0FSQyO*cHtAhJy
zg;u|OqID)R@ywz!PrF$&9n$$7x>(Ce=+_Y*7ARm^tbI%q{+e}VCmG&*ZPa;q=LxA_
zzP8vKW8b|1!Coq>Q&sUDJ4OOBNHgKC(47uPGp8hq%M$gEG^z}iqnTF4(b(=lYC9>O
z8_p|oU)Nn_&u*>#6s+2<*%TblAv|JkHcsKDycNgt&MBOF%-3{#gAH!L1ML`$g*V$L
zzGr?Hamk;i@e+ofbaqvvW~NV7x@@XjiPsMDh@*HLGVoZ49q;)V<W~oZqn54RI#%6>
zy%R`vEqS=NHLf}2z%Tw%h6zOS5Y&6cNr?-+Bh6AA!Ehj-uKF7(s#1V>%HZ#7r!NV5
zDA30sq5Gpm0o2AVBXbXa51dJpX^I9{dN6^p^E6Q_QXDW4b!PB#q#YXC7s);ayjfFx
z#*5m#W%yxq|HVcroan@G;6+E_ds_D}sBhG1kFeArdM*rvfHvUqd=$LE1x}?Li7|_1
z{`Qc~pxC_gkMJfMEPps^>eLD3mPxUV%yeI~JudI*{=AscoGzREJIv+C0x3hapm3Sf
zo+_*v%iic*39R>qL$xg`g*aD!j2M^D*t1`IvsD(n!JNx`7au)4rJKX)&}>I}4cTya
z{jM#^qFJ(gvm<|f&y@GJMHLC^J|hr5qz#rlwDSVU$4=8BFVY|Al;HRclQx5u9*wS@
z)*ai}nUa#?bbZ~z@__Ki<LYAPyY)LMI*s{`5=AHs4G&}@`7*ym88=9kOA$N5yVh>0
zPI;I;lD4EJd4`$hr^;Dk=UXsah2QX^2Imy7gRx{eM$ubI6R%IN9sd#Da>t@f4EiJ^
zUDV$k0X@yai}$Mq7DU%ak{OjOd8rD$7QnMpDh`0>eF{m@>snJYKy34i`ih;R77YUS
zyxJ4|Oo5yGVe_u%cn|FvR)Jmk#T&J}Utjo=lm+<_hdJPR$5`(26fC4Z7kKRoF$s?o
zf)keJH0F~{qu$-&^W>u%Sz#=*+f~aDHS0if@&nx9WqxU?+iUx9EfNEmB0~kiV|3v=
zZ~9u-5r!LPXO6xhJSB#8u{Dh+tqF@i5&U0mU9EM1%%{><f|F>#;KlxpApSWSYwY%=
zNGm%Ua=Y!j!)XU0!dtce+3tCPT`)2u*HA-*+&S@N+esvzWP{CYK}*bU#ky+!>_J1Y
ziH2<68P&H>CwGl{4QF(&GnChI@UOTO)Z-u)tOF2s6kGM;<Ok2!Hiy3vC&{F^b(2HP
zx-#U|LK$c!d>Y6Do}J`=-Q$1%Td{42Au6h939}x$T(9{U2u!<^IJbgK@G=XOgGg}7
zrm0cIHSaZzM5i9|*Kbj(K}~P7fIaY|mj42gA^{}yXv|DyiQ+>fgurqIisk+j8~ge+
zUtFE!s|>SC46F{C13o<B1-0V*#V_&kUuM^P^+ETWudt}|JsQpq^Xmfo-=rxXsA!M~
z84sAgz4fF8^Q5+!#*oJq-I9X<nePCS`ZD?eJ|l$Is|_*QtHVpaj@thMnazo;xWTs_
z{$S&US8NVk^5gjk4t{NsA$yn6<^y?j1+UVcK)d|qCVs{AugTfviY(>Wyg6bLR<|;}
z`@%rdO26BkM>y)X`lub(hy;kLZX__t%)h5uMX?pHZ~1x8{=8c@Jv*1qr{8r_F7Q4g
zd7y7o?RnC{@ZxcZe-YPSXvC5=1tbLf2X<BSU5?D$D%qPM1!%MUi!;H{pRfPNKR<%B
zw_oC1cdX#~CM$c5a5Qu&?hj~~yX7)<paQDxVn*PXW1ET}yh)@1B_H8lXR$I}nZbAo
z+TRVyWz@10guM{afSKQ%U{bIlnM%6!M<BWIYg&_IpLGi013RvvMUp28JFGRmP%aOx
z?5oL!0+(~dclpqb^uprP^vssb>C@xmz&j<@ei+^J?7IGP6$eg(fZlxb0ma|4%NPj&
zIPbE2aneBBG|d&Edf8a8=1V5LS_{Dd0*hrSHl!(y4JaFziS3{2q#H?-c=iXO_Yu@w
zK*@6=GI%Xk&XH{IU?R1MzjOHE?R+p9r`DSR#0g})mco%wAgH}!%(>bmVeiF_2)-wd
z^mk;F^U4MPL|rbrI;H;VDGEc?>PGNsjgLwFd|kQkaxPmYp>uL7D!Y}Nl1U<Q2cLgk
zLC%r0M#G?)?pyO^`b*y-D4V7T1d7y0qD6Q^zWAKD&3RWXnYiKx>_kMSVdut`Ou$KO
z+o=`0jMWc8P{ncD<wq=``Kn`_j;5v=juze!eJF^Xpl(}=zSzjj@GTy6Fxe5;`(}x*
z-u<Yva&)^$H1EOxlaE5J0XT?BCVC+G*{9L;0SwoqwDY1PjsmRx=zLxB5n&4#TL{SO
zZ&6XtyC%)yW}@m>`b0A+gW>7^cZRWBN1VzxzES9Kq2(RCUEl2QvTsBJNkN5#hAQ-g
zyGs+K{B`OIz=1D>O!*WhvSsB<grw2wG0`)+O(8C*Wmd!|O8(^;V977-H*C7WY3?hm
z2rj7n27kX&x_m~JP7#zPpGdF^Q5Nd&KW$}g&XuFZF95t3%w)xZ+*G(-K9?E?nCu|f
zhjbA%+=laDOjjj{wvh$xg-5Xpkwi(4FB2zp^8Q2n6g0H)AZodp#{j`f7-=~R2u0kc
zjsFNOmNT?YEF@AjdVHhl$3`lB5YStM^B<lQt#66Dj5C+YZtM1>h5jG^Gwv0ae_(~L
zi1)%w@^J?0oQJKDGIY`QBI2`vpJR6yPwR3P0HTBSdmD9f1DF{@tx^}g@cPLQ9?PnE
zb(6!ufU{Wo=j})!LOj3-k*)Yca(0N&aaEb%rBgB_z+e<$nzaeW_Q(KCu6fs$SY<uV
zP3v-dvBcKaVDJSt3Gm1U8#i)(4G7rVqr%>X5+pD8i7cW>5(DTXk~W?)om6%|h-c?w
zVFdB=SnDo%?YPfN{R=ec4t@xI=(kTkQuaY#b2jExiS|B*`zkwV2oDf(#&MEypwvmK
zf<8h;>2#BnkB6uJzd)Bp;7B<J?J+T-th^w2#3wImJ3n4H`1+kedc{{SzSw;DR;h@_
z5cvjwwTBuEt}(CP*qIsEAP;Ec>Upp49<!{R6n@%5pXCCS0rQd8>d2Bh=zcog4+?-X
z$aK$+{KdW?nKT?W;GT!(HDpm>hXzoL7?#}^^RvJHnU9y}r_v#U-c9lSB##z|ts^}<
z@DcSAWdh>XCdUjLm~*Dyz)u?pmXc=?!+GaaIVBY+PzS8pDn1-}<r{EApmjCHCvE%M
zji?}iNCm=7)apRblK@X0+^;)I8Ynub@Q1hh66p8C5G=*JSrK<ZZS<wL@cDI?qbkEE
zZ`E(|EyQV4Nb(atFpYCbzKMCOO9InixMvcEe2KLy&${Ac$jZfGJnAmZ3&N`T>_!Bb
zBQ!ITJNOZ5`KG^&%bG715GbV3<}mdDnspuV^a#YzuNgfKmseWmFoH*^iB`@bNC~-H
z3$?~j9xku(8E6lD!0a4xXAzjGz=WO3+ebrXyy~yUdScz32&|xx#!z~_f%iEFMZ3pd
zTmw%9upV&_7qMb$z-}FZ8u1K67n}cL&O>2qHP~d`0nL{us1VH0Fz8RJG-#7iafckX
zRIiPT%W2#PFW3iP&+pa#)H^r<E#52p5}~N^XxRfT#=y0A*VtceYO5F2Ihqb3=~Kzz
zKs!)JK{4;S1NRD0;!_S$a17>6j46xm!+V+@@~2-<EGbl}(;p9N7EBas%GF~XXwW3&
z%u@MU&1(U7k8Q$rAi-c=XOYhb9wqi=TMvZR@e7j$3pT<Qy__QK3rP{b?pJ+6L3HrR
zz*Dfv+y&fxi}ETnRp5?1(agahKg@a6KX>4YIJWzfI$WWMMh(!gtax;|0=NDuxwabm
z<phXP4JTrE0<y)&r^A`Sg+L|Y`h|?CzZ9lqEuZ3UPL9HGR<=+$K2ABxStDyMt`Ssw
zMzU3v3wmPXG7M}qq;2Q_jgkUd(lQ+{N*b+Qo<*?>fr29ZXqMNnUEKmf@l!{yY9l%|
z;WUGk%hqMLU}^^1jky~hqL64Ybj5XwW!icH&<2A|i8`#6fBO3iu{ar$Uamg=u7KRA
zuDLBKoBf#is`{;0H>ZnDN@RKvlFiJoY%?~ur`9;AM{LKs1ib75%)VbISGY_$wY<fB
z6rmHqTRI#sEkJjH9%PEo5J8lXLG1}X`Qdrx5=+LEc~HoNh)bj}#KkME#Ti0Vpl`w7
zHKize^qQnxnI@GfU0nn8_HC9}j@&atf`oM%1LI?mpwIO-gt<)&$pIx=5;XIXZ^ikJ
zpyU)t<HmgjD?`q<MtZhP$8pN>-VeayD_hg?39NlVBL1?ocynVHm#t!IsVH5LraCKE
zxr2{Ar{A&?dz#E<@i4E<`;@A9gmbGM>|Y?~EHn&dVSWc~>EP)IaxPbMzd+5b)vsQN
zd3<?Y4YbwKIZZvBZHl(n%k4wbt6hoA!ofzBr<K{ImhaWG@esW1K1A@=P)IxR2nv*@
zW~Snz0H&tnS!-4!c3H|P?D8Ms7PR4JKx&(my`&j1%gCf^l-q7rHEY+J+bc=Ra6aYC
zY6uMBbl`0_<xzL#Fd>ppH<%@oDW`lo3WDWQDDW_$9cW~u&$CEVF93?@&)2FkT_JhR
zNdh<UjPl*Pm^r$G0ydlkbw5*y(~$YjJC`<*Y2HXnu7(kC0|BYCaeO0d4v(IUU!$~f
z3CF%^)CfCBat8#k)Ce{)$}b)64w=Hw@p3nxYm}gw5MXCFkVvGkdYQlO=3Ti{DQu+G
z<~qb%!f6y_ltF5Ur(d<(k%i<NG6TCCqlNQe>!e$~O>iN;A!c`VpGVsDI^Z(@do<*V
z2uBZ)q?%kUGfN~L4S;ZkB?=GUS`PnYq8B~g?ZOqj^AgBKOA4R}xp>F~jLZ<urDJ11
zy%2u!;V(h<#|#o?uxf}g_!%39(YTbAoE^&{t39yO-Z6M3&2bkZfxJ}?Z$UW7Vatx*
zf`$Yy`|Yse%rBOJmckEH9kDrgFV9F6T$AGGBOw)c=AaDc5#Vd<cd(Xs#ykS~Cy)rd
z=Iw%P*~Ja07tLx!Xn-iwxHb@)@!(htt_VM1k^?4DUSAolnqHqCf!SDxg1F;b3*`k0
zvOf5LW1TkbBIY%^2RaZ3h9yQ&)7leOkW<M$Z4^Xzgq2B4F&XPaN_nM4T{=~F**-Oo
z*<Wqc<j+d=UB@qzyCypt1m#N<Bvj~u0c&3MQA5G!Pq^GKxzI~+L4T#NtBShqx|4li
zzMm5CN%T1xp^GI;LysQv;OYDo1RF^Q5NKGJ48L$B(r2aZ>1sdSDl8&_8#Yjm{EiQY
zIAx#Ef~$j-Fz&1wQk`46C*(%{dv*>MYT3X#6O#)2!E-r1Et6#>E~H7F-bD$1o>nDu
zyAUQ>;_f%unLvvfyVJl|o$?%4?fUfp9Qxd&Re5`%a;~Rx1P3lU^;3Ko!H=o4mboZx
zs3f@w0xBew_jpqi#fx19=&(n$-3bDOh&}{L0Y3}&3m@ZbQjc;ANuYjY$zuoJr*4c<
zIBR@Y(+=zcbfG6)-;E2g<-YTnG&O52ZefQziqR*s9pH7e23(cHMV<Zq!nK<H3b6+v
zRSt{AsVVtQFY2SHs}z*rdm+fA<Rr!N>xx(0jDPqu4qYn%ymG&lwVGQ$yKd>jsid$z
z$EpC&Bl;eUp39>Ivfk@5y#-ux$8=1rP**eRKrssbDa!kR93nsxN5IAmz9~;It<Aa_
zS=*tnG`vM5mw`g1rOmWG$CHf^QOzF$dK<SjVQ6c141#kDi-){w^43hvtvdQY`Y9;6
zm4Kx+?v;wd-!F#CXB4MWU<OM@SO5TtsoG+9GLszLLQvpXfiwl+d~UF^tOh*ZJ-ap5
zY#`yYBbxzMaT<g*YMkc=fzI)ytUSsozv{l8Sm<(*{$LaF>x4iywfmRY;udrNO^9ST
zubxhP4ASuqoulzI*42JN`e&H5oo@ypw<_LkvZPfMX#CP8cYd$JJB?1y+4)Ef@FCen
zn`q&gE5BqCpL?AFMa-@O@I=EQ69uA%)PaX=i)nikNWM7sF;UvueU#M1O0S$47aMo=
z^qLr1%EiWgKJ0a>rS-V;LIh<{JZ5k!$?1SD!8>98Sht28lom1eOa<$tk@HWg&Gjo0
zv~@*$JBGH_d<`XBV%#JZW7(2zn+y|~+$@$>keJ7<yFjIRqE(C_)u}=fJC)B8MC{4e
ze3&C8H3Y1@+y_%#dDUD6E@(3ln)es+$pjCjl9eiE2JHoYyPdlLzazDbTZkcTvaF`M
zRt<SHqKF;CiM?OffiSQ+xVT{K0%RmTxmYp9CQAvAA|e%qKl6}SCS}68%$9<TN?e?z
z2do1CR<7+MU31zALK@5-0e;{XSOY7+GGP6e%Fzy{n55hqv(O?5FPaCph#}KGg(l)9
z;iOn-qfb;HjOkO9jgM1tXLH{H_FtfQ9?f`KKHaqc$uHa<VMBA@#({TVC@eebD~*#l
zCm#R=Zrp8rM6zNWxdf9-R9|4{9DXgp2Gos(7QXv)`Pftf9J<+|H?L!<aj}Y<5Vb{+
zGOw*-dDw{pyNMGyGL_1CV-lyk@ev6~?Tr5*-t2f-u-t$>Y1&n*tBUQW=hiJ8J+Eh*
zp(J!89WgU6g^Vjkbr*4N8~f1%azLGBBnugY>)-0`oZ!}_=CSFy38rBh%R6U%=D$Z4
zYNp&>HVk-tu6%*R8lw1P@5JV2#?5?o;#}xLn<#?dIqZDzz~&_}QEmi*rh9xP`F5m!
z?q8KhDI1*fs?<ClllTZflwg4^uR5#>EAl|TJVxrhmcyW!A!tPu7p|g;!S-5NChc1}
zr>%AqWa2!`<Ev*BObJmY0lF18SglxGobLyl^aH-Do(klSo3WI*AcT?O)dqPdGBb-m
zzF1-{#c8{RAN`)@Cc(rm$P{p~&!fx%20ql_HuR;C7;(_JSZ<gm1WJX`UT+Z7d{@^U
z-8>g7mpt=;5E%hUtmpcik;@LtQ2j8J!U6slD0xzk+&*4G1ALJ}k!zJ|fIgHxgZ>!j
z)y$1_AVIFP-MjtZ&!wKQ?ANLWpNq<WPR{)Pup9dIThH;y|BL_74PH9twi6~Rc1osM
zxk%E7e6JUHBu8*E^rh$Uj|FLteUYEMJ-XOciDttR8S+1fzuCjCDM#45(^iAYD*4H(
z?2LmyT_i6Fhdkk>$?PM3(Dj4jM2pj5vYq7dZ(PAiMIcxEb>kg3?j|5j$e`eMFc3l(
z5*P<eolTua3*O_!RET)h<Kit{ybN4j?NC9?WcLxn@tOA{*9o-;6Oct9`mEd%(!JjS
zXK)a9B1aI=oWIa$?DcJv1i8pG#wKhJ{oZ%@c`HtWYdpt$3plbHP%b4<D7~Un9FFy#
zQWik1Uh=W2Kc&)YZ03NqteJ6HE7;Mre{(z&eXx=FF7W-~UMmtEND9*U3C2<7Hfv8j
zMi@VD_SsMs4Sb&Z4!!QK#9R$T&CCHq#24?M1D+LRq6Q0(k(JGp%2cW3vtT)ST4Rn$
z=f1vEfoO1KR~y<tDfWf-b4ZEOB`Dsf1RKH6U0oIXguYmEd_dj58HQmew=EHpil)rH
z&d~}Gl`jiN>cxU6<l4)~(HwHOsn)Sl!ZaPUp3ciH3C02=QO_Do1H5tIl2U<21l0zO
z@JLq!uc_*nc1bc@svnQ4tYc~xNOK?F79ee;;S(UG<efqZFr+mCj6ncU3ms@GEI$(d
zp`|(|D)X?IcXMtP-Npt=odK?Zp$3*~lxTj)dP#8oZ)D{KX_K*Yt>m)CF>iZy0Z7?F
zXy#@xh{4TH--U-QFkISt-V?rCk?T|&n+EZdc&^yGmuYf?7&3(gCJ3YOWHmyWCy$HM
zJBwxgjKQ!ur5Y60Mf$fQ3VFPPP?(Z8ocfW^&Jv(|iKp?Wn&#d9E-;2i2vkFvtHEMD
zmT%3QC|u4pJm91>ytfZ?dj^A7S3|@;Lx|+HVw5|d_siw;pp5o<EuzBkBXX|7C<Y(X
zUJ=rSjsjk8lX2jMO*|#f=ap0_qe7a}KJ*fhfty{{veSy<;oHPTZ_!`7%%Z@SY8}@r
zB$p^YM<ZYWHBr|#t(w<Je?!Zh=}NXAbu$vbS`$ud_`VF3?L=l#<G%&&(<2DWAo}&V
z1*Y9`Hd!TPAk*FjV~4u(ROIKBBQg+UbjkAIFY@$8Dm-ijy2IV6Io_C?FAk`kXkH84
z@S<`9O(1uS3TaT>zEFY5<3Cc2pEzqN`rI;H96nS7l)kb0U776BfF<;4`;X5c=E%of
z5$tIMUgrH=A7<}NR<K$ly*GLU!9Jk@{TC>GPh<zHVS!Lv1@F)=4b#yDeku`ey&5O9
z#Rbt5dg>uP1BUFOEF28SFCspWcF8DQzuE|sr9sm1y~*G^jIdo{L6PoR{Jg0M<3S?j
zHK=*n$=q+|B-2U=>|Okz3AS*zax^gS(k|Bq>rvBEX}(gua+W#q-l%KE4CqVfC`ej^
z0Xrg@`YtSmhduPD=ta@!#+#a`Rjh~GFCp42Kp#_BvK%0fz91qGeWOz(2={8gwW=1@
zvq%4{%^Frv`FjVwyhEgc0y)4<(-qdD0$o+Qc0A;*=fqEeL`bZtpLVkqh1fVB?xMHu
zg`17w-VLag9cs5Hvh#WR<>qCVRw|Nz&~Mc|mW9A$q=pFlp#;BHWY?#0(x{A`sv*<$
z*s_oHctKz?ZMuWvDutMBW89e=y&n3F*S#7pyV-+BkGL)Dm#{mN#psx&cV<(P^yY{k
zmgs1*2tiW#r1-@yPSM@o;<`ET!Vty<jv=Sw%CGyJDMV^+vEWjH?Z*j%eh3%D{eQH5
z2Ut@}yKWL7gdU3Y5;`a#y_e8?@72&d(wis&LNC&#OO=jPDWX*AAiXFkT|_`cz=rO-
zz`g%+&wtLj=idL4Jd>G~gq1b3X6Bpsd%t&dY&lk!VNgj<-ZaucKJ!A1VksjkkffkV
zol&c)h%0;mMuPN7v5qhoF4z*})En9zrEBVq-phfC6=MmLx_)v4wy0OR&%$9p2iMBT
zZk_EJe*z^Ii!Ms!;a-3SVK?$E_MU^G6wpTdBrebJ?616BDOzSx>4Izsu<r=#fUg5H
z8GDMTLZCAwkl24XM_yWOG9o6TxbTNO86}vRWoka*c%x6iClgO6!2{a!4ZF6P5J@8j
zRdQg+OD=ajZuI5rbt3Imag3m%20y?>ZYIttU>7SW^0OFrr*cV^gUmpyP;~4^FA_7_
z1W*LKkZNi>1KgS|g2-sKP7qH9E4z4Fdz6_7<bwrXFmx;7cV=!()W7Z<Nhp;c?@#<P
zhB3}TkjOtDj#*1%CL*JU6Q0~8d#YkKM3`66R;Z|iMa9xX|10yI7IFF4uF7s<I}qVZ
zZAK-DJx7gk=hWXwn&pqrQnueA_Yau7ts-)78h6LRABPO|-aoJbERsMUtfP`Ol~z4G
z>OVlH3b<I8NE)#ueEutsuZc(om)hCPn%XHa&HOBuC>^DDBfYP+!5!qv0FeD6du4hl
z2wI^Hy)1`1L;%t)3$ed%OYq7?a1S63f_w1~VC0jJdS6Oju6E!b*3h~RHt4)wkz8;!
zFpc%*KfjaQ)mGLU@zt}nSpTanlH(aRKG+;s-kKvz7RhNNof73Xow#kBrc|y2pjXcR
z1EP67FyOj*)XU?bCk?&N!d7g@W-pzB0UHn!o?=DJ9Q^^}@kytymE!x(P?5o9vrd0N
z+YL)k1U0S6&7CaAU^>{r%Hr0asaZyBnZH<sD$Nv#H@Wy*^gC$bcecCfeL)$`BRTr-
z@udWor$;9#y*KwMq?yx5F=v1Hi$kw;^|gr>GwCxD3M)Y9FVl|PYEaaHLV^q_D2g4|
ziorHB*hu}@N66%?0BYsXWAFw=G{55z>`_=8%E!YQOt&}Aey}>Mo{5M57E#S-#%DFg
zj~~ZwVfA!5C62V$3_p$~f%Jou=RAgQ0$h8IWjZz|?)Cir;u#vewOS>9A8%ej-St-%
zWa_SNcX`R>bw5EsBBsq|kN|m6yL81%vL~yh5)A+m*`=Sn)cVSg6{N`H9_o8M3dYU&
zN@y|DXh9w*tG<U!lR*Hap#|DNI$#RXlxo(O&H&wF!hvYyGQ0#({E^2uspC*jfvF=#
zSwIX40@@dcB_6(Th0Jqep^Eu#BEkOD8veJCc&!i)-xxY9>3!y-VF-Eo>2Ek#(Ira0
z0?R=d>S6e<PAZqFITlAXl1P59xMCDQk~g)Yu!jdCXbgR;D7=A@UNwsb0q`7IOTa_&
z%ZiL>;A-@-VUc>v{B*hP-%8)b^!qq`fE>57Oiup^SQX$KwU12`kNsvP2~uzb6F0Mq
zPvrat?VPaN6loLL+=e;GPtujYygqrNa8gQYq5|ob=2{OwSaWPX!2;iVUW1MO)dg_t
z9*BmD>|G<BrUw?IZ4BANDuo7*EJjKYs=;#5;xUtyydGdy=IPqQu)u<Q!9l%lK(#o8
zFyD4a@klTSPw*2&2q7abt3v?9fFk9Qz(;yq)&@+EMT<k`(wEx{-$4B)p-DiYWjFQq
zQlpGY`b*LH08>m9noGE)hmGZc117x#Ka!-|NBjZW*h&%KOyB}i;K@0VgG;N%RkNam
z5(`EJQ4_H2`l>PKg#uh|g_KkPq<;b3UngFl5D=i07qQR4J5t3_&se1ez@3j`tWq({
z+JaTQh+-?eJP=<5L_g9FJKzZegEL^U{mT4lL<0JfV-RJ=OQ@xse);7I$w$z1SxlNO
z(;&bTdV=}p#fTk5ezSuQx%8c!<*pIHOy$NdjG0*6TPoJC>;oKnRc~;TKFyR8;HKG9
zPr*s|ibu0H@_r8XM5yVeBN6PQuG`2HkNhH~1ZYQQF2ccuaG5><<V`#ROYe$<wq6-l
zvGci3S13plv>7B{Bne!ZI-OZcJ?lBC!V)y+i!ilC)CVeNO10^h47^?)U-tK`r*LN<
zPJR#>*b_ZcOs(F6rSGfK*2kM{*2~zdl!{5V*;aJ$>i4q9&k<33D(cNFfy+aQ^U9yd
zEJ%BF;wSDh1NPQ3PQ<ayw!R{PVK?CM&)~+i_^a`;D7o-#_b0L9y`TvPGqXD4O2Uk>
zSZoEek^l#Q+I$Cl$v&EKs6_Y+fiH8jn5~$f7{6OupcgaVg@hexbq-ebBka;qxL+~&
z3onVCd&RW#G2ll?mi-O#xKmKWfBQbUu}1DRmKxzic#|Sop5PE<{IWPqpk`IHJ;xot
z4sa2XO8H?<4;YNw$KcBfFQPpFaeDH{HqS!OJ}mtwFJ%&JTp%m?yt?P_f2>hNY|AX`
zv%F&Ck36Ksx*nCL4!`|M`s|{<*?ap}qT`Kz>zC{N>{`NOoR-uc9;fazJU?*&u8#G@
zR@v1G*1Vj2sgY_h6o)XY_v1?QxTDVp@{v1SeS%1-<K&+zV?JE*@rlzkz&+phi10lq
zZa1AD7cuzTN}dYEyL790J>nM!$2b8V9p+hA7UE_(M=E!EoUGq)H1l2^mUh(qxhbOn
z8*V3qS%2*85wU!ZcqRneTdIN`+)MfaOB!8Qu!ji<oBxWWv7iv21~<hPhe(+3^Y|fh
zC$nZDIV;5sDFvb?wd%OEApb#oR!-&mL^mN_iG5o1(~B)BhOdw)gW6Id=u92uiu#N@
zWZ3Ls5HH-_!b5fn5kXzU%dRp*M*Y^vVY?o~O<uSh5VlYPa&*<(OujtR=-A;53!l6Y
zV#QnuM<8d9cuC!G!=efvO9y(N0<37`1~7Fr2}J4p5J_LV0y4_m`$o7_*ae~@RK_WK
z4<-4Ki^}Arc)n~ny>Z2WDnzb%)b;7*#n+Eibx+Q%P5?N`g?oF}e>8~*Ahg53*kd?d
zQLSnV5Si$#U@s#grceLXRw%MzUjy}^ksQ9S7rtV}F?=<J+(|?5VJky$fGK+M3VPZ+
zCvPT~|ML2?$WL6q<7qfMYBr>V_CkuNC^?kPWH9e?s5=E0NeatXBQf{A1H-}j$bqVG
zfaz}Ws~UDgP)RxMO%G7gd5ETR-Crs-YXYtHhNcT+*d$=~p>Z6*dgfXh2dMWLz^>;I
z9MRBVk0UZ37Mg*^v>&kOb>@Tw!V*Oey<4kf^p^}o0GWK_WDxUsOxfUCaVm`c4fLqj
zLHmLVj%P!IuDgJ1g8Ccfjt^}~Gd>%y6B6Yj%?s@U$+$3RYzmxD#e!9WnPT!S%)bfj
zQ&3APLAkUDg`TMgRaj1Dm$V&AGSqJ%ObH<$v#k7NSNDpwvnHN++RfZU@F(^CB{(p>
z_o=2Ymdg`5;uN|5IZ#mcA(2;dD9-KXV?eXj>B+$5-7lT-!G*-WxCd6!cCrUVouvu}
z(d{wUJzXiLJ!)PLcx8T*?NDgHxL3=apDSb39VF651z=?e**iC`qArw>y$De{DNJmn
zmVZWF2R`dJEd?$RP#cC+Ic&4zRpz4@Jo0kQBQ6H!W=CFa^g>ocL@r=BJ@22Oe=vVH
zKo}_mXzOA|NBK3Is=Eo04om`xv%mtAFjvcTfjERryk!Nv>6ey%$XW|911h6~Ag}>V
z5nx*7?W+=aB}}~EIusp=bWTa;F~G1SHH?p^o&KIBMZtu<fr$#<1>2s1X#f=}zD^6!
zfhDrR*6JY-1I7lw<71DhhoDX{K-MyBnj2P$lWjn6XPo}Ry76>gJczwMXcax<5Bj|N
z2MCxC`B1lFBG8Q_4(OmLdnf;;QmQx!5;O=vH_%PX{6Z+<AUvA*MormUwv3+@0WXwY
zjHj-CS&YclAdbJGKO!@{SEeSb1bQyYz(uBVP|hZNa97vSbu(D`b1`KXHoI(@4&jZN
zisswL#|^cfuf_q_1drQYjJOa}^jc7j&#62i&mKD?h1yUm@k41m@f6b$$5IhY<yXQQ
zP3rOrMOxxGv-bu3cs?tnI9M<#Tt<Hi1uIt$BxOY!nL|^$KQ<ZH-drqBf*CXePmvX8
z&_&(J1^)5V>qPK8?$^X3DuO|x!hKcz0BSFWOKMxz<{jyb?V}}#FhMzSFH&-p6e4;O
zTHpT7kNiUiT|R-prkczP2(dMs)dS!H-g^Kuj`+^eto>L3!ly)m|3pbognzcCG;+$4
zFqKvu0VSetCO4my;BkypkcHr*TPQu}b{?3UY2jm8(3cl%kTRDjDTPJ%O5j9r#XyEH
zVvL#(M}Lr-6r>_Qyu!1EQy;`7LkMcHg;l+TaSN~&^VGdTmPLZXREiLO7R$nmUU7-A
zeu9=};hIK)zF|CX{TVQ_FO_)T3A=uI>NyAxUz7_E(d{@NgAq#xQIZyj<3xEG9{(Jg
z*Cg$fOp?ivpZ;cgf2js1i<%IJ(60g`ok)Z$kt&&$4~B6}NFekZtwc!3^<x3&tzpFL
z2Lm;YK&6bpaBow??EM^)^RHume2f{c{ASs{V>=Yl^{v*aQl(JAInssDvHfjjb8J9U
zKS|R;UE=xy+K6|wmy|;cZ~f>FA0<`mhsR0?A>@gIf8p-sv~>L{98()*H^V9-Dcqz%
z&N$(KtIpJz6lBjsN<jk<tm`=qnUh$qdest~c*AS)JFHxt{&7k@7Y%um7um)M5T>g~
zi$KTVuu-O3ZWEmwvUWsgyiT`ibvV7CAZL-6<(i1$X^1O#>G1`bp%mQkYlOTV6x`r#
z;t#C2J7DtUscg1o^pxIMJhP3hYZ?%39wDMk<vro`GqC#@yrbLYUVAjJ$)tdVjL)>N
z^)%5$(iuKJs&|E1BvNH7(@bLmWBWQT+U$4;afE%0EP_QhJhJ5vtYaO^*d98xw0WDV
zij$k%Q^@QzP`RlP$>u_03+BfsJ(P`PWFg!Z|8NOh8So5+J{SpDR+gJgC1OPoE{k;&
zXu~CwE9Iy4Ml+X-x1}#(r||4PLJG(V+w2LpAgB2Dye`FgF;S}TMn0DkVGSV+Mw6qK
z`S~UkPn`nXh#_2i0YQSNG$hNkOyd{eW>jIks8)88w1ebW#`~-kF!`9|jO`H=sgQ(&
zK#fTV(+R-@ifSDtpH=P<!j0n1kt(f@m|q<~$P8-5{{{7Ch#w<6RW{Tg@J1$;)RUPp
z1cD+66@-%`=`;D4(Rix&2sUCA@kaD^`1PQPQQiTKcw}DJke>;8X?B|UK{Jw-cH=mv
zu!aCo>S&CUGXjqU1tXBU|0vF$jdM!RrW}UTCzg?_;fyfrn}X%S*{GJ$ki41l4%;+V
zDM6g{j_SrK0<7?qaE-eq5s~k4w0NPu^a0HWD=&DIsWl^n<g+h9H-NXqwRq68zc*Kd
z%$A4TS;INMOLLts#;<SniQ&oiI_%^E2Hhr10s@7(-*WuCYXoau#Nnqi4ar-hJ;h%+
z(DNzw$}jnz3JMXGz7vHhT{(zOy^Meu%_6g#Qmnb0<%BC}a;7$|m}zxv<pUq#Ho{Pa
zy;id7jPIJeM<q4iAswd?8dx0P<d63b0RAn5R?MaOTdcrdC@;I)50Qfgk9z6)^QAPN
zIg*|hz7WXRVd!ToTUK}T$cx1|6)IyX&gUv(7)YumQ;D}v_*mK3X+M3VK=V1fI%8Sk
zsOwBZMEMW!rpfv>IpBPyBeK~QdWmK^Xe)stK0z0jX^>?;$Z|H3NA4Z43mDxG9uID7
zmeT>u+x*6eI4I?jhI!gspWesVUM?5yCAeyMPx|KAuAU;~Y~Tg)hH!*VR7NMH(U7<D
zr@$U_CQ>Uy1JoEvj_Auk^ra3VI9m7}XjcSJ8q{Y*wQuZG#K)GRQ0K<fYvicuTz)wK
zpqShM&@U5<SKeAzA#S;naej?=F_NEm<ih2$de{}P+9juo5(smx<kycZd7d|e20C*=
zoW||WFRK9T%kOOIw1)Rloci+V+cKMoJ6gDa<4aCO_rr8VhSUT?ivM2JilS)!^Aeyv
zZ7kl9K!kN~qxO-XJ%KH1s-9RMxB-EHds+Hr{0fYccyDeQgmPRmMnplv{Cj6|Ux!Qj
zKu?>XrzrFCLj$Q8F;TUZ<_G}B;Nx=vwJ1W2!R~O-0h2A6Pc}kcNISce_VJ0P*64_2
z)N*rwp<`|z+Yy5r6t41w`B4cF==$RJ!`Y(uX}t>zY7l@xy)4_$R-6?{$LZ|d$mjol
zt8&NdZ8}D^G>XIY3suL1V-5+<rgZ}voT*fjY}Jl0jALUbMRS0Kk){7(1n=vqHej^j
zj7<T&V#S!lWS#q|rZRS9RR>>54@x?3wesNv<K1_X){BTd0=1Hej~=mK;D7X$skC-g
z8ni0}OTE(i{=LqdLfG{O=rl+>^(_~Y10bONR4iUE=HZ{hzUTkB=)YtVzI%A%>I2C$
zEqJW~{001)QMS<&+g8YUEr0d_2kk3J+ZC)NQ4d@tv%MfR<dTbbU5VAOGv(!pebO|S
zdh=4rD>Wn#A&MX5LSzFGt{<V?&;3GCZ+@%emiP0GyZt|+zYrWzt={~f7eQp$U)g2Q
zoKf{In)JUzC3BH`zvJv*)n{+jetWh0^ge)Tj14AfuxgjAV{pYqF6~_9hp?daQ)-R5
zMnvHQ+adq~z<w`N25>v7XU+js1TkLsv4rzA{HSOQPcWBp>xZbhM_t}jWt3XZ<Q@!Z
zDKmT?n&_Y!f&|<oS-etecom}SqRtE1kg!u-;JysD1`)mjKJD^AYgrY5GmJN1`r5m5
zR}9DPv3=uWD1A_>!Xvj$Yz<)66|YHARCfd(Ho~*22(bjJUe4YRjZx3`{Q#_5HAM47
z*mDFY2`!w6P_JelGOLEhh%^g6tWs=ugZrZZ5s5N|z^6n_1+lgCIR>9GXLW<=JUN6c
zsbj_4+RNreQ4fN6Gji{3T%Dk)%7}5+zKzC(>LWCQbRL(@W5tM@5l-D%3<0n@6frd&
zjHEfKQKR=N;Pj!B2l#3ohhBlkk9bfMO}xHX;9kJqq_9T$Bc7lZep}-ov6}^N-9Sp=
zmrG+CKMApVxZxWfJ^G7^^XvbYEZn~lOYKzq4b}*QC-*rJuzDFVxu*@^GZ{1|F_BQX
zXQ0~o_V(CHeSluVeS|kVYrI_3+BsGF^v&EegA%=IL;-|OhW1qR>p0NTjly?jVC3v9
ziYaPLy-tg<SCG5Ik})hMos8s&%|{OL^eaWhTTo9&yh1I%!d*1o<5Tg9?*@SHzS6;k
z1>#s0%ygZ37!k%LW<kpkM#0lSsU1YVq3ppHwY3MP)*-D9I=(@!h9+ohl!+Lr5l4Y&
zdqW#bM^5NFn^g|<m=z@&FDoCQ+~}a2v3$Viq&NAT*&=Dm{e$4K3<!W%nLspG#6_B8
z2dtrh1~wNNWL0M>jkAmE-B1LL6^|K~8|uF_Q2lx>z8nb-OzS<zVyXFr21|8AAH$T>
zwk0lM{saqGaB;_<rvY|LtixSVEV7!?q8HLt0RpM*Qqr$zo|OQ1FDCdh-av~RwqB}L
zw7!TF{$P7G>4?sjpT>k23)Dd_3<9EtOYy;$0t4s|a-SY%$FDPfR=W=}2O>qc^nvQ<
zFD}#v%_@`Ob>!OvW8CMp9y{Du&(}M#tj}#v^z3e75E(zQ-F0h*!72}N0e>E#$(T0t
z6-y0E2D66S9J6!pMR-Z#vcY4+jSZcWqp3GaBuzlv8Hu^tJuo=qm=u$?ol<rcXgc1G
zRebbh3<(|lhPA5XU)aHb8-VqK=`zq%i<VlgaFYp*WIed$Z54$$Gi=Xj#2`C+15r0O
z^TTF3xv#vET7K<NJ3}N65Ncf#orKkhyR5jJ_a5~duHpB%a>nba`eGSe1vRKKDz3#&
zr*oCWVm0asp?q&b7vH6^MD*VF&ODlx%tr}wf$xAS1JMf`co}u0m#3IQv(mrkhAK@1
zI4M~*z$-;6g|aO<KttwV2J!%rveW=~6S~h21CUcUK!btHKsEJ?tx}m16`10$=+vjI
z{m5jZ*f6Zt=5lIW2W;fhD&S2)FrKi>bP!4@pLkR5fbQ(kxoVqvLGJPP%_JX>vx1FZ
zXRx~7SPA9Sk?<yu)J8Yw;9uvg^d^nUBxC4rCZ1dbWA;qC&U*#vp&B`?YInrBH>i-+
z+{I@e4_-_2lcn5=@W!g*KB+ebq$BLvZm~@(WwJ_m^i4i#c%+GaZW+~2{UJ(%8oxnW
zRAnwZ!i8<*Gdf>5XWCo~`_#p=udQzywIdqqU9H&S^rYYaCc7~QVJtZP5$v2aYJ#he
z3R%1(%)}=;epp0}H(mGzj=C#vk;S5)keWb_OKC*Pu14x<d&(q`-X}wOswChXMk9eV
zmh_bnEl7dvVAIDmdf;i}yn+OZgaT*UM*1%^^i~j08USayL3fJhRMJbp3z3d>%+ZfB
zhNKv}uF#OjHq2q~S*DJnRtF5KGBpIqNEJ|<W7X^`Bmt4%3BM<0>o`BcH-C#Gt9Q+-
zfLObd72VF|3uxqs>SU|+{%#X{Z7h^c9_SLQ9jh;u{079kUH4x2A!CX6x}WwTJCy8^
zq$7F1NX*3h`V`2*X)G}M>pbzfKuTK0LiP8}NC@@3IvAGE&9!f2;gyotdm-~0E(Zo~
zuPPuW7@b7x5WfZ0TY0G89D#3j^=&N{pWdHw{>AAC5$mf6I%0;0)4N$obJ(25>oiL9
zA#%*X*R{%{eiV^$1->M~mtr*@5CWE6T=0so>WROp%>40ap>m+B=cr8x{w6H>7X9w&
zbyx$K-#C>PrzRVKQ<1?Rv0MrWAdGQYB4jlI-|>C0)Pp+ZzBiWn4uU-7ND4w^XgWe$
zg#Otmov1P1$O^MSD2SlA-)I01^+zlD$4!XFgv?)#CK)npzuDj}e&Xr_!j~F1cqb$9
zwlt-FLtqO(QVI|tFH(n*aPeSy?LPuAt468pfwht_#fhs#c`BWv^kk|w;Amesjk?kg
z(6X8WvBtPu+7s`cV6@|yGGBXiGk}{@kU4sV5PM#685@k)BI?@h@dfCLVK}d70qPb{
zg_vqJ>jl0AEQerwoyMOq5t>8cN(@grh3WwyC9BgIHn-m_;cX<;g=M~<6Qr-VvaML&
zuR=7khs+W}0fbDu$Q@f*WWW_9jz6$O25pwbWX2!C3EH?|d&J6+um_j4dYu?p9ON4<
z<TZ1e-W((uA!DY$Lfb%-4@|7c=$rjoR@0ZBs%nfDxDX*bM&GYun@;nttiy~v^EBh?
z`dos&GhzUhB!F1{-XV^5q*Q@o5Xpz_f{kCiZE>G{vMy~HUGb)g3OB^dGj*iV6^tCj
zt!CBNR=w$~GMS~2-mGAE3b2<k)iH=m6!tx7jwj*gs$@V2g(Fn`YVt0m62cS+sa%rl
z9`ZzBnNw)73&05?0E#sL6^^_%22SxJb2iY<MfQj4JNLp9-J*K$KHEWtQ&wy1USI`o
zkIrTBy!0|3JXgZv+k}~&>O#4Kv<Iq!1st2dy`iU7B4rKonMV(+g539cv!EqAJjjQx
zFZJ2pw1Hb>Yv~Pa5AaE1Z7u0uteU0~OG5!W)K^ii_^7LVpTT!1u&e5DI(g#{Q0{zB
zs&26P!=|-y$CH_7U2XE`9cN_PC&dd(`pqkXfjH2HzTA?C8;aGMsDKdo57LP)!bQJ!
z?-IOnYg$B7BfyNg9dDP;yt4qfFvbl$54H&*d5D|yC`%MOuu~N!(P_lm)J}7*I!o_U
zwe>rQNMX`tnw#Kigdv00l`}j+#}zLDvaSUT*D$h1J8&oZjLkj{j{^N$njzQjPh%(-
zF8rIP+uJPcBgIXj(0hQkGP<JR5Nr~elBBCrn!;WZTY@L<Z=>`cfBuMsexxhU8*_+n
z{LMyd>;r>~0CX^^B=vy3U(Y01&F=Dk7IYLNF7f`&MCH9b0=xxRi6sQVt=GK{ph~z(
zH1t<uKZ3<P;J}RHwrSt%)MzhM93JXufG(fS>ji}LVmVSBENC0mh|DT6u4t$DsSrz#
zK5Ua!EY9PFCc^>&JXW+_X_QT|^O8(gq2+gY@NqWg_$LN=OELE~P)#2R1a%q!gVa*c
z@TR-GdvBaVhnRoRd!;u!(CQ$*7DtL)DF_e|H~~lsmCRQ(N_NNHjoY<`x=Xz7(8J8~
zCBs$Bgc^_92b<L4Czla<^YQI1sr>jZ=pOwDPjqIb*EZY!4$!`}Pn>SC7Pli~1kC7a
zq&8?1p3MrGmmZlnC+Os8=}|$P&;-TEtSC6q1aPmjL6i}q06=bs;V{bwU0EuRl!yqh
zq=BKOk=FuqP_9pa)eQF0m(P;V;JO(n0xY-b&8;{)zT~DENT$;%x2mcFWL|Ry7BZ{T
zlKK;~b%iH)uBb#+BVhhx9jvm<OH-oc8y^<s9S(IP=m&`*J-J31z<uS2>m7K)f^=E?
zTHW>`{AXoR$Z$c(yP}YHfN}&u#s#15ai?7W`d|4+URFqFBy!1N=n+ctXntWCHa0S`
zTg&EGT+Rvew;R>IiZX~vm0BjHkJnZs@>G&pF2Re=7X}!-fP8~3fhaV1Z}vrmbas+M
zy~DkJ>SeDSK&<ByUce7x@l(DO1w;C5rLn(dt?iAII7`7MjmdV;_+=ikN;c?9yRYZx
zb{z^@7i(H&lcpol?`;i;^PNz*Vn*o=`|`k=_bGjCA?BsJK>%Stty}YZO0R?E8WM=N
zyMXb*)8qs9Ag{5~MC#TVW?{M9cr@gfL0|a8#0i6suJj3LzIwCqE(?0Ry1e?R%d78@
z>;K1^_!oJS%NqK}<F3A@=*skxa^iDrRTe`7EK7g~%%$M?#N|q>qpF|MgYeT#MIt0b
zgfOe_{<5OL-|C=dHGYy(ZF9;MJe;ERAS~rEgnE7w4|1ptP!Jy7ihmyZ%cS!)9i7ml
zC*lN){Fj0l?+ZcmC+ik6yRkk-Qq@1e9kn9$rPv>xPuE8(@0DHBYM-9J3A@NabZ4`%
zo~AB`?eVYdf%PFVZ=<`F(0J75<B%=K*#0Wwx&!%wXj}c#K=#qKEHlE>Y%^PIXM82U
zhc)XlWM<?2YRpt<E-4jlV%@aDHh<>*{_$<k!jbnswD44Pw76)VOIF2yz#e?@#ok5B
zeiP)LkQ*eb%oC@DAC4QfSIA+oOK43HSK9a)LF%oZl%799XN#}R#J$otD&i~6zUsi3
z7{?{vHh@wd;b+*$nnEnI5X52tNPv6~%H(GfPqiv>srOZLtrDHbmRmdyU<MeA1IR3x
z^qU|<I-O+P-TvN|X>nN);E-$VJ)nj;0e%6qYf;5)e4Ftfp*Sy;LD%FnuABSP#d<oV
z@I1<D_LGk4ZV%Q^2tt4eHabDsqj99|84IqDPj(BpJ6MhT8$D5Kj8~w3%sfc1B;RnJ
zXaMlFyO@tg`&YfwdjM16wu%8jea2pOou8^#jDZ^t=NzO#h2RHBOdXaT$U+f=$Ym_1
zyEIwE;mxV^3|C~RM-n+8A+e~D_~eEmlA9)-)YrZRV$JR+@t2z`+!mxQd#yFAP-|ZO
zI{I-roevUPo@fP8h)~aT%UziDgM#g+wWp#UV4)S>Iq;Psza)yz%!uqJP)^XSJGmI}
z`4i%!<@?da*A|MUi*jfv;gZ+P8zZfjk=;Y02D^KsaXNkFAZkDCrqmq-nhG0j^8s?A
zj2LwyN)k0@9mbC;Ii@S0R~B>96Z?!n=~Rfl6XQX#f*lNx&waIo-oh5-I24-|0akm5
z8CCgzTiF3>UJO@)DJG*6C&VXf8!8g3Xwc1=ZQPG}DVM{%!;jmnX1{#87lA1HIe)p)
zY4os=A5#-)>FP^m;t$T%$5KUOFUi{>X?m{TyHeSPHl!I|I)3;l)77>YO;2zRPkw0N
z^r5mAzbe;#VGU$-l0hw;-ptcc;oqRLK+Alh5T{~d^bN_(vyAr9O-3R!0?BA9pm9oj
z=;#K_zRl7CVI9O~TVc4DS=S`F5`nMa%wN}79WTBZ_ni4_e3rjPa+X;~`GZ<p1nL%w
z^{ol~{ildjLMix|0;?4++y?_&PAtRc-~Hn4AWcnaZB5)Jh)~Z1$461HXxo8>WblY{
zk7pj1ju~};f((*ysR`)VgxTlB(m3`Zx>~c@*_HA>+`yt3kezfXhDd@*(_?($E2|<+
z3Z(hCCH&G?0*V4j7!gUvIs?oSX|v7j2(A-ytK_#kfG{bsNGX{>DmwQmhRz%e*BVGW
zUR%au@lGDHl3ZcU7q37U3O`rOXiNytXC@N_O?bcOXigasoQwQD*p_7E_FjcjT#J4J
zKkO|xg4o+$>ITFQiQ!!$9!2AB&hmFWc!5=2%=C5WCM-ESfQ5SXDxx%QSqA4m=#r6^
zikgNwl{u#o-Vt~Jb2>)onKgQ>&Xp!Vxahm)FriM4x+Yj(&aOrJ#2XK$n>v;pgpOjX
z(Dlw?IYG7BC<(hPI7679E8q-f+1rS%Q9nzGdoZEGK157FCg|6v_~of{9)&td)<S{@
z4RQQa(jqXzTPjxBFQc(s6N7G+Pllr!S+v>8(fGbxH@ytR%%Mh+I1^#0k!{T=e!}~2
zTcEuH6fuNa52F40b-YjB!SLHyQ|Wy;&TM^q9}Wa9p1iJ?X--;}!HZZ2;y)kBCpj=z
zPoLRka&#o8pJyYb1aTPvkt4uladB|4IstnADsN~%Q5`yt!*=AW*8w<9TxE-o!6OY2
zh{?m}r*h51X^4Ut`si(aQ)%)1e2m5#OU3P+>8-g&rKmnYd54=*0e#XkjrKaC!m2)K
zVXXfw`C%Hb{<9Q9<e7Hf-2OON`?pF0^Hddr70=0;J)Gw`loHCl#~|8XMAi6&=?g;%
zYTBDT%g?-GIFK^ww4=}$dn@SrP;HV+6|p;J-#n*A#`D&?t({#F^ITSDLE_C*5ldp9
z9P?M)XJ*2bvYI;mi+0M(NsM)Ft-BrhGb44>kny}VmQYKcyfHaY4s9j{;Wf}QCG$Xm
zBo+;Z;=OKTV$xr#p5-rXe=AM(=EFA?uc-S-pGGo~G~`0C^5E4?l{q7ov@ttMZ$5d0
zFhh_Dn81^imx=9wz}ES`k*kPz!!`TzrvNGr_y@>2)Ag8_r){)>jX;aEZnfT>An13^
z5yCFLl=aLpP~-X@?~SeBf`bDD!xAPMcIbqV0dl1LCX$-FKyW#r&fqc_%K)cc8&kBn
zq8-x!`lx`Ho?*@`x);6#1j3moCcTLoN!E3+R|ZiR=j*KCDYzxcC$h~>OAOgMyHqZq
zrp><bN)b5vap&=eCJ~t=Es@_XeJY=>UO&s;`ou)U=oeP+d<|9}ziQlGi$F}C`lAov
z(#Zn%mg(UACa`)$>Kp7rN&{b>p6LaTfBu)|@l<yFp-nY&d7HOYSsGCUeD417?>(B`
zxh^0mH)HU4Q@QG^87F%p;SB9_ENx1UvRmuYUM3F;8V9++l9C>HO~h=XVnl#r8<!5u
zYED69in01_<7kt2Ofm4Jy(pM%92H_dk?e-e1!Cnq4S|dB`$}x9eUZuhV)mYIPM8KT
z?=f$%uT{V$7eDko955fdDIB|sC7nt|8njK0EltnhezQUPr<#`ZUAf35=5X3a=8vP+
zqInq8f6@kBdr{y}XxcO0hw?DpN1X_o+<p0e6zm>*9)jJ+gcV^i{*FZA!*Wh=VK`1b
zV!0>TkZ0)!;}bX~Q3G@9kz5>lzrYLG<fqZMpWbp5R>{UYx9Qi@cU{$rWW}B5*uy1A
z$6vvId3G;?D6*biNwI^_r`AMc!#VGS$mTXSPOKY&eX%5DJnIDh6guee7-hcQK}-|&
zYD1IaF1a;osQQNNZZ+y5ON)Hu8n1$tGgWV|SCc9$$iMHAfl0{v@*6){7=aaC`3!^(
z$3o);ks6^-l~8(zxl^*jV<65W=iFZsaSz?R<3XgRofJ2vTx{;tMK3nl0H@@trEEhF
zRdYG-!Wa=OeerU;Om9oe`UsuIU7BCg(As#cGxHzp`CIl!IF5ZmW42fXeJyaZ-RA=?
zzf3~vCJGf%4{#5dJ&;SYM)1zH@Cm&q#L?(oPAl)~+jgk?jyr-oamG*M9%YnMmblI(
zX2zPv9P2@AZpG6TNNeLP4%3p7WT1?hCrEFNG9XV@<Yf15p7fV$@bpGEdK$b&*&98$
zB|y-q)qbNKCtEXSqwoNA-Gu8MUS3~PQr1Jzem34xAT1%~d$$al7oX5xHL5H_42`at
zS=qs&!cvuz%mN3l{>Yd<lk`&NRjBwvExUKiWC--JSR`bi4X0_E0qi*TGY+rOLq+2p
zr$`gM@nEunqAAq1q0!zb>!F`fqi&jcai3Rq37=5nI!er}EDbG*n&ZA9o7>dA8wRJ+
zlGFya|1~bJvlPUlcO%?xpfoQ-xP5j8<K1^wEXCa;;4|&O<``0PW|`(`u_mV5U4ju%
z7$;iv+8bq_xU8pB0gc*)ln<$o0&VD#{sGzx|6>ruPYMEKL9nr*5C|3+3<CZjzyWMB
z98z)$=rsW(oRXPeP(fG^!NSTWl#2S}6$l1~fWa^j;G3f6|DLehC97%H$!oXWmYBZC
z_upl?8(-y#cIo~S!YZM+sKB719Ibb7okT~!CZN4LKa+T&%^IfqOz<0xBkQiAYH`f2
z{|^fKpq)3~54V||U;F{$`Z*zY_+51`|LKO@h#dZe8viWZm*ak|U8F#6svQYyj<i{t
zx{!ixyfZ?T?dzk7o@X{})FDZ?Z^c20so*0+JZ|Rwd19$ilqni_2V&Ud)+(Y%ms0KJ
z7;k=4J+l1+blYC~>G0)$R}HM@$(GQk*N?mA->9umI!R9Gy^j%0VYd3L9P|8myN)$o
z;(BR1{@C|04Np9Qt{k*I*^paFD66rbvi>y*(jgJiHg+K*ZEkmgf=Urh+wcBoq%P6^
zLY5vv(JpUkH~#=-x<kv#9*3VZrbl>kQO^ETLLq*Sj$ML=od3CE?9XmM`Zt&7kZ?}N
zrfyiK^C@=B$BbT8u2o}jzEq=3|4KN^UhGAe$3}t5di2`sc`usgkP23^ww@`IZqEj}
zSIiSa!Au6b`hY>%XeIbm!b&h9gz+6|6$?ioIfviK8GRX5Xi(?F7vDLKzUrQk^u0)I
z(4KL~ZPr@haB_6%@^Ln4sWpE_E~?3Kd4w@nh{K~>yl0206ZmDY0Gt=6esorLjSa!J
zjl9e$gP<9rI-h+GC+KKT#uJZLHQrWMpCA_cm1q7_KV}qkrg%Q3J{u^@3>0c<ap0v9
zbtp|LISou&{-{cmD<CwarK8}##VYB;>=COnQBOT0<bR-Br2gkGYq_knd%H~MKUq(;
z*VeNpF-8KZYC<9d%cR1d`Jadp;&tC}+hc$BsQn}lN;TD0T2Y<cUlOaedQ<Ng+V<aO
zMVa+Y7DtZ^=RJk2`uuPvsQCZyUdWer*A8XLjct}xcfK#|>@QrVzn?(<ckyqTza78I
z$dZ_<EHQOV?99%Zq_<|3*R#9cP`A+dpA;UyK?y4+7`0F*VmYiuJ#mlcQY9&jlj#O}
zjl%C<Bl|M(m;R5O@YkpJXT*Z~!&C2(n~af5^LKB7nlyQlhAJnic1yEa3MnD0>N}C$
z+qorq*Wcf`C7uwxc>_Q6bBaO=`QYm5DSoNTmYsGYOqqF<k&~?sB5dp#Pw?RQuQoak
zYHPXIGgwajmh+s?Ns&u^Z)BVLxz>SaK8FCuBzDxzK?fQp4sNK}=!}{`Sb{us@|8SC
zCtgy0PHV4r9+@kh!12BKr_U*#`kM2oI;mI;OJ{Dt=Jn-el!di~b#7wUo2nuVCfQOq
z&U`ivKhTpBl4ARe!=y8CluZgLFq;&ot-_y_&2e1UPraOfaaTFF9ro|r=j^dl-^}@P
z+<u?xqU;O*AE0*3AE3`{x+teFOy`u`YoD2kRKhLpB$*|I#n;=q)7?b<QYrrflqfm+
zd6M42(Yv)Pa;mLpqKJcrx>tEjurbHNm3D?DNo|H^OlQC~-sY3aNt6Tb9Vt4Z1E(^N
zBI(W3)RU{rAisz@`1)6$F?-GF0)7Tp5|H(zuuybQQe={+Os==XXdeZ-Ti&$oRbQL#
zN7OsrNmCL0{&bLSVgzLC5vz4qZ;*K!1?!SV=;m?7s7{VC%T`e5I~0-nv=J&WFfw!4
zS||*-1rN6T?<c(K4#6^aP-ldW6n#cwxF}yjULX7AxXsUhfOKz@{J59)o#P`*b@qc_
zVf__;v{@5wrUKPgL;sY;&ziVy%3p2u_YW8tYa6UEbrSAq7Czmw{5L#wt!}@WLuDCn
zd4F?i3i+Qrb<vCZ$uDP6)6+(BKXfVS@@5B2vT0iz7b;@vc|=@oYc+}V<~Eddl$0~%
z&R}D=Q(h@QN%JhXbfx^aWOQ{|g9>C+#FGteCU4s>_{dPt=nOHw`E#5){+BZsUTsAP
zu{a$?=re)Jd|DUOv;HnFOh8H(OjoP2E++aU`zg7bxdQc<)P2|MuU-`hYbXUYOAzWm
z(=-?w*0)YjRVGkpkm#OilKXpyV?lYWJ(SxtNV=WzgH4OZ$q**hOl9w}9AE0O>PS9`
zU3O!;kE8Z`F!}OI2W72O(ks3){vsDP*HA=;X=M~Jq8?YgP9HTT^d3_p(x7(G7miY8
zqu4xB5*8tMw@V+_6CA8z4R$N%MpeFkiG?F0#P6bOh7)I`ieDdzs0+DHTjb`0-j?)n
zq1nu?L$OfdM`YIB{@b*Q2W)|?mZT!RmODCPz7t};P2Kn6v(dm$>MYfY=ksgIDhF&K
z{XARwW3<V8n`clhU7ryag++*zy}QK;X`o&5pr#m;J|*rnuCIVktQad-;YukkPobfZ
z3QcWpH&dzCN1!7kE<(eJi{Aa!wWHeJq|AU$;ncqbR7*umk`&8?NXjVeIje;%_udS&
zP?;vFe-3iuE9beF($BKOj~@Qi);#K(V)6(~IhrRxqT)^NQPelKknMuB|JrJIGv7?Y
zp#bONuXFv7{mWvQl~Y=KLvB4<L#rBDBRTV2D%Wak*Ho}GYofu?@5VnCxSdmSyrlg|
zJ)FXZUl06xTMmqHy{RQ%j~-c8XYV_9<$C?+8Tv}G@zoT&%CAQ|mYpU?#!s`n{v8>k
zGvA&&+5-y#1HLEq2LGdH)y7zte5aJ<-mg{R9pfTPtbfNtSHbg*_YPudA>6C*0fhk(
z+acmd@ZYDZyAS_r-S>Yr#Km>@^I4Z6vy@B^<*rnFU#?Hg92o}mdKGhiWaJ*N?o-?+
zW3??C#3dI3cUvE7Cy0+Qv+Ho25+4Nwr`ir8&aUC=90<%T5Ob1i$V%TjxxYH_>kZVx
zZac=H6O%LekOTOVY2vdQ!&#5HoR(J&&bo;E1_JjVe+uyoa+rg+kUFhwr)V<HgjmrD
zcH}-&xplCqsJA_#re6MaShPvJQM1aV_C?XWLFVlbY|$h&>7JyW@uSZL)a%~dyqtZL
zex#35Y(y=N_-&Fa+vrVHbHZY*HsOeBcvT9FwR}E_xYEky_=Kxw$F8g{#_fGw|C<~$
z7384nr-TUB$B!esJX>?tjO3{a7U$=52wz~Pgj@S(Z?9i=JeAynw;boZVJ*kN6_Jbj
zq(j}K``@L#Ab1r*h+5&#Qnb46>(^m4aS+%<RIa5(RP}ab<w$s^mQID|Fi`ESisl>B
zB_}o-f{a$JiQD!m`jF9Gmf$Ti8hF0+O4SLj4@*{s+@WyNZTtBQiV%Su>hJyE72a>#
zzU=$cTpM^Cqsf!4Ss9}>&Yr=O>zFtCaNy?U?`jOQ;=iRBW=17?Z8F-=)@s@GcSdjP
zQy-p6(&Mm2rt@<v^Rc7De`)w_1iXxznyqo$^8t6s$Xi6V;ke<?U#q&IXHs1M&&BGR
z%`&?CG=m}YUr4U(LYw3_P2#8X>{Xh2*(JOR7MM0XH?se&=<E04NNBquz^}H@YX6<7
zWaq-v|ETZ>=tl^!{E{FA0jnu&9DHmXoU7Fr2n2?ZVlfNI!^!k*)390i1(7J9h>{s{
zMEZt;UQ^#OtAU+w>Zd=~VR&-DIxK<TlhUKbF`s9}X<XF2c{2N-3Z8tsXU4k>iM4!L
zFa<b<`9CCw`BIF(c0H!^y^4(AmIOG~v^P&yzc4lVu=p;*Ve{2(o^Ap$hA_IyPn5p;
z^&-t*it{}yI!%M~kNKHINP}l{mu#tUaZIiAy?9mwJ{nhC$ZG$b=+9%zSWG;rnrkla
zS*$dmY&&7Fr#9#`Y2(kD`2%EpWD%zFhI+>73%Ndq;p{@&alM7D_A%9tRTy4_Z`VZ_
zuI2U5PizCiM%>N0jb~;=8!LQ|nFh*V8$6}GzgdBAtMuhIuPm>z+>F;sbJ7Eg>JU50
zdb)89O((`mu5iUK5{loMI>(r%e@^NBiaqj;J(cszlq>mBQ1X*xb%$i{-p-TY*&?Hf
zXJPHLpRw=HDY;J{-0bRNROkp|lZJj|cvIF9&=H)_D#&mRH$Y43-c*GDo$rCeh63#+
z&!g9+PKBj%hD$!@qKDC+1ne2Hp51TvIJom8cOgh%ZMm!I$m5lA883~?xQd0~Om<SM
z<3AQ0URz%u{I4`afcNfr@F5iEW2=EZWn|PsQ_q<973U)$jO8+FaONPbf6;(IqXtgZ
z^fYbo?Oy$m7UiNgvfw!;=BlqvpY@$p3c0OMdD>i`xAC0O8Jo_x)ZNfnEOPZ=%lO1|
zc6QAg2<li=ytT>k=@HHYiJe=kDRp(9j5k!f6Eb(gMNJLwoL-~#cenp0cCI=jL!#Mh
z&ln>W>plDpN-<*{>R4|*U!47<{v<P?yI~^1Cn?|cnbpzgT1PT-!+G}?9<i*i*TuF{
z_K(<Kx}_z5xfzseJVw!exKXPR+F<bO)q<m{!lHh@M)ma%)`4b)4(;!f_p}$a6*}gw
zr!VCjXFR&oW49-6*tfNBRnHmlMl%lZz&DUE?S=-OzQ&dBz7Z0s!l)>4mv|sBzi5kg
zPKQ)97r&iGh-LqmVoTG<gPc=|i(HqN?*>#XgbrU{-sJ(__B97Q`@@~hF0Emjs)PRr
zN&elb<ky28@jhgm?1P$d4@mh~td#z_sJ1kq)cINv*qAoD{8!eIh3<Qso&O?JRv&he
z?F9KxRAc_SI~Z3mw-3S-JAe1i86r<DxA)s|i-s0UUHYNB>@*+TW;U!Yvf0Z6iY~$k
zlq#Cb=iOT~4TIjkAIw`^F_@C9y?Fc+X5wkQuo_eH&WG)+kn$xHbES1o*wY^zGK?0!
z-?Ec>So-tm=U-jisBiu*@|{?}z(m0KlbL|z*o?-7tJNPM-^p>C%&s=0-eggB{H1%1
z+huIkYD+g32^(rKO(%nXi;I0K`-^Q2kB|5qLSCLL7qvRlHF%w^yK@a&60Eu})Rc`Z
z2DBzVGn886YB(X^t=af~o4mgx{N^{Y)7Qe*fpct9-CEkuDCb<C9MTCpjbBXmj8Aa4
z_DA);*pytA4*DezG~@f}R$hWK3*&xx0~~Xsl^JIJ)Y<;+>Vy!x@v=4Pf?1HrbpGb(
zbDsZ$B;)Q4>LGz7`~Q&0zN%_ZCi>?;{O1fp|KWp|UmkwVpZxRwry!xrpD~$-cqi@B
zY&jyru~$|Yo|~=nl+Pi6UO;y`QX_oF!rJnPp}#cdj>#;q+Z@AIcZ-jqzxLeeNK1C<
zQ_I6-Si42=^^ZKOZ$FD#-^vKrX#zeHv=_8z|E*c!sY30w&1+mvGO(buj^q*JYvG9g
zJO)<bs*|V8Ju&&(Z<>FKWha|0aE(2ly6^Pq!^&*e)UN>1ce)DFt3d2J{U0Eoa2;)1
z-+{s!^L@6myso&s&{wT*y?g3SZynYD$~@u7M189jJ^uj=!nY(lpCx`_tE~sdU`=bK
zW7pZ|j^malV)iZZJZE9&u5V{-Prl^`(j4{HhY?lT#BK?#dVG6Az1JVvDO3}n<Uwh1
z?TlXq>cr?oLlbydct6Cc&=1(}dgF_PwD{dAU1BD`jDgtI|8Sr&*+$)Z_j(ZS?*?W2
zd(&vd?bk^a{H?8+ejfdaRbqp1fPEbQ0xPkA*%BLvjQkoUl#~LPD&Yb`iU>Vs7FOX@
zw%=GK0BT-gmE>=6I1jWpOW$1Q{qGaRrpV!Qv+%DIZXY%R-sl&sK7MlxT)6Se67-Bm
zO{Vhw8Q6hW`nkMms`2)<5FDF-O9sEsuYF?wVINcMY|(6Jq3U-)5}N8+#>MmM3)1gK
z1C?>g+cSwT51)(~Vpt^!MU$3u{83cGoUwuQm7t9xhw#}32C3sT+GM=V*>M{A4bB9(
zGb%~^C4SD!;<<r}Un#7%-{F}XXYX}gWpv7ZhO2meIJ~g9d9!`|>LgW8p`X5^(9G)G
zL#Y$AJ7|p)=GI-?v1n0J0q7?dNuRh8$%=@5eOY=27t}($1erF*<c3vb4T~xB7WI_z
zXPH`(>*w~R$LQkgAHyYjt<7io{hatYb<EYe3|}cHzHV3US$8*mkQEa0&k5}>gwT*c
zVt0Ob*Zs4f0MhaU%bdD0xChNKaze~FI8IYkWl#L+IbuFPDcJU@hJfFTb#)-9ky$L{
z1$o;o7JVUwWwVjAB(_5c&>%AvCLpfQlNVq&mB9=0z-y(##M8;UZm;~Z;st7jcf+Eq
zX$EgX7C2puqlkt0XsPk_(?AmZHu9fJS<?jui~BPz_ix_e{C3yyE9<GN^u4vU2mT+|
zq`v4JeGtwSF3fgzT>JIm=xJBbQQ_KBkpIWG@BeJ5UlBJJ@=3cdGVG8~&ejK#Ur#AE
zK`pgzw?)a!O0dy+S~jz-o`h(AQ?T%L<?Isd6v~@Wr%u5R9@EVjCBRZ9{<_6Q=F=*u
zs8t_OG}Ia^uA$2^w!A$}+v#8$zEbHR2u*~HAi0V4o4Hf?dBfDQcBnG7Sfobk?<Re=
zOCNceev<~Lc~{{}bNGV=xkx#Z3YqdV$@_pTpW5Zs1W$6laPPJkSG$>g3nCEG<J9Y-
zNr)Tr{qEmxumJ<2;Un#unpbZ1kN!FN>sZa--zd?;F`XnaBpV0{t4-k(@7UZ*{J(pN
z)pf{_n`}xjDgEZ$V`zCM^4}-I^fvXw<4gtyE_csRZU2_XA0Q$6P9D*x-RzwCU&7HZ
zSNzXbZV?RKd#L}b=RM9x2SBB&CLH@7lg1tO{Q#y9zfx_^bx*!m9;@!r+U1zNK&hPs
z#~}+N`OBnlu;(l(fh_cGi;|#J{E2D-bWL^;N{Lch0mP=l0FjHEyAn8;k^8t>tqeUH
zlXRO~X6$k7X#Q9K%GRPv;B4iHooutGj`v<(;2J%#&tr_j_jL+n7c%vjldrM#T=m05
z@H89Lsi~LlRJkRuVrtxGCIuFF<8~9S`C49h*BOp(&=_;Qd$iM_@i^PJ)J2nptJ1>U
z`Sf?^KHM7a8n_r4lGKA8XwBjbK%b>cHwd?3&OB2Bl?3vB8rb&DMvSs%J0KE8shw>a
zD*9ej2(5Jal9jw4rfi*#y(sCTpO_u|kSfs4DT*BEyYVyB@RhD%)gPc+b0mL&8bx3d
z2hx^GJOc$U6!?SVVn4lOoEdEGSB396VRGhp&bCiZ!Cxb5rMurNYxo53xSgvocZ{4#
z8%*ZDS2VAn%V2lK-sZt|(D51bt+3Hjgqh&;i}&M4Vd6gHK{t}0!fQfWQy91vkhx}p
z@N2od$+5}plU96xfaLG2$c_KwnE5M;t#-7M#tvGLr}kvji<ic#<9xCjvc{f$$dYYR
z{yFtyCfv4lcQ*rwaxU=DAx$!SFyR!aW3E9cOy^LuVowlFU%_^Vyz5)sqS{L;r4Ge&
zXFe8po<puT{99?!-dS5&vEJy9*_3hI(it|w>NWBHv4?L&M<hCFjwlW1gDnuv=l^L(
zd`9)6wwpz7s<rv$I?`9@JOwv)9G~RJKlH?YQ-+7(5!S)imi|mU&lcYT#lI(iy%BtE
zdOxA(TWoa@2_x@oIVQ-~x>Xp#{Rp39K3SaM-j1(S|Br|8#X*RlzdVzi>S-Jwus-T!
z5E*&jpsMXF>7F)cm6EsZzx1yTP791Z*~xnTfl6du4Cq=^@POJlUMqRGO#)N6MMvbq
zAY}t0*`7RpbLM`~?Q@YdgNyt^$IeB|e|zGvoaHL#^ey<T)Ap=q;cZXf55D~N8^ytz
zbNg~jKM~Ik9`2m!uHPScFZX*koF#ZO`s<d_FW65UH7)Vfk1-<Fs^X17+$X~C;mz5Z
z+y#yEac;C*K@2=%qZAXm@D&kb$$(FIN^TS}GihoIZ$=qG6)|KR1rAM6JVxFN$-jEX
zv|?7SFe_Kb+m=5-pgG>E?ybEf!KSx7T<|7W0cM0IPb7_Hwi;P3Ru*mA^<kmBmia{K
z=c!S7+SCQIY|X{s!#_ZA+3}!H4sNqGZx8O9?+ZD7|NT<~KW(iUq!Drr={g0cX>4UR
z<(#;*I{J3_d-uhWk-}j^b>eZuOL%Vrd1O6NMwu?A%vnNY0n`Djo6^bP{=tH&7Yyc%
z0vTFl6n;HRe@+>{Ctw9UJm*#$J$e=M{yOd{5PM{AQ}A;xo1N5r!lNTyjo8+j2{!%c
zvf%WH!ZNi<o7;J8DfG-^gj+bi6OQ=>FIOcOZy8wd=az62531=)+lvOLHcMN4d&P=p
zr<qKh#L@=Mtj}Y8iIXrENR-CE!?%|D_tyB+Hc=ZL`c`(s>88hEqo!Q?!h>$Dy=;xZ
zLy0MsuvvyO6OYEsg2#C_7-!}$<8)3GzC&!OKXz!?tv@TMFtZmaOYq*)cHN!oF5R6f
z_a)QjEKJXRWe_of=akaPXc1qy`E$9F{bATa=FB*+uW(CMLF(bkU#)*3n|Yow|F>IY
zv$fq@e0d>W$J{w<(bU}9G2mal`14N<HV@+ryoHgthW>q89Zli*65MCQWtwnpGdj4$
zhTk;l+7=FQ<ZqeZZz1(a+UHxe%wj#Q^J-RV>i_*o3aJUn+Vfj0=EF6!*{0iPrkpjM
zGRC9(4Z6m@p|u$cRz)@c@*u9>LK{zYVZ|@Yxo2@Cc!v*DqkZ8G3fD#yI$@^F_}k1@
zm>d7Ehv>upS1(rr4fWc_2SY=$jj>!pOhnnTG(wgnGWI38iI8O?OE=54gzURXWf@CD
z#(FJdNy##3nk<<tnUTa4lAW;)`lxRAp1!{2e9Qg6&w1YGeg5aX|Nnc=v;5xYyysO2
z8C58fK9}f8rESS%)*jXJ?)=_KznaA#PI{EMbf^?IHm9xTIG$wg+MfOkn$oAt&pCa?
zzfl-F+~yLk%YO8i!_nH{yZQ>w#!(Z31t-@%QC-C1=;vEklrC~qzK|R)KL$%u3I3MI
zUOsF@>$uj6^rqpZ-V0tQwCE<Gy}0CisDM}Ei~g^mlx&obi?eB&ncs6cE<AP}S6Frk
zx}vME=jcty&p2Q5G(IJ@7;IemPOdQnea?L$mL9Gwii(Qie-+YKbr#31H(59k-r-Dl
zSa3$l5zFgpS)!Varn+uKct1NWm`#-)TyW|d{gTj<-lzo@MOoLvG!=n1@^Y4WT}WPs
zbEbFPj2c)SYzQj2rugAzK4e~w@-(-_tt{}>;{mYun(KxEy4<drDUD%osqvylhDJ|9
z4d1}>4m)?%Y=QUIsWaDmZGOu6+IG|K?qVm+HsAi*L>kH|c4h1m&`EcI&4HwtX)dxb
z>B>p#6+DAcGV&I&uI6+yWjmemZeU_|>olw~94*V%RmSCULdXSZLk;HZyEV3)Cb-eb
z`P6D+4)jr8by%U!zb};H(Df8CG8Bq(tFesA$b|Bh^yCF5CAzRGQKDE(u$kJ-;b#fI
z3b{FSvtY$9J^Kc#UXc83Uxj>pMB7$<{M$!`vYyVz)pH*o%~N;dG>>$o@$RK^a_%w)
zSCQm`x?<@P1H_)tAZD+lf<D9ZY~<c9jyjWgB=PC!k>95rTltEwzM?s<f}w{O5glTt
zcg>uTgu_S!=w1C|$P3VF{qKfM#U7o<<PtPo*e?9ZsqxPDMvaa_tx#5aWvLfLtIxP~
z>@}x20t5p=?!M3~j6XX&t!8sG7*_s2Xl1FM+l{+B-xGVMbO8GpnLZ!W**m2}2l!kj
z-mMYe=hD<7j&X>}d55)%95+E$Eohs8eH83d96lF`8R$M2i92{hEk!KC%oz0`KkC4(
z8Y`pe0}bR+j*cb*UXhaN-3^;ST{lv}2=*np{pX6wCcB2QamU#egSAc?2w+_1E1dE8
zl9m}g-co5`LfRs%#S)*KS->__C$UnZX$!{U)6f6_3NE@YvzBeqhzGt9@pfUEUY2Ui
zMk;C_Sh)QATt7KpX&dAay?d6Xy)kk|sOU86Ly|m4IV5*g?T%0j{V;TauaH-Lyo`=A
z>Eo7okKMXTam~;_;68WiNE4Yt)NoFT;ev)e?K$P@(Fu^oaeM;s%Vs$xcv;+}+|rnx
z3|<0<*t{s=2$X}T20xObTT40@8oUhw(C~*fPc0Hm*c*K;80H1<d{b<~KepObt<E%x
z7&>>FNR#E=Hz4MysTH1lrkj-tNG9!qP?#Mpj?)hRD?Nsd?!aw1$EAdbp=e!Y3BN>d
z5dB4p#|<Fy4WQkyxcqL+Ti^~@OU?1Uig@TaA`Bw#zLu{;Za@FDe>=NW3e}s9W$283
zmo7M4GM$+s@Uuv4<)w&|N8{C1Jx661*rTIklj~i8E$k((u1tut@3$pGA#QMBl2WO0
zD63kxekCzOo1SThr_dn7veqI?)Ja#e&RPQmFI*GI(3}nE4{MGr5~9|58A>=mUy-V-
zr`yo%fdq>8uVW*uGktAj%M~ehS7`5PIYQ#6Ms=ElHX;LayXL{do@l$KN{B9m&*HLa
z<d3?D7WTNQNPUduUq!Z5D(3s=)p*)l6gb?=h`ALe0sOZ_)%S(vJ%j7%v|z67rR^8&
zUzTb|(#JyM#oPBk;h5*%jLAs0)K`emE*J*1mO!AV#Ko4(^@Yyec0oLUpy6U4=0q-5
z%})rF@K9Ri>nQ`rTa!y6J#_p)y%Wi|b|<{n86u8U<3wC$sH!eePb?eCVlDu_JnMKx
zxiafbgEEVUtJZ9DP+g#ygMYi@@mLbMxLoyAlYZ|w0C*nPBw91K+VaqAxt>vYLZ+ls
zKEY&;<u#&g$;1_eo30|Kb>|Vc(d_&zi4XG96$DN!Rs|J|;W|y}@7MAe^BE4=%aPYZ
z$faIEo7Sa@?iEWur=teYJ+IZ^!H;D@9##lVD_{79P2R3a!DuA`a|@&D4331|dj@!g
z8E8vZTrLE53s$fapQZ}>s2}s1c6rKF<7<xU*Ztw_;NWL#xo!LVx6m@x^Uss0%LNiM
zp&xh#IkF4GZam9br`nG9*=3APMex&CD0$q>8D8sLQ``HjGz&3Qw*u;36+&NA6c&0h
zh+!!M)IJPgv^PyT(ldayQL3OgRNB+WEr6DL2AoA8llGR~)E(3LBc*`EYqdYUT3nlH
z4r;#M){Y;Zx;KA!L7Q!y_jenuf#@E$a6J648MIgJLNOQvHA1DH^wIf1`2UDIo1VW_
z0FCresVbsAI`3i$V59`}yW!OGjHmC8ij;CN9+~g*I^drO;-J1$Ed5h=ejMn382x{s
zJh1f2vf&dzc-Pc78NYdYa}`b1S2Ncv`@rS62!h!KY^~^=&;!#)OgU~5b?b1MCBt9#
z*AnDrMw#cx8e3H3C^!g`w*LuOk5o3gX(HA$8vWVSjoYP!c<GKLQSaPmv?(Q5A2p??
z$i>`lOZIpG6NYLo%kAlOT!wUV1Oq)srE^+vy*E=gJWEWjrc)dfekF5qkdKqg(#K|U
z1gaD+YGs)hF4=NMJwG7hrXa4Ccwd+3j~#61$70=X_+9|dBnONT=ge0x9<;T$2pS}K
zlj`!O>SM<1bmVdQCkf@8Z{$5EfoG~{(XD%N^U4^TIMHn0FaLeq{hJc5$GR1}J^@U`
zSW*BCK06rPP9$^bh?TFVn!i;<I7lu`{X+%8(AyJr|8QA~SOSp2{%7n=M0U7)&4!3?
zU3sWfLr^QxglXSA_fUG<Ku|f5^+}(yYK!-8G;?^oD!Sse<qdWm&#K+mEJ;EHlyZ+-
zo|oWCNL!+>Z&k*ms1a-VBnL3(lrY&9ij+ezBsfMAkJ!O;q4bQ(VFRR)jgZN`|0c?g
zO23Ub*sgCUU;oAE(dJBAa!%kqmVO-04{S~OJ0{K=ZchL$>foFoD41mw!}|*n=1P*8
zY2D}k3&nh)5r~_Gkv>c_&*aEA0iPSkoYsd?{HsX)4+Gv!OMe0(f_%f!(Qtnfy}`q?
z^Nf0;n>gRz;7Ay<OY~}7N;$vGn0Ev0U@;abWf9ha)?-QW$feLaV4z$DJ}J#sT1ybj
zKb_|5E!l_lFrCYEBq+|j$@KL+4@SBrL!}Ls>@$tqLmZix##&<1AJs@1kz9@Mw%_&%
zzUU-YBk1tF{~2&&;}B@j-?rnVQ-?mrnW`@n8?$DSLcwWB5?fCKsJdF<;gAjYRjUcG
zSYnU~Q%b02(c;$IBK(H^J&+Jm_Vndt0nw7eIdF;koUk7-aCV=NI?0%Pe2#|zS05?H
z?Oqzh3VNh6oo<k$iVx+z4wngx_G1kYPbYa%;~_jmo^Ww>h>NqW?Y(zdZC79Je2MZb
zV(TP@4|56O!@lJ!mYSUVCU6{XZalMIOSxCJZP#@XJA;>5$dZHICcyZsF$xo$;dX7E
zi;KdO1dgAWmC4DzHxasmtQ(jE8088LoXE@bH&7DciIs>L?8}0wqE>>HmiQ+Cxi3~#
zhcsZrtQ>#nlmIrwfty$Dk`!-1k<6HNsgOZrZKS~I&JoV~gVWP@Ae7IR9bO>D#*)3U
zVln>$jR^^cs4h<xkLI2++S-)zn<SbypNh-qg=Gb+%C9cCtB(8$lhlVJKqBGa$h{(c
Z_zQA;`-c+bKL+H``Umt0F#O^Z>2K>ZQ}X}-

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/saving-space.jpg b/docs/userguide/storagedriver/images/saving-space.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..125d56ccd86ec96b7bda77b6944318832bbbe1e0
GIT binary patch
literal 57009
zcmeFZ2{@E*+c16$Q9}0JB&4z>Tb4``lAol7vP~ju$WDeSLfNJWA*L*;gk%{pOpK+n
zWy#pbShEZ>h`}u1-Sa%(^S(d7?>OG){U67BeE<LPf9_n(eb3zYb)DyVo!7ZvH*=6V
z0UW$wVrBxcu&@9(!G8dg2;4Oe^>76M3k%>l005l8UKTZA4|uj8Y}TwS06X}}0=Ap1
ztbhCbeGXV1{QLRu3oAZ=4g3I4d2m+z|8f5NK2!hOw|xTKeFMSYV_yP5Ig&X77y)}&
zSbqQg<6vcH{eA3ZV`F9K*vrB3yK(O0+Q-ScpOb@QKllFqTnE5|V;>JM_W_>Y=f6Ao
z{rK;vz`p~W9Gt)J`0pLe&j24Mi^ZN%R+huS9zGUUJ{D#(00ALo2kG;hME^Kg_OP<C
z?*&2H&jsF4br1xfm30pYEIS*BI7<ZhJHW=r&M%{8xL3f+iQ}-J;K>J1UvbKwEpHUM
z+(VXAzvUmbZ@;jJsF=9?5rw12j%#RYX`j;3H9BW(VtU@}!j-GntZlB}uyuC1?ds<4
z;TaGZ6dV#7b}#y2Ol;hv$MGqt&(hK}o@Zv|<rfsbE_(C!-N%Z`s%mu2r`jf5b4zR6
zm#^P?`}%(j;0K3>iIY>)GqZC)=NBleYwN!@HmO_Nzwu%LSpSaJKQY^d7axe%9&irW
zIDX^BvL^&=tbA<jGHQGI4Xrqw`~(i4e84Gq_UWtg#(lEtm&ro6{CoBb%V`khDZf$s
z8)p9+Vp0E(F#9KB|AE&qZ~$b{J$$Tu02H9_xN;UgkGUo$xA7iHy>81v=g>gV4j^fs
z8La`x=y4?`@IiBq@#x-G--a*!nSmHJbpt^*{<V1@t{5H>@#==9{_6bCRSVfOF`3Ca
zaw%pnd0#_`PE-UVIt$9!Ys%0-G~vih;D2}P)rKG@HV83+9&Iv`v44sQ?1%3D0@zTc
zUXO$@ftRyLCh*`X6G(!PKhU5|z_1himQ|Jsh*JnuXVn<Qx&;lqimG7(O~~C}+&`Vb
z5QfAtfuB10OklzVF=a|qg7Pwf?*XPv;PV$I(25CRh_(}9bO8h>ct<IeoWJY(CGRaJ
z5EDma0^2<9On@o|q4qEVE?yiHSeFFP$S0wcGASkydy;Cy1kMqfpj1U9?dV^=U>(H%
zn<%@f^lzg4n^XROuzX&lm%PY@2Aen}rz-vrP&%-VX>{J|vqP`FUoKgZ;qVA`;Xi7S
zx%a(IH}*qWti}pEHEwEeYQgp4`P$pa#Qk=|BdxOWLOVilo8C+uNI{5i@4vtQXx{&L
z(?KOcR!!kIn7~c1Zu-Gr6eiF{zqNK2l($wt@xt0R!XaF*+~3JZ8A;r?s5x}<NtmR~
zAVeHGolLD@e8!`;WfrG=hp#ZKR6+4OC}0E%-jYSQDkXmbs~)Ej-1x(5>-LuV+8RUH
z@)0Pco$v^<lQt6&0;M#H54;&y3d-arU&irr_p<jhrc(_A5kpm=@KtC=te;rKQcq+v
zf%yF0PhYRJ`W8LhU8jX5x=@jfSg8;uuvY*<xr%7|N`cT1=&mph9AN^J#lrDAm%?vs
zy5e^ahos&xkYxg|;vASj<3j@N+N~bb<Gfx5OT(ZlNS%akiv|&Bq83b`#cDS+?`@CH
z7?Rw^vSH+pa8St@@zgPa=zUn~JLsRGxt3ro`R4TdoeHnr@c$pM&rjp1LIr#8Lg3AA
zXsne5{a<cWEO(aeMgX!KnwGretJ41_=YQsh|GVV8wy8kl!?lQ`9(fxaQhD_jMtHA!
z(^*8DS2g{7O_#Pn;zZ!O5ScrIzy#Q?GXW&x5o*PQ3G4*e-*{;AV`i1svwU~VOuseD
z`xg`Fz46O(31oYDjwu^@vKtdP@9j0F*u(^!v0F!>;@G7C=(drU<2>wS<QqXNW8i<f
z1wj7`p|G@D(x6Gln848t(7;;S_X?B^*1sA=s6D@6nT=V9PuG~h0ql`TKbzN)9kBfx
zpb%(~p#Tl#{Z*edl*Jt`;*I-eR!gfguT2^5*BZD3%$f`r#<%({I=b1Rc&kVdTrCqA
z4yr%0cD-^n(^|s8ta8gaAo0{Q+4X5>U!AhzoY6q&A>6m)c>yEc3^B$Z8!&Okw{5q$
zNQIvvA_MpEv2a;G;unln$qj;8?WS4cdCKWGw~906(u8D3Uoy7*4X#{;BX(ppyIZl3
z#3Q5qc#uRG=Yrp0Lj9TUyH<r_@k&O5DS8J>&4%ua$R(@C6-N#_9(V90Rzg4gyr(y8
zJ5TZO_7Z+|Ab6vt!!U~|S+SgAs&e;6fkHAcAA}vLyG#j5(02-YHy>g(pQ}_`joC3k
zzLPq>@a??N4>dnQ1cu$^ZsYg#tuS`ufZ>lj*lX0~d%1nAiX~MI<CgE{!#!Mn?Nq{9
zcSOgi2t#}+#+X=#<X;p=Jc1IXqRr9xo4pg`<w_-LSr=jcUqzD+-bVA^yH!zwxUB~j
zgKLvV(>L!~M$^pRQ8TXgM7EVWc2wA#OPu*&d%yg{f%i)#vTXJrzKZSnG{&)!+Kacq
z^uY~@c1V5?uTtc}`SQ`lROQZ`w)FC}l!(IDCRY<r$k-h{VO@O(d#63(vYiA$AoOH+
zvv_O9q+++At%J%d`S%_nesccap+C;MU(36KmPzL5(D_#7#RMGc5oIS5KiFfiIXk8A
zwCk%0GatH#b{fYyDSKbNb7!cK9p97@^(00};noR`q41dKyZdGM(#Cs5Cs{+3hTbyR
zBEO|K9I7wJP_znPwMmx{$4u=jzGtmo?Y|wRXBQjgSGC8vBT=iDn0Ym)z_o^hN(d(K
z(5~gvlQsMGJ&H}=EYv<p<<>awXy_vVIWG3%%f+zc(ULY!M9A<!H*Po>=@&Aw7-8N#
ztQt2*?reAybnLL@M>D~mV<*@TeM?YtX!&q8VwBcYB%Za(1Z=~$GJD>}`W!E;TwNO)
z@^Y#D<$D?X0K+%o3xTs!Vqex;*B5#+czZ}I**8#^Zzz}f%H_!Js6LTpF^ctn?mw8A
z+Ukd#w2b;d6VGa0Y{qZzEeZ0unQ@uiS)H#Wp2*iJy?%gU{W&;IiSNbhGlv2ahTGau
z2NsyXo=PlxS#%JW>QarZW##Z<gS|~gM~!x>@w9*}PkbS{c=fHA+;?g{1#LoY%(<}E
zbj)kAc%_2d{A$9LCv8D9CbF*Q_fKj)Ile6a!i68`yc)JrLP9LQ%`v+)ZS9pQ-&6Rb
zUfHWexc0P9AQKSKhmxn78hELQ_ZGy{0T*g0{9~Rr_gr*WP;%*9&q>)GDXL?cw{P$S
zqsB^2mDK9rF}fZ1Ih^fohBysW(uE11OQyIjah-4CYU3>{!w#NRP>Xu2^0VNpMWaM=
z9)<~6(O)XTEqBfiQ@icSC8foAgQEFWWJ>KZZ*B}9CuxFExqNPaK~#-Dk7<XO>(0jO
zJ|BZ4UgE1%w@bBXiYv<RH8sBP5}q69sdnK~S;pa}T*JiHn7i-yeph=CA15{>kHC@%
z6s@E?dfwkg3hKw(CwuM?EFH9TR*;UY-vhZ78XIKDquS}Zu*AxudMy!cs7Ls|yqfg!
ztNf(P3x7C0kd+PQ@pBAuK(?&JFH%%2_y^j|9R!TXo%j1H+xhO|xdmNK)5c~FiG-w>
z+`7wg2G~=x@UtjL%2J!}sBRL@+hE6w8Y5_R_11qSx9`O*{UWb4Ar4kT#EyIz?$4Ud
zAkvMl_T{5pk_TjcIi5>f>$u6+Z~~%i>H7QUp|@8a4D+@^_bm{H9i@Lb>T%f(EeExG
zd!E=(7TkOOVKB>q)Z5jutpPQwHJV>&tkm|GG>C=YFIBE_uT9$llwYC7Q;?mUua^`d
zU7~%TZAB74s{QnwYeFCmB&d2Nc8kNXC<mHVp@n|!?e*c&k^_31oE;w??lBUtKILLP
zywCB|+?&@cURwwoMxA;;uAS$TlzC7CvUU{_Hx62ew|Qf>Lt2oMUe;OZ*(#;AzHuv>
z=HYVv!Z?z8OU13q&Zc9d{ua=UGOCdiIiz)1xfJCbQCM1%XXhC(IO@RF@-fSzF+Z7j
z=Ef6m4*xm!_~|sw2V}R&oH88rpqI9Iddl`pa(#h=he&YG82#xtOLTxzHiXTaF~4{j
z?nJHQZ7zoLc+>_b*Gk6_%|*)lN^Iv#XZNpSdNoo$ICMC48(#t=fW?->u%cgd@3oV2
z`M(@tXhbd}2g7i<c%)$kG@O+XZP;eZ%}OvJ@~P~h;xZUgINU}Hr=4R0;g(EbBnx+f
z34~;{ubCnaFo7?vsBR`;=Jo?xPM|%5B*8XxP;{B9vcNJfdNLE3eo6CW0_7b{V4k}q
zyb#{F{lUsu5cnT%EFCm=CXk{x*}cQ+i1-;-mW1`N+&b5Q1pNdHUM6rBUG_0j1MyXg
z;zoZ^23<G8w=n_8dU$6DW1nfh-Qe)3qrFy4-iLV3EYm|0{^zf;k#$PQ*jD5_T9;&>
zz0_4~IxH2c<z7-owQi6D?eGvs&<=+aXciE13ET`EV7VTo<QA5iwcX_sskc-#L~m6V
z0zHHM_-53)$|8ZP3VH^Q^BF>AkD)&u@K`bobSnf*Px9V2=w4R)S31^t5`Jt0;g?_x
z8r@YC1v*#lCWC7h^cq0SW4tCUw?%?hXd<0Vpt+|bddRY3C(%~XYxj6GMHoNgdtDh~
zqQRGOB-us!TLfzKR*xNQHyTi)Ej5)9GZxMS*w+vgjetWNSC$x4!tuWyjz5p~7bG(|
zKBC+<MJuiGe;y9Gn|P96PCwg$*0khRV|NX=8^u|}f0Ok8I!V3$DjKN8yEqKyk7$(C
zSA7>6+&9VUDem*?X2t3IiK8PJ1E)Pxr$+bsJ?-na5q6UQ6$Zy@gul?fXs-5pc!dcR
zRLqwRt}rg}wwCQkb~By~<7;hV7;T8vOOcw0!CAz5>_B~QgA4uA(Y$!zPpuR-IoAs1
zg>#di56~>a<dbvpe8aM)zVf)QN^zX=Pm9$QI9`_NF@d;fni>;8t$=<!QT;7~5)W*A
zQ)~t=CP3pIF}Kr<p#HG{quoMML!mgx7J~v|2<T=o0nwMdck(cn3~63+8v}s>UFe5h
zg<zoe=)b%CH!c6a%|zJ>G(lA&+^RzB)ujA2_U9;W&qIK2>JEt2f}(a~gK8fQK|HN(
z-|NFZo>6RP8sc^0a>JdAuhKr8kv){m+39hKL!FY(IKPqrUE&U70(sJykO@??vINn0
z2{927&@BE;{9>9Lk#x!;NGrJ2R`iD{@FM-tT|Im`{LczICy;J#-HUKS#-+Mv-LVBV
z=a9aB)UY`V{Iyof;Q4VYj^$UbW5^7NnpV&GwyX<EZG2Wu&t9X=8s_|XNipQvxyDWD
zL&#QP@4Vr$!iV@<$2R1a6Bos{)KlKIy*^bizy$87#u-R{ugtl)(<&T1AU=KB(n;Oe
zV5A_a!>9dWHxK8Wl;Rle5hW=hxu#_==NCwwqb|Ju*f^-lz|4$nhJbH8l*$DLJN7W@
za#e$NEJBa8O>&pT9HD4pA`jQ6h`uaW>zqB`cf9h9RCeU;AlY2{yV9f`TR4;=od52|
zAob(G<lMRH+|_N(_&Xy;yxaIYMaC<MsFLuElo<3Khw+-1hN247j`t`7$bgC+FwV#`
zm_RdM4o6JD@Xk%%&^wSg?Qy<({3}Y#i!6g2KcT|T@9_~&+K)Pm^Hu2FO#1E|ujxC&
zLF|el)+=7eP-1c#GE4U*#o$0BQOByy(ECtn$vkJuf_C(s{AOOC*6MvOdx%&0t}b`|
z(Rzb!Pzc{wvA1Xd#oB}_g2siOD%qA+jM%XX75Rfwh>Y{mxAK+#^p=iVs&>^ucW&G-
z;o<3k6Z;c$X_NWASWg157%9_VnQbX#+x^y^JZc%fr%h`yl+>uMwxzaubB=9&N|Q8x
z)@Q8TUsv+dp)&#H{=ZQj+dv>_EUS~M6xB~8FtdhmK<@iM|Ii@0kSo+5)Q%9n(Oxir
z630FBB|aj3Ma}6T^ho5bl0??tB-4#1YCr+i#saSbcXH!NeQ%~=ZFA(<#;At;xtH+F
zEprur4%<y9HW1lTUMqBo3_39}%;Uj#?|I|---7}(%_EaY#-2?qwJvZ4L{|P?<c~<!
z9=O@-pPP=ytK+T=$W~{48_UZMYO)8MWT)G@M4jb=<^*?mhf_b-79|Gp@{UmRhAq6z
zMYu!UWwYUXM%67)sgOe^3V%b^l}$lUM7Buk=)psGmh5wj1S41eHm~gEBGio04UntQ
zjQ61z({`NTI(U7}cV5D|Cn`|pJ#ZA-Ug-*{dhL2a7#NH`ap<PF>hIatMLc{TG>>s|
zlSaO^H}~=iyoGY<Z5I5JKiy?>@0Zl#*h9Yirs*}OO~xxxZohFwT2wmzoqc)!G_m+s
z#O-d98<+ycZNJWN4xend3or2*=c*GO)~N^(WC9EJPP))L6Wf#Tha>xPIU6Xy2r;if
zKF^gY51Xnf=j)t3_gzurWlnbFH4_C6v{;$@36t|%BFP+5M^`Utk&5f^g5fzRaIFA3
ze*YU+Y-!s=cWgBThvIYBt$yn~#if@7HA+6_J9oWk#53ho64!0@H67N(-tL{7G@WX4
z1p1L2B_``9I>Y}uE*L~LHLtjqH&ti<w|mZ6n^wM}Y+)YVu#6Ij8`4L=vd!K*Z+!=f
zWdQz@-V{(rvw)WCgaekiEiF+Ri3jZi?IS4}<H}W4-u?rMBS4QOBkjP$_dYcj6AdLN
zC^k3gg&3g#%3)uQwn_6~5Y=A8Be}BK9X3hkwR1k>LS~D@_0Jo{+P+}!o|-pJd9djX
zF4)<BEL0Aa!%TpGCwD9o|7$2$;1y#K#sfDmSilcRpQxy<_+B!wz_=C<w{7k!kG=Ey
z?u}=Dxs^~-G<g=fw{23G67#&rrC!&6Z0pLB*Zn9X$Y|HugZG?stCsV|Pe6YZosM*@
zjL1D*v)U)+SDnze!~h*MmiEW!76^@<39OpNEE1|Vao7WP9_pUbDwS18`zn!v0~8R!
zeZglIAO5^?Js`RT2B|EH>TV`bjSxgRG-$%SwA}DrT2b-U?ij)P1e3bP@8K&%WlzzE
zDSa~_f^~mK@SnpyV%+Y_-=de*p)-lPyd(s9v3Vn_avPEGe)-jRk_Bl;?#krA!G)NS
zV|@Wfrxdb8HX5n^<J`Unk)mL-=2qd)zO0pRsGBuMUHIr7b2k-UpI#g@#(4E=%tf#M
z%3q?8+R~pdCjAGyTCV+`Lj>(9(RKx-)ErLNF*O_k@{FBB@aWj!`JRi${f5IQ7aw-9
zD)QV7E!l_g@MUkL9D#CRA1mXV`z)ktJ!W+<txx-PRf0(~*QM(hhb%BIh~kUCg*yD1
zYMtluuQrW;E)UZ+71V7S13xy>L9XZBsHKKYTK`DLwG5z5jjB?%X-Zc>?bay49&)GX
z%ypiVVXtw&xwM8H(e_A|5|iy-jrMR-9*mE8tXHht8u`ccyYl&DMQ}luoyX_$whyHK
z6+_d1VyH_171$guOE~o{A+)J$80Qdg_Wp=_(MaIaPf0^}Gl`9oQ-!cv`fHlNZOUGJ
z(?@F7IF!#3!`FDrIlJTO>uc`!^|WZ;7EDj?*i?$j9*QJ|&abZLe?2==t+HZobuZ!{
zD-qIB8<DZL0}Jt0#|0vW`@jl<N19TXySiJ_(IUE1m75uq_g7qpMG*saw{=zFF59m8
zmGlphl7!F;n~rg<!v5~tLCw|~+Gme#7%9C<bT{dkiPARw8=6s(#&cy-9tPc__J0;T
z|G-kUiXJ8{1V)u%Jb|j*^Y>cj5|v2nop=AZqaqGU>@ACr7GU_?`jpO|5(1+?lD$vg
z&6zlY6trtASwOjIRmbX}yMJpOgFpVEaq8bUiUDC>zooh9lbDL~fW>%K(B}o$Jco+x
zR)*zA2EuEZG#i?nwqqU2Wl!NLEEo=bHxOZN8b296D0~cUS6Fkz6?(+rOwlQYBC!(H
zScnuxfl{sbRbREtcG0WonH}<&!ykHUXqkTL;N0A_#V9roJrRX6DX%Yq&6IP9O3UQd
z0+oy=?Cm~iIqTAD$d*67$ko8NzCy2VN|3ZS2MeXLtyw4Lz3#K9%8ST`d5rkB+_}Bm
zrNO9ffUZeOG^Lo)rVhG6T2;$wPy2UA(LxcV0l$eA7R2CA9+-MqvuRL_{LbK|N)9Ma
zuJGUZY4MgrD{m@Hovn3pPjuhi#l@=#pYAOII0qQ|T25dB`JHg^fA%6K@PvTFZf|12
zROUo!qOy?nyN5_^t=8^+F=?T4!__;Uy#~)gw<Zb>){o@H6)*vU0281HB5;icJYao{
zQ7>ZUF(`iGX)$^A$fYa?0+C_b!URgMmrWz57;cMrn!doq3SIED0)vVI*(;wRy^kEi
zh?h=f0&q((HeoZZEQoOF1wBdLRo-9iLbRteL<jxezc}VUhBRb+x`j=FBDYXwFf!RP
z8oPdJ9knxwU>pX0H-$#R_R)KmbPALS@WGx`TG3O@>uAs~P`r}OswssDsQ+5r4V4uL
z4jUDm2xDF_nA4yDMpYD7h2x<gJwgz1TO8Xn@r?5f=xk*DUkCvuPM|mtKVQv5H$hjD
zW*m98$8^I&Wd+o&hnRqUIqWN>jn<7X+Xa{DE;^Ncu|3N8S~$jlOhXpa6}M!mOdxX`
z%$w~7>$lUnYj%XTxQrn~8g*D4Et>A%f{;T%)}W5qU4TLUOen03d;ZRmj1Vf~3F6<g
z_wU*J(|Q-eYd4QcOkx`?obAZVB|K#XV;-9xLLKbYI@iap`?GvGlx!TSh@Wqx3G^|n
zCJD=6$ah;Xtu5(uQ<6a_`qR=h+z=-5DA3bb-gO-tG&dW;y(5hHnh)0mL&H98U{RX<
zy`V7U5@;D5Nh0GJEp-t3!L<1wGbr0#dD%G!ZHoa-*q|G6R9CuCI`vINDy~aKns)t7
zl1ueT)#v9SC-*vh+Nwamm~4puT?Qu?(t_I93#MFpcww5O^Y<=R?6AX6N8A2@n0(lQ
z#z~GA<~tl*)O?$yb&O;7Zt)9RT}7AT1!%Klk%2l@U_HXS4{Ld4@!fG`yk;Sp5E~?A
zob|)TvMPN#yZC`Oz!`%LJH}@6!hiZ;zJjF97bt-B<+j^s8i<sm>DI;$OBtDy)5;!K
zlAMXHB^qVn?9FJth}_}u9j`$3WpvZU%*V~2V-u6rb$Kg}mUTj-P~=Mv;Txu8-Zpm1
zWw>EOzXnX|=RJ`axWv@RylT}Lzq0kwyjZWgk-!>tTl13+7jumqbmc5W<r&7mpqyX`
z+KP62s+-H>o=Pft(*iZA{Rk7p1URje<fpfjvx%L?d(*cIYU4WtTr&)=-ZfV87QK&t
zk!>WT_mh>BrML>FL4*uWhEAFHV~NKR@#zM<aZ|qWl`E1(xVrXwXX{>>*j~uej-7`S
zlH_&Mhl}5P(!{=1^l(N0I6x6;;~mc4@S}#jztKjiYq`f81vj6v<X!Z775a{MUnt53
zUD0pQS=bruc%7|6>F&3bBZeoVuJ5q`B41j;B;d#B*eX=giBJx(27pCh+jr`G0ht?>
zShj)*DI4|Je0*EJqx#Z_-g^N|#)@*`_mEW1*Zk&M6x(}fnqcl44pv<h7b!6|NQGE^
zr<qMEBDwYjdf!^!ywbCrS6)-c4eFfg`193)p~3-5x4+W}Cjf|@6%2q&f?@hvkX@@Z
z%bq$-3@PcWPnGd_*$k@`7L~rnXYC)cZP(z3Vbc9<%W@xGc&?D@k}aTGcb9kvI`JAI
zif~h<Ds;#A>e~@5gbCIZj?cwd;ZQw?1cy``OcoQc=q1TLtvWRw1B3|^eY9o27}%J|
z5g&2PcM5?DAqul^N;L*r)s;$)S4~6-XqJdfBAOOS{+n0(gN~L}DMPM)#C(V;yEA@0
zQ+XhC<%MX}^QZY|9~DUc!jjGDcFnqNj}0_5(MkF@rdFaiB9Fx4KHGLb0v-2CUzHB6
zH(8nSKku&%C5+7rlsi42+269~JI6raf3uiEh{%xsF7tt29C^f(t9X7hz*G31?pG%P
z=&+KO(TTm6&e$9H*O?J7`du|R1u~#{gD|5T%D+NWm^7nZ%4*FjuWahZp)>A2ILu*h
zCVAU##_5GLuh2xT4NXX3!ZC+JXw5wwwK6F(thp0mpwpZy`soDnu#Qmh@uKG#weIJD
z!t%6hW%S34qJ`vpJwA6m?l6IkA=#g>-NE6x%_Y#kWWP)`oq&qcENlB!^zCIR9FH3a
zZZn~-+tz9kDdW%=N^Z_RCR=tKqNlm<mC+2`CXh556?|@=lqp!jYwc$E>$cD;>MuY1
zwg)n)V8IpC08G;~nS$3-S6TkwaPN5J7;5zhm6y>rCc*?vv$jMST%cVggN;M{T0wxB
zsYVAk5?Cb0ewAuUQNTI!qx(R@xb*4Uz4i>)8W(MN$m#T~f}|{ZVDM*t>Yz;*mV5;}
zlJFT?Dg1U~NMBp~k(|SEiOQNC*MtDKC=#DT!>uGj;QGA7^L<D07j1pFq*V|0<k+(j
zEwt8q?&Z(bDrS;bTJ#_XJy%@HM@>~$%d4BL4F_{iVv%z&v&eR6#c~40PlGtgWw+xM
z5n^k>-)AL0R-fo4dpzZE%v8vyry<2c>?ZpYr|~^X=On`>mysPa>65b8tlmoBI31*a
zzBabiBtqRBc7gFVE3LGI=hK8<(ygwI?Qmu5K1=dUYs~%;&x);+g6Za?8jlvP<@ldc
zd$)2a^b2akm#h$Lz~^COyZN|eoe3QDauhX?L8n_>6S(uf^t&Aw^e85txJOLCC)PQp
zX*JxX@Y}a!*fGP4+(GrEeCxgtLJ4LmlvAvLr?C7f>JNN>EffdaM^gY7atkldaAWBx
zHLHy{?C7{4U~e*TB^z1Z(JpDoY9i8c&01yT!w_qHFZDqw)n?MN5zPE)4?9*7JB^xZ
zrIIs4h+~Hdre1d4yzLv04y$2a%UiozXI|e2>40kAdA!|Ps|+P#JNkCCzOI=$c8>IJ
zE>xq<7w{IAPX~+xRzIR%71<0pp6VsitCmSVaP7(VpWwVDECps(<`|u;uFy3dIglV=
zB&P(Qxn?S1AN_rEsw2=hj<J`5P7dM>Jk8OPP#79KzF_gkf-b%A{rU25Puuh}xH%8L
zRgOhEOSSAtO^r`-0fU~gw8Vv*;*pEB;RbY)*HY-1=w!q52KrOD6fq~fB`b#U-VV2Y
zx*<vVnTUA5wG+V#?Lo#znin5uyIbfiv05}Ur)E#}B@&_xxT){DCg-kG5HTgRpxe?p
z0R;}GzH*E54-1yl@^1$3X^%N0mGLhAG{%vD|K-O7T>D`X<_J(T#3Hxdw@PxZyk%W*
zS9$ffc^HU1Ol~H8JWdTaCVv}T=v!#e$MyytTMnf9$n|?qXeDrG$5{`HDfoY@X;)hp
zf;DATBDf3=(JocgR`u9`xt^GnssyoD*%u#VTi2v^nwy`WxqTAzZba+?db#)HC{M+&
zgyI&29Repp&u&*S`_^5W?Enj3N?$3;TrCk)-G8(+y8T}&bv?6SCnmPuY33{5=_jri
z=H4Ncz4J2Hk_fYg+ovef?WT&NRFpJE5L`59Z$1h~X>%6zF8V6e`QA$Ro1l(Iug%z}
zWct>UqE7#e2g0s!JLfuFyDA}#<h$y-Zg9~<h_~aL!Rs8D1>>8vY7dQ-%-?tE2kk6F
z0$oFyw#M_fy)u3$L1oWVx2p+QH3`#Usa@Bc#8#?4oF*%@`HFh*-x!*oZL|55<n3*b
z5uTq_yL$GF{Mjda&zxG)wGz)reSGaM=9#ngCiWtJq--`LtxFes5jv5JT15&ofdCuO
zgDfcPxJL(-K-4|NH+?&LCk)Jkr_=<%Cdy!Ir^gR6fk*@qk!27|Pk>JMG>C%*w`gb3
zt>mxQ#k6gJn>bQUs9?#|tuZ9y(S`Met-ke&%)gp&p5i8%zfHJo`#zr_2j~(*@`^7z
ze(1#)*DAhhdP&nKYgxz%HWxR|^`chfmTUvq?>{z&e8XSw*H9g_A&#|X7TPY_+`{9&
zDElZGjEI?}4>`~<(pF|S2~AhEJ$sQ9k++?R3^qE%e4W(49nv<wx3@uoDq>6Ss&mbX
zeLShSZ@u&EkHL4NBb^eaN-j~H2NH3IqB}!<aRlm-xCac0Bp)xR0NkqPM^HEK5cTE)
zT3V&f`)pHFuWQzTqDR^@+)Rb`v8aiholQ09Ijb8v3f;B7Gyy$gf#Y6^b?RHQ$rV1&
z2918DAcrf>wWalb1{i!Wo94qFhbZyA)lSbJ8VZ^D@N9I&#ba;!9-yufU!#ch@D><<
zP?C}HKwq=1<)dYNQ`L>xr}xS=WJq(D^5oU@pH@0)ooqicqxZPXKkvQ);yZNWMJ_KH
ziZd_cqQY8Wf*1v_H(r|t@(uO97`q_pS8p8c^9pg6cUy7|WiHM6DM_YZeq9F6&<Bp_
z(nyI=w<ZHAeB|L!4nuOu`+*a7RJ#`Kdm$q-ndtV7*aLs`>MaMTL-Ydb_OS#jjJ|ov
zi^3R!m7(9M&S4@CZE#a9jsO^TR5g?qszB^p+|>OeL-)+x$<~l0w7E3dUd`a9TQCn-
z`H>j#nE`4L5u0d>NGwsoxTd%>6ly8ysC+G~p8J4pRewNRP+)p9Nm+H+^_J)dZdoC&
zPZjIjf-I8|F2qd)Cr!e9gqy>jLPE!=D3_9yF-nX>Sr!83@zdJR)5+RnR`u1g>Plf-
zLT7*g!anRo8g!q5z#u(tiE)%-lIlzJpa~VtH^}3cgX~U2&exnX&o;k4<2<9(F6s28
z-P`!u@%u-&&&C5=6`%zXbpx)~8wsJJ4O8u@X>U3wS9r=E$`7d0Y=Q!cJ+e-gJ2`pW
zZLZ|wzqoW8m9#V{x(*qN-niTc77khRel7UPP^7fh7nD@h=cJ|Ay_NsbkapnsHQ8$8
zBsTNP`)8&&>(v|!|NFJDpa~~Q5vrdfIZ$+)q>glTEwpx<daO*ktyKZ!j;rVQ4eNj4
zba;8UO=q&c2@`!WqlJ6NB$N_#bU6dZ<@FkItFF0N0GpvYtaU;no4Z2qahqt12Y2E8
zc786p%@SY5=xA7hWn59+(Dx=BY|wOL#Qh_36+}erDhhhvbw4luDDa;eD~<{HR3JG*
zx&CRwKp0$?mxc*AOgZ%DCLOFeifX8#*FmQ($PhZRR+WL&TveqBqZmdAFb1_a&II|$
zD5~xwVKZiphU9pRowmC&!vqRtiQx{q<1N$fPRUxC317Zp)l)}ve~rR*=&$tM$f*~1
z6ykywb54%=7%v=dk<9&r$~9}^aJ{wV3|r|*fa7q@u;RSVtshz6Y1NwVOzamf(pTP&
z%tI;>N$U_Ui@c%GsM&!gm#iavIQ|a)%bmxS>fkLlN<-If@=Ud9TK7$rB`DGMH;6kp
zpp276s+0G56VqNk{;DeJe^N~LteM`m`_tQ5({J)qPRDPzz-A-R;lX+ds9~Eno7{cA
zJm!<;b3M6VJU-ezLvB{%ByNR_)c?4<C)T+#u*GN+HO$fKsNSozPB(I>Nolvt)qCy~
zd$gplE73{LNxXE^ss|<Kvi7x9D_%!-Q2KDOwLc<U&r*!hBdtlHS*tDN9;!<@t@{&Z
zSFlg&UE5t<%SUNO7xeUQ$CbD{Fn)lhQCZcG{?`<_RR<;hk!tUotFO&2R7Rbr)u#x%
zoHc(dm-k|N|61+Q4Zo%6Ma{Cvkj;u(u%fKZs6{unl5w~eb?Jw9US)k4G2VT7@(~L^
z#wS*55E#BN9b6RZwvj`bi!QA?R!KP6={a0KOmI9}{UAR#$e~!q<m}5gJ2kAnR?+rS
zg7q)LW$2z&D_x9@5NUpT0VZg|mjqeD3V3Rf-i>ANWJILujlPK1t&DGx*MVZrN)R4g
z277-&X?v(I&lBTZa;VpPCOx!dSxLDx%IsJNGSk_0wC!z|S9Bh#B4JF%RN#iU_GY<5
zLY>+|+mV#`<B4bEkG|aVUo>FN0U3{V=M|$88Y%9&=tru)fzKbBPuHC3eH43`|J0>b
zHp!#G-u317L4q%?jMntOxMJlEL#UTi!zeo~g#CdxDoGsH!dh4C6Ivga9IDxK_tm+0
z7n9?SXT<CSOPy^8%JfZ($2`Sj`Zv+|-pWl80iCcTPm^zCBIQy7Qm?reeoL)2N;CU*
zT)9s9iOueS%N7z=1R+~mZkZ+^J{5z3;mbBC&<kY;!>O6;7#Ri)^j(;M#=jVSSu2`%
z+nvqlXc`x$XeT0^u&hH==oO?HWsm#z>CVbkdoy1N&WHT^cPLSf4%ePdNXE8=Z~j>U
zgNAaPv_^k}bR=$Ea3C;=XR$de2N@eU<^9@jc}-<3?{RR_ySAjEQylj_-x4zI0whfp
z3*}G0U-4#`hWkyS;=wH<q+Ti2&jfN@=B>4v@b)qipY)Hl3q=_->D+Zbc5Ke4G|deu
zbFCtueqbxt5pl=%5C0K}^G1YrY>G)=$_{kqdz#bYZ`jK6t~R)k5{cmSw9%FZ$Qbcv
z^|RI1=98Cu#!N;q10MRwC$B|VIfAFYw20>xQlfbGdxQu#0Ob1C^1EvZi`tZ9=Se~r
zwv1g?dFT`6vaCKF_5-73UaIwo%r=s2{TzW9nNCG;Z!cMRPjx4@HKLQWkmSM8`wr)n
zoy~W;%c~j&*0|6anDY{@-}iDVC=`n0k&)`EaT>9Gm5A7q;*;j|*JzQ=1fL}ArlZ;Q
z&4X7~d|0{r;#05IQr~jKuaAUVvQhn~Omp>|!$TQ|)Y?6lM7pmbzv?x+e7N!y%lg_Q
za0C^9CA8hDs+MdMce6*vF4Ya5dq`FD>!tBC?wF?)9Wq8zZLU*z$*h&zpk?34Z6NKj
zF$Bt5-l=lewKkX#2XZN$U`Cb*wXebsPp54BgdIJObsx+-{V<kLA?L#0rSooE8)=}b
zg?^W0be?)I%YS54O0#68blB}VqOIn+DES}-Q+l41RaEE+6Is?*emCj}#&$Ngt3Exv
zZmaP4kEdg?x8w;5PxR{(qE6{mBp+?)Z%{QRavMw%J{yQ++h&EOtbWB@uvT=>@O`$Z
z`gAS5{dRCtovDJp<liX$JfLk7vqMwuCGZll4v*i%!zj<GrkA{OAjFT0?fQpXWU&~n
z5|Pf?OwqQQ6I)s_Y?3dg;x%E?a97y=dGFi#G%atBEMJmb7K3d2a#SC6^wFkdX^0Oi
zhiIpG=SoY0x0_jV+vf)H+VUDSI^t}Y{yFDx9Xq=J;Vp%ZeM29$@9i&l({A31JT!iz
zbArIrLi{p3VdrUHCY*csT`T|hEvU){CvQjavce0i(hV4bc5pNDH;uOm#4VW9c1Ci8
zl4_#HkIG&+Fw7;79vQbAc@>;^mY&~kCEd$1R^cZm+ND#_ryoMOjk)nwc{Y_y57abA
zebCp&yUvg9-GOGkKK)Vv9oc(VJ&|%_`v}OUi?~`0ejH@e*M+{4rWdP`&9Bd|TyK!$
zVVqgrDC*z=6_b?vCy>lV(aI`$WZsx*yj)$1UV^~n<qtUE+Ob0!U$!!ze^9Kvc~nPd
zVkZ1X#3BthZ2BK$zU-~qh84?h%F1^Ht97_D?5v}AbYws}m)0S3W>cjn&XPtdC11=5
z!l;{5C&=kp1E7!WinsNM*)~UnDqE{&d{sMv^mATYJ^)BM>-PnXtRw_yh@YKju#!8c
zLxi7veN&k$t0r-55Oq>R+H6h8gwsdc?PYQGD*O+`;|$@GU?JW-@ml(|glppS+Wd#C
z)ykv4O;oV6`REz`lgxd@S(G=bgaJw0ICrltnW0izUs#GNfS>kOds(fUY8eq+QBVYN
z=VOuX&CiK>q>wmS^pS#ZF`8<hsp*C9Z4lc#x8!dc9_ag=-M3;Z-g)rki1x&bJ%ims
z87~(=R$h0w<zVz#TBM?(8g1J55+w4~`e(JVriepfH)UMMqEmo2ojeQE$!+R!#X^wC
zBMx2z@#Y|nWz28hf1d}FO;=4DLf==<^)po*ZeM}TO84rGM=(S-;n3LWVQ@{UYsda_
z?bkrWwimy{(VwSpZYKGVu$v8j?wf$XGKoW>lwHJ8pW2}><@)_6I1R{0-2HjW+E|Qm
zf^QZ4W1{T1eKq~_eSnp1&1!Kwu4P0oLaK6wCG^&YdG@(fs~hn1w}h{xgF<1I_xY={
zIioJ+qEnhLKf=wSg4vb^yr7t-9gYk$EJpaCDxX(RLx*Ukg*7ACBAtAPr3NtBClgBQ
zG)Qp6+tHv$HXJT&uOJOh$S<eTv-4@X;lWk+7hGo<BnOp~a3as(7qtgTg&!>8*V=uh
z;9%4&Ce=UHBN8lAczDiS`{{AVF@*cG;qi;ptF#X-)jqhJ2c{H+QeS#PMaq;kWBcK(
z#013zFPQqpWL5sm^o@uGeYC-uRlJkySoiV0I-RUmR1BOSZwd+w#@No?N7oTe7vQPh
zGjm;QaAZApW(ZxRL;44m_xp{nt&kgX3?Mjv2QH9}M~nt|3iD~27G^gS=e<BB@g37}
zbNq<1s0_TmS%_`9HMB6h4J8&AHQ~OFh$WDpMpQNTRMF=KTS^-%i^IZcojV^nTSo)3
z;vD-URc$@)>1QGC!_~q<0`9=9;$i&H)4zEyvAK^Mt_i-h9((XrR?@YyAa&A~b}6|L
z4k2!kvoAi{MsLiED2iRW(Sl9;%Kc<7<4l*a_}_#DCU_QQT(MZTN~hPR1+7TKUC#9|
zfsde4<LUGe`(e<B2z{jzqDA2u>~bDKvwsM95&zv%k_LwUVqQ|JGbRvJBmIqiCorEF
zy=vZiW|pe$V|8K@<%yf`b2u(hKZR-{NxUpn*Y2f(6tkkRNV${r>bu|g73iN=e>^K!
z?mDrT$KwMy4cUz$B9}qAy;v$gY0UkIa_q!cAFG55w^vWyY_xG5H&oESm25Kv%8AB{
zAQNvyKuP0R<XLZ4kZ>rA0iL&@luf318}_zT(Wgw-R_q@qnCySu*`}CU!=sk^TUGl~
z&xRnJY1$x1B#;Kx=nZR22$$9E<<-rt1~<{xvHG=3i?tc8TozpCvn|OSF)Nx}k6gS>
z#x41ur+hP%;e5j|Tw^^V`r?2<^1XqWeu98A^{JP$NHiR(5G$7=gu0?jv3vA1?T`0|
zRvT_5UT3NC+0QGM@7N9o$)iM)NBc;>X$;mq1sz{xfNLr%@=0Jlgow$o@XEPlPZ(G7
z@T;$R_}-;5T<b+OkJ*%H$q`C7nAoM-DvHlXa{P8+yD#-gw4+F>iteLl!y+9?L!ZYI
z!v`GWA}F3<R@>Ub=yQWu1sYwIYhiGnW^&u>Yd>Q_8zvX#Ngq-0ef5T<shY4Fs=G1k
z3s4<Tdn&%kul@+*Pmc{f?|ae&6v#KuUlQ@?n)=eFpt#iV3qNb%z7j_7E~3}rDL=1&
z*AJsSB@RHVKxskwQk@)#t$>Z62+wK%U{R~~Xk+=S{fntY*K85cx<E7usT&~4BMg4k
z>NoLfh_DTHuMf-en0kgQy$0|e$ql%)sEcgb@#XeVAEa_LZQ2$#bp&zU(7)iE+)+Gv
zC?$-eV-%}4;jJGqP)ZnuUrK1R)=Fn^k(b6H*-HekehHYOX2Z-CgF!edyInqthKu|j
z+P$|vV;tLI-^1{rcbC!Y`p650rPQ^llRvX``T`NLWp65Zf{Z_5G1o7{PAnZvOH6mj
zHdA65%l+}{x4{Pm4Zf)abFwN;X7)OK%XW2f=bUL3y!Y+Q*6nDYk@QB<E*{V1r(qP^
zxn|u0?FJ6=SZTH|d;6e$(WAr^hcBO2`TD*}u)T1ZUg|cwwxkJ3SPM13TvG!|W#WKS
zme9uvkkauBT4S>nX4CMP6E&iGXzAy9-5+=Gu;&4$7{**5V{DPSuIvuV+s~V}*o|}~
zc}B+0Ecv;2*@{^1l<YSFpTt`y)oV)6pZcsRg$9K;Wbe4fFcjxB$r5z1DoJ&PJKK)r
zd!jBZy!k=3H*nBUM>an03aEn{iKkU2@t_{58Bme-i*RMg9}~)Z3p@Hg*N}h_mb>Zw
zc`>W%odf)8bc?NbeNhx#$FIOrs=U4qaq#(cRWR4wySC|^$&=TQeIY#P)3^Z&4POxC
zt)fi>?8b^E?yYpi6d|#l*eO#<hY*WBJ5rc{r*aE@awOlEj!&^Z-7L5>avvA?r5N9!
zOMRn{aH-z5yg$-3Q^LT@WuVV)8D85lY2jOv)1qg}9#Zk^wC*d7JZ3SaY%(y{=qMF!
z6ysx&vl@CIgO@i7W64`J={^y|y(X27v=6vq2Fk<HP`hh27?9AUDz5<EL1ls8wg{^l
z|4Ql?X~&jENvY<kc%>axEVcvwH|7A#Sa@MAOZGjO5K358{Z&tKQ(Q}*_4xFB3Hz^+
zKh_S=U;J?(lrwbvYKorgt8!3sI1{A|OF<rLFH<5X2qrVg!<8`YEEi|#3EcFs;6eX@
z<l_<~^GTZH!M<f>8Y?lZ>TT%}^Y$Z@W7kXa92%~?Z!qn$Q%)P!B1yiWXjOz$ZsBkA
zI+v4GV@u!rD3b`6axM8p$Gfb-s*OhtW@~$b?<9>!B^dnH*eam)qrsTNGsfnrLEJW=
zGRbJFwY%}#CbF}2MeUd!0hRF^ZC-_MhflXD=8W8LY*n|SihRzRMNu+Z7>Yk;%SR@?
zq>js1SEr46&!S@n?)b3Is4xLl|GgJ^g@U_$ANSG>F%{X34blm?r&XV;`!gJs^@-OK
z<zKBvIxHRJt09eAo|@ApqMIQip3<jkzw3Lvq`Kj<Qm(7KVlRos1aW2FIvI9*NWWl2
zdRg0Lni3DuR;+4pY$!AxT5I|GwQfF;6j(CkgX&yT_*b@J+t0oHKhz)%F@eLr_rVR&
z5j}|Yure?|7WI(P8hM0Xyn<2Gjw`FQgD#y~cFysgPC3nRN{p)GtG%PsrDs#RD`_=}
z@GcvXwjAO*PyW>$39$(KH9wo+HJ0tinRIDRMnY%&w62YbQ2#ZNkE3gA=ZP~hDJ^<N
z=JbV;u)!?_hU6MWkrD044c5;VBN^(ZG@ZFg8~R?11Xw+61EIOrSyCfT&(Q_yU^GcI
z6A;U1KrF%9^mEI2CcvQ#Zrt!1m~GpD#ciP^mTJPc2n-8`sR$F`38SWgZ}TbJ3)YZb
z18Wq(=XQ<cP((AxU1K~RD`W83F@Z!-LGu=Yr3QH+V30IA9n2AG1UT=g;%K;`yPIoR
zS~e|Nb$1{CeQ4eP4s6^<;>sLiOM6Qawi{t2HK4n>Y@0h2)T(<*q14V`6nQ(mds`tG
zOV#oHO`$)7-HBYn@~-jT#u2)}`cdE2Q`p@dK*)2b$FOyAvM+<(9zn?>L5b^|sP&6r
z-KRf+=8D`!;B3fHBxF{)Jr0`#?f@iA`yqBc4<&**V(d@N2?A|@4M-==VFYe|1^P2*
z7$o)#mf8vVGr(HVk2Gk<=?q>3Sd;Y?`(+Z`rSs<=G!VGlNO{C}uSP6Y2+SC@dV%{F
z<NC%CJ$hB3f7=cM{b!hy?;vhd5zoU_q!}S#>H+Z-EL+>v1-PE$^l2BscRb;v5#-}j
z;1uIM{yN9IK$je3w1YPEi4FVHG|<Wb-{T>h@Yjw&Uik}ymG<rC%-<0F2?w2WdIpi<
z^lv`>H=q6otN)u%|3mu293#6>tU;DTeH#WCa%n|?bI_X`!wc$P<@42z9_zOO!q*gl
zM6%)>;?FXxEU#e?qldI}C9*?&Gah2*AT*%2bEMi1sUNv4xy)U4Z)HCDM|)yuk>zH)
z`IdBpx#YW3$c<y#dZ$;ab9zr3{WX8N1{thiSV$1d=n28lZ5hSB;&y}gvwz-o+~szm
zKd76k0E;69=3FKi_q&n@Qe^6Lsn^?BAZ~J*k0nmBh;{3<-P=|NUkvw@AdDCkUjtRw
zX*j-ke)}RA;$<7|QU29=Awt$H6=!?C1{2#qW(IVAVl&yl+<r4iv@6{D8R9YIYQPk9
zZ0_gwNKs^N5uT4CPCwTF<94!C%ZGQLzD~ujB6uUmQS3A);)<wet!ncM`=Yf0@G;ej
zav&?XNQ&4?%I9(P5I)&Cla#Ct7#=_KRrGyV^uU|akV!~O*#X)SYCzcJih$R>$T(t-
zu24;F|B5`H-AHT8wHwdZ**+$RKeaFW3>i@+T9T~Zcn+X=A`gYaS~F|~{mkDO6%gcc
zLj{G+cZe6SswI6^D8<d6k<K&@fQlGsgqlu>M7^d!k}zg@RGYI==fGUOd1ZB6N5I1~
z9VQM)78A22#q0s>9b}BOG}X9(y1h235KSaIHcTq3-_R{E>9Y!`n~uTVGL?WF|0L_|
z!d(PNrx}N3JjUL^#xw|g#|XV03mq}e#Z789jfA>-iHUCoRUhJaT4h}}W)n_bJ|r8U
ze1ptE@+M;^%bH7!8pp*cpwm}H5c0TnC7^I{!OtQ{^l_8<sv<ueEdvu9Y~$dF2i7kr
zW{@{q37nzm$+$=Q0)^BJ<9>Yy;wkTC%^c}*k{qUYs)qfgM?Od3E#u2Jcg0vWdpvE^
z8j_0a9UU#XOG@5*YxG?p%Ek!tcXWgTfSJNeK^9G+E}8-rO++RWcr~!XRCUK*j1@7*
zQ!5>Jwa-U*a)2U~$t4$m{-)S<zftj@Z~k+V?O!@C6QrCISEXqcJy+3GrJlzU_gy;?
zX0`$SNUwRavsTwZc#0Ms=?Z8GcL+trYqqoQcp_YxfQwy{6`UWfaCL2Z?GLEWab+52
zX;?zJPU55A3+rdw+meIX;Ta4U@FhQgc^N<`?60P$dcmJI^MaduL0vjh!8k`?0qX_+
zUhNJ8E#*cJ?DP$4I1_+{5VqMge~FNG8KW79iAut%674h-D63nc?-5^WX9DB0YqZQs
zKL{<slZIU{fO8pZ%H3cY{x*2(luqM%DVB(8<mHFk$1Zyd_x>ok<B}{^>a+6l<Ad9&
z2KHyoas<B&o;qW8O5djMlU!-{H|L9&GnB3keYJ9c#5V{o=5l_Q@7MH#elYbd?taxS
z*dgp*N<0_Fms%}^&yC9(p~7~wLi4AD3JbD$X|kLAu#4U$q$2$L5}((pr-o(HuRWPw
z-wGpT*;6i%e%jytC9h&E5;@R6;r>>W%e42`z7p5r3cD{orw)kjy=>ShDQ#-i5{!ma
zAQHXd0NngYhWLE3OKrBo$e|tEp$c!2BLu_?89C&O*P{mmlHL8y{hcrPV~_icY)NVg
zjfO^V1W*vM`XXBO;jeL0X@wY(46BlL-XJ%&!PUa7G5dCLgBje(2Ww?-N))??j9NBy
z^M^kEM7URdjAsIuxZm5EWSupuXtyg0xf*LaUT2kjG4$u%`hxJR2<z(6vSmgcv}Vm#
zv9cH8Rwn9&5*7JuU90pl^libQ5^b<)$}JPyF*dVw)QDrOGKwcm=&P6boni1@FwVhw
z62&^X<1R`(c$4Ee+2|<V3x#qU>S;PHj%Fp^Yj$Oq_ba{zIihiekBTBTe41QT)|?@)
z#JR*P?%)m|Z(cq5?hRXPK)OANLn7Aisr~1h7f-6spG^rDIC??L-)<o$FaB7{ZcpY<
z*O&HAJ?O_<Q6LlDj~n>x+*d<W&1!mi>hIu#{kp!%hvJ0fpGbZ2H(0zM@istl@J*A2
zj(i^B%goPG0&#O`adIVITuwI@Sv1n=8+3Og{g&5GxQFJxr$+kL^RmT%Oq`rPq@cuc
znceIaqtj7?0*QvAO9ErOw4%bF-wLmht*eba@VFp;?1lN^BLkyf9&(rb^awv+GE{K)
zhiz@b4(eAw@o4Gr+6ICmoI_q7X%T@8R&P7Zyli+NKj6*3>~8*yr+U^>=i@ir!)}f$
zr=L*XAfy1*?dpKio#ELw<CJj;w28#iWyyl$B6`m&_844ppS65@GT%z?RDBux;;gdJ
zym-h`_LR5L<pFPlwu0eK;?8rWG6w$r(1>z<^B2ccA!bLf$n5|8Qts_#PPSV$zJgTP
zC9>sX)yfFlUN0$2iyTsE$&6^I%azzG>juwE{O%pm>3Pc@)>1edFSPx)`VY|9=Awwu
zBRx^u7t^+|umT9#f_Li#mJflSeGBe*nRkrzpg}U%?d2I@KFSCCeLMVLQLb~AeHY#S
zq9hmYStCIuIn?75)Opgu?Lq?1)~x1Z^3UPQDXj^XLu{p@(ckApS6~-*Z$GxV@<YRy
zs^A;9T<M@C<$M)<&?>6Sjs>2Yx^dU=VH9M)Su2lP?vFyqr0EYyYWIX?&pP(vSOl*P
zy-r_qQdK+>hZR{za>_U79{Zs$P(19xH<CJcx<CDj(uIcsm`|5@-wJIt?wG+%$fhK2
zvTN54Q8FDp3>FX#MYn9*JRY&QPx?ME*?rMmN@eD3Qih^t6^<(ySClGqT)lg-(oL<b
zH><ilulCUtmyG;pt2F_<K~?5=xWo<{&8-|ZjIymDqgs50;TNdaoXK5;8<g9dk2FOZ
z;&8RA4&K*sx<@Nh%&qSB4!to>SfZemxdJ{@v8~X9@3A)t5{#aE`@o2TF=ewgOOw>O
z*slCyT$Frv+}OjT_WESH`E6l|Wx2G&!4C<Rhk#Pk`S_96cMGy-KJs5@-)a8UdFt@P
zkxK7YwPdw3kmu<K2^M6u31y>x#~3bRXBi8=<wV4WY&>2*nO!F09z5$HZs)PyUVp*Q
zSL0(OBm5C8K>u7!dm_sWLmI(Pbvr{1naswDg$57}N~WL*j+zu?3`1@~S8tf=Y}Pl6
zP8NAIziHWbSy|)5zM{wR#oykW@u8Pa^pRT7snbT&$>+lN_D}<hy1k|PO>~^iWPRSX
z*Fc)?|1b95Gpxz2TNlQPii#o~At+5iiu4{4rHF{2f)F4oQe!}**DR&?rl3@jCIUuk
z=#dU0A~ldu6X^sJN(dxmod@5&_u0$!erNCf{W;(DUGES6AU?B<F~=Npl=}utfNlFi
z{SYx)!a<#B6*>edQ6m;ZGTAnt`jWyYbG8>&1i6XLxKtnl3)Hm`t{Lqr7QU;;b28#}
zJEIMBMzQY{U7HH_ow29{@~n$~%+dBF*Op?#kSdJU+40`PC>B_;)n{XM-`LA6;}IuK
zZ!7Hpl`70D4zKE85v@M7WO(e}wXKfhvAGeam}K14d{t^obKww~HnZADhEZIp$uu2n
zN9aj<U@qM<dD^Z3T?A8J&Yv{$|D=>t+^0zj!>%G^<@Fa`PlQWUCw6@Oz@F`mQDiZW
zMjR{&5F_ceO|c=Ij1T%GL&`vB=8QQloy}9!p5xx;S46=Ui7n~#`uHr7H#=7vzUZCx
zWZsn3eQ$&_cjFd2pLktX&n4aVM(p$3><^!8y<_cK8;d8{%_Y)AgT4oW$W8eK@E>Sq
zPk#T7&#<~7-Udr>rZ)$DeX+VU5GKi|&!1n<Eps*rBBEW(<ITvYpBs9rhzMqI*9}xn
z7`E-&b-Z<<q&4LLU^|u>x>w45gRb|~%|wpYim7l6D3%zrru298Z(;Ajw-!zB9Js;$
zKl)*Q5#YKPq39ZeU_&<Oz{n^9SMW^ZgJF+SmIsFZeDH{mH!s8_*7L<{B*9v@0Iz#3
zwiMwgvr<T%CvVY#z``+7y|rDHhqO!6z#W`#md&`YPhg`zW}=FqCEhR1OpM*j-z$9x
zhcp*IRp_hAu41OSxq`bFXA{@gwzx~hw>D*wqP6e|kUXOoD3Vhu!}oF1@1UXyn9fs|
z78s&5p&q-^PQE2(pmucLhz8Wmyph(`x^KB<O!bOu1d6xCX+Sfs4iI|c{e=5_7vS64
zbtGL~4*(j<eYKZ^CglK8g;*0HjL?rkFU*1+UFnw|1EG}rTld)y{NMdc5{L+;9fSd$
zewdK_bi#b+DJRzk>-^D=&}Fx->R#cz<3D_D*$VG##ygV`RPp(h%nt#eA9OyEzV`Si
z0a;pL`+x+jF6nl4y_wJ(Qt*+Az8~fbV*jOsxBR93X2V@ZrAEMRUeUC~ZNB0lNBS5E
z)fyekY*o_$6i*~RN%$NK*>l`V*amA;F#}VlJQS#9G-&|jP5EB`WyJ~g_M+k*&fE{p
zkIS*$u%A00H{^<aT?!?RKLiQ#k}Z$*2A+4+y)qk?>7V`f-ZzQ+MMOzhew~z-J`HFg
z!RL3zR`EO2zA!{dfpxuPHpBEHPguH&%~JEz6}<0|m1ihc`7+nsLp|ohte_tn+A|0y
z>INRwCd1n2aH=WY-M!F9>4%C%0IoBUZAJ(zs}HAlFms>mkE@!_vyXAVdtNQ7-2Sz@
zxKWYf$NDLU39q%e0WBoef#3=t)lr_2u#0|L>7O8<k`bWDr-kIx*@Y#kw>FptTQzij
z^&{H)D_xuKaGlB+A#Jy*Ys$}f72%QWjtmae@F$I944%(JQX1D$TxkU~yXqIGVq7L6
zB|dWUp-g%|u5he(^C%n$)*Bu{W0pWzQv=DTCDqj<O&Gd&Q(g8WI)t2(?m#MRo3a}U
z0H44uSl$_Eu(10GF({@M_`4sE8<`t3@Vu(6aw$~nTRQe;J>EE)g@A~Ga)>71Ax*_r
z*cFU9P4W*{vG`ld-w!`7T<)8nAg?XhbuSSrr!0K15Kn*DUwJmh^nu-80J?|4U28w!
z3fDxm&$?C(YgW}#bQ8(SGi%{!Cn;TBvV9KhlTWZsf6R6QL?_VJ!HFA{WUVP}rr-bA
zV)(I~#Ow9ap_4Din$z#b2FT!VP+@qP6QA<MVib9*dSabQN`)Ifd+0FtJo_e$Vx|0H
zCf6Qmswc?$+O3_taLc1EaxTeFWy@bFs}6|mG3}<`q`n|6-``6Mc=T?uNo;sU3g|32
zVF~Fh9CtG5z;N{j9v=J}ONpOsNcwO$l<(pVjg{s(1dLx7$T?~=>kMm%iM480gGSAi
zD#p^guDBcuA|eLPw(ev(1sr`WpCvg@zjO4I$`1pe$Z;h5r`=sy_i&-u%Iers<Z?m1
zui*PAN%y}0Q}H>!z}gkB3?<#uZoyl~AnF>a&ul2@3|*`$-IPS^$Z_Hy$qt$#C0KkP
z+2&FUDc7}=l;qEUAP<(P-HAYEFCM(aIJ<N2rc@<H=Y6c*v9D6lw-AH^%@<??gh}$_
zUj{JG1Zpk0o`9VK015Z1Bx$`a16V>c*b7wkU`;il4w=Enmdl+W5w`OY)tnvS=M@Zp
z=abu(qQwJ1ZXPdOQc}~co4jy#i7VmU^9!Msn+f$_*Kc0E{O(9V_0_}l^h!UIIQPkN
zACEO}^ww@>Vy_4Xdur?AtV@<nW11!ChL5XD5lLV+AdtDWyOLj~rH?fnNpzJ;w~AU5
zA?BE{huKC7KU|c6-=7#fB()c*CA)w)+Him{p<{VPt=ltC*fHr+LkN$9SzWamZJ@b9
zzv0Y@7(y^qosiKVRb*nM(p2!Q^Xs`-{nE#280%s5>4@Fp8Jj;Q50hBijE;^Nhc{^r
zakcH<&UN%GHM>MqRCg6!WDMocN2KfwK2H%b{A|~S<lFnCXf0#Cm)l^0$X#OjXbH8B
z4zDq2SopRYHF)_s;yg^;(`@yly1UJ@I|8li`R^4<rC|WlCL&R>ENdVsFZT%=Xi><9
zto(PqXDi=AQjkMM3v_LYvb@Jyh<@C+qu?5brbvwf1%V;R+sG?_ufK2d*i-mDH1%T<
z+ffSm&Lq-a(~A!U0G!H9spJX<9(4J-a9~FAJm;OacXXf2XLuvu|23!;4a9@o^655v
zQFNi1MrYN$fi2gQi{$U0zdlYr$eqFQsO!S3^R)Yeuk+GZZ6ks+#kE}qt?RrO0(mno
z&JUzCfUNh@f#Cfa$l_T;JUU`z`8`%DLl@V!EnB%%@{RX#;dYW;g!Fg<6VXy=I`aed
z-9G&HaZsGrxPvmtmNAu0Qx@?e(v-a5o$78e8^$U8KpMn%86mNVSz8<=Yi31}0uNDK
z2I;B}#m!t%3?VD&3TL<oEc@K}H<I*L;Exp5*!6cVHqZ1I9HC<s#?T{5p}+tRZHS7h
z1vE{Ytl5V<6hV2qQBmL1{QY}+?Xuowbq0uZgD45)!)QPTLx6n4N2`&h<ixlzuo-O-
zU``g8)Z`q+woxX<YQqeM>a`Z%obTFstgNhlmH&vNA?fA_G_s%iftuWTa9upf&0cY*
zBje_!JExkwI0T=>JWMk7Q++f=0#%mMiwmLXLgO|{lw^wsXsn~PwbOjP;XauYK?D-#
zvozz#Pxk8^qgNcCBfJH1e=K($elhZvbp=z{Jlzv}(x(Ei0~xmwS+-J+k~YGY3klvx
zS5J}SP6~c`RrAAaIHHwttTEs9Cs3_+XwngR6oasD1Vev##A+FH2Iz-L@rqxFf*{zf
z+7)KTYvol`6JMwtsb%>?rFa{9sMLjV5lemBU_i)ks7yM}*{`9kHmVwV|DIx#m+ZrL
zpM~axlZX0yP6Mbyd-<-j)@pluYC&RECN^B}gT7PLICG1w_3+sd?pkGV&5|NFJS5Wg
zg&nPzEjeNW5t{m%Xkr=E3m{hnuX)@jJG6zNnrfpKS3&JuQl5Oe+(!)DYwxV8zk1dt
z?Pv094F8)`UHipK%nkiEr-~W9enC|;rDBH3?b&P>!u8G_D+q4qx-xD&*R(O$b$U_O
z$9l@+nFJ9?A^L0TbWnIVe9}7;CxB#+{TLh+;llPEdf}eT+hgibuOCowK#ExD`Oj-q
zW<Va%|0a*GlC725W0W2}GG|ed9zH&Tt+!am{cxfYUOiH3=G;r}b{>`3RPY6xyD=Ug
zcM&UNKu-bNP^BlZmPn~BgGVU_v*a5+6W1SKzNaUyo_L#3bDHmv=B0ngWPdSrTeLcX
zjT=5n`837F-NI0XUVgd-`J#$KVVeGY^!{SL*-1PwyriDTQVC~Xed#t*vV>;3yoETo
zm{yr3MyB6&GQr(AFH4QXtNVr=xc1hT`Dti%?9V-V##ZkB5n-adMkjhKZ*MMAvu1Ai
zq-2vg`;5pbIiF-A8v;c-@=%f@4NVto{Pi11%?&k?*idh_H?)w0YWFq8D6qjz1j|z0
zt)R=)#LH^UAw3F{mui#ntm4tE64$)-lAhs$NM975x1whNgQ5v&n6=;Dgc{?QaQuPw
zY)_u~+z$a{!!~7HlQJt7-_9lJDXGuSk#xsfEjHIVi%Tl5N~wyb@nAWv`n9iERL}(-
z(RjEkoJ|{V81X*y5v^1rIFcV7o1U`vkHe^gHDlb^-rHk!f8Su%H*Hs%+Q!$%CKDOp
zh4Dr{TXSXzW|r8>OG+LNR%e%9zjt6gA<u&&`#qpzL7_8y5TkftGNR!YahGOO2<=>Q
zeN3^f!7Rydx`j@fugNe+?H@;0C&-Su4chxQ`o-Ek^I)r>-n78ZV7P}ozAuu+73M91
zAD4+-H6xA<-zzrE?B&KD)A=HtIFkJ-=)0F19jnuWM@A$7fE<=L9L}J~ir+4J#w77R
zWL*<h-FaL4km=ur|L+HK;scT^csjNO#5PAZ1uVtUb>I9qW7TNY!J)2_JgFwHBL^Z)
zVh$eQmsHo@O9R{x)`i{1SNjst@Efkf8H)5pN!zC!F*lz8)-nFN+3shNP|h#OAE4cw
z`ns=Qo^)2<_YFLN*7s@|AL-0Nv{;Y@A$oq8mT8}?d1C0-!=v`!2?9s2d7MffNwwKa
zFVWC}=iQJ2Z0OZGsrO@T@CIXdmfJaFs9X0K>$l2|;F6g5f43`_kldidM7{Py_&%zE
zh8u;TT0;X-fccKq;!v(*6%{V3xEP1D??1ryL~v`hU&9q2BoLinHY*q~t0ilG>pPfg
zK5^Xk&6LE^+4;k9VQ~+<>CAoqTNLc(!ARhE6~0Wr21M#B@ZhnmO=x;B-aosV`FO>{
zboGXY^DB$>S(U&wTVbD#=a<p1Ol?P;B@+7Ku_eZEeDs?qnT8dsZ(n?iPZ4r=uRQSM
zmq`hypY^{<p>hG;!c5yylI^op5twq@0{vcq0pW!&d$&pjFP(5(g#FUdDfJTxa=Nkx
zVvQz0&<=bc)=cPEvU!^Yx*9HAkxJAOtxfMTf7qVWy*D20atJBN#%#H-PeApAmLG;{
z{%ZhdvN5|Qkk}((vwRu=LlzRuIP+S^iQ-0i1f$GdG?w=Y=-uJ-BAlPEG6@FG-!#dt
zBTU1Be4%vJm2K-2Uptp5k>_l}#oo*wo|6XJ&4L2M$Z6!uI`E6CdLvVwtyrCV6@z^G
zkcpcN!=6Z~n7P1DYdvR$&Y$bz=9fsle78dWm2+=rnz%(F@G`w_&-e{_^Pj=gM2`L?
zkP7sf128rJRaAaAnzHgIQ=;-01Vw8By{j>dz_L;xq<EtGqkJ5-d~(-u(^oiU6g$Dq
zWB3Q33bP;)^xET*^GDBnv*jA&I2MiDY#!pPM0D~kI_y2#1TixNVn)yRv_Ywg0HAF=
z)swk-ZD*a##W)24x^9s$nrVFY1Ym@y&@DawNidK=5L#b~+PeWH+V2Di0G^i2S;X`(
zfZGfH?MuX)S_p6YnLnBCxlItZ(d%I856B_tZ{N>l@N1L&837Hz_kw}SA-p4FD0hAv
z(aid<(f&gw|JuoaY03Ya^H#hW%-Cnz5aq(l?9zw9o0*dNe>=9D=wtK~r0tb85|<5W
zE$mTUxDiciwx8?V+dMf9F}KTziSz#EqU!v&OSK+MZfll=Uuc^qYhjDcDlEaqLZANr
zH2P<)$?L4;zY`BlXYmf%4<M$qc8!Lc8nU?3Kt~{Q&Z}|D1=$s1YY|r;5SQ0q!X_Di
z0UiI26n)J_KW92oHM(`Y(vBom+i1vjz1FAcTYAXT=?|{gzC;aVRoE187g@$kCDR+?
zZ<69yN=QBzDHBbibi*Ox5hC&Hl)*<``w9u26qJ_!7<x7H3%%i)Z!s6R95PN->oWif
z!e5iMRHa<<YSmskm$7uWetdBbogB<d{QAecm%ZIcV^UEB6>7A8IGT0r@p@~*1L@`%
zLJVO5Ip}HkTqq>J2X%W5Q~MJ;zfyqholKUX>rzu6E7U)LXQ{(YMGOf%!acHA_y@F}
zwLLt;e6SS9=+)9|i;h2&&F{m|cM(a`&eO^TQJ&g7E)RV`Z*0Enb<bt`!?I204H>74
zO~tpjQCVw+-`4qAD28yZ>%%KJym=dKZupVD>D;_oWZ`FtneCSAf|5!~N!nkNWYzj*
zR#FD2a{M3$r+M2}65mL@TGUcmVENUqbKMT>ZnGy{4!L-<xnmpsqBJW*x75t4&|D0M
z#O0}Sf0*0iiEK74(NTn*rATqQwVAN;tVMcnx@_iv(h8fbY%WkiKUU$;Mj?yQ#RRk*
zdA-tU>`PYwZ|IVQ`NR00iAo1SmnCM!#aAXoVerSnMk20waYG~e>RvKPXK)MVMSV?H
z+pB`OR$N9|mKck?m@J)Zxi0iH8+fbgjtKEDf@hNX7-x_x2&x729KEl4uY#sWGn1(%
z^o;#<1?G<6RGRlzCE7IJ5E!|(n<;5I1%!CzyQ<d4u59(H8=#<(&~qhxH>+v#hOm!q
zNzlxd$tP_s-Ub`+E++V$E0dK_%F_w5=05)X@y_^^BboM$cHS7oSj@rDQQP%xxJox)
zU2?CV9lO5)>ry4s-)m_XKD4gMOfiO^*0hG;_1bW2M2KFMj_1d=xi1xxzMt`Dt8d``
zxUI`gaw-ezhI74~1M1dh>;jCPL>nPxAF4~aa6%_S170J<4$5b?!M{(R_BThG=v5~)
z6&j*|B0WH^-hf<T*9R_R_T|bskmF-Bhck<GKwqBS{&q`PUfSy=Q_CN+K<$3t${-~^
zl9M4Qphl)Y!}XjD*EiC=QqVK|vB)gGXZ${8Hf+^U;Pv9ruiYQm-+a{F?n>~OQ6;3;
z(w-VimY_PPR6vBi)$(qoh+aFEa^@o6lUt7rx_C5rqc9Xhe^=&7Coy0eJHmB!Q9qqo
zKeo9_wMZUf11G=WbLlyFT*N#vYHR5drJQSM(Tfg+zWu4zxsrlKg)3xg28je1R|HDg
znb)I+A48(|)@pd(wCJ$YivN&pa34Y1Fur9!CC|oHH)&8qPny|}SEmZ(bC=bwzt-M3
z_jNp=w>Chw+rC5ICg+C0fX;5I^h8}#x~E2={$2{-O^m1E2sNC15$L#<7KFfJO_g4D
z^<-!WUO&;`yK`KOo9AfpXi#^o-Heoup(~&RtHS6so)m_)nGk?7JMk*AAw!~R?adkY
zDqoIeV0WH??&agq=9oF((?v9q>iikFjM2X85T6WM+QUXYAEYd8e|vcKZH%z&tw+y}
z9#HLt4594^AE*^Z!(4dgHi+ZqX0>iv_}y5zG(F+nTl23XG3n2#LLzZjYzhI@)ZVhR
zuJ;U7TJp6|r^)cEw_{U2PMy)ZXr=c-<ZEdNHUsYDG=G$-t?7=0?Zm5Y6$$yYqI^a-
zynqV1Hwf8RgCa%I&?E}nOth|ieKhI9qhlvPDo=wGj$Zkt`r2DJt?Rb}gB%j30G;!n
zkpdg;Pk%b8#i;;Bt$GkTF`DecX14z9YkJTfrjEIv!?CuM2XF{v0Lg_1wM8oq3Zh;R
zOSkk>SO}c*!e819HQwxW38_w>*m4Gh%lgsu9|yOohw_95ikI<hCG<ty)$wsTHt=&O
zSBZ1d`SU@Abrh?N*WJs{?z?B)=jQ`-Sgf_KI%|rpNo-Q<L!yNBxO16edsyfAt;-h<
z819X9soJP4|J&?=-PsECUh+NFx0150b-H3euMHVV?uL1abPt`oA7OKw|K71odImSf
z<=&CQoG!PWjoc}B;m&IYuY-gF49j?}OO(E+VDoOGI^+ye9zIsj3z&)cB6#|U-!Qws
z1<R60eUMDyw+%_eSYa16*$sb=fCP1)T<;O=pE8MAEIZEeN}_Xi^+bAkuJ;i=o7b5+
zz$U(5NNY?7a>3aF*plNXtj3qhG)9hCX;Jk<j@Wk$=!3<D_?Iysa<Te|`@d8ts4$_2
zCQ_Nj5)ObG0QZOHlc=pv-{04jK%XYCAOBggqp}{Rd;p~$sY<+!K|i64;0HLggaeE|
zGrm?Dn#2ByY2EtzALnW(%RalpekziPH>Td!2>78uRHldz*)n>VimYFPWxV<`Uetd$
zkIAO`w>nIth(d)vM)bRcH4dfPch=62ja<#*{QV!D>=)$}3BA2B7f2ju(pBvZ<grmF
z^F3&ar&N-9UoM(GcPghoX80-!+1B~kL8701j*g!(JDl`(Cn^~G@tn&dMXpr$%<L=g
zIqOLxba&yu_rMwduOB!-_U`3Jx-}Wx!Wt^TRYz*7{otsqTvxB7QT^Q4_2My$m&uD+
zFf90YIL>9DO*<U`{sc;*X{P}Lp0{TG;8LNDc-C!yRh<K-CSG0;zg)r;7490Hy=kIx
zAE<3F)uSt++WU4dWk~>Ws}ZEk`=<2KLB{=U(Ca<_a{yMA$ToUIQ-{F^!O!op8*?D0
zVL-a@R4Lh=5hWIdCMg#8Ead+B56qY{@Wwh6cnrx8foH0kq!Ins$>xlsRUi^}iVM8(
z-lrI#w6$z#iqeb)&qALC{_FGq+MNGCYffO<eu#jI1QM0m<qmPk2IErba%u`nIfZQO
zE%x@J9z_9OyV-M&ikWK+3PChWfq#D2x`4p!%`*}@tyE)GBu?ekfwWt>KMr<Y`VKGF
z#5s&il{wJUlv|-R&K1PwHS<FAH;ne|b;qewh!qGhT>o*KOsHDWtKR`H-Aa(*=;?G$
zRA0e^WkZK)n6FXjPq;|qoK*7mbBTm@<7dYdH}!r)S^%Gti2yN<ujL^_urnIB0=S$N
zs$UF?aDnWN(hbkNo3F)J7Lt*7Pu|~)A&%_;7)RT^=J=zpNrah`S)wCz;Wzs$10{*u
zNz)O;NBXF;PAewxP3lGq5RS4ajy0#S4g{&OhL!t-8)A^}&szGpThMN)@n<AqJNQg%
zv$)OpUMuULJX3;u^T^_rx)>Jb;Q7Jl45T+XP%%7()@O0jM-^;IO(kTn6p@2isX|k&
zQ!fN~NjB+tV{Yx4*mHU#B5HIcuR5!dQx1{|-wVH+%c{lJbRH(blxs`8G*c;W_Np38
zNb!`o9}FI<@)tGM7{yq~)xf~n;RZXd@Z9TM7bhM^Xf_l$v7Dc_J%mwAr#%b8f!KkP
zpJU55l2ug2Txv!0u2gA7dKn?Ktf`^yZIVc3*w9#)jc(TUNG-R<H-Y1rE3{_;Tx1jg
zi(f$#*r33vws>oYwn?7s+wu3vVi8g{u16=0=EQrV%@cFux7{UiT9jwHXa3k4@<CDz
z$l<X8CNx#5F=Qwg(*&XmRYhBo1qwaEyU<9_dOpX}&1v%Uo5yWno%Y~m!I0<A9WQMe
zqOnsmlfh(&J~gn^r>A8X+-CInSYCW<va=iCurGUgCkpIa-PGUwEbqg`8gLjC01Fkv
zqlkTYbg-XmI1*h!m&_S=Ho~LowCw^tVeUs7XY))5ZtDVbioS;M4bFQVwxYG5!*ph9
z5h<7wPpyUJ13hDYn2;bDpN}%^odh1w*Fb$%E0`=*S>YI)`(@5o&|h1a@4<zQXYERv
zlR7g{s<3&x%pv-%cmou*rY`=4`3z_M^aX$EP&hom#dXg7lvoOG0&9vfHO?enJcAfH
zcNJvlgJYafB{gBDjobQos50#W=c%FKR{n#_Hcf*HrDk9`$C)@iEAY3&F8$@luRiJ0
z$T({WJ%n)9v~5EluUg{`xc!69MVe~G%0*&Ks>qeR6VX?><P0w3xlQ@Q0hA8+ArE9G
zfS@EZn%x09UMY^G>yfIB&rngVK?hxrTI%3Ikps)T0=0)UQP~cM*&sEjs??RQUwQ=Y
z9#DE%VGhD0sUkoRy98C8z*&?_Rc{8aV!fDE4KeRLD%aJKhIB}M>^T$V3ajyP%a$^T
zm9@D3p;o?E4=#FL*8OpS0!I=XNnsn)b2;Rr;D|{!AXY1HP|K-YSL}Q&!O|)z=V3sC
znVEFDt&qE`)u9@PQ0fI>0BNc}*|-_R)?i)a6Wpo>dZ}@WaBjws-<xJ3S~ara;P5O-
zcNEm%Q0LfYSX*&+EkQ$RnR1HU#(O%I(98S<MW$}+P-F9a2L5EyCA+qXVMNLIl$5wQ
zB?^d%xu_I{x+zZYgCpcs$z~gWE5Ijl4|qtvo%zA1Zo>d*yggIcQQQ}4FoQfrt+Q4#
zEaq!Gs;SV)`94v)r{<^3h09S%90@LWW<DHRHjV($L;>LLDsZ?OD4KDK>HusHr-oFK
zj+>k3$8LiDroW*IUeJY=;@g%Hsk1l86A}E~t%}CM==aX9Lam^try`Y`xYL{0eOkJf
z&MZEkWT}oin%E|H{F>-&ieOUFXyMc7#59t%1LZQ=vvY+bkc4dUlUfUQX%hE&uSd?P
z%Z|>rY$_X+`4p2@+A<**Eb@)S9CI<?<F@dsx&ip%0xw5)Xr-i-j8RoskMZC`LkPsj
z{OPmnQ5<LW?CvuiSh#d>g5Bimk^jLDhl^*Aq-u=2jb;1AE%Vp+!>5gWL2djxCh3%H
z67i?n@JFf{`1EAEJAAK*w|L_1^c8d>`tmhqK1zaoOw2GiW{PBle2K2)YExh1ptd%1
z?si5fa>Tkw<L=Z)be%mY({uh~?umEL)XhVvQ;g#VG!3WhN|)fg)|qrepH&aO`jj7x
z{-BP9ydN*z=XYwX)1y}U)HmWJZ+h3G>>ou`y`~|*QIKPYtjmJ&%pEVctE2cjt{2J6
zeA8-$4W@0gQVlAnc8@&(z}mNfS~4n(0^~7YLg>fHQ!zo}mP?ZdQ1!vB3^Ce~mzlcc
zpg!g?sh^`tU*$K{&u3)$VM-9K8T*C(yQ0--sv?kjAZ)#@-E^f3V_o+SUq-C$0%d0)
zQnC|z^9*opp_dto8>w{FPKqng_y_}XD#4I71{i2-{OvbaLAn6?kWm4E6L_tY0Tku$
zL;D?90(@R=77&erCO}pHHt^=(e{<mfJ2Uyg7{_kKb_O>v&rV{srUV@G@OCN!zVoF4
zKxxpCSHo}@#%UkbM|D+i!%!D4h?sTms_*g+?3E&>Q_u$(=Y4Ej<QJL_pvu!t$w8?F
z<DZ9ILElg*rsZP2;vF*`dO~F!cm(Ng-zaEC=8JKd4G)@>9r9>EdTq-bm35=BHuYP~
zwQolSbPpx4p2wJ-W?+>xN;VRwoh4%P?aJ#XJnHCuiBCQ2jc(%|AJ#+}z(?~U_~x!@
zqD%cj0OcmgkQzVD%16z%tOX=M$}iEC)c5qa)`CUmJ$sk(M(M1%FjK8pOK=)VlX=D~
z^__F9FK@SSeb05CxKX`_%!s01zwDP<LO37D3^Y#RID9^d&~EY|kF7xI+QXU+NYHKH
z^CunBb`^<MnneCxFZ2%Rtzt;1>jdi3*lKBMX8l%K6`?Pf7ZlcXgnG9<4H_Y>7+vaa
zS~G~WrCoSAIif%F(zGmPXG*|pppEHf#>t0Ssg(G=%m6UyTpMR~`68Mv)!6zL&Zub8
z5|^JzXUQZw6JE~0%%OH#_FxzyK1XSk=lvQNT$<$IclC#6htmu$R6%^7WD3ST*k-=W
zep$E}E++iso`5vaQDZGOU0pgob*vR%91);hgmX4e<y}e0F5h7hydHY7YrNxbozBZ^
zFDgx~cKyopSJ+Z;qE$^r&ZTqoO$7}T5?3pLuhklVV(Awi#Mfmja!{4@+k!>E_Yl{H
zC=r1t3y&Ax>)z`*|7=fb?(?S1Sj9cyQ62A)yKHU=&q}9QD5~$7e%(EFZF1o2`JHvw
z&@n^lft=%q>jfDXAU}eJ%+y#r5yzIX_Q{?=jVdZwVPVr>O38vl3}(xc-<ra6KSeLa
zNlxyN>}E-$I>A1e^nU8zU;x+qQ?|MoB0kzw;BvJ=-kVPGM2^F!bM6Gx9!Yl>)Og4w
z;{-!M2aaEsOqE~QeY%oTz2Uu767I7>u^CbTI$eY0fP`fDTo^%*lsR3Ue0LZrwMl&i
z-pvtClIsu-diL%oQHA?x9cw6nO5#94h0qN=@%-oTN9M|ACZ0Gc^FqU=9@eCd`-+;S
zT;2If{=;1Gr+~Zl(R`ZQV%>HOJy33OH#^K@ifhUeiW^@Tp{#kcrz~F#+Ewk*rHz=4
z-+%QoI&PXABtUJQ;bBM^5oFHV1n3TJ6&qP<UK@DeB4z9UGeRt-LWQYq=N4y-EcWW5
zn74BuhqF@`0oNUq%*?ZKW0JTd{E0aKzG6caaWtq;;1V^qFc76z7J{>~HgvG%pWWm{
z@rIQBVR=a?akwB++v?+?mtQ;u%`Iq}L0x{G?Qn=;{qTE6A89q;)&E(H3~{C@Qwsm;
zt<a0UH~o=!gk-O2ZRZFT^rPWx)jse?4RvIhFhv$4*qsrnS<<FblAa89ZX*UhAJfs_
z<W+Yr!Pn{!XJqRdHoL{|7UR@N6;ZMcV<SomO7wo;CM6bPF`;**R#JU+hu%&zJeYgn
z^JzW7q}LF2nPn*TV6NWbLe8I)n5JmYptYt<|15`spuV8X!wn~z1j9Opu-%V$GrWj_
z2Pb<SL&9qeA2VRr>mkxy+-8~w6o;J<C$$8qxzorfy1^rFLbN*iBo=oG_Op^EGO@DC
zA%$`1>taKHc+jm_=1#NvluHWMA2@fHY#;t{fdS-1Ll9kq?<-+^Kks{(`=0mhU)94d
z)iN_5wg-CM+osqruLd3Sac!<MD(x-t@;2xFRCYNZF}McWc6;4SOKi!}_3i2MA7+r(
z3eYd2A2`Z*Pj35duM_RpkhYQg1&qD_rvk=9HqD=a>YZD4uC1(8J^C#y;EbG66t67$
zBvPeBsjd+ItoNpQXY4?F%ERNh1STX%ahah&eGBNWIaLv;oICAAB!o1PN`G!^d6Zdp
zRIt3g;Pm<H&tk!t6_uZf8D^fUpGx-}Js-VR=AjurEiJ7p#?86`Jqmv^IcN$Qlk8SY
zXISFdrwns_5(8v>oj#5V%Z>M4?0THU6hi7fSERf1LbAKpWDj6QahL#4-%g(4tQg4~
zkx@*C<qt*NKLfGG_5SQ(zolwtK3*ShniqHMQ+*q#dT%bYaKWny)I?T}%p350RMI#f
zGtU(>kSD`_rIStT?46ryHCp&tW4;>?soRuD5~dw_!iV+xNQ2brMBAAPKWt1I`$e9-
zjXduge|%j%m~=lwrTd}2VoYG^Fh#vs?-)VkXl+SpBhs^aPkHl)d(ihZyX=*jd}?>)
z6llp??R9AT;Dpo2=k9!`@2PTMiq%1xdaJGH7Vw{eW%P|<*C;Or8Z7Hz->}ue4sbW8
zgT%A9p47#0$(7L(->a*-G#}SEfhMKm*Fu6=ow#`OL($Qn8qD2uCl-z13MA>*b$GGR
zJQ0M?SB{=zU9>NDaT4JxG@AA}{Xl<%CDy4f+;XH;>e1)gXqO)EuvKx~H|8}V3AxwJ
z-&fAQbVmC+z}E^V9YDqI&3!QS{KecY*Fv37B<7X=85#aQf^TIyn$M@+nB+T1e9!n&
z7H1f1YB4roVXMo0M)HD$@wa;~-7;7esavG)pkM?yU^7{8Q`PyWW8HsBwF<`KX3elm
z#}8oC9~``Dr?{|d+=*stbtM#E^7xa9%g5G;TsDY2>?eP%x4`Plx<-GS1!ntX-@3z`
zN%Q%GJ~CJk{u`J#NVK=q5<3BblxCKO=&qV5PJC@XaZNPy%YppB^fz(yO#qKzP@oq8
zR}DB`m(7RwUj9TW?m`>tcb=~?99W?_Ad;c+j(mIs6mZadfneVi%=|xzBkZJ-KwX<Y
z<_uky{%lCl@6iGq+rN`&1dQ#z_?`PW6QUd31|=CmU@WD#`);5bNKy@^&<SQ)OY!Pk
zU9<!6+@=GHo92HFA?!?C925g){}fwLnU;}e=)*g1Bb{+(;!V@n^ah|TRGRKF(e7kO
zu=z0G4!Z{HX6OwvI6~ocnSze;%RT%hH-)W;&(1uTAKfb6A}rFJ0>nuUFB+76eF=Pg
z>Zcxe_6|-yNvI@u1QdulXWf5QwAe+68n4|e3F5b)>!L_8SrUVoHt!@Ib|v*EQ$pW9
zlK=1`?z|q_TGPn~2$Drr>NpKEJ(lW-+nbtfQ5&buQTnJ*yy1l9WM_vOyba4=f<bi^
z3DPuV6GYr!{}dN0FuDPw!ReBXq`)~eSF8f2f0Op6WL5f_VYPVP$*z#6-}QAhP7nF>
zW`AYin`(7-Fq3sIe)$};ew{=VsrV{sF1gsoXYf|A5r)(3b4Fgi%XQ=OTTE~HAaPfV
zQBzfYt%1s&W?DSi?P&pib9wOgsvHaD9!jWLIJ1k^vn5^QAUC~z7G!43C4}1IFo1lw
z;HSwk=ch+ZBz4+gs*I%jI(VOM?_TEOQvMv8tVG7mf46<z*&UqWfK#+-rQoRMMO0%G
zj1=9ez#wl?UgyX}mx0%p4VU$y*ta{?%G%g?+q*l^agbFGeR<7VnHGQVeFO6DUNwWm
zaguXjs~*Ygl(6VGcq_&HhzL$KBsAdw3M~Fm^-!th5I}_q3QJRts+>5z+>Z57`}8Sg
zzykLw*<<+`dy6(MK0}TmhE~ZP9b%aOW&Za$=CIxX1PI2A9F+48M@8LEe=uM+yGnf7
zU3b=n`<nqSK0)$aFfL};NCsHI{Zb$3y^+!Yrvjt=h0+s~<A+n>wQr+36Dz>-2UVE!
z1v(1X(KTB8dv8+=yc4|d4qrk_HtjC~sFfVtS_GD^m$#JM3wL^MYF%N#Id$dgSavGF
zbhre!rF^B@zJsaRWcw0MDY5jrOinI!TuidZi~q?q^tpvF*T>V@bcrIr!kFHjWu1rm
zEu$v=JUQl-5LKwwSe;Hx7FReRxim@^hQ-aE(}>K?k@hsRX6M=!70sGn6X1&P3$?jG
zqLda}PzP_-3~mZX8ScCmVR0!(r}79E+@2%E^shLK?KN+G1%0pE0`|WytLTQWbswNS
zpZc0dngo+O(jG5tV@xfyJxs03jd+XI4pgX~SOT~UldbkDgSdR0=MBPW9hUHhwAm8n
z5sB^#wCi$7LT;hcSC~JY`uDvFXLxRZD*Rw#<I7BZL|R?O-{=exBAaDR3Rk5(uq(rf
zy@_Y5=#odde*M^qbpHP1*StmgJ>j~Y9cgy$DZvM=roI+k;_R=F7>>KEQE{NduYaFO
zyLqebKhN7LyLzgnCV+=4B7J|_6*kpbsSpt?=EO@K0VRhE4+P%KWg>&HQ!E-+PA7{1
z-eP5s2d0#5_e=TBpg|V-i#07ImVFw&f9MR$@|(aN!glV^2c#wxi<%+Oja`q#a{#YW
zQgX@M=qMZ^tIy?YMZ|6E`i*!6)1J~L$(nJco{tEcN^_@<Vu+|!V9Gz%?oB?=RF;dA
z^Ud9-GY{XY<8%MiXl}$<EiCG{F$2Sqp$^RsfTc@w${sED-^*~RHbfBxpl@dhF76ds
zZ*r~os+%~d4n_kqG7Sy|I2>%GW3@%sK)*IZT^As@bTI>H_5QKZP^(rfolNUrdS#x~
zO*5mbN8_IcopR-HBD4+MN?CqXZ7kdMmET<5YdsGj5(I1SRRwWU-+J2G5~P%-9hH)x
zP@;j}SdQ*}Z&jPC_9h+13j18`&lpwLDD&2+{nKgszTp!H2b;0(3>G7w01OM97fV*y
z0j69f<{@1aTibnKtUx8#Y7eEw;p3_^peVV<>y$!K+my3<aI0IK>q_pMiLi4*`z*DW
zD2m|Mdo8<j0+{*uKuiuW>CAD)2=sIb<08)IrZI=pGG4O#LKGi=xohIweV;GtUI00u
z-}c8eF=8eO-R6z0s)~>Cz(sDVTOeH%O|>aLk5pcNH&3V~CjYWotjiuUE}l5g+Qm)t
z*VrH&;>215$QRj4&{W(E)S8o2k4{J;Mp+z^yTB)(bT<A_74N>yME<gwlYg<9hxct}
z?Y_<YcWWX`L94CR;avN4fWxlRxCa2sFE*)`k%kzT2MHKOAs4CA6Ww*tN{LDpb+?Uh
zQ#t>QsA&DYG6wfDmQj>HMr}1pztjJywx%)Ua(XEN)tAvJ8K2Co(sx__ANF=+!Df89
zdO4`Gz&whsU)PVJbdVb4ET)tiCfSDsSn_KQj!Ct*H*Gpne%8YCl%|;uKb)&70mIRu
ze%T>gQqQM4(w?N<PF9e$2JF>SR;4v5eOz`r%!9u;-Z&O3)82>GY4Nt<u?AWGaBWa5
z>Z%*^ilu}kNfvuJa+)>Y6DjYG)4z-T#6I^4>ksZ~sTPgdxhI@n=V!5n+T7&@{f3W@
zWcepJ2@kzPe~VrTfM{NbuJmaz4demc6M)S_sh6kdiThYpqtA`^#Qb(8|5{dw0g#<Y
z7BF8is{HiEd6yZ_&hh&OKtN*aQv)j*??cxHIu~}EqBr#BtvSR-=l*2Ml0!_1#+Lz&
zj2ce>20WucgB>3JfBsKQdN&Lxs_6Nc?CtK{6?a4*4|py4>e+tNz&O_(g4o`=Bklau
zMu#!&=a0i4_p)u%89v>AG6ke*bt==z$&4L^1ONK)f4vp|)M=dh4^g232~MXft!vZH
z2VC6{@|XzpF@H_~FPLm1!E%g4J0OD=^xATNw#DC)PXApuQgko7!Jv=|rs$Gvii@pv
zYzr0{T;*9yc-x4XSa?DO=#fpuU%9`VJd?JK2GP@LDciigG1!7+))(-})$fwo6$b9y
z)ka<A4_Cx!qbeUmT!mwbhkh1{e~PTA7(l~V!_<J#LzR(fUwfM7_w;uqMhLaMbSX~r
zF&@`sYWj<~O%%8)zLn4Tgr(0*D3{amJg8N-gR76JQBp5(uL7LFcfKOd+VsyDLM$|-
z3g5t!E<LG=_;_B4>){u%^Mny(I`>WZ`eW?rtD~|K$lLoY!3SR1MmW>^aXU6Z&j^?6
za?VUzAJLG6Y4!HAQl69;fZJoF9ygSk8_0VfZi|=*0$74O0wspgMAm6OWQ4iE+4wd~
z7&U3c;&J-zV+?1Fo4tZyX}OOj#+tGIh8EXm-B0Q{e))R(h|Jgpwzc)#sXbyYIFl><
z7nQhVO5=9?IAxgvFd_##qN~DNL2L_Y1v$3(UV)`n?NDi%x$DXBJQuv8{f-*fLzPu0
zJHSuoZk^!{xXzFoFxSf>mt1TV7fZpMc=65l=lAJ6P!7@?!fo>4@)f4>GiTiOMjwfz
zx}#m(V}p7AL5h4pqb7PEj`z#2<!+6WGF>SpREL?6fuBue`()?3t@k#gTn6BQX)ikq
zuAlpq!HedDlwcBHfIi|VGD2aBYA|Atg3IbMo+aL^h1SP}9^OJaz__6<k0OZNJlgFt
zV;469`Xs>epZ>a1#-&Y~%si!Ob<!bt0a1l$1)W>O<`0KQEBM!2AH@+<S0hDn`i37}
zpB5T@%Z-~0racI_qQwdXA)*;<6GAk0V8#wC6G^_00T7Ydz;CN#8y<@`tJSja;Gf%+
zPo5W?i~rm@OI&}9%OE`LaBNWD7p_K4{2V~+{U_6oP>W(8wsj^x?6OC350J=M<gDJ^
zDr@-sdf=9IYhywkJyTiobfDx_#*d&w@%U?01!}Mn^jx<bE>^w=p_*rRx_H|yY5&e2
z!*+0;;N^aE36QFIP&ZfloUh4FrZ=32zVMGRt*ZWHO4HQp`8SSaUJ%io)YtZ7sq_)P
zQFKv(&%6men)G;p-Oenr>Gq4adIFV+j1kaD7mW)t5nSzQI*!#Cr^3d$ZjH*!gu2dc
zfVSTF)<g69(irjjr&mt3G9OcA4-7k#9`L4mUS;%3+P{(AvZS7+199~)0QHWrk8Tys
zBH#*XGBMxTds1ou{&Z{91`pH=Dou36*?K{fRZgGS7{3q1%N!9*WAtmmEpk55M)7T_
zNjfJj-Sjq|_};g<vhB7ZDSmz%=>+4pzNc{IOas#$x0~>ba=$AvND46*{~s*7X3;cL
zx+0nXdy%UxzEpI{=rk6F+q|B<$H^VR)-@$|L)d}62LT8oc00tSYJm>P?ap1?zG7kQ
z#bzwc^W<b#_|Nb9W<qftjT29Eu8oFWsChWUeDQ_tF{7qi5QA>Mqo=q4rxm!;j`Tz@
zfG&w?nOO=N2?*B}+cOjQBF70J6ppS;4+L9T*tE<h8KJI;ja`5ygC(E2n*-oMj#J^g
zuCXh0dF6=Bt}3EFuCy^yZ$oUOrBY?*A5KOTrNWj)qA2WQ@sFqHP199wy=eHbEiH@F
z)xGpfyi7YlrbEH+f72&tWBq5E8cUY^?6RX2ilZku`J#&#I6$72&m6vc?YM<Bf7g`Y
zlfj~A;)-Sr_nw0|oz6M&-ujH2m^hr=gYxzEbq=~UTU{-y&bu929%}JMhugkO_|m+>
z%Z@XlfQ(VXPq`Ir_<s>M|I#clm1QRoiQd!@GTkd_;$C3z4SMz<ITvLY(|T@ID?d$w
z*UBc86L;j-Q<&y~RxnT{s<jc+t`-#ThKEa^f|wh6S5{r3t(r}Xhs39XRP2Pb8jEqU
zF_)tXxT}%cpC1B?wrJ(H9j|G|%3T?VZvDlj%$kDU&?_86fUCB>HZ*i@@8t*aFEPZ2
z6!@U$oZOwUH^&Wp9Y4^B?KQSnTvI`UX5Tf{hmDjepQ(>ZeQW_tnE;DCD<@0wP#Kr|
z!t2Ca-^>K3M1$-PpY$_tWKp@_bIf*ptQ#xmK9caD<-^wt5t5$!qW*`OJZ<?WQ?CHp
zj^2csn(87&uVFi908Yz5uuTowC7JW}M<c1me4KE)SdvuJV`O*6r>(xBdsrk945W^C
zN74&zd~$DAH;qiAYRf|tx2<ou#fzlQF6?mk`bU<9yn~8L6?gF+JtApw?OR?ej|9`<
zcLer--|&B!k9`K|J>zo~d$~cNDeB}#3yB(kE7@icJ8d=k5&ZV}3yXrjp7=zQ$oaC5
zmd3#Itg}r(U|7)*%<06X<`R;qxw(||w9*3l#IDI0A9Pe5(-5tHJrvL@Wizat6K4m9
znaN3Q$cJO9?@7Nn-4D$o>HW(TXb&-Pj~;()KRCjT^)Vf6W22(<jV|sk8LIoYBt1=W
z9Jcro@b+uiU20Ua#a>YpFV%U?FpSo2X;gwGmYAnVEQ-2Jze(i#bT0RdTlURudE4Xr
z$4GmBxu@({UVpp7pL^(%%HLM&NQNP>pfAecGoLhsKoK4ovPfllyHbV_LQz1(Apw-i
zbKguXtK-A(S61i#l{NeCSJqb#=`U{Mn1;Qiv%txd&;&rZu<|<tQZbiGIJy6DIrjgw
z+*CkmY*|Adk<S6EwHAPN3=;lw#|dPflCGth1;~@y{H#(Lmj~cnHdPSZQIF(3X=eKy
zo-H1iOH?<JUbK_yN;_BJ-`zgjDk#Rtpk&*;Votup|C>Vp#a^}q0ao8NQf7LXd=$t_
z9#{Jg$K5)M&YY7-k=%Amc$Za)J_#5P<iP;z5&J;^Jiti#L1T49udve6OrqQY*SA-f
zZuo=$a`E|s<2|O%Xwz;}gJ2fI@hwnN++_av@n_L|lfI;#TaUlbUC{W#Eq+M&iG9XB
z(8LsjDPQ7;Q*~Nn<!uUrvVHs0lo06eP#}M&Rf>D}pD2~~(cXU1D*cu68x~+fMbAKk
z(=;2mqZNx!aeiNNy~rb7QEea#ab!A|aS$f<`=bF(vOw<$?L+H+{t3V}ZB+}T6`5#n
zskm$0`#fraiK>rBKm>p{!l^zIlo8$sH1|%)A@=FP-RVFfWX?t_diz^8K!UB)Z-b#2
zf#(47Y|vRo4IVK+{)?0vJX6bH0W!inGgGuV<9)hr7sSgynKre2ycs*mK-mGZ%Make
zE~NJX0ewLLiP;UjvHFYW8$=ohlB_^SdjM%|Zv%)_p4Fo(gPRe%APsfkaREFq0BUhf
zfLeTz;qZ&oS|xjD`xo{0-^R#g@MTY<_gJ&|frk$8*a4`%1@@`FfojNKG~wrs>9k*D
z=AFNf0C-S;T{*`N>pt~1K)3UYxI0da5!gxIXBa2^KE@>=I6P040hp`i!x3w5!2pGN
z_<MlP9Ptfk+yt1=JAn*@7J<6Y`VD;GucQ34{RK$Ie{C=GE+G==VsqPPQTO@V7{Bi~
z`oaRh`klQ2-lqz8Yx|R_uV$atyy15N{(ZNh37Y_sy75l-3`6^00tJ-jUjqFvPpGv>
zVLRevz(cAwUemB8tv#-)u+_oSRd}Qpn{>=TLYry+B<t-hYUe+D>PpMVgh~XEpKd+3
zxmX(0_VHZQ%|6)X&VMs4;wv_KzVEjL$7-u-6W}UOXQXgh+GHOs{eYuh#2UiHOBiGP
zgV9e~6of&tpw;QQrjY$gmH*5m4ql-6Rp$a}=9NMCCg0S`gtO~moYd?722O;-E1W21
zBho|w+@RlCY7LI{d-E8%;^5K;r)a$)eM>T$Y1GV%eVkaDD;<@7kUv*Y=Bb}o@o;*c
zwg=;ERm3>FLCLWoNTe;DX=-771CvH44^@G<=<0h3=;<6wt$gyKjx4#M04~KPCv0^o
zf|2UdH^Z+)47n(qh!e|Jh$(CN5Ly2sBbn9x!AktV2}%5(JcUG!CD}qT4PxYLJu@yZ
z5Ui~=bk7{;erHsnQB|Z%PI=0}9#%;5Yxy|jmCqgD_ObgMVaBiMj(ZJsUowi~PX>VA
zoGZ!RAwj|myaylnIOEJofX#1%7=F0W6sXkik_+iM{xh`TsA-F4$_nGDTZP;aP~MRF
zeEdou&B`Zt#&u;4X~B9%C)cNrfVas3sPptXb03gJ8)x|398=FaJyyS;vSymvbMU9Z
z`FOTg&-I>*9m-xHAec3smkrd@!T6PDvSLZ|Em_A0HSF-N$EK)gYgaZan}Td7j;#E>
zw-g@^A&c$aXXQ$Z?A#{0n_lXUhlop(>uW$(Ae8Jr?cE0E_rX~X1}W(f3_%eB`#J54
z8#jiZB!6kuuBjb_+q5{EJqgoGoNI_PRy(Aw-mw_Uf*ODW9CeHy5K1^mj9Qoza1CH%
zkH}`T>!*w3)mbCGF}z0MxLol^F!vmuq{9)fJx&%0n%g~Qo@4?A_CvFQ?(&hhc-Aop
z1=U|U70t`qri*F11Y-zSkT6kPcsoi}&g2#U9;#ISz>`-u99vp6%U(qeTOO1PiCG7i
zp^4_?wN_{u@RoCB=`EltEzJY{RIS8otzUNEFPU>$<`+~s<@R_xDZR6YO6$*`sZg5Q
zGODu3JNbYqDAfd-1}fWHi&T^WiVeUlp2bkCq+S_$yQT3qp)-MsX;Z#tKO!Zqu+Y1j
ztu~>NvSPV9!$UlI=kt}PJkZop^mGR3q!fnojyi@%pQJ|Pk8HQXPppCtIC`b6MQ>^P
zO)_@7Dwa|gDPwcE=t$1~n`gj3W*J*df$9H4%(eqIl4LQRvSdmpsVNWJSmO6ei+xCn
zFnChhK25X+B_$j1^hDkf!HlHVLrg;;9`JM?;xG^ZSc~v(Vkd{km25)KIQ8&ZSsK`R
z3SH+vRQN4XE~EHR^O_A8!Idf@vocl8=ucyfcuyW0G_rd)F}l|%<#Ober0@^aEApFw
zR-va|kJkSvVHGxeHIcsQpmkB|!{Trd0+Z@Kj<7}VTmti=SKPt7Ixw3>=ut*5m~;>N
z$K(-!!$GnXg6D|M;01ch8B-5?A9+nV2Ct-$*Z3Z*>?DSrX62V0LCla56|Q?6r@(-t
zf&x(TE7VvE9FcF)zyCg-8US6v{mFDg#~1)Mg>M5?1MmLt{^jYy|H=_`r2yfLmw5q4
zsPQw|$8ZbiGbOGCg8|U|C3A^tF4!!jUEE1{=RMB})i3iuc*(|8@ipQyDVfmM3OYIJ
zW7wfo*FF*Var<0HO6u7iw>K6#b_A257ww)8f96_BW!?6@?J3J~;fU8jziXYA(Yp+D
z^>=jRfvr8GQlZ4$bl(TtGCi^@+S{8d$oJrf04^?ulKevfmkH7x!dSk+DWp<bW=a!o
z2r0iRT@QPDpyuV(^R~j60e{CD)m8{7HBh%ivLo~fein{#?{GxAP#<VWa;=mW8{vzk
zp6~WC&Kar@;%{b2`Wh-`OeYIROf%J9xJK_hB<ODK5QeZlb(A$43*-jEhOi^XY&|nX
zbqlrj{HU^HG4)b;x=Hx^8+W=Q?w$POv=Lh=_aq?<YU(V_>K}mg52XCbqz;l>ZGPX>
zLgmO^tOm-tG{oP3^KkU+h3OAZ;##&jWdYCic#i#B!CL?K`K4nP7A8C|zz%#jS9^Wq
z-qIADc*DQ!8Q-Z1HyO|{ETH;<&fK7s+K=e?^7XO%DmiC8HIeJ7ed5r^lo-aIa>1sr
zHm`haz39f|5+hB_rEwRx>dfFWXs}h~M!rASiUwS7hbipMKJDQgjA#uhpIkLm#ee;V
zXMvRw#Q~>0mLiK+sJS9*I^cRkm1laZZY^dLbYKB+M>X8=nlN3mK#`khW1&&;f|?ww
z(gl}DxLC5nGvU&cgXgc@QNbmnUW{OSp2gXe?93(K?(4aieSd0DuV~$j9P`sOxW=tF
zP}P@^4gw0u*c8ybuq@#Qj6yb_&+QonBU8|+vChE4nvC|;ipLkm<C2(g5f8rvk2*np
zocpc~Hi<iDT^?EsfaEUQu=RV^LyB2cJnD<1eO(`)6%rlM=jOn+Nj{TPequ_Qgbou&
z!4+%%hA;{iW30QqUbnFj@E+ngmr!GaZ^|CroH|ZF5p7ZRBj83M)xnCal${H!<IKTZ
zYd{rCWBS$m>^oG14_eQG-{>m8r+hz+!Adu9(cskhR-k<6^MD4IorF(#+ckcGzp^?^
zQoo@7m`H4zEX2b(nA^eR4@b&gsv*P1#@51Rd|-s)RZ+F(Qe3rF9qSShclriL6<MeQ
zPUga&Mj;h}7}SVNK?COxL49It?Zc?tKiJQxY?fFqK%9LC%HdKk0cz5O-(GqDf$J^C
z&e@E#-;1v*zUxUa5`cql)WP~rz_>&ybE8J?%&%>QB>q=<-vQOswyllQL_idz2trg4
zlp+>-3+SPVNKt7KqDYSrK#`UZEOev_C<sUskuHQtjX(eq0g)bRLKl$)By32?`M2lX
z_y70mz3<+Cy!XZ%<2}Y;5C|iC?X}jNd#*XZ`F#YNM3He;A&a*O96oJ95nmr7^F|n_
zD7Q795OtE#<;(uXh(i033%*+SGWeBhl3c7*URCj(ICs-HA#t5&NLkKz>cXeiX>_?_
zBVuaKB`popXFm#&`qrGMOfzhO>>FL0;zntbmfzpagc8!r5=*Le_}*5AUm)WYHCnxg
zolSJ#UrP~uDnvg)H29jG33cJy-$5#mYZ7*^Zj`a2I}{*Xie8OvQO`SNDWBcbN$e5!
z7Q4?<<CAdO0K4j3seD>1j;o8jHildu9c82=A9S<KTHm2w?h(TfVFW8`n<%V<9Q<@h
z+5Es&`wAlGrCYJq{qSnDmdBj!_-fORc#bqzR}zMO%EPKj7F!eM_{jLB3f)ik1&dc+
zaKO%pHh)R(;C4>myNkKWF@PN$y|ESI5YguRPF!CBjU}TIrr-%Qrs*uAA8s3<o<7#n
z&%JEQAx3o@79!=_Oy54S&rB-F|3@Ff?VY{D`a8LPwbf%VF?$)CxUp;fVYz`mCP*JP
zU#T3G@>KZo4>#E5b*EV`W_tM}Fjnw+E4f`?Z}xVhJ%LVm@J`l5P!{a(1;Kw0BsBU5
zNC@~3gM{Fh`Zuxx>4L_WrA3%qOE?L3T-+D>*A*X{QTH2X26ihOGI2P4Tka={<u99d
z_Guu6!K9~0&$9VvNs2<f0}OUqVLnT-N_x(C&y5nax6hKDB{2M2oqCTZfOl;g3-my1
zlg5munrWvE&vkO!c8Gp>_W0R777_m|acKPj=tKN;S~fQWQphj>JLCzxF1_ToM?_5Y
z%0~8~FF{Z2>Oe8UVxwiHk8CZIB4qwpjodJ{y_@*G)kqRrImaqa2pgGO<>hSukR@wD
z{L9XTaiXT=!UWh4g`psgDY$5*C?(!oS8AwUnVxwQCPhGuc~f0gB{r=Wi>=PGO*gT*
znZbYT{CmMc8{fQrpp$;!#5n%2mDrs;5|I04-C<Zk%k)mkI8bPrVQX(W#8=fEEWUi%
zHQG61GtiJFN7mr8-uCWjeF;uQhQJk)$)bu?-)I1c$*mlkr}6{gd<Q)&5bN;n+X~X@
zrg|>IeDg5&u$1TJsjpwK6i2#(m%D+2z}W(zdi~$y_b;k2*=rgrKA);a3V7Ig<p^fZ
zPWlbzr<wOunX<jP`Aq8Gp=*+CtZ+RGT?r_f&Vzyu>Buc*DGuDEs+9WW+UsFnE~Q6A
zVYy3%FV{U#juU%YBK34k{{8E{Z{uZ0eIky()>Ir(C5=Nw<r)5doKYK@aFc<TLwCDO
zVTA3toC0^@eop@D#8K08uvTfQ1i53p_eZ41hu?sgJ4ackaRGjmDRN4AZ0R)Bpt8)}
z{f<!5_GYxQxT83`7sqJZ6YDGQQ|ZHV(x=5-KkRXk6P}J>2nbJaeqDdPgbNYr^BdV0
zRxs`^s-)^5HGow3E^_LsLg$-k+h+<+8E#WjN3XBH@9h0_(3~?B#k&)yB|z6%-mbys
zmPcY04<M{6mp1Jt@nr4^<Q0|5RJWDS<ZreTYS*4UJ+{9fj?6V*hrADGZBVAGqGb9S
z1W4Q*{V44mgFa%*dczw3x6ekaQjZ#vwBo+?5US4c8%x&_|3;bo|2o%y<aEKm@6Mcx
zsHSfbZNJ{0PpoT5C_ck5Di;Q#Br-hd_5rR&a2~gPX%fQtI*k~c`FVbv(DH2Y&Zo!q
zQU{W*`l^@TEtdfzgroUZ&XE?vP09g~|5u_>*zLFlSL1rlTGXX)3RNGQSy^1F3+sPG
zr?kiQ<-OYjbD-*iBJa{LWWSCQml9o=Yv$N%9<DIRP3*Lf0|^W&;=t6IZX+0X?n-9J
zwSyF6e;dl$W^!N{$281#c7F%8J~_-NdCUXiGR*ry7$&O>U=?<77kGI2n-2k#8;=Z)
zK_Mgu@SV_3reKaf3%FBTB=f=Kogx^vz60}Sd!eKQpD~NVh2XjEEGEp&LKkEbqeL!2
zzjOD4FAhOl;(_1pW^c1Efi+g1Y?2+gtoK94o5cD{QIP2i64|#TR>c=z-+PxQ*{dZX
zw-67=XFYaxrQB)m=FNOAPaF?@O1dV6&fH-~pZq8Ahvj#_vq;Fq6Ci7f#fx~Q5FZ;i
zs~~$qKMZ8R8|HB^<X%6c^E=DudT3boA(SD-+7{%Y?f!1(_x<(3k3-(qHEyX9oef3;
zwaU249HO^FY{pWFkYu{Yb7udusm2X@ukI(PhnaYQ)w*TI<)N7>=185%*xS7R6;#wq
zePaAvVDK)B{=KII53ieoOjd?7tE^h9FM*_Q>RyVo14P^0X!5nX<lV+8vsO;7EF7{1
z(=6&`9MKLv;)w`BP?fweL-R2=Es2T`Z#W0yealUGGaGzcy-<<q!A5gZ?-MV*caE~D
za+2J&4!L5ix&oO&#P5cN=MTGhioyi@r5=s7Ho>kQ$yYeldnVCHOwUpHu;bh4lXNwj
z@Q?>_ytii6s{@Uun*}UiF;(!w&et(J0%mdUrAHE<<vq^5Aa_<kWn}b8U_k}f>rH4i
zJa!f3iX?MkUnW~t)u@<zVME7Scl9{hs01G6l1kxva5-rGy6M4SH5y;ZP;lqY*Kc@I
z0qXYT>16xl>*v1k+bP^%FPToA@Ei!YN#(e}|KeuC>rmESyL*{*Q(*lf)uFVsm8_Xp
zgh=S{#7I@@%Z|4^x*eH!(oDgdMK{O$Oso$m1`mF^-p1>xkMwVwn%z*^GirMVxzXgh
zsds0wN4uoY9qr79uUa`ZP<bsU{R;0Uo9iqri*ngG;8{6LpUiG=xs=i7COJ6kD*@YB
z|1Dp$Lg8cRnP#!bL)|y~4CSr$E;brAWIHr&(zijN%~hwLyZrz9_j?d-rdB}V^hfI$
zQseo_R=Td>^QLT1@6RVK3;a#Q_7@nlgL$k3k8k(Eod0smQ2f5^vJAKG0bC_}6;8Ux
z{jyWA?=9)^<lb*Jciy*oU%g6KYqV2|J62+8k!-c@dMB6pIZKVQ87}!*o}uR>p4nj8
z%&K%oyRF(c$;qhD`D}ZM?VAJdwlW3=k$j9Gs&&{#qoifkK(0wQN88;A9b<XVdAj`G
zxxuR%2NDPgvqBQsjy^-FV9p`grB!W}!Hh|DAfpszL=8p|+XnnKssvrKG;K;Z&pr>A
z6Mdc9E0vf$o?csm@}{~p-XtSnjlSPt$V2u8OstTgwRxt<n|c<GJ&u=!Sql&EopZ}e
zxhFGrwI0=LzcIC4I|-f)s;A<V6s)f{MA+HN4CT~3*j!Oj89wQq`ktS~(r7e9UxbY%
z1ltwR+g^twK=~&Sq7xhK1x1tlUEV&O%V0UddYFAL%O79t&VA=&uhi+u4ocNJOAo)Y
zUNmIz_cJfekcD?Jlb9tQzpd537b5L*W^k_QJPgCk-e^3uf%|F;@<lzS3^Uv6Av^n1
zmImjcKeu6bXTSP6HwcD$5kb;<WcY|l>vl+@YrcnQ!NS88No>uaBmd}iBhO@yONHSV
zK0S0G{Vn39p`Qk}-6ew+hu>KoS0b3n1!^C9W_z^ye9*=&Kt0vkgklgmgxQBu^(lVS
zC6VI}9`;UzbL)ovW}v#ZZ+bb&faBw?Ub|1AJ}AmKqHWu=u{`vy=3^nJ8dY35sKH9C
zVqb4*o6Tg}${+kDMvJdc|8k<37PDnN!*qdIr!g35W^<r-_1ahlZ05fA#(+mFSE^S5
z(r;RP-;_bvDbo~kK%}uk{|V#~B?qI?`TaR@GgUtHk=N<)c4TxFV14y%J#dG#jCP#J
z5fX|b-<PuX`1o7F>>6iU<-LT{{!Vdc>@yDr>obbMqQn_G7pAw<j|pcQ7Mis$h+(K1
z<a~z%{ay;p!$63qhx<#|m<m<Rs5B2$+mvt8n}jJOR(lfF)ybZ>X7~tWp1~&J9VF&M
zzru07+nbyG0SSi3^GoBk4`?ON@7W@bicvpV+v-d7VPwH#hW4Z1Sr%sNFkr<*a=4sy
zE4>n^rHaBOrtGc<2<S(&R*J>H`NB=!-`^u>(_9CU@|<jDMRmB413Q%NB4einy-@1K
z-Dt`}>rh=mUCZ5N8-}@593_o#|Hr*yb#8e3OQ<dXzk54P1M`mA@#SkEKpz)$m*M4u
zgCA;=?U-KHd>V2X2r~6GDYBgJY`82Wa%6AQ^%zi}{v7|ivcAVJX6N&VL(VYFu??TC
z&4Az+lNWptJn1o=WD5b?9>P}Ti#4;Sug-*T`MbU-tBcmoWnKe|JWrd-p<7#uj5Lr6
z@ynf>DWRsLP(nt`Nfd8x2kCCAbHr7!jWfzzPUPv>7W|~k-aV7|!eyR2R#hwhxV35p
z2m1@8-iVS7?f{GG<p75Hag$N*(8bkRK6$qBcceGEB8R%~-L+T|UMuflbbJK?yHE&x
zZg~x4L#}P_2A3@tI3<=3F8utk-NsBR0eHU0a^#5IiM01~G2iSn0$2{ON8f9trjb+f
zgP=73)^ff{<+fboS5c@-N9lsiE_|XP(_7I8Px7wKCY?T${zci|Zuoq^YhzO#?oAc;
zg4D1ue~HEUyyA0bcIj@&2rkr3t=N(j`4~=pC`mtz>p_i$@G_JIvb6Cl_e*q^STVvr
z%l)>Hf9?5vr~Q2D@A8O>bMW}B<PES@qPG(>i)Ta)%Cu!ia*`j~;O>9-Asy9}{W3K+
zv!bxy@*1;u&QIY!4#TpbU974LbW<%?O$Vnef9z__;$ZXbyA}b@FX5_?7IXE1tX=kD
z8TZ6eSP#$Ru=vA^A&2TJBP@riGc`Od2v!yoV4&cjzF5g|r2cT6uuQrlm^NS1AZVb6
zu=#dhgax<*N?jV_)C-=x@)6DPY>Q54*6rlfKCuA*fQPKhjhJjr!NE}NR3=pHDU?#%
zB#UVgpp^sGIuPb0-9Lo}_UU#c(~ycf{+YAr74RRs8`XO~ltDE0l%Rsrium`b2px&W
zy0_S=R~?E`1UY9NnuMKd0;+995O*`s@k~3y+5spaVfG@1wylcDa6b2-g2}04A66~H
zxuZ74i{Gf+=uVx!aX3qME<5IX<^_Vkopw|4%ia>37fJIin)!%gXYE5|PTz-#4|F-=
z-S8<P(0Q}L1ti(zcNTDq%wFWBx{_Id+#0!Q^kKlL=QR;W1L#IEZt`H-Xss^%{TM#s
zT-IRb3zRcZ;4f6+rx@V?sR|A@Oul>ooMS~V))O}4TdZA{1yPs`wp|aO59w6VEdkfd
zJ1-cLl=&g2L2SHGbMZy#%GzkRyY2l+6LZni9OFr+YfXz|8HH-(#=YS2O58w9wH9a6
z^~n9${d^1gS8sVf)OK>$`s%(LKQ~~}^T(*ID^pfMfa@Ckj~)F%AKcM-0jCg!;G%B~
zTWvVT5dxlzIE>^doJ@O9dPutGIeT~^))IjSEt<F(^jjUKHJi`DLwLWY$7vJteSX`E
zQb!L!-s{{rAsBPh+gL=c+X*p+g+BrjP1(j2^xV$#1IrR(byOw0fwT(g^onMGq}#2t
zsjR`q-fue~ay$#W8+T#H4%WKaZFjrGO|5ty%Ji2%9Iq5RE5kXz)I9%}xmGOh8KNbD
zdZr;@blve5z*4z%j>AR`r#%H3@@p+s9uaVEA5p<8a@-iXdD*s5vG(Z~)aTc<xo044
z+{KNyetZ$>?9Wwb$;O3RA;<YMItSuqRV9qp2HTC18D1Kq1C2m3sr!rq5fsN3tef0p
zTAOAb#zwxq1v@*X`V3n$qgnIZm7}&%la>RZU!!hOWm*9SELSn6LDCh8DR%#Sy~Nk<
z!r2dB2$j1kD&F@TOcr6O`P3?-@u$n$i7gND2N{cY#)K6@&Y`YhI3}-mgATTDIdMW?
z92-ehb8`tTJ|yLiicd*-5L$oPUm!8s)OAL+4Tjw3E?~n@qihTnc_(EW5X}zmnW?$~
z#7br9t*gp>yv)(xp^YetxL*0TF`B5^WqeBd;fe*JO3qkHo%Q3jo{LWR-})q}&zJti
zqjhdKtRUS%@3{(u7^((S?~vskbSkSKzDt*%6n`?dQ*43UAC|@P;U&6a3#!t7iu0rD
z3TG@8ZUD4WRTi!fIyM357sMqRZIiEX+>op%Iq~5S<!}j`5LK1SAHORPSr}IT#i%cC
zE?^=ia14RR6+e6ne9sqEVaPrdbRU+7Qkt0#JlC>5Q?sf}gde#r7uK=@>WLeun_dBL
z+D1#EVB8L+PT6QL_wMJW8&Y-S<aA5e^rhDLo;CWKeNdS>JYTPI;?JkK<G<Zf69@<B
z!ZvKEqfN-0gr{2eFUN=g=Y_X@E+)5vgP6w-ba{Lf?&TIv^51f*xbhZB)cNMt9|A@X
z*=@v>#$hmeKnoqLRk4mDAC<yg%4rDg3zT$ydOln;uDfH^u`c>A-U{-k1@YB;;vwf^
zKQqDg%x<YGXqy5p1GX%*!ctLfc982>JrCicgV~Y5U|}|If7io~sUSOmYMW7mWZ`uf
zL!I)SIM9CySK~?cPJ|h#Y+Zh{#Tj_J#-I=9HoFk_;jbQcnlR!IC$oxgU0XqFUpBM(
zu@YnUpK~h#%!>*4&HXT)93Pn|Hl(}Ut=`|vq_!UD+^aEQ+!fSLYwL}C1JJfV&w#6|
zBOW=928&($!?V0!xAT75y5L3I!}sx?m(24!pZg4d*{GOiwQjK=8!&sH$2$DST9g%e
zRb*-mK@W0CHaG$aT3Nblw8D@3_RVyNBLrHTM5qz*P0EWQT2zCye89_7#-OP$`x175
zcPqI&olEkG@!X4!Z{vcJl5w>&{UCqZJ!ACmET9ubdIjRVXcL-+x$s%=q4lfGAxNe3
z%b{HFr`j231al&LO&Z{1c1(b18pHH;C~#u<Yd<-jh#=u3s;BmL+&n&?R)ihs^7ENJ
zc|kyilT9E=t^CqXJ#^NT0@;bLQ)I>~Pg*^Bt#Ri{+~PtT>1Je}tg=cf4SEU>(i@9l
z7P?wNjtBUkM9J-ttu@Ljlh^tOQSyMDTs_?qmo@>Gxwn32*)U|CgoADFl55K#c`Y>p
zq&Nm)HV?1;pg8`6gZ1VQ>SPfAGd+j_(s%T8<5w<D!vEw;_ST-;EC>0L|M?|PFb7KK
z{$xx3A9%S3o|Z#X=D4b)`AN<CiWN5AV<pLt+Sg*9S6q*s_DRgD#&}q*(ecv}+j;j_
z6&o>$TMxnh<rhFJhy-!~u}RIZe`leBI@hmsPJ?k!S_FpTfoGVaH_5%k;+8C4uu;Bu
z&*UVr0}`dAZRQYTi+F#<v?jV`zK3Wtn^3XqV_GDK+6Of?HO@~04wXquM_|h;=_VL#
zzN6nH#feXeXZEF$Se>tW-oGt7bnq}=AbOb*|IrMjx&G_j@q_02Z}tG<`)fMcHT-+M
zNpMX00XLPQP2+<JCZ}@tN_Cw)CT*n<zE5wjA&*`=BFl_;=bZwz%M$RIl<mu-)+E1d
zEw*>}y)N(Dfjs#{5;ekJ$rEeN|KY`%T{ir`Ob8ey{nH5v$taIj!U@s+6ttTLZx1Ip
z&Oy<;!xUuK*9}-t%BzV*XhpB{J<hJ_eGtM9jJ?x=3_xqJh}Fotl+?_Zo%uG(69sSU
z(>foJ$<vM^q(Gf(nq7F!YoSsQVoF2PDsYtfYC5=U6+Vjsk0SqcFzEUjvoR?knD(d%
z@XKYK1)j~AtcddJ%vcS4H-QQDSLZjnvl&=teL1OSlkYMrcGEgGORfx*_i{58pm|d4
zvr0=~9>jw7(xS1&bc2-qF?6B%5OP6E-;>Qb#bkdOp<Y%t@7&oi>0j+l`v-&hzh~k&
zt&?<rK+ypZo{1OtP-!|wAz*k{W%{*DbHC8eYr`%!K9=;uo-z3L##pv{SIh^0TNFU6
z?7j!Bf_F4RX!!s)2_BiwURHD~52z!+iDO^POH>n1x>zRVR>{6~J`zgs8TxftTL0VK
zz<;HaYbxJ~#kiXBhjc@$I3Fuv4jSGP-}s*9pIBPj@jUmO+pDu9hv)bNzhiGPE`XsM
zx*Rj2vH&6vlyAYrElUEABgCIdKw3z$bPsDhh=2`M{a2JXV>kExB)l0|_!R`MNdEwB
zGTX-Zc4RJY#77bjGEV@(<?gBVI{mMfhJ`9t)$CWrWM{XXqPNCK_V{*ucs5T1lr#lg
zOIKK+31zZJWNE<;hWMw5zFcXtX!m*UL=M%i1C19jVJc(#B>V7`iU{zu1fsLJFzw~r
zQbDRrq5YtbOlSGNE%y;hQUnG;?Sgm%Fj3tCVV*N&fTtQ!{9@wb6kr41e!ClM|6)1l
zOCRB9tatde#XzQjJs6-HLP=wQa&EbXc^J}7zCX|yX1NWmOfVzx82;S|Bp{MM3dTK3
zm=-v-m>DJU7-VyK1ZB8{YU})`4lW!l1tl<KhjmV%lqvG*$S^ORBW_tj)ShSM0ckC%
zOcN8b_}K%e15(wWIX>->YlbF$Wy>;9SL5sk)A}Q;t(e15cfQ@r>4onQP+kVKKLi3K
zwTpAY`sFWaIPXjrxh>ZX$s~!)WeH~Ka$MxRo#LpEX8mO@f0;&INLIEu-WmT`LTV>Q
zOOnDwh6TMWDjH=7RekzeUUFAk^6Fq3EcRl#vwtvJnttNuwFkci`!r@gFUc6x+bAbq
zpzR%Cp0r~QWJ#xy#zlwY8uSVSt_R3mOBcz<pBr_jHQlUEiCc8geAQzEYVA5Du%mDN
zOQRAkE6rJ+qL@$dBPNylzKS&mDRzvhdp4L#JoJ3^<?(AnXT-}fcf4D0%G<d96@K0i
zHL*qOEFbefXvUAK(s-!2M@>iEPXoEos5&zOl6wkBT|t?E)VUUmcCnkCK~Z;374bhl
z|K+4mfYX|@{F1!SH}hj`Xj_?9xJWnkC<?5ARAE|EsX;TMGYBCWOA#@{ZNt%q-ujNo
zr8YmzubV0wf2({{fI#GH11(L#6|6!4ny(q!Kww#bbsO{Se)q@6X~o*u^y36)i7Nr3
zZiShynWwu??NRsEt|w==nnh;s!n;Es>F5ZBXaH2si0@_xfZ!{&Rk+V9enwLGWV7_a
ztm7)50$D~o#WZ4HZn(Vfl<56eW^yk|dM8E8l+vZUleNl}WcJi`5SAgFj5EV`72x{e
z;!ulZgMl)vjY|}dDu2H3YM2xJ4A)2*?4?gFrJr^ez|&;|WLmr@QJPd40<Vb;0LF#;
z=3*{1Rj1LpufXb~rfX_b1M?)#xB6Cc4F_~rifE=mf0UE{)}G>jvhz=z?RH3pK%O~u
zxYcaG;f!MVy`Z5=1YOBZg17H-4w9FUS~sq;o$wYHTB&n=NfH)9_12RMUxo=!RhCC#
z%_8x_@?}k8#;35<<mvEdBs!n4n2Ab^$&lk`tQc&hY~hqloUH?S9C_{LkuTm65U}6m
zpN{B$$a^~(0-p$TxQUx;78xQGfPW_n2@ByZe^_=(x$}0HSyAcA^CUyjW~GQOZUMo>
zio?5gS$KAyIe-E4PhRU+OOwdf4~+Q5YyIM|Sc1@k^S^klyk8vFF0g<5>Cay4*I6#?
z`)?T>=GQ)l8T=c?R=i+<IwP<+0B2m)r`P}^v%c1MMxt;JM3~)d*WbU`edo}ML)$O>
zem{3eH<Y>3+5jK2Vibh$t}>-DtgPtuqJw1rMxwj+CoJp{E}=^Csoq|*w_qJ}4*&C`
zL-&8xN-S-xN2~<C0E%1SSXZ!;8m+<iph178Tdp}FAi`+y?hf0S7yzxlfnAf~(yEj*
zkg6V;Rk8kPCCM`L>6cCXcb>YW_%M((Y&E)py&$Alql17PU9bZp3V{n3s059L2y)Ej
zftP(=8{)p)F$Qa{&u+d|*puLF+*0fF8P~+l?1c+Koe<Elpn~C6I6u&01(=lp6816|
znyS*xc&?9oEMsoDYbBeCZXJMC;LaWOyTIvf4F$dPKQ-od495>V_;y4zgOfC77CFTu
z?}q>@v0$&yA%sw|C;O+$;e!)fw7zgD`DrD1gE*^qt2B;zh}jt;{aNSSQd-s#0O12}
z)%EF9@uZUt=C{AjBl(txhH#Y==o%NFvzi42i><_nsp=v%yKUSr_W84EhU#41NkOqv
z1<ZjoihaX1%B?n{Pz<Gfx~zCQ6G^u;;W{?B!LO9BGPHbnbzWbVX!6EbMJ~KUM0q4+
zWHWu3aS|F@r}%)$$@mQh<pVNWC1f+s_ucJMiEp6^oh>%LL2|Vj3P|2l*>1aUoTDvx
z>R)g*s6KiCLt;QjB_NeaC#^Q)ql0AHOC5(V+Ov`c%SzH6G77#rB|3aBSY-Enlq{8C
z>@{!p?5f(0!Nu$vtIQds1d#oXDfy`h{Aq)^4?R%g*Xb!4{9AI{5dV_3)$qBc51&K3
zcQwg4y;O0z-?AWUR`f3{Tvwgp*C=Z83`n%UA7%0eN13{Rn_);5*K*0?qn75UowYZ-
zl}~ivzCC>Y14=4JNx(i3HpZh6Bi@(j074Vk@&WkF>H~a*YU}D=hEZkzUA%x>&6}2?
zdx>?}5(8H!W1J?d;zvS?rnhzMe0}y$&!zvV@#nuB9G74sF>7YnRXPXQlePG=O!DWQ
zt!zfH8*VQRZY74rGi1@CP#nw{iD&Wym%A6O)z$*RNc<D#XPweAIU16p0Ak+xLM3=8
z-(FRoD#%$Js<A#VGx@-XeC@Wx%#n5bQkK6i&i}*L)~U=sNcAO<#GZKsCE0iLGkHLm
z>>3jv?wqo4CWD>X)7Y^7gvI|kk&Wonnw)hS#e@KIxUcJXUUj(h5sqh(N#BlC8CBb#
zH(N1@3DhcDQP}%Ve{jG{7ZKq9Aus9ae5g)RZUYP~Ha~d8INsMJ5a8bdp(Htc(Gj6u
zD{Z4?`xh+Qh39s&*N*wfSB||~)2+aD9Zk7%YquEN{*w$ah4vr?B@D15ZbBnbaH#|j
zkQlP+V4cBZOi71$%50W>0io2DC-=kxCRHWjRl);dHKkqOs;v{hU~sN2jbdbi4p$vj
zQ?I-;*t4Ln<{7BDVzT_i8uun^`2$@`*itUX=6IsB<|ofC7PN2Zzel(CA9_!&IYcsK
zBAu@pLlo{{icu4*zyshza4LmOsRdv&pG(TfZ)w)Jnv!_YoEDkUYq;GZTklz1Dtj4%
z!?eIS@|Qz8M@k#p9#Qp!dA3jG9ZX00eqAg3CisFwOkImG>VL!r;!OzuW2$j&_!|G#
z?A?r;Zz!iq%j|7{hvs<P=bW?d!uZkoH4<yH$8fIVo07GY_KDRwBX2^vjvUqm)2H|r
zag&*_^45B|0Ng$xeeK(J3!jYMfK>l%7C|8B0iZ{_J~ka?mJ#{>XhpyaJ};0%Yua_C
zlF~~{q$;IDA2t{fQ(x3Ti8a*jLVMd&1<nnIpyp?m6s#EiwRl0-L9322b#`I!{~Jg4
zkFaK}?=kMZqnlR1AXRR<tm@^2I}HSp^D;b8#;*#xG#cCRH2a;b_ccZAjILKbBCm+0
zJ>Gl?j050?LIZiEvJARvEBaNyJy$@T4B<zJ7KP0rt2>JHi=@u;w4ZG*msG5G+k&yb
z?Hzt%&iSrxfgymIQAwi|gACg7WF#NlEq9^a(nI46)u8kRF>t%7QeovW-Nf+$EZLK-
zT+FW4Xtcl)5{j6|#Qn~~i9*t~83sDMgG!I@5QsYWDZTHQ5)G7|)by}MJc0iB*vaQ(
zcD)?W?uw(<1QZpDdB>axhUkz^3tb5JB9wB;)3TQqM^%kfhVTX;+p-Q)adAhe>pG<~
z_6W23Pp7zQQl>SW-v*1}!V%t7qmR#5c=o;P_y)qFcmEfC^CjYMV@5dJ;MLagO=mpP
zFBg#L2xMgTKBah0n}XS-@bEAFR~qXR=eWgo2^ji@3XYp_e7OI>jF`;i0yE?BaRSVN
z&+b8K5v8!1_|{C-=IxWUfmcT-V1`A-#@<%vYR)1Zn@v~NR9RV}*ZXuKybND(;V`Hh
zKt0`P1R<;=^$Ban<sPC#8IDmJMQWK9!<ym?-QU<6>tqO}@S~%RC18OCuxGYUpH*Bl
zvW7pyJ5NPO90y{kSd<vKl&@VhR)dC}$viuD`OM^K7o}a?(NwqhwK4Zn-x%bqiqQbN
z$@zDdiy!rHDp0uF3%&%*bT*_ysFZ#hh}Wy58iu2e5epwO&VXpZ?zAX*6rv0vY~43M
nu5KbXw|4v16IfogkFoTj1A4OO;BZjy@gMr%zj_bz`{@4xvT(11

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/shared-uuid.jpg b/docs/userguide/storagedriver/images/shared-uuid.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..1304afaa54629aeb43de3e03499913104c455978
GIT binary patch
literal 251815
zcmeFYcT`i~*C!lBKtVx7K$@uZu5_j3YXJlVq&Fc-F9Om-OB4l^DqU%j-iegZi?l?#
zbm=6aNC_m=Kth-}ziI1P?^@6AotZ!9Bs=G1-J7hl&)xTY_WtaB&wigR0j_FmXlVe>
zojV73Nqqs%(117UU>8RKKvx$a1^@sq0_e`&1DvOh7^q@Oa}GdD?axu=B@NAg?f;Ge
z23P+z{`<v%1#p4dQHM-j2G{=Q`0sg|-VP2PKF*%L)Z-D~0D!9avsu7n!1;6M{=WZP
zqoJkw+vqM_prNIwqo@BX7cVhhx_FV{B0W9B6$S>z%hX1HiHZ5jWv0L5zkl-g=YM}i
zeP6yvfAQ}b|Nq+A4*<(Wnj`urH0SOB&a<4OVL5l!4dA2Bl$N?af0yXLwR7ibF3{3Z
zr^LWWJppl*I(-_N^VG@GUZ5&|E|hv4aDj#P+U<J}=~xY3(ckg9F7qxS=OX{3stz{8
z5xjt`t#{ZZ26m1coLquJ!Xlz#a`Fm_O7|Z;exk0S`BY2W$k@cx%-q7#&fdY%$=Su#
z$Jft402~<f{zG^~<i}4@iAl*RscB!nrswA67Zes1my}l5)FSHY8ycHBySjUjsGq%k
zqhsR}lT*K^XV4hz^2+MkpY;vG?%w{v;Surp<gZ@m05tzn>wjqWAM|3O>UExa4KC3C
z)$82(0IJZiT%f&ukM7z-1Nv89taoJIUA+D%A*ZV262Gh=p3T;Kgn?Z^4lPLdtJ;6n
z?B7!??0-wM|Do9b)N2NCnQEfvS!h@QK)@+EH%bKXZ%fM=01L+%;ExU+>#LGb*<xcV
za!sjcfNI9vo=OEf|B2^XNOZPx)NcEQGeCz`+Xdnoz`UWhis0Lqx>Hr@G$wVYUU)hR
z(g3%k?>a7&g4K1R*OZQ81f~`eFsnRT$xBXKgoaYzg{aX?+k=@S*D1B++$t4%0{=r|
z&bP;<;9%3LNx9>_>R^}0B^@0{H&lGA{8lCk9vJy<2y;quxefy5f@<ByDs)Zq1VwtS
z<+jte(?`DLMv2Ql|F@O=cNgUUEyn+1IW2H33WvbM4;?4@$6CCwlF|>y3+p)yX0!zo
z1NjBscCeT)rQ8aRLQ{C49j0w`WWBjbHL2jIDNz#jGa-i~jW@%Sjxnv}(oBvG={AeZ
z5hWs?ewXAujS(s;0oUz`53>6?qKfp)5Cuv_keOEIJdyG<z-3~YE+ISGvv^%`vMDxp
z&P_sg_NRc>^_Z}W2Nev2wM&omWKG?Chh4Lt4vD=9&^Mke3BPV&_}oDKI^h4Ryof|X
z;~`9^S!BtZ2(0H-7Yfhl>K7}Nmw&fJ;#KoofNOf!GtbSmSUoudgtdlTAP7e-kG>9h
zB|r8!_DHK>?)1xfudI~^!I;+9Opm|Xy~5oE2aa1~IpvGeHRHc}v74ne+f~V}x2lOE
zm2u6QW7o~3@xxgCa5b5A-B5IBu<m3<9#nE>=0);rnlPq|O1E~!i{WZ*H!B$8Qk)xl
zJ<?s^#s{iA3Sx105-TFpGj9$_%AInJP#42IgZl9g?f*?-8wjx`4x>SD+nAENZ{C}d
z2m$7z#5$(}o|&rRvdVr4B)xyDD&8g0z64(c9Dvx*0CvBLNVoO#+ioA_`cvx-KFhYh
zJiyu1(cBrR8d>Z3m8HIL&pmYgriMc|rz5Bk$ie`{B-`yxRHzIW7FTMb15hwJvTIE`
zwzKWdn0ztrw?yuOe!5H`prq?EDQdH9xcgPv^Wt^0=$O>?!t?`uqjtuaoT&UVbYT&F
zO|&jhqw<S^I@_mT*A3JG|7QY<rwCB5@M4Hl!)Z~A0h-$ZKLjfz20w4Ck9SPA8vZ1h
z!r$K#qhkxq;0}ZrqaiFPrwIqm^O#I`h~wl@UGJe&FTsh^fvg;9p4pX=vWPYdvLqqq
z`MzH_!+xUv^F~MrAs~t$KN+4!<V9FTcR9S?Ec$8xHQL=EBIBjnTGSpi`V4?K9iDL_
zxjp~o2jkF1XY_NXGe!sVO3h4~XK7uazi7qdclqIl_+|+anDyWcU{+$7?9iH-;ok~(
zV8{8axPrS9%O7-)6`2|YSw9pEwi#>`4E7yAoh+aCL0SSM=*iCz){6Q+dP%x{kK;*y
zqA0#(2a<b;IU&aIiW4R>w(`#BtA9@BMvy-aXieUt5U<E@##Dg#%?`Co6Wb~tO({Fk
z`!Jk~q*R{$RitC$tzJ>vYEkDe{`cvl_KVPh5)$akUA#B$*QI=$8L^(POB^dx>4Qj_
z^mG<HtEUky7MNd6nwYi_n4QXPBoVMcqKI?{AHZ6Ru7se|@n-JP8-jX?rq>-lznH31
z@jkN88GyFwG@Hx`O!LIJ8+BiaS$j6>=r>%rex8ARp^-R`j(+&A)T*}@+Arutc~oLe
z4j403Jv@ORz^&=x3Nwq3yle{in8Dgfr<D8Sp?M+@14E}2t8P81Qut#)N#$<L8Q{KB
z-eErqg!eM*3Ke7^LVr;1P8JT6TYEk2IB#~##U2;KB?z8m9yg3mvAs1tI{TC3z(p<T
zgZoknH>ZuC46lk~h9hn66ZpEBi9(T|<UN_lyoiZPIZuwRf)|U!Mf7b^6FA34x1_uG
zV>J2_mdOpT5<n`2W!UJIfgq^_C)n{$U`sq{*(@jN%^Bd*M9R}HdP9$EUah5lhtuoM
zWrsmWN<NjhFf#@P_pzczCU*+lMq@MPUFWizE0}-rU59oAwyC*29ITl7AoqM;tv7FH
zc7HGH3}Cs^rUv;9MFfPYuoV*XdMHW+NOTVPlg^B;i_eu>_s<utzrXsN;&6+{o@EDg
z5uBg`b!S=~ueDMl_IJIuM+S$?Z~g(zMjo0HgbGMZlmUv`xQe@<&nnUJ5J_OWnC_yN
zC-Ld_>lBQrp<4GvvpT@mKouv%3dF2WpQ@oY`U0MPRd+o%dd*$=3?NfKfbGK{M>s@w
z8&l0DttMV(IdjHxW4ZB~>tf%|uF58gkGn;efOj1O=k+u#<OD3sDbzP*7YKGw4)nc2
z=i7pnlrH%8_<_z#a`f;qde$;Bvj+y%3eEbFudSMj#tyvk*?akZ*aswS9dhG)>)VR?
z!-~L!FoDL~`b*;Lpx@k`(Mx9lh7I;Qisfw2?dNxOUN*i;%J#}MTflG2a+tAku@#Fv
zPPHtVKk?2_JkZ^OfKWGH@LsM2m)`iK=la}5NuaU<E|-}x?L4Zt)~buma{GbrFLtT$
zC0HOG2V=1)?;Z_^I*+Wq*B-+L<TBNTvTWnmFD<D1ih+ML81(E{FP&~3*V*dnil1!!
za$T_Yod(_NQm9LLLz^Xu$HO2Tsch?lbgRuRINpNXPjUJkb3x$yScx9hCKJOe<|X--
zLN(FSL@CV}^1Vt;JGk!ByrFx}%*=++_a?tBjT@JPx8!kc=c)V5tn-7iZ&NCq#SdAT
zoW`W{nmEq@eqml`fb(SWJu@Weatjb^mEcq6e8?5vt<5Hoerw<x&pVi2kdYreBHg0~
zZC5mloY63r2;hQ9u703_r6hap!(&lkP*+1)Biiof5R(C!)qu=-!eoV2ytahZHA0Q2
z?TICXtM7U)xb>~Ws?;t~=TSiBCA>fOajQ?~`LbSO-piFl*`)&wOqCIZ4<qox-Qap>
z$X)z)(J!_Lip(a=WC%@+BHzH%cWuUBQWuaRMt5_S`MdSM6S}{pa0XDB@Vp`%|GGu@
zj%&aIcf(jfRXDaj!Q=cgj{bs_S4=u_F5ul)YyBhF3DNqI-9hP7L5lDn3(rwSrNZSZ
z<3AHIL6t$?X$8kqOYwigd7i#YjxgoC;46n9a^z7ap{#Ap;0%(YI_L(<cGf~_Kg%5D
zF%YyJJ4ee;fWNGvYBNNBMie_V4O;uOpx#LPjWRwux}_5)bGhouJjzhD4C_UqTa_D2
z<zTraNbY-nD$vfle;K~cl4klQPMY3ON_%s<k1ga-Pv#8J>(R_toou#>de^?xd^9p+
zS=WqiXIdzKYx`8%er(2rERoZAxY`QufZ;8m5pB2PfH+Cv?sT2I++Xj+ZO8+6`0e9E
z+rvX3%AMPSU9R{cw-z1;qA>Ia>2*8O<7$sH!8HSCC=-bl$RomR3~YdCzS%XZ@yFUI
zZIJ`=9!uoY#^GD@oW_nyb6X!jA~>dDK86g+8jc;@IN3%tXr=8Lx?u@l^^`B-qVpa=
zG12j>2}jeAz%;ul1$q{SGE!1ZyU-wmNN&sCIQ8@Ge=cy;8Q>bU!?R6x4l=eNf{(2x
zI_Zyvs20DNMb&6au5~B&C9EuH2v+e8#<on2ziGdSt=Xu~d*`L6&@Ss1JZn#qT_)DV
zR8x4n%Jp6i_U+)yS|vkgw&Q;@h!eW0x0;`t8o0TKh3NKZgv>Nk(Sxq8^BY^1dDc@`
z+@<@S&!;D_z2^)-6nDbOo+65!9}Gtq;s;k^25Ea*<I>#SB=qvbXg)~BJ&3q<z;-ZB
z<{Qd_mW`Ka%Pb7(Hrq^9NBcMKB2-@Wn)2GZjFpMBN_|Ugg*(nAwl=v!HcdSmv66gU
zG!!Ar%8a5V`_sae+o;ohb?5_#%xPVl1Q;nwS3`J=oML%;(Kpn?8T&FQtn`Q7%y){C
zOEw?TZwYo`<LIWMwf0fZiT+`2YMMdyMLSuotM<uN7T0T^Df7JV2{OVbrn0|@coi4J
zGpqf}-MMmmR?B4~+X2WShCv$^TD?mizvi*0wXs#6=)O7f;*>~$k*{+s#lMxxe{W1I
zSZeUNtpv^;&ud6vZbF(<QdS`MsU|%S8HQYj_16;=N-%UtpF$Ve2Ww-#?`R?CUywcU
zJ>PyzNG{I+R}!h_f7`f{qP$*mlN1WHY_S<+%W(J1QGy%BN45xRQO*E78)_rTK#>yJ
zz6y*mhlyFvTjQxf4QOVj0m%UiCn}Yp+Y-Y=fJ@LDZbnWNo8|hdn0Q+*4f42ID!87)
zBu@|=myvppAAVBfctIfTBr}bh`E}_Xr#&`;Qx}|v7>}VRvp()luaAT<&1_6@DMq75
zD?Qi7-Y=@V9@e}-^nT$%@;f};g}k`?6P|5kLg?9DRpoeEGfX~eS<pP)75~-S0R6Dh
zm;dU0iQ*-tg$ak?*ZZ|5B-P-|`%_oF+(kw+3CSg;35JMujlpe%hu-{T<R9iJ;8M#X
zpZvGg$<0nK5f7OC$Pw-&aOezB;l0QQd<~pw?zqV?7Gi**>JM&L|JCxO04G%27%`*p
z^McgxyFaz7KQqZ(Jc55vd72HZi}Z1|l*|lqK-bCGskV6>>`UXiNaElm!_!EpBb3ke
zrb1KWUWjb49XRTPu3V8p>XXlP+Jx&Re6|<FX950><}vM(@W`U~{rr3`Qf9*!h4x3(
z_v)xP|J7>MYXuzACDVlwquPzmH0rCjp1Y)<_Y0~ovJ!B7(+?XTyC6g)%Dc1}VCFra
zH}7(BTg~emCSu$i9hBaT-c#Y>Isd@63I2{f8WSI0KSLWCt<q}A>fS`T<Rg9^xvF&k
z`1`}PMtE9f+huc`AEw(R)0Uqd*Is-s!n5tex2~Yo@z8KTMk}bKJLYro4Z-g(zV{9*
z4T<l713070qGB1wuix&MG~PbFZ>SYicnFln#z-+mn5mdteo`baBA0p1%ycSUPj{=<
zMc8MdkT8T;0y~V$O*Vncv9gXx0=CgM4|pezvs&pm+z&_xU8(@F6ipb;J|mcQi>%hK
z<W9U^*bqFlMWZ%f3@}`q`6rLY=Z#wJ<O`5wXq=)*CziKL4l6%nU`Rd$^7PegX`H`i
z?lNAamKd(}XmUF>9<P>%Pa|{iBOy1Y_^YN0@g5}#zi{q;tmf7a4*4(BsUC72E}nyS
zxYzQU{Bp~_Jbvp_r0jay$UGI~n>v)v0Pi4d$7NXQ2pc{^#m~lx+TbgXFjUmmz3TX!
z>7U^uRnexYE?q?neAO5Z>&`F6t{e+w-+Od!xUWy?#0-gTkw(v%%;Brzo#;g<mx?Ku
zPw6EI8K2&G6_#K(bdFP=cIF-{?#QqB4*!N-pl)`C6eeN^xe+lt$n?y2yxcxk>kJS`
zBfaW2L1raA2D4&RtZIQbzyU^o7`mXGe#50}Z^-J9%U~Mx0qR3;B4>y?=88$P{K}6c
zo<nYEwrhPv5~|KdC_!F%=gOQ*^Y2c=?9cjh-u~~yIFyjOAs)&<1}ck42-oD<KgW(~
zl*BUt>%K(&I(Md#w|S|rD^k@=^}fz1c@wX>|0qu2pT5W9m%|=#S&|t?&H!$}PmA;|
zx~Cbr@EE%)_wuwLy>h#HN7Vq0?ehu5sqYq4eViadA#B0osy^L2cjm%=L0w&3`~^EW
z>C7Xxu_ZSr2n}Zd8Xqo~e#Va<5-AQMkVMd@6FRf~kNssznjG&-I0XH+Rv6lXg*l<i
z_15vz+Twe5KNj)Uq(3-GD{K5>q^IdW_XIeqU2uvJ_UCgXADgMAVWLEP7wD=c-(hMJ
zMpy95m4O6JKQ7o&LbYbwVrLtW7aed7jQ~5zFEGiFS=*OF>p)n=i?+33gzjMp=VL;m
z0a+g|0_VfW<M!}SB%H?|qCAq5YIq(6wi&5eCrudG<m7;BbO=w>9KV*hoWz6%Sk4Lb
zAD74zhyz8uAN+epvVa72)ZSClR=Y}n)n*3G$8eL=UL+{Vks8z61aACWQ9avNthFPE
z39M*3e%sik{B>bNjMA~r9ofqydowJm6Hb&GM(%v12u`#R(7__L?Vo20KbtDP7Pn_l
z_)>Ypry&4diMC-F0KXf285lY%JTNm+I8hFB4DsafnzZWj#TwmPtxa-E0X-QFMoi=#
zx<-+`@WW*Gox>R7G<+5e?F`}zLsq@1G?3gsauJweyrwc;clq3}sm~#gsPNJZ8OfGT
z!NEg<Lvw4TOweQdL<#$tBSX`><lyv^7~uQk?#%~mVumrP6+Q~10X5apBh$0)@fkhf
zjwHj}vPW4K>VIHjS_rqYMoE(ioX=5R)xpk32p_(32dC?!Ip!a_gRns{EmmU0j|T`-
zxNrhLvMv#Yk^Tg^+k*HEIgmm$k`tA;t<g`(;^K#yqb>4yAhPa62Ry23>moO+OiBn~
zwCa65byc9RUH0mRsrv1Ae*(|9ih^|`yG+7)y7+ErYayJKEfrdqmlNkb-S$-)h=`9p
z23aA^=R}c`!hvNAW{BL}*=by`A23wKj2f)oCNeKI=EspR@b@7<dzn(FI@goqzJ09c
zA(<r;rzngWBp^|5`>DHMMKH+uL@g^{XQh3lU>fx92*}eS>we@XvNDU>PJkUV<Ut7-
z<ONB(B)Ij->l!icKYHSmIp{OM#ZhQ0vMIjSfrF^7MG;N{bxYkXZTETi7jSh5Nl|3x
znRs4k2U3l84CWL;;UkurdU#JAJvT4jza^TSaL^Oz84FyZViqUJ>L=Cz2tc<gXpj;Y
z7X}0BH;Va(PY*ymWFrDJs>S3CZ~;d&!RRtC;leByK^y)-apkFZlruopEi8|A=V;zK
zE*xL^tnCF-K5a)S_U^g_Nv1;ADn>rXcc=$(@-gEJoV9)NCPG+IP1i*Il$oPZuEU_p
zBD&CS9*al$w~ctU84P0Ti@1HnXNLCtw`)V0+vTZVnv^Gw5i>ox&}E39Oc5OWh}Gfc
z<gA_p6q-U-8{%g?58F<uo1|(kn1pIm8qtFT8W2|Q4{uo{Cw(rQi!IN;`mp21iCI^+
zFz~7b(#mp7Ze@sF$IW(tNj61t>}DHc-;B(LI@Fq^h9|=4olkJGU0?w7CzW&G#5Ea`
zy;Mwfc!s(YFC{*4xkNAU(<i&Aj5Dg^<-PH{zg4R59cIqxT_4ZTlJ7gts%UPS%ISaC
zf%Ume$Ilu&C@AgJw{vOSOREkhvuxI`XI5m?2e}>ca7s<-&x3;1X3V^nU)k65g+;+3
zd-_~uqW1&b2QJQ0NgQ^!DK*w|h$3DpQ4Y=`+3fP5xUrF>(#Y|Y{+=51{Oh%BB{srp
z4qoTk_^nw#uTq=(Q-vmFYFxXy_`CTD<p)vuN~NuH?(9{D4^FPQ-nCZ9r!Mny>(`Hq
zKIZ1I@s97*j9B(co`CA@c5Q%NukKEJ)^|<$z*M)E5|2_cn!UY8UgMlfCu+vwZTG<M
z(X{z9li4$!UAB+&oTsWKfAu0w=pOj}blqnT<HMVt0Y0VGbJw=B5l0_-+#T6`;MEwd
z7M^7#OsM2K7p?T;ut$crXVYxluKLBzduITI;fE=ghdP8{z7&TLt*HKW`S&G;nLB<W
z#>pH*;+jN0GcY5Cu>=#VXqJewjPD2<pCnqiA0fiW?e~7pY3j|2&#BN-Z>(~B9sC^}
z{Mh2VA)V0Jwr$Jf1Nv7q>*?eUf?_B13OL%7GSc>If3_L7^tIrvtO6ZfDEJ@`31xgu
zHp@kMx_bqF8{`(R82W-)u%QD8FqvgX{xa*qwn(7ow7pZ=)c2Q@^N64{ywe}*{lTO2
z!56E~dtVb5{Pd9v5EKhfciKXQwJ#L`>B#ml#ZR*uX-c~X;##+XN55#HmIqM!5H~!u
zTihYzF+t;9nFfkxtDf-FXZ@`YD9q*>-fuComQ!-dW>R|F<f7J&g9YTZ7joe%&Ljk|
zpj_LMAWs^;GFS`Qwo($*;@;c?h+_#0v<@}UEyTvdwhdXG?G@;!qhrs}#|nk{gk<Ll
zgRM0^!#%A%cn9CF12&@Q5_DD*gX)4`Q%ERmkE8Bvf!ZB@F6EBBQ=|^wh{eK7CsXis
z5Z(&@agh;G7Rqf&xYFA5OWheWA@@o;vq(wJ{+7p|pgK1UVS#?tcS?bq<&ya9!s>f+
zI$8f$^<ut)g{Ah57D4mgGEy9yNi(Thub-?)jlTNC_h8g0)w(Y3sohkIc<!9sTc@q`
zuZV<5?`tNnPi2Wy2(TiB@e01aTc2x#y-i>w;4@>ta}6?k89Cs!&$g?ya~Yh*SpL0I
zhg2y;zB5Z^uIne;p)Xq}B1P0DuICVY1&J^-0~@oY#o1uAV!TrvuOce_T)KWU?*MXQ
z7%gIClalW?`QWrZ>s6pzDDx3+)q-QsP(1`9D~Wu?Cnc8r?F`V$!8gdi^M(^i!+Y~J
z8`#(yEz-aH8lisO?9!iqk3ctD(Z|84Mi@t|#|Iy75SY7o>43}@&Q0n|aSQ0$F1c#t
zwL2a2nX%JJ)p6o~8r&l8eO(nqzj;xrWxb~?ZY}lc!1=gM1e3}BIQ(Q)IU^MpT)OjQ
z(QibpXam7UT*0&xr4^Bb+*S=E?sCI4gKsK7v2~~WA~huF@t?xhgc=s(KzLLAnWWC9
z)2T@EL%2Fxc|zSOVpt0iTUQ-ns^#Cvf5E#v^ucP|808klzwFeed|gBDP|pJ=Zk?Yy
ztG&6SCZ%@I-ly}_BSx%`%k^7%#)QyZqV8-X32KapzqY=>8x6@RwlFW0ZNm6{wA<)5
z+e2W6XS=W*(I)K(H8C(o-Lr+mJe3w0CKI*R66la`L8kfD;#UgZ)``{cwk%lrT-9Wj
zAV5<3__NcyoBgKi@?Bm{`E_G_oRW<`j_38Op<|P83w56U6Ddg(e**VIY*O#(lN4!1
zccq*Hi`RW?O#=el)JsStENnJ!X|c;KHPVupu~a7hVI_w$5v8R`K6lA;w51FM#ant#
zuXWsDA@*UdKd*@wtf#TMQ+;rmQVN26Iv3)M?}7EnyP2saIGh1K%WFg9PINTeCTC6C
zo;mrldl*xM+15w!JK>_rw)e<8wGPa^qJN`SMRpUjt`%~0OCE5rA@6VpNoC@_=sR1v
z=(+elw76BgfC924x6qztoSc!Tc(;BPgEIg<uj?KirJHC~WOXp(iHJ<|EPSNVNbU&%
zl5UXIr_=-~12CRE{7&bM5R)>ne`n|J1meow7xUUuQdH`SmEQXz_KK7S(?c9cwGx4K
z!}t@Sx>bh_t#g`7xy`%TylBy>GL0LSDZC1a{$=9x!cad!J}pbqmX{-0y=NT1@5S0P
zT39MH(<(AEG<lTaeGrSQ89!wp=#x46v2_i*q2VDMxn)kyb))GTAfyGKFrF-)K};gK
zQYM3@I>8ivR~s3EP{tBzT0wFld-Bjr$mf0aEnZ{XOQw4%Y7=<9cE0Y5xb%mCIWt0x
ztUQvpV<0L4@NXdwq<i2ZOeC3Qt%Gv6g-|;{^)lX-$^HDE;v%_R`_3-*?o&qY9)5rZ
z5Hio?GoNA7@7->T|7veHD9^s}h^sLBQ{%kCB+ja_E6HG>2K2h>YkomLy+FxOklbXo
zHcy4Xq26hnc+X<(PITLY&6N;q%nl1NY-pZQ!_V5#Dz-?e?>OcWUhkg%>DSva&JXG%
zt$ND*%3oOMTwBba&Q@>~xZ5Eta&hOk*-#>tif{Z_F<DeTPm&)RIc7NA`OW|14UxZl
zCg1dt($eexi2iyp4(=Mt5R{7)^PV#%TPlm|3%K*<VQEnQ1g<YPO?MkN<`3~f-jKL1
z({zCTl)Tz#smG<rk++)USvgl1>aRJ*MSEC-mJ~uND;Kt=k6wri4sQlKri^<}1C}$L
zF2uFE1)x32Y@QgpwDO(;7m6V9tDV=SnOiOOi5qe>aRHv^pxQ(49`&oy$xJJq7|X(k
zIY!&CoGEC6X)IVn=Px4+`?wOg@|rudxX&wT=6Q*jyXrw*{Mh653K|Nd7k1~uhC<!U
zVGde+H6tb3utvdfh~B!uf-V#fNx@~)P+jrG^`<=3Y1LB6WeG@NZH2DzjA}v(HMtVX
zKwc-n-pYY^pG23t_y;9+7WMC8uhgh|9sD4dUR2}xvx)vHM{?s1RTI*Py*YaC^5^Xv
zb1`%#t(#Pc;(W6$TCXBtH{H`Gy&e6OG*FL}66zR@tVWG{oRlEhIC}dRj$Jk&twdQ0
zLo5D$k5PGmWopH@W~Qd__pfix<}HX%s<4orlOGV{NWLI0q6g)LQ=iqc#Xn~NuaBOi
z?Q|iG_&O-v!p{m!Jgcj-PnFd6`%>n@`zPsIuL$#Lu>!k0Ey`+dcO7r5w!mCt!AmK(
zwT1%WF(@#1im_RjafxnQ_SPtwm8?JFy_j$6r<YgsF`R28sulOZ{aE@Fh%yh%y(q=s
z6mI`%^yzO03%wQKV}1A!5YYwr5q1I5z>g<GL{eu~0<^qxH{3l}>fW$nod73mO7ItB
zKxzh*P3_{J!x}d=k#Y8+^{|o&3ET1Wb+U-8b6!6VP^}@3z#ns=$}Lht*L04PbBLsV
zf*MKeM14tIB-Dr2P%1e1{-Yu^SZAf*=P)RW{FCTMg_z}uS?!2WCw2T#2~7eefv3i$
z=Ts@_&0sK;$`;oyGLs*Bvbv@-f0UbgwI^Sr9(wgeraI{i5E6BK*)u#uCt_-YyxAhi
z3E`jytwS`(Y?f|PO*cu@zvNQqf-a(;2(ve^5k~V7MPME6H&A>@Sa&s~7T|P(>}^@i
z_sIGY<;heT*b_Cw5o2dM>Q^CdY|2SDx_zG-gTGAz@y7Q0T)z3GiM5C#f;i6Gky*Ia
zw?`X7CzJ)k>&cKa<co8o_Vizh<VFGhb7_}219(D-62d+4Z`<n~5%}h=1R`WieXQv1
zL+_JU*-l2D?);Jdp^fvv8wNiP;os10oJglHMISnL_XGn5wkrH?4wq>T5foXMb|r+T
z?zPO-*Edz}I7w~hgNzPjqR2jkcrr&C)-1v=I#y^=7q8mgcU99zDobJ49O~!DppSkL
zk76c@OXGCWlD4`WHj@=(VIR3mcjLyMA`C}<zMDvV#B(~y%gwK(GBtAs=;j;3TEE&D
zO19r|8=Nn2t4+4@Z)(fZ{}dS$$oous@=s@ZUIC7_;83?wAfqlFR&SzjMqq-Wi7ox4
zP30TI%9TRqs8uSk)??adXR(UWkD)GPV?uY-{3F-hS@;U4!HY9Mw4`q{Y<hPJLsx~J
zUL8m1dSkV8lyd}n-;6v-d>XRb?Rox*z+EJdPx^i-_{sOo_<Kks&!D;`lVx-3c6n`3
zt8#WIA4m4RL5BuWU8I!Wp23KfJMTi7df6Yy834R_xIhHrM}3$Y39=ogti`?I2xprY
z(1voWeYhB5ip(B-7>Iv#C0jn}MUv9J^&t1|Wr!df)RF>`g2;kx`&THFwf_6@(&TW%
z3~XB*VH@$@xXniIkHj2&^&hxid}N5I)+|f>8a2}@-61O5{})$H&AJ@s{yVOo0g&zZ
zH*1}t><ju^AV%V%WdqHT?NfK$9lLF$#w+4&>NJ34p1=}qZW0IDAsINYI5VadU;H#Y
zM4m)T)|ylk3Xvr)+I<TVjPFUWj7IC@+*nFnY&Qb!74Ob|$$K6ky}c6X-EjXy@YGw~
z3L<7>l^Vu=pk^DaUqr-V_D(H^#or~~8>4HkZlmI>tr!{`USgC`rfib34X-t%f_i;L
z=wu|jd-n^_Wl5fA1mhBt&b&>syOW!ZZX<NIzHZoPU%Cg12YJS&FDHhEF<<zTkh#Tv
zV%67wAk+5)_9Ik0i;#wECRu^^(DJBmmk<zq8mua?yWBiRi^w!ss@|Ty!CdeC*{V=I
zgt1bc0I-sa_WL$dc}eYszG%$3Y_eJVA7G7Uw3-~WgHL|=sttGsB-;gLncTGfVRm}M
zWt;1I$8F6oAp<NidmXE-mobGFDMm#qLgsmaNXhXJ^7^?g$4NmJ2>0zb_Q`uHGX>^$
zvYG-pqJnxpBW12QCeze<t;MRJ;Hks!gd!C1s-`Cf&PmMZwhX!Tlfz`fF-wtYqq4`W
z1W6whdHBjLRMvQWKd{9xZR+UP+()Oq8oAp)#qtup-xrOx1wcQrABm_>mQ`3gO=6wN
z;Xy}RlKAb#4j{`8ZB)6}vs^<yDYCfean0g=vN+D0$3w=v$=D$x=5|17b}xJ-YUNMr
z322;5ioUBPvI348>Cw&~H>!!i0jbzp=D$)iy|0#w5870_f?v&W@hs*w+#O<z3a)Pg
zJAR4BNYL<Lr}ip_Bir%DJ2%1lFLaqu-5}Q5>594T&$`#sp1&>Pv2VidjNK^xUTjs;
zK>97b7!|Q1Q#Cb@scumd74ysC6da|p!oyuM1G|;i@;8i<v7&BZ-7%L|$WUyc1)ugG
z7~Yb~IGs-&QVlT1w~h|@Bjw#_oX4=7=TbhilbLN&aB5UWHVk9o>dtpqABIg=;16js
zEv?4g%(2jbWJFH3tG0lavV>9W39}m~ew8_w1MMxaSH35NX%-ldKzN<g9U}#^D%0$o
zm@a~Z*fbt#D4wT#9DD#zKoXt08tUes3EXM!>0|zjt}*pUCZP_4=z{ptl~ChxG4Y^Y
zpOALegRzc9ylMOg8=-8a9jSvs+Wd{FlRy!e>BrU}R2bBaF9OEm$l^><!p|=c$lO*e
z;mL<KEGw>q-m5VZwG`hY96gEJEhfc}Aj^to*|xV(Au;t>!%ct6gBn5vPL0&H=PY4%
zDUc@PBk{QL8O@Lvh$9ZKELz<7{Xopfvj8jCa;Uc`yC2iM&XP4&wzY|jbuI`-Q1R7M
z5K8h#?E_r`uaFrfuA$`IN3bvZpe%-FOS~v*LXa=yS}P)>tBM%5;&F~uC)ZWdO+X2$
zDEjgSPd3@M)sE@}gdxc0L|ODtKVGBmrg6)V^5QOIM5N)a)({QbW$Xr%>L#{|LW?cg
zQxOvT7sggP5MhBSq5N;;lW)q>D(yM9W}*!i$&#HQaS&p7Mq7OM2u(!=*o%hIYiq`%
zWa)CtHHw<q(AcM&q}}#7+Ti%N&?N+gmcUl)WQt#HENTv2t<L8D6Zva}nW7Bhi^CUv
zdUH~Gb0pwH?iqlw1VTUmGQ<@v@pz@=qi?}XzA$&7q6es(q!EQ5rl)e-PbpWx$Qyk`
z<g9M0UX`oD?yO9xMViy{#0G_(n1ycVQRn_MLy0XdfA4*oxO@K-pSr*l%C1@kMNc_;
zL@fuoZr?5!x@y(^RqrMIZTDCig%b%1dp$=jitJaVmPY<BMSTCs7``S=VZh<7Fv45M
zR5yc-5DxE3wFY+X+NguatdGsE^&FP@W}BUB6mbarXZtRFD^w$eNY#LLpV*IKzCu++
z1HmiRD`BKNzWsWC_7kU~_W9orMP`^e)$Dw>ly*RcM3CiOl$nXE-u2V0*+QK7UWX<j
z1!lj1T2&K$wPJMcp<#hufu>=vu~}@U&<Zr!Bh55*Z5URgA3@eFrc8qvuoEiJhi?{O
zP8D%3SCYLX8k?iNZx*@PzmG#UEzV9I-j7_;$N6BP%yZzf?({yWi%tkHY%Ax<_UP73
zLEHA0lga_+JLST{;49KAvUs|}tQZ*f%n#D)$xoKG=D=xU=b;!g94ob4!Digbp#8z%
z+|7_YpFppnKha1!wtr}To8j7j%awZ3__VB-dTjV4&w6MNFL>&1!`=OXENNFw3c3;w
z{lhIxOy7LCm27N1)s)(7F>~Sp21d7C2K)0~(-I8BVAT0t8k!QHW$t$<!JFD$VbiD|
z>>&Iz;Ph~h0THTxQ^cByS9Vac$;)MRuD2GcH(ID+%kA;-=dd<$4aG9xD|DQa7L*i@
z6rZN3bvhE&@q#glA#LZMQxmquDLZEXtKEXHZ?;)UR`dt1UWLgS{!uS_H7u1a&j891
zM%`afNmv`P@>0d?Da(uE-ce1hI8X7L@|X&lnXV4YrrFuq&UV|3k61=B{V$_$X}x$A
znd{dA{fmF_S?7_R2`@#_q3!{)%-^4C=y~nRi&<2xb$w|yoxiBG|LhE)eNt&<m;bGO
zWpPC)B*uQ>yp#u(U0IwIA#opGJk1MH#9L7=84-f@CNrM9!LNanNJ2lYG(RWl7u|of
z{8_<Pcz9QS*SzHe^T8(~&s0u`R4n!UF}Q;nMO*jX`WfJPf78<2o<JVqw6Pos6R@hQ
zu{$}p!n5TN+$EC*MvLgW=%s5fxGzwng8}kC?G_R_vAj_=i9gQE#-$u6;<yQQo82J1
zK6HBTN4=%whtw<I<`yev%0f#O;tjH|md<`>OO;573t)Z-k|sY6x6+N!$C%A97iv;#
zrCL!~9j8OL)9f?AmSNi&U<@&@;q|WI<KUa@c~Gi5+(gekbWq4G!EOV+8)NqkH+TV-
zS3=$T=|=XBVqU+j8gn02_J3D@wei)@oy>rBo3AA1s>V@2&CjWR>FO6wE}1j`^s;dw
za7UA%C#%q`AkdcV8Q_++6{UIb43L-JI>%k-exst%;rI!Wa%U=Hqjv{Pk<7+%kb`?E
zd(a23Gi@p!0EtJ?qxil2BnptdZNv}Ax~+yiH5#Em3D5mk|Dl8=GMvll-qW3&$h`k$
zeew)IAP5S;2z$I{pag5kBaqZGpQY8$?$6%mmTXh^PC;1R_J+90!R6E^aq=`0xLRgp
z(N}>C9;q1}AH^QX<<Stg{KuYU>xWIrcVRMe4ga9I$4w!P_-36+6<M~}hK3Pr_=k@t
z_ArOfEZH)7MO78=F{;3=22yC+{23s7lOpfU-}IB^C;wi#?YeQhBrKRWs!f_H7cP>&
zoz!HutN%D-oP4{a2Mu=Lw}u?)H->k~9l0Iu+|%&Re;Rxe_P`{sf;iRT&#q{B<sfUJ
zfam>Cy4KB}1ZYbv`%|@vS{Px4$o2RPa1$8*q8Mow9||m}UsAH$(9o*Q$~w@d*7k|(
zj9EY6g+-nLmZ(f1w;GFnVKlE>4_DNjDD(27Ag;9$yCXRauT(aJ6CYC;qY12?YW$H}
zQ?F}rjvLP1QAz7E8rq2(A+tU!agpyq3NN6jT*~!z)Q;`R)R0|+tN_v)b9a1s(Z(3I
zP)<#ZZdA9k$Znn2xe`@&9iCev1RtBvNPb;cFV^m}qaO*y+juf=DjH62W^<Zv<A!=8
zvPw0@k-^(h|HQO^g}=t@Q)z;wo#<Rpt?Nl@BtP`Z!F${ppe=8q;Uoc+*#0}!@o@8$
zeNpkFsW(4h;9|#IP`0WYJ1~4k9UdO{)$aO<Zj1M)>%WJ7J<aDiUGjOq(5A?{G|V(L
znJlP#2JrV>$xn{|RXv=~!TM^ebRt&02&E^jSBdvs$dU`#fb0-u4^xOx0s~u;1_2ha
zQ=cg&Np`yp+`f0^#LVq_nGBtVsp%i%WiCpnJ$@eJS|@9@Y575+O0!zW@zUKd)cB$~
zZ2E-jkBTTE9+TE(t*~CJ&!*4YQ`=Y*F|&*514^rSI5?hryUohUD^4w#I*&4Y-_x$8
zaR!K?ZeOGNzhv6;yZqyn={f4YXIM46iy+nr(*eL>5jaYpj*37=6lJiuK@B3wILW+j
zSFxpD%kxcC7xB`|>U&4S5X1qTe660sAW7vdeR|q%)lNyiX4U=vog;Nm)6u=qLS;uX
z*I@y&WAk;{2LvO~e>g@OgqOrth-hcB&FU^p={T{?o$7?QxcuB3uvWRk;CI_FuX@$M
z_0ZFdvyaM~Z|(mkSw@M#2lS`HqC~!(|Buq1*-jL%@9_Kxt63voH$$?wGg<gjeT3dX
zHmq*I$_pKinTpZC7j(-xDJwJ$KW-kJa+xjhkvYb&(jQe6sYuH;?%OO-rK@PvSTp7!
zU_URy`07HQvx@z3?C^JND<lIQ>fFU^ZBn9SbQs`~Q41fY<wKf=CI$0-Ar?fYJfo%6
zPI-{Rt0QP&qwpppg<{ZTZD|ElgAA&16BP1D4k6<4#)QWzL21$Zi->#$gYN3pZONZO
zSrv&)%3PaJPtfmGzIQ;xa4Z?<g@Ipl6Fn`E#QQ_5!&#ekYFtxE%~hFuQ`F^V4VI6@
zMdB-+XJ40KLhntS9JIva2Yo>ZzIZBu@d;F`A1kjLY~Zdz-c)=OxEnjTf>O?vzH!3@
z!2AkScLsPlTGD-GXs@uOxn#)5y-^$(*s9pniug^|c=6CQjY)HQhRwmmqVsB)fkA-H
zh9%C)ZM|`cB1OE1{_U$JkjfbS>3VD-W<yKHXY2x|ZR4~Q>cj`IfOgzH12_TMG|{Km
z!8yK4zQb~L>pevoK0;%h%GzH!Ke{*4^Q($uVLY1mer2qhT5sra+<-d~NtZIv96wTJ
zw04P?{#m2snzf&L_N6*>HR$7B^G%c>(+%BcM12G~opEmDZBG4bb~p87!KKy3bB1O~
zAr*aM8%Kzia`04CZND2ct?Q<zrzgW{lm~x|G@kFFUKmLD2ma@Ct(BQPK&XE_A+P6c
zQTPF3Za}T$Hs^iR&+!t+dKi=KftBwq?1=2C_(r39Tw>T6APt)Qb@yHp_+n!-<p^q?
zx8?bp|1cK6*x^YO)bGJ5Te?52Y|+B#Z)Mzezxha4Epvr2@t^6BFyPOrUfbQPz)9gH
zADeJ|le{NUSg$n&bS$bsUv&CdYBP+6ZTU?$Nbf_H$<jfILH%wNqHS*)d%4dK`yofZ
z;DL*HV14i@N|tc`)V?}G&R=Xu2XJxdf!X+CttWC8&I0XFrLOYu`FZEMYvu~?eIWI&
z6^F$$sv6)&Wgb6F&8s!;&#BUev=f-v+!Z*1pFqxPU-?d5kN9FGVbk!#;4?s#Ht7tY
zH|58Pq)X+O?+o^XSk$$e+(#VAeXUfFFN^HE7x%ti?iwU6pOwt5IlOSMDh#Dt{}eYv
zH}_~IlE2Msu^`B4OAWcEHF5Ki#iYx1)<1$Tfwy}Ci@H6ese9$-SBl>{^!qURouB8)
zjv^(__2`YqbggaOO4<r5mKbfrT_)U$CDsMkf(Sdpq(Sm}wO3H>AL_GFRK!{U4khXn
z$(AJbak72`DgHqJ3Eu{L^uPLRMO%4lA06sBt{FZBj@lJjodHl(poO9a{H!7Be#e(W
znm>oSc=BI+_>=x!l-2M7G*;HIH3Ipob`-^s2^i|ofO2KqCwkhJAPrqKeU$&V@HK@%
z2NPf@3w0dmf1B$d0MkRb1F>WH^1Q85YvgciT*1d4^tfH1y0CB7=&^9l;0EOCI0oOM
za3a+nTr}5-P7g+q0>0$kHxy7keaI^|GD&t@YG&lFpgS4bF^qe-rYjI{`?GyPBU*sZ
zbw;1KOTKdZ3=q%PS!!%2j%tIA&f>*xoFpW=3p<4xwhw8K?oa7OI#H_<h$2Ab@CT#y
zT$Ck2Be$O6@v&lWu%`!@)bF#o88@*>x%xLuCO^T)e?*V^%}Od;G^O9WlYjCoAu&Gz
zrZ9JGm$NiAn8ru=(;oi7i}bq<vG-;Ba__w~aE$zY#i<nGqcULkNjbdx83~ZsWn0=K
z{-;!{Z2!n{g<G<s4?ag4Lobp!GCEHN$LoUDB21N=eX3s-xhC`xvPrq0`KiTGvns6A
zJ=Th-jQNv><7z9&`MKB?`jQ0QDL$%H%Qstw9}0eLZ8`&}*AHUYGC%&1J%2agW>LIl
zPdwT`!3}L!Xx^ii<jIq(t{_``O_Ux8=2<%WTNEwZg*Yg<WCWehICc@_-<POar|te7
zEQYW%a3PFEkCnCXDi-PTp1_)^bzKDzKJue*`;itWbTe*^AsWi{Q=b&`7?Lv6BR23Z
zAtj}W?LJ*Q%tA#GoL&(#c`})ErQBdEaXRdo5O6_isSXm+#LN(4M=Zck={C8u_86hO
z+@)Tl>slJB<NJrXzgoO~sr&({sZE@NzO9;AB6yA(v}4)Z_mlpXBHx|Qi|gpYl?zR7
z&uU8slKriR7y85rV;xlf<O~qEz%c$AXFnk@DcKUcBROg{cjr6hytzb7=-y&Qs2jBu
zq=I?{qro+Ya|F+ilJfml7sg&o(5|$MOlP>H>MQp<e+_^&PZb98Os$b0qSd^TU%A@3
zX<sX%^&bmBj869i01eTeT;3{s9QrhmvYr|jZ#5=cwq{Hqz3V%1!Kw;slhmMgkM&^b
z|0AkBUssdg1$RF3S3H-#aL5t%yy!xisL}g<c`_0*4r8Q<L53IW%;Hq;qpiO9!f0KB
z<_|Mm<OjT741HEtzL>JtI}psYeXJ^e5&~ZxrZ4~r8QmOwctbueXTjI6Mh+x{O&TOV
zeU0w&C)j1bzgX0!r7C_f%plfd*8K=!`T6}Jw97-XcibS#{WVNhw@fZOmM;N}&@k*m
zuV|z^NNUv;Q`hn?^-fOL*A(na*IP%F+EcTKI*Z{=i}ApvoNQYBb^)gBom1Jv;_gmH
zrC%QIYAcWJ?hBen(D0|Qt-{!$4#Ch5P}YMThIw#Ox8)R>|EStLa97WrjEm%s5><wL
zRXTthQrAC-7)I)B$3F*NTKGLMIh8tj@?KqR3HPdS?z4u*0}S=4MjL`g6*kLb(|lqF
zGF!4?$Q@nwm2NFtW4Xqc6R3R}K>vBPBzwxwC`(?CVKlk$xUmS{vXH8;ak2$@7>5xX
zCqkJ@<Qb|<6u}yIUzFZ$Ix?KZxu)q3-z6+|z^}}@RMlAYdWow6p<V(R5voJt`}9;=
zfuu}i?5Kw_B5=YFM{K94MLd_yV-1bf?BUDPR+?9RZ6AGp`?44i<9DZxj~L6-{_;bO
zhc)VRLq|{W5w7uE8n)ZRK1~uGOVfV($lYZUO%@x*k9Lj4@LwEv7bzIbH`JS)Za$b@
z)#LkE<&B;*>>f|i(lf?nBzZjOt%HY-B2sFh{2dT}i^on&ZYdErat$PS?$FX4^{$(>
zyb?}AAK%EWdGi*A9uCSQu=0022uqc$1K&%^gd9HjMd(SN1HaHB8`Sy4x5y}+QoRl6
z%;xSHV7Li-Vq&zCC%*KZyhE`Wr+TO^e2&hGwE+=iaq9i>3?KilGUK^>aQ94GvE*eh
z%mtF_vdmKf+kcSLtT*Uk-BUju4_VFtk{tN^a2*1VHuRNrSi2axsr{1|N`GP6Ec0B{
zUIS1%f}7FQcL5<bp41Kr;8m%(9u(sCRi7<7k0Dyyw?y5l{!VK1W*{&D6{6n8ajlE1
zMn;T%HjFORZ4*WmO+!Y<NAHp4sTP)N-oqD3X3Lp>?DLw_LqPVoKulcEcawmn%Wod4
z4u+%=#MrJ}fOS(j>Q_{lgy#a?73K-jo$ZIW!JY)F<7UqmA$v}fCHq&FUjVH_OV+n`
zA-|XR4&IP~A7kkq6m@~}fxv-dILdUyN`;X}(xX!rsi`*)<T{f6Js6AXG<Qr|P5mck
zAULrFhHQ~WwYXJ7r{pOn+psE6aza1!i2n@mOZ<;aFSIi+YBm-0K1_`-I*n{Mqz?f@
zR0a+{La~#;&I~?|3cW~*sx4WRl>)SE>u(<*gW3nI+7Cc@v7ngTQ_(c&26V~f&gsO7
z@&1$jCkjx1ZIc_VWRY4@VyKHI8A4&xFVQcaO&J(Db&<wi{<dU)vvw19kZ|gfj#ySu
zAQh%68Gk>Q6&6F0SLsvmwEb2fD#&Y*hUEh|x5>B#BCMrQ&(nWFR<`dj+4Zh*mO?~{
z)<v6jlWNaqA`%W+leru^5KK%;FIzR)YJeYokL_maCtnY~1$@;K-YfHgqToy7H-g1r
zSF(=kH~ckOVsd_F7I542F7%P6RUc$7er%C0&#+?N^1M1+n9sL4xq2@6@E!8L&u7ib
z;K@WH3YC3seE*oN80@|$%3%g{OGVlPw~j4-s-+Ytk^|wt45>*XR5gXoDCbfUN6j&X
zX%o+IKm4h-OtpvNWUp#aqqx>=!QxU7b9nnwK8Tyb0ghWhPMH(bay$iGb-UB9E?O3;
zR7$D6)U2-vTI>2-ZkHBU+Zq(gXFlrN>bg75tT;F(Tqkyqx@1W#ONa0;+mXY3r185w
z8!*@7%zz8a;6bk&mhP>KV){F=FwAgee~1?5@&&^#+YMyDI!<7M)G(Y46i7HZhaaOb
zb}YfzI%0LY#x(ELq1<H+BXGt?eRW8qOgt5kIjMlGNmRrT#|8*&ld)6-=~sP(G(SAG
zcq~j&1$|buVHuO>m3=<8T7_^^{`CZ3{>t>lu1}25j<FPkcO94Sf}hD4R8Unt(x_9E
z_H6K-nbk87=Au3c6gH;{A{t~Vo=&&-X@kC=+_c*NfO(;;U5hmU;l|7m^{w}fCQsZw
z+BA27?<p!oVa$blZPA!vrVX2bIdf@@3p1Hsxm|mctzJs=);@nLR4uRT<b&FsMDRgb
zhnv7dyIN<gZ|qyrY}C$um8JCc7CzELvJKHKZ>B8?vzZgf(;;XT`e=3NdVHfn<E|#p
zOBx)AI}Xpb^S*~%z}#%!ep*W+!`JU|IK*{Srgu_P%Sr`BMBM7|g0?te^Dpz=6yiY)
zl_az^QKrWBXQ3*CJ}#cX>>TfoM_VEBkcJ(QCp93Jgt|*#qs#!A$d5~jQ47d>1#?yv
znTLm~G(J34H7jXe9XC)O5$!4%ea5|zv`Z@fLeEo_X0|04%^dQgHijn}G?ACnK6<_R
zfxc}hFC6S6GW&E-9^9vWXyv&as!J`9TBG0SP{02C+<z3%2O!>yxr2|JeD}0oGDIEU
z2Nb7VbC+4P7+-DzukbnV6}+1fg!CnJYLgPhkAm9Ss07TKbd2Ru7c`E->V8w1_fxLL
z?7&`$ZHZTa?<Ja?TgZm>@dNlT6~)RD$0R>7DvO*sm&u!-Xx6l+D+GaJG;W%B7b8=Y
zj7xB$#mL+i?&L;Gh^|8X5R84DqR^Vi*s9ahBeiWGE0j2cRQkCDc(|6W%y3deVOSw?
zcj5C6Tie<^*}!4Di%9m*Zj5f6>{Zh=*ECm3E^LF6?qkPz%myeA8os*At?PJ%Y+u<1
z;6~fhs23t3<OzW}o?6KcXVom*Fa$l$`y#Pr`hu_K@gX?F_ANd4C)Hzl(vUcRk(t`J
zjO3DHV{fC(WooGQsjWh>^ck6%5oVm%HL;b)5a&Do;`T*B!XjEH*Ts28&1{mw2o7;k
zWPU>}sC@o;Y(blRDhqN0Gah;np%u`MD^yO5^v_8CR0t3gs$1JA=q(sOls@k$^0h0h
z_-)uF9+o(_<waKYd%rx|96XagbMQd?HtGqS?JuF>(3a1%1kH~@e1{UilQTe;1StaV
z$@xBxE7_&pg?%Qf*}%|4YO=|{rX7-p-WEibvn%|KYFm>N_4Imsdql+-1{M80=9%TI
zM#}fm(ZM?Az|BnU_MfJFT`!=W4OMeF$&d8Lel5Z96@QXZL1nF9EiQHOd6~m5<4pI^
zv9<0C=g(2r=iD|0FVrv?gw=0voB`I2<Kv1HCF*JmcSwCy!e<ttUj<x>X|JUcV@^;S
z$gi8X2*QVvzsEGjYIrk)R|e7?*=D@y7gHW2^n^5qmOS<fmW#fFOVoJvbLi5bKdkzh
z*neT{J%E~8+pb}(SV2^z6P2bQAWb?sid2P2??k185PBy$%8@D{U1<^NQX*Yyq<4@S
z2|d(M6KY7~-=61v|M};iXTJGnm|;Ugve~)!Rn}V9y217c>{aa|AbaUX$@3s^uyY=-
zo<tG-9mL-&xyf?eI{v18@vzFN6F@?LW)1~KRdS5|oOjm|GkxOf*Z55f7)+fP?gYj7
zuyXP}@O)&|nsKIkAC=cAN*vq+LL))b71T12gFi|`L^Qg7!}dsj8<0M&=;Cyy(~qIV
z{I%5Dk8PI~09JfbL4vEpj_p;MZ8A*Ce%Df6(tqaA3$}o=S##47_u%RSW2wuKYjvqr
z(Y0wGuvG1ZU>{4d%WMWr$I!|IbfP<iprqJdZ&!o-BH87_50=CBxA9YUgY4^(zdK^O
z;$(b2rm$Qu%4+LVjq6V&VdRNibY)S*9Jse${C6c?g9f9WFwnjxZ+6Y}uXQSjplNrX
z9|!mDc1swfP-}sS!>@69uTL1vWHDqzgV@((!*bejGkWARSjA+dc^0?|R&lL4=!4&B
z)~X@Gicr!K)mbZ0b|j}7H%Ba@@YCYINd%GfeC45~a)_>@1uegEm1?LH^VS`h`fFHg
z_+N)_HM^%~Gkxeqg;3HVXnVxswgn&9lrSD1wST^RY;$X;WJ%u9{zbRulE;=Af>2y#
zrX=*}vx{^6bIF$%rB4|419Do<vidA}m&MM}l`+KJsuKo1(pWExYfWQplz;C&=7Hdd
z?qPH4j%%5h@$C7AQKdVgS;=MVHAjsX%60@~^CV)wtum_o-q6SP0owK}BwI@-a&k&h
z>63M%{121r?g6(uwG8kR^_TT1DJKkp3BcP}5Q~!88}jfpQS=!oYOHA`scB<9d2R?-
zo8X8KR;2g@JCn3>f6q*Azy%vW=Uo=4j{WAA6OHQcb3a{iNOi$b0Z!&z11Xb0K7xd|
zOPH_61T&|yPQ;p}vv-R-yEg?z9j`I(Gq*;Dx!O=ges;OTbv~dc0JwNI)jfv3pGbui
z^-}*DBwT&)NHF(0Omi%=v1w9X143AD-rGi>L9_%)o5^_PlM-7Gzt7$c^DZAh-7nRx
z^86c<@{tKJxJth?M+ooeM!#vCkd}oVQ_7wA!0Hj`jVNkf;`3V0-kFdrP*ugI<grcv
zZQmIT?|8H;p-ruPwEEdI5y<Aj7<*%dd0muM`%=Ysc>|<2sUHy<EFUqEDQ|$@9iZ#4
zK;w^&p>b5bFfF5!Z>~T$doaP2KAOLE0QOe8K{2JukRo}v__}zxez<{skBY7!kJ^%9
zBMloC-LNlacT(hY+*EVU8<3*t!S;mYu}2DlW-e)Y-^}aw{OYHxN61o|>~V!1-f%Wj
zB$07}w*AE$a$~^Zipz>=8%%nl#Da(4Hl#6YAutdF%t)Qf-zNCyH|E_0I8h8e0Unw{
z6BHJe_^sJDcq7UBkYvXp4vur3q|B+oCH+D4OMb+?pT1;E*HTO8S&zFON*`x6-h|BB
znsI|{vPAGmk`OQi0O|r)!?x}zflAHr=*eQ9F+Z^y!C4EZFLCad{64mjSI@rWe%*XS
zkq|21=RPjsnJNDy&C}OaQNS-JYGT#_->A5lqL%*J>1DQVuCQT3RDHBbVnxG;nPhTR
z8T>6^OL444k^666B_<0fDt8btjADI?hLT3G21|vzu0~ZARx2BATk#ubaa^sF5ZRx)
z{+IT?ywC*NvzUmYGa*RmGO7eAdcJPoanp3lu{@H~NA#Z`P5!^%PKR>7^f-#MJ{NKn
z&N}{JvOZbpLXbkNF4KtK2g|BG9id$n#`Y+tvKKkJ8N!B#Nn?C^)=c_oF~~$6)aT=z
z#b^lkoM}jdA<=hg@<~aB#cvIcGwj{UQv0k2sZ`eRL;2{1+O92-C5&|g^TL1h@%QFi
z@wiz<i16U-b=J3vZLFdhVi);%Hde%WArEGG%j2hl<Oa7hwuT^`&FMf6jiRa(*<uln
zHI?HsLXDNf-XUUK7naVrep5ld+5E=9W10}S2W@)2tKj3+FWH!P?ozC_S4O(=`_lfI
zYNrM>r(N)wmeuNew(OaF7xzX#1OQpoL6Lgj$#$d(i|#*mFeHgA>=o!@L_)l(FU}}0
zq2k(P4&yctC^A$PqBxa>(R@NioOx|`eU^(Db1;#xCvV1=qFJi1t~SV>^y0!xe-8GJ
z;5<~9#IW1<^{zgpbDaqD{VicWS?Z0hR=$3BHr)9VcV?QL8IWkG1Kf|>{N-Oi{NAP?
zBfE8XO3%c}s%p!nz{Qz-z{H7r<J|UoHL6%RdQyvjX*0b-M<~erXxMu#U=aD$3_pl=
zsI0DCrJJ=EQ{TU$N*KY;s+VM^_NU+82RAy;MLstf4&H2e+bx7QMPA;T*!a1{aV90>
z%v$gw)I!+9>^*yn#dOi}h{~f(t!JX8_iJcmbLuyw6{6*)3fK|MpadnN+h^}u%xzMj
z=Q);QM<jQ@Q*8AX0@xMv9{2Es6t9BV{NG_LiS|VySCDm$jcNWz@o1NZhuuS#oa^A%
z={|7_b6cl4E=>hrVvEOcmd1E!XKS2cT_CJLFWAfVJENti?^4Vk8dE2Ch$=Sn%by<H
zuwJ^k)G%w{va8umgy$A#Kj(`NeZ=;60LPNa@Z2f7!mK|V{o-RBim5EFVEvZ$9pdWY
zn*sNdk*BBv#m_g+zG`7OgKhRBz7dfP-<CyOm{zG?M>3~_2s)IvCk#enVA>-sNaT0v
za-;A2<(Jcx2)_Go<RCmImsM|=Fdf@%uAmBR{cGxSvG`_CdS7*diaO6HH=$a1awX;N
zt#sS~PV?CVC*GeycHGD@=H5y;fM<3Kg2)@RtB&+;M!MKxHhl?7K3lyB_LItHUqhWR
z)Mz1PqZ%ueESHOyfGXu{Tp^HA;yxoTg?UhZtUIC?SD>w5ku*b}L*g`*Q<2ubgCP{Y
zIbj&9)|~;KG(<Ddk86DnXOW<%p|vfBcj40Ebg&6t7eHrB02799>(T4sR^r=Sc%7It
z=E7N7`^UiF){cBicwn6VIoaqjf8yWgbhcR34~>Pb)>6{w?`2{R8fA_B&b;~9+YsNy
z&0?m2Xx+Nh*LGwcl7fWgw<&z;n=A}7WUT+O1PUChA_``F2bx4$D)e|8y=c6DoZ@e`
zXy;>-Y$t!#IC$)v){m;Wp3GSPZ!8{1U(1k&sJZGv*b@>$@a@7>u`<|VA_bpRVq%gi
z>iycS%O$vg_fvt>t=R{^8s**b#gpsgcGZWUU7LGu)C48*$CY~fhJIG5szLffN@dkW
zU=aM9>s{lnby)L)Z#uNYdTXs5msVs=Tqp8<GiNM$&VqQhR!^a*V$>&6?7Xt?;OURb
zA{Z*bDx9kz6%%$bkRL?m)R3!-5fdT<Ja(Ql?m9)iG|diwem)v&bAEg{neq4lb(yC%
zKpk*WFl%dtxcmV4!$4pXZp<ztC}W<})KX1TWQ#NLS&vzr21KrM8~lel4BRKlm_7*B
zTd-2$iu|Z~9b>R7Xs3LsLvm@4J{|;p`$x@tG1#ISmWz>o1jA(w4aL#P5r7BHZpG^J
z+B7nDd27KXqH{c{^GcNRsr7UAQ&h#_Egv0y+-3HyZJ8GXUeZrXV*4MOauY(j0)Y-R
zv{5#q;k^)qDuqa@OP!Bv>I;VBGK97BeDwRaMxz_h{z0-X0kvL7j4hxVaO+$IQY>{5
z#ndBsYIn8%)`%CqKV2tK5c$o*`LIu>w4Lq6kKUe}Z^y&SxlQ%}y#0b&M{4+;>d}LN
z*W>d^5?N+yV+r@x3kI&pAMzCE64239r+LIRDMz|sT5Cu4m9J;`r9P{BK2u+B2t+Ws
zEK1Ct9uAx*>c=I0%_9|nx@nii$<K}BD2Lat&zWk!2t@emrD1Aiizv%#a1j!aPW6bC
zg^5V#fwEa={VKX;%8n1uZaaE*&i!q9*Iz-HU!d|61}ZBWC)A0?ramSJ7CYn(z<h#u
zV!t3NsVOnmk9?AOpjR_ajdCc9;G|&Zy-HX)a5wRT*K~CUwI)THxcw@&;fe92gO4jR
z*<s$_o_Hq2{z_;_h?<ac!#G*x!Nc)tH}#<L$lCwoU@SrjL2&;H&_M4#Rt9cNAjr-&
zs5MV?7J?+_;frWd>qCtBcAYTjxSOo0@B$JvHUKb190~C4oiJPjzyIfi0X0X7Dq03z
zh#kVFE~p0jr|N=_<yoDmZd~w3q+f_J_z44`gRw1B{mColDs=dhWKd9D1UONoD)jQR
zw^@IYXWuj&XU6g^^2~&9U0j@U-2ZLSL*)IMo@Ov8mV1c8L(25?G7MJ{uSAhv$Hf#`
z77PB|B2>-nhD%`d;$tM!&;fKs<ae`z7Xda8%yk#BfsPHDQK<*WDD$jhTS9epl9QmM
zI?kW!GKp|TM{wr9C)gZ@P(;k*z(3uf-ge*BOW|@Wb>+t~psg#)YC+b|VB4DOeV)M@
zhi-z=)z~=bPWv*|YAEagMPckYVfdo_EH7q`*#`L64Nn+`?du>+{wYW8^h?B>sUsTv
z@z{D)O8Q^C7M$gaQ<MRr`S(rZG3_69<6O8{UwD3q`vK|(wKm<ueI@GF>&_0K!I4>z
zG5hbsZI4h}`nwbNj>O-Gg9*Ar*O<vgw-`?t?x*_v#C=}S@g<9s1T`X;p5Z4R6UCpk
zWw$Wk{iZ!gCQ(-%^nO5RojCz3tSJ+ekU;;Uj&ZmMX>R$(%uof#crwRc-nKyH4&NC3
z_6J9x^Rv>}mDxgau9%)M*vC!ocnO~{bleXa1463#cC%uF{0`%Q!2a}+*!VUuj0g+g
zc0<?=O;%|*1c|3ESm{{2dDDTw`S=HvcwK2}^yRF2b%=zL{lI)VqCGj>Xx1l2vhOD5
z_IJ~FmOK#G+-$PQbA1W2QyksKjNF(4cpJB4eJ#xosBtu8g0~iCB&xRbA(9h8zK%oW
z?%vh-4d_#Pn-HBJ`@c^LGPCltkcv?+_3wjF&yt$O+l0Bn=1Eo~?wFM!-{?;u+6vu!
z61+%s8b)+AoG>)b{b3|&=9J|zDu)lqgI=^2N_(RBKi>^$Ng9)?t^j$7)8+?qRN)%X
z?8QZjyrq3vh+TyIT1=5!i9ykAJ(Ax%mf!%r5E&el0u{azemxdYr$2JogteHQg7+U(
zJg>GP{%V!?ED|b3xu`Xjp=!PTFbFSVnICTH8Tj1?w{OIrAls4>Np`Nnw`ctrM;c?K
zbso7CE8zouRYpFaW{^GgK$UUqT06^}%&>oGTbk-x>N#nvyR({|`w3jHxFd|$WzIfa
z^5|NGrrKNIhOquq`VYC@@>c>{5pmtcO|6`qqVrSQ{YRsU%xnH*VYR8rJVMpcVJv0`
z7VpxIwQHQcIv$NTH@DGA(ZT1pafw{8d#QT%EO((&ph>QO5M3=A476ahvnJs#*xcG#
zj<M@cI?Q|3!HPb+(`52n>qQ`99^ZO^-k1UJvsm$RS!}RwVL=(O(CfnTF9}EV0H+fM
zx3>N&^dCJD<k*7>E(MlRSL(bAk|>roD@A-1x`3>jHn(uL_L*6#*=1ke&1U$=c&lzQ
zVBcT^ns5L4UCXPy$b^+jEzz<mEs_24;^t_BJ<9@d|7k-<FHclJtqWEnIw`Y$Qpj$6
zlIsXWTnBhg#6daD<&1hA`j<>P`s&7YTK-|ntss}C2KdYytxHRY5J>OuozU6ZRY3Iz
znkW|U8tr_wXq_^61o57T0ZY@ZjE1x9QpZ|MyoII7`85en(wIc^^+XHlG)EvxJ%b%N
z0XGrvZitQ&qH7A#@LZ1`Cp3ofqn-(;Gb~PUs^ewuZ(L=hTj<f?cWCh2$c<NkMyR>-
zgdx;-e<Mf~ghM7?@z`wsTWp;2rO#Uvq<@MkvY3q1M9iQn(etywd|f14hv3j`GqCE0
zQ;m-2qCvabujfeM{Uzqf#tUfj<a_9BDm|?Po&YpMRDHykxBq`2@z2lDArO`OUISu2
z_rYxa0g|3pT1@6fts?16+*U|}p6A>F50G6(Em_IT;pi^F#|ML?^=MLoi45k2SKy5!
zI__J5Mk`<CVIJwlY?i=i99>t<9KjVf7t<^aIsl;o;^wo+M*?GXx)$xb%1!*1Gt{>s
zZ?Gcr{6kD3le!|SjOt+osmt#b<%$0xR{7Db-C&Kv{FS7==pyA}vcX1Dkprvz-0x=&
z({yM0K)Z3zePNfa+IsBlSJE$swo01GanzxBYzCE!bRDs-)<rkmDPE>I;8F^{O)81H
z+Hq=qi2soV<~)RAQMmI(*}?2IB)oSbXNbU+I>YgXr5GA3U-kxWqd`$+*0aVWOi>aP
zDyESvwDicYTfR9M3Q-=x=C#n|LT}kctTF53ZT#AP0}ReMc;Bqdpe;+Fi3onzs3x!<
z-^1@)R=k}5i!r6M#Q%`Kr$xF0^Re;ZzmbFO>@eic;oD~1Wh9`q<q8`O$`WfUVM92F
z!~>2JY4?F*ieY1Qlycv~t0C%*%Jwt#Z)$H(7<%ny+~xB94Xm1@=@;X10oTbsAA_Hb
z5Z2uPQm{JWhO^>A&Bol=j?%)uo-iDaZ}jwd$&DIi_tIsLpB{N_hWXg32jhbx-%z>_
zKoNYL!U&8WH73ZRvn~ZZnR6I4-HRq_Lw&#pw;E8fOR+&Mds-o~%6-*A=q-x{N;-1V
z>(G^Da<*@oWMW`E#U%kHWm@yPaJM~#@r0GKhZJDwnM2)ceV&e8;vFxNb>^#UX-fH&
zV{T|W*QeFy+TEp?!%k1uw_P&$x$j+^VgP|{1)z1q15ibOzvr%shKc>vSu<%;^a{zk
zr9jLu_&bmfBOm?0PqUsdv6|>#)GM}@96ez;r6L|p=nZF{$Yb-)kU6fL`MLt+vjBAF
zqd$rfZzvJSFFUgTsxyt7j{%<=D~)Nyx4_$gtToB<e-4ttb}WZ4rVu1jLL_)`T|xBU
z$h`-S^ZhmBU;M-(;?9p4S20um;ySP9QyFlfJ(Q5jK$b;lmV|10YO?tuDL1Dn3)9?H
z+jgwoUruc44UQ~Q%tM5USy(G#r^;6It!P7?b>bgb9{gGp9@YRVWJjqt2@-e9Z`Gc)
z)4aWVs)eU`z+0K|c^&aq8vls*g#Mf)`*}>S&X^zN8~ke(RV@c!Q?J}K)0~)ZHuISO
zdTtHj!lzqNuLHQ}=RLNdDXZK8O1@0~8jm&7pY7F-E7!5DzzgCDq7TlCWy!o25IQ^4
zlx9)DimHM)Z~|9N6w@|}K6FcW`!!>6GeP7+wh!2`mRqt=nIqi#U|kCcPRRHEDwQDu
zTWKZf<vcSD%$fDazsShLn4nffSHXhyP#9h)qV@=UxYthP%*nhWf*3H^Em&zmEcOwk
zk-Li|ggG$Y6DR%?BO9<#*DOfd@|GEcNl&?oL+HPpT%m7b6zeoAe}CJu7xtIuO+Kot
zvHvcuTp69Xq9u^ydfddCJoi<FS*TB?2|8I<sD8g!->E@hsoKv~z^!C$8@xD<xa1Ao
zYBuBvp)i^BzE3de0i)~6Hfo<NX5O%Cz2(p{p`}`T{9f`ctvg|u=sGCNxFwk-{Ex>?
zI0tmx+v(704Wk}w*>=W+(c08`?q-m4nv?YCdYV(gxb#oveLxK7`w0!mkj6&4s3EnK
zst(W^5Ul|f-A{S&Jd^UPT(?C1tna@N%hezZ4*0rAuK^voY{E#gFx}dUVfy{!hh4mV
zYp1uM^;c@2zCE}NYHgOc<`1V~DT?%~D^OB=u>Kp`#s-4M;RDSi0a27cA6RptfCB3;
zTKZ2QJCuGhqTvzvZ(Vo+puFx7B47A#CaSE|9z=^)ssokvvgOf4HGnmXC!q7ObUXBX
z{<CGEy?Rj{N4dH&M>anohle3}`6j~Y$b2{yXVMbB4|LRp2TZAl{ELSKLL9}|Z*gz5
z?0vutiW;OrUn|Qw6efmh0R7($!eGWkflrBS^hy9yBsAahp|bMN4*w5eE||H1;ixO-
z42P2zJ(+efymPo94Htma^bQetK@V!T^G};pXN&hqpLw&WJ)>KUlcl}|>e({nFH9pG
zi`=y+g&YAMOF)gElx}{k*bcp3E$TMf8x$lruDcM^z6vrw+yV4U?J*W=v@hNySMvcI
z7$eE^d6h+kkVdsolh;JQV+l6X%C$$PHiM}|MJFOf$2c~1HFU1m;VOW{KOK06^#||U
z`jp}pkQcN_Ck!%WDpvNZP|~vyFMmA$fEW9N=xTR?IBuZA<~>l{0<~h5Qv4+UN|lxD
zaA$pdCHut(VwcbXN_B(f@L)YJCl5l*gzPE(m@g2P3ziwDl|ppxXwk#bq`y}WSxDkr
zCH|==4C-bk>GQ)x2kS9W^gI%J1}j2|m;^qWn<A2rE?>nWxI=XOqn)w;Y<!lvs&>M#
zRg6iGUx_bx@4oCd3Y5(S{6XB0KkAm<H(Y%-T`;^~aAUYx;KQF<@-#hppKYtygB!s@
z6{=T*lD;&`W)1*h?6(W<xYWK0@@aM;V^I;?v`W7u1Rw^es98qail$_Zwz$hhA~zmg
z7`<~A6u64|q-CE}tj^ULf@oRtdFAPU!eBd*Eu3<cU5f5lap#rKQjBqfiaq@p;H+Xi
z<a`7Lhz!kTG$sCoVU2ZnC#=N$=ZwfypWB?6YPNnL88e0`2dcDac^G{OLB1L^DPUqC
zvFeQZfZi_zF?LC_az_~^HWfgiNpYs3=|D4Z$r;hLVUP_(hd)0&1-?&^O=kSSS9kVq
z?a)l9mvW)?Xzkb?8svWtvm&x0qDHsD6G@0JJXz1_2()2sLtMdfq1YUYJ<iIql$Q3L
zP4*M>`%5aWo$j-=I$7E0ZqRwp%X7EbdhTYDUnTbF_mSk4JbTmS(4^xV`hK;tZET__
zo-J35*Jv4dLgSzevUug0wE6Way?!+I!4&@o%@Vb|77qOjN`Jd+IPdA)cswc=td<`s
zohg%4+aGqSdN<LBhrW(1ECsVTl3mN<V1BS%e2U)-t+Pd<ji&|Aef^ZBAt%QjWU^e>
z#S7sH&0_hbw=zQAI)J#T9V3fuGcG?n6<rWx8u=_<7G|G<&-=fN%m)9;7+Pi0@#1gB
zZD;;zsC~6p3snFa(1%fe>2zhpsXvkV{%cX%5Ur7@q*l19acOSPkXm&79Z6Sa{G|t`
z2B8*!YffBKc~>{1(dHHWoJd}CDV%kx!5SlJUq-Oalbn99;~mP4u>FPvPi2uEuQvlP
z-RV=wJv00%sjz{yk}|qRi|wQXrkElmbD=|CTSwNmF{Ny~$D&w41c?SD38g>-@3Jow
zx!~%&yKRvvYit;2I=p(#>OYa$;D00YpO&baY@&Xd1Hu{}dpBhSDl=R#S>O#s<~RS}
z$Q+oDG#u4YDaz+ZYzX8dNxRTe1qn)zQvqEmb;BwXzL<!b)|?~mqqoO^yM%X$e!_52
z#7qrAQK~ssCQlgVa?#yv$JaJI9*{$J6^ccs6uv88xV>buR!ilg*|8REs(CDT0;{_n
zKl;Aw^z0SpFFn+ay<$_jasU`a`O($U8sPc2PPK=8>2nqzPZ*Y}o8U%^ved*Ih`I0;
z`0;)Kn%u*>EKa+tF;%6fhTuWY{C93X97OPuTwJ{MZtmd12zbAF7wxeDG&xL#mcd59
z(&=BwCiK)96RbO!GRsGAGzQ9J4q~G#eIpz=jeVeY2L`hIP8jYEB7y&q-e-MG@y(!P
zRAj)jS<}E-<+AQUff}4uHoVG}>4vkt#mr_2$Zh1U=LNuogUMwAJ)b>yYug(-CEhtv
zjwf{AdiI1TPiduhdcUg)@xr)cBrm-Mh$ek?Voi9dW8W~Vh|&beWa+xvcD-=X!M0~T
zVK4^BfR^dUCiw$Ho6Ll^sScGppkt=iX16gF(e>1t3XMaHdlPEHx~3nm2Cl{`c@;S#
z2)aA(y)0<Swg`4o)T1l!!<1s=V(ABAPM`Gr8)ejj?l&W+KMyA^k=}=P=qID@IiZf`
z?SZqPBDQ7sSmOwv92RC!G*2*@$0k^e7@LEOaa(}phN(qye~DH8ArR)|9UYwx`r9P+
zmVuJ2Z;idC*?HX^fU0xXMCr;ELb!ArVK4`y<25|5#+U<y(ctQ%vUNQZ{I_DdLp8i7
z98?*;bpgD7BL`r?XD{LY!e!HveKzo5TQpYEAVe0x4=&I@ETmon5`?SyuEc>1uBU9>
zL~C!|Jeno|!&^Usd{)nV{xksEiKH96-Irfc)h|_&TGjsLf}&DCZ)8b;h`Q4ujC-sb
zk35ADE%J@bb;$@^^F&|<qAxinIQssN#;f%%_$JT6@$Ff$Uv6UH`A@SKG`C><cBJ@{
z=3%Z|Eu&R*c!qI6{>$aaw($>-(tu@Qx8#y&OAO<>p>8A_Ix#mJ_qmt)q#??}#YoG>
ze%AlWMZA^lrb$=a0s06i|D#O8*T~XozU60h9K24ov}xTCx0#MQV*XtPATmEE&~qmY
z*!$LH%-1&Tr3(aL0eGP2);xB*-Kudl0nkKS_9Y@HaFsV?WATH;5JaAaM@v+0G|hGn
ziq{)DVR+D-Oup$yZvYK>(3^1q|FYA-jg9EcO(ivl<p7BfI4;;sJp2pMwX>k*Gp<sV
zLkA-+;ou5$Lw5OVeOEii>j&WasxZYTgI_r;xROFY6jF;rANBLSZF>fI2;QtZaDo>U
zCD{$}#Dv`vPfa85RKWHXqtOShmUA6%YTrh=`Iwb$-3|F*nC$W?IZXXRH^0Y*^=p~S
zk=vps6b<W3M;FS#)n!b}dp7ziM;uoIxTCN{l}wn&mw_5rC-YloFPc#vl3{>@uR-;v
zqJt%OcbC04qj5zzcc1U&xuZ$^sDT-o-!u_{d7<!*1!6*}4`;mZGSsesI=8}mdjz<O
zBsH1)cPc1K!@sqZJT-#6>Sb9p=Rfpn81XztJty?B5opB{(*u{TLl8+O(WLP9BNO_q
zu^cH&;T}6d_r-#gRUQS8xNMm%UbYj4c+VmFj{^F;dxRAeR0P17E7f-+Syq-qzbpss
z_4&a+Zupu57gc}GKnn&$yHe5!7C<9mMP-O~1PmkN3TmsjTXe#hw<q+7V!!y-z7x2z
zbY?tKIOlg7O-iz>jWIk$@T;p}l|>C!OJvd+YhKlWOtbqOO#Gc39;(+g<#wojzgK5c
z);2LvaJJ_W@E(0}3s2{Wo5=Sz{w`*XW~eHwSA22iBfiJ^Dtz^k%}YJ>zL!hBx1%P3
z1e8c9eJHnXTF=t17YJ^W$<gr!Ds2xNf{eS*EN=~de_VRxPmMhaspPpmFcNb0E}|qY
z1wtZ2vU4Br4Om$*@rHWPqd^n7z^nxz2k-^%%T%CDm@NV?FQaF&L+R+#(xAF<+B#W;
ze!-yNG4oa_k!6B?JofX0&zGrcTaRHyj2x&;lL(-`2y9LS@MhMsohfk~mjnHkejGK@
z1<HjJq9&SRXkEuS2h2dDxK!AR+UWwYV~vfgK&9QfN|yewl{P68@D(x_ry9X|VdS^K
zIpGH(MAQ@~)c~m5OWEkc%*?g4zW}yre{F6NYWEXpI>*r)0|=Td-{OxsT5lW;0i098
z%V5Su3FMi{5DofUYZ}Fan?7P5Pd`k~K~nS0F#}KljhW>p_(mY@ohC@%jhSm-85+D(
zK7uE20P13Bv@9oR>oEexi@b>@@(*)MX=_*s|N0ZaArMyW6c?>O0lY|@_GoD3Qb0)H
zq%zdLwwSFRzjcGEYhnc0F4=X_ykN`L@n16M2oUh)Apa8vAheBKRygiG!W|a*xUJQs
z=#~6kv>ba1Wib})TI7f(=)f*d0}&jE%J1WfI{oh0bshR-9~2JkT@q&rOKVD^Abi#9
z1R)WzTsL%$8^3I!GM+C06##+8MK+dgg)8wQHh_<lEH?paW9D49zDMNK2;#rW?Ve%;
zL~!}jrT)%ZTg}&8ZkTryW-QwL9_WVhOZIBwn&faf23*=zFgI;<Xuki*&%u;SWxTG?
zthoGd*_-I{a9&2*mvEZq2?Hg$yzDlUFz7e3o$UyG0pVzt+x$5nI9>0d`1itd*m?xG
z2*ny_Jua5II#$g{)}9+_w9Ju=QTYA7_aFgr%n!*Ktl&&`e1(!Oy;To5n#a8+%AGJo
z!FT9&Y5P0jgFsn+cD{c4Co{=R&j)zqlWp>@WsHaK1t(Pg;zuiN6Lv`T#}8n!Sv%|H
zl`h2q!)5A|1eRzPTJpW2kpj7X?)Bj!c2_w%{QXjZWPxteeZ$%7_~msk@HO!}iO=5~
zn@%>)zHL#y>J0A&?V21gAKe8sxdJGzQE#(1G8Xn}z3ZU#umnN9<9O>H%55a6ku#hU
zk662oDF|y<IF7m4V=;>$KaEQtboXep{Za3cD!aY&pP-!}PC8B`6czv!C(koBYH%OP
z5LmFqvFInUt9w;`LT>1{g(XAV=6U}foG^^b+@s!&Yvn_9;b`|UNI)GnZy285vR`Jf
z*zY3SRurEksXX)TyD~e+;#p8(nNlCu!E@2)R&`Aob|Qcww;QIinlhP{V(^Z<q7ci{
zmx|SvXhON!CvW)#L0wP=DBvm?&S|%hk~{$KIUY35!fTXXSM6U`kb~cKN@XAQCJj!s
z@!v5+_-?h3-&(;@3o*AWE(2pg-@Vmn)9W0ftY#i>EUyJ!n_fYSb&#SJ#)MSY@m_+c
zL2^ENb&?!wv9QHygnzA4Dbyz*5+rkIj@UaYDlc%HsF-fM>_~q0wExBG^YG+7*1*l7
z8KJb_BtD?|t_2z~lp#v?`&ceQ_)J3|7(n<<PZ<0>QK)Q`CJ6*QrTE{clqe}_+25$8
z0@K2VSA+lhww!D>M*>LQ5$Ax){3;M)L+ej_^2~{fFkcOJ+ndGWvC36DF0v8gi{GX0
zU<sY7(jN*iudgw`p4@_#+ME7fcsMR`!(`dQFNAGi5|p_7gTux{ueD?9bE$QY+tjX>
z?5+YkVsR2+Ska5^h^&Kf7ds!qTnCg8I}4FnK?ZOQ<y!UnX&S+)*LgQX&&v87vHqAN
zF499>9-t%(V!jqXHk%z#9<?YS0Z25`;Q6R%*7^E;Y?7Um`ZFiBO=`7{%y51^Q&RA+
z(WDcGyxNg;@!9YVZ8Y(4PJ5sEVGLq%7(H8nB$481*q1;qS0|65cZncM6{3Zi#IKR=
zd%^&3a-d&S&7VS&gl{2*5<#B@k$e)uDz9t&*ui?SB0W<yRRr3)1-OSYt>y>@F-pLN
z)lCHyc-tbYa((ot?5hCm;S2=SE0mopJM@Zq3{5!?2$e<1iX@<%K8wUV{x_}8|NhQo
z4+BKz8)9>$d!9%u&o(qo^)6~nAAK2Ey3OD-;DtxDdY{WXTeoWI1N4E3(-D3^PE&jM
zX$ZXEe=US;g6HK}aK@GY{vdNMp!Y*bO;Z6QMkf(0OO)c!xcIK^bvbhiODR{=mcOou
zTG<vzn8c`4(?rWxVI7dZH`0dVkvBTN!qD*KyoQ@IA`Z>uZH90Z=hYF2aN-B(#s23g
z%$C0IOcdl4DxRW7mErOAk7`3w0;6itjsjCefXoOTZ4Zp2Cu>1RvIegYIt(Trv8hed
z9a8R=NGiYwb%J*6F{(XO$h;MAmqwcZ8yhVXcEwMN@xRj!(Q(b7(F5q)KN#q+jmx9C
zvzo>A4?TcsXN&FRWorqbnDAYspP_aHF?Ke?&r;8W4+NiscS}Re77JVKO>MuH`i)W&
zAN3Jgt&O4*6Pt3zf!N2)I=*kA!_}6CHJj>iOEB&3=d(QRD>q;{{4;f-U%SN&-pA3x
zvDyd5ArxSdK>j>eg24QPBwrq_Qi1cf0lY2n%dZ1|>cVmq@#8}vALa}sWmIfCDTe@9
z^aun(GT=kBH8!ftdXu6Hu7Dt$Q@sna89rr;3t%t-0=t2jd^(EQp9-=R^>U{KC!;%o
zm-v*aq(jvPA8aA;`VXmak8BjphX+9Jhd#K?5&BOUD)G~EyCUmnP&Bo&;&%FNME6C+
zMj>6j3AK1}XtRp~M*OZU1XkF@%J+Wol2aIPi2&llhv@@~uEvfgh|?6G6T~A{WhVf+
zrZ3<E0QuJiAmo2t02-%o@&GwqyG5y_Zj7EVyzVn~eINr7v*+)I>-=05{gL%~BW?e?
z_tZdAs+xF*_^ygqgtI_f@|~G30*pH35lwrF+ySlXBmxEjnat$yf8l8W4U|A!q6myp
z4gNFH2wuNlL`t`=CJaV;g@j19xVklD4(;;{eJ|7KoaN`e9o^=RS7_^i6<JGaDS!B8
zmh^P<e8Bd(0QnSGRYt8k6(<oDLyVNZ^Zm&t)YyUNbXv1SNA4nIwh`+llEUO_B~+R+
zwP{2e=i`B@My5do%^YSUMLIzjfk{7JmFiA2Gwhs;f{2#eR&>k~S6w%3y5FOZ_{+Nm
zr7_mb;cvw^vVu|a_+~NNy(~I`BQvPh_WorI86#Ru0N0=C(~heLQxi&da;pFR@K$f=
zyE@zhmN34ISQla=Ig3xSYaFF}*@TBH+PPQ6%6t4#>SxONXR)ozzc1ZfHY?oiu@a8g
zZ_M8}t{l;lZO+o%L$aHjb!10=sir7R9I<rA@yxW`E+L$ncmn=F*)Itybz8KIQnZM4
zOXJ8_^Ej+)eko?dzDzk`P;r?Ewj;ovj_ilI!a6zgGIMRUI|E!_aX);C7(WfSvsV15
zFyZiz$|aHkPAr~vI}SJSnmiNX{yJq^$@U@aGcY==%HSS^i8c^vSBOncm5Rm0&|HJ2
ztcI+!T;ChMiZDp!7xEJ^T%H)jELZPOW}qUx2f!}~S-I#}rhTTG3klovTPlVzzq&Py
zxUcyScpjZ*kH^Jw*ceSm*X%AXx8Df^2dukbsd@wp?U5>xu<=HV;>q9AYJvgQ6Rh{&
zT^LGYexku!9k~GdN97tRF2A%haq+4?UB2Q{ZVm2n=V<b7?fswI3I-`A5k|`C&ocA!
z7JO5a4>2AF0|a{8ltD&QhDC!mO4wDzY8OjZ1|6p%nDc?H(;P=M`**co-H?*#dHupR
zt*CV4g})Gv`F(X?-7Q7sQK!U8S#tS9E-v1;zs|&_SN<|yPTgFD75r9p0YxgA)_lJm
zV`EYE*G>2HPfpA2%R~&5*jnIs)2=G44^rB171vu7Pt8?ZTHL2^$jgDZcSZIseLeJ>
zPqT9vynydC-514;4vXwL*VNZH7gCQdhqk^Vj(c755ikZfx;+df*=M|&a!J*KIq`4h
zh*O;jV{kE|O1cNI)SZqv-$=Icr!=T)R@_wdyXJm=nz&&p6fydO5JSsQfJFFMG`-$7
z(tIE`ZN=XPmQqn)`b+ZJX$8Mxg<AlOela%F3&#U79`~kL;6Gv2c=jwhQx@O9mKy(V
zq4JM0rp*O%CBVzl-@DDD1|}GUeAxFOH?ZM)yH}SDw!CH8N5bHrY=LLkpdO0W{i=kc
zoO3Q#7Nse%TATYtF-31f$!$J48Z+*PdfsE{umm5TZ2-s?oJot0O|UY&)3}3lat-x3
z!+>;lM(#VQ<Y)bxRbK-!zY1vp{U*K(mYA9Q<>&9HESN)D$la0wn1st@N(X2IDF1w$
zfj|=)kVwDJ92rB~dcypND!9dbP=3PD0DXgKY3u>~sVO+s6NVuDe-MjDGRNp>-Rb*L
zfKl2Xs0bT;&IH#FE<x{)8|*s+?g+S1+NuA#Aq+hbNR&9cDFEqbGT10H^#f=DTO-;f
zlLZ8ot!v(aDmYiGn;k;?3f$+D=*jw@dQ4jY6r6v9W0n5-9Wz>+#@D7KYH6&<67~fp
zua}&HshTI_D;!qnf;RUS9-6)}zO&mZljGNfy4c}ZJ(IHxWx&^9&{bWnb@}f(O@mbn
zgwc2YW^??jdusqfJX#ox7T-Fz*ppj+l|PGb%q%jQO#7xgRjxHJvkP`ahvk$Fv6y-R
z4uyKgM_Xqb;9wFV&_7NONG(MoWP{08v;N}|IBu;0*}vOv6s7^0>_LTWV%Gw|k<`mM
zzt{F4S3fujFEV;@dn(?r#t@I%$natUcwPwmz}0?gK9bc>oe7L{2>~2!JHfkR(}<sl
zPpFq9%+OEd-(B?Fo^ZMms#wW~{XyTAB%?Ai!qa{dez&-{T;J2LDiFQ;7FXXK?Udv1
zW${eWzjWjo2gg4yf9rN}6sO5ur^-i~iil6z$nhy1J5V93I)I_x-_>zsLgER-<3Qi=
zp|;<Mjp0A!@mhxl$PS2QbM&Nuio_JF0U=Zsl&pmZ@N!!i$uBjca~sLxy%370r3Y9F
z?!{J52MevzFK*#rlzV9~dOFPIeVH2wmQYKYqbJ@dh(t$f(3?;+VRca4ptKCYz~mGx
zT2B&Vrsy2V!w|)Ex?0FzKETIbJ?@WeXFfh9PV)hEW2&jI<Y}J(TY(+QEguj~VS0ii
zoEr0R4u>GSWe+C<a?Knz`Z=IbbILkL<X$1qp|^+jP+GJw#1eBc0uzAV_cBQj)&S#c
zXy`vl6|rgNay2ikXt}@rGjq=m?&aDWqsm^^DNN}B6$xv3q&&LDpvTpxKRk04f6%W2
z`=@M6APN&{i+~dV(2a~{15C$%m|OsZ%@<#Q+SVhZ{QgzmgwviF`$Y$v6p&PPDC&7W
zJSCEv<>$Sq0MMNf!YI@0U;HAyJxgMEvqYx2*g}5O;fJ`5F#RBT@k|EG2MH9H)S%-_
zyev^ij#5+x3z$@t{kpfS99%0<8m+B=bRP@JEa=<T_?&0Ey*2D-B0+!HKS#(^FR^u8
z9JPKCEgfIBAOwwn|9VZqCxb3o9UzK*%u{m0AYwHX+Rt;eN{V};Og8y4N4-z@kVeb!
zo0S_wSEF7^blj|+*xW|?f4C{PiYbL*>HWTsFvBxyDF65NF&r#y7V*_Jt8pTXiYB|L
zPN_F4d=EQ~+6~@KXkm%2=2&IFQJcf(wUVvNB=eijM$W=lUG;@cbgV?oikoPGIsL&V
zJWX#$wo6~Sm@Q@m56=vB`){A(?neAjutAsFcNF)atV{()b)+S_6WOurt|d>U9x)G%
z^3^b#@1rB2m#I<<A<|Z)&`$Hxl1C2xY5}6jd)0rRy7i#E?a_H=1AUU$JY#sHj+1Ml
z6a3yd>ZLw^ltqB+XN_J%2bMsoD<Ff80O+KDq@j0$<y5u*ELH@2v=#`(l1xWq1$woS
zt$EHFwGFO9eGWMXa!@Wua>!iRHsaS)_;bQ{5kGe?%9=WpEgxwJ4bfgYm~7{?8hui!
z%J0$Jz2PS>Y^;-096vf{QssZbuwWdzka^nd;DmwQ<(9AZ)6x~?3N~TYE2pm6%j^9d
zbQdm*A)IMNU-L#tL5RjhMdmYtTJM59HHCx}ZMs(r=T|bHqpq!MXXvlGxOCEds<%@=
zn+9)O)lF8|_B_-MY%pA&w1TD#;42m6&`Z4FnGy&y;K0X3nsUVG^ShJMA-D7rW`rX9
z3i)Vxo~Q81N32zF28&K4o>!1)W6{-jzu7cQdD4*O7$b(AdmGG@mbfNms^jzeLoH^=
z>o7W>!M4y>pbo!Ffbdq6jeW9|tnLjbu_|h5?<O>-Pm0VE>u1c5*5GzY%T?}fdFEcp
zZjL{8TbTy>G-q|nES@E!d}fM$M1yq+AK*fyw~z8%ik%<bDb1<={ASW-uUG102LZxW
z-l<?BCNL%~&V{dcOGQDQO>Ss&u8-_T|5N*S2%dxFqs+jul$AsSx3ZxB!2p{IR(~@c
zfOFy;5mn|FT!$m?K9rPre;X8tr}IuZ-p_vQv9Pvq%a6&l`?I*nnRk}RPspRXlHKXA
zrOsnp;x+?2lZL5P)uV7+g-KJM?@04N`s>PzuN()BayL5J^3gsZy8-*;b;UZ*shNs~
zXIlKRZxM@l^i1Ix;J2l9APsz!aW!NEHo9^yIgKWdh(E3XcDb5a__CiCw-}aKHHLsj
zh;QuNM3h7WY&ryB(;=i>6+zjf>I>j~yYXOC@I)7VD+EZB=l6uD7CVv5v@LBG;6<k~
zD|Ass_k0mLz?O{0gPjPh(CCMB;MGTsAj9A8eMLt@_Rsz|dt8xYfCqSoEE^&Ti<Rz_
zxikTt#3p9H2RisiTYF|6f(6fiv6ckd(5k4KNZi%ON=Tu*uiSg?ttzpK#~z<iGTGq0
zxgd-yXOFtcy6mi9gMCshueCAhatuoJM}5for){Aa2YLWAmK~>zX6s9syA(V5TIoU#
zrAA!c(6F7e(=v_l;CQPdcTG|HTZO&Qp)=^x0Ohzgt4sG-(Us%TSC;zj0Li)dH~4jV
z+!W@g4ZT@|t~GsWuK`9nf*h$Kp1dl0Vpb#2d!O=s4V{)vC4Ok12!p(Tk#4<z2s?Jl
zi2Fe0$a7L~9)Q{0^yFaRPndp5P6P-hH<E+SxQY}$!P4n4QG$R7cOPIE0!=>pfnp<t
z4@RI5#t?kgc#7Q~(M1D1OYjS4rt7;FD<r+FjPlU3NC;7ychz7qTJo`7+8Mg)wo^5P
zq`Kx?;8jkK->H6o`=4hw&OUyBwueKe4mW<?UqPqE!cBY08!YB=%-mZ+znkGNZUiJN
z0O<0VKt&;zAn9v}L-UQO8p(R--Z}^{0eGhmI~SffhXr^Dt=z!;IuY5;`vlm^5LK6|
zg`sV5?v*aZR<8vPfxjbLb|_5#K&E~29i>pXFhK_pF&MDqMia!Nz;mgj`w0AxjIQ>S
zyR(=CdDxQ38hA=#ihhgvAGrN-<C%pv3_W|;WC(d3y@<uE&vl#p0@vsb#Rc;K%^+hq
zcz=%73pmyIaWG+M_w6Lm;Kg5s5>@x&_Z;G4eejC(EthG;>!D-5niGa?4M5zB3HPTk
zTETsR2W9~N{j%d5I!Aze|KK;ulUt0=Z{O~WHU$P)J=&9pRM|Ekfp%3)qQ42WQ8O*S
z(3i#cl=YcO2XTb_0xG;(;orktReIX^A<s}}5VZq9FoAP9U38OLyk7!*P{j~J?5A4J
z<T2mxjm7K^%0tIJ``j1_9PJ70y8oy~#rKJ_(l@K$)8?B#6jLUQKQOsJX1B3^<dE^J
zWfX=>^EfiFoZZs`k|G+)_q)&2{C9({^|GSQUe$3(_nwxBke^$0{X@Fg;2a^XHP+TK
zQ77Q3%l{<B@R9O;9)&>!hk0Yl*6mm<BDrj}Wrc~dN7cwC@1q_!lk^tYFeSKVVrLGm
zG~iV1y}agH2U|+}%j_<dCKov7(5AemId)w%s9i+bu{)M?I;ON%DZo@7i%y11q`x9^
zgh|%i&A3&ei-~rg7~W`32UXbBrLc*&y~xoo)_dXN9Is!WP;Xpm5=1`G_(UpG3_6oH
zWBzlZvP<qbrvdqqIDJ|kC@0*#yAb9Bz?7JE{r6}2X^uAWf)dqZQ>GF2Z$QX=jW@j2
zc*M14Hj+at*|CAh_@Uau^v%$xs9g(@RTqZS56o=B-dy3$&m*k<WM=kH8<~1BLIu=m
zKXbKi)&Rz$aY==PclYhtRSJMT+$)IJ3-SDQwa&z*DwFD+U;F54LU{rAv!rD3d+l*~
zm@gKRGNiHY-u!5IpMt&$#Hue5)Xxhqjko7lkA8jN?$#h8;aSN&8?~o-#PHc>*$HyX
zwmuCR$s%II<K6gm5iB6JFMdoIeEWb5__xVKD+=5--s7FToO~yYAwr6~aNa?V)kK|i
zY5^Ld0RH?6S8AYNUH?4s?BUW!U0vU<_#wTP0fo=jcgB+C@&+d`G2{)G8F9()#}k~H
z!amc>n@I=0MST_ZXwmdhdv6FpL5a}UN<wZ})Drx<E*sa!^M$u#{VQUky|aYGzQi3S
zcQfXjOdGcapQ;6z1}&m&H1Dj6na*zeLuIr7<i*vu!PnA~(r!-NurkdNJ=mM3eck$-
zLzpMhEikz8Mpr33InyDIP5Y+ZIo%Qc#@u?CEh?yU!^dSV`#9DhWw@n2*=f+I?(1UT
z1w~m=zJNz{u42Yb7~j&dYG4N%JyJUEW_?~+Y2k0Tn%D`WO1rqBdxNTMElO@(?0CyY
zPiF<@Sm`ZUEext!Br<o#$0<;))#9hh{s*dLR<Bf#vapU~t3+*>&A5_IsdI{?^QkhS
zf7V6MK3ePgPhR8=#OM%kQ;&6cMdFw>E=^9m+1#~lERnqE34iTR7jsdny;o{nCHf~Z
zPGwmh*2AWawU4UGuqKn0!Pc*oL^*n^GW}ckG21ztbtNNB8h(Ig@R5mAuol<w2}4Or
z8e*{rUbRNwpEGv?l9&t`gP(yf?zy2ofQTOlz@-0DWB@k<|3jIfNLPXAA~ry$35+hW
z;CJs#3`zs)uS3L=%YGdF!o76xtD&RnNM`!8Da^`5y+=M2fvE(VIYIO@@O<d-ChdJG
z@VFU-{?|LS5HWiy%#JPxFW6@so{+^U0`CPhA&0=uEYPm5qyM_!y9th&%47V46!)c;
z_IMvij|bO&pr+QTZ-G`evH9W&Lo0@qy<maZI$uGtewT2b1@?Oalh>)Pt{U)<Z>Qo)
z^G4gWjHRxFlIXdBu{?7LtEmDJktVhw)rDZyj*(Woj~zIkY~5-OtsUEM>f3!LyJOU0
zQhff@dKS~DTKj$RgvlqK9G*8bScYC%4^sk2j2dHT7c`sYwApc@d<Fk!O9$Hdx$kl)
zK2n_1q4-q`)dt_LGjg5&C~sO_0PS0_9(}|VG}wwo7dq=l58m(msynt^4=I&8cFPjX
z^)!!7O0%9&d{k@1F<*~vquml!2)F?Oc5nS%G&{{5;xd7fe#Y~Re({JfA-}nmAEWdN
zH81`0Z}?CFCTjz_djSZ{WjfTDK-*yYPY@H3u!$*+;9Uzy;lRBXn}<aL#6Mbyd`Lv;
z118a4-F2S1y`Q@?Qf(6oVuhs+PFE{6-<x(e_%WypBU|BckVO%;cli75Sajpi9_x4X
z?zM2*1l<K-EiMiQpM%jC5o>K$+rsk60<17k)T-w0qWrT5rS}!lPS19~1*UF(nuTue
zP#z0s2(OWK8D9a2XmlX1Eq=B^d{U9F1IPy60i26iGSJ>dJL5JI@4%2Z=rTa#HSbFV
zwY&%D5&%WleLg@80EjZ*jWzHml<BBd9Q8&)3qs0ck!I-w{3Vz0E`klwUFSnzqrYx~
zY6BqZJ8zOAy^Cf6!2fSHlon}}%YR-qw|@#)&h8z6QiblWWPy_($V5?Ak4@Alw}2t}
z$N!^Iu-s|4p}%*fAJdJ-;9V)-+ZJQA)iRT3WRs^=?6GX4znDborKc;kUA<iaTsj6`
z@cz@7-U9V0)D!?W1R?t>vHy`R=paiF+QHBbK_EbC+fv!-$%pZCfX@;aXk%M2H3!k4
zH-+dzFY1h;vPa*n{P>X|_v-y+#X4*uqo+#>aWz8b@|~|1P9`tRn~QvhrH8J4I>#bK
zkW|=WU0vL}WcpmG*s!6x%DB0#&$l)NtKn;vYS?LL_+`wXVa2aPFFL74XDxX%5w0fw
zfpdH%y?Bi<Wo>2F<-`Bgz^%pVUA_iC3kLh+bD029tmtd$N_L6m6S3gd1PB+RkE1ef
zW>Lw8pZ6lJi4#C=e9Lib`wcYJ4q!vl%76>lmqzv;RVeaLt;H_|suXc&<0In=R78nU
z$y^}n(5x-E<OjGJAFh&2nqz@H>{=8y%;EUv+BxhQHL3A6vsQ;Lv>6Px5c#=quhplh
z?p}}lJ&5r%x!wuws|O8NjV9{GITSca%$V0?b59&ebjvnA$i295_T^KBZN|}MZq953
z?tXQHp3};}rD^Sm{-O(Vl;<z^Kk!1pz|5}SVaT|QvP4dLyMj)maI1#T$Y=L6A{mJi
z?7d<k;m&=d2>ZSm=hoTXt`2j{iCxx|`}3o<B7fs_nKK@rOEMW8>n$JDw;otWr-7-d
zpSMQ`C4Y2gBs*fI8iFe;n$UI4$hUp|(QTZrL+@q8g(%u=l(Vt9eV0#BikO)0GJ@`N
zvm6zRHfn{~ym=LFg5fi5c{<Q<d*vxRq7NKw^355_aNtrZyfRZw6P&&O#nJld$fui6
zN(#;n{<RP%G*R&YVUKTAD<~aDMpYFT2mP%LIiF!=A@cp>)8A_nB;zrHe5O3ujzg`g
zCdp_7R@DgHO&lu$&*xG4O!u1>9wj<i_^S*-L}Sq5M-}VVz`h+0Ui_F_@mhSmB^{@P
z_P*us0#-4`gysVGS*wiJ#peOcGf`SkssfZNUX+Ds@~p4K5Www$Vu`Lc%pdN?&SGUE
zwej~Xh5u$0=pJPBc(D$?QWe5^fT)%c*}3WLyQKYbR<juP2JycC!s*pm*)z~wo5}#(
zE@^&ITN}REnBnSQbx@T%gWW=T!vn%w<_U7-A9x&}FbpeZsvbODsUKC5bcfXqwlcgQ
zbR*c6K-<n+6qTfCj*0G5`hv_{%Q6=vD?9r?{C(x^M^#=gOrA&cT}-3ae2~AOtND=W
zUcTn*%CujqqHT#W<rTcl!5{xRQ*AnIGeN&Ab6Cn$_Xt^_<vwio729>^^NnT6Td$Cx
zLv5y53l_j<@xG~7i-66IXY;t&Id^e-B2P4CpPpIPZJc)~FAGMCcfRI!2=&V2j9u6D
zH6Hd-PfOIV*UGz>yALbRv$S=u344tnGfWl9FS@TK>(`@D@y?^tRrX>}u?)}u!`yqu
zHT7>_gQzGfDx!i?Bq|6ZAkw50I|4$aON~k=0@7PZZ1g5wX%P{rA<{dM8UX?65IUjP
zgc=};^YwS{edhl>b7x-93qK?rB;n+oz4qQ~?X~kOlZ!O@W{wYgGtIFq-G!vuyJ0BX
z_<Nd>Ywhq%g2l#j{QA=W5S~CNYyWx%m`ab={O~Q%e5!#zM%NwFg_evrdTjQ5h3uZ`
zueE`1y#n53<J3!gj`SP`C`4bHqNg?NsW|qOavL57TOTBwDvfJ;s!yNU#pG-PM)M?Q
zzWhJz<^TL@IEANOd|BR0QySkoSORJj(0t>jXW?4lRC&XRGMZTA8L&8XWwvc!<9^Da
zqh-6+#C5Ja&E6+xpKUfPFRdb#8+sdOJ6Ru?y9*nH8G0<VwwbBW+59PIIW$;f^UOSL
zb#ou;_(kWkR*Avebl2AiK7O^i<TaQ{kVWkMJ9k}UTk~J}`u$dUKTv`iVI1t*f)f>{
zrlvZ7#TAROVPpu9A%l+-w?tZ0E`eNRD3$H)$uXPQyQ|Go{si?M=&%VU@+G=vl793L
z(~Mv@K6B;)+P=$QFF#wuS2;y$7bTaSms&jElCc7~%3}MpiM_~%QFhT;_a2hL{THXU
zCrC@?*e~;?#(@Au8oD}doJ0|nvrjG?-@FYS>aQMP$=b*qK@Z#lwBFfzkQdh}xxu$l
zSK#P{(y=gN7=LiXwI-xr^+!vukiz<@<Zq*&_iE=iF3L9epu%$=h@~WRu1m&QaFh5$
zGRe7^qpg`IuvhE9^S@Q<$6|I-WdM87>djPLps*~)ZxKmA$z9@eCM3e*!2^@g?A;!v
z@($fL5qZU0A9S2<FW!Q4od%)o8qR1>*j!@UKmK&!T>kC+fo*9}`x%nRK$FD{qstEt
zoT(8B<&W7O#87}hRLJu*Xx~qwfjVfj;v7;PJ#`1*r)j%SV8b^HK#<SW?j}VBpZ?o|
ze_1la5CDpu!*g^OFeh^g2E1#)C0H26!bq~t+raOHL8+wOMDoslsSxe#UuN|(HK1{U
z-38qrIc>kQ{O%9aRlsx7f8sZfA)r$b+FL+8<frd)_tRq>o<~lFb?+|ccOAU#9B}F8
zq0BUyv4slj*u?oY&@yd7Wrhc5rGJ=uu~&zqC5msVq=qt7ENRz;fj)$w15g?w$>2Em
zhiQ?7D~y<%WFJYXWE@EciKNcBvH04R9;{_~>VuFAPpYbT4<E{wsi)!z@q2Txuay7Z
zdWN^JDSh4MIH7T-IwbF=x9+<U!=#Vau{Yg>6vAB}-Y_jQZ5LYx{g&50pR`~>1g)Fj
z62mesR2Z!{)#P`hN=FBiNXa<PH`Y1b*IUpBRS1@%netpZY%0ywvy9fUJvj?o%i-;x
z2@I7v$HR>lRZ+iF(Q!To8RYQ>;2RXF>OKYML2%}ttS<}=9n@oCnYpZPxwVNchgzFK
z42vTkAs^(M-u+dW-XvC`bMFW<N9g_!NIf1h^>m<Jq9|L7b4RDh*}*A)PY_kr;Pva4
z(VH}%&N$7sPuHVhddtN{c22HuDb`7uBVH!DtS<^=qXY*`s^01aSvvRMRmfUYu>S7u
zbk5w&uIxkcfQh;M2TVzO&rhL!>h@fTuTT(!#qPV^+5GIOnipdo_n(VsUj2IAkQtKH
zdSN1}ZXS_LPN;_+K|U@iH{);S{`NVi^F%gp>EwR4-1@s`5n*!tX*f)F+>~-=k)5lW
zEsm!Oo<Zw$iFfdK)3<j?5a7dJkJls;0W0`&*~+d`B}q77Wbj7+uLu4!9m_0woqNA*
zSfIuen{wC{>7)zs=UHb=-i1~SD25*T@k-GH=Tk+!j7T5+Bt$VNLokc{DwN4#zUXbi
zR_dDC*FqJVbb3Rx;<@*Q+ViA(pXaDjN$R-Q;H#V5qEYiB@0RqH3ajm#&uHt|4Vj<!
zeTmD`ZO?+S>0}&hi(e>>GZEXdS1{k>tYvw;L6a}B<5Rn!A-U=yI(Sx&H`VK4WRT&~
zWVu^7>an-NkxY(WlAPcbZdpS1fgOu%A_A>WPsF-uup<ytP>wrHSKnU!WiQzn1C*)z
z(J+#casHbL=s{|Th|!Jbebo;lCE0VvlfJ#<bv!<2tMZNu_xrkapSkXd(hM0cmu98z
zXpK)-t@Dz6a=)(l<s*4t4a&`NxZ1m0=_vJJ1cXaROguHq`1GcTE{3Js)`aF1g#kjM
zbwp`pSbvdmhj?0L>G2NsbgLhtr(}<?WZG{;at>)ugp0yhf=kxQpe+s#qPZ?k0?MZ!
zHdL%iL~0u@zx+y#!`c%|nsc*_7jC)u#SadfeKeR%P_cX;k?u@n+ZV)Ak2lm~v&L`5
zNc#k2+xeGQM7ug)8}VUz;YCWRwuvZ-KQERW;v6S`9o1E(k*cmmbiI3gpv%lYKX14|
zqDik_b*DR)q$YITKH2KRhS9oS_SJ8N#We$Vx1wRX+1;o?w<NX|HldX<<4?5D9xOjP
zq=sdHckxPXY&3n|PM4uFya3Pci4;BOI2yl(#(dgMQBU4*Ei|ku95P$34kFNeWcT~T
zY1Ke(f1XzP&*K{L{Sq`;?Fy8#iXO*VfvjKc22jZg`&Xeo9|Js96T)#r7oijGD`@hg
zSfD>XEG)ENX^Pp?6hjVhSG{5=GHO7xpxbDV#h-#d3v@?ID^Q@(poah}TB<0>+W)K3
z`+tnz@fZwMZdj*R45Y}P`>}i(=o2T=na0(}B%aQM4T(Gte8nSlQN;rOTLuk<kX_EK
z&}+qD^apPBXfm_mxEES5cPg=Kp9{U<*7=5VKuGl%XMTz;==pN6og!Zvrff`RGuDDc
zp=_I3OBwVp0pmo-6w@Z<##iXNz45FPrw7uF>M}k$u#DdPrm%>&yBtYWoPyB9_ArdN
zHh8ZD00<yi`GJ>4i}r%YywIh&`A#{o6D>3Wdgl*Q+VQQmFdFR;^*DM_s~oaxP>Z`l
z2?Ph>|2o(iX5+cMPd>|NV#U!F$9k<H>yiyVz*)@tlMOAz85IRi+=Tb};ELZ{=znvI
za5hjyDZXRW@c(rZh&%(RyYmL1ggXY^JpYxvFiKt=|MxLaqRxU^@D*SlU;SbFRmPYC
z{RA~-*-2TT&B2{R58dm5ZjSnyig`kgX`v@DwbvnAPl`e0k6l`vT#5+<&Q~P#-eav=
zLB>_c-Zp+S`vM9&cNenNhmOJ_sMW6fHyNGd+hU90om?-InM(clL9lhZsp0QjDQXLB
z1@qK_?CO{26|wDdP2w8?R*v3F7XhbAOPmH&U0U5r{8Q445AwWr8P*+&hH0n<e(s0Z
ze-Dv1SC4}^Gt@A8K#I21jeZ`v%Zz|*jXBYI5mhJFl2vJvv@ghQ6t+Re@A>Y}9WVSp
z{^Cw^k7(xNlN$d^oP(k4;r;z`7EuC~pUefwry{3bblY=Ej1_Kfgv!A`3mqcoL#F2H
z&CWk0^VoAc#vq(-VWd6Jcx#lTUV25sSpn$&f#|&f?NgS(lBx<M)I$YavQ-VZPOvd^
zlU>arbr!ES-e;?(s^vTCyRD?x;L=qBg{Hz94j9Lhj2)8&k^+^Y5jiC*Ih9KH?vhpB
zWb=C`S|xYO{<@gp?5?s^<}|S)*?lw0IPcMsgXx8@RbKbc)uUf?R(3WWn8a!j;!($n
zs-9I|UD=LzTv@#k!w46sb$cPt@?hj9sn!dZiv;%ub5Lz6Ex(4M|DuHd-8ZVOz-N%*
z3asL(D=3bSHb&Ma=1)x>A<=oB>a1iRGnL33sAJtLC-&K1i_o@$>P?|MlU$k1#Qt`7
zGrqu|d$1oVQq8P9JPzkqB=eeES=+*6;2+->2Qyi06b8a#PpdsU0^^86kazAE`jPEQ
z$wjA(m9n8hGOPF!@gGU!gG<eA=|qHVA|bHkFaj&CTk}@x)~sgCwP){IKe(J~uh1!(
zT1S)?u+^Fj8Pu5OM?g5(u)Ye&=%Vm1`EeyW8?b`)>N`P%iR*c_GP&1_*SHgsD@<x5
zSXEp5Qma<=tI2$kS)>)t(<2V@e0Da3S^ERz{f0eP@3wD4^=&`g4?jg+n$4)7h}>+{
zUfFTfv^F1~F*XT)mD^$?$7&w?T~20AL3?WkKJC@(sx-78%C0k7F|%tbqbS1jetoLU
zD$G+73dLG^c}^OnkkDtu!t*gFJW5{{j*na?JzM10rEk-ZAWRxkFZR}6fl%XfjTb)A
zXVb4t++4lPvIg0%WCIFs^YdhE!aJnQ#qcn5QwiEHwYEouT!~deKiE0TmHw$WY(`zB
zPT8sz@K37*O^lI)1HZ>`BuXS$;*-p+6z_e{FM)u0+R4N<*8buv>sJ$qExLg^?PaxM
zVbHZa^zi0U0k#Gil@xNrZSvNp>(d2~Z5NxhJ0DwU;f|f4kGlXoQ~of)A^l+bPBWod
z-8qf9zcXHTe;MVfa;aU2MawHO;>M1aOVO4g^VC9ZEXV^Rjex2Jlu_gAe^o7c7~@S4
za`|Ai1LFj??j+h-x*cJyVe=c9Vi-4u;u_Cy?L<J9EdGjHK+u2Z!%wL141&>D3_whb
zgfV0&On(g(_DgnTX*}H+idD4_kpB1Up^6M=Q*SKPmq!|-_e^2K$O9lr%@3r5^YASP
zllE66dI2(?_TMcGI%&KP+4i7~M1F!Wh}6Lc9KrWs&6z*uxir6w``%D~GA05eft%;X
zV<M^Y$2=J0oSBR-mCvEngCc9y&=`G+rY#-JGFICBpuUbte;;b7RgB&Y2@Lc)?Lgfn
zg8=T?$O#GD({t};blr1WVWThsa~cr8WW-$gSQS+ikn&EeOWV*r-HYz<;tzzCixf6S
zvmXp#*bHv*0*J)3=m~ftG~OQlGXk=;v1ya+MPNK=!+@LdH`v?Pj6xlt9focRnX=Jx
z;f7IO4d5W|UkB%!rK-05sGzO-!XJ#>uh~n1fcd-z&WMtFT*P=Fhkpb>>y=Vy<H$U~
z2QM{1CDe!qg4S3{9gt}PoR}|C4MtD10<p$l0cW?D+bY%F=|6|e&>J`ZFqMPn>T>8=
z(6Dm`G5c$35;+N&^bLeSm(vz7dycjFoK=zUGXXk`bFl4Y85;p}0{5*~TP+O$)txAK
zx}XsJEc#3&-50*67Y2oFq_OQS;{S?E%z?NB{a0JE#r}sW&Loin`}e{A8r;-m=W@k9
z6ny;kieQv4XT-oLkQPS%AJUV|e@jpJ*eTrZSNfHZf0(3fF6REmKaUFM2iTUsfu1Ls
zJAo-+s003=-4oF71ln7f$bWWE$czSfcJMQ}P}(ZKP=m?D+V8Y!-|GKm6@aGF;Pvs4
zEw;Zap46bEEuhoX@1?1^OUV3T3h-eIx@w0j9u&VyI4Lj5zMD9Kl0ZsyD@kSADTGHP
zIXN&J3bNuvId&~C7$|K&W1$_daRGav`jjp1l~Tk5XM5K8H^dx&6RvE^sRR~Wyt9m$
z-ALuBn<5v53E$E4$#%)z5Rvgj5EtOBb3M~Y!-%>U!U}PV3L2^$!bnN28?D=wn&rEL
zloiP2PT-nDt)E~^hVDjma#;n|jU17}>uWG>zjq7*>8N5GYS;$Zmw!4byILGg;nyOk
zR%63&@T{Ec<SRN#kZ2XUZ3SuKI#9`8?xOOUY(qP9VZ`(%MZ5{|aq8!fZluD8f{S%_
zRtcNhAv7tjMy`iP^1f5U6vH3QlUjJj*HJK=N+_cKmH63N>B-=F3%v!{(>Ad2db0@8
zZoDwx*F{-IA1KCJXeMr9-PCTRm7M?9fq1jMAXZk4a(OsXc*Kx}`2$D9t+xot&L74q
zsj#6<s>2R1Ml`l_8qo)}6%S0rEO(Md@6{!EuA2=G=ib1em4xTahZNT?#MnAyydHV&
zKav@;p@zKUaADUdd0))8!jaS89yRvrTW<=<7U!RV*xe}&Y?}K>bL1|p>&BX?v&Mgk
zow1Q7Itt5x%`uDmRaCz(<3G7cT4gDL_XM9t{_2I2-+7@`e}!fehl@^FN#>1>a7QmS
zMn96^4kBbv_Zy^V6A))j%^nxzY<cr=3@M#Du0qRh7>Gkh)!mb5UzE{&aUJnR-Nkdg
zq_NL!_~IjPv=zNm6U%>Va;<Ygo2Eon&7h7qLT$|yn7cO1t{5F8t+)VFdkIGCoT%R`
z5se1ELjWVbw6@*)l$L62&0|x=7lqT;rIV<~x3EHwN`51uCsUGzog5s&LT}aM&`#9W
z(sZ@BD#So8r1wQuQ)Zt2Y<~_BdC_FwM5L+I&6-y`tkt&ly~J7f8Fwpr8BJxL_|m!3
zV88IuuhA0XDyO}yy>x$d<xK-svIbhp&@D1BQQUvEYjZ_~hts-cUE`8d7R!;6IS``V
zXu>@pZH!!kf9Yu<pPS9O`~F;2Rui<AFy}6{+<}E!>9T7#ZMw$5-IqaBf;en`6Q}vK
zY)J!H__wITa&I8x4-?Zmz=>0UTZ$c@z$|G&QIHH-s`XwM9d!whs|K0pUliB|>I$AN
zJ{3;nUG$oLK_txwO~D1R><#{58pTxrpPN`Pb}mL5U~CtrZzbZTDV|y!jXvNFc2A*(
zC)j9lZqSuAx{MzE#NVpn2ZR3K<&SpYt>hYqgBMelHGSCYG}gai()T{TU1D7=;@Rny
z)w>_$=g%2#7Qow~G>*7i=sH~)@qIP~2!>a(aXm<x7=1)ZI=vJ4DqzOSpb`{eAsE~F
z9Qw{=V9vnEwha0O2((;l<ef3KK!!TZ+}$4C)iW>Bg?|wNb;1Rz?3{_D#V1zJ4ltB^
z7U11-&|RJv=mywE7FyZ@KdtGH9?J${w@2b1f5emjQnmMN6XvGA1)yst@TVZOufv7`
z$a|nwbR0PF{Pl53SPAk(YLXYW$f^OI3?1wu7_Rs^1)}!ukN!YfP%b(G65Dx{3jX9P
zT37}RzQ^mHJr%ioc6JX!k1u5KW2j$b&^uoM0Fkh;bFLG+wE#4%^8Fe6a7GP?>*_f!
z_?;6_x*vuS^Jq)V1T&~R$wCjTR--M8bS(WYx%c-QkW%~<j7}Ix?MEsyz{T?~v4!+h
z<W3*sI8YD@Nl`=?%2*VZ=I?i4-x5O2SGwSbJTN&<zZ6l6rpAGUq!e$!xLf<0UJ!w_
zn}}H=|6yvt@7;}SH)N>lfydBRA!`WZz6`pFtwXf~$}VUm^We6M?bL4hQfk}^rT`9M
zarnbD5((6mxKorhS|FTJf%T1C)(6u(F5`4?8Eu|5k1!JfauG>z(R@bYIYnLprsyKH
zRTT@)Ctm^M9Qf=ABpm>k|9P@x2o|56Uwuvuoc!jGYng-FeK*%kc1-?sl-B+V%~gA0
zo^hd|+nwj+Eh2GDG4je%+hLT^5spaZk05C|h%*8O7I^)GIeWAI4pU~Q98}h!lEhVh
z-q7C@5udmDvy_8yNgZBJ$HMA6Ze|?TUd(94{mSbb#UV1#A{gx`in-$9Ah1X_Ye6Iv
zpn;fNl?ZX+7HQ6cAdL<jgVdDnZYBxF!8+7k#%4=;>J{9aS4{kJ=LL{xg(bZ8_z;G{
zi3y)2gUqSXPqE&I{L=2#xa~Kut&b0(eg7L8eEI)I1KIyqG$4zgv;O}J8hrZyI~pLB
zsTvv7;YP%(N{33@J<E^rx69A#{0j}XUMNl&L<UqJ%SPVSkBavbzvomVb+TwQ@=@=4
z4!YWBn`5bzTRH#Dm*JtI`uOeA#WQlhU!~J_*34@)>Nj1F7c?5Ab3BmV3aKXcnZVxV
zq7hbJr5#}nArhZ7xt;`EajcFp(2ddS>8e0D`r0N8juO?b278my4N@%^VjdQKu%X75
zZOFLZqxycKn$vEjWH!8LwA{V=0RqsVROlb)GZ28mn4rj}vG>Cx$#IXKyiIVwkhwER
zTm9zusV`$W=f!n(v6pj#wX@3ta33eE44%{uv<$UC%YZ-=66uKUMQ=Yf=*$x1kTx3?
zV8k0RTebtHnX*)AAocr^Wu|f)|1+?Wh1(zvWTiNezb4Ybt@`#{(+s0-n`NIEn+ddm
zcSSa&8cl8YBI!OY|NMv|_z`YG(e{z9&K=w=lsc`y3ki=H0lAy=<z1=0v-2}Jb|_h6
zU3E|oln$3LBmdp5AsEyQ?v5E*PpJd-g~s-V+i>e{v7@ISTb$zCd+^G6FwEvcM;E-5
zgNpe(87xH8LtTV!9Vvpwf7#kLWfLqY0Zk<Cem_i66s6kP=Ixi%?19f1ghG_cF-i`Y
zyyvjlf&jmiffewkg*2yNUect$Z4`SloC}2OC>wAdKm<mNfoXhQ3^BA(sJ}-8x~o}&
zTLiI@-yXiT2nVFfL-@KN7F2ENyZTC=Ao>3AV1Vx8G>z!S?t-&`MnbnK`IXRhLm2K>
zAISXAx&yiav&+31Dh2Rh?lryIDW8oN+p{n`zE%!Ais^!PqCwJ6f`X7&_G1H-cpu(F
zSIahxo2i-rF3v$#@r*E;!vCc<7(W()WMS)u(YX<&=yk~q#&Jvve<%1<uH=kwttZUr
zZLtkO8IK?<hrxb9P4PcWFwVZF0jvFM5NZLW7!XBSe4l_&Ajz1dsy_J>r39l6Fp}Pk
zHlmN5XVl>7@=~%*<Lfuf(3L=6VAu_vxv0XvO??AS-@?fhZ`Dw5^2)$|`fkXU-#MUv
z@0^5bQ&<2rbhD~=%Kc&TYe0vibYy>`N1Wjk=wui#^_{}ENN)BGwM#_jo{I>l?Hd=U
z{#Y~~2sd>q)`G?<a{w^R*w*tyx5Yq-8Tju*RiOCsH&y}H-=nB0i@0+1xj#%5;QTcH
z#}Yx(`Pcs~D6k?t1%iUEzk-7EKu{oov?H%}5^gFf_;-BSUY2|oF+t#3l|0Wyb2Vja
zguUNJ9U|-3rhRSCy+=>*<n=e8{0zCJ$QA3xe58fH6fuy&5KqfVFn+1f9PW&8z7Rb&
z!z~P6|4h_7xNH)+gO%suS9-EvUR*4(Pr1KpNcp9omTJ>bz(Kw2%EE2-XqUGhp)fVO
zk`c#zudk>>1r!U>O8+sex3lAZ*VkH)q1AM#c(0+6<z9Ts%kK?S5cWLh{65_*#b+oP
z**eV7T$8ynH9_dTbc$|$JTX>#H_>yuZ?hDadsiW-v~jWH9Z$mLs@JMAn-G8WL_C~h
zYiZ+DIu<GaJB@IbUb;%2qt~54?{T1n;Ib{>WimC+LTvQyuC|Gcw`bT)uh~?3K%ZyU
zSDSp&&eUbmB~FfgPbiKQtIDb{SFvxwCRVC=l~bWPNd2B0U*mxxr9r8-QVhTSsUKHP
zc6iv#9>3ZC+9T}j8zU7?vL)*1Lo<kWe{pZjn!x#v9Q1^;$RJ9N#y0@9><oGW{K(3?
z-P^EGKSpRC!SQ#F=zKQ+UD;HBrpr6e({*3JLbOfyI!r>OyC{Ra0~raEuc+~qh*&WZ
zIW?pK0%wB?#>l2vKc$^8FyhrTw;k1c*L_@Vp|vvCXf$KgwslP4cLv2DGqj~?VO~?F
z{34pZ4awq#G-pv=e{j~aqNUVp`=!Ue?w()craxlgaG7h2`rN4A;RicdbYqJP2V3Kr
zVa!h)-@F<(F+$J%mRvOq$Gf(sr_L_Mr19P-u~a**?7XzKM~U^Rdq1H@HaZOAhlgp2
zB<Zz)+$kKF7&g2)V|xK4@O~bSDTx<+<K?HzZnMEZWBqOr_nT!`tiCh~MrjS@e?+Gf
z*$kkKV<GZ;hIvRRSqAq8sq*`_F(UY5i>s^9UR&UnO2ha0!|qlzS=C#)JUv>m=7qrU
z_1S(+68v~=b$?m9ia@iao0*!veO^Kp>(Ekhj`)m8v-p%pPyEU(w60xd^XM{TG~X}c
z>d_COyUh0KuWu^q(!|N{G|1dG>KL68qoX#FD_7Gk7WE57vZ0h24d`AF7;K^6!m!Q!
z&gJe(=eRbXQle4lo4!#&dFY^^)6mH-bgZgXY<}FM)T!4MU=EQke0EJ!9oQIc<JIr)
z_Za5ke}WmFlaNLJy&n9`6l}*1zYgg8ls`=3XMn$^g(2M(YP=W2I4Z-pMzooF2RcxF
zfsFg_Xd*KuvvOcVts(8SrY!3BI7ia{cMyiJJb<5^(k){pL4Z|9Y-C?G2N<Rjr{aIn
z)&JHKUSNRu|FLHFFZ+P!LQgD-sXi%CITPKfU0ZOg^6pQJP3*Uo0ZRJ2WxX&G^9o<w
zz6?AJPj;`jCN$VEK7;q7b#q|ol?Xy2$z=a}|JJsSifjaa8m_6FVt;Hm(|~0zGPr{3
zZtWMlwX`0x(>bim(8%$nI^Blusukl7QO?t1e4#t1fn(v9nvLxqdFrI2A5!8USG7=e
zMh1w*{0eN06pf8<Xc2vb)&l6(9(4c1`o((;B_Yr!aR7oeq4$5m!pjc2OnU&dD?KkE
zljh!jAnBF*OSkLKquAvCInEeo&qtd{ULOF#)%$O7ef(E<?ha65plmn26F;*(&NxgL
z;hBWdLeHWHd@*$Hz7p^md`JJlXS_fPLn&G?5MWo)n+QV(*e;j$AEuMAj!$!4pto=4
zM9~G=dSDi#nZOXnM80EuH9~LBS(rXuFvBc^xO`=Y0I~ob(eXW(!u*?V`6nW&|B&ie
z`2tU)0jFLM^7&F73WWAr9J&;R)1tlvmkRS-Z%r*fNa`0#eKsKM09cP~Fe<n=#{+DD
z`>~%1qg5HlNXpFWgpPq`7b$WU(STna#E`+;R8vYIxaRq=im)ZBKFPeO*oPScy2+Ek
zZsM==LLXZYeEnD`qcU<Dac}!BK#L~yzx?Wlz+Y95WrNcTZK8}!E;pm!fLDK_@)c0%
zR{tA?j`}x+UJ@}k(KV7i1!1wP6+Yn3qhEbn^31~*?-+-Y4S7iDw?4e7%ze-zX<s?_
zqmz=ie|~(?w!x%QP9T{FjiL`}4*{ux{kroI9}Abdea*EpfdSd;vxeOZ#2w}8++ZnD
z<}^`dyR3S(tPQmXLu2hi2t|7@s6S2o^Abf>n&_U_{_0IvGN%ejVBntJM9THLTf;+y
zgAs3USsfxDDG{wbHCRW{5;0lhxHr*xVsV{QQ{7Jn_pB%XX_!Ej<vrfVu7T6S!0BwD
z55)nl5p{dxu<i9l2&brJ_w4N{GiZZ%^nL!zQN)>;)XyuI1}5d>Z4zc=#?IbMYco(J
z9`EcB&+${4%duHCLbJ{d%^Z$sl}PRt*sL)Uf~>Y6?8FjxbH7E#x;ee$hK0?B3u$up
z38XlrCFoVIKack`unIQo_`S^DDR)6PT10|zetz!(Er_UGgY7-hRZi3<J$rR$jz3jo
zew<jftzAwJ6YO!4c4D{Z6C^WmGrMJpamhl<Wd&ypr;in!IyL=F@~9(XZa?z0$tSK<
z>!`t1i?>a|Yl+LP76F6@QzR|E4uhE;LrDb6p@0AB?&_8J=dtZpML3h;x?0apaT|f<
zsY$Ry!pTFgiu^DpOSN>WReoT<Q0gWvIA@%kuLQNfj~VjN{<wSUydAtb&(td^>;YtI
zeA1}Qv)h!`qZViGEvJt&HbR|TTu=qsAK)6!6+P}B$z|6Tr?k-;w2OLZr2%6jE30D`
zBr;dtg<4)CuPQT5!3J2_z7=8ZhLA|ra)He!9(wxkQ?n(-JQwc~5;UFCnhUR_6u}=s
zyH@D0(Bb$YNHE6|gbm4RGhue+k;9ILbbIa8td?cDla622skfDds~0m8)w?n|G*&d?
z?D6rZh-F35-O7+#ff*)25}!nsvGyC=<JL*BI8<~N?u$uQja9~gNL9K88PRZys8C0b
zaila?J*1T`dn#?M=@=oel4oN%rv@Gsm!|lroxavUIZ}BIR04Qz2rzIX<9gDfX1b!C
z8|sV}R#jm?Xp2bIB(24#IpJzcYi%ZLeyT6oKkC`AF1qe@X96?M?kHgB*`WRp>9Cpp
zWtZ>9ULkbX)oCXOzUu?uv6lj2%Vr6tWD59b7_AwQm|^HFP+AO>1H}-8v;m#?YN)!O
zsDYuqChZLb9!Nq{FZ$wX?CrAP_(Pd{^ieMSCb)&Ucg^KICPzH!KA34#@T7S)>^*3G
z#eyI+%{H(IriI>hZhri4(?b9Gp2+SV;5eet(=;sXTXqI|;UxNY35^C`<>wrv%pFhn
zcf-)H;HoDeBtV`lHR3nRA%_X$^&s;epn{NbR>h%^!Z91Vua1-~d6X7ST+;iF@n+_5
zDm^TcifKqJ+Bc*b_e$f5Ra5RcM5D?(Q|<caqJMl4zlw#j3K+t<YcGm5JiKD&^Mf-=
zR`i)^_GqL-`|iLO)Y$mZYMx09agGq0zQ_#^NvrP1Ij-LLQhd|<Je#X<^g&tPVuw0M
zx)*LiR28~CSD1M#In6I6FWF}Zho45vJ-4|>H`hn#%xY)F^qH@ycMQN*@t-zSGAJ)L
z^m?Yte0iK_Pn;>_lkdzd@ihdD$PL&j2GD{R4g2|9@2kGYRce$uj#^WF43ntoKe&}k
zlVo~tNi>K);}t3G`MG$E@f7!^7K-XnKnJ0p!(KB)lb(=wL&on{^#ov?vcC6Ph-Z(s
z%^od8d&oYENtWg4OjNJo_2AIUip>yA=r~(AxYWYPgdYfvQ-H<a)Y2%)WW|ThWm?SA
zA<bf>a1p(52UMr%hYP2<WDgoWJ*cI;bPrxrPIV@SJKb<V_3$3y5oVS=5n%N^)z@aX
z{~nc(RCkN`o~SwW?E9zfk=KLQ^L!61m}p-eh(MiIL*&U+x49LVp=ORVzj`0RsAh1i
zK5^)C&PF@5h$xF8z=pR<h`h;Aj&q8L0$;bR@rDD#aM1&O5_OpXXt6p4<a4+FgcDJ;
zdtJR*R-Nsci@c1u*(juAL6pl&rv%0>v>$-F8~x)JI&7S*#TFEtX6I8vuZ<&VN@>?b
zAG7$ye($;OtlEZ!|Ct-NTjrL`PXONKr4nvrQMT2&dGjIUn@Ho&#TQqvlhdx%8ZGAM
z*9@)=?x|c#e;oqyDlXMTZbkKWVGYL_$XTRzL4R@AiC3e!PA4}m5zsz6kO&OBG@Wf*
zkDh8wTH$e2g66CY^PyI;a!{-nUlqAvQ}K?Jy}8TU@!RiCcA{%mmdy8o$;k<zv)SiH
zb^7>Mj;Ur2%_rtLc#6Hp*o+G1O64SQ=?lmnQVL@?n$?$ZZk|lWws-8KJ1bMIX7pTk
zpGjzkB9lYb%%I+|pJWWXR|lcVvy1iN$B!iWu_WIC9I8RdPT}9C{oLeE>fJ52ql?3i
z#QsOqVav83lh+kbi;VnXdY<Z*0%ugUgPFo`UwP9-4XMx^tcV71@l%lv&F%tj(cvs!
zW1LHUsg(13!BDVY9E6p>JkL{fui9VM=Ou<h1p<KeMbycWXu#fdvFyFiNxjs+OoM)F
zbM<pSoKd;uZF-$9zqVpZrWT|j60c7Cm>1ZIZF+Po+43N!g)hAx?2sT<(+q6<8%ngW
zkFp)V5Oq+&RYkw+EvX~=P{iHX4CZbZZAX#53`;jpAG6vbCs%|gvnS_<uwlf5k$mMQ
zcQh;179I>e@S?1MJQqajE0(*>KF_!mo<Hf2t~xgnoUT2uabWN`Wo;<8@qFqPs@n}2
z*6jRmM$>RfgOR}tN--^qKK-?6l)(CJ?#kh|{HLM?AF#o)*D)TvsA|JDQr5Kms+lTR
zVzWf}qs;Td*ILZXTMc2;DHw|t7vhLUgLf(affy~9IANKqM=P3!HOh+z+H>>6b~=MV
z1RHOPJfim5i!`x{!9MMLyOQbkUPSfMf`GZDx^{rpDbm7E!CHM_fi7cLG91t)&6DdV
zTKb$jg?7Z9FYLun=o6Oin%kpIXgl8DYP`Q&0#w7_iLgCUJyL`;A+<y5C^?J9aoD7m
z@T|3svf8c=WlG4#tLj6sGqIz_UY~ltZFwfk`}xgR!E3e@of(&{cW0hzH%=_{<rEwE
zYxybo#%K-~8S|lS$mqra%4$V*w_D@%>{Z_c0;$;WK^l^^Yjeva<xaj#?pL1J(Nc?h
zD;Me+&-xjmBu(+AN~P`vAODiM=)hOu>p%Sn+SCvd)CS6BhJYMj6W<EmNm|~KbWELs
zmA}zjhdqxmi+yDzCTe#4)^=@|mby-Yw8JTr1r)p_T|<Lcx6vl<rd-&4v3rB9r(^k9
zj+N;qwk3{i@3?CjkJ|c3+ZHTL>fg=DXFBvo3rsgq_05EgOZsWb7gw;2uEwqY@%m6<
zrj6Yf-)E?8leW|QB8WtEGS74RTr1oDxF@CE&)>9-<>Ac~<ARWw9g}FaJ+q~C6%n>r
z66I{1!Z{n^JGGYSf~4_JS2KStI6`|>sk$KU0FwWUUHnw{`SAEhBM0*`F9#?ZIE5fV
zr|;n+M{kLUhOA@I`pIdZm8D3e!B&BuZO?Yew{*UhueCdA?E!TIje2^vcUpbsW1Lov
z6G7eim+2Ay!*m~w6)SFW7XQQ}Lb!6oK=;EB60;6qfS~<lT6;KtR_SG0AY|(UUHB_4
z#?P*uQ7WDxO>e0!2J^gU7`2oJx+Qwma1=v!GA2#1geUD22Z1$Z9Qorvd{EquCyl2E
z400@yAp0N<SH=CReg^Vx13Wbwz@;snFwek~gaK^<>XC1Yn9qN80bG#r%l};$FhJuC
z1&y~Edp{XX5zyH|>>b9<%`r}?%F(N^f0&j<zJg!M;Wq~)2|VXP_wg!l$NE9Np#o+?
z8F&Kt51%$15`u8jaH8&HT+V|N@dL&g@ArRR%Jus$Y`V$d?ZXi9Q~hZfjK1-+ScC5N
zZZ=N)tgrFRZ@k6qs76;RseR-HM{bETOZ`m6!4(z<XS9}m9i2LA&Tem0A54s&0M4#T
zW)Lt)sDE;{#Mjf=og?kt&vM^Sk3X=N&!juDdM-7g)n0(QtV}shzIcXpdBu{{-wuj4
z{@n&v1<2xhu5p57`2EzJ9eV?hO0+wz^V61i==sENn5$KT!;v?i#eJZ3_$lWS@wVt-
z7cb9kPkQR`vWP5E>8fA1S(V3<Y(sbTcoQE}*GlnFep&&ruwj}sD@|2>0$XqL<Dl$s
zJNMA;?H@<7P%Mdofxis)u8t*3@B2LnNaym?T7}<y5VK!U#hg4@o{#L-pC^6K$+({(
zEM5C5C7xgo+ftyOFwO2p7QA&a!^)Y_;L3^+*?ES96R(}|R|I0)+w%2~*Dd8|T7R5z
zUNh#VuMip{-y^(T5!)XpZVo-V{J~O6<iy4>w4)I6V~6ipX|G_nW82~Pou$)9>hvuJ
z+0==_H>zF9Z#B%GV`oh=LY8)}J>h>Z;JGzN#<{$6%njGrcT_W4K)`7$zjs^5+I7Pg
zjDBxNRSqOMt>blzs0hj_Wm(3t9un)f;&RK#DZYq|dpA%H&?j@7IO$N5dst|U1rop0
z!YEn86lE?Ga%t9}`gw)CugR*>hg;diaoZ(^FMrVBdltgOIxY!I;=LB-as*7mkZq_U
z&u36`+O@h7vR`h}CCmj?b=idt{f|9Z@6>m9UnQUjU6jMT%m#d3L9I%^yNCvM>L#Ao
zz!+nAM9H@xi+~jqFQ-pO6!!<pX>Qcu%z1QS=JNUg#CF(ul5XfYxUu7IS4T(u*c$hb
zOd}pk(%DGx(qX>f=u2O7GTs>{iceT$r^E+)wtaiW`q!0JI`8*cASzx8?5ixu7^Ucy
zw`N~1=bC;N(kYo88X<dP#?jGpnBmvEA$~nQq3u9On920Cq0hp8D@ye}HMH47MWi;!
zSh|tG)v-A|R^z+PMN$K{m(}BYasvVA`tw;{ss_Uz{e`LmHWv3A=b{GRn9uE>*!a2#
zMg#xR<PEjX=@=!O>Dw8@_w6XvW?Er#sA5~iW^$Q%-cAr6fH8&P76~FuE>)+2@ddV%
zwA*6|*yJXf$XbFf*>O4nvX~kK?Y(M4&1^Du@)zZHP~RTwxHb70_jd00sZ4UdDgnYF
zJ!&|KD!JvKcYCM5bS5xHaL8i%#GAUcUc;!5Hcua4l;2k)q)NEVRL<H7ZW`k64Yg9y
z7bD}YswY<n$u(f&O@mvqmIScrHqUdsP@RqO>%(x9Jo5C-mdjCZCgTE*e_y`CZ1@=|
zN5|HRAbH;Mh$y=dnz<iql#0OEo7<hwM7(iKzx?y!5i()C#2ZrA?&zQ~ng7Yp@0Dd7
z78GFEmO6e>*!M-dadL%{*bVH(%B4#5rz&e?XAE@BZ@j<OSFX(qE#IKsXdM-1_775b
z>Lsd;$|6>B@b?ziMSDUdPgwJ_#;CjKWn7iHP*G2DxHZ+IzCEt$m|04*p%+{R6~&}}
zw~_<dJ6|a|39%y7=*$x;e{?2YvhgEJSoTl3xo?P>Hc)j^qcwJG3F&#ad?RC>oYK!Y
ztdy&k+bo!uxGV{%x84&ueTU`U)3NK+xX)A_r=mq}Y)VN3+tz~}xxF{hQ0@&fjWy0n
zuOeR1ZK13<^OPPfIX#2!u0TolO`PkS%6XREm+L?}p4@(8@vLE4;_u1j+7r|Oh76)z
zL$gQMQGNLSz$w4N;oEx?bdgN*cwPAU+ryrsE{h32C2xpBeqBQk0dx4*oi&=E>p5(X
zJ}#4@p^6VcU#Yi_u;rBquRo*m-iOaVvL3@Fie}!V>l)WK^P_J~dA7)T91>WE-C0Bw
zvHG{zTBP4gNLg3NaY>NY35%|*nt_>&Ud_}EWH(XDP0%>YvYb$&XC|i_@6dX~z~P2R
zahd4Xt$7cykQ{&f0#N9pI85z5{xA(*+356lc#N`1Hf1JykEVXy$>V{AnV;_!FnQ|U
zcH~n;-{I{5m0w<TZ`^n6$H{Bu%_UEpS{A&oqBUwzs?E<`@*J;7#`A^Eex}b|C~I4?
z`adB0ll(7s21iUj^6u|VWyi6OCB4Fc#fL|)NS>TX{RC;CPL(vi$od_U;+=)fC#us+
zZq`pMO<66I$*vxbU7A&5qY3w{{t<FFLFXg4GXJTb!CH&?KTO8sj02rOhT#lW^|5s)
z!dhhelgF1{?CHWrl9ui=YRT|{F*$TzB)xUNh;ees6v;#>Li++yhEDC-e*}CkwX1&x
zeCX*>qy@;f@$*}|31MK#&;T$XhtkC$<#fmZ%}N?h#cz)4Zk_@DQzZWV>Hn0*|MRQJ
zE<o?MB@|G$sP&?kpY^ja?yEE6a{u{uX)?M_d+QW>_C-H>QySN!B+C%wXG{QO-cy}b
z5unLA?S}&nX-gen5E-;42A#+lXWQ%#IqP(>wb<oZz_V?~Mju|zCNICTW(PIYJsZnm
zub<XjxD5PrUqv%ruqJ_=qqvY(>c4dos}!}i?&`Rd?8l)xY3@rAnuNTg@sm<CG=Hy3
z<ImaMDqJb;dtP#D!RPCtYQZVP=!cR%hMUaF>75eivfIB+vJ{n6WcIh)`Qbd*Z6;i@
z15Kd;So65<<n(kyyr@h`Pd~BB$f1u9mXCy0_Ae`a5>0z@;g-R@Ve$^nm0p3mjt^vr
zco~Z?|6x-6MP>`I`kCY?m0?2p>qDi&((RT6DKQyr4zE6#G#VAa_Hu6h%0Elc0~o(5
z-P4is6oI{Xe{XulM9T4@%RMsuS4R_~GH+vQB0uB|wx+s>oG{JpX}8slyPtWjT^#B^
z?AVg>6q4Q7LgC;Ct8iOS?jk`q{k%u%D)P6xUF{XB<Tj5NCu?ZM!Ru8s54!{Nm02?2
z)RHM-CH9H7BjrVQ>3xFH%(h=4{MU4Us#G)dgLCE;0vjSvjca}#C0rqvyPp>>f7_%g
z*X%R!fO1I9i4!ST8mMPG9RvF`7d&N_q{fO_+8rp<tWfCk)UV+8%)qvb_%U`SkjuMg
z)5I>a*@=jG<Jws1V{=oUDq_^QQ-S*jk(bJ&J7&6JXQ=T?A~*E>dm^`RHzG+^p$95k
zchQHT{k3m<(N^syQ|D=C&rgmAIY_sgRVz=9pF#APj}b&)me#|+H)j+|-mx7#aq8$?
z77nwDI&Sna=$%gW!)43h3v6v1)34~JkI5TPy&tMeWu+u`ZL|z+`;421?NFm5;3qU?
zgTubeXeDW88|6RB%?CEGeO%@@s8JUAb;k)OyS=S~N8Zs8K-uar9-QbHOhO+}b>9Ba
zO;aFG=NO2RUp@)h9dCr3G`anhsCoNmv?cPpi^Q_YSgk*}0p8FK_T!Z9kmq!UU2SZ~
z*_4zW&J7qy5>BjLjDE{ODgI8lWEs-HZg`%zJG5}l-p7upVm+uJk1R}FT#J%J;Jm&0
z4&{5L4m2rz?J@pzJm;EXj}zAK&^`x+?8COh513?4<gn9Z(m3mwX`T19)ai`JkDs!4
zW^rsLEE@tr%zu8!cStl-l#uwPXeJKO-`60=2&XeoglK<R<MZ)A3-gt*(0m9~9nhYH
zU^V`EtgFj_8rLpWP@T{pm+)Iq^7SZh{XGMC2u=4JRTs8VA_8^}4}Je;SZA@UfT^#5
z@c}x|-6_DQmw2j(Iia+)F;Y;oknofFzr(S}JPs9D5=Ul0Aqw_!@-ABTytKk;Eln}Y
zxZ;;fTNe*@HYQre5BwJG;yfYw$ntqtT;TPF0%mseH{{{%5-OJLA-DW;s||9&?xx@%
zR!Nmdrcs^c!2dvF@w#?<2h~ZBBwv8WQJ+UeyUR?^NWy-*OFy8*)ORD`Hr%V2S(|5q
zk1zklVuH-ZP_s$HZU=WfzjWA(#RqZ~Y7c$Bc55wE!5s{vwv0FtO<YH$*!^2F<ge>Q
zCx)3$dR5&b0R!aPh*6jWwSE7^z5Ux%Gifvrk`ECnF4(`XMmhIzs^jiWV<}O!H$B%~
zPRa9H*P8Y!9h;Kv72M|w`#!X$qE=HIrdC!u$v26~@ac^xtbY7evh32kI*!n(&R}CU
zf5*eMX*ov2BYem&`^jvtBvnb~D99U^<Q$A-V@HZCttasMrb|G=R_{u)^DF{m7?S-q
z(*Ro*cHLFFDofLR3~?{0geo;9(r8fKTRbX{4tDs02vpi^d&ZW})?MkxGEo~k*>94~
zpQKy+nBCcn@%$d6mEK1?;<xC;<<&i`M>WFQ``k)9!O)Dw@&0~vp?UHc<gPNC42E3Q
zd`IQj0`XgkUl&h%dCIz$z%xmonBP8$t96qu#uw(bXXcO*ImsFA=VH_s*W#3&+~QNT
zxVMU0E8GfhqFQ|QAN0JJw;uU2W8FQ6&~RymnFl%m*y0PNYP+Ca@cxDv-7-d_Nv8_C
zeOKO>7ZZZrQdP<l5nJ!rn#EZc4JC*T`A?;P4eOmJ=J^Gawq|Q9OD*1indI)X04rbw
zaHRu2w8+r<nWrOnW4~|OTxAQ+`Zp410;USm4;sFN!9AVFu1fBaxikR8Vm^wBH9D<4
z*^ln9e{f{p{CN?|Yw$5lpZl~fR)(WwSPee=+`n#0LUP;7OTM+8C|qV$Rd|bkNd~B2
zx=_VHWf|WKs#rd-VK6<rvp0re4)ljIoaip}guXZp2(y0JLw4Ok!&;l~btN){Atd*^
z1h%&s15|7>d%=Lwx~qx#&Jsvp6M}v*oaqedP*Mi^?PSc}F<dW>dgT#e`M@N8Zx3iv
ztZ+Y(j-Wtxgl?@v_8v#hN2b38jxYi6i3A4G&*8y2!*wot<2mgIO#kOU4r)4(v>1gg
zF(AMM;wqrsT0;$2+)>v+$Fe^eQOQPsjYV%x^#Pd+W8Z{P-48fJ7Zs@p=m_Yv59~qq
zJcQ;vn@{?zH84*7Ha<EP&(rS~^9ovZE$V~o8lD$W&)^r`trdpP!%I4Y#L`QOqoK?6
z%Wq!%*vK%3ESaN8%0)<Mks60(<e?d>6PcIQNQ{G-WE?2TCo&+%s(JpVGQD~34kC?-
z0l0L#XnW2D>lc2)16sv;4`0&uV@@1xmI`x*_gu(#Pk!=VuqRI5<Y9kmdyS3<ac|g6
zwtzP9E)KH%_<l~0&XZi8#TZZbGae3Rxfxb|GQ_!`J+x=l6{XRF1*P<<xSt;=Q6bwG
zO{Pwyf|K#qoqCG2jJSdH%YRU;5r+P}K#(WYyh<EzsNvKQ&M-MT87*zC%k!O=?J;Q+
zha#^n?^;m!8ONS~U2=hYIrc+<b(~%~;+Xr9fW5h2B?XZ?64R^Civ-;2judrdnENB8
za`i>p1!yCd(ZjjF2QKe@yAp6++P3PtL&<aoCu87#KG<d|9t<bP*oR@Q9cUlh(0QX(
z0=~!bX~ttnDAfcFlpP7I8Mk}Xqtqo^yCXhrvOxW<i8R1&zDMhANLN+FeY=}+<EZ;Y
zL?A~7d0(ej={b4l$vZ=YQCe@Bt-vFT;n#%|u9!RKs~6jrBm%B52BI@Xy8Cy;sq34o
z$T6WIy18!s@Zd(ztQKwD$teM9PJr(V((Z=iZQw-CWup;?$Oa$FCeIs>7{sCrbVSD`
z>bS*qa2JKIgH=3GlKBF-hH3O9cUTynr55Vt+Mr;bk!ydRkGmk~0dp2t>0)U&1%F8K
zg+<F8ORY%L4b+jRgY5!>`#K@EAJav0ZuPS;^RZ-j8Hqi<*Z9ItJK01h)P8Z1?4M*Z
zG&J0W(M;|BA$p4w>!tRfS^Y*wM^9Yec4cjCRt6Sn+_R-DXlpP=F}}^zdcu8gpzr~y
z?II83SjnVGus<OI*!J`2hR#F^fpPP|U2ZbnVv;w}EVd{d_Uq|xT^aFF2ef9*d<BRV
zOmrv-w6llqL^p{~mlRP0vqoXA+bmw6bu)?I%n~jeUPrxfPLAl4uX${Wn4D1*cFlDl
znp;`Ax$Hh^e3;~@6tRu>+U2`E1q<T#4DKhg8YKNX0qf*4?;B$@jUey-XD5rcJ9$Tk
z9G~tax^C3&*qBcpT%Gr2H^=Rt-=MG=|6xLdJ%SlNAJzKeE!6rA5~P6gNdQ^vr}bX)
zu}*^`A!cBO@cXYusR*oXkwg{v2~*J6q$T=w#fTGdb^39jlQWB)D+ldBXQdjRd3!}T
zb%$m*ASo*GsG~I`M@?Yjz?zYiSNteVJ_}~yj&PRAW4p%wQ-F9kTI$`(Q{YCK$>z5^
zoSzb&^*l#k?T))TonzC`@7NZOjYtiCZ>U|cKB#dnXjcB&2RAq8w|R=EUCoQg`0WMi
zCvpIh^`fyNB#3w)dPU7!c5uth{Kv0z1c@DY-9=3#oy^+o6Bt1|mq3gSl^IA8u&O^i
zazx?>3IE(oD;@WA*j&}=>P(*NDj~k-8p_8xc>~V%aoPxS_Su3(!ILs2-7s96bYi7p
zA5_(Skj^49rNTeS+gxh$F1vksx;M>6?pCpbV2pWgTy17K&52&9!iDNqIUcD>$$X8v
zVkdigRs*qQBH~*iz01a&PPi<ZSsBMf`h1C<(i!aLowv0x(N#=GKmD$|pOh`#UnD7B
z`RHK}HEPYg$&-<dKOO>P3T55P@ft}%4kZ2q8LwVr9w)AY%m0+E)o<stki<-)Y5rIQ
z5vA(rI%T<$-TY1DkY?X-;te~zU~CFwAIx^_vmK)5K7I0{YqCHG*6Hi^nT>kfQReqN
z{D8rhftjaH;_jW!A&0=I1Amyj=-ad=&r+ZFvWeP>W44)*Cj-J8g!z@5obg4S5nF70
z)Z>U1t^3hltEtL$2bt3JB3O8>Yc5PznDJVP3SMr_%Mn&rYIh;>mQ_Yx_nbATj2;1R
zwZv87BR6%K_wqw&tD|jkD!!eG{jM(dBl)X0#B4pdPsKTWu@gbqIGw~+8y(|)#9>J0
zP~tU)G=Iu8Rds(R5ZwJ}#LDQ@%=2aYYGZncL@8qUj&qe$thL$h=5X?C?Ra9GoIqY&
zx5?G%C~~*IeNl{Et6|kB{uXHU#z)e;{xD&T-NqL!Xu_Zu%g0aK$=cGqJFZn4yeb$l
z%F4v8dR%HtCO0}{Hl|QAlS^G)!q9VG>tA}HN1akSWwHpy$`$uSf5v_E4<0ZIer2zx
z5+<}?+{5@Lj+FyMZVa7h!LBk5R6z}lqns7gNs1l*uW}>mOf3vn#nxX7R8MaYZBP=X
zCU@ZU3ngTf5V}Py47g||oZZ4P$5D$|8RFfli+^{<Gz#rq`adD`?{f}n*I#AmMkdvj
z@xus!=zE!cad<e`0*0f#s|I)9v$H_^coeZ*exC6V+`Kp${AO=w7zwv~UKc#;g>G)L
zwL67yuk?dt_D=MeTt>tKE!*?me)YrmypgUEe!2a4CrrrsJ+_rY7R(-{h5TNs4Nma_
zr?tXu5uM08`{VxGk0#BOig%w{^5*cV(wI?qYe7QuHUKF^cECj_L2`|jxDA73%yjFy
zFW?JI_<0lI2^qvZZzOGU;Ka=%3Wl2*j#i&0Eshn>XlA4%9vs<H8@9<UtW7EgG_aNG
zKL7da#l5lDzip{iRb-^wuYk?09s`!0(Qp#S=66Y%@a(bUv_ke?L!8~1O3YpG%8o;(
zejt&Zvg}&fa2`+(o0Hql7c!u_e=#+Aw3JCW5%l#PPa!GtFL-)U4arB^rZBWKq^G@n
zI}IM%R8K<mcuh*j=ig>#B(3|6!pT(|$**o6OILEw(t4k(uQ471YajJk<yGE#{6Oix
ztv0$L2GIgeysX8X({UuYKHeu7J|(tbX~j3#K2<5p&5IZU$Dp0}O2=}|HJCkFEiN`K
zeRVlecwX#HDpe+it$uLxqP9)<>Nhn39e<(A0|iSVJyhph`&52%Db^`R4RN(*+LKf3
zLsRj}DMR_r65n!9aqQg-N&6bGxLo70m9>qTg^}HA!=k<7x%Xv-vw@PHcw$Md>8S5T
z&t+Z8amDc?NS`VbMSnQeFyZWqXa)cNLqa4@X6`idRY8>Z_geTq$QO-wAXFj9@&=ls
zBObxWLmo@YviAv}d!3K92srkHvwbU_NtS$yUm0d$E}MfqQ1ZJ(BuOz8t3zDuwh6HP
z`m`nD!Br#JMbM#q7pvE(WPT-1xT!_1w79a`pmf<!#a)BxyO(`Q+Evc4UzS(CrX~#N
z1Y}b@VfY?Fe}^@WjJxUA<e(|OEN_smR$tL|w@Rx1VkM+8Np6^ZdU~OZ*%NoR55-oC
zK}fgdc!zQ)Fb%H=`1k>!pMbnmNC?MIeBu){yQO@0N>1g9(Ws{6Q>CaMp_!&4Qn5ev
zr;&s=Q5p)_p<(l_88LJIC1&*hi>>#Lr}F>*$CXMYY01o~kgOzoo+LYD=U8PV#IZN0
z6tY*yJe6^*<797#tYpQp501UZIXE27c>S*4<MaLee!p-3oU7YSsmpaepO5E#swe38
zE^`ch$Ld~hMp0TKK9S-Vq%s%e-?(gNEcQ7*qE~(Y=cuglQ01@YD)`@;tCb@_N#-qj
zaR%EjJm!0|4G)oeIm2utGz_-WI~MlE5eG!6ry<0LL?LalubU-G4uGXb<G5)dhdW0*
z`h}yF(jc%^_JIC%u6^_$T~-kQY{jR8FGj(L?&E7>(=?wrKtL|<O<_`ZpyjtzWrR^U
z>?@}&`dOO9ibQ$iSd0RbTgyBjlj`TQZFaY6PDZ1rHQYW~yY8=DXyu>qE|Z%Kzxlyv
z(<sJXB-v4VEpvRyXWpal_1&1_`E@P#xE(PUQInLkzBPyU4;<bssU}Gq0LAX5=hsx7
zgC3Gf7U7f2XROW>cp&TYN3d5L?!mP>?3>G>D(&!-*R9Mu<B1^yE%!$hw7nNVwX=G@
zhk*;_$FYsQ48HV#+<+&&h``?oy-W(gPt7{tbhqFM8rq%i*>cYU*;<QyN>zt1e<t|n
z-7WfkxauS#F*R&z(%hgJ0EdP}T*Z%h8`39_d@k;MV6P*qrrD`!B_gpMXo-{qDQ{Zi
zpX09hmHbSDh{h;gC&4-(!5eHlNxc?g-H#6M%6|Wy;HHdA@Mn<RLwA5KSU9!tCP6Qd
ztc@^UMJ@KVqu%oVRsdb^rQk1|Th60Yk9u4=y6xRBzAfeZ(9-;ulG$Ci4cJv<Zyc**
z$Q8^@7u}Po-%|5I<88378?cLeZaE-3(s>14&{a9FSrjgwuaP|Dyy}VRYtk6-^jBew
z{b^WYEHCQe<h#A2E4mC#TseXLgxzq0Z`utVOzfST8+4lsewa%{Zqv^_$b?IqHZ+Xo
z876Wee%CV4>QM}99pkF=%%HWF2h7}=KzMX7d#_sj{`<|U{rHfSUlc}y&SCWeoI^d>
zUjjd|arV_UB@-6r+pPy|`p2erZn7c@YTT*S)XF3S4}<tdR(>xy5BAts#)@Adm6H{6
z;Z;l7*J&dzhut1kh>k3Bhq{!Z$f#Kz*M;o~mzj?Or|91hEIc@!SM|3u34)l1U6~-I
z4rs?JZE)6^sIdECZ$I1+;@({VJgHvVMIx@%C2TuafBXjdVAeE#F-(k4jP|*CISN*m
zu(eI~_wZ70ZPC;_41arGQuQCoSMw|aMc(h}@omuBT=CL}b!Uc1fGPf>^ZJfy_>BOK
zoT)cucM`5usLiKDlyez_uaVH&_?&dEj1(d=qju(69UwGO9-*;d46kctDOPLp-P)Pb
zn%OPySHEC|guc?cY}j0H;DW18t(8~;w?w6i(>~+0kcf@clTjpcv~+0NT(@yC@v?E)
zix_}e1rL{H<;oOw&PaOoIp{u5{y3U3gvixV{DS$HoXY@2I{A;b3kD$Ba1t5#9qu>@
zP<Pn?_^<WRCJsCoQ-r2n1TCDS?R>(Woc@O{){g@?b~OA$hqj^uXO6$NiqJ5>G^{F=
zdP-=Cv`^FQ^Q8u+ErrC+%b~B&gEyCe;soY#CqUcvQSTt(e}mNj-)kWPD~*xN3Mf10
ztIE=>gB4w^+MlIPYi)tHi<4ZialZb6r|3h)a;nMR)`PnguA<Ym+dZz!YRe-MF;cSZ
zRZu)?C`h6+*!&^t)3V`mu5>S-U$af=xG|Dy0G1_)GZIT%!a1|sbE;S+Ec0*i?!eXa
zn>m$W!*^pt9+7Uo*^l4Olw?03KjGK`JL%URej}xVHvr4*K^bIUc_A~Hby5A@+ZD5q
zl^Z^3S1Zbl)3ycCeH>e0pv!|p5x(s}&>C|th<X!bUBYuNw(jnp6$!O&YL(@g?kUkc
zIL5!PH!3uE=R=G+b=7&@k;@?_cV7Xl#8x&f)=lsnZgyTMzE91hoqlM{1oUHeeHD*G
z6J(lD*9i=<2iYnrbsEq)NA|}Tb%*`AtG940-tw==l0m0t+|SPd(G=`%;;}aS`NG~B
z+G6dRk_0gI?yIz+5-t=gyDG}ti$)diZBiLXEQXE80G{+w7&AL_J0na8ntrHJo&$Fq
znOf?ViZ9yoc0Ux5HH6OxIE2ZPTwDNx-W|4fuF<MK6quYmfP+xtO82vB94!RcCNv$8
zL1zf(a=(VO<|qIhF1nno9((ZR_01z@j$Y0eI9Iicj|JTxF*DE)H*J}^;~n4=jNRZZ
z(yki#m=9(lvuU9quPb1h1Zl`PCMPI95Gazu4?$J+^h84(z=Vq?mJcK^q&Pn6r%roO
zHrK7AK<pG_<}DVyblWykm&Q5bmHlKP@cOm44$+1QPd#gWf3v7t%@X&00a|m39zcst
zPXIf-$v<?-dQ|uzRax>C;D?tLf=jg<lw`cR^`Z#kYicg3>ms=}9D>l*jw;a>=n52&
zna$45SswvRr<qnUKzR|4KnCuD1<=5tP7UW}&>9W*-(Oh-A54sAQ`Fu!VI3bz%^?=Y
zn#B)=8>9BRjo-}6H~nn<#pU9Hz!jowFPz!8!>)_=fCM_O!#0+mrl!R;SHs4C9kHPo
zXaBOU!(d7XQrH69^IvsT^`UkV2?a}E1W!a0fC#s$hR?%FvGbKn-A<)O@^+{V<4DDT
z%PBwz@1g&n2Td&A?)j5tnJ@=N9nOya>cdc<AN(zHL;wlma%@;_+l@4B;T?W!H!2bQ
zlDVdh+gEMc!%b$DSL*!nC&fzU$QCIl__YI*KNRt=8_w=Qm#$mrW}2`lNI!eu)}_gY
z>a^R7dJ$yBDx2FMoweG;l`nxk3>h#9Fi#PZ{EcajUpp^+*urxvcAoMi{Nj~@sv@?Z
zaADJGV_R>Ow79Qcx}<Z~>(~WGEbIe^(uY^z$rZxoBECw^U&oI=upjVs1;1z6%<$b>
zp4S0C3m?#tb%nnkuS=ZJSZ%c9R{9XtN?>g@FM)++xTK~D)>MD}?K;%myZTG_#pwX9
zur?sy`*m(5wZL@?d5y`iUGDp)*y(T?jFVP7n#W@mb1nwK82Y<JFi1xSJYx_meZRhw
z4-|5-C;x$S?P$phtbErB`wXk;N5N|H#&GdB$qTgtAv>-+BJD{%&UTo3^|q5d+!>1Z
z0{HUr@XUJZSbX6WgM1W=4oOii=0jY*@*-g5(F;3-U8$0#7%$ubVz!I=XprCCcEFE`
zu$kbuM#mC3pVmHO*l{w8T!_EkcIZ$1lrhC=@Nnp9`<VoP(EW?2R@nz3-T2ig@4?9_
z?O0}$;hk!c8ydrq87ykXz_Z&`k5BW=wScH@1~oQ^u#T0Hd?KIV?7*XFC%8mfrDt4&
z$Nv2pC39q~`$W{2x`iL<d~X2cqVCUO#mCQ<Rxhf}3{xXpT-6_#)R!Jj9Bebpheyo$
zv@{KGb(W4NyiE`)x47(gX3q3o&@DWzlAx^xz1;48sCaG+T8)#VuJY4~qG#s3xRR%u
zYv%#=k9mBgNMZ3>T0?MblWf#N5RH^G(It)xb?yq`_G9eGxrzTys#P@)Ypl#(XsGo2
zCH~~}(tC<ZArFe3D@x|OjIgT3S&Np>`C(d>S&j(C_6)dWO0r`!#AHQtlE@Rf3^2K`
zjXWVkabit!2*C>D8xFmONjrO*`QKeBNsiU|ahr=efW*eny0t+b<}m35t+7EQWxi`8
zE>(gI&dM)Hhf?VAjcr0qV;O0zn0vSN1;|GI7@sXluA;8kR)8_;6E~=Zgq+i1=#&$F
z1lfc*lApS1_`hmQVV|4-d^IO`)5>=qc0F6VBTcRb{e2TM9tCV|L-VO32|pQB;>>w|
zVBceN)MQr#!!Eg~8^l;R7YZ8lUv_fK{Z$q77ALv;hPP}As*)Rye-UG1t!mJr`>6eQ
zE=nuwSa76lLtb`Z-9u)I$mye*Up6!T(=SLFKR!25ROqB-!nP>Q5u8`Qe}@em_~&}n
z_91_>^c=3Ok@@BuH=x#5`yR5;`4Yy)L0;eYikvq;`vE;Y%LL_VL;V=-0!~LVtESfU
z=GocFme;XSd)45!Lf&eU?L28oEp}|e{>96fB<GDEvgcUIDvW8yx=0QQuI~k9^;yG>
zI*|1@$yOUfe71|8-27b%CF~i0oZ{}b+);DQtXzuWT#iX@&Z_>Ld^C$}%$BSYa^X+o
zC|2h<Ypnn7s~g=npu(`FiU?lU`&Sx)^ceb?)|4pE-Z`vqh)O2)t+kdTxG{567fKuo
z7C=xfa1bD-CK6`tH&3euPoo+E%y~BcSeltNaFgd)G3d^)@jrAPE%?9m_c_>WIE!>y
z1^D15sxRpOB}VIA17;3B9Z_;1P#iY`eq8uHiY5+j`M<k{uEOTf<$fR<r`Edn5oT<8
zOQOf6qpXcKRdjErZq+yK#}yeK_D$<rV+zpx-S#^{C}cWy$H>)EMWfv|F;nfYdy2LF
zndxZdMN*ux5=1<x!ZdnJu-_Yk8|B%DUw?>(^sc?CpO)QJ_EeqH2e_((0P~^BRqEaQ
z<BOv2U&qVPCM)&fdR2GI77z0|VNRe(TUtRgfI$EmH4@wcwL>8ie&+`4zi2BV9Njqu
zm(4<kODJt+?T6*0#N0{R80-e}b;Fy2h|ZIWhi|Z<qI|niv=nau8c!3~o~GKsB&Y^W
zdu%eD=vkkZ)Wj~o-(d0f{rRZvb}ksJqR?22;P?1R^c>IG=Qw<f6TQsl-!SUm1n?C<
zoaTsx{Ks(Gxx~+OdE5Mnn^ye<Q^OiirD^M}@hh>j93$mv^fF_jat7T-A1k>elC7@;
zTmL=wV2<+N1ozL7BU8Oyj6!3F!a4_n>eur(0LK(hNT58d-K#l<+eNdlA2I2aJ*#|k
zlGAMpvPn*nrLh+H8N$QIaKu$s+B@g!%`c)SN1{{#?zdjOmjBSL0yAQ2z<8_P6(>1{
ztqY4?7$PGXR0aG)!(Tz&2&LuKv4=}9^G+k^Z{yt*g$6o(LFfFb@0vVmgK-DIfilUI
z*dABi-d?qk;?Gx7go4-84=-dSLz!+K7#-{#t$6-JcO~C`c=36<NwP3*rdw~IC57~j
z0PlQGYqO>g;+`7Woo`mx9C^TBE_ScWuUhtuy1Z}DHzV)uU2ACoHKRQSACAKQrl~=X
zC4h`pz-};d-2`-Om{h<2R#LFO;Ob~p3c}mF(r5)^70bWjwNzJJRgvXTksP}|Ik}Uq
z<w#wxUK>39Hyi>~gCq9+Lnn6to3MH8g?!-vS8^2xp5|D8T*n*E{+eWZ*NY*F&KR&w
zZyie5+a&IKW1mpd`>wI6;FGAshY5O8IxR_*#JwzKX<C_)rla2`)|46)?;cH41W*ls
zbheaX&9>&&BgY|6C_lL$sCnA=t3I?G>@?XT=!MT-k65gYB%-c4myV~V9-W&S9(Ol-
zEV~qNR;YDD^B#gkz=PB<K@9GtjyD(e>dH^$X-ph@-nq@q{6suQp!8&XYj=UF-HUOR
zw7#@~@!xm_lB@?Szk9sMaOxdboZH|{;BG-k1bfy93OE;MHZfh1+1Q&ub^1e=dn-Hp
zhGv)8Ch1wxvh@V9Vk?+II4BEa5j$Ya8B`I2#BX7Ad)@%IHcwz=VAemP-=ptIxEbg*
z<}lJQ?0%=`ljjXbRgMU52N6^6Pxl%Ksj+j`=i0o+YNk@^bJo*J3Vj!Gr#R^gH2MQv
zR=3vY1*(=SEg!1ZOGS>U?Z2lTdX8_1ZNC6r4Y}dOaW?fsvEM6*i^@;Jr>4@N@vCu&
zTRpvYzL(qwUo24(t`CG$?+1w$!(3djOE>O4oNbl{6)0BDHVd<GRf-@X5!WyVaN!$V
zUsqYrW1^PB<N7tV*3D`#Bm15l$1Tt&;rt(q>o6-tf{8IBd>lzd0-hr}opp6Gd$nFk
z&MK@wXO%{jIQ+m}a$L#P9W9)}HHKFkUpfHz@NKOh+$#;tA7S)WfxBnSH>Ua<Hm2fA
zL)VwGqt7t^qH`#_tf{b+0e#<c5objbvQD#h=PqA}Pv4{Gbk%+kd~`+Q@N@-5fM9Dz
zQbfRhf){iypZIO5r@45#HrCz?(I22^escM7E01J<nnCzwKP`%~4%N~yqX5Cmr_&JI
zspISzsAQB0F+&cGW|$PkBVyX|%`d3-qaTYKJf3^o6m@E1d}9~4{WCQ;y@)!u5K&4X
zN2OCF?S;HyWPio%i+<h@fznE5U5|7bNaHCKZoE|yAx*QqcI4h(kl0r-{TmMF7M}QC
zB_7u+zHePhwo0JMH3PIoMCY}ZXzzmJ$$plGo>b@e%Q=sy<WC%s{^(E&ctP|dHzy{@
zxIkTTCTx#o<n5O$M(1veaerBolHva|W}(c*^sM{Br*B#YZGtWX52K@&4m0Z}rCEfu
z^tFx43d>khZM6lv=F24)xqcewvT5ag#(^sW1ZMK38M_|2Op+TE8{m<L9)7zEuF-Q}
z@|;C(4o_R?Cf;gnJ@Y>PB^`Gr;4|Y;ke-8`^K<bkvE+L_UUoyI%4cWR<N8q6((1$&
zPwa?OkOe-qJWwim5qe4e;mDn8tngX!JF%bV!ge0poIeRLWx|hly8GD>$_68d$iU88
zgOEe*k5fNFVIOw65~tsjF0FEHAO-!V)vmK^3YexfLflqk-t2X%Nh~D0Ivf8^svMo(
zoS%{`u_sx$o^Hx|I8;?=ShTe)NE!A_0U}2~4Ao0v;~Q@@9B#uFM8m8rlQj!<fc2j5
zuDq+qVPeba(7=j4bp(C2HOU;$s*aJclz%>Yn>IXJHtM>R<Rg6b%ehwewl05uSxM+&
zQj|IF!|-+(r7P*?eI=Wwc&)92^HaC3YpWTQ)(nN8@whx>?fCu|et6*K^()yBzknMf
zveZp!0fdmEY(~`B6ra8AeqVc}nENkoX(m3k0->wMBZnc|Beo1|GxB=~S$V7e#>NWZ
zY464a3jk_y?pPuMP^)Rd^2PoR71byF)^!vVYFZXO)_G8nOs;RKS^+pU*5M4;Xg~2A
zFhc;!b}sN3f}C;$1G0<&@%sG2Zm=DUAN5gA3%z4H3&KMm4{l)=3W#Isw9wJx`2Q`U
zs}BaDmx}U%>>Sv7L&O>jKs9tZ9JT)M$ngJOo9=G|0=k#cttI3TzZus&OjkWOS|Y=3
zcGm56lqlF$9y*iY_v;V^G<{^CNkUr}(Ria+<-<ZKNmJ5(CeEE)8AUb!nPoa!?iV#(
zY_-LbSJu2SGP*r0-LN%utQSSHM!tGDB0H^k+}Jruu5$W4zAXf?#E8;5pO?b$&-KEE
z(R&y}3xMH8oNn5~QlC(TDyT6OLns5~25degWAo8;XYpgb-jtUFaRG)k=iaw1_t%o{
zVf<|E=OSXm!CJJB?KT4H(j5ri<_Xxk@dKEm?L+U?q*oR%am~`-TjC_PdRp#0HCHp4
zHWJR3=lWnZLxy|@D2%(t#=d@x?dtExX?zK$??~-k99D?$F10P8>ieg#S=@j?8&q9`
zc&p$t_s8}2G>(}fG4be9A~l^^!YGRys#(x-;UBu~yy1KUS-v;FMFR2bG@g#X!P~!L
zfl?cwE=ubU!SqWI$E?*XS_;+}*8iHKnrM%I@WVJI&B^1k`mEL%U^$Mgpfc}4HgKFk
zKoS5rXcfD=yl)4j5R-sXQ6k>l680Q}o`Zv!wzi3kq_@x}orSaYHQEs`98L*e41etA
zo}{MEu2j8Zx%sC|minH?O7<)1-~pmd)`_dRQLFPA?s3<21;?}1C^&^$xw?wH{OHhR
z*OB%7<sEg~6jCzJRVeph@+FlMxYkL@;R0!B0d;d7%%mV%;%sQWmH`cw5F$G}M6%fA
zXoIucj2W`KizN33J924}&cJE@j`ib^3D};vA3bh<H3Bd=CYW*yF=-X}KJmVr8I`Gn
z%+4*xhIWi15^V11>Ilg2yOv~_!=*@+MayIWB;7+nsZm*=5BQk9n+oxIpT{GEl*7J_
zJ&idx9%G9KnpF}Wd~YV%uXJASOr-R8oJvqrbDrvbiLP3{M_f+LDFfq`_804Fpj4}6
zZQVD{Yx#)PBkrPqYs-wb8(%BZ^-zlbcshgTb#$SSmUeU>#i4!yc3DAyx!d}Nvl8#P
z8A?QCN2fZ!Y@zU-=dW9#DRbVu$tEpIK@3A)gY?r*CyI5LGGQZ$NKViLJ6`&>H8syp
z6&`2n%I;{QsHjfesDgO$fP>-rV<Z;--wA=(wy^t&W4yaWqYA{lb~I)peW_q)XWi%B
z*HtdJb7}!e?lA$h>vI04hpKNILCU=#eu;4&&lEMBaIR30yac8K0tT<&HyQx^84r)k
z%p#xn-u;R(zJ|D{AGPxFoA>S;jIP1}q->LUo7GC}4~21V;z7pPxWT(=%SS}-%ap)5
zo-1;8Q3u%g$-$q76V*xUq2S~<*>+GFuHdaz)QIiW52d?7_eUf|#2=3~Ju3M3e1Jqt
zcGwnmd;VuW7~Gb3mqev8hY?kfk6f+*<H3wL#z(PyJBPS7SGZj7;xr<Yl=1oa<=15f
znL4#BQ(*}oCoNO0{+b*_X1Zzre!vZPE*|49xTLy)SjNX(17p4i0g-hzSzK>thBc9L
z3x1~EQxWapi+=5@N%Lj*@K~0LFR@s9bSjwcKjQ(M{vdGo?3B|~A7hD=TthVC?-Fid
zN2loKq1n?TkwZ@s2!_ow`RD{wnyou;S1z5CnohMK@7zw@Vqi&|w~jg)Y}-~00>*=D
zz<2=m{nvPaz`xHr$F`>Yi|gtO`-5*Ea;~AT7{W}AR*H%`dkkH3-3=jAR)Z<`#!{WV
zykDmj+paG@q==e;A>OY9%d$S-dQt57cRE-o-q*|{HUt#J^#YC|W-mDK>|azc=1zX=
zlG|9Bp~(si2<9&@CBKuUZ1w^<s?tWJp1cX{#&v%s_CGHQqr^YB-;w`xLYdBKo%7HM
zP#llj4Y^0*Av_y?QybufEG;)LO@Cc?PHKrMH;VuWVYB??+W~2<%6zkQC*-Z?%nR##
zlAQO>u$=nD6#wjHc=ws3bCrW*=L%kZ?9k5_c$p%#%BI@s5vW=co9u2-m4BlevJo|J
z_F4jvjk8|266@oGh<z;9)Y&JCeBK$(3|nNE8iuB+*BTQ{hV^a*Js%3Xek0cY`;@ux
zexADP+^O5PlaJ{!?vkd9(C{YaITUk2vO`|!)b`J?+PImCzK;hEva*K^vL_yrN)JhT
zFPiIygIwmnEL%R|d|rXAc>N>>!Qi;@-x&ehsZX+@mSNjZ#u^u}MX*4=pDr)ngWHZW
z`A7cF2$^yvS~=2J!@3N#jF)%DvSb%I6w38uW%95YqaJysL|-|QPps2q$aT(lDE><l
zE`nG7e=|ZulDx@?f+ik*=<g_b0ln}B-B`0K`X;`LPS3~sOS~?F(-27?&#8{7issxl
zz>&3$8&n&UG$($jK{M$b7}z&FlQU|`+NzRAKmBXk`M(T5?RqH9avZMCoia&sl8Vs4
z41F#U$#ZIrQ=Ssqc9Z4iF#Gv);d;p>#fwf{G-6i1#IgfITpxl}{a${&@~Y!Yb%KH`
zhgR$}le;BFTU2ae*JZH=-(_77pXN+oU;B~&BkXhh1se}`M9>s%PsZ1>^?siKK=0pb
zE>)nK3x}6W0Oko`WAMq{1OQw5?~13q1V~Mb?Q-4KpV23$P$RpfyKlO;&i;>z?>CSi
znB`{<=zUNEumgJQVr#srSo{QIyVVhJ9Fs(KQ(XV8@;m&O$`6$bqkO*hZxkHMT>2My
zPzBfh-+_mFu(_rCz~&}}e?c&x5XtX~Q1Au6@u)w&eo0a87Wpu7z;oTYbd-bwbPVRL
z6&p$*;bN>88{0KG&^CAOKB@t~dv!}3R_amYVOa9OwA9|oV_3U5SRdbVcb-<BOf^sM
z&Ox&6t81zeU+t<MIOi%ckRn;Ca#(AVMrg~-JA|y4@gdFt0qBA|menz&B860eRFg_n
zb_)+F4ye*&RyPm(f;=>kQk|B*D{z~3NeByejsMi3n@-l*cxYiE@d(JiUDNAxiMhr7
zE6#n_8k5vvNE^==kOa+W_xkF<`^4JD{P~Q}*M}U+?FI@Kq0un$0b*Uul<Mzrp)c6P
z1C-kERXxh}qqgm8U(xvLIQKz{pCfT8Ekto>XX~}m$nEK&A9TweZo#SnW%0%4%q0Hq
zk7i|e=xI04m3>X4hi{STO*4!>mixWVAOWRWlk7_ePVHx-W4@2qW647@FJYMZ6X}Ce
z(J;P<cQgxV#{|Q8zYMa_)i&n@^gv^2jylFLTuuXiT)&dgK;DUa+3{w&0Wiwx4J0lP
zV}y{f)%;^)MTbKm7>4;W<sRwS8-bf$KT0Gy^<JCO{qti0`G#3gc?s~n#1VfgAjK=o
zg}1cD_<?ADOT<?6AOJp3(ZNQ_U&Hpw9W0)s<RjKQO*%D2EXJC>J~Ep}3Tn>d6QQaX
z%)Cg;o}yhz5&>thhCW+Dpq&^Z>Z=k*kORT=J%E6vjWyg$N9sA}l0I~E#D)>SMqboA
zRsO!_nyK&XYXzXNs)?}^z4u_|-$7jfI0mGvfG?ASo}vM1XmIl@_^Tq5&iP!3pmxrK
zeruzATUYi@<8L22bz`!uE0Y?0hW4fjP=Lc&1YU{10bCyrA0#k;${6QKTg*Y%Lw=GX
z=rs$TEOOc=!#iG@YLmGwJKYzNnorN>MJiNGfCQ#EkFQ!)z07gcsdcd)oKB)OGiUbk
zjwwfKS`jMu{$^RC4A)5LF&!c;g^Ox)Vw4Cg{i}qN1*&S&hFgXKF^*+?doDG&JDwCZ
zMP9^pW^1cD_qYVf0*G>|S6F>|Tes5k2M-TAYeP+dimw=ajISO;%wv1W@?^H0CrGKM
zzgSl+@X9<&-379F<KFV|z$?D6f+*H;knE12X!t55ltBc<;eFSp?d(8Km5Zn;A-%CC
z=?BU4bpV)dXk_U6{-yoZojD@A$cL_TLIjS)U->FG_q$r^2Nki0sf~vry~uihe}Au*
z6VRUn`;J7^I|~W;h^zobAP^iD2z`6F^7q%+SPcR+59M^?W+U+xte<Ef2Ncv7_PAUR
zZ@+zfs%=Zto_#ynvKhVg?fZkI=wSasi;YJyy>1nAP(_V1+~S+bFJ|wOM2r2P^RFZL
zVr+t)A7|luIAS}auXNnst#xw8Id(z;1!uKs1XSW_1_3G}n#<5veI-q}os7hQ3<Mu#
zaa%?dafz}(6sjBroeC1P({R-Xs|G{V637&%!xzdp>jhgGk>3`?jfR1wChRH|o6@}d
zdcHKIe>eEqZbXQ13(0(eDez}QC&t=*-2@rvAnxEEYb0hxI;-nG5h@tpjtch(@~VM%
z%-(OT&tPBjs;r69DUL!gtcfSkwaq1GjiMrQI9f=R3$cNnko*#}7aJxhdk0SD^u*8i
zcHM4x?`U>wmEZ>fWs!i)Ydk7S#G%^U)VHQS?$NJb-HLK4yh-N=Ex2qD41yxBOx$6G
zp2mkkN6R4x!D&@!T`N~z7ZIEC@{asy|BKdBK~;*im9>wKtZNQUHV1pQWhI*j$gN<8
zs@?GTLJP+u*8W>t=FcA0**$Ye?B?IJ0^xI3tqFtSdLJe1rD~FO$2r1Q!NPX;r-ECo
zKBTT=BzLUNk=pZv)ayos4@Mea*<aq5NZgKl>>;xX{=za3zpz4JXpg0*UF(;GY-(T6
z41O}<u=DP`jiQn(o0n3@vb*}BQ^|W;KXfA%Ik<&RIyl}QPX(MkqLa;4mzm6}3RhrL
z>%l%G*z1yY@&F`ffGUf`?>qK8Zv=>TG&Z77`$5}hF8~0SvU_p;$LX8Lql}lbi0rR<
z6aSn(Yd~;lg)xw>w+>r5jh}?hybMdX=Uho1GGtRYq476cl5$-<7e$%<0=v0yMQNv3
zA@*a=hWNza&U!!i+bER5Mx%^DgRm06(Cp&^>oWCaO*St#SG>#iqKn~ea@Z8}+oi><
z1DRD)R!fdlK9`P6Z?^KQ8Fi<JxxY|+Wo1XhO8Y}XJh|a+{@E61h1D)s&8`22Ugyvv
zZkQg%{YlN>=L{UKx?46gxduAhWL*X@Obn7b+ApFUOW$7UMKmFfD!(%D<oK+z@sAvy
zt_)(pM_I?ndH7{^nvSP270ODD5o$UkPx0XB7T<|=%gUB*cAw-0?6w9!*<-T{7s^)n
zmG~>u>=f5&!S1&A@gM(+!OQ56Gfqk$sH@dTGk&%elsf>BObe`*uA_kDC|{mobDD1v
z!LN*`;}xE*Z~v6$tCFz}vh?rjk49WsHYc*0RxXg;ia+Z}7oHzC@lP9V!^Jo*t<qh(
z?4$uKO4UN3gX$AQTkvMd!CEJueRU#fI&bMXAD|<|m`}d6R4u@Q0X-w2yf<Y2n{y^&
z2TT+tClr+v%G3BfK-SnxJAYxYi#ghX`V9!dP!0N$efwm5432*c%3SE~toeuTEi)zB
znqdJ(NtzhMcmG4D9eJ`E3f?n$1?vFLfa#z@K*9*S0$+3cFUIh{KTVgR6s}0t5B;m}
zVDo~`XDc(c(NVkG51xFXY}&H^InMl{E{hr!qyWqL2jn-iDlpTIu}j0HJUg$uG+YKb
z{_<uZ*M{U)e$T~<$|;k4>DLX2Q4rIDBnX<M&Fsq^@Y%Mn>NC`YF+()hydcEiZ--M>
z0pxmUP1t7V*1gd6kZyBO4|2qe<$*_MXwr^8G)cks;vKE!{kl6Ik^<*L;#_aqq-ENu
zDK}oaYR-U1y`@$w-32_xT}+obBWKw`ZA$D3uf>6>;ZNKsRaV$oI^%g3l5;rVZOZYj
z_!W)05}2LMog2$e<>Nlv1DWI_875s(dEL6_os4SjZrhy!4DWLR!ag*h3v22@(R6kH
z^$%U7vA<Ccc&N-J&ls2*em!PN+1?StP%adki&Cz4ds;kUrQI}nWN|7vp93RRbiuT}
zu8K+=Y3I!~VGA+<s0xspJMY2{sEC#liLdmf@Qi;U;~X2hf`i78pLTL{cK(hFn@2A|
zTHPdofx0aOm^=V&%Mj8kOz)TtfR>o_s6X}!XY8wYDZngxbY}ziqX1d>MxWx^P}$sA
z-V)Ku`nD3%_oqS{>vHOL5yLm0H9e%e_;gR8J1<6KuV0+i*Jpa5J4tg#&jLv3WW9u?
zc!7ww0ei~2OTN3dm8-h05KCkdWMAD1eNoZ%P7(iypQ_CwB68N5<=G4M5Ruc1PSEK_
zJ@Rd$<gRsPT30*^1(;7mUHpDxRK^N^RE#OOLlLu&%Xx(VXe0Di?g-~mu%_Q`3H@wR
z2mU{tgC|SQ7}`xhR@5d-QKk)cXoINI(_;$i;rUj`^CnSAtKqShL24AC$dV^<cfITu
zs98ka!Fh$ih4WqUtW<9{N~|R{k(Yk))={6*k_yT?2~x5+!C`sbWAUxWIfcV@s<ZZ?
zZex^nl%e|4ZW7zO9{SKWpfIGM*-=?xAlh|meRZb?)^-e1j7&DWDZm%liCEqRM)ss*
zxE}BU`X61O&0k$0?BBY;$!<^lCyKTE68x(05~-Om24d{@<dsuPrmL@yy^IlP<tH3}
z4!pFOu_lR{>~814MJ(6W{4i%sKsVGyW_n1!U81y)gY#cgtnp*jfYJ;?!n7au2lX;1
z20P^nugMHB@Lr8KxcC8+&xxB-B149)x>fKi#om!!gV~P~#BQm{${f-89-@Bb8}hf?
zh*j;MSd2PIE&9pI8ajFix(<v%%p^vt52$0Y3S`#M-VL{ASFIcCotkRjL&J=4RVhYO
z4N&tcOk8y3{y%i*{EBzykA6b01?L#DEO#FG*r<|!Y1P{>m)(dVkC*y^554iU#QA9N
zk++K@)fYZ1cI=6Jbl8P0y=1nkPDX?bio-v$LKHj7W1SB5g9dbs?dg}F1dAmm&P1-1
ztih_zA?BGxB+%F2aC{qiOSsm1&0(93?aV4#SNS#(CC<}2Uy=UYLS64Dq(?Al$Rmb#
zRaRHTEMF?i+d0=%ao}!Wx&Ks$(sd+x@a>H8h5Neh&p*Dp-&nAYU|-9LEg09AXcnd2
zfOa#w-0O18d`h@s-W2XKt4(PQd3q|R&XrUQG~+hiff9N<<hmoh7shMw11?Ax_D@gg
zT$kwooTg)6TFMy4^G6U-k+`dAT^!4qjx{D?pMO**1a%iOFfh=&%eMA($&_w7$3hQ1
z3A$ge>%dL$10@34mw3KhIJtD1flcNT-IAwPESsT``-@@&+JJGfmYBPXs!Zn-UCu(!
z{i+O1y1Y{)@>7W^_T`V1MQZVyK}<pZjph3Tx_LYX>vCCHQ9AN1CMd5#4Se@cFf+;7
z!qT8!PuslOkZo@!^d<4wGiE$&&17mdI^?cjZoAymUgyh2h5dY6lWi}OOd0UU4VRlP
zr=u)Lo`hoSPuzUw@|FzGYcZ6HZGZ4@mI&o{=T{N4{r;|*_-?Bais=H<Q`I@s(o|!V
zH)-bLHd!mp<4N+!A{Y00nO$>t(~)v7d~%Oty}@A$P$T?nsa}z0$%2g?gWv3#UY$d4
zUt)S2BokT@3w6*=GR`Z$U#m}6a@L$w^YMW(cZ|lhFO-7tg(24`*W@nv*^NF>Z5(X8
zrlj82aZ*b^VH~|1u5^~9HwTussE*omX?zyfJy4%~i-(<!BKCd+Q!Vmn^DvAg$4eGp
zKN*efS{vFcwpR{47jT+6Bw{^dKQq{8jx@B}1kHDb6nt|!4KX|a1e*$)JzR79`e9_X
zg?&t%F}#CnBjfiw1>&{%#4vW<AQrB;_<95d^_d<Xvi2;w-D*Slq8^qi_#CB%)U<h}
z>u7?M@1ETIy)FaUOmBIyv0XkL(jTCN`o2EZRXEh+FpvG{?;>)~W1z!>4Wv`g-re7w
zZ%oq0AA$gGz?EPc$%vEeY*&H0T6|j6kAKE>X^z>(zdyh<T(TE^BS<o7V^b$hJLe7W
z>B-}l4<Bza^OT>i2RPc|F>}3-38jfmZ^sROToOx!)2ahWmm)5fEKho6mMA~T*VZ(X
zwYurbWX9KbY%|^%vf8)8r4!>9G%gt$%cWhSl`_w}^v!XfPXg<*r=H<BYqI@q=7por
z2_F)fpC^XJwl><vo?}scp+_PmuRq0YE`9?qF6iZl<mz7ic*CYNsY2T>L{u&*(=*eh
z**u^IJ5vr|7hn#5@VYH^>eUK{c2*ZmI0mvIN_d_AqqaoPMF#;3wK7E?a54A*?qVL)
zDMNA?P($7fkkIE#rD1K4DW=<b(zN%tg3`EQJ+gp!8s!1jz^7T=|M?GH9O%S@VG{{3
z8b8%fp8g;6#Pbc-M`n|n!ajSJa+f~k-WDe_bujn+IWuCKLRvh`Om4ks{u~dDL@o{}
zjB8MG0sO>-hgimHKt-#ZBeRC<RrdQQ9t#4@t`Gg%hS0L}F1EYFplDAb_Ab*5BRek-
zktG5~e&e@5XwgP0jk*tWs)A2$ZUlV|j#do<7lvSHG9w}X(0wXf1g5+Di9kb+pwLC&
z9Jd-Nc@J9U_u)mdufj|n^;GU>X23ZVH}+^xBe8I!&+Y7ME7Fk)CMCA3JiooRjGPA;
z-}Y&{7Io-^=Fa|(fthDXH~IGqmBz%U;`A-ZWdKqThS$x&+7a$$bkovh0qdFaIWz-s
z&|ZMCt+&Wie~1u8?k!oGDdpzfP7rvmQRAj|{#?s}bgSu#9_6MO1s8qd2^+E10S16;
zrZadBDovEuqz5n$@9|jxvF-U0xZ8M2o|~uR%>Yy<=v2Qur+;cgcHWyc><i{9*8_!X
zGl~(C&15?YsA?4EjEkz(E}T)}ofRET|NOJ`Yi3V?hfJxRd{FQlFku!V%K?0%$SR&}
zZe}$dGHQKOHRbbBGK7?Cl4BIBYa3&wnFdv5=gN^~p~^zC*&Udt@}WQ;j?5wW3!W77
z?9tOgP25z#LGnh>YFW_zhGCv0`{wGLS%qspkLrM2s6EL|TvbH7`L^?+IW=dtzjOyE
zO0KpSTJg89ES;(4d`F~ge#Lihi_YU1usu{HKDoWL(s6&H$M@zpFO1gklcD75Jh768
z{3}yF$#ouQec;vSa_5^J<`AuosPpT!5T*D0;k#p;+Ud_KRPSyWUhwEhnoRa*P-IsA
z6GYUCYH?O)R8Uy&PH%ZV3a?jW$*lGE#<`-k)ePI0SqKRoKlADhmNjPr4~PM3RKwa7
z6lNKI>P>A1ch~|ORODW@r>j;(+a)RR?NDWk;9;}9w>KGFGEqgCRlb#(t9nNb`|H(?
z)N0gPH3rD-?pL8TEdehK<SRY`%p{_Y%rZMVW(t;YD-RcVuBYc98Pd=bVyg7y#rohS
zf{qXw;yNP{jajvY&JW}k1BV*C&h97A3s9Gp_-@Dr6E9i1$qm^JIWH8bn)D5MX5~cs
zAG!cO@Ni2THHrr0d~%{~b|a^_BYhF=Fa#+=d-RF5C8OU`oKRr3ohkIQxJ2Z;j?;lr
z-xgsL@U8~X$AfI;DsAhlmQHs)z3mISFX!INDkNXcdlOxB?NZ{01O^#YTCXP;6PM~+
z#b*$NwBp?vcpK}CV*zji*^003f9N+wa$?Ky<2SgNQ=tW{idtBuP3_~YOeMXM5T1<y
zBq~{Y(#|6Mmkxr5fC?m$3EYeA@Cwk@=H1D5X?UKqmfBt&wpinwP+yS!+>Eq(g+CAG
zWo`Ps2||^fi^39%;$`)>rj-<byi&>nd;)lnf;G37YWEJ1c3m#ZLd&ZL9)7a7bp6XH
z?aYxcrXR(OOUu{N7>kzt(_Q&b<7E(nF6xPv=CmBl*0?!H0T=Wb#-_t1;(X{GsZFI$
zDljWs^^-3V@||#h<B2$&JBfO9{2wH}-azlwg}?cP6^#AuAs>%Ny`hH3c{Q8=J7G{K
z;Mlr`hKa8wAw{XR<phf57I^doXF`Hrrs9J2{GzE(;k%$!O@2xUP%+3#3H-N)HfvUN
z-a4oO{^3C$5Ml(!f5&~g2}BJV!NY_>8`lt9-<5u|yU<#+G-d1K*R}s%@q*XIM!kg!
zYhm87+5ATKF!V)jbORW;{Ob@1WBjWAHObu>Sg3Pp02MnYp$SmdXgr5FErMiVT_`%D
zn+gu&i9Zn2ntnmMkp$~bpa}d!_eB(_DIDo08Ri3X?U(gh&|lXb2G%|81#3G?dx<6x
z`G>zCs7x(Y2eJ*x>-syL$*^X1>pD4VM=Y&HG+&%%rbEmJUU$vtbz@g=84;Iz{(Mg@
zNj*-5oy};ZR*d-&43dhY0`j=B*Db)9`N6-NV#^vi_*XY~-5Q?kJd|$U8|Pp1G{jD&
z7J<?tBWO$ugwjV8K7w!fqFR!++1HT_SJTL6g{-b}w5_Zq;@{-Ad|9{Z5UV(*6HnAW
z*aOd09Hg&4<rtX1xwQd<z;lg&!z&wTwoR4g@;6Vu?9WNvP(IApUr~?f!9S)SQ~K$2
zRQ;{vz>f6_botfH=SUf|3XA<-@xOscbQ>^a-dhxV@DN(=XGc~TPX{HTh=`X;ao<}^
zTBuDys)BGHjp5rff69}dfc0Pa{zF$25hu#I)PUJGy>+L`5C{lzMf_%%s4{IoiP#1&
z#;Wg<qISS13y~mN==UEe+5^9210V?XlVqf{XFoRn4~Ohy@<!mNZCg>^NRGJDZaNeD
z-FPoW*%#B!92W8cyA8_mV`%UWu{ZjdaoS?~+4e}!9UGY3hizNM!ey4hhFw5RYkg)N
zS)+H&u@ttRoDMs<;*5vUF7p%OG8fU<(>Q}+SJlzv4Y?;5PN$rSb~y9$o%60r(Af|G
zG-$I0^^?#DX{wq8j(U|Z7<USVTlkwt3xEKHK>SDik&NC6K#%=aXOK#CD5mJ+xyG;7
zraKo+sl~-szay*ds<eq<COpk?HF|Ai9n-^RQi)eX?8qaX1*%#4Gr`{%n$i$FQC%vv
z-Lp*4lPD~R5|y$BAc)l|+uhs71UoY`J%345l%(Ub#>k3H=Tf@Qfqr7oVxl!BrD!PC
zjaqDS2;GmjJ&tGo)X~nX^)Z`@Kxrx=1_D-pMkDXa-ZRIVZ7;U*+X}@O?}2%&n#meL
zk}YFsd-UY?*3`fnmK11W(BhD4F4vEBuVc0zXkfk+GEBRL4{m}_;Vvl1^-94NW76E6
zSal?jydv!K5EYKf(;+ShNBM}`rjF$2PD-3(As2%f8}M<N-nnbn{9LK8s_H-Y@)|tI
zf0!n$DUvRo;Q8m^7Q>)XVaZCBTV?w|mVf4oiy1k2$gI)V)beoipvqoBN#C0N(lbHr
zlm|xH<7hq8Jm{#rKZL4ehQAr@|833cPWaxiv#HclVbGO!+r9I=pr0t`F;i3P%9G}3
zy<1CHCmSRTZn!jsb1%C3l|@^E3Bn`b%>g~?*<$ANp7`OBfXPlcEMXj@&d6qya^~RB
z({!^mZP{~)FD?r|cw-n{U9gSOXjbx(qH%2iEf|0yW|kE3F!gZu4aNIwii1i5Q%-J9
zE<%eywvOWXqYKRi8lViRLR+8-)Vx(Wq4DqmDf`=6T0oHW3G9<svk@QhPi>sWLT#go
zs?V{CxW<=DkNNA0xuvO*6z6XwJ<So$r_}_OvG4rSCXlyo8;=}+$Cq=ceQHR&-NPnJ
z=NWYzR4djx)M3&-(pl{3IV>_sxf(o{0o|MZMYg~&#G=B#MIu7IZx?Oyq7Ijkl{;1F
zoSw=hs``QwqIl|9JUCVL*V~U%9$=0mbUga%j)E-t4sD=9Bum`?M6D_hDiqt0_s*uN
zyUU6R;}yuCq$tJcpX3tHsiuY*P&WLt<kJ}l?uOH^TM1Bsd*LvWGph{~)f#*Dde)%D
z%A246L*mG4#%|w3Qc7(5{eDl+M%Y|Kj(U3Pf}1FPlt;mcKg%e3eOsyDyL`X@sDpv<
zap>n5+Tq1#G;Suj^?+py_hXR51PQPTfFNk7pvl?@f7(ynR4shZ`P1u9u@!~W2%b8C
zZa$2kc(bbg@5DTbaa0N!x-CP7MGXU$3xOa|=WILG8cBqP<9BC{M*b%b4_LVuXgA7X
z-A(Xa>HUJ9{skJ#QEw6H(S{PReSEH=JpK%9D0vhCV99-+0=B<;_`DZN+%o{S1CSV1
zzy&?t^E85bPp&NA`{wQriacT&^Ai`w3iE<BYyZo@&iXiBnHSg%tVv9uy;Wd8`L0JI
z0+sAT@B{GAwBt~!N`Cyjjyvrm_@c=|H$E?!rVs&S{<npEbMF(Q-B_=$kIQtY6@Y&N
z$uq&->Xa+iD~!PRHV77og8jj6>ZxQFDW!04nMspJyvZL>(;B$Vg%d;Y@@E{x1bXnL
zCB<abFm!C#A<0M;7n52XV~#x;0X7p>ViABRjxnFCIPZc<(pj)BF~6*nO+YB4EO~q^
z)y$sKRJWRGr@r!3J|N%#)c~8D73F9b{b|kW=PKdITb;qAS+MN)`S*LDMbu8ufF6X>
z+jY?}jnQ;@Z4QT!0~#ccMCqmwoi~CD(i*H<1`x!e6G<Q@h47xbbwl5X*stXxr04jx
zyl#ZoDxvkce6aKtFodpN)t@;Q<}8WlYLpaZAjSR3iIvNHgH!8a*e??W4kmWq|In%6
ze~Xe0ty~A^ZouSxUIz221|bS*Gqb$u8nwd*fu0kIyk7uTIP4WJWYS8e=`|K+@5Ia&
z-Y@eHT}y@I-upvU7W~RL@-siIA-IWfYtMc7R{1LJ`1B7{h@fBebN+$x>d4E1vznAj
z_4}X@ORIKU?)8E=7NXBZFr)`fik+v5F<LlhJi8OH(+F%PEvM>63mR-NI>IqC+V#Lz
z^2v(Mzmw~0@L(`mjRexOsqjnIvjMLrI>L<4nC@2se5C!jOOQ73$)EYWJZ+$|iNIaN
zYv95YkjN^dFus0-eaCVPaA{}H%2KN&e28P-pk<bjl=+70XL|XfRImnRup|BhBTW!}
z5^uEi51nl@$G|@Aq5wXJxaeIk*WAFM*0o)}eJWfQBzj9OgP>00ci@po*htf?OO6y7
zEeFWGMKT9a_`vWJ9PBY2Qc%aX*b+Ky-s|#6=gBRlr{w3iOWo~1omQjW>aZ>3uZF31
zWwXDYNHY;2R{{H2aW=A^vO$pfVmI;PPqGzJb;e8$9=Mjce6rfkh`buqBPzU9D^ew+
z_G_>hFjG2Df}x_}a;f=?(9@P?`N#!SJN#0Y@x6<yuGv?9F~!Lc%c4Z5tlJJDmr(_q
z@bg~s+LlhU^1ey!1`XnJr9;245cOB=$I8Fo>0VqqCpi%^BQ2+M)H%pBy(Wb*dn3(#
z{*N67xgwjy=xLV&5#!AYYh8jDq3D_UqWTvjiXyTla^<BKQEk;(Xb}4QiLk2X{3FMO
zBAYuVy3ZS;l4>euH^31yqZFhg!om^8KrDQKT&_;HlhtI9na-jL87|t#F165M_{*L1
zljK)4KR!?+_1T6p%pRAYi~@(-f9UoA@e{EhmN5qZ)B-*GOfhnGt@@z6z0*cWza{54
z$BEXrJ-9`3uF7?Ln6o~%;76XbAJB>D1=!H7fA;XyHPn9g8|)D5T-;uA?4VC1qPS~G
zxk$nIg9&TuT3QC#5D4gN178jD1khhUl8w&kRc*&6@r7pnGLc=>@MwYAVx`g5s*iVg
zdOeh1wJs_O#gi(@9Hh!NDJf5#uc`~$fw5BZo0C<WMosZLK4+?~DFlWu(eoAweHcdu
zb?JS1`EohTuliyZQE_aGc8^Td@fsm>?b62-ev3Lu&IUW^;j}jA0pe5QWPPmr_X)a#
zNd*#Svba^o({uJY%DSuNBekA(f7&mw6V7C~CHAb6B8lJ1i@cbigHnw3XN^%1%U{Er
z_dso(O76TZGWZ=3xD;}(c^t?sanB<mEJ?1z>h8`Gu*(u>)I)85Mti;w|FyVZMp3<F
z(6@eH#}fkk9276j7}?q@Sh}iHXa&k@6kip>u}jCea;VixE!?=s>a$aShyr*S8{pNt
z83H=8{Z~HQrvDsaZpL7Nr6FlU_Ntk7p@~&X%7N*>^4Y@w^F@LFqE)mZ>QQH}5HR6C
z-wKlE3IuHl1TshDWY=y#ILY}>LK|?_s1^njHbL_mK$ZFEk>y}}W7zl!oW!Dm-WXrk
zpMezt8B<0dc0`8}-}%4YLQKPu^fWN+q6n~uI4bw=&KsSiOy2{tVL)R^2lfo)kxCd)
z{HeM+1A@qXBP#pTO7_05W<p!_fh)od3(&zUl0J86{NwtCQP@S7U(~5!RgrN@py<4&
zH?0g@_+9>M+?p3<5H$84_`9D1Q5^)}64(^FsZ%#`x6OmX0SZc_rRq8@8Z`DP&ID+S
z%e*-h{ANQ5J#M1{e4PtzTMfK84MXcXbYcVf4B^JL)z$HR8IrRkcGqhCXdkY-Go>nv
zp79qpt%=K`fOmsvO*>!K2zx1d2{sN)vwfyZ-Lb@9EBKuH8u{?}tt5d2HJ|rYp~0I(
zdD?mJMU5t9GOJ2nH#^h(jPkZ!nu69Km&ZXj+hv9TN<`O&VUSeDx&hOP8LB_`glBDS
z^uZnXoVe#1RxOK^WTjs~Ezt29+T6wa1$`?r=_wGk=NkH>&Glay^sS(au&K+7t?mkG
zIZT9yVc_M8JQvWy?>>e_tH44U?gypUVLsg)7!v3~&u;*J3jn$*7Fy24VKG(-ARg6W
zn*-rJS(?ocA~V*oYdqq}(=qh}Egf<iMp$s%`=RvndkfD9%n8cnbUU1Iw!;~IY<t6f
zaSzfq67t9|*U-aNLA6w~5p`l-NM!<+cmi+qwVSVv^+%H52}$jCHAsF^@<A4~$2IQg
z!;nFz0vCk(wRFa%(@dE*h5J^Cl18%tBNGe!L2Mx<1aFlJ3trF>RZ8q%x%v-X&<dIp
zcnVhsKV?XFydHiaVLsXtKCTiaYpMTP2=<0P{>#OaPdGZ~IS@%?x&`*(D8TUtY~9Ip
z(oF$|-GGf};7**>I|+U02?5yn2IwS!p+84{c-tElJ_WH<>#G57#-o}sgWu_GZQaw|
zDhWCP<J-IV;=vB<s^;Z!><)6K>K2{LUdlMVS_OUGww39EYY68gtPXy19u-Kf5Pm=e
zPu<fF6w=&<-ox*N;@hs>OnUn!)oz<UIR;d~1k)SH7Fdz6G(v9KA7j8@9LE87{AMu|
z4y*d0k*rId+`n0g583G9&<-S<e@fJT=-1~eb{s#}?C^r*?+t)>ZPFB>TX{8}nxGCB
z6AN*+{cNdL+r;sBgw_<vk*w+nW-9XvM4Hb-BP6AUSIqcE?3?Qy;Y<nrR}$1Z+}kX;
z7aDP&xNqa*qhK!w&&>FNpETkR7#D+eyg41qAdB8Z6*V@$wmeK<J(jV`mWQ+6G7;}9
zoVVg||B%)(RfD1JJG(q+HrU*?rw!+rTC<fu&l&+WB)8ykPqR@&C(@W@SQt0Qh=Tk=
zed=MCv+<jUWg2$2b#CW*P2$5!U!zIlCEc#WBEwVDRZN^)_6a&EZQK3ckAd{`_5<*6
zdC0XaKWW-oX<D4*0sd!Kj#LUupocNVQhag47Gcg{dX={fp^i~Cnx)2<Nt%mJt{#3&
zQb)%b<Lz@x8bD2w(cH>BIm9I?*mYvQmG{}VumC<_;yoFpUFe<DQCa8&7{UwdwW&V7
zQ-k4GU2^tpSsEk)!kS9W-pQ*?OgM0-DAkg$k`~5W)lD*=VXB>XYpDs2CXcWirc762
zWb3FHnTZRNANC#oAEw?js>!w68dkv$B1&&jX(CN}5t6M)-+&Zp5h5VHONWps3P_hO
zHPWR9q}NE7CQ?HW5Q_AK8X(Dj@BKXIeBb$zF=#(B!hKz9tvTnKvrc&Ru|N41Cp%!D
zW>6&ea9YlJff4I7A+;+p^|zb&<!7yQoTZo9Eee9n-!@GjI?fjFTVT89jgN=E#+UPH
zUSZfJOp)n>ipYZX91P^Ua(^|lR1OXh#m*iyf5M+j&aE}TxXB7NgpG0DrV$gJ@v>Q$
z-`W==mf_K1(T7TBCME4lI^ta@f{rNQn5riRA(>)hl_EGKInNb=T<xHXy;^%i50{ne
zKq<MdL(=4Oae;s|u;A5gPo?p6tvgM%wE&4Ra<IDBwV`AXKO>Vm-6^~FK<CF|@Z~`D
zZCG!Yjx(@INXe~TS3K!_2<H!Q^>GgN;<HWr+wf6#Z$s}sT8$D7S;^S~0XV=8Ga7nx
z2goyYC{ynqJV)|1gTzt6W-DKcLP-HiC+l%u8xEMsp(AS2^r^(ZeqjGqL7ncmC7;py
zQJX=-Rn)enlRDyjC*Rwi1hs+wrd>nQOXa(rGl+Oj<?@)UQV9iz93w&Er5b*!_{o1g
z!<^ami-dLcO`uPlqQV~JJ2rVH>IaoJLyR5(P3^|nOM3N=Guw&fIn5%|KJYTU=e;(<
ze+UL6Q6O4kaY9EW#cIqPFCU;v8a7OdwM+^GxfNwG_ubT{u5n$AzJV_JGZ{GaMSB1m
zRPb_9o6Q5FSpA<V#RQm8kR<v$MeLm^PFvLvk~KTDJY2zBY9^zH1HqC%)Lq@_TkQGD
zJU@ay=jo2^?0Bz*3H#fGMzK8qi)p<=UDwGUiJwMtXd6;vp5@V&C5)-&7?kVJH!52!
zG}ovX%&1xwmObv}dfao(NcBdE^1Bk}rC>>Gw+y{1=WM<7*T6bpwv;&wP|7xu94;{8
zGEPOyNT}~^zfk_+nESK5Pvz`dFA{ZH&D~*^c(HPP^XQC%jT!G}S6iz_(?CWoQG88p
zeHdS?JpQ6SqeqGIg(ARz<AxY`8=`NViym_Qd%R#^AXw~>3kO7z?2fAWrzfEffd<Yu
zz394($ur|0xXqk1U{V|~L(UgUAvQtZzU_)H)ydKGMV3VU($gxHHHdQ8+cE&=j}(wO
zaPH{I?7%LeBWB|p=#-^RStpP+Vcy!zO@98%?@CZiFhC~IUMCJJ`t{;?9NM6ovdzrh
zQ#Sjjm)JkwR#WIpWWQPq7mOG$5@YRoxYv*B)089e9t~gqHvrDm%xJ_5x`qeH-J`dF
z+4B;fLihitZKKow1*m4cx-Bn}N=qD?EV{E=vr>~QGhXj=|IW)y`MKF!`IVvIA^Ou1
zXa?2G@#%icQ_nkzfNhs`tP<kBGs6qg&~l7UL<5nfN?;eWp__Lo^XhBx?!JhI*_TIX
z1KkT{TWAi4W5`ymt1Rf`-$I5!;{0O|3=@62S0_3H2c#4znk8Y|_GE`unq7)Ie*J?q
z=4gR$^t<AxwS#M9R+&?Pd%3C%*BC+Y`a3^QRc+J$v*Rt4Vr*o4L+7XsOyCJG2xfDy
zbY21~S$-R`^IfoXIIwBjAiUi`kL<_;*p`?7dUr+PfiC8{C-7|z<nTyp6@AAs<qX@Q
zEcWEvK-qmhgCb|4hac`8eCPpx#FkU%kT*rh>O}X>dI+%e=1zLrBKaO(>-j!!=KY*k
z<URoEW-RH%wMZcU2wNVVn@(FeVVGJ(UG1HfS67GMx5%tK1?rg>CEm5;ec#3mrZ7oJ
zk2CDJ7&;B1R8nnY0uKpn1y7sLZP%Mo>TB@fQZiRlE!|{OXl<8MemtL@92>cJQ+T4R
z4K%j}++G1WwdudiAWL@n4R#VhyTsq4!0ilO!t_$ams*<so~iHHyS2qoFqc1y8xHbX
zzm0Adkol}Ob;wIg$7mU|3@lWt^k6ELTTec=Kzx=a-9HV^<llM4K5Dkmvy`02M`*qg
zeL*7HD;gy%S<Y_9<bg5He7)AXHUWrO0&0;mnCC%eu$nLnDC^NTEhmOKO<ds_-_GQ)
zZ8KPxWVPg~-HDL==fdArDf8x6F6p%A*~IreeNabccR0Z@w5W2qJ{YRjcSx6g)W6th
zaBbr!^C*v7&RKdl$<+4`7I$<49D+RawrqJ*{hpD0w6hU8fFZ6pHVe+}w66(v3UVz{
zXgt5ES!(XDjZf6$KO4l*%h0rrXErofuW-E$#D1QJ>r8(3`X+31P6QM>N8#kVULCBc
zI|x3q0igor<7ywU47viFp4IfaA3M({$FjnDk2~+i+rMOTim9Co^5N~QO_`I5y2U}x
z0o-MZwn@ilG2JUJ(L<5}E>lJwA)K^(Y~0SPk4f9NSUJsOfI23Ce>0Evao%l0ryA~5
znZB}<y7-?$##H2+ykqZM7tAvs2;v(isu(xbCb092s>W-f<`?k<KtXtoIMfpb9OmCd
z)&AK|VO1ipu1@o(pRS4k?5ed4a3?*uPCt&1ieVopsU_y(dtcM%I{93qV}5#0eHhC@
z>j3uS-niR<)fZgf-P5j^ldLipvH!;5*HY2^Qd2e(C}-cWYq@xR+4U>gXI_C)!+oA?
z+9n41%Si(HWr-x8&A1D#q;kOs(b17I#PIs#xelF9>}Ye`^xe2<6Wp#Uu!gPuO8rwC
z3zTH79W<c5RTyL29`?FC{sUQsd6xPUw{MC@&H?A^X-ezgkb1M2%b##*$Fm6*aT&kB
zrIe^Bf4%VO)4gGy_3;s8?;s`=AaNTuO)>a2y^dTI<(1DFogXAC4>P9=<RiYAMwYmj
z|NU=Lq8X5s=wAMi{2;Cav`+#jrNV(}zZF0=#Pc>(adV)(m%;faGb+2t3Axb>5IK-~
zCCiIi+?Ev4U3q2zy$8K7(jy84!vPZ#vQ@R{EUqUC(ttAu>4S3|JLD##+^pP-^K1XP
zV2m?|B3`=}=QW(g#8H(ph`BJ*p*b+}#IfYMlMc0l5jI-~AUQHz{TZ^i3#BChusT%f
zPg9Ml8|qKJfreV_!xmt8bPfP+<NQQBjJZH_EN9W&X0xH7V8P1@6XBqM*#C0vZNLB(
z@-PNhe-af}n1DN@eR=Sf6mtE3c%S4eHy7%LwkOF1P#CmxlKmLMA&XzJ1Zhc4@lUxa
z?M&ptOLfZzy&;^R&OA?AOIJwyNd=t^Q{B$nt0ZBn21T#~Gw&(O;v;Q2dULOsHg5XS
ze<SbU4|5|g{O`-9N`&}bv9y$q+3K@u0Kn=4ro*@^q=Uf(3sLX$Vuf?nh<zw{6KqI|
zJbd(!W;KqR+QHHDg)gJ?te~wh?eujc&vO6;4N4Z=iX_Id!y#DmMGu?Fnv5-)%&Q5!
ztMwzj{YV;E&II>-rrhxk9S~Tl*U1;j4&9_Tc?`;+_er;E?hbCmW2Ux#Q0466y-!AV
z*%IE2;reOMb1ozA33npyQ-5R&{7x(U?GCtr`}8q3o-6+VsqCW$gC8Y6-}H~0l~_o}
zlBr31Y$SDa0{!~*QMnkPg-oq%`1sX5=MVCd^9}9e2c=1g7DsfTR#+yIV4@?tXGBW1
zmuW3K=yfmINa+6=`Vk;6n&axW>CUjY?@nyPL$JHZcC|K0FQKTn%{$#YHGcl4jzpI2
zwfhU-F<<7qxgQH3LT)*XWP@9k{yr6Ik}^m}_qSq$d?x#Q*W37v(0bxIhBp};4P=TN
zdXCouOD+D?xZ-{iPc!_Yl?2oYPAQA$h$H8XxEY({AyW7fW+rIaH`&K^Nykg`17PW^
z%q8U*&zAsI^{{@KZc(VoRA%#b_X6s#3+NOwKc2$c4Php;)Sb-u^y`#QS3k_s;QbYS
zTfH?Hc%CjN6V^YHmCxOrVT1^=*s2AU<MJ1dqgP?|HKS=QKd#>tk{6L*&!ofdvL`E5
zOAR|(ZFU>!W@g&5<~p|TqM)EK+gho=OT#ypAJ%L3<QwJjm+I)aV6{<?$R?Ay#E0YP
zoKf!`7KM0Ed+XRb;_VCkD%FgccLI7ed#*BXfbOW1t&u+fNcV;7YvihB;6Cz>7VmGd
z`o|aZcoWC5<B;0`THkn;d<VOT?2<pyAZIWZJEGrAu6w1`vcI82|90)8<!Mz7Jgs$N
z`x|lPj;}7f)UWj8sL90Uj0sYzr|%E8dzEw+Z{ox?Y@1sQtP8M2$l30LUt<-<d>GCS
zkN}|qL_3n9P`$GQ;1c~y#{E_M$X*6WZaSYGw3}YAST|4D?~nq(3X#0^u@!(R!&Zq(
zu>s4TjmQmsCHbusZE70;SZKxrx9v4)Q<=Ca)@8|o7B^yS*vGtNew|vX5xyjo?nC>J
z!wQv7Iga}9rP}JTT37QYK^9xCuC#+8$~z5syX$<|V8W#<8ON7NnX^zA@Z;Z_9*s1Q
zVYiUOfd}W%A)Dt|S08#-(+tg)YAZger~7@JvC-w@97IVMQK4Q&!|7s8Bj48gl@Q#z
zyIL?yKvb!&sgvbM$F1~MbbU?6><X$x70E=>HpY^LN-bum=7(5fIB-sPn0dE}?6e3Q
z`%L$E^@&m}_#rTcPXR<b!u>3C3v%Y^v{uV7i(EbltBKkQ*6vQV<g3PnT2Fsd<?fPT
z_UL>o`T4ZxG0yU<Ng;I-SnReVjSy}w+D8<P?MP48(hI*-udf9)sc<j%#{bx=hr|R#
zF{ceHc8>MDh~^#K#*4Y1`Y4Nx2F`DdP97jo6O!NFn5KW>*w36}9?u&9u4=3DF=uU2
zvAv*E@f5_r^Tj-x;^n?>8GlYs=NS0kWI(m_gMXJvPMoQDq~c-Rlzoi2F~B|_ApeZP
zUWNfCuU*0Xr_aeJpCBvgrCXpOAO!G#NO?^N{>af9xT*snKqg><9*JyzZaYra#ta7c
zp4AtGQ=W~v>Fq9LUGHuhrzF{rFwP>;3E^vNilRttp9<>m+h$YpIJENzAi~J<MS9~x
zC5e?LluhwjM!?QJrL#aDfTQ1y0YuC*z((>L3`is?G-FX7=+S)?gNxX)es3K^KK=40
zUnS_`=3gcHfr07IqF3Esj*og#KZ27IWkpi|2#dKI93QtEPxh#~tu21~0n)`3u(G74
z-UOin=xaP<pKA{Q8e-F2327ryqBI80tF^Cc6vaokT)MDTm(rBv*(WLN4eZbVehHj)
z`29)5L(6O4$_!nWk5Gl8qHnVPI^@6d8(hS^hoeI-CZSlBtnVkd-c=`LmA$h)dQyA$
z5%8ox{2;feffke;{yx}<tTzdT2x$uLLoo^9D8a>ToK*ez<Jw07-)ceR>l-I1A^$l1
zm8d256^mzQlRcX1yD4jLLJN3G%2XH+uM`k)5rB!FJYmHzMJ~nJZuIfNJG;53?KJlg
zK4<hx?j*UBA7|JIRw!{VLR@A@yWdpHaWcY@XQJ<h#YrO<u<vZMctXA#zBt^@>2Ozt
zz!EtM-A}~bZ~4r#e)91h;+@G_V_b}x0Ef<twbI!XQSpo{)I1AfD47ECa#6je_)A)_
z;50p}c}AiMsUWVhuig&2s-#WSA|b6DsQg5(qHB=q9X<!_=Fi9Af>Ioq6{x1XZIApL
zbAwuWRR~$t@CCa9-|xCWl`Zt#RXFA|+1y1HKsS6#FV{St?Z_1Iy!RaTmFs149QS2J
zP&#QRZKB14>AsF%q8IYqiOhbcrg!Mu_s48aX45!0IS14T43#TCNq$SiWJYbkUq_89
zMog(H)g=3#xm>rue#Ds(g!<MUEORbL{Ykw*Ns^8zYq^;t7SBD(=hgg5Qz`MXh!Kmg
z@=XamxASO-;k#~xZI)-9Uxw;fueI$%<>hj=lSv6pNIC?%M5X!p)~+bk%Idmkf%AY}
zn~)_`wtl)s9_%>&yJf6&C9W>E9f;18_}*3B^K-MJ?D5O6r_AfrCzMn;Cw^E`)4O(T
zH-CMHMX=B1{M)JCvheS3Ul~%A{LZgAbG%M)X8@cY)9qJ7Rs!zeDZ56f3gI3lTVOE^
zM!4J_XFlp)cFTiDBQ6D}4iX~MBf^dRd_8cpHB#MNBM`cThqmtDWM2J1xX4U8hV3yQ
zuLGTh4Vs2DpRPKFQ*W@=Ow>a@yu166nfwk-PXe-G{4<`}Wjt-I#)@M3)Yi98E(A05
zBP9+?bnX@}LtJ_TonZ%OhAlQr+|EDbQ1+8G%@i@qj^#V=+ro3m*UN;&ry?s1bo|C2
zBaRTj^ww@6J=<!yY>_#6Ts_R)R$8bn{D6hADEYxIc(zh%3x??XW&@Fd0|WDA4ibP(
zcc6GqM;%8k)xAZfdwi1ag$MRiZ9IQ_|3LpHE99y9pB)mVRto<NX&GZ4omlK(p~9eS
zQoKQ{Qd{WXBFY6ClZANB*|g1azub{}ByaDU>%wC~8mPSl`eEmM0$m7kjGL8P1_2kB
zBcSDaIZ+=fGbBK-{ep1lF;w_GLDQAFJ;K=0H;vDrDrTVJQt*XKZBRmL+#!sKY(g-f
z#W`YyWb5q)bA9f`DL#J6b98)_%wp1+eV1^u(^!t|;A>Ls4Pcn5eOjc!jaV4dvOBoI
zCz8KdiO=?sf;HF~?GFws7lfBG>npzXOtOq9y4n=%f?!V>ACjy9m43>d7vzXHh)yY&
zk*T&2gO?Iv=22aF25sS*V>PC0s@++UinCpRT}Zw)sOF)$&MwHtWs(oq1QCH_e<6<Y
zv=(SNk^{E-$eIu1{%V^0aV0ud&k**4tU}3N0THxez^`xPCwTW=)Cvk)6QNnZ?8a?B
zOJbhZ^W6?SV%}Pt_+}+RV$+;f*e_qGxT^^>DRs0U4|59U!B|uAo2nMyyp&TS3uNbO
z%=zY1f1ZALwGOy(Z4CjWAWI3A0YY?j1ymH`lnWEBURTxIT;Mpn&u@@TPN^ZYew_o?
zhRHSG<4}446oIzvsu{EaY$jI$x6<bXe1)0#*(n1>Ks}FqZ{+nP<TdQmfEcm4N0H-B
ztWmNo_S7)8<iD1ZjSO^iP79#0$zk1zT8Et-zw+9eyOP&V>hLjN_!2Eneq7^l2U-L#
zSJz5X=TrWU6}on~!ao<3w}yAzWn%7H)Q(GASi1`B4}JVRbajBwO;NJ`g>zS5Wla&6
zs-9f|zy8cIF5xCJtCjuGY)!0O!Kye&{hFfFaofVEyL$qnn3-(2BnpKQ3d{Z6ZTzIo
zrJaMnX&A*-cfDaejmh?GQw13Vg7Ms0;DiBU<WtNhYZ<We(OsH84sreGLev7ssCfC2
zIE#gU!Y?XwlwA&!-|eoKo%BEZRo2-$g9G1NW}HLGIvIHNAL8$`1ppVZF}rc;@|Qdd
z<A@D9zbGDcnu<B9%$kU?z0wwg9{aP$aZ=UMjhNN(!)nbfKeRS<=nQGppA&EG^xC=K
z%frMV4v0YstJf(PscCNATWK>R0c{w_7jra($pQdTX^Dc({}Ja6wecc>@_!yf-Wr8i
zWlR5mdc0s`PO3WNVe0DLgN1v*28R>63@IDb1taeL$7hNUsP7X6|Fxm=2RH_x=o6iH
zQVoef=Pz*r+FVEh9o^Jvgfs_w3$kn(9_yo?tN$y%17&>q1I%|Y{#(e=ypl~5eRl>L
z%BIgWWemYI(9;e(`G#>(eI9rTdMjypj7p;;NV!Rn;mHZ6&q_#pV|pUaE?**t5Uh>7
z94U9OW|a_6zkRj%QnBjBrsEB%<VF)i&Ed1#K-A3Cci7jm##-&!*~?HUJ9BeJ2=9ep
zMQYM3bIVsEh~O33ksbv`aS=q(sr9F>kr(w{qtuod;XY;qk<U_*=%9)j^G*F;zMth|
z>?^3JCS+zpxEU$O|Nieo2%~=q;!90!f)CB_B+kFiGEFdW0O<)afWIPs3e&970d@F(
zznD6{JN|bmU?rMMhkO5^C365gAh}ANw`3w0@S*zLs2XP?s1McfU$_??<Hc*a<4A&F
z(E_|+84}GQ{?R_(=jIlaogdT$O-o=&3M{FjQ~%A8+KCVZ%-8Xq@e8I4X5|?goxd(-
zcwVKYdw+`kBNvKU#NlYREcq<ld)xS0urlI8RzgMQ{P{s9d_sN;D{q5^H{w13>DQnS
z5L(x-It)L|g*Dy#_26Oqe+8iy?p!>(2uoiB%e?vGD5H{&b~CMMa|3!WvvXOK!{DJR
zrh8lRzq3=<oP75jdN#-_tqgr2S~wR`yjysQ5}HR!?RuMek2+ivp9ce00?ty<a1smv
zPhv^M%WDz4hcOHtzC#BA>B%#FitE(0-iGz5cvxu@BH0}<%4hlA>3+kbs_Q)?;+?0l
zv646Q>8>-r&fb{#<3*^<f(~%c?35DhH`pN~vw}JHU$Dhy$HpHKtAJ)Ok#`9f4k4(D
zGt6{zlA3$Wd&&igvm2HCnS$ePuDggl=0of@?wprIbNpgd;5$L=W7Bg#jrd<Xo_za%
zGgZAXn>rNfjrKunUDu^yK27oInO<;Z)#Hvx`g#&sV}mp8=A$}L+`~x>_xsYbEkZx?
z)g_}v(@6yZE;Bg0->dL+9~m`z#Wsy|2SD4RO2gY+9sZ);!R<k;!z-%<Rl4${D=lNa
zu<zm@;11>*+xa8AUlMGq+(k7{RFZ+BtC#x@tWCsi%Pi~AO3(1GR@7hX18jeIUV}d-
zL%yK7iI7kq<mH6`j=GHCBAsknLK6L<GQ$!qcLMfuWJhK|w!XEtzNOwXEY_hb5=ql-
z^0*A)T8oqJY3?}3P6JKGCo=Q$^1fNSXU?m~^3HOUg<vgN^+gFwb|S;^U1D5lOJ7Y&
zHSzNI=w+7uB0wd>8G?v*N_;lHf2E~2&<3_L4i*@x6~6|nEiASPD6$YFe{YP)b00T0
zs_zBiP5Lz}X2KzX7%_}{tJp67xN&5UWzx4c9E#E8XUvLE(TEHQdUHv=LijLUM}_^g
z^x))phLYz>rXjX%={8llS8t_%tm5o^Y`W9(Wtp~~U1123w-l_%a5uuV@m$e~(apFu
zy;P?=P%bZ6&VF@4NSl#MmU(gGTq}E2Q|-7ZnWIDpOw_4qn)z9O{-DDh<IeEWGe3qs
z!=f%)o-0Q*dXj?O=_Aqrto3XqDMOP0`{Y7a_2fEvT$jovQP*q7WA}qEDdcTI=I4Md
zQ{ZGES^iLg6BZH=XE$}1KL3VXdhq_!U16H6F3+9F1xkz3lO^{X)JcR?6+vr5c<GZ^
z;<k37_L})aiTkfV-jQgj`%8%{b_zZ9=*55+_<k10$T6xp8qat5s@iWtdDaoFhEUME
zn{N9`;l{WvAm0gis3q!j`n7Bu`y90pcbkOvP0wmw9ryJ;gZr@x7}eF&ugqTI+t%r-
z8~ObvaSxDGn|hX!mB5%=|5mnqZA(FX<4d^0gDQ}e*hS?4bUDUdZ+cfR9C@wnD(R<F
z{5+Ht_oGSmU7hTzB}>TorSqo8R<Vj7EGMNH)fqCE9QvmFrK0`(90i@v#EQb-cVfHV
z_yg43Y7)O_O3cjhQ82^jHa_Ifm~tdmhU#pNxDO$!4N*6!+GfB&`dI05Dc9>7Uiq_f
z7?yL8kVyn6l?OklG-P3bO!>08Ma}92aMEu9po5Dl)V5(@l+O<oC|zo{aHd{ABAooX
z<C@r`xJIZj0*h|n*yX;Zz^g17?EHDeN7QYUslI-qHZ3n~+BGjs!SvCyyo=8Y<$KEm
znak(}$#?6Q$kAmbZL-+AzPO}BXX`*Js2~6rPF7il(fTL*xYLtjw^Z6fwR&ZW_gDT>
zyEgwPC~{x&l?eZbEGKWgQ1N)}cI{eFD^l=JP~)*!zGu>(@zRHe-W!(Kz_;Zose4Tl
z;QRjC1{v*o<@_<d$Hp1nDXDUoJt_wtRmI#27`TQ50E`pJEZw>($t@Vc^#^!l?#aBB
z!_>!hyVIMCRy0;1J4~F9e^&e$UyOCo`0Ht$qviGCg{yCmH=Rcy?!bpvABzz1m$Gm+
zEt@qb2*kl(M^Ro0JddwKSN;<I)oxw=C~bu|HjhnM_m||_2Dgmn$s|q;J=$yaw*M8x
z!1Ts`MvGVh4>V|WduFEqhgRLMj|1i%c_0k94=}Ba+cuUU{IAf(-#zXW3#B%S0zU>u
zRX*V7y#K0Xf{md-#<e|_9l7xWqPUDZ6@=`ZA(P^u9{|4<vQY6qKr*53|M?o`h+9L5
z;?_j5XJ|nD0$!#(63#ovkeIb@@xlu9p6fkVwL|)jmkzBjY1&fDzo}&4I*NDugH^v!
zsgQEkq7{(2CX^xoDVL@Em^~`2SM_<GTEvKWkl~FS>0NrU#StxQWvt1_UiD4~0N(W7
zQ3Bjp-LLMqD=0<3mou#oA7!!kPpV~2Q#z<j7MXlVeKS9knXs>)qk<s({&QG5R?xdX
zvQWKoy`lEnJgnC(^6?#hil!STnK8B}KF8Th=9Fq8Blbo=h;2@4<0Ys|)?-sQ%yxl^
zoVR9k$lSOHdI#nsRm)q@bhPmkRjS%kI5qjAX1x~GAa`NU{<DCqP6o_f)Mi34;bf4r
zz)j9(l%fxyS@#H$+BP+bN+SvwrivfWJ->IZAPk5(9_^6hkJuqJ>t<PPIUkGl!6mYB
zRN6ywTnt%-SpSUBn7(lE;(K+A+jCad8woa8J3l<3+*Qgru`69B`A{z9_w-<h#+;Do
zJ!OWWXhiK9BOv~eTVIN)!+4gF2297vnk6v#gjLu3u|4e9F1+;^mAgQf!hFQq0h>}^
z5^p!X2Lo(h{;Eruf7YvX{Lclaw7(7=<rqoU7@0vO*S^YKt&g@Q^^aCza>5XD5+zmq
zOnJ>e(!<A|gF)BLuJCw*pR@e@Cpm(IJbyy!T%H&vYry4}(Tu@gcO;=RinA2C#d|=*
z`?ZY?+0H{1BxTraz96}`ACrE_v4Wf$XedA5gEAs1y7krC4#x5mHZf|<Os+3^ei#k#
zJTX~MD~e64b@!uDV@mZ47$DXl_YDu>s6WJn7uAEpMrG#~&meD`|GCf?7YV-!^bjuy
zO2$EOt7V;_t`OB(<=O@)r{l#<`FR1z;<L6w5;K9O16CdW5voFPi|2_etd6jhNnVkZ
ze~}ZVz?W5W)pBB*w&)@(&Hj~D=Gw^0pv0X_ztz?}06{8MCqOKJ$_w-Lm5bEhyz$n;
zprsbK;Fr?sGwuN&D}L{Iw7-sh4#4y`E=dYU5CJdLCD5m*Gw13doGEPQs_0#Qo>NPP
zWqRN77gq<{6e%GU<z0#Xex|XD5Bp~=D|)~ks`vwaOHn-PWA;Om4=>Wi0b4gx+?!dv
z_6)h`oJ?^(yp<uMt>hA0ve|jr^bO<7!K-W47Aro5oMjy6dA+#rMInfLX?!Tn*p5w=
zL{DpYxZoT^67@lg`ZBN$zhyc$quC-=0^NMEF6{1ip7!o=4j>73{vFpB1r8R{Pe`TN
zPe|^|kg)16M?;_&V__P1G#U3%Jh8x^ajaRA<Ea59RRYzxMZ6DO92mn>s+zEHrU7Sn
zneh+WF~?n@vEwZ<Ux<HNP)}jDn%`bi_WIlOfdZKbcLH7aKIeW}b1HMc$h2Bo|0nYo
zZ6(hm<qKO2ZCjl)((4)LileI^izfg`et=ciB)Ms}im>p&s8mnjIEi=2Kn93$K3+>G
zy{SeK$K~t~fBJ>soIw*GsA=#P^$TyIXYK+U5TS$&yg+#2#(L+;jCeR%Jg?W0>C9VT
zTeK&U7JYtf>~mUVwI9Dv98ZL?lk%3^;+Apre4m|I1e{}<^H^!#@-!&)1Pkw>Ny2(z
z<ogBfgs}6cajJmnFb`uDb?%%gr{cP{u<E<PubGIwP<eKJ+$D_95O4Atdm+PBgNYn@
z9YNMyCka2_z@TEZaa@OFnq8yY%jh11R*uh^eB&wQ3YumX&U@12QTsmB9VHV`%&P^#
z@Iwega;-$)mE^m<wB-lft7aMWzre5P9^z#tNv8JH>+?D1aJ6xWh2&_<?yf#_e%Vm%
zGp+>x4VW7FIwd=w6bd}?(O4z3TgBXH@&oXbrnZFXMe*a%AWr|fFpxLlmPW5U+Wtv#
z_>b}S;wS1e4}pn&!!NMjrt_!cvgaYOLO9*>mqCzd8O}D>1nhHF?lbjY71CW4DG#~m
zh5UnumZ<z)_E&#)ZY7vmySn3%;%>SR7}o}bX}A@pC4&e?<P8)={nht+(gxzCo(?6!
zn{)&U1A#uc8^f-3yo`_hj_jHo<YN4}7=OrTa(C&QyON+wU6W<Ox9RCqK%&4x(9-`q
z^x3*_pZo<M^fOAdXgVw$(9-ZZRkSN{M4Oq&)4T)(n~>0eqdAjoZ%I=eCDs8J*n}Ru
zwsJe@H8vt?$zi-aGHEe?96x)?>pGnK%hRXWitss9ovlIZxNUB~t$RqXBYi#A(4fA)
zdR&HHV^$~N;b)2D1U^Zvm3l!ZVTrx>mZ3}PX2``1MPZ?TE~Ll##gSQ6%_OKZC^j-H
zZNe*m{7Y<^`2y6wzDelOg-sJLHv>}!mG(dWG8?el2pJe0m@Pv5fi3_ub~wvfF5WZd
z_{$}iQT?s)54kTdE-+<LuF?R$tj5C90fju-k3QPyrOSF|ooVMq?$5e|vwIk>CzX}n
zHM#yNX;WTn^F_VskpUv8HAoC20soi6yy<@S2bt^*ssaY*sPHl*;O|sp+_?7%LtFyT
zf`6@>!jHxA%K}w^Q#p0S{0wuNK6->admi_`7ug4i1XLDO+};1xAocyneF?>SHr<99
zO@olXpP9_|BDbnYMo4r+It*At@=bFFcGv&`qN2?SX1;KSYnCbld4u{c1K{-EnpRV{
zp4-cnALjlcZyc3ug7YeVJ#g>HTxY=%IBYk%><PKP-DvWaPun5FR@U;hpcvVye=g)w
zrF)xWvAQPl$*kk)xm3ZLx|)}FMG}4@Ovl#jKw1^X*uhchBJofkY1iR1em+-f2$Ew!
z$9i+EJ!Pf`DJ6f!MXl&Sp?66GkWvigdk%TIJC*n;M6=lJB)$W;j0~Kn2i=70h$72l
zgjS3yEqX!b9}Fj5T`ZZ?9q<a=I@*97Fg-jDJvpXTg@tSSWQxcd@9P>-c)1WVyEr<?
zVk(kV$(>75b?J#X-K^Xt3+q+U`KNoU6&sMp!h?fSWzFKRrZz{4s6u>H&1Oveo-LP9
zx}EMcf};Q?-wnVxm!{#v832f_r%p(s`sVr3M~mF(<sU4)^fQ<>fE}Xsp#!WKx6G2}
zCy*LoP3RU+IS^aB;h8OYK`97}I}<10=Io@(PPq7hK4puzYB@96M$$j(vz}rL=^RS+
zvUxwE=KKfu0YcD*0N5ODIi3UdzUF)*DO_sP7R{b<-fg-)JmP%dGSK4^byJRmenQ*L
zwDzQN|7bhyTtI*EmS;p~_wt<_aLcGcT`N;S#m;=WULWo{S#GlJ0Z#o&oGscvWEspN
zDm${;i?v3LN1nKcK?qvNC>}+JwZu+Y9?tqN;f_ZcwPxTp^F27_FZ5*0-A-RH*LSD|
z_}665yc&zJgE1c{<lUpquB%Su6KNv;ak2m6V`5=*Un8b789_(k6+Bb4HF7!N`g^l&
zq!wsDcZP}T9UywlVkC?HBTeAB<APbp8M^1qh&BZ)^~v2OJw)eY>~K?tOQ`LlZ`#3&
zJD0bQo_zF9KVII{jwrbG6u$dJZTV~F#nIMx{PJ`rYXMju`{{gc5jz202LDnu@xE{Q
zs9)<_0awG}%87k?7e9V{Q)}RyZen3n;ET#r`S5SeUbJqLIR*J~9s$a!kdVlSUoW*u
zQ>x&gGAP`Bves@)9P@pbmgnV6hdE0ZWASM?4c)c%(YArYK8}81s_5^eW&Erv{hu;y
zNIxmOiw02#c&?K^zDdAq#P<BR3P(uoUhPNTcJBI@Ico>|II|?U({0wBeN+I-K4R^K
zvRqse^}f>>z>HsP!Iw+yZJxv-*!>fi@&}vNV!k<UCD5YTCBVvDwtDNYnqe%U^>hF?
z4-hBzY?3mlH@Sg06|%fT*-lYY(x3fgjnCDxvtQUNujYp6RiZ2M$9=Og$?!&?T=SB8
zz)U3HPGjfmGNA2Qg<Xz^D>r^|XxMB9+9;5Pca@ZiuG_x|H5s^iqeKs3+T_(-4;6JC
zCm|X64cNKXRlRhj@&U*^U8{^E=FDOP5#E;y+t+eQ%^IM69-^GmRtMy4o5P=y6qbj>
z6@3%V=+|Ptl7yc&)J5X;LMtYU#_q=-|Joe<Vz*c*PlJ&mVm~3o|4<(jnuh3)B8T3x
zdP5vI^8^L2%5RLeodEY~2Fbbo7<9Sq!lvRQ2j}G=+-1k&QcA)Lw`gbEYw!Bs$6opU
zECF!X<huxKvWpV##S=^wQ_6Kck_`3ia<k^M(*>FfhdbV;*-ay0u{~q|Q-(MCN`=dP
z9FHAAkKoUV>7---UCa{qZ#d+^j{)gGBXKShx`2iLK{a)~q>Hf=qhxtb%wjf2_&Max
zYrs|S)x`RK-|F+hp<1Imnme%P)P7Voo@@fVTT`+o)@p+HI}o(?OVlhU$m?E%={EO`
zOW+N#-BZ9|W6yFS*pU96=}W<Z%Lc-w^QC@4*{lrecfV+}jIL!A2^ORbti)v<WPC#u
zR<*GJtN$G5R1AQP9y%K@y6y|zv(>v&31%Nyb(EX4_c;QF<`rYKTU%NvgC=m2!iTMn
z21?O;h5&XktVfA1GoWtaU%PIOkip|=+-#-1H=|r`tKW;$e<dEaBL?Spn>+&wFp$b9
zIj8h^pi*P;^&NF(hVnqcZDp6yEflBqOGn7^ywgxJ`;WWO^n=-R=ZI0r_XS}8&t-Qy
zapw@tDcmtq8rjwK*}zGEXI5wU>yW3<pG87s=A2>lvAf;T)Mx{tu9bL+8gw&AS=(^Z
zJ@<32276(~8{1(~?6r?ae`@E*_mXXa&&`9Bll&dBWVJEXOYygu^hKT9k>3zNsZ#!1
zrjuo_V>Qx8{Y(sEI0gBN`REQIx*xFxugKox2qk2@+@8RA4Ml8p?<uhj<uE$+qf&HX
z3%Viq{o#$GH9**aw__{AZXF6)KU9-G-I(t2t8Y1zM+3HAC&9{t)i;yMFpN<8Pe~<j
zjhd1~kv={K2)Df;mnQN6kg3H3IopK9m*T#QlT$eNPJom9o4*8f8?wRxqWFM*P5`Jq
z8xVW53^;GR1pzUKXZ@&snH;J(<-2<OGGs+13UJ8)w2HaGI;>=PAIS*#&y>aj@HhAk
z`4KxQQt{k>?*tUmi)`K(fxv!@8^boCTLyhtf((7?SxN!uV>02LLMvIwZMYw^XF!v&
z*AZ3S0qCY)9>>ER?^tj>$7wkcT`(%D01h53B<ETKE8zcr`8&&RKygQvPANKZJ^HrX
zpdAE~n0{%rui0(DBUoKqGn^T{JN4W!1^KmP)s0#hUmyfa_K_BaOw^x`LuExXHl4+A
z(1z?8)%vPNd%+L)7>mh23k%u`lv7hhChMAGO$#l;D}P<Z>m`kC?)<0P%1O6$TR=oS
zUmhu2<MgWIex=JF3=0-;FoaaJz~FVpx3@Ts`j%YFmI5-s18l#X=fJ=SC`A<|9q}fN
zwF`ZPR{cbor-@!04n|3%NIL<iVeapKh`G2rjQw+gDG9L!l-gZeC5bdUgE|@pg9?nD
zC>mpX01hUKcLj@g^1F#wSl858DxHU$+6az$eU{oWquwT^Iuoxrua4}w*xi2Lq-y8!
z?ogrUI{vHt2^u4fCfy5->w;~cf_eR$I6rN_>Q716`NYo_&800H<abT@kKP9mK~wxa
z@^ZZSKzqtrE%x&IgspSJig&*U@CFg?X{6rIO9FT`-4fUU>*+vpFcxCf2dDYvY5ImJ
zVPpr$lQr|vGfG3veyii;0>XNTj2`ELs%=qksk7fB|N1dkb7Py`+Y)FGk|R*b0mnol
zQ?DcmtjuzqV7_kAWD4aexU~Tx&QLrESU@m)WvaX)5wMiB_#S<&Ty&I)=Fis~qo(h6
zVA*TgN_cz!Rgy!yU*cQj+f{8MM6-_?8{i|XE!nM`w?kXp3s^z86Tmbi07RnIvzq~E
z?XjIr*Ba>K1^|lqzJ926CVm_MoI!86FeM#skbV;GtsSBCtnAgMNqvHzgmvgmoBJ1M
zG?oHQnm%p(u*OLLQhK&b_v=nUWY<7~xqQ!v4md_t7!5_0zX5X)7WDa*SnfR18qzXJ
zs>mAC)u|aX(J>$N2=q|+M%1HWCW`g`VQi?;SAFoGI{R;}{Xef8GZiuRXfx&7qw?0(
zmJjqy#0bXl1|^d?_;X4K`8wW)ug>?x64YeXX^Ppc-n4Ov8(`isGBj|04J1s=p5OHE
zT}q-N66x9=jzLA&%sSwI{-ToMsBW*ZOu#oU(mP8B>6rDb*BF>3BHmyPQzDO9%xH7f
zJ9ZE^cG`c*%TNTXmaAldQ@a7?w{=y~921|By%n}R!T+c;=kojYg|?IT{$uAfcNIqq
zc9;^3*H))-)vd$Br1KCI;}UOJjJqA)7bPyci5udC1`n?a9;3#|`~>82bgZjMr=N+U
zPs?P}hu$Ldkj;w*&(Lgq75+!)=aeGpy&G_U(&{q9ClJG~l3C8if^?&+uZE9MmzQXF
z-$6l#n#S{molyQy+<I0NQUCD8^-!`tUHqmc=Wid{bY9w!b-hRnV)i#bp?;KZ@)G0@
zWHBCc0l~ZLsC3ymZ!q9MIw;LW1G1avLdG&5j{9#3b+0A%+L=OCi~4h%3+HFu=bN`r
z%um3GqDyw9zq3<dDb}Y&oL&kGqx#00;t1?!t)9y108u;~{xa9}6hio{DedKv>pyAL
zt3;p=wjw41#)f-0knNAbR~($3^PIBjL`#s4*ZS4(wLsVWFPs7wVX=qq@4xzfDVpGL
z9LU8v+$GYKAo&4Rk*FRv0rL#ozg9~NQ8}-p==h^!05EJ}IAVc0T4f2t;&0L=>wCIy
zyt-DEl)X}X>mAAtos;6;*|4qpD9JN1Z+j)b@pN^hTp=@uC8H_u4D^Hx^@+gdG`_XC
z1f5as-hZp^o83|(mEdSruB<nhfr?4J(zARMcMI1s`urycJBw-`t@q+siwv<;WlV|J
z-QH7r($BaqS5okOvft(2S0+<1K>4<q1mjVn8xuY0R5mmU6G@cKw8F%^+og4Z9$df<
zVc4j*7vPXup>lt~#OP_0$?WRFRG-@~by}+*=*B$73I3x@7ONXWs^|bUb6M1s2UcaV
z)G$X2^s?7>;$aaV1uIjcgB<8qmI(q`1N|XCSeeAo2_oo0X6~LlccqJ#EWpgnp%K&2
z;I6uZ0L_|^x3eHF4-*BpA$Zo!2wsCSHk)q>6>&>fKee&XAbNm?il=ok%k9LRs8-}!
zq8@Djt-OrKr_$&Bl&j#i??cHq{C2sbFDV&PneLBeAhJp<&Fd*rS$Jx`Nk*qX98dG9
z8|&{QW9*1SrEI7Q_sFKi{n9ujp%@eJgsHz3yBZW<IL&2Fx|!4z_;0r4{_5@Z5(&J?
z%OxG#3{W=!PZ0sD_C-O+cR-87UDu8{|DdI%TkFpyV$3<?YGGk6bx#fQGd-U2gkcom
zs!JHADXlu^W%hjA*FUR!1PrsM<<T`52M{N4C;-Trww1*Hb>7kVB%9$}`M~*$#)N@d
zYpnAn(>p(EMDlH7zvAOxy;4P48{32wKQb(EDmhtA#tIu~s`k~5IXcw;`L)2YL>3;9
z7{?nkHx@sErpx;2iZ(vXPt@E!-iD76AMQFEE7h^t?*sXbpRAmr+-BUSAW5~K>}-y5
zw*u|COV{_9;jotR!yPOS>x9yPSHf}l@Qv2}3qZocyB4j5hlF1_-Zbi5qfcBClw)&V
zeWOJ%pRj{nKlH4XPSp<$2->r&&OSd(&<g^kdxq&nw|lIrnu$TXEwm&}nw@@$mRAH{
zW&h`bdLji+-iY=J#AucJq0JrZ5(82hg@x>Hn7Sz)Go##>i^VM!%D2VE7^%Cg4!spn
z8qhQ6!<XE{?Mvasd@Cs^zcn|DI>rryr`);KJj%`-yUI|*W<d(iFPy^<(KQ9|BApGf
zaNsL@8N5}+Al>vJ;qL9?!xM_*+fqJ=6;rBo>Hv%ciYRa|p6wZZqQg<)nb66c#SpdB
z(qI=N92NR$2W({fJy;o{WQ_g*=GMXM=vxu?!hN^{&vzewuTI$M339ve{`9@&DFIKt
z9!1PsW;0IgtV6KY;!o0tW_qT;@#?J@n#hA{kpr=Tu@u=F0A-2Pge0`$`lSB6jb$2=
zQh<te7?mPQ#0Dm2aFJk-M%2r3H~rlD*afbY)4c<Rb}x!>2x*ll2qSQ>ev~zrK0BNV
zc|t=!=WBeNqXBv%yJn|=cRIY9PSGHF0S}H&ZCrn94_L9ad5^y$&Y^DO@J?T29M%CK
zngPg!7E6*NjNsF8?Y@e&D@flhQ#;J(V5PxtWF|nnhK)|6zb0?>NH@PpUX}l3NF0-l
zs`MCsuk_TQ#@UW(!!Tq)GSPLT=*KMXe8ANkLXV*Lw^=^v!LT}3PLV`wp%7)IDeo<_
zz4^OJYwD+7u}j8nSQ3D#&^C~|@eO!KX>O^Gl<!<A6BUyR7moIGZ{f0qkB}OKo$Syz
zb;q)Gb-u)R#Y~JM4qtsQ{>AJm+JRjo?QvCKWu>EM>;2_AMCB?D9;8^uy;G3U?D0QK
zNNyWs<wN+rO*~pt??B!{E=F>=Hs@zQCiWD3^A>f_hl=J>lzJDY&MuNn+ThYa#rGkD
zNY>T~!|j2H0zdYjO%q<hV!=p%t+*dIP9#{K7=H9Q-E~~PdfSfGG}>tUOm$zpNmg$S
z5tZog)tP3I&2W_#Yus3H(!WQ1xREZ}7UxuH4xOFp$osSut@eSy^|FfP(O*f6!uVAK
z13&v&wV331wy2rRJ6Vx0YL$9QzWh$ASxjp7G#qp&j=8DD%Cz}NdleYK--j~k|8@EQ
zyqIe(IEF312RUy+g9ZYwa0ub=@G^M#qj^XX=a)%$dwMioc6M7J-ko7p$a(wmo@r2u
z@XWWu{K+418e;u13o))!h)fY+hwB&CK?kcpp8kGMA)P`Z*Nf!Q{Wzu##dPYJVrXo+
zJ>U`6S5YL&ye;zm`t!KZ88Y+ihfELWGd-JbYiH`!QMgwBOju$etj2|#zPm*0W%#q3
zG{ddIdzXks$5#Y=3bbd0_{xU{sxkIKC=~JJGMKkRot|T1sAmUk={kW)m#sTT_3Q0G
zib>jwz`VxJHG>Y@t?=FoDEGM<r(1h@{8E0X<zvlP#4XE+b6v*;CK3_w%mm#AgXa9J
zRmNHz-_C4*-ZcEQ28~Kw*Zvs&Iihv;hW2g6?9MZDB18M|O;Rp9?|6&c*UjtFYS%CS
zLNPVtm0#={CWEttI}m)x_6LXyWc9gG{~K8KF9&N5Cz4a2k@ITPrxn5*--wfjQA2{U
zgOznrddbhQI?Z*sX20p(+FdwBmv)GdrYwRH=|0evUGr+q&n-)^q@X99vcnHjmtnU^
zrO&JOkxTay9M+be6U#bd0~R^XI`M+taZwAvT6M^4INk3_tlESU8`Ow8%9s@U)W3d^
zaPffkp9=<ySzq5LW_qJBZNL-R-q?1TSgA)+1wvKh=u6u0^ec=`*AU?+u4m~)7$@)t
zt*E;#!ffH42oVDMlgrM*O8LN$jgWGm0ry4l5KKh`7Y+oSzI=!mRG;qC^g0;GGxt(>
zCMxHBbO`oUfG{pTo+!q)chuKJMXjvF?kEQs+4GH7n+KxO<RF}4^f6tmZQPj9{D{xe
zk|I$F*EZUV{GIW};f4Nc3%`~f%XZ6MpTE(gd9-^owgFw)b{}{{58IUd*$bh2VS$Ck
zbY=ps@|{S|i*whe>enu!GY}Hw`z<7-lc70*LjB;4t{-TvN|?`#z1I02=B4ISqP-<A
z(!rb_Ww{?+;|i%<st9j4E_#*(E{z>1(bv^HuW&X37Wh&l1D%e+-M|N_1rH*C!XS&;
z$Qr?8Y=kuQWlP)ln)<un>&_!w*Y*<~X;<sO@{1L3CDKn7S?{P7m_F`(;bj5pU|@tx
z)lg!{R*T9(?TYiewaYQOvqrIJ!}?HDrLEUnG?g>DjJ6q%nD*ur*l7KW$PZPDWGPRK
zT58?T?4R^fG|+Nkgwvj@j8PSYO{cOk3`BG^(j?kd6qFgiK?L*i_byd_@rm&8{yNd9
zP&S8l)FMs<sAk2*u9+UPsL4BW`^LR8nFh`m#%>3UB=JGoQJ)w$<wh(W9E04CZ8&P=
zKu#FCX_t@!P5H$TWqQP0QdB2Gs503F+a;yZ-yUxt{dbY_cTboj;x||p2q3JdUJoK@
zKW!Q<-%|n|2d!Zr$Cu>C1aVE$R`S1hFw^Mee%kw>p&<&~Rn~jiz^F)T;^p3eaD{Px
zLR6w_;pm9_NLGtXC&?tmrnsj}*vr7TUfN|h6Z%$PQy_7EXX><QS$}S_EWqXQ@G4-w
zc)Me=PVu{9CHPIuXUWH-Zd`}Io|p_TJR)HNiZ^B}l*CH{Qr7u*7_ymzRxVm@oL}@$
zZqZ-LdiLi^tU|u;G+z++v&I+K0CY_fK6^E0$fU|WBL(2;qv|3y__B{7(s())d&p9M
z<o8$gkxfZ&(7qFyQ0S|(TT;|G!SmkJF}AfMM6&UoWzCqYz=7BUV}n7a%DI4TVKA=S
zz_P^)I%WBamog_d68Ea^3b5b!r{oFhLnniQW}hf{Z*Z>Jg?BVR<cX@CQsAV_Twq<1
zuilw*R@=xs=-}JnA8fsNoz%aiOiu&D3Z$#n`2_A8ZtR_nt{Q6~I)ua=#Zxc@$XzX*
zVSP-#Z@SDYJb#$5B8as!z+;Hkg!Lxl4E)=`o3lWKe>v<5Trs03J-2fScWYDe=wwdc
z)}DVh`gral&B3MCgQZ^bT_7C2>v6eYxC>d_xpz+{qc)~8_(5C{;wtmHo!Od2YLSSm
z1AvhL26_BJm<0RZtN-HbZ|f{R78_HHEK*Br0W;SnFL3F%xja>O?iPi<1Kb)YWc|$K
zGI3y87qj?e;F?Q~<IzSft?w1ihVAm5XP?2ou7iVKJrjQzWX|FV>(px*&Y)!RXt+<1
z--5OU&xq^TAO1uyP{jz)w#-tmqY3UydA%~2kZm95pVXbn$|2;vvw$>x0EQm&LbFS9
z-1g`&%F^`qh}7OoharU_ua{7l{6h*HCI^K^i!Qg=3e1k_y|2fdq|E$5aF96&z+4oA
z5F4|qB0!z$5P<=e8<W+zCV_y#xcznRj`CnM0ZYB^NsQ|C>=|`Xv=0@1qaa#pQTF!Y
z*6MR^jFQPFVEa6)e522G+tt-&2Y=Dv;RDl=zqT*Ed$bG<MGp}d6zpz^v2jSmWzJ@h
z6%5YP&bmPt-Z~{l6OZ_XgTIJrkat%Fw+7=rQn`TJib;CbPgBVXAEW)^k2y}G4yt+<
z5Z79DNJ9WxqJN=?EfR##)y<CzIizUqO2zw>tew3&qY{!q@0fS3MSP2{Z5_;wb=|r*
zC|1Q*Jbf6o0`qo34N_PI2<zdJ%}PACu2+<MY40WDmi5P^p}{;8uWRb-YeUr;JK18c
zF3Oi$ix|BZ`eD-BpP#=wTo=PB{6K=WR-XR}Q;t(W%u9(JA;)$h-{qn&BZeF-Nn%3d
zMydV(YUF^n;NAayNs-l;bfmh^g3O(og0u5n@K>IEGFGLi`lGw_NP_htWV1D${J!9&
z+0>P5prLo56V7<jV{~9{dLr~9Fvp%8%Mt54G|<_cH)D|68r<ExsGIWoA5MP5`_-2f
zwqU7{Thh+uD$8yKHWgEy%IQ5kGfx^c6Fq4Vhwy#QcR`WVR8)bL)53)jpQt~(6*a++
zHrMX_?WOI=*~hNz(e(zwd?t61xV&^~w4S%abc(==&CS5YHVy(@;)dWVi|n4FY=)u8
zH;eg+t81i2AIn1*toYnCxts*StA`-p?9C25C*EpZiZS0E?f~;g9;v0;@%hZ0k6%pQ
z$WEh)twk<hZO>wv?U~76pcyCY6p(^<Eow-$H(Rm7j1ciJhAYFBT;6?Ku(A4R#6^Gc
z-V|2jChW%+g%T+4Lj850A{D{Rt2)!KGJTax+Y!9Tc21x#c$%EgL!bCGtpS&Z8*sWx
zrr`(hrxQu4Y~Pk0vu9d1dxi7EedxT2E6#L&GkLO3JvGfk*GpS8FQlKS*+6#lJITsT
zu1QXbsX1(hWI>qzSc+C^>>%qABMo6sm4qMeN@UXq131%VI?@QyZEOkkgCb};b{M1A
zevF_Q&2BHBXQWP5e%WohL!xU~ab0|!2=jtl0iKlrRlH2mQfQGPa&~cuFn*|;eNh!j
zVjyvR8Q!pbg2#~Vv3Bp#r%*ewaNcEYf2OiWZUr?-=vS`sTE*b^ReLaPZJ8yqon(qY
zn4(dZ?9BRF;sjJ3?9hXIQqGW8oJ3?{pfRC`(Qx$VYVN=7cGxQk7b!p{XBVyMMS>p>
zl=)kq_28e5yB0RYS$~)8Py4BKsN5>7txwum0@4(Q*qahYUEklB>*)K#Am1HqMr5U4
z|3K{g@nR6z+nx_xTfp%bR);+~?5(i2lR1EO?}hCwPA`Y+1D-7zb$pybr6!?Mfjb_G
zCbNeAX$saJrkg%!W>)_mbAcHuR}Q-640PRq&EcC>)ij{POiZZBPo9ZHc10ham>BLt
zrcdyx@5?cZp{X;<*iSY3|Btr!j%spU+Qv~-L<CfNjY?ChB2^&S$`%Af1f-X!h;)z+
z5{OczMnOP9jM96ggbtxs5$O_yKoF1;NGKtYko|jb@3YU|=bZQZoo{{X{lm3bE|<)G
zKQq_NJ#)=Wv5WA9k$b~#Q={26$wy?D8_w`b6$}UpI=nUOj`5E}ebTt$lh#>4?CJ!S
zF-0{ASBGx*K{*`v(4A#$nRPK;juqd|cPT_(Vs`7{JS)y~RA=flJ217XHMVA`+^7G+
z-uQ&95Yv1&3KEgO$miq9W^ONLRGdfJXmmyKPW&L`e1G$UWbc|PpCWv@L#56qi~U)T
z(~!}E?M72othPQ$+@AYX*UJTW8HB6ZHyqJ$U;<-62_~}7z!Rjm1s2oq5)+cM6pPDH
zsZ~;eyf*~}7vD>2sdg*w78OxkI>z}!%_mn%e7%b8etpN4<f-ut--HFCqIB3D%KXeg
z6qLya#Oe6aCO}i4=$FhZ@<7s=)S=*ilTXL34L9F;T%zRhqlRnG69U7Eu6k#q6h()U
z66Y<&n8a6UFMrqzs$I8WQ;L(kUgXRsqs+zgX>~F!#?01r*8{KIUtF-<e`)|D-dInT
zk0=S@Dwda$x>0_mtM?|8ipI)3l8<%|n9XHXk6?8<wR^TW(F*l0M$LgSVSAfr)u5=V
zg7`!r)&B6kiqq9jN5@sVT+OD5bo=nmM@GrV)_bSRUirAI6^QQG)FWS!7EEGWfMy*T
zpTxzOA;XkHs!CPe&gzp@ZKaoV&ac28#(Zbt3l&2?Uxo~XDa~Sxthi*8N|I3f_=zt|
z<6hDk%)*xWJ2Hr2#XTn3IGUD<bAqhtu+0{&KennB-dw2j$o!n?15UdF#VAE!NyWFD
z12T<oAJPfh>*m1$jKrSImFo$P_vwR}clS?!W;y->`F@eula;Jyj=F!;-6<Hj?`E3*
zadc3So^qgg{F9d{g8P#3$XL62Zw2lhGfAA}uIHlv-0*g3*z9_%j1^u8h+k(7n3w5i
z>s}D1?C)(ZuAJj--f=bi0s@|>$#6b(SXobS?hiUg)q_J<b7q{LZg1dE!Vg~qn%wXw
zD`X8;MrZZOuafD8Q^2sNB#9Xs?h4RG7{ZqG>)r+$gz;$K4GSspg^8ZFnrv-AT;5R%
ziA64elNX?TV99{gR$Cc<Tjcxx;yzL4D>ms{WtFj>XV3Bm@<pniWy{1^f(79%oIV2L
z2?jirVT&=|lZ{Pp4u5So$enBKreRL(;3DBf0~9cA@tvv<?(mNto|hZ4+r0Ft$DZ_&
zddw}L+`Je!A#`Em-n?pG!}-jn-6EhSSG=DTL1P}UH!=P6LHBfZ>%2Iy-3nMoiMm3h
zlKm+6NwIVO@g=s9!&5H&A-u@dDX>cfVqOg%Bpx&;>b7S#fn$ZwBmujF8eBi3x8Ft0
z3Mj9TsTlc(pzYpM->BT6h>${yr8{3Ii!XHuUPc`{eLbJX#3gU_44Prr;Q47D$Pior
z>H*%VbYSFbGP2-4?NIlkp-I<g<ML|h;BMG>qa0Eme2xP2TO9%RD5O^z@C3A3kBbVv
z_W3c?%CRjG^pX;@$2gn1dX9*kRcn(?nhEAwKS!<h9}F&^1J}=g^WN$RI*t&+=sr%s
zsQ0UEf`NFzyr6PVq7OtnrUZSqr=>p&Os<{x3lJ1MKW--M1fMagr|DLu!TcT<-{}H`
z{`JO*tRGBVD$h?O*{ht`RTkfNn9zF3i})iyAlUgbS3&lo=WXWOEHT!dF^tz2fN;RE
zK=z<9?owvV1%|);IjmN6(__XlFGe-fGgA9bFYb;@5B+>dd($DxQ(Kc^fg5$MNHu*A
zQHQBZ##>w~uZ;Ceo>HK59yE^i4q?V>sza1GoYP|Q7%zUp|J3&6+e^PO_$<Cl-nFBe
z{YYDjrW*CT<eOVtPW1SFoYo9x?Ce$22Kf5NWok|%p3niVn}zUsU_veaHNT9W{_ytk
z^g<h}>|Xe>V@(600o7C{ev((-K)?o;hH;h)0*|4q96Cr{%)oBp8E)3QWH-GuS_AHp
zo(pQB&VNc|*J8gxVStsw-kIh)4hC7cc@+2EOffC0S$)9b#=sWEC!9P^gN>;(QH`f4
zc3r}Zh)!Ff+BzZ`ndfY{Y;>Gc&)!WaEzt0Tn0D&nhh@9b5{#IwwgQ?Iaji(u#rM7A
zILmP<-jq&>)1jBH&j)nR#gOEp;Y3~3QyfQod?0aMXL#{N$`vQ+y`b+q`-3L5%Q4gw
zZ-bNPHsPp8yn4nJ<?-qD^P?C)s+zAp5)?_KD)g1B%-8x|Nh?Ipt7Q*0MF)|eWK(kr
zXfrDzoFs#&%3XELX=|O6PrIU@zV=>u!5XYhMBxEP7=<L>47M})GJa!Z%W7R%S8-HI
z&?`7bkC%pOnE3W6p8i9od5&vOj+9Pkou#<V1uNa8$sJ5PvDG?DsM**)Zcuex3$!yD
z;1LIznL>gBt`Bq*Q3)_*lw}yke#_hZCSmeyU^L~sS)-N8Y(uBdsNmfn8@=+@v<;oS
zLFEe)qZ+A?0s>&E(Oy69`hI*-($9Be!|O)nxaq4$<670hgS)XzT`ZFqUpWg4H2lIY
z<8dKrOGOdd4CSqK<Iu9wBiEO`))S$Vr>bT%UV8z}i7v1kfIHHp!HA+m+RAN{@m^fO
z03fVMyK??-3^!OYo0hwMbL`C;cC#h%y#a{Uy6PzRb80$G!#UNvjmPF07Mj)~bdw9U
zPe1!~-=stB;srhJM|378vgu+o{=)Ew+vctzR#zo&%hc4Cm<;)+rBQE_!70FRWTnB0
zkZ_s{33Hdk6s-^>qy%CLtUhCXNixR$rTpEnmyKWSnAFOk>H+Wea7HAp0>$hyeGkR&
z103yIV@BUYFHiCUHEy2RCIJe|EUvxeN~iG2F~uHrUx4sx7r5uUF+u-vv*L(oSoO}}
z^~q+}qasX-bJb7=xA%34Zn7I|%~#IERMb4QZF{_|U3$#rQ#Y~pGlzV~TySW9p_kOA
zmw1*CJ}o_H#jgQj4C#3Ix}k#k*<M@j(q_HaX63w0_Hd|`(?i;4TnC3VKkL|LwU-;;
zntrf9RXL;|3vXYih?qTZ&=LO-><~B$<(YQ5P}W(lttRs#w$Js&-BV1T<gXE8XqzO7
z2$=qd4zed+Em!B*{F!H0i9riZy%Yz$0Rnm)GlNk6=s2dd7a3a=(7F(8=4u#^Rh!`b
z6u)^Ui@<!IhPiZB(C)~Fr+aYRVw>KCZd{frf0Kncy3V?!3OnJI@m8RX0&$2&RK+{?
zzS`0?bXt0}o2VmEzW@%PJfGZp?(bb?t5E~&b>MFWxYMT;wd~z0LP$6Hnm1ZEm%0_d
zr>%GF>)jpB4qa*884!ibr>m;tj{^f0_?CeF`J(~tl<JPO;#khH-r{>3Yv(U_*Zk5Y
zvg|_eqRlbI^<R{9x5iGW^vd0=r|I|*zJ~<1^9d^-ZKI@`Xs4!{=I}|WiZ^lZ?QDYc
z<7k_~@SGc$cjxwuB}PkJAEtk<iIIM%tip#c%Ot_cp~Wdx{{E7Aj$e@hRE`Zgdhb`e
zQRG17$8E7fOChc{w<$V7exeG?VWEsFa!%5o?_!Np3-Q`;_ugVSy%*#7B{xV%q+uk-
zF?+e}Li{gVJv}t9i(W<M&f#~>6jB#=ohWIimoLdoR_OB=Cg|MnaOlHN2E~$NPRq1}
z)25Ah=q4_0wkM+6uZH{8-A?i^vDMxYsj5!g_$Bx$YuLK&IuS=_?jj-akks!Kb&B6;
z<SZEdI3<Q@-&-JifOf3r%1PXzr`8ng$6QRKXw!GB$GrD+Z-B$)PkDW*_X|yyvVk;#
z4yrM$S<VBkVeB#CO8*=lx1ZDc0vskm?3%MibPfovK-ssX)MDL~+`L?(n?9$EC5aVw
zZ6w<2h)T@Q@t(M?AM)y;TP9S(=5`riu)@bTyvTJjsn?bkb>WFX?i`@4g<8Y-D6qj#
z(}0DC$1JOJrCZgwd;{HyI?fJI@ZQdKvVq#J4Y!#j1F3?9fiXX5IAUDIqq#|>#FWdk
zvS285`bv@;it0rOCOOP{0Cc`tci6p=50!&7kkI1mnc$Q`iII8rod<_Q1R(s>pxIO!
zhrt{VV$c$Fylpn!q0@fM{meLGZ=oK!c^G2}Q=G|=Yr(?&(r%~cE%}wj7qI5kY4Rg7
zpGxVwJyqN-Rqm4ZefwC!Xfxd_q{=!v<ih?F#8V4>2R^%H<vy}g>5Y<VFYlykZJ&Xs
zzvl_~(o`Gn&(#V&KABP{^By7GYT*SJ3I(z_7#fGv46ZFBk)62<WutYCW5rl;#bJMJ
zmuUvQbt+b<p!F(^sz4HWUbbUWW~8%)sKIPlK^MKZq|@8L{C(2I8Wm_msv31Z2v+>a
zQJ8a>CiAeW&K+r&JNf=ZnPv0G%xA0bPkb@=Gz!l<ii*nswk+#RA$?CsN+r8$iIDS-
zFMZ8nvDg%lv^#A4H19~x<nQH!v^zBl2lWHCSN|bfAX1A?ARkL`oJ&*UedznM!48F&
zST&mgJ-@X949>|AUMhzX6dU4_mS10hucvLtT+9WE2g)QAop~K^z=#zXIQdOEn&5xG
zWK2$W?ea?8Y}A)UEJhkw<=4;DE-bX4Yl)>A)KyeD%|((0ehAAK&C4pSHA7Sw;(SyI
z(7|U*7T|Nl(hPj;qbS4SRo~<0_p@rNbzad=vIZlLlI*(62Dq0tr`4-4Qqu<^!sH{E
zhrnYLnSAJ8vVnt>x9ztne(Xx)&J?JRhp?C(5Y*gsesC?9Nb|D7S*g5~kuj4gYa)MP
zP#1J4@qzFu;sEY68WII#!lM|ifW2mQ5vh^V3PL)*Jg2nlI?uU)UOm@ipXz+`NF6x~
z1n9sHbATC(=KYW`cWrPX0S7kfvFDJs;8nY3s{+Ia@MsKC&)^w|^V2{+Om)z;RQv$}
zoQg3>@?3^{-3>`5`vOc7sZUqnr3<`zM!*)T&t`sR9#eIL81aGl7D`Z>{Tu#1FPej*
zjod|>8#(?DQED1Sn7fFD9dlx8jJlegh$ddI;2br=zP;@o<oTl}<o;Xwd7ACd8eI+r
z;W3L@wbAXQcAEATOBH+84riAo3(lsi$`{{r6KFgdf}q(QthS)@1&r&Z$(^KRbu@9M
z8SJi-mQU?pY5@w!!YCG!KTRNS4#6~`0OlaAN1^-t)Y3GrGZ%|`Pp<7g_gub-@<08S
zIQ?Mugn7Z>{44wQ%^nG!U=DYdp4Iv*9j)Kr>ZKHXuHxpZ&ALE+`_fI(r3#1<eCyW`
zpN@wpL%-h4{EeZ_Uzf?W`ZeUoV`ugwum^)%K^8M3;0Zg?apPO+lYUsPZy$U3wo%n!
zAmIXP0#n!=bkq;;(O7`DUS)c|2NylI20~YZUWGyTGq!P&rm2RM^j7|^s7Fzu<8`i8
zvsS}mzo??>J{b8f@>2vmxvY)L6T=3vd)HdFtdL0jg*Nuv=CBZptGfC&9sSOzM{h^Q
z&C1p>#B1vaTNWaYaD^mycU=8O_SdB<`mqsN_v|;#=6H+q(_im*^9kNtRKx>KX4^qR
zaJ+xCoWf*mP?121>9R}Uy{=SIHz_VjreCfdVb?{FF9PMXfyl=JJ9G{Z(=v90Qs1^C
zEPTePI@-DK$TF;5G(mpl^t3V;HbAvyL&IQ(D|Gpae%3%>PV3MWO&+Xy!^I@DUYz^c
zdk&5R)@;cO4{NL!S<~>I(=B&RIJtIfIm)RQ3##_iD(i(y1EYI9Rd4egB1|dk_fMu~
z6g2{|f*v|aE#rxO_28Ptq~k{S;>Z@N1b!bhQEfmO1s*ggN_8;!L-2ji_mnhNd&>)B
zzdouie<kh8d_*cRocqWN&(14Qq_7AP5$$vQq!eDQGvWS5^v#Tb?QT>V+&;s94%aG2
z5mRoDMX+Eemrd)cW88AyW?x1q>rll$nI&9vXL#|eia>3*P?sE^!|Q2Xxv#x(Sw{TT
z+|`ZA>F)bH7sp#v*;w9{lLt%qjNe7;%DLD~iI$9R`T~5ll{e~OW$$QCggZKjtP_E!
zRC|g@xxG16dTiCr;*iAf`iV^q=-jcq{G}nwsQ}w$oy)Z$J#w$TG<f(*C&>b&ihv@#
z8~LlObVrT(NwYhzzaJ?on<H|O1JqZJ#`Rz5OixvuN{Y)|%aQ`Zgr=@$2R>o7qc89|
zh6hnX9-ox508D0keIeKvpd<ECOac)-TpZ3RWM%ol;Txys1YVycnaAQuA?y=w?xiVb
z%yyhIy1s7Fx=}+}Lhf*N!?ux>0;dmypFDT@6MD*AJIg&v72V8wH{9mR5E%;=jF*_c
zFu-5uc4S&V&$f!!HITd(Uv~BvrjXkP8#%qTu4bb{h(=KisQU|lxKv<GAMXiOwK@}l
z0q#k?kTK$JQYHNIMrsJtY?@!#%!-EPhLi@d_j644)%^KLiH0O_{V(ppB-^EfEIk1r
z96?jba!0;7Rwc%_&RHZ&+cAzieL^OVbKg&!`6z|tGgTPh`JT07Q$#~}OU-@@u>)IU
zSdA*^s|WD`T}fS>YCM8gNnK5mIj+v()dKlNXCETD&?HBxHz)FhnbHL=qTg`ejgVf=
zzR5RHv8j+KD0$L5LgHmdNDS>N;Quc=@AM`GV7g4l?rn_KDZY7$SzpaQxqk+5k>j*8
z=`-Wc_*G?LYM%Jm=R{b)`%-BtxCwgtH-<U%?wBWFYV7y#Eqy7HOkC;_LKd%L6hbQ6
znvQvjpU;+j@MAdV$lA#FNf-17KY$uYtZv;K?|{ctyEtW1w5GM*)S#a&j7qp}F`Xzw
z<PJ#@5aGbeZ-Y3@DTNi&s1}K~<w1!zVAOf@d=<W3)sWgbw~$(j=ImJ1jEshxf(Gc;
zAi-|-K{@&+XUK`8u3{f;TQLfql=(Qbgkv$=`Mb!H%=byufv=7frexFky?t$aAU-hp
zF)yL2xN~K5@#lD)J9Qh6NKpwNo>{$-@o~{;4`Q~b2T9?;2NhbGCRQ3)O0-EZwLO(3
zY+=Pr#&>}FRvQ>mH$IpteZVQ8JK+sZ+pQJibGWeFp+L``E3Us{>tuTC8XpiJd{t4E
zEw^4@PbO@X#m{;i{y}FR9vZ(f<TE8cb{YMkqUz=;_RMFNnf$NC)ZAeDy2EeZF0A3q
z3U(@qq)@|{avSdU>k#JvUB8Rh7b+H%?{)%>e77fbdAQVnrWBm68|N3uy#gBajsb-Q
zhX3);(3?_^IrdHv8;p_SolmLgNJEefqPCDy1T&~Z3S8<_@_B<qF$dMaQ;+lbdYX@n
zN5R{GqP_!U?*el7+Q@GVyZm+eGi6*^{aSCc>$7p+y~jH5FM%y93`5-HKJDpe_G^vJ
z#B3nrA=Rm^@QFDpJDr1_3l4a)R-K26tZH<z)Krk;(>Zo(e!7QY+dZlw(Tco5F`#M!
zd`@^P2#+ElC|autAAqN2d-(=#m3VR<nCEw9?MHw$(iwiYoeFX3k+miJ5t`cfUDyX!
zcgK}oiuSt-(CEu0Qj1UujAwNbc$ISe#&F>(66otS^9EQ9MBo>w!-1@O>wP?G6;9ES
zj{J}Z2mb##!YM)EuYEb(mQ`Fq&g0AG-96WalBfHUSKP6D#gDl1#Eg`z>Ps|yH59%s
zq7BE@CG7AnO4TF9Zi+1aypE;sEnYT#cy_D-VA53+a6}|IivA4<ogp32Nf0r9B104C
z5sbE<$4t!d_0h><Q(uU+;L$d~tK$BCsf8-H?2_V~bXVZMQz85(%s<J;Bozo~pe^a*
ziwCtI?G{K3_eN<6akzEz`-);t-q&2FiCL`ntStwSnLjQ<wClKZ`3pd@oDJ;hb_tsG
z<t0zbmjT1fik3jYxA6F{zJ(Etd%v#f3>_d^Pa=s?lp?Af{dB!ZzB8~JsG*vw&Zr8X
zZm+Ks=8?cQHt?Ks_<A$wmWE|nRB>&P?{GKiaxL49SY$=}V9v!S+Ue_-$aFX_a4(Z`
zXPhkuu<CLoWu1mf!-%lE!?x2VLY_@Zz7T8n99R$45wI_5h!ZC49b4F~As>B%cJ4iw
z;;JW+Z-U8FR|gHwNNG!a%6{4?LO<Of(gvbP4Xonf3m<@9FD9U@`rVm8SD=5xF+&^>
zs}Ra9n90Ec9%iu@BMR%36kF@yOvX6KTBcj0HftCGswsRGZ=R=HY@H)DQDbT4!JX)T
zb9eW#9ILKwj+EAA^boRc8>>^5=JA2{nWjW^XkU*^^N8l@93z*YK+|7;E%+WCQv{2T
zvy*Tf;O!4eZSFTPhey_><hW!{_Ta^DvQLPqOTFd3K0)YN!D8GMAknxAcEUH`g~)+6
zuu4)JSsY-8r0le%p6>Ht_zZ=8ky6%dJ@d^6b(E-$fXpB<?7p?A%GzQ(r`M{XZc<h?
z)hE@Se}9ge(UMwMv1(ro1GqN{A1r;(rn!l(O}Z%uDXbDowjfG#9?aABmL^_%TNj7l
zW)3AeiE(k_Yki#10Er?CZ^P8Omm2GPH&*uxTE^;bqQd5x){Zq0I6Pm2Swla_zYRqZ
zM|5JM<ph)?WoU|SXQvid%wm}t>9x6w17(LXzk<)v$8ksC4>gppRg5Xdf|w^Lk)NEe
zx+<l~3~PHH>I9v--tr_tfC*a}a)LgEWQIF>5C$lk4JP}55+0v=Iid&xz6G$1@z7h$
z`U9IOc9tZ9;Ty_C+UN9l(9k=GO}#W*8`THsb?;cQJ++6g9%ZH330VLGn=L~pUBFIO
zYhQL<fKvPEa~5`~ox<vMFUwi5KgL|n99mlF0dhrMH-Z40f>6ZGT2PTj(qAZGoO#{t
zRQ^u`u!-#xi}xTmigA>noj;+0|4(RG|1Y6|wy8AdF5LxjcwS`a4V{X4Y%tG>@=!w-
zK5POJ6Rd<`LMP1P8<#BI0;lz{bW;tHYeY06Qeg`{>`G9ens=TNFgLw05+wOla$^$T
zkoO<aLg;@)iy6pY5x7aoT-{!$a;c}UG+}RN8$4^;dYxtGrQuRxRYoIw_7N4%b=ij0
zIRnBh07wCJ0B*wDI-p;HRgZ}lteUrfB2pLjtV$bwS$uNj@mKH&<|xJk6b^J=Ldc7>
zb96~M@Q=gYyO;S9G(9;P`T(G*J7uzKQ4u}l;*f&p-^op%ts7SflR;MA9&S;KWY|hN
zdXzpl=4br$U^e$G5n6%V=QN<bUxouqw8uM<lYO(0Rnk82fMbq|!2mijD_YJUnE_B|
z`uY%+zj#LNkLXwD&wdOp%z4^TaG}nqe!{EKt+Dd>+@(@k-E7xtf6FJ!Po}YVlE1?N
zS>^saSxW`zASNo1^B4p=O?%n$fX<_ltW^BG1edOvRjFBCX+&@k3upGS)_|KSCVDGh
z_f8G!JY|>~2$R@<2l)s{d5L63hR{S)H17;!@D_od<mYTa8oe&MYFki=9S!>LMakbw
z5lO;QRlRm9s@?YW_NGC|iOo{?aWg8yHnRypz^E4bXZV&OWFxEq*r%iD58;RZJZ41~
z8AKBomZWz9pCqx{ncpAyB(mT^z~*)gm8P>ITgZheHnB#AJ~{s7^G_zL!n-cD*3?SA
zEXSGT;enB6-y#3Kl>h0%v}HSLRSJ#jro0;EaKEJ7k1#ay6>+F4g0}D3#%vsTm;VJ%
zk1Tkgs)4FVl?zhy!@2eC&9lKBKG)XUK-V;$#1Pkk;Y~(zK#T<fi#Sbl5Rq{}VxZw#
zQ6R=1P48|B>)*f!LKjoGu7$@BNMDINnRqlP-oc99G_KaUql4^(`c$X5G-^GPo!tOv
z;8|eP3dfzl)LnkoU~*seKcE?q_K~gd$folo(=4G8EIhKZFT-?M&E7Qa=KJWJ$IoIy
zJMKPZW>o1Ba+yO?;Nva0J?<uP_)HV<trAzNSyJ(y7kk466IVU)o?oA^N)8!fya@}j
ziUL-lQj5qK4AB_JKs!reoIyUvro5bE-hv3b(+5JaV^gIcu*_iR%H`N$icKM66)>2i
z))arL4b38|rAc5A=44l>?<O<USAezBcIUpta@elMZ$KS}Nw)0s4Cx>J4lCRVN#AdW
zJKhh@%=uiKQQYW99muxCz8*^^4MYQ8xgK)7;UeBfQ?G`&*zP2&F!@Ht-f@e1KCZh%
z$H@Izr#9c=Mge>^jdQ&javaP+k-#hEWKo)e*}Kv)6*FjbwM)KVs6krE)%Qy@+0n}K
zPp;N?3ot=97RNW_6YRqilT3K(F{zq3)`TDvA@5c{uy}<_ux{t@9biOL%<|DU0?WLo
zT$<tb2#RD^8w$IQ9|5xxr(@^zgp7im+{bKg4`J0FmpwJ-5NfLmoSUZ=MUfyh9;;dQ
z2z9-DCx2l<3PP+i-CHcXL@45=mgCm~N&PP>-E(J6v}L-2wDpZ)eO6BZmvE#)`g~}5
ze(@G2j|MPcPD5rgKu72ota|IJ+YDGdl8VPtkPlvi9HN{+5djA6P|8_E3xcz`OS6XL
z5V0t6u4Fx8#BS2H7x<vUs0Wl1;5#T2nOfPOf|)7t1&(w%q$X)?eU&2PCX==-^gd~!
z=yrZ1Bm$cs(gz}%7(_wPxQ=|7z-%K=XUf&=v7xEry5yY7$4BE1H@{vJsu%#t&D)N#
zsNzqGDVwpIX4?tiru|HDT7<k0_&G0F7>}WG`(WNh-LV~$?a8|+)B(i-LQ(2#PfMvF
zBUotqLmo1m_wS7=j8`XXTYJQ37>qM6LFGfRKsPlz)?;Qd?ESDp28S`}Xj9sX%)1Y{
z(BSIZmB#HcgFTxU&&u5dAjKP60KNdc{C?0t#Jp%<R@u2W`04DLVcCc1<gDS<m@8WI
ze<%d7+c2JFMn7RkqykTZX3!Cu*2or|*B~=s$Da)2uBsyVvVGCnG|4luMYbM9S_*ha
z?Zm<b??Gj*{-EHL5(gKgIz=i{0{p~wIU+qKY2JASe|yL52V51-+Q3Iro6Swf-yoqI
zi(I;Ps!mG=o_|n?6S3p%!CvXSVmnW~Vmt<#EzK#gTvFNyh)!fA>lmC^Jo=(4$m<Ci
zH9ioIL3gdL03YZ)r5Y5rNPz|yxbT=(SjU#Ye=WnFxx~VLSv-)@yORko)x7l^1J;-<
zLlGe{nnn)K>?D9k9Ri5@9GYAm9}<-S_J<z+c(+RT(pP}dfQja4nav9C8Z5f{F}B{i
zbjK}sZP=!cP_|nw5MWtxwH%ddnsvham1}l(ab{KkwIDYG<)-{?7jcc)l!Ko#IX_e>
zqh~rQ8n52|u`DQR;DaRlbpvDDDdGy9Ig5nC>vi_e#==>xZYl@vjpAE>0p<!j)o!l-
zf~tW*fzuqPm{Aq!{nJdO5il2t6%h&Ztyvngw9Rl5BodAw71igj4O1)tpHYsXahc5y
z5PV6_pkow|8>F0s0>#Q|J=r`57r{ez3?IeSqFgt-`gTnNk#Q3ZOS*v}tk)&!Tj@!|
z!90?to3(9;`@$QNSHit-JuK{>oQi*so^bhuB^0Vd|DPf+)TIN<HJfD*r~R~CAxhj1
zzuTvj^2#T{FSP>xuw0dHt{*rq_)H$q@dhC>0o&ftG9sNEKSI=}_K`=?CG|F%m1kh1
zPNO_|#Co&E+G<`;KP6z>XPVLA1uXM6I?H8gdU1IISjik>`SxSL6aR!Yy^PY-29(Fk
zb$<4UV%X)poYHg$r#x)ur5D)NGOetMyNAqDa9o=XKhf3V09|30e??d9zoF~%Qh|0L
zin4)+1J5qm4>{ig{PCLKoT}w5dk4Q-a6XEUNz9&Nj7yL|3Ue+0=CfR*qAY_8eu8up
zbU(p4lKg8{IU%PK{Q1<3aYNniBpyZMT=|Kv0l%YbD}b)`0J>KF6J0a6=seCjRB3pN
zX_F9r9M1iL=n=UE<u_kWveNS@U-nBGoQ(Jjn3%&I9yF#Gb?=(2QLW%LxRuvX#{%zC
z2NyY;rp+Zcplt!a4!n(9{6bC#7`N9&rh3i}JRk7P{nq0orJXnN=Mlo<p4lP}j6HA$
z6b1}dg>jGsjE2;q;HbHN+yv1QJBc1qyC%_Znql|^&Vs&MUhHaZoV!nG*rQ)hunTk6
zziYcjw}D*w(OCIGY5_W7M?X<ZTqoC4D%itd%9)g*uDfYitDIEh%BqBK()YNJbUh}#
z3)qEA&e9A3rN>gVfp))Tew(hS5Rt|MoG<<toWD~Z=aQaVP@kP{dkaOl#UGl#ETtj0
zfT#>Lis*pNABY|_0}2QIL-PB7NN#2McgYR+Qy?=%NVeY?TrjbhD9UY5<l?1$bxLyT
zEPU1U90{$Rhwk0-XPa0=q;3>rDlXgp>0CRJSe3tCZm$#`^Ydz(PE!nizgpb$^@FQ*
zk<z~Z&=6Q9qMPKyCjY0V13Zpv|9_fpn%H~!rKi#FH~VXsVyliaf9w>l@57ca*Cy!y
zA})ALmjFPX023i1e+PNY>FGKB+Qc!_gx2mX1=qXD;y(l*dcL?|0aolEzKfGLbLm-S
zS8B<ZOvtPlq9cim*jHwsAqN)v-^gtO`tLva0QCyj>XfZ^FUlV~x!(bIy5IQEm?iH5
z>LpDMP>FO36h9EZ=l|4g3j`7`D{y&93AvbEUdi33o_d(!Q|tHY)SB-vvgfJ-P^D7R
zx7n(Max7()N3AE>W3z0Owalt!fyJwrzx-QfZ0OZ8#UEI<W#+*LZ=EA`h0`Rc5K4L%
zgc#<ceD%iY*vkR~PkL$K10A9B<v@aL<86fWlS@Zt(pFpVx!|qHl4RUnj8cNNseFR)
z^aPgbi2MGAys4QMU(x~FBo>i}NjvR8xS&J|$sx*h3JZ>_%T-e$ZPhZK<dUGX9P{pI
z?KzcQyO88XFpw<?eMhq%hw0^g{T9*-IlV;<>U%wtvaH=W;ac2sD?UU0<ONk#kvv12
zQ@tep9?{0B{U2mZaEP{gg|xh(8z#uZ&o-lS7x_@JL~(T!+vK?q_yu?Pb0h;@x_=hO
zN*|yrP@;3X+&EW?ol3l9rrw?zM96+N>D_`rLPAk6$^FWPAQIyYdwj$F0vHPk9;G<I
zLZA;234PYVMYi2XcCAVbYd(X`aXE7N_~5i6dk2@G!Ii4iy8Wxk+snd(L-loyTdDfn
zXhe{b&EA9Z2K^aUP-hCj_HnxEj&h%R(1_LxhlGVn&4W(DTW*KQx-^Lmuew9*LC^Ps
z8|Obg*7FsaUac~{m#g{bS;y)TSS0y7FanDmKQb*$!~uPna|X}Tto;UW*L9|ipP!m&
zk>TA~owqK%6cVz3)MFnR8-IgE)@{5|_?^Ez{Y#r}dd5^$$ZFlL`7q@rP)q5e@Q}2)
zfg!R`_7)MrU96AWeYyQ@W@tCbmWu?UA3sV=YR5pLwh=r54{jx)-OrFkC^zddq~#s<
z2xyf*0(=&Bh*TYmhCB<ABd%4?24g1ZLbWakw95noQp&dw!q?R&u!T}4cF{P;@niLP
zeQ@U-*^m;SH#u$Hb)?!zW3A8r(TRtyOEdSc_4Ei`joJCgH-2h1-TcXhHOhp*VFh&%
zNA@m0L-Yi|Ig{FF@w+MX{ydB?=lC=NK^KR&RM{$k&nIpIFZ<IpwIVBri(K1rRmPrQ
z&g9-$!fl~mVcek<33h@Wu}RO|O&wC~44Sa|pnu;zGAp;SN&d95yKmdWnZo@!Xe9=%
zO=u)B&44-z8q{Vn6TdNZB2O#S5Hd4-<1d%~%J!Mru`AU{a{dVjiMeLh#7UnJzDjvU
zWbB-l8)-Tk(AJi=7y&Rt94LPCr6HrJhlgP$WBD|n1BG6dRl$RbY`tO^&^c=bMd%8B
z#l^gWx!)M_X;;gn63<vyHv}&-*^ep=SL+9}FDkb@F>9BLM6#^gjTaNv)oqRrCao4w
zbKWW03n7lMcHy|T%-YmSZnw=6im|uTU3`5#^TX>l!BAOQWw4jLS@jr3OWlxE=Yi$u
z;7)0}v>)y}`K;hu*U`=#ZwH@ptD=vlFS-@B?^mAD`F7P;$VC&s-iACu?||~UD}WBs
zyWfdWVspAq`g<;aw1!S$nML^=NA)Y0lA8g}UGg4;o$^LdnE#yspRQNo`;?^Ik+i9*
z@5NK2>%o;)0Ke5geDsR$aLKcx+X@-CALX2g&K`R?ALpx!wVYfggQbXhZTl`=S4UFl
z{KU@{B~v<QS@)574fU_*ik?*uC%R05h2SmHbOqQodzVI#9<T?%POiu{GL@Jh(*-dC
ziXov8bZVU9`b1l&ttcG$O6}9^Be3(FPVcxMzEj=)_=`jj=%E(xPt$yCdjKTqG|O@I
ze*j74KY*m+Ux36q5D{lF>h5U&)!Ap)ry)0+x>RgO(K%+Y1)rtKhi|Iu>-LwtvKE=F
zd`EX|{yA(xXUMHxp3>IEUzI=c37~=1O|%DBS1pR*!fb)qsEf`#L4?ohSO9%*N0$6k
z^+IKR^~Z-DzV_Y(nk_zs040QKiFUcCQ0`pfIxv9V0oZ>8`*mopD#mwAp|h5I?We*y
z{8Tt17kt)$@L>)Iq8-@Vw%oIjOT@L>-|emL-|Vfw!d4a^*NUuc$J_TvIq_++*r0gP
zl#;8!2nQN_Ywg4RckIkZFW}6WBr?aR6X9XwAJ*&q5XX`oQ^+6NJdW5ocbqtKgYiAX
z<D=$QuoIL4pi|u#8Jo5q?L!qnOlaf5NRL2o!821gcj{%5UtfG#k@qZuNkY_TS*qqI
z&_V&AZTbncGzL;$yS}WNW1fxOEti+>t1~Hafqq`4W*>He<>ycd^=cl1s%Y{Qt^<Im
zO>mRSH|2^&{Rs=0Jgqob`h164A1Z^+6@mr&<)0Cmez!FW=AX8<R0{sn)*L|69zzXt
z2f||hBCOJX5cWt?;#FU+%e^FdFC965_!A8j4*JqVC^9D2jXD`rzD3CUMAfvvz_ke>
z7*M@wzfz8poIThBJjn3>({T<^0UH7)9lQwz0x(7t9-t7&=JJkbavwQ6nNmYFZG6GJ
zQEiz;dJ8MV=nhcTPOpwyNvT;)BWx-g>HBqQ`~K_%A*uQz+|*Cskx3p3N5vjY5<jXz
zsV$|X8kE)SzX}mqBJZSLZjl*51eH%%guW5D8o+zU%S-!q=1&jtgAz?-!GD?-BI26a
z{|`Fl)$6J2oUXeLjnPnFzppLdrgAm9UIxtPyMZ3at@;@~{%^T$UDey-w{^tU*4MSs
z)RhfMi+B8zGS%yDYkk92$SVY0sRan&>i*k<1kIWe^5)i`12L`}eqV0}8mF#W8UO{p
zR+PKt9Kn+Oi$w2~GosUTqjO&pQsF7wZ&F@?Zv3%5sfSyiEP!J<HL`O2eS@gwOHEZ}
zKtM@?0!^5C7#>C3nI*C^s2tHA44&RtP!X$px$b8rb;(%7!GQ4u+wGf6BW9jdWBL^6
zH24tABE1b@SRVSPOMd+qmyFWfq#rJs=gm>n&+$W%wDU4nulHa2%$DiiXAo%vEAd|H
zm0AP=UKNRG`rWJkZsiMqSoyzuRn-Hpx`SV+$J_kwRT2NAR~31MfA~ESc!+ETL7OmV
zQ=Fpys^~^ByV_(R&mEdTsUSm0joX#bqYavP#EB*H*k(W8z9DVgK<ib+2G*dwhyTUA
z*&9{qV~5U~jgIzNF`Fi<jHC@&IlmiQ-I{XuG3qcbP&E!4Q~NO<vSRZNAak3k{(Gbu
z;pGIR2`4?slav-9G2cSOv?3$GJjAGIU-mOUSPI+N3KOM=bVVCB8IlN>It$OEry>_s
zzkffm+%hZi94V&eI$he^7kt~*RFd=DfZAG0%-Xse`$w$o#dvpC*f3QZX0%_RZb5n^
z0Eq>$(s*W(#}z9}#K>=a1yflrG4|cz-m?q!MkbNC+9=35IHAP_Z*yHnZf3nLHbYkJ
z4fkg!xd-gh=bmeMP~Ify&b(u?4a@P>mPM-N5zb}arY+;(-f0%$s+_wLsM}`n8tTQ8
zMoFd0ZWNL(1=HQnQ9uGou@Q9%;!ew6Ub_@f4NY=NHM>w%=g;Kvs*`kRQAji~pWX-J
zgg8UEVHS}C_^vkiQHnz=tD6+iDq-Cv*7}KIW8`Sl>zTKU-)T2=TLvcT-jas)yrq^V
zd^gt2#^yd3Z0K3J^b%11!vkeo#^#G?(-9x3VB3lJb)f?J0Q)TM^7)r*$ImzYO49Be
zn0zwXUKjoZ+JcMXxoYh%FOxlF+b(Rbc`B}rdeh772=VHckknw46in-{!ngAOC*ga#
zbVN&X!roe&RYqc_EuDgc__~C+bJh$D)*6G=GC&B-Jxmye<NQlt)pXOT8mDVhqLyA(
z-5PD3T+eox6lX!F;4|TH#s&*F39>#Wy5aI;oagGcQpTy@7-}!U=)OO2<z4MKY-|UT
z`$Gk#jEHLq;U$Jy=?+1iQZM&Bu3%6{AM(gmkx<=*oVJ#WrYnR@RyB!@hz!x$U@Eo4
zBDF7F7ZS;5H(CY5fiX?dFTR&D&jd5+l8LHSZV||eHak_<q#;!O?!;sney+SBkB8kU
zre)KXI<$k4LK!bW;xR<Grh*cEfdFlMM3E-wJkEURjlerhL-cbE%u}<^aI^&NG_bQP
zfx<y7pVR%~Gl}6bFAw~p6qf(yePxD0pXf)O>azPAS&ut0R=|~B+t02<J{A6VeYjjw
zn$gmApbrOES_lD-?ST#Z$FV0{LimWWR=OL&u?_#_*tXlk>H{LWzLKVS8sm+9{kf^}
z#p@IAj@lmXwl_VMcRgE)5?E`qN|2hes)J-;fY{<hlPpY$M9u|^YI-=9TkV=+YBw@O
zPqGOx2)`LP+z2N>9QBR2yEP(*W)&9*exjy&(yw?jlGuJ>>PMRpb$o@VbA=t7g|Dj5
zw_L_m0EuC)rAyy*gkE6_u>&H_yx|Y543C_t(KxUZ2g(ked8s5oWEL8xZa8BwvD2&!
zJ%hf~)^Sw<`?e_8+%tLO#q#l}1;&V%UFhI}6O?2<xwh5>dkG`|)JDEmv!<dnf}&ee
zBYF#>J_l!UUZ^ONF1(z_{UQ5<%7nI7s-)AVJFvND#dsFNvV_fxaoZXckM;CL=`*d%
z6uVi@&)LNl5>9%)^+&n=Y=GGU+7W-%6hnoH54t^SvC43sl^!)4caRSea3P?+CPJ|+
zHz=uW$#aM>Br6?65hK_;xmU8Ed$jpf*m73RUX<hQJo|_#6QF7I$+3TEn(|Lga})om
zX}o{awB=8*N1eLv2{u}<T$?VA7~#;hCe)&ewq7tI&`m{hqQn_3;4u|0Xtd%MnB(U2
zb>^T&=?q%!OF0lqzMS;wuZp#=|Bc~%FF-}cz!U*kHi7X|f~1Z0XKU4U{6QAzqP#lO
zKgdQ6CWsi!X^fM;#0-0=FFP|#gBV#rIzjcPiDK>hKe@Q%J@(tZ<#9^ztxuwE766R5
z_w#9H{{%+FpTL+@+{`ZXi`7yB^XCwQcC&@uJYi2+@Y_5y{w$&3uez5edzIYxWv2$l
z<UQC_pwb1r_dj0jGk9{xdw1GQr?d)<2q7Y$`oI~TR-7`Ip7<p>H=ZxAzG=L1N6NyD
z1dL)v&N&bo4{%oF0B6(V{}pH14siC14@#R-LIROr4TS)emOI4MHr#P%<SA4&yj4Hv
z+qcd?F%+<whp5<+@S=+aw~MWka2XH{o2}h#@N&GfXIR|Do(m<l{2PN-8$W{C&UL70
zLlr`L0s12_^c+~v_;<wB3C^9;{ujgrazvCVst1;mbSGAiqDI6o>Lo1Ps7TZM8rFCG
z!Rd6mxMpIF#Iy1DOBTg-x80GIk!iRLD=2sYX&oAh6y09x1?K)atO66puhL8?NmN}Y
z2#|iu573)k58F0)ZZ?UT6(3r2H+1t^V^hyne$ICLs*V_tfCFEkkGzwjRInmD5Rr5i
zVpljn)-;iNt2RL|;`O2Ve3szLEvf@Ol$e2Kd9r(+x<b?2-aS7XkKtO>SQdc`tmEPq
zXoFtc3nYVIcX1MuNgmO3W%@U6KyA+h07+A+9h&<SAb(fe*9QRU`{Sxv7R-c_Ox0cb
zQ_^t7KO`NN{asSr#dthpQbJ;niFBP)N6^h6+_a_d_{Xe-F#V0+;UB5xnllMhT>#&P
zaW?o@-v->Y&40RS9QCm!CG~&0X}dpe`g)(}!YtujZuO$+_(09{eXgSb72v1)HRe3X
z$AyT64AmI`#h7K`GnAlNR%1LDd7YwD*_Zyx%0?}$y4Nn?>G!$p@`HpNK9!(@ABep)
zK{Ka#%wSGZu9f6C$yN5{f3L9s%>HThupq}<8uEGZZwwXlt5dfFmV#B2w^r+Ld0zBJ
zkmKK+?>rDK{;%A!rJl?yz{^H8?$77h1aSzq%IN&#nzap~mk$Dn|CLK#qTX~wh4{L`
zs9~Qn-{<vcJn^dE@A^II`QKi$A@JsH+ebC%QJrB&MrkJaA|ZBz5rzE_H%XPPeES%V
zGggzj%x84YP1QZ(J96?+myvf0)X>m(SYN{7QTkL)o`W06_~zXE6-gy0w6D+55Bhd+
z5J=nb23M=!Uq=W1{P~>q(0DHfsDmG@a$BvR14T4}D888i4%Vae^R`n?OUF=x@lC!#
zH)npee<!Bj|M;4$=T6`qwkMZfTi_)N6?Xh_H!?Bb6JVz2IWN|sl}smXrZ88Qy?Ho0
ztB;KLU>NC_=wB_@J2H+9bU{xvFlJJ&<A2B&1v~f)SX*g^rTn7E%&gi)R31VkfOz4q
zGA#JdjSe%=2-`zr4d*<3%ygR?>f_yI?>7Svtni0|ixi$E8{|X<`P~3k(*?kd_4V&w
zz>IY5B;>?EkX15njj#}GO`cdXOuscg0Av!%F-}m*Lma>dG;3o2jUl3OKW`p>e?JG@
zLe}`YsT^D(P_>Crqcd9PwXnwmGauO+Ne<U4NVrxc!w(<?t79pIT1>T%bAOqcf5CeF
z`fX1d>sF@9#f@IuAz=c2Xl$x}*Pq$$d=4)VQwFEzP|2IC!MDj4bpBAPR+J&o33)C7
z&&_+e_t^;I1HQ?YGE4F&H-Bl8aTyCaN->@ha%tt>5mP8y>8lyTF9@Ez5|*!Z?emk&
zeW^kS;F>h40MW}8-r7ivqRFfiAW~Fz!sY$2)ga86JN1#W+oG^P?O4%rl3`r!?79^}
zMh;hvyf6L0>s6pc4!!TEa90t+0Nd?&h*)-*CB<!KrSp~0kn9^l`Cxx7AgKK8(h7qE
z`X))?!gq_)`^!k6NQW0f2)jb{B0gYn>%HB*M|B3FAZ|bm)*$@n2!}aT1o+S(OvKZR
z!=$OAKDt!qLrdRT{_ya(bD7FRNpn#hNT3f|lTv}QpzzEZJoQB#x0>P_LZM{wR<W-i
z1FyCZd`znJqkCqxq5W4}#S9!GJ2sYrC8<s6Sh{v>e4l*rLycT1=Kd0N-ue>){LO}c
zCyt`DuxVuuFlpE+A5L`fO?`K{YIp>>x5V+pZvv`LAA}RNFj$cpiPn08S{vD4Sblgd
z%VA=6|JU*k`M56Wk2;m71l}<UH<+y)qJ&X(KoeJ}P&(H-P?MVVfIIC%zrvjiJ_aNF
z)cbL+orH$D&%iQ^@ry)FfJhpQf?0lXrTG){ny<=*yUT_ySC9F7Dt1(=s6J%8^CIaj
zoH1DH$0eHoyUr`gx?77bsGyWR-}qu+ljmZYAk&N9JMmY!&ILjI)395~YmJ69Y5>p7
zdZ$4oobwUnOv!9Txz(e{OZQIe3BIv*c>3fR!M2uq+1awHy2#d`$m#K<v+3YB>C5iZ
zq9>X~!baSM_gBag<nprpY*-LU*?MRT_Y}?y^PeelNleq9uB#e0P*>r7bO!o?Nfa2l
zzAqJ51q49>E8L)p0h%~BrULg=x=BGP`@RSJ<g%A`w#FMzYJb?BjkbFZhYjiL&QzcS
zMDiUY>+uCIU(xSVBXe>wV+%%3rB)unas@<~_pI-&u^f|EoeJZUrmrM8YdwNga*>K;
z^i-uoOVgR^QFVh{Cye``1$v2*(aGL@T;{YyCgEftFUpnTNo9mRqU3(;xjz%sFZ<cm
zt#(Yzinn<iivxpW)2NKVULbNB5#CN<*9U9^=*fkKuDNq-Sng<D5^FzokJeX3*Rlg{
z+jq%^sf#@pT6HXf<YHSvlmkq4#rAY{?Zq6Z?Noa;&!w6BZ-uVQvw724wouygBqZnJ
zs@JkYR?cpop<bWkMmDW<Agzav2!z=YHZ4abP%XFFF8Y=)ETqcmO$aLk1Nx4qqnyPa
z0wnI@t!-c$tjm=vAgYTj)A!s)>MV+O24F-yeaDAVP#fU1>FP<fXb2ocpkCG6(T*zu
zbW#=p@~ht%BJ~g0ZxKO&##-U9A!cL=tR0o<>khnliu}oa^0WFnh1Cl{M_Kw;{y)+2
z=s(cW-k;;|=!jAIRI?LZMoKS;H;k#P6yvp>s&)O2)T{R1h9TSBxqIi2Mm2luOl<1P
zdMx()q^&$G4!$@u5Shl_)(0y8aaA@sa}u%ZVCVee;vRt!67SCPWEV0A@4!tmUH`*W
z&7PtGQ~j3w(^U2TX{yVyTcs#EH-vEUH-?kx2TaTpJFOsMHKvk=S~aN5`wH%=-+#1T
zW#>2Txd?A|!AspQ>@P%1cGN013_sZ!Tlq`{1#9J8kkIA){>m6DBctZCRko!P#yOL`
z0c{4>HDIdP>i+?{ha7(gU7W>K=ifm$2Y^mEx#dff^h(t~q4S2%0d%JP9XcVaOF;$>
zgmdWi&m}uM8w%##UfxvIbr--DPc;k_lZ`{iKV$yz3<CuCfA9>rmA`lf6d+_AsEYe{
zA;<sl47JRKfRO*<84ApqReG(7J09eeDgv&rHgEjw-#mjOkHUv5P%)SXrG<Lm5yI`e
z0yzx3NMu9LvIHfjnQYI0)ARIZJI2>CB64;S(u~nv#?0D>3}J{p7=Q_mf}I1@D~M{)
zOK+p<2LFp2cvZf8p%d^*+f745`_w?(gRFRjLROEA9NG4#EL-;gVxr=P_Q7c&|2z%q
zAAauNuRLomsuMKH@=pc%Czj9s9m|dBpHeHyAwvST2MHedIr!fl^5bI{P;cS?^+{@>
z&wgV#2nPJ|pTiCujxFGD&UyOq95|f#zc?I<z>-n<(%){}1H^TqE75Xt6`&bbBkfjV
zq`t%d`^dtKCXK?H(fO1C&N|n6IOK2M!GG^B-r>u}(uGdoOP7$7M-QAn%ca;?f4yv9
zt_{fl#!Z{RAL(I(AWp16l<9%Nyo6v4zb}4&N3NE_Oig~;!^iA)(YehCQvbnLA^&cx
z>~!XOV4A$<etv@;N$;Q#=wop5#}iCj{iKb?%#g@SzuN=;f<IP=dr|0;=A&%j9qHrk
zeX{ulx65ByhE-JPuO;ux?ntUeC>wF6C3=~e>H9P``h49hjJbePU;FD&s=xlM4yB*q
zB5K<1XZ>96$`c^hb{X4O>H@K&%743cE^gPXY7=a}wJYM$bvPeb;u8)QpjgdBh52AO
zU~&}iK)k-PW;uG)U6i<=(Kg_h@}olSrroFTZr&92D(`6kpk_**j4noDW{{9mathS?
zB7tsrMMEuN-ZA^uvg!NTSE2IEf_~zSAhKFxy3zj2Ca!PR`eGd&UEvCE#8R}RH!hcl
zr#uK0O-eMd+|Dwpl;6IfJGdBRqqb36J=wi6f8t7);)QAJ*x-^+d;XhB>Mm4p02AKe
zE3n=W7&QQ79ag(<ppoR1cn@Fl%_v$0;*(}s07!Di(?kIohCE3>`Xj9~$8HvSn4+ei
zGMH*oA9ky9cqZr`^L@3#!q?3`YM-akQ)UYg8uz;)5SB_mp-mO0_kz!+Erkfsu8*MM
zJONFud}(6iB15aw3u8mqYrw|pSKO^PERJKli`CcNj8jwJOri%gzYZ@f%$se23n>>f
zL%IQCcFEK>rY#*Z(bcuXZ_XMBio_41%_@(~$scEY_5InVT?xQ;jE6f6Fwk_U>@-nZ
zCSoLJ|IP8L3i{As$y!qnkZ4Tt+<opR$2f1zCbcn6XK|sP|GCZ0VHtStAqhf6gBIH}
z6cfD1QQGaHEg9<o7rj`$>M@_7kvH!5-|?OjEjGPW|Hj`f#o%>DW)p6|5aNo9L$Wr>
zSBHX6(?8KADYf1%d7AmtE7jBID~Xt>4`(X!L#65?UY1JOym^>#<>S?dafzTY$!dRz
zo$?Trj?@KIt?>8^YGSh)!rC+i^a-p#qn&#XcWQM*K`MM)f}rSj`25><maHp1yH+A;
zt$=TqrKtVJ@N4=kl70r@Wji-u=*;~<nMedWnP)_KISV}ngN)I+V8#?k!Q>K9ozKk*
zX8S-sRvZ7lIz=G=agyfwF7dGwwO?;5CEIP%foH=}JgKV_m~22PY6md_P1B&~7`~9>
z6wqCy?x?zV4kfg6Y+;u`S_Hqzy?L@OG%mEs`q}H#FY;o*WhQC`kjALdB}E6W9g!s<
zSi_u#J0K|+@*=i_UE26P!a~k1!P$M&QA{=i`4k7nn~iAmcP_v3JihofR$ANVUZ?-b
z%PnmoTrkW16dy<o&omPe65YgLK^eZQX&?CB@kzo<;R3(L*+eY&nVQA5@^_6=vj!9;
zrfbA?f+i68|Jcv1Y_v0|Yak-p4dOyBqMOPxvMbYq1g5U&Tb#EOkbZeN#wa`Mm{Gvl
zr!F8mn<OBjKm8M=91a9R(D4Q!5@^P-!{C|APfReOz7RGiPp7@n&di-J^i>014r@?F
zY}9$J2S@B9`R)#pM^ys@GwQ8Tb_VI`$<QzRrzvQn8QFz$bf%y|XAZ**V<VbHxjnp@
zJL*f2(;Ifp^mofIQRvNQxy*3bOQ*Ti5`smLmG^Vi@4pWS1fQpW!kkjvJ>gU*{#tRL
z-L%0gz$(bGq09U2$@6T%Qu7`Z+5PP?z?mGmMX?JcS-@6GAnn4;>77vbYUOhoVoz~_
zgApE=xX-NF<oVrf`7Bkk9|3pzje#N#C7dSB-6*4gvgiX!xHB>in_JKd+SRDGw1SLd
zt5}VWS8PKOJ%`U&9YXx_m|kX5UkhnW+J2&AaU-~!ifn;aEIthp2(G7}#xYVff1wYD
zPujvC{TL%-T%P~N(5I?iDKMV2QKhYj$8pL)?4e<hN~ShkM3WfNtW8F_3&{lriu1>t
zQvW~N-ZUJ_KMWflAtWaIZYo={wOA_4Bt?>>EM=P{Tbd>bqsB}KWeuSylT@-!_Oea(
zA_-+@wxle%CpF!f<^TM8j^jO!=Y8Jy!}ET4Kg=9HxVi89w_VqHp4WMSuj3J<i?P|e
zK{Vf%G5I9*;ug~N?=4Thu+LB-R~)?4hg9RxjY07CLcv|>B$h)j<qq?o>nw0iNp_*(
zE?YQ7L`3cgY`Tqr&!-{tb)yosiLnG<0561cPmnr@r1MfHOotAP5&_8`Pnc(`E~?s8
z+}K#=AFa`op!~e%)7EZJSHbtsDK91l>c3`Ix}R8dS@r*Y-T7=!>|6d>{`1pxlP=ok
z?^ENwM_{|+Z=6krh9<lq)1@%)@ZN1HPL(?|?jO-=QYhx4@lN!i+XR%}?RJIl<juHN
zG*euvwSb&xR2f+J>B)~I?{lZz7K*haFh%Ivp*Iu}ATV^J((5q|$!YC-@X-!%Vlhvw
zWt51*@9nz&y8!e3fS3FOim_CEc|f*9f#SLMrJ7;aw|S##NnIM?U<018VkmfkzR*=@
ziP_9EfoGv|qz0(o+k5_*q3NK<+)pPgWWRC3PFu;)ors|!b}7hsHkJ(xykD7`zoAN)
znJE_}Pmxs#!dwHvVDpjoVz%57KA9)%j~DnT*=W^`n7#<QY~vo&xzQ>^Xw|db08iz_
zuuYbiV%TBbHN3s-<Sx?2Z)-HvmLsL!`1lX~ouWp1cRxOTmV1btz12|*A=g8+7IdQ<
zJ(s<?w(uy^b47>i3uktM`u8~2s_exra9G#%@nnjXyI6ed?u%ayj#BFw@eHFshz}PE
z%=G5{lcGay7Wrk^_6_gA9GBo1H@Hl;qeQx(aX%=i?FBI05wCZWO7Jx+bIiQ=IOY`6
z$o+14?$n+q<p2BriSiSC@RNoenVE?N==63~yl1CkkqVq#JhkYNUvN22^AW$Q)b~)`
zp$lo<*;xD+kIC)v7Uy2<mj_Gb{AvRAmt#8s3m7H=K=)Iz=D_*q^z)W?0yYA7)dM?J
z<JCA$a5`I!f$F3stLh}D5JGiZLZ4g;Gcukv(RumufhKcZ{H)H#K=E7MUo;Y8V=I8I
z(I!4bqW_2B$&p<6rGuPjRd_Mqx~4+=hT1q%eWcR^+JKXG`hB4TZ#8@rJ7Z3%-)$wI
zDSz~dJlD1OtDr80n>8+&A?|^NxTd@<g-mpxHL8On*bEhP`16a)@WEUR*E%S7Tgnb*
zibUY13m23RzgfH@w0*o=DuS-GydQG#fitTncvb-8%&WC6TdeuM>ug`7$Saxd0d@bc
z#%Dxt8|+nlbLxb_PXmD@&|`?I!SC3~0trv%kOc1>KZh3!*^l>nHoFNl$EGp$?2Tmo
zly#LUHP$A3j+|*ok5;bZ`O1Ag*HJum5<7sI+tigg8QtlH>u_f~bTQa+9qW&tQ}t2}
zSDvtSYqzz#K}(Yd9&A5*Qq1D2+$NT2gwwR!{QTFbm8)&(HkU8Elk8SACk8zESs?m(
z4C<q*ts)>&CrPq3fN{h5nD6!*-O%wUXQ`P`^-Q@V5m@z<L(XznUv29U8F!9l-{5${
ze7612n?HU#zzoN-e07`?OOxk6)u%hT)w%cjXH3)`yBYpdRGF0m>j@;)xPkB=3_p!1
zNw9_~j{!=xh^j|r{)ecsx~9~VS5Oktu3A4e9wB8vdrJ0a*B3<Fv9H^ecPmT_`fT=q
zx#0y`pf21bh(Q!v*bc|4lIDzXJ3T##TUtiV45nM6&l=4)eOfgtx$!RgNo|%@;s^2B
zBFz6bWuItn;*+g}p=m%7XTYdVRWZ&(-KjOMg?&>4*T+F{_TBvBxmI#+?S6_DJO36b
z2!#Ol$eUr$a#)UWPZKP$up6<(p)&9umAS>aLE)KWKOHU)zey1ndVWEgw)663gKy0|
zP&FJ+prKbB!T1jIU)tzj+_dJ!)2SV9mxF!YCMMP&({BFc?nsx5R>tMSfgQgCmK07m
z=Wr)t{c=3QF;{Kw@=J);#CLvD?0Op&_%+LAa{L%uHvy~e8tP~A`B#WZ{WlG}-U_MF
z<P7sul?a4P{Jv@yJwMrIlQZ3bsz9)K346^cjT!kGH)Kk6oV#R#{Upm+xEX^}R?$}6
z8d1P21@&b~m;OWC&ISk_1r9ZV0en0`oA6T*fPf@1m!HqU)RO|f3xX#Fw4Z+qcee!Z
z>%~_u3B;qp;u5#uDWr0$$I!to=9wI~PuEt==LRdau0iu(TNTmuv2kZEU32;Mat`yh
z_~YhnDf$2V_V`V&bM@xGz^@M}Jc%cF_-%&uSV*ah-hy`(AqDmiUYwb|6qU|<U2JbZ
zwb*~<gvwE?1h0aO2apA8y!(+|M?R>!l;DN3kV4*e3Y<jK>%@{W{8b4BFP*%ZAK6nD
zr=HpEOcIePGGJn0i*y$M{%;D9wp?g?v@MhF(p^!wqHzKH#7OM4opsjVOy`&Hv?8a1
z7J&{P>`OYN?jc#cg+Nja0*v#+F*C{6RvO&MFdGYKCEHPRV%fj8HNF1x{vW+lJMNMT
zg=+44n=C1Kx8!gq(VkCp?|IH-PD@x>LZ>+)W2P(Cl|)4z`jb`czF|Y7G(}anIjsjt
zM;<!fvM{#&58+mPXXqG%r~selVBm4KCsQnrXGX^*sV1iq73aJs;1Va&#xAT)u1>e#
zHIX~mPmbzYyaDaNte00NMLY+|^$N*6vjv`dEELeGyWiN#lDii#=F0wByhdE$o<1E}
z*L0`v&#<D(=tD5x=YrvdGEkJXlhpB+w$ZG@<$#6(=OKKf9Cq+X+iYtj$P^Tc4v?<f
zsyQH*5`mgCWWC4j$5R0Z<@xmUL-1J5g#Y7&#UY;hFBvcgoTyeiNCx8gr4o&;g2Cac
z72>!INCvLPgji7Y<}YQ0QJ(xiW=DS$sg~A3O$KJBD50<d^NM2Fq}StsX=hi*x<{eZ
z!vjxDJ>UL0Y+v$qVr1=8>J>}R&+cptn6{fQdSW1N;9JxD)GPK^fp60-W32-AxuB*y
zX<mK(L+Ous10CpY>m#vczLWW8FZxeiy)3abdNvd|M^u+8Vg|0)q`6@&ntT<h&=g=f
z{QSQq{x2;P{_!5_$tz-XDts0#WEIY!HF<p}O|Odz3ONHgx3N}BF<NUFe(vlmuCPz?
zvKr(qP+@USLX-rcIy4=UB?a&)0^I{QE;qhf!|4^y??*?!pNd(0UQflM{_druqB*)t
zsC7HDm{Ok1n!t4!S`{!c>k%!KW4p<m8@az0yu2v}WB(zF7y4b-f2KElx&Al8$S~H#
z&wvX`bvlmNY!Y;MTt7}$ByJ70kt6#VnocXG+?cgHIdw1qSXVh(rAVASd-CQ{m3Im&
z?tiVp*0cjoBLkO0*l^(%HOvGRas{R`JTqF=P+frqBY17Vq>wmSCXcY8T6gr)Stc!S
zMLP$~!*kCPMnBrD^E0XRVyY;xTuj&VXn`GBD+WD%w)gDHrnL7?(!RfU6#mfg>gYn6
zY^BfzMD96h+rGN-c`{Gd$!i3hH6>)o4Pbac&>Wvs$e<<5!G7puuM-9Njf0i=q%#XC
zp^?`1Q;Gp$g2&pf?+;Uy9XekKwW)OhYUU(nDgd}PRI#_CCvlx*(O<MAs$>I~yvdoF
zc}H&Xv_-0!6P6m{w8Jn(`LX@E_G^h<fk#F1+z{LVPCPvNR4_;tBH-9^en|qB9V8t`
zVp`i9D33XnVJla@yvjZA5$JLE=_UESJM>hxMz~RfkW(OjtE2|wL<z^CmFlv<$MBj%
z<Jj`nPbEiJw<Y1bZ`W2{{#GrdvT1qm#{!ttje<@}0uzHKf%q`@!ZcjhISiwiq)xH~
zeyF2;???J;3y;P>W9vtTR;!+ERcgvT;r8<F&aSTrOT6bYlIu#G@%T3?i2^Oy1PW%T
zlcWV2uxhV-1H1hhVNRDl;x$EiWK$?rcII4qe{;7n>RO!po36yi$T3_xNxc=t-A6F{
z)EdB|$%V|xK#h0H#|xg9U2EigynHT2a(D07^YS~sWFtfh{;qPsyoqNB`bmwRJrg`J
zXo01fT#av@pR@Em01`Q~)md8|?9`%ic2s9g_wnwVN8f&JCQl@A9zjT+0-2)<p}W6A
z?c~_U_%e?lSUInTl)t94hejA#AMYrInObbgQ7^RJ=K97b?VpFE7!tm52$VOw33}0+
z2y)LSW(imFna&w)0cH=6nV4E{_*m!D|AT7k!RS0DX2;pTDc<d)*pdR?<P8SaAAduh
zB5?}Y`5i+-go8C~y>1+$C)~W{nfHWm`Q%f%KHP34q-=-ryJzWY{aKLr1S=6dT03#P
zU7KGd5cwt$hB2v`8DtGJ6W|LVd<no(#@d))kDNb9Ph5Je8${SrHGf%IJ2M$f&HR5A
z;z|D@&e7m~1Kk)&E2DNSx(iizOJ>Hezhvn1Wt#h__UqPrf3ia#%&cEVTtPfWjtnJ}
zn;dQtbp+F-E$th=uaj<<fH>Y6<udl$>GcZ3*E|I0X6ht)=Xe@j=9TG1vGZY52JD4y
zvQqnQf(_WQQvO4PV&&+#u0gHdx&3U<_}0A}FmMvTl3>ZWuhp1d^y4pUW2jKj;iLX)
zGj-}WlhIDZP7-v=B@ML5Y{K0JamrLgN4p3_>oFinQ&L;^SHauE%B;{#ti}7EPk-ip
zdoXes+huIOs*B4tuZE<@IpAN$uMywUYRNrLLn1JXg-QOkDj(Wp6dW567!X@tC^4L3
zb-L}T?9)948&oa??zDZYOu5m*FXbtjEDyZk`2nMLi~?S<&-OK2J$hZcX4Z)RbW3Zs
zzh!*gdGnK!n|F0+iJ=UDAp_(_nE)1qtT49Z8%?Xi&X@Qc_on>QW339M@RfRjZqYB(
zg%1YeO)<u*_Ca|ui1&$)k{l@t;QrhNgG6oqeG+|&q83WjZ61Bv%vMU^c`}_WouurI
z4ox4gZ?1pDh|^7ffST9z?`l-_5c#qNfwn_mz)eNi^6RKUl#RU8P+L)rKLhl^4SiQO
z;k{Vnpzy`DW~+pUMV9atyr=)FuTl>{xBV1gA&BPAPEP09Jq5YUlzNzvprUN1s-fyh
zUAgg}^N5+{axssflY5RT`~{@2NE^Qdja^!Wb@Vz1Xg8^1MA_0fo){xB4$ZLsL?Ja<
z;XmewdOJ1M8>ov9Ht(C7{||w8v)S-cVO@rc5RA=<fhVLAJ8YET#2AK#4OXi=z0MPw
zYrtyo4iHNMuS(hvY`=Hc!AjrogqylJS-fkLP#kw3spA^;0&QxPrHw-JgxO@<F)QB~
zldRBy@PHeol7C~mqkhiXs-J${(b@an<=j<+r31W2V20hdvUtopH%<*CB?zQP4XfJ^
z;8U3%<Qt5V;4R*>N{)?=#LwYv8^5i5es5^o$rK~~Js<vCkEdWM*ks8hPptXEp3peM
zA>kSj#9x6K<wMW$-cFyYi)bfmQf3u?;C}QIzAEQ_%Jn$pd1E7gQbc%!dI<yX&;y0?
z=S|c>eJ|MVO@ST=<Hx(iPA`o&)f=fQF0k~T&OhvEd_24N)RqsgFGzRQ7F2M9Ngbzb
z5Tp+4QqcUoi*0EOT`qp{#(1TEA>+pEA-rU*MBdoce%;-94!&ITdF9}Q%>E%*pWHn(
zmGXx(%unPQaF61}7#U<8Y9AVT@qlM4QFGDrbVxy}+EQTlyOmY3scl8OT$^_5Z#8QA
zQNVA+B^9ZYZlj^RrsQAtY|n`tXThZTZc<2WuBwAK35|O&Z{TDgGFz|W!!o=o^oH06
z)?9EWdU}EJORxjBWmTbi*R3B`h>m(mY<pFkl{9~L<*QqPY?ro#%vGV@D`8LhPpBbO
z5y3l>=<n6rBpEB)Fa~KO93&K8cF|M(r{N}F*MmntKaCC!bU*A76ol9SCKv@wu!P}y
zTnY{H#Y{UfDV<AdVJ-<ZJ<nm+>Sek9(ckG&JLqArx4HjSewyW@82EwskwT_LObRCT
zK|tfhZ#S`#xBcqN+sx0$4&7;uVhOAXPRu&V_D4^fpmz%8UzzUvPkpgp6hD0s6(Q)S
zHY9`7bvlfmkqa_z(rwQkU|3reviw`L?p58Imx`B)PzrP3{Ha<k<b#djS$A!#*W5p2
z>y3=RuK&bWU0P;_E);l3s_%Yb_`VxLAhKQjF^@3NMI~Ob7Nd!uXh!AlpYa4nDPrn^
zk4oe^GEb(I<x%#$|Kp+;r%)_u>o$%?bK-lC9QyCKO?g*$e{i^b6!Ciq%pT}8P=+g0
z{cq5w%!Alsw`}AmdSdZY8EvJ?U-SA$Vzz~K$8XHDPq9x=JBQrefw?OyiU)Bn1>V0G
zlukWka;=e0@Y<7U8fM>7viq=^ukI(gzM=5wFnRs)idPCC{S>u?w*_-eNgd7TE$y1$
zA%4+l2U@b~*Wu$y=x=OW747(|J@>M&UUf8shBB!13LwW^@dv|W3L%&4KsvNyl1kGw
z%S<XzN-!mhPrzQkpT8V09$jIq9saYW55YAZu6v-B_3HNBV`~Qi%%qCGG?YZH8|p?T
z36$8GcL10U3O#Z{1hRI);Z_G4Cd3bK$FoA71g*&h7kpEHXv`E>L)DX3H0abx6upSb
zR%7bEMkVo782D4MF0MCXszqz9?#L2<$j7MHXKznDqMfJi`4z)ch~`+c0jLOD4AEEk
zOAfJYZ;n%PXOV&9xqI&w7fzhP{&2mpIBcJ7xsa9`XnnJKK_KbOvNjQH5{4`}&alao
zIcI({*8@N5_}L_}bs~=><>f7Pf_*oW=^hp&^>K^z4&h&R3}g>Qns*&`XAA-T?&(x7
zh?;tBIu_&Do~~)u(okfUtvA8&mGDsUbPwFWSx5va#Rj$F(G25c?jD{$T)}w2b7cPu
z>^4M(r6YUB=F~^XD|z`*lr1es+sClX2j?6QSF_)q9`M-t{z~Z=G^}N^f(!pAaOqIA
zF$odudd+pYgAS;2>9JA%<Z;FQ2l36wtT*E67p<5l@&I1SJ2Rw0`4{LY3HlV<Wx)>y
zutld}ZzJ~58p}LAmWfeRxo23AHP-c((7|7=b=n+^p80kFfoueb;U7o1jBbSN(L}W;
zpZ-X2EbS-{ZMyrgFB)qVW_YShu%u;x4DeO}IL?2FjURYUU@HdmqWWX20cD6&6~I8<
zZXgK_na4!dy*84Cj{e<Nu&-A_EkM1fVO{7TYM)?=1eH-4vHuJ!6BGHbK~@X=Uc>}j
zR$u=3Nu1=Q8vcb@xCb0!Ta)MT=bvbvybGO_YNIdsgsMAH!<gO3^%&u4G4oo-jL)4s
z?UKB5Jz|wmRCxX_o8N`;@hnbpJ#*3M*pHFs_PMq1BV2)=w93GeLQZ<_=SNL{JpCFc
zfMwg-2m1eRKLSYC^FxV#2$;lPWj%k!K&p{CU90h#-5Zv=y@+q96BekDHk{tph_!cn
z*8W3SReW27fvsyIBi-o`znXM$DRsqW{R8bJ`}(^uL&!ArDi!-#`inNAYjdd<8h?HK
z*{xLk#npl_*HLOK)##TM&n>&#)u*W?udQwT?@AfxnY^bY*J+w?xD7^8?4TlUrxzx3
zK0|wiV&$wp5*qd3fyhYzUEU85lv$R&@V<lH`r0w2kE7k^$&IL$XV5rj6KoX80*w%f
zx=qkfveCSE$ZSbWY1^wSJx27DU4Cc1!?u)5Z^*v#IP33gu03%YL<Yc{!v+nEt)=WZ
z-EaWc;S8MG2U-UaPSbbr_LhA2%rpO!;r`>&RKLfo)0(?P=9Awi-kJBd12_TO!3PZ7
zzc{*Gtp*NYnxx%@mAbr|(tnY~zk4cv)DcuJb2xwYzPtK;v;L)z+E0SCE6$02`69eX
znnVjEQ4Gpd6DuQ=?h3hZ^5KYZ=HVh|wKMF#uD{o+P##;lv{&Y5Dzio3yYAJ$yA_vf
zJ9FqEWhz1-8Nt9z_HoMD=nlRmowQ=W4(suguB~nV`~{AtziOEFR{p_UJ2%%kuYGEO
z+<H^?>4qy|XkezGFxopO#joZ`f*!iJ`D9S?(oF6NDx!5<9|Y=Ng6q>IrIY1#(@uuF
z4`b&o@9oUJR9AX%lCl#nD<ys+*NX8J>R1asq(oYs2u;0JjlH)^pk5cx23aRjjcahm
z>us&5)6Jj9oLV-E_+XW1U!4@2q}HHTO8-Mh)zI65y}(p=V%ITH9P4kjTx2(SGwIwM
zEohhElFZ*)-0k4dOPTj&rdkU*!0se|kvK%H#jNaSpc9(&UYFx3Or;dFB{b6cIX-C4
zU=?;)XwE%<oA!3ZK^?vKLa)l#O%gxZX{%swFh|qN+EL(7B+bBUUD2A-03JoApd?L7
zMtNuHt6R!r>zqR^{+{aF&Nelvd2>a6-gdeniwvA}Oq!Ot^vuaWF8mxLf*iva*(I|?
zt1n8eSPXV)IP>%qMK3!>=hdS(vxaH!iNV@&H+LZr!oQz0nU+p5x&?<*cHC=ec~qXV
zU%Tkd_3;i>8c*F7N<PWfEmP_OnQFaDFLiTBv~zG7zKikaX3%GzW#G<-`@(Xx1Mgjp
zwy&(*==O4JQK3Lu7w)JaYz7ZtOt?N?fA&JW0INEEWKGsiP1`G}IIQ%&t@=X$>l~hg
z7eu~=ZW;#>EUcHgjABSuS#nV9sC-C?QJRDu{93A){;MLEIM=IeF>?|5bZb_75Yiy|
zm9$e!<NotPoS~I}P=Fll&D~0TzmD#~X<S_Ymy*lIW?QQcn|^=#IWo2I1@EoV*81tM
z4PC~LX*b;r6sP2~zK|u*^d^!t56fQbBuVkGAb%vkp~=AOm^%0j?<kbdv8LP(e!F2#
zB0JRWxFf<rw|8JCE8>L>P#K6;ve8NCP#mmR+JT!Yc|+aOs>k>YpJo~vFiE#CJx<yl
znp)?c93Cw)^SI~p?xuo_Q*wI#{JShGDJph46E>vr<b^q*5V993K1UqjprwDSA@6v2
zDWzsFN(D2eU#2!sO&`yqr^tk)XTSfTn~!%(+f#EAIpQ+iBG{DruR$0ep!s%eozk>c
zf7X!d12jVe!X%hFnvu7JIcW;lpVW8X^m_3}%gaMQc22zK-})yHpl&ANFt`1-LpC{2
zc?aPeY=h3If!K1`pszsqTfs_I-7Z&j_Sw%l5nC;Na@XXpsO6*0iT%;Lc_%>tUW~qY
zW99su<-kx92}!Vg93uNxSWPmlBFuZTGyG>>UhtQQB>#uI6_7l6iEVH&h?KSqy8X0A
zwSGpLsD^0jL31y^9g1!Kptk=)oO)cI%)pfqgp0f1J)z&p%XVBMa@vH2>>HAx+!{(o
zGaTSC7cu^eMN*hxYDZyu?~uOL!(WrlE`M4)huz^it|Y9-$%T8kc)^UO0<6WNND$N@
z8qa8YU>4V>w62OzbyHF{P<Zs{R^?0Vl**Sp5A^k23EL{Zufn>(IRwcpO(yOmexwPJ
zLSsE0*h=Zt-~mh0mOhq|fs2!Jt8?*?&_f?btg=ks9=*IX_8Y#Qy8k}#q42Nm?H9n5
z2GCE3Ljd@pQ1HQPp&JDsc8ME30(`C*B^TByoXi3vtGb21MaR9P@7R1DZ9?J4`)D<*
zJtouBf=#EPqk<7XF}MX}Bb3D7OVh7;3Q&_9bjg#W+H*_p-6m4VMgR73;kUytb=4DY
zzS(-N<SPl*Tj)h^ApkjQf;%Wkz{#EYG5QabkU-zQbborVq4G<sxq0@z@DC?X%pd(x
zk~MY{eemB=E+$RbhEct^j_aZ(qwAIWu&Ayk=fFyQA)_fyXRKahPhjuw8+qBgrfuJa
zeEyW-_EHOdiLeJwDCGgsEMrw6)Zlsn=1%<p)@u-FbfMwZnczEtX`pR~6|SN8%N3Oq
zwul5wKD9P~<uyB>BMe>$4lj+{Ea<iYba|o)wA$%0?v+txkzU^-b(J}5G!`~^GE}^_
zMMdM;qul47I`?yh3pmK>Qo*MG5V5G`Oi0U%U%2v%x&^<+DIKf)h2HRva`;{7v&zS6
zsTHq2EtpS=f0Nksh5S(81HoMfRv`=E5ruh1un`4+2TN2Wj%Xf$s0pjamm-0Z3Lnf^
z{-dcr{IoH*nEavT0aGpD+7(}6lebq~RF=_!CX=I_9@vQ8ccc~0=i0+47N%?EkU{3k
ztPShUNj%PVM0;0F!m_N_Uc*H_@hVO_wZ+(BFwU<StbQf_OCE|VA?OwCgVR}|MqfsL
zwH-KPRH-dg=+&C5vb8qdWiHewvF~8ZeTLgzp-I7eT0J$MbO{yLt_f#CtG<nF)GaGl
z94A$B!p?Ykw}XSdQ1;=-3)jx6oISc##<Sg;5cZK2v>NYc1jjK8DK&6($Mqv0>Rt?d
z&QsnVs=Py>x9v*#{-CYWM=4oU`V3{#podgb%9F(~#*+xxF!KjY-?Kk>b`hn=p9PMd
z`Vo|;?6YOl+igE5Kizbny!Z2UwS_?X4m)?2!js!M^d>L5)Fp?dmw62-V%6VsMtgkY
z_nYUWg%mGn?s9v%uy3p8ARtV<o#C?}I4l??U0h8Oh>jD~N@l)syynM~>I?4yo&j%C
z&1|X_|7lcf`L;>%=dN>cR=pyRUfVd80>mDuCr$N#8Bp(_#QrG_;)$|s`C;2YCQXxP
zjkUCmzIQn-_KE(y_8wkGd{)y}ZG^K4PkoZXHIV>IZG+98P%mtK)b*$bIL5S-H@;U^
zykxw-;V|ahW1(M^3=)<C>wf_`Ep6G3ZZfgZMHOz}Nw8#(_qOeI{P?Raf;pEjmUvCq
z$)n*xb(K!cg&R+Lx73vHI3Ji960|c-Xr00y7i`j}qbHX*MX&+X<k!F!X-@7dZB6Yu
zFne#8b4g6&uy)e^=WDl8MkE4cmeadbHXc>kKF*W36KoQqlVIK8<*ssqCme^RU_w-}
zvsJh2hR-F1abH*K$dq^IILWGS_%IosXs@M>AR2?m=LkMD0siO@Pqu`C${_4p13lXK
zcL}zPOqq$<xcPTCq_UDeV7v6hxleN6d=YP^s}F!#7Y6-FCedF|8#0#@xadmqR1tz*
ze}K}1+G2|9{64lGaHMqLW{j*;)S_juMu_mQV1{0guNn(v`kP^v?JEmSO?FgPSas;=
zE6J~3Go3lz3)vf8KmA5~{Z#|3L;M7MqXz{!qZEjrP*MQ1t?1R1goq6~iStFp;T!WK
zZ}^MOME$v*TV{8q_K0#+mizllOg*uIt-)VRCbc-wXLJx1HdkYQIk3WuB5ffBH;fbI
zK18fdUknT9cyD>kUp2yEZ}y43!`WrF08nLULbi_q3L{rL(RFiG0hcQxp>=1ZZ)28u
z_jo?%r?r5QMxXKd;G(i%9U}Z4Ck&4|!CCYwRJWJT7q6sL%9*Yg6TXM9=9{nC*E(z`
z+uNVAX(+>pk~(UED*~n6g4Cf%l%Bchx#26wrmy(H;WMZfg-6T7-ny39#w{j1F>9&V
zrGuJw+!*{qCsm3Xh*SvkGY5x=&YW^BS8w{-qYmPD^G}h?oW21qEl{6tFkS(I6nZg6
z#B6m64XU1_<9T~EDx1H83g|kc?oQ>Q+#9&P^O-K$=DaHgQwHTeWRFC0+n_<kuX=20
zQS<MntU*mu<*}s`XC^@f-1vZt(_cW)_>>-XJtB|zUq7HWNtVhuP3r1z*Zfxq0nDA}
z1aI=W$o^RlvS#^{Ma-inEY}mm3H!GA7sV2L^B+Pnj0&AWC;A<z`-rQy+V%wYx?#EE
z?iO1#6`)wYVfTlt$A_Z?yZw@Up3K{XUgc&lg|%SUre;s5-^fne9{}78Ot8^^qrb(5
zyZ?6f7`GcWHlb7-EiVID<cG1|T?cuY7lt3+Ur{(Hl8r~Wr?645esCvAmH?27`0E5L
zh&))?tR5SE$iC`%=oRhu)4o1Vq1&~$)gsm;Cf^Bv{SsHO_JK9ODnsf3GkL?csFtxx
zf)pEAaiBK+;*Qm{z{St-(xE)HOH13*@3ibOOtibXr)IZhk`SeexSKc)>~|yt101lc
zH)veMdcV1zrs%1P{gE7KUZGoUqH0>NIDD}3=L4@Zoph4YJ{7aS@3<<Y4lioZDmYp?
z^m!&+Yq)c~M-|sSDE7wg&D>TP9N*%8Wsy~Lm@4w*k1fCn(oXV@%F~&nt_%JtcMo!?
zuvtk@L2@dZew!vis@Dxm8Vw#ZG@2Fs0m8D#nuwVlmJW|kTAmbhfRY6u|Aq4VX!RzE
z0#&&04MxL8JZ$a&dAVKb6`W5W`*^9<LI2!~yb%?jN6YSR&5sSgy`JfCc`cX$Y9<uG
z>Ons_Ntn3SCl^+b)W8Dq<uWKR!*xwvD0u#w=~Udb3piB{WVP*abQc|tc>T!&a5TP_
z6Qs*7(<F{BKc67EVR7!j$JU5owqB3tOWog4Mruf9<=QKh*74f9?Xni8ClfOF?75DF
z_Z<UfIuY!l<^K>|H+*!rCI~5RvFOC68v)Po7T(z>=PaF1$j5uDDcsS{qC}NV-r8xA
zf8Oe)vM`Ml1ei8b7cG-kkIn1^J)<#7Hj=!fV^!Mi!=@&;1!}5Rb6b<lOticl)$5Mv
zAK83tRqECy;f9(LE*6Y|uZ^mpn<W2>oZO^}?53ok<jo3ED^4U)f)&JCnwqGcIXTnn
zpCxNm5xcPYptipHco(^@Z^ar=H9&7^4N=d)kDd;3ZI)1VMfo>g;5`{lcS>G0vN0)?
zNXd}yKNsF@4mW$~B<;FAIIA@;%H3h>^(LN7^BKWEqy=nm^v448&&5s@neT!<BRm6a
z^j0aIMsk?Kd&f=cgz`@DRH2UD&#!u#3jOw62Ez%=GXlZ4VlCTLQwk%GC-wM=7g^$D
zVV52+r|(`r;<V!$jk-6ViKyvyo!IbHRw`Bob026`N9n6PjhsMTa$_%zX|gQ95f09G
zhtD`|EIFV(5+3hiAbxW1RfH8Qg-#R$H|8J!U}wki`b;^3GelcS205)abZE)qIw_u~
z7yI<vRCPu9ly`e~>t|<Pg`sYc$M${h;`VO?ZoU^<j|46fA2HAXN!W~{PU@6lOEN7u
zdk<2fOc-S^7$3*APO_4BdE;Dm={@+0esA8JF~d?|<1$EemK2haobVg91uo<q<~O&3
zU>-92EGRAG8D@-p=+&8jns?S@!*=QAZXrK_4T$)GRUW^Dfm~fC^-i<JQmTIK;DyrB
z3KuoS*a{z#O&&a5jBY%n$Mr3_@Kxn}k&=2=_Qbv(d@xU`rAIY+1;aL=M=zgdq?VPm
z!%NjYmH4T!Ae+ni46Kc<)sOH$$7>H0YH0>$b$T9;k<suS@ZPVCSZxFNnjTyRXpcB@
zeSY^KlF7+4i?!+Nu#t2Qb{(#o+VL!n)|)TnzozK=vZA?hyyJ}sOuIv(e{tDJupH-^
z1hCMP`J8@ev)`_<s#f%KKbXvTf57)y&q^0ILm>udzpyW8BJN@N?oHvCVxk%}pP9h3
zEd8$PTWNmaaz0k$(X)EHOHoj7v5b7wrpH3d25YB#Wx>YR#8X!*`L_G(8UwfN^4z%Q
zg@R7iYO61?Wcgb+;pud5@i?6Aeb$z7`!VtfI*bbM9OCUk_j+e;1m}>sU<@VKJ`^T3
z&H++M6bTzL5|d!#H4|IBcl))#>5kvkXbym8<CpLjoO}G5R!eBl5<P!KAENfz>=?Zq
zdBc?bC&7Q%U-7PkLH)ASXunoaBFj@IcaQ&7sn`Y*X=84H+2>Cmr@f}_M+Qx+W%p&-
zpM8*tKuBmq2+E)dyxr(o-^ypMx8NhHv9V5sI@xaii3SwJhszx%c^0Kd6&8;FQj+UU
zdlNf({{B@d1o6T6dvXoPn8Hb6<Y@y=Hf-OH#39L(t8OFpqvel0S1<s5!e)H`^VjBB
zEZM(NOYO@nb-&L!UKMaGOa#0$y%JrY+*?SCqbj!=Kqvq=caW5P@F=HjlIS!(WwrNu
z?tPEf78@CH@f-a1R4I<hyr=3%2KbP9Y7}%g2><9$|B>b<u-9GqD)M&tQoBN`ud49T
zDW7};#meVSq`eC=uY}%^?r-eqkOzx*1*9RO<9sp+WT4Z?4)g|$?`JE2wp?$Kb`8`r
z1z(&qm?j~8=X{J>w+o_jWliQR231vbPfF~LOXIt;9hjtK!6w4KaVuYDo7d<eXgsMh
z@Kb~Jq3?}d!8qCc=*zqvRtU#$LfV^nbzq>zfGwN^{}IuW_@>z*j$lv>d%CpqOX_cM
zU(_$T-<tCoxN&*J#XzXpQRR-#OrA}{H!>6%oMK#0gLTq~sFctrqr6B~o7ln6BDk7o
z4WUzve4AAqY92nhaqJPuZVU;Vxk35mVSb|g$5uK}pHH)s?_TER*L3|VE7S|6ty+DN
zt?z1HckD_N)uwM+PvDG$n@S*<@Nc$*oo*MLP<5iQdF6{&RC4KekHHrg{kAse|F8`e
zA(>X%ez2F{u*cpWPl64oohH(YG{}K8CER87>}=QLZ=}r)H&P{)i`|ok>$wufMjMQG
zJ=t%>*ok1B>lGIv1`e_Ko{T>o;4vsGmaHmdx1TQT0Ofc7nTk#`sjLe6RM_>?x%5bI
z@QWe&i$gVD3U}YiKYXL4^FSCuyaQ-k$eWaeYH(SR41>t0AzUvKP$jaF-WJqho;BN|
zv+rQ*_~RqSt6|)CipO`hU=1q|Up~0a5f$Lcbl@or2{wg6I8G1$F**R`#j<0OCdx}h
zDR{Evut28)TH&b%K2$nYK5!nVo3wAvk@rkjK1k=>)$m3t_M7m+G-bNi$U(5lJ(#;6
zCUqgJW<mwhIlVRp<GsaSx)?8}0+T*W_x~*XP!Ofl_&`fvSz0*$Ae)qdhWuzEyzTr-
zt5_()4p!ryAb7DoyF445qj1S{5~)6Q^%lFd*%zut-af9#9q4^ryU+Jc&?_{&?L#?P
zodiz7=>g{acz*bcMKWNA84^tovp+Pd8XDm)D{0MpWE|F(erE5`Z}63zM1@YOktUD=
z$=BSdi{oT*fd$X4VGNl}7zIf+%S+IA#uVyx>I_V?Rm1%~vtWsO4!8_5XBQa!DxN;S
z%|;nN?gtYI&c?5yh4(J9c)Qc1=sKRm(-Re1hO*vAJEC9T`F!+l@wGt1O)oX_mu0x&
zFd$C$a*g0<Chexym=Vu{Y5pq166+;SZ?Dgmn3K?Ypp|{tLrO&}?B&k>h(UrQI2hDN
zOn~?2>QoNr7Qa!E<^ZiG5`k~pH-RQJ|NNQM@A-!ZF6m!h!zeo*y{!GSBtk;xUjG-!
ztr3Xmm6-Mqz+YH{OSpJ~()a}~GTBBPE?;8$<!nxG>i^iFX5K2E{QPZ6yw$^VrjtJo
zBG%V9=fU&6Anf8-f~c69N)xs+Y~PyMixHha)9?UiM0ZkSYVUU9csf3su`|}nd4Cjo
zzx&mNj2sr=xY+ce$!X4W*aC`nuVHJJu}sp(Rc{?ozwTRqsv}V2o`LDwY+Zl4x~*D#
z%5qfGK%y>H6>L5QK$g{jo*;3a@^7O<24g%l>^L2%-36$O>bRXbzKi3TFTSfshZZ>b
z7hT=f7ijj!r6VkW>qYA512MUk&--ydP5uKLROp=K=!cokg7$K+pD{8uf5wpJN*!<i
z+WtYTgE|0yYYEKY`tvTsdR2JeRvjiS;g84O>0npx1wZW(6Mxz1MH$piwBdrjwjC*N
z+Mc5w_e+O}6MUK~=YbtEA&(T~dv%aik4Z;K^K9u=0aEooIyZA%Z@&8GJ^1sJg*M#;
zv5CL+@rL$r@B;k>qcms?C1ggDA$5Wc%VF7XYoRk&^IoBU4(J+C6iO%b4Nm{E#W;XG
z1UinMOcto1>ADmK4L(+nR*G%vmb-|#G(x_%`*KrbX1^8revEf}hCy>??Ru3TE`{C5
z4I>#(^D++1jW3!0C8{0c#&{34_YHq?J#yty9O%_6^uK;E|G%<Gen}or*!stO%16dH
zToX#s+zs{pIoVxJ%4?Q=PM8(rB5$$}a0pm<)CX#xfv=nvn@hK;VN4Ju1%o80y~=Dy
zP^`y-KvD4#IP9Z6Y*jC{*zb*rdpN&KDG2F`F$^O?-k2!^hSCZeXq`%XTqY=jEozi>
z8?DSkBf-f`&Vwo+?J(^_KfZZ;P46|0Vjt7S4yw`vt}kf)YNzfd`JYYZ$@d8)1K6pY
zq=$eq=ps)}DZ*zVHl!-?d%NVtrZU0ED!wa2)!+qmVh&;L%>nIlz#8y_Pjm6JgpKfC
z?%t+8qv+#MBqc3UvV<+&*M$yjDp>T!78^efjIF%W|L)aa@)gmU*b<H^|FPfzA*PAF
zmvE6^<nU&{X=9`60a9m-KeMDNS@v(A`Ryl2g9{jvCGW@XmkSFfQ==Sne&sI|ywkXf
zy#|{4@yQqJ#snIZcyrK+!*soo{&8;bYVVHaljqhHRi5@rO0_LjfcyIw@Sh-VBV6N`
z0RzYnR80Zu8x<+AAXtuW8((|u*EW~RG%|Kbw;8{5Vc<!Hv-r;U-G3jh1YSUB1oLD)
zIjijGl_dr;11L%BY0{y!JTthBf){r3)s%R0cG>XM=i+RV`B{q-gg-OyYNVCKTNjpg
z@(zK2>_F_I%A&D){4zr(%w=oQ|8x#ou>PbXCy45^&$F0Pr#*B(w$@$ToB<le-rmrq
zn!fxq?~<tSA`;dbUlC$o=7M$Gptsz{mSbuQ4A{vaQ7ZGE#)tJ?zb6^_!Y_0^P3~Q&
z+0^b0q33?GqUI)X7XIgzA`!%l@pm-HgE~#^p}zD?AWB@+lo=&hmbtJEm_HKeQb)tK
zIPdYEpy`Y{8*bMR*dG4Hc<g-to~!A-=v~yyw5dWcy{M2&kLFfLk0(!Nxnz(+hBkFK
zHG15I3s(dx<0e{n#To>I@w1h(=0Y#q{ihCPf7qk;4GEi&x=9KI9C-H2f*u>=VW37|
z29|a}52U$q%#b*iF%{ch67h`Ygt}iIt?Uu3g81@c-`AUH?~1P|cn65=Xpa1Z-zFPi
z7e@$lo4AwU1((H`<=-MG6+6jW97sJBH(wC?)DpY$QKtD+Ra#EdMN5+|GIWY|lUy$b
z<dB>znVj;E0F=&5!^m5C(qp|(koz=M*!IO+pyb;|m#d%DXIonD+0h+kH(0dGJU{SM
z&)GA=zF!}(uE7l;z&U}pJQ)<0ZamJ3P|Zur?4RbBx(0>HUz>Yppzr@qSp%rk0{EaJ
zi2l+>n~hl^J>iMLd`PJqT}SOEE1z*G!+Tj~%ASQ&kFrIsl*OD+;mo>P{XRK3pLj`h
zYwr0JTDa#|98alH#gsa2DUevJ3gtX^K2Kvs78T@duXEIR_9<^5imK0jZYp|*F7l3L
zHe^Ny{e=y2Jb4!9CKO2RBc+f<iJJu<qCNc7>ucbMO5^m3u!7d%7MJkwYclWdXzDBV
zpL5GJ5%P{XhkPmkoL7f!t3T*0C27Y_;Doo1@XV0$0u<ih1Y4I(+ANoT>PBj2?W&_s
z|M}gS)-M%xv_b|{e_9IzE|q(fa0Mts!yLh~R%q&8mE`HMITUDp34=>*_PE1onLXfs
z7CBj6)%E-fo*cg@a)0jVC43W4_67r;VIxNB=tb8DCla^v4mHEiszcG6>)#f$b!P8H
z<>zyPoP;kKE248tGq%^XCh+~87esGs&^l?8dK@1AR{J&ru^qMy;2Ode9Vj`Qop1uv
zxw??)v=T_Ly<#SD`jR;Nc2$6l+wRSlTTn!w_+3KllH8pHM>vj+qZ4x|gp=?^8yWlv
zd%>F~N$Na;qX2)>^5fs-VryqT^sU~0*6z&ACyu@~WB2hC0q+ciz~Dvgu!?>HV@|*k
zK-}RQYaL0J=?bk(H#d=-a6B+QJz!dNxZ`QTsSd4e(sJ522a0ky|A0ys?7*b)<ieOH
zePm7i)iuVCGU)O;*OpCA3VgNpwc+zh>&wQw``zb8TVM7*5SBf9GUsIt?>o4%M$ivz
znnFR`ArA_3a+nRxnHi*di}YVEiug)XJXU(*t*6WIUGja0&`a*-5AUvQ)uyW=_@H<#
z{=Q(^oC=-DoWL+qy<u&d&IG)1zf#j^9%hH1&x}u3=;bun^5me^jr$u8{n#qk6NBnN
zPUUl|VSlbEaKxr+w9CVKy#>!kLQlh%U1%}Um9f%rPUE#aNd{rgCrIPt-a)nd@hXno
zhcJ$(@rY{)O14PgMyuHQ-6rsfcC8RHL}9(m6v$K=cyTR~TOB!V!OqE1&q81FpFRE$
zaaLlc-G^*pZLmn0pm4lCQ~g~gO?<Foy);!D>#+QF9OvsJf7Yt9!wWyhtBnEuqgBR%
z8T(d>vp&1w`b+ko4=+GK>3ao|32aGv--;T<?LgP(FE=qMH>Z$2STAd2r$7&*bOtW?
z;63SmY1eG(nNMDIvI(M-`QbWITKo7ilx`ZV@42#{HIzwfa9Lh>Dj3Iz1Jm7TIx4X>
zJeaxfck-u8JWm`Y>|~N+V}5iV?#p*bA=FOsta9o7$%D`G7b)=0=ssi$MwyCpi32?u
zaGg|*i?mJSOvOSHb4Uela!fx_5&YCE$*rj_O5})ktybAxLjUpL+?h(Db(u3{S;6*D
zVELksPv|My+Ttw*`gUPIP|AFoW}6zD?mWx0TYiy7+Vq#p(F5a2fLlNhiwEVt7AqR;
z66Sc^ZzIF$bTOti&uf0=(Vs#!qZzNHw_n_3?wss;S+*v8xgSBO6G)$fD`KD=fp{^y
zcF84+(K?1TG&KuUkMX>oSTC2bd@d$`@dyGmn5IFeQEFji$bljw_>9@YQ!BAEyl!5@
z(va&q;Fj%G_YJDA^5496bQEcGro=PGHHvxi@WJ>7#uRAx(8v0b$u$ebXju7jrQkwm
zSR?kiZM8FKM8@>XulDo)K6113Tj<heuqLA|9?ahoHg?<K0QiIsTb^hjR3VW13+FOo
z&9pL404v0pYb|bvCo1Gs&)h-yJVcc5d)Gq@S|mfRnNvz{(9mIYB54y3Sm`^$-Vliy
zoNx_vQ=&qzBgu-oP0yyj=Z`)4yjnWC{5W)F^Igk(au)r|kH4@FqF!JcK%url7aAnN
z9hgZLGcS?xx-}GPVvXOaZxd~p|0I<FU)8Xc?26QulKfkE=&h!CNXk7e?T4Nqc<*qa
zVyjF95}&yW@DfY2>RI|#)W#_X?E{!;o8CyvJHZ*^=VX^-3!moNucXK2B&7Te7HrZ0
ztKs8l{Sa&s<_Dt~6$6<vGlbpHk@m9U#baXR*yv{~t$Pp4-&G|UySt0fUFzk=T1z>F
z{AU2X2iEXgz;^_!xPR;iCR0;qv=z&Iu?2Uw%2W;Aa53tqbez=iboTz;;U7~Fd{OYL
z*NKzYF+6!S&Til#Y=m-AwWg%kvm%Ti8u!pR*zT)Vd#C>vpML-IYsTT(nusP#&wYR`
zVF@-Ru!g2U<&6{28Dk;R8!zjO8pyL-btu_N%lvhu@v}hI+4{F*XLWx1E3T@(FFn8W
z{Y3OB@A*JV9ysI3wE8p*<V2mc;|O5yNYf|^*96Y-7zcRepADhSRV_22yQ)cTd(wV)
zyi(6f;o1qrG2GpQTpjRA^#xL}pFpK}+~n60wqo7Fmm$vVkphnU-L-s|efFfK`;U=6
z{6x~lSv?MmpDEDbc?}16-$1K}d|X6cLXjq__dBH${_H-H-Rp8ScS+$d7}$+(mn4db
z13+G6qi(Cmb0W$S!q_IsruW^=`*7zqRZ847<YTf=M15h|{9boHC`w>)6^S6ZXlu9T
zU4vG6+nY7PItB=Qx3DueFa=xa`5)qFTjn4+E|1^)gZK9HugL#-$$K>Pga|HSEAe!^
zG^xPtL%3V`6jvklN8!<bSLF1QbCURixtZS2vq>C`XVnn<?A29XKbWc!sWL0EZN@H1
zKe$m*y#LGZ3(zVDMgLzu|6kZ13ZHB?YtRiWr>&4>AznC+dGd=8MWq8o@<V>o><TNS
zc!(?RPTIr(btM01lu$jtkcT8e1Dt3`De3o-^hg&ZKEh?xMA2d{)zo~rm*M?trc|sg
zdSH_87`7VGW-<c$F#X==S-;L2ot^iZuA0mL^(`v*Z!|!-D#k&K9WVs%v{?4%p2TNc
z-X^NT7AHZ?3$x1IKh*zY(z75AXS84Gs|1&uWGK{^y-{MD%c4#&zNu5yC9~BcrX+02
z?@?9A`mG?f3N`M9*Nw03KKogSo{hb|{gpK9Cm=QSxb8eNuoRxbO`K?cfj}JY>Ov_r
ztjZG{M|jRml~%JCx~0L7zj+uK__|m@`;Sh`#>+P@Yi-_m;X~6(IM;oNrcR=RIADv7
zFrLfF`b-VPB$AM=M$Z@54X13L1r#s(S>}D!&byKL38xi#lpdh%=N0+$?8~Uvs1mXW
zH4v8wNYcX=S-gFq9MvS5y{K&A#GoRlLY*Qq3cF>VFW>l@&vIC<gZemG2V#JQ^}-vX
z%>k#sd3xQ~MW2^(%ztMNrE^e`JqY4I$%csOBQ+*+1)Qp)(k~%YHz+hbG2CzqYRkxE
zk!1WNXYJ1F4tOT7nCwf@dEjxfKYOR>h4iC_yZW32;%eX`OIU#mc99NUL!uhN2aaP<
z0d*r|BXP0dM?N!CD$K$WSJ}|<+4#qyX|M%UHDl`x@rgdkhf0+xpNBT`)S%=pvdqPT
zzGR*OqfN|Xd}~9)C(5;zJ!;<Rht%9cRssqRpB&NN@uQ|fR>n7;F6RU48>tu2w*ZXS
zfMczAGe})+r~5ntRgp5Y@Z}G&Ua|?|9^Xs$R1d%D3O|S{AVF9?kiJM0w85ZV6^sJ4
zx|P4#_^sC6Pk5nho0f77kJ;kaqgz#p544^RZ?5g9UhCa6EpW~8aaryH@B?_p_%gxx
z0o;l{_b@LEM$^&BG^yYE4xJ{62Y^FHed>*tvq~2qMYty}ynP+)JAC*}OrU&PdBwmw
zBaCZG*jEd=q*(1mc7ct$i$PVJ^SNlFHIj3v!CQm4$ihwOwcOGjxDz<lGI#Jj*PeOB
zV35QZrPdDd)m%WD1&UVIz-s?;9WeoSfVV9S+;VY@ri4~s=IWg}iBX;cYkIyO0`Ek-
z-6>to^^xnssix3oQN+Pz?O^wrn;U0ul1!=eX5jaM>Htm>$TSduQV@cnc5NuQ2Q{T8
zQ1r+z`!>~-aGCL07y5n6a_(!)DmK;dWZ9M$gWY{Ot#R{Th%eu9EqIps3=K*b2U3ck
zeiP*?Zp1Uc<`nSMR{4XBQB=&%l5o25ewzkQI(fMSYT|?{VW4WT_{10h-%BzkG1Q>n
z&vQ9(9e;VZN26`Wtwj;UNWm0F;Tme<hCuole3~81d``hJ0Lr(;MrH=qI?mR7dicQQ
z2W4F(qk%5NzWF=H998DJ5tsLGvy)k%Hjq|;Scn65qJ-Pj^EXIIHrn;<#(er~o<lH+
z5~}U<t<Kk}G$v_kZbc#`Mk~#JM0`L*t|upNE3pZfRqh6md#0asPFMQ@h@8|K%J};z
zFz5LAwYO$!`!ymO(oP#})6x@3ODpJs7XCd@M<3{Si;^M;Jp&QwhEZygO&??FD4L-j
z`q5#3?X)s?cNW5PH+JT+a2A+zv|6zh8K8gwClF7ug3}41dvS6hROxHfbk(E>tW~kF
z_HC`sXy?yQE|6DTQy(1buFU@6>YkGApHESl<=<`J3gX&RXn0>lFImF|<>SBvZ9+r^
z%15A|wC=Hfn*W$t4CO*|WMhtH(BX_5iN>!nx#DlHMXVcv*2I_K2(DwO;yS6@1p!2C
zV~V)1wpgaM^t5}DBI~Q$BXxcHRk4dRFbP`dqDk=d!XCq(w!^J^izhZTPDSMg0*dFA
zp0>7Y`IEIF#7VI)!T**3*Z-f+3S`soNpdy_UI?2KPgLL?fgM=BUIV8Sy7SG~-FsVt
zd>nC+ayFyaRD3%Vjk$;Jn(ql7q6T7Bfbt05zQB`DWqKxGbD~M}^x-NBz6k?qRCOaS
zH5~|V3{-MG^d=_!-Om>%ZB9#^IJAM}Pc$a>p~OicNV&<SA}dg-LhGFxd#Hdl`3>O5
z$%~#I#V6bxw1?}Aky;|>#{HQt$wer3ew>MwQDw+=n+nFGLxc58Roj2|?_V~?o;5c`
z3Ja?p_MG2gdum_r4&gPW|7lI|2|!vBRC<by!YIL!Eo?X3ih*d1*vzEgIMIvChLPN=
zLo~+>q^_F&ZtZuLFZ6dB*q?F_3j7<-D`ZP@!r4vBU~}0xL+mB$vORJtHP8%H58xsk
zQtFF^Vy^KuS+1XSGwf7^;v`~l_q4WEWA<&JVt)@!RM2U6THPNnP33oDlDv{$Gs5tf
ze)-xjbaM9khHg1jd_HB)<96$g6omVs4RJR`uN#*=n_4Oe>`DLK);9m>i?e7?EBns&
zB6HERDktppMdFbnst8^%SPlPBfifWB3!%W;f;KuOi6+BCv(>t749QNPMrd6Yl4Ya|
zXS-r?S~HmY@3^Wzb{|&6RtFZCO~2Ec1dS%iKQCcwF#Lx~anxVg>+KAHVw@wz`6)y8
zZHz}2bV{c$x{J7T$JAU7mLX-Mrg5&M^7du_Gx5$1!^$|Z&E*bTJwpMs96u)wQ~aMy
z!KIx<6}Ay2sX^H+eY=LIQ~Xcso$H8B$%@FVGe=DQ?`z*lI@u?3;iK3Bj;9{!kL;vv
z5%i-pA_ol@=Mb<3+kVPLS-;Nv?Q;F}sI22PwgR?e^H%A-?ML5iyR9_{wl*{XOggBb
zC@IcH_<ykX?$J=UZ{M)CD48OZ-Bd`~CZQrzmxNqW$$m4HJu#Iq7&Dbni3y=7bIC6I
z?6VzvO30qE88bpQ!weZ;W^=u#e$RT>?|$z0epbKdy`Se^?|Pp<TFYwj{hr_RJkDeD
zIgaCVVC0~K0Oi?*v4Co*u%{ckd6Zs?BD8uOqlV&l`Ba^3r4<}!aWW<P%g2NFKRu1(
z_zyl%gztANxA6uu?LN#7GBj#B^7<4{Y3=*iD3iK1H%*A|(BnOK$vbgQs3*Yg#-|4b
z(AOyV#;z^n9(ML!6tbZ8?0tJ5!uY9uDc-?8=cU7ui3s{1?Q(Qg8W|{TUV3C-j1+)Y
zc7vKY%vNPz)simn^Pf+X4!9nulb*mPShi>q3YVgE0c2h8oe6bMaD>hoQwmz}+ofQw
z%dNhsZElri?+Qy;Gm&G?Z;f|xUh_qNku0X%J<t1vybb4!55tvOvL(}5D0gr*;b>Lr
zPJ$z)VAr`c-NW5^t8&Hu-9J}d!#gjjopI1QD)FdG1dJ1}KZ^23OuR+XuLDSoTxict
z#envrnIb$@zJae`(Z<X@;|h&ArhD|hb^P%+W%>T_;!(r<c8Q#W-)aTWhz5|ATI~{d
zuN9^byqkmxHw%cjRC%V?3ufjR?0OQaq9SrJR>>nfTk7dmo&#HBZ6M_dvJh}9s=Yoy
z#*JEBb^3Q9((GAIXTtW%jD-E!?Mip;ir(Bdu(<i<#kQS?W{y5YhyyXMMu@M%AUOhi
zzf8;DJo`_@Rfe@PQy{4vw1WEfJ0ln)*Qr*|2lx7W_`SM)=El&iS>VfV5FM2bm_|SX
z1u-IhYz^0GbT9KlHN8C2YXA|QSy7Chtd)J#kdSOmCMhjng3S_}3x;QanQA42Iqp~3
zdw^vCFK<9RP%R<SXyPN+xgDPlG<^$b8^7@u_T~gya$xO+j#L^(kDi~Bf)2Ud>)Qdd
zEDti~Ag-1f=hzO}iJ;S;)f-&e{y3NK(8O~d_BvS0ZVx7aP*F`t(D9lRr5#ob4Np#{
zp<ROFj#!`CBfihmg<`r<GxdEm1bTn4a|dXayS9)-<z<U`0uuPYtb%iBBuTE?AWA?M
zrZ8kh`luA7C}F*KhG%gXzr4tX7`>f>3d8P##2Xu>_t2+9D5`thZw<5?bw7Y|mF_fF
z88)20ZGLfd@vGmX_}hW8$YX3t&P$MD1vS?IP$TW8?u_8zDTLkVD_vkG8Vwz|yW@$a
z{w#}>53i|yC)BU}X$bc$5*_`^>n~U_=r7?}#{=qTQ$TM5cKo`o1Y5p1u^DriiV`%*
zB3~M)&lh*bU%P2>C0pG~OuBWT_HDsitQ<yxz7v4?I~1TG>X=>&`4$wK{sYKC^1&e(
zGqS?u{Hc+`=toL3+@Znl{;?<~rlcmZys{uYe{pqXHmfm&`L_Se7-z-{<?Ni9V88YG
zv3%iAn``;!f8P;qo1)WD2Juhg_XURynsMvCsjjLPj=pI0|330r{uL-ADjUljO8kzv
zNsdI&fqE+n55?T#glC{pEJqrSq0&3(RZ5Ht&_NulV~smZwpwTma=&2#HWwO87jBgX
z#1Z)k9O7TdS>m0F(_y`x<uM2l5DeRo;6G|m;f1bExKKh7YN4A#3@2r_ph7F-Qz!#f
z*7=7SQfY3}wiTHz0||#79WzUw7)-tL)-}ZAc*TlxLFqeodHI`}zN}-nV`DE%76hSu
zS4cCx{p&J}kx9#t&DuanwW|sKoKUKplsC)<Ew`2Wg!--nWVf}m$sv@?y_Yl&h@=>a
zlICm+G(zG=#SkZRpG*7%G(5x-_$C8YI9Etj68(#T%5E66CVOiBHwr34cB{l-^ookX
zDYPOpgbvy_08PC1B%aR`eAdgPq^^ZAm+|?9XxO^DeEiI9I@YC*`iT>H#lhRso2h-S
zRM*?V8E3X4%+%_uKFk8)Y<<w+q~$_msz(`O=U`oeCQeA_nrB*9nwzd#e_Fh0aqE5`
zeK<*FUv-7F({)%vOu(4@7i6*NLLuugwgJAkRta;8Q?8>;UE)Jm4z`e@QYgs%T{-CZ
z){6|6XKI(qgZz743<Yw+RSs_3Qzvw}D030X)=U7ik`>_qXr^a^Uhm1$s!1dXw#fqr
zJa2xnD4kzCa4L6zCtRBJ4<fiUtYhSS+j@dbBF-}V-CN}7=Z)s0`DwL3u>p`NrFCJJ
zLWGW3(w^mFzjAjm{6nkZRM<`^%R7Jdhwtm}47sL20m5wjq`BWGG+#nH?8%PFSB?rs
z%j6-zG%`geGnK)`cVH`npbEyvzC@pC24!}E53u{`jnMr?1_mc#Z6FsnK=9pq3MSA-
zk01ZhU3_-$WhZXI?;pcQBBi8O@Nb@OtIg(u&~x~|d8AV3R&9$SSg(U`$5`G+1|rTN
zoJ^mS64(*|L)bZmb_G7OFh=XcD0)a|?Iqehq*XRBD&0q^EWTX8=lk{uN0XPkPPU~O
zPiRHr>QxXEdALH{0w)h0GU?w!CP}M`V|$VNQ&)71vhjTAFk^(EP5d6|$V}MBXsMDz
zM`9|*+s-KDAd71?IDfGLCC>ta9*v&-Magqyx{GCO{SQhW8-wZ7<JI^#_s^u(BRAz!
zmb1x_2ILdT{rY5d9Op8xxrTIlifcF0Dc2SYS<&R(U-REYPI1I+dTQEoRab{ogqTRc
z0s8i?5g%ZbN-P@?Bu}o0bV@pOM(14GNEdyst7+a#py#vB;9gFVua$!{y8r1@qq1}9
z%$QUve0Ygz2Ih)@wo=EYK<RYWb=|y46ETWcd|^IB<ccJ}*$PGIi@yuwh%I<<P0C;2
z#r7XOi9a@R-;*iKl`x)I;)nqI3z-3WUj}K6Q2>ZU;9=xjpnNc*ReJ9?L<vPq6GyV?
zs3{;(5z9RYwU*WInD*!nL{9&ePSr&x&h1#s>)?nKs_j{*S=>inwxlY{80u|F7GZ?0
zHF|dOLbg{1t4-d!_jp`G8zp|z5gx1G>t5R-A9wPgqs7qN^9$o@16WW=E($d3L@t4D
z9|0ptP-+tjwCac<NWlzx4gPuQo|7|ILYl?%`j(58i@xqlKK1;*q0<h5n;)f}d^gM{
z3O4VF5Oxd{e=dQ00<Z~}KfF<hV&9~of})FvskCI<cM<jLN!y--Jr3)E01B_~2nZAR
z1Hwc<d``dj7uCgEtIv(>KL`I<SDZw$C1qGgAyc4kwz6%I;%Fb+sDPhU1YUG1WieHw
z<>Pg|gNEHV<Hwy|KD<$qWOX)~jbVZ4IEq8S1k;gRzAl!nhwc%2`BPmuq}tj+?b?gx
zt>5^H5}6K9GtM-g3fb+PVmYz>9Ht05a=v3D>tDF&IwF8w4e)b<!4XnmGAGd63vDJH
zGfeN|fADjb#J2ksq7mvh?->vEO-)bvEr9`(|IlyCW?cSfz<g05BnudWdKIiFm`g?s
zt(8Grwr;?mOyC6E+9|B0A?~4(wlGiYpCca}-FCGV9r+lSs&@Lp8O1Iy7N9K{KukO#
z&{65+W?00ySYIl`FDGjpdJEafzBCb8%)Beq+2h5E{G@QiT}z<p;3JEdBB*XW<fRIj
z)hu)mf&v*+N8qb?`u_`Bom*h8eVSMiyZYS3-YED7+hS8M;pzdB;z$g|Y7P?JkR)E_
z!;ofp$zan5n{$^9*>Y6=5^yB$Us=@d2NdR!97&J;+F4#-`2-pt!~}zYaK{tI0|F1x
z8#c7W>?!SLU!Zn9(cOZ#=&d%rmuA&|Pczyv$DJlp``0%w!NMKM7JfJRj*C0`WD~l(
zc3{6@w?MIAsDuIL9%T=XbyC<TfRmIvG8P<j_-`I%+2zp%2iVskNei)mr`1b>9di7x
z;e24Z*Do&`FByC{VDATYPuC{8pkp(%AQo(l4e!yhrkaM0AAlGXVkvrY{!(Sn&!n97
zr6a?)?v!6^J=LRh_s``M=c7X}#8x}@<0d9RV)JMc9XSaD$dz*v0&YV0gG<`z2TyiA
zCEl#ABs3-}y{N0tZ1&tAQ!_d%`D}W}?gKZqjyuXCGr9j8w45e5u1i4RF5+&V)6=6D
zEKIW0pfO+m2j|XuMx0ZEf-FlDXB|0H&0hz_Gz%{+SE>2QJ(BzQ7Z1-eJQPR2NF*gO
zbs%MGhj1OP+?DC_EXQt6_fWs`$V4*U*EeU}ZZU>xy_iuE<1YJ>QS<sGh&TU&eJl9S
zl{o-Qhv?UevM&LLYvQdq?0G5fSzaziYY=`t<O2NyeXO*cxuYrY)%>}(K9TBqf<|0t
z>lQOV-pi||(Af}5++Y(PI+D<|o=c4hV5|G5&0jh-=ZL@h_>Aq3!Y_+~cb_opS>eBH
zNknFllGxMit(+9B0J^viD+{I52j&~O>fMVaCYKIVBldQn?(Nn;+B<!B#O`H~q_}Q@
zdDSsuMfkvRIe)pe)K<hqv94}0Q~|EYQRp-EopQXFb`u$PDbJ(3Y}L)xF#Qj~otFl9
zPfJ=x0N3*IVNL~ZVifk6nP?K8z|gBB^Hr-+aogtN8^83GaISY5mL{K`c(vz;%h2t*
zL(cu56moT=!J(sVfG=K)xYZR7-;F)Rz6#wW&4en+_C5%{EOpO|(qHm4-TC87<*xXV
z_>s?-_$#(tk$Th-yyaie=MF8Is#=QWK_axQmHR7-8-#P%2C~#CB&4Lp7Sh)1FI`g6
zhu%?k6ZW9<MIxk4*5c&iAigo)L|G^JnA4dhWFm04yr(u<#N81isr9uIj242dDr*m0
zyT6)W=Iqp^QvX~#+nh^24Uw8#V7LF2{doj{xBuQ}$s>ycAA1Yr#e_qK)j%t3V_n(j
z<H||T9U*b@Wq?+YS&>9J7<{de?A@rju|VZcn+_b;@CAoKZ{+UkpszI}1VMK&FoXyf
z!k*!|2nu;*Zl*planuGDYwT&u5Y0TKGkJXb%4LI#w_aL`uqYX`Bv4PTfpYhfs(qL4
zuGubN$Y+>$EAsrd<gMBGx?MBXzilfVb^wLA1=ONyGulD^G<KpOlpwClKdXC|5%x^;
zSq9nDLG3ZAv)TKez{<hHD^8Y%(iV6R$+i#tSB<y*TW?KAp1bExx9%X2tXYO-RBCCE
zEj$9TU&nwtqWsnNYv^>;H|g^~2JY1G9z*kLZ0I`(v(C;EKo~ahj$E|Vhzupt-=Yol
zdNAsgc~9lDUZ$31#lhCscw!cK?@DyMEO}u$HFmgF<OiVC1nwC_{ug5+aL+(?&gtkh
zpiHzbuVl&UaczvIDu$}zZ$6$*U+}oUa=*&I(1AqIQawq`S}6yV1(V?sx}u;bs`v_?
zG8V`Jxet44eDQ$tUpIxX0?LB>cQ8>&&M)tARsdzeXIu%cg)lq_keOEE<G*=G<4R==
zgJ&Q#0Ubv&2zsPPG*ZtCy(Suj?f+i9!y@`{%Yu{A>mQ!;muW2q@u3Gkoi0fa%0Z6f
zg5$%bh3xvXKN}fo=D7w1<t#3O@!NnW;J+WjEdoZFtFp|X;>jhz-V3e~_DEuji7JKs
zwB=1|u4se2p-BfD?FYxu%JH#3f<0%yKsbtjD|wjA6yv<FRkKH8ERtuMq|Xi}FIg0N
zi7&eS%z3(~GEA{P92)n$rZMYt+t4}B-nwpPiATeU`|lEzWBu0Rm?L_fE#?pAdfsNF
zN>q)d2TPTc%@%h-OWfVPba^m91PJnWA{0u2hh%+lKo?xs44eG(W0hz^;6QTuzND(t
z>9Rad;eM8gvtfT~ax#aBl<Hbx5Y2*8i_kY9im_y0gL{G6>K^Xb>c4rA@2YeP6g%e0
zF6ZW9U>3#xr3q9s@c(DQ#Ji<P;0<eZxZFaydT}B@=*<{jI8Bz_74dDkY1fREfbo^f
zZ*$ALXT6p(;<YxIQW|2{wSqiKYX_EmmJ!TSXb(UEKq#@ZR(KXy45~`VRIP>x!ZwK9
zNFqFC8|PuPLktGIXp@zO;{&2s*GP|JkHuTBOv&CAb2%qQLqUq+bzQ($;wO4{4X-gv
z0CxK~j|G%X-ZjxzeP$B2+l?Y&QPYDu^1vwXT16Z+z{TrXypkgqb^@PKD+k7Sb9b^2
zF~+kfgnei-3t`utp}7`M9wI#%|MTItNJd@Tn1O;}UKfN?1(+QDJ%ZwbYcK~0k--QK
zBxp;B#j1$G8SgH|FDrp-!}vhyZ9*}znTqF10?D54d5!Z!exv4wW2o$&5ppU1iEpqT
z6;$7V(q|apZhwz>MBJ~-$KDTZ%QK<U^Z*BVdPYRPXXR^s+aS*%<wdH7)Am|wZhljo
z!XwVgBtZB@Qd>aq+M>D-ZE3@a#<>&3tcS-+Y(#4&q_)C^+$%>VZshiyZI`f#X?h%W
zAhP0ffdvF2YmhmUVBlH<kzp8ZFgtUPkM(QY;Srpp$KLgxy;rn8Z+-t$r*JF&84^t4
zeMIEb@y`aKn}Zg&Yw(nNWX)7LQ!_;?_7Kk`=I%+YYhPlHgT&75^@?+^3Oq;R#>Z%0
zp`4V^sTpQ;*<fWU%Nqk$3Oww1u7W4v=cDamSz_$zAsDrO?it-TnQmBt#90+oNsVU1
znDS&IEmooUa<tyEfQaJJ^P_)Zs=#WAoP0nNZG*W8=~2kM*e|%!)fx6N@(Vu)x&Bgh
zdS}2XnoGNByw&$$U8^*l_E*Y#6&Z``{LUTN3|wOXMjnXpK9Iv!=L!`-?{&c-Ursvb
zO#qju?HAx+nKW4YHE00d2w36Bb>s-Hb`M*fLI!T8n`h$JhVjl3mc-TY&X<qx)f$S3
zrA$5DAHPkgHzre2`DdVQ&}@46>cUwMl{9Z=zh`jX_)H|WJ1}^VEhfz6S7qSpH*k&k
z=SaR)l#rgvoAg<PFb2VS^uajTZD4Sq_;vMXM0c|9v+WggG53~NR-_AA7;X=FKXD@2
zhuh&tE*xxCL`0D?L%JRoly(>xf#ermtW?y@Lour)OjP1vx>eors@*lOgmCAv|C=SZ
z3qh*l@)H@_Oe;v0wZlVNf^I(8Y9hwG7H`4GeDX6hGT%2KqpaMVSp4{oQita$pK3!~
zz#EyClM5hNd>o3dY9Y{VgG`?g!MsLnCqj}dZI8ya+Mu4Ts!C%F={aZzRel@WCHKfw
zoiOWs_>_J0<FwG3Lnni$0M)`Sf4UY>=utmGQ=UJ7XG!AI#V5*(%eXClhgZ@Ly+y_B
z(Ekx|dk0*IIFX6lhTV%^x<T)HT8-im^4)qRg4$6FUVosDp5M{}O*na{#>tv-JDXST
z2OW19ELW_lB8}{3>FsXsqRDs__<Ax&*LO2ZHZzuxygXYJc7u~yEkRFcAs?(2W82Y#
ziD7K7bhN@(r00e{C-su@;$+F_o`%=AB6sp_JGs-j0aeOUhZLy*NlxJI>ZhoZY+G=<
zFrIWI#j+kLfOMDU?ZG&29frbf`+T>fy}dJw1zSjJ+g~JEy?yl}?9NC00!U!}rnYJP
z{mUIwciZOvjVb3^yfG^H)JJYjxQTvW<Txo0Ra!O5UgIR_s<9t{qw>a*;HBje8mQp}
z>R=P{32vXR0@9vDM(Y^{5%xAKD7?-;{P9&Qv;AO?of7>FAKg$w`;}z|h#9nrPROUk
z(m|RG;As3tK2W_ohb>nOaZ)Z!AO+A!%ZuEhkKMORSYUkkF<rOu>xJd<O_~&WdcYlQ
z6%_XmB}ETu4a^L~=uZL|$mi1Qk#Sp~q=W-b@(60RZj<qq%sNtz_+3Nw11)g*@|Cx_
z%<lQ%yo_>K!L5;d<}$vuImRgL0OIs!Y=A6PrHKG#HOzShzJ1u=niGRPfgYhEAIjJE
z>ZnppL_1ZX3#%gmDlUoR(=+D&H%c!|zqItMZNC18_I?oC)~n(s62TV9f**N_ZmJK7
z`*aWi69p3J-ew2cs19Fkewy<4PtC<PV;7H_`<Hk=y<p9A_@$Ez@q8`tgML{bBx5{*
zLJ)+=EIqpc7g46)ruET%@I*Lr`TU0(n9})Fs^u?(+W?cAOFjs=GC*=@wL{zy6|iY<
zO}@ABoF+>OME2cJdyX3(s`WN?RwOZ}{L6!EZ{gf-1q5)?yh<1Iup<OQtssYp06dXg
z{t<VUX2F6FqsJ6)gL`6Gr#5fqenR!pQ2NJ0d;L;V_0NbyLa*a6Wp_TjJl@vJd5@Tg
zLx>@q34m{9Apl1wnv_G&7{*M!fy0BoFqrM=x?a=EQQ@QMC{LL!@q&ICmOcib9wI%o
zejwRe2@N>t8k}B?peO)NB^eqKAi^Z%Z~|d|rQ9`cDxfB4p|$4LuS%D9>^%^1vPQL0
zSBgPohE?Q#RbHSG3rqPhvwZRr-ydBIl(u?gbW=_FjKcjQvO#)zZK4&<p)uqA+@&Qi
zi*nM~VgP=j6v&bURLF8>qv`o?Qn+9L<`Jpg&(<l9nnQ_ulJ`F-{kE8T?+$f*@Xs=#
z;!*X{68+4(d-Wwl++40B&av%Tme2?@3fzTwB>M^{73YK-fi*j9gG_L8M8Fq|Mp2wL
z!lF?pYbC5}W8809FDBi7-ETg5{zjPGHm$kxCP0P&EXxyV?S36~sw%K7uJehfTE>?*
zElbkpmpu1sPal-{Fl8hHV!Az3bO3G{u$8)?%S7r^7MOp|Okg_CY_Ms=QvnVr2bS8B
zUfu2M*B?x|mf>w_UK*c*g9JyOXG!F(+Smp$3(c6aoMIxSw3<I>o=DHuJ;j#gekQVb
znYdrfNaS%Y4cYlvRnvsd9`XN<`O+w92@2&OxIXco0bl511<iFfuO8GDg#P9^&nRwq
zYPS&PSLXQ8fXDvr%EJmBN0~VoXolK!3&hy|>5yw<trqv&pvIffns=LS0qou3?UR_7
z3aWbTdlg@D02+RWJWOn<6@VVmU8$}SFYbC;i0MiX-nkV0!LU26dw+0|!8Vl%3573L
z__j;_kL5Kv0F<Zmqh%a8S;UEOaEPbKVH<)KlkaSsMJsnK#%8)%2+fIAzCezg^{sbH
zd1g)Cn`7t~5_&yw+f{J4uHtS++A={~$>Wo@Xj9`})Ga7=0x9U8EJsgB5I&mfm^;g4
ze0r|(BGxcR<I|4|3Fpq|uQ0_xS`;=c#^q0<b2P{iNP03FS?5;>UDL6{0BU88xrP>P
zw+_ORvqjXt{rW}qFPw|CyrgFSbKHq()yCb*w%lDNKqqCF_0-CvEggO}1)xQP#hOUE
zr5WuR<Fn;GBQ<%A2V~7-P8{7M>-0fR;12JR+C2dE@B*@iicCOAvM)>$@qpgbd?MJ4
z0&5J0Pjo%$tjOqc<)qy5^1Y{1G_wAoYVw*?_WH9puTkL+Y#8P;*r?6xcVV)|tWoy}
zxPI7*)IYtJl)?4muYSYBD>3;fx-#lUv@L-?js#I4<sz;DT&*WL+++AM@M4hW!MQl#
z3OdJ<E#szFmx`r->g<%0lfPmS<hEKn&}$n$_>uN0JGzo=o?cG$gvSy}X4t|jR3-p{
zK{;LR{vXNP8T#af83vJR8p>5cha<y{-<5do?Dg{g-ghUXg8#cxg8z9nf%@gLiLF+P
zoH%HW;m|r^P)9z9p1htY5sawckXkJFQ6kUvXuC<fD7Q`W1wCJZ|F--#ZsOW-xUL|#
zhseYBVIk(o;)}WmJ;a+kYTr>6b8x%J9{#&sVhxl#(wwh3S|n;Lv+FuV>}xG%O<CGv
z9iJD{gB(WlnM<B`RA~aLs)&-vvYP&ak^6YIgbdwfZ2~mJJ5I3AzEVU5Qw<BMFMbg_
z_<WJ+?lqLm%KNHJU_SiLV@ejGV7GJfx%_N(&Z|?X{cbit&!QU0uv}@$-kEUYYAf1B
zg^$f!8>a$N%*}5|y{?<T`k$maox!ECS<UH!;p%m<haBA3{4KOzf`bk48Try}_@*!K
zLgVr6PC};_OoGUd*^U`(J-S~kb&vEUE%8!?vtWuNBEEZ_e)+K>*^{R|?&jUPeaYuF
zme*)N%>jNe7zM$PF0bP%p&%0tdtEoLrD{dy?hoAlBOSt%oo-Etqubw*L#8I2UMl`T
z4zJkvRGZR;>o(#;fp6jH78v&EmQUvFde@NG__*eC$-j9%hFa3|6Z<^$cEH?s)=c+$
ze9lN+nXPR-C;ly21>5P)$~sl*o~fE(Uw(Gu*!$|@o_`(%_Uq?O=8jgFs2lPZamSA0
z!Gb*Y;XJfWP&@6oRdDk3EzxYfk1h8F)cm<y0JPA8D3_;+&<&UtoMH@o5+&}Qtl3w4
z#Qm(`DN1S@%1h*JUVxyJwOpjJuw30ljINnOhPhy1%;RwNdof0ea|8IP(Usye_sw36
zR$PB&>osz56{*`g+>dAQHfaH(ZPAJx_e%Y)ry9ztrpb$g#^uqDN!Q~~5BH26{A3aR
z@VqI{#||{869k)ijt<-84+Sy0Or^mKB_d^CuY`Fux2Lom|MjWsQ+5Sext>yn4_qcf
zxIvJr6s<i9s%={T=82hejGc7W;_LN~ESL%oR~q3xkX8A-3#IKHPyqaDNTHy$fRsbI
zQb8Y_C;%KcdJux@`drzmJBr8<{v+ZKIyvk~U9;Ses*|58mR}WTXGb>Qc=$KZy(-jm
zX*i>cy-$YAmqQ`%zzEQJpX#b%&eQ#p1j92(KPpeHaa~d$ESvadwR`fp|G8Ty_VQI%
zxo%?~W4s$D6S(cQTR5>mrvPv43FssWU1H0TZqJqBhRe#91MW%QlYeveR)wSrWy#=Q
z+JP>XmdHX4QD$msrF`0*lN!dXZGGqCw~ky!XyYbc<I1iiu(n`y`b(8PnFyc&AEM_c
z4Vn}~a?k)j5<~J9`xlVUs9fW(`s!C0uPAx*Sl#Fi^}Xj-K<_erjVk{TF_Dfa9;6wi
zvkx=;Tae*cUV3Lrnn$wuH(DxSnhsN0ESmpdJJi<L@j6Gz>5@O}*yG0UT`9Om?q(+S
zTPZ^w94AO^B{*cUOmX$5VCauL0AUot;fh92?j}RVCC&YJfWPPE^?jLonreFTLF4_?
z_Ko8u@urb4`s7T;Ez94Pt4Dc-yt3=pclKOII!@y7At2bYf{#=&Zw&z6WHIVeLnQBn
z<%`(n@k5N(CQ}%Ek9|$9^8WD4#i65JXYGo1#7^xxL2UfgM`9yEG>XU3Z;+!1LM2^~
zar<>OFfdN4*p-2Fgy7GVoOx-<0p(QmltJ-$dW=Q9wZNNe;V+zC-9p~Nf+BJ=GN7e~
z)8jx&KMmc`&fO=aR%+WtQ?y01+rrTJ_IJyp(h_cK1>pO_IT+ASkm5;o<?dd<t*bo!
z4h@?$oEn=1-*7YDE9AwEF@0C?ZKn}KunGAl@(7%}OP?XbEQHGGOAgRA3Qe#6IGtRF
z6&`fr&%?P$;7jc6$C`4nT{1?*JFd|)MEe{Wb`?vE`vnV3<KvrX85>B0!D8+itUc=?
zzOy_?HEc7TM$siq-e6pLqts%k+pA`#T+$|iN;ux|VVlB!QO?Q#64BJeO}yK<66(m(
zQ6`6Dc^X+-?v-Vk_t42g;tquL(bEl=$`eGH$jT`9>!)^DCF~a8dUpo~DB11Fkk}+X
zicG(1N>T+I1?v8U&>*AJBsN)x6D%R@o$a+kTA}ZMjU1G|_(fXn!Tj!J-p=Alg^A=5
zE_{{l&kZej2KXz16ZgGx)sz&(-4!$e2OOjOkdR>s{s3ShX|T^w$#LZ*d7|VK_O%KH
z#AZlDH!Mo8rWIlCxTGj}FV|GlD&G3sk$gX$t*D6n!jev5nX&EqYqxScxThKMA(UXx
z7SdYSPtPQp`uUza>D7RGHeUVvNbCOdZ6n`FnQpRMO+D7}Ts|q57!<)Y<b)pT=N=}F
z=`n&PMGO2Vmn6@9cUBqLSY1my8L}eN3QMR}k1VPl-D(mDD8T+->Bb*Xrjf5kWlY93
ziE&JR7eJt5(q|DAFmfN@Zelr21d)7Do_NlTGE)zV5fYjm&O)C*TmT7H<B!SIJv%#>
z6#WDIl|1yTx9(*ev<o#m;n<M4p~ckaB$mL3W|+6Zz~Ci;*78eq-AGjWAFMx0+mFCb
z`frO|ZgaS_>gutA`xo~6=f7~-a)I`^=g>Z~tP9Rh8|y+Kokn>s1Pp4SK+G*eAr5P|
zkb%~ncuIg{5g7G8gbS!Nhl|z1*_Rm{0L@nKrXs=vPkMY4#zrezlSQL<{Pk2%=%DPK
zDcPH$y9#L_$Bg91YM>oK7h_rVJqCf22Qct=##D<;ikHooeUioQMcYsx+L+A27w@&p
z%Z(<UyFPg(w78Au(I&SIY-2OW|Hoic7h7!TZ=PlQz|3ESqQJ&25I~hc0bAC_;DsuV
zqS7m7Ud-(%Est$~I{8fJbMKxuia#u{$68lY{c4<6fWx@oXy=(S!D~L|B5}aF;XBBX
zk{B&|(v(!djN!af(UE7#V~2{Zxm`rDT()_>eLKCuue^UDH$PS7!CI7ou-HD~gR$)v
z0%=7v_$<W4UqnHj3qYbk#lzzZ=!UL(GK_nat-$EdPZ!Ok<cU#_K0UR^zMy11#+=g~
z_rzVt#VYmHr!53|9`Us$(6hgJc}R_$7^J}i`~hoRgG`2IP5>v}69s>>w`<?JPpxf8
zqnGsR6b>NP1t90HjQJCIV8H+km+O`!NF4ukDXH2Er??>0@$ugCqz}2wm9m*mVhNeH
z&N9N)Um!Y~crtPHu7wCjV;x9Ff#y2|JpxKaGIZlBQ6Uf9<V_VesC&*6H!dIe`sjwj
zTZBX#ALvsA6W`te;=A2UBS>R{0Aou*RgA{Qaj|bSwnh-*;e)h(4Q<sT+Y91$=TdxK
zg|%Lj6>nWmZgR}|FHwfNwml`P5x|};jl@nYMOItVaV^Mgz$+y`3@l`X5u7J;tQOct
zR8H`Xyi^GdKToT?DA{)57{eVA*!iDdYJrjY?@djO88aE2X)?siGzIR4C09sUrbUcM
zPjHXO9tH&|q>;~nGO8)rX*TTp-Ky{!cO`<v!4H>{stbUl<SIGBd#ob+`Io`v+Sac)
zx}NPRNRD-nJC5V?PGucUO=nx^YL<n5%Q+WTEYanCBX&ihRosU=B>S#W0#3hT`e^(V
zU6m~cV@@;t$|-PRH!h%rV#~mX0y`GpXw(w&0xbS4;w1WAlVnMREf1F^3+{mzBb#vH
zxRN#Y{&ELSYOORGYHwJxfi+f?AS8aAjgPqV4a(?0Dr{paSvU??pzi#m!fgcOr1JfH
za^t_#>oWi306w-Z6I3(v6-fqHhl;z6c*s4;d4!lKg-hv(rJ=Q&I_P4P0|c=qWw?1^
zPe!nCW93||6fG_GgPNY~OvlT^ipzPG*^`OugIqyrPOPq$0qeFcI(5SI5yq051{Nx5
zLdQ3+{Mc}AUd?|IVpbZ5^8RYrAQI&7R^6(Qas+!`K;q}Wcoy(t7<>O(9ilXxEr+B>
z%}Spr0!L`@r<cVF>+--j;^g6EndKQwId2&0+&p4o)Ut@l#wQRv$!{{5Q4%DUv~S1A
z6t0cF1St<LT*yNcxcutrKZtxkwQ07ka30lDa3M&j(X==yqCDv`n!+z|?ePM&KSSXu
zzl-^{{7Xyhy=D^$FRH~@%4je+v56?)DGh_787r-%LA-CCgvFzY+8&{x5RuZ{rxfe0
zdO}4x3NPip3j!zkf1MO|AWE+!6QytyQ$X!pD6;Y<QvPIXGhmUWp?tP&QIJvQ`2#as
zo{XD4sz1n^x{D)Q&`E}l`ZwXjiF<K(P$b7m-`bQ(*j_ZTMYPO6-&a|1#1!ASA@V}k
zPTZ@k{WH5&DZ@xs_iA+6yX*_{AOHQQ{71f<F0}ygWj-V>yE@1LT7)n2pqKEDXFtMy
z2|B*?5a$FU4t+4ZxJTz!5O8??URUN3m|l6+$#w>kM$=bbdmHTj6x0p;nns{`D7m^@
zJ-A0U@2egiKU94|Gl_ZbxMt(gksx=S-nw;sQu&X^mB+s|U9Y?GDrNC=EArBYFGs-D
zCiG9=(=FJaH%eB^M}wvG_gg*>tp8{Jlg*!zGC=WO<eo+sQ(S2mSf_q)r3MR1-l;Z^
zANM?Wo3wL_1|N1X^Jr_^Y?(DLoUF0hjCltvgBlb^_n(-F;O<A~P($$%zIz-SD<fM{
zDIZEsgbOvwy^T4QGPeJNbI9Y-$e{w`<3`l?Zv#r=pCK2j+@~sLrXzFJJ?tu5ZAWOT
zU5@kOiqnW;NA9i)K-^UY6~jU>TJNEr)*Fc=+w=splCr2#rJJJLTkq16(d#$`3LEII
z9VEzrf)JV$w{H!{%G9(Z`N-wwNrgsVavRE0F!^@6ZSv67B8+EJMpms;{$T8ov{%Sg
zb18k-bPj^j<qdRT=o}KDYC{Fo6ObHbjiJ?SJ9fkvzGpa(R{ADt`u<^-X_AlZUHoDD
zjK&kAw@F)Mw{?J>0wKz+5ga6sT;QiKQ5=-N50nJ!*rOj)MaRnn^Xk>@Kl!vDiyPig
zn26lD^MnkP^AEqQ0rpUrABxO!mp(zzV@xkCK+1VwJe1U5vC}zMKGYyWNgufFaJqR{
zIIfi3{2C)csS#_5KbtntGp1At$l&}ajyxZaYKPxhX>DJ(zzx4HaG6`yH4myCATKJi
zjQ7w)RD8eEoWTTVA4I7<O_k+{*$d53cca1y#i}9LGnliVG-(vp2<)lf_`!aq*5UUn
z15E8cx9<q|73Kj$X=^;<grgk}5F0S}LN)Fz6vl*;O?1<z*M>6`TQ_8-g}X8Gl#%%A
z5_(IdMC0)&&&NE8{xN*d6yqeU!Wy68gPK5!*uLNiR+yoZl0J&|r)rP7m!Gux(miCo
z-zD;SOxoDC7f~m71Zp*d?Bmiy>|V?kx@nV_u_5Eh1{|-2bFKIC^d7uQ+fLB1@ztMY
ztMsQ8y>PO-kwpwb=@O&WI_}0?_jteNzx)HE#S&)=aVm%tZ_W~1I*c2TJ9H!%KJ}p9
z7JD2W-ZU^Sl+?^TD_VMUQ21EL^(aQNae#8>qa$P6lUy!6#bi}H``I-t&*e8@_*~~C
z5<LlfG3Jb&5flO*Ub<S-XQ_9oB8J-7a6<WAb1lI`P7=7p34(1`t{xI-_J_YGI^!V)
zK=VslqJGugLm!WrG?u#V>FynGf2D_{eYfzTm9SJ}S-|8JJ13k08tOeM@F#5J5AOcb
zQc%>IxYyVCq7pw*{e!8u)3UVAPs+S_^v7pLzIS5AdQ6pr>CJ$$Jr`~Ovy=eJHo|q!
zec}L5^-i81mtQOg+qMB;Xr#~An`A(j?M0Vbj3<*0-l?{_`QoFe@#)8363X)*9`qhR
z-96>%6B5cK07eA1aQmby4fp}uLAx7Pihb^5X)pE=MvYMrqG94aH%;xa!l+6`y}5_F
z7dW?^ZLeJ2bE)On8`4$2^9{9x|NX*?31Zy@F?R)GB8MRGfH+L1`ZplLiF~#2@j0dt
zv_ch(o-`~q#_by>btVW@dObvzjKs&B9=7-ne*>n@eJ%jSmXD*c4MeeOb<k7_=VT&W
zYQ!3AkAaa8Qi7<R^U{0zS4Da!8AqQ?8$=!OPFr`3KQ8w&1SD=OJ`Y{nSOR4r^?rcd
z+q9`NECGxue7bZmWAwA9qQNbvYl)f)mt!9Yo;=+q@`Egb+r(`kKweOf*jEaiDB&Mi
zoiPq!M`>P_y<UkBrr*6^ER$Yk5%WbY`rh>n4y}5Fd$Coc!N@2(VvO9LvVsD1ODJX}
zSTLwNsXwo~pX~-pVx&N~F%Gm?MU0SlL*l(nbTr<qZ#5{+iaY4z>-`?4pb@2|Z+Egt
zkk3Wq4Yg~S_{*QW2cBS1tH!<o@zPTpiPBh5<`wCjH7_kqXpXNH2h|`sBP~CApXFbO
zGL)>2`a@CsAWy@3P}&BPX$2OLkI@FGt5V|xdC!m9Q-%FU%i?F9`)JCk<+~5;c%(L}
z?V7BM{PGF+d%Lq=i6A~bn~i#-So)pGn{=~J#Ne9sEY1}2`GT8BA{3g^j)SI6CEn%&
zJWlEqVOPB;L$S^;{+cmmzAf!zPyY4kEz<GNyO_^xB!V8O-eqKK7kkOxu3XxO9YoNt
zq6CcnDLJ@d7$x&r>FqA5f=DIZV<R?h+hiAFOmux&-aOmx^M3B)ea>8Z4w5%y9`+$<
z+XUe$DL#6V|0hD)o7?r6G%%K*LgLr;D4C1sh3vEO3n1>_VF&rM?Ag}gpuDad<L;Pk
z;-%cvo<#!eyrL&|Z*~0S*QJ9Y#<_CdJZE|r$V^#Q(Y&}+V#&wx?&~vlodXV4!83R+
zh{Nf61OZ5k%g>sGg(6C{hOoyxkq4?RRq;B(Oo^O4-4?Iw*0*07c**V&Xy0$LYj0f!
zQ{{5#VcxGuy2TQtQB08}7dCHjzYw=ySB=OtFA~k=s@K+)tf+xgJ}fbbYVc_rYi;im
zVXA`KpNT3YA6uSkuV?&;zSQLZsn^@7G%odH(XkE*5jmqu-h+}(yMCg6cPDa;oDZ~p
z$}+<;$AfW491|(BY5n?(OH<$IKxwzKg&vbZnD+P}<`O3f1PgGU_4^*e?rY-m;kdHT
zE0Uh^{s1Pn32lYT`shkuJx!{9nK`>ef?tKY>Ag&^Z%&Xp1-An#Zy{YMj#|6OkWQC-
zB32f$TdBMLp0tH_B=ubGMC-$e)$R9)MPSy74~0zgXSl$3LMVMkdQ_H1Nx88~Ca5F)
zWL2lcA4M6_VJvga8zBOBcPSm;fR*bzRfQL18w5paP8(a>XzxDqqPy_=jikTsMYo(!
zae@Z5Ow2H!?F-~T>Wu9CEBoy8E@M!$LeS)nz<D+~{UBxhqX(uTh<&=-AycM1gydAX
zXQK&CTGHo=8COz2=y^A-`>EOdwXdRc;wX=hn95GQAXoPO5$1lV97a>68#7;W-rjkj
zx(^iZs5|>o=9l>9Eva8%B5vh;H|nL@Z#ll%ZFr;YkLmMG+$E>vVTR?eIQa>j2P4do
zxDH%F-SEi{@-Q9HwUzd1Uy$#xcy}!jx4ZNjCw@~Q0@T!#7;ys9Y7A73RPr^-ORu!{
z)i!pcHMDHG`KQ0&@C-g-c@y$bbLi;*j>%pN&LfUmGUFvk3U>2vNbP`>w}2%I#v5co
z!;GY>49gaLI9C`tOy3y1=($I$ZXl5@eRM$8S3dcu)|wW*rBL=-vqak6=C#^yQ_I)X
zLckSS=Ma_<?s!OMrWGkLTSoKEy6{(|AL-Q99&Pu*z2vwHgFec|$F{{*ZOe1{y>lt}
z<5$D|NhpY31-L0tO?y1`7|u)K*uy#L@6t5=dh8Tva!=Y;p76YQp{VKkAIawm;Q$hl
z1Yb9W4oOX-1wZ>12(vAq3*X(D2=_3U_SGcQeWexA!$&R&FTIF&zIx;PBO4?yVj_8v
zAdH&`mloqB)ylgUx^48&G=j<X9v@G=9Q&Kc$%Ee`MHY4tJvQ;_Vzl*cl^>6`(>)`=
z4LFDGMsCMS{}=!a9o&5+_6_`{sFfRo4?gK!jaNpc>gmvY<X-LBo)o`5#y~Ac@#Cn!
zwr_sYZ@Ngk<y$H$J(8v`(*n*tnjX^FajnlH5ZTL>Tp&)obl3@10PQI+|FC*DgViwm
z9-6Obs#0=3Irn*$8m<~E-oIV?w)&)DW-u{6H-98TMs%B>BDDZI0>;OxPr8D{25vq9
z^p*ZZFL3v=4|bQ51u!xMmc_sV*>=vRFCo%*s#U#R_<-?Fp<LIsx|=UsYG?lo`~ZC*
zY#?xai~vRvWWduCy-VpM2Bnn%#;&^b4Ren1*uO6?FR@2T-RkiYP1^QL(U)lwpW_7~
z#OU3j(OujU&yB^T2{`}wod1gLY^835+nVLck0T<v`wqL@=G8a9j$Tll?D{=>CZa_H
zo%yyHwatCl{xb?LV#F}kr@OX#sRYBj=nYn_c{U@4X@5THT-p^7z4T(jXu0aaX_@~}
zRJ$Ne)B3fg&1W%SO?j8csRKAXd|&ki#;((@`qoFnsJ>-?K5F4BQBkXhMc0dL$RG~^
z`>speoHEbLl`*CuLl6RNwMiIkmV5A9Py6MFs~|)ojra7(>HpC^sx3<5)ebl#J7D^o
z_CeG%(&s_H*4H@Fa?rMpj~=^HKji)-X0p#P(=h;`+zvp^*k&-CY~enVqtc(#zd2!L
zGhagwnSedU%6I^fQvMq|po*ot+tb#sGTcpeJ-ats)s*6wi-3+U(W+coE>J7=)rS9*
z2VDZQ8&b5~`0{-h3&%a~*_|6UsN5Yr9r{!_>{g{g{W(*8N!=syg4OA~Ulx)U`Vz?b
z;pgsLlFnCo;fM&ZAE~^D^GhU{1KLb#a@{|VE%>LOx3mC;=^dv)p^YL%v~Xg~?D{~-
zJA{o@yl37~ir13NzOOM9skny%R~4PFn7{V#z*JH2&|%dE1V5Bu+ON#kXGkrc8hO3=
z-dc6xx%#F0hc}fkv>2Q|Qrq{w>h5~f(I--8)$f@WwmxmAuYS+8;4i_nvdqAa9OFuH
z2XUe<jD%+z1>#n7v9|gi-R=o~-6Nqd_NMVGj}><zw5BX;MR4^eK+7K3yvSO~*-GNC
z%`0d95tNj(xp_PRe|}U@HKkrENd1t_?Q0IwFn+h3W9?T)zDq2=JKo*@-L7*DTSX9o
z9JzePzYJgRDsYK0zYL%Dhj?QaFnk|x9@u^LUUVm4{v<OKT%>F4UoKw9q^gjo!!H-_
zdH?%f722kYci2$Kw#qdbi~3Ug_I=*WfkBOHeg2mRmxH($l`?n!HJk0xWg7@T%?8K*
z_!i(A;jM#9V9xaV;trUmKr1NblQk_1ny=tDp5-?;Z#WQ|A{~5wdq<y6Lv0nO`>@P{
zE@SKkr5t{_{j&xBD3#2wI6(3xg#U*RfI5hdwfTn+V38;K#(&cXsNZ!yW^6=fWd&;<
zL;;ZwXs+Ya<$*>hok=-RLolp030ERtQCaT!!S5mOt9DT5%a!%mIQtw=`_r=cMg>`+
zG{Mtr4QT!_W>mqEY5%I#QK+C1PX7b>D~Kgz+d>h)f>^b&i$%y`5X6S?)Y*i*h`Ouq
z5C8qO{hSg(oo=bfj!LbxAjXoH4?CaM;59L`2psvg-um0?UIC-t>iMz10uyW&imLi6
zFlqG_`i$EQOa!)V@en+Dre1`ZzTZHrMgMb4>RKr_&~};M*~;ixrb$p$fUmA2CkyzC
zuW<kHBh=CDO^JiQ{D}9ZZYAwin|=h}_3iPC!!v}W<s9-Z;>2svDgq*$7P8=jG32iZ
zXM~e-uA_f5!r{@$uo4l=WXM={_uasG+^$JX?_4*}t+GXZA})+-mG}mTsn?M6XPU7G
zfY=DJW$1)w4>;G!O~`%YlO`2Wb8<1<w$xL14(#08C+Xz#Sn<=pvb=&!h2$!#6ry3n
z$HBvYAkg=%lcK5b$wu**yIWii-S-&37wKazW#IcBYl>?NeKpZ1rD0+{kJ6hVhav&3
z@UNg?5*2>dyWm$);KluxJUzD=6!1u!DeVG5L3B<hMh)mbxnC&L>_$5AY3(nRNvh9S
zj<bm}oe<dZ;dI-~cFW#DcnPsF!f-epdNlF6KQLiX`38)QO{32MD#NuF-6N&lKk?FN
ztsDIX{=vy#x@^jlslnOSWtZ};KmHZ_sBSy+{h3-#l`9(Xnw*s$@=IgI1|$8mo?|2J
zSybZh3)=s=1poiL1jlj$S~NOt_)7JZvO!)adiU}A4`)3RiwDNTI}yKqf#3d~B`GL9
z1_brwKMAVB|1GF1a2mj5x2OIigidO4kR7Q06+(;T=x5lEY=+Q(yp$~mAvBvD=Kz_5
z-)*GBHc?Sc$R}ft`wJB%)A$#?^EOe@EmJ4!04n-Syf*56D$7h{p<l)SOP(`nBp7tw
zxKL_RbJ{B2Epq&I%{fWHDJJZ}Ig=yLszy~K^3l{4%Wv$zd5%c^u{>bxx^gpS=V+Gq
zi@QaI2X3`V8Su_!AInv<svLUeGZ-6NTDssF-q4dGeOYbF_6O*0@_F}f2*LqCzSA{Q
z2mY(xE04mtP5xEyrAY|peZ5)l6?R7W{>%2b+b7fZCG%;lklANem_C2=y!Zc`CvI~?
zVmxO972ijltP$~0zejW#{O&W*@GX1EVwXb};_EUz67dn$fFr?KFs?9c7l=V|4O&j8
zINIE!{_!Bq_t24_m1XIFq1}nqO}Az4flOICoAa396eQqKF;a>md;k>=oy(K7y^>Ri
zAVsga06Tc#>YPGt)zj}xhaS6{d>YxS9G3NMhWR!ksV0uQGL46PW)^1t=D7&`Pel^Q
zGRqG705+@5XX^oI8<aWRq9AE_=+Z(MArl84PF|o3+(P&&EdDrihp_qZ^w-qUSMRLt
z@2n>$(6aW`-MV3CetLN6{UBW@e4>0of=*z9$%r6XfoLFttTsKyS_*OPZ=PrGrdmmd
z&V0c#Ek^p5Kk2SEg4i43irA3HtvmGn&9i>AHsSr#>C>h1au$|BwXS(pb3%2u>~7ef
z9`<_Q3!Xh``s>-@n-I&B#s=aDoE|y62XW=sqlv>42O6+*=40RP59|KKh;l-(!rU(S
z2!S3BS+d|<A!C`$IRrz!`V;FS?-|qaFC&4;mb~LNfzJu~)HCN2N)l8(tNcg2+Be<_
z;@sORs)mtEx^9~gEVdK(6TD-&1{lv}6Muv_?k4#O=zc;l;q0T*B3$r^PrTdQH~iUu
zE-7=ncv^(luIDd?#D88ZaCo0>9i{x)s6TF?>&+~d6fL<^M8DZAGI>K8x2+Ak8(UB0
z2gi)3bwPS;MGhV$g5;umSK-i`al7F6+umj_IeXQZDuyiCY5hM5*0CtZi0k*wo&Bq(
z14n98ly-_V>-R>+lavwQ;itI29`1%)KtO-$C~j6K^Nqdi{ka4lZp%sD@<M(w-F}Q$
zId;jQ9yO#zK`byfXDIXGLUG_%DY8Xpv8e!1*KWs`ocDRfS;#BTnz|c2KlmYQV^Jn{
zILPQev#LC}Y?S!_8R5z;*o&UgrzdBo56>m$6Eem;&62!y72gaTt$Dp?+%D+pIJBL1
zP<HFR`uAs|l#M={$Bi$&nfKm!^6`MBh}acPTelK6OcUw_>;m$f6i|c-w&?`DfZ58H
z@zXQyB~o1jP)zjB6NJh*{|Ay~rZw;##9yLP+{&C`ALfd1TY;#=w9RhdfvBkHc5mr4
zTPrFX&y1_z6qU^RPf@1MG`V)t;uv$}J~va3K)SEu&9r27C4!6<nEK8UCbA1WaO_z7
zt`@@Pk<nnBa3C|`p|~;xMWRR?3lekS#BjxRYEL+QIaPm66>XkacD!T6{p-HYzQxml
z$g(tpEuq)$-I#Q(jX>5d!yl73RnYJx%ZI!77hS3&Pyt3x4>$%u2_?YY9?l$R4cns3
zzD%$N_iXYza^C*U^8>tSDhR|p-xD_+p3A(Z_Pvd>wqIONE?fFwye0JBwFi^VWf7*}
z@&Btd9QNO6IMulaXE>Qhrk9*?)$6HT$#vElz|{gm*Dsr~&u5KMw)-!I@a=D&AsqcR
z+LGnS-B)!ubCwJ=LODxk+X2(D%T<+vw(^@AA<N}-xtzR(rLC@OI?LnY-2>)gB3Cqn
zew4Cdhau%($DfP<y*My%_+aFCyn$&SATJKM$9yVypHLH5wyKj4tGP?2&vXrUai5X7
zmZb=;Q9=5T|AAN?{;v?LWVRSE!@1CI`bx`L)2F9!TR3>jZ%eoOlw7$ZeNM~r&zhoZ
z2j1q~dL?<{(Bw<~V19j(cXv!YI#<)CylKR**{1_<#AWFlbjz&+zFVuLe@A*7uvp5H
z#T;iGE%yH~hY-L@&xwbnsE>}>+d=m`t@EAzl$NzioQl<jjD?J3V;w^E-LIrkawQy|
zTzM<cNaI}5;~rcAG|`W74az_>A)X*82Uco(InkU*6ceU(W<@75*<oR&>R`6CI42G(
z2B|uf_MgIqakupN8jAt0CnYw*eMfT@E<nmrAahiF=|lELv#rM0)fFd}xW8$f`}e!L
za=-qt*P*gs0}uYNztnhUMFpj*gK$6B+=vSpOI2zeO$3BK0_ziS=mLTw3a&7`0ZxAr
zKz8T0aa+n+yh(4@lP`6t`UQ-=7)0vBt#X_yl9TV8i_|8^d4f0m*3xv0Sqf}bMn;Wq
zwkLcKds~i2Lf5q2xC0v76BH4~U8%ZcjjzxkUo#j`ASb;c_eaeA%xnLW_ao{*eT!1(
zMeYo$4|d>(dMhzGrZSHhstY-EVoT!cKo;PUpbO?@BN1<W0s<&3qeT@7RwwPCi|+S+
zP|o1m1yJ+`V9@x=*@rfj$rHy;mMPPKsX-jl8J+pMtQing+_~UVxp52}gWT7jE4LQh
z$JseZnMd@&&3DuXuI6W@vcWrIv#p44yaHS)EJGFL5mwv$0cYKbZYpxvl7frWn9nn_
z0$DOC+Z(mGlhey9jm+3lJFT^Mq?2ERKj&{e*DbVQk9Kl%k(TM+4(6zf_u=%e<Sk%5
z!rXl*=mPsNSYqotCSd`;;EDSfP|@|~`<>-A*LOo5SAT0EgTb4p>{5|jdk5R{u6N2N
zKoa&02k3>lrv~#&O&lr2hrV9d*V*k!?OiaE>Akz;aeudVwY8%Kpg2$$&CA_u3h5Im
zy!3FkjI=)qSA;0c<JM2l=(<K1w~r<JJ8BFLCSr%+CEf&<JhxN#IAc6zs*R+a!jcrg
zO)k>7hDTN#4clYRs!Wpbx#oU$U8b7SEy)Ey-0Xkr1AcEO3&5p&Y{MOnWVvJ8&-xW+
zjq1xslz^Jz!T$4RvOl&MF<<b=y~w${HEcX}aj<89@a@v2uS;{ytAQ5f3gz$5z<ygI
zKA=6B<`8nCCUEdZH&+7UHR@MFel4pmrgPH7L}{GwzAsJ^?t0d~2VYxk*M-zXI9{1u
z&eMtFZ6X#GGyoz&&q14vLQoNXwk!+7b?%s&38%?_`h;52E^&U%inRomnxL}{9J@UG
z2$>!N>2derwP}c9_z(c_Z?5<d)Z2!q7Q3_y6X$<yUVsGk-j49X%%J5wOcZY;^4B|d
z%nwv%;5XlKCF?fVxpayUPCN9e9JM5qd+QY|#Nf9iplWVY_E&tgHwuFt;wl2nYxcF_
zeorR!es3N2tKcB=5~l;#3;&Oj`;Y9v|D2K=bbtS&3@g!{cZznlXVA3wCv=@OFhG)f
zF5wpaN17YpkTvJo!NbF|HSe04LUBw<lDmlb-H7Vze*)&juOHt(KgRPf{Y$N?4r?G8
z<;z7KaFj?kI-u~^sw`cxjVp@-#RB~7qbp+eP|Czez<U;x?r}WeF2O2A1*l;fPtXpL
zCTthEL@N}urGXHpom#MS%)vuiI&s?8)AMugRH<$8LDG`=m+Yx+&i8MCzQ|I)pZ{hC
z@IQg+|MUNUV|8h-7249^Q=f+M{5dVtVm;Y4Ei<JP4XHWmg<A|NG$0Vj?YPDH^u3mo
zWorg0GBR5t)9tMcM6*!u=lusNgKI{eQclGAM#fF<i*elXf3f%8QBAGgx_A%}l@bw=
zCPW1UK}D3Jf<#oBh=>YEjZ#F6fPfS!34-({MGz1o(nLx`dJVmbNbf=d(n}%`0x8~?
zeaAiHobR0R8{fD0zIUA88U6v9j3lhA^{)BO`OIfNkM`~h;^A`nY|Hw*6lSU-qZd&$
z3q(hpHHbET3<=t0+<<&=2{t*mOU$5+=6wB&$&*Lr7T#qnub?Z~It1h~jGe*vs6r%<
zaOzG|VupW3#timD&HU=j!V0>gTuh35YqwULc&>D^&OtrR2mi>D`#T@sgY(n~K0@;|
zU<(XBV9Udmow^v;iF|G+xn-rke(5T6fWhG$h$;)SN#8BDwNh}BcF}|6yM_=`d4qut
zUW*gZ1)=;RVZ9i3Z@ZK*ja~PC@(vEN2^l$eqw7w=pUCV+0fjL!h7>6<VB^$drKCfj
zN-94`3ED|`LeJ_46U9!xJAE}<UnYFC08xY}*<5nL1MzU@Ni(oRy1XkX%}GiYy~Di{
zbE6XC|H>nqnqMvyn-a+4hynyeUtO<5q*5?ZL4g?&^U^!<)e1`N-uB&Unc3wUohM$a
zklarGKsZ@<b?AT5J+S~QoLII7l)ewdO>(>sO+RC?HAK+!(L_gOQ5S9F1?iY`v(e>C
z!Pslq7TgFQV~;J#gltcO(!?>WH0|dE&GngcqZ!pLWY<dT$d$97v^0ggUq@aJ!0Z^*
z)IF<_WPIHQ0}97*f>r0-z^ga+n`)oJkzLEJBUGN<&pyFiC?%^LFK6;;b&USveHEH~
zpI%jSh%s2<g!8SsW8;$jWa4y`3nM&Rb!_I)51*B`a`*`Lem4K#vi$#@t+rtkj%eNm
zQ4Gc1*RH-TuVVAEcvSe-Mfx;H=i}$wW09>Mh9mmZIG_ev85xc#z%^nyhDX}GKRh;O
z?JzP?Px?-nkz0G9COn*ejd=_x-TKob(UZk+Ufe@HWCk)GPW)6Qy>~D9lJP^T^=FT(
zE*)VUkk4$lc0<gIseDvPRBxijvNO>^my{WtPVv(ys1Y~dG;bYk)oeC`o;dk@^5Oxm
zJ(Ip{g#XPH!%{Lp)(-iG5_1pv-jrHazBl`xYG|;W@TiyH)2DiVC3mN!@(Q%XiEv}k
zPI!YURf(tCp}OKqP3%s3nc#~e8q9iA^#rfspT;!%rJrRLzl_(kp0(FGtG6D0Q1AAw
zzw_)GPQ!p9F4Y7io(`lt8WipH@k6~{$M|j!Tv6;ewVqA=&_#FhFWh+R*FL!T!wVoR
ztS^AD%4_<I8cAdvLy$=GSdBqm=rh#yw-5EMnDBgF={B9OdZDfD;J0&Yii|yL)CcGW
zNyb2;cTI-#G)1>XNY2jC+2Xu#5?y4HOdktmNeLDUz<K1Xp&6X3L};M04OQB`Zo`gE
zqyKas&G1-me4Omp)_|{r`vhX&TFJKHs!^|)UfjGA1X`G)|7k2!^1aWWeol&0_ijnI
z+-PV=N6^WoWlP(v6k8U@`jE3<zPRf{4rop8qg8-AI2c{`G+#cn0}G+;O|%s+bGC6N
z1f`u4`_keNf4|yEtM*M;G)i^T+~)+i#~MUVQEagj?yk*UjfOlxT6&_bviIaz=aaZ6
z0)Zpy%LVQHzHeCD%f}RAA8ZX0r6*^wR8`so;;e5GKdtjlV|@2;y=Hqo|BoLIWNv09
z52-}DAUFnhblrXj<vZREB<86`x0Cjm<v4~wqJbjc$riT+)YjP9n>Q}6h|#9KT2U<&
za2zbXL})Eyl(`XeNEwdg3|%z#7&V&TUt2ITf36Z%)Vb%dWYo3$l91E$m$yu%`j>R_
zJr(P4{ugy?yZp^zM3g@?CY|EcEG^_1nNTmuI@<r{$D7TE64lR&{?7Gieut{X7{##z
z;z+f8CaEP<Zuu-RlTtL4v@GafyIjK3G5HJP?vqx|yVXU#j;^a!IZKJpE(K;M6r*+d
zD)g}lJsi-Dh-V=x=eUd?kX=`?_s$+VjY{(}q733;FGLQ39%y_}Q6%TQ<MiIu6@#Nk
zVf8*gml^H8x)~@hMn8=Bl<bdRbIbtEwz0&Go*#V115tTPb&Pe_$zUsy6-z)P*o)<+
zXoE8vNPma31G)kdp(>}4BY^>S_QWnX!U^*={b$O{5ra=<Kg^e?M><#^!>OXJ9VlX5
zb(rBhOM@jUFa(c#!~`e3Am6_-;V}B3-lW<guBUoeEpr4tc(S+3Q&F85FrmQfW>h+$
ztml$rLa{JBQ1?9lLhrMnyX#0#{aaR3KJx-!&vbpSiK_yG`<_*zc=&K()0w8ch3}G-
zgwu&XZ4JXvE!M0(4+i93@-+J2uugZY^{zd!3#TQS_Qq8O<nzA3<@91M`~mhQ=5fDe
zX(c6?p!s?usi`4Uj@n_vgLZ_T)R=Hgx$+KnS5Hl|K1A{z5VHQi|5G(V4x&df4m0{a
zfC@zfO*#{qVtmkdKBl9p=ocjaPNvw+=e18nCI{2?F2kY$io8h^qJl|*ict5!No;V&
zz@dH`MJ`X>rLZq==y2rmAFj<yO7=g4T5cmFD4-q5>POk2@=)@;L`j~ieO0<h8~^B0
z^YEpOpgV=)b$4d67ZZ3l9RryY=?VGpDR?c6mC-H2Ysc68U7*KHEA#DA#7{^U(<Ng?
ze)my&`VneBqFiC=xx*5GdRfm?u2K==)!0Cqnn*n1gwNN&T)U#0@p*o+^a*m?o2d`H
z>%1rvM*jrS;f!I~0E&YWl^Uh>`q?Ra^Ow#+_OVtTtWl`XhT*h};PQkrdSOHzG_MK8
zkYEt=5ovr4cFgwsagH82WSv53N7?5Hh*Cz_Gj_E~Rw|}A*02Nq*@1S5d2)4Gmuv<H
z@ZA0`9w3C!K4^A-4bda8_CqVCR=^NG#=CLmLbl|;mm>eG|L-7``W9h>82kIyIh~q0
zwKWD#rF{K4VEx6paX~+puDWnRSVNwIA@S9t0HwrN6!o24Q4(QaEVFkaF1odK)N=4y
z$%C1Z)`rN7@K~M*VM{N&`_L6}_pW82c`}DCS*<;#QE!ZSjr^#Ql*f1bL|kuvpK#uS
zUd<xbMWXDsAdk|j?=J{{5fp4r>_rHEck>O0^-CVZ_I4SE&&~#D!0P8}b7UUgRx;E>
zgyD$Vk)xuf;5ghEJryl=UBL|d7<{$HZ3Q=^(~u7PExf^`qV6%hqI1yL?1;-xxmJhY
zjRt5OS(lRqwp5yb+dWWY4-TOU-F}`Si5?8cG2&DanuA{ff0gRGv&T5oZtEYhyy?FM
znsp0@7_m%iV4X+(f*h}$!cYZu8PTeU)c&nepnOLd3!o<|Kj-3_quo4=$;%Z5(y-WW
zDW@@TsOkUMiu==#O(mAOsn^}lkqs!0&V)!Iq`~&hBxuJ0Od^4N!%B_Aawe+l-P~C%
z$N^<AgaRNe)*D3KCB?LkOldWO1I$#dV(@Bdti`CP^r_ykEv;|<)YWDP%O@J1qDYme
zIe>56MYBc=xL4jS>!qD=I1!>_;eLH+sHHLqx#ukNr&T{6b+Zoc@*%@hs2)VgM6(P<
z8r$T~5b;v#c9Dke?L0mA%*03`A<Y0bfAQtSGs*KxTHM(qyU7i(8r)<uhNuN&V>Au8
z)*KmNbP#YsUlQ!JraDXFG=H4p4rD8M9q{v9xX)|sQ+gcE3P^yppt;hB6TZ)0fA%i{
zUI*z~&$BgmE4QWBp7faHkec?_KWvz(_w*CU!vg+M&+%V>tnZTixT_&izlogchP1SN
z6kxP+TKwL7e>Q`M7Q0?7=s=9$*BqsPgiltY_cGY%SvQI97=n8Bp}XF`x)L{naU<pT
z-L@I?rXorHUK&^+K2nSZ%-?%u-8327KlTn;U7OUSy+v>CZkU8-KA3TA(|9!tlXA^^
zU`iLGe?$W@?%g<RRcC8&0xwB1XtI4rF+<IMRzo-==9uIs$5$&thyCTZ)<{Ukz747>
zYV^AldM{1<n+ud<)ZF@ZZ$tN`nOxHPxcI;~OTD^r!IsiWZu4=fG`g<pqR0!f-5tVe
z(DYz_JlDwakY$I5&`qndBicvEsse13aFib~LXp73d>Dr!)rby(a$sk+4Xb<bq~Q5W
z$MV*#WZZ~_)<)KQPTda7a4Cb6LCR_z*YQ#%r8ViM=1pyF3VMeTsQP6RF*9Qdb5W5W
z)|{6SX|O_@B{d?Btlet>W2Wfd>~+}pB>whmRQCr{E^3xn4Rlj=pAwUKo|<$Rh<%s;
z^-HD(`8(dj8%W~A#|NTh+zqC#l5PfOfXV{g`$o1OOvD>+cpg4;{y_@AlM=T{>@BvL
z)n#jNvy<IzK>OadAH}^GjyIX<2<OvxEAIuZV%H1hiANcmNq|kuy9N)y**c75f#Jmb
zk+~Gf!v53BGD2Io?kzrcSWoCfa~Ag${QP=hC_?t_XIJd#$20<h!?s55TYgcsrEWog
zQAgj;l~XcDj3$%O6(Dj#Eu_l*EvJCO8E^|g6Jy8$)YC}>tx<ee@bUWRf<>uCTcDxU
zrSxf6B=xcAx&Zcb-f6(PiEtN-c=YfVsZD6N;q9|~M1A+HNKZzNbTRhu5LXFZBgMJ_
zn>}7C1JfP!pn!@V8~d^$-2^V(XBHnXY9NG9tu7-#j^*9&+bX}C_{?c?_xMMO{h~y{
z<Y=MDMER?!o={i5Z0ZX&FFvXSy3Ug!M7vK_h$rnEKm>YBztJsL5(+>5aAWQA#364n
zvoz{V%^YzvXdMhX&y{S)z4o@ro*xVnE3GI>co^VvNx)3YKxDEn*7W_q3NiiHuLsi-
zlv9B;o-Br-D1MZ7gBTu}FooVX3M(D0$EXzEPY{Estam$gjK@3uyut+LlUU#&0s>le
z{T%Twe6R8Y@5-hWp%T!S7w=nLTNsdp_a8v5fBLXpbYJB91$e3p1zZkRJ9@B7<dEOg
zOcJROADNs!cQGQf^yP4VH=eHRN@My4+?IS$x7<>ht}~lo+rkv|83H(~P6ck43?u)b
zFxwEc5yyKQ4+%Zlpvwy-Nx!=w1y#B0H*>X1z;wl+rQ&Yv-?7MdK7)4+%pwFb^u|ed
z7<F2|AQ{|--!|4(X}mW_m(fIB-H@D0`*9cwJszj9v(xF)gusCwUnQ|In$Q1&tS4Ti
z^JBllC<=^Obge_sr{!M|Lu~!l#<)Ejqhot;ZsUUep1<clHbu9<BT)wcm0iT#J*zpf
zKQl0GI85O9ld4tUYmP^@(qB#D?;d#Sx$6;gZbd~z^N3bv^!W$=+HInr^wpTfqTL}}
zPDoJn?vn?XrzKD=ZnJiRc}28O{<x)`8zELt>`aRP$@nNyn@Bm|GzzoTc_J3f`0o=U
z0oASqk~m6$cCy<g6uNJs_4cJ>{XP}_`(Yb{pZ$uD9X^os5=px;y-Nj*nEN`T>x5~i
zsK?Z72pB%^$R-T;-Mt4al5(FJtd|<V<op<(XV|Ez7sgHOZ&G34Q0i0w%n)Kc(JX8s
z6Eq=Wayy`B8&T5oZtM$S_+HE@7_+W+a%;}LdEMsA6IzpO0R0}2>H*m{+oMAs1~Hbl
znYM{u+N^mQx!N2Gq!0BUkNF&A8q!~oy8fpt?SHG%u`={D+!J8dfc}hnW$)!e=v359
zj`331_uZS`y8M~t%S)c-C060qchFn;4g^fI%s$$FVo~BmDD7%G#o>DBkuk(ruGDOP
ze_My_(#O4*{845=6qWeYFr>;8H3F@R+*cAw&iZ+zZ{xhd+U<nk`YnTw3b`li9M)ew
zm`&mJ6QC|z=B2t)GU2>5!+{ML=ZKkC^IGHQ>aXdR%F7{LN1E9-4>z(s(6=YxEWhI(
zV<_j54Jbaoi#GKLs20Jbsr__euIT8!Y{t*avM2rMYkc1ZJB<}<(IYL4eH|Z17f?sa
z`%{UzU&R9!?^$L(`h<PxJ8rmH^;B5Y$#D(tK^NYcPn?Xx>_%H-3lS!BqD?8Hr448#
zvd%tT<M52+r(=<9sq9r~_YG`T;6cPE4-5wbY|%tjtUsDHyd-1F)?P&n8HNAiW=r-y
zeVkl+`$h_;`r#dV9m4L>Mb<$7XP(}0?SjJIXH+?EFd@3HfkWz|)O(+Uo=k?4e?L<9
zSFowOh9$QaT%AqEuJSfj1IQ!f8dvlQeyLib>f!r+MYq_R(8ZCo{eyTJKm#dSFy{?t
z2)T!tmL_D>!*mjGqeWs;0ERst=5}PTo&iSIsQO^(i@8*WTQ&?D$9_K;P8(i*=6W$A
z^kPJwvwa6O|NQs4vah_<!Q~$;R(HzEb-(HkpJQ-w5i#M6j&zz)H=_Px%mc21%(Suj
z&oINtga<U`y0Iw4JHU|+f9ItSjB-oy$w=+N_0WPh*psJk6ZkfSVxywQT!a^Aa3dXz
zJwJ$U<oCdv${_<?4<*?CoEY&qjO1`CUzNvgXP>>P#dP==1cifFp}`J72a}eQ2`I@j
zk_PYzy*nUx@8*^~jPp>e7XLiC@(_pS;h5La@{1KIVaAx^b;BQ<I|3(coTH}2HBqFP
zhCCYy?qttvVMXXwoyS_%o3e#g>#B(NIJTOL6eY3`G2LU<m!_3YiMip$d@7c3l^fo0
zj6OF?kB3n2#=69UDE(KWJ#QBnoJ6G39#dR$-S0HU$u1a+R6ZGqcU`4vj@K>ZW^v?R
zFn~l{&i4i2>-k=L8URjMF4Jog1#0>~Qf_WC5fxep!r~KwuzHE0ND4=g`gM3G)rdGj
zI2}rIuJzCju2S;m%6gBCYjd-4=H9Xn56~zRO}*24#FvT1Falktj($)rL!P6sxuoKT
zmzDL>SF4DOcT<c@`LbW^J+^N9@CKgWGGTegyR`=XvM0S<9x)7^(g*Q5_~F#`Zifwt
zq7uF=+i&uhsK&>a3a*dA@X+Eij%EFFCD<o$cC=Lgj{b!?8`u{#e?elscC1Z42>~9E
zt@)NY4|w)`sR?$7nNVNyR2i;BS}1$44ZO>A8Jtys0x3a~U^K){Y#$k%=S3mWb)||Y
zC-$mHTx}lO@Kh8jKT`(Z-h=H)bQ;sX|32gd$6u=F)7|cMCj{y1Mem@UpsnE>iLP^$
zTMhUHu_qeV<%F6c8=0T+rHDavtg{ralr+3fQKhfF84Po{Fv7GRxD57YR#~FV(kc9a
z@3#J671HGp6$%|`XKA@4mR$bRV)IBLdSA(2Sb{l(qCpyEu-lS~t5mTFEla$PiY3p&
z*=ud-b5U=3Sko`ir^}izi$}IwIo4sX(|vK1;Wbk9EH8E3ff^-Kq(a5bY?;x3WVdr*
zrVsgLY_-f)2_Ie!;K7E>x&V0YcXpyd6mhn`<f4dQ=J2C!m4yAi17CZ%51u))^zpn%
z&2)@@fl`Vy^%$cG#Y_)j!14np$7OF5T<&~$Tnf2F&YYrTcyY0vSF6vzxm!zO;KTd$
zcYi56%vngx%MZ-bdG6`xU}N(nKr1Un^{}JlbfN4d(*kk|3i5UKG-BkW#s~mO_O>ZD
zCZkS%&^fCrk|cyKex}NCiD1N5_6}OSI13#~W9-W#I*@Nsby9K&awN8(yq~zC3X#!{
z3`g48Gsn&cO&uLm;JT7X8zk{9TT;PVtGnyck<3#^_9(^#OrxbdWuT(>Y(Je~2ql%=
zH<4~LjNy#nDfVWjN`seHZW~0Az3&h<gAoRAAAAi?t-SgKJ{<kSC#uCl^lshZ3m;3J
z9EL~}VQ}KTu1HLYTZm9SdQTDiDu>DU0|ldx&Qy~Nq@Im!3Zb7}6z=|LH+xz`z6bRc
zPP~j3@iOVx2&$2D&(wwHt!-^87!-zIH7u9FCMg{XQBWz5-F|_{2BkU+MG=S-Rm|0}
z69*#k)$)!N0C^U86G@0-tcNptqrDe%-_rx_XQLRMuus_fuHj>KhIJ}Dy-O~fN#gzX
zY$GlLYlG)%?lF%WJ_f#d(u0!k)Bmq_B>#r!!1fgwF9y;MEaKUg-AnlrX9EY-Nn%^@
z(L{w&lV*oitvanr=VJvekPzD9PUDv)oc<2}0L|M*0BuK)l?(z>N%`|Q#ryl9L5S?v
zVLR31`pUZs5}2J|Gl$UMzE7@inO<E21XVT`_s}}UZVGzJFu<x`rJZqYq$VCxjC=8-
zZf)7*@j2$VOR`h2XNmM9bPW3OL?EtM2FM3hu@UlQ5a9>qzNsDW$T0;4-#wuN8owaB
zZb2=ON%Rl6`@s3Pgf$F9OmH_J&@p`2TAU=aZgySdjO^L4GU2$(i;PZ`1LGS4%yx&u
z3w6Q7KK>*{hM?Vbpe3syaoo<HD=8l&w`Kai+Aqch?yc|DRX?RW^jMk%3_n~!99r_a
zNyoUXQq+K2*u%xfsQHznWeFhM6uNXMqq{VRq^@6X;V39rFddxdTWX@Z(oWH_a{V!N
zDpG}2eF_dqTIKMEeRg!WD--9K#$%k&MYi|cE_wVFj12J>M>LJ3Na)f|LD_XkF?A(M
zRT}R`BPp7B_jQx>3RRn0nR8!#*s8V^M!Pc61vA?OJB6gBK7XoXvEshGV*psk2cLXD
zLF~nF4B|IK9jdxSDC$FdBocl>p63na^IEt4$cXeuE$zdJ)u_y2n{bp9HcR0IDCKzI
zvi5tLF~!2Fhb9Avflqp^{LyY{=0AIk%I2qAE6LgTR~64pF?|k0k>r|hXgjn|qD|N{
z^y%-Uz~N#$CDd%M%t1~PO#cE$I8C$N{Q^@BK?D1Dz*)R_9Pu`wqMt#8!pWz>GLhPp
zA|WV}>(Y*Z_Gw}u6bsN<95=V<#x5Tf<sH#s+;qGbc*m!_NJelRP8+!<!{Gd!oK%b8
zo$6|>2zXm-nJPPGv$c;dmvyS{2}n|o{OPJ=1|{QVNo=V_KqlPNnzsAn{8Hx^E09U?
zwGyADA``|dSZ*0bLIi(CjwUhootT6Vnbe!xmpjsP2%)W^^EI%dSKc2NKXA=PaTxKR
zZg?x48q|a`e#AIT0XYRLjxs$Mf5$tpzQT0W*wqlgSxYu7=~{0)E|@w-FE`KJh2(sS
z$RT%trJPK=4t|GINGLvF0w$jW<yiPEWc9g-zpwbm${<G;w`#<7`;pz+1&3t@FvOcM
ziYPP?{qU&e6f{WNl7NMs9)4FkI%B&nv>|d&bh8k;HP^5YHOb-tzszWceRA``Jy>N%
zKcpD6EDIKoFl8g%t_xE29xP1M@m~@(m0awwjx6fM-7kImK153WPiK9G35;%d32?#~
z)>Wt4L{u4N%zeJ-5by<;?Ck`ff4et<-zL1yHDcOuR(DwuM4dhEfz5oMAE9@9NsZhq
zLmv}1F?eZ)xZd(&dL&ym$0l>_xbvp!`#R?hc7jb)BnOS3STr&bD!(kzP;mq1v3RTe
zo~Q)%UBT8HvR<?&GXjFzY1ZNVy<p^UMZC%j#ZZ}esfwD9SY%fAQX3!7^-D?ZG~_Hc
z072A-j$9=(NY_-PDA{?BQNjgfTQ%bZTM;B)U^@4Z(Qa8r$8+s@1RB*oLDZP=gMS84
z*D7v@oPL&c_`Jii&U1s=4)ncuEw4qON0v{+YaSO#+*wPzK~bX`p@HV{c^6I#J0oQY
zrQl;_eM9pe9PBBA{C81QVa4~FV@~6XOW^ZN7<<HtxJhD3U)6JGN0N|fB-evvo&0!q
z7Xq(%dW-J&3kI-S>6J-^FfPcPWX2bzgI<cj#ky`pxFjLnmVD75>0ydlb;etEmi;oD
zdIwqcmRQZ-hg|*Bx5B>_;D4cA{wF>|d6XPXf3?%yt6&>acEg(~n*98h&i5ome>scp
zlq`G9`75*Cr8;cq>WCX-4-=s)U^~=36!i5n2jV(GU$0}UDJ9#!A!>Roe`x&0d}X_6
zUn2eS&fYc!uLEXax-AYv*d}ezB@PqZokj>XIV={pJ?&tfTbs-*UWb^Fxl^I$J@%k>
z2B(g*hEYyn>Sab4N}di}?h%(18+n+L*$qc+(Usi?qhrvc$Gy19usW1}stQGd97@c2
zRCAvAHHM(0JZoWAFQ~b9p<D9|sg$Z&OC6k5Tn6Ny-D`5UO_8wORhq5sH*!*uPV1K(
zIeQ}8tPr`e>k@Z1q(W%=6h{y%j?go3lSwsFr9^CFr^MYsxi?&Wy;V2(zjQ}r4p8h*
zRzohlX1mOa@<X-Zh=w>nT(RNsvyA~bo{My;nTINBW?g!=d}@CuM#?k=(&|jFyWUW~
zA^s;>S8SrBiOIk~U}3ZRvI0nR>phf_GjkoQI~yV9Uy=R+9dPY_ZdQR_pCck1zFXxe
z1t7SoRCfdg-H3Gd#B0xLy2u4<M&9d9h>Y>x7ZZ6F{^mu>p18B>TClR$Yce!m9x`ho
zy&T2T#`*H8>J*kUXZ#VLo&TDNfTy9u*6e9W8#SM|VmE8*xjF1!_d*@gtp7S4sZm|p
zSCnl0U8z#(gU~ZK?u!8$cji=g7fJs#Wb8?%dYgOkk)|<BsH1Hv7#l}V@tT)|<>Bi|
z^l2>%e9c1Z)(CVwUX<<2)W*kG^?$W(U4>xm1D)gJFp@K)3Asu?(7(((4I|!?96$`&
z5Qx?saQyzhuX|QbS&44Eg9ZaMXB4(|K;`5w$RHU2^6yuW>)&xQ;OUVz{y7*wpR=7w
z_>mVWOw!LW({L&J<*ZXp!oDC8IrFdA7xk3aBt?)5vU%}*aF1yctd0mwop;<SRg8Cf
z5+OU}QOHxP7iV!963q&+j|ut1;2Sha>+FggUf>*v4)xD-tJJ1g##z4?yimZTm0sZ~
zT7&9tJoZ>QlHs*Tbwt-0Rk=}}+#48R;@(Wrw1BvhccKtx6^<*eQcHQaJj1`IO^WNf
zubGcHTlWO<CX{mQVK7l>N#ragn=>+4*+yh|SuW*x@A|_9cGr{#3n(@CGg+pEJiE4a
z6&HE{8t9y#rx(*qK;QQ2lznR65Cv@zYaUzq`j5{K({|<%v*bWoyklXyUPgDMI1?vS
zDQc6|@P-<Jo+r;PLAArwkT$mb5$EH#qn)%5$B9L2i4BbND*nm#c50uCkoU2AWKKE0
zxVZGHSm6!4Xt0KOLL>xw=Q58Tf{)P;Cz_&P!Xc>MEXrd7B3R@|pw!VGEB37B2I{62
zuju!q5_klsdk(ps{t-9%VVnNdZ!$^PxTWDI{Iz^!Aa`zV>Yb5=jUWlpk5w;B-by@n
z<?ZU3*s15D0916Hs+Lkt(A>c6uZyAwzhADZGJrK4-xI;JESg<6DM(wRbb{cKLYb%D
zcTcU7Afg*eQ}_d@Ck_gp<ovLBC+o_MQAhqcXTcNZPSeij1=N%1y2=5C-4k~yIKsoe
z<M^+EsTU$(W}nACaeaTOp6z?y8Ig+F4YyfkVSHuqo5AWt1bUR^vq;q^C-<#Ib*I1j
zG3`K34&MBu|ArVI1$!8YZ|Y_-s81!D(Fe8h{WWNnnE|C2*+@gHjkV(z-OVl3#&%C$
z-fdaxSyU~UhC*8*0fdidCnkrNWM+TXF<<h|xt$bt_{)|Q)I}$U(do&1Fdr=Z6Mvp1
z`|oIie+7K}i|=LfBf;?KK$SCpH1iC0nt7TPu&N?li4j4f5K@Z|e8?|a0N|&coS_;e
zM6wxiad_!5<^FK%^ORbD^2*7>e{}KUWGH+I6d<$t-UrTIB}=`vljmr4dW>En>8E75
z;N2(MeH+XSYI<f>M+WBay&;w#J#cxq6Cgm2gF@Ghc4!UHx6DnpQ*1OmMVxAkd7x8+
zJ)>}-lzy(V_6B-TPe8(l)7y=J-Zzg@_-6mC8mY6>@oU`a_}LA(OCZ$MS?_srBle&M
zK)vn|h~q`|e)Ll46Q`i_wBo7kpi}qIK_`9d)oi~&tn2kW{$dqsNqGeM`-Rk~;{n!O
z5#i-#nyp77_J~%i;Gp<^94NmjqAR%tUn>0ERW3X|U^apcSo!QJ!dY%P#BX(e9b1UA
znxM!yG$6vz);)|P#vQ~(vzWc)1k*9wbEP+eeZ~)Y5Y)gOVk~IDj(M(kcO42i(K+fR
zeMOavm$Y@OR8Lj+=XS`QOPy<7xc*7yU4Q$(oE5>(fZz-&W8zJ6wXZ{j`QE}utGT|I
zgCnD-1-hRepkHQ))f(+#?8i0_N{quNK?Ei0vCs=t_Jd(#f_9TbPzv{p+v}BH+tnZH
zGlqmm&l|~h2iY_GsMPn#QRI<(^XyXtW(F1%LLOOPCbfs1X>WHw;;YK`0gz&-j;Kxs
z;OF^jForM6H0lP1%ZVK9lM!6I_UgxbAI!$~6WVm@?aOT)>SG658x6L3O0t%Vd1t_-
zwpoVbCq}@5+ec1Ca%q)J+|oV0(*0Jh!lmcM%xD{<C#J4;EaTqO`s!nU4Y|S|rQ^Vy
zVlzVqJ%ss)o<I3|vHu6A6b>&?Y?h%OkjK)Gr1+?SX(c~!t*7^rLK&6wux-v|RI1?*
z3{B`ddb$`r2K@zblHX3aX%eCYhTQ%|b~rCFl6DZyU{?cp<ZwEI0>^g@QPNt1D}+L;
zwkli$=v)No>O<Jt7vYa6Qmf=;6<<2&UOAwdPz@=28Q(~1n<K?ZtsS<B!fCs!`}iGS
z!F|tov`$D)b9VZ}V?6?}q(#u#Cbik&BbQWod$L-?_#&@?@{N*Q0jjs{N@t%BD&~dc
z)8I0hd8vcnLGC|lBxx4?#XF^2PiR&}B^Zn*?IQ1&=D5214D;*J(p~bRuj%d-ZDL>p
zd{-5lB|dV`+<-A~v&bJhWf$|<Z~RS)*=V+__?w?v@+LgxKj5EMX*?~p=uf3DRl438
zgC0L6?&p!j_@L8MFl5!-bqR#j$rnL=WY$pbit2@sKht`{UZAJKkq&|I&&~eiRbfh@
z_P494?smzvj*iq{kQ<XXT4|(LWjn1l^<2;<<e^<42G*}3QBs3)7^tnnFUaEQ4fgcX
zAdz-<?zl^_Rw=cEGi*C*>ul^u5wY?ZHHtjmpkQsZE%e@i1<!b^E^}M)Z9S9ob*^5s
zvAe6f@Le<>9&#Kweg2e8=s~Yr{Tn*Wx|kV0hGf*pyr^=NgT)@%h?gh!r!GCtmBwhI
zz-Ie2-j4<)ho8e61S*EPu(s#te8?HGEx_nU24`%;B;7cWKXPCobuG@K@wVKGSiBXl
zkJw|XDRKe(X5Jk3!nr}?K;*<S<7aNZQX+l-ADy-c*lzSgL?J>a4R+W);;<q)t|sSc
z6fW0*@-v3*m8K1B0-M9l@`(4czMc<ca-Yo5C0)QS0|d?^h7E|9nWMKUexA-G9^*(Z
zJ0qRU*E}x2Aa}F8$}WwQOP>i#uOQfgTNF{n&mm*3!Y&{x(<s07)XBV_?|Tfp^)Bnf
zRE-bb-65So{-^x}FzPuC+L0z79+a1qT|HcI{Y8(OD65e!3-{1q(?l_bw!aGxZ<#25
zY|f)WaUh&<qOK3UOnlPG7|%W;L;q~WoX_cvRfC|8F5-6mf;`4i#9T`qa~|=5#vM<@
zRk6WDt&0)CPpd}=<AEy?pmCROvyZ;GpbI!DpkWsoQPY{>b*~#yw+$M0*evOB+vuH!
zUFy>LH8!VO!?}jjKY)6*FVtfTP6p+@ucDVQJ&V!*!FV1`^ra*|DJ91R3N{_g_w2M|
z<k7WmMQHu_SgloRIUmX7b@dz2#I=|(CJq#4B1hDQz9`1=op9txd3QGYtWrc;^%Fw^
zIud^00XQ)14JUX;9`w4@FRx>w_Hs2|kJxP+ea&2BWa-|4%K{QkT7thI9@QP>n;=*Q
z<gN-%Xj0nny$=+3I(OkIC)da2v&G~4ik=K#5<Pg&Z3TtVGsV_JBUGRiDqeG=i<J_o
zMLHfw*^LxvOt~ZC+KTf4x21LMgL&g<_eG7s=5BYpVkPmxna_6Wmz3L8zLDDr3b7Jq
zFNRKg>u7d9{$~qz0B4P$$xn%^%MXZmjEV5z)QJZ<YSip*)x>(2nF~{wl7%o=&So7A
zQhBj+#TczP5oM6Wv$)briX)jR^ELpGzRCD;O8&!?!6U1eG1HF?rn2kbzPcc3rujY1
zVL2r-*O(HhS=@K>^!=)W8voO$R*pU;bqV>jFEse3?^hL8#m2%X^Ke96O|%`{4>mHw
znQKXqcu9EvtP~>s_$ht1(2_BDN<dkf^h!9~3r1xJHO<3f?9eFLb5NO;ptGCWI5=`b
z8t<Q|D|WBILad}*VwPLfI#%)|*YuWpPcdlf6(2Nw&1ggj+v9A}!|>Yg=lfK;=owhs
zdhLnA{Gpm}5#8FwPEVB^pK!c2{P^doFuXr-rGj!mv9+1?mQhlj;5P`D7L}!cL7xcd
zFOiIW=W&IHVhGTHimVqd+CyH?@t&35iY6gjhsMK5TFgK8**v>Z`*~K$2rA^i2YL`J
z8{4;Rl%8^-pl_|ht$-gCNeQ9rVC&EnabOv$0vnPsBRzANq^|Oty7w+AkclJTL*2sh
zwx1xfHH7B-5dQfId1@)Xa<Nmlp@i?EfAoBXe^Zr{>B!!f^#caC%r8wssQ04EnBLm#
z`gpCeQtjYB`^`<U&A%X_+ZwepFU^mUQmSQMr&H{kwTFpMd+cB*k&MxjKE3fb`ydNB
z(k&tvx*3A*H>u{N-Px9DkG8GUkvSdZ*KXDNm0Pxa64pAxrQ=1Pf>NXa9}2n~)lmU&
zVh?xdDj~6OJfk1lh5cx1Ds#YO>-m<k0zNrNwXSWf5_gW~K+>2hr5&1>@|g2Dm2{6{
zsQc!69Cv$L`Xk4;FXa2m=u1Oi_p(NQ;fAyV=Hq(gXcvQ>5Ae{k8uN%<lV<tFHfal=
zlX$#s!D2$X`;-bDRohApE}uk^0?quKU{)Y%JVn<*izfUh9)LMJB~KlP#?TT^U9RZD
zd-LIa@^wFKV$shY%3q+)vZ5mCe(=e}6jr*wm%?Y;Px+No(q$zGitoaa<6avPtg~&Q
z@cO-{nrEJHc=O$)`_>=Z^G(X<V;Y31_8=Ij_}74dGKUc*av*T>C?=u}Nm-#XtoiX7
z8n4yr5`W%d<nM{4&mShTskVthG-)3xte}8gAxZeDoTh1zB*Ke4SGjFb$3srY2_G7m
zw+K{^J}!Ou=#X$hk$uyc^tp>CM%NB2v33nDY=JIJCO8FeX(IIKL%`cr<#^!j!O2!e
zV>ju!7eAWa=gKwoVva-!pg%SJf&dX)UGSHbNUU9fRcu)cBldyP&u<U8TMG_+7r(^X
zzqVgp<5tfx#Z4u{QWQ{ax2K&cuE`<!HSM0c5iE4|o9Rc7<+%9(-PC*EJT*OfclwQM
z@bC$u@oG4x7#$qx4=g90RvTm|cn-_j8Y}~dTl!lv-jRQmTEu~yxP;Uudx3+6dflXu
z^3nA=q@*SucSnaYU1z2;M(@DN+TfR{;E1ytPCaMlZW%5Z*2xTa)lL+m1Jt7?(d_dg
zLIt%4*fkwb)d_Qae%mIBE?Uy9c8x`RS{@^zhy56P*MLILwUY2E7~bSs|7+KpLT|?F
zZ0%;~>OC)?&3pAH*0GP?heQFs_+^mn{?GmaFws2_eNUnGqXsPqYsSRwIh5F29(sA2
zU2)|@#(LWB3)NpjOqiMcy?McAahmoBTo_$16#a#ln&XtNKk7)IvTEjhdrvXrg|zYG
zTi2?h<nyOyj$eFvb{CWQW$askHc%vCO}Ymey@C==m8;xx-{rnp_<kS3AHA1)rg@L7
zoR<I3>G7j3{2bP(gsIIzay&)Vn?#*73|8i|B<!t{kqEZqd|45zP*2c&;KcIrqmf3J
z$n;ltE?r}a`Y405oERdz2Fx;})moV3TJLNXe8f4~4N=dLCFq~Ll&DX<*n4RYQa_K5
zJ38dpW^8I@jQg-Re*frPZUQ^|%KZZKp!76u2rLSXEL1(_z;O~=0OKg-BSZMg*yv+p
z>%RSYDetOcPkuZr!2jdk;jmA0U!Vi8#sArLaTvNRJ1HaJr9+X=eN?lH^bEyD5?}W`
z(x2G1d|Z6i3HycP$+&V|^xIeGeBmrOWY>^3VQ?v#pq&#b^2jazP`q;?h@z@bmY-XC
zEj7lSn>so)y&Nl@a#Lw=-B5qS?D(L0uf*q?;?k<ZimL~|>GDUPctzBI{dtc{K%&Lt
z*(Lx2z=9COcvL-Sdf|-jK8o+prdufn7g*em(Ahy66C_XGcs@~!88!rHPoYW{L8}Uy
zCK0$?rSB*_zU*HWxMX{Fw;4&@J@o1QeffMpOeJSkg8#+x4_IvcpY}T96j*C!ILj%j
z38T$8dOi;Kh-Bl}fxM{D|0O0CF<}z%3sMz!m}@0!+prJNrU^2%{gq^Om<UKIbtyNB
zO%RF=7|wb`_+l*PmIdkyhRB&GBg|o&B8aok37~LNFH-K1pL~-KSFAU7njff`DR9Xf
zmu%_0)Ua~@Jipql4>`kn8s#gtCG3~~S<K4t2aa}FmTDH1S0v+i@lsdk@lJ<EC876W
z^tkbwtY_&kO<fPVCiXS$&Q1me)OlqHGnK#}(u9)KoH!dKV@{r4xLDY<k7v_Tt(2Qv
zQ1Y(682;`q9XSq~5=9`xUDu3KhwqRPek>RlGfB;vBlJ6*v@|R$@p*gb*6?A+n1CZz
z{uaA1b5oOSby!x~UJ7W`sWA1dFDo`UHWr%D!vamJ+o5lJtP+fxxyWKs5so3V3?W9t
z1X~UFmK}aIAcehmHgshSB${gSAmu3O*&Xu>B7(ggBJL|5A%FK8lm6ZNlERRK3Szkz
z{{)K7ye7fe7fI!3^rB0lO?e}z!1Sw=GSI@~!I|MsEVf$s{7jC^Yo^bHxu2#1I|<!L
z#-2LrbqexsX$2x+z$1F3{qvTMNv~CiSuWRrdKqi%R8)jIax*a`-{SdAo5`6#B!0rb
zg0mPKaFWK4c@R8twKzm_s%P4Y6~9YnJURFJ4=1j(d-D_jR89T=wtM!sb^D~7QAdFX
z7z65ck`zvUk?-CvWM-oCs=<ZD*n7OyzeQi>;El?_E9YLhD-X!fE{RU+(xHegwLUnd
z3F6J92KH89y{1Xw`31Q;$k20vGGsM=zv}my_`N26-yOf>#P3-6dsq0qKmPwNQ!sxG
z>}SG>h-HEF?+AApvq0n0-syY!t_>#-T=}xstW7Eh^7N^rpI=0PkJ3Mlr2eyr>wmM?
z!Ox)fcySYPEnO7JmS#>^QzC*~l4R$dXRZMqvG#kCll^}8IFGdV@ZtM!oqJy(w1F&N
ziON3UNgfYmn>~L)7;tlODj!e})kVpn2X&l(L2iB<96QK_#}JnzeR1pJK>gHwCyR{i
z28yUd6lq}Mi(u%lf?A*Mnf&{8zt79>b@2QC_#F>^$I0LO!ted^cYg4n^QOTVbRFna
z&Say<Bmmb5xzxTx%triz$ZIq3aH{8J*t<VH+VK~Mf&X9qU6cz0v>JcLOoYQWdQE>p
zdW+;YS-s%@Ro=OVr5)rWw+-N|swEnv-_0kQ(Kmyv$~zX=MH}{AIo3K7@v=}rL+O)3
z3Kw!lhT?^2oY-dC!8alKJH8r~z}eD<)~ibmK`$qJNgz~T)b}Lwo={&!e4)*%bQZ)q
z_GVm9(=+&N9*hCqum%F-ILL*ewHOMk8&J=eL;vG5@;_a8`!_Da+9P39XV@<Y+-M_`
zrXoXdpaV_8Ul1Qd;8CFQk53>Z^fdbB&{ELlFK8Ow1`sqUxM18mGf{%U1f~yu>cIZ-
z39n=|*qv0`2Y4yqudi+V)5mtu`)1(JcZ{(XFy=SlZ3)2MPzqqOUxx2OPx4Lx#}kmX
z|Kn4GZGCz>-^lOx7y5mLelIzf-}lgtGt%#%5c4~1>-^q_cG3W_>HiK2zk|Xb$=&au
z@XrJV`E@WAu?X^ZK*`jRX<WqGCYt$g2Bw!Z%r72OJF7D@Y3Js&M^?n`{>otv!yn<^
zKtO`!&M!zJfT5q_=vDcqu7_eJ%hfN=Z>2O}O|q1>Oue3`PFQ_L7gAYzA0j>5)eQzO
z-|eb72S{lEuI{`I1SoVF-v@_ZlK^8K$9No1uSb)~KJd%`)A;)T_<d-L^iTlGOW*|I
zi<w{+D(ew)Wgi7imH}!-DLbUS{KQ#Caw@h=k{J*GkJXSXx(*4SNkor<Gyh}}e{tIj
zNB<6ocVc24WoTg^y>RP0N`kH_`~TvI-GAE=LBnwjQ4PM8jot(m`Di=kW(^qm_XSg3
zo!VeMAsF8c4?SS4%EZq^x&`2-t#xOALDCCX+9luD+^3uFTnOnYIOQms)-OW^zKF}q
z-U$c+z;pX|<^3b(^<95;jQPL$`=MWPLpa85Pf{AA0*Tpn4XByK2L6Irfcjf&wK;No
zJ|8_lB1rZ1Q2}MS?*O_J$Rw3zF@^{0T{dlKhYA_CS@b42`D+aiHml<oWPECkHoT>A
z;1{H|edqCxfR~{y{{NGA$y+=H4PYFjc#`21O*vuYRmQi_uf>dS1#yGRvZS@l4Wam`
z*4CL^cNm^8R7K)sCmzdA32l^qa{0}C;*&v?-X+E7j~yv}Ytp8@!(B<yU+EQZmwCUb
z662c;ubTX%og?gp;|0yOYsN2H(qqrGD8gh`0(c|4A}hQ(oi_}1EvyAjeFHbif&W(s
z%HQ>Oc)=Cm)@3|K(CYzD{3o~smGH?B^co1KD<G_vzHWMhuI%`+l{SvYZVB80Wb*lw
z)XyQ3*f(&)KS*u=5xYV>G;Br_uYfE65wQv2kkJtc{a<tb`LAVJ|2uyM^BVR)$69GH
z@c556#XBg75tGH3H68d02r(rt#N?fAk2M!;d$zwIj=J<h?90XZpT8iR?zCSJ1(aSR
z?&sNT@VEyUhwzTLt0J7e4kxM6{c!j5V1yzOSg%W0kjlksg%Uo#g6G}ytv50t)4Y0z
z#e;4OB-ctjn!+binI{p;a3Yq_wG?AR44mTqT9Dd=r^Yy^FB;q`qN=z_*NeVt7mqrl
z7n`~u#M==X>S%0+Fmb&UmXdz-wq3D+Q;h-nb}v=~Ih^tuOon#@{HRW6nWjzbA_N4c
zmb@E5E(ogRSR#LDTP^7Cz5S(8GgIwBX~3<8T0g&^07nZj=PsknI=-jr4yF^o`lWiO
zFUaf?5HE|~rCJ*1^Yn{qU7Z9!vzXy1f(S^-yJ@UMx0ZQPFlUD4b#G}bv~@1*a(gr|
z5a)_dn`lrIIQiukdjC`@`UUFJLfrO5i>{#g$kxMwHS?O31A$U{`NHucL&rWfjE>yg
zU!@=4v8q&f+Bz`JyfSPiN$2}~#={t-r^klMG{v6;ulof#h@Ona@K_Ng{Nw9W_`hu=
zU6N|wU6(R{d-mq5E?I%&>SteRJv^@$cO0j*xTNa``xzh;iY6<l{(_`EOC;ik3h`et
zBpY%zm>SGcKi=ygFYfs!B*3Ug-uA{5C@bP&?@}`s`q(jhSaC}fBRAXF*N`V8spe|j
zuGvFzphCRvQws4&Z{$^?N~%i2vlJ^HQ`6Dmt+wH)hfxBt8!Wr_%qOl*1W)Yq(jZzk
zMbDv5bgw?sG2lJGfBFvVt68peYonWc#?r%l&(&dZI6K{!+gVNUNWqsqsBRTjqFG#=
zMM#S(265>2{0qxF@!@8Uq6#LC0u4-Wnat5(-5ngHDdjU-(Oh<?YmT@p0myK_vf>Bt
zfElW0Us_e7r$NY*R*EZn%f_KRDJR;qucxW~cKEW*@Ff+`b59=XUVnY@ZRt&6lkkkZ
z<mi4k!}7reFwO~ZO)DrxVxrDub>GNbp-$daWkq(h{ZGk#Uxsf*yp6u8)d>a<u7Xu`
z9d!iN3*%T(mLRah+3PaRbPlcz7&x^k%#AwX6Ad6XSb;oD0E~DS$48T-Xyb8vhTRS8
zE{4YkK6rG<?q&}%Sp4>n7yPfUyge+!<w5GH_G}`nuz(%LkI`HsM|pvqq$}3dC=<n;
zO~*R!zc857fW39&WuK95=I5OJe3t0=c2@9lZ28Bl`3&sU%*<o%73LkBX7j8oay_mg
z)d?hMgF|3qRucwht0L5G$LRiuG(3T{f4j`lvMLL~-?e^2hNSdwqglKBX>8OpUQZ|*
zc=xHYQi|o|bDmq(EuC&?XIqc8LreFbYc@uN{cs;fTtwBwpr>&*6T`iYn8Uk6pXa;B
z+=>9|4P=FZ@Mrk8M?cD?5|pmyoKW6hpm|{pl7}6Vsb!pwBtNHTi47JZ_BZ6X`!!^|
zr`p99bbh!wFcM|=B9_nM>$$MEpEeF!q-VK#9~+!-L6<`%(uuT>-#65b)6&|P*J1{{
zPtP`ZxF$R1EbKQnR+aDX?+fKPQ|~{WFof5?>vS&~!W^yRselDJ_zYz@)%~{4<Eh$<
zSwj|)oz@YA??|7ruI-nvIxuz#SRHVJ)xD(F(00;6RjL_dBahAbzOBeh+N~aal<sRm
zyq2ry17BF-4~v+LXs#-3M3(~Hca16k)$m*|vwWjY@u@C5EBl08e4v=vZjLSMUH7?5
zqZMIqR`Rp;v!x;qF27%#abN#b=Ki4niJ|=Th?a@A@$$r=-6h@kV6ZUd5RTLpQnP0+
z(F`{N>?U=QLg(E+KJUFwo(nAx(u=!)R+Cvd%KXDG2s1;@i<|z^ixZFV-_{@-h7WAy
zD_=fVS+I6XF|jj29DV9@^U>E9S3U@zGv66_N*T<L3_|fde$`4Y#S9mYi@lOn577B`
zMoQy|U+a-+izMo8nl?!!3Y?-Iip)o2il0ew-)eqPS!Kxf-IU2EZ}DRaGt*pIpRg*j
zvDvq;4^&RfcncfHW>3l9@fy@K&WtIoEQ#n^7owh6L`jjd>M<iT4u`7ZQ%=Wdg!Jk)
zItF?MP4*p?4)VF8dKo8K*Wxu(b*PK6w}bSVTCbg_K?K9fRQ871m(Q1b7VSaRBeHxX
z$rT>>aAl~|(~WkZg&@A!FyV_S(g?|;Rd(uX^w`Nub`Dq>J=EOT%Y<?oeh~9j=eh1u
z7uANQ8A{F}*5rI}uQctCHy*fO+;=KJKSkRXpQ5jI@an5jpT-ZjcD*`tM%GM^9QBr-
zTvR$;qTG(r&%O%Xh?nk2Lb@dNmzEPmc)!_g=nC0ZnCCpFhaw%ldGmhsb;pno+U}|f
ztAf2cpgEO+N@Uc2KSj}gKtLY?b^+!w^8GcT>08@@!K-ZB>cyw8JaA&-=14h{^Y&HM
zibFK8G)Q48Aj&K!<hEJ7mmADo-q5nt-<K_&tsx5g{-`7R`N?JT;Qw7JMn{p@8MPqQ
zPJ8T#sA{0<il-V~jN?1IofqTPX+AP6QHrF~PkZSi9x|G0j#ADMl?*A5zm4J|Yb4!!
z^*$FzW$2Wc^YM%UQ|JJW_Ps}ZzG!~6G!Uvei@idRMo%v=1kgjn8R&T{{o$aj&fQ7M
zPfGXC8-{8rj2JK4xtX2zV59LWTatg0Cg?!NXMMs>8#vVe5!Jo`&)j921fB|K@5(gp
zJUKU5;?$-vFXU_;r_W-OB>+TYQhz}teoW!0AWxpJ7^v~eo$C#oQ`IpuLa9@}=o|BI
z_ohkkb&6-@?0CFSVn8Mq+2}Ch*Ni$+M!F`#)2l3m*SUa|7pg=WJ#cZxoN`mng^WaB
zI6tW|Do;QcU>a7rP$NL#vr#ul<oKr$aQEMcL274ei%gfD)vV`z{hWiBHz7Xlj6i!d
z7p|!lhY!L{CX6Wh4Z2{%YEEj}Z^&OTdhp`4p#G6rA&Z|6L?f)6E_AwMX*^Tp@<MtH
z>g4w^q(MC2cL5S_){u*s&+h2M3eyR9>C3n?(owISo*!Xu5mXG<>Ncne0ha5t#fAbM
zCeXkZ?Zofv*t{fTiMc%VodG$Z`(+b!x<>3OGTR+dzerp_VvpI$J{iso`SO;h(skfz
z)zrgY-!tc;W+sStaKl|%^c3_XvM$s(0~1Kowo1&)sJgnT@bydEN!zY*j!GZ?ePa90
z@2a39@GVQ8);T&kS4r$GhH(~mE<SP{;F0G2x+<nEUbck}JbrnIp-k)l2DTx);vB7-
z6Yfx*5c!COuB*?d+2|H6VwHL(5zP{-V??ES-8lL8*-h!a)%{_P*Yj?08d*G6w?BRQ
zl-#msX3?<9cN5qFke$uLr2ej){O|f4Ahk+KY+>wuPCZQ#oVrS6#CVdl39PtLtUTv+
zsN7KVAw~D*o;|}e>M!(t;|wfQSdn0(4YmW(@D7D-DjC`=$Q6p5>e@HLUM;Qv*{?(F
zbNS8mPeN(?7Lzkf_cI-K!VryP9}cSUwF$`#O{l-U^0BOrlUrg=^`?^L_iS_>cig;+
zl6$j*ET48{L%M0U!11e&++pi;2enf?BcKkj*UIn#m4QuARA^Gw4D`OlfnMn8+_a92
z8lj1S?FnZ>1vQkh2mAEdxC!C)IubVWWZly(c-XnfPnH&}7d634T=s4Q!9c$}qU#nV
zTkcz4qn@q8R}#+)DZdNS7}V?02nI_HB7yJ}I3<Ri06Fz>9jXGlPS4AY)G~z*R2CvE
zGdEl$`w>DLd-L-qdriKm#YoRQNSD%gF5f({#ccQ$SBh&mB{aFY>@uYbrJz`fyO&mu
z#(ihGpsBp*o@s?pGl+`is%09f37{~8^Cm`tPfi5Il`>DJ#82K)+`cgItc_5a(rLQ<
zaO8fNKV*7YY|?vR-dqE`_8k4KJ!%)~TQmZVL?9C#!lH_i$c{m%V^xV*_|ScYp1Zz~
zEi(-Zq~P8w#pTcKOIA09hqf*baXHv7n_B1epU=#V%T`kS`E6_9KcN<XRM!8lt}FTi
zAOG=_*4@#7_<1&K4OA3Ho7M;Q5NA;NJFAWNKVW7xU$9{y==g)i^IhBusM$-4n703I
zknjHt^!*R}mu(iYg!lzHaft#d95eYYy3$p|Q$rBg3(&Om%_$A~vqAX!GN*UlW!PR2
zHU0x^MlEEp8~uXF^)d(;stscAVDAr5K9jZ>PiSeu=xOUa;Ngyvk8}~yx5kIEmnueK
zp0cT5yktzB((tG85ugh9R^{@nEdx84TGch4-+5|XH_06nMnukTOG&BUHV7@~4$R(j
zed9=arNZE}cWIW_WePZ0mN|+ZK^x8D-aJT<Xp%W-lytCfef^G2Mq^Wr^?kF;=KT3&
zAVc79jydVIi(-^Tv!c94ran%Q>h|KZR=%ydotbm2#erK*?8M3Tvn>$oz^QMfXLqke
zN_i}7Ck?iE8mXQa-?Pl?`Fyc@!T=TSE;@;6!0ur*s>o8*Cqz{EJ6#Cj7MFD7kA56I
z>54b+Ea9ioqEYS7Td7mMm>8E1cEpe;Ihoj;jmPm(&;%9_Y1NNHoyV+@&zanePK8RJ
z=g`wsp5DvU<X+92tgIC3)l=a)7fv#Yef+`cj$Z7^7@bP7)xl1TJ>wgCcMT6?<hx?b
z|6=bufSP>wbb}4)(m_g8svscJr9><s@P{Z}5TXLoq>1#9C@LsbKtO4cE>a@B6M7Yp
z4xxAH2_*zlyr1Xn&fRm)?%lKZ-q~`-866;#<ZJKytIzZN<{`lvmx<bq2Z(c_VnffO
zSbO7RHLsovkFIL`@#Qql`*-HDCu~;wuzIsfFExPt=_Ue9{Fp%`nb*eL2;fR^qej^C
zFnoP`qqs=Sho9f(#Z0HemmIA-#fIKi@^Y;<xg*Q5neUfs^tXqz0-ORLI+9r7XNl37
z=4+|kM9SP0+w}YtBSAy>GQha2JZ!r+FKqu@(VO&***S}tg-@8nYy^;moniF#0>l`w
zpl?!}U2sXh<!2H<YxS$ZOtvcV8cxn6zK<VYG*z@38&j;xs}`|V^74`PJhw<^b+0(}
zWKTy0h;9Hg9Gd~{T}T_tD~;2GWTm-n9`(qGthC6HsnQ7*a@HmDh@G3gTILJFv+l|u
zvjIR=3QFd%X-$;?MhVC4w!_Yp`qtjcbO>^zFIe>EdfMr=Xq9|}=O%l_hj;Kyh=`WP
z6Y%rTUvgh(DHLM@F1S~<NxX_(iPcefJXKykx>~)b5l@Ljx&>M`!OG<!XEe?`8LmaI
zD~f3iquIt;(<)TyueQ^FnG+Q6q^}b4Iay@25`nY@Klewr1Z?w6!Ci1eskDi!Wh@&^
zDho-5;ypDR9YXIa?<XH$+G1#IJPc_qHH-&OFTY$Gz@Aj=Awle|>9Y%U%D0lH3H~|5
za_fCWiHbH1J=v|8Xq4+~X*jr*Ms10?m!DP>84w}!?M!i_vX)DXcvqa5ijfJ@aptYH
z0G@@+9xyxo`XSokpn5vtnZ+(NXh%i5;8bUu?HhrPE85e?KcizE(v?kk+Afl%e}Yhl
zub&KfNtk>dsJj`vQ-<j{B2nq0@v0375D|+1(${{J6;T*lFlKJqX?qaHG?KwQ(em+u
zRpa7=VrKT}O8?Lwh%?k~*fA<I`OYBq+%)_tuD5J1<&;OB`Ko5WmzXc01x?@aR_w#K
ze2zHt7mq5jS8l;IZ(V$t^gc6l6p(-M3d=~;;#eI_5s}s#ui2XLA787DvZQ2F6=XJj
zNJcZxJrWMp)<u3NUnfmpX0UOpd2~-$=tY~Y>+O>tY+odj#0Y1JI=FR$CLZ!;p8*|-
zV)SYqeKz+fm#e^q=2gg4Wvra7+42;JNwa73c#iEQQO6DE+COHq6t}&xWe5EZ0ZN;)
zBq^fLtW5CU1ciG(=cQVp)P840%&2x{q>f91qnm8d?VlhSp3Zh*vrK9`rnv9rqaiAo
zd}Fv?0j}0BEl)8RHAmg7tqYd?{EGWLIeX?x++(^SG+#|5w2Q+uCP#_c+ASqILd}H7
zl<*~{Jl@P-<6x5HLm(4R&LYE5tZE*3RbApRZp%-!Byx?3jY(@dATPe6G*adweb27k
zhe{gg^s#zhN+^)VVFVEaf&w9JXWPQkeVw66BrU3y;f|z(*zK>~r)<w#ehd6!RyeTu
z41F;@JB3#ZRkFNeeWS%D&4{f?ut&;uctU@gg1iAp?agL@OaDNY!Zua%tQ`*=z2-I<
znIv@_l4LtM{AMI}g9NW{@Yq}|8K^{$=grx_rpo#rEokA*A}*0>ACFwoch0qH5`Iz0
z8T$kpf9+G6XH0Y4@p{QVhXNsJJb(1}rtFKuEm!x=6sEAFTZ2ZMEWyCu>;owF<Cs?O
z`YZT^HlXs{JE|Ecy;&M@x?QcpQ}Vdr9DlLwod&i_fL6hNvKQe;DL^_T^<kqHveEMs
zZ!*iuDka@=uvI6p*c{e0A!5{}nN3xjaI?hzy9N<iePZ4&Z`v;o5I8=i@l9p<_$*JX
z_5;;&%T(Y0W^EgqgPR(PL}wuOIYCJPCZGNUar>_56Onj^hRb2Mw-p>&rM88zpDjI$
zCEs!hi!t&FKu_MDvS#5Us{mC8KS1j8az9yUp+I$>7SR9EBtXg?FBQ1t+~j<xv1D%|
zF6<4KwSQE5k{8U<e;;KGW15lLc5B~KM{T}EvPTE#SteO-I%5fSrIlu5Gq~I6w}L!4
z=>q)O(Uw$^@3jh)qO8V~rPWy*-bEeb?-kEprxEg1rd7cAaF#jgX7ckkzi6#h@Er}U
ztM<<WTRVVpQ1okm!4en0c^0hD+~#tW+qsyv8EEy3LNU$Gn=Kof>Q^|Te>jH$r~ZyQ
zauv3zhYxP7RTS0W#toy!@<rn1_@?9(S4FVRPjj2ZnR?m9PQ26bNl%vtUrAo_E>|k}
zaI62B_~4!JL^sok@`<{je>ci2{--E!^mml^Z$zj6SyA49^N!vBbw~2wU4oS*EC+sY
zjC???!cUNp1QJ3KL3sn|@h<J!+^=Wy*X_~Y=;!|<`Wc7%%l;_PocqiEkp_&q4Mr{Z
zbtxxMwM;Z%N53Y!)j)qu)%%AND*RKweXEan0Yx6dkbv}ba|u9n0~iKCU2Qq*CukBt
zJh(}QUH%F3N$B3yuK8^R|KF`3GqTa~Sy*0*<lNMr_pW+Me&Q>mKfdVR+>+8g7Qi(|
z+{Zf4exZz|*ZrYkw~_k=UQvM}A77Hw;69obHIH)a4sdkdh}o(EzuGg~YUQjTv>!mg
zL|WP-0OkY5?7*mFWU+LNw|EB0hJ=bD1Mv^gcwRlA>H)3eKYxY;`2^{S2Y~h9H5f$$
zz~UiEHn`MK;E++9QCkQI?l=W_bI!~m@bI4?*!y8M9Cs;2l)iQ<2$_rABmD%401G9m
z$zSr|Q7EJwQbqg;YGB!yp`wtB7)lWldJC~}SNqTBMMDKv(cm^2IJt5N-4FCss5o_u
zy0QR}2_Qq5qd;Jw7tkbcpHt@~72N_)fG5ew+25D)`>Fh1V88due@6?pz6~W_=#BMq
z%Oc;bi<!19sg5-W<qdroQ_PS)E4buS7^p-~iV1CJ{TN{3ijqRF0ETY6TN$?Y;lsRo
zjsiNXpxU`+3n&o#*$=<|C5H&N2a1k>p-lwrq&tdIhc5Xm{2K`I{J&Yw`TrYwNOL&)
zw=^|Qpga4w)nh>X4vq$r-GC9-J@j~he&oo!v+s884L3LUqN2O<Nc*b5h_#w%19fAw
z<v@S)`<RIvsKgl=qFDFxq|UwswRwEkA!XZz`Ul|bFmyi(qc)J+R3PnCqC5jU9^_C7
zkj4X?7wpyET}l)MAg@tRBMVV`z*7V`Y@5)jP)Wd1LW+KZFhoH9bbpYV45+-%P;vq1
z1vpA=0^|VTf)USCtC52!GC&e5gLsRhoBYM8?Nng!1Ms9FqtGMIpP*PIAqQ~YfU5+L
z{RGXBA+sSztAH*9a>tE2^yhQSAb|l-8$vz<)XpKReN+G?fJN1Cn9ZqkAZ>nvkih*3
z0<Y&#fIPkvLoxzfG2r+A>3VMbzMS7r=l5d!y?4O4|52tO5SSlu!ec}_gYt=dBd4IH
zsm+Z=&mHHgVR^ekv8zy9zd@DpNH#xjDYZ8VrLegKynCa;!)(NZ_0y{5M=W`i!g{0*
zK%3tOy8rT-e+`@^UHNNn!*|*r|3?t?KY(B{I0gCF{Z<&uzrqy<!BYUo3Y1o3?Y;x9
z*S-SiXzNvz$It^v;w2b4Njl^w$VMGQjj<YCZVePQBeNtyWaiNa2R{JT2>ROL*Yy8+
zIOD$y1C7o{&PJkkJS|ozVcg&&Ge?-189+DJh90UE05j0Sq9~H3h4<ZXB0v1c!6b@|
z(OxQWL*gLTzroz%zi#k<0L&eWnJq%@JgEj#!U;b?M>;;RB+et~zrHLpyMBUR?AkAp
zO{i1~z^38+0apC~1@rmu_C1_{AOh<k)xa4Lb|`uT6i;+FB^TF@+Nr03pixYr5II)l
z@e`Eg9oHQ}JyFMEDFnoaS!;;c{#%?oIqQwTtHifJzaHs-KqF%Z7#=1=)lawq-0;*H
zfH5PzzWWHH1GGB-W`XW~gyA%vkTIc{nVEE8&(|GaZVHv0#yo<I)kCoUE7l{mngz%v
znOP)V^NLeqG)Pue?}?UMwD*_z$0}GwoR0^mgcj>^d>aw2uDj1Ep}U#tLsBO5xnUU=
z+(O7_tKSR&h+hZ9$b(&SxK>|EQi9J^n-X)`s57LfJ{$5x67%xNpek$9>CU9unKiSu
z5$^$)a-|brVVBWer$Mfr?FE7ABtbY0kvk93kKi9caFVq~W%i?(Cd<AZS=WFf_D}!e
z8vY$DArv=N87|wfDD4RY5M8&Ciw7F#kfR&0BPi$7w%Qz%rmK#_URCQR-E%i+&knQ2
zu9OWGCcBgk4~%xLWFwnDP(_g6M{$Dy<-i9<j<EJ5-9<KPknKn!L_R1mmfg#ZevRvD
z+>fts9DR&>&Uy0H-;Uwna}Rl^)2obDCbHn-4;CugWSEIs%}*zt6W+S^o`Qd%?iJfm
z-V9GrkHc;N0~j?V$0p%_d`IvQ0};RsrQmW_>}l3F;gj-?ZC4dLUOBPcvCy3C?=dk6
z=SL5(x|~{_U3r<}JLplO6EIqX6e%7$^l1`gA5!z1FHpKQ;F7v)G+by?TK3{<x6oG;
z!I!Z^ILT3rliL_W8>(35wS1jT%jh&;ZP{?4ex`HwWRGOKD8T8t?EB6Jv_rRQ9ZjMq
zIzuUm^-R98gdn^^si)3^s7&JZUPIamH<<ViNXuR2kKDPNE3^)UgH(FjdA)63WaCvT
z!}{5jW~()etZ!yMMqg>N<MkY^#$LSWX7lA)evfA(bje}~2n_C6q@~`PQJyK8T-)hw
zrlYi8P@C{^cV(jpIBX4}s$U`HMssxn05q^-c9=~mv;6pQvX_nzUWxj|zapS*v6tdZ
zJ-v<RzTUsJosBnZ_73gkPH9^6Q4RePuiR6~yHItkx{oLZX=Z{hXm8vF@Y7hOaUf+?
z$lWa1Bp<3(9=P;<8&l??E%O7n$q+?lTKirK@+94>>6h|~P#lnx`j)8QQRVC<pr>`c
z<Jy{TF32_pl<SqbR_Xb9eA7+F$YJ(kI|F^!tDI*Oj-~MhF7{(U&U)JShA~ike!KC^
zimPqGa9H8uO|Fse(yJn#-)W9wd_ipPCj-@g)kK~Wb37eV9~aE3TItNQ{RBPk{?g?d
z!rR8h_E9kH%|d}I02$-06$0MMAk!{*r8>ekq3Noq)WO0N7ulzMu^p=C?K(C#Q_FS=
zbMS607U)*GT6@s~Up0M&)gg`PVpa+LnsYD5n4dob(F}%SjdHI>a!eJtCJZM(`|<Ge
z+#HORTTF2ywk)Q<E@i5tUW6<+3QQgvAvM<v4`vVSN2m~>Zqm$GuACM+|32vSgWKou
z)=RS}qDWth8#__4*>bpyg_bBfV|<73l^AB^toK%v7kr_Oq{F}Y<nq=@{~0o;o+*Ga
zn!8No#$U`Y*iNtnMscj3$&=c+TvpbU?RSFJeL*c;DGMN*HeScrLjkDP+3jG2C|o8H
z%;)P$(hqHQDR8}`XCwAuF($u(CV{4%F+9f|WNWjZt9u#AwC%H8Er1!9&mAh@yBf(=
zYE<I59+>1kXtRXGS`rlTn2lVI2h*aZrAY?Er=%35G;Gw9zn#)`J;(Xv>2aFqm@72x
zIwTQla|O6G=OtNlzQD5es(lcgZ*FwQ)yuNuRYUjdM`=o*XiSFUFR6He_>=wHH_PVv
zWM0e^L7r3ToD%C$Z`C}qrot#UTV;}~C0JDA1;#rbh?x%|J$U9c?^>7P7J$7(0~AGq
zp7}Pl^|cBryM-uS-IK|Osp-nh)&e4!7vy0=r_}Pn4KsdKdmkU!Z^W)m6(;Cy@BXm5
zgl5J+jZ7|zk_(H=-$a-WmqNYE*We4dZD1ft8rh7J4Q|j7Am(H`CpvuRyKm(Q{c8E9
zneLU=RQf%t8Q)9(`fEaw&dXOxNmRP99A5}v*@J?JsWS~`N9DP5%48*(F=;Oa1}|}$
z$F|eQ&dpz+g=ajMOzel)vW#yx)C-m2+@cVdoY{Qmb-1RtNt~R|x*39%cdX5VHRD_v
zxbE95({-HHKC__2JN2X5d4$Bjf2Gwl-0AM!s5;>p#YBrv#r<`+7UEG|9>Ih1qW(N}
zF!4m<NSJfZDgqpVg=|_`%uZNzbT>a~D)~x#t~mFOCU3`uD6BI<b{JzHg}njA@mY)P
zW8R27UsYOCq)ShPUG#~3G5ms&W`pIrB)}RXibFRj05%!OsDcr^WI0@KmeO;$Wac%2
zM^&K%Bg^o2Up6JvJ8W)$e-Wek6e?_D(t`HV%<3taxoQ8hYso(bO{a7!L1L<6r7+Q|
zWC@Lx18(es+jvd`D-mTfq$XA1Q1C21N+SxsdnnxyHz_EutSl71dmr53HV(`<E6oXK
z4x1B@(7(Q{z;<8vn@~mRb&q;&HSs<E*q6_pR@yM*Ve>K@bB=D{@LJW+4)Ols8Qq?j
zJh43&f*WSouej0oJU4K+<bPaWPt?S%w58Gj59r~q!Fx>dfx7E$C=LZB=k6q02C0H_
zJDP8=UYz}qcC%Bmw0G=$1bhCRzJ~3DH#BE2DEJs>5nEV}xOm%^YUiP3R*iGoV(NL|
zyKa#G_+BbW>hMC-tR<X%#-div<)4}T<F%pgbKIA$1^%zR+txB9HR`we%aqS>OU39p
z0S(n$DIs>NNvL@6bPrvFz2}<$$&-=HG>z>hKu9(wwxHbzoZgggm^scn%ihM3PshX4
zIl%21E{*5$L&nHCcY}E?P_J)~JA_Ui&Eq=(bE6|F>RUU{uwM+ay4tmxW_9cCy{?X$
zpyDqf%C4ZE`yyheh6Z;xi66|e3>4CM@4knl^ERE^F|j-9yDebcZAhp;EO=|5=_+6&
z5W?|2KI-vtxt$`NLSJ48-%hH=*CczyK1VozC-db2^N`Drm?BgBJPWMuhbiaB2(8Gs
zmTyc9Df*t<+lB$rW1|`{36KxbfjP4u^#;cJ&H5xR5|!0`vZJ;(ylhw2D&vuydnS9I
z@FqR8fyOO-NLyYd(ox;BoywVLCAzi%s~M3Wb$D0zHO43U%Bw4jr;gKJNRPM&(A$Oz
zM*E8DRcWuMNO;}1qZQre+S;hj%Oa+(egcllhmdkQ`on0_+E-4uHeObY5ICK6z6xry
z)Up~q7$P)X??Y_GxwXJ(-~oPfXb#5#$LfMqp0x8Zwh-^zW9~nu-t3*54LZ4fk~r9w
zdX<RJaKa+cxz@y)yTj+X5{i5K<R)ug|54P}9YZ6ah!6LG0YQnISI?D$g@jidE+eAD
zPo6yvXurFA!tX;%cwl+Q*dF{~F+#WKOPXTJ;A+`xBbL{BuTuPFJ=`6gwtJ8<C2Mdf
zP+@pD|6f@*5Ue6yp|+%IQ1S|wHO>ysl@Dz0hzxsi`Cc-qIz0aRvG+o{Bx`i?F($v6
z7RZSyvOJzzHCJ;ewN#Izrg>yf)-qa%#qge06u*5U*G^gZcw}={;71Y{0!x)5Zjv6t
zWpU*b5GJD1?eeN1CKg?&=<qjxm%ctRAJyRNs5tk_R~WzvNN2ahs{l2Tpy-4-x+nE?
zF!%1TJIa|VRuI}Wm+>mXiK*h-{KNo3=SQ`a|C-;XzxKuwN!+)OkUi>}PnNV{XwLZ@
z(7j#-Ptv>W8L=Jo)ZLwfy-~SAw0624sEG#!-XAAFrbHmb-~xkQ-Bz@1)90$4*H5KF
zFTrm1H!xn?mw<<8Hwa%EZ(KB)mr%Zu2*FK1R(Z_DxlX#8l2qJZ9yb8}HVfATLWxXb
z^uxKNO}$&gwJZx<gT|#J{#;)UxP=6+nMKgJVx*sXJg1wlrJXxy4)mNyM?9%jo!eAg
zF&-(SV|2G@0X;s)_Ed)km>X{X93=eiWMCSJ7ST%;qr3$uo-gMitrsugpuwe98qQog
zTN!=|j^?>^Y(h#OPJIi1+EXeHQ3P5CK~U!r$Qg(uOW3q%S!qT2$Ueh8^s{cC^NFWd
zs(iczKPkmzM!8um9}Q*j)(OXz?W^C4Gt4s#zqDFa;alNjH*6(}{$i#EG};^a5f=kf
z;=E9x&d<V#hl2?w37fD#{8T-+ECu&>xg*Hzd2l7XYg(FfIrmxXf~;>3s>?sR<1bTA
z3!Pwnr+I?yv_e^??|LhhmpH*($B+GtuglI`iH`$sy7&q=YC~(y%Z=0c7YkL*27w7<
z=#$Oaa4#I@O?m~_j&I0K26xbL_`41*=+j2wTb&!Bs-{J`h6)^_gVp3n-AcInefjmd
z`T5xa$C@eCiS&}HByKWm)V$3^vv8^?(UT@o;hk_|#K6}R_NYC#CF>g`V`^KfFeMsx
z9d>4Ins*p7caA*?xe=CYzf+5n@uuLj<(3O&ljo`*)wcmR@i}n$8stFIU9!~xTxZTR
z?I*~7f{4JjzFwLOzHvdV(ES)|`0d)*Q3V{T9XvkK1}lkrYco*$F#W!x5;uLH+j+Yf
zhAi5X8PPhXZCck<_=2zX*u5^0h<9}!00y=vPaKCbXYt&LF&oe?uV44tS5Dk#QYGl)
zMRQ0pFtSDD_AMCG>OoMKo_8X&yyPRB+84h7#jST<?(Qst^)MKm+J|EBLPx-GIs!ME
zsNiyvX+gekyz+zV-d}!#vMss1)#HriWH&fQwJzjk$L{Ja`W-%IR(@;1q&Q?dTvHJB
z9`YDEZq$k_3kjDljbapeF9dzL$(=CTi^p2X++tqKzadKtI%YukgN_}}ONlMpj)Dnz
zfk8wcW87w2S~exK{L`o*(*E1K`nDJqt}Ea2Z)3fmo>rqjVkZ<3`!jwO{b;#oq0P=&
zfsc%*<|*FbcpW=CzBxk`#%9p&&N;fyOJ+dRDo7sLIotUY^nedTVLsbtlC!a7;xb6?
z?Rao`on4Ps$_^Qrla3j;PJuoBwYxls5o%GK6`}QKt?w5i`{#xW8N;>jzI26H99GO%
zG$GHx+3-Cp!DRjHo~$*3u;05XM&8?9)n7a8gx+Zi?W40qfJ4IJ4tSPL6Tdu1?8)Vq
z&XBi{F%=`3m9GtZA*H2Z%6tcGr+B2VKzZ`}h?1i%fnxLAo9_LqSNvvhQLASh%_2EI
zJHL*1wB+}E{gGSai$jKmfs<O7nc3hc{MgyM&0Sw|BwTbvd=M^#YN(z+So&`Yc<9)?
zbudvVhnzf81?X(Fwo~J<rXOZz^}a8601diTe^ln)-COY7Bi!%8@;?>D|I-S~=u*t%
zq<|@HDjh98MnK4KNNALC@HFw^lf0Z#;9=Q!-7DElB$n5O5w1~66lTV`Tm0Y0n=1M*
zhZNpCKeU%rE-BD)XX2hEtuxcND<&^Y&%JEqCx$+KA2>A#-BRaAvl_(NZ(3yt&(ApL
z!4{nWBO|w0Q=mtfz{y!mOd3eJil*9}<=U}1bDN?3s`PDMHQN`{dBD5=qC(=YUP0#M
z>TWojl8ItQuoKN16n9~klg_7ljbql0gD#q2$8^tYo~>le+<?=HTvM0@mm=GsL<gCO
z>2vr5f*S!!*jQH@0|<4Hjuxj6Gi5%3lPeDE_XZ=hEwMWHEN0#gzR3*<rd=D#>5)db
zBwAVm7_A143}Elr5-r+iWg2I|WIy}~p^YP{<V5et7y*n!?2=4r>XjXybVJpTC*e^!
zR!XgIVR!WBnG97G@uG$3TqnahLw2?Cc<&z|zK>Cwt^TMs@WeeJ8|g-{5lzyGj&Qkj
z;<I*<#ZKf(d7eb>;rLAl?q`uZmsN{f4G`9FiNXjKYopZd9ZTfLNF{c?@qsjL^H!@Z
zv>0%Igb@*l5#%X24e8n{f*rT@62CBq1gKfF-JE4#2YL(KWF2LLKaLq3SNsm@5QeWn
zR0?AWpC}*Y!MunT6jQC77a%Bsl?n+SP%IrO+!C@>x6P{g^2WS_W|DdPeZ}!Q#Dmca
zxGSX?+6EnuZ9p<3=LF8Wk<V+u$bV?etOQor>VuEaQr`C7h}~y}jt?coPVzdS;!_d!
zIgATT3Kk}gnM)iM@#W4?Ns*<ZdEA;A*NCTOyNA5@!L2{~CEvwtF8MHroJh9McHTe}
zg=AV-xb*Qmq~;=+6Sp;o%LT`+P2uQN?0DQ@w-@bso)XRlAgx?EE@+QCPFNYFa>K<c
zaL_OWFVSqC>%~J4k)C(;EoNMO=S6Uv{4c8-=}&j^UZ{2h3PJ{pgBk)(*8D^mZo3)7
zaDIfwvb#s)uEO9&9uZ!faLL(s{J|0|-KDb;Mf6#>tDX4vt1Hl+u~PATEQUM@mgZ~o
zv6w7EMG93Ljcil`YbOw5C~0cvvng>dUfxw_pGihZ6{J^JzB#$VcfAj6&{ls8rCDD-
z3f7D1UGfrNQ7mv?LMiL=IYzlzO;onu$6K*9f+G;;D5+H8RjLGTcwl19KY;&Is0H7f
zv4`o=PnCq2GtNbxKKEREFae1(-lm`O&7-o#;`o}R7OvgQFb`<8-+kT?3$~xC^ysBb
zdS!JQrf7>7+77G_vrIfJGWRvggFK#H>aWRFU3Ja-wuNz%d2NbNB1V%G$b2Nj@gAF;
ztcc~dDUq_8Fms<{n%$2^tg86qRziV(pEDY}Vg^Ko7xi!zb4<ZWvnec1+0%Nt8KpW~
zUXIfo?@Q6=T)NA?+mhQI4~w2_SP^4Mw|q<HbJ|`mY#JFpoWH%5UQ?dPiH(<HWnyc|
zId4KAM60%#9HVnkhosV*%teKnj`)Dt5OhRXn*}9b^0<@78k3Fi7rE!!?>EC^ytf*J
zXX(4wc0)sBmUUFoiraxcSC>BC&66n3f!JMCaJ)ypXo0mVi1pqBvNEi+6$9ZL<+*e{
zz{^JTHB;4ay=h#i055yiP<7aqMh35?(I*`ZF|B76?~L{OMFC<qJHdT#X9y}c$a`J8
zXe^AdKCGciWNU7$mI--=1ZucY4+#e>Y%1}Z-f^MVcN%0baY#h86ivEoDFGjLik(A_
z&9uzWLB7KA^XhgA$W2)JCP`za1hL(@)4M@IZM%VyIsB6jJ(`k%nVaK0!|mU_mQ<(r
zCN0aVG6zSd{UvMsQtJS(ZU!_0%Z4x;7S%u>FwE%?dau7sQig5H@#uBIhJTBX)XCP`
zA2SZ@uFaAc4=c82U-mi!<t!T*HV$J83pJ}3jk-mhcCM3fk=G>j6(2s<j%Z0L*YH@{
zYgbv594mzoB@AMH{BqV)FA?Qt0gjIEI@EY#o<%__%LiI@9(ulauKj%5>5hp8ZV^KT
zJLR_3tkJSw|EEnOO-31}IhWEG2`=|0Dy-zmPyA)b95XEdfpNZKV+Y&X;vASR?Bkz-
zWV_Jg94}O;q%8xxv2BjRnM1=;)o|MF6d~v!TxVWDtl8(PyqRgg`BbONiQ<pK_vpm0
zdGi?s8GLW%nd<ADDWz@iJ3}2nvAe06%-_q1Ia)OppMR~}?8vtA<ZiC;YhJM!9bw?#
zXbn-7O7C(i1BcPU^|kZ`1N6wmYWmapZZfVn<<ei%D{+P1FF(b=RP$9XwzEswuTgU%
zakP4W)3Z9;QJYl)=jm?b;kZsP$=@u@gBkU!u`i_9%=eMmXxk60)oSa8xpjwHt}5)4
z<YPO_^^63^`7ROTrj$Gz?Rq(00F%I5AsoIwR5~WyiYd;Z;LGZ<={?7zvexiy-i%i|
zp1dbVmrdj@*+^)rzJDfc)`u#S*_<e#_NQ_V!X<NlRGS6WvSb$5)xXVVnJS@qedRJe
zkF<`7iOGq@plcUk;}8OF81fiH=S1Zks)c0xPBi-WJ4(w3Y7!)BPBNN=R$?2qOx^`u
z6QWgtnW1D9%9iUeEVYm_aT3(7cXQ)VWn(*FnlL@3Iz|9&=s_EVk2tfiRhG7fU9Ld;
zdb_aQ+xj#lEx5*Gdr!#tfvuS1`KjAHlPu>pc@Dv?*5_j9w%a0{NKI$sMq;WFxzDQY
zmQ$YMIvF)=zI<4`&U2i%O>+_Ke}F!VZ2SY!h+8qltu(WQ0EItG!O|=l^d(XDsoR+k
zHoQXB3&JB>WI-u42B&vt#$kkdz~v5>^$3!h0GcB@7_RjwU{lHX6@Tr+ptz^`w9HR=
z&D~{7SFRep8p<+C2yo0H%XYs(Uw^jxur3c?P@$?WQ>?S@qM+_cr5hzZCjT+=6XXbC
z_SH7SbD`&ZXj=@sU3?tB{NW~G*5z~MQjA^ORF#mj1dmOcAmFx7(&A1<;F<|-__nY)
zlKGQoc>y0Dhfd4vyO)mi>tFax<z%}}yxSBG0)fo(9Z@)A2n$@HtfrFagS*i<%`{q=
zemUaieTLv`{^6HoW%-X+Ag-L!M4u#DlCDkq>JcIbsY1R<P}o`PiJAH=FE>B&sLj~R
zF8P)=Cnc7w+%u1bf_Qi?4kmtH6Q9s89VVADnqCP1`n{>Tb~}+gf><jnC`8vq@3n7i
z<C1Ox@r5t>O4R&MP)mnRQX4j|Cg&AdzTKrsPUdL*>c*pdC4R)JWpd34@OiQ^F(n`V
znD{o&H^aITNPY_L^M!>Rr&p%At8HgO|3y{e1<VW%bku?}h_v(5)zzrCK=el8wjN@W
zrSA(Ye4BE{_BCID@BJ8e<xa6&G$$n+>3}&-cE%BsoabP#s%4rd@+5=foogiLRISe6
z_p`ex8*Wc4rmkw+A7Y|%_(j`nWF0E<d6)NLiijSQ$y06P0?CTu@&Pk4Tfd+ZP_^-x
z{jaRrfPrkOQ4#<Ql56PzZ88>$l9d?>F*38`g=9x=JQ+sr6<Zv@Uj78(?xI65r<mXR
zWx<bqe~3R7=JZuMkGWW=GMbE*(2*k;YPwsh2$S1mN2(xLGeRFurX54;Y<h%j3}kPj
zii{M#UQFDxc$d0lD@P~t=wvn56?j9+Obb+@73{cKH7QWwGKw^s%;mq*K;pcoa#6)a
z$~C5ZV)X}n73PTOv1b2{u|thnBO{xy7vW_h(CEZIZD-=Q_#+Lm%XEq>+jasKj7k!p
z3e8a>KtpG<jPjDiz6PU3&aoF)QopBUQ%3^|jpXvjci{E+U9fz<?X>(4Y6uS~wPkKV
zf2jeR@UjfavZ|qi)5zBA%y80nYFP|w1v`WCwRGcz+)ucu^q5BIw2iEn9o&52^zgHZ
zp=aIv{t{vlm0;;()n`u$N4kPpsX(8RLkftpOp6A{K65`oJZfD9o_746<{d?)U(CAi
zWSwe`Jbv-~OHic-1D^gT$ei*D^8~_rV>Zyq*{@a!Da<wa;A*$)EF@MU`7OwletfO7
z^1+KJoqo)0W<592jB{$G85yL(iF12XctKV)S85klOF!c)ad<Zxb*;gcF-RE=CY~qh
z028IliH&)_C9Q(I{nYcn223;J*Ax?*Bt@FLFLVtA-Hn6!dtrSaALpIFI1uwbGsAWS
z3nUpra4qTNG=t<kPkmi7!CxASg<8R@1-AibNR+T|gM>|A8LWi>7sgCvmSJ-)$x12P
zERUAEpI6nkV_|k*{P3;#HF_PMQ$VEM_?UYB);tues)Zvf-JJq@%^BL9ou-|7Z>=&P
zXt}c_ETUjZt9O8%cT)X3Rq&p*K5ldt{SwZEw$gfd_EVf|=35=!2J=Vil_$#=k7=&L
z6jx!~UfnF=T!^cc)zkqzXKDdg>Eqf{w<;?m?}|&)@EUeqq2YIz)r}M!RvGepQomF5
zG1S*5B+mYBXI_nbj8$xjOC2mNiY3%bHSn>3mb%uF`t=z>lYvR)L^VbxbaFWJDHdH)
z65$h`D-C~~N_T#i$+=zT(zJN2VHinceil`FzmW7=`;mcVU~#bUiceR2Y;@Coped~(
zxSlYB^>5!;owd4Q_3kj%TB^k(bHK-wxBSU&-?tXh0r~<ZAMymli5L|;SCV95X{Dq+
z@KQP@>t0Yf;nV&jsPrO8iJy`ASkNuw48zR%NxvuC0qB|=SH0YcP71~nyH$B2kK@<P
z5P4aJegc7;IEMMhML59B3w$P`G^<F`1sTLdm07qQ^vLC_-NUJSI)<vj7wYNIP6Nm%
zia-eTD8guVn=I6QVa+0FhRJes0$!`nQKN>ELGAnY;zx7%*WYF@r^l?Je>`3C{ro*n
zM`yfJN5-tYy#_H3W++8YSk5Y-+xtM+cCI3u(;=<Z#xVKM{hz1KH!LmOXS>apE-~rS
zxBvhVBEUPoSCC_;wt>OJ!L`i<MM_Z_dW_WWWAQpA*?%M~@5Z8&{~slO7rjBMJQ^d|
zHJue_yL-VZ9fQDV??;Z9lD<uyJoxqRaCVNX23Z0vvJR5DE|&7|^Eh>C3q!jbc8IhB
zCFZ&jw+xI;zhIHkQ&7I(c+p5jXuR3MFbZ0lU%hWR>C?(G!7`72fq?jCmCn3DTn<%-
z+^>tAp0+Zy40GtWch6hw=;6Hs0&zC92856~HF`(eXG$=QGjFQ1Qp!^nAZN^51@=7J
zmr6Sb>vG3fddgK;czb8$Bj>ABF+>16O-gaHx<l=mW{WkBe_ZAKc3=KOZB_;M0~d`)
z<}0cD^O!QorrkUeJKFZ$Y5E*Vs-O_Xr<vnO2sNGVy7JT`M#tv$WP4$M0|=z`K6ydf
z+S08Y<8InI5G+^#ao$wfv~#@Y96;)PHh80Z{ckEjW}U<T3i9SpSTB!7<n~@2bif}F
zt~I9k{uZtUl%oNP?%yw5YXHOnKtZyz_y>|8Hvv%8M5Yi=%vK@)3ht&pR+38FgG#`g
zkw|-*fFJ(^ANxn;MEqTqNi%6BBHNz&lPC%`A@}H4KdK9bKFMK<d`mXUA<Ahb-5Hji
zD=v9%xA<;05VWSVK`WY`b=&A=?%mAzf;u+qC!gC4on+0PeE(}zqOu>>ij=xX71h3Q
zNIE55L7AJon3HKQ!moY!1%Y!8Qw(VdLyfHkx)Tx80=f{^K-8x5XSQ$k(4>-w`jvgj
z;~lOqb5w|zpl`_#t(+1<p|wYt^EO}=B~iEZUhQ6NPl}c?MN|Ay*&Jps;pZrIWTl0P
zA5Rpzy>U}}?M^zv>3Z54I}bSeNH@TnX0>^=ceKy#oZg0+y<hpj-<we0Fl1!qQoV1`
z1Mgp0xI)%qL-et7a~~e5e*gf0YsnA)4R$8Y|M1uU0~~uXWaA?s#2kMHA@Obk8hSBX
z7)8lF6qSJ+;IMS30e$K|H$XZm!RxRHrV|H<IxhEh6Z0sPqjP|m(szv~|FA6QztgxU
z@R8~K1<SPozK-4yMGUwpOVH7vdJ#&N#+6C9DSoNN<J-(w^^*do_qqt}#>RxniaP;}
zEEXj8_R**2zT6h6q7%Z3>>c5%tbAvjcSkVn_*lgPg9yfxN)Ej{2`L43tKKsOHQ;~-
zqOz`+?3HOny)F`F{o5|;&CJ<-bx7;_9FmrZAhimLNbt^9RK$2NyI<Q`;G2B+)cqPS
zf9yMDAS1FQ)-6a%8QmFx^FiL^KYJH}c(RwfY$*~rp~urH!Q8%7tYHKL6g!Kx8wyxv
z+nc)Y?U9rdOz{__bH7X%vuLb2hI}louzFkb2z`w<SD2{uFXa8Ji(w3x-A>XyvfJ(y
z-7^?9TR$>y7HAzFxu6?!U{wASG`a={Qk1CqVN`3~F}*xr>)y3ta$ep&KF@1YRSOb+
zjSWA1=j)d#&+FB#d?T?7jn!q%P=!|-h@?vq@v@Ak!qf?ioP>@a>6L(k=iX>dC*Eiy
zpxE}z&kwqK^<b^bPDmCh&_!*Zuar>U<utT=yw;fTedQ%3YCH2QC4(&8Up^?jqcy$O
zuPn5qfE&B2K(r6LIOnK~f1klU-sTN^y;UP0c+%<p?)^lQ>@ppUHh7o(@rV;Jl6&Ka
zxBo%?#(#uEN834rGshe%TCq^u0+1Bp8gx%6<qf3(z}Q*Bur+hG2)?Re(f-Wx`lve<
z)wk7fF&A#5uDDt?<VUp4^)kWRft<wXC+JJUPf+~9Ptdc`vKMWJIePJ~y;S=~{3*Tg
zmU&9SX{&o)db<upgHS-qjX&on$VBERNNSt9n(-HZ70zrjLUs`><S2HE#W&2#3{@Yz
ztHGZBOBEyJ;!n^pP%h~X_z9{8aBzS5H}!k-PmmIjEp<SK^Sh}4lYFuNCrEDYswALi
z@DxQc#*iy8r0l4F`TIW|>*eo50XOvb4gBXN@_SkQi+%QcS^QoWzs>D$C-U11|BfxP
zqkg-_|JknbZ^)}wGh`Jg^$Uz@IYSw=ZYJ>o9IXPRErxH+g5;a-c4m5JEJdAr18f_~
zgS{F3R?sG1xUH`3lry90)$mnaS^p!s{;sF|Ui?;9%N{!9cyD2}0=aK-E<(ytZ_8xp
z$x?$`@^#lq`jvsE%2>;LSZ=$^-*jU#`E8F!J%n+mJdW=EsvtWU786t#zd_MH{@OSB
zraRvIsdv>66dPtS#TgKTVygTJ>eq*%6u#dlTjH%YOW*a(yPeTz?7G{(&->BpcH;@I
z#uMI!2+RlKdf4ZcVMpT({pM(eJc9%0q9Y8;Vo7(Ja<A_F9(A>-?{2}E9fML9(kY<8
z_#+D)i=2J^za_ZKS|{MZ0pd#Cn}Gw|V3c5GRp5=gd#wR<ssZGkk2<zqF~dL|1~^MS
zOQRu(sgg~|cuW}ztLQq8=@#;y>Iq-ri^@fR|4Nm8usRT-6cYbdYV;<2*x)q!VpV`i
z-bP<BW;O$}b5kBeVg{NonFpM^Asax}B*r@jJ0d}jq}Jc##ahs;#I{x!uRx^5uuH}}
z-6Ct4o|@C_86HVl-bNvHcWA-m)w8Y3FFrT>*?4)_`MLVsQm+kG5mLXBpUFxzTj4$6
zH2fxq^{YL%z*DKJh~BE9iVfL~tKr7sUkzhia-G+rhPou@S;mjg_l4H#lWr2d+YRwb
zZxk3V)(<XQPOi!6aeOF`3pV-iGKglSl9NC|YU6U)4g1_<S_fVRg(pA31_*EG<Q@il
zyzi6A|J<vqpSQX;`U4<T2Ffn}NyFwJfF=Jg`@(-Wu#v+A%;6i;*I3Ux<P~upCIlUD
zv8%0$<=vT&V5oWEFD_bdl|W@+$F-^OYK1N2(BEb(H?4H@ND8NVm0jhOfYYxCN?vZB
z!<sB-AXY{=%z(U{hzW-69mmg5X)KU`o?-qk|90F5Kt)}>u+49@WQz8P{J;MRuo0S^
z52?5e-rWbA_rt_~4PWO)erIV%5>Gk;)%QP5WB-d60u3-bU#XJ~$iAUKn_Is`0f6D=
zcE9GG3jj?gP9T&2r-A2x_1d3Kt(oLW10Wdh?niI}3|bADxddQ_yAL2WXNvms4EMi$
zVQ3ww3<DF~e_ze-XY+fd{oXgfZQ5@O{oCLC_MX2Zo8NKT-$b1N#I|XhC;@9mg<{Ug
zqnItmh-hf-NTJ~X)^g%D7rW$FV?#sxhgEMtn{7}hDD6GT%HoWa2X-Pn!)EpaCiBRO
zC~}N|61ABX`QzjIgk%dKZ4EvYzUoE^z5ryLa-*#tqvSWTusO=z{bUFL&^xP<)A{V~
zEhHFK{?F-wU>=DLh?;we_S9+2UW^loS`VTC^N3d9a=^F2j&u}&J``*ql^NL)kER4B
zP@|9UOe_BcAwr1U)VN<Q_WhR&*Z%>f?Eh}uk1`Y+3+U?1D^bGEqNp)?uy7NSD#;Mp
zSxnXfw03NO#^QjEGd{F#BWE@t_waxhc@~vHZUPjw%!v(vn$#~vseicth1&#6fNzmV
z^aLmr8Xo~ECl50^tC@|8U+PY{6>3``u)K8VKj-2gH!>K=zW(TMloT{8rB2wKdd4y9
zqZw6<)eExM=1*8#&`?42rJkW=){42M5eIKmu>+f~BUEvXVTJnfIDzA?Z~G&;w0Xq%
z_d0mUgKvsEmsMPza4N<o7Q5LZ_T%T{`8er!%<lSVFq4dty8{r?kGli_NwAWMJot{z
zfy@oTK*%50fh=@71K0>0$mY-Wpr4@cKv^ZOP8(43mc&DdFU_|P0XI%gB1hHz1X;TS
zC6_H&$RSFW@&$6Z3a0E`6siw~)yV5dR=PW{&Jex08^A|rFgq2%fp%`edjR@L2IVb+
zhdO}4r2@O&We&B8-hcru;UZ*9+tx(qE@F5YnH#5M-wmxxwh6ag{0Vxa5DCm50`SP4
zm=4HjGK5S@n4{Vt`oZKqC}}OK6gW3^cIpxOD`xIHqy$Z2?<1p~kmP7>@>N;_Ad->p
z2VB7>pfwgF{%?Gl{ab2_rx0~;nwP!{dSnJ%^<d`k(Q#`q?j@D38D}#q(_*FCn#zs?
zxO{KqQF0p<Fzo2yp|vfPogDM6<7wnVoN}+$=~H!07~@$4Z(j7Q*sB5sv5Qq!u>42W
z6Gc1xnn^b<w@7@~7vU(|ciRV~r0P3xz{>v<u<qDD(9hq-;{U~n{a+ai!1F9bP5fyQ
z{j~<>=y=>;%qn~ix%Q6=0{iFdBCk`zeu9?7FlQm_*;Rn@vxD;%JrVi0Gv~#RzoO(q
z7RM1nfW%%d08$k$BeudyFlA!oB$*aB5|;vmA{>w5$(!y%(D|cK9trr|Bgi-4IQvoI
zf6{*xM>|lW;Y>J`MOX_!rE85q?6m)ZTboEy7wmjqJ+he4)AbpwV!Sh|>iuH*qI5?7
z5bBcO$8y22JOzFE+KJ-rJT>c3(#&jML)3T%VR29a!%SqkftPs!H?whYeGtF3buZ;T
zCrr);DslCc9V15aVWrULL&-U}MnH*@k|9OrUU2cAX{vU~PV=zObCSC7s%+;(QiFZd
zQlfe&)SF*0<gD+TuGQ?sAHCnS?ir$l48z|~#X|K6K4taxsr@ilxGHjNy$yV353tHu
zqGcO5+nO2OL+5$En(jC0sb)=S5+%8JzFq5l1%jSq)()ahfs4t=Vzc(VC`RnGeqffB
zg?6svKu?rvhxaoq5yWK{F)9=UQnLr;yfI7=(uZ7bv5U>pn`pcH-p#&i+kPdTG!hco
z4|8%xl_WI6#zN-WL--a>#TNRGwhM|@a7Sg1S=H70KM8ESC=5U5y>)5gqrrEOXt9O{
zwF|{ay@=@cgj*A31aq^;9ZLMJ_J;V${XuBpWPbW>gI6g7obo=cqmlMXk-Lk-#vbN|
zj_rO1_qKMT#Fo-Q%wAckW!~f=edvMAI3VR+L7bVR7`16!!YiU?XF?DHm0U-W8S-H(
zJ<^=DAB^#}dD3)!mp(}*hi*e=vwwn0q5weB^J@EMOEhTJ$Z@1zq^PPYRmU~w<5p0Z
zC*S4h4;Nb^-lb`)D{~^vLrRU0KD0~a<N7!@(hF*ar?9Kum;gVpc)#^)lKkonvrH}0
zL#&nQhItWgGa_uVo%thcK!nz;+C!He8Z7T0uZkoz{%}1Jdh~MEJ_KV2!{)Th61lZ;
zGT~}s1y0|)<SAM%x@Pvzw4PqJkK-idU7mbxFd!F0BQd%-rRsNzUB)-;Y461f+oWMk
z3{rB8=pDLF)qo3C5n1pFE!JnMD=n*@@wHXl8**W9Z`LAqV(-z%R4I$`Di>Za505p|
zX1cA*<{rPU#bM@1QUf#!DW9kczCMlRKC<IIg;sw0?(3DBXY<seqUO(YzTxFP#~8j`
zpFk|d6a&(-<M^|?4cMq=G#9b@;D%lKke6qEH$!QS=A$<;>9V{lOPcSlEhKhj+3`LV
zo|w5&!tx@{!nHIrgAcn!+IC^LZ+man55wJoj>DQECDbgSO?$>y^k{9p34G=f_|9N@
z<)dv^j+;bAKXF6fj;UQ{P0`Akv1Y=PO3LT@tE=_k#}4wAcii@qK6!@)D0j^CJ$`!q
z_*lKibB73rYQ$ig!e!2kw?_qa>si^@4T@Cm;@+>>W`<GYC3DCo*ee7L9?~2rQc8lc
z>k0YIAI;CX&dKJr5#zPnJfkc41p_O=&%x{fu}y{vE?rbYe2trF)i{qgcDq<zUyO+t
zw=)vrX)vh{XFPugakpdJi2wR~l?5(xHTCiE(@w({HT8R~^09SOW#w2H+GfRHa!-hG
z4@bL!Az2XTcW(j#P7{Q~9QgWsWt+oG)Vyc$-#^*i$%?_(KbC4}KW|P@*aZU=NC-Wk
zlX8bxJ!6d*BVWKU?tLs{An{&EcsA<YKlzBk_v3-8s#Zfdt@mkP;YIQJSQq(WOksjV
zxskFKn^E}t37zaCw}7m4wO{bP*__u%TQt_P-KN1`>{Tr+ZJoPQ!ttn}XRn)(bL+8)
zHtK>T=gH^34XW<$z7PfSO+cC?ijF#}1fzR)n1LCZFb-`Sn0sO3yKEez0wYzv9ZuqH
z<Kt~rek3G1Kd3LcK9+cBrRyGXTSs4KXIlD*Ff0WXORt|G7R<uNLkKE(VGTMwG#GAz
zXJ{F@({_|a<{q%jXP#BQ^HxoldE|sNGtK=X6@?XK1#BY@m`y*;h(onR1s^0RS<~Rt
zUxo68%!s^dW%zOmBFp$?!Pzc4{ee!$v4^4IiKb2@r4osHBhzFNX@}1Cd7Y`k#8nr;
z$eyu7z(W^ibpP3er$7HM`6;>X2JmlLa0Metz#8X--^Vi*reqNZ))?Gah~8LF!jxln
zoKQq^&bMf`*_7nx4e<scT|gR&dF{{A2*HlFrt;u=q6n@b*@00TBh$}f{SbD^Y?wYF
zx#XIn#bkQ{S#xbxI_P*imF9<Ox3gh${w+OWtZ999_F%;=yHS`>y8}8GV~ZM>Y`j7S
zjUZ&n7D<LbL9ZbCA11~e<Dtd+`pu_1FJ&q+Mid!ys+bDD=089&AQ%zAh-az7vN==;
z6^!R@#_)~<Yc)I}q4<8QH+Rr!zpRs*l9fya!6(>*Tl6@2Dl&?v_Oync`j-iD_i$d6
zY?E3WjgKGA!dBrnIo)923&}Et)2j)%vN}SFDt5A^g`ML~>pdNQ_l8JibUAVs$Pm7w
zUcl{U1;kpw9D9c{Irz<ucm&U2#5Y2IC!?Ic@JiRSN4$^VY`SyC08g+$(lkPOw_~|s
zR$~4O>8v-j?`F00?%)v7HFN{w0HYftGAwLI%BxGWyJb7npTm4DeN&?n$x~>1)9Ra!
zvdMAb80V-08_B#3psg)Dd*r}jHd(#>0%9*SzA#JMlw#8kVfNY#FvGXK6d)&@MdUoK
z$uduKWVl!zVJ3R_c?Q2=+}up*b_<}AD20<s!8Fa#_(nBh_k7kxT1V0Xg!?<62)&bk
zXt8{^vMPMVVGgP`I|pU$-3zM-lsZg}6p|vy)~;z03`Tv1VP)lkeGKV<69AM?lF0&i
zJ%T2&XTBgn$9dDIDgKIH*8RXjhx)E{7vbj{+5iXg%F7T&<pK%gJ5h4f!l!fYB`wAT
z_p*)Ydfk=oJ+lGuSNjbQ8~m3ALp&x**h*$D<TdNkkhDm28uwOSEL-ur>z|iC8X(pp
zEhQ6hK8-UhNC)u5%<X=l7}JwYRv#`C4Q7%>+dB%Lp0$aOOYUF{PwHTbn<^EQGsLqR
z=pCBO9Qr3|OMjU&(9i1Kh@IN2pMaq!qmHN7&k?5rNf*iV#O8coB~yUP@8>G-7*Dsg
zv7eL!{m6MB?)=H%I5SI@pBb4$j&KJzy0Mw>t7nBXO;cET1rM+jA)xq+{R%*L+2QEn
z4BONznTz|K>P{Eu-~Za<u-rl+i4<`ICyxZ7()_8B^0fpjc@59MGmtL$0%!UDORG{)
zFmD%P?~oo!Tp;|Z6!ACg8G_wkk8}CN^8LTWc8LGy*(?aqlLja!hdSGBQAewV$W`oF
zQcykkUx~0ma}X!!p(5<f4B?U!@<>MtA#1j=y$MigMZ58Q)Yb?f{nimdw@Dlnqk^n+
zRwnJpPKc;o;0D&&EF7!<0x-rNklAsVFa;z({5n1>+&>|N%Dalfo*Hm~k7d8hEOwLZ
zCkQippV5@g`P$c2MgW-KFI%rd!%88cV7mPX19c7Po2xn@225poI!gd8la9Yqhcze}
z&wfT(p(otM(3={!Pi8R^2^R?uN~y+@tb1o7LcaqHTPrU#_qvf|y*y6ll|mm4OeHi>
zP}NW*=$P-=M(e#H&zKBhkCGq_tzprM%AqacveyNhwsDC(AA#Y}v1K~jFJ7eX@4<p0
zv+t2SWhgMx*6FNBVOVyv<fWsY)<ylt(dc{J&fE{Kb?|8}x=wVmBN}GD+8_pztoxEZ
zkLF+vRL*Kyn7*T^rAhQtQ=ZV>vgeGwD%fk*=B%u#f-z5Dn(k05u1endR%G;A0`KF3
zUF*vtZ`5zKrz0CL!Ozn+xSjAFTtJ5|#zJvhsO-*c$Hv~l&$7{H^`A$5_$U-9+}P;t
zG3-m6Xcv@3wWlhKD0F8TSB;>v>*I`<OqQZkp7%W|LYHA&(63Sa7>7;6_GYR8(Jt2)
z31~2TFh^yzN|kChMdV!yEq)+SD-n5y?P?74n;?i13%6T9W6!b#yW|MSv`o8BeBS!t
zQgkgyE4nL2@lA)TT=H|33pp&}6%xfx+kLi}0^M&8!*_FDX3;%u9al_Tj-4JQB}4=K
zu|{=_{U&r_Wm9%;zdX`>55+XqoVQl-5b1N`uCmwlspGf1IG8bhU#}<b$zU@U9><dY
zKsM^ar9>0)(+(Ea=&T=SCWTz}TJ*jSTwSzrjJXFAIv*6gZM};>m_<ctoFuct0R5EX
zaHc$co6k2;XMB@uWhb33H8Y0ZYqkqH`SlpOtF8yGvLF*gRinhH+03Qbv|0;P^}A|}
z$UMWl|LArf+2;FtlDC@cj}=l=cJhJ+Vqo1_WOQhTQ!AT3sClQn>V1x+Dl8pZygi%>
zRJcyQuZ>?PG_!Vu=eea>XtRoiSPhhGmoGouKUEz?6!XrJ&LS}(`j75^?IftGvpIJx
ziY@vHwymG@7>0l7Tp@-W$Cv=$a*Fc7YkNZDpb5!I<!T0pme$$a4jq`s(q-s;lGtkO
z@V*~in;|o;6&2mt22W)NpjAOgWTOh%GK2U<Pt{ETe&^%nr-4^_!tbvAC{moyjEaFM
zgt5Gre^b@-D2Mk>gaY15(yM>XTlclDU&MXmL4tQIMl1PQ$@ugSq8Ukdc6G*vbaTd*
z&98}RrF$mabz;z4x$nLi7KSqgOoAvN@CyX|G)mOaV)REU3$+`3Mnhv&$!D4c*Rxe+
zZ*w`w@1bwM&AaCl2yb5HbNF@G6M*Cmu|vKA^OBix!K2NBytTuHYLE;)x6heRwX#QU
z2z;jZx!n29Z4lyJEjbi~W+?k#?7ew7)NkK6u2MphY+0wWg^+zWNoWXBjD0FQp$LO9
zQ)J(=7e!gJn=E5zlC6?`3t7e<h8b#1X6gBS@B8=se%JE7kNbLl&wX6?b6ih<%)#OK
z_$>1|&-eL0-|yE_1k~yW-re!)JK{Lx``ln!+gtYK;Nx~44@c0X&bf6`uGF~fL$i}#
z?aMZJCkT8i_3<rI3=r)`#)LJdGhh_GYyLR>2;8t&m46V3^89*B$uT^nJ;Q=2a#YYL
zhp7C^&oSN;2Aa%AGhnPO41QiqsK<HL=tQi0m|nLnD*DbSs$T0XFFwS3cBrB0WxNJg
zvdA5&;io|gk5dMfx8`f)sGMnwtC4^X5!8C34nmbKB%>^%&0Db9+nl>sai85e`sDAk
ztO;DcYbMCad%;LXeZ~Y^sV5N`5^zpT@40GW#dfnh$!gE=#T=EJ7}SHE`PM43)J-4!
z1I6`qqvyOzFDJY5H0Otz<%HhJ#3uABu*cxcHie`_E`LB6#Q8>2rHkO9?^E=>@5@%?
z8nk8<*a(O@KtMXIDmFO}B(hiOn#c(xAHeMjFI(49sA-N{>ZJ2$&qG?UG0}1QlA<?1
z6}tHqzvvWE-`!O>uB?g&WC<AQ<Orf1DRCU(u;9S|hXzgeoF%QT`{fu*b*;hU2%ms6
z7g?kEEYA49m{3h9V)xEpnE~DuF6l#0k(6cb(I%5ywO%%UQ!_iEn5L!N3$$WrR~{xg
zO6MFxo#00fg6a9}^P8k2ABIH!bhBx#Gk<YC;Z)>}u1qj|8|+3krzO$3=tEd8s{Epv
zu!%(Hpb-4I#hN*xd{br4wd51SOoynO`_Y2w&x-HcuMx0QtPA~FTTZ}~IYg+BUc#H{
zrCGKQJ9-7hIShT9tlhbWbGyfWDZeHnfm7=7i|}CBbPkD~Jhh0P*6g;8rk+12jwzT>
zhE&M}oDqYZ&*t%+J=`7DUy2E=SHZtqIHGTAV{*Yb%LIgyF^nb+y;h$n!VBb9*Qa>M
zIAkW`hlAR?VPq+2T&s5()w_BGVS>XD(9u+|=R~eRO=Q=^uHE57&z;SqT&JI#Cq6d6
z_Cc%}EBuS0=P<G>kj@?3-Ox23KOEn7yHq$Z>&-&s6Jmy#u{gVCVII@6?KaA1Fh-ur
zNmeBA>JcNR;5myDPkgt4<!*SJF}1B#dawH;R{pTT@tmZfXV2e0u!klCNUq{}cBB+J
z7UK(WXtQ~mN;NJTtnS%!LaLD);ofRTa+w74ZtCj<-wZczh5FRbAYbZnY)RggHVO##
zgh)H6ECrz7=az<+d!63_Xr{jyfT}qSz=~}Nu+vlYVVslS(D-P|WwHb?qpEj0g`gH>
zXu)Q-Z=BLQr8Wh-d08-fG{yiX(^}Bte*4v<=#?d*b{<+X{ZK!}2szX)OsJaD>39I1
zR+i)y`Bay@n!Z+j_8t>u08@3cs8k(d14I^;2W!?o2xrNWEXCBg`nFWNsusH2$Q=7k
z%4t-`C11=t6LbPy{=?hpW@=4``}&;CiQ==zwLWr3OHHy!<E9Tn=`0PzX;2)hE)*Vg
z-5uCPAVKdR<~Sz{TjwR$aU?x+u?B?duZL|8pqx-s&|9=B9k~u1MIG7uX8LT)xNqq6
z%rTb0q+ON!1(Rv-lpkt;@~Jd!#*Pv$eLlZ=*D0cN<MlRLb(}g&H!MYUTtKpXg(okS
zk|RqXv>cpV^iY3rFiLeB=W$)OTzIedQ-!nBz~O`?xN@`v9uU!o5iH#4()Nbu;V8-j
zoqLKJQx#XnU1t(!o?M31@(uRw!1Rz`=9%di9N{dJIJx(rsDn2dgeBucK2;;uPC52Z
z{fvF?&#3wtBL=>{U^qn10?L-qL<BSOrar;3Dc`t&9N)$6lc_SP@apu>-DghT9dVJe
z$3JS_o_P2|>f>0NZMp41(Q1H`h#j-(nGkd2R?~}$t+kOkV_(HB_US=7b2lJ3f?Dz^
zC9(s-AXZDH0`A)_$@V4Fc(GmYc!t2LWq`A$>M=&pvv91eX%=3U5G5CmB|schJ9)F`
zve1t1&F{IJN1gX7kwg1_btwfL10AAqrd%tgm(^{5j$Q|1kptrXn3kdNONj{E&yceQ
z%{e#fDN1@;O)e?1=94Ro2Z!NR`*aqL#mXZKlkf5vs7DFguYD^_aH<-aEkQ?CjxI4P
zyfhPg^ZZj<`Z4+MgBeX%UbywUg=xxeZTKg6Om^MM|JI~mUjM_->uR=Ro43<4KagnZ
zEnoR>?6k07qh$mLB<hh$$yN=V{R%Vi0;4Dnk<8tvjy+eZLS!Log3j67!0asp?IImD
ze=#(o=sA_1gIjJC5W;9u=OR^^h(SNuSs}EB(4t;VM?XLPsv!=~`myfqJ%)r3KPJA#
z7BpEBy;T6zQebtx$*n<7xX_to=H8=~qn^^DNb5L(Gdxy3_%Bw5Ov$(^2`iAbZDlsq
ze8-U0VI}!1ia%7l$+11x&4eO1<vw2zqH^{uEzIRreQO3MDG98#VH&V$cV|mqzJc01
zr|UQw7=_<>WVBEPKtS)H$r3>cVAs59|4zCn5f-Z@U0fj@aDv~Zk^%`RtDP}w;btk3
zdi5Nbz!gj6=nuabSipDZW5I&$AfV`Ff|EP>(%;DL<3(q8-?KJ%Q@GEps@(qqXv8tS
z9yrE);6_rTJ=+1_xmk{IA~$A+u&mcB>gInldmz}51yzu=fO>JCxalVq4mmCF{o3z-
zRr;+Z=1Si;+dBtaA$*7;tB0Oe`LwP!3P#v^BWGk_t~uA~0YzC34>VqnN)wBtlzzJM
z3nIm^?Gv)eeI(<DjZO~|9w*On^1l$aF+0oY*Z}BxC1S{Xz~N8=Thim@&V{_Aoh9xE
zjHejR?WUPFLNgxp2)^p2FoW9Q4O_jyafjm<RH})mDb@sSbiAyNh(lQZ&#1zQQ0{D3
zIClJF)0xk+DtQ)Po#w!I*{9cVSOBmv9o@+<{Foru+0HhOZXaLv;%N@=lgaIaynLHK
ztJq}ul-e1s9df$WQ*=k5NI)WB#_D4G8~&T&k@|c_`Ds=evqjt8nzpk+vp+$C^uJb~
z+M7O*rn5*BlYxkRiY~vItrHIv8%+pRmAJuE8-WK&Xy1TU<0`cmuT!sbyt1(2`zfpI
zcW5&gOe&)#YC$PyVe6Un3r)kaIgW8Q-ZQ3+sg|&duL8V@uNi$EA4TM1rVR2|;xZE}
z+t^w8BC{~%8p!W=e|VCh$iU6lJ5Uq`wzWf4UFhuuouujxAp*)hh1rJhj3(5xyzRJ0
z5rOz2zPs_oUOQ(d{F8f-J_@U5dRzr|%OtlD{2j-XeOYHdao!l+;cBga)tHc>saMq_
z-DD5SXaJ!6yGVH;npjgk301WuJKqyCo20Enar@V?k@yv+#yvhk)Vp+O1AMd-Oy~d+
zOv3y-93|STeFdootsZH{aW3i8A~EKB3Cp79eoKklT%3>0#Fm&qPSUgZ(DnWA+Kr=?
zR@^)qad8PqSv$=l_st24HCenJn5BSWfvryqMG)arJ>ffJJR)~~SI*Z`Rp1)`w65s0
z9SlT`gnr_MPyTX*ZvKmbauxMO#g}$IvsoV7`4jzluZH)Y!~AX^uqSrL5-da8yl_kr
zt(<_uokqy|F9zn!Zi$-g5$|v11H}>pcgCtL34TI(NXQYl7+|}kiUr(zfO#{yg*`Bn
z359K`6Wy-TD(EL1k%L$caoT>W3n91o+^ksbE3vy4!LuN-WA}%5^d2$jgi_8^fxP($
zsslomz`;(<gymU`VARcHR@H}QK3Uw-9v+Kgs$xHT>T-`<X8L;H!@R*k>cI3c=}YsO
z>5%spaSgk5lP%w7nzb89d1Np}6`n_`Bpw}1q)Tibn8j52=4&K9=T0c~<qUrCC^u+o
z>PiNSvG0;Z%1kEkjkUt<Y+FZlK%3b{>kS~5ItoWI85ySFt9(~BZeIOcbdu;7s0fGP
ziyxn8jo>@zIG`>H_G0JrY6lU#=>>%wK@Zw6p9Wb(U+M9u?Wu`8H9Y&Us(@67flY<d
znM-k?C-n2pwN1n~1%a};Ba&AW@9<8GHoA(sMSiVbzAf+Cb6Gh<Q^KUje$dO~O*a0^
zR#&OfnUY&YTTA7ukSf=r{Ghg-_Dr2q|6u6|ZCd<}#-0w$sNc1tKdqtvvua0$nC8@;
zRrS}Y*IXkbde6&S88Dp<S7#LVlhU|w<Smg2&$jf7fyceZqZyr~b*J>(h(so-A*BEF
zQ1bzoo0MU_RPp0>MRF%DvXDgQBf7;RG>?wPiYH$mTdRXSJ8|re0K+vw=SgLKvy0wd
z{1nd@U%w8}wnKQS$_?GV2a?!RSVBHvXtR_t&_VR=wwhBzarOd~Bf~|ABGwAfU_(qf
zL@WBtAz@i)Qw=CspXG(s2fr@M%w1HdHY=TfX0d_BH6H^bn>(V2pVkmTM7M4jSN0e=
zrwb5|=BWNElT=#LA504SGF$uEsUdKDKm#wFF*tmsn7d5(qP~r+4Ft0>kk$b@Lv<j0
znzKfzE}~Dvk$f|V*f$&gwigp0DO|m$aG&AhckY};^qCF1#`w&Qi617$*4O}+N!3ZY
z2a1P=c>PR|g?XvOsatOAm8uF`&9(@sJ_ee8eYnJgiFSVAOKH{iejt%^(blz8yU?#)
zzA00M;RS<2aJLVt(+&ZY1M+i-tiYl!JxEt~4AnpR!m*N9P~W=Tz(mf<!-IZl{CggU
zO0`#+r&V+9wUL}JRSvSO^~S2tPU3qdB-GWbBD%nJ&@K?K`>w}9LsF|tnaAF_BxA2O
z&sBE^v!h0ePYvs(6Z4a9{cwLa@xn4K@CVB#LXJr3MKTTZULQtyEzW{WuH)-!CS+w6
z>{CrS1m#52M%(;u-AunZoW_zG(dy8~j1e+gf?~5bwimt1%cB*Hl?EIk*1I;(b|F8M
zr#!HAlU*-)P3$zmF^+0=wTXcjPi;1s_mn5xzJPENyxSNesaD)9rR>HFuaD=iM+cxi
zZ#u#p>>VBLn^Ha2o_-Xq2&q+cP7O1G=EoIi|8Sj*(Gi8mcW0l>De}xFVM;whG=c+p
zf`V%LeeX81#-uzeJHc@2)%~NY9k5dvz{jV#)>Bw;QaPD@9>Vds>fy{s8CUm@jIZGz
zG$EF10}4z<PQ%6-w%rtnzrVwLli14gbmZ3t-qRno_L=~l+Pi}yoT**85Q$V1FSy8}
zSxh^hr@|cE7dFuf4$?y2O7mzKnTDKq7Ah*ZZM1wOqUUmjt>l!l>xEB{J&DqF7-3?b
z8@v97dIiYF;($CS2`ab59xHsF99`L2N{(=x!1No<DaT2-T{*BTUD6lJu$+x&;CuGy
z<RQ`h3R|gL=P}osprv9S5NwWSEXrd(_9jp~N?YVj5*|u?b8NCI0segk%iTGw&mwv6
z`i3b=z;_J5QRM#{X63&rB|kaZnO7IxWya*5dElC|G|%s0>z%z7J~C+66n@+Q@;<-O
zl24SNIhH+%R|S}S+4=){CDbd#p4WFm1@s<x`&Z2xpIGlak(98kkkY|;dy-w>tTu7S
z$+yC?K~AxuTtki#;XrijR9k_ukqf#UK{hiFBTUBL)SVV|lIXjWmZV-rS0X1bf?|2A
zzmnsDZ+J6C_g0p9TjsYR;cLeXL|v=h3o;y+DUjV=hna@UmF%qW21|lUn{SzWcJAwf
zjm(zToIZi*hQ?^W4DYHZ3M<wT5g$Z@Dh{M#EIej;l)Y^?9mjpp=qevMU$l$Iwyea{
zj~934FAi)?UHl9YO-nWPGV94ZO@$D}LxU0ei)_BI)PAiJka>INw^wG{r720nTWS?X
zk~ZwQK$~SdP?(SQx)rrhd0rcAK<rIW$~kT@R$nvW<Bii@=MX&f6RN(*e%ez<X1r)j
z*^V-6dVmPdQuVJJg*<+oc^9&jWMYw@8fW^ATPiJeB`uI;dPqlv9REJ#WI@rl5EACi
zw~+V2L8QQjnoi%4M(O%nRxC@53751ut?Mj(o8;5to5e?!HDB_YH?-C^W{>QS=w~zI
z`~{yjKeZf>mU{O{S1?@K_ZGQnvERQ(g?_$`2#)d9(skw1EgdZB7hBf!Z@5<!U#0LM
zqQ}I4%%bM_0K`Ud$c|J;F6)aRDlRfJg|o+?)d9hoj4rQi{C+IP291&KtGsfsyq&$c
zYL#tcDxc{pn#&-VJ8l(co?!K%bfQ#SLY!s|4Wh^Zz(k;a3=~81fUWIFWBHRmNg*u$
zz;|AkBjPr&iljgQ@|py`_ix=J@*w><>=%QwF&zh{gu-0^*4UVV_AdvC1^VxQ`Aq+~
ziR?*EQsEya#^gkxE!6|i6$?`*m$(7Lp0T{$dsq(ami5>lvS_x{yXa6!ve*VPtOwRp
z3?$T-0F2y(&ZYl}5&KvBDcwQ?671#GcELY1;NGCV*;~H<lYv<#1#~;te`l=!QP=i=
zGh^Myg9S_|O4O@Yt=xQ1Y#5alh^BeT9mbyV`i~KW|GZZ2fArA*<$nh@$1d2P>gZ@N
zN%33W0hIfG#vHPbqYhiQ*7>UJGYTg@YRWKpctgQ#LH(~#?=OA>S^qLH{o_E^Lp5Es
zT^}~8l2~fqez+YHE*+glx=r>_O6Vu-ysP-^_xYiK1>^^~rD`Lt<dd<ho5qd2p0po^
z%)b~;G!gpfv4fAn1YLkJ-UCF+DEmJM;aAt*<&n?U0o$5@*<nk(#B9nBTkwbW<@<Sr
zzPuCI^%rCS1;@yfNA*c2y9@#}c2fj!ws2N6x~ju0S14rv&hO)Ye?Py+!|(a>J3jo5
zhrid0-|OS=eBl4id;m@MUjRKu2$gr2cnGr+ax+SF=~b(P*BZjz=}9HWscZr17NoT8
zp0{IZ&2f~cfYkf3jz1LLVSGTR3n(eCmZH8&0Kj*ztxtblDY*=K1;|t}{40Nu0e{%K
z?xxKrf_{wJ1Dw=4<^7`wFohSO=$avwP?IM9zZgu1CcknW>ZiIABYQgsBk0n^quGXH
zbI}EJo~J4zmfhl*QglgT23~t7VPwhVo{yrg!iu*}Kv<gflX$<l3ep1(jQ@<HT~U=F
z!KW_zV*>%^agrV`H&uGGSV8g**wvn)3p)@S=+Q80!50)U4vbrw7eK88G}}+w(EtP=
z&79w6R&GwW+!t9!VdSxU2e3aj3yQPYzd5krug^oszHop6t-$=)@z;H+^ej5#FNV+i
zzU1Jbp7{eI)Nb+}V1sf2P>Rk%c>iK}Jqf^)NFeInR`EEUO2ePfuMw1+0)RXf07H8W
z-unk`GWp-`@hp9;=NH4^H`Ia|bujSn&Yt|&mzRF;Ua&ES$_V=a{{3XYyZ`;peviig
zEExQrXMY*Men*hsQUCXP_IsuN_eAM;Z2TP?{~~q%XJ*8Blp6@};Oj<nQbP#Hv`ToA
zke%@aCf-3~b<RX(;;e;7rh=X!|Jyq)A}^f%vwvE&V5fZPre3%~TEc-FJp&-db&jkc
zHz+B?k^S;Xb)4lglha`|v#IIdrg?t}Yx%8*^Eci8zwG?~r@#LRkm5fV&-&d){QuWR
z{NL8Yk=A?fD9}jEi>vDw9xkw}wB43gyZ)q%DdoNF;-Rz72?Vbi8n8cioed>fk<$R}
z^@f<Ly7GR#t&}-trJv5Jr<1HtI&jqPzMx{X`f{>L^9xj&Ead{+=X113aipE&s17x{
z3VcZ~-ux}$WMO@+?01SwKPEjv8_`r~NR$5DE<wFOl;}Y5^uLA|8@3KBTi;R-$318|
zd4Ho*YUBQ87tzz~TKvz(pS;W;@0YqGJ({e2O)1YR8x}kW)SX@raNWubO!MS@U^mk(
zx;L<>wv=eBm0)`KkvahU;hv@1(=w@H1W>1j4tjCtr2TrJ21!39*F7QWO4PXmsGI<U
z;mNX4r?X>CqFYmi9;W90ao#esb&kb{^c@L<Q9G?Ji<)dA#+cN7i*Z>I45lG@$3*(A
zrTI4GaQh=NAg0EM1q4N)xTNC6MA$9D!<2Q>W<XH!^o9Z?l*=W2%_HVq&lX`V>3L~}
zwSJLAQ>CDgXLb6wZj8{p(;C0@mv(;oJMbADS-8(Ubco7cV)AD8Y$|h=TlfdlXhsF*
z<tv|b880z%d=PI$Cx8wkU<B4K`ESTeL%wyIAJaa^Tt8x{K}=1Rys+SWr0#|ANj8r1
zV?S>~xd<2>yN8;xFkUlkO-w%sdlYEz|6%|khkE=M=2<uR$5bj;`tIkPYe*!V?7SFx
zL*=+;kQ<|*6}rdl3wkjc5O%}u;C*@E2Ky!>`!Uno>bT}8aS7J8*FnswmycGbUfwjs
zM61e-Qx3m}KBSdJtn9e?Vx9Wj^W%orST3ON5!|Spc}vjbR_&9eZ^-O7C_?X<MO2}I
z6Mh=Gx*YxI!C<53w-S`osxgAvwgY4N%hWVf%Hl&PglL9ik8Nj$SDA2jhsbP4m-d94
ziR0iY>;?vm<!JLJ2p?m>v8HBENO^&}fqB-&jBMa?=425HFV&b<fRKAo30Leiv>ug_
z&HiNbi=j@&oAkLP33~d&6P&Z&Q~5z#ix+p%5_e06ORenF^Oq@NL1bYE{m|${@WKl)
zzm726&|(ske2kWCG>p&P-bUfQ__Us-7%O^1;sqH@8N^$4Vs0h;h{wLReEY+_#WFsA
z&jbmWTw0!q{BPCVhra5gNFy%SlO<KVY+4nAy%)Y9Y66&-lY}-!3f;c}T1Ugr$BtP_
z`M+2=EpA~P=wX_^hP*nPF`L=fva59vCq1nN3=u{mxt}Q48F<j1vS9a9iBfo4Ppp3&
zlVem|z?gmYF8hrK;p+L8BHY26+=lE{wJSxu63c+3Aa8ziay<BGt0h6MYyJyeW@x8Q
z`*QKKlz~?j<+SAhG5f$zsfxX}Gh|811;kZazW25`!8dXT6K@CIU1^#ZYHMy+Z0OI(
zU_BImS)C!_2bV^Q`KqrePEgzC7Rg912lJASAJockQ(XdY`4SaLh~ZIlV$hSFx;E{v
zhNQww=@O2lOMJK>%Ypl<9BJ>+3i%2N8H?K{w#t&msfG41*NXRmljaZ5l<^`@G66>C
z;a-dKy+}PrsgbJ^i#z|`@Rk9GBD0On^ZOmg&#tMh#zJJi+$>U`Pf>LVa;e#-CTr!#
zrG6UlHrN$_i+B{j?0S%&P+P6Wz;5B0@L?T&i`-A)MBJd|AtZ#G7I#?eJwmRhT?Bd9
zwS*QK-ZqNfb@qGSbLjT5`--VYgB`BB@kw`o9l`LY7xh`m%GFu{Qkvhfj{zLwepm7|
zSig0wl^6FM6ECFWTRRAz#^Y0*rv+{+UdxHGD2yCXJ@JFP4{nE3jcN5DDu9lC%XZGv
z5zEGJS@eCr>Z`7L%;NKv1n+yPmzOGqM^rs2zRS?@jcJ9Iz|3jwFimPwVB7%!`B=z=
z35yswEht9vsZBiGMak*3dM&DU%AG=-Cpz>*FM5mb>yLXkg@&e2cM0Oszq_cZxrhqh
z_jIy7Jt6~s9`F_(C!Jj(#=V+N{Veq-$e~$!A8OYhb`rJaHVXb;B^98<w0`k7it<l#
zs(&7eQhEsNikfQa0%5@20w`88TvxDPz<$=j^jg%Xqi2;8lguubG4P2+>!xba+W~!t
z@LP@!>+?s!?%u`_i-1k`lltPh=0T9v<8o71l8V;=!7D*4wYVg%uLanj>p?4UcW75n
zh6%=J4$^|a-}OC&>QJdO0WHp@wsVrZaUfoJK_`C&Z_vT%tMz+N!XGM1aVSN;yl=qr
zh@G(#XowK3wT-+5NTao_^(fiJN&T8^iFe*fHAcD}3k#1Y+CynC&{ax1)2#3I>`X2y
z%C_C*Ub<VMsBt7*TUUgL2K-OM0b16_1%SnOTfmHV(sR{3wM*Y*-f(p2hnQ{p?sRIw
zNwW}byLEhfF`GB>2q}U5Z82WPYVZd6b(w>wf@EE8FaDD4?tPZvJ9n-QT3jkf4V|n<
zb=;<!G0t(5Z@$`us;JJNs%ukTnOMf4GI`*y*q>@bq%<#xoISTLkjG617Mr6N$sL4v
zy%D8E)vnA2e(~7Dc6J{7wl1|j=XE2mY=m1dENSlTI1W+*;eW8O1;I`rChEh{?*iZx
z<Q(g!YXR5ruXml=FS;ZdNK>yucvk%TMEuOoJlF536HGOB@ztU58Wc(`lpCb4NGiQ(
zY7wuRsM@CCUjs~;W2n0(pdJ+S!+C!4<YICp613ioOZTX@KiAyW#9>6dhIqMtUx<BH
zrsHETUk)jn7LLW;Lh#j-V{sq>5AZ1}|7d(@`HY&*XVSgT+{WVjOTjD#3!iL|_NNU7
zBT-J^Lx@YXyoaC|)EO;Hv<Cs+EU%K7PevYJZfi{TA#^VvRrqjgA(FMpZ%R!#e}@2Q
z6Lv@-FUocLFPUwbS54(SUWC<#y|NE0HX9hMrM9Tt+Z^zp;aagZ^60Kdd)Lj)Y@2AY
zNf?-yniv?JG@kQ;8tr>I=Xp7ZBk&X{<hVxAR&|lr^vk>_N_ekcUK7C(opR(1Zp3Nk
zY(}P*Td)`tqcdkJLnrMB@ET-@j<1)nUkVmXG3EA{)zWf1nU$|wudk1M^bpXzbNPs9
z+9L*`NQ4~h9&#S&)B)W4sd;+GTR=>b%hIy6+v-Uso*tzps1LbaKH@u@V3}2s+3wr_
z0!2NYhx3g_K#BWC#A8KE+F-+pI@TZb!J(r1d6n9BKHUqHp4pdht8X(Aw)2FWpl}_I
zYI5unnBS0i6Efav8Bp3Qn9FN?wn3$nRe1Dl`Y(oZeZh3TBV!3aqp6&sbTfZ|xJ^R>
z1G#W_A_%_+Xboo&dFh=BzZlNxCA4Egzwho;n^&5+sN9DMKwIXs!uG#;x5kekY-z7_
z)G>)aa*K!}R!^j6riIQ+$5a{&rZd_FSnr>F@;Fyr3pxw}Zi&Ou16vJ!k76TF?+PTx
z#%rl&Ro8_ZKU=g5w$M9gpO6XHRsZ??Ou|C;&)$VzDi_mY!#gmu2OUJ1k3HWoq|}gt
zdz)igpACLFZFqDVta$W!@<|P1+<`PH9W#XT8YD~jBRt2nz{TrGt>LPI@a>KFa+1mb
z0KES8)W?U?=Nms>tSHiRI@^7%aV#R$NOfc`)P9E5Lis+Xz|=4Os}Dd<s0|#SCAB4I
zA^E9y$<^RT>=6ioGI%Y8X8_uo+NT$%AK>=RH3bK|RQeA04E+jSjdD$d_2iudW<EM@
za-LsS*=0ysTGG4D*d)Y*=O75~lDK4kZjam9|CDae@xU`o56Hy}Fudkc-c;G1MP7%-
zl6#Hkhm_g88r}Qi$F0$vB99aMKXk0NkI|BJRMAwf1_%+<xf8D;oK@lI(d^MS`lCGb
z99wt2gVS9h<gKTQ1+wp6Kf0~UFq{x?M6z!%!8AH&yp}AH?3-2^F<Y3L@|mq1`Djm$
zSde>%;y{joPFGN+aXIkSF`tY=5AnNCZMzCqGYuH<y6*;<#U3%F9y;Kkp)*%6RN8gn
zabcQEI}zJdx3<brV--!O(8npuu}^ws8l4WYx`AckRlt$Vucyc`Yw{!sley>(GK-rT
ztUZF4Ipvk7_;D~${<Yu_R>x4>d@QOaC=#LTRAx=~UD8s`_U;O@+F6}Oq>3E73G57n
zVz@S}N;ZrxwP#LAU_;X)-{Ejkk+z>?K4RlcY$Uv8CMWy!`jA3oA+Q^GMzQliuFK9E
ze}^z1BV$lf(ee7$$)uXJ;rwX}vxnO1-C>--G?XQPdMXV`dCBHOIo;V=Q2~#Aa)mT5
z)@t!=iI{x2YA+gPveVSQ`&9SbHAm^i`B)`(vScqFj|(+p(=S`s@TqkZ${1@P8Z?|~
zuvyD^U(mev$)P-L+(17>qHB;W$v{hN^#^szMYV$(S_#<4K82$@MH4=2O-<MgfqSI_
zJi<oh(dLi(p0bpcOuJg-yl~EH^S(KA&{TBh4(>{&dViVyW~OoAq;Y^%P<v(=NddJ`
zrXyy@9zK5@A-3pM5+E0wZStsbe9eXjB9rm@YCuY~RjNLdHua5m4`LLMgK~@R?X2YO
z0-w^6gPXlW5mKfNQN>?=iqrA<<r^P%&cHvdX*V3&eDU}TeHP0^Jx9E`ARI~2g`c0;
zgqU$TK2xq#2{w*wbWO3<7bRRxsd<W(K4x_&c)%1xIYU*VWz+e{K~VDGVlt0-+hV+L
zz3sZ=nTE(W;oz)uE9puuQ9lNy6dPr!KKbeC9v8anw!hamY_#jf7f3y88ZSM1VYmCu
z@|d@Cny<mkPtONnjM<iM07a85p+^i%UQCqh6=oqa=IXbjoj~b4_VUL+w)LI^G0Jxs
zFfs9w&{Le9I!Z(!;!%1s!R)^nFj$;KTF>iBKvdNyv9hP*Xe>g_<=xDSy$_2R9W8JK
zFbqM(?1w>|d2HyIM-BA(U7fE2gX!%%63a6!YP~+KlfB5}v{wj!LSLtXJ6(Vn6w?ZR
z)Bn)d8K75*Vc6v_M}ABQ_bYpquz(j1FVp%_I#ZSflU)sPIKd+Zk?2zk%W6<qpU3&P
zlILGjQDnPUAK8<t+C^>M_cxb~d;>J&<0T^=th6w>51^XObTS6$pXX~G*6?DB-bNGJ
zL3)INtk=_F*qdWNY^WvPXTNg2r4v7{8zox_LchQW#@K15ZW!i-qY^oY$g;87JqKu?
z?dgn{+_gD(bV7vl1JX^l%9=+sf<qns4CTx|#R3AX^oS<gMT^(8z<?Cwkr~!m*i8;z
z)P<jsf#-S@Qm)P9Y)4WGUsxK{#-+QsW4xhxDH+!R=Bl!X<Aayq(`xsFCcOf%KD~wT
zAUbmq4i;BlVolW{<8aBm@XVgsHU8V9i489sBI?c5cbm@ouw4Eya0s0q;4QVLJML5A
zdoFc)cK{j=cRm9zw6IK1>N;hJgZU#n2#7<&D6d}(Y|~_Rb26p`o<>v9v`f^#S1{rO
z-AYs3v1C=5eH<6gG{BV-_fvwD0}yjk$&rA_y=)O6a&KXIXTxOdewy#qA6Bk5QT%b8
zJs735Rgc~JiCCS=O|*YBP^NoJyz<|~{$syPdrrSV_Fb6oz5tNld|CCESRHictm;Nr
zpNfiaf|`REPkk!ZI`!b`{cGGLCV+PDj^?0`0@<Zea{Qb)Q7IGa2|GPwYp3hYn|1UB
zt4e0y>64~MGzF_gGqonyXkoDgC;E+UqA$JY1Ngg7nmxSiL95%u=AQP~0*;%hm5ekX
zyA49Lh5iJ|Q%{b4e<`p8jo4Af3AhJl&!$huq^O>&w;Aed3=%lv9E1iEiiHv#Hgab<
zeaI@LH(HcvTDpL@n4VIS+maMdJtO+%i1bCnSpF-Y&m=#$xh&yvWEnfvvhaDnPNEmY
zMph9hs?k`P%o1I8`xt9knDS`5gX68{3zmal42zR^3P1x8Tarda!q}89pdW&dU4Od)
z)mRyuyy<zG`{w!HsKcief{*xY$8g;#=0JG~>j$|NXZh{UnU(h66<uNyb8T34kQuj`
zFKYdq2gr}ahz^5YcAn_46T_B6qPu81+%01^g*H_(cXo{~Wpqf$(ya%s`5zH{;o8g|
z!;gw>7e#f*Aq7$IU!~IU-z}LJHD&m+rQf8OKj}`nw5_!`@JYcgr2Y76BYMUQ2Yo`<
zruSzD;n{Gk0*Nep(AHDr2-95u^L0g^#fH9r6}1%fK2agS@-AZZt0xIXfFy_OfEq{e
z;*;&-h^sXe{jmn91)HjAqNRX)<Z&AorN_EpdCh?p`*UlFZ7*&iMdxzEkk`I1&re7V
zRHc6v*^xlYzNqvFoW)o<gq|czl)?*eFe+!zV#Z{5X#W)%=`PZs3(kw}&daJf+~Pwv
z{wCQ|A6GQ0jxoxKtGw)8Xr>(_6vx$p$<lf6z5P17G_;T)^7Dn9BRY8{wx+)roL|Cd
z;ig>8M_n{yjv6(HvJYl&yx)=a77K$e2lMrI=#L_XR_b6-w@QjlTT6hp0LhWugqsKU
z_?%`jRDGPa*6n(gR3VK|L98c&p5GKiKh?E7)Y!2cuFjDBmM(z^1nBQVKs6?dm=)Iw
zk!j7&m}}v>BeS@R3s-KfXXTfLuxNkO+BHFjLT7}zeletrlXK{u-+=jBKdx5xU^U@j
z?|cnH-^|T6@s9x;JcIUM4Eah1pjcwkomdiQJz%a<ZXM7>=%gD#qfuKD05q$>szt0;
z%NEA}18fI&XWpWN;d{Vl>Imjor1(TD$hYzv`}xeN`?a4V+jJnOr>dV`o1ammJ|0uD
zYm>IgF>P$fmfrNpp0?&g!BeHZFBq2GNeG#ogEj2*#Dd-C$&!PQsMdU$^Vf$fk1jC0
zoER|+5bQisx;qsk{0eH0rgxI|fmwR91<WJUs`sveCy$VAqIN@uKFr7P2G?`FM|~iq
zT-Ba`_brC|jKkJA-3x`)+w#AsR6YLU4)F>CO;s3IUEdCg-fB7luJx%V3@%h078}Rn
zgqn#GF)WZ&S-zAjx#|`>m-u=ZCA$%36j=cIb_);Qx;F+GoUXR{l7z@O2|PEDwipnh
zar@UMf~Fmo1CKA$w<lC0&z%7WU3eWs-;>{Qg#69FW~ixAOuc{l&>XsBx(v|cv*5^E
zbz!_xFytD9;;v83N6lz<r;x#P9$=-p5ql3@)4w?5+zt9FxqGNZT_j;md()22%3et;
z13hUDL_a9*U#bLO&1k(M6Qd~_(9nyBRFLVo5h}P}ioJ&=Ur6pAi~wPh<CTP%x;gY-
zukWW6wIwt=6vmwD6yTP<yLVhHS#xjD9E!c?<seNer9IM8CN^&xj@H5WW@cH9e|n2d
zH}tKwwM2YP+^A}a=Mu=05X~v>=QX-%G~=<_{CrVJ>S?z{fuy=4-q^W7y4_BdJfnxR
z{RfIX-~Ui${Rt5Kf0JeZiYWU>yX>D>=9vQDMNMx|0NvqY*@}9Ta`)^Ckkj}>0LytN
zTWeV(EoJrGfWjp`1!9Xx&wA+#uBASi#1iOB{<un2*Lt1yG*TCtnGghRCPLrOM`m|9
zsy$V&&9P4pi!cgeQqVu$FMdtp(c#<o`3#w!(B5LbeA%c7T7?oA<e|Z~vKn95eOG+s
zM@hbU*s{@xmTAd|T;>8^eUNb(I+$)H-+4tY#|~evDeaoEp*Q7T@Ng^DXtOFW_DA<*
zui2DbH#D)-GmjbJ{RY;**YEbm;jtUG(cZongPPSpU|B?YgJ+WI{C0*z!2W6W7?_33
z^nO`@O^w?_EI^N66MyD%jEyDNQ`Ks*8u>jumm%9xF&T&Y7M~8NQl*AZws~A8wHku8
z1KGmuNMmF>K%3d0fPF;21UKx;8imX7uqm1os41~0j9&AeTQ(_tWqD`s*ad-zcWH}R
z_<q8m6)i;zMnHEUnZ~IyZY3t}2hIt@{iM{aQzjQ1Okwb+F>#Ny1`bo--N%Xy8*jXA
z`!PrP=7+797p&6o61Li^8n5))son(D0B$yPc6b<OkZi}#6!)V;HHDT%i$7nSmaI6i
zr>GR>&!h3(=OsOpoJR3Q_Jetl0&v*-kogFtguQz%d+hDe^SX@Qr=M8&tlG6Ue0t^Q
zh2xhT>oo9N^`<T3_Kea!C>MHELgyqKDt~N;Ouj=U00k^D%I$A-B~0}MZ^yJL+W&!@
z`)kp5V}sKb7xdI_p0&EZLVOym98b|l*uEuWC<gGX9u4mo^HbC9C6hyTuvaHOKE3jx
zq{~0)veRT`Fpayo*8VHa+bPq!wArzDYd&Yq3uNy=ADXYhc1eniwdxZhy7^C5o{!LO
zh~7587mupRhu>n~cd}jm#o)O!({i0$Ku9woyAgJPG8iF>sx#`~>@IeDk~h-2IjZ9v
zG+5SeV1RsgR`+LB+<=<3cy85<Lw&%l{_;;JnGLk2Rr1rk`iu7S^bse>c!G-D6Aj-e
zq&VWzm@=C&B-J8&J6fST7+!O2TWcrx{LB$Xf#*HrLh=qknXKb7&~F>eV+*JhSTK7W
zka)zJcsMwSzXv1LN<b7!U)U4-3cYA)EOj`D``%NedVcJkI}$-C<Cd@vGZnO{q^`bF
zW&fw9%6bxh(tix=>^og-O-n^e$;Bvr;k;4X{AAiw1Ch#=L^`e86Fj}}$nx!j4;_pV
zn<10k$y3r@8eQ2Hc_-<jU%uMQXPW2?ES}lYs}=>4?`vPn)85^9#lXPu048Z}sioy2
z>wR-KP_f|Itzxq&8zapk(U&dLv_Y#{TE5aRhRAu0GPa97iY}bo8RD9zA*2audRcX)
zOQ!3zbdzRmI^UTWsVAb-67t;1(SUg4XRJ``O}RKNC}Dq*Cuh;*ax8{%MD`9KG`MgW
z;*nOR?xHUtnj4IM>Yi^6ug`6;bzCZXZW*3_@r7Mmwh64+LC1mp70L@($4tnBfC5?P
zA5K!7xIFUJc44@quJX%@nx9#!3X!*k_0kf8Qy(<N^IWt}d%TW3OKYH?qz?m!Ye{<(
zBRY_>z-k=njr=II8lhy&J&n`7$bXF#^@Z79s95vbM{eRQH`p>V)j{jWq~C-WEY~6<
zPXY2KqoRJ)#V2|KR0qS4FM#8~HRfb5oY}DrVa~Wtt2l3sqr1!XJf&&vhV!ihTc1Cx
zyj{z3O1+QdK)}gI!U#DALv&H9?6~tp-7R-O7ZxnlEBmS_{@AnNYL}lgd%QTm<CKEc
z=?m7@7k0~c!oC<QRZ8Vfc*>dDsg>IVd+&qn;SD4z0R$LL@HafsIZBoQ6iwl={4$0%
z<Kk>#b%|K<DN)V0pAX3%cFwSWkqo9qW4-!SNzUy=tF%Qk_J){N&{Diu%{U%+TlR4N
zr}8>^mUk5+(vs5qk58y9khQtOZ1bd(!zi@HOpllVCrhQKhY-<JvjA_*MpzNSjx<Ee
zMY);@+j-70lY^Gj#hU|@_RPn{qKwPWur&1D%k`HO#WQB=HK<Fx{s~@UipSH>0xs>Q
zZEk|YHk;XPbFU9yXGl41ldFH?kjVWLis1&K*=z1)#aAw6DYQ{Pbh&a%-@H|r8W#i+
zZTJq*%InqsyLNXcM;CZX7aTx~mX*C--l}%vt+LhE#Op_1TH%(Zt~#Io_U<0%9((WW
zgGpUl9m*BPMm;{!E-($3Tl9mQb@7&?LVXZXsgU&dx~B!&J}LV0GAu=Gc;P&ySsLME
zLEf~r*H1o|-C0~Z-fOop;xib4oHML}moG&}0J62i&Fl&7EZ;&V;_tlf6)g9z;<%VP
z_?+iP;D=ufE$}aLb4-~%YRa4Q96$gAPt}qli6E+&uo5|J39s7C8xwtl-rW>gxh;5s
zPps%Vf#E9$L?{@Y{Ktf9(QK)d3%io*V#Q)^q*W7CYc#o?WtQ^Y5D%qzegktMx!tjB
z!2ZJ3>^MSu=nXIPiP7LJXboEz-=%9u{98`h^vRzvJ5%*(lC(wkA}-;WqN%FH&W>hM
zbs5|de7?_is7SvtMJ2M2DFv`9^Wk&3+w!)U0THh+S2kK>Tx_?wpI&><P&3D4R&>-j
zv(Lr5ZavIf72ijgTws4c8+wHdT9`#a#;NA)Q#%1|ArHM`ZZfjPBrUu>K?%OWd_wOb
zTAP+YSEtI8l?%xuaxv{d|M1CsZ_nxD-!tih_01H{lAO;!-`sYZZ3jPBK$_ig<kbh4
zcj)&z1O-j*h^+>^yf!vE+idjd6Xjd=EOL+^+ezbGJd?NRn1%Kd7T_6?oBAGY*{CRZ
zPhG)qH#rBaT5NkT(np%3W#7{|G)q-X?!a<JKk=>7|61R5*;#=JqPQA{zAunsst7wi
ztZ%R7sreDxdg*z_buIflXEsA;#kcmM_~js2oemlZR(9klH?l|3<}^5}zs`#k<}hBx
z*r_>iH5F03(%Zi|(&T&Gi-R20-R$^Us-@d0h`X~aZ1p%UMwn_9z+K_w^69}qK{~A{
zb@NU9w)QBUg`Hx$4#Q;i3Yc-i0|%|Ds~bknjZSMDs4YEfhA5^o`Yic~o>|ipmL3H(
zPr_fmpMQIWs?4L&Ko!rM!hSKlu{*kTw=Zz8Z8bRePQxMj27#tQPckX48&}%cBjX{I
zw7%LHGhS+`?V62JoWb6fo4%<>%h1tQjnmR~E1Ua<e>3RpG`f@oiBP|CQfT-AfV!F8
z1TXC1S&I-Fv|2n})M09a)1A1PWt(RAzQhMnn$XC=!`jHqB=Ben9kR<WwPGMse^7p=
zQ^@Mn6P_VN-=x{D&JekPVod*pI@5mE)A7P&D=YEJp7nSkr+xEBE=iH2EIO7g3@0uK
zLbK^#!1egzUSGy_<WWLUGz!N-4#gFpwzW~pS#7#sWLemAC324HbJv*XqN)5|KliEk
z?`5=s9PG<ny|-<li-3XF%#`T7gCp+mtrV+H|1DP0c8m;q{V|fRr43z04h-va6MONG
zf3wW~ojv!zz%qM}{ClCDsrkP%{oHW@Gq#xxHujOnXrNVqp%>EI^FLiy|K)xLp=#!-
zFD5(lD16@sY0`0xMt`@%)i-;5Aan+{)H#lH+ro31!vv9E{@^Wg|CKji`{%#)9H~2W
zaOjUw`Y-%pT7zu?>Q|E5WFWb7P#&ad>cQ?qfxNI9MJ?Q4GNe761b@e~g>_sOl=u@f
z5!%bYxA1c$-6R-~Q7H-7M6+Q!fT)62Aa0xMb20oYe*Q$|=}+ayZruVR;PCGV_@{i~
z|Ah$Hk8mSI_IAld%v~J1IIXt*qo04z>~W!*W$<nISl+$2=+6-F!t;57(+1`X-S>+R
zMWLOd_W5$aFOhG}9pDJ(^*06Hp}9J4sW*C!6w0Q(FxXpzALq$|$p9(nG<LTdsI2y`
z12j~3>K`Om>0b=eJRm9(Yh6;6hxeS#TB5sU(Tf+b*{~2m@5}5T`p*K2ZG#K>7sE4D
zDOqkcYYzL9b2o@CQ~+>zpP;D~)+piu7&i?DIJ`zcC9@mg@Pg12QWxkGl~YLYDrf`A
z`m<;sO}|P7ECBxIzLNj?#y5Y&#ep&9fw1JC(Fb|qbdRvjUkoW=3Dn=5zTmH~PP?0*
z{O=EU=l8Sye{cNvd;2{mf6uqyvE=`a(!b;6pRSC*<K*u+`8!Vjj+6g~$H^A6sXjXM
zB+=^+{apm8d{ajt+Gymv_ua`GO^s<5m~<&Ug%6jlS6oH$@0Lo@BO6jK*_NIYz<bTU
ziMuE${-#JqXdku=)D41*$NsH~f^Y+n9df@IvH`r+{XAM5x>kA#Og@LAj>}P={9?f4
z8IX_u75BV<@l1z)PX4_b5;st+{rjTAe{mV*CXqd+4xliSkrb<Obj9~JIpc=Z?cLpN
zm#DdsGh?l(A4N`;#J#F^J<Gr>!Tpjjx|ke=RDz%H?V3AD<cVAyWZQV$pIcr4>qa>R
za!jl4uEstGc@>mSoAOx;>vA1x(f4ZykvA8Tc@U-(TAW4XzW2>p2~^F~Up<@I-c&M9
zzj-d;J-s(0{rv9Dwo49|HM7Q`tNZWRbngLJu`P6RjhRBXFMEfVTVM*Q&{J&aBfw$g
zlhCelKk`F1ZVwxY!mPbVCFM%C4pBLYdbs(7fJ$)CbRCVoD=;K-ynZxlo=ZVd_W0T5
z6a3TUHsW9hxOOLUX;Le6iJgTkqMyBTacNAMX3M5BzIMO+?&;4PMPH;(y;_dcy6=9Z
zEdTj~2SSCXjin187!=KZ#os!T3fVg9k77oukQJA9A_W`?67j9_OAc&qp*Ks`H46DN
zUOks@2dnTn&o%McFFU(cGCcea%`L`1AiOb)g3hVHV&~cII+|T(zBqbyb_JrQGP9WX
zaj9#ccT@GZ6FQ<F*rAx|f1G?W3S3WRUEDbVAJw08q97y7bW5gp1T*%|x!Uil4Tdm$
zTSpI|X58qk)vxITV1h+n1o$`=448lJ&mAFh&*HPXwD0cQCK)F)_p?5uJ{L32h#Sy%
zx!rd^!M}$qj^gzWiwSx^9|t<|BbguWwg`QM&|jE8`5bCFSvPoU+R-EXPMmV4u6CE-
znfxgM>3WiY<zqEQeukZr3g75?j#e<yx1(NIgizI10MF^1F5|n0F%c(e&S-X>xK-zG
z@Ht8KutH%%xTaN5WV;4jq8EG$vvYhsSDsK+y*S9qs4)@mRIdA=#6#exS>5F%=jb5s
z4aMn48fDUHV>()J&^2<C6M??jgXF{zS4%x7CmaQ`pbaLDyR&*}N`XbxwS?o#Vj0(j
z?fg4>ff&(Y{ENYBFdkMr@f^UO9!Ic}O-iVy<d;No;}1%Gv5%8=34k5DxN)1oy+`Gg
z?_VO9_E;L(Gg#h%%*|mbSi%*vc(5=Kf)+~WF}y(4E(ye~jE>31Mr_?ftRrXThwoM8
zUjImvzFB`kM4+BsR_QC(=|gI0G<KmG#ia!yxY3zai3MGA9FrK-33$Bmh<ATxY0+$3
z(MpaszV+VlrzaZn&^t}nM6~!B4o2dr(X>3&LJUl(U75;AFidy@G)5jHNBI$RvO^b@
zi!ml{H&VQ_SLf6d?j*fpJt~*5;3g#fy_}>%K3Yld0}#isC<OB&I7UaDTw3WadA~tN
zl6V3wTU7R3*5&#2itQ}~CgrYui%<$$>Cm?^bJ$a1W^xX3lg>IraiCh)64-n4xDZEZ
zFLh3BRO0%K2ah+TRlv)B@I_pgH6I_hfqte?tW+Zr^=?5x4dpu&fC)T8sv&?<O*jA&
z>$uU*Mdc-<i4hLuHG<jFShUHIGWK-pK~FN$+1k?9Ehtc0Y2pK=@WSwbpp-%edO|J^
z%&7#90I~hp;f3eiXc$3g<8qiW+D5y9GeVfwYYty&T*8{)U$JdS|6C)$@GBGu!VkDu
zDS-9hRYrl}dmVr$3jkd;0}XoNP=`9p?d`sGc9McrNY!oKHH}eLc>`(w3NG1-XEklL
zu|wSqT+ojwf&(nJU4*O(EH2sP;YHZ-&FS7KE&ZZzR(Qad1)6FzXH)AqQ=sJ6qgTM~
z%4czsxhjp$oI(urHl{N}30}Rznna~E2ykV3Cv-A^7Ifq57d!pb(DL%<IW<v1sRrxJ
z5~Z)$3ooEmiN5#@Lc}{TyOJ-j*F1N-z<N6;k)K)VrROh(t_iE@z>?ypL#DgOSD41n
zOak5tya)+UXB06FV1Sk5xEm;UCQlZyliVYUb4ZDEj)SBIr@2QOQqqZJRmxQ=n3n(D
zE71_Qlhi7()TYzl1?6=Vo~XoJyY2r%TI(bZ(y@@+Q{NguWYQ(Wa7{n*IK8sL(GNo%
zUE9ZYMC$6JY2QT88Jey>Qn`TE1kUI{m7wMCY|9{psb)a?yro=!UQ0)qD3n_&Dw1S#
zJLOZ7A<T9sz{Fzm>S%FmTVwdZ!1#$;Gp%s7#mfpd&j<`ckXOv>XcoXMC_Eqe`5^3T
z{XVD;`mRLc@n=6niR6bx@GpYgX9u6^E<`w%6FL{Mk?pGR^MhS;tVFqJsspa=@&}m!
z2i_aeH>#U1;03m_#htyY5{emd=@B2!Khj{4?h63T#4l7O15BS&6l?;B)f-{A8VvrD
z2CwQ+7NV)pUi7W{ED#&Cpr!xCtKt9Cr1&k`sL$|^7nA=h8xn^W<_VVUKMg>Cz<r%t
zy5<i6yQ^cr7$Tg1F{~U1F=Dp?L&;*AQF|k;n9hOfyiD&0b7(O&UjXR&DujWeS3X&q
zym+gcj?7*)8bDme0$Pd-saS$dn+ToRh9ap;k*E5QVZ@up<VwOS#XQ<z_+i_LIkQEj
z#^&6ui+X<4xqBmzIv?J9>|nqA=+IUk!4&(`mY4Ji=;Yi5BJbsq@=rSI$j)XMm5Y;p
zGLnp00H20Oz=o;3?42*cmPDDTG&m_0p8ZK|B;8}=!xM$~dmkB-ldeTDl%MKr0AkTK
zqHh;_EQkQZPWyL*IT36Uoyk1poDM6E%HC+ln~L9Vm_D4u#D0C;46FTVN45~%J9O)8
z*&=-yR_E5m{$+-K@+Lq@*Lx3QQ%;T(1`W|c9)Y>?qYoqJ%WS`KcHiy~@)9<DF6!UG
zEd4<et7+hTnH5HWC6mR9JM#c{%PkzvY+8@xKMcjmCF^jJqq?*XF78%9GxxyhMdM#r
z^)m_>0V1ZKQI#M^Ln!@Z134WFNSH3f%`;MO1LhnqFdq2il?f}swU4~~Jf$l0ok%dt
z5_kc~-3jJ^1Z6mltoJ^z7QEF9EX0DI=71#-rj3{tgGm&s*wWJUKEg94|Mkk2pQvBg
zk(Kj?t6Gob#=(U9Xe#H9BN>43GltXx){$X6dtJ80?{oU4Ek~7Ftm9{AXQpO8x^8lL
z?HAew&ypC78PDn7&3^>G+%5r-T$PEuv<O+$_nXkwWGX+vw7QT7M5pRafW|e<6Oe^V
zCacler<WE2u#ekMQO}U$m)NHz9BcXYccNTJ``fc{l#i!+Wx7{Z?`MAK_;R|$T2|oG
zN|qCyjk7Mhm(FY)#x)E%5xdlHX(MD*lfw4uY{a@Q$ow)$2G!AuB^dbvy@rOY$MkcE
z%j9nH;-x%RvfSda^4Dbl4roxCc>JA*!*=!#u-0quAQ$7cI3C@XXa5XZp4!CL!nTNo
zz=|q|T3Bs?0kAigi7+NyUQcqgh1Y(ruw7Q>$iy}JWW#MgQ!6h%mQ;v-Q;IIj1II*w
z-kNiDh~AlZCZb#tfWHk^5)8mAoyMTg{9yN(XTT|^QHOH8yg|ogYaa9-;De}!s~3&{
ztLQ>G?5$x(8<@`8Pmx|fh0r8?)sXA<n$<HW24r8h5(>es1_g`rEoX`nlQ8?LcnU=n
zp-f9cEhK^Kilf_k$%<DArtzh4P3tkAN~I5o#<fNjN1K!yh=jAdPW%sa4t4<-{KI$3
zi}a0_hVuBPC5MK`zXP-W&}@Nmn-q1d>Ev*>UQFnWbojJ~cfDOyz+#lzbWjYWTy@0}
z*o6id!PGa=7S$;LKK(!1yY_G>w>7TN6h|Y(E{WWwOi^3HOp>rAu?tB}rLx`9O-6=K
zWRiQSBgDvEVshJ*%wSyFX-HyXVs1ssWhNP4&CJ(X=a2I|=hS|lbN)E{dCqgT|7Pa-
z)_m)Gzjyt9@4MD|*Kc?NYtT1`M+FRDP1w@e&uwnX*}KF#VK?uH+KmeyU7-xkWaULV
zY7l1>^V#00g)EjE0rjeF@2OzLDHf3I(>7Xzm-Hd@u7jcnemMY)a;6S~jT|STVuS%m
z7=$rC_3(gT(1l^WM=+L|U(e`Gc;S*&a%H!<Li&jl8%evp>4n&-!gA1j$p^$1EOV;|
ziJF;I1K5@*&&MbSWS^>lxN|wZ$df~)gLf|%Ax6q|k*TO2&A0eRGT1LdwnXJT7i!1B
zCK@DMptYEyj%mj!1n}MJYZAX~ePP&c(N^ocBH`(Y{kbu$^`%dX%E!a|!-VX13T)~@
z1W*^-OfV98;FQ9;$AqNBu(Q0fnTs7E;-sv`Uq7a0DT_CIW-<=ncN)Gp3m(4J4!qzp
z_A(mh_ArVRhDl@&52R3%P8<E&pPF0JJP{u6PQJ))qE}fk$@V+6RiRcx=<P8)s{(mV
z`*fT+N*1`Yht&BZq4e70C_yUI_bT0T?Uvfafvr{{t}lGl8WV$W)7J%m_7>Au^#*(K
zLMK5ToO~OsD8@pqzEB`0`H232jWaqn+B7Ohy!e+b5eAK!e&wO&I_I@zo1>}GFYutC
z0UyV%_K!hq2pDc@8g?VWwA13C?`sy}(lfA=Y{KUN<9>h24pvR>)8zEdC(mLc#7QxY
zI@&sLA+pR)d=Z?Zu%vPty8;=`95sJwqg7JmgO9IwTY6~7=QTZab;6Wigu%m|9s6`Y
zCoI|~e^Z4%5el!%l&H<@1I8>yI$e1)DgmCCFsU|}3KuSrk!1}Pb_H#jSaYsOXsY6V
z#LCOq`&QW5{*|-yprmqpIM*xbF&ZkAtPr3((h}I}6dl4AiV}sCyLxakr9xDBpHaUi
zrCa%&6YF{|eGuY+*8os9iN?tTV%-A+4ed@yuTYU^*kE~WuEP9--b52Wbz9{Kla#(8
zk}Ve>anR2C+zu>PSowC4%$f4xb%nEZYO-CT%9|gzT&dDP8ExaEwthYa2K>3!Q#j6T
z?B?txH(VZ44Fa`;{g2#Gvfk4c_p++3G;ea?(>U-pL;)0cp?3{LV|;)HUfm!TD73fT
zV;1%iyBYRV*Y1T{B#-}=^fb#R`8RZLEhBB*iqcDaH7mN_2uL;n3J6UmD`3qDrX6$+
zKE-AiqAT!9z7Vo)<Y4ETVDC3?{&L$>F6?Kjm5#XThG`7?5NK2|#ZBVjCr?I&>Q_*F
zBzt!~@MfN084#THgmdSr)22n^w&>I2h@uid*AG!p75l;{k*2_4Zh)Fw`2+EwFnoV)
zMo_?NHM1JWQ*Hr9At`ZBFd^ygthElMgxVwE|KmUvDo)-ef=iQy8vsz$T29Vd5Mnn*
zwtE^fi0<WCx>@Q=KYBU@Y^)@ivyP{FMwRSJmg<Qe!GL%OG-yHI07Qw?I>{P_@Li#}
zb<|k+M%Y{4#Z6Nkel>jKx_;oj)r>bo39Z8~Hp$&NdQ=9D0<J=bjhx{C;NIcj%NasA
z{Yz9;#@%<@SrcEPQfh)pJ)@?%R(jVoYVMWETvCu;qKrd`0=Ql-L_nV8gLa0}>xfnW
zO%1UIm0fUUWv_qay`Ve;(#-z80ke&&QCGTylN5O#?KQOZrEAWM>&5yA!zX+a65GJx
z+@1^`I3J?IO)$JS{XNy_<&wJ<ha(zPdWaLTIw2(<74eJQ-6Qv*dT4?(Gm^U*{03=k
z2<{U%$QMoT{d}N+k1)D`zxT@xywet(d4|DBR^;$&3ThwpP30(9fXrVXkx_-cWChcP
zI6;tacYTB9Bp<q*y7$7e>K)oPP^%)2lZXRm2w=lTy|Gji;+g)LXtSWvO)m`k>ncJ{
zA>)(LD_`8r^VY4cP0`11c)QkKr&Vbkt8Us~kOu41Br3D^(tLnM`B0rk3r-7e>d2mN
z!436xT3QY}#*jU-E-;RdMP_juvOffwgqmrd+>lS~=}Iqg$oTXDQF^o64c5c7q_<Ec
zKbfWJRlhV#pyYsr*|Ww-qMix7NY7Cx4N*xt)>zKU2rpB%n6}DC<An2*-CS+hz)}M2
zY3(Qoa>JqpS38^4XI+>Q+kg!z{-*J{mg{SY<&S-ysI4(=bNb<Uy(m+%(n}N}&5*e8
zLYENtNbeEtN)P>lsFEUGH5>=$8X8_uN{{PD$lp2P9A;kD+1D7d&6q&B199%F*Z4xM
zZL|lJ%r!U8MzhyvwAI#Xx15WTKMP_Z??YuESfapYm{ur_{ljC$D!5-1(ML2MKF+o)
zrIsJ#Ht*RwG+P`ezjB}`)~@kn%<G&yt$T}R(NkQpGt%(|nsO0a!h8{CpblCtaRqaM
z?TV(hN6^a&kVjw0>AIm43Y`wwOY_rDKig$wZa^o!&i9+fz*ZIQ;d%NE(o94xFuP+c
zPSC|;wtuiS>SUhT6LRbRmBEP`XX^WW=dlc>)=d=<N*m02wEEFFrK>R#wMb+Yg1Lgo
z2|L(rWCh~SeJ39ZM+=L(O9L{!K4z&XYVN;o?<}siuuyLLsenK35jBo1zs<bR<mx5z
zuNLxO!(^@&GpXuOd$epHCc2l0QQdRgX=<!)hrQD}l|7AriHmA834T&6V*{dC03ES@
z(LLlE{G=?vVNFo#8^y&hCiL424M^l-$iH1xe9Ch9$yh>;?gz!S(w<d_{a@*uLIEVi
ziil?cT*Zb$t(wGjoSFDbTgh!W*!xjE<!V*I^U98!(OR**RWo5|6F-@Xri$GcW6o~4
zqWr4&DSMgZ5GW;=fy=pUZK96=H8mGi3ja7^Ab{bn!W@Pyy=eQ?FMjdVH^I7^Ao5;^
z_1v~~-e01jE%Kv+JA%8mZX#On*fEcaDM?}Y<$=FatpyKjk9r-6*UdIrm+Ty4z%n_L
zDjRyWTSr|t2CLsk1?35?Yd=wjilf*3=5O$ZJv27xrpn;j{w$7|RyaB$EpuqbLp{pJ
zb)paFMEi*K5G5~Z3DH$-2eodQuA`_1`j8rFN)q=lZm#zJN1h|$B}MA9Elszlu?MrB
z%g*b0XWAUafXR4xyB<fAVDDB9lZz$0z|QFH#_G0*+AO12KF)rx`Czl|PWR<+%qr`s
zot>8J?_3tqCPT&heUKqYcFHEg4@B!)1S7YXW~H%%^o~b((doi1?$m+CkKsS+Wz3lL
z>c-f5{1G+IR108Mjju8ckFPR~ZpbKe=+?jNCIlh=Kc52l|M>a$1=37KM}=co1+$2P
zm+;1X`|81ryF=aQD_b(&Yn&Z!|ET3@xOCMM`2^2xAL6mM=Gc<0D7xDh<2-rbZF3Zm
zdgU*FpU8!{W!TkF-!1_LL03ZXTW!HhZ6(~h0s^o&YLF&57h`?T6yzPG{J(RZgK7&6
z#?}M1w3`rp9}zfi!8HzEq75Pm;ZvFEvMLQ^bsV=;s^+#BK>HUam?w1yh4prVek9T8
zG9-u!0=vG9WgitZ;^9CviTugkMiCJB2RvfsxX`}^`z`q2!ua?z;0vV}51XPSs!Tqn
zoy_v$P^LBu%y3I!awi@&HNC+=kd|l|6zTfYDq`Q5y-wTx7B?faCu;ZiE;Fg8KL5|a
zSTYAxtWSb8LqYl&D@P!6H+D^eid>E;hd*K-qUa@D+r;m74KxjMxjk$$Y`k&R$ca}B
z(t5G8+~VDiEHKMLd&L9G_)_soA`S*eAURidaagFtD7)ufqVBBH8)H0&o!$jo`kfA#
zU##lONM?cz^jo0+ot`clarec12la*D(Z)Vhn8O*`w`7#|Eo<!18dwP;oA0;?_YJMd
zgzxtPOta9z1q<?T{t12XyB#z|v~NZTkp-qEK&tnTJvRC1=l^xVWaIxW5oqi&xEeh4
zZP;HJ&NHj#1vT4u42MiVyfB}+>DB0t2dfSzSufIGPCu{WG?JXR*>^@_<-)~FQHT!2
z2`l|7qv!QXZ6B%&<nnJZ@z5u2_%e{>8YD|n92YKJFwcThEDVJOq*%bm1y)!f&4p0m
zj}DNI^out{cdb>Crq@;au;?m*^BzIx91TV~3%9$NCeW|ASFhMvHIJ;3bY;(7`tGc;
We=E=PJIBy3v`PHa+EMoF(BA+=HthBQ

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/shared-volume.jpg b/docs/userguide/storagedriver/images/shared-volume.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..cd39b86a1f56642ad20c403bc2c77d09ee739a59
GIT binary patch
literal 48857
zcmd431yonv(=UGL?(SB)JEU7gK)Sm@KsrSPq+1$kknZko=?0}6q!Gk>@Oku!-@Wg8
z-~V0fzwU<hJ?G4P_UxJ2Gqd;EeD%lNkIw+QoRq8-0099Buz)|nk3~QnfO=>U4<FFb
zP%tnEurOdlf`^AiKtV!9ML|MFMn%WLKt;nwM@GgZz{JMI#lyox#ULOez$3!J!^3?L
z0s##T{m=^*76}&(84dS;+<tTd81N8VkQY!87yu*&1QZ6uk8XejfB+z%p&)?28XOc1
zEIb4xG{TPs03PBe=Ud)i?0?-sSVnFVe)vg*@H56#_ab7d+TbBWV}qXG2LK3*J|iK*
zZ#{0gDp5Z%u%&YR47?Ip5p@R%ZBN-16PyP?`l(f5)Jid#j$@kcw&hP8K*F}de9m~k
zACBaGMpm!q2LO{y?2TIX^|Ld<EE@FQ5~Y9Ouo*xWGLf3|!k3M++mZ%5wsMt&sh>QU
zk6nQVb2*v;QUWj;+w4zY`)mLJt_+e`OPzpmZllIG4(0FtKapJKQjBqB^?CY6@7;Gd
zbEC~Qw>+uL?#lrf;S2&|OT3#qj=E1NpMGLt%XUbJy!XbP>V}CM&$`m9J-k&4u<r~Y
z!&pMZ=3iVf`vF3vpiTf`&spc<X6u?JiF*};!%&1<#oT=XG)2&Z6gcgTuSeh&w!!P{
z%+2nysHD|9vEjscUOH%59WMMn555WgoEKCV09?}iKtGlUKe2FUPG~Br^^Ljkr0%<$
zfHvk|rD`jLM9vXC0}%jFZQ}+YKN<wkxnt&T+6*;?vF^IJ{n}Z53$hUQ+FJ+;9zc}`
zQ2>0WB7ov{GqSnsP^-rjvn*(i6T8G)bnq>NJiSPA=>f*rL=8Z)#<nZfE!x(Ocuqvj
z$dA(bl(88lR_71&k$n6vjjs5Dg!`wTadl$=2z=Skg80zRZ<WFgQhZ}JwP(XkUEZ-o
zxaCeX5767>8zJn?Dg=J~yJ)1R#zhO;LHf-2NA4&C6D%o_jO&bY^Q%6dj-o<ZyA?PX
zUdHL4Pl+Eo{Tc$I2N{<w+)%;&xV+M<hJL%{)@dlp-=k(C(km|k=CJOT`YA)0zfL3A
z<(HulU0Ri4XG{frz=PECX%W7@H34;&S2b}j{{jKih3uLD07{xP{OAX<_KxjMbqYBE
zIaDbEP$38cuz3oY8UW-kBlx8pu18GyKmYO)FgX%D+77@!F4E;D1l<gU7)s0AHdH6}
zt3Us4#Q5fizXSlN4%ZRWW7u`p96#L*L&C7wbPfDc5mX<R&A01X^*!~<XN-V!z^%H;
z@yOs$1?ing3}^U4*+CS{dy}{LF>HG>96SY5m~N1hdAIps);%aHr+b=Sn`&?F=?6Z8
zdJs#WjJ=O=)QPbG`kWuX+5^ddm>W%9qydUTVjch>!mZLp$M6X1I9R_MEw#1-0J@@D
zqYameUjC{ye)!e_h|_eD0iX>ZC(J3Lti4TnB?A0ub|J$0^dnuZhOs0tO@28Jm9x$2
z)BpgWv8GE?P+ky=R?~QefzfO_PY!@~L4|WH5SRa<FBl!rrqP?AJkTgV0JH|`8Mg`t
z2!_6}&g)Wzd^G3;`#6D(vB~duf57sx+noHj+d95@riK@(FnaowZ+RUQ{MG`n68s9H
zeofy#{3Z_5tnVZFn7`s2O6Ac2F#wRKm%N&@`T)$1y!pc;Kp6E2U=`Q)_?MXl0N0|C
z$X}vSG~;r?$3G(j#pc44eYtG<_%9WqG^k~5ei;D(+2)rze!raP2UtI`W&5o^K==ay
zz40s90TjEzM^S%H!E*q%?%;LU6!5%%|IaD#0|<A$Qrdq-Ex^@gf=k@m^~ESj(w<w@
zwq{{}Q|-^x1Q7AlBM)GE)qlq*BwlZQw6_~G6OEW7vL}_a&q(#`4dS{@vLE0;>j$lb
zEIr;5Lw`BZI+e14yeAXIlKT3Oc>s&8oK`U)al`a5O#no(7RKj7m!9L=Bv0sUa$2Q+
zjs_^+xn~=H%s2qB(OFd(^s_aGRett%)CPkLOb?AGzHW!JsYYjNhTE_w{iA&A$z(4Y
zemNiFooV@<V!A}tFdt1H-<I)4^HPbE41n~i8z3Aw8|&L_(>V6w>w2Qa{3U38Rizti
znp8%}4}ijq&lY&~)}VTN*dg7!mURB7f?ym0))`|gJR$qmjf>m!;zL&DCK~sm9$haL
z3yl!=Knvc<t9n&4Qw_*{4q^YPU<ijFFzcI<PWs*x=W47RQ?J?lT9UvAJ<SVWdddO%
z0yLpJ_hW5QDb`9J6QfpXK{m}pwL#+g0Fbw!RVy{GC6NU>$A}o>q7`)h8p2jx2a2G~
zJgr3ig;LBsm_*<Lv3Qm+t9)kBc5S+%14lgjP=7xF0DfGJ+Vm)uUY)(}=-!_y0b1Gn
z3YGKl){0GdjSFstY-fGMsSeNbr&eShg9QhchDo(XE8Bx>J;_R@F)J+Lq3{4`$lipX
zm5M2>E=q1lIar<gNGv(r5v}4`yn}yt()Ds{Yb+JFdgwG#Ne;Tha<<?Jd55=~op*$M
z3;))9>IL1Z`{5WRL9HJE7{%0hs?Oqu?tL?BQk}*&Y1Q=yz}1YzL%BU`M;{{9)Lr=p
zFvjc-xm<b!2TD`vW8rLe#n|w;`%XK20}6O(v{F9L!3%_%D45Ft@T#Y>hra$uf-U9y
zO90St{sEX;e{l`%<cVoK3)nUQ5ddIyS64Fc#ZiHN9{YCrEHz|A5X@)3fD=JXn^3`t
z2t~s;8%VwTeh*Lx(zQ9_y0^+zLl|4S@jaL`TA(MWZDTzu4&D$9Umpj(Xf*x&0Q@f+
z8Mred2Dd(tP!NA?fd0Tj!$3en!NS4++!#Tk{}%!Pz}&~+FFvfYcjVjlzn&q-rp)zG
zLQ^OFe$yZq$4zTnDQ9=mt-JrALV1Hs*qN0)R}v40-Px`gi=SXPcaCC{vGx6_>S^px
zAab}ZcMJKFZPP2|CmZl6GoFmImzMT?*`@JnYHI32&<{W=y$?Jb8gvJ}_R#daIcnYK
zr{tS@MfzCAc#$^%^PJHB>N_y@+CetbYPMZ><36LinW*KyuK-NWogYYr*76nsy}RQR
zyGVSnm#1|1HQa?`$0zgV^RudUkPl#3J@DPn2k^JeRUf5nJ6uk;Jz06byPE#CIy=$;
zL_n0l0|?9Qkh2T@vzlO#lL>+1-rpQ(4_GXLY`|I!fSf4+gwVz}jKfPL_Vrj9THx)+
z&gSZ3dPP7!lomRGTO$I+lOY|+fW=@_#=!6$AEQku)SVeD0KfUj+dM1Zq}}GWO=nm>
z5Qu&_)5C&kj&lbAKQ%zo`T)guK^i#0LZ+Y;DnGo{7&~$^Xk!eyA}9DJgXw(tVOPVI
z2|!rC08qAdhAN6LUGF_Xi0#XE+*75IWVZBV?)@k*e?j-xfZLOSC#b9d$k_l0Pdn0^
z{$hZ&{DBJeF-br317-pMn39LU2kK%X$pL`)Cj6V<pC*Gu?Ez^}CScibJNu}b9AL8Y
z1D}5B&9(Uk2lyB5!JD8hAPT~shE#Oysq=#qe<}5I?2*KopM~a6MgPzTRaXSWJq+C0
z4Bq@4nAeqS6r`e9hyYsC4@4w)+EX|Zry1tuEAZ)`T0*@kZT~kGa9T9@Jpo{k2WR>b
z*DjZixcmpyvQLQea+3cz=|4DdB#DbeHo(7Kg-X)?YwmxE2B`Y~qc;$-T1xP1ib3Fm
zTSNeeQpf-33>Eb9U$%nl`zgGtAA;KTzo#jZqOJSp;IJoM;IM7_!1<5302XWyp>_YT
z5`c;*^u<41V7#8l8kk8Q+I6ij1R#>5fX236hLS_P+%b~ET`Rgwzdxp(#0RAS;$lA>
zbTybwLN$SR%!S3wh0e{!=$5;M&2|r-2RXB!7t;7HHeN+vF#G}aJTHxKvN|aJsx)}c
zmcMQI(>Q?tj@zXF%sO8pp7hD8QcI5vfLi?l!t*>LsV7{g--nJ+#zWZhW=VU%X$JsM
z+u&lW?V8qu)LMM99sUfTb27QZ2p4A++I!b9W8Tq~s-3oU$!0JVQQKf=+cb=%W$epz
z9s*zm0Cc`1)h;NOq$r%V675GcdwLva`FP--f|l^#5ow-K8!lj9qy0ofwHW|SR};Kv
zm3cL#Ck8^o^>>#{8-4)be9c|;S$1!w(F<<26wER(#*fFFxT;E09K!s<A8G+e+CQ;1
z?>Y=*djz#V`w-9o0gKPOK`*b<isoL?INvdi-=fy#Mrk^Se~IEqEBjtjCMZ`@+0?5^
zcQ=-P7R~xwVEbYz+u-j}kyjSy=DQnm&fm|CD8^@<MYDy$#C-;>&VZlrLY-tQMmQnU
zuUnS`wSjdRzO`-1(dXNyFla|P1~=YNPq-s<f{nxk%RU?{5Q7k~5u}tqT)LkbJY4>-
zn(+UA`GEqLALw7p4;1=;IfM~G`(J!y<Dkt9BQRlpHCVwPz{u6?!J>QGLs9?L1pD4B
z2xZ^0q+JI!eEakVm2(NaT5jF@s!lfxVVrs!-9P`yAm3ao-73rIc=-)Y(%IJt^b$iW
z49W-x$9JNghChZPRqyTLQBP_+^${SFuXD{jC-pxC-v*!tPuw!-+VsbLLVtP;fO$OZ
zJ~5@IeBI2Ba{B{#egLjQeZqM0$LGri0Ju1TAwo7<GixWW$kBHsGJ^K*`%|1$EkBTs
ze7*=)3jj^%Oolrq>nLV>zqle*FtVpjIf8!a0RS;+1%4v3B%K~I2`zKA&F1uK9g{^~
z_wBK%4lBTeJYeAjfWrnLRM+`xR|D4v=fA&%i@9Fiqfi-L{_rOs#xxOdKTdVr@~|Fc
zp%KchOMq|keIAnT^6~*dqz3@SRRCKuOX`Kgai8UumugK}9OUc;P`Lfa5VmdrWaThK
z7_A^0CyA`r1&?_mk*)iVkncD*z58VQ--O_w-n*3L`LZ~TY<evvovS~|pVqanoqs^d
zGJ5W!gU~;O0bG4J!c3<5V}cnUFGx$z1kBCE^3$GZnR}U%9vXonQOW>7P16s;uk2{f
z1VUvr9e}cQG-49@#Q-HCroTD?_YWzFks`mOg47ph`F;R^X&)=&$K4D-XqtgE;7>K}
zA1N4h)O-dIhgd=4PpROQNIsVP1Hi!84&K8k^1Fc-0Lr=@z)3Iw?;!Kj1ff%Gas9x1
z(AN*X1Y6<uGwamtRPgRkMZvoVeGtG%0wBO4P)R>O+<}Ti2*S>_|3Um~TnOg=Mh95G
ze|HB`*d8YQ@8c)}2wV><`oCz-<FzF<|IvL#$8r)m`7k^6rw)G&2S9M=ag=`em$Cqa
z;J@_(fXARx|8g9hxJ+gHzxx72#{U5X6u~^2_4|h}Q6n7fK0xcZ|5JYeVtjOR^*Ask
zWxuG$>F{TO0T5+)>1~Hmf6kVCRmw_Var3Dpb40zMt&c6Ze*hrgk68|p!2AG0OLz3Y
zAr0*VID)&M!Ofko)SNN-$(<({%K+5ab@H-#X6uKq?<d@+QZzk~egNXf?0*CX#&;rP
zo&APlAD&2XiUC0BZh~>B%VFzIjV1r=Y2xvBg&1(cK}O`x%bsc{Nk(Pave2@T4*>iT
z02#UU)tJi_TiKg#zL!*ZyRGo8BEL*K06{jM-JSfUwRm^E{_>BQBlX;hvISF?W^6WW
zo!5;e<~|2U@H4o{{7z(%y^Fs8=?`5$9s-E=8E5+~wk;@ivpKU&)R7%tDHr&K+dnl}
zbad{C^CnKSN9zMa3f>SvRD>AeoK{~kFWU1HlpbkQLQDs982&!I?y(Mk&ECeon~xBf
zH~@s?SwCBHik2{mA4jPE6lFdbsgT0iwgZ#djAs|k!ld9N0kDWHX(PI`@9tJZdPP$g
ze9{M0M!~LR<Fy;<jAjJqzl0$hZr`a2HaRTZtm1`Lwcfv3@IX^tY)~Ek6TIJ>WIr(T
zr}H5Lvs%k)Bd&Vgng_g(nZ7HUEt(tZcK?D-AUC@6uMovpgX05+MS<C5!m(4|N|(0z
zOb90oKqa@jG(4bXjn3TaACe1f`0EeR515yMhW=l+hu0!$bO1cbhJb>HgN23#U|_)5
zfrNqqAYkDzuvO79v2bv?c|_nTSUGt`U*M6mi9J`NWam<%qNd>xS3$skBq1%SZurvg
z&!c4sWQZTY<-2?YBG@lM=z%bYy)=DYIZVvR?=gHFg;fU}$-jo-C_kc@jmHv*6OKpb
zTp=#_YX6upHDdfK3b!wsij-t&WsD$XfPE*`TrufA-PW?v85=@hlt->uIR`sU&Ffkl
zhVcl-cf6ktj;_cVa9roA&CXm?%GYK3k}$L0@EXAyi9klGKoN6{nG<|Gxf5MWe8a9V
zL$aHd<Y_j>Zumty`291c=#)clfj;9RzO=V2;?E2;4br`@i1*&#9Icx8zVhGD`m~6r
z9U`anEj`~U01G3-0ZGU9bPjUKgf^*MK2D7FO8DfPm%l5QSy<OQmfil5N<fqK9XVkA
zX^h&?nB(QCEU{&AHc3!KK<{AYvfOv1N>0v99<@wLGa(_zc)7lE+u*7Z54yF_$4qQc
zWQervnuhBp&m~yoKW9<35LZlgK?IIXPeNOdW6=;yB#E-YAnV~$`A1D2-ni<UhHB@z
z*Y2yrliVTFF}6;Atcjnfso|7<@-@O~a?dHPo^Q0S0Ls6X7N^wUvQgEP$Mn%<qcdYX
zqlTN0^OYCmtI+<Y2-4HEwmmsHwULROd0ALOQq~}y@DO+&{sgibZ_8=&i-bL{yd&En
zYp*4UYD=g&iYw>!6XtarX+8wv`uoDry;-=uPgk!(*dOUKK~={b0Ca&bB?5#3P;p85
zg=VPML@@$2Of0tg2omOv#1JtxYM0}KBKba18E36sS+v8#+p`oE$|d&|=g_EG)_&`@
zK1Z>opxYbL&$64nw@pySs+h`ED$_csk+UteJ^aL_(dPeBwJ;Qesq4K_QiGY3u22m{
z-}8c3LjozRkN7PMqHGyt6momcBYcV`>L$<lC7kXywj^;Pjfa>e;<Dy1<w+QjfC9@D
zy7vR`oIX@kqBgFH2CH*fdfH+JOG*C#h*MU&c%ThxRqR$Rk-I7hOK;S-P%JR#>)1B6
zE@cK_N3=xu*$d$l6dfv-ESZfyT?ftQZm|cwR>Dsmr8Ec#kI*oj{N`>B4Gg@Tm?uHq
zc+OZe>SBUD|6Qbe?!x(_t`cEcB$sy>veVVAnp+mJ9Y5l%l2!|Mk#At)myaq+r%y)U
zwH_aPcFFL%JXLOVY&3H${=l9hvdz>BJC#&BrXm5kID_|MJ(Wa`7Eep2VTN1TwtTTp
ze6Tm({&YKH)2q2Dx?(iixe*xB%QjvY${dS<XQbFt9$A<lmVBk)I~8K_h*-|nnSC)0
zOaFqh@lo5JBpq_zO6|COmDPo2j@F#o;{~0CQU2)?w5hM$KY(4s>8xzb&A7xbjAfmx
z`FnGU(b-hkTv1t6LFCuXZ|xcxp7quqFF;Gn7#+NembQKzTfWsQ&O51OV-=z!Xx+@T
zU`VUZ7N9l8A5_hbEKpN<Lb5}_eaCXG)wWS%Q*%(Hw`h|`pp~qgtT5e_xBQr`Psw4!
z4BDLs_eJ0Yvwb|8*+HcyW#^t{VI|MptB-+G^>`}xrj=6l^Lm1Mqk*d7B~Q9W&XU~g
zur?9`>iMIp=VeklVBd}=<PX!jVVv-;ILAp89&<(Y=s{}jp!9vKJbnyrj`xl}{s4kL
z#x*@!R4a)OGf<A*;Fj%w2_Jm@d99*X1R|i4WskpY|6GszbxmWk+MAjtQ#@(kqmKeD
z^hG}aCSBRu6p2IC5{(~#2YlI()ej(M`mDuAUVZf9Ou^UcW}%HqH}9yWPRu2j-ln2>
zsFX*xjw>$zm`+yArBF?wuEHlbd8OxDg0&~!o@U8`exccakCf_$7oh#Dk$=Gx58k!3
zo}j6BuD<#8&NQmn*Y&y9H2D_lqMW&CO*Hw%#u9hN_!KQNjBZ1H`L61&9($wj@?0&U
z7mPEPEK^n5b8X5a|M#Q`63em6C9yWq>EpMP1+SvrEPdX&)JRvGRs}aT9!<3l9j05Q
zxu!-XHl96JozR=vTRii&SLvWx<_^9WijP=Ki4n3Q2|`M;P)mqosM<WdngKt*TjR{H
zU3%{0%%9%ZgdBYJ)#`C^Yb!Bo64alm&`oFA*T^=`h?GZkzFbylD}=j>OlQ5plL*k#
zBK!)`xGgvuH|r5Y^cF@}7Nyg_G$-(jsJgQF%MV3`6!p(lr=pf<>Gx#puyLHJc@PmB
z|6c=A9(tF+2I2~)7PBAZ>$=FX8fh@oWCc1fvu)R?b*+vU9B#_VQ`qbcJhMLyUFlyC
z{ywoM(1LSXcFz-1fO;NnKZ3UUb$2_7SfE*aq<SLV6t;SBSxk>qOt1kbf^Mz#PH@uk
zxs~@mH~Wl6`0_rl3SDVU=njIuCfu-+(IY%BrKi-~@WdZ5ugj`$3GmK8TawL)-Zm)N
z)kUxovmf~rTGm3?CMcP34V-<)BlRr0fVnPf7Zxh=MRI%rcWy~f)WSARaeos}w&HQ4
z{sSPAoPzTRF7WvQL@JLT4jJ_IHr>4upo{)83745~OFmQ{WHP7iHfgI-n<|s|Lhv2Y
zbL>Lnfleznv9lS5C<plS7(Y`CW6g;0-j_QiA8mtmlwK>}br=q!T5CS&mZ2w3V&5d>
z<5Jbf<J%Rxt+9E`P|U|I=?kW17X96bOrK8O`UZ_zEFL8lQ8aba0;R9*kh;aY?{!SN
zS&uK5YFvUd79FSmKakaO<po`{Q)8JWh$%%-pu2|-y_s~-8wCfszjIxZQgxUHoh`}l
zgrS^qA@-BmKUu@iQ2SbY97=I1i+-zfA4IaaAYFUUCNJ*(Y0tq@%r&|dEC*8G0<GPN
z_6SNg><i55qFXcnPO?ou8BuH=dJUPdEH)+VLG|QdJ3{ny<8(G)LY5BqusY1;(I*de
z0-U<kwsDf<BfbqYLG_-N+Je^1?}Qs9V#>MDd(6nWQ#pC-g**dPm-MrRWFGw4B|m^7
zEd7{<!CTf)Y5u!8)N|qei$ZP{m&y|B#Z2oA`;%zppgsxFf|!`(cj3HA5%q}+lW9oW
z_V<_!nbx*#oszGZJpTGru=xR4V#iT1EW|wmm0Y|3sbm6RUfGFE!t(fB-SalWogfnD
ztG!V^ddd#~b0S%@gX(6;Y^t!J`<^E2yf}nS*ndftffjSMziY5WCavN=(vd31GpmDh
zvHX-<%Vo-jMIi=uXOzb?kw=`5ax=9t2I?6DPi55Rp}LhM%HrKK=O<M}llUpM>CP4V
z%bE;>ZR@8sPoJWo;lC%TS@NMLexKiX<Y^qEpD=x<>SL{bS$3$O(8h)4=~ByJ`(5AB
zsgL}|nNnh|OiJ_3`n#9LSo?-N-*Hy%*VCnpd%U#gT4^`xM!e(rj2vF;EM%ss(9@&J
z*w*cMyr5H;JBru3Y*{KUVR$STW>}{6<<s|+m@VY@Q~5-`%qSaSlX$WB*%V3)4$T{`
zgj!KYCpICBU0a+@aa0`!4q<K9P9FrOB%h9OU?Ry@GT(efAEUH7J!7akBNLe2tnr%G
zPo5rAD6{=o^D4c_Mq!WFoz95a&lpKry#29kOPu5a0mW{$wO#d>+~#kG*WLqT#BVmI
zBLnyrq?@Sz=6DMkO8k{hY4JEc^3KZwcI@dhT7p`K&~O7i?>wUTzEcD<zM#t2D@?_y
zNcDkssUcFER?uB_FbdiP^lZx-C~(br0gZhQR$IIa<MrS|$Wq}bc>Bs`NRQjOx7TP>
zrmK@y9FK<jFeLd0kkI(T7kB8e)T8#Xk&rkK4;6i$@fSIFiqBX%D}xkFVNumfu(di}
zdM;nqSq%=FFpAF(QfP2%N-9@9e$ImN7gU#M>!bb)wV@w?ovhc}le5=`lv(jKOu;gQ
zIor}a=yD@i)NxL%^w>*2og)TkNpy`wt!da*sp0(!p2{pRY)EdCcl#~h`vk-KLayuT
zlo@ku+Dd!Z(J>JhOnB`ITG)Ew7e7^s)V0PoQ?G@-OW#?Fp3uBZ)Jnn@JB~gscf00Y
z&X%`x#S53=FvYzsePZ!-J5`!f3f|+(XRNo(L+%NI<yv-xOxCHMrJvlY;dyH2!>#t^
z7!z&^Yl_p-2miDJ(Iqx-eK}yYX5QI5CGxh7xxj`k(WaqlJZj?+y%xWPt_>N@Ta-7u
z_$!*1P6^q0#O^juL{Uiklic-eS$>#MOjsf&Y_Fr*M~&yEf|KvM7d{7uz`8Kdu~6C6
zBd1~PtXxP5+bd$hu&ypZi0Ydh;XFZsE5uidIAh}PKMJvssxS>O*q|B~SY2}JA9gDX
zbr)=6rwc2@Pay9^8~Tb&O>Bf7MCNkJv7GK-U3+HXcku0b0GCN7x14wNLyg(%>m)v;
zT8=&#4hfAm+j+t%7V|90FaTqM3+H9}0cSrQcz7^o7F5UaVtx9KdHqbmWs(YZb>9v8
zBV%v=mm{okY^SedZ+TFtXZfFKP?l^g|Ef;S2`Y&)?^BBqJ7WCVpGu=ebUUb4vL`$Z
zicbC7|3p{gT0AYsvr_QQI<m%HXOQJNNxqxr-nKww$Yh4OXL4<aY1P-7>4h{h`_l$w
z!A1ea6u**~ddz-X!psQH&1go!VsSrHx8d}WP7k3??V0e}i^YYe-##FYWQb26BkeqS
z%rt{vN{18tc{d`=?n*u8A7g)<cu&wstdJ0U(){e%UPIyulKOlc@8BW=6Ax<XhbeNF
zS^;k2t#8}PRG0R1!I&1evhb>B=4`t=DX-HFCv+B(qM=4Ddsj(E+1E&<%U#>*x1$rk
z>f@ebxf9n~rp5*vbn8Za9d>+-(?0($h%Ae2VAO4cjJep0Vst`ip49sE;D#)G{WPIX
zqZ3eAnz&Qz)}7nvmlT?3Y(_~_%t*+w_sAxz%MbBSw6EKIyO-9P@Au(?3XyHaT#u6@
zD-~l{(-5DJZu9rJm$NM~%g3GzGjYlBQ(on%*61`w#^^5{61R{!C3p*o$>{jjqr4g`
zPJ#qvu1ws20BHm`c;r2wye!^Qm#}xiQ{`CEe-WCqjIzBCN>@O$Gb`*Xy4LU8N<Pe!
zLiC-fzE?$%%3V`52hZe9q(2H%`X!hRhNVQZudF=O&V~9lLJYgc>ddSS>I-#h4@!jX
z*X_nsKwx)oSQt*l>(i=qKDePGGI*!zNEhjyyf8lZ1i^9f>RU%bZNC9N=a#U*p*GW$
z@XPh2T6rv8m7;N<&Df3+o`vrc;jIH{yqZke8V)Xc@=iuiJDP}6j5vsxh+?E#oAd^y
zrdDR_Djqz48Gzm%&4R7cZ(`a&QxyBrz*(3quLGLe<q0o&#N3w~%im>F^00|&)@srI
z*lN+XExf2S-CAE2QbmFMxg)Z_wgLt-5(ZSH*XM2vW@+Y3D4kS>s>mMRgU=nP+vyMP
zUe-e2xe^bS8>h*?e$mFiy^c}J{7oE|{$}oOMijPm*y@$}d722RWNF*9+mLU;7q*y@
z@5O#NmnIsm(kO1ravd}cwP>`F+m*M}2<Fo6by~Nvqzr2-!|QLt`rrjmiHNy1Vx}85
z@U6(86y^-0vk8e^q9#f8{;D`R*En+u-{PGw6<)too#KWF5iu<p=#eUX<HTsO<d2Wj
zL-<L#iucVJ713ULnRA@M1oybtM+#HvoVZ0}1jUR88>(WuzrG7^F^3>lT^V2E?xEYs
z84zom3)|wEg();EAv&s%yzS-|;$K~`{OnOFB;3DVfTG!s=9ztnMA>Q*<`t2*HY%OU
zrf^H3X>lzmm?W#5f{&g}eIZX{WKBu(soaDDB_d%_AtsXT?@{MHyl1lHJASXF$G=k%
zzOsi=qyP2n=<1626i!@14sAFl6ux`R(gm|b{<TO2iC$S%(%cU~PoUszT|0Y5rs)TO
zz&mv-)HXy_a^IHcgdnrf@upriiFeItHM0NfjahNQK>Zohkbn?gxIvEmFm`n3yEpMu
zjLkOL>;y*ZmtfsaxX>Q{dm55CsrsOwB3gfQ(kaLYbbKOoE>q<a$jgDs79A{JdQ<m%
zPg5^qgwM6esHSfxEniOXn7OVZYTosr%As}1iEALs`lGW4^Xi6UFkjyC@C70<4{_RL
zE_yEuvYvM=Qkv;U%l5mazn9x9E?nMueJRUwszA+0RGjHD{fhI$-(6;0e*kqH7ueRP
zyq=P=gc443Q?Z{d@-iw1H5-i<26U%}?@!F3iQI;Jw$EeO4WG`x7o7aP0+!#r$dO1-
zF{9p?D<8!R5g(RT{313a5$7*@rt<gPTfKSirnmpj=<`M7llQ?xRdI?0II+bH5|ZIa
z{%^3!1YFLZJxmD4LrC^*s-VYscqZc{7_Jp0!prs#hr$x-k>^CACH=jW3I$q-uYD6R
zF$vq7r$p!@ov2q&)15g^`KvZLMPb%6zj|i)7CDQG{PEhU4YH-1qs_IC(O;W^qy9^R
z?Jis;jjK1G1glh_M2#*5tNCkNy<(l9MAi_anNUkIGUERd8GF4^N|F|v^m+Zf*th{(
zP33h36S`y?(a_)Lm$Zu}+{awn%qUP9Q{?GhId8uqXD@YLqk`5q8?itJax7UzZtsHo
z>i9^uV<}$2fWjM0`JIq~nthr`N-YW6%k4+2lb<N!>G$+UC{u&aJ)*^^Bl&_H=}dO?
zloFO^ZMooKl}QVFd80QE2?By&z1bQe6QKTn7yElwYWgb*b&Q34xjK@zo5D>hH1!~d
zi{+OtoBz4|9$V8j<*L<8UV28@^_yMti4Clc$G9tOl<sz<AJIV{C2>JCoKZEApf_uL
z(0{pRBgKKLrbOwqt}7SX^ZH$qNuWZ!Pu5yMQ1B~*;wG+*v|r0`ORaq9pvZQl*)@aZ
zKC(Vt$k0m(*`5aPbhUpt{yH{Pt<{SEMUCzg)!*CU#ZBIv96gWbRTw!Ho)A+9cON86
z_)R)gciG={6x@C;u92bh$8Y`~u{lsZcmOU{pS$BGY{M-<o9Mk^9V@dZjXU2zdNqZZ
z`tQY^=fFNif9m`s_x?Pz!0q6ZO(E*Y#)nkMnZQ1k2>JnWN4BGSN-bW~0;9LAq={l$
z6dB~lz7AtlY-_Dd8;(n2qRpf8>DW0aaccwtKDzHpzD#81c*Xra)4*dRe)<Im1Z`VM
zDfS&XGeHyD=iRUZuJC3-#{GZoni$(qxrR#!0*UvahF;!vGgc9MCQo!Fo^t#>b7IFr
zX(hj;RG?Pr3se53#~CtfHoKH#v%>l7#4inr4LVeZyq$g-r&#~!J7vG!QM5hewCo|-
zOC|QQ=P=`QvD*ASVvp^A<A&EHIPAO<1Ifl^Nj!^U=Dlg%UpcD6-q|0MV*I!l;i-#x
zpjntHMh^V*!H5B&=70F%g6QVN>gH7LNySU20sEV73yore99;_wi{gCJ6z_9Mc~r5E
z;jfmAnQZMNAzxz%(phk5WhStw%Ad)m_ZXih?lIp!D>t(Y?W<%DOEmo$6)QH>n-2TR
zu$zOYdwqk%V4x$}L(Y+sj8t?&899Q1PY?nh>da=4wZ6$@ZNNCMAyl&=o7HljI8=Ux
zTQf6-n-781$^iHKQ<dMT602QO9bU>Crx6wbEx+oP1k<!RnRsxdu{6W2gfZ`eSBT-x
zh#3^Et>lhKY&&IZ+g-Xc^Y<t|b+1OwIpV``Glv$v`>yo^$VV&nDe;{Q8c#F5gf`cn
zvzE02q%wB8=vk3Vw)0H0*$;72B6|oNZukf+Qe)wI$Q@=#UbOO4F`R?1b-Dz2^$|K~
zk|Xpnbj%;<mRfH2u)b7#Dmj#wv|Q3;yJ*`vWr|xqCoIp0RhZFM42Q|Xf+cjrz|86v
z*y$=zR>C}GKPs3@byWzY?jwK|kTWxe@7ypZV4@e!7V?M`c0jPqd4;7T;^B~FH`6&U
z&F1RLSQZYaouJ<Preug=U36wM{_BT*$HD7Q&JCts7W_+<t(+uwn)-yOb^l#pa&Uqx
zV<fwrY*0(BW?WsUIPAABO&(X(aWk1F)@StbMU?@AoUB>Ws8w8wRGQ2b>^52L8#mBf
zQag6C3W9avQNFfIwpT2a0~sdI`?y)bKv81IpzLNsd^(I0K~dG=u{JF7ELozci(kG&
z4kdom2(f8F?3mVDHpNtd`U8Pa&@}D-yys`MDzR<eacyq0@g;ZOwUT?CFUw``%m2Q9
z2v%RcotRo}q&o7t-yS<cS-lI2eken}>Vz0R5onA<e8a&Ko-f@|GO+ThZBxvj1Zin1
zC}6cJ4#bYreDtUFbH?mJEuxurDvkFztUcoMrVTbbV#xAqT`EqQ2H#buxsWUws-Kr0
zO?;|S=X`IxL0CR144&z#>gL5=#N|yo(*!)u-qN+mG%<tPva8&r3>syRPO0M!L@583
zXrykEgc?5|F6Zw+w>!`DHt$kJO|=bG^Y7(sNYPD~N#Qn&?}<)~vO%{5bs^k0TyBrO
zr`yI^+U^Bw5$cR#eia%Gm~eb9J%PhUk1DT>l5IY3^d8@f_diq;;i6Tftxt9otP@L{
zc~e*iMVw)kx(Y`shrBlyVmE^@m*ekwQ&#Sd%8gU@DvuQj1FILPtZ+Q~%Iau*E^ch~
zPqp$4m1qY^O&7!IP&g|?bWBpTt7k_qZesNp+G@Otw$*D&UnaDbw*Gkt^7HlksQ+|w
z1yBCP{Fs!*d2v+#F1+8n=gHOtan2h_G4cjO9;DjBhuH5ersxRpay3O#sHhoVb)m|7
z(1j&&Jf+$Fk{Q6yK&o&mE^DQysu%W5vvW**Hr&y7Vu&e{T}z>0`k7+%&P||nP7FLP
zE4xK7a)o`h%*#Yh53%w3`5S~cA@n$Pj<%ky=4Mk<%zJ0wBA?`qx_LTVdKr9t32B=k
zRyPx%t1C)#n=aPqFMlQY)*1T!kvrlZ0?X1V&J?D8!v;eEb(>Sa`g2*I?WocZG2h21
z{)ce2r(w^sBv2d7hs_uEjyreH8Bm(g7)EP$FbM29!jx^jb0a1t@pB%Vw%Z~O;dtiF
zwjMkgyHt|1t+A|D=c`_+_yMRr{|?LkbU>59T8rpl$J6_B<H3&ab6w#eaV+W%Xw56K
zpN}rDgbSFP_{pa5bkorGkV;2`E?}k-QTkGulANdWR;M9vs~#4M_;&5b6XG9^o*i0i
z8@tpcq@Ofu6~~pb_iNeYNEy1_Nt{VS^WiqKBI{z#xOB99qNILwf&8wUyR^ayC%_eg
zpJ3ds;FPt1-5-Ma_&W!$p5PM<w?HT@z=)cnst_SCMKw~73fM}~LTGRJ+F=w;-kUzi
zY<;fAgJ~A^7~eggKb-|BI4Fa-d?2CmcVzxtYY%IbE+Tg(oJQt(G}N~x2kCzR!7cmY
z**}04_UzkneeikRt<kUTzL0X}UgPJ9FeYVB=doGo4soH|N!}Elgl0a_zqVmELB&In
z#dh$<v-68R_0c?}BW*NP^s5-=Mco>|ZQh8umM=>oG|d_WNa%G*5izK0q#FU7Q(>Xs
z!kl^bQy^Dez=D4_^=Gw+-u9qqSY*znsB6?_nmw*N;$L|0sf)(cRK0f<&wf!dar(QG
zNIA?TO(UDy)d!BxRCvkA?Q67B(>NFFV`4VWu)IUiwZ`iX0ME+T#MHHVzEUuh7+puj
z{~v)RDy(AP38^))^YmYdp-)NV3#5tS4<(s6s*EmZqO?$3E38~;FlQ2Ye=1rTT!n4)
zU9O?KRLL9H*=Dlp`|d7&Rrduv$KTTuYS6*Ip7o6`;M?`4O{0|23v{}>JIZfQEbw3N
zL*>`vLFq<r)<mm6w;7o0m0Pbst=tp${Q+<=%PfZ;y%Cj13SXybqz*UksOD6P<Yx5S
z?{6#UQz31R;r^GOR`=JmH>Cy|xeG-lbE|dp9pUpFkpkEEx9bFmce}YKR&?>AGfgD(
z_|z*4kM~9OxBGc~Pf4X8UVbpMU-QW{__Ke%6^82+FCFVRiQ2C^@uKEGxFbVAZTg=P
zOQhbSL`tvE;-jy>CmGM;*F>u@r&U{crb%4-j*GT`reD!bZE7S-o4|eFb5%I|xzRyu
zx8BSv@|E$O_~q&OJC8+n^AZvCPf5nm!k+V`t)V}F7U$V<->cHbZ!CK_y54x;U+jv?
zvVH)^s?O*7Q}n;c7l?(%f&3yu^K!aD$4||d!No_IOX$n18lI!z4X0)?N4f4qJ!>>t
zgs1G^D*TsZjY=g;OQZy-M^PwHIXgAs8M%xGm);W3@@L$a;?XYu0Q%h@&f&K&%)hwE
z1-L6n$gXBL#t;-Z(L)IKJleusoN$DfT6yJJvdC7+ToO`sp!+0WN!#|)8gIWw<SHjr
z^#_2YewR?>!&5e3b@Q=}tLPRytRB+mCu)iI{b!7ienpTXWX168usgS<dKBiw|5VF0
zJ(`b`FdKo&w~|0l68)1+;}-^Txqc&zggOGpvQ{WA0&3d@_#)o*AHa0yCQ;iB8r8!l
zYn+<5llz0TUR8roipS29j$C|P+YOA}RB^J{4`Aq1UcAtwvhSmVqhpL|=uzU`yw%;D
z`)kCDD207+HinfQ8ZpSV{n56#@j@<QHubeyu7ak_y46ao+0{sP-15wsCoz|a5@+hK
zR!M4yqxaPZ!G)KmXxrniwk)~mOslQN*XpjuIX~li5>;<r(6M-7TA!r>JR9(_^6cET
zvR}sN-*yWqOuQXf3&F}FSa?S3m?&;4XV1-o6BGN^xdAGmYW@iemC$76RI(QGOGLeo
z!V}yo(~-vVLFCTpd8FF^v~{ryRbFRyUOa&T4`-x~V7fBvGj-3RC)Xr}oHB8vs&%fW
z+`L+1LJV_h2uvoLnQ3)G07Xj4Z~&67oN~U@E5W=M<|Wnwc-BR1W;3;mm3c%SSLCib
zqT0D9v`ud(H4{-Ugw^kuz-719wQMlC<<Oe`s^!(YZEf??5?Aas<pi)k3YwD(r?`lC
z^oLLKnF>1($wit3y%q_tJjz^)V|+=$HG<BKU$>O{wVmOvdH7dF182Km6d8fA65es7
z$}0qOJPgDAkq7nD9)TDgXyWN1R4smyx@7oj!A;@sI?PJoiAdC`!2a0RA+Nh#@<3xx
z1cEvSs>yD-kWlH2CZ%Kr?xZew^y|Jk-)EJ<1DW~~N~l>TbfFu0t<SEfjbRgEOG8wz
z1eVPj%(3&u9k`s<v38EJ-(%Kpux%4L(Lc_19L!~+n;%sz(Pb*VI>}WpDgAiMWHK+h
zu9CmZV*<(ddiO=ugf3^;a-xkOEVB1|pRu@1Dyj~914Gsxn@a)}Z|Gu)vO7I9m)X|D
z!G+aO^-4cWwbn(IA3zs9L)|@i7QfDVB^|-wLjM?>m$5)ah9>?wZ}ys^e(D~v5fo{B
z<P?pZY_dPzGhgiMfx7j67GHLvyN^OGS6VP~-nQ=F<41Bi<LgFri*w$;ThD87#zG`a
za7i$hWG!Md3TWPnR$w7Ck+BI%<@AAy4~=SE$SRJ9%R6PJA7sqzE%)$-?;VPD9eN(E
z)J|n!P(ET)5??is%K+QaN<q6_eyj*<>mRRr#MNS1bGTpkUJLW{o~_G*-!MBdb)ZaH
z0+~hcm(%KIKWThrJR-VRS?){?)^-!2*44%@Z?q2am!7CKN%5e?myU;bZCVb$MVudp
zqYmZbr;=4`r-^I*Ngdc;G1`d;VN&#`=?>ju8fv`FqjO9NaPpjrW0W&;xUF;LHv+d9
z4z(*73j7N?w!>nNb6UDJ4Q5T0`tlemY1b!l=CK`iLk>cC&wE@Xi9L*(C?kZ}bfcw7
z6HEKEBcH1OKL*rBhrRj%uzMxZ!2{XZHoR2aUHTsiWyN`v<4tl9cKB45jo3|~^d7#H
zrL&D2_b6vGJM%-`fLIi3o1>H!DM{Wm6FoYDZSM*OYUP@a^^hECa51iwLN}dlT|sU|
zP!JDKu#EKjrF)V8`{F%*BE4CuMZMYTyPnMI5G%_Z^3Xma;|lzB9Bb|-COn^=%1P(*
z@Oe+>>chcG9AmdBcNyGnT?V-_AFC3NU5sWYzTNFY3%L?gChj(i?AE#2a9iCRVa2Iw
z+GsXfm=cSKgG(;L>(j6<XpZIVQT=mor{{D0Tx{K=8)u|ZhaDm^@X#)*G*OD*$eXj#
zh@JA`6W?~Mrw9v#M!L)|75ap151h9rIK*ha%E%dB;X!$X?S^JWT%{MuYQj6ow1J+a
zChk~?f#`77*DgP}dBXa5dqYfPUY<AS6+#24C^6CAq>R(&7W^;k8xuKrn^kB*Vd)WZ
z5s_eO<yaH1yVg4>;1yr{Ful)Yena^!i*sFR-9X+sRfW>O+mI8D<JptB&i9e6+734m
z$_b5CVaB+O&GP8|00$AuohwOj{CU~fMo!?0%ya_gvnUDV8YbGOGKp=uop8O~GU3iH
z{M#R3PA?i$wlr;A4!NZag@{OmNE2<qKM~)FxOP&CDf=o8RFqeS5fz0w%%~DXm?)Sq
z3JD|$({fdRp87)HtCE0W!xv_od9gVhUCB)yh7j{Ak~}~s<y}L)&A3xkEbid*uxNe<
z-%3jj^X(Pyakg8e(pUo03uj#|uaWbb;O-&8@y?F1kFZbOhtnr;BD)vh<kk$q;T3IC
zkQ39UcjntG%{nDmD?8TTTUqHga0pf%u)ommLSN7&<$>#_e2i{l$3w{Gc*0usHJH?j
zQDvTxlvYsSqhvTvL3;(U5f2$JI=Kk3q<GKAXPogsProrrckl4GIWHHk28#7g%oh_<
z1hv83f^_5y7GJd}Y9I+u19RdyT%XMOFxl*vmPGbB7tSSc(7mstqk@D`W@kl@nS{W5
zj7ul!dj|!65mN>HA|@mhBpe(D3@rFR1At%c1Rnut3``0bENnJWB`0)B5krTnaU60g
zR(3IEBga>-qcbZiyCyiE$8>yw6<0C#KcSAz>coBFoV~^=srvg%nJB{Gmog8rUF{e@
z!JlS|eF&#IHswt)-JDm@Npx1HK_DD{g7PlVe4Le#TrI*6CPPxvVCy~0V}fgI4O<B7
z-sZS@Sx)F#NyAxf+Ydo8Yzb3XmRvlqwNAytu~^NpLe(jYWVA~H8o0kFyzu{kg3UR}
zL(KEkjB6vW$4M=3uP4QANPCfg|09<6v+C0qub*B8!z0n!P8EtiW-s8xw@r0Q5Flcr
ztp2#fWB!TW&;l{<<4KGK_Wo<~jHm8{9)@yugGAoc>HTRqVOmvXA#CthcF3Dje%`zO
zCyOdrGgvy>FX-wNM53`27ze7mIy$p3RaMMcoA};Rn96eweap5xCY^5dpvai#b1tl#
zw1rr5dM!0jzs>f>*E-csAKx#Nu|HK(q|7l{eH^ud^`Ln8^wUyYqo_i8GPQq}<;!W5
z`#Elcr^z9SVh)FdJbIToUA*)vxIyE#2sL4am3AfbU&<DOa<|mE=bZzS<Vyp)-W3!%
zSLGmoI)c<9>9{6+!5UhkG)>K0bWB;n@n-QwcfX>E%Lgn=&5@IhGGohUK<@EmqNU%2
z@{5Viw-(Gz0mL)Ya_y<Z@lY%DOo;YI$tvrTZ?f2Ezwb=Lu@M>>_SAoq_CaSRj(^f`
zTWk|s#HE}v{M<QidFOUG1YNS1_*PPWD7Ugz3u*n{`q49<uM_3kJ@1Q=OmRw5G<S8;
zzs2P*_8>9GyGn}7vJMm}@5PDQR&^&o7h6UxX%@37G>TKg9(&mqLM$U62@TY|PQ*%m
zt%8b!Q%Q)6qdg*JJ<LzLZX-{Fpic{VZOi?9(XuiwTtwU`_{H!?Vme|;F($1ZdG>@!
z-B&VS@cZnZmw8amp7dq|IZJbd66zgavvGZ0plyQQ5Mb%U2a?gUe^GU?&}e?$Z3z#p
zW!o9+<M4`3?4#u-Hg_7mUWjA645BWb#s2N0s{NO&I2*zeFMsU)#7{$;h(wDe$R`|H
ziOR*Ec4414ALnrdY{E#d5)9(rKzkaiJy-C?d9%W_hSmyvkkTsRyy){e^7sL~c*?wh
zdC+snvl0T8p_oVHILbtaQaDDK)W3e)A@z>A_)(tV7a_L7ys3}3RAyMmtZ_KgyB|^l
zy)pV<c;`K`^;>FgVbtX0nSe)R(Cv#zt+?xBF#ja_dUfu@lWYV|W&cvra`LTS@_VI1
zX2g>>t8_WBm=TW*))s(5sK)Vv*>OVV$Va$1A#%}|2~Ht9W28^r**5xOF^6CcU)`!&
z*!VbX?e2sd#=SYZ?bNcQm&3J))y^!GXpIf6@nPeF%tKxmeIbLVh5lYW)Zy8cSi@)8
zws6r^E&Lj(@C{1Ci$yq1JSi4erGTqPNtx<X%+(vknn$*lA@(I%@XghYDyz7*L^1^!
zg=Pbnz18&1C}JUSZ0M(LT~8LoVwrsdH=R(V;G6IapM0V?`dnzTn)}!_f+L<*X*MW?
z(=pLTiB@q%W9r@^re^dJd+j|1(N4eq*63#b`E@6oZeFz3mjAvbx0;h0uwOsyZX{Si
zsu9U3oj^5&u^D{Y{fi*>7CW96T>?udwSd1blX`iFwR8thZQ1+8iFyQ&?f@f~eE@19
z8;au$H3*lFA^HCx<=<j)RBr<pe0kZ!HP;T_g%!3uVSQug-~6%=u7}HoMw%L?ZRKko
z)bpHpt>*>U;nBPQ+utBOa}R&ISEeX;x{lb-4^CsP@?~r+H%AE7Id@;4OLYiglq*Wu
zV2u+&|Nr;!mQ~)w2cKj?-SZH|;OZ{$+JQT&dW$M(Q6VeZ%Op70r7*0dErh<lKVxgU
z!4`bcHO9lwy?@S8(xVAAiK>q4{}E?W2sTmLB`{qsF8w*OX~bZy|MmhlZD{>b3B^Za
zTV7b^h7zkl6f(8v$(&x+N1@ymJsn2Lhh}eGnK{dIGGxMhZ=aen-Rat#C8ikjW5|{0
z6}7OwHl-tkTgH;%z}!8-6{wETdb9uKGQh-QTZur$7hBaKT6m<$2_JkBXA21f|M@s=
zqN&2H5?^F#^qUjej*%Qh+Tn~^y7dn-=iOBuD)<S-3Haq=6PvRyK0V)kr@vtNc340z
zFy_VQYPXLPyu%;F1`!?nbd`GgpkVlm@H0)~3L&V&skQhny7S1=<a6h}te^U+hSEz)
zos+$I+8WP5lh9rH7W&hC^GuyuG`RP%3@a=PEs+Q<BF?oWF;ZhSNiRb2&O9&9=(=K7
z%ke<6+WE|~P@W+2XlEWZ@xSw%TWq|O<<8Nk5@nU09zpq~k3io2E)&7Q89`UHO^1*2
zRC$iyK`vZi9e;a5HLGc{2)}3@w?dT=e&Js~eQNJiJtqmY_3^Z)rqA9ji@TUke&H|K
zgDVa;jUrJGsPc#`&S-G_0mN-X^tPP1Y!p5U!4r)UrQ#Bxr=qu4499&>Ky)`z$5xiC
zcCZ_!XR(g4(POb_sqkX01_JRGftrva?s{SR&nkm`VjL``G21h9!R58)s^!kYjg!Ri
z%+!12{arpUD%bIw>aU5X-46Q1G7<dnoLuz9#H4<{BN8;{#G2mR5!V*}`OJdlCh35~
zT0FF_m$7~cj2AwWetnf`Acn`XS|+p$E=QIse-Ig&uEKCdneQJa+2a__j38R=iC*I8
zFE#iMI{B^ZT?;6NQ7JV`)gE6;W!GnldhxvZSj|Ko0*9gEQow;S&9rrtwU~Z}kl-$>
z?Bq}M;!zw+3Br>q{MmjwRk61!ZecotHbX;HjW5r|{f{AapCIyk4BB~oKt0B^@MiVm
zn)((C|6CQF5%KohN?uv&vtz^UXk6*P1~;o@x#;t6IeA+;IMYtQvfsohOsQeHof8se
zrEH;^^;rTTaDd{)a3-o?BWxUQhA2j`Ct((RC7WEaMQfdu)~(vBRg?SYr#ABCX^%Ch
zD2}UL#f{sgG8+o?31vA$Uog|~NT2BxUOeK=%?a$=GH@M5GG8QYy#K9=)P8Z&Tb@Yd
z%)HmRxr}d8m!O@Ec5!&)iir@QwMx?Y_W}ks9g8;$wVmi{%o2wLCY3ow>fXJ4measq
zY=|pEu9?@k^H!c9&t?Sf(;j4TN;@`rv@7b+y-F$^;Z?`t1^!8e2$@FYrl94Xs!@jw
zn*19Fywz_~Ve-{a7Q{{MjiN3}_6l2-r3_!uK@nDl`=DX_(tNx%*!3RFcpeE87l1Yj
z=XG><YyAAsTS1>UZKZ3B68y^7Ab6Zhc42>KNJoVwARKNnrF=etLus;Qs*~8AtW_PK
zE1?o6h2ANfEcNV0PHh>>vb=e>0ER0fztDfusn^idWx^`U9o53JhhELOVbD~Td4aB8
zwJ~q6z2iu}uv#%G2yrk*R7o(1lcwpB>aIlN!f506>pay9)~cNsuA`j&i8j8<#_cI`
zNmO6q`9hiB-qt_UKTZA2JKKs1`^~=OP=@NdG-K$NBX9+y6D_3FP^&(+hZNleo)GwO
z`2Ck1j1e<VL5XtT*97?<PmNy^N(F8+4rebyb;{)~2_L>r8-T-N7ZT&F6QZvTzEl>D
zXN@QGh5qH)_Bi3*XGHTI7AFZ_Lb5^AVd?1}S7xabxnx7HogY%l6HPF<k{8Z@-%xy!
zl(<Dxc$bosims36S{14#Esn9^n-Y{jJ-Y+5`Zt9WyPSiN2_d6$&rjEg7x*&*F29U{
zOes&t9i2gWmRT~&M7l}jgoUbiFqEuTm2>jscL+(t@O8eGAl{Sb#@SaOH^ZzNq$7Q+
z25WYb8hkzJg}mP}IfM2^2YJs!ri8S*WB5IBPtnvz(cv8WPltSe<{&TBqh9>3!WPVR
zc?CE5^>O$XIi8YfOXY~z4*uj;2Z5IV#oJpz#kFjUqK!l2?gV#tcXt|Z+}&Lg+}+*X
z-3h@Rf=h4$1P=iM1PFO#@3Z$l=iVp(jsM3VU87g8s$Q$Arq`@lRT24;x<rikQyEGP
zhTcNYp{E;nhNPBu@RMcV&OSmZww#(+%~gKQwJBm<dnp}FRVq_VdI%#uv6%bdrTdpe
z=|DOdq956_=T6u@vk0k(Gg>!Sqf>TuPj*jf2>wG1{Q)!K-K84@qh9H-iN5m4@4vAE
zv{btY+A9NHzPan4JwgRr%2Z0Ir*A3VHfJ}o+2L*}9*Dg_Pino52sC>YC$>^$bkac-
zy5ZWU0SG0&z2wrKS>L#-@s!d(i53zOR@HpL>{;_UkV?9zuc!o_LI&Zroh9tc2M<Q<
zl5=vUeO`YvSBakzN*MzbPT#figHfUS^a~)?hZ0K`lAd&?WPBu=C9A#1Gurg2sllJP
zsWh!~e_65==^)c$lK*&HARJz3d};N=<|HJ6P3t@@RLI{wD_kV%i61`%B><N#=u4sm
zGw^&ZHq{sF>u8Z+)PST`^hL|XtQsqd`*`kk5pktX$sTB(YCwxu*IRRHQkMDsW`^_g
zheN)V+!NJGR<}AvXohdp;c%{$SJAbo;x$klI@)l+7fwTCD>s-uBJc;qtX(gKccOJo
zKjp$KC1y?2P7O$pK-j9jn|3>Jb`~&>-Fw9#vJ57LDdNwa`td(~bM{|`Y!Dn;siS1^
z1Bod929(Gb!^e`3hL1%Ebn??vF@@yehxAE|ZK1-uoFkpV5tv@+chW!`#c~A%GI^7J
z5J0VE2k2)8RHin836HUF6A!VRjX&te+WYZJY;C!xuDVo)-CC#tAr+fWYjS8D9AQ-G
z?5N+Zg37flK$i^Pwuo<H*{QSNEM+cio?;ECd<ICfUEH9A#ea@zW6e?KZOQq*AFdrc
zutw*_?0xL<6&DoHoFrLB9*BbZhu%CFye1z%!-F45E1!EmT)H)GT>7Sy{kPf#EIoH?
ze?@zW-_VblG~djQR_(vk%cskcd8~pO5<fH$t~*CL*~B}g9;;LxySfU^i9<grBmD({
zv|zX=X)5yJTXLtOkmD~(Gh>y8GR#vE<}AQ{5@h%rP)RGgcKMPzBp2(eF&Nc-3A_j}
z6bncS0@0cB0iNAj5%WWTG~>7S_Q*%93q!RhdC|auf5wVKw#dAbxuu6SH^HZ3FFA1}
zlml%Ks84wAl@Ih0s`0*o=HAr<wF+(IW9EM~-uqh;GsZU!cf{D>FUw%4G~yvZ@l&Ls
zb+3TUdSn=t_A=JI@Yd82Mg_gP<JR|jX>1#&G8CppX#8?@RY<%uZENfaLMsUfTr`|}
zU#Y6!<&~JrzJF%zgLM)h*f#cC{28%mgQ(JZDyYx$PY*w_YN6>L)+({Bq_$WIZEe4!
z9Zbl0V?PlA36sc^u~~cnM6TNynr6j6@wox<FIo91UyB22SNhiOZBpUcn>8OU`EZw7
z^ulk>_5a8)YezX-hhYLb8XeXy9E~>GrOH%bKK@^#qpi2b+YX|HqeNjk4sm}GCE-+T
zAq^SYc2DRZVLqS8N33F&qkPHNZaoLRY>R+D+tN)W;cg9CT_;Atx8lwHmsDN5d_ppo
z+{`K}8x4;Ty6Q<qp0WXhiVEY={~@3YOi;B=^IowS|6aK2f_(0~Qc6|rWkR_~lL`a)
zBzmUA)Fm(N6&h;F?JS$II@TV?(!f+pseC525H_af>DU1i1<<^8XE6(Z;0(&k0$(t0
z=%VO;mXwm%jQu@Vn6f-wc?HR6T}zyjsBT|GJX9Cyz+L4w;&~7!9S`=7?fkv?1r7Xn
z1z-m|_WSKB0P#s%_1Ru74fhmA*~?%m92RZS&N~evRF)sg&P1>5?4a8gcE!r+=)<oS
zRP-_6z1}LJ=9Go6YE$9WyMJJ8M;=Pdx>2<5<Dtyh##mTm5XYA?4|Kx$yucxEqFiVx
zUzJa&s%L^oX05~3j+?*iRIA9lks!jxSwW&}zbx>%&^GGCKi{RsAlih24dhQ&j}Ohh
zx%9Z{P&Ax^qR9JLS6%*T+4{+w<S#&PN;#JUr?)YrlezfDDt7cx8=GXPHW$L;;6nb<
zkpjL}Yt0BVYae0%qL+<dfO{fhFjp8M{tu!h6F6Kh`or1Dt};X-+<z!><FRmz`yZSF
zLVp2blX+gBxzhZ6%DT|xmh7Z|UXu+f`f;WF4+xwFRj5`8d}Rp45DGu6zPT;JQ7YF>
zM5fInJeI9aEfIxQEUng|I>>d#pA;mUz=?KfZ7fpD)o>>I7mE<V6upq^XLE#Z5PuFC
zTrvqW{ZdNOwXV$>hOF<8`cLcnQyHu1v7w34X@jFc>4A)tU*NAK!Ssy_kW$KSV*P(x
z@y>MaUl$zh;5(jqWIBHVOf_|S$wIcfCan0mNMQb<#$Cskc?Hf(CXMzG+bThQ#J}(k
zm8SgNCnsO#Dv!X&R7t0oA|&rg&f~>q$s1K&dzQwl@n$@RBIp-jc%k6(jF8jCL=3s`
zwAKAurU12E@Zl}nm!Xpc;WvstSC3{NBNj>gg)?vVZpZ#CWEH5ua~Cj+jfMhZ%LjGF
zP5%V~3?-qkmus6hgYGtPhLOqKtnnybJvQLcR$_mse}lj;z`l*jy<_`eYCc#3Y1xr>
z4zXH8rJX>jEl5rBLHmmeiM1LTJapipAfy!baX1dzjX7-<bSVQXex=lp68K&wUdU9m
z0lD)iI@pdNFCyUuLwhXR>VfHEK(!2`vJxOEdNk@FH5o0;tNRSOSJwr$%|Sw_rXKgp
z3?eCavt29=S0amcF+Qiyp5dqmEvRstECMv)&|yzT&oBScZ<GOf_5*Y4REU{(wM{s6
z4}m{gX_)$o^3h+k3s)zd$PxT#hbMB*8qNs2_1ax+|CArYeRqy>hwHDap4>`DTeI&j
z|Di3Y#6czHcIxO5yC%K3oZGPsHWK||^O&(H@P5ty%EL%|8~a*yp14+WX}s#|POz;-
z)@dL%3O_9-G}@Bvk5~$?BpyAH8WNJc1)Q89+z2A_h#*OG{FLOIlu}+*Uzs#W>uNIv
zy^n4&{E5`M3hg|^aZ<4crru(j%AR;14yX2hkhQxGG8-#?Cf7QmF?K<Y_Pxz;Gzyzf
zls{H^eomS-Z<RJys4gftxf)7dD~Wf*N8$!)U4AJW!ZcEr$BK2zp?Eo(3O^7FlD~wD
zBdS?!gl;M=hwEE{W0AwBsu5~#w5o3QTBUK#Fhh?mog0-E!Nu<hoIlNGME;-Nq=8dY
z+h?+uIWHDbO#|httm5&X#H#`Uec45;kZAhg3~@!uBwZiB_r-`Pys4};IMM20KZ+j>
z60^M<F)&iLbmVEbcumgobV%`o*KTjH^;JJ^$RE9w=8?m>CRc|%)BtBebXKV==&q^A
zqTd%#BG4pl6$0}Y|BaE>*?-QPdrp`2SrBHu+9MG~x3qM9$FAZBs)TKC)66g>AYDo}
z9|nnCY#VbY`p_wVh>?HjVKwG`3}*1KWr;QV(m8T{gD}6JXNvzi_G9#xTj8-^XzfeP
z9iV50Al~*ynBJ#T$FJi&Bwg6wavQ)t`#1ZUklLvGRb?v|CDu@WU9wK{BH7QEu;?;h
zmIHFOdWYvX6=_ydRz3oHvj+*r5PVKF+1onysJn(Om~Ln{e+x$uyn<PFt(t%vOng0`
zgjiB=Ew$LS;|r)H8MyP10#moblAfjPo+qOd{%-y~N&+&GfddbF_zQE#KWsVBZ1GeK
zmKw`ZV$h_5j&zlw^XKE%n%+;{sv&E6uk@pKk<+}`4?nF29rSJtb5r-Ln-+fr6YD`~
z>q0inV4025ey;Am#9acJ&1crqDu<}VB*zH<Y6zcRQJXPvQeuJYr+M3ZBIjDdsKV-E
z?Yk-rS@o};?yb}qj7*~2*4CzmAT`<av>bKvPsw%PL3SnFd2B*qMoF1Im=F<$5(>`H
zp9Pj_NsaPRfZ)UI0N`PK>jSV#{;7~oMK-FJU~!RISqbA4Okhn)7AJuzSPkUOSjVZc
zT&C&d!;je@2)BWwrtpMemMD?p32KJX<HqhI@={+Uii(#UBR5N88_zsYbfxCQ{BIeU
zwqUJ{WS(|)y&jL&7iaTNb*MM$`0Bp?CeZaA14;gGu9u0D9G*YNu|)@m(WY8;bB7ea
zCVVcN!6qA`@T68^^nXiehc!Aw`b#IVMIU17PHle-Ury_sw>#)IH`Z=PLWP)5-HRtl
zLDIvA*O_1NaqfT0sP_jWH0M5&3MF7z+DxbNfj<qejJ~7wHDEt8C=n0M4pLUfR0n2y
zzzpe|rdd}K?LX~n(o3k*6?m|$t5wP8!Y)KGT2$qYM5NsniHWYX%|a`awF>uW0^#d&
zTCG?~)Q{y{v~pY&80h6&LNxJmtS}yrD)fCUaKDPFan2gEMmc{nAk)H>N7TKAw^oDq
zL+JhNUM3JmAPw4K|6A}AcQMG}gh}E{zIpnedK%SY<$=L=;w55+^qGpy<>?wcl@8RQ
zDa8+Z7NbcVjO|Sm#Mey7w<^4kdd*vqwRGSXeR8=24))>@Nji;+UU4UkAB35Q6@&70
zpnTq(Ux0<O^wiG@KD4;EqPpS>rKwdw{Dsn-f%u6Z(i%H|I<CC66hFA@5{Ayx5r0d7
zfQ&km36U4YhPKpM?MdyJE^+&<C$T!e(Ss^suenc7;<|m!9P=|bD$4)2H_;&`9gqo?
zqDl5gFSf6)HJMoQh06*e1l$R%-@JyH@U)0mIl^)s6|S-6ftmTZcbAo6k%2rZ!6{r;
zJs(SA;IXU(9b86-BaSX^%TniEEN*E&J;kMHt&rYNiuuk3(;KXLmq|&RzGzyZW#UhS
zlkT$Ay~3FzT$#$@&^MeDgj&SRr%}Z}vfjCG@@$sn7o=P}hbSF>KEEzPJNfCM`?n`c
z1vrs$8AIV3BeK)r>VXMk%eNRKFI!QMajFX*VqhX0u@uixAk&ViDV3lyQKmMqXa-rA
zhJm6<x5N;C$AdfEVTH9L+G;XZLZZ6bb=gS#q$%;DbIOwbLj%%Xx<uAdnEtOmq=|{`
z3m8s4g60UaFuL(<xT6}|Cdv=eY@S}r<PYplFjeH$<xFZ*5ci{uG}3pE{kD);$>MhM
zqa$z8n~WswwdV=3Z>9hJM#A#~BbW|s7u)pep8d@-SG8HM6YxBY4cD8=sE91hT4@m&
zuwlq*T>M$<;X`ov_E?o=^lh&4uS(i`Z{Z{Zj8Aq{SHA_UGh|Wi4i87cw)HP6*T7)p
z)N5p7%;TzmT|`UscmMXjD<VJ>#0jOLr*?dU2fDTqIa3zUJeSEZni(yQW{!Nh;M|-d
z_)kE;`n+gcF?h<P<f#JzEY#i5^xAZzSsvkowo<3%_uK{ktfQ*?xenInM#I>I2j8M2
zT~onjn+Skx$Pz1GglVNwoD&N&#@h0=SF19}ve3|}o6!u=Sh^u)W5Y#wuqs;_WBZ_d
z`4__t_R33_RfqE~DY}sJCPS;U@rVuVhL&n<?vpB#g5|?T=jLTw4`qp*yR;LvT11m#
zw7gYkr&g+tKSHeDL_e?+TyRDYTIOg1dgs2se;p*{W2dle;Yc5*y{KxX>14K9e%6at
z0@-<!6Av&9EXLQbum;Nk<rbuD`j!y}q7#i97lOS;xWLu^lAFAH6Xvai;9Q6@7>!CQ
zN|=?sz8Tp7;Pj_7SKVQ1wGNEZjD<rN^Y!wW3%go{$%E-$Vjl&%9`Pkm{DFREdqe2u
z;a>`jWfZ;gYYM@q59?53-S9iQA7!0j(n>486wiqsvZZpvlxg>cZ#mOK=}Z_MrM;PS
zrhF>w{yF<auG%qH+dv7uM$ubAnK7Um^>W>DS%~d<WX?C#J1%G?muUCR5lz^uT$M`d
zvIt1ucdHz#rz^i%R={7hOluo~?3p})EY;=`ozEu()R7kkx)I*Qv|Q?G4|=(#|44PT
z`2Gvf+DBX)^V2zlY2Af8g38n+S1*=-0#2+8%mPX1!NA8cpd05gG)t$EWA`?Im@M6Z
zg5ZdWp0`EJ5G=;EogK;1kXXho+VsBexiv86<lPsvkQ25&M$^TM7)@mM91VgR_W(9`
zk|GicW0Hl9u!w}<v?Gy7RHNTa9Gs*ynMy)`bnl2wxzVbw5r!z&%AzDCRpcFNA{Vug
zYr09wJ1(kJwk=D+7k;#zljfuDgt4${n-|{M9b@^Ezi{_<vhomxzpRpZ-tgrh#PIMn
zE>zQYzq=s+5)^MEkjzB)1vS3zRHl0VDMk%DBu}h{W`#6itH;_mO~*cssw&imzg0{Y
z!CkjyOkHOw^fNXI|9OIHoV7jF*+qR}k<AK{R`Oy+m(E<;1O5F~8j#iwZEIS%zqK(B
z0p#5lc|#>O%T6U-Hcr1<FF2ugB%i>p;gejV<m@{UW>`iqr}=tUc%(7qUA{PK7f_8;
z{CQTrM|alv<$}g{C$?of(nDt=BH=6UeC6BAA}K2I!hx?A1#~KVT<C31$8j|Qk`8*0
z6t+9_gjz3=pE_=(mp>G9*Zuter;q@2Faz;SDia*K(EGs!0wmWd5nvtVlgeA_8tCPw
zDV>u!+~MF;M>~gV1a6VUuL|w3OP&t{mf3ItiDW`1r|Q0w@hxFwFRr5&p&%S6a<Qf-
z_fCRA4pclbC$Gb*3w^OTQ%Vcs%#n>kU2(ZGcgv_OcLCF78;zAjj_4iiGKO+$*4W;>
z<Q{I9m=-(kNZ9ZQPH(P06x-aZEH-YrvKSao8}Pm6{Czm~kdlJ(nr5z<20d+knW|)n
zEo1i(1ki!oTIv&BF_e6+GOR|K9V1Fcoz_;8{!)Z9BCllMb35PYWUkJ3c_G0(-;Fft
z&qBq}JzMYswZ`TGMp|^<#jPgih<1E_R-#hJj8{?n#ll{JaAeBR%<gkly8zZC+c;i-
zNM>q1mAS<c+vTKLu6%~=E<HpY=TWKh9@p+j=Vte|LmPJ)On3TXpXPX%pbJazG9Odu
zR{!ky`~bMMl=*Yv7G|@xOBJ7w9aXX4e)qQQyh0JiLyQVLkzR;|ESww-YYe?}a|x&)
z93Ap5P;~dFLgvvj>dVJsgK&f$;r%rPc?^ye5V_u+K?hz+rnc!jYqYdwq3dK=Yct>k
zYX-i15^V(IA)Nyl&`>-d5nyGB)#c;m=+YP>17z^|*14|&$Y90bXw6bo{;r4$T=gpN
zu#B}s?F!BISmfa`YIPW){hC^xD7J`^sTM*{q}x2%gq&le680JtK|Itf3(C<<1L)7W
z<7NNM%k)^c?1{*87}ilE!Fh=O5<DwVt+VsZ$DyI6&Th-e-gX|@cm-34^5&r{7O#-L
zjH9@`t^9V&CE^#rYF=>tZRk=@JeKRrOX`QO(A^n_NBEjV86HBD3m!vss){YHvKbO>
zN&-v>9R-nEz^X*^s4>$zZR~^wml7_UaulEw9JL0ItGGUBuugllj1Er%*cF=iNPwN;
zq8x!iXYd`KsEK^4HmfBBRGue3PSXV5&I!9K_ClgT=;AzRb^s%aM_a=aANjQ$MXhU5
zeZ%WE{pQ)wrgvtyj<KdTO+_WRC`uQh(Z<ll1;o<DTEt|pHi4)mNk?0jVgi+>oJ8@N
zv&FSoZY9YtO3Lxb*=S!mXE}5z*&bJqKBf|>+2{IFL3g$k>Owz02vpL#0I`8`vq&_Z
z9vJ%zJ}8l5)fi7=S}Hh|%^-`!IpjpQuci(#m`d&A5C^$?uL1Yu$yq#%hW+HBl*d>x
zp5IO~WL35Lbh33^O>C49t04mmMA0^?d=Ol?5Wq^HdR3G5)Jc-^AGDMh*{7B0w%ckc
z<y#Gi8S&`y!e<cjJ)H8@OFi|iz-+<S4Zr%0UZbs;&|c3;fqLD3^^YCFp?*hOp##WX
z!>mkPimuQ^gOZvCNLf|q_r4kb9Y+Nrg7z9mh4<A_tWaSFsC-Oh^h1o1$P|O-ducR0
zO;3s+pfwjp4#7@Q^f)D&)rB-`bA+hEC033x7|{YFGvYF~34$gTro3j46Hg)R;RHmj
z$d}vRwW}U0v{v=envE}<9w&A>y~1(EMF(pxjoq3;Z+_5gZ;CP-g}~yH2GUGc(^P-h
zuygg3J(5oj+SgJ=Ad3^y%Kd0<ECM%9s;qf3BC}vkyTer{74#AAV^|7f9MPzzfRe<Z
zjvazbBdY~47ry?7^jp&7LLypK1!u<b;U+9<oxn%>AtW(s2erH6qCDR@<jI9QvSww`
zZA5%qfs_TbX;KIbOmrsRu(eTl6ZmNw+h&md0{@07WifrORu(rWA~XO-_Q}P7^8AsO
zW)O=yIZAL)mz(UiyrK=krVfUj-70Z9mli60(2%W6r8?XjOaw@3aUwvqp-pt;!i``f
z!&VZnfYHS}3#QycBC3hFopUJ*Jn$;DN}1kQsqRsJn^mYA`Argw610U;2Ww8pq)5rZ
zz))vMg#xm;_GE}Y*kK@Jv_0Uaw{Mx|y#XLXH%YlcYt|r@YAMukuEH~b(28g7i?1Xo
z5+VETK?aCl*ds}MKs=HMf{J8}xO+!z-Eu_fMTHYk0(X5tb0iqLO%x_J&KB$KAzOY^
zT_V;~oDqI*{afXY<!%^sUm8dNkFn0+^1eYSnlzGFbkClRRCH~MeUoB301dIfiRts>
zcsTIjEr}=dm9RSg;p-ekkvJ`RpqS5$k{8vbeG9!fC*!#ub+mhKqZ%8aK{CS>bzh*p
zszjXqnN?kf-#lQxaGX;V3EkegEL2Hqkj}^#RF^<D?2$;nXi_F%!<vbvL4R+!GZ%_Y
z?|_+&6!c+0?x`N`%#>`U7+P`tIgftAXNjl+kw8gOnd>p43|STnPmAY^bl{qFxTO3=
z>`e_2sTp=vMY1NVvx!$k$||8B8>2`9TDX~i&Za~CPH`?aVron7V~?EnRq8`f6zNsj
z!O<xX!!H1rI*@}I5)cMS!_%)MS9RR*j4h{d{N4}1umX9W$XsAytp_F(U7%%vASnZ&
z0T>Abg!`?olx7?*1EI9Y=VQpz$`_V}EYRhonmA*16BkTzQk*!Uunr`roVmxgNC(aR
z+ODdqn9?aJYpBYY4{H>-1`QG5+Asw$6fRr7%V*axP?Ik_wo>u(Vz$%51UA7$?UYFc
ze-FE$1;d8kUfb}7$-_&2D&KCsJU~2gu_UmcUsQG^m&eUnLw2jV<|IPU>PKnAPHwHe
zt`c(#Y`QeMCWzi%+|sW}bNmI6J*3(YqzgKvhk~UG)v>#=-l-5RL)3mlAI7ZX?%(>1
zHK*!vax%YAax}kW3rj~?ZK$e17g=Dt40TLS?foUpNGdSHXevenP(S$ee@qqS<#*$8
z$;~@}cMkRa&V^NIEhB|KApI(Zy=2=AWQ&7^oBgbzNwGduQEi*It0w>VNmPCB8C~#A
zbockD>YwJ~CJkvIok0a$CmB_Yv%=h!lcQgNPdtZ1nq!&DbqqitfRiKpW6hV9220b1
z0&pKO{qAT+gwy%F;gY<rtK}J0HU{Cd$oNEOBqNKp?YT3T`!4{U5YB6G2v(7J7!ZqA
z^?!9imt`)wq>YwjvRmw2g+dfPoR)99c?_E_3aF|xkaQI=(-B&DU_8_<4iq)<xJd6|
zUNS;~o-|G~)!wR6G<Hs*zv957Q-tkoN))njkst`&!iaz#IZ?F8r1s%EVdK}He~a~^
zQ^OL<?62Rl((NdUO;+EbleFm@Kv)kpwk9$|p-w234CMTlJkhr^BAOyP1_#eqAdI>B
zW$?(!-&)4OYsl*JZieCyyXFf8Dn|&RL5V22q$@x^D~+b|rZZnY#uD6?_P2O3JV$+E
z>a?a8Rjh+5yk!jat7&_ET1v)j0~RbHY;qk-3{JnUIWA~fIocH8Gmm(>ZvnVxk`ar;
z)G!o4Pe(bDIfrM>8R73QBr>GYjoTRko);S(j$1u{TsRWNHgelkeTDk#O^a|NAo-U}
z(T-qRllU}b?$);U>#T9mK~sUic<aQd86D1hCnjAy(qu%#o`}nmF}Kl}C_j<Ml?1=p
z9<R$bzkH99?VCztnT<L$yg5~?4)#XBy+_PXP0eSbU%6s(GT(ZozXn0#mi_p~ZkG)T
ze^+gqCJ%Q^)#$Dj^4>aaI|v)I44<O6egdxuB^IT&%@o)gCZbsV^g!OuHMJ1Ot2!G7
zxq0p`GNR$^W%1^-hHr&bKpveheiW2^uYk!T=5)+da*opc@Puy9vth<j=<ckm-MUiE
z(V}vv$d;EZ-zs7?Hkaod6q34aqy#!^)-OPqcv6$;<Lu0rsE509Zv;mD?ZY!M`z<{?
zytZZ*CJ}5gzX+<pAMPjWu5(%Tusy#3-(?K@==nL{9zQ)0bp2FA14MU<Nby?<vBsTZ
zEjMSq{ERBoC!c&es4J{^S^uhbE)?*n>g*{_u&;K7WRD=pKi{iCkw`62>VQ=eoPxsx
zN1%sAT7nHslMW*jk_W^=v+Ka8_L$t3qy$Hfiwz;W@1#dJFc;|CE^$2|9>*x|<V2_D
zBXFh^Iv%w_ho7Ldp~hOM7k9ij7@HtmuaOypC^GZ7)C_%I{Qg})dgmE9e0LB7SA6JT
zrBahp2WbYw*y$L7`MNl4cX|{-)`s(QcU33{2UZs@`D8dGUy5(cHRuu{uB>Q1nUqFG
z9vX$w9u4Wj>%A>orsB^0t25%_jVcwNnFMAX9lnySVE%BnBRs3dde+^n^nqKnG_KC#
z%IOjeOCzVsDwNRrJPsis@V1hcUWD`KTg9mHJ$;!radVqiVb&%nQNxr0*9=fC?k-as
zN3vK3fE~f7>Wc6eAeS{yUXkuSR+=(0>FQHEb&4#Ke`qQi1$=@@75P?w;ns>SD<oED
z8Tk=5RBts$#3prRU@XUt<hLK3CKl5w^i07)5VHt!C}kl}FDs>P`1f@gBWA>*Pd9}F
zT98l+MPh1dk15~V$kWJ&Dqi-3+YC!1*|Rkq(aA8Ql2fV4^%_Q5Jz5uEPn=QC@D!Fh
z)h&hW)#dcQa4bA0JR}MJQA9sLr?(uFAb$wfxwA?mN9Hf8Scb|h`T~ZkLzGOU*^<M5
zS&kY|bpV|?cU?1}lMA%xhOzW6w;yN44SX-2zt!LD509!7CB3Bw1{eN3d3?+(aay7a
zW6)1Um!4b8S=?2v#bniILaUd~VAzkFaSSuI{xBQJ*j<@ilwgZds#vhnB%q38Wgjek
zX)aeL$2!L6P8Fq-idkKAi1`Q3d(E(|1KvQ<2?mj+?dXcjzN{VL-q)_+9L2|wBO*@R
z)4_1dUXO@2R=l6PZD=d{iHJG3E;y6Mcn^_*ZbL)+Jccgq5CWI3vbuCZ=%WguO76=Q
zj?JT^&IaihoV}D^#dhXln6x5r>RNRU8T3_ep;Yb{z%$JxTr$7nx>lL%ByW6A4(-Mk
zKIb55|7*>$C|t&$uPV!`Z|16kpqnqBD~GEpY-DiF6+S(XXT7t`9Eye`^V#vR=C1@`
z6_A5uu4)xOV-y3nQ;}TXol+x8v}z&nvAEB6*Z&Cp`Br(pqX4T(StGLE2KFGSC8NJ6
z^N7rOBsyk^Ibps>Y(Wv(CCJ-68}8{27K6ltbFgV2qr@1f;+LuGQqg%_Ksg%!tgYEy
z{Uh~{SABCY)2>`dC~PL>S<<LGdoKF$-W8?odHLP}1?xiW?Bc{ME}#t$iJu{XL9p3s
zkPIi45kmV!w7$KHYAfecArb(i5ia|82U7)ksiG!|H!h^-a_g+;n7{DUM2$+is7h!+
zie(HlrZH(EabQFk?c?a>zUyb`CZo>p!>HA^2&nbYJbn`Ev*>Sl;(*$TKCeZhA1E?f
zB@yG5=_H(dKLgh*Thd-s*5>veN&v(J(1Dt%IJ0Ff6Mtay%|D?O9Vkb_AS`6Diz96W
z8QLYUPsTgE87ad1MDAWyef%VnVeU)EY$o`nQR=M>oKAv#=XzUivld<aLV)~QzFYe{
z@v`dp@_?$+c6ekcO>UTF$dEhA=*7o2IJ-Hdt3XKr4%95o*{NsT2Uv!e@}aESQmCbu
zumpia2h~eh*TbZDSRcFgco4Bb+RmPFXhKdjtVAc)Pqa#<5${diF}4@pgf5hMd<@UD
zjCcxITrtt%RRRP;19SvW-}O~kZ``^cw{dR*hz4(Kib65JVkI1}<%kc{j*($|4J$ES
zVybm~yoP<bRW!kP=V=YvHAN8ha}x(v3*ubRxr}$ReHs1(gL|-cNE=?2rM4}Ea1kMR
z6^QaUPTAHDkyTME16t6dgs_}q^_SRQs;m(86p!iDA<)U0Sb)@9*|}Ed=v>H#OMKYL
z&U_ycBlT8?AEhm>p<%#1$i;1Mx~N1a7&$X;m+}}o97Qj!g9hB0+Yg-7A-LdQfP6&A
z6cn4f8s$fxFrTGAnsIDy65HHA1d3h>p5ONWqHq)J4Qu$8R9EJqhRgi(dHBtrq<eg^
z@s2n(rZ1ur5<+j^En3zpct?m89UzM6527GuI`lQl!%PxBtj?_8IOpfuj5xW^`GbAl
zMTks5fJHYJ(rNS4tnCN|0eSG~&R@vTtAfWoTM{Y5>FKiSVk72mIw*}NRJn_hT1a6^
z$d3x;Lls!ha1<$!bUM=nBYC;F%4M5NQ<l2qd+?e_>ugQYM3HR0n%f~D4jzs2F^7yo
z{X=@3nhaVi^%7rf{s7A3_9P&Y57Rbtq)MGi7lUXsR0&9Kw}yhiC`Wx8*oOF&g`d-0
z!<nsifY36C2jS(5h?<VpYz0sQCOdZplO>rBPpeG?chMS@4pgL^yz^Jy^5mXMQ2utU
zWa_5FcvxY?UeHkWiTmea)&bf+vS5e83n24S^1M;y*5`;V43C7If_0DC=TGQ;Q*-~Y
z8&z>NCEd+SHj>%bDl7pMp4#jjMRFoLO!-s%eT0*>O_|5Psx4$wrRpE%iL*hv4V0{I
z2dpG1FCdc>!s^1<))BhPQbtCV9QYbtg^toH$>XK_Hqn_6;LfFk?vcbvkRsCl6k0T;
z-eP1DNqEsveI&A~`i!AkeLi1iAvHCZuZ371Or86!3ppYy4Z7^ot$#w1V~oeG%*G6)
zOji8nncjTSNq*x)F$&Av-UNjg(p)vtbp6lJjrDrLa=saW<`ggIjn&CN*sHgs{+*!q
zbd*ncp_$R@UzVAjKqMC-Es<C>5^fd){Db?4{ixzVbg`DWSms#RdhkO-Dq%|L56VBt
zFV*AYz;L)yaCnL8OlERNH#p<;hehP@fmL)CK{QbiYgemwKO2PV*1UOgYBHN%IBBc+
z32oK4=oFF4@PnZ?Np3V`&;+V9y~ImB5TGWS>!Mk-ghVMP*$cZ`nm>hMywny-m`a1@
zMo5Sj<~&SQ6p7UogQ=Z^*%S@Qii0^j0DpB7FpRlpAbTdo7b!7kS@KPcj@6LrlN2vy
z#fTc7QwDMs>v69@6|rFSAG|-&x=;(rh$rh%xcSW_^mS!&2)Yk#>;mZ(V9Yj(;4}Dx
zZ!S^hr0!=^phZ*26&nR6k8LH86Qcq0dLkMM*`zX56==FBt2XY7CTgr`!GMi}Py>MN
zCyis%!Y;aZj)H;msI=c&-<Q@sFwc&~sN)PF2Jj%*gwO!RD07RVZCMv|aR+GacuH@i
zSSJ!#fFyWo2!iV7(2nu>l0!(We<w%&)K#Oc#7RQQ$(b7VhOgV~sSzfH027)|*}(p4
zye#RA)(hoKod^@vQSYysWy5p?Ig<7o00+pu6~`0p1Y;TK<+qP&%+5&a%2T)bN}MS@
zxS3&M(3|FKWDCV7+N!tlZSWxo#%`2n66^cEd>rEJZ&v<bhwH5&56_t@Z6^6cf2wX<
zgHIU&2#(nq9H7iH{e}dTj4#u8Bz)I(p8aXl7ZNJ=5Yg$-<0<4#;=oCW4O<6eeLJQ5
z_*g%l8ieHU+WobzTm~d(_tP>GL+vC_3-RwsgXOR)=yP3ZxU7Z)W$M0axscM~WVR6z
z;L$52W3E(Ka8Z?;WRpjUhVELOwo0PT{2>Vrd%{mIay0m2G<c-MPb3@`(|OArgPrX_
z6iD-_!Qr&29~s1p=B^^pb=gVS00f}`V4XfcBt7{m4GD=Lzfl3weR^Fz;WYgaN3#Za
zu3w-Hdlzyz^&+~HI8+L!oXq$4DEAkD;$@atdGQ!S<u0a7h@T(J|C6xN+vU4LRXjs5
zfK=w_Z}3?AKu}3{0DHF=Va)(dq}@(x_^KR}2TLu~t>UtT;B!L`axr#vP^GMGr6^h!
z0=iaIk!+&e9CZ9QWJNZ2+&7YOw4<P0RESPAbZU4?2^i=PK)=jkIw~ZCY}>wQ6`{?!
zT3O3XVL|tBQ|qv`G_5SuK&IeLXSvW*I{#=OiKoXE_C<k<QL(mlP2<b|RjQs;_7F4H
zE!d>#ZDZTcg(2HUxu{}+?>t>JB2`QibBIP77(i5mMAPwWof;Nx6^rLe+GTaAEz}Rr
zFH@Nl)L{*PP<%m>fL$PUEFtT<eF;4|-KE|Xx7<9_{s8eCOG0Zo=<wNbB46a2<a&!4
zhp=6KmW5&|gK6ZM5z?r*DX4CA*guoZq(+9u(cQ3+49kZfC#OIqBJj&&6q|f6FAq2F
zXAMuc!ITgUt@MmcVv9~5;a;Qs+=O4o9S%DLtCf{=CaX4(>;meyr>g6CCC3Bh#g2O$
zyV&q|RmZTuht+ut4~mCV1EtBXa5V-Qwo;>D3@~00bL!71fE#X?!(Oyzt5_H-8fE5o
zXJiT1AgKq+S|Qi0<b*{2m`jnO0uH5SzI38^p%q}Ju@@9{=Ol`!N9Czc&)azW<M!uo
z*64*?K-%B^1?a|9@#hH?WLB7c`+<nxcmIfjb74&z(-bx;bYbJ=mF$v`9)RQ!+PFUl
zq2XUw&jvxhUdR~rsJ@Enc2jsDNR56kES(B3&UXtkkt;U-j%}icsg5I$aJg#nDV=W@
z`gnj()gO{wi$=u_YdjtAx%Rl0vB;^2J0uuGa<8JP{~<9R5z>^f6)!weH=v6%NMhf-
zte=tt+m<5A;Mfq7xTbkeZ3L>~W5p%mt7ml2_bOx<@@>Y4(B96IYf1w*j%XU%ZUjuK
zR1z1lG*~mJJjxh$>qUWBq|{<SD1{TEoO!;yOy}LRxBCZj94<-R8_cJoa6FSgQ)DKS
zH`#1Fsx#ZBS{w2qOpp{N|4dD}PQ<6uA=C|iP#)ka_NfR~44o%r8q8HByqj{m5P6US
z$>{o%5s%h+Pdp6e2tFR(Sef9WNAU68UU!e>PUyjCjG#}kQMzR;$uB^2dKe<0JXGm?
zB_Anp8aYv}q^^7Js!LodCaL4#YlOnhL0whb*`7Kck4)KqTy-UD<vIX;$g{r9p;c=j
zQdIrGZclxWqs9oEn1J3}$^WGWwVmXxi1U^~ixd8$F%lhWwJ2ndMnJGtI})_K4y5>=
z3cPCByw&NRUmE8-WyAx<#9OTL2+_Wu=%(DvBgo5~NTbr!E-Y@>UPEO+N;bc}n^Fl5
z*ex!Qe&eZ<-tzuinSd9MqkEMjh*aH{OtH1wB2>9GA3>C9nLG_&JgrdaxLHhszC8oh
z4BUu#1^ZoESF%8>AUYd3`yuFR9#oB4IFCJNFv9g6e~$vz+Pt$su%Oeie!V01fT9Rl
z5<MC*F~3+Kdm{gAS`s+D_(KI?bC6Cx&%+(l8<V3kkH(Zasa7i2IgE!#M&_ty%Q>MA
z3QaBY0K6I5LCHA!sB^k%ImuI5@in`Kj~7Ap=6N(h9s^_4W8XLdoT#%j-*(C|4Usm(
zU=EL9+h$(DVWA=)YQx=;IgV~{kJE?Eg_Q~)$Yr}lZLP#lBW|^(v3mi>{Voj8Gl>4@
zxc`y^Q4344nhElkP3ov;AZaII^N;#JF}jZ;qreEj)f7dnhIvCnZL~|4`4Q;ytQ$)m
zMXuUEE}`AME+!7C`#PU5lG6tPd>}&oe)GDU3{!Wiy_}I~uitV3XlJ4}Pk9(#56sJ5
zTd0Lc6;2oZ4t7b@CzQ@gHnDf%)qlBwX8j95V6BXAl1?uW=(qx{pcKss484suFo3wP
zj^jQx&k{Gh5Ocd&te%6E?z{RJOiwR@6B_ph2{%xL3u{@__jrO{x|9Uo4rXTf2h`FP
zqlGpepxPNJS-+GxB_F{LCRnLSA(@%k)(h%AY+ACP#q1M0ZL76P$m~!!?NiPAx6Te}
zK?&anR&xwSq>guiI}Zpp{OXjkgQ~}Cgyn4rgNkrP*L7G2B#Jrr!KH4tyHfEr!(Wxb
z%_S%NZBQ8^pzmM-#B->X&R*HdpMbpnIcazA6VUZr?NR8~_Hp-8TC^l)noLCd7I<;h
z5$hn|#L6bhpajUlmO&%hdgXHD;*=ShZ;Z`Tk+u<~^(43BMT`}MX2wms28F2!1e?gg
zy>!`xta_~0)&vl$_qI9$0<i1OSX)ULSP&AT5QT7W&U&ligvZzEu^F<wT%qP(=r#V=
zZq45=&jMkbJnB?ZKi1MM3-68>?4VI&e6WNz+Fln;L);bwfXZ0N2vSKR`=h;W!l>Xi
z%3Y9fst2{hG+D}2qenkFYkO)K4%4{mMiXTc4;?oYIyyP8bVO$|WgOOB_^u9NZKi2>
zAJG8oCsQ|VXF#YMU10Bg4mICZc~%fQMrv8=XiqA^&p?Y7eXN-rJ`leSDMR=z`OGU7
z&M2@o+)`cAlY+Pq_7pcO7)O(}O7mO!5y>^mK`Vv}b+ors?C`K^urSv39EBsh<Cx|;
zWu&7E)L4$ThqjZOWZ1<|Vw5!*&f<jL+BL@S%kpiU?IvNn2E=kw;Yg`Sm!tC0sF9&D
zeZwKRM=llYq(CTmh;<JnVVC{jqM>Om=7yk;2$F#*{2GUC6c{U%Kw~YgN=aq;7NlL$
zuu>`0i^4~9+2ILu1u*p`9e4^Y50SC7lZhZ*{Fbzzv})lBe?<}jj+dHReFdEZ>#OU8
zYt92}5QE|l@uE*zwB{{aj7E4EG6k(m^PXjLiD_|VBHOMa>5|za(vk1^?6lWb)y}u+
z3OWc;JMx?ive2^W49T)KeZZ@x3bc%(W>f?P<;O!t6%t;;IiYE>a5l%zbH-DRSV8W!
zUk_?8;8Ca-QXi%7i>fK*Slc1Ao=63pD#Ng{!wBlP9}l;&CZ)rZZo?2Vrl_c4iNVh7
zFu5G=(;#OCE=kdGAcei1OB=2nlU8m{)~45qh;GA^;P9D&2%`xWXC-IzEZT*Za+8F>
z3vTSp>tfW4d@p54L%v;!B1Hr{kBJ;ap`ZZg5aVLgU%F@FhUsqCSJeQfWR5oE%vEig
zJ_%uR-MtZchIyU0<VJrzdmI4ux<dps1oZD|OTh0_jiF)CF<{X!u{lJs$k;e>NLkrc
z$tk$RD8(hzjH#Rx|2*Fq0s<cJ>iH+dJV0U(SOtLP%i$XbE0Q*Gj{?rTWrdllmB7-j
zr%ZewD+iy)w}Lb+a*CSGyq$szZUdGZE!$RHnd7oEH41TJ4<Kg7$DvA`nd9=Kc3k_<
z3GTs%b|?)_Dujd$p{t?cFFMlK9ACi;Ulj>@**B3IADqG002q0c@u>B1$<2fMP4+1c
z`>VaC#w>;&#KxV)N#~@a8ofc|#AZhM=k_{&>G$>DMG}HrSBT4T_IN|`N@ZGfYL*1>
z-@Z7dn48wly{^r7*6}}zXN2U-!*rfvU1NzC5D*HV{kkkXymw7hl4DXfo@upC1ZH6q
zCiHx5SeAwrx{lfAnz8e=x3^{t7sKqh!QP%B36|YpCt9uNGZP63(d6`tgn4;ZhXD~@
zT&`Gqp<R>wou0Dz@kzc8)jO`Ru>s`z$+XW-CuIs+RGeQ>y}rILBs-40mWpGZvBvjN
z3D+p75gy+IRo$UrE)<xuw9N9|xnW0KCgYp&$*r%9GL7NIHH@<Gnm78P>x9A`wSZ=b
zl$NP!S_y*Un<#TX9yp^vEmS028|!3}pr5Wbxem+ZT30he4tMQs?;VpJN58B-Q~WIX
zKw56*ZJt3iA;Jp%Xze<8STrS(9>IhHCTivT`<A*}><l}K+}V$?H66;8!|cA`V7<JF
zqb23P|MkB-NxmQy01@bMsLm}RNWe126aKD?BCU1XAZnztu|&4IO^+%{3y;0=s%caA
z!CuKvn7y^{f0i2GmS$fRL46Tv{RPN=Pu*&lDWa0X+sw=u6GOf~-ueI0kJxzO=A~$(
zwsSWk@a2<b=R2-JUH6Af&V9q>(~qwJ6xoncy~n5(Q6b)QC=lmVHtZ_geM|5>mTzKf
zJ8h8-{YEL{MXq|{XU20YIZBFp6y;F>>N_E|D8FZ@P1(HV+9np;?`CU!rX)$lm3~oL
z#Fr%PABzawJa{M(a}h*a(@)??fiBa$amf2HKVk4l%<Vs1D{1}gEntFpViutcsCu3K
z4a>BG8Z!e$HLeP|uB|e~{cpZj(3Kh|?-7}7lAAy1%jjOJzGMfR#lDX<vv3KvZ^4cY
z->gkQ{x~cm)NI4``M)CF67SM{q25pT9aspePy57#p4-~mY0u(Vq^a!u{H;S);z&R=
zbt=E_SKc6->gS3(7*mSd(dfd_hbsNXyO*a)fBQu9Z=gN}i~`gmR2+Q{V6siG!w!Oh
zxBT%^eVqK+ptfQ#?en_Vr>X1tW8%ZY#}^#KkS7Ae*|DVw^LD>2Avr?B(}A_R=(M#X
zzU5nWw{YsAqEMVQsM}Td^A<Ww0=dS0@!@Z>))G|@p17PThz}9>y~Q8iuZmqYA6}~+
z6W<Z(p;KHn-@aK}xbqawx1&m4@7$t#A#@r(da%yp@*0wwNmhG3Rfqv6s(IDi32kBU
z#(SVn%2L;eg!t01NfFG?h>T~6Nn!r2L;mIdpjqA2eRq1s&cS)yzoe@}tIWn8?x18&
z;KE)0O;|?Z%V<VR({~QBDT_EKyw6-m?RrgG4gUMW#OH7IFvr5$;Xd=$2-5D3*!Et`
zbiOUW;j5`~VS!^a*U`c_CUF2mO`!h*kowl(<znYOt+ancjF=SA^Rn31yl_CFv6~d%
zSGM9Rn35^<`gB~7bd7ew6gBoemD1B!5jAlv%RWLY!|Sh(c6!PaDIXY_3+P74+zZ%J
zG#%Q1_9hO0Ih=AoP2mzmM8r1yanR)1X8DDyu6eNN+M=$v@hkn^T>@6yAw{mf8(-~;
zok)Iy=-0M+hM};%L34hCY(M=sb-jF?T{48B*@^LD_{Q-x2wXJH;%<&^9joy&n~ajG
z&cb=a@8Rw^-{-|oab?eNVE2tWfBMoj#$(y?*y;=SwmwSYq$|#=st#Wt4z=Ssyq;rh
zlX2{4+l5z!6^q!<I2J3jtAG8kk@StWc4Px;#zwj4ql?8GuPCd>97f06$Av#}DT4S1
z98v|WBnaR8bI5EAW%XqrIW<H<UD|)^nIn3M{j(tngRg{j*G+|TG2gUZ-Wsq9l>XVZ
z=F~ux(5Vyo%C|gIa{*=w>uayFI%vnPSoIkybJaI{9=qT9$+dBL)cdKxk^^(&H}(8g
zqX;4`5$^9k{_E8=2P@v$3g&(}l`bEVx>!4ZZr%Q8)!sVVVPWj>Yi{=Q89`-N1x(~{
z&YMdDKYUToZTtk@g#C+tD8DkscB1wxytYRRR=D+}*B<RH%98;`#Kdc}wke&G#QGn-
zT>rE8!V1XDk%82{pZT~(W~N8?*Va=czKbZTtn^=A{)>_Jtp9w=9NNK3sHrn$TO6{r
z^<~+gEc_1V4;<6JMTkOA#&a_kI{43~qZWzCR=y0p|B8g4_tD$TO{n(2mNO`1f(aNQ
zl4l2D_CmWZ1W9j_lEvZuTEnZd%GqP%_qtBv5_xIGJROBn|I4FQduw@^`fk$HHVd6h
zQ{<*Ll<C6+Zpg;g<DQ`Z(#u|%`!^fE0rPK&dc6An-}8>>pr&$)-A5-;PsL_LLyiOx
z{u9W=N$_lavYb5Qo*4gGg#h0Kf$RCd1lwOw@$?j#zcw7Mnui*G)(mNgZuI!3h0;eq
zusWi{|4;*Ggl&AbUrX%&XOTL|5R)uLWNf_De`)CXc|eK3!_pP<8T)4Y4<jxCv;*_x
zu*~(kZ>lW}5?R{F>7L^n?u--pnMI_sZ%E$QiXxgeFwV}6spmCECWN><L5`Av`EOvy
zLe}2qa^si&3pfJYO|#ebItC~2M(sUG?{MKvR)*`tgn1edUeDtC7jN*Dxb-jQh2@1A
zX|<mY9hiHC6hO0UHjb@D<J(P8E`k%I)B3$vU8e{QQ@q7SU3bv!=nlx1o6WMn=)^Vl
zsky?+Qlt-$)QuV^HQ3Eg^W*H!x$vf89#jqb2>NrmTrH0cX}@`0t@wZVsnVm_*vI>>
z9wDR$D|3`;Z2&1Kd7?!}(-L<Eg|Ma0vc*x6KiA}n+YZ_3f(LDwYM3(6M0&9_;0^Ym
zpc)S8P=kzrH=+9Z5h3l&&ABwm=O?#w#vu-@C#o2!6JcUkl!m!KIf%GbNVN3n<I?)h
z-tN|`IC+`LeAesiU_CZ)?2N&zL$v8-9X1*4lp(0!KyRjl=Xb^PXM30^)$y5~n$xMr
zU<%^Y(PFgcU1|Aw$ppvViYg_HtNgC^i7ZUvM0h~lm*ZTT^kdVI-1yi3sBQv_CGC?=
zQKam7{6n#O1CsfzMK~MT-)(?cNs~Q_L9>cdcs(|jCM}_KcT-ubbrhkCpvt0YEkls=
zi^(Ch5Drsl`<Z0yV3U>Njn>X@gX~&q(N%=%PnmR4bP9vzkUVZyJ5z6^EjIma8yT+s
zJ?T;Z9`S-%?MW^%yF0q~M>5*rR43~OC<poPlxbz|#-<o&jmNsi(aXK`>rt801c0yD
z1aB)tRTwh0^#{9;uvb~@yTUxC8R|_8+<<5Qv&`d6Ce5VJr@O>H8cl3B+8@yx2yJ_#
zip=QvW`?sDho*-JN=Lh24at({h`RD&M)k08)W{~PZ#b0YBXvp?7AgCTa{f|LEPv+p
zkq@WOnBFsi*=9tfUi}cSU1Ri@#<{!t4(T&-5Y_OJ!M$@|OTkszD>GD5KU1Cx=>vz{
z#OgV}GMW2FcZb-RmZ;8Rh2-AgEJrPsG0az2R(g+BKtzc9zr;#i3#gm0Tx;_B347D!
z4-2cy^v%T|78c3Z9Y3x0TMA`o>*)-DE0Z@3<=7Fd#RdMC5nC2V-SSR>Y5Ryi`uU#`
z&#&62JE9V+z-J2##hI<qvidruFabTC!1{zHGlVJePmOqAG;(<cbqp~EuhMZt8+)n3
z_83_ZOuQ8k|06SKfYEK-h;hce?dF3i&x$unT8lbc3x=QG5Zv%^l@g)7LOxNz_&YtT
zxj4S=oMa@oY`Gh^AhCJ?7I+^xb<ZId55O8oUPtxU{OCaQs`~vZeS_rg^Om2hroCj~
z-B}XbTk9PQ?PLK|X|gCQH9pI^PJfYJEVpHZ@Ef+yuDFqDM`kk@H^P|AP5sgRBOcuU
z$OL51OojK<j*w=z;82c6H!$sW^9xGFob5F>u0$sAC%G_BE{4a}3NqDJaYf<}9%^UM
z_jYL>PBt)W`nc9ir5Wm1U$294OxnLp{AtILoRSoR-hOc>nRJ+&9hH9AW@<Ixb&xi<
zuTOq(a}U$rQ2FpL#N9s$UFMf1&Ahc@SOK4Ywe>$wj>%@DBOt^RwEkEIDX3V3N)dk*
zOcL4f)kO;X=Vi}@#SiOSR1Z{DI^mmcR15Za9@z^fE=u%o=vCZ>OZ1a+0L|1EaB^=_
z?AE_mlf{^>VD)oxX>klS+&?oeM!ny>hJkQbA)WPZ49eU?_e_tfu0gk1CxemG!ejti
z2;FG=I(llxyq=R_0a9k-Z?Mn#(WUu#yV^>B76MNtjqd7#4xG&u4y{8iY}Yc0x!$%u
z-FZED^SmkmpKNGSoEfePw26D><yGA#!+2gBLADlldxpqqxqcaZ?vXl?&&JynF|<t)
zei?-y>R!)WGmjU=aBzUd)fT3T>j}$>ba2S0<4N^&0yn#5KBxMkT)v6{nr$z!^YYD6
zzS)HxMDF4xyGi`o3FxFi{pu&1`}40?SB|e%=mU0;8S;=7JO9euVvk3&;*&Sy`8+b%
ziAxgA%-JZt1LiYY6Q*l=I`!H&IRj>FK}^MaNyw=QqKNFaguOJkeej0ug$wJa4Mk-m
z+Vg#!3!*PGmMuRTzx<rPSN#r|icSWjNpLoWrnx;TS9N1xwgz5jZky3^kfPM*riG1m
z?Y&&zOGk&b-MH1JxB}G4im<T3GI?U=x?DJtublYzD1PDLt#%;6SiwiG>nZ(6%jD2U
z#geMk#E>5EcGRL<`w~NP#LL$tzdl;-1vorv%1h%e=ce~3j;6g+z>V5F&#+*YUr-rX
zD}E5bGJ-RW**#YiYsMwaN*|rtUqml>EvRZr&m;ZDXhvZi&rue)^2Cu<P;<REQo*_@
z?s7J5*cG$N=6l4VKXR7&-VL|j^!xw&EE)8S$K?M}+gE@^`D~373oIb9gs_Cfl1n$z
z-MtGEN_QiYk}Jr9Al*neh;)facMC{Ms|W~!NU7g~dhhT4o_oLhJpcdm!OJjnCeE32
z&YYQdX5N`Q1AE#((N-f+(<xG@=@bkMEL?0X00su?xXtV76p$_^17A%iF^P<<g-3ke
zBx)mgXu=wRkzcP?&a&$OcHjKa9TAs5^?O<cR~j{~G9>d8t-lyF?X~+8?Ws!(ftA5T
z1Xrn}hz$s%;kb4Dv^mD)4OT4)8@^H=Z^$Z32B#Rpe3khnJyJ-&0T>d2I<^$GGmqS%
zd+UWIuQ+a}l=Q_#3F<0!R<e!e=C9fn-y?e^_PHTsICKw;r=%P6Eh>DF)y=ygIQP@_
z(pBL&J}vvBr+C?DaZuOVvVvC~P|go>*iFg^06M+`PLe*_3bchnWCSz{!w^P@72^<u
zJ%q9nK?-NlHHnwfL;*v~)hvYQyzaOKD5{7-v+jp1i1&E;7KYD7Z)^}Hft@0s!$@_@
z(UhL|-d>xJf9yeAE{FU2HdkeW*IrZs<^TjvMPC`xb|S>(7*n-^Q7|fwOH%<abVFMP
zY`;w22|K%U-vP(|G4lLzN6r9rWq#Htx)|N#<9hH$;E-8Q8FlI+BGU~l?b54a`mlx)
z)5o1y7V!Jg1wch}1Q|9X+2|3#e>@DUW*dP6J3pAIa$S`m0st4zHde^VdLa*+LPFZ@
zuNpMx#e{({9I3KLIdIgOu;%Y)cs+O00M>=Bd+s~s)F8GbHD;1Xg?!!r;-P$zy!0x$
zK)WnGHkvC;h(pL<Exsi%jlJ<O@nrpZNLyK!xH9)*Qp|EDwV5_<J=`6&d9Cjv>2;)@
z2u~fB@Ctv>5<GlMV=YnVvFavOay;AfCZ77``Ltcv10$>4HbLRJJ^1d%ZrObQJghFZ
zw#1IkMr%xJ=vh`^vbg94)Z63a-$ln)ozdwCeP_nJi)FT>TaLYTBqGc!q>oGHsXV-8
zsI7gLyHH@-z~Cou)cK2zxJ&JC@6Bi5BIQ(i#PaT)fpPz{WK73$p+kpXbpDX1uOdJ(
zUkAB>(uU4z8HIGf1n#*Zr~RV9_odE`U&`?)M1uyyo*Hp+&&Sr+SEGjNMrLr}iS!|x
zBVDL&B#tg)cNK8j&{c^}d6P6h%+VDpca+dXl`-kSkJoB8wX8ucJo1gsscLte2sZ^H
zo9OoWxu+@im#Lhz523Uz#V^E3j|Of&8{X|S^i<{zt<sf1)NNhSG*;-PX<wh6sXJCI
zLCGYBI?&f)?d8aA<NTv)84pQvN_&CIRdIptE*s>8_2R{Q`7Qc8_>L0EQhp8qB>)f?
zsq9@(C5t`q$hrc~!^#gT-FZh&e4wZRvLG#!pzUEWb<+M8<r>J*LEx5NIRMGg`lOXt
zt>O)|CuRJk%OeiJA;nUnuAg<sOX`x#8=~zw*h409M3Lu_(LeZTDF_z+ju96txVpDd
zNPa`nfYPvZ)w_wfOw}_4O)wtl#0pqHS4JmMer6&Dm08|orFe#@V!=a-1lpmMX)r-)
zl3y(y?1~<0N$4^gJZA<1t%-@X5NO45Pm`}Dl|R)=J;Wz@dGNW5SR0DPTL5^VdWG{R
z8df$Hn-&8xOq4C`;n_bxItpPQK5Iq+Aj|5Y+`*<(&Vx5yWztco0%L6rW3V+}ciKfD
z0QA{#JPU*PD|TJp{3A%jIN>_p<SI#zJ-^Ejd<k)M04UVBxZxCVEoQ_onKk6f$D$G*
zEEW&{E`Q$;hDU5X4)^+)@F!=tg;v;u!9O(p*16TX?pG=4*Oj{RMhFo)PP-sb2Pn8l
z@zt2HvvuE96B~>86EE9flxWPVaIGZ=Mr(QFO8?HArYP#J1Yu~B`x9C4M3DUtUMh*c
z@IS>Vr|n7$W@42@z`ywizFGeGP1~nrS#l-k!M_i}<2-5^K}U6*zpGAg%c{mCEBFIT
z7ke1dUaba_O{VdTW&Tcv1rx!<0t^?so)H#g*)HSsBTR#y;Gw=N<7-AGF!L3EkNL<I
zHa2ygl}g{5C6R;2T=GF|^6lAFlDWO|84*H`ydWt(C4w=ky~US~((E{9Gt>-%Ueq&H
z<SsQg-ebsuJFvT)_CCafn1*n3M-$eN*0Vg`?nARO(r@m?%f-neRh1Tgy#ym7>jrAu
z!<DB?W6N~u^zx;O6av+d=gFY2P{_`I0Bb<RZl=vyy^|KEhE(CNqm9*8c#Xmm(J3(|
zv^H_erAxcR)z=!LmIi>dCB~=rZd??K#87N(RE^Pz6%Bx1S|i0S5tzJbSR5`6n8-9}
zc+EWObH6s=c3J2Oa3}p)Goo}!<k8YN0W@&;*;!UXkHh9;ThTNVbf$#@QmS=&JF*U_
zFglYJw#jBCb5r!A?K3Bo`MynPBM_8oZc98;;*$SRq2KnZJF#_`)8hNxn>71HquRP!
zj<v#KHzefUTz%=yd15Q$#Mc4|hB4BYZY{KCJq4vpu^&4fIoqu1u53`!_EghH_nGPu
zhIFk(rGk3ry@BQVY%2InSa*gw0X9Z?uV*_n+E(f2op#}VV|(r~Mkb{~G(v0Vx0zHa
z=Hv!4s{mdZnaREi2)>*>H}gz9m>$hZ76XJ9C*&Lz8sz2f3=lC)Lj#1O8$a*qU1Sm&
z<)tfscLGI18EiS$7Dofb{a!@42_5Whx6`)0?QY6A^*%BqTygr(QI64qwKrWPzn#9j
zpNg`sA`Iue@+NLThU*TlBSD|BP>I_m!Vn%6uLo6Bc?QCQpbWAD45qZ`2ofKwcM5}`
zQ@S+-()UtzL?lNMi{&zO^*Dt|BqMl_l(*}Kh;@i7Wzg@R7u;gQJ3;g9RDG8|c->Uq
z8P7@}=XFqfEH9HG_b+&1E*q?Sy+-JMFi~%z=l3Gnsb8XapAAFfV39EnZp=ugg$ZRp
zib&tB76tdm19%E&FzxvT=Df~qe#rx%(AiXc3yb%FJt9;?0?%R<Mud^(OV-`-uRs-W
zY`wf*+$E}OHCSIF&#gU(l12&cOR@W)BQfG8!*f-aLFSXpYusjYw-ZAKoh(KPURsD6
zH|*i>Aww5$Bsd(6VUnh3U5=s5BLxTymG9NN1&up|M?@7$=rgRB5s|C-mj4w9ds3IN
ziY}yt4eUTF-;3b`0y~z<eQol~S3|g;xU3K(+=j8=(tedyF@;%SxWknZ`4Z%y)zVlj
z1z#wnQ}-4g@<4-L-uSvJbbt*D2Xi7ACh9ERMgUm;t+VMQ3{*R%aw<UyqG`iS5!*|(
zKHK-zK_%Z~FV#S$LCge7Tdo!@w9c0Zjw_i;zFYWoT|1+?Gwbl`dPTg!h^(eO!v*5<
zMa9{??~BX~XHA^HTG3B5E7V2m&(QVlzN>kv)4OJnZ<~i%WZE=_^$SKmLhS|U=xi>-
zANRH(R^}c#m?}we{-F}zB24V<o`4OW<U6X!a8?oLs~eP&&2Nqxn8A0^SLipuX!t7v
zEvF59iwrA*(uhWSmr9W7COw+4tHDk4;>E5I@!(xHyMRVN6bjc~H3);zX4<{iTa-!i
z*qxD4h1@HuyCe6Cv^nQ5YmGB4$r*r~ahHp~<#N);NKWY#l^;&|LRa{189r|LTlC2Q
z6-MGPD&>?09HZk$)B!V?<?%TA9!~g*3e>)CTG)BEM=956w#aDq4(xkMd7VKL8u|?0
zM@yexJWdvpNa>(ceGwm<B1;_c5mTqSU#}4jgkDayHyy?i6XIA~;ggk9PC(-s3-knA
z2SXCx`qHxB3e+WB5rgu+&AjKVoCXguD(%~u0sAfL{H64j1@hK@%?wxwcV+#|-Ofek
z^c`S5=mJsTWLC3I!{A|*om(d<YwM2~`3jiW8^?@M#75&p@4~#O%osv}4rX`xq)b1^
zJ}1UBSHiroEOk6Y(ym<%LI2~}^#3422XnZbPx=!06AksIBLYH0!@{^;IL1JI^Lo8<
z{A=NuQ~;Zpj9gHLo`FvXhmn_GmIA^gbn|NI`1i^&D*4sQ@eWj%smg{q@e9x8d^$xH
zQ&f6FZmS}};~|)B(s}T9bl)`ieiPtst%srEFmrr9xKS^oL&;#dp#jJI4cUe`$6c{P
z@fOt8dkg(Hqr4{Gd<Kgp+Nh}|+wbVzg|LtnN<30`d$nmn=Ri;qmY#$fX}r)V&KP1D
z)LJl_iqyKOX-0_C`8E_WdoGmK7EH|^vlQ-WoPIMJuMoD4C-9obs}s1riR0WHJNwQ(
zp=Z`9F8L^X(gk#e7bES!T&pE1Q=nY(#>Ap;`q3Bdrh$Z>2kX8&)0a%u+f!5Vo3|F#
z9tNp8IV~sEDd@XMI(%j^*b3~^`O^4UU^2tyt%ZxCo_H{)8`4W@k-4?MM`4{w#mcqR
zl{S^CMk_gQF$48!Zn*+0mCG6bR0T&&68)PUPm31z+Dz0&1%%Czw1R3vj=(&XLMj=|
zdQGLvbgf~eA5L;N>aMX5;4D9p5n9}+>h0hOb0C9Ov<$(+M-tY5I2^g_&09ByN_V*^
z$-F{m8yFbmX-&|B^?=uUsp`1-f<^*cE9xF9pC&R$X)B$EYk3aNT^K0_%^AfF_eNHY
z<<$wkeI}B!GBP<)k@7|+kx(~NVJcM6EbTBmuC3AD1RSbxxmlQCz~fQ%EW@6DJUot_
zCBPD3woAeuvH5}Vh@7l+z0M_%XSESXQT%z}Ct7ZBoOy4j*cy2hW;yIckQGm*P09Of
zUwjONN=Y!<fpUtk&`RZZ@R2dboP%is`)>Pu<9g#wsuWw@M*f7!We-b*s4UKnKgs@<
z>mR{5HOTP^-pLa=u{pLW0rqjl+bT??BUO&LWRZX{(Zp?sOO5Q}^?KpxLpj-)<oS~d
zqUVG^vSjE=h;crSpr3o71ziPruLGWFF1LF7ir>tzXE>OuQbe9b33N>sP-N6*f;FRy
z`(Re=HA!<r&NjmQ|L*|vOjUm&_P+K_E~qNI<jEWAB3zbX!)7DOkCK*v;9V71@D>1i
zj{{=Q=dQwcuvi-G7ypO@AD^;m6-?0lBYskiXRD<9_8WCyJp}~=9y`P~1ws3d*ST|A
z(Rpg0h#{y`0_8GyJ}~HgG@_QD5SF6;N`w%n?TlyICEQeg=r;#4?!i?K>)+&b=|6rN
zB^%6l3*3J($b*>!#g!VGoIj?s;&xEh)4ToTQCjo=;vinIYYQ%DQJ1UVN5YD?)#MbC
zNw%r6<e0hCt(!}Wz2ODcd4f&CPnSrz4%SrJdE&R}ZU5!hrS;9=UDSC7juHY5!w*$@
zYU$Sx*~aHhW|gf3Dy%-a2q+xiNapQIyrl+HS4-rgu)AO+t2<k&!AqFw<d3h%lfngn
z{rZw4+pUDV5=M>7=+iB0OclIudx@uw()8JjMNfEv3(`gjhvUAuw<z(vhjfeIZAyrd
z${t#&6$d{vq0?L6u=j^!XM5BSb*tDqr;^mdE9VDgCzn;(9VFaGemJN^Z5l*AR7%ib
z0udMJ7V6UqiWpS(+e&j51^J}$oh>VU$$BIW*t`FZmZ=07`-k$6CY|+F%;iCjWn)Em
z)ypi^-QXm}@!!+(n~Mv%dZ>@eXPrOA(?$(*wbV;uT1F~(7p^CHMJ+<DQs2ZLNQ=Kl
ziz_%ry|V2+f0lI!s=;6Ts=r8$+8GgXu#wH05QMw1)y`dpd1CN2er{xE?!1v2e&1Ix
zk*v2l$|+$BmZ-U|Q?DM~ovbev#mwxG<TtJuPa7<x#s4&AB;+fz5U>n3ld*0?pC`w7
zrlfZn${^(vURO2boHET7TJg%to3*=??I;=Fj$P+iRhR?BL?TOp@NRK?QZDl?uU2p!
zR>qSQ+L&p{8i%+SshL8f`uUHzz?eK2{?7=Ol~1%%-ls!svSQwY1jUZMf|gVgnG+0C
z8<OSIx;-+(HPd;91SKC;wkc*3t@SYZ4Mx<#)BKs9kRuatA;9XUsB3KUNWLCQlewr)
zJk<h>I_jRdjY#2xM<%vwoJ$@oE5zZAiZ({!{??%HCA3}Gi9DujudKZV#2Ur%uYPdY
z$-WtAaj~hX4R*=(aB^}TmpG-IwiXh7Oi0R+i(9*~nX`O>2WFG5-?)9MN0wtc`YX3&
z%CDMUU<mLiw675|qCS>mA^(&z)xH7_-YHJWF{}KgIk$#Un$$Z(A6RSZA(bT;yFX%M
z+6=x^LTGnV7D2jW<Cg!obPIQl1M$>zvS!Ek>+p^TAQxKVVFWCuFBgC5`n=sQ`sQ#Q
zd4AL9O~$Vi><DSr%DWdm_B__+S(VB9PMow2YU8FK?O!00r}#V|YJ0WnY*kwlxk2eq
z??ft}_SqTq*N(mAI`mTU;C{+H(X^y%IPV^37fG0!&AGY3jQRO*h&zUGT}d>)hobnv
zZ)(gW7<R#g(rOBL=qbc8PI7ypZGcMS)x*YLDtBV^O9c;j^VP#_UFfX~*_o0Jvs9^O
z$?UtLwICRyl8gQWyS84=4>^C8@*UHE+g3o&TA`?Px>9-hUn!)UutqL13Z;$&Zu~75
zwh-|4x9ns3X>YCp+0xy66@QPPRyAUqb_OpQi}K5sMzZPJQmJh&00$-#bW8awwTM~X
zM91AM9%Z@3&y)0$<zI<EPydALrOJWfWmt1#%XCwV4T((pSXxO|pu2SO_oVx&dj*Yd
zMt^0ybk%-_xb5GH-27ylz-(pBr3ntmoyxVg`84;pnp!Ins2yP!NDJ&z|Eu8Z%#nv?
zHUEl2YE1gV7t$9bJD&{`y`SElG)7bGz9kUBo^@MeZOD%B3fQ?5&<KmM_Bo>eo5E!U
zpRBB{$)+pW+~7@OCSnMR3~b=QWj~qn7O^hEmep>|(SI?@q87Ih5aY_s?8zGE&_l4!
zFL6V(gv7U4Fr`RzLH-xBy&aA9?!X#Uxcs=a7GY_6s;U(oFkl?DR}<cc^SXxNfO~p4
z^R@Mb;}nPehux>{9QcC*wml8ZeIuDd%noXLQ^6iSjCCrytsmE`Wp5c{kbbEIgGtDo
zn6}ua9MxTx*14ptp&xzUx1^@BF|-&V8#NWIr<MM@BgZfZ8}RsCaksKKrBlq~WO}oI
z)Zuwig_?WZ@K>$^y#q4g9T=^kRHIdyfgk+b6Mm8-S;Q6@{U}!9MV4Tes=lM&8)^ll
z?n!NN*OX@OX(UXRgI}b_V8+s4YDt&&3*50m${>_(;#a$qnqL+GUZ@xvHW?a*qy7v*
z#ARM%`zV3^m`rSAyl*j`t#KQB4+<N~ns0VZ{2DNoHwgE7K0B!3*fO1ChB0hqk2gUL
zVDst@jg0v8fFGGO9C-%tZiswKlEqYpuRp5$$<r!5ldo~VYH)5NKt15ew~YX~;+D;I
zxEdq>yWiHPuGJQF64%_^tT&Y-(BdEd0{5<&S650>@@Ugkkp($-%kt<a$m<slg48aK
zPw1nPX{U!}Gx?TX{o$?ZgzVgGQCVLvw`EP@jT<ME^XNk{j>**4KMo0JJ)f8aV+m7y
z$Gm)m)BbFlnDNVj*0u4VbKXx6XPcTCte<D9_8A<d<6o|+jM1E1>M~GauHdu~YRwn$
z@N=L?crfL5x#y-7|3vc`>Ad5hp1oG`*qu?}@jB3*=qdVPhm<HzKicUk9S!D2NWi}V
zfuyO_?WHSBC+!6o`Zflb-q=cP){|t!Z6r=5>n$0pPH{7@>3H?@+AhlZAVRB;kzQcJ
zq!$P0Y(LS6@{z}Q0p2OY(rd@EKj;+c){b?r{;iYgHfBm|JwnTl(cl<T^+lQ3lhjb_
zs^w(?T%IHZrJUAQcaytj$xV9a0^CAsTyYEwKo*l`VUi=5tvif4DV`FhDrgS0U>8qT
zuk!Ky)fxg_ifwqh)Hxgg$SGoYb`6H~2^0J4F9>q(<oJ4AZmb5n?x4H_MRx`BDQmJE
zff}YhtQ)K!Zd6J!1nbEq&R&f`UY0x<f$VXOi)j|GH9qT6^X&MfW|m>(<r~u^0&jiq
zb7eB_Po-;6H8*cOc`Ev!o%QA;SN?eh<R_1GQHP0TS7QPrd`l0}E%xNfEInU#02H(g
zH*ntr8RG#1M0V%^-r|pRLCI~%XmEV`lXx)xWg~X}5gy+m{&@n~(}r8%g{@`rV$}PT
zt1s$G(0NzmkrY+z9XE5W!m*wb<X)Kc=7n;5(OdBrR3E|JZ?mUmMtuMDQECrOJN?!n
z4iEBnfb8%(;a`E+6C$^0_~X)Io8sBKip1(t5PI3Hj$lh<VNq|9jnKuJMx2X`gH63!
zFD|w)#smA>d#q>6f}XAR?;lK#eJptPMp?Z0sgEYjeunUV8KI(JrftmIzi@EutLDB(
zonEA3!VB4?N|v~^ZRNlzp^SHWpPntDtl{_Ek2;hV+#*cjQh1Z>cr+X_aFQaubPqKT
z1&<Z&=c>>(Ftv<wCw(VAc{tLrit`2%Ow7+<+0000+VU4>_>?=dD<rfe4)%uGF}}s#
zk!{VKW9}*4)%z!=;U`aG@}$@4dAnl|HJdbIZ%QB>^=OQyadG5XZ=Nq`G;Vb>>TPMl
zbdB35v)NR5<quyTy*#)<*_6gIW1*s2Yz$Yp8rA*gJ_?~&qMox6^m4OwVE+huCtt_6
zTa!wAOsURf=bq=w%vohW3ztO=N2u3gIGz!s+Ov?O7h|%`8yvPTQd;#iR@|dNJ-wIZ
zp9vDiiBJPf^N3Zt)gTQLja|j03ctK8<#65;y%#*AjqSInBRK~i;wr^%H&-+EYTX33
zkv6>f2NiDjlT<mf?{j&iWf|Za!-M30<Ik8?4mK^M)w(U1Mtz$<M@!g9L2QwbBs-l8
zi}PJj*jLH2+aL7B#4BFHK010QO&KrP(%DiwcmefZ@kb|ar%V+Y@iv;G@Ryq0*w$q}
zHNm;UUw>MoHhF+hVFbvn;31^milZ8du#YMj=f|B)qX?2BmY&BqVn;dWx;5E3dMw^$
z$dQ<ovtGXUQB)EcxVXT_$K*JpK5o`d&hoVW7-hgDRHvCxxp&8wgUH;0_XqW;J94XQ
z4o~7Cb-Y8oWpY}F6&h1CW7mpM9*1g?R%0>Y@cxZ3yfJy}H<#!1_gqP)9AI9>I^Hzr
z^zSEeq>#6dW%j(11EXgd8kJD~uYr})wYEjzGQ~)>4&*K=Thq&QP;!h8SX#?8ba>*n
zKMs$~)(4tbn5nt<j|u<(LC}Y0DU0$p*1@L?sCgOL>lJ8h94ssx02<Ek4gJ?E(5NHG
zu9u*%7ohb#0F0rvYoz>gFw2Ak^ZQ+g5CL~jMBJ}MXiW6$Md)&E)NR+=ep<N6pG15>
z-$iYZ%AQU8p-QjKCUjridwKd)OoK)RZHVKCm7`>k^wd5VA2~v{4XO+x*k^s{TapR9
z=u?jJ``$m`Tawlj1mWw|d+oE~lNC8EAHrBeicgw*516Jj$eL5La+hnB^U%|DDeyoM
zA-<V*cQJ4~>N`4lxu~o3LBFB`N4c~u+Gzqg<*Gb7&N@auYQJnFK#CVG6WYdCcpv!k
zB#`vhs@wOMugpWZF<7S;*LetNG{^<aeZ$pBJ4h3pV!OcQz&PCJ6Qxj~zhJU@1!a$n
zF!5K#!k#(HK-HTd@;z;UA&>}X-Pz3c2QmGZvWI+tGaA}SiRvH4@zYS-mlH9?B_KF!
zi)6=BW<9YlWm*+18>D#S2j$A9`j8jU__xU_pN2dl)&QC34C~xn=DfThULh6=Y>`7y
z^L|KaIWY%$f-3oWNJiJPuQHs(DLu-k8M7P>9|s7P3u4Aw-=KS6-guj^JDQ*rlaR6t
zOYe5Ec$T7RRHmUTp}j~vMrqnwN6Huaa*-x49rxId&9V*&%O&${8c||zHPKWPBT904
zIz26BeYsN^yl@jFc(JIcA5n=Kf1Dew2d9m|QP+vHN8ia2VqJYeB&<H-PCIF`(cR3J
zANBj`lpPh1Dxy~_RDY$dFfrLlrmOhRCjkEl97X-<d#7-7G|b$qkIj%SR6~w$cF^xB
zx@gGc%V>Y7^8F8Gw8Qy@KHO39ORawkvL=``cl#aFzC4G1*8u`B(9uF<=!yS}2gu{s
z_M^PJDa5R5)Nr2iv%%-@of?*H8|173CCWR4Ml^^x)NvKaJ>#9$Q_aUU+3(Jx&ys$k
zji9QTWm&jO7(0`2M1v7GUc)8)VGRiz@wR?=s~umW@g@a@5thtFGUh&<s6|I=>pyzI
zZtX+k->`rfn!!s@%_<1_ew!GG{4F?a+3q3g<G3hmDRhD5$SQJI11A~`@yGVRcsWd5
zlD0c6jhn4(ky-sY8Z)~SWd9^QiV3gEUEa6XuMetyru7JZFM(W{KFipb5_%_SV@6NR
zI+apTBdsJ=FmOjs)pPu#c;-h}!K&~5<wZXGlKLF4J$B0OUBv3EeO~e}NhM^;g7-n{
zI4@cJXdk<Fw_grPr$O2-*W}PfFrD)=F>di`Mt=LDm!{lFX|PXXY85iMU(?Xi*B6-`
zRZiFQxmU&3SH*{v^65z3LHedQ_$A@Re#0*7geZ$sV;$b^EcsXkObA_=NdNt)u@JI3
z9~xdwGwS&6A@jB<z>6*2WW^a%fc|kwUE{YLfm*uGIbbnGpHb$`=alP~e$YD-muTbv
zB+a#{4Yyp_0GcENr?aaB@*-JSlz5{jJyjUzK+Zexk;iQohVMjWN^cT70jOn@0}^Q@
zWtII<MyK#6T3w#SlO-E;opkoscDo}rFP8$w(k1Ev@VhG27;eJ&v(G6vjJC*C-e;5F
z7|OL55X$!0XU=i%fV5D>BlxHvd=bB~{J2wzs8g_M;%ij#jL-tau@JfHUrtZ;hU6}K
zESiXaF}7}f8gMAUv0_FiRXJ3rfJQSQnIqd5E&vTtvaK6~j_n(rP;qNg(37imfMWb_
z=tMEGVmzLac-k#uQ9Dr|-@$<XZdmHFfNUb4bjIE}abQ=#`xZXuiCzXCfYr1@{`IvM
z92nU(kfCcv<Uf$q#Uk9f7FwrG_KLm(GA;{`_F4u+SSdk3T}?a&2@dq%rTi9er%jFr
zxy1qQm84Lq0ufQr-gb4L5N$~H=$tR-wG63gDVJAk$J=hY)cwwUks5XoZLl^;uxNe7
zhzP{6)PZq$=AXcC{X|i=Ch#Z6T<I4B25X(lyjEVhn-#1=!2J+;_qq4+bGEw@H;s0M
zIUcyq+x-rmYWyzsp9P^#knqdH%yowSVS=Y??=_=PgxRJ1(;L4l%=^y#m7v+NCdGGB
z)Q(Vv$>7O<8-lJ{75`z@IApFAEsE{=hXRyga@7A&O{4JOngh<Zc*zCpq^7bl=4x-8
z^*Q9}ELhMEUIgRo0^C0rWsh6nNhJAk2%2EI;y=dsnSt}cc8V(zd{0x+ZTHb7?q);4
z?$D&WWr{=p-5Ffn>FdN-4j8rX58wouj%ffiy_Hu>8AyR~>p11~cZj+mAF1Bf?+XbX
z@*PvB*7r|{ZUAsAkw}a{OEm{<@ezMnkv++0sQH-^pPK_=>ZNAi9H`c%2r>Gx_IL>1
zJ;!-b=SzxJcrM5A@b-%#`4+f7gT;4E$cM6w&vN4Fb`9#U(mL$3mEF)@-^+C}A{E?O
zL&wXt#L_|d2|ZEGAbzrY`l1c9T8!u=h5r2`8tlj4OX^;Ku3l%7^L||?z29n9GzG~{
zu%Ij@@x@ZvJ{Rr!kgQ$_In5w2&BxLeJSXA9A?vR{2&IX&HQLkr424>u=ljvVzOwwN
z&VwaWiA}~ST0cx0BNtg=g0ck!TyJv&wJoY6BSFn2P8R~Z;tK&)@iZ3!5BbL(6B78?
zW@B`ex-(*r&IEn7Bf~Iq^sQN9@{C#}p77$umCL)TJzGi^Z-M&UhwpEeEf2z8CY1Ov
zYwiCha9p#P@B!_&Z2@xBB{y-(zP(hB`q<{^Lbcd(dan$<YqdS`t(p&|a(TFMRzD7w
z0_F1X!l1-g;f$(ialLWJR6GCWf}oh49uF8L0qK>N(tdsV5Iwx%*{~1ldbYpxEhg7}
z%Msyp-9k~J!agbLx<Yh2(_!RGp>N?m!CY_nLMA1ic9}D}Yg2?B`u=aus`dhZH(gIt
z;t>{KR9Wj;c_&dvao+Y-$EjkMKlUz-eOnyGu9R%)F@KSd*^ya9ngZ9vabc6fEw_}o
z{}*R-V&W}t0+u^63WUwO>=cH_0-`=GpEI+lD$SRdypY7>I|Y39XDRh}Lv;b#1W4jo
z;8*x)8`O4%T)+)4y(wH{v8&i+4JLe0mgx%*9Ya?4YFJ)VlTK4l4JxCGpA-oFRo8d#
z?M6s*ErZOFj0}dRd~*48Uy`OCf3tpi8R5f++#QxIH@3dNH?sO*#9UAt()7cIZiLj*
zsWjMK)3<QTxxI9zicc%d3-!fOc0VSg^a3c-`)UZX?4DZsJMV;#tQv6oaby-@dNg+A
zruR>@*OjPVpVk6+AX78JBAyQv@-HBz-I=(Y&iRr|A{v}uQ1RL109CQQSzjy}nauJ&
z+_l7rw)?onaX$*;5CsG@XtY;NM&s$dmOq7lbL{A=p`C!YPB$u5bH!3^>QnlXPg7~@
z?-o+_@wrRWE+v_`tuWpUpr{vaLG5ackPw{()}jnl*TT1R00<Fz3<qGonz6zveS^0~
zK@*}W7!f%jtNZvIP5jx6S%bP}@{`?dhLW>8Ru8m{zFcw6Du574hrlWc{Y0)}+G*t+
z`b<%m0+`do(2iYa@S$911*1I_<EUrG9d6Mc;?qcOyYcqvG%iM$fXtE((=9B~ltYIY
z6n=tUOb--9giHl>4^wibYJJCSXmfFb?=&b<D2XvRrNZa5M>$VRqLua5J<?e2$o^D?
ejp2Nctx3@@AF})&{9i?=p5~!0g3qJ-IsZTY>P8O$

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/sharing-layers.jpg b/docs/userguide/storagedriver/images/sharing-layers.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..e59fa833c99055df1588c265a275e10a0ca23c18
GIT binary patch
literal 56036
zcmd431yr0%vo8GN5<J0z1$TERgaE-cKyY_=C&3+pdji4T-Q9z`TX1)~1KHX8$X#ch
zfBomK?=&-ARZmq{yUg1&JWf9@11Ms`AA|ugFmQk#^ani70q+1vh^O!rLqbAALBm5o
z1q3)a7<gnvWMm{nBt#T6%$F#r7^sLyuW(*rU}0gu#zuaLi;s(qkBN<q{p17;loT2Y
z8Ud6L8wCjkg#LdFk8J=dEZ7_b7z7w90FDX<feQB60pI~(02m|$81PSkhJb{E0RxAH
zdz=Me!JajjNB^k*J%<#JRiLXTo@M(1QwvNNJ*bnI8{V9*5x`?$6dkILmn8d&)B*sq
zp`E&1yV~NL38?~L8?+FnLtNeF_TL?;WBapSA_QnXxa(%f6<EmWiWhmP(#H<0D?;>f
zK~FV?(OcMmcczXL&qBNN0$_Y9>k6ybjpeeVV*4}8;mm)+M7li!(wU86i<?UXo{Pn*
zkAMR-_on0`Ik|ai{HeBS%>E#~#DUBSnOF8`EVGrZWmwNe{uKKG03fFwA>A9x%u<^f
z*k*eqVNNdNOPxA8isKba!-yShu5M8u2$Wn$DdEIt$HeQFx@}VEEhf&btPgXX&J}T+
z$+wO+6x&-9UbFx(pDR;5cGVN!K}}Ik5ijZ8v_SMWxo3}sIE;5KcJDJ?TU@7ELB$Q!
z5AYeJoK>Sngr5@Du8q~(@x*Q2xN~;ytC{b4j4{UUlU(G0oSi=cyftMr$`a!mVU8p-
zsfECaV^T_ik@<l7LO45X{uXZ?h9(pDD%1Gs*8v9+i0DF_vxiw^GUxWNi`XPbOlR%E
ziBBh%#$JHa%TJSbm9tLCsqh!8jgo0Q-;gP<ld5^mtA1D}UhuA`oTe_kkdB{MHsI(p
zJPsSTspaE+TjkxyXS7u|Y|?dI(>)$#OLh?tz<jYc_qZ>-;DZRdz?7q7^Uw3ffe4>A
z3Xpv9Njar{80OXO9<usbK-=+jG3lnx%-%;ET@YyV@O=hr8rP%!UE99-&5FY%53YP}
znY#{c9NV2kzTg%VMEkU}ODtDqOzfy_tJs>o3j?n3vWLyY#1z)T*GxmUY39b@$UPN7
z*0eavu1zJ3F{Fwev&PRn@s}GN7BE|Qn(B@LGbSJ93qNyDSKs?)vwtj_FjA-N_{Jv_
zuJ*A{m`zh7HVMO%YZ{Z+i=$mYYj#d?Klh?NO|Nz<0^_I$;ib~-exY|sX3F(Cj2aL0
ziz0jB`LsRG1Cdl`0H6?Fmf>|SWaqim9y(CFSgW>ry~bU<Pny7M?i{-vS6?+Kx6O(=
zplGh?>Fj9g+te^1f0)v0R_Co|z;F{}?TX&7YujiOU;E0Bv&;)HrTkbEAWE9pOzk@P
z*3yu_I5^EKNNia)#j%F<haXHGtItQ3Upo=kUSXTmf~<-v1!yvB$~|mZEg>IvU_<i!
za@u=zM+faI&UsBzeG9Q-0Klg=eR^N1`ur|j-8=wSL#d%oD+?gTxaX+N7Vcx_$`m|*
z#~+O`Qbflkzt-$R)tF=ZQ4UMOT~&ELy|KK~)sUU1rv=b)%IM}g*t9Et-)W-c{04aK
zA6h#PKvFSRwE(4~x6`1>&M_J9?9-G30N}&216eHq%jOyYmdgfGftlx1m^FZ=H-M63
zFxLn`GJ^!f51^y~L*49}i4sTy*o`Nse+3XZYg&NudLsaUHREP26L`{u?V6{g0IxUY
zQvm49IROA7)Y3OW;#q~LZCF+NoYS-Bg}bU{8S}FS=r%DPZ;n7z<Q@dzxeOfuAmAPK
zK6S*CLjbzeY#D(?RU1I6yVL=I30LXAaQ0_40AP+XJaLdXe>nrQ9nb|Cg2J0)X<Dym
z&i)edOjG-r1%Y(W3}C%~`>Uz#nSZ;Qsy48}b@AO(i5+==$b}Uj1cSvl54P}DyJJoZ
zJQ>0A$oD5u8i>DiR3(V$mdUrABm$w}Z=K(G-3s2&mv}uHp*Us7JyB2-U)=xKSzb*p
zKO5p&P>s0zJhR@TBQ4JivcUT4E$kBu2Gi#JTt5J8uNU%99j>Iw=!;7)D{5=nH7BwK
zdq9R7GR^y=z7Lo)Hn4vxb(AVGBvG&)i++L`zZe;k3XKJ_BcCkCQLb1*MLC!F@~6;l
z<WZc>m76Pb-({zsYR)uSxjnY+8F-=gg|but1OO-?lP3xQ_yZZ)hI7w-0FE4TO7RRr
zOujy?q@D4262OsTgT0<nk_VTaGn(ip9uj}J``a^!tRce4M4JE_>`#>|KmPTMLQIui
z{VDd|ovZbmeuK69viRLOsTnn%Cksj2#$`E#Oe3Wn(&Im^HFI^bDZQA*wcCtmESs<Y
z1!RU678f6!SdAsEApUm){@?R(dCnI&-)s826_VdPV_>X}!F$gvBz|11*E5FyE&BZh
z$`cEYY`FIG8G|X-|2IWBPpEG(v@E1iudOUu2I+hBsn_U?9h$>$+BE-+Al|fa8yvxQ
za_{2Fx2CgW4JJq+Lp_I>4wEo8T}@3FoquboX4~5D{nXCZ!$@kjyEAToI{(6h7leX>
z%f&zTlF+}gCC=$T?ReS(;904-G+JHf*jHr0Nz*25`N{y`e^>VifNmOhXJRQS=Wfu8
zWsGcf4AePkDlY<nKh+1hT*p1K?nRCn2LMJKWdOi4o?H#JZ}c#lScl^Jog>)d@>3b5
zoOhQpnnCgWZ}>mPo}hyX4(Q|o4)Oc=@s}P93LF9w8s_;}0{+~<|1seoIkg|@7O76m
zWnKV!_XSeYY+jIu6&P<U-UTm9^mz$rp>VI_jeDJ&d!+^7Uyg{d>$yyazB(HppTPY-
zasFXvWo+B*IB3=c6z1P8xnON=4^MO$Wo2h(<!l1LjeBacRdsWSvvF>2Zl0Z&tEHu1
zVd*w;>X%E4Etr;f8N2GLcH5QZL4D01Vr5S}G4Pk>Oxt-HU)joN?$7342>>vojdUUB
z=NcRhmqlZ>>rH%M2kya$$G<r5q@gx%AL<T2`#l0h2TOkSI8+3rX+MU4Hhoxox8Mrf
z?VvROK>p>{@cT~Al_&r+W_fPWp0^d%W^{JLD>Y1f0w9|olunHJo+|~FCC$0Vq(LDr
zY3$DV6&)NBsxFOeyQC2vuk7Csy}m3qaZ`+5Qr(h1`UW6p-gvlA+o}G%rdBy)i&}dS
z0^4u&W2{D&mG1R7G+0b*_J%$zIM`bsv!7E`ubOjIUFQ?vZ7%Li8k0ZnHZ<5jYeoRI
zi{eFLVtui3jX`@xzG2uk7EH|rt-AOlK%M%4a4%)=360pSHJqWQ{9a-sYj)-YnFxPv
zy7J7>d1EW9-Y`E=(+>dLnQlMcx$NETSr+e{9pan_h`FZ~E@T*Z#FF6au8|B47i{RO
zR80<%NR#)tjmq!cTkK;WoLLiDpLh}gklEX8DO_cH4UoG>1T5e-m(`pmd%w<%C*-%>
zhSN4a$0?01Bw96=Nh2aBow71QZX8+|A{8|YrYQ2+4qQJN0pK<_h7MsVO0g$fS*NK6
z{tAG!WV5AWarSAG?T}3yV5o0C#&_vGc-?0v1MXse>tex64mw2HCV~c|{*3KJ{kY@x
z68qM<AS~EIHi@t>C)Ng!w?|JvPd71cQq3DjlaNSktaaUH&{5Wt52Rh!jU9S}$I}9A
zZ{nN_0G1;V*~tLTbqipB+KVO>$z3a8CsCRpsFlLirTR0P6i$T0d<IQ7GEA5j0N8#6
z5{V|;djX&|Qw#tkKtmr~1{A$~evyGV$Zx+RIIkxVfD-^kAZu_f0E7T&p!bt07y|&=
z^6Ua6f|5u)89X_C3h@BhlL6T8l^Y;^N*Vuz{HFl-8xeRWTr^(Klq?C<Fre_O?3n=a
ztIre<LwQw-hAjj46eNO$XxF9vF$;AvM2+Q?5Z3}J5Qq^cu)IJF0P{ZLi2&e#+dYea
z+~NGSxZwV_!r>NpR^$Fo41LS+EJ8_@JkuqEfOu>nGLQ|V6iJsNSIZL$;hxHs4HpoY
z62DOa5=~4~5^ZNx3Z7H|`%JnFq=Xl!Kn5fsdG_0LZ=O)Z3#}&tz^AcqI^G^VvCz9H
zPXvI{>@PHGikp1m!Tu`DYY#Mcn_o`|gn7;r0l@P+Qj?x@_y>`B)|gj@Shurr>eARe
zEsw0aI3=A`<$tRPqanLgKscf;wjfghXsrbW9CLwZivG##iT+22QqRQ$ppyljwfYfH
z1OTu9<MUYr6iuEfVpV}I50Tzeg<-px0t1GM|Coijl@4KvsqBNyh*Q~^#urq7*Mw~r
zWD5#ZmCpov?so#HkKdl<;hJXx*6#I8|7Rl527&w61_AbuM=)s61_1>F`@BOyp!}ow
z&s-QkzxUvA0pC_>1TeOBJ%6sLIeS^>1!;YKhi@3Jed+Gz1pwXtLu*GB)4WS!0$>8g
z($cT)${g%&FJ8bjA2|5a_hp1PyQ5W?^M7hToOVA{Ww^fgaB*h6YjUu6eYQFG0^I5c
z=Thxw$(%2yX)p*}=Y9b{MlLKyuaojxSB%H_rnbLrU9*#gg`U4&cWElLR5QFZU6!Nd
zW;1EuJf6@l-W_A(AAJK5uol<}FA;_8myTT;_dNoa0`RnN(^%ZL+~=yhHjX)YhsOvr
z)<4xcnCC0G&uP>h6vJKi_sE*O<hgP?wV$i**gC2$X#N2JeEOOT+5BWNQ%*}NGinoO
z^tE2HziJQGhqp93yW56`jw^4MGTTLZoX)oDs+Z@v+(IW7MV5+IMAG+W2ClbCt&bd>
z7s=QxN0tEs=6rjjnN7JpwxC0i@b&JW59?r}xn&dlbeG)oYM-3V2r}PE_pux~?q@k^
z3}+9opISEys0)TGBuo%6UfiyQ2aB*~oEZTygFF&zmj3TA8xcJ`$?1yI?_0pbWxFlO
z_&ICW2Df*!w6*UkUN^n-$Dhx;YZ})cS-C3y$u5wgP&(6}zZJ*h%xkWYQ}GZ20M~K;
z<r3HEI0`2>^XQl(O^dLU_Oy7)#@9i@&I=Dm@05B|Mar`>R0DB%3F>EM<nog5IZoXs
z(G1IOFW~@KKGRJbJKePrSu%G5xtkW0>qj8cZ;?+kiFyB`knNUS!$yR?KbiYNZZ|5e
zTB~yI-t3g{^bsJ&OHStJG@RR?1${m)SO-uEm{t~st4hU_8|iJPEK4kg1Vs2FI|tY9
z9%hUy&WGgRgt#4&C-P}87+1O`NXbES@ucEgV)&X@%yN|_L;%pZP3&}emfmI+GY%V^
zXb{0>q|nL<x_Iw|(c;MvN{tU9J1aqej($cB0E2YJ)Dcg{dI4<x0$|uh$I1jCgs*XL
zTfj2D0Wfq|WN=?}l|&J-zWRKpm@Co!9{rBOPeT6Z>yl)7jx1}5YA;|iAR1eUG*$~B
zd;`En0H|+3GsVXXv^I)9y+8;6_PnwOf^aajzmx#1C_p3tfH3f9B}f5EDC7k|l7K7#
zKu`dbmPp{q>?y!TfRj8Kpn$xA0yxMG2mqP<ry%_18A51zB4C>n&lDg!EP0Xvp4s0k
z3HbgWxoP2tA$KilbCLi^jabiawE+4&2nsMsN;4DXA5~0eim^NUKmde?>y?G;vkqb~
z-|Ly7oBO}ZX+zIA5U%^?nb|!4E#p7@d}da1y`CwZ`ZED*mp4qs78)wpBnHV~(T0rJ
z+qHJjDi}m*M-A?yeuGc*b1XI>2x*U-VRLV)*W}l;9_e+G0YVgH##6d#>;S{Ojgi#9
z5<YF`Ak^lfQH@&biACb-c_IM#l<nFXRh_^S&$#gv1Ax6dN|x0#XEWCFOfh!3+)~~=
zvA7jS&j?ig??&S^zP6mJe`nEfl#*B@0BS0O?Ukh}r+qxHCo`~q>Hc&>4LM<EzX*^t
zhP~5gGiJQ^qymsWIXzSGh3RMdA3Zbt-rNBP&=DCFa3_8j2`Vk;S>`leex@%RwVtWX
z*j(92GY^9}0!V~*wV8-!Gpf9JR>9En^NS-U>NjIB4|ahNv$L|zP<Ll5mHKBjMC|WY
z0;>P&ZCajZ9L(Z(K@ss`f7>lCKGXl1h#$1&Fr$E;m4bmoLcsmrdq4vV0Etj&=%_DW
zVL+oWy&)uGWM*L%kYOMueMj=vO6adgs9><*kHDF~gJlB!DCRhs=Sw6i4a)Di-*EUC
zlOp|<J;<HP?TL>u*etW&^~lkW85&-D{un^L7c^khIe*zPU3wS3x{Tn~qj0QPb{yTk
z8f0TZiedO#Ga7-&o&U_y;QH%5p}U~rF|qV&B0ZUxnNvrYXjsXebY}YG`&Ala0`IVU
zqI)(6&$!(_+3=hM9;ZgVV+=BQ4XWH@8`q}R0^=h7m*HXFFZe^K@ai&eJP%iEXQ2`|
z5K~<{m?FF86URbn2`;vvAxr^B7RX7BcTxkOXOyUyggxmieHf|~bht39;-xnk$E=?B
z?SpHu-?bobJO+D2V~}AXr;s{6Q;Wn4GNz=c1!NNPsA<Q*cIwtJY_u8$H@_MgYZooj
zL`G6Ry=J`eUp0IL=J`=|vv)Cs1Dle##W(h@iX1+h)V?!K-NP1LGeCD1P7Qw$;c9@M
z%&#8;5A|~*H}JIm6<+&uQ`>3-nKl};$AhGnAdmm$N6!MDNrq+$T#_5ljAYi?8C8hT
zNs7JK@JG`Q!KiQjf5tNB1En8|eh|NqHIT-tcfGd0%z53@6mY8Y_WM<AySw&PY;sdh
zIo6nq&fDRU2R`PTGgMMMBB5wIun0qpO>0!GEo8VMW@f9C=ryF*KR#X>;~e{_TU+q(
z><aSgTbgwLq{?mmCWI}bFxJO+O&o1bact9?*Qwi-e0N>4){10F$xQBGu=?;xr-5aj
zB5L+HZR%Sv#Stc&7#DaCb1)-^Pl+qAd>S%{k1v<3-L4RPG6u7TRku3t<oq+(0-ayH
zBQ2$*P>g4c+9o);V7`ZeyaURwwl1G6rKa9lG}1p$|ME79o4?n}@OqhO?uTc8mu%G6
zkoYe+B?>Eez*k6>^J841E@be|_`z15M9O7j@m1}Y>#Kq3cX(Ij#!e<H$5d&qO0)bU
zM8E?YOB)AERz<mW5X+lG^ekR#8ppA?=tau|Op3zRDbRa$_N;ZGrlF?2zui-t-n2{B
zkrtZ~l3klfkPCtYtGtxMk5Sj(XLZ2HN}4QaBT?=uUg(-5e#A5IelSx+2{}*~w2jK2
zHAuoNh8-HoY++C2bQYk`WMD%6B*sXdFjz6Kq2x!lwF#xyqzD_%aXa*=UOOsh$4Bhc
z;wM|$SmWdAgZGG}yl434_T&4xQ0RG5&lh9ndhpP)@Ob(!bT>{%SHcYM({B<IlDw%r
z-IZq9M~L#bi7<;k+)D+Yet870W4X5nxmglsZk$C2!Ibl4nC<19K*uaB&a_pdw`uau
zPPWH~`%c5*Y+uNKh^9$U5Kw-1w@P<6az>FPbJUWpczX(SBoda&!-v{}YIG+t&pS}M
z6q$RYLAKU}t$LHC#8>*#9sAq;2dYQFnSdy;#>D@f0pVu<vcc%$wHrzR3|58P9sf1|
z$#IgK9jfmU*mOn|QbjyUByJ)E_-T7bDGkjw73t@2xzJdICh(dc8l<>>i<^NW{1S%P
zx2w7C_tHj7qCq9+jM%$@=Yw%@R?!+QK||~oDmP?Fpb<CzW5m#zv76jM+Ax{iCn@r%
zL9H#A9g_sdn?KH<A8+4juzC9}mL@D-5GTWKuQ%Mwq;Dwna!Aa9+PWWPkr;Pm%39-E
zL|z3y0<t}3i@&06&$_IWtb@89#Im=YQkqYNm7v;MuT*`$8|BA}6sZX33=>Jw$}1`2
znS6vf3D`G^3Zd_rAVq`w-pMF@?40Eg#awoDxt?~{pijw?Q~s(>2cMb54x9ol*mRY%
zwT}*ZWyq3Fg+=tmTVm|M@7RG0Q9#<c{<o-*Me_p-d<Bn(><Z0H7I5*;q;F!mvMM{T
zdNHilAcyf|o_Z03$(<?0??Zp$4<^*}^bWre6*1_w&TqUVj;BXkYmLR&Vv<}mopka3
zA-#A&5JLLwRgjFWzt5Fz#`+prAe0fYu#OQ+$Kk71a=1>LUJl8vjnKOo>Ct1MjfO<3
z8P#M1SNV`I<#H(mv^QdOPyOkLPPRIa5!lCo^NTFN_iZ57Nwko1XhOW)3T9lKe>2I$
z2<Ibk6KrvGZy8axy`S>neBEc0pF2}4_?5X!79p|x?YZg3=K{Enw_O;#i(~cdgEhTZ
z!eQKRF7lIluZ}LU;#Rg}1*dv>=jZ~p%0g<!mTzXdjzh9oTWjix!YVQlr6_oX^}}v#
zFV30JUCD1a#3rdmH<X389)TU&`u6iC!T#(j$Lp=l(-d{7!Twhxi%bD}6SK(038<e7
zd^-s%kmh-_qn>jW!3l4kRN}rxeY2G>6u`mr$prGV&KLoM%e9!T*Xk)TH@CF`2`MEK
zMX?3HXk5|TE6KwdyNi%VfTtl<1&w?5CsVB07Lv0%(i`iS$*73IY@wnRwC|H<$NNwT
z3A~P?Exv5=EY28xq+%l}JVes^m}rGY8me6|!YDM6M@2^@W*uV_OZrO0%mzIhx1o|L
z(ypEfnwd~LVU++e=Aq_}H#8hcs|BSR%oP$g_<+!wIIe+hd$xd663Mnm$##sy`EY2n
zJ%}&f?gY2C^ZQUL_x5mqFs)dHnW_hX1b)r;&5d1y?^LN{E$^N{ufh}^2kqmfKLfQS
z2OL^g$)r(yy2-gBCMs^EOC~iI175tSL#@rpc;EZceGF)N;^$IC-e171+?hFXLZd>}
zyqNLw<5jDLwRI9R(#6th$E0!VVoH9aEUIT<V1dw%Ye*#0JM&|nM9tjBMKZV?+3BQE
zH(7;xk~5o;Fp|RMYXwwa3iF`6ZT#2b*H6m=uS8{^&<29CSzv@4>m#u6S*!F*l%yaE
zj+Os)Y@zMF&Xwb<_xx~RsnQxA$TesJUVO}C-1O9fU3xSw5Gxtti&o1<$dgpdFRYNS
z`%t5-B1^8uZhJi8b%Tb}hrKtYkY8xv4=5J2;`4=886y$4Xwnz(;Xt}?BGCo#;&Qk)
z|E#1=+r@0JNvFILr7hg;Z^IN&eg)OJ-mR+`sdIwC!Sik<y}4nf<tIUoVjIRX{iI{~
zBVdpr*j>|kwE3pNF0M^*qYumzK{J~&n)R1DRQx%3hbDWY_e$4wva*|zleLc!zn7a%
z<$IH$)g{tA%9ON?2UO$vT3v7Xq}T72Hm^#gghB(vWV3a2*K~!xV8w^)u^zzdxeS}_
zE0<>TX^DH-VebjDuEZOKFl<3>sKiT<M?)}%?7yB39`AZZjx|J$|8PrqVFT@Q7G@NT
z&nMo=$6`SdXe*(5oJ)mCp&qWxF^mONnCS^~DWrRy?+g53HT@DN>oB3CKw)B&Iojg?
z!|5G?WmK=t>avq^G?XA2DaM>g-v*7Z_Eau4JU`imxnE_0*Dk(tpKUZLwZb$qb<BH{
znmol)(6I$gcET&a37JT=t+8J)+hu0WN#MtEp?q4f^O`ZUU`pa7Eg`|nqQ;C6WuxE_
zLVo10wZteBol7WvcumE!6K^2Vnbf>I{3WF}1;+@!We@Lslq+By4>yR;qKe9we<QC=
z@YYcFnB6R*HPDBe)LZWwUCpbINcTew5@V0dKFKkpra^)8M|TeblXM|Ii0nyg#dK%E
zQxR;z*Jm<VttQJ559n&eI%}u~UaB1JKA5EoA4RiBN|gdXy`zQyTIfkgG1>L0Kt?T|
z%EGC>JCgBQXTrCuPa*kur0}Cc(M)gP5EW+8XjxS@JK2YX^g*mV8)y7o{!-7Bk+iIk
zCg`=?XaV8=*ij6!o*iAGkxu1xm5{Pmfu?w$@<;`hLXHMwyAucd$_vA~Q=7zEC2cAn
z@)i>P^Ic*-sOoBq5}^=xPq<uICb}f(8FGwr`+-{8kcmyyT1`cI)#qDl_iJ>kw%9S<
z_%TJs4KVBSn0eyaN{2a_ao4KDL@aTgLgVz;7Puk;lh&MaU(jFb-V_vx)tg<A3$2hi
z3DfikyT!e166E0*gt1;I$H6@^-N?U7n!dFcUc*$8+i~MdG*|CpY^O4%HiKcPh6r1a
zVB4Ra*+NhS(<pj@HM$CzK$d#uSm}PY;4~7q3@3j`26@OTSHC*SryQE7eFQ>E&$D&&
zqOD^HDf?)Hv)Up)Dc9Nhz>s$<+6o=wnu|)=8g$BOi&9MQ5a$h?4f^*^8!Lse{rJGd
zth3!=^V0kkmJEbAj-1eE4UXAJl8}+kv4Bl7DC>^|6nw2P;BD`Sb&mHqp)!NJhfr|S
z@ILgvY_P5%q#U9R?k-u!h@~f>5Rgkj@Ti$4v98eNL<7Mfr+oATgdK9RY(Bl<y`|$i
zAJ8+N;8&WM;SsCkv1}pPXyP-aa+OuVDzQvHi)c~0+l;C0BA8*g<glYi#KcMuOkFZb
ztsB*&y1X&C8hoh9#FcB;66iGgaKEOiN4L(YI2zoDIo_FepVU$*H@Kad&TXIG#Ax_(
zl{-(}gDVyovkZ<-Y}!W2Wn)B%q-STurp9m@8|%~SS}$FiiGR6w#<Np6vl$!BCJPqN
z%pcey%ar1(IQt6<(H~WOPK)>Hy&ACAa}TZsh8dX?Ok)ydG85|%Wo`MhUx~KCIUl0E
zlV`if!E?S%H%L3qk1B+9Nc7=6WZ|uJq-OTOI^RwanXhQWd#o;0Baw?B!bBuu-WSu=
zn>slg)EaBB51&1cXL4}P+;}hi?|Z+32M<IIp8i<vG*_~8Q!zO=9rvfJK3wdaY;2P^
zohp^??}JU}!TSCPm=*HXMMB`J57k8sJpzX-k3d!F?ML&;Y$W}Zq4PrrDl9gd_!&__
zh+qNFHU~osB()DFk$Wq-8(lhfRgb_l|J7bE^@AV8uTPfKwb7X(^A--Kgcs)}F%W##
z&EYnos_h#y6H)CqJM)EhYO_n*iG|E#n|>+rYI)QQpxj|bYnBQP*=3m5y(1HP+&g*H
zsrZgO=_c`+$dv@Joqa-;=s^#qBpe?B2x48VM_~W+nZ`Zm5X4jUN<r1zcPw^2sm%MB
zi==M3g$q{3j(Q{EN50xU(yQ1s-1`X7EN7#>AcCK4wQ`$%1hy%KQJsg|FCf?(I6Qm{
zQeNu^m>tAfx^cv7bB^k4XmP;Pf;|G_)Ip}!TOZpX2<7T08z0#6f|g0urbBGk05Q-Z
zWN&Dm05cGSap(xtlav@spQN`FTTHuEF4b%nto!Y|X{T_j|97zHH-<?FnteStx!FG#
zFDKCpsFgpK6l#BJtMoO6{~s2;=@3E&r(_>AL?$E+JqhTy{eOk`EV+wZI}<3frrfzT
zXAz|H6T6=iY^=L0OgbK)oa7<>ID${n;`pw`mM8Qcr4=4}%g3M!%y*W!QY3=GcrFnB
zB;iE}em>DFDyx!~$}za2p^Bc@=lk){De!}Iw0bDGLNbp4cn((-L!=jeDx2w4I$B#(
zE<23F+Z*B&_N9Ny@<#macUFUW3BpOaYGnr#W$X~n?bo~S)wFSO2-Pzbr+xF`J5W+5
z<S-s`6B~xrBlVTz)(v=eFo}nqW~2ANb`*ay#my19dKLQm;<X+l1bm?kP{rX_A-jc!
z<>TcMa2I+x?im+(F0ZoG-G8I~A2R=U4PjGY@wt_50e=5y(Z42Y$>|o-MgG$d6Srvj
zGXDNnYU-`lj!>QRn3(@sR*5*VCYZ#sDdVmoJTGy;gJWqd<3jPD_6_gG86qTED<a7@
zlXZ@Z)=)*q$czwC$^O)`+(ELdjLZ4M#X%R(V#JwSn7PPWjDdK(9J|BDWs*qvMKmcw
z1<oawP&A1s=v14?kYWmvEW)W+4lX1|YwPXL>7z8#_G&*WxK;L+>OuH+hrb^*Z3?>A
zLN_F=SW5!@9o?+e#dzw@cf{s+a@>&nDvMU|NjEn*W3P-G)8!{D=BSQvBt#U2uzEy3
z!@!1M!073*3r)}u&%fTkjWJM>t6}fz2sN`cc+&}=g^@E+EcdRA&@R0kekmM57zUS0
z(Pk;QZ9kxqpsaZP-_(E6mb3qWB%87+cQ=VGmT<rVcP73gSkRWU7w_d3c4lF6myNCZ
zfU$HE-M70TlO5!N&2-$&m7)8dPh}jx2w0loT`@@6NS>_Jd<ivW?T1(NaXxByi#@e!
z*xppG^}|Qdd^O<5wcH-LrP?|EfpUk(x{AVOoy8$Nns&_zn!7Q${Q@NfZ|&_cmHtJM
zB1a!O7`9sV3)B$Z$#)5I#`~>@_M)V^L8Rd)OniAJwgJoQsk>pSMVuBj8+B{3|5{cc
zf(Fa`wEI53IqGRipzof3NTolXm>gl{F@9qOW#*&!<-8SWek!>s>D4X4Sf>YHb7a#^
z_{qs{1YgD{kRuEdg&I|5U655`|5NRjyh1H>-ek-)U{FYyn#N%N34K>_=Nqd*5+^mH
zs!MB%&6hDRb+)3^QbcL>z8jOEjz_>I*))PpmntUX%~Z7UD5QD4G7NPd4#uws*l2qb
z$mmbK)Cl?z2}MYR7256SS2zC*`M9+`XCxa`B2nJD1EU0~WpW)hQtIO!Vk5mWPC-KK
zeV>C@Q`Zt4lc7ID5`8YWU<K?YT^u-Z4~i9s3cAW5(1W&0I(#7c=kxUxSA`?YAo+2W
zdS}20$+rZhb27`Zq4Ir{0>Hu`c3S%*^z}~4j9)7kcTfGjT<bLx=-xQ}*T^d?hIJyd
z_>D5%*xoQzGR}W38{rEe5xxGi-DoEJi=O(eI9p)G{;MJ`TT&E>fInOB*E{#{?bT)i
z&A&I}Cxl}v`O7;Z`DiF&5s4)Km!q^!Nb<Bu3fHzVoCrfi_zf*ms(uZFl<!|xv{Nua
z8RN_Az1>a?aBCdC)kX;CMfnvtj!}OGIfbD+6~V&wtADg_Hus|=VlS4-t4XepCTJ_<
zgzp(J-jY!tpZ~LXgJ!}BL~9s3X>R21e4xRN(EuBrv56thw2!}V_6vE!6Vmv-M__Un
zg=hKP_G{pe3s$L5WJbLz2^wQ!#dn#y%YA)Jr7+?9J~o8JShwG!$_ys?zUjFZ4zK66
z#l6*!<&*s^b`sg%;-EX=`1u+e2Db=9@ITJ2|2*6NJz_Hb!zB~J)njM>Hoy9yXsNFL
zU&`i1=xgMBX8CJFNZWR6ax`y?c{i7Ah%F*-t)E9#*mntmgML-UCRbt!K|r*@qME`u
zQ%0qg5;fivHj=Hftxv7@LQiqUOuoV-G>@O<B-m|(qI)8b?{NID5i5OG?oG&OsI8G)
z+|Ok4vk>A{WM{yz#RMik_iF|=B-uQyj~$=C!6`8^W6&Cy!(-#>^69WH8m91cvkjt6
z;)NBHTTPZaS*t=z?ZL%@Wz%eaUCBMb)S9aGO$So<G<wN!*mis-3v9p56JmIdK4&Ut
zP4I#9;1$NoTZ{izwD#75<>T7>|2o3Q;wFg<#+m;0{ySpZmw5`>|9<4kI_wbzb6#_F
zy%T)B8=hKoy&D9&EDtUhU!aqTqY#fK?L*suv+=1FRQvw_8ekzLaP_DLJ>liHzAi#|
zkeKItx|?Dd7(BTy{<^%x{|K;x?(Kv?_jVBA5a4jIF92`=2K0@Qr|%X*qM{K-GJZvQ
zN%U4$PF}n84Kb5|jP>VMs8<Zkg70)}zL$+Cd?8`cwMx%e8U5=b4~`#nkvH$Huk^z6
z0A0p$-<XPW-FhY_8X=sU8@n!Z;QZx$`y#r6;cDo^<VW_!4OPsR1wN76_?&fGPViM|
z6D+m4J(D2O32~8TQfj;deiO6270dg!yw2NCVt&qQ4*L3#)?2zE3v!z-fd|@KHHwUB
z;RQ9wE`?s63ksMIlQEJ!v6$S@VpyMs{BdF=jy%PZkQ=B179IghnFzmH-=>s;>?V%(
zFuhzqauG*hAtCzOOp6<t??d%z=&=MMw1mH~8yI4cv+99OUia;n?7)XLeQ9dmnY@Ux
zn=*OE#Vu#4w$*mspINl6s17z!@p6?JLDo$;n?D>n^vDAZs8d}jY6T5()hA&+=%9ns
zS1is|={vD9FN3L=4^1P#^3P8wqF$vV#}FdgzHsMOkqpMwzWpGNAQf}~R*%@{R>gql
zpSr^KVBbXf`CBvLNDH06O-@Ye7FB^~4VBT-0h_`}`L!ag@x2PA@}c!PrTXU%4(Imt
zgrc@p7_P*9q`tP^lept{Bxf^O9cav}H*8jbV&@HfUQ8M~w;n+bl`!{3%&U<*y1bd=
zUePJn@EMOEA`3q6ubLA?PCT>;1}uX%9fx~Jtjt&TRo6D`;di)i$&u@AIJHGiX6^->
zY`9zKs^K0`PXP7&hT`#n+me80%!iC?eunT(_D);w-zi0M?Xd#Rg80KX!#D3D@3QG0
z&;qfY!5l1Z2_rh~mil20JMa1kqE6v54qyAPULTcS$kz3Sw;#N1SzPn4vW%IatX*~t
zvfQXeD9H-1xAc-Ea5@C)=E0_5SaC|pI5-)na4d>&T({b1>-(?~lqBy;{M<ALzJp4U
z$akFML5IQD$F9P7W&YFKyVxyu5ov5Zsh7rtAmDo?XylJvHj|88O1=BC9^IWBZ6V=&
zMWdWZ`*p5$h9GVR-;r*BE_<M;dlS=WV(R(`NzQkgZGFS~SP6ffPHGW<qDe`iD5F8i
zU}Hi($qmy8RIGj-{bMss3EK~678@z`6GuMGEBopj&yI#Sm2^*ERG92q{pH7scjpm+
zd~!549==g&AGCWnWyFK2w=vSf++;!yE3j#E=7N4Mc*h%g?H;jZ6MsJ~r#ZNH6}>#n
z;5>HN59%Gy;m_?ToAOxmF7Q#YGKien;GtLCvK#hd)`o-+RHn|^<{~_NU!x6Q@}Odi
zE!({)2>n6~i&>Xrn}OT0r&h3^#^f}tV>N7uY;;IrTPxx5i;{lx!cEKpnQ?6K<>402
zYL)-p6)q!^K4)n6x9o)tm3nzU(RnNT2aQb6dXxCbkZk{Iw6BxVPUPTD*{biW`Cz~;
z^<`A&kwh03;0Jrud6a3B@gk22^lV6{BperfE6O)z@6wJrT(s>U+)x)Efk2U9OfCZk
zskv{QdP!L}N7Ggp8GSo3jy8C!pD{xF4PLEWnjZ<duQh=061tIHNB|qX+Y;^b&f`vI
z2X^zR%vC>=w6$QKioY&i6n|L%!Z`dXhj=Lhr-{ks5S#~6d>YL_W)yN0qYaz|=2)AR
z-MdDyb!+op*2PHGcae7^%K^99R<=1uD_as(1fBK-(p1}_9qpbjmehC)9{4?1*Khq7
zGZ3#R`F)wsrO2b@r=^eumVRVGpRl=!LC=4fE;iG(P}@y;1o&yPzA7>z>b3_usNpC`
zSRDwlFK5}rY|%yUfquDkEU9~qRNgtIP@rarv1nFBQ%DS|le-VHXDc&AX_V;^G=WP9
z`|^*6SHlw=sj|}A9J~-7XDy4u!+`>Gft&anuGXP*hiV7c*ZM49bAy$;)#CKm8;jbk
zlJI<a3+dR*hZbQf_qk!&;r6@UA1!f{Ls!;*b%3;ZIjgoLs>#?gJ)emE2q;n|++=vN
zVPeu#%o~0s2!v4$!4Ei~)(%~K(cDkP&T$C^4cpJKb%D_4@+p;I-bR-52e_@p1WG+|
zd12KhWjIocwIw>UiV?1@91dnkZB_AyGUeTM;mel;;90J3clGjKFK%w8GpiOUNEp^Q
z(;!LHTyAD`0e74^vj<G%+8wZiLU%m!7p{?2YCBpVeEq*V=!LzR5vM<TQP`q5!7_B%
zQqsZQmvG2CLnYd}U3r(K%}Xnde85SOJPO8HZ4zMfyBx(xt3$M_S*EmLoOiGMh9cAF
z=RQvM>J~@h%u6$1DjXQyt5A7yCnfra5f^3X^0xPd7Iav1wHt5CR(AUBlemz7VJr34
z{X_#E+MtDHt;$Wtx@T2tj0yDu$S`ufCkIPd0elb)Yd^ic%jrQVc~dC_fos!d^L8H-
zM=+rpjjcVKC@lahE%K5s40oJ~cPX=4R*N8?RQ||Fp-m*raWio;Y~><Cg#5rHbM+C>
zF3XRMPxA3+;pBp2sJj(cBo)%d>vH;%6@hdYJz!bSLO^-{UZ~5}e-;o-54wM&f~|9j
zlb6NU4%^l5L?utr9TLBOP37EQYFi22#V`8^yc%-c$50q(7B9b5CXTvfmACdRnNjQ+
zcn61MWW&(^dAiVM;)5(!w{_~9+#g1Vy;5Db<&t*U=jbo75Acfwvp#P%erM>u)yS`f
znl8BTPDJVNp~cc`vsE~)lDH;k#Yepfjgj}<eaN!*Kd*&muOWwAPDX`m#kmia6cU8-
zTQT)biMc^H{{Vd#91KN28dch&A*{utVN%o-I_)$s&+D~c8Dp=YL&nTwULH3pFV-d{
z=|l^ku`NIv(bAjdk3<&bO7M9$pW1Am&aJg=ziW>chV(2{RX;1R*h8m-Dsc=UvqqQg
zPPo0(ote@DUva~N;&y7Z64)Z6(Ybg8FvrjWTB-<%%{DZ-<M-OF5ngP=SL<NZTCLxf
z$qiBlNpSpN-^3TKHHA||S1Vx~ut0yW__^_F&Hmk)Hv!J;4>x1xeiu#i7gW{vT3vef
z{FCkkUv6ZNxg1z#&Q*f<N~H_qhAImYQ-?^q=H&B@HAQ-2!jklT4`b(pZpN8JfLuE_
z<96Sc+4hyZuQm5>`p%(iC7_E9bV(uEF~2^2`?vTpoz1>yA;s$_Rthcx=9*$C`s5Ij
zA|$6~nxcK%^EApPa8_H2=pQ?S?yQ^gK4o;2YsH6XJOWhY+=G~EJYn`YMJ>QatsGp|
zFpAxQRyDuaH*;2AYokYCpmB3r+`pUT(~a?q1rOHcb!NHaqEN4@VXO7KsgW+>G3YvD
zzLK{acI-NtOmzmehsKeM-tQl<r>UF~6um={*3^6YX%(4EM%Tjlxeh)eKLQqkVOb89
z4^c;7R??kYWe%vv9Q15Gp(HnTPKP!c^v4!4$h(H#Ns&W#TPInDTu~GTp`EOrINuA0
zv2*d@W>l=_&UBl14&_kHPj+odOwH>+u%5ZIV=`;9!8>qnt|2yv>2v2|i+5Knvm@4d
zKLV(Df%GAjGkct;^chAE1v_cEH8A)LdqaI+unDt+cbS=%!0up-a&+v7UQ|hWS0g3l
zVZ9eHj*0tq$KRGg!*pGCKsv4FFuTLy%QMId5f$Ulf0A3mhCtJHrS`%ax9m_MUXSz3
zg|^idm2wxOp?(FG!+RVnRoJ<>>9Rp&EF>H?Wz&`c8?H$Llw4IBPdUbl8i>BSEV@of
zp>A+t{i2N=AsJC+6?6ZnM6?FBG9^B8?yp_7L*-q~y()Z72im_ZdhWok^4wS}>A!N$
zS@-C6;oLF!;vF?nBQ39-zy}1(@x=F-LLlfDLGX)44b@s^*-~Qb@T?KLFI3Y!h{b-Z
zoG6I>I53IeE!voLBmi*M5SyCQ7QtjjoLF`(bC{0?2vJ*GWSi;oxryA%b`e0@vWat;
z+e#0LVB0=~gvHc`OTegk5}KPu#GUL%5M39n7UZrsqtEMBF1gbl!?FiECgu(;TB11i
zga@^r8y&l=^3`@6ZfKu|`XI^F0?8knd4sU15sexAdC-Ksn3FWW=#`I&OZCw7e(Kk*
z8G3lodktAuQ8_i>)xtk62sWy{9t;|o$dnmDtI|~Sm$<)t-uIN*DP^>G8Q#3Gxr)9j
z>>B4E-3^J#sN^N|z2E`u?bd3}s|ymV?wIV^wd{z6QmylBkH86kTP!|nvE}&SiRq`+
z%_X^)b6wV?KbB0x#`0p>8Q#ATNu@=gt)i2xRplK2CeIp1dyghI$KCb_T*wN|G!+=n
zkWZ!_IoRTPlL&Vx&0CW_0(B1=)G7qT!5spZxf$IPor!rq*hIGU!GzZON-&rR(mp3u
zQT~s>hSKO4qficxs$`|+T7~!hzL8p;eKmCatg@n1ol289q>li!K*b$hYS+ERJFB(Q
z`qwPSnjgmCo0xIPnv|`UADa78$v8)>C7|Ze-B}{LWo8caI1)#$%*$8v;(Hk5DU%)8
zc|bSXabLcE!K_nG3;g;rfN^S8VPx%BXJRU`dBgXw(R}#Qn1-53{H3N>{YztfaK-hl
zFhkraj90i8Zfj8lzDYc5QJSGu)ikGMO^1*K90zvY%MOM^obM>ZP()2NcCU&!`mtb`
zR!qs7UmhSQJ96nB)pcBVd*+d|v7redTg_FnUL~12ciV#W#hy>eSKN!Y@E*Rsa~-^k
zT{SHuloR>fwN544uktI*S7L~<s=RRyof;w))_S{X;sZVmPUL7VF^yq5*DKUj^MbX(
zpSkh)xBmD^`wEeM+(z39k+JL}c<`}I7pic-syZcFE;Y8YZWT$i!_WN1euP8VLVTBJ
zsEtMB#hBR;oPlsqm+KM-5Dydv)+7%$#Ibbm>CPpw1Ha-+yJUvMzF@DFFAwEb%hg5n
zkiw(-%149y@lc^O8RCWOmu$n=wjH^|V5>ui3X#W-ofhZf*ewjzHB=7PbJn(b4#KOn
z);lc6qANq2UvgL1xTfDvki6k0?!nFzWze{2p|$@2*G9t$L5j!{<9KG%(G=vD65g-1
z5sFTNMenMGQTM~gZyltT#>Ad%qs!IC@(q7ukW1L=ItP^f@cPfH?_u2gZF4RmWpd*>
zbjZdJv_I2V)ojcLZ>t}HfO!I0pz#9y;hfQ}l&9<M?2-%}*lO3Dto=ZdHfBG)CUSmS
zE{11cvP_#N9nDf+w)sL-@?Nh1bcok^73&`NTj{lLTUpKznHro)+d_BAydo6T!Z40J
zX6FRg$miXap}6aLN|XGBrQWOgQutl?;tDjOjqTGwH?upoO4JuiJn2EX*78fpi$;HK
z0?W(PDCBp3o!d9`ct~64$k+7exd~W@Q~`btV|q(oiu46h-_~1?BoU1^A*OX!#5-y>
zf2m(uf{qdfvH3X<p4PW+-wJSbxzmPs2u{*=Um~~-SXl5w!G803;A94UBvO>W_?mP}
z^ya{O2!rZ|aQGVZB_@UM`$xB$&0fc)w{6oGOZ%Xy#y?T2C_NsaE<r)KBa$@SDad%*
zI8$@yo<R8{Z`(5c&`H+)lV&^lM)TT5tuW}o3^U-~d{=#w)c%RHS7EroQ(3R|STP$$
z7fJFe<^{2()rFgRq<?(&>pTr7d}qn~Os-L6F?PMp`}os}qV7XW4mp_W`lNlyL}pU4
zDUR{RwZ=xi3~uGsd9i@y{jA<P+q}3*{`^w!<@iY!Td;k$fL)wlqIkaA9MXiXQ~i6z
zpBJF`v6wI+7B1>B+;k7PlLmO-pK_@wmpf>TM=;jYDXN(iu`0dJ4^`~STT`^otC{$J
z4PafSYVS48JE8lKi{wa!%cS6c=i(K#bMg6g4mYy%GGqK-273t*g0Am(p9?pMKemH}
z6!!>d>R+t26qQ`0$ynJn-`vty<3ri|LzFC~h#g~lV(jUTjBt(~hah1aCSs`)AE}`z
z*wgaggjU}7cAhlE);7Y>G)FV^cCmU#(|8|uj94fS^RI9RHrpQ_$YYci(>4}K8IQ&?
zOk>RMe0Yb0jC&-|!Syov*9In5Rk&6??5wnal(PX3B)<{GV35xHStb+qvVT{s<>*e`
zZ7^5LV+5z<J1pU#cjT{rb|bJ|<&Elg+Zw$yUraU;Ct0IA*5Z!Fu(QQRrbzW=Ubo#q
zGnms)bWQBNf9c;SCS=8c@V+V59X?~Q_D=r@KP5=;7yg~p`Xc~u3ub@X9=xKry4f|S
zLo{{e3W<wB%XSDa@}YkXcaKf+tDp`^Z6Qodq6J26$LF7Q-rkvyz|@R;%@K70Z}vDY
z9{od8|9<ypb?tq=Z_C@B=NFn5Jn+^=jR)uwiBt(JicCg%dLs(G>A6ww<;jAwB>!cw
zTHE}e!U|xrXNn;C{x5u)+rIs~5f6?p(hNAbH1FNx=EA}28=REIt+lT5oUulR1Vg9c
zO6<$1;IJ0r2n8=nP9wfW7Hks=nfv1}>cNr6Q)o<aYZ04dNAS);Rpn@qaO0SbTj<uo
zo=?v!FJ#R?j&9+3J=;`GKz=@$rmYmbIxJfeUJIG2HCH&{>gsAw^Dh6VZx?y+gHyp2
z2ER-Idb9%y@pznQqS7n4OFN9QOj^W<PMoTpf>&xYNv?JK_I({-Y?w1{Dr7YhGzN6I
z{;tso_PKrnE*e4Jkl|UbCCoIpP4Jwrw>n8PI#aqiWQPWvN*TDh?Y<LR3xAqS6Sdnc
zT6tl$Mm);%P`8Bv+v$HF(Kp1+7Hp{3>jN~_NN2&}$b2<~Q@ikI>zb5sdp|_mwxw~u
zf}>FLp_70hD9A99y8z4lXG*{tXVJjl6WY<~Xps2+pw8O*P>QW_e=*B-f6{)u*jBhj
zs*@$m@~utGRh>nqv*)MlTn)|1CKG4I^HPKCsE}QqL5XYH@|VTCm1w1nV0|Jd?zk6}
z>-0ECG;J{(_okaaY=?K)r5(u)T+xLJYirBHVGKB6dz#yyXGnebtb4phRGFH*)9y;=
zyl-vcPxly5UnZ)pnfW)$N!I0(Eht1;<b9}CB$><mYCiFSZRbal{r>`mU<ZR5S&i~(
zR{g-@{k00~v<u1`0zJ?=nXPR!5Tnrf|NO6GPm&usa%3+Rw2h2kq$z&%1pSAco4kj!
z<g3P5c+knEkRKo4Rdt3Jv=HU)^A*E@esNx0c5A(?B=616F-@r|>pN*nBbceHu`Hee
zIUT0|LdSM?t1)!TXgYTeAI^${Ihg`N`D%7`K$8_gB2g*!y4-=%XL()~4*S&Ym093{
zF%yOhV3+5hWvA43;MVse;DbNTEFHA#E85T##vwbcb(gw4ZD}&5wvpl8l11T;E&rFL
za`0h{>tZfxs}^k75{%x%i-nzQ8?Mm`Z8RS{QI942*lU{R)R=nZ$JEDGD#A*@dov4>
zdeA5Sp7A?YE|To<zD=?02(F5R){XOcq{kGnU+)T}JA-TGmwmW#{HWvH6e)3)5pM^-
zzw500YMoGz-uDC1^s{Lfb3A2(IF5&#Qk|Bq&Ma3SA(><AKyHfbNip370VWP}<zZUU
zSX^91NwPz)yiNp8MchWZ16#!sT$w*k>8f?7X_zlECO(Z}jExv}>Bi;ufkIqJZx=vP
zSswv@*PdYS^k*fiOC8%e`g^D3&HktSn5Mo#fpZ%|`zPrR*RtGhIVnvFQcG0imN74@
z`~DXwd=uyW{~jpv!D`r%inf+iwbe0dbA3hT8%k^^`AN=-gAI9`i~kE0QNhWo2|R!H
zEOlw)^MAS^nG;&O=X62x)#t3C7WY?UiEU2((<}=LU87J7pf6hQ#F7E?%7Hz;hH5b2
zi&g;!sDYjHtr$J{^OCe%aQop9)*Q_VqBE{DyEP)tY+#&Toi>-YFDQv=Y&ixT*JpUc
zbvtJ_Ptym8W;9toAr|+2H0?a}(C3j|i3-}#G{LZy4Ei@CfP)uU37*f(aB>S}3~}uH
zHCD1}iP?#o*3|c{zs~}E`(5!O43jIPkh&Ywi;%IEX!emcT-u{Lmcs~PMt=^iX8W<V
zwFPOjGz0%Lh{3O`s?^%$Z(~>Php4{2r+=A56ajVslOT>kNBI3Jb<8txHrvc5z}Zc{
z9b#d`ZuyX9E?K$!@@5l1xd&dfXnBo*M%%OT!%IVy$WH(3`cueXsubECT@701buTlZ
zC7{0bFqcXpp3)ylTjI$nli;bEPq?cb+{`#8)6R?~I)I+(Ev2RWcZPZuc~#r?(M}pt
z?!PF?`LY>|^Jjm98E>`n_1(xYA-)qLM^uQ9-w*I1Vd}FAX8+36q%Siu^y_HNPP+>8
zGJ21(L@kFrJEai0mD)_)<s(0XnVPWFrBM;Vi%(mchSY{%Y+cyW!L2MCvJox}t0(@N
z^bk9;bs`9KZ3|gLP;X_FAAyW^EOk^1W=FHS^jPS7LD8&EYy<K%A;XIOLHThobc6zD
zxA#@{NpVLxN3}<_F+6GFk)=!cF+vyO;>uIw&~0x^oQKc#a>?vzzP{J`B~4E_cqpjb
zF{DX`mApLS6{eM>wv>rG(i!jL#c}G9<T`G{=j4=|{CYmc5L{q;I`INbyaT2W!I5-|
zt!5M6kITuaCUKq#6TzQNaEB6!%L&4aZPS4Y`j}r1Dg&9EfSP}yywM$>fPNguSTEbI
zn65gV_E!ut7GK5-J=bq`S$Nf)W|W8KJdxe!B4tsb>nnF8E@Z#rl+Ae_vPYjjFjPZV
zNYP2x<n=hl=yCUz;cciOofP;xe|*=FPq?TUaY*$)r=VQxI5u2~uf{qo9aI#U{Hz60
z_5a5^GfAoYQQFupjL%W(%L@T?92VK~_y6KZ!syELpc!;UPlE!wk_TPVLxKJmAt-=;
zvkL~G5;Dpjztsj^$&VbN$V7f;5GZ}KVx{%xH?{nPpf4x`(?}=7=#5c|^4UM$6N-VA
zZ+0YM7CS?|`}nishaPfn=2coSS@8jc7PlvzQtRp`!!%a$6}}5kRvK_r;#*<iUzOBD
zGYaaXS@c7hPzRk}hb@lRZ$Z79%I!*;MYFw)`u#mHb83)5ym*oq=9_6O9)NUa>_NV!
zig^iCkX!B{>t8B>K0F~{48Lk5I)}1<vs;j!^{S@t#$sOu8FgtR@ahxPpp7SYT{8U2
zWT<^eg8Khq?k#}h3Ys**7BgAQWHGZWW@f3y%*<plGh58eEoNr4WHEy!Su9y#F?sv{
z|C_s+i`bowi@BJMsOZe<?pImwRlTCj{E~@KVRHitfPoX#sVM}~SnQGJ>RRrhXrz>i
zvIv6D>TBo?E5nZJF8f0TA?oj&Du}Bi@!TC@rkKep6LBGYHzJ=<T^67L+3?;@QifuU
zY{xMU8pTwX5|&n8l0~^#AHswEfdCqtH!iDP;=EH;QUl<IdqJ|nxj&17Z7}6xHT$4T
zX75Jdhihklyz|io)e&2-YKOKBTDN;S*+l(>53<G92QJtw><d$cfcBV}bvgAd3ZW{q
zzwc>qnqlCI9?9(oIc?I?-lVJFN?~WtB;heidm5c$bQxoj7bdE7%<^=7_w~TLzDuN~
zGeX*48eOS!64VKj*(}}Ai0hst#J4O%2>8j0_pLEP@M|cXPvE)+<)Iv6&EifL_&Jj9
z!z9j#ZTLUeG^j#KV&}qPc#=)M>x-{=1W{>TV#n}gM@`$oY7H!&gjTWz1I<@hJ_;~e
zrji~~c1t|{s6&o^<YG@Z!cfiKkY;T-@qMdH^^&A?yhx{rqLfX3p{w7IsNFmboMR5K
zg>B!>K1LyN36`6+nCQkx^$uK{ZGf)6DaFNd;=&kP>fmE0ct`hu)q-pj_zNf#B?wm+
z`U~)e)zE_7wYtPH5AV2SL9KaHtdQc8q4SZ#wv6*<x^!QipF>N9f>G1*^94HvHLA@t
z66Gfv;V;C(LI53;Y@r%=RJ?mXbFgkMVlt0fSGJ>cjUW~gM1<wqHdI>yXAXu>GX{RV
zBXMZGmAetp*f#tc>=wd=$7e%d^|UbIB*uGlT=X_bgC;H$opPMqz8ERRkTjOg)CW{w
zuAbj)_n$g<qBIiiB<jpnsv{OTQZ?`sAHrnX9N=d<oJJis>e36+b(w0R(~65G%_12b
z>-F>%fL$6$Pj$Ia9!E&(19}hbQajqz;gn7|0e8M4<uH8Sisdm)h0Nx4#->J0nzUgK
zG2x=IL;}rRCv#mde&8dN5wTK~(T4)M?z`7VmFJnGbmZMM!VGk=<Ui;2)`w*0shkl$
zG#n!`Wpst7cRV-E;8PZe7CX~=tzjW`n^%Nuev@*iflFk51F}0i)8m=!vjpi{F*+ai
z5#+M$<##z9PNVC206I7Bh96B}HI^UspL^j8%eTs{=0mK+0s~*Ex%q`TZ>bk*VI)dg
z$QZPW?_i@iS=ClOEg{mcuh!3(fA%~J8vX*P=YC+@@+G-GVX1Yi6EZ#}`RLiH;^8$r
zUZ38Pl7MeRvNn7-s;efJcN(%|nY)$@73MPveDWfa5}pNy$k}-dM|eH%amA5AO6O?+
z7fY=@-`qJf93)O$yv`fuQ+(NY?`7kaX4%OI;-!bKDj<mPG=aDYO51OCjt@>#=WNn@
zWcgF;t9jZSl53lhb}_&xgwpkG*FZTx@D!&BCxGIdD#9fl>reIVI8hWIJ+>$^<eIff
z<cc~LYF)P|FTu@+k9<>wAj=Kg@EJdfen+dkh5RqZ7r*?gQ+|Iq0Z;w>)>;d-IX+96
zi6Q-k;zqto>YuA`iiPuW3;PX@o#VqYI(*0UEYqKg6+~MH;M6=5h(W^1V#1JwKSSj_
z`I|N4h?J5bx!y(-h(B)VlP>}yp<&NPnfutoAZ?#!uNl-_9CT7~@xHeBvU-JA(Q=ak
zuweX!So+`f)s4i+q?fPRW~x0sQ(;yjunMGkU{(?bE)gIO`S$5*IhCbu@?;Pl)Bn(!
z=qOzgm(4f>@%RiEs!7j<jUsnH(s<E#p$RZsx1%TLOr?@OU9hNbT@jR#toAQLMEs))
zY>be$YqKAihS}fWhxuv!HrR)&VdZM((j@VO3V6C-BpYz}8yTEeE4<733cj~YhR)72
zI$l|im0zFkF<xoNr(NK+Z(8#qNR1II-RL#o!LSzuxy1!8u%U!dlKG9V9<&86Qa#js
zQ#AM^%whM0Rs@xY+U!qmQ#G71?5*?>AwCwZ%U{V{eofn#XUdEloM*Xv;~>fo<qj`;
zdO{MYQ0u3*yqyuKBA3;2o-ajRBwmL|W?N4pYn*Q7z&{SnAjSsO{GoT9P&BCiuQAD{
z<slu@p=-nJ^(OL2BaMZcv;^kg<lBPfht8mu_><d_Z(AK`BO6e19VpE4xHESbHoZuG
zrrAa2sO3}a>q1v}+=fK61!C)dIR|^~M7lI@c)FEVS{LGKNxk@U)?m_Pq0?qsx1DW3
z>}VBk8&i^-dZg*_i94pdzZg<nR8C*}j_Z;D6z#trU@0}TBeb=;`cac1-4FPUhX=`8
z>?GR&b$h56OL+2kHLN9Pr#2?;<JK2F`Ro=y=A6^z)B4xaO?o8yinwVko)z82G(hI!
zUsF(TwNGp~{Jyzpr&S8x)`~GF5$|PW73Ex~ktDVa<Yt(Wey@;O(<+^&q!fEY&{eko
z3rG_9E+4jOoLGL~DjYNhEGpKauf)@C_et<+%KSXl-j#^>+*5tJV(@WEGjPch^#!_2
zn}tr!%C!vXS@~KHC57|eDp$wqFbD>Q^g1;1bE{r&v?bw)d^M)2r%~!G;^abOGRmRm
zc39)wg83c$8LvV<`k{8nY^K44#qtc~)ev{weTxe3(#xT+S>nY~e_XO=0J7Ynuhl#C
zf)7W}_E=M${>Hqf{o>txUePc3ZfuIKvznF0QtyE>l;jmiR$3?shV?WUKE0K`_Ngwa
z>Emm({ZEZ;<9jUKuH26uw);Mo&sEQuRFX&Zy8fMgVM_3bE(R>AOJ0HBtP8o9T!ByI
z6)aV<IkRWaiiD&%M%H_CC{APFn)qs-7WO6`8fK80uTD#QOaK_C3m6hLF12spT_TQD
zeUIPMs+n7b)4fB*`nNx&U5f=ErWQX;s`W=hYDqLPS#23rvM#O%9Bx!3sTMgKLMfcV
z)}xd~E_@Fw*8w9NMAaHKkZP*Z5+i;5ghAv^dy{o8#b2{b^zyn}5Da2NXqS=xIZ5Dj
zWGb-7j<ow1U@?yh7N-6?ss2$djqc|MVyfjogjK_aJz5-OxG*9*mHpaMDihB)HIQYy
zW*`uW(LU!l(w@otBXrwg)7ZaZ1n2r=CCP_*BA_U{!7GymEv`6&=4%14b(*=sE1Udh
zV5E7f4LiwMp7Y3zLqZ<KzKL)W$jK6~{E~MiWk#M_tZ=ngY{sE(*gKdrC$9|4{U)OI
zv8hl?e!;TX{FokgpxgKBi0BENUu%Z^4F#U61mvgz{W%@~COp24_Kk6j4)vLlB1tn)
zuQ$DVnWe>TY${bLbFr>bU@9Ho4pGk=HaD}dMEH;77*btMl4fH}emO}>)LHfR?|U+#
zV6Fy}j=shq+i5K!<uPhK_}LOl5LNc*rmZz=hWqy^Lx{poSz|{$qz2i914;J~Lc=(Q
zvK}?vu4dscNh_qeqfV>UmcJIWRV?puA?9sYNjR{+pr1otEZxQsc?EkI<dwk5?;qFH
z<e9c@{RO15YSqlq$Lt8qVpejVXU@gc4mcFvR=H4=WfUS9t9rS{49qbnEmu#JNj=au
zp<<G!vj`qRFe)<b=q99lrcbf7OE^(|+hOqW7+rDP!kn@wKY_B}TjM)rN&8}n#hlZ{
zT%;%CB&0<>b!meU!_CPFbPH9Rpu<<j^OL_hXK!K=?W(Je+|Wmp)lq*T7i^_!3{2x_
zo=vDsi6X#(LESc;Avtlw_R=yd;)28TSzl-_Z)dPv8bcvtQdhQ-@BY3yr>5uOgU<i^
zQgKd@P)OF(&!5lbI2L%xU{ZPtBIWf-sx&Jpv(+Yq?)kK{EIwM<QZ`=z%8*?hGn>j(
z8`G58Xg^!Bl|-sq%**ll3qWD@*rI>!ddH-O@hHEG)l&xSAYI~9PcY6M7akF0-omRw
z?7_;>Si=<t`SB$;i9M7ChQSf$^TuU!dB?JCmR#-Qh}oYa+C~`oh(WvA<4da*DKXc=
z$cp=N0G~4bbc0k#MT?V)@0DHyrx<Zk+Hb=h&R7Jkv>qjyJ=GSf3?Ye@asi2irL9fa
zUD0zr*#Ts}T)^TB)D}L`jUrzz?n6<7rH$AWFd}2+Idv7hioVS@Ed-*FGED9%7M%;)
zJ(-im(C<D*y<ho&aNRG4THdLh--uHDWQM(aOfVGHy<XC1K!LL&Fk1G4-}2MC#I>yV
zlxh+L%%I`0pDYZ7Gm(3BNtKRVz>a%^AuV2<9wTtI;fwtIv_>l9dF^>9d}BHWWTk4z
z&>s>F8v+kQT%2q!6w)7Lw6SzH=2IcriQ3f;P&x%Lm#$@AtU#06C!;&{5sZf6NG*;D
zDYOMEywa|sx~%9EDZYGSzJB((h)imlQ}o$1AePxQ$J-$e146d-#sW>6lAL^>Ufrqp
z60odvdqvXx2{q2lfb3RPGlx*4e{)t_GYM+<SFg8X5t_T;S3hgc&gi5umIZ6SZ8rXC
zZ^zGhp$dNi@DlLM`~pBk$6*EA^Jpb_#ub~KzGlJ6^5t144n2Cdi_ultdQyaV?H&=q
z6M6%$zCR?N(>>~{$~MHXkY;?R)Z@MpG<s+3{G74OnuzciTmzZRTA-|XbDN%~5}N$n
zjxE;Pq|70(qWA=(nf77y3>(t86gnW+p)UQ%RI7>C*2wRku54PE9z-B0;}=m8X2bLo
z&&9z6{`|lsQ39<|H2F+A*US*3)IX$Uf8%>mQr4QcxUgx@YqV03%_wIg@1+2ZHi2y@
z<=kID#bgX>ax4aQs2Fm5HTzEg1yl!Y1MHtqu!`}VMp+7sQ|5ElB1u^`(>_DYWGGNB
z?rW0H)}0lr4Rdorl<w6>>xPl!<-ZMy5o_Y;_dct)+)^95%rBR=vO-n8e;UC0jE3XY
z@9#B6qF73QalmmDiJ~EZT4sA;hLIja1-0FvPB>1&G}#*iUN55(RDR`7t7(i=dc3N8
zn(4XKSRb?WwDaPrjvPGI7Ho_*0nQ6=XHTAq<?s&;^wRGpo`BTNk?*a2$?&Agjy%L+
zVWRdvqMsNLIX!~8tmaR8{Q?V@HfAdy(_w?=yzK(7XmMJk`970g6=v_0;1Iv~6?;Pk
z{cdXruS9`*H9NHSWJ>|{GQ0^;buX3`p!Uy$dn!rQk=YBMV*l=I_Hs<p*D1?P<>L;D
z!Q*>|8dQ7D_Sn@6Vnqs_n{!we@KHUj_b_`~H|g=5$lKmUHgbiz*$WEu?)iKDG+_Z$
z?drkRMjW#q&Az3HcsSYZD*+|B%*o)|rTD~I>iYe{)p?+hY|0w35O|~zpXy)w7}Fzd
ziY_~KlW$kf-O6`xYAoU$eDKj%8u~3r^RuL4*PLqAcG*5pI876?v0mj5b+&Depz@DD
z&v35=%ZrR_=`2p&MO+R(cinf-in>B)LTkI`^)w)um!HDQ(xK3h6vC4iucWtu1)}XG
z?*g@Kr6kVhe!|~63r8<E;@&E&ZhYSRHJ;-~ZOWY^hd-^jw~f2P|FZvJkTFwEQ<uZ{
zT-GxD@}cenB!ET*h*trBe#8`M8bE#t>U~>=v||?@=a6euLu2XOe*t0aXAjc8EE$lZ
z?NhBS22(aH5%Ur}j^7qTNK&q_7Mnj42bM%2jM%%EF17$@2OrrlXE1Azj(NUx&dfTx
zx#i?;{g-8IR>P(rdajaSleSBKJMtbR{HF<je3lQg(6evN<&W<aHyHbBL$#&EMrt9x
zj8N{sG8?5H{ioZ%TbdNNe=86F-`GW2c@T3@`&<0UX%=v2zuap1BtIskqMX<#v*#iD
zx+(_3c{C0+;vM5=kp*Sb+gXf<HiHE5L)#)RhFi~pb@-sv2b*q`bBB}cn^pV(j&Tq(
zoV<N>OG_+la(%-YE5W0v-AjlvMg&X(55=}W45-GEMLXT2fWLjS#pTBLogrK&_jbCD
z%Mh=Yl-Et~p^^~y0GX>zXAIjOgKEoIg+=hd9q%X7(zyp`1+2(lfKEn#ndf#2+|_I~
zQ;DJ(G)5&s!+k=la|rG{=T5Yw<GN~CtGds|qImn7riq6Nxz!O$xOIgbV#YIphQr=-
zUKwlIg5U35$NBNmt4A8C|2I1vI$Sw&(3~*K&wKG-Od^LcR3bCLcP(LEBBgR)An<=;
zibNMgVG`OdNz7Y+6ix%fbn-rL7wF?s#lK(zL7(AMhU-G@vdDGu-DK-H@dOd8iWopG
zItg}$rH&3Fy3K}Vicd6pWWEWF-rTpDY^!0bkM2!q&&VplBCVE%e0fjQg*4kwG#UGK
zh(RM~7ot!(9O7yev{By<JzqT&guJX4{p=YqWL2139l@4!=Hu~%AK-~_SZSXRmanz$
z+RWUc5>erECA#cN!Jn7tU!II~p$of{c*k9*Me4c((wdSesG}{ewXG+%H2NQ8gVi2l
z4R%rwryOcZg+%#9y`I_AdXQtM{(Pj{8*J1jE~i;ArW#vI75LnLpn9>Nva+**T2e0l
zex~0>M}q8q+_Mr`H`m3@t;c`g2YDR`SDM$N19#m26fpdw@BZl)3W<;ZOpzSNGuDjD
z4blV1^VNEJ4+Q%#Rvg*JE-HT}@G42V4TUKDbcy;Q0c}<s*g}m~Z2c!DqO|zCfRzRC
z8yfyWF=9Yqm$tZM<UUNaf$Py_%PKzoEgo;X#OW~~k+0-yTCjNY@?{HN?h=DxBM=A#
z%bx!!S$oR&4jP}mcrBQ^WRXirnCA_)tX{YTG3!!+4Bu#+T00QlMOuekpQn#ma{K<P
z$v&J=cD(fO?P9oSk^~SfrT)5)1}&8F`9lR<r6(U|h<^q2s}jOPF6JdK&4#mb%g+Lv
zL7~O}uCK*-`B58}Up|K41C|aR1Kpm9*Z*WPgds_*_B<>1Gyt@8^7{Vy!&BaFyEXV9
zVx~de4IB<Ng#7o+P`6v!KU@z8D^AQAPd$(%5Us!XJMpe)Q_z-a8EMR*BU{Nkuq^PG
zn`3i%cTIn~O=XU31WEC)Y7DgV?US0*oLG1EeK^B+&=$YsnqW&pk<pLk@qtm$BvNDL
zss#=gZZt=iO-^QJW|C-+Cj!=dVA2;EXRL$W@@fw-Tm>N)LT6S>uXyHK@hMk2K?pbe
z{orxy_eTsD+8B)*$cAJ)cE%EC*e^aJGp%+Z6}pzTs>W53z}*aE55_k8#oCH*>SI(D
zsN)h7SAZ{FN|KV<j`JPY){{?41^`1)Uld=6^RZ#qa67(lw4pfqXN6ujnc@Kiy!|*?
zy0Nn><F_Ma%t3VU2QtQTvA1n4XPJHlYI~Dc#GR!_VCxR?>7gP*#y7%fBr0*Gna7|M
zS_2B-m7}-8Z?dr0qws%ZSffnOesnerBeVXeX%v`-8|XMcEcJ;X?yxz1R_}}be>Iu8
z3qv*fXJfnlTdQmFyQ}KZ6Qb?3xt|u$u0hXRHnxvxL!Yeb&qnr#Dj_?bqWW>I7n|;m
z2>lLgY>^4T+zj@xY@l!l8__3+xHmwU%w54LdnJ=jV#rXq2X+{I(-7IVBnUxeQo6lc
zgE3iNxY+~v(i7k+wG0gy{K1Ln{V8>CA&JqOL|ELlRXt<hBm~8bKDgtjbOjz<Ui%AK
zY`$g%&wTa`IsuxZPuNl2i%lA6=P;dg4{~YQ9?k0t|0>j0O)IHVXBCx=_$FGl0DrD7
z7)@N`me?z=#DY5)?akP07SD`d8K%g5&WVGN9c1V1%9&X|q6mWK<S^6ff8<~#CNyMp
zoIv@`C3jaB$Hu|F)-EEiMsV5-B{k?t(U=6&=&j?84r9kh_Qyq$vAZ?+ZD_uD3eURz
zBFhAzZBw-I``>EY`SyQR`(KRnc^G$WZvBR9zs=Np1;fLCGwTGA&Gq_`fQ1uug@L54
zjS!5Dl$U22snX1<S5dsh>Vy=M%xkZ%{E5aBSm&N@{PeKX#UmcF2IrS-H!b<Duo8{r
z2UXos85D*O8!Shawt;QKH@cd!G|fI=)lk;pw@4VqZBw@p<}&D@U-82x#81H!Z1T>>
zJJ=C2h{)H%Q3kyw1L&GE4lW$cBlR^fmR|Uj(9EnW-=}R5*6DF^Ep3$WLzDo0|Aq(`
zX8}E}Wk~laWkj*?kTZz?6QbQYZUI(Dze5>j@eeqgGH3A)bM4ORmPkHLv1`oIRmVqq
zgU;u4td(w&vjAUxlM->-*6D1^zNnSeT7TOyENP_&+Y{3U<a_!B)9Lb3t2t?P6r+9{
z^D&B`NX%R%moFp7{}Y1hygp=wl1uHpK5Rvt%k7*sWQ73EWer;>EtI1`!etYJk)GZE
zmqq-e_<hPu#`^OlCJ0y+r;|e6d4A!i{V#+<Q7xHdjhIhL#r7Gzj6a)0W|98?AwKh+
z@9Me!T;Et>kjPY3jmuUFM7V-kDSniN)9*v(kwJz;eG17i`mp<dl&avkb1?s2sVb^!
zGI;G0oQ$qgL<ZKW&fn}AJOAHGRdg^=aYF692024W0L9Oq*k^nhK#QpZyq$d1`IeV_
z0!ZIS{r$V2=J9SSbdx73HdTq@^2h1YUjXX5c0iHU>qtnpdQ@ZSOI)g+E7evNU6~`5
zCQ&6>8CY3cIl{|yt-O6Ui7lQUp**6GnG;A!hg=k=*uqwiZ{!=esIwuCMfb5Uz0vr1
z2*I>Hz8|ElSMwo-4O~n7KGHl|AFQLKxWf0;LYir)8d{5^o+#5%mfdWD4yRXT1v&m@
z(%4sjQH*{0#*=)sreY7*S%fSh`t=Ysp*?NM<{=~Q?IA&`GJ9&An`vhtgGcM<Vd5$B
zU8DAy-0k}t6s9=qdm(emy2b{Ym^M^b0W~T-G*a6%JamXA(Rp-aZ5J$B)U0*Q@iC^j
zP(Y<k+NJga`_sYTPZd$$VGcG7Go7h}9i7V9+^19rAO9oUh5i<V6nLBx7EAoYRs@kF
zRxK|jT&w_A+3;$U_iVYKrXvw`YZcFxh5pX5*mIjy?yvxQrOMf>CFk?=uLe?yHX$gh
z%}L9@C35H8kh|BADYUzyuE9&kF4YnO{LD>h?{eO3Qf+)MO=tq=wCe|jq^fU+D4jV_
z(YeE84YYnkqJpDUmqatbuW$R-#|l^D*SR(hj>9r6xkF1HvRFKLY4B5FYJ+-u7g6UF
z5Ji<PDzGQp$*|=Kmi{FoeC`o_+%d7V5OA4uHcLpnvx3Dk9$gJP?a%3jmJqr-gD%$)
zlE32#+Il2Zuyi4(mwd%4$u^pQii^;h`Cfl4E6hjgITKqT)Jo|@awdujnf$!YbGI!J
zUB|C1tdWoX<h(mcC&Bz2te!MnD|`$ORqv?0bklQ)&Y_bKhm$(OKzD)>bPiLP3wJ_G
zW+#VYFLzNIoH#NB5YbSP*dZX9+q!xaL20E4y|>j&O{k#YjizqEHxIDRk8+K~4V!w0
zoyyy3b{8*F0}*&75Bs?Kd>;?{10zR8BXs*0u!|5$XcNEOA4XpW>I(zAi!)!*S<Jbb
zp+loU9<woOu-{~Vj%6_Cx@j><90=xpNR2@x*vwbBBqkN(S30XRX>TED@Qt(-2%>dK
z?z%H-9iwVcf2S(V8<qiun@(0xSI?N$X240=iRR)G;H#z=B55KvmoAPay~tOE6_cka
z8iT51d9#=%Ei^qeDPc&L=F&p^3il42xpN49;mm?x5>I-%y|kEHPVIdN*7G<AE>Ilu
zjjH?9Z_vQ=7gGe}EM}sC7j_8egAE7NfIu}L!4WL5zSA4d{hWae+g$zH&a!dYx1@wI
zRHsb;#NU#<6TqY`cl1q}K=Qa<6W#)j-jZHsf9MJSqlo_?0=2d0i0}h5zL@b&q#B3k
zu(d~!C#Z7>{z~30TUQQ%AG+W@N<dy8Up_H(YQlu<$fAFP!ds)BPrhemvGSC<vDI-5
zW2W%h5cFN7$Z}^+*SWt1K8!pxp}(ZO#qXH3i~wKF6GyXrA(_naJR&ef&ER^X*Rmb;
z@FJ}&l`&FA-Ue)QCibpw6WJ4gzrWmk>nBv07<zMu=D3(!9;5*yTO?&UT@*=hQk7j(
z{ULGuE_V7+o@qr{3ch(5kN%c-5i#_^;S-*pec1v0adX4nD;oJ_X)UKLL%)7^SUppf
zfr>}Z>4{Eed=-CHGc3T(k;UPj1ctBK>8GLKR|+Wp8FPNQ9yO8)M5s@oLbruyRPXO^
zf#&R+-LpT#%Si$lXcaCo*Scq;b`C;gKS&F-J_P}+H8wZ&^M$QL+DZw`u&s3Yx^IdP
z^O{;MMIgVJE$@~>Y8u|9ZWc%MHj6XEInk(R-g>0nO_cck=#;HzErw{DO3Un>z^o8T
zR!p|m_sVz5xHp$Fyj7i?%>{>8`dW*Xz+>WNl22vyjA$}reIV=Yxh>g#@eWf{K(46i
z1{MDK<0YDewbhvJw{9=yQb}`0DH05W*JZ?R1DVuvsDh>2oq@qxsAI2%?HIdhl8%Yj
zDKyxzbOEJfpEJvbM>Oj4*O?m~K~u)TUx3UsQO?Y?I-?ItZ`Kkr>0*)emkp|xHhA!v
zJ8+I2gI&FrNoW9?u6A)z=3OlsIx>LsAtsTJ4;e-G*8<(c1qx<|NbZRu{kK3uIdpP$
z4XpLL<kT0+DJF+wT>9Y{V#q~+kKBDRujz2jbNc?$jP=f48nC#!w&2)llh>J>fcQrU
z^ij<^r`<l;Og7vn%8&SFA`qEZIF71Pk(sXKaPQ=a$A|+qG%-PbN|EGvO09@0^h(?0
zd&7VVl=aoigf>9+HXFToItb(4SoEto-HPK<4wtGT4x(vNsK?ogkellm2J_6l&DZhL
z;;*tk>ianG^dfCN-0@nnX^8a?V)TM|?821}cgyb*wLY9je&}G29&;y*4)PfXI803C
zmn?%yc!PIixtPu+Mmw3TdQ<gCz0gDICU+Eljn&s2-Ofedsh>Jr+@a#HL4_q^9DhiM
ztkZN401ceW8E{{GgNilRqk6sK*HMUc7jxy1R%*raw;Al{52^3uOj>4r#<U2ea8yCv
zO(hiUFeSR1CAcetldAb8Cre%#oZ1z55R2vq8-aQK1`kSKza0tPwFXEkL7nm|dibcn
zL^VzLujiXEDw9j2U&4&5H&^4~3#jc8-sk6z>{ZgSu~aiU<|TzXX**nTKZJnvG&OC$
z(Phha<F8^F1Z0m~Y|_Es3a1U1dz30?75;F#i_{|6`m_%UNi=VknoRZq+O#T&3c}Lp
zS^g$ux;{Q*%M5Ry`{boqB&8d|6_8O~T$bbcKtVG!xce1!|HAF|z2LL|>C0P8F4}@;
z#x7#Pl5%?ec2?yZ^Vb;Oa0A8`!3;V>Ebp-)o^!TTsV!SX1(i#rQpfw8zUcP~l0QzS
zkZ&zT^Hi-58MVI-Tx%1pPCZlzG}HTF^}mAz?kl^hI9={$z<!f1W3Y5ny{gdXlSt<f
z$EqwE#(cvVRJBBLb49B#SD@DOJC5<7efEPGmhHyu!~#|YHp9q!W*B+1up@fxE5dkJ
z9Ynt}$8Z;)X2M;%9gCJ{X0j~>_4Jk1QmuJ$&nUYC>kpaplNaK51mok3m)Ny5$-{AU
zBtsY`UZ#Zf1}4b*Thdx+gl5{<N?`(JqN$yNrKStpP2;!d6dC^sM8NT<kdr~JX`3ua
zMO)+=daWMBqZ1b>hBNDJ__+}TT}YgiD|gLe$DDn)Yly|Ej%S2Y^8Nsk0kOzFSx8b{
z!uNxnuclU+TA{XVV-+Jz2w~+}MOu?g%rH<QKe$-BT0S!<Ne~q2&ATW*a%YfxEPa1o
z*g!KyH5DPZS65}xdrUtpcMVW}B;A@5vW80K-q>*+mO_EDCRIVlv?RjS4&coFQgG@1
zQC9w_nFIS49iZ3qiwfWtUFqo4qT|3BsSkqU1215#docE?)xv|jCUSaBKY=S9p0><H
z{5W~Tn0bcXU$CzR*R?zFCYe;r=wAuX(SFZL{z5>s{X<--jD42cyg3ACd!X6k#q9HX
zOOG*^X-SdxJn=rM#3v;i0balj+9SgjAltH<5_FHpqFj9`0x!%ylW?w8Ly8S2%Oqe3
z^3QaAOg_YhxvNfdLc|KG#PBJ$ZD_}V<jat!bKocw>sCl9?=<9EU=FA<|ANHU9A!@+
z+8<wxj<g-)mZq(b_=fmtvqf(D+|=x3cMsw#r6t84pplrBpj)(p4?TYbZ4+`0JXty>
zS=BOp7%fm;sq(dRXRl;U6+H#ZaBN{ZuH+Vxn345c2LXTAL5ZrUvLI)iQ1n}=e#RFp
z_HylSU2*aH-W&Tq-r!LSO!_E;9mKD+H5MDGEKs^Oi7=m>e#T5A{u2r-e80gH0nG;m
zH?P)jZhC>zKP8g={11tG-W#i1YiXGggC<XrR!X{<j{aZ7T~WdUty&~Rf1gF6MSe;J
z*!?O1Yw;J;0VA5oas8G0?1{P!XAN@l1i_H_VMPJP8`|fl4%-N)Oc3@EDOS;HQC&$#
z%})x2)zTR_4<TyP42E68@W%Xb`}DCB3md%TQ!!o3BLfQIU+&ThY*_a3hvlt*o-^KT
z%&lJBo7}I8vT&R7<Lz~q2<o-P{)SD30ByqENwNo)0FU6<w;j2?_ws;ps46pb4lGLo
z_Oi8bSblOP5iw<XuN{%sb!$%WfpPJ^atHZ57`iW)=t>JAO@Tpk)!F#GIE)9Gj*VSt
z?D-_(!Cf27Ajb!89@kRXi}G_`)b$>@2d<+)#o-i#+aDd&*zLx@bIw6#WV7USu}-ik
zMa1cfGqN_eRo~V<g20YBHpy(d$}EM`qL2nn60Kq!1TB^t7w%IfJEF5Um0zGLXH>LN
zqJG)wV@RpFK<XJiGk-pchdIpW2C8yNQdYT;LI*wgns{@531&zz)A=GtQ=-BwSx1O<
zGMY(d@6X)+Vht1sWxQO*$Cmxh`kZG;8aTmLxry49#-UxQxJ;(Q7yeBzsbyT(kgV9;
zQ?)Q=Sd;88KyRSIHu}AE(P;zK$ft?dWPdj4lV?yyO|YnuM^<pW=~g*Tx5U=|7NH2E
zV|$fKO&)H-6Am3ms93DlR-}XJ$#EW!434yB?Gvf2LnZ{GSToP8a7a3B4}OmI0QMCW
z)1gy1(~Bw9ZPB9Js5c7bAs1eVP;s~=hm~smPwH^AqBeRn1Hm9uXz21Sksx?^OI>FX
z3VsD%FnT{}y7j=8ywxfNcu$Uchl8#F+=S7DB2?l;v*v`D((Fik=pv$DZj_uB(U;g-
zXvBhO6_MvbK=xSvr505P^Z6?UA2XsWEgJ_B&Ne6QPY}z4Vz`2bRtHJU=84&U1COFh
zag21UDE(Z^k0V!B4vEgZsT=1!l0H83H6jOgf6lU3OM)(IbWR2BL?=~s6(vZ4wxH=P
z3JAK!-dXWWj=bMV<f7#`p6GMmsGxKqn~FcP3a`x4IgxvyvhrDno@xV=o%#b@PhaFh
zixCu5!$zUXOq0<i_*{b~&--w`u*Rn*G(@UeZ6}V|A{*@>U=zmiUc|Gf-LUcz|FTq&
zRw471WVG?X;`O%}hG^Ek7u#^6MwO2w)-NL!r7r?`kk>uI9wN%>c+YiY%1cOE^~QT?
zc`r;k5tD3TFg?i=EprE?4r1mAVvhDjWy3S)mb11I&t>6U=q~h%H8MPcHh!o&mDDmp
zuRGTX8WBok-YVg7CAsp4xuDKQGHFeT##qIln4yTw^XLjICJ3&x*Rj3fq_s)0g_OU@
zTiXoZCUSsJ#=khGHPKRR6spwQd}L4-=0p3N1P-?U;QVHv4aI-TY+B<WSJ%`_?N}l!
z`c)(f?pKTGH&NsEu%Y$5O2?HP4(G}BS|W#H4Z8@E?IoTc<VkrlWDJJ0dg1NWzbfcE
zLHEsUY<B0!Xv{<C6+v@p#EBtE%j-j{WF|UofB|zOxs(YaWLPO$#2ok{7%Dq&(a%9M
zbjG^3Qex5GB}mc`(<s#X3?>*qfXnBvT-tHR;*s(6R%fm`7|-$KBkQAjgSI2O-#)8m
z4}F|;;hDt1{AsbZ@}`_UA&#kURxG{{($Q_|u!uiYb-<`p;bZkvV*S#KW6&D%!(QY9
z=;2U4cc&=_8cy0!lYz_#b!hr7!)6TS6}D^e^Gg>7p+NbD11t=nCfboZY>BDkUhA%f
z{$!?QhiS7lKRpfkwbM&k({iX;3egvnP06H`6_G8G(raPejJ9OD>t!|?j73d&8Vqf3
z6+-Gxz4+VApDE6CJ*)j(g3QwKFJO%P2;11vH#3wrZtLpQ1<5iW_85c_c<fE~E<YF)
z+qE=#XnA@iQxB(ZA!M2f_^d(G_?>p@+GF|D2l+G>P3SIr<uGdXyLQ*Yj0W5e1yjZv
z(^+9+DGw5(ka6d^D56mWCL&kSz-uTLdoSaMq+%%<@|xfZB%$06avwE9-LS>#&kuy=
zq9bkqUG6|;SAGYbOD|h(r3O&Po7K=}E3fMg6u!cun?_JxqeYG6m|)BXjbLK|d!{Xp
z?ej4$(^On{$*1rJdR1$~)$X;`qNlIz$z<Vl9F3_&WyRv%$y`BKQn+uM4|Y@j6rzS>
zoodb8=(F_I!~k}Vmr0i=22n&qEDW>;QTw$g;g3V%px7AwFLXjqU0h8tWJLcU`RXC8
z`7!K0Y0w81?$a+~j1PpNFWYJUP<+Y_D9s7`A21y7Jy<IfP>=H?FXHuok^t<rdtp-M
zf$>93!ibp=pY1{N!st4soJ>&9?k;4Cr;Hsa8&?5!_211tX>8Z&^5y>p3=TK$pai--
z@j6LA{RObzgy&r)<<eI_PCPsZb8XGt^lzQG+q@-ut)a|fd)Y)J#C7a+RBrSSKBqR5
z`Hx>!+ZMJ?pb-qR)Diql?DPK%2#$CQOuWs#P(qvXrMM*1e8z2Y#J6&rEQkX7WL*}R
z)vxA?F3IK)5e~5jP{%k{KMfxAUp*A!^(CIZA$tXXh>kaLw;>mB32z`tWuy&0?oN~d
z%7Y*LC8NMLm8)@cd1Un^4kQ?3+f$E|J|CAS_fTj_LR3y$ejeKIZ@kh^#la#dYb^yu
zbqS;gwk2{pO-tPE`UThzGj72jP4B=zxPUDdbzdlCO-i#@pIOV#Cqkqsfq^7QZ+`*E
zs$H1@)wDiEjlagf<5+TCCA|*3wx~WUdu@(?2HO1vkTkk*%Xb~#2k2Cc-NvyPd>0X+
zj`~=X6n5^oYxQNV`^3+P;{z+~r7X49s^d;aQe3YkJXi`PDDb;(>~1s{zKXUya+SMJ
zx_^Y0T*}Afk&{_bWWA>C?64-@x1pn+Nzf-?MV`!&{WGz<9X!}ov0LOG7P<sUp8TEX
z4M&65fSR?-t{4E|MC;tQNJebyM+SRZ{sqvyJ3R}Z2ZE8}^*)qec5ee${sO*zw7<Rj
z>aMhc?EWVoCAqkYNC7JV2+jp-(R=iKj2&<3uY1JDVP5}a1KW~Bq0#?W2^rDo=a1*-
zIa{0V%h=oI8KuyDcT&v4r#!fk6CoPW8$N_Nr4V<_!aV2`8qxpH8Efc2xdHh`8JoDz
zLPoA{2*<qd0{tv)EVq7r*_~NzV<;Oy$X6s0IJTyG^kv}A1i(i@(tb494A84Or9lsi
zjC`aw^NdooT(uNI(&^bAg<7nkuXHID$DkW$$L4`eF`Q|5^7CQ=8kXsXrNj~az*J?A
z4-b9|f6gL+K4S4ew%(|r>-82E)GddtjRcOk^hDmZC%Lh;^4q;rG1j80Q{b4iBIEF3
z^g}sg{)`weKDT+rQa&0ss4duHS;vKL1U}9OA+?C98Z)QrJ1}^y-C~KXr0ff1c1`O-
z*R&O~{+wMdE?!;gy3`w9I8ywe?gTrUtiy_4I%xVyvMJ_IGj$En--=0`C-iGsUy^5s
ztPHCSob;N9sl$e#IBoS1_jv7X?SijnGixH=y=W%T34z2dadG<g)fC(>rhgj+|GWBa
z^+SH06;@`MzKlJuV?wW)e@*W?ulr9^b?Tt0q*5i|qwk;1klqT?JftJ-EFO);VbpFk
z{of%A>U}{)zE-D)&;E^pd+*cDqc<;K1B~pAo&t?xk}K^sW`O0wDsW(jmlX;II@R?e
z=b>{6x}+k<rvNH~V{XYT&<wR1tecNz`-UxE*&#~R63<9i32S<gBCU1YeZ=!VcC_ZG
zowVXl%x>KbiE@iLdW~tnzX0xT1MiLb2Hl}`Y6N>&P1A9!rWNem8_viI?(5wRCt8bx
zm3rNd;KGTe(5V<KH}qk(J1DoP$zTjR5_<2xe?2KMGSTTSF2-7g{Knm5_%w;jpu}bo
z!4+!q`Gbv8xVA?uM_oC5w{@izwNSnV3N<}sQA~GYGeYqaGao(X_wyzT)Me(AQ88|a
z(Pr#W<63lU5PKNEBb|6Th0w;Ds6Fk<IIlE&LU_0*E1?9jGcI**3NH+2sDq}evx`ya
zbJs~mh5>B)?{nt#vm*?;DMV+msozePJDprL@UYWmRj9JE=x`EeK0((+MC8|ItyBiN
zPsN<SxP}GvFk(7nZX0%;$w4c8hFT5cuY8t&>lni?&PtL|3j)d84^^7lCI(EmBQat-
zL51zckoY7?1Bejigy)>a<}8xgxm-VV8*)w60<Hzi6<882RK*>TNy6Oy=;Ljw4^2mF
znCMrd9VxT~*gMB!e0-X^!T@z~<GSsCR6(@)_k&f9ZK9^D0vSwpu!)O*0V?(n*~OOu
zX|=(Lh*(6rE|Bhv^b#754fgw3tb&X5uHB8_Agecewr>0a((%L=1)QSD8XLD>b^ii}
zUo)&?4}_N|AM~|s0;O_z!d14;KV4;ke|$wQTEZw?h5W&BDe$A^kI>@xSLOd+7H3%z
zel2(080XBiEfZ>DIqX@i0j$9pR&1=sv1{MRD6cvRuYR9huF(YPw%Y#h5KwL4pYLy1
zZMQ~;KK?&g&r{B>f-5PZO3(Yt+94$;@`3dm8PA3VZg2eyw{LxG{Zn@@9!FVZr0KM&
z*v78T%N9&Fir;0cUga1ntzF?*m69?EWObyvESW5EYQs+$eOjW01aN}lk79>6J`s7H
z+QhlGoP-_S&nniWogoB+u?fEwql9DWN0<Le$VuNA4sssFh8It6Kw7XLv9kt>@nvTA
z?s>i8<J{|#xV){vUgH#_Hm6iy0-;jFBmjkznNBj|X({?fKogR2OhTQC<$QYD)t%qz
z1`H~yJs2i*W7B5pCOWBG=v8e^v8}!2*hwU)oz?SORnLKC{~R&WPVc@%xi^Ti>>J5;
z=n^s3Y~WOP#f<Q#{Aw0052>uKvSN^-&_+}zAh5wIA+Pjcgb6AKxzQ(R;hd`D%y}*_
z6^un$5Fw&~4Q$XUP(GEJM(Wqrx&n4<<=TQv=ZUenbCytHGJ~(&?-=A2W5Sp*o8{>9
z)6mMqeB+ARURof77?h6|CaoQ0Oazr}%x;C+J%R!Xy{La>Y^>W(v(ZPHF>1mCXE+vY
z+|NuUMF6}|{zrCMW1*^&L`Mg&4VwIiCG)`x7g(Z(x)6@dV1<YLzs6^V#ovJ$FNQ{7
zlpCSG{(o|txFuR>N#_FXJ-0i5rhR`fUH$j6H{-i4Ay-<=_5Ykw?ynVBY4de<zFK`f
z%sWo^`fp}Uf%Ge}23w@y8SO8iz{qI&odrC%ouB8G!ZBhTpmTJWbZf&z+mLUBXgo-5
zGLRIWu+K3fPO3hmryIuUmj4Wf-EgU{?M1S~c%I_-4wY@vS4))q;*L}eK-?k<VK0)0
zhNP9?jB1*q>>zAxnHPoXS}ST^5X32^BUL_PRG}EG=AK+$Gx2BpqL@-^PRqh4XHZvo
zvH}yMP{*fIhXDhSkPu_SwNBUIkxZB_uhT>6L2sKgZfa!&C2=C?I!e<0k(0M6)w~qP
zLgI#sbPX^%1<#3&M(S(K@(uce%xXZn$De$&;Wo7FaIzKE9L2xY!H$8AiqIAEp_IzD
zQdSpXa`wI2NS!liY}q4lpMMu=px}e3306PTs<*Jh&sBbjvSuu93;)!np%0>q#`2e)
z!bt|197L&g86&RE?H{XU!W@353kNd70HY<*O<}|T0@&7JWP&nMS<1FLzV$kni==EB
z5J=i&gtkF8HkNI58d~HLOkq(uI^2gnh!W+>k!6Z{b~v#8o|!XP6+`(cgC;5^*+PGZ
z#a%c$Uj_FpgO3u|MH5r-udcniQl^<w2D^|zMWmDxPp?`g$D3+nG_$HB{VAS1)rI!p
zT$)t*pKbW>S~GT;KvdN2k?;O|wcfDT=YNM>0Le7ghZg()(PhtG4t1*&Gj->Z-6T&v
z#P*2>m}~5`U^~-_Iw7-A49h)YB4SFLDP~cdfrl7ano?88+WdTFlj#{F-UV{y$)dc!
z&^eHO{;*$!G04j-Iv}nC@I|2L!zB6DQ@jRZTf@jXe|XcmI1$3EFn&ivz%w{$U20fb
zp&sg@{X#grs6Fi~TQ=y^fTdQg<)fFGrtT&EV72)KUPkR|%`Fi065GSGpJG^x1Oub0
zit@7(V+dVXU<S#D)sC!)uO{gYe(tARwl*WH4W$}$!Y03`F9fLtqY4s96V))SmLkbR
z&Q%Vqd=MExmX`e@59m*49!g0RmHu4AQ>BI<oURV11}B%eR?LTeV4zSs{9v*_v55%T
z1O-Y;KY$fwQMF7Chac$~8{mrL$#JBIrIstZwzS_XN0*^JW~wkfG>uWj9S#frUIy`N
zGRSq&eE@yk!>4~3Jin~$JQg4s?G66B-GPYYx}Q>`f!}PSgP&5fR-n;~qF^4kFbCJ+
z^$tKqTKOTf295MZ5tB6H#;@+liBlnfaO(W~V-D{dPnv<n>PPYkL9_%aSvfP-BKq9d
zvr32{0K?ON+<yQTXc?<Bo<3R_&PP=;C}HhRne5nsf_9{=h(wW#6kk@ONSo6my=8w9
zS0s7ni*9^{v-v-REuVBu0)ybG8cD*0hL$QA!m1*bq<<t8rmLr@JBDGZ82Iz3=n-u@
z5=0^sK>su+1c$z@2iu8oVE`Z@{}I_51_}xq0_Gq1_>h2q;NxRr!N8KUv2%#1pp&su
zP;%i=af*Hx6PHkRPWq?82qXjqJOFGk5>)z%*yCu>PZf}T%Th{`IIY2L5PoW}C@rK_
zglk~kKi?<T>uI#daq<#ZrUVYCda!9VsTFdI^VaerKcRDDB!?Zq|7|`~2is2ZBXUv|
zr1fGnxp>q4>C7MWA@U!}2J0;?iV2yA?&_$2vP|8Pt?IJeIVIH_WIXAg36;>P7l9-D
z1zOaM9BtkLPXj4U7D#1wRZx;cPZ=46+byMwh(6JEF9=EXd-RVUnZ2uVegw*VT3U-e
zh<~_s7`)V9#r;0oG%uR3JifT<%ErntD%Xl0B(cG@q!+DNBF}QypU`~}SmZ)@YILHI
z_E`NFAot8?vGxTkkLkUGnPEc8e$hcug+#LH`~d!LbF#HZIT5y;2e^M`e{8cq1hUY?
zCdIQ;zi_(l(0Z4D$3M7ucDe&E*Vg;z1H}4M{sIsRq<iDyBBkE@lBiA_amTqHkhp*5
z)_jdUGF`VB=a_nW@tM`ah3!#Q2|<USOCvaE8ZO@}%XrZnH@NAa>j2%=-!aR*E(ezN
zqzMx?T$P?Wtv#t3jnyy{n)gv`vA(i|rLQ^b^h9lgp>UlV8HUHJ<C3ZnLvLuQK7_$e
z&^3XjJq}=$3(>iqd!rNkr5CRkr%Cmjc9M<0it85{grGBw)}cnvwZ;n|-pey`m@OWZ
z>-u;LSXru*W`?rzOv(*!SPlbn<kQ}N*%(&Als!b<Vvu?7C@`SX1%rk)@~oKg-KJ;a
zV}o=FZZTXLSI7L~U)I6Fv}1T;Znb`yr}{d|Y4pYnMjU1<8({9LzV?2G9`L|!>u~I5
z)PA7P=DOu6G3!8aUAw;|1%rR9GqBgHcI{Fg4Q?(Cw}QZ01F%%Jk9@BeKaUar#EPIZ
z1oe8L1ZcV89IzFey>ax5+;(ETK_?Yo0+V4vHAZZ+;Am@uuPNue-SA84ebM3=>HeLE
z{mbRxcx?@4q?+|5z9{%U5tqyw(X>By=2<4>Fx`$e(^8II5A*~yE$$lh@^-$5T4;;?
z7QXty9C+>czBVqOls?Wd)^<1-Tmxka8kK^Pv0Yk<U27mED5bQuO8enl-s4&Pz@HsH
zSrn?}Xwr>u#|uRX#Qw<d6#h;5=)>3M@A>m!WnyG+DaW9MR?y!s-nQdHe1&JV#n0jy
zLCn!_)3wQ-KZ9V`X5Y=J^s?Wr_3&&M7jazR&+&WPUqI8{rNSEdA@BWt>QoJIM6Acw
zjZlAMNzhm=8@yxG)KvlSJT#%U-GiQf5dLxy*{(HlEx1@9BEwPEBYoK2zY9fI$|Pk_
z5Kf;6(Es`?@SvsTRSWvZP3u<NiC+S-f^Di9eZ@T!cG0>aT10jA4<;a!90pA`pRv(v
zV_)^uT0?E_Zg$76A=t;XgiiRGTN(eBvn#dJQ|E~7WH3N$yesbLBXYbdiYfjegDseA
zPhIbp<@7xC<M6eYY=qPvExDX@(p>oM>#u&WWH7wDGuUs8&|qRVa$;X&tV)TU-nR_9
z>YyHJSRE+o0K&$i|Dgg7!P$S&%ROF+1BMdEHVqt-5k6{}eLhbscx&X$S02-3III$g
zVCr8hG+n|qSFmWfUQXO+JFnCfS=_w42LoL@kdB_he9mLFwZyRrtJ9t7RN^ek5M<OP
zYPG*;ZN%i6G2O3$`h`1c!K=_5ec-%h)&{FY{~I`VtG)g?rm^XCQf=wSmk+QJ^mamE
zSL1xh3bns|4n+uFiTCxDp1o9a+kJi9Gl5aEA)l+RKp(ZZpk)E!KB=c7{D-iH?Zs_}
z2Mm*?2X>m~yP(sD{G*S^C#6hm4!A`W{T%oy6A*HrB%^{CW8CG~cOee`f7JzZ<WL)v
zq3WPfA6yqr`XZ#nUyV&%`(slzR6L7<(jV+sO?Ug}5#^>!<JfrnpV(A4X0~r*f5|U5
z^s&06LQVG^(KnTS#mgt<dygMKs4-I+{V^iP6Z4k9l}4DJlky8kOVH(mHxRd^)|{yw
z^*wmlWUH%7x)JDd|D%zRxW!V9fmM2F@>~dDuaIrqj=^R<G3Y6hPx%??oDz<KqTBE#
zi6R_xHZY<8QH85f)OS1F{y7U#4s!zJ_<ZnNi2?<=H-{#E(ah%8%|&y<RNcVDL~Ap(
z5{{Btn*{iw3Q3h=(%^Eg8TJT}AV-?K_-wvq{J!&u3vb&qYTyO;{g(y7m|pOU5w&(%
z(v)61NQy*L_XKgnZd<*@Ia)ypJ65Z{@2c5dEl89b<KVjlLx6B5e3RjyQC{m3#(?(>
zRa<S_X@sHSS~$aZ)Rj>i6Y~((*C&_Vz<SG4SF2TzNmp49zrXxVkp}tT>H8F$T1&;a
z_5|22;k@8x`t>ebk*2hd+HBjzsz|`WzO`#T#V8_ye?EbMYl}g<wzA+}_%(ubQD#)b
z(do<4o0r;#u;n*dk&pfHhE-kO4g-rceQi{KYFv&_Wo+kuk(i@z@vlMI3I*h`u~&iB
z&5eKDzBcwNQh$>@Wr@yw)c$@)6AwzS&|{asnIBJzbJ3~e1UVSa3!jm$mwIXt7Ay%l
zjkjTUoWE^=uURy@NmsR4=N<gi_!kfoc0?Fq^x%4?K1N8=Xs7}tZ9yn)+c+fz-3Mk2
zPL2GmcnpP7mZ8%HHT7eEOD=1RL%vPdXYQZWh)%$r-aFWoH=H)z26B@H`6>#rZ)(<i
zPTiBnk3HY^ewBMQJM!tDF!x1{+q^|>w|f;=;9J>DX+C7`SqIu2y0Jr+I#Eh<AKhpH
zGvrs+u;*j5ECmBt(c|mEgSN6wY4_y*0zx;#O1@BmEx5RpkF{qZFMdju!&bhOKx0<U
zyO6Z<O@<qtF9bT)13zdVk?L-NwBwsctT(kq^(MxhHjU6w8yHNTwghcjRRWGYKhn-O
zGB!y$mUqNy_L4I^MYlcsjggUQqTJ&5(^ki~ziEDA%KUmz814E@P%r_bOqCcLYw?x6
zRj|Q0NQA1BYw@1F7kJ?EUanOicuvT&EF?{K&eS!nbk6lbX7MFM{qE*nzCdO!uo`8A
zsN#<y2f1f^`1II>fAqIAQqoxP#a|Qp)}9SpZh3sQzU3vSc=YSku08>$@+3*D*uPb4
zon6dvuS-`pxNkb&b|CJbxp1(t(JkNh+8k6pgD>{=H9LHXov`rL{w})&mWlo!WGapj
z)d;M{P8fjp+}N5(ZOwgR$IZ}wTln0DKa5Y^7bJJDvvW92^4G1{alJ~es26;b`Pde!
zy2bV-c$Z6fy|up$;2=|m%TSzRSJJ8$a1?HwzW@1TcIeYQ`O6onzU`oE0eNl)oXXLq
zuT$u%OnR`92tR*9#{VD1eFan;-L_`qE=}XEjk{Zr;Lx~RaA>><PJ+8zkj7ntLx2P#
zxD(vnLa+dV5D4&3=l}10@6F7cH8XGBd*7;BRcC*7>YRO~tGjl8XKyB$(^~*CL$~Yd
zU!w2fTL22)uEX#$eX7+6RfpmTipiviYf?HEx;=q?$ZC>t%e?$8q{~=fiQnn11`^?3
z`$SsHax9-c&1&gB-vV_;tDS4R4K9USm$!MPg`?HUG8K1Dgd{>7cvIKJEJL@dm}MZ>
zOeQdoit@@DlGe&?L!LP1=aG=@e1tUG>PYRnY8<ZQ*3~gE{>Eo&-=sBJ#J)~W`ge|8
z=i@5piF~hB+7;1{OV7<9n0l@5lVZ!+{HQlP>mPXR$7*Qud|`v*Z`)Yk`kqcd=h0O;
zS^ZtWMCJRj4)=syuXJUH^?X>%nVay4Z%do+BTo1U<l{tOXxuMYyH~>x+Q$`&68QhR
z#}}`3r40S3ZA21$D)gW13R@Bn5r&lI?EQD{(b;sgWQ!{7&(C*Wiau3ONx?ZTCteDs
z_NY9B!Y;O7dWUB}>5IEs$J2Zw%4Rwhf{l2{CyH3q0ayiQdP)yW>x^+<BWEUM+XAr0
z+nSsNxpDslVt9H>R1tv9+bni2bc-;xh-_=^@&i+2{`Q6D4$%{3j;HM7olQ<}vk{jK
zO4LxYVE|Ar%&OnPoV<y`2#pQjq92V_V5cW`yp!KbpdQ<h`gMHNzXNB0>W4Sa>`mc|
zJo|`ofm)=s^4O5y@Zx>ou^6ky;6QX50>GlkcHblu*k645>VNL{hJx3=urV*UHn)%_
z^*XuI@5>!_;-m#wCuR+Y0^F2`Jgx4-%cKRuf0NTD9M)6!OuZMI-Mfm1+lZ8f^L+c#
zptDAAPHrFjOsbYKgZm#Iiz+|9tlCQ1_$qvl|Ivow7s^c_Bm}2!_S@$*=$*?g><7ka
z+r4kAR<{haeDTsWg#7XO4+#kPV<tM?uFSaB62fK5&L>Evn;<k#W5r=sB)4tiA0Wu2
z4BQo^10QXFo;<6$WuQBdNk#x=?ehy560g{Pg)uJ)F*A|gusiHHvT+xiC5Iw@@z1{X
zqsa?z6$nSG2gc3OeUfye9I)+jk&Xlvr+lXyvU$*&jxJM))z1oV=NL6mxyiSWW1d^d
zsT~MoAV-_xMB{&oI>TmdnOYf7YMAH4dQOU9GqbUDkjbm^D}^FrmGR&E^3L6-{;jML
z1iO>}-p7}6)$@#EO|a9^b8@?&PcqsM_a7_r6=;4;u0iS4n^XO#Zz{)cV()!L=jbvz
zzQ`mG-bGw<A<f{BBu98Isx;JjBh3{6d{||<EW9H>efkx8T-hY?wayUl?8$jrLu!Ha
zun&_qjmjKn^iOAoX5~S%??pqlFXirx2lP|ReubmFCVh4PxU2sdia9N$^&k=Uz)4+z
znLH$4VSJ=tg45;mbZ0Yg%R`Tc2?~NTM^qlT=_Kz|JU)MoZ2Z+^9`)}EVPky4dqPQ&
zh)uRdOyEh3QoZtokZo3l7^!?kXvU2aiX8Rx<+kFJFHT`(5b$(mDjRK|95(yUvEb)-
zPZSLb8t^|RAlh~5dw&p^G5i4^{Kopubo`x?;s+e?J@xn9`g;RZ93-h4ab2(Sebv#7
zSF9YG`uYD@(Nt+ix#)Y_El1Y73u&_?2$oI=zgd7>5uewhK-7B~A|zJ19=oj;PZKe&
zd{RvuR<w-pk$)N>@oElq@$gdeQKE4`=Ne=0@<~a|bm#X6iWC{d2?OYPXi9b=^iu9t
z^0DOJhfX^<@=%y#AQGa=NM?_RzVFu3q9Rcb2fglc1G5zNkKXXn7u(jYeG+-~p-%th
zepDEx@g5ONmdNH;H{SxzCwF8`F)P%mD{4zE;U0G}7juaD0j!>ibQ211A#)`O(VQVX
zuF>bL6Lz0#u1hP~K|LBXw(wqlppq}qDL0rp3ci?X24;4&1sX(WKxupQHet?vM4E$(
z+6iq=ynmJVZ;EOnR>_1=*XbWgifB$CzAsOf|3!(koaVVlkyM;e|8yAhj%t5K94nC~
zbH1wBKUVAn>=6u3BZlnT-#RjzG7K%WKt{2NpPn0@B-;e6HpCUi?Xl@}nrKI<o_pBk
z)2Z2`da9{YZnQ3%v})TaSL2A?RfQnnRao`ugv`k#mmLvIznMA=b=Sq1#9nMTw;{AB
z1-uE>yVHBxb{Z8@B`b_fPZjcd)8jpT)XlGU39O4ctdbRly3+;85aX;Q*)W246CZYc
zWTOC^*95!Oh|ihd!_%KfPm1pmG0?OhCE8bdQruYo=^INOMFJvzQ9=>I9w!Av#H&O?
zN5=eZk3&ZJ(-|f*!W$-H;TEhJg@}-zQ8%rmXPQqotmRxlUfafV8^mOFf$9~WTKqS&
z9F`2=aqoOBILdQZ7o+yMDH=p|iAPkZUk-WQ!H86V@x@TfzPHuOZO?*jNd`KS@<Z%x
zy6U7U6unc<#3@A;5T8#}zW{Hla;AG{5|cRXag>Cd2KOBBqSIYQz7r;vDy;{f;;xZI
z8$8H~rS}l%Y!(GRv0e6h$M@vCQ<F}0^+2HklrmMRR36m8WQ>(Cp*0P|DKNvNHQ-E;
z2$$-wjKPh)j_UQiqf6a>(@*)`N-5g)yIlP~jIK(Z%UmAdLytXWB8Vi_nLcB;ZycML
zT1S}<S<XcAb7&H1)G6uX!#|Eh8dVxO^9cK4F6)CD)IfbG_XmJ8+N@gInjWZCyUkzT
zi3|BL<szTYu_ehU4G}OmQh?AuOVzcXjL!p~<Eo)#3h9DdTr3E~o~(=TfV8HxVk2=h
zl{bvY`U4{lOIFA?$gnm*Ex?7}3TFSQp!r`4a*z>*QriIP(K7f1w0M}q?bgw47zzK<
zaLPjM)98Dp7-yt)&(ImAxl66*F9=$8FkG0{J-^5k-2U#wOLK54QcYZ{&9Gv9noMO^
z*j{Hc>HvE{f(p2Q$CT18-C@OqSRU)Sv)v}#iC9z_@-_4b$^3~07VYi`408_UB!AIA
z<>H`I;j2Z4${g^#YxguzrnAh_wn-T;UX<q5Kv!}GU|OPM7GZnC{1LS-D!fYD&g8S{
zd!~GY3LW)Rx^Xwya^FuW{_3O1^<-pbNfcMXJP}YQEj|7A*l%d%Dg>s~;;T&1Rt8%(
zSK2M_&!26E2Sq^vWjan@&k8=McLrakoKi8ZuQB=6iio+_MSPvH%8y%?Y$boj3Y>Ca
z3-s{(DQ`W&$}oB!bH-+rb3)i>6E$SVx8@yGtZtX4h1y${io>LU$voWR3RqQ{r+na=
zWS8*vqv<dMzH_DZ^C#LNeA9#NRWS8_HIs+xt?i)%YYye7vBwNm=DcRvh*FHA7L8aU
z#t>v?ft4`etGi(Q!o#)e$i6Ufd?QpDn0$*bruC0Z9!UoOHScgU=6L@AFdf>&C@MC+
zT)JWgA=n{QO(2A?{K`*j1phNTs7RbI=9G%Ta&jBzy*yo~dldbhw?=L(Q5cvH!kM$J
zNWWymU!I{lOKiV*<rmY~EAsxM%c6h7#S&LLCrZm>!O+tn|F2$Xl~(cbU-SXsr5s32
zr)8dzS#;sgOnUs}-S%S}QKcaF^|5X;?=w=KwL0`O<2zJl;*Fjb=ANq&EWCCHuShWA
z3C^*3ObsL=Maw(zI;qiP<$8k?)MWCq!pfHu*m>yTLBk{4HZGTDeiVwj3c`9LO7K}|
znWqC!hMS{jdi|DDoaW}$Iu$P>Ae*%OH@pRm*^*Zz{7|wZ?V1)l)D>$l*L+SCbBrxW
zPU9k-t3*(r?Ri5`@M5Wg*d3#l#4kLwcv*hrr4r3@nzYma+kS5`G9i<E6A`uK=M+E@
zRod6Fa(y|Q4n_JXxLwB3aMeEjbCp#ZLCpi?%)_&ScS}iAf{$h0YtC`fCGR>i7mo^T
z^SLG@x{Gh~vz~;JqY%qkxu(0;Fk-T=m9+OT3Zwb<coV5sVC6`#hSKO%N;um1XD=5W
zNJ}qV|4pk09X^_u(cuI1<YBJbRl4}Y!z|4^64W?wuFqI4`p<KQ<2uuhI-{YQwlCrK
zEP%e1v<wZ^CttS)-r1V9HcKc;(`@Qo8hUkoQ;5fAXUr7p4q1VrM)+Dw-r!vs_FNr$
zK955d=GU-gp*w=~M@Ynj4hqc=CYaa2ti(?NfV3FCRN?Ph)TOi0)x**>+s!|fSSB#|
z@k=qT=@g-U#eaR&T(1td!>P5L732h&5fNb;==cKoz5*@J+jG^nzsC>;l%rUY<TIwR
zmpve?lK15(X``dV8p#Y$7iW5u=T<*6oCz_My-yeV+4*h=kYz7rr+Z9B{V+F9M@8{Q
zho%_DjlU*<r+2{e+tI0Jc+9?URfQQdOriRdx+vD=$#W7e#KSyf>@Hz3gmM5Xt7RdL
z=nKFBAlVvOT&@M5sYirrbZWDFc-6A-IB@V!?fG}Y9u!SgmzbglsFKGJlj=X$Udb4(
z?+ZTtca=}r6Hwwf2u<raesb!fono3@F2W$|(~G8{Fo!8bo}pWJ*f;m$Rel41k&sq6
zdQVH6*BP+$4EWIJ6Q;xr-074Hi&QUHc6`U(0K<tHC0BM<&>jzSEz<4Or(Ulibg&v|
z@mS}3e*T%SX9lzJTJ+NZh=AY!d3hW?3VLR!EAnLF`O-blFW*3XqTLmM;${}>bHd}`
zFd@)#$uytvloRe+<Nn$U6eO73bGQQbf<P7G0fIUNoFjcK&6j2NRl#}ZhZBv%G7n#k
zbZ$WLYQCaFiKVK!dLx-5OQ*B&t>g4R77RfYEH)D(pF?>lgzj#Xb@l`)w6pkaFMy<R
zrif+TZ{uy}i(*4GKf^vhtgu16N?xocRU%g5u&bZ=coaG7F!6k9JgyJFo`60vC%A^P
zQkuD|cAq}4!C>HLFUNP*&M9tZp`dRAT9Z+E%B!Fk?|B+vWS-9NgnN=aQIFQN8=TR>
zr6AB_-(Sf+&Or@3$fs5h18Db;Qz>S>>f>gZ__X=zMH=@>nzrIDVI96_`?MfOWE<7R
zlVdu$Ie+)I%Qxzi@`YeBTv5{^+0JOZ-iXmBC<skFQA`nv<exq-mmAhlgQCDQ!ED@d
zN-Er_#)^#hgy~4t;&!zJ?5j1m*X9Vae${9~q^8|aYUWd=r*k7(JmR^xqU{_iVi_=!
zJNfMlb-S0`k(fdcm24-nJ%n=5x@Ct$xdW00PL!{6eEdSREHLqutGMs26P_O$o<yw6
zAm}DKw7$1hM9&2;sLe_kV9X9k=HPDZ4e3SPro5q_QT?8{j4Zt$pITLf!4$SQUS#8T
znG)zfMSnUs8sJ-AlrZo_@Li0vboQfIy&Xk|zB#p(EI&!R%eKufCi7fpAfu%hZROwE
zT**gFt8-!gZ?$~j^uI9|>;qpsGQg-&FylO{2k~TwdD!yNw9>b;ovi}Y7$O*s?4`PN
zwZ^5wYBUchQtr$FySK2+MbE7WIsa)GUUaf2|1*;Q12G}3f<l)_P50kz$_!CSk$f?m
zkn9yKDR+Rr>XxX7-cgC|a+V|YFpCz#uR*zy!`}GLYUab&@Q*o_cpe(Wi|c&QXWl)}
z#{ZTxl!#~XbpV8T7@PutbEeAr8wlyq!=;d&8sw0+pAk=Mggc#MmA*yAh<c%?D1cS=
ziC$6}X+bp1s)x!8b5=G<>FF}%A+Uo!NeFW}^@q|sRJUO!2(pNsbXr5i@?Tk^xyWB6
z#G*SDXn>MHiB*(UdZ@b!yX=ECb3J0yVxzEHA3jYX&2-0*a2Jw`p9j!wz4;cGi$m6W
z*Q6!{H@o&l*`5OYb16DVD;!#YIQ-`cLKmUQBJ>GF)j%Qv+Tl2H0(<LW%Z6d|*tFCi
z3aZ0FocQwBR)2{)<}oczd%T9YQNwW*1oj?=Q~7qR6zp^Cb6A7&u=IkbM+I_+e}`z}
z{=ydcf2*u1@MjZr#D+Bm@|_D5{@xM^<>Ah-T38~B*sRd5L>1*hzODYQ#%$tIz6<<+
zLa{W3CWw6g09@#E)L`#p57@jnz)!R`m5J!OWnkl+YN(A}A$)6I&t`yK!tn=StN-)O
zIDI(g|8-}$kF3$HP<zFp|NnA&9HkA9XS*WSsX9j^4kWmAaB48@6;!-cv>)C`V&;+;
z@qYIGW9DHyoCD$FMpfzC-jE7{6J3hQpzy@o8<l-VA{lU?d>`7EZ$*tTAN#n#1!nhb
zpp6%ij6lptc?QB*h5x^V1f?7lK1i7J)d~6dLrqmSHYBZ-kS68A`aiHO{*R<={05BY
z2$Fh$7W+O0-s2FaB8AePhf)}(0j<-5PN^VW6a}3Gl&#<RjbW*ya3J{e-YDBNWtp=;
zeC>O3<q@;*mHp5uos21$hwp5q@&EVz4*)$f5+GETo)8oD|1W{^i%o(@4!^?SN#J8s
z9)hio9bBzEZCPDOl3tfDBCoI!b*SrMe1AA^B4c3l&XB>F1yZyr{{KFzdVc_BZV)eR
zB8ZnZQ~(+>3MLX70I>rA$cVQ%R5TzFF$p?|K}Z_|!J+ugrC?!XViuP3BvsJS`-??^
zh<NauMKOY}vBAs3qRTtNtGhj2b&PH2MlBX&U{1)|sJx;OIXSy{d?KP`lis0Yo%Mnd
zMC3YjplZYRcne#5!u!s>p|9**aXt~&mb!L4cID^*|JWwcuK_YTmSVKGymrCMm*F4D
z8`$r!RlH?6GMA8Ad~B+AnC^+aw&+QWe@_QR*Ep39e&5IJ5Wwj}O5xbc00xhTm?tXt
zR}9oB-i*zQdAq@B8^Rr7jq%q>hY0UtT2Mxv<7NVLYll1g*GbxMeo}nD@F-Z|>Jzdv
z&NGVJosV_1CO2kVNoH*t!|rDdqW|oBpOx&Ii<P>!^Ml#f*B?ev;^+U`r;r_E)ocaQ
zbDq`M7GISCF{?YzoqwTJ5j{y4eJJ&6T$zBp9LwT-u!<Kp&YI9s2g_H0TRGVe*yBo}
z`S1fZQBC%~R;DVe3ujEM8y!hre?K++5fP_wOX2}7dboavSZR^{t#QuSK4z3J71Bx&
zQ)d$GG~6uG2pX#WWe`<jRpBlM@8e<u7M!Axj9r?3vm4fkVI^w{kdzY3JeTY?csC0Q
z`vXwf(UxbsE&L2h!aP!0zhJC!@_L8FRmAf#S%{0ghTnp+$Fn4;QQt$AP<We~|7vTg
zysU12kZa5)EHjpc@5MkJU4*o`<%DaOLEsnS7_OsV>P_N)$3coEtox1gIU1WPZcim0
z$wrR8yeQ&Q6UUYty;rUk(2;lSoQ>8;gcD3N5({c@{fG#iX{NbLN*C_5aKld?P9>m(
zW~!4^>CJq4^@(QhBVl%*$2nzgY`kmJPrGSOhS*;kIKV1)NS?Z;?rSPhy<n%=UlC~S
zw$-o~BJTqyb^5Tz-KZUScy?6F!FNGYq`NA4+XxK`@`#e<Q@!2;j}tSsDc&TB*{jMA
zi_<)h7WZlS0}%g4+)W%;pASO0vHvrgQ$PvBQZ~^Ztf9H7ndO%Oib}Z(jN0@)sf>p#
zOTd|^TEvB+nxU=MbNkk*&q!iR`w~?}=MDO*+9XQ*&Q%7b>T6!Bqg(V3KE3+ke|G`)
zx|O!2AIczQ^0MZ4_-LcCi%LZJzCg@wh9uSItn0={ApEVyol>!W0|nM<*mwK*g?cNM
zQXA{2G9y}=0Qs@XRVg*P_%X>|*B%ce@9i>oT?(2NUACM}qC%xSFkH{MS<;7HaGb(^
zr|F%}m$jA!E8wtWdR_01t);{dyEJpQ7S^W6Z;li9&juC*5(D^cM8P0Zm+vFBd^*Fn
zh_Qe$n4t3<cdFN9l1w_z2%}ec`hwn|95g$>`9j8~5>;wtxIvcj3#Z)d);L7Hy2|Rq
z*6ix5Q^M}=6zlvvR}r#aeFp+qG#BjDO*?b72J8vKNO}?cN%c?j9OJY@uim=|D1+Vg
zx;+@A)R+507!ekYI<$grm`o?hw|C5&W}MjH>B~GQGPq<&vdGBGUl5Sw1buVAno+x>
z3_?7Hyv&yNE>*a3Td4;xRmLi*ZpDH*Wg@2&a7O!LUZ$5^9)s?Wd=X(OSmr)v3FBVM
zx-lDTbnwfb8of0=Bcf0zS+$vD05kE>66EJZ#o3<HbuIr2A>Jf2#*y^j3GwILe4!F@
zgHS=X%;PXupzp%Onjv2K(}hXQhaZhv%#9^gt)e#$UCB%7hHQ4J<*b4hw40-ScNS_B
z-Cl-L+ci@6vE8wCq9?Cx@b0ZEjosOWqNmisc(IF<^Bo^u%g;)h`ThW;Nhf;EwRDGn
z%R4w;?)tL_Ua#loNhuBE3>AD&iWcF}*xW<S@ou6CwaT|8%9P8ZnO)@Rc3-l#_1<M?
zcjs5%G8`hR@@z{p>vh+6U_aF@Ea5Y@pV>TR_*o|c1F_lD=t}feVM)e~TfpV|C&~9o
zQ&(tmR4gF3wg$)Q4odMvpBfD?_g%y)#U!9B96vLJBAAW2Zxj0&`|3u)a%YEh*N_XJ
zpw^c#PI?}SO|h%N&#HNxC}1jP3_EfzA)8rDfxf`N{l%nJTq*ZVdluH_xb?*PWLBl!
zJm-$cwVLd}dGT60cc1Br`?hBlb4q<a^J9QTT*~ipW@5bpDap1{yl;5gQ^@=`2}F~O
zzK%unGSBnuF8LUydLe>+6r5RSm$$A4@V!nO7asM;$D(B?YxVencKHtRa8tIpOJRyg
zW-z`?oYT&IpG_@7fj)dRqjA|{Ps;!~RgUYjtdW}9NWYHn%(P`1OP-r-tNR(n(JDt{
z0@)K4u;ADneR`pJHl5KXT;{%oM(HrYBq(o7=Vs$m5n!_NiFQVKF7aXOGv*s&EoMEV
z{v-XcY7YM-31E_8FZXP(qd=ga=Rp#JZpiq<89>%m{Bd4%U_mD_QQ`tSg#jh$Xz1ZB
zv39Pzx#zGQ4#R6zzVVSv|0wA>|GcE5=URB*-%Fb-F}(UR#6jGovGz(Liy`@SM#jN$
znc1z=NA(&T<nDtX(5#b@IwP^Ow5$#J;$`a#^2o%W31rkJi?2#D?fgFKw#`~5tIrLN
zcgC*6D-!TtxbBj_%xh8c<u?x9OXl@!b@&4y_2KEe2_L_e(Q#lCTEsvFC|w}AEG4jy
zCcvaVR^C_B67l!{&yTm7MQi+NFPTF3xEW@pMdQ$hPr7723d0c*YTDJr;HtQ^U46t}
zpBS~4CZ35Y80Vah(HO7$i0&taY)0iu*=?HobC0FG3QjAriNYT!3JyMNxD$ATYQtc4
zp^CbXoSc{9)u(D|=n~F1Vs(IJyt?-FVV8nzhT{w8SNzPc<7!mRD^icXF2e954<R-G
z;@8kU@uK_h4y6~ac^}n!I$%SjITd~5BO#k%xk7f29PiodNOJ<IkUq*U1`iFTkND&!
zj1ha;l5l>ZR*c;~W%iU3K3|SK5x457>l0g~U}Cc?6sHjM=UMiDR})iE<(u57yyJ^Q
zUv;u$bkQ2)?LebG@LD&#6&e;L_=1Adt6MuiDWVU<8A^azfs$6z$K`9TOcrhWJhCKq
zOuCleB)i6<t9c(m>_Exz7xK9Bzw_FA>kIuQ(_eX!Rn%Gw`?=g0HXXr=j@u0)=s{?g
zmM})BnrP5iD^>*TTk6G##uc#%l4w$2u+4W#OzY;Aau~_`n(g$VwvvYBFXgi6?%02c
zrro<)uhYcn-WgTl!Dex=9d2(~?GqwQ2WbWRITx}n^8Gw-_HehkM6CMEQ*hom&*>T%
zNBjYxbUSnK3qeo17p#edIQa}|mBP#@B&tr<^9JW>GZCRg!r}q3-h;ilAJkjmb$Y>O
zG@>z+w;A4@y_55{J^T`T{Y$6n!n*<3F{(RR-8P6`>aqI)y`m*~)_<%W{u&w~Z)Ixu
zjH;9dk}(l6o7*BTp_K5U`o#P6WU1r@$Hn0JM8fus$1*UvNY*C9PFL>-OkW^K|D7XV
zRknTENQ(n%Z_6$IsB<&q*42A~PVxXUvy0hfkb>5K3?kp1J6VWLtiH-(cNvrjo;V>j
zt9^+PwRpiXXH~aiHI)Ox9=lqfn|nQeJ0hcQJ@d1zK*XBPz0TNy)#5&|F!KUQpVERN
ze#LdAs5Rx6d$!`X@C#GQi{2F*YrFBW9)~dzjgvnBEV=uc8M1fz8AiU2cGsJlnFj0Y
z1wsU`b)C<~PYS!f&ct_pP%VBLn7a6H*Do!y7i;kR9DEIm`eU|RnTCKMG>6&rz_Kbe
zj`6cec$f1+baksFYu$=>X&ukW*VpauotzT{TUL?_*lOeK+D{uzDNDys+7bC%35RIg
zHnpOyu)tOVuPG!Y-#9J3DXAiCZIu>l`>LhOI<o#+8Ic`^BPlqWfKZN+t9A7^kcJ~E
zGQ%yQqaWMy*^TzYPBLHoOQbuR>iwLhAJZ-i(dCSj6Kyew8yFBb3^kfMrzQuuG0aww
zsHo-^xsf6ik{93qD+Ac!Wt-`BNe$+gSDu8apMn*5Oh3yMAW7!liwOTnko_2w?AmId
z$F+>;Fq4*vEZ5dQkM*E7g`G{U$k?v&zvK4s-&g;B9RIaJS1cels`2vEXEmtYW5Lvz
z&}GESpoqfEnTQ9;k}T*x`rQqRG<yZco!?Wg*-^afGxR_`HG-?CwQ|v0UQ^L0yGbeo
z>&vwYy*q{Fn&UjzwqCXnLlHk;XBb~+X$>d==e^TfPKH5J!3exugNLnFNn`w*p(vPn
z-qyy;p$3GLpiDR@p}fUl<HkJCU_Db<&VwkV)N27=r*U?IKwyqFIIW06@^cDm`zQA%
zbV<ob15>;Bx)$O_;)IQJ@^fqD$9F#Kl97@HHcK|k^l>5aZd}{=Ir`R<)<bLMxlUG9
z%)Lu%u<Xv}OXutHR1^#Hp!kSEmN#*1Pq1tgW+3%-E0_44!@h8ZJ8;gYEa^MJl$h+M
zz{wC|hFyrbuKKsk6k=|2ZIE9(Lr~oc&3?<>S{X79(xw@5RE}92Ty0g2pjN>jw(~VY
z!1e%CD>}zRyVeI*$Q}2u+dK5&$jvVJ*p$};*#qgr_<J&zqHi51j%Q=@n^#oVtvB{x
zbGiNiz&`2;XE%KO>@od$J-b#CeCzf-_oFiJJ=fX9^%?d*eIuya*|2y}oqJ|==gYmn
zIai?ggP_U=0Zl2ci=cW&M5urktr*A$OOAn(KwOX1&qnP`8M6#YYvtwQIiZWAN?1XR
zvr=}jA?k8;16#*)I0GpWfowR>*QOdq{8d$IVcC8`@W^`R-^yPHLPdO}PHd)2o5_cX
zaMR=LIKB8|6NEdL!<P19ZDAON0^-lvnV8UZiR~rfnWd7HYmQ#8_JZ`<;EL~&+v=&|
z@lTQBN-^s&Lj^K(l155@Vazsr@I00u@ix7bB)$B0r1=}FTXX^b*o;E!4d0gYEbi1c
zXX7Cz!^Zii0l=B@jRJSaXx7w#xNLrb1F(7jSWfP95RZ-hxW?Om0TjBS(!V(i<K?of
z(mRi-vavLNze@pfwryk+DfJ)ItY9WmTF!k+-(Jeb44l)lRB~O<UB9%A>{(Jh9-i#|
zhMQ<gt1>D&jF^sPtd3xy*NdEzREx-XEYuuJ6-}A<WvpWijqEQQMys|7H2b@ogI=Rh
zm$GnnEqXt#<c~WM?3S515p-l1%c^-}JjO1-IH_k(m;j;-MaqXHQbgKOd`jt9X@BPG
z_A3=AC4e(Sbk^ER9)Xlx8P5lU^Pl2IU~G|+=PS`aZ|4yNNo)1e7Q_YE+z6Isem-OL
zda)jNIYM0-0#mbF2CCVus8&c_v!<@SksNk6EqV{GSMLsd!<4!A>kojZW2zYg6sJdO
zM)JrnbM1}zu+nW-%Q-|U;>yoJ1~VvH5Ip{pm*{ff$VUc~i>G=ikEw`^9I}fm&vs(8
zj#2RpSqxJdDzT#3o>5<Z{4Ywp#z~a_9KHQTe=XjX(uA4Gx*VeCUMG95a*<u0+a#Fg
zMY70X@!xeoifbk8nB9!KExUTXVg8^+aJiL7{pxvogO`DgBV0M{0eq7!qt|!e8R+wk
zCwPmD(b_hVkwqlTO4P|VHA28jtgCi7G)HXgnRaxJb;`Tm%7#f<j=n)uW>6=3;tJdF
z?&P?*!i>zB5&1A)VK>(n&-^i9^psgcdSTH{rXtp=0gb@37>RFTK`vYu_;1ySBHK7N
zQ{_=|((4K(8?JWF#7**Wp>T(0sJR4E!1-H{O%hfa9LUStE};txf_d+}G>Ay6vfNyI
zW!|FhQb|fZM-ApCS!M$J1t@L`r2BfFM*7C{Taz|Xn$top^`5_w8H=g1y!>+HACgU=
z`F{WN-1#2>9@+wCTl!8iG833j_J7kM6P9T6=}DevzBMDw-f@7$hGs`b{l6$t?(T_2
zR=M#XdS!#JD*`StNq;cOQ&9(Nl`OD8s~ByK`^s+3Hl{v+rE)fEtU{Bkh%<aPygOs6
zxO&5sw8zce&a*q%9+fAkjx&@||JHZIz!Ev<3fE^;Rnm3-8LL;iXktDN!R7YX#qPJi
zN_}k|*@p`SZCFRiu(%|Jm^rLrkplVgsw0CT$9dX*DDTdql>-DBeVH8ffPT*t?ku%%
zCO<Pt2CvEPX^h|EWeC>=C8`bI2vyq#_q0@MFl+9!+06)2b&)2x^Ky1tKblKR{KxrQ
z6?5x(b<E$LMkq=kuzg@IH5QZW`JIQ>zHhuUAp2hc8QA!j67v25Ad^8@Z6*Jt+Mr^f
zqan=7zgNB?;?Dl2+UTT}pb-6zJ=;vksEvp}OV1}Dt1EBQf?(Qsp?aqFUd;T-v_U~a
zFm3(-yp>Q&wuZ8XvW^H(g2N-m>+x#<D_E_O@>4NNQ>W$yM-e%Ar)jaTs-RL<TUKRE
z2c7uL+?)XvhjCIV`P?|M0!aKG?52EjfF87}mo77}<+nnh_=hjDvW*^PlS>6nmAb+(
zswQWIp5v(Ud;VF;D1kxA{5<*;B%hHql6+-RN%LB6Ja1J)p<Yt;-Jf-w;c{~-^A$-U
zU73nXg-N1e2$$hGF-~cEk%sfmdy12@y^XmMx>YfC=*r3G{)NYxtA-wzBc))L&J)}!
zch|W}Ur)~5-U8upi%rj22&G2FyUGRol`<*<P~5ljp9alkd?<*<RC1_3D(H{>6jkA^
zyX2=MUioG%ArLg}6uTvNT-yf!c!}x=gwMQL!;}Gr%Qdo828BX>f;vp}KB;I3LGKbz
zwm9EAnMq8WNQ%Bfrd%#=7a_t*07?uDwi1V_!IV@zimdr?tMhhVs~w!f5^<|AupS_!
zF!x5q66!b#;K7@`eys}@=&C3P0|j&VXIq0k8ztE40_d)8ayNl-wCfsSP=;;_R;_?E
z6X{V-QEt(D00lJ4REYt2U7?x`O-HINZ6|#4f+ouPk2A{hq_6rtV)SzIXDQDVKe$tH
zQ&3|{Th;S4-iJ~2JG3SFArmY^3-NkwaH$;A@x96KYNqlR;>xk=eX*Jdxgjp*=JWu@
zK9LEXR7xj$*ELXF^{RAalr}GtR7XVY_r$EsLV8*%qzR{$Ga^JtJ=J6nOr~maZa%up
ztZO7GNyGq;-V=Pc!T5@)r|-jNs&$F!Mq@a27SpC-I3-aTTW&N}0-yxnsFs{oFL)sS
z=M3byp_s0wD=)FIp2kZ$B<&3p4u0bJrW6x>x&!ViM#zl_2S%husBCR!fmqoW%=-!9
zql7*<HHzLxe)&-judH^3X6i>={0fHtbPMO8E5|1l^2!?v>(j=7_sYw`wm(q`<^oFq
z$5(7_m+}jR@yj$?PN}%2h}?CMU+l0GSCzEBrq{C4Pjr$T#PGhD#FWaEGs#cSm4#^M
zyV2;}zoQ)nf-BL0PAsJ=l2AzxQ@K_r#ge`FaovwI+@2@~Gn)0~u}v9$FAsG&T{XYf
z!A|b;?qddEhXqVJIiXWYNo<S8-kKt!#R?C~Wk$OPLBdvXfPx#FLNv7KLrp00O8!(|
z9V!K%0w!&>s3l`$2IDIkh{$G<2f`HbI+%%a+>>gul|UgxMJW=$0<q9FRZ}FngeLhg
zh~BLxOu-ZjS>v?)^gR@vfixytRgk#xD#09pC&*8q&Pbm@X6YfH`C+|TIH9Wbl16!%
z_D8FR`y8@PW%E%IdWU>m$8c$I#x!NR#1BG1Tn1^CaH&JgFD;O0q$xLiJ8+&0EGMxr
z6r_)daEaC2jOjko)v|jTmFRbAb1#3dtlM#Ibo;ts>WAcm4-gqO!Pcicqc4vLlYV$z
z0~F`fYK#?mivo?M-sJ*~i}WF@e)K&K7tnIt+bG-VypoqpJe>de>J~rBd?U>A_lVn*
zGdUwx+tKIdp!GT&t)hBrGMu#<GKz%TtdC6LwHq;?-8RV%Y{=g&6>zt+yWIzc@PhB<
z2PJR$gBgOEYRnKlW0YKCeiqZbd0ZV!$ZSSczgI}Tlq!d=bYzvUt_c66!8&ECA^U~G
zv{2S9I%8-(99cliez*D;g9XBv4EV@2AAA<|Y|m&XkaNg#f*BbA<;SC+wMQ%SuJTh<
zbtQul9~C;>X|kX5hOtI{S=O9SqvCou?jgAPvxxWAo8(6g2)e1b*;^!*E^ZPw3}BsV
zi!+FR_$U%sFGf2^I0W2Se_<;7VW7SmYXjF*R=jtrEvZW1kh^{T9LVb`XpiKd3TW}?
zrf>p_uS2@(A>7OwRJOlI4KbC9Q!YBd@!+s^X)y-81)>e3O49{6&B*(88v&}t-2*-K
zd|y<|8S#DqcX2K%oo8NSy%jgQKM;Bl^K;Cs4n;QGFTx6F(NRyqQb|D7QLs=+?l|8f
zHo3m=V<V6t!G-2N2aen3HG;&_o}dV+#sD(sflCB%ldI*BX2VXbabYy4iv#62C#EZ*
z1zQ8<DEZtVmAcev<M!y^y3;K2t3H2PjPsM5f^v?^#RrT~e%_}kh?maZy$jl<BSZ;L
zd1S)}=~zU+1R(*!+?RwSKhHSgbBxev+2T-AS}>b4BXfh^YyB*{2FPN-swub$ZOs*Z
zlx9H~j%;$DnLC9xYpv2eN1P_R>PSChmdI0cpWJI@kAi9!ft_QhTY51wBw-)yvF_d#
zyU`dtX^3gnkh7v07UTxj;=!v*nxP5!iCA_NXOG}v-{si!wvW49sLnl%GfH*3t?1TL
zlaWHCCjv`69%s-GON55$-f}&YCF#mXFviu;;*G=%%g@6;bR+{$?UTllHQ6G#Io7SG
zDj&11FzKqVobO+Z`c}_~8X057M-1Z1MOE-X39>`2D?TCB;u5i&ar3oBZDp&6N>4Z(
z-8f)LLJ}Yi)V(al;aH3#qyvWO7NtD%%tVW-1zu?CQG;0qGA4JQpLb*sdPzxoNMrP~
z8Z<D$vami?5tMTRXw*O+mzY$_25OQeCo`$W7+$zz3bG>3MS_ZzToQaNsSaj8^B7hg
zxH;7yMfuB}<s?-p%XM2#B5y+KOUe~b!+(53Uv5VwDM$EHQH7NhIMIvu$LEEX8C11g
z{Lq(}0CgGK5^n_!)ixb_vq6;Q!|t>c)sm|<YtVVa+XlX<VB&=n1YL^At_!qP3~a9t
z3-SQ*MVylsvAKnaOnoo~7?~ldjLM4TzLlAzaD&t>=r3~&pfJ|1w$qp~B_<%9*|0p#
zB~i;`=fwx3t;agWN=nJ{+|{$Wb!{_8fqYZRd1}3}JjQaR`6kJdpS?tWMy1n)Q*zmQ
zPD>j1MznD~t!4I*A{7W~bm2J*<uQH~)SRw%MInK=5C<wv`H@cWV%jPH3@`|edspc{
zgSPs}+p{?m+t#P-ogw*hCAylM_&_f~(OE1hZvQk*m&tjFX6oJ=OBDOclyM=P1F8v<
zvA=Eo$!!5{O=2ECtjpF*GnMaQ?2*Lw4xL38<+Stp*$aiOVI8*F*VD)MpDYVr=9tU4
zwd|nH$5w9?RUfqDMg+t$>V+{>27Q7+GB9Ns`l;krTdu5#*pw~;ODOx8&VgDlZn?3L
zZ?qi^D)H8)#dBmkH?&eCKTUTcUBuCYs58u`rc515ZKkc;d*Cw|$cvUDRA1pp>swB8
zOYR&q3nxwe^40iE_I=ZcFUTgw980ZTb4YHz1^I^E7HQh&HOaE^dO~Jnh$cArDNf93
zySePUW)iB|YwCrbwC?^i_D`uRH=*!6Fk$G^Sdj>m<v>0xVy570dEsc~EylvzOH(4W
zGd^j<9J~ooZsg34TY4ZSR#=%QO4ah=IvBt>?6iW%DJ0MqYB<a|=FCE9_G}KU?hd}f
z<n}B#a~2SWEFvD9D;#GeVy11T;Wy-?^Obwk6h#UX*1zJ!P12FdJX3N$ozat&MRcY;
zaC7EBMCcSNC}kOAe!VJ#^5TOjo!rx)^%YJUmS=~Pq&Y(7)8f-Y-H*F_417ZFfEVk8
zy%OvmC`TWUAgFRcM*;;(*$ifloEG-@DGGqL@bW~?x!gPc?vYW$w9nge2W^ZV!s4GN
zto#VEr+d~^9<yGJ!(E>ws0oECA{;m?%~&pi@PtHFN`%|$u@ctTDSAw;)+ay(Ae_%<
zPvk);N?RCfe4tNi?lo&6cWwJ+8`D@5Gb)UgkJ6-x`t9}51|q)NX>^n~g905aReRG1
zFG&-OH+FwFvveEfOJ|a<w7aGhXyWBs;mb=cp&KvQcC*yt`pB0}=I>g5th7}B+oj<Q
z3=e`BD^1}Iy<`>;<S^eU-=({XS`C~x%1X&f`Hg*uC?DEg3ai8#>>7pjmj;!7zrf3Y
zzQ+;G<m@kb+Fhc_@>kORGD<9yYeTz{D5`6ect^W6K)zdzG_Gy)2RCXgq}Hj{DRNqY
z1I__w5YiE;DXl35DT18g9C-j`t#o#wzAv$jsXyJ~U)&YN4@(EXOv`_W3sd>7R2_*R
z<<v4D2s+NO3i1q;rNA_mzP;7{l0U0s6V2oh&E($DF4@p7-Y_T&kgp1mj|tF&?3;?d
zg8qgLitysvAjObsNDZXqKRf@7tX#^|Um;!r|NCiL|4)hjAr`eV4nnd9X9{;h%qjNL
zt_%fF2=N-6Maam@DH*FYFGJxRaXm8RfcU>cAVRcCIc7sjb9;L+1=Q*9v)eXfH91aV
zhZ0{5CKP;60gg!`X+bM7UEjG+OFUNs@KvG>=O9CVrInn6FmrNhbG?_XPJZ9lG<fy3
zE(4e@SPN)=lHtu%kM5kOZBM}*;Ye&HF|Jc4TW4Az?=bO$i5u*yIbSe4qK|KhVz0zD
z;jnip?BF+#iDoV(ak1k^fZy$3(ASs9O1zV=7Z1~99}uhhFDKjmeM*puYEfkL(SxgT
zAG9g%iUqG_9gjjk&;NJ925tVnXCGKS&rjD8ZjKM&vhs1|s58h=B)p8VCOP&>HFWKW
zo6;~-xLsu~n>^_fT+6<%ufyl0DRbTOCQS*a*5CD72N2sZd=y=S>M3Bj(W=0~=+M_A
zV%@ovhuSt30K+6y@c|#FGCC+6RF(o(>YNZhCEhn7&3k;+$FEm#YnW#qVT5W-F={Bo
z?-GZKBvV<tUH2M|2=Lbz+tL%u6jT*b;}}3}^C0#?y~K?;nZO+kVpmPU0gz}J+fqL4
zq|+Dqg`nRvP$wsvc5x};3og~iS$wP*)V^@*9=@#{PYp3JHRzuOpt+*TA^gqym9qYN
z<#b*PC<OKTYhi6mu|}T%*OLMSJ!gd^esODXki3&&5q4Mq+4*r7H`}pdX^99{n>Qp}
zju|H^r?Q{CVx*0pTozeFx8JA!!=?gar9cZWgivXNg%45=YsO@zpy7wi3j%LSi$U!0
z8JDh^YaKr608SPpkkfZFti0h0kfKHV;Z7Zz#rC4FDM)0b)`LQ%axrn#6)Vr}AkUtA
zDH7mtHH_}iarIOmYtxz7-AQwALs%a0YhgUL;||hD$83kXEO^3zyt>dQGh+{Sd+g#l
zKknB2hX1G1*c6$9Y!2GvCAm)pqU~`<|FI%R&-NT&AxulGDqnAs{R{E;_<#Yaoqrlo
z#@g3#A=xc)ww?y34|8=rS;<FQ{pP_eyUNi`!dPkGPzsE#*D0iX;o82Z02FKirn*Ks
zyv(XXLKj&LZ{tMVIL0DI!N~buwmLR(Tf&*Kc)uCQ=$kN&&dVsMt$~#jx6YPiv-(vO
zr6ryj+t4viGlCRF6R-pX)q=|=qa<(*F^T+_5~tkqAFtxa_2qVA@gr2LaNaT^#m5!j
zc*PG+H<b}f17Gj>DRx$~8pDU+0wfzWesSyDi~a>0G*HZx7iqM&jMA41L3^<`BfxLz
VOq<NgA5{LkU{2*nvXDQP{|9cp>bC#@

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/two_dm_container.jpg b/docs/userguide/storagedriver/images/two_dm_container.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..18d840d0b053d898b236c6f4bd3e80ab14efb422
GIT binary patch
literal 65447
zcmdq|byQqU(>RK5Ja}+-cXtUSxZB|F?k))tf)m^&!QI{6CAhmg!6lG0kmq^d?|06<
zYn|`UdwbUEDebDR?yl~=r{~YypEcmMjD)lV0099Buz)|npGDvu00r?}o@*#5C`d>+
z$maqL1qA~K0}lfO0}l_62#bo0h=>Xc508w2jQR=<TwstfurScDP{H7HBY#yPp}~r1
zi13Kd692pMrxQSX1qnbZLqVVckZ2H4Xb^w80U`hbfP@6Q2K=YMz(T`8KtjEO|FZzR
z`pbA!{STMHO)#rgQIKyF=X2}3bVB14+!q#P1r<G#kX?;3`}7bll<tw?3l*U|Hec9s
z`3;#&muvI-Pwv@i5v8*4FD$HJIwc7k1A#D1<Sy<XUX>8<T3_hETUAQQZ^V*(x?g!R
zGRkbzU6@J#GD2p2zPuV>(<rt*`%8c*xfWO4(F-hdzUv#y^^+~9u)&G^%YtOkvZoD4
zt-gYhwAG=Ft}6=HuBvK(;Xz;p;m(sneM9m$AMk&sK$J0j{L&lmwwq`b31QRnA6izE
zmBV*8lC;tr<brD$Zydy<*8j=YC|0*i#HOEW{^Af|99~_!3)HN%Keq?W#(}?KO0QoK
z*yg*7PIk$zTvPiG8DCxB8{p30;t6g@89v;f==dGI$RK<Da<55@y3AiGdY?X1;$m^x
ze_8epV(}!U=U;)dZQ^6+Z*z?kLzX4FZtsZ|;P~znQ573Y>&jo6;M(o+-jJO!=nEMh
zD^oBPVu(f~27LVHo&N0)r?~msH#D_`UvcVkk>YXks(s^W_>`kPm+TMYj;sV|%Gyvo
z_alTJ`8Lx9n<WJZpTqLGH?$ns{fLHU5AF?ZLOB=l;tsP)g9%_09`W4GjuGKijFP(@
z4)!dEvLk^fMy5#YrnyZ04v6f7%Z2pQ?_!INPpyftb@Kp#?4?Vr#uPwwfxR@2uIhvG
znWx;r>Gdq2eQF%+10^}ALviTbaND2*Ap4bz0Ql$iXzU%^2dIQvU<nf~^G#yD)>1w%
zPo(q}{Uw+6z-j=%zt|3$a*b!<V~f^&blx--^t~`~Y4o&^G<UijdAf$k<f%uie3u)s
z;tv2eW07t+KFvqwZ^Fs~niLo2TI;6)62~KkIoRrXhon88H{Mfj(e_Y>)HU-W&*I@%
z<~{Z5*GwoE;ltC$v%PI2`G@`_Hnxj%uz{<{6uUTb^PVoesy>Rj;Va+&Dww1bo^5vw
zw4*kZ)s-XZeg}F60RT$hX3lqR>F9mK_?@qDzoDr|XH@%X%txxgm1)<O<doOo`B!dh
z2yksXdLAA}KvS+J2uJ>`W7R%2&*>s+g?LajSmcZ!ws<&vSWUCwadn67s__3O^vD-P
zjd5=<C_)38YV}`YKVRV3=MdrU$6r^)psuU4Qr>tlVpsLP>I6B^<Yhqn3~YUo?Hp%o
zN&*c_cV!mVf7lz=tc=Khg(9GYCS3bRO!w+^GOtYkQTOul;COd+XtFNjy}+|a{==OE
zn|&;(WZ#m4j~8)xa3&{F1qkYDC0?A$pgahZJ5n@|WBjfEG>4A6v?aNF>lE`bW%uf2
zu_ZZS!@DozJ^#JewcF*z@mNNlzSqUo-pxakv1U6s;xVqZcBLH&yJ_OplB3rhpBvR`
z+EJ^o1CFNJFx6@)d*vImW(MA+hJ>Z&A2A{eLzgZ2p!9;{>zk8p$HAfEv{GYp<*YN4
z#P;#HxZN+H-oZTQwl~Hzc~c;fS@3>=k<-4G{;3LT^%ObyITpf-Q+R9>#6-@UF29?r
zOfL90cMZ+hT+aNSIu<;tRDK62Mt5G`M8tF*$KcU~_v-2<1g6`X2F5GSFTR-7K;a8a
zbQ&0gSPvyf)H|B0Pdy9299wf~-wmQ`T{?3r2d6;rpn54?Ba*Zcx@YVE@XN_GvIi##
zaI_itRMUJP+%{{7e`(gZ|5$GM_>Z`YV%^Mpj`@52k=^o|rSw0*B5!%E$jfAStrgAh
zBD!#hDO4f3fS+<Q&+j*s&rK8tz&4kn;&c50irvkzR953Q7sKj<LLHgFomdZ9t-hw1
z;BT?I+&|slm#i~`GMWR&dPJTekRssl5IhT4SNLVI;s_|d%`ywT=`&hpG0&OCLz_=?
zx;SI^>W=KVISqJ`qzGQ*F|-xH1+U}t_$Z&d%iYDgKthlG{Yih+@;YSjAmL1$d-abT
zh7v9E<mJU%e6d6|Xs)GtcJB^VNzqO#MDQj<P8Q^RBbtyWs@Cq8Q3JMh`>95t$;p_l
z@`w#9X(U*7NA+FTM~WNazw?QHZ(pa3_;$`y%UL;^{VMGK$`EcoMgQ8`AgloU=nsHf
z%I@Ox;5xdmUw)YW-NJABC5k&Azi&(QZ(a?BN1mULgpclj%OHvEiEQs*S)>Q6rrWS<
z>ZgyNYo=9FWLIb@R|*q*Ma@6ywZ_i5vjS+IKLQg0eor$fcBwCWY!CPTNP_K@=j{L#
zj)MJ9`s*<Lc`WPEG4Q<GSr#eQ+B8izu$2O5VAz^@B@%*_n&o7AZ62Jxv?c=0W`78k
z$h0Yb{8^m>+Yz4DYL-39i0XMm@QM%3<FPfbY&`UKAFZ0@Fg*cz_x^3t8Z<yZf@p4W
z>*5nNNuUo-MSx(72po|R0PK$$LTn#^Gs+rnD&Am8F0ASVN*}1^-GkKhF_w>*M_7;g
zv~KD}XnK+M_lruK8S9clnk4O#!V1%_u9U)sqVwe+wjdofZV5m0G4<-+yP;`2P{S!v
z#no*8C3x3_e8?yvygHt(S%}_n#tBpcd)e?l_|^rSpnyg8sY7=;n5Nyws$&MC0ONw$
z>k=GoFoS^P;6v0tDY*NcQ61N3*WWUaKKOc1-xr()3&?&23vjnh`~ip#d_dkh)m$M(
z)&T=!#oE@jiK~3xC53fDn*;*t)g4j~?OOCR`4Q)CHX!|>fM6a_jYiHmHhxJV1`BtM
zW#NJezwERfSHmCR)&4=*#2fM7Da9h-#$SpbRNE8n^uHJ&9CPom5f1hq08k#E>;Dp<
zSoRRGVW{^Frv&}MjC;lXwh%56FoZOgndugPGfBX)^Yo1S(Oj<f;C}~0a5eE9CX@D9
z+J?`_#0UA`%7tL)Z+Q{p|Nbxf%vSm?@-M2(^Z|UlA^@MC{?F4D06tnl!@$D59Ihar
zqx-)sFoghi{$Cx4jJjPB*y|glf0}UjY=`2$Vf+UhTfF!V<>T`_49|r{1cLkf3-tf4
zf@t9`9<kF(UZ~=#rmhVd_kU4C8J)JlbKLqWc)N~Mk1F&MXaHrUmr*s)1dH8xj84P!
z)y2;jQHc44!d#hGVR6+TiM{{Y<YAxrnY@6Z^LDCQe4k_NZ<9dVhf#mz<x$qZG7v<i
ztiVXq@LvpI*%Mp?mR2_YkwqS1h45Wy2bh$A8W8|+JzuB{olv$Oo|#T6`7!VvYT8Q)
zLO5#(tbAx+p<-^`R~1gJMEu?#Wfl_<&;`3o<Ts3a8pw^ON=-L{$Kk)W0eF|u12j`!
zhR?iq000XkCALFRgWbV%(3!a^`N37qBs;<+%L=ylTnxtVA|YB@y8dDSMNKb&SLfyb
z7lnBwNdgEKn??Sj@WD0I)EJQJ#d1K49ke!vmUt0ujoE7eaPwgL3u6~&PN!1?C)-iz
z<RZbrl4$_I-!vW(8CHKRwu&vc#;f_RDFsHeQbBO4rXT^PRwOS2ERk}1D6_!6-eSUJ
zmI{ZVE0FX{88O6UIOpOcu`2)^*!O_VnA?EE0uDEC;=8K!c<};L?RfR8I0rRHu&ee~
z{zyq~{=j@G0P*uDm;muXbQgf#xxoZbO2N+rd%SAk4xlY;0!WL^?EpV6mp`0MFex}q
zJpKXr0UjRDcEELi3?Mq;1``ReYwXah7s#h$^`k@8-3+-mo=1bLTD-_IR2?+)?C)MQ
zIvObob-f2iCmDATH8#YvpNIC7`VCfeeZG7}@pph@d7uvym-!@St&HJd>9&7aI#|&U
zVMA=exVFSu9V~DL=ORp-LQWd6p9<r920%1b=}Zi+6qFn!uN0|_kM<HVR)dF%!CUK@
zoJR{zOLB&gb|L@^7J$bF?j)?D_|D(;g3`)t30$^*0FMOVUjO}N)u4POQi51`o@oD5
zPS_B*OeF+&62jUax*b6G2Y-W={#OO!sHy#51;N1ddz^xQF^Dz6jGrx1&nUSFxDtem
z`OAg)HsI#sdY7F31x$r%_j>cgI}!}xHot$r8++NTXbwjHtBkO3zUkVq_(%$-qC#vv
z1ssTgp_k%`N^{Ag@-GH%N$A-BUku;7?f-L*0;jD1<S3};82v8`v?+l0>@K)KNRqSy
zoYhStFBkw7H49+wySD$u5O`Po0V^wa|Gy|SHSjv|FZlnehUf_A?!#8KHL+8DyO0}D
zBcuPB^hJ@FCdw{pdTDmJ*6V>U-t7S5GUacBf+PYi_N{>eCKd(`De$7ghIsdK?Jq1r
zN$TOnFq=h2MrHnT=++q07b*&MPK`XG&2V93^I%cYaA7U)rSl5|c;(mv0FzUP{(n)t
zO?LoBTaWZF21!Wr7U1G+`ilWjs<yz}694CzNQi(3xi(EhJx%@Db0;(IUhZk0@_L9J
zAzq*_`LZ3%_CRiObLvT4*tX3|Jn+BgT0?nb2=G4ogL4x{Xj@%bTTT<wa!KWQdagg}
z4?BOszB~Z;LLVGBxX?|o#e1RlS8@OuEBFbiT1&pBq|j1F?PqOHoSweN^Q-}v*B4J=
z;ILndykG#*uO<Mpg!$hALw&Q?4jZ3g`VSMY+jJDxao7dVoV{06Ze38qF`DB`6?`9G
zX@3qY0M-AC%#<Vf_^TPHT%pJ$c-mZO<<|EPponL}JA~J(If~com@xs4*}49E9gQ)J
ziTTn?x~1t||9g}*Ph_G8vzo%W@z%nV>6JiQ#8&WArI(^WmEFuc{>5sYGyx-KM^vwI
zRJhTl1}<I`^G88j<xxljnSKCj;LHM4(S1<Mo2E`?=JIxM_vGeXx22A5j{HxBl<#Rg
z65JqjnoDpO@O}It8^Mp_GjVHBk{+bs3`WQz@^@@pm{tHn=Bak@g7;kZhfq(D0+0#Z
zMc_!P{K4}Ug~S)II&f<TcE)@G$NOtAZ5O0hGsLB*Zw3MzF$txs719bM2WbV(gX7y^
z-t;m}=BL0Tn3rY&>+*UOAil^XM$Dkh4)=;-OJ{({$k_rQHg7dtPbOOVzK*tDhd0LB
z0QazazBei-!}MXNMcT)Ya`WB!i0{FJ;bp*QzRCNA%FJD-#Jsg0^+Pi;YFdq;TI@xt
zd|Aa9gvEpifP%yBrb7r0Jb_geT5Z7(GndOIvK`lxGWNnbbC3=+I6##tCK<ZmZZ`q2
z6s!P6sz1W>JB3$Xe*lTU>(be7&mUD_xf)CbPcjIF1UUd1u@)SLaxmrf#Y*Jg6}qi8
z4iNh^Sb~Wrq!3~L5MM=L*}=&FuE0gD`~RzP<@X1G*%A2{^(j+bYwmx>IQ+pCs@s7t
zP7)Y^uqfP~9@#rS1H*vOY{8lS^VEb%Z!!qq|9xuH=MTpIqYH1ZI=Ab}>D3M<5+6?8
zvi!$IsAcbr|I=EI2w3Q)Ah%?I6Cu}Y00J5U5(W|m3JMzP`HdJDgMtBI(a|t4u{f|v
zUz1U=iIB4@v2$`!QoS>T<2Dlg=N%cuE2uv}&OF{?QBJwG%Zb8$UI^%LcpGP0{{}??
z9dwAijc6>t#bH-mLB2uMQeMeSffWsV&Wzqb9l_3w-C`d3mYEXkl)FAOxXwdn!+|=*
zE^%AG`9zr>bn3YELtMYtf>9RTfh>+d%TT<Vc4bZ(2MIa))dsVG2VVu6<H1$3VSjz3
zNAtl1vjylRZd-puc!(CE#p!n@dAX4NOy!3yI|M_n=oHfE?2StIhn#p?a;?0wX-@8J
zSASn(rSZsd)7~_UF*oP;lf@SDVhb5tB~<tb1LmBP;-tmC#HYXg3+8d>730w$Rieym
zP!+!wp_^-K;+S5NdMxWrCraejM7oceDchO4y3??eK75Cs#i2AkSj<iytV=MlDB3}L
zy3wN7ug$n)Q216Wy9B*;S-juU9S#vmo1<YRL*MW-3T{FTGCJVxU?hcB>V)gIs7W_x
z&fc=1Ygue?0fSV$bdL6SjhJ3PItft)w((hb__4}wE1R&gGqZmHO3SEpjE=;{AsUH(
z>rsT^AUs?bIP?4Ka0EDuMQ;!;1Mf#)Xmw;GOa+xg(OPVAH-AH&b_3qrkM{9IvU!jz
z@9u+afjY_vLvAB&%o6R3cU7t8Vw69$T3cYlf6V7thpfM=`ohyL@91uv)p-BYE+Edp
zkQVzaX$rIbSl>f)LZmMC<hu_k(_j)YOr&~%-SG~b1#9saWrhhF&dfhRJYAKb2df|R
zz`S0sqK`CDH*NT}R;3r<12-9#7AL>+2jI(V>*iRu6*X3uQ9_y8?a6&r`$ZOU+`*)z
zPEW<K?seFW?!hNbBT>9URM#`1Z)V*KQ}I(Bg-nc}P=M1T`wT@B2|G;lKK1T5@K4M0
zl27C;y9mA&DEp)n=Oa|^v+It{A7^lL#*1l<@x8FvFwC%G0>^3JkRu_=&f&3*q>stf
z-wOB|tF#kk9c{>yK^uy&{@gceR3R76CTI98DmBDM6$Ceck{Yc=pECTU{nj{m(O_0I
z%@yyTDk_>%ZoBV)QvS>P7n+Hv@B9*+T7SRCQTmzxKNUGSU&7}%-`<RzL|YoIkNW=X
zz3wCJ2{Qq0`eG?#ggic3r5UzZI6N-=0m%OVq#sh23*WDA@7@jmM!q4NO0a&dt{Uex
zX<~npSA=(_HDrD8fbi*ia%c5xa%B{1y|*H$?CtqwsTAauQ;)b3`L#4}HzCSPTbUTM
zQR$hE8RhZDKYz%N2oX?jxq1?R68Qu0G!9nl7-4cie)oU-^KLmCaKAlUARA`N?G;W2
zlz(8;(L=|3<;J<ros`<S)>MC<!6GY8&h{GBf#VL62xF~RNC#>tGPqOJYgIN2O6u^9
zHVOUsUO9irzL~wlxr6$>nqaVHu!VYI)c84@uFHgrcW|}fAR}W`UV)!x;+vXS(N#vF
zX2iYS)TZsm<uqO2m2@GT*gczdkjC(%O1H<PyaM+q{j$pPYN@<3q^I%p>$0T#oTfI(
zg5LQ)f<m39tD!<NMI`S`m<s{5I*&a)usH3AN{`1>g4)}3+#24)9h<0;rT;{e3sG~C
zYVlJrUzIZ{b^S->GFAFvNa{g#Q6;g>A6l;`h83mZKgqx&Fg_Bdp%Z<}j*I3;vSvv5
zEMLsr67Ho?$mM?n_YFkHmK}D~>ym*Hitd=ZrFbf~)T9DiL}o+ux36Xk^xAJCKsdOS
zeAFDdpFV~WUTuo77og8V&_kbv+J=YJe}#LckOoa@Dm$O&niGBCDf2<tie<na`vy&J
zGOzq@BBYQbZo%EnjZ)5bv@#jWFjX?tD4);Pm6c;9w8q0!aYroL>_gOt$TuU&pTwdE
zl-VIIuoWyPv8B;3cH<XDJ?}W!Cwh6kJvXW<J~4~&&EQPAdGYPUoRgujRnZ}*ZX$RK
z2A32EeT(5>W}^5O+nsJ2m?!#;m2-_@<&I=HW~F=SvA#FkR)XrUkuOSbl@+Kp_8q40
zg_wnh&Ep>pO7&RKZ%rnC(IhSCT)hvN*gU%9kflB?U``14W!v{u7OvcP$k=yJAhFo{
zCd=b79V1(zvDcTgCU!rRlkjceUe~WpL5OkcnZfqLSiJIMY<8Asfvnq?%t;Kr%APo0
zzSLX}lK^+rFH>`Q4u2Qg`arnsv30-=QYtOI!@-@W2EDEY(OZG1r7lFIt_7+wQvD|S
zX;-`M;OZ1$&N}$8w4o=tB-|XD{}4FN=SHIXG;dnBcX_m1a!Qw0>DIDGF!8J9IMoph
z=}r6BHG?;z=_y3=8~+65D}xipXWi@}u<pIftnwAfvHQg8+nv^|vu_tZ`h_zmGD-b$
zrElLj)(zke-WG1hD~+4qXx!l}Dh=+4)7agN6uGYLxMKLi(>ksnAa;&@;iHH!SeRld
zk0{a8xRtzXnNG*?MWiPU@QTU#T~Zjm6vc(AWNNI)blHX8OCX%<L!FM6Jr&iexn4}&
zJ$_}9Niwz3+Dc)_p&YX~VCpKK=w|Xtfa({s`X9h>%nux+8pt3@70x$qpN4-@Ixdj2
z5@kuQV<=9+CSDOwY&_I*IpFKwoBouoF(v2cH~;8m4FcIt$}<fe95FB2`t`)!SiLUb
zdLswp)rpdcG(NkWFHhfEB7^wcTixUEmFg{ab-wUUuNHv@<Vkl0q<WL|>Ler-_j~;V
zX%iKR({B|OUrW0baciQ~g0QqcuXw=E=N<Lo!}rP9Ky8sO(n}qYmKx6R>Xv-*kh)LO
zA!U+yDEb|GoL_oeAx(1hMtpzZl?vuDgRHSk!W*ly19G~`pVK4Io3hl=xk<&69k~U)
z#AJp?pftkiJEJ`7qx5+TJ1i4)?7Y_dfh(*K*AHJlq%84{BTU=sPnl>p>zw##Umv-?
zF85TyeVl$0zn+<r*PfpnY(Eb0E(rpbA{06IJ~o&IDl_^oHTD&RjWY%D1gVSaU|za8
ztuI7j;KM^KNI^+{&Z;?1V@4q=HstkcN15_WpDcR&yqyM-F12fL_IEVceN(yn*x(na
zjJCEEsmMyedMxA2<kYb+28D~6r6mW6#1Ch)$PdC5&;)PD8gP~zgn=^w_KbyxXhn9~
z>KEYGdw&3K-34O0LnO2V25cHQk3|LEM{(nwW2w`lxfAB-r;)>+3NVMq`espqk2<r$
z$CFz~)Vyb7pXF%fgmy&Sc;;BGrFyfEa!Q>=0r{Jf7TX8a)1#H+{$)wyu!RC2%TO?j
z8_Wt-(vo~sY^`#sBexbHN@1&;3HQKCP@0#1WV0rq{R8A{HGWJH22bGYz@Sr=mXn)7
zku$!Ekt2OUVKp@TE(@(TLa?va8a2IH;NNI9KDqam!(qyCfwHq=y+b^->3_Y3$U*DH
z=6xN*aqVvJ8s(}o-Mt>`kE7VxnT+`jH>lo41`xUJ;;`ur!5%Us^&ffcob7`6hIvT;
z^znG{0a9`RE9yC?S(7||QVbVA4z6=}HCMx&dn}w8qqa(*useX1kU%rvVW9S?>b#J^
za3alHs~*X4C6p%BTRB;OK;QHVrtW9d;)epS41|o6;NPEr&*yKd&pGH$o|rHtmXR~O
zvZRdYRlLLuMpqrtKR5gYq&SW&r>lMP3WjF;E@eVoJtT?6WwKRa8*!!JM9Y7A<2;oh
zFEASM&Rls57n=xAM*iIaMMYCwmOfd_Ti&v{QkQgSdpEGlmd-MIGPkp9$<9``o5DSu
z)$n=CqVf3Bvh-fP8H$?TU)(>#rl!93_8zYe>SBks(l({Yrjx-?kef8&pQ#L=mKfs1
zZT9rdho?5Nu+510kitb6a)=yy2W6|gQ1Lt>4Nlpqrz@sTy@fmP`JQY&A%=K_H6~`H
zjt3VCcdFvUvx=;LNz>cpD4={QENSD-kk-7h*Pqr6+upQ1m^&U|5_fHz#uB$Rm^hHB
zYjVCWd`xXNqcS0Cpvo^vxX&yo4c(emo^J4<pVnaD^BmN!Uv42%Rewuy&Y!#&^I1Kl
zL?eQ~u;FN~Vq!+(cqBTx7PPUqX{wy94Bq1BS>is}>>k}c?Fo}~ycs!uzwH34D#>W;
ze(H_So?NpZ;i9>GYLmQkVvjpd%#lL$&eW1=^`z{arP6@@;p-H}<xx8C5qa#L&BC%W
zbY}-|mQD}fW8+&cjJ(QMKNkx+_DmUru2AuGDc7uD+wPi@rU)`N;lt(DphkYJXXuT6
z*A;8CVl)DDPuoR}GeTQOeRo-zQggOfbR<RvyK_=}*0koJ_Ob1UT}7mF>@F%-y}R)b
z)nzn@sMo{~RsB5C;w=S`s8$T?l#kl^m^j=$Ur6~(AF##j;PD;3;Btd02YhAY+U7V`
z!8^NYE9i!b>31yiq+%>XWJxx2Lu}x?yuKpxTLNYJuC78`7*6T^?8%v&4!VhYpNS*%
z9d87Tz3`<#K<wsI27x7GjGUy#S9Q$+7rONTSu5mNY%`^ypAlr;RdW4==Wk2oOBT}C
z1W7)9NLhGX{2<O5BNVY3(>Xz=Nt|rn7Q^TwTx~`D)q_WBnrmd8INpjICeka}mjXYE
zk;^E;!2t2{*rrp&QHB*JLSoy_7WB@w+$bXIGvBxxza(VJOA?gbHkfx+Zt1^y>Nfn0
z*&=384)^&?@xlUAv2FFZp$&!Z53oUjcm42K$FtspbKHY*dh=lK&=tb67(%mpdcCw{
z@Kk3^J>w+yu(PwfcnTJY1E*HmZC$5#T<#5&;W{m^f9N*j-x-JY5Bx~z-H<Ro{=hEO
z^eYExdtr72Nnb)9vz3e1ymZzDH+-dp(xP-m*wXl%T{GvdHwR&Qt%w4D`NWE%#l7O9
z3ujP5mN2+ixLECuAv-*L<@&W?Xf4kev`wdkG+}U~AXLXK&0Uph#j=iR|86o%tW4qd
z(l%)zPkgaYmivx0W99E{(~Is@au7(Le&dyoyU;gZn?{}i%A#I%G(qXwH&2`W<PyhG
z(ZW>A1Y6OdWr|nn+{fSk0QKiIaoqg_l);|eH?88!6jEg2bKQ3=n7$W-sgw~~<aa&F
z3_GQ!(co1Hp83u*ToJuu?z?`i2!(B~AjP`X(}q>s2fsMb`@O;p+ojW5zt+JQPOZJi
zqVTF2$e@vL;Cf`#AUbd8sIch9^jr9nmcQp4=;zexg(YqK=9N)ou*xelh#!2Esfi!S
zGwR=R(2o+USH<Z=J62aP6lFGRPxM7_3XPkkxp@6-X9Owr>fq}|Ds>`eC)1Bp6huko
zD}|<gY-ML45U7{de6<@D57qv?$MnsSdKNwuIzRZa;(_YCR7a{(vqdj1>h0$dBQ_%X
zK;+uj9kNA64xVg-y3<KgzhsiW%R(~}*B}yPz1G3g31nPPoR?x6msXl>)W)N*NgglU
zVB&r!_0!yBJ(86_QCBWc-6fZhEeF%mQjb#jm%AI&j^WD+OwQz#PGadSuKjG-nf~j5
zZ$Ewv*7Ek%+o?;T*S`0gnE~5Dj#c^|&Ka*2+2&VZ@Rb)nU;8T<;gM}hP;A5{7!A&E
zk*a*hZj_H5D<vwF`^C?TtVLE=@ixn__%TGi$Obp!Z!X!MBp^x|Z_w2|>mv=QZ|srs
z*HN(v)i)Iyb~1F4@K64#ei=mgL$r^ER)Bn&FA$q^IEd_sk$`W2wQoK`|89<G*>kT)
z#+jjOnT{eFN<6yO{tU^iyFyOh)lCLSzvh|{!X5rQ>69fo`?AQR@r?B<%T>(mZ*N(M
z@kq0~Q*t8ka`n-K>B!yZ@yQhJuPJnkIw*02R9!1NI9F*i2&0-zgUA#t*h*|tn{-IK
z-=>;H!0-GL=IK5DwvV9h!dC3FToa8dD6H9+?tqbaEnsv1w$_C$s#Vg~^z#^Me5rz+
z579sCjlF&YIqDZ}0GE4F;SuhrNfz{gUPbh53c^`5f7g!uczyu+S>N=W#K=h)29^7a
z6!;Nvo}#!st|@6EuJ5a~mJx<WD=TuGdmkxv_i>q--k0!|(a2IkcA249DUDL?+-B>9
z{z(|MLN)HF7Hs)s3i|L=R%dy5<YoL0u})!z*_lni*?agW2ge>URnYkR&84~dVaJQ|
zL=|%%@S*M~VX$?A#_}iQ=vVVGbh)u5)?PRgb}@ar9-;P^sm@a~B3WlVB}!=PGJm!s
zQP6`n0$NC!Z!%|$%3B^Yc~jO{*W8%1r26%UcDx(8Pl`?{Q9$N1VsI5ov7elL7<Q50
z^N|jm&Fo@rBWWBExWyQh6AOb<HGG6`XSoI%N_<Ej3FeAAcsSgL3v29R9h@7EjGer$
zjn%U-W7X6)lAJIdNPH4|yH|An^{BC`^E4pE#Lu-jC6N)+0@Ow12#UWt|IAi%5y>}w
zL7n0>W990CN91{}K8(=13v%M-3a9@>+$qYC=jVTguf>2KFFYT8o51j)+@iIuzjeU3
z==jY8&D!cB&w8Px|92hCgSC>cu+aLSB4n|-e{9yNoOhNT4ds1`Zy1DmpS_zM=ij72
zV!834yO4G?Rffw)`y;g?(v&ElSo;rP^#J@6x8tSd0u{d3HABMm<ascbS&}5wLSY-B
zX|zpuiA=0rF>EZ6PCL%Rc44c-qjG|+>XMjBRS8IrT?lr8h~eiE#UZ75M#$(6;6saF
z^qt0{p+GQ}X1k$suheRE59aaq$UxvHYUj<3((c#h9Hv}cP*VZ8#iD)EUi$-q#(mM>
zp!aJ%BnjpReY9tIOxUNS5rX;HIO6anPhVC>`J$6ZLL8^}r&_VQCKV0xv!1qM35Q;5
z{@o_)fqWa22g!T}Qw93Q=oXx>{7)6dOHl{(yG@@4@{3IL;fWqiCPVJy+aiRYD#Bkl
zWiT<y8f=~vEQiF)LkHTwqrr>~u*y8nvr6L0tD*Zo9_QTbGSGUo!Au2jw)fXs#b#%A
za~F!gDPe2DAD2o~H{mK|<aSwFx2TJ93ajEVYl^GVZ#Dlg`M6;9klUg6KxS6}+#thW
z_a4BGb1iYS&DgGnO}UM_Psb?D^j&{bQtwX%xlwtuAh|snbGUOT&k8N7%fHjX|DDxV
z;_U>QirZ^uySWOt-}<JkA+&@oFRtCQ7P&GjfA%+Ls7VBKP~Bz`?-ZqUcskuye2ZG7
zaCK%|B)NI;<z?xzNjQE`D^Z`Wcz%HZK4uIhPB749novY**arWSCb)B!Vq?8iZ@yHZ
z|Eb{PQSljrA}*?so&`ptD8a^*Fet53%P<{goj>fI$u8g75P|Xp3ZD3{eI;We627+b
zDGdP|M^w1AjGYm=qFHiZ2rLD*PZa1a^dXj9E~8SXHiboB`OqT1`*b$%sRSEZ#k5>W
z$eeRmN?Q=GSZ?yS*p|%o$?LK%Rc=)6T$(x&XFK<5lw&k}?0nVrDI)DG!5Up7b)Db=
z%bBv~$orptaR6jXx%o-X)Y-Yy3*F=6`ny{y)q6HMM(+ZY<OpXS@;FA*=ECLjd02+9
z*z>|EOzBa=R?Fd#evTZnxF|>?*@nqRJOS@8N(lx@*y4}sS~~<vB80GP74f(8r^I4k
z-3RMmPA=y8E_}rn?JA~7@o|{(U6&I`oY+}G&Fip@rmTI0o!XsjhsL)@nf`&pyxE^I
zFw!4z2dTE^JQ`ld50U6|VsJZ>*g>)@ggY#h?((XBBCt6Zh+u8Su$4c7DX@9KQg*gU
z9R7EANq*odVz2F)t}HH=wO2-_lrF*A%+HFp{nCYd@U{P^H*AQlN!91fI;yHxt0ddo
zT`jy7O6koggqj1Q5t~y=4SvgwCSRvMf;1z6HD6S-tr3Za_kRGcn+_6w)6lh--k6mL
z&QN8S#K<LwUMA(jtN)6bR2OuXXO-dEm&}y|-B()0M6Jpv>&98&<R+JIUc|^@247}P
zQVR?|vO5cWvC8S6?-`j?C;Xt6Y?zxj@l6i<l;LuG?*!?xL4bGDb^PFTmO7ECmG-j3
z{=7+^IO35wfx?2&JXuJu<9z?qWH+>`2!T=h-{cjuKi^MvLBC&w@+N0NH!W3rgx$I6
zOSDxC+WS~<!#KslM(eKUw>Ys5*pj*O8h+B81Nm(-LaZ`%2j13w5z@Kv62BsZ*saT^
z!QF|tmz#tx@*LPNBIct`q{8@bca|vZ6R5O$_H&DQe{W5~ko(bI4n&;aJ9pC6y#pVM
zU`03L7Bj|C(_Y{GQ$@8C4)ihy`R)ad{(q}_kW3XAa69GkWpTuWUEl5gr`j^<L;q#b
z^X}tNgE!elCJFy@MNAvTW*U`=bbaFRAHn~s{1@6PhePxj`k$`6I2F}9mr|1vN-s2C
zWHL!13++t*Fww7}#Ux`|*#~XIIo>~@8Ql}_B+ZK&BE*Lo1>*T|x++dtqbQ-;L&;Ta
zntsM8UTKm}Ehn|<cp!|Q2~Uk&7|AZRF17u8f#i7WR+B6QDOfi?ATVzvLNtD+af#Up
zNA;~O+{}k2tr)|4`LuDjO}zxtvAP+9eaVJ;PM~nrGEl7R@@PRxIN~ejEyiP0<+tBr
z1|RL7n04VEaG&tgYEMcP#)OifLtalq;c@AFgY3=i-*cF0fMGvD<|fXMk}gM7acT;V
z7o8ySCY&Jh%HJw@mulDJc+BhR?TL>1_4^-y<Zj}E&t_nfh3VJ8Sf^xA#S-JMeHnLD
zMif6oXL+O(`_S*E1q{aHCRnCg?s@ykMa1xeTq5lbj$h?D6lsYX)_#IMB1MUVRH#^&
zNwv(gIdSUkc(eHnnon0-wI)h_hgiHmnBh&WEXJRp3`%re7C8!zLKD|i8O}z`DQr)Y
zCy=*{v=JdvxExW*SkiBNUt+UeG(;qzWx<ZYne3b{Q=QwfX84oz*G|3@BXV;h-w*;F
zNpiT&hrAo@DQi22(?W_E>&I5<hX@<pRH8flL^4}0(=bl{c7~k;i1hgUq}WfeNQQlm
zpYFY5XpoG>Eh)vNm7xnbsb`@~Sd=_T;k0P@TQ1ekTTG)_d%tj%hE7f;YMPK>7;$=g
zS5UtdXD+P2yN?k?vhD$uUOrO0nz#y83B8dHgyl-koP!7HLO)80sZJ-bM=N~{gSP*|
zqNrl}F`U&(kAb#e!&@4!9nOM=zny-~Cg%W%kIwZ{_xg@x6yQh!_68ow1kN(xova#X
zzsQa{gb|ODBWbYaRdmY~=9v2~CtD)=OcmG}OB2nSVnOSWpLuV^=yR**r!qT{tf!nc
zz%5|1rJ~w8E2-3YkaZxMZ~6JV#a&&vk&el$sSS!k!LlmxDhmlo$H20YbHZ<A<$o1R
zrm*=`nUL-YT2~($EsG9G*TU8!N3w*{zV#E54uEAF=X8O~D?&FVH9j~T%P8P{-BS#5
z^T^xB*=fODMztMNR59uZx9F-z1nDB}NtsTm<MBr;8HMZjiJ|5du#5D@QkF)=a*nqp
zcKM@>D%knEeV>(|g7~ozUL{~}{pz#bVeYr{!!OvDl%%CWkbSQHKD;cwwB*`>qityX
z`X2Yw>wVjI3sO<pUQm(=1`ocgNy>wJG`qp$icmepB|6ZOtQhm0ae|Y^PR#IW>7~S8
z(Tco}rem7LOQ}R%=o;#vO64s&*=*l$wv-4^{7|VoqIi|*_-K|r5%3c}+l#v4{#Lfm
zKI~zkk)mk0)Z>SxiKC1u7o4UTtQR!zts#FzUv<=-A4;LKWfSJVDlXOc?2PC5=twmz
zg;b&x@VUC;m<-Q)wB@3|LY3pnmyDJiLS!_t@Oq}6Oer!9tsGxg)I>QG&RUSnF+Mv#
zfFq3;Run^@O^nLa@fh3duvnRjHa&`{{msz$&KMgN^zX(pfhko@o`x#wT@(uWXo_en
zbZP>M!|km|#I5p#XwJZF6-N8eG*)XDffUwKN2OY?K9<5HxS)n5%tyhsi(-&AkF&X-
zePI2rvpLad>H1XA+Z29O2rAc@{PVz3zKCd)o#B`?Tq&O<!`U_y1=qL<=U@bl3?5Ri
z@GY700XW_$T~oc0L`h!dWZm+Vu{hGO0e$GDPY|xPESkM;pEZv|MqNKLefCLV9d$&q
z>Br4sb|pp+R@zn0g-bK(%RRB}*(DX~LmvofX5Ef&=${Zv>yw}C;Pc}gg3i1M3+R5g
zG#}&g9W759Z-6lv136me&WjR;G9LY0GIA?KJoxM)53NsfX+FT^b3nE{grD31wD{<n
z`Tj19S%q`8S*0-xl7jQ+C6|UOlwA$S1939BG}tfEvC>mspLdD-1mEurf8b}0?ieYz
zS*}2Ftr?RVK>1JSq~7rUNY&LFNy@g#BbuC-O^zPzx3L##**O##nej*|KIPF`v9D@g
zw(x2ky>LtW|50+X+$NH3zPWYTMd%+udfedRH<!j;&l3@v#_?~IkUv1idSTlr%Nd*R
zwwR7dK<S$t*>-Zw-tVFB?8A0UOrlP=*)G+``$pVT&*gt(|5u*%E+xTi2GzVpoX?@E
zNu?im(<juTx3|AcIvM}d;7PGNLNEJPZQuVi!RS7lRXKdJr5&4z#VSU|>M@=|qx$;V
zEW$xQ*i%qp_Z3!5cf7RT|4@0P5&tlDHf^wr^AwZWwtGt;t^rPf2064<6R}$RGK`lw
z*xo9kLUiKkv6*8s$`=2B!Z5@#oFT7f1Yg#W17Fqv{~HPl@fGYVSnz!{@C_FTC;%D_
z9fJ&pP5Ct@IlHKekyF%<aZ(Ca4v~*p6>pVPoufM_-+hY9tn8eC#o|;mJ~MRX0>!NV
zbB6=|4fqa6XJ<W9(acP$?xtAnPYjQb&@1$R07lEN9c?vuO+#4>Z+OR%*Ouk{ZaR;u
zF2Y~Wa~bHWx+f^8zjw;iakU#xP3bh)3dcp6{T9p>ptv563%hYYGiu(g=+_o&*{;zV
zgUBUvTz4Lh`|4)gh`Nxd_DMMlKo(Lp;_zl^og4R`=1p|bta-v6XR7AjvK!ebJC_Ku
z)h;W=YYP2;+OE6K;W2XEw%Em|s*_k67-*(?k{b6v_A{rP!FuzR(~uzaP@Ap@M(7%B
z1d1Ro{G$D@>2oJs>B5kQ<KI~l0KWHk_@eO-U}-J|YQh;NF!atYpn<@}GxT><CINQo
zRTqzws~Ok^d-&Q$4Lh@LXaV<o-wZ7-XZFs<AGJyCD%U5X=S!k!vO&R?QQ1ntDw*+-
zvqg+I24XxewpcFOHcOE81l=kXwqtqYA(|?(tVKg=%8Fx$)TOq#Dz0?ed5p*~I{7pS
z2ZNrlHfA-W_*m*Xs;1siCW`#_&4voB*@;v^`5{5+PkWPNwb2$@hL-uk9dCnozvP-q
zjX@mp!8nJL@r%<Q7rwK<#F7D#TSgK5^gIs1&bdhHO>tZP1MKYRxT%cNC##z0OP0Y`
z+I_*x?fFt+B~J2C%Gp#>$HKTc$4G=;<ni4ioVJQLZZ7jp#*BUugwxf*_DKXY2~<(c
zkl8DFCRWNqvCJhpk#5hWy22uK-FMx#Sd;2K-ssgQUq8$+ne)n~tN+f_v!abnP;&he
z6QgG=?R&noM$zkER2vuUyF*o%)l4<)^6Tq|@e;FJ*?6$9W|S^Nn#3wA<e^NLzSEk-
z5`Ecti4b&Ms+PDHai+C6X5NfUZSzF6`r#Puq;-EawkkkaY!zo2IKvwTzl?7t-n}We
zhA<0;oIWfYq7HHnrUZ0<0AN>Lt(tuvwG06j&W+ZPSWzuUd(QKE5|b8x6Gi$uH;>wD
z)Ksf&*c0)UhdG=w-pRrKMR7YS|4n%Y%uRAu6m`zQ+INRU?dXl1gQ3B_N$pr=V5q1$
zMic5hoV^s!yY39y?nWX>qjUrG5kVqNBT6C&kr}x+L)GC3TNkeNO*fX6%vQq6x{O<I
zx{`g{{!KZKzEfUYY;6cUGm1pAI@9L3zjH+{sES1M8i@P3L(x8iFig8pt@~6*kDddg
zj*_3Fw75qi+ip*N*eP>xt`L${Vt5de05{w6hHELV+Y!H^wzfCU>;^9fhH4-O|4>|}
zD;!^bsHo%9LU<weG}mq^=Ty}`8&^xJv0jci{%ri7+eacIRuNJ=I=aR5rA)I1b8{+m
zLy|-zT}YLCu2N<8pUh`4JVbW7yOZ$*wj>#i7n~{(U7KP<p3xJYdk?mSWWjm^y7AQG
zot60_GbFnW!{4gze>H;rG-@P`gK<BRE3%f3`6!cZrRp>=F0u5!gYYxwAfdtd0=1GC
z_Jc2ld}E2UoXL=EJ`DSfM6}n}oxH*80NAg5u4edJz1!2NP;mf^3{4}U0UtB_wKG**
zwiOf{Ww?UAsWS7rdIh%w;jPhdtE+f!cD5Cy_fk|B1lE#$;pakvOd4q6di}kBKQh$a
zQvbsL_wT#6${3U~Z*Ttl@iQ4YPZMh{CWwy<RL1K0j!<fYs%Nzx$DP|Uz3j!t`pfao
zs%YZqzAI(>!*$l9^3zsZoQc${u;#;vEQCR(DcyteRy$YE;ULx6IAc@gfiy~$Y|{mL
zWy}fAxH<It_Iq|(nJ=Mg!4EfG8}oGBba92%pV!#?F{~8ara#H5N-%ahs?>;w(}FLg
zBo=a(6t_WJht!1AzxlBs%DX9*>U$xTuF*rOZizf^3sdNmC13EP<{N+iU<j$J^;aTF
zx3S9s>O}RKRQoc~szVfqSU&ot5Qeuh*1@ystONvn3Cy*PcjRslByReNMnr2^F7p@)
zoW?5%u?>rA^RTY5NvrZ|4eG6IpjF#7ey+h_%?vL`-EO08&Tf3`TxHhvl#QVMW)JIP
zG~LR@nV<$`m(TQ4=ooxC&f<g{r;|#`E7(O`Dm1BHn=x9-T2<nNk3W|tEoW49PHc7U
zRDUqka>lGJ-v-m8<PtAuWPG2$3glV1_A?p@)?SQr2zD;*9;IxHpqlociJ~u<0tL(D
zNvlu|HlaTg<6ek2>J>Bz(i31JAGu;_Ao^gNmlgV83X^tsx*iSswzl<FuwWw!Rh;`$
zb+DOYV@<GdVXADLyR%rj9-L+z=wV1ILG3`hkJ*YqxO}INcG?4uUxO=C9G<WrKC^+W
z(b!sMxBkNTOEsaS-84K%rG~aaqGDFO7+oo?Q*1l9T*azc5{4m;jH_K0Lq$XIM<JZd
zZmK+If;EPB00P~oYRCS)*GUrv;)UMCqM5y8#eC(dP2q*1B}PQ4ma6M=8wic@#VnJw
zma(j!pBWk4ylgbbgVt8t_0e$<Xdr*fpR7>i(+3YhQf4uP{8T?0hlO}uw<G&CSQDB7
zR}G@7kU)$xv0O@GIP2*HufZ%54Xm1z5ctaK>))HV{hL;xVvUg@Wu@Dd&oR8)_|MiW
zE>)KM)HFaUBp}ME!U}$w&|-BOX*f`w*golnvIjNxlb=g)CgaIEqg-5HFaItEy^NrC
zu|jm_Ay)84CKVdlC_>2~8+(?XdodQs1!N#PSREmjZ3~|JsAb4DV!^`=^l0ogxs7HR
zNzOmXtyJv>G?PIO1yX4T`C@~!cI?5!jgZuF+)G@+aR!aC!K-V*ai!C8nJ&y9v*jmG
zk&Vqhn9*Uhbzm^)#|F1`at1g0tryFceAxIaTJ}4-g6CEuicg`Um^nMg#3CBW!F@+v
zcWP>U1x0+ImLR@syO-nL{+542Z7S2bMCiG{aa+kMv}O9ycii4bYhKB~NxAR1s|3t~
zB=P;QY;EfPk^x|u(`iGr{D*V@gdARixp0kb<RPO;MkuZ~u{=y4-77eH@@OcZp-M2s
z0)_(RehvS8QbNDXL-mcy{QVub>8gI~9~;KJk^z$gK=19m)7tM^5w`IAY};?BS<w)o
zZ6JS%g401r{n)irV=e=5+kpe0%=5+vkcSNQN|1h84ZJ|b!@s<}$Qo?u(r-E5-ic)?
zAp7psThj~_Eg$)=Qre6|U7j1rU}>8{o$4E~SVX(YU(1}da;ZQ40Yq~?A|rIpirt*F
z`qLGUSf+f^_ZucH$7~^TVuOuG)(GSIfLd|kTUMtx${-q~wik|W$i&eKH432{mAPc&
z8*o0#r+~$AV}_5{yXbZV_=e$dO~;wM<KMa97Z%A3uBDW|@;30xgn#Ae_lt6~&T@;=
zP#z6~E7*iQNs!tsI$@ftH-dYIO0%bv16g(my%xPTG$~jk&n1O$jKv~`!|%d$zeL$G
zyD&Sg)c_A)hyRXLTx_o4{=96Wtd(=Im@?*JL9fA0R4kKx+If^Ss;Z4DEEg0)H8c72
zuqoZB(<e<K&*ulP>^LjDvNv(DW4X`}NH3*O>OF0RVdl~(Z<eknBb6AOVQO^~WlBT1
zGJ?#wW|2OJQ*19yjYYW%E3H;ESRpLe_<NoGB0Rr<_UHa-wjA1AY`2@W&2}C<5t;(B
zTV%+M4++n}))?)B?3LXTgi75fW+!94T6Aj-m;#AaRr@A4aXLC(-Rtl+UaLy#JhY2c
zx)@c;5;x~}O!RzQW_nKIlAnao$j8@)*15PH80;aBr%`@TpW&Ik$u0~9g|g*Pk8D9Q
zLr}#1&TQvPlHZxMi`%2i*hTV>5ecUzNXVRIN=f0P*vl!}J~}sO!nV!jQjI9o|0M2d
z=2gvt&sj9BE!F_)u34f9uV!v!c485ag|Q2D78B28lvT4(L^o7R5R$$V;Zv9BaPi{{
z79UYouV4_3^YLZnDV5C#V{1?4;``F#(iV=4j`7Zrf2ezWvIHB?U>p@Iq+T|88s{f>
zNd8&?;*%J~-2(~FpuCw!EdPZzO?>i1C}Fz(7>$&MudpieboH76NdI<Hb6Nqx!O1=<
z&q*SQtK|!Y!qW8g%Ho`A5$|NR^}(s#5yNb%)o(Jfk+dTkd>a@v-ghlMgS|<e%2$Cc
z-6!E}CZGEfS2jT4Gtx!dNnQQ##w<Dgbth_``f#D~Tqm^_Ee9t=6ZuW@JZO*lI;qL}
zAJ;l_Z#j>(8=Dq=5IlO*YKn?l>dMQ&hbG6bNi{8BHsuY+d8Pl_AiIiia1zLpAOES%
z$L3FE;A-_v;OWrk+aTx22~N=mpP)ss17SJcdM8X1oGa|~%5Xl2PPr924=`~M2iL;3
zLSl8vk@+o@Y#hJo5P~N@qiTE)AX{*K)tPyj-#vSlO;00(B%uEZ*E{VM9RkBd7RH;-
zNU1b()(xB$-1jfEKL8cshQ+eADCy&P;Oo}2uFE}9DdmTmT@0)}WhqXQMpjD$Pb1z<
zHwuePH{LkPy{$`Ba)tmCOL3VyMe@5r5`$_NlfAD#!H{piZy;xL&f=>zFM5V*dDDy%
zS70y{=x(@o!?B**@1<PGBX6AtZewU5b!bw)v!g4ejvMA-?FSWU@Y2witVsM2nbytJ
zjXq)OlA0iPRpst!{AR1DS(?)hxqK)!!M)^;fT$sM0E<46&!bLUuZtux8hgpmgCH>`
z{xttaXg)WkrUx^MTbd}-T1|U*9v4?$el6zJyuP$s@*%#x8tXzgyoQd7V_PV5e<$))
zR^2{9XP$j&dZH!TfFD`2c`i(*Q-y*Xxl^Dn-4j%MNLU&4y&=RbB~ur*Br+;S=uj=O
zX|HEoEVUM?5<MNw#3-jfZf+!-k_4uD&BJ2biLX#r3W*f^5~W=Hv|e+htln7&xfy6X
zLU3cnz>Q06As4r>$a<zm&q)PI-knm%rx;;@KTefBkde{NPvrpJHrN&&&fa{uG|)|U
z8#EM(m^|{M_A5xY{wGDtbd7q*_+#>0gsM;e_mSc3o9dKe9r|l@keEa|FwN80+kb$X
zU^&j(UQu_NA9{AZW8zGgOrSDy`~4U<s#FcL1?qMy-I@vNnXd;;!EzUjQj^S_9P6f&
zhCt2WvJ>y72~(ycx}_)<eFz^*Bj=?5x?mNm94$maflaY|baC~@XcRpSyv)Jx^&Yhe
zfYdliWkfkw!N{y_lFa`TmGhlMBqLuS=<(=ntT>a`$<XAeuGd2gI2dBi*J<izQuBMC
zxnx0ptWNPc$AohU;vgB2u|@@mT<HUE{1a8M*kfv@9!`ufrpz^cwhT(4Yj<r)b_IP#
zRjf?ju?70_mjd+9g=uU|3o?I+G%v&oS^<7zof?p_7C+M<6~=W{u)~ICEQz}^!$RSU
z9QE5+vG8<BfraY_RGtCdJF>xCDj}$JN1a}!JnE9pOls>Q#4=8`C3>?`M12!*8sl5h
zxQz`l&2x;GnzGFqOyO%`MbvV9N42%CPD#j~Do(9Qpj6L)XRMndbP~hqo}57Sl~~D_
zP}GnsjY;gQ99EzsQ36>}oSrm3+0L?r)1u*V!K5C?7nN=kUo`6PTVt!|frJem0?;Vo
z+cGnpCVLZ2pUUP!;-+gkeM;&lJ?9k2bqf~pnPxygRn7EkL*;!deyortd%y%9ykb~I
zXO590Cb$r_3zqk7i)C(OaVUS;A-m<|-f#vKHb-TztRf8>$8g96MY2d}XUQ06pD{C7
z&jsb6A7#lkpEdADpO6n`%38$BDvok4)J8iff5Z;(dR-N`Y!*oQOV3;RhjYMWeEvkp
z0(L06Mlza;?o1SyO_eHiR~0$@ePeGdhsgNDaosVdOB@ysZ7L7589W=)5ar&|P9Mk6
z{FX~|3HAb6eOnG@Cq0$4EQnl}5HHEe3e;y?^S0v0#|={#y^AkzTM#ko<Ujn{+7-Z{
z`UA9}F+#I5V#v&c|7@j9-r+Yto@$qJ03R4lWg-bM7B?VOw+hXoxpw>rn=@8mE+ml@
zqk+|xCmc(Y5uqkkFhMtnV{Y0;AzjV#XkxadFYJzMn$PUxN~IYtOkR(4gCEj@NLOJ~
z-L8Do6@5W_c(5nOzk!f5zZ*+k_7c4`-?*=PiE&GyA325J)r<M}i-$B(8ZTyv$ZO)R
zw2o!pD{anHUkk{c26SP~7Q%N(Cxzr9_2j=3n>`Io10>Es@gzzxQV7^L(xx(JmdQU5
z{I3PfnU#9fi%OZf5@ijXZdlm20>h$s>qiabJ4&^`yO|3AU+jHVR9!u{=*HdMZR74z
z3LAGV?(R^uc-gqSTZ_9(ad#{3l;VZr?)2{O`|X@N&V9Kr_vMZ?R#uXgOi8k4R+5<+
zqiLGlLwzY#y{HPi8!n}MwnqF}l$p~zatF4ZGZxE<R{dy{f804ak$?Hx8b^Og_TDlU
z5r1%WjZA#8MKAEErdlv6s8YmG&k`%<U2228rYaJOT+#?v^NFhG61kS;DQRD3$iO?4
zkoCr?Dn~E4Wi_)1AQmg;TcU&W!Av5TJZ6%J=u*(hq!>=HiEP%Qz&jL|_4)uwN`1@f
z$@h%G$II+4>+zx7)bzGwBCmWdVW(DaU_4i$^=aNLg-l4DRP$KJ`$Jg^h327paH)D<
z#ch>v`Alf*RjqgmF(kZPY<erX@>f`IASzb@PP3#H(nJbV&Q60ibPW6d`z@qq-`29?
zU6&Pf+E<Y@i%pIIhrSG#&K)UCOHen9xsYfsvl=u^*%eVyPwUey5Qm*r%nXqE<p5ia
z4b<FNgv!^9)F<^4aJ{Xj_GpIlL>sc5QY)-eB5O{O(Cl#F|K;p5FTyrDOW9-dyVWo2
z(Ol}MTepMekUWszYl7da`O`{zBbEj#Q$?l^xi!$?N^o}c)14DnD45X(zamYITBKgz
zqkb!DUPB&6@`HeRNQ#uQ&a5o;x?Qy}xW%$kU>02XG1tT1U6yA2V;SqV2V(`{M?rUw
zv;(c6sHRxrIcG0w8m%QBU$eb|FZPHGO)7r?^;}VoXlH!j?w4KJIO@>D#Y${X{Ck?t
zbgQxq5d75#pyo2X;P{3zJwdua27#!YGBFxK`ixzV(3vBorMSj+L?+<76fLUeOsN%*
z(a088TTHg|$Pw!W54%?74%YLV)e%||+BFv`uF8C@m(nzsn<WTgqp_6rFx<Qy^hsI9
z(J7D2GPR3*y(qB(g&;>HQZuOVD+~UD`(<>k*G$i%r1#rmYO0*teK@;Bb7X+!Zg9LU
zG*d`UetD+!?-KfUI==EStASmSvPe+Lig$*`0BKAj7_h|sVz|mHx!yyR1F)V{#LqjX
zy)?IbtklchJjvVr3o~=&>+oW!#C0DR2~6u!I+H`cw35T{;7j??$WGExYr`DAY)z`_
z)n&qmrLODvRX8$hMQcL7HsyXdtQM)xtHUa&73}qu<KgdhRuw8{2IeZDtfk1m8xL}~
zU6ZWihiYnrRKC1^3D{gFj=5TO3A<e6L^k<sRa2@^<@&HxpCqUc`H*pWwqxKjDw9VM
zSEW)UlyazSI+J~MozNpTkw(ozn5Jz#rH3nvLMo%)I+Rg}tfhK~I>MnkpEv1Yn&x%;
zj!qBsVE%^+T7`?j@=sc{C=ImH7cBAw7V_!ak?Jp;42Fp;#(`$49n=~<sDH(YpG2Cy
zpkRltVi!NyLhip_{S5<>S)n13!2r9Obz}WR_$Nf~_NFsZXaDNXoAjJMk>-fjpKVS2
z(bqpbd+%zW!Y04g>Nqm3bF0~2zOVR`wtx%oyaArj5=n8=7-v**vn|Sb@YXkiia4LV
z2F|Yc&)E<F6My$>@^&OiI6BKNCiCxg`+R3jW_{Ao_>P0+Pima;x2JF$XxC20(Qv9w
zy4*&4Ka>zSdyrw{02lWmV(DY*-EkXlSkzqpdm|PFPOTe{Azqq6R-Y%+Y|Sl7uVlzn
z<n&K$^^>F{AUR4;@v(;9J}d!Bvn`pyLwRLM-7&hr_t@(>?jdm_y;4Ovjev2<p>z+c
zO7zcB$p`cI=?Khq$Frz`3V#6U8+mI6OY|t(?O5%m)E&V}?(%1D=9zz!ud+JA?dtvQ
z<%zIpx`N4-MHa>M&88~bfgnqdN-GzOR!iT8Y_ob#aH(#ij_Pnu8(M54I4O0)0P}q6
z0!fV>GS9&7QCFqNGI?88W?cNO8*?Pr$$P-@yofJNBjz1{Mpc30JVx3dfFBod!pCma
zlR|#B**Hbtvil=OblY9zAw(eZk1=VdQl`fzIRO=rk&kg<CBe!V1Pp1&6^rtNRjT&`
z&%0qrePh^!cxpT4&`iCwwhHArTq%a;PO59jZc+>hbLbv<vHa-KisdM0Mk?&qiQliZ
z-`k>mW!sgNs~avyqlby?TLk2=L^GsgjpqO)mk~p%nnPpqB2;@f+P@FB6UpOS@a>}_
zeNZPX7_cd?SX9iji7dx)aT5<+NU8X{jUZ}jbOa^rlx`A=AB%<eSZ(a=9jOIrJ{O`_
z_-}`Z4q#~KBM7J~ClS&bw{x5dA)2UM3@jdsg#wSLLTQh%!pmnQpaa6lYC$pBrE;i@
z?6NWMl|xClF)juwx}Z7azj~QeL}#%;1mp~DpT1Tw#^<TFegeH1fy#SnG?{Z$gDwV+
zdwTr8u?DL{urj=EN2eFVlfP!WMJE?aqbZ!l2$bK4VYbhhp0A31XZt55ze~kXk=_V>
zx)25XliU;fm>{DNTg_r5{=fPmLFpeeJI8wBPC*qlMUvl1^h%mEu5g_FiCv{3Jt=9W
zr_&ZwO`rULUG$X3ciJ)LiY<*u0@0T=V62)46JI@>eBrPpoMuSKJ&;4TvK&#9DwU#>
zC(^YgC$9-yeB?aXp4xs2`TFS^#Pob{m;aU|J(ZUmOlEk^(N~gqgC#3p2t;L?EJ7Kv
zr>o`XT$&WHVf`ILK3z0aA!+E+N<kOdI#3N&lTI$Tlgrsp>y?zTv{dgs%!e!M*mU`a
zvN<6o-ANvBG3_lGInn-<=Z=UcrXyD?!Ap`aD2|q@DNFI1L=TBkNB;J^rt=lqpZL>X
zY@s|&4FI(TNYR`#Y7|0is?Ge3l`dT}*~}a0B3(pfED@LQ3M}gOC9tG#OJB_8P@F!7
zdK_;wG%q5#@{J}UvN9DD@S7v%T*)6prk#OIdCWQP>#!w9?_+{=E9ikri~@?PdnpZM
z^=wkUS_{f+)~JTzykW%=<%aIz_<dN8Py%hov9db_KCnBf|M(fmTlC}&G)OE|<$M^5
zsGKL}g`04c7}AtYYO@?aSjLj#8%!OnF~i6$p!J_+l=LWeT6AsSmEJ69?!c1<o@)!1
z<jbbv!msy9dlVBG*gWGkc314=*gPZMG)-eE7_}yBCkr6!R4Qc^N>gXp(R$dfVlVH!
zk89#Z-R`hUX~u7FxM9ArUndccb9XG+h1N#v6dFu+EOWD$s*($~*;$+v`UM>k6I&1o
zokGuv<gLZyYgN`P?%K@};dLYfx@D2)x8)B}oDY^wMbWu+n01WA#OZ!fYd_DC<6{#@
z%kGah`l6HMP=_6hMZLs5?1np$MjNP9S4W|t--Ub`m7NWdzvu<DDc?!)jx>uDk=dr4
z^B)RKwDVoVrGy&8;e706GjI*Fwt_DucDlSJ3UYP(qHdNFIe1rPsa{kcYK>GcO0}HL
zx_FBe(QGRcB$nNUnU_<985eU1Z-3yx=-Cw!mMYm}Am8r8WfbElLVoxp4%5lTCSWO|
z=-@l3`joSl$ncKGDR6&(#}&m@M6Q`q-GXF5kGkE*fzBn~mbjGct(7iw|4?p^j(k%w
zM+Zk>)vEfU#sR@11i>P}Jg+C&yKI5^nZZxHmcbn|?cwgKm#^*iv91Wi?_U?I&9`cN
zgzo?O!s+G~moHfQuP<>%l^@9ec`Yz%{xvb3^DkKc`;(Qs#2)77f4xrjr8LG&pGufw
z85?H^a`0Ui8Asckh$*8CBo!osE3gfKSuJGW3Tw!!H#iUP5E#W;yJk+kc%^RO4CvDg
zey2>j8jd7<6y|8N)il(vRl}N`%XSTCDoatnJHMA|EsqXsW%8*U!?~8=nT+FX=6C#H
zWY)B(Gp{U^yd}qhUZ9(>nX*c(?l}9&pLX(xgSw`gR<vTzDb0)cu^jLZ;BaTLNf|NC
zAM<#dO`UN1OZ>M>Ru7{n>2wb4nH{f&8wr-B#3Ec}JDdH@Y$%1p#UGc&Kb&D8>cBs!
z6*YD>@oaIN$WEvpciS`ResPIRuZRqppCr5f-YF5{DvMj6P|leDSi+X5tG(feL&OkL
z5uIW?!m$rBaIzi8DfIW@yOA7R`*sr4{q+DkLQ~!@R(LzR1|ZO<A5y09(Lq@e(7_uH
ztX^xVh%P5!btxf*OPy10orjJLPqa3yFWN9|vo-a+@et$sP%CN6&z3g-JV2BRYL8C(
zy^Nlym(n#<&h~2^V|u-LKG;xojoPf@W;xwOfQ~N}KVdcP$sTUk``UStPpfXz^-E!B
zGwY)S!olW<ZP$gDS^JfIFDspu6DeabN?1^eu^&<ajhBF<B8f?PLu#0f7s)#9cx0Aj
z`x@JBD5(ZevtkjSNb@I=$VUNXB3G+=kIsnQBKHmA>h?5*{2mjPLW!DDVrN&$vke*r
z`Aa$@x`}qkpm1KaTVH=sYrlf2O2M!PiX=lyvtYdfb8!RDl+?#$Lyui=fc%qzlj;bq
z-Dy)GubLYn=m0faYF&PSIh@CCcfjXWcpP@Hmt%H`oGvb#ODCle)Di^6P{CxaciUeL
z#VW<6ZrEF4=KSqOhB$}G?r!hsW~_1rXP&;P(TAT7pUPF!ph`XukI~tpo*F3Kf`#8|
zH{-bksF?Mpk%r}UbA0+XrnL|WB@Wjr$2-_Sq`n@{8^*DyzDRc!OU_i(tf^xc`<1B3
z2-T)HtQP-OCu=DYNG*|(aU3bhWoYGH#Ty<#f~NTwsDtj|N~fPWkaYDdJ3CBO@|4(i
z9Ajp(ve8^z%V;`rK7DY-=8$w+15tCe@I1~1QHyv~F;bGvNRvCdfO5yaq(N{w@rGpk
zcBQ`C5+BpIDhQ|=_%0pnYMdmXq%8h6a2dPIQr^J3iZiSzMbpuiSb%%Vw3bJ2wPKx^
zgR1i4A;PXwHd%~n2SObW7aM0<t33uzyjg`7kBNklEibobi-XNfm<z6YPz|e@CZO4f
zh($IMt6DbNfY(Ow7@%oWUkD9Zx_yXcsxBuMR+DnVmQ9yIPTTOVQrJ!^t`JKaj>l8i
zkJKVAv>vg=bJUp)L^EQ2s^_f$${{AON`@QAQzackNUD0*z{0B$ON_ak^-Nsd@fXvP
z);L(2W@><NwJ-&2aY+MnR_DctUsWKzzi896@v3IJFqc7QVpTK!t3>erRU#wIdG_au
z_hi?hY!Qdr>a<I5pI1Gz55#iy6;ceYKDY~rpJMq62Qu5<c)W_SOW4fgjnjE3wur9s
zUwf`&IhG>-aIT;;e;TzF-P<WCQ~N-`5XKXZ5G3N!SrevSUA)95r{mHLt?ax{Vk)4*
zs&NEJ9n5EP{T+&{jeX6fAr(rh>K1BN;!<HAzDpbkQJM#7ia8<=;a4WD=U^gJ9#qI_
zMmtemN1&X>vX+>dexNO|ZXH2tbLVn%T>kKO^K2fKkyFMSj`%%=I2M~!t@XT9y-s1I
zy(nwPW=Mt?#k2-y%oc-1G1CEsu~lBcUX@dR$ZN6OwXZB$7pXuCHT82Mwi?Y6PgJbs
zHxy>u3LNk`lYKBXtq~_JBYGJzTCrFgKHFl}*Kg`es16e%*w$?f@|)MVozk5K@`Ewc
zXZJndfM1#(zD*DjSW-)y6@4qVFp_-JN%Cpxm>O^0@dV1f*HGx(tBfu6k&GFEvuR57
z4k&@-;9b(0>0rd>7VX%4TS@YXb8$%HHcpY9)JThTPcHb%kodWLGR1j*A6v!QV@H7`
zfG3jZ>yPsQ2f6pwZ}mSLHJSgF)i=BnU1#GFDBGjC=$8$K<jg2LZjhT(Ns)Vh@UW6J
zOaX!VcJBLZCU>l$NgE3pJ<)Jy%?m=TY?;ZO%$@TyInldHCf^qO?G^q_<dBr3zJ;O2
zUpy>5EGrPEL-?}3_x-t!t)lk}f7P7&r06d)7uuy}RrVw4kL4fRWJs0wBIz6CYk>7F
z*RqM3W43RB=ckeM)np!NJR;+g|0<{J90Ngfx4lH_R|U;0ry#!qsi(LO;18Zh$>a?*
zucYChQ~yS#3o+*Dd9nxr_PTk0H<-M^GXF0&e~k+uT}2W_Ma?=UxhFrG$^GUZ?$+u1
ztVYBA-1Rrw_gWLgf06x<>QFg~q^~IV%uaO~Jd;iGDNFYr(<V{A`3u6@zpLX1i;ZE*
zzsp!g;F|(b?KseiNkOt*?r%PS=ZwjqiKqeZ5qJmF_}*;)RsKHHujV~g760aO`}aT^
zzla<*`$DrZ-68!r&=^u3N{}6*|EiAv)TFIlQGNNHI?&2ZFCg!)3Obo94`*@mO9Fna
zX8uJ>>iBLBLIJbgI`t9#)nM{c%W%8S;J+J<Jn%=+3T9cFT$_-%0D}gx`*5mA-$g8w
zfABW3#xp`cPx&22i0y|H3dFh66%njrl{!Bf`L8Aq(*Hl%|5brVj^~D?{ZN{&Q~3?i
zk@G%kyF+?4{!qGLaI^6Y`&L`#JzJosCRuU89XK}ADGp3;W`@eDX5EjZy=P(xXf`fu
z`$rDd>p~eL+0^PsaVu8u`tY=UH{mTW(9rHO2GgcH%dQsmo3WbPyxR%RQ+NKJ-oU3t
zM)@TI&RBHBgO0PHa(3d*`T~H`=UjUz*Ulf&n(Ma&@A*agL@WOQkbaf?TA{xU*cQIo
zNGn%g+mw48Odl2{OnMmE#Wp5<F;m#3h>`O%zl>y$`OHas89xl{=6v}7N&e?@8Q|M&
zX2Y)e1yQqP!GxHHhk}8Ih5wh0c!>3QDo!yqQ_Mt{!2Ehj4p86hh3fXDiSs|zD4|5T
z{s5vW7*?nPDXG5V6+jybhB&ClpCICsl-FDZ=7W<rF-Z-~xA^6ne(A=$y%Vz!Sb$?h
zvtP4s<<W73dUeHc-o$pXeAc^}tBv>^^L@!j`yOSe$|0<rF6Ri9xEDz$pi%=Sp`>G+
z`WE$VE4TpF2BEKOyR&X)4ax8iK#j<;nMBDG5P8j?fpWJu=Q=^;INEwz8qZW4fkTeZ
z&zFkmV5+TNbU%kB2qI4S1Nc<#kYN|7MwtC3Ym(8GBu)<?k){~Y6RU&a(2RDc;kyxv
zwZJv3Ea;sLk|zI{2GrtNcshMaik#hpqFDnnG9^&5tHcIQWs^8BsMqC<A$m*jF85LE
zmC@RK|Ky?LBfTgNz_f<n{hka8F4WsPKp#&Fyl|6fTIw%%12_8=6u5Op;@cQ#b^{c?
z)f)v+v9OvBvM&bEu2?p>j|8#$AT;ha%nt?=Ys3N2Rino#blA*!i#SbtMzIUBw=wk4
z;!J6Tb1t;U;}`myOurcJ1e9BLpA#xBO!byFX`m*Cg-^Z&N!S5`KgpiHB(xw~B*@7`
zOjS^FQBua&4Mg~{t37so-9w!ss(ke0R9n?N;1EywxJf?FClws?2cTY(Z{k@d?_)F2
zsngbcbf|}>YIp_9gKgK-iBGDN*<pQ`M+DuPm_f)c{mwi(tlRsO5ylk-q5v1`#h^cq
z=_F<`NpNbV-ThynvQTC1R$g1B`++dwQ3izXffrM%xVW%jjRwQlEtGe-{0?smgMnM}
z)2F@Hs=<e`qz3jmaGX#xRe|e|&c9|RC6{!BSb~qwuTUxg{b81SzJAnz(#@L);=oY^
zm0$kWpar;|7(|vi>kTmQV)x_JF&qjTUE<18Kk0d_NepfUX3?oVcbTRdCZM#F$D>9J
zMDNM4S>*{2(=l|+xF?MicE}&T4CM}uNO$yme&!D#2Ti866o1U>Z179uqu4|z)d#I<
zSXn^fX^;Th>qmH+ZNOS&{r9USOl*`OR~>Vk_yt#+0v(O-fx;B2N0|NZl*Pp*jf+Mp
zck?j;V8By<8mB5Eltf;=LFT+pIh0!ie9uIiRH?XYVJd0az6=xN<Pgz#oW{R`f@=Q=
zz)H#`!Xe}3{FUVII4<en`j>`vr(<+Lq`gvzu8}G<_+VDn^H{uB7nlzPm|USLXpp>O
z{rQHj4nwh^%u_!~79IYSkg|x#0sAw=V5UUM2=FNte-e>WLGc=0t4(khe#>B}l{NSQ
z)3I+v9VKoB#a&r3>!M9w76uF-s(u?XPSsj&GQv?tp4N-GG-bJffST&G!QT$Cfbx!E
zRyKrAC-BEWqKP^W01?Z1D>zMG7*$niLTj<pZxEyevDEwtq!m$fiOTu9xFN6vi<(3e
zvHMka{J_M(ksGF^*;JZ@(2qtHsjW!m-Nt2pJ2ez88)De|L=#OAiR0MOA3zYTyn*4Y
zTazP<Gc?pn$7{rs_m&uQMA>+m|43K<AyNVsIwtre{8=IJ9duGDI94)T%zVw}s5gQE
zTA~r72~*HQK@^?~35E;~Va?}Kk{B?cW_lO#LO2>cKrK!=a}s>Y<Gv@!kYLB+D_)oo
z!&Y0wLAZeWCa<RBVqB{b)Chu?3olwse<$YDYFKjF_iz#sR|X5;GaBzTHycVasKJIh
zgncfia{whQ2Vm({(B*gL=TZb9M@uP*B=FT^DIbG#5U?{EOwbV@;WijRYUWp>NvRby
zaRd2=+L8#mX;wtCl3-Lm5VHu!rjBj>??#dw9fxWfEJzhnG*!a)ml4J$B4I}sb@6~h
zB~nigC?sS?3+FQ=gZV^cM|pHzdVha!MF_Bsx#>0$8v0U!>kz(wMG!HLDr;s;u~!T~
zY4xO8{w)S}VHY!hg)O42h!Rw!n?ad@nWRAXd9(QxdJdn+D@Xtv8+VdeSvAF4QUgF-
z%!?Se-5^cHr%gzPufV4=iWr4zS@ZBFuf-4Gz)ygUx*_yGzzD_!z&#<0Tmt(^y%4jc
zpk_-qRTuX#ncu0Z-G_#N+PRBD-fg*~eDyMesUw8StUvemgEAn%Hv-{U7=E7Ql-i)C
zp&He(-!uS09O#fUfXeEd8Ra`L_6}y<awlU1`MXWR!e0Upr8N5Jm-AY60C>#~jl_i(
z+ieg#^R{?t6!Zt1>d4;J9WtG&=Ir$bZo_m(r2Qi_HNATYch%E=UMECKI*F3ZC=%pF
zC;C`RCAdRAT<;}B$`F3wpwQAKDFfW1pWtk}z-lO~#)Po4ns>?FN!VB5P|2!wgxzni
z>k3@v&v6EXCQ_`MMXCIF6)S3w<54isse{*5m|~eH?YkE8`2<^mt7X4b%A_nYQQ;Lu
zv#1SRMQj)0>(TO~h?PVvqR9DZ16p5#Ekah-aY2u_bks9g?c`mE3APC&{B@6}Z?z<p
z_agbI(`)B5Q~2tZIum2KOB%6+RfSj@jevVfu1V)Q0S;`iBPM1gpH_}M%!aAzgs^nM
zc-D@tICSA9!0Cex(8<tS8WR~O2w@HXnYtfpfSl}oz(HpzjW{(tL?JMxE&pDTb}$I#
zF?lk0W`Rm1sURq1A*#$%t5<o*(N|R*IZQ7Ny^$0f6^%=ntgyQoA33EYkw^Y6!57N5
zQ(IRe#6tr^@EmtNd>3PmPQc$xR5i?nxDMWgR<OS0JJ^J)iE^3~U)I#Kd5=nYNvjT*
z4x^+1RPkko5JOoUp_Nr266JwH&AX8c`P7O!#AMtL+j$Y6*p@xja}hRg!m-H41rZAE
z!5s!pqi_lYbd&TO1H_at<xPuHT9G`siQ2+3FwNrv4*63}D=}vXz&IaBDfMr~)`V`*
zx#+~G4i!J8BQHH&g-r9Vb;?I<d^U{0W2YMh0fIe~bKfMa*%I1ro|2ZKgx_dDVtn~8
zmLK78h{d}tzN*584DD1OVGG4u<qrtW-qmwwNucW4)i(8`33JF*zNUVsJ=eE*E7#1t
z7h)*6K#_<)<I*GTzeBnELU|t_H@a_giM;Z0lY#G2!2!~{mE)YaGyB15JDORd#}PL1
z1|%cx)os&NKKB*hHlAD2-IAY50!2;G*;I*_IqPfzbc)MVmqQA{N~(yit&zJUWR0&%
z9PO){`5dKnf?cgol6eA{M0c58_n4_IyHCITYbDDKp;_0q7=J|1GdDi{@-&p<)(DE!
z?@z2I7lIz?q!{6L>5Mp;2T4h7j}E~B95PAMPq}xk;9|oDC$b&xzyhIk;83-ht~?N?
zgEW3NX4vwgh(TEN@`o9}ki=QUll=YDi-+-2=&>3KI^phO>tc`1C!Km8KtxA3(iur#
z#)Di3N$M)wOauJ!*?lOlx~>k<$H~F)Ot>=gS)AV6R_0a)Zb`)QYZYSjCbTpw(5IF)
zeKYP+er$NXflGc?T#4ykYL3MTsNKC7`}}T$x6;oAiPM#z_*Sb`lN<11Cl9~iC!_sd
z4z~bhYHieQ!CXr?2>7!#Eb%Up$zS$1t=Zhfs^Da3qjt{xzD^2(P5A`YNT-3<*G8#5
zak-@}-KL;*FX1q&6L~x^%c#{o%OBa7b}F$Y_;^}`32%6q#E*d8(aV5mk{U1zuAI#v
zG7Ix0<~eH)dl*{^ll+x@gO1Bt&5tCM-FoT?;yjU1qG5oFlM>f%aJ_<m6j!QlGzQwb
zLd!k668HVY2l@MS(??P|pxR7`FN&T>ugPkNQx1tK+!*(Qi3RZn*Ey}5FndO)<~9Vp
z0+8B;Y827WUh<ygN*l35b2kQ13DpvXMA>}2#!I0j71q$>Rm$}~6J8rnkBrk=k{Gjz
zC7^!rxDEmlNEnI~6AJViQJ-}+ZmRatNq}?IPj)xW#|?B>Grwa|7>%7n6LYb<V@`4O
z-h+FIT+?br)Lp*T`A+4GcFnw_Fu9M^GAI&kZcW`wm-HRs!UG%5GA*s1Gs#z3SbZ!W
z9KB`>zfVQnnnm`u?i^}mCQ_#evE}}%VeR$(GI#gguxHFU(I$7Nwb#A$-`@AL|1I|4
ziEdt@$}#H)g*OPaxUU%G^(<8H4?lCT&R`<CLIoofuE%}UwWAcKzxuV@jg{%q)ASNP
zPOizz2e*cuzEo4rc#IqZ29WUbh+GP&u_UK7=x#zIZBdrXuKV`q^xvVGXb&u@cVN;$
zjV}Vk>fo4;2ZefU*+9%BEB35Q*=fC0PIJ2SP$kYh8pC_XY>OA@SrDBv{(7_4KzuNV
z%u))ssC|z(mz$`=WN*OkfK6zp3u-4Yp;YxbBX5w5h;`*o{J;&nF_<EQ<f9;3Ds4Qb
zgSdQF47+R)+Ha;Scp|l#xim81yrX#+`jRT9wu<p%yhztY%m5#myDN*$IT;j20=E{{
zO(;ylyF@7xH+1<ACP~n~JZ9U2HUP0H9}wy5cz?3By$(*87>@*_7>16FM<-tK74JUO
zP`}24e?p(Un%FM_Z#!L3SvQA5fhxKG_8^W^9;PJPiU(XxHI^#30SF2fgz9fANhhh^
zD#b8D=Qa~?67(aceP}==aJ~r_|I-zz#VC=afLFm>Jy$W{Qi>`DMK&IB4~!!AgUSLs
z9z8-P3y<mq%!IQI$Gd<C2M{oX(+T^iliQ1Y1$uNl{z<FT+u*J}#{68O(_K|~4+W0N
zEntZEE(Gr*bmjv_LSQXU1<1DZCh>yzOrOEM(#rFJo47D^$YjB2=-c3E+%3-tgdgx<
z0uhP(t~qqfoZt0JD_{77KQrDQ#_g#A%qeJ8!z1ayupDllp~IPv8o*2<fHeX~e(qQw
z3~zjY!I6<B@^2|jsBjcT2Ghho80Oq<Rjzc&IDFwK%08{cRw%N|4nn)1U<T;}!mU)u
zh_4k2fH<eLGF)Scj@=i=@gyEj>5J5gK5e;UB*rHf&lEW(tt<g6jg_}^SkG;<!|9L>
z9M1fK80*}k7N3ZVQc&3t0}D(VNynybr4}j}P>W+3aEV;{0Y&ubfT@EOi<~K0<6~%8
zqu>k}Q7ViD3!iUIFyw?szOWooAxLIGq)S*NJd2XbOMs!C>+zCXrV|yI4B2Ukjv_Ge
zYjCn#7?n>qMR#ipnE5FycE`$?9Nub@4%G-9S}xtTY?Dqk$BQVZABG&ZA2`ue?-_$D
z6iCQ<W9b$t9Pm9w*PkPe!p{uHvPzOWLwk~V%k;>NKV1<CHf|p0x@<oKiV>n4cZo2l
z&cVt(SZ~wnPhRKEwEH5n#7X%J8XKWREy6_8>`H!N@e}wmT-7uKUOjS$4Oe_u)z2?=
zrTX6Ih5LBE_rY6;HL1};2JmgkNS%;jX|JO<?=w}E%!hDa)b>hX7uCDP1PSvDnJw8g
z%*I_V@%-#%er&pTIvkOr^u$<%K=;^a+o~z0v0ggp_wEGg0NCA~On~g2Of(pUjH4&P
z%%jl$2pLVOtvR3zVgi$BrLPI2=T7X#GpABF0#?0Ky-a13h%6`s3R!Y{j|xq9ayRys
z(vm8enkjgVXe=-TfF;?P)*(@+{*tD2$#ekXGix+nfLY6f>wx|ylYe1FIF^+jhwu{U
z%{#u`@W}LR79aUwy<Ae}aNRg#T@K5TDZyaU*^O~dS`&WB18pZ%EwQ8O1=Zp89_PuV
zco^{vBqjzrw+#S9<|c(dKsCDD#zu@T<dVlTTAAL8qa}hCRAcmCsF@+_{Q*flF1uI;
z3Ho*BvC#aF7>F8T@r8_B?y$KEF*iyK-@O3TFnM?KRI?@Ecr2)d!=sov?#y1q7{eqm
zG+Ru{BvplDdd7`d3aV>}ojgK<93>zfZiXJ~;LbZHB21NoYIa-|G-m_l;xa#tHM=y;
zaX4cm<{bE(q?U*^0PiLBg*J>BAqv7<9?Mk7dnaU$KG`3|A<BEyv>g4(W$@KBbV>P=
z=R7S|4k5bG5(QkTv3e?m8jOrlHV1I;sPOAbB`uBGAp5l{kX4CG;!}cI3PwAzQq3lc
zrXBL(RxCA;u@%^qI`F1T8PQ5(IP|`kIbP(q7_)^Ai4AZ7S;@Z`3U>?Mp2eKcW_CB_
zXOt2BEd2fbmDHc;XI^!z`6dQFRge&OkJjhB!p4~fhLQ4p5}_buE+}z=Fl87*^k%NI
z-l@I}xF|$SYLF(D*;|HmpWIp@0jaZ-h8xuhhPJd{t(4g=_j3HiSEC09yf@0|xZvw)
zNfy8uEg~X-hT1^I!W9;E&e95HoC-j|?O>?Ndm!dIA;n@Ef%L5gb+?8#8YT#Z3|fzp
zJ`x?i2$w=nb@H|574O3=3r?)w<+9kobQQ7acY*|hbW-<tv6WnNqJ6l^yYvXeGKwNp
zGeAU%jvYeC6p>vC)sC-}wuwnFT3kj*{TNWXuKDQr4}cTWUr}g%2|p2{-<0Z#b6~fb
zY(ZClKeKwn!@#x@x`MCw4i;%xeb`;-2}f&^O8ue?DLw9hTXqyPyZ1-_Vv2Y_tUPK4
z9wSKau>JE0HR-FZq#&XMW%@BDV~vUeK70gqevRbgm1<79g)~pOn}3te98v=i*@1j+
zu8dG=@*4uy$=IeH0}*(yWT!Vg|1<tv81hss-B&h$-)+v{>TXCkg|1J0<%vK5@mSC&
zB{>+p48K7$b-SQe6JX$TCo?G!(^JVg1@&sHRg8lrK#~J;`U4aIeE8%JT0n#m3>H;a
zy*$DGd^xL}#Ee}C?%K(S<zcwV`{?D2@HD|IuO-!&I0|=8O3zA`iFM8icM!3Bp0JJV
z9r+kX^TiG0tl#9-3#->HPOo$DWw_QaoD;7TX?2$TGR}2YQ9Fqu^J}q%MC9iNGM)U3
z=~|i3OURwO5utnxFdU8GuC0S#asoApn)s2vQ?jQPh)8R+=LANwE=)iZDm}P!L^jiW
zX$=E*uY%v2(mAq_ZSP{fgN(!u68U@aUUh!}y4FX!*emRmqMQ(95S-UI`tDMuQ?S!>
zxNGYJ1FyfGLv$2jw@7Nh*s7Rxd3-^$xT&xpB+64n>WD)S(TzKR%NrxDnvdb(YnZ<e
z{+o7oVXO{EDKI}mR<M(r56a@}06aKM`h5w0UB7A~u2|ejG6=P|^Hy~NstQKF9Us<n
zfEB(}4I_xVHNReQ{QQw>5*vgFk>R!(0_6T=4TGWcLSy;Tg)|6z!%?{U+ZRXh=mu%M
z)dktyWxVqo=K7bH^z7WM6YzJvh*%MLyRgE$y4vbCYF_z<HRp~M<a5@5l^FknZ+k_0
zJ#HMMCt-K_ghAMNAW>Q;{+F+)Pd7qBJ5RRK4%c#r&wNT3?+dO3?zI;@!g7tFyg%J%
z?YJj{&rjhy2VhA1IDT(YmknZBEFX26HDE^x8w}^OcISz3(^q``!63sJ50drmUsp)b
z_=p=CwEaF>pMFocKoOnp<Keh~n_2ATycek%ku2?S#A^KH)J4KsB+N7TT@|4qqIsyN
z+CiMEBU{4)vPPcoAZUpyhUO!?jnc~IJ8&;d<2M)F;4bx1Ts8zV@qYNU-}5vOtB$rh
z>2U9O!U>B(d5<hZ%V!YDmTxk^Z1*0ebvvGEn<TII3zoxMn_3)#qQwLt=eEHVv6ws+
zieW|gQhLJ}83~K&<Hq$Qw7$)it6Pr{$ey&Q|29?<hhWb~5%$DN`46Ci@@8s*w2<{%
z44QTkFqzxpC5CP6GNZPTfi`<8u3k}S^a~$|kcgc7jmCulJpRBd8IzB^q1KBS44W6Y
z>UI}zX+*3{&XbsGZX*L<PFIf^2ne^pdRDUKBQ|v5O9G!FzKyaxMvC<kE+D?<1%6*M
zaQT+pD?1b6pI>@F3k}^2^Gq#bHHRlPkN#eS==PBOu|G~#0v16kd<`&}83e12-yeGV
zl9+x~3$Ti$m-++1NvMOz3U^@8hi{P9j}eB7Z~b~noY_hU3Cl^NH_*o<z{5*B^z4Wx
zdciRFE@E?qR1YD;H6URwV7_DdJbPGKH|Km=Wy!goMDejua8Q9e^M_#W{68HGTpl(l
zqRF$I???Yfr=U3L8W#}f_O6t>{XdSq1O8_iY==hM|Kw9sG@pY<1Dgo`C+dIlsVEjN
zg&cS)Tf6^PM`}EKdR|>onK-lDv!duFSX1}Ol;o0(q2L=p7reEg3u9i`$EvM24vVZ+
zEfQ>Nl#T!4qh~4!%pQdeAD{nb9Al9Wz-^Hu!!8myXx1NK_=NTZhzYH0xDJ7L18T~K
z56%&VG*cQNlJGAPc8&8ez3T()fs&o!zJ1|P_9IXOgn8vFye~j^t-gc;d`1zI#U}p9
z_r(}51^QbEl|`=-sLK7;_Ao%~St;f<Y@jf&5a;<?EeM)6+KwEHm81}=O}!1oYegmi
zqev6M!#F3<Z#XRn=3~s>@+8t=beNwQX7JdU(d~soqX7ehZ+YX`eaDZYZ%UVKl&|I-
zw@e$J(80yH=b6=w?FKP${ljfpRbKrkRT*?QaF<N+Mt}%D%mtR=zRDn2YSW8o+&yFz
zp%U65(`b4_vk#qAt|)^hX-0Ek)EPZ@6v}qDo+8;^Kprbbo@mS#d<6$G3Q_6Jk%EK_
zAD6zwFH|ZU(8=m#-w`~amm5do?4v4u0cGF__0d&<GKRON$~dO(SJ*U}&L7?K10=Au
z6YTj=*&Exq&k0FxGj-5m@V&vm!%$IoZ)Z|4C#bFimjPhHCz!NA#9#m*#>8)dO~NL=
z9PWx{i~{T<>2*4lxujdfBKuVktbyv0dn!68npwV(kBfK8PLd0diZ#=d7X)30=Cwde
zT6?wE?M!^H-<%hi7Mi}qIG|>fgpo4fCTM~>MuctJ#zQl|3nYPyHRZIf3*a8QpFDJ~
zBny6w--NXx_W<Lu_6i9NaQdnn)f?(j60`k!2)`zC<c_GXGL&^OHP<0VaR<VC#+nN3
zBYZcm6_U*snnJfkEjYJ*qk5S{$TusiwRKNuh32eU&}}Ou?u9q)7pY6Qq{9s0RFWP1
z-f<2gJR<~CTg>gLc-B9G_#>~2F0jnLsS+_PZ>gsyAR>T6F1X<neJ2s3m<c$5!+!-7
zUL}W0g_gOb$3iN5pAn%dt>)SE2Y~rz)x;^Ox@>FBo<|u?JZOaL8h0@&O|6!@gS8M1
zTwM~dHi`M(_#*Kbb)cpMXEe9Iw?$s}Ag`z<p~F|iV$!+IP22a<i?^w}>HhvNCQ-=j
z@`R6huNPnnYi8<l8x)o(<E3DzJpUqibU#H!2ar<7!Y%-K_X)y()(kU)h%-4!->RJF
z;mp$;M%U_X=r$}ah_G>SZmUxqaTJUbI1~IHfD_1I#9Id?fQ6qfhJr@Ea6zDqDJ==e
z!Kn5%&HH{zVbB{AMkOqlJIV}nBmx{#Wa&buRCpHvgnH+gaR<v<;~DZ$=@GXKVWP}c
z-}O^2K#n55ju~It#?1^uubZuTeG&}anx}(_3Ec+4!vE+miR>beFh2%>F`wXs=#Xz1
z<ga9ok%)U?#hNu2<(;L~*v8ebG5{e%apuDLO=etVDc@faxqisQBTz$k5(VbsJz~ue
ztRgbKgoOc#`x-GswUMzj`!nq0aU*Clz_VYMu;6Jogpdp~O3hTL-`#lpLhkE;Co4Hp
z;MI*jPyHQ{s+%@L1Z&~XrD5nJ@xdUxMMe{vf<XuOYhn<c#gXLq0B;oZ%v#L{OmHEP
zgp|>#qm=Bu08hNqLzEY%P)kyGU6oar1Pa3jTDZYGcMpqGgjN+<*ds{-sF<alRfzJR
zq9PXhcReRbs}P&w6h&Wmj{^~P2myI5J9Dn))3{=jI@*SBA@3dfIij&--}m~sd#L6)
z5L?5#D!0+oTE|Xsd!rol;reWEV-yzAZG)Tyb$2M)%5qb1jmzQG70q8#zvlF}Qisj&
z5yQpH=n-}fPX(jTlOu5*bI=><Z&}oRfBDusY9)+qsbwxf5HVX|zFt^CqLSbMk8=%~
zFC#9=oPI<hgFwqC#M4le5|7w$Z5)x&M}E)KFeEIZn>}W%vzP0tEIu9zW4cTvBvg+Z
zyn#?e<`9e-hPNExs=}g%z=^-1r!47>o>CJT?-Un3Q<sTc=R=5`&`5jp2N22Uu-a%f
zmHmJF&`QMQFdryAxrcx<f3k;o-pK9%0dVn0HD4QlK41bA!PLaTS=5i=(%;0;c~Y|O
z(2)`}08u-D2@LP28p@Fifw!!qXNb~%pbshoF0*zl2xt=yWyXL^u3&|XrKATA=p0;K
z3e%s2cQ5kv>5JcTdF7qI^Zf&WF8G9bQ?^Y#n{A+i&53z0PsZo9&Qa;NCW7l@Bjjh?
z_YZRZN!Q_D1e!kCmkcac5D&T*?#qnFr&2J9X!w;qs$KoR3cf=yqA!K4(=%iKb&fm4
zA`%?jKhJW90$}~UPVW+!n2*U(-*-U?n%%xsHTm~4J=Gt;(BijqCEqIhQqF)j%1+aR
zUj+zUPBT5YH^!WzS;j=CNQT4@i%*L8%Q!+yvwSNVRwSZl<~&|CiMd~*v@XI+b>*Wm
z`C^^sr|?U`_~TtVJwWF)8~IJZeQ0o24f-_P626WTV@b#a2kQP$E&=|y&2r1%jv_s3
zYuEzVuggI`m63^Ggu>zFG{2N>QD$&&uqC`NrG&jy7BbwZ{=`-GZmpXsiW&enCZo+N
zqf~5BER6lrIc`x$X@9%@3@#=2S#538LU-=og5x9Ma)sm5LRK}m-Z#-BM7t8eQJi@5
zWL}FIFXiW!HA-(YBjngn5*u}ZHseE_&WsSRo4C&la;zvGpqP*M>O@#9Ds@}SW#pCV
zuAHwMKf6tPa=^IMf%w&IZWYh?)@7Hhk?BSz*<*0$ChQ2wMEW33+Rwq_M!3to*1YtL
zG}EI1?@JKChS^Sy-Rpr>yz)j6d#1NFOKnuM^ORi?RS<S8;a50j-BZ26k|+B2uhe^_
zq!%Mm=Wj{P?0&+p6S`lDIy=I=J~uyJJyRx&Gx{XSE^)+7YIERql+rWQMH}9g<}Fc$
zB(Q~wsqtKuk9=&2iLBZmG#PO*yJ-(Ixw&vPc{8!Ds%@kfL4D)SNHEbyEvrcvrF0Qo
z)@%8|Y<yEn36EwSJ3j}r5YL!86dc!3VI$tlqoq5d;{&^(O<BCF7GR>0BM{KVBLfc=
z(r3-7h082d?5%Z>oa*nq=N4Zzte4Wkm#9>UJmTYXdy2{<{yxuHa7R%aiLxa2cT|W8
z369;$PWOddo<bfe-dJ26Ya-KU-IN{HD(n7@_q77f1JDCV!7R7&nlxljWK|nW%X~FD
zd^_V|&LPE)N+R?8DuQ|gzvGhHaiHT$LjWpYtCUC<@etp^5`{}deb3WDk|M^_XAy%}
z{w7^&`UhZi^6UZ8HyAMOr0Q09gcTcJu-IZhLKMjq5cvaW$2v`3)t`pgjac6DH;nYR
zxkCVb?h8lf8ETbHnKVETo`s{X^JhTDloWT0)8ayF4z?ehBGSJFrCDx}?OB`UulzWw
z=8z<BFyjRll?6#f)<AY*_@sL*z)S;={a!@rXCXLB2N(L=YGvWah_W}<t{!ylgx^P+
z{+9Ql7~{C>ybm(+%|`Rp;^q+G>vPlfRs=CT_lHH}0M$GG04DIfyu8u^;v_yvv<WEN
zcJEUb(-UTCdYMA0=J6BCU=w}70{;vMnpV#bn7_#g&{HP(0g<w`KVh{3YQG-;dU|~8
z4yX-DN!1{*KNnq|zP)~h9JgrvKlzA-X{jp&D+2($|NZTyQuCzf4bKCltjf2=9S2v|
zCE{jxX~#ptS=q;R<o^JQTv{K#=J0HViwE_OY=PVIM`rAY{s7#Y{?0-@+jTMREtBi-
z7Hvs#LSjq8(ifh?&rpgRbSt<6(AVNbZXTaBws~-h9~~!96|y>^cu!uAy5^5AR_XpL
zA}b13r>?z*t@!f;nQsY{uD5gO-ky#PoaL_E3WXJi6tjw8R%*?Bv%a6Y8hDEzsdgeX
z3(O#V{?=xD;SX78+bOeGYZ6oxTT|o!=cm=^NiT)<B@V!aIekPyJ=-0DE$W&~cylz+
zw>S^x%J|tP*;HRTInvBoL)~Pa-aG>RTcyapZWtG{9ASXPD|dfkwZ>;?DlhN{)>+#i
ze{OqxZ_Y^|B3Za#tm{H{+El0-D75+zILG?{A8>;I72)R}0KT3dh1a{~G<`Js8lRK6
zfU*m!I>Rqoc1ib7(pE9WH#B<laA#&ebw~R?#fvW3$Tg!kD9wiXZ-KTm)>k40){`e5
zWi%Q#^hcgz;N11EH$|yiBYe3Pjq>g&>y@9b-rNR*6E5Eh>y_Ifeg`A)o%t0_M0`CF
z;z>*Tby%BaSxfvav`acd`c;ZViMfiE^<`v;uL5>_8R^#>1(o1)SdSUU*_#JU5?a(m
z^r-ksYv=*<FEb$Y7=a%G8^w#m;`^1^U(-1rfQ*&hx!c;Yb5zs8uqktFRP(h0WsW=9
ztRII4rBf-)ew)6)v%!P|Yki7blM9S%mX;i43F~}X#P$bG6;Uk9_8y@S*lJ1T_23Nm
zAa?U4A#LOGeN-*eH2CX0Qs}^U((#a&ElzhQ11vFC=LqMlJX}7<ZYE4*JTJDgyB$LN
zYz#qz=G!6r^S!*Z4n^+-e<QKE?T>V8pY-AkO=>%?dH~Bp>5=NvODwebt7@jFT;`Of
zTjf9&V^Bl~c|&5&cdDalnSg}5U|C-))hTxyh$Y@xRuPO&iC+<70RiDQP*kgod*7a+
zJNNm^o1a0al}zaU$Qn6;Kio6%wH6&Sij>r>0B&%-=CbfIDRm4jPPHON^DL|9XTtk@
zht1b>6q?~>CcJYvncz#LP(ClfQgN0~y60!{_(09h9R?-fdf-2pzGyt`?`2F&EPeR{
zh`Dgz^Al}LOT0IJn5Km3Q35jgT+^I2HbFz{D)m!+#5hAyx%YgbrAiGHwTM&ND)-(H
zCz>gY?ByMC=X~w6sT6r_nIrR%{MjI{99Gb^lSB$vbwl*JJ900|po9OUz&1DDg~RSU
zM{0e{U#?xbv0v*SII=|Reo=G%0WBQfdXPf)gz$YV%q@1zp4?MAo-lTn%vcCr)+E+?
z)x%Z2+K;t7{<60HHO8wM45}Hso7AqTkqf`VuvoDCgg3it89Ni2Fnw5LTzF4tXjIyh
z5eGM7MYs7ZQR@l%k`V*fu;@D!dkon1z8trR;f_9(v>zhlLsHf{pyn~*Z{jUNlz2(*
zB)`Mlq88p%QgC+G;<$`TeiKQVm@L+{ReJ{OcPyW<XsnNt3W4W4eYpj{Y-u`k{Yu_N
zs}jcUQK_THiW<n^q;;;So3(h&F73O270H~<P`)FDdsbQA`=D)Hik?U2`ErEX^y>WC
z{V^o?OA``lju!=GN<8HQT*`JL_Q=);Dqp1BGYnC%LKc-`-HhX-ot8YA`uvaK9_zmV
zihkII`oy$59Nh1Wc3j}_AmB5i=OF}Br>`x!hCEIPjpM&xWOL50I_fh0g*fi#r4>mF
zdZJS1h6HORnW4NW8m?!Vg<d_v*b2nvn!v?$fOLZ{d*6d{%-wm0X7t&q6h7@oiYf`a
zYj^$`h}DnAP>7b+5fOvK)?N*`Sv7db0XEHHWeL?}VVz5lM1i*{68KxCAym<CJ3)h5
zmC$JXfMM{d-r@%uJ1nn{h$@kKvFo^T*DQR4VFuy2fIZ+I*YfJsVW^Lc@mcUMZrH1w
z!IKROn#j!8emLIBh*C=4(#0Nz8*(nl+bLL|qvi#r`@=puo4q%-X!d#hT-GQ=xefdo
ztyAs+`fU*-T@#fheLp$kY254I=U1rz@MS%jlvqkp)s@ezS_GkhnTyAF(lwW*(c>C%
zU+2X&t*-kgCA{!kuP48dZRfju_zXKB73?g)zSk_zyd|ZIKF@d8ScFB=_XUfeFJ?;U
zI|5Op<ABobzSCrbF`m)}SvupD^AEAE*pWSCY}|Q>&B)g;5P^CNvCzI)_Opq$(r5SR
z>C`=9&v{_ppu?xThogO}J0|$M6!kksv~P`(=1r6Pcph6%!~B!nzX=kix#XjB&P>+@
ztHfx+YphmLM>vHN2kZ$mJ`f<F<<zQqYS^k;yQ&RBj=4R2K3Ch+LnU!1+`xAuoYTfY
zKuL8H-1dlrKn3wy|MIPcm2w>R<T{G!W%{Q3O`-Q!WSNtdb4B}=c2UcSB~8haXj@E)
zi?c(GqDQdv;4K`At8sy~bn0z5eZ|2q3mj5YUIoEphIZ-Z36vx!pCro&SKSe^T@?+K
z@7dnkq@SlDQW=j>yH3Bg=_?b3lni`}of_ZvXS6>6>@s1I1&peqnBuRkmetDv{g5ey
zl@=cym)xJ%={FIPtr#oV<!iM)2*=FzpXFY}bWnIv*AGl6G)ESP5W@4Msd2)dzIs>o
zzQC+$QkdHW-$c`CFYSbyLsiZdUXU@o^|-$&Bapo>2H^9vk9eC1+U?)At>#o4rLt4O
z+1IAg?G&+@!t>ESzQoYI1<e`hv3^c7R7Ou9?4h+lr-!dLGH#vUdLHq`nM7#m6~~gY
zhrd@@r;A+UO+7}?JbUU@8`Hv6I5cMP$XlD0Ax~z2`IJf;U2zynjb?DDbGFgFq+8AZ
zP1wxug5yZA0wYG}A;n)aGZzoE{c(bEKA97q6$R=9O`Z@}e-r+0{3nr+XDY{y)9e?F
zv8n`V^{vOj{`lkPd0Z)*a0>-(9E%jT(}&-VLnDD;iwM4)UDC!%a8#+$jOez@vzE(p
z4vp=0y=unKv~*q}93hn8=r2^+*J22H6BC$Ca#?vl^l#1sC|q8LARkVeSHF|D{~G}S
zyEpvCGD}?$U9S^kmN0^kE%17JTwMc%&)pJ4Le6%BR`CJ7GXGh?_{w;Uc^7_<ked?i
z%`nLPmJdPN-;8oS9s8Ge0{S}{cGZ?s3I8ViH3cE=$@fI8G!65M5yb5FV7)ezjvc5o
zWK`!(h&AD)vD|M4ehrnt?Lm*n(h+IQ%x}0&y!OZGQeGA0qk2nqG8w)S?ls^o2NCnZ
zJ(Kvr{$?>v9RtwtBpAvb3UBV1jHV4CN;2MVB-E%y!)Zghju_wdfzeh#$QY|X|I{To
zp5P4fQ+E}e;V{kKGrXzmIoW=IY@3n2(Xr0n*>PY@AW+6zf&tHT`p6zyuH59;zyWe7
zPPqN-L7mJ~!Fu?47t&BMBrEmiv1a2&@*;YX7Crr+CtRB`<ix0viA1ePe2g)jKi$T~
zc)k~q(Md2q^X-LiB9AlM;G5p6!<uls)p3wo^HB{AU|_5D!qZ&wQHvXQ?2aY~x*L0L
zs9+tKRZDbxjkpI_$G&n6ZQ%Wc*&0E`$E^KivF{AcBplVn?j~~e6H(JgE{Kwcu`5&A
z54wr?mA2bY`Q-f7I^g&nWZ~!M)Av7sCC|6Up4(i=CK*V)?|+T&{!je>DSf~(afkQ$
z#GQ~IMZg^2p^E7aQB$v=d*|Cv>ce)b_93lWQMeD-bX=9&49a(rqw(Rr#x=m!x39YT
z9$tI`KChp3KTA|Txxp;y<kTB26vplF30Pa6o$qE=>Gxv8E-$mU@L{4lxDPA*8kNh<
z%b+2)XCS65D=M*K&?sFnr?sFV@D*cQM#aFVk3?>152d#<#|aH6i^*?yN?7o-veRkT
z(sr?>7yj)5=RVA!+Bsn<6|>Jiq_c{;n6|J$Xn;VIe0y^F+GGCD{tOWMJ4(~-^nVfe
zmceoL%)j86nVHAT_L$ijGc!ZX%uI32%*@ObGuv^@5Od57G21aS<@$Nv|GT>%Zq-)Z
z{jhaZBh@*hQ<9Ea-7R(h8h6A2qTkC<Rp%zK_7WD0=6BtyQ4Ol1qtmsLp00SCAEL`d
z6*&SzJxco(+d?vkxB!n$k!|!)M~qnWiqQ@1i{0+6QOXF3i%?u8u(q}HFHcJ|OgMQ@
z)x4l%oR*af4z5VWI?-qUzRnkY{(;@rnWIaLLjrcK<^FzsvpjlFU&Z~a!@>A6g-U>W
zf|oj@J-?LxAknf)<xaNABu69KM<yJN?`KYY8G`R;_O~2^NrRx_ZO;#ZJ}W^@(l}L>
zSA%T~WvX=d_?R-;<Pq2hX@C>I)HHJc7Wcs<Zp$xw`gTbYnsT~?4gG_KqzT<n;=NbN
zXa<m(O(FctslVlv@u>91Wi^iY0n1a9zAC5{PT*Si3*yDHsePeC6!+@t6RWJmsi~te
z*Z$^)F_Z(xR<x`E)R`fCWK8aG@t2t}feqUF^iPjpvzf$V_NoR9X<5~k3@+P#jII2B
z@f-Od4YqzS=;`d;_TtfGY-Z=BNE5gMT*UQOlkqeRqsLm{+>r^((MfxZwg;?`s5g3a
zQ)frg_ZV&IlNQpVdsrdyGiWH_2@ktgLo_>VJNl3wys{*n00f4orOF^i@k~Dx>PZ=p
zjN=Y(kH3LvGeKxSC`z?F26m+_-U~QTVtT>UEl}sRgwaoWDf`Nt>j3#>4r)_X=y#nL
zmfc*{Lp*x(>;*%^cLuM4FJ^L^bWXLWo7CtP#uvC%*0&ESV5U0@EQzK03NGd5!%d9?
zJJVC5yeb%>ed*Z4Tni($t@TO|y5hQ;N!&-!f4j>qEODJaFHT7U+t8ToXv@s78mhPi
z>4*`6nK9=fX@^7-ff<dY<AYxgIL*}1FJ$KgH1H+ZzZPY~>oHGBu+%ScK>wg;5S1Wd
zntNF`a6)YC?#NX53mBz)D;nX8txHUWQ?MYpfz#9orTX?HvQ?v-u)2oz`~^06`HlJs
zwWg9ttrhelMuem8&QHymU{kO#vCh3QI6?8pWhzg@ykd<(frelZw$>6z)E?Q<vbrC=
zC84RC5u(75*<)Ru!R1vV@jdOjacIcyM8Ez{edwEY%?xTuDP`(Q=`Ct0byvKGyyys$
z7KXXWKHG{xvSs|A7m^S4!ISWtZ=2GHe=vZ^x3<iVCkeOXOEep-@j+dJT^g6$XCooS
zaCBx#GmzqB6FswLo8;7aHMI0>W*f{Ik}IY}F^4Tz^te}LO0bB_oJq?Hl8XmKs{&5A
zcCNffvCa2Z*ZFL@d~!xa(Q6vIB^>iBHdZ+&6j*E4lG<4&+iE-|Pcrg(a;Iw@2fwys
z)=_t(Gu<rb@a0D>734O6ff#R)czrgm^6&3%=}7u?F-RkH?2v<`0br-FAmr$#NQpj_
z7V8pMva^8R7dW?1Jv@4ZUmd9JI5ZD<rZD7VN(h$gzm{3(Dd8L&fzgTcCYT@oKy(G5
z7OXefix{Xx-zpk9-Ucu|;p3^5H=diu)Bg|oZE}noZ!~R7-;udF#NAG&#9b|(O*RDa
zhY>o<F~n1c{cHl9tdhW^Q+rponw%13r!DaV&eVB}bab+D<Xx=~MN@xiyC37m{=AtD
zI*FNH-IMusSzJSD47rgTKvMXjw&5RMbj4orb9kngDaIq{G#wEIY7wlfpR8`f_@>@A
z$hwsOXE2UqetXk)T>g@uCrRhK;KPkG)(nQ&HKI<T?qa`M1F2uW{MPzT$ioB|mtm3h
zr)CmaUrsDr&YQjMwl7fo@^qr^UMz27#AG{9`<T)G_nl;-mB-dsRF~6n1R5#6`BvV2
zATpVBE1OC|9pKpnj+h04;2S0G7yEq;)b_*tL<Jl)#tL*ang5Q8)}=pURXW?Xww{Zv
zwqs<P=$vI=X#n|m$PR;vMs~S;n2d5?QF~p;dUIasLAzL{M86em7N%dN3RldiaMe(l
zZd`G3Gn0cao)9b~<$b3Wl|H{JP$LAE9b!xyDDFzIDk`pgPGI_4F*R~`GN86Qeq>%e
z%UzS`gylNLRyj5g1q5>KGomx&S~kNMYNN$t!fIsrMQRi+o$m_R!sJ`44m39jW1ij)
zoYa5QRw@{exBEI#Xa9(wvfHDdk6_q1cft|E`xRGT<i?T|)G{aasHiS>@4Uu<Rw1hm
zIivrGxf@f|L{fnCGlXX!1-<AkMN*~fle+jwsAT1`T;ngh|KUNoyQrh4(67)gU+3UF
zPJbKB!qIaD`9bon)6E{EyCg^D2gG?^AY0w0@O@2=3L|$|p15J&KJghKyiXChS7cB&
zyO$Dpc$0WStsB(quvqTfEv?!_)A7h+I<5QBt7{$Q(Wk(sW%r7VJ%{}#h;#gN(<Mkv
zzM;z4HGc<sttG?J5S_k^;ZKV7<9{3U#!}FD4jOP`fZ^1*`r(IXKx2`?De@bG4wp%=
zmRuiG{&sT*Y8<ydyf({bVePAGSkOG8==(Qz7y|Q~ka8YTKrFBIBi((OrPV{0yqLAa
z>3;ei|BuqYfJE#9>y$3UmQga#zRUh$`0uMW9VXgsJ0|O9#&ggQ;ahF}{O443h^*F7
z!hD?z!C$EZV3W%A36y%K=P%HZaoK%Yv>)3M&a!($bw3$Qldb(Lg3R3sgIF0Y$Z=jo
z!`n25J{jv5n%CNR;H`aIgGO$o#5Er4lNhaSZ;pEEM%VntO9nhmJB_&8q}(K&*T|Jx
zE@(V@%No}Pqk%bVa@9IZYr}v&C!2m`AxF~=Pv#$^di?rH>bFZ*D{h;$&HChuq9hZJ
z{aPiTWc73JLecLqUX$9WO$L}zS4=W9T`Z2&I4WegH1UOLC>-A*Z!Jct2p@<2)l4VD
zQOHs?a02jp^P94$5-{Yxz3TYti+}v-f0@Oz>W;mZi&xCd$B~RL88V+s&YWkRXW(u0
zN}H{m$A?i;n3P$%#ZLO0Ap2(51tF?8g!&)~3E-Rn>Dc)vZC8$NYR`;j$JjM||6mKA
z1IjCxE+Ws|O^rQA`z2|<;lGkdQUxdeKs-B1p!c=c>+z*-V+(DPh*XLA`c917sUQRe
zb->-oq8^O$2n<=Oz=~C2_H}equh^{LO+pvrwP=%FaUD(GqNL{iuv=B?Z=4C6_)t`Y
zEb_YIOd0V}62t$>8k_1F42X8ml+m3bddE%#x41H$c-IPF`WPHhd-BaH;@SXr(n-b1
zdcSsG(OKtQK!$rl`>Y!7eyO(scK3@uB^~i-jVvnk3aTC5j908T3_IhG=Bbx|0mW3`
zt4`0z4v?0r7AE^2zup*X2bGWJMbo!eSKq~#)PG2`<gWu&`)p=$?R$nAQd}(=XhppO
z1I7Q)y!KwLx*n|E;Iqu}1xmh{coL60UDIN@jac%m(F{X$UEK=IUjW^-lGkS#1+A-9
z{EkDoD!D#c=(b<maH)7()7GjSx4-8$@d}skZeJ(|a`=T*1$#wspY?~ZaAg`EF5xyY
zu&->7??rLA+Tp4s7Ko#d+MAWjn6nY4@5v_0Ols?X^(5d-2MejHaZ?MBe19hr^mkl7
zzWll)w7P9+Ify~`*%7AO!u1D+A#yZJKr0Pr15b)E-$4+AA;T^1Ac)cQvdzh@LKts=
zze>UQNrue?dtb@%*N3z<h?w@$`0@j4&4_k1#eLN!twANaP3otn1wXM$A?{LW#z}_H
zq&{e`MjTlJhKg>fnd+WXA|YXp(l%d}cw-*#8-rTwv}Cp5Z#Q12T^sU#Mjx#)ms=rQ
zS4<(A{~<B2g-&j#&-uAMFfcHsbGFB<V`Z}dHG*!iqx~XIkewsq&)8+XRlP0W#O~w8
z7>PdVh8JS;ea^m4$ja5eImmi~SZE39&xNJ2zp=6qnebe`6{bg2A%2|O25V?c9Ga;f
z!W@AIYIxgo_&G8^d33Fx{vs=SGTM;iS+%}Y1Z?@f_=Yj;=-M|u`z5`GYjS0wXa$O`
zZ4VCW%c-Dg*Bs^V<n+y4S{;#z#3-abRx>!pnCdcW0k+sXV4Jl`i<%<6(e$_QG>K0$
z?Nvp5ZHZk@+(GfEB=M9iw8aspIu>2y+I|%=UgaXy!92xO5sb{=i};{a<8Z6XL7@qB
zq+f|zN%_SJ&>R!O!uGiFInO8lOR_LHA}tILX#J6u2rY(7i&#-Lg!YE682KtL6#Wk0
zX9F1-IiZ+u;4*j{p%wQer18@q34@Y?;(>+t6>3^8Hps-rjp*zOYt;<~_3!HZ<pCq9
zy&AFPHbh9iCU!h%HMc5n@^A)cLvY(UQM+m=b3%#T>0mxI)}--!7`wNRGln1J3*ii5
zRc54zeVsQdf&rADe_Mi75g~VLAygc)ceL>Ou#?$JHJe(V!70(zFf~V)!L<iaHOkOe
zKoXW%Z8zCk`d#-nE}=YyI=bWy6PEoIk9HOt0$q19=@&I~cks-|$=Qltu5%N?$H^PZ
zf!OKBv)uhduvZds{rhf>{S&e#E6G9?i~t+A*ZWq($3{nAAUlzSZQm*Pvn-ly=B|#w
z8V7{v4U}#v_%5=sPwg0#b=mf-40>49WBLxYKp7p(1d=A7>1!7%A~m%9RrW`Qo7nO>
zdRk>Z7;y?RVi9H1vYA`UPgpss)o$GF#|hBj0P80ybB+_aHg^YllqaZ1nbh1w?}M|b
zXfN@Tsz|mT6t8|JnDa7}vMm2c_%k0jQB6G{#gH;3$~EoKc`wveV*JWL2*`q3wVHrL
zr)Lh(cguzoIDF2y|KeB*)&Vy^D`uT-=@h6qvCrIXK4l9+g#U6>uOUt4uYk&JdXof%
zEmA6lD&NHpGn;&ohwf&+tqjn}8?t;3Qm3;6_MpRm^d>jF88EZFZmIm);$M#H;4nHp
zk1hg@^M(?Y7H^pKQT$H|G-6Vg9G5ZSe>48)&IYB++A~YoRrPHMx(GT_3czeQI-Hz1
zpA#4a|8GKK`M|20cHR58y5@lu_gnoRmny|fmnLi;Gs91giIWbReFGlC@L$c?XT2C8
z6d)!cjt!BhG4l3!=1xf;IcKxm4C~Gq;yz#DwJ|LQjRtb_{%}mF`$>nd^WY0;SXdBs
z>GZW3`(y^)wYzWA{QUUi5h+YPX>wDOJ*r2_LLAa`Eb4er9{nt;B{8Y|M(F1V_)1Qy
zW?5fuk9O8$b_V;~%FM6>^u}+>hE5N2e7}gP4rNz22?1>mu5#+hN*Rs!XY%K8rSQGy
zPtBU+fz7fmooQK)#rWP??4feOLUAVETIy?FKa57yNyjEwHQ6GkvTITuP%c__a6=aS
zA@_J#K7+gkN!nqWbxP$_Sq`f?R76_Q)uKW0s)d>+JB-P-mC+jM<L>~{lgIS-n<%3Q
z=)BycM=Cb8a}?NV8m9xP85lE=;E30p>fQeJ4T8MmGZX4{G$%Q@K&O$_iK}&{0#6J(
zXY$*!QJ@XIk1X2v{N9e?FygA97A%Qhb(xKo+yIdyeEdf~TUg-DIkDYic!d7lTWGFF
zqLup8fUt^_GLs7A%I2m&;LD6VzU<k}gusg$wnWCdCzO+pn2AB!7_Q(bm|b4mOC+$f
zTbg8IN%PBS9j%b7Y4NuhGuFbic*F+`B3|PkNX&zD8%>}P7^vE!CHF@)$j*U;JK38s
zKV@Z>flob7Y@*frJs;sdq08V9rwa(*0z`{WG1djZ*f3-~i1b-($y*Pse*pxz@IBVh
zBoL}cp->_m6!jz%a~gqrzQROR3UsR*gEv7r<m}5{g&+?0AX4+YOr<43`U5oSzLVWd
z+97zT{`M78sJWewfUJ?01!yuUy@z*U2)0R81Ombd3<-VQ<C7QMeLu&Be$bVxlN62t
z#f<x{!xL@;-RG;~6sK#ZwvC_1R{)Fcn$IwIkG{~b42MQu`P#rLlT6AXcBC4wxrv?z
zpUg-RC6JFq0eYsLukxaHf6TXKG}iFmeu}JaG#XMuq)d$6*jdO*HwoYTm<?fiGqt4Z
zG{jJoMamJQ+ecqSM<fv8B{bK$%R58f&|Qi^seAuny$={3Ks4%|AG{;i%Q=3+bI3k`
zYhpv+U1XXfsElc0lVOgg+NQeNr^Kk_L7RB_D3QixY%367gEvCmEH;Fia&Xx!IDX11
z^Jy>Q2Cl?>Rbc`x3a$mDiYxHXaKsn~k{^@K@v4*E0jc>GgDuVQShaJa!{`|n5>=v-
zuS*|^nehnI<psk_XeQ#S_yl5pHmp3d--Dk5xLzQiUxguq(rlZH2cP@2fb*libL3-q
zv4Z0)TBVUl6#1D*ZE+HYea4#h82mMQV=t31D^^|K6DosMVciYT8A9(VI7iGX(>>ZG
zULjfqN_{cPzQ7E$7M}+v{!^Ng_{zwJQIeen&!Up8HPNNe<CV(&@)_yv0tW%X#lDbZ
z>7kz;K!A8FmgA4E2mkveaGo_fquPcRFw<I;5;Ew%p}vxVL|4af@=P`%-9j?nz=X?o
zQlWC9LI~G99iO_&>hmnujKcv<7OS9BV{CFduxUyS^!iG06GDh+Q}IciRi9n7`ay^?
zt9ZMwLVNFFtt(t!b-0W7b>sqbDu_oc%MVhI%bHnh_lFl|b@%Q$TYDqPI0v1?=b=a(
z);}r^b0`?j6`e;vYPz@ut)PAzYF`c+20vU<t5~gRCrEL+{#kx656Cnfe4U419cbtk
z(NAJwlz+F;0jiPwBG)ll&GP3L1ssGDI4?p=yLEobHFwn~7aqZX+c(c%7|(O@<v<w)
zJDJM^9<dIW1BU482VJoZbGD6Iz&)C9zQ>>K*pY^7(LQ&k@FV_N7(ev*y8TP#sw1_3
zwS8{i`Let_)KZF_7A_$^VXns$-n)TI{BbvP)idNW*1NZCDaAk1x+GgI;S)5P|A0_S
z&5`Iul`B+%hVhWjFub)K8LZR7-cJKps5MBp?MK=H6LW+9N&W-d8G@C-bo>WA!qN_C
zZkv6|sPF34y@Itmp*KQm>R9blJVb#%!{H<@m0|$2*oy;jDs%_O=Dqb08|H7-EuQkh
zn?y7%>-gf2`VA`9t;EyvgV18A>)pQe7ZtJ4P2&3#P(-Nce8i^J7`V|!V6{d3pFy=_
zxq%~n!Wj`P7k%D=bs9_vatp`9MAqK@)^e`FvFF)$9|Au3iTyhwvGQkb)Zj~{Tres!
zDkfi+;-*HGZegA#FRyM`C*;{eKb)NM2>5enhxgjg<|=I0(TNjiCljaSk^a0lNa7g|
zI}%aHr8S~?h=UPZB-g;)^FSY=_P!5cBkN8#A-4gY#4zaQQmJLhQ~X@fsA$CwzM8iW
z-qiRf6kLs)xjRJtVlS`rrP2}`1ol`tEr)8+njJy9-C~z@LOfFHeb2&1J({;8&!|2j
zICt0-o@<Dwpl{X}D^YOZg1~&UdYfEBP_?E9YVN~C91<EH9S9EmKg<H^$-UtJ!D`qY
zeix{Fm)_`^bx?XVjQenK3FH1iR|soNg#E>=dR^Cy4?)s}m?2n)bob$b!n>N6iecr8
z)!Wwm`blSD=Pv;6YQz6>_}#V=G5@fK1siAa3gFFJGr|m04_%vE>Me4swgD%k?|tyP
z3l|6_-TIuY75+*#;{F#fK-8#luwj8r%oCN``67}TP+Hh8tn5BnOyc;0u2ZvQUii9;
z8e`L9mqlasn@PLVJy62G@72@royqZc=R1e>G5!A^SISRw_DuOQHTr)GPg6faH&qUR
zAeWvWkEw{*bjpRIq5p?j)HdV`GD<$$|BbE#0T20suJaMX@WVmpf6#TD(Se{3!@Y(}
zaG&z*)z1F|T?hTcZ0`u2()+Vbt1hKMii#Y1gMC#S%f9HWz8I_!1qEX(Yxo^O1PmIB
zxLm=^nsOax8<?<fAwm5k45Y8^*DdJrveJHgboo?sLN>VSnhZ%r3qm)S+Z#j_EN}C2
zEkxb)6Ly2`p-mcA?Xu`at+D#r58YBU#54E@;9D$9W+-%@7Gbp9YIN9(;k;3U*Gwls
zikedTcB@rYHkKi$w#8_U{Oc9VXH!cBuK^WgJN#g0@N+Anm%<rey5HIMQ(m9TF>jS-
zNn5%oQG_0-Cp5COnmJ1Qr*gLpICD9HVi`|XRFe_LP^-BC(HHE~B-5xi_k>#{DKMWv
zm?$l{3q<m;?SZ)^8u5WGW^)!k`-)4Bb06QdnQ&HMRO7+mr#^U_78}sbZpFfaWy2X=
z|6?yA5tn?C+z28T%h`-X1RdV<Hhm8*+K0T4-!v!*d}0l!Oi&)EV0((G6a2G!Xovf;
zuE@$ZNOWjkSs$ik@Uw^R`zRgu#nUKRf|`|zk|;qlEQo??aD8;Ks~JD$dkp*(MA|O&
z6l@EMFUt6DRs^Mjg^vI!w=#Ezr?obJ0d0WIp2zZqSQd5)UM%=dCN~sK%2##Wpc(`w
z?Ds~xUgL1zk-q@jiN}Hfd6=A+m4-S<jme0(Mvwt>hbVrpZ9w52Q8f=7v2IW3PvneT
zeV!2nodI7!a<*9S3oerTSUKYpB{QzCND@S|j6njHb0AC<><m7vW0w0($aG?`+&fUE
zcBrXV(}K(0^;1V?DVgwKVOJF)`j{kLR#46(|HLefcLiS|rON4wEy0$M$w?YK7hzxf
z=y>D~+mA}4-qZqpXvEATIDI=3Nusbp=S;@Bw>^u8v*m!<_o6t-%O|n)_Cr-o^{qS$
zvc<z-a?c|hu6?hi0K9_E816755S&ERwQP|wIw_LRA-#a@aA6&s{%jCoIIWx;8}ptU
z3oi0Zogf5#X7$i=2fwkO@*kJ4xQ~OwC4)WKGe<YCKSbkTew_+g{1`C7o+(|}#*TRV
zEd+qz``XpTH*E+r3hn)v!tY^c{rdI|@bl={{0P^HhOEH4u3LJMqD;9vRTl@!2T@;1
z%|nUJ3hln%3l5&T7lMWJsi9i_a3BIVcm~Hl!GjL_r}edx^R^~7PgWqa&~T6>WemBs
z#}GvGLRedYN7swcj~reTSi-*AIP>201iNOar7ujG7%&9HMg<Ys-Z|XK+L=NexnBx{
zAPU+>h*6mcmV3ADI*c6?>`TB900vi9OTCMub-76R;Wf3s2}m1#!q3rCg+D%<*+0*Q
zB%+E_56((~n-yfo*uOCL=Op#n5D%Y-;ipZ0z?@TFyRpu0ekf6ajTx$6S03yCtAOEZ
zrbECU@M;Hc{i9()G1zguhOawrrt@j=e2aoG-?@q?EY^+zTS;14Uu<S*WBd{BiH6<F
zK@g=0ba;V*cTnop6=qy{_fL3<eVKiGrnAYf+%$(MhM;yQC^lPxHNZ|Gj$%meDTd<Y
zAcn5B`}r3@nTpCgG8Pbv+sTR3#h*dh?Wy%Gh9*NUaeS2dT|Sj)`Njce4;}!(eDXJs
z0RiRQYZ3gm=#n0T)v;U8n|$CasMHDS5XZ!;)@xOy#UJkk-luQ=ZS#IzDU=y`KnC$w
zJV;E)%qZ8fg3un1k0=B8=Ycw9Eh!>QNea8JQQhV^-=XogUw0axsR26!Xpb9|LBF$9
z=Of!;ZNag9(JKi-dUgxeh;ly0ssXd3pDEx%p$TCLmY0QqIDAb!chEdc4n(adv{2A<
zXg@{mNM<<_Eo3m7883zM51-K5x32%EJ)ArDWU4$txMY=mk_$$bCGkErb|wTKfdeyD
z^cjZ22v7v4M0=w~Ni8<A2h@e)4ugOc7R#*iWAu!$qRH~2^OlKSxjtfOXHAAtZ+5GR
zFA1}tL)de0%GY;JTm5GX!JUmhs92qN6D(@&Lh^C(LA)S7lOS{2e=5FGa9|*X!Jx@R
z&itx6?Ue~6TvKlR@@e{-%(*)%*c573WEsXSEr*IYhDR1<It#QZi8lx9R#~*pD5e^!
zJmZ`$7D!BNh!iMt^zvOpzS7@bfq>4K$3p}u9$NGPZoShNnky5yRg>UWVNfWhpZLHx
z`%@;wxL5MSIZsV1mk)Yx6ShPQBc3XY<{b)%HWd~XI<S3w_80JJ^y~07^AEv+UtK&4
z_a>_aeHFhGQ`9f{rX6tg)HJn74K2#Rse4tLjalJm5mX6_REVZ<xFNqpX^LwHYdS+3
z0h1m!$Ds#)V6i|9V>wB~gkzBB^$!Z(VPvsF-;7BHj`R?s85NQI_l4#8vAo_0axWOF
z8^BrBu(Fo`winbqlByTX*{p={&3|U>-r2X4hU4X~-1i#U%skV?S>{CRUHlcP+$@?`
zh~5l7V1jPrFWhYN?dcnwSny|Ht3S%6m6xcrG=T-2xXbwvemy;=RARW2xYRu(KYGcu
zUI<|#fcre3jpzmmo2WTtIzVQff|%5nF#yj;$@1x4?3^dp*;^Ze`FCVvSi&B}$lAVQ
z%i#G<04jWn!|tuKsL8%395+S4Ecaf3(|4l1t#8f(VF3oF7^X%Or1VPRl}2XqqYD;0
zn#Rwb#_bqsE-@<$G@n5smnNK#?Sn1>rM-jhNm0qO?J)*ww(n&SXd4lb5i~!y&n4q$
z`0uiUKM=5xRaD_L5R_h|&jZ$pkxhImKR%1ljNlAa1+?U137Z<jVTr#5QHD8<J<!*?
zjllx~atGR?)LlXju8A7W&g|T;_NSu6r`m($TV9xuLv#8`+=fAb<NSe$wtX|*jGBJn
z?~Wn8lsR7Z5ezpNPW~)Qc;c%D7%p2bc|soe7QOYV{77!{X{Li9>}?>ojhbN;e&4WD
z(Kq6+?na-y+6$PQOq|Z6WMP)w_t*fg)kQ$0?u!6t2j)rVIK&x?I{8^9-Lj-r26F|H
z@#vcOKpQQgW(XzGnCz^6qw+%ozy=hxAKAL&MoRC^?t>svDgF}Vd7dbj#W}3$TmdfD
zpRErf@Pw;Yl$}o^!Pzz#kz3=Rfr)|i@<6YsfcUL!%11hEdRo7$#jkyNq}Rb!t|kD>
znZNTk{I-cYx1oV2aYWA@*UX&|yS-=>^SPV6y0ktPKh6&KC6F4)6y5H{0PRJOZis4{
zS8LJ@kGqs^a^vw$@m?Ige=k`QvY`~Nm0U5bCry5IPXUiU$QkDqusa&t4cx!?&pV3Q
z{9^53E}MOk_U!<gmc4thc3L<?eZh%gTNQusWGqctvQiVaM2kb2qTdiGV-Jbi2Z9S{
zu1GeMLZB%ZP0c?pl(txERBa6+N7S5{Nz;0+z*-fx#b2x~NGOz7&C{KsAwTh4Hh}aw
zxX#O*yL|uccQ&tk8B1P6$+9c;9skVG>s?M9c&VZ&_|9WbXW|N|ocVA{3aJc#{W=&V
zdKJZ|Lz4x}`lgk|ffcJad9|X!5g`^OgNvfPY{eJ@tRRGd85#4i6X<jch!`$W-)0)+
zW1hAk#!_dq>*x8l?bpuw<DZGPerTicn|zgIW+c!J^aq|#i{*J}{P;@5Rb@5;wwVV^
z9vZw_*(JzeCyJ<n{kgAitu7Lg!iyp#q$Rdd&pTKFp<mQDdK?l;0*N_mcqhuicpX&9
z?FPqa7j}t&s^pT4+lwmoPv0IUo)Q{nj6ADW5Z{l+u!Jr*t)f8upL<tx@?KWnzf|uX
zQT9fO!O7w<zr1Cp7l9r*W(jqGp*89D4s+AR)ilP7>Hs_+)v<6ae#1=h5_)2hr=0OP
zQaAJvc)v?+c}>GPq}>Q3Qz~wpMO(C}@I@|Bl3E~PAIgwhh!N@~$k)Jd4IW+6&Hbhz
zM({MOT=kOKcvu-4`*~v^&-h}_%%3G1mi(vDHC4S4Gye{q;g5_=J$R8%5bavG6;CAO
z%_h=D6$_@d_zuvy`rYrML}Z0~N?ldQNEW+iq{}WI?qVZ*;=wtERVb(eFl7kPTzIda
z+BY3Y&1q}G{PNT$WU<<frXxPp`ESB^Yu=^Z!sv}mIq(_#pV>iM4cyJE!o2untLwq=
zweQ0i*0mJ~4gLin18cya$qU5zSezq8zVp|U1D84OO^g%*raDSyIwj`B3qj8gDORHp
z<USJVgQg*%-gMy7wT}_y6L*K`S6~XIyU{pUX_ah)Yc3Wrc<-N&xUXg1xa*<k54hj)
zDOE6J#+d6$uYKT%EbLi9C7bE;lUjGARhcK(TYL+8;QrniL73_<gV~?~(QiLjt!V^r
zc;2_MkUk>9YVXOlDvCfPR|CdiAmCDHDe^CaFC+?4B@RJD-e=fBaePZK`PtWnzBYgB
zmem}BZsUwC*#!*XpBV8-7|<>tpqTIY#U3shhq6*>t2Ts<?!u(LF#UdlJR1*vNp+59
z`E(_L33XsE0Non`<rIQ;iXmixRi7v(yKh*GZ-UpYNmDZ}=n_1xZfo=xkhV)6Yaw0`
zbT^|CB3>UZgc3#frI|vN5x^c^Eh-aWybGf*YYxQhT^4Zp!D6`XNYlliV0Z07iZ35_
zV1*~vy<V}+s0!K4Bo2*!5`A&S@AxV<y#)Sj!H=eD_6@uQ!ljm!<gbIGDvB*6>xKVZ
z8J<Xj&?5d4B!F93k?FBG(EvFn%P$g5K`PwO%E#OK#;pAv3N>UMYA*B&F2O?5=QCU?
zq)6gsE-uBUhyc60FzSAx&%%dT($D^@vx6`y+HXzKc_9!Cgt3xSBa%`05{2v0u4omA
ze9})(q#5i~+{qCmVgk$kDPmW0o32iaiCGP)qYo6EspB!VSsS1Tf&JkfVNA4&EZ<Ix
zf6y{XQ3QUAwfm#w!txX`Rd2SH_&_w)({Ds1xCsxy-~W<88g6v2KVII)hn5!b!Tv5A
zf7T=1Ph7Q_8J6W#Ukm^CJ}nl&P!=4dy)fMtfgIkR((edRhdC`!`}B2)kQV9(`2^i}
z{5L(sWk|P7P2ZeVpR)*-$eWl8!#P?yDL>Huz7S{IA80iCKkkNOljYr0aYh8y#rf`P
zH-W%c7A!j0q3%WqsT2-m7UZMx3=o1INhPF9k@mP=dg0(FH8Q%|J#UAAA`Do96Ihvx
zZa3QRJ8He_MBk7hYCpKd;bQrh&4=$7www3gFa9n0Y)&8fp`G)bPb7CeBDy5Doc`Gc
zyd41WjBp;$u(_l3Bmhhkggpo}iQ+`ULyOCz+bv9#b>V3jk{91UKEb7!RHCMW5x|`-
zfm)bTCQXvbIK+2UTm7eMjdLUtIt1)(SVSV*B~?NhCq%fctFG!;6p|i!DnVXDCAyt7
z0w7t(wkep`1bNkpm+#F1xhX1{PO4mA9vi)v4cAT-XREKifutWEKAQOA9lnClT;BbB
zK!s+M94rIq-oHvRA|(%40|&8yv_I@0E!(y~*2oJu>oXX%K1W8L@m3ve5gh(s!5>DE
zFWk}&3uxo@7MTp84N~ySK*#JoAt3%^kBrId+Gv>A&ax;Ms|Ov^@F6^`Q=@wS3%Pv?
zw*%UfD!NK&$CG(3l{?H19Bb3-qcBe2dql<jC}gZCh1z)=J_k8L;h#^3%~Vj{xFM#d
z{h(O!=TiEFn`LHRH=;xw?~>2$NdUS*qIg|E1Tg@q{)oIt2XBc|)c10rur0j8!_|t7
zK_I>ua>iSI{mr(ahJzLsaTGx{8W@niQ_csLCuCu$T4N_2MdD2Pd9tkRy!D}O!95T?
zSWdmCO8U#5>KpWu!fj`wG$LV@PzE`OYM7h%AG^u8zL!pn5yQ+W#|`I7u4jFbjVPAU
z1qs!$@T!i3qG;Um!dWhZl*F|-T~@5A7wK5+?RtPE6aav0X0hh@Qy{>D`zU1!NiXw#
zniPV^f92iR5N<7Sbs2wHjL?gP;!Dbv%p+^l+NHnq5Bo55>>>+Df0F2V5Mr1ZlF5US
z=p6I_yfHE*?zZCZWrA^C_{~SyhhDm=6^`%_)$nU{_<nrxfn`%v#S5!1BTcUlz95H@
zHFR6(=crsxy3;>`c7Sf@89!d<_bFrsB@G+ez_f24{-`h$mN`o8kXH&@MW{1U7s?`H
zt?P*muubb}$eb*eZ6Qtp$%MkNB*lotDh<kgV@P(ApbTMz#4h!*XtyT>bvYYeC#$dl
z#R;*|TZo3FltRQkb(on@;UKBcx)mGv>#;L-BbF<F9zR%))e=8hl1YCDPo+ivp~DWH
z^XhAF`FQk7h;*Z&;O~SH!SfJ~#2)5#PPhnHqu!?w4Iyzo>804r?1>-tGeN)OZiyyf
z{V8{1J0Dsn<Q=%PEzA=Z_P5C^(S#g%%2cz9QBUlynlOtFV(vihk4o*(I6{xGyNES*
zH=Ur!1zbDz4Q0KNYubMXMwn$cysDor|BjK)2i!+K85-kr2?~k*O*`c21Mc@gj_?6D
z`~_&^61WD_CMaG=!+Ipb=a)mFhEa3`<nP<Lp!OF~x%Zmn7xJ(O6_P?FT|RO0{!W_6
z%nH!C|MCyjCzcSTq~8-{kxxT?Nx8!&SHP%YaR^LzX4HvFtKRlXRt-Rg+O^I}Kxdkm
zgw?ula{9%plK@*y6wwTDcH$GtDIObz0tRn}@H%lyrA~&bZn%ncLa?vKwk}}P+Jzv;
z86(0&D8|YbJIUhS?RBaz_4SuR@74L4YGWd|P%>c}AftFbkH?Zu-)vms2o1$+)uY)f
z78)tjP1+mwnDUzg+mWJT)=zZyhM<OYYV6rMx`I40#IY7t)Lv+>p=?(%8ZSU4ntk?!
zJnjmr(4@{fcC)Zd={yiSeXG)Qv`*+e^xlbi)|k3AuAE=iTCI`T?T*wu-d-`O#V;ut
zvkGuJJ6jVWB!GkP$^v9iCt>}fK5YLPmptAs#|;5U>=Zc4z#x|j4S$~mDCBfDONC)O
zMMY<HB{0_NKnx{y#{NcMo4!;*6XV+?_T@H)s~Yxae(DNA2=04dTil=qdCUkKg%cW^
zV7w;O3Hv*hobNVF872Jbs3KOV<THX{Nz8KQgpSWr2>^D$46{38lg}mjjagtCdgxYe
z6kMhOYA71M=K*-y^6C7Ms{Yd(soF9V7c2xcfFLBY%-~CqkzNv~M<jK$2(+Oqn{3tN
z?9vPvYdlRuTcj!3`pDVJ>R=5JbxgsnLRHX^sZd8n0|Ax_lqs!=1<Rx$Ezqw{>2sh@
z5QxTu()QJxE{?=eDc=)CvCtuDsMdj#nI06?sAFwx&N}HZ%096T+r(uRA7MKy|FZ&3
zDk<a9qg7?W6t^CY;GuDB2NbQ%*z>$duW?{*CKvmJ7cJm9fskL^setS=K6;X3MU|_&
zllp=C7#P1kc1vIp&RYU|`JAp=Renb$Eb}Q!oQf#<**74(pe6pnXwOPnhG$9k2J({f
z`xK}Qt)?tTd@SQYkH{mICiKi0gL%H26j;GO|4f{#0yQkE*(ei~l+uuEOe-oYIGBD(
zscbN$)nn;qg-S)ncl5sE++3<1mV2vVL)snT3L1D2(LzX%!NOPc>2-`r(evu<VVvDw
zR&~sDMvOaS$gJrI^r>>64#GXK4_n3`T`Bdjg08805lGZ;@O$mnvpHC!Q_Viivjz2W
zJ@=9Z4o7m3svW}9j(r~*RT`{NU~gO^D&G9?21+TBP;elL{_?E+7gT6>=K)DjyrexT
zL>LpA6N!Vkn{yfEY(_tS&p&Hmw`+MuR+u)De``s^W8UbsG2ceOm{3jN)EPvQh0Gb8
zKs_WOYwO~*D~1mptm2fX73vA;^nX@h4?E>b!bzHVS$Mwhhb`Cs)okH82Hw}%NEiTm
z_B+Zn;qtU$%YxcWsIg4E3TPD3o>FXbaIiog_AshayhRGEq{?6jYe|`@;v~`Hd{YSK
zYqykl*+1J)+m9bk{oLEf39a4225+GcS_4VWyvUF>S=+k+P+ntDu~~m)gL;k{p+lHh
z1~yVR>~qRA;lsgjU$I^WWWRXa#H5#QNE<Z6c@hO`Gf@!7GTE(iWUc8;2O-{n*_fAr
zl5^whn&=dzR^v3pHf_R`VR6(@mN9N3u8fJ>piKlY9Mn+hQvnTCRS7oFJ27NBKn5b0
ze%q=6?Du8jIdR)q3BBR4ai|=otgH4z+M`T#gAZ|DLLWuOKNK@z+K|umBTZwG$a2cq
zs@Wpx;673SBqxnInI{>|JoU_OP{<x+AU<7A4^s0z0!9~tEGPcYOZKOo->9%B+kA~!
zdU`2wf-<4oK)0fxM=8)HJT`LJ5yG3?k~+gc6Iwvve-?}LiTRpi<IxZrKEfl<g){U$
zb((SQx3*z8?E|t}_XgOL#Z)c{Mnh)E-fYa!KGU;_9*FA^;};HB+A+u+q2abJ!a=UQ
z1`cfkOn3Z?(mf|2dbL7M8i0MPeul@|!O59aqLWE7tLx%J*7ViCbJgt%Ly*#J|K&vI
zL8uhspop;!(WpRNBZ;jB=FXt%gg}ow!qV=Rl9|Nnoc#4<scgg_L{Ccp1;Z)Mad`;=
zCnRSId_*3wO)&bHel!yYJd+{=B0|MYT*=`zkf5n!6wL^UdS1NcZ3Vx??y12zOzg4D
zbZv20NRM(Yu7en`sSR>;tzC29YVhx0+QrBVg_|a1A$JuUK7yiR<Ton^9H!4kqf>0P
z9CZ5KP!b~&Bbh&B(o}rf75!AzJ6R6rQIN;X_f_OA2t$YRkZC5wr!NrP_dXkV$Uyd$
zw*l%8F3veR!FKl_l7#Q;a5s@)ov-};#;9S)dH?W;fj@aEnCRqjHG-K+S#z5E7|MBD
z+`w@qxLX$=Vk(nloaiyu<T=5?Y;w8@gP`{*F;M898Y>U}o){Ed*9FpE{)!cib##Vd
z;;5K^raEWAi{uF@J`RHV3v0B<xb}4S1c>CKSbM_YT<mGEU<CH2nOp2On&BQE!~dVQ
zNxdlI<xE+uw}5&*{zL9J!+Ml2<yN5EcAluLbm6Gn7bt|la5s8SBV1EuE`<hs?|T3P
zM$YE|`eZ>tWeKA>lvC8#QG$Q=47NyMXAg^)zu5S#j+()Qc&|6}G#-<r-im(4mvfL0
zQNMWssFG7w409_TgyHkNHDGMQwJt+s-UQki3#%aYbgq*R`NpvYr8ykFxCg=qAfX9B
z5kNl8K^VZ_w{+kFvICmV?q5GPji@%pCi=WR_$5`nS}Ft6-M-NfnYCzf86gL=g^opL
zYz@wv>F?-kHwn`yfHiJ7^=4zv=D1;I^TvC+t@-g0X1^lZ1_Jf^QI5hDE!7wan%|<t
zks~cIgUU3G%GPE!wTL)y@Sr0sOLlcbu8`AICOlvU*xhh0KwF2}gI0x?iXIfA(f{@r
z_DKt#ZN>vVryPucOUDLqa^%dF7=9kfH7aq(rF6F7J~XS*0}BiwEs2F<+L~ls#cRzB
z*M$HNr?$14?>M|8*ln4WA(3cOh+PnJB6?w^|6s==JUh#`%IOL2cs#QwGw%72E?c{X
zEn8cg**R5MsEbg;7E$#IlKD%L!a`FM2Z$$p{dZO$PK6*#)gPFs>7v0V#^7SjfayqG
z8OU5R&2_|*A-M+8GPR<~)Z#J#muK!a_RUhy!OsM#8lCizK#{LJ(|7>b(6aPQlcFd-
zcC@4%T`+|i)LT*()d(b1=Eq4gZx7;jqNAxZRLqCh8ASzP1*flA8HVo|H_X~rPdw`3
z@e_ts{LiM3?V270zP|vD_GwEHMgeqCj4_LuET)cKicX@igel4qmSLT&R`Nv5VVPG@
zW&~lOV?^3QAf{Cl<)=-$OznaKx_ndFeZRe|+}{v=wH6{=)=NkD68*0%&@5u6CUA}p
zwgm9?W(DOOUtCs+F}$!up^?Idz)9rC`J>s7$e&KNvGw5oBkj5!*(=;<)f1%wi1e5N
z!l;SB+DwPC3W_ktlppK>k|Z(e_mw|(0Iwd@dP)E?%A!kmP6m%Bhx!q761@s$?{mG%
z{<8M_CHC#dGgp#f$&Iy)q7QTliBGn$u-Grqx`w>9bx%Bn1CTO*0S?al^nU>?sySN+
zn?nRde@aiuaJVs0&Bgu#{E7P!V`Ttk82<``N8(+-r8mh>K`1=h{Zs*IBm@K2sy9ay
zae9nqQ)C-OB3%`mGSY3TQYtO)HQJVkLY1lRRKbnb#@}Mw`u$pL-Kmd+@ova*ihu&t
zse!nZwnks))1NUKi7R+i;fh1E_nAGyn3L!X!rLq-gY5VPeKYX3A;M1i#C%bSx`Lsi
zC61KA<TRsQm|-0sYdmU-CET0PMbFE{_lv6lX}IWzt*`$kUq^pEqJ9mcZ_5{NA2;rk
zB3#!QF<!#mAGUl;A_*ozxK34RXn6nB{3kv7<5-#8ux<Zac@apsbd@?9q6b^e@g|Bt
zC%v<cV-q7}4}<bKh>-5Up#Xs@N5tFRs9c2-nsl;44nLKhiud$ju6|Vi9omGg5oiT&
zrzy|%l@mlWy2NUgd)E!Xk`)SS^+p*56f~_3B3Rf){|wr<GvZ~LzJxZLQAO!3<H8(J
zrZYm2K(&F}(*bZ)Kxe1k2|Im)k_x1@wtFn_P0lkK51njC#=M>2gr@re4KdY_ttTQf
z5x<s;7#vO%;B3!2JB+WHNm8?b=?Ve+t8uGk>th!AmFDnv@cJ~91VCd_gAb*)<>4_5
z(vA__)~=%lW0mKzK=v2p?2tsp3}hy3D87$X5aRgw*2rSm^D1h;j9O|IR5Tjx)Vksj
zL>p4KrDCb;8X?UkDUKfaeY2b$N<RfG{rPEJP{j^5s?kDvJ!8$?371JuzyM9ka;gP`
z>AH{8Z@a>P<G$l;kjAubk>u3Hw^bC{Zr0wryVLhUHE}`7=_?1OYV|)06+?Uixtzd3
zCf2OcF;M}S0k$CSx9_y`Kp-LN&~i#gfk;J1)}LD5zW|Cg)mP*X7$n2!ggYAX^b0da
zz?m4HVx%4F0<Z+!Siw`j&5aKFH3MYNC}?&=f0cFpKD&6biHEykg!==7<;MAl5(Ig=
zjc8I%7c$a|odV!Yv-#kcYVADT6@bhu?Go3)F&^025cs{?%b+ie@l)-Llq4W+&h{0U
z7(e$!?2xv~s{jZ{er~`gK*nT20tJeYS>W!uGHmQS7;Ud1)~Q7UcIuR8c5jjpnaZ(Z
zz%DZQ6hHeb+OIR_0U{$MD#{2)w_h0bKz%fn=+O&s5O}j^LAq~@q3v}oRy>EV*72b+
z-<+ude?twKL6R#SeGRY<Q)4MAWdx3LQo0mxw4&fOa?Jf@{!D`!1hPR<0!bDJ*qD;g
zI}l(5xNhT)7DVFwTmbznH)~k+HfRYc<&>J4iv>euOxtj&I=RRzQCthm7zq$M!mnVO
zP5p38vgRQ6K!W{YVV}Y(N+PsqoCYmYWj|SCg>FbUtCxk2?@h<b6^4`*79#B(Zd8AJ
z1&0#zM#w|fyDHB{nURRI2M>=gYlee6zU6`2Qwuyt6{~`YdQO0V4t0slA%sWB9?IfI
zUPQj<U<Z-j7t@Sd?wv8I&5zxdfl;Z7|8$5MfrC-1q&5Enz>L$#{*r1`F{Ic1BRGil
zqscUQq}>oaeE0N588d%?$aEMBwn+$q5zrm>a7N(N6_qp4L=ef)1Q76sW-u{`CJ8xP
z@r}LG2_eSIi&Ppu3o{3fe5Ew1Gxm1g221Vd%t+x|&{@J?fM)MwvvQ~}VMTQd#o7D`
z{B}N*XN%!}p=T(Gb0A+*$r^tG{&lc91uQU!&>8^UMbMb|=}%I)7h7X)WD*83GW3K?
z)&|EP9?+G6{=lw<|5JPKU%=;Ct@nUWx&7zp^rPh{PG4Nj_8~`B{p<>>CYW7SZ~Nw#
zWcC}%3)O^Y<7^qx;UM`2HA0;iuAO<G`=U8Cria?U>W>4xOY{RI{2qGk>-{Ck0F0e<
zw&k@v9t0x3ytUr|+miUy5j0bmAi(9cW^iOSgbyN*az@L|&jWw9!(p$JLbN6dGiPKH
z@htb(UQ|kH`|e@`Gt2G}Tf0&iODvuX++HX^faJkC0wTr?&2{)@*6&}G#J}Udht0@-
zrb#+z#kzpn)wP){kx^EKgr6g=#yt{YXfY;A&rHEaPy9t>knpG1eH9^<yW8tch;294
za)xdkgNA&#7YgpvsxE$Ptw{L6C$O2Mw}%;Qcjx&drUuXQ!k-6S(@Mfw@Cufk&bp{Q
z6M$XbZkeicu1O2W1XIkZ4RYS<i6Le*nOkoiClIPc-X}qpCoplf@64vytnfAJ`i20V
zs^>G?MM6ZHTI>v-p6vEd`KyVF!bJi}^Pi53f{6;b0<4YI7F9=rJ=k%J$m`#%zDE(j
zTImFM;DuB+c{6FkdV?LlAIv!~FVQ+J@bK{WmF=48pHT+@y0fs7*JkN@n~Y8opD$@j
z&TKNie$&T2Xu(7cV|x3hTai~si1#_xFb2&(JA0ASp+KE*!e@CIXk*#_5rKJ;g{DIj
zL3j7kItPZ11Q6oFz{EGL8f(LT+HhtoAHoIs>*{#P6jd126O74gDXX)cK^`O#6O1>x
zcy*{#rhY9z`1E*L4>PClp|6(xV9v#%yE7xUgRFC89<=?tuiFobSC8*ng)k>;0H5ek
z^9x}My2qD@WiAFd3i~%Y!3;eBiiPwYjgdsIzD8uYkW2=flopqy&Br5o`UKQOy6C2P
z$w0p44^S1gk5}k_yu#!Xp<ib@A)@$l97bX!P)Dt$mIPWDe}wOchuZ${{@#3hww153
zeouNfa8k`r`*{dKq(^L*2X4^CMdT#+b;3XVhFiktloyE$>BT?^iY`o;G>kNPyWCN<
zgNd?>Bgdxr-~R&EFI>OI+;e$iEx<r6KzzH$ikoeP^1qpXdwICn`r-F~ntiv?cSIrQ
z)W7nS{0n$grwLPH2`Gii6LSXx1;kDlT7PjgqBoIId|kpghY9<|chT|Z!#iOhUj?D!
zk-a;FHoSXpDQoXcZT+B-mpi^f{KF`py+_t(e@4pEgm3<eAbB9^pICf|;xsWdJygxK
z&8%Pule9F%J#mL^DWmH!JwY>aFy48PPp+&qcsC4`EFjDusEn6a|3?;lX=%=;6SW56
zf1#WuW^3QNX5V_K==Q%$o+XDqivO=a|J%BLaDM^+T;)zbo=c!U@HZm<KNwbi7-Yh=
z$(wn6`LN^T!1w^)13<w-!$5yn^8IVa2MGlYfWd&p#KOU4!zQNyp#!<V%IqARB9z=l
z#sSX%qVPdNK)`=AXSy~?^nmZ{G`kyWJa!npKaa+#gbSa8J!dNQl<dH{d7UQlB7%cG
z(n7j$#?tG-jDP*~`Qp17@6?ZF7C)C7_rnfi+}13H8B6Nj2lnOD<w>Kk#aSr>;%5i6
zL#iY_OoH+U2;j*-rRF*R1K!H3LLHexmYzJr{k>*t+QoTdw5uqT@|v0SFTY&=0$8aF
z$v^GcpnkGb=J%OI@N9--<tJGvB!3$&1im$Zk54W!FN|jReKbSD9|%K&?}rWC?z}$!
zMiV$U(@gySTRFvV1x7~giO@V&<a@YVq~`{e3<3mol!bXb3a8b9Ag;O?C1uShmBQU_
zh7+x7;iYf)PdV(N5K(RUbr@?+ZU(O_hiYiIRGzuRKL^@ji5Y&9m9RzDkt(Gc>xz^c
z7D=BNn*c@L^FOIXOAli{q5!f}VkvSWCPuqR@~BvgIt55s7fSyHq;lh1`!LfoDT8B)
zN~)=F9wHLg4(C+L@L^nvuQ}(xNh~2(Qk;)g60+<vfhZjdqhS3g@e4e*d>y1Z2Kq;^
z{fk{Fg4ipujcRO>;n$9gYbSd=)mxvecGDGs5Rxaadq)V+X(l7r^v*k>CL$T$KHa|A
z%Y1=zzuMOQejB>Jn1ZhFkggrQb9#@D_0HhF)pZC5W_Wu?UpxB58A;zV-$N}f?Jdnt
zz}>Ts)m0q8DTy9@e1olod?^sV-Zj)I&vLxz0W_M9z=YoQY|%Ko_=}htQ#qH%`1grU
z!o?<D<Boi-awYy$dOy2+-sw--h8uOSqt3bh4WD24oLeF_p;sBw7?gCazfbgZw>9zF
z_BG?|SLaV%zq|Z7^=^)2{^7z$RmZL!wo!Q_&}h(bPm}~dSiWJF2-);Dq<gntLzP&m
zZd!4fayti^s=>cgId5E`>yB-un<~j4kD%0wn<~MdR<05jpjJ^VYOO)5vO}L(_J7?}
zuPBx$)If4HnlF>g_^5WGn=5(7psrHLS%tgVS1BI^YCd80C|Bu{?xxRTbr|eWS+1Z^
za&ovpdA+x5v}+7ne2D@^?Z*jt=h1O6sWdkYYx!A+8gY74>1fhrNycg!2%r4GmhBfI
z?jOLPs3PQEa;HlBOoE)m(b#*z?iWWXC`ZL6GpttE!01ftDLlV*!u9=Z>5<QJ{g=^#
zrz8_BR|Z1{=`JVK>*BbHdyW)icUY74Zb~N;hwQ}X(gti%s$5M-IF^ye{e0O9bSgOn
z3|btsg#Ouxv&byO2(#eO0gC@s-d9J(@pNh95D39ZfDjylyE_a{7$mp_9o(JZ4nYQY
z4>E(h69@!%ch}(V`6j>jJ-hq;zklr6ote}1^nI$ks&4n`slIjVmZ-4<;c#TfOyu-i
z<J>HtuGTi*%fo4FGZ*Tx6Z($??x8|2hN59PePcV9_kZ9XX>SP{p9`3N!D~HMGEFg1
zcRJJpiP0u(b;VmSqof+EY?rAd8f^2X6?nb`Gi|QalN9vmtgd!7I))zT@{Au6j}%{0
zuJrzuVzvj_ZDFD>G-RcZ6bpduHlxRxbTHd6q48d9piT|xQ0ZFB(L&uO6o0L{@;2g`
zMq+|`TcIFM!4&(!Uq;&CGFzsrqcJVX6SEqP%JeSo^1S%Eg{Nh#k?cOAy-VxI`af`K
zZ#XM&7&|k+NlY=!FKSt8W>*I-52=>jm*MCwzWXheGXnDmXU!9C>+^Xd`kR>SI9og1
zQs`ehIBOE#o-q&a-H-D~ujm?6PxF4v8PZvrfr~OEyxmUo`qE&;i_!Z+D_$+qNt0Ae
zSxvuj4ZyPzjS=Le;pXJEQ$Q&O)k|PSPMHilarEr!N|)Sct1eT&arN>2C;sqhWMg;n
zzY=OcE{1&<-}il08YV5@X;h#{;82MA^!^%1EC%tTnari*HWxe<W*gcYUM+^=c>L(m
z%6SU}>0(b=O=3QE@%+C6SZA5q$~`f}vB1BCO9I?H(^<}j%O#M9z9j>%Y!O0b(zfy|
znA*Zs0`dYh(-2gOxR|qjs0Qz>Z7enVKDT<Bbo#Ee-u9(@bw6Ed1fTA*7vIJ_Ke}BA
zpYJ@wMAhi)P(MGAxLC;AdasH?OTQTsWm<fH$nt!s?7*z$q9opspc)~i@iO*&q=c$W
z+~5e_yL|BK7l>I>S*~2u1eN@E&__0!bXnsbn<r2p(AeqMP|Ce^iF|cHgmzRP0xPxx
zjSYRgAm%$<j$YDlTDX8{j#|!ncDbHpS?o>W0b_>nciLZ&LyQaC%5i4)I4LwW6GAt+
zWAvw!wGsR02z2*+PVkT(1zsyE<-AfJ!2lpGEb|4+fAfHD@-1t-gF*^%gq&!^b=W4u
zL-{ylYvNaFEwtIF+>*2vaZ4jiTrBB6f$*Af3arlI#(TTX;~ojatz%?{w316gswo9I
z<ggVGBiKSf;dY&`wjE5(YNpN|HZ`Zv<GXMRRSLt$82gB1<>lT32@g5Dgff1N)+*%x
z8e#`C(V=KW|6~}QMY?#}4nfX%d=&UZtYPlZzvcNFOtIo4jo7mXU<&8{M-T_KYskfv
zZ&PxSwivhCND943qrhyEgR@fKbk67el~YDw)Yc{|X@{#W&QwYA66!H^9asi$Kuy!g
zCSS5@=CL-y#IjRtn9dKCG2nKjrnW-5PHTiuMj{!m)pUf^UB~S&%gW9ncnvQ>%mPp@
znP!%)%7sk@%X`8wgh7Ik$sa))xIebkIcL>cmSw#+KxKPUmeAap;3~dVHDNQ`Nz-6V
z`7!O$$SF-A4~IAt0ITs2+|DB5MT9DeAMf+igcNhyWE(HTSkg*-bgc8xmQq>s_q!5F
ztF~s>0eaxh#r@X~!`F>0)me*H^$XhX3sWy1o3_0!%ENCWS2CPu1MQtztGV9~l3;@_
zN32D%`F);}Eq{aRgNZV4Sj?veOqLgh2)_(xqnRaJt8r(Ld3e7E<&0FG%>AqTQ1Kk9
ze!b|?dMzk&B7PkdFz<6@S2Y~pFs?Ubub}UA>dcznE;LF)c=?-~Wly!8)sL>3P&1>~
z_?M-X&=`06w8*Y_>dc^>+!iQtsh%d`7Dpp}@NIOdu0eNnJ~w4n%~BJW?Z;_mMn$2;
zta<?~M2lz#`X%O;PmJ>181hq?3Th3-;_EgC707}%F3j?i(Grt&KUFQ4)N;>w9O{m%
z$LnDk5t53C6O`s{Q3L8w2(ual2)|p(BrsCp`z6uOgOU8F8c1A-dHi98{5{3u4ZbZ-
z>6zPYql3jFqH<k%quX~|Z*-pU={rI1zqNrc(a~6Hg_YZ{QYYPnf1JG1RbVNdXQ^Yf
zJAGU_?m+_hqSl}*VX316%b03q@V(?()KWYmVrmOEKyyz0aV7xCO2m-WZUWP>|K6J2
zD_rT7I&l@lPftlI>(-v&EckeA7n%ZPqUvpwLJqbWNvivz3&LeMC@w)ZUmXXb*i!NQ
z^hcO~o*xK+^}26^D%{u-ct4W*x|Tuu5HLCLidq|kS(1kdm0cRj@$r-F=lD9CiGIde
zV?xaYU!ExUC~Qp5K5|TI?^-#oXbQB-_o|K?+Q4cfMYk;A5FA3Cm(eV(zByWcS%t~;
zf&pV8(2PQEmLs40BULrD=K?MM-OiTvdzOqE&MqcvqN+<kwgmal80xJ2ncdpg{tR;R
za{8|<W-|6%SxLwr1>l42`rbg9%z1D`aj3!hp3>Wu@E|vtkV1d4*EahlCpFcAfjlwX
zF>er37qt4Qpw!)jG<+TJ{jmiUXrV!GVk+@f&M0xPjE5YV1;5S&=!BEt_B7yAy$h0_
z=&yz+2hR}lfJh?Ew+N-3OW1y?s3<b@6ErcXOc(00w*b%)pzjFM=F!FlT2iqOg_CW2
zK#%e_Cgt$bx-<RP^>+aiUtRUt8aL=<tjFQ^VX~Q#yC93AYki^QC+huUFF0WguV#I{
zwQwH))iRVkdkJ89rI@H#yH>PrUvGOZFBBe9zOU4J>;?aTeAr{PD#CosX0L&$u6sr{
z$4Q+~2Y!NuM9P!>0Xsmp6UP?ApaP|&F_&s~ZUYr?KI1YSbxt^ue(k_5)vgz-YZy$5
z*QY*(;Y;b_)~<&ov05QrVc$(61<QD$dzMg8zYllCe7J43`y^hc=2b-;()miHp&jn|
z15a%pu1`<Zn06rW1Wr4!ta?btyi&B2SWXD~8uq+O-M*!a^j39%J|BI;Rf^@AT&T42
z>JlDq(6ZXC0*Z_ey}rL%X7!^?CceLROW{o>(VmGgy5%wVU^M4oR5}|mhb?4z;`!9F
zdThTd`R(^};NHBMsD5$O+UMGnZBb28pSP$n*>sk8ERj~LZ<mKOGSkXld0S}YgQn0s
zUH}X{-g>&Dgqfbx2MWsziFvdp<h5TkbXA!}+s!@ESWjw&VoVd(kikKDG!f>v1lc^R
zv47xXj$SmAcAK3?+>0ChNQG<f4vusBfHp4z-k|fTCDEAdg(sJrv913rq(!O9;E5FG
zdz+j|Q<zuovHi5s-Cz8~&(H}y6V$za=SxC&l_rWv&uAd62T6L`qSrl+H>~z!0oUSW
zA6+VRVN$aLKw!?1oOB~3Z^=h42k#eDYu^H_pQbMfbnE6XT&V+AAa@Qa{7b9qZEub=
zR|T$`Q6P=##V3&=SU+NS=A#n{P6jJeD}TZO`{^BN`NKC+%!CKUoB-EN>4`1od=9;K
z3k+9lbC=bm4jI=C{Nn0l<<{iarK56A-OM)KC%S}2$X@6FrO+q3|0w@ou)D!5-E86=
zz4P!Nxc8T$eL`dBW1LU_xAwG~y*XUH=V8VGUYIce9sv;r5g8Q;@vkiaHmeT-5eJE)
z8k>z>Ok73TC;*q7Qq>WeLk*nQbtdt}f5WL};@<{=SE4Y30GSD>L%Z^Q^k%q@9O%*B
z#MOz%I(Duz=H73{-n*bPMrp!FZWS1t^6BWPLg{$-sjbaT)B8Zb^E}=(GI$_?`ZKL!
z8f6}bnS_*t>0od~0?lTn$$WeN_6_^4RMuC|-I%_(%ZDT;NftWCD>9WGlm1J-_N*sY
z9CESH{%t@EKo%PZ$75OE6x|dJzaPIJn?8;{j$94)6)O@80QT;fJ|yhdOgx-|EY?K#
z(wJJ^eA?X4Hi~XrrtjMv&&jU7-!t7-3dWv-wkiV~u6JWt!7;k~=ex#~B$P6yNPw7r
zv<T8T?C>N1khY?`9oT4DN5-L>+t9)2)U%Y+TdEAIbSfiU3NXfe0LHQ&KQLQ|`F7y3
z!@0U!0L+(3(CccA+tl*1XL3sBohQg{F8}o1xAEFXn0KZ!DP=19$<6T1gC3tV2TTd<
z^JyHW0|_t$OJGi6u<c#TomXPnbK)}@@<DsZOuu$nPR8k0XBZ}L`)u*ZR_w;%=eG8w
zdlsxYZ$ZX{R?p5#dtzPe(`s+%itYz{tK}a6G%zJ4wQL*?E+si7H9!m?8<nI>NrAI~
zgBH^t4sZiVP}NYr?P#AlsdV**TJ5BkDQ%y+Db12b%qLAAN^-bM-gywnCzEE-cssF1
zaA;~UI5OZhNd6u#8Q2cr?l%Q8f?MCJ@(g90aS(NUr{rxWN$j--S7VvxAO=!_WyYf`
z`_E-oO=YQN_SGbsdo#5^`2Yagv4YEbTZbIF)Uu|(Wa9?DfhiJ*C?#n*ByWqy|BDX(
zt%?L%V49x#EtJPmFHFU}v7MkdN3fTS$q=f2>aqNiVy`5jr(=*p<IU4a*Pi@I;Y$0>
z@#WgTRn-4=NNv~a)K}YbO!|hriRsE9W8Oemc4w{i@E-Z>`VZWi1Wzn*FZ=o{v!AF4
zlC7_$O-v63cs~4F%>1|T27oDm)e}4)QX`1nAY+W(e*}=0F{T>obc{_ip;k;|E;9|4
zO%aLR1u*B}DuBT9M+OsXVMbS*5^K%Wsx8#<mv1S*B~Tn~%M8cZ6uX*0%}tR_rH7g+
z^^voE;nf1vD8I^?Dg-DeMVQ0XZtO|GL1T>tHa(Hw+T?KKsHW7D+Xhm9+I68xI2g_Q
z&ubPQ9v*=M`<R`|m;xvT|G&$*Yhu?rEj{9d!NYW0-MUxcqFQ^Sb_KiN>Q2*?Mogcc
z?$HcRhUQ9@7EUc!V5<Nr!lKj@0*i$&BtM<HxNnP?m0k+FcQVy|y<Is}I$bbK`SiQa
zPUzv;6LpTYQhdem`geQMcaZ(^V>|y|hvx;>*FSIr=$h^y@zIeH0>pBa|GNN%nJp~J
zRE@XI>H6u9R@hcJwvP6Dj$Q-^)qGg>*_8$yF*f}q^?3KzHtPwsmc65g^Z|4qOGo3T
zW-tioAd(+DaEg~>YKsw>_VYtHuI=>ipgv(ryZM$SvUU`m-{eVVA^-W&uf||72zYU@
zuHWGPG62hU1GG)D`KA;~CyAFAG2XLp?7}YaF6;IG5CM8h!`QzKxQKA@hzLk1@QD9B
zwPAK#BxE=g90FWCd<r&pY;vx@_FKX){*+YIoIK+HGT_2yZT~gk#^zc(ND^F&sE}^U
z5@YxNfpa&tX(%92D}HOKjl=SgPGQz;r>_WC)5i7q2X58Kw>t-Fa%H>Adqg1GR^x`F
z5(Axzt~v@Q^!Y@nC9RvG3!h99n&bW0TdqEb4xCPnh?#_|V^Ynz>$A6CXQ?SfRi27F
znLp$^C0&^226*TB00Pr)$4Zh=7pSJWc6{cArEpbHM)M$4AG#kRkU7s$rxk)y6<sk!
z?VGVwUS~=YO>>7*ZOlz`4|VpCsUW@Y?wsa&u6TNr|B5fPw!}KtKFm;g_G3;sOa43l
zkTK<{o5yfh-0e-`(fkTdvNsiZ5S2f0an!WfCeJbJW!!_BJ$Z8^M|m?$8vgt~f-avi
zYkO6y9=1UK$t^wVYU7I<=(R7TU`4yL+SJ!vJ%G#~(UHj|fuqBdP52!`Gja_YOj!Pn
zm{!sIuDsr?Pv^L1aP+wPu4SFovw@^356yDFA-^Qcz6!7t5*!VW((or|p)(VM^f$Yt
zP$Tga%P}=Snpph|Uo)+NYKuA!FST%72oh1a&K7|vzYUs3p-d-xz|~#7hrV)^p6x6?
z4$u(ub)-iO3c;_3TX^ZS4P0>!*i3&YyS1*qF_?Fbxrv&icUbPId&Iy<nXEK2<j=l5
zC+wiwyc^<W>XF>+t#;HR)NVBGO@8xF&echs4e{3&Mb_OmOQm=O;n87Cpgs7YFTwuZ
zi40^%hEWE`vrC>XM{>i^XJO67;~xj}K@rvht~5&<b5kYnU^>n`ac0cUhB6*eOckKw
z?z$Yxo4~009?&LTv0!5VTcCQ<jh4&4_^q>mD?sIlwHS(a^Yv=`_MQx=9(R;<b-4c6
zo+Z%C`UpQY^F>hbnP2$v?7^!p%#^iQgXRz1*9RBs$6OSRJiR|~R^2qzsqc8|?C7`h
zu2~yKY~}=tsE(KVRP<g>M9zl|CqxhDpQ$`!ACZBl@471TJ+Gb%b)<re4-LIa&0Bs}
zWkdNako`PWll1D-A<xpxZn(0xIs>CcE$XnfmwvzE|Lmi}#!rE@ZMA<eImvLH(pr{x
zm3d?{e7kXSSS5_mULHbLvQS?!c@1ZGSSC!f%j12!#p|l|0c^0^5;bkJIB)de&+97g
z8yFp(nwn<5TPrh(u{8I2IPKVm?O8&wCBG98GuoesU+b)0fc=*lE4y)fy&cNyYGkks
zV={3#owcj~GMaw+<|8du^`dg<Q!&-fz(XK(N+eUt0xEy5{UUuIupih5##LJsdEFhw
ztgX-Vn{q&kn5IyQI<h|F^YNm(nU=E;8T=_b8H&ra`p6ZCox+s9D#6Gg$8`oW9jK6B
zZbnVwiB@zneh*31wY6?Ie0mjDysxgOnV%>#srd(vvHH5^51j7zr>vbgtH;{mZn!DE
z42cJa<<`AFa6vH)kxaR640!}wpUJmAZoF|_RL8BBKLjl`Xk=v0TD*GukdSpWoyS>n
zU!_#%E><C6SyOM+(n@2(R8sNs^H;++y$l35-w*^Ib4?SGcqRjuYA1z%HBjNL;dc+x
zr|4ar!$)V>sBeBrDR43bLdrvR7&w{FX?XD_3AMwf>B4c*$((;dtkVjW>>WBfQCj?6
z02gQzfTJmt>6TelAjm*)EVgaJwBDPR#u^@EU@kBCfI&qRMr$C*pni1b#6Ig_JlvLY
zb6v?vgTsal{$@tUnUyGiQ|ROvZ*ZjK#ypN1dC3vSLBV&|qpGUCplDbpo)D989mG-d
zL0P)K937wWQA1J=@bO@JsUiw@tu((CYskxLou%7h>eSDj%wv~zKj+%U7u?qO99Vq&
zEjcnAdiA?Pn2=&k4RBP<d|c}9rW=~$_vi^GYg2rC_Yg=|cN-paiNq<KEA=q~J0cL)
zg;tgs^i?6<MKkvX^vAB!V(fj$eRMLX6daaK8Keb(>Uw(mJg!mcrf~kiDN7_{7Y@7z
zTHY(V$0`G9jYXVsX<kHA%hV9!_>9AayP~*;bHx^edlUldSJoC72?$kR-x5%qoY|;x
z_#;~3Ev=&DO>m@DE20B-BK>boZ9W@`F|Ftex361~l1}khzV1(~7W=S)amdw<!K<Oz
z!}l&lrj*k>Zp@gL-sptQQ2qP9N=prBa@{yx<hvhMiP+}F68Uemh~QyxV%pF#@pC?+
zam>2{>l}6#RBf>bHBK510I=@I%{)p^O1X5O$d^p48t@fe+weo-nq}T`-Mi_Oa@t=_
z?RKb(vJV8S#@=UZW<U2G*!x*k6&E+J>kKW8jw@)TzvQl%Z5=pp_opT9vNv$3&iU%o
z#JgtG9rDF0$_#q<fZyH&U|t^I{=m%$?@jx(3&kehM#QsT1X93)bKQ@5UX$4ashY+d
z)2LtpLMX}Np7+`Y-uD$5n}V8#!G4K2-`vRBZnwdSZmDTRC!Ex3%K_1H;tV2dKMx7z
zbX7%>%VRCR%V=39vLB;sa1>p9=5MralUyp0at)kh7}uBp=_psQq;Kws-9n41R8@~Z
z+Uiy$PVw+Ds2k`;T$yJTv*blN2kgxsOjdd=Urd6zz`3z`5`;wI1it#Tc=g#bgI~av
z#+MmqQ%W6$b=Eo~>IDo#wov|wZ1r+JdUk95ujlo;^QF2HKcpgj6uvBB(R@%Q`e04S
zg!748Cmd<7mkv>N@VbM7&aA=8d$d%wxv0hQUC)cxWK&bA``JT?F%RzD4sSH$V4Z1M
ziO0o(s?#PTkF&@d`sw7o6?K!kD1wYyfd*OntlDg;!}>I3Bef*?%_F&mik5F`G7<$6
zQ%p1i(CmG5<m>=OECd}pJOZy}9UUm@_yF!}(^oJ0Uy!YvB$Et6m}hK<E{kxa?HWRw
zLm4+G)KR#nk8;N%tAdJRHHi<?2~!{447GnmTGU$@x{w--4BoW&A#i=9Bw!b>WAIuq
zQp)Gf$~=uJY?V!7U-&)D!0pEeUmy6rZ|Tk(T5F<6n4mUp5Qc0WgXL(DkapEI+Z1r!
zY*}>y7BB4=wf(8{Tl1s>sXtdL={VQNUdKi&Etq&YA*q2;pZhVF+*}!M@CMq0Hygzx
z_=wU_vSS-LXXbl_#vTUOKsn<P;Wc5^=P8az=+y9)d)}~}vY~Fn%9v^H_;in~Jvmfn
zr(Q;WHae6XvWgH#IXa{BJc;i0M%31(pg=EIr|nrLwp>kTKk-|(8zkkV+U4ql?_!#Q
zbh8&Rj0$V23~gPT`USEg7yiYP95pmvq&6=8Kuoj<Ylx%H(O3~tPD#LZy-S@9eq>B`
zAlA~CJ*#TpeJR}{Wy;}afi0w&iOFhCbbTLmO}MeUm4cj?sa8!D^Tp1vp|eMy4%px2
z??yoxktY~74AO!O2x69+3AoI;lG!&}Jc;N%!a`Vzj-B0K?0nyyFq@sNf?mIM6crtU
zMJy5hDe=G#iB5@l75vV5@9qiKS?Y}r!No!-_v)|Oepc95U*4m*lU29jBJSwuRsj+A
zv~qteP4=(676>3%%YI`u4S^8vznJ=LrFQ1~%~U@~Uy|LR=lqy@j$fmHSu#94@tt~~
z(*_Hm7r-p{(ZR}MQWqASW4a@Q@G?EJDd||PPfPFNVTR~?{NnxyWca98!+m-=52Tv^
zf{7kkAK2zcxthh)C&9#OPf^Vw)t*R0g;yWPcuUUfl<I&xGMuC+R%uO9a7e#87?>Kk
z*pK|M&g-P*8*jcVABm({A2)IRHfJ#6_~&B3mRGNL8Z)aLr!$Sz0rq157q6kQ9rxp3
zwx%D2CEACR6C*yH$d64@)W=z058Ll3_9*bw;EUuL>?)XlN$zcz*nZKp-JSKEGqp9v
zeI6h^%Ku1YzABMVt=Sm2`jWpgh!_{k4L<hHBt0tN`^&U?!I=3p%GE(caKvJNh<7ID
zasl5f^Hur(WN^W-Dib`$ku)>Gm|giI@_(v~f4T!07C$yccy@p>qW@GGfqs6VdXehR
zN1~eK)mL9^T1i^r;zqxpd!iq4c<>Rn-yxIx6#1&$JYLrIxMzzc_IW&LQ;L5J5FLV4
zE42oDkpD`_1H9ILwBef9w6K|J$61xGpL)lJKW`+<VhjtgDNZC7L4WuWC4D(9+@<J8
z<tnA_XG$AYW}URiaVS!=#WOrEr$5@G%-KVrLVuYb`anj*oCeBAX|s**pJJ;*Urm-8
zY{PvpA{9<8<ev;^G+mJYsni39)6r2LQqikDF|CEiFjr1r*P4CWt(&G!d;`U)sE>8}
z?xmijC3pM@nzR`*1re3xk9(?P^J57HTWQ5_64~0^93%jT)MOWqiJ~JTd<xA4e%EGv
z(bCX)BdC2w-w@erds{Y@uFPYX_j2qY9j$<JHYz1(m!rK%^L{-2ionjeooOklaPe>{
z2|}~UST_^4CrR1<y{+SX?al|Fkn-KJr#^`ZIf-=ole=aGwEl3cU0t(FPJTJ6w9=z8
zRaf=HY#vKtF4@;|hLL3L_U$)Jh??iz@jD$6`eIQXgf89kdUCZ&ZSehuC&{!st$4l@
zIyrgiohI}cPm4Vb)-9TY$x-};<54xmA(3Uxbb3&V1|lN{KyN4}eLj6v%f<nD`xm`A
zF1z$)MXXp;Vdl5`QOG9|7FFSkRpZ>{jP!L|lFD5Z4r2Jj!(*OL2ZlXbNY2NkonhaT
zOf=5gh^8JW_2Wr}ZGu|AqEz}$j%GJetuP)uBhZKC0QVzqWUsE94NJiRP#SE-gWrL|
z;~hC2&TN+l&lLP2SU}yRhi?wt)cKfM!Y-6F7zdAgYimN7?EE1zK;4^mRX$=T$JZdB
z0a~n)kFdw%<4!;^DqH8(b*J?Vd_a*5_Ai&`_2VNowcpCB%)XjN+KrC0XjR<gMQ|-%
z%dFGzQx5<~Ob~GGRk*~1*9Mlm5=tfH3$VC6^0CxMG+$<6_~03yrT<NKllaOiqGl&n
zae27A{DYrZRBalpRX+b}l?jZo1OfGMPLi%(0`Py16<+}!slB|GE2sN^Ovi`Qx?E4Z
zOJprR%^d4oug5VaGQ7vIvUwdZQaJot4tE}k{<ipcS~)r$m#h}{kB4Y0Yt)uMaJzLn
zmTW+!IUmz`%7=6Y*UUy5K6EFxDW-=<Yv=P13<GLVlRTw|Ea@<<F>Q4CfiiTzOGiIB
z6WGfJiDxwIWn<mScL3&zZ(DioE@~CK$GLi=u<_t>TF)awcW5zEHS9R~gHbB9GUDM8
zHkFu++ev<jecWB7SS4#_ufjUt=F=BOzY!d`2>*wC%4&bCN;X;!8XQE@f<x?pzQR9n
z+rBr++2;NXIXSC){~Le1$V2I_#7k|5u`6$11`Z6z1<(G%XCd*ou*q$blbyNl8#81r
ztPcbLydMgxJMXh33P`wAWW-G*9C`B$t|Av_y9qs7OFuWAiQcSi`*i00=Q+^*lsjy6
zewEg!*)vS>w8T{|l{?D}u?!<j#}rN0>N3on@&!fy`0k2QMJuv4epR_odgm&067>>{
zvGk=jofl+$Z;;+lX1;`x^mT^KWm$sD{_|v(cyxNwsLgnB?%<oM8^8ao;B&%%)b-!c
zM37g!>M{E*#{bG+5=3nj7yT>D`oxFx*Yt#lga&gTMEGaO03Hqz2Y~{Ky&9KITm@T9
z+34>ozLct68)tar91{{>ko~EQyZ;$7K!pEi$e^-F`fjO_Au_VUlHbR@UOeP;%m>oe
zwbIoK#uPghZe##_itkMXTZuoDpj#@*2AtolG_ByvKmjAx>CGqHwBX)0HE9j9wWBl|
z&R0<$Mc>MV+k6Mo6uW;e^>UdR9dD*34m14~70|<2Gj7u2zFfwj!Nb(-$RDU_nv87G
z5yAWEfb2+Pby0M;jN5#aQFEKny%ftgkv4#LYF<S*>#@X1oQh^OtTubxp^JDny9XQf
zY}CC?f8b;hq&WDN;X-bj-6`16ix?JTGz=fDVu_XO-(Ic<G^f3vL-*Kg-dfaSp3o!E
zOFX9#G7=Koci!C1OxziCG7^UEtDA09`Ha1pbmtCl4D=Z6(d`m`b)XgHL8n+I)rNPL
zofLipBmypViNd6@_AMTRzN@e9E`UV;-uaqLDFi;YGE?bUQ`u?HxB9%6!#>vN>s7yc
zA;6;F#9_!TQnWN-Aqms4w7GkJuc<&p$KB4XUVy1M&>KliN!|$uS@;MCUX#8bfPY&B
zK-Md!8o<uJK`&7sbQ21s5EKztM=zCRZ*?#`{`qw~qBB-|T|gWO=cJnd)r+XB9u~yg
z6p={YeZBab4_*zU(y{orJUn*cg-=O1u(?Fv9AYhjHpga`TH)CTK<Tmc3UORsI*QhN
zlwzODXH@M?0W49i8s0^WdwxIitf64Xs1<{>6P0@94+VVcHZw410|VTQdGbZrln-Bq
z%5#|i3CS@6-Eyv|{A;rv(tWI{0Dgy2HMl9^wE*?A*DnL*;2-Xo18sH-8y_TNv+q;e
za^4q|osoh*u1xt{^Is<y7OBB=LQMA4QCB!2UuazweelRWkCytU&9Gl7`ltyMA((O7
zZFhr~VSw{W;%9yIR6NXGc=-O*ItaZPWvj{QcrCl!y)7mx#SWur-Ih!(rwDdymijXZ
z34Y0s6_>z~$t@W7LKjBO)uI~r!a8;Ff|O-{fHWx~WPN}@>0}^fFa?J}AOjPJnJ}Gi
z971Yb$hg+gn}Jx$|AHT^nh(<?oN$!hsf()*Is~hQ5-39xH%Q;$5-39wHxTo>)&Hi!
zYQc~Vl9v;UD||03ahY6L!m$7G>O&ypFo<HDMcp`$H!y91{Fi4Dj~ih4#XN11TkrPG
zjvQ~mt>Q5Vo||AM6^NM@gv?(3dGQ|NcLBI_(o$J9eJJCZ&M*utvdmTVb^2^GyyQG|
z>%5=uX0pP;NgnemPn=t-DI_#ftore`j4g&PHrC0+CSK}v<FJIR2b*D6<3moKBD}i!
zI3FD?#QE)vG0L==kD98RT+RW1tt`Or{Yz<=W)CkBP=kmG5a?-2NIAVtUiSG74=?>Z
zm)4Rf((cIPEba0-<fefZ80l^SWIYyr2+q)2n&I>c<McZqi-CI58FvuUjhIk%pgUXf
zoycsTh(^o%DP?4v@!7_O!+8}$O2BXXy^GQ41VJm=3OLGVo5JeS*?OAi#k2cgxq3XA
zq$E5X=2&S|uqnwwqw40eR4l$$1vQF6WKwbq_($1R`Er~-Kbj8{N0PA9smaqRR2ahP
z3(#o8KMfY4TXesw!E-7NOlK=?u?b#a$SC^8U|O{ChO9XrkT`Iq_)amgOA-HHVBjBs
zKk!$S1L#sr9Dvb(0e%;FR!N$-sLRwV49Uj5ZG*&hIr2XIif45P<Ee6*z8`P5Gy?9?
z-m-~mc?IK5`{hi<EqKD|kc@ufYr&_}5v6vok|aYsTVVE0Q>nTSDod^}>kvcX`D#u$
z*_h%)>TmMF3T*mbiqG<}WB?E>r{0as|1mCtzF+Lc6S9MgL&J|opa%(;?z=^#;0sV6
zgy1J`#zB%kldDBaK-3)ql<3j(|0eR(l=2lqUQLpP`f87;Vk@x&&wXcCYOq%KE9OX~
ziA2;=<uagsmayqA=2|Wqwv+iRB-#;_o=tRD9Ab!d_Eck6u*!kv7$MeAz@+gbn?FbN
zSo1;czKg_WZ<G(>0kg%R_~5mgqzv6BCAeZJW+t;5Ll4s-kbw1=ZHMQ+h<(UjJc;W>
z&YqLsHOkBw>!{_FU$Bo_m~jCA19JF6rA2~AlA~-f3w3D`+-byi4y`#I+qY)Ub$-uc
z^BU1G7GJiEwD*rQcm&e0r$^Yv2PnN@0QfNN%AD{6&*S6l2ZlXS!0?fo%Wzuelwm(k
z4tH3>X8L0GUGQ2rl8lpyX%PRQiRnz%4*NL(bfslk;{J^1tqS66DdMFI-Sk(Zj2E7g
zh;t5RmM5fDgS*SCug@$B#=+_0qRb3K`auBVP3$N5Kp*GEVYqF^!xI9FQpbNSzb;XR
zzmJS_n1!r?P==j_8?F?X3I7=l_(~mVpZ<sNj9Bnll5+66$N&sW;B~8uA+3w_FZ=F^
z#fQW4_~ZE(ivj2Y7^)EdeHtXl5B0z-xO`!?+`kB~TjkZbn!h)sw`D}_r<b}amNF08
zsa3!nBrpqHCzHCh*IvN{jk6PMZ3%IFd$kVDu-6NqT3sD%riwMVKb-UKuh5s=5nxTU
zY`-s^t28eOsPpkS1*A$W3kmq2pGlk_|MXUzqVx^_s^@jK_9mD2=Sx370^Y#(g{M$9
zkS^iB2_!lD#uy$5J@C8n9kKYlZ^eKYFIr|Ptv43avL)cv@@9>@c`Fj5A2jmi2HHqM
z;lP9!W~DAlz}0^qyuo2tvj9Dq*Ml8QfE^86m^8MKf9wd79^>;Hj=nNyL9Naj$?Nao
e{}kX?c)4#S4_j*Lp-cpd1^FKf^63ixEc`!PEqsdr

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/zfs_clones.jpg b/docs/userguide/storagedriver/images/zfs_clones.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..0849aa2454ec03f921ab1f2a2c9e2d5c30700299
GIT binary patch
literal 23027
zcmc$`byyusvoAagcXxuj26qT<f#B}$?!gJ}t_dMH!QI_mgS)#XxLnwKzvn&AwR67b
z`{NetS*!b3)ipI;)wO17P4hDUvJRj~i%W?EAP^Yv{`C)dSpq}=@HYazy+J^LLqftr
zLB0|^3=9-3B0LfjB0K^D5(*|N5;6t~0s<N?8U_{?Ha0dADlR@QHa;dcHrAUG5CjCo
z+bAd~cr0WDWUT+s^wI^O!hnRqBEdnZ02nF=92NA^0}ucp01O=TO2EGe8U_Lq3LFds
z`?3hY{Ea^s`TdIvAaU^D0pO(SOK%9sA9WJ|J*>DH66US?0r>bYK-(LRfV{UG34jl+
z$Wf3)bO7)w25%@BdO;Qd?cg2GKma`Y_-VqwdqYvgB#FNKIobv<Z{NX+_B+fY`Z@sK
z121Ic_cjEk2u$&e%Ql%XfvLjBzMAVqYHsZ^LPGFkQ>(8M(N)&Jm7x2OJJ5Gu>Q=jD
zbPt?orXHQ$iREMgU=!-=uZn;GT0sEx*H{UUt&2gg=f{WBn)hoUb9(zXwh$&ULD{Ev
zm(r^PLqC_B$Lz^TraKQwFYy;ZD`xtrmOz<%AUUA_O%wuE5kzgv#6D$~=uNa9qUSrr
zK!6|fLFbup7#V$yGh=Y>X!t*@2Tt$W>VsA|9*KD#o)rcr0H9`;_)QD(VaP22oV=d|
zX4(Y-<d1iAZzxp4-B~CAx-g|52+cX`0Qh%5y$%5YBu(^QaE+=b=rb!eKQPeuP+FHa
z7yu`XT{U<ttxZk^0F38#l*GlqU<ei6vWYy`=6nEv6lkFQNtGe^hJ!$EPv=D()zq)T
zr<*XJ|MCg|%`g)rQ75nt00nL+st?3(k^oWS<~F2wU7H^O6uD+_MdteIzrmoN_X|Nn
z^&J2p@?8n$XI<eN2q->e!MQoSHs(~CExByBe!qdBF|!kp93u_@z_~bx6NomfzoBrI
z=1>2iHjW}{S;rl3sAxRWKAeaBYg@@G9<IRZ4FiN(?cwYkUmJoe^o4LmhD|81ZP1lu
z*)7Z^PvvV{fM#?M`a36>Cev#NLU!xDk6(f7(d)@^&)4ZJO%3ORC(d?Va~hp`&8>oO
z0|;SN3NU>iQtvAu8JaW)K7Ts!1L$@aHG?keTTDU#hd6`~f&mpux`{tLwh?Mgvo?Po
zWUSASt@U&SRB}@dVI9e<bvqy+Ck!l22g<)y3IgI9XyiIH!tn%R%`bpHki*=cl8Iba
z{XwB_;?!gG1z`Af`Q#c?Sk2)FAbPVlC_r546+Dw=Ci{VOk16^28}-<qwSJ~Z0vM{i
zV@D2^Ol>W{HyWo|F0g|8{J@dIbyJ0%hKgKcjC4z=0TS4cc8Vt>o?GNSu}K2}934TP
zcV9yK>Tz4GH&n5~!N%2h=x0rQJOEYJs_8+1NQ_n~!|VZmTpv);qO0A_%HVKN;qguD
zcpdng|2xag<zb`unL*Fa75>Pm9Qd8NwK)i`OHm~Xv&!s<{ZH_(CqK{?_{OQ}gis}R
zZYAq36qXHUbO*n#AOm6)^tLC|!8F?#1oQazxUS!86z<Xod-)3Z`ee1nxDW(L4R?)<
z&RMw=Yre}wytw*(X2$;-p05P<KF$Kd750PGpRwQfcJmcj!Olxhe{o&|Qk554cJ%D-
z1(5k#%Jq7be{eWiOaQ>@^7*F=GZyOw0Jn$l+XntY@XCnR0fZvxnSc6!f4n6({MYRD
zmfZdm0~`_z0ty8ES84-$i>H4RV$_--(AWGIz*0E^KxGzIo#q0-<a+iShR{4r3?Oi&
zf2nK-0IqcTH>~<h5P<V}ck-I(kr*T25QgR~=uE$&jZahOh|>84*jWzF`mZp^W(Dr&
z(}`7jBkK(xrzx$wQcVk3x&=GEtKjB-$EyI?QWJ*8!u0a5VJQ4RDb<*KG>f_b@J{D-
z^#FjDn;-xw2j`j+<fD6X?*XwZ5|Q(U!`trTaScMW9WDhF1o3|C%2=~<`?Ec+s8Mrz
z^KW}pM84Mg%+C+}r4!{Ly3JuPlgoOGJOo?(O$pY@1RIC*F|kM+Tqefx>j@#z#=hYU
zo)rLCPB0^{uOPtw?EMA-Qoji*0A#L1RHOEN0B7dt4FmDF=>u$kuh_T#|7(IAjmZLx
zr2g{Rt1a-+ZHTD_(ds*0GEV*UED=QCh5xaTAa5_z;Mk*=o~4tcZLDpCmrvy_kGzp<
zy~CkNrkyDal|jbeQ~e4e&7LSAJZN4}%%*=}k?{K4Z?8CbZS(BZqS0yoYFqL%zPtfL
z#D5xc4Bnr`)$}jDC$^m$!R`j+b-;ff4XLbaeK=AF{kK0}H4>E0v%A*Td3EFZ_fGn~
z0<Q#ZF!34>{9J$c06RBcVt}uB<NTjKl;>;r*S~sygKtX!@9!n>kJMiue=mW*RscB4
ze`WwMY<_@A`(H~HXI~!xw=-6AQ1An6Z&=>Mp!me>0VtiM%7Is#2$DM9FxB&Q0J7fP
z;rHwJx`Fc>g6Sm*z6NNz_7h1%{mK#W?cjyadc%u1#qyt{NBO_HlZ}5Oov!1$muJ|F
zv252y>e_$f)859p1-aDne^uJcF_D6`SbFD84S?o#-guCDXu#hp?Y4HauD#tFqW?80
z)^_LJg-5kA{HOV?gO8D3m6P)kqp2H9`7{4<Tp<fa)CCVcJ-@$<lHF^@kqX8&EB)&5
zEokCRyUGRe>g@8wH^xu~UZdF81<#8g`-YcnzDAGkOwkq}0DN!x`Ua7${}BWTT-GNh
z0MJQU#~Xw)vk8DZ{wo)~A^&elS?v~pQsd3~$BLpI%GqRG(lNfRVPvo2LGLq@e;7yt
zDQk|GG8EzF1tCUyMyfVGUF-j_xDKtaFZw=s1yTkjGyXl%uN<yJlah%eIjTxIj5PiD
zsJ}h)ibE5~RyO|}9xc_lVXOZ2ovV1|?`eHyIm~nrw*2G6za(Yg>9@wYwkH0Gl~?SY
z3lsg$jg}>*`ak}9#kPw4t4k}(Pc^#!iH%o`n+F8|uc>=&y%8cKoi+eAT|M%57r?Rd
z18&Uz^5#Ftt6i_rFMtAoAV6SX5Qt!q;E-?M0}x=~kWe518WkH29fKGK1rv*el!;SN
zUQxw_nFE%LoJEM0O&EuQl3kzcpUYnm0_X+UAwNbre`F?hvf=*LUB00kN$|}Ht^GGq
znW5VAmp>!YFTjLPW0>AO@*FeW3m|mAOX0i!LA$5?3Hm5C=>^Do`fo}fw04#;tis#p
z+v9c)i0k`FnFsrPk`jT&tAh8gQ+KncvuREIu}Reb|L-XON1H<Qww?;M6q41Y9C@;$
zg}<L_)6)f&)^vFECpPg(Yn9P_`f$#?mx8F@c`>x#j7!{8Dyjjhek_kq{7BLzpaH+n
z%s{Ua;9G~=kKhFto3w{J{*E!p=(7x`5jpmB?8VAArRKv+%<mGNC&NEg*9iNZ4j)tO
z36wl(k1WO!ya+UYv9?Xzeez5p@|_YGj^<BZdY(?b<Jk1fwp;j(J!9ex>C7MGw3dkM
zxOH|fF)uDDjUZtf<&@p1<k*}@FA_~0QeaHaFgnEI|5e6KS}YyH0JCqwUIH^Ib@NxG
zfzDI?Qvvg(P0x+!nk&pgwh43;N(&noi&Wz3B_To0PPSYMvENcALEl!vw{%>HKe9*-
zI2)cW6->A1J%JCCvu0ac;+R=HGp&_Z$RxQn--#o;AVm|K4KetwLl~j^1w^d5lzCx_
z7zJT5aE9$gh?)6vX#HWhICGBQ2a7X@c)5)G$ny`!v>y-|s7pphS`2fElQR>}b1+3Z
zYJ<6O5<kp^(X%;~!Q$Zj7=<ThPc%(UrbuAiP2}OBzqww!{@OoSkG_KLJ%NLXFP<-+
z4Epk8i4gC6S3420Co2R#&Lm;nw_3tgodnTgq4OgOS{33~CG==+0Uk#2j^ohj0G1Eh
z=)AJD#5)EfgDeQg1DDjvD9#?*q~%y(Oo#Fva#c~8=>)bv-nUbV`hh+W80Zs7a&6VA
z%^Y}_`ta<vQxop=ul<hcvS~lzj!CekYNC8bYdjl*ZgjYLB3q6K!&#i{$FdAIsus>3
zp+$2L4Gz7=t_vA-{(8i;6mCWP(P~IBiNOmciH=+N{OcaID)Xe8+SLAD&P?;%4_pg(
z<y@mlRVq<8etwgBv^go+a@cNLx)8D2J$0LrQuS`DG0zOUhfhY^OJS#BZI6O70`KC2
zsc13Ovyud5e)RJUQ5aqjEa(^~#^d~eiK^;^EWq)&HN#!u6EW~mH8EI@YWHBKJ91to
z&h(V-Ht6M(`}}X)1LY4E4jvPymJQn~)LP>_Al%Y~`3GbV#YMTS<hybQp`hV(*&Df&
z7hLwYNfO?rrF@AaA?Mq$5n|VYz5YBR#pAfCo`hsG)x~Ya+GUWsxu)6i*&X9M@nD`5
z+Nv>p%skB3;4|gz+{zI>;#l4WEA*2erQ-=UH5=3yC;u^-59{{ZY-bV=y~GCBprB+p
zc*~IxqV!1lWmX~+O}tbrnvx5XcLdJ(Je85_SQn(DpDot3RQgxQyhX{l$5iDIKA{J`
z0CukbJ}dK0jdC<}%RXqB{*JHal}Ul^Uj}=<{F>B{kLQgSqD?Y07;`;xLNsvuG@KMJ
z>3m&9<Kj7sCs`rN9ls}=sCVaoOm}uNYRRAAW{sz)7$bBc;4E>Bi9S@#=dr~Tsr}KR
zS-J2%fj&$K#>HYd5A7g94&&J&rN#3<d5QZ=JuWpU+QsO4lT}&9RV8{DlQ~!pgoZoR
z<?$<y{OHsyA~cyBqn<SWlo#c)A5oQ(JH^4DIFgWS8p&Y{!mT*-G0QVW)CB*xuG762
z;W8Ol&JgztKooz9#!{L-baC%RV1TQ8-(|o*JcHifQ%Mc)Vc)~R$UY_RzO}At9+0;P
z!%=k*t03Do5f~%>S^ADX7GZEEBF6WLG?131W82|iKk1xSQGQmrWDE93C*M-pr_@y~
zHAl@PMB2}TUD_xkCv`l!VVlg+T0Y)Sj!Rc(N6Bm7eYNWzAMSVR_txeZ+6A5)ZSHRV
z4BL&jm;Dz)zgL&4XI}sw>%44IFh&Fwa?m}aSEec+hb1e5WMqo{=~B#`S@kH^BKLox
zanhMtFhs+2VU}z8zqDlayUg7?GV0ilcL794pU9R}O7@1&qBc>sSrXlMN=?Mvl~k>4
zBgYd2bdO4z;9~?f@lEmFdn(<{BGkjBogkOjB52}EGBiUs3s*|3a4AG78+i{Gp7GkF
z2Op)%bDmQ#mTB!YD2gdzEFm~|t`Cbj;k1}32C%5HbjncZL=m0{N%Bp3GbV8fvHeR6
ze}J0=Kt#n@nkYs=4Uzlcz5oXw!tLpv(6_invnw>aq?JuqHCF3xKlG1aC6bElEPdno
zc@wa_5m`*bSo%)%(@>WL&O>?1@*0txKlzmV!S^R4J!HpC>=4&^$rqr%QL%`$Q1lsx
zT@Lp0fGahvG7V2&Tw21-^VWCrZeWb-p!}NQQQ-Ij%gT<Dd8J8%!b+=N+J%ub{A}2_
zukOIA@@!@EG>?wt#;rQq3rBJFgR*bET=$t4?RbEJczrY@+@)mTyFjyWKG($xPQ+?Q
zj2m5(T&gTu)Fc{@I|I`|l+nV?RDwz{1ent-R1Mtd)2q)*a#}{4oG|nQxAcpmeO$$M
z(U&O!y~=HTD$6CGq{B9xYzxQIH;5Rjm`>We)4>|*Qno)`pZYRIwV`jq6Hv?zq53XV
z1v2=+W(S_#w{{iBiQAUgL|wC{+43p%6BP{Q?f8GmNqbLuqX;7wL!ygwfjN!e+R%9P
zNXd~)G`HzG9q4m^>h1aaG<FC!%-xMgM|Y9Xm}1P%CO=at__5etKfg4ksn?-WHT@?_
za=$dnR|<lINBy-;B?<gLay_37KZJ`r?0573s=}AxCauH!c+LTn!Oo0Uk(V3Wrr=Ts
zE4!GoqbH#)<Ftb*50fBz9PGB~{^|<!3@N>zK4i`>z=>8=ee$wVfM=(&DeW_+bV5m9
zl8TQ4nY5u^7bD9kxm6(IF-JjUQnS7FLVwOCCkHy~Gu$i?n;C}@_EnvakeK3LhvKHR
z4qk=Rxsq@HE-_n7x_@*ADlviv;>)GXUI6PiII%BIZhlTUgRwJu1~w@&NPVA%i+L7P
zlSFRG)fU`vPl!;z8pxW^_G6rAR>NC0DiDk#-Nz?Y<uY(7VvUh<T+IF;(^9os%0nkH
zlA#DyD^8Y+(>$%f*oSCmRQrRm5P@+b83ubxFH#VK@R>jQtZ6&Su~8aVZ-!;qsIP`s
zYQOfpisi!oqBUDpR6eb5cS6}sDMH&#hO9F_TuNaVNqw>L1=#e##iUF3ew`ZwDrjWZ
zg~wt%W{)b$zS4HjQ8h5p9)_XyjCK3ECT0;nYd_RZk^^uF)cj?ejrgrk6n&2#V@zN7
zxHrONJ7A1d`Q(TAM@}*JK28!4MLI!wo?I;MBHS!()sEnv)%RPavaZ=h&oP;`tr3*z
zk9)WAYIkNnc)2!y;lI8;`EQG7EOQ4o_wHxShSC{ZZ#{h@V2(Lmw3(Q>FE$$~Jti%;
ztX+8T?y~4v$?izJG29BvqHKRA?MaRN*xlXd+W%dbN-P}*)slR39>e6+1QKc^Pjjou
zAwdD1*knJA8PRIp)GTkOJW!?R&;qje<jEfV!QzXlu7MC#*5@RcK8@I=c{6eq5}<%?
z+GPp%u7R=K!X&Q5O>;?gG%6|3DfrzI9bGbi7y*@o%v#mga^VH5A}B}x9I>Fqp;0GC
zsMIfxl6;GzHE9|I?A!)q(dBzCc<o5NaqLqhrL2w<DwBg@Wtbe>yIayS@x3lXxih4B
zCf#2`EjBYe86>m}jQ5sc%yds!SSl}2_kBbYD<)jcX<$uzk)#SFIRvTK<1cpDctzxd
z(@6b$6EXLOm;^<;^AiV7D%nw#190%<B{GSB1mYuMh{$lvlo;(&B$JCd%zf8)<uT@4
zk`(&EBaX5V$zY|4Z<o6{6`1Qkdx{o-tN7KSF8zRK6JPoxs+|E0O%TH-4vua`NQOn-
zE~ySb0y`z?D%VDipi~dGKfBgSdf==fSv6zi*h0bMQnu;GK{Lri!VAmPmOviYU3r{l
zE?2U`mCS1T5#vb0RmmV<BwN=DPDaNJ;hD%%SXJ-LZA~?`1<qOQa&EB_PKEjTeJ?XO
z+CgI`D>BTX_0cpla67}x&*au;jQwnWU#to9Dse<uYVc;#zLjRRWYA%AGlM*_YVBPh
zjFy&7m&>hNB4Y=-LsYCzRO>p_XUa>d9?jvuS*p2&mGw*2Dd(5lk4xE<Cz7>l>`RGL
zUT?DK+x@ooay{$n@QiRDvOG{!9a0T4kh-3uFwwg8Vcpy(D>-mRpK?gfw9CGdbYSp<
z7dMy<AV7-8362UL#w}Pf#3Q!Ah-K4{63{1+gbe<KnT<yXg&{?bLN6cLrVo<ze}$^>
z@S36CRU1cO@rn}RA>^7u^EtN-)S3hNi}dP!i<Hvzu<l;)r2X0*E_nOsk*Vaa_>{s-
zxa!fv#C?SN(n;>P`4L#`h_U9NK`~dO5Rqd<od7hk`o3`7`tJk*Vuzt7^%+a@LSl-t
zk}%HYOUd#booxm&BypD3s11ZD@XIt<SSvoFyQBwuQW#~SGcf(>S&atqa=0t}O&C9p
zSE3fIw{XT-GP!<l4ni;_SdWI%{pzJOPHX*&d39^3wxsuDScE`FG%#Jtaf`%qXrCVd
zP>*klb|`eQP^XVECz|0takRexBkMWO=*+<QL{vz;RViE)CyB~3y-i-}X~OE_*4gvN
z9;R_@O8<Td+2h&#DW19cRt2jos2&da&K+w`M9Sl<P7cyUp~_tejNnlt272o0Tpdke
zf=~Ms@G-mysbiW>P3y?DYIs84gyWlsgqLO(hbaq>T6Pb@MoY0GU}8;DawKsBq$2KR
zLjWWn<q`rbsJn`|lq9ZR?4w+OSj3MgmOxItX`2_IpmbCT>ZDl97m4+gOsD`vIUFNq
zl96(`k`pIlqHoSgJq%j-{LL_^rI8Gml)ROVMv$QUM|nY<TJTk1W4OstW>M|WariU@
zU%P@owWIaA3wPWq_hZu=bKsTsm2zfbcn#AzjLNn>c2e=hYGKs)R>~`V&zWkA%ib@*
zp!?tksD2(&AWW^NQ;S#U1!xGT%#i{W7D-Bh-7|a?L&aOa)7mFi57=7HOF<;Q>=mq_
zwQ}A9k5!b01Q$+c>-Yk;#n@9ZJqfcvyB4dc?=OCnhI5J?yJSkL_=ENbpdM4kM`;cg
z-y<DkRR$Rq6rvG8UD61FtCfJ!@r^?Swt*(>#t0``zF3Nsb^Ufu2Wz_F1rT7UfBM0E
zQpzd)M*zM&jhn`!fme5bsLG_afcU^5nA{5;1jcI=R!skis?Nudh<krGiFIc*E{b7X
z`Rw-ogZd)-Dd_?OIYk{!cYu)1Y@g6s-CaHwpSN>DgbM?Fy%FkA!LE#rY}(1as7-BT
z(oV?ttU!B5c^iB}B?{OgjnD?3>3Fm~795A}?{3RX){5DDm{$ECbVI7AR>Cu2Az|X|
zmP~H|w5O&t_4Z#UIp+~^!m`(HM8220)Y)Q4tK5_<1*vTJ8&!cAS7<-U2eAfoL<5rN
zg8UwZjgm)F-*cx~aL53}-2^fKEXsV?FpGX$ZGI0AqXHuvT~yx}^7$&3GMd_A#1Zjk
zDG0K@_uNqlmU2Fs{B_F7Npv{u`n#lGNa}NTHc6LHgyHOLNQLU_7I`=k%aQJUe|`_5
zH?5ww)x`mqWT8ikH&@iZi`>>ufZ&?DyLi1lg^jT=T;>VV3#Xt|Kk=xv<zL~~QN_n>
z(Cl02RNLb#F<ecryrBq)E3%bxEfiegAjNZ}?9>nq<UUSj45yYiB%toXd#9%B>9~uB
zBg!`ljnk#or4(r(u*TJuF{Bb{25GbXAz6n9A?Ik%BgbmIuyru$kj$J(NL?$QlVW7p
zt)$sWx%NXmIa$R>Jl#@}iUbTiaUIvPZKngHL319dC6R(wifG#YIvo=~hopYo=gu{o
z-G?$1UW%&e^12Wghnp9G;<zGcC+Izls(eyu?S=5n*9XM6Xjyv!@Z#!bNfo{h%Jm~=
z*Jq~&%=E}5<_})AJMC3ZmQ5^08l}|Jfi<apyzmzDwfl(~4Idt4Kz_4hZqK5MImjH4
zo%c9dOEqKVXj0Mf;D*+yI{ckSyh~9rktLCYOIm=Ht52butIvT>ykK;XJE62+V5^x%
zrc=X}SuyU@mi4hg!SiI3Dy2hs-3k2jl0(;fo$p>y<5~AV<}ZV9IG-jk&1y5CF4$vs
z6%1B>{cd(1Tlq5^)$)$x+V;-#8wKiA+<U3+zm}xiW`e)#uBF`MZ1}v<2{;uaL;PSR
z7_qV6{>ZjhLlA5YF<8uvga;a$(%|Yxscp#$Cit*#;a#!piOTQ|F@Lz$$30)Oin)xX
zm2=@aR)CSQ>1URAM?YKlqhr4DtFPcXw*Sd6vG5ddIc@y;9AeXpOh9nXt(!tyY0*pO
z5HpTzGvN_<X-Qmi@wIBf<cgq{*B2+ZD1E?=i%BSu5D!5d+G<x7&&6k&4(D;-<2?dX
zN9AZVE44{PO#2<<?Q7aScZ(JFrhRusR)?Y%;4RZgk7ROe-yantI(X99H1AR_SuJlS
zrA-hYVFww)pWIU*+O^TsAY0GJAXM2sclH*fQ64-WSgfdsqZYZ0aDIDTzGdrnBC`1}
z+#z^J5?h(&IsJTOxw=uwCx{euPJh(i-8%)9(yS*H<KXtNvUQKur)b4855jX(Hb=w%
zr7-5ZuDTNba)DEf()#s55Sev271tjhPxJD8pTb0r5)KC#cU%)#;-MhAM=vPl#Dego
zNJBh~C4_uDR9Zoy&<-ZDU=|((uiFX{K7qnX4U(2=+6BFLUGV)QP2~%ab7?MmRq*93
zhwaALx+cGT1{hn0e?G<Pc%-O25I0>h7GDdw?CPi;2ORx(#hrhNR}J54*=HL_3gZ({
z+rSEcczFL>vsFL=z}`x>FmO=N5YVu%HCqrEIDiU)hEBpP1W8P)VBp~FkAlI(A}H?|
z_oI?bSkbVv8w!&(zIyVUTtq2=LO(mFYHEW`R7}~(DPi;CpE54uhu1Q$3erG7&A5G;
zLy+Zhlulf66}zi=*}$&_yk;^r<Np;}OhD*RxSy<jl5cYwm<4N_;c_MY-%I|_gWJ1&
zK0d@?qq~H^04x5r2cxSJoTmI#6Co#L_X$XbAMnyx0oQV_KWvgZOQ~?sufNwG_OxF)
z-=lD<LiNfCmGA^>AT8wV9levZul)I2cW;ukuR=HCXZ_ZpML{&>A;SwGCmK75?i?BT
z{7x3)1KEBi|DDC59YM(6c4wuP<t2~XGrj{G%41AyT0gmXY3faQ_gDxzhdis~r`j0~
zID{dho<GLdr5Cw=?o;HJXSr*sHu;8<V5=hi?F{^~TNRJDKN)*^0>!^rG-6_*P9cfc
z)x7}T?p-MiL6d83%fG0H;l<z*l~+ov+39~s?cyIoO>UcuSTNL77WC)9OdI}&`zAuK
ziFPNnkh-Q~kj;`}W8Ph!p(8;YZI?|g|1HBcyocI-b0VecTTt|2REbT+1>4yp$EG>S
z9T9PH0vt1%3EZc-ay;RCnrhT?Ej)`1YK<`A_91`OIQ69Xr8&m?c*P;UkQg7$&l&v&
zcNY$34^rvYdFaPV`r9?J!}drUKA#ze%na{%Y~<i+Hw+B>gk8053v-ceJ(Wju&38HC
zSzIIR$_d3oIr3fbPvp=_E=KNjS)iH`e=onA5Y(O@w8^}WR}UxQS?t#-6fWW*v|uqd
zsEN`%Vy}5EvxOD-Zq%a-ArIVB{mX=V%5N_~@ba54db*RK={3%L?yU|Y?M+;EE9O2&
zpj8qtD_{Md<I+(Xf!xQ(k4o~?T`Y<&E}E0F%T*zf?LGQh_LG;s+1v)?>fq&hIX$z=
zi##3^<X7uoXU3DLSC;MsqrN^~Hn&$IY!)nE*UsN-c<~Vd4YiD&&<QySR|QL^S?GQ?
zTTT4B&T7UU9iq){3gpPpKiz)56qXgT?Vh$dQg|nIR;Fq|-#ExECs;m9C*PN*AArFu
z$<Vf^bA(B0&P<(R9<snO&r^&UjBc=lPmt&+*OdJ{7anuQF?LSlpdH^$AIrUR%0@1Z
zQtkLY{(<M9TYTO^Uog~7E9vLV)ewB)4#>N&K+^a-sec|r;qKlK?h1Tp^#2H{d-v);
zw&k-_v16*s-<p1!WB25!R75|hmHqJ#6t!s`s}s17_@c+nyQ3?4H;cxNjkfe0qq&-w
zwD8c`YN5IM%<=Cj{`!TuuG%JvC|$BumNBVM$K>bx1>7t(<3q~)1S#TlOna^GI`saT
z+Ref1&`psc6uo^qep)}{s$n)FN!K#FvWZKIanQ7_cWjE#$p)AX2|{WugCdCQDn6~a
zgs7-T>-f7WN2P^g&GlTI4a+IHAAb-Kphc9m3W{?ng?0X6Q_fymS7DOpFRZ<{{C@Ov
zTm<t0+eumqW4pK9gV?ZCh)H)|%N|eLJ8#|>0I?z7Alu}$;kQITz8h^!_sryGw(H^O
ze)#ELvAFMdbT}CIIqSG@bqDy~NJ{1tUgJ!;S_3bD&DiwWAGXOvegbyF?k1Jx;e8Pc
zc2e{6!mb|5Ykn`)tGw<E(<6LD=Z&dm7By4p<3XJ?x@rnn<Fb*Yh4}vkY9W^{Sd-lw
z+GB0k_#=3QZ$zcAqV*-az3+dPOiUgnk0n-cGPw9(6*=c|Dur^Y@WWRRpX<`Hb(_!j
z^bPx{wzho24A5=}_~gK1H9TtN^`sxJu`(LqU-McME^J7CSF{VxM3!b<P#)3wk&r5w
zLaCUSNqy@Du)Ka&=_p~EuQe(Yy^nWZwtM!8iC90TBt|w7&ZL60k2n0az-p?n_ui*m
z-MwotOomshPu|zHKjTgnJBT>h7;Q&2$OYe&1Fy8uW^;3|doU~xt<MxKtJ!JhJlDw(
z%yC<x0)7AXY_dP5BsZ;1B($P3kgMUnjoMlEI2H|xI(>K#QBaI;@lHf<#r0BdLOjD6
zRnw2I>{0Uaw1_30aXpOT5TdjADrAY2zKW1mcCXupXB01Edz{Ni4x69sM}NG~=`V7Q
z2DXeGGO&Y*&Qz;nB)WZKy8?f6y#PnOeOsT9-ywYNuDEB-aD4&Xinn`^5Z6yWM=IDD
z%-URRNp-2K5IrW@Npx&6-R7OfA}8R*v)g-|az&9!R&@!wFUWRcXECJJeODbM4nvrN
zMCvz;INLAjt+DSzwRO!vVq42qe=R6&KI_KL!@?Yay#PUkNMY)~f9`xh?e%IQ>6D{r
zH*~?ks{_9jC|#Fq*Vux8PpKhyJXhe>A47G(NKiV1e|IlB$!1m<p$d&DfSK}nVerwt
zfjX0#0!b{XE`amw=Dr${FkY?p_`^3joOmi)aTA`t*Xt4*@*Ypx4@U>g_6>dF?XCvi
zx*NT5a2!fTM$_7OeLhI(BIT$-Muj)%7yEy-<hHaK!jR}U_~vcu_5M^PYAC}4T(<&<
zJ)7!I+L%Nkx##1chgFWd1s^_>2s*ihlvu0U>!s|pG**8@m_?YC!+2438796G(E`Kp
zcuWubyDRh5C@b&l%XhdP69&*iv0?mF;9cFwp|<AvGj^w2=amdy4IExMh}6&5%+sS!
z$jbU8b;w^9e4@F_A9NG89hNyRM18hDhm21tAvvHp?ZqTAoYs5G2I`Qs&*5ckA`@&W
z_w+*e%69H~eRucO{OL0KF4Toc$zGR^hkZopJaWK$L+H7&B^V!?to)-^JpXl3Hdj%3
zO-%?#+a`2woFQGnt>Ac|(hHE1lE^Um0&u>IKoRRK;bYir;3~zdwpD1*o=dk+-AFS2
z;BZZ(F!%zPb&0ada__1<x+=%7L4r$p$f(X3<Hy8rjG;x-04s1PV?HW)5JDqR<KhqQ
zVFBQ0<xiu!Pl>Kl5dJeaG0-r++3u33b7dU-FTnX74mp~zNhCTxVj#f`uC)6;56k-!
z%l)D?(yene*oqaKYYA`GK($PHzsh+=x5@b-TVzbxbnOL0=yG2d=jOS(KPRo8cDhUd
z$A<RgP{*Sf$mz8<buBl$B}EyH5lnhU_7n?gKBjRowbR3Ed(Yo}-)gYM+!^ZJEMAZ?
zcn;xPY)|Eo`aBuZ;}!#UHzi9fMzGsN(Qq@dXnzG=uT%FKgV?8PLkgSE9dM;BpG%Bd
zg1YC~?mthP9_r7&PjsfnyhbowJzQ*PL#l$>kN?0vmlYn)Pp&BTK!_6R>p{f4r}K;6
z&HuS4N0Z3g-t!$cjQFbKKziBdzINXPwXq_qUsjr1tCpla8%j8Ru#CBmi6=`RIV_0K
zq2hGtJ^1lXPD?*)i(^YxBWji)mDc5_(8q2p(~&NX72T<aF-z$i?Y1+sjmC*G@78`u
zj~5)4Sx^b3+-v$iDhNZhA>$YvR|1=Vr9cjmPT85~m6dMCj;1e_ZH*@}^j>y1TN;+#
z)6}&hr&3i=s?602ju(hU*FK%aaD|LTv%DTTG5BO%SPiB=V~gOFU>(&|DJr&k06*WZ
zQ))RyZ-{{5vCX-^TSQ)S+hSde8|E`BQWu%SL8|WTN7?MheXR`5BC0JG(ug&iepZ*b
zV*B1`hdFBVD?ZwhSz0X^wD_XRl;QRZfMz<|zgFB-$$S7dV1tD8{vwZWx!a;N-^;zl
zA=7;GN?vVVy@T)&Z>#^@Vd7Ir=23mypD@D~+-|r=Yz*J7B%hMHQ#(O8vMzC-mNCby
zr%gKTh8Cf#N_38Tr&%u)apNRI$Rt4yzS5Nab9*iKGiXVumV=T4rHCQ|_K5D>;Yo+8
z2J^`G2qsth8HX~y<+bCY+9)nWj1{8L4Y%AUWsTqLM2t!VQ3aRjLvg@A?heHINqB>&
z(nr`MzE3|ufsp487^uh2<y2FdrRLBt9aqT63AWM0L(E__WWT|STp^O)?Qfa2UXUWw
za}jqUJHVNLIJ_BHdM{}kjjoyAdfBwBXcR53?nf5e<`0LREWrVjV^M;+{zTM0#CKN9
zO*Ge4F~K)QXrkbBS%zmv&|8VOr6>?hGEr=Bc5YEag}!;|-r!rESEm;fpwglk!-ES|
z>v90qS8;kPV~<}DR#o3NcXoN{6K~M-ZI}%CI^dQ-y6M~cN#P41P9G=iui}$>dfp$_
zD?wDnj0QR{kul}Q_EkT?w`6YzGg?yI(qGP;c&(D@B~Nr;3P4?n>kBv+r<JncBYS^H
zUlhZ>NsqYpW2$n=SWI(btgz)Rf}CIN{5+W5=tqtpeabdAl+1I=aqDC}WwO1N{!B#l
zSaW$%W<efT_0zv4y-W6~7~Q(OtE^x|uTg<ma!W}6CkIFtjm(o$4Dp;Y3D7NvhG!{}
zCq-y5{{rQaip(z7`Um49j#16LR!0kW+UG@>VK2Fq^@E%Z1Qx`yNe;u-EvB;)nUD0J
zIKQZF$1{S;(JxqX0@f&FIBe2&+F&-xkO}Whc;cY7P-x$AO=o%_(>#;klG;!r<6;#t
zP1%}!2m((4?<!Cw3dDA!bMml3_&~PNS7<GTZy4j~HWlV;N20x4I*Z9$q^<ofuVHTw
zlXMj}$Ep~)D?d>(H3%EH;uQM?8#Otmfwk0F3=2MtMLhITK&LTy2=RASm^!@ol6-ef
zM0w)Zj2IUK(y5$-hy(01Jzo_8BDUMqJ?<X~8PvO_d`(=xgRpIz<H{;i9YSekM+_Hx
z50YB6P^b*0z#g+)Z1eif7i7jj)*&f{k9-0j?ksjvy^*j4l&1+z^!63&+}#NXr#J5+
z`|bB%fa`4S%3iz$WoKk4I=Blu?_@HCo5dVC?7lwNULHpsIrnp;{BaH{^iEmwJU5Ep
z>4{Eo>K*Co)1=LIBz8ZuqH>d#3=6R-8;o$@!&EU<iaGtZdhquKN2f`?U^HF#z`1PX
zl_5WRs3mUt2p_CUVAPReoOH6xJuar7@v)N&w>P(ExEYo96!0is>+v3~MP5{Dm^$|R
ze$v4H&~ELkS?Dtj8G6q>@jzwgmiQK7FiRX_t8U7H8EI&9&niL4Y0-Tnc0a34HL~JI
zc<5a;D?0XnEgnlP%9=KfhQyEB8Y1c|mpGU<XPl7FQX$iSwEL-*Sur=%;31q_|DbGd
z%Vz75Txpdop4JJ|ZepYPE(lNI2YFP1w-8-3^SqrpA4}Ka15xHT>Hhp!<KPDy%jttH
zcXjae**Rb2m}gB7*?D!OWTR)5g*CYsAnZK*i8tCg;{GU~J9mTLW9+VNU%+m>AR=<d
zejHk)OtAa;0%djfD#cfab2h5BXxE@tPUu{mRf@h0Q`tE|emDa?%pmr>n&uZCViVno
zU1?Qt7Sx#_uTT*_Ydhp7oB7_EsBOrKb~ku1^1}iR--sTZA;NLUY0-AM{nm-LD{75W
z(cTEh&1%AE=Xupm`f``TZ91VVDbAxI@+yAo?<F*|iTcJ9JxfjmuBi;s$aQRfaNjQ?
z$OCs2SE-1?rB+4taThPZupBW*NKfh0+>fU<X#KQj${ANfcT2C=+i2p-oIU*p5-(kW
zlG(Y_(%ZDQWJT}%xo!NhzH{SUSp3C$iuMsiCjoeb(O3KMS$wK`Ov8{xg$K`|{3-x-
zWZ7Ld*TF2f7odfGcDK{$o6T9PEl#tc;7y!Xi&a39k6Kykw#a39b6Bho`wNiQ#qnqb
z{X5n^(2FNd0JCi>!;6OdLuu+Zv!{%U)K%&0+Up-;nn-A<TMH6k&gPL>VwkW(1>$8`
z@l&Jh6Bkv9>@D@8n<5eUriRp#Mu4Jd19be<l~0vQAQmL+#b+<y*KAXWPhUZfG*Zx@
z#zFKYb#^P%PY~Io)s|}&L-kIx2_io3DyNPSse|5UxAn+3@;t1*D`c)0oclxjXM8lA
zF3>W+S%9gzp#_e(RQ=axeA9a&<7oD(!hOsiuXnB&M)4B+5Ss1k>_cbUXJu$0<N9B*
z9>0Q|qlpEEe8np{T$~LCIp(d9@T7+DgG}#hvEbNkn;jl~FQ+oJq<(1kx6d`<_(;Tr
zg@_-e&+=w8H5QW5n#~8E5eOiCk=#goZ@uz|ZnvJ3Y3sGHw^LAF$z@FI{Y_$$8K>U)
z0Dyet_l6x0i9K#--e+r8lvO)`cK=P7pmuMq@h%C!>nc4AjCh~0eK!tVty)Lr*Z=0F
z%sus+9a2I6!`z40>J}Xe2mpbDy>8|C*Or^t-8ip>Ed^o&2Y)6(`M4h_m6PWeo%$R9
zdi?MM$_tPfCY?fZ#ypOZNaRRFOdJ67uNTO~5cBYh`g0t@aUWs*Z$II9Xs=215veB}
zKEHoU!EmG5cBs@G_gv@bPIq%4#Sxd|_4rv9@Ss^yeM{m?jNfo&_qB<g-j<4G_lS&<
z6K98o3ec;iaD{IPNL6rgX3!MR6lV>Bk|A*@L7I@(_d4PoIO{k<=Z|{!%E6JXWAbbl
zS3p6Rr`bVJuV5!`9S=(rVUXOw+r{{i$Vc@3x6z-BTVwn@DRgrA2xCjBFscLMt^{FB
z7)WT7o;zKSTxFmeHl2D8noJTvp&73gNj#56uf{JDBo;mEipsf=-v$F|2u|#*d%XZT
zL?vrods03ymo}qAD&;?eF;h`W=eyOxT!3Zbj11*_5^N51tYUOEMR61S*8HTO!}KsZ
zs#X%2-ExLeGwFi}=x2g^*+P=`fzo!U;Z*rhk{}j4OVN2rb4j^Yolpy&07pr$5WZo-
zATUc)D5T#=GBDYfxXA@8hEg@?$X)4RsfJi*cu^V-L2$O|jGnhdANKo?IL{XXaxp7d
zKDAoHeX{0bh|TUrYcOCAt-Fw+{|(jnd8g!jY(0-RUh!e7_=}Qr|ATBGX#vlL<>%Wf
zu<E+maAO7oK@<Z0&UAR<T(;O*YBb_Sh>r^9l&cV(F!6STPMLOp&Eex7-zcN2*a}H4
zB_+2y0&c^eVGPuTU|1abX%5U~k6WpScHXga%Q`i~xAYrwY#ZK5TNKjIFs)b=*$|bV
z9~EZ#m~;*e5l-=0@n^O7;Abqlubv})s(ta!e=bCDFlHspV7%v8V%q}O@92;rPog>T
zYpwZ`uJuz{gPTK*M-ieZuf)LLMX6SUA~IA#nv{ky&tl7IM5hMPtA`}Ul3kYAn3<SN
zx=mVnVL+5N$W1z9Qu*93&0pF{^UL$=1#z7MQi+ueXF9@m-x$QPvLsIBNG&Wp^U$}i
zQwF3*dZ)!n<>Zo5GR6f>T5<SzV7sh}Ob-$`SYkQSA--kgt<jHv&-I00%8%{u_vtpF
zb}r`{?r8YB@dNTe06GcU6*c%kum6fPPn4XXri4dFWk3c-BPWSTGezUnYt1tvg>I4t
z40X}r)#xJw6A4ZWsYMJX$*4?OkP%8O(^v>?u!TRmARMHti8DCXXXR2n1U|9AE~e=+
zS6pGkDov&J5P^Luk6%R*eFnsdvXat7%7LO~ihd!3g;nOv-~g$yRk-$PAfd=7<iA7y
z#7jaAtdqMSLqh5r!*iM~=M-t?^7Rp(kAi9DYBEnraa|zY=+rE1KB-Y>v|F!nu3Zq_
z-VnP?jECKKam17a1K7Ju|J+s_qKgiG5!iOnPZajXQpooUu2Do3Hz1a}D9szq3BtSI
z`eI*YhQU+2oJ*@KV%$Tv26raxK4hS18oX;duhov-Tj}NQxhf*4Ai23jFv96$j(mM%
z5`Jtjsto5c2;nI>iIHp)?fu@k8qw%k=7|h?;~UM&Oo_Qc`@KnnQu7SIVmlKxd3ij@
zz>7(LWt4z8lE4++fkd(zJcRlsxHh049x#HnUny16pv6lHzwrxI<&SAcl%2jO)o?@;
zxMcKEN2j0tB&qJZ<UcTZP-8ONh`}?_eLrSgK~4@SfdsQTsI_8vi-G9l-NS<!q!unN
z>)1VPxVb3Z2#Q8uwgxc6P~-{<$|W+jI|UbzAs?7q2fOHnNG)r8)i2LbP4??nADLDK
z*j1<v&yA+9QpG<RX0}KXS9z}Os1xOSxc^v!l!KYbF#A4{CRTs%*!zpd3wbDSliZy)
za{e{B61x)WWPcr9@a~0=j{s2b)~RUJ(@CJo`%1Y(XRsubiBqOsunG~n4)HAEVK6#G
z%hBQ%>yz#R$@lt7+BWk9EW4?iyD;%#>X5(&>V6L0TS>)9Swhy>&IE36tz_z>mJjgO
z-sH33X^;`(c*IHSQzCA#qGd_Kb$wR1P=JN<(~$;Dgi|c-N#a4|rs$FI*9aF^<dqSW
zXEk2Sv`pHH5c=8%qkIIwaHnIUYxUGXEC^<_@8gKrfNj?IfjAUUmctDqj=|Zk@XvSY
zL<~I$`>}=T%dsZA+3}Mw8!)OkGGyhs3-8Td>p!Ey9hb#|KjZpfv<;2qz}|ZZE1#ix
zq+0kDlFarz-L6j|?B{2z`u}7SIiNhNK+hdEB)0#;5d(EOqTLTINoB_hs)43(V$Jau
z@8dmvbiY76ud8-*;(#~TdTbEvvL!RNB^L-s7=ftxc%mk%!iH1P^C@2s3Of+5cVXG6
zRZ^+5;i2F7is}c1CEI1z6q`b2yDn=*A{U3KlQahfA*P(Nwai37Xau}h)24y*cM)e)
zvEg;ZO&e<bnLJA<(cqR!D=t!bL11US^hZYv*Rk&JGKH)}@cGL{l{nl=7F{uR|6QX~
zA{XyPqn3h6EI^jzfScWvWPN3v!&b3%$xM?{8Y5E<H@Ul1f}IV4(IWI0kC<e1hX-81
zk9u0JX^I2~`g3rALbX%QERND#%u``3euayHKZeAnZs}jIu%xnNNBO*tU}7?Ab?3H?
zUW?)4JbJY5L>l!ymXT@&hxc&{!Wcq)iMF_@jvry^Z)K(85(KUSbLuDVh`_Z?K2AM@
z{d$f{pt-!1M|Ue*rkHS5SP-;f%cx;y1G2=`tsh83Sz?t>IjT5hX4*dPZ?i5l@K2Mc
zB1|`P)K0<hC1>KJq_$>5t5F3T9B=}GGLfE9oWa0dX4mGmaCA<oZE5g!E@i|*N)5pg
zU2@N_E5`X#u`>w#iEdM9aPtTl9YglwU|Qa=26C)Xq?Q{nSld|j)ygHWT|=<-qQ)Pn
z<dtNWo&MCY{;T<F97>dZ&V|-k89>vtXrb1XzDXeo7;Ke}MGG6*qknQ>r67lEil)OH
zOh2*Z@n;g*U&YK)787{QccBS33@kN4MzNg5S~VDB@kiR<V8j3u3zcKAU$E17Ghv5_
zgA`3+6tmQ88qB{pw#8PR@eI(l^bs!%a-@5>Vh7?A`HGJCLBdeIlaBeDTr&#f8_m9`
zV8W+T5W4H^wBTWpjmTPA$22Mq2#KVPyogKqvryXUdkeo-@<zYkTGE{_tXSm+2gni<
z-XoIh*Pd*%nMU9fX;hT}Oxk&uKlcDU#lUpt8}|;;R7DZ0N$Qka;lq!923&c9p-?un
z+DW|1ufIhg$U<E{bqPY|b!-sG5o9GKKnna}xXzMf4mDVf2w{PU5pTlB`Z*x$6tgJ^
ztr<7YqAli6Axvf#8V0R3?ZxfBNuOv`48bXWW4UTgW5{qO`XP)MfkSq&H64sA3<_@o
z#8$Xz5bt6ohIE~6Ai<L;LoZ&@P3>X{YbU)Ll-McSXl+m{oRY8yEnea(KaFEB8<y<1
zd@cO3JT~aaSv02t!<LjwyYDue=uW9Hp_1xC5wOySQ;pm5u=>5X6wg%BhzAm4q^w;L
z6v7vous$3Iznr*z%oejJ!qt-znf)So%0`4_P!qDImj!Y_mNpldWnQDkaQuyegf8m0
zA0!#Z@PmaRhm_Uk%eKguO$FmlZb75Z9zlZ`XcZiOOC`4SOyKdsqcX<FnSTg`U`@j?
zqL|VlAV)xFLdU|0oswIjE#n;4lG8^pO4$hrCo<?ndZ`yZjhnbE^cYfTaIxH^b7!eA
z3}L~79L0qSgmJL?by)XyQV%_m@Q1~ctbUib_wT9%eN9^&#aiZ9zKDncg4_G4vZ&O#
zTl7LE4CDv$#6o!A9X_ubB}t>D>Qa08f1JOfGq4*<AU_^m_<i{v1L_zJy>J1-U$Wzi
z0ha_iGowNER&-d6EX@1XtVM4AJLSC5>N9lIOQph0jOcx}{NJfxv%LJar6`2iaKlh>
zt9NpLg!D?05Mbr6`(4|2;Y?%T{0^Mz2qS4){c>o1j%Guvy-+iXK>A6r3m&Og#6v8r
zsRG_1y^6OCVW&o)j;<tSuw-*uX)cxkaY8mi2?CyYJMoKgP`RAh^e&&#0yB7sTk*RY
zFzYSD_Uuj}qbsp><bor%LPy(QM4x4)T{1(DWQO6mi7fmaL^>fgziO^ghaa$Ag_oZT
zmX^+K?7b&eHi3VK3m?B}S{DvawN{2o^n*J>K?j^6D`_I<hgVl~t{SC%Kjb6^goTLH
zaxUk^^koYr@Yzf~(i3W6HTaVIwmbiOpyIn(p<o)OuyElXb9(V!>|Miov6LDsxi6hi
ze&2c%xSK`3dPEO#=Tj%v3B_8#T3;1v#m315<r&WK_mHs|BnPh2c3A|_R5q+pJRQC#
zhNuk9k5o_-eE}S|DW&Y>k);H1=HocSgJbjXW7*TyM*$eo02!E>9wG#F@jZ@o2y3AQ
z)QaJ#gD`P{@64N6@7X~=Jg#YWGW0wN2F<ctU!Rp^+K3YvX7XDKok);flVn#fh<)Px
zxc$jGoG;6So+9w0d2lH~qF==&G$<C0a#Gd^8m|dfvr<QM@SDJbiCi0%eXhi=odAm;
zu8{i7n5Lymu!M4R-j^f+!%onzY66TE2F@y4>Z2HUF|NcmSgu4<eVa|B5ERL(O>Oi~
zW^Cah<msxJ&?64vi0TM6=~htR6E?pdVTt9%y&EjjYxWjcVt1xDLpu8QJG|MRr`p{$
z2E5`aWJATp-g7Pqic8j_)In>53K6&}`)VB+rOl7#YkfC&mv6Wu39<`GV&hsSFq23S
zIU!cC<^K7;vG}{k2gib;AVuNbW4t_=7Uj5x074joOjj?^NGwTMf=89ro??lhrZk}W
zbTH^b5PlPU?P@*_Y-vYr|0HRkLG!ow=YE)t3OFovG;XB`YY;^ElC<p0EY2~(fWV<e
ziPsjFmEfFOjDGeAg~>zvP!X~qdRWQ>3Y=PD?_EH)B#>;#IHq?io);Fh4fRrBl!R&o
zK7X5a5sjzu$F^z~7T$*Gz~TeVYr_uOHB2Yv_~~~zs@GCa#8D3%km`=&ph;%z@?@WV
zTs~a}voe-WIHhS>){y$4jzyH#e}zE}D>}HT{xQH$5ac)gjNm-RT_i<`U%XkG@X5C3
z4Ac7@92^zzy>vG9P)V^|orcI}bgZHwD;6_vFB}AkF&B~_LBq4rTu`LBhNg}b;a;L2
zngm-D-Jf0fE9*$Urg1ZAcV-}@mSYEIK=cy94G)eW6CpizueZcXaNb~o^r5M&y!=>Q
zhJcEoD8Y)8=)~9RuKdK8{i%Gnz4meLx;_1Q?n-a*+3G=W^#8!JNb8CGU@DCf0t3}y
z^gRB0L(lyB&osb5AZT!KFevc9HXpw3IEMfrQPD85h}q;(&;_9|NSK&OU$+*r>$3`F
z{dHUaIsgWE0hDFcc%Qi@Z9my-rFGhxK{kHH+Wo&bLvogJmLfGuUN<KAp^ohb$Jyst
z|KCUaCzT1=%l*@zecN+na&A5?&`MIfiL9?=7t^IuQ6~<9oo7LqfbsZbHVwxFTA@b;
z6<fRj)}!lx?!8Fq2EAmRiEV6R;Bz4`JD1M?bOaQ!PG-5bqwAgKben(M_R0KhvvAKd
zXR3n-ZFP@TtY&Q2lunAW1TI{Qra9zFd|bhZAQ&m?a`ZIgZiC(u{Y?lH3*uV6n7!r}
zUFCCe0ByRvvgzrc6i*sT6B{mi%6BJ&h(aQKLLsfxrukrg_LK(+KNuK<0>zH!-1+4@
z{>(PB>`(COP5d&+6)emk-@)4q(uX@*t+{45PRP$uvDf(XuOnq37_Y4I<_@cDIVaQN
zk}upaqQK0{aFaKdTlTsL%Q^JBSo4&)u*aJnFE<^)ejc-<-f&S3U~(})RTjKI(n)hR
zCn)ckdni0#r1Bs_*E}B15j^?KuxzLar`K$&tVChlH$g?-M`b)H_-qPecD;n}YSzHZ
zvGY;LM85M2?zcE{=7+&ZAG4f)Cdy^m!yjyR$u>fut7z%wCh+UEY-?}X`L_>^Ln-3D
zc0QjTd{$gP|0x@3VndqCeq^zu#4dsl{=z@?S~e^x)u@Y?Ntvz?%qC@r`(;5K-}v5K
z1tM(JRSi`&iBa9+G!9HzRp}3<2(6OTtaWClsLKCn<T{|5TAqFcgajfI5~_%yBy<c_
zK>~;n1nIqq1f(~SCV~ir(3BF94u;-~s5B9kUInBR5Tr;4K~SU!ezCmwdH(O6@Bi)D
zbI<JD*_m_q-kJTK-MhoAvikU|?o6fDmh4*K1EW!qsG)q8JOYkHlNS}&)yUi*lEX|l
zmNar&)B2@c2$RHm%+w?2XQI)RRZFs~()VqbXv&Q|E$)6ecT%%l1re2<=r*5P0gDtc
zL`0jEU(St>PcFtWNz}31x+f>Ygv~`lhxHnQ^s@A3tp2w9F$?ePG+TGL;V-K95E@?!
zrv|8}s<)UV>R;gy6}d?L>G(;bDpHc_;5^jq`mA#+)Y(3){~q=9`mP^IS)Ulq`PtZQ
zIr1WAY**R^$Aa{+JnQxJj-Z*k4eMa_3qjnO5DCcMBe&h!mzhf?MPrXoQOjrD^`v{2
zY?0oyw!mVKdLa`^dL!Cv<?~Nw(>|`HeYUm6M5J_csbYwEt9gZv@(l6cME|vaw`^5X
z8+rS-$ySr;WAton0nO2#yF?PD%zwF{jvhs4G<#}!TW)NRiyu$qR`1ChVdcRTnXZL~
z-WMpp(4&=Q*b1mYtDRmDUAJRilIk{a#hRDf)`792(#a$>t)-L*%m9mUfenQG*|9=*
zaa^q9I>T?)La=yOu9~a&eMGvf^f%-HrYO!^im}T+`)=(UcnV7#jQ@%sYu;07R)g~6
z^&;x;E|gjbc8g4VFwaa{FBzI%3|TFjt7~1ZVs^K(ep*UDXP7sr+xUZ7JM5SMbH{!V
zX|8R3Tl^G9X_D@OzG=;DP1Cz{`f-jKEl46-FZ~VXoNjSWLdvyrp)hsfqB-7zadmD)
zL`6Z&*1l2$G*WE&BlXc@`RhqlBH4Ql1I_Ix6JAWzf2%Bjly^B!SVX@NMa*Gc^6KzR
z(qg<5jtJC8RM4W!3cZNjHQsK+sah=QrYRiV&Y3-?vvR`12+Da&u$<E)KQZsZtJLoR
zZ%%*3^#D<U=!+En*Y=f|`Ae@<wDp9J$Kh0D!?LBto7OuwxV@TrQEFe*aJ9HRtjj5V
zry}FQEPW<nu?8RE!76KXwcwKzIbNIV^Hp|U>*rN&1Q-XjpgI3i9;klV+D8q{G8=e_
z?9hGW*kIB5RYZVw)>*VGN3)`>F*5kljZ?M|k7<9BY1FOfhWqA`3D^BgehZrihU<e8
zNA<sOGY>x5DR$C|_F(tV!|Xd}Gakx=9^0n(&+Q>C{C+=)-`dF62zqJE<a4{iu@g<5
zkc`Pp<>!#nU?r7H!(_K!e3fCN&MS|s?zj*bdqHW&(CwRXbwSLg>n>C*H7vh)Mhq-&
zrN%;}W?ytrIWTPzv1h1CR~orV_g_e+Rm5&eO3H-7M@#bjCI$JiUQIy*JVr_NYkni=
zRDt|hv8H5%>yQ_%8Mw*6Vm`=f>{r4*k+`Jy375I~dyWGs01gXDnir`U{;E)&kUFaP
zp}*T?VvMwPKZ~-Twj{d8Biz6L`1}Rd47G^&CNB2N;#0_1qIUtAvv&!@^wc!q{eoM|
z`%mWi3A6rHa110oByrWH_LJ0k>*y=N3ixSD>I;KAk?gv+k+xW9q<@J7q?0X-y^Qmj
zc~pBvD~Mi<HQy<Y*T~l4ONfI;d$m)0LtlfHuoOz3IkG3KcE+ZG1JG2WsMZYWHEh@v
zpY%J&EdEy1^P318!;F%`7btbjMImLgX;t5uQKpE{Y~JcPVZZ!#uU^G@A<Wf_D3z!z
zUO6Z$mm=+3mLY;-3aBnexE_3nG(SLxIkRYq*))t=Ayv)!aUj)-9VWF#m@cW?XD|J(
zm<CnLQ2T&eNh&tfPBKp7JQXT=U+FBGA?%@U!@wQ69WeV;A<of?H3ktFtl`L;8fSAy
zkKv>U6B~Jx$-yZsnFsC`rR~K@akQ$;zO(>TIzwGMDHY8P#@TG=*@6JHSp3TBu_kdt
zu_uY^m9RtoB3~L#q22-Sm^+43_W5)y5g(jCzcz(@2M97@X$CrcP1h`{S4s^Vf;%aY
zo0k)~sert?;x^_R>t^ydz7_G#YJ3Oq>&!?#K8_M%yiU3uz0akp@x|yAn_EAkV0!X)
zwydDc=1BxL+?Q+0mGCi+kFdG@IpxNNz-Qa*&&wg7$;WI|VQ*8RN)DQ!EJ-B(50XNn
z4h*OLC;x{C>U?1TxjN|Jf0VcR{)f4-c(6M#MGg{_!JBhT4%)*&1KZS=#PZ>8=YX0g
zVM?fUbbk<$_Y;OaD(c)$Krl!Xu%!rTMNxKwIP?KLI7TQryAp_?#0Z7Q@NMDo9XzQ&
zSwI!Cbo?>-ZzpHufzyGYA?fb`V~nC!BnC4)0UfOz`81Ju)K|0bQUlFUZdx_b0zEZH
z4_-OUDxPt73#$aiwlht7x&aFXwm22J`T2Of3&0(UdkG5!nbCCx6S>CRi_?{<cy<a=
znNM27nGYEauQqdRX^&9wDz<Z1;;+~>4Z6Ln*$D^(sifuvV`5_Qo97|Q%l?lOpbcyc
zkIn}40{1S<cQ(IFj+5cBu)0<>9cFgC*H)(PnFP}}9#sJP!FJqjzGz)vY7M&xYIvWU
z`GEp(7_{l}p0qyk#?O4-k<RRtWYlg>SuvJlGzr5~)-~Wni3QX!Ex^(nTd(R*+z>e=
zPKof$gV;m%EGKG&SyBeH#bZj+)U!@_9qX_zz3Q_?)|D(Gv3J^^Utk2a25jWAs!2R*
z*w>&ws^;J45jDQ>t?9P5z`R^R{1#Ea>re7<nH*it{zT6|QZoG&U4EfwCI};3k^u^1
zR@5Qq=Mbaj702>O{ld=Vd`>^Hvv+R6w?&hpv{sENLAy`-=kBG{8}!WP-(ZsP{TC+6
z+bL8I#R}%c?t6*>XH|=b*k=BpUCH_)tHT4sF?qKJN}|N_n-<Q7Xsrr8i$Y`%H^vU6
zG=SsZzv>3>D%wC>yh@Jp?&Qrq=IEZji;VCv^wl0%Y3I?Yy@Q5*a8>qle%aUZ_J!lV
z>-EZviFqPNpuOtH_8g0kf!0;`>4?e`fh>acQ%}518e`6~PkVLQ+_UrhEINKS&19V~
z|Nc5^Mo1<3iQi@R13n(+$B**1Jw}YvXRetHflegw5$Qu{(G<;z94{q1+u~eNu<m$C
zBW`)m0X3V_Z(euT{G_H9cO*MZ8mp~q^D;YMVtW?5O@;K2XSrsNri5P$ozNb1KArnH
z%lY1&EDfcS#fXYz9g(v6LB_aCwj#`zR*n4;jlEg<4Rr9daQaxId~|yxRt1TF^w2#L
z*$9!gssC+b*1@9kQ2NQZc1!=klciCA;=L;7;ZvsbhG9{Pqo8894#wm;2vngZ(jGL^
zE<+a!t}<ACYNUsNv|-f)BN#L0a+KB!maAe0{FXDpno))-nt|x*l|7DJL8aNp7uYU`
zy)WoC=wy~lW*6EfSw8+Xet!HND#&ihErTh`c=Uabo&-a8JohYBGB<oc+UVwaCnX~z
z%@&3)^?7x<i0}XuMmP<umHynK#Ep(N=oPng3{CrAMpwTBMr&}%6@%HPMUkgixQbw)
zdsM!#P?F-_X4>%rRICoPZF8G1Tq|}m7W3lWXUZ`;L=%Uj4T`&2?)f$994v;0#k;Xx
zi1e^l)YDDe^-Aj~`%DmW%AZ>%R=47&81FVhDK9a#8H%h-^{}1G@)`U*-tLI@dPf1)
zM=XBWlhIq`qLS>@$jx=F)#VSJ@EA~Ir>A-#?N|BZ74|1Tfqs${OD_35UfXFvJaZDm
zmUa`(UL{abZpHP02;FoZJ@*tK#LZZEH9*K13<A}V2UqzOSoKVc!;me{LWasCX>zJM
zge-+8R?7v{6D(7~Cr!1`kUj=Y`zI?TGn;SgUa_*f<zQXiJGoLc2&xeMe|Pz<rEA~9
ztB>^uGA^?cAnInUQ1rQT`Uh>lqajYqeLc2VdlKDn`y=H)nZ63-Ob%ZRUZp9_eI0)>
z@4Z0%(#}+X;cl807xHrHXp&%>QdfBTP?)T*Nc@`c?P#a#d_kv;gSHujNpgUa+Uv<d
zz{Q|06R|d|U0|eX`-1Z2*APJ)RW<+*k;3pAPmh$<z}S`!=1Qc(%TfCSA}7b-H*Ctu
z4{C4t=M$>#6X8C@>s{)eOmf{95?ST)3&ap_s;@n5d?5KUQq=aDPGti@(!`1Gk?YWU
zCGQDlR@|bwl#m99Qa?Fv!ThW#wu8V%_31RMWA#na)as*AT)YN9;F0({<z6A}r*A`!
z<zZ8V!bhFxLLjDnDWP>Q7_XKt3oZyU_k|~3tv`}waa9N?zjaOIsP}aOSUW{c#<YmR
z)^4J>#eGh<lb6Y-7$03>9%^U~HZd?Er~)&S>(#g{oIy6FC56tBv9g!6uT~TaBqj<e
z>Obwge91`G%hUIVFYY{_^fhoAT9QV8Hq*0N<?dQFFt&AIV==Eh0Wo{qRi9oSt<1Ih
zK;?m{xQ!c}K<Dbrb6qE~WxTwKmHTDa@OOY2$ws{pd5+#lAV_*8H!ngncmMXKdP#Cz
zI=K4rwG*}7`46zz1%>Nm7uu-mT`kYO?VY-&Qz+1Eud6f+SG**YPaD3k9{yoIp-kQ)
z*GZj;M7&l;SDo={^g?;nQJLf{i&f!ZOOh*R-aQA43dD_Mw|>t_QI$O=g!eO}j6M9%
z5J)yvw@TW=H~IF_vzc|m_uAq43ZWcy@O#aXJ&7zv<oNa8xjWhGOiO<fm+|)3nxg1D
zkM5N!MAsd8D&_eTQi&&{f`DM);ippi^RWIhVpz2wJ88+;KI^}b*nx71Hg0YO$k9A`
zzLNZfhN)?fQ6B%f*z+TO>K|zMCm0U?jfOWb>1EFRI)6lY><1X;w}R=a{9R?(PGvS|
z{cjtlt3`T_xdX|5@@|B73Ru25*5Io_zu$iSEQt82#yJUlqk#vJt2UPucSG-W495(>
z?6?Cc-Tq0RcO4Da#idY6jesoh1N<F0eZ)8*!X*AJ`?#`YDnt}!rfJN<9pHhXQ{L1b
z0W{`{Ad9^5+U4qV72OrSCo3{09objzbDq;i<fc1RPJ`X$vP_80=+RsU&&Pb=L;{;*
zp}?Z?2y?tluF3V!6+-F&sgRo=9-*z+9;A!FU4r57lu&d)4&5Ry#}NKwR82lL90%Zf
zr2m0P_)1tC)N5;Dj)Jxp&h=K7qSP7(bXk1iU&gu1M?muP&7Zcb%PgsFkO8ZoZ$H4e
zayoPeWzAlYtERf=t{7~d((rf#)C)MKNOi`q3lZEFE(+{)C-~my5*y)(+&9x(=;Njp
zC&8LJd)>w1!IV>kC`NU$vSMwv9y1?_$r?gRsnl-NdC{5Ex=F|FfZMIuX1P|DS@52z
zwRYE=9a9(6QDfSct`KGdm|xtcgSx2S{5t^6w79ocilTrNwh3to3aJIlm(<DYmRQRr
z^tSm|Hn@LfwjgCl89lwcP_DZY@0Y(cMC*wrUW1|!Z%#KgdzxfTfAmp?&8F+$yQwA6
zdcNRKQvFn>IxpX!oWJF=_+odFL;1-6C_Gnd4ua&DB4>kwTR{Q@3Pyb(2jO8OD!3D*
z3HMOa*UkpQ5ES_MW)4Ce{`6sz8h(zWA4j~r5Cz*(mBbdr(W3M}z_0}!ax?>Eit}=#
zHZKgDBlVu-bv1t?;y{z&iyy!L9WcSgh;L%>DZMMJBC*^TXgl~mU>E$b`GzNJf$n?4
z%w|;OSWXGjegn5EHB#1O!;HI_)@I$UXqobGo$dwI!5ySiVq|^CY^C4yJ%Y<^cg>Na
zU{v8~<cE}EXKF3BGFH^m^Lony^kI@Bf#D93i?%vo5Hx#2C#;$@jCz<XP|;>$9qtQR
z310bt<#f<D80?h9t@cvFQ@yhXwJQY&0^XKTd1}bE4Kg4olzU`7-;;clB6egp)~Yuq
zIdAQlp%z(G>}P-@jF>Agb0y|+{i_c=wAWq~fFl}BMn`X;4-=>8kF&}y?pO}JmNWLQ
zpn-=yvoPa9Jk^%KHRk-dKSr22qncfinFSa2*?vD33yL{<1@z@QVRY)7I#vS|j6za1
OBtt3wBo7_Gll}+2jA70I

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/zfs_zpool.jpg b/docs/userguide/storagedriver/images/zfs_zpool.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..17ab2ace50d456aae6f506dbe933d937a379b846
GIT binary patch
literal 30560
zcmce;1z258vM#(f?oNURcXyXSa0%{C2<{dF1PKz{-QC?GxVsaa;2N9+=ilTT`DW(K
zf6ttApWC}1R(I9g)!o%q)xFl<i>LXg?*N*#xRf{m0zm*w;1BS$1c(BVAkcG$1ZPM{
z2xwSnXb1>scvx6ySVVY4L_~N51SAx66eJ`xWCR3MEL1cM3`|T+BoyqI*qATTF)=Zo
zg*>-~2DgHShQ~lcK*IQs(^D6K4hPbP2!aHm0}$vSNOaIs4?qZj01z|?1Oon+U?HKP
zVc<Xz@K1{X+#iew<-c+NR_GMdC&rMU17(#nFq%)cSD*jvtCO*8`RMvn@ZrSZ8D{@R
z0a)g{h7gJb02rTkZ!iheH8}w(a7zrzJ`t4|*k$I@L|C<0G9hZoDzG62^8veB=X%@3
zQbxVC6WBu2_BQ}~+WhO}Pi5-DE3FB}8r>GDROp!}9e;tQs@F7EL>OMIWdnFHkH8D{
z%n8@;&pht;T!58ORwka>9ssaE^gPqx(&26dt!+_F_6HzAUv9EIO}DT7wdNXB%=PE*
z+>Etps=c3K$og;NpRa!;qstpKfaO{N08Cgro=GrFZ=(PR_91To5|Z{e2B%f<4FI?K
z4$Lc|^nND&h4S*HH-LO$6eA44peh3;?K9Bz{^uH&DN)BiqCf<12*Lq?mo95-0)WWa
zW$=c~`j|;ziwtnBo<1`poGsiV`vF)nC;nsr(0nvs0Vr(-U=bz6G!xKs3}t`qdBbfG
zZ@JOg{d`1UG5QYdl?Q@*LKGV1D|>t#ikmH1ZSYSjc<W<4Za?W-V`yeP@|PxF9)reu
z*8m~*#JL#&GQBBqZd^Y(P`kO%u1#toX5bFsoj+IOVrRo?{#fsRDGX(g=D-d7Rs7pg
zzDTI?`S0r=c1h}&-<@e3mNK?vJfMOI3^s%T5b2L-GXU6JK~gBEb(-mbBTD}YBsCjA
z*;fMqq$+rP0I^$NBUnY~eFI=stI2_j!Fgcq{?7=VZva4bE_W7R0pXjlhbG*PI5ybl
zfM>-R0H8@-bjriEjQL1})-uMx{@uQ8(20uE2LOQJ{=!2508Z+ngH;Kr*EZUmth|J5
zQ(0hLIGK`Ld1!$(4HhGT4ofz~!w<cZ_b`Vb_<OD9hXe09Q}});IQ2w*uiB8wF)UJ7
z#pD97JwW#5bJS1z-ZWIUYY#n~-}*9UBx+wQD=plych!)!mA$kx@Zw`^Ky=p*4QFD=
zp8#tc>=A!A1hDXPJ~iny6Fx#O$Y}xE7hcJ(+BSOUI{~B@!VP~xOAw3!02NKTT+ito
z6vScGmiNV%T497V37+RMghj&O^Q@nPiU%{nRd52^C1|AC1)<!w8sN}mM;5XJ0L8hV
znE*1;2LL@R5>*c0?G$p*4(?I7A@CeGd48#7#AY~0Ph~{Y$V5NvrDvEupTHv|Nn+R0
zBH<Izrxfr?VUnxzSu_M)9P{Gl&NN9>&Ce%5f8fFBe10Edl`o1N!OOX5uH~kw({tNd
zHv^wstUB_!0qEjVvFkf?qmCXEp|OdHwMZCKva?{ZdYQAEn^)A}wj)pJqfL9d_cQjJ
zG4(I;X$}T`NYM#!^}O8GY{`{jLnMatnT_T4GKFjn0HCi{n(x4M{55eGY_O*TmhDNC
z-vNNDiEa0QC&C*5wS0;{HUKkjLe>ZR1STuL0|>Dl04i%s&u7XJr8;3S3$*i6arUa!
z9n!zss48&@QHIU}i^lEZ>WB2zv8~O?IS+riDM#A8i(HP)m?s$juL%|$Nb$ju5&|6M
z|HOrW0zpE<!2S-S5NLm5{Jm&<v;`TX0I|W^%@WPpM}bR5`8%e7F5k)n8~2S6+spvS
zA@LbcBy$O%m=1O@%mBcPVs9`7blLuTeA~80??c_>jz=oQitwMX*a}PK`0;KTR6vs~
z0O;gDi-4W-M1xE?_eN9|2B3>GpGhtP^1}ST(t(v4p3um27V2H*WY)gcXU>0;Ae|!t
zP&U}DZR$aI+)x$oAVLAAEAaB5XaK<YHzt6eD-5>vssmN%LKyKu_MNyeNE94nDSn!J
z^JjR&PCbB#xJ(Poo+t4HD2wMa>{kL<JO%)S{`(9vwFS$Ckod2E;L5|2j(Nb7YM&t^
z{u_jItgxT1<qt{F419*PcNbns=XQt>V1@icKdmU~9_%M8<+Ed8MRF|y03NM30NZ>7
zNc7r+_8we>`M*W~C-eR*78d}Ja3f(zVcvnhcmu#+I$pbSH$c0|z#>vU1dKaw6u=(y
z1c3i4Y&Yv`5-e)BkagS;CoJTvZrU72P<;mrLwu0FPIU}@YX=_ozUMoIh4SlDK}oQh
zV$bk52d}{hummNvDEJ{^XcX<dt2B11dew%mu_pj>%NMLGUdMp6TVA&FPhcciMPNVS
zu}PS7Qk+cO<+EP;L)69LfnVvt;rJiocEJHuX}A7?_B%{_+6CxRz7d9>EB(3oKO|oM
z?*LRe*bxsLI-VIQ?Zf~my@DKoEE)O@<Xc7qpza8S0hANC--I!wA8W>+9$H+i7HFhp
z*Ks!R)=Tu#c<J`0y`T9oj|IwEpMDJUk#~SAir=*IXbB!oX~8B0Al(tE&qabG04~Qo
zcq`q$v3>d6V(rQX4CT2`-7J~{n=;e33b+dF|N6Kh?_Xp9z_0?qh^6CAYWmCP9RL8;
zuME3bovgLntkk4#)3Ev3!yN{+YB}vy=#^<XvwJ^d{y9PZ8#jiAgn|M6;l_|?|J>+z
z-LL@AvIZ<Dh&-feMBY+hWm|iL>7Wj<xku!An;(O>I=RYcq@c41P<{IaCLcVtxrJv6
z<gN<e&qR)TlH)qhgc)HD7jNJ<7wqx8SqnckcKI3HnF_rvz!Lu|!&Mllx%Gy5UXMRy
zK;$H!LOfnWqHskAE4puG$0|kCj6DngPZGN&cqOh90l;t$_~kkwAqi??M)8UU076s^
z0N}q-i-fE@^yzlUL|n@O9PeYZslbPVj~xJrD6#`I^Go<<7M?K>`hAtj6&ko%)uMcc
zO(Vej3OsFzE#|u6a2}Ssg0eqwF|JxTA>c_l-bcmY04RZ_;O+kgiJtjg>{s*61NTgi
zgFr`4nto&0WKMlWVD|=WY!g@B0E7^UH)PSV&qXuR()4H`($(crTQ*2v2>|G=g#pN*
zA|S!o0mUo!6f*n3`#+ibU$ChB0PyP84Gr}jY}Bi3fk-fU7kv5yO*)4XG0g%QljWcb
z+DcUS^wi&+-=hjXi4P$h;ec#D5D_Brsk04;bQS=w3uydYO_N!ghvM@au#$RRhsA&L
zCzJgFYG87bP+kFxAb0{OGT2GSLtYR=W*uU$F^sklD9(2aSP6Vnde#RC{C0PG8{u0g
zFxK%NJe=Q>9Btp9>$ycJtN)f3@YpBS4I^FnN3Sv?-T>lQRKzZCCg#bJPlqbtz6jnX
z|0!Yr1fL7`PXIvew*>;&YMB5k9RmQ+(RVyU5o9U>C|Vm~fQIpR9aVt8HxLGiyUN&)
z1m`+5eMo7LKZ(s`JVQ`l_!*C5NoRRkd&N<84X(V}nqOL8sjRA*2UkG5WW%#P03dJw
z?i-l3aJdrd4K{h$5%4YtGBi_D2S>E={W}9NRBdWj?b~4w00|y1s*CH9wN2>*m<%9k
zH77UUUNal^h7gdz_4lW@#^y!4vA!S95bPTpTU}Ln2K`I&0=qIV8UR2+LBPPlKtMo1
zK0}^wYyc1hEZj?U>=!s3T<~ZZm{`Qj!X&J0?3@auEaajhcCX(U{N=s}1P6Koa`l*e
z>9Ha(epKL4$9}u#>J|$-oiz4f*H}Y-@edV>P;y<N7uXYWO(wKud3($Iw7A@fkT}CU
zW(q^sZXDQGgHfcib)yo@1<F!J7ABUtFdqk;@lOIw7}bJtURzbyPX@4Ko0R#c8hxfr
zvNWc8nOQ$fXN~h&m_Ba^{SBPr!Xc@Oa#LPz1qGYxET`5^PNY(bqP|W%hFDU`YZwc0
zB-R8d2`FYxU3GKwR|wVLAfyS{D3d~rF&U)Zk&MMQ2g;Ou%D|$_rq@IFVcXZ7?Zi*e
zrB-?s)(uq|5x+e1kYzZ$I~Yv!AV_+%QSvRH{mT4&Y1NqQ_U+^j=42}^e*)uiOg(li
z{OcM!nZ^|MG;Vtxr~{`$R7YhQ9bU8%hL+F7%iJai{vA$%Qc)_Mzz-l4FOdxIxYKHd
zHCzlj@&NACcs7&JNxu~#F-sO5`Pb_k;4JAYm+j?s$Zl|jYCW8z%*q1R)#*3IxbfVm
z@<36g>>p~XSmf2Qv4uANs$JG;+3-u}h#TXkzV%`+!+r5}4;Dy6-;m%}*}8>B><gOV
z6$Hb6KG%cF`609TWk=L2j&RpLdhVE`zFX>Zh@|%_r$8D1oC}AFj(L2Qn>Ej<2I{gv
zq8-#NFIiiEvSvGNSDW35Iiz{h@{nbP+Q(}1?VDa%)k71DrI@#lhHcs3RBlW{P|YE2
zbY5yzKLL?d3MQYB;F+d3n9^xm<qD$W6OE_B^UqmJ6%<0T8>xcGJ{XmKQ;aX1oe8$S
z|8U~AO4uX~+lP`R?21qGGh{4lIW5iP#jnJH$GGk!b3yHo)3dx^bS3v7sog^G5L}l#
z93BM8Iup4%WxigPbtu2u&QW@qeVr7<H{tA(IE`m4YaYgu&))aXMG%|Yvrd1t^}sq8
zA$3`QP_Ua;KU<ON#V_K{ai+q8_jd(I#<HSLXX?MpzzuO8$W#Bp%+^q}2fJzITEft|
zg3B!v3@+>q9_WL*NfeZzibZENwMieB0_nU8Xwr<DQGsl*3x1Ez2u%u|6<%455I8V&
z*s1n^Wg|V_@d6vDX3hgxj3dJ&E55`fiRGzGCcR^Y$vL&>V-Ha(Qf6Z^jtn077Wk?w
z6IUEA^F}11HkQb@o)CyO_uZD$@WafNfv}{S+*!xEgf@%>#7Z+oHL=(rVhi72HOg5q
zCULJmn2d`Tb=r=5>m%;Xl51wOVS?Ag>5<ij`C^dWOVh-o#IDrO?tL}=|1y*E!SfWT
zjeRPcz8-As9w(oCu<X(LY>9k;eAGm};GkH&m18m}J{%pEK!MLF&8ZV>_1`2Tb&*i5
z=HV$n0c!jA@0JaBqs<=c7B@%NY`*P&j5s6|3QY;+KbIq#YteCQd1-VAX|CAGT-4@+
zvnCvBn<>sUL59DF9(D=WcME0g3BmH;V!VjIO=t;*0m)ikv`Q>C6Tu%vpO-CtwY1<0
zvlc%qD_rHM!|$ul`7k$Qi?<lIsjUcRAsV4KTA3@MJ7T3kBoE!hVu?snC=6vAQPg8Q
z#%ccz?SJ&T0VOLDsV=4Ui=2#3vZCwXrO=CW7I2H$#W@xXxa?-RG+wx{q+Ba`)pdGp
z)7m}Hww9Sa<YjRcfqYbkWmjR@{-4Y`=-%t=tCl`!yD7;wE47wh-NtEo%zrTa5R_xw
z1ShEvs3Je?caDs?PIDhKr+RVOMM2Kfj5C)?^{cE)Y?3yp>d;R>Y*Dv<+JWGtu^%eD
z4n5IZc!E{T@h@#3if<4iSo6)xeT6~Vb=VwEKG}8jAu>T*iL9crc5@$poUlYa;Meu1
zRE4f}#oQ*2ZZd`_ltMb^b{=bp{2(+l$AC)q&D`4#@XQ11GizBllcQpo99X)1$Pk(i
zzPF#pasO60y`9fGo&V=q+b&94O`jE7>j_B~$x!GaTZnkID11Sz&tjG7v>iuw@sY~C
zZ(-(KH^z$L7fB+D)TO9CYlvI?5Q`AU;Q309)1zf?jIF45PBZy6*vXbO4S%3Olns-D
zaNGye7~SJc^_+r6CA1K2TUM8htW?2@{Uw9-ZO^f~I*bGDoS}aC>IE**<g-=bjNa1-
z4dj2v)#WaP<*mJ)XS&am$GbmK{24+({6Tu%;EJl<mvIg%IJ!GNFIY-awcu;4!U1(;
z;zJ~ycbqPjBQ(7Zvp<UiG!}^{z1rp%G~I<>(O4n@)pwiEiXBlT$AA$-i+|otW;$L&
zkL)5fR|NpU(tU-bY;Yo$s`1JQ-|%BcEV1bv%yGF5)mB}m)nOF|sD4D{Zurg^ZPav|
zaKG0H)qdWCxGW>MjB(rjsqS=MJ}MO;e{wCn6LWKk4wy*j23?*;F>u-GzOoWm&c3EK
z_Y)NxN}u}L;8>(0Ls0eZt`t}CpwI;0JAM5%KV5K18Oc_TW=#TYFA*yPT>>$-^jieQ
zqaFCgJSlIZRhc>m^gBU+up`cYjZas%M}xRJR+qK;pJvSzbUKmTcNSXDT5XU(3Z}Nq
zLFyQ6fO@y&%WB<;%lZAYTAp2KQPOgXow!^h8Ras1j13&b5Vvdyt!Vd;nDTE?INcGW
zUo7GHuCEa2i;ud!c`sGLkUxtE{d-$^_%V7$Lb)6s2<67#v-l&NH1~?2*F_I3mWDyV
zNb*p--+^tpZKY!Dipcp3BVN$$vu*#U^-7jt8RguudI*k6^fK=-D=13?GHnpvJltG|
z`2T?jSh49_JUhN-j8Alq)MzFhzOWjncd0c<V-cdN7TVYhp>F~^ERzm84#cPD`^i2a
zx6!fC^G~qWx~b;Zl#)w-Z&ryg=m;Sl{doL43h-?VzMY<rb)g^(k}y*I?-YFZ&76w%
zp8d4=dyBadt9%CTK(*msfnq{<F$9MKda-wy3Y0}AnJNgc5N=jjych!UMedjLG9hGj
zYInb3j6kATMRGXDLYXjoq!s5$q_TrQWB)FIG`7Pm<Fw0voW0hdOD1GRx14_^^!+1N
z#t%FF8|hSzo7J4zAUz4%o+qH4qLvaPJGV=jHd^ISJZAtg?EJzQ#xQTI({-`*CZ1dP
zG_I@joK3j!;M4${J~*}1UaP)}^30j@dY0sdIcjuWVCC74`)t>x9@M^iV;UDGa_3ke
z(l1YM58>9aM_Z@jNYtgmr-r^aCL{K%vKo}GYhjRfGoMjG#6h<!DKpnw!L;Q>!d1CE
z{g<JUnViVD!F7t#F@{-0yjHq%Th2y+(2s$^c9CX~FWS(pqq%oYwCcM+PFyvt!5`r?
zghVeq$;tncpJ!L;5!(N$FBL}`h2I>VdD1C<`og3$`yGFx<j!gOAItX~#Pc`j)iyM?
z3lT1;2L|HO;>Nh-D0eV@zoYEZ@T%b_plzyDlH_tRu9&RSh^uup1?*$3MJPHW<%f~x
zeEjg&NOsUuK^AA^wagVmUf-tCYO3|--3D4QMqDdK4)nfoT#L|Zgya&Edp{gfGy_l0
zQ1?qg=r;a$p}mYsv$RAM!g(*XyX(UxIX-lHEtdBCqVS{HfBzf-Meu=mLw1T`V>eLz
zIZCo8WtMWu5vs^ENa#S5vw~ho)v-4Rk|iME<%_>ts5d5bhy?Z6tQKN&>hMOEk<>}R
z8}*OHCP6yG@Eek)bh)?ub!T}fM|=WklmpuNW<FNYFmMW}zj*>0t&5aGH)styUb4SV
zhfLOf+nnjGWiS(GF9VVPzV3?ZgW(eS0rab_DD3yay>Vj*a_8S;QNH^KpQrLHV=-dB
z&8#(O|DonFOhEoSq%$WBagGf*Ba~~97E>W}ZuiTJ%3f194>WWVbJMu8N1GMRCYk9l
zr@VoOVWsFKpT_1VXFErTi92ZQlHhvt%k?=9V>3Wjyoe%RTp(`8{hwwW<%R><T?p^+
z_~+TCSy!eb=a9$g#+#VOW+_PH6X*RY=lrRh2S0bFYcTU!uIfd-OIgYajhiXsOncmT
z_iYTWoo>bgH1)sB(9wnOq?GiLU37Ze;T(^j0B7(~#C0;|YiYVuo`f@Z9A;`828v^W
zY{8pt2DZ!Rkp1xNKx-1{dlKPa)%|UotZ>9;)geecRaCKGGbysNGVb*#1Z3b?nZANq
zM`OPJ-R6?YQF>_m!1le}3j8)5)^>fPuulD2i1bf-nL^0@zFdWbB6k!i>MoKPw~091
z|1wX-QIEwI#vRDSLLsul3RWWWD%FZRQT)3sR<Dgb?K~q#c5{#BcDQ(;ARwX%g5m#c
zHzQj+N4_Q7*p*A2lHBWR5uFu^7k$-_+Z?!|;@d1Tb;3m^dpD#w^|3OPe!1v{LMi3s
z-3TFJapa7CuF|9*>-&~MR_)r3@(!k|k5l0Y#J}R-(Xmm8xrY>{0ddL_Ev%}FFi}uV
zpDP;C>(~*n0#Ka7j6<f78<?043+!b}bwEA}<}2uT<N?mgt_TU4<`pp4Xd;Bo(knx8
zD>OdDnX4F#*p(qM_N@@M$pBi7N9B6#to1Ku6cu8*0%e!{$|I?0Ezc9;Oq@97w7f@w
zxRhiF8ers0kxK}9Ng`DD`Jsv=?`O;2)_f%wZuU>*7JYeN(hrMPm-1Fuv6AAn*@Y(_
zYS~;OA(dV@;7u#pp}$eE(=5v`RxMGt@Imw1T7CZ|R?Co~R9h2Q3GMwn=hrIX(1|zO
z?UdQ8rCE!mSF}c`%7vqC*s6e1Id+K|#)Nb<&S)}RcS+xCIy-byXoxJ@DJkk3nn?sQ
zH68CbwC*AAp%=>nMw!s>CE;I_s_{p2!_N{!zVn?`dC8w;*5eSsxKOTb9B!0(xbu)x
zR3oBSYOa;UVUbHiy`+VhPS1zlYE>kxOv#@zH<HY&Xg8j>u#Si%?*FDlO3U$sk?O1s
zg<{b+#Gk0Tv6(c*OPVxss@WFxk;<E4uO(}DP=kN!NB=swYjRDiAo=VQ8y{oJh@s_*
z#^aUpPH=CI4$to~tJItW(IcN_ZUJ^5r~d%X%Zf`<L|4d$OVVD-v$2&F%PUhp^2}>m
zU($T=f%jG<mg@3wA5JA>x+E7@|B-DUTH^`m`0xa1BBX(2a<NS%`qCp!ylxbyP)eAJ
zBqWvm+VTiV3Mj51_fhd5IxfF}Z*D44CG9mIIs{1Iojp4}yhz}GL7y!y;2*^I<tX%z
zsAK;S^&;Va%{l&1MHd>K*F8*xwAJ1nh9{)7*%)MvXIgtWKWvfh0n*xslV{>Nx^0kT
z&AfFcP3KIb#q(edr$|GHc>+kpx9LjGUXOmUD5G@8NVqz2$H@2zpFBK%?{pVj9Md&j
zMY=1SalM~7>rAzG1}{Jy+<R%6YZIAGX0`}LV9pU=K!anw0u|_&S0j|k?clc&7yM~|
zbDmY)5@PzRJ=D6Vs#<$_`FSg;`x`$pMo3I#0LH>62U|gvrQX`YhcYyEg|kxQH3oLF
zGX*>5`0Njg(-PU_m!qCRs(c()_8012!d$wz?_d!W#1#d8bek&M;le71>D(dIn1`!U
zF{TN9tE&->CO$bsiS5M;)8+{+ci1Utehb0MLYJ9dnxAYf_`OBCF{vmk*Iobcu7T6U
z=pZc)=}y3w!lG=DebD`&JF-?@<g4AlqKB%gbh%!HFQuu<BHcWa9p!#9?Ho=ToN`96
zswt63iO9@uwil7{23^vp<4@ytXMTM}v(2?+WQIj!Ej%B{3E&!IcNuIJ_kPl&1hp(&
zt6SC3=4T6oq!dhE+fK=AnVcyZ7to*i({t5h7d&c(BjE);CLKXGgnCAeMX++5UZlMu
z9S%(1yHU$I3Nv8oLtRShBr8PCHHIzkIu(4OYw~Dcxw8wo`=W=t<2G9hdg4=_%cy}+
zkutn|M0&o@t)OQz4>lL_G}Cq=vKT|RvquZN1GQNO=KfT-a>Z8mB3;mBcdbm0Cv&Ot
z7q46tLW0eEZ$s-D<1MDozYM=H`Kl|dDbz!ze)e=|C6d8@SQm^y-|d0Fbi>T~g4RI`
z5P78e_7$NPrv=0}>pTIyvIhC2rytGZu=a8u%fJr{mB7z=A)p{2;Sf<E;eJ0Z1c9F!
zLP4WrkYKXB#v)ZzF^rC#L}O+ZR<e(Z$*P`$!6qgXQBd~DuBz$m-f(dAC1(?TqiST_
z^?BXS$-wXIFAovng}@IH*Kz%1>f9kphav#H!2sIeR~VYOw?<keJIX)a)TxgYECyLr
zB)zS}nAK;^u%IYzGZCDTQS}(|EQ~L{iM>-~P`#k}nXOl}IT2w&3F)7Htl6Pd`(esm
z<<J4YY@1@gE)S8LnfgSj%+04*V4@60m(y80tfqkL+v9Te5MA+vEObDwE1eg{TL;_H
zr34-K9KF3Mqm{d$@|~42LY;=-^Uq5A!Y=9#TxVOZ;&)7gU?B`fCgiMK_+DtX6%Pw0
zsqQ&i@6qb8-`Y?%?9Zq2`q!NIT5HEurmD0Ktv&(n>314UV*-;5{rcTGNz2yAFWk24
zZ*x{KmYhSiq|$mOr*`AD8H(vFmdl|H^KI0Ar7Slrj)vPGhgl?QO(_dBCa+Ri*d1^U
z55C%a;X@z!3O}qp;xD5gVvx-<EYclV>%m-3xi4`zjBv7C!IRZ)x93=1YU(bDKhst7
z)gk61Ytp{n;L8coXs0avB~q8<^FFR|2@lfK>v))ca|LhWPFhjtc*ATTG{aD+Ekv(2
z+XTGKJ65|`U26VT!Tn3T;njx%39iOuJUYu^>rL>`bsBlqf8k5WWx$M757CB>3^#V^
zSwv;SYrj;)>lo#+yPuE`k6c7sa)%+`pqk=OD|_>DO$HHio5U0zcH&d{%x0l8ro5TL
zl+BAWgu9$dt%rl9lu~7FO4C=DInpgi{9J8b>|Wj1Qa?PLBYFsn6){1B37}*xDS8j-
zUtNohZ0pwy^78U?Sh>TB)Me(cyx^L@fWKy(lLAC2X$F;ou^IHm{mm3Ot6<Lux<}bL
zR<=Qyl5$czT+;7m>u@R$*PCYHe|0*|(1?q??lDsGKDLnrt_K3~t@}%%YC>=-ESLIG
z>J#)v>1jkUzKRf9%Ol=Pt1xYa45K<+xJNAnO+l!X;k~r`AjmBGMX?L}U0R@RFp(+N
zM2lG;W7S|cO1<v*hKT=t26R;;7XtH$q1<J%n2x?)iAl*$#I+Z^fPd|@hJ8C1>y#S4
zHScU247zO8<HQi2u9#nJ9*!#5bVhw<5u-3iDYj*$n!9XSlDL<2tE*j1it$YLlQ?Rp
zjjTcDw%Es|R1EO}+esfkzL(3~YB40;D%I;g4=ey;Q!O-C<}ur(X9F>;OVn~OF(EEm
z!g|MjIz5b5$ztVTRW@egq{?O(gsoJkD^Fdx4~f3;sZ8MrC+S6N+88p0A^ghpC_S<s
zJT;$IHJA3t9SI#3jPd(AVJ}C+NI@Q|*<b|Y*55=MCmu|mPceCHW0IfYpnJYy*IZwv
z?cptURbX9#<tHyQZN?_MXTj-)am@IRrrx$r%4)rx+&xX@e$jJ`Qc9T(IZOJzJ-6gk
z=}xK-&P9Y{asJ)KvEhxfT!ADP?PC5h{i3i|ZG5x0<~J;*D|y2vNV#;S*LDo`_)TW_
z(J#`B7PIx*PTFG5FEBXT9jniWk=gwk-tEV;hpsEB+QC5)R5)Vw%@@vET*%lI-oivV
zY!x8KRlwI5{t{dfSF6&Wepx_1&8cN-UmtmB6^EpK`MvdgWRXHAro_EO<)o?qU3!;)
z_4G7KV|NyD)ca^GVW@dp@{)Y9?ZNy6#a~Pe^gBC-`Ad@Gah+k&aU>F?p!RT@usR{-
z;^utX@l5lVOgR?ws#RPF!{0}AFXXK$GyJyFXn)PuIcUfHVFtc)xDyzgjtmrr!XJ9f
zl$NI=>)7b06yW846gni@!;3?##&V__!ftKW{Xm3AEkIawCXv$EmKx~p<Tc?eVfHJ4
z7du^CEOSKRjPA~Q0=}5j^n9Pm(|GS;clLVvIMq4?ZP$O_yQ4$8y}CM9CoR8Qu%FQQ
z4Aug5Uv@efqw@vAL`Cyf-IdD@uJZykHtXFWRIOwc4Igq45sKb;u%iVBk_7v{dTV{T
z_WAt;LmpD0Ll_QG)DNRwmuf2>EY$7AyvPgfypQJo4Iv_F7{5C1Q;(R2SIZ0RY_JUD
z`%(hggPXc5RBL80M6=bhXj5qtHJWwa`exnqw+24}E@^r_lu1+AM<V8FB!4MNv>MWk
z6e-gVABhynSFxu`x?v(z5e&$&<<iajP4kL?AD})LePs6$ev<6$m}*0Dj#RF)d728C
zCe+E0n&hhnF*M6d90a@bYAGqi>oi?grtexQCm|H)=56ch<G?p9bz}9()*v!c>K#-n
zzM#@44uWaW$&`FEJ356yFMuv*!k}VBXoYQiWW#yd%Mr&$67pt}cGZZB&q%Cn{**-7
zm5WOrb1&GKRL@*WYaUunQ9h?4wwEX7M9Z$mp(5mEZ+AD=&)O^I+OJn*_jJum^)#W!
z)|3g3D{B3g`ub3k90mDM6ba?7J_2JaQS$HH_fnZON;aX->`uSrvzlzj=4JV+zKgTu
zy@8UfYrzHosBLFsu<LnT^yBMOwFnJAx$upWhms3)*cWJ5b(VjuKaYQ2L1%V!28-Sk
zUG|-fVC6>MaS1la!1+9}fK^pmQiis<jULjzA%Ft^y+z)`(G-*Ou2=icw{J}O=IWkN
zY4s5mDuNBl+-bDhc3#e2(L6%;5_{?g{Vxfd4TIj#SP`abNVb2&{%9&Cp`*H=MnPz=
zp6?Xv+^d%~rTG7h%tObKee4$#q(?;9W_62wTh-fdBckU2c4sO3`@M1$70ph}EQUk6
zxq#yT)1tzXHI?0PDiS$prRl<SqGC3jk<XRr;U(YNm*LxEkA+LRE8~#xmHsC{Y`}2A
zhkYlMRL94vqMoKE^|F`KF+DMV%yAlPVeF$(3eUK#vMJAgu+^>ri(Kk%{{IM~dgCmW
zNuT74d{IBJ!TQ*ecF4m-9e1!IQ_qC9gzcvPRz-E&Q$SHY?(#}ZPknm!-;vbFk1KLj
z17o|QYq=Q-td`MFSFGccUn*Z9RK5-EHBx4RiutFeS}J98Gm&iH%!;KOSSSai7h8{v
zD(LnPg1=T26w{u!r5BbA-G0nAOo~^1<S+IOG~avzvbXGG4qjc|LfuaGm^`@hO)DFn
zW;YaslZ0%M8A%WmmWe6#mQ74sJON1lKqe0g@h80S?VLPV$0OxnoGPNih_{xCNV93O
zEmNCHXYWu$@l6-Ow_tls1n+JGD;GmB4&aqHm84n&Gw+cG=Sc!hmYqoqi(=<v(^^~h
zFb^fr6Rws|-h%X<KEU6#=wmpZ;a_{5K4N?Vq=S)9c^Oedt%G<VIXANg%Mjs(g~>in
zHpD&w2LhYszi?}7d#WK4rK?OssjTbM6ozGak%w8+`i!^EJy3Z2H&CX3ulOd_j6i@o
z^Us5LHJ>n-nxt;lL#db~M>pD(+6{XRn!`21>E*D<<r;^!Bi(pmGXSbm>iX^j-*?zA
zy)Pa8-x{u9B69{T+pP4)tRPEZu}`CJfa=YuJB>X`Vdl**p8x}sx>i=yUnz&aAKYCh
zsOG}Sm=2p((;?dSPBDMEkW(zj=2IS~D5WCWn>GnomwA;au*jL1rzK4BsVEQiEc9hX
z+nYw>lPZRF)GZXx<P_^gYAYQ(s4Z!{i9h*N8OQ5XP6Mii#`0!pAS-8<W~WH^yy-8u
ziae8?Ej>Wz@7r4Lv*v(^)5xTQ$8lagy>`&8M`vlFSW*g(E>jb4IXoBf9a4&e#bB@#
z>yuCqsp?6+7vE5-aT$Cm8@(Z4H<5thT<+HxQ|3g`lV+L4NWPn*M#p((mJ;!+K+E`%
zsOxP999_JEmeOfs<2pJM@$#^|xvMhLg0wmlN~4A9WqVoj=hw#52z`f(11}&WQBZyQ
zHSS;k-2%R2?G+VLTh}6LU^-syt_lffXmN+Om+yZ306ubdyj_{kAC~2!uj2``VW5!a
zlZ%)|=7eTw#Z#_8>ru^!C(p~(^z1kcilybA;jpCaW{Z^^8Yg`dJ(Pb2v2qpqrLk=w
zA;I2{brUg8wZk4kPawI}S=$%KB%dH|`AeM5Piveiy*s&UBi)3&Z}dSXL)<DXP$~X8
z?~z!8oCuYUqJ__Q=Qrd(k$J)APi#&0G-%6P@>e|psOwaf)qV`LBs2<ATHb@iss3XM
zo%#9ki)t6D{qCVZ+~@Tu-)T@wV<qemtTtjV$8M+c(9n|WFCRKM4<mV{((36ua@W@?
zBaZe`X}paUnP;e?A3ltk((S;CT~YhqV>qZw9<9`nJGDJGBtMH<s<)VJf(hRh(>j-u
zOK`q@WIrc_=8`US%P4^>n02C``L>KeT>qP6D`%Fzla=sYi{2oW5PExHgXp!?5pz+1
zBysK3Df$qSOc_$SCdOz&YEQ0TQ}_Yr7=;dkGCeybg$}%ylhNXlg9>w9@h1;Knh^ni
zDIAW~g|H~bgS66p7MX-kWFGV=h?Z}W*Q2>~qA3_cn!3<fJi~OVsPlI%!vfY4l^evW
z+pw1C=B)$NhKEFyjwzO@{rtA$wOR<ABXoWb_RV12a=1CW4^Bl~qfz-sq2u7Dy(gfV
zb~op7uOvO<F8lvB&1n>O2Fj3Oy*uq%)*jbOckIg8WnhH5jJ327y2dNUxYSPUh5M1a
zqFDOfs~JVpw*ERS&6BDhVx;zXVo*pQ*r*havqJ=a3KV9Kdq!AL*Q^;Y2GjqV|Ct@e
zjZojL0GohCgIK5n{;d&iUM^}h%Bu3|DQ@3nj)UB$!MS(|Vem^9v9#gN&L97EFaKrN
z&qM{k%6B#I6S1)DKS+}?mDHX+0h5lc*Uw(zDHr52a%k;G!LyIOTygt>$52W;iwrX?
z1mcsybEw{RKYO0%E%;0MxV!NYey>ZNlTXj_W=;QKs@?4-Fyb*J?c{eDKYY+qKM`X7
zvv98x>4)8&S75smiT3GQuN55U7d^V@`Cncb5E~|o&wlqwCj#rYUMpKQj?UW8|7Mur
z43plm=U=O6hcbeQ7O=I{6lB}<J^u(3S^6-nlDDE^BD^k4dB7j_kAl$dXccd$HBQF<
z;u}5?P;h9(!hgElLVf&W8-wp}#HU04AYpL6NXTZ}QucNSb0Dfxl)({-^&9iQy&xlg
z84;jsRX9UOn39`P&sG_H0?;{|Roq-W^%04q91JZ~s$-q7&RxTD-s|vJ4(oIx)s3M2
zy9+WWDuS|^vm<_7D;*|kN+Ib_8Y=5@{?=cA+n5e7;jeO@Pbn_^P`CTntkva}6H~1M
zJP{k(cz1EAPe48m#yEUXK{Q^vr_>}TMsy@s*X@Y(@CbW+q<&#uuX&>5wvpHoW~IsL
zr>F{*d!|1&(l)3ZwsN^t_=FVNN`Ag6(hLUnWGzim>*j+<{}OaW4GOJBwqTFko;yp|
zx3Wxhm^6fgW=3ns9zw7|JlA2r*1(4+vd|2Lp8|*0bCeVlNzHc}6S1kTcoD$4sPd6a
zpknr~vd9e#{}6v{Y>Tn)mbLsB7g)P#CQ6q(U7tV5m47{kXtc&0WOJGbbr^ebw9eTm
z7OQISnJH>xoK(b6eH5axLiQ%rdubyuUo?EM+`Ncpr%TO_c37&4kE@GH#jjG!+}w;4
zL05^T&~^qo8g4t-H`Tr=!9-Jzr?Qq;Dbn7kO;m8<pLC~mAvaD#tLZ5NwWP2b6+fR~
z9)Rm+OHnVyNelmC{MtxbUU#ssTYg-|-$;vJy|Oj1bAD5=C^+Yn^;lss*Us|6zZ9L#
zJ`Kx!R7v4yD5EOphk96p&@Bp^nluaY&GI93A%0M#V4|IU!-=&-t9Y#HzGEaUJ1V0u
zp`xM2t{?rA_vig9^4$%tH4m_thO>H#&KoHi2F;RK7-g=K1aVbeCSt_knJS#x*heZY
zPBG`^T2)pCY-3z0OXU`lRD@QKT^oH5co%!&L!wGNfKt9#UZ`xy8eX&&i0&Ro27-;A
zShAK;kgk+g(t=-2GjCwpg^N$NDg2q{P)B)IAhnJHnU={OuW-8qX+=7x<PCc;V6r6W
zBUt-8Q1*Lg=nD8_1vOx-vQ+O((6S-Kp&FwaNZ7?BZVhpD4vOdNel$0iRt$OQ>wq(1
zI3~rYljV*LiLwJx@r9lTz&q&HHs|Jsud7uNaP^Q3x~MY_hwq%DnBP$Gw^N%VNFoqZ
z^sE^24v8IS4Uy{5Fx3-EqEK$X!me<4=z>t$5ShxQrlz4XBO{x?6>n9BlZZx(ASZbx
zDZ(G==SHd;pPr7W9Rr8Iok8$?C`3qBcA%3+YGnY)0Qcay9?OwyxJ`px)|*H1&I;lt
zT~Y+gk3wcL5HkX9&Q9;NW3s4>8)rI5?)o)X6B@gm%3SQadCxvT)3|y_q!GZv=qbh!
z<V@kJFvrS+4jr#35P@_+ATnha+Ce;@E=f&mH6O2nC78`B5dIIVx7z;Kql<CJ+w$}d
zTG^69O=*ru<n_UV1$#_*>p*o6yf={?*FEs@3P-suFcvE0WpuV?u%uwb%^W3z8_f)7
z<|%w-@Aq_-BVT0>*36~wp^{HH=5GpmY$~crngZEN`Ma-J7tuBodwsfC$?bjw9<UDQ
z*XAowV1#fp+C@9(?xs~Bx5Tm89UcFu=!I93<JDlzZY{tF*VF5t;yB3g|4w%t0TOaG
z9ExE>qNib0lD5jdraWWJZ#_<TFqdVqG*pVVD;UHW%Quv3^DoL@;uZO-rl`4w2m$S9
zo}MPg%#3fATaOT(ds6Sq=-?+OCm?4}yAne!tc8YY1%&T?xYEM2A04_FvLj#Iv#$(o
za_)ANAC_!uSaz_4(+Z9W=s>DQ(@|DmEjG|p+io!aTQDKjT*#|_q~Ky?6z(#L;u{Hm
zbHYl4`E?*y{(|&>Q<b_=;h$29lMONA{v(PqWoKB`XQw4BVX(1LORbJi<1<opcE=m{
z7$vCgg<pv=mP`^J1na72^UY#4SG;j8rg4`4a-yPi(2BlVm^b^8tW{B__)_9y_8)M{
z+`N)~4JFt)RRa<!ovnk*3WhS_#ZIzF&}sb<3-$dEfnIF(OJDn<s_#W){Eh#<6TSbR
zPG}2N%2MJwe|?d(aquL8kCAE%YIRG;__Y2za{OTQvUSiIh1a3FE7h>|)EX;<0iAVl
zu6tW|FE&1(8OERE%MaEIOS)fVyu-GGB;qG8S*0a!bdopJN;M>!a^={4m~RjY!>IZ!
zM~`BLv4Upiiq2zqH7h8B3SPOnPwhZNgxI1OYSit<Qpi=29EbH(9Y>oK`3I^9(iG_u
z;}NI2ER||~8>6z2RnLoKISGy4uK{G&UdYR0$H#_mOLlPr41Wy8Oo%9Z%D8O}w%_V*
z^fhudLhMF89FA2TiEN3M<P$I(;f9E(oT${E`xZ6+F?=xrk=3y=RU1y}Gz_CJYcr6t
znQV20hhy^9Ps73TFTZL~<eVg06CEtG1&+F7bkR@V6D03NxHE5kd*i+kNO}7V=6VJ%
zw1L4G^6+Jxd%aEh%&=`S5>_}*z=~yejpskN`tNn|irz*Xe_C)VstrL;`#ZOUnF!O#
zCwjG|+;8*T+6hux@h%`lY07D8)4UL2BxD-O!L!^ij3eG7(VEc~-?Yo2EzT076Ky`~
z&Mjb-<R)OX?F_Y+MV;g1^Lx)L+BdwiGVJb5zYC-`K+wreanx==Yn1A-*S@tjgO8`N
zlqIm=qBdx)q2ZfO9Ox;j!=#;Xn;oR#l$QHpB>!%H8$+2bjDtF8R+d!>Fjrsa{neax
zX_#OstND6uz3wj2$VgmCKBItDKDGqC-$1PXs8*)5Np2F8j(UTj=S3;$5X`r>fxIzx
z8X1xI>OoNK*j7|}cX|VHTKK6>tU;}$Y>Kn3tv{;I$XI8-ZXU~!X0FSH1oc+`s=wUD
zxImJed9N15yDpa@Eb`M5*IOc_5+b_HTy0)jNv**~iR0d=1>Q<|*U49ID|AMSTitOu
z=@qpnU+SRj2>(||Ekb~xi6m$cld*3Pc|23M@5K5?(Abtq1$W-erH_UyX{2|Vdh40i
znvOL8QJ!wW3w;GiB?J}Bb*r(*FDSY4aRKjByZx7Wf28&0l){<c6a_77kZ%FxKBYUt
zkSyCl=KFybua{Y)_i&=MiD_t?UXY&VWGBm$<PAjN1ng);W}woK%5y^Ki749TrWpsm
zBQ>OX)4Zdg9=NG3-=eWyL!m`;CHp#U3V)KyV?3~8!f`9eyn%d0gn)w+gPDYOMsD=p
zmtt3%rktdpAVqkxUe(gn{XVN0FX`*oCDy~Dy-q9YGVYk}!o{CQs2Aq<SRM;BXW}v_
zN4@b#>b)g_bS?zi)}tB>a+Wl0#)q@W*}{$8)rVL+Q)#3xQcO3#VWMXBL$$#!)h#M>
zb!BY_E%=WM9@@GeK)e=-T3+C+tKo4-ER^LwPu8aMoLl0Oju?c}q>2?i-qVYbjhXU8
z<oAZdJ%sgeezUPV-+`9o))!T1H~-$q`oQJTjP=lgMlL?eU2BspY3#+O_2^)>B)gyp
zW^jLhTR^na$R0L(B*Z|swY?Ar@B8fr7G)oru2gj>4a>&hkPFZ@r>K7|6$&=A6}~kp
zcZS!n$p`DNUBK`lrhLQ?sgwyU;#A}Jd`8`asN7<L){cha3vt*f9~yS3@>Lnco#k2N
zHRPh~vW%=9S4`%G?R&^$tL3U*A@(#GaBli=k6En6c+rp@`0u6KlT+O3!>`w3^o$ak
z=^c+Ga8jdt#W`ZqX`97;Qu!_yG(}JMa@H(^4TV<UvG%g&b?YlbjWS1PU7B+-sfN@z
z$5%mvhFJ>TR+Apr&OP6I#iufhtlu3FsF5;wglnxYnC2!UNSmz0$w%hi$1&dAkjPH!
zMj=Xy%K9!wm*`-Hd?4da)GmoeO?a{4)uvsHpwz@+5s;YlQ4%frb6Kd-R%-aDy#mva
zV&tZr)SifxNKBwd$&T<6rqY4Qpvf@F+_q8zK-y8HKDMU1VX#ZmXdU>&>wqf8hjmnD
z)x^6x6kjp@=be#3!P+-%musPxE)0g@<&Q?0S}`ffvg<JuzV`mm=)t#PEf}NKt9!80
zzOF-EQ3;f2sNXIOaO#Y%5k+7T116OsE!JdjVRx~c%^G}9g`Cthga$=sf5D}@c?~7#
ztGI9Mp3fh$P^svL!4dro))mw5QxM|L9wplJBs&krdjiT$fA%7`A0$0giN(L-8dp&w
z?+=?5qZR%z*O;&Tsk*H(f11DKFxZ3|1<L=bmow?-?M9N^ZSd_z+}qpu#$2fk%;I4B
zsx!gz!mNe|HlccIi^rghB`nRTd(_-VMd?DSYpl;VJ!y(W6Q7>|vtPaKJ1jFs&X-=C
zx}J&}Cj1d3#wY07`QVo*J3P;n3!1#LJz*~b(b~6D?!PI-#C4y)*Oe5MOm{Ggh<R%+
zF=a&>$NL08<i~@bbu)^kYsS%dDzeZqq71%=-ThD|PkBc%AhAqZqUiDj$S}7x+FMdt
z27d*ub-k!v>fj7cdtKs*c}SG1wi{M2OGmVZsWc5(B^e6EWv3ATqJx$cN>!p<SXapj
z(qA)6`KXW<b5!_IY$K0?RrL`cCFF+VzN@x=iMU9<(F%jxNR{dP@S0ZGX~w#IJH6`r
zN~ZhT<XW?HN;ax(x>l35Bzw~BB6jRZZYxp|XG^o#qWlF#8Zr$Yhn~`rj)db`+Qqof
z{nm<ftalC%OVy)AuV1lpi26vCz7#e<*#tpeoah>x1(z<OMVz0|;qerIm8OCpUX#|C
z9a5Y{$=ace#tI6MmnOX5NS2ezUQKF`8O8`vX_o(4M9sokQDORR^+Il#^fh$fVp6})
zu7pFJA=G-CY458&W$Fex3pZz%&v|UH;?a_otv|irs3Ie?a!BmHWK?MR>Q9YTXaI$+
zfo|N5O(t#;CU`$w8=K|oM(c{x?Wd8-w}dYixrsW)-9#+ZEWL~%dG7i(CB!OqHw{Po
zZJ5Ho#~}HJm;amPr5M2{0Pwez&Q2Vbuecu-+8EEKt)aK$;P?K19wK^q)7cRhOC%Z0
zKGpR}B`)<!R&tERhIJ_BmHfF<C1i-0M@6^IRZNOUI{j4KFR>T)B>J>gFb|fZ(HO>$
z>ImbRVw%4`Xcp9??{fuPI-=y<_sZ_0MsDx<<-v=;hI;|IV-8Ps(uXVEc7`QI@UuFU
z$Vsw!9Q;F|tE-+~xeCl6p^rvY+!4F%an54aHTU~oE7-gaPe9@eAu?2Df-_$5_jVcy
zv5q&6kQc!Q>gQ{=<<!%#*DpTb^rCp(qJPMm>3@V4!z-Fhn8iv?JR4>zrm5NN>$=Sr
zxBIZ5t|BexmiH$2+uT&Pn(1gU1!Y9gb2V8-a*PO*_8{2l=8U<mFi#~SSkqHcyqE|)
zEKfzzVxoJ5U_#N`NwXYT)J-MWU97J{Bc5%I@v*iyG4S_Ui^iY0RJ;zcX&r>T=^quf
z%^cVmJqt@mnQrLw1nfDKU7r9_i3cOOU+s5H73VB(qB$3D?H|tMquwu>EJ)tx5ObnF
zGJ=0K!hi;T=^F$I0R;no^ZWO^-yi^;gyprO;i<h(R3{qv-LkARg{sMQ13T}(zEviK
z_5^HD*Mazj&R^r=8|2Jh8vOD48rICfY`VwwzIUMRt55Ml$GT`Umr2mgXr}g3FV!R0
z9sL$x-XNY)excsMx!+YbFKzBa$tn0QQQXOp$4?SSm%yhS4C{?B(gt63-9s8Ojm(~^
z)HzydRJLfzllK|_U9UFBoRuI;Q1(@~E`|Ke2IK}r168nq9=y5brkPz+S#tnNPR@p$
zg7S#{%~<~QyHUh@&^4yf@FHUb$<X%bAZh%kZZcghxypR>EtivpDOztkUrQa;(0vU*
z=Fq6bOM_X2S+>jQCEX_gZF*@`w7<?%FwMjuT)3f!NXq+_pd&g*2@|pH&sx({g6s>_
z4I#3P{gHyM4Bcb1C<Ga7D$n5U^EH7(S)YNqfd=yClW+D$&dj;2G%S$F&{_mv>t6aR
zmNEt=syPMxynauxG;8D#z2{D%i@X!I0q}|fvoprkQ!0hi!zdK?7mC|Ie3Gr+hbdf*
z>T&Sw3sGEQr*wBY<lu(s(`z1hv>BQUeW@UdIyGz1VQ3beEh;G7N&vlt!fleI3OFjs
zC2$f62m+mmeyI+LlTu0V@ZUIX{*1TP1#@Ppt<1t`J@B!GjxXO(p9}$3jP=Dp%7a8H
z%E3IQ9q$Wmk36P@T$w=|0|oP-&aUX<Fr~2oS$wXV4&S&P)sH3?I>lE(Et)YNE8*qt
ze33<Fb<-sNTGE`ARt&6Avuf^_{bU_W<i&)bX%#jav7K@=Z%ySq3kv@xIultKNQi-E
zv%rI?*VQV)dBcjBu)f4~2phDM?Fre08*g#FdQb<h`RqO5Gy_%{J_l3t()PvIz}4EE
zGOOn4g|1H1{tP~Um)JpUf>7-gZje@?o-cOD;g&FpD-7rDG8;x!8j7r_jsGA~09R6O
zny!!4d^=z^P-hr#$f@j=YI*8t8s5GEDdQqlck8%us!*^ls4pW<UeamvR-xNX-h?N1
zM>*-=UUt8a_Mbr^R1F_1uW@8fvoy+BxSo@~`SJ<D4>BIXmvOg!AP9rf`#TJ4U6AnB
z4l}hDo0s%g$;|u;viH0{MN2B3_($Qq*9Q+?1_fUdyMXueG!Au=t5O92RoaemCldw<
z3vr(VnN&z>d6AmX!H{gkq=-Rib8F_xSEM_ZFD9LK=hMIsmRm7(zJ?UM+QP1@>r%Le
z#e_lq!uZ|`YL7?60sFJ^o6xA@k1y6;gDY89H047+N8Zk<%KplNY(RRIJ6{_9ieKu+
zXxldBdM5PCo9M1<)MSo)ESfT|x;EQKiF${$hJ-^sLM#sk=*=GstnUV6C}orWbRmnk
z{7y!7mR1w{<7>NCJ|1Kg>QXGVLY9a>0@j}{$;ZNo%0zuGW6JgCPr#NP*AkEX((u)3
zja(?5=DBA{dGq0)@}5@g*{6B@J{Jq2fpbsNVCrme4!GK@nF4%}Ab3bP1V3(b!)!B)
zm)ZAx^!M<`Qav_(KaHH%a@MLxPjiDnohja~X{?-A)0=YnsEmS+|5XO15k6raIxJlP
zmCxDa=AS?B$KIG+N{_MNz{K<4Z)Q8(UgBrU^D8Y^-~Y?!!rMxEVN|@h#;Yh0qBp|U
zeES}CAfFM`gsG=7jpbtgh(hK$9Q$KgaNuOiBXo2RdYKYd%GH^g5CR$7W>54aSnY>G
zoi_$V!DsNl+o|55aQumCw;p)n{LPb_{whSDrHKW?$**fY1EG^?2bA5Hc-_>7WAEGk
zVp~wT+AH9qgis)Hh+(Wn&g=7+HHU3JS5#k2F@FMw-GQL8S|qJG8d2)?Z>xJj$d`aY
zQkN5-E5m1;5SDy~IM%V(>S!N}c^LDMgZJkUE6T#Z;9ZuLE^Ee0hlY!#mPYg(AX2C(
zmU2Y9X4IYtnXi7D{`!zlrw#R)-R5A^oodS?e1AMphJL0m1}f}P<m3aVg&-VmIJcZ=
zf+XLBGC&Oje$T#tUZ6WL&4VW3o1bQxa`ffqrp@2R>HWjLHi1MK778L=AZ+=Y<~ki9
zlbEE!PS9g87+b!w)1Ya6fsj1IAdesc>!<Y@UKQbMo|gg1T?h6|9AtE~^lXvyEv#8!
zEH>?2Ir8q72mUlxu+9<bI2%bgybX+&8pGm7w^5dn4+;7-{)|Gu^=u`z+4+b4B=H&A
z7aUM742)-v9>!}4Zy{aagOeCL!yxhlGV2Esp$7lI&b|UHj%8bSa0~7P3+~R~420ks
zT!T9Vhu{|6f_rc$!QEkS2*E;dcXuam$Ub}DbI!i^-1lC0eXHtUy{e_AW~TbD)vMbm
zB6rIAI);UMK1xiPEl~ENVi#KvUMz~?^ZUePGETBj{Q^Xsv<L-%Ddyu3qlXs0=>A%-
z4k$?xQKUlqvQh+Z%BrY5!^lIhBxsgPNg*#Q!htb0!7*=Q2AQM@(|Tam;t%&2s!<ME
zgQ`rUsAa6^>Sp%sxYGnxN!(AAj67<C)MKXeE-n5n*cDd~GyP5=^+?w$J&yO@CABr2
zJmfG*voN~BJxCE*B_Vr;cPT!F@atB+duXyC74)f|OSVTj;!q{|waUl_&8gs1+avBi
zA2Y<ddgKcW!fyUVQi?OqAAec?RRExB>T9z~(AX>0;xjjEoNK<U$6pC~V<#h|lMTSe
za2GRzM8P>%fInHWL;Ee@REUZ}oOO@e*7x6Lt}`o+1@xC(J6aEY-RGXp|93SrT-~&y
z;-{aejD;Z1s>f~P`)~c%nK8!#WJ|7~)&pPnpHJsik87ybwLZeZ#mvQ|PXA=YqfV|J
z2z~j_=DA&(`i%DrZ2SZy2>Clgw4%HG=+fUk6apulN#nCGGXJwuibxUsGMnP2;u7OL
z#;Rh3G4Lm?nWw_YRc7j;0Oy>mdF{cN<?QFl8lfUHPuc55?Q>CrD`~7G9AaF@dEZp|
zdI_*Io7HfSmQ0Nu_HU#Au5LEIH6f`<z7UX2a6pE|@+Dc9VUKT3=<KL(ENZMSsVRyx
z`~gx&nE@(NNf{v#40VqZhvt{#-Ooq5MekS7pal@w7jh%&tiDps8XG`I7-#bZBbLhH
z5NI*CI-m;u0t5(zz%~KEmVqdpE*J>3Vx65NP_E9Q*KqDA!!x3AX5=#H9B@H8E1G$*
zSR1Tpx@9~h0d;8u>Ut=ZfzWGQ!v?584T8X1W3+45mtH>Il;+$|Vw?`?p2fUQtDLKO
z^h`f0-G{mEYLReinv4i<#RxD4Us-P!$Rsilbdz&@DL9pIJtCu|JESaw4Yyh~RU%NY
zLNRUjqE)&2WR?`6%r58)IYZP8d44r&&+#|fu=|**sC3jX?g)-aD!=fd5)geqRo$b5
zgK`VBy0?Bay{>19#w06Xm~YFNrroR7)mhW|z0%PzkUs$1Uz1UNtP;|2A9CVJvJY<)
zN%HqmzEqiV%X1?2-ehc@1;I5iWp~5J!Q(KSnL#{uxAY7|hH9WIiWHPeTY09yJBoHR
zf|i{rrfVk^GjdCo66Z3G(CoF`1Ba(=cTA6XJ`o`CtlW{#P|KHXYLn9Qjb5m6ENXAX
zU$7=y_&U1G)lY3Dld?oJ&AyUfw^)KR4b|~W&k1v{#8n+le?7qGSjQdS8yTg3vJ)p&
zo~^+0LvQ$sE(9$6>Y-|Z_l<3xCDFM!Nd^vy1I{s#2^#|pwF8UZE49ImAkAI;b`s4K
z2Y$^IQ2?h>(RWszT*b3-hj-QQM@Rg$5XyLQr)=3{9t=AkFA_DAEDls`d?5Gb=|R)&
ztXvnMsT;g;=tWekN!^59gw?>ErEE@af<z{KH1bdEo1C{F5RrG73LWyRTsIQy+^CJE
zatJpKDyj;0QT-|sxFia7TSZ^-QaEFwXDthMIb=a&J+Qb{T>XEi_gKU^lF8s%?-mi{
zA{CWxWepu6I<*b<8U1|7n4kqRG{D_P#r*|<M=Qf?(elXW0kqA#-9~lNplwJRV?=lx
zWg{l$ojngAw7m)-QrE=(n|l}_=#$9`ffchsUe+pGO<O0RRfm!>Ykrs6hMzY6(`PZU
zUjSk|cwR~XHvc6;fRgN%_hGLDc3|D=QPa|#A$%>9()5S<4&!gULlhKH(+IOKdqAjm
zM^#rIX2Dp@nwa7U7Df-=lCwY%8XWDAAgR9UlYCPmMV-N<Z}H}EGK+4LBgLD*6y6^a
zBPixBsrg+O5x<q2!x^p_Y3ZLF_Po(WiadO*ZeA=lBhP$~V&;jun=U;Qvja@X)WJcQ
ziObaU)0Ht*Ps_w^%9dX`QOE48S)5S-w+cJC5nDPb7(-s<<AZtpJNB14iEJGBp}ucY
z)yZ>5n#ET{eBBi?{eDO<gF3Mx<89!uXLmnTkPx=bRgCD6Fvnm~jOSG(mgqPsrk6)Q
zN7Ji9iObCZqEa<-9jy1O89aGmELQ14VF{pw8B6Y-D!X(`sQJ#PY6Z4o|6nOm<=z<{
z(7g#)+Ji}G(1W18(}2dnI9?lviNhoAJj@BSK-J3r@M+|QENSD=@C2&(6t<}a>qk!d
zq^hs73?uqFPKNYki2jMD5zu&6SSo6OaN)gqhEjC}vmnY`KBh&HFHu~1fR!|2xIN~C
zH$<r-^&3P9DqiBX<-;f%j9k#u%iRgl$)}<3Zsf+=JN%lp6`+PIamS6{8s!dPjQY9o
zf6MJ!_*7tP9LfR0NuUl!4c_20G0pxNAun?oV7EYF8C*OZCM89L6oe8wyz5|({G|+9
zLz6F|kY5{?<ZK@-{0^Atk?f3393cv)77AQ!kEP;75B`zOxTyqGRS0q~E7y7(D^4RH
zd?4CIq16TX#||(*uE2p#waFm3dF$N+?kjkgjCaP6TbiIIV#i19M1-$kWgwzVr%k6k
zG;W6ST3I>WvP-M+>$mL0xz4C)!XR$L8U+3N2+_Gh4njS=6g3e%=hOfrkrU;~*J%rb
z*Wb&6U2Eleg7d#4V=5$*qDy%!FYq`NT$q;f_+7#o;GlBVZ#s<-X`2!g$DaTeFRzwZ
zQdMO&iiTOWtO7Y*oYW6IXd}sij>wnlEOjx#+Hmmn$xVz8=5lF#UxgLY$$tSX-NuA|
zuy~qo4DSnf&zf%Y+(+EIBV5Q9BOX=p7i1Z|EReH<7COjX|0X!^UVD}F&Xk(i4j0Eh
zrS}9UzSz9aGjnBKl@xo)hp?zN_l#Ni<ZY7=tm_^LXKVIOq6&23XULtt&6l(IM|yo*
zwCQ)At<<z=R|7R6lTTU5I%MDqyD{C->X|2a`de}Y0>w2;IGg!XA<Oldj5tc4(t-x+
zD*HS&#D;PR^>csdcPnDe&svmUwwf}4s#57I%c!Sh$ES?Gcs`9)02bIKNpT4r_c0r_
zkJ)<4>YOpyMzV4(F#@mh_aui4lAEoA8@qhmFtx^%XAV6cTs+{cX$&KIxe-wi;egff
zo|VhwcR39&7l)w)#}y%g9p~E~%TUmQt5^Z-k00a-??f)CJ9rYR&QsopK3;8iD$BW;
z{{S5zqNn+AnF{~>=_5qF#%3_6x6;WiG9KNG(JF_^jo^-el2MoHK`EcEIFx-7lS>{M
zYq8ou_FkP8-NiD7VksVRg6L&QT_UmfEshmj7<c$+!+G5~L08A!_g?^~V3eIN`l;i)
zC}-?OkMCAQ9VV}2KJGDnu@2bxtu4gU6_^*nwu5EAecg9me#?HFi83Lic9ZJiSJv{u
zKS7gi1%35(o=HonKeUG4_GJ=d8>&Z%gYUSM?!}me(R}VZ-?whkOH)jAt;Rn<h%>V+
zk6!5tXBUYaUg&$>ASzFJ#@kP0`T7C7NQrv0hfH7rB8BcN|5=hKT31i605!p+X|3H6
zUk!vSd4Ox3x$XSO^y+H-Z7b=n&fC?`u_}5$6uXr#;XsY0`|nPAg_hGV!l~btKKOl1
zsx7<MQtX_3BL7Z=8uO$Fp^(@x0Z_1zI7M)<kT9&ji6CeI)N`OBOh{}ZTn;>PHg*w=
zS6oV*6qKT`|G^?bLqQ<|Al~pZU#QP!u}#yXTiG2x7_FW3_O3=m^x)$Mv#`F<eMis;
zQS0OZ@pQ~CtWJU=^DT31UDn0wQXN(oOCkBJ;P>{hqM!)1-Uzd)^X{W>qk>FF$A5s$
zQi!nz5lQ)Q4B8<i|2nu8bTM8O6t?JKG+QTl(!^P#h$6602_-@WDjJ&ZV^~mBB>M_1
zNl(tx8q7<!1G}=QWnB`QpM*^I`JySxv{(~o;a)i&-bL2jh+TknDPtU@q158&<Ysq9
z!D;)65tuXTB$Z*J<I8Dzz7D7KRwxNm<)bDUrkZ1`gS(<dX!1UkEobG+#lxVFAX%<;
zFt9atGP;SK-SA|X7NcA(`kqq?2ja<2V1vn7gDaJP6i}>u_`9z9V$bvG_&lGEK}t!D
z$A`(v$#{JU)K)(3o0ytpyD3B7t`(}?8dI0Gq2b=d<OoJqJoR@><*iy;AF8WQO-&(c
z{Qd|cQUVXQpK<9&F`rXYdxds~CFDaDdfS|8Y(7k`VW-!$7-9SK@$dn^5qZ7t!rPeH
zCUM?2b1>9<?L9vu0Gz?O-e%^udF?<;{Y}0mI13{qENt#!<w*Y9XjPtKsHWpm+QoWl
z+(;6f-!H%g6^2mJcoVd)KZ{5*x$GzE0jv!qN7(;SA>%QoR_7am>dqn@dy#IPKd(nK
zw+oz+u5XsFo3Q;FZ|j_HQQ0Cg*HRNR`_RqGc!<~irTO0s{;V|>i|aV&6NR>Y({Qh|
zR`dRzi9f~AJ`|xKZ5LL+oD8U*4}<d4SC(BFB~eE5!om$Sso(zjEe*&{{TIO6OX<jj
z<jd~XaX-4S*2Akag4368Ol)8Lp!{TFF}qeot{Ex=`pS9Z=%Ff*wfl<85v6JHQGc@W
zX>C5sx`nM07z2fJWOiwH)zFK!B|5h(drX(|kzJFoTnat-C*QEmd?DEElgRr-ODZfT
z6=RDSJOclWQf*=xVe<0Do7HVd*ASLAwkBT@3zi^1E!jtH;|>7iqY`*KWc9>P<SaZ%
z;NiR7@IWpr#EJaSE<XWr%RPW-RLAGj#L8eVADvz7M&!vjkE3DFN4>CNG%W8P3>>i>
zrhn`jBzvAor`u^4NzNkgWfGN-0A7E}tXjjIr6Jf|(>0%^`jFs+&1rZwj2+?5WPY-7
zQS1il?U-A}5lEH1#=AIof;ck^-kP7J@A3{p{(IgNv#+qnZgdYxjOXPD@lg__qu8&8
z2B8K}WcP%l5hOD7hQy%$;JhlLEqLdncBv=o0yl-P^q(?yrgNLo)5`KejK1-or*PD3
z$g*IZ<WPE64CQy^`K_YT9|Gb|;i$BNKh>8J^)??wHH`Wj%LnWeN2Sp7|Bv?6(Z;Kx
zA<*cLl7(fG+Wg}`qHA69zK~e#|94<=U}W>Khx*@Es<rjwZL@_&lYd_`klJk_9j!6M
z+S{u0x_}_90MWkFAjaTJKt1wL#y_(X@@R)S%_CA?p{SfqvuQ(3RZUg7e>QkF{{U_u
zOSK<3IU~%ybr#54TRyb=ihdh=>p)2dV^3Ty4uY3rdZ}rjKA7&CBG|PsAfPj7pGLPZ
zP*|mFL>S%GMalJ94)Q^t)472rG`vR!3mxFyEL~_!i5D~!bmYH}H3>y|2TO8{w+TFc
zxr7XUI6%y4ijJa*Ic38GXCTUE3C=UK<t=nJHx9HPXSyX*K|ydl*w_MG?%S@cH18km
zZxaNvc0}7Qbuo2m?q5aaUD5R^I)=P;H4kf_W2<a$FL?TKxAF^+N;Uy*EjOh=aT1iL
zid};qQKVH05rxD}n(Hg*H4Y^bWjyKA(LI$p#SRlSV2NJQYPby?AsGp*Yfn1DwUod}
z#thD}iIc4o@kA-^>Ig1h6T?v^77Z08kEK7g$PUfN0H(Ncj4nr$afCQM==^yp1u07-
z;xF-tC;|P%DO#y^%ByD>D3T<v865@CNZ9(;7P&sZrtlJ6tW_&ZRE}Nz>q77J19b8#
zJuE||ko!o4^4?CT%@3fnyyQA0uWJ?j8XK<|G8)PiMCF;G<1xD2Nyd>7h$MVu#62R>
z6gtCBv_+{4woZw1!u<N5R4sHv%niFQ3Y6wVi(;l*iIUZdo4<%pTd|bAb<vI}ozhd!
z-K)b_E6(q;>=ekt1CzbX+&Ev=3V4ZGDgSq?-&HAkOJS_44m2I|3}c?~Crvi_I)VY`
z*obSq?km+NF)K^mW60rrvX`F2MY|`n3;ODPgG1xiCk_ZtqrN}v^L9PkiEU`)dQ&J7
zZH1Qu!y_r*b)a8*`~t*Kq9j-TNK!QHv6VjHC7BfpVP4|m(>{GQq(Qb=?Ok+jlP+*y
zFBkt%FUxv1%lv^!#bjX8WMC$cLNVTm)ffIv7LCMnq7L^;%A!ub@k*t=@k$r)6jrER
z8cTT3Q)Q~t9l^W=t4Z?nari|YS(ADa$PJ&&cUoLqN53CUug!dpDbq;d=FEV{%UveJ
zyDQlO9EeheZZQ)LGQ+dWIQSNhxN$AWQNGxpTs)LN<eYyPPb2Xdx3Ld33)E@Tl2x|K
z8oYzT=NYejD4<R<uF`-i5~~$4x<?1cDV5LXdnyH5ohg!d^JI*79?+5mr>R7&eX7ke
zstHg53sh`Ehc&3P(IJ7`ZMBvn^B4_pHf;<$ik8=nY?&$#!liyP9YW=BvpaC)a8Xj3
z%G4&BeTrFs*Jo{T_~>@n&d4YC3m`D7-p9Q93(ybmP(?N;<rL)(ieu`R=#GB$B#AWg
zSw^t7t^hk4T*qB{JWgy8aZk;5*ZTGgJESSD)kH0T1s1QpmoM@JV_k!p-;;hHamy7=
zX9;QCW`tSb``+=>DZ}@Gudn7l+P3iBdYVO?&G4IeGi0iC;#}#faFcYL;{6hJ=b8QH
zZ3Eo{w59=k0T>on*z5gjFNqr3UWRHfqm-h4dStJzH!52)6j@y3I9l~7_jvZDOT8Iu
z?<c;+JQZb><6Cacha9-aT@;^sI=PXAQ6F9Z0wn(qMhO|_!9c^nB0(N8hxt9ugUlRa
z!n|UC8;d3C;EzF0!6u?)nA62kh5dR}88ThiJ$`aZDHc%uNAzeYBoN>UF^mpXi71;}
z#L90PsuV^Qz8C@v`<)ky@%p(H7iLvDuw4{prB#o?vntm-s)yiGw{J2<@2OR;88Xk~
zO6J2<A4d}fP9a+o5)~d~ijLkt>y9%L6&4`CCKcYu=`2#$vu)<6GA4G_e(r|!ZR*k4
zQKXJe49cZqt-FMIHkKPeD((Zt_LZ(2c4W+3gTQ*UZ-eo(i)h%N?{mfE;_*@z>EeiH
z(o+YaT$2$qyA6H;oX0P05$|av%Q1%@3Ef`X7W4<<&GmmeiyV{O>_#Fp<)Fn<5L9aC
zP03h?W!rEOL%Qt8VaE&u4wwWVewJ~M^MTaT6v>nf0?ze3*K$jCHt1_0#ox=aIP+%~
zh?lXHr!U|tOqfVhk+Bpr?eN*@cI7QH4Dg;TSE*EJQaC7DpfwJ632=GFUBa6J)tUC0
z5bQl!)k_F-8~l6D<d2z?XDLjWUuvqtkg7UVsK!x}C<g&Teg6WV0fyI<o6%PPR{_Zu
zlEUR{7*KS(dFizc7`Soj)~O$=BUB<(95oRcqw9XjaV(@!bc=#Fwv*YC2cjt!%WVD*
zfBx~QH0K}%HR2`e>Dg!3wL@~m)s$(FVR=1ZFs$`RFR%7H!jt)>oPdrFyN!{ve2BD-
z6xi5{-|1$5%OeG68!r}<E|!o$6Rl7W!aCCzL#AcP=pN0ya|B!cp^fHflkkl(z1@m1
zcHte#CFgM<A(`s<Qa-Mc)anU3Y-HAYa6az`?r?Y}PQcS_p7K)Oq2C2;OowlangipQ
zEQR35E0fA%56^65n+s3kA3=&#^>oMa*g3Xdk-FnLxJo}W#{%?sz#A0sjOuOCJw;lU
zr7)fecS*&Mo^CUT=^`f8E1zE!*6g8}xrpD%q;#zrhfoVDe_xbhP>py>!*h#E8Gehf
zy-^b1{QEz^Kh!<$Pj&%_<j;v@Kok}OlEg;c5~iLDqOjN|toh53&jITnCWs<#Y39=o
zXh4AY7@O}z=^O6G7xLQ<ip(4aBD0jv#J87@M@!o9Z_kj6bsB2r{V87s*Q+6#W_JdD
zp8j$;J+|KOu{yz2y@Tj>d-+aVr)QI2SA<CMT9E~n1FqcXQMaW5uPf_JWjMl|`2qXe
zU~hd)?WNPr8R{Z$VoRs_cq3N*n}aO}{aS4bxo*z79pBDOBjc3*1Ap>QYy#J-PvgT5
zwX1wi3Y~oj#LbRJMtUH%5Hz};VBYx)iH8^ZGqC$31`b2^8q62$r7r2wn~pzgG3<tm
zKrvinc^_T@(9OJErIZvVBMC#@hER=zPl4?Rw-x!i3NID#?>%$j=0xH|Vsz~e(q<3{
zTjzy^Lw^Bg8;0*IMs}}A2;E*46kQdm?#>y!_gg4(H7&xnh>##2@*4wZo*SVyZiQOd
z1F^Ar?;ItlfV{QeLjAS@u!hErq>)d8hLBhUe_JGrFfyyX)kI5+xz*rHv!_*wN(0rD
ztV&UzRd_F(k7n)vuK&Z-oB0Xeo0IHo{mF+cgxkKXm9w7PUx1=+58pFE`~!&pQft-q
ze9sS1-2<UtCXmbyc2@vIyM4ID%+FvhE>&uor$$r+r^FB_t}&~2r6!c9XsT2iq{@(^
zhFt8d=AEc-sxhld#Nf|MH_c^LQYx;(PeUSDm0#-6D+u>idaI<=_|5nRDssxWiZWkm
zkRZ<BN{VExfQe}vhvJv-F~}<jU*f?INSz9%ywKiCca+OLD&zd#$QY8*4+Z=ru_uR_
zWyDN8u>#X16*p_l)}Ljv)?|qme~{~w%x^IGhQ9mZXKR7!-p*6q8I1G|?m?j9(`(uR
z2As}glWtt8wNjW-GPszJ4B5of(kp2)2FL|%%o|6PX~k;d2yq6gkJB6}syi9ZkgF0`
zWyt%hK_LxSvi{Ggw0K$#Ia^IAK04f49`d8qHVN%NsH%qSAovRq^b7D`+`{jGCV#w{
z;2+!q7A__>9tI@zF*^sR2$#|;3JA48`G<!J#F6DUw=ibJPx)1H#Cg_*ntLi?Mp;Eq
zTK->)>KnW%dl7?mBea-NtEo3Es?C`*G`52H4DXnBb5a|Ng3U=$5?R`$b5c`hmk2Xc
z(-T>~KtM>q2Qwd(L{@y4!E{Bqp=1?)3$yq1tEs)Ijs-I%T%2qz0zI5H_E95d4y=<~
zmP4|{9jq`JWjgR=G(9MTq!q>Agf{0d3FFVnhPy#5AcmfkI8f<a)A3#8;BCxoNL5DK
z8`_tzm^#sB498J{RwvT@U&kWe*aSoZvwi`9J$bcq?79`G4n|RiWXWWSApAICvbU)%
z!yS8^v|AukPe-M-F6t&)eEgS_62$ctW-=^C2p*Qad0?8v*#%oE()d|{&zm28bbZvK
z1P3m?C0vhLmWxLs4{eu+yXMszZ`?WeX2{Tsf1i*B(hD1vP3srU+TFX>C<Wy#NtORv
z?6zm`T26T<_Z_Z&m2x6zF^ro|GTZ}$cUSKliJWC|=Zk}}*Dz-IN3qshG&z9igbPC!
zl%}4NK{rG$hzULo)s!JA{f>xOftys_Iku7?T<_;d_>r-N)v2wtk1zODCW3D0_9b;Q
zAdf`lu)ZUv(u^q1(-SA!qnmjv(Hzb__4aFSlnaja|Dr55GLFCwebg$KeA_tKtfo_-
z_BSCGHqEm#a@Ub`ipgaQ&cZ1jb}ns@Df^qq`(y*mK6AnclWDL#gk0)D9`R+wsQ-`v
zHr+J!3;`C)_NIO%l=;q+=%>q{BmsQ3B#DF-E9=_J58dy8Id?oB@Kt^M8nf{9PVIKA
zKNZCO0If|H4uz0LKm{E&Iw$Lpfz_Dx9`n}WRx4r+ZD<@fZR-`PEn9oLE_2~)d;A30
z=+|lTVxbbo!xaCuv&RH&3TQr)ub3LpHm{+A>ck6)h3N){Qhr8r;PtqGAQOl(3O(<u
z3@021P4zP#+#!9h3nxbR=g%s7#5r-efU^FNlej%j!V8pV>t{9iU{aWb0zCXXLbnZ2
zsn3k$kxysqE9}?GKRt<fN1Zasm?+zFfzcvhDZ-#(3|ezMVv(TQgu;nrOf8LV5UI&S
z|3Mx=H_>k>OwOeHLWXlQ-mu!&R#_>ou}RtvZPV9c3@r}R&GQlgHD09rA4mM7ITh#j
z6j!o_hdS7A&LN%IgbFkHDc*>g7sr;AhWz23?DzS|A^FjWls9gdu~_LCgms@5DtU%=
zm?&=>$Pz=}E_MYuud`&BPDVC6Br9<2_UZ8s7ZLs^RT4?iA?)U5m0a5^sWXkAUzx+#
z{w7{^zQ;b%6vnNF**i7X6j&#wiaKG8tY?fcYW%x^>x@7bc3yszIO^FiSFh6UwZ{Dq
z84kF2cMf7Xg8Ogl^M-Y|m8O6{*1GU5<Udwptox>jHT1G%AF;z4PUXmaPmKbwqHfxt
zHFbGXwf3JGY(L5#G1jfocPkJ|2VA(3qmg6t4_Pf{le)M+GwJ+S7sHLQ%lP4n4Jqy9
zcTH{^!VCJRR41#QoS)+f^5RIHojTF=qRHUZZWO`Ky}%bv)ZN6uFc@h_`6D?}o?A>;
zqL0&k>T@?W63nAz5aZflx<~<pX=Zc7O*wE?BFCeDU(l*tCEJM37JV7(?*8WyW*Vm{
z>6WYoPb}u!ccVH52{l$hnD=^QO%J%tw&0EEd5lkRo^6m{*Fc7c?Q2fRS14AKVQnq#
zA>%`b7jUYeR$b>_++v@Tt=GLzgu>cvt}&sPeCM3wc)+`{V@-M%)_Y47*2Qp3&|y$~
zu{ZAs+t<uz6Ig_cM@Ut;A|_!>B1d2vCLU_$x0@8N_2;qg8Kz!h;uMh}*+w^ZXT-x-
z&2Np5sGY3EDIp<$9RCy^f)eKr&%yQ~Lbkl@JZoV@AH!R><&5k->rI@iMr_#t&0%P)
zoU$~eqt2;ntYg#0$-bU8HfMT`52S94kbwA@6W)|@*2PApn(BXikUVtu**?e<bRO0c
zrht7LR}m_ziIZelJf1EY+KbY6tbQ|zfggOKO3EI2QROTC+|DVR?kp0_r1Pe>_3Hmm
z0zqBd%#PM%95wsH&=P`K><LNr#5^<e-$V>z9iOEQL+~g%Yk#-_rzmBHfN4R!w$8tc
zd|tIY9~7AG2m}Or(5h#o_kQyuCoohu0=<<0tlN3VRYeZoh+}_z=YRa*lU{>=a>G_R
zO-d#aGYZ=0tA4NTlMyY#vhFXXJZ-Bl`GP*&{Why?^~nqEK)Aq&_fZz}3t5RV*ZL(>
zj})ev)$0guRXfSiy7cjLXXc&TcF@Ufr*F?T>}_ZKHjJJj#Xb_Y*)76kITfUAvtn7}
z&r&I$0SB~?d8oGwdei~_@KqmGBb##KrVvZ9#3Hszy+fncRurwmyklqg@F~?{SHB*O
znfO{TTGum6W5;tPo%SWG_8e~Z?V4-hHEtNyrK8*Zh{AyRCm|TD8uVKB`zrEL9?EOU
z^bI>Nt!9|(o)k;Xx7xuoH5af4sJ+Kq*<bG%XZx9#t}zonAD0kIn%=;uCoBiTVk!2E
zh*2GEaA<rmLh>n&@88uSYLJ|l1ipwV>?9ar61%qPguF6p=?Tdg$#;8l->`z%aX*gJ
zsiJu3LVYk4{z3&qiiZg<#TfIhy)+5a7|(ZCqRjA9B=dEfS|r7nUjVOL86;u8>V(yU
zWL7<Y>DRr!PW}iL<5Lg3-V*q%QafYD^Q2I&E_ljSwCykQ5WNyltP;G-=e$8ON|LON
zC(SjUF{~4@r0Rt}K?w$|mL`x#!<C1yd`nCjQFpY|=RNSWn(5CD#})k+ac-Eq6hG?V
z+?W>XxFjjQ?qS*FKXT$Ya$?!${JP0+1thWkp$8<ioHPV30#WSa4S1x1dd<?+qZ9Ip
zwjITrjOcrOuO+Y16z#5v^I$v!8CB4ghNtpGgVaLixYr}*e*vC7lX?H*8{lC7#y8~r
z_DohXbnsuL;CQWEHGYC^@Au3$bpK`>V1Ba=11X4^nEVvZZ+61Qv2$tPD1<^Ft)j_J
zT&X?28uJdW>>Zr)Qovpjl&SKQzwoSx8ZVrRpBi%l90aPau$1b2*HZ1sezsJA9x8Z*
z_OA9T)&I_r0qqsq!;096Hs;;JbW6G)JqAJ?aCN_WZC4QEa&H`YBO#XExg-S-xYS{4
zF%s#16307SdSl!!da-Ci-3>?wAB#Y5vl;G%)db4*onwJa)~{_+A61HmM6VkpykjHw
zjThyw+#!3(J2f`&Rr8Mo5K!8%VUsrIh4c2m!0h}6L;TI+c<%b`0pO9J^PuXpWOKy9
z`td3u+L-Ww-G*nyJh6E<(`p+pE$m7Lc7VMCQWvCXy7(z!0o$P$IM{&HSoo7>5jfaL
zvrsq-T;;);hoD{_*!hHcnw6ljTVxs)WJ5XnAhtrB?v%e3fs`%$xFV&Hn-_mo$mkuq
z7y{6G{sle*LXsq}map$%{2KQk^J?z(-VY1w5xBf@o&A8Odv}Xg_Ogy+AKmO}-+<uG
z_F}yqBXBdMK}8s11TEK)_A;~O!}-{tp|Vg1M-iDuf@HmLvFMrDN%TC+sT^K|_eN$9
z*^25ZmfSLSvpWrH)HitZ8OmI<S?^N{*uKq+sAMePOERQ&b8{;@NR-HlpYR69XS>5$
z`md(IG_|~hDI$a;GT=+jgPP5$PB-F~UN(_-+Bh<cXpR&jq<HL6HbEYwbc-|;gU}Id
z`fMI^GY&{r4`V!;hB=-r+%A?qe{1Iq1d3n9blVfy^*O%bG3otw35`Tr6&H$X8P?X>
zUK~ac)_AFqbvd48n#Ho8?6)~H;0%-qtDi;19~hl<gS>ua_i8EqTG+^|4g3A=^2PEH
zk4H{~m~+I5Tu7^ETkDE@4ubFQc$SF~t^yfD5qhFZ$WTeort0chsr{`QuUBb?u-gCC
z27dDvU6R4DKbP<$A>T#^xxW_8BeG3;ah$jRlstNWL&<6gne?2l7jE5jo84$B{@|D*
zaj#Ka#wOSh|Ja%vnRGq!Y~Z+8i?=47j&6iYZrYFSS8Ioq9g1bPavYo7pdmc!58f6G
zRqd&FHQGSujNz8UUwV^nTH|@Tw>j2sKAcM<A-sbj_;LLx@{?3UlI60}#j5*C2k^jN
z(s_B9Y*B!zDr`vtX?_5+qjtE6r3@yp&7GzbHq-b@4iF2wj6PYGWi}g&<exMC`B=59
zmW?NCzARbzHjBj%k*`?bWDtra{kR$0DdJ0?JJZX!z*@80avD#$X2+c+LtBEm0fP=Y
z2grMj1iSH}y<_g*Ktu6H%|imcNSU|3@8i6Z2P;s%xN|x%dzmEM9xAIqpod1`+>7$&
zsE1b_?HoJTZZY`MV7E0eq(edXehbp+_4u6MzrvE7CRN7q(;law(HX?&CFx_ez4c^m
z{MjeK4197YhlF47L;8%jma&x-TC2~h$OYQ}d95E*1->x<nT&uwOhnT+JX}W!yIe}r
z_|EJ+raJByV7G6lkuq2cA1^~rPJ+~DM-E>x@1vDJvnACx9*oMJ;Vds~muI@~Z)D$J
zL?A<|e1!9gifc$*p|k3@@YHdYXF5V|rz8`XGZ&&7>i5;P<tqJW)qh!4G%f!eYo=Xq
zS`o-v;lD9>Aigik+Vf1_g1C8qFlMfafrMT{aKchC+P*xJ_ZJLd#k7BBRQy#H`02;F
z3UTH3N={X8O1;#$<roZAkW*B<3vq=RvTzl{3ti;s3uI{DTtWyD)zyk%UfA0Ud1@6U
zTydqn3@@l&RsPa&^y)%vM8z1@6E8$t;>i_v%0*GyLAD(g=@_aB5y_*^B(ryg{V5s<
z9d`0bTLLY)Y<=7I^_x28Ptxg2U8+wRf-T<LlRo=J2k=ech$XqBv$`MT?X%JiZniZN
z#+?M%p$c#u-q?s&VoipN(1yZ88MJ`UGG^^)-__VkN=SD%RaZ)3S8}+lQc8Ze@b8v;
u)01mB&bE`{EC-=y{%Ao+bEys)+2Q_XcQUYt;*U~FK7JSKsDtnsv;PM?6eO|$

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/images/zpool_blocks.jpg b/docs/userguide/storagedriver/images/zpool_blocks.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..6fd2482ee69148673ce61c6f3e0bff42c4886106
GIT binary patch
literal 42455
zcmc$_1z22Lvnbd&B)A6+?(Xhx!QCae26qS$(zr`-cXxMpcZc8}9A4+-{O8{PzWMI^
zX5P%3>aW*cYnAR=RjYbSzb(FP0+6M}rNjYXVBi1-&<F6g0uTW}fc=KwEd&GvI5-Rx
zI0)b%V4z^2;NHK7f_n$|9swEgJv<Tu+&e@xL?jdxR8-XWi0GK;s2Iqg?r$M~SivEo
zpdeA<-@$`s|8K%uHvk0|Ob$F40t^KJjsgaO0`}Gmzz2W<z`;SL0sa9PSSV;P2uN_a
zw`BnAAH<6?cOwW7!<YFNmHQ#B%mt{2IF$X<+aE!_<0ELmzYCOE6vhCoq@N=;)VZ~~
z2~BKhEb~6z^J#j!_su4BeSJQB;>2s=?rAw52Y9v;FHG!t6@LwFdpRiCeF+%dd90(G
z(O+`Xg4UN<ao|Df5E(s7>8Bur;%b<2Be7&9`#@7dr+G(($$h-&jJZ<gZH=uUJ{R(M
zZQ$f(V-H(7pIH(ADfM=g;2_I-Nw&SHVRxtWykbZHpu&8<%^kjgxt1-*jxjLRn<Icd
zM|jX8gGa@J+{?wphrf11e`0>Y|Kjs*VGUNhmj!;51X*w$lvlAISW=IF^rdr#c0}sN
z%C?hT{)PCgx&1+eJl9Tw=h*k1SWs{ErpvHQNS`_r<O3M?M>|LxaX(NO6K59Vsu%z*
zL9yA#+?WaYn;C%T{oLLz2>4?zfOPbr0qU~mc<K!M9|~s7;E#qbt>jt3fcFTN?;cbE
z5N4x1TvxvgZa2Zk+Ecr56*B?9#ysYY(N^XnB09l)v;x{y1ucERTC5hc8n^8Otp@)k
z49^e13DB_mq&{4TRP=K$(>tK^dtiemL`rJ2-`^JDtC_37*A-!KWUqd&ius!u@vviV
z#?OzP>vC^srmTDL!K1nk_X}WuLvAy?aFTsulIX#>{xvFcbb|2k{&}b0kCv^FW={pi
z<sAKdr4+1cFq(ab6~w3!&ST9c7ITGjpz-%IB2>={uh6ADSFPAS!`)fG0a%}X^Wx5J
zQ-7Wbr1J~@@eBUUVTm9vevnfi_bP4Ctzv^9qRq`Z>~c7Sbw@h`bkASPjar*FM&AI0
zhp!|DOb<hI=hxevAojo`ST?=`!jgl_SA?A%m6e>=wNu<7Zp2Nn-$9uDDWdbZ*2h;k
z#q_j5!XwN5j6r>4PHxDL);W`RHiqIJrq655lpb&X<w$KaNSVSOaVX*NC2;@yfNo&Y
zHdW0;x-<2u%_`f`fNcxsCJe#IUL%YGfOWaXI5$VNSPfN~cMi$7veVne&ud_vWJIg<
zV6g-<vQmu){|rE=eI^P3Z?s4_o>WhIT=y8PZqsV31pvZ*8oWZw%~8qS`g)bp-9W(u
zfucxG)!9GGrRL6A{A0OX5FpZm?nks1>-9*?yMOr;L;^srrLtxD$_J&*7dA^>7aZpY
zfsyx1vY<b-Y*YdVx{1jTL<2UX_zOtuJUiN#fw3*nkX{K5O_25i4b2|IvX3OX<oXdr
z1AuhbqCI;wj}I6g%xBITzV5`ctfC7d(CV`o5YwyO5d2L8rcvp#P+6u`)^tX+NWXkS
zr1@DcNvH)qlURUt_%{InLa&G=x8IPOb%rg?nTF$YN*tM4h?saI#CKQwSHHhVU<oK1
znwXJ;PuC45ORz9EOpw_ZC}8c5jQ+v`U}Cb)=ShDSriMpbMh)nd*?P9tX)Q%ilePZA
z1H|gq=WHQuwChu`s;>hJ9}b%ZZ&2Flm2Uswk@!hqLVCBWl7<sWB-iZ-;^CxF1txGJ
zLXMKJ_|uem8a=PLc+0gJevEo_f;f=UjAdq=@s-u)oyUApW(KhrYid@=J$O+nYEUTl
zd`Ngd>m;Xu4cIChEY|B5SgkbR&sd)T0N9P?4B;eWNSFYy@k?41HDImm3;um^PtzjA
zQO0Q|0MGL-8Br>Z%xe=cS(1x^c>{7y^1cI+B(y;lIZlvF!r;^M{xZmbrx*$v3<^gC
zy^v1dj{pGP1WOnfQ+E`6myr>iFM@F1h$+UfcgBwu4UqSl^mU&FcuOil-O+2#>s~6r
zC?*AARL`d($0etMjRW?1&<T+#%zpG2;Jfq#ZOkrG=#gxtt=Yz#;R#0kC1&Fwyoa4w
z9(0wORr*)Z0Kl~gY7pvswbC{r!U=FfiSO?QK{M+$_iM2lF*FN;pxw;niDHC>6nF!G
z7|Z#IL!O*}#GQ_{69s^);R>5LUZJx&1ON``>P}Z84%+Ni4jMuHOpj+x6$XqNI_wk}
z;RD9cdIAioV>1g0T`jt8?HLLME2noRj+)lx#%$>m);yR4vAZCq{}u#5RSFkWhW@=s
z0U)6vpkTnj|Ef{o$RG&>exT-eRRS$-$xG}c=;$@~GaanC{<jL46z;^}^Fo|`+L@20
zLzM0ZlYw`%*gK={!*zlq3%LNV7nq3*18CZUAIq&8k3t1=UVRNJd*WlamGiQJxOTV}
z712nT^X&Cs!Z34^%)5BX!!cve_*S&@SD(-f7RIhfE54x;I&Nobi=n22_%)JgwCjQh
z_<M8%ov;Y2*Sk_9(OrTE>gKc%4RavRnyFF=4bE!QA3`?RHD0bDTdP=GRv#-|e6)go
zvkL;mW1#UeBvMWzC&rckQs)N<z5585KlvLE3aY=S0RYOltAS|%1R{Jj$}T8ASPjxZ
zi+8<{?gu7XkiZ`Wz>#ds^A<{OhymdBh{LUY0WeOLN->h2nD{~cQ6?1eVDb>p2;d41
zLu>vCFe)93Bsn-{-~1yP>^*h{E^JyLAUW<|!T|tuX?Np8z}}<KqIrDuTnPr)jBDqg
zGkd2i`$ZBx%kweoeSG5|3lQ~l@q<G(@wKWx;d6Ka_Hh{Hk2AApLS*NsB!r$0j4qu3
zid1`%xe$qmFoxM`5^AL?Fmfw~$u}^JQvt5JP?$fs&Fa5%BW>_t0i%EZH>&A4zl_<S
ze<5slVZc1mckj$r9y?HgdaoKm`Wmk^<&J14JUPGImUnIoc0fG`uCISXg@Ke&Ah|I0
z>XUfh?tM^F)(a+7M5qfs@RPSpVdZ;!k3B2h!6Z^jA5tebS?c86;b{Pd(N7YU@^(L*
zSAAqYP+);=g4->Ej>zqx=KlyFIqr?6^6NCQwN!LCKk@NjZ#d)1kuMzYC|3?dV&ZYy
zZ}(mOHiT3*gWbBxG4J!x?Rf<}Mn~y9QY$xnm9-LY#lS<Q43d|Zmq9oxEvJ2^aO5Tc
zFjTW@<C6M8Ul72zT{*he6LmPjBZivKy}t{9=|H(%9#hLu{|b<+(P+^01Av`l1e=}V
zg~;>p{UHIsYkj{p)`5%&w0HvPzWd(8;)*CzfS(?!jPK+Knz?Ej-wY9N@B=04rG}a9
z*5H?&nkj1Ia$7+F06H)(_$mK)9q}B>PWHHCoQo)vFGEbN1I;jAr&N+^)A874f(E|<
zCS|x!92?y1+__;{@)4Bq(CzHzF}E&uf*@imHXIu~&<0TCi68cGZ8kV^-VOlEicDZF
zOsEh9J5M)`L_~+hIsGEw2a@zOK`fihwQDw(NUz_T;j8bfw;6SLFflPO(9i2ux!n~A
zX?|(E*$<-pZvp9ly+J|zwL$%s0xAa}K%$I42OYpp6V89)c+@k3`kqa79u`eSe2M5>
zi<kWbPgms6z0k6k1UD~9OpajyLVcp!^G>itlyi}d_*XZZUp~XdT1G>C*AT{-CgFPC
z*3YQb$E4PV24foBYP-ly>cQs@`yRGEc7<0ukUxD!!f&|+I#5gsRK?a8)gQJ@LUD~t
zQd4>HgKb1hGnn+`Lhe#IT84kseAfEI9@L?~d&+(=QQGcV@kAjuK;w|xRr|2use$Eb
zsDI!GM$Gx4>N)*{?G2!>5fR@6Nw2yIKy7CP;Nsi2th{>z@cur{FJ*&7jupRq^uM}0
zCIArZ)*2r!0ASM%AA^Ql0Wj@+7l8L|l@-^WfYqTP+@UHqML&o<TcP*yZU7ctR@mzt
z!7#wz3fV;#2CA|FFw(05SkxB))2g0{z~ckV%s-;RSUv`lFb1V^hJO2(bdc6RmVj6y
z<XoyE^iAs`9CH3P3Vh1~9qtZH>Y?>rkP4V<J;tjWVtf-`%BeA4`-m0ZjyT{@J4$#@
z4{CXtYrOk}(wAdPrtoiF(+woCx~0a6OE$(oEU$VW{x%uQ%KU)meP!13Mi70r8`N(<
zZ-SiZXjK>H_(WIg6psCWL0A%d@cRt&_B&fouA~FU%d|U8d$R0k=@ROrivf29CtYZ9
zZdg3}3nS^)^uGGk9AoFl6I62_p^m2AMJn!*tUoymk3cAK*f99<Rj<8(`|Dh=ds<c|
zn-qkyr?~n-o+VQLUJ9_E;Dnu^BO3qj_WuMRF&XuRVAAU2A_xq`-mchCgqPPim0llP
zL7bE8G*$19#Qyaw)*$2^x@5G`Kv(2J=jX}?pwMNi_jfrTftKetfEKo&=j~mJY>`sF
zTq?apCIEt<MY&}DIOiDvxUL#uy!5H5!wWdIz$^F!0J|mjnfP44v<E;wj(_0?<(vEB
zUXojf=5mCPOKpU5A*f=~uXvj*f)Rvh-h&+QUj+aFzj}O9@E-F)xc`Y2fV-ZFBX5HZ
za^!(>oYC$Jg9(>&b3a#oC5U=tvb3{Ht@Nl}5H$D=1Sh2lO$M+jHv9#eft>&V+!fOh
zu(r$%#GPSWziRs#^vk4g;drw<2$f@C5CDD0Pld9l`V0U&lf5RFORHRzeFRBC3S-(C
zhzx|r<E+{lxV*f+zTP)K*VlV_@iuuHN~G6Wx*m)s7We&a!G8<BpzVnV834MX2Y|uC
zL4t#WL4oL@ARwUuVBj!l$S9~7m{=d#VbQUP7@3$^SlKuPKM@O)2#Ju1DjE3weGdQ(
z7JRQcbY;zlnXO;Ead6=S&JKx=iB(v*Lv;E7gDJ~lio_Pe<5hZ~3bW(3Vio+5TC;Jr
z(Ui<h{Lwzf+$c>+lDax$dAXskPIq%tkh9af|IO)2vnASQbJ2RCPl!zBu6R|-1nC4^
z`2(Lns24ACE};#4xH(;UICXjT)a^)Lusf*x|6-tV^5Kl*pzv(NF=pO|u7?-BdzfOR
zk)Uvy<f!N>JajOO?RKhs+mZZz{?hV=rm=~medEs`VKsI-1bfvdt0r@k=Keip^bZk=
zITrab!%4_DXiwopn-5QA=^qLb#S|bt_^%|NW;M5Av%{PyLqdxQY7a1H-AEcQX@mK8
z+sfjbIp*x<yx}Awx7lToyXI-q;&l7f-Odx!=O!!<>YP>*(PzikXn85KOM<Ke-Z$tL
zFW4SztpQh9kKbQiYrP&HP9O8Y7Meb|swbwp5fSNTFac%wq8ESlSjJlX^rY79IZ_};
z^Rr0`<s6L#|IWscGIipd@ZlioL>m_QDy*L=&RR8<))v6WD1&Md$Is16&5*_&R^@;o
zc<+^2wLYCgP++`6EZ5K_)p!}aj~#5|ZGx|JWss!N>vQQWkLQaQP>J(3NNU#MhkZV5
zWWdf*w6K^mA_r96PQ#tkhv0VxV~1>8lUY}^#^Wgxy|qzX$kGakc%#JRAsqgFm2?J(
zBo|p`N;=~#=1!kzQE3Ov3<s<`>%E#?huZm~cO}-b-E;1AIWLkwkkcQ~25_XbC$M>J
z6}|z~ytt|7Mk!N&tRpK<2W&CG!dHbTLVtiq*9`!T^bx8)M{JR4{17FHIFVkHUEW5e
zex9dhkjSn8<B&VOwIW@WJiAovl9q#~twtg`i*W=hHd!fg9A?h4evHm)LKC~e?>w1Q
z)jScE>|<2X(%PB{D__fW>0|oZ_LHQ7&}@j9rX%Eokt_BK=fXs#m~3*$LhfjoY&BDY
zt1~VIw!`Lh#t)IM=GNAgF09yo(f(P~Lo5d{vK160I@-lue<kZhw1u+OT&*h>_d!`R
zbv6@gmH=binoxs2QAE>7yG0^qm1#1a?lvj;Vldk814=tJb0*A=hcg@>a1iA`H7QqX
zM%|5SBjTAE5^4-9MT>?DhVl*;m+o342h!n>jz)Rj=P(w^o5+&dPU!}>4Nvq6M1C5=
z#r#yjw3n;op9jNextQCjJT#2T8ZzFKsd-f#6C27+1v@x>xEP)4-xnQipw0D_kS)%;
zFV+Ho>DcJ|n9$ZpfmiCz5`n1q)<PL>BxF(WiGK?Wx%u;tn?v|qt9pwMh$kYw-`=O9
z7^q2?OciI&>m!&C#cA~fAyD_glr4{LhfNYZH;zaKh1ilE^SY#**`YFr_wgW3n_s;2
zlh3vnOdvMumTg98YS#Qbo<xukHlgGqC6%Gvjkge)7sV;7(4T^lYpFI5$}bB}c3gbv
zzoqQ{)q*L%tc9maGrGpEMa#qr#K-LaGIrIcH>7>JO8hY6a};G2+}xHLO#Gtl)rzBh
z{mqR7lqg<i;&9<Itk`ag$R2bP<wz5}@#9CIN31q*Z>m~{RlhWHw4HliuR+aO*Zuf-
zd7O=CdwEWuc4Zf7;*N3`k}@}DD{tk-)x^~#lxPo|4~2{28A?no(BD)xGNv<s;iMh?
zfx2vmtAFL5wcr5x!nT5e{WVhlfn%VW_uJDWAJs!IFK)@mSUU^YxinV|(=JH}WX>@u
zA-oF@<hApVL&W6=W32nfzf)j?Fnw-nBsFiu+RoRzoj>k*n*d>MZ+`<<*U2S^AeMZm
z4B2B8d~2Fh&=`w0I#P1Rek?VP<Z{0(H3}S~sWCiukmQq@nq!MHoIRXbV*gCL+~r9m
zG5>wfsdYv{guEt(%1$n9Zo1|1I3|AB=i@c0Sju%Q<75)S{tal+0i=Gy2-8wRa2pAB
zr8Vu#FaJ89`>7c|LABnBWu}uw>OqXWaYc`*YgN)w+y+%fi=oBRF?3n>_!g5M=+ZbY
zLi<YzdHE!jL)vd;mtW3fy*x<<BimWXn56dK9mL*mqdw;)Z4sL#5#C=pW1Lc0S(QNz
zLYVMoiijBNwK&L>BXoJmy-SS26A3(e17Jz}I3PhEU0vJZ9-0^!msFFi463?ZVd%C7
zsoN2$#1zrTCyK_UbK?&b$Di&}x46G6Ul%TEh$=Qet=V5}HIWyFrFW6-up?6ahff(C
zUYf0Ds^k5?mT1#Suc<<3q1@`~`oDIb<^HvLtsYCP*HIr1FK`#Y+U#*>iy(Puf8`Kp
zT6`*H9QSzx6m;6@K;Qn=RCvXV`xyp%it&8@ds5AIBR$(^-<HlU=wDg26W%92R<EUa
z?K6RM)|Sq;=E-Z-{L5{@nb6M6#f1ktb6J`lP`D)UIowt6KT+7y0hE+7HKPrp0|UCb
ze$$^^mLD(e=q}Xsw`2o8^s!S>E>;BP32=r4I=j0!L~8l8o2B!ca3N`ZObIPbi<iKX
zt9Ed48-6bSW4-Sx%+1z_i@EMd{kS%-@ObiV=7io+yPW54f-}L(w0xW*t8#O3jaTn?
zf@(gaK-`wTK%mzV)qMm%!M`#jQtkDcVhigb*OKh16{}lfVt`73>+8jsuN(0BpXhJ(
zn7O@XBRyp2?rc7di3_uwYhhZ9u&Kft`%y7mVac?Y5D)Xx>8lJGzi)PxwnJsTCZX71
zi-Q@<PB`@2p*b7PQnOn%A&SS_tC8kcUw+n#?#r|zE|n<!DlFLM%m-hKsZM5-=a$o1
zDF{e1Nl8>-_;&-fxmFSs@#2MMi*Cqzp0g{~myDyY$IbQkqYD$yF0>XE;35M$ygqb|
z4@Q02Mk8Wg*F?7QnyNdAU~eK6z{`E!M-AQIBPuQ))JzREpX~KEjv&8i9gGR!JH}SV
zT1a`l#46Fc>tJi<a&nrx9KpRd-T9{|43r7zvuwscsGf@RR!?WX0UD8>x$lN(kNBQ)
zGXgfazx$9xhWry4a~-Wi)1mp*u2O0{60AMwDKz+z6$xAw!l2vq;i4U`0aqNTRM}pb
z5yqVa8@bnb4m||HkY3M@vDZoRqP_2A3cA0b^PD@aXw5gU<#)7-9i|SDtQp;=i-+#d
zuydi1-nW#rk^C{P@k8N0$+6VE{|`DeZXs>g6#0zP0pcYyp$mOUCM7KXeC+W~dP(jb
zCCDW+gOwWl!79norY@D1F$&F7aH=h@tIr)!$V!7X=d5WW8a!AS)_gDPF%Ycs!Yi%Q
z&g&N3zhc0S7jQkTr@d}5gpNpRhTZ^OZKvVQ>T}kr#&8nh+iA6mH*7m9%HzWnrgU3j
zGJ?YF0TiU`laIkQH&HWiMcvBFgrC%F`7;ZTYhg8)$jeB<vr~~}zn+7p^1MlIMtnUZ
z&BKL!z1y;Gq1YL_MJQ;$ND*6irJ-9V{voNI#=c1$n5I$q9I1e0?kyy0Vnnt=n)?-|
zd-~hw8L#Wkt!Dbkp^{|rHkJ=sM~p+)vJ6wor5frQmE~22x<=j2eL>E^cVicQ_RW^;
z3qu2{qq%|veP%W31+lllcgL6*^RzUj8p@|%0+duqr#e?KkTj1h?EVwC<VU8RnD>J*
zR-6<c^m_7tCZX@q&~N-t8vaOvDO2qb!%k?V`RD-5aWnkxrpe2zURPmjHD(w|%;0Fh
zfp;;!dhbT(xw1!{s3Gq1uKRuIcj#E>)xf;8FEth3uP$w;S24qyeM?It^~>AB9!ftV
zM5c$EH5c0700Q3a61%iH#^tiH_oOL~PH-PctE%Ca&^<Kg&OM)BVf!HwTaP9kBzN2@
zWg)Y+nx*tNe8AZ{#T#K4z;HH6bRez#!tGItbja!0(d=WaLY9^#p1Xw(D%-yClo~z%
zjinW4VZ?}%BHPhska`1*Ap4(4s`VSYI<)_hG!uP7z%i6lt>q(CvGJK?>VmHeC!zgh
zsQkYw(j=|A+qtj{uWpc_(E5dXE6);fVxYPf_O7MMUpdXWT$5vHW$>x7_tg-H;JN0~
zarou91slWF7`*%sS!7&DOpFVK(w#0~B<11mpLr0w%4RM~a(cIw*>XF22`~4+zwv?a
z>Mo4bXZ=vRi=8F^hN_yk=e3)zK^cW6I_l{N<eJXf74_7_#AuA{mNdj(m!uEOwce|s
zy_N+_;6G(lTya#a(A&XVm&32~S-~oG|C};SQkArn8#C}LBDMqC5IaG_%&3Y3`xWop
zu&-`1y)LFNl;?*i?b#<zCop(>9EJoTVmNfP<RQeyjK;-qOvWTXAwi;8gCDuWi0^us
z^KQ?^>j%8H?0fv7kekPY-T=ZHf;BnU=%)RR=|`&7GzDz0>p+F8K}X(P@ksg+rab(k
zhw?I~=r$_As$$Xb-Ma?5(}}az3@P0roqVkrh8Ay~a>lh9tL0w@4Hpb`#KZEH3px0L
z*>-u2@&xzf+Ddfq$^EdDzLBb#x0vqU??iCkIP7Iu-`6+Wh3H6SU6%RLkvo1x7Aoef
zw|OD&oUP&uilF~S#=n^2t&O+>CJz%G-q}d6`C9VrM1{_YQ?_0$d3^NOCpcs-$x+z>
zcT*I~-AOeelRK!|+W7k^PV(VzCu$t7xc7PQ5MV*4yBq^kOT@(m2ID7oyBSdsc6E>r
zx8;lu94DUf)u=T>D&C%ypg}j>1mg`IhUbC?=PAyfI^;>txP6x!bGU{vW)XAA%r$)T
zmBs~uQK1^mN9UqTmOdrqrsM+hD$&B+=hXb9ENca;i)VT>&#pxt)@3dB_^wfcBUar;
zpS^E~;p^swTAmW*zJ3vof@x?%!pAk}!lfELrGWtd9w-FsaF_OeDKL2<0Kx|>zfXAi
z@-UH1O)M>lc&{E<fUs-_*xir(AB_p;<P1>c0$7Ukcy-HiUdD-Ll4|c&!^GUpklku;
zRC|Wo^eunB0X!+?yFyQh(kw9dNEsc1HN&aTHRNuMe}r3TKyQbQCpKEYf}Mo5MU=$x
z=pKPh!6ZwY5WJ@gSllz4^5#5U4Q${s?)pBspEuowz%8suJFH%BV`Xd`AuvB$8%xn=
z$Gni~st9|?ON?6qf1&=KGJ|$S8lGLDZnE+zX;d%*MRzl%h*NqbYowA*MaG!OI?RxD
ziTg7T%TlHZ5g7y%3&F(+Z2fRX#z`|%;pVq*tj2y`xOC+cbS40+Q_l*pW4{Ju+^%Y#
zeibd_y7u~c;oB84Cxs`7sf!r@<lv~!??A!?bmzI>09K;))Eu1xR8iTaBsItmHold0
z;0+{&x4%}tTho|KMbf(&<YUQ+EUSEVOLsh_LR>3dkFVu1ypkRj03*=pZ1Y80L_)d?
zso{NJ6eGD?4(K{rOYx>M+32qH&Z>{ts3^0wa`LsPWIZu+sVBF$s>y#W>nCdXG;JJK
z)tQv88(5g#0)8Lm7~Gd}#8%2+|BaFI{`o!BUQ$=~%$7O=_2#J!;ko6xbMn$S4^8$?
zpneFXUv)Y{q5vO`ChRJQ-q%D3sP5Ezc9q)`vKY#s`L2SVq~bS#k+1b(iTYTz*-b(=
zD2AFOZ>*8NK*aN(be*YA3Qcp^?zaEnc~A5sN4)D!BXGBcjBYn>7+eI5hBVr$NpBz>
zuQhphMJk+Gq3$B8C8<|70!3~!X6W~V$ft3btWZRBS|_KE$L8m^UFiL)YdT+#t1%iZ
z#Zq_!IP=U`;fM9i?j~^6)+RnPH`X?DuwjHYcF^wV_SR#sm&bYhnwuuv)L6(Bl~aSw
zDi6wkj)JUAaKwQo5anTlQT03F<1ZULvht9%TF+{kGcYA9Fs>(Iw_St&28wmf`7WSU
z6`vjX{FT(#Ql(&1x#fDZM6iNi-#LW{TTA`k5xQHfG9fkRPx+DEQZ?2c`I2#bMM6sO
zJi@Zel6wPS@9+1^YrG@3W1Iu?rgaow3{BoUM0o>rzeXc=%qd7F-W&D~+U0SvC|ujJ
z3rd;h>edBD-jv3(D0Q2rPbyhGo%%|CP=E0h9DW0wFJ~V0)8c*kB|Kw56Ux!;O~y{j
z)=rXd<4q#fB0i40GL4<_vU7-d{*vyYo*hanQsdpY-8cAArJp}4>kY7hB#FKDT6?$3
z{swU1+ku=oQgF1I<F`2F^QoAQdqnS8mX;vYKgm4=t>@=Qp7q6*yx1mLi;#Wp74DaU
z*<&x^sXGp*L-_uU;GJpYef@6-?&E4t^6c}S4%d3_tWI}ooHi4?CfUi}I`j8P167pk
zr?7m-Zo~w&OQp9M+3tyIyh3o5NGgm0ux#REE6Ve<gAFYbOO;$G{l_6tJa~p=3rZw3
z;|l%QvgZBZI7>;76L>5GnK^|sS?^Zk<e3Cyr|_2A!{n~mEz}U9LU2A10M7l#EbHBO
zZn6zp>;{A#m~DP(pISWm#(Hn@NSrm?1VrsT$h8rrf?S7l-ssU0Gh=6U_hs4;!}mUk
zGNtim=9OeSP~5POSjMh1#IrCY_v0#GcgA_LXND6+3%d)5jfYb1<zd4YdV_nO`w`WL
z!7;ccZ{B&0zP9|(In4&a6&eOsClmO5tSPjOYNFpB<tkHpOea)YJwB}drFj}?nP&Sf
zeqNemZ@=z6a3BxOl~U64AO1Y!BDM_aY_}ah$cuq{-r1$=efKZP)r&L1goeSlDRp-|
zgop3eU$=7_c;Q2uga#n6269=pB`Fj&CK{_cBx!9t3kVo$56A`jOcOQ7z0?Kz8^&uF
zVt8>Ae{Id_A84uHZ1Y3-W;YgYBx=or?tphd3#f{92rE2be@=0CKtrh}&+;Ave-z^B
zN#=s|HR;(+td{k1r23dtxe~`jzv?K3sBX<dvq9Ue=}W%BJ)<YNOKd%iCM%w!{T~W=
zV;lzt2s&kOI38)fhd(%%Sx)e`?51HTMwT#J{VuEZf9s5vE1&|JniLbVA+Q=A8}srE
zrY<P+muo+`Jj|zDNl*xo@4YlSt3S-gzi>tpmwqU}WPUf*F{PtoH&SM$=6<_DR^jPY
zLRg%=kwx*mW+1h>)T6I_af)DPk?M(zBWeMLc-EP5RrZPQ8#gKV7Tnz&e)(fg-G+)w
zJ@g<hO=u~=^wk+6jVYM?HdOu(qU9)J3cnX>a!)H43PU^4HsCUp$IYwBQIzK>V!>N+
z`Mj7%ZB21SKRri^_M7O1!*l)VDv#b+%2Ap|tGBk~E<Z_CrlZ<=v87lh!-RA8erC+#
z%lW+T3o@^?H0a{^QPfv3TI-jV3|>(GcIb_W7x9H#@`O8a3L^8tb5P8rWAMf<YjE9<
zu;&m2eAbEJ^9RMG`z7#slNNKNvJQ_a)XCKpM!`ZWE0Zf<d+hh$JO)R@Q$qSNBTj^t
zl->Zo411*C$C-bA6wsHGdZk=LVsJk9VVHVGCEV2!ZwdPP1|Vmzt7?!S+@xP>Ddn`)
zJHA&W^ejl>hdo{gc1UDBcrG^Ict;i7+t!vobW9%T$ftNOd>pHJZmk+Ys>rziL?()e
zvzxYMEMY)7xL}2gfDJv$_>39CmZIlrTZ=*mycI&3cH3N{^dF+}G%34kxNxYue#HGo
zdw!{Hwbas4y&yZW`n>!oFf@DDV)658dE>`~SU2v|D)an>;p?wcjcU_Kp^R%ag06{O
z&fwm)SK-GR{l>?I=_si7_*zmPf$EB!NvoG2ZvuulfWLx7joK5n`3Exr;S_qOkjean
zMQk+>puv{r(W!sP1f3Ii&p{lfMaTr@mj=QT%GN}r;!VVzTW2nh#_EJS-E>EG1WbdO
zS;B?F_VQ8+T@Cr>A8kgE`@Zr_q2#{uj1Ok|@{AVg`n1lg2LcH=?Y<c!2ojY}rL66p
z<FQk*rLVO&=q&<e0unV1PeUHORBwPZ28k^8r=LGLBM99Q$iO9zBvg)f`4cX_dFl^{
zYV^MWBHsX;cAzI98lWd2;1Cc{P^j-=Ai$v^003|>2mmAs6f`Q@M<OO6Vnv6TDP(jK
zMrL6p6;(q=|LC~*tg32K7FNMePO&vz-CHmiB5Fnf(`11cUwg>eM3oJU{jx9remnvv
z0KVUtuHnpEdE{<5d(~647ot3ZSdf6PK+FBVJ&nNIA;}p)7cQG<N^G*X=Nn8{j>`X7
z$`a~2;f!kB7s|BVn{;U;>sCe1s}V~;D;0@JIsp8C1;OF(NxlFt7kiaktByA<cmFFF
zLs40{Kr(S;bVkOl(7y+Bk>dq^nE1))h9NnGR4?e7aThq*ZiW}_fi>C_!yx>S<S6!2
zp9N8}?ft&t5LTAgC>QbnKcua5=jcg}qLrIu57x~}Kd7KoNGFSu^l4I%=@G0>Mr+W!
z)P=ILErCp;`G{c=q*{Gpl62v6j-l1Gu^)9Mig6SfwXo5dIU$R}2N*@aXO7`xv*|kf
z%NnKF$2%W@XP=`gv-a8t$qlfPN*6H?O>W@beR2$uHLb2J%%z%xUcOe=!B7oSJL;Hh
zW|`SNp;8V&LW@kG2zM#or=_Jgwyd2mOdcyjq2Cpw(J&Paauu|Y{xT#oRHR7ImBV^G
zjyRR4*W3JK{D`7iGZKe&{m2+@MifgZK3V8<M|+h=GQz;%&?9}>&xWR@2k}=09ku|~
zFEZIEnAE+oO=PZx60F;y4N|%((t(jiqMMQqiuHM4)4IxO@Ak$usRJ3W2v|cu6kLrO
zIhv_j25$S)=Bq<a7OBhfOBPW@SY<oQv_>0^vp0FKC}6htDH?{Lnoi^89BKbxT@U>b
z)r}jv<BoyhMx;|(x*WRuUY8`@QCX@nQFtaFPu1p^12{p7gi6>J#-->=QH-yM@GX?H
zwZFHTbL}d-r@B^8EVPrBR+cjKjr3?o6usYS((zWPYtk@Z(2#qZg+^=&iIkTZ$M-<g
zNVJc?K4=O$ASa~U^w_dT#N#D;T~d}hD@fa3^Egk~`dXA*$$gRFE+D&{@xg{Vu=qL>
z16`+4g_c(BixZ<dCC6<vY`Uv<%vy{+XQZO7%r_&*X@Lo3KK-DWlgzC~fHqW}T0dXd
zj7f)Sn(E+zB8Sf;;(t;1li~XuCY`3Ub5#WoNs21brfHLJgpWaGw&;u<^BbUVR3=`D
zO}a7<GPFg>{Qyf?jSkaH&AbrrWY5_OsHZuQOb|-Fl44|9DZbvl&D&@p=U`bWJC+7*
zt>75VI-(25|E}DEy1cO!HG-Q+HPL3dl(8Rr_2<&3wfpS(M4KkRV%&icz1-l*AFkWq
zu!Q?6=pRN9^b!q+i$#xx5$B7yXAnM4HZ3`@OSNab0a!dSJJ>%vqpi{QdEqDPMclNQ
zw<6yRnV3;O%D%Ha7p8}y3c*oU5)B*V9K-s!JZl*>kLN9Er>p{JDsGHgj*krUeZm{#
zW&B14g^9TvBA`fY3W`&nu#e;*({QMdHsa{h_blDY0bzRJI!49wm2jJX_fHsV6~zK&
z*yA5RuTV$jon<6V&)mReOKi<?$Qz|*IZ$&u@lh*7;ysL!%kgnPDo|1CVj*{9;3RZw
z3gu!RK3LXgT=#*yYlak~<KuFDl&=;}wic07@pmE}%;yeHt3-lTNEGpoTZ1=U<@d&;
z;8pGGuCkb@i?dQju;r}{Gn*W>B`0$p;EkrT9XGFAP{DVfR(1uweWIDxe9$0JyTERf
z?%~Z?$-ozaKs;k`RnwAVX-tS<wCF@!m>RsXdNhMI6yZWmv#nsbB`xtuD-=zat*>;%
zR?6JDDTGn15c=CNiLE*!-FuC?WSb$z?rUYl%_X#Mug$g(H*`4J){KR8cmp{mT5@bm
z6JKTH#`8+GmC99@b5K30pz@aZM&)xT*wL-W?2k&d;ZvGI@x-w(A$4UmT4iZ?@@#ND
ziZ!w>g*|Lkw3TM^lnC)e*z#)WxaaBA5_Ggs+)&o$<7ePLv-it~H7?oClLr^DYrqgR
zCSiO+SPWH5A-1<CO+dAm!JxrP7a{Str$a4Honq!}+L1B$a4x0aH7(Mow=-JUA3e+V
z%$q5YMA`jWi0dIb?4NDU6f`Z9=Y*w}C)tpe$3v;Xjf^1}L#WJh6jt+hDp?9Uq2=bO
z<{hazpZ8WnYYy*DSxH}`F|nW}Q->zFqD^csq%PJy)bJFhA9};AlzTco$@v7HXgx2b
z%_@9p{?eSBkSSRs38h}L0G<K+8CON?r=EGfY<ee9w}bI?fv@Q$zm3np%WHP7Vjmx<
zpUTo4dX^}!zlpEjhgsY%O{oxAW@1iKhl=n?z$uG6r<DzemNu5`?5I2CE#K(6-9PeU
zw3_oN+4&ujWiF@W4108PHkp*Dgp%v_Ad~~uxSCT9HHKWXOR45?-}~KNjmn#|HK&z~
zWviK3?IBDjF=9G;6mc<iweQNZh%t4Aq1(WIygP+&gXZPGC~Mu<Dt*Df&}J8rx1lgb
zZpXt%*DR=h5i6&*sm$ZfT&G2!PrI+Z>K4gU{SnXY`j3b6s^g%<;N6`2LZUVEFIul-
zxlD6qh-tr;%YW6Vvg->7!<(F1P&1~=a?TbDVEB=#n5g=U!%m#PXa!csUk(gtd7{G7
z-cdk(?_`OtTRDxO6abO`Ev4Djw&`@@l<jaNQ&&u*wJ;~Hm-(bpRquwHq{!M-@w+w9
z!6I(hDP73HXdNg-whFiHkV8H@<!~&AVqRQa&HHmFd<Hf95a{}2X#Ns=H{PC*l%Kv8
z;hEkh-%(O~`9JK>uw!2FpJU&NTfoZKKh3@wd8yS)_N@obF#MWyM#J$ZUp@j_<cEtl
z;yXrrn7%GE$abuV9VR}Rw}G}n8>Fnj&_;XAI-q8~%8Y$PI!@m|sDH%C0mBoOcC2)D
z85(qc9sEkU`3i#lTvAdBHX<S-?$7`7Wco5g56*o2D~@R6C9#fMG(E4Rf$!A;_r#&b
zDd0{C4C{p|%|fqn`wuFSfK(<Dl}G>5PwWlQb5KU}EEMXn{U5AnJ#PTFw!c*#w7-hc
zO5k<Ta4J1zF^SIgK$&|ujBC({%tSbLX%YNzN_aPUv-6|!GHQ55p?<jasIgIS4o13X
zf&@+UmyT(^>i5le5pe;ve4Gcg7+Hq{Tn1%G@?0Z-q_|I8$}jZL$D+Nv$~M55Z)Lm=
zm_2PIVj4d$p)SnUR{A4aEu;W%?>|W}yo(RUG1Y=g&hts?bFk1${8w6i{<Wj;63vMK
zPM=8N1TOMTQmTnaYo1(!5<=MmNm^a)+nH1P(SSKjbM$Jy_fDuk0CJ6U%TP4bpOJNy
zb7@-)C{|iWGrnZfx4ZAsu|qg=a2JS3{4xJ$sD<PY7~u}=k)&xl%%BAyx>$D<^}f-6
z_tP7IuI0`@^?88h4v2gHvTg^u20#7k%M{YA*;dAIRw47RRIhn*sA!Q)WH!>7po=lo
z>(1o~%65CMT%BaevmsAK%&KuL+j=dwI(N$!>`5m@!E-15_9+}rr9ovq;(+U{)Wy%U
z2!HtVI;TN+llCWhb6h*BY@k?yyDCwr-$AO-0yE`2!PnZ}+LPmAG6I_-n5l6$N719h
z!m}?k9eM6)754*I4=<a&%}oIYaPxu=M#!Yf()J>Vp<@a#T)?mrBR7cbBI1*0CER5D
zqba=FvGm3?MY?k9T)P1m!l%Bk@_zFaOa%CF;Dm?@fj1iSG-8MNf9i(7gUv=OY?4}U
z{_=+gzsfD^aFn_7F^u4ceO;hbRYJ{V{2bfIpWW}*k6Nod9O7o;m=cqQYE`Wh8r|J9
zMx6xQsz47t*1D*9=h7{Qplh>5mw9_!jA6!iuR7xGhm>L80E!e_XkAa!v*0hwVX`H7
z=LKJ63QAWtq(vGV`1GD#?OqopuCYDyAk?9PhA4bZw0q)wj#B4qYV2rw!t4!{<Q|Ji
zWn>zd5}ZiP<h9<Dmm0`%7L~^8M-bXy)!S3IFmp=QT4|hG_&OVY^!~)J7yWN>m7F&2
zwDwmz@x)EEy0`u9$o)IRH$bai;-3xO=?##u_SESoCM=B{qgM5~9(JMcy^Udyu7lx7
zOnqt)m5G*<K+?X?rLp%Lpk-e(9FUU~rELl$|E%G7P;ehJsCC;pg~CcK@lWvRj4<Vn
z;Olh{larnI#f-%B%ETMKmwzU8sqJX4+($DnhLY}`-#WN#=5&q|2%BS#rz**Hq4Tls
zdLUg)wzt%`^`7=Ip~wI?U2^U8h{`_Jc=<8@FymGA#FvJ-jMJ!TPwlaNFxKd1<xc?l
zZ2Zfe6Uam@NUBVCJJbUvZ23v7>pa^6Sa~z!q=euX*V4`UNvXW<eBfl?bv$)1a%uDw
zh4q=NU84mt8ud)j2D9W`;twj=o^yuPo<>V-!^NUw&18zSB^zCdRJRr7i7V|o|H1f|
z6VHL%Ro`r?1j;D&5+_N%z-P4fFB`N{G@>_85hk)xg%PO5mWMLM(BB_R;w~1%JuIl0
zv&Cn}Q^}KP;5sG5b<)?Ug3ug+ZCJT4=;!x+m)Yf6+HAAWRUQgc@^64Jz1SP&j-7YK
zt7DB1m7>_x<d)gZhPSqQI_V?4v?aB@==gAdb6zN3oGeIO^&JX`@w_tq&CZ?MJ6H8x
zx7$Ly*Z?00ojsb@48yotTdv5M&<mXQ`R@8`bVr&0uoO|S2b`A%7AcK@W^OXF(?GXP
zlPJj6OuyP}8)}uK=x9A^nUjEtT_{?ej@rQL;9%1)_g0NczX9NvWkvD#B$I@6cUF5h
z9kT5?r#SJ<e;~5T!{AUrgrj{dlxoJ%Xp>xdQ0-i47Lzb2Wf_m9T1wcw$E1J>NAvFw
z?c5Os@m;VEWf{kt51<+yXMK%NT68Oh>8$$Ck}&s$`s{=l+dM2Oh1loJ=gO$##V%q^
zwCJK@Y$fIYjr2dH+H+3+B0JHRRiu=a&YtyOgFNs^MTPzrnuW$k6hy`Gu8f;XC(VTx
z!wrkgNO0e5KQMC``qyJAc7jy#NG1U_iq(~nkkhBpG-{d3$vHXKYz-~byQ&V-i0vLZ
zshyyJ{YDK%b7HtqRdprN6d4xAM^iG@<(PLi8q%-`kV@}Cf8^28wM+?VFM$e`kQx6a
z+PuJ(dnH2E7px3~FTngDPs{v6!<4gf*ugMvyYKtT7-lZfblQz>6pXD#SGm+03p|Cp
z$8PAR6Vd>qv0qORQQUUVU(A>+cGdfp_H6cc;xv{6h{Z$6TCKyr!l#>|RmygIsJ6in
zcK<<)Drm4d)xT<oN~;A9YpPk&z}uMO)ODgpJ6%&I-p)Okfk*RFQvdJ9{858Y5SvHd
zW?to@QGDFJj@^Rbv3<gJ46Ixzr-cUK;xz6A1))Yiahe{}Yxc>=ucoM4%e1aP>zY}~
zIk@25_AOd1U>R2EfZh#ruqQkHkpJTi@F|r=#q{fn(gv`2JY4a=5-ru1nI0`+=%nIb
zQ#Lz3$il@VtCEVXNd70q^gViw|BE5~1F<A7`Y{f?0CO$kNS(;`DHlF=E9(lTv<yl-
znazVr3F5^s8YDRXaG_3G$)?!PpS8lh<jRPeR4-z!HO&{34dYv5ghCTJs$6K$h<9ue
zw4Jkifytj$RvuV)X#7?-HEc#ePS2lDd<Sy6mdzGWvng1i!o1G@+-uqwkq-6h^ent@
z9UYjj)cW`?LURTf>DXMd9m;5tFC5N1Xec^b>mU3<Zlye)_(Xt?I%0Y(Idye!pgMoB
zdf7n7S+2{l6+>yhDK>M27D3m2r#lqO;i6`7ipols9Maw6i2O#=hSe$3IK?6VVn_G(
z@tq)n=~hl@J9e~@XL@dl`dRB!-PTaTpmKb=@tzv*{q8El3$7EX|9m<Q_efVLCLLaG
zbplmt8ULP;>jnLw^==s^zq0W%TrBHG{;N&JQ}LuOeJz}t-Z^q#<nI9j=k^U&%l4-Z
zCJu5lRjl*`xz@}o`7sx<2zq(YB`cwWgQ5JDS!(3Cd}}~o+Q)T`o74OoP2xAe*<IBL
zL`inZ`U+f$61j2j&NY-25Bn$Pa<0y3Q&TON=&3|!71sRX9?Fl4lK|*%8N$`Fa#dF{
zYLeCR(7%#mHJ|uv&8{U`RPj$hFRx7CY00&Z6iu!hT#}n)f9(+<t<6&>-|?K)NZ?T#
z5zBG?E>*T-Q9~&ZrWHQQd}NDnaA~Fq#yE8wkzbDR(*d+%1jWNi)PJQ3P&#*Gm~>4R
zdIR?6aMLtFyu9^tOBAR(n^>zsWb3G@8Y34kSu=^^!?nGJ25c`$QW27)F2Stkk5Sm&
z$FoxP9I40U$UneWO|C8YG2B?Uq_bk6?=n`vw_BTSbl%Cu#KV16!LPs-uQuf|wXTqj
zD~u{P396%3xxoIq<SM=Co^|?q+U{x_p#>uDS_xk8l_U%?Im#l9dI48C)On*ZI$D8l
z9^xTw@|h(D)|L=2@Ub5}?6Y>;HdX?TC0i7_m`bd{DxfGe4o&2x?=v#dfq^b-o-z_U
zbSV*GVy3RX$~}dxJf6bbsgNA5PsW8Qg11<pe`fXrutIm*XPar2F-Erf4Y!}ci-MlO
zi(Fk9?b&>w(jC`jCvy=?foC56!mf#9re#w(S$=pJ!bqN`=t&S`zFvALm7geLzF?wh
z)I)chneueh;sdM}n^pMkTJ-Te`y{Na#VF(wZ4dSEA@<cAs6&9*h9(^8u54x+g#@FK
z8>a}O336Gh3cM$+OG=c#Gl{l(UzmY2eJ05>oXSEfw4e4nLc>83T3Q`%MqihCD&~5D
zIfxcp`{6+@l0TV+0O2*3dswz{qBFyr*<Ux>93#t0mZICnqK)<Zowe*jpNblALD6Ud
zSKJM0Q}*Lj0-71hm@|e*3A(PL4gAH(D8m_$EVFyWV!k+k?(5u*bFrFSVa8*!$|}z~
z(+VcH=8Sl4V(rRw&ofjtVxd$Msn))hgsE1}?8Fcm@-v7+Sc=<9%F0$>2FdMl(HT~b
z8v4D~zI2Hb{Bz7q9BpcN`7o^vMuBPeR7)S}nq2K0;DoTBj(x*)c9nNXoqG<Kzh6As
zY<~~0q+&ti4InFHvKVh07EG&I13$vSroYbKlBZ-Ukn6g+%H}@m6st_XLm}rJvtQrY
z#`^0+=wZ#h|4B4^?^6wn)4}(d+WggC`NU~<W4r1j+a)(9(IG7tBRbud*zwtw$LeQd
z3+?33doCu6yQ_9SMaiGppBN}aO)q+ZXh5FN+a(J|-pgAXLvh@)@=RAP<X;@+p<lx~
zi%~7ar28rpzD$*w(GIXyz5!rQfRv@Fifl4+^jquqnCmvdp#Ro$sO9F(e|NBp8l{nr
zNx+MZvxug99dgoAQp5-F7#Xfm3(FhhXBZ5(d>xZeYU~Jh;4{`lRn`s_$IqFeeqW|;
z<V`I>Va{}=Z6xGq#xu786riEb3)Z_?I#p5k#6Ah#bT0@l;~m-&8%0e>Gu};T4K-Os
zIKz(CY{FA9y3ssUOI;FL!VI*lzEW*S;+1Sl5aiv^D9Ms&2UauJpN0{3>w+rhzGPhQ
z7CVs7MuE+bEUINinl3QKIoSN<I44NX_1ZS4ramZ}X1wJGT>yDCF>qp{Mu9i~IA9$N
zUf2At#<u5rCLu71l+3h8%(uveRF5esIn5P|dn5=f@{llZueYl!C%lm}+GtKZ>U)j4
zqkR?gLEvJk6n?5D$K||S7O0k}myepl%265^e+T7#R?56(SF(;Q-zyEK`;tqcvy1hw
zFds0R{c)3|1cGm0Dj+oiiHu8FW8za0!_F@6vZraN=kS%UEJOw1UHT$o6mX`smW}@j
zJM#Bh*Z4xvfoQ?nC~SQRVT;oh&&-RpI1gfMnG`!|A9)X{SYGqoKBuhOdSpSa+^nT4
z+3jA3(?i&JjvzGIEN;y%mm-N93KX&Tm9O?lEU;=dg0eI&!tg$Ez|rPz%0Rcl+F*`-
z*^5}0=Ospvu1vrjsq<t>C6AZCpLSmH09)QW0ctpcu62d2Vab`BgdvzTv^%}#SiQXW
zsZQ~+`VElIiPirFud~4`?~$GF$cM>QSnlA54zu8ylK=cd2mChx8CWGAWpYCByPt-B
zpiQ<l6ifLB)I!HhUihj+pc&m>r~_EVr^T&>ibM4vUgBJBSqk`Wv4aGK$FIQgg<rGT
zs}+H?I?;?*_smla%pE5)mq21eFDZCgO_rlJ3|y7Lwk=3qysvZojO3IsU0CWP9FJnN
zguE}rXRO~+X7i1X*yY$$%;x&?T(cEh$bIi4CCm5Lo<*=+G!vVb!Z{IXE%fziHLhBf
z_JG97-*u{7^VU`LzjCgb6EwD*%8XZCY3og}S#;)?W7j07T7Q8m{aDzs8j4BV6zWWl
zSgM=fx@B|}`Q7OTm{QR!HYJoip2fZ(ssrYHh^iXvK7c$+Qy%R~aLEnC<n4CHBr{Wf
ziPP^V@baQEuaEPhG6Ifn+`S9a3$<&=)ed8T>=qqN3~+u#F<LjUsLV%YfK8mOFMuEA
z+N=qtp8;+-Jc?}?_*C_AlH*>G9iIX_b8c-u_WewLUAXA0esFVoSGj#ZjFu~t_5Fl0
zWn`H6S+wgc#NX)KwRXG>$3juCIx@9s^Q!g;!pCp<yHHf4i6R*Dq*3R*(h;$7Za0zO
zox2Z9OrH`pdT3h8WrL`)Ttr}rQ&+ph#O8r$=IaY4Yr0*IBEs|AWws?H#leZ>TVCi<
z&aT<|h-7Q@b$T&TR@)kNdW2xNl5J@GTtSqrq8%E`==?+XjyFI=omTKqz)Jm7Sv4|p
zk(XS`hDvWIY81D;k=Lw`Q_9|$9c;C@7949%@Y)|#PfSw>u)Mq1DOS5sOIbRxx34(k
z7Z*f;QVaZbdko2I33^{nVH|jWp5si@t2Chg^KC)ko(bPwxBikRYc<+3#=ogeO}sNy
z1KT&8u-!Li>{LaAMXeo*#jcA^7AhL$8p9*&9c{wFNT>O+3^-KsrOGj{@%K0S?{8%a
zigf79$TimjnCr3=yq<ckwS9H^A|}DbQqKvnQL0_(+z2R|tb3SXfmtH|qTJYQQx2>D
zMAX7Ss^PruVqJ73SwB>zSFOqX=@PZPnz`>f;%D1=`De3@btIOSyff&}78%vQZCEw9
zTVV0wVZKW|fD)6Frjcw|RgtfH{hr=f1=+9`Ps?9e7bWNG&osG^E4zh$q^y<bPSh7~
z=+O`S(n|9_&$;;dyqUrCcr=yXi9(26Z*YO!68Kf1MFJ)=d8y$paP;iZ(|^?4!U`Nd
zI>&hkxdL<>?RI8+-zE8pq;_BlzaPolJ>gQiiS-5LbQ~T1XwEX@s<NsBKiPBSdZ@I8
zs$9>|YFESYD<M9;#{g#{1$DQHME86L-x+ZIao@$}W%HV+S#Q(nLrKifCbaTWU3He)
zi6#7e{=qXwkWqSO&n~9t3=>iwJootM%Rv>KQD#Xvh;-O99%OJ05XCUi8N8LB2m777
z`xr>VDNTw~jn0;RB3}Nj?W{!^7-giH=2UhxFKK8St@<pdUx(2@uBJd4r-=Sc{6BM?
zEjzpDe6{*)R{#$MOC|=dZi-6VRDhdQBMQjft8V_3P~~bPAmQ_0Tk+S*;ea_y=(zck
z>wfgn1$zKnDU3wVB-!m|#ZHD<VCes#?JdCK_`Uwo-DPoicXxMpcPZ}f6qn-euEpKm
zDelrjaVZW3ifbv-OTY5|fA90W*YBN^ok?<%vzg3HW|Exq$x<a%>eWc?>+lwXwj)XT
zl_*=(f$}T7Y1b~ZVUWc2NCjirl101SK@5jPWtUgGM6XbWaf{q1A1KW0k%Alem8t_Z
zMl2%51O4QY4R@Pm_PGy9bjIDEp@?%g5n?`fho$pQ7>*di^dM|ErLoOZrApRoVpS+M
zbG<4cmMyl9eUgk>XKEhjGk<Sa?~C=U2c+rmOF?&Ob&*NYC8JP+IGrg<t(oVGqG?=x
zJ}#v+kb%(dc2f2E4nchum5!tIc!0f#HB|Q-ATOI71MDg{Jh8xDhP}Z8&o{D;VB5r_
zIzcz#c-L2D*0(X^hxEiZM>BT1Ue4)7L47$neCx%$ge0tDvG3d^pRjQ3C}*vovhs<i
zB!90e0~=PfQ0Ud}r>pj;Ps3%~#VA<L#28Rn5}05@vYaTg`T}yM=nE<0=y;=iR@(GZ
z{S9ZS^>hODDdO!Gv8pgW#jjeFr?M1PXYbkgP0$Zu>5bjl(@HL9zTP+Znoa?Jt%l09
z9t;gsjvP|{s`O*c@Ei(2Zep6}<Lcm5wwD7?-8k$#-X>y)e=|LsVn%3^Ty=Va6=QgS
z=+Dy5$s&HR!;ad&%n^%O97}yMy=>}5mrJsltbd^MM@?jc-u>+0hnpG$)eC=&ZSn<`
zY-B0(id(xY#gJB0yBpn*mow%Q`(ZT}{i|c6h2T9rmR+A|Bi&KxHkm>K|5D2$8q<g5
z;h22$M$7Jd`oEZerDA_e?s@39XnH#1UGz3^bTvsQ`6jqkrW@(!Tb^I#@Do_Z)M0Fi
z2-FC}x@^URwtb<7Q0M~=TFhzz=H)-I;|?x$C8Ca#-!#aeD830JS(u)Iemc^QtiHV)
z-C}qfFYzRP11^c*6dxE+-ZULR5Kz#6AgKN_6n%q#dQ*5%H6d{cDr~$&VG&6hn7dNh
z`Cqo4!lYMBDdIo&a7I~U&Hmf&qeX$!5jL-K0XELX4)sTo4YDZ8&l@lPt+jT#OaE=B
zF~^|u6nP2s+3=Sj#7&Cp_J%jEmyL^h79&Zv#^6n;zj`xnB@*!Z9}aY@Y%s-axWow+
zA#(lqFkCC8^DEQ41qD|))I|jbu0%{apWlU6pvi@;^v8;cD1G<p`2iM1D{4am?~{c0
z7+@xnktV*Q8V4u&0@1sA$1&KbP@tUqHpEiDx7!2-Ed(8rF+zrVrE-9ZAmm1KzyvW4
zH&P{X;??B6NCS{N>G4;g*g}*f5Z-z+>D;?qs<J)b2ik^|&7pS0dh!N<2>2mL+To(}
zCWFP}I@<i97(=neM2Xgk1+kFPTux$|2zU*U;Xk5sM548OEEt*+t36Xf=tn=HA}ER-
z(10a&a3N3SLP9DIlOX3=y6K#&9>P@pwVc^l*%B8aW3+3a-sObN92p^V3HTLhh&1XV
zQC%LCAV=;}%Yae1R;%H1ZEK?LQ0mRm#R<bNY0Eh#2;kO?707~yT^hr|m08OvFt#cW
zUTm+aRtV`hu^?3`pgmc!8=aVO|0m$15Sh+ty<?b!UibjFsGJ1UwJ|F^%Lt5ElAh>?
z3Qa(pPu;H$e?{7eNcA*%u^o^Yp}?-8`nvVc3Nd31D3%CmB-fUo7BmtOtdk%v93;z-
z%Gly!6FRZ}nM@b9h^(TJoI@$1-1#iOV8LS20gEH)h~=Q41N0Mt@gkvX5W3bu-${LS
zRUl#;e#Lo))}6u35K_pnY9^fpHrz7`1U8g7&+5R=*MK6iCW>)r*2vSzBfUs#GraZg
z0q`QKdQ0#KIg@vVYIQ1W_|$eo;t}2tq9-(Hl2u?65-J=N3{kvj!BBWb<nd@Z39bRK
zG=bV9dqS#ff%)Q~762S1VsBi3BkPJV&`1-4vpfr-x*Mf5ojJ8eKNqB-sl-A%E*%Dm
z2nC{jP7W?14TATEDlD#mc@Dqg+>`*)dJ{;63{&P!KF7v5ub6azP-d0`qYt2xxoP-F
zM7&AF`ZaonS;+B)kO;RGK+<q!=_Ov&H>h<H6Cr+(1Lnr)lkko}zd3&t>5xd0%4mW%
zDA3!i8A*sOK*@#Nj~1{^Ev};oyJ1cKv8*R2N|#4A5KqDZBn)F*;$=0QIGgS$RvNfr
zhG_c^Rrdgoy##84R<uc?!jRZ_xN&XQosXT+9A_|zpkqAJdAyknNR^ij8GU(^eD4=H
ze5>S{Q1{t|dxe++twK)oM&b1#4U1wSd8h9{M6$3o%t1La-IxBFjd930`4VUifP)$Q
z5*X-6hARfOOOhO!9Etaa6*p+$Uj^V2@mH|BA^~WNz(tC-qBux6DD_8LpkS&17|7^h
zxC;2_G2`U}U-jX^&8tR9Nshz|LB?=Es%k@|T9s|XD<B87i|&;>W@m+Ep4UHr`5D~K
zF&wph1(xLr)cdKz0D%WA;nWwBuv}_IxC$&frxaC-kLWN2KZ|b*@W7!;_mV$t7KLJg
zOFFXiLbA_Jb*lX481CQgo9jhnuLBdM8ahIX36GuKuf&G4N#I;eTkbkUMmdcfC9z^C
zcMPNQl59wd5#IGPYV%1aLH|Tyz@zlmlxkS)r<mz4P{G8NfN^(ndB7fN!6bLhiN%is
zpQ-Jpb;TdmLak|kle~PtfPqZRAupKrh>NvzSbQaEjA;DPv;nUJh&F2&aEM<bjH4r9
zjDVohz83-5a&hNDyv%@y&I)6F$D?>0PLZeOUj`XtkhUU4z5o3$+TMz83>ydcDyfe8
zEB#IEh#C+w2d>4zH`lIzk#i?Y=uONd+7}CdDaj58GJ7r&&~juBVj@7okj$Y8027m-
z2pZhoSM-<rLolLZ4alGap>eZo^}nfM5p3K{{z&^qH09hB0913}!Jk%Oe7qg85NC;l
zEZJoCUa#Hpql|wOLUwqd_?gV7I21>&x2Vmp?6NkY8wHX>i6r3=fvb++y5C#pdnc(W
zmj_uE?{6cuR+;S*da*;HFQ7o`b2A2E1Nh!UUWATT_A|~#&7R`!UY>G#Sy)?@0=ikO
ze+F{HFNiQI+xy10_f4t&^Dx~o{kVAi4G1kHXkb`~YqeGg{0JQJvBR<ulmLB+3}nX_
zoe;^Uy9et7WT-_Zli<=ZCN<*BRExAoD4f*6KPZEszJdxivwnKu^{_3z2!hh-5LrVF
zzbT8TWdgaus=w}09JE4nS8+IhVpN8nG{f_}LZsu>TxY1$FfFhDTdUt}*C00CYzGnT
zTo;>YX2psn&~IR7FI#mq?clxM%C{Z3st{VSV5m~LArfxE)M|!`X<CP?0z}n?tJv>n
zuG}renu1$Ly-8!Mo}^l!GjK`{T@)3+q|-IVSkO;gU&w@qv~>zVsL@U_hR8evMMW?m
ziF|T{=Y;8iXjp7a%W?{cPG!6P=efc6w2ANqI3ftg&_R&YVuZr|WS~<YGYa?u112NU
zMXBHj=NnsSbieV05n?0#3R;Ilg@Qei(I6NFaY!`+!nCV+MU5c=ms6>3I8r}tEVJ8_
zEMPF)7!O7Dqm{`i)Da5_TL#eqh|jP!4AIlG-l|~J!d{I1%ODoycrEwKSyO^@abpYf
zODdSrXbsT3$oVCEEyH-@$AW{926#i3s}w80drmb?7OD`l3z7Ho@WgbHB6KGEr;ZW=
zF%HS^bYX3hlE!R1F>J|T8hyRYz$`6Z0s<;KX<n^GVg&;z?7QRV6dOOq38L*S0n7BL
z+dC_r#ci{Q15xeo<HEqZ0w%%zfq-yB<Zyh_s2)ZTa)x&IIqKXBCwiPQ)0?{fkUURF
zkHkK+&KIXQyXi&jT7(eTPpF`KVpiIDDqH*A3m?KPSX@qC<c=OeCEjO##tR=0GnHU?
z#&rpNOY*8Ho=3q8-_3^#mL;=Ovabl0z7RlIlnJ0iR}6>_fp_hMHI<E3K4@f}n>>`i
zzd*#+9L!ZYiBz~cW7V_dJ18@$9}#MDvW^Jz?vhQw`@Tj-<QDM8qAK+5x5aKjW})yP
zVUK;a1Zq#06giDx02n#*uJ;A}QbeX9Nb&~?=|6xWTTIW~g%st~QcLNf)v~;T7nJ%t
zcyZk_12W3#_sRxSYt>m|Cl4wjFtv~B#`bW<v%6Pf_CB;>lu{E%!*-D4_936OolcA6
zNqBxdMHVLgBM3*b!iZ*r4HPtl235WN`QeOztL4Ifc239|aX16+d{+dEmD4aIr<az|
z_h07xrzg>!wWzX{Ws&dJda_*osaC%Cxfg4meKwmfg_v-~IIWTyGB$*zBOT7JpPrQd
zk@=SGfAD_&qA>nEVCRV7?L!}j_$4jrJ5fr;)|<MaqeOwd=n8uM(B@?SO>A3;wbFE`
zBrJuxDNOIkrbT@J&Us5yh1-MKU1+O>zJ2gP;cbSBs)bhyRv!b~cAPT~Af5n28^A@(
zM4t`J`if+vl1zsk@(`lr(tl_XKO#(efSXB;LN~>EH(;1#KitGbMg3DoIXJ2dt=MXp
z6WiK*5><2<H{F)ko-`RiJB_n$FLlmTUcO)IN|co4SZoZ4#t$J}xRo{Yx)0~WRexd*
zdV4v7RT9JkkW~-jGz(hwSIK0!fR(lP)=C<c3xfkbqmu8F$uygt`$_x3AU*7%hO9H^
z*K4{+@(-dR7NJKBfLBHd@LVj=r7#fEhIC@xkA;2h+d-qjT5It3Ek~LwEYVL7OYN@`
zj=Y3O{ZCrv&GhL-EP@{}SEkZgK2+w~OYZb;zE@BljGgYmR^VkT_zJt+m{q&V4-gx0
z1{kW>Z`*%@D$?jIr;BY^rTYo2YXS|KE*3PV!p<}J{sxdbNcBQ(NBx>dxKW+dE_)bk
zpl)yAkja4I4i@V0v{x!l+n)1r!JF`QUq!80t4u4{(mp)RlZu}PtJ#6yF3NTPz%hiI
z0bE~L?~e4Fay3cb1PwfZ3qS%iM(+&8JgLX;;T!Sq%6#HGg{bdG#YgCG;=yEOnA8yI
zjvd%@*3CcIs0+m3oz&&h9sHgKJ$<px)0I9j*&})-*+p=B8^MKbYwM?Tc%ld6U>5EQ
z#m4P4`tEq?YwCkP<Vm~ge$J+i6ze;*NW@XQ%XfC>F|o#;<ahW_75h%C3wL#s%ir8u
zKa$7Az;Y4@JPynP-~iY+RcxU429fVezM+BZ=!FN?EMHLH`U?WJSYPNtzAlp0*{)fI
z2egxs#&5S_HPfuc7Hl>R#pS6>dT+y13!ekZ!8n~ae{HEQr6Lq3Kb1^Ty4p0|G9okX
zP+Jd`FQubOA*2ffiOOX^WMyEb_%B+fVMU|}ZC5E{1phH!@!__?FRAvFS(c-xV+{nF
z?L_b6?d?Y`MvK$?=PC3_Hfc!EJ%&$s4OJ&$UW!)Tuf%Z@YXEN_#Dc0zr%BO@YsMtz
z4yCD^Yi7*_KU_&%MhPx3VH<|~PBe;VX2;w83{Gf$A^kr&VSyqL_N7J)-3Ac`XAm@o
zcV-RhwS!Hpb4CXq>9MXgX}zrX4${_w%rDRi?)e7Pjc4f-@hPp1Q;MAna7swUvyLFl
zdzLkZ*}TdfAuiM7>&!N9UMvb-2DrgEH<P_qjXh$&7%Q^YkbE(u{rb7ViWefYq_YPM
zZDo~K#@-iK$XF5lM*#R_8yK?MQtqbXI_}Ukuj2z_-<k(6s$R>8)KWUyphoEa1VbHw
zj$HmdNqD(I6F-6^<V2Xzw!m37?w8WvfHodN57qFW->eNX6)rnn@&!m>u$-GZbO~c6
z8Qpe=p$}t$Q(^h?a;IkIULS+%pOCjxl>nZ|BZ%QkAsffABW>R>PxpgzBd(7TrZOPh
zmI)bY3~&M)AdG8JICPj8`lbB)bt9Uq0>L6A6LT-BN;HE|Cw`xcLwgZ712Ybs*?2ee
z*~?y$f#Ve<kFnb1Z>?2i`a*FJ8(B^vzSqV;I{)-U1K*bd!P1TI(&Rj3tdz5;4Yy2m
z%7zD!Ux5{1l_>Vl$q>9WNT?&f0qRh=+d0!?Gjt9hV7QrKg8^d-1mtnh6{v3$7P@I+
zl%ymL4A?Z07q2mX-}^*O>P7eyzubG>tqpnum3G8hiuGZ}@3ZW?EBF%Nd%1XaS6FY8
z2vO8ZEHLTxC<F<7i4qp^w$f%<F)Q0e>dDG+=Iz#*#nu(26%0IL4<DzVhsq?PB)LN-
z)$K3(f${}zApitMgK3$!ikF#bQ#cZ0T+D>lC|ti;-*XJfXkqMXR3M@wUrIudc5sC8
z;JFKk8HfSrha}_@q6|jRyFloNB516<c6<H0(ZP<m{-LG`a}zhj$hh3kSCZ%TWi=v{
z$(&G(99r?n8&?b<jT{`zgatqysP@sHE%5JHN{ag4;*$0ymFK6|O6pjre&Kce{;kwF
z(eN<7VMHZxvKgERMf;@O`ShjpNx9?cvx?YA65H!f@ywD$Xo#%*)~7JzO8{__;N|-U
znNNzCWGtD2@?m@#8$nOhlhI$fzI2E{_zG{xZx8l^eJCbvD-sm6E+=LixbZekFb`(;
z>4=~dq<KsoEkTBx)@bb5oiH*lY4=i(DCe5r5nT}WhJX2&v^T3WU#yC*vw!}cVP4y(
z7D;8u3L?*{sM(k~e@g!uFtHVpWGam)B}Juni-qh^=yJI2wCGOR2Zz2Qh5@8ogx#3i
zVSD`zz<|fk-h8qoxr&=_v&#L#9HrWd)lk)KB0@6_(*jeN{$fjhF~Q&)%!R1&+PcOH
zOl%R3iKsb|_s3ZMIo;Pc0+0_%?65Q0`Kutq^@GrZTXhoc)_bta;Y+wjWoFw$F;m5h
z-{`MDVaU#UAn}}_eD*KlgEQK~N%thfG(%hA*{kglhcYG!k&HuwK+Dt^=2^rc42kD4
zugv6O)Eg3w7iy$0Sko(jL#l~7ZJS5?skOsU88IrXvidfOCoffy`5R!IopNvdwctCk
zv9hN?Gk@2?f!WO=e3qfhw%FJQg1!9?6qFjwFG9{fB|meIk;X+1`eJ1|$b0G7{8<QS
zJ-X5mcKTy{w)ZJHV<I%gP1!yU)mNd8?V7rl6BkjB0Rl|powvELF@zLIgq3b2zXBSF
z!j?bch=(Te-U`t2_E9(_L6^#X{e0b6iN#7hZ9I$fdBCbg?Z#OJ*m$crwLN0S)&cX*
zSTu)26|i|d_a!|rvBs|5P=}5_rvqxoj8p+p0*yi$0xkGtkYEiX<Vb<^8YS8rg3TbC
z3`EhdhUG2@R&Xs~Dl%Ql{OTq-(=4qq`@u2aAl6@DZyhqIcN=%beDQOnaBR(yD|5R^
z;}HH!meIFnMkMqrP-Aapf@i|?nbXB(?AugyX?}I_6~lbMJfl^>BL9zFj0o*3$+AoJ
zP!gJ-_X9#H-9L8q*_(cqPVzIC8N4_P51;KgUOw{^c7GQmK6LA$)^6S#BF!B@Iu7WT
z97BIuo#NhBz~_%ry02zuQB4O0{3QGX%=Xvl90Ujw{0H6kui?4>7@fPkLSacN6lqi$
znETJsIg~qJu3)d4E1liu5v%Agn0fR9TK|`Wu_beFFLwDo1S*F>)cGwFz9Q!;LoB1g
zlv<<wKVQagU)BGyyKMc6_lSanZ!E512SHXqheYxj76lu+!4Jp(l+BrwUrNhxQ$g|Z
z<>}#KtIz*`ICP-$%?JTTJc0xeqwqG=WuQKMF@`1&q{wwb;R_+O>=zW*mZb_Tz?~d2
zk3#D;RcRDwFH0i+_WD}90~_cA2nT!Sp-k-^zQ?g>mxpkr-SwR9`YA0-6&va81t(s(
z!x{K!euUIuw|`&>0Z7Nh)Y)6)Iy1G29)nK6<l>7r{uR@NXhLV>PAoAnpO7oRGR&98
z^o`ZFmkSTruay|B!h%x3*$_-)W~u>38Mw7r$3xxNi$wIZu?Ogn`OZzwrb*-C19PAU
zF`#K8eVEd>*$Kc9j#uMc4H}9=sn88rDN9~dA@9p4hTm6(20ta^1BscwzN!BYeRQ8p
zglHnUMo{>w^|Zte^%6>s3hj7W+sIjzJvA~_Der=sk0uw<q~sA{vEhpC5~Y2#V1iPG
z<=#SNfyG#Z4AKc}U?RZdMH^F`3^Wc-2eu%UiS27<1Mh?g(@U(~MEZ86syL7+6@^cz
z>;Z2I6F*JiNH}#S6AAla&P>%M?%r1)Xs*~WRjJspb|9dQtvMHEQ7mNvr}(z#?%BE3
zC6gLe7jWn*Y#jrmVU-??RH#7T4J_csEn&qI9VdooCP@ss1N1({>xw^@#zPLS;6Sqg
zsHkS(ie^~=7z<~#KwU)T$&+DZdF*Xhss139KoB9%)F7mz>h(BvlTiOnnj<QOh&)+?
zM}o5kYzZnHHF#pVY!|{$Qp8llaVcPt_|V#|NabyYSp3phI@oN+4aI8G?^1g!aaIh-
zY^1vaX*idSZq}^o@0{cBYrGg}XDH+#BNK&KXl^0_g<v@DiunzHoKWTX0VWu7xEd0)
z#q_340a>q~#}VwkL)z?WjOsW^l!cxiU!<Wf9vbM*hRGRPPf+MKkWv|pvhR#qQ5v5&
zOcRq3%tG$mrWWrMGEeVd`H@FSgTADQe?GZjcBmsb86&O%cA}&ZZRktPvaEusOH*C>
zE+R8I3MR0+i!X#Bg#1m>gNunqv0fqFM*l^=^N<_+D3YAc2o0ba=G6hD&u;QSVIB(E
z0fcL#5Y2YkE2X#+(zft60yRC^-FG3J0qBMA+k>o14z%acWv+s-ZLvR@j(&AU*(h8I
zk(CLQd1vPbX8GJUSM6w-QBIPXZOhEm-*uxcW1$5WpwLB{mkO_9(zSJDxr4YSb+Ctt
zg9O8K$6FH{kEwF2{_t#^YPDf-CVaIUuqDmK1cbl@l6Ode>Aj+Cw1CDA0}WX`G+Ac!
zV2KKaL=u7VADFXuJLgTVtVD?vVH&nTx&UX|60-VL{0=gDKTxPibwwD)O7N^jBy%Ba
zd<(Z<2po<15hP7n+;+Tqh4f1)a^z1oiIt=80GA_6{s9v@nA{5EgFrVg`yk*xU9k%E
zt4JgUAE32cITIO;T9Oa*D3*SX_aj6!LOawXX+a8vASwBEFt9+61@I^e3ney40D;?v
zEE0Z!E}1$@>sc*vvHi$=bBF^O4{bYtS*SrYTR@8L*K5f$Q=Eo^)hRA5SclL-j2jDC
z!Lq$f)+KE1FHSvZ9Kd$qj|A}$k788#Z+*bevQPp6r1qpDL?u2t*EK_-p=cP*Xk&RM
z(?IJ&dP(a-Ac%uZb(9wpd>JMB9=;KZzrY!jwzyi*7=yF{4n>4eBs3O^K|>6flLk;@
z*5q335eSw_rvstjc7mYA2!aELp({{fp{wG>7n9IRMLXku`fBA5iG4eLf2J!>JixD&
z9|p%&3loX`9=*goakvEHGoxN_e=r{&p3fZHm&P2_zP`UNoo}@vmIy!0zD3;49W)C*
zQGNfJu0IBCa;P>oMirLP$0It8QYr-?5wuIe5Af1QB14%9ZW%>5Z%-V6Lus}I5b#!>
zX@m}s_hDf{IwnWNV6+{?q{c7Z|41*Sh4X_U+pcTc2_h;&71`0m5nW_Ms6#6Jpn9xu
zhVq6a0^?1xqlT!eMrpe98^8%Z3qcCf!hHmgVJH&02|fI|3@!-#&<%9I#ANo1v2$wX
z3645Q0&z4$JJ@+ftugMRq+;*HfYPk!;ZS_k{thyfK(XWw%oUs^d=h)Hf;0-I59^=e
z4XS0$zA>xmkxV1Hr|3l%{(zRo8;6wC(&&-T6aiNi<!eWrQjVC50Tcw>03M-8hBBGE
z`H^*;HmnWN{ZaF8jh{J<im-31&Dr3*7=(iL28z#RBuTLDyM+`mK<>>F3}TQZ7<PKR
zwov@JVGbqI`HiWi)u8&W@tK-wv7~W$9AQIo_|0{3g8%kVm;iDAirEl%Mt1rmIFnrJ
zRpOla#}ZA*=7&I3rCc$ZqNpV<xI(1e*K(Ht^^U&E4al!hIDl6af^MzkG1Nt3<IpIe
zv?0Q3vt~LuU{oF`qL4XSMj4?3;@+9b;WAr+oRb|leT<>OaWoX=isx~)oXO%R)|6L4
zp?T?DEboL@!JvUfj0oH&Qa{I`rY^%ogExd9V_@dMBSeV`9D<gxdO2dcfZQs}9jMwa
z5NR4B@kuy^zuDwL3>QZC;q|DcOxR8p$3}h6^hcQ5mC`m<vniyjJg44zF5-M3%PD#|
zl1w^8@YNJ9Kizk$D$JEs{85qyzJUwlo*Mr(dczQmvA~PD)Ass9WJ;;@P9iu&3>B3|
zjwoRc9y7?uiKAS2-^E+_Hgp_L$*mf(drNl1$3M-DOGO?Mw4q2au#kg2(mp?v&=^$?
zfFXrF6gU681S6KheS*`iMNzC@7`|)M7lK)4qgf%5$tJD<Z^~(bAyI^KaBCN!ifuLY
z85X%@La?F(v62n|H&B1`(E*5IA4viyx?D1;5NSz<S;&1WA()Q9@+o~4qU1ZEdgV+v
zfbi`^r;uK_3;sN51hy2f{j4pdg<w-`wKt$LCX4D0C~sjDur-_Fo6<-p%CKT*wJX5L
z4OD4|i71yW%a<v5FS-Jl50o5;*8o}%CRKAfE0Jp2N-&C(!664muOLgvTUWSC^xtJy
zf?bv}>mW%d+r0sm0LD{~S|0L<GyZMk7oHKT&#)e*1ZMLI+JKi*LcfZqay+ZhwOccA
zX*~7#9XUq%xV{{om%?>|2deMas9@_Vow-b<Rh%I%`?lU5>s9PmzR7L3(tt1T8N#W?
z);OyWN!gIyBJx$;_gJU<GxAUTJGEWFI5}CyP<o_3TpY?ux**pdY$k*Tw1}dCkx-3W
zKa}X{oZ)>Gu%`h+<`Rij1-A+u3@fRkq;x^nK07Fwv@#yRzLEj*CGKkrztPYI{7+O&
z$$<@UeqT4YNaC$RfWm7iNo^!!vVxg(fkTz<oE3pcY03zBxB_fm=9d#Yi9rkGMVY6D
zH_VQS%$Jh`^AV>O!lg6(ga*9SF;M!QpGbF7hN#2EWdn7QD>T$UuHX)X`B_Y%Tmo<Y
zOU9oB$_PO%qt-ov3K-QSr`YIJMKo{gW8}gb6Ikt$wUZgKKQx1N_~|l3{J1CtDU4hq
z&>=lv4dJb!+UDuBy~U1CSUW%_c-G|veA1-T{S0*?p{A23Ym6ue1R=9lt5nDh2)g<2
zq-xS_fV?@E$096Z62bKh3n7Fsc+8?3@9%XfL}W->`2aSqQO-Ql+Kw%F0G_<L;yghC
zAFtc1<GuN@@&sj~H2cE|TXZYDCpdqmh~EGnju#_{zZ29zAvYxsMjL1xz<CdRnbU)Y
zF39>TlQ?nQL1rkyo-<eXkxp0@)CeUcLTwax*z6y9|0RB|#)sLuDprI{__At#LK+Ik
z7=ny}$^-yGMKFssOplW(Lq-^i3H@kAM8IPbj&<gl?O~6C7hhnt4-?ei>%KFDz%o9p
zA!8g@39T;9@jjPAA0(PYf-kn^%<{(i<A7X5SY~I|lUhb$1}mjLY2WW#tUM)sNo>fw
zNcf4Ec!cfhTFNsPD*5b8FEzuCcrk-i1j+P6G62_3usgQlHFprueZx>Dwj(C_<HUtZ
zBFMWm{sskUHT1?O5-1p3OL0~p2^e$QVgUdV2@frlIwRziF~Ucs%!jBbI4(f+2BIcR
z8XHW`C4Q`EQ;~=)CTw6+&F9)mq*4fG3VLzj0aw4Hc$#prMpws^)p3Tkt!84tKy^$j
zrc}5tF5ygqI^hZYy7D+QkmoQIua3mwL{XrtnvI-9Zlkr?r33&>m)@>(=ot}FO)M%w
z11f=OK(YY07S%kg{DzhOuB6s}j2*|;TY!(fnm7uKVIU$j=sS91GOo>jII~QxU@a_#
zXmp6UHrk`J0ZakFH~_w9iO4;zvnl@Dg-(FTbE=Aquj#0id_7dx8h#ZSu-36^hK)vp
zT4g~<t@v|4seiu(*xdO8utu|R0g50%QPS*#3f$-<zIf_{ghj|3&cL-+l&ro?Kd2vw
zrtmH)k`3<?udW+f1R6N>z!3Nm)(-ZYVsNEjIHD<>p4=%KiYN#Ej{lF*75D)ZR9l?i
z06NaS(-BAuyz(n>U!kKltU+#$P3@SN)KYm`?Hc55;UzkC!#2!#s8R7(K9Ege5JE2U
zr`+-&>_9Ig>}Cp@90Cm6q-Rl;rl1@KV5%0pDu=8XxyxBdLu_S}G3WOZl~;_TE*4T7
zt%^+SC@7>*6=1<Orb%aFmIe<hjiMVlw9K1f$7-OoDui{s?0bb2H7}Sae6&`O3w=jg
z!(@zsS}2Ou__bV`l8o||#k9~k_9e}Ggf|<Y5hN@p1zK!L=%1T#($xKDn;s^D-cp!j
zceYSWVWB)E4GE|6i1D!7q$ay2syL$N#FON>cbJt$1oe-s&hC=Vg6SXP+<^;A9bEBJ
zCsxZ9f|wcw#X<UIvRtAa#@Pr!Ub6U)tt7jA5r}#Sh<aK$wHE3kSynNq3!EGjq-5K~
zV;tn4Ua&5K`;oPSIMUP1=6wB_#oj1E*aV1l-S6A>o$65Ml+fACH)fY{*y4cjrZl3<
zA%+8Zfwm%?HN1GEWAF}B3qf*1N=d;B6i-bE$>iiw2XIy&x{`RIRUtSK92=8ZDUxNW
z)rYJVL*;8lZ0sS*X-ENR#iXJS{`k9Ji!g9zHPL9Cm%CE2Oht|`0So#2T9GnL;i7>O
zrYw@8RlgF2x81XSoUz%}fTg12^FcPKBE0yh!E~&+xnXs16}=8uxkm5=Yw=}gN+9RY
z0;0I6(>5R>QGIfhcjj(bwn^GC{X)fqb}AwyyESDhH0Uy#yJJwgz!X4CHWOGPB@d|)
zn4=NIYp1`fQQ9%G!Q9c00(K3of*eZJ4l4D2E-HX(&J2O8R6%7~PK+cIY&g~c;k<XQ
zNC2UHvBFc5Fyy*~A~nW6L4Nv}Y2n-C;L`u&B;bdvh<E2Zy%!&6$Ufa6v&NM`bWD5F
zxM7<DMe{(S3F^??Hfzwhc@5f#IASfvft(10QfPHHymMl?-|PU&WC?^Zj9!vsX(pHX
zzGdH381XlumB^KuH^8uMo^*RMs1fRk<D*Hc9SyoPF9grR3@??C!niQ^BWTVB>wa<?
z)0{0brfq}J`ik<<MN7H?0Kj|@kr>MO)LBd1RBzbhNq0K+vvXS4NO!a~!gw?b)g&Bh
zUvVBB2yO+SFm%mjvVh;&wF3i<$wDHZSQ{1%9*t;z?0t?`ha8V#8)s3zv;U}j(FrHL
zIh-U%2=HQZ;N|J+*51cK%S5gX76Nt>IL%aqB^kJAvXF&%!uDr!03)uQPQsaH1>)jE
zHB5=RkRRhQe>_RxGO&Xy{Nh~_E^}k!KDIH8<D0-Y1_!?NvnIz6YfT#5$pqb;OC>9G
zGzuG(AR$idgDG(-QaWEXVY&l)>;!J!eVfGj(x{j86hIC(+nPbUNuf~+_ajH%V2tF}
z3OmUa%{CIYo4iA7y%nR2N)*aCm!ULS?$_Efp35}aLoaQC36sI(B*`BBr581>aHKp^
zFmcbs>OcmmCq^e&oCQZ_2z{Pddr@z{C}PYufGTjIT8Od&LN|g(a*rjton#3rtNN*_
zg2H-Ta6UcT&sI_Df!=t2fc{HP2$or;uQB>5C?x8MT{T9=9eaQkqa4ix!f6M&D($_d
zbSNRg2aeoYn4ql^|2pa?a;DF2>F78%B+y?xmd1L1{sv?|xs${D_w$~)x6-HY0&4BJ
zwq`$AIvnAx5i?b4eT2axHP8qc4;Mq>M^--leu_spOow5CVBP^itP_5xjMry@vP4fR
zk#vR+nEhVz-F@c--t{Q1lqVa-iN4#K9IEb^;dmu3Xo|EUAq&EqV$K}X_C9p}+mmGF
zebB?JSe=&9FvS_XPUMsO5_;*X(?{|jB9D=(O2N<Q_8QPyFA{4q5o&$T-iyz9p#wQ4
z4T92pl<%tdddts_pZ9+QJ`uep6(R(jP@C!0a&K*~1SP2>m9hYx<uqx|CX49uMBH!J
z97(IM$YQ^JpeDL{&59^03wi_MD8`3DE4Ci9ryk}NqpKX?RjUs0Zb8h0BMyJ?d>6lX
zP4{uy{#Vr9Q4~#gk)!J&RktK>MAuSjb?;Uti$v;Id*KPp&oxHzF~q@7zX68qUPC|n
zD1`6XThRNOC(AACIHhk#y5I!^6-iK`org)@M|Up%23)5L8tEHz56`Nm%Y?%Y{|3|p
z8jyaP>Ic=377Iu@;b=>Dh@w)cOh5*zv1cvgeW`n%eHnYhbo#Z1%M|iG&MVGDLV0@6
zZ1KVKZH~iGog#ezh*t#QSY{ud*@Mp$M6P?@J~?90%_tpqUEry1Fj+fbWbHdxO*=x+
zKnp2+vrqg(O7T_*gEH2Fpj%IF?WGsmzhmXsp-QN+B-9NpNrqG`U|{%s1|y~~dH+zK
z*eZvgp|V04^r2gj(h6Em-7s|H6qOh^m4Ab9$2GJP@lRu!SZw$FXfgj;5t({rr-AFk
z(T@NH;yX+_9uJjqYa@FfK7Vam27}o-&ANEbpBoE!DJ9ilX2i7h1~Kr4m<Vn&X>s82
z^4aBQ;DQTX%7GegsD3TKQ2k`zX6zPGR&#iEH+BI;Q-vz;D&%|k-vH=W{z0gK4bD!g
zSrhaFYRc<~p{|Y>Wgh9gD6T`{C-T=Hn$O~_0@+|FXYUm7F**ED32HnH7!q%jL^GAn
zStdHU68i!lkVq3W9#(wZhRJ2jI$mP|dA5Bo2Ui`>Uh!tf2CIVF`@IQ>IWNJ>4{$?z
z-w^vtXfNYCME$2Pp{!6&*WzXZ37=U`Gqkrl1*8ZkkH-kVPtAFqKcUppC!fLT|MH$(
z_)sp~S2-F)+2Q{+<s0(&=kd1LO)n*9cHToDw-PqNmAF!uxhX1@)7)q#^`^HTYW~7G
z#E-9Pb!FPB%d+@L<$Suo0c!jSk5f=*)yG+zcMrU)@N4`Oh~%9)OG1~*tFMjB{=dco
zU`y&!L3P{pBM$sp(Y|G~0hhvW!`AGmZ_6$LflzNaT5l_vzJY1IEo}mV07F8NprWB;
zvT~wek+QIHU~q|$v5TsZQy2#({=H5c5C{Xf`lcGU`2T{UnV-O=N({-G+NUzLlw<Qm
zbnqt5X7LCv1MxhpV^BQXV+1&RAq4+VqTu3Chfg(o`3aX&_g%?lpD^8;&J(=2W4^ZK
zUtiAv{(o`;mZ9U?dq`6D%LL<JEv5GoSfbv=on58aDeFJB{orc3UUQd`JQTXAlrz_z
zf7k2KHD5DfK`$|7+f@ncFxXV1yD4Wf6=#Ra)LJ|nNhzb_z=(yur#3>3<yz2A+ooB$
z%!9yaim>v4l6>P2C1K8#rJ&dTRX5Z6K-K}ojwlu#KEKy6ZO?{};FBL!3Cl+QwY6=^
zvXpC24WE*HeQ%T(YBNEcG+DwCvF+N=#s9JB#M~$QfCsmZuSQHaLy~2^K6XV_e&mdj
z=a#xqK5%VSjtMh|A&L#-C2q)+FuCILP%HD@JhttSJiTv}hf`a4O(}cQc<iIW1}6Qr
zxEj+bJw=w<c<#IS$~!E1(>0Wx>E?F&C9|;vv(%{^GFmn5iO%3wUJnbh*V>dUN=1vy
zb;MQkbhN{^Nycj%w;!nyRx2`<(KnjuH|B333w4HDbf47Jg$~{Al2-WiJkKlzrZU$$
zlvmgcd9edL4XnHp$~FmQIZn%~_ofnJloG2fX^3M89bHUkdeft>vL&n?3fbz4B|h4d
zt=`V$E9}U1#bMcIIaF7mRc$8bv-MMuT5)})G|iR?vB6vXj*rVfWto|y5S7SUwS-pY
zu-7s5!>x(OqN8-WD@=!zp)#h;l1xlp(!qoiUVd^s(}Gs*kQY*igRpv>tVn)_GR9|B
zQ$88LFS=cqnsRHP_Tvw_Ca=t{s`R{Uwu@$bDdsH>oh5@WT@L$<HQ|H3>dK3f{&l5g
z`bqfA-Vs@tvq{SO>lD$)){_}D+?u@I_|(XWQ=SC2d`0ak{_^@Zckh;w@bo9iQxGIv
zD3L}n@e#&q%d@aF$_*k^9lzPlZpOjWhv6cWo*X+KAjr|Uf88~jNvx84ber3f&jJ$2
z;~kSJx>f2h=*ZUB<bW)Km$8cc>~$qHWr`bpdO_-VZG%<5*WV(G!*sKtZh4o!NH)a5
z)UI;BqsJA?wbc)~8t;DU`oTZ^f&2Uu+hRJ#^U8f{3ch7Dg2cSE+G*)nW9$znwXqCP
zTKYG!eX~x2F@omji5pu2F8u)f-t2Pn;g4?jU#j%jkiqfEZQ(o0;lGZvDxa6NMm5sj
zAH6BT%W-eZIr=uU`9#6kYIJgQ)QCGAU9@Jti#!wjZWE31d8XD>!-PERbNxHiLvtc&
zl|rTY86#c1BGG($tn4+@W|;>dok@Am&tG3i$bBXoTk<Q9rh2CxaQgfn@}i*Z;wopH
z#$tF=#4F|WL{Yu6&?3ht^Flvvf+Zvf9NO2^G^SX0n$p+*>n!;d!smsNjgZwY@0i~X
z>gcBIcEHhhm}z36^HvKE!o;dAWAzc0apl`xOPk#irPlxa*>6DcKNS`5OQ8F7bS~!M
zi}xdHL4zYN(P*7-S$Jj&k!dc47e?lHo|RXGn7;11<{s&XdtAiQcB}ZW<jmXumb!_s
zRHES~1(`H>KUMyH9bs{#w<pF_>|PwNlk;;aH=o&J7HpQH$Jf@5N`1~N6Rvt+vWxQ{
zH5aHa$51wr$0<%Cj&)?&YRQ|1wn8q{R{<n>jXHATs^4WPWvkui+d1Cle8*i)DAYId
zWO`z4F@3q&Y>1dCpe>v#lTDvbMk<XUn|83NO~0A`7^Wp>D}G|KR&ib0(T)!HEpnz1
z#iU&mmXZ3~zvt?`UpfAnA}S`MaX}oeKC#<L&Gsqz73Epy4olWOtKsmQKQb=j8oPeS
zg~nJGdcvpkgDp$0SfgG$pV2b%(Fop8Fo(C~IkWLjVrV5i!D>eNI*{L%z5iD%zDp$|
zrF9ZlFDO~*#s_ugNSeElU^A5M);l(N{l1Cm^}Orz74ga)QSpM$&tD0uCxU(-q$}=-
zdJhfm&8$bB4to;rb?}f2Le};W>U+x-sed$#8a<dEzoAO%Tdn_lYkO;CB~eK2+`yYm
zGe)qq5e%-F)qNrhYh|YQ*N|yc>@~6H4Qn{W8p_l|FgRwb%2m(e|4KGbs`wunOp__6
zY>m*@{<(_FNv~7nqPHl%`X*@)3&$ld9yn94rv^M*KVqM}|7pYOS)N!q_Jr%&*pVyI
zl_*y?ajndpl!#v|^EUs_3vVt=CqQnWUX8<8CYr6GM3Sm|{ZC~Wn%tY(j0PCkTN0~L
zeUxwRVf#F~`BC^q9hgNCzHkOMFS=dM_>j5A>i<|z{*o>gazt|9F+_h+IWPO`lr`gJ
zrOTyn8TbDGR2;-~GaKK!j(BhuVu$LUWW8~Yo#CHykL5|&jozPhmv=Yxc#rn<B|}#-
z7qPTsV-c)#d*WWd%8-%T_nXj-+t!|*CGQCtO#o-jZDccT!K-v+(izvH8dH~*W?YA|
zdNy`cd|7Yl1^SYazzO4AV{c4pJk1Z}iruHbP~ppy=+5r2D&Xb0Vrjmbmn5A`>3OfR
zdIk__b8U%5CR`mPjHR=-)b@O6($Zb88;R-uc|Dl@p*{no^M@h9w<umxQ;Ebc7p%ND
z1!pU6(JC=qii+zm&=}cvqbR?5-?WTYIZZ95(Y7R~s3nP}PAfkAY?1zTkA-I%i5()g
z|BnZf7uSZ3Lmg9h=~Sj&p>`7??_UnI4O+}Qim|x&!M-8%aRe@z1eVaaL2P+lgX8<?
z9?f+6REJ~=(us1)xIv@F|8W2IfJ!7C_?5QEV&~}`d9x~}?|vmk^LN~sm6pqVt;-ga
z(bmDBq)b1tE)#9#&R;XL`RS9GD;OOPEAN;*Ir^;=jVlYWOi;lmF^fx3L)~S})}aX=
zEaO6<Sdg4sCaAoYYX()tTj^@iZNuqUt#lpf#PHt<H!JSoUkYJo?J4YO{F_>(xGKW0
zNB=u561Pa1n_y{8mz#Rm&K|alXMaPobL0Kv#rKH+$M<(6($e-llEdG;e`9vUa}54X
z{~uZZ!z*&;s1On_Na{QFX48m}-0DVigFVN>h&{)NZFiJS5M;u$Dc0~&k3@w*?sP1b
zi3>b0v~Ug%9<s;+4G}{}IDfUQa6@${<4ONGBz#4*=hj#}MP=#DMVokSFS<V-lBD&?
zHuE$OXY`9K27P(bZ$Q%~IhH!Do>e#v5zeK5WOjps#}}jqrie&AZ1Lf`aeB-?87<Dl
z61or)5lz8ezN+3uLM4s`cMhKTzFYq?6I5!!E64P^-+&meUXcr}%O^^|q;M`H3R6s)
zM{?}3b(q4pUrmMGuBr)nA;+L7n*7kRLT1CMS&oy;VWt_>F7Ei6C$5KBHAQ2_SN!+*
z4w+|^Flgk%c>`@H#rmeloYHmU1-h-YawVOHl8*?Vuqfy{hSy1D#lD(5X-rhPD2r51
z;J4@fa9r4j>uCRwHWUIXO_AsO;D?ZGylx?~C;m=TYoYtv0289nYgB04kX)%R`f^Em
z_mEIf7@Jk^{ui&b-<alLqt(87Nq+q`*Zf7bDNfO+j4LaYW>+iJk3t|W7rfD{pHC3(
zcP_8A4ykUhpc94<j+94n4?57-tcgDR^Bjw3d^F;07qvEHecBPvQsK*s<D6gNpL53=
zAMwRkKA7cr5)G9Xzc}qZTydSf7pNF}_21Y1!B2?|$3)CH6Mk!N8BH`(I~qaIM*bL6
z(RhJ&EA><p@`%&-l5H7sMAwZ$n)$HQvbR+u{u+T3`)IH6(Ieb(jvmQ{Uopy^YcbqU
z(ZzJKDN(UqFGe(6R{gAP9(E=Fn5k&2M}7|fya{>V^f%z%CL6h+>Qp7%Y)f}O!M_pt
z*Fq{!Zgk^lHACb=)ZL9u2_C_G<XC+62>(mig7!m{5BY~B(dSsB*BN%vTTFv!lxg1|
zx-J(>q`v`<vP1&W)Ec!M8B8kUY#KTZHLH}|FGknY3r74ll(PG)D1W;I<wP<)DXWuW
zY)#MiO|bG#DdysTyX1YbP9#=kRJh6NGkYd{J%JoDf`1)`eIGhe^m_i%bL4C`CvU)q
znJ>Xh71w3&I(s%4dc`GVldygz_s6)?I}H8?5Wj*;Ng;pG9cFhV_&XX~N@ZSuU(scl
z*|LeccaH6Fx$drb;$E3HrGKf}_j=9^>P)1-T1YCDJbqz6l&^7+m(KtXYujnqar99h
z=6#Q$86nx%!B<C{;&NSY9{HZA{A>P&$~>=5E_5IuWfc-^&}}qLzrH?{l)m2AlH>n*
z%_i?RpfdlmRNnr+w42`gHvp?iAt-Ru#4;hpI|cg2iLu0We^WAn55J`%U^fdDdp32g
z%bloiz%lD<skFVWFs-_+z8slSTSNLyc+7GI9L%%#LOaxrQ-5oQy7f*;Y@*S?EM8(>
zl|LO{-DqWgN*0vRxGO`EQ*l<R+E3oh75eRS#Y7>(mX4%rz4)$xgO^H|eK&=5tY1{S
zSG|$rO<05Pt8d+vjO_C&r%N*?c(VfzcvHzwJ`Ps=DrYEGVJIhN(P82%&_NO?c(?K^
z$Uvn6^Al-sYnjTSCVA#!gt^MZhYak;yO5h7&@9yigEg*ni5{uP&`vTU=M`#555zJ8
z5kxWq8H6$d#l$2vO>v|;A7tIMEWlm#?9$KlY{>zbmRMCsJ#~);*h%|LkoudQi|RGs
zPRfm3>wg18``)_c{HTAr;gFEfU=R=p`&Y00ZP|1%D%u;uwW_E|Qeh(*i-?-bz#IxX
zTaehLiYX+y@%zBUqMg5StU*9nVZg7qWmLfbgA;!a9O0@{nMeOW+AuiQ2>DZ_3N?|l
zR36j*KiQ>zw&3ed>|h(+_u;=UUf>p3_)NXLqX1B^g7dUKqAOZxMoX}~>Y{IkL`(3P
zI;+Kc2l-NA%nToXQvq@py&!|vb?9PopAlkW(d9ut-{*J26owNWd(jx;q;*JGi?EQy
zsw~4$=`U8A4zS>=qX;bKJo5;Qc2U)yqDuAHS`*CHtPD=C*kHp;V;eKcJcLn(!l}cz
zGtkh=znxu<E_Y}h(P^2f{8X0BP;F?7Gi;^caVGgG*!3uTcFF3KgdL-m-Kv04a6zkt
zHD+mU6}k9$b*{J)OoTcaS55Z$g<jp;oPE?-3(Kv#(FJ{4?N8(4^hXa!v{`%&v<HOa
zMy@pe4`RWFJGr@0<&BwZ1$-0h3h445PXkq^^fv~Krsoj*5hjCm%ruz}-+*SwSQIFd
zR3(|V?*j;{@N=Wi)Pdo0sypQl=(*Ohv_D@Lx<4KsFXC}nmTru8lS#p$GT}Lhr8fxo
zy?)y|b5)KBDy<#ISc;CN)qg0CRMpiz>$c9-C0{M&E}})jqn<mXh(j^9{+yM%q}G>l
zUF2zZbvN`hqE^hWL#T;wuNF7K^PyQ6HCNRF>RXG14k%X@%P5&QyD&sac#|fEkyw}}
zTA0Z?Mro%J#Q>S*J>58#@?P^S4azt1mirD(6}~K99f%hif5-E?Zp1Bzj%<VlXgF@`
za!3Y7C!E8+)w-t~mhYO6wC@l5$RIU9h%R`h7@ds%Bte>R`L3kxoCwRv?%*!ML_~JA
z&yKjA2oS0Cik5z<jR3W@^$In|_V8&)bZ10RUr|<&Q-ccfMkP4{n-qDzzUZ?$3nFaR
za~g81Z4XAQyqBG_#x!mI5yOuw&w$n$A^syx#;FbqF>FvO<}U;|3q1Z$ez5)JOP?_>
z$o$Cy4gS<z!qwYoTF4(?{Nt@{oLa)J^#}j*R=L+6p<cj?a^PQ_C#^db1_Y79TG@r|
z2)lC?pKRJ32NyszFfUb|3vb9A4no&9XU!FlTO+qSb)fk<4-c6!NUFWh2)_P9p=xBD
zYRkM}>i~h!R#%F!o$j8Z&2K;})Ouu{8^EVb`;4!3H8`U`o7?|oK&0V=-ImjRXZe`l
zFN+C9U4&r(Z30?;sI=~_y2lVJD0R%g%CX;{LapO`j<29?M)0KkdI)Q&XTEyJ{h~!p
z`#?<+>P6-BrJHlJ)I+CLRnD#|%%QZf90iG}3JH^|aoqlG$Q*$kr+uGF$3`$cMb~rv
zrOxKc-xyT3KBCwjo#TYbwMnzB;r#VK!nBK!Qiyd`4m}#{UX^WE>JGd4s@tt^qpf{w
zhxynKZrFasMb`<wU5v<j-M@Y^I*l;)?`zC=q;Z^6D)L9EEA6VE*lMV4D9PDu$Ypz?
zmE{gsmb=iAQY~$X6sfG?`e6Q7!aun%x*5LId;af;K5{(KD!a&8VP-jUJbyTUc+#KW
zeLWApNOdz*z3`NLQx*%*e2xQAH|7yR=>5X)N~`QXyoaCW!|(nyCrPyT=cZsjKVo{6
zmOLPOaMLAf_q@B*-J1QjP^-Ab-C$@k`|aC#j#e6S%be&@med3OOC7;wAE=gNjpI&j
zV{9^`-^Z^^<2ALN^*WpcDH>4{Dre!%U)q_F3KYKKK9F}MrfqSC!?fn6bu{}c^r_}g
z;w)*nyYrbBr=|`}m`mEs3h5w~1W-;(*)m!o5hP0(%q1P_wz|#QJ#6b4Qka+kT)6bH
zm;eTOf0;V7|Aoa+v^zoG-`mHsqjQbfvXubxBlY?D`GtO)X`eI2H=L(u<wE7RP4%?f
zqpMKsajYv6=1=&~rixy5=9{59l+9hZ9(fuu$ysJtzJuZ4k&=inXMv|E@AmEK7jfl)
zc*8P5+q}`*1ku?KhuvtJqW{S~xI!vmvS<vb|KB|*SN;Zck*Fj<GI`OOmM&oQM=HZn
zuX{}H2iTe@T&ru-l(Ymerm6FkXF9F~M7>l7mmxpg{`nPU<d&E(vPCr>;`%Rq6IG|P
zkZOBr!S$)wk$?%EEu?j4(CAc20B>D3C_^%-(-cFp6rp8lGL;U7qNDU76-u^4i)Y@_
z-#B7yHL|1TO<p`I77$BmP_KsyM@{=+FszK-X64!(mmjl*9AW73wY*aAaDB${Z&p0b
zAKNZd?|_X)Q30jH;d#TENWm6Vx&to72b-!uk)UX~5KRD;7c+a;#)A7VJI~3@m`T2z
zF5i6cBA5n46-KqHV0liQ{8NY~R#bZY9a0|o^m#icp?~(bYwn_Jq_Xq8@5ACMl}E)c
zD!$<hb@M4UyU(A0xT-E6*KU#fFq51(9-sSZi%q3CA<bR&TDf;t{J34ZNcx1G=+5o-
zAjDzH>`y7w%ceMtO_;Ng(m_k@tfsVGlAF1Do9bf2_iu1OmOmJSw74jP2}{bb^evF=
z2}yAdC%b`8vn}`~_5<kIXDdn)>3^&3I)Iwoo;@mvfFdObQl&QuN|Po?m!6OWkRlR#
zi8N`_ks2WsDTdxdLc4<Wq9DD95PByRBLWHnSBmnY*L(kW-n;YO{NI~*vNLD1yXX7z
z?b%Ew=eK7MPMX^H<UG`l2Kn^<_D!0Xc_W$yar8Sz6B!iRFDYTyT^PCRkDzR{j+L^@
z6{^X;GheK`(Ia=ny+w;Du|Iy#E-2jO6e`Wv!bRvfI->&VAru<82<r4ZksNvybb_QQ
zC*EsH=~0R0s=bad^R->_T*^14wF|S@nGH`a#M+N*WVql$?@vnIy4ZCa%BmzLH2<cZ
ziB4!)Pb3uxr32^)hi6-{@3Zef__YkES&TOB-4VG8GX$q}ps8(z6HCsb0PY3In(I*a
z!bo<ZWi9FlB%vyrG-rk|P=6@2Ivo_wtw|cJ2stGq{-~|-2MltSoc#QsD9A4ug#OwO
z6a;YPh7=tGx5O_PMD<S?gp}%kf$Zx>5>6A#TIBricBf=h!rBN@eV`B#U7VW0Noo$J
zJJ2JS-J$2|&i|gFN)oPhhTYm_^A>B<)Vv>=-KpbwsD>8n7(WT@@l*W&AsXIhUZz7{
zPj)^fO&uPIuZxNeV`cai&dQnga1V_0Rzbszag+Ikxlt--<wAh6!b6!&Uua|}uDZtB
zK*syvu9}XVhwX%pOxE<i<oVQVd$$v>^)@6U^70KV95@ZulY0EA7_ED;&r7nt(xX{0
z{zh0dcsr;g{%TjOxSWL1L{$QQd2dSFEM~ASpH{wF$9T3}*2x6Zo(%3A%D!kbnl4eb
zX41pI*(^*@c6pFOSx$`?MW$GG3JUhR^AT2SlQQjXBzfL?To#52zX92ot_}sMb~dff
z+g0&Hga|wp??K)$dKa{Zfr&-{CtOWXAM*ApiUXcO5$CB8#eL6~%38^?%0t(+zy!u2
zTFn*w>gv-=v4UP_Z>x{-H^G;{_Y}dr#d8McVf~vv7fm0^H<f$xSM!RM-Y~6A9;lNB
ztxQxOBSyg`{#sDh7#Xp)uMJpurKsVpL=3W%IblU*YG%=H#`fIDYMdpuY0loE_bIPH
zL<eG_6|NU?>&-KUWRbi+4<r7Dns`GVD38Cls|Y)r&s%9l^o`Noc}zCzP#V+Pba!oD
z{)Em8T_mH6t+CYX6E-{A*^IGH?P;c`{kpY=`Rhg_E2G2jb$B3yFQPC;`;sF}96HTq
zVV4|bp4~a_mnz`(f}r$A07kH@7{E9EICH5UTCldR0V@w!|3%bnU#0B=rUqH@ysAE_
zhU99|a;H2<Lx18H`PH2)`%%ah<I1KeK0>@AzM}(PQO@o+Zp~!c0gt}E45aX~$<c7(
z_TKCBBArd@{$K_?c8zqpuS&~ak<hxyU{lbCD_2JNHRAA|Th3W8oXsWp319fc)+DXz
z%bkclzz#l~tgFC!pt<if<dLRP+52vKOjkTgI}UpQdaoWD(O3I~R{*YK+EnEnxF(_z
zM<aV(!`Vp3F1+xW#L{?;z{S{TqaCT3Y1Yx%BvbKtN*kA;bf?72mHh%4vBqEe?Ai9y
zZ?gMryB5|52~{G$1x95#6V&fbUX~qw*R7JEuIAmwa8cL3Z+)uQak;pDO;yyn4#GtI
zFjOQ28*qC)V0Yz{8N1B81Bs$9l<$Ns;`H9eHHfKqZxv#vUKBztZVPwkS`Qld1x*BI
z((}wW_=tBW^6nD72BHSauP8ewxvl_>jFav3pRfr;5sF&fhdH$UCjt{Ys3ZC^J~Cgn
z7v5TR?F$euA8h<>*35k2&91egE<(p>%szxcQhP%S;pcd$f<{M(b+hXve;gk0*Y)~W
zJk@{r@Fr!;c6~uF{h5Rfitfmj^a`YZup%{p%zlpfIgzi3L<KhU&1SvOppX%G&VuG(
zdiBxZO#zqAsKu(9@Dbsj!dLWStlud)b|VafBmeYXRRxx1#LQ*q-C)ArO+z<cd)?_E
zXAZehHL*?+su)y5{IpIvLa(4?nSm~v9%eLX+epnO10~nGgd3pb!!qDIo-aQh<A|>~
zuq?Tw)JFQg=sL;{zQ4Z4-&w5N*~i~+<Ck-$=Kiy|daFowJnK+hKUOqLFD0r#;^pU7
z3&?Embn=0f8F`zD958{4LCVA&Wt?z}hc^ZmXME4Eu%uryX<Bz^`W34P-AoCzmAeb)
zS}!Ib-1Ye7U$-n1(e*S3XYOCJs(hgLl~{Jf_R_&)g);UD!lGn8T7pA4eyPG6HLSKd
z(;F=wwtLj@hr60*s$Qmyh_%6d<X}^4CN`;-k^G4A(UJ$#`flrPsg|f;3hVB9)J9?*
z_i)xTnZ{q1Bprvnx|TleW9XkB;}!A6AI|e#IVD5&Oj)Wgyyt^|OErHOaPlJdSWdxH
zyq9C|uNm^Sp(p6T4H;jLC!8}@ykz=W8vd=$W<fT^=AvdQ&)?-X{Pv12GO;aArMrlU
z^q;0SKSxPK@pO5LUmoqc-4c%$w_8m3uE1sO%@~lC^z;CRX#BL>Ex5V5)%)t2FFtP*
z;a0sRab|x$_SoOtQ@NL&CATrPUSxadqIpYW{q^rtIXQoXC-5X>XX==yG;?k>&Z@c$
zF&vV1Q`tfAp~m64{FvcEK_&Iq8HB<lVSz|A=Mio9#4!+mjmvT>w?4I=_av-6_84vM
zS-JVHt9c;Pb9gJ}LfoKZ#hIj{@69{^mUrO63&wK^yOiezx9t%9%{6LQJ^>K}%5~T5
zCJU6J>AVE6k#(MY+Bt^}>nA^AD7e39v`T;MVC=KgJ;d9fg!7e-Yf33RdJW#Boxfi;
z{d7oYO&mQ_ae$c{7by(CSTboiN>OLerj^&59DcEE|3wnWCmZ*;yRK65LqM+08xqC!
zkY%wSb21z88a8@#f8)YF$Jl|fXzlH+NCmSaZFMJb+9s^qEJ1L6rIUO`L>uivpjA{!
z#L`;HI(1n%VI_heD&9$FaVH&!#wpCQ(s@;W)@Qsboy8nsaecfehT$VEXY8#)zC9&H
zl~gf|<<s3G(`vwTLs58gI-Qe(4wZ+c(X<R-(f1bS9*UjzKzA#467yMKTQ#Q7XQNt`
zEma_UOu8%KFU@%Wr0JaRD!zP%(6!ViD~_UB3I7_4us+-H{FW$>*|oW-(%qSR#TI|R
z+|TP$B?vp@!$5bv#~Kdl`RezXp~G(yG3F9dIYg%SHwAXLfCT+A0n?+)m~H^`)_tjB
zU+M9EgB!1p0^#aO4t$x2GP5QY8tYottb3*3bFxGZ>k^W|w4$)z-p%+BlL|CrS@|4)
zb&2ZgO3-))sk<Y*>ft=x|I%?6=ym_i?uWU!F430R%6OyJL=?kbndRB!K}yOYvDJn8
zl>bSRSNnH^$}A>36<QMmIZN5KM=Pm#)IYM}<)yqA5NY(gm{YP+`yxSXZwv~TZHB_t
zmT18&NBBg!^Y1EV#DuL$bt+DROJU7GwG}PJCT^B50c6#94|Q#{zd$7qV1rau>X2sL
zlc2k!Pt19ktf{yt<lhE*Z!BgkqSlq(`rWieqlUHHOXL~TICsauD2=$Sq|d|G&}bU5
z&<EB1g%l}xmg^a@DsoKJ9d1Htj0l~!*j&@LNCDO(hFKHCy%5!Fji8L<tcD_oGPD?@
zC3D&&X6yd_S4UOXUz*Icr0rXq)K^kWn=6d1>6t*h_s<y(2l|tat`uaoNn88GaOFVp
z<2^PHyxrAJqtz_bO2S=lT~q5rkd+{-9x^Lc9eoAB=)w_~GB+mh<W0*U7IJ-+4Hc2`
zu0X<m^me9`y?3R2Q>mEjcm;zq?zy+b`f%-|l<i$<Izi5BMs}D2R|G3Dvw5OJLU)YZ
z&ZqA<DZRzYQ({WwIJ2*GZexC&ZJu7@+@jM}p|;%8deaBBkjY0$O7E-t*Y^)O2OPvV
zeR)~~<&^qWPRV#Z#`nLSBZ?mDStcv}wm|VNk{Qn)T{o=S{QM?o|Mu)DS)bkaB(cs%
z4-ro&Pt0DmK9Ec^E&Svl7Tziww+QYh&h8X3f8OVtGBKgw;kQdNA44Z4%@0g!@eL$C
zF56GYtJ=EhbN9gQEKxOKr#AqhFxMV)pyjjpU03{o?j+6dYfmq5naHzNQKtG>tQZ!{
zd^r#eE-TDLnXcmP(8Z|@A2-IWs)Hy(oSs%|)%Y>10zyz~vrY@^7qzMt>PV@8_d@DY
z#cG{1PLSO#eWFj4I9fc-13ViUnBZxrWbQ}Q-|@`03HG0X5kjYAqzA*d4zeWJ`XWxr
zR!Ms@eK~^F14@#!>!mL(+|WdW)=lJ{ybhMlMr!YIh`eX{`UeFsM1n1OfZ;iBGo%4f
z@hqE_KZ($ec;zOn-R&^`8tVc45*O(8Ct1pOmK}<^9ZbX3d#J=lMs|}4%}wg2&t?xT
z&`7OELwY)ejbT-TMY5#r>f$F<!e+xCSPK^X)B7$n@<`kww1=663$zO6P3nmsa&>)J
zb=iFtt7Ev|ny}C_CP(W<c@i&TXf^$WRt(uktzpQj{xSuLw^snx^ci_x3Qw@?ioxVm
zgg4ElT`)NiJ-C~a7lY?iCJbF#&6aXt$a=MD!-RAA1h2zg4Y{1pOvDPgzq}>7v3Q)_
z<7h<-_Z~R5=;RcCF=)KT<-Bve9{v$=?>LpyNIrx8?om2%3<of+Y7jL=K2NK_8s&}O
zK@Qk98M`q_c`VOCpBYHXSBn+9*j8L}IO0n!D=<xNi>a&$*wVQ4CBMb&!`ljigyFUu
zLuhVexo2$Ryq#W1t&mf}cjcy%87r7tl@|`@WU<ji&3yI+Qu>jxAT)?6rb`Lg$@HBm
zW&nun+@i@ROlnicEfjIe1>YfxC)1+#!tnR$<TH~g@42d_o6%a?tJDEksy7&yT<`j^
z(Jx((4y|TyddFn<A{^Uz13GC>oxIl$vJ$$Y5S(W^v=IiM)MSjE$%PUmFXKEYPRUXT
zH(&L8$X9P<!Q(l=3GeC{!FLzcJ1X4@%&a+-_t;4Ph2{Uk9?p=C+5Dfd2N3)-#q!Qi
z^x<b_AgK%!33^BYYXJU%w2s0I3V*Cr{Won)eIq^~%Oalfko>!fa-!kt|B2BrImRdg
zRZ71JNdX7=#Y6WFK_ZNfs%{RCBcJ?s!N$*03bfI^)wTh1nBUY=BHl-6>*s&sKJcD?
zM3~June(-UhYS%9%p8@VpSfl&JR!!MLoo*_lJ+fQs?M5o$|?%gWc;dLG~U<7RlT;T
z$D8T4j3X7;q-Ea|i*x2Y6=Q@k+pIR#DWELnrh+V{0ALCAc)F`r^)f75xKCY{y)0@d
zMxkD>setg_uJPt@O=|9=j+qQ_KU-`u!WGnqaAX7D7oxX}h7Z;^kABpYN0y-add77_
z@FhOJ&UuvnbtwbVQ-$ZH)}R~jT=zt7*ciZOVzyR&gtlJFAPh)l(D)VQDtjYOD8LKa
z;3r#-C9Ll+WkOz);h8v!6TX`>zHw(UVMIAQ70<w=>omQG_X=w(d|K(sP&(F?US4E`
zf>3-P>vYe_vafIJQ1C-$N(BkVEJu%uD;lcqUOuikgh;e=?Va&xK>v%5%n^T&{zh^u
zvtZ?JY-{cS{^S6b-;a)`1ODb>VxJMbRP2&U7i2IL;}ct@uAnz`F_OOP4Y`7WGS>yx
z8l}5zVy9$}F1Q@TjTay;54d5$IWzH3YPyldwS%Ih5~!ZaPXbzjom?JM)LAL^8O_$X
z=Q2U=eIcdwTU$NTwuMoR=y1ovCsB_{tJUm-7X*-EuJ$210$iU9&$o^6Gzv#$c{<D0
zs#ja3OW&Z9u8?tqz~3r(NE>uEEFV*Sot!HrbdkxfWE@+kygnu4JJCfxj-9U2P@sJ)
z4^w76DaU^K>45-Z3hi)15cMtU3}v+#L+tH^9CBN<&hK%9W0}pZ+b&<ei5e0EelUv?
z#VUDfyG)$9;OPqGU@k*4rNY+_e{ZZB4$3DM&dM@^_0Go}1kW38;LP4+P@OMY!==|*
zi0C`z#LlO+Wbd8BrC)jVl!`ZJG;eAi6Nzsd6S~%(KP7rpB4pz>ZE(4<_(o+axLk_W
z4q~PL(T^JPP{f8#WNWs*bRxP~VQb-c>BCQGn3(+p`7;YS0eHJ1O!UDkNweifo!RTX
z6VKhoWg_IqgG!5PdMF{&GC9l!$1u65M`YuilXJED{SL?F?<SfY3#QyX-0@r*Y!7Op
z9Gua|wkt{Pixl$s&@EYNleYO!URIgAtC1pp!jN{I9BSxiH72seVnd2w0;-qXD!_tN
zMF4i`r%(X&RZKa5o8*I`Z{PG6Z*H{o%xsr|eSHlniof0=NK)TxIh*E2R-E}-*#0wB
z3X9N#B}t>9B|wcI#r1_Vy0=0>udnz#PU(Lts0{kU=+}t+upFz(Pd_5m?bF7?!vxs6
z(xkW9)8-~WG4Tx`QC^H<QM~a!WQ>IH%>TpfHBK}@C%ZkbokGCADkF}-!=V1%oPzCB
zGPgXnhMy04e3aQ{Gwz>IJ8xXDy`4j&d-Sx4_Nj{Rz_v-sKC|z!ASmL53cGKB-M$qt
zchx3Xnq9OK=aBRj!jcO;qLA!8;SCeS#j9B!rwsFcE|KGkxXbmmd0B5)nQEN8^d)wo
z#GfmYWF_bWCF!$`m+{Tadu>N>0J!V620Iko#Std|oC4rsh(pSj79za^l-A_4pN$C>
zB4bD<8tjm=+<M=-CH*qUFGv?!Vg9x$;-l;OZB;m_r30^W>BmmY4nB_P?Ck71`);u$
zW@JHaGoSGMSIaMX=QLMWA#^_$&gP|j!Km>lq!oWhQV{NKL2+jCJ1`Ei)mV5t^^<Ac
z{R`K^|B0e~$%NgDJJP8wgx&KffPe<0W!*?1fb5s3xFhsW(J#%PojxgxeuEpViju{K
zmH?oHFg@Y4**bK>XlU^v))jh#Jp?r)9LRWX_GJk7k<kVj=xhXw%sI3XktP_D`#}d3
z2`nCCyR_i72hxcG33q9L$6kXwkg}K%4J4q$8_H9RCo=?(c@_v32JMM(#5Bbvlv;&#
zH`ig7JZJU$#s!H-fLVIO-K$)n_%gp>e06b<_czSgH|j_it;@ZE7_%O(1?~C#L&3=g
z;SC-Xv>nW-0s;W;g2x^tL<W&IxTId7xPrWC@cBM?bUhk_*Cj2^-?w>ZIXUGgDAc71
zY6q1Tg4Ib?ypc>0Vu4Agzm{$WXRbc*Fq;%lD!x|M1kQqS)un>pY4a@8FeY7x|3%*~
zlacLrpcTK1N|(B=lwtWr0r!P7e7o&Uch;p(y#kPK{g-qj^`6;oO!5mN-Yw7-Ple!T
zcj%-c6$FfVmq9%;+YR7MlK{KHia_j9lMFukVJCJ-+FX!feVm=nN!1%%5a2pv$mWf_
z(ky_yue*w6Dl3i&$`g%5R}&m5k{=6)-SyATT>@9sc4ycW1D1~4Ec{GFN)On~Tp&co
zHyN8MZ0<WMY9OeNAnXq31)(#l1xQs?j0kloRBDkzf{jsNqQTjnLXSqu&CxF7scZDC
z)W9XAXF*;0igT0DGKyA^Jw6EFT*u-3$%-5xO<qbv!J&z>gEr`6P|l&Uq=+g>r7PXA
z)}p=!)dQta0HKXWYj;G>kfz*mbBrM`mAsUn^wwximxK>cP}~G73bpGAN7Cg%nSg*Z
O?UJOdic_-F>Hh$hF~lJN

literal 0
HcmV?d00001

diff --git a/docs/userguide/storagedriver/imagesandcontainers.md b/docs/userguide/storagedriver/imagesandcontainers.md
new file mode 100644
index 00000000..3f2594d3
--- /dev/null
+++ b/docs/userguide/storagedriver/imagesandcontainers.md
@@ -0,0 +1,495 @@
+<!--[metadata]>
++++
+title = "Understand images, containers, and storage drivers"
+description = "Learn the technologies that support storage drivers."
+keywords = ["container, storage, driver, AUFS, btfs, devicemapper,zvfs"]
+[menu.main]
+parent = "engine_driver"
+weight = -2
++++
+<![end-metadata]-->
+
+
+# Understand images, containers, and storage drivers
+
+To use storage drivers effectively, you must understand how Docker builds and
+stores images. Then, you need an understanding of how these images are used by 
+containers. Finally, you'll need a short introduction to the technologies that 
+enable both images and container operations.
+
+## Images and layers
+
+Each Docker image references a list of read-only layers that represent 
+filesystem differences. Layers are stacked on top of each other to form a base 
+for a container's root filesystem. The diagram below shows the Ubuntu 15.04 
+image comprising 4 stacked image layers.
+
+![](images/image-layers.jpg)
+
+The Docker storage driver is responsible for stacking these layers and 
+providing a single unified view.
+ 
+When you create a new container, you add a new, thin, writable layer on top of 
+the underlying stack. This layer is often called the "container layer". All 
+changes made to the running container - such as writing new files, modifying 
+existing files, and deleting files - are written to this thin writable 
+container layer. The diagram below shows a container based on the Ubuntu 15.04 
+image.
+
+![](images/container-layers.jpg)
+
+### Content addressable storage
+
+Docker 1.10 introduced a new content addressable storage model. This is a 
+completely new way to address image and layer data on disk. Previously, image 
+and layer data was referenced and stored using a a randomly generated UUID. In 
+the new model this is replaced by a secure *content hash*.
+
+The new model improves security, provides a built-in way to avoid ID 
+collisions, and guarantees data integrity after pull, push, load, and save 
+operations. It also enables better sharing of layers by allowing many images to
+ freely share their layers even if they didn’t come from the same build.
+
+The diagram below shows an updated version of the previous diagram, 
+highlighting the changes implemented by Docker 1.10. 
+
+![](images/container-layers-cas.jpg)
+
+As can be seen, all image layer IDs are cryptographic hashes, whereas the 
+container ID is still a randomly generated UUID.
+
+There are several things to note regarding the new model. These include:
+
+1. Migration of existing images
+2. Image and layer filesystem structures
+
+Existing images, those created and pulled by earlier versions of Docker, need 
+to be migrated before they can be used with the new model. This migration 
+involves calculating new secure checksums and is performed automatically the 
+first time you start an updated Docker daemon. After the migration is complete,
+ all images and tags will have brand new secure IDs. 
+
+Although the migration is automatic and transparent, it is computationally 
+intensive. This means it and can take time if you have lots of image data. 
+During this time your Docker daemon will not respond to other requests.
+
+A migration tool exists that allows you to migrate existing images to the new 
+format before upgrading your Docker daemon. This means that upgraded Docker 
+daemons do not need to perform the migration in-band, and therefore avoids any 
+associated downtime. It also provides a way to manually migrate existing images
+ so that they can be distributed to other Docker daemons in your environment 
+that are already running the latest versions of Docker.
+
+The migration tool is provided by Docker, Inc., and runs as a container. You 
+can download it from [https://github.com/docker/v1.10-migrator/releases](https://github.com/docker/v1.10-migrator/releases).
+
+While running the "migrator" image you need to expose your Docker host's data 
+directory to the container. If you are using the default Docker data path, the 
+command to run the container will look like this 
+
+    $ sudo docker run --rm -v /var/lib/docker:/var/lib/docker docker/v1.10-migrator
+
+If you use the `devicemapper` storage driver, you will need to include the 
+`--privileged` option so that the container has access to your storage devices.
+
+#### Migration example
+
+The following example shows the migration tool in use on a Docker host running
+version 1.9.1 of the Docker daemon and the AUFS storage driver. The Docker host
+ is running on a **t2.micro** AWS EC2 instance with 1 vCPU, 1GB RAM, and a 
+single 8GB general purpose SSD EBS volume. The Docker data directory 
+(`/var/lib/docker`) was consuming 2GB of space.
+
+    $ docker images
+    REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
+    jenkins             latest              285c9f0f9d3d        17 hours ago        708.5 MB
+    mysql               latest              d39c3fa09ced        8 days ago          360.3 MB
+    mongo               latest              a74137af4532        13 days ago         317.4 MB
+    postgres            latest              9aae83d4127f        13 days ago         270.7 MB
+    redis               latest              8bccd73928d9        2 weeks ago         151.3 MB
+    centos              latest              c8a648134623        4 weeks ago         196.6 MB
+    ubuntu              15.04               c8be1ac8145a        7 weeks ago         131.3 MB
+    
+    $ sudo du -hs /var/lib/docker
+    2.0G    /var/lib/docker
+    
+    $ time docker run --rm -v /var/lib/docker:/var/lib/docker docker/v1.10-migrator
+    Unable to find image 'docker/v1.10-migrator:latest' locally
+    latest: Pulling from docker/v1.10-migrator
+    ed1f33c5883d: Pull complete
+    b3ca410aa2c1: Pull complete
+    2b9c6ed9099e: Pull complete
+    dce7e318b173: Pull complete
+    Digest: sha256:bd2b245d5d22dd94ec4a8417a9b81bb5e90b171031c6e216484db3fe300c2097
+    Status: Downloaded newer image for docker/v1.10-migrator:latest
+    time="2016-01-27T12:31:06Z" level=debug msg="Assembling tar data for 01e70da302a553ba13485ad020a0d77dbb47575a31c4f48221137bb08f45878d from /var/lib/docker/aufs/diff/01e70da302a553ba13485ad020a0d77dbb47575a31c4f48221137bb08f45878d"
+    time="2016-01-27T12:31:06Z" level=debug msg="Assembling tar data for 07ac220aeeef9febf1ac16a9d1a4eff7ef3c8cbf5ed0be6b6f4c35952ed7920d from /var/lib/docker/aufs/diff/07ac220aeeef9febf1ac16a9d1a4eff7ef3c8cbf5ed0be6b6f4c35952ed7920d"
+    <snip>
+    time="2016-01-27T12:32:00Z" level=debug msg="layer dbacfa057b30b1feaf15937c28bd8ca0d6c634fc311ccc35bd8d56d017595d5b took 10.80 seconds"
+
+    real    0m59.583s
+    user    0m0.046s
+    sys     0m0.008s
+
+The Unix `time` command prepends the `docker run` command to produce timings 
+for the operation. As can be seen, the overall time taken to migrate 7 images 
+comprising 2GB of disk space took approximately 1 minute. However, this 
+included the time taken to pull the `docker/v1.10-migrator` image 
+(approximately 3.5 seconds). The same operation on an m4.10xlarge EC2 instance 
+with 40 vCPUs, 160GB RAM and an 8GB provisioned IOPS EBS volume resulted in the
+ following improved timings:
+
+    real    0m9.871s
+    user    0m0.094s
+    sys     0m0.021s
+
+This shows that the migration operation is affected by the hardware spec of the
+ machine performing the migration.
+
+## Container and layers
+
+The major difference between a container and an image is the top writable 
+layer. All writes to the container that add new or modify existing data are 
+stored in this writable layer. When the container is deleted the writable layer
+ is also deleted. The underlying image remains unchanged.
+
+Because each container has its own thin writable container layer, and all 
+changes are stored this container layer, this means that multiple containers 
+can share access to the same underlying image and yet have their own data 
+state. The diagram below shows multiple containers sharing the same Ubuntu 
+15.04 image.
+
+![](images/sharing-layers.jpg)
+
+The Docker storage driver is responsible for enabling and managing both the 
+image layers and the writable container layer. How a storage driver 
+accomplishes these can vary between drivers. Two key technologies behind Docker
+ image and container management are stackable image layers and copy-on-write 
+(CoW).
+
+
+## The copy-on-write strategy
+
+Sharing is a good way to optimize resources. People do this instinctively in
+daily life. For example, twins Jane and Joseph taking an Algebra class at
+different times from different teachers can share the same exercise book by
+passing it between each other. Now, suppose Jane gets an assignment to complete
+the homework on page 11 in the book. At that point, Jane copies page 11, 
+completes the homework, and hands in her copy. The original exercise book is 
+unchanged and only Jane has a copy of the changed page 11.
+
+Copy-on-write is a similar strategy of sharing and copying. In this strategy,
+system processes that need the same data share the same instance of that data
+rather than having their own copy. At some point, if one process needs to 
+modify or write to the data, only then does the operating system make a copy of
+ the data for that process to use. Only the process that needs to write has 
+access to the data copy. All the other processes continue to use the original 
+data.
+
+Docker uses a copy-on-write technology with both images and containers. This 
+CoW strategy optimizes both image disk space usage and the performance of 
+container start times. The next sections look at how copy-on-write is leveraged
+ with images and containers through sharing and copying.
+
+### Sharing promotes smaller images
+
+This section looks at image layers and copy-on-write technology.  All image and
+ container layers exist inside the Docker host's *local storage area* and are 
+managed by the storage driver. On Linux-based Docker hosts this is usually 
+located under `/var/lib/docker/`.
+
+The Docker client reports on image layers when instructed to pull and push
+images with `docker pull` and `docker push`. The command below pulls the
+`ubuntu:15.04` Docker image from Docker Hub.
+
+    $ docker pull ubuntu:15.04
+    15.04: Pulling from library/ubuntu
+    1ba8ac955b97: Pull complete
+    f157c4e5ede7: Pull complete
+    0b7e98f84c4c: Pull complete
+    a3ed95caeb02: Pull complete
+    Digest: sha256:5e279a9df07990286cce22e1b0f5b0490629ca6d187698746ae5e28e604a640e
+    Status: Downloaded newer image for ubuntu:15.04
+
+From the output, you'll see  that the command actually pulls 4 image layers.
+Each of the above lines lists an image layer and its UUID or cryptographic 
+hash. The combination of these four layers makes up the `ubuntu:15.04` Docker 
+image.
+
+Each of these layers is stored in its own directory inside the Docker host's 
+local storage are. 
+
+Versions of Docker prior to 1.10 stored each layer in a directory with the same
+ name as the image layer ID. However, this is not the case for images pulled 
+with Docker version 1.10 and later. For example, the command below shows an 
+image being pulled from Docker Hub, followed by a directory listing on a host 
+running version 1.9.1 of the Docker Engine.
+
+    $  docker pull ubuntu:15.04
+    15.04: Pulling from library/ubuntu
+    47984b517ca9: Pull complete
+    df6e891a3ea9: Pull complete
+    e65155041eed: Pull complete
+    c8be1ac8145a: Pull complete
+    Digest: sha256:5e279a9df07990286cce22e1b0f5b0490629ca6d187698746ae5e28e604a640e
+    Status: Downloaded newer image for ubuntu:15.04
+
+    $ ls /var/lib/docker/aufs/layers
+    47984b517ca9ca0312aced5c9698753ffa964c2015f2a5f18e5efa9848cf30e2
+    c8be1ac8145a6e59a55667f573883749ad66eaeef92b4df17e5ea1260e2d7356
+    df6e891a3ea9cdce2a388a2cf1b1711629557454fd120abd5be6d32329a0e0ac
+    e65155041eed7ec58dea78d90286048055ca75d41ea893c7246e794389ecf203
+
+Notice how the four directories match up with the layer IDs of the downloaded 
+image. Now compare this with the same operations performed on a host running 
+version 1.10 of the Docker Engine.
+
+    $ docker pull ubuntu:15.04
+    15.04: Pulling from library/ubuntu
+    1ba8ac955b97: Pull complete
+    f157c4e5ede7: Pull complete
+    0b7e98f84c4c: Pull complete
+    a3ed95caeb02: Pull complete
+    Digest: sha256:5e279a9df07990286cce22e1b0f5b0490629ca6d187698746ae5e28e604a640e
+    Status: Downloaded newer image for ubuntu:15.04
+
+    $ ls /var/lib/docker/aufs/layers/
+    1d6674ff835b10f76e354806e16b950f91a191d3b471236609ab13a930275e24
+    5dbb0cbe0148cf447b9464a358c1587be586058d9a4c9ce079320265e2bb94e7
+    bef7199f2ed8e86fa4ada1309cfad3089e0542fec8894690529e4c04a7ca2d73
+    ebf814eccfe98f2704660ca1d844e4348db3b5ccc637eb905d4818fbfb00a06a
+
+See how the four directories do not match up with the image layer IDs pulled in
+ the previous step.
+
+Despite the differences between image management before and after version 1.10,
+all versions of Docker still allow images to share layers. For example, If you 
+`pull` an image that shares some of the same image layers as an image that has 
+already been pulled, the Docker daemon recognizes this, and only pulls the 
+layers it doesn't already have stored locally. After the second pull, the two 
+images will share any common image layers.
+
+You can illustrate this now for yourself. Starting with the `ubuntu:15.04` 
+image that you just pulled, make a change to it, and build a new image based on
+ the change. One way to do this is using a `Dockerfile` and the `docker build` 
+command.
+
+1. In an empty directory, create a simple `Dockerfile` that starts with the 
+   ubuntu:15.04 image.
+
+        FROM ubuntu:15.04
+
+2. Add a new file called "newfile" in the image's `/tmp` directory with the 
+   text "Hello world" in it.
+
+    When you are done, the `Dockerfile` contains two lines:
+
+        FROM ubuntu:15.04
+
+        RUN echo "Hello world" > /tmp/newfile
+
+3. Save and close the file.
+
+4. From a terminal in the same folder as your `Dockerfile`, run the following 
+   command:
+
+        $ docker build -t changed-ubuntu .
+        Sending build context to Docker daemon 2.048 kB
+        Step 1 : FROM ubuntu:15.04
+         ---> 3f7bcee56709
+        Step 2 : RUN echo "Hello world" > /tmp/newfile
+         ---> Running in d14acd6fad4e
+         ---> 94e6b7d2c720
+        Removing intermediate container d14acd6fad4e
+        Successfully built 94e6b7d2c720
+
+    > **Note:** The period (.) at the end of the above command is important. It
+    >  tells the `docker build` command to use the current working directory as
+    >   its build context.
+
+    The output above shows a new image with image ID `94e6b7d2c720`.
+
+5. Run the `docker images` command to verify the new `changed-ubuntu` image is 
+   in the Docker host's local storage area.
+
+        REPOSITORY       TAG      IMAGE ID       CREATED           SIZE
+        changed-ubuntu   latest   03b964f68d06   33 seconds ago    131.4 MB
+        ubuntu           15.04    013f3d01d247   6 weeks ago       131.3 MB
+
+6. Run the `docker history` command to see which image layers were used to 
+   create the new `changed-ubuntu` image.
+
+        $ docker history changed-ubuntu
+        IMAGE               CREATED              CREATED BY                                      SIZE        COMMENT
+        94e6b7d2c720        2 minutes ago       /bin/sh -c echo "Hello world" > /tmp/newfile    12 B 
+        3f7bcee56709        6 weeks ago         /bin/sh -c #(nop) CMD ["/bin/bash"]             0 B  
+        <missing>           6 weeks ago         /bin/sh -c sed -i 's/^#\s*\(deb.*universe\)$/   1.879 kB
+        <missing>           6 weeks ago         /bin/sh -c echo '#!/bin/sh' > /usr/sbin/polic   701 B
+        <missing>           6 weeks ago         /bin/sh -c #(nop) ADD file:8e4943cd86e9b2ca13   131.3 MB
+
+    The `docker history` output shows the new `94e6b7d2c720` image layer at the
+    top. You know that this is the new image layer added because it was created
+     by the `echo "Hello world" > /tmp/newfile` command in your `Dockerfile`. 
+    The 4 image layers below it are the exact same image layers 
+    that make up the `ubuntu:15.04` image.
+
+> **Note:** Under the content addressable storage model introduced with Docker 
+> 1.10, image history data is no longer stored in a config file with each image
+> layer. It is now stored as a string of text in a single config file that 
+> relates to the overall image. This can result in some image layers showing as
+>  "missing" in the output of the `docker history` command. This is normal 
+>  behaviour and can be ignored.
+>
+> You may hear images like these referred to as *flat images*.
+
+Notice the new `changed-ubuntu` image does not have its own copies of every 
+layer. As can be seen in the diagram below, the new image is sharing its four 
+underlying layers with the `ubuntu:15.04` image.
+
+![](images/saving-space.jpg)
+
+The `docker history` command also shows the size of each image layer. As you 
+can see, the `94e6b7d2c720` layer is only consuming 12 Bytes of disk space. 
+This means that the `changed-ubuntu` image we just created is only consuming an
+ additional 12 Bytes of disk space on the Docker host - all layers below the 
+`94e6b7d2c720` layer already exist on the Docker host and are shared by other 
+images.
+
+This sharing of image layers is what makes Docker images and containers so 
+space efficient.
+
+### Copying makes containers efficient
+
+You learned earlier that a container is a Docker image with a thin writable, 
+container layer added. The diagram below shows the layers of a container based 
+on the `ubuntu:15.04` image:
+
+![](images/container-layers-cas.jpg)
+
+All writes made to a container are stored in the thin writable container layer.
+ The other layers are read-only (RO) image layers and can't be changed. This 
+means that multiple containers can safely share a single underlying image. The 
+diagram below shows multiple containers sharing a single copy of the 
+`ubuntu:15.04` image. Each container has its own thin RW layer, but they all 
+share a single instance of the ubuntu:15.04 image:
+
+![](images/sharing-layers.jpg)
+
+When an existing file in a container is modified, Docker uses the storage 
+driver to perform a copy-on-write operation. The specifics of operation depends
+ on the storage driver. For the AUFS and OverlayFS storage drivers, the 
+copy-on-write operation is pretty much as follows:
+
+*  Search through the image layers for the file to update. The process starts 
+at the top, newest layer and works down to the base layer one layer at a 
+time.
+*  Perform a "copy-up" operation on the first copy of the file that is found. A
+ "copy up" copies the file up to the container's own thin writable layer.
+* Modify the *copy of the file* in container's thin writable layer.
+
+Btrfs, ZFS, and other drivers handle the copy-on-write differently. You can 
+read more about the methods of these drivers later in their detailed 
+descriptions.
+
+Containers that write a lot of data will consume more space than containers 
+that do not. This is because most write operations consume new space in the 
+container's thin writable top layer. If your container needs to write a lot of 
+data, you should consider using a data volume.
+
+A copy-up operation can incur a noticeable performance overhead. This overhead 
+is different depending on which storage driver is in use. However, large files,
+ lots of layers, and deep directory trees can make the impact more noticeable. 
+Fortunately, the operation only occurs the first time any particular file is 
+modified. Subsequent modifications to the same file do not cause a copy-up 
+operation and can operate directly on the file's existing copy already present 
+in the container layer.
+
+Let's see what happens if we spin up 5 containers based on our `changed-ubuntu`
+ image we built earlier:
+
+1. From a terminal on your Docker host, run the following `docker run` command 
+5 times.
+
+        $ docker run -dit changed-ubuntu bash
+        75bab0d54f3cf193cfdc3a86483466363f442fba30859f7dcd1b816b6ede82d4
+        $ docker run -dit changed-ubuntu bash
+        9280e777d109e2eb4b13ab211553516124a3d4d4280a0edfc7abf75c59024d47
+        $ docker run -dit changed-ubuntu bash
+        a651680bd6c2ef64902e154eeb8a064b85c9abf08ac46f922ad8dfc11bb5cd8a
+        $ docker run -dit changed-ubuntu bash
+        8eb24b3b2d246f225b24f2fca39625aaad71689c392a7b552b78baf264647373
+        $ docker run -dit changed-ubuntu bash
+        0ad25d06bdf6fca0dedc38301b2aff7478b3e1ce3d1acd676573bba57cb1cfef
+
+    This launches 5 containers based on the `changed-ubuntu` image.  As each 
+container is created, Docker adds a writable layer and assigns it a random 
+UUID. This is the value returned from the `docker run` command.
+
+2. Run the `docker ps` command to verify the 5 containers are running.
+
+        $ docker ps
+        CONTAINER ID    IMAGE             COMMAND    CREATED              STATUS              PORTS    NAMES
+        0ad25d06bdf6    changed-ubuntu    "bash"     About a minute ago   Up About a minute            stoic_ptolemy
+        8eb24b3b2d24    changed-ubuntu    "bash"     About a minute ago   Up About a minute            pensive_bartik
+        a651680bd6c2    changed-ubuntu    "bash"     2 minutes ago        Up 2 minutes                 hopeful_turing
+        9280e777d109    changed-ubuntu    "bash"     2 minutes ago        Up 2 minutes                 backstabbing_mahavira
+        75bab0d54f3c    changed-ubuntu    "bash"     2 minutes ago        Up 2 minutes                 boring_pasteur
+
+    The output above shows 5 running containers, all sharing the 
+`changed-ubuntu` image. Each `CONTAINER ID` is derived from the UUID when 
+creating each container.
+
+3. List the contents of the local storage area.
+
+        $ sudo ls /var/lib/docker/containers
+        0ad25d06bdf6fca0dedc38301b2aff7478b3e1ce3d1acd676573bba57cb1cfef
+        9280e777d109e2eb4b13ab211553516124a3d4d4280a0edfc7abf75c59024d47
+        75bab0d54f3cf193cfdc3a86483466363f442fba30859f7dcd1b816b6ede82d4
+        a651680bd6c2ef64902e154eeb8a064b85c9abf08ac46f922ad8dfc11bb5cd8a
+        8eb24b3b2d246f225b24f2fca39625aaad71689c392a7b552b78baf264647373
+
+Docker's copy-on-write strategy not only reduces the amount of space consumed 
+by containers, it also reduces the time required to start a container. At start
+ time, Docker only has to create the thin writable layer for each container. 
+The diagram below shows these 5 containers sharing a single read-only (RO) 
+copy of the `changed-ubuntu` image.
+
+![](images/shared-uuid.jpg)
+
+If Docker had to make an entire copy of the underlying image stack each time it
+started a new container, container start times and disk space used would be
+significantly increased.
+
+## Data volumes and the storage driver
+
+When a container is deleted, any data written to the container that is not 
+stored in a *data volume* is deleted along with the container. 
+
+A data volume is a directory or file in the Docker host's filesystem that is 
+mounted directly into a container. Data volumes are not controlled by the 
+storage driver. Reads and writes to data volumes bypass the storage driver and 
+operate at native host speeds. You can mount any number of data volumes into a 
+container. Multiple containers can also share one or more data volumes.
+
+The diagram below shows a single Docker host running two containers. Each 
+container exists inside of its own address space within the Docker host's local
+ storage area (`/var/lib/docker/...`). There is also a single shared data 
+volume located at `/data` on the Docker host. This is mounted directly into 
+both containers.
+
+![](images/shared-volume.jpg)
+
+Data volumes reside outside of the local storage area on the Docker host, 
+further reinforcing their independence from the storage driver's control. When 
+a container is deleted, any data stored in data volumes persists on the Docker 
+host.
+
+For detailed information about data volumes 
+[Managing data in containers](https://docs.docker.com/userguide/dockervolumes/).
+
+## Related information
+
+* [Select a storage driver](selectadriver.md)
+* [AUFS storage driver in practice](aufs-driver.md)
+* [Btrfs storage driver in practice](btrfs-driver.md)
+* [Device Mapper storage driver in practice](device-mapper-driver.md)
diff --git a/docs/userguide/storagedriver/index.md b/docs/userguide/storagedriver/index.md
new file mode 100644
index 00000000..60d1255d
--- /dev/null
+++ b/docs/userguide/storagedriver/index.md
@@ -0,0 +1,38 @@
+<!--[metadata]>
++++
+title = "Docker storage drivers"
+description = "Learn how select the proper storage driver for your container."
+keywords = ["container, storage, driver, AUFS, btfs, devicemapper,zvfs"]
+[menu.main]
+identifier = "engine_driver"
+parent = "engine_guide"
+weight = 7
++++
+<![end-metadata]-->
+
+
+# Docker storage drivers
+
+Docker relies on driver technology to manage the storage and interactions associated with images and the containers that run them. This section contains the following pages:
+
+* [Understand images, containers, and storage drivers](imagesandcontainers.md)
+* [Select a storage driver](selectadriver.md)
+* [AUFS storage driver in practice](aufs-driver.md)
+* [Btrfs storage driver in practice](btrfs-driver.md)
+* [Device Mapper storage driver in practice](device-mapper-driver.md)
+* [OverlayFS in practice](overlayfs-driver.md)
+* [ZFS storage in practice](zfs-driver.md)
+
+If you are new to Docker containers make sure you read ["Understand images, containers, and storage drivers"](imagesandcontainers.md) first. It explains key concepts and technologies that can help you when working with storage drivers.
+
+### Acknowledgment
+
+The Docker storage driver material was created in large part by our guest author
+Nigel Poulton with a bit of help from Docker's own Jérôme Petazzoni. In his
+spare time Nigel creates [IT training
+videos](http://www.pluralsight.com/author/nigel-poulton), co-hosts the weekly
+[In Tech We Trust podcast](http://intechwetrustpodcast.com/), and lives it large
+on [Twitter](https://twitter.com/nigelpoulton).
+
+
+&nbsp;
diff --git a/docs/userguide/storagedriver/overlayfs-driver.md b/docs/userguide/storagedriver/overlayfs-driver.md
new file mode 100644
index 00000000..70aa0167
--- /dev/null
+++ b/docs/userguide/storagedriver/overlayfs-driver.md
@@ -0,0 +1,299 @@
+<!--[metadata]>
++++
+title = "OverlayFS storage in practice"
+description = "Learn how to optimize your use of OverlayFS driver."
+keywords = ["container, storage, driver, OverlayFS "]
+[menu.main]
+parent = "engine_driver"
++++
+<![end-metadata]-->
+
+# Docker and OverlayFS in practice
+
+OverlayFS is a modern *union filesystem* that is similar to AUFS. In comparison
+ to AUFS, OverlayFS:
+
+* has a simpler design
+* has been in the mainline Linux kernel since version 3.18
+* is potentially faster
+
+As a result, OverlayFS is rapidly gaining popularity in the Docker community 
+and is seen by many as a natural successor to AUFS. As promising as OverlayFS 
+is, it is still relatively young. Therefore caution should be taken before 
+using it in production Docker environments.
+
+Docker's `overlay` storage driver leverages several OverlayFS features to build
+ and manage the on-disk structures of images and containers.
+
+>**Note**: Since it was merged into the mainline kernel, the OverlayFS *kernel 
+>module* was renamed from "overlayfs" to "overlay". As a result you may see the
+> two terms used interchangeably in some documentation. However, this document 
+> uses  "OverlayFS" to refer to the overall filesystem, and `overlay` to refer 
+> to Docker's storage-driver.
+
+## Image layering and sharing with OverlayFS
+
+OverlayFS takes two directories on a single Linux host, layers one on top of 
+the other, and provides a single unified view. These directories are often 
+referred to as *layers* and the technology used to layer them is known as a 
+*union mount*. The OverlayFS terminology is "lowerdir" for the bottom layer and
+ "upperdir" for the top layer. The unified view is exposed through its own 
+directory called "merged".
+
+The diagram below shows how a Docker image and a Docker container are layered. 
+The image layer is the "lowerdir" and the container layer is the "upperdir". 
+The unified view is exposed through a directory called "merged" which is 
+effectively the containers mount point. The diagram shows how Docker constructs
+ map to OverlayFS constructs.
+
+![](images/overlay_constructs.jpg)
+
+Notice how the image layer and container layer can contain the same files. When
+ this happens, the files in the container layer ("upperdir") are dominant and 
+obscure the existence of the same files in the image layer ("lowerdir"). The 
+container mount ("merged") presents the unified view.
+
+OverlayFS only works with two layers. This means that multi-layered images 
+cannot be implemented as multiple OverlayFS layers. Instead, each image layer 
+is implemented as its own directory under `/var/lib/docker/overlay`. 
+Hard links are then used as a space-efficient way to reference data shared with
+ lower layers. As of Docker 1.10, image layer IDs no longer correspond to 
+directory names in `/var/lib/docker/`
+
+To create a container, the `overlay` driver combines the directory representing
+ the image's top layer plus a new directory for the container. The image's top 
+layer is the "lowerdir" in the overlay and read-only. The new directory for the
+ container is the "upperdir" and is writable.
+
+## Example: Image and container on-disk constructs
+
+The following `docker pull` command shows a Docker host with downloading a 
+Docker image comprising four layers.
+
+    $ sudo docker pull ubuntu
+    Using default tag: latest
+    latest: Pulling from library/ubuntu
+    8387d9ff0016: Pull complete
+    3b52deaaf0ed: Pull complete
+    4bd501fad6de: Pull complete
+    a3ed95caeb02: Pull complete
+    Digest: sha256:457b05828bdb5dcc044d93d042863fba3f2158ae249a6db5ae3934307c757c54
+    Status: Downloaded newer image for ubuntu:latest
+
+Each image layer has it's own directory under `/var/lib/docker/overlay/`. This 
+is where the contents of each image layer are stored. 
+
+The output of the command below shows the four directories that store the 
+contents of each image layer just pulled. However, as can be seen, the image 
+layer IDs do not match the directory names in `/var/lib/docker/overlay`. This 
+is normal behavior in Docker 1.10 and later.
+
+    $ ls -l /var/lib/docker/overlay/
+    total 24
+    drwx------ 3 root root 4096 Oct 28 11:02 1d073211c498fd5022699b46a936b4e4bdacb04f637ad64d3475f558783f5c3e
+    drwx------ 3 root root 4096 Oct 28 11:02 5a4526e952f0aa24f3fcc1b6971f7744eb5465d572a48d47c492cb6bbf9cbcda
+    drwx------ 5 root root 4096 Oct 28 11:06 99fcaefe76ef1aa4077b90a413af57fd17d19dce4e50d7964a273aae67055235
+    drwx------ 3 root root 4096 Oct 28 11:01 c63fb41c2213f511f12f294dd729b9903a64d88f098c20d2350905ac1fdbcbba
+
+The image layer directories contain the files unique to that layer as well as 
+hard links to the data that is shared with lower layers. This allows for 
+efficient use of disk space.
+
+Containers also exist on-disk in the Docker host's filesystem under 
+`/var/lib/docker/overlay/`. If you inspect the directory relating to a running 
+container using the `ls -l` command, you find the following file and 
+directories.
+
+    $ ls -l /var/lib/docker/overlay/<directory-of-running-container>
+    total 16
+    -rw-r--r-- 1 root root   64 Oct 28 11:06 lower-id
+    drwxr-xr-x 1 root root 4096 Oct 28 11:06 merged
+    drwxr-xr-x 4 root root 4096 Oct 28 11:06 upper
+    drwx------ 3 root root 4096 Oct 28 11:06 work
+
+These four filesystem objects are all artifacts of OverlayFS. The "lower-id" 
+file contains the ID of the top layer of the image the container is based on. 
+This is used by OverlayFS as the "lowerdir".
+
+    $ cat /var/lib/docker/overlay/73de7176c223a6c82fd46c48c5f152f2c8a7e49ecb795a7197c3bb795c4d879e/lower-id
+    1d073211c498fd5022699b46a936b4e4bdacb04f637ad64d3475f558783f5c3e
+
+The "upper" directory is the containers read-write layer. Any changes made to 
+the container are written to this directory.
+
+The "merged" directory is effectively the containers mount point. This is where
+ the unified view of the image ("lowerdir") and container ("upperdir") is 
+exposed. Any changes written to the container are immediately reflected in this
+ directory.
+
+The "work" directory is required for OverlayFS to function. It is used for 
+things such as *copy_up* operations.
+
+You can verify all of these constructs from the output of the `mount` command. 
+(Ellipses and line breaks are used in the output below to enhance readability.)
+
+    $ mount | grep overlay
+    overlay on /var/lib/docker/overlay/73de7176c223.../merged
+    type overlay (rw,relatime,lowerdir=/var/lib/docker/overlay/1d073211c498.../root,
+    upperdir=/var/lib/docker/overlay/73de7176c223.../upper,
+    workdir=/var/lib/docker/overlay/73de7176c223.../work)
+
+The output reflects that the overlay is mounted as read-write ("rw").
+
+## Container reads and writes with overlay
+
+Consider three scenarios where a container opens a file for read access with 
+overlay.
+
+- **The file does not exist in the container layer**. If a container opens a 
+file for read access and the file does not already exist in the container 
+("upperdir") it is read from the image ("lowerdir"). This should incur very 
+little performance overhead.
+
+- **The file only exists in the container layer**. If a container opens a file 
+for read access and the file exists in the container ("upperdir") and not in 
+the image ("lowerdir"), it is read directly from the container.
+
+- **The file exists in the container layer and the image layer**. If a 
+container opens a file for read access and the file exists in the image layer 
+and the container layer, the file's version in the container layer is read. 
+This is because files in the container layer ("upperdir") obscure files with 
+the same name in the image layer ("lowerdir").
+
+Consider some scenarios where files in a container are modified.
+
+- **Writing to a file for the first time**. The first time a container writes 
+to an existing file, that file does not exist in the container ("upperdir"). 
+The `overlay` driver performs a *copy_up* operation to copy the file from the 
+image ("lowerdir") to the container ("upperdir"). The container then writes the
+ changes to the new copy of the file in the container layer.
+
+    However, OverlayFS works at the file level not the block level. This means 
+that all OverlayFS copy-up operations copy entire files, even if the file is 
+very large and only a small part of it is being modified. This can have a 
+noticeable impact on container write performance. However, two things are 
+worth noting:
+
+    * The copy_up operation only occurs the first time any given file is 
+written to. Subsequent writes to the same file will operate against the copy of
+ the file already copied up to the container.
+
+    * OverlayFS only works with two layers. This means that performance should 
+be better than AUFS which can suffer noticeable latencies when searching for 
+files in images with many layers.
+
+- **Deleting files and directories**. When files are deleted within a container
+ a *whiteout* file is created in the containers "upperdir". The version of the 
+file in the image layer ("lowerdir") is not deleted. However, the whiteout file
+ in the container obscures it.
+
+    Deleting a directory in a container results in *opaque directory* being 
+created in the "upperdir". This has the same effect as a whiteout file and 
+effectively masks the existence of the directory in the image's "lowerdir".
+
+## Configure Docker with the overlay storage driver
+
+To configure Docker to use the overlay storage driver your Docker host must be 
+running version 3.18 of the Linux kernel (preferably newer) with the overlay 
+kernel module loaded. OverlayFS can operate on top of most supported Linux 
+filesystems. However, ext4 is currently recommended for use in production 
+environments.
+
+The following procedure shows you how to configure your Docker host to use 
+OverlayFS. The procedure assumes that the Docker daemon is in a stopped state.
+
+> **Caution:** If you have already run the Docker daemon on your Docker host 
+> and have images you want to keep, `push` them Docker Hub or your private 
+> Docker Trusted Registry before attempting this procedure.
+
+1. If it is running, stop the Docker `daemon`.
+
+2. Verify your kernel version and that the overlay kernel module is loaded.
+
+        $ uname -r
+        3.19.0-21-generic
+
+        $ lsmod | grep overlay
+        overlay
+
+3. Start the Docker daemon with the `overlay` storage driver.
+
+        $ docker daemon --storage-driver=overlay &
+        [1] 29403
+        root@ip-10-0-0-174:/home/ubuntu# INFO[0000] Listening for HTTP on unix (/var/run/docker.sock)
+        INFO[0000] Option DefaultDriver: bridge
+        INFO[0000] Option DefaultNetwork: bridge
+        <output truncated>
+
+    Alternatively, you can force the Docker daemon to automatically start with
+    the `overlay` driver by editing the Docker config file and adding the
+    `--storage-driver=overlay` flag to the `DOCKER_OPTS` line. Once this option
+    is set you can start the daemon using normal startup scripts without having
+    to manually pass in the `--storage-driver` flag.
+
+4. Verify that the daemon is using the `overlay` storage driver
+
+        $ docker info
+        Containers: 0
+        Images: 0
+        Storage Driver: overlay
+         Backing Filesystem: extfs
+        <output truncated>
+
+    Notice that the *Backing filesystem* in the output above is showing as 
+`extfs`. Multiple backing filesystems are supported but `extfs` (ext4) is 
+recommended for production use cases.
+
+Your Docker host is now using the `overlay` storage driver. If you run the 
+`mount` command, you'll find Docker has automatically created the `overlay` 
+mount with the required "lowerdir", "upperdir", "merged" and "workdir" 
+constructs.
+
+## OverlayFS and Docker Performance
+
+As a general rule, the `overlay` driver should be fast. Almost certainly faster
+ than `aufs` and `devicemapper`. In certain circumstances it may also be faster
+ than `btrfs`. That said, there are a few things to be aware of relative to the
+ performance of Docker using the `overlay` storage driver.
+
+- **Page Caching**. OverlayFS supports page cache sharing. This means multiple 
+containers accessing the same file can share a single page cache entry (or 
+entries). This makes the `overlay` driver efficient with memory and a good 
+option for PaaS and other high density use cases.
+
+- **copy_up**. As with AUFS, OverlayFS has to perform copy-up operations any 
+time a container writes to a file for the first time. This can insert latency 
+into the write operation &mdash; especially if the file being copied up is 
+large. However, once the file has been copied up, all subsequent writes to that
+ file occur without the need for further copy-up operations.
+
+    The OverlayFS copy_up operation should be faster than the same operation 
+with AUFS. This is because AUFS supports more layers than OverlayFS and it is 
+possible to incur far larger latencies if searching through many AUFS layers.
+
+- **RPMs and Yum**. OverlayFS only implements a subset of the POSIX standards. 
+This can result in certain OverlayFS operations breaking POSIX standards. One 
+such operation is the *copy-up* operation. Therefore, using `yum` inside of a 
+container on a Docker host using the `overlay` storage driver is unlikely to 
+work without implementing workarounds.
+
+- **Inode limits**. Use of the `overlay` storage driver can cause excessive 
+inode consumption. This is especially so as the number of images and containers
+ on the Docker host grows. A Docker host with a large number of images and lots
+ of started and stopped containers can quickly run out of inodes.
+
+Unfortunately you can only specify the number of inodes in a filesystem at the 
+time of creation. For this reason, you may wish to consider putting 
+`/var/lib/docker` on a separate device with its own filesystem, or manually 
+specifying the number of inodes when creating the filesystem.
+
+The following generic performance best practices also apply to OverlayFS.
+
+- **Solid State Devices (SSD)**. For best performance it is always a good idea 
+to use fast storage media such as solid state devices (SSD).
+
+- **Use Data Volumes**. Data volumes provide the best and most predictable 
+performance. This is because they bypass the storage driver and do not incur 
+any of the potential overheads introduced by thin provisioning and 
+copy-on-write. For this reason, you should place heavy write workloads on data 
+volumes.
diff --git a/docs/userguide/storagedriver/selectadriver.md b/docs/userguide/storagedriver/selectadriver.md
new file mode 100644
index 00000000..a741a137
--- /dev/null
+++ b/docs/userguide/storagedriver/selectadriver.md
@@ -0,0 +1,206 @@
+<!--[metadata]>
++++
+title = "Select a storage driver"
+description = "Learn how select the proper storage driver for your container."
+keywords = ["container, storage, driver, AUFS, btfs, devicemapper,zvfs"]
+[menu.main]
+parent = "engine_driver"
+weight = -1
++++
+<![end-metadata]-->
+
+# Select a storage driver
+
+This page describes Docker's storage driver feature. It lists the storage
+driver's that Docker supports and the basic commands associated with managing
+them. Finally, this page provides guidance on choosing a storage driver.
+
+The material on this page is intended for readers who already have an
+[understanding of the storage driver technology](imagesandcontainers.md).
+
+## A pluggable storage driver architecture
+
+Docker has a pluggable storage driver architecture. This gives you the
+flexibility to "plug in" the storage driver that is best for your environment
+and use-case. Each Docker storage driver is based on a Linux filesystem or
+volume manager. Further, each storage driver is free to implement the
+management of image layers and the container layer in its own unique way. This
+means some storage drivers perform better than others in different
+circumstances.
+
+Once you decide which driver is best, you set this driver on the Docker daemon
+at start time. As a result, the Docker daemon can only run one storage driver,
+and all containers created by that daemon instance use the same storage driver.
+ The table below shows the supported storage driver technologies and their
+driver names:
+
+|Technology    |Storage driver name  |
+|--------------|---------------------|
+|OverlayFS     |`overlay`            |
+|AUFS          |`aufs`               |
+|Btrfs         |`btrfs`              |
+|Device Mapper |`devicemapper`       |
+|VFS*          |`vfs`                |
+|ZFS           |`zfs`                |
+
+To find out which storage driver is set on the daemon , you use the
+`docker info` command:
+
+    $ docker info
+    Containers: 0
+    Images: 0
+    Storage Driver: overlay
+     Backing Filesystem: extfs
+    Execution Driver: native-0.2
+    Logging Driver: json-file
+    Kernel Version: 3.19.0-15-generic
+    Operating System: Ubuntu 15.04
+    ... output truncated ...
+
+The `info` subcommand reveals that the Docker daemon is using the `overlay`
+storage driver with a `Backing Filesystem` value of `extfs`. The `extfs` value
+means that the `overlay` storage driver is operating on top of an existing
+(ext) filesystem. The backing filesystem refers to the filesystem that was used
+ to create the Docker host's local storage area under `/var/lib/docker`.
+
+Which storage driver you use, in part, depends on the backing filesystem you
+plan to use for your Docker host's local storage area. Some storage drivers can
+ operate on top of different backing filesystems. However, other storage
+drivers require the backing filesystem to be the same as the storage driver.
+For example, the `btrfs` storage driver on a Btrfs backing filesystem. The
+following table lists each storage driver and whether it must match the host's
+backing file system:
+
+|Storage driver |Must match backing filesystem |Incompatible with   |
+|---------------|------------------------------|--------------------|
+|`overlay`      |No                            |`btrfs` `aufs` `zfs`|
+|`aufs`         |No                            |`btrfs` `aufs`      |
+|`btrfs`        |Yes                           |   N/A              |
+|`devicemapper` |No                            |   N/A              |
+|`vfs`          |No                            |   N/A              |
+|`zfs`          |Yes                           |   N/A              |
+
+
+> **Note**
+> Incompatible with means some storage drivers can not run over certain backing
+> filesystem.
+
+You can set the storage driver by passing the `--storage-driver=<name>` option
+to the `docker daemon` command line, or by setting the option on the
+`DOCKER_OPTS` line in the `/etc/default/docker` file.
+
+The following command shows how to start the Docker daemon with the
+`devicemapper` storage driver using the `docker daemon` command:
+
+    $ docker daemon --storage-driver=devicemapper &
+
+    $ docker info
+    Containers: 0
+    Images: 0
+    Storage Driver: devicemapper
+     Pool Name: docker-252:0-147544-pool
+     Pool Blocksize: 65.54 kB
+     Backing Filesystem: extfs
+     Data file: /dev/loop0
+     Metadata file: /dev/loop1
+     Data Space Used: 1.821 GB
+     Data Space Total: 107.4 GB
+     Data Space Available: 3.174 GB
+     Metadata Space Used: 1.479 MB
+     Metadata Space Total: 2.147 GB
+     Metadata Space Available: 2.146 GB
+     Udev Sync Supported: true
+     Deferred Removal Enabled: false
+     Data loop file: /var/lib/docker/devicemapper/devicemapper/data
+     Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
+     Library Version: 1.02.90 (2014-09-01)
+    Execution Driver: native-0.2
+    Logging Driver: json-file
+    Kernel Version: 3.19.0-15-generic
+    Operating System: Ubuntu 15.04
+    <output truncated>
+
+Your choice of storage driver can affect the performance of your containerized
+applications. So it's important to understand the different storage driver
+options available and select the right one for your application. Later, in this
+ page you'll find some advice for choosing an appropriate driver.
+
+## Shared storage systems and the storage driver
+
+Many enterprises consume storage from shared storage systems such as SAN and
+NAS arrays. These often provide increased performance and availability, as well
+ as advanced features such as thin provisioning, deduplication and compression.
+
+The Docker storage driver and data volumes can both operate on top of storage
+provided by shared storage systems. This allows Docker to leverage the
+increased performance and availability these systems provide. However, Docker
+does not integrate with these underlying systems.
+
+Remember that each Docker storage driver is based on a Linux filesystem or
+volume manager. Be sure to follow existing best practices for operating your
+storage driver (filesystem or volume manager) on top of your shared storage
+system. For example, if using the ZFS storage driver on top of *XYZ* shared
+storage system, be sure to follow best practices for operating ZFS filesystems
+on top of XYZ shared storage system.
+
+## Which storage driver should you choose?
+
+Several factors influence the selection of a storage driver. However, these two
+ facts must be kept in mind:
+
+1. No single driver is well suited to every use-case
+2. Storage drivers are improving and evolving all of the time
+
+With these factors in mind, the following points, coupled with the table below,
+ should provide some guidance.
+
+### Stability
+For the most stable and hassle-free Docker experience, you should consider the
+following:
+
+- **Use the default storage driver for your distribution**. When Docker
+installs, it chooses a default storage driver based on the configuration of
+your system. Stability is an important factor influencing which storage driver
+is used by default. Straying from this default may increase your chances of
+encountering bugs and nuances.
+- **Follow the configuration specified on the CS Engine
+[compatibility matrix](https://www.docker.com/compatibility-maintenance)**. The
+ CS Engine is the commercially supported version of the Docker Engine. It's
+code-base is identical to the open source Engine, but it has a limited set of
+supported configurations. These *supported configurations* use the most stable
+and mature storage drivers. Straying from these configurations may also
+increase your chances of encountering bugs and nuances.
+
+### Experience and expertise
+
+Choose a storage driver that you and your team/organization have experience
+with. For example, if you use RHEL or one of its downstream forks, you may
+already have experience with LVM and Device Mapper. If so, you may wish to use
+the `devicemapper` driver.
+
+If you do not feel you have expertise with any of the storage drivers supported
+ by Docker, and you want an easy-to-use stable Docker experience, you should
+consider using the default driver installed by your distribution's Docker
+package.
+
+### Future-proofing
+
+Many people consider OverlayFS as the future of the Docker storage driver.
+However, it is less mature, and potentially less stable than some of the more
+mature drivers such as `aufs` and `devicemapper`.  For this reason, you should
+use the OverlayFS driver with caution and expect to encounter more bugs and
+nuances than if you were using a more mature driver.
+
+The following diagram lists each storage driver and provides insight into some
+of their pros and cons. When selecting which storage driver to use, consider
+the guidance offered by the table below along with the points mentioned above.
+
+![](images/driver-pros-cons.png)
+
+
+## Related information
+
+* [Understand images, containers, and storage drivers](imagesandcontainers.md)
+* [AUFS storage driver in practice](aufs-driver.md)
+* [Btrfs storage driver in practice](btrfs-driver.md)
+* [Device Mapper storage driver in practice](device-mapper-driver.md)
diff --git a/docs/userguide/storagedriver/zfs-driver.md b/docs/userguide/storagedriver/zfs-driver.md
new file mode 100644
index 00000000..e55e7396
--- /dev/null
+++ b/docs/userguide/storagedriver/zfs-driver.md
@@ -0,0 +1,296 @@
+<!--[metadata]>
++++
+title = "ZFS storage in practice"
+description = "Learn how to optimize your use of ZFS driver."
+keywords = ["container, storage, driver, ZFS "]
+[menu.main]
+parent = "engine_driver"
++++
+<![end-metadata]-->
+
+# Docker and ZFS in practice
+
+ZFS is a next generation filesystem that supports many advanced storage 
+technologies such as volume management, snapshots, checksumming, compression 
+and deduplication, replication and more.
+
+It was created by Sun Microsystems (now Oracle Corporation) and is open sourced
+ under the CDDL license. Due to licensing incompatibilities between the CDDL 
+and GPL, ZFS cannot be shipped as part of the mainline Linux kernel. However, 
+the ZFS On Linux (ZoL) project provides an out-of-tree kernel module and 
+userspace tools which can be installed separately.
+
+The ZFS on Linux (ZoL) port is healthy and maturing. However, at this point in 
+time it is not recommended to use the `zfs` Docker storage driver for 
+production use unless you have substantial experience with ZFS on Linux.
+
+> **Note:** There is also a FUSE implementation of ZFS on the Linux platform. 
+> This should work with Docker but is not recommended. The native ZFS driver 
+> (ZoL) is more tested, more performant, and is more widely used. The remainder
+>  of this document will relate to the native ZoL port.
+
+
+## Image layering and sharing with ZFS
+
+The Docker `zfs` storage driver makes extensive use of three ZFS datasets:
+
+- filesystems
+- snapshots
+- clones
+
+ZFS filesystems are thinly provisioned and have space allocated to them from a 
+ZFS pool (zpool) via allocate on demand operations. Snapshots and clones are 
+space-efficient point-in-time copies of ZFS filesystems. Snapshots are 
+read-only. Clones are read-write. Clones can only be created from snapshots. 
+This simple relationship is shown in the diagram below.
+
+![](images/zfs_clones.jpg)
+
+The solid line in the diagram shows the process flow for creating a clone. Step
+ 1 creates a snapshot of the filesystem, and step two creates the clone from 
+the snapshot. The dashed line shows the relationship between the clone and the 
+filesystem, via the snapshot. All three ZFS datasets draw space form the same 
+underlying zpool.
+
+On Docker hosts using the `zfs` storage driver, the base layer of an image is a
+ ZFS filesystem. Each child layer is a ZFS clone based on a ZFS snapshot of the
+ layer below it. A container is a ZFS clone based on a ZFS Snapshot of the top 
+layer of the image it's created from. All ZFS datasets draw their space from a 
+common zpool. The diagram below shows how this is put together with a running 
+container based on a two-layer image.
+
+![](images/zfs_zpool.jpg)
+
+The following process explains how images are layered and containers created. 
+The process is based on the diagram above.
+
+1. The base layer of the image exists on the Docker host as a ZFS filesystem.
+
+    This filesystem consumes space from the zpool used to create the Docker 
+host's local storage area at `/var/lib/docker`.
+
+2. Additional image layers are clones of the dataset hosting the image layer 
+directly below it.
+
+    In the diagram, "Layer 1" is added by making a ZFS snapshot of the base 
+layer and then creating a clone from that snapshot. The clone is writable and 
+consumes space on-demand from the zpool. The snapshot is read-only, maintaining
+ the base layer as an immutable object.
+
+3. When the container is launched, a read-write layer is added above the image.
+
+    In the diagram above, the container's read-write layer is created by making
+ a snapshot of the top layer of the image (Layer 1) and creating a clone from 
+that snapshot.
+
+    As changes are made to the container, space is allocated to it from the 
+zpool via allocate-on-demand operations. By default, ZFS will allocate space in
+ blocks of 128K.
+
+This process of creating child layers and containers from *read-only* snapshots
+ allows images to be maintained as immutable objects.
+
+## Container reads and writes with ZFS
+
+Container reads with the `zfs` storage driver are very simple. A newly launched
+ container is based on a ZFS clone. This clone initially shares all of its data
+ with the dataset it was created from. This means that read operations with the
+ `zfs` storage driver are fast &ndash; even if the data being read was note 
+copied into the container yet. This sharing of data blocks is shown in the 
+diagram below.
+
+![](images/zpool_blocks.jpg)
+
+Writing new data to a container is accomplished via an allocate-on-demand 
+operation. Every time a new area of the container needs writing to, a new block
+ is allocated from the zpool. This means that containers consume additional 
+space as new data is written to them. New space is allocated to the container 
+(ZFS Clone) from the underlying zpool.
+
+Updating *existing data* in a container is accomplished by allocating new 
+blocks to the containers clone and storing the changed data in those new 
+blocks. The original blocks are unchanged, allowing the underlying image 
+dataset to remain immutable. This is the same as writing to a normal ZFS 
+filesystem and is an implementation of copy-on-write semantics.
+
+## Configure Docker with the ZFS storage driver
+
+The `zfs` storage driver is only supported on a Docker host where 
+`/var/lib/docker` is mounted as a ZFS filesystem. This section shows you how to
+ install and configure native ZFS on Linux (ZoL) on an Ubuntu 14.04 system.
+
+### Prerequisites
+
+If you have already used the Docker daemon on your Docker host and have images 
+you want to keep, `push` them Docker Hub or your private Docker Trusted 
+Registry before attempting this procedure.
+
+Stop the Docker daemon. Then, ensure that you have a spare block device at 
+`/dev/xvdb`. The device identifier may be be different in your environment and 
+you should substitute your own values throughout the procedure.
+
+### Install Zfs on Ubuntu 14.04 LTS
+
+1. If it is running, stop the Docker `daemon`.
+
+1. Install the `software-properties-common` package.
+
+    This is required for the `add-apt-repository` command.
+
+        $ sudo apt-get install -y software-properties-common
+        Reading package lists... Done
+        Building dependency tree
+        <output truncated>
+
+2. Add the `zfs-native` package archive.
+
+        $ sudo add-apt-repository ppa:zfs-native/stable
+         The native ZFS filesystem for Linux. Install the ubuntu-zfs package.
+        <output truncated>
+        gpg: key F6B0FC61: public key "Launchpad PPA for Native ZFS for Linux" imported
+        gpg: Total number processed: 1
+        gpg:               imported: 1  (RSA: 1)
+        OK
+
+3. Get the latest package lists for all registered repositories and package 
+archives.
+
+        $ sudo apt-get update
+        Ign http://us-west-2.ec2.archive.ubuntu.com trusty InRelease
+        Get:1 http://us-west-2.ec2.archive.ubuntu.com trusty-updates InRelease [64.4 kB]
+        <output truncated>
+        Fetched 10.3 MB in 4s (2,370 kB/s)
+        Reading package lists... Done
+
+4. Install the `ubuntu-zfs` package.
+
+        $ sudo apt-get install -y ubuntu-zfs
+        Reading package lists... Done
+        Building dependency tree
+        <output truncated>
+
+5. Load the `zfs` module.
+
+        $ sudo modprobe zfs
+
+6. Verify that it loaded correctly.
+
+        $ lsmod | grep zfs
+        zfs                  2768247  0
+        zunicode              331170  1 zfs
+        zcommon                55411  1 zfs
+        znvpair                89086  2 zfs,zcommon
+        spl                    96378  3 zfs,zcommon,znvpair
+        zavl                   15236  1 zfs
+
+## Configure ZFS for Docker
+
+Once ZFS is installed and loaded, you're ready to configure ZFS for Docker.
+
+
+1. Create a new `zpool`.
+
+        $ sudo zpool create -f zpool-docker /dev/xvdb
+
+    The command creates the `zpool` and gives it the name "zpool-docker". The name is arbitrary.
+
+2. Check that the `zpool` exists.
+
+        $ sudo zfs list
+        NAME            USED  AVAIL    REFER  MOUNTPOINT
+        zpool-docker    55K   3.84G    19K    /zpool-docker
+
+3. Create and mount a new ZFS filesystem to `/var/lib/docker`.
+
+        $ sudo zfs create -o mountpoint=/var/lib/docker zpool-docker/docker
+
+4. Check that the previous step worked.
+
+        $ sudo zfs list -t all
+        NAME                 USED  AVAIL  REFER  MOUNTPOINT
+        zpool-docker         93.5K  3.84G    19K  /zpool-docker
+        zpool-docker/docker  19K    3.84G    19K  /var/lib/docker
+
+    Now that you have a ZFS filesystem mounted to `/var/lib/docker`, the daemon
+ should automatically load with the `zfs` storage driver.
+
+5. Start the Docker daemon.
+
+        $ sudo service docker start
+        docker start/running, process 2315
+
+    The procedure for starting the Docker daemon may differ depending on the
+    Linux distribution you are using. It is possible to force the Docker daemon
+    to start with the `zfs` storage driver by passing the 
+    `--storage-driver=zfs`flag to the `docker daemon` command, or to the 
+    `DOCKER_OPTS` line in the Docker config file.
+
+6. Verify that the daemon is using the `zfs` storage driver.
+
+        $ sudo docker info
+        Containers: 0
+        Images: 0
+        Storage Driver: zfs
+         Zpool: zpool-docker
+         Zpool Health: ONLINE
+         Parent Dataset: zpool-docker/docker
+         Space Used By Parent: 27648
+         Space Available: 4128139776
+         Parent Quota: no
+         Compression: off
+        Execution Driver: native-0.2
+        [...]
+
+    The output of the command above shows that the Docker daemon is using the
+    `zfs` storage driver and that the parent dataset is the 
+    `zpool-docker/docker` filesystem created earlier.
+
+Your Docker host is now using ZFS to store to manage its images and containers.
+
+## ZFS and Docker performance
+
+There are several factors that influence the performance of Docker using the 
+`zfs` storage driver.
+
+- **Memory**. Memory has a major impact on ZFS performance. This goes back to 
+the fact that ZFS was originally designed for use on big Sun Solaris servers 
+with large amounts of memory. Keep this in mind when sizing your Docker hosts.
+
+- **ZFS Features**. Using ZFS features, such as deduplication, can 
+significantly increase the amount of memory ZFS uses. For memory consumption 
+and performance reasons it is recommended to turn off ZFS deduplication. 
+However, deduplication at other layers in the stack (such as SAN or NAS arrays)
+ can still be used as these do not impact ZFS memory usage and performance. If 
+using SAN, NAS or other hardware RAID technologies you should continue to 
+follow existing best practices for using them with ZFS.
+
+- **ZFS Caching**. ZFS caches disk blocks in a memory structure called the 
+adaptive replacement cache (ARC). The *Single Copy ARC* feature of ZFS allows a
+ single cached copy of a block to be shared by multiple clones of a filesystem.
+ This means that multiple running containers can share a single copy of cached 
+block. This means that ZFS is a good option for PaaS and other high density use
+ cases.
+
+- **Fragmentation**. Fragmentation is a natural byproduct of copy-on-write 
+filesystems like ZFS. However, ZFS writes in 128K blocks and allocates *slabs* 
+(multiple 128K blocks) to CoW operations in an attempt to reduce fragmentation.
+ The ZFS intent log (ZIL) and the coalescing of writes (delayed writes) also 
+help to reduce fragmentation.
+
+- **Use the native ZFS driver for Linux**. Although the Docker `zfs` storage 
+driver supports the ZFS FUSE implementation, it is not recommended when high 
+performance is required. The native ZFS on Linux driver tends to perform better
+ than the FUSE implementation.
+
+The following generic performance best practices also apply to ZFS.
+
+- **Use of SSD**. For best performance it is always a good idea to use fast 
+storage media such as solid state devices (SSD). However, if you only have a 
+limited amount of SSD storage available it is recommended to place the ZIL on 
+SSD.
+
+- **Use Data Volumes**. Data volumes provide the best and most predictable 
+performance. This is because they bypass the storage driver and do not incur 
+any of the potential overheads introduced by thin provisioning and 
+copy-on-write. For this reason, you should place heavy write workloads on data 
+volumes.
diff --git a/errors/errors.go b/errors/errors.go
new file mode 100644
index 00000000..8070f48f
--- /dev/null
+++ b/errors/errors.go
@@ -0,0 +1,41 @@
+package errors
+
+import "net/http"
+
+// apiError is an error wrapper that also
+// holds information about response status codes.
+type apiError struct {
+	error
+	statusCode int
+}
+
+// HTTPErrorStatusCode returns a status code.
+func (e apiError) HTTPErrorStatusCode() int {
+	return e.statusCode
+}
+
+// NewErrorWithStatusCode allows you to associate
+// a specific HTTP Status Code to an error.
+// The Server will take that code and set
+// it as the response status.
+func NewErrorWithStatusCode(err error, code int) error {
+	return apiError{err, code}
+}
+
+// NewBadRequestError creates a new API error
+// that has the 400 HTTP status code associated to it.
+func NewBadRequestError(err error) error {
+	return NewErrorWithStatusCode(err, http.StatusBadRequest)
+}
+
+// NewRequestNotFoundError creates a new API error
+// that has the 404 HTTP status code associated to it.
+func NewRequestNotFoundError(err error) error {
+	return NewErrorWithStatusCode(err, http.StatusNotFound)
+}
+
+// NewRequestConflictError creates a new API error
+// that has the 409 HTTP status code associated to it.
+func NewRequestConflictError(err error) error {
+	return NewErrorWithStatusCode(err, http.StatusConflict)
+}
diff --git a/experimental/README.md b/experimental/README.md
new file mode 100644
index 00000000..659780e3
--- /dev/null
+++ b/experimental/README.md
@@ -0,0 +1,81 @@
+# Docker Experimental Features
+
+This page contains a list of features in the Docker engine which are
+experimental. Experimental features are **not** ready for production. They are
+provided for test and evaluation in your sandbox environments.  
+
+The information below describes each feature and the GitHub pull requests and
+issues associated with it. If necessary, links are provided to additional
+documentation on an issue.  As an active Docker user and community member,
+please feel free to provide any feedback on these features you wish.
+
+## Install Docker experimental
+
+Unlike the regular Docker binary, the experimental channels is built and
+updated nightly on https://experimental.docker.com. From one day to the
+next, new features may appear, while existing experimental features may be
+refined or entirely removed.
+
+1. Verify that you have `curl` installed.
+
+        $ which curl
+
+    If `curl` isn't installed, install it after updating your manager:
+
+        $ sudo apt-get update
+        $ sudo apt-get install curl
+
+2. Get the latest Docker package.
+
+        $ curl -sSL https://experimental.docker.com/ | sh
+
+    The system prompts you for your `sudo` password. Then, it downloads and
+    installs Docker and its dependencies.
+
+	>**Note**: If your company is behind a filtering proxy, you may find that the
+	>`apt-key`
+	>command fails for the Docker repo during installation. To work around this,
+	>add the key directly using the following:
+	>
+	>       $ curl -sSL https://experimental.docker.com/gpg | sudo apt-key add -
+
+3. Verify `docker` is installed correctly.
+
+        $ sudo docker run hello-world
+
+    This command downloads a test image and runs it in a container.
+
+### Get the Linux binary
+To download the latest experimental `docker` binary for Linux,
+use the following URLs:
+
+    https://experimental.docker.com/builds/Linux/i386/docker-latest
+
+    https://experimental.docker.com/builds/Linux/x86_64/docker-latest
+
+After downloading the appropriate binary, you can follow the instructions
+[here](https://docs.docker.com/installation/binaries/#get-the-docker-binary) to run the `docker` daemon.
+
+> **Note**
+>
+> 1) You can get the MD5 and SHA256 hashes by appending .md5 and .sha256 to the URLs respectively
+>
+> 2) You can get the compressed binaries by appending .tgz to the URLs
+
+### Build an experimental binary
+You can also build the experimental binary from the standard development environment by adding
+`DOCKER_EXPERIMENTAL=1` to the environment where you run `make` to build Docker binaries. For example,
+to build a Docker binary with the experimental features enabled:
+
+        $ DOCKER_EXPERIMENTAL=1 make binary
+
+## Current experimental features
+
+ * [External graphdriver plugins](plugins_graphdriver.md)
+ * The user namespaces feature has graduated from experimental.
+
+## How to comment on an experimental feature
+
+Each feature's documentation includes a list of proposal pull requests or PRs associated with the feature. If you want to comment on or suggest a change to a feature, please add it to the existing feature PR.  
+
+Issues or problems with a feature? Inquire for help on the `#docker` IRC channel or in on the [Docker Google group](https://groups.google.com/forum/#!forum/docker-user).  
diff --git a/experimental/images/ipvlan-l3.gliffy b/experimental/images/ipvlan-l3.gliffy
new file mode 100644
index 00000000..bf0512af
--- /dev/null
+++ b/experimental/images/ipvlan-l3.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#FFFFFF","width":447,"height":422,"nodeIndex":326,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":{"uid":"com.gliffy.theme.beach_day","name":"Beach Day","shape":{"primary":{"strokeWidth":2,"strokeColor":"#00A4DA","fillColor":"#AEE4F4","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#004257"}},"secondary":{"strokeWidth":2,"strokeColor":"#CDB25E","fillColor":"#EACF81","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#332D1A"}},"tertiary":{"strokeWidth":2,"strokeColor":"#FFBE00","fillColor":"#FFF1CB","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#000000"}},"highlight":{"strokeWidth":2,"strokeColor":"#00A4DA","fillColor":"#00A4DA","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#ffffff"}}},"line":{"strokeWidth":2,"strokeColor":"#00A4DA","fillColor":"none","arrowType":2,"interpolationType":"quadratic","cornerRadius":0,"text":{"color":"#002248"}},"text":{"color":"#002248"},"stage":{"color":"#FFFFFF"}},"viewportType":"default","fitBB":{"min":{"x":9,"y":10.461511948529278},"max":{"x":447,"y":421.5}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":12.0,"y":200.0,"rotation":0.0,"id":276,"width":434.00000000000006,"height":197.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":10,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#434343","fillColor":"#c5e4fc","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.93,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":275.0,"y":8.93295288085936,"rotation":0.0,"id":269,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":14,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":272,"py":0.5,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":290,"py":1.0,"px":0.7071067811865476}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[82.0,295.5670471191406],[-4.628896294384617,211.06704711914062]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":285.0,"y":18.93295288085936,"rotation":0.0,"id":268,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":15,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":316,"py":0.5,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":290,"py":0.9999999999999996,"px":0.29289321881345254}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-204.0,285.5670471191406],[-100.37110370561533,201.06704711914062]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":8.0,"y":203.5,"rotation":0.0,"id":267,"width":116.0,"height":16.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":16,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:14px;font-family:Arial;\">Docker Host</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":10.0,"y":28.93295288085936,"rotation":0.0,"id":278,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":17,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":290,"py":0.5,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":246,"py":0.5,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[217.5,167.06704711914062],[219.11774189711457,53.02855906766992]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":57.51435447730654,"y":10.461511948529278,"rotation":0.0,"id":246,"width":343.20677483961606,"height":143.0,"uid":"com.gliffy.shape.cisco.cisco_v1.storage.cloud","order":18,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.storage.cloud","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#434343","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":106.0,"y":55.19999694824217,"rotation":0.0,"id":262,"width":262.0,"height":75.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":22,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:13px;\">Unless notified about the container networks, the physical network does not have a route to their subnets</span></p><p style=\"text-align:center;\"><span style=\"font-size:13px;font-weight:bold;\">Who has 10.16.20.0/24?</span></p><p style=\"text-align:center;\"><span style=\"font-size:13px;font-weight:bold;\">Who has 10.1.20.0/24?</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":7.0,"y":403.5,"rotation":0.0,"id":282,"width":442.0,"height":18.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":23,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:16px;font-style:italic;\">Containers can be on different subnets and reach each other</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":106.0,"y":252.5,"rotation":0.0,"id":288,"width":238.0,"height":22.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":24,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:20px;font-weight:bold;\">&nbsp;Ipvlan&nbsp;</span><span style=\"font-size:20px;font-weight:bold;\">L3 Mode</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":124.0,"y":172.0,"rotation":0.0,"id":290,"width":207.0,"height":48.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":25,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#cccccc","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":3.568965517241383,"y":0.0,"rotation":0.0,"id":291,"width":199.86206896551747,"height":42.0,"uid":null,"order":27,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-weight:bold;\">Eth0</span></p><p style=\"text-align:center;\"><span style=\"font-weight:bold;\">192.168.50.10/24</span></p><p style=\"text-align:center;\"><span style=\"\">Parent interface acts as a <span style=\"font-weight:bold;\">Router</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":29.0,"y":358.1999969482422,"rotation":0.0,"id":304,"width":390.99999999999994,"height":32.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":29,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:14px;\">All containers can ping each other <span style=\"font-weight:bold;\">without</span> a router if </span></p><p style=\"text-align:center;\"><span style=\"font-size:14px;\">they share the <span style=\"font-weight:bold;\">same</span> parent interface (<span style=\"font-style:italic;\">example eth0)</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":24.0,"y":276.0,"rotation":0.0,"id":320,"width":134.0,"height":77.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":48,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":316,"width":114.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":44,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.97,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.279999999999999,"y":0.0,"rotation":0.0,"id":317,"width":109.44000000000001,"height":43.0,"uid":null,"order":47,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">Container(s)</span></p><p style=\"text-align:center;\"><span style=\"font-size:13px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Eth0&nbsp;</span></span></p><p style=\"text-align:center;\"><span style=\"font-weight:bold;\">172.16.20.x/24</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":10.0,"y":10.0,"rotation":0.0,"id":318,"width":114.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":42,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.97,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":20.0,"y":20.0,"rotation":0.0,"id":319,"width":114.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":40,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.97,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":300.0,"y":276.0,"rotation":0.0,"id":321,"width":134.0,"height":77.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":49,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":272,"width":114.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":35,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.97,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.279999999999999,"y":0.0,"rotation":0.0,"id":273,"width":109.44000000000001,"height":44.0,"uid":null,"order":38,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">Container(s)</span></p><p style=\"text-align:center;\"><span style=\"font-size:13px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Eth0 <span style=\"font-weight:bold;\">10.1.20.x/24</span></span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":10.0,"y":10.0,"rotation":0.0,"id":310,"width":114.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":33,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.97,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":20.0,"y":20.0,"rotation":0.0,"id":312,"width":114.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":31,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.97,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":368.0,"y":85.93295288085938,"rotation":0.0,"id":322,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":50,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#434343","fillColor":"none","dashStyle":"4.0,4.0","startArrow":2,"endArrow":2,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-191.0,222.06704711914062],[-80.9272967534639,222.06704711914062]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":167.0,"y":25.499999999999986,"rotation":0.0,"id":323,"width":135.0,"height":32.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":51,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:14px;font-weight:bold;font-family:Arial;\">Physical Network</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":53}],"shapeStyles":{},"lineStyles":{"global":{"fill":"none","stroke":"#434343","strokeWidth":2,"dashStyle":"4.0,4.0","startArrow":2,"endArrow":2,"orthoMode":2}},"textStyles":{"global":{"face":"Arial","size":"13px","color":"#000000"}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.basic.basic_v1.default","com.gliffy.libraries.flowchart.flowchart_v1.default","com.gliffy.libraries.swimlanes.swimlanes_v1.default","com.gliffy.libraries.images","com.gliffy.libraries.network.network_v4.home","com.gliffy.libraries.network.network_v4.business","com.gliffy.libraries.network.network_v4.rack","com.gliffy.libraries.network.network_v3.home","com.gliffy.libraries.network.network_v3.business","com.gliffy.libraries.network.network_v3.rack"],"lastSerialized":1458117032939,"analyticsProduct":"Confluence"},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/experimental/images/ipvlan-l3.png b/experimental/images/ipvlan-l3.png
new file mode 100644
index 0000000000000000000000000000000000000000..3227a83ca1541ec68e06b0aa105e22fdf5ae9e6f
GIT binary patch
literal 18260
zcmaI6Wl$YmumyT>5AG1$-Q67ydXV7m8r<F89fE6chd^+5cXto&JidG1eLr8-Oil0J
zyL<KO-qSTTGZ9J(Qb_Q4@Bjb+Nk&>+1pok>`#RfTA-*)bij0K-0C<NIP*vjd^E0-f
zUa{)_OFwe(CRcecDj_Xbb|qJNCj<c8&80JaO#p;GA157KPNwcZhxcCq0EW@6aa{nQ
zXY&pKQ0O^$E9sdkSbytWx)?dQkx!oTl>)TQ9yW|^N><!|ejK<4CWMXLBu-qFM(fIz
zo%EKt0sue)Qi`^NHz`HU?mwvj+T_pYRRBPn3;>XfP5?S3O{d6!$!B8y2koK&0EoKg
z14FAa8wP53UX5(L=%bDVL&q0#^aP6T-8%nWjl|N@0|HYEm_x>-zYG8X+2Wz0n@<Hz
zLnhyDfS4D6!6<3&E9@`;z^o)p-Y&Ckc&yPNe-Yhy(1;$8Gk516m7^ci3P$S;5KSCC
zI0A5`_!f7iO9P(Pet&+xj?Vm@94HR$KC$r%?ddL+iyx@X{<+i~8xd%q^k+jTaZ)aK
zvn)`gSQqfOIy|UmacFIXik=w-2V?8vA?0@)m`<@sK&XbX&B0jy`$1EL5m&Aodkh1>
zzI=J7-uZdIPqutrz|x1Ai?3;VhTlje(*-0XDKBVe#9*5bMa}EV0b?Ns0MG@0Ui2`_
zyA_7pwKNt+WmVFd);j7*KV7ZM<o+Q8#nNc|#25f5yp~#=09+Z@sR=$>KpvgIJVpRB
zk%B`-b-EM-07kw-z$Bs2hOsF>sATd?h@Xx{3=r`1M{l@jXOa<zuoU2XG=qYHlRQ&R
zZ$Fqx?ZHBSNlqldt_c7j2XH76uqg{DD#$X)b$BpyGTLc-2kT3k0z!wtN#%w3h34nx
zy1Tm*lag#~tzTbWgM)*!bFy{y^h!!fPEXIq$Hx!$cE!ZR9v<%1)zp2web%<Onwy(z
z8|qx#oWv!i`$xwjqob~_E|rv&s;a7_Wn@iFP5<58ynTMIt}Fu;ls-T2?ms?9HkKv_
zdd@#TH(ozsvp;zN0C80raS>H_z4MhL$3kWlz_!oll8RW<v_zB7J<BE9P_%6#KGjid
zmp&pyA8UtJFk~EkWC8X694XeoQ1(F&Djql)tyz&qpED?iIdT-n4$>h!Q%ROqdsGnb
z(TIUiKA{RJOZ(q_NwQH7TH06B6ls}!%=IAY1^)X7pr@=O1Q$j*e|F|%#TA_w-Y;kC
z)_`zJ#`9NCCW{OdMugwWB?QLTkvyi0WxiQ_#T0~ZQXY15j6v3s1PYv2ei$9RP7duU
zqHT!9#~0bi?!lGe=?X6%oIH~_-Z`^`G@SyH#Q}0r7>^JBu!Keq-(wCBenOz|2O&fP
z%g(=xOm2N&(JGPhAZ&+bB(oa!l?)rZAHYn!%X6=Q?12*Z=-5I<(n;+L6OzT~%aEvO
z<a=+DL?V5)BxKJ9sVWA|kD*q>gv8_ogMJaz{p`T;w{DzN-7~1pVqIlvWlRHg>_wsK
z+@e+a#w-GRB!9D%P4X!uI$n1QEJo%7!P9sat=Yi+8?`ar93aXXi7MWN=hA*yn@Ikk
z4&`q8r987}hlINhTR;^mdxMx-+>@>TP$>)3LgwW~Dq;mQ#%#p8{3(LFu9AB9%YwlX
zX^Jt4C~j&qDj?O8cx?i0hwDmDi>9@%F0a|XWrlKxLu-fY0YY#dF;{(Xz#B^()XVp~
zA+#qOWF3Pblb9U2Xb05_fp~})<nWJo!}=m$ewxl*l#$3RE2%y}(SaY<nhxU8Udubv
zy?T2j`mNSgA`$-y9OQgW3{3m}$0^0+T0DFG+^wLIxfYhLAEtv!`I`L4%xVNxW=|ru
z%tg@^4nG9Lxxz1tAH;o~8@R0Q?zByO4E6^3KLjydDKxH^BTvNIcfO_4{~EMf>4vZ#
zE$5YiKsXBY*+b>07f3O)+SciM@ArFu`gqLyfO499UTM3S_#0RA)ci8kaC()t{CdH{
zUsheO{k`w`&G72YZ?(N1(zlZBufdwTu4o5M#we0nv6WmAo=8Wu(MTcf4Y?&QG)0oU
znn9uhM0uu(8;#a5mXez3LPqk*Z#>J&vJ<;CvtdznTbY7$yAnJkFbEtY;(+bo<^Jk(
zA>&D(D;*-QXyd%8x~=Fqj7_gcZx1elO`pe&sgB2$F=5#a<a1NbtxRZjbIG<wiX%GI
zgwvJ9_g^+S0~5?}<Q?5yAvC6}&#GqB3XK}veu6xZwQG9HCqKrzU7oklaTP2o?ZGNe
zq>F7~q%`{`%x&~7&!Hn|YE;!;Q?f*HvOpP-Tm=35u|Ah?>^r<otknH%e&;dG`u_R?
zS7o@K0wh)nnmJc?m<6u{Z}2VUJXLZQQtwnfD;ROPFhAP=;s3hBem}~M>xk9yuVL1k
zkP^ZRJesL>xg0b!OlMvo;<!@dHQm0&(dRSQ%EP)PD{i~MYcA#J*sg`j7OFF<KBM!g
zb}OowU4qz#bZ5-X1eGO9wLhkmvA?k-7xwl1Ac_{(7M5+RUD`Vome^yW&7-qBPV#Rj
z$*7)l*A+0r*K?AkxZ9nCV?iWiL13rc7vehi*qy!MGG{i{v+zco)7cQ3$EY)~<0<76
z1Y7fR-wz1-7vO0w=BIg(D!43Q5F$Io!hH_4X5fqyWO!F17dPs(pduU7r9u_lM(*%S
z1rN(()Di?70}+)BhKxA%DeOQ2j!G4W9g*h;gM~=NKM$PzS7b*{DjA67)~^?KxrLkN
z5tDr!2mqUdSltl1EG$Zreo(7zo*_L2xt2i5G3;_5xN!dcMn^gB^HSe9s4U=4fSY2U
zFG>5~)DutD19qHL%dXWPo&|3$Fk!83qR$Kc!-p}nmF?BkD*xxZZfVH1jrnX&-rzd4
zB9>wgQ1hSXV;Ch*6{l5Ws3&5^Z!QG)EfD;%2R=$vYzyZBIc4%=<%&9Uj*)QAJ~z^(
z<G-!}^9%+bqaoO?{FE;SVL^^oUiSEZNDxz%Pbot}JjkVuk&H>Fc<x8C2cgW6D@^op
z^oRlp-E(%;peLum@c0e1=^^-2n@3?%QewaR*C<$PFu&~fNNXc3=ce$s`cs(D*iY0i
z8)R^8iJj_Nc?3O=oP2}1`mz76co)zh5`H{auSPgO`uYgA91H)->F@R^!oic!@aLO^
zn?UzwRe>!I+wm%NXK&$s=!@y=yA~n?K4GTE9nLwYxBrB5XVLJwnD6h{Z+i<B7s0)#
zYB=x`jq==;8p2%PtngC}s3~t4UWj*+BT5?A-CH>xERd5+Q0=_af_Z{pPmwPMNNVo=
z^rA8x<0ts<5;8ZH)PoX%ne?R%?CbFx1>|Ft)?W5U-c9Y~dz5En8}m-QISYB@`4mY4
zW9t(O60{?YD}w}=snv7$F%1kM6P(L@8S?sxGEPWj|6uQpuv}y$PXwx<oY-j#TT*`p
z4wroIvf^#tRa^?wRulOIMYy!*p3FygOub*7os$}KT!RgbT_2#F@oQW4$H<9yb_rNV
z9^f7$JAecLUMsFIGP^D>izk|Yb$<Z1G*<W^%Nbqi21e21ye<1)*3HR!lI$+q{P!ot
zm20@$c~e;wJ-rKgs!D#5V`Uk4<}xAdEOGkwpp}=G{=lf2t!rkoEfTDsY)E(-7#t8X
zjU2dq`{Rf*HmYio#AEyZ`OP1KC1Y-JZkwOB02|Er7NSXn1YxEVIRLMh`PlaTy_eD7
z-mgYS+znR;AW(X7Z$W^Kg#&XG5q?RoHPd)_CUQa-jMWPs#YznoUywB$s(_bVf`Mji
zK*E<l!egPgWjb2V4T?^Z`}CH*+g+YemOVCev<hf{%nf)?pZk7>fH2j)Be<57<|=?)
z7=toefVrv94SujOJ#Sg}yqaIWaY&Y??*6k$VyYbK8$AKc3jb%HTNw$Jb39d2mjxM@
z=d=|(v4Gd_E2cLLyx|}PT6r4s!8}pN-omk<Gfk2wUr%+7D276}+0xsoV9mCbY);sv
z>Wg$xi>=)Dcr#<%ZPVn6f(SlFy~AHLY}=vShNZvs(>Pq`tkJX`n-95d-;rIln`$j|
z`F``ctP$Lp%wj`vVKk<J_t(zrrlC}yP_6Ih|H6=0ljbK}2+rQ0X(zAe?QC@{l*aDp
z5KL>AJffxJ%mR%E**F(o4QG1_%i2C!cB_M0?~vd%-A{K#TYrfuY6jxF_V7z1G^W^5
zTkPJ+SUdJ+k0#}#=jb4>-k?DVlkLplLG^rRCC{vgKNjI2DZP{(l3auvN}-9e*HX3E
zY|ZkKA5d6X?|Deh9z~GQ@vQf=zMECF6<l>tFx~Cf96uRL2Dyr0O3vRLGz;L)IUN?B
zsq%W<pC!LaC(m)w2#b3bSl;y&zF2aXGF8TBgB%m3@X_=>e9EPv;iZn;9Zw!hi<h>W
zLd0HaeQ0<FUe(RH-g+(w5cPgLPlq~1o+|ONuZ?B$-e=cGL1l_!i%ePWZDo5Pcpg;B
z<y<H!C{#^jxFb{)Gp!CI>6T&$dp7q5FmKY2{BO06lC!TZ_Ri!ge{a&lmz7vGuv+$C
zbi2UsYwN#=!F=TImu$daixwP`59?9biqDER2Aw-gPW8$CFsdmt!!B>PT5w#|C)r}_
z2;_M;_b&-|Y=^zpH(i*;wxxzVY?Or(o&kELz~rcAsz}r4i~dI~HKcqu<IGhzhIt$Y
zF%ky}hAmQ5OPQNsM?RC6lIue{6v0l_P+K}=fY22_6zcgV6vDxKGcTSd4Cu026kOJ(
zP5UG^F`g)LyC};lC({Yqp6Ok{tOx@mY*tY@@wm>_#{jl=wi@s6Il?Ufv3kf$F~w?T
zXS0y$z?7NWvchoB$7{tI#Ro0uTOhEjvHzIfn}xQ_e1hz7neMVY0$xKoF~@7A9Z6Uv
zjoS!uqN>pUm?DoL+82J7uGh=@Y{gT@)8l)~nTHM}BDEce8f#*F&?`G>1XN}0*gkzG
zYab%K;%OL+gr5|jq|5GB`|;AA>;DplY!-@Wne1udl)5|VjAOAF3mu&HBp4$r3eWWu
zGbk%;Co*CYpfqG1SCJ$%SuWA1I_p-mXg+p95oO_zl%Vn>hFagYp4ls4X0;sVKXL|A
z{9GC$LuGOv_`^xGS2dPKM`&)S#B4DZIY<uV`xYic!tdVcnIq*aL~y<^vSJRO#KU?<
z-1i;i@<gFwI9;#=7J~DAK{4k|1ViaJ=#9>EPdjfYgGbCPpwzemhxK>YV6e{jy>o1q
zL2V0HFsggj|2)H%xFm=oCa1Iz;*$uC=POKh$r;s;^A6XJ@FF^4mVHxM=l$Bm<w-)}
z;MLk#2+ygrfh<m_b1Z5EVcRgjuP!`0cK_)f$o!!&f3(hv7SVQPmt?Ne)(CHI&|j`v
z*biIe<uL}PYQo@hYKA4#DiNwGWZdW$B?<Y1+qEXCq=WTp500NJ4ymG^D~fAZk3!j^
zOfYZu0tJ3z$>B7biWn!)HR#8Sen(!Q7)C~Ladc&k82OJh<ypK6lo||%k$VwA$^QmN
ziNKR6WH#Pl$y+k(pg}Z0*tlSWV{d8FSU^`2)T|-IPg`HWg7AmQ5RV43IY5a5cG~cZ
zt^y^CrWv8hkNngBap+7ODkbZ31EVbLG%l0DW#;kA8Cbki9Z+vJ1AidOyg57mN2xl9
z(`!JEln$?<+fR<FIR0_l95b&^G$)&da_n~yB3+`(Hf<Si9s~=&O5zp-O`eRS)&4{_
z3+7%m@J|Y)?PZ#{I(z8fDTB<prd6EhpW}$YK@mrd0G#hMD@-s@>>_J?`mN<))e<ll
z2j7LQ-U*r!&_~2cUZv3`+8eb#O-L^s-mb`c#YJoQAmKCS&=OhPM}kEs35mw^`}8xr
zxhdgETW%)oGaPV-E}z0RbuW{CdYCyF4+v>YFWR$j6;7-lu|#i}e*ftl`m>F$2P~R$
zHbl2-&`;>f%_-Duu(o5oF#7o8cgir@y3)Tbnrqf)bYz%&RCY36ECGEAl%NaqW=Z(<
znTQ{!!A<XYN2J;XPLRWkCN9ShY`9|74kf$OHrxZ#>7)0jX3!%h`PeC$J1#=EG>{YX
zf7soO!SffH(yI~zflPj>oQCo@t-lf&W_Z92tQ&ZvF0L$8@B-K(#Ts_P^WjPyv0c~-
z^`vN@8u~lK9P`oGLASHezt;*GG*p)HXp+nMY<n~Jf7;N+C5za|tB3Iv%UA-BOb9ZO
zq>@%4K|HK%qF7io#l|7}S_i&*S7nhUsDyo3PDMlyrL`O?WgU7i!5kUL%_&l&#LbkI
zec7`)NhjISeE>!LAyZl@GiVcMQl9)C{q3fOo4?KQB5WK?^6s`oooI@N)<sGsmyK}N
z_4s|wH`2KMOC~PqAi@Re3aOtKoY|u^U)bndioG<T^P`}G_<Gre)>o8jP^LKL3hoE+
zf2>c?7s=!J#GA#Bh7D}hhj=I)B!AA^aDSP$wKz9iHAqj~_0J=vviS8#3ET+ThUMYT
zu+U#iGfvpVV2rZ+^kxq3EvtV|=*j&3jf|iG5|z7<n;l<)g}ubFgQMZ<8Q-MMPZvY$
zZBI4jk1=G4arD5V`gJhJz}|3b>@YE1rCg~eLD;>eYV0^CU4A3-FcXaU4u!CqR>5Hl
zd6qua$)>X~Mo4r8?m$#l&>lrw+J|9rK_+EaV|k5i+CJw&@{6QIb9UcoXT-@`LqPX=
z@2LgNU;N_jmXq4$R9!<jII)5I9nd%BITj)6g1_1}WhcW=qEMJs3>QMHq>S<kii(PY
z-%-sOnFO0cFzb_C%J%N5nv9E`-t9h);MQ+)&))FQk9kAh50C%-^NJ&n#z)m*tUol4
zOv)evKk|gB2*KW`QlQK0(eq<woDGR$EnbM6>?1x%Y5foxeE*GN+gB0nym~A+YzVc9
zU;Eua>iH+B215L3o(BG*_|J$>^?I<$Ih^ZSZyAk`Z(hG^$j>pG>YAN9X-AWrU2TtR
zy?oms@-**ya<3-)vVM0v^AHg&4w5HV!?=1k$Qyxe-u6<-NFj9hq`v|6kt#j{|E{9_
z5mekudG@#+N6?+Y0vt8yEfdyhoD&9CN=ba8bf<ljuZdiZO$)f4Yds6cwDGjIX{p%R
zR_8fh6ATM#RT_XF-@jZgUds`sCQLoY_-@(f)fY3AVm!g<zxv~I8jfT=)EmpC%YEzo
zW@>U>rH|CGFbFw$K|t&85e9*)7!M`NgD<&I4y=aaT$oI`wC|^b5mEAEkDqraetCI@
z-+g*2Xo<5lR;PBwMnSn1%pzOnWL-(ZL&Iw(wL0CAAk_YhgLL`<(V!oE+=6=Cq$Q8}
zEmZ3n?!2)Zfrt;EIlv{tLhb<7ooMUl(oJEccYX#@?z4vb9Fl(L`x=o-4NV0TQlv)f
z_fz9`q{Lo`NhyWhg{gMIl)3%f&fl6e49qG)NS)IJFh~T3otpcK(}T#uIuQPS51t-!
z3wF8b-KGC1rEQC79hVisWmDd*0kueu3I~dvL7>}j>@O;qcE^#3$%N4j3VJzuZ$n;s
z%ZjphD|29+=ZGDyJL3a?L$ek3D}8+cDS|6VooLE%{DIgSYfX3A?K=ZFltvHJTz~oD
zG`L-6cY|6tTYckE3K)(x;F%tbyne&%i3pus>yR1YWX^;>1bc-AB_ESPd00(M2c#!h
zQ?E1L?8xmUSjDM5IPe2HM<726F*gMwG8Cpx(*808RW#Hdz0fRYWP<)+7;AL_d=b@d
zR>CkiFt3y5YSHER+rM5oUi+zEBt$$EFf_3^V&p5e{{1kZ^1)paM(iYxRPCknIPGuq
zMVh#Ym|YQu<8SVpX-77=!cuiq7Q&L(v~EhF{tGM%Au_474&ZX`qAZqOO%j#<g}wJf
zl-ITmnmd1>sI#6crI0s6gy-PogU(m^H|vAak_JK;TY^q>7aM_&(BRmQCRV)If8U`d
z(#A2~)7(WLxgH8sWhf&*$6UF%8e1J?M4emU)3>jx+4)9mDI(yRdj8!bzoeR^@}&&W
z8{XG7N90j6?hg{g$l=u2#ZJW6C8)4)hT4P<7vM62l55*lO4Xwf+gJql&_Zow2(yrW
zWXZ@x%QKs>ISd}n{-$<?o21gW_=k<@XzV#ifw+>$%X!<om6(W=WiV{E&3lk^*m|1;
zoY*I9V{sabSWnOW2`9$6NW*4g1E+#!j1DcziAucBa*1sgzczxcab$iQwNBt_X4e*v
zKgY&sI6TN}N{Ne4lTn8Yz0&)L_*5Zcs0Y&0`nHeW_WY9m^(1EpoN5gQBREUOW#ue3
z88pK%L5RI&hi(|2;2ZfJ3w0B=PVoKza|amWZHkJHNgiL04z$VlG9$==W7yiZb|KLp
zp4c%wOvP_wkpfZJ!q?N}7z~F-#~c%|aRw1<8=Qvn2o(zP=H4*wOc?0JXBqovXxr_V
zaN{+6WvU1raV5TvhPM<aOGMbrB^G4G*(Nxk+4+|reML3C8zLdg;4l@vt=N&B)^J#o
zH`Hc$Ing<`0HpBQKe=(hIVuK*BdEg3cJ|sXZWF}f0Eh-N&Z|wd=dFT2iAz+-q;#Kj
z!ldC!&;uWY0mGi{(@W~|Q)s+eCFqJ|c-bGncuQF0mD0BTt1YBwJ7`Acy<_l8lyGm*
zKnGg?ni|y$;R9ATZVDRuH6<0vZXictn}2cJ9@X8*D;OK>Jktd{Zh)2hlLlbZgOH?E
zBTgBxF*YAQ6uK;4Z)c8hb-)H%|2@<g@}AXUsH-`@9oC-#Ei`>s$Bde$U`^#=GHBGz
zCI0QztR>93kKu{T-Xq#iY*_%N3aL7i5p0W`x3?zBe7W@e>AZ0m@{ftO<%^T3<3sxZ
zH}`TDzmjQywsB6-R0+MQf~477*(IqvA@DkQ4<VsP7f$SH9K%9$(A{Q-?Tt+|3yP)^
z^JvyG6<RH^FVy<-MxJ<KIr@*WE#A0Vs;bDC6@`atWZjSJoO~0Kc;rpU*~*S`JbL$4
zJoYd$a{VLMfgDveq+H8=+izD1?3;-0;H^#0{Z9P}vQ$rya0`Jo@VTKa^j6o&EQvOP
z_mAYMT&-H8yg}OO>)|zsR|RG4lCU62or*MyO^jX->0X$1T2hUkIC#y*XSfYWY%=xE
zjuW;-ifb}QEQVGzFmGhmF`TVaiKE%G)T&KHVj%ohxT-9Bt0&u^O3Ej*luP(^yms7S
zOlW>GUo&d)6`7&g(NG7lSN;LQ>-1?J9heLiODulF<0$vH2Ko!`w9$nZ4=$#<x#T0m
zCs@Us5wit?A_n7jSJ}~O4C^t5e6&{Dn;({p(0`<Z%&ma$Vj?o>O|e<vHMCtLSVYB0
z>AS^G53K{9f1SzpXVlAG{i-8;oMhzcstd1R;i$4q{(g5JYjl;B-E>j5?8o_3$B@{1
z9Ghdc!YH9HjFl@-p35w5K-!5-2onQ;j8y_zS@m$uJA?m??<0ZPQkp~gBl^A5TDG?j
z>`m11Dl_rq8sJN^*ik~>_F590nK<58GJl8t6r#GxLD3K<Uw-0uT_}Cn8iBuFMaj8t
zdL2owtnYX)^y+#&D~Tcr_UAeeg)>dbgo!5<6A>rU08s!-5mi+rT-1Lfs+3qYIZz-)
zcm|_FsVog%T{Z9rP?%EyZ;qYAx9mh~XwX8t`)^^#NczBLsoWkv+A@FW)r~QmOz4k0
zqM-`k>IFKf*~FtfJ;Ql0!<3hRd7HzRMp?qd)03t<XGi72SeXk^&sCm^G-;)h8DL_s
z;>DRo<+@63DwPP$yWrD}@S$~xxJ1zN+vzE@*%OxZUWp`mZKMoZiq^yniF^$sROaAF
ztYBOQ5|TB~pOHCO$@^%13XwMcMp>b&PRk%T_JK;tLaJX7o0i>|ywKDkMc*;ZM<*H1
zmVBrLEaRm?0N;gc37I}}%kW6f;#;<{_DAj0I_bHHJ0#=&$2mVEPn#^?q!Q9ckfgX9
zP%3_Ur~@ifD|Mi#To~j{kJSLz*YfnV$c}jA#Ds2TB?CfxduQiO?diuVsJbd6F_5O{
zDVbIEmL2cxqCxdAp_T89V^8_gWXgj6X;(j%%sQVdXDd?&rdbwHK!s?wP{P+3vB=1w
zo)2c)9&56^${ZZAUh?YU;Mm5&lAI)zv+MfCz%>VL5WGl><^OgrzsQX45!U>7m4B^U
zr;mCfa+_~EI%T@<@@IN{`6B!zT%%-mJ{<6qlSt|Q=U-kmpvrVjv-N5ZKy8YhoSH4$
zZZo+v&13fqqkV06z#%gZXRMnIWcgy^!92-1k!~z2Zm6HOT1^AhO~CP;WQ~^xiB9<S
zQO}K#=_Z3`mrTWMg%8yB3$KfNO~erMTi{F_SW5}U1KpWf6Hzxb87UH-*O{~<$W6EM
zDUZC2!)Vpl-GWv=2j5mEL!`w@pU>4Ur#J9jM?w@ilch`WKCRsASC>?DCfOaa`ep&u
zN&XkzuJDr#I~N-Qe77>Ob?0Qx9avkA#8@Jsw4X~&k<Xj#98$-)+!?p?s$GxY4yMiL
z3|Q8Rt-_nFSTSy=v6m$c`DQQX@gBw!{QoB{6QtkI$pnoS>r3Jd2+civvp;#?43FNl
zS9uG$1$mH#!-K`EWU{f&`wc*dDzcrjB=ktkE^|dimZ$K`6UB50%H80{eo0tsqLmEN
zVAhq+mblRz+x520I3^1vI(e)c40TY9{Y!ODmq}-~m+~^{C@~j3`yP`XT}Lv*LrGMR
z=FOzdYrIH;P^(>kh7>Ks>3+XGUreeR?9=*R1cn=Kg5t(3cqwX4F0mG998NYSJYNK~
zn!zPCoRa<Gju&Ep>ecBNzCtRzy8K-^sZR}uw}W|XmlCUlpf=V}11|M3J|<r_y2nYl
zF#I19=Xn=bRU*ciwV{2zIyKoF^k?Ir96ZM69regSI@1TBYZYSAiOt|hMbHUM$#}*{
zi5ydjy-9!?%Ut7~9*b$<n^}`{hM=+6$Xx*uKqcymoUPuVwB$Wlb-S`K$seLPI&oC+
z7tMV`UR;OIYZ#4}db`rnenf9JWxzQL+w!$|9Es!$k^~(b;h<?JK?(9<bF*Dvo10x%
z5e7k_Q%Kio1_VXIO;LSKiw8KWOqy-xiWHD)KatK#(vD^vmkUDkZ_tU&x^ey>&SfE`
z*&G!j*JH{+vfw2?oAdT9(|YaOUYERd`gXo<G*KtQ-$nL56109I8T;o*{~}6h-C=Xd
zv>hy>oi}$?I4Twz9=K@=OENOvUu+jtfs7rmT}Pfc`gbFw0>?M_G$M0*YhDffOcykB
zSUeyro(Z$65FVG3E@<;H@a!vt7qH2B6hVoJ__2H<=3lf?<;0P2Q*ExWQ=C%dZ$FmO
z@~j^uP4GIH>?F~Uz0p1|7v5S)rSqIg4&-itkqf`#ZdGNsZ~rk<BDGN#prE)(-gOn-
zS?PDSBP1xJzwHOu-T$#~f1~`?oF;6K{OYA$x@hCtL_W70U9fFBtLuOHO|q)0qj1v3
zutBlQkmozn_l>*p$MfSgoo{Mejn_19oQuxL+X}`WXEcb*=12X`_`VjL9XMyel0D{7
zU2&clVO>RzUkHoSrL;#GAnAdNu~H*ZU%~H^n&XFZpJLmpos&nv5$Ir?`ak;-z@v=W
z11=VBE>@YanO6!+`;2-t;7omez=@^Rx&iLv8u(W4zd;>=rqZ)<JudH+zD~LrJO8Z&
z+|whdMzb`rg^nE)dDz(X&;S-Q=E{5pA0|DU2qOnHe|WIRsv-Y#(bsKfFwn$NpnNhK
zD3`~DK+US6m2C?dgHrRFW(MsmH-hH8wHV;wI4D6RSw3MW(b9PS0EvD9Gg@<@7e8RR
zWf0j9zwMZyG)=0S=&TQRqALUC=-DKE!9!0W>O;q}7tY#RowJqfzsqj+eb#%PvYZE*
z@vCHaR4TT%LW)K${^f^GA{f6|vdnLIFD6Q@{;SIb{2JW{?nTNM_9~O^jW8ezEo~v-
zq$ORU$H?>Gswm;)uhT*wJFL0U5brTnl4;poes2Rx<JnTRNB1stP5TG0wpKQXF{}a^
ze4bJ85FK~?MT>UQ*};>2o+swK-xXFGWH7|Yvj5j+X2zTGhw!g@4>Jt#o<r&6(k_l)
zXoE#wIU@$|(GRkoziN8IIibVUi5Kt#aaq1Ko%tGhc2**NXH0iLIIR|{D&UO?<Z}Iu
zs%yd<4y;<_ovSh}T7%ZDs@l2M<oe<KH$hcktcro`V;87tR!KeAic6e?mK@jy9}geC
zJRo&V`JPB3b=wB;8C7Rvag`qaq8}lPlhjM1)zp-5#H*k8eUXMx=_1zX7}b>uOz@UE
zZA;qQ2x6`(ZJ{R_=Rh<lHh*;rSI)m>B9!5SE2|TG=Nssc!4(zW++6latl&==sNAlf
znZp)cO|xFX&E++jiwoWu$E-B!@v_Pc^!dLSr_a3mvSzs0>t+_cDuXP^349L&*oG+_
zJx1Onro!7kZz7MdE4pcFqtjs+?VtDvB}*y<;Wxstw>x%}K7Y(yR5rRB&@;SN1eOy`
z+o8s4q6>d&4ocSLT$QtVXjXrSBYQyT*C}5g-k&x{R}g)m0u)?-)POVAN?Pj*F-w;N
zAGtt<nmI_aYekJ(^O~Yt-D}X+ED5)OjUiwzSrPhcoMrKZufZi3b(r<=IZ=9jYRy5A
zgTB(U(1w#4B*e-LHx&3kj59Cnu$$*jY(>pdZni+MLW(hq>_C4CvWRXTQ{B4IQZ};t
zfCj7(Xt~%y8XVYU)<nqcs;sCe+H71)uwIb_yh&-s_#jV9b_J+@Tp7S5ro_O+;$(Cq
z*iP=glvO$Xmp4)dJB${3Q*vk^{L(D7onl76G#$!ixiZkRC{-&m3Szm*cz)QB8L<!N
z1ELJYy@|NT`O{O8c%7av<&5Fai4Qmuw3sX=1dWe>JZDS?#t7JK=@^t_oIjpOq7f@w
z;`p`C26J;3jE#E&7UUdR$$7tB83jcabI@LoQb~`h2GVOxeloh*Uh70KJZOXIt#Lsd
zI}m>ETK!y7A{nYF)bd7VjkTqz=nlPo${!xY;d%~37Vem@V5w|a(c-lkrfA7IudAY(
zo*8q*XzqbdOG67Z-QdmrO+FgYE+6(~5IRj9&IpNF;%Vo8f@JzD^SxT`%g-Fs`gkTh
zutYedybNXt1dEgw01vV(#leHm=fo;8&#vHoz$YtPHo;Uf%p_*V5Z9dyg$JREiCNB5
zA<VIbKp%1jhu)NV(HVHAnq7%DFbVQpLeK)ygF_3-3jI$;CIo{+Ir3%GbMf$glWHMb
zHE2u1&4EON5b_O8%Tj_*euDlvY)4XF%#<-NyrYRhD1kClg$RCpZ(3t$2s}Z}C*gd>
zEO^oEVHdHWj%rt9em85-_mr>9sYRDkP5+LAM=L>>TlOCy!8dviR3$H@IkA%SqrL#4
z8vDx+B?7`b^L4S?8>SCWA6Gx3&(Fw~*VjrS@w?Z_*P35<u4lcNKgCfoOTyS+<MMZM
zI&YsXNyB&D$Ft<b#8$1aXzb8YZ8=dqnbCBOXQv(F{R<#1Ed@}7du5V^fyCe0S(I5K
z|M_D_6nJivuk$-3^*fLyBrSaqbzNOLOImb{4MLEg6Rc)<@YyFm@2@>4tSs&07D(zM
z8aU4Z5@MaWMHD<u&kn_f+k{nz=7M00E7J$vEk96{#7cUYU_ONAI7u;&YM&Cr+u=Ae
zY2XL)+kxl;ndJ)K<{Qk0=O6RH(jYo(IkF@PjmOyyK~p&uBN)o&+5>C_iNzTO4t#|f
zl=2Iiop^~f*_>Buw0WVxpstXzI*OxmW(1Z436J9twion_%fJg(1_d5q*Yc#3d{nld
z-I9UUN0XOkID$A?sM%`HC3X@!Sw`y8w&nA;ak)zInSarJ&Vje8IBPZYs>AHd2f`B=
zzgX`{Yd@gzyU-?Nau}u8%*BLSlm}EDH)0J!7l1p4dcINO*vb@s`eqsBqg?7DNEt7>
z-|kGbxW~A6t1fU%xyD<pfy5>^5y;|cHmcJ%ip?&$)kYP}u0JYJ{KV(A`DJ{pE3yt4
zM4ilIClq;rW6|wQE#coE#<94s;WMDS2+A^Ie~|u6gfpy#8Q{Vui5|Gf;a5yW;(sb@
zwJ`7nYOpMf6&<HP_*90;p5bPCK`0g?i8DND9@V&Nq$U}RJ_j;HB686E$qxnIX9#@5
z^G@e%_lmXdR%LB1kWfo&X;CK>8Hp5E6euxzALT1kdd?LTJ7IWO2o1ehJ{q>;*00~!
z3yo>y5#01Qe-M!v&xyCJZ9(CfyG=xyPtJ`|YShOw){!epHxtNc$4`?y@Urm_H>1`z
z^z2KF;odTo(a=dPUlNK}8CKQ*#viT#BTUVyDD4ETA%}MNa(NY9qcCRg2CW;%FzU9b
z`Qf}OTbjCfLZN+%u^tu{=G3;{sQ86gE@*LW9yz1n91stI+B7??%F7(KXjah_0%M<x
zRftMio>70w0uw~z4S2K#R-)Ts+r|rV(f=UjY4RAu;`m}7^e3b&LuKoUR{77?`+abD
z(a%KcmnY=K_NEL{o^^kw&M~4H--%=mLBL8$yGMPB^4VqzN2Z|$y*ll<(b=jN;Ru9M
zmT1ZMGzg!^QcR_#<b(wZP;)Q4N|5D<N=T2N4^v+L7zUm?{)}rzj-f_Ug<G7kED6YE
znpmz2s6m|Vbz`uRqIDzS5MB%|ZI#QTu_&!OuPIh4>J85JW}m%S{w4tpau3Bh+2cu1
zyLR~C>qvZd-@Jw`!eB+Z!73nlPyb?=J~3Y&1TDbY=@ndKmcoIgmLr?LjVeuJGP>qp
zs`eGyyeE0mw<*W*jMK4zfQ(S3AU1)>G>D&MB!ZN&-1BGhLmA~6uRkr)AdrRPXLs1-
zb8xym-<h1uYG;{If(;SVC+bA=la(lhQLvP;;vvPsV~E?_X`jF;O4qZnQM^$UyMVDg
z7ae8Ih8C+AN>7@HLbi!xlaHq6#B~DfhD$Cax~r!r@4H&H%%O0YP-No3YXxj;+naW{
zJmtSD9W(Q7GuA6dspe?Pn*J#0wR0Jh7Fj=v_sW1%MOypm+r?<;jdLDqFs({EGc!~!
z9N5)K>F)8ez&r)?JrSA#@&a2l^f(pyK$rGuny#z%6zK9)ewBy_?DBrd(?)hZNt%J=
zz^^4WD)MkHtAoc~V;BT2i7sg9zOCD6Ez+gvUZTPklb56&U6qU*L(2-}ulpI<bS~}#
zxRl(bptJS2qpiP{Su+#Am#aAKrJB<jHP*Cl*GL@(6hin8GU8QpBebfU5kldvvmf@F
z(aJxIwjP<}KO9OQZamcxE6rWfC-!Pzo>Z!XS^rYQ83bmQzLzP!)w)4f*^(&}n7_KG
z03c8?QdQc;z!FqMf2)MxO_M4in9ZT-L(0j;QeeL})>bzB38xLHt%at5)dlaG7e+s(
z>AXiz&-FY7f0c19!qsLZwaC(>iL)VU#OtIAJNmRAO#SSwpM>!E5l>=t6>ezI*ML}s
zZGOF;(bK&!1R%=ZOpd@P7(jOLI{NDtx`ENh<`35g$@+)bZq_-uOAoyhN`5}WikFcT
zhnc0;p#I2~1wrr913&d&GE}WVc8(Sw>wqUSu4gG0|C(Yn;@*TI;9F*{pW!DvA%#|E
z8Cz9z+zhlfA_}_0@7SnCg<qe4A2BAluk?$4unz+f0%I$WBFY+UV{uL!qFzf+s5uJZ
zXe|pSRhQ}ztv4jZZ>6xF!+qB3n$ypPypaL;e|{zyvFx*a$Kb>1g5n-WDa`yB;gL<7
z6StQ}cPUw*DSsrE=m*qW(7p)iGRJU+(GMRLN!Nwj_g)Zh?JV$VJ}p03ACgN*oj7J5
zBYojC@=|y}3_cvQoErfwactWc6*g^*giL3!&b)#Q!XhyCVA4^qeSq$t4I)^sKJ1;1
zC4N@1Xd?e*ME_1d`*#l+b`wtCo&gJ(q8M^^E|P=MH4n84Fb*u5ed}b6=0U(;EDbp)
z^P`+cR+Zf{k*0uiHnPgHni7>G$q=^^rXT+~H#JT{Q~q<Fpjghj;4J1VCJZLr0|ZrS
z^Mdq5j`t*&<ciFBp-(Gni&=WmJ6&N~r0vb!uJM1xk+%9GkkcwNr(EzG&Zp!n;Z~WA
zz3gv$+;MQbgj_t1rjFjMKT}?qHqc*yXKFMO%8NxvB|fkIL+?`bpN+QRxlOp)-B_UG
z&n+HVq-^3E8rIGqm^6_Ulo!k{sSrDfB!`ocP_bxpo>C{TlwCzWuQgW-8S4M*NTTEr
zaT`Y=a!jhHTVn1OGkuXyR_IUWRF(nnuiNskz$zj!Bs7!M(?6Q0`a}>Y!4N}@9hg@Q
zWPxXd#T}1_x1s4b?k*Y`mTD=H)T3V;MdCg1a;MACU;odjaHt{IfJK<$H}$H|D8k}3
zA-`O%5$BH+y@R*kl1ZLwvdS17mdTd)IfZ0;dIg{m7p*hu4bPiL?@a;_>aSnxDn?pr
z5|IVfBMZz(Pn_o!Z10Wgm_8SLU6S~ww0m>ET0TG}Di|*Es|LI)lR^JPh%+88%5lX?
zCL3k%mf}<#N1R!bUGCpgo}M;Vi@yjb6qH%dLW712_cHCbSK19Cu>eI+erErHh-O-H
zG^XT_)Pj|m=zE=gEsZy>Kp6#==aSJ3aFyH%jm-~nl@tkt*#ljYXjmw=k@SR04BgTU
zy&ZggKYC^cIr-hxZ$_A|^OyBi>GAd2ThZXS$6yAwshKJEcH~NWWYl$}*RZEF%p!4O
z6k|tsWrOX#mFZn4DbHooDZkrb00sQ%{f~wox^)j<U5}RarXEcx0w#HYKPkYCpYy&`
zGZ(v5$zxBIT%R6<uxHQ+&2Wzy;le%Dhliuu=)lbh0?t|MhE)(J2{*=YN4*idnz_a+
z>(PRYv0yB&kX3Fk0)l2z=?#x*m~FXEGfqXoN?@|qa^2Ng$%=Rhy1@K2>B#_6Sf~uG
zv?Wpzy38r~U4*S;-jD#v$nbg<Rtbc~DQ=g!tWh+{!GHILnc)LiLHcidBy2{3r4|AD
zSkH*Rwx6~sqM)nkjh3O7ZF9<tXbnamdy5c!GvaohyUa~me<uT<QJ(VbOY2Pn>~)Ds
z-V1jS38MSa$3U!PWOv>AG!KB-3!SVD2~@J&Hm$GJ606ezHEt5R!^dP*Sue2R5LlI2
z1-LyCs3tiKBP~1~b7XB;$r2_FqN=cl0N%;V9|aaY?B|!eYOM0-ZbpIf8n<-@TIxp9
z^7c-33NeU<43x4ZFdk1!;pIA|A}N-~J>BmGIIg$RP_gtk#`@VJN5h?>C0I{^b3N~1
zL}T7Y_*AY`dvMB{*^gQSaJ{(MhhL$y<HdkWH=PZz`&$MmaB*bp6lSmHM@1Pa<3sFw
zWmVIU(%9)RfMArfz~b%`X|y<TEMt{abr1o1Cj9><$292A*UFozBZM3~(;sZPVTPX`
z;ztmP1_t8Lp6k=iJq^y+;yra(H3?$I`wt!P&D$Rqaw9m~zrI7yN>tnfofCm)94zL<
z{8-Whkl46_vzx--yXbF#KUFaL+AsF%slVT0W>T-qm6{TrH%TU1R#Dz#&sIqI^kc9q
zw;ri=0GpQBmuLj!F)rno96#NBMH7K1mIV&TBdM=`PwA8(&&;y*v!;cQ2^g}>|7IK&
z57obBP%K%COCx4G=d{oLt^#C||MTFtmskAJG=zLftXu-gq5R2!)-dyNzsq;AhpJ*K
ztAu{Ph1kAg!;d3$9)mK%N>LoaJ6GW~tMF$LmgWBjvKBQoRUp>PGL|Yg#ahkBU^EbI
zCN=B-|3LY1ADW^>m0j6H>nhiv@Dh%uM4VmO^uIyU<p`1rQ0Bi@dYWqx^fhV+t}X2o
z9ZpU|8xV&ZzAFBh*QHH?<c}6~rR3%r-$tX9D9sk|@byYuyNv^nNtD^LJRc$d=w!<M
zABprsSMdL&ci{g@<R3ZO|ECkM`aj)<`~Rz3<PgM8>Y7_l5?Qaz;Qx~5a&@|NyX?l;
zPWS{aMqby)>DCc<GrZ4r!K^`=Sdx=auy7<1B!flpF$rj7ND?+{(s>pg25VM8%gPd{
z`i70!YNM^ddIOqTtT0OkHEjp@<;h0ZO4uM;keT|rp-APLsivz)9fl6|zTY{|<3`r2
zp2t(8iifGA!(nH(*QDE|&z9Gt;4Rep%U|4mZ@RU#qedH3g)#NR|G8wRR*hT!yYb=O
zXDa<S6$YMiDixs38S<}fM#OQ=oRb_UD!i~sLQu=5$>#S{z1Os6_P4%Hl<$e#142Zt
zoR|#2%+LVsMg}7bni>hQ{pP8=FrVA45RMiq8$yvnSL*tL1$I(QfS%M(yfP@iS1AWP
z2lIKKPNAM=3+>*#(-?K6gtfuQnxk1THy7?{9n%Sd!kIXmuYZMOhTWt37B?yU#B7r?
z=G^ACYZRx!PSFSS6<Q7I=~y9{F;BCg()qh1|MmxG)se;-wTan-+!kZ|ro_g>NzhE#
z@p9cd3|MUYhbKhOR>}1xDRPICg~677VMF>KM{yOwwG8jd7oE(Rq;LFL?168HD!j6u
z)d2J5o;$D6xnA0_@ZFBP_J%DqW3f8XN|uy@{jn%Mm#`VpCJ@E4D1=!QIe1d?Yy(Xc
z^!Zww#2ur07i<<=5|fSP_Bw?qoU{lGBg;fMyhdq<vlR<b)xHAU1%un!3%A~H)8&(Q
z>l2A=R4Z6;84N?>%8R+{`C(sL!izbn-3vm$vn0B+f&fsN`3e9f{dyAlRtYQ)7R&;f
zo*r*1v&TM6$SXV;|8_Its9kt?6T)TK)NxUS7*1tdO>{+`#NYijV*`DvbsCLSv@;ES
zH;(!Dz+Rc`LkCBnZ4O6IIJ}Ij(-iK0oG7sxy3yt99q~GzzL(svlWZs2^>>VrPdQPH
zpw8bvR!qC&;aIhf*u`*>;K?rINRW6-(G<<#iDN{W6j1z+D--bGVOxfI!Jd?*GG<lW
z(^R`*tJ<L47Ql-B1|d1|@^8MmaOaeuLXJ+C#nqe0Pg<&~C1x8*^f@1Rp5MoC@mOEP
z^cg*Bdjc>@HGRC=q%kZm^;YZa#SvWfyxZylM?9sygkg0xe-)JN$i~3j4=>q5^3lW_
zeKCy?#k?>FCGd`ycvAk$(@B1A?dg~tl1$5R1!P?();c;9SYAsr{G;+cQT<F(_#7X}
z4NhwIO<|q(q-9|RInTgX;baxazU{I9#gFY<{uz$TBM<|+dwxp!MqFA9S10H%wZV1Q
zq|v&k1kzmD*cfn%s=@9K&PSuxa(L0@V{qz3>l-icPs#uf4>R)!KaO&u-5@<9+Qyv2
zgSmcVgp&RhF-Lx9Fr;BoSG%pcxS#E*M)5{$Z{6oiIA)0^`2@ahw9T$?)zep6<8@sN
znFvBk8>g@0XERfv;dVO*95Bl7SXK=9|5Ku%R?vlcUbP+!ABR<d%B839m&7d9?5vTr
zl6Iu6hb)DJaByx+b(J?l#I<4i=?PcSQS0mS!^vaSM}tJHkY8pVBfCQOPAQRyZuEg*
zyxcyN$@V$&w05^~+m7&!r72r32S3~G7ak_I;MNK+Mp%LmggXafHrBdrkbR~H?^)Q(
zyW376m>6X`x9tPsM28o9NPb&|y<*Vh|BxTP&W`MwosXwnC$;YCxBRwUUIQMF@s0~s
zhMr9cE`1N-j~Lsn*x)W&h%1}OK~Y+-(!IdT4LCYMTgSTKNuLwG#SnV9B^0$o^I-&d
zEB_4%Tdej+$XUsazv3nMegSFWg}`zr!-Z`38hLMM_dx=fr$EHXl+Cl~p&_<g4p%-7
zZpKHaMg3<|0@%&}>DwluAB{H~tZkx<-hN;&4CCl5*aJQc2qi7WNiE_EbCV{|Mw%gm
zU7(B4SKd`!FkvTDi?}!5)_zC(qda#I8p9I+@`^e~n(dK-F%=;)_Ij+JIAnVYBo#AE
zNAEvV=szD{AkJY6Lx)#1qa`-2sL7jZM=%W?9RDQ>&TH~rjkqF_X4+h>?2S;6q0mfD
z^sL&_!jNx%G<!BpDNFYj;o40H(N92qadq^6+U>MnaAQ=w%3-sXl8aH5+3HF9b5pfq
z`C~s?RAg5YSprv)0CvY*>~1o<h!^TCqo{1gnz^cIdG(@INlq+}H~T*tC_kqutFX9V
zvf{J~C&B?6!kAG_Up-bfGp`fY5}TxW{DO@(Usc1JV@`5tyr-01`o{mjt(<|HkmKZN
zPpU5gci-K6ML9bWzRd!QgbeviG<xGtQr=F74l3qpF$RvyKc%=-V%bslCqHk1ag^bp
z-9#_WX=0ms6hwJl>@y6xaU!E9r=hAU!;bt7L&#uJloz7o;bTLQ@hOT*7iQmj=<}S*
z8JH^4bM=<Yo+eDEgI8@tZ^NZR8Icd-R7dTIY|H24n>LI<x}#}9=<$rG)g=oswC$lk
zF_+nA>55#zrwlHaIVwK?_g})Rp;Gqjc}(SeJz3?Xs4&({VfvzRl&J?ISrJ82m~9yD
z>~4Nb<zVqXQd#AuU}T(q?SE<7JEU>So$qEyF5}p|!AiOZ%uKV{J9q|X2bSTwfkBzp
zq@9pkm!7bCcfIRk{sSE0^%U1zxsv*Ssptc7=_tObJsm;QyfBLU=(xs`m9BukN|8_5
zDia)iupL;<!BQSR3QNN5_)kd^0foYp)(=bT>TlV(JjUiPiS7yqG^P9VU>Z)u3~nGf
zJfmNSh;oc(4-Dc>)wXKuuyG=r%n$~OT>B|)nB1$>&&LFm%^LaVf6XBk55vOp;n-8V
z>~ICg?cJg8EbAoN-fZZs=`1NYH3}ehhPQ!Ln*2A@%HG&rjQc`)(xNoq7iQoiaZ+Si
zGzvHwmCjc<&A1_3Yk-f;*XT~KcR)C3pG75L<ma%-&XG_j3?eA9VhLU_Z(n<)+`;mg
zWh4W2Usc#)VPV}^1^eTj3ONVJF#~7zW_=;_37yG|CP@REL^RYywzZOcrNao-pkjnj
z!RGAoBi1?pTXaA2eC{4MM^rqu_%qCX2Z*+SRTMV*?Pl0wq+C?_gR4PUhqOhg%0Xdj
z4-<^(Cmu}eL*Iy)J}!n@4d$O|yYcKqIfsgU;AFW!N<}3>YWD6m0WWRX51~AhcsY-c
zMZP`DQqzpvRmFOpWF~^ljzWxa*@(`&NY$)-{hv)RI(nzPk-Mo451`P@ZA#P|fP&@t
z)DqqQR_11mtPm=ESM~X`jTKE3+#*^Gp#Y^+09xTH<mOWVos+tPh3?5;q-$f`vIIkI
zS5+8x!KHhdOkhKXSi+fAo-RD?L6m%7^`&LII8Bp(=t6@2O(uNAU{E$fQAJNn=?Nk2
zu!M|3uj$+C2C-FO$2ckZ<Sp&pHJ>7FK_C;2m19OdMvPe^Yl;wp5*t!ch-YkD&-ho1
zoI$$7#aIZ&^zJ6!%H*Mli>CcaOPqULQHg^k@gW?ykRae@*v7Pgex5B&-!puyro;E5
zY&Jon-MYCOT?u`(BMS?~j|v=NWq~uFdkSaO%D=@dMP3g^v}IxWy7g)Ic^Y6xu13EJ
zQe!HY>%j;7gWQ(FocLV?%oPxptEmq0?EvU$c^&wU+C?xIm$A~h7kXzIycIepNR_u_
zgWyon(Q5ODq@muYEd-&I^w)hdKjn+uAzpj8DyF@x(J~4M9iIpkp0n6r<rJln7wzqS
z<~jvo7uM}j-{?eDqZGcoymI?Ab#*~4=h-*F%3S@!iY!CJk)I(-WF_03hb$NzkF4PM
zBLR27B1HpB0am#~-e2@<yuIe_sop^r<<^6|RYv#y&rotz&ENWi`60nA$I9Bb0nCMq
z7TD^v=8`rhZ&G@JdTq{MNTn8)_^-=H+C=Mcem^Dd5q^BruetbreU7djG0y*vxZ}1p
zSh3;z;<?AVCZgUvhF^2R?Nis)>l&Y8Yx*8SSX#4b&t6MtY-+vi9=BG05!BwEc7Z~-
zwyE}!zIs(w>9rhNTYsThyfMG|@#yNaw|o)$E^=r<r|sa^cVYawRJgWu$%X<Et1sa4
zI)efz+<qvp9KsEU#I{@K@w}M75J8meDYuroT5tV-0!s$8`2b*lj!_VXVlV&){;gCT
zRM1Tn1Q!QKhtA?Eb{5=TPf#3s1Xo4G3-lfidV($$x_As}9kR4M(@sjhA++R${GmUm
zlu}A5rIb?J<dM=3NYdx0*r;#=;MlEb8vb@Lrp6rXNT$^Z^3}r=5EO+hLL=SHL-s7<
zE9K8Z!>u~97`Wc|aHmuv!iaz7SWsgge3Egn&R07)Tuf1jRb-a#<{^6)!Iko7oP}F*
z5qbk6nqWmGVs}aGMvZ0X*-M<z&sTfsQ&B89vtTz5S+jh3WxLKZ&cZFZH|bW`8dniT
z2kxhrx0_{6w@?#haX$rE!GtV{(qKplA+3qERN6?I)uKd#F+f{zLz+@bKrv|xEeNFq
z0zt(FtgTX@2oO<`Sp29#NXmQk?a%PuJIvV~p1^}%;B{y2x%ZqiZ+2%2q}o+{-TtWb
zC#HIX==*PsDX%Wh1+-PDE`@aB(CyWb9u38&x^%`R3`0Y@eng-%+w^(-@IKLNR)kF*
zGRD=RNTR%)`<QZz1|4iTYKL{Rt3->Rl*X$|8@IltFJ|Pi=u_WzBTutdTTz@j6Px<>
zRukMQ8@8y;1k?ixEt2%P0fzVT^6{HB+G;v)8DLlftHq^IZ5iWC8_#_|>+)Xd>fMlc
z;(Cqf=lgW3+Cz`tctK_Z>NE{H>Jp|pMqk|xi@gdByYsc&=n}0Z+(%R2(W`~Lt3#2*
zdO)S$L#m*I&Vt&*3g+r9qUoeTgFTe{V@Mw!^`IMhn)SsvQR~5k?4`*B+$kH@C`@oT
z^?*W)WPNUc;oVkIw{?*Th9yufNTJ#;w8;{Et#hP)hb|j48~$`KLQ{uLKA1PNdX#k<
z(+KCy2%UF{`eT9G$<iUi1&p~<9Jd`$X<O8x8wU@jo7}e5!Ke1HjNw-IXhNv-!7*d_
z;ZwIpo@NavO8(`{#DU{BDH~eUZUU|Wg%$~)8(?^Ew~-Zw)fX*kiFTp0z0=%b_i;Vw
zk7ZX)C&SdK*8x2~>Q8o_{c?l4O<%FsCHO0FZD;3$pxX@V^{hd(@nW=ppxbSrX-xTP
zf;x2L;6X(&575D<-fqX{Yio&&E(^7;I6r*q*2vQ=0a1JgYZq|GDH~b@6C7|2D6~lU
z+yKKnr(q)l%wK&q;8Lj836t@i+I{)(hYKStSUg|)ZJ|`qi&y<|X*}8{jd!DS15KBh
zB^$@01$&gwg+zmiwP3$wtvXkvvkQ}nV$easpaxc=p}#dNmRc{}{P3w;qjt?w3{is9
z47h<swG=tLr@rE#(4uLd8&<hD(y);ch9!tu3sR6cArl#+&%XZhn5@<-+IyZiOUxIq
zQlY%OmUPhZm-cxT#+eQY-az}idr$wqP#wDz^V$Dr63xj$q4jJ&diFBvP-M@R{#Y^S
zpeh{oAg~f0Jge?>pG_4^#1EeuBTuswLsYekDWh|x0=UyQqzEP?oci}16k0UxbHl3h
z?pe+V!|JPnl*A{(m@!7^EVqp0py&{)@-kH#;Zb?Z(@DN2vu}y6{$!TAk(gyT^Og#B
z`wr8ag5jhwiW#8?s6&y>o^3Kmu@@a=7StDkwX+j?01LIg5PA627<rl{AWFX#E8GR#
zX&YSRnSg6Rp+(a^H>^7Ep5=@%tiBpZNqnCfvqrQ)xzWwjG|=Qqn)&cF$z9^S{JzWk
zygtOc>)O{ulgSEIT!PtXW3x-|6&0188+vC6-}sqN!(1=wP-M3dZT;KB^3g#8)WF)=
zE*kxj=p)0_dYh7mPmPhMIW}#g^0gBeSEUQMQ#P~+CM2BtIR}Ln4WAoUop;YhMi^FK
z4WuLrW2V5#Q9LPo<;s`*X(l$q#a?lxckao*-sZ`F`1gxXUL*vn|I-_`hu2&{L?`X-
z;)?wF-w_kJIuuFtP2CKb;{Y8rKn<*o&lvkFyJPAOG06{~8Y5q`n1QJ19_!f*I$PXn
z8(P$60_wLN6k0TVZdi5RErEhF!?60Q#idZKjM*dF-HnZnJ^Kk!-{<kZKj}dMY#Y{h
z_jqAYm!^yT4*tl;W}yCG%@Ab~2Yx@l8bvUXR*%|rHNf!x9586{r~hj=4haAN000F2
ne{FFFBpv_&000000000$(4un~up*x$00000NkvXXu0mjfxSuby

literal 0
HcmV?d00001

diff --git a/experimental/images/ipvlan-l3.svg b/experimental/images/ipvlan-l3.svg
new file mode 100644
index 00000000..6ed14308
--- /dev/null
+++ b/experimental/images/ipvlan-l3.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="467" height="441.5"><style xmlns="http://www.w3.org/1999/xhtml"></style><defs/><g transform="translate(0,0)"><g><rect fill="#FFFFFF" stroke="none" x="0" y="0" width="467" height="441.5"/></g><g transform="translate(0,0) matrix(1,0,0,1,12,200)"><g><g transform="translate(0,0) scale(4.340000000000001,1.97)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.23041474654377878,0.5076142131979695)"><path fill="#c5e4fc" stroke="none" d="M 10 0 L 424.00000000000006 0 Q 434.00000000000006 0 434.00000000000006 10 L 434.00000000000006 187 Q 434.00000000000006 197 424.00000000000006 197 L 10 197 Q 0 197 0 187 L 0 10 Q 0 0 10 0 Z" opacity="0.93"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 424.00000000000006 0 Q 434.00000000000006 0 434.00000000000006 10 L 434.00000000000006 187 Q 434.00000000000006 197 424.00000000000006 197 L 10 197 Q 0 197 0 187 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" stroke-width="2" opacity="0.93"/></g></g></g></g></g><g transform="matrix(1,0,0,1,265.8711037056154,215.5)"><g transform="translate(0,0)"><g transform="translate(-275,-8.93295288085936) translate(9.128896294384617,-206.56704711914062) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#000000" d="M 357 304.5 L 270.3711037056154 220" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,76.5,215.5)"><g transform="translate(0,0)"><g transform="translate(-285,-18.93295288085936) translate(208.5,-196.56704711914062) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#000000" d="M 81 304.5 L 184.62889629438467 220" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,10,204)"><g transform="translate(18,0) matrix(1,0,0,1,0,0) translate(-18,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="113" height="16" fill-opacity="0"/></g></g><g transform="translate(18,0) matrix(1,0,0,1,0,0) translate(-18,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="113" height="16" fill-opacity="0"/></g></g><g transform="translate(18,0) matrix(1,0,0,1,0,0) translate(-18,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="18" y="0" width="79" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="18" y="14">Docker</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="66" y="14">Host</text></g></g><g transform="matrix(1,0,0,1,223,77.46151194852928)"><g transform="translate(0,0)"><g transform="translate(-10,-28.93295288085936) translate(-213,-48.52855906766992) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#000000" d="M 227.5 196 L 229.11774189711457 81.96151194852928" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,57.51435447730654,10.461511948529278)"><g><g transform="translate(0,0) scale(3.4320505881432197,2.464785030240155) translate(0.00001348378,-0.001498589)"><g><g><path fill="#FFFFFF" stroke="#434343" d="M 33.84 5.912 C 16.263 2.403 6.986 11.405 8.451 19.186 L 8.57 19.61 C -5.128 21.942 -1.537 38.106 5.033 38.106 L 5.679 38.085 C 4.026 45.68 20.032 53.41 28.958 49.548 L 29.531 48.92 C 32.713 55.752 44.02 56.893 55.201 57.177 C 64.89 57.425 70.546 56.658 74.702 52.411 L 75.341 52.599 C 90.852 53.845 97.915 43.133 94.526 35.442 L 95.36 35.207 C 100.648 33.808 101.258 21.602 92.187 19.797 L 92.361 19.325 C 96.299 11.385 87.011 3.896 74.124 5.303 L 73.23 4.837 C 64.003 -3.517 37.449 -2.157 34.373 6.108 L 33.84 5.912 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,108,55)"><g transform="translate(146,210) matrix(1,0,0,1,0,0) translate(-146,-210)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="259" height="75" fill-opacity="0"/></g></g><g transform="translate(146,210) matrix(1,0,0,1,0,0) translate(-146,-210)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="259" height="45" fill-opacity="0"/></g></g><g transform="translate(146,210) matrix(1,0,0,1,0,0) translate(-146,-210)"><g><rect fill="rgb(0,0,0)" stroke="none" x="29" y="0" width="231" height="45" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="29" y="13">Unless</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="73" y="13">notified</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="118" y="13">about</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="154" y="13">the</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="176" y="13">container</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="14" y="28">networks</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="66" y="28">,</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="73" y="28">the</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="95" y="28">physical</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="146" y="28">network</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="195" y="28">does</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="227" y="28">not</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="47" y="43">have</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="79" y="43">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="90" y="43">route</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="123" y="43">to</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="137" y="43">their</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="166" y="43">subnets</text></g><g transform="translate(146,210) matrix(1,0,0,1,0,0) translate(-146,-210)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="45" width="259" height="15" fill-opacity="0"/></g></g><g transform="translate(146,210) matrix(1,0,0,1,0,0) translate(-146,-210)"><g><rect fill="rgb(0,0,0)" stroke="none" x="57" y="45" width="147" height="15" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="57" y="58">Who</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="89" y="58">has</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="115" y="58">10</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="129" y="58">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="133" y="58">16</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="147" y="58">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="151" y="58">20</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="165" y="58">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="169" y="58">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="176" y="58">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="180" y="58">24</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="194" y="58">?</text></g><g transform="translate(146,210) matrix(1,0,0,1,0,0) translate(-146,-210)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="60" width="259" height="15" fill-opacity="0"/></g></g><g transform="translate(146,210) matrix(1,0,0,1,0,0) translate(-146,-210)"><g><rect fill="rgb(0,0,0)" stroke="none" x="60" y="60" width="139" height="15" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="60" y="73">Who</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="92" y="73">has</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="118" y="73">10</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="133" y="73">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="136" y="73">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="144" y="73">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="147" y="73">20</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="162" y="73">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="165" y="73">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="172" y="73">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="176" y="73">24</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="191" y="73">?</text></g></g><g transform="matrix(1,0,0,1,9,404)"><g transform="translate(4,0) matrix(1,0,0,1,0,0) translate(-4,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="439" height="18" fill-opacity="0"/></g></g><g transform="translate(4,0) matrix(1,0,0,1,0,0) translate(-4,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="439" height="18" fill-opacity="0"/></g></g><g transform="translate(4,0) matrix(1,0,0,1,0,0) translate(-4,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="4" y="0" width="431" height="17" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="4" y="15">Containers</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="86" y="15">can</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="116" y="15">be</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="139" y="15">on</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="161" y="15">different</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="223" y="15">subnets</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="284" y="15">and</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="315" y="15">reach</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="359" y="15">each</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="398" y="15">other</text></g></g><g transform="matrix(1,0,0,1,108,253)"><g transform="translate(153,0) matrix(1,0,0,1,0,0) translate(-153,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="235" height="22" fill-opacity="0"/></g></g><g transform="translate(153,0) matrix(1,0,0,1,0,0) translate(-153,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="235" height="22" fill-opacity="0"/></g></g><g transform="translate(153,0) matrix(1,0,0,1,0,0) translate(-153,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="42" y="0" width="70" height="22" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="20px" font-style="normal" font-weight="bold" text-decoration="" line-height="22.75px" x="48" y="19">Ipvlan</text></g><g transform="translate(153,0) matrix(1,0,0,1,0,0) translate(-153,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="111" y="0" width="82" height="22" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="20px" font-style="normal" font-weight="bold" text-decoration="" line-height="22.75px" x="111" y="19">L3</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="20px" font-style="normal" font-weight="bold" text-decoration="" line-height="22.75px" x="140" y="19">Mode</text></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,124,172)"><g transform="translate(4,4) scale(1.002415458937198,1.0104166666666667)"><g><g transform="translate(0,0) scale(2.07,0.48)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.48309178743961356,2.0833333333333335)"><path fill="#000000" stroke="none" d="M 10 0 L 196.99999999999997 0 Q 206.99999999999997 0 206.99999999999997 10 L 206.99999999999997 38 Q 206.99999999999997 48 196.99999999999997 48 L 10 48 Q 0 48 0 38 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 196.99999999999997 0 Q 206.99999999999997 0 206.99999999999997 10 L 206.99999999999997 38 Q 206.99999999999997 48 196.99999999999997 48 L 10 48 Q 0 48 0 38 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(2.07,0.48)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.48309178743961356,2.0833333333333335)"><path fill="#cccccc" stroke="none" d="M 10 0 L 196.99999999999997 0 Q 206.99999999999997 0 206.99999999999997 10 L 206.99999999999997 38 Q 206.99999999999997 48 196.99999999999997 48 L 10 48 Q 0 48 0 38 L 0 10 Q 0 0 10 0 Z"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 196.99999999999997 0 Q 206.99999999999997 0 206.99999999999997 10 L 206.99999999999997 38 Q 206.99999999999997 48 196.99999999999997 48 L 10 48 Q 0 48 0 38 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10"/></g></g></g></g></g><g transform="matrix(1,0,0,1,136,175)"><g transform="translate(271,112) matrix(1,0,0,1,0,0) translate(-271,-112)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="185" height="42" fill-opacity="0"/></g></g><g transform="translate(271,112) matrix(1,0,0,1,0,0) translate(-271,-112)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="185" height="14" fill-opacity="0"/></g></g><g transform="translate(271,112) matrix(1,0,0,1,0,0) translate(-271,-112)"><g><rect fill="rgb(0,0,0)" stroke="none" x="79" y="0" width="27" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="79" y="12">Eth0</text></g><g transform="translate(271,112) matrix(1,0,0,1,0,0) translate(-271,-112)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="185" height="14" fill-opacity="0"/></g></g><g transform="translate(271,112) matrix(1,0,0,1,0,0) translate(-271,-112)"><g><rect fill="rgb(0,0,0)" stroke="none" x="46" y="14" width="95" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="46" y="26">192</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="66" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="69" y="26">168</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="89" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="92" y="26">50</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="106" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="109" y="26">10</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="122" y="26">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="126" y="26">24</text></g><g transform="translate(271,112) matrix(1,0,0,1,0,0) translate(-271,-112)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="28" width="185" height="14" fill-opacity="0"/></g></g><g transform="translate(271,112) matrix(1,0,0,1,0,0) translate(-271,-112)"><g><rect fill="rgb(0,0,0)" stroke="none" x="3" y="28" width="179" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="3" y="40">Parent</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="42" y="40">interface</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="91" y="40">acts</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="117" y="40">as</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="133" y="40">a</text></g><g transform="translate(271,112) matrix(1,0,0,1,0,0) translate(-271,-112)"><g><rect fill="rgb(0,0,0)" stroke="none" x="143" y="28" width="40" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="143" y="40">Router</text></g></g><g transform="matrix(1,0,0,1,31,358)"><g transform="translate(698,64) matrix(1,0,0,1,0,0) translate(-698,-64)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="388" height="32" fill-opacity="0"/></g></g><g transform="translate(698,64) matrix(1,0,0,1,0,0) translate(-698,-64)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="388" height="16" fill-opacity="0"/></g></g><g transform="translate(698,64) matrix(1,0,0,1,0,0) translate(-698,-64)"><g><rect fill="rgb(0,0,0)" stroke="none" x="30" y="0" width="328" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="30" y="14">All</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="50" y="14">containers</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="118" y="14">can</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="145" y="14">ping</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="175" y="14">each</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="209" y="14">other</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="299" y="14">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="310" y="14">router</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="351" y="14">if</text></g><g transform="translate(698,64) matrix(1,0,0,1,0,0) translate(-698,-64)"><g><rect fill="rgb(0,0,0)" stroke="none" x="245" y="0" width="50" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="245" y="14">without</text></g><g transform="translate(698,64) matrix(1,0,0,1,0,0) translate(-698,-64)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="16" width="388" height="16" fill-opacity="0"/></g></g><g transform="translate(698,64) matrix(1,0,0,1,0,0) translate(-698,-64)"><g><rect fill="rgb(0,0,0)" stroke="none" x="31" y="16" width="328" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="31" y="30">they</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="61" y="30">share</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="100" y="30">the</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="163" y="30">parent</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="206" y="30">interface</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="260" y="30"> (</text></g><g transform="translate(698,64) matrix(1,0,0,1,0,0) translate(-698,-64)"><g><rect fill="rgb(0,0,0)" stroke="none" x="123" y="16" width="36" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="123" y="30">same</text></g><g transform="translate(698,64) matrix(1,0,0,1,0,0) translate(-698,-64)"><g><rect fill="rgb(0,0,0)" stroke="none" x="269" y="16" width="90" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="269" y="30">example</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="326" y="30">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="353" y="30">)</text></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,320,296)"><g><g transform="translate(0,0) scale(1.14,0.57)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.8771929824561404,1.7543859649122808)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 103.99999999999999 0 Q 113.99999999999999 0 113.99999999999999 10 L 113.99999999999999 46.99999999999999 Q 113.99999999999999 56.99999999999999 103.99999999999999 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" opacity="0.97"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 103.99999999999999 0 Q 113.99999999999999 0 113.99999999999999 10 L 113.99999999999999 46.99999999999999 Q 113.99999999999999 56.99999999999999 103.99999999999999 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.97"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,310,286)"><g><g transform="translate(0,0) scale(1.14,0.57)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.8771929824561404,1.7543859649122808)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 103.99999999999999 0 Q 113.99999999999999 0 113.99999999999999 10 L 113.99999999999999 46.99999999999999 Q 113.99999999999999 56.99999999999999 103.99999999999999 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" opacity="0.97"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 103.99999999999999 0 Q 113.99999999999999 0 113.99999999999999 10 L 113.99999999999999 46.99999999999999 Q 113.99999999999999 56.99999999999999 103.99999999999999 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.97"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,300,276)"><g><g transform="translate(0,0) scale(1.14,0.57)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.8771929824561404,1.7543859649122808)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 103.99999999999999 0 Q 113.99999999999999 0 113.99999999999999 10 L 113.99999999999999 46.99999999999999 Q 113.99999999999999 56.99999999999999 103.99999999999999 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" opacity="0.97"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 103.99999999999999 0 Q 113.99999999999999 0 113.99999999999999 10 L 113.99999999999999 46.99999999999999 Q 113.99999999999999 56.99999999999999 103.99999999999999 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.97"/></g></g></g></g></g><g transform="matrix(1,0,0,1,310,283)"><g transform="translate(93,71) matrix(1,0,0,1,0,0) translate(-93,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="94" height="44" fill-opacity="0"/></g></g><g transform="translate(93,71) matrix(1,0,0,1,0,0) translate(-93,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="94" height="14" fill-opacity="0"/></g></g><g transform="translate(93,71) matrix(1,0,0,1,0,0) translate(-93,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="14" y="0" width="67" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="14" y="12">Container</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="66" y="12">(</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="70" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="76" y="12">)</text></g><g transform="translate(93,71) matrix(1,0,0,1,0,0) translate(-93,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="94" height="30" fill-opacity="0"/></g></g><g transform="translate(93,71) matrix(1,0,0,1,0,0) translate(-93,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="34" y="14" width="73" height="30" fill-opacity="0"/></g></g><g transform="translate(93,71) matrix(1,0,0,1,0,0) translate(-93,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="34" y="14" width="73" height="30" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="34" y="27">Eth0</text></g><g transform="translate(93,71) matrix(1,0,0,1,0,0) translate(-93,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="11" y="29" width="73" height="15" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="11" y="42">10</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="26" y="42">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="29" y="42">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="36" y="42">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="40" y="42">20</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="54" y="42">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="58" y="42">x</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="65" y="42">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="69" y="42">24</text></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,44,296)"><g><g transform="translate(0,0) scale(1.14,0.57)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.8771929824561404,1.7543859649122808)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 103.99999999999999 0 Q 113.99999999999999 0 113.99999999999999 10 L 113.99999999999999 46.99999999999999 Q 113.99999999999999 56.99999999999999 103.99999999999999 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" opacity="0.97"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 103.99999999999999 0 Q 113.99999999999999 0 113.99999999999999 10 L 113.99999999999999 46.99999999999999 Q 113.99999999999999 56.99999999999999 103.99999999999999 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.97"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,34,286)"><g><g transform="translate(0,0) scale(1.14,0.57)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.8771929824561404,1.7543859649122808)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 103.99999999999999 0 Q 113.99999999999999 0 113.99999999999999 10 L 113.99999999999999 46.99999999999999 Q 113.99999999999999 56.99999999999999 103.99999999999999 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" opacity="0.97"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 103.99999999999999 0 Q 113.99999999999999 0 113.99999999999999 10 L 113.99999999999999 46.99999999999999 Q 113.99999999999999 56.99999999999999 103.99999999999999 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.97"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,24,276)"><g><g transform="translate(0,0) scale(1.14,0.57)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.8771929824561404,1.7543859649122808)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 103.99999999999999 0 Q 113.99999999999999 0 113.99999999999999 10 L 113.99999999999999 46.99999999999999 Q 113.99999999999999 56.99999999999999 103.99999999999999 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" opacity="0.97"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 103.99999999999999 0 Q 113.99999999999999 0 113.99999999999999 10 L 113.99999999999999 46.99999999999999 Q 113.99999999999999 56.99999999999999 103.99999999999999 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.97"/></g></g></g></g></g><g transform="matrix(1,0,0,1,34,283)"><g transform="translate(85,100) matrix(1,0,0,1,0,0) translate(-85,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="94" height="43" fill-opacity="0"/></g></g><g transform="translate(85,100) matrix(1,0,0,1,0,0) translate(-85,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="94" height="14" fill-opacity="0"/></g></g><g transform="translate(85,100) matrix(1,0,0,1,0,0) translate(-85,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="14" y="0" width="67" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="14" y="12">Container</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="66" y="12">(</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="70" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="76" y="12">)</text></g><g transform="translate(85,100) matrix(1,0,0,1,0,0) translate(-85,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="94" height="15" fill-opacity="0"/></g></g><g transform="translate(85,100) matrix(1,0,0,1,0,0) translate(-85,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="32" y="14" width="31" height="15" fill-opacity="0"/></g></g><g transform="translate(85,100) matrix(1,0,0,1,0,0) translate(-85,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="32" y="14" width="31" height="15" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="32" y="27">Eth0</text></g><g transform="translate(85,100) matrix(1,0,0,1,0,0) translate(-85,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="29" width="94" height="14" fill-opacity="0"/></g></g><g transform="translate(85,100) matrix(1,0,0,1,0,0) translate(-85,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="7" y="29" width="81" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="7" y="41">172</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="27" y="41">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="31" y="41">16</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="44" y="41">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="47" y="41">20</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="61" y="41">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="64" y="41">x</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="71" y="41">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="74" y="41">24</text></g></g><g transform="matrix(1,0,0,1,147,278)"><image width="170" height="60" preserveAspectRatio="none" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAKoAAAA8CAYAAAD2SSHcAAADKElEQVR4Ae3ZPWgTYRzH8SYx4gu4CG5CDAkoOAkdsiYh6GwzqEMHB1FwUREaEU7roE5KwUm6uAihc8krMUtwc3QwAREUqRIXI2he/F0xEGgSr2fvTb6B48Jzz+vn+ee5uycLC3wQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEEAAAQQQQAABBBBAAAEEEAi6QCjoA/BR/wNlGfER3MyuZDKZxXg8/iKZTL5ut9tfZmbkgmWBXC53LBaLVRKJxLtOp/PeckGPMu7zqF1LzQrz5GAweKDM5y0VINNuBVLD4bChhWAzHA4XKpXKm91W4FZ+XwaqAvS4AtTQsSyIQKz6bk2YQ+2cU8CezWazL3W+W6/X2w61Y7taXwWqftlHNZKCAvSazgdsj4qCdgRCo9HoQigUWkqn08+j0ehqqVT6ZKciJ8r4IlC1gh5WcN7QAG/pOOLEQKnTskBUwXq13+8va+F4qnl53Gg0vlku7VDGsEP1Wqo2n8/v1+3mujC2VOC+DoLUkpwrmQ6plZVIJLKlgL2dSqUOutLqjEY82aIwDCPcbDYv6Zd7T/06MaNvO5KFdqpcLr81LwhvtCPDREKtVps7NsrP95ugHH/9aM6XVtp1rbD9caJbZ09XVLcGSTvBF5i76jg9PPPW3+12r+gh/pHa+uutZXJFdbpv/3v95j6qHrk+WxinuXre6fV6a61W64eF/I5k8fRlqlgs/tSo1oS2zsuUI/P7L5X2VNg3L1OeBupYUc+d3/V9Vc+Nz3Qu6GB7aozj/vmX7nBsT81z1wvQV12/qRX2iVZYQ9/Z8J8HtrfXRnpZ8u2Gvy9fprTCflDQXtYz6WnNxcbezge1TREw/0I9U61WL/rxXymzv7649U+B2076sxW1pEeCRSU8nJWPdNsCLQXoiv7jf2W7BgpOFfB0l2Jqj4KbiGVw546eI4AAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCCCAAAIIIIAAAggggAACCGwL/AYbB9txUIt6ngAAAABJRU5ErkJggg==" transform="translate(0,0)"/></g><g transform="matrix(1,0,0,1,169,33)"><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="132" height="32" fill-opacity="0"/></g></g><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="132" height="16" fill-opacity="0"/></g></g><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="8" y="0" width="116" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="8" y="14">Physical</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="69" y="14">Network</text></g></g></g></svg>
\ No newline at end of file
diff --git a/experimental/images/ipvlan_l2_simple.gliffy b/experimental/images/ipvlan_l2_simple.gliffy
new file mode 100644
index 00000000..41b0475d
--- /dev/null
+++ b/experimental/images/ipvlan_l2_simple.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#ffffff","width":323,"height":292,"nodeIndex":211,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":16,"y":21.51999694824218},"max":{"x":323,"y":291.5}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":241.0,"y":36.0,"rotation":0.0,"id":199,"width":73.00000000000003,"height":40.150000000000006,"uid":"com.gliffy.shape.network.network_v4.business.router","order":41,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.router","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":85.0,"y":50.0,"rotation":0.0,"id":150,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":37,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[3.1159999999999997,6.359996948242184],[85.55799999999999,6.359996948242184],[85.55799999999999,62.0],[84.0,62.0]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":22.803646598905374,"y":21.51999694824218,"rotation":0.0,"id":134,"width":64.31235340109463,"height":90.0,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":43,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":87.0,"y":24.199996948242188,"rotation":0.0,"id":187,"width":105.0,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":39,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">eth0 192.168.1.0/24</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":147.0,"y":50.0,"rotation":0.0,"id":196,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":40,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":199,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-82.00001598011289,6.075000000000003],[94.0,6.075000000000003]],"lockSegments":{"1":true},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":220.0,"y":79.19999694824219,"rotation":0.0,"id":207,"width":105.0,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":42,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">Network Router</span></p><p style=\"text-align:center;\"><span style=\"\">192.168.1.1/24</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":27.38636363636374,"y":108.14285409109937,"rotation":0.0,"id":129,"width":262.0,"height":124.0,"uid":"com.gliffy.shape.iphone.iphone_ios7.icons_glyphs.glyph_cloud","order":44,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.iphone.iphone_ios7.icons_glyphs.glyph_cloud","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#929292","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":33.0,"y":157.96785409109907,"rotation":0.0,"id":114,"width":150.0,"height":60.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":16,"lockAspectRatio":false,"lockShape":false,"children":[{"x":44.0,"y":2.9951060358893704,"rotation":0.0,"id":95,"width":62.0,"height":36.17618270799329,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":4,"lockAspectRatio":false,"lockShape":false,"children":[{"x":29.139999999999997,"y":3.2300163132136848,"rotation":0.0,"id":96,"width":3.719999999999998,"height":29.7161500815659,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":13,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":99,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":99,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.8599999999999994,-1.2920065252854727],[1.8599999999999994,31.0081566068514]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":51.46,"y":3.2300163132136848,"rotation":0.0,"id":97,"width":1.2156862745098034,"height":31.008156606851365,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":10,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-1.4193795664340882,-1.292006525285804],[-1.4193795664340882,31.008156606851536]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":9.919999999999993,"y":1.5073409461663854,"rotation":0.0,"id":98,"width":1.239999999999999,"height":31.008156606851365,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":7,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.0393795664339223,0.4306688417619762],[2.0393795664339223,32.73083197389853]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":1.9380097879282103,"rotation":0.0,"id":99,"width":62.0,"height":32.300163132136866,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":2,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":38.326264274062034,"rotation":0.0,"id":112,"width":150.0,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":15,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">container1</span></span></p><p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">192.168.1.2/24</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":124.0,"y":157.96785409109907,"rotation":0.0,"id":115,"width":150.0,"height":58.99999999999999,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":33,"lockAspectRatio":false,"lockShape":false,"children":[{"x":44.0,"y":2.94518760195788,"rotation":0.0,"id":116,"width":62.0,"height":35.573246329526725,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":21,"lockAspectRatio":false,"lockShape":false,"children":[{"x":29.139999999999997,"y":3.1761827079934557,"rotation":0.0,"id":117,"width":3.719999999999998,"height":29.220880913539798,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":30,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":120,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":120,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.8600000000000136,-1.2704730831974018],[1.8600000000000136,30.49135399673719]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":51.46,"y":3.1761827079934557,"rotation":0.0,"id":118,"width":1.2156862745098034,"height":30.49135399673717,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":27,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-1.4193795664340882,-1.2704730831977067],[-1.4193795664340882,30.491353996737335]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":9.919999999999993,"y":1.482218597063612,"rotation":0.0,"id":119,"width":1.239999999999999,"height":30.49135399673717,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":24,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.0393795664339223,0.42349102773260977],[2.0393795664339223,32.185318107666895]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":1.9057096247960732,"rotation":0.0,"id":120,"width":62.0,"height":31.76182707993458,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":19,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":36.36247960848299,"rotation":0.0,"id":121,"width":150.0,"height":30.183360522022674,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":32,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">container2</span></span></p><p style=\"text-align:center;\"><span style=\"\">192.168.1.3/24</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":102.0,"y":130.1999969482422,"rotation":0.0,"id":130,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":34,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">pub_net (eth0)</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":93.0,"y":92.69999694824219,"rotation":0.0,"id":140,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":35,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\"><br /></span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":14.0,"y":114.19999694824219,"rotation":0.0,"id":142,"width":78.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":36,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Docker Host</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":71.0,"y":235.5,"rotation":0.0,"id":184,"width":196.0,"height":56.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":38,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">docker network create -d ipvlan \\</span></p><p style=\"text-align:left;\"><span style=\"\">&nbsp; &nbsp; --subnet&#61;192.168.1.0/24 \\</span></p><p style=\"text-align:left;\"><span style=\"\">&nbsp; &nbsp; --gateway&#61;192.168.1.1 \\</span></p><p style=\"text-align:left;\"><span style=\"\">&nbsp; &nbsp; -o parent&#61;eth0 pub_net</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":45}],"shapeStyles":{},"lineStyles":{"global":{"stroke":"#999999","strokeWidth":6,"orthoMode":1}},"textStyles":{"global":{"bold":true,"face":"Arial","size":"12px","color":"#000000"}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.network.network_v4.home","com.gliffy.libraries.network.network_v4.business","com.gliffy.libraries.network.network_v4.rack","com.gliffy.libraries.network.network_v3.home","com.gliffy.libraries.network.network_v3.business","com.gliffy.libraries.network.network_v3.rack"],"lastSerialized":1457584497063,"analyticsProduct":"Confluence"},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/experimental/images/ipvlan_l2_simple.png b/experimental/images/ipvlan_l2_simple.png
new file mode 100644
index 0000000000000000000000000000000000000000..e489a446ddd255ce9360445f0f895acad31ae214
GIT binary patch
literal 20145
zcmcF}Wm_BX)-MEt1b26e7k77e*Wy;ZSn&jRC|X>LyHhN<TY(mBad$6z`0wXDd++lB
z&I_(9Ozv50-9MX2GEwTPa%do85DW|qnu5HvCJYR$-rFA^65#E~m(o-`7#P*h3epnV
zpO=qwV)StI$cL{mb}$xCS|;uNS|05hZB0+S_|_V0OLSX#TNZdvZc|%+3f%IDW>z@S
ze8i0cV6p4QB~YT4VUhO25)Fd;Y4*<v%@Sc7{)~q5!>1#ZpvVXQxpL@g=es)ECJoB_
zyXF_<{ZZ+Qd~qMX23VTO0}Ci$EJ^VH|K+bA>SiF`)Q`u6!a+qr=091`>~XaCToMYq
z%#PZ)GO53SJ}8O9N}r9aMcoYQQM|NynYTCxUG1+$oqx-f<NJi-b$L@ha6h1}*YmbG
z5)i`(pSvh@IqY-+lsiM*`L#}~z7};G?6hZ32J4cB^vgF~ixykMY?fPq$8%eA+A`}9
zpS0`v;x=lue46@KHRbwBBiR;C@=*-1DGEUQgIWWoAjbAAVuP1?wxjkIzwj=nzgjn&
zGODdorQ2(rX;~T;+x`m!`2LKX@bPGB2pCbbg;R6*>Fj)QU^!q?7qhN(_vcsMC~IKT
z)i*HpeMViZn9ole+tgKap0V#v_U+Fc?`5d5fT!ue0mC!l_V&Quf=75Qy*au+MC7l-
zeCh8?un+IInI*_z|7wZv5M{;bNI>`**5&%Eq!%q41!ycdM<b4Tv-p_4$<r2s?eSoE
zn{T8$QfHoT_V#K$(ASa{Y+FqmHcQ)70f3*U4w8Q8AbH~%`#EcGj?Qe&u>7^OH0GJf
z#?QYSMbkM*`&<<-gdC^9X2vA8C(zKOe-NE(1VgZ#JZJHk3m!Y(6RbSS8hww*G5t`t
zSz6qUA{66ryN~oW1Yk&=qIz5u1wRcy@S@AmY|BSPjXc*BJL9{2X~VRI07TaD;6-ut
zO0EEWC8%$xX;5lmLA}upP)&ZthyU*FAaF+2&rpG)o9xT_1osxTGeRG+9>^thtqc?{
zB|`lf3d;R$sPp%6>)a0*^ngtwg*NIi3KA{J4B||mL4-1puMng1JxKL(fVHc34DX*n
z$GN^|;Y&9sgHA+;==1OdA9bj879%e!v#`T}*Y}NN%|r=!#L|g;Fs26;L82C|Cajit
zRyHwNo;V|V;drzYKZ6;1f-QgFA_$;vTvnDT1l_U}#f@x47rw<B$_x)mGUlcmGxTzx
zoMYFZtYLtSnC!hA+99<ZriM+WP6DL^^pWh&NPKMkR;dBJx=j$evXjQm?b*2I)VMCG
zirYSKLBM4(c%uIE3m2BeLJGr?v=E)815A#ys%E1Cgpol0ouo52HL?s=f0LXzlO4#6
zEx)4v&aGsM8lb+CkTa-~S||fg+Lb*J+P7#hkp)N`0t&ap9y@Xuc)#mIC)uv(NK8iI
z_raUAnn_-gb^R>W^oEo)$P5ogQUi1B(|g0`n?TBSX{|gNu|)%Tz)QCSI{btITmE5X
zNJYEcoVGIdrxZV+3Q!)X3`=`{dEO=?rBf>?%E4V>a6Ko+8Q(Ehs-3|UsW2|LwY<G>
z+ud(#h@OLgnDwq)Eh9VIH_-+@=<j#f4Xat#<(_@xQctlmo}u^VT3`lo!<WNUImPLg
z&X$|)B8S_Tfvy$D9^dM=?RlLU2!l8-WwkO@6uP!a;Qk;r&8`G2pSy?B=wCMUpRewg
zJ2aJdgwH{~t*8P34KM>cg?)vhTqZfZ&O$WOrJU|rz+4cMZ+(EHf1j|RU<p}eM?C4q
zM*1xnX(3(cEgV!JWz(l-TXT6y618(_Y4lJcDmoOb)-{_Eg6JZ5XL?MEOY0Ww)tAuB
zU~R@-PpgNgdTG#DznU&K!HDsRh4jL{*6hxf6%>rYkwMbbK@;q_D?O0qC2uIm({e-I
z8Prm-->~Qq|HP9=?zdH`wQB(L%j2k&?KJRsCxEXwun<bEA)Y!Y?z=ag5ry;qaG_r;
zTr0$4K5Pt<pZG(Xn^ajk$(mz#xGqm`*A<{(&(_;kOuI#%L)xaGP1@_mPBng!$Y+!#
zoKDfWO^DD*^&t)T6B#p9`#HExs@8&ijMOO*S7cN(w71S^zGMmO<^cU!8uBig)Ax?g
zC4~};L3GJc)VJfKJA6*v%}U`{HmjS-F9;r@XF|be!Z5h}P=&?4tn>nL_6PvKP~^+s
z<&JOFVhBJhSqz^b7&WD#NSrR&MVv3O8~oHrJbjrXzJwAg*4_ET`TVUoJ^ikQjL{Xe
z-=sBrf4LS2v3wi0yuHo<a_^m6reVTF5-!1{5;hU_QrN~y#YL6<>6hj_#qMRXfTAOI
ze{9uYtqWbo{thk+^c)|}@Po(6y8YSRB+y{)=V7TaS&R&4*F8cy_%1@N^=(e*U(-$?
z3?!%Y1~uN?g)IV5b{jGs9sc|2dHu1YQm9%BCMlWo<$WExAKkf?I+RS&iUIm{3O#EK
zEu`=PP8HK%HGMLXD;bI+(KWnv)qXt%-ta;fv$<H0rU{@g!3FoP_OfkP;Yj=6UiX$x
zxVRzsh^{wrNkhJ2{Rk|+!>DFD+$YNxdAN<|(kIJaV_WS+13kS|OHuZHDuqsV&rZti
zUC4?bAHu=keS>z6VY;2p2m&XfvjA*E`;9KVeQxFmagN6l(U{T^Yo%hId!GuUa<5a(
zKPX0X@MV%47lw9uad*W|r@m-`{|G#P9W26`izdRAr`AHA*v3j1r5OCgxr`LJ4MT|k
zj4m`@Dz8*9m+owX19@VE>8dLS5daXSA%mqb#i2xcg3%&X(;4rn(=4juVbn(M`Ac!4
zW)IBabKS1NDvIV>*k8^Mm%!{8AWDL|=?UO6&BN0l?&sKhk3f!D>DvWlFBf*=xOF)*
z2@cX7J^$vdnUS?XYe$2n7AXREUHE*A?#iK>f((Gr7@K)8Sa#|VW-K}qpd=1~C)knR
z`5g<zQZK<;zjSBZk6_H-=NKQF#NEdRP)hmxx<Mo&IgMX%F>jXOlRNJ|z{xF1@TC!z
z3@>;Tnqyqf<zq^rcaR}0p|+n(=~iXd(2E?qg-%{_Tfv{0!2QwTCB8kI?vdNeMRHMx
zL4pqdYRy^oJB~ItX-$oG|26a1NrpzljL`=ELx75@Hh0uj(cnOmKC0_7rHeA=rW^XE
z3=#d8eijm?vc_zybQn@B4c+96rXGg0%k_a#X)6^aSJ*WZ?J>8cqhVntIkzbKfy$56
zU2=7{wMW01Y&g5H*3ZL$kUfu!2AeS&)CguhTh@1&?Bh!oabyfQL*4o2(_MPuQ{LV=
zJPhY!>4H5oQ8E(!#5FgBH^4ubK>RqsF8^#&HvQwhRnft(#0Mv?9n|xKCgI1SFH602
z5uNdVl_7?Ly6rHeSt40E+YcE$OtSthv8%?maN&iQ9@Jo=T&gN!Tuh)STa6r4xSm(v
zZwEiOaD42XeYh*Evi6&DpJfo4A7BL@0T{k;5#&_y&{jrgt$F@PXUQait4|7=NGqWr
zZZb|OWde0>UmILF8dqDNsuvVWNPRXVCc0TaU;NbAh~}GnIeY5Pm@JOyWbvbu6|C7u
z?lbg9IfZbu@3RA+h8ZhJ9mrw-S1aGe3|9e!it+SxhjfY>U-<Jry_Ot?B@!SF`$Lie
zjM}+roV7G#iAp9AQD97>eqB(J*|H>+GfIU@R@oDe;$GFfr7B9f*qPUV;w0wJ!K2l4
zL+-mP_AThKY}3b--xlc+*k)zhw$WQgEU5uUKjyQ1Kd}8;K^)zRv3)kIxS;OP3b?tx
zmQV6<2m^^#S5{VbbdZQOdVj0z=?Rka5sm=h@i_5k-)(<~3m55nG1GA}LcpxobsQ|>
za=8E0Q%HQQ|2TNJTadKBAU#bP&g8J1SeO;zrDx*YJ)4dJgkt$qL?98@-V`fywjh{w
zBwX&kEHmfuE3U7qa~8&n!Qh%Dw9+K)S+A)6o+yBMp@6rW_$A!C8>W#jL;TU+zPzjq
zDNOQFuPizy=Hf_ENojn1{6dMDnK_}xcwu3|>HUU{)_VC3;;j8w%gGO1z?Y{$0l~&_
z#K1HFOsEf1jJpA7`&imyiA@azrS|;gHabV5SV#S}5guvgs~@}DeY>p~I%QtZvP@~z
zi)m?8s8Ptx&5e*evkY{V;IT4Y0BDvKB3O|dP>Na#r>>iw`EKA9f-_l0%=^;e(eRZ)
zyg?Ci*ApjlmrH&U^!c&w?r6>i<lj(=(CCJ0UIM=ImlNPnf=r{&lTh9deuv}V(;|16
z)HFLPKv_H-p4nnU<iHhtHxUEyM$jQ;?t=hA6f4Ez%w*Mn(Jq|ln5GVC(13TuEs@xW
z^IKyvf%0MiV0>QBg?awNMRPA-k6>6!2H^gFr}v6~yYXSp(yqS&SKLpp4OR~pXGlE_
zU`GQP#!S18EqK(-@A5PADxELAUL}%+Ly0!))v7)6QH<X>ks2X5SMl8<)Bszh0%V2Z
z;BC0huqcb&C-Py48><`jO2tEQn5Ua}^p!TfrkKnOs_;ngt!<5jejKx-+QQapMFJ&1
zbNSZ2gRsD?gvy><vgN;2gxUkT0zB#&DA9O%c+4-V%F671fflBkPD!{3*IHdD@X^P0
zqbn*aTS==-&~E_WYz@IM{p_YAKT)jmZa=3kLaW|MZ3D~gv4FcyD8Cs=2?;S}E;a{a
z>Ql>J8@#)FoJed*f4y>@Q!s?b`DvIz*}Dkqsuv^8*I@9ZB2<oq;2c`*_d&q-yuK=J
z&8lCmbdBZ8$plnzg*1{GqIBqONasA;2CgmMX#~!&YVBp#@t(MvCSgk{HBb+#T8>T=
zAb$NWB<c^dCE7_bO{SJ7D#FPbya4I$?(XutyS={FhUC9_!@^=ywiGEQ?3JAK4+s~E
zB$f{&iSVp^&B;!)ueH9=n!th$+`pc6(R@>EB-#D-oLX-%JMi{+Ddbu9&1GbyJlxx1
z$YD4LfWX=M*$k>D<E*DLD%2Y;+gjasLDJwWNr#wgBO5#<I@{9%IdGTwhO$1?7|fk-
zHlc<~3F?G-&&pajZOkJs4&U3?CyA&9g9E#mceN#ket)nRBubh~HlUiD*DZiqZ1w@B
zct1(?d3zE<xsgo851h~AgciVTP#?eE*diJ!O2ZaHV`f)ZNo5huL6lWU1zI^Oke^#X
zafsjrARp>`@s>q};wwm3lwVnpv|ublV+h!=f&V0w?V~cLakqc_$8RwGp;IL=-RF=K
z!NAqiqcbuLEf^&a{i{2vkeOq*Tsd*rP{OB)7@odm@@}%w+9)9I;;hmAplO7ENj{QW
z;6DvW0!WT7QknJoaG~6=x;TPafUk#sm3y(?mwQpmWd+_C{^5nDJy*yzUjU%>2h)(~
z*Kh1S4EZoM90XwM<Ex99w}~JvSZQ!2rKPQUrZ6Wyj`#(li!9k>3vL0|ou>rmGG?ET
zgX|!bKwsE4S&$YCY^UATu&W*qP#s6+)a0KT9yMSfnmV}r-lwEFoDCP!Z$M-IYo~=U
z8fGZ+!k>F{4*iN;KK`^LfH#Yw>cd~Zy$f7X`qwhvij1sXj7}3@wyyA|S`|&7K`b(&
zxAVXZb;x}yc&3k7FG;=SFKn+b;GX#iHlR!Mb<(d(w-ltOf#99%8z26EXvGBb8t~te
zygyMBv7J)+z54NBrDqA_kBxI6*606e^AGNCRoDNjuX_hk9FXNMe?+Fo!ue-Ph)X2E
zh!^W$FZWnU@53-4&O08qkbfO{`_TCI@d20869L$?f+|MATFsrI{`cXjhzaymVS8D>
zr9WQze(CSI$CrOrIYph}=KjS0&F}hc)Wd&F|4b;%<lvRpCBlF=pgM&?ywC+72iSrG
zWRZ!Kwy=LcqP}Ann*OyhS6}p<!-S6whfcIBwZp!eerKZk#O@>_`M>l6DPhEn6E|+L
zN@t|Jz;X@%ErOVse<CpCM}Co~0j*!yH|sNf|FK|9KoKRq<9kEmC;u-*3=3d}H*%OW
zd2ku<G#SG9smi|(vgibA^;{md@*8+MWJFK6xfx4F(;_8B$5^O>oV8I`e*Dn*5Q!p8
zJ}36X%CP>2Xpcsc(?w4UtS4ze{6Lp&_jA$X=p*BYb6AMOQU|(lEMwJj5W}%TiQWHT
z)w6&M6iN6=UEIVDJhoVNQr4`|*Ono`Q|R9bo+#k=cDuuv<;9zyrvI#+tR3E0BVWvH
z%dT_lGJg}S_qDA=@k76|Vxh1AlPrJ6k}s)%M!ohCM)Xxh$@ekabu{OR)!KRk!?|jt
z8aRxF$41X5TPih=n1_GaY=6yYtgV{Uf&V+{4P*ZI+TU$9oO4#;nUeP3?Sxtmf3{{@
z&>^7e$7gI)CsI1ZXAGjWKuKk!@!D4h^kH{|9$q&HBt8hm4n3u<4s?ohe_=H6bc_aB
zevAb4dM@=pylfrh(sNV)BeXtThE|Z)=32VDF7_BMbkHy=`fqU{W6ZM8`*BNW4!i_u
zEk(LhK5d=t_F`;eH!$EVUjqLG4Cvm>)cKRw8CBuM!RG6)k>ks|p=<(zC;xdvu^_DW
zFL{cSf!ffrn0taGV9##G73eaHR%qiSS!=UeO#fv0am}Et7aB{;bJ6UrA(8LLd(&{9
zK)aP7WLT`L#vLA7F>>d8D<gTJD67<kWn8@7I6zW~i>^XAW4`{)^YEOA+A;(%7$$dS
zZQJwMI!iaVB6Xy>zC)JB<6`?HsA2Y~38QJ<y6~4d%tm6snzPb?cRWhNcu%F3@3aM)
zJ>)3&WmTE#+anjCS2E;_+ImC^n_=1)h4ZpPV`CxkusY!ON})B=qUH=k+r!BXxp}C>
zrkyKz1oukDrpyGd6%NBCxAI18pR-9}K5?$_P!6q`wGhf%0;7$cS2eK&6d-4e!Eu-A
zk>n(XBmw7KLK$m~@|0Z5EVN^Hzv<Wg&eNPYC*k*S`nJ`3EFKV)e`###`+clL&#q+C
zSRm$(5%YGY?4~E@0nqbwe(BJ#tSQ;)iU*uQ5f7|9kXzf5hK(lkrykESX{@-cD#fUB
zS{>0Jhdcl2WQZ#HAuhuF)t(RQgpL}N_&+fb^^ceT??2-7<1H*5jSQ~#&KD4C5{$G=
z<uYLt3msf2?p8X+39w~8DJO@1FE<XLzeWpc5(2U>OvfmmYmL*=<nl|*zh`4*%h?_?
zsIRi&wG2HlpxRU#(RQ9~q}Gc<(?;#6&!JO%pOHWdvVp_s3Y#wLTR!xMg+K4)acv&;
zxIH8|s>Y>G$@dW&XRe%X(Tr?V(4`Qg12wS$S+vr-bXx7c*%JW?U`Jy=W)9*;w{7$2
zT;rd3&aqgp?X-P$=Hu2h=prcY9F27Z$kbDFP6{8=3Xgw6ZPwDYv?Wdp|3$FmOU|hc
z7KdHdy7#w0^v-MFpaC<?wBWL@;Zvk<v&P@Sc{10B=n^5Hl0$mcia&E2Io}WB{%!%@
z;?fu@p8wi=Kg2T5a`=w$8V>Dpf-4#S>Aq*ki#VP0-GQ74fxD-O6(_kQ?&m;UXrn(o
zCUE&Xn;CJ*ik(a@iUuW8UHwf83FWmFLGDS{;@0<PT$)p7QC2$FR6B}=Yi7kxK0^6{
zbNaL&#6nl|KLE0bnr6kzQhCyuO#N?H-d(MAu|1dSs_#gYAdjI=@Fq{S>r8H<a-||K
z{xRL9b|U<pZLfa?)<O(td?{%EskEc*6TzCc8K#Fk-4-iJl0apBPH75pBrEzYvYwCK
zfxR#zikfFSph5+AQ5!_ckn+#Gf=PfEb1Gx_O>B$82C8)HuIFb3Hp*5;5Ik96T10b`
zb2&BzJo;l%NOnCeh|qw5RW-jZLfMOLE5n~P)zv2@(LMaF94+WNVeJ-69Cu$Ev{;fh
zsYjfCnowV@Ob`*1GM33*IJSTbjW6Pf04`SaNSqrmuIG4Qj%znm3R{))PhSWRQ_ZF4
zvll{b)YoSQg+jscrQn^()>581-UU_{sp&XlK+s=l*}3^(=7nqC6B}u)tmng`;*<+n
z_-N~_&oYlR!J0pt>G7gloP0Z;;p4($=a=hAQkK7dh_zJ;EYX;jGTn#dOV`^;*Ad|o
zlG4L_umI<IYE9D=q(g9mxIN(OL|bJEX;Qo&>G2wCu;izsB%VF~;yLXM=qEBV%Pz`S
z=g59bi!L;7w<5z}mclTkS%e4q@14v}eCr4WJK+i0akU^DT{@0)XP9(IxN<3T>7UNm
zCav!keM_a&3b_KN>5;cu*@}Q*VCCpemqNjby1Ke0B_(~h`v(UCK`)(Bg#qv+rBIh!
zmFEqphtk2#bDo~Y`r}zVRnNlpSdCIME|f!hm<~-+Jk@a}H#-|u%k1uSjWAY_wop9c
zgbn}*FWp6kZ8kJC{O)m}`4!N>k`Nas@b)IX#`?{(7QI+rs~!@pr<K9a`+NRffav`?
zTpr-@_CyMO|9rhS<nQ0Vn&lqP4>y&1wNq15zuVllrgDT(P*7rGViL$jB*pruuz<_K
z0PmisOiXnin)?MkQ=)JVKE8+zao#MM@pRgQ=es|zrKP7O&F*`utB)7M6bZ4hvGMU1
z(FOV}oI|8PyxwjBwPL@nqLr-N_2{~YF1F?To;5-*FMPZ^Q&Uz(MMceT_7<}(aCf^u
zH+Plz<$29W`s20$=60K<*0H*2@)2gg)wILwWP3E(@Amj0(5)|a>tbtoRtqMI^oMRK
zOgT;H#Zwpx0Xn(xV%JTR_u218+v(rk0V{8l%V*Vec%M<PBTiOzkcA=xS!B%$Xa6})
zf{XC`^Hq_Cr;GAeHt6T>+FG{cQB(|!JOOuvYTUU9eM%@NtStWi59a9L*_U#y(wTk=
zVq(S8xvs7*LTCA;>xpSHQqoYj0k$`+Vaj#P4^BtE&{R(yp8e^eK*LA|nhn3*wK}hT
zx6Y)q!Q@>;rx5k$=i-8s1*5O`aVaxwelRq(vjxou)@8&f3Us}LQ%+q?Hs^iGs4$aa
zVB>L$+tF$m%J#zgFhvn?t>HZfU}U$iJrYbq&T)~}j~&>${OcbSB<4#r`52X|B>j%R
znD-k@g32sV<rn2Un!(OSEJGN`-Sf}MA~3vnW(l|&Y!toY7_jyR#!P|K+9WdBO_5x}
z=Bv3u+SO)LXD2FkHoqHy?TJoA4izAYL8|$vVRo`>E93hq_#;OIMGZd{5$Q@5O>&HQ
zXQFmLg(XiaKLu8j&pb1pW^Y^>oPnX>7>XNYI3T02dH0|NM?Sd-7WgsOxfo|BUP*a^
zBjOuV5ALp`!Ny5+`21R^*U7Ty@gfJe@JdUoAr#w};~Whx`IIiy8a>vR^vCOx(Bq$y
z8m{=gS_9L$yY!RRCs9T*CoOt|<?k)wX?$0jcFVH`?6W?Vx_@g@ee97jv*A~Ng!XAV
zaZ1XjQbi@3fldVpGG|e(%AM(zI&y?>PAw_iIks}Q+})fbPp%f`ZgY>^pZH7ng!fK-
zx=Ycjz*gKXS8iBjCOwU*c#>3bDk1qFgH@_;KP9EZ35O;9(Pj%JXVL?GA(r9tVM0;R
za5aZTmlt$vV!%hIB#j$3``A&QGfgwAPj;bS90*qxaa$h6{_rDg(4R>)v+QheLY<A5
z=1mQ{WvvvyU*0JANhE1-$aP!eKfUw!ua6f#Pb-GNqX+8pENI3AXnpwpT6ss=B`&x8
z3&l^?;&8f#KiXG!5l1$C-~3~?l@=IIEm(UIN5i7;4fQmN@b-_+FmCj)KsR>_E+Ka_
z-6snacjq5DjabrSK6mQE+iU+BGsdcuSEa>H!<L41MS4AH{UdmSu!*~fWVV%m5D1Hi
z^C#dg$8yF-my!f$ZNb{ut%F&+t~1o8{4%H`1aR$dqz}Q2l2uO(gCoLUO=`fCFs?%C
zY*O3V+z?F<rfan85DS!nP(5EC%&FwK@=rM2LCND0&OPh|mmrVee7fQMfLq|PRa?Yt
zH-qe!dc&qohX6rj%yDYiC<Ib4y|@1xE=*JOM}H9gn$bH&tFm)7j^xduG?1>iGIf&|
zVpmg-+ohv(!SUjtG4T-JPa>kb;aXDTE?=FK*M56aZV48ALB@%Uex+TWH0*Niu~4oW
zE9M!ll(ArCUrzjT4aU+Ke@$hKOVS9xSyollOVI&!)3Kp}@#rpo+={8+wHGCPvT7{f
ziWU+YzG;?Z(hFv^GF$VL`>1wgMP}+kl^z$5IwQ9gd6lq4ElVh!3!=YW?u<pRzixn4
zPJZ{#`j+0pJHm3)f8?Vz&Qea)6uL*b4hz==-Zgp%9|tCuxwGqXO2s|^Hs*uZ*hf}I
zBNxf+M*3}e06r(};B$iWA0NihuiM!W9ON)!jFAxwiLkwK_|M-Gv`h#F>qWIR1P-e(
zb)gatU4<;f>yivtJ8oxX$nXPGIl-Fnt)@fk_<EX4*Aao-R^>Qh*&>x?BCZmc6*e&L
zvn(^Zw1Bq<YAm9g?c4RFN3Rw@2{@YK7seNLglE8)%Z?R97y@}f6$$S?D4{>Set$}g
zt*LS4?z@3<u<PbmV~n~Ys>gcXqX;1IOalflV2z{VA@zV0q$huVbnVb3w-5V-+>SX7
zoSflMeMmetKwEl!)5L+0Uw9fFH*gq}`JeJlSUgB{;#lZV8^|0&-ME)EW5O55YC`yU
zrT54aHU)3xU|Sx-BO>tpAk~<G^2SWp1=BrdIA=?FBg`@KL8w^9o~3c>+R|ZI!X-W=
z^ms^J!H)EUq!h%=GYApE@S_IU>r7JN_&V#k?>iffLNkL3Qld5wx)zHgw}(@Hbm6M*
zDt_}n**q&ANsPL^mDbEmOCf^9>OfZTN#QJkhD2pcVHQT{6y&#iQJ)~87{ozoMaFAV
zDE$e*T#Vpt^WCi6TpJLG0->Nb(My1MopnZt3l@|4`X&sK`dK8OEm+Cp#2Uah`AMW-
z{ltLZAOZo=dE5A!7b)fBj3N>(JhYbH<OeKyHhS(8${@qR=wOM=RCe6O+4r>H-_xEj
zN6TjP7-^jmqS7?CGg%HVtNL^4P#VCnlWzn-^<cyt@!`*#M^@C_vV+>L<aW0c@CPNu
z%>k=l$A6z=4j^45p4T~3+I`9+`Lv6&q~9~b_$*mQ(C}9|#gX4wiJwgPo*<f0RO!N?
zk^0xJ@%ttHNVQqbm`m}Th&yk_pDQ?u+c&LxZO7s*t(rHD-0ZsI5nWkSCV9vx`;E`y
z)hqJ%5c|X&6wY?_6Cn2`&myY^z!AmE(lPbXUujA+Q}ip7Vvo9qm{CfqtKjNX4`ts_
zBd(pMwB13q!{`+$qxQ#*-yuY`go$HT@LWk3GQF}+Mjy<`_Xr7@^Id<9?|kYrp;xa9
z29s|c)%M6TYQS*X1d@FaZ%yuyMjjAVs1olF&(6UScxTGrwy3Y$cd#x)h2vg&Jw{!V
zCfl(k>+dTayt5UI(TBJ$+Cs~|9X15|%tnViju(nQj?B<662bBTB=}y08IzTJz>OZ{
zC2({rJG8g2!VH6@1lRRL{kJaJyEa|%z5}q}ps~2gz`_rCF&+8P`=vpnj02dRf{-f*
zAWVPv@u#MWFrGI$auVGqhsaj*Afsk&;mFCk6Nfp7bhmxgU7k?f&5-h(shpAJRBUPF
z!n{VBk#T)rNc%mQ(xBrD7wNRNJNos{Prguh@{Q4h_1+$J<#t_hlkH{WBK+BnqYm&F
ztEm<OhF(>eGwHO?Y~_7q$H%TR(T>v#Z!!=cDEr~*dAhej`#KPXbG+U7ce)1F0Wpk%
z#MJL%Q--q<1%?f5iW6es)<pF^(adR=Dx>zSf}Wc1!wru<EcsFGBmGFZ7qgxJ?YhVL
zrfJ!>l=8Lt7kgc+y$wF+9F*%lM?_pYL=&$l<@(Jjj(eKT3F9X?J*6ewX-py#=Jj=R
zRoB3|4!1=*$7g3!bfmToCHH8EU|zR)vuYp-O^6A?sSp9)7cDfN(vaXFh(TAr=K>pG
z{un#VO8zO%8-Y%j)7#Pg!%UYhIL=%3F)QhJ(Cw1#wz1)+86ED&F7?L0*Fa)iBbY#Q
z0=mBEg7f!CVF*dp#GQ&%1IA*lR-(}sfmkjlC<2sCoiK8hmNQ|x;8Ee<qG_c5V=1CD
zBm)^&<H9KZD>;{vbmNR!LF()|Q{2H#_Z2_Yr%IC!-mQeT5^&)h1kVxk$D14MjjG%5
zD|JkP)&V1EJ|Mu^csd)~N*cUel8v1quPe6$HF_Lg*%Sbm4(!10x@%zbM>?LKuxOPG
za)`l>#Paa<N^kma`V!ebJ~LF=s2&q)0Bu(S^Q*UY<O+I@aUfwgtQeoOeM0@-3v%V^
zc?UZy;hm!k^9!z@vI&(|HMdmqTu2as%mv8LY*<eR75T|~^}`yx=kva#cYxTd4bKdo
z9r6z0bO$|+fYrEdozSBWFR|X6R4j0nW1q9`H9EbuwWma))DTwnMOipXVonAYkz0ox
zF(keTz)3CW{>$?h;7oZOWg&(fO>i2tUhm)o;R&{!sb07Hc?m$@ikH|kfCWHU*tE$)
z(Z1gw@{OZ>Ru@9Zu?3nHT*uP7qkbm|#ULDl)YJh&Q3;b>){z&-;?C6d^kMJm(ON?x
zFB=^7+wl;15wcx2{hf36edl#1i#3G!WKuX}-{n&T*uGCz9@o%;WD+yrgmFGxHO$@O
z+}}Z++mB!OP2kERCjPqZ>BABZxB;jrr<26pWzK7ZUR$fJ52_FOUhN&+QqGGrz)U|m
z?AVyaV=+Ts$=HLWM0Zxh(JX<@Rf3-nGFnT6UZy4vrF@be8V=Q8GQ4dPbwp7Lkvth>
zJm)5+G>giI&LJ^k^;6HsYFbHo^lYEcf2dV6(jGTbMyp3?YPafBW#b#Q!nW9*7Msi1
zd&Mt9L74E0uLO`yL8xZkwvhWSsulJVhA#Jm(^(Kzvgz@t=*8vzTrFvk^B+=$03WZj
zRV^d>MBBTm2c}5s`2yU9Xh(=4<YY_F>T<PvX}Hz@{<<Yf=W$Qra2(}qO62b)e_u##
zFoPtSqDJ*di5As83U`-qG_Mp_KWp9M!0d=V1ka=E?&+y>7frJ6VfLy$Ci+BtQdTU3
zd5l&taN}ZRG2w%1x92AITl1^?!BSp|fRA%u_!5E+EB|Lp%ni+E!0%0xi;}t+RGiD7
zzM`~SCP}>2?eKYF%NCiZ#2`R}{&q)<dnsx^;#~4%xzo2gjxdV<;iYhhqH;T`B8N%t
zk0*_Fs2=@MhBtuOjA_6`$*>wSIp{Asy>C$kZO}yMLs^^;#GzKbS7(k36!uf06Z#|e
zx*tAU%1811d|yg?vlD08PR~m&Vb{?O`WG9`)JFNb>-`xHoJ$#1dh#AmT5pVvS0`e8
z>ITWWXd_kNEv<qy5VKm*ovSi(bLm9a^dV3UrqoPTSpJvy_%YRd58Lx%)(u<xPc%nz
z8Dpn{UXbGMV}G%``yrYM%Y%u3_sJ@p%>sRCPku)X1vCz>><^yk41wTBFa|~A9uTMi
zGU*kw3ArXIqqp_#5x){d+Yk1qFh0@VSj$}sC+k}c&tCnz(%Zyl+>H!4t&;l-v^QbC
zuFL~^61eSn)YEj;n4T$AMMx<)t19B@yDtn=DE<bB``b&31Nel@bpz`yYD(xWKFCO>
z%d$cD$+cFO%Ok5&N3t2i|DZg6WO<d~OeocoF!}i3qS;XEP8zL5!;{oBZQ;|7tPOS!
z%Qwt)QeX~Ud)ERtcfcJIH<iKdW7aTG^45f#1a=k6VidNT-?M8w?gg4r$?5ZsW2M76
zwEXy%<{!N|6uBoj5=wm_%em6Qlqr*9d;=NK40xP-O&tB%ZxFa*`Guy3Jd3`Z4UT33
zWG+uZm~r!;g%y~R+Dq9MY~r>(;4Z1R8zUarsw+Gl|DCZ^F!6Ku917<Wr|{MK@)tQ8
zIlF;30F5lt@Dm(`gpd9$MBqo@ZSIG}(cN$mRXLlH1K#D#!)$egZ2+DJGyI!THq#M*
z@f&=jOID~Piqx`!m{mc^eBswe>=nRUrDaQC;((|5bk3#EuDg(C8dM8zi#N?!^DD*J
zl8^t#L-=KQk)_=!qeF097**xENI4nB-Hrk&-+2EcV;|mD$>718qhD&d!sVi^%Z;`e
zG->sKZb)9jCZ&4z41z82_sbDph9hBScaTc3ZkzSzw6`LH{Bs@7xCLDQO%m)8o1RsJ
zb5OG+`3JF<zcVZf0a2u7x+5VDaz5w(7rdP%KpEza&d4G_3As}*7VjLQl+J2^t^RBC
zFju@9YD8h0Hkx@?a_Yx;G4oJA0(q-pAjU2Awylo9*QS4m!`sI0w}#WLH+4tC;SAok
zUZYDj;kN&#bZ5IVOdVbgs&OUT3egE0M=o7)6w-ydK_(*$WE{*Uy!-yVp2X3^0Ij?3
z6f?{stmOH0o->uX&5Ys8_5YA#4=lqhulntMDjTMpJWudYSN1Q&zLa5VGdCzO(VnNW
zSaxrcLSi)I@azIDV_5_V5eU<<DD9ZfJ8(3S&qTb>Vxka##r?>5(^|}#>ROKt{QnCU
z#DwD6gpTc4zz+kj!7D{9vADZx**ku@&1Dh^<KH&Rs*nu+!?I59p#)GRjl)x?N>v<n
z#@t-?;bcj`yFVG&<MeU%-pwVz5UcY_nNrp??em*jyZeE3rN3PB-(V4vz8cf@MB4_|
zeK(}q=+b&ip}&S<?8Ra|k5&I(=S5HrV|GUzB&`%&Ue0I<?39phouE(}0J3D^-A~r{
zjBcl&X_JVA5XOBi?tV(>au4`aBsh2fM1-u+iJnet#27HXt0=yjrZf_2bdD{3u0wb1
ztk`VS+>C=nKm@mGQN$~|q%BT9IpW2_ma-laOSD1cW5eAtM<Rz1qg@VTE^VIikzhfG
zTPA4c#jyHISgBeEN!1q{k6ho%RXJZZF_B>xF~NX`&b=y?39O5!V)yk*YUvpXP;-ot
zp3XYt^|@o@^!JC(;w8$X7uU!_Z=<VK(&}C{LBwt*NqDki^^Ue1UEpyB@Fx=;fIU^b
z0^E<Hp9}QuE^Q+dygLa{vho%Y@*5p;d#HE7cE{~nS)0a-`W(A>qk~1gPZ_p6SY63<
z-Z5cBjpCHm^%bGrd+%^>m%+Ey)TNbp+o(t3zs8x?f#xPncu37YNd~SIgFY{F$8W22
zn^@u9pNUw1c~;Dzdg*pQQ$76{{X5R@-U$9#<Y1<;@!w;5>HuGkriW#`A~*vshU#7Z
zbX?V($VC4>nR04uLJ&LfcFwx^-=S1yC`I<M5@YlEA@y*&W64aevYZ(P8)fOV5Vmg6
z(_YOMwb9MQwaiAn%d5>^&Pp_{2#NRj@w>_V9;u9fSNUga6heP+mrf=TB-R7JO=w;_
zzhdVV@Tl{l`|E@v3Cb6ExgFu)!Jyi|OIFapuhNF#6S5o(-b!p*-wyr3Tyio({~$l}
zCz;NR(U(s$EppiT?MsvYrl-}?CGz-ZDaMC3b5zLNM5r=nx8v2iA;wK^*>I+KRKe()
zWhSc+azN<Ymxs~{^|bs-cy+Syr0!h$D%qlvYTE0jTEo&_S94)5&V(KJx!m<ivmI;S
zch+U#13v#(h3^%ByLfV(B^9-1;_a5|xi=o)t5Fp5u%agXiy*HM@srJ;dQ31Q{yN#>
zyPPrUXx~AJsk34(T885<rwmcY1Zw!Y&hi&DUgK%@Z<yNza#iQITKv+JiOdhd{YcPS
zQvnSpP^5nRixZZ5q=mGqqNbvC?cA?M{$%qxJIm*OG`KbzQv#83p4Iue1ON_D$D{AO
zU3Lhm0W3NGbd!d%$9^b>e&2hgYseccc`*+-?2Fs#S0gLlUqdpWCf|boccW!7GQ1_U
z1hr32NThsRGG|^}I9g3ZV`!FqLnZ&=MGDWXc*bqPGU>~RG@&tG{`9m5j5X}-$;xnR
zmnNj+^|Q9sFA?5$3zKMy`n*BVzZ5X97##Ra_#bP$Y3}qPuP6F=Sq?)Vt-(CIC#KN5
z<CJ6D67|1E64i!%d#(V81PBz@0Waj>(x3Za=uloqyq%ZFXC%?{ssH{aK~3Y@`6R#R
zc2?ovyuPvGP5Yu|rRO4gj#eo#R1@Hs^j3a%b`<YuShq^e<Z2)G--{o#fG}+6WF2td
zYcR?{?4`?Y4U~*<BH9q06`e08?FTotwPZUs-8NUWZ-Cs;r1_hX-d7-Dc_d1{F{^{u
z_H3YIr6+5I_UUF<;f=rwn-Etn)8+&48!by{fVZ^xQvs8;$)L*bu|Kn34*uLBziV=-
zgQ2tj(<umRX=nE7*U$J%8m}E1#5Z>{^LD8YSpL5a1YQWfnB1zrI5^1aRgrX1`-0#0
z@?^eE6Xy1xNP27H6A|AoYiVf-R{@9*dAE)G7C(U(6IfqN9@gP6?&3Tx)8$M{_t#kc
z_+1c1>W}{0E_+58F~{^6s>XFT*GEU1VgdYWvmGYU{#7ak&gr7u8~<MW*2c_9a}asr
z3kg4-Sqa!qC+&9yG|mV;=6D!G*|^R(CF^e~#tx%zs}hAHLI9Unz`yNW0WyBQruy=H
zepegdd4vAaL?QO|ZJfYs@H>kCQpQaqsE#~pGnDU-zx%p2coe&^WxpC^{J8yg>iUcB
z%<DcxSY~=??FY#BpR5=`_kA<+8{xl%Ip`aLzPr5Y>7KQjsT?Bq<mK<Lb*m}W5Ir9r
zYW!EO*y5ShlX`Jz;DftR5mbTtyC!act4QBUfZpJ)^ljIllh?5|-I<`*7v$*NxDMc7
z!a@G?|INR*<Z@lPEuuzo&MdBMuz0@L$wGPad}@O7MRAD9#YoD3%vc40ava<b5}2ki
z%>dlr`&9xqW?QAb=F-~Fo>p?tUcAn#FZ%z<i)qq_;h^dNR+R{zYb(!mdX1m|Ww^fi
z8j6ehwX=gM|B#Zp<H^<Vf1K!!XBG@@fGOAhxUMZe$32LA3^!+lhe-l(d%AUs&=c|7
z&edMhJ9Z`&>HfHa75l%zM<BM(b;#(w;(5OvpRv4ujM$No{gwyk6ghuk9szg-A-IR`
zf_x8njzOnwvuWCp-<43m<x-_(Vr(V&<B<KfU-ACbb{mWJmS|Bs2wjP)X`a2_A06!&
zN_e^nCp78s2|rR}PNjyG9=vwL966w8gT9t98tRH8JPUkDKnQkguGcoJSS_lcy4Pgh
zL$SV!;qhRcI>}?u=B`eQLBl``W8T#~K}l2*i);+X6tjk1<S^W33n3>od`E<g`OqIz
z14#9^;Ae*qF3?wS05jz+iuD(KHRP)vXD*G1klUP1JV~#Ay5@d|Vy?rt;F03K==tO0
zT7~9lC^gYqyK|AQaw~&jahr8`NP#><<XoPYQ_R4p>Y=KV3#P-k7eqGT4vqwhBlo65
ztTaME%Y#Jh8FkdQJSCx#Hr{%JIXeBPR7JPYBK2Jl#-%6PY5G~ph}q1Wt?czkwS`X{
zyc6%}J&qC-5yAmc{s#k1o`37J4Xe|z&0j{^Wbsn}T(zBQ-+Ay@YOPaH42kKAZQ&~o
zB;#$xe&4N1i)V@I25-gNut0?(nZyyoHsN*cK3%6vsLeQdDv^v`n3=ihh{qwe2X-y+
z|FzN;nV|12mLS?6gb7Nm;H%};AHZnUJYw6~Ak#~YsV!^wU)p9i(c;2-41MTa>HF@U
zb|^cRS!3_pl~O{)sndA!Gs>b5d+xKweeuF;Mp*FzY9WX{^~bLnFzN&Eyo??MJ1CIW
z)+_Lb4_dgOBTwXzsqGPs-Rn1hlBQSq#x(L?H}XiEh<^&NuH^7bVU_2$<BI&!-qG(~
z)(4qM#|{_>c%Lf=rdmp3Ika3ZNCpvIcWJ>I;p2pp4KJ*Y$bb5iMrlIp-YpUQ-XPY<
zVsD;u#DWo`$DmhnSi+;|o5sRg<yWUr(Tfykz_v?-z%8^2{z4{^2zP)@!Gfk;sgohM
zZlC<=M;(FSc>Y-d$gV<!*pw&Ekkg8BStzXRIm&##QR9g1JqcOd%o3$9$B0I^zbo^r
ztOj>u&8I6~imjCdd2~-T-1k59YaGA&iaH<IOFU*9iBL4p^JKnHSCT<_H))(C6|%mS
zAV#i^#~<*}v<Xk1jsH)#91u+7*I3kM%qcyz`5LI597=Cf1rNTW(NWtF6mhXhh|DpM
zdTa^MZfLZdedv{>Ii)8SWJp6&U?3zxQ1yobk<|N-nQ1@dcLG>1g#7Lk$$dV7a4riS
zs>4Lzu_K-6tmmAPPXBEKlk0x^yd4W-isCyB$!GCO@vaYg+0aDT@fI)NvHW!XA7(0O
zL!G1qYjm@LGk1*sHw$`UO3h00EEth@TUG(p5`PLNevikg7>4$TVq+^&&`#B<Wmw9A
z-6YBZ`0~`)P8$PA7E+R%+3eL3b=|<2NCwq)o~8UVm2J_2wl3kL(!8;zr5a!tze0I-
z+~jm%ydJ7KdfubYwIVCG6-`RcUG4T}buy}4M$8GlWi(18Ya5dpZHUyY#oEqglLe`0
zGXWdcqMKS%kbvKnJl_4PV(2X`_3&tFY}GoKx&&J{%&Wwim_qr7SdCa~rA%FwD;-K*
zoSpNiY0DmNw09uoaI0Lg7oDRq5WjSmt!lWN3P~<kiAS?1?04OGqo<{KBGTSpdjsjE
zTQI))fV1vL*2j1T)z5o5-rKo@wne&?0;)Cev}SdVmi=&PYBMoxQ1pi<9~56Fi6qV8
zPDb_VrP|HW(oZ8BIC-Vn=u5Q%XeNB9)rRFnr0L0@@iOr$Gcc=b+CM1MUw`DtV$MJ_
zQyYtRIPpIb-)uX-yrvcIQin~lkhc6##R(44hDEF^>Yx^9O}}Dq{44<MS_gc`yv|Wj
zMB!qbP|S4yR*jxS8KLG%o>aJB916HfW>L&MNk!s)l$m9J4V|-Yjd2Usct1c*rDSyF
z8J#b$#-xF7lKcFs$@;E6d{7&<h0s+w5Ap5C$r3+i9r4JeB?BOmFFg6O^I!OXTH#&i
zXkmL+%+*F&D}H1Z&U-V{22O72yz*dtam;lHCk;f`MMg`23JottrphLI2Q59BzaUL5
zw13h)*6OCjkxN^A=-bxL7xHM!_<lufUP0^_IN6sBGRjPper7oTVo)1|uPhpdt?N4J
z2t3vR@{K^*mz;^If#k|-%>ZWkLp|c*1^iFZew;q;1E<o;39q+T?6tk*7)|fiD8Y{7
zx+V|K+|BOM1-VU%UmU6O;?do4Rd$co2ml`(1x}?A7Gu}@F~kPsDxmFiXfj$+#|pnT
zPqNdrW>8r39VGtvpq1!O;q59g-EM_5M5wJ&jy95n3e11Bjc+k%xM~pQm4C;D9XpYL
z^zkQhvUO1=+S^a~@*MMXU(6^8QQ_}bWszEHHs2mlU?DB$hnTbZNvl_Y^{5tmf_kW7
z7>PD>P|{RpgiOT=f`4xi$L>O{N~$sp?L&)Phg>H%Xj+-b>4(QIgl*oh9FvxZmlx=I
z?Uki9PNg&Gs%X*JS7fAzIUEVc6U@EnG7n{XI+SSSojGM>U>dA9yO$6a4*Qq)&8XB>
z$9LT%ZlUkovhbG!Uf2Z$$|El>$JtN>f#bCMWUTop5^VCCKN_#;98u-Qzf(q>r4UR1
z)mHJyRTTa0HPtjfHZt6Qf|2~O>#xC)uqyq*lkW7O<dtVcqj8!!vcm@<?`SHr`kHPU
zGu@c+GyE<XBS0}Idzy&g1o`VkH)pI@9b0MsEA#+>&$F*$B8HKnQsSnoiO(MJPDNmW
zXXV$3TkYN3qkZ^lu&f#%#gN|Is@cV|tbrAx*TBWamFItnJT*?UKUf#?q0kh{_H=*W
zMvb5p%Y}uYRt_-5e|rc5D<n9YSv@)`3R##08+%O+$0m+F;?a~n>AlW+XY=FgYW5nV
z>+tU`KO&)l9xAHYuw(I(rp4zVZ}y6}XE1c$hJEF$M<2&Q_O+Oso6}t`2_5js+?WD;
z2r)vtP-X%_iA*!^>!RCJD-O_vypBKbr0Nk$?P00TaXSz<god{M4N6rE8yU4}4A$n0
zI6)v{Y_e3YfKuDTwzh8KbT&#5jA&U|V4Db~1zSF)Rbe<N77pb9J~``o6;(31l#KSN
zq;0=~y1WN%A}Zqx`(E2UVu@Ek3xo5#$)Q!RT*y%$!0#G05^woav>~|=(@*#;%gqky
z)Kv8hX8FE<x&v~iUp0Xbz~YaIZpHHQ9%vrI38Vr)a`UKl^3@8C1T7(9lIGL7B6cm*
zR2Mr?S53NPbIPdqL!ytzjj}kJz%*3-;>Zk=v#vYx1k_F;t1kd@(keVNT3UEMf2P#U
zF6jI`E?gig`BmUU)wh~r5DN}_3Up*M3WuI>+1#B_7woHJL1}Jnk*es@^USNzTNT6h
z=N*c+xTK_H1voS`R2vo<8Mz#Qjg74dq@_*6QQmr8>aZ{|@;n*4lisAb2Xuq!(0CZ_
z8L6>kG~}feh>PX5aj|@XUnFyL^RNvxjD?G7i1(r%X=}EP+FUn+7js!$&YIhfY64CL
z+x_xRsL06Jpg37^hzPr8pZ)Bn0j;c*=7V>`l&+-kJR5&>hr>I(3VUj_csveGTCSez
z+>Hf?&@i5<GXFY!=P#D{F}v2^2oB3WqWlbpB7NR_>4Kzz=u6QP4Ri(O_@<u-iybFT
zZgG#hyhbbz2}c^ep3qGL9tTg@e#BF2IH}70Ot&{n)a~EUZ78Hh?j5a@IojFQVh($;
zG1n%%gVpTgl~~PR@PDn1DWX-P#_K8Fywrg5#$Q#)PdF#Xlgb)d=JcvI`fe|qZr}g?
z^?KiGuCHEh#DVXYf>9zL!|>6zhQ!8OaJDk%W&G^rh0qe!RwFTGZb6|Z){|6HO0lno
z_-RWgnH#>kQU5)Ji7Uw7c6qY3>+@5cQRFwJ2K0Dw!cyeL>YX(Nr5|aggseJoPnQuW
zDDtcLf^<)D=Pg+$MNK0Xi^&eIAH{5QF@yBZM-9N{0YuD#P3x*TOs;~3nh6m6$*cK&
z&9K`5=9>)tP3wb6L&t9E<%yNzpm3W|7i+tg0*{Z^^801*SFx1uj}8YFwj1h(xR|yq
zON-+tRS6c7<ipCN^0f*jZPEVDooTP@&Y@0D+#8}}d?UPi*TL;r#_itR=<59-RtD+|
zS6ZwBoWuzIR+b94mS|^sx2C4L7W7<tL}yP?tX)fP`+faGt=CHX<;n+P-^J-&HnVHZ
z>#x|2wb)VLnsd>Q@*h%W$Bn^|rEM_dJI@MY?Rurq&YY3?@QR>cztxq`qR!X0xEi4w
z1ZH~?=0G?)ieKqxuZV*f+I}y}$6xV0Je30Pr)gnefX97=q&%OuV%=mp1MKOt=g&RO
z2u>v>)?;mT%BC)(P;@fXhB)GgTsF(7&G@ieJ^uJETKAkNks!L=(bSMeNNPk>kb7-q
zeae=F{aU2IYS<WM?dbcIT<!Opwml!~{X^e4pA%_Sb()iqT4mexCVFIY|I6XMvA(!d
z8hTx#SJVf)eSZ7&an%cF1GC<Kex>GMu2pM6I_Z&kq&C!k?3|$J<*npK@v>=4TXEw4
zKNc2K^j-Zy!zaxrc~Aw{e9_h3<#nD-;w&7&qRXGLZTf3mxkdLSoNw1N`tL1@3c<xR
z0r)m5Iq(Jvnf&s86`6?Sh*MF{-X9HM5_@e}%@W(H{mT7*7n{s*#AI7n__XBg>8#oY
zg3t3_PY>%}g;8+#FC)t02H^-fe#REeOti3|FnBq;+rDZ{R?qhT1-F_jwfOlv<Fijk
z9NQbZNi;RHTin7XJ>2xTZ+-Q5bkc}5Rj=YJ(kfT^WMiLmwaxlXw1X~SQaIquj6l%#
z$*_!JtuSpLwk-+y{UxD^G+S|wX#FH@m=|OA?iNC_?F#$Skc56=*8ShUUFGT6h_%h3
zDuW+X(^+h<PDi=CQM<mEe^{Bd0*>cD`<ugFa_OMUcTZXAQeItByq+J{iS+>-^2oBB
zED1w>$or-H8^9bPN(hqe@J4%M4Nws{27yY|*jxlrE)++tg3=2+JbzZ2Ht-15TzK2(
zEq@uGva_@>V@*r=f#R=^#tFA#S;+~JCLezy#kdhPvTm=@ZAard>^n4z6qqcAIr~g_
z#zlSVwb9|mvC)lKK8gH<45w_q2$fRdOU>ZG%?fwY1k)=DIMr@iid2LJV%i*cvHJxC
zeK-iiNwsjoCc9#5IW<UL=P$0NqZ3>hHip{oDWoEzKd$WoG{m^-&B@+J*vHuEXhEED
z?|T86vw&w*or*ZAt83}swy@B_|5L@4heN@2@iB<TmL<#>+lyphifqZgWQiDiWG7T8
z`#xoC*(Qx8WNT!X$Yh%g4GmdJV;}n(2H8S=qxX;R`|h9TxxahQIrp63xzBT+=WO=Q
zvv&xkTVy$y2nDO7>hr(8kj?NYZD5}*E(}&iqqr>BZQ{l-<4a|ZLzRzN`e|QDzCgw6
zfaMiSn!lqWoAY!Rog+XkrjUS?%ah~rWqZN{^AZWtEs-h$=E$*ep^NvYb}u!eHgLjl
z{IRL(gGx$XK1gG!i_vv3rw?jw(0%yz+=9LHr{&*^N*uX82v}xIFilM3EqE#Ex_W4P
z42NiqPMkynkB`8mg*LM~Cd9L8X8-v#;clUNVMJsUFLrmG$>g@t-Q(RLtt>j0<I`h>
zz!E`aE|&d;%2fEwG`Y7S27mk{%Ej!}8I$ADwDz)&CvepPARixJ0j*klw1HqLiaLz*
zu$|mTqo7W7AJ})o+B`9L53V0O$*IzmZ68%Dbp~8kk>pQmK-R>Fo7=$|wW=)mcnNEX
z>TF#uy8Y$~Vt(ohZd9CJ)b6o**~|?SuF4B4ul}C80!~_3Ujr2*?{(!fjSjobZm&5~
zJC1vPed|ZaULhXuN^`*yK0CYn=B#1w6>oKqS+kdSOOWb9dlLjuw&-)R@h#9y)D{gU
zW0NLSpF6K|)Xljy0ay}!EaWCFnNqC{*3O+N1Jeq-gekxBj6F!KmdH&0^>9H?hFgTG
z!;ODkzV#q=_^Q11$Kr{;nJ>lfyp7DnmQWJ=N#oqo2t;QslVI5Ji2?o}na>QCp@T#V
zE69-}5-}t<H3K`$JO^hesmw6S%ITsT)kyp39{do3P8CR9a3K4Y@z5QajOWcn#6hQ3
zH68j)Tmm024m*AWr7v6m@vdqJP;wdCf9f<^+K{A`U-V-!rhs-@P{ZfBF+nBm7tr2i
zY2|1Ns?^UBitrFBqGn0~Z}_L3H}DS^7omMhG7uZGCe%$*TJ3$ppK2mjkxGU#W{dX~
ziwmEv$^~Io0fx86%_}9%TvJ+bbg=aKcdANhC9v4U{(?A2U?s}!sbEL*Y%si8;4#gZ
z=Ke31dFVxF%YoXZKf3fe(SxXFk<vt%h78?LNit7o77o)b)ZGYv)U>T9hPod_#wgw&
zDk*mX;;kBl4Sl)0bO;`w!1Fxbnt752v~PYN%)Z7$>I2P~==T<39(;w5N9(v3WIkmW
zd59mlO}#Lz&mZF5o_1Saa?i;A;~6E|(~rvlZV)Bw-t^v_H)E4eu@!t>dDZS+`FE+t
z_OhJ-jR9Z>_-<<CN7BhinWaFJksUgtAFNlY<Vgj)Q3z$V@7~bA>A32giG6D81%G&(
zRCAgWi$9i+g-%x_`00^VV7b7zsW-YV`Mf#*1REgaT+!4Ryu^By*bsYkwdcq|pf!iV
z7am3P(0ku(1#X-A4OHIQ%8M^b*rV=_67D2WU1vD4y8B3Z;o;8#LIj7kG+5-x&K+O3
zH8!NdfWP}KlT;&Xo@HjyAn=hiLrmu_sm$A_6N5@p#^a@7n11aWHs$hT3#-@?FCB(x
zj8Fn3swk#Zk7YotnXl<$P~Is{!cRoT1jX-4l}(eC$BWIS?URCy<K(Xp=<Qu}8Sik!
zo0qc!GULPlhVMDcl|*@G7cQeB1dU?cpI5n;Nd|n)Bvw#MPU1!P3QJ?F^UD=;GpTJ*
z55Xgw?g}-zkmmGaSnF)6##XaUvx7O4I4(bS=SJZY*tJxH^L0pBt))@7E%caP0P-Ta
zw3b`5lN&{i%q-T^hf=J%+C#8YT!W9W3YLfJ4+c~&Q^%&W>WfF|LZ0+a#fAJ;i6MTs
z2Q&}r{8_BXkVcz<19BRgEN<RpD{^4}Z8ythh411n4LHx5_FA}y$$fvv_L<gh-`<qY
z<b`bb^X&X?s=6;hGSagnQ}K`lKlp?aT640IU}iH?_<{#iZ1t?qn8r9+>IV<a-)NKr
ztl{!Rb}Y&J21-Fvb4abvryK()#c3kP2b1R=b{&^7(k<k(i20Yi)YQ}%LMV%qOeT+O
z4gg8~RY=nA_9M(}Lu351{}*D|289#0F4mk$BQUd9&ZL`FduMz3N0wwI*TfTdZCl5B
zS%`+W1r6R1I_va!gijFWnCY-Bx#u+7b)Q`=x%`JOZ2MwnEzZDEQPo6d3R%V|B0`f>
zybHBb4)gL)Qb>;N-i`i#D{k_u!9|eNiNu5H{mf|@1K-<eT@8!zx4uIP@XAi>jqn0m
z_1xEkjfz@j{&L|h$U?(v-m&(p9$rsHu892_Yc2@g($tEoe`6EoQ80uiFcnrRsHFuy
z`1ekO+)nk8FdibDWB0x45%^w@{$!WtkT?5q2BTnh$-mH!+%}X~bkijH$PS0M#oC{z
z==v~Ms~TwhA(`apZZqTa^2DIJDLIAx$V$KB_v~)yQX5);1Eyok`VkvmFiBqhFRpy%
zQ+4Z)?GGtpYFvk_8>Ug;x0HbJex+umjl!_4SRf0HzQDKBpa9(RJ*FuoYoE3(inCc#
z+%Knz9vYVG|FBj$8gf7a-ZB?oA0gaoJD9=T1sXeV`z^%Z8i9Q9pKNqgU9p`Ja$QY+
z2kj<YqnG$CEZT8A9iF+L#QLdUI;8!~3hi263QOJ58s=kLdE3=TYzh6dbiohQdk)Ue
zNvU7cv|TDJcP4^P|KyeMb!$(U<SheO{x>`#6k|MRtzno5!Xe0|Y8Wd}EsBX|!aA1;
zo+O^W9QW8a#8Il?W+-QS8wfADdFkCioB-boKcPGHGDjrlkY(!|=G#L47oLntB&ad8
zdJfh%-H!`F)_%Rya`|T9Acr2<t$VVZ@grJR41|m)eNh#1XXAUYK6G!6($2Kj1wK~k
z<ReSAdIlbH6~m(Sv1W8nBsKEZk|iXhKM+wELu7n8@VN!--1|mul?$->w}sk15+(1H
z=E^P#LrFjL-*YYN|3Fhy><nzbYnMidOUW{=|KOv^m90onA)c?gZVq;g03j=CRCaWe
zk@IX8Dhgn3q$aeHN3CS|+ib^zZ3t<Jj7G&Y-=s`EdZu37%BXNphxH`NiP6@9E&NrA
zr4t+3L6~5Petqh4gIaDO=RJGQIJqZm{Qhx!u^#)dK}1rFXKZkVSQm`Oy8{A!`rWH<
zgd-8v$h#;iu8l{Vaoc&5Db*px?NT_)oIpC0gYoChaL(!X%2%nhyQ<Yi?S<<A4aK~p
zgsFD=YrR~b2T^RAP>)7EA|UOxZ=LwLZUJ;8NyHp6N@5M+40)g1xpq)1b#0CaR41Yb
znbX*_ismgYzu4FFOfY%r63M%p>N!iTh`6uuiW@<z!F$1qJa6jcz$swX6e-8Ot0AL?
z^PBqG&MzJRI|$o=4Ikl<x7J@_1OzXXCO0(QX@6PH$XlqzJv@Ku*^Q!X(d+(oX+Nii
zLP!nd_WmL%rGLDlBKEL=EawY2=(4HPBqqko1udh4)fzM-c~aS{Z?u3`mVuPlP-rq-
zKUzx!)$cvE`u%0@m!pbLeR^M2f4Q0kIDlCF$n>4^gZJk#F1v$8X!JDx;5x(B1aw^B
ziv!@%#~}@6r?BJH8Am7P9M|}3rsl54Y<X-K1Hg}Ya&6UmfE0fy57T+RJPo880B&)1
zs!>zxNO@cn5>3Ln`d!;SwRHE21Tk^1x~Pgs*EnrW>_iT99xEcEPiiYM8oqJ9GBrt|
zbUs@Lx-}L7tKmRY<X4o=sca8KlHcr_)=||K$j6&At0&r$;-8jo%)P<X(cDVl{7%Gi
zE$Wx;K&R(8bR5ERK$|PRfH~Z@mDd+MF{W(A)8J_%_|~r+=t@RHL{}w*4X2NmBPn!7
zr=%N_QHYT-^UqCZ*yEA;J-2C##o;J_O#}krNyWnQf9V)<;-vamk}_BhAlpL<gQ$Z3
ssRP`l!UAJx0So|6fF!^M@IL~5s^e<Lud0h|ZD$BWT~nPJt-Epm0prRoN&o-=

literal 0
HcmV?d00001

diff --git a/experimental/images/ipvlan_l2_simple.svg b/experimental/images/ipvlan_l2_simple.svg
new file mode 100644
index 00000000..48097dc8
--- /dev/null
+++ b/experimental/images/ipvlan_l2_simple.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="343" height="311.5"><style xmlns="http://www.w3.org/1999/xhtml"></style><defs><linearGradient id="tFoWDamkeRwJ" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="rNGNyECMdeKI" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient></defs><g transform="translate(0,0)"><g><rect fill="#ffffff" stroke="none" x="0" y="0" width="343" height="311.5"/></g><g transform="translate(0,0) matrix(1,0,0,1,77,162.90096991491666)"><g><g transform="translate(0,0) scale(0.62,0.32300163132136867)"><g><path fill="url(#tFoWDamkeRwJ)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1.6129032258064517,3.0959595959596116)"><path fill="none" stroke="none" d="M 0 0 L 62 0 Q 62 0 62 0 L 62 32.300163132136866 Q 62 32.300163132136866 62 32.300163132136866 L 0 32.300163132136866 Q 0 32.300163132136866 0 32.300163132136866 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#tFoWDamkeRwJ)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 62 0 Q 62 0 62 0 L 62 32.300163132136866 Q 62 32.300163132136866 62 32.300163132136866 L 0 32.300163132136866 Q 0 32.300163132136866 0 32.300163132136866 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,84.45937956643391,158.4009699149168)"><g transform="translate(0,0)"><g transform="translate(-86.91999999999999,-162.47030107315481) translate(2.4606204335660777,4.069331158238015) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 88.95937956643391 162.9009699149168 L 88.95937956643391 195.20113304705336" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,122.54062043356592,158.40096991491632)"><g transform="translate(0,0)"><g transform="translate(-128.46,-164.19297644020213) translate(5.919379566434088,5.792006525285814) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 127.04062043356592 162.90096991491632 L 127.04062043356592 195.20113304705367" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,103.5,158.40096991491666)"><g transform="translate(0,0)"><g transform="translate(-106.14,-164.19297644020213) translate(2.6400000000000006,5.792006525285473) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 108 162.90096991491666 L 108 195.20113304705353" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,35,196)"><g transform="translate(156,42) matrix(1,0,0,1,0,0) translate(-156,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="28" fill-opacity="0"/></g></g><g transform="translate(156,42) matrix(1,0,0,1,0,0) translate(-156,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(156,42) matrix(1,0,0,1,0,0) translate(-156,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="45" y="0" width="57" height="14" fill-opacity="0"/></g></g><g transform="translate(156,42) matrix(1,0,0,1,0,0) translate(-156,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="45" y="0" width="57" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="45" y="12">container1</text></g><g transform="translate(156,42) matrix(1,0,0,1,0,0) translate(-156,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(156,42) matrix(1,0,0,1,0,0) translate(-156,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="33" y="14" width="81" height="14" fill-opacity="0"/></g></g><g transform="translate(156,42) matrix(1,0,0,1,0,0) translate(-156,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="33" y="14" width="81" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33" y="26">192</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="26">168</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="77" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="80" y="26">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="87" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="90" y="26">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="97" y="26">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="100" y="26">24</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,168,162.818751317853)"><g><g transform="translate(0,0) scale(0.62,0.3176182707993458)"><g><path fill="url(#rNGNyECMdeKI)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1.6129032258064517,3.148433487416555)"><path fill="none" stroke="none" d="M 0 0 L 62 0 Q 62 0 62 0 L 62 31.76182707993458 Q 62 31.76182707993458 62 31.76182707993458 L 0 31.76182707993458 Q 0 31.76182707993458 0 31.76182707993458 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#rNGNyECMdeKI)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 62 0 Q 62 0 62 0 L 62 31.76182707993458 Q 62 31.76182707993458 62 31.76182707993458 L 0 31.76182707993458 Q 0 31.76182707993458 0 31.76182707993458 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,175.4593795664339,158.31875131785318)"><g transform="translate(0,0)"><g transform="translate(-177.92,-162.39526029012058) translate(2.4606204335660777,4.076508972267391) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 179.9593795664339 162.81875131785318 L 179.9593795664339 194.58057839778746" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,213.54062043356592,158.3187513178527)"><g transform="translate(0,0)"><g transform="translate(-219.46,-164.08922440105042) translate(5.919379566434088,5.7704730831977145) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 218.04062043356592 162.8187513178527 L 218.04062043356592 194.58057839778775" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,194.5,158.318751317853)"><g transform="translate(0,0)"><g transform="translate(-197.14,-164.08922440105042) translate(2.6399999999999864,5.770473083197402) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 199 162.818751317853 L 199 194.5805783977876" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,126,195)"><g transform="translate(123,28) matrix(1,0,0,1,0,0) translate(-123,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="30" fill-opacity="0"/></g></g><g transform="translate(123,28) matrix(1,0,0,1,0,0) translate(-123,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(123,28) matrix(1,0,0,1,0,0) translate(-123,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="45" y="0" width="57" height="14" fill-opacity="0"/></g></g><g transform="translate(123,28) matrix(1,0,0,1,0,0) translate(-123,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="45" y="0" width="57" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="45" y="12">container2</text></g><g transform="translate(123,28) matrix(1,0,0,1,0,0) translate(-123,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(123,28) matrix(1,0,0,1,0,0) translate(-123,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="33" y="14" width="81" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33" y="26">192</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="26">168</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="77" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="80" y="26">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="87" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="90" y="26">3</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="97" y="26">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="100" y="26">24</text></g></g><g transform="matrix(1,0,0,1,104,130)"><g transform="translate(34,0) matrix(1,0,0,1,0,0) translate(-34,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(34,0) matrix(1,0,0,1,0,0) translate(-34,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(34,0) matrix(1,0,0,1,0,0) translate(-34,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="34" y="0" width="79" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="34" y="12">pub_net</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="78" y="12"> (</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="85" y="12">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="109" y="12">)</text></g></g><g transform="matrix(1,0,0,1,95,100)"><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g/></g><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g><rect fill="rgb(0,0,0)" stroke="none" x="74" y="-7" width="1" height="14" fill-opacity="0"/></g></g><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g><rect fill="rgb(0,0,0)" stroke="none" x="74" y="-7" width="1" height="14" fill-opacity="0"/></g></g><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="1" height="14" fill-opacity="0"/></g></g></g><g transform="matrix(1,0,0,1,16,114)"><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="75" height="14" fill-opacity="0"/></g></g><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="75" height="14" fill-opacity="0"/></g></g><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="4" y="0" width="67" height="14" fill-opacity="0"/></g></g><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="4" y="0" width="67" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="4" y="12">Docker</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46" y="12">Host</text></g></g><g transform="matrix(1,0,0,1,81.616,49.859996948242184)"><g transform="translate(0,0)"><g transform="translate(-85,-50) translate(3.3840000000000003,0.1400030517578159) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 88.116 56.359996948242184 L 160.558 56.359996948242184 Q 170.558 56.359996948242184 170.558 66.35999694824218 L 170.558 102 Q 170.558 112 169.779 112 L 169 112" stroke-miterlimit="10" stroke-width="6"/></g></g></g></g><g transform="matrix(1,0,0,1,73,236)"><g transform="translate(0,168) matrix(1,0,0,1,0,0) translate(0,-168)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="193" height="56" fill-opacity="0"/></g></g><g transform="translate(0,168) matrix(1,0,0,1,0,0) translate(0,-168)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="193" height="14" fill-opacity="0"/></g></g><g transform="translate(0,168) matrix(1,0,0,1,0,0) translate(0,-168)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="174" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="12">docker</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="39" y="12">network</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="85" y="12">create</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="118" y="12"> -</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="125" y="12">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="135" y="12">ipvlan</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="167" y="12"> \</text></g><g transform="translate(0,168) matrix(1,0,0,1,0,0) translate(0,-168)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="193" height="14" fill-opacity="0"/></g></g><g transform="translate(0,168) matrix(1,0,0,1,0,0) translate(0,-168)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="152" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="13" y="26">--</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="21" y="26">subnet</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="26">=</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64" y="26">192</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="84" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="88" y="26">168</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="108" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="111" y="26">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="118" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="121" y="26">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="128" y="26">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="131" y="26">24</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="144" y="26"> \</text></g><g transform="translate(0,168) matrix(1,0,0,1,0,0) translate(0,-168)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="28" width="193" height="14" fill-opacity="0"/></g></g><g transform="translate(0,168) matrix(1,0,0,1,0,0) translate(0,-168)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="28" width="144" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="13" y="40">--</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="21" y="40">gateway</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="66" y="40">=</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="73" y="40">192</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="93" y="40">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="96" y="40">168</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="116" y="40">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="120" y="40">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="126" y="40">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="130" y="40">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="136" y="40"> \</text></g><g transform="translate(0,168) matrix(1,0,0,1,0,0) translate(0,-168)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="42" width="193" height="14" fill-opacity="0"/></g></g><g transform="translate(0,168) matrix(1,0,0,1,0,0) translate(0,-168)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="42" width="139" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="13" y="54">-</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="17" y="54">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="54">parent</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="61" y="54">=</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="54">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="95" y="54">pub_net</text></g></g><g transform="matrix(1,0,0,1,89,24)"><g transform="translate(0,0) matrix(1,0,0,1,0,0) translate(0,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="102" height="28" fill-opacity="0"/></g></g><g transform="translate(0,0) matrix(1,0,0,1,0,0) translate(0,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="102" height="28" fill-opacity="0"/></g></g><g transform="translate(0,0) matrix(1,0,0,1,0,0) translate(0,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="81" height="28" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="12">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="26">192</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="20" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="23" y="26">168</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="43" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="47" y="26">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="26">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="63" y="26">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="67" y="26">24</text></g></g><g transform="matrix(1,0,0,1,58.49998401988711,49.575)"><g transform="translate(0,0)"><g transform="translate(-147,-50) translate(88.50001598011289,0.42499999999999716) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 64.99998401988711 56.075 L 241 56.075" stroke-miterlimit="10" stroke-width="6"/></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,241,36)"><g><g transform="translate(0,0) scale(0.6083333333333336,0.6104050109462419)"><g><g><path fill="#3966A0" stroke="rgb(0,0,0)" d="M 102.635 0 C 93.815 0 86.371 6.797 85.395 15.43 L 4.554 15.43 C 2.043 15.431 0 17.473 0 19.984 L 0 53.338 C 0 55.849 2.043 57.892 4.554 57.892 L 8.016 57.892 L 8.016 65.776 L 96.471 65.776 L 96.471 57.892 L 99.672 57.892 C 102.184 57.892 104.227 55.849 104.227 53.338 L 104.227 34.655 C 107.211 34.382 109.971 33.334 112.331 31.735 L 112.331 31.735 C 112.785 31.428 113.223 31.1 113.643 30.753 C 113.655 30.744 113.665 30.734 113.676 30.725 C 114.093 30.38 114.492 30.017 114.875 29.635 C 114.875 29.635 114.887 29.623 114.893 29.617 C 118.039 26.471 120 22.143 120 17.365 C 120 7.79 112.21 0 102.635 0 Z" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 102.688 3.191 C 94.836 3.191 88.45 9.579 88.45 17.43 C 88.45 25.281 94.838 31.669 102.688 31.669 C 110.54 31.669 116.926 25.281 116.926 17.43 C 116.926 9.579 110.539 3.191 102.688 3.191 Z M 97.377 20.901 C 97.118 20.901 96.859 20.802 96.662 20.605 C 96.267 20.21 96.267 19.569 96.662 19.174 L 97.412 18.424 L 91.228 18.424 C 90.669 18.424 90.216 17.971 90.216 17.412 C 90.216 16.853 90.67 16.4 91.229 16.4 L 97.414 16.4 L 96.699 15.686 C 96.303 15.291 96.303 14.65 96.699 14.255 C 97.095 13.86 97.735 13.86 98.13 14.255 L 100.571 16.696 C 100.665 16.79 100.739 16.902 100.791 17.026 C 100.894 17.273 100.894 17.552 100.791 17.799 C 100.739 17.924 100.665 18.036 100.571 18.129 L 98.093 20.605 C 97.895 20.802 97.637 20.901 97.377 20.901 Z M 105.863 25.522 L 103.422 27.963 C 103.225 28.161 102.965 28.259 102.707 28.259 C 102.698 28.259 102.689 28.254 102.68 28.254 C 102.671 28.254 102.663 28.259 102.655 28.259 C 102.305 28.259 102.012 28.07 101.83 27.801 L 99.515 25.484 C 99.119 25.089 99.119 24.448 99.515 24.053 C 99.91 23.658 100.55 23.658 100.945 24.053 L 101.644 24.752 L 101.644 9.174 L 100.945 9.873 C 100.748 10.071 100.488 10.169 100.23 10.169 C 99.97 10.169 99.711 10.07 99.515 9.873 C 99.119 9.478 99.119 8.837 99.515 8.442 L 101.954 6 C 102.35 5.605 102.988 5.605 103.385 6 L 105.864 8.478 C 106.26 8.873 106.26 9.514 105.864 9.909 C 105.667 10.107 105.408 10.205 105.149 10.205 C 104.889 10.205 104.63 10.106 104.434 9.909 L 103.667 9.143 L 103.667 24.857 L 104.434 24.091 C 104.829 23.696 105.468 23.696 105.864 24.091 C 106.258 24.486 106.258 25.126 105.863 25.522 Z M 114.148 18.46 L 107.964 18.46 L 108.677 19.174 C 109.073 19.569 109.073 20.21 108.677 20.605 C 108.48 20.803 108.22 20.901 107.961 20.901 C 107.702 20.901 107.442 20.802 107.246 20.605 L 104.808 18.165 C 104.713 18.072 104.64 17.959 104.587 17.835 C 104.485 17.588 104.485 17.309 104.587 17.062 C 104.64 16.937 104.713 16.825 104.808 16.732 L 107.284 14.255 C 107.68 13.86 108.32 13.86 108.715 14.255 C 109.11 14.65 109.11 15.291 108.715 15.686 L 107.964 16.437 L 114.149 16.437 C 114.708 16.437 115.161 16.89 115.161 17.449 C 115.16 18.008 114.707 18.46 114.148 18.46 Z" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 80.533 36.476 A 3.247 3.247 0 1 0 80.53299837650013 36.47924699945883 Z" opacity="0.5" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 9.278 35.006 L 20.39 35.006 L 20.39 24 L 9.278 24 L 9.278 35.006 Z M 10.929 25.567 L 18.819 25.567 L 18.819 31.173 L 16.536 31.173 L 16.536 33.456 L 13.213 33.456 L 13.213 31.173 L 10.93 31.173 L 10.929 25.567 L 10.929 25.567 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 24.253 35.015 L 35.365 35.015 L 35.365 24.009 L 24.253 24.009 L 24.253 35.015 Z M 25.904 25.576 L 33.794 25.576 L 33.794 31.182 L 31.51 31.182 L 31.51 33.465 L 28.187 33.465 L 28.187 31.182 L 25.904 31.182 L 25.904 25.576 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 50.3 24.009 L 39.188 24.009 L 39.188 35.014 L 50.3 35.014 L 50.3 24.009 Z M 48.729 31.173 L 46.446 31.173 L 46.446 33.456 L 43.123 33.456 L 43.123 31.173 L 40.84 31.173 L 40.84 25.567 L 48.73 25.567 L 48.729 31.173 L 48.729 31.173 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 54.123 35.023 L 65.234 35.023 L 65.234 24.018 L 54.123 24.018 L 54.123 35.023 Z M 55.774 25.567 L 63.664 25.567 L 63.664 31.173 L 61.38 31.173 L 61.38 33.456 L 58.057 33.456 L 58.057 31.173 L 55.774 31.173 L 55.774 25.567 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 9.278 49.95 L 20.39 49.95 L 20.39 38.944 L 9.278 38.944 L 9.278 49.95 Z M 10.929 40.502 L 18.819 40.502 L 18.819 46.108 L 16.536 46.108 L 16.536 48.391 L 13.213 48.391 L 13.213 46.108 L 10.93 46.108 L 10.929 40.502 L 10.929 40.502 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 24.253 49.958 L 35.365 49.958 L 35.365 38.953 L 24.253 38.953 L 24.253 49.958 Z M 25.904 40.52 L 33.794 40.52 L 33.794 46.126 L 31.51 46.126 L 31.51 48.408 L 28.187 48.408 L 28.187 46.126 L 25.904 46.126 L 25.904 40.52 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 39.228 49.966 L 50.34 49.966 L 50.34 38.962 L 39.228 38.962 L 39.228 49.966 Z M 40.839 40.511 L 48.729 40.511 L 48.729 46.117 L 46.446 46.117 L 46.446 48.4 L 43.123 48.4 L 43.123 46.117 L 40.84 46.117 L 40.839 40.511 L 40.839 40.511 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 54.123 49.966 L 65.234 49.966 L 65.234 38.962 L 54.123 38.962 L 54.123 49.966 Z M 55.774 40.511 L 63.664 40.511 L 63.664 46.117 L 61.38 46.117 L 61.38 48.4 L 58.057 48.4 L 58.057 46.117 L 55.774 46.117 L 55.774 40.511 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 11.504 57.898 L 92.919 57.898 Q 92.919 57.898 92.919 57.898 L 92.919 62.69 Q 92.919 62.69 92.919 62.69 L 11.504 62.69 Q 11.504 62.69 11.504 62.69 L 11.504 57.898 Q 11.504 57.898 11.504 57.898 Z" opacity="0.7" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 85.525 18.936 L 5.082 18.936 C 4.255 18.936 3.582 19.609 3.582 20.436 L 3.582 53.397 C 3.582 54.224 4.255 54.897 5.082 54.897 L 11.504 54.897 L 92.919 54.897 L 99.082 54.897 C 99.909 54.897 100.582 54.224 100.582 53.397 L 100.582 34.526 C 92.561 33.543 86.232 27.039 85.525 18.936 Z M 20.389 49.95 L 9.278 49.95 L 9.278 38.944 L 20.39 38.944 L 20.389 49.95 L 20.389 49.95 Z M 20.389 35.006 L 9.278 35.006 L 9.278 24 L 20.39 24 L 20.389 35.006 L 20.389 35.006 Z M 35.365 49.958 L 24.253 49.958 L 24.253 38.953 L 35.365 38.953 L 35.365 49.958 Z M 35.365 35.015 L 24.253 35.015 L 24.253 24.009 L 35.365 24.009 L 35.365 35.015 Z M 39.188 24.009 L 50.3 24.009 L 50.3 35.014 L 39.188 35.014 L 39.188 24.009 Z M 50.34 49.966 L 39.228 49.966 L 39.228 38.962 L 50.34 38.962 L 50.34 49.966 Z M 65.234 49.966 L 54.123 49.966 L 54.123 38.962 L 65.234 38.962 L 65.234 49.966 Z M 65.234 35.023 L 54.123 35.023 L 54.123 24.018 L 65.234 24.018 L 65.234 35.023 Z M 77.286 39.723 C 75.493 39.723 74.039 38.269 74.039 36.476 C 74.039 34.683 75.493 33.229 77.286 33.229 C 79.079 33.229 80.533 34.683 80.533 36.476 C 80.533 38.269 79.08 39.723 77.286 39.723 Z M 89.541 39.723 C 87.748 39.723 86.294 38.269 86.294 36.476 C 86.294 34.683 87.748 33.229 89.541 33.229 C 91.334 33.229 92.788 34.683 92.788 36.476 C 92.787 38.269 91.334 39.723 89.541 39.723 Z" opacity="0.93" stroke-opacity="0" stroke-miterlimit="10"/></g></g></g></g></g><g transform="matrix(1,0,0,1,222,79)"><g transform="translate(20,28) matrix(1,0,0,1,0,0) translate(-20,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="102" height="28" fill-opacity="0"/></g></g><g transform="translate(20,28) matrix(1,0,0,1,0,0) translate(-20,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="102" height="14" fill-opacity="0"/></g></g><g transform="translate(20,28) matrix(1,0,0,1,0,0) translate(-20,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="9" y="0" width="84" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="9" y="12">Network</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="12">Router</text></g><g transform="translate(20,28) matrix(1,0,0,1,0,0) translate(-20,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="102" height="14" fill-opacity="0"/></g></g><g transform="translate(20,28) matrix(1,0,0,1,0,0) translate(-20,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="11" y="14" width="82" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="11" y="26">192</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="31" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="34" y="26">168</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="54" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="58" y="26">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="26">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="74" y="26">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="78" y="26">24</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,22.803646598905374,21.51999694824218)"><g><g transform="translate(0,0) scale(0.9127109745695561,0.9)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,27.38636363636374,108.14285409109937)"><g><g transform="translate(0,0) scale(3.742857142857143,2.8181818181818183)"><g><g><g><path fill="#929292" stroke="rgb(0,0,0)" d="M 58.97 19.094 C 58.977 18.895 59 18.7 59 18.5 C 59 8.283 50.717 0 40.5 0 C 33.11 0 26.751 4.344 23.787 10.607 C 22.275 9.593 20.458 9 18.5 9 C 13.5 9 9.41 12.866 9.037 17.771 C 3.778 19.616 0 24.61 0 30.5 C 0 37.787 5.778 43.71 13 43.975 L 13 44 L 58 44 L 58 43.975 C 64.671 43.71 70 38.235 70 31.5 C 70 25.095 65.18 19.822 58.97 19.094 Z M 58 41.975 L 58 42 L 13 42 L 13 41.975 C 6.883 41.711 2 36.683 2 30.5 C 2 24.994 5.872 20.398 11.039 19.271 C 11.013 19.017 11 18.76 11 18.5 C 11 14.357 14.358 11 18.5 11 C 21.017 11 23.239 12.244 24.6 14.146 C 26.512 7.15 32.897 2 40.5 2 C 49.613 2 57 9.388 57 18.5 C 57 19.353 56.914 20.183 56.79 21 L 58 21 L 58 21.025 C 63.565 21.288 68 25.87 68 31.5 C 68 37.13 63.565 41.712 58 41.975 Z" stroke-opacity="0" stroke-miterlimit="10"/></g></g></g></g></g></g></g></svg>
\ No newline at end of file
diff --git a/experimental/images/macvlan-bridge-ipvlan-l2.gliffy b/experimental/images/macvlan-bridge-ipvlan-l2.gliffy
new file mode 100644
index 00000000..eceec778
--- /dev/null
+++ b/experimental/images/macvlan-bridge-ipvlan-l2.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#FFFFFF","width":541,"height":352,"nodeIndex":290,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":{"uid":"com.gliffy.theme.beach_day","name":"Beach Day","shape":{"primary":{"strokeWidth":2,"strokeColor":"#00A4DA","fillColor":"#AEE4F4","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#004257"}},"secondary":{"strokeWidth":2,"strokeColor":"#CDB25E","fillColor":"#EACF81","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#332D1A"}},"tertiary":{"strokeWidth":2,"strokeColor":"#FFBE00","fillColor":"#FFF1CB","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#000000"}},"highlight":{"strokeWidth":2,"strokeColor":"#00A4DA","fillColor":"#00A4DA","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#ffffff"}}},"line":{"strokeWidth":2,"strokeColor":"#00A4DA","fillColor":"none","arrowType":2,"interpolationType":"quadratic","cornerRadius":0,"text":{"color":"#002248"}},"text":{"color":"#002248"},"stage":{"color":"#FFFFFF"}},"viewportType":"default","fitBB":{"min":{"x":2,"y":6.5},"max":{"x":541,"y":334.5}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":2.0,"y":6.5,"rotation":0.0,"id":288,"width":541.0,"height":22.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":31,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:20px;font-weight:bold;\">Macvlan Bridge Mode &amp; Ipvlan L2 Mode</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":8.0,"y":177.0,"rotation":0.0,"id":234,"width":252.0,"height":129.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":0,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#434343","fillColor":"#c5e4fc","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.93,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":16.0,"y":240.0,"rotation":0.0,"id":225,"width":111.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":1,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.73,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.2199999999999993,"y":0.0,"rotation":0.0,"id":235,"width":106.56,"height":45.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:13px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Container #1</span></span></p><p style=\"text-align:center;\"><span style=\"font-size:13px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">eth0</span></span></p><p style=\"text-align:center;\"><span style=\"font-size:13px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">172.16.1.10/24</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":138.0,"y":240.0,"rotation":0.0,"id":237,"width":111.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":4,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.73,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.2199999999999993,"y":0.0,"rotation":0.0,"id":238,"width":106.56,"height":44.0,"uid":null,"order":6,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">Container #2</span></p><p style=\"text-align:center;\"><span style=\"font-size:13px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">eth0 172.16.1.11/24</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":40.0,"y":-26.067047119140625,"rotation":0.0,"id":258,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":7,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":237,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":241,"py":1.0,"px":0.7071067811865476}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[153.5,266.0670471191406],[117.36753236814712,224.06704711914062]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":50.0,"y":-16.067047119140625,"rotation":0.0,"id":259,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":8,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":225,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":241,"py":0.9999999999999996,"px":0.29289321881345254}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[21.5,256.0670471191406],[62.632467631852876,214.0670471191406]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":60.0,"y":-6.067047119140625,"rotation":0.0,"id":260,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":9,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":241,"py":0.5,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":246,"py":0.5,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[75.0,180.06704711914062],[215.32345076546227,90.06897143333742]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":3.0,"y":184.5,"rotation":0.0,"id":261,"width":79.0,"height":32.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":10,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:14px;font-family:Arial;\">Docker </span></p><p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"font-size:14px;\">Host #1</span><span style=\"text-decoration:none;\"><br /></span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":283.0,"y":177.0,"rotation":0.0,"id":276,"width":252.0,"height":129.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":11,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#434343","fillColor":"#c5e4fc","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.93,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":291.0,"y":240.0,"rotation":0.0,"id":274,"width":111.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":12,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.73,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.2199999999999993,"y":0.0,"rotation":0.0,"id":275,"width":106.56,"height":45.0,"uid":null,"order":14,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:13px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Container #3</span></span></p><p style=\"text-align:center;\"><span style=\"font-size:13px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">eth0</span></span></p><p style=\"text-align:center;\"><span style=\"font-size:13px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">172.16.1.12/24</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":413.0,"y":240.0,"rotation":0.0,"id":272,"width":111.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":15,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.73,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.2199999999999993,"y":0.0,"rotation":0.0,"id":273,"width":106.56,"height":44.0,"uid":null,"order":17,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">Container #4</span></p><p style=\"text-align:center;\"><span style=\"font-size:13px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">eth0 <span style=\"\">172.16.1.13/24</span></span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":315.0,"y":-26.067047119140625,"rotation":0.0,"id":269,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":18,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":272,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":270,"py":1.0,"px":0.7071067811865476}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[153.5,266.0670471191406],[117.36753236814712,224.06704711914062]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":325.0,"y":-16.067047119140625,"rotation":0.0,"id":268,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":19,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":274,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":270,"py":0.9999999999999996,"px":0.29289321881345254}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[21.5,256.0670471191406],[62.632467631852876,214.0670471191406]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":278.0,"y":184.5,"rotation":0.0,"id":267,"width":79.0,"height":32.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":20,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:14px;font-family:Arial;\">Docker </span></p><p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\"><span style=\"font-size:14px;\">Host #2</span><span style=\"text-decoration:none;\"><br /></span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":70.0,"y":3.932952880859375,"rotation":0.0,"id":278,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":21,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":270,"py":0.5,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":246,"py":0.5,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[340.0,170.06704711914062],[205.32345076546227,80.06897143333742]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":167.32131882292583,"y":39.0019243141968,"rotation":0.0,"id":246,"width":216.0042638850729,"height":90.0,"uid":"com.gliffy.shape.cisco.cisco_v1.storage.cloud","order":22,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.storage.cloud","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#434343","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":356.0,"y":150.0,"rotation":0.0,"id":270,"width":108.0,"height":48.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":23,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#cccccc","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":1.8620689655172418,"y":0.0,"rotation":0.0,"id":271,"width":104.27586206896557,"height":42.0,"uid":null,"order":25,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\"><span style=\"font-style:italic;\">(Host)</span><span style=\"font-weight:bold;\"><span style=\"\"> eth0</span></span><br /></span></span></p><p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">172.16.1.253/24</span></span></p><p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">(IP Optional)</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":81.0,"y":150.0,"rotation":0.0,"id":241,"width":108.0,"height":48.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":26,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#cccccc","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":1.8620689655172415,"y":0.0,"rotation":0.0,"id":242,"width":104.27586206896555,"height":42.0,"uid":null,"order":28,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\"><span style=\"\"><span style=\"font-style:italic;\">(Host)</span></span><span style=\"font-weight:bold;\"> eth0</span><br /></span></span></p><p style=\"text-align:center;\"><span style=\"font-size:12px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">172.16.1.254/24</span></span></p><p style=\"text-align:center;\"><span style=\"font-size:12px;font-style:italic;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">(IP Optional)</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":224.0,"y":64.19999694824219,"rotation":0.0,"id":262,"width":120.00000000000001,"height":32.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":29,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:14px;\">Network Gateway</span></p><p style=\"text-align:center;\"><span style=\"font-size:14px;\"><span style=\"\">172.16.1.1</span><span style=\"\">/24</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":307.5,"rotation":0.0,"id":282,"width":541.0,"height":36.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":30,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:16px;font-style:italic;\">Containers Attached Directly to Parent Interface. No Bridge Used (Docker0)</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":32}],"shapeStyles":{},"lineStyles":{"global":{"fill":"none","stroke":"#000000","strokeWidth":1,"orthoMode":2}},"textStyles":{"global":{"italic":true,"face":"Arial","size":"20px","color":"#000000","bold":false}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.basic.basic_v1.default","com.gliffy.libraries.flowchart.flowchart_v1.default","com.gliffy.libraries.swimlanes.swimlanes_v1.default","com.gliffy.libraries.images","com.gliffy.libraries.network.network_v4.home","com.gliffy.libraries.network.network_v4.business","com.gliffy.libraries.network.network_v4.rack","com.gliffy.libraries.network.network_v3.home","com.gliffy.libraries.network.network_v3.business","com.gliffy.libraries.network.network_v3.rack"],"lastSerialized":1458124258706,"analyticsProduct":"Confluence"},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/experimental/images/macvlan-bridge-ipvlan-l2.png b/experimental/images/macvlan-bridge-ipvlan-l2.png
new file mode 100644
index 0000000000000000000000000000000000000000..13aa4f212d9db346f307dfbe111fd657406bb943
GIT binary patch
literal 14527
zcmZ8|1yEek(&pf9gS!px9wfL7?(XjHfe_r?o!}4%?(Xgc5AMNT154iS`)haSR-Kye
z`MUe-K7G$Qb?Z)ql7bWpA^{=*06>uji>m+tkZb?|gb6&<hlW+m8}dU@s3fN*@&5j<
zq@*OLpcGqBXWxFWU%oTC|2i=-VNrLgW913~5Rm=80{|##mG5Xpg}%REvj6~zlNSvQ
z4P)2uLIA+U`@3fDf`0kR^Yb$o2yk+83IG`D6|^V-03FNcLxY3EdrykRI|V(HlvFfX
zHGOCX4fC10$v@iilmM*$!?t#|6BGRkib^3NAzyucQd3iE#(wvXPsGH<wjTUFIyis;
zNC5!fIKmfO<_^kx=bzRq^^*&cQPFSbGcf@G2DdH%Q{?;O!uIQXPj}D4uZ4*0N<9Ez
za;Q`^d{8suo142^X#Z(dO|_Z1X<qZ_`*G*!`WQes>FFcu<jJxhrMkuIzt>iA2}u9|
zCuqei$M4-5nwr`%i3Np4vgR^5xmi?p#UH=*mV3XyA4*G0x3#x92gWff1cLwoYwwVe
zXz=#-mVViE$?s==*J21!?}^c7DO)2a0KlX5gh}1OzpT$YG814}Y}0%tmN+Aryb)z3
zsT@@gAoG`$lpO2IFpREFRt13lD?iI9=-GG+2moqFC%hy9I;nj{27uocPT1D10075u
zO@yRFl7errMnFEDh#5#PPuh?-x?z&dII=d^&poRym>Ga5A8o_}h!g_|nSE(VHt%mQ
zPqw6czuO|90az5wa0^O8kUNShYVM8{SpWbzzUn>s&g!NPQdUl24Wmw9x|Dc7tCD5i
z`~h`8htZ7%KLEg;77+f;xPQ6_tOjVPO#d7)KeD-x!mCj40<f;x*HaN48J<f>sbB>#
zBGK_J+`o&7iG6fe=KSsD<t2d4T1nqBM3<(*U-D`^$v|IUOolcvxv<og{jf9m{qF{V
zM!kRQ?*8r;0H8N<@q53UNbTOFXJs#ovh=E6e}8{+lx5-M;k(-C-`hf+0|2;|q{T(l
zybMmKc~C=yktJqV-m9n~h2UHa5W^vr$r8ka&dX2x6sLD6J~;gQkX;Kn!>W0j8+4tQ
zhH*-^spHNug`oyE=L)?pv{pax=*n0-F0Ov#MtGq;M)d`C_0|)mHCU--2WMp&h)U&P
zcQv?6T)kMcBJ6c$fMY%x)hr|An5WbgL#Op*Pvno^B*6%cGQulpIp?=Ppr)&ez$$6D
z*}MDmX)#sm4Bby&%JvaxP;wzHM8DFF^FHjHwaXuDtd)8S?sxf2d3U>RT&%lJ$$CKm
zXh*C8HSbv=U%Mg`XBgyBD%Rl}U!)etqPnI`2p{fA6T+dIgA+kT$S=YKz6gfU{%qvb
z7e`jpjWyGn%7K-x9`5=yt$bko+n7@#7IU)OAp}+uF5#D0@BlvI_$(!08p3V=l>$Z3
zlwFz4CPzXyYS1KhRVa3_pd_SxNF|)OT`e>lX_!!Pr15$;eD}>yYE?otTcpveS87|&
ztkT$vjWL34w}3#Tgw7O^gpwUU2|(|iPy<+_ncLzhsmGAV&thM_)Q|PylCK^T0QjcK
zo)J4y05vSxJZF_EhzlM^A^oT4R?8<G6M^_$aXZXP8N32kW;%91A?(u_r^r}lT*Iq8
z?tJd=7Du=h09)L5Xv{1n#k3IV&rn*<zl-2`;{Dp-jHa&86GqdELLLfzO;-I9U~|~?
z5=jB<tJeAoKpd^Ak~DuFVi6hbI;ZmED)Yfv1vtdox95TlDb3im5cVP`SlKVmO>Dmr
zwcQDogw_q@WZCF0mOTbPNpjBRXO@O@nrbl<A+ZraSol(+aGTP1_RQ>2Vm<J#!q+^n
z3d{y$J`4)_&jY2h37}6yL-HjN+W(%AJr*e`xaU6NlxZ>8jTFDVV77`yjlsDjtincO
zM(x$`)?EVqN$)d!m{}ZTC)2AeEw+vI>c6fF??;Ax1Z*Js`7TrxV1fJvHlbX1<ZVE^
zvzh-eT)YS)pMC+&$w?+4FS1UqG+z?8PH#Yrg#-5Dnm#EvIaIo4+I-3gQrLh=rbp9S
z@Z@GPVOI7pWeUdk{{4Nb@n0l>Hp{=wWxaUkp%r;hrW+LO`2E=(bg%#N+RzoYBK2xv
zWVjjX{L3{G28PiMMhX<0`Xnn1r`@t})K`Pv)@qv4v=R5^9oiqikp-o-UU|L*Ja?lK
z^~t|nwjE>6J~DcyXdjyY;MzpznqdRM$Q^AYD;i&eSwO;!ow^Zq%U0@9iokAYuN1=0
zgjyk@V*PUkjr8X{l@-*_=Ov5&jCwY{A}H~ahq|QDLtcg)p;~3h3no~JY%&`*vC&7^
z>eEyEgAH<kPsM^TYU*-BztuiG7vUG8)j~k-5?c4*t0v~qaZpQhd6|vxaD>MBKM!|f
zS^386lj~YFezTObA2o}<E#KfZ0CP8~4&~k7$;-*<IRs94x#}CpjRUpA3;BO<M`~C`
zr+v(UoAh&{0^U0~Xc8|gQ!tu;0uM2*1oX$W2O;+$hzkLj#nhl<JA{m3+(gmCglh_%
zlYXs?d(sF-vsOMJFyznpGs-2!Z3BS@!$ol9<juyE<RU}QVM>(5mchyM-Ly|toT6%F
z7)_9n2@5gyTM>li#2#N+?(o9x8uvAM9D;G%>ym)K>fPrXn@mRJ#**k+lXkp*hum|c
zq-1Zrm(C;xkw(JwzZP&ka;|2lw+qcoTme=rp;XgC*aTN#3s+cEC11-J3o1v9<G?^W
z(Xazj>za4Xx~HF`t_^?MsU8C-VhCW<=qT-s%dTMDFKtR?Shvc)nrj6n%d3#Y_z&7J
zrn*Ns22|<_(Wc?fCoX+yTbklb3JVSk{~bMgl-KmFC;*#;@%qQDYeOJCLe=MOv&Hw+
zO<(DH8U2Dk^4Basq;cIAD+E;=;f42~rYU3FLb!|Erq<KO%5xNcdv#1IhVsxa6*48L
zdjhtGILMJ%LW^JPB6s$m3GB|~*bi1I{7+)T!Y4Q+-zQ!qpV53gZ`YcfVF9m6u*t&c
zj1hL&(Diaq!L7u`i7;YjIS^2_gXSTk%;AO3NbrGZ7(5f=Srk5ak?wtSX`IX&-^JG4
zS2Uo%j<DKU`|lUyv41a%GoDG--A&Cs9FTuYzM>sXR$WU_m&VGuc)+^xQrq)=I)A(>
z3eq>1S5EZYn<s4&`uT7&?R#bTgzt~dcN0UX=iu=2sDbq@DNXSUwNSg@=gr4!&Tl^*
zFUlUet>b3qc&FEHe!-=MDnrX#aNvg?bf)@<WjC1Ptv;-I#XhcNiG683I)1u|x3-E=
zozr3sL>Gl85B?bP<6YHD_N=&cfdll0*f672)(R19dd$J@@N{w_z&pMbh5kL5@`Ex&
zq&SW}KA<5D|7<)1kw7ZCF3_b&b?Vo#7D!g(=aw2`run#=*WBbN><XC|V<BvRv4YN@
zHd^cG@xDdhAUdtOk*p&5W_27A+>sO)(Bc-=a0u}hBb$_t3wwW`DS%BKn1z*%{>8}Z
zL^-J*dwD-znMzHcwswYp;Xpdcs)spLD?%v%r%!Wm!3~J%y9`r<BjxA;8f|J24N*oJ
zv?SlT0h#d4kcR5fBxI}6{$kWE;L*mW_WKzvTxA*sv7%>y3lbe=yhWi&noL(O{~pRZ
zhF-BaAUy|z^c;yWqTyz(=2#Mc0q>nyb_n^oYH%fyF}#B$-F>b^teXvT)0d6kkIl7z
zQ=IXU)dXF)oEt1lrWK3f;E~veRry023<DeME}L5OcAHP0s)a`!{xjnwNO&+zYKvZs
zh?=Pjd$eSzFI>3TD7pUIQMkKk268myK!minxp;_<Fl|K0FLKL7@j%3A?qLu{Zjf8P
z5?MmqU|$)MIgkwnjH%)V+}0m~3{$YYrZ0lS=LOc1QzG-R%eTejn9cBMcR^=t&&4B%
zg5gxGLPzoA$?1vH&A>1w?wPwNBgq62c=52H1bC>GzD#Q>{GypZ?a<n$^9figfppXt
zVvDSxzTV6H=n~HqaXmb~y(BOUdug&ttO#>N*$R=IJf2|D>8XPCX4HG|$i585Vy$kj
zUPg%fSbO5#DUq8|zNayBaW7VF15SxZv&K*w+A#k{w8(fy)U>_#_1o@Auj^W&Une};
z!^!7CPCY#K0Ror^@yBz@1Feq3mD}7}P^iKOFdu5vpq6F2Z#Bit=d8$Z`euV38G8rO
zB&WfNKOFBuhr`6eZ{NF{ZqA;<;Qf)La@{W<e%_H$Fg&hL?egud`S%r+)Ba}lQ0+W&
z%9GGU-!I(Uhtg^5Zq0+trS#*YO`FcYG8jhNo)XJ?DM}>*9qQfT7^7`OhJW}>P`~cZ
z@Aq?>q)ssj-FYN)y!}~!-kvXw;uyXs3MKs5u$hG1m-zLw?*(o`Qm(S*-J+QMkN4Jg
z6;Hd1JBg|2SF7D)zDmEt{alPVl1Q!U=7!5sAuK9pu3&{O8%QegU0`;e=}Zw*tcuQK
zl*FhPZvLrri8@W>1H{>pXNY6T@o_2e=8Q~!I2tu175a>nKu5raW~Tk-<nbql&A&n_
zs=@GuK>FR|1mS`}&asn<@r2JsIP(WHGM-CCu+3#EB7cL+5tY`ZAC|;K@PjgQ^CrJS
zoSZig&6L68RPw{CZ-?UHBgAtxF`Dskz;p21CwWf^(x7qD@U#L(@t4Nxgj>hvbDw9k
zt3Q+;dfN^3`G1g+vFLwE2QT@C-=ed<<Zj#uu4mtuCfcoS7D!F$eS3OM!nC{~$&ja@
z-Y`3JOhb+33M)_*mcPg!-Me__{l*@fe$SQocBau%{~C9~(pyM-y|uJUo+a)ETV_B}
z(#Xq{W8IVd_%xQU3b-L54(~WLDrmK~VlWwURFGIhgj~OI<|Q%4xsRTlPdI{&Nmrfe
zlAP;aC+M7!YN&1B5AueBh1CYBm~S(PBQuI)xSG5!)@#PjcJfa9IXbNJf8us!+?c#t
ztQW!)Vqc5IYx}%=Ws!L0ckb&%z9IA|zdvnI|54GJjqY_sTg_v8-)3@C7gn;72q@}c
zl1U=l^E-SLZq+b>i+abt)eg^w7Ps@X*{}DCI9dEmxnBdP?5w=jgEL$wSKvEO?o+=B
zAu-?zTrBEeJhd2}5X_u+Z^)DiK6uoSR3ioj=sln8YafL*F2>HC{uYyJ79u`EIP<&e
z6`zxVV?9zZ_D562P*iO}qr8B)=!DgeJn`m3Mvj%H!uzVap&K>BWMMSDnb5@_=F9ig
zXe8{!h78pn3x>z|{vI#MP{epUyBej~V@|07?X~qOiZGKRjrdTPIE=(W@XENha4pF4
z;5*zkK$WHn@-RQ|+-rFI2QL4H9+Yc!J%Z6{l-`Lz!__pVRA15BgkdZe+(Vbr^E)of
zX0dK&SY)66l>%;Q$HT#tZ<{Bhb-`WMe7z+ziQeg_WX|EWqwZuk-F6Ip^JEv~#OK$n
z&Of6syLejdEuP3#uXY$)Q@OQMCH&*2te)CT)M0!+LukO&^`p@=1stEB_#-plM$TQg
zcY1eJTr<{l?u{B)rf8(+UpF2ee5yT3R+n#*g6dD!6;9um24)Q?LJ8Fn(6FBcZ}jow
zhEs)_aHuQS@2l*sGA}zWHt!U0lEesoHXiTw+Sf8X6>tuHBJr}iexg64;e+~ag-l91
zY|rjCS*AZ@vBB+dsp^VPWSn$cc}9_%Jz%l<`5EOwNkTB`eE^SyJj{+e9{&6uDnZ~A
z%D9hp#9&k1*!F1tdf`<IRig??4w{A__?2eGnd~Qptj`Juu$*Ffzt}EOw1WP<!amGM
zMAy{*v(r|)F%He|3}G2x0t8k5Sg;plY|>3>as2E$d3<3Yn<$uFObQLoyccw((!rC9
zYeaSDtk!>Zm_wn!lsf#f$`*oV?BsMVi}*D<UCeoQA4{BCz~%z)ua$5+f`VT7()f(&
zPcdnZn9L$w-w5L0`t?7kk3iI6{;*H*CA~eDl}~Tn_O3G=&1}&*oAIPG@#SZ+UqI#z
z{;=<#Q-XOsMvLSEMZ^#lX;qVLxW*6IbIn{BkqJy11+2&GwOPPFSiMG?*VrgUQ)fN%
zds)dej5$B{nep5FE~p|)znu}ZJ7O~O8-}Hcd_huSg~jgjb<%T7YjnaHP``!1-d8+=
zf%x$FGiy2QP<U++MNPasGO7&S=gjR^WV9dgkQ3~@G!>-9)_AODWr@>A&1j1%`d`A(
zs0rEAdW(%IiXg0?EGB5<iFGn<xe{2Cv>N*?tcR*z;&JvOLELo7%Tf}W@Ybq7Kz%Rq
z6nkUtzzR)UX1h`NaO7jeGrov$#v-IAnB0bRQIUX2`0{Gwog!&=c7_y;QuU<I6mkYw
zMLPLK^pQIB|4t#3l1V|yHB_~1CO#Ns-4t1S7?7xQJtMrpU3@$`FdaN^9dDNm1$B}^
z3nw(TBs$`;l3G&m4+ri)-Y$7ZiG}ox{_|uQbiokYL@=wqY0jMd_-ILgc_i^vI6L(Y
zkcb+}AR^LHk%MJarKgbHKBt4wW|?p$i4pO){aVQ@jEBiHltd=O{7lbaS0D{ljc&=8
z*vBi>!-7!Ma+P9i0)hk)ZK+qvNG=QPW?#5)*a1&e&L2}m$S6=*ltishAM!VI?EpdD
zywb>>t45Z2STvPvvBq^@y>_qPLM>lG$1Q)z=~BH$?j={S3{dmK_k9>;)L%{{TUDPa
zE45wz^Ur#>q$P>ggIiADPbU12Kd8c;L%!=RG6<T%ny8l>bg{4s+Kn^8Q?HEtswg1)
zcd|>y>)-E_XP#=c8J%U6Mz3hgppg$K7FNBVL*7C3ZLPGG(L78oB3e=SoW~I)9C!J}
z=->~^wYhKN1m7HTUJPfDs5-T|sAGBiV0lU==$dyfsppC(Yt4*mlB{^~$I2bqo?c2h
z7Uy^>Ozjw)MUGvGG3>2KX)$l~kH`2CgG>>@pDPPgK_P+&UkAC=s8#6Mer(h0wH!Cr
zXIs=*Xl|3i;LCGp)sL?*BhihRWcFsRo2k?jVq|mAS;N|TNUNI_&B=Ymnn&JH;jx-z
z4rVsW6wwp8XtM~jh7F0H(XJ<4;N+m^U@ZC-cy04xxXx)x7%#ZTVPZMykUT$O^K1=U
z`!h2KO}~dT=oL{PR?OA|zsK65?L!@!%(97#Pg)mX9?Ut9yhG&INaWTnLpqPl9JHc6
zi8_z$=O(}O=?J0(|Mf@*mvz!;a%!6_D>=UuUk}!`TVO^1AI3zVf64vdmz|x=oRnXu
z9;%rlRn+Q1u=vrEN-3PU+yUK*(JI03^_FnCF=oz0J%ih_OeWAje;9v(zR1jM``$Ba
z^JzWMh09%K_V*oG%mQuOdeLX#u-sW9^`r#mcpU;!xQ^1&e4cJZeLghq{aecTN%ZM2
zul|C=+zHK{r@seq7ySZB(zH!28AGO2ovnCCOz;L<FraI5u7>YBwS~;V8c;x%i0CI*
zAIx_N?q-;{IEV-{?MRVi?C?G}Uk?*mh=?@tE?;65a`46D4_8Doa~rRC<Ep<gYs1g}
zSmr&d2=gM!PKe(c`H17aq|IbqAOah9bp*3_<#f?_vT2x{cY(6v?5JqhJ_lS2;+|@9
zm-jqm33Q4}Fj>+Q_+WYG^dy2hDRGv7A*swCIzA1X;dlV0jQk+;#o~)8RkzCo)X2~5
zT9#uaH)daTwGqG_phR;`H%P-NoLRzGtf)bX(n^vzjgcOfm*bN1<om+Pes2{sgZY;V
z=Gi#90!<FL)j}eM2(MqbkrZB-IPu`5WBmZs3QK>?o58bbj^z3><X@gnF1Y4VUyiZ3
z72^;q`DxdroMK4(KeG=AEbD6~ANvo;Qm8w8RoFURb$y|`aFK;;Ul!TX{L(#9eaWJg
z=7pSf_;%tWwymLz_0E$65iuaJO?2&ZubM0POh(F0uilZhRx5|%O%HXXO5WL`=G$|V
z?Y`qDU?aREOTjiB6UyDqrS%v6OoUT6lj**cyRNw3!#5}iqNPZ)TSATr<7szddld8C
z`1{Lc5fl(2;?*)bV51h*Y!jy^HvGIxyns`On{l;GhXDYv#X$Knl6n-=A4Hz#j}`}v
ze@q-1@6W|QS5X&Yq8CccxsUYgUM^mT0Bt4si*u9QqLD{(E&G3p>%oj4>6w27DAOwo
z02PHPSmM5cwh+L3+s1800uZBzH=G>8aRz8_t)s>*Ql841o0)|z?FY^lIyX1f54?!)
zSEJ0x?T$+%xe*ljKw>O&8jKsxwqyu`Q8O0@4_=9d+u5X@mOQk)pPc$!aUA`8mYX!)
zfOz=0Pe7i``NPIA%L4GKntifOVp6#Ga{b?`&a?aP(PQ{VC=Jft50aYd65m)4CqNYH
zFQO5WL}#Y!$2Y6}9Lk`W&49O5W}b+2IEJH(ORn}*XNA?3otDk+EOL&+T*7HBP8kTw
z-pKN+-If1XXoE%!lgRl$@Ka4JIr5DokH0Qv$K4*JXSsNCYj>0v*|}_$nkG!{?Wc~{
zK3FA!{bj<Zs*7l@4k0R*deW%X_5Z$fZ`_YLkUYpy=yj&+3lxxUIE!vrdi?b9q7EC_
zl8sE9OM1LneqRgXg5!O>j<yUvd{t?9c@R+UP<MTvsNzDK-iuETJH%sBd}jg8|2ddz
z{`Qwaatx5V1u?lEWMNzyIxx(4QZ78`6Q{5Ydy0nzfFb+i&lpb7-zrs#D=c$ZL{hxM
z#o8Hq#84LZ8xB&Ey;qy15Zyb190$bEtM(!cjX)iL$y)&hEr$ik*qby^46RG}3zGsJ
z1~U(KFEuby2cC2wuuK_payJuF45es6N*JL;6JcN&o`l*Z02Mv^E&)$P1hSw-4~_!N
z+Uv|hTyj!H4-2@T>S>H%h}{LbUu45)Q~FcN0!6<sx8uYqmBUw}&xMzev%^_STElBl
zD!Fo$K>nHgm4Iw#L(FB;$W#-{%?d5cv=Rz6?8jU=fJ2Qjy8M>%cca~=!gFPIR3H1L
z_^kb54*k6U;_t?~&xMb3BF{Vy^(UC_Hu+A07ek~*CfaMEeSsqsf%?c{zi*}SM#iYX
zuZ>ZStoiJKIJUXr!fGdZyCwhHAaTQ>)Xb!gZ(iZ`7WiuO%OV98e>)4(I^w*-HBT4t
znmyx>Mp>FLg03DLCGD4RQf*>-#a6}N@5wOq93=<zK!3>F7qkT2#B7<Fu>kI>yt>8#
zB!@iOF+roqrTO2_M4HX;ay4qd>c+!+N;+#$9|8QI2dF6)F2~<nJX?qs1g-}3FfQWd
z#0xYgSIt2r2dt@wQbDf?y>T*Q>qQ+6G+Wi5e$0g~XyMHq)YIIKnBwI!+uG~KC!al$
zks=8q28*I7c?28|K?bGtEl0&8EPigeE~7#&S`nNQ0NI>1hYu(TEN7K*g-vpg-lS>I
z8Fzw^YL5vOjr0mMOtY8Oeh<%kvWP778^aj(!bsne5r&3^r~X~@7Z?1NVTvI}_q`rP
zJs9~!`s?6@pNL_A6Wl%O@06BA6o=rbO~b%EjxmP}<g{=Z?Q~Ae2!gmlC4mWJJ(8Ol
zYo{eheobS#s_0L(+MiScqoXx;e@hI0jh5fVmXd3!Z%&~G*%`32nlOeB`+`=!Xhq;n
z&=&8(2L-!*YBE8y6b-TJy0yYil7^(FSDghGDd4E6;Kv3dx&kGmYdCEvfQ^hAb<&ER
zWtSoabBY_}`U3LALwL;f!d!K^?pns}?r%irbo?|}lKW4Ji|fO(n<mte2v7#^a*D`V
zC^2{y=KS$S@5UIr0JS?-q!g^E^hSpC$YToN0V#4!qXPm1@p3RWQSmDZ&c~B42Lj+%
z0SuBd6?&Y6J%^lWm-j_GCDGkH0U^ISp*<6M7scp+iiew|bf+VAqtv{QlJYzuQ&GR8
zlu3_G89NQ6$AK_Xl8Ne9H%V8)17(e^z^{`yx^d~B!ct6U1-e2|R^v@D>hCoqqR-|_
zr>cCM`X2a5baf8vb8~Gz+QCN>E2);k_?SB;s~qb@$rpC%z$rxBnRK(1_y<RK9Z$68
zg!ij8yHy?{p8v2C=nql-ab_1hWu@mJrX7!k#b*--Rlnf_P^<=@ZgCy`FkYNE>9n#A
zCz*VzEuc_Pbo|-eFjz5ZOh{_9V2=KMCPCnapii}m8g-Y^jJ7x}GxVx=?3b1o4E3I<
znrH>vhCjpkE(~-a-Iu}K>D8Je3s{jxJwyDN{0Y%Sbtz;XB+MXesZtt|rJAd~C*6Ho
z-NxKAMv0X0hy%-#Q}2DgA#u>N7wQZJ(s6j9-wDL+6ONCSH(B4sSRaB$I~?x1wts~)
zkGDi;{s#ee3-nW3LK_f-LvX8}d*pL?6#8Gvu5-Z>gI*$sWRITZq+c%QL?tw5aP0X0
z!<?Yg0MhD@_5dJDn?#>&BqKR}Q|Obd1fdhZ;duMAoFsV#^N!ekgs-vcabBzi##5iK
zL}9GCcTG!`Slc4pn{RVmw`r_p@kTEcU}j&x@??KYs$Je!sot|G#jD!Qfbg0S?KA#k
z$9<U9Lh*!+N1xZYm1Zy%o*5%f8i!0;>Go1HR*HKnb_xU6BQ|!jRH2zv!;kcbtwYw$
ze$+TSB-*0A3vR_+zu4<H>=qkTM6`5Cgc?Vu4jsKI-$#d0fxCO^MXy@cG1fxjuF4>m
z6!S<({3=7jvd@<j`?b!ON(wJT&L3+A{ZY*cfK@=Nso;54ZX@~+Q=y&BLAsZjvE1Qc
zqc{6s4;Xb8LL(Q5eOz;8rWLPug7N|i^(663u(UZEm=qRp5rVmYE}e9Nf;28J=TFja
z@s1gapGm<6g*>pfmrfbgf@r*_Vwqke#<R&`m%3rPWdfm66CcZ`KoqL5{v#5ar5&Jr
zSjO8mTtSfWp6GgZHE(z{nwn(JU4!#AN^oFf0jGr7^<NwUMa<TmsTh@oRq@<<`%Xi=
zdvnp$ji!3|uu)m$o*M;<C(Q<A;AyXz`qpqXOp8nC8sq0_IZj&Jrq-0vXwng7N-xPE
zvn|yLZ1>ardA%Vy0VjD~J6DDnd{S1ULdnZ$*wLO+JZ>1-Ix#p1Jr2he#-T!q!N3^$
zUJe2fRJsZJR%AeN9$%uSZZbx`7^72XtZY(SWFi%XQyIEIKN%Qsx)xwbs7wUsL^Q1v
zpi=nbP&y8NOudX>ROIJ!0ah(!D0s!ZSeMMS$qlLOCx=LL06gZbb0uRF1WW25G(}^>
zp5Y2t`;BSP(%bntPe-X95<RKm#m3SL4A?|rVkW)aw~`>^n^4`m!1}hsigEO&hgmK6
z&`Ro8_ubx4-3;UYhrLOaB`QTAP{ay-2@C1p*-g?;RoR#ByCwE8gs|GS7V_$ODB`DL
z+|;!3FLDB2iIJC!Qjoy5fu2D>A&ko&wOPyem{;z}XHV_JB=i>-zEv)FJRZ-R-56uW
z545gHmb)K_2oktDAcsALslbZZr-(B!J9t@+PBoSO@>7S13s?L&iWaLF*x!h7q_;4f
zJIbR{d$}b|Lc$xpp5+b?w!*wwz0_dZhAt!v+sW`?JeV4MkczII8dJQwj`eE3>2p4O
zpn{rLFnDQ6x3#Qj)$+Oo&EqZ<hzW~krc<%$BhcW%T=}Kz9<|B7;k=r$)pPw(;4zOF
zxWtkizG3^Z(nO4gmK&@&zzu<LMN(g-n`$8asdw-#7rnl^tv5!fnci08>wOw?2A(0@
zcA<P7hXv6`UJ4R+z=WAR-+-`IhUt*UKR0&RgKj^~i-5bwoKzl4ZK4SOKq!zOBvR8G
zrZJ-ff5}FlVb8xk#pO(Gdd4j=wSFGzIbkhH%U6;d4x*{GDMT6?0Uu$0AUkm5CNZ7s
zU0=5*lS@AxGOrt{9O4yX1fuSyYSO~>hkIXw+!OGU$IZk1gW1{6=SmEzf|TPGB;b|D
zF41;e6fMG{rgD#DzG@F!8KK=N(bAOvGdX;FN>2>FH9!az41IQb-um`tM077kN8F(Z
zL^MAVhzx$C2D*U`d}xuVE@^?!1A9MKLNRuHM?q`s2*5%xx&SAilY5#F$Nv_@`IKmp
zG(aC_f^4l8ULVp&BB3LNU|LKlzHLn*2a-J+0vd2Mg~+ASk#PR$K4I&OHx`1oN#faz
z`*$VoB;y;}k0$bu9nuB~mcwGn1P*+M6cfLGr=ea+f=B+E4^1K=nuXV%Mr;cl_Wbiv
z&d6YDw(po{zw6X55sMY#@iKd6lEf!Wn`;7kab*PJD0*o^4d8t3s+9=Hum8DTX3AhA
z_06{v%|{N9N{FW#${m&MQoIVOvkV(51eXC#0~LM=5@7u^C6|fz2Jj`kAb(dX_#i27
zGEv_#;O3JaQdc>gh$j(vn7?HF`{f&^J)W!y7D6suwU{C8hfj3S(C<4pMw~-}gYQZ^
zURcu65fH=!<xwR{kZ}|dpV|0C;k0Sd7(W6;2(f(*Mm>M|V~;sq2(F2!jgGl?^q5$N
z7RC!Nm?U>bV1RRqKu&_$8-rrXrZm|_MKv;~G$XEkc4xNA^ttN|8m?xZu!mjyVxc!}
zeEZo2C;h>CP4_3hH>32dNgKl`5N)ha8C6OTv|X=mWKjUgajgaXYZ3~Q6Y2@f^Wgd?
zo|&AZAJdrhG?%A-m_@j-8L$d?81^xCLAXzhm`b}v9Ruf)+QT|IyzF<a`aiW>_=5?y
z=N&=@r0yCij?ilEV0y>W(28Vxp_K_!2fGHC84)1GYU7z*pkc+#Wbs({D6E*B^RMaB
ze<QOr;9`T7$<y8#a`0pJ%KxN<_2x3Ug$6Hl@mCyfA6j~1cN+(jeEXFrK-n9su03EH
zUj{lj=3E#kh;@G6p>xKss0$w^QwC2&<!O~A<T}58**{^~RgL`sj?f%%wWBe2E$tu1
z9gcR>O)%_t`WD3vA^Z(eI<MlrGt|(?m7u@b{*}<@#O5;a*UEe?5@z)1O#7WQN?eew
zyR&PT`v~f^GpG?puyq}{QwTc>PFu(1Q6;bEh-g1RPhxnF(2%5k#Q-qljI=o>a_qYk
z<+tmM$tR|f`10+gfIs{}jaq$k*|Il21CKzP=t4;Ug1OtfC`aWe2brsB_3TbweLorr
ztC)1^ju>mN!AVKCR33|V`0*$Cf#=e&n1;ik&?eY{Iib4IR*48kTaZU(rD;c4C5ZZZ
zTZacIC&w&1!I3h+DER3s?c8J>|1zm)LEsn<9N=p+l9EWL{x$GL2vjN&Jtmfpg^_WC
zznrtLo9+v<vKK~5kPz`it%9G=$ypxMDWLu(Mf`0A!}o{BC_lxQ_m=yY^b~mSJcUc4
zw*)Jdb;1_>K9RiSWAjF}fAOzhsdyo&*1-zlqvjD$l2mL_54}2p43AD%9T0<@W)&#3
z#UGCezvUT<MoerC)_IB`g`aj&rLHT)pCQ)~pKiJBsUDwz&4a7zo-*zg80tgjoo4?y
z+)`uf1&uj3>+2p;$x+Au<?P^_R$af6u<TYO1)IL1&W<%<BLS27FITnr6ThEf-q3^h
zuJk6^dB4Z$+vG>|{RMutiUZ^LR*TQ|M2YOo;G1)^t(#LWOG0^E#41e8Q+dG>KHf{j
z(&ex6wRRV1VDqAchNU>gyAzRq;Ye{F)Gx+?^uT9PZ~EyKpFABJVY?1~m7Y`FONk%Z
zl~znQs~}Jk5XpLW=Abgc3Ayk`w#meW`fdtUx|CiqyMjK|F{<sSZK9F7RbKmmpzA%B
z{wi#vo4zewa2bw>!8{MlrSG0paNqRKi`_CEB$gv3l})i{pa#+EtuMxyrJoV?qH2gx
z#Fd_6mkmxV8s*S_MZZD@s%PIo3qaXatLN-fb_CzRW_PQ}Bfs}J!A$m2zZhxTn)->L
zsHp1|;{Iv~hBL$T_+mfdw%Pmi$=!fhu_{5$<d(8^wP)`Lb}?%2>@dp_LS=MV9vSib
zdk0r2#aFq9@9e|%yU2B;v;OK{vtfc6D(Q!X*&}JkT=|)Jx5g^YUpA<_0!==F_YvSC
zhZ%NyH3ZW}@8L-_3ecQ+0ChqO>wO{tMrX}@Oc_WrLO{O~2hb@^f>c~K-oqS}7Uk$U
z#EWGQ0p)gVzS0KVCqjoLM3#cwVLwe_&*K)I;XSmQjIjz3wE*OOr~?$4bIkI>JZk$b
z6je`e(bCX7P|~cg2yDo@F8}K%dYBogh?({;m>I$d&Q?;i>DP!Ubtu}faaLPUh{@lo
zO~FNJiQi&XH7p@CJ1F{6jB|fsew*aSCe+XbNO1tqd6+?Hd3f?cS<%`nO>aNJawh-x
z6`ORk;Roh>l!i&FrC&=GDPUpi7&OdcwROM+!wFRzu`8Ibv4d}^hZxA;2rt>O640n%
zlAQm8q+_d$nbvu=Hj4SWs)51*^Itv9hhE6`%CcgQ>a3(q|G$oD*g9eqNpmV|yLAv2
z*)E1Ec4w>YbYUZM2QIk<ecb9wbOX3$^+O1aJI0#K<Bz0~9e0tatAXB$4*!n_-Phk{
z4xVe)!m7Py+5dx_$9Zq4{TAq}Qcm_?8suyyOP$ObtSYP@tE4?XsHEELS*8Tj8ff}I
zSHFhYr_bNSBtxnsYdmR5L>wIRDLS$}*9b$_IQoNjK6{B<bD4J~Xf!d|gO}a#P2=)^
zYf4hYg;kHB1BlOlpYIvrX6_`g5g`voI<0oBom<d1TXKJQLL*VuQO<BQOR<;51q$l-
zEsHVSq=0^X+)5alX7K($CF9pv;HAct$gvcHBfa81*IYNwGR)Bw&U-0k80c?eD(mcz
zMf*x+@qCcYNvp6EMs{2E6Y@`UzHgA&s=-SIGM)a4BmT$Kea%)kJx|)h(EPmpySTN)
z2UqnbCjAetbRe{!0y_-SW#kFN9EJ(KXV>o&DWQ>0Ab)aUQY7r{{mM1LH$Oj%c$f3R
z|39dgc~fFAC-6?OORoi4qN*Vxgc4=h<BJjoeV^=xJ({L$J;yNzz3V2ER<efL0im|}
z+FVGmqNYSam4L3aC`tq(N!JV}TgV`#NMv$5;iE!Q$C`n`_zlPU`RX`Ne_q9Pg!2C}
z3l3IHW4pf`v!g=b0wH?!O*~A{%hp&W5*#^f65DRrJK7ofmH6CV9WanN6k`^aP4Lu>
zH5DTu<T0C`=BGT#01?5-!2TuAirxy1Qr9B`oF@#GZl^CwSoAw0i}pgNxf9dk;or29
z<R=2zzj=yesN<wO4W)dPNFMy?W)Au@R{t?AALW(aKePqM2E;<nZ%g?$9b_qCpw&6}
zOxaFN7g3v&thye<n7^F|)+u46tVrstG;xw|&$Fl{l>M7ktaxzc)R>$M8qXJV?G1a+
zB0sjDRYae&;f{b-tR)B$3{U+^S`a#x424s2LzRp>Y+x*nj3w*qM=mb>`u}X+kJLyx
z)QW~mNo)*JUdX@{$MIRqy0^FYUwdh6^eq1jx)NmbM&~ayj>5J79RX;+p5!qn4bQ6y
z#r#Ju`&w_MKdygy`?s2L;XOu?mmp50&ezvidk6PGkk_7=KhAoF*CD6tJtsIb_I<F@
zPTLR<^sP>Fm=?WH7%Ma=0B*ym!dx2?0>78N{O28Bpwzl(6Glg@L?$@6e1h{vf2(&>
zfLS^tEIwlVOG7tY<8a%n{Z3KZF>@TXv7NlIMbljec{@?&Bo-$^DNWqOxjhpUS^H@@
z4~%>te!18=rad+@AYT96it|I^Ex+efi{^ZPFS7B~RG6aW)Ji7rr?f&oG=fO{n3qPZ
zJv3x%eRMgpR*zLYI&>SK<=<sVqD%g$&M^`cVBc0t8tS~eCN>mr69(iSvYK8s$FUc&
z6hi1M83a5IC^#T^TAP^6h=5HP4u0wx%(?|A6cNP(kA&fQ=a>_bZ&ju#hYMJ2MZ+Ta
z=kQrr<Av`4-VP|NW<SxoJHfZKKocRttci$Y)VkMfX(-XQl#%TeWx2bci{s)h^gbgD
zNW59FhO0B-MCVEPz~*j~*bfeF|0M(IJ%4$4laAF<mZ2+7R{5U+@h?Q4pTv`2?%Pkz
zytnUPEiI)0s0LuS#jO*7^dGr4nr(^wgBo*I`KIQG(IX0&?|!^?lQv9MINkP&JXxai
z&*;*7t8-U+QzYia_C`soV+xGF=WuzprEU4_2NL%Id++po;#eD=cZuP$^UHgH!P6zM
zlMBS@r`rZTQKpcGp1D^XIn~tFX*k^>ME4>eT(IOvyw(;>pJN)zo|}mYD5da8dZsG9
zhsxe`z)PX3Dk)wERe&D<TJ!dDA!E>f1#Dvq>_(Qe9on_(!M%gOwL&UXyt$D<_+0*s
zR0pSzf!inHI`x6m`U<U%9)sK;NW3O0-b?YkG4bECkEl{hr=S6d%B{SN+gv=%cRQJ^
z^W|;B^^s90f+XYGL2S&42mP!xQF?^m$)eet>m5rWqYpFJ`m-s2()EC7#vw-NwO%%S
zqfilAIDIR9t^nG%P|jIDc5=#|-76N`S`|er9~;XV5WDkWLq#b@8BEg1x9W!Sqs_5K
zX=`iM*e0y_ic(O_&Eee(Dm;qKW)Q?Qixu)48y9AIwbq4^a70RI@f5HpOXRsEZzH~q
zP4Qmj`1q(;u?U!6@IUY$zMOj>=02=i{E(8H&GJKWGG?H5adxAHJ(QUrgcta-;lTtM
zRR~k6@>)#hIl~zkk}LO8-6Qg_uG^zszJi&r%8?N$HjaCN5lo3!SH<pp>yfQ70=+b#
zOxL=>nj&y8X|N(~L?;`##Rn^iN-p<E@b}~~2?8x3a*SFUi$JkHC3vAe^CIYdt2gV5
z%(ZQpXXiGKy<R4JA#;hE(-+naJQq&LhV6^Dd@+jJ-s^{2Y*+089H@G=I(-D%+(D9N
z%d8W|-~5O43Z`r_g9gyOp~m~7*$AS2uQ>tZJQS?c!>8lTGs_+X=dT^5P?n}n+2L#a
zUs*jURphV4i|TREJ~Ms1k++gtIk9ajG5$^+t|HIsv>u^5gLUT|p9R>y*ryP_WYu`q
zsp}F9+Tpr3HKN1g!RJMZ@nudS7n?38t-ZXAV)`Ri>Pt(nY$Y(+1mgc;$+fvjetR+W
zMP_IqI=4Lavlg&LAiN2pvudu*{US2{=Bi6HmI46##PG(ApBA{FhNvPuzzr+Ye(5Bp
z_L0@k`;Yg{el>`=KIhtMLE;{o1~K56jI1O<T9jLV)}^J)RqYRHAyo+cp)OdLH0|0N
zL=`Ou=UlMe8iaH?-M(No6UZh0bX2nMs~v67GA0N!jQRb<S8R@l6rUDa5$lUN&Cr|?
z>ovZXti9<pw2<-X-1Sxjc)t8>jb(_;x^TuT@~5;G*9l$MryM<n(e!lXC^W3xUW`8~
zYH}^eR%EQZ33a*fta7XfM;_R@*^(PhTvR4e0i_M&g=kdYuk0G9a{^?kCh305NkrJn
z=?+KYC&71G!kg$*G~Tx%d{UUQc(S`iZT|LpW_z?p!qIZ$CvYq6^Af9N>11#KG35vk
zS8d*DH9pjk%@Q=rEmkhnIX!58nvVm>iBqK#W-5xaN}dn!AJJiCf~9axN;nYqhG=gP
zc%}Fgm!~%_zRmj|_PVORyi;Ff7R6!haSbw9Q^TIq73@~(Y=O+?2yufyU?8Il$*X^P
z%{^)ywABSH4}GUzm5wTcegzBYo^7LUWglP(O6Mz=DG+FkrqjN6t>xZ*H8HJ;Mbd>l
z_-q&4!O&wW=v&8d0^`{Q{SDM<+^xkd{x~@yDC{3F@6tvTq#VWJ2$%LmG6ylERpe^D
zxisET>(V3OLq)Qq!iv{wX`|bOLs~iEW<FW8t$dmP{Lt7;>Oo8xGIWz#$AwT~IUmWw
z)peI#IXY*+DdppYxvBrhG!re;d5F?{J^%nW60d_0Bh^mdN)&F7JSW31pqcCsH&8!&
zhOZ=6#S6o7;VsAF(zRMX(268A_qxfBd|kM;ZXd1^_X{!Y%^Ms>Ih(>S=7in-eAb@#
z^ELrCZ{4$hnY!yL34+;iqoXxkT4DUy1vzvxg?P<IAQ|dA`G_>hb`KE$j_QKC`c#~;
zKCpMB@o`1e%Vvw^sZTg56izHBnX~4j{|6UAmAOm|U7#y=nIW@Legy1i7_SJatl08a
zk$?1K_l5n*Hy%$Gl81IhM}+Drny|$ilDH)itON+p4vlUR_poRp$>~_kyk@FjDPF@j
zICF)Ej7P?xD~sn>@;4fB6bq(qKpxFmLu)QHDAIrE2xXqYr8C=Y(n6K|jhZdlEK$8D
z<CpnYWWr*%x~W6W_Mx(SJWBEjnjR*4h?4#SvS=}kAkS1dF?TS*GA(DWi7ilL+NLX|
z%fS<$%5=x;1U^{QY7~g;pB*zgx2tLRLHTC@;9H-_*g;igZ&LJAZ0dlhGR7L-h)Uny
zyu=4@-LoVG0@;)UtlWab>Ouxtb+)##;ij4SwWJvpQF5c#X6X^EvXwn1#}Ki0-R-0D
zC;$_4aqjQqjG$>p&mOzWK`xa1m|+sJSf4K|<(<q-r4>f3PWta)P%=9SbQwF;u2rq7
zAbx+Q{KKP}X*IO99wIEIE0cnMwgpk`cCS)A#t&-5n9^mOSK{^5kEPU+pwUorG+n8i
zEDr*KIbiMJ*C4d5hy53%nNhC^W#}H)y#ZVR)M9ai2J8JDlfO1)6Pwa%Na=l>jPR~D
zWN{*vLsbbD4dTsfEGmV3M#B#Le1IOYXL(x2!24ah0wi4l$dMH)e}51&`xQ%(_tfh&
z=hfPOrYt*i3XBZ6$8E7dd2HSIomjl@)@s~qgc~P_p1m6jVG|?bj=5*%X#IL67V*O9
zVZsCxlu+AjnRg8nO%no#Y7K9lPK%Xmaq_I2LwBS-nZ{XNYIb$~7-}Zi$F3v0Xk&Za
z8?p}5XBw;Fe@wwB7%CY=6C~Kzv%|p9#5S{9OQ9irqHWy`h{?pnMC{x_6Dn8lKCU)o
z2^89UU)i2LnMV3tE<ZS9a<uQu7K(ShNifpAT?H)F`d3SGYLrS@+w!m&6RIYUBW?SR
z>_qNa)4O&Gf1c}K`=M)9HK?SCq!?=iR%cUcsuf2ijz`^(uDkDNi?s-lBIv@iG01iz
zm7=VyiKc`~djzZ<)D!kSKu&JVd23;0IaEf88fYH$&<6rML5|+!-z4p>1w&UPVQ;|k
zs@J0zQ=a9#Mg7q;>{{txEtygSrz<trC$+~WrBR8$mzV5+<mRKwi(KfA-}2GD!~EwT
cTK|R~xYw@a%hL$)?SGQAgo1dLs8Qhm0&7~1d;kCd

literal 0
HcmV?d00001

diff --git a/experimental/images/macvlan-bridge-ipvlan-l2.svg b/experimental/images/macvlan-bridge-ipvlan-l2.svg
new file mode 100644
index 00000000..757871e3
--- /dev/null
+++ b/experimental/images/macvlan-bridge-ipvlan-l2.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="561" height="354.5"><style xmlns="http://www.w3.org/1999/xhtml"></style><defs/><g transform="translate(0,0)"><g><rect fill="#FFFFFF" stroke="none" x="0" y="0" width="561" height="354.5"/></g><g transform="translate(0,0) matrix(1,0,0,1,8,177)"><g><g transform="translate(0,0) scale(2.52,1.29)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.3968253968253968,0.7751937984496123)"><path fill="#c5e4fc" stroke="none" d="M 10 0 L 242 0 Q 252 0 252 10 L 252 119 Q 252 129 242 129 L 10 129 Q 0 129 0 119 L 0 10 Q 0 0 10 0 Z" opacity="0.93"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 242 0 Q 252 0 252 10 L 252 119 Q 252 129 242 129 L 10 129 Q 0 129 0 119 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" stroke-width="2" opacity="0.93"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,16,240)"><g transform="translate(4,4) scale(1.0045045045045045,1.0087719298245614)"><g><g transform="translate(0,0) scale(1.11,0.57)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9009009009009008,1.7543859649122808)"><path fill="#000000" stroke="none" d="M 10 0 L 101.00000000000001 0 Q 111.00000000000001 0 111.00000000000001 10 L 111.00000000000001 46.99999999999999 Q 111.00000000000001 56.99999999999999 101.00000000000001 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 101.00000000000001 0 Q 111.00000000000001 0 111.00000000000001 10 L 111.00000000000001 46.99999999999999 Q 111.00000000000001 56.99999999999999 101.00000000000001 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.11,0.57)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9009009009009008,1.7543859649122808)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 101.00000000000001 0 Q 111.00000000000001 0 111.00000000000001 10 L 111.00000000000001 46.99999999999999 Q 111.00000000000001 56.99999999999999 101.00000000000001 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" opacity="0.73"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 101.00000000000001 0 Q 111.00000000000001 0 111.00000000000001 10 L 111.00000000000001 46.99999999999999 Q 111.00000000000001 56.99999999999999 101.00000000000001 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.73"/></g></g></g></g></g><g transform="matrix(1,0,0,1,26,246)"><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="92" height="45" fill-opacity="0"/></g></g><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="92" height="15" fill-opacity="0"/></g></g><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="9" y="0" width="75" height="15" fill-opacity="0"/></g></g><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="9" y="0" width="75" height="15" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="9" y="13">Container</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="65" y="13"> #</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="76" y="13">1</text></g><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="15" width="92" height="15" fill-opacity="0"/></g></g><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="33" y="15" width="26" height="15" fill-opacity="0"/></g></g><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="33" y="15" width="26" height="15" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="33" y="28">eth0</text></g><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="30" width="92" height="15" fill-opacity="0"/></g></g><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="2" y="30" width="88" height="15" fill-opacity="0"/></g></g><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="2" y="30" width="88" height="15" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="2" y="43">172</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="24" y="43">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="28" y="43">16</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="42" y="43">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="46" y="43">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="53" y="43">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="57" y="43">10</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="71" y="43">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="75" y="43">24</text></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,138,240)"><g transform="translate(4,4) scale(1.0045045045045045,1.0087719298245614)"><g><g transform="translate(0,0) scale(1.11,0.57)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9009009009009008,1.7543859649122808)"><path fill="#000000" stroke="none" d="M 10 0 L 101.00000000000001 0 Q 111.00000000000001 0 111.00000000000001 10 L 111.00000000000001 46.99999999999999 Q 111.00000000000001 56.99999999999999 101.00000000000001 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 101.00000000000001 0 Q 111.00000000000001 0 111.00000000000001 10 L 111.00000000000001 46.99999999999999 Q 111.00000000000001 56.99999999999999 101.00000000000001 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.11,0.57)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9009009009009008,1.7543859649122808)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 101.00000000000001 0 Q 111.00000000000001 0 111.00000000000001 10 L 111.00000000000001 46.99999999999999 Q 111.00000000000001 56.99999999999999 101.00000000000001 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" opacity="0.73"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 101.00000000000001 0 Q 111.00000000000001 0 111.00000000000001 10 L 111.00000000000001 46.99999999999999 Q 111.00000000000001 56.99999999999999 101.00000000000001 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.73"/></g></g></g></g></g><g transform="matrix(1,0,0,1,148,247)"><g transform="translate(77,42) matrix(1,0,0,1,0,0) translate(-77,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="92" height="44" fill-opacity="0"/></g></g><g transform="translate(77,42) matrix(1,0,0,1,0,0) translate(-77,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="92" height="14" fill-opacity="0"/></g></g><g transform="translate(77,42) matrix(1,0,0,1,0,0) translate(-77,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="11" y="0" width="70" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="11" y="12">Container</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="63" y="12"> #</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="73" y="12">2</text></g><g transform="translate(77,42) matrix(1,0,0,1,0,0) translate(-77,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="92" height="30" fill-opacity="0"/></g></g><g transform="translate(77,42) matrix(1,0,0,1,0,0) translate(-77,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="33" y="14" width="87" height="30" fill-opacity="0"/></g></g><g transform="translate(77,42) matrix(1,0,0,1,0,0) translate(-77,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="33" y="14" width="87" height="30" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="33" y="27">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="3" y="42">172</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="25" y="42">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="28" y="42">16</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="43" y="42">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="46" y="42">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="53" y="42">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="57" y="42">11</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="71" y="42">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="74" y="42">24</text></g></g><g transform="matrix(1,0,0,1,152.86753236814712,193.5)"><g transform="translate(0,0)"><g transform="translate(-40,26.067047119140625) translate(-112.86753236814712,-219.56704711914062) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#000000" d="M 193.5 240 L 157.36753236814712 198" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,67,193.49999999999997)"><g transform="translate(0,0)"><g transform="translate(-50,16.067047119140625) translate(-17,-209.5670471191406) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#000000" d="M 71.5 240 L 112.63246763185288 197.99999999999997" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,130.5,79.5019243141968)"><g transform="translate(0,0)"><g transform="translate(-60,6.067047119140625) translate(-70.5,-85.56897143333742) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#000000" d="M 135 174 L 275.32345076546227 84.0019243141968" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,5,185)"><g transform="translate(106,82) matrix(1,0,0,1,0,0) translate(-106,-82)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="76" height="32" fill-opacity="0"/></g></g><g transform="translate(106,82) matrix(1,0,0,1,0,0) translate(-106,-82)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="76" height="16" fill-opacity="0"/></g></g><g transform="translate(106,82) matrix(1,0,0,1,0,0) translate(-106,-82)"><g><rect fill="rgb(0,0,0)" stroke="none" x="16" y="0" width="46" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="16" y="14">Docker</text></g><g transform="translate(106,82) matrix(1,0,0,1,0,0) translate(-106,-82)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="16" width="76" height="16" fill-opacity="0"/></g></g><g transform="translate(106,82) matrix(1,0,0,1,0,0) translate(-106,-82)"><g><rect fill="rgb(0,0,0)" stroke="none" x="14" y="16" width="50" height="14" fill-opacity="0"/></g></g><g transform="translate(106,82) matrix(1,0,0,1,0,0) translate(-106,-82)"><g><rect fill="rgb(0,0,0)" stroke="none" x="14" y="16" width="50" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="14" y="30">Host</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="43" y="30"> #</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="54" y="30">1</text></g><g transform="translate(106,82) matrix(1,0,0,1,0,0) translate(-106,-82)"><g><rect fill="rgb(0,0,0)" stroke="none" x="62" y="18" width="1" height="14" fill-opacity="0"/></g></g><g transform="translate(106,82) matrix(1,0,0,1,0,0) translate(-106,-82)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="16" width="1" height="14" fill-opacity="0"/></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,283,177)"><g><g transform="translate(0,0) scale(2.52,1.29)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.3968253968253968,0.7751937984496123)"><path fill="#c5e4fc" stroke="none" d="M 10 0 L 242 0 Q 252 0 252 10 L 252 119 Q 252 129 242 129 L 10 129 Q 0 129 0 119 L 0 10 Q 0 0 10 0 Z" opacity="0.93"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 242 0 Q 252 0 252 10 L 252 119 Q 252 129 242 129 L 10 129 Q 0 129 0 119 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" stroke-width="2" opacity="0.93"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,291,240)"><g transform="translate(4,4) scale(1.0045045045045045,1.0087719298245614)"><g><g transform="translate(0,0) scale(1.11,0.57)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9009009009009008,1.7543859649122808)"><path fill="#000000" stroke="none" d="M 10 0 L 101.00000000000001 0 Q 111.00000000000001 0 111.00000000000001 10 L 111.00000000000001 46.99999999999999 Q 111.00000000000001 56.99999999999999 101.00000000000001 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 101.00000000000001 0 Q 111.00000000000001 0 111.00000000000001 10 L 111.00000000000001 46.99999999999999 Q 111.00000000000001 56.99999999999999 101.00000000000001 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.11,0.57)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9009009009009008,1.7543859649122808)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 101.00000000000001 0 Q 111.00000000000001 0 111.00000000000001 10 L 111.00000000000001 46.99999999999999 Q 111.00000000000001 56.99999999999999 101.00000000000001 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" opacity="0.73"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 101.00000000000001 0 Q 111.00000000000001 0 111.00000000000001 10 L 111.00000000000001 46.99999999999999 Q 111.00000000000001 56.99999999999999 101.00000000000001 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.73"/></g></g></g></g></g><g transform="matrix(1,0,0,1,301,246)"><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="92" height="45" fill-opacity="0"/></g></g><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="92" height="15" fill-opacity="0"/></g></g><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="9" y="0" width="75" height="15" fill-opacity="0"/></g></g><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="9" y="0" width="75" height="15" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="9" y="13">Container</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="65" y="13"> #</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="76" y="13">3</text></g><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="15" width="92" height="15" fill-opacity="0"/></g></g><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="33" y="15" width="26" height="15" fill-opacity="0"/></g></g><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="33" y="15" width="26" height="15" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="33" y="28">eth0</text></g><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="30" width="92" height="15" fill-opacity="0"/></g></g><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="2" y="30" width="88" height="15" fill-opacity="0"/></g></g><g transform="translate(88,135) matrix(1,0,0,1,0,0) translate(-88,-135)"><g><rect fill="rgb(0,0,0)" stroke="none" x="2" y="30" width="88" height="15" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="2" y="43">172</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="24" y="43">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="28" y="43">16</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="42" y="43">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="46" y="43">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="53" y="43">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="57" y="43">12</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="71" y="43">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="75" y="43">24</text></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,413,240)"><g transform="translate(4,4) scale(1.0045045045045045,1.0087719298245614)"><g><g transform="translate(0,0) scale(1.11,0.57)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9009009009009008,1.7543859649122808)"><path fill="#000000" stroke="none" d="M 10 0 L 101.00000000000001 0 Q 111.00000000000001 0 111.00000000000001 10 L 111.00000000000001 46.99999999999999 Q 111.00000000000001 56.99999999999999 101.00000000000001 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 101.00000000000001 0 Q 111.00000000000001 0 111.00000000000001 10 L 111.00000000000001 46.99999999999999 Q 111.00000000000001 56.99999999999999 101.00000000000001 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.11,0.57)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9009009009009008,1.7543859649122808)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 101.00000000000001 0 Q 111.00000000000001 0 111.00000000000001 10 L 111.00000000000001 46.99999999999999 Q 111.00000000000001 56.99999999999999 101.00000000000001 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" opacity="0.73"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 101.00000000000001 0 Q 111.00000000000001 0 111.00000000000001 10 L 111.00000000000001 46.99999999999999 Q 111.00000000000001 56.99999999999999 101.00000000000001 56.99999999999999 L 10 56.99999999999999 Q 0 56.99999999999999 0 46.99999999999999 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.73"/></g></g></g></g></g><g transform="matrix(1,0,0,1,423,247)"><g transform="translate(79,71) matrix(1,0,0,1,0,0) translate(-79,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="92" height="44" fill-opacity="0"/></g></g><g transform="translate(79,71) matrix(1,0,0,1,0,0) translate(-79,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="92" height="14" fill-opacity="0"/></g></g><g transform="translate(79,71) matrix(1,0,0,1,0,0) translate(-79,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="11" y="0" width="70" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="11" y="12">Container</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="63" y="12"> #</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="73" y="12">4</text></g><g transform="translate(79,71) matrix(1,0,0,1,0,0) translate(-79,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="92" height="30" fill-opacity="0"/></g></g><g transform="translate(79,71) matrix(1,0,0,1,0,0) translate(-79,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="33" y="14" width="88" height="30" fill-opacity="0"/></g></g><g transform="translate(79,71) matrix(1,0,0,1,0,0) translate(-79,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="33" y="14" width="88" height="30" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="33" y="27">eth0</text></g><g transform="translate(79,71) matrix(1,0,0,1,0,0) translate(-79,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="2" y="29" width="88" height="15" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="2" y="42">172</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="24" y="42">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="28" y="42">16</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="42" y="42">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="46" y="42">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="53" y="42">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="57" y="42">13</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="71" y="42">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="75" y="42">24</text></g></g><g transform="matrix(1,0,0,1,427.8675323681471,193.5)"><g transform="translate(0,0)"><g transform="translate(-315,26.067047119140625) translate(-112.86753236814712,-219.56704711914062) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#000000" d="M 468.5 240 L 432.3675323681471 198" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,342,193.49999999999997)"><g transform="translate(0,0)"><g transform="translate(-325,16.067047119140625) translate(-17,-209.5670471191406) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#000000" d="M 346.5 240 L 387.6324676318529 197.99999999999997" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,280,185)"><g transform="translate(106,82) matrix(1,0,0,1,0,0) translate(-106,-82)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="76" height="32" fill-opacity="0"/></g></g><g transform="translate(106,82) matrix(1,0,0,1,0,0) translate(-106,-82)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="76" height="16" fill-opacity="0"/></g></g><g transform="translate(106,82) matrix(1,0,0,1,0,0) translate(-106,-82)"><g><rect fill="rgb(0,0,0)" stroke="none" x="16" y="0" width="46" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="16" y="14">Docker</text></g><g transform="translate(106,82) matrix(1,0,0,1,0,0) translate(-106,-82)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="16" width="76" height="16" fill-opacity="0"/></g></g><g transform="translate(106,82) matrix(1,0,0,1,0,0) translate(-106,-82)"><g><rect fill="rgb(0,0,0)" stroke="none" x="14" y="16" width="50" height="14" fill-opacity="0"/></g></g><g transform="translate(106,82) matrix(1,0,0,1,0,0) translate(-106,-82)"><g><rect fill="rgb(0,0,0)" stroke="none" x="14" y="16" width="50" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="14" y="30">Host</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="43" y="30"> #</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="54" y="30">2</text></g><g transform="translate(106,82) matrix(1,0,0,1,0,0) translate(-106,-82)"><g><rect fill="rgb(0,0,0)" stroke="none" x="62" y="18" width="1" height="14" fill-opacity="0"/></g></g><g transform="translate(106,82) matrix(1,0,0,1,0,0) translate(-106,-82)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="16" width="1" height="14" fill-opacity="0"/></g></g></g><g transform="matrix(1,0,0,1,270.82345076546227,79.5019243141968)"><g transform="translate(0,0)"><g transform="translate(-70,-3.932952880859375) translate(-200.82345076546227,-75.56897143333742) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#000000" d="M 410 174 L 275.32345076546227 84.0019243141968" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,167.32131882292583,39.0019243141968)"><g><g transform="translate(0,0) scale(2.1600318386915354,1.5512633057455518) translate(0.00001348378,-0.001498589)"><g><g><path fill="#FFFFFF" stroke="#434343" d="M 33.84 5.912 C 16.263 2.403 6.986 11.405 8.451 19.186 L 8.57 19.61 C -5.128 21.942 -1.537 38.106 5.033 38.106 L 5.679 38.085 C 4.026 45.68 20.032 53.41 28.958 49.548 L 29.531 48.92 C 32.713 55.752 44.02 56.893 55.201 57.177 C 64.89 57.425 70.546 56.658 74.702 52.411 L 75.341 52.599 C 90.852 53.845 97.915 43.133 94.526 35.442 L 95.36 35.207 C 100.648 33.808 101.258 21.602 92.187 19.797 L 92.361 19.325 C 96.299 11.385 87.011 3.896 74.124 5.303 L 73.23 4.837 C 64.003 -3.517 37.449 -2.157 34.373 6.108 L 33.84 5.912 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,356,150)"><g transform="translate(4,4) scale(1.0046296296296295,1.0104166666666667)"><g><g transform="translate(0,0) scale(1.08,0.48)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9259259259259258,2.0833333333333335)"><path fill="#000000" stroke="none" d="M 10 0 L 98 0 Q 108 0 108 10 L 108 38 Q 108 48 98 48 L 10 48 Q 0 48 0 38 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 98 0 Q 108 0 108 10 L 108 38 Q 108 48 98 48 L 10 48 Q 0 48 0 38 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.08,0.48)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9259259259259258,2.0833333333333335)"><path fill="#cccccc" stroke="none" d="M 10 0 L 98 0 Q 108 0 108 10 L 108 38 Q 108 48 98 48 L 10 48 Q 0 48 0 38 L 0 10 Q 0 0 10 0 Z"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 98 0 Q 108 0 108 10 L 108 38 Q 108 48 98 48 L 10 48 Q 0 48 0 38 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10"/></g></g></g></g></g><g transform="matrix(1,0,0,1,366,153)"><g transform="translate(160,126) matrix(1,0,0,1,0,0) translate(-160,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="89" height="42" fill-opacity="0"/></g></g><g transform="translate(160,126) matrix(1,0,0,1,0,0) translate(-160,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="89" height="14" fill-opacity="0"/></g></g><g transform="translate(160,126) matrix(1,0,0,1,0,0) translate(-160,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="14" y="0" width="61" height="14" fill-opacity="0"/></g></g><g transform="translate(160,126) matrix(1,0,0,1,0,0) translate(-160,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="14" y="0" width="61" height="14" fill-opacity="0"/></g></g><g transform="translate(160,126) matrix(1,0,0,1,0,0) translate(-160,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="14" y="0" width="33" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="14" y="12">(</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="18" y="12">Host</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="43" y="12">)</text></g><g transform="translate(160,126) matrix(1,0,0,1,0,0) translate(-160,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="47" y="0" width="29" height="14" fill-opacity="0"/></g></g><g transform="translate(160,126) matrix(1,0,0,1,0,0) translate(-160,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="47" y="0" width="29" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="50" y="12">eth0</text></g><g transform="translate(160,126) matrix(1,0,0,1,0,0) translate(-160,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="1" height="14" fill-opacity="0"/></g></g><g transform="translate(160,126) matrix(1,0,0,1,0,0) translate(-160,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="89" height="14" fill-opacity="0"/></g></g><g transform="translate(160,126) matrix(1,0,0,1,0,0) translate(-160,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="1" y="14" width="88" height="14" fill-opacity="0"/></g></g><g transform="translate(160,126) matrix(1,0,0,1,0,0) translate(-160,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="1" y="14" width="88" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="1" y="26">172</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="21" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="25" y="26">16</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="38" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="41" y="26">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="48" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="51" y="26">253</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="71" y="26">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="75" y="26">24</text></g><g transform="translate(160,126) matrix(1,0,0,1,0,0) translate(-160,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="28" width="89" height="14" fill-opacity="0"/></g></g><g transform="translate(160,126) matrix(1,0,0,1,0,0) translate(-160,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="11" y="28" width="68" height="14" fill-opacity="0"/></g></g><g transform="translate(160,126) matrix(1,0,0,1,0,0) translate(-160,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="11" y="28" width="68" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="11" y="40">(</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="15" y="40">IP</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="30" y="40">Optional</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="74" y="40">)</text></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,81,150)"><g transform="translate(4,4) scale(1.0046296296296295,1.0104166666666667)"><g><g transform="translate(0,0) scale(1.08,0.48)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9259259259259258,2.0833333333333335)"><path fill="#000000" stroke="none" d="M 10 0 L 98 0 Q 108 0 108 10 L 108 38 Q 108 48 98 48 L 10 48 Q 0 48 0 38 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 98 0 Q 108 0 108 10 L 108 38 Q 108 48 98 48 L 10 48 Q 0 48 0 38 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.08,0.48)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9259259259259258,2.0833333333333335)"><path fill="#cccccc" stroke="none" d="M 10 0 L 98 0 Q 108 0 108 10 L 108 38 Q 108 48 98 48 L 10 48 Q 0 48 0 38 L 0 10 Q 0 0 10 0 Z"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 98 0 Q 108 0 108 10 L 108 38 Q 108 48 98 48 L 10 48 Q 0 48 0 38 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10"/></g></g></g></g></g><g transform="matrix(1,0,0,1,91,153)"><g transform="translate(127,126) matrix(1,0,0,1,0,0) translate(-127,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="89" height="42" fill-opacity="0"/></g></g><g transform="translate(127,126) matrix(1,0,0,1,0,0) translate(-127,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="89" height="14" fill-opacity="0"/></g></g><g transform="translate(127,126) matrix(1,0,0,1,0,0) translate(-127,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="14" y="0" width="61" height="14" fill-opacity="0"/></g></g><g transform="translate(127,126) matrix(1,0,0,1,0,0) translate(-127,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="14" y="0" width="61" height="14" fill-opacity="0"/></g></g><g transform="translate(127,126) matrix(1,0,0,1,0,0) translate(-127,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="14" y="0" width="33" height="14" fill-opacity="0"/></g></g><g transform="translate(127,126) matrix(1,0,0,1,0,0) translate(-127,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="14" y="0" width="33" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="14" y="12">(</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="18" y="12">Host</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="43" y="12">)</text></g><g transform="translate(127,126) matrix(1,0,0,1,0,0) translate(-127,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="47" y="0" width="29" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="50" y="12">eth0</text></g><g transform="translate(127,126) matrix(1,0,0,1,0,0) translate(-127,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="1" height="14" fill-opacity="0"/></g></g><g transform="translate(127,126) matrix(1,0,0,1,0,0) translate(-127,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="89" height="14" fill-opacity="0"/></g></g><g transform="translate(127,126) matrix(1,0,0,1,0,0) translate(-127,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="1" y="14" width="88" height="14" fill-opacity="0"/></g></g><g transform="translate(127,126) matrix(1,0,0,1,0,0) translate(-127,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="1" y="14" width="88" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="1" y="26">172</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="21" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="25" y="26">16</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="38" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="41" y="26">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="48" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="51" y="26">254</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="71" y="26">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="75" y="26">24</text></g><g transform="translate(127,126) matrix(1,0,0,1,0,0) translate(-127,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="28" width="89" height="14" fill-opacity="0"/></g></g><g transform="translate(127,126) matrix(1,0,0,1,0,0) translate(-127,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="11" y="28" width="68" height="14" fill-opacity="0"/></g></g><g transform="translate(127,126) matrix(1,0,0,1,0,0) translate(-127,-126)"><g><rect fill="rgb(0,0,0)" stroke="none" x="11" y="28" width="68" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="11" y="40">(</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="15" y="40">IP</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="30" y="40">Optional</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="italic" font-weight="normal" text-decoration="" line-height="14px" x="74" y="40">)</text></g></g><g transform="matrix(1,0,0,1,226,64)"><g transform="translate(117,64) matrix(1,0,0,1,0,0) translate(-117,-64)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="117" height="32" fill-opacity="0"/></g></g><g transform="translate(117,64) matrix(1,0,0,1,0,0) translate(-117,-64)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="117" height="16" fill-opacity="0"/></g></g><g transform="translate(117,64) matrix(1,0,0,1,0,0) translate(-117,-64)"><g><rect fill="rgb(0,0,0)" stroke="none" x="3" y="0" width="111" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="3" y="14">Network</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="58" y="14">Gateway</text></g><g transform="translate(117,64) matrix(1,0,0,1,0,0) translate(-117,-64)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="16" width="117" height="16" fill-opacity="0"/></g></g><g transform="translate(117,64) matrix(1,0,0,1,0,0) translate(-117,-64)"><g><rect fill="rgb(0,0,0)" stroke="none" x="16" y="16" width="87" height="16" fill-opacity="0"/></g></g><g transform="translate(117,64) matrix(1,0,0,1,0,0) translate(-117,-64)"><g><rect fill="rgb(0,0,0)" stroke="none" x="16" y="16" width="67" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="16" y="30">172</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="39" y="30">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="43" y="30">16</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="59" y="30">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="62" y="30">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="70" y="30">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="74" y="30">1</text></g><g transform="translate(117,64) matrix(1,0,0,1,0,0) translate(-117,-64)"><g><rect fill="rgb(0,0,0)" stroke="none" x="82" y="16" width="21" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="82" y="30">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="86" y="30">24</text></g></g><g transform="matrix(1,0,0,1,2,317)"><g transform="translate(1,0) matrix(1,0,0,1,0,0) translate(-1,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="538" height="36" fill-opacity="0"/></g></g><g transform="translate(1,0) matrix(1,0,0,1,0,0) translate(-1,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="538" height="18" fill-opacity="0"/></g></g><g transform="translate(1,0) matrix(1,0,0,1,0,0) translate(-1,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="1" y="0" width="536" height="17" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="1" y="15">Containers</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="83" y="15">Attached</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="151" y="15">Directly</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="209" y="15">to</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="226" y="15">Parent</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="278" y="15">Interface</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="340" y="15">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="349" y="15">No</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="374" y="15">Bridge</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="425" y="15">Used</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="462" y="15"> (</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="472" y="15">Docker0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="16px" font-style="italic" font-weight="normal" text-decoration="" line-height="18.5px" x="531" y="15">)</text></g></g><g transform="matrix(1,0,0,1,4,7)"><g transform="translate(81,0) matrix(1,0,0,1,0,0) translate(-81,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="538" height="22" fill-opacity="0"/></g></g><g transform="translate(81,0) matrix(1,0,0,1,0,0) translate(-81,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="538" height="22" fill-opacity="0"/></g></g><g transform="translate(81,0) matrix(1,0,0,1,0,0) translate(-81,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="81" y="0" width="376" height="22" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="20px" font-style="normal" font-weight="bold" text-decoration="" line-height="22.75px" x="81" y="19">Macvlan</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="20px" font-style="normal" font-weight="bold" text-decoration="" line-height="22.75px" x="166" y="19">Bridge</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="20px" font-style="normal" font-weight="bold" text-decoration="" line-height="22.75px" x="235" y="19">Mode</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="20px" font-style="normal" font-weight="bold" text-decoration="" line-height="22.75px" x="287" y="19"> &amp;</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="20px" font-style="normal" font-weight="bold" text-decoration="" line-height="22.75px" x="312" y="19">Ipvlan</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="20px" font-style="normal" font-weight="bold" text-decoration="" line-height="22.75px" x="376" y="19">L2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="20px" font-style="normal" font-weight="bold" text-decoration="" line-height="22.75px" x="405" y="19">Mode</text></g></g></g></svg>
\ No newline at end of file
diff --git a/experimental/images/macvlan_bridge_simple.gliffy b/experimental/images/macvlan_bridge_simple.gliffy
new file mode 100644
index 00000000..9d77e1f6
--- /dev/null
+++ b/experimental/images/macvlan_bridge_simple.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#ffffff","width":328,"height":292,"nodeIndex":215,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":16,"y":21.51999694824218},"max":{"x":328,"y":291.5}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":241.0,"y":36.0,"rotation":0.0,"id":199,"width":73.00000000000003,"height":40.150000000000006,"uid":"com.gliffy.shape.network.network_v4.business.router","order":42,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.router","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":85.0,"y":50.0,"rotation":0.0,"id":150,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":38,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[3.1159999999999997,6.359996948242184],[85.55799999999999,6.359996948242184],[85.55799999999999,62.0],[84.0,62.0]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":22.803646598905374,"y":21.51999694824218,"rotation":0.0,"id":134,"width":64.31235340109463,"height":90.0,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":44,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":89.0,"y":22.199996948242188,"rotation":0.0,"id":187,"width":105.0,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":40,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">eth1 172.16.86.0/24</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":147.0,"y":50.0,"rotation":0.0,"id":196,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":41,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":199,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-82.00001598011289,6.075000000000003],[94.0,6.075000000000003]],"lockSegments":{"1":true},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":210.0,"y":80.19999694824219,"rotation":0.0,"id":207,"width":120.00000000000001,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":43,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">Network Router</span></p><p style=\"text-align:center;\"><span style=\"\">172.16.86.1</span><span style=\"\">/24</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":27.38636363636374,"y":108.14285409109937,"rotation":0.0,"id":129,"width":262.0,"height":124.0,"uid":"com.gliffy.shape.iphone.iphone_ios7.icons_glyphs.glyph_cloud","order":0,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.iphone.iphone_ios7.icons_glyphs.glyph_cloud","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#929292","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":33.0,"y":157.96785409109907,"rotation":0.0,"id":114,"width":150.0,"height":60.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":1,"lockAspectRatio":false,"lockShape":false,"children":[{"x":44.0,"y":2.9951060358893704,"rotation":0.0,"id":95,"width":62.0,"height":36.17618270799329,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":6,"lockAspectRatio":false,"lockShape":false,"children":[{"x":29.139999999999997,"y":3.2300163132136848,"rotation":0.0,"id":96,"width":3.719999999999998,"height":29.7161500815659,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":15,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":99,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":99,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.8599999999999994,-1.2920065252854727],[1.8599999999999994,31.0081566068514]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":51.46,"y":3.2300163132136848,"rotation":0.0,"id":97,"width":1.2156862745098034,"height":31.008156606851365,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":12,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-1.4193795664340882,-1.292006525285804],[-1.4193795664340882,31.008156606851536]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":9.919999999999993,"y":1.5073409461663854,"rotation":0.0,"id":98,"width":1.239999999999999,"height":31.008156606851365,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":9,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.0393795664339223,0.4306688417619762],[2.0393795664339223,32.73083197389853]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":1.9380097879282103,"rotation":0.0,"id":99,"width":62.0,"height":32.300163132136866,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":4,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":38.326264274062034,"rotation":0.0,"id":112,"width":150.0,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":17,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">container1</span></span></p><p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">172.16.86.2/24</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":124.0,"y":157.96785409109907,"rotation":0.0,"id":115,"width":150.0,"height":58.99999999999999,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":34,"lockAspectRatio":false,"lockShape":false,"children":[{"x":44.0,"y":2.94518760195788,"rotation":0.0,"id":116,"width":62.0,"height":35.573246329526725,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":22,"lockAspectRatio":false,"lockShape":false,"children":[{"x":29.139999999999997,"y":3.1761827079934557,"rotation":0.0,"id":117,"width":3.719999999999998,"height":29.220880913539798,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":31,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":120,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":120,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.8600000000000136,-1.2704730831974018],[1.8600000000000136,30.49135399673719]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":51.46,"y":3.1761827079934557,"rotation":0.0,"id":118,"width":1.2156862745098034,"height":30.49135399673717,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":28,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-1.4193795664340882,-1.2704730831977067],[-1.4193795664340882,30.491353996737335]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":9.919999999999993,"y":1.482218597063612,"rotation":0.0,"id":119,"width":1.239999999999999,"height":30.49135399673717,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":25,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.0393795664339223,0.42349102773260977],[2.0393795664339223,32.185318107666895]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":1.9057096247960732,"rotation":0.0,"id":120,"width":62.0,"height":31.76182707993458,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":20,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":37.45415986949433,"rotation":0.0,"id":121,"width":150.0,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":33,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">container2</span></span></p><p style=\"text-align:center;\"><span style=\"\">172.16.86.3/24</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":102.0,"y":130.1999969482422,"rotation":0.0,"id":130,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":35,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">pub_net (eth0)</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":93.0,"y":92.69999694824219,"rotation":0.0,"id":140,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":36,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\"><br /></span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":14.0,"y":114.19999694824219,"rotation":0.0,"id":142,"width":78.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":37,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">Docker Host</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":71.0,"y":235.5,"rotation":0.0,"id":184,"width":196.0,"height":56.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":39,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">docker network create -d macvlan \\</span></p><p style=\"text-align:left;\"><span style=\"\">&nbsp; &nbsp; --subnet&#61;172.16.86.0/24 \\</span></p><p style=\"text-align:left;\"><span style=\"\">&nbsp; &nbsp; --gateway&#61;172.16.86.1 &nbsp;\\</span></p><p style=\"text-align:left;\"><span style=\"\">&nbsp; &nbsp; -o parent&#61;eth1 pub_net</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":45}],"shapeStyles":{},"lineStyles":{"global":{"stroke":"#999999","strokeWidth":6,"orthoMode":1}},"textStyles":{"global":{"bold":true,"face":"Arial","size":"12px","color":"#000000"}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.network.network_v4.home","com.gliffy.libraries.network.network_v4.business","com.gliffy.libraries.network.network_v4.rack","com.gliffy.libraries.network.network_v3.home","com.gliffy.libraries.network.network_v3.business","com.gliffy.libraries.network.network_v3.rack"],"lastSerialized":1457586216662,"analyticsProduct":"Confluence"},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/experimental/images/macvlan_bridge_simple.png b/experimental/images/macvlan_bridge_simple.png
new file mode 100644
index 0000000000000000000000000000000000000000..51fa66e263793573edbad30350a6e59cfbdd0256
GIT binary patch
literal 22392
zcmY&;WmFtm(k<@p?(XgqAh=7=MgqaDae})`aF;-E*EH@DG`K_KA-EItb!O&$bLR)F
zUU2$U)vjH;jzw#z$)lr?pg=)Ep(`r9*MfqA20(rUkq{t%IiUa30tKZfsrX(>$9wf8
z@68$ao_OR1bAz(pgPkCU&o)KOcCK6Dn!#}njeYe1{T4Mx*EWAxsO8DE`DC>=2N|3;
z{F4I@*kW!o0LJ-+?}~*s^d);RTnHEpNJed2KHoTWQ%o@X-Z+O^eDy>xo-|!>?KZ|)
zCnokPMrlqJhIRF>5Qt12)=wXXg_40KjTEkoM2*Km9p*0n_qPTp3`=?&M;htte+GT2
zjr{*ZnE=xN9{P9C?Ct*z{X4_|&DWkEX$V5cMhBm?hzfal@H7(Ds`VM!fQxgQc0^`D
zp7sO~7e3?E;_Xaqz>Brr!%(~o{21NIcq19EF8F>PN~-^TA&T!_S)Mi1)CRn(NceX+
zR&A>8XFr6kfSEX*sGg_$NFJ}dhjLH?pNTNR=v~$(jzlLnx-`<~U*Sg1e8Ap1i6v*!
zD4nR)K)HGiXRvxWYtr}~<+<^-rO|!WWirSl515DJ-h$ccZEG9FOhV>|;)HypkCwe3
z1c}`<<jdD;tiUZVVOQ!iVPS^whqafCqAB*O{SFiI9MhDV#1E)TEjokdBmk%c=CG;(
zS$jKOXhqXjZfd|B0tATD@^IkG9a+G`*ouNB(OYq_jLdFkzESV=J(@hnnla-r*WrS!
zsXpL4{d#4RjJamIl2*87tT{iTY$qd4){uwh_ORAZo*!Uw`shwenH{35uIB9Ezd70V
zG+eneZ4a-L5G1NV>nXwj4_cCbFFm~6)r(yGX6Jc${2;3~*2=!^lh&DPsl-{N)lf(u
zrt)DP+&fzG(n5!#i=UEC5hYMEz?Sthc}IdgL1m}V$`?vW0g_4$(CMw6EZ;@HC~eaC
z#c`lSxLdI{QIoNs*9c<L;g+Zde&cP`!SznN<F=tsKcOuN{aWy;{N$Ko!vQM=fYpIk
zNDG95W?f-iH9nmt9wx-F1ECY1lPG)G8ZSluFJZzqw4SyX|2UP2ot;}-x>p~OtLLsz
z%5g`_98bj+PbR<$jSUL5s(dRppHT14F<K=O5*!&J42BCcK$>Y?;BLvVSlgavU~k--
zE8vhr&9sZ$BUXC2dv0lH6MTUw8`;m_0;)E5gvw_Om^Z_F(roR*7sc&gVhy*~`Wqa%
zN__OD^*k&hkHDE&q-YaG%z$7+fKl@w%IjU#>xhRdRWU}uu?DF1>yH>+_EfMBMvS4f
z$^BZ8MNA7`TqUV)M>P=nD^PT(N{~ymhbjUl><dj|nF(ifer5T)aI)g`np`C}0A@us
zeys-!AR3W2M{Ze7qY$69PpJgc<&OytY?;vq5VHOm%JvxNr2E+beOQ0jcT-Uw?$GlS
zuBG>_MqBM{VH^xyG}B#9$BJZPq6y4P1L|+YW1eaK=q{n0lj{tWzQ7kMNGw&^B%*t$
z$K!TF`~;UP@UBKHt)ct;NvGRivu(89+iT*AyTZO8G6J@mV7Mo!hE0~}5b9KvR=V8+
z%-OGE9WAw5B_BId*&${7SwEcg#_{y%PYaT;((x3hncbpM%5w_uH5OX}u{J17?EQqV
z2Y@K6_tlHje5(NmA+oAmO{jc{bYo5H;Z@lh23nT#YJDaDEkU48RtV>W){{;Hq`BJ$
zTq$KB=W&__$KP|9U!%&`JIy)yQMWWPcej4#^hq?qk}d@@uczVhqU>ZxLm{qw5<>dQ
z^lAtQPM+w8Hp@U!VBYp&aPGHf^@>WHW($<apVf4kNp_V&o%T@pWVYCu;HDGLwxcYZ
z%rZ89-!?jIF-jx=H9cJxF|DP=l<H7DDDzSIqT|ciw;8C$$cT&4h<y46rR~!Bf#pqK
zl)%saSduF~Sc&2d_McyTr@NV1%uq7=;Q<|S4u(m|ifpliGAn#Por$>6aODcxL7SM~
zmUQ9Zd6>%9c-J0|CHHY#UO^3Zr=;`!36|XK=w>Xy@H<@3K&l%F)K+6D0s3z_p=$;h
z%roqtlZx?j36mxUj5kHeP8dDe*dN3n$Lmj7Q0)49)WUbiud;%{xFX?eHDn?N1UR?h
z?WEJc<Td>Q;oPoKK?N(qn9i7hB>aow#Pehr2?_W3{!^#zRgLiSS&_yfS8Y|k-LIUd
zTewSRuv#EPL)jlgG#Gr6@;s(ayx(EPDP-C;(%Q&J!nLc4wCt%*v;>F-^#PT8Lrje*
z9ie0;C$rWtovs)S^gptHUr~#t6(uwqBC*~oafnIMV12Jn-c^djcgk?Ry8@*iW(eGw
zm5XiCEvruV#FxE!Hdln3<x&n13Z4u;7M%7i{H6<Eo5Zg*Zi3~ubzx!;JJ$EnP)y%Y
z&(cjfc06ePIwV`-GcAmPj9)XiCSC11N|U1a!&kdaOJ0~wJV9UV3(HxR9s11gpUO7F
zGJU3~n7<mnGIP_p5>z|D#3*fhl1`l%`|Tc?7;K!0^Q^n~gNF}M%vFa|I0<BrKf>2h
z2+=MDd=aKPJLlN$w$d58tC_|zkEu=r4%wQSzwnMUIRktO#Q{wvK;u1a<u^FzVdni1
z3g=R&x{Y-cVq4}PLXXufcKZR}KGCn!L^>kaE1^_oWB9b#VLKrTvt6FVLGvMhkBEEA
zazIrk^`UZ|tf$6G#>ejlHB~?T;Y0n_v79f-9{#85RNnAJOTV{ugYgo?xl!hc*U)kp
zwtT%c|Fls^kuH2k*|BWgPu^tg!cp_(pmJw8Pq@LjDh;>~mkF-n-L0D9T>k8L^TxJ*
zF)F)Iz8z5cVo0^-PN62>R;3XxbgN;Q)>&@Czsz1acahpyKcrFZktt)Vxt)L)LcxAE
zBt?yzF|84shHs6)YUIj9fI2!#Q6JM?1pm5}yAk9-IO^F;OX>@Be8!N7-s*g=eV#o@
zVe)s^M!7fY*<^%U7w><e^gZ01AO0Nf(ycCUN;M}ruUI!1rY7n*TWVKkODf{1C9gP#
zI>$$ttfG{g<ErgYAI=G5AsmDz7Xe2K*V=0ZYeEVqCooFYOEmt)qZ)1~p#AVyBSD9B
zD;h_}^@JGj>PAzYC;x7N=~Vvx$zU4k@}}WU$6z@{dSM3+@Z6H0)PvB7us1%Er7a^Q
zyFQ|3U~<WW(1KJLkfY3uq<m&&bx&lbTzP~b%<Cm4H<&ZFJ+*yj((TE&czkIYK%~@b
z>a^Qgqqh*(g-v-PK)PmCygQu3_04{8@#p0<qe{~nP0+Z{PLI3|TSy(0UQm^OtMj}o
zb8Y~=x^T!g7hX6Ev9t!Qi_`fpuQseW23<1I39M$?!h)1cZH*~>1adQC3n~JI4>TYd
zO}dmzcR^mn{^(AN%sT4LJ_{j#7My6CcBPM;cfwkj8$8*{dQ{7-&q$FU+8H-kb`-T^
zq+LN?Upc#<NtT-H1ezs<=AF|zEW0{8a>fQ#dN*cngv*Gb#sM7c$yi_~OK`SS|C4(Z
ze1;|Q19kR~5(@scq6V#KLLyNN(>C$@U_G4bb#5GyPvbl;X!?mf-)D)^m#~nDZrj&g
zU0s7LM0U8WzN_W@=@wdI?PZrc<e2C?vSS1}5L~Nx`T0P17$GzT{5}<sXca893R14$
z_n-E^Aig6P&$+$nj5x@@_H)p?E`;*ph4m6=`Dz<wkBp}^`^!rAhDaeXNhKah^^Fa6
zVo@%yKpvSTXR5DHx!ECOtf%pHAvWIcB)qbg4OkG6@mBoR;---8IQY70MP$<sx)w^0
z&JexJzcBIZ)rO-<u9&DSZ%4dCcKp@LL&vm5mN&su+_840&M3^ik2!MSyjx4%sqn{`
z`_{biZ;Wst7(mjm%@27ncmp<<k9wq=#;_H{PgVTl`V0uJS2;PQWE?dTIq^BK8#BN8
zD3powu)!!mSsLgwS5pI!RFenKq)BY87O34jGz0GK*NR9;GlT%FI5ot;Kk8Qp`P?bC
zfeZ&g%prYWDdizDVeWK6E7vpB1mRV$;NixbUnNyu=o_ak)ZJy6l1Gtg0fqrciDFwp
zTV1PhTRIOPsVfb^+@6n!t(*OkMo`j8-kK(l2UdOIm}3vp4ZC%Z{gE@o=-H(oJv|8;
z^wG4nwRfHmwrqTSNO*a9pL2}6{S5pfyFE`yJo%W@dmSaXhx3{OE>w&cG2gl<<kb?0
zH82ufYbvn^4&3T&quD^;yXLH7gqOMFex1;aH2=DMEI2RC%%-*Ga=#qgfXR5LcIZYK
z-gn)kU#emW(^2|i$Td$)^v4UH(whsGDMNZI0nqq#7jD$|3b8;{ALicr{C4ipw{=dm
z*{+v7+CMlc37bz)aNzLzYip}+X9y;lP;Za6j0|jccJ_mpy{)a3y?qrZ$k*5R^0iOH
z1T66lHa)@8A<(q|8I;&H|7q}>O4AY<7$?=u;z3FW12}1E3rP5Y23!f=L=_tz5aBzb
z&KiQ{j(Fv9A=!DFGITofw(~a3UUIlQ;NPy0y}7;pIFdkaercHf=H^q@>dOn0(X~Ok
z<3jPGPJ8<vY}perQCI^hj`S<5TJ=?46yVU#6XJS?C;aW>Jf242>$$qd>!k}W&~(c;
z#Putl3^U?c_X0`G9@KqJdpDbV;DZXeV7x6#!U5F%i%eOCZn_1<b5(|g-$?&G+<H|k
zvfU>cfBeR`kI(y)P-S>N(?dY%yg|rzZee2<wowJ`b~p`T4+hZi@Cx(&WnQ*(=V&-|
zt@B|?e#B-C4zPOf^ulaMR6KCP<e1_Xq`daw6`CXxoE!ZEn!|Cf;18Y*X7emJD~y+)
z74;T(fcnbG!tqTOMJKm6rB8zO3BiG&)X%ugsT92vq`z??0}$wC1eZ!#;6qB%ntJz7
z#qv9IVVtP&q?D&KOXQ2L(=mrgLW=<(XO{V6l$n9nDqWc6Y;hF1GxwkFwD;jA9V+P9
zU=3=ee~~6=wo94Nw9yBX8V$C&9X?3?%oq37`0#<=q)*iAjIIujAYrX1P*PIg-oXK{
zY-3|1{{FYR6G&t|VhTINaX8gyv|^yk@nEcO+@L<7P>$E+v+AQRB1c*{I~yAnPIO^U
z4`rX3M(#*nUY?D!^WpEX_I8o^`T4^3_Entr+uK_rBBI_B<%~gQH{0ce;n#Qsz*yG-
zREBOwN#e{zHbt^!@Y93+q&^;`ZY{S5e%smFMjyK-l8efL`Juh;&o<VFFApYju<%VD
zfI=;!eV>$QKbae<Cv0<_@~-GVy!)&lcwe5z%M9<+X0e$$s<V#MZavH~r;?F9k(n?9
zN^SBGWJ*oJhs+KSvM(7Ll6}-(VVUf`ZM(j{#=?i=*tc)180XA)9(`Qm<j<nW*5u8U
zf1CTVyXFc)`{jD?B35+Xvk{pPc|;$dCB}JM$v>o#GgwrGhlUE75N5q)esB=3gh-{g
zL>8yH{QW1Gv(@=+9^m!jHVzPVVf(LDm~{`1v0&|hB{+Z*f3Ac-3C&+k3}Wpy9`ZW_
zg9|^jz?6}`_d;0j>3SpP_xZt*<bPFD%mCJk#$T8$CFI8fRJeFy04vh(8whh6{k_In
zjAnlFC&R7_-bG%l>0wy+s&O}8DMKd22iJOSw0ocq3=BZNZjw<+`aV3!p3TquYdh<U
z*0B0Dho5&-Ylg+^g%9e#SxPC$f+vIS!ow}xTjDsjqJ_pEuQ-DAAE#^I6OoW46Q6ZK
zWxQMQ3MQZj#t!xVKyo}Tpv@wxm9shSP=KO+H#d>q`hx*H>uLaFUqxYo4iHH+_a^&S
zh#kQ}%CYin!E1AKurm>M?>HbH{tFSnzY)LzZ-xU9)k`S6#f>7H2oD5=9oj;P7BH^G
z0}m@+VE#SI_l-}0cqDPoxS8Ss_wzJ^SL;cf)&2kfr|A%{<a81*u=8Z;X-i<oSAEG!
z85D3e9ZI^1`3*{Wa_Hz4l<H{njN*>`H!1-1+1rPk7#D>3*ahQX!n|$UFQ<~{`%lC<
zohU>&|Kl9QS0`bxlW!UM)7q4i``nuEzrJ4!<z)=(#cS{{xKV&hB@Zq9oH`zkBGVK0
z|8a^H=ij!HZ0w;0#cG0Y_LsKsEN36mNYi^?{BMcZVZP|Me^%es^N{;HWs=P<tQSlE
zJ8N%>=|v2}{bK7wte);q$m@)rRa9wDaxoO9%5<7@;>-|_V&0Qdf^Z*C+<lMX9|5VR
zmx&)eFRSo_pUf<sXLbv^K~(=5^e;!e#-Rnj_G)T{@R$;PSH4Xx8a#`LNc%?p>z1ne
z<3dS=Q|dC{=NWiaIeq1<JP1dAhUe_xBtik|5raz5SV&<SzCi=N8zY)PgBkE8)D^3t
zf%q8`o*%)hx99g2nuA4}?>*$_F;drVpO|k8^-W0b>Hm{qdniDTYGmq0I0znSLG6q(
zhId#VHYP>ViLomGN>A~Yj!y9bmbupZ<}z2oS=vPu46LG(6<rs$V0Kgdg7cA5=@dhV
z-18-q9C3A%FNjnRJWu_*9F4{nrj}d@M;K-9WPSKv3oP1IFG@6V<e1ofI$V3=pC<J+
zG`%PIPxi}9*uT0wm>`>81S<xPm<hvK2obbYBoU#K)d4$Gj-qE9-Q9!ZhDJ?ZO)mfv
zRkK(c5QzeyDD<I-7VPR0FEK4iW_V3VX^XEk&?I58oWRwi49+scMF0%w*Euk!!T^u=
z-i7qEz}Z(VLi5j7p!~v^`by~q@|%v2hc3@>htFHK*|MZ-hfVh-(#kMD#CrN38toJ4
zK1D!^6d9=6m`^|atcIXqh7onaHWP2+Rna{i4Ft#l?sI?d6Pczed@G$&h0+Wpo@T*~
zDo(Z<hjUgZibC|hBb<dADhXXalS)@ML=q66DzSlEcOYwo;*iaP9u=M1PS<_F-sNPz
z$rJA7Z;gL4ulO7g>hDNdT4$hz0%01|y;^WixEz_2ublufP;|D}0}G(y$$Yu)W&w@x
ziHq##eOlk4$M0S5uMc?!;0lpvhqM^xJSmG3vqLx+vf;Rl$$I6zo;$N#H6<Dn_Y$eP
zkPi={HNp1lgvyiGq@9{??Jko>_@Fn7^XGtEP_0n++n2ZSMb0!9*(;fXM{uM>TjkY`
zgzQ>mdE>n98Rri=FjKfnVdgs(DuiH}5PTvST%>_S>W^^5D6pB7u;c*%v!Im=_CxRA
zefBxTzNf~EzTLAQE;cW-d<AE%r*nl50rzLP&&8jSCEu<a8iot*=wR;&17AEHo)|g*
z>a#NoP!v4zOv%#5lAt5<6~5rhFyPv(*<C1LbSqw5Dp7n*g(I}hk9^GD;}q|=+S1y$
zw)(@(I`5pUp^Kcz-L<?g{eHZkPr1pM^K<>wF{o3wy<|}KDZtqc8DbY+z`LA4&&AF~
zRLb=7u>MH;ztv-`NH3#oVdG-B%wN3ApPnNSqVe^^k4x)~!;x!@PD6nakx4si4pX<H
zWk=_`(6S8g?#d1%7)<np+k+L~4~s$GERjr5rkq~g){oKlh=9~z-B~!R$oFUt@rNw!
zsQU()iFefmr{k1YqCywwFMjc`_kwRCp<8x~S_o+u7%&{4TlsqSE~`8k|Mne0d=T2W
zl3)u<*jE<^K@wseL#O+8*V^mr#%(WX-Prs$qY^Zkxmag}F2i>Ytg(i0Gg1^z&%*Dz
zh=yEoml7Ui4K|1a)YB6Uxp5EAt!Tj<tAq$|7&h@c+e+6YNl;!WC?cG3AyV2>QJQ$k
z?6OP+rL$YS8YoKPicc|th{=)vB0FR;{;ziTFHwYiRtV~#1LwD2L1BhsZ4OxPqP?DB
zI`Sido~6%Tcd@({n&?+d124wD1&!MRA;WEGf=%GQLV3+Mb8&EZdo6`G3@4$!sVbos
z12!5?B~2e}wQN7Gk3N?Xa#G=d)f93KzSLw!J>lSqyugBdPWAx;@>$TD`SwUvCJEP`
zyzqREfpkw}wluW_<HeWR=c1EJeszFo9~!!41rwQSC__&S`T^ypGNun~h}u%wOV!~@
zO{$S~C=T!-Ty3!E&mz2v^{RL7?7!ME2Dr?!Rq=@4U)ST8ImrswV)*sMTM3V#o91%G
zzX&A?nl5a!VoqvB^qiXq`Q`N(+38>S6B-5=8p(Vyqy32P&umrWtbL;Bav28Y6%UoM
zNL!B&R@0CegZpBRzv_pu(iq)0!73k)=0aF&-WJUfyG}Aq%97{bk$!&AfS^Q;<OfnC
zg(hI-(E3Tc<|ID-!F&YQ;oAnSUY2F0PyvV$KE6E~8MuT1eDl8%Aqc=(MgcOiZe2??
z7H`7($FzG|Rxu#3#&wR<<Z|WtS0(St-}xP+6~T><n7I@nMgS^wz{jZkqJ46Y;v{%h
z<*UfPF>eaX>2mit;3*#9cVfrj8Yr(yo=B)A`!tg^;_)aSA{{iz7JpV2c#cIh4BYuc
zUKtsj3st<LOuII~-nr#CyI+PG?FNN72jXHbxWyMG*Jos)EKv;+q|4NsrwBe13Xm~_
z6c9BSq5Sa3r8797n~AUZ_4|JLo);f@c+#TKJ;30@IlSq5L58xguM8ULTe=PH=R}hx
z*rTO0MJWr+j;M%D>6&?He?|K~RCo|C{CeKj1|B4CJq%EAxLBX;{o}iJvqYZI>=L<F
zXIt2hKPH{b(U0uM#qAF-rYN_R>XSO<&-RUM=uQ;B>Q2z4_zUy!QCiDp&SH9b26a4r
z>(veFXzWGbkYmgRW1{d*P#f9xwz5xs;zC1}@Yt`^DeUO8KaD(<!^7ah4wLwt<|0IO
z(lX;Tb=~q|K$hrHbEH<R`%PVhbl{$-@!rIt)wHK<$PvFN;>e1MIy?*NY}zDYxWWj=
z2>PsX>^H2F-(yGx!RPNTWi{Sdndk1arDLT9He0qIe7cRk>wF4mh=;0Ca$e$`yqR4k
z>W=8$u{R9p&(|?s4Ew~~xr%xJqbb})t}*~LO=!Y46o3OHZuM2)l4GhjCV;Hm!Ru{q
z{=FL@7up00ag>=G)=oc3<NJE9v*olYxkg#0$Nbd01jO|%M~TQS=ckW~yQl11m~dyD
zZvnXn8Darl+w)xDs|u{AX&;z1OC6#JA>TU(N}!<Q>R@6j4MZC5vX{6VFmpR->y53%
zeecl9)bf7A)|T1|1w0GAhiuQ|pzlxF4}lj?qDX{rt>ZORNWiN-#e|iBhwVsXu+wH|
zR>0J|fQJj}v-P%6&yM)<49?yDa8!`{5l*d1S4@te^Um2uhxY{-I$!K_KSh%QU9W#=
zu<!A!cJL`rH=XazFKn^tfizY<;K2m3-{lbDa=QoXkfU$sIy$L<8Dx=6n|OP?#9J@<
zbi(WRXFo&8^Mq(5+IT5k3x#H;68?<(i6gC3&2k-dkGI$osom6byX+BFTIYLzwtaIn
zx7=b+xEc8N68y#Qyz5@0Mz^E>1ssZrl*=c0)VFzaSP(cx<w+JPZj<y&6_G>G<#Ts^
zd*nk4E}`VAX{R?fA|}P4Jf(jsLI~WB1b7&j|5%vezGs`lI1xzozNiFRk1ji3XxL|G
z5ZUkXsO(3OG6Kg-PNzw>QPSn*2<7f*5-rGO7Xboet<8|f@gh5m8kG<|44XJ`r6Yd#
zJF6rUg$gn5v$+}_4mc)V8Sk7<J)MeAu{=po`3pVRmB{?*?$m~lL<k6m!l0B;=`Hp%
z9@8jPfk!d8*zK{+CX0P}JgyU_tGAw}m_PRLL6-MK+QBtGgy4O&38<%r2)XPWR+-u9
zMu%X)1SPMp*?2lT9DB?;4`{kTGVyq+Zs6WO=0y$uQzE70aH8a^f*Au9ZWQC?PW*}D
zVyI145NYNpXRYtlo`$2aehA1jw_{Wtn70CbyS&cMY(#!7f#RbYTElfr<DA?%S>j!r
ziwzdSC=2VNE}G{vNvS<vZm>WM=NsNMZCcs$GfT3m?48si<sXQ!SgUu$jkgQ#GjfQ-
zG`7^@jXQ$P@b$AAhI6uUMHS}lo%nrsy0#421Pfv9j6C>1-SxFPayaOt`@B92!#-5i
zb<>=C<oauGavna$yw`?t3XJ7zT6Mc1E$B*(6$7huuZy3i?EM6k@@Du8TmK1aGza$!
zYEDd1n=VRi*^#y^>$;0G*B_5sUNaputs9qbBfK1=&CnW+5A~9_t6|=1bszT;vamBT
z&0jrd-P^KEd|AGx{S}8on$UB$)l={lKVsXCbBby@|BhFUgUiwmh$KhX3txI7jNsX_
zrlo3Nh^VtbKsNG@S#;@?j8f><ruK*1HC(+P`Tgj?q>aXmu$o&NiYaCLZ7us!i^dO4
zq+&Eq6d5ikR7)LJlH5Y;JhWN!wh$$Hk_D7tF%)Jr)5B=F;HQA!YNVdA=Y6LKs}T_s
z0EC5fc>F09c%oarLbPDbE|Hjl<Vc~ak`WzrdCu+O&way3u8{hj4;sJNh22DOkI_T$
z3aiVEIq)%W37!jC<Z|Ks{bmrg9rvK{g~p+0j%KRK4z0JH)bpIUu7nb_0>Jo_K`Z|@
zIrrz48yH!0ohR8j<k?b+tj_FRy9VuGGqm}F7PXVuV#v;}P<{w~Siad4NNKMyKOVf>
zLUyi7xx0@RQ>I=ZP1l<z2Aoua>v@eBL6bzNopy5@Vvt6Ixg*0wa0o&I{ehm0UeU#i
zVCs*Lr;o&|bW!;DOGI72oS^aY#g(4uw9xvzO8+E{Ld4xB)f`G`((oGHJXI?-P;6`t
z>NXl2Aqoi+&H@DeJ6!k<&^7AzjZ5m`x0jFDy4_M0+6KeHAwNJ&^&<B_i^P=Dj-@Ae
zNB6MEnc3|JYS@gf{RWe4bkjrAJAc&i5AVQzv&Xq<NzA0;zNR(po~MSZA@EAYMcTwd
zCse;}*%d1s_b$s2oU0ZLuLJAhK(wq8$%{O~f7XBIl;ai833y=AsdHW)R-VxmHl-`^
z6<F6T2(oUpaoNa>dr@3EXQQbjG}L8?E@evi70)(oG-HRwOnumy_IWOHQ~_g{9^QG0
znzZhx=p7dh_VPnpUTm_mld=H(8QFfd=eIt_x~jrsG56XN$^E8@RhRhlp5y=t$oM5P
zXHw?)#{hbvp6|4DrN^`o%10a7K{xp3b+e@JB!wn%=578<)*7~LRPl!pVt{0pj&d@m
zyW4xTQi*5egqQvptXwoG4GzJtwK^)J!k_W7k}wa1u1b}na|3_pDFlhSTpB3YjjqTB
zlWdE9dw4V>ULt0KF9~@qfuq)q2GOO9*Y9PB?bRqgnEAQvlVwOSmd(06W+?=*W@C4G
zU($FWNzL&cCGfX3tumS9FgOg@di+&H1oK!O-5i)!9b$$G<rKm`KGjP&NIk=WiazAF
z54N@ZpdcU=iz?0T$zezdo(AGV)T~Mw@THg8^apvJkhn^-7$+OQD()}HF*2`bfPVH}
zs7@sddP|06EVXJhSHT+tL{xR9+<*~|u5Yjj=To&X<@=*l$VU>i_g00e9pB#MuV_?*
zo+R&TU(0Ha(GI6q2#x2Of83D<1_!Q|s!3;;+NsT_g8ec)vuJ2a%&T;hTBL)qZF>8_
z>C$oscBq<rNSa)PxQ7FppCmdLR6o(@Gki0^P1*d@*7!WE-+j35%YDDvnRruKx^#H4
z_wcyA?zVZ|2_p$hYEoQWERth^&i&^AVB-Zmmj`@<NIZPM?WDx~`bXVQKF(AkJ|7d{
zQqj|3J~^zsR)e{#4UIBVxv>Gk>e@YEl@dH7y8YcQbSN>thw@en&^;{&+fBCofZM7+
z6Nqr9G)dEoPc~edgu_D!!Q}I~v@<C=(xmVo*yya<Sv{eG>6CYHdiA^Gp{m#p@3w=W
zJzqXLh4=s<$KLwit8|KFrN!d9wp(HhjicYgBqnmzMx+%OSPgR=93Fb9I&8DAZ&G|a
z(<t<7=XihV(BQ|ea!NjMa*<9^`y6LLlOS{N-ZRT#&EE5i6YE!LcYeZ{;t*5974+?M
zBKu3!^*n0Mr2dpH<$d?jKwy?U>9qpp?%S=_zTYPXz^RH}ChywdRl?Yh;=M1kBQW$K
za5SJN%oB3dP+K8K;hMyf=j84B{)2<ku@NXS_jGJLbED(MMFO%?6%N%Ga)*?*CKALq
zzy?PicR6S8>F;3wxThZqoEpwS?7ZyHiN{aahtvU%e361Hzjh6-K2Xq~ks~fEV&s#8
zb?(c(gCAEhG~|U&y*K=AY!q4!I2hmF1Me*jfD=k>aLUD@tjvX44)H$(2lbO)!&jQ~
z_>Jy(Idpwt<(q~`Qm9_D?AGviu(+d4#pfT02-_rC-*!a;1|87t3SnO)#>7@L<=eL$
zGFCW@yzbcaz1<wN**>+8wlQ0OV?#}3WC%t&>lUg>Q!07D3XTk>N6s|p@%xhu<xQdA
zNjXmFX&=)N1u-@7O`aOmd8wm2tt2|WHPmEwroJ5rp!HeLr+mA8GNWh-L|XnZ)sM!!
zF&!|55nS0{Ic@s8BpTexR^N?aFD;ODr&su?ZJ`=z3Dg<u*oUrV6^U*wr2UP(*zjj-
z+@@V$IP!BsCGo&fk&_iHYHj};QSLl1;6)-+-f<yWWf?F~;-`wtoWDH<H{P0e7GzMp
zZ=Fzr_zaC71#V3}8r|8U5w#b_jN-S-Vq!rG9yDYzu^<kbUJ_(7BXXkbtR+Dq)mi80
zB?ZxZTc#Um>Gn=<y<+}do65Z7+4l<1v*z(VZEYcZA#P>t4b)BP5|9ADBu6=&yddTs
zF`i@o)g~rp$U#_{dV+Uzwkp64U9gGO7k0)*r|l0jR-YrWQP(QJW(y(om8rG0brO3}
z9BlQiIkWWf9(KTCv3%lB0{fPWDi8KMEH7)b2IS@jK_H*;N^%(xN!qZsdEJB+beiS~
zon6s9m%n{A?eUVx{v7pvu2kL)6YawB#>MueIGdQ`p)BST4eoKpm7~c!S?he=oc@i(
ztWIC>O~LO9B^H=iuz(~mg50FuPRfE3#-Xr}t`z%SME}G@T#7-9g&LcWCAMY3j$t6U
zy@aE+Ef1#kC2=8OP#*>yQi$<HMcO@?Wh4K&(-YlWM3a0xy&4{Sy%f&#B8jt#-9{hB
z`)Ut)_4I?R@kD;hAL5AZD<~Pvy1DlE+`KY<?-1cb`^aac$Twz&bCuSnGMm=B=Lz@;
z#EQ?Hd(Wj=G8Ycx%=2Ne*R96i_4dKBQx7~{Je*_KLr0Xre0Z&Wl7urdFy!J9OL1G%
z6H9Q2A;&HgdP^`K(e+6vx@6-g8Cr*#9ORvcqQZqA|Da3n^KCH~$;mAbBPTQSCkuLa
zclTMDht;?8AJt{I!Fcan@NxSbqqAz#mxs-{$pkKT6$L+OnIY)3c%s&Zq&K>~_bFJw
zjj!I10Y3&z>e>@S3xgyOe<yxO2;XdTi-coGB%}P^sqSJXO%-x%wBGG+MBmC)V9S6B
z*n3pkk65hP{Fo&kn(YCD4UmL65}0Ie{k^XGx!J*3zXVY_Zb(%HZYhHoo*N09kJjvu
z?dL5C?~5RakOYLx7Cu3)DCn>ru$IwU#8494rGk-aO@o>_xZ$yzPa0u(biiJ0Sbev!
zskg<8i;D_W7rbZ#^_`KBy?_+NSY2>&L%JYKItg3|g93DOXQInG0OBFP8JET9;+?(p
zcR%4GJ=o4I$g&8cz&_}BM@{a=I7r!W7wT9A0BnHi6a8rQyPquY3_OIPs3DOR3Kb9u
zqZ*2}Bst2!(}21q3=oQ)f(sRc0GI9eJUlKCpM6h@!VOsC06HzN*gK3YHUfQV#I;DZ
z_oMr+rK1>VXv@s<w4M<mRxp+C6nu)2YP~Ec&<BFF)1~$E*qNW7B;VGS8Zt&-j(eU&
z_&y$O$H9Dqa6m5er<p(ptL3of@HdKf8sbx-$3GT6PjhfDS51~8p5ir577Kb6FKZ<M
zSn?aU@El+`C$LS`DMdd)9e9-XaV1Umai}0&=Z(R`wB$~*r}2~APh(Rsj2ajrA)d(o
z8~0*YhUTeon$kx_)jNjwKx0?}cPzs@gcf2fn`*a>4lm5oNf2|(d+;-%{n*38htN$i
zQC0cP9>sGshCkV%54Z1<F$!{|QcdbWN2q{a<n><7viPzP-;X{r#OG+WKfm&t&Lmy)
zy5Fp_n7U#0{BcX(6cLT@wHNdcMimMs75d%0-O!pBS%s0hI`Wcmjuu8V?j$5ejn&rz
zry{JYr`M+26aVg%6Ujj!X9yvS7CWlsYV22Dz`ICk?8l=OCV!r%%sSzyL}!VjfilLU
zi;C#k<4C7R7(yV7AaLHc$tZ-?qN~Fq9{uCSkBG)W5xWv`|3@7^cUhqQm5uO<5%0z8
z{=TJ-^fEs7gYs1y4~KfmuXv5H09Pv<Q$Y6t)rF=1@jM(%-Nwzoku9Gat^kke3wl;J
zq#nF8TL_K^xr?w9i$3WCHNDXIhi+brni!el>^zO(O5?4^KsQ7FBFp@0@@nd{=Vg>v
z{D_w`Ix(AK!oj_SORE1#gNUOT{(4<{0rRd_>PWlSBQ*r53{&!BPVL&q-}?;+^6>&<
zi)ZX|8zW#a6+I4e1M`M+h!GPWpLL4^S^o4PDFe(*$$6@ai))&RB)5}9zDd4M@6w69
zB9XTHuRS;lRqEvbB2r8X!?Q>c$B%Jo7JZTiwrt%%)sYR}PI2gLX$HG8W3$~IuM;g}
z1z8#o$eKOp<nnO5Prlj3-7S%yQ*6JnjDdh1JM-kt#=pC>=l|a%Ug`ix2wh{!N$imr
zOq(c)wkjJuX9z($@h$D>i7iHi+$uugqg)jR)rQ=>JlVw%QYks)00&U?MQbH^YI^#3
z9cj5D{QfXMx_9~c``E*UT(ZeA*+?;SH^^^N>Y1Za39*C53J_J@{!fyLioDhENR(69
zLlVWIlh|_IT{%KRw%~YYQ{9jejNa%imY^83;jYw4+44#^@bv>6;c-iYzRKZ%e6*Y2
zg)a*X?fq*--2DLS{Nm>UKd~+@mjXz5m?J4SK6-<3n8PXmg>AP2Y!dq>Lwq=lcD;2i
zXA=@YYOrsQQS=lcyqKAm{y*#|v_MA`KS?y3T)ZRU6j*|rWCdXvRrlHXFO!mz=128{
zH>!E2;yC6KH#?*dWpE#GuK5vNBsyWBxptqIV{*EC;d6V@$vjrQSwOH}O=CjF;)@Uv
za#<5^?Ms9NTX#C^enUv%K}umi-R-O2A1hbvQ#3B{rE%hCSV-)%A(_06f3MKgC}lk&
z&Cft<ZDK}A(^ATAFW4q}zi3Fw3h~;#gSxPZS^A&o?xr1CcJ~x)s}mt>-K0HxjGYM&
z*xk5Zd%gb@YUSF6zHj{DbirJW(f8)25Xga%omvpwBrQnjOJU0Ip+CVC$Y*7NTN-jp
zz>ol-SR5xnkxuUcV($aaaO;!{-22)8Av|l~nugpVzgx93?;KKIcX$61*?XHovg6rm
zcd|O;{|H&R(}2Y(F1TDYOwYG9*3U}{7wK$wBr%PWLBcz?7P=E}UA@~xZ}{>n{o`xL
z_Ur_o^jGXqNDgra#<8HTXKn^t!u|)(z-J$0>;;Pre)9`{#2Et$dok#DbQ?DdAH)}b
zLy9bbO}`>9J32b0w<jbPkKn|waxq%pL7ZS+^4UX`cmyHim+yH5w^4t_U(MN-K}Le2
zP`zCJM_71(xE7HFbPk+EkB~ZHBqYdrSaMZ&Z}^B0L=`3BGcumJLKnvDK)&}J$gk6z
zEpH%A<LwvT$HG*>%GH+|cJ>l8946;$g={>#?C;3zvbwA-#x|dY-f;&988oVCL^WYD
zGM7@9N?{<Yd3OEqY5EA`K`}L8SN{du<r}gMjq1!Z(5HuWWWZ^+t%=v$`edEf-{#I|
z>WARSx^wOMy6<pcNbF-%Kcr9riPvTUSnG%1qp<_>qI(CJAEA$dSc=WULj%VQ%hR**
zP>_7F0ihXzu=1i3`6y>@Zz9x#jV-(G{H`yf40|Y!371&7a(jP#(S$s)|E>Hp35k;c
zU&)@1fES;yzsy&%_zIAnI5L`^XD`wtnyjaBCOAW$R1QE`%8PjV@}%a)C8~cd%6Xqk
z+%>t=!k&Yi%>UgLRxcrfQf!on+90G^Se1SaXv!IdTP3rw6<;Ds<1pquV<7+q;evvT
zmq#XAwp8c%P8@J!&LEEl6t5$}MQUX>*0Bbteexksd+8R^Y=B8wsA76|^Jd}Uok1Zu
zsA4U$j_Ch%%8?Q6KL4G9kud$<+TAgq+KlRzNP!XkdBFrR3!NAXy@r2R<B$Z!-s=A2
zh7Ytm>u5{61QwwB53U+LnGi6@EC6?XWJ`o)FtjdyCJht)vY<2;XV=Cp4&EOg2`VVz
znBhOZl2fX~-#6T7QcHJPxWl_n%9Wx%4bL19^%zXLsp@fqm;XQB4T+3xkkeVBj)gGM
zIWA!P&q?jR4|uZrG#Cf+eJ|rV^wbpI9-Ja1q*+d3W<`_SRB?JzaOq`Cg9*li|L%Ov
zyAZ*8J))Ek1HCPXpZFjgK{^s<El1%bcff{d1SGVvg!}gY!$AIv{Z@jzW?5gQq{S3r
zU2k&8@r*GxYDvvmRQc_ZQQymMDXsKGpe3d;g%!=kh1{YGs*M{G(ijmg6bH<ScU_MD
zzZVpqevnQk=^(~7*y&U2qU{s3kK(9yS@mGDM=VJ956sKh;Rz!S*?xS|(iu`msYQ&4
zb|2>~)nLM!$Ou72BgZj6tJG{qqp24QPly#5d1oCC1$Aw*x%)pr&h*JhPkfHv_gSHG
zQaWL1B!m!BIo)*ck1N9eSz@~5cH2nse7v#Mw3JLuO$`wpaQm(+%X4Aq78m5t4(cHl
zVjAq?+&|J<oT=5%mmZPLv6%SS?=AeEN-WGm@ISdfeSj!&&#5HSpg3oCTmE=0rlXn*
z<zMde{58eDG{G;ldTDFj7yi|*APrn3MrX213-5(+yw-ZmgL6Ikois*zy^BXZgN+ni
zT=JxQDwSig9*a#z2)*gD@y~>D7@6Yj)Dr5~W?+Cz2d|nC9TTtt!b%wtkyObiLg)YB
zyocyo0=X#L)5BDrXbE^K)slyJyv@jX$)6LXy!r4Q%WF{XS4VZR@vsQsVo0-D7+!=G
z4yw1|fATbREP=CgcNpm+4q}#~gYeL+o2&oY4|yQ30sFt9yN7^xsIwQ=!ZfiE`ANQk
zr+No?s%sn{WgWJ<^UMMW*Wv2|=>}^8DNAEB(9D_#!`KrAB7+L!-a#!Z*kX<RPeD@x
zp1xvz7yF*$U7LYUEotM1l8zg7PZjhJq#@?|>+cBsS1aq3`y3m#(<pUKVI-VU`_OCt
zXhfNcjmrih?_+J;JtM7>nI|LFCy1W>4=Y{=p{bqBmoCZk?b9jKSs`*Z$<{;2N&bn*
zY^3AAV9zm!pbltpk846MPqctWHp@niEmdf@IIGgY!#drt%ocM(<7QAn?B3)wM)4%K
zlTSpf;6L4j5aQZIJ1i65aW5NrjSHeop5jYbKUP>hJ7PRivh0D)yK|Z$zL2|yap=Wv
z|EF)@)}QrReU0Tp)#PwqYUha3>sXUB-woskY-|aR2W{M9NVB-4p`ge*qW+;vU4pN{
zSWA*au3hB?$oo_qL>ut}BcN^DsC%e?I^&)UE^5!TOv>r&lVS$3^HoK=<2Bfl_H{j_
zy+{M@_nv;)sL&y1)t^e|SODJKYpG#=fjIstwC6sbrK1WOjvoj*@?)3Lj}F=NARZl4
zZN?%JJ+53n{Wpn6bbaC5mMOZ$00&@l$Xe0ucSjTEO}t=HJyj%^Q(P4|f;+dQ=RexQ
z5X#{Ww<FDq*2ex*8`ex#83)y0TT{B*fUwguE&no9AkjBO`cHC-r~)-X>y2BK5`Ow9
zPN-<Hd23>qrAX_It_4_2&n?t2)w>5j53sQCwBdk%(?2f@MfR^E73|^S7)+$tlG@S-
z1@Bu2)qeaVm81Pkw6#_gkX{h*f4X2ZQnm|6$cg^z_}G5+-0O6e9{#)RdH;7DfJ2lG
zX<r^WDdA3JA~&{vuWXRV`u)sbTTxz;{{$Vv05`ory7y*7Tym!lPCijqk~#7a_3*KR
z)8-%(Y_uT!KlO0W2KTcm3puSc%0jd*B$hqckruT5S}eWZ6tnQbe^2%Cwb*$k_W{!2
zcDwcTHBYw6p#S0O2y0(UysR_ck#1`P_)b4Ry;?F1(xEzEsnVxh*aCJ7|9@4_U7b=5
zWUrOJ1elq<LvdnN`S3xxPdwn+dkv|U2y35~ug)vvpr^GU9Wxc+u^y>k{io~czlMGp
zVJonfIa<sOGOyNuS9-B1m_2wY`*}cgalZA$eBm(&16c};*#7ZMKHco<Fz6Wxb!P@?
z0dqRPO23@Lqub8rE{~2XGzBC|>uLeJGPQ)fFQ^n#1l&qBCDOhnGYBb1YwGF6={&Yi
z6q<|3Z5SKR!@EZ^8{xb^U&rRyG+=`Nj&DU2QIAl|SNFcR8PJ>q;}R~ii59+JpMz%%
z%r-0nbiW^7x<x141=!&J;i<4oYiyu;5>>I>4I$euBCEn%Cm=qvQpN3YToY&qPtsxs
z9oc0iCpmE-NEM(s31<|Vc@Z8GAq|z6<9tV1J*FLYTCAN%3ppymgAWzQON@B1HV(!r
zX-ko-z?wqr|7L^0T)~u8JcU(~O44`Znk}8gXG?Htwje#W_Y;gzzz4tbIY}ePpP<kq
z$A=kbJbTNSeyHa<L@v)x|B=27uM=w>vP^Ez63d|ZNrOGABT+&$6-&poGN&4x`36V0
z6nBio*r>xnSdQo?V=JPqvbg5fDNfRRD_1clpMtz2jLfLOjL$^yJ^<(2<vN{#QwMVr
z>nx+M`E#ef?pLJ}g=nrTaz=b^yf}s3Zw7;++KPfgy^<7RfpK;ze&(rBj1|@D`6i=s
zE-A6@H%RvzUR#cf=a)1F5P9IitE$h{?PV2VQ;B(pD*LXc0*-YEcK%eR?*kDhpl5N^
zKOvbooZ%;hf|krkGfa=-5PnTSUhwcQP0sAkw8aY0cUd9!oUEynX`{Wu*-A<xvk%|-
z=E`h4FW-NOwNhMAuq?;d7V9~R;r?M=iH}1aVA5Hb+$+*zNA$Z&q3`xnPJuUtUQ91q
zRM3ugA3IH15*xAhTG`bCKFSrKYE*kyPG0*e;u_}A)l7$Z0r!1?3LK8M+XmmJx3N%J
z{~p%YF}fWR%VOvNH8#DkY61gX8ps-Fe4$_;4e`;&AoR`0Xt(T4yx{ccAlsNac~JDQ
z>O}dciZVvUH9h!?s{Ut;F9XAq>`t3lIeR36-_2om2#XvVq_g`dmGaLI7Wp=9@^Z%D
z5#A~^sWZwN?Nly<k5Z404z61(isbT~(v)NuwJxskMIm<r>84P2HUiwtFzmR{Z>Y7E
zxxVeD)G~EiJcG{f+<7P+n~#0sc{K9{S&pnYrgH3S-aU){NVB=Ie0X1BPNj-+>+Z#W
z@L}>O=ipL;dGL5nl71FF-u05|O|<T{N1c7-j}}$-SFMUDQx7y*t$5V)VB(7*LQ{o4
z$C5l@x8W<)UO#o*l)v1%=mGbmvCz?eN?067t@`CRn5iE2!vRx6Ni#ZoJ#M0>D)an6
zf>ogG%e`D2kgs39aHaC&qyA7%KYF)|3ckv1->=qgoKHL#Ri(UTxQn&MYt40KTFeHR
zUI=K)y==0C=Q1LRir6;cNJynJe%2xf-&{OWCf{{L+}TFV#k<LWYXG%x=jW)+nhlw2
z>Lh<aIaATE(Us|E&xqQdEYMbo3BrT6J^ff77;nv^>-<aZhb}XS*AjBSpYP|@#b--y
z7gMBvcMjlS+*%b)@w_`RFl@4lzktr>vz=WX*AS#nQqYfgx~x}0IYT2wS=2}2fFs6S
z`KEZR&+D#2?2-Jn9Aw!utVD061^n2(a%SJXk}`QXHXD>j3$qg<T=FUN!Sho$PpCfu
z($&7}k0OThR!h!q-6<`kZZhgI{fCSum+LJQxdz#_0JJH7CFA(hg-d25Uk@dOb|%B}
zm3D@-Ix*zrq9kWWbMyX2$zAqt(||uEcz{GS+`|Jaq}bEI%rM4e8n6~z7+@nd=qW_l
zutedHUw)nDhg7z3;YbP=+YmdW{)dCv4h<UhN?jRt*fZ0w*O}Re-7_jlIxW&axUTYO
zHmuN8x!dgQq95*l1Fgm$PoPdo2u*N9wzqCtzyZ&fBlBx(_A43c`C`%9C14-h1-k{;
zC(0lgB5&%A8<m*eJtCUgQlvdY4w%ZC5MetBT~iEe0{F)AR{A(orEn7E9d}h)W4#Kk
z+I%nkNE4+ivc2O5)*~#=*tTgav>L5Kl~(;jA17YrT%D!~hOJ!J_ui@`m;9Tr_<(sS
zY>5;pV*mu+7qdtV^8O6-Xa@n&$(kN5xCw|=UXH&o%Vp6lr=?}yWXZO$yF8nVjmjT?
zJ*%ru;;5V?(xU0DODvk<l9bG4QDsF?soP^FK)!S<ZZj<I3NjUrP6lUByh$o`GHLaC
zg*^Q^EHFwpffsPzj5Do(*!*N+VIe&;q_Ff#$SB*(hpmVC{#|_s`kL9Ku|5P?fn7pe
zsWV(f{0Gi3cXh987;vTZ_M^KJ8^Lx!uztebT4G;Kwz7s0pdk78k1uldB(f`8KN_7r
ztClN_IG;T<O}MGbhCZ9?I|kjh_Iupww*kKz5&oI3mr!SFckX#<os9NkhOt6}hM4UY
zSrRGX4oS##%P+Dsx^p9^ZNX-lKCGD2u3gE6iPG{ItBdtuJsshiWQ+ZQ*w(^!c|LNL
z%{NhYO=`?gP^`l@Dw)XOrgLrL-VlO>*~j)|XKG66f45>yH(3x8%M9CBisVKq5HO~n
zg9ptU5mkjqW0q#$r9eG6xilf*0>QO5<!}<WRi$8hnyqPtsbEDmFyJ?a5%<^;1&ZJ8
z8-7}W{EuX{G!-JupKwdxG+FvVh(zr@hN0AZf13L%w97795ymBA4tcy47*v@+o3Uq*
z{X<w$Y(J5FA_e~Y6dJRXW3-qcp(Q!`0r{!;zVGF$1Tk<!yQy`*(l6ufN?(=VQEzCt
z$Z!WD6Qx+_G>Jd2zyB&7@pTauD*V^az>^^j)Q0xJG_>LA=Y@|Kq+WDJdAji2T_z*?
zGe5LNA<uy1YIXf_tMK=R>4U+KQxTDo;YFyO*HfYd#m3AqpN4Iw7GSaKSu%^M&%Q;v
zKvG+VAFvzET*(z6Ojxj&!(n%Op>6StttTZGi#~0Y&)g<8KFcH8MLa7x;@hR0>+fck
zsO_b=vMRiK3KKD`9a<yiR>*r<6hjXF#hX9ku&;=L!9Bf`4gk^dCJ$~fkoaI?cpsTM
znc9l>BNyS$yIi;d)!ZK-P`@lpsRc)-hJlWPl-(uT?T&Rzz~M5Zsn@TRv-{wpwdu-6
zla~DJN8JT&LF}^^^>3R-915)Zsao}BIQmPMFKR}n%*gAK&4$Prr&31Hg^cqb$JhKw
zT+7zU16*d=Xh@}(Pb10X9tLn~U&6j3+ESjpx`L-A-^hBNuTY^Ff{i{Z2KDK`%m3|r
z-t~R!{3QL5uPpy^gaOe1_r(va<qgpJ##{2w9xls>8CO6`GmWEv6U{0qVgs==-1aKr
zb}VOi{pMNx(Ez3-U#PwF%b-2NE<B4VAK_*MhLaNCViA8JX_sPHN8a1_Ci}rx#%b#U
zf4P(vVzlAL=6r<w8jSu)6ZS}~O<@0qQ%5%~{P%**&xhoGH#729H+efc(nus^W?Y+Q
zUz%p_#k=l5=NoO8uca6a+at_?dOBspI_OPkrWvu$Jw;-v&5PBn2uyz-epqX@nqP==
z`}tb{VRsYxw&T28X32wZpo~qKHdyIWpB1G$<E{k1=k?JZgR=89><Nk*ZYbq|Fcz0l
zjWf@N(NP90hR`48i#?26vO)Lvec1QzCg9FZ*n8MH%D`vt5t}SvAZ{Em0=wh$u_zX!
znjqby$n(`Wr!9qODDwS}FIw4s+&I{8ke6f=oDW7@Z9*<Qy95U5Gu}g7Xb-nbrhR7p
z{tH|k@;~37LTY|7jB>)AyST-^AIqv`)o2S_xXa+%<5|b~Y;~Br<jXvoUskXgZ&&go
zG-Ps)onC1qG2gp51hnqQ->gltQCVHR(Q_N6?X|X6lY(1*GB`1kZ_m8yTju?iTtsLL
z0EEy!Gp=nOA~XbCj=vu>fe`HTOB-Pzvn5ck;W}b+T*8$j<gZYarFrKO<)GQ}KV#f8
zG~6GcH%?1jFJX3QkB%23VO%spqcN;^gr7|ah^jLJmK+2(kvb)q=&U+&wL|sLS8`9f
zK8Kz(O+Vije+~~5O_L|<O!fL>*5Ae1Y=CCHImdcIPPYE(%n#<X!#yFY+R!ZX|Lfu`
zqoQiNH%?1;NlWJd(jhTODXDaK2m?cR4-7R74<H~&qaZMJcY}l=DGbsj&5%m{@p<15
z@A`k)U+#6*I_KJZUB9zG+}DK>8;WsKYDm=tUJc=kqeTt(^}r@w&<d4rlOI;sTv6F(
z<~S1<WPbqW^30UD-hk*GMvwSl9jSTMIs9-IUCy<sMj@UrAoF(*m+*(n3GheUsL#|z
ziL%W@7+J(mUREa5r}CMWf@Z-rpoh~Pd1D)LBH$I8d?mnlw^L(PYKFKuG||AU_5zw9
zPC66LexC02IZ3PXkf8Pm72=N)X{x@2#%}vcT0qJKJU$+x3JGmW5Y@+%Wg+q~?Di<Q
ziENj9Zo=wPC9a{j6vmZMh7Tzx)yz?lwRIEd>bs{|1m2YeOBTdpk-Pl6#0NY){+z0$
zINIbn#@0OzyS?0ZXcRW76A9nXU!bHcMcjD<jyUzsC7`%zC>gJNYXu+9NCk1HKN=-k
z6#Z&ij_3FU2Q65dhHRIv$i@C_<XpDzv`<HIG#&4C3`4KTV%Pl#H4ctJX3{r9MBgzd
zL!{k_7uf0>^D`x?HDoSIK@W!6+Q%Zrq1;}*u|ql`IIR7}3M=!HS?!@QdEys$J6)EI
z=#$(S({pI{68Y|)fq<jAPF;&O67Aq^KBJrQhDD4XjVup~qLHNho0-vakXWhqnT(##
z?yEAAAyn9I?zOXf+&|0o&Ul7?dT=j|?{LgL{;aAJ-{k}WEUiIwCk|ST=Eu93-ndtU
z7q^a?UM6Z=MkcSGdMc@qbuvF^oqolC1gK?KzPYnpoyeI=5y)Q@xjS6aNCqmzr|(^U
z6YybbGd-e1dX<G-7t=^eJ!$s9{(=QbE7bxtm@2FtWHHB3hZjEt{X*0Dy>7onF<HVy
zY!SnpMbR*8VfoC17_2pZ`RA-gBFLO<aR17iib6jm&TDzKL_Z`*-09pWu9fCxr{^9R
zm8eN%b%?C8tvmgk=Bc&!M`Wezfzq-eZ<m5~ktbl$xx6^&*Qbt)iZc<E12E_^-6biY
zc}e?qGlq|`HG77EwX2AvSM%OpPz?ozgV5SC!5VoBT6TtEN>h9(dA2|wWAI`z3*101
zX^njC8_$;k4M`qG_tXs0WbY2rs7}euI#%(PdIU~@J#v#HIazH9O6(px%XM5ku7tv;
zcnBA&^0*|%MOim~RV}H`k7JZP{S2Dh$bRcIYGh=CPvELyGT-EanIA)5(AHvUm)hXo
zMNF{JU%kWFekN#``&%nWVzVLHc`0@uH2Wgbg=yPJr_+;M%^VfWJOFN!jj5{<aPGgj
z!hjcW%P}g2_dtSZATAx$NGa{)G7eOtOAQl5vi~|=ZA7^!T|})2cWdRHzn+5vmCX5v
z1?Sg#TgB)IbZ&2|0OdBe&C8`mTUac2%tBxIwTr9n?2B`tn!xT-^7n?H3#QDqQ2)XN
z&%%gmm;l`uzi^6q!^*Iig3>x_YeonD&3KeTO$FVj{(~#`^K(#hdK?BGS1Y*^?4MO*
z@?-4IkNxQbj*^)p|8Y=3UR)oCb)d#9!4KI)Yq_ytWKJXg2nBT!3`E2AF@AZGECx(W
z9IsndS+L6}!!kmz@umvLuBwZMCST_I$rBC{0L9S@t1@nJl_;ZEzOg@{{+TLdS?D!v
zS?a(fu_WRF)&hr#0hlK)VscBBv_LLfM!6hK6GFtri#{81A2ue$1FI?c_L6B^%dut$
zz>uLDPhUvKp0=w|k|&>vO+NiiXn^Gc_-Z?F0L$vK5eCEP7e8?@<wQ(oa7i;8PH*f>
z%zQ84KA;t3ny2pF6xk_5H-Smsc)z#}(O*d-I=ds9qQ+5rZ&c+0TDg$UMU4rrJcRV#
zy{?;{gI-2EabioQorhi<%geM3Z5g{(D$X}r^F**-a=TBB<Xo+ji#}gTmLq_PtSw`U
zmZf$D*CM3De<d!T<&~YHo(e1yRtiLM9}j2a9@GmZ+P4#WXWr(HlT0Lwf!m;MFAQF2
z-JgMob+zj<(voRjTkxj$$p67IU);?zeXXF`TFarvyGvuvjBo5OkY28vcQ}Slr$aZ>
z*cn1UwKF0k2b4**vR~0+)b`(&xeDVduAZI)-3(LYT3Ll1Bn^O{ZA-J(Y^~y`UY{?u
z=InSrEqWSs;`K<U<9GT=$@m%h+db(+lcKnvMSW|=1>X;rN2X*T5$_{AMi8J>yHP$@
z21xRxc4N<N&d4#+ao>MRBrM>dX|_}8kNU*b)(Q<aPk=b!Kg9bNeo=TC|AAkkyik4Q
zRK>S}M+noO>=|NxC075awCbDoPaS_|zW%!jc%=-n*?h!C-ZS*rN`=)QXS#C=D`s8F
z*~-;yr+7Hn1TucJ0JIZU(bUeG_5q{3Lk&WC756iN^7+ERS~>zwDfD<PD<assns2o<
z%_C&t9qWjJ^2m42&*f(X0+iuiyFY#xVZl1T=+27mwJPQeo&Cn2d=ab!_K48MJ=d=t
zBkSl0wc>Yt5$OQ=NH=K{U%HH6JvM!0f-AhrKs%*b;KtWA#VhIXnYixUH&?skO@P;_
zrKRi`^U<?@$%zmmwcz1KsX!x+;XSiQVBd5@_)*sSgRh2-x4w!o6`J$9CLw5H^!$4|
zp=s6_!dyU!ZmE!yb_RwCvGetoPouXMj=Ec~5E<Kfr+qrC(kihV{_5M!EE3u*oDu0*
zjvFoJ=e1&}$uWHn7zXRoTQ#qgL)P#B-~*1##q_K40AS~5XFpFmVGX`13j;HKa>%o@
zolj*F@438ppwC%$<;-1PiV7nVZ(KgGBoe&NRBE03KuV?7JzVf<;6FY2S<NaTR~BkU
zS-7s^dSPcc1X_RFX=_l#hF#wBw%mbJk0f9k@CNcbKf}IF@r@0wN%GEie<q7=$+Lz6
zC)Hs&=<#pdNGtVi$!syK0d}iNb3B(}abs$*S!Aj9{I}y7L9i#RX|IYpUA7WPYr}C<
z#ErI)?c0=560{E>AgfSy!D|vPNGc9ukd9?YZp~`6k+E1zIU!u=`B%;rW)t;txlf{L
z^+T^rfAxEPw@M+O7E;)|`_#&QO-?E9_Ti7W))=HMc6T>DX+vdf9`8GziB<R)O_~MO
z+1!fUp4V}fe0C9cSSvtZZ%s*E^gGkNyxAXWG);`c7gQK1h{Q!KP7i}NY$LgHYmj3G
zv;_+O2qZG?Z78$cA$mK1MzZQWH^t&3m;n^sO_jRs`_EfZ_!4!PQ~%MvhDN<edZ)O)
ztiHM^YXJ$=6J#-a0<~>;6Hw@7FcaKX-oH-ePM%ZelL`$KSV_S1Gtf-f$1_cwb+)L?
zQoMHnGLxD9H0n*po^hx-)jC93)7x;DWRD=FKk_jh>4mS?&skBDy^!hOvce8`04>(?
zlj;&ms#rAY{M);`kY_PWAjg>!6YoBe^KDD7C12W4F|;Q2QCKsO#*x*D{d;>a6Cag@
zeissnGUik$#}9!uK$#gv9qxx*HKhicz=lo>ZN~U^1zrBQB&2#*GFTb3=(LeyT6>ZD
z2al;9ww6*hH@D5$VYBPo_;4)ozR8k6_%js`U2jgGyrP?*g`_lPlcs44xt<>*G-V_6
zOk56NoRiQ4xe3%&EhddN;8wWUPW9nv@hig_j<dTHmywhlmPQww!~G@Ffw36_K0GCt
zfh7>XdY#4vPvVRCu!M=Kuw*T+PHr`;J7F-CE8LS7)r7THe!q-Vlb6rYA=-<+@OudX
z#9Jt6677b*+$u|YqKqhJ%5TU7oqzw5gX(T&EG(Apt%!cpC;R$Y^b)tTrYL4a+Vt*F
z{pY820+3E}aVsAH4#g3pf~aKc1fQ<56LyXQoe9ZTpC(99^;c~nCs)eh1COZ@f-*B=
ztx-p?R=;b<G}jomh3xS=3j1b;!jo@@>k&h+=7P|OgWbv}9irks+-W6NUzKW39Txet
ze>4^e7QPRB$`k)39hGKt>2_FG6DPaI_g{A+uC99CSjEs#Zq-mVa#5N#r(?1a>d`ip
z(I{@g_keZroJf5L-u-vV{@o=0T`Gju?&X6VD>nF3l-EL^Ek|&z;>E_P=cJI4lS#9B
zZVr>-nZ&&}U}sljBgd#GXA@S$rqTl&bn?D+5oM`rQ@vi1%Cr0Oa}Zk(?A^0e^%y-T
z1jhS4aA@PY#zDAbnNib{Uy8%fbE;Bv1+qD&AGn0u((hPWQ3zVE-lsTiUg-?eF?2`#
zd%7YKf5<#UTxkl6drjLsw9#J1lp?D{`;o<0-~|gD)6gTDM;hB(`QX4NgE$=cq3vNH
zz}c{Zh|EC@>*upe+0Bc3e<E4=fycc;ZMD7fS-e9^O!Ns~H%RogRk}J0-}PQ!qRla~
zztf!(DW4RQ=CfP-DNzVaV&4cuFDX=6F{42mA_(37F&A&APoKEGW%8#2o|1q3p7f4v
zmC^^^+0sq(#3kXB`ZaW(eS2^z-j)~nbt}%!q3kU(VlGyhzw3B<RLC~)l4O@U0#r8n
zgl=HDDK2D%yD^O6=6pxtmgZ3zczv|}eQK<UI@%wnG)2pd(wnDmJTw_=6+{z9%P>Rd
z0K5wFi2QT@QFp@+BzT(0&nDj#!WtFV)y251=`z^1J9`iZb`K`wPJo(VLjjA3ml#3m
zqldJ8J^v%1oJw#DS9M&*<EPa}o3ruhd(7q$nGJsmI;b+SsT;HaB2V<^^s7T3e>aFW
z-Y%>%1V3w8!rnw5xx_ghRpKy~E0lcEfG@*bL3FV11Q$U>^uhkhwk#3f!Q7mLUNgqg
zHiC<JC1je3YuQVXNC883GlEl2cqZZNc%<Lst|*%k5KY!A&mgp9kC`8ZWkH$HilwtH
z@>X4nP0z(3tXiz(_i$4Z_f!BCAYXT>d`~js7;p*~i|=r!2wLI3yz8cN6P_1lBV1C_
zMd%r+RS^w#zC3S+-lz(OsVXPPD828~Zx%rXISpdt*z4qOS_qaYDo*5JU9jnSTmC51
z2U5ZsAkoS@7`uFAzhNz=_3eU9o)L96>bTmZNzdau94Rn6T_}TQ-!;bUXOiI@aZRmE
z4XjedFtMYdi=sp$g92HIJGMN#zOn@y`vJV+{I|!Z7{dKv4z*8&^5usDW3I-&J4t&L
zJY$`O?CBduxmuF~K>EofrN`-7=s&?!shLMO+>E_HsIsQ$Utz*IQaqo>(lr6fBRn`~
zOGPZd$T#UdMOgc47*!PwKt2%}#J1{UG=Dt#Rk5>*RH?~(yh}8I|JXe^5JR(U3inM<
z{B3LBsT1Wti1T%NrAShoqlYJf2jDhJZh)caU81(NlN&dHiu1F;Gs4G2NbA+dv`FjK
z6dD~y)Oq}G=peWp<2YZ&nQ+)7npsH#)x6N6f4#3;8ZRP^{|*;3<5qCjAl(jnUm#rk
zp>I@TD0`6}IFGn2ir7!^(by0i61^&sx*n#nUJa#F`XG4NY>^oc_kkS&PVR6^paNs?
z!>B7HweT)=4Kv_Pdh>30i!xoHFA{AhuzrIEH<F^3y?z7QTwiw^CJc>syzO+s!5nP$
zm(K9TnX|oZdvE{aXQ%7}4VJ!Al9=Wy2<PZN*n3Bf-yt%DImgs=Ek1dW2@bC~hzRK)
z+*ZX~UtJp*x6<~rm7|KEM4*t>Baap{vB#f)A`h`-BQpd>di0fUDLbCqLS=(po1DqK
z(9ft?M@7sQSCU`RyT?1w>MYn#2}XIyLAX_?XVs#hN{R&l8|0A;@G!Gy3>@$=A#<=+
zVN){G!1ngEzDgxaG~G?4NN5~Kq3OpkBx6Tu%(3#fRe<GaFhrcT3IykcAN+Q4-AFHx
zr=nUc3vUt))yO`RnsYpTyJ=4V=zVlCW*Y+2E0oe~W9?hgIdb~D_Mi4Tk9yHJtBY+U
zHLiuaah3+eWSRCiM(qoSBCMLm(_;vJR=S}d;Ji(AOXtMU0G;BpNDO)ca*>7^$ji0&
zGY)Lvs~x2(q|0HD1oN-;f}EUuhbO;c65QR|^)Q0{<OaTW1D^MG-?5t-#e~U1`^fS4
z^L1aNnV9*z8u#1LuS7SUaaUL<F8?^CNZh|e+%JnnH3T$YEWAsc?KJx#b8fMEG%+L%
zHVx>?B~fgrKrM)yZXAwt8Tzn1YF!sS?jrMpmvRoBqQDYlc-{pv?l&md>aG1qXqD)S
z)PKX+#`Q!T!%z+>5hcKy_0-p2qyWHoURPsVF=%R7eiL!C9$dj^2J@=Uf*Z)od6|rY
z8hN*W{)V_2t&!s#l?dzO^&99DO$PRgozj@T?~ArK6P<KuL=Mo7B`Ldx7+1;+kC2uS
zaDs%yFYix%s?i(Cnqd(7J>9<Aw&zNL`}r`Sv!>nbt!NDWO$WYTm>l(naiYT;+C7n_
zVA)X7Q6Z<O&a{nzmg!@xqoZKpZ1RSn%yQq~DN-yN$ph&ti?}b>5z02@@LSh8l8G=D
z>N|}eZmH`qv4^2t4_eC@`&qWz8?tF<c4&{xWbL-lDh982y6!7_iR=z85L8Xz&HXd$
zLHvSjZ3vuq?wcyDG^SCoo0Ub~N5snUw-U9<!?#2{^MFTh)3#Z`*v1foV)Sp?i+4TX
z<Dl5!;{H!<^T!jAGG}vbwvx+PBz{SYu8ivmI}hW(XR@{g9+Bx;%K6W%oiX3tZSd}W
z{IJ~K<t;v0E@1W80upiKr$khmoomvcmqQ|9pkGkAKU)qQkmC9uTX^&a%*T{j+P|@~
ze@k!oWA5y~1?Mqs_L1EGEfIe+WdD}`_w1GY;Y`G1Y%W?jOW3|5AQp`j5DrG~#3*Um
Ul64#9Px*VKuB`R45@;3qe>L+?f&c&j

literal 0
HcmV?d00001

diff --git a/experimental/images/macvlan_bridge_simple.svg b/experimental/images/macvlan_bridge_simple.svg
new file mode 100644
index 00000000..bce931f0
--- /dev/null
+++ b/experimental/images/macvlan_bridge_simple.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="348" height="311.5"><style xmlns="http://www.w3.org/1999/xhtml"></style><defs><linearGradient id="ddeLbvFrpPPd" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="dLREXEIeFVSa" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient></defs><g transform="translate(0,0)"><g><rect fill="#ffffff" stroke="none" x="0" y="0" width="348" height="311.5"/></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,27.38636363636374,108.14285409109937)"><g><g transform="translate(0,0) scale(3.742857142857143,2.8181818181818183)"><g><g><g><path fill="#929292" stroke="rgb(0,0,0)" d="M 58.97 19.094 C 58.977 18.895 59 18.7 59 18.5 C 59 8.283 50.717 0 40.5 0 C 33.11 0 26.751 4.344 23.787 10.607 C 22.275 9.593 20.458 9 18.5 9 C 13.5 9 9.41 12.866 9.037 17.771 C 3.778 19.616 0 24.61 0 30.5 C 0 37.787 5.778 43.71 13 43.975 L 13 44 L 58 44 L 58 43.975 C 64.671 43.71 70 38.235 70 31.5 C 70 25.095 65.18 19.822 58.97 19.094 Z M 58 41.975 L 58 42 L 13 42 L 13 41.975 C 6.883 41.711 2 36.683 2 30.5 C 2 24.994 5.872 20.398 11.039 19.271 C 11.013 19.017 11 18.76 11 18.5 C 11 14.357 14.358 11 18.5 11 C 21.017 11 23.239 12.244 24.6 14.146 C 26.512 7.15 32.897 2 40.5 2 C 49.613 2 57 9.388 57 18.5 C 57 19.353 56.914 20.183 56.79 21 L 58 21 L 58 21.025 C 63.565 21.288 68 25.87 68 31.5 C 68 37.13 63.565 41.712 58 41.975 Z" stroke-opacity="0" stroke-miterlimit="10"/></g></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,77,162.90096991491666)"><g><g transform="translate(0,0) scale(0.62,0.32300163132136867)"><g><path fill="url(#ddeLbvFrpPPd)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1.6129032258064517,3.0959595959596116)"><path fill="none" stroke="none" d="M 0 0 L 62 0 Q 62 0 62 0 L 62 32.300163132136866 Q 62 32.300163132136866 62 32.300163132136866 L 0 32.300163132136866 Q 0 32.300163132136866 0 32.300163132136866 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#ddeLbvFrpPPd)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 62 0 Q 62 0 62 0 L 62 32.300163132136866 Q 62 32.300163132136866 62 32.300163132136866 L 0 32.300163132136866 Q 0 32.300163132136866 0 32.300163132136866 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,84.45937956643391,158.4009699149168)"><g transform="translate(0,0)"><g transform="translate(-86.91999999999999,-162.47030107315481) translate(2.4606204335660777,4.069331158238015) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 88.95937956643391 162.9009699149168 L 88.95937956643391 195.20113304705336" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,122.54062043356592,158.40096991491632)"><g transform="translate(0,0)"><g transform="translate(-128.46,-164.19297644020213) translate(5.919379566434088,5.792006525285814) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 127.04062043356592 162.90096991491632 L 127.04062043356592 195.20113304705367" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,103.5,158.40096991491666)"><g transform="translate(0,0)"><g transform="translate(-106.14,-164.19297644020213) translate(2.6400000000000006,5.792006525285473) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 108 162.90096991491666 L 108 195.20113304705353" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,35,196)"><g transform="translate(156,42) matrix(1,0,0,1,0,0) translate(-156,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="28" fill-opacity="0"/></g></g><g transform="translate(156,42) matrix(1,0,0,1,0,0) translate(-156,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(156,42) matrix(1,0,0,1,0,0) translate(-156,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="45" y="0" width="57" height="14" fill-opacity="0"/></g></g><g transform="translate(156,42) matrix(1,0,0,1,0,0) translate(-156,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="45" y="0" width="57" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="45" y="12">container1</text></g><g transform="translate(156,42) matrix(1,0,0,1,0,0) translate(-156,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(156,42) matrix(1,0,0,1,0,0) translate(-156,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="33" y="14" width="81" height="14" fill-opacity="0"/></g></g><g transform="translate(156,42) matrix(1,0,0,1,0,0) translate(-156,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="33" y="14" width="81" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33" y="26">172</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="26">16</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="70" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="74" y="26">86</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="87" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="90" y="26">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="97" y="26">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="100" y="26">24</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,168,162.818751317853)"><g><g transform="translate(0,0) scale(0.62,0.3176182707993458)"><g><path fill="url(#dLREXEIeFVSa)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(1.6129032258064517,3.148433487416555)"><path fill="none" stroke="none" d="M 0 0 L 62 0 Q 62 0 62 0 L 62 31.76182707993458 Q 62 31.76182707993458 62 31.76182707993458 L 0 31.76182707993458 Q 0 31.76182707993458 0 31.76182707993458 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#dLREXEIeFVSa)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 62 0 Q 62 0 62 0 L 62 31.76182707993458 Q 62 31.76182707993458 62 31.76182707993458 L 0 31.76182707993458 Q 0 31.76182707993458 0 31.76182707993458 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,175.4593795664339,158.31875131785318)"><g transform="translate(0,0)"><g transform="translate(-177.92,-162.39526029012058) translate(2.4606204335660777,4.076508972267391) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 179.9593795664339 162.81875131785318 L 179.9593795664339 194.58057839778746" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,213.54062043356592,158.3187513178527)"><g transform="translate(0,0)"><g transform="translate(-219.46,-164.08922440105042) translate(5.919379566434088,5.7704730831977145) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 218.04062043356592 162.8187513178527 L 218.04062043356592 194.58057839778775" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,194.5,158.318751317853)"><g transform="translate(0,0)"><g transform="translate(-197.14,-164.08922440105042) translate(2.6399999999999864,5.770473083197402) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 199 162.818751317853 L 199 194.5805783977876" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,126,195)"><g transform="translate(123,28) matrix(1,0,0,1,0,0) translate(-123,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="28" fill-opacity="0"/></g></g><g transform="translate(123,28) matrix(1,0,0,1,0,0) translate(-123,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(123,28) matrix(1,0,0,1,0,0) translate(-123,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="45" y="0" width="57" height="14" fill-opacity="0"/></g></g><g transform="translate(123,28) matrix(1,0,0,1,0,0) translate(-123,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="45" y="0" width="57" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="45" y="12">container2</text></g><g transform="translate(123,28) matrix(1,0,0,1,0,0) translate(-123,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(123,28) matrix(1,0,0,1,0,0) translate(-123,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="33" y="14" width="81" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="33" y="26">172</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="26">16</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="70" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="74" y="26">86</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="87" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="90" y="26">3</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="97" y="26">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="100" y="26">24</text></g></g><g transform="matrix(1,0,0,1,104,130)"><g transform="translate(34,0) matrix(1,0,0,1,0,0) translate(-34,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(34,0) matrix(1,0,0,1,0,0) translate(-34,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(34,0) matrix(1,0,0,1,0,0) translate(-34,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="34" y="0" width="79" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="34" y="12">pub_net</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="78" y="12"> (</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="85" y="12">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="109" y="12">)</text></g></g><g transform="matrix(1,0,0,1,95,100)"><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g/></g><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g><rect fill="rgb(0,0,0)" stroke="none" x="74" y="-7" width="1" height="14" fill-opacity="0"/></g></g><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g><rect fill="rgb(0,0,0)" stroke="none" x="74" y="-7" width="1" height="14" fill-opacity="0"/></g></g><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="1" height="14" fill-opacity="0"/></g></g></g><g transform="matrix(1,0,0,1,16,114)"><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="75" height="14" fill-opacity="0"/></g></g><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="75" height="14" fill-opacity="0"/></g></g><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="4" y="0" width="67" height="14" fill-opacity="0"/></g></g><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="4" y="0" width="67" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="4" y="12">Docker</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46" y="12">Host</text></g></g><g transform="matrix(1,0,0,1,81.616,49.859996948242184)"><g transform="translate(0,0)"><g transform="translate(-85,-50) translate(3.3840000000000003,0.1400030517578159) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 88.116 56.359996948242184 L 160.558 56.359996948242184 Q 170.558 56.359996948242184 170.558 66.35999694824218 L 170.558 102 Q 170.558 112 169.779 112 L 169 112" stroke-miterlimit="10" stroke-width="6"/></g></g></g></g><g transform="matrix(1,0,0,1,73,236)"><g transform="translate(0,168) matrix(1,0,0,1,0,0) translate(0,-168)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="193" height="56" fill-opacity="0"/></g></g><g transform="translate(0,168) matrix(1,0,0,1,0,0) translate(0,-168)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="193" height="14" fill-opacity="0"/></g></g><g transform="translate(0,168) matrix(1,0,0,1,0,0) translate(0,-168)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="187" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="12">docker</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="39" y="12">network</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="85" y="12">create</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="118" y="12"> -</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="125" y="12">d</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="135" y="12">macvlan</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="180" y="12"> \</text></g><g transform="translate(0,168) matrix(1,0,0,1,0,0) translate(0,-168)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="193" height="14" fill-opacity="0"/></g></g><g transform="translate(0,168) matrix(1,0,0,1,0,0) translate(0,-168)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="152" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="13" y="26">--</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="21" y="26">subnet</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="26">=</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64" y="26">172</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="84" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="88" y="26">16</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="101" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="104" y="26">86</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="118" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="121" y="26">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="128" y="26">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="131" y="26">24</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="144" y="26"> \</text></g><g transform="translate(0,168) matrix(1,0,0,1,0,0) translate(0,-168)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="28" width="193" height="14" fill-opacity="0"/></g></g><g transform="translate(0,168) matrix(1,0,0,1,0,0) translate(0,-168)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="28" width="147" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="13" y="40">--</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="21" y="40">gateway</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="66" y="40">=</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="73" y="40">172</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="93" y="40">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="96" y="40">16</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="110" y="40">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="113" y="40">86</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="126" y="40">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="130" y="40">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="136" y="40"> &#160;\</text></g><g transform="translate(0,168) matrix(1,0,0,1,0,0) translate(0,-168)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="42" width="193" height="14" fill-opacity="0"/></g></g><g transform="translate(0,168) matrix(1,0,0,1,0,0) translate(0,-168)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="42" width="139" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="13" y="54">-</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="17" y="54">o</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="54">parent</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="61" y="54">=</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="54">eth1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="95" y="54">pub_net</text></g></g><g transform="matrix(1,0,0,1,91,22)"><g transform="translate(0,0) matrix(1,0,0,1,0,0) translate(0,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="102" height="28" fill-opacity="0"/></g></g><g transform="translate(0,0) matrix(1,0,0,1,0,0) translate(0,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="102" height="28" fill-opacity="0"/></g></g><g transform="translate(0,0) matrix(1,0,0,1,0,0) translate(0,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="81" height="28" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="12">eth1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="26">172</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="20" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="23" y="26">16</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="37" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="40" y="26">86</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="53" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="26">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="63" y="26">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="67" y="26">24</text></g></g><g transform="matrix(1,0,0,1,58.49998401988711,49.575)"><g transform="translate(0,0)"><g transform="translate(-147,-50) translate(88.50001598011289,0.42499999999999716) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 64.99998401988711 56.075 L 241 56.075" stroke-miterlimit="10" stroke-width="6"/></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,241,36)"><g><g transform="translate(0,0) scale(0.6083333333333336,0.6104050109462419)"><g><g><path fill="#3966A0" stroke="rgb(0,0,0)" d="M 102.635 0 C 93.815 0 86.371 6.797 85.395 15.43 L 4.554 15.43 C 2.043 15.431 0 17.473 0 19.984 L 0 53.338 C 0 55.849 2.043 57.892 4.554 57.892 L 8.016 57.892 L 8.016 65.776 L 96.471 65.776 L 96.471 57.892 L 99.672 57.892 C 102.184 57.892 104.227 55.849 104.227 53.338 L 104.227 34.655 C 107.211 34.382 109.971 33.334 112.331 31.735 L 112.331 31.735 C 112.785 31.428 113.223 31.1 113.643 30.753 C 113.655 30.744 113.665 30.734 113.676 30.725 C 114.093 30.38 114.492 30.017 114.875 29.635 C 114.875 29.635 114.887 29.623 114.893 29.617 C 118.039 26.471 120 22.143 120 17.365 C 120 7.79 112.21 0 102.635 0 Z" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 102.688 3.191 C 94.836 3.191 88.45 9.579 88.45 17.43 C 88.45 25.281 94.838 31.669 102.688 31.669 C 110.54 31.669 116.926 25.281 116.926 17.43 C 116.926 9.579 110.539 3.191 102.688 3.191 Z M 97.377 20.901 C 97.118 20.901 96.859 20.802 96.662 20.605 C 96.267 20.21 96.267 19.569 96.662 19.174 L 97.412 18.424 L 91.228 18.424 C 90.669 18.424 90.216 17.971 90.216 17.412 C 90.216 16.853 90.67 16.4 91.229 16.4 L 97.414 16.4 L 96.699 15.686 C 96.303 15.291 96.303 14.65 96.699 14.255 C 97.095 13.86 97.735 13.86 98.13 14.255 L 100.571 16.696 C 100.665 16.79 100.739 16.902 100.791 17.026 C 100.894 17.273 100.894 17.552 100.791 17.799 C 100.739 17.924 100.665 18.036 100.571 18.129 L 98.093 20.605 C 97.895 20.802 97.637 20.901 97.377 20.901 Z M 105.863 25.522 L 103.422 27.963 C 103.225 28.161 102.965 28.259 102.707 28.259 C 102.698 28.259 102.689 28.254 102.68 28.254 C 102.671 28.254 102.663 28.259 102.655 28.259 C 102.305 28.259 102.012 28.07 101.83 27.801 L 99.515 25.484 C 99.119 25.089 99.119 24.448 99.515 24.053 C 99.91 23.658 100.55 23.658 100.945 24.053 L 101.644 24.752 L 101.644 9.174 L 100.945 9.873 C 100.748 10.071 100.488 10.169 100.23 10.169 C 99.97 10.169 99.711 10.07 99.515 9.873 C 99.119 9.478 99.119 8.837 99.515 8.442 L 101.954 6 C 102.35 5.605 102.988 5.605 103.385 6 L 105.864 8.478 C 106.26 8.873 106.26 9.514 105.864 9.909 C 105.667 10.107 105.408 10.205 105.149 10.205 C 104.889 10.205 104.63 10.106 104.434 9.909 L 103.667 9.143 L 103.667 24.857 L 104.434 24.091 C 104.829 23.696 105.468 23.696 105.864 24.091 C 106.258 24.486 106.258 25.126 105.863 25.522 Z M 114.148 18.46 L 107.964 18.46 L 108.677 19.174 C 109.073 19.569 109.073 20.21 108.677 20.605 C 108.48 20.803 108.22 20.901 107.961 20.901 C 107.702 20.901 107.442 20.802 107.246 20.605 L 104.808 18.165 C 104.713 18.072 104.64 17.959 104.587 17.835 C 104.485 17.588 104.485 17.309 104.587 17.062 C 104.64 16.937 104.713 16.825 104.808 16.732 L 107.284 14.255 C 107.68 13.86 108.32 13.86 108.715 14.255 C 109.11 14.65 109.11 15.291 108.715 15.686 L 107.964 16.437 L 114.149 16.437 C 114.708 16.437 115.161 16.89 115.161 17.449 C 115.16 18.008 114.707 18.46 114.148 18.46 Z" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 80.533 36.476 A 3.247 3.247 0 1 0 80.53299837650013 36.47924699945883 Z" opacity="0.5" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 9.278 35.006 L 20.39 35.006 L 20.39 24 L 9.278 24 L 9.278 35.006 Z M 10.929 25.567 L 18.819 25.567 L 18.819 31.173 L 16.536 31.173 L 16.536 33.456 L 13.213 33.456 L 13.213 31.173 L 10.93 31.173 L 10.929 25.567 L 10.929 25.567 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 24.253 35.015 L 35.365 35.015 L 35.365 24.009 L 24.253 24.009 L 24.253 35.015 Z M 25.904 25.576 L 33.794 25.576 L 33.794 31.182 L 31.51 31.182 L 31.51 33.465 L 28.187 33.465 L 28.187 31.182 L 25.904 31.182 L 25.904 25.576 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 50.3 24.009 L 39.188 24.009 L 39.188 35.014 L 50.3 35.014 L 50.3 24.009 Z M 48.729 31.173 L 46.446 31.173 L 46.446 33.456 L 43.123 33.456 L 43.123 31.173 L 40.84 31.173 L 40.84 25.567 L 48.73 25.567 L 48.729 31.173 L 48.729 31.173 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 54.123 35.023 L 65.234 35.023 L 65.234 24.018 L 54.123 24.018 L 54.123 35.023 Z M 55.774 25.567 L 63.664 25.567 L 63.664 31.173 L 61.38 31.173 L 61.38 33.456 L 58.057 33.456 L 58.057 31.173 L 55.774 31.173 L 55.774 25.567 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 9.278 49.95 L 20.39 49.95 L 20.39 38.944 L 9.278 38.944 L 9.278 49.95 Z M 10.929 40.502 L 18.819 40.502 L 18.819 46.108 L 16.536 46.108 L 16.536 48.391 L 13.213 48.391 L 13.213 46.108 L 10.93 46.108 L 10.929 40.502 L 10.929 40.502 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 24.253 49.958 L 35.365 49.958 L 35.365 38.953 L 24.253 38.953 L 24.253 49.958 Z M 25.904 40.52 L 33.794 40.52 L 33.794 46.126 L 31.51 46.126 L 31.51 48.408 L 28.187 48.408 L 28.187 46.126 L 25.904 46.126 L 25.904 40.52 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 39.228 49.966 L 50.34 49.966 L 50.34 38.962 L 39.228 38.962 L 39.228 49.966 Z M 40.839 40.511 L 48.729 40.511 L 48.729 46.117 L 46.446 46.117 L 46.446 48.4 L 43.123 48.4 L 43.123 46.117 L 40.84 46.117 L 40.839 40.511 L 40.839 40.511 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 54.123 49.966 L 65.234 49.966 L 65.234 38.962 L 54.123 38.962 L 54.123 49.966 Z M 55.774 40.511 L 63.664 40.511 L 63.664 46.117 L 61.38 46.117 L 61.38 48.4 L 58.057 48.4 L 58.057 46.117 L 55.774 46.117 L 55.774 40.511 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 11.504 57.898 L 92.919 57.898 Q 92.919 57.898 92.919 57.898 L 92.919 62.69 Q 92.919 62.69 92.919 62.69 L 11.504 62.69 Q 11.504 62.69 11.504 62.69 L 11.504 57.898 Q 11.504 57.898 11.504 57.898 Z" opacity="0.7" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 85.525 18.936 L 5.082 18.936 C 4.255 18.936 3.582 19.609 3.582 20.436 L 3.582 53.397 C 3.582 54.224 4.255 54.897 5.082 54.897 L 11.504 54.897 L 92.919 54.897 L 99.082 54.897 C 99.909 54.897 100.582 54.224 100.582 53.397 L 100.582 34.526 C 92.561 33.543 86.232 27.039 85.525 18.936 Z M 20.389 49.95 L 9.278 49.95 L 9.278 38.944 L 20.39 38.944 L 20.389 49.95 L 20.389 49.95 Z M 20.389 35.006 L 9.278 35.006 L 9.278 24 L 20.39 24 L 20.389 35.006 L 20.389 35.006 Z M 35.365 49.958 L 24.253 49.958 L 24.253 38.953 L 35.365 38.953 L 35.365 49.958 Z M 35.365 35.015 L 24.253 35.015 L 24.253 24.009 L 35.365 24.009 L 35.365 35.015 Z M 39.188 24.009 L 50.3 24.009 L 50.3 35.014 L 39.188 35.014 L 39.188 24.009 Z M 50.34 49.966 L 39.228 49.966 L 39.228 38.962 L 50.34 38.962 L 50.34 49.966 Z M 65.234 49.966 L 54.123 49.966 L 54.123 38.962 L 65.234 38.962 L 65.234 49.966 Z M 65.234 35.023 L 54.123 35.023 L 54.123 24.018 L 65.234 24.018 L 65.234 35.023 Z M 77.286 39.723 C 75.493 39.723 74.039 38.269 74.039 36.476 C 74.039 34.683 75.493 33.229 77.286 33.229 C 79.079 33.229 80.533 34.683 80.533 36.476 C 80.533 38.269 79.08 39.723 77.286 39.723 Z M 89.541 39.723 C 87.748 39.723 86.294 38.269 86.294 36.476 C 86.294 34.683 87.748 33.229 89.541 33.229 C 91.334 33.229 92.788 34.683 92.788 36.476 C 92.787 38.269 91.334 39.723 89.541 39.723 Z" opacity="0.93" stroke-opacity="0" stroke-miterlimit="10"/></g></g></g></g></g><g transform="matrix(1,0,0,1,212,80)"><g transform="translate(117,42) matrix(1,0,0,1,0,0) translate(-117,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="117" height="28" fill-opacity="0"/></g></g><g transform="translate(117,42) matrix(1,0,0,1,0,0) translate(-117,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="117" height="14" fill-opacity="0"/></g></g><g transform="translate(117,42) matrix(1,0,0,1,0,0) translate(-117,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="17" y="0" width="85" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="17" y="12">Network</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="64" y="12">Router</text></g><g transform="translate(117,42) matrix(1,0,0,1,0,0) translate(-117,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="117" height="14" fill-opacity="0"/></g></g><g transform="translate(117,42) matrix(1,0,0,1,0,0) translate(-117,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="18" y="14" width="64" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="18" y="26">172</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="38" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="42" y="26">16</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="55" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59" y="26">86</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="72" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="75" y="26">1</text></g><g transform="translate(117,42) matrix(1,0,0,1,0,0) translate(-117,-42)"><g><rect fill="rgb(0,0,0)" stroke="none" x="82" y="14" width="18" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="82" y="26">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="85" y="26">24</text></g></g><g transform="translate(0,0) matrix(1,0,0,1,22.803646598905374,21.51999694824218)"><g><g transform="translate(0,0) scale(0.9127109745695561,0.9)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g></g></svg>
\ No newline at end of file
diff --git a/experimental/images/multi_tenant_8021q_vlans.gliffy b/experimental/images/multi_tenant_8021q_vlans.gliffy
new file mode 100644
index 00000000..40eed172
--- /dev/null
+++ b/experimental/images/multi_tenant_8021q_vlans.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#ffffff","width":389,"height":213,"nodeIndex":276,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":5,"y":6.6999969482421875},"max":{"x":389,"y":212.14285409109937}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":64.0,"y":36.0,"rotation":0.0,"id":216,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":10,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":5.0,"strokeColor":"#e69138","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-12.0,33.0],[84.0,33.0],[84.0,86.0],[120.0,86.0]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":190.0,"y":32.0,"rotation":0.0,"id":254,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":11,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":5.0,"strokeColor":"#f1c232","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-142.0,16.0],[54.0,16.0],[54.0,115.0],[87.0,115.0]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":133.38636363636374,"y":108.14285409109937,"rotation":0.0,"id":226,"width":123.00000000000001,"height":104.0,"uid":"com.gliffy.shape.iphone.iphone_ios7.icons_glyphs.glyph_cloud","order":12,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.iphone.iphone_ios7.icons_glyphs.glyph_cloud","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#999999","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":15.147567221510933,"y":139.96785409109907,"rotation":0.0,"id":115,"width":107.40845070422536,"height":49.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":29,"lockAspectRatio":false,"lockShape":false,"children":[{"x":31.506478873239438,"y":2.4460032626429853,"rotation":0.0,"id":116,"width":44.395492957746484,"height":29.54388254486117,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":17,"lockAspectRatio":false,"lockShape":false,"children":[{"x":20.86588169014084,"y":2.637846655791175,"rotation":0.0,"id":117,"width":2.663729577464789,"height":24.268189233278818,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":26,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":120,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":120,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.3318647887324033,-1.055138662316466],[1.3318647887324033,25.3233278955953]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":36.84825915492961,"y":2.637846655791175,"rotation":0.0,"id":118,"width":1.0000000000000002,"height":25.323327895595277,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":23,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-0.8875219090985048,-1.0551386623167391],[-0.8875219090985048,25.323327895595412]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":7.103278873239435,"y":1.230995106035881,"rotation":0.0,"id":119,"width":1.0000000000000002,"height":25.323327895595277,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":20,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.2752008616871728,0.3517128874389471],[1.2752008616871728,26.73017944535047]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":1.5827079934747048,"rotation":0.0,"id":120,"width":44.395492957746484,"height":26.378466557911768,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":15,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":37.199347471451986,"rotation":0.0,"id":121,"width":107.40845070422536,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":28,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">container1 - vlan10</span></span></p><p style=\"text-align:center;\"><span style=\"\">192.168.1.2/24</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":68.0,"y":82.69999694824219,"rotation":0.0,"id":140,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":30,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"text-decoration:none;font-family:Arial;font-size:12px;\"><span style=\"text-decoration:none;\"><br /></span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":71.0,"y":4.1999969482421875,"rotation":0.0,"id":187,"width":108.99999999999999,"height":19.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":31,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">eth0 - 802.1q trunk</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":282.0,"y":8.0,"rotation":0.0,"id":199,"width":73.00000000000003,"height":40.150000000000006,"uid":"com.gliffy.shape.network.network_v4.business.router","order":32,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.router","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":62.0,"y":55.0,"rotation":0.0,"id":210,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":34,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":5.0,"strokeColor":"#e06666","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-8.0,11.0],[-8.0,34.0],[26.0,34.0],[26.0,57.0]],"lockSegments":{},"ortho":true}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":12.805718530101615,"y":11.940280333547719,"rotation":0.0,"id":134,"width":59.31028146989837,"height":83.0,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":35,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":64.0,"y":73.19999694824219,"rotation":0.0,"id":211,"width":60.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":36,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">eth0.10</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":65.0,"y":52.19999694824219,"rotation":0.0,"id":212,"width":60.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":37,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">eth0.20</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":7.386363636363733,"y":108.14285409109937,"rotation":0.0,"id":219,"width":123.00000000000001,"height":104.0,"uid":"com.gliffy.shape.iphone.iphone_ios7.icons_glyphs.glyph_cloud","order":38,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.iphone.iphone_ios7.icons_glyphs.glyph_cloud","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#999999","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":139.1475672215109,"y":139.96785409109907,"rotation":0.0,"id":227,"width":107.40845070422536,"height":49.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":55,"lockAspectRatio":false,"lockShape":false,"children":[{"x":31.506478873239438,"y":2.4460032626429853,"rotation":0.0,"id":228,"width":44.395492957746484,"height":29.54388254486117,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":43,"lockAspectRatio":false,"lockShape":false,"children":[{"x":20.86588169014084,"y":2.637846655791175,"rotation":0.0,"id":229,"width":2.663729577464789,"height":24.268189233278818,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":52,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":232,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":232,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.3318647887323891,-1.055138662316466],[1.3318647887323891,25.3233278955953]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":36.84825915492961,"y":2.637846655791175,"rotation":0.0,"id":230,"width":1.0000000000000002,"height":25.323327895595277,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":49,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-0.8875219090985048,-1.0551386623167391],[-0.8875219090985048,25.323327895595412]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":7.103278873239435,"y":1.230995106035881,"rotation":0.0,"id":231,"width":1.0000000000000002,"height":25.323327895595277,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":46,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.2752008616871728,0.3517128874389471],[1.2752008616871728,26.73017944535047]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":1.5827079934747048,"rotation":0.0,"id":232,"width":44.395492957746484,"height":26.378466557911768,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":41,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":37.199347471451986,"rotation":0.0,"id":233,"width":107.40845070422536,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":54,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">container2 - vlan20</span></span></p><p style=\"text-align:center;\"><span style=\"\">172.16.1.2/24</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":259.38636363636374,"y":108.14285409109937,"rotation":0.0,"id":248,"width":123.00000000000001,"height":104.0,"uid":"com.gliffy.shape.iphone.iphone_ios7.icons_glyphs.glyph_cloud","order":56,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.iphone.iphone_ios7.icons_glyphs.glyph_cloud","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#999999","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":265.14756722151094,"y":139.96785409109907,"rotation":0.0,"id":241,"width":107.40845070422536,"height":49.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":73,"lockAspectRatio":false,"lockShape":false,"children":[{"x":31.506478873239438,"y":2.4460032626429853,"rotation":0.0,"id":242,"width":44.395492957746484,"height":29.54388254486117,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":61,"lockAspectRatio":false,"lockShape":false,"children":[{"x":20.86588169014084,"y":2.637846655791175,"rotation":0.0,"id":243,"width":2.663729577464789,"height":24.268189233278818,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":70,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":246,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":246,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.3318647887323891,-1.055138662316466],[1.3318647887323891,25.3233278955953]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":36.84825915492961,"y":2.637846655791175,"rotation":0.0,"id":244,"width":1.0000000000000002,"height":25.323327895595277,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":67,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-0.8875219090985048,-1.0551386623167391],[-0.8875219090985048,25.323327895595412]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":7.103278873239435,"y":1.230995106035881,"rotation":0.0,"id":245,"width":1.0000000000000002,"height":25.323327895595277,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":64,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.2752008616871728,0.3517128874389471],[1.2752008616871728,26.73017944535047]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":1.5827079934747048,"rotation":0.0,"id":246,"width":44.395492957746484,"height":26.378466557911768,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":59,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":37.199347471451986,"rotation":0.0,"id":247,"width":107.40845070422536,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":72,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-family:Arial;font-size:12px;\"><span style=\"\">container3 - vlan30</span></span></p><p style=\"text-align:center;\"><span style=\"\">10.1.1.2/16</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":65.0,"y":31.199996948242188,"rotation":0.0,"id":253,"width":60.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":74,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">eth0.30</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":44.49612211422149,"y":17.874999999999943,"rotation":0.0,"id":266,"width":275.00609168449375,"height":15.70000000000006,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":75,"lockAspectRatio":false,"lockShape":false,"children":[{"x":68.50387788577851,"y":43.12500000000006,"rotation":0.0,"id":258,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":9,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-64.00387788577851,-31.924999999999997],[197.00221379871527,-31.925000000000153]],"lockSegments":{"1":true},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":68.50387788577851,"y":38.55333333333314,"rotation":0.0,"id":262,"width":211.0,"height":33.06666666666631,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":7,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-64.00387788577851,-34.053333333332965],[197.00221379871527,-34.05333333333314]],"lockSegments":{"1":true},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":70.50387788577851,"y":40.7533333333331,"rotation":0.0,"id":261,"width":211.0,"height":33.06666666666631,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":5,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#e06666","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-64.00387788577851,-34.053333333332965],[197.00221379871527,-34.05333333333314]],"lockSegments":{"1":true},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":70.50387788577851,"y":42.88666666666643,"rotation":0.0,"id":260,"width":211.0,"height":33.06666666666631,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":3,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#e69138","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-64.00387788577851,-34.053333333332965],[197.00221379871527,-34.05333333333314]],"lockSegments":{"1":true},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":73.50387788577851,"y":43.95333333333309,"rotation":0.0,"id":259,"width":211.0,"height":33.06666666666631,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":1,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#ffe599","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-64.00387788577851,-34.053333333332965],[197.00221379871527,-34.05333333333314]],"lockSegments":{"1":true},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":248.0,"y":51.19999694824219,"rotation":0.0,"id":207,"width":143.0,"height":70.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":33,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:left;\"><span style=\"\">Network Router (gateway)</span></p><p style=\"text-align:left;\"><span style=\"\">vlan10 - 192.168.1.1/24</span></p><p style=\"text-align:left;\"><span style=\"\">vlan20 -&nbsp;</span><span style=\"\">172.16.1.1/24</span></p><p style=\"text-align:left;\"><span style=\"\">vlan30 -&nbsp;</span><span style=\"\">10.1.1.1/16</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":3.0,"y":88.19999694824219,"rotation":0.0,"id":272,"width":77.99999999999999,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":76,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">Docker Host</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":80}],"shapeStyles":{},"lineStyles":{"global":{"stroke":"#e06666","strokeWidth":2,"orthoMode":1}},"textStyles":{"global":{"bold":true,"face":"Arial","size":"12px","color":"#000000"}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.network.network_v4.home","com.gliffy.libraries.network.network_v4.business","com.gliffy.libraries.network.network_v4.rack","com.gliffy.libraries.network.network_v3.home","com.gliffy.libraries.network.network_v3.business","com.gliffy.libraries.network.network_v3.rack"],"lastSerialized":1457586821719,"analyticsProduct":"Confluence"},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/experimental/images/multi_tenant_8021q_vlans.png b/experimental/images/multi_tenant_8021q_vlans.png
new file mode 100644
index 0000000000000000000000000000000000000000..a38633cdbc23014364bfc611d650b2a17dc72ae0
GIT binary patch
literal 17879
zcmYhg1yEbx7cE?9f#O<Ri#r5&cQ2aa5?orK6sNd*3GM|76br?zxCCi&*Wgy1pkMm?
zfA7tk%w+D&k-gU1`|Q2Xz0um5O4u0W7%yJDz*bR~fA``AQYPYg?=>>wA2N=k^5TU;
zo{GGTp7-KW?!7UgA^9LY@*H}Cd+%K1(B{(ASh93{t=X3Dy466wQ~@&Pj=v%}BW_Tv
zbkUAB&>_O7chr-9U4T!T_5s~WI_wo`Hxeo-?Y#yLmK@UoPhtsg``T`mL=N9B!-bsW
zgx|Q&gpY0y13~m9EY?WzZE_R{@hs0lpRCMaMHVgp79Xn2Ku{Ma|No98>dQ?kYv>Nv
zsWm8Z-;KC6HhR6Lr!Ve<Fe}R@Pi+tuF^+?+Y74*XRSsIJN3)F`kTl>Nd|tr%VOY^m
zkwVRr&<8Req~^;ok(4~qc8%?}ztG$_^;BLz`tzB2Oc({;nbWga)0iI=_!KOa4M-C_
ztTazF`Hr*|1=0#(;FjKu?@{<00=iad-;Dj0b?Kb28_=j{!D5U#_8Zd^0xL57Wr;kV
zW7Yogi>A0O_xXi?B{b%JsyPNb<9T4@0^Ua9m{`f@Ovrp&86MOYtf<tR@NiIOcWMno
zhN{m_EhXqVi<mquEb2~-ElnIq8GWRDBCq4%V9dx~Jos1&&|(=IISb*#Rv3c4AvIAK
zR3mpn_3_8~S|#p>-^It+zxU^_2T1@9mNroUAc=~sP<&MwscFUeQ~U<|7u8-^w-37_
z?-JEMYVoHK&{lO$cTS!yzsMU2rqz<^>|956zA~~i8KsrX0scsyr~V=kQBHaJzO|cU
zTzmPi`1-h;toXlFvEO)Dhttdt&?@q>Kd)2Vquk7t1{Yd_oSwgUmj1whTCDfD33ck9
z8RJU_(H9rX_0l_CkUw=EALt!#nWmXQAB_t;pO30$=Q^sZZaP`|Lj;nj;8ja2!7oV8
z60r=%w|IV$d3b~n<=QD^cSzQ7Vpm-Q+IaizNe1w?1stu&`ijkMd>wcd20ZSXmE!1I
zI8Z;Z4{&eE;orfX6?=uD-Zc^jXFe|_NhE{gSt~z1m@cv{#2Ot7Dt%%N{W=MM*IAB6
zO*h~mm)cFI9OyBP>x`Y6Vxo^NBYlu5a$oT%!`QXsCSLEni?ZE5>9IAgThC|y@b=K)
zup@H_BIEF_%5Ob&C2gXbHMgR~wd38|>Y>X)pg^&S(#@Qp{`5}_L)TAjPNKc3{R_Im
zSTx*!+wnGYZWnBY3_>`pJ=Dj!#FUC~K^{-G#oe3eQeR|JSmIRTf|KTmOp)u~kKwNy
ztr$AvQVd!r-YN-dJzN1!UqQ7M4I_mGlQj}eH&TSJxxDcg!oN~+fq?KYq*czb)8De<
z@bw6WQp{wZ*NveGzgX|D9yD6qy=^=-BQVoy8O4?}f=3qpAOvaoMw*+Mnf-ufYlTmy
zHG6OWpo!J2Z1iIa<Z@Tv?CnW9=_<GwyZLN&r2hczx_W*$LUmM6sk$uEIjc_(8a|rK
zYnaKf@=lUsoW~;U{hKP;KQxfMo9)L(&7ZIik-xS4g!VTQ6<p`e@r_A0MIiI#WGJxI
zUpEt^ZqY%?#MsmbGDphpT=oh)m)!Y#_p-!;&qOWAvu4E*Q1pc?roO7|&-Q%(VrCDZ
zoo}e)*qN}lsF$bs=zvPptK=Bo;M>~O*@BFdJ2=tR+=&$w0&?W~!n&Tou+fz?XbS5x
z?)E3!mMk5G5K4sx%>E`#WAZ0sl3d^Q$J@mmV$t>0g4BG4_>bM64d8oB1<Qq|rlQTj
z(p9Y2V<rGK!f=JRi9mQAB<)i&jdm^8bLqWLz6i?m=Wvx_c6A0`OMl<-&K--y)~ltJ
z^xEs1>YJ65SI|}XnodMBgWbaKzxJQI_?a(SC6hSaSC6PjS3Sys<~Kr(di<~axaTe)
za%Hw;r*#TBwCP%3Uo~;Q*)Af+HL~`&f5kcw9!*fzA8$9hki&vnbf2gx1HBGmr|LM$
z`@(Q`VlT9|BD@v0Osq%F*-}u*{5BzxKyc2M9V4oaBegp$`47kKyy)DwQ~J0LHDgA<
zWb{EidaHNwHT|vMa~t-2Gd1GWO{<a<|DIdEOF7tVSc2%5=7N6j9$x&x*H&`}TL#BD
zbw2Na+3%EpzAe+FB(K}Kzxp(|D~Ni}Qx{-K^)fRHq@FT}G!Z&%;ejSiEsX^6^-ePf
zk3>fiz5JM=PAwnfkh0g9Ip9Y|WhQKM@UhRN&zPk@N8r}r7J%{fLmcR1XAlPz_PNfc
zN|&SLZ2SxtKn_ed>cZM?j3(z@Qm?d4)VR4vJw<<s4iZZ+iwClXc0QMoo{_17k0n2j
zW$DMrj#iL`IHYERUbhQtyDP2r;Wd`56H9~hOk*LP9mq%C#ItPDr8b%Gt!$3X^$fmy
ziO)=E2`I`~<ri5~V$);3&8{5z<=fX5g)FZ_JXJvvPgj4;5%>`8@OM1x#Ov9;B4#0E
z4CVXs=_V=k1>gaGm2iPJZer)vq&w7Rk~oroQIV1gDlmHf{dclgvQ{qtxXoV)uLOSo
zX<U76(RbTRN$MIS4$FoO%vkxV1_g&w1BFmGy&8oSKrkCqk@Zm<9iMbm(!_@{js2Pk
z0OnjIFXUmXgH8N^bmsOKA8V+BEzNu?i%(am%mPS#1FM*80P}QMfp@xTo%pMbrr4g>
z`CSXah0|4bZk|}UxVTK^cZ*IjP{%t|mFVyB<L@4ho*}=1zK=NKSz!QSgIm{@{wvGy
z^$^a+++G7FYhaD=<=Pe8={k)i|0D6TMe3A|HJQQPMP-QdpmrpkZBcVICc|XBY+qla
zXS7`nlvcOy$oG3mNy%6FEU&7?%)uRdiH?`iwxf0rbQkVMbUd2m)H>Da8>G@=YnA?}
zgD-#oF`fg9bI3JQN;mG<yp)UR{4jg4b01~jzf+80un_ph(w>X!GD)EonafCDf15VB
z)D+V|i~tOxT6z3HYWbn_=c%>V)#cXDDJOGk<nxp;P=+C@AL>&}<QT>$O{_XS^I7lH
zZEVp1(PsD0r`Rw<G@8z(4`9s3*=ao+yVPWjdf*Q<YoiDe)75R%lEMgq-1fLqqeJ4i
z8gNGJgHrJC0RCK7H~B%*N~e>_kove#YX1(JL{n_7*`<A@wR^5zb17JW)o{FnEGcK}
z!&l=>@jA$u>0>>W$>ND>KqKq}Ht`T13M%;lh2>dyc6VNPYTEIH1cr}Y<x<;34myXC
zw4&fxqr=G}DR?`Lf4wK#kc7tSdMBk9UV?3%!CoP^N6ZH5?Y()GjQ?Q+j0~E>|Ey8a
zfu>QWO3t&dD+t;#Tx*{x3<nj^<qcYnR@`0J$~xZ@fPJ!bXVcBxx|2tzOO)>V3SpLH
znu1t~d;FK-b@fQC*lQb(x=k21XO9pwH<b@_z5s}W;L-?{Be<gu#>19Lwo9W8IV#p?
z)@G&1;m!p8%7LJ(odTd%R+6>fYmz}chCuq(_Lj@nv-j4-x4~*4?9!r|4BSn}f|#r}
z757FHa_Ywi5}df-E^S<|xZt8dV3W^5h}cR~{!AaF(d@Kv{RC)ZGv(Z<uSSpqs>Lcp
z>sU1pq%7n3Sj+l@fW>QXStG|drHMNll$Zv(q8sCI+I7Mt_aIJ2_zUE0RA#$Sksm8*
zLS{KD)hPk)JS<899bTtfq+w`e_-!V{Oi_1@LNp>r$i|;qZ}Bt(@>wcUfsK!QZ^9x9
z_e;2Q>_<A+vk9QBzVeiS!EW_|Ssx113~TU;J?F-IuN`lE-H86c*|6AA=@(WD*0w;0
zfHFm}B~5){qv*3Y6WId)5+qJt06K24{Qj6F(4p`mJC{V;0D=|dDq#{#zjh&*Cqu?m
zkF_n)lD3C3U&oXQVzE|@V&a&uFKy;<ay&FJ+!TGjt~Mj8HGNUkads6p@jBHlEBrKq
z`Rsxj{5Z~0S#?D<A)<<ijO(ii;ronVnUi1dGhXP%@q!Br8o?G}Ag;vc>Fo&8N^H-8
zA7?b&6>{I6&U#vRSdcO|)ETV+wGWAZjIbLuHj?RRL+P;Y)3ybw&ihi0u9rr6AKMkd
zba9PkWo4O&L+UclrXF?+$x&-~LB=;Ky?qN<xairQTdBZCy0y0i4vztH{GB_PHy7u3
zxO8H}PjKHR$qoaSbt6>cSMUjAX|ZzJY{J+s)~5OZUeu}bcM`9>7?7d0=Zy6~Y5~94
zHqI<N^6QS)oX&l10niUrC{LrpE4MR+<eU-0F>Z;oY`_Syah{NYlV+)xxLbXQR{atN
zIkMpwHgL#z4=J50!Dc?&wXv>)7$HMBt7CZu2jv^_Kczn7(1g|>M9{YL<zN{aSiSm@
zyx`Gpgh>w$Z^$q18?$l*f4Wg2Z`&Fwa|Jt$vzDtSl(R}P5tzI;DyAEYm=!kN>vXVM
zxLuUebn3b{#i>s;%+;=b+%mbjhkDqg&Ov{*dEWQmfOm%?<lBendccz(_A?;pLKj0$
z&x`R!U`mcu4^_4lYsaxf*0u8k5~E61!<e~ndqs{ZDsxnD`4-gX-(M7nFBo(H%Sd%s
zB~I^W8kE22y|BhW(yES4Wjarrzil>U3FWGbGg9R6i{sE`9>gklS7l4J#-RNg@sMFv
zFyxqk_j_}|yMn6^V6`9&O%fuBY+4vDglCVl03$43_eIrxG5UqsL_NYGr@W}du2sAA
zJIPSItk%GGA%bI~tWpaAC_?AG>x01TfDf<?Bo%}bnhDXPZOd{O?*R?1$4t8XG`7B6
z<b$nv2(V{XAj2chxE*YfvV^o1?^-O4{3@|<fVwT&NLzy6pRnTnA1a7vBYHVP&479)
ztA$aEOi_{2^z@I#stM7mp3(Vp?>NEe%T!jTL)_W>F}(oo@^*Zr>gIt#{R1VDuD*$^
zS|^}(ASNZ!>3VV@mM#QKDN4F}YVQpcARb++%x$%xZut*r`?qmc*7{NQu*dPp?ZHdC
zGK#U56sz=K8-&)azkSK-oU`JM1VP{p1EX(}lUClsuKt+=C$BH(#vn=zgRmJ9#<W1P
zyYCn8HNVxuBxdcYM-5c4KxHpMOkG4}n1%oJR?`M=2+kevW|i8|9JQC)EUY;jmWlST
zlWmI{UH^q;jO3(L*3XuwS`R>-%GE7dn}3|Q3kb|bt{!lG9d=<F@%r`_lJvY?co<*E
zjAGL)_|nq#c9EN7D8)Q%-1^C2m-nh(J(u!=cYE-wky8%W*Ch9yio)<93Ezu8-FnOW
zJUoin<1e}@9QQ6jMY{}Tt)%sRT0-x|o0cH}{JbcX<NIb6NQq!9FXkMRglp69EkDdw
z7iK8OK@Uz={uuVkb-jP2BRsv*7%?TYjb^Q?u!LQl%WC0g-4ET1T&eC2*HdW=A>icF
zdhScP!jO%;3j8_&aZ$v*7%YL#;q=<k7PusBp{4bQX2=%&=DECU6)-uMVb5XQyzOkz
zeI?IlWBnG44;>;{czRtFkMoHc2TCv-1?mGp<b?|TXQRBCAN(*4^=jsIGlphoS^ou(
z4Z2ImDsC@*sO4nwWzhBbwUX;r=hhAGSpd!NFqf&wcFRSQ<5+OOpU!z&8D~5e3_Eie
zc4)Kh)>})8NX4wIBz#d+Vuzl-*M#%(@81e)fgR>XUs^{(<dwu1#G^$WG>gVPM6U<Q
zR_(8c+P13~##VefX=&YuGqbm2XvVj0n2nh3p8Bts)+(l(DS}W<9~k&K+l1SKw#(lu
z*Q$>W<B7_N&ig$-wM`VL1^L+UuXjII{Tr!O-}`}I)qF9vw)N4VL~B|$ph8<epTLqO
z)*{m)^LKlKXWFXI_Lj%Rc!hHKHl#i*0B;F{@6QoiqOE4q42>*HV=EHlZO`8neF-+F
z(hW;?u>OfdAFfaBd=)8hlv6)C$zs8c*(;jvPyJ+{nks%9>~hZ{=w=++HL-<t+CH!)
zM<<n?ZtXrAx9h79>^rG8)8P>9tK$gml8CJrcltW;q!$snXiI{NYh0I8LFyWkilaW;
z@n(xXY**z11v*RJ#^7q5{uOjWhH>_QU#F&-eDbtO;{!f6^+>2y56M>*gcftib<W(C
z+k<iQ88rQFZ_EQsQZ9cK(p-O1$n&)kngT7T;El_fmedILGYO=#WwJsl%B7j$a2lxv
z$d5RFGBXdPJnKx#jV#t+)gpOJgVup>0;aqY@-M!r#9+Q~ykQjU9PcrZfBmixm0dA|
zhBYEv-$N4$8B4%5A5C%1tN>`RDQ5z++>P}43Hn@7$|t>C^=!&3$le`FvShp=u8k#7
zN{MeDNG_)7ywzuBI{@ej5#4bW-sm=1J7#Xb2>~6(o2GPgJ9sxse2D6Aj52kP@q9j*
z@+i(ceOU6>SH_<DVl>J~3H_eldKBhBK9+Tm{KgRYTmH-MquX>Ta8?Xf#F{aE;)lhj
z5!JBC9m4*o$!R`{J7JY@D{}dsTJ`%eJTtIh&n1BGbQ*d@tGTHdjH%$z>l+@Sj*-d`
zymFLDSD)iZNZ@Bf+=#r<lcdZG;iwgGd^JH5S{X*C79y4MClugVo!K*&U=sd;M}9t=
zfB1o+m}camYDnisF`4-Ar#-0?J_~B!OZ^ZbUwraD3A~Xv#;Mq{2R*bt5b~l0|8hvn
zvdSyyEM;35x?iij?5n7G#xiA|0ud>`t+hi<eU{Gx@9~vgO5lHn>lrAJDn<wje|;U+
zHC*`6fUZRqLe)Qf(6d78PDj^HleXYxGnr1N15!!ivMS9RC32h8R-GWZN@s1&e(Cx8
zwlvVsXGfFPMFuV~0U&NHig8hPRYD2bOy^}VJj!?zN;0+_x1?oV54XyY#c6)og7jG~
zU%1dpk3Sx3A<of@-Pet%Tp!N3tp1*vXM|kFEGs|V0R~5Bay9y+PX8z}-2~*O<qpCy
z1YPP((weduHO|g6s?$X?SVVw0t<rOty4(5kKp%!QKT2sh3~MM1*H1@)So8#UN?xod
zF{UzSN(O2>eHKuurwiYSXq=pOt$0OS#H6qBhAhQK{u_xbl*gJZZGdYFlkn>Ys&Qn(
zYVG5UZw}feXdn&wr!XSdi8}R6Tw|RQ&9Ym6-uHE*0$l}4C*OkIBu??oL7hw<z;2Wy
zgUeMG<mPgkZizp3*jtbDFDuZnaXsutN(xT>dL)IoSBB*R8Npahnzhc4b!tgvLS2o2
zTBl>?8SUah1<R?_lJPC8o~R{%d8?hi4$5R~ULz#{kIk57N}L4?CrZqdo(#_4G4v!%
zisxL&FsLhk1xKT@mYSu5=(6q;9S47<kY2~tf`A)Z8{cWMAXa^I(B|4V{1G_SysmpB
z{BJ6sK62)0X8nv(=zXE6yWFsb0-7on+5hH)4jj`%7W>Zwob3#$ik~fqlk!&e$)ydh
zHnA*+)`U5<P=r)xJ>eU8uTZPe!Brw&=-=HbvV(@BX#&|0+KYgLt&BlwC_xy0skCzX
znZLO9skp03F}sKHN+&)nN#%<2>#Mvd_*H#E+^iZv0DQ~xx=X$91zn~-pRjz7ygbO<
z@;e~+QgB-%6w|9zCs><WlM(P$o|J*Y44Bqg_}dVGX&kIwB*<#35PmVlwBky}j!JmQ
zJ=NYWK^w2z8-G5X|N9AI%zC7r)6A-E(QpMgF}Pg$-WyZ6{Lu1xvE-*%ievzV?-U-}
z+uOI_R^*VXbfI@4>}dzzLO@ROrm{h(z|W}+I28RQh#bHKL><u(#4b|RND~O>C$FP(
zysKRD(zYLRc|*-ixJb>w_BK*rh{@oK(-X?@sUctdRn{kr-XU2h2^J)?hId$t!WyO>
zkMc9?-*Rb*8+%?u0eP$@UB)8jSZ2YU-3L|$(|n7;y!wvKFW0i--cL^O>lgj7YbrWb
z42H0h71M5^Gv$0#*&=2<>CG;7au&oY_jAvE{5hMchsalPrjTvNNmS+#DMY^ataq+u
z3rh$K|HZ)8_jZGcj5@$k@_U8PMk%!8B&=#ZhPQySrAbD#o`r@v!d!yVh6f+hE*Q^d
zI*5Hfp8Q*dpT~zCS+a+aeg}pQuvOqft9ANcf;zSFSI{u;Kd4vJZkfm_%vo&75ekrq
z8C{%Xw`uX^w@f-Jh6Ney?6W-R=wQxrwrmlkqBft+F-p4~MF(Jw0uUxr|3$#GLfkXd
z^SCZBT{q~*+D1`bAPO`LvG0K0Lh;%i+&qAj9I~?fSOA5Dwo+$2xa9|i+5vB8uRlCP
zI-J}J#@zBkU2d*+PdctPS7)>Do0@R0rM`#1f@+2vJud)l$+T@PD*v9}e{SPgYKcW-
zdM;)b+%>wc?Cyk|eY!m0Gu}DPsXxA(d$QOq;oitTot7=Gi^IO=<TOto;(uQ;BE-C`
zy)yzQa<(nEjpWY<oH0$Jrb)*B-BdsDE}c5uj!x76NkyW*ea*){L`-D+3)o5^jSH2m
zL}5D8$Yuxug@8JiPEXn|Z$ll+h{;1iqk~q>6@UhT@?39)uPx-1J`Os4e9@z2rmQrg
zpVTmE^QR4wVm04w=`l`?oI})yow?Z+nMs(KTZDBIVxrWM(TB-70AfEliWk0edWuNq
z_uDOmr36-nH!}F9_7QLpa)<@`J!fhipPE#LgRRNjnI@;9douW>DUQ!fr5uM@a(H4G
zK2~B?@qIt5Skh2=qiPEWWOmA@M9yMzDaXgasOsE%6N50@Iz>@nbiA%E{RMOnWo)$e
z5~j|PX&ZuHp`C1p5(1^&=o=e`OTUHQB1m@wMWfeb9}O`1bzVGtEy32|Cgd=#b&<OH
zT!iK#482vLbtW5&pe_J|BzEv3ZS7(x`v3ld!1F;eqk8JVO;Q{AC{7fbS^MK1U0KOg
z-~iYQz;s^Unfvp7QZ$x=!GgH4ua9hwCBLa*G&A0N?TmgqIn$IXm~bV^ohcD>f{Oy+
z6*O<2DB!v2`F=S2`Res_Pl3Zi|3a=|UUfKXeVj(wImSB)Iui?yL*B?2;5va-VS|iq
z939WEAZONQ1po}Iz<7-Jdp0f$4-8xRD7?_AwqIY5<>L@CGj4tkx~4$NWc<ZjY^Gy=
zE?5eRysn(#a2I+734-_nvSYm0dn%^}3!%?=nq^>)%sPt&N~qvk=b27kYF#3R=f3R6
zjhe(b)T6Z)GfZq-;9;tOnuk{Lp&c%8)(+<n*TxRm1J?q$`MoOtty646itJB3njrzb
zR>7g^HwInMm-Q+&W52CNV53x6^5E`lg_B7PDr0AP<G#xJAAhp~>kyIFh-025+IhOK
zYF&SH_mR<v$!NeS==1%ZE+DZ!H(wlx$vJhC-?PQ3@xs{gLYxnLl_AFy$Y}#SJnlcr
zON*?oBHdQW`LfBN;Ef~+DRqsaZsY|~P=%;B^tdjr_80+J#Rnl(eLJJ#Nityl>T$qg
zLSFMAkW+789n3H<O`%s2uSo}ep=j82ioKAK%`V0RZ-5YR9AcP0Xyt)UB_7fLI5jQ{
z+ma!tE%twj12s=jB7c04?cmr-rt>3{Ef@PhS>F}E5GQ@`t6lu(_iaVfcU`p(Nentf
zA)7yK1krNUjpj0rN<jMZ3{v@7J}eQ2RypC<sH}APDnj{$6IK=y6vcZD?=5105oIwT
zn)^xi=SzRc^mTcS*(UIMI4I!L0_D^EJY_Iw3x#WcyaDL3o)X%za%lc6M{VcV742BK
z!BNRhGE^-3Myl(_93?U{;Q%+pt$#10?B@p@Dm2(W)=cR17#d08Kn0-GT;O#>!h4!U
z-re*S;|zDfG~im$Vcird>%{i*a2RwKR<Dm$_HeB}<JQ2FFW)z4vlPQYA@xD!*(CcD
z8W*d%cbwhA3B|;mEdA)c-3}gm^a9C`3K=t!N{YZ*<V{}HsM@HjHcfCmP4l;)>ao_B
z>B|cbi7kId^Ck5$qXpDyd~)snpTS>Wb||4{PrjTCM%T%6?i}}#Zk;XD*SlI~FyJ-w
zGo-~ChiAPO89IyC9CnpbE%gC?RBQ`~8rguj5h$5edOsCl;4b(M@<uXuH8pkh2$w!g
zY%HA~ClEH<2t(}&x&hsQjTkzA0P5(y`6z&81KP!P^EZ_DWjco~kU8370e&^Sw<sI8
zn;KlOmZqA*00cA4C~n=_{BVutJ&n=f_}PcYK>?wze*w<Lg79>p(B21On@kQuRuP$T
zcaphyj@XJnKaL+G6ptvpT1FCA@qE~5g&_1)<V=X<z13@Q)i}WG<Lv<m6>^5Knek^z
z<E@bwR{-G7g>K+{*rErU0tCTxq|A?-;pFu;j5Ftg^x<7WW`G0L{>LLYFBcqMn;;eh
z1^`+c@er_h3g<T;c?SOeXXJA~sYNuM(KVeBD&|YGF5m1gN1n>HM<(|+o-T9<AQlz2
zgs!bu!jfc_+#N7e-Uy?AfQBGiq}k7Y+p`_nVogDp#kn*O>#*bNSnd<ER!=F7vv>+L
zQcN&90+Bz!+c@fD0ARjHi=Jb#m)9RKg4+w&iQ!!)kgIhDg1em?gld-MPfY@D{wURG
zGO4*N*h%?q^@QU#HX`bu*1$VSGAiRJ-T;6!$o>U^F!hhUR9<pu2K&GVwYd5oNLQU%
zWWqI_vDX%&t^3~dGPPHHi3{qT^mwEi&1GIlYy9#4vdm5V{wQ?C6ye5H-rvl{6aVza
z>QqYnry0u2Gv-`SHK|j5pYZb;ubgZ3QGOtNlN&<tc;|jSM31G;?lvd+?9<-CX~cwx
zfm<8rn+4gpt<-Lu!q^0=gzeOi{wXMSnd}47YH@t^5&PVubKu1S>%6+S$qx&Zl25mP
znzw_lw_}Ifntm^_qAaj1&60F^f2p$oa{2>i*Hi0=dGq5wn(+25p4ZKS`M@&0gkY9q
zeZL!S^N0lhz41uR$Ka(gx1jru8vpG@>qMC;NNm0F+I=2kgMUp$ew;w<(L#Dn$?4kT
z-zn~Ex0OZs2JQv7|HhF0i#Rt7Fgh4L*BmS%d^;MRFLUu>`<Oy%_-WTrX!z-1X`*H&
zxW~VC4Q1g#9x8bwLTx9M@2C0SWqcHJ6!$vG_k(s~WiE-?I`F!>l*)nwkyn|PxnDuY
zGpO}ul99p=s+#_DQ*_U0xa_;JpA|~y!=yR5YJeW#L7)!K#S$Ke*a{m*tlh$Kx*4J}
zOOjz$Gn?T@4R~cVH&YKYTU$!5FjVGmcU(u@x#WPr`pK=`D(^U?Oi#*VInO7J6-;$|
z=M8R^$6tnW=Ke5VdzPGloQtjD|J#ZA)~0~NvxAfmcih(CQCX5K_F|t2_{ibWB^~-G
zI4%f<VGpCH@*^o!D;QL?I&>_nIrD>g?+q$~yTO{oSoY&%qqirY5sjACfNXvo8zz<p
zW9mU{EA=3=we)|eKqn-<h>b*{Hq>az{aEwl^vuL-ETW!AsvC0U0rmZ$_<6OOxU4rH
z6u*cCCrj%CbZzu?LCU+fGt1_K0=ic0aiH8Tv(d}mzpAB)%@%6-6<T=zOFbc=9%k!8
zEya^(8o%8q;{HzqAD^Qxwd}0}_xk7iN_l7a_i<hFCjHL)lCH~L&cO0T*E-V-TG2uT
z`3CKr^qV6A!LNVNVzRN!Z3}*hZ4P0NayNZNLQH89ybra|vgJM+AI-BI+`kVP$2}UY
zO`piz^&4;B&AB19va$+W&05f4*HZj-gMP+6GLdpb0yuZEUxwOT#VI4(H;py_>`Lyn
zd;=aEyurlO2oEI|CPfQU*p&b-f0^7f+aySv?;0IYmhE8@&azM@s(W+tZ9c5e4!{sX
zfiaPRB-x>31b(-@*OX3SfPO={;5>XR!!5^M3})_?`eW3RYLFL4dn&gCRlddq!UZp3
zAO=>+?ALa2%k{;xr<nRUXeu=s9$zWOjtJ?1PNOLcoL#&G!&(~h?atPEdY;ooMa9MI
zF0Z&T|L*(UbiLe-Bc9#&67%!x?i#XH6HhdYFjM5zig-CII*=t%B#{??jgR322-#jL
zI0Z4>D-8Kl++6_#b$F=O!pn7J1$t#B@!$C5)BfdlU5HN(yJrQ%j!dq}rfM(a$o8fv
zTp~yzd4j8p6OX6R;`GAwKclI1Fc=V2d+jG|XGUoRj0-i(!+O4<BjZ4RiaoDqxJOA2
z^QZ8QN&onTynT`N!FI3QZwRz@4aHin{}sl_H9kL+^;%$)w0;mdRv79|L7yxlNnri_
zlplDh+EFz(=Ami)W*T3-<^6{6HS{;ses}l_<_h@LB(+lJ@rSVgW9#9WG44NGU;Qa2
z+S024;Cfo8G!U;DihV^+kGGfjgUgGF-JBh7VQQCM+RprD&)>aQ6eJQWJVRWoER@>i
z1n>F0IMxw9Tw>{kK1i)xicm&1#D5gu{o<ibV^hx<hv2F+k-9<WC#F4|DsvpLXV-<d
zyY&0d10?>>fIFIqAt;KD8L+_HrIBbg;wPdL84HblQ)C+~sF<?MjcAr1Bm?5&my~h(
zmIgXkoLRd?BM^>>=()-`U*es#QL*>k3l!ZIIv@K;?LQ#Ty`{4Un&{&BHwE!4CHY8s
zb9=V6y1JT|m)G4blMWT&;|nz-W<B2nCBIEHyUrQjIzxOyU2E|uYi(_<t^L~*j;T&d
z7C*plSUn8_HJmO-n>C)pfM6;rDh2LXBA-h@)ttSbpP#BK2EA@3v!))k_<TcvnC}8c
z>I4*8zu-(cSeUL5Bkr5o$S)*>_9hh!9tbP63Ei-@-I*%W`U5q{cz|E*9v&Qg5%&dt
z8!AqBkj06l=i^H)WY~-BjUhDa&H65JxDC=MS2hEuZ%EK2A?7il=<>wG#%6A#1e`7}
zo5c3NGd9MIpFdt|q97+9fkL^>J9E;~(sFV}If_$KQp(F&<9&f+WOeBp)6DcfK(mM&
ze>?<be7v|n(tbU+tn~C-cUOl9PI&8BWKMfWM`3JOM&0G*<%!f1n+;{d2C4JVftZ`O
z|6BS2v6P+dd*c_}XAbE3Im(!ht}dY-!&a5Y?s!9E<2m`%D80cEDAaDvBqLM)e6j=U
z6rKb_P*wizV*B8EyeP02cwuSp<u&WrAZrR(ZT+}4@bDmBL&iBehQru#{088pEc4$o
zpJ>Fg>6w+b&jHPHL|?21Nq6=$)R_j15nrFPD&Eh<Z<(3a^HJ<FDJ8YbbNBk0i6R`*
z@G3PUU@<8s2E*R?`@}+U6R2I^z(CP!FRpoq2^CGNi>{H+?w}3v;%(RKEj$S!Mmq<B
z(IrY%q_-xm9*<|c{_)IxpOWRfh6qKz!<1h=4<k;!B!PTc&u6z|TRf+620q%!lpoKD
z5X5|d2!t$7?(XlzIq{-CfBt;IcDT_SDalu1iKQ&2Q=j|;x4UbaYlV5OHN#UD6XxJU
zwtC?{T%7(VXEP^1pL=I%W~RR;Dk37HuX1VKEvnHGCAJdR*Rp~fXuf$U64ARzr_~Sr
zn`bCZ-4U1I=;%nAY;i)<6>@NT8ky{N_Eq*cDRbAP`cP^8&pSqLb}@=d)^ojf1TGW=
zuDwy*%gkJ?v!NjzhLx@$bKNNM;+5*d$YJ{zRg=C4TI5VM%m4OPr0(G0(9qICd@hXL
z6;g5pN&P^^55gwB`9sbgRWKHhJBqdJyXfNrVPqfmezre`PZKHj!qWT@RALZRSPem-
z5^p>^3k%wi;p4v4Z<gcyG<iwwR_E>=Si@6@b5-guorPcC*_oI4o%WW^tQ)ge-JewU
zoM=ex0>Ge^j5r+xnPav+yv)pKieCIzX%!U}w>)7m)}-_ukaFHzgi{wn7|G+5d1`x{
zr0MDDe;+en1TZl%d6)d(P0|sYq|2Usd$A8zE|HZaJf;mTq1MY{WzY(4=jWC?_Z)ui
z@>{sQ6=vuSQ-CWdD5!~KaGABg4jtowUSD0oe{hF#+VlZ6_-BZIr3cSO`wR8M!;{5P
z&L`WkhATD9p3M{ij5184NkCuY_wR=axPKtim(fa;f|ateva@{@{tu8YWZ2ay=;maF
z@I8Y{2+_`OGnrC+00CB2FlwY`K?fuLs|<{990C|AWwK^5>2yB&!-s3o^|_v60eW*D
zIjtPRgt>3DR2cA-q_psKZU(LJb|M7&gXFocbeWR(9K=jXv^Lt>+AmBjhJYXLEZjwN
z+nG?T)i-~9YWJt}VS|-;lcg9Ywm)@XEfNnH|K<+Qy|wV4V^-iM73T;2p2BISVy&?R
z+1aH=A{%|~ffA*ZDM)@p;7A)n;Gi}8<&9~TNoV)C((aRbW?*bgQDa%hL7|zz%%BzP
zuZ%##mOR&z{*e+*!tvud{eI$Xe0+SIGM?-7tqIz>evMhj2x3da=m*aUR&H)TZ=~T$
zd9w*K#Vqo7<w<k#>GbmxG5D`KfMypV%*cRFuFp1Th#7&c_utafC6s0V@hnSEh6l=z
zyt|W)LV6<EssEdm-mH`6henTpIB^Mz>2R*F7WzlgwF660sK-1E$zj*x_n>RjMHUIn
zT8DC98iDbqIji4HQ0M-xXPE&3r(Lq+XgHPm=VWNyYhSJuNN)-bXyYYA4KX}?A-WZN
zb>rEFp@zUGz?aO1<wi}bI!MMtwb6Wg`}J_8Ql1Cp#X;80gQw*{G;D^pMvgm_g%)c&
z302kAz`Sv;V+!_{duj4ik+~r-X&NFhhQl5Dm9zY_U@qv{zuLu5(e5w%vu*q1>V9cg
zUQ<9y0QWk|6g3&X#u-3#Q6+3YbxzWQ4Ypf`Hc&YieLT8y*|r}!5T0qtpq1Oc+OD4C
ziyrZ5{q-B}`y>Zb62pg))goLh&hEpb72S9zFOnb6KRi8D{r<8C1+?2<DT%nzRLm#;
zAqzbA^7Kri!LhV3%iBvW8_6jdcsNwp=}P*QLk!=~<Fl{~1XZ<dr0X`i<j^DS<c0%V
zjWdRl-QL%?eR#A3kFhpJrOsui%UBVfU(kwvAB85QiPtWZ6Q>7}e0s3aI$1Q*m6Z`|
z$9mVvQ^)P17IbJq=TXIen<kc#b?R)jdS7w$&N_dh+_dFpdzOm>tF%@*UeafK^jUZM
zY%xzfxFw$W;#g%ScC@RLJViv{{DLp_=ziV&AZ?_bDw%!_85R^+K&$c+cC`b7;gf^!
zdkf+K++yzA!7U(VlTN^zS(Dh!w$apvnxHq?H_9PLvkrmBv6taxYGR@0E&bY$Jxn`^
z=%9sJCCM_P>1ycq+bfLYH{4p6!&4Tkb*@^gP_cSk(^iE<pR`{O6|6)aF|geh$<Mtt
z(-#o8$xV8tJkt)&fUPHF&ZK`Lv`e4;MlD~F>z7E+LhakO54^8zbDujJO_*>BO_v$z
zj4LH+Ds`DR|4;;TMfm!oSDjZ-&`<v2(z)H~YLkTyS7l<=gESDL>LOgx+g|WEv+_0b
z`B9yb=ef5Ik~F%XVxI9y;y5N!Nll=ggAuL{8xrbj76_0td5R|R>l;2Cfzn=3!d;Tg
zH0#m>fYa6$rzGjzU3HJ%hU1Bn!%yO6*k-7#&+0A@tKgsc{ck9_A!uFh7yJE-kH^XH
zthZn0>y9|4+em&Hl=vTnhm_+q(-x^$JEaDWqgv>riK>>G`411%0U!7Q<kBTr`acpG
z;6M8fVDSO)_p~+a+@ZJT!uJ%Zi;r{Ld6$clAK`CrW*4<Q3cPS_ntGtL+q%|UpPRl_
zt)&Nz`ZM3A1&ILRJ@@L<me7_M>NTNZop)^vXVh`0e*yCO;tD%bx59ow#0oplpi`6f
zY~gW~ldgiAr6oZJSpww3S40G^TrRSUENHG~msvj@=<sAdIzzv>;JJ-b1j`ZSji?Ee
zLTl2nAyhWMHZ3iUzksZ{!}?{2zVfqu5>Y~5@~9WF(^_a;b~E&z=QvCjw|5WNejE?;
z{%reMvCHi`dto8d?R}82^=I3&WL#s(LB292YEg%0BERP|DVnt?s>gftiWB$s=Nbvd
z=SUbyI<#ttj~x{S{u2T!Q2RFLG*^wk1i9**7zqh7h@5Gl>9xo#|6N~n$3bb;6VgFN
zUzJ8^$nWgB*Ikyg?flq8)>h{1cvk?-rpolPY!0(GM!SOzXP)Y2)R$YiF3cd026Zgt
zC$-2(vYvx-rJwe<ujC@c1B{te2s{Bgk*TApl#?fmFZ0uW%FkG$c$}PtH&|netFZxv
z`@-OUqKZcBdGF1-3aiob-FGyBZQKjlIZ9G9^2rV)Ol0^!b-oU#@|o|8+=RL0_q2=Y
zkJ=pxBaND`!nB5#Y4fq*5ASHr;nM)xAj{WDWo}UE@P>v4#x<gO@635{6?|{%ChPed
zj#}mXM@+{-B5&ty(+^STK8(k>y9N*bz{jirO3CfZV~CgeytlXU)Ef;V1Vt6J?s=q7
z=djU<1Y;vHrhH(A>JE~{)8;^F*eLe7O7b%gL#p|Ep;tpwO&~;P>{6;M#4_XfS--bT
zEYZIdr}5mCRMMM&O}DlQ6Ni^>a7I$R%&KRyH7)Pr_G{OY?<N|b*Yn(+oH04KQ_<_6
zn5kVe#%KiIGKC6xIU@J-A&W}8d?<bs-{Rm)NSW}6Ui3@~SSn+_@mapwWHv%q)L69{
zW6tkFS1--8hCH}}y<!jOjk7!PF`%vL;R40Gd>5)>8+e3}RjDg&&Hhxi12ACsFKf`f
z7oYv-$yT{+T$4%p1=MQOd3No39a3SnDEYVOLS7{rc{wd@iSWE>-p@m$%r#o02ziO%
zxSH&+4z<duw10*jFW~;<@v_z^J7ha(1vWN~&f!Aumc13Ic1}e2N(*eK#hJ>!y~N?Q
zoNX(k9_6Cxns2M!L<l_Hloj-M(e)xL^zfiJi^bR_%(?o9D`(^<&bb<M<^q{q@jM@g
z^qzK6yU!yTcCI2gqxr^uEOZ{B{t%c4+W<H6x!qLqKLDy#H8pb&FXmG-cYQtqtd6;s
zf<RkJ=`(aq-w4fkl*T}-w*~*~mtMeLE^KRYoD(-sZ0bJUX#m?MswJBppA|HSg1sz%
ze0#-?xF=+&Y!D%WOX|WtaE#ugvR?9aNt{nzkH3c14l3McsO#jbaWb>>{r^m_I8Tcf
zb}|n5Q3iXZAGJYRPf|ojKYn^}?zDp~9{^7qdg++dm&hou72(25PwkVg{v+vvH1|(V
zZTY~N<{za>gyBEcYJXDDYhUqd5=9N`TIFpYkmjC}Wv0L1QF^n3MhFlZVwMZM8>jvG
zc8j=_#^<gP%cUpbTXi)~{RDER7s;HNSsnKeocdMF_^e&BWJ8II+$lsbcP*`=PRv+i
z-t79%hik!mm=?ei9g|Jp??RX`Mx=SnP%GjUi+SJ_g3@6wef+8l)ysu;n$oCpc?1^=
zr;!DZ%A6Ow$LE9sb>DgaDeevn1;A16ClmhZUAZw+BJO|7GvJ0_=j9@hPU0u26PbDX
zQwosiGyh(|WsVhbh7B7VSM#^2+bq^7=g9m=hABYDPgecGAu$(OENNcD;k)pY6W93}
z{o=)u5!DB6WD$7xgnuu7CS28A_MgzhT{@DDctf8{@&8fwUBv4B?w2@UQwv)(U58s+
z>L-e-FMaZbnb<Zr9L!KLBSQOW>5scP*iU^!5_+F|`*or!y+O<p9^4K|6wpy_`zpE7
z>+GPRrl6W9d9hq!*i@F(^6WPi+`|1oe#XHM#V8H?3VEHJp-9MA2BWM&*oupsHc!G$
zIl7T+C&KU#W><18`npZ12wP^0?we&E%f*<E=6=j!TJR%LV4D`#BTL)m52hIPwp*Qd
zm&yeRLU&<WiU@PM^ye999_(eVE^2Qs%&T1PRz2rZp*S|_dA)r9-21dG41ZYMclc*q
zPHZ#Sq}3CBTpI#{&!j_c@(d$KtC%B=D`|$xb2jZm<<z|cJ=Rx6PITZ6H7AaPW&XC<
z_Me4><#SDY9E*M>ei&)MOq5yfCnX@Y`f~9Nw$Hcb<?d}3lc{CGDW$WOj(kz?jS%?T
z5D7b?HzP!-dvq}&W%!vyM=LwRt9uQ8l;Uyl_uSa!H!B6$6uy~Vg$SqAqp_QZ!lPuk
zfNoR%K$*YejOFi>W(91%)zevdoylqjmA@%P2At{~42)X&EiW?+*+-4v4Ycp!@dWvw
zDgBqLm`<rhYHSZ0b@ycvG@YEC<x4h%adOKFSK3GZV$A_Rc?YT;zHHIIu`|@<at%h%
z^y)p!e<*bBYtLde*4oh3WD$K>+2=~Fdb&CFawyt!AknMLEA8XK%Aupv%7<ebFH(<I
zbxO5axt~RU<u&(Fw(a~*_s_ZSU_#Vg%vJvq^IvRP3C9;Ni}YMF8{R(L-xz($_}Kz7
z(wqr!)01r4e}yP@+;dd-!$*+F-P!g%;b<*53<KC^O+5Q-J4dELq<<WEHDfq*Ncj4w
zT}vL}+D(ISpMH<)X<qX{yo|&K0R|h_B(0c-yDbc#iCDK1w12@nn}vU*qyA$h=R8*T
z^QZFOdI~M+vZFHKo33TNF9@EFV}EES*!)-~_{y8H^UtF}XkB7s0<E>KBaJv3dUU~F
zDnhkLRK0fs$mi3UOTj*Aqy7ON6&X^UKXq(73j#;3Um*(6a7w=Eb&`O@KbAb|FG5l5
z@1^u!`!0@ondd;Z;zY&k>0abQ{OZ~A%;vBnGk7d#l4-^k?+a$ESC=ES;2A|LIw+sG
zov|H??43x6y?*(tHMoJ0&o49co4MN#Rz<e8YQ*vYJ8DEb;nDv}&)crMy+qqI2@B9@
z_WP+X;-8FB#gr@?pNk7uen7PHg4*P$0_z&#t3O8kcD`yE1z;f(@Pq1em+>_Y6vX6e
z-(5!8HguEgP@N24RWa6d`e#;0fe(FSLq%B<J0npg3(-1|oj)VN?2f6xsnoFjCBVFS
zo;Or&vm?+h{rY?FSC?b@of({oi}uUwe;H@Ezv{0bhFe0-k!Yxv$j9S4n$AwU2gm?f
z+k{gQ4Dfrd`tE)_jonarc*^cXneL((aIuYM$7J=N!?Ioe3W~P=z8|R`=cm<L0e52w
z@gv7*zMHKUgtba#wjT2zb>x^b6%W3e2L;B^-)861&F4|)pMSa)fA5d%70C71M6))P
z@6i^+GmhDfM`)-_;NQtQtm#tp>BTTUxJM5ND88t#K~=eB4*1M?e{-tjjU*7!-i@fI
z1OK@F9K%`!K$E_XgkzH6ncXhYx+T$6AO;}g<C<UVj>M<%e&Bg)$WXxf1q8@o*ynQp
zYOfb;D0%56T7))UhDk!_V{bZDXuC|Hatfm5`Sk|heaUkQ4+GhwK!Ady$P(q>(9pkb
zXk=u>^>o|eHA?VUb+Q?^S-X9b&=9V~`K1fl4;eWigu`zNPn6y5&tIe;*}Ov(ut@TM
zQG6T}*(ppat0YdXMG1(TCjEyY5rKi}HS#1o;&8mf4~Y}wxFj4D1pp`?RzP^Q*`u1^
z+7CH=y)dE^(W%v>rJTa3etdjF^$1sc`vS!2@rb?<RVRzd`0>P}6)hsEi*@mn$*rsZ
z*JfPQrK6anuKW4(vrA?lGMd2=a|$k6h-LJAAtTMlC75cSiZj&6P7!sI%c0aCFCn&_
zaw0M}v%sR}WI`hFLD>DRdboJN4l-IZz@+>2#LXSmU)?JFXaW!aQqmm<)w~WAnW$&8
zO06QprL)YG)PHgvYRjT^Cx2nrbs!rfMl1Wtp(E@8wGf-nc%bO#NzDYpej0D?x4Vl5
z>m<B*$*#;{Ep$cZ6A?e0F5ga^eS>)%{(S?aP5eP~xF_48ah}6gc{lcH2I-?<dfSkV
zSMBikh`Owphd;M69D6*#WkZo~rY>jlkMGVt+md@3Yx}V)kSbG6R&v++l4&6SN}?GZ
zRdZTx5P5hf?(j7jkpe_LZf8E*#8~F#!JL+s`~$ggf;}>kXtlZ;G5`Fg%3Njq=b<&l
zU>uvr=7(hE?<{hSeL-8xBbhI9>Yytcel^R1t$?rf&cX~r`L^i=o=O^IOom_Dd{qUJ
zail2X-MQHDJkJBL`vp2MOTG)`p?pgp>l(&y%MI_{_LSQNCk`w3YSyDK0DjbJ@_kjH
z;~sf4NKJJ26B_xmzpX--4KG(+W{l;!bSMkmne469Ugk|SEIl8^SpJSU<M1Es0a(BN
zZ_D~2#@BtFX^YjV<=}?`2#9B&ObVw$8tK(X4YXy+YpfjJwtnxQcmO0igBO=W%CX;3
zl7y8<LRO+{pQMdKSc2_38gH?;KGf`+4h>@$a*kq(bN30OYWo%wjL35S$m2|v-vCEV
z9;fQiEDv%U61L=z%FBOS5sN7^W_wf@xm}`e6~Qx(V3xYgj5KlI_KNU67`+1Y1GMbU
zJCM?69K(%tleG#o%!G9113xSRR8o@6+FDyr)PDtYxdf^ND7r|>3+m2t;eOlHAbwrs
zbw8)tp{`?#N>Hy>Vw#I7(z02B0<w%%MR&<u=Px{*?)XSOZrq-1)`gu_GJkyJ8B@mk
zW*pp7a7}m#<$<B`d34u!YElO8HT9Wfv*!6MrYI4d)}UB@9X_;E)qGmYV_%w_oHV!7
zZwDPcDkz-Li;ccek?m4)DAzMr`MC({zrAnlpHM(iffp3JmS1wk*^NMFaGqkrk$JA!
z3pog`p||#7n4upwSZX9`&faerXJE&i;#5MWSo6%vFZtqmh)b$jczV7EOsRT!@GZ_F
z$pwDkBMDGovM(g#3Jj6-$W=cZok|hs;Q%c8ryLlkigCPSs>x^N^}%SwYLlWp@+i|)
zatj!bQnjjCdTV?pg>rnxS44WT0OEQfm>^wgO2=?0i6_}Y_~e$TTEI%|SPD1@R>bq<
zg2`!ar%7_C%Kl<)qLZQSw{jsf^Jc+~V#S-%V{$ng&!1vV3q-tD?feCew$g(`diU5!
zW=HzyUb<kxyGO-|lb{xj_v>}&!#!sNpq;x+tBf*c`0eX-_G$KL-Wq=;r!YaE6?I+d
zJP4<l*AeM^lsj%JT%~tIF3@JiS!umjv6P-b9o#fapRuDiGix0<C46n=VBTWmd6!>v
zYwZ20rc)i-xvV)D@&Z76bEK3vf9%rU&<65}(H%_@)zH<-)#%-2Dn595eqv$TAnBkM
z^?WTC_!ofY$wQ{V_+6uP$VBR2BBM`Sg;4ED@K2Etf1mSu{D-HS(;C?LO{??a92!_V
z^fEQ&{q6@vX}el^h4NG4kf=6kDcv)sPjqb5d5K=xaT0#lv=c#($wC>ad^E@~Mm@Gg
z*#Dobs?9oLE`6UK;Mo!1-gn+^VhULP-@Na-+)QVz4a;9j(o@sY!kuLImJ|A44rgn`
zIu*tSH};M!Wk)1otS&LGhX;^ipQFMHRsVIpn(Nv(l(f-B@=!QB7Ef`Ftz2%qq+RF(
z?YerZIHz%hxh0M{&AUy=+ar(f#0%E`)axho@(%&|?>IU;FY$xcE`O<uQKa$+sVq)~
zzIJ*(E+j4W9*MkAHz4H!L({qG8&_6VR8pCDX}s788#K<PY&}ZF-Es+EuOD78E5!?6
z+||Ky_EXDFRZvV*TJJ^)_rD_hR5W6B$uY;pt(HJzjQq#a6Sv?jFLjudYC0!g9tC_w
z7b7-IBC#5IFYct5*@%XIG?Kewpga=Q+{572`o)$9P4tdC?*+Q_IvM?Ee;oJ6yQ^=*
zsTU+gCOo8JEk+!NhPH%6;o(TVr|D86j{LeNLf{O(fb*~7<?FmDb9Q~1(q*(ihY<}`
zvhphsu7b*4<NH(mMfemgZx?`5d2Sc!MACAAAphVkMhMIKALW|YL6Iv-Y%DA{e~a|*
zGkR$En_i3@+0FF_#xgh4(G=NX5uuC!iIYJ-mw)&p2h(N}>dt=|Q8V#;qCF^rc~|!;
z$03QC1fa!sN2;rnk3x_e@|#I(4czUYba3DZ(ZWR-w~yzV%!jn<PyDkDnR<~rV|9>S
zI=|~Z2r@9^K6cOV9SQpw{wF37N%lAT=kQO~$#=au6eB#p?KtpWTcCmd!iM34ElUM`
zT%NWTfA6=o639Q!#xt%X%4G|l@4IemhMEa^QItX%L_qY$Ma<64;qt#U2v=WU9$EjA
z9y*uPxeXDO#I3#AAZpSPWa_)nnPJ12t%$=BrW6EHBz%c#iB`PC#H;UpUmx|IqEa}R
z7rrqO^$_=QQo2H5f<Aq>_61(&4qg)TW+Ir<fhHTaanqYmDX{s2LhV;3fsZ@g<+qSQ
zWwZR~PpbL<dJC0z3JNH7P>nFGPhZ{~x<SPL$dzneyl{hR?~0$a_EF#$rpY<oZJlNZ
z8$nv<xTQzAo%Ey(K0yD!xtqls9Juk+E1{e{$@BHS_urLgynXvt1?c<kxbB#OkQ<GM
z-uK%pW*v#tpVnaP`ss+%D^J$`iF@oOzn)?Ss!LlQTZD*QFg&wc@$&p5?SBv2%@h2h
zwjOA8`sq7S?>4OK4gEcN(vBVXo1T=ck8fCUp6g%z?@m#P*^>KMXZd7=E>JyreSU^X
zm&dee)0)ofFnxNm&F9I#?R$;Wa-}&AZ>SGmSY7Xaa?bw=^DkUntS0V%@Z1ESqs_;8
zB%Kt!IXVxTp73@|usNa7{M#zezDcJxbX|GuADdvInV)}7{OoD<@}Bi=_79OW>$m?g
z`@eA2+2Y#lhUZV79p>-|Dl~EXVb}it@|S0quN(C$Xw0z|zW3|pzC7=e*S+%Ht15O}
z@PGbzli_EFo6LXr8F5J6UioSE_0JD~Z_+CHU^$2X`F*{(<?sKmSmm^ksr^n<Z0cK+
zl4IM<TJ=I68>@yrtv}nS5&!vBR_42NAzV-A%y8Q(dUenH`-^_q-7HNxz5MeY)8FOa
zr*FOXrR@Ixx_i}SR>BV~r~Y)<rM~jVv&S{_cfSi>K1J1J{=R9QKWpYm{_9*M9=UPf
z#iNJjFFzo6UDuJ@{{7O=r)w`>J9m0ZzP{XlyB||7|J(VuaDhQ-V3hUo-W%6agW2V_
zWJdk46ezQe-oO8ud;g7vb(?Rxn7;qL{e#Wx+}mI`=<ofT8a?~oyT|Q&)0Z1F&I_K!
zzp#2zSGwJ)?~x^Um-A(wUA{gw$!KOu{*K+dZ?gujy)I}ZzUos&P@SmmxrI^Dk0)LT
zx-m1c+f3bXzTD^eCqBQN!SA<|<Gaj0|I4%e<4@}d++}motqWfM$hu(SB4@n~g|)S7
zD|F5z%YEj|p4mTd>qZ5}=ncW#H{L8@?Uj_5D>q|nKA5%jk{U=wX7<eUmoHB)y=b*+
zVympo#u&Z!!-?P6{)X#_bsr7`sSteGdRB0&^3;W1YmOIuORiS$Kex10KFV3w)caSd
z+3cIA4f-q3{NEq-Y{|J-7pBNATo)f3tNAzVam}p8(0M#k5f}GeiAsr@wJ`0NT=_cL
zxggc<Yf~4#V2ZeGZS>;6)2FF{BBqTqj@vwYd~H*~w%fp*k;|sH>+@1|w*I$?a-V1P
zd+48%X}y>+<)EMxODP*S$b{vqQy*sV>MiBYSk->?!91O=^h+_kcTZn8ykpo_c_!IT
zX|G7RN!Ox^y1HxWv*+<xt-N;K>ip+-<y)cFGcf#T+sebx5XHvepv%mVCCR`*4);S`
b9iz+s-oKmmO1OaswlH|Q`njxgN@xNAR!440

literal 0
HcmV?d00001

diff --git a/experimental/images/multi_tenant_8021q_vlans.svg b/experimental/images/multi_tenant_8021q_vlans.svg
new file mode 100644
index 00000000..5c6c6070
--- /dev/null
+++ b/experimental/images/multi_tenant_8021q_vlans.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="409" height="232.14285409109937"><style xmlns="http://www.w3.org/1999/xhtml"></style><defs><linearGradient id="RKkzpzQhZTCk" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="SeALyqvahCFZ" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient><linearGradient id="KIKSmddbxdCC" x1="0px" x2="0px" y1="100px" y2="-50px" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3d85c6"/><stop offset="1" stop-color="#FFFFFF"/></linearGradient></defs><g transform="translate(0,0)"><g><rect fill="#ffffff" stroke="none" x="0" y="0" width="409" height="232.14285409109937"/></g><g transform="matrix(1,0,0,1,49.49612211422149,23.274999999999892)"><g transform="translate(0,0)"><g transform="translate(-118,-61.828333333333035) translate(68.50387788577851,38.55333333333314) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#ffe599" d="M 53.99612211422149 27.77500000000007 L 315.0022137987153 27.774999999999892" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,46.49612211422149,22.20833333333323)"><g transform="translate(0,0)"><g transform="translate(-115,-60.76166666666637) translate(68.50387788577851,38.55333333333314) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#e69138" d="M 50.99612211422149 26.708333333333407 L 312.0022137987153 26.70833333333323" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,46.49612211422149,20.074999999999903)"><g transform="translate(0,0)"><g transform="translate(-115,-58.628333333333046) translate(68.50387788577851,38.55333333333314) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#e06666" d="M 50.99612211422149 24.57500000000008 L 312.0022137987153 24.574999999999903" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,44.49612211422149,17.874999999999943)"><g transform="translate(0,0)"><g transform="translate(-113,-56.428333333333086) translate(68.50387788577851,38.55333333333314) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 48.99612211422149 22.37500000000012 L 310.0022137987153 22.374999999999943" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,44.49612211422149,24.574999999999847)"><g transform="translate(0,0)"><g transform="translate(-113,-61) translate(68.50387788577851,36.42500000000015) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 48.99612211422149 29.075000000000003 L 310.0022137987153 29.074999999999847" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,46,63)"><g transform="translate(0,0)"><g transform="translate(-64,-36) translate(18,-27) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#e69138" d="M 52 69 L 138 69 Q 148 69 148 79 L 148 112 Q 148 122 158 122 L 184 122" stroke-miterlimit="10" stroke-width="5"/></g></g></g></g><g transform="matrix(1,0,0,1,42,42)"><g transform="translate(0,0)"><g transform="translate(-190,-32) translate(148,-10) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#f1c232" d="M 48 48 L 234 48 Q 244 48 244 58 L 244 137 Q 244 147 254 147 L 277 147" stroke-miterlimit="10" stroke-width="5"/></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,133.38636363636374,108.14285409109937)"><g><g transform="translate(0,0) scale(1.7571428571428573,2.3636363636363638)"><g><g><g><path fill="#999999" stroke="rgb(0,0,0)" d="M 58.97 19.094 C 58.977 18.895 59 18.7 59 18.5 C 59 8.283 50.717 0 40.5 0 C 33.11 0 26.751 4.344 23.787 10.607 C 22.275 9.593 20.458 9 18.5 9 C 13.5 9 9.41 12.866 9.037 17.771 C 3.778 19.616 0 24.61 0 30.5 C 0 37.787 5.778 43.71 13 43.975 L 13 44 L 58 44 L 58 43.975 C 64.671 43.71 70 38.235 70 31.5 C 70 25.095 65.18 19.822 58.97 19.094 Z M 58 41.975 L 58 42 L 13 42 L 13 41.975 C 6.883 41.711 2 36.683 2 30.5 C 2 24.994 5.872 20.398 11.039 19.271 C 11.013 19.017 11 18.76 11 18.5 C 11 14.357 14.358 11 18.5 11 C 21.017 11 23.239 12.244 24.6 14.146 C 26.512 7.15 32.897 2 40.5 2 C 49.613 2 57 9.388 57 18.5 C 57 19.353 56.914 20.183 56.79 21 L 58 21 L 58 21.025 C 63.565 21.288 68 25.87 68 31.5 C 68 37.13 63.565 41.712 58 41.975 Z" stroke-opacity="0" stroke-miterlimit="10"/></g></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,46.65404609475037,143.99656534721677)"><g><g transform="translate(0,0) scale(0.44395492957746485,0.26378466557911767)"><g><path fill="url(#RKkzpzQhZTCk)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(2.2524809014999616,3.790970933828097)"><path fill="none" stroke="none" d="M 0 0 L 44.395492957746484 0 Q 44.395492957746484 0 44.395492957746484 0 L 44.395492957746484 26.378466557911768 Q 44.395492957746484 26.378466557911768 44.395492957746484 26.378466557911768 L 0 26.378466557911768 Q 0 26.378466557911768 0 26.378466557911768 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#RKkzpzQhZTCk)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 44.395492957746484 0 Q 44.395492957746484 0 44.395492957746484 0 L 44.395492957746484 26.378466557911768 Q 44.395492957746484 26.378466557911768 44.395492957746484 26.378466557911768 L 0 26.378466557911768 Q 0 26.378466557911768 0 26.378466557911768 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,50.53252582967698,139.4965653472169)"><g transform="translate(0,0)"><g transform="translate(-53.7573249679898,-143.64485245977795) translate(3.224799138312825,4.148287112561064) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 55.03252582967698 143.9965653472169 L 55.03252582967698 170.37503190512842" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,78.11478334058147,139.4965653472165)"><g transform="translate(0,0)"><g transform="translate(-83.50230524967998,-145.05170400953324) translate(5.38752190909851,5.55513866231675) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 82.61478334058147 143.9965653472165 L 82.61478334058147 170.37503190512865" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,64.35179257362361,139.49656534721677)"><g transform="translate(0,0)"><g transform="translate(-67.51992778489121,-145.05170400953324) translate(3.1681352112675967,5.555138662316466) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 68.85179257362361 143.99656534721677 L 68.85179257362361 170.37503190512854" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,17,177)"><g transform="translate(14,28) matrix(1,0,0,1,0,0) translate(-14,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="104" height="28" fill-opacity="0"/></g></g><g transform="translate(14,28) matrix(1,0,0,1,0,0) translate(-14,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="104" height="14" fill-opacity="0"/></g></g><g transform="translate(14,28) matrix(1,0,0,1,0,0) translate(-14,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="1" y="0" width="103" height="14" fill-opacity="0"/></g></g><g transform="translate(14,28) matrix(1,0,0,1,0,0) translate(-14,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="1" y="0" width="103" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="1" y="12">container1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="12"> -</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="12">vlan10</text></g><g transform="translate(14,28) matrix(1,0,0,1,0,0) translate(-14,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="104" height="14" fill-opacity="0"/></g></g><g transform="translate(14,28) matrix(1,0,0,1,0,0) translate(-14,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="12" y="14" width="81" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="12" y="26">192</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="32" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="36" y="26">168</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="56" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59" y="26">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="66" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="69" y="26">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="76" y="26">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="79" y="26">24</text></g></g><g transform="matrix(1,0,0,1,70,90)"><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="147" height="14" fill-opacity="0"/></g></g><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g/></g><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g><rect fill="rgb(0,0,0)" stroke="none" x="74" y="-7" width="1" height="14" fill-opacity="0"/></g></g><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g><rect fill="rgb(0,0,0)" stroke="none" x="74" y="-7" width="1" height="14" fill-opacity="0"/></g></g><g transform="translate(148,-14) matrix(1,0,0,1,0,0) translate(-148,14)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="1" height="14" fill-opacity="0"/></g></g></g><g transform="matrix(1,0,0,1,73,7)"><g transform="translate(3,0) matrix(1,0,0,1,0,0) translate(-3,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="106" height="19" fill-opacity="0"/></g></g><g transform="translate(3,0) matrix(1,0,0,1,0,0) translate(-3,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="106" height="14" fill-opacity="0"/></g></g><g transform="translate(3,0) matrix(1,0,0,1,0,0) translate(-3,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="3" y="0" width="102" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="3" y="12">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="26" y="12"> -</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="37" y="12">802</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="12">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="60" y="12">1q</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="77" y="12">trunk</text></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,282,8)"><g><g transform="translate(0,0) scale(0.6083333333333336,0.6104050109462419)"><g><g><path fill="#3966A0" stroke="rgb(0,0,0)" d="M 102.635 0 C 93.815 0 86.371 6.797 85.395 15.43 L 4.554 15.43 C 2.043 15.431 0 17.473 0 19.984 L 0 53.338 C 0 55.849 2.043 57.892 4.554 57.892 L 8.016 57.892 L 8.016 65.776 L 96.471 65.776 L 96.471 57.892 L 99.672 57.892 C 102.184 57.892 104.227 55.849 104.227 53.338 L 104.227 34.655 C 107.211 34.382 109.971 33.334 112.331 31.735 L 112.331 31.735 C 112.785 31.428 113.223 31.1 113.643 30.753 C 113.655 30.744 113.665 30.734 113.676 30.725 C 114.093 30.38 114.492 30.017 114.875 29.635 C 114.875 29.635 114.887 29.623 114.893 29.617 C 118.039 26.471 120 22.143 120 17.365 C 120 7.79 112.21 0 102.635 0 Z" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 102.688 3.191 C 94.836 3.191 88.45 9.579 88.45 17.43 C 88.45 25.281 94.838 31.669 102.688 31.669 C 110.54 31.669 116.926 25.281 116.926 17.43 C 116.926 9.579 110.539 3.191 102.688 3.191 Z M 97.377 20.901 C 97.118 20.901 96.859 20.802 96.662 20.605 C 96.267 20.21 96.267 19.569 96.662 19.174 L 97.412 18.424 L 91.228 18.424 C 90.669 18.424 90.216 17.971 90.216 17.412 C 90.216 16.853 90.67 16.4 91.229 16.4 L 97.414 16.4 L 96.699 15.686 C 96.303 15.291 96.303 14.65 96.699 14.255 C 97.095 13.86 97.735 13.86 98.13 14.255 L 100.571 16.696 C 100.665 16.79 100.739 16.902 100.791 17.026 C 100.894 17.273 100.894 17.552 100.791 17.799 C 100.739 17.924 100.665 18.036 100.571 18.129 L 98.093 20.605 C 97.895 20.802 97.637 20.901 97.377 20.901 Z M 105.863 25.522 L 103.422 27.963 C 103.225 28.161 102.965 28.259 102.707 28.259 C 102.698 28.259 102.689 28.254 102.68 28.254 C 102.671 28.254 102.663 28.259 102.655 28.259 C 102.305 28.259 102.012 28.07 101.83 27.801 L 99.515 25.484 C 99.119 25.089 99.119 24.448 99.515 24.053 C 99.91 23.658 100.55 23.658 100.945 24.053 L 101.644 24.752 L 101.644 9.174 L 100.945 9.873 C 100.748 10.071 100.488 10.169 100.23 10.169 C 99.97 10.169 99.711 10.07 99.515 9.873 C 99.119 9.478 99.119 8.837 99.515 8.442 L 101.954 6 C 102.35 5.605 102.988 5.605 103.385 6 L 105.864 8.478 C 106.26 8.873 106.26 9.514 105.864 9.909 C 105.667 10.107 105.408 10.205 105.149 10.205 C 104.889 10.205 104.63 10.106 104.434 9.909 L 103.667 9.143 L 103.667 24.857 L 104.434 24.091 C 104.829 23.696 105.468 23.696 105.864 24.091 C 106.258 24.486 106.258 25.126 105.863 25.522 Z M 114.148 18.46 L 107.964 18.46 L 108.677 19.174 C 109.073 19.569 109.073 20.21 108.677 20.605 C 108.48 20.803 108.22 20.901 107.961 20.901 C 107.702 20.901 107.442 20.802 107.246 20.605 L 104.808 18.165 C 104.713 18.072 104.64 17.959 104.587 17.835 C 104.485 17.588 104.485 17.309 104.587 17.062 C 104.64 16.937 104.713 16.825 104.808 16.732 L 107.284 14.255 C 107.68 13.86 108.32 13.86 108.715 14.255 C 109.11 14.65 109.11 15.291 108.715 15.686 L 107.964 16.437 L 114.149 16.437 C 114.708 16.437 115.161 16.89 115.161 17.449 C 115.16 18.008 114.707 18.46 114.148 18.46 Z" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 80.533 36.476 A 3.247 3.247 0 1 0 80.53299837650013 36.47924699945883 Z" opacity="0.5" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 9.278 35.006 L 20.39 35.006 L 20.39 24 L 9.278 24 L 9.278 35.006 Z M 10.929 25.567 L 18.819 25.567 L 18.819 31.173 L 16.536 31.173 L 16.536 33.456 L 13.213 33.456 L 13.213 31.173 L 10.93 31.173 L 10.929 25.567 L 10.929 25.567 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 24.253 35.015 L 35.365 35.015 L 35.365 24.009 L 24.253 24.009 L 24.253 35.015 Z M 25.904 25.576 L 33.794 25.576 L 33.794 31.182 L 31.51 31.182 L 31.51 33.465 L 28.187 33.465 L 28.187 31.182 L 25.904 31.182 L 25.904 25.576 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 50.3 24.009 L 39.188 24.009 L 39.188 35.014 L 50.3 35.014 L 50.3 24.009 Z M 48.729 31.173 L 46.446 31.173 L 46.446 33.456 L 43.123 33.456 L 43.123 31.173 L 40.84 31.173 L 40.84 25.567 L 48.73 25.567 L 48.729 31.173 L 48.729 31.173 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 54.123 35.023 L 65.234 35.023 L 65.234 24.018 L 54.123 24.018 L 54.123 35.023 Z M 55.774 25.567 L 63.664 25.567 L 63.664 31.173 L 61.38 31.173 L 61.38 33.456 L 58.057 33.456 L 58.057 31.173 L 55.774 31.173 L 55.774 25.567 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 9.278 49.95 L 20.39 49.95 L 20.39 38.944 L 9.278 38.944 L 9.278 49.95 Z M 10.929 40.502 L 18.819 40.502 L 18.819 46.108 L 16.536 46.108 L 16.536 48.391 L 13.213 48.391 L 13.213 46.108 L 10.93 46.108 L 10.929 40.502 L 10.929 40.502 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 24.253 49.958 L 35.365 49.958 L 35.365 38.953 L 24.253 38.953 L 24.253 49.958 Z M 25.904 40.52 L 33.794 40.52 L 33.794 46.126 L 31.51 46.126 L 31.51 48.408 L 28.187 48.408 L 28.187 46.126 L 25.904 46.126 L 25.904 40.52 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 39.228 49.966 L 50.34 49.966 L 50.34 38.962 L 39.228 38.962 L 39.228 49.966 Z M 40.839 40.511 L 48.729 40.511 L 48.729 46.117 L 46.446 46.117 L 46.446 48.4 L 43.123 48.4 L 43.123 46.117 L 40.84 46.117 L 40.839 40.511 L 40.839 40.511 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 54.123 49.966 L 65.234 49.966 L 65.234 38.962 L 54.123 38.962 L 54.123 49.966 Z M 55.774 40.511 L 63.664 40.511 L 63.664 46.117 L 61.38 46.117 L 61.38 48.4 L 58.057 48.4 L 58.057 46.117 L 55.774 46.117 L 55.774 40.511 Z" opacity="0.65" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 11.504 57.898 L 92.919 57.898 Q 92.919 57.898 92.919 57.898 L 92.919 62.69 Q 92.919 62.69 92.919 62.69 L 11.504 62.69 Q 11.504 62.69 11.504 62.69 L 11.504 57.898 Q 11.504 57.898 11.504 57.898 Z" opacity="0.7" stroke-opacity="0" stroke-miterlimit="10"/></g><g><path fill="#FFFFFF" stroke="rgb(0,0,0)" d="M 85.525 18.936 L 5.082 18.936 C 4.255 18.936 3.582 19.609 3.582 20.436 L 3.582 53.397 C 3.582 54.224 4.255 54.897 5.082 54.897 L 11.504 54.897 L 92.919 54.897 L 99.082 54.897 C 99.909 54.897 100.582 54.224 100.582 53.397 L 100.582 34.526 C 92.561 33.543 86.232 27.039 85.525 18.936 Z M 20.389 49.95 L 9.278 49.95 L 9.278 38.944 L 20.39 38.944 L 20.389 49.95 L 20.389 49.95 Z M 20.389 35.006 L 9.278 35.006 L 9.278 24 L 20.39 24 L 20.389 35.006 L 20.389 35.006 Z M 35.365 49.958 L 24.253 49.958 L 24.253 38.953 L 35.365 38.953 L 35.365 49.958 Z M 35.365 35.015 L 24.253 35.015 L 24.253 24.009 L 35.365 24.009 L 35.365 35.015 Z M 39.188 24.009 L 50.3 24.009 L 50.3 35.014 L 39.188 35.014 L 39.188 24.009 Z M 50.34 49.966 L 39.228 49.966 L 39.228 38.962 L 50.34 38.962 L 50.34 49.966 Z M 65.234 49.966 L 54.123 49.966 L 54.123 38.962 L 65.234 38.962 L 65.234 49.966 Z M 65.234 35.023 L 54.123 35.023 L 54.123 24.018 L 65.234 24.018 L 65.234 35.023 Z M 77.286 39.723 C 75.493 39.723 74.039 38.269 74.039 36.476 C 74.039 34.683 75.493 33.229 77.286 33.229 C 79.079 33.229 80.533 34.683 80.533 36.476 C 80.533 38.269 79.08 39.723 77.286 39.723 Z M 89.541 39.723 C 87.748 39.723 86.294 38.269 86.294 36.476 C 86.294 34.683 87.748 33.229 89.541 33.229 C 91.334 33.229 92.788 34.683 92.788 36.476 C 92.787 38.269 91.334 39.723 89.541 39.723 Z" opacity="0.93" stroke-opacity="0" stroke-miterlimit="10"/></g></g></g></g></g><g transform="matrix(1,0,0,1,250,51)"><g transform="translate(92,238) matrix(1,0,0,1,0,0) translate(-92,-238)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="140" height="70" fill-opacity="0"/></g></g><g transform="translate(92,238) matrix(1,0,0,1,0,0) translate(-92,-238)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="140" height="14" fill-opacity="0"/></g></g><g transform="translate(92,238) matrix(1,0,0,1,0,0) translate(-92,-238)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="140" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="12">Network</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="47" y="12">Router</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="83" y="12"> (</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="91" y="12">gateway</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="135" y="12">)</text></g><g transform="translate(92,238) matrix(1,0,0,1,0,0) translate(-92,-238)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="140" height="14" fill-opacity="0"/></g></g><g transform="translate(92,238) matrix(1,0,0,1,0,0) translate(-92,-238)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="127" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="26">vlan10</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="35" y="26"> -</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46" y="26">192</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="66" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="69" y="26">168</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="89" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="93" y="26">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="99" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="103" y="26">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="109" y="26">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="113" y="26">24</text></g><g transform="translate(92,238) matrix(1,0,0,1,0,0) translate(-92,-238)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="28" width="140" height="14" fill-opacity="0"/></g></g><g transform="translate(92,238) matrix(1,0,0,1,0,0) translate(-92,-238)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="28" width="47" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="40">vlan20</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="35" y="40"> -&#160;</text></g><g transform="translate(92,238) matrix(1,0,0,1,0,0) translate(-92,-238)"><g><rect fill="rgb(0,0,0)" stroke="none" x="46" y="28" width="74" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46" y="40">172</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="66" y="40">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="69" y="40">16</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="83" y="40">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="86" y="40">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="93" y="40">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="96" y="40">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="103" y="40">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="106" y="40">24</text></g><g transform="translate(92,238) matrix(1,0,0,1,0,0) translate(-92,-238)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="42" width="140" height="14" fill-opacity="0"/></g></g><g transform="translate(92,238) matrix(1,0,0,1,0,0) translate(-92,-238)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="42" width="47" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="0" y="54">vlan30</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="35" y="54"> -&#160;</text></g><g transform="translate(92,238) matrix(1,0,0,1,0,0) translate(-92,-238)"><g><rect fill="rgb(0,0,0)" stroke="none" x="46" y="42" width="61" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46" y="54">10</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59" y="54">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="63" y="54">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="69" y="54">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="73" y="54">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="79" y="54">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="83" y="54">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="89" y="54">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="93" y="54">16</text></g></g><g transform="matrix(1,0,0,1,48,60)"><g transform="translate(0,0)"><g transform="translate(-62,-55) translate(14,-5) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#e06666" d="M 54 66 L 54 79 Q 54 89 64 89 L 78 89 Q 88 89 88 99 L 88 112" stroke-miterlimit="10" stroke-width="5"/></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,12.805718530101615,11.940280333547719)"><g><g transform="translate(0,0) scale(0.8417223432141461,0.83)"><g><g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 16.22 L -1.393 16.22 L -1.393 99.52 L 52.371 99.52" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 52.371 99.52 L 69.07 82.82 L 69.07 -0.48 L 19.98 -0.48 L -1.393 16.22 L 52.371 16.22 L 52.371 99.52 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 52.371 16.22 L 69.07 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 25.3 16.22 L 25.3 99.52" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="rgb(0,0,0)" stroke="#FFFFFF" d="M 26.149 16.22 L 44.316 -0.48" fill-opacity="0" stroke-miterlimit="10" stroke-width="1.3594"/></g></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 23.823 L 21.317 23.823 Q 21.317 23.823 21.317 23.823 L 21.317 34.868 Q 21.317 34.868 21.317 34.868 L 3.263 34.868 Q 3.263 34.868 3.263 34.868 L 3.263 23.823 Q 3.263 23.823 3.263 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 23.823 L 47.207 23.823 Q 47.207 23.823 47.207 23.823 L 47.207 34.868 Q 47.207 34.868 47.207 34.868 L 29.156 34.868 Q 29.156 34.868 29.156 34.868 L 29.156 23.823 Q 29.156 23.823 29.156 23.823 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 64.604 L 21.317 64.604 Q 21.317 64.604 21.317 64.604 L 21.317 75.648 Q 21.317 75.648 21.317 75.648 L 3.263 75.648 Q 3.263 75.648 3.263 75.648 L 3.263 64.604 Q 3.263 64.604 3.263 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 64.604 L 47.207 64.604 Q 47.207 64.604 47.207 64.604 L 47.207 75.648 Q 47.207 75.648 47.207 75.648 L 29.156 75.648 Q 29.156 75.648 29.156 75.648 L 29.156 64.604 Q 29.156 64.604 29.156 64.604 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 3.263 82.445 L 21.317 82.445 Q 21.317 82.445 21.317 82.445 L 21.317 93.49 Q 21.317 93.49 21.317 93.49 L 3.263 93.49 Q 3.263 93.49 3.263 93.49 L 3.263 82.445 Q 3.263 82.445 3.263 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g><g><path fill="#3d85c6" stroke="#FFFFFF" d="M 29.156 82.445 L 47.207 82.445 Q 47.207 82.445 47.207 82.445 L 47.207 93.49 Q 47.207 93.49 47.207 93.49 L 29.156 93.49 Q 29.156 93.49 29.156 93.49 L 29.156 82.445 Q 29.156 82.445 29.156 82.445 Z" stroke-miterlimit="10" stroke-width="1.3594"/></g></g></g></g></g><g transform="matrix(1,0,0,1,66,73)"><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="57" height="14" fill-opacity="0"/></g></g><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="57" height="14" fill-opacity="0"/></g></g><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="8" y="0" width="41" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="8" y="12">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="32" y="12">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="35" y="12">10</text></g></g><g transform="matrix(1,0,0,1,67,52)"><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="57" height="14" fill-opacity="0"/></g></g><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="57" height="14" fill-opacity="0"/></g></g><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="8" y="0" width="41" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="8" y="12">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="32" y="12">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="35" y="12">20</text></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,7.386363636363733,108.14285409109937)"><g><g transform="translate(0,0) scale(1.7571428571428573,2.3636363636363638)"><g><g><g><path fill="#999999" stroke="rgb(0,0,0)" d="M 58.97 19.094 C 58.977 18.895 59 18.7 59 18.5 C 59 8.283 50.717 0 40.5 0 C 33.11 0 26.751 4.344 23.787 10.607 C 22.275 9.593 20.458 9 18.5 9 C 13.5 9 9.41 12.866 9.037 17.771 C 3.778 19.616 0 24.61 0 30.5 C 0 37.787 5.778 43.71 13 43.975 L 13 44 L 58 44 L 58 43.975 C 64.671 43.71 70 38.235 70 31.5 C 70 25.095 65.18 19.822 58.97 19.094 Z M 58 41.975 L 58 42 L 13 42 L 13 41.975 C 6.883 41.711 2 36.683 2 30.5 C 2 24.994 5.872 20.398 11.039 19.271 C 11.013 19.017 11 18.76 11 18.5 C 11 14.357 14.358 11 18.5 11 C 21.017 11 23.239 12.244 24.6 14.146 C 26.512 7.15 32.897 2 40.5 2 C 49.613 2 57 9.388 57 18.5 C 57 19.353 56.914 20.183 56.79 21 L 58 21 L 58 21.025 C 63.565 21.288 68 25.87 68 31.5 C 68 37.13 63.565 41.712 58 41.975 Z" stroke-opacity="0" stroke-miterlimit="10"/></g></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,170.65404609475036,143.99656534721677)"><g><g transform="translate(0,0) scale(0.44395492957746485,0.26378466557911767)"><g><path fill="url(#SeALyqvahCFZ)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(2.2524809014999616,3.790970933828097)"><path fill="none" stroke="none" d="M 0 0 L 44.395492957746484 0 Q 44.395492957746484 0 44.395492957746484 0 L 44.395492957746484 26.378466557911768 Q 44.395492957746484 26.378466557911768 44.395492957746484 26.378466557911768 L 0 26.378466557911768 Q 0 26.378466557911768 0 26.378466557911768 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#SeALyqvahCFZ)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 44.395492957746484 0 Q 44.395492957746484 0 44.395492957746484 0 L 44.395492957746484 26.378466557911768 Q 44.395492957746484 26.378466557911768 44.395492957746484 26.378466557911768 L 0 26.378466557911768 Q 0 26.378466557911768 0 26.378466557911768 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,174.53252582967698,139.4965653472169)"><g transform="translate(0,0)"><g transform="translate(-177.7573249679898,-143.64485245977795) translate(3.224799138312818,4.148287112561064) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 179.03252582967698 143.9965653472169 L 179.03252582967698 170.37503190512842" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,202.11478334058148,139.4965653472165)"><g transform="translate(0,0)"><g transform="translate(-207.50230524967998,-145.05170400953324) translate(5.387521909098496,5.55513866231675) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 206.61478334058148 143.9965653472165 L 206.61478334058148 170.37503190512865" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,188.35179257362358,139.49656534721677)"><g transform="translate(0,0)"><g transform="translate(-191.5199277848912,-145.05170400953324) translate(3.168135211267611,5.555138662316466) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 192.85179257362358 143.99656534721677 L 192.85179257362358 170.37503190512854" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,141,177)"><g transform="translate(18,28) matrix(1,0,0,1,0,0) translate(-18,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="104" height="28" fill-opacity="0"/></g></g><g transform="translate(18,28) matrix(1,0,0,1,0,0) translate(-18,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="104" height="14" fill-opacity="0"/></g></g><g transform="translate(18,28) matrix(1,0,0,1,0,0) translate(-18,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="1" y="0" width="103" height="14" fill-opacity="0"/></g></g><g transform="translate(18,28) matrix(1,0,0,1,0,0) translate(-18,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="1" y="0" width="103" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="1" y="12">container2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="12"> -</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="12">vlan20</text></g><g transform="translate(18,28) matrix(1,0,0,1,0,0) translate(-18,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="104" height="14" fill-opacity="0"/></g></g><g transform="translate(18,28) matrix(1,0,0,1,0,0) translate(-18,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="16" y="14" width="74" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="16" y="26">172</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="36" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="39" y="26">16</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="52" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="56" y="26">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="62" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="66" y="26">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="72" y="26">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="76" y="26">24</text></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,259.38636363636374,108.14285409109937)"><g><g transform="translate(0,0) scale(1.7571428571428573,2.3636363636363638)"><g><g><g><path fill="#999999" stroke="rgb(0,0,0)" d="M 58.97 19.094 C 58.977 18.895 59 18.7 59 18.5 C 59 8.283 50.717 0 40.5 0 C 33.11 0 26.751 4.344 23.787 10.607 C 22.275 9.593 20.458 9 18.5 9 C 13.5 9 9.41 12.866 9.037 17.771 C 3.778 19.616 0 24.61 0 30.5 C 0 37.787 5.778 43.71 13 43.975 L 13 44 L 58 44 L 58 43.975 C 64.671 43.71 70 38.235 70 31.5 C 70 25.095 65.18 19.822 58.97 19.094 Z M 58 41.975 L 58 42 L 13 42 L 13 41.975 C 6.883 41.711 2 36.683 2 30.5 C 2 24.994 5.872 20.398 11.039 19.271 C 11.013 19.017 11 18.76 11 18.5 C 11 14.357 14.358 11 18.5 11 C 21.017 11 23.239 12.244 24.6 14.146 C 26.512 7.15 32.897 2 40.5 2 C 49.613 2 57 9.388 57 18.5 C 57 19.353 56.914 20.183 56.79 21 L 58 21 L 58 21.025 C 63.565 21.288 68 25.87 68 31.5 C 68 37.13 63.565 41.712 58 41.975 Z" stroke-opacity="0" stroke-miterlimit="10"/></g></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,296.65404609475036,143.99656534721677)"><g><g transform="translate(0,0) scale(0.44395492957746485,0.26378466557911767)"><g><path fill="url(#KIKSmddbxdCC)" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(2.2524809014999616,3.790970933828097)"><path fill="none" stroke="none" d="M 0 0 L 44.395492957746484 0 Q 44.395492957746484 0 44.395492957746484 0 L 44.395492957746484 26.378466557911768 Q 44.395492957746484 26.378466557911768 44.395492957746484 26.378466557911768 L 0 26.378466557911768 Q 0 26.378466557911768 0 26.378466557911768 L 0 0 Q 0 0 0 0 Z"/><path fill="url(#KIKSmddbxdCC)" stroke="#6fa8dc" d="M 0 0 M 0 0 L 44.395492957746484 0 Q 44.395492957746484 0 44.395492957746484 0 L 44.395492957746484 26.378466557911768 Q 44.395492957746484 26.378466557911768 44.395492957746484 26.378466557911768 L 0 26.378466557911768 Q 0 26.378466557911768 0 26.378466557911768 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,300.53252582967696,139.4965653472169)"><g transform="translate(0,0)"><g transform="translate(-303.7573249679898,-143.64485245977795) translate(3.2247991383128465,4.148287112561064) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 305.03252582967696 143.9965653472169 L 305.03252582967696 170.37503190512842" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,328.1147833405815,139.4965653472165)"><g transform="translate(0,0)"><g transform="translate(-333.50230524968,-145.05170400953324) translate(5.387521909098496,5.55513866231675) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 332.6147833405815 143.9965653472165 L 332.6147833405815 170.37503190512865" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,314.3517925736236,139.49656534721677)"><g transform="translate(0,0)"><g transform="translate(-317.5199277848912,-145.05170400953324) translate(3.168135211267611,5.555138662316466) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#0b5394" d="M 318.8517925736236 143.99656534721677 L 318.8517925736236 170.37503190512854" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g><g transform="matrix(1,0,0,1,267,177)"><g transform="translate(24,28) matrix(1,0,0,1,0,0) translate(-24,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="104" height="28" fill-opacity="0"/></g></g><g transform="translate(24,28) matrix(1,0,0,1,0,0) translate(-24,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="104" height="14" fill-opacity="0"/></g></g><g transform="translate(24,28) matrix(1,0,0,1,0,0) translate(-24,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="1" y="0" width="103" height="14" fill-opacity="0"/></g></g><g transform="translate(24,28) matrix(1,0,0,1,0,0) translate(-24,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="1" y="0" width="103" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="1" y="12">container3</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="57" y="12"> -</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="68" y="12">vlan30</text></g><g transform="translate(24,28) matrix(1,0,0,1,0,0) translate(-24,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="104" height="14" fill-opacity="0"/></g></g><g transform="translate(24,28) matrix(1,0,0,1,0,0) translate(-24,-28)"><g><rect fill="rgb(0,0,0)" stroke="none" x="22" y="14" width="61" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="22" y="26">10</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="36" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="39" y="26">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="49" y="26">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="56" y="26">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59" y="26">2</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="66" y="26">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="69" y="26">16</text></g></g><g transform="matrix(1,0,0,1,67,31)"><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="57" height="14" fill-opacity="0"/></g></g><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="57" height="14" fill-opacity="0"/></g></g><g transform="translate(8,0) matrix(1,0,0,1,0,0) translate(-8,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="8" y="0" width="41" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="8" y="12">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="32" y="12">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="35" y="12">30</text></g></g><g transform="matrix(1,0,0,1,5,95)"><g transform="translate(4,0) matrix(1,0,0,1,0,0) translate(-4,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="75" height="28" fill-opacity="0"/></g></g><g transform="translate(4,0) matrix(1,0,0,1,0,0) translate(-4,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="75" height="14" fill-opacity="0"/></g></g><g transform="translate(4,0) matrix(1,0,0,1,0,0) translate(-4,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="4" y="0" width="67" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="4" y="12">Docker</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="46" y="12">Host</text></g></g></g></svg>
\ No newline at end of file
diff --git a/experimental/images/vlans-deeper-look.gliffy b/experimental/images/vlans-deeper-look.gliffy
new file mode 100644
index 00000000..4d9f2761
--- /dev/null
+++ b/experimental/images/vlans-deeper-look.gliffy
@@ -0,0 +1 @@
+{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#FFFFFF","width":566,"height":581,"nodeIndex":500,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":{"uid":"com.gliffy.theme.beach_day","name":"Beach Day","shape":{"primary":{"strokeWidth":2,"strokeColor":"#00A4DA","fillColor":"#AEE4F4","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#004257"}},"secondary":{"strokeWidth":2,"strokeColor":"#CDB25E","fillColor":"#EACF81","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#332D1A"}},"tertiary":{"strokeWidth":2,"strokeColor":"#FFBE00","fillColor":"#FFF1CB","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#000000"}},"highlight":{"strokeWidth":2,"strokeColor":"#00A4DA","fillColor":"#00A4DA","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#ffffff"}}},"line":{"strokeWidth":2,"strokeColor":"#00A4DA","fillColor":"none","arrowType":2,"interpolationType":"quadratic","cornerRadius":0,"text":{"color":"#002248"}},"text":{"color":"#002248"},"stage":{"color":"#FFFFFF"}},"viewportType":"default","fitBB":{"min":{"x":-3,"y":-1.0100878848684474},"max":{"x":566,"y":581}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":-5.0,"y":-1.0100878848684474,"rotation":0.0,"id":499,"width":569.0,"height":582.0100878848684,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":103,"lockAspectRatio":false,"lockShape":false,"children":[{"x":374.0,"y":44.510087884868476,"rotation":0.0,"id":497,"width":145.0,"height":32.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":101,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:14px;\"><span style=\"font-weight:bold;\">Network &amp;&nbsp;</span></span><span style=\"font-size:14px;\"><span style=\"font-weight:bold;\">other </span></span></p><p style=\"text-align:center;\"><span style=\"font-size:14px;\"><span style=\"font-weight:bold;\">Docker Hosts</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":157.40277777777783,"y":108.18042331083174,"rotation":0.0,"id":492,"width":121.19444444444446,"height":256.03113588084784,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":99,"lockAspectRatio":false,"lockShape":false,"children":[{"x":-126.13675213675185,"y":31.971494223140525,"rotation":180.0,"id":453,"width":11.1452323717951,"height":61.19357171974171,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":57,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#38761d","fillColor":"#38761d","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-121.4915197649562,-156.36606993796556],[-121.49151976495622,-99.52846483047983],[-229.68596420939843,-99.52846483047591],[-229.68596420939843,-34.22088765589871]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":289.82598824786317,"y":137.23816896148608,"rotation":180.0,"id":454,"width":11.1452323717951,"height":61.19357171974171,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":55,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#38761d","fillColor":"#38761d","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[291.05455395299924,191.93174068122784],[291.05455395299924,106.06051735724502],[186.27677617521402,106.06051735724502],[186.27677617521402,69.78655839914467]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":372.0,"y":332.0100878848684,"rotation":0.0,"id":490,"width":144.0,"height":60.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":97,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":9.5,"rotation":0.0,"id":365,"width":141.0,"height":40.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":98,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:18px;font-family:Arial;\">&nbsp;Parent: <span style=\"font-weight:bold;\">eth0.30</span></span></p><p style=\"text-align:center;\"><span style=\"font-size:18px;font-family:Arial;\">VLAN: <span style=\"font-weight:bold;\">30</span></span></p><p style=\"text-align:center;\"></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":0.0,"rotation":0.0,"id":342,"width":144.0,"height":60.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":96,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#eb6c6c","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.99,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":52.0,"y":332.0100878848684,"rotation":0.0,"id":489,"width":144.0,"height":60.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":92,"lockAspectRatio":false,"lockShape":false,"children":[{"x":1.0,"y":10.5,"rotation":0.0,"id":367,"width":138.0,"height":40.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":93,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:18px;font-family:Arial;\"><span style=\"\">Parent</span>: <span style=\"font-weight:bold;\">eth0.10</span></span></p><p style=\"text-align:center;\"><span style=\"font-size:18px;font-family:Arial;\">VLAN ID</span><span style=\"font-size:18px;font-family:Arial;\">:</span><span style=\"font-size:18px;font-weight:bold;font-family:Arial;\"> <span style=\"\">10</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":0.0,"rotation":0.0,"id":340,"width":144.0,"height":60.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":91,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#5fcc5a","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.99,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":289.40277777777794,"y":126.43727235088903,"rotation":0.0,"id":486,"width":121.19444444444446,"height":250.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":88,"lockAspectRatio":false,"lockShape":false,"children":[{"x":236.18596420940128,"y":158.89044937932732,"rotation":0.0,"id":449,"width":11.1452323717951,"height":59.50782702798556,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":53,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#cc0000","fillColor":"#cc0000","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-121.49151976495682,-152.05853787273531],[-121.49151976495682,-81.64750068755309],[-229.68596420940125,-81.64750068755139],[-229.68596420940125,-33.27817949077674]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":-179.77677617521388,"y":56.523633779319084,"rotation":0.0,"id":450,"width":11.1452323717951,"height":59.50782702798556,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":51,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#cc0000","fillColor":"#cc0000","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[291.0545539529992,186.6444547140887],[291.0545539529992,117.79470574474337],[186.276776175214,117.79470574474337],[186.276776175214,67.8640963321146]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":447.0,"y":150.01008788486848,"rotation":0.0,"id":472,"width":46.99999999999994,"height":27.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":87,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":473,"width":37.09803921568625,"height":18.000000000000004,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":86,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#666666","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":5.485490196078445,"y":5.153846153846132,"rotation":0.0,"id":474,"width":37.09803921568625,"height":18.000000000000004,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":84,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#666666","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":9.901960784313701,"y":9.0,"rotation":0.0,"id":475,"width":37.09803921568625,"height":18.000000000000004,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":82,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#666666","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":368.0,"y":101.71008483311067,"rotation":0.0,"id":477,"width":140.0,"height":56.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":80,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\">Gateway&nbsp;</span><span style=\"font-weight:bold;\">10.1.30.1</span></p><p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:bold;\">&nbsp;</span><span style=\"\">&nbsp;and other&nbsp;</span><span style=\"\">containers on the same VLAN/</span><span style=\"\">subnet</span></p><p style=\"text-align:center;\"><span style=\"text-decoration:none;\">&nbsp;</span></p><p style=\"text-align:center;\"></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":350.51767083236393,"y":87.47159983339776,"rotation":0.0,"id":478,"width":175.20345848455912,"height":73.0,"uid":"com.gliffy.shape.cisco.cisco_v1.storage.cloud","order":79,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.storage.cloud","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#cc0000","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":94.0,"y":155.01008788486848,"rotation":0.0,"id":463,"width":46.99999999999994,"height":27.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":78,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":464,"width":37.09803921568625,"height":18.000000000000004,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":77,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#666666","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":5.485490196078445,"y":5.153846153846132,"rotation":0.0,"id":465,"width":37.09803921568625,"height":18.000000000000004,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":75,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#666666","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":9.901960784313701,"y":9.0,"rotation":0.0,"id":466,"width":37.09803921568625,"height":18.000000000000004,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":73,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#666666","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":80.0,"y":109.71008483311067,"rotation":0.0,"id":468,"width":140.0,"height":56.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":71,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\">Gateway&nbsp;</span><span style=\"font-weight:bold;\">10.1.10.1</span></p><p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:bold;\">&nbsp;</span><span style=\"\">&nbsp;and other&nbsp;</span><span style=\"\">containers on the same VLAN/</span><span style=\"\">subnet</span></p><p style=\"text-align:center;\"><span style=\"text-decoration:none;\">&nbsp;</span></p><p style=\"text-align:center;\"></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":62.51767083236396,"y":95.47159983339776,"rotation":0.0,"id":469,"width":175.20345848455912,"height":73.0,"uid":"com.gliffy.shape.cisco.cisco_v1.storage.cloud","order":70,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.storage.cloud","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#38761d","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":341.0,"y":40.010087884868476,"rotation":0.0,"id":460,"width":46.99999999999994,"height":27.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":69,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":417,"width":37.09803921568625,"height":18.000000000000004,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":68,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#666666","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":5.485490196078445,"y":5.153846153846132,"rotation":0.0,"id":418,"width":37.09803921568625,"height":18.000000000000004,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":66,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#666666","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":9.901960784313701,"y":9.0,"rotation":0.0,"id":419,"width":37.09803921568625,"height":18.000000000000004,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":64,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#666666","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":198.51767083236396,"y":41.471599833397754,"rotation":0.0,"id":459,"width":175.20345848455912,"height":79.73848499971291,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":62,"lockAspectRatio":false,"lockShape":false,"children":[{"x":17.482329167636067,"y":14.23848499971291,"rotation":0.0,"id":458,"width":140.0,"height":56.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":61,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:12px;font-family:Arial;\">Gateway&nbsp;</span><span style=\"font-weight:bold;\">10.1.20.1</span></p><p style=\"text-align:center;\"><span style=\"text-decoration:none;font-weight:bold;\">&nbsp;</span><span style=\"\">&nbsp;and other&nbsp;</span><span style=\"\">containers on the same VLAN/</span><span style=\"\">subnet</span></p><p style=\"text-align:center;\"><span style=\"text-decoration:none;\">&nbsp;</span></p><p style=\"text-align:center;\"></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":0.0,"rotation":0.0,"id":330,"width":175.20345848455912,"height":73.0,"uid":"com.gliffy.shape.cisco.cisco_v1.storage.cloud","order":59,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.storage.cloud","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#ff9900","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":279.0,"y":129.01008788486848,"rotation":0.0,"id":440,"width":5.0,"height":227.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":49,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#ff9900","fillColor":"#ff9900","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[4.000000000000057,-25.08952732449731],[4.000000000000114,176.01117206537933]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":56.0,"y":503.0913886978766,"rotation":0.0,"id":386,"width":135.0,"height":20.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":48,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:18px;font-family:Arial;\">Frontend</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":62.0,"y":420.0100878848684,"rotation":0.0,"id":381,"width":120.0,"height":74.18803418803415,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":41,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":382,"width":102.08955223880598,"height":54.91841491841488,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":44,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.97,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0417910447761187,"y":0.0,"rotation":0.0,"id":383,"width":98.00597014925374,"height":44.0,"uid":null,"order":47,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">Container(s)</span></p><p style=\"text-align:center;\"><span style=\"font-size:13px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Eth0 <span style=\"font-weight:bold;\">10.1.10.0/24</span></span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":8.955223880597016,"y":9.634809634809635,"rotation":0.0,"id":384,"width":102.08955223880598,"height":54.91841491841488,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":42,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.97,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":17.910447761194032,"y":19.26961926961927,"rotation":0.0,"id":385,"width":102.08955223880598,"height":54.91841491841488,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":40,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.97,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":382.0,"y":420.0100878848684,"rotation":0.0,"id":376,"width":120.0,"height":74.18803418803415,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":31,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":377,"width":102.08955223880598,"height":54.91841491841488,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":34,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.97,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0417910447761187,"y":0.0,"rotation":0.0,"id":378,"width":98.00597014925374,"height":44.0,"uid":null,"order":37,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">Container(s)</span></p><p style=\"text-align:center;\"><span style=\"font-size:13px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Eth0 <span style=\"font-weight:bold;\">10.1.30.0/24</span></span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":8.955223880597016,"y":9.634809634809635,"rotation":0.0,"id":379,"width":102.08955223880598,"height":54.91841491841488,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":32,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.97,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":17.910447761194032,"y":19.26961926961927,"rotation":0.0,"id":380,"width":102.08955223880598,"height":54.91841491841488,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":30,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.97,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":214.0,"y":503.0100878848685,"rotation":0.0,"id":374,"width":135.0,"height":20.162601626016258,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":27,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:18px;font-family:Arial;\">Backend</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":376.0,"y":502.0100878848684,"rotation":0.0,"id":373,"width":135.0,"height":20.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":26,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:18px;font-family:Arial;\">Credit Cards</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":627.0,"y":99.94304076572786,"rotation":0.0,"id":364,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":25,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":363,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":342,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-183.0,310.0670471191406],[-183.0,292.0670471191406]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":372.0,"y":410.0100878848684,"rotation":0.0,"id":363,"width":144.0,"height":117.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":24,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#eb6c6c","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.99,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":218.0,"y":341.5100878848684,"rotation":0.0,"id":366,"width":132.0,"height":40.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":23,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:18px;font-family:Arial;\">Parent: <span style=\"font-weight:bold;\">eth0.20</span></span></p><p style=\"text-align:center;\"><span style=\"font-size:18px;font-family:Arial;\">VLAN ID: <span style=\"font-weight:bold;\">20</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":297.0,"y":89.94304076572786,"rotation":0.0,"id":356,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":22,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":353,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":343,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-13.0,320.0670471191406],[-13.0,302.0670471191406]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":222.0,"y":420.0100878848684,"rotation":0.0,"id":348,"width":120.0,"height":74.18803418803415,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":21,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":349,"width":102.08955223880598,"height":54.91841491841488,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":17,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.97,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0417910447761187,"y":0.0,"rotation":0.0,"id":350,"width":98.00597014925374,"height":44.0,"uid":null,"order":20,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"\">Container(s)</span></p><p style=\"text-align:center;\"><span style=\"font-size:13px;text-decoration:none;font-family:Arial;\"><span style=\"text-decoration:none;\">Eth0 <span style=\"font-weight:bold;\">10.1.20.0/24</span></span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":8.955223880597016,"y":9.634809634809635,"rotation":0.0,"id":351,"width":102.08955223880598,"height":54.91841491841488,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":15,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.97,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":17.910447761194032,"y":19.26961926961927,"rotation":0.0,"id":352,"width":102.08955223880598,"height":54.91841491841488,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":13,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.97,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":212.0,"y":410.0100878848684,"rotation":0.0,"id":353,"width":144.0,"height":119.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":11,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#fca13f","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.99,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":212.0,"y":332.0100878848684,"rotation":0.0,"id":343,"width":144.0,"height":60.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":10,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#fca13f","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.99,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":203.0,"y":307.5100878848684,"rotation":0.0,"id":333,"width":160.0,"height":22.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":9,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:20px;font-family:Arial;\"><span style=\"font-weight:bold;\">eth0</span>&nbsp;Interface</span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":303.0,"y":240.51008788486845,"rotation":0.0,"id":323,"width":261.0,"height":48.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":8,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:14px;font-weight:bold;font-family:Arial;\">802.1Q Trunk - </span><span style=\"font-size:14px;font-family:Arial;\"><span style=\"font-style:italic;\">can be a single Ethernet link or Multiple Bonded Ethernet links</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":36.0,"y":291.0100878848684,"rotation":0.0,"id":290,"width":497.0,"height":80.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":7,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#cccccc","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":543.5100878848684,"rotation":0.0,"id":282,"width":569.0,"height":32.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":6,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"<p style=\"text-align:center;\"><span style=\"font-size:14px;\"><span style=\"font-weight:bold;\">Docker Host</span></span><span style=\"font-size:14px;font-style:italic;\">: Frontend, Backend &amp; Credit Card App Tiers are&nbsp;<span style=\"font-weight:bold;\">Isolated</span></span><span style=\"font-size:14px;\">&nbsp;but can still communicate inside <span style=\"font-weight:bold;\">parent</span> interface or any other Docker hosts using the <span style=\"font-weight:bold;\">VLAN ID</span></span></p>","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":-33.0,"y":79.94304076572786,"rotation":0.0,"id":269,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":5,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":345,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":340,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[157.0,330.0670471191406],[157.0,312.0670471191406]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":52.0,"y":410.0100878848684,"rotation":0.0,"id":345,"width":144.0,"height":119.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":4,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#5fcc5a","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.99,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":20.0,"y":323.0100878848684,"rotation":0.0,"id":276,"width":531.0,"height":259.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":3,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#434343","fillColor":"#c5e4fc","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.93,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":19.609892022503004,"y":20.27621073737908,"rotation":355.62347411485274,"id":246,"width":540.0106597126834,"height":225.00000000000003,"uid":"com.gliffy.shape.cisco.cisco_v1.storage.cloud","order":2,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.storage.cloud","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#999999","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":1.0,"y":99.94304076572786,"rotation":0.0,"id":394,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":1,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":3.0,"strokeColor":"#666666","fillColor":"#999999","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[261.0,233.5670471191406],[261.0,108.05111187584177]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":44.0,"y":90.94304076572786,"rotation":0.0,"id":481,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":0,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":3.0,"strokeColor":"#666666","fillColor":"#999999","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[261.0,233.56704711914062],[261.0,108.05111187584174]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":104}],"shapeStyles":{},"lineStyles":{"global":{"fill":"#999999","stroke":"#38761d","strokeWidth":3,"dashStyle":"1.0,1.0","orthoMode":2}},"textStyles":{"global":{"bold":true,"face":"Arial","size":"14px","color":"#000000"}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.basic.basic_v1.default","com.gliffy.libraries.flowchart.flowchart_v1.default","com.gliffy.libraries.swimlanes.swimlanes_v1.default","com.gliffy.libraries.images","com.gliffy.libraries.network.network_v4.home","com.gliffy.libraries.network.network_v4.business","com.gliffy.libraries.network.network_v4.rack","com.gliffy.libraries.network.network_v3.home","com.gliffy.libraries.network.network_v3.business","com.gliffy.libraries.network.network_v3.rack"],"lastSerialized":1458117295143,"analyticsProduct":"Confluence"},"embeddedResources":{"index":0,"resources":[]}}
\ No newline at end of file
diff --git a/experimental/images/vlans-deeper-look.png b/experimental/images/vlans-deeper-look.png
new file mode 100644
index 0000000000000000000000000000000000000000..32d95f600e1d0f028e5a354584d7b3eac1639e35
GIT binary patch
literal 38837
zcmV(?K-a&CP)<h;3K|Lk000e1NJLTq00EEy00Ei^0{{R37W(Cw0008tP)t-s`}_O;
z{{H*>`~Uy{|NsBV<^9ae%>V!XU&~tip+HNj^66}A$mRQ)nVITrYtHNc(eD3Esqa*>
z`kbAd%gf76to6~-(lK|cWX@pB=>GHa@o3Xzg_^4Ws!jc*N5S0jld8K^uJzT`)$ek1
zjEs!W&(7fC;Fgw^`k+76^8b5_oPvUbLqS5dw6u?pkKFqIl9H1A{QJh>@4UUdh>3~o
zZf_bI8wCUeRju;(_xAs-RR8+*@o{lbulell>t$<pN1EBV(c~*ze50hIqPxz<0|8vM
z`%9C_jGwVjcVFh{<}p1-GKIfSV|9?Fw*B<%##>t)3<s>OtT%C;^muqGbEMhb*uuoa
zthc;2H8U@1m?bADOrYYNL_*Bw_Ge{V*N8X=7YhCG-9?x^NsPS9$HfQ|DjO?231S5M
zlL5N}0aL3>H+?Qtsp(QsPhQMaGY|=~Zwi2)wv~;4X@!<Qi#bJiNce;R<ct|Seyf9R
zPa02hF>Z;naVZ8!1Fgf;UA<XBC>c;zXuVure|>tOWE~Z8pARn$o3h1ObAbNj!%u^*
z_5J^CTT#Z>-^Nl<{-!W<+HSAO-u~F8IZIryPE6BPOvND_pf4@y_4@7P*??SStj416
zXk>tnp?7p^5>${_Fg7T04AS7|-0SlB;o#|%K{jY`-gbA9fN4Oe^_8!W{kmp&I5<C!
z%xrpy;@Qq-R5HBE&}org&cCz@F>V+<Qw|$Y9(BIK)VQ*rio$gr7mF11&CFF22iwiN
zE@e90YHEgKG5yJgFq-FbA{fNErCGKufTVR<$V|b6KF&Nk>7}GvKNhH!eJfrZ;)8=#
zpwqakn3Tfhgs;~cM<7#nn}SJ8E;MGj<o&48@Gyqh++bU0g|6<nx80PJpLsw_vR8yj
z5OJBq(PLwstFil`4pCr>>e#%;Zg8JfS<R=U(X)x_qEw}aV-z)zIYfxgoLb(+pm>z4
zvp_CT_#;99000DZQchF9>dx@GGiCe$0F;4AL_t(|USeQi8bn|eFfcF!*t2>a$5|-4
zqi+-{DqATiEeu5j0zpGVL+6shegeP$D|}pn2ahA~{O#-}nH(wBHO4^h(YZg#^A+KN
z|9(9^qXjyfdTZ6k`BKNgy1XfuI#}PWcKuvVT6W&stlrk;s=3{#zPlN!uhga2huH31
zr`8S1DKDn%eDlluV%M`h{dz*^`D*Y05VF|C*xY@XF0?m}R`!QiLc3?IW1l)P+Mkbp
zJBq5g|83EGj)%%QDk1j+RInXOmzz<@tvi4Bp-w>P4brX&x2%xY?$pi^;{7l%Hg?BD
zJ55Fi5fg+k(=;FYt{WK}yeAHAS9uWfbzKxoYd3T=I6sC4b7@Z&KojH&aBl%8i9-}-
z?#F>Rt(WB<gnS;$Ssn31H;EWHJtY>XR7!D<-vZ}KCSI)MO^Bvvo}kYO<v~c51z~++
zqER3MDmiWv@M|<@RBQ7z6GN$_Du}7`pA26Qg*d_vA~alrBC;UXuI2!xAVTHvl#niP
z1qGcY#9z^ZfflQ9m`0+XuLJ1X`;anI6LvH~X3wtO3LMDH0g%L-CY%$wndZ4Y^oK(`
z=L8>P2n|+wT0-Tfup(p2GARf>`j9s%Aww&IJlPEu;7F=CZlaivP(gV@h;xvwx6ru^
zBi^&_U_fL%zq?{Zo@g+g&zw9$)^C)i6B$@iaQqn!=86J%h^FnBcY0rpJJ~^##7rU?
z7Lv=t9CnGVe@zLhxET65jbUYDjyRLi6sJMZk+@VyPOp6Q@%}}Vp)&zXOA9BNYAhHk
zPJdsifqsfY+%N|TiD4C?WD`w0`Wlr`!dH43t^GJfZmHyz6Tx(urgN<GeqhjX_HElA
zkKLGCOyV^9K_N>IZIt%KOUYC`PTk=3+Npo2+fSsJMp3%#W~E`ov*Wx}10c*&ublvv
zD(EoR5fj}jA^9-=5MTTQ=@$bRPJd^w>3lD^m1R$=xB^95O1JfLE$*m=hd7#awnFfI
zD#V+HQuQK@#*E(m9aYYO(j{^!UfN2$gQhf?l2RVc(U;ow-jcc=gjz}}MQNDWSs4iZ
z4QaYAlx(tTHvtlGHaP&VI~l3qsOa7lf(Ee)RZ5I*lP$iT6L-Wka{_sTCNl%-ybxkS
z{t@#Gc&aLK(%N8{yDNnZLN0Vz8e5P4MVCgHiRyGxA)0AEbR!!|!|8N_D?jwJu5Tw3
zv9+~D;>yZq8tz6Ry2T}RC@Mi5{|t`x9rOAf6MZ*DzETR8mK$;(g!pI|I=C40hySKR
ze=5<`MRq%#)fm!_O{IO!P!_lD_6gA)x8?gNGkhtFBlKPW4et}<k5C%Qg_6+e8z;nx
zA`i<a{~mv%|Eah7mp0No4)Dc?0}5PYEev*RLo!*qN!HnfnU0~e+veDou{LB1(YZNJ
z8k&f}Nm&b_ZjTb#gF2=nO#qUE^CT`MC3{Bk>=M9$5q~;`woA^t;vy%i+#cf9f8d^Z
zV~m<xsn+g(N``r@GtcMwJm0tH@dd)+ujOR2oNqaY(ULDGld}AEIB;MgkSo-{v5bsJ
zw>=iGPKnzl@IPxpFdq)BZwWkg2s*;a^6+|hOh<P&-Zl2uTat2kPfUQ2<<B?1JqS0J
zBFE=9P(-~&?^h0+!%qF=2|>!Q3PzYLXneSv>ksi2fn>g0Y58;cav6&vtV5QuTJq=C
zm1`|!Ie<(`5OwqQ=`#o6@>%<_hB!pK!*EQz0`XHN1fd_*ht{k7BmmmSpz(ib^o7go
zvDk1~Mz#4W4|l7#>`DgLB;>vop=0fFoTu5Qd+vVz2o=M3%K<Xx>1b(Ft6j^Pl02_e
zl{{XD%7=@n;Xj!N;e0IiK{D(!jjy)Rf4VBDuw4Ei7W+k#G9GTKLCEPl<I9zc+_8o`
zysmfb#9QAtA^YqptAtQEf>P#(xND$UOIFwfcCX<MDC3Y~x67)<mc#OJ?8Bt5w&=`<
zQ6SlZWs)qH)n^;$Y7uh(v)2zu{auwGrM|yOxBfl&$8yFH%ZJicpNcp_l`x{zJJ@!&
zX58J)){`ZqHX9U6@S%FlgT-OP*=l`~K`p2+Z{c=Jp9;w3ykWOZ>m6$eA6lTk<a*4&
zY)wM0eSUd4#9<zw7<~f8)EFr6ImTcwjBDtnB=w}t^My6y@di{OWU=Xt@bA}#Xk>6?
zgGW%3QCeQ%P;l6+V8SQoKg7*AoY$P$a9HtgvB@6pmUVF)iW8rrDph5@wFx<Wrc$X4
zZ~%+UQ%uTlQA8Mn`QSxQI^aqB+SB+r3n&tCjZBXfJP80aG3^h&Qopqz3_+l8dUB!1
z<4ORU!gmr=k%tN3bVh7`;{6(RiU{GVs7;?7vL|<~Cr;h&U5YWT*#yd@BRPyMMOhA0
zum`>{db^Oj>2+;FE)9P6>}*CMg!%4=uCb!zbdotnVpiV-AAKL4T%m(quY4lYl}fqj
z2MGl5-=OqBRY*~y>1&w<X22P3WtJfqb#@JHGR$A`MZ&K!;&q{uC&cKqEMF%$j0p+V
zr5v@~hDlIJ@~gmPX+<El0N3noFd7lU=VGzE>@%HY6K^{g9{oQ;E)2eSb|VAO+d9(K
znF`IM3iN7;?&#}(NjHAfHg&sFm`Ne$)6im&zB&c~;R)vU7ZJP{zPm)O(CJ(%G|@`_
zYbg-lD8(BKw=a@_!JTqz%I8m>5Tr`O>har@O6%@vI;zdK2%d;FL}KuoSH)^6Q{Cwz
zL-j6;_Y`3)_Q3L3mo>wUjwvgG(9OdT(niiOZK0W{lV05nlJh~)DN5H%*s^Si;B15<
zb9*}hfEJ^Zx!~<505ZJ{Z|IME+o*|tSZNK!C6T^fkj{e&tM03~0G+r(C@$o(xb?gN
z9;Wc9<h7~OXX`>7`{T7&#BxS%6_vYV<p3b`mP>n(y4fATDF0B?+~=n+AAl-Crqe~{
z%h1errt?WDcztsr+A$OTr_5A5ajcMwusFR&?*O2!=%Ym@`UoH#U-HaG6TPjIaZHGa
z6;kMYSdgCRjpDMY0pcm{q!q$N1cx$CSu|xRGV#0YBu`L>?AU16ZaLOnhAI#o7)=aj
z*ny!Q*IH?{Ckx#8?cCfif43i(22Da1Q|Z9$bb3Bcw|<hDi4NtKIDF{aqM6irpSYu3
zU+EeH$V@Oy|7ZmOy@@kj-@!bS631a{35r2Fn%$(Y=zo@UYvENrpc5p7C0!29Y8Y%_
zGE^?!s@5lCeN;UXew^wYP~A<ReXNQ)Q=cQ-@PpWzRd4U<00bpbyiR;0-UN(N&k!Kw
zxwo@3P#N5h%8SbeAv_7dg#Z=WdAzAh;A1`nfUJ=*yy1W&fwL#n9#}{49AJ=<tny-6
zk_Rpe$ljg>wt+R8#?q{fS=7nJA%xwpdbZ}wzdF4J{#GU!eEC=lwfh8mJTOLdHt~K-
zHWP0m{A=mbCxP~KAzShbll6&=hXSgXxtf`{H@Xc->AY(IzQ1oT#&b)((IJ3&iN;%?
zd_HdHHy8Hd(uFeyA;%AoI%c{3ETEH72v_g-x*g{95SNuZ(jpk72qal`BHVKY+3UFC
zr=8n{(Y2Av$e)U<f9pD*YZ__pYwaI<nF1h$iH*|eKek#E2nsfF4G`j>C@rkYcOL?J
z*((j{Z@c{L^uaI)LAwnP0#sFp($DS>gN=~hjOmRhtX|cKIJgraL`@Jl%=Ew8A0gSJ
zJI``ViTrjG(m&)|9KBg^^eu5Nd%Q8%*3er_`9Dg}J4VL69b2yeW96zs$Wj6Te3%db
zR1_cn;f{QF5&$w9AqcqfTZ0GT&S1q<2m*p6Nw%u3d0sbLhVFSDfFmjMRE=Ip+6>1R
zz3XMs2vEqFFoR8q#X}P6=_4#hK$;2JLx`_uhawioSFZnOgZI~uPEM^6v(71TRqp91
z-rE$frUB#MUv4hET3Mnv76RfL#iJ>@LjC^NCHhK$gH1yrl+|t@|I4+5aA_AI^O7Wq
zkH7@#9Y{bGIx+WKVj4^YyiX4JTHfI>2zlqr5eSz-hubDJ7%MA|1fNoMidEZm1SRJ{
zPF$Pa`J=?;#``XQbuY2iPdKk6#Wn2vi(hCB^qlRbrC)8vCn4bMcr%@yprvU+qASE~
z8*GYZTlwzIJv$I{XH7!rN1g>7OV|ZZ8c;#-P`QDGryUAHM;aA8E==z?&jD6~X(}R2
zCLrJvCfS$FI5#Eio!x*5IU$8mR*P3xhg;C+P90&vj#+gY9?r{q?#g&vS;z?W)<kBA
zo9{>iM<OeW?AU!MiCX6;tq^Fp18YwMW#@<nw$M;#r3$z~Ls<yanaxCv-@32j!PBP?
zlwAY2HaJruA44Jf;`^XTZ?FYXWX8Yxw3qQ_7M#*D+s8;Z0cNA_Qw!0=JS_$r*^#L8
z`IQ_a^#q-C(;kJWeYV-ny=#S#g3Ybl4i`@yOG;8n%;wAT|9Jb_pEj~I-!Dfwigb}i
za>R!cGlMMK%z#b1VvDG{q_PqdDP0Ka#v|GIS{o}hO^0wJtA*LL<n0TJuSXEZ_C^T`
zvO!ohM!`yu4S2hSwXE}^u~0)C<n9J$HGyb41h#|Fg!}`0PL)mh1!73ZK5E)_)j76P
zzk1H|oZs_ey7c71Xw$B@UT`!aIYIb4X#07Kr@1|$pajSz5N!B-@>?QxW_ssJ;I+wf
z`Air1{-P!F#py`Xm=^(ZM(w!#Z^5U_#LgA==@nyFINs3sqCuwj7k+88Xw)l+k89MS
zyhb6ahh8S9z_G}kt6x3f=>ve+ck>4!AX!ox2KU7d9;mP=vT~9uJS1sI@{4NgG6;Uz
z>S{vAoM+B#B0voGfpBC14_dhrCSH6Od)fk0SHimvtF0&b<!#<>ZKx`|K`eq%SA1l*
zm(nS;S@qBn;CQ4T;X%K{3h}DF(zGD+4gyA)A5<NR4CP<p&xECbG*s)JUJ3gUVRhM`
zw&{>}-JEG?d~>li9VJ`{5Nt!d;KdirW4FckZTRs>=Hm0@mtB#lrUBEul8{DW9ntGP
zDs{q|a@M0l4vtB<S6_Wfm-_g@03b1M0-3~Hyh5=6#AQ1g#tQ(!0!R@QI)^I(SOSm~
z;|=P=fK!plR!A`v<`4iR2q0{!#W6%am=Jk%clObcxYcTHY6MBO&3XaMP1>y0HC@D{
zf$-UEBUHqIbs(hnf{5Civf7${gufuC%paVxAtKV+2qejwkeYh=$D~fo2nZ}%tRBZD
z559WEmwai?b<<&b;c)bE5xcb-fS|+S9(!R;s6)+xq}$L!yO49rMH~)!+U_{LHEMUK
zFZLuIo=r{Tmcu@9Dd-4Q#I1Ix-ti;enAp{=X}9`$KI8J>s|OI22!-ir{3swvqW@C_
zI!My^H9-hN2=R|#@k<8Z69gl?k_6_+#d<N&13wNRa&0bHTuB~VkdeOi)sxaM%vbnb
z5m$A3B(9dbS^#)+PCnWaA9)jP3;9>xrUv|f?+k;Ky3**J^e6tYYoCtP=)=hi$x&zZ
z?mcCw=lh#6tNmuuI-)rX(4F3s8vU#~wVJ=kKl$oYc<9>hqYo3g#R{#3B!yA%_yK{H
zqWP#%$W-9C1me}azw|ig^tcu2Pj)wSn_%|>06TpkQFW>>q2tm$lTl~%MCA7XCjJ4)
zL=^DnQYP<fV{0I3(7O|TyDfBP`cL;{9(x~%`vzJ8NUnJ4se565s1T6f&}FW5VYb~n
zhLqN$lP0}LD#=hhsFI~VhK4A!c<4<G_{e}jkZcG?T!z5zNZeZKszMra&-}C{elya_
zM;ccyD67mXVF*%IztiQLc5bFByorja-!%~Qc{;bNIA`PcU9ohen$!B7t6robjjx{?
z#`@KHfIvY*KANyvtyIo~iz`_2xY=HL4i5_jj!z)A>38;7vh)>tZB<~al}qRiJy>Jv
z>X@LX&d+81F;87JQ4v4~Gj(-r$`cJIHDvshvoYzBd1O6XI$GoBJ$16wG>zT_O@=9t
z#}W_oHD0)PyK}!mE9J)%ov0vEnS$1+B#spjwkC^*js(Xl@YjNqRa)Fel0sWaAXd7P
z40=W3BM=ZwZV6$$_&gp)0*V3zA#|n0V<<ERPsUe4cp#+)HrY@Zf9QDRkz@O8eO<2h
zDl14)WNpmxEm@RN@saQVcO*)&h)pOrvy8w4_xUuBL&b-A3kZ*JLJ~q=i7Tv(75P~o
z_4*1W_1;`o;Zc}XLA{1L_U1G6ufKXlgMA=@1>od@6h(0fX;{e?9Ujm;lYfGUv#SqC
z01wv$6H?sx+}zqClDWC@agKtAz9kq{rA3Hv=OEd)PT|O076j&84h02{U-(-^%n1ZR
zm2#xatavm4#trFC3{TMK2fW=6;`QE`Cuh00E)<5-q|ZZe+~E&#S8>6$rMq|kbzxy}
zup=jfgM$kT|9W>~ZJZ<Dbsr0|mjhC>SEry=et6L*1f;lN)z>f|rA&c8`PJ21clz&0
zi~7!h(V&_3(s3h>l?P3&1f?;K1vMtQuGLFxHW&c<n{I<`Lt+`f!8XcM<8Pb;>qFjn
zRAro|D=9|4<u<i?d7WvRjLG~E<tXGn5802Cba^InZgD}t;r#i9mrLu5qO31Hx;uDY
zL}p@bu6&}gaF%3IIIkv4IVs5xw;^VQNbOgCq{0#UiIB%DxxYKBiH4|kY}+lfUIN_X
zWqWJJz2i<dxh{sRKP3L)X$}A|^_C7*?{;B8ozp|V59-x@i$j5o)~<C|ZjQwryw&rx
zZ|h3vJCj|u+LLbD14Igh9o(ywTYQPH`T95(j)Vo2F+R2~pmleBjyhbQQ^u0rRcjS(
z<c9)6niS;{C=S-!^6hi*AsSU0{En8kA$@Tl_`WA%XdC?za4YvV0x?s@o$ln-l<vZ0
zRSIbb*uELF|F3NfNb*MOjUR&>a<xLsL{2&C8u>alIn;mCn^MG=fpf*JRCg+C^E~a7
z`LTNlOK*_Hg^rGerSVd{^7;R@2@J~JHS%!XmsQ3rO|Cdaejp$!MU5D)f3L(^2uV_?
z@`mqpQt)lNH+i=@SqHvv^+c7%vw)Vzr@nqs8}}p{`Ay2wGP%)a3<E%i)OxV}91Tz3
z(?kY>Re{%MMuJhQGBZ$%XcR;LO^~XMUw}0$QDtU2-j%mR-pT=zEm)+{O+UA`wuVhM
zO@q0Gj=`ll@w^1WKAoB2_~KoJ+}hlnFqfjqcXiby_A2)*9|(v>FB6Dlc$8dUl2DmZ
zN1fsO^E3ba@83N8=Gq_U=kE{e+A7Tq-0#k$k!h!;(5+_^{8Qg+x6E+~X-JnZ>e`Gn
zgj)Jnsl-Uat+*M$mIEcFZCj(!4eMFJjmm1noG+UBxqr$y+UL7D>gKI=qkX%}aLDPq
z;FykI`K{z=OLQh2pIiLfpdi>Th;qK;?p*mYYw<j{Hi+lt=1w4B1gH*(U5JR(t3C)2
zLZ%fs0QLwiD$F&ZYwg{=4Gj%8o9(A(-+c4zC-elpyxiM<%~LVUP!c3XVG-f0x1Caf
zSeR}z`7sl((NT=XqBOI#oMc&AXBrdJ!n}aDSS<2NFMu(#iUf?x943{fQvl5vqm>$q
zml=a*B8H;hgf6@X{ioSj2syquaXxz~?@p{Qu1_q8(43z;!a^{<Hi70YE@4~+WR@1k
z4_f;*deO4W2ms$75ObDDKD5iL8n!>XY`gy1|D7M6RhpSxR|-O<oJ9)r$LqG<?uYjK
zI2sR20*4>H(F~>)#l>-M0$sj^yG!FVO_SmhM3U$^wYUThFQO{tCXcV*9hA&ZiBKk~
zOyPY2fuK!*Rnc}pANArFvop5thcmP9V1(J(`}Swu4G-s4d2_`|gsV^Zy?2sU4Jii=
z7Vib|8S$~;^5hQX{*z{6+%b#AJsRv-Sf8UmtT|o5rd1Sf4FNs4c))6tWjqvS0N+<b
zNKO5|Z;_9L)b^g8@9q9<m?29#A`~8=*kMom<)7vmG*{}D$33}<AtCn$AAdI>ct>0r
z*A_a?uaAQqZb*)&M~7(ZA9Zv*BKKcCv{Fgsdjdik1wfD?g2knklzDd8D66jveKr%S
z)5?sd+2QNm*JsNF$#NH3b^lrKGmmHHvl&ml%s4!YqXs;N<iQ=DhDB*Y+%aI0h5QK(
z;Ntm?mvaSW*Jb$-n3r5C-6_%=6jalp_n+7o5oi%rq+b5sfDp!<O@{?_ne6a9T6nrI
z_x9SXNNl~mmwUUryRR{acZ=DXhiEQ}N85TYceg*Z&(AXGlKoDs{pWd(qXD2fj_>~z
zM-}1GA&_bpvbdf^8b|`Lj_=^I?T_IHXy@W!$NIh}7%@_!(2?&Ah^z<@{K(wDZtL!T
z=oucKHJe$6q8QeU)Mfbo%rH2L5DbAEf2#0Y&%^Fs>mO$U?7#ErRk2aVEhMkR=lw_j
z@to3RysV8{?C4m61?M7e_w8(f#X;F#b*<pFqfZ<j4P)Qj5%uz}sK5Xuqs7w}JI;^q
z_l0x8b{X-38luQsvdH0wm%C@~n~BoNAJ9e}GG^`d?%wN4tQP&augq_5UA_A1H>k5r
zKk|(3&__>C<pkk*^lljA-#y`lb?a`Ce$c+=>9qAUC0D_u;}crW0v1pNWW21LB?uw@
zLOah~h}}@za6L}Yhf5uJ^}ndK=>}^TF2J?fiU5J!V8_zFcTlC6K&NGnno26UYGQ(s
zTrx~Ez1{O>2+G!FmZ#r~=TfsX-QD-eoUg#~JV!$)+G4~%!hQT9c+iI-Hs-3JVPd`e
zE7So+9KMJ*8ZeKn-@11R5OOx6zR`-3usmvqdFoQ4iy1oMQxEvGWMmnD<mlzTOjBUA
zQ^>CW0$1wDWA5l*{xgACOWJO=7HbH((6Jx|5lVA@u}yxzR8lfqd9t_Y4L|Jt=h*`z
z|L{O({h*<+z}S=XKOsa)=HtsNn)@Ok@j1y+-h-CpQSSED-(fk4`qZEvLEN78UhlZe
z6&S?rh&LFDR%*<XBQa<EJGrkb(GxkRjH-0XA!nEQ@qgl)A9Z!6$vaw&eVN!5Kc2sR
zrS>m>O}GQ-WNJS^?gIFZ6-No+k(Vr(uVdLo56+`onEC)$r>x9AlMpEkES*F*`bpeM
zpv>xptk5mNUhLZkz7&wHflFN6XWZF{w3sVW?o-Cb*yyHH-Ln<agr@7%0u4qYK)&^g
z8TVTV5Wt&2;zq+?GXk%lDFI~d{Q0^4b5%?V8Mf*c@<=gtsWF4ngb)=WMFNKr9<Z>^
z(9B3PivD2sO-Mjw2T>xJ1kOLpJ}riKxV?K8>?f$<#;3SphG1Aw3ly=@11AYD^fY^L
z5)C;i+KbZg?fBZ=Vs3<7S)JY<(2tJ!mSa=KfiY(b^&iXI4WFc&Rin?hF5bq|QQ_y-
z4Qqoxb1ndOFUr#f-fDds3fXL3LG_OyQ3wbG;|s{B)1XwKNDazxF#M<*0tuDHSf7nQ
z%EYu`^RogxAYfLkcI#~b(a98gkUoXni>MLK?@sT2`9&ub3}O@?On&)iZn9xD0I)&q
zD~^ZFch3}qBvG^dPY^2DFzm_ItVjn?8#8)8b)@Ik7X<QZu?Xq3!O%!m81#KyO<&4k
z2*cFbpb?-n7ya~>SeyeDJuszi0m+d72-Y&0=OFGggn7F=%-7upZOcV~tO>N%;`n}m
zC<H(>N7WEYr8DaFQe)wox)VUSRt3ZuOg9HW>O#<|Z>64|W9s#{lRZS{S6jD}`npzG
zfU5`qm^iZ<e!S`WE`aM~FYD2)*o`wkZd*;bq#|ZL(^&kKhuhm#03N*FVPnttkK;Bb
z2%TGdlI`@@&mX{o&pkpHX<=z@jyt?B$W6Tk?;$7*k7HO1i~9j`R1Lw0SPQNll$tl|
z^;(&Q1k5+x!v)JP7ik1>qbgpLTJ`T#*`t}!R5bbJ59#X6MtanDd-q?wfQ+RF#{Tld
z8(SCvP7{jan7QTYkN^8?=4mH@!ML>qkXZqca+x4Jf}>yLXh<xuoT)-g`Q62Fa$m)R
z5-|n~=rg`GP;RFV;Q_wh+yvV2l-dxzXhYx;mMlhBBmFo5?)7Z4m>B}6M76ii763v=
z`asGNjnza3#!~)KgLBmHtZ-;OOi~fr)K%>W7yI=p2ILEY0FOig5_<G!1PFE_0cY(4
zMRFhS_hI?6lB-ug<qq#Qtex+8#2uK800Bu#u3okZH=h}SQnU(+DPk};21^NOSjY*{
zT$NH$74=8(vIxswmV{QJz+mM1V?c9z_x%DuV8ZQZGSSCXF}FXn;b>ti0^c{BvMvYz
z-ni@LM!yw6$b2{U_zy3>3ny7Xx}vlt47e|!zxmd5qc3Oyysa1z^EIS~Sjq$PYaSd{
z#s>xG>R_%aovRORQ@x{SOl(>hoWc*~g}RGBv_RMjX&-VZKq#fuTvJh_QL<$2g!w*V
zH;}z8T(ewm=V<kRMblP)#u4$<xxKrNfW41%jl6IGpBOkzt&SyawmyEU8fjD&-}D3E
znx1pM26y0%+RHnNm#mp?L>QalF#|HOAD6);>Z;kAx~c$|LAos@dHcDi(V>vO2gE!h
z0bZ*J13KergegxoP%7$rBCCOzUSHWZmaIo)O3<kYC-oa`H8R0J@mwHM&iX*1TCNp-
zYGpQqhd5*^sX5nv7A;yDvs7Wr&Z~QSe+u0nHWw|zq^gnyP;O?thzC-g@B)&61O*7C
zirH#v6rp5D$f7|^0R0gpOW_B=sR%%X0W8i9Cui@^KkKz!pDkB;^#HlP^kKI@<NHt<
z5F|sUCZ}y=v^8T*G>ifGOLNTt%I=<O4mlWg)zHY+<=QYzSY?}Ohivq0WI!?MjD`~<
zPIuz$i-Cxb@zpv*uI8O4WBq9W;_3=}$WiN)>QEr2X%+$8Cu77!9tsdbSD&jt*Xmd@
zf47F{5{v3cOchLwc)@!KsnT8VF1Kz$8VNisAdBabf|N*5W?XeDKw6jR1Q9>rCQpNb
z#*}}^-yb<)+ZejpW&lX3-vY+j2{NB2T0vSfO~z#r0|KOnPn&OyIH%CAa;kYF3}9jt
zZ1sNa-7Ns*Z$+#xqZL!CP8^DUR~hv=I5bTDnc4R4d8Rn^62gL<&!QL)6gMUL@w>tY
z@o(=)p`(f&?Diuu$K?UxN;M?W#0)uW!HzDmOu77ko^0f-t(iu{*p}<mm2k2(xrqVU
zq!X@M()n|umD|bmF@NvewWrSxO$VLk8)t(FLzvgZZu}X5gxb6P)3SHFNJG|3YC**w
zlVvqTDp{*nn9RAWmcwI)dPgWNc!JC|`3uSq&Q21kVE$Bj4h2F$&UAmnmL%|&Cu88j
z8d3_#_JBqm>H@#CCLK=e7yxhF5qCH}(2M{H`)Y?aFd!iA&^t0d#Q>YefHY69)JCjz
z7?8-=PSoQJUD|R~7=8v|%U3&zEXejUcD1CHvS7(#D+K$jw;Wif4kS5|D*=%e*a--T
zYx`}TX_W3ksN?}an-jI@G^bR7U3W%nW-&qm$e2}lkP5)q7$8}>D(Jfnn6_}Rm1Kn+
zky8w<QUzi-X#|atlN5e4NvP}H^W=fRLA(#S(|;5jvR3+LWTi#LGPqnJXz^3niLwL$
zqhv{%B{|)+mu7_fO&36aVL(ujp(+`|B4=5Op-6@#+bjWwLX*eD-NG0;Mlg9q(nQC?
zIDo}5bzHq(X33IDq_hf6u{sTRx0_4x*tuud?^qpOUPN1Wk$`s$T)Dk%%UJE|(@96j
z?fu2Ji3VA%ri5C3A^6mx*5Byl)t&)k3$J!JHS!LFBd)eOJ&w--fEl&AF43eu7bw_{
zTz^;9{he3RKBT-rM2C~$e^|Kn^93swk;^(!9-?5UvR=fazKty5mU`#OQb07P5<@$U
zTMD^4@J8<i+xG&QsQK-#C!Fs4B^sal;YBqCwya@!X7cpbx%lHt+cM+WxJl`VT<HJo
zbmr$bZl%l7#qPLUvAa3h!;fC?<X6M_hO7G_1K{zvy%4N*;Kc*(lR64>8@ilflaA!c
z{^0|d&;A#-xEo)?#M$3yX+FY3FwvODDytz(O}&UmWl4?;HG_78C4#HW>e82jMx`6<
zR#4#02uRkNTarfacJ+$E81e5QHQrhUWZdB8&S{+9U85<yWv^+jX^F`KyVd`Hz*rHw
zKn6pOIxpZSe+66vx4EG_K;UfqL$)~arxXx)$elX<w~oP*T{9UBmjUvWAAs>Tr7$em
z=LNxOFHp*XYHwp0WAle+$!sy~(sBOoA}KjKsw^Ig((o;wAZbW`!ccv&G93s=e?w1V
z3e|{v%uhRgH@#rj+WJ_JmL%k}e7@6c8Ddv((BNsOJ>+^G+H70#Zfheg+usF8U4P!H
z3uKnJ2ikT*BUE}Lg;+=WadUbq)W=)L3RcSN@6wQd^wS|vIB;m8UUm#3E{n_S1{vB&
zwBV9BmKEt#3Xm!m;HI1`fu7=}d&l4f>ClTtJbdR2N?vWa4PCV$^OjI~Ndi*d^ag`N
z39J_oDw2+Lf~;T$enPrKD7h)yg8W@=`b9vb5~&)A@+w-gO0Nr@(i%;sFs}<F75W|s
zU`nqI(>2CvkeudabsMCH#XP%yghe~sF-GH!RmL}1)Vf#G6SPpV9x|ghDo??fLMwC{
zbLyv)e$Eug%WIiA*r;Qnd7kGWIJ7`&QOv>Jv$CAk?X;=?51COnRRh3B9OuT;YPAvB
zJ-gK%NUJf25M2E&AG-bjdN3vGaaMukja6@?icFh4Q_D#imHBzs=0Ibu>e`svQOo?t
zfH#jDcu518`!Ug6M=QONIYiN?`QXJ3;#>9FexQ=D@JU`i7TkMI7Vc0WnKwUgsB~g)
zqTotEaEyZUa8be(l)97Y(wn?G=Bvusevj;3%PCf)jCdkHZm$OGTW?H9ngakj8snpZ
zKVd*Jj@W7-ZrXX9HWJZ<L+4LcP>G+nmpM=0&gcBl<E~`Gbf!8#@nmog2bJ116?*;N
zZ)IwTLlo=~Sq9R$-(Uz>6qPDjoTY3{xL2ep8O4HwpkUa(!HVMa1<H&<#q;3Ug?yBs
zapF{_`e;|%RGrLl3D6mP^hBb5NT0a0+sT=XqZ`hy006sP&M5fPSpeu41I`;i#5WkV
zx^?S0=`qyCO=PNNy9dZR6KA=h$*9TaPc;?+LTdCFjT{^`77`o+5Q{#?K<+0HIiT&c
zC6^IWg^`54s!UM;ASv;;L!cNy6ed9Qit>u%gcl%hzO;S%?Ao*L>%-K$eM%gPI%*9O
zSj$T}0j{XCnzQ;{ElGO-Y#EqU!(UE^)SgRk{=n5%kNPv1`r)2hFVTPB)J><Xm#FQ5
z%moy|-PpPPT9$0kxOJn?->BnLJuhzaL$2kZdo0~7VZYSzk`sCe$Z}k*@f352DqIK%
zu~WICG$&i)F`mt`WPYtHGacK6(!xXHlcewx!tB$S<22wR5p<hDz)w{H+EoQ&D`9%&
zSK=HHRD^S?gpTkg@1B0lAl`&1$M(K@_38l!jwm$RkId!JiPstZoGcIvg<7%O7^-3u
z9(|1|ob01?WATtdAmmdQ0GTn=)ofJbSg&pxsglL?Nzmijpqw7V?X8eU=1q-p8kN&<
zfr^I$dlqUzOvjVwelF8wrVd%BUYS*pgRMVx|EJ#e8Dq`t9wOUUjP9C>Fqx`Hz90x1
zwSEL^Yfx5iG}WD^jrI6n=;{PX6hXvaF@ED_fOcIOo16T7f7C3~vTf*}z}xkT-}1(q
zk-(OABe30YTH2(xKQkXQ{Vq8_dG0TS`SE{JvWL=9QD9+2Qo02t>nA>uMlE#+?t@en
zVm@5269`CC83n;I``N>vdV7bZ&Qb%KhMP|}l2((o2f!E2&W)rY<48AoE*c!4<7&;{
z0+2Cy)5~`dAb{REJJd)e9LurEPhM+XBcW+$53lCbH+}!;w?)<U_6zpTWRv9cGS|C@
zKN27iBeFD}w~s5sk3sle*-bd#x`4l`*N}(o<iLo%w)Cnpe*AFzHI-CKz7ceTH?oAy
zgd^jx)doNBtVea@q`@Do{U^H&H>%=q_B{UUE(Rp{<;@#kGqUiI!4(Mk(`bjDILi<5
zbzwdf?*j1^hs+mcy9$C-^JV)k-+G@V3qT<^eee<Y5r6p@3V1xCa+^zig%l(_1RzR<
z<YMhBrME2vF|E=7zOTrvsxs4nY&(%2coB_-oGsku*;wt0!ff>8sA$7YR4p4Os6_LL
zRMQFB>HdrAV3bWNeSb*z^t*Y3Kj}!0(D4<!Ij##fOGFkSe$??AbxCmc!TFbSB?%AQ
zco`D<ASp4r>k=NA1<7W-A5uevd~8`=*)}Hdes@kqu$2yNf}N3=qr!0(N7@u!>8}&k
zP$vQ;xw-4s4}@__pt=X_S`DEMM-Ko#?fugr;ZAi1AJ?w*C7M^%oX_BUz7?f1T34;T
zg;O`?*^qWQ_=p09dbaaRi*xjzaUkLNOH9#!_^;d0YpBY7iI&15S(_j`q)``H6MY*5
z<yGW*&N4x>oCOR6f*QQ?(``D6Y{OJG$x;*xVw$iR`J(`3K5@dV5?Up)6rj-%Kwwv;
z?Gy`DZ6~}O3keES-B3QZx2>G-zJ`h3k0~gF5pjPVFCR@zEUmAtElo^Jpw|=d9Un`X
zW5InT#z+-ksFd^(E;G#Um3l$|qz3naFAqqrL`o|M@V}Y69?wRyI1b@~MW@@A0eX^z
zlE_G%%#De)Bgx)e2wgX+UO9J{BhF^AdLfn^t~R%VJDlFpVJW2=iUu-V=(!vrAt_qe
zN}zRE!2JXJUS=kn?R#&2bjI3GTZHK}olm~s&wJnZ{b8q8a;r8}IbRDiNq5rsJpjK7
z;Gq+GaM2$8cyP2g*T-b<I{m{{-u#^7H@?4>BV$W4TwZ59KsUS|@bjfVNTrPm0$|^K
zW>%5oAWi}JW)0P>d1;;m%%Azo-XE%?l~82BUetd>qV5eqIMiGHpvr%NAH#ahiCJlm
z6Oub7LhSC3U=x(S-UX#U>Ik<bMbgg+?+2`b6Jigg0;@W;l>T=F3OpGQP=~c1=OHi4
zi+LVGZAl-E-|;+OeHhA#OAsRZMwq=?_&1$S{{e9|nsf-Q@If?Y*0BLQLf%z%E;}Lw
z@M@)AKkKO}z^*+b<Nqk<VVo>9!XEE$q8uFn8#vLqnpT<**u42UzeNZRvHbP^{{9=(
zriMr~FjE_%4hR7OAjK9jd$IzjL@KZx@JVm0OGbN5a40jkSB^k|A%O!`e_<awK}Wbg
zg6j;%<HNw=V1(lI{r=u$4ADVt%ckrs(+JsaB$F$rhU=x*`o}gL5n@!3tQTB#t7R3b
zQo3kl7)HduGTmpw9b5*-r=-?Jeb|(p{cavha`4<HY7cszk=_Dj3<Z7$<dA;7{`==F
zl@Nx>ZL%y!yK`Y3vk=>T2=$<sR;j@js+9NFT?;LrI(n?UrpdCbXqpy{x1ia5^`pwV
z698Wc=_5i+)!_0->?flmB-c~?nPq5%tTM%yjfVwV5>g_FYY6>-s^Dm+jyJxNA5#cf
z`0sJ`x#S=$A@^$a;c$3StJP4s`_rbvdwtU03Bl`1QL#K)jJ-LbT8JnXi(>mHT1MJN
z%-HHVA|z}a7lvKF|1gb^a$|ux*#zW}!(8jm-bKBFh8V}1O;uB5mUG1h8UP{yUkN$t
z_xl4tZZn5z2u4UIcS?Etd?b$TL#Tv+0B>Z|MFYSuLdwj8ott|Fjw4wK>S)Gl%_rYL
zy<qSB_)xO-XaD#r>Hu}`6X-j)kToF;g^<~l$++xfrw+`*=SVz79eL!Qkn?J{{YC55
z?s~JSs!$`8DMA|R(Ddr_%31Bx;de+c=I3`3HNtZm5FK`HV)11!LmuHePYB+m1Fd?^
zSQZG_k35?BtYCt0{hbLZX39@d7n2%>Ivl!j)>6Zsl-VTYLu$<TUv|64$ufrId1Do`
z5PY~xFzPVcYqo)n$K-&IgfQJjHYHEnm^2Z3z1`j29<&xkmQ%dRhDSpDby-ljJ9&Dz
zNr5}zoy!IRMbV0oa1cvbup|VS$G*W0-lfZ0wIbxTglPw7IRL_)%Ywtb;2<$ST^5J-
zArtzIP({jSmPz6emn>WsZw`0i9ZzZFqwB`#1K`F&wqRV1As{&;1RxOC%s#-lxBvSP
z3vf5Dp=OYfrCNw$oXCFSVt$AmF*2<cH-tRT<%%RU8Ve>NfsY>eKEw*#qZjZW%x1I2
z>@8f<2w|n5;eK2YVmhsOJnW|MObJWXa{{)PL;@kQs;V0A-vbml!DkD(LN3etp7OGC
zZ{<8oK$${F!aPxTH9v$)=*4WYh#YW(#7TxBKqOg+Rw|YLl6`xA-=bzGg8!m!d)Y7T
zrDG!6q-Cn9&k4@m$Rl1dvWFre-bFO&=EZ|;63WE}PRPMQ2}=_G=$5_qMz`^Mb%ltB
zI3cqHheg)y$fML^a5hmD38u5eq{7QbJH)}*m%4?#W$*e~BS*4$B3zM@tEK~mLQ(~d
zgoKpT8I%;efjBTIkn$TEe4Mkva~o~6-{6>;J8*Cad<@KGPR<7t3|wFsv*Qo2c(M)e
z7?=-m@2RR(wB_ryT4n6r^)GO>)uo2+pI*H`Rqwr<64E^YA-0k2-*IEk<V>+-IlTu}
z2{NKHqNl_e+uwcto3BTJYyZAMNON&^cHvnj#Cqt&s%PWX%6wgr>4YF7Otn;C^<Gq!
z-1Dj`^4sk(vHZXPyd8flHt!>x^NiTkA^)(eL$ddv)Gr--;B{frJf;(Z9*jO1+?W3m
zg0f(>`mWtdNVy1a$0EA_m4n=aA7YaaS6RF}_A$(S5hSiD%9Nyxxr{}R+n=z%A7Y6Q
z)t@53Dgjd^#H7LrnR{iB((UrL87|Ou(8+j`2SMMEn;T|?P7LgYPKc9fLbms2F;S7N
zC~L)sC`b2CX$r<eQ4|5nhT<iuEj=>l-QnS}H7iRM4zPU4;qvm-l6*uo(0t787VR~Q
zymqlKq9i1@M2LMq1W%njPVl`XQ8}KTjrQH7um7#i2-_p%k@_L_QPn|ea&G4nqAo5A
zt4mgRbaeK%v`NUHEE9s;^qDgoWt^zcV3B*yTtdcM!Is(=5-!g%5GyeZ+*ALp<vsQ6
z)2km|U6Z-aVC(8e=V_QZwg^FZOs-k2^N2w1@6-tgD+?1f$s9V?ZlQFqEZJa@5S^}=
zy7tx?axTwaaX<!R#sPXHW+Z9?*_>z>;}T9YJ@u?y3tb^GV6Ep^Cd7%-RC}6sK%hqQ
z#}miN-X0wvVe0z{jF@q9etdj{ajxj>`1p^N<9HWG$Ilu$@mNhfKIxsA=HAXRp28L`
z7GKygaVl%-B+zsuZRt4H2_dbDjm6v=AKf7ma&dTwqw^L<%sn`P@fi>jq9qoAUOa{i
zKm<RN6UhZmBrxG)chTq^L+OW%x9x8q$<_%6rx`i8{_x?zA-f7k5)3_v<7&&N%xF&R
z4Sm$DFp|CfD1T=lq*H`+ijb}+q%nkaijYncf)j~kt~+;#EF56`kW<W(+5ZHIY1c6O
z8pcbw@D9dLFy|C9)-V<NK#p?aJ2mk-!-=mxz>N;jvP&Z$uZdF~;eZ!$gl|}v5Jbfi
zV^7ZqiB8U5M7I!f-f2R*?g$BacGz{HB&0(^`iTU)Wpqf$rXNDyy?>3>0HCc6Xl3~S
zJ&f;xkWZkcKL7#OFk+4AcV7Xn`zi~4t+z~1yn^d6k{yCBS?Skq5DabXX=`-3eL|c@
zn{dKX?AGf`bTlXD{Yg0-8v+Etk;X7X6(RTC`8m8%!nX}!tkew+jCuDh=#))D$feT8
z2kIOTc_V*c=Mu(OJs|)f<Wv*#O5Tv+#5a;TsXp$S)}p^n6vkL3e+ZJ(MVUGGNr<yn
z3uBVD+<9;yGttc)!|Vsl;J8u`{uMD2aydu{U?d?#Nr)!o`lsk12rU>K3onVZ2vW^P
zkk*Yi>&xAR5GPcX(9%Lg#EN-o2m8MVsD5}?C>dCz;mws&4Odb%z<8;22<no9Pf~}B
zCth7%pWZc6nR!*T7YmjS?K~(}$)|ZW;p@$5-%WM9{G`^)<3kdIopm>t1^i)AsoRH#
zjeL7sjB^e=G+~>^f`VM&W|2#^;z(#7ndZLMC1f1gPn7|Y=B4w%$WER;J31d--B?o0
zh!~H~?c)dyV|5(od0f|mGRD$02?AWCOrIOvTotiz(%I}w$QXQ`228D6Zd=+Z9Z>Nd
z34vl--=6eKmh7cNGICG)Y6)r~NkC^KQUC+E8VuM$y|IoA8}~0ECZ3#VN*I>upAA1)
z>_~`mO|()+J%HKa*1;D+>fQvU6sZ6%ii8OugJ%{M<DCg1PUhD^;Od2|##(i=<RpYI
z)a)!FNQh3@A<!8F+oo6r>7PNSNsu%!hCCFwWQn@<qcWSI4DCt?!rP-oswoLv)m#Kw
z*}=74B&qBNI~@dE6)=4bA!uSji4wcWLMHiOJqN4R3VEPH)OEgSN{^4)MB9>(Nugyr
zxIk%Auy|Q<txPA;!Se*E#ZG0r!PHzt39(NIsbb|2Cut2zy<O}r{U)k_2pRmcO@@(>
ziB{l(2E)S2ih_yUFFj2Pxs!j(%Vua(vflkWnF3~)m^*9F=q0iX7gN4hm60t4Ip$${
zbK>z;-o#7>Zj?MHDXm+-%(j+Y8{RAZyk@2!Uy$>;$ABEGNuNYEMN<!5kgmDTOPzEK
zh>%++-7SM^0#s}JwMYxa3B|<=g+|1!Ux7gX-y1ovmbpM53PTM8BQc-uhg`gc2)uom
zMPPPl!oGxTy-Il0*26DrO!6S1b-ebQCW@-6EIrRF%c_c^rdhVJ0Kp1|TUeUPu@Fr*
zNkWVtasVLKBm_r%*qAQT9*l!`_9X-{M?wsEwX9u~4dxDzW+B=meOQ4C(F+jTD4X6b
zkV$Ev<1u-;iyvaTBjEA2nSO{;Zeg7cEd!HShlw7)gcwr7TqH%$3UxK`6$7NkwZ&^@
zfh&@_jWWJY^mb<|qjF@DglzgD#>yhQC64l@6{%8=6ok31wD3HB3E7ZwuL@&|@f?tJ
z=57T`gCbxQjphDU-z|oCjHG0O4zc2gXf`}QmvMBeqywvh+k<__aQlOh@v>RxwQvKZ
zB~g;0kphw=!S`sL51xw*S^|rTsx*$WDOKQ9531RINaj_3jK(4xmeaJx!0peD5W|W7
zW@Y5><#A0}Dv@Y%sEG4+ZyA-wqZ*|@up+3#lIvf5!eMKIe#q7S9f>3Z6P%Y38XF0S
zEi+a;U01p)(ZlEv%bOc=<G?F>`>KM$ga5U2I|lbfp`CxwMIv8D-c<h!Gk0$H-VkGv
zD67a{phRO-BrtX#%0_Eq(2t*xd0rXW5+c*<MeovxxJ50aF>)|TC}UaMtALM9^|ES~
zYmi_;85$yqOh=+xG%$`{ah&-JB4oTikULPwLlKx&gQWoyB;xh0j;67)2nxoweMQc_
z5?NTZ$bvM=b?S?DYt_|M#LH4Ex1S#&)`f~MYwgk)hbF*KS>1*h)r)#Rlk*I~&km0c
zPh_{~Kkvf@4=N#_%2hIoqQ>`^;U1Du3peef<tPrC271HlgEvGTM%*a3Uo#;FS-BU}
zU}fA#y{_XAYJN>hMJ--*N8Lppe+IMnn|}#Gzr23^)fc9Gp9Gi;3Uik`2F^>0RguzK
z#(PFwJP{%}Y1-Hg05?1uhLE;1APHV{U3ZoS|M|m@KYsHZ{{IV@y<Y-tY>!DWpQ1ja
zNNAle{HWwxmb@oIluP61XgHfRN9t~ZvYrs?eun*!zkd(!zeGY9-PmLW3~msTQ1s>$
z6#|%OP&W-!kS9WZ+NG(QMIH+bl_8`*V;=pp;}<W!qwe>g0eI;plsbNiYn>7!4Sba_
zD(X7U+jZzim6uH@xAjEGW;i3`=xMffEdcn`vmQaQ(twJAs}<_(=g*%f3@3;lb<e<_
z-^iFV=h=*{r6)p+uoyp6h4CX1)PA^FtXql2VzGxtSQ7!tyl^WIO)+VVjXrNK5syFG
zJLv{OrhX_HO(bF!53ffL`(ovKqrTks%EaD(v{%Qn9zBSHlOZ95R850tnpFWa;`B9q
zh_ha?@@`?UrzOh{Bq0vJINUs!^$F_azdt}iJm&%MM2OlkG#gadXGjsUUt#~&-q+hN
z@n!!4PggX5l|3Cw&`4aZcZ2Aa@Oq?j6l6qFu91Vt4kP!5Q^PPT(~H$U#tk@J=9#=x
z{?RXfVT5c*h(pvC?*G`k0@pUKGY;_K2e8mVjSELugs?6oIW4^?oH!0n$QCS>rW|%b
z_T^Yav{?cuN07Zj<qRXu1IIlH@KnmlBbp|KAcpbTQ)4RFu6RU1H>;f!9HpQ}%%oNu
zp*r?Iuy?X$$1?3Ux<R7t0lIhJd+&Rv`|*9>``z7p&j3V=Gu|BCkU~>XSi)JrNr-GK
zTsg{wE-L^;T#_kfw?nZmX5m{?Ve6Ypp7tvTd2K7VpX2h3D0!wz+0^_uXx2vQmoKPy
z=G!joqqpAr4RkKXj{!Ns)<UJ|N$t9q3bCSef;kHa>T!EgDcikP*?tLtT_0yWr<cu^
z(VXT6o#f4$H3vJ))zqkZ(2p=Y1)vYw6yzqYSwmW^;G<A_V$=b;Fo=a%JT{m^T9zkm
z34qjKmM;#d+91y3v+JAKMl|ViK^(QRzzt*V1Ucg4wP81|x(s}LK<x<XFRg_DYYc7y
z5Qh^w3P?HBFS&MtpVg(S)@)#H!nl|IwIqsG6cC~w1prWH69jQ6=oB~TwT%)(*^{pT
zPC&80=#n*>%pL3lnvt2!0_C7~IVu^iTmYbJjK9*;jK#N91VXKn_87t<<)>29b2Tb0
zCUh~Dk@KTEHBHR{Kt1U4^|{OTaEWn5t6V%5cPI@hIY`BpZj4Zl%#?opP7Y94xGZ#h
z*Ura}AAioZ04ZDx2A!qgTwQX4u*x_A0YTJ~oOA^MtztkBaMF)KknZ%b(grPVl&-mo
z!TWWFk+J|FSbB1RnjW=eDxKi-+X2QEsLTNbq9!7KS4tRaLCDXf7#9Gynk0q`@x)q~
z@Qg;b*<xkhN=?uUxGQK}^ZF@M!>{H&eEG`LU_$qt`qe;ghjG^LNCRwhdp5od0Nn{l
z`y&Soh_LWAOKq&TEJRq9Tzjon4GV!@Z7q2ShzTF7Kvhd2bvF2*&e%g331~#IP+0vN
z(EK_TlQwrMuyf}sfL2jqAt=eR7oVi&JrskFY$_6R7GzRXXYVYpK7z)?giR7DISc^J
zZI<BK@d-9wg_^6(P_n}<&O!4EG$OL(k;8?I+BHEP5pJGm+wau(0cj0;UlrCqu!uMG
z>$~G2wQ2X-d<6FP+}}M=yLL;G>{Y;tliq=Vv<n>LwL~!>IRg-BFuI`t2)(^I49KRC
zE-yX0opCnbg`xw?8!M_V%DYfLi%)75D6imS=^}hQdHQDKiqeRYtESYw{Iupd6Nn`M
zIJrvjJdqBk#Lt9GHa`Ky#X#u$^imi#^O4WE`NVos=^`HT2@dMVzdA8o)=tzOa<Wak
zJsgN$v)gZK_8H(-D~gb|+a-HU1q4F$T?jB?KzX|)?XCxN^=sHd&NqT{`^JaXqoPBL
zB>hZwVFpbbC^j>GaYhp<j}adl*Ztx)4N#{%RCqjGI|-+^ly!M2G(S&AJmQ9GxVWGw
ziKCG_R{4A#gBhYcQ#)QIka2PjQ!zw&iDJ+Rs5^NGpugfpl^%0@JVYDG0tjQh3fI?X
z8FRB16_6W?I7_c@eX%u=(s-czc%xR2kLUYn&O)$#iqNCB83w1@RB+q+%&bNrcMbq}
zvZog}v}RjZF=jKnjZDhAO!GvF0N$<7n~Rk!4}xt(0RT=L8L^G<?gUQ)o29{GO#qL(
zC0UwOIU82bV^chyP!|BwUZ)BE1*T5Je=DW#N#e}^?xPdD(_U+i;TK;V<slf5{W-OV
zeET`x-N}j$X6AO%p0=c|;GlI|ew-~47P8&s=;YrcTc))1wL9$^3qd?dl0@eMW=AcA
z<5`kz{dIykxcmD*v|9xLg5SG0t#Ws(63w%15LnXZ-fwh(n$hAgi);IEQt)X@mC>s6
z=?F43;VV&EGXBWp7w8&5j$iO?W5ZhdIY1ETGP#&*Wyen*b1#`HfDk#W?3F*!s^A}O
z70AwZ`;SFge6wR5RDAa!8wq3jh-11Ws`?<?iu=bCH)uGq!3j&OrHFpm;nTXCha7p@
zi=eUXwh)#Pn<}JDf-Q$d`tUMv<`J6$x_ui^(SC{RRRoKW-i>@sjPSb6$`-^|kZm|?
zbd)i%b><Xk!y^iBv5l(0TbEZ&Xl&SG#PYG|3_z)(8n4d$18)DDwhNFNwgEDa+1!1$
z(Hsa?D^VZ92%`K%D#2T<BT7Izm0D&C!wI_UEQH00ZqG41B!-880Q$vD`Sp_BKNL<y
zE=1%Uphi???gye$Ooav$Q}DRd*|@7TKG14Un60PhEZ05J-J+}%MLC%O2uNW|IeA_a
zDKY%aE=!k*xJP7iB}%58fi+4BUI1uL_VikLeQ3b477~9u7MDd6CkFkP1WFrRgrX+K
zhZYqGq+PYSa)=5&nDvtK1ip+FC!j71>c4;c=Wl;_WEO5GAY8_hHodn9@v8nOYEc15
zMNLqC?ek0m0R5!@;`y)SH_p6Qg<7?c;YFo*uHaE;KZq>`m`kKs1=wL0$A_vyyb5En
zg|jezt2n9rxuUI|BmEl@FEl340KG)@Psb9oOQ&?{(d=E1hb&hDq6_jjmEv||C{dW4
zo>vgm7ZMp?d>2jsXh)>Z!n07qn*DZ{1uq{U9SaA*<M;pa{-=99WIwtFDt*(=%p8}Q
zD%kBNFi4yN#dnG~4K^<Jo_N)<{!kHJXvtL?s8`U%lk2ZR{qEiSzm_ic`&|Id7{RWK
zTK*L1$(2(=+Eu#`jR}2iu|GW%aY7MeEQnJqLC_^pEp9{O4{vy1PlxpZRq(sG+Jldi
zKb*ehr~-l#<*R5hXW-$Zuk6A5h#!|Ob^8k{c<vQ0(GDRu3USTz%512od}Sw;1E@<0
zU2^5a1~#Ew-tH<UImuaIddGkEY$Jtl_!al6EProjGF$Lw0WEEj=2|5cai!wojWhMN
z3$?IY4C|RhA<kzmrIt=&H7hQkIja=!s;ismVLort;?ClPQvc}D?R(DJ1X(_v-UL9+
zWaFKZd|nq7ai*BmJ=xMqw%c45v2P)>doHV;p0|)+-YPkEVv1hLMji;V3qV+i$y<TQ
zlmS+ZEpF$URZe#Jw{iKG9$O@Fk4nb|V`@Nl#7`<9#HDytoI>STBvw496q093R9c)8
zBK}Mj@*>Ux?1)KOoXj;m%W)^?A6=K@F?Re3lwzuuysA@aYI!xL0+&Dc<>hq;l)OSb
z`$u_B_NF(~ZUcli_QQ7{S-`B5hY&1FumrG#K`jVF%K1p3dD<u=5X*ugH}fn_&@9Ol
z`ik49ARd4-lSV(hn{2&*^_dl#0FDQg^6|=EDI!Tj59`Kt+zN+V(}-6Pi4_nmusm?M
znD0}8AQiwO<63}Fap#DjIkUO@hrM8Ic6S?nmyaA88w$JtsapVf+*-);-v{JS6U+Xy
z8h{RezSGPl)V+WhE=xe2Jmkes-8ag@OZ@%x!-JrX{tw8D#X|r-ZMm$j1mwm43~2Z$
z5BWi0FQ|Xs4(grCUx06WyVyctxZh?hQ~t^C_TGma<sp`fufCubg8mbLAm05CsSP?{
z60Z&<=d516dZ(J&hW(#Dy-))KFE1}Oub}uACAGl^yzDHgkV6c^P3F(n9&Eq_h=5o{
z&p=NF#03Jdc+2&*Yr!%=H0S^@9D}4NJ>pMF#XiV5RaI<o0aY<2B_%O2B_Kc%fBmHY
zbbqRn7*JRhtPTjkG>n0p22wBvtw5@=Zp(Zx%5sRIL5rA@7=XMper@B(;`mRU0<^S{
z;lY7{F!U*nt4(5Lb})biD1n@XjO2q|FAFD3S*3tkf)xXp17jn==7@EGAaECK5(9@3
zM`CNqfdLBw2!XK)2HKy3N*lKbrNK1+K;Nu3bridm?6BC7uYvE(?3>lFAC2D33aydx
zP{aab>{#dQPXidlVgRb-D3Qan8>9v@k{{B|x$j2~gd~Q-xKbE;FCe1efI3wOLLmT9
z72wbT|JWHoM+Y36d|1)c*na)x%YXgiFb=JI1f+?+{74MoAgP-lHiV%7xF{qB-UG-$
z;+kOL2%WJ+xvU}bG0Mzi)SxNnh_N!sK{S<{6p$c~Au<)HF>*f;%t>1Gep5!qUedDn
zOAi@h^Tv&|2Tn7cZhDBmx5%HR)9DuVY@}bL8yvCq;zhdYAbLTdcNo}gwpe)Lpt-Su
z(*qg0q=f>6GY<FZYJO8k<Q4J?L#UHaI|yYuFc|~T$RFMZb>Zo{1M=y12lP8QfED^*
zJkznafH3g3iylDh2C0SMDQ_S++vH6Gk|r-Y2u<>P9zsKT3)(ZQ0o0v*8&Qog93d-Q
zGd@1`k3NS!jX?-QLm(jL*YsSBG9s&x*BOCOPXTZc66BL60hy$NMnI;?%K)rGu7K33
zLxocZ0;mBaAV0N%kUX+OAon_fpaPQa075zh5(FZu5r!lfyrd1E<T0_~1L0_Ds6e#e
z@a)J8A@4pzIHFmpJK$4z`SRtjPLM2!bt3@M>OMnAoiju^p=>!A7LZRhaUvk3kY@<g
zX+{8)|5~Xe5P7*$sgxO_@;XP<l$(gL3MqzY*2(WvAbAi-u7>3teIu)8Xr<G|7k+9e
zQtm)>$b%e`E;bxQ70{&KzPAI5exPy>u(f@!1z`cXpz)LDkZ^%OjNa<%N+V#fXhKzJ
z*E_tU0Xq&b60$##LweWwTh2QI-gSJ|{@~&v0U2}77Z6c?NJ=1kZyh_dqpRAWaI}8B
zqf=C=-Gk78nCA)zqDmHDJIERDys(`7*akn62Q|Oc5pWbwu;)B}Q}}Kn=o~odO=@8u
z1Q1d?2jIylG7u1yg>hKKw_;d_Kv2|a#KB7!)%N5=0fI^=>mf`I+Le937eM0Lr48Y?
z$F9WScN}I%AE<rxRSfxQMvvUjBrH52=WHKB!jnWIzH%2LYcjP2RDs=$l%)+Sa@dvq
zh9ASx`OhM>i%bc;9ck?Y!;Tk3>@6Xo3Jej*Ia~H30ASDeyXeo`%3UAH%f(ey-MgKO
zKah{q6cM}fwLxtl5S*=p2>9WMWRY6tTdEtXDL4%S6$w2K5RiQ^IYcWb%CVk!VBWIl
z$6;N{<ZNEf7wqIsBQO8Ex+~|G&<8T*xr3IT+7M6W#3RVt_LF_1=4S2aoXp)ZHZ5CE
znS!m^bQ<Bz=yqzOD-n)PquG3R_BrI}3<?Fv?_2ZkCx#iR>+)92l5%1+FIDCL<7+a$
zx+$N`0{4N`q;zfhvoVv&_2*?WYwOo*8L8iTAal!m(#~4)ATlG9>zOC)e|pKyls3A(
zFb{6MgaU-0$7Qd7PpStX;N8|o@veMLpHj;rFLO6*JMv~;#v>g-ejcfAS*z8ZgMZK6
zS{kXzzj^vUP}Fi$Bb)B*aCN6t)k{l}@1qy=JCTuBnTvvT1#<3|y&nhVp$lOE>2Zc|
zu_vV!)#akIm79&^Woq^DT{*h;4iJ68sIDg?ltZd|&ay0-tm#w2*vmaPa4&1wnS-j`
zXCR2pjBQ!Ae17IYv{UWW2h@XIhQk2D>eJJcW%8~-Hl=jkY<AfTfGkz-%6$c9la^Wd
z2FR$W?gT(eUlaxh6AFkRAdy{NPYuqMd?0A<X5xeNefvIi1>zOAw~H+d>*nH^IYdvV
zJrR(h*kIhXEGue52uYorj@ipup_bA2am8IAAbsKukWHD~pOGm*)&a!ZI(R%+S{kn2
z?GJ$b`1l8XW5gpMdTKTDO3&+eMus<|3(&(p#PdAP!VniL6S^L?-1wk5&@+(Xl?kh~
z*iUj90XeIkA>vbMyHbvNTT=G<K-OiSHzy~k8Z3MJ_9mtXh!t^m^w%?)`N9MFyq0+_
zXm<Vc@lzS6y0!G3Ocib?&GlTokkQA1_cTHl5|BbNwb<9cShDPu;huodZ?E0x_0KOW
zUF|c^avuWDn(NMA5lA+==Pm=T&F>pp)^)!SsE+St$7|UI3VS4A*InGmyHR)9sAVq#
z)Us2CmyJf_EAb6nAs;t9GFn8R^*&_z;_TI{mp}jP`mN|tZyUoEefIKafBEQ>Pd@s4
ze;7baP1DTYMlU!Afhafw68b2GO6U0I$|0aKMvfG!!c|q(sk_630BUDkfPXe2df?%-
z8jY~Nq56$hGgd(u2Ey=S&ZSU?<3PuQ3?fA^&|Pp)+#IYvfC$dco%LxP+<byQmW_qP
z#7K*+-*UM>kbn3&NFX#hFE6nW!+5$#H}w;u2V{R6iwZvw>;Qm5UwaXJ*{71_t4d>T
zGzTpJcw1F#7q*8_&|uyn*bU)8qDYLd`%#lX4#&kH5+(kGAWCWvv;HDo5Id>_1Q%__
zOvD;uixESR*OIBWgv`L6N!u!rt#j<J5CH}PDTxM`6np*pKsM`H91KJ<W-4imQmZ`A
z?}>7>0~0t%hD`1Lg35@%h2@)>dYnogU71P#5=cBxRg(!xp0t%cYui8=$2Ujfh!%@O
zAasK+hYv!G!M()@GHCKvgh5?Q10hokp_G_XC>Sb@#Z#f1HbV!00%xeb^%HpM6#7AW
zzB|3)sG*JSC%-)YqX)$E^CJl%$G0pP_p<pz3)~;5N3-#(Vg0&0-E5b>(?ObkOfG6h
z2#k{b^jpF7D~JDXgXunrAZZqI((q7!UI>iGv)hH?yckzfO`OHzVIEbCz&J~<R>;!=
zU2Pu2iV;H2*UK$nK>_9jt-!!`x$Z;K{)P~e-Sa6Ldf=9B=XN<HKS{k2LMGLKiM-Kj
zSJ@FiT!RT_KnpCGY}b+BydnQ91co!NLnH2WlK+ux_-02vN=-dbYK}Hpp`XP2Ul<51
zi@)U;utX(NafmDr%X7r(vJi)gK%R5(?=M5x@-55mz~tIBbmA<23~Xh@f4}iejZlOh
z&toF(`=?WEi9ssLvM~anEP&Mj$UoWsGA94FAt%oXA!Pj1F|^{&vyjN^hTlJUrdCFu
zF1t#<pDeLj12sXlE!7PXr5tZ<LsThq@h)G5vEcLD(;L#d5Ti9Acl>xtNYWp|x)3Tb
zo1sr6MF*`_)qrv#{fk`4Yb=K<v6=zks3_~AS7}m#6mk}k_MRb1$es2LNzTIhh9K_%
zGMho@C^>YgQuL~dmnu*~2Hg&+31JvdCOD8YR*0gQJ}Z2vC18wq1tMd-oyizukzo!{
zLI%AXV(Sp%3jU(TagGxw?{Gw~+z?U8pcK-p2|?)Uz^YjZq7>D(<qt1s)Y{0E<?*MT
zb)&4hp$Dj@T#D(+Y&@N82(w+jP#F9YpkLPLE=9u-v|UBPVvtD6Y-Ab+t0gO<Ccq#x
zjC%Ew1{o*}STuf_7n?#d6vHS8<)!e809)wA0u31a0p@>hsU^#{lg3Hsv`hEs+^Z_M
zzdHBabE@cs;w2VMQy3M`G)Ici7R|P)B+%ew6Cem#7lCN8WU*LG4pa>jJ{!7)4r16e
zMc>Drs@Bq4$pMVu(n=OvI1y<@Xk!Dw5ReZaV<z7L5ZTU<oX9uw`1^@8Ymn1<{3<VK
z<};aWL`;J1L=uKM=>iaJv?f3n6Q0i<$R_3z65Z$GL#VLc>9_UBNyeRtQh(Rvj;^EA
z3mEGF0LXM0XC-~H1B0nt2L!XMzT~(X=S3A;)n!dM3~qbc5JQDU?FFZ}_XQ127-F@Q
zQRYX6==2$@x0bP~Dnlz2jh=%Bh;9YsU*8r;$lNfra(P*<RB&&jktI^mCG<-7pz`LX
z7enN1?xd1qCr~A+%PiKEB1{&u<*`A!0f^%Hdn3>D3nLvjyQe2S&m8Hv%>l=Q_at<a
zAL^c$h+G3B^nJ!h9xv#m_gSaU4t4ZF+jRJ-M23!@m;(9rERdsCE9n#rqn8}S)L5%k
zZW+DuK!qAB4>a|h4b@&t6RTTq&{B<aUf+4?9H~h-M8F#OGveAZniQ)W4Kf@V@76;q
zVTfr?TXrSg?PlOG+3tay?uNE3+jcX|R&2|%^SJkg4{UFzF_vZWT`Qg0KB?F&%v%iZ
zCCzm$W|5(rcP$uh1ai2$yIZqHm`?7Pp5yRR8)|3tynv?Q^%*xy1*}qu#5xRnBcFW0
z;RWuL^a2}sPG<ynGE1Y~z&Z=~*@*Me1jw&00~s2I5q!Q=<2W~F+Tp`<oVB4=9co%W
za|S_yJVt9^$PflrFFWXThTl4$f1hONjBDlLPL(y{{{P|>^&KttO8_~^T5gW5$(YwQ
z+jVo+MkQytmX*y~?7+5c@))ShN@p2kc7|CNbMsl2se~2*`McYNQpvK7N*A8;10K?D
zZ#o^cXQp#JVuiNJJ7;Zn=%Fcb7!URR^#q2RY^fdaHVC1Q^-IhFkh6s2o+*oW6kXqB
z1sy;XpTlsYhZKu7R_{5OQC@t>>cz5i1a*k{J#Fw-)fuYQl!l>YULO`%vB8{S*<lSh
zL(KVnr-uW30@bK-R{Yjq+Ufbf$0GJFmn_U@Gt;%)e6v}pgs$8T^HMjgR5n5>=gO5_
zSP9oEb7@2jDW9`W(pD25kj2W>gqNJy0J3dmY5wzINkE#F49ori5L(qcrfzN?mjHyf
z5g_)CkDY?&w0Aw{Y|%N^6BI<0byhg;v%L}T?0WEm5nqacSTz3$eVy^m36QCW(8ZpL
zpgxWvoChs6Ssga`=}TTT&RJua;zw0}YE(IH_)|lrjny)+4Ffi$_yI5YzURPwra+df
z0m4b}RzM&>5r`YQ-4j{LHoI0%?lvoPuG{UpZXPfyYhlG*L$JU|1PKd6LaA%zD>V5T
zb`gkt6OdnBi6JJcT79Qb-~z}#D?koS=S;`p2_Sa_5R2@H9{}P2*3w8US%^P~_WOM4
zcvlCE5kkpzF(f{YA%lTx^cr-v(=w+2TwHBfUD}C&6qmsxMnINe9|I9k20oT7UQi7~
z>kSN}z>)y+3oThPq-!-dLIEW2h8r6jSqVVoSs?DlMl*W>h;3v3U8ph~NFo~<x<3*_
zXfw6XXgUD|z5*z_>zk(IO@J(thXB-WyN?yEa0Vy>NQbpId0*czDQ(UU+nb|4J8pAF
zPu%DsLj(0$_5a!F_dNnKFusFoG>TOx0s=&_R^%Z^MzwKTMo=$DKw3U8QYb%9#eF^;
zIP4T2lwu7v{&VfJ-n$-1ZVuBYed&g@WDyW7TN0M6xm-5_5=wcoWPO>l?6ljIb5<rl
z29jqkg1%(CS@e@F%|iPJf_ef#bfg!G>2yj33LMzv2D}sS(sQtRPCyXUJ6?j=G0u70
zb6A14z33S2!@!P}fSG+poyR6;Fz9z?fXoDSQq=EwP;+QKDjMH9yy0^IX#q&<B`ZWh
zUF|s>0%jD{8w6zMoGwv}JI+oG8fzHm_~gYO+x9}<y14k>b=%%tlu=;4LJZG$o2Z++
z%(XJI1rLFjbXhnK>bAuY<*`OFd)qoeD|9P^AqO&mV3d?00|sBeWF;0$ZIK`<`$14D
zZF+qV$z3T3*7fIoPw{Y^`|bTcxd^@mL0ebWgT7Zo%2Df&bo^=)mcF;%C-H<qN!*Z!
zXuVod6)E?*AEau-Uadu`haVJ;awE3<vet^%>d9Jz)+{v{1hB_zeySH#jb1Iaqn(o_
zR%`62&{8`pHA7W<w|R(U+flkVm(AFDdoG=pky2z1Xxn=tNoiZoAHYt~U_UrW%W^(@
zkWXjl@GUP(_JJ+Iasm%YXY-OI3^yf)AfclXEs26)GS(ANp(PTq>QEsHjesGtB<P4N
z3Jj3QAO>H*?Tu@O8izuyVHhGUjH}R94Qiae8q^czA<z&{R0#StaYWj9n1<7!6NBGr
z9)e)}CIN>4Mr0!^sc5CKbz&C=SR`@0(Pl~~*8_Q%G6gbQTpSmwv`Kk4(&Lv3y=2nJ
zFc}%?kqS*48=(J;K;HX>ii<xxki{A8s(O8<K7A&2p|~5H;Xo>6IyO=!O?+~O$@wk=
zdH557pdNlL5a~@bF-p?ZE=?>F$<^v3+20-r6=|bJC_>ehv3=T$ghVHq)*{DiR6-bk
z6bL@1-VmczhnBCXdKE2G%hX`0!Y4kWv6@)lq6W4pkO<UeAiw$O(N9>i?!LPJ@LC|!
zc($h#D?uiog2=^p8fJJ%<8|%rf$WzMw^2Am+8)iTVjg-5?D&LvpWt|<w(gY<AtrXh
zV{H3}hb2%%W6lt{ZrdB53avWTBii7`Q^jgkizdF@7^o=sriPlP^-_an7|GmgG$@1*
z8jUK2@XK-$2p&%V=gR#2?O$@Z_u}hc<NwRL0t7p&tc+$mw8Il=YzZX^pBYTG9p*)*
zv4+EigwyJ<EYUYP3u9h>TOgE&=y(o}%1CGI4L%hK6{;O7i9%ne+KF?BG``U9`^d>7
zr%~29ci7(UK4*-#m76@|S|H1)BpPw!J3egGMWE1@eWV$2RCUpzQW}qljd5j%JLu?f
z#`zIU)APhG1Hnu_{N$U3`P=WZ9^8BVm|m8pSC=jVk>=bSO}VvgTVo*G%)&&c8M86n
zmH^`BWZ4aE8+9*Cz8EH@yG-OCZjObr^tK+d=<n$Xy~FiBTHO6Q5)+g_^gaVArEoX_
zf`W=Z3Xp;br&$b;nD|R0pSMd4)PBH2W<<>Yw|-sKjDYVn(86TA<aOs1E0xbsNa>;0
zm1<EIo?=G>X9>y2QIahoFTW~dAmZiY|K6Hkoxkmp1-bkF%18f!ckdoPeLAybA(z1P
zgT~*0AtKatDJQWo`4w9L0So|XR;U=6$>s<g^)n1WxuimrE&+M`;r*xL1<t4cm<{TB
ziF>+-87CkV8v31)vxfqEp<|ut7lFL-q`t^sJa3nZC!E7~IwL|k1@ije?mrY4`}fCJ
zJOqMloaP;Acmza4+j8m#JfwjJnS5$#K=xQ`km7ZaD;oaN>2mD)CF}mDzj=zcBkylL
zT75GA0`q&jS{8`>?$yfIAARt_C!aKDUlBoqC%bNC>>;x4<~K0YSr^IqED+Li;f5Ol
z3A3&MVpG}oGLSExZGHNIkUx1dE52g#<K0c(jyxnPsq~!@fQ<aT-B}={wLNp3n|J}+
z(>XmOS(*jX{`lF}2cOWjKKxU1nY=>CR1uYwb6zAMumQx;_b5*pJs&wds_n&CG79P#
z#2NrHTm}?6)9k4PkdL2z@%Yn^zFt{*wYvJ`$@>p(?I9rY+ZT@>eFbSsGqcxqrN3F(
z36L<9;0J`lW_Fr@%#DGNhDxwBi6LVk-K#+UvbBXvk$gd~Wlbfa6gqm)(E&uc10egT
z?K!A#^$RFA9s<bX1c(9+<itC6SlWCB&k#Ud0GSAY{B>(9y4ItufqLy5ZiTuU)YUPN
z<tnbp5k3IM2$qUYkupSxs<z5LEA}TquF7)q<E_7Z_2|*7dBQROXRKJa1p;|+_r;SZ
zPgYkq=B7l%;&Xzsp#UO6y5(Ak3iw*-x|vxZ612)2Ao({ya#w-;*UIbFRdKOr9s!w(
ze$F?2gbR3x0tuW_spNM61dKSp00hMoj6EYD!jlm7cNaO;wK{O4sVMC~y#D5ixY)u9
z#gMClJHP6q+}Nm#l-plQrBZ&KfZ%ZW7)ZRFIyGu+h(FC)I=vx=eDQi^9v1_R`T5WO
z1rBn{pdJx<@cy4a`{P0c<jd$Eh3s$%LBj?V$cCFv=QGv`Fd<^Fi$KszW%sd*NMj(`
z3Sx;kVe}UP`R4V)!s_bk!osuXvp^Dy4lj%prQb10SZP<^E%7q~LX$oPa%h?*-cd{w
z?m&-jt-XGK6tKg9mGl|Hn}2vczStjc0HVbl{`ro&-1vPmnH-2m=SGU-!4s4+W5r&T
z)+Bl~l5$uPh592_*trqNH>(Tu@3R;0KLC$gZF{G3_wIwccQ3stC)><Q0|;xP_-<p~
z<%(oAZP+l~7k62x!82E~n=nPeM=*1{ER-(qvR*w|xc7kM-v7-8b*x$EY)|ZS>FH|V
zm{^%Seh455eV>hENC`l=!&%|%j^9y4^&X>{<C*ljfj7JD-T!KJ;eW)%e*3Dd&c=`^
z3TSE#u|ZpIFbAjgvBN?j;YR?X(sT1-%|TFyDPW8@j20SasM1fPznR2vWnunz_Z|qj
zJH~OVS4pFv(w8ehq<k(ziAT<btmV>_mSl2v?gYl|oB*=6h6DY%X1=nGj`7cORAkJ#
zYgn<a0=auF5Zc1FDL3@YHpDa)GPOO=ge_ru2^wHxnWJtKNr-7iCLsyk+iZ_!3G3@$
zt*(xNJOYpjj0-RSXt5&YhP`qTQcj8|Q^kSy5=L~zdP$5xVi+q|ld5P2s`gLr%~+>l
z7zo2trAW0DkBO3|8Bqo{Z;`q%gr!qf!~>Ltr7K-Jbm)SF#D>HR@Bl2(g-75WcnZ$G
z94F$afs$kBFU7XbiK^yHe2(>d%wom}BpktyAqprC0>V;p8wh`tTR}}9;Z2QQaF8vl
zxf-uYf)yNHK-?1$5)f8Kt0(N8gDRsQtTO7PkQF(Hx`5dKi9pCv%?3udK4SfDHK>Fv
z;wHnTX&T0q_&S){^%+=WF=V#>Rw9sT>!u!-)O{en{BR50o~RGRK0^q^^Q^lPMG=fO
zCr~$s=ww^;0%7-idwq}*F)gmR$wprg#d?5rs(;8*aV%`M_JPQVa|i-a2&7wVw&sY}
zAb=F}#6Z+QZ^+RAVf|#t`jz_~i~k(5HgCfFLxN>WK=i5f{*cM8_yUq%*c`BTqeojv
z0fkMLf2R3(8VU$Y=Z~^LlErMEB9M_jTf-bljt9($FRKcHz<qfK->4jrv3cF5^FIRd
zc&KoCzDOcL9>KE62}m42JUh3Jgxu_F2hS|#5H-@peQjS63Ax3tyIEchnA9;9DSh(-
zeuP9uQM9_+<hU?xrEj;_*+fhy>rdM3UL}GU2;g|Nm4Vm>1~y>j+F5KREP)hbv4j0_
z=wV@Dt9Bxs2uWdc+<_q6D-6DYwJ%_6ZR-n|!($h(n!xU_U;f4BgCq?R*uPy?Y4!S&
zj)6H&4&?Tx=SWD$W~e1gb+1+N{q}ksmv^U3gy6cjN_X`3^l>qY`>*E)31MNjqfM9V
z&*|!H43DetO^m>AV*~t<&b~qBMu?YnBgR~zC4^9z{<_A-7+aY*pUq<{6uE*;%&I<i
z=$WI~tc_wRMnpiRQN^$`B+;csvNC}uHUlBTk1b7K)hftiu!N8iBLqOFi*C>w<q5@~
z*X!IEq}bpyBr$3c5JZS4h#-eHJe2x>%mqS_!0M{XjQO3Iab6mO`UW9Gin(82%viNy
zAO^#e=<<WKYI0Yv_XdWn&Tb6%Duzy-{ltZogI0LZ-#hnP5=h8*=*N;SP1YSq$ki27
zj{4kcnFt{2A%2yt>{w4u28|_BPyRw#_D5x81+L#^ME{l*fhU<ix7nOQ5UhY?Wy`vd
zG6^zC%dGC_>=XhS_k=*uUSA<6ncp{cP=xwOUS{XID0*xVWbv{e#=4MrLehV~Ljs9U
zUV*4wf$+Yc7KrfhM}e08m_eR>WXr<%Kp;sHX0$-?r#d6?MO+0!17^#5yE%~Y{AVC?
zUm*MpY3(-5kKr>!0)&m9AwS9kurg(5h{(kZ0XsvkBX+-O%MuV<PxqE32^q0v5wf8-
zbvMsnE$VYGh1k?hf42`e#gwHSAH+QbFbyrs6#2tW#66?{W`kN*ME&t4t<9c9gR-lh
zB!CiyH~|#P1nTuxRuK=*R*?W!3d^HdCMn=3(=wZQuy8gBphX6ld0{qDv6TfZIz4le
zvrpy|3nZlTi3TT+XP1^u5<ng{X=&YE@oWOIfYXX|0@0wNqVSN50HQ3H<o8%Rb=sY|
zL<8ly#DhE2rmh9f^6*eIhwwn=aJBY;_65=g0H;Js%i<6PiKa}e256H9Er6`7l~qMA
zQmahB<>;LdWgsvm0s?`lsVPh?G3rC6t(_!5^`R3Ufk_8|vwE}x64Ip}nv(EgWzYsG
z+5tJMLKA*Tcy5gE4>9G&v6=)%AukWYu>=JNFb(Oq=i#S%r7oaVO6xgw&kooOg@9iz
zd}W&kMF7_#2aS!uDLiOW>xeZqg`E;d>3l7=J%*;-*R?>F;VQByUzbJEOs)jZ1$AX5
zE<l^mmjQu_7;*vb;{mM-J3DwFb4Hr;rYggdxv4TGz?2)l3<zbhmhx2J4tYtmeh38-
zg0?OTv<@`;IJuw!xP}zhx-2coq!ACRBs@aoWHpvmkPVhC11>PdwNMUb8Dd?QsWSJ$
zJJZMocMfvHHhsc3w!_zDdDH_fqs_`ii3R{IXUy6*5XJGasWRQcA%U^zqo2X>C<z>)
zsEb_+#fx~*42BHm3LRV!QK59umeFIuWUw|vhd72V!6anP<RKkO=#<4@p{I+glSPA#
zT0gkw^TGM=dq3_p=r0XE#$mT+gmF6Pd){M4xtHc|+a1yzf0%dTq;ACT=7+u|Qn8Yn
z+uS89X=``5=!CV!!p>s2+baB~CKo_nKhyj1KOR}u+uP`0v`Hba8K7vA+E+5KF<Ups
z-x5g})D1<q2R|*53J_DH97yJ$-d%)J)fYpO$wCvUgmo@%1&H@Kl>rEc)eQlhrTxZ6
zR#N}zyd3~yZ85|^gr8pce*;qS_G<U~!u>Zf0Pf!JwW>~S3uNszq{ib2je#35_J@by
z9GDG9m<-M;fjk$%Cl@>3CP12p>Ao!x1_3XZ3rz-GElQq?0Qr90d=yA=Wa%sKj}F7q
zJihYFqAF&;mc-Ec^5*&K9;xYmf3hJEZzq+I@h}a@?Y6UGBXe{T#6W;h69ym*1Kohy
z3;-s#kWbPX(^E^N3Z!&o`Fexc)vKuMGStCLR%G&o03Jqk1Jx!#ylF!T(c3#qqynUT
zWbNJexSfTO>k^uhBN(ylV<L^1$cMF<S)auO(bcaqkgY!-;$6qgaq_|nnog7Rge%E_
zDd`09EFcLgkw^?ccaaf>OFhVYX9SGpOn7wK_q??`#P?4w&03XisE*H*qa{a4pcJtn
z8U<Q76O#;)q^Vjo5=!FDG{dhRCh}Kz-~HxVAg!+_mnDn`N6B=_kO(jn>y1#0VKhTx
z2w7K=>YXv&Q^zw466DoTzpB@Iez(0t8rSiDQP<zZozaWq#u>n03bg8z1_l*E3q$^f
zuJtl72p9oTAs_@)nUER=2`CC2kkIL<kRHUL?CS;seVO#dun@rkBkA!d?qdi7E(JuP
zltLd>pnpKWvGIBL+&kH8_BzL{)-vm#Mn8SuH)BgOsx9J8FSKnpb*HVkvZ>aS$m`Zx
zUs}Bqy36cst+nCNiulf@`-iT-_zrIPFe3ymVf*MdJREx^=0jTDSlh&{wrpJl8kiZt
zS`lkwDqXD17+Y<qvh>bA`t~26gOQmFcJ2wGam#oWh}^dQ(CTh<Fk_iA?!f>sQ5QzL
z-zHBQ{{R!e|I0US^t-Pi7hkY5FNC;#x^=?!ihGFHRz%ZU$C}l_b#mPeMw{3+FO2G>
z?yoH`txUL@h_`DXM7ELs^s}GLq%4S#gAkNj9#Vd7S#4CyY;tX6Aln9PGu^DUEXFpM
z8rOwPkhHfiX(-lF`wX(y84-dK<AsC|<*2MGn{_WuoDE%~v~D7^wsD))CI&%865z^?
zFJV+b&pzJOksn`_vd)hX=xS{^ACi2<<y7~)W@#g}u^=SjrYX(J$Oy}c$EG!0P8h%3
zM>0}@T0<R~Nm+X#4yH=Vt0XXdFv{>Kkt=D9WqGvXb#v3Mbfejz@lacXV|`Z$z!IqJ
zCkt_ZV+Ftx%PR{o)epg-P1h)$!GpEUbW)GpvMRS$RMTA{0F%Ff>#QHIhQI-PBm^SF
z(c>bE+bOk7n`jm4u{LckJEnDCP04%twSgTITV4mMxK$IqD<lX)^~pOwd2`Cz3vn<!
zw1#ObyCyPf;<lH%G;!NR+HjrJhDFSdgT7U%>_%z5J3;_fC4Yt~`<sTn2O$m?wwl$Q
zEc@Cf8l}(?ZHF#Uc13bi>o{tno_9=|xPZQH?g-IACfLXBf|KJKa^}0eKR8(kv@M=U
zZHyo0@IxhGAYz@FRm6g93^Orkor%n=>_(YY&vlQygAfh-D0G)MoRqTmsmJIIuZ>}G
z&$DLGxyhqOWeLj0!I-?tSZKhB=}9^vd{;;&c=QA&h_ey0r%@Ie-EisZL`G#_MLG1W
zk$F#&K8%bJ!3bR%qE(KR!T6pK#?x=ylzrD8cVg&->;nWEB0eIR_>@qL2{h!!?+DgW
zSi;lrWIplG=dl&!6(J~qvDWEA9E>82e2fV3C?OR2jzAoYhOi+NBV}MMs_cloSA<9y
zYyE7ls2^YyReKo4*ufluAO|DFcU&Z`#{p(~fZZ3uKK_rp?c#BSJX#IeZ@})@z`Ngf
z4VL?d+l5FxirqZKdsT@1?vu~nIVEM?haG6gFgFjum?aqB7s5FE_6dBw!n}|J48IPx
z-;glbfFI}|enklJKmO`{xG3x7QP%l)ayS-p+z8?bxuXg14lzXT@5W;xFP=Y#%jD*Z
z`s-i>VB~+n2rTXkLE@L+K7-r*&DRj`xM75LFuH$)@6agrj)dHN{q>h{f4~b;*5yKo
zD$BCn2&NJQkK)#DkayG$Mcs#=nOQ>}d4Ld-v_MO$M)lNX{ML@-bucGHAfW;FTgY0o
z5pvY%;9z~&G_G3EN|!wtKWYadsH*ck`Uqx-kC?LNh1539b6>6Mj1yFq(T%})Mu<|P
z{`EUYHRLE|9W}JFd7d*l)hk43sBL6@G9yF<BK;g<<TXY84MJoGuyHV|MTqdajk*n)
z5fTI}`76|s`I-9T3CVjNlCbQw)!LJm40c0igalb7)=)=|B4k!by&@suQK4I7H$%Cp
zx)IF@$%McD4H!9kb8#+0q$ND$b)h?B$4a~L6`B!}W-<R4e0kEmkVi{dXk8d<{MxL$
zrtH;3+*oH`2&(@CQ}%OH7E+zjW~17=OtcvapLhMd5XKeUJ^t((LgmtEJ4%}t{mnFh
z5Hs;vAq|(`ybm!l^Y;5A){xpXO~X}RXFQm$Cv=h!f#T=xR`CZRz&k<678XkL{fa9S
z7v70N#Iq+bWj|Yp1(-LiWXp#$gj7$zdjH*{52*H++032&ez}l54=X`ZQ|CONhLWjM
zQkFpMIeeyjc7)WXszfMlZFo9~vLCvUoFK%1_5`LQXV(zxV1r3p6x-@1ui75X3nAp`
zSMZtc|8JC47hPA5acKjdO}y^hF?*U2_@0ELqCO)eE4!`;hO#qUO;nYo!T2O0zk32n
z>%37Gi3@<4s%<TeCmeU(<lz&9gik;G@SpQS&VT#;G$Gip+~*Xe+J3x7LLmq~O^ExJ
z!!wJzcOOO$uz4ZB`ssN>0On`_s~iji3={7}A&|3<guJCumWL@c3=6!SyHo0U7YI3u
zkYgG?z})ggA)lWw#KGu1Y+lIScELRtUn_(n?B=a_|GR65c>8q}?Vd-wb!0}!%sgZV
z+r0|jGtnNlTVP6n=AI!lLS||Rz6T?BVPp?;Yj#V7PZjd0H3W0nV^Rf~o04&s`54v_
zHButd0Amluc|zcMrgBDb7>wkS2;p(ykxFF(UIkT|fcPVF2MAyTh{yv>!laRTLotyF
zeuI$NQ5F(`AVlU29MCXe7+~Apgxd|+F^Ov8ydfCL9^)AyXO6O<J)njld1Wz=7KNdh
zuy(m29!6?uP^F8aM^s!bi=GclTNK@f%f-Yms3Bx%i(8&9m)6I)x+zBFA+-PwY{0@$
zQniJHwOvsZBOk6by&z>#c(svBx7`GX>7u6|jY|hei>38Q=$I%hfeGuXtIo&g*N_WO
z13DH$<K@EA;VQ4Y4XWBj0YZ>kELQxwNY?h2*F{rKTopQqi*YCyhCe()F#LUqs~3}6
zjwl3}6QXVPo*4?W2H)4q<i=82wq_`M4lwj^AsBiCFL`6-vPYy|EPCWo8HsWQylYSu
z7x}uo9m-Z$9~iz~*pR%1lr=9Tcwtd|mB?;HB8Z$2BGbZv3GoLI5?Oz3c{GJ?#ZB8@
z5+RtS5eWHW8m@X?rI8bY1(nNeD8}n<<f&ugv<o@xvG2RqaQxsJf~#O%Fy5L9wmD4F
zs{px`^&+Xte1Mpc#V9)=E#vXBzb>^UGeRE!tP=+(ymUfF5W)#pAOs_b<Cj9#)~jt*
z_B<+jSwyWB^z@>BTtn&tSIemaA;j$wgb|m^7D4p=tz$bO{@O+4zae4Wbc{Z{sAHbK
z6oPmKLR`<}2M~S1LCD&0SsGDx>#m`1H9}rn)IrE_W$JEZ8=is?Hj=6^aEt~wR<OED
z-kXMkr3+K3vUF+Yf})P<;uca?x*Qn;!pH@Smqin9Qx+4-r7ZDcyk1x#+j6<=>BDP?
zvp?=qmSAWAAr(`aJ@1D1v?@j>9aG%o!&S+KvRp2vHwZbJ7|suS9~dDXDlO*qqF7Z$
z&$H!*uR0Heph_=_BrY14>H`~>izRf=9c}pBl=ablAzT#;TeXI(#mH6XYN|nQ1BR}T
zfH`#RgKeP?BTMlmLQ+@Mp+@?xMQqvgxJ%)P>fHvIs$8YZA|LFi0k$H%?)+0z*5ghL
zNz5<_rSw86h-f^*8XPtPlS(zTl9;ImF;+E=l(&>HLC&oqKe{6Xvj*cZmOfCaXnX)d
zlMFzOA2!vN*@Q8`1i%=%WMYT`fJv+bj~n7Q0{(|WH3WLAU;_j&-5Im2X&g+91kVV0
z+*3&p6GOV2BjMdNcKeu;m+Poo5WJs0kq6AwH;0KK-odD&Y=Ou%x`!Q@TNpimV)(~{
zkS)NYcVN5TY+<l&3nN>Y>+S(YS@f2L{P0tT+*V)Ga9HQ_LfqN!?qusrX(X*r5dtS$
zD|9goskbZyzBVK$mu@zSBX!Cs3ob`^io;7`45Be(^FrWq1VJu^RZ;qug}|km2_nS9
z4~-5=(GcY-n~xBev;H0s5<VP;DXQvPofIKIfA`CkPl%84gJJ*W?TT632EyoC(qNE4
z+|cRpZx9>>fw;k1R0td%A}*5!9TEjHxNzhG#gHk4F7+NdB$EZ13&ja^DP#;8x|Kqq
z(Em`s%Tbk(_}V+{XCnkgJX=rC_wIC`E@px&4?zNMP@#nCjVNTpJkiL!<~T*A+aXZo
zTDQ4383P$7Aae-<Mbe+V4k9ZwCyEf6c?_NSIs_gW&o3^7FEr;u;ZG!SIm9lWdbuA&
zR)MUgnNtwdM8BI&CY3K)#knT9)M&OohX7bW{kHOjAc~k%wBZ&6io85O*sg>>nKA}R
zGRJ5y&`bMQJD<)1$w-qVYjp@bvU@vJ#1q2>NE;;^vC>XK;F0s~vmi3)0rejf<nOZR
zo>62LN+#(>R&cVij^XA*hZv8HL|%HM%_YMOKwh~8fk!^_ybUBvsMb!0K$ZU1B!sM$
zQDVZc>I7MB6)s?kqZ^bEQ$Hk$xxK~7KL~;j`)NL4-eeSHG02vtEL-rDrg!Cl29Y6Y
z3$>=f#cmZtp3^u4?1T%1U#B4Gj=cX$2O)H{HjTTaOB!|iO0V`yHi$z|m>8K`K~`Jz
z*?DAlUa7k9MXfX!Cj8Qef^2rNw^QU=2a#3xWDRo(g3I~)9akp-WWwk{8s-)x{GNJ;
z7jO4I+;V?ZNQgt3P`5*{EaAboo5KLI`=rerg4hRPq|?tKWLhXihAoSz-!ve1?0w83
zSfgn4S`c3-gc9?uizOYyPLW?<ZV-QjGRF$_Ut6U>R<el6ry6xgVevdow`SZsYgw`;
zV$CYr5cuO!hammVbx8tHN)|;_?71C+^m}|*2a)9qvbes6Ag+Za)Bf}@?3cBuSubW&
zcgh07mtM6V+0~8AeIXl0QE7iMb~^+fIX{(62pNka7QH%lHR{;(`n^dWKqe!Q(I2zv
z+ESLa$XE?x@91mdDARkRvD+a~<Va)#$^t;Cx;#2MSlWhQ2Z~H}vLN%K!$A?FaXZ_Y
zu6!zK2RqO>%vnhGE%bam8jqg29fD^y={AZpZ?Ys83q78iY;EfS?M|BRfGh@G_UC1g
zb??mX*$>Uef=cyUd9hOwi>+zg%0lFk<O2tmQveR+0OKPE$94oXASaiwF)y#lmpsta
zl((@J7$2>><uLY#VCE1|#eN-O7df^8^T*U!nr}xy0K`Be1)#JvIT?sK2t^2Dps|$#
zPzwZwpbUber_POh44i4m!5K4RDF9Qaf-;CQjd$T<0*UNW3PCciEp3=Uc3CYYptThe
zAB0+2kT$ULlc}+kfvJcsZ8Ta+iVa9KWG7PsvN<Gh9bkqD<d!AurUWEt0OJEk4ngD*
zZZHiD%z*x><b!?yb63#XIFf}=3u(M~`=~~-wm}!O=dB2YVXmG_NI_lAN*I;}8K#!S
z&0f?<2;;dljR7}?Wfwev31HFmxfc-!1dJAwxiq>Mu#GP<7-%*>V85yq+h!)3?l=)M
zUnEu4drySu%X^<nPE=<z!AI$jPVNvAT{|2&_dd&ai}hHILxFQ8AD_L;QnV0alEYz|
zMBYa~{s&ZwkYCMu>c*jvXBTIP!X7I)kV8>bcx*y|Ul$=j9or{J6B^l<jk3ypKTzSb
z8e%fW8fwjY1=vlKm<?o&8ml0I{h&QlRd!3g?Y$G)KtR9CbLV}T_5eZ*TcBqAsEic^
zBd!2HH&Z8O1=2AyiMpujNERFNW&<m!Vt5-=F{N7(hXW#r=vRS)w*i$-h~`~=06KSh
zf;;AtS3fm=v8WsM-h4h^JGj#7Hy(}g1O|-IS4T8xjr!UtSS7z;9-=<R{ZB{}%C{!a
zxRrt`tSlZ^lbDTiQx0!9O{_3N*2n-6MhIg`d~2x`5mJ81(z{l_-*^9_>3}BoBh?N1
zt9^qm(qrJcEB#<XYISZU38i49CKCls&8}15hFnV%j{o;eXjUsCq<E%oE_fJi&JuoI
znawt)x!E9D%-LoZkJ&J)B;y%D&>KFEHc=9ulg(xWDiAsoK|E$eo}pH_IQTB>@C?yk
ze9&ac!W?g<W1bi2K^v2k)u7{E1bYTg*8@yD+(3H>A<OA>Lf5vD^?Dgt@O%Ew=Kj>_
zO>74y+j#Hz!c+H`KF#cV5Td?V%ZixE7NgmS^KdhwG~BWUQijH6nvbY8W>vycdX1ph
zqq9^x{>eEVpNXKHjnHqIUz#Dnqi0Ber3HcRSysQ>agi-SfShq(23J;p)s+TM7~J6K
zr7IfkU=0Bwm%GV(+OyX*40&evc*y6wFxzpybGR_oI80V%uicPZg@hE()JY=_&xzFR
z)QY1K-IDa=JU)qrxbDeVW(b19u_=Q_JUUOU^9DZ|BB?e*nlETh(lNBZ;3b&lm#nr6
zyj%rVNB7+BAn0EN?u95#fxFV&7lQ!|RtE;J?TWMs^uq~x5>iSn>tk*0Pi=lVv3gS{
z$-;Fq-__>trqg)7<DtFdmw%_r=@(?kZ;A*JqLK0+SVCK))Y>LFgNA?*mgcNlk%Wj~
zHj9R%go2QqE$Ei9Fkd7maWsSX7bB$G?_$EO1(r8JJsJ$IK7fe<c5I&1mkSR*D9Y7K
z9rlM1Qs?io%%^jds4%panLB}A*xa&~(@BC1q4ST)<<w4kH*{wk{Jtd%sIV5Q5tJm2
zQWU4eN|Q7m?hz83AcQ6S+^n!SX)B~$60&7)1R)4S6{AvU4u7*X@DL5@2LnhpQbG}O
zu}{cFx6|>25Bp;fvYgt}HQj|LYoFf|;(X-udAOS-bH4{g;eWM_`x8=CbO^mhZDNg>
zUW1TE68^w8`37B<stjSsAM=KSA_4*V^Enulge;IH$dpA4ixo90K)G*}D<)(Gk0ivi
zRLN3=w2$1*K)>n=U-00Pr8H#cB%uRhc6>QOVRGm)%qH}mElQSux#K+$qDs~Q8X{_z
zHI7qgcNm)NhL3a3&s#K3>6ma3LboDC2!`?4ibph$sdX&~X`~3Updn!%^6SPIY6wsc
zA)05k2ikX1wN*j{uG^NPz7i!1e*J^nx2)CSgcx;BIj3P}gcQ;}-`!Aj4BngeEZ-3>
ze`kRZKDXBvME$<Ez4H2z#xNeoEt9ocgqW|<->^n2j`JaDZQ1L%ML?ZdZNY)G5TW^X
zqjd(6Z;j(TV&aSl8dB0s9Z*Xi6+i8j%~3nhG_Boj<AS&4Q1{Ts{jM+s(h#(}o(JE-
zggkLFK-4L}mpNI@$a?<7&hS#Q%&{Hc$Neq_1_t%aN1#zSQ-7~S{ihEXA=S(@86k}Z
zfwrUDAVgTiqZ2VEB8-S3g9Q!|i?lISkg)8nj!?!&xW$A3nywo7)jUvibqxdTfH0_C
z`aeU6S`_Rqh{>N_gRdrG7`F!ljv6*KP=*?s&k!Or<hW&$PbEt>WbXkZ`r@c2-+M7|
z0HTow*;ft~rx-T3Z%cWWr5}|EP5YD~PygoF1y@o6Ew<aXt~Tt-tafQDg56Vui0hJ9
zh{_P`Dp6Ed(xMt*&xl=`RH))aH8}3kG<)^m(*s0Zw#5NI7r^KXOCJBb^o1pxk`UnO
zbMdD3@=!M>ua29N5a8**Mogqg8ITpQ_4ax5aWzDqeeq4nORplYL5Ny<RsOL~Npy&%
zS5egkA@WE2{Xa%xNy$bDFbTB&PtDWj>2IGsriREA`R@A?7bn)*U!R^HfBQT2&7NOQ
zga(uVsXNZA<I`icY@Xo%kMVXGot1!SxXr(6;wKY}CO)EuV0-rLZKv%8-;{u(?>+Cu
z*T<*LW3?V8zFG6qcP6EzNZoOkul{h_#5Gd?j)c|QzkT~vIrtxKcWA>f5JLeJnVsZP
zOP20v3$s9FDd3lQh3*iAhX&sQ9U;SYfmTtXD1mMK;E_+hb<CdncX3x_KAc|tdqPMq
zb$Ud(-`rijk+g<c|BUkL;SOY`mGA&~iQo=Zn4Ep!o)XE`pa|h#P_4YhUUR2i2+U#2
zG%mdrvavuzptL4JhY9&<3FeVl0W=88zD8_gV3=3hmzE{vAW4`OC;lPx6DO-f8)2xH
zn6}P_hPBn24>?zm0wD|oPu>RF>-_(tOV={cR5ofFR&WGK(>9ql*aQ&^`|7krmK=~9
zzE}Jwn4&B+(lrB(`22bx$yqI=jt&87kcSmd$Y@N~mjiHg$=)uz!j18PPf7EDL4FL7
z?;xH-^6|!i#LM30#2`6+Bk}KmKteEw_@^w|CFKYJI6)D9UYZlwJYy%K&XXIijOzhz
zuDcdc;6^~GvPZ7S(JpCprWz~1X=$!4u+*?BR&Lk@+3pI8i2Ceg9#Je(dpy<P@c`Ej
z`t3ux)xEZjwfURXUa6b|8K#_<fXvcPIE_;kC&-sUv7nvNIFOX7t!R-cbfl{_gA*2-
z1VoH^*C7)DLN{fWy2XYPhIvE0Zyhq11BAV4p_TA!X)z413BGFs`3Lqnl0U)@ux~WZ
z(Rt4E^*iU$<D>I<O5*Fr0pSgU$CQj7b=DA`CwxMVTf)W?DjC8|lQ}gEBg4AWiz7I(
zlTiF5g9%7tG_eAHxUtN{Pb`THIf)#`vOpP@DW3pZ6!VbGV={3Bx3Mzet|Nuv48utH
z>o6x7dyNFsWU2^M(!qFa4!F$RI8R4F81K5n#3W(33H$Gc0l@`T)6@VFgfUA5jFD05
zBa8^65s)0M^&&c_MTlb*!Hl=+Qw|Y8T~bxO8{)A%C}L+;h>ek?#p3(tA)v#H>5k<^
zn2fC8W>uk>AfPxDx0rtMb%c1-PFr0B6UPghW%U`8nPU9AUq?SFsel4+o$*Kvki>As
zT$dwkJ|A#wJ^>F}cPvX)hjulh7{{KNF?Nk~F{VroHOt>IB3=Z77u64xO^Yf6jFPnw
zYhH*8)ldWiKH_YEApi+9XvoN6?AYjr#X;^_ZYv}=3kY3&x<4<OzL>FH4kOmKv@W#;
zgVBQP%0xUg!xx*`2pg^~QvwYxJnizt6$rk2Isn>`T^ZSmfMr<`=u#)bjL68Y&11us
zPr8WbIeOo7+vP4bfJea({^G6Qbg`_+*kF1X+3uVbB98u4orgP*i~5$E)BTKVa~Z|O
zxb4npVcjlwF~mymyED2Ej%08I5Nx>w<D_+xy-g9Q$N=7EWkn*}hp%i|t{?}D2(rz~
ziW@&nOqW3i2#~ngkq)qIy98%!TM%!VeiQDrC|v?%m#2>H>{&csFatY;%teBubvcMj
z42_vI<isKK!!1gI<8FSpxqI_~=#lu(=C@z&Nz!w^S(dUxBYnJN4jQ_3K$o&lyF}bJ
zuTmv5qDzvbyEBr08r;b~9W=E8#S1;Z$>O7LE$RBu-RtNZ?Y+}r$<l^s#<KKht%hZp
z70Loq8)gdS0Ssuna>-g7d_0!-y6dW@Mqf&xM{>GqUQ)t|^Qw1138Cr7nBt<`c&eqU
zs^vqzn3rGdZ)JBw)Y2YP;JGzR>xCcJ^dWOIpd6j+-Rog`l+{k%lBB<dxN?Y|3`BbL
ztesX>zwsaHRa(;nOpJM5>qO^kx&{z@%+d3;;QbF;HfWwmQjb5f!b4r^WwdO^Z|G9D
zotCuhcN7=0roL;Gy5c=+&5AH`(%=}N>p@cod7hx=Ys)$~$__6obGP5`-#j3aPn**1
zZL@yg402|$><MW-d+>2>b;<NM%|S$9dZv^$qq}Rn#XaxDtmlJ5wi_CdA#~Fm?&qUl
zE%#T;e{wn0gR{48>8c?4ZQZZ+ga?<uTJpzJ9|A&*!_Jmwg-+RD?5%Y8_XkVmYS+-W
zn$<o$PUoK$t@1?wmU6hQtsRI4hnjkd@<e>{ZYxvn8B04_rMdS%zYZ_75CN}Fc_cQM
zgSO=VuE{f2^ilUIYUzWb#<kw%Tjk;FO4IrPo<TUE_+6#6ZydjRy}`d%qx*e~9MIMO
z?USmc`_1YGCA4;`ytC|Om~<t#Hu(ExGhb<#(UIiWvccwQ+ENa)1Bw^T;K`of=!)}0
z?*J2g<dNENu5X-de5Lve5F-3nDJZ^ltSHyN9*}>!NrphOrgy||^s6Hazo4yjHXFQO
zQ`J*{Q>B!H3<=~$Hu`7=KQ4I}nq;M({4fv^B^)j7Lz2_<!H?Sq;)~(i4e|Z1T=svp
zj+gW9^5Dnq58Hk5JRf3?NA10Ovycv)^nTj=`hzHnjjS1dujlux!Q6`Yse7T)uU-e3
zG|LA$wYo(x1VqG6<>EB_YH#Ow+1sJtocQJbOplT{AlSKTSMw!3Ob=ev4#e|xi0NF`
zvmoeJ^y8hkJ^Z5l7YGPGJB?_wb5VYCygYmxiOrgIKnQX`*8*LDa9r(ULQ6Y*PSYP7
zr4{k}A0F!u3tC$0aKH7$bk@_<?7@$}N)g5jR`}v*(CCZzhaRLP{`*6i%3`@H9X#0x
z@0Qpe`9N0(juqzmxBjt!B%Nu7q~vYMFQ2-(waT37-csc>Al;Pi-5Lrtiy%JUL*}y4
z*;?N@^zPrgkXG71bd8KmNYfjLn0}=P;$fG5Om_z2$yUJ%f8TZPblYXWwFe8>YV7j@
z;qkf^wF-N|-@49W^}jx}(zE%&F9+vUx40~vd=S(9brrAcAtH`CcyVF|6v1A`8|7CI
zcJN(2XfN0D{DPiISC(#5LKv@^e%0tXOTDHSyeM_WhDz}lTHjswf-^n3tG#*4gG<cw
z^!J^Rp6{%m_=V;9Zdf>!*TFn)sLmbB==mQtw^)rZX{Ni%R{ij)U-IOdc~AEnor^t>
zO0Q7*w0?XnJ$AIy5TQlWf1(AAZfkkyK^XCG8+g5^?K-8$PgbJu%MnKHmu*P4I77aB
zf8#v_FY1ycJw^+fBn`th5IrN^Z%g}SNm>bODu+06S&GDl6tzl{WCh!LN2)a6Nmq?7
zMFrKTJX+Kun$z~Rt+X$e2awYR?O3Z6)$pzwZd&{1Rp}Y#(TwDIQWbsbE$Q7EwcLA@
z4nL}LIbY5<(|#*mY3oC+#}N+Cck;T<9=>&L1)h_mJZ+Y|@?|@n*HkC1Y<EJ$cyG$R
zD5t*EF3-J4ymh*7b}6oTh_;q1>t<ekTr>BrXONm4EyG^)X(dz2moFPz*g471s}aJt
z)R($f=ta$PK7Gj%yzoP1QPTAupOYlB`$?DYz{2FIW`0<JRhex7^@<~?AbI5;?2r3;
z_b184s9^1?{cZ21UUe>`@6$d;j<#QVlhH1J-nu`$zj4#AERtcrQE(WyQ*|C=Cshxz
z;$qu%QYitu3SssX_7~!el5(k0Tva%bmhFg;jLqJ(9h)P>o>hn~7>Zz|d}Lqw*s)PY
z;XvGW(g6mkdcCgjG_$&@$i_uQ$k@bCcxN`n!wvLs`;p?Zw|3*=%56gryv(i&)Rqy-
ztX2dH{K&BR_G$<|6CT*HUBTrMLlqIjju1y&q4c;|&y@QY_4qhLzygt7>^!RQvW#%%
zQANfa8S7#Ofh|NGT(C)FdsQKhLNX}@R-(NcQ5Zl?Kpznfrd+QG*eF(P*-6QWL+#l*
zm|V5pjLQQ&!bU*CuFJCQI_}L+>X=dtxZ%cL*;tF=gX12;$$K>cF#>mrp~J*6MIaTA
zvKAT`W>j(@VFba9&CELigpFxa3Wg|+1yI6AFvj#^n>cpIw3+b{CNzcx4URR)gqMgS
zjwcEH*Z^+nfk@kCB;r^yu@LK{v9XC89Mj1x(8MSuD1nY)hz(;H7^~rtV+2U}M4dqc
z5jG8;Ppp9L__}#<ae8i@)U6ni&|?mXd()v<W?XDYcqEn~BWfbTbTFBel&0k<!j1c5
zNiGS)^>S6BFg*zaF}|+DW|f2~IK$>KHr#8H2~d8j$>@>2sinm8hz60QGx_7jT8T@<
zWKd#xN+ul+k+>uUIycOa>13x@GBQFt;>bK1OT`b|2$Ud@u>#4+EEvLcehKG~hU2sX
zaUiGGSQppbM0wi$p+ChofsPOnfW8(rcG8p)y{2q1pi`15OlhV;t_3)8FakJ<0K(VZ
zu;~&c$RxwZ=>-l5EC(VP0Z2oD4=fG^-pvC-SPmv%9V~}&l9d=}Rv?IT)tL41ND5)Q
zf?^ep#}@%*=?vo-+kFm;h2s$6Nor5NY?$F#4hC`aWrTUu?(<B7<^syBfw*|fdKQaw
zAjFzDU&eYQ28u}n4u%pZpj=GhnlIv!Xk0WYdii`cg_%MOfnESO%<LwmALC^p#;|GJ
zAOkiEV8;HKX*QqsRTzV2M%Y2#zM{($H!yWCpv^{JSnhM|)L-*_jF+mu_#ht=)UGOv
zUfRnCnA|)d$f&0T3cER%aqCK^uAq#o)H6k(ZQgKs$4x0lJ)%lVrkOf4r4A6QG6s-}
zFMtk#olikdown<>YKV)BM>2|AXElX-UBI%fzz(P&?7DWH+{zAk0^+=^q=csanP&hp
zwqk25VJ4N55wcg~mj{7`#R1cXttgNQFl1u}PO!nIOE?60!dB_6{Pnj*7h!oUN*`FV
z(=dGshA_^g>h!@bwqugQrtFf|a<^y`%qC5pi#oq3^%;{8&aegK3gDDDDdMon8O6FS
z6JnGsp*&!27?YsF4?VHHcG;3%5eUy+DSL@qrR<J)q=y7Au2t5bZrw|t`uL{*#*imQ
zqhoz;mpl69jNXwfT@MNxyGsxM+Kc|B=g*jyl-dgBboH%rqNY#XLo>LgmYFZQ^spgy
z%)yt|8@*D57t@ZE$9F&`LU>V<q*LEX>yk$gB`L4zdY_(1x^z&^N<PMmmu+z4IlARm
zJLSuquJ@$Vdbz6h$fmAZa3-zpL?8x2eMgs8LWHYU$?^-5CFNg#5Kk^CX&zeEj$AhD
z4Zs*VTGcvuqDfvT&Z$)VraV};I%d!;cdXkN{dFr?2LaHRwlJ+pniV|JEWMjK^wQm#
z>@a6l^#GBk7KrKj@`^SndMF2GD|415J;%g(X9f+ca~j=ESFPuWv`SV8N9C5Z0b!(@
z9Wc#~x&f5q2tNBE#SV~*PoL2n2LvzZQFB<zhhL=kH;nlqEghV_jc)b$2bX8P=t<9?
zyA-##URJcAHGDK{&q(t9p`-Whz2^u5@|Q-JHjdBr%Box3*xttv@{ZJ3fCoj(hhIns
z&8=AgzAf2@*%V~fp(VU~`?DD!js;{TTCniR!*gqJk^c9UNc0BIJ^O(!qzClnvEDE0
z2N>#E^y5zb-3LU7aj#xX56)m6^7EH19fG=Uh0S!ZG^EQ9U%U=#p3<<|dO$cjrxMiK
z>b@R`KW*H%`1WvJg|*X$c6qmGMF=vaFE*b4zCzAA6%F2zoqX`gN<9M36Fm^iCF|<K
zhk(pn(#`To(0cuxJ$yYlWQkg8-cshx2+>>F;I~fLlr}g*nkU_M_PN-w%3f(45Iuqn
z+MqZ6cj`ROSyX&c>x(bub_U|T1M%qD*`LYGkj`A5?L=Sg_&<O9V)NeYl^Tg+Yd)Vo
z6(Ar|FRu<b7LeLNtR2&u)>Dd)f0-4}m+gedN-{rcU8mvc7XRC+xSh?HccMd8{Jpo%
zYFiMHLN{D|jZZ$DOJ247^>-Wuq<IXPB&z`wBVbS+AgWcwZ+25BKII6S%U8|d?6Y`2
zES6_`Fz=bqqPRJLfP5W@zrgdG_wsEkVkO27)DOPyzZS%^+smFv#Rc8;ztK8*wZGmA
zG1odCh>gd8n-yQI1Vv5lLqH(g-uMVT(ft>%S96*g6yKnqzZG-kLnxIz2b*^wAi%5C
z%)D2P5c+aYl@4%I`i@d@ea$Lod$iOmtYs$|5{U)#8NKNq!s^LzSUr3b7S#O%dJjqv
z&(2<jb1QW2@@^+uJdNgVi%0jaSca6|J@pH^e1FB+3tC5mBt!ZTki~B6WGD4_`whCE
zm-U!O7o`LEW`1A>n-=$*MYm05X~>_b;-^mT>3}DA@$=$t9FT9%J->Os^yg4a4`$40
z5i+DtYbD)pl`5FN-o?2cMe{L_&(;Rb@}Te;fBbATo(^zajcIDZ(ux7KG02cSS}3)3
z5T$dLklD1Ny@z56G9+BA&JJ#MWUWsh+=Hw_Tx%HuvhjP5oOdce2_H?RI>-%L+ACHh
z`_R&sw~V8=7kTdI@5IgJ^24SUXGn*Z15vBgRJ`bgh|osXWOdoMwqlpe<KwdFH#D)4
z1Y|9>AO*H&-h2<?;yvV*Q|?%o|J}v&U2*&1KX=2K75u;x)4F~d-M<ZASzAHQQdchY
zm9*rqOO+W*l@!e5`G=(gaem9uJ*|J?IqIpDNB4o}BPhw6pnNXrx)q)1=nGAky7-+Z
z{;t_tvWFCR!=g%#ETyVz-qCKz$}ViL@pGDIxtpqY3StF|?I9MdGHRxG%F@;1CHmN-
zzXFdZ&627@MNoRQ|F7cffs^+1;S&}+nqzJUVh+CZgJ!8?9X#mblYCKqV+9N9C?MO_
zrXKGhstRS5omtD%2Z+Np*mv%ocxwNmL)f#pwXW;g0p;n1^av6$&D>ZUgz$7-dKKcP
z4z6_RQWOh&TMZR`DX9>Ug|$@iDGU#8^b_tn1SEciwr!sMVni|m64=KOpv$O?Eepx0
zz++hvsI15WZ@2;@P<#%F6|e)^29tLMf?URfO+AnWjAU1kc|j%^cpR2NMkcb$6Ov(W
z44GtH0RRBOtYPLLwvLV1499FDLynL7g6)pLH5)^YjWFmS3GfIw%P20#MA;!h23H6%
zn8;ujfGacW&|`B>U}wfZM`1w7n4oH~IRGQZ25_ARDQ6D?0yMZmBR8<lY=D42c0rF2
z2Nr`JO=1>rBoO!;>>&k9p~*R9^rlY`hu8=1$p;28iH8sYDPUmM!e{(rC5pL;cFYDn
z*1#TNMU)XE6R}7l8vEnO*iB-MFcHGV;$&im<Hx3BZ#WSoblwc6(7^)m5t)i6Zj)Q$
znIw)U0*H)Zvu4cXMyhC}!n9fqHSa~3XKtoi)Bno?vuo5#<{7g{0)c_#u_Ar{k7UT7
zv|~Cs_)c!z^gd-??@S1|rm|Dj5ijFHcdYOSvs2Zn#DuzTX3D(=hsX-%rv9&+x~}zy
zV!`#X>v;dDI<-lNT@UeyG1X$%)cCYFo!pe9``VxW|5_GAWXZHCAqhIxjC$9KOUX4J
zOgdv?8k7+^k{byTOh$uap^4ei-*{;1o12J_`BOc(rXmPW&?L&&VNVzAI?Sm-)=p?{
z!u&tAvx!PvmAGytZl;!!YvOa-Pe_8OBIW*9EbMrTEGUr5^Hzux(A1|L7zLUFaV};$
zmMr*l2n?v@nKjw3*P<O51?%mnMCYlo5E&sXhT+=rc{;QMqae>-+n5Cc@D^DJU}z~t
zJ1`0?4FT-iAr1f_2td)o#{F+>V$PyTF}xS4e~d(w-H&0(j3&$tSqIk<ak?Q-(Gmnf
z1VIo%5JZq~iZI5`&d9(F?+voB(-yF>k0iiCo-SqvCT7M#14aQe6999SUnert*{%Qp
N002ovPDHLkV1f$s#LfT!

literal 0
HcmV?d00001

diff --git a/experimental/images/vlans-deeper-look.svg b/experimental/images/vlans-deeper-look.svg
new file mode 100644
index 00000000..96cd21d5
--- /dev/null
+++ b/experimental/images/vlans-deeper-look.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="586" height="601"><style xmlns="http://www.w3.org/1999/xhtml"></style><defs/><g transform="translate(0,0)"><g><rect fill="#FFFFFF" stroke="none" x="0" y="0" width="586" height="601"/></g><g transform="matrix(1,0,0,1,295,192.98406475670114)"><g transform="translate(0,0)"><g transform="translate(-39,-89.9329528808594) translate(-256,-103.05111187584174) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#666666" d="M 300 323.5 L 300 197.98406475670114" stroke-miterlimit="10" stroke-width="3"/></g></g></g></g><g transform="matrix(1,0,0,1,295,192.98406475670114)"><g transform="translate(0,0)"><g transform="translate(-39,-89.9329528808594) translate(-256,-103.05111187584174) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 300 323.5 L 300 197.98406475670114" stroke-miterlimit="10" stroke-width="3"/></g></g></g></g><g transform="matrix(1,0,0,1,252,201.98406475670117)"><g transform="translate(0,0)"><g transform="translate(4,-98.9329528808594) translate(-256,-103.05111187584177) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#666666" d="M 257 332.5 L 257 206.98406475670117" stroke-miterlimit="10" stroke-width="3"/></g></g></g></g><g transform="matrix(1,0,0,1,252,201.98406475670117)"><g transform="translate(0,0)"><g transform="translate(4,-98.9329528808594) translate(-256,-103.05111187584177) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#999999" d="M 257 332.5 L 257 206.98406475670117" stroke-miterlimit="10" stroke-width="3"/></g></g></g></g><g transform="translate(0,0) matrix(0.9970841003774397,-0.07631052859541608,0.07631052859541608,0.9970841003774397,6.812265994936054,40.19841100496578)"><g><g transform="translate(0,0) scale(5.40007959672885,3.87815826436388) translate(0.00001348378,-0.001498589)"><g><g><path fill="#FFFFFF" stroke="#999999" d="M 33.84 5.912 C 16.263 2.403 6.986 11.405 8.451 19.186 L 8.57 19.61 C -5.128 21.942 -1.537 38.106 5.033 38.106 L 5.679 38.085 C 4.026 45.68 20.032 53.41 28.958 49.548 L 29.531 48.92 C 32.713 55.752 44.02 56.893 55.201 57.177 C 64.89 57.425 70.546 56.658 74.702 52.411 L 75.341 52.599 C 90.852 53.845 97.915 43.133 94.526 35.442 L 95.36 35.207 C 100.648 33.808 101.258 21.602 92.187 19.797 L 92.361 19.325 C 96.299 11.385 87.011 3.896 74.124 5.303 L 73.23 4.837 C 64.003 -3.517 37.449 -2.157 34.373 6.108 L 33.84 5.912 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,15,322)"><g><g transform="translate(0,0) scale(5.31,2.59)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.18832391713747648,0.3861003861003861)"><path fill="#c5e4fc" stroke="none" d="M 10 0 L 521 0 Q 531 0 531 10 L 531 249 Q 531 259 521 259 L 10 259 Q 0 259 0 249 L 0 10 Q 0 0 10 0 Z" opacity="0.93"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 521 0 Q 531 0 531 10 L 531 249 Q 531 259 521 259 L 10 259 Q 0 259 0 249 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" stroke-width="2" opacity="0.93"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,47,409)"><g transform="translate(4,4) scale(1.0034722222222223,1.004201680672269)"><g><g transform="translate(0,0) scale(1.44,1.19)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.6944444444444444,0.8403361344537815)"><path fill="#000000" stroke="none" d="M 10 0 L 134 0 Q 144 0 144 10 L 144 109 Q 144 119 134 119 L 10 119 Q 0 119 0 109 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 134 0 Q 144 0 144 10 L 144 109 Q 144 119 134 119 L 10 119 Q 0 119 0 109 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.44,1.19)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.6944444444444444,0.8403361344537815)"><path fill="#5fcc5a" stroke="none" d="M 10 0 L 134 0 Q 144 0 144 10 L 144 109 Q 144 119 134 119 L 10 119 Q 0 119 0 109 L 0 10 Q 0 0 10 0 Z" opacity="0.99"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 134 0 Q 144 0 144 10 L 144 109 Q 144 119 134 119 L 10 119 Q 0 119 0 109 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.99"/></g></g></g></g></g><g transform="matrix(1,0,0,1,115,387)"><g transform="translate(0,0)"><g transform="translate(38,-78.9329528808594) translate(-153,-308.0670471191406) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#000000" d="M 119 409 L 119 391" stroke-miterlimit="10"/></g></g></g></g><g transform="matrix(1,0,0,1,-3,543)"><g transform="translate(1676,32) matrix(1,0,0,1,0,0) translate(-1676,-32)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="566" height="32" fill-opacity="0"/></g></g><g transform="translate(1676,32) matrix(1,0,0,1,0,0) translate(-1676,-32)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="566" height="32" fill-opacity="0"/></g></g><g transform="translate(1676,32) matrix(1,0,0,1,0,0) translate(-1676,-32)"><g><rect fill="rgb(0,0,0)" stroke="none" x="25" y="0" width="83" height="16" fill-opacity="0"/></g></g><g transform="translate(1676,32) matrix(1,0,0,1,0,0) translate(-1676,-32)"><g><rect fill="rgb(0,0,0)" stroke="none" x="25" y="0" width="83" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="25" y="14">Docker</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="76" y="14">Host</text></g><g transform="translate(1676,32) matrix(1,0,0,1,0,0) translate(-1676,-32)"><g><rect fill="rgb(0,0,0)" stroke="none" x="108" y="0" width="360" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="108" y="14">:</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="115" y="14">Frontend</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="171" y="14">,</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="179" y="14">Backend</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="234" y="14"> &amp;</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="251" y="14">Credit</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="292" y="14">Card</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="326" y="14">App</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="355" y="14">Tiers</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="390" y="14">are</text></g><g transform="translate(1676,32) matrix(1,0,0,1,0,0) translate(-1676,-32)"><g><rect fill="rgb(0,0,0)" stroke="none" x="414" y="0" width="53" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="bold" text-decoration="" line-height="16.5px" x="414" y="14">Isolated</text></g><g transform="translate(1676,32) matrix(1,0,0,1,0,0) translate(-1676,-32)"><g><rect fill="rgb(0,0,0)" stroke="none" x="467" y="0" width="515" height="32" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="471" y="14">but</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="494" y="14">can</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="521" y="14">still</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="27" y="30">communicate</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="114" y="30">inside</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="201" y="30">interface</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="258" y="30">or</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="275" y="30">any</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="301" y="30">other</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="337" y="30">Docker</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="385" y="30">hosts</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="423" y="30">using</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="normal" text-decoration="" line-height="16.5px" x="460" y="30">the</text></g><g transform="translate(1676,32) matrix(1,0,0,1,0,0) translate(-1676,-32)"><g><rect fill="rgb(0,0,0)" stroke="none" x="154" y="16" width="44" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="154" y="30">parent</text></g><g transform="translate(1676,32) matrix(1,0,0,1,0,0) translate(-1676,-32)"><g><rect fill="rgb(0,0,0)" stroke="none" x="483" y="16" width="57" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="483" y="30">VLAN</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="525" y="30">ID</text></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,31,290)"><g transform="translate(4,4) scale(1.0010060362173039,1.00625)"><g><g transform="translate(0,0) scale(4.97,0.8)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.2012072434607646,1.25)"><path fill="#000000" stroke="none" d="M 10 0 L 487 0 Q 497 0 497 10 L 497 70 Q 497 80 487 80 L 10 80 Q 0 80 0 70 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 487 0 Q 497 0 497 10 L 497 70 Q 497 80 487 80 L 10 80 Q 0 80 0 70 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(4.97,0.8)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.2012072434607646,1.25)"><path fill="#cccccc" stroke="none" d="M 10 0 L 487 0 Q 497 0 497 10 L 497 70 Q 497 80 487 80 L 10 80 Q 0 80 0 70 L 0 10 Q 0 0 10 0 Z"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 487 0 Q 497 0 497 10 L 497 70 Q 497 80 487 80 L 10 80 Q 0 80 0 70 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10"/></g></g></g></g></g><g transform="matrix(1,0,0,1,300,248)"><g transform="translate(211,0) matrix(1,0,0,1,0,0) translate(-211,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="258" height="48" fill-opacity="0"/></g></g><g transform="translate(211,0) matrix(1,0,0,1,0,0) translate(-211,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="258" height="32" fill-opacity="0"/></g></g><g transform="translate(211,0) matrix(1,0,0,1,0,0) translate(-211,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="3" y="0" width="101" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="3" y="14">802</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="27" y="14">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="31" y="14">1Q</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="53" y="14">Trunk</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="91" y="14"> -</text></g><g transform="translate(211,0) matrix(1,0,0,1,0,0) translate(-211,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="104" y="0" width="242" height="32" fill-opacity="0"/></g></g><g transform="translate(211,0) matrix(1,0,0,1,0,0) translate(-211,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="104" y="0" width="242" height="32" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="104" y="14">can</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="130" y="14">be</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="150" y="14">a</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="161" y="14">single</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="202" y="14">Ethernet</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="14" y="30">link</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="39" y="30">or</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="55" y="30">Multiple</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="107" y="30">Bonded</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="159" y="30">Ethernet</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="italic" font-weight="normal" text-decoration="" line-height="16.5px" x="216" y="30">links</text></g></g><g transform="matrix(1,0,0,1,200,307)"><g transform="translate(32,0) matrix(1,0,0,1,0,0) translate(-32,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="157" height="22" fill-opacity="0"/></g></g><g transform="translate(32,0) matrix(1,0,0,1,0,0) translate(-32,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="157" height="22" fill-opacity="0"/></g></g><g transform="translate(32,0) matrix(1,0,0,1,0,0) translate(-32,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="16" y="0" width="125" height="22" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="20px" font-style="normal" font-weight="normal" text-decoration="" line-height="22.75px" x="63" y="19">Interface</text></g><g transform="translate(32,0) matrix(1,0,0,1,0,0) translate(-32,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="16" y="0" width="42" height="22" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="20px" font-style="normal" font-weight="bold" text-decoration="" line-height="22.75px" x="16" y="19">eth0</text></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,207,331)"><g transform="translate(4,4) scale(1.0034722222222223,1.0083333333333333)"><g><g transform="translate(0,0) scale(1.44,0.6)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.6944444444444444,1.6666666666666667)"><path fill="#000000" stroke="none" d="M 10 0 L 134 0 Q 144 0 144 10 L 144 50 Q 144 60 134 60 L 10 60 Q 0 60 0 50 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 134 0 Q 144 0 144 10 L 144 50 Q 144 60 134 60 L 10 60 Q 0 60 0 50 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.44,0.6)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.6944444444444444,1.6666666666666667)"><path fill="#fca13f" stroke="none" d="M 10 0 L 134 0 Q 144 0 144 10 L 144 50 Q 144 60 134 60 L 10 60 Q 0 60 0 50 L 0 10 Q 0 0 10 0 Z" opacity="0.99"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 134 0 Q 144 0 144 10 L 144 50 Q 144 60 134 60 L 10 60 Q 0 60 0 50 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.99"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,207,409)"><g transform="translate(4,4) scale(1.0034722222222223,1.004201680672269)"><g><g transform="translate(0,0) scale(1.44,1.19)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.6944444444444444,0.8403361344537815)"><path fill="#000000" stroke="none" d="M 10 0 L 134 0 Q 144 0 144 10 L 144 109 Q 144 119 134 119 L 10 119 Q 0 119 0 109 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 134 0 Q 144 0 144 10 L 144 109 Q 144 119 134 119 L 10 119 Q 0 119 0 109 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.44,1.19)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.6944444444444444,0.8403361344537815)"><path fill="#fca13f" stroke="none" d="M 10 0 L 134 0 Q 144 0 144 10 L 144 109 Q 144 119 134 119 L 10 119 Q 0 119 0 109 L 0 10 Q 0 0 10 0 Z" opacity="0.99"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 134 0 Q 144 0 144 10 L 144 109 Q 144 119 134 119 L 10 119 Q 0 119 0 109 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.99"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,234.91044776119404,438.2696192696193)"><g transform="translate(4,4) scale(1.0048976608187135,1.00910441426146)"><g><g transform="translate(0,0) scale(1.0208955223880598,0.5491841491841488)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9795321637426899,1.8208828522920215)"><path fill="#000000" stroke="none" d="M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.0208955223880598,0.5491841491841488)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9795321637426899,1.8208828522920215)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" opacity="0.97"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.97"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,225.955223880597,428.63480963480964)"><g transform="translate(4,4) scale(1.0048976608187135,1.00910441426146)"><g><g transform="translate(0,0) scale(1.0208955223880598,0.5491841491841488)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9795321637426899,1.8208828522920215)"><path fill="#000000" stroke="none" d="M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.0208955223880598,0.5491841491841488)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9795321637426899,1.8208828522920215)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" opacity="0.97"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.97"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,217,419)"><g transform="translate(4,4) scale(1.0048976608187135,1.00910441426146)"><g><g transform="translate(0,0) scale(1.0208955223880598,0.5491841491841488)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9795321637426899,1.8208828522920215)"><path fill="#000000" stroke="none" d="M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.0208955223880598,0.5491841491841488)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9795321637426899,1.8208828522920215)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" opacity="0.97"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.97"/></g></g></g></g></g><g transform="matrix(1,0,0,1,227,424)"><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="83" height="44" fill-opacity="0"/></g></g><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="83" height="14" fill-opacity="0"/></g></g><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="8" y="0" width="67" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="8" y="12">Container</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="61" y="12">(</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="65" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="71" y="12">)</text></g><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="83" height="30" fill-opacity="0"/></g></g><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="28" y="14" width="73" height="30" fill-opacity="0"/></g></g><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="28" y="14" width="73" height="30" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="28" y="27">Eth0</text></g><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="5" y="29" width="73" height="15" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="5" y="42">10</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="20" y="42">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="23" y="42">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="31" y="42">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="34" y="42">20</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="49" y="42">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="52" y="42">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="60" y="42">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="63" y="42">24</text></g></g><g transform="matrix(1,0,0,1,275,387)"><g transform="translate(0,0)"><g transform="translate(-292,-88.9329528808594) translate(17,-298.0670471191406) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#000000" d="M 279 409 L 279 391" stroke-miterlimit="10"/></g></g></g></g><g transform="matrix(1,0,0,1,215,341)"><g transform="translate(176,60) matrix(1,0,0,1,0,0) translate(-176,-60)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="129" height="40" fill-opacity="0"/></g></g><g transform="translate(176,60) matrix(1,0,0,1,0,0) translate(-176,-60)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="129" height="20" fill-opacity="0"/></g></g><g transform="translate(176,60) matrix(1,0,0,1,0,0) translate(-176,-60)"><g><rect fill="rgb(0,0,0)" stroke="none" x="2" y="0" width="127" height="20" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="normal" text-decoration="" line-height="20.5px" x="2" y="17">Parent</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="normal" text-decoration="" line-height="20.5px" x="55" y="17">:</text></g><g transform="translate(176,60) matrix(1,0,0,1,0,0) translate(-176,-60)"><g><rect fill="rgb(0,0,0)" stroke="none" x="65" y="0" width="63" height="20" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="bold" text-decoration="" line-height="20.5px" x="65" y="17">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="bold" text-decoration="" line-height="20.5px" x="102" y="17">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="bold" text-decoration="" line-height="20.5px" x="107" y="17">20</text></g><g transform="translate(176,60) matrix(1,0,0,1,0,0) translate(-176,-60)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="20" width="129" height="20" fill-opacity="0"/></g></g><g transform="translate(176,60) matrix(1,0,0,1,0,0) translate(-176,-60)"><g><rect fill="rgb(0,0,0)" stroke="none" x="14" y="20" width="101" height="20" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="normal" text-decoration="" line-height="20.5px" x="14" y="37">VLAN</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="normal" text-decoration="" line-height="20.5px" x="66" y="37">ID</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="normal" text-decoration="" line-height="20.5px" x="84" y="37">:</text></g><g transform="translate(176,60) matrix(1,0,0,1,0,0) translate(-176,-60)"><g><rect fill="rgb(0,0,0)" stroke="none" x="95" y="20" width="21" height="20" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="bold" text-decoration="" line-height="20.5px" x="95" y="37">20</text></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,367,409)"><g transform="translate(4,4) scale(1.0034722222222223,1.0042735042735043)"><g><g transform="translate(0,0) scale(1.44,1.17)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.6944444444444444,0.8547008547008548)"><path fill="#000000" stroke="none" d="M 10 0 L 134 0 Q 144 0 144 10 L 144 107 Q 144 117 134 117 L 10 117 Q 0 117 0 107 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 134 0 Q 144 0 144 10 L 144 107 Q 144 117 134 117 L 10 117 Q 0 117 0 107 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.44,1.17)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.6944444444444444,0.8547008547008548)"><path fill="#eb6c6c" stroke="none" d="M 10 0 L 134 0 Q 144 0 144 10 L 144 107 Q 144 117 134 117 L 10 117 Q 0 117 0 107 L 0 10 Q 0 0 10 0 Z" opacity="0.99"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 134 0 Q 144 0 144 10 L 144 107 Q 144 117 134 117 L 10 117 Q 0 117 0 107 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.99"/></g></g></g></g></g><g transform="matrix(1,0,0,1,435,387)"><g transform="translate(0,0)"><g transform="translate(-622,-98.9329528808594) translate(187,-288.0670471191406) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#000000" d="M 439 409 L 439 391" stroke-miterlimit="10"/></g></g></g></g><g transform="matrix(1,0,0,1,373,501)"><g transform="translate(15,0) matrix(1,0,0,1,0,0) translate(-15,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="132" height="20" fill-opacity="0"/></g></g><g transform="translate(15,0) matrix(1,0,0,1,0,0) translate(-15,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="132" height="20" fill-opacity="0"/></g></g><g transform="translate(15,0) matrix(1,0,0,1,0,0) translate(-15,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="15" y="0" width="102" height="20" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="normal" text-decoration="" line-height="20.5px" x="15" y="17">Credit</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="normal" text-decoration="" line-height="20.5px" x="69" y="17">Cards</text></g></g><g transform="matrix(1,0,0,1,211,502)"><g transform="translate(31,0) matrix(1,0,0,1,0,0) translate(-31,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="132" height="20" fill-opacity="0"/></g></g><g transform="translate(31,0) matrix(1,0,0,1,0,0) translate(-31,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="132" height="20" fill-opacity="0"/></g></g><g transform="translate(31,0) matrix(1,0,0,1,0,0) translate(-31,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="31" y="0" width="72" height="20" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="normal" text-decoration="" line-height="20.5px" x="31" y="17">Backend</text></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,394.910447761194,438.2696192696193)"><g transform="translate(4,4) scale(1.0048976608187135,1.00910441426146)"><g><g transform="translate(0,0) scale(1.0208955223880598,0.5491841491841488)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9795321637426899,1.8208828522920215)"><path fill="#000000" stroke="none" d="M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.0208955223880598,0.5491841491841488)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9795321637426899,1.8208828522920215)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" opacity="0.97"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.97"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,385.95522388059703,428.63480963480964)"><g transform="translate(4,4) scale(1.0048976608187135,1.00910441426146)"><g><g transform="translate(0,0) scale(1.0208955223880598,0.5491841491841488)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9795321637426899,1.8208828522920215)"><path fill="#000000" stroke="none" d="M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.0208955223880598,0.5491841491841488)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9795321637426899,1.8208828522920215)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" opacity="0.97"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.97"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,377,419)"><g transform="translate(4,4) scale(1.0048976608187135,1.00910441426146)"><g><g transform="translate(0,0) scale(1.0208955223880598,0.5491841491841488)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9795321637426899,1.8208828522920215)"><path fill="#000000" stroke="none" d="M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.0208955223880598,0.5491841491841488)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9795321637426899,1.8208828522920215)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" opacity="0.97"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.97"/></g></g></g></g></g><g transform="matrix(1,0,0,1,387,424)"><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="83" height="44" fill-opacity="0"/></g></g><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="83" height="14" fill-opacity="0"/></g></g><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="8" y="0" width="67" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="8" y="12">Container</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="61" y="12">(</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="65" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="71" y="12">)</text></g><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="83" height="30" fill-opacity="0"/></g></g><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="28" y="14" width="73" height="30" fill-opacity="0"/></g></g><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="28" y="14" width="73" height="30" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="28" y="27">Eth0</text></g><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="5" y="29" width="73" height="15" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="5" y="42">10</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="20" y="42">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="23" y="42">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="31" y="42">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="34" y="42">30</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="49" y="42">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="52" y="42">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="60" y="42">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="63" y="42">24</text></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,74.91044776119404,438.2696192696193)"><g transform="translate(4,4) scale(1.0048976608187135,1.00910441426146)"><g><g transform="translate(0,0) scale(1.0208955223880598,0.5491841491841488)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9795321637426899,1.8208828522920215)"><path fill="#000000" stroke="none" d="M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.0208955223880598,0.5491841491841488)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9795321637426899,1.8208828522920215)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" opacity="0.97"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.97"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,65.95522388059702,428.63480963480964)"><g transform="translate(4,4) scale(1.0048976608187135,1.00910441426146)"><g><g transform="translate(0,0) scale(1.0208955223880598,0.5491841491841488)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9795321637426899,1.8208828522920215)"><path fill="#000000" stroke="none" d="M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.0208955223880598,0.5491841491841488)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9795321637426899,1.8208828522920215)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" opacity="0.97"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.97"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,57,419)"><g transform="translate(4,4) scale(1.0048976608187135,1.00910441426146)"><g><g transform="translate(0,0) scale(1.0208955223880598,0.5491841491841488)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9795321637426899,1.8208828522920215)"><path fill="#000000" stroke="none" d="M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.0208955223880598,0.5491841491841488)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.9795321637426899,1.8208828522920215)"><path fill="#4cacf5" stroke="none" d="M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" opacity="0.97"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 92.08955223880598 0 Q 102.08955223880598 0 102.08955223880598 10 L 102.08955223880598 44.91841491841488 Q 102.08955223880598 54.91841491841488 92.08955223880598 54.91841491841488 L 10 54.91841491841488 Q 0 54.91841491841488 0 44.91841491841488 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.97"/></g></g></g></g></g><g transform="matrix(1,0,0,1,67,424)"><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="83" height="44" fill-opacity="0"/></g></g><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="83" height="14" fill-opacity="0"/></g></g><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="8" y="0" width="67" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="8" y="12">Container</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="61" y="12">(</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="65" y="12">s</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="71" y="12">)</text></g><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="83" height="30" fill-opacity="0"/></g></g><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="28" y="14" width="73" height="30" fill-opacity="0"/></g></g><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="28" y="14" width="73" height="30" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="normal" text-decoration="" line-height="15.5px" x="28" y="27">Eth0</text></g><g transform="translate(69,71) matrix(1,0,0,1,0,0) translate(-69,-71)"><g><rect fill="rgb(0,0,0)" stroke="none" x="5" y="29" width="73" height="15" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="5" y="42">10</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="20" y="42">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="23" y="42">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="31" y="42">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="34" y="42">10</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="49" y="42">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="52" y="42">0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="60" y="42">/</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="13px" font-style="normal" font-weight="bold" text-decoration="" line-height="15.5px" x="63" y="42">24</text></g></g><g transform="matrix(1,0,0,1,53,502)"><g transform="translate(30,0) matrix(1,0,0,1,0,0) translate(-30,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="132" height="20" fill-opacity="0"/></g></g><g transform="translate(30,0) matrix(1,0,0,1,0,0) translate(-30,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="132" height="20" fill-opacity="0"/></g></g><g transform="translate(30,0) matrix(1,0,0,1,0,0) translate(-30,0)"><g><rect fill="rgb(0,0,0)" stroke="none" x="30" y="0" width="74" height="20" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="normal" text-decoration="" line-height="20.5px" x="30" y="17">Frontend</text></g></g><g transform="matrix(1,0,0,1,271.50000000000006,96.41047267550272)"><g transform="translate(0,0)"><g transform="translate(-274,-128.00000000000003) translate(2.499999999999943,31.58952732449731) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#ff9900" d="M 278.00000000000006 102.91047267550272 M 278.00000000000006 102.91047267550272 L 278.00000000000006 108.91047267550272 M 278.00000000000006 108.91047267550272 M 278.00000000000006 114.91047267550272 L 278.00000000000006 120.91047267550272 M 278.00000000000006 120.91047267550272 M 278.00000000000006 126.91047267550272 L 278.00000000000006 132.91047267550272 M 278.00000000000006 132.91047267550272 M 278.00000000000006 138.91047267550272 L 278.00000000000006 144.91047267550272 M 278.00000000000006 144.91047267550272 M 278.00000000000006 150.91047267550272 L 278.00000000000006 156.91047267550272 M 278.00000000000006 156.91047267550272 M 278.00000000000006 162.91047267550272 L 278.00000000000006 168.91047267550272 M 278.00000000000006 168.91047267550272 M 278.00000000000006 174.91047267550272 L 278.00000000000006 180.91047267550272 M 278.00000000000006 180.91047267550272 M 278.00000000000006 186.91047267550272 L 278.00000000000006 192.91047267550272 M 278.00000000000006 192.91047267550272 M 278.00000000000006 198.91047267550272 L 278.00000000000006 204.91047267550272 M 278.00000000000006 204.91047267550272 M 278.00000000000006 210.91047267550272 L 278.00000000000006 216.91047267550272 M 278.00000000000006 216.91047267550272 M 278.00000000000006 222.91047267550272 L 278.00000000000006 228.91047267550272 M 278.00000000000006 228.91047267550272 M 278.00000000000006 234.91047267550272 L 278.00000000000006 240.91047267550272 M 278.00000000000006 240.91047267550272 M 278.00000000000006 246.91047267550272 L 278.00000000000006 252.91047267550272 M 278.00000000000006 252.91047267550272 M 278.00000000000006 258.9104726755027 L 278.00000000000006 264.9104726755027 M 278.00000000000006 264.9104726755027 M 278.00000000000006 270.9104726755027 L 278.00000000000006 276.9104726755027 M 278.00000000000006 276.9104726755027 M 278.00000000000006 282.9104726755027 L 278.00000000000006 288.9104726755027 M 278.00000000000006 288.9104726755027 M 278.00000000000006 294.9104726755027 L 278.0000000000001 300.9104726755027 M 278.0000000000001 300.9104726755027" stroke-miterlimit="10" stroke-width="6"/></g></g></g></g><g transform="matrix(1,0,0,1,284.40277777777806,243.31491457745426)"><g transform="translate(0,0)"><g transform="translate(-104.62600160256406,-181.95081824533966) translate(-179.776776175214,-61.3640963321146) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cc0000" d="M 395.6805555555633 368.59527295942837 M 395.6805555555633 368.59527295942837 L 395.6805555555633 362.59527295942837 M 395.6805555555633 362.59527295942837 M 395.6805555555633 356.59527295942837 L 395.6805555555633 350.59527295942837 M 395.6805555555633 350.59527295942837 M 395.6805555555633 344.59527295942837 L 395.6805555555633 338.59527295942837 M 395.6805555555633 338.59527295942837 M 395.6805555555633 332.59527295942837 L 395.6805555555633 326.59527295942837 M 395.6805555555633 326.59527295942837 M 395.6805555555633 320.59527295942837 L 395.6805555555633 314.59527295942837 M 395.6805555555633 314.59527295942837 M 395.6454730957975 308.5959974887863 Q 395.42473204507803 305.08992137071624 393.81507437340014 302.97276187360467 M 393.81507437340014 302.97276187360467 M 388.7448234749301 300.0250475217899 Q 387.3524512811001 299.74552399008303 385.6805555555633 299.74552399008303 L 382.7625569263178 299.74552399008303 M 382.7625569263178 299.74552399008303 M 376.7625569263178 299.74552399008303 L 370.7625569263178 299.74552399008303 M 370.7625569263178 299.74552399008303 M 364.7625569263178 299.74552399008303 L 358.7625569263178 299.74552399008303 M 358.7625569263178 299.74552399008303 M 352.7625569263178 299.74552399008303 L 346.7625569263178 299.74552399008303 M 346.7625569263178 299.74552399008303 M 340.7625569263178 299.74552399008303 L 334.7625569263178 299.74552399008303 M 334.7625569263178 299.74552399008303 M 328.7625569263178 299.74552399008303 L 322.7625569263178 299.74552399008303 M 322.7625569263178 299.74552399008303 M 316.7625569263178 299.74552399008303 L 310.7625569263178 299.74552399008303 M 310.7625569263178 299.74552399008303 M 304.7625569263178 299.74552399008303 L 300.90277777777806 299.74552399008303 Q 299.7712873305603 299.74552399008303 298.7678239465571 299.6174969268685 M 298.7678239465571 299.6174969268685 M 293.3857693473039 297.228457504614 Q 291.4531834876415 295.28265607285664 291.0247864262038 291.83266584287463 M 291.0247864262038 291.83266584287463 M 290.90277777777806 285.8375555400254 L 290.90277777777806 279.8375555400254 M 290.90277777777806 279.8375555400254 M 290.90277777777806 273.8375555400254 L 290.90277777777806 267.8375555400254 M 290.90277777777806 267.8375555400254 M 290.90277777777806 261.8375555400254 L 290.90277777777806 255.8375555400254 M 290.90277777777806 255.8375555400254 M 290.90277777777806 249.8375555400254 L 290.90277777777806 249.81491457745426" stroke-miterlimit="10" stroke-width="6"/></g></g></g></g><g transform="matrix(1,0,0,1,284.40277777777794,125.75909597261261)"><g transform="translate(0,0)"><g transform="translate(-520.5887419871792,-284.3176338453479) translate(236.18596420940128,158.55853787273531) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#cc0000" d="M 399.0972222222224 132.2590959726126 M 399.0972222222224 132.2590959726126 L 399.0972222222224 138.2590959726126 M 399.0972222222224 138.2590959726126 M 399.0972222222224 144.2590959726126 L 399.0972222222224 150.2590959726126 M 399.0972222222224 150.2590959726126 M 399.0972222222224 156.2590959726126 L 399.0972222222224 162.2590959726126 M 399.0972222222224 162.2590959726126 M 399.0972222222224 168.2590959726126 L 399.0972222222224 174.2590959726126 M 399.0972222222224 174.2590959726126 M 399.0972222222224 180.2590959726126 L 399.0972222222224 186.2590959726126 M 399.0972222222224 186.2590959726126 M 399.0972222222224 192.2590959726126 L 399.0972222222224 192.67013315779485 Q 399.0972222222224 195.91836389834842 398.0421219278347 198.11149434451426 M 398.0421219278347 198.11149434451426 M 393.6659405128273 201.97829744802294 Q 391.72749922241087 202.67013315779496 389.0972222222224 202.67013315779502 L 387.7405118088071 202.67013315779505 M 387.7405118088071 202.67013315779505 M 381.7405118088071 202.67013315779514 L 375.7405118088071 202.67013315779522 M 375.7405118088071 202.67013315779522 M 369.7405118088071 202.6701331577953 L 363.7405118088071 202.6701331577954 M 363.7405118088071 202.6701331577954 M 357.7405118088071 202.67013315779548 L 351.7405118088071 202.67013315779556 M 351.7405118088071 202.67013315779556 M 345.7405118088071 202.67013315779565 L 339.7405118088071 202.67013315779573 M 339.7405118088071 202.67013315779573 M 333.7405118088071 202.67013315779585 L 327.7405118088071 202.67013315779593 M 327.7405118088071 202.67013315779593 M 321.7405118088071 202.67013315779604 L 315.7405118088071 202.67013315779613 M 315.7405118088071 202.67013315779613 M 309.7405118088071 202.67013315779624 L 303.7405118088071 202.67013315779633 M 303.7405118088071 202.67013315779633 M 297.7598678856485 202.9657135423712 Q 294.4328042761472 203.65647640532174 292.72003362291935 205.9615322245457 M 292.72003362291935 205.9615322245457 M 290.93300792210687 211.60072437358687 Q 290.90277777777794 212.12031369352724 290.90277777777794 212.67013315779656 L 290.90277777777794 217.600146725365 M 290.90277777777794 217.600146725365 M 290.90277777777794 223.600146725365 L 290.90277777777794 229.600146725365 M 290.90277777777794 229.600146725365 M 290.90277777777794 235.600146725365 L 290.90277777777794 241.600146725365 M 290.90277777777794 241.600146725365 M 290.90277777777794 247.600146725365 L 290.90277777777794 251.03945435457118" stroke-miterlimit="10" stroke-width="6"/></g></g></g></g><g transform="matrix(1,0,0,1,155.81944444443684,107.17033542596326)"><g transform="translate(0,0)"><g transform="translate(-453.3739983974361,-305.60207610719107) translate(297.55455395299924,198.4317406812278) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#38761d" d="M 162.31944444443684 113.67033542596326 M 162.31944444443684 113.67033542596326 L 162.31944444443684 119.67033542596326 M 162.31944444443684 119.67033542596326 M 162.31944444443684 125.67033542596326 L 162.31944444443684 131.67033542596326 M 162.31944444443684 131.67033542596326 M 162.31944444443684 137.67033542596326 L 162.31944444443684 143.67033542596326 M 162.31944444443684 143.67033542596326 M 162.31944444443684 149.67033542596326 L 162.31944444443684 155.67033542596326 M 162.31944444443684 155.67033542596326 M 162.31944444443684 161.67033542596326 L 162.31944444443684 167.67033542596326 M 162.31944444443684 167.67033542596326 M 162.31944444443684 173.67033542596326 L 162.31944444443684 179.67033542596326 M 162.31944444443684 179.67033542596326 M 162.31944444443684 185.67033542596326 L 162.31944444443684 189.5415587499461 Q 162.31944444443684 190.66665091919444 162.44602768336722 191.66515984951238 M 162.44602768336722 191.66515984951238 M 164.82839767826374 197.05049598033753 Q 166.77191548654997 198.987072120429 170.22094619965992 199.41813535569676 M 170.22094619965992 199.41813535569676 M 176.2159687190514 199.5415587499461 L 182.2159687190514 199.5415587499461 M 182.2159687190514 199.5415587499461 M 188.2159687190514 199.5415587499461 L 194.2159687190514 199.5415587499461 M 194.2159687190514 199.5415587499461 M 200.2159687190514 199.5415587499461 L 206.2159687190514 199.5415587499461 M 206.2159687190514 199.5415587499461 M 212.2159687190514 199.5415587499461 L 218.2159687190514 199.5415587499461 M 218.2159687190514 199.5415587499461 M 224.2159687190514 199.5415587499461 L 230.2159687190514 199.5415587499461 M 230.2159687190514 199.5415587499461 M 236.2159687190514 199.5415587499461 L 242.2159687190514 199.5415587499461 M 242.2159687190514 199.5415587499461 M 248.2159687190514 199.5415587499461 L 254.2159687190514 199.5415587499461 M 254.2159687190514 199.5415587499461 M 260.1975055563821 199.82836878769723 Q 263.5309416038837 200.5080005580397 265.2539063203237 202.79810365944377 M 265.2539063203237 202.79810365944377 M 267.0644085030223 208.4287072615088 Q 267.09722222222206 208.96872614612755 267.09722222222206 209.5415587499461 L 267.09722222222206 214.4280528453731 M 267.09722222222206 214.4280528453731 M 267.09722222222206 220.4280528453731 L 267.09722222222206 226.4280528453731 M 267.09722222222206 226.4280528453731 M 267.09722222222206 232.4280528453731 L 267.09722222222206 235.81551770804643" stroke-miterlimit="10" stroke-width="6"/></g></g></g></g><g transform="matrix(1,0,0,1,152.4027777777773,228.0562890247442)"><g transform="translate(0,0)"><g transform="translate(-37.41125801282108,-200.3354013688455) translate(-114.99151976495621,-27.72088765589868) matrix(1,0,0,1,0,0)"><g><path fill="none" stroke="#38761d" d="M 158.9027777777773 356.7014713068111 M 158.9027777777773 356.7014713068111 L 158.9027777777773 350.7014713068111 M 158.9027777777773 350.7014713068111 M 158.9027777777773 344.7014713068111 L 158.9027777777773 338.7014713068111 M 158.9027777777773 338.7014713068111 M 158.9027777777773 332.7014713068111 L 158.9027777777773 326.7014713068111 M 158.9027777777773 326.7014713068111 M 158.9027777777773 320.7014713068111 L 158.90277777777732 314.7014713068111 M 158.90277777777732 314.7014713068111 M 158.9386276948351 308.7022201112491 Q 159.16189382506047 305.19660315095655 160.77561686556083 303.081443100939 M 160.77561686556083 303.081443100939 M 165.85041734767782 300.14100539293156 Q 167.23802796592435 299.86386619932506 168.90277777777732 299.863866199325 L 171.83292026888248 299.8638661993249 M 171.83292026888248 299.8638661993249 M 177.83292026888248 299.86386619932466 L 183.83292026888248 299.86386619932443 M 183.83292026888248 299.86386619932443 M 189.83292026888248 299.8638661993242 L 195.83292026888248 299.863866199324 M 195.83292026888248 299.863866199324 M 201.83292026888248 299.86386619932375 L 207.83292026888248 299.8638661993235 M 207.83292026888248 299.8638661993235 M 213.83292026888248 299.8638661993233 L 219.83292026888248 299.86386619932307 M 219.83292026888248 299.86386619932307 M 225.83292026888248 299.86386619932284 L 231.83292026888248 299.8638661993226 M 231.83292026888248 299.8638661993226 M 237.83292026888248 299.8638661993224 L 243.83292026888248 299.86386619932216 M 243.83292026888248 299.86386619932216 M 249.83292026888248 299.86386619932193 L 255.83292026888248 299.86386619932176 M 255.83292026888248 299.86386619932176 M 261.7528202251644 299.1405476054279 Q 264.7675844859315 298.0314529459795 266.0817275073145 295.22173704714703 M 266.0817275073145 295.22173704714703 M 267.0972222222195 289.3604205540609 L 267.0972222222195 283.3604205540609 M 267.0972222222195 283.3604205540609 M 267.0972222222195 277.3604205540609 L 267.0972222222195 271.3604205540609 M 267.0972222222195 271.3604205540609 M 267.0972222222195 265.3604205540609 L 267.0972222222195 259.3604205540609 M 267.0972222222195 259.3604205540609 M 267.0972222222195 253.3604205540609 L 267.0972222222195 247.3604205540609 M 267.0972222222195 247.3604205540609 M 267.0972222222195 241.3604205540609 L 267.0972222222195 235.3604205540609 M 267.0972222222195 235.3604205540609" stroke-miterlimit="10" stroke-width="6"/></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,193.51767083236396,40.461511948529306)"><g><g transform="translate(0,0) scale(1.7520258247164675,1.25824690354917) translate(0.00001348378,-0.001498589)"><g><g><path fill="#FFFFFF" stroke="#ff9900" d="M 33.84 5.912 C 16.263 2.403 6.986 11.405 8.451 19.186 L 8.57 19.61 C -5.128 21.942 -1.537 38.106 5.033 38.106 L 5.679 38.085 C 4.026 45.68 20.032 53.41 28.958 49.548 L 29.531 48.92 C 32.713 55.752 44.02 56.893 55.201 57.177 C 64.89 57.425 70.546 56.658 74.702 52.411 L 75.341 52.599 C 90.852 53.845 97.915 43.133 94.526 35.442 L 95.36 35.207 C 100.648 33.808 101.258 21.602 92.187 19.797 L 92.361 19.325 C 96.299 11.385 87.011 3.896 74.124 5.303 L 73.23 4.837 C 64.003 -3.517 37.449 -2.157 34.373 6.108 L 33.84 5.912 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,213,55)"><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="137" height="56" fill-opacity="0"/></g></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="137" height="14" fill-opacity="0"/></g></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="18" y="0" width="51" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="18" y="12">Gateway</text></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="69" y="0" width="51" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="69" y="12">10</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="82" y="12">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="86" y="12">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="92" y="12">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="96" y="12">20</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="109" y="12">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="112" y="12">1</text></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="137" height="28" fill-opacity="0"/></g></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="2" y="14" width="4" height="14" fill-opacity="0"/></g></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="5" y="14" width="58" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="9" y="26">and</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="32" y="26">other</text></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="63" y="14" width="129" height="28" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="63" y="26">containers</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="122" y="26">on</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="7" y="40">the</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="40">same</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59" y="40">VLAN</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="91" y="40">/</text></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="94" y="28" width="37" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="94" y="40">subnet</text></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="42" width="137" height="14" fill-opacity="0"/></g></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="67" y="42" width="5" height="14" fill-opacity="0"/></g></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g/></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,345.9019607843137,48.00000000000003)"><g><g transform="translate(0,0) scale(0.3709803921568625,0.18000000000000005)"><g><path fill="#4cacf5" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(2.6955602536997905,5.5555555555555545)"><path fill="none" stroke="none" d="M 0 0 L 37.09803921568625 0 Q 37.09803921568625 0 37.09803921568625 0 L 37.09803921568625 18.000000000000004 Q 37.09803921568625 18.000000000000004 37.09803921568625 18.000000000000004 L 0 18.000000000000004 Q 0 18.000000000000004 0 18.000000000000004 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#666666" d="M 0 0 M 0 0 L 37.09803921568625 0 Q 37.09803921568625 0 37.09803921568625 0 L 37.09803921568625 18.000000000000004 Q 37.09803921568625 18.000000000000004 37.09803921568625 18.000000000000004 L 0 18.000000000000004 Q 0 18.000000000000004 0 18.000000000000004 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,341.48549019607844,44.15384615384616)"><g><g transform="translate(0,0) scale(0.3709803921568625,0.18000000000000005)"><g><path fill="#4cacf5" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(2.6955602536997905,5.5555555555555545)"><path fill="none" stroke="none" d="M 0 0 L 37.09803921568625 0 Q 37.09803921568625 0 37.09803921568625 0 L 37.09803921568625 18.000000000000004 Q 37.09803921568625 18.000000000000004 37.09803921568625 18.000000000000004 L 0 18.000000000000004 Q 0 18.000000000000004 0 18.000000000000004 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#666666" d="M 0 0 M 0 0 L 37.09803921568625 0 Q 37.09803921568625 0 37.09803921568625 0 L 37.09803921568625 18.000000000000004 Q 37.09803921568625 18.000000000000004 37.09803921568625 18.000000000000004 L 0 18.000000000000004 Q 0 18.000000000000004 0 18.000000000000004 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,336,39.00000000000003)"><g><g transform="translate(0,0) scale(0.3709803921568625,0.18000000000000005)"><g><path fill="#4cacf5" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(2.6955602536997905,5.5555555555555545)"><path fill="none" stroke="none" d="M 0 0 L 37.09803921568625 0 Q 37.09803921568625 0 37.09803921568625 0 L 37.09803921568625 18.000000000000004 Q 37.09803921568625 18.000000000000004 37.09803921568625 18.000000000000004 L 0 18.000000000000004 Q 0 18.000000000000004 0 18.000000000000004 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#666666" d="M 0 0 M 0 0 L 37.09803921568625 0 Q 37.09803921568625 0 37.09803921568625 0 L 37.09803921568625 18.000000000000004 Q 37.09803921568625 18.000000000000004 37.09803921568625 18.000000000000004 L 0 18.000000000000004 Q 0 18.000000000000004 0 18.000000000000004 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10"/></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,57.51767083236396,94.4615119485293)"><g><g transform="translate(0,0) scale(1.7520258247164675,1.25824690354917) translate(0.00001348378,-0.001498589)"><g><g><path fill="#FFFFFF" stroke="#38761d" d="M 33.84 5.912 C 16.263 2.403 6.986 11.405 8.451 19.186 L 8.57 19.61 C -5.128 21.942 -1.537 38.106 5.033 38.106 L 5.679 38.085 C 4.026 45.68 20.032 53.41 28.958 49.548 L 29.531 48.92 C 32.713 55.752 44.02 56.893 55.201 57.177 C 64.89 57.425 70.546 56.658 74.702 52.411 L 75.341 52.599 C 90.852 53.845 97.915 43.133 94.526 35.442 L 95.36 35.207 C 100.648 33.808 101.258 21.602 92.187 19.797 L 92.361 19.325 C 96.299 11.385 87.011 3.896 74.124 5.303 L 73.23 4.837 C 64.003 -3.517 37.449 -2.157 34.373 6.108 L 33.84 5.912 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,77,109)"><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="137" height="56" fill-opacity="0"/></g></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="137" height="14" fill-opacity="0"/></g></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="18" y="0" width="51" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="18" y="12">Gateway</text></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="69" y="0" width="51" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="69" y="12">10</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="82" y="12">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="86" y="12">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="92" y="12">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="96" y="12">10</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="109" y="12">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="112" y="12">1</text></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="137" height="28" fill-opacity="0"/></g></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="2" y="14" width="4" height="14" fill-opacity="0"/></g></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="5" y="14" width="58" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="9" y="26">and</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="32" y="26">other</text></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="63" y="14" width="129" height="28" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="63" y="26">containers</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="122" y="26">on</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="7" y="40">the</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="40">same</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59" y="40">VLAN</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="91" y="40">/</text></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="94" y="28" width="37" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="94" y="40">subnet</text></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="42" width="137" height="14" fill-opacity="0"/></g></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="67" y="42" width="5" height="14" fill-opacity="0"/></g></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g/></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,98.9019607843137,163.00000000000003)"><g><g transform="translate(0,0) scale(0.3709803921568625,0.18000000000000005)"><g><path fill="#4cacf5" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(2.6955602536997905,5.5555555555555545)"><path fill="none" stroke="none" d="M 0 0 L 37.09803921568625 0 Q 37.09803921568625 0 37.09803921568625 0 L 37.09803921568625 18.000000000000004 Q 37.09803921568625 18.000000000000004 37.09803921568625 18.000000000000004 L 0 18.000000000000004 Q 0 18.000000000000004 0 18.000000000000004 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#666666" d="M 0 0 M 0 0 L 37.09803921568625 0 Q 37.09803921568625 0 37.09803921568625 0 L 37.09803921568625 18.000000000000004 Q 37.09803921568625 18.000000000000004 37.09803921568625 18.000000000000004 L 0 18.000000000000004 Q 0 18.000000000000004 0 18.000000000000004 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,94.48549019607844,159.15384615384616)"><g><g transform="translate(0,0) scale(0.3709803921568625,0.18000000000000005)"><g><path fill="#4cacf5" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(2.6955602536997905,5.5555555555555545)"><path fill="none" stroke="none" d="M 0 0 L 37.09803921568625 0 Q 37.09803921568625 0 37.09803921568625 0 L 37.09803921568625 18.000000000000004 Q 37.09803921568625 18.000000000000004 37.09803921568625 18.000000000000004 L 0 18.000000000000004 Q 0 18.000000000000004 0 18.000000000000004 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#666666" d="M 0 0 M 0 0 L 37.09803921568625 0 Q 37.09803921568625 0 37.09803921568625 0 L 37.09803921568625 18.000000000000004 Q 37.09803921568625 18.000000000000004 37.09803921568625 18.000000000000004 L 0 18.000000000000004 Q 0 18.000000000000004 0 18.000000000000004 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,89,154.00000000000003)"><g><g transform="translate(0,0) scale(0.3709803921568625,0.18000000000000005)"><g><path fill="#4cacf5" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(2.6955602536997905,5.5555555555555545)"><path fill="none" stroke="none" d="M 0 0 L 37.09803921568625 0 Q 37.09803921568625 0 37.09803921568625 0 L 37.09803921568625 18.000000000000004 Q 37.09803921568625 18.000000000000004 37.09803921568625 18.000000000000004 L 0 18.000000000000004 Q 0 18.000000000000004 0 18.000000000000004 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#666666" d="M 0 0 M 0 0 L 37.09803921568625 0 Q 37.09803921568625 0 37.09803921568625 0 L 37.09803921568625 18.000000000000004 Q 37.09803921568625 18.000000000000004 37.09803921568625 18.000000000000004 L 0 18.000000000000004 Q 0 18.000000000000004 0 18.000000000000004 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10"/></g></g></g></g></g><g transform="translate(0,0) matrix(1,0,0,1,345.51767083236393,86.4615119485293)"><g><g transform="translate(0,0) scale(1.7520258247164675,1.25824690354917) translate(0.00001348378,-0.001498589)"><g><g><path fill="#FFFFFF" stroke="#cc0000" d="M 33.84 5.912 C 16.263 2.403 6.986 11.405 8.451 19.186 L 8.57 19.61 C -5.128 21.942 -1.537 38.106 5.033 38.106 L 5.679 38.085 C 4.026 45.68 20.032 53.41 28.958 49.548 L 29.531 48.92 C 32.713 55.752 44.02 56.893 55.201 57.177 C 64.89 57.425 70.546 56.658 74.702 52.411 L 75.341 52.599 C 90.852 53.845 97.915 43.133 94.526 35.442 L 95.36 35.207 C 100.648 33.808 101.258 21.602 92.187 19.797 L 92.361 19.325 C 96.299 11.385 87.011 3.896 74.124 5.303 L 73.23 4.837 C 64.003 -3.517 37.449 -2.157 34.373 6.108 L 33.84 5.912 Z" stroke-miterlimit="10" stroke-width="2"/></g></g></g></g></g><g transform="matrix(1,0,0,1,365,101)"><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="137" height="56" fill-opacity="0"/></g></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="137" height="14" fill-opacity="0"/></g></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="18" y="0" width="51" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="18" y="12">Gateway</text></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="69" y="0" width="51" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="69" y="12">10</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="82" y="12">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="86" y="12">1</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="92" y="12">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="96" y="12">30</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="109" y="12">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="bold" text-decoration="" line-height="14px" x="112" y="12">1</text></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="14" width="137" height="28" fill-opacity="0"/></g></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="2" y="14" width="4" height="14" fill-opacity="0"/></g></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="5" y="14" width="58" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="9" y="26">and</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="32" y="26">other</text></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="63" y="14" width="129" height="28" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="63" y="26">containers</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="122" y="26">on</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="7" y="40">the</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="27" y="40">same</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="59" y="40">VLAN</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="91" y="40">/</text></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="94" y="28" width="37" height="14" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="12px" font-style="normal" font-weight="normal" text-decoration="" line-height="14px" x="94" y="40">subnet</text></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="42" width="137" height="14" fill-opacity="0"/></g></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g><rect fill="rgb(0,0,0)" stroke="none" x="67" y="42" width="5" height="14" fill-opacity="0"/></g></g><g transform="translate(318,224) matrix(1,0,0,1,0,0) translate(-318,-224)"><g/></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,451.9019607843137,158.00000000000003)"><g><g transform="translate(0,0) scale(0.3709803921568625,0.18000000000000005)"><g><path fill="#4cacf5" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(2.6955602536997905,5.5555555555555545)"><path fill="none" stroke="none" d="M 0 0 L 37.09803921568625 0 Q 37.09803921568625 0 37.09803921568625 0 L 37.09803921568625 18.000000000000004 Q 37.09803921568625 18.000000000000004 37.09803921568625 18.000000000000004 L 0 18.000000000000004 Q 0 18.000000000000004 0 18.000000000000004 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#666666" d="M 0 0 M 0 0 L 37.09803921568625 0 Q 37.09803921568625 0 37.09803921568625 0 L 37.09803921568625 18.000000000000004 Q 37.09803921568625 18.000000000000004 37.09803921568625 18.000000000000004 L 0 18.000000000000004 Q 0 18.000000000000004 0 18.000000000000004 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,447.48549019607844,154.15384615384616)"><g><g transform="translate(0,0) scale(0.3709803921568625,0.18000000000000005)"><g><path fill="#4cacf5" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(2.6955602536997905,5.5555555555555545)"><path fill="none" stroke="none" d="M 0 0 L 37.09803921568625 0 Q 37.09803921568625 0 37.09803921568625 0 L 37.09803921568625 18.000000000000004 Q 37.09803921568625 18.000000000000004 37.09803921568625 18.000000000000004 L 0 18.000000000000004 Q 0 18.000000000000004 0 18.000000000000004 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#666666" d="M 0 0 M 0 0 L 37.09803921568625 0 Q 37.09803921568625 0 37.09803921568625 0 L 37.09803921568625 18.000000000000004 Q 37.09803921568625 18.000000000000004 37.09803921568625 18.000000000000004 L 0 18.000000000000004 Q 0 18.000000000000004 0 18.000000000000004 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,442,149.00000000000003)"><g><g transform="translate(0,0) scale(0.3709803921568625,0.18000000000000005)"><g><path fill="#4cacf5" stroke="none" d="M 0 0 L 100 0 Q 100 0 100 0 L 100 100 Q 100 100 100 100 L 0 100 Q 0 100 0 100 L 0 0 Q 0 0 0 0 Z"/><g transform="scale(2.6955602536997905,5.5555555555555545)"><path fill="none" stroke="none" d="M 0 0 L 37.09803921568625 0 Q 37.09803921568625 0 37.09803921568625 0 L 37.09803921568625 18.000000000000004 Q 37.09803921568625 18.000000000000004 37.09803921568625 18.000000000000004 L 0 18.000000000000004 Q 0 18.000000000000004 0 18.000000000000004 L 0 0 Q 0 0 0 0 Z"/><path fill="none" stroke="#666666" d="M 0 0 M 0 0 L 37.09803921568625 0 Q 37.09803921568625 0 37.09803921568625 0 L 37.09803921568625 18.000000000000004 Q 37.09803921568625 18.000000000000004 37.09803921568625 18.000000000000004 L 0 18.000000000000004 Q 0 18.000000000000004 0 18.000000000000004 L 0 0 Q 0 0 0 0 Z" stroke-miterlimit="10"/></g></g></g></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,47,331)"><g transform="translate(4,4) scale(1.0034722222222223,1.0083333333333333)"><g><g transform="translate(0,0) scale(1.44,0.6)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.6944444444444444,1.6666666666666667)"><path fill="#000000" stroke="none" d="M 10 0 L 134 0 Q 144 0 144 10 L 144 50 Q 144 60 134 60 L 10 60 Q 0 60 0 50 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 134 0 Q 144 0 144 10 L 144 50 Q 144 60 134 60 L 10 60 Q 0 60 0 50 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.44,0.6)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.6944444444444444,1.6666666666666667)"><path fill="#5fcc5a" stroke="none" d="M 10 0 L 134 0 Q 144 0 144 10 L 144 50 Q 144 60 134 60 L 10 60 Q 0 60 0 50 L 0 10 Q 0 0 10 0 Z" opacity="0.99"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 134 0 Q 144 0 144 10 L 144 50 Q 144 60 134 60 L 10 60 Q 0 60 0 50 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.99"/></g></g></g></g></g><g transform="matrix(1,0,0,1,50,342)"><g transform="translate(373,100) matrix(1,0,0,1,0,0) translate(-373,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="135" height="40" fill-opacity="0"/></g></g><g transform="translate(373,100) matrix(1,0,0,1,0,0) translate(-373,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="135" height="20" fill-opacity="0"/></g></g><g transform="translate(373,100) matrix(1,0,0,1,0,0) translate(-373,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="5" y="0" width="127" height="20" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="normal" text-decoration="" line-height="20.5px" x="58" y="17">:</text></g><g transform="translate(373,100) matrix(1,0,0,1,0,0) translate(-373,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="5" y="0" width="54" height="20" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="normal" text-decoration="" line-height="20.5px" x="5" y="17">Parent</text></g><g transform="translate(373,100) matrix(1,0,0,1,0,0) translate(-373,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="68" y="0" width="63" height="20" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="bold" text-decoration="" line-height="20.5px" x="68" y="17">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="bold" text-decoration="" line-height="20.5px" x="105" y="17">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="bold" text-decoration="" line-height="20.5px" x="110" y="17">10</text></g><g transform="translate(373,100) matrix(1,0,0,1,0,0) translate(-373,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="20" width="135" height="20" fill-opacity="0"/></g></g><g transform="translate(373,100) matrix(1,0,0,1,0,0) translate(-373,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="17" y="20" width="71" height="20" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="normal" text-decoration="" line-height="20.5px" x="17" y="37">VLAN</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="normal" text-decoration="" line-height="20.5px" x="69" y="37">ID</text></g><g transform="translate(373,100) matrix(1,0,0,1,0,0) translate(-373,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="87" y="20" width="6" height="20" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="normal" text-decoration="" line-height="20.5px" x="87" y="37">:</text></g><g transform="translate(373,100) matrix(1,0,0,1,0,0) translate(-373,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="93" y="20" width="26" height="20" fill-opacity="0"/></g></g><g transform="translate(373,100) matrix(1,0,0,1,0,0) translate(-373,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="98" y="20" width="21" height="20" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="bold" text-decoration="" line-height="20.5px" x="98" y="37">10</text></g></g><g transform="translate(0.5,0.5) matrix(1,0,0,1,367,331)"><g transform="translate(4,4) scale(1.0034722222222223,1.0083333333333333)"><g><g transform="translate(0,0) scale(1.44,0.6)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.6944444444444444,1.6666666666666667)"><path fill="#000000" stroke="none" d="M 10 0 L 134 0 Q 144 0 144 10 L 144 50 Q 144 60 134 60 L 10 60 Q 0 60 0 50 L 0 10 Q 0 0 10 0 Z" opacity="0.294117647"/><path fill="none" stroke="rgb(0,0,0)" d="M 10 0 M 10 0 L 134 0 Q 144 0 144 10 L 144 50 Q 144 60 134 60 L 10 60 Q 0 60 0 50 L 0 10 Q 0 0 10 0 Z" stroke-opacity="0" stroke-miterlimit="10" opacity="0.294117647"/></g></g></g></g></g><g><g transform="translate(0,0) scale(1.44,0.6)"><g><path fill="none" stroke="none" d="M 10 0 L 90 0 Q 100 0 100 10 L 100 90 Q 100 100 90 100 L 10 100 Q 0 100 0 90 L 0 10 Q 0 0 10 0 Z"/><g transform="scale(0.6944444444444444,1.6666666666666667)"><path fill="#eb6c6c" stroke="none" d="M 10 0 L 134 0 Q 144 0 144 10 L 144 50 Q 144 60 134 60 L 10 60 Q 0 60 0 50 L 0 10 Q 0 0 10 0 Z" opacity="0.99"/><path fill="none" stroke="#434343" d="M 10 0 M 10 0 L 134 0 Q 144 0 144 10 L 144 50 Q 144 60 134 60 L 10 60 Q 0 60 0 50 L 0 10 Q 0 0 10 0 Z" stroke-miterlimit="10" opacity="0.99"/></g></g></g></g></g><g transform="matrix(1,0,0,1,369,341)"><g transform="translate(194,100) matrix(1,0,0,1,0,0) translate(-194,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="138" height="40" fill-opacity="0"/></g></g><g transform="translate(194,100) matrix(1,0,0,1,0,0) translate(-194,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="138" height="20" fill-opacity="0"/></g></g><g transform="translate(194,100) matrix(1,0,0,1,0,0) translate(-194,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="4" y="0" width="132" height="20" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="normal" text-decoration="" line-height="20.5px" x="9" y="17">Parent</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="normal" text-decoration="" line-height="20.5px" x="62" y="17">:</text></g><g transform="translate(194,100) matrix(1,0,0,1,0,0) translate(-194,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="72" y="0" width="63" height="20" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="bold" text-decoration="" line-height="20.5px" x="72" y="17">eth0</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="bold" text-decoration="" line-height="20.5px" x="109" y="17">.</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="bold" text-decoration="" line-height="20.5px" x="114" y="17">30</text></g><g transform="translate(194,100) matrix(1,0,0,1,0,0) translate(-194,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="20" width="138" height="20" fill-opacity="0"/></g></g><g transform="translate(194,100) matrix(1,0,0,1,0,0) translate(-194,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="30" y="20" width="78" height="20" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="normal" text-decoration="" line-height="20.5px" x="30" y="37">VLAN</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="normal" text-decoration="" line-height="20.5px" x="77" y="37">:</text></g><g transform="translate(194,100) matrix(1,0,0,1,0,0) translate(-194,-100)"><g><rect fill="rgb(0,0,0)" stroke="none" x="88" y="20" width="21" height="20" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="18px" font-style="normal" font-weight="bold" text-decoration="" line-height="20.5px" x="88" y="37">30</text></g><g transform="translate(194,100) matrix(1,0,0,1,0,0) translate(-194,-100)"><g/></g></g><g transform="matrix(1,0,0,1,371,44)"><g transform="translate(266,48) matrix(1,0,0,1,0,0) translate(-266,-48)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="142" height="32" fill-opacity="0"/></g></g><g transform="translate(266,48) matrix(1,0,0,1,0,0) translate(-266,-48)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="0" width="142" height="16" fill-opacity="0"/></g></g><g transform="translate(266,48) matrix(1,0,0,1,0,0) translate(-266,-48)"><g><rect fill="rgb(0,0,0)" stroke="none" x="17" y="0" width="75" height="16" fill-opacity="0"/></g></g><g transform="translate(266,48) matrix(1,0,0,1,0,0) translate(-266,-48)"><g><rect fill="rgb(0,0,0)" stroke="none" x="17" y="0" width="75" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="17" y="14">Network</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="72" y="14"> &amp;&#160;</text></g><g transform="translate(266,48) matrix(1,0,0,1,0,0) translate(-266,-48)"><g><rect fill="rgb(0,0,0)" stroke="none" x="90" y="0" width="36" height="16" fill-opacity="0"/></g></g><g transform="translate(266,48) matrix(1,0,0,1,0,0) translate(-266,-48)"><g><rect fill="rgb(0,0,0)" stroke="none" x="90" y="0" width="36" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="90" y="14">other</text></g><g transform="translate(266,48) matrix(1,0,0,1,0,0) translate(-266,-48)"><g><rect fill="rgb(0,0,0)" stroke="none" x="0" y="16" width="142" height="16" fill-opacity="0"/></g></g><g transform="translate(266,48) matrix(1,0,0,1,0,0) translate(-266,-48)"><g><rect fill="rgb(0,0,0)" stroke="none" x="26" y="16" width="92" height="16" fill-opacity="0"/></g></g><g transform="translate(266,48) matrix(1,0,0,1,0,0) translate(-266,-48)"><g><rect fill="rgb(0,0,0)" stroke="none" x="26" y="16" width="92" height="16" fill-opacity="0"/></g><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="26" y="30">Docker</text><text fill="rgb(0, 0, 0)" stroke="none" font-family="Arial" font-size="14px" font-style="normal" font-weight="bold" text-decoration="" line-height="16.5px" x="77" y="30">Hosts</text></g></g></g></svg>
\ No newline at end of file
diff --git a/experimental/plugins_graphdriver.md b/experimental/plugins_graphdriver.md
new file mode 100644
index 00000000..6a855489
--- /dev/null
+++ b/experimental/plugins_graphdriver.md
@@ -0,0 +1,321 @@
+# Experimental: Docker graph driver plugins
+
+Docker graph driver plugins enable admins to use an external/out-of-process
+graph driver for use with Docker engine. This is an alternative to using the
+built-in storage drivers, such as aufs/overlay/devicemapper/btrfs.
+
+A graph driver plugin is used for image and container fs storage, as such
+the plugin must be started and available for connections prior to Docker Engine
+being started.
+
+# Write a graph driver plugin
+
+See the [plugin documentation](/docs/extend/plugins.md) for detailed information
+on the underlying plugin protocol.
+
+
+## Graph Driver plugin protocol
+
+If a plugin registers itself as a `GraphDriver` when activated, then it is
+expected to provide the rootfs for containers as well as image layer storage.
+
+### /GraphDriver.Init
+
+**Request**:
+```
+{
+  "Home": "/graph/home/path",
+  "Opts": []
+}
+```
+
+Initialize the graph driver plugin with a home directory and array of options.
+Plugins are not required to accept these options as the Docker Engine does not
+require that the plugin use this path or options, they are only being passed
+through from the user.
+
+**Response**:
+```
+{
+  "Err": null
+}
+```
+
+Respond with a string error if an error occurred.
+
+
+### /GraphDriver.Create
+
+**Request**:
+```
+{
+  "ID": "46fe8644f2572fd1e505364f7581e0c9dbc7f14640bd1fb6ce97714fb6fc5187",
+  "Parent": "2cd9c322cb78a55e8212aa3ea8425a4180236d7106938ec921d0935a4b8ca142"
+}
+```
+
+Create a new, empty, filesystem layer with the specified `ID` and `Parent`.
+`Parent` may be an empty string, which would indicate that there is no parent
+layer.
+
+**Response**:
+```
+{
+  "Err: null
+}
+```
+
+Respond with a string error if an error occurred.
+
+
+### /GraphDriver.Remove
+
+**Request**:
+```
+{
+  "ID": "46fe8644f2572fd1e505364f7581e0c9dbc7f14640bd1fb6ce97714fb6fc5187"
+}
+```
+
+Remove the filesystem layer with this given `ID`.
+
+**Response**:
+```
+{
+  "Err: null
+}
+```
+
+Respond with a string error if an error occurred.
+
+### /GraphDriver.Get
+
+**Request**:
+```
+{
+  "ID": "46fe8644f2572fd1e505364f7581e0c9dbc7f14640bd1fb6ce97714fb6fc5187"
+  "MountLabel": ""
+}
+```
+
+Get the mountpoint for the layered filesystem referred to by the given `ID`.
+
+**Response**:
+```
+{
+  "Dir": "/var/mygraph/46fe8644f2572fd1e505364f7581e0c9dbc7f14640bd1fb6ce97714fb6fc5187",
+  "Err": ""
+}
+```
+
+Respond with the absolute path to the mounted layered filesystem.
+Respond with a string error if an error occurred.
+
+### /GraphDriver.Put
+
+**Request**:
+```
+{
+  "ID": "46fe8644f2572fd1e505364f7581e0c9dbc7f14640bd1fb6ce97714fb6fc5187"
+}
+```
+
+Release the system resources for the specified `ID`, such as unmounting the
+filesystem layer.
+
+**Response**:
+```
+{
+  "Err: null
+}
+```
+
+Respond with a string error if an error occurred.
+
+### /GraphDriver.Exists
+
+**Request**:
+```
+{
+  "ID": "46fe8644f2572fd1e505364f7581e0c9dbc7f14640bd1fb6ce97714fb6fc5187"
+}
+```
+
+Determine if a filesystem layer with the specified `ID` exists.
+
+**Response**:
+```
+{
+  "Exists": true
+}
+```
+
+Respond with a boolean for whether or not the filesystem layer with the specified
+`ID` exists.
+
+### /GraphDriver.Status
+
+**Request**:
+```
+{}
+```
+
+Get low-level diagnostic information about the graph driver.
+
+**Response**:
+```
+{
+  "Status": [[]]
+}
+```
+
+Respond with a 2-D array with key/value pairs for the underlying status
+information.
+
+
+### /GraphDriver.GetMetadata
+
+**Request**:
+```
+{
+  "ID": "46fe8644f2572fd1e505364f7581e0c9dbc7f14640bd1fb6ce97714fb6fc5187"
+}
+```
+
+Get low-level diagnostic information about the layered filesystem with the
+with the specified `ID`
+
+**Response**:
+```
+{
+  "Metadata": {},
+  "Err": null
+}
+```
+
+Respond with a set of key/value pairs containing the low-level diagnostic
+information about the layered filesystem.
+Respond with a string error if an error occurred.
+
+### /GraphDriver.Cleanup
+
+**Request**:
+```
+{}
+```
+
+Perform necessary tasks to release resources help by the plugin, for example
+unmounting all the layered file systems.
+
+**Response**:
+```
+{
+  "Err: null
+}
+```
+
+Respond with a string error if an error occurred.
+
+
+### /GraphDriver.Diff
+
+**Request**:
+```
+{
+  "ID": "46fe8644f2572fd1e505364f7581e0c9dbc7f14640bd1fb6ce97714fb6fc5187",
+  "Parent": "2cd9c322cb78a55e8212aa3ea8425a4180236d7106938ec921d0935a4b8ca142"
+}
+```
+
+Get an archive of the changes between the filesystem layers specified by the `ID`
+and `Parent`. `Parent` may be an empty string, in which case there is no parent.
+
+**Response**:
+```
+{{ TAR STREAM }}
+```
+
+### /GraphDriver.Changes
+
+**Request**:
+```
+{
+  "ID": "46fe8644f2572fd1e505364f7581e0c9dbc7f14640bd1fb6ce97714fb6fc5187",
+  "Parent": "2cd9c322cb78a55e8212aa3ea8425a4180236d7106938ec921d0935a4b8ca142"
+}
+```
+
+Get a list of changes between the filesystem layers specified by the `ID` and
+`Parent`. `Parent` may be an empty string, in which case there is no parent.
+
+**Response**:
+```
+{
+  "Changes": [{}],
+  "Err": null
+}
+```
+
+Responds with a list of changes. The structure of a change is:
+```
+  "Path": "/some/path",
+  "Kind": 0,
+```
+
+Where the `Path` is the filesystem path within the layered filesystem that is
+changed and `Kind` is an integer specifying the type of change that occurred:
+
+- 0 - Modified
+- 1 - Added
+- 2 - Deleted
+
+Respond with a string error if an error occurred.
+
+### /GraphDriver.ApplyDiff
+
+**Request**:
+```
+{{ TAR STREAM }}
+```
+
+Extract the changeset from the given diff into the layer with the specified `ID`
+and `Parent`
+
+**Query Parameters**:
+
+- id (required)- the `ID` of the new filesystem layer to extract the diff to
+- parent (required)- the `Parent` of the given `ID`
+
+**Response**:
+```
+{
+  "Size": 512366,
+  "Err": null
+}
+```
+
+Respond with the size of the new layer in bytes.
+Respond with a string error if an error occurred.
+
+### /GraphDriver.DiffSize
+
+**Request**:
+```
+{
+  "ID": "46fe8644f2572fd1e505364f7581e0c9dbc7f14640bd1fb6ce97714fb6fc5187",
+  "Parent": "2cd9c322cb78a55e8212aa3ea8425a4180236d7106938ec921d0935a4b8ca142"
+}
+```
+
+Calculate the changes between the specified `ID`
+
+**Response**:
+```
+{
+  "Size": 512366,
+  "Err": null
+}
+```
+
+Respond with the size changes between the specified `ID` and `Parent`
+Respond with a string error if an error occurred.
diff --git a/experimental/vlan-networks.md b/experimental/vlan-networks.md
new file mode 100644
index 00000000..66723b9b
--- /dev/null
+++ b/experimental/vlan-networks.md
@@ -0,0 +1,721 @@
+
+
+# Macvlan and Ipvlan Network Drivers
+
+### Getting Started
+
+The Macvlan and Ipvlan drivers are currently in experimental mode in order to incubate Docker users use cases and vet the implementation to ensure a hardened, production ready driver in a future release. Libnetwork now gives users total control over both IPv4 and IPv6 addressing. The VLAN drivers build on top of that in giving operators complete control of layer 2 VLAN tagging and even Ipvlan L3 routing for users interested in underlay network integration. For overlay deployments that abstract away physical constraints see the [multi-host overlay ](https://docs.docker.com/engine/userguide/networking/get-started-overlay/) driver.
+
+Macvlan and Ipvlan are a new twist on the tried and true network virtualization technique. The Linux implementations are extremely lightweight because rather than using the traditional Linux bridge for isolation, they are simply associated to a Linux Ethernet interface or sub-interface to enforce separation between networks and connectivity to the physical network.
+
+Macvlan and Ipvlan offer a number of unique features and plenty of room for further innovations with the various modes. Two high level advantages of these approaches are, the positive performance implications of bypassing the Linux bridge and the simplicity of having less moving parts. Removing the bridge that traditionally resides in between the Docker host NIC and container interface leaves a very simple setup consisting of container interfaces, attached directly to the Docker host interface. This result is easy access for external facing services as there is no port mappings in these scenarios.
+
+
+### Pre-Requisites
+
+- The examples on this page are all single host and setup using Docker experimental builds that can be installed with the following instructions: [Install Docker experimental](https://github.com/docker/docker/tree/master/experimental)
+
+- All of the examples can be performed on a single host running Docker. Any examples using a sub-interface like `eth0.10` can be replaced with `eth0` or any other valid parent interface on the Docker host. Sub-interfaces with a `.` are created on the fly. `-o parent` interfaces can also be left out of the `docker network create` all together and the driver will create a `dummy` interface that will enable local host connectivity to perform the examples.
+
+- Kernel requirements:
+ 
+ - To check your current kernel version, use `uname -r` to display your kernel version
+ - Macvlan Linux kernel v3.9–3.19 and 4.0+
+ - Ipvlan Linux kernel v4.2+ (support for earlier kernels exists but is buggy)
+
+
+### MacVlan Bridge Mode Example Usage
+
+Macvlan Bridge mode has a unique MAC address per container used to track MAC to port mappings by the Docker host. This is the largest difference from Ipvlan L2 mode which uses the same MAC address as the parent interface for each container `eth0` interface.
+
+- Macvlan and Ipvlan driver networks are attached to a parent Docker host interface. Examples are a physical interface such as `eth0`, a sub-interface for 802.1q VLAN tagging like `eth0.10` (`.10` representing VLAN `10`) or even bonded host adaptors which bundle two Ethernet interfaces into a single logical interface.
+
+- The specified gateway is external to the host provided by the network infrastructure. 
+
+- Each Macvlan Bridge mode Docker network is isolated from one another and there can be only one network attached to a parent interface at a time. There is a theoretical limit of 4,094 sub-interfaces per host adaptor that a Docker network could be attached to.
+
+- It is not recommended to mix ipvlan and macvlan networks on the same `-o parent=` interface. Older kernel versions will throw uninformative netlink errors such as `device is busy`.
+
+- Any container inside the same subnet can talk any other container in the same network without a  gateway in both `macvlan bridge` mode and `ipvlan L2` modes.
+
+- The same `docker network` commands apply to the vlan drivers. Some are irrelevant such as `-icc` or `--set-macaddress` for the Ipvlan driver.
+
+- In Macvlan and Ipvlan L2 mode, containers on separate networks cannot reach one another without an external process routing between the two networks/subnets. This also applies to multiple subnets within the same `docker network`. See Ipvlan L3 mode for inter-subnet communications without a router.
+
+In the following example, `eth0` on the docker host has an IP on the `172.16.86.0/24` network and a default gateway of `172.16.86.1`. The gateway is an external router with an address of `172.16.86.1`. An IP address is not required on the Docker host interface `eth0` in `bridge` mode, it merely needs to be on the proper upstream network to get forwarded by a network switch or network router.
+
+![Simple Macvlan Bridge Mode Example](images/macvlan_bridge_simple.png)
+
+
+**Note** For Macvlan bridge mode and Ipvlan L2 mode the subnet values need to match the NIC's interface of the Docker host. For example, Use the same subnet and gateway of the Docker host ethernet interface that is specified by the `-o parent=` option.
+
+- The parent interface used in this example is `eth0` and it is on the subnet `172.16.86.0/24`. The containers in the `docker network` will also need to be on this same subnet as the parent `-o parent=`. The gateway is an external router on the network, not any ip masquerading or any other local proxy.
+
+- The driver is specified with `-d driver_name` option. In this case `-d macvlan`
+
+- The parent interface `-o parent=eth0` is configured as followed:
+
+```
+ip addr show eth0
+3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
+    inet 172.16.86.250/24 brd 172.16.86.255 scope global eth0
+```
+
+Create the macvlan network and run a couple of containers attached to it:
+
+```
+# Macvlan  (-o macvlan_mode= Defaults to Bridge mode if not specified)
+docker network create -d macvlan \
+    --subnet=172.16.86.0/24 \
+    --gateway=172.16.86.1  \
+    -o parent=eth0 pub_net
+
+# Run a container on the new network specifying the --ip address.
+docker  run --net=pub_net --ip=172.16.86.10 -itd alpine /bin/sh
+
+# Start a second container and ping the first
+docker  run --net=pub_net -it --rm alpine /bin/sh
+ping -c 4 172.16.86.10
+
+```
+
+ Take a look at the containers ip and routing table:
+ 
+```
+
+ip a show eth0
+    eth0@if3: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UNKNOWN
+    link/ether 46:b2:6b:26:2f:69 brd ff:ff:ff:ff:ff:ff
+    inet 172.16.86.2/24 scope global eth0
+    
+ip route
+    default via 172.16.86.1 dev eth0
+    172.16.86.0/24 dev eth0  src 172.16.86.2
+
+# NOTE: the containers can NOT ping the underlying host interfaces as
+# they are intentionally filtered by Linux for additional isolation.
+# In this case the containers cannot ping the -o parent=172.16.86.250
+```
+
+
+You can explicitly specify the `bridge` mode option `-o macvlan_mode=bridge`. It is the default so will be in `bridge` mode either way.
+
+While the `eth0` interface does not need to have an IP address in Macvlan Bridge mode or Ipvlan L2 mode it is not uncommon to have an IP address on the interface. Addresses can be excluded from getting an address from the default built in IPAM by using the `--aux-address=x.x.x.x` flag. This will blacklist the specified address from being handed out to containers. The same network example above blocking the `-o parent=eth0` address from being handed out to a container.
+
+```
+docker network create -d macvlan \
+    --subnet=172.16.86.0/24 \
+    --gateway=172.16.86.1  \
+    --aux-address="exclude_host=172.16.86.250" \
+    -o parent=eth0 pub_net
+```
+
+Another option for subpool IP address selection in a network provided by the default Docker IPAM driver is to use `--ip-range=`. This specifies the driver to allocate container addresses from this pool rather then the broader range from the `--subnet=` argument from a network create as seen in the following example that will allocate addresses beginning at `192.168.32.128` and increment upwards from there.
+
+```
+docker network create -d macvlan  \
+    --subnet=192.168.32.0/24  \
+    --ip-range=192.168.32.128/25 \
+    --gateway=192.168.32.254  \
+    -o parent=eth0 macnet32
+
+# Start a container and verify the address is 192.168.32.128
+docker run --net=macnet32 -it --rm alpine /bin/sh
+```
+
+The network can then be deleted with:
+
+```
+docker network rm <network_name or id>
+```
+
+- **Note:** In both Macvlan and Ipvlan you are not able to ping or communicate with the default namespace IP address. For example, if you create a container and try to ping the Docker host's `eth0` it will **not** work. That traffic is explicitly filtered by the kernel modules themselves to offer additional provider isolation and security.
+
+For more on Docker networking commands see [Working with Docker network commands](https://docs.docker.com/engine/userguide/networking/work-with-networks/)
+
+### Ipvlan L2 Mode Example Usage
+
+The ipvlan `L2` mode example is virtually identical to the macvlan `bridge` mode example. The driver is specified with `-d driver_name` option. In this case `-d ipvlan`
+
+![Simple Ipvlan L2 Mode Example](images/ipvlan_l2_simple.png)
+
+The parent interface in the next example `-o parent=eth0` is configured as followed:
+
+```
+ip addr show eth0
+3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
+    inet 192.168.1.250/24 brd 192.168.1.255 scope global eth0
+```
+
+Use the network from the host's interface as the `--subnet` in the `docker network create`. The container will be attached to the same network as the host interface as set via the `-o parent=` option.
+
+Create the ipvlan network and run a container attaching to it:
+
+```
+# Ipvlan  (-o ipvlan_mode= Defaults to L2 mode if not specified)
+docker network  create -d ipvlan \
+    --subnet=192.168.1.0/24 \ 
+    --gateway=192.168.1.1 \
+    -o ipvlan_mode=l2 \
+    -o parent=eth0 db_net
+
+# Start a container on the db_net network
+docker  run --net=db_net -it --rm alpine /bin/sh
+
+# NOTE: the containers can NOT ping the underlying host interfaces as
+# they are intentionally filtered by Linux for additional isolation.
+```
+
+The default mode for Ipvlan is `l2`. The default mode for Macvlan is `bridge`. If `-o ipvlan_mode=` or `-o macvlan_mode=` are left unspecified, the default modes will be used. Similarly, if the `--gateway` is left empty, the first usable address on the network will be set as the gateway. For example, if the subnet provided in the network create is `--subnet=192.168.1.0/24` then the gateway the container receives is `192.168.1.1`.
+
+To help understand how this mode interacts with other hosts, the following figure shows the same layer 2 segment between two Docker hosts that applies to both Macvlan Bride mode and Ipvlan L2 mode.
+
+![Multiple Ipvlan and Macvlan Hosts](images/macvlan-bridge-ipvlan-l2.png)
+
+The following will create the exact same network as the network `db_net` created prior, with the driver defaults for `--gateway=192.168.1.1` and `-o ipvlan_mode=l2`.
+
+```
+# Ipvlan  (-o ipvlan_mode= Defaults to L2 mode if not specified)
+docker network  create -d ipvlan \
+    --subnet=192.168.1.0/24 \ 
+    -o parent=eth0 db_net_ipv
+
+# Start a container with an explicit name in daemon mode
+docker  run --net=db_net_ipv --name=ipv1 -itd alpine /bin/sh
+
+# Start a second container and ping using the container name
+# to see the docker included name resolution functionality
+docker  run --net=db_net_ipv --name=ipv2 -it --rm alpine /bin/sh
+ping -c 4 ipv1
+
+# NOTE: the containers can NOT ping the underlying host interfaces as
+# they are intentionally filtered by Linux for additional isolation.
+```
+
+The drivers also support the `--internal` flag that will completely isolate containers on a network from any communications external to that network. Since network isolation is tightly coupled to the network's parent interface the result of leaving the `-o parent=` option off of a network create is the exact same as the `--internal` option. If the parent interface is not specified or the `--internal` flag is used, a netlink type `dummy` parent interface is created for the user and used as the parent interface effectively isolating the network completely.
+
+The following two `docker network create` examples result in identical networks that you can attach container to:
+
+```
+# Empty '-o parent=' creates an isolated network
+docker network  create -d ipvlan \
+    --subnet=192.168.10.0/24 isolated1
+
+# Explicit '--internal' flag is the same:
+docker network  create -d ipvlan \
+    --subnet=192.168.11.0/24 --internal isolated2
+
+# Even the '--subnet=' can be left empty and the default 
+# IPAM subnet of 172.18.0.0/16 will be assigned
+docker network  create -d ipvlan isolated3
+
+docker run --net=isolated1 --name=cid1 -it --rm alpine /bin/sh
+docker run --net=isolated2 --name=cid2 -it --rm alpine /bin/sh
+docker run --net=isolated3 --name=cid3 -it --rm alpine /bin/sh
+
+# To attach to any use `docker exec` and start a shell
+docker exec -it cid1 /bin/sh
+docker exec -it cid2 /bin/sh
+docker exec -it cid3 /bin/sh
+```
+
+### Macvlan 802.1q Trunk Bridge Mode Example Usage
+
+VLANs (Virtual Local Area Networks) have long been a primary means of virtualizing data center networks and are still in virtually all existing networks today. VLANs work by tagging a Layer-2 isolation domain with a 12-bit identifier ranging from 1-4094 that is inserted into a packet header that enables a logical grouping of a single or multiple subnets of both IPv4 and IPv6. It is very common for network operators to separate traffic using VLANs based on a subnet(s) function or security profile such as `web`, `db` or any other isolation needs.
+
+It is very common to have a compute host requirement of running multiple virtual networks concurrently on a host. Linux networking has long supported VLAN tagging, also known by it's standard 802.1q, for maintaining datapath isolation between networks. The Ethernet link connected to a Docker host can be configured to support the 802.1q VLAN IDs, by creating Linux sub-interfaces, each one dedicated to a unique VLAN ID.
+
+![Simple Ipvlan L2 Mode Example](images/multi_tenant_8021q_vlans.png)
+
+Trunking 802.1q to a Linux host is notoriously painful for many in operations. It requires configuration file changes in order to be persistent through a reboot. If a bridge is involved, a physical NIC needs to be moved into the bridge and the bridge then gets the IP address. This has lead to many a stranded servers since the risk of cutting off access during that convoluted process is high.
+
+Like all of the Docker network drivers, the overarching goal is to alleviate the operational pains of managing network resources. To that end, when a network receives a sub-interface as the parent that does not exist, the drivers create the VLAN tagged interfaces while creating the network.
+
+In the case of a host reboot, instead of needing to modify often complex network configuration files the driver will recreate all network links when the Docker daemon restarts. The driver tracks if it created the VLAN tagged sub-interface originally with the network create and will **only** recreate the sub-interface after a restart or delete `docker network rm` the link if it created it in the first place with `docker network create`.
+
+If the user doesn't want Docker to modify the `-o parent` sub-interface, the user simply needs to pass an existing link that already exists as the parent interface. Parent interfaces such as `eth0` are not deleted, only sub-interfaces that are not master links.
+
+For the driver to add/delete the vlan sub-interfaces the format needs to be `interface_name.vlan_tag`.
+
+For example: `eth0.50` denotes a parent interface of `eth0` with a slave of `eth0.50` tagged with vlan id `50`. The equivalent `ip link` command would be `ip link add link eth0 name eth0.50 type vlan id 50`.
+
+Replace the `macvlan` with `ipvlan` in the `-d` driver argument to create macvlan 802.1q trunks. 
+
+**Vlan ID 50**
+
+In the first network tagged and isolated by the Docker host, `eth0.50` is the parent interface tagged with vlan id `50` specified with `-o parent=eth0.50`. Other naming formats can be used, but the links need to be added and deleted manually using `ip link` or Linux configuration files. As long as the `-o parent` exists anything can be used if compliant with Linux netlink.
+
+```
+# now add networks and hosts as you would normally by attaching to the master (sub)interface that is tagged
+docker network  create  -d macvlan \
+    --subnet=192.168.50.0/24 \
+    --gateway=192.168.50.1 \
+    -o parent=eth0.50 macvlan50
+
+# In two separate terminals, start a Docker container and the containers can now ping one another.
+docker run --net=macvlan50 -it --name macvlan_test5 --rm alpine /bin/sh
+docker run --net=macvlan50 -it --name macvlan_test6 --rm alpine /bin/sh
+```
+
+**Vlan ID 60**
+
+In the second network, tagged and isolated by the Docker host, `eth0.60` is the parent interface tagged with vlan id `60` specified with `-o parent=eth0.60`. The `macvlan_mode=` defaults to `macvlan_mode=bridge`. It can also be explicitly set with the same result as shown in the next example.
+
+```
+# now add networks and hosts as you would normally by attaching to the master (sub)interface that is tagged. 
+docker network  create  -d macvlan \
+    --subnet=192.168.60.0/24 \
+    --gateway=192.168.60.1 \
+    -o parent=eth0.60 -o \
+    -o macvlan_mode=bridge macvlan60
+
+# In two separate terminals, start a Docker container and the containers can now ping one another.
+docker run --net=macvlan60 -it --name macvlan_test7 --rm alpine /bin/sh
+docker run --net=macvlan60 -it --name macvlan_test8 --rm alpine /bin/sh
+```
+
+**Example:** Multi-Subnet Macvlan 802.1q Trunking
+
+The same as the example before except there is an additional subnet bound to the network that the user can choose to provision containers on. In MacVlan/Bridge mode, containers can only ping one another if they are on the same subnet/broadcast domain unless there is an external router that routes the traffic (answers ARP etc) between the two subnets.
+
+```
+### Create multiple L2 subnets
+docker network  create  -d ipvlan \
+    --subnet=192.168.210.0/24 \
+    --subnet=192.168.212.0/24 \
+    --gateway=192.168.210.254  \
+    --gateway=192.168.212.254  \
+     -o ipvlan_mode=l2 ipvlan210
+
+# Test 192.168.210.0/24 connectivity between containers
+docker run --net=ipvlan210 --ip=192.168.210.10 -itd alpine /bin/sh
+docker run --net=ipvlan210 --ip=192.168.210.9 -it --rm alpine ping -c 2 192.168.210.10
+
+# Test 192.168.212.0/24 connectivity between containers
+docker run --net=ipvlan210 --ip=192.168.212.10 -itd alpine /bin/sh
+docker run --net=ipvlan210 --ip=192.168.212.9 -it --rm alpine ping -c 2 192.168.212.10
+
+```
+
+### Ipvlan 802.1q Trunk L2 Mode Example Usage
+
+Architecturally, Ipvlan L2 mode trunking is the same as Macvlan with regard to gateways and L2 path isolation. There are nuances that can be advantageous for CAM table pressure in ToR switches, one MAC per port and MAC exhaustion on a host's parent NIC to name a few. The 802.1q trunk scenario looks the same. Both modes adhere to tagging standards and have seamless integration with the physical network for underlay integration and hardware vendor plugin integrations.
+
+Hosts on the same VLAN are typically on the same subnet and almost always are grouped together based on their security policy. In most scenarios, a multi-tier application is tiered into different subnets because the security profile of each process requires some form of isolation. For example, hosting your credit card processing on the same virtual network as the frontend webserver would be a regulatory compliance issue, along with circumventing the long standing best practice of layered defense in depth architectures. VLANs or the equivocal VNI (Virtual Network Identifier) when using the Overlay driver, are the first step in isolating tenant traffic.
+
+![Docker VLANs in Depth](images/vlans-deeper-look.png)
+
+The Linux sub-interface tagged with a vlan can either already exist or will be created when you call a `docker network create`. `docker network rm` will delete the sub-interface. Parent interfaces such as `eth0` are not deleted, only sub-interfaces with a netlink parent index > 0.
+
+For the driver to add/delete the vlan sub-interfaces the format needs to be `interface_name.vlan_tag`. Other sub-interface naming can be used as the specified parent, but the link will not be deleted automatically when `docker network rm` is invoked. 
+
+The option to use either existing parent vlan sub-interfaces or let Docker manage them enables the user to either completely manage the Linux interfaces and networking or let Docker create and delete the Vlan parent sub-interfaces (netlink `ip link`) with no effort from the user.
+
+For example: `eth0.10` to denote a sub-interface of `eth0` tagged with vlan id `10`. The equivalent `ip link` command would be `ip link add link eth0 name eth0.10 type vlan id 10`.
+
+The example creates the vlan tagged networks and then start two containers to test connectivity between containers. Different Vlans cannot ping one another without a router routing between the two networks. The default namespace is not reachable per ipvlan design in order to isolate container namespaces from the underlying host.
+
+**Vlan ID 20**
+
+In the first network tagged and isolated by the Docker host, `eth0.20` is the parent interface tagged with vlan id `20` specified with `-o parent=eth0.20`. Other naming formats can be used, but the links need to be added and deleted manually using `ip link` or Linux configuration files. As long as the `-o parent` exists anything can be used if compliant with Linux netlink.
+
+```
+# now add networks and hosts as you would normally by attaching to the master (sub)interface that is tagged
+docker network  create  -d ipvlan \
+    --subnet=192.168.20.0/24 \
+    --gateway=192.168.20.1 \
+    -o parent=eth0.20 ipvlan20
+
+# in two separate terminals, start a Docker container and the containers can now ping one another.
+docker run --net=ipvlan20 -it --name ivlan_test1 --rm alpine /bin/sh
+docker run --net=ipvlan20 -it --name ivlan_test2 --rm alpine /bin/sh
+```
+
+**Vlan ID 30**
+
+In the second network, tagged and isolated by the Docker host, `eth0.30` is the parent interface tagged with vlan id `30` specified with `-o parent=eth0.30`. The `ipvlan_mode=` defaults to l2 mode `ipvlan_mode=l2`. It can also be explicitly set with the same result as shown in the next example.
+
+```
+# now add networks and hosts as you would normally by attaching to the master (sub)interface that is tagged.
+docker network  create  -d ipvlan \
+    --subnet=192.168.30.0/24 \
+    --gateway=192.168.30.1 \
+    -o parent=eth0.30 \
+    -o ipvlan_mode=l2 ipvlan30
+
+# in two separate terminals, start a Docker container and the containers can now ping one another.
+docker run --net=ipvlan30 -it --name ivlan_test3 --rm alpine /bin/sh
+docker run --net=ipvlan30 -it --name ivlan_test4 --rm alpine /bin/sh
+```
+
+The gateway is set inside of the container as the default gateway. That gateway would typically be an external router on the network.
+
+```
+$ ip route
+  default via 192.168.30.1 dev eth0
+  192.168.30.0/24 dev eth0  src 192.168.30.2
+```
+
+Example: Multi-Subnet Ipvlan L2 Mode starting two containers on the same subnet and pinging one another. In order for the `192.168.114.0/24` to reach `192.168.116.0/24` it requires an external router in L2 mode. L3 mode can route between subnets that share a common `-o parent=`. This same multi-subnet example is also valid for Macvlan `bridge` mode.
+
+Secondary addresses on network routers are common as an address space becomes exhausted to add another secondary to a L3 vlan interface or commonly referred to as a "switched virtual interface" (SVI).
+
+```
+docker network  create  -d ipvlan \
+    --subnet=192.168.114.0/24 --subnet=192.168.116.0/24 \
+    --gateway=192.168.114.254  --gateway=192.168.116.254 \
+     -o parent=eth0.114 \
+     -o ipvlan_mode=l2 ipvlan114
+     
+docker run --net=ipvlan114 --ip=192.168.114.10 -it --rm alpine /bin/sh
+docker run --net=ipvlan114 --ip=192.168.114.11 -it --rm alpine /bin/sh
+```
+
+A key takeaway is, operators have the ability to map their physical network into their virtual network for integrating containers into their environment with no operational overhauls required. NetOps simply drops an 802.1q trunk into the Docker host. That virtual link would be the `-o parent=` passed in the network creation. For untagged (non-VLAN) links, it is as simple as `-o parent=eth0` or for 802.1q trunks with VLAN IDs each network gets mapped to the corresponding VLAN/Subnet from the network.
+
+An example being, NetOps provides VLAN ID and the associated subnets for VLANs being passed on the Ethernet link to the Docker host server. Those values are simply plugged into the `docker network create` commands when provisioning the Docker networks. These are persistent configurations that are applied every time the Docker engine starts which alleviates having to manage often complex configuration files. The network interfaces can also be managed manually by being pre-created and docker networking will never modify them, simply use them as parent interfaces. Example mappings from NetOps to Docker network commands are as follows:
+
+- VLAN: 10, Subnet: 172.16.80.0/24, Gateway: 172.16.80.1
+
+    - `--subnet=172.16.80.0/24 --gateway=172.16.80.1 -o parent=eth0.10` 
+
+- VLAN: 20, IP subnet: 172.16.50.0/22, Gateway: 172.16.50.1
+
+    - `--subnet=172.16.50.0/22 --gateway=172.16.50.1 -o parent=eth0.20 ` 
+
+- VLAN: 30, Subnet: 10.1.100.0/16, Gateway: 10.1.100.1
+
+    - `--subnet=10.1.100.0/16 --gateway=10.1.100.1 -o parent=eth0.30` 
+
+### IPVlan L3 Mode Example
+
+IPVlan will require routes to be distributed to each endpoint. The driver only builds the Ipvlan L3 mode port and attaches the container to the interface. Route distribution throughout a cluster is beyond the initial implementation of this single host scoped driver. In L3 mode, the Docker host is very similar to a router starting new networks in the container. They are on networks that the upstream network will not know about without route distribution. For those curious how Ipvlan L3 will fit into container networking see the following examples.
+
+![Docker Ipvlan L2 Mode](images/ipvlan-l3.png)
+
+Ipvlan L3 mode drops all broadcast and multicast traffic. This reason alone makes Ipvlan L3 mode a prime candidate for those looking for massive scale and predictable network integrations. It is predictable and in turn will lead to greater uptimes because there is no bridging involved. Bridging loops have been responsible for high profile outages that can be hard to pinpoint depending on the size of the failure domain. This is due to the cascading nature of BPDUs (Bridge Port Data Units) that are flooded throughout a broadcast domain (VLAN) to find and block topology loops. Eliminating bridging domains, or at the least, keeping them isolated to a pair of ToRs (top of rack switches) will reduce hard to troubleshoot bridging instabilities. Macvlan Bridge and Ipvlan L2 modes are well suited for isolated VLANs only trunked into a pair of ToRs that can provide a loop-free non-blocking fabric. The next step further is to route at the edge via Ipvlan L3 mode that reduces a failure domain to a local host only. 
+
+- L3 mode needs to be on a separate subnet as the default namespace since it requires a netlink route in the default namespace pointing to the Ipvlan parent interface.
+
+- The parent interface used in this example is `eth0` and it is on the subnet `192.168.1.0/24`. Notice the `docker network` is **not** on the same subnet as `eth0`.
+
+- Unlike macvlan bridge mode and ipvlan l2 modes, different subnets/networks can ping one another as long as they share the same parent interface `-o parent=`.
+
+```
+ip a show eth0
+3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
+    link/ether 00:50:56:39:45:2e brd ff:ff:ff:ff:ff:ff
+    inet 192.168.1.250/24 brd 192.168.1.255 scope global eth0
+```
+
+-A traditional gateway doesn't mean much to an L3 mode Ipvlan interface since there is no broadcast traffic allowed. Because of that, the container default gateway simply point the the containers `eth0` device. See below for CLI output of `ip route` or `ip -6 route` from inside an L3 container for details.
+
+The mode ` -o ipvlan_mode=l3` must be explicitly specified since the default ipvlan mode is `l2`.
+
+The following example does not specify a parent interface. The network drivers will create a dummy type link for the user rather then rejecting the network creation and isolating containers from only communicating with one another.
+
+```
+# Create the Ipvlan L3 network
+docker network  create  -d ipvlan \
+    --subnet=192.168.214.0/24 \
+    --subnet=10.1.214.0/24 \
+     -o ipvlan_mode=l3 ipnet210
+
+# Test 192.168.214.0/24 connectivity
+docker run --net=ipnet210 --ip=192.168.214.10 -itd alpine /bin/sh
+docker run --net=ipnet210 --ip=10.1.214.10 -itd alpine /bin/sh
+
+# Test L3 connectivity from 10.1.214.0/24 to 192.168.212.0/24
+docker run --net=ipnet210 --ip=192.168.214.9 -it --rm alpine ping -c 2 10.1.214.10
+
+# Test L3 connectivity from 192.168.212.0/24 to 10.1.214.0/24
+docker run --net=ipnet210 --ip=10.1.214.9 -it --rm alpine ping -c 2 192.168.214.10
+
+```
+
+Notice there is no `--gateway=` option in the network create. The field is ignored if one is specified `l3` mode. Take a look at the container routing table from inside of the container:
+
+```
+# Inside an L3 mode container
+$ ip route
+  default dev eth0
+  192.168.120.0/24 dev eth0  src 192.168.120.2
+```
+
+In order to ping the containers from a remote Docker host or the container be able to ping a remote host, the remote host or the physical network in between need to have a route pointing to the host IP address of the container's Docker host eth interface. More on this as we evolve the Ipvlan `L3` story.
+
+### Dual Stack IPv4 IPv6 Macvlan Bridge Mode
+
+**Example:** Macvlan Bridge mode, 802.1q trunk, VLAN ID: 218, Multi-Subnet, Dual Stack
+
+```
+# Create multiple bridge subnets with a gateway of x.x.x.1:
+docker network  create  -d macvlan \
+    --subnet=192.168.216.0/24 --subnet=192.168.218.0/24 \
+    --gateway=192.168.216.1  --gateway=192.168.218.1 \
+    --subnet=2001:db8:abc8::/64 --gateway=2001:db8:abc8::10 \
+     -o parent=eth0.218 \
+     -o macvlan_mode=bridge macvlan216
+
+# Start a container on the first subnet 192.168.216.0/24
+docker run --net=macvlan216 --name=macnet216_test --ip=192.168.216.10 -itd alpine /bin/sh
+
+# Start a container on the second subnet 192.168.218.0/24
+docker run --net=macvlan216 --name=macnet216_test --ip=192.168.218.10 -itd alpine /bin/sh
+
+# Ping the first container started on the 192.168.216.0/24 subnet
+docker run --net=macvlan216 --ip=192.168.216.11 -it --rm alpine /bin/sh
+ping 192.168.216.10
+
+# Ping the first container started on the 192.168.218.0/24 subnet
+docker run --net=macvlan216 --ip=192.168.218.11 -it --rm alpine /bin/sh
+ping 192.168.218.10
+```
+
+View the details of one of the containers:
+
+```
+docker run --net=macvlan216 --ip=192.168.216.11 -it --rm alpine /bin/sh
+
+root@526f3060d759:/# ip a show eth0
+    eth0@if92: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default
+    link/ether 8e:9a:99:25:b6:16 brd ff:ff:ff:ff:ff:ff
+    inet 192.168.216.11/24 scope global eth0
+       valid_lft forever preferred_lft forever
+    inet6 2001:db8:abc4::8c9a:99ff:fe25:b616/64 scope link tentative
+       valid_lft forever preferred_lft forever
+    inet6 2001:db8:abc8::2/64 scope link nodad
+       valid_lft forever preferred_lft forever
+
+# Specified v4 gateway of 192.168.216.1     
+root@526f3060d759:/# ip route
+  default via 192.168.216.1 dev eth0
+  192.168.216.0/24 dev eth0  proto kernel  scope link  src 192.168.216.11
+
+# Specified v6 gateway of 2001:db8:abc8::10
+root@526f3060d759:/# ip -6 route
+  2001:db8:abc4::/64 dev eth0  proto kernel  metric 256
+  2001:db8:abc8::/64 dev eth0  proto kernel  metric 256
+  default via 2001:db8:abc8::10 dev eth0  metric 1024
+```
+
+### Dual Stack IPv4 IPv6 Ipvlan L2 Mode
+
+- Not only does Libnetwork give you complete control over IPv4 addressing, but it also gives you total control over IPv6 addressing as well as feature parity between the two address families.
+
+- The next example will start with IPv6 only. Start two containers on the same VLAN `139` and ping one another. Since the IPv4 subnet is not specified, the default IPAM will provision a default IPv4 subnet. That subnet is isolated unless the upstream network is explicitly routing it on VLAN `139`.
+
+```
+# Create a v6 network
+docker network create -d ipvlan \
+    --subnet=2001:db8:abc2::/64 --gateway=2001:db8:abc2::22 \
+    -o parent=eth0.139 v6ipvlan139
+    
+# Start a container on the network
+docker run --net=v6ipvlan139 -it --rm alpine /bin/sh
+
+```
+
+View the container eth0 interface and v6 routing table:
+
+```
+ eth0@if55: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default
+    link/ether 00:50:56:2b:29:40 brd ff:ff:ff:ff:ff:ff
+    inet 172.18.0.2/16 scope global eth0
+       valid_lft forever preferred_lft forever
+    inet6 2001:db8:abc4::250:56ff:fe2b:2940/64 scope link
+       valid_lft forever preferred_lft forever
+    inet6 2001:db8:abc2::1/64 scope link nodad
+       valid_lft forever preferred_lft forever
+       
+root@5c1dc74b1daa:/# ip -6 route
+2001:db8:abc4::/64 dev eth0  proto kernel  metric 256
+2001:db8:abc2::/64 dev eth0  proto kernel  metric 256
+default via 2001:db8:abc2::22 dev eth0  metric 1024
+```
+
+Start a second container and ping the first container's v6 address. 
+
+```
+$ docker run --net=v6ipvlan139 -it --rm alpine /bin/sh
+
+root@b817e42fcc54:/# ip a show eth0
+75: eth0@if55: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default
+    link/ether 00:50:56:2b:29:40 brd ff:ff:ff:ff:ff:ff
+    inet 172.18.0.3/16 scope global eth0
+       valid_lft forever preferred_lft forever
+    inet6 2001:db8:abc4::250:56ff:fe2b:2940/64 scope link tentative dadfailed
+       valid_lft forever preferred_lft forever
+    inet6 2001:db8:abc2::2/64 scope link nodad
+       valid_lft forever preferred_lft forever
+
+root@b817e42fcc54:/# ping6 2001:db8:abc2::1
+PING 2001:db8:abc2::1 (2001:db8:abc2::1): 56 data bytes
+64 bytes from 2001:db8:abc2::1%eth0: icmp_seq=0 ttl=64 time=0.044 ms
+64 bytes from 2001:db8:abc2::1%eth0: icmp_seq=1 ttl=64 time=0.058 ms
+
+2 packets transmitted, 2 packets received, 0% packet loss
+round-trip min/avg/max/stddev = 0.044/0.051/0.058/0.000 ms
+```
+
+The next example with setup a dual stack IPv4/IPv6 network with an example VLAN ID of `140`.
+
+Next create a network with two IPv4 subnets and one IPv6 subnets, all of which have explicit gateways:
+
+```
+docker network  create  -d ipvlan \
+    --subnet=192.168.140.0/24 --subnet=192.168.142.0/24 \
+    --gateway=192.168.140.1  --gateway=192.168.142.1 \
+    --subnet=2001:db8:abc9::/64 --gateway=2001:db8:abc9::22 \
+     -o parent=eth0.140 \
+     -o ipvlan_mode=l2 ipvlan140
+```
+
+Start a container and view eth0 and both v4 & v6 routing tables:
+
+```
+docker run --net=v6ipvlan139 --ip6=2001:db8:abc2::51 -it --rm alpine /bin/sh
+
+root@3cce0d3575f3:/# ip a show eth0
+78: eth0@if77: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default
+    link/ether 00:50:56:2b:29:40 brd ff:ff:ff:ff:ff:ff
+    inet 192.168.140.2/24 scope global eth0
+       valid_lft forever preferred_lft forever
+    inet6 2001:db8:abc4::250:56ff:fe2b:2940/64 scope link
+       valid_lft forever preferred_lft forever
+    inet6 2001:db8:abc9::1/64 scope link nodad
+       valid_lft forever preferred_lft forever
+
+root@3cce0d3575f3:/# ip route
+default via 192.168.140.1 dev eth0
+192.168.140.0/24 dev eth0  proto kernel  scope link  src 192.168.140.2
+
+root@3cce0d3575f3:/# ip -6 route
+2001:db8:abc4::/64 dev eth0  proto kernel  metric 256
+2001:db8:abc9::/64 dev eth0  proto kernel  metric 256
+default via 2001:db8:abc9::22 dev eth0  metric 1024
+```
+
+Start a second container with a specific `--ip4` address and ping the first host using ipv4 packets:
+
+```
+docker run --net=ipvlan140 --ip=192.168.140.10 -it --rm alpine /bin/sh
+```
+
+**Note**: Different subnets on the same parent interface in both Ipvlan `L2` mode and Macvlan `bridge` mode cannot ping one another. That requires a router to proxy-arp the requests with a secondary subnet. However, Ipvlan `L3` will route the unicast traffic between disparate subnets as long as they share the same `-o parent` parent link.
+
+
+
+### Dual Stack IPv4 IPv6 Ipvlan L3 Mode 
+
+
+**Example:** IpVlan L3 Mode Dual Stack IPv4/IPv6, Multi-Subnet w/ 802.1q Vlan Tag:118
+
+As in all of the examples, a tagged VLAN interface does not have to be used. The sub-interfaces can be swapped with `eth0`, `eth1`, `bond0` or any other valid interface on the host other then the `lo` loopback.
+
+The primary difference you will see is that L3 mode does not create a default route with a next-hop but rather sets a default route pointing to `dev eth` only since ARP/Broadcasts/Multicast are all filtered by Linux as per the design. Since the parent interface is essentially acting as a router, the parent interface IP and subnet needs to be different from the container networks. That is the opposite of bridge and L2 modes, which need to be on the same subnet (broadcast domain) in order to forward broadcast and multicast packets.
+
+```
+# Create an IPv6+IPv4 Dual Stack Ipvlan L3 network 
+# Gateways for both v4 and v6 are set to a dev e.g. 'default dev eth0'
+docker network  create  -d ipvlan \
+    --subnet=192.168.110.0/24 \
+    --subnet=192.168.112.0/24 \
+    --subnet=2001:db8:abc6::/64 \
+     -o parent=eth0 \
+     -o ipvlan_mode=l3 ipnet110
+
+
+# Start a few of containers on the network (ipnet110) 
+# in seperate terminals and check connectivity
+docker run --net=ipnet110 -it --rm alpine /bin/sh
+# Start a second container specifying the v6 address
+docker run --net=ipnet110 --ip6=2001:db8:abc6::10 -it --rm alpine /bin/sh
+# Start a third specifying the IPv4 address
+docker run --net=ipnet110 --ip=192.168.112.50 -it --rm alpine /bin/sh
+# Start a 4th specifying both the IPv4 and IPv6 addresses
+docker run --net=ipnet110 --ip6=2001:db8:abc6::50 --ip=192.168.112.50 -it --rm alpine /bin/sh
+```
+
+Interface and routing table outputs are as follows:
+
+```
+root@3a368b2a982e:/# ip a show eth0
+63: eth0@if59: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default
+    link/ether 00:50:56:2b:29:40 brd ff:ff:ff:ff:ff:ff
+    inet 192.168.112.2/24 scope global eth0
+       valid_lft forever preferred_lft forever
+    inet6 2001:db8:abc4::250:56ff:fe2b:2940/64 scope link
+       valid_lft forever preferred_lft forever
+    inet6 2001:db8:abc6::10/64 scope link nodad
+       valid_lft forever preferred_lft forever
+     
+# Note the default route is simply the eth device because ARPs are filtered.
+root@3a368b2a982e:/# ip route
+  default dev eth0  scope link
+  192.168.112.0/24 dev eth0  proto kernel  scope link  src 192.168.112.2
+
+root@3a368b2a982e:/# ip -6 route
+2001:db8:abc4::/64 dev eth0  proto kernel  metric 256
+2001:db8:abc6::/64 dev eth0  proto kernel  metric 256
+default dev eth0  metric 1024
+```
+
+*Note:* There may be a bug when specifying `--ip6=` addresses when you delete a container with a specified v6 address and then start a new container with the same v6 address it throws the following like the address isn't properly being released to the v6 pool. It will fail to unmount the container and be left dead.
+
+```
+docker: Error response from daemon: Address already in use.
+```
+
+### Manually Creating 802.1q Links
+
+**Vlan ID 40**
+
+If a user does not want the driver to create the vlan sub-interface it simply needs to exist prior to the `docker network create`. If you have sub-interface naming that is not `interface.vlan_id` it is honored in the `-o parent=` option again as long as the interface exists and us up.
+
+Links if manually created can be named anything you want. As long as the exist when the network is created that is all that matters. Manually created links do not get deleted regardless of the name when the network is deleted with `docker network rm`.
+
+```
+# create a new sub-interface tied to dot1q vlan 40
+ip link add link eth0 name eth0.40 type vlan id 40
+
+# enable the new sub-interface
+ip link set eth0.40 up
+
+# now add networks and hosts as you would normally by attaching to the master (sub)interface that is tagged
+docker network  create  -d ipvlan \
+   --subnet=192.168.40.0/24 \
+   --gateway=192.168.40.1 \
+   -o parent=eth0.40 ipvlan40
+
+# in two separate terminals, start a Docker container and the containers can now ping one another.
+docker run --net=ipvlan40 -it --name ivlan_test5 --rm alpine /bin/sh
+docker run --net=ipvlan40 -it --name ivlan_test6 --rm alpine /bin/sh
+```
+
+**Example:** Vlan sub-interface manually created with any name:
+
+```
+# create a new sub interface tied to dot1q vlan 40
+ip link add link eth0 name foo type vlan id 40
+
+# enable the new sub-interface
+ip link set foo up
+
+# now add networks and hosts as you would normally by attaching to the master (sub)interface that is tagged
+docker network  create  -d ipvlan \
+    --subnet=192.168.40.0/24 --gateway=192.168.40.1 \
+    -o parent=foo ipvlan40
+
+# in two separate terminals, start a Docker container and the containers can now ping one another.
+docker run --net=ipvlan40 -it --name ivlan_test5 --rm alpine /bin/sh
+docker run --net=ipvlan40 -it --name ivlan_test6 --rm alpine /bin/sh
+```
+
+Manually created links can be cleaned up with:
+
+```
+ip link del foo
+```
+
+As with all of the Libnetwork drivers, they can be mixed and matched, even as far as running 3rd party ecosystem drivers in parallel for maximum flexibility to the Docker user.
diff --git a/hack/.vendor-helpers.sh b/hack/.vendor-helpers.sh
new file mode 100755
index 00000000..61a6ca56
--- /dev/null
+++ b/hack/.vendor-helpers.sh
@@ -0,0 +1,160 @@
+#!/usr/bin/env bash
+
+PROJECT=github.com/docker/docker
+
+# Downloads dependencies into vendor/ directory
+mkdir -p vendor
+
+if ! go list github.com/docker/docker/docker &> /dev/null; then
+	rm -rf .gopath
+	mkdir -p .gopath/src/github.com/docker
+	ln -sf ../../../.. .gopath/src/${PROJECT}
+	export GOPATH="${PWD}/.gopath:${PWD}/vendor"
+fi
+export GOPATH="$GOPATH:${PWD}/vendor"
+
+find='find'
+if [ "$(go env GOHOSTOS)" = 'windows' ]; then
+	find='/usr/bin/find'
+fi
+
+clone() {
+	local vcs="$1"
+	local pkg="$2"
+	local rev="$3"
+	local url="$4"
+
+	: ${url:=https://$pkg}
+	local target="vendor/src/$pkg"
+
+	echo -n "$pkg @ $rev: "
+
+	if [ -d "$target" ]; then
+		echo -n 'rm old, '
+		rm -rf "$target"
+	fi
+
+	echo -n 'clone, '
+	case "$vcs" in
+		git)
+			git clone --quiet --no-checkout "$url" "$target"
+			( cd "$target" && git checkout --quiet "$rev" && git reset --quiet --hard "$rev" )
+			;;
+		hg)
+			hg clone --quiet --updaterev "$rev" "$url" "$target"
+			;;
+	esac
+
+	echo -n 'rm VCS, '
+	( cd "$target" && rm -rf .{git,hg} )
+
+	echo -n 'rm vendor, '
+	( cd "$target" && rm -rf vendor Godeps/_workspace )
+
+	echo done
+}
+
+# get an ENV from the Dockerfile with support for multiline values
+_dockerfile_env() {
+	local e="$1"
+	awk '
+		$1 == "ENV" && $2 == "'"$e"'" {
+			sub(/^ENV +([^ ]+) +/, "");
+			inEnv = 1;
+		}
+		inEnv {
+			if (sub(/\\$/, "")) {
+				printf "%s", $0;
+				next;
+			}
+			print;
+			exit;
+		}
+	' ${DOCKER_FILE:="Dockerfile"}
+}
+
+clean() {
+	local packages=(
+		"${PROJECT}/docker" # package main
+		"${PROJECT}/integration-cli" # external tests
+	)
+	local dockerPlatforms=( ${DOCKER_ENGINE_OSARCH:="linux/amd64"} $(_dockerfile_env DOCKER_CROSSPLATFORMS) )
+	local dockerBuildTags="$(_dockerfile_env DOCKER_BUILDTAGS)"
+	local buildTagCombos=(
+		''
+		'experimental'
+		'pkcs11'
+		"$dockerBuildTags"
+		"daemon $dockerBuildTags"
+		"daemon cgo $dockerBuildTags"
+		"experimental $dockerBuildTags"
+		"experimental daemon $dockerBuildTags"
+		"experimental daemon cgo $dockerBuildTags"
+		"pkcs11 $dockerBuildTags"
+		"pkcs11 daemon $dockerBuildTags"
+		"pkcs11 daemon cgo $dockerBuildTags"
+	)
+
+	echo
+
+	echo -n 'collecting import graph, '
+	local IFS=$'\n'
+	local imports=( $(
+		for platform in "${dockerPlatforms[@]}"; do
+			export GOOS="${platform%/*}";
+			export GOARCH="${platform##*/}";
+			for buildTags in "${buildTagCombos[@]}"; do
+				go list -e -tags "$buildTags" -f '{{join .Deps "\n"}}' "${packages[@]}"
+				go list -e -tags "$buildTags" -f '{{join .TestImports "\n"}}' "${packages[@]}"
+			done
+		done | grep -vE "^${PROJECT}" | sort -u
+	) )
+	imports=( $(go list -e -f '{{if not .Standard}}{{.ImportPath}}{{end}}' "${imports[@]}") )
+	unset IFS
+
+	echo -n 'pruning unused packages, '
+	findArgs=(
+		# This directory contains only .c and .h files which are necessary
+		-path vendor/src/github.com/mattn/go-sqlite3/code
+	)
+
+	# This package is required to build the Etcd client,
+	# but Etcd hard codes a local Godep full path.
+	# FIXME: fix_rewritten_imports fixes this problem in most platforms
+	# but it fails in very small corner cases where it makes the vendor
+	# script to remove this package.
+	# See: https://github.com/docker/docker/issues/19231
+	findArgs+=( -or -path vendor/src/github.com/ugorji/go/codec )
+	for import in "${imports[@]}"; do
+		[ "${#findArgs[@]}" -eq 0 ] || findArgs+=( -or )
+		findArgs+=( -path "vendor/src/$import" )
+	done
+
+	local IFS=$'\n'
+	local prune=( $($find vendor -depth -type d -not '(' "${findArgs[@]}" ')') )
+	unset IFS
+	for dir in "${prune[@]}"; do
+		$find "$dir" -maxdepth 1 -not -type d -not -name 'LICENSE*' -not -name 'COPYING*' -exec rm -v -f '{}' ';'
+		rmdir "$dir" 2>/dev/null || true
+	done
+
+	echo -n 'pruning unused files, '
+	$find vendor -type f -name '*_test.go' -exec rm -v '{}' ';'
+	$find vendor -type f -name 'Vagrantfile' -exec rm -v '{}' ';'
+
+	# These are the files that are left over after fix_rewritten_imports is run.
+	echo -n 'pruning .orig files, '
+	$find vendor -type f -name '*.orig' -exec rm -v '{}' ';'
+
+	echo done
+}
+
+# Fix up hard-coded imports that refer to Godeps paths so they'll work with our vendoring
+fix_rewritten_imports () {
+       local pkg="$1"
+       local remove="${pkg}/Godeps/_workspace/src/"
+       local target="vendor/src/$pkg"
+
+       echo "$pkg: fixing rewritten imports"
+       $find "$target" -name \*.go -exec sed -i'.orig' -e "s|\"${remove}|\"|g" {} \;
+}
diff --git a/hack/Jenkins/W2L/postbuild.sh b/hack/Jenkins/W2L/postbuild.sh
new file mode 100644
index 00000000..f228b008
--- /dev/null
+++ b/hack/Jenkins/W2L/postbuild.sh
@@ -0,0 +1,35 @@
+set +x
+set +e 
+
+echo ""
+echo ""
+echo "---"
+echo "Now starting POST-BUILD steps"
+echo "---"
+echo ""
+
+echo INFO: Pointing to $DOCKER_HOST
+
+if [ ! $(docker ps -aq | wc -l) -eq 0 ]; then
+	echo INFO: Removing containers...
+	! docker rm -vf $(docker ps -aq)
+fi
+
+# Remove all images which don't have docker or ubuntu in the name
+if [ ! $(docker images | sed -n '1!p' | grep -v 'docker' | grep -v 'ubuntu' | awk '{ print $3 }' | wc -l) -eq 0 ]; then 
+	echo INFO: Removing images...
+	! docker rmi -f $(docker images | sed -n '1!p' | grep -v 'docker' | grep -v 'ubuntu' | awk '{ print $3 }') 
+fi
+
+# Kill off any instances of git, go and docker, just in case
+! taskkill -F -IM git.exe -T >& /dev/null
+! taskkill -F -IM go.exe -T >& /dev/null
+! taskkill -F -IM docker.exe -T >& /dev/null
+
+# Remove everything
+! cd /c/jenkins/gopath/src/github.com/docker/docker
+! rm -rfd * >& /dev/null
+! rm -rfd .* >& /dev/null
+
+echo INFO: Cleanup complete
+exit 0
\ No newline at end of file
diff --git a/hack/Jenkins/W2L/setup.sh b/hack/Jenkins/W2L/setup.sh
new file mode 100644
index 00000000..ffd9f6b3
--- /dev/null
+++ b/hack/Jenkins/W2L/setup.sh
@@ -0,0 +1,274 @@
+# Jenkins CI script for Windows to Linux CI.
+# Heavily modified by John Howard (@jhowardmsft) December 2015 to try to make it more reliable.
+set +xe
+SCRIPT_VER="Thu Feb 25 18:54:57 UTC 2016"
+
+# TODO to make (even) more resilient: 
+#  - Wait for daemon to be running before executing docker commands
+#  - Check if jq is installed
+#  - Make sure bash is v4.3 or later. Can't do until all Azure nodes on the latest version
+#  - Make sure we are not running as local system. Can't do until all Azure nodes are updated.
+#  - Error if docker versions are not equal. Can't do until all Azure nodes are updated
+#  - Error if go versions are not equal. Can't do until all Azure nodes are updated.
+#  - Error if running 32-bit posix tools. Probably can take from bash --version and check contains "x86_64"
+#  - Warn if the CI directory cannot be deleted afterwards. Otherwise turdlets are left behind
+#  - Use %systemdrive% ($SYSTEMDRIVE) rather than hard code to c: for TEMP
+#  - Consider cross builing the Windows binary and copy across. That's a bit of a heavy lift. Only reason
+#    for doing that is that it mirrors the actual release process for docker.exe which is cross-built.
+#    However, should absolutely not be a problem if built natively, so nit-picking.
+#  - Tidy up of images and containers. Either here, or in the teardown script.
+
+ec=0
+uniques=1
+echo INFO: Started at `date`. Script version $SCRIPT_VER
+
+
+# !README!
+# There are two daemons running on the remote Linux host:
+# 	- outer: specified by DOCKER_HOST, this is the daemon that will build and run the inner docker daemon
+#			from the sources matching the PR.
+#	- inner: runs on the host network, on a port number similar to that of DOCKER_HOST but the last two digits are inverted
+#			(2357 if DOCKER_HOST had port 2375; and 2367 if DOCKER_HOST had port 2376).
+#			The windows integration tests are run against this inner daemon.
+
+# get the ip, inner and outer ports.
+ip="${DOCKER_HOST#*://}"
+port_outer="${ip#*:}"
+# inner port is like outer port with last two digits inverted.
+port_inner=$(echo "$port_outer" | sed -E 's/(.)(.)$/\2\1/')
+ip="${ip%%:*}"
+
+echo "INFO: IP=$ip PORT_OUTER=$port_outer PORT_INNER=$port_inner"
+
+# If TLS is enabled
+if [ -n "$DOCKER_TLS_VERIFY" ]; then
+	protocol=https
+	if [ -z "$DOCKER_MACHINE_NAME" ]; then
+		ec=1
+		echo "ERROR: DOCKER_MACHINE_NAME is undefined"
+	fi
+	certs=$(echo ~/.docker/machine/machines/$DOCKER_MACHINE_NAME)
+	curlopts="--cacert $certs/ca.pem --cert $certs/cert.pem --key $certs/key.pem"
+	run_extra_args="-v tlscerts:/etc/docker"
+	daemon_extra_args="--tlsverify --tlscacert /etc/docker/ca.pem --tlscert /etc/docker/server.pem --tlskey /etc/docker/server-key.pem"
+else
+	protocol=http
+fi
+
+# Save for use by make.sh and scripts it invokes
+export MAIN_DOCKER_HOST="tcp://$ip:$port_inner"
+
+# Verify we can get the remote node to respond to _ping
+if [ $ec -eq 0 ]; then
+	reply=`curl -s $curlopts $protocol://$ip:$port_outer/_ping`
+	if [ "$reply" != "OK" ]; then
+		ec=1
+		echo "ERROR: Failed to get an 'OK' response from the docker daemon on the Linux node"
+		echo "       at $ip:$port_outer when called with an http request for '_ping'. This implies that"
+		echo "       either the daemon has crashed/is not running, or the Linux node is unavailable."
+		echo
+		echo "       A regular ping to the remote Linux node is below. It should reply. If not, the"
+		echo "       machine cannot be reached at all and may have crashed. If it does reply, it is"
+		echo "       likely a case of the Linux daemon not running or having crashed, which requires"
+		echo "       further investigation."
+		echo
+		echo "       Try re-running this CI job, or ask on #docker-dev or #docker-maintainers"
+		echo "       for someone to perform further diagnostics, or take this node out of rotation."
+		echo
+		ping $ip
+	else
+		echo "INFO: The Linux nodes outer daemon replied to a ping. Good!"
+	fi 
+fi
+
+# Get the version from the remote node. Note this may fail if jq is not installed.
+# That's probably worth checking to make sure, just in case.
+if [ $ec -eq 0 ]; then
+	remoteVersion=`curl -s $curlopts $protocol://$ip:$port_outer/version | jq -c '.Version'`
+	echo "INFO: Remote daemon is running docker version $remoteVersion"
+fi
+
+# Compare versions. We should really fail if result is no 1. Output at end of script.
+if [ $ec -eq 0 ]; then
+	uniques=`docker version | grep Version | /usr/bin/sort -u | wc -l`
+fi
+
+# Make sure we are in repo
+if [ $ec -eq 0 ]; then
+	if [ ! -d hack ]; then
+		echo "ERROR: Are you sure this is being launched from a the root of docker repository?"
+		echo "       If this is a Windows CI machine, it should be c:\jenkins\gopath\src\github.com\docker\docker."
+                echo "       Current directory is `pwd`"
+		ec=1
+	fi
+fi
+
+# Get the commit has and verify we have something
+if [ $ec -eq 0 ]; then
+	export COMMITHASH=$(git rev-parse --short HEAD)
+	echo INFO: Commmit hash is $COMMITHASH
+	if [ -z $COMMITHASH ]; then
+		echo "ERROR: Failed to get commit hash. Are you sure this is a docker repository?"
+		ec=1
+	fi
+fi
+
+# Redirect to a temporary location. Check is here for local runs from Jenkins machines just in case not
+# in the right directory where the repo is cloned. We also redirect TEMP to not use the environment
+# TEMP as when running as a standard user (not local system), it otherwise exposes a bug in posix tar which
+# will cause CI to fail from Windows to Linux. Obviously it's not best practice to ever run as local system...
+if [ $ec -eq 0 ]; then
+	export TEMP=/c/CI/CI-$COMMITHASH
+	export TMP=$TMP
+	/usr/bin/mkdir -p $TEMP  # Make sure Linux mkdir for -p
+fi
+
+# Tidy up time
+if [ $ec -eq 0 ]; then
+	echo INFO: Deleting pre-existing containers and images...
+	# Force remove all containers based on a previously built image with this commit
+	! docker rm -f $(docker ps -aq --filter "ancestor=docker:$COMMITHASH") &>/dev/null
+
+	# Force remove any container with this commithash as a name
+	! docker rm -f $(docker ps -aq --filter "name=docker-$COMMITHASH") &>/dev/null
+
+	# Force remove the image if it exists
+	! docker rmi -f "docker-$COMMITHASH" &>/dev/null
+	
+	# This SHOULD never happen, but just in case, also blow away any containers
+	# that might be around. 
+	! if [ ! `docker ps -aq | wc -l` -eq 0 ]; then
+		echo WARN: There were some leftover containers. Cleaning them up.
+		! docker rm -f $(docker ps -aq)
+	fi
+fi
+
+# Provide the docker version for debugging purposes. If these fail, game over. 
+# as the Linux box isn't responding for some reason.
+if [ $ec -eq 0 ]; then
+	echo INFO: Docker version and info of the outer daemon on the Linux node
+	echo
+	docker version
+	ec=$?
+	if [ 0 -ne $ec ]; then
+		echo "ERROR: The main linux daemon does not appear to be running. Has the Linux node crashed?"
+	fi
+	echo
+fi
+
+# Same as above, but docker info
+if [ $ec -eq 0 ]; then
+	echo
+	docker info
+	ec=$?
+	if [ 0 -ne $ec ]; then
+		echo "ERROR: The main linux daemon does not appear to be running. Has the Linux node crashed?"
+	fi
+	echo
+fi
+
+# build the daemon image
+if [ $ec -eq 0 ]; then
+	echo "INFO: Running docker build on Linux host at $DOCKER_HOST"
+	set -x
+	docker build --rm --force-rm -t "docker:$COMMITHASH" .
+	ec=$?
+	set +x
+	if [ 0 -ne $ec ]; then
+		echo "ERROR: docker build failed"
+	fi
+fi
+
+# Start the docker-in-docker daemon from the image we just built
+if [ $ec -eq 0 ]; then
+	echo "INFO: Starting build of a Linux daemon to test against, and starting it..."
+	set -x
+	# aufs in aufs is faster than vfs in aufs
+	docker run $run_extra_args -e DOCKER_GRAPHDRIVER=aufs --pid host --privileged -d --name "docker-$COMMITHASH" --net host "docker:$COMMITHASH" bash -c "echo 'INFO: Compiling' && date && hack/make.sh binary && echo 'INFO: Compile complete' && date && cp bundles/$(cat VERSION)/binary/docker /bin/docker && echo 'INFO: Starting daemon' && exec docker daemon -D -H tcp://0.0.0.0:$port_inner $daemon_extra_args"
+	ec=$?
+	set +x
+	if [ 0 -ne $ec ]; then
+	    	echo "ERROR: Failed to compile and start the linux daemon"
+	fi
+fi
+
+# Build locally.
+if [ $ec -eq 0 ]; then
+	echo "INFO: Starting local build of Windows binary..."
+	set -x
+	export TIMEOUT="5m"
+	export DOCKER_HOST="tcp://$ip:$port_inner"
+	export DOCKER_TEST_HOST="tcp://$ip:$port_inner"
+	unset DOCKER_CLIENTONLY
+	export DOCKER_REMOTE_DAEMON=1
+	hack/make.sh binary 
+	ec=$?
+	set +x
+	if [ 0 -ne $ec ]; then
+	    echo "ERROR: Build of binary on Windows failed"
+	fi
+fi
+
+# Make a local copy of the built binary and ensure that is first in our path
+if [ $ec -eq 0 ]; then
+	VERSION=$(< ./VERSION)
+	cp bundles/$VERSION/binary/docker.exe $TEMP
+	ec=$?
+	if [ 0 -ne $ec ]; then
+		echo "ERROR: Failed to copy built binary to $TEMP"
+	fi
+	export PATH=$TEMP:$PATH
+fi
+
+# Run the integration tests
+if [ $ec -eq 0 ]; then
+	echo "INFO: Running Integration tests..."
+	set -x
+	export DOCKER_TEST_TLS_VERIFY="$DOCKER_TLS_VERIFY"
+	export DOCKER_TEST_CERT_PATH="$DOCKER_CERT_PATH"
+	hack/make.sh test-integration-cli
+	ec=$?
+	set +x
+	if [ 0 -ne $ec ]; then
+		echo "ERROR: CLI test failed."
+		# Next line is useful, but very long winded if included
+		# docker -H=$MAIN_DOCKER_HOST logs "docker-$COMMITHASH"
+	fi
+fi
+
+# Tidy up any temporary files from the CI run
+if [ ! -z $COMMITHASH ]; then
+	rm -rf $TEMP
+fi
+
+# CI Integrity check - ensure we are using the same version of go as present in the Dockerfile
+GOVER_DOCKERFILE=`grep 'ENV GO_VERSION' Dockerfile | awk '{print $3}'`
+GOVER_INSTALLED=`go version | awk '{print $3}'`
+if [ "${GOVER_INSTALLED:2}" != "$GOVER_DOCKERFILE" ]; then
+	#ec=1  # Uncomment to make CI fail once all nodes are updated.
+	echo
+	echo "---------------------------------------------------------------------------"
+	echo "WARN: CI should be using go version $GOVER_DOCKERFILE, but is using ${GOVER_INSTALLED:2}"
+	echo "      Please ping #docker-maintainers on IRC to get this CI server updated."
+	echo "---------------------------------------------------------------------------"
+	echo
+fi
+
+# Check the Linux box is running a matching version of docker
+if [ "$uniques" -ne 1 ]; then
+    ec=0  # Uncomment to make CI fail once all nodes are updated.
+	echo
+	echo "---------------------------------------------------------------------------"
+	echo "ERROR: This CI node is not running the same version of docker as the daemon."
+	echo "       This is a CI configuration issue."
+	echo "---------------------------------------------------------------------------"
+	echo
+fi
+
+# Tell the user how we did.
+if [ $ec -eq 0 ]; then
+	echo INFO: Completed successfully at `date`. 
+else
+	echo ERROR: Failed with exitcode $ec at `date`.
+fi
+exit $ec
diff --git a/hack/Jenkins/readme.md b/hack/Jenkins/readme.md
new file mode 100644
index 00000000..ace3f3f5
--- /dev/null
+++ b/hack/Jenkins/readme.md
@@ -0,0 +1,3 @@
+These files under this directory are for reference only. 
+
+They are used by Jenkins for CI runs.
\ No newline at end of file
diff --git a/hack/dind b/hack/dind
new file mode 100755
index 00000000..e11f5fa8
--- /dev/null
+++ b/hack/dind
@@ -0,0 +1,33 @@
+#!/bin/bash
+set -e
+
+# DinD: a wrapper script which allows docker to be run inside a docker container.
+# Original version by Jerome Petazzoni <jerome@docker.com>
+# See the blog post: https://blog.docker.com/2013/09/docker-can-now-run-within-docker/
+#
+# This script should be executed inside a docker container in privilieged mode
+# ('docker run --privileged', introduced in docker 0.6).
+
+# Usage: dind CMD [ARG...]
+
+# apparmor sucks and Docker needs to know that it's in a container (c) @tianon
+export container=docker
+
+if [ -d /sys/kernel/security ] && ! mountpoint -q /sys/kernel/security; then
+	mount -t securityfs none /sys/kernel/security || {
+		echo >&2 'Could not mount /sys/kernel/security.'
+		echo >&2 'AppArmor detection and --privileged mode might break.'
+	}
+fi
+
+# Mount /tmp (conditionally)
+if ! mountpoint -q /tmp; then
+	mount -t tmpfs none /tmp
+fi
+
+if [ $# -gt 0 ]; then
+	exec "$@"
+fi
+
+echo >&2 'ERROR: No command specified.'
+echo >&2 'You probably want to run hack/make.sh, or maybe a shell?'
diff --git a/hack/generate-authors.sh b/hack/generate-authors.sh
new file mode 100755
index 00000000..e78a97f9
--- /dev/null
+++ b/hack/generate-authors.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+set -e
+
+cd "$(dirname "$(readlink -f "$BASH_SOURCE")")/.."
+
+# see also ".mailmap" for how email addresses and names are deduplicated
+
+{
+	cat <<-'EOH'
+	# This file lists all individuals having contributed content to the repository.
+	# For how it is generated, see `hack/generate-authors.sh`.
+	EOH
+	echo
+	git log --format='%aN <%aE>' | LC_ALL=C.UTF-8 sort -uf
+} > AUTHORS
diff --git a/hack/install.sh b/hack/install.sh
new file mode 100755
index 00000000..d4c2ef4f
--- /dev/null
+++ b/hack/install.sh
@@ -0,0 +1,506 @@
+#!/bin/sh
+set -e
+#
+# This script is meant for quick & easy install via:
+#   'curl -sSL https://get.docker.com/ | sh'
+# or:
+#   'wget -qO- https://get.docker.com/ | sh'
+#
+# For test builds (ie. release candidates):
+#   'curl -fsSL https://test.docker.com/ | sh'
+# or:
+#   'wget -qO- https://test.docker.com/ | sh'
+#
+# For experimental builds:
+#   'curl -fsSL https://experimental.docker.com/ | sh'
+# or:
+#   'wget -qO- https://experimental.docker.com/ | sh'
+#
+# Docker Maintainers:
+#   To update this script on https://get.docker.com,
+#   use hack/release.sh during a normal release,
+#   or the following one-liner for script hotfixes:
+#     aws s3 cp --acl public-read hack/install.sh s3://get.docker.com/index
+#
+
+url="https://get.docker.com/"
+apt_url="https://apt.dockerproject.org"
+yum_url="https://yum.dockerproject.org"
+gpg_fingerprint="58118E89F3A912897C070ADBF76221572C52609D"
+
+key_servers="
+ha.pool.sks-keyservers.net
+pgp.mit.edu
+keyserver.ubuntu.com
+"
+
+command_exists() {
+	command -v "$@" > /dev/null 2>&1
+}
+
+echo_docker_as_nonroot() {
+	if command_exists docker && [ -e /var/run/docker.sock ]; then
+		(
+			set -x
+			$sh_c 'docker version'
+		) || true
+	fi
+	your_user=your-user
+	[ "$user" != 'root' ] && your_user="$user"
+	# intentionally mixed spaces and tabs here -- tabs are stripped by "<<-EOF", spaces are kept in the output
+	cat <<-EOF
+
+	If you would like to use Docker as a non-root user, you should now consider
+	adding your user to the "docker" group with something like:
+
+	  sudo usermod -aG docker $your_user
+
+	Remember that you will have to log out and back in for this to take effect!
+
+	EOF
+}
+
+# Check if this is a forked Linux distro
+check_forked() {
+
+	# Check for lsb_release command existence, it usually exists in forked distros
+	if command_exists lsb_release; then
+		# Check if the `-u` option is supported
+		set +e
+		lsb_release -a -u > /dev/null 2>&1
+		lsb_release_exit_code=$?
+		set -e
+
+		# Check if the command has exited successfully, it means we're in a forked distro
+		if [ "$lsb_release_exit_code" = "0" ]; then
+			# Print info about current distro
+			cat <<-EOF
+			You're using '$lsb_dist' version '$dist_version'.
+			EOF
+
+			# Get the upstream release info
+			lsb_dist=$(lsb_release -a -u 2>&1 | tr '[:upper:]' '[:lower:]' | grep -E 'id' | cut -d ':' -f 2 | tr -d '[[:space:]]')
+			dist_version=$(lsb_release -a -u 2>&1 | tr '[:upper:]' '[:lower:]' | grep -E 'codename' | cut -d ':' -f 2 | tr -d '[[:space:]]')
+
+			# Print info about upstream distro
+			cat <<-EOF
+			Upstream release is '$lsb_dist' version '$dist_version'.
+			EOF
+		else
+			if [ -r /etc/debian_version ] && [ "$lsb_dist" != "ubuntu" ]; then
+				# We're Debian and don't even know it!
+				lsb_dist=debian
+				dist_version="$(cat /etc/debian_version | sed 's/\/.*//' | sed 's/\..*//')"
+				case "$dist_version" in
+					8|'Kali Linux 2')
+						dist_version="jessie"
+					;;
+					7)
+						dist_version="wheezy"
+					;;
+				esac
+			fi
+		fi
+	fi
+}
+
+rpm_import_repository_key() {
+	local key=$1; shift
+	local tmpdir=$(mktemp -d)
+	chmod 600 "$tmpdir"
+	for key_server in $key_servers ; do
+		gpg --homedir "$tmpdir" --keyserver "$key_server" --recv-keys "$key" && break
+	done
+	gpg --homedir "$tmpdir" -k "$key" >/dev/null
+	gpg --homedir "$tmpdir" --export --armor "$key" > "$tmpdir"/repo.key
+	rpm --import "$tmpdir"/repo.key
+	rm -rf "$tmpdir"
+}
+
+semverParse() {
+	major="${1%%.*}"
+	minor="${1#$major.}"
+	minor="${minor%%.*}"
+	patch="${1#$major.$minor.}"
+	patch="${patch%%[-.]*}"
+}
+
+do_install() {
+	case "$(uname -m)" in
+		*64)
+			;;
+		*)
+			cat >&2 <<-'EOF'
+			Error: you are not using a 64bit platform.
+			Docker currently only supports 64bit platforms.
+			EOF
+			exit 1
+			;;
+	esac
+
+	if command_exists docker; then
+		version="$(docker -v | awk -F '[ ,]+' '{ print $3 }')"
+		MAJOR_W=1
+		MINOR_W=10
+
+		semverParse $version
+
+		shouldWarn=0
+		if [ $major -lt $MAJOR_W ]; then
+			shouldWarn=1
+		fi
+
+		if [ $major -le $MAJOR_W ] && [ $minor -lt $MINOR_W ]; then
+			shouldWarn=1
+		fi
+
+		cat >&2 <<-'EOF'
+			Warning: the "docker" command appears to already exist on this system.
+
+			If you already have Docker installed, this script can cause trouble, which is
+			why we're displaying this warning and provide the opportunity to cancel the
+			installation.
+
+			If you installed the current Docker package using this script and are using it
+		EOF
+
+		if [ $shouldWarn -eq 1 ]; then
+			cat >&2 <<-'EOF'
+			again to update Docker, we urge you to migrate your image store before upgrading
+			to v1.10+.
+
+			You can find instructions for this here:
+			https://github.com/docker/docker/wiki/Engine-v1.10.0-content-addressability-migration
+			EOF
+		else
+			cat >&2 <<-'EOF'
+			again to update Docker, you can safely ignore this message.
+			EOF
+		fi
+
+		cat >&2 <<-'EOF'
+
+			You may press Ctrl+C now to abort this script.
+		EOF
+		( set -x; sleep 20 )
+	fi
+
+	user="$(id -un 2>/dev/null || true)"
+
+	sh_c='sh -c'
+	if [ "$user" != 'root' ]; then
+		if command_exists sudo; then
+			sh_c='sudo -E sh -c'
+		elif command_exists su; then
+			sh_c='su -c'
+		else
+			cat >&2 <<-'EOF'
+			Error: this installer needs the ability to run commands as root.
+			We are unable to find either "sudo" or "su" available to make this happen.
+			EOF
+			exit 1
+		fi
+	fi
+
+	curl=''
+	if command_exists curl; then
+		curl='curl -sSL'
+	elif command_exists wget; then
+		curl='wget -qO-'
+	elif command_exists busybox && busybox --list-modules | grep -q wget; then
+		curl='busybox wget -qO-'
+	fi
+
+	# check to see which repo they are trying to install from
+	if [ -z "$repo" ]; then
+		repo='main'
+		if [ "https://test.docker.com/" = "$url" ]; then
+			repo='testing'
+		elif [ "https://experimental.docker.com/" = "$url" ]; then
+			repo='experimental'
+		fi
+	fi
+
+	# perform some very rudimentary platform detection
+	lsb_dist=''
+	dist_version=''
+	if command_exists lsb_release; then
+		lsb_dist="$(lsb_release -si)"
+	fi
+	if [ -z "$lsb_dist" ] && [ -r /etc/lsb-release ]; then
+		lsb_dist="$(. /etc/lsb-release && echo "$DISTRIB_ID")"
+	fi
+	if [ -z "$lsb_dist" ] && [ -r /etc/debian_version ]; then
+		lsb_dist='debian'
+	fi
+	if [ -z "$lsb_dist" ] && [ -r /etc/fedora-release ]; then
+		lsb_dist='fedora'
+	fi
+	if [ -z "$lsb_dist" ] && [ -r /etc/oracle-release ]; then
+		lsb_dist='oracleserver'
+	fi
+	if [ -z "$lsb_dist" ]; then
+		if [ -r /etc/centos-release ] || [ -r /etc/redhat-release ]; then
+			lsb_dist='centos'
+		fi
+	fi
+	if [ -z "$lsb_dist" ] && [ -r /etc/os-release ]; then
+		lsb_dist="$(. /etc/os-release && echo "$ID")"
+	fi
+
+	lsb_dist="$(echo "$lsb_dist" | tr '[:upper:]' '[:lower:]')"
+
+	case "$lsb_dist" in
+
+		ubuntu)
+			if command_exists lsb_release; then
+				dist_version="$(lsb_release --codename | cut -f2)"
+			fi
+			if [ -z "$dist_version" ] && [ -r /etc/lsb-release ]; then
+				dist_version="$(. /etc/lsb-release && echo "$DISTRIB_CODENAME")"
+			fi
+		;;
+
+		debian)
+			dist_version="$(cat /etc/debian_version | sed 's/\/.*//' | sed 's/\..*//')"
+			case "$dist_version" in
+				8)
+					dist_version="jessie"
+				;;
+				7)
+					dist_version="wheezy"
+				;;
+			esac
+		;;
+
+		oracleserver)
+			# need to switch lsb_dist to match yum repo URL
+			lsb_dist="oraclelinux"
+			dist_version="$(rpm -q --whatprovides redhat-release --queryformat "%{VERSION}\n" | sed 's/\/.*//' | sed 's/\..*//' | sed 's/Server*//')"
+		;;
+
+		fedora|centos)
+			dist_version="$(rpm -q --whatprovides redhat-release --queryformat "%{VERSION}\n" | sed 's/\/.*//' | sed 's/\..*//' | sed 's/Server*//')"
+		;;
+
+		*)
+			if command_exists lsb_release; then
+				dist_version="$(lsb_release --codename | cut -f2)"
+			fi
+			if [ -z "$dist_version" ] && [ -r /etc/os-release ]; then
+				dist_version="$(. /etc/os-release && echo "$VERSION_ID")"
+			fi
+		;;
+
+
+	esac
+
+	# Check if this is a forked Linux distro
+	check_forked
+
+	# Run setup for each distro accordingly
+	case "$lsb_dist" in
+		amzn)
+			(
+			set -x
+			$sh_c 'sleep 3; yum -y -q install docker'
+			)
+			echo_docker_as_nonroot
+			exit 0
+			;;
+
+		'opensuse project'|opensuse)
+			echo 'Going to perform the following operations:'
+			if [ "$repo" != 'main' ]; then
+				echo '  * add repository obs://Virtualization:containers'
+			fi
+			echo '  * install Docker'
+			$sh_c 'echo "Press CTRL-C to abort"; sleep 3'
+
+			if [ "$repo" != 'main' ]; then
+				# install experimental packages from OBS://Virtualization:containers
+				(
+					set -x
+					zypper -n ar -f obs://Virtualization:containers Virtualization:containers
+					rpm_import_repository_key 55A0B34D49501BB7CA474F5AA193FBB572174FC2
+				)
+			fi
+			(
+				set -x
+				zypper -n install docker
+			)
+			echo_docker_as_nonroot
+			exit 0
+			;;
+		'suse linux'|sle[sd])
+			echo 'Going to perform the following operations:'
+			if [ "$repo" != 'main' ]; then
+				echo '  * add repository obs://Virtualization:containers'
+				echo '  * install experimental Docker using packages NOT supported by SUSE'
+			else
+				echo '  * add the "Containers" module'
+				echo '  * install Docker using packages supported by SUSE'
+			fi
+			$sh_c 'echo "Press CTRL-C to abort"; sleep 3'
+
+			if [ "$repo" != 'main' ]; then
+				# install experimental packages from OBS://Virtualization:containers
+				echo >&2 'Warning: installing experimental packages from OBS, these packages are NOT supported by SUSE'
+				(
+					set -x
+					zypper -n ar -f obs://Virtualization:containers/SLE_12 Virtualization:containers
+					rpm_import_repository_key 55A0B34D49501BB7CA474F5AA193FBB572174FC2
+				)
+			else
+				# Add the containers module
+				# Note well-1: the SLE machine must already be registered against SUSE Customer Center
+				# Note well-2: the `-r ""` is required to workaround a known issue of SUSEConnect
+				(
+					set -x
+					SUSEConnect -p sle-module-containers/12/x86_64 -r ""
+				)
+			fi
+			(
+				set -x
+				zypper -n install docker
+			)
+			echo_docker_as_nonroot
+			exit 0
+			;;
+
+		ubuntu|debian)
+			export DEBIAN_FRONTEND=noninteractive
+
+			did_apt_get_update=
+			apt_get_update() {
+				if [ -z "$did_apt_get_update" ]; then
+					( set -x; $sh_c 'sleep 3; apt-get update' )
+					did_apt_get_update=1
+				fi
+			}
+
+			# aufs is preferred over devicemapper; try to ensure the driver is available.
+			if ! grep -q aufs /proc/filesystems && ! $sh_c 'modprobe aufs'; then
+				if uname -r | grep -q -- '-generic' && dpkg -l 'linux-image-*-generic' | grep -qE '^ii|^hi' 2>/dev/null; then
+					kern_extras="linux-image-extra-$(uname -r) linux-image-extra-virtual"
+
+					apt_get_update
+					( set -x; $sh_c 'sleep 3; apt-get install -y -q '"$kern_extras" ) || true
+
+					if ! grep -q aufs /proc/filesystems && ! $sh_c 'modprobe aufs'; then
+						echo >&2 'Warning: tried to install '"$kern_extras"' (for AUFS)'
+						echo >&2 ' but we still have no AUFS.  Docker may not work. Proceeding anyways!'
+						( set -x; sleep 10 )
+					fi
+				else
+					echo >&2 'Warning: current kernel is not supported by the linux-image-extra-virtual'
+					echo >&2 ' package.  We have no AUFS support.  Consider installing the packages'
+					echo >&2 ' linux-image-virtual kernel and linux-image-extra-virtual for AUFS support.'
+					( set -x; sleep 10 )
+				fi
+			fi
+
+			# install apparmor utils if they're missing and apparmor is enabled in the kernel
+			# otherwise Docker will fail to start
+			if [ "$(cat /sys/module/apparmor/parameters/enabled 2>/dev/null)" = 'Y' ]; then
+				if command -v apparmor_parser >/dev/null 2>&1; then
+					echo 'apparmor is enabled in the kernel and apparmor utils were already installed'
+				else
+					echo 'apparmor is enabled in the kernel, but apparmor_parser missing'
+					apt_get_update
+					( set -x; $sh_c 'sleep 3; apt-get install -y -q apparmor' )
+				fi
+			fi
+
+			if [ ! -e /usr/lib/apt/methods/https ]; then
+				apt_get_update
+				( set -x; $sh_c 'sleep 3; apt-get install -y -q apt-transport-https ca-certificates' )
+			fi
+			if [ -z "$curl" ]; then
+				apt_get_update
+				( set -x; $sh_c 'sleep 3; apt-get install -y -q curl ca-certificates' )
+				curl='curl -sSL'
+			fi
+			(
+			set -x
+			for key_server in $key_servers ; do
+				$sh_c "apt-key adv --keyserver hkp://${key_server}:80 --recv-keys ${gpg_fingerprint}" && break
+			done
+			$sh_c "apt-key adv -k ${gpg_fingerprint} >/dev/null"
+			$sh_c "mkdir -p /etc/apt/sources.list.d"
+			$sh_c "echo deb [arch=$(dpkg --print-architecture)] ${apt_url}/repo ${lsb_dist}-${dist_version} ${repo} > /etc/apt/sources.list.d/docker.list"
+			$sh_c 'sleep 3; apt-get update; apt-get install -y -q docker-engine'
+			)
+			echo_docker_as_nonroot
+			exit 0
+			;;
+
+		fedora|centos|oraclelinux)
+			$sh_c "cat >/etc/yum.repos.d/docker-${repo}.repo" <<-EOF
+			[docker-${repo}-repo]
+			name=Docker ${repo} Repository
+			baseurl=${yum_url}/repo/${repo}/${lsb_dist}/${dist_version}
+			enabled=1
+			gpgcheck=1
+			gpgkey=${yum_url}/gpg
+			EOF
+			if [ "$lsb_dist" = "fedora" ] && [ "$dist_version" -ge "22" ]; then
+				(
+					set -x
+					$sh_c 'sleep 3; dnf -y -q install docker-engine'
+				)
+			else
+				(
+					set -x
+					$sh_c 'sleep 3; yum -y -q install docker-engine'
+				)
+			fi
+			echo_docker_as_nonroot
+			exit 0
+			;;
+		gentoo)
+			if [ "$url" = "https://test.docker.com/" ]; then
+				# intentionally mixed spaces and tabs here -- tabs are stripped by "<<-'EOF'", spaces are kept in the output
+				cat >&2 <<-'EOF'
+
+				  You appear to be trying to install the latest nightly build in Gentoo.'
+				  The portage tree should contain the latest stable release of Docker, but'
+				  if you want something more recent, you can always use the live ebuild'
+				  provided in the "docker" overlay available via layman.  For more'
+				  instructions, please see the following URL:'
+
+				    https://github.com/tianon/docker-overlay#using-this-overlay'
+
+				  After adding the "docker" overlay, you should be able to:'
+
+				    emerge -av =app-emulation/docker-9999'
+
+				EOF
+				exit 1
+			fi
+
+			(
+				set -x
+				$sh_c 'sleep 3; emerge app-emulation/docker'
+			)
+			exit 0
+			;;
+	esac
+
+	# intentionally mixed spaces and tabs here -- tabs are stripped by "<<-'EOF'", spaces are kept in the output
+	cat >&2 <<-'EOF'
+
+	  Either your platform is not easily detectable, is not supported by this
+	  installer script (yet - PRs welcome! [hack/install.sh]), or does not yet have
+	  a package for Docker.  Please visit the following URL for more detailed
+	  installation instructions:
+
+	    https://docs.docker.com/engine/installation/
+
+	EOF
+	exit 1
+}
+
+# wrapped up in a function so that we have some protection against only getting
+# half the file during "curl | sh"
+do_install
diff --git a/hack/make.sh b/hack/make.sh
new file mode 100755
index 00000000..2674ec9b
--- /dev/null
+++ b/hack/make.sh
@@ -0,0 +1,355 @@
+#!/usr/bin/env bash
+set -e
+
+# This script builds various binary artifacts from a checkout of the docker
+# source code.
+#
+# Requirements:
+# - The current directory should be a checkout of the docker source code
+#   (https://github.com/docker/docker). Whatever version is checked out
+#   will be built.
+# - The VERSION file, at the root of the repository, should exist, and
+#   will be used as Docker binary version and package version.
+# - The hash of the git commit will also be included in the Docker binary,
+#   with the suffix -unsupported if the repository isn't clean.
+# - The script is intended to be run inside the docker container specified
+#   in the Dockerfile at the root of the source. In other words:
+#   DO NOT CALL THIS SCRIPT DIRECTLY.
+# - The right way to call this script is to invoke "make" from
+#   your checkout of the Docker repository.
+#   the Makefile will do a "docker build -t docker ." and then
+#   "docker run hack/make.sh" in the resulting image.
+#
+
+set -o pipefail
+
+export DOCKER_PKG='github.com/docker/docker'
+export SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+export MAKEDIR="$SCRIPTDIR/make"
+
+# We're a nice, sexy, little shell script, and people might try to run us;
+# but really, they shouldn't. We want to be in a container!
+inContainer="AssumeSoInitially"
+if [ "$(go env GOHOSTOS)" = 'windows' ]; then
+	if [ -z "$FROM_DOCKERFILE" ]; then
+		unset inContainer
+	fi
+else
+	if [ "$PWD" != "/go/src/$DOCKER_PKG" ] || [ -z "$DOCKER_CROSSPLATFORMS" ]; then
+		unset inContainer
+	fi
+fi
+
+if [ -z "$inContainer" ]; then
+	{
+		echo "# WARNING! I don't seem to be running in a Docker container."
+		echo "# The result of this command might be an incorrect build, and will not be"
+		echo "# officially supported."
+		echo "#"
+		echo "# Try this instead: make all"
+		echo "#"
+	} >&2
+fi
+
+echo
+
+# List of bundles to create when no argument is passed
+DEFAULT_BUNDLES=(
+	validate-dco
+	validate-default-seccomp
+	validate-gofmt
+	validate-lint
+	validate-pkg
+	validate-test
+	validate-toml
+	validate-vet
+
+	binary
+	dynbinary
+
+	test-unit
+	test-integration-cli
+	test-docker-py
+
+	cover
+	cross
+	tgz
+)
+
+VERSION=$(< ./VERSION)
+if command -v git &> /dev/null && git rev-parse &> /dev/null; then
+	GITCOMMIT=$(git rev-parse --short HEAD)
+	if [ -n "$(git status --porcelain --untracked-files=no)" ]; then
+		GITCOMMIT="$GITCOMMIT-unsupported"
+		echo "#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
+		echo "# GITCOMMIT = $GITCOMMIT"
+		echo "# The version you are building is listed as unsupported because"
+		echo "# there are some files in the git repository that are in an uncommited state."
+		echo "# Commit these changes, or add to .gitignore to remove the -unsupported from the version."
+		echo "# Here is the current list:"
+		git status --porcelain --untracked-files=no
+		echo "#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
+	fi
+	! BUILDTIME=$(date --rfc-3339 ns | sed -e 's/ /T/') &> /dev/null
+	if [ -z $BUILDTIME ]; then
+		# If using bash 3.1 which doesn't support --rfc-3389, eg Windows CI
+		BUILDTIME=$(date -u)
+	fi
+elif [ "$DOCKER_GITCOMMIT" ]; then
+	GITCOMMIT="$DOCKER_GITCOMMIT"
+else
+	echo >&2 'error: .git directory missing and DOCKER_GITCOMMIT not specified'
+	echo >&2 '  Please either build with the .git directory accessible, or specify the'
+	echo >&2 '  exact (--short) commit hash you are building using DOCKER_GITCOMMIT for'
+	echo >&2 '  future accountability in diagnosing build issues.  Thanks!'
+	exit 1
+fi
+
+if [ "$AUTO_GOPATH" ]; then
+	rm -rf .gopath
+	mkdir -p .gopath/src/"$(dirname "${DOCKER_PKG}")"
+	ln -sf ../../../.. .gopath/src/"${DOCKER_PKG}"
+	export GOPATH="${PWD}/.gopath:${PWD}/vendor"
+fi
+
+if [ ! "$GOPATH" ]; then
+	echo >&2 'error: missing GOPATH; please see https://golang.org/doc/code.html#GOPATH'
+	echo >&2 '  alternatively, set AUTO_GOPATH=1'
+	exit 1
+fi
+
+if [ "$DOCKER_EXPERIMENTAL" ]; then
+	echo >&2 '# WARNING! DOCKER_EXPERIMENTAL is set: building experimental features'
+	echo >&2
+	DOCKER_BUILDTAGS+=" experimental"
+fi
+
+if [ -z "$DOCKER_CLIENTONLY" ]; then
+	DOCKER_BUILDTAGS+=" daemon"
+	if pkg-config 'libsystemd >= 209' 2> /dev/null ; then
+		DOCKER_BUILDTAGS+=" journald"
+	elif pkg-config 'libsystemd-journal' 2> /dev/null ; then
+		DOCKER_BUILDTAGS+=" journald journald_compat"
+	fi
+fi
+
+# test whether "btrfs/version.h" exists and apply btrfs_noversion appropriately
+if \
+	command -v gcc &> /dev/null \
+	&& ! gcc -E - -o /dev/null &> /dev/null <<<'#include <btrfs/version.h>' \
+; then
+	DOCKER_BUILDTAGS+=' btrfs_noversion'
+fi
+
+# test whether "libdevmapper.h" is new enough to support deferred remove
+# functionality.
+if \
+	command -v gcc &> /dev/null \
+	&& ! ( echo -e  '#include <libdevmapper.h>\nint main() { dm_task_deferred_remove(NULL); }'| gcc -xc - -o /dev/null -ldevmapper &> /dev/null ) \
+; then
+       DOCKER_BUILDTAGS+=' libdm_no_deferred_remove'
+fi
+
+# Use these flags when compiling the tests and final binary
+
+IAMSTATIC='true'
+source "$SCRIPTDIR/make/.go-autogen"
+if [ -z "$DOCKER_DEBUG" ]; then
+	LDFLAGS='-w'
+fi
+
+LDFLAGS_STATIC=''
+EXTLDFLAGS_STATIC='-static'
+# ORIG_BUILDFLAGS is necessary for the cross target which cannot always build
+# with options like -race.
+ORIG_BUILDFLAGS=( -tags "autogen netgo static_build sqlite_omit_load_extension $DOCKER_BUILDTAGS" -installsuffix netgo )
+# see https://github.com/golang/go/issues/9369#issuecomment-69864440 for why -installsuffix is necessary here
+
+# When $DOCKER_INCREMENTAL_BINARY is set in the environment, enable incremental
+# builds by installing dependent packages to the GOPATH.
+REBUILD_FLAG="-a"
+if [ "$DOCKER_INCREMENTAL_BINARY" ]; then
+	REBUILD_FLAG="-i"
+fi
+ORIG_BUILDFLAGS+=( $REBUILD_FLAG )
+
+BUILDFLAGS=( $BUILDFLAGS "${ORIG_BUILDFLAGS[@]}" )
+# Test timeout.
+
+if [ "${DOCKER_ENGINE_GOARCH}" == "arm" ]; then
+	: ${TIMEOUT:=10m}
+elif [ "${DOCKER_ENGINE_GOARCH}" == "windows" ]; then
+	: ${TIMEOUT:=8m}
+else
+	: ${TIMEOUT:=5m}
+fi
+
+LDFLAGS_STATIC_DOCKER="
+	$LDFLAGS_STATIC
+	-extldflags \"$EXTLDFLAGS_STATIC\"
+"
+
+if [ "$(uname -s)" = 'FreeBSD' ]; then
+	# Tell cgo the compiler is Clang, not GCC
+	# https://code.google.com/p/go/source/browse/src/cmd/cgo/gcc.go?spec=svne77e74371f2340ee08622ce602e9f7b15f29d8d3&r=e6794866ebeba2bf8818b9261b54e2eef1c9e588#752
+	export CC=clang
+
+	# "-extld clang" is a workaround for
+	# https://code.google.com/p/go/issues/detail?id=6845
+	LDFLAGS="$LDFLAGS -extld clang"
+fi
+
+# If sqlite3.h doesn't exist under /usr/include,
+# check /usr/local/include also just in case
+# (e.g. FreeBSD Ports installs it under the directory)
+if [ ! -e /usr/include/sqlite3.h ] && [ -e /usr/local/include/sqlite3.h ]; then
+	export CGO_CFLAGS='-I/usr/local/include'
+	export CGO_LDFLAGS='-L/usr/local/lib'
+fi
+
+HAVE_GO_TEST_COVER=
+if \
+	go help testflag | grep -- -cover > /dev/null \
+	&& go tool -n cover > /dev/null 2>&1 \
+; then
+	HAVE_GO_TEST_COVER=1
+fi
+
+# If $TESTFLAGS is set in the environment, it is passed as extra arguments to 'go test'.
+# You can use this to select certain tests to run, eg.
+#
+#     TESTFLAGS='-test.run ^TestBuild$' ./hack/make.sh test-unit
+#
+# For integration-cli test, we use [gocheck](https://labix.org/gocheck), if you want
+# to run certain tests on your local host, you should run with command:
+#
+#     TESTFLAGS='-check.f DockerSuite.TestBuild*' ./hack/make.sh binary test-integration-cli
+#
+go_test_dir() {
+	dir=$1
+	coverpkg=$2
+	testcover=()
+	if [ "$HAVE_GO_TEST_COVER" ]; then
+		# if our current go install has -cover, we want to use it :)
+		mkdir -p "$DEST/coverprofiles"
+		coverprofile="docker${dir#.}"
+		coverprofile="$ABS_DEST/coverprofiles/${coverprofile//\//-}"
+		testcover=( -cover -coverprofile "$coverprofile" $coverpkg )
+	fi
+	(
+		echo '+ go test' $TESTFLAGS "${DOCKER_PKG}${dir#.}"
+		cd "$dir"
+		export DEST="$ABS_DEST" # we're in a subshell, so this is safe -- our integration-cli tests need DEST, and "cd" screws it up
+		test_env go test ${testcover[@]} -ldflags "$LDFLAGS" "${BUILDFLAGS[@]}" $TESTFLAGS
+	)
+}
+test_env() {
+	# use "env -i" to tightly control the environment variables that bleed into the tests
+	env -i \
+		DEST="$DEST" \
+		DOCKER_TLS_VERIFY="$DOCKER_TEST_TLS_VERIFY" \
+		DOCKER_CERT_PATH="$DOCKER_TEST_CERT_PATH" \
+		DOCKER_ENGINE_GOARCH="$DOCKER_ENGINE_GOARCH" \
+		DOCKER_GRAPHDRIVER="$DOCKER_GRAPHDRIVER" \
+		DOCKER_USERLANDPROXY="$DOCKER_USERLANDPROXY" \
+		DOCKER_HOST="$DOCKER_HOST" \
+		DOCKER_REMAP_ROOT="$DOCKER_REMAP_ROOT" \
+		DOCKER_REMOTE_DAEMON="$DOCKER_REMOTE_DAEMON" \
+		GOPATH="$GOPATH" \
+		GOTRACEBACK=all \
+		HOME="$ABS_DEST/fake-HOME" \
+		PATH="$PATH" \
+		TEMP="$TEMP" \
+		"$@"
+}
+
+# a helper to provide ".exe" when it's appropriate
+binary_extension() {
+	if [ "$(go env GOOS)" = 'windows' ]; then
+		echo -n '.exe'
+	fi
+}
+
+hash_files() {
+	while [ $# -gt 0 ]; do
+		f="$1"
+		shift
+		dir="$(dirname "$f")"
+		base="$(basename "$f")"
+		for hashAlgo in md5 sha256; do
+			if command -v "${hashAlgo}sum" &> /dev/null; then
+				(
+					# subshell and cd so that we get output files like:
+					#   $HASH docker-$VERSION
+					# instead of:
+					#   $HASH /go/src/github.com/.../$VERSION/binary/docker-$VERSION
+					cd "$dir"
+					"${hashAlgo}sum" "$base" > "$base.$hashAlgo"
+				)
+			fi
+		done
+	done
+}
+
+bundle() {
+	local bundle="$1"; shift
+	echo "---> Making bundle: $(basename "$bundle") (in $DEST)"
+	source "$SCRIPTDIR/make/$bundle" "$@"
+}
+
+copy_containerd() {
+    dir="$1"
+    # Add nested executables to bundle dir so we have complete set of
+    # them available, but only if the native OS/ARCH is the same as the
+    # OS/ARCH of the build target
+    if [ "$(go env GOOS)/$(go env GOARCH)" == "$(go env GOHOSTOS)/$(go env GOHOSTARCH)" ]; then
+        (set -x
+        if [ -x /usr/local/bin/docker-runc ]; then
+            echo "Copying nested executables into $dir"
+	    for file in containerd containerd-shim containerd-ctr runc; do
+                cp `which "docker-$file"` "$dir/"
+                if [ "$2" == "hash" ]; then
+                    hash_files "$dir/docker-$file"
+		fi
+            done
+        fi
+        )
+    fi
+}
+
+main() {
+	# We want this to fail if the bundles already exist and cannot be removed.
+	# This is to avoid mixing bundles from different versions of the code.
+	mkdir -p bundles
+	if [ -e "bundles/$VERSION" ] && [ -z "$KEEPBUNDLE" ]; then
+		echo "bundles/$VERSION already exists. Removing."
+		rm -fr "bundles/$VERSION" && mkdir "bundles/$VERSION" || exit 1
+		echo
+	fi
+
+	if [ "$(go env GOHOSTOS)" != 'windows' ]; then
+		# Windows and symlinks don't get along well
+
+		rm -f bundles/latest
+		ln -s "$VERSION" bundles/latest
+	fi
+
+	if [ $# -lt 1 ]; then
+		bundles=(${DEFAULT_BUNDLES[@]})
+	else
+		bundles=($@)
+	fi
+	for bundle in ${bundles[@]}; do
+		export DEST="bundles/$VERSION/$(basename "$bundle")"
+		# Cygdrive paths don't play well with go build -o.
+		if [[ "$(uname -s)" == CYGWIN* ]]; then
+			export DEST="$(cygpath -mw "$DEST")"
+		fi
+		mkdir -p "$DEST"
+		ABS_DEST="$(cd "$DEST" && pwd -P)"
+		bundle "$bundle"
+		echo
+	done
+}
+
+main "$@"
diff --git a/hack/make/.build-deb/compat b/hack/make/.build-deb/compat
new file mode 100644
index 00000000..ec635144
--- /dev/null
+++ b/hack/make/.build-deb/compat
@@ -0,0 +1 @@
+9
diff --git a/hack/make/.build-deb/control b/hack/make/.build-deb/control
new file mode 100644
index 00000000..0f543994
--- /dev/null
+++ b/hack/make/.build-deb/control
@@ -0,0 +1,29 @@
+Source: docker-engine
+Section: admin
+Priority: optional
+Maintainer: Docker <support@docker.com>
+Standards-Version: 3.9.6
+Homepage: https://dockerproject.org
+Vcs-Browser: https://github.com/docker/docker
+Vcs-Git: git://github.com/docker/docker.git
+
+Package: docker-engine
+Architecture: linux-any
+Depends: iptables, ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}
+Recommends: aufs-tools,
+            ca-certificates,
+            cgroupfs-mount | cgroup-lite,
+            git,
+            xz-utils,
+            ${apparmor:Recommends}
+Conflicts: docker (<< 1.5~), docker.io, lxc-docker, lxc-docker-virtual-package, docker-engine-cs
+Description: Docker: the open-source application container engine
+ Docker is an open source project to build, ship and run any application as a
+ lightweight container
+ .
+ Docker containers are both hardware-agnostic and platform-agnostic. This means
+ they can run anywhere, from your laptop to the largest EC2 compute instance and
+ everything in between - and they don't require you to use a particular
+ language, framework or packaging system. That makes them great building blocks
+ for deploying and scaling web apps, databases, and backend services without
+ depending on a particular stack or provider.
diff --git a/hack/make/.build-deb/docker-engine.bash-completion b/hack/make/.build-deb/docker-engine.bash-completion
new file mode 100644
index 00000000..6ea11193
--- /dev/null
+++ b/hack/make/.build-deb/docker-engine.bash-completion
@@ -0,0 +1 @@
+contrib/completion/bash/docker
diff --git a/hack/make/.build-deb/docker-engine.docker.default b/hack/make/.build-deb/docker-engine.docker.default
new file mode 120000
index 00000000..4278533d
--- /dev/null
+++ b/hack/make/.build-deb/docker-engine.docker.default
@@ -0,0 +1 @@
+../../../contrib/init/sysvinit-debian/docker.default
\ No newline at end of file
diff --git a/hack/make/.build-deb/docker-engine.docker.init b/hack/make/.build-deb/docker-engine.docker.init
new file mode 120000
index 00000000..8cb89d30
--- /dev/null
+++ b/hack/make/.build-deb/docker-engine.docker.init
@@ -0,0 +1 @@
+../../../contrib/init/sysvinit-debian/docker
\ No newline at end of file
diff --git a/hack/make/.build-deb/docker-engine.docker.upstart b/hack/make/.build-deb/docker-engine.docker.upstart
new file mode 120000
index 00000000..7e1b64a3
--- /dev/null
+++ b/hack/make/.build-deb/docker-engine.docker.upstart
@@ -0,0 +1 @@
+../../../contrib/init/upstart/docker.conf
\ No newline at end of file
diff --git a/hack/make/.build-deb/docker-engine.install b/hack/make/.build-deb/docker-engine.install
new file mode 100644
index 00000000..dc6b25f0
--- /dev/null
+++ b/hack/make/.build-deb/docker-engine.install
@@ -0,0 +1,12 @@
+#contrib/syntax/vim/doc/* /usr/share/vim/vimfiles/doc/
+#contrib/syntax/vim/ftdetect/* /usr/share/vim/vimfiles/ftdetect/
+#contrib/syntax/vim/syntax/* /usr/share/vim/vimfiles/syntax/
+contrib/*-integration usr/share/docker-engine/contrib/
+contrib/check-config.sh usr/share/docker-engine/contrib/
+contrib/completion/fish/docker.fish usr/share/fish/vendor_completions.d/
+contrib/completion/zsh/_docker usr/share/zsh/vendor-completions/
+contrib/init/systemd/docker.service lib/systemd/system/
+contrib/init/systemd/docker.socket lib/systemd/system/
+contrib/mk* usr/share/docker-engine/contrib/
+contrib/nuke-graph-directory.sh usr/share/docker-engine/contrib/
+contrib/syntax/nano/Dockerfile.nanorc usr/share/nano/
diff --git a/hack/make/.build-deb/docker-engine.manpages b/hack/make/.build-deb/docker-engine.manpages
new file mode 100644
index 00000000..1aa62186
--- /dev/null
+++ b/hack/make/.build-deb/docker-engine.manpages
@@ -0,0 +1 @@
+man/man*/*
diff --git a/hack/make/.build-deb/docker-engine.postinst b/hack/make/.build-deb/docker-engine.postinst
new file mode 100644
index 00000000..eeef6ca8
--- /dev/null
+++ b/hack/make/.build-deb/docker-engine.postinst
@@ -0,0 +1,20 @@
+#!/bin/sh
+set -e
+
+case "$1" in
+	configure)
+		if [ -z "$2" ]; then
+			if ! getent group docker > /dev/null; then
+				groupadd --system docker
+			fi
+		fi
+		;;
+	abort-*)
+		# How'd we get here??
+		exit 1
+		;;
+	*)
+		;;
+esac
+
+#DEBHELPER#
diff --git a/hack/make/.build-deb/docker-engine.udev b/hack/make/.build-deb/docker-engine.udev
new file mode 120000
index 00000000..914a3619
--- /dev/null
+++ b/hack/make/.build-deb/docker-engine.udev
@@ -0,0 +1 @@
+../../../contrib/udev/80-docker.rules
\ No newline at end of file
diff --git a/hack/make/.build-deb/docs b/hack/make/.build-deb/docs
new file mode 100644
index 00000000..b43bf86b
--- /dev/null
+++ b/hack/make/.build-deb/docs
@@ -0,0 +1 @@
+README.md
diff --git a/hack/make/.build-deb/rules b/hack/make/.build-deb/rules
new file mode 100755
index 00000000..9d999eba
--- /dev/null
+++ b/hack/make/.build-deb/rules
@@ -0,0 +1,45 @@
+#!/usr/bin/make -f
+
+VERSION = $(shell cat VERSION)
+
+override_dh_gencontrol:
+	# if we're on Ubuntu, we need to Recommends: apparmor
+	echo 'apparmor:Recommends=$(shell dpkg-vendor --is Ubuntu && echo apparmor)' >> debian/docker-engine.substvars
+	dh_gencontrol
+
+override_dh_auto_build:
+	./hack/make.sh dynbinary
+	# ./man/md2man-all.sh runs outside the build container (if at all), since we don't have go-md2man here
+
+override_dh_auto_test:
+	./bundles/$(VERSION)/dynbinary/docker -v
+
+override_dh_strip:
+	# Go has lots of problems with stripping, so just don't
+
+override_dh_auto_install:
+	mkdir -p debian/docker-engine/usr/bin
+	cp -aT "$$(readlink -f bundles/$(VERSION)/dynbinary/docker)" debian/docker-engine/usr/bin/docker
+	cp -aT /usr/local/bin/containerd debian/docker-engine/usr/bin/docker-containerd
+	cp -aT /usr/local/bin/containerd-shim debian/docker-engine/usr/bin/docker-containerd-shim
+	cp -aT /usr/local/bin/ctr debian/docker-engine/usr/bin/docker-containerd-ctr
+	cp -aT /usr/local/sbin/runc debian/docker-engine/usr/bin/docker-runc
+	mkdir -p debian/docker-engine/usr/lib/docker
+
+override_dh_installinit:
+	# use "docker" as our service name, not "docker-engine"
+	dh_installinit --name=docker
+
+override_dh_installudev:
+	# match our existing priority
+	dh_installudev --priority=z80
+
+override_dh_install:
+	dh_install
+	dh_apparmor --profile-name=docker-engine -pdocker-engine
+
+override_dh_shlibdeps:
+	dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info
+
+%:
+	dh $@ --with=bash-completion $(shell command -v dh_systemd_enable > /dev/null 2>&1 && echo --with=systemd)
diff --git a/hack/make/.build-rpm/docker-engine-selinux.spec b/hack/make/.build-rpm/docker-engine-selinux.spec
new file mode 100644
index 00000000..706af36a
--- /dev/null
+++ b/hack/make/.build-rpm/docker-engine-selinux.spec
@@ -0,0 +1,109 @@
+# Some bits borrowed from the openstack-selinux package
+Name: docker-engine-selinux
+Version: %{_version}
+Release: %{_release}%{?dist}
+Summary: SELinux Policies for the open-source application container engine
+BuildArch: noarch
+Group: Tools/Docker
+
+License: GPLv2
+Source: %{name}.tar.gz
+
+URL: https://dockerproject.org
+Vendor: Docker
+Packager: Docker <support@docker.com>
+
+# Version of SELinux we were using
+%if 0%{?fedora} == 20
+%global selinux_policyver 3.12.1-197
+%endif # fedora 20
+%if 0%{?fedora} == 21
+%global selinux_policyver 3.13.1-105
+%endif # fedora 21
+%if 0%{?fedora} >= 22
+%global selinux_policyver 3.13.1-128
+%endif # fedora 22
+%if 0%{?centos} >= 7 || 0%{?rhel} >= 7 || 0%{?oraclelinux} >= 7
+%global selinux_policyver 3.13.1-23
+%endif # centos,rhel,oraclelinux 7
+
+%global selinuxtype targeted
+%global moduletype  services
+%global modulenames docker
+
+Requires(post): selinux-policy-base >= %{selinux_policyver}, selinux-policy-targeted >= %{selinux_policyver}, policycoreutils, policycoreutils-python libselinux-utils
+BuildRequires: selinux-policy selinux-policy-devel
+
+# conflicting packages
+Conflicts: docker-selinux
+
+# Usage: _format var format
+#   Expand 'modulenames' into various formats as needed
+#   Format must contain '$x' somewhere to do anything useful
+%global _format() export %1=""; for x in %{modulenames}; do %1+=%2; %1+=" "; done;
+
+# Relabel files
+%global relabel_files() \
+    /sbin/restorecon -R %{_bindir}/docker %{_localstatedir}/run/docker.sock %{_localstatedir}/run/docker.pid %{_sysconfdir}/docker %{_localstatedir}/log/docker %{_localstatedir}/log/lxc %{_localstatedir}/lock/lxc %{_usr}/lib/systemd/system/docker.service /root/.docker &> /dev/null || : \
+
+%description
+SELinux policy modules for use with Docker
+
+%prep
+%if 0%{?centos} <= 6
+%setup -n %{name}
+%else
+%autosetup -n %{name}
+%endif
+
+%build
+make SHARE="%{_datadir}" TARGETS="%{modulenames}"
+
+%install
+
+# Install SELinux interfaces
+%_format INTERFACES $x.if
+install -d %{buildroot}%{_datadir}/selinux/devel/include/%{moduletype}
+install -p -m 644 $INTERFACES %{buildroot}%{_datadir}/selinux/devel/include/%{moduletype}
+
+# Install policy modules
+%_format MODULES $x.pp.bz2
+install -d %{buildroot}%{_datadir}/selinux/packages
+install -m 0644 $MODULES %{buildroot}%{_datadir}/selinux/packages
+
+%post
+#
+# Install all modules in a single transaction
+#
+if [ $1 -eq 1 ]; then
+    %{_sbindir}/setsebool -P -N virt_use_nfs=1 virt_sandbox_use_all_caps=1
+fi
+%_format MODULES %{_datadir}/selinux/packages/$x.pp.bz2
+%{_sbindir}/semodule -n -s %{selinuxtype} -i $MODULES
+if %{_sbindir}/selinuxenabled ; then
+    %{_sbindir}/load_policy
+    %relabel_files
+    if [ $1 -eq 1 ]; then
+	restorecon -R %{_sharedstatedir}/docker
+    fi
+fi
+
+%postun
+if [ $1 -eq 0 ]; then
+    %{_sbindir}/semodule -n -r %{modulenames} &> /dev/null || :
+    if %{_sbindir}/selinuxenabled ; then
+        %{_sbindir}/load_policy
+        %relabel_files
+    fi
+fi
+
+%files
+%doc LICENSE
+%defattr(-,root,root,0755)
+%attr(0644,root,root) %{_datadir}/selinux/packages/*.pp.bz2
+%attr(0644,root,root) %{_datadir}/selinux/devel/include/%{moduletype}/*.if
+
+%changelog
+* Tue Dec 1 2015 Jessica Frazelle <acidburn@docker.com> 1.9.1-1
+- add licence to rpm
+- add selinux-policy and docker-engine-selinux rpm
diff --git a/hack/make/.build-rpm/docker-engine.spec b/hack/make/.build-rpm/docker-engine.spec
new file mode 100644
index 00000000..e0fb5c88
--- /dev/null
+++ b/hack/make/.build-rpm/docker-engine.spec
@@ -0,0 +1,230 @@
+Name: docker-engine
+Version: %{_version}
+Release: %{_release}%{?dist}
+Summary: The open-source application container engine
+Group: Tools/Docker
+
+License: ASL 2.0
+Source: %{name}.tar.gz
+
+URL: https://dockerproject.org
+Vendor: Docker
+Packager: Docker <support@docker.com>
+
+# is_systemd conditional
+%if 0%{?fedora} >= 21 || 0%{?centos} >= 7 || 0%{?rhel} >= 7 || 0%{?suse_version} >= 1210
+%global is_systemd 1
+%endif
+
+# required packages for build
+# most are already in the container (see contrib/builder/rpm/ARCH/generate.sh)
+# only require systemd on those systems
+%if 0%{?is_systemd}
+%if 0%{?suse_version} >= 1210
+BuildRequires: systemd-rpm-macros
+%{?systemd_requires}
+%else
+BuildRequires: pkgconfig(systemd)
+Requires: systemd-units
+BuildRequires: pkgconfig(libsystemd-journal)
+%endif
+%else
+Requires(post): chkconfig
+Requires(preun): chkconfig
+# This is for /sbin/service
+Requires(preun): initscripts
+%endif
+
+# required packages on install
+Requires: /bin/sh
+Requires: iptables
+%if !0%{?suse_version}
+Requires: libcgroup
+%else
+Requires: libcgroup1
+%endif
+Requires: tar
+Requires: xz
+%if 0%{?fedora} >= 21 || 0%{?centos} >= 7 || 0%{?rhel} >= 7 || 0%{?oraclelinux} >= 7
+# Resolves: rhbz#1165615
+Requires: device-mapper-libs >= 1.02.90-1
+%endif
+%if 0%{?oraclelinux} >= 6
+# Require Oracle Unbreakable Enterprise Kernel R4 and newer device-mapper
+Requires: kernel-uek >= 4.1
+Requires: device-mapper >= 1.02.90-2
+%endif
+
+# docker-selinux conditional
+%if 0%{?fedora} >= 20 || 0%{?centos} >= 7 || 0%{?rhel} >= 7 || 0%{?oraclelinux} >= 7
+%global with_selinux 1
+%endif
+
+# start if with_selinux
+%if 0%{?with_selinux}
+# Version of SELinux we were using
+%if 0%{?fedora} == 20
+%global selinux_policyver 3.12.1-197
+%endif # fedora 20
+%if 0%{?fedora} == 21
+%global selinux_policyver 3.13.1-105
+%endif # fedora 21
+%if 0%{?fedora} >= 22
+%global selinux_policyver 3.13.1-128
+%endif # fedora 22
+%if 0%{?centos} >= 7 || 0%{?rhel} >= 7 || 0%{?oraclelinux} >= 7
+%global selinux_policyver 3.13.1-23
+%endif # centos,oraclelinux 7
+%endif # with_selinux
+
+# RE: rhbz#1195804 - ensure min NVR for selinux-policy
+%if 0%{?with_selinux}
+Requires: selinux-policy >= %{selinux_policyver}
+Requires(pre): %{name}-selinux >= %{epoch}:%{version}-%{release}
+%endif # with_selinux
+
+# conflicting packages
+Conflicts: docker
+Conflicts: docker-io
+Conflicts: docker-engine-cs
+
+%description
+Docker is an open source project to build, ship and run any application as a
+lightweight container.
+
+Docker containers are both hardware-agnostic and platform-agnostic. This means
+they can run anywhere, from your laptop to the largest EC2 compute instance and
+everything in between - and they don't require you to use a particular
+language, framework or packaging system. That makes them great building blocks
+for deploying and scaling web apps, databases, and backend services without
+depending on a particular stack or provider.
+
+%prep
+%if 0%{?centos} <= 6 || 0%{?oraclelinux} <=6
+%setup -n %{name}
+%else
+%autosetup -n %{name}
+%endif
+
+%build
+export DOCKER_GITCOMMIT=%{_gitcommit}
+./hack/make.sh dynbinary
+# ./man/md2man-all.sh runs outside the build container (if at all), since we don't have go-md2man here
+
+%check
+./bundles/%{_origversion}/dynbinary/docker -v
+
+%install
+# install binary
+install -d $RPM_BUILD_ROOT/%{_bindir}
+install -p -m 755 bundles/%{_origversion}/dynbinary/docker-%{_origversion} $RPM_BUILD_ROOT/%{_bindir}/docker
+
+# install containerd
+install -p -m 755 /usr/local/bin/containerd $RPM_BUILD_ROOT/%{_bindir}/docker-containerd
+install -p -m 755 /usr/local/bin/containerd-shim $RPM_BUILD_ROOT/%{_bindir}/docker-containerd-shim
+install -p -m 755 /usr/local/bin/ctr $RPM_BUILD_ROOT/%{_bindir}/docker-containerd-ctr
+
+# install runc
+install -p -m 755 /usr/local/sbin/runc $RPM_BUILD_ROOT/%{_bindir}/docker-runc
+
+# install udev rules
+install -d $RPM_BUILD_ROOT/%{_sysconfdir}/udev/rules.d
+install -p -m 644 contrib/udev/80-docker.rules $RPM_BUILD_ROOT/%{_sysconfdir}/udev/rules.d/80-docker.rules
+
+# add init scripts
+install -d $RPM_BUILD_ROOT/etc/sysconfig
+install -d $RPM_BUILD_ROOT/%{_initddir}
+
+
+%if 0%{?is_systemd}
+install -d $RPM_BUILD_ROOT/%{_unitdir}
+install -p -m 644 contrib/init/systemd/docker.service $RPM_BUILD_ROOT/%{_unitdir}/docker.service
+install -p -m 644 contrib/init/systemd/docker.socket $RPM_BUILD_ROOT/%{_unitdir}/docker.socket
+%else
+install -p -m 644 contrib/init/sysvinit-redhat/docker.sysconfig $RPM_BUILD_ROOT/etc/sysconfig/docker
+install -p -m 755 contrib/init/sysvinit-redhat/docker $RPM_BUILD_ROOT/%{_initddir}/docker
+%endif
+# add bash, zsh, and fish completions
+install -d $RPM_BUILD_ROOT/usr/share/bash-completion/completions
+install -d $RPM_BUILD_ROOT/usr/share/zsh/vendor-completions
+install -d $RPM_BUILD_ROOT/usr/share/fish/vendor_completions.d
+install -p -m 644 contrib/completion/bash/docker $RPM_BUILD_ROOT/usr/share/bash-completion/completions/docker
+install -p -m 644 contrib/completion/zsh/_docker $RPM_BUILD_ROOT/usr/share/zsh/vendor-completions/_docker
+install -p -m 644 contrib/completion/fish/docker.fish $RPM_BUILD_ROOT/usr/share/fish/vendor_completions.d/docker.fish
+
+# install manpages
+install -d %{buildroot}%{_mandir}/man1
+install -p -m 644 man/man1/*.1 $RPM_BUILD_ROOT/%{_mandir}/man1
+install -d %{buildroot}%{_mandir}/man5
+install -p -m 644 man/man5/*.5 $RPM_BUILD_ROOT/%{_mandir}/man5
+
+# add vimfiles
+install -d $RPM_BUILD_ROOT/usr/share/vim/vimfiles/doc
+install -d $RPM_BUILD_ROOT/usr/share/vim/vimfiles/ftdetect
+install -d $RPM_BUILD_ROOT/usr/share/vim/vimfiles/syntax
+install -p -m 644 contrib/syntax/vim/doc/dockerfile.txt $RPM_BUILD_ROOT/usr/share/vim/vimfiles/doc/dockerfile.txt
+install -p -m 644 contrib/syntax/vim/ftdetect/dockerfile.vim $RPM_BUILD_ROOT/usr/share/vim/vimfiles/ftdetect/dockerfile.vim
+install -p -m 644 contrib/syntax/vim/syntax/dockerfile.vim $RPM_BUILD_ROOT/usr/share/vim/vimfiles/syntax/dockerfile.vim
+
+# add nano
+install -d $RPM_BUILD_ROOT/usr/share/nano
+install -p -m 644 contrib/syntax/nano/Dockerfile.nanorc $RPM_BUILD_ROOT/usr/share/nano/Dockerfile.nanorc
+
+# list files owned by the package here
+%files
+%doc AUTHORS CHANGELOG.md CONTRIBUTING.md LICENSE MAINTAINERS NOTICE README.md
+/%{_bindir}/docker
+/%{_bindir}/docker-containerd
+/%{_bindir}/docker-containerd-shim
+/%{_bindir}/docker-containerd-ctr
+/%{_bindir}/docker-runc
+/%{_sysconfdir}/udev/rules.d/80-docker.rules
+%if 0%{?is_systemd}
+/%{_unitdir}/docker.service
+/%{_unitdir}/docker.socket
+%else
+%config(noreplace,missingok) /etc/sysconfig/docker
+/%{_initddir}/docker
+%endif
+/usr/share/bash-completion/completions/docker
+/usr/share/zsh/vendor-completions/_docker
+/usr/share/fish/vendor_completions.d/docker.fish
+%doc
+/%{_mandir}/man1/*
+/%{_mandir}/man5/*
+/usr/share/vim/vimfiles/doc/dockerfile.txt
+/usr/share/vim/vimfiles/ftdetect/dockerfile.vim
+/usr/share/vim/vimfiles/syntax/dockerfile.vim
+/usr/share/nano/Dockerfile.nanorc
+
+%post
+%if 0%{?is_systemd}
+%systemd_post docker
+%else
+# This adds the proper /etc/rc*.d links for the script
+/sbin/chkconfig --add docker
+%endif
+if ! getent group docker > /dev/null; then
+    groupadd --system docker
+fi
+
+%preun
+%if 0%{?is_systemd}
+%systemd_preun docker
+%else
+if [ $1 -eq 0 ] ; then
+    /sbin/service docker stop >/dev/null 2>&1
+    /sbin/chkconfig --del docker
+fi
+%endif
+
+%postun
+%if 0%{?is_systemd}
+%systemd_postun_with_restart docker
+%else
+if [ "$1" -ge "1" ] ; then
+    /sbin/service docker condrestart >/dev/null 2>&1 || :
+fi
+%endif
+
+%changelog
diff --git a/hack/make/.detect-daemon-osarch b/hack/make/.detect-daemon-osarch
new file mode 100644
index 00000000..571e802e
--- /dev/null
+++ b/hack/make/.detect-daemon-osarch
@@ -0,0 +1,66 @@
+#!/bin/bash
+set -e
+
+docker-version-osarch() {
+	local target="$1" # "Client" or "Server"
+	local fmtStr="{{.${target}.Os}}/{{.${target}.Arch}}"
+	if docker version -f "$fmtStr" 2>/dev/null; then
+		# if "docker version -f" works, let's just use that!
+		return
+	fi
+	docker version | awk '
+		$1 ~ /^(Client|Server):$/ { section = 0 }
+		$1 == "'"$target"':" { section = 1; next }
+		section && $1 == "OS/Arch:" { print $2 }
+
+		# old versions of Docker
+		$1 == "OS/Arch" && $2 == "('"${target,,}"'):" { print $3 }
+	'
+}
+
+# Retrieve OS/ARCH of docker daemon, eg. linux/amd64
+export DOCKER_ENGINE_OSARCH="$(docker-version-osarch 'Server')"
+export DOCKER_ENGINE_GOOS="${DOCKER_ENGINE_OSARCH%/*}"
+export DOCKER_ENGINE_GOARCH="${DOCKER_ENGINE_OSARCH##*/}"
+DOCKER_ENGINE_GOARCH=${DOCKER_ENGINE_GOARCH:=amd64}
+
+# and the client, just in case
+export DOCKER_CLIENT_OSARCH="$(docker-version-osarch 'Client')"
+export DOCKER_CLIENT_GOOS="${DOCKER_CLIENT_OSARCH%/*}"
+export DOCKER_CLIENT_GOARCH="${DOCKER_CLIENT_OSARCH##*/}"
+DOCKER_CLIENT_GOARCH=${DOCKER_CLIENT_GOARCH:=amd64}
+
+# Retrieve the architecture used in contrib/builder/(deb|rpm)/$PACKAGE_ARCH/
+PACKAGE_ARCH='amd64'
+case "${DOCKER_ENGINE_GOARCH:-$DOCKER_CLIENT_GOARCH}" in
+	arm)
+		PACKAGE_ARCH='armhf'
+		;;
+	arm64)
+		PACKAGE_ARCH='aarch64'
+		;;
+	amd64|ppc64le|s390x)
+		PACKAGE_ARCH="${DOCKER_ENGINE_GOARCH:-$DOCKER_CLIENT_GOARCH}"
+		;;
+	*)
+		echo >&2 "warning: not sure how to convert '$DOCKER_ENGINE_GOARCH' to a 'Docker' arch, assuming '$PACKAGE_ARCH'"
+		;;
+esac
+export PACKAGE_ARCH
+
+DOCKERFILE='Dockerfile'
+TEST_IMAGE_NAMESPACE=
+case "$PACKAGE_ARCH" in
+	amd64)
+		case "${DOCKER_ENGINE_GOOS:-$DOCKER_CLIENT_GOOS}" in
+			windows)
+				DOCKERFILE='Dockerfile.windows'
+				;;
+		esac
+		;;
+	*)
+		DOCKERFILE="Dockerfile.$PACKAGE_ARCH"
+		TEST_IMAGE_NAMESPACE="$PACKAGE_ARCH"
+		;;
+esac
+export DOCKERFILE TEST_IMAGE_NAMESPACE
diff --git a/hack/make/.ensure-emptyfs b/hack/make/.ensure-emptyfs
new file mode 100644
index 00000000..e71a30ae
--- /dev/null
+++ b/hack/make/.ensure-emptyfs
@@ -0,0 +1,23 @@
+#!/bin/bash
+set -e
+
+if ! docker inspect emptyfs &> /dev/null; then
+	# let's build a "docker save" tarball for "emptyfs"
+	# see https://github.com/docker/docker/pull/5262
+	# and also https://github.com/docker/docker/issues/4242
+	dir="$DEST/emptyfs"
+	mkdir -p "$dir"
+	(
+		cd "$dir"
+		echo '{"emptyfs":{"latest":"511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158"}}' > repositories
+		mkdir -p 511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158
+		(
+			cd 511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158
+			echo '{"id":"511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158","comment":"Imported from -","created":"2013-06-13T14:03:50.821769-07:00","container_config":{"Hostname":"","Domainname":"","User":"","Memory":0,"MemorySwap":0,"CpuShares":0,"AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"PortSpecs":null,"ExposedPorts":null,"Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":null,"Cmd":null,"Image":"","Volumes":null,"WorkingDir":"","Entrypoint":null,"NetworkDisabled":false,"OnBuild":null},"docker_version":"0.4.0","architecture":"x86_64","Size":0}' > json
+			echo '1.0' > VERSION
+			tar -cf layer.tar --files-from /dev/null
+		)
+	)
+	( set -x; tar -cC "$dir" . | docker load )
+	rm -rf "$dir"
+fi
diff --git a/hack/make/.ensure-frozen-images b/hack/make/.ensure-frozen-images
new file mode 100644
index 00000000..d0c55e50
--- /dev/null
+++ b/hack/make/.ensure-frozen-images
@@ -0,0 +1,67 @@
+#!/bin/bash
+set -e
+
+# image list should match what's in the Dockerfile (minus the explicit images IDs)
+images=(
+	buildpack-deps:jessie
+	busybox:latest
+	debian:jessie
+	hello-world:latest
+)
+
+if [ "$TEST_IMAGE_NAMESPACE" ]; then
+	for (( i = 0; i < ${#images[@]}; i++ )); do
+		images[$i]="$TEST_IMAGE_NAMESPACE/${images[$i]}"
+	done
+fi
+
+if ! docker inspect "${images[@]}" &> /dev/null; then
+	hardCodedDir='/docker-frozen-images'
+	if [ -d "$hardCodedDir" ]; then
+		# Do not use a subshell for the following command. Windows to Linux CI
+		# runs bash 3.x so will not trap an error in a subshell.
+		# http://stackoverflow.com/questions/22630363/how-does-set-e-work-with-subshells
+		set -x; tar -cC "$hardCodedDir" . | docker load; set +x
+	else
+		dir="$DEST/frozen-images"
+		# extract the exact "RUN download-frozen-image-v2.sh" line from the Dockerfile itself for consistency
+		# NOTE: this will fail if either "curl" or "jq" is not installed or if the Dockerfile is not available/readable
+		awk '
+			$1 == "RUN" && $2 == "./contrib/download-frozen-image-v2.sh" {
+				for (i = 2; i < NF; i++)
+					printf ( $i == "'"$hardCodedDir"'" ? "'"$dir"'" : $i ) " ";
+				print $NF;
+				if (/\\$/) {
+					inCont = 1;
+					next;
+				}
+			}
+			inCont {
+				print;
+				if (!/\\$/) {
+					inCont = 0;
+				}
+			}
+		' "$DOCKERFILE" | sh -x
+		# Do not use a subshell for the following command. Windows to Linux CI
+		# runs bash 3.x so will not trap an error in a subshell.
+		# http://stackoverflow.com/questions/22630363/how-does-set-e-work-with-subshells
+		set -x; tar -cC "$dir" . | docker load; set +x
+	fi
+fi
+
+if [ "$TEST_IMAGE_NAMESPACE" ]; then
+	for image in "${images[@]}"; do
+		target="${image#$TEST_IMAGE_NAMESPACE/}"
+		if [ "$target" != "$image" ]; then
+			# tag images to ensure that all integrations work with the defined image names
+			docker tag "$image" "$target"
+			# then remove original tags as these make problems with later tests (e.g., TestInspectApiImageResponse)
+			docker rmi "$image"
+		fi
+	done
+fi
+
+# explicitly rename "hello-world:latest" to ":frozen" for the test that uses it
+docker tag hello-world:latest hello-world:frozen
+docker rmi hello-world:latest
diff --git a/hack/make/.ensure-frozen-images-windows b/hack/make/.ensure-frozen-images-windows
new file mode 100644
index 00000000..f55a2e41
--- /dev/null
+++ b/hack/make/.ensure-frozen-images-windows
@@ -0,0 +1,25 @@
+#!/bin/bash
+set -e
+
+# This scripts sets up the required images for Windows to Windows CI
+
+# Tag windowsservercore as latest
+set +e
+! BUILD=$(docker images | grep windowsservercore | grep -v latest | awk '{print $2}')
+if [ -z $BUILD ]; then
+	echo "ERROR: Could not find windowsservercore images"
+	exit 1
+fi
+
+! LATESTCOUNT=$(docker images | grep windowsservercore | grep -v $BUILD | wc -l)
+if [ $LATESTCOUNT -ne 1 ]; then
+	set -e
+	docker tag windowsservercore:$BUILD windowsservercore:latest
+	echo "INFO: Tagged windowsservercore:$BUILD with latest"
+fi
+
+# Busybox (requires windowsservercore)
+if [ -z "$(docker images | grep busybox)" ]; then
+	echo "INFO: Building busybox"
+	docker build -t busybox https://raw.githubusercontent.com/jhowardmsft/busybox/master/Dockerfile
+fi
\ No newline at end of file
diff --git a/hack/make/.ensure-httpserver b/hack/make/.ensure-httpserver
new file mode 100644
index 00000000..3fc84b2f
--- /dev/null
+++ b/hack/make/.ensure-httpserver
@@ -0,0 +1,15 @@
+#!/bin/bash
+set -e
+
+# Build a Go static web server on top of busybox image
+# and compile it for target daemon
+
+dir="$DEST/httpserver"
+mkdir -p "$dir"
+(
+	cd "$dir"
+	GOOS=${DOCKER_ENGINE_GOOS:="linux"} GOARCH=${DOCKER_ENGINE_GOARCH:="amd64"} CGO_ENABLED=0 go build -o httpserver github.com/docker/docker/contrib/httpserver
+	cp ../../../../contrib/httpserver/Dockerfile .
+	docker build -qt httpserver . > /dev/null
+)
+rm -rf "$dir"
diff --git a/hack/make/.ensure-nnp-test b/hack/make/.ensure-nnp-test
new file mode 100644
index 00000000..26b11b9a
--- /dev/null
+++ b/hack/make/.ensure-nnp-test
@@ -0,0 +1,22 @@
+#!/bin/bash
+set -e
+
+# Build a C binary for testing no-new-privileges
+# and compile it for target daemon
+if [ "$DOCKER_ENGINE_GOOS" = "linux" ]; then
+	if [ "$DOCKER_ENGINE_OSARCH" = "$DOCKER_CLIENT_OSARCH" ]; then
+		tmpdir=$(mktemp -d)
+		gcc -g -Wall -static contrib/nnp-test/nnp-test.c -o "${tmpdir}/nnp-test"
+
+		dockerfile="${tmpdir}/Dockerfile"
+		cat <<-EOF > "$dockerfile"
+		FROM debian:jessie
+		COPY . /usr/bin/
+		RUN chmod +s /usr/bin/nnp-test
+		EOF
+		docker build --force-rm ${DOCKER_BUILD_ARGS} -qt nnp-test "${tmpdir}" > /dev/null
+		rm -rf "${tmpdir}"
+	else
+		docker build ${DOCKER_BUILD_ARGS} -qt nnp-test contrib/nnp-test > /dev/null
+	fi
+fi
diff --git a/hack/make/.ensure-syscall-test b/hack/make/.ensure-syscall-test
new file mode 100644
index 00000000..376fef1c
--- /dev/null
+++ b/hack/make/.ensure-syscall-test
@@ -0,0 +1,23 @@
+#!/bin/bash
+set -e
+
+# Build a C binary for cloning a userns for seccomp tests
+# and compile it for target daemon
+if [ "$DOCKER_ENGINE_GOOS" = "linux" ]; then
+	if [ "$DOCKER_ENGINE_OSARCH" = "$DOCKER_CLIENT_OSARCH" ]; then
+		tmpdir=$(mktemp -d)
+		gcc -g -Wall -static contrib/syscall-test/userns.c -o "${tmpdir}/userns-test"
+		gcc -g -Wall -static contrib/syscall-test/ns.c -o "${tmpdir}/ns-test"
+		gcc -g -Wall -static contrib/syscall-test/acct.c -o "${tmpdir}/acct-test"
+
+		dockerfile="${tmpdir}/Dockerfile"
+		cat <<-EOF > "$dockerfile"
+		FROM debian:jessie
+		COPY . /usr/bin/
+		EOF
+		docker build --force-rm ${DOCKER_BUILD_ARGS} -qt syscall-test "${tmpdir}" > /dev/null
+		rm -rf "${tmpdir}"
+	else
+		docker build ${DOCKER_BUILD_ARGS} -qt syscall-test contrib/syscall-test > /dev/null
+	fi
+fi
diff --git a/hack/make/.go-autogen b/hack/make/.go-autogen
new file mode 100644
index 00000000..c8e13b47
--- /dev/null
+++ b/hack/make/.go-autogen
@@ -0,0 +1,63 @@
+#!/bin/bash
+
+rm -rf autogen
+
+cat > dockerversion/version_autogen.go <<DVEOF
+// +build autogen
+
+// Package dockerversion is auto-generated at build-time
+package dockerversion
+
+// Default build-time variable for library-import.
+// This file is overridden on build with build-time informations.
+const (
+	GitCommit string = "$GITCOMMIT"
+	Version   string = "$VERSION"
+	BuildTime string = "$BUILDTIME"
+	IAmStatic string = "${IAMSTATIC:-true}"
+)
+// AUTOGENERATED FILE; see $BASH_SOURCE
+DVEOF
+
+# Compile the Windows resources into the sources
+mkdir -p autogen/winresources
+cat > autogen/winresources/resources.go <<WREOF
+// Package winresources is auto-generated at build-time
+// AUTOGENERATED FILE; see $BASH_SOURCE
+package winresources
+
+/*
+
+This package is for embedding a manifest file and an icon into docker.exe.
+The benefit of this is that a manifest file does not need to be alongside
+the .exe, and there is an icon when docker runs, or viewed through Windows
+explorer.
+
+When make binary is run, the Dockerfile prepares the build environment by:
+
+ - Cloning github.com/akavel/rsrc
+
+ - Go-installing the rsrc executable
+
+make.sh invokes hack/make/.go-autogen to:
+
+ - Run rsrc to create a binary file (autogen/winresources/rsrc.syso) that
+   contains the manifest and icon. This file is automatically picked up by
+   'go build', so no post-processing steps are required. The sources for
+   rsrc.syso are under hack/make/.resources-windows.
+
+*/
+WREOF
+if [ "$(go env GOOS)" = 'windows' ]; then
+	rsrc \
+		-manifest hack/make/.resources-windows/docker.exe.manifest \
+		-ico      hack/make/.resources-windows/docker.ico \
+		-arch     "amd64" \
+		-o        autogen/winresources/rsrc_amd64.syso > /dev/null
+
+	rsrc \
+		-manifest hack/make/.resources-windows/docker.exe.manifest \
+		-ico      hack/make/.resources-windows/docker.ico \
+		-arch     "386" \
+		-o        autogen/winresources/rsrc_386.syso > /dev/null
+fi
diff --git a/hack/make/.integration-daemon-setup b/hack/make/.integration-daemon-setup
new file mode 100644
index 00000000..b50f9454
--- /dev/null
+++ b/hack/make/.integration-daemon-setup
@@ -0,0 +1,14 @@
+#!/bin/bash
+set -e
+
+bundle .detect-daemon-osarch
+if [ $DOCKER_ENGINE_GOOS != "windows" ]; then
+	bundle .ensure-emptyfs
+	bundle .ensure-frozen-images
+	bundle .ensure-httpserver
+	bundle .ensure-syscall-test
+	bundle .ensure-nnp-test
+else
+	# Note this is Windows to Windows CI, not Windows to Linux CI
+	bundle .ensure-frozen-images-windows
+fi
diff --git a/hack/make/.integration-daemon-start b/hack/make/.integration-daemon-start
new file mode 100644
index 00000000..ab4c8aae
--- /dev/null
+++ b/hack/make/.integration-daemon-start
@@ -0,0 +1,99 @@
+#!/bin/bash
+
+# see test-integration-cli for example usage of this script
+
+export PATH="$ABS_DEST/../binary:$ABS_DEST/../dynbinary:$ABS_DEST/../gccgo:$ABS_DEST/../dyngccgo:$PATH"
+
+if ! command -v docker &> /dev/null; then
+	echo >&2 'error: binary or dynbinary must be run before .integration-daemon-start'
+	false
+fi
+
+if [ -z "$DOCKER_TEST_HOST" ]; then
+	if docker version &> /dev/null; then
+		echo >&2 'skipping daemon start, since daemon appears to be already started'
+		return
+	fi
+fi
+
+# intentionally open a couple bogus file descriptors to help test that they get scrubbed in containers
+exec 41>&1 42>&2
+
+export DOCKER_GRAPHDRIVER=${DOCKER_GRAPHDRIVER:-vfs}
+export DOCKER_USERLANDPROXY=${DOCKER_USERLANDPROXY:-true}
+
+# example usage: DOCKER_STORAGE_OPTS="dm.basesize=20G,dm.loopdatasize=200G"
+storage_params=""
+if [ -n "$DOCKER_STORAGE_OPTS" ]; then
+	IFS=','
+	for i in ${DOCKER_STORAGE_OPTS}; do
+		storage_params="--storage-opt $i $storage_params"
+	done
+	unset IFS
+fi
+
+# example usage: DOCKER_STORAGE_OPTS="dm.basesize=20G,dm.loopdatasize=200G"
+extra_params=""
+if [ "$DOCKER_REMAP_ROOT" ]; then
+	extra_params="--userns-remap $DOCKER_REMAP_ROOT"
+fi
+
+if [ -z "$DOCKER_TEST_HOST" ]; then
+	# Start apparmor if it is enabled
+	if [ -e "/sys/module/apparmor/parameters/enabled" ] && [ "$(cat /sys/module/apparmor/parameters/enabled)" == "Y" ]; then
+		# reset container variable so apparmor profile is applied to process
+		# see https://github.com/docker/libcontainer/blob/master/apparmor/apparmor.go#L16
+		export container=""
+		(
+			set -x
+			/etc/init.d/apparmor start
+		)
+	fi
+
+	export DOCKER_HOST="unix://$(cd "$DEST" && pwd)/docker.sock" # "pwd" tricks to make sure $DEST is an absolute path, not a relative one
+	( set -x; exec \
+		docker daemon --debug \
+		--host "$DOCKER_HOST" \
+		--storage-driver "$DOCKER_GRAPHDRIVER" \
+		--pidfile "$DEST/docker.pid" \
+		--userland-proxy="$DOCKER_USERLANDPROXY" \
+		$storage_params \
+		$extra_params \
+			&> "$DEST/docker.log"
+	) &
+	# make sure that if the script exits unexpectedly, we stop this daemon we just started
+	trap 'bundle .integration-daemon-stop' EXIT
+else
+	export DOCKER_HOST="$DOCKER_TEST_HOST"
+fi
+
+# give it a little time to come up so it's "ready"
+tries=60
+echo "INFO: Waiting for daemon to start..."
+while ! docker version &> /dev/null; do
+	(( tries-- ))
+	if [ $tries -le 0 ]; then
+		printf "\n"
+		if [ -z "$DOCKER_HOST" ]; then
+			echo >&2 "error: daemon failed to start"
+			echo >&2 "  check $DEST/docker.log for details"
+		else
+			echo >&2 "error: daemon at $DOCKER_HOST fails to 'docker version':"
+			docker version >&2 || true
+			# Additional Windows CI debugging as this is a common error as of
+			# January 2016
+			if [ "$(go env GOOS)" = 'windows' ]; then	
+				echo >&2 "Container log below:"
+				echo >&2 "---"
+				# Important - use the docker on the CI host, not the one built locally
+				# which is currently in our path.
+				! /c/bin/docker -H=$MAIN_DOCKER_HOST logs docker-$COMMITHASH
+				echo >&2 "---"
+			fi			
+		fi
+		false
+	fi
+	printf "."
+	sleep 2
+done
+printf "\n"
diff --git a/hack/make/.integration-daemon-stop b/hack/make/.integration-daemon-stop
new file mode 100644
index 00000000..03c1b146
--- /dev/null
+++ b/hack/make/.integration-daemon-stop
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+if [ ! "$(go env GOOS)" = 'windows' ]; then
+	trap - EXIT # reset EXIT trap applied in .integration-daemon-start
+
+	for pidFile in $(find "$DEST" -name docker.pid); do
+		pid=$(set -x; cat "$pidFile")
+		( set -x; kill "$pid" )
+		if ! wait "$pid"; then
+			echo >&2 "warning: PID $pid from $pidFile had a nonzero exit code"
+		fi
+	done
+
+	if [ -z "$DOCKER_TEST_HOST" ]; then
+		# Stop apparmor if it is enabled
+		if [ -e "/sys/module/apparmor/parameters/enabled" ] && [ "$(cat /sys/module/apparmor/parameters/enabled)" == "Y" ]; then
+			(
+				set -x
+				/etc/init.d/apparmor stop
+			)
+		fi
+	fi
+else
+	# Note this script is not actionable on Windows to Linux CI. Instead the 
+	# DIND daemon under test is torn down by the Jenkins tear-down script
+	echo "INFO: Not stopping daemon on Windows CI"
+fi
diff --git a/hack/make/.resources-windows/docker.exe.manifest b/hack/make/.resources-windows/docker.exe.manifest
new file mode 100644
index 00000000..674bc942
--- /dev/null
+++ b/hack/make/.resources-windows/docker.exe.manifest
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
+    <description>Docker</description>
+    <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"> 
+        <application> 
+            <!-- Windows 10 -->
+            <supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"/>
+            <!-- Windows 8.1 -->
+            <supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/>
+            <!-- Windows Vista -->
+            <supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/> 
+            <!-- Windows 7 -->
+            <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/>
+            <!-- Windows 8 -->
+            <supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/>
+        </application> 
+    </compatibility>
+</assembly>
\ No newline at end of file
diff --git a/hack/make/.resources-windows/docker.ico b/hack/make/.resources-windows/docker.ico
new file mode 100644
index 0000000000000000000000000000000000000000..c6506ec8dbd8e295d98a084412e9d2c358a6ba39
GIT binary patch
literal 370070
zcmeEP2Y405+TL?c0%F4sD!rrFr6_v!{$4AJ1?*S7-fQo@E1)91i}a!b(rX$m0Ro|S
zl8_#Huc9K5%>TY~c9PA>Nlzf<JJ0iGW_NaHXWy^PH?y-F%W_$jEdE?p9ji&50P7Xx
zJ9f0U&vIG4vG2}1?d|`wtdJ&w*7etWx5qcMtmHQWtvYq=?F%gHhrWT<1xQ)nYXO#Z
z?azT$6V!<vmgV;D=cZ+$P=3OIFdz&F1HynXAPfit!hkR!3<v|lfG{8o2m``^Fdz&F
z1HynXAPfit!hkR!3<v|lfG{8o2m``^Fdz&F1HynXAPfit!hkR!3<v|lfG{8o2m``^
zFdz&F1HynXAPfit!hkR!3<v|lfG{8o2m``^Fdz&F1HynXAPfit!hkR!3<v|lfG{8o
z2m``^Fdz&F1HynXAPfit!hkR!3<v|lfG{8o2m``^Fdz&F1HynXAPfit!hkR!3<v|l
zfG{8o2m``^Fdz&F1HynXAPfit!hkR!3<v|lfG{8o2m``^Fdz&F1HynXAPfit!hkR!
z3<v|lfG{8o2m``^Fdz&F1HynXAPfit!hkR!3<v|lfG{8o2m``^Fdz&F1HynXAPfit
z!hkR!3<v|lfG{8o2m``^Fdz&F1HynXAPfit!hkR!3<v|lfG{8o2m``^Fdz&F1HynX
zAPfit!hkR!3<v|lfG{8o2m``^Fdz&F1HynXAPfit!hkR!3<v|lfG{8o2m``^Fdz&F
z1HynXAPfit!hkR!3<v|lfG{8o2m``^Fdz&F1HynXAPfit!hkR!3<v|lfG{8o2m``^
zFdz&F1HynXAPfit!hkR!3<v|lfG{8o2m``^Fdz&F1HynXAPfit!hkR!3<v|lfG{8o
z2m``^Fdz&F1HynXAPfit!hkR!3<v|lfG{8o2m``^Fi>m^YzX_0Ys1`^UF*YMa1~pn
zQjstq44g3rHUvNJ**NcYPxRuB0h?D14oKMWTR>{++JN8Fl)E5}8uGT~8vB{$p7Fiq
z3GHSD%<W|b%<p3bEa+ziME+=b7XM^<q6S&+rGqW;9R(p)jui%q$UyXhk6dwUhP#qu
zXS(B-_wdB6>>rR6Jw0Ie?|buO<F2ROmb;r}1&q4R3LM|wsx+#V71+~b1-xfjo|`LM
z?ltT3Z`0GiwOnD{y}lv5uN4r{&+@=exZy8c3kO)PC4=%`R}pEE(}jU@%RubnuibI0
ze+o=anD5EyCKvUz0#=S`boIKR$L`q}{$ab=WxbzH*f{>Fq?qadi(lEl=jLTyr^ZHo
z7akkcdFke*UDm`d?HV1stb2UylFl*Mw>EBh&(-lO`z&8Q{gHVQeLchH_qMvv>*e}n
zb`R@6u;-^>-%l(WU_HF#C+qHIL#^iPMp?BEg<AnRwa4tA{Eg*?PY8@0Xayi%$d8XQ
zr%EaeR7eIkFYn<_ikaa~-W=>n-W;06W+I1Ne$J)^pInx>VeC~g3qScfHtL7TiJK;c
zro@FsC2sibAoeS4E1a*A<HA%*e7H(UT&Pl$76FkCEW-W;YD>y8wPnjH6}NVbS~}?=
zHMiddDy*BO!n(Tvrj~*aP;+{E0bihiKd`-Zc6VzT(lGdjX$$&WgBJa0y}Pi#)e_s)
zR*keSKCsZL<SW2goppTRL7nb-y)F0Rff6J5awOXolY!04dwUYrkIm>)V-|m<$Jfyd
z-o1A7ioUNV$IkjTe$BAx#ElbAr6kOUZO^qaPo*S8*tWem9d>>)HF4pIl*EV=DGA}g
zd>)^cf%v&;h$Yguq%KQO*f=45`IJY~X7>zC3+`;Cg?6>lVDqPJoJ4xU#!1WtoC4B;
z4BvpVY<c*EG}!jO@IKZO_=@i6|6fPk&~Ehzs}?1@d}vmiM;&gA9Ri~yKB$<AUxDvB
z4mO{fvcj|XxN@xzc|zO!hS|?wl(cC|^SD+02PSTsvIhP5!KBz(u<>xOjiWzj9ySk~
zj(}}PoWwS5JlzJ$;2-ocJkEi*xoS)D61{KjocGk+{+Fnb&USy_!wp-`?DzfIHuk04
zFn)qQ!uShQrsyM#pD^(Q(w*=PD-kP9!Cc~th!YyYCtT(f|D>-i*VK-P5qe^taiEMB
zoZLvh{4lV2c^`MurtuklJ?{+T@Ou+CP3WDpX;QL|-4nuL&#+y@>4@QJ<Lt}Xk7u=M
zr+w#?k7v9vU&s5KSC3GOM%|$8KC~<BUE6*3emn>J&(`1Pa2$OBeT0r57&rJH2VbBt
z&#)aa!U*_-k1#*b+*iUO-7F8EIr#3EZDF7+G7!IZxM%mlR9EbhuDY*}jqF%Ee(i|&
zF=mfTiJN^qIev~xO~lw-_wC`Zb@uDFAIQnJ^V*MbLTVD{03y|zu(#CgUgxNgA7Jma
z`yP4r_xZK=ypA*ez{Cpl4SFmQYR@qsKKKLUhB(9rLos&v=c?h}@q&?aw-+oIVupaF
zc=l-aNh%DK1qL>+=z}@@p`PtqmU-=dafj;@H;x~H`T0Z1@p}B8o{|`W{+?rY_VJFG
zy(oFu{+8q@l^8ukEgAa{ZTF$wX!nfui@nb;Or7)t977Q1{B({P;0tyDzu?)yODjiM
z=NdV~U%0p)0dtKqe`rXNv{W(>z2IXv*5T;*b?R%Dd-Jj$EfUs^o|YUNl*V`*^K`U%
z_VLAM^TuD$_EVRu&8vs0@Ike`<NW-M@r@mx?$jA0q;dX$egH_v7~v4+2*+TY&}Qu@
zs~Uy9ezfHZ>Iz?gm|(@QtaFN`QW>OC6^eoQHN)Mh3E?_c-8BELrU~mtO-zmr{uBK?
z;`;@(dyMIev9C9F&lE8QZGY3^E^1Ei^HgXT+L7mU+jCK`XJP|0caY9G1NeeC_=3Jz
zU({47uiaz3;6kk6VN6h=luT~6)G-jf@MAZg*Xg;v^+D|}k6$yiJK}uUI_y4i0sH!*
zkLjJZ?whCW<GKF2`Jci50u-L<oz8K7QEfh_^XUWl{E^Vdz!#)r955gA1y4m!w9YY#
z5YZQNhVtyd&>`t*Vqksn<1UWzdAZ-(S?-u6ou0xNe=DEUd*l2PwtLg>rz}_N=6wvi
zcYB|~m7cMFPPSdp{bml4_h({)&F}+XE*s{3o;c=RtWCxmBg6?351c0bugI6#IPW#r
z#<{O*+h055!J6@_hfT!#J=#6S^&H>x*?ck0>E%=p$NRAT_2FN5pTBp{*Yo^>+Fofp
zUdIGx?hs>u!+1u}W9bm95%rPpAn=(1)*p!<sK^Fdg7+R1)fMx4y|jKsFYfec!ul}>
z>{uVRUqa)1UmsxGKF9lE-79(5@SeVBd!@lA=$L@<0DS@04;{fcU@-hZUA4nIM}T=m
zJ}(eIP=dBl(W;JH(M|XHk^QYISku!xDK-et@vuHGF`Vml3cgOKFz0Z*k7s<FR}EKl
z`kY^0#`}f!DYSn+OZ57IUe*!x|9zJav96?U;+<x`kECT*(R5Yrw|E(dj_jcIXyd#O
zuZ&yu(@J}sPrEPiSU(xh4!z*ofpEO@GhIatuIHWS@98nm&9bE?PUak%FTC&lWITf}
zto@ai^JxEken9Y<!6D8MtQcZlKrNW?1?C1YPguMfA+=Q$24L@cet*-VFIwXHezG0!
z^Lbve+P<-K)N98Q5o$})0<|q=vD&d^iQ2VwiQ2nolft_L3i_-T4GvV1gWWk|(IB@X
z7XIW`3kJGX!~nON-`}O?_jRecy<Pe}KjR~q8Xw`@SH|-60~{N8*A(@#67X$;XQ`(l
zT`U)Tf*bLHUXxW(bXV@P@C;y$KEAyXtZhGfaffFUqo*Ik93SI-KGQ3Pc;EEvSgWt?
zJW}o48l`q`U!nHxTCEQ5U8fH1+n^5b--vXb`u#|<+7UBSMGX%CJQ?W{<el)Au{=BU
zal>%DjmRM$?IRZa=vLwV-D+MR_y#<8=USW$e_%g@D?`3O`vJ6H`vHsr=HY$A>!=Ci
z5DUNuNGwozv#1bf;$3?eY+c(v*73cIHGC>1X%YH+zF%8-+c$lDYGOESev#U>ZJEQ?
zH>x8CqJd2sw0kc$==}$FuTU$-HAH`J!QKNiY}nXxp;L#SU>%F$6CwwDblfl>K4ETe
zuRoyuXZQr<%YZ+~cy@^O1Ha?>;1BD6vCg6bW1H_BN-R(zthwMfnH)D;_YrZchjiex
zJ*?%y8s2%F<43=*L0{ktQ)Z``eu8$-^R^~0LjS%@?ccpd+jgd{Z?bLO*nDQnzW?aq
z6t#Kbt7_3t7W(x{#b^7DSRjl4@Z%FWj$n+yu|pY)5BS_rzjJ_RhU@W7!@H;voD;xz
zjwBW+xOtT8Gg6b6>V5&=*y)rUhj;Xn7N5dAKfblW@9Ow|TPN#xc37Umclx|*{nKIh
z@DUMd7{8~%=1(2kzu^@6_*3ZDZ7{y~#`u~2eWvXn-nU*IJ(Qq!Cr?*VBhFKchq_?<
z0VQw$e*A(NPtZ?r-huvra|v9hYhr^^921zi0k$_Cw*N!iB=0&xt|i8^Lx}~-wN>Zu
z<`UNas`Vf#W@cx`{P-3}T4MARmALUYm9SyVse}z<PsXnseIkC{sN)Iie*QCl-Oqnv
z8+l+o%g3ehn_P*}(-gkvrN{FJ_N>i_;}2sz?;X?A<`L%~+?;;oV9ZJ6PaNL2@g&OA
zv-$zV{)gh##?ZE>ukZI``&nWGlp9~bbjeVR6)?Xzzn|Od3+(3&rPLSjU86L{FPIlt
ziM2w_s2Ruy;+tmT1M+7k<@%_^b-%b$;^#C-ik(?!^NN0TVxqpUyK&w-bvDd?vG#`9
z|Es-j)?>BS&TLz2-K<AzuATKrtu-?rM*fjn8^WHevtiCFb)px3UN>fG&${phb&ej2
zYqEbw<RjZ+Ms?d3GjiIFgvs;wZd(|6Xz%)k2luXt*|#ksZU4?C>d@Y`-m(9|&F~A+
z^bPa_CyyRZJh?MryjncWea8BIU)%S$ZT!Jv_yRt22=9lu0N)QRrE!6oALO&b!+1vU
zsyc4DKD^KSjG$aAx7=Kg4B+{YCmi3s59@3NOvRe=91kpFK|<tfy6)A}A3Zm2(R&Z3
zZXEK`zFjL{*qc0cz|OdFNA~YrdIJ6+{m`D3==&4YhTwbBBL`V0G44<EXM3e>pVJrU
zxBz1W_P1Pf!1=>c6c_0ELADKZgCot{ApC*M2^3Ms%i8If6UuR|s5*R$XHR(bb7Ci)
zbLpmWRW9E&?ySq#{ZgsU+Mg@cBQ}hwTyxE+v#wY>x@xnHV=inIJE8jJ2f}X2_C4IZ
zI2nAa6%aMN=_T6}C!L=d`9{0#vA;~&kuZMt^3fOkv3LmP{D%dkmo{6^t37&r!1)3^
zQ{ego&K;Jrn1Hc>nHyZOe3*4L<%IEoe)f}>%%r^RGk~=r+V(O2dmhh*r$Y7<5Eo8`
zUQ9>dFdOqli-FbH7YiiV*ou_jv)hic6g)pqTsl1P;L_m%yMaVJqhE?~@hrr{(-#j3
zn6_kSz|>{KD*d)%MCHM&Mpk}r#fVDv7Y#YL>Z)IBT$&Qr<~*g+{l*)S&sd)2L#nh~
zHazgzs9^!Iw!QiB1Dq2)GxLIZ`2bUHd;!M?^D#bPzgvo)Cu$!6dG5t?!TYGyd_Ex0
z2+O{G=XM9?8xrXM?}Y62yb$}RoZ!?~lMf%@!n}Ouni`|;xu!!sr*O{SQNsfNTt2)~
z!m{B3-QXu)TsgAJvm1Xo{|dHw{m<uVp8(&X{nL^mfpw7Q+<%7sd!GejZh+4P&<4GY
z^+CB_J0J6VC3(IXA8?I91lA+Y>E$Xdet>g>{QgiH#)7X<20=f-|N4BxocrZh_8Gwc
zwbS;s{%7k#JOhfRJ;Uz*2G|!kVb+nDHRj$qWPJO6;UIS!^qJ#wU!20elYYSc{>Sk{
zJ?VOF-!M-y?0n&hk(K)|9bT!?+EM3JC)-g&1Dj{qzis0S2U=<|p2aO0Q3XCI0Q2zJ
z9*XVaTpv_|{zAtD@LOD;%ymZeyS5y1^uau)1i`fex*x!tz_;Wb-zj(JHa_Gr@+*4`
z1b6k$^FYqMZGF-)U|zaK{hZU&rPs*$uBU}<7qstXUrx|hoB-$_OdaX8cf|gwONV<p
zA^zW`%Z3N0>-m7;XQ|EM&#Ha#!_>j8Q`Nqt(JCSGRkd`~Meqs5yhbpyO{Q(dnwqfz
z=L_fdIpcmn&k1mRg7M(6#7W*YgYsR0vS;HtwHV)-_r}yeS*<aCPvdu~^Rj!Edu`v+
z^I1k`9rjvWHo^G7#0eR(zSs5xus+vP%YUh^_9Ttd>jGCU4^y+I4OdZ-Gu6QZN$Sv!
zFtuuY<1*(1cz=e|g+F=py9kE!{K%%5kI7gs1RpRhak6zDb&3BAIVYWx{bhpz^S`Xs
zZp(wXf01qbjPY~#0lMEWaohLjL+B3>8+hmcBQe(B5i?lr*%PNaeeqxQ;J>a_58i!)
zdf={W)rW6Cu96d1sr_4KV7=fu-g$viJ};>KnooRT`~c?)`A*Uqe0Hc~Ld*ruTRYn8
z15DphHnd$@>B|7(I{kbX&v~C_j0d~VSKQBIIcHT2F~2_>&wC%n^jHU=)=X`o{`w<T
z_3HAjy64Vj>WN2gQ;$E~TBrB@-?i$?kDpgZ@V-FI-1ce_<^xX4`vN}p>(8bOvoFIB
zV6CzC1N70Se+_}|8{h*LZW?1<M17L~Z|rMTWovuyY^%~dJkPV|n)G)g^6LK=K?jXK
z7Dktge2#7ZNlV^TJGQP<|9;|5_1J?gRr|KLs&)_EqSHs)v{Vn@caw_Uv{-H5&;|ZV
zuN%nQx0I0m7Wtli+QoMcxQ2jovt^fi%$8S7m;Z9zM_??lFm8%<Hnm;8FIKi}o~^}m
z9lfpt>3eqHpJ&`pJ&VBm@n_WbX$P?XMd<&xto&TX$1YaSwEu^qz0>|5d$1MqE!3+o
zKBOLbpt)MUG+6D99e{ZX+JDA;Vwuky8Sr@l=U`8>574>-9}tpYzdM9ygEAjbM%;i|
z%dzoS{k(6Ztvk8){XAwq#-F9ahV1@7cHWcf@WDj&+J7HVZSQNYo_O>&_3-`8)!+eN
zt35kbsrg|e)%I;0Rm$>@^*cjl<yl}sIM#ju&kebzkbe9$`T-LMjHlZ7dDU{^9b&(0
zx5|iFRG4N$PqeSbxc`~__WkT*3cR+br21Rfzn=U5^-6W@&{{P+c$8{;?+vQW-8Z7o
zZ=seio~%y(m8AYS9E<k~V=zx}lb$aq%j5sNd;<Ld*B0|VWIcX6J#z!z`G9^_e;Utk
zUrG#67M#e;@4Rxt`rZ}xSU=akpU3cdw23+M(#6wKZeoD>&#1rt+^!<#j#D4M`;>bA
zsk_wA!@pO@4#(l0p%j%E^`Up{kK<2EyGqLE<+on=frW!S`klkm6bqbUAA+?bUsCr&
z?6o9i!44{78xi~KIsd4itb6&q-?o1~<Mlg#L>=OMbE&d@hb?e@PxPF2>gc{D>d#}T
zYR@iwS785Ub#V7G6}RwZy%u;0*8w`tDerkBs|c*eK22kSQ_v-aHRR9GrjW`zL#5QY
zOz-HmfAsx*ZJW>anIH9s-?%wr&-(JT+W;NgFCBG(T0ip+tOI;nZ3?+pE&sKecioSE
zPoQ+a2T)S}$czc*nK3~QK0YVkUx59(AHn+qe_&nEom743m%KY%%6tIE`+9x`?{-$l
zdY}Dve3)zB&+k{5{-mVzw5at)aXtWRf%uG%&jq+Pfb#>~U)tXVEb6`I=X}bK&kNZ{
zm*AK{`vB-wD*i8d9jd;0ucVZjL4|D&p7ZN@Kg`oUWY7EMX#4d2y6?xFQhs#o%pZe3
zp7w4~2G{zPB!~0?oWJF_$@DtUl9?aWu_XHbxjSZBfiyJptf|5pT`9V8_+}lGVXkJH
z9oyyj%%A;4S?K#q(q_tI-6j^8U2?I&N%kAiv0hYtj0t2MPzrp&GW)x(DO0U;Ap02G
z{>}Vfwz)sba8aoq_m`Epr1Z5jGZyf^Pf&nyel|Vvb8b5Njx>%nA_rRSsQOqZB=do1
z*azU7K3WENf4ePwGRJ|8{r$%O?EB}I;yM5F*e{=ndor=W9QgWTewTngfZr6|xpKI7
zE&y{+vOe$(`T)p7+dswt?}Sm_-K`UTe7E-RlwGNN-k;}lfYR5`o(Y>S=rwgLfH@vM
z<E7kl(uqRs_pTA{V}&VYxd*>txmJyk^?_%?1(<nQ$^o%hs4eH5V}HbM{NGmv)g?K;
zY;(qUJ80*{=m+%LAoTqoQST9BRQS07yr1Se-RS&wEggGB4RKXP|9{YyZ;r7)pBI<j
z=lx~d#!9u1#4`eZXMq2&pqP9>I-fP5zT;7YTsP7O4Ef?x&%<q6pLQE4sLiph<>j}i
zzx~{QkX0M=GTJ9|e$Ou;uZ06$YUv2B_Z3t$4k-5}_#Z3y{|{=m{S4Tzp5&xI+4p<j
z5$IzrP^sQA=;~n=ZyW&sQyI7zxDvPwI2Yi)D!|#mIVFYHpS|{c`m)eomEH{M>Q+Hr
z-01+*YzRhq_`pE5U~tJ|A?nWyCEbRi)Spw^i&AGvpPN&go%`7a?{+0Mr*B|3{qUzV
z`Pg?dxSLyr^sJ=E0k1rD?fLE7mYlv9(2i((v_aY;^OpcMfJ=cY#T5gfu6n==z#t$J
zI0*2273sj=!0*6e;8-z%^&Pcw<gtftIrP*cEl)i2XbbhU15Z8DLJ?1Dv_#rcJ@qKS
zw5UKmyw)?1wNTFj-s^g=!RtKnaL!=4X^XQC*2V2&Yh!NrsN3H%qy64%+wJ$$_9wAV
zw;6Ssdp75szV>?g&bYpVE6u5&b{jc3+fR<4ZHKy$YQ7!%VPsR_^x>A&bzl89dU^z9
z1Z}_x?lXGKV|~vr?6#@*IO<FTXp5|C1uzPD1Gok#_U9I;vnp@{@Cq;kI0W$eB?kCg
z_27NCsr&A}UEP20?dk!b4YnV8ptZtyOu;|c*Y<uxr`<#RmPWzB^UQrb+U8bV^Hz1=
zJ+0N<ceTbfajgeXCysgi;alKeym<Q2TVO9<aNm=_<7jU?T)!=jZ-YASy}Px#_g|<3
zbv=abN3h>q$D4ZVEliuUoTJ;HSvT9ucHe_*-;Xx1J-o*!(0;b_X-B)cuRY4LoP+kZ
zz2D2DX)o_T%QXwZGtYN&&AQ1qxnX<B)xH0^P3PHW9#2l$Msoa&%{jR@a$p(T#`d?d
z@0q-}xv#Z)1a+JCGo`*1^d5K~^{{>0R$1zD)_Vr>f8d(ozz0Ap;L_si^PTmeUe0-V
z2(zF2m`8dc@H`L#Fcu&`rvUmT`pn#L(mu|Y)4#Ak1z6Sop<Cv{#wULA@>RRPf2V=!
z@Mfd*FJEh-K7RRX^~Q78sTUq^t{#2R>mR5;1a$!CLSI^GnK7RmcpS^A>pY)!|Ma7+
z)cgN!t~$SWqZ;_tb!u#vW-6%P)hc30Q?-0lW3_Iq7n{a6QZW;}SU;|@TK#Kde7n1e
zS}?S!3hIBgn$Z0kHKNnCs?Vp_s}677q~3k8xqANbmik(}4)GAK`$!wF-^g#9o%ch%
zr2dl!-UI8T-MsX4OZD{|H>rM~U$1`Ye65<%=W4ZZSW~s~m&R)Cn8qp^ZI4FVc`w`-
zIUH@qJ&x^ijT-pn^{Ug`H>%hF-9pz(KgM=G%68&f+Q;R=tG_n#Jl0{_X*hWHu~zD>
z7n-ZD(B7UO-=KzexK{nv^%^y^@6{@Na8nfpPFJCgY%AML&e?t=hZUn6>w60saFrV0
zt(hA9&2_5l2REpXU%FX6*S=MTT-)A{{(}C*mbtTyzIiXN&<(WtVe~Z*-G5s;V04Lk
zeE^6776PHbRA3x1(awh<T@EAw?ElTVCS@JQ26D3#meHno9`lQVw}C5d8`QRF=iS&(
zTg}+V{l)cTy>|Usu3_(MjdU(x+R3(>do?Njg1Hy&V}1t^1bhPA1vCPxBMv<Om1nNe
z&;FCASPN68SSo3<bt-<MrDDgs)cP?2YQ^ZvYSGXtYDTY%)yQwJQs2CJGxWZNwtM#7
zZ6EOZZR#E6iFz}@?Z;p<_v1MD8TB^wkG4*Iqke6h*+3ndQ&0W1psxB8I2K+{9i3lK
z9hp~89h&O^j^T0KcNkzf!Q*+}@r8BO9})G`zOedg%ZvtU^Q4Aq`RFEUO3!B6FVN2z
zpTIWL7qD%4*_b&-_t`j){o%(iH;1iXqw7zc+EDEct*`!A;Jt@qXan1S*tFl-Znha^
zrp;{k{@L|a^0bE9r%mkMO#2er68l%$uerXHQ{TMdoxbV*d%W?`zuVE)Td3|I-2hv?
z2LJb@sfwN0NTp71p!S3`P``sWa^}l<M!U(q&9{*Q%Xn`*_s@vB>Mxv68SDsZpyI&y
z68N@Z9j{jJ{^wfw%9e;N@ZB}|0e}5D_wn8sliYvL?OI1(c>Lyc^g*io2lckYcRY>z
zydJ0nTmn?~XJ6P)TjX3>HK0Cl8$i3A03-n?0Hcqz3&LzWQ?q|9${zwUu7`XUd*rsi
zwv^O9$MyAC!`}W7DeukrG;=Ssb>kB_ZWsYP3S7wcA<feEgo)m{)=gvG7sO4pHpWe`
z6jE*f_;wq8fr4L9^b1?3dtiGtp#$~RR@g23xuG4d(>87T8q}}lYEt$+>^FOTa)Vlg
z<7q3@A!FkQ=G52wc8Ao5UfRGhJT5Qn!7&;*PoIx%+CS^0k8ob+5cbjEu<z~j+4bsw
zPqoy2INQgz`tt+ar(<0l^U5<V;QOxAeLC&J)J@yik883W8TXJ&+fAE!>~6cg2T>pG
z$Z*1Tjzhov9^x1iXZUL$?T0><F$0gI-{|tejcRJItI=mS(!S-WT`%jV{T>7l^f{)z
zhBt2K#W%}M`zb4)%YCfR_y%5QPsrseVsKT}=aX9M-|buIab&xPyzw8~OSJX&_3EXk
zZd5%#s;j2=x=5}0B`_W9&s8e0eTMZI^%ZGGJZ$tA@}kYtCbQ@=%bh=zbH46wpbx<Q
zkFut1IBkUcjO`CVUeD<v<uw9;T(9B0UP<TK7JxB<<^<`>fU$etgSn4g$bSdu*u}I9
z+q|bN7~l0$U03vYS55T!sqFWGG^X$aO8W!&gw5kEl{mQy<X<mC=IjRu`v3Xp&%Z(J
z&A5+oG4+)?$yk$dF!lR)=mzc6SI@YwIAQ8{>NM*=G`GI)x7e1{=?zubk5{WNUuT=W
zHe_tf=xCdJZ&fco*;4nPTM<*R-=?0M`b}EYwwroPN}s}5W@m5%6^!xCo6o_9&=$xp
z!%rFCM8EsN|C*~Qy_zY;BD8Pz&1@&zW$JWtvA2ZyHrLu0#&*<DJ7#*+@{xh+hxZy_
z4$0eo&J!@sfB(g13c82*(xdHt>vZTB`Wxt5THFK|QrD^tzk2ll68Zk!1|G~cYkLO=
z+8&wu!00vYL+6d&GsV7(0LBIJfbj!Po9SjB$8%Xnsj++Keb{Z}z3Z4ADdz`yKlEu#
zhXb`7$MJr0^kcAd9aA7}2<)NV1KR%WJhmwh!~oOIfv<1q)hp<b>8}sK|FfSt4EtIz
z^eXkvf12w#y}@5!r~6{so9;KzUli3=igG^nlWk^7J7Hf%pTM}}qnDcNc|?x8$s_yJ
z9vCAh!KP^Uj48~yMQKBR&Nc01zpDM~tOkgyuho8v;}*tKoGW<k*%m5zz}1>l9>;s4
zZELyU9`kdpk~(H@XhXyY_0+Z*Ra7cs$6vm$uI>ImPuvW<zeFWWa;YuT*r(9uU1~FJ
z-m81mKOKJ}eVuxYG)oM?efjx8j#>Iko`Ze#1DycQ>uXsf-2`Ox`}wK+Odo^xniznw
zJ?~>LpkpSa#)swkY{GDh^jhEuK>pM1l=%$%-!lDt*ncDFmA7xn&>h;94fb0c&ra*z
zOzYnP#I`KUIJTJkp2F6vZOm>nZD&tt12y1_>-Bs%eE{bTj?9CffPc_&?ipyev1R%J
z`XJ7WzVJj#{j7uYhN&|eX3Tk*{=Kk#l+1Yz;A<Nw>J7(`6T4liB8Q&C*dDg7`*^3#
z+q#ye|4D}aT})d;TBQEi*Cw#t65zZdZAX8b5NV<O%$e{7rmaZ-3DEYNu^rq`<hM=W
zRUeD=2H+3CkNtbc0b6HWX!rj<_V2I_>LKF+XRKc`x>bBWh5aSl%(%Pjhc{pjznPwo
zEG;%gKft*H&ebg)*;IY~=1poFVgknayMv35hmw&~1Ni=in3KIo$N8L3Vt;SzS#GI`
z0Y0TJ<M@2*bZ)v2+tBeak3pXEiu3{R*xNd$&h7ltQie90aZn57Z#L~W`}5mQ!z<Dj
zzzM*={bT?3nU`e5|9R<3Y3%cJYcu14eeeN1hQ44Qw;g`1G~~^=g>7L>pxa!^+L#kh
z95-&AacO>S->HL)0rcE8(jvtGPMd(8Xn%sVF7Pkgeu}Mr=e0^QkG7k6fIMS;f9(LL
zrvJ~?{^=KX%&L}e`_D-a%EJEQo*ygDdoImw%j-Vr1E@osPoh5M17;rTW9qKaReyS1
zn0>Gv^E|Co&-dkaZ@34}aTMBb8BUSr8vj#PJ7!g{5cZ#!9!q)QV<Y;2ok5qw_T73;
znR=BAjQwxMF&EJekQQ3k{n=4b?Z;o8WoaMyH2r@r^M76$?F_mC_RsNL;pH#q3U~AY
zyMnL8GXPI+wr|Q#+Ww(P&jQMlO`guSf?M<auQBp_ZLW>qH8RlYF0p^{eZ}Pa_hU|Q
zcW@0n^Y`Qx2N+#k2i?@)3_hLqQQoiRu>V@fZ^?)Kr=t%S2nW=GQ#MW_CAggi<jYSo
z4%i)B6FwjyOFv`lpmU#j9^Ibyi1K227Es=8J3sdaF7<c{>4m^XfV?y2qTkJeT^P4<
z-r4*7pU(gV6`6y*S>$hQp5wy?^a1n-Oif?m*C#Lz*b_n@5SUvWV4ejA+xG8*ZWil2
zKz?kcJRbu--N5z0KY&|-*1p&_<D&MM1AHEHxX%eHEC>JI5p>y$JA<mdwR6_xUt><F
z*Y1#-!}o^P9ScP638{TxPiP%~w$9jqK7sxqOSz5%v=0c#X+4nX|CzS1eSpLO<=G+0
zy_GozHvMLul{)?WMmvM5x84(4s~zU}e%=#OD;_b@?|bpyh}Z7*{IMA)WcUKF52&Tb
z0$ghjJNJc&0eai^U#REZWscO-*kEwZ7$8S%n|ZMZJ|C!_3#xgJM%-C!u^F!AHrFdo
zDonj4Q77A5T=hnMW4X3ZujYYG6<eKbo4J3(ZGqDu=t0mG0kH7^jNt=e+kwX-T4a$s
z+N`&sH;piM{1~yp1mF+vn29k!1KK}h0__{<1H5AazjJ~n2G{`|<ye(^S_$yjd8gh6
zU|%4>RF@Z*JfxnS8Q3t{J0?R~7w8Uj27V|czQ=jJ0R3Iq<dE|N4lb(w7SJ8&4E#_C
ze2;T_0so1f7NB(#^|!XK!|N5Mt-QxBz;_#`xN4G}eG6(-#WgwtU4X*0ljpFleS!N8
z<G4mUfSeSit=(|`$H2L)7ikuoHP<Rk3OjdgpLLlVKEVUq4mh?Tt3TK<)(Y4@<Ko&o
zgRl56;(`^JKlsy*3FrqnSCHnN6Re@14LaTjGO>Vp7Vt9LNBb^FJ8?Yc4d^GtClrLZ
zd>#v3(lHs*e*y|fw^QZ|ij(#^TGpwdRja@jHUbJrvs2~^f>ZYKVF|O&(Yk|cyl-FU
zR3X~vyvKCd|81lS_Fo6r`MZE^^SzIg_W3;x{b=9MMQm%Def}1tm$P1^B_2m_n|X-~
z&yEB4hc(C&!|a%K>Ft<17_ld`?s3}>&<C9I`T(pC$i7C%*#8RH@Vh`)pg%Aa7-?fT
z(!RjAz&k)YpgExZo#B!x_K6>G5>mvx(Iup}1GJ4NfyaR(z)ipx0PU;_Fdc{hE(g{D
z!+}cyp7%8Hke&Yzn-xE^N+sAsG_VRd57-Cv0BQq=fR})~0NT;@z^A|gpgJ%f;Ca=6
zL|_5y<PX<)*S^lpNWTNN1GRv$0NYgwNCEl)O@O_?YrypY+sgDS=3)POZVL8)C9XkV
zGZd%+uuabacLT?PmcT~<@8LpVDzFJ)+^`xL1=Iyj0DZkJ)ouL+*ZCW`2$%-s#NV?h
zy9+pKr!OI8TQ2}60J{PG9Xq5YZvUqJOyLLIuyMo(^}Kz>FP0nrp#jDaBQbx7v4I{7
z&<CXL4EC-Qgq@oH-=t<NV7Bv0`Ci*jAQGToxC_wl6|zmpGcKSnD7ILL^;Wc>(IuqD
z{uu|{0UQEo=dS>YydWJ9gxL8N$oI4J)Ki|<0$~0{?vI;!7VUpCu$0?KcLN;&4{#88
z6le<2)@bLi0sHJ@M<5?%=VOpx%shXn|2_LU)scP#q}uz3AivtqCn4VvI1ixh(5LZu
zw(nx#ZRUOKpY729;}$9NZGh_l+J8;pzrbGBk8~Wc#?CKAzCXb64v+26{ruq?V}Rp!
z{x{@9?Yu94|3cZ-0R1l0wt(S%6!QCkOYCz`tNrtu=C=cL8nAQBBUICNw`102H(~rg
z+nyi59AU$>9YK6wz_0!D88zQmBbax>>^F0U&N__mh{rjDfLl#_kk@kvW?RyNF#w(N
z`t(fuzZ?7h51<~_1l|PFSu0ZZL$mGtD&)1EBc)B<1Keuowf)CuxBtDc4cb5b!eO92
za4kSvyBv5OIKcXmjs}+5dHRq@=J~@ljQz8Hp90%}K!EXxvHxV`85>*(u>XGwxB_5X
z>DS(2-jDrr{7(PGHa!U30I*N52fP9p|3v#=&-Nf)4h#f1-r=#@FWPOT{r_#}=|6Mg
z?|zhB2eALY7T~;rvH#J?mkRsmeekDaf;mk*C)PZ!{Q%w%cpc9W_tOu+KcsJ;$@d1c
z`2eR)=a#3v6J{+7eS#TB@I2<jf%^cxz7VOz0$$M+=r8oj*Z$cLu`j3nUkSVc82isn
zf9W?`0kp52`hVL0Hvs!d+J8IX8i2M|9bo@&?0*#UdD(vrT<a5HE8qeA*?(2+r~N+x
znEt;S@;UYYeQ;eDz&1Squ>Yq`*8yGz{Mr99?Eev{4CH42?EiDJ|NBsO4M6*6`WRsB
zztr^qzRI;L_zKVO;Wug>+BWmj`j{h(;dp>!0jxdA&BhB;M!RRsVB!JhX8}#wE~JbF
zv_JA~r)>LY06Hf24{Gf3KW$#@-@mHlxEFJRdX6x4+PRlvZg81BAAos5d_x4^5%Tj)
zpfI-YJjcWaW~}f#?EY;wkoHeMkYi(|APWOx|5@h$#Qw8rN8TG)TdMopq$y`#0^47o
zY5SS$1yiP;Q<SlQ)9!uq^aJz(CLS1#{Ml@^_<+1+$0Nl4#s2fBDcO(OGQFy{{aM{D
z4{U!X)(>z^5Z4LX>jpUv;P(XU;+yo9OUeh(C(!;m7GOREFy9`MI3T;&vg{H27yHkm
z5Cz!4|4`6zKh_R?Y|sCnaN2%mz5%|+T3f$2Y}=@BKVDqhP9IQ-w}R`*d_XQT75f+a
z&qY0QEW&)hwySM3E^f3pw2oN=knwInrtN306NaCFo#*>IVukey#s>^x<6-|21LP=0
ziU0jP|C9N@T=c~h!M^ocOneVylx^!-;(lNI=Qf@R;Cr-1dM=nBpJ3($c<ifeFVZY)
z7|lIMD)uk-UvMih?=@|odGYla+y8El`*ZC3oxXrR0P_Z%3!t5vdAt1BbwQ3X_3pzp
z8uAX2$~eG}s3rcF_}`CO<htw7yk<J4-W5{wOWU?H-UoErdT#lYsb?E|=KQ^Rj%W52
zHKqL@2UyQ^-V9Rt{)iu`iv5fI`%#NLcg2peJXq_KY}<Ig`hIgPV}M=3HSyg__kP<(
zX{TJ<LqEWj$ZvdLjx*;up9gZ^7~mY<5K@T&d?f3~{<#i~Yx%hTuQtGSvS$6?MC9iH
zZeTU=BdbHoHGdBPx7qm@x!<w=*R12?yEB~tu9M~Zzb62$ujO-hzH{>?!1n^&z|R2J
z)p9Lf9N=&LZyj9kGl1)V&jLmOdQCo3uK(=}Tmo?I>@xt@3$v|UH>lST`-%Vi;aXgu
z%r><JZUVTbuOYzoiTinPNPh!1*m<^d5O6M#+xkDQpU#QD2T^t-@H=n=!1an|{ol{X
zmx}ejSnsd<evIR9#+?7(#-?-Y>wU`fJOO;iuhHYID=;7UIqWhDF!OfKzMr<u{pQ^O
z<_);d_Z%M2^A7+&1OK3Wkc!=t2tPmQm6j*c+o^BBEdbxI=bBl*+xI+>##51UExV4V
zkVXQ1?EU6EzAwnUwtxHmpNw~RU>n<k4ghU>H^BAv^#Q&&dl^9c+QB-J4hFQ%BV7mh
zd;f>;#=Q?D*zM?t{3<&ikNoEV{Q~_1*VA&{KihX6@CNff_MeXHbhoe1Hu3!*u223Q
z;QLAc22A_7{@=XU6p4H<`@CbwJJ<jJit8M++msuB<h(IJJ7-ECZ0vs+@_T?Y{{9cY
zAHsXV{C_9!w*<33@At9wjCBBx{a6>s=YcgMg8O;r<q{^j&w`EK2z&tW`F$#I6fpMe
z^a=j*T>qB@Oah(<Y605jP0BXQFFOO!DP#Y4P~U*@HclWN1k44vzatO_qyXK3-M|`v
z-``+4`!?!2^Z(<Ol7i3UdU(DgYx?~^k*BTn1o*D~bYLXFzLxLL%mw)VTvveS?E-!P
zXjAi-{+iKN^Zw63Tx%h~KC=g~9-!a)2H-mSD1biUFJKn%Bf$0z0K%Dv{kLLUvHq9u
z_tED0E-$}V!Zu9-Mg#N<Lx3=V?fV|!d(C{GfqAxbEzkqtdHQ=-tQXhd`@g*Acfe*K
z1@On;MC>00kawnhSJ-*pPHb1R>(nx1{&fHNjSyZF^L`_3n=a_s-?smn^FsSuo^8{s
zdbZBIC`<ngn>`2M|F(GycnjzN^ag&k!EXh82k?6Wj{`jREGHM(=KDZ0@9!kVPaZmD
z?4SJ)ZHD@H5;zE?1IK~=0Ckae#$%X20{mg;S<Z9*w($%vl@fCPS+Iq0fVNJ%U~K<~
zBhOel4cKp|e<9^DJeD?p1YkKae)IH7TAsMZtM+wxP1-i!Rc4#mp2K#Y`&h>P%(HE2
z0R00~-q$YJ|IKWxz5ag-uERF)`Ue2EkKY7fo<4y0VcK^Td5&RtEZfQZ;<4QBz&iQE
zHTnbOl-JCQzf(Adyz^L|LtZHZ=2roi*>#=~`{%cUc>OiMSZD1CtsUiWy`Q6>_t*Dx
zAL4)X|G_nN9Lf5UCI{+wcww(adY9LnZ>L#&3a=x-oEd;_oef+KF!m&_0vb8;4UunZ
z!{nP_n|X6AkLSB<7w}5S!RNUSEUeW4Xa+R0)2om+w)0JqHnH>E$L*^D9?RoQ{u<=#
znAXE)F9xm!8Usy%tL^+%jy(6VjK?(d$!DCmX{uYV7vCFkWuSdcXZzSTXZx6Eo7h%o
z`?!zWZ1;6Qb<<XGaRtx}Fr1M?lXvn*&dHzQ(#XIZ%T)KhrtZ_7nz29L>1lxR`vKej
z3o`dd``7UTzA4z1?f*Uerfj|p_N(9FLF)TWK;5TfKU01ykdS`<bSr{fuR=0_F~5$#
zF!y&O>=(AIzXe)Q`^OsLdVD89j}ejT_xCF#p{4Am(Z6tBzc`Q)d!c{59H_Nvs^>~?
z>aLNQ_b?Bb@+|q9C?j}YZ9sqfij?hNQ1d*X&VGEe3#fs7EpNVN&8+zv*yb_19LHtk
zxlf;mxW6*%jGZ3n!8M%MWSgCBMLV4B<FWd9?&q<lt#z<pzkkAd!KbU3IL+2ivi{Tg
zL(H!2e^=0zEn&B`e~jfb-}T8~zCjw+3-f;pw`beoQ_g5ib2|B}XxD<?2LLMpj=?#O
z<@lCkTW*`wnddQPKlA1s9utHZUF#pl*YDWlY%|{G`~b(@X0E{GIc7I`rUcJ1`~O0$
z-jZ^OhW+9iX6}I3V_SLsoZ82B`nHwx5j<YUwn%k*%ZuC*^XvP;n%`T!_FtH}|N89v
zx28@zrv`c1KJ$_@?$^qTd`jDWQ2&8V0OzjX2aW;rfUf|~&5Z>(KSrDB0?YvZ1o%v!
z&la`<{Jsz88t1E++jLw3`+d*0<t|7$C(rq}uYi@nPT+0e5Wu;|ZvoCF{s!=P`T#yt
z2x1=gujl_^|21$8&a*`UUjS?q=kEEefOgL33!IbZ9OFm8I$#&@A+QZt2JpUko}T|l
zTE6T*w6@p&Lu=l;H;ny%f$iUZ_Fr=@broZXa>Y++v%fRl9_T;E5`5;RzvGFN_R;~M
zUpN3f0&otDHd76F4bb1$L^>QW=S3sG*xV27*4RJS415HnvJ5HL;OOW7NRxmL0N3R3
z`P}0`b%6GN0q_>{uz&siU)cYZxCYyypX1y4Hb}1p=&R@-{tN8kwUGV>thV#?8T|m>
z7oRKW=l|Shd3pI^&cCSkkMTl1g_!>Za)Nk5`u_5w9DeQt`fu!Cum8jLUV!#r31F<<
z9=Hym-EnQs>%ak4g>)2P&f~g+NOK9;t+D@F$bSlK0|J5JfVN4b$pD|tUkLCy{Zqgd
z0PX*B;9chZ*neMKi+0R5JqX+YFfOPEyaMR&{~;X*thd{`9QlDj6@bT<OZ&$+KD7Pg
zJ>FIv!xwP;k9ood_+LS_cW;?~fqssOwL}^7L`JrfmLCRS2gd&OIyr39{=We@FF^Zm
z2k?0zZLK=M{@<VdGluYI|21I4p8#6{58!M6-(g=>fcF0cVEX@R$a9R~&;I-1TAZ_E
zn;rn@pJ>x{fR_P(_RrY=N1!rLZtWlTs_lRK%*zTh|F56>Vea4uYWRWKjdWe*N89C2
zd>Mc(i2eJLQiiuNXRqV+t<x`PjDGwm`*X|z<mdUHJ_a$vZv3y&TBHDLi6r(f!@7{4
zri=ZTukk<sCm7`(Gr>9^_P@rq|2)6@;hiU}r|>@mKIQrNKLOJBlZbNu6Z<b;_D^*^
zFuRFa|NpD~yg#q?|K@$a)k#yToX<MUH-nj%U-@M~?7#fkKi2-}^?K;byYCIH$M`=t
z``2@Rc;0^!{}b$=)bt%emrLAVeoa2hor(RIKl_IrYx~9j48PAY_Rnb!-~`_h#{UTV
zmWqMA#Qj+;q<n9P{g*%cHyWEbwNfRl2iR?o0sPs&cfLQQ=H%d?EVo+so@?vO3*>p9
zA+Q3ZV*lmS{{LQlhqhxp%Nt_bzwaC%w)M0AWyzDz((i)enW5Nz1+aPNEsFh@Py5IE
zA05ZzJHY?6-veU*Z(;!S`>_4c+KF3dUR;OzVBQ;a>W1XYKLcX_<<tJR;{SfBRqb_u
z4m%HbJO?zkpR{$xh1XKUcLaIA7g+waUGC7A0f+sYb-c3v*O#O+x{djNJr9UAK@ZsP
z0_yQT{6XB785isS$Gs~=-t8@;;w_eDJM7=A|J{v!9RRMc=Xb97{?Ana*V>x*f6V&Y
z5!h$Wi$UJs`#)UI`!TSE4MsW`Fzf&M{!d5XJb>RCb-w>|5w>$$|J#do*=^$cKV1LI
zcY109{{zhXKV1L6#y)l_@_dhx>zd2$`#-!_=kMtJ8?+C=cL7H5y&k;Jvp99yd3AUU
zo)gGizmu#An1?NJ{qF`~H9-5`1M~)(0DS-N4S+Uw3b+N}`?LE1zH2iP;5YB;0tvu;
zL!q%<q_+Wlr<d#h8w0-q>j1v<!}os%05<}A0NVR40N?*%+KG9*|I?iH+VB7I8-aZ9
zuo1vE(cT{d_)hYjz~=z(f$s`V12zIz0KC7SfvW-5VSGrrwgJ4mug3uRAAmJ6C-5!4
z3#7l%BDQZdwPL2wf2|itD*=3WhyA<xmIm_$0qu~-&q)ofs@I;tZu!nH?f8_PGG7p+
z<9LGhe}`@V^f`rXqq!gR{f`P^|3<s9o>$BJNcfE|yd$V%0#hbw#bp5Y#Qy(HpgYhN
z=nQlLy4iW|GyA!ZWju!YA8fF^7x2RFaPQhN*zK(Vzah@PpXdy9^U3oYA1vd3mh+q9
z&OEojh5gs0gwX$2#Wgwryq>dtCePHgmG{H8vW?6$<u=g=xQ}%r)po&rdH(H~bt&w=
zhJ44XJPTRwO&Aacgn<GwfIg6OVu8hgjQ$1vHvc~uzxPobs1SX00mUYV3j-B`0r(JY
z|42D!_zN%<m<CMr$#dTnU=lDLnC!@NAIpeP;NK(<sf>jygciw7mQ@CfjUwf@gv|f@
z*^fNu6Zt=W_-#?<4+H%FWz4huIKcVG0|4g|dG0=d<vqy<(sDijUsh!<?G^?M1F%uk
z|8p$?zaQQQs07fC9|HLQe`)ItfL8(i{2%E!U>)m0x(pZyoD1;SzV?2xe?zpS!aylx
z0JiG1f7-nMb~jSy+W^-A{J(#-ftLaOePX1(_WvXH(Qoir{ryj*V*jO3=F%i#z%T$C
z^|gQY|D0bm_J2L{jP2_Hw12%m5h?9ofBzRL`+wU1Spbg}`!@tjDh!lj24JiH?B9j`
zwEqVH_W${{|H}5UV*jOB=F&7_z%T%N75g`2NGc3eFb2f_E11CLc7*{417iOUG9)Vu
zR4@j_{wtWk<#vSu2LodN4l*Pw3{)@%#QrOoz~y#@0S5zO{|+)FD-2XH2E_g=n84+B
zg#iZxV*d^@Br6P5Fb4eCe?RQwI)1MIYYXuGAFlu7`#-M%`$-Yf-+&EvemU|#0et^Q
z*8f&89g^EEy9~fyo$LSj{$F?7rcWZz^}p8uzXR2P=YZ{YIoJQ|?-L_k1eo`Rjv+7W
zf6J~)NXsh_1F%*7jSi$&0(_r81>iS8*#9pDBJBKZr2MupkC_Z?1^7(>e*1&p2;h0s
z0G_A6|A|!I|EoZ{B)3}j7=VqM{{J%MR{*r*T|hKI8{cl{cOu;a!~%POL}0U>k3-7;
zH?R%haUYTir1JfrvZoT#;tI$BZ581E1>twV&Ic|As@gF53$V>&SkB{2-g(|7*nf5f
zq)={I7!U@80bxKGD3c7J-{yP&j01`aJ*Fs=BuJx$0bxKG5C((+VL%uV2801&Ko}4P
zgaKhd7!U@80bxKG5C((+VL%uV2801&Ko}4PgaKhd7!U@80bxKG5C((+VL%uV2801&
zKo}4PgaKhd7!U@80bxKG5C((+VL%uV2801&Ko}4PgaKhd7!U@80bxKG5C((+VL%uV
z2801&Ko}4PgaKhd7!U@80bxKG5C((+VL%uV2801&Ko}4PgaKhd7!U@80bxKG5C((+
zVL%uV2801&Ko}4PgaKhd7!U@80bxKG5C((+VL%uV2801&Ko}4PgaKhd7!U@80bxKG
z5C((+VL%uV2801&Ko}4PgaKhd7!U@80bxKG5C((+VL%uV2801&Ko}4PgaKhd7!U@8
z0bxKG5C((+VL%uV2801&Ko}4PgaKio%rT(kCkzM!!hkR!3<v|lfG|*D8A!D{<aX~1
z5ZqSI`GDg(_N|@c0UdR@l~egCZ?RQ1hXW4V<vCSgS8rMVTaa!}w>*9?;BCD=sDr-)
zQZvr?e}M&=<$gKJEVlgJL1y!C;2qf;;Ao!ZkD?5AcpX0tNacR>b7il8fhp5zhinIQ
z%u-%ETX~k^><u)+wGYcCf-JXZS$-O*va}%E^|51tqYZcXIl$S5+CJr}B-K%YuM)E8
z4jg2Dz6^Infh*ONX1{^V5<BN}{cPnOvK){_JM^)4<WXKbOS$vby_d>*gW1co-k^_o
zP(@Y=W-rew!7SRT8<1CdRvSt6Hrn~OgYyRcl;4p@d2MI;0%y(Md=`QVQJ#fBKj&v5
zu%q{y&cAt;XCctf`B@0et=wN(Mnk|-cG+f>dhIlGGh0rRxWMX=tpGb}t5mO}JM2;Z
z%TIZ`qvKWmmZR>DT878($f<mxE<dIGmP0_l>+-Z5%TMZZ{PEX5r+^Am?i8TE^Ybcq
z3fSNId6suDcjqUi&~qzSu;@GdoR_)Fr##iF+|jztvUJKbZQ+{}u-~$3u-xPA!H-)P
zI8E@tn9znnBN~M42pZ5JWE9S#OT5FJtrW_y2^ujbvz+~f!v?dLr)Kfe*~{s(I%HhH
ze|csDvX`TNM?aXod;!Wc8|c40Q^&HGcf|RbI+DE{#d(%z>WKgIGYQC6?(LE?2tqmJ
z<KREta&^ph{jr(yIc2#HJNWU+KOj^7C|6$l)iTJ`59mp4>|%Ltzr4#c$@N#yDW5Km
zPQa_5-lMaZHwYNsz}g-#Ag6NZr@ntvo+*6q9;3g-Rqiw&*6CY+ZSRFL{uZ?Sj*K(C
znXKohJFQb6;9K4ykMn(secG?Gi9c)oDw}wH%Dd!Ie;?m+`kx^9AA5g_Z+TYz@GV7e
zMgMo$Ve{D!Df%ARNv@T^zvfz=d4K*7lX4^fvdK?g^3O|u{NJ_g6$XR>VL%uta||@W
zFrlL!D`2=_)nN`lmp75W!hkR!3<v|lfG{8o2m``^Fdz&F1HynXAPfit!hkR!3<v|l
zfG{8o2m``^Fdz&F1HynXAPfit!hkR!3<v|lfG{8o2m``^Fdz&F1HynXAPfit!hkR!
z3<v|lfG{8o2m``^Fdz&F1HynXAPfit!hkR!3<v|lfG{8o2m``E5gAw?^oVPH$kVP3
zbN=UAANGQ4eejd6b<^*W4_+0K*V1%)+{*s0_|=2m3G03iNKJ|a76+sxE(qAUE5V&p
zJI8%)xkI~I0Zz>AWd(%ywLJ5BTdv3-<)dghad)QoC#)UrN?8A^Cpm6Tz?Lm*a+ERK
zIk>jvne~!&R>&vrv#0*os<L~-5By?ouIHHh3+`&UL%Lc4^Pm^=`&e$#3B$~pNnzh^
z+V%F`TeA4?4RhW<Z}ajVH^i?U^<?74ai7Jn89pv4X6B^i%^`CVH%*96SU)B?DQ4=n
zl(^t68^S+L4*&7u^|QNM^Je#OO@+;mhinHU{Rnt^L4WJ+h`v_MHKVL^{M}{H50;01
z0>|V_hy2wc`wGTD;>HP{EvcDyz9ID0!1#5eS|n|n{8e)7%sI)MgZC!K&q+&;pRH07
z!hH~-wr*Xc5;sj%ODDEbvwK!j@cAmNdv?t3VJQM-$LI94wgK~D`~Bzlww_zi&$@d3
z&-||inZIe@TJAYLtN@gWE@aYDY&rON_qNpK8QjLN8QM50dRk}L_2!iLxsdaGAVR?>
zFii(eLjGRF&pV0zr?#XlO<Onj!?ZcQ&Q1&d-bxGW=1PNniBrHyKVVrl{eWJiK_3!f
z`@h0pJilmwRnvK+vpVaz0sqZHenn*<X32N1<jp~zJ%20h=i}FoYz==tBPDLmi42)*
zd23mpg3KX%huuRr5C^K1_<1Vox4TquXA3s(f^B=U$<?2%u`k_*(GjLu&V@ew30(+B
ztoR0W;YxGQGrqT6(360L{Uv@hoD?KQAMQp!t?g*@iUCcNVy4YZiJ#-O^GuniWs$e9
z?30(M#F&|C!O*4(Ht&^t4_6lX`N}h&+w=|e8AczdC+sthK^G=r>~Qb;U-%zwENl9=
zmJ9m>7Rfjw-{ObA58%OzhFukyuwiVc<jtXfYyX}QL3z`!Ll1HR>^(Jku}X@Wp~45%
zRUxqZ**yb_L+<|SpzNs!S#$xmzXAQj%gY8^XY*cW{eT#ur&lMqEkFMZB*jkCvX5Ev
zLzATFsjE`r(YGf?(6<x0%N^y(kbN>@fuy)ODq`qW+U~>P?-}bk5tc*jM>{S8s0;K9
z^bgu6K;|jXgV&Z1v(DljQwI=BX2df7S*VzMVdq-*acf3AoD>^$%p1>Xd(Yah+j@`;
z-7uhTq$2*?k`$qKZeOcbO?yzyMGPM?AW(((cWKP;=Th_fy42j>E;XlDMvR|TFN!9A
zr|y{8(&)iv=)t3u?4+-BY#=eBL(RACjMp{+-~TqoaIpD>wD;pcW-O09<b4V@&VC?m
zYx1J>om->S-kmGefjw*0!M$tL(ZeZf+oqq?;=z`R8WE_XhI_JM$uN&177z8P$iW`9
z@FzF)1iH}&v0+cI{Tp9V1Yclu!Ndw$4-g-OVw~8Jx6Zf#I#J<$!IoXII=;u4ZUE-;
z=;PD$xDLLYv3mw!<B+-9y?uq2_u&JZ)X{@6=|>JkpE|OC<4L4xhxV>XUoo~G<Z7uU
z!vnRPjlBJ)KKii)I<aUF^}(&?LLb85LyAckGGYYAiI_`xk2>)4CzcC3QDJ?-`nhlE
zdryp>-Xtk@*6_qlQ@SN?7}ptdb>AcQ`!-?2nC}xePV9_%n;u(}7xdk~Giv7k9SdV2
z=fs1%m;Zin_X>4r-&%EO?^^Zy(XA?B$%pBS23l!R!z<-2d)p8A>V@$cOQ0Kzhj`S2
zfo|;^=nJR|MT{LX^Z;_7jd8&h)C0r?y6<DYBK^Q=mN{H=?{By)R~!7l;TO-b+~Y5{
zDw+Mx^vK~I=lzwY>hIqX`6P5=(B7?cV^@r+d1~<x*#58pZU5ARqUZv3!{`HbA>v2)
z1;h{30j&##ix*6ss37-U7%%=G?+aW6U=G1AAI|$O5BY`meMSznE`c3{&F<-n#uzPj
zPEXIaIlVmlfP=^%UN|t|VAP1p$ADc+hF6YRGOW_ZrNb+&iW(j;3Vr<7kprxDv);FA
zO?l9*?Puk%i!Xo=4@J3(9OOE+V1T6-{Aj7g+SZ{HIoN!D_fr>mEc=N0h$T(`P{=re
zz91d_K^o$KHz?Pc-&+BT2bO;w2=3zT^C0`7Hg{(HY~m*Ecj<$3mW|WKEANJ#Pg^#k
z(gRV$1H&Q*S!&&+`lnK({-+YdA4V*A7JRwO>lccs18k4+36by#9A7|&h4lw|oWS!j
zhuD=m5Cm@U{Hfgf0o<qV^WpdI;eA8?ls$PcNJmVb9yP*~4z8U@!?wXm<cU-EF<w1E
z%(v(#OKqCbT&-O`Np<=D6ZPxpA64qQJ}Rmh<c@1)(?{w8#}bSgIesWazmU-%fSX~|
zfl1$#|L4r;`=WeppWHFtGJe({-#P4~UO*QDPoiH)Pg>Jkz5dFx>YjfzR;{kDp?)6O
zM<vd?NB0H!8W;GHa}L+d(1#2?D7-&7K|Y`ZKN}q=Z}Y}xtb_jUDTnQApHJC`_b-&}
zGi1QHFKU>j;#d8so_+E@_2AvtsxF;gRbe6H)aJPlsf7bEFHnTBL0&q*a-#>FZ=yU4
z=nuR)(90S`9hmW5`5GGzdBfYUK@S!=ZJ!)5uFem?xgA5<QpSl9kE>ZT#;E^1*H$GZ
zty6y;T%wkYI9DwhYL5*HVc)r3*Iya+V9{Xjc%gtgz&T|4f$ymUIJaEP4`9wi-v{Qu
zZnbS+&xzT3pkwMn_<cV*gV-PQKk@S)QAw+Nsm)71Qy3TOIl(0u7x<G^N$u1313h4$
z#(OS+9_V-&e)1LS0M0G*^8;K%$9uu^kAAkywVsm`&dV2%>`i<Yp#1>n0yq{}Jj9Lp
zfYU2`r%v(S7$b7bm`@#`ZE$RO0&()~nm5~im@jKT6US_sX$2zgi?`*^cwhICk?@nn
zD}VOGoCD-D0HkM7_P%<+=MDMv1)3l5l@c|`x{NYE)8oQ+58dJ_3`Tx+f%g6L`?zl6
zy;HX-d)h*A^!rYZOKYBUQ1k(u)8M=TpEvRTLv0%{w&0VVWI3K!PNw|3zImzV?dO}h
z9&g*KP;$sgcC5Q3f9U(Q@5g%Ccd=Gd0VkPa{Vn{oOD!AWR!fKH6Fe5s=h%5}=llG;
zuH&q;gz9D6myL8|t^&`ZF=s%VuzB&9YOWUcwO*r)aO@e02cbJ2;BufIPy@IKI2Wi2
zT;K=Xe_s2xx19Ux)7MmG+h=wS96hUxM+J59oDAxU6qrA-64vPeKV?S*_Aej?dsA-D
zA6Qw<^TB+atB>VzHn{DtPTzgb^CD1>vwr4zyt56y=lk1s*2(smw)nO?d=TzsKqVF2
z-OB~}m<fJn{t)0qI=5$a2{<tN>x-M!X!gWe&$YYhJa9|ynHq50?8{9iJmx}xGNdf8
z1Oh3a+<rKwGSD1&510<@1{Cl+upc;N<AA+=6zNHT#}Mg{J$Os{qit?c#3K(dZKWQ6
zxP^N5u@>sz?V9WK8RX6OQ;)Pzk3QH^J<_J7dJHMIpKsq>z4%0P_1`DGcmermaqi=7
zTV@=~<J-4wp`L!!TQBQoy#}oRIn=}Lb`N>$=XIWB{g0!5)J?pAJg>=XvrZoS4C>^$
zti#mDlx@)0LHXmj_M<qS=dj-PXxp=odFwOn<~{IU*hbd>@B=s=c=BQIvCllpGPDuE
zx#>K=-GjFrd$>*OzhF}toRU`?X5T4nlY7d9vT(}f2)20~%R+#Ufm?toxyjzQ49Bzo
zsSk7lSU>AzJ4_px{spW6hC%M1KmKs5SH^U%wrhOXOV!9uSETp(q_+C%jb`fQXIiPY
z58SHm`B!Vz_WoPJ)vbE_-n(1lzFVnp-n>bT`t~|Cd*Ib-+32Qf!*7jM?8HVYesUuf
zH>r_|p3qpW`L&5!JOb-H`!`dgzq?NT@cxbJt>-C+TNLYg;GWjt_*RW}58Vpc+^Y9K
zg7m%rwopHPeLc=a{iB+yji`S!>Sf&<$2V5Xam~;luU11kT&F&IskyG>UbL0xvMyaO
z(l+<D)^(DD*Pm;tzJKo~H3IFP)vuX~9DbErjW$N3KGw~)^B#Du<)fRZxj$W{e(8Lz
z>h$)F(4m{vefQiB4qAhYTNLDt?SH5T@4xNTOHbdZ{`b_4>)YPnx@Y^gtth+y0?z?2
z0iObcfF-~mfKwJmHpj5P2hbEK@Y)le1F#>^@dxz+`C7mRz+5i|`8NQ)9y<J|i}bUM
z;}O<*+h<tYw@tUyw&|`krh7v!QhP!gsg*xBRztqIPW|VJmWtf|yL~G)zS}h_Wm-dZ
zbbdYc=YqQGSVUcQG`yZVJg=TQG&d86kw1cczoYCA9HWm#et%ef6$6f^^=_s<fAuEl
z7W~bF;1hm_ZSD8@^=jSN#_Hf4Z~Z)%*K*d+JolM;dEHIFHBy7Vz7D>km3j#J3f)!@
z-ghf><7PFfM>Dl)d?U3tw7xoqHn1%`mu)-3x*hFiU8a8Cn`w8_)GO84&eh<1Zq#z8
zU+ML69X0pI^G?P5=2ly$TXV?!!*^$YMuhv)TqC^<coA3w7`Y@Pf0ZpWEkA5imIc-W
zyAJAteisJmy#TNC1(4B~An*F(wI+Id`N+z(HcxOJ0ThrPJKj>;XI57S<}}pu<Nc>j
zZ>R=*aXsw0vHE*aU6j?=T<!^}ul9gbg53IpDL2RNgZ#<&9}!;tSTw9D{B}$A>a#7>
z+A)pQpZ5N}IL@5ouYPB}ye?(-=Yo1FW<n$N-iyuE6A!mia|T|eb&}U&Ij^nHD@3~w
zf{$b2)ztEl=csNU)KM!(S5~kal{(c@36rd}IPeEO_%~(H=aV|@lPSXh2Qr==VjpEh
zTcm9CIY@a<p=8c$I)A9g=vzbN_4-Dnrak%^Nt3;6+~Ox%b$~ws1*9|G6?~=IKf7TD
zSF}ai&7rwonUHUCSy=FVBirK(>uGzBpWIOE#BRu@F!l2sp38QoKwnq>(pde4y3Mr;
zQ>XL(c>dndM(|%X)sC3~3jEPtG{9M!&EHz2dK`c>L*7O<lrKP?(8nOX54euyNQ*`G
z=2~{0rccnRvkdLi*F#GA{{c|`ypQzV!8OwN&u);8``5s|r^9a2nVNmYl|p9e@VV*G
zF@24q*2{Jtm|Z^|_MXnVi%_2*{iY9T2tBI@`JbiYCTPyc8*$1`pC!-8=Q<vw4gmD`
zxgO_~Sz+=y=@r^%<bNgdN9?x4{$04gn$YtGe(t~UHV--ESfAInaxTy9Tz_T7SYI0I
zKLwn$f$e&<4ctpTl{}@2tphG&J4~17S5A}-bs)dT7w2(kr@k)I3xTZwegARD|8K}Y
zopBoP(O_>VeQDk>$LBXaQ+4ij+?&6)vOM#cEV@ab0)1#ey-+Dr&-SMS_fl5ivqWvX
zIP?K+bOG!G8UYQ7?XxbsVQ0`4H}4F({3aVW?+vMa)#0#4^$vwLtbaHRuv2amM^Lse
zq;^vrfAh9!)f#P`a#_7?Q>)eAHl<qqt$<Fs4Pd+8j#<^OMVxWNA=G8+(5by`>OUCT
zpuw)-D{k5`vwAb0XX<2qzIAS&UcCvgzdxjIW8GFq-K@`Chh=+$Yc}Jt_WharbfzuQ
zzJKivt@H5iklLRj9kVyIZVYsVzQFcn4d@?ELI={leSypL0eW5-Tm}H-mv93ffcuDI
z@9&F4AAIZBIK}HHR!y|(ubpJI0q(YOk0bvt<R4fw(Q3-`4=t|K3b+rr8@R`Y$uqtG
zj};9s3>|J&#(AvASr_X!`<VXoy_YTbk*In#ab6qXUjXZH*2nw<hnCdQvDBJL)(trC
z0f6mtwwLwkwyvJ&eJ>ct=G*_qjrVw<i%s{0)P4`Tunf8Y`Rjf%EqQ7ci~%y@0mjn}
z$VF~)W*KnCeT3Z(wgqsxcg(8h-W6QKy)*a<cl@-o^*C|EWNRo84MYJefn~r78_aJ6
zep70q=is8+Yk*b25@3Z7mSH>T=#mEiUNP2czG1Q}3Fj@h!Fo-dyw0+XlU<4PhgsDR
zN7nro=fwj{f#m?}WnE0UZygZaxxMAWdGmqQJRe})tkdL|A|DHMqI}|}RjC9!$Ngpl
zWL?7pyAObz1JLJZlM~8Y?g_0k1wH_M0%F1`IwsU(C~&z3hyYdrD}hL0GSCHR59oIc
zjE-QtRQdz(r0*MPU*Kcl9pEeAL*P9-{S4^`>nB+QRs5Z2Lk?qr4}cGW_w4jjd*25K
z7S-zZdsKtxmyfk>+c?Gb6V83##-~U>a%_Ky^3e-NTD1=^uJ;wrCq4l_0^YarHPUx&
z42_*0coxq81$fJ@hwc0vcpG4QS$_wD+#@Z}8V-z&+=y8M4$ZsHjWM$J9lL_AxE-;=
zCin!EIJpx00_uR#1IC0-nEk(F|4iU6TL*L>!F*}@fgdCP{>Xm=P)6U`>6b{q0H_aN
zLH>hO;=igu7UO|00LuJxfO6yZmrNo5{*eC*kbi5)cO=fGd`w*?rLKL6^05m>TD2g5
z%DJ;$2kT^A)P?VW&j9Wl89mig8Rv}yC}&gG*T}Qoybjy?EzprXBQ22powC^-Qp*F|
z*XO59t6CjCVE3NT+L#aWPzN}cW<21FllDI9gwX}+f&OL*(rkXldCk+E2R}~vlRL_#
zlbw=J+CFvQ3oZYI|D*l?X3OMbq(%pfj6Q?>``YrS{SU{vMmDU=)JePj4CP}Wf7(Cg
zPgy(lihiIIKs_Lg{Kw+l5A3>FH}!z+W}a>BNRUgUg_b|hKN8Vg`vCL<KQk_bPe_B0
zfNb@c&}sL+dCK0Y3%jx1iglJI9RNQfe+tFV4?bUWvnQn1%alF9@qnH?#rVd|4;dTx
zmA`YFdcf@iz_q*-(ozu*i2VHs9=i}PYP;Vy^P=<7?<YIu&scE(>_%$ajEjs8urHvD
z_53PQr|eDsZ+k!IkoEWNkm_srZ^7x=>yUpx<n!|XKdHpK*#D0M=<kjHH$I!G)Bm&o
z&yW9S|IZlWd%)Di{@&OBkFfiHr~hZ4;?MsVD*iL9!{2M$M-1?+Eqgs5Wast#0OwFK
zH*my`2aTMWI%5OoO_|9*&g)>mzJ|HxnMfV-XZ**$)5OoFKQ(>oXXyV2tN4Gi|7ZNi
z{+RM-n$h<o|0(+a-j4o%80!24aK-@KX8-?*qyPT~=W+~a<j=T*^6v=nI>d;WX#tG?
z#{i7=DSOsSz18(0WqiT-r4#u?TB!d2;M^u&-yd3MTn_Tr`hdCAH)4LX{)Kp8BIKD2
z7&|vIXL<ri0EPj#0HwnB+x+PJ1W%NIBCrbB0IUVp+36aj3F{|Y!+8$my8?&<)&m=X
zO-v7ZQ|{Y&bV<F(myNNm!}xwXumRZQ16;!uy>YTTG59CzqQjAO=r?wt4&ORsu%G)9
zQ8v?Vb12#q1F&7rb~4X>oOAftKDNN}-w{+z`{jw9Ef;+MrmVi-%nj=21`4s@e|epQ
zbFbpuUnPKZtp5NW1RetJ1UUDa@qC`gm$o1Hx)5jx)boS7*w+BKnC(v6{>a%X<-V%G
z`Hqx%jr7#}t18ve-Jpu)n%K*A{**qJFREgn#`vDDb6KZ4@p=Hxzd)tlZ|Y(FRqgGn
zD*4_E)Sf5w_ngp<YIb|rF5mW=ww}j&3-iOAv9`}`vo5Ux`5&|8&*uX6yl`eLh}iH>
zUSsR@3;cdB!Fhe?0CnVy`+R4c3Yy<A$qGO}@X@+SRyUwC@B@K;Iz|3_<om21Z#DaS
z)z#GwMb_z#xxLQ74~GDzHn^_~%D+?F?ytOdqV-Rl+ZX5ZeAcDwMxN>SKriH9W_yt@
z(YOhHzLx*4keUrJ1~76rDRn^SF;8@C=d9{=*rr`US8{&U`5ZvY+LpO4<8h_+2Rm{B
z?p$E{3HpfzzyyH(@I+t|Fxk#egr5&zGr@Z9ujNf!!EZ;R-<}9e044*I?Cr5g$Dw?M
z+R)<4brbcR(`?i+-qd5~SvU8we*N49X>RQ_Wrfxe%<*XX?+LBd0I|N2yGbd3-S@*c
zL{Of`>^XwcD%;{{7dY2^BE1wC4RB8P1HjA?GhXEO2ata^*#Gm8f9nGaYYl{)&0H>H
zMa~(U?GI2sO0B!GHso*S8BJ`+`U%E%?*g2cW-M7~x#pJ#J{#e&=m+XS#wPC1CV%+;
z|M57C6$%_<@Vv70GrS|c1mO6K@}jI5Z*%-*(k~$Y{*eC*w){sx-W<y@t|#;yF;d3!
zUqJq2)w-J~f6n1{_Nj~Ye+w|iCq@A!F8>`t)%7*D%((C(`1n0O{lA_Af?jM$o>E!I
zBRlQm%aS|`+E&9mQrbWLKF3~Wj7ZsM%<V${eQo*Q2Kf$$oU_dlV;}v%XDA=zkUyV0
zP_HO!*2%GGCxCiDoEG_$n<L>jX&r!^m)i0-egJ7buA#!GvS9lmwaauo$9u@n58P`$
zkX8u!@0;CF`*isBUbg(XF60FBka-VshGzj4LiW5@ANkY&(>`gFw0qjDNk51E_w(`p
zoFAg^H~oN_+xy(d{=fIBi~i-b`+wdq>|4tg^T4;$-XZtDwd_OdO#Sss%k|fy+e*A2
zVmnI94{~tY|IgT_Z|0mEK{-(un0^fT_jJU6gCTd$;}Pr!7y~lT^#dP4{-f>qk1+(F
z+tc^6Zi4Y7pGh-iEXcX!)5iOW$baf<!3WH?Wj`Zj`gyv~$2y_Y){fGk1BQ2`7X!0^
zK0ptkFVG+8mkHN6TmH9Vd^Zhp?rWnzQlcNw1L%$NP__Q%nu!0{&vUJSv##FQ9tiMS
ztbg3;<O1=%cN`c}vo*$qLy~8lqvv?cv!T=3mNR`VaBu9N>o4g4!+}s>whuzEy%gjB
ze;!|PRXxaf5fBE<_5t_J!JO`FtSLDcb2=~JJgx}~23T*HBjrBMIrJqDNKdQn;aQ))
z9{PJX`i0Ya?K3TRxxQs#4CvzeK+Fe-?7jBKIX2E05*hPt&TZJg>(6CPT=4I1*tvnr
zk>@^c>*pd!-vKrN3xUNBaE&SVtp@b-C!`{Wa$=Z}r5<M??G7+5=n8NhU>AVv!FmE*
z7r=eLmXq6-+prmcOpW}1K)wUOu_EUN&0I0}ajuBqT%y>1Ino};)5xFp{w=_H0*(`z
zQV%)-)CFP`Ao8ym@;7rtBL8wEZ{J&iJ?CWqB7a}9%Hg(;{2AwQ9Vlh*`~C;x0`dRl
zOa~xSWB-irDR=hyjP>|l8P^F=A2>E7h62+6mm?j3JdON0&YKTR1*Y3zeg-fFm<3Gb
zts@m3C?`4qS?W1<q_+bc1JK?%=Hq&BlYWgn{e%9N5>k<WIg!8IhA=<|VAGrr4#)!)
zX1#@Ig)krt2m``^Fdz&F1HynXAPfit!hkR!3<v|lfG{8o2m``^Fdz&F1HynXAPfit
z!hkR!3<v|lfG{8o2m``^Fdz&F1HwSrVL-`G7&y}mq+9rgx8t|KvT8dvPr;mAj_t!V
zuRAh#;Bd>ToVm?S#|i0r+v;ErV0HM_HrvO&+Zh$4dbd5M+}^g#wo(i95gqIu9bMiU
z?y$ElOMkU1<DR_LWwg+4j%C>w$k?`T(QY2j^490OZ8sO?9rOX2+jsbE*Y>-u+0$(z
z>6x|bT}oNk>kR+64x@>Yna6t+&N$@UPC*Ts+uj?<dE0wKndJ^f+0x^gBH|{#>fS*o
z$6eNc&T>KEsooP#rgeDtP#VgPdu4d?>kjW8IMCq^+>4fB#`bY9#g1*=!i;USgcq>4
zJMd2QHtN^)rB>I+^ZMty(74pvEYAF8Y<K+6xfEu`HrwmmW_!7P2mbKK`jKSY?!ZF)
zOnC>rm9c%;-bA^s?}*v9uXi$Y`&_Rq%#Lj7DWCG=KHDeRUdQimw%741=(cZtzSm33
zXuIPgk}Y`#n!wKQ1UdpPs}BC+cc=a<e}n;HKo}4PgaKhd7!U@80bxKG5C((+VL%uV
z28x-1*d-lZn^*L5t(y8kx&P)+Qp^l@a@_2I)Z}FW`w#E&d%vSTv|K?ySf0>sR>15Y
zR=}K|mS<k?)B8RC;uLY>#__I{_;~?awyeo^zf+&GT;V+f&OWeb<$1@CCR7=GUC#G8
z<2%buKIZi*J^$M`FP>83=Xkbl^WJyNq7I&<=*ib7#m;;ud2{gSq}W-DljFjow<Is#
z9v#(lPsE^F+rqk8(X)HFR^UEoLGC{SZ_Vvx-4W5(`+s50^@6)tZj|Zox|w~YDNWoo
z*`1OQuD>Oeuy*7{xZjV!#U|)MI`*rSg!w8paiQ9hyhN=EdQr{p5vW4DS}Lr&e}Ip}
zKsfICW7tANbFU#?wN8|(Zx$s*Pjl}&{Fl~s<X=sRo3qz@&k?wHV*W{NpG-+ycxv&O
zJJNzWS!to&-05N6U1_*~gOkV`aG#T#6X0SV^y1+aL%sj&7QVuRZT+3M|8MU);Ho&b
z{_ee(rYLGGFDQZ(yHP`oG0i+<UV5xAF`5`PF-DChcB4`h6<a`1P@-6(u>jJ0mtwHQ
zihv;9LY1P%20P#X%)JW;SfkIp_p!g<|DM^I*_m_Bl-)ZsXGYe|v!KawHeBwsBhGEI
zQUimioFQ{{R(jOU%yW^qKp}f%b$;G4>4^6yEYx0Lk?XZs_|GB>Tc?&0vM?ES<c5BP
zDveIaO+dX7PC@RENLF7vLB#zts|%@zow)w9QUiLRkI&9NAH!vb{46g!o)uh3V#SvZ
zvx+MjEbp`vi{B)$L+-jPajS|YZc(y?Uz9A~P00?rDp<6$$RZp>Ugr1F1?fZ9LqL?H
zU_^R=4xUNB@Voa{T>kVE+XtRI<}xw)pw-Bfgr#FMPwyO6oFDz|)v|MQuT|!5xLTQ;
z@P|k5>v66EbRcrMNq&y4N_I$tL{QR4%mxM5MF`59bV21_2XdVtzcSQ?k)#8}Q=!jn
z@V=q2r*Q?LAEI>8Ke>e13;BU|=*L$J+3~JIPQoT3HEyHu$H5IkV63ySF=3PH3;3@&
zx~nxy_P4A~+NKK~h-&#|J=CG357JHCCIyRHUt1^Y=zwG=J@9@4JS-tz@QzT%I6ZwG
zAV1#bp!@gLJc&}c1J!3Ol%*ExH&N{x#G{@c+o@gcw__rkG5s4B?>UksZ4p?)7R0S1
zcYU{9FXA`fQx7CR^_dJjIm$X9`ZTYd^VB*<yNl)WuN7{i-b&zCf((Re4XQxz#Jee~
zPVClWyEjc@R@PQ5Ip#-}uvviY_m>~fs`aC3AMu-&EW%N&-zKO(xUJEFJ;{xC<X`R+
zM}0g<Yz*#;Tk*aI{r4-BC)%Av?UmXt^=Ap-xgk_&*8)5GTSt~0@;*DV(}3S6Y*955
zx3TBdX>)xbpI8?K-UAKvAlHK_q=RjX3{)S#|AzSQPhM$Mj=Hi@{D-|FG<|K1qhJ?-
z_ZPlR@BF?+!G7PWMv}XN9p2VBe&2#Nk8(fs5b-G;IZaM+&(j7yvK{GzqJLqL!~+0c
zr0}(Z1bXYBlQ59viE?<n?*ol)+Jl+{&jSWP%h4YXYV-Ms0Y<%E9?@Zsjb6Nmtq${B
zrCk-hNt?w2F+kV`9Tw=Q%K{wkM&No~7V50aqFnV@>}DMn?W%qze4`EvLKwyO*E~b_
z<WFhJ@uFOH@O-_rk&m~%4%=s=#SYkMu>gBjRe-&c`K?qP|M0!n|1tWLLB^v$d8G?@
zHvu{UZAcD)<RQ68K9cjU_Xgbqroh)g5^xi!0!l}IJSh6pVXy4An_+&{X1WENIibHa
zX86l&#D@dfsE=P}-;cLsYv%N2TWx!@T`PLAUzhh{Zq~io>e+qS?5|&B<3<i(BR(3)
zKBH$qza9G$TRE#X{??_v*($`HGVZ0j;*G^~vnIXB!!{$mok*9`cSn56@B8un*{F|R
zX2U;twR-G`0c^sjmU+WJe02|WumybY0HT3nfaD-~jsa5u3*avKsqV;rpgI8QVDD$c
z2X>>d3w}cD9B-jG>wv)W{f(;s*ws^7@#BlqzSVuCf?#v0BGOE{8f_|F(}3LMSBS7P
z`?^VP)_tY1BL_*lSH2+S`dLWjb>dT8y3g~s;OUJUHAr$<+)p~aw>wX}Zd^*AryXU6
zvx8099(xmJHO)eba&5s<_9{wqeT0t0Zzj&u0{;XvU^{Re(5Eoa2C~ck2;==Is3B1E
zjdkWXEyHvBg=^^^A}b2%3?9tb)#xtlYE&0i8g9x8LvWsLJrv=-B+QIeM47T{h@0bQ
z&gm7zr?9&5>HbQ%8M_{%jz?)%;yHT0eq8yv(r~ltt5GI*E(hvWp=|DCcnU1tLs&<$
z_&c`N-n+6rmlJJRN%Cl9B=>#)Lm*u4Kb1DqyKx<4c#3V1c0TA$oZEY&FvR?JVX)bs
zMIq)_ibKt>lxTqSJ+Bvsn3V%pz&D{3{9Z*pxLOu&URo!9InIOqlj3ROmQnnIV6*Gc
zLj}bnsM9s8KwO*|Y>KmEImj)MUJ!>Bg<7y|@0L|*`$>MW1bqI3WWDGwh_>HbDBYJC
zYHwZMNil0e@B7M4&&U_)Kz0+&@KlOOw?l@9*b(Q~nG^*Z8|C`9eIeafe`JQQ{xD#8
zx=-_wxdCnal|&i8TO8GSWN~EYVW6W+B8^|q^fefi=G}a>Chmv~AN>ysLOb>?iRwHY
zaR|fU9#s@(^kSN~{yT`r(@pnnJ}T3<<&dJ_&YcT_I&}d|h~iAmo<$)h?*i7)#ZjE8
zDCPPZ+(8{B9n2!0!LJTc`NF*dxJxcM>`~|`FZH(u=n!BxumNz!*^@g`eYM9{B$)n;
z^C&lA58{o$j`D;q^G<jQGZ1Gdu<?|a=yKdc*l;nT-DhR-Cfg8a1I2}VM^Q}2FA%m0
zaojZNZUMD>5PztXuc59)Wc%nd=%5TbI0soXfy00sFqqN+eQX`jvnYQ>hHrCz)*jC1
zeH&->tpMn}-Z`f{g=OdbbiRcAi*Oz<owG#eFIknxcOluQA`YF)J0H)@J>el(LH=<F
zqqCamoQC<3-=;9ya6H23>|Z(uT0R$g!G*vM%JQ&oipxQr6m*^{&QVq1Om!vNo2od>
zoVU@!kS?#_zB=oG9_c^=ztkTPWcPl!n``v&*!2K>@jeptp8(0v&lraMOVj*xsQl?X
zYC3;{U=10kBWw!dk^CeZ$-e~hk3krnOGNU|gZ#FTe;mT*o;e`W`NgDH(gUU6D8B{4
zow<M3fo3Y4FNt=5{vf1F)p;*1S!R;|jt1mD2yp&E8%^^;bq&18@(+dE1+XJPMrX)B
z0rF#y{myg-3!TO0i26SpVKWei&iGw<+Do*9jH@93SCF61^riFp>>$4*<o^m`w$RaP
z#3kLX0c`KZ6V(9<!`aGj)7i?v9rOhZXX~Ctf9Q{PPzgCn7lcwE6lhP+fIhDLydMQ$
z-2p0}A2e8y;-l3c@=t&~bT&1eHL|cW(d@kwIL8)p<E(RWCNKx*6n}d;vO^!pOlALr
z1`A3L8d)N2Jkq1Gr*x?ed`A3&HsF`)KZQXLi!}1zR8!O4<e%xK-41g01bP8&$nR-f
zC^OC*Xmh|CSO(YtYmV&`zPNhG{NK>aTEGVNVHxfho%3%t80UMg)WoB>>wq_iKhTGI
zSJldI>Y$PT22s2h7En5<3tT_srVBcF?EX)kLhUb=2cXn|=L2^Kfa)x@-zBKW%kf_L
z0p&amZGz68Sc1OcC+K16`GDr*(Jt%}2lYZAP@VsTasbr^<g|Gmug$sERV#lNJB|ER
zcpp}vUofFq`F?Gb8kwJ%+_kyay1*+hf6%r7+BomCNC!5Me>&u!0@<mrTY$4%=R<z0
zjDTiiApbH=T&m~P-uXBu=sjhw&6U@CP5n3dR3kt2e{(4g?jI_Ry6HWx8~n=hw}X2X
zKz%lqsV(H60r{tD<fnH7$#0GF{{r%_MER4R2=>6o!~^I<@s9UC&-Zd*$2KVU%A!!y
zZS;I;c=v~DKNR;#T;Nxhza`w805`xD*oFS=2lVq){<{HJzzu!ChIIdC@1y;%M_XS7
z*aI$z`!?|d`cU#yT$DG@8@hNA-v<2sPX5p8g3P)=bD$ZZk2CC5*OR&_(f*r5_GW-S
z<X4~`7?s3!`ms2+(==czFdKe7iSLqwMvqi}1)6$*I*;$8zxTN|ke`<==wM)LS)2)d
zC(xNan}OjZKj=f3KgFjDeLj5`^17h*c{aZ&b9yh-fX=WcP9T%00q?WmehnbG>3lN!
zUZC$F-v5C<vi#3R+DFe-mJPJN{PbVo|C9Vw|Mvm>{~zdY0H50d{a-GBxjnRooI?Q8
z17RreyxdkEy=FB%@!zBYlr{B-crV_CXWoDRH|em6*Cq`#X`o31O&Vy@K$8ZVH1IeY
zc=|gL{M8()G~0>fXf|H4Rc`@9+pE|hZQAI>nDW3bAGGmFIsRVjsBd}19MTHzWg1KO
zHk!R&2Ftsg7~kUl#)H*+z#t)hPYKcmDz%DhWfN<|q-=@r2m+eTVhuF@nuzg;dpjkY
z*@OO>uBJD#ve^l`*U<7fW8BrbBxCiBlwFS+tM8xcFYOc2510Vd>=R**o2IKt15Fxe
z(m<02nl#X)fhG+!Y2b-yAmii?G5z>v@p#}k5%v>*`|(cL@Ns+2-0Z`uOGSAN`1Q0F
zM6$!c+IViu`FF6<qJkp6b21Ye%%gZM6tu1s9&cG$az@{8PUGuL0#*tl$pcv$$ooVp
z!2=S3O_}n-<t(0e=2>r(thC^1u%p}q8^dF{IZ0WmM>ZD5Y&N+Zx?0G9UBDl(%kT%*
zVm<ulupKn5n>^(BkJ`;;r$_L)>+{K;WFzJQS#FVSU{-o0%gsK*PDU+cp=-5SFzn)B
z4_MdENp_R%-(lFd%z-R?Eo(5^3CU4cuBYLSbMMXbIDgj1ChJ@{c#dFM=Llg{`FY20
zo;kR<3if=};p-Gq_|Ig|NOp}JRVWLx#~>Rel7ri<fmT8mN65j~oWV_H@l@*6A0g8@
z@A-Lue4m^BdjWKPCO_}Q+2X>p#pPvLRfV}Buup2i;>aEYwn~Y0ZSkB$*e8N-wOu0d
zF58@OIly-*%40m~oNR5Lv<wlB`n=9WIBI<q?PBN@;h?=TajV`c*w5IV@_E@d_m5=@
z&xVb0f(_NJlY3gQ1UHQ>nZ{1&F8eXa61uj=j*j@Ja^ZGkkYihdtDyDU0zrII{S@?~
z=G{T)jeKs9jc@Em5jIf@*ayMp3wA(puHucPUxbw4Z9{HtSUs5?-DAZ46JZZjWAg+%
zBH8{c0XBhTA6Z8Z;-A|*L52v}*zt8Pu*G@gx>RR<yEuNdrMUGc1HK*s>Fy-k!{`l)
zn}^(0u;Y@URh_U!2R1kY^K~1_+&3>{$2~20J!)XjMD|dCY_~+VjgheDqjU)*1KBu2
zu8`<Wddi8zdx}3zHdoxwX6b(IJl<I?f0C=vA?j!03hYDK@9qi-XlRq<E=tFL)nRA$
zw}Cy9NbwrRfgO`<ha}rIk?qkT*e*sRZH@iYZS=DY`E4ZL4%jyS4rz>U=$>p#$Tp`l
z(BjKcmYt0HjOpM!r`?3T);eU{Q%!b1kuEwc0Jc8dK8S3KG;V(f9TvP^1-m017UiPN
zg6hPPZHXc@c0^=PM0QE!FWV=1*lDvp)>_PaxmK0Gy^6Wad2VcL)34fnG3ur6;D>BQ
zh%d4g>Y%xASyvAD=>e|+UI2rw(UJH5^``amndbh#SQ)~ur+3waPX|a}jvgR6E_gxm
zTH8|!cJ3|(0sGhVlr}7SL7FwmQi2^2>|q8-tLF5TJP{{kLwCv7p$F_<`be-3l0JEV
zpfm+^&D<AYGt)~7Sl^w;@pJ4UxmopMQ^xjVpA8!zE&8teE#$R!*axqE4?7PV@Du>t
z0Zs#>fVTDc=j{dlB;WMqKXlcn@H}5(Ilw9+JKs6GuRA-wyBlm(Okv|fAX^tR^*!uv
zVDG_v9D1`v_a59&9gpIe!hXe+rF(T{dsg*fSw0rrhK2mEY0@C~pRuOwoTo`u#Kx94
zv%Ca$(O+$^aM)dsw?o)3jR9}35nrIZZy~pQk)P~;a<_^<ld?~=KIfr;O^``tMWpHV
z$|$p<q7aKhpn&X1V5?FL+mb@if|5|vD>q`ziosK1F~VV+!ov|(NO8)-O|RTMXj)tz
zVP5z78)WYS+&~<uEW#Z2I)+k)hmxi36Y|sc>$M{Ol7CZi{f4==R?M5+OVz7?<NKX}
zf3mSrE}db)<72&k^K?(qurSETFw@7-^sJZOH)%e)Q&YWlW}NqH@xhhYF5^q0ji;5y
z7|$q-F#7Pchwhh%Gc8RW{vpD@l*0?cJAZU)zwQ^Q-nt0aoe3L~_e(>~J6sO#WK<Ar
zWQ28My)Fltd{z|FbuaF(!M26$1?HXiRCERHd2n-cJ(A^7*9ybNfy)Bg23QT)VeRL-
z6kn|wwC)+}URPip=+8wlhTp@+!xlCk_6T2d)<-oH>j5czCBoOi286<`5WW&=H~<rg
zAJCe*a3#D4&#NM;ui525!@P8qJ@}<H?ze$#U?ITk1}Kk9Y253A++wPy$kR_gprkdd
zO8~OzSOlAvDd2A&)+WxwT0JYQ(Vq(cdC3P9v}Sd2s*m<mgwLgQtq5OI6m9q&)^E<j
zx>i~POX-ZGe6##osjxPY>^2D8HV5l9|3&NdF9!TWUZYQPQ~^XoWquz<2IRx#1Z@Ls
z1f0O98`k8{yn4uD3D%&lz*_uuC9y`|VNIshNe^))*5<8E_Et^Rgs-ej;NerjKi1-k
z&PZbm@D1?+TBHBc@NV3VHMc>u?wDlA^=-Kodh`LWXMrQYCZGj93;Mt^pm=mqK0ptk
z5AZ^=x56khQ2#q%{`o-t#h^nkM6{ihAO75e3*l`SgT8~c#1rAa09bN9u=x<Ir8UO0
zeKp|U&~S4e<n^IBzO7W?KSN$OT^!oQlJbXNjhuA<xEFNK^8;-IeXa(Ug0Hn_y|rdk
z9x}H<U0;EAu^Q`MXP_LcPkCakyoca`Ht{9p33sD>)Z;%*&A;h!=w1spAN(28H=ueH
zz1Ni!x}q}R-_xMa0am~)$g()qSBu)i9Nr${O@2aqo&x{5Xb)uDM7AqqC@oMGo}qLa
zlznMfSDrR>9YFk}PkNi4fejD$C-+~y<a|Np_OKp&{*vOOnpF<HgMYF)+l>C^N3@3}
z)E-bi>!JTIC~vqM)jx&Fe4-tX1i1Y<<hW;idggI2jShQ)Qhn}^_FxG9yP?1AhqYt<
zuvWTre%NzUs6BvMfexX(;C^U+ux|dL<36q&^`C?8dA$HNKz&*TECU?TPx1N>_XByt
zw}=9Ie`0l}K9BOfrVOYqE6#c=Md)8a>-H!dl-6-B0cHc%0Jm2HeIWmG`p<%bKdygJ
z1HcJz0JZ>=G;;l|`ImJDeyJ>a1O0)Q0B-9H+MwT&pJ}2`Rs+yAm4S>Vy+2v?Hl^02
zfhG++V-2VmA*l~i!eLUHHCg`&N{h9S&rMq01zJw4x<GR%Z{Q#u83t-g%fLXPCj$-D
zsYCPNFJi|mS~jNC_=`kwRS?ZLv#c^!-&f(^Da*GsyGaz+O$wJR2Xo3;%q@OzHkjv6
z5$K*t54e}(JszcXS|-3-K+QTWKI#IGrmIN<O&a*G)Ie5>k9aa{ni#gG;W)w55D4?h
zVpe)M_GeCP@W0V}sUXt)9_DFiPv$57{|ED^%AD+^nsg_lE4zNRpm|xrQG?JGf_8m*
zpXA=Rzwc9zMW-EJr<Ii!G9oiA_&4a_%()Z4UW#!uFT%WCj%F@>Kjy+_L4IzFO*}y#
z%D<wI6XCPC%(<Bd-@;z0*|cYDZg!%SacVb<+|ZVV(!Ri&{rxoaWHeV+4L;(K?|Z}p
z?T3u}8r_lK!(8W%x$*xa$#F|Mrk~v9eLmSE_F{HaFy@4hoH{Vz+9B-Gnz%(<!dzW7
z_GPWc{+oA@&mHg~g%U7dhkI|#m-4w3xEs`)`g~}{_r;%oe4g`*y%XCby=2Ur<;A%O
zY1k7r1#`I(;lK3E_xoiC_VyDcK5vNmT)wX&<_&3&#jtf^70QM0a|k{%p`)&pm+QQ?
z$`9UsQ^fp}yjNGF|G6+<$H%~<e-^B1{_gNL)tw{TRV-<n7CX94U@_afv#?#m*s&b~
zpZAmZ8|3>LZdcC_f?wKi@HWl;VSmBwBp3A_YjIBZE(^%t7V}ZYpAH*n^3S)28tt~y
zJLbI#b9YX<cQ7AU4O)#o|Ehu<wW`CM6jHF0js$;DT?un_93dLNAo6q2k@hduy1ma<
z3-fo)LUr0rZi_iP+RKmT>}a1qV}OsTlYZcChy1r-KfGTjkL@?c-=THIPP^{RZe~B4
zi^G1D7A$GI1q*lS&eqNA%NBgwp9MOp{S)20GS?-2*qm=(Wcyb4WN}-%vZKFRutVFr
zvW<&+-dZ-pggGrVc7Nl|w_hDMYQSvF-6kTx;Uhn)-7k)Km^8+c&ruf!3a#^f6?vFj
zyICG#QF1-TtmtZ#SxIH2X))%@ipwI*N(zE4ivPr%RAr=D3Fgy^%Hel8i2D^`?yVei
zTGudl_Gd+uS=GgWmMqUlI3*o@o|o;wmxt^2=|B9gb^(6G&qoYYy#B^J;_OL1R7u<P
z+NJL6`W)tj#+~-mwoUPF_DxZ=$;_fClSR3~Z6~JrsD3)-q5b2f@Q&nfT@cx6@;P6v
z=@d8FOaHB$1HD?OdKh)O5MX9m64uQ+%ezH!%3jPZ>{U$3Iv~D8^4{;l+zqdvpkHAO
zb~)yJ=3?A$KF0X0b3$7EfcYM4jJqx<jDCI&{A_4U7UQope`1ek-lViKZm!Hefa6MW
zVZI?e$EO9&ThV+E&6VsY|9f32nz<d!X^cAUDOh0)cml?MX}<~E+>q82vEP&pFsC5;
z`N{BGfidlG!6)rmWsPU}yg*)Hd)_}|ta<>=fnw}B1^G`w-mbuWfbR=-FCNIBk01I7
zBGSe_A>smz@h`~^HuxH2o>tJuY|JH5o;3Hu*P6hs1#p=$&dmEAP|aRXrduh^M;ZT=
z(*nhqxM)Lj63BlxbiNe%FG}&zo&&uv1Akvr+MqS{3i)z3s0GcNV9zO2ij(c#OdGQE
zx=8mAb0L2n;6s%8aOD3g<R4KM-{qaGpqAq>$FmmmIAbZD%pi4n*G&`iA4=?V(YmhR
zUv*<1hU*x5p#972F}^#I(yT}{<No#2NBN7;L8D>y<KF8Y`d2`HWp;>x0=nn=!yYM<
z0PLIB`8#?JWBiTgfjZcz|Gn~hkiR@u3fdm%2Jktv2R-+{7EXEqXdLs2>i2(5Pk(25
zXmsJBE|{`0jFd<i4XMJA3e4y*#3I-v3Bo|o!OW&?J7CAkY&PMb>g}x9CI%Eq%Yd_y
zi^eHvSi%IT8K-!p-VqNzqYLMhh-c!KiCE+LNcBH6HAu`kAA6US^xp;Fth6TjzG>kb
z8)rJS<?ohTj43Z>MH^sktgfsAd^g{7?W>dXTK?SSvP%8@OPTh$=cCRi?C4XBZ{`aj
ztHng{uqbSuq8+8>I=`)Q=+Ge|zDYSh@y;Tr_9{Vncz192)R?a>oeCa#G0v?S*1KWN
zqKhceH#7d17RNXU?@}5;D{J3}^Cop|rZk$|ddK3HU;C|AvhejnRfv;;<mcQOYtvNN
z&sq=rT<b}pj@q<W^{o}(wSRNK>z}pxc5L4+pN|+M{xqdmi{6&+4G48^<rw>mS=E_+
zJqlAjOv{6v&C8SbnwKBmVO|#I()~)Nw^{Mgon}(lhBjvhy!@(pmmZ^g5ijz^*jr*j
zoX*=hK{~5%AL%;(a-`nE%MmRX-a2Z!FfUZK>QY3Dmlzw_tTeLSx;$U4GZ+1Y@8xG_
zPwvUTDGu!x+Me)K{xdVE<-*J$gGE`v20vv4=+8K^M|ky&moDEou{gBrt_uOr?>PCZ
z@Mb}<Va>Nrs+W4r)0qRRW|&7GUmVlv%S#dMr=2;Vn88wB6Dz`d%HIt`@$JCN0`#sr
zLEj~S;!<RL&JW&)mcaZ&yK41KJfHVc(LR1Wjx0l6itjp}F23RPfamIl;eCy{;=lIJ
puAAP2+z)z(sK-oc+_V<uHiD323>XMPEdI^h2te4?+VHw@{||kfaxDM=

literal 0
HcmV?d00001

diff --git a/hack/make/.resources-windows/docker.png b/hack/make/.resources-windows/docker.png
new file mode 100644
index 0000000000000000000000000000000000000000..88df0b66dfcf0b298de8cd296b793b9220c4a914
GIT binary patch
literal 658195
zcmeI52VfLM-^S;9dgxUo6akTtgq{#WZz3H8tb`;KDWNHduM$KQ)K9@e6$LBOqzFor
zPy}pLL3-~cKzhILKbJeW9LeSS?%qA4!|l#a{mo{dow~Dn_2}&HQ^kid=HInThdzwS
zW^?PMCYOZm&Hknz@3CD5O<>HoEVnYY@QX@}`ScvozJ0G=!{aB$PZ%CQHmGa+_CaIE
z#}6GbDvq(qCl~h}*01l43av8Ernc)gGvTvt@qNmB1@&q7K|;AXb?VpfF7@=x8cR=<
z@4cgR$BxRX`<Bd9eDqPmhvj=W@O$6qxaM+=uRogp&CK`z%(?K!HzSX2&A9qc{)Yde
zuB}X2y#9bD(aUdcm&U!DCiwl>?(x#+r|;dp=fdTNZKnCu9?MF3t&goSA+MH<Wxf>|
z`BcqB&2LOL`G~I<OYFWVG4!$bw1GF<EqFne@Qy5T;+z)Uyb{W>Hd8)o_dRRVNtUp9
zex1H-iINTeD`v<g)+?9|t~>SW5tgtxbHN)j_WWlx%FC9_VL@f%W_Do1Te6i0o_)U~
z8yL#U4eho&oE;Blp<M?I?ZVdl!V>qF@?FQg{8(u3nKPbb$~V~HeYI*$X74Ou<vJw~
zh`j&Q>QdM06R8F3A~)3z?>Oywui$Z-0RtL7UT=Tbicghm7A=on*rwsm*B4Z7G_6VC
z`4p;$C3DJCX;bnh?+;kLe}A)&HU_*Ld~>^6TXV>eOZit0tQgydu?rL5I+WiaWPO!{
zmg<Dj`CmVgq#XW|?~+$DJ{Y<#u+0Xx<i^PXDPuXCj!S26I&tF4<;%yP-rer`=syR%
znLljj%ZUT>MrFMfnVXSz{<n*@r!{(UT4!bE`JI2KKJ(pU2R`wBXUOTRA9v3E#aEkK
z?MThtU59KMSijt*-etyp)M4R=DUH6XIjh|#PyYVIVQuWia}9D7QRkYnHLpa;-k1}-
z?8O*Gdbhfz22M=8n88@`miQh2*7H&%44;1Cz$ES6)_I+mJi!u%cKu`=V=r~6-LT)E
z>s#;jVywfGY4z8%t(v-{QiDYGV>?u*clhQGZuU;Q+PinQE7i^?HsP`HgP&aacDs7-
z{<Ef9{lOvswyD-6vG?$IKOGy;aA*Ht16qv@%#QZ@a!0+b)4Y{!_j#3#u5ogvY{>fq
zYklNZalwqt8auiu%Y0Bf=#QD@de`hWr)ih4KJWJn>ffbWa;x$3@b_Nmw0Ta;eXP;j
zx$kc69QN6?b-i2t>$jo(re)2mywmAx--EFe!xnyAVacL{<A1Kw>ceJBuN_=5Jn-bl
zQSJAJCSI?kX}o(>Xv00b+O2KT!28pfzt+}V>9=A}l{L?<RBV}*7IR?jBxRXt9TUBq
zDJQiHihjIpmx0d=>~XxyvY^LmHz|G6yScaGo!&d^*8Fr?x1Z~5E}gZz(vU`B?+xtI
zpw_W6AD0a&^~TKhyPMZ8Gpl{0x|?RpyRQAV-{CTcI~^X=r`C-IKQ3z0rAn<&|2P>t
za-Ampvj#y=?VE9V@#S5Y8(*$^xkmEyK8uI68TV~w-;4G7{Q1h$m9Lb#(&UOdZhoV-
z{l8h*=ghLD{Yp3e__=ngmTv6xQ}6edm2L9s!tj5lSLoX9yH#I*ex%Cqio-KT{B(Wd
z=F(?Af4s-Mg98r#b))n3dDj)Gll=VOEkAwl%whE^FRG-eG_3NZN<Yni=KIP=KB&C6
zUug5NTl23i2wV`~e_;KM_5W9X&YwP?KmB=~&#TrC>G$LE@0Xul?%O}5|6lz+{_&;0
zZ?5jtzj5D7KYIT=cSZl@i+kPbTea`7A6qVaZ~3rg@%>tV`_`bmS?WQ%p4rv2{kOfB
ztbO^?);&SKF_qU(Zct;S|B82Coz`@Bowfg*_}^>wx6IG0w&jCX%YR%N-oEkEjR&mn
zlk(Zn)|yN6$7Oyov4{7ydOyrddF%bN<?cRt@yV*+H+g1LSlkOEm(QIyci@UHD|)Z!
zd}~{?)pvea{Qb6$TL$G!3uwFd>AEk}?L6$`{i?;+`kv@}<_Di2Ds*oZk+!<w@{!+F
zUAm>ir0rvVNSgoUZ!aZ$`Aqx|XJ6lTE&H)IL-P9Njn4idt+U@i^?JYB>QjFED@Fd^
zbX<I7wUE81?)Ps0;;uIBzl;7ndftV1=4?6?`OVQz|JNz-!x4L4xK#Vn=slzNd{akV
zr$(J_-EVeJTG*%irthEpzU4D5pV|A*-~W95&#?tf7qtreuhF$d*B1S^=-e-ZpPT$#
zgN@5J{u<YH-R0-LAC$Cl>zEnOg%A2}VE^Y{T;FNc;#E%^+p=oQ52b(D)Z^10E51B7
zY}cCm8~@n&<1dxhTsf{jwR+>|jc-N|8&YxDFTbzemGtShPv6}9=Ktlj()ho3B49<e
z=c>Im;pg$?BA$&nyKw&(Nv+@fJ$3GlkYNK4lsa&{@uiJr|9W!wh{b&u9qBx*;;>B<
zrl-vOU{<%c|7tids^Oxld(Q0JcKPXvY2#kJFy(OC;zjEh?Yy(>)K5vxl13!GclxWp
zn|$@;mxCHlIJj$H`}4i89BS?R)#srj&#io`XZxPhhHbc3D<mdl&VW__t@-7<Ny{^$
z?^cXTj~f5grKn4h&CfPEJLu)Vn<xIV@0Y)N?u!5N<r(MNPpzem)lShKVm~B2AseQc
zHLdNm=jAz>Q~p<D`$w%KPQ|6KJ8`G&hf6lKE#LOzw^zM=Wyh)-!}r~uy{bmWwfXz!
z>>m*@qt{#4j~&!RUyc4?*IRydXS_FKz`LzK8as1fl|y0knoc@&y8VQ69kM&j?QnL{
zu&|!tKLtPCw0_j`hOb1PY`(e4=GJ=}4juIO(SeHxb{*C2vG9iVS2r6o>bG;bcT(QF
zxcH*)r8g?h583zP*w>ft-<dk&hYCM7EYl!jZkuOj_Gt0hy|$(5FRSq36Uk*KJ@Jvx
z>pQFM99A>rP_sibkGFrJ{^LE8yVUPK<&)cUwl;me_V10qYj9=LJ9U4Yz4aOYXU;5&
z__D&n*MdejY8A09Z2Bj2W{+#Pyhis=Hx9cw?CQ|h{#qF~V_p95V?OvL<nhlne~er|
zd!=enu+PSJ-(T<dT)qG5Yt{{m8!&YHKePS}pS$AAr~bL~_xe9i&2Ik1-LJHF%Iqw2
z;ggNuz1wX-aJ7L~x2=37d|l+Y*H8IeDzAF#-DlM+BY%B=WBt)bd#<=MVBYGtw$+)^
zedM&4cKrGFjt#Prw|x8iT$%Cat<(SAd9mlfkU{4*L}$OdxN21SS?{kdcdFvN@>7r3
zJ3aYI)%W86+`i!SXFvbAV)v%l149oFy>azy@R!dA%w0b3>b!t4{wGfU?0@drpYNol
zcRUp`@1J_7woKpHe$zMGBY)i*_ro9i|7qE}-?#lz`(^iQmUQ^chUot?#~ezk`o`Au
zCby5CdVXt0Ueq7Io$4>^-~H&&qj5Q1bJl0HUOj91jm)_@qhDOrWAwN?dliQjd74@Q
z8~@w%@6l?9TlMSn@v*0Fbq?5D{kQzZcP9n=H}miRe_!mmSZi#D*Dv45@IIIExPQdS
z*FJn><ps@=>aSHBRxRX}b_<gic3RYTVb1eIp5NT_@2Eq^Zl0Zz+xb-Wz%QCa4to9R
zlzxAVIC<mkBcBdSKJek<&lkV>R>Q2*gHL_E@r`RS`_H`+7=L$jsfia3chr7xt>xC1
z`(H@@bz<_mQ&-9k_;tX-pCVo!eRJZ?$ox-_^xV7Ui!BRRZ+c<mrlcv`HoP%3<3`ml
zo9{o9y6yG*6|~2Wei`2C%(j#%@fp8oq@Am9=B@E{^Y;I><;0}ANvpQ@-1>5An>%e!
zv_JFS(bmuBpFV!~^wd`pCoM@ibh>kfddBnv`E$}f4s5Ubc)`biz3cz(tuI?dg@<2k
zJwES7?how`#2%>gWySoj^Z#01u|mjOnMZH^xBt-mLrdo+&---y=>L6}cQf%;<)2RN
z*}3QO-~O1~IP9g=XLIiCm~?tlwY%S(3+#FMe?e30X@_U6P3wE`hn!C<fBLCbshFRV
z8`C)W6k`!BM)VsvabWjnB4Xl4H;j&r9}?Ga^60VjBFb1~>&auIV@AeJ3>p$QY{ZyW
zHSccOUNdM!Y^$0BnsyKEKDK?_@DW|6jF0O(rANP*DI;UTV{5jK@`;=rK@p6On;0E5
zdGx3;6Cx(Js;P@Nf{wX!NX;Ofmx&`=)ojZX3>w(IS5W)-@o_;-8#WD&32hV>)I7Xl
zSktD>n>T6@)F?EpNl0i|NLb_Gu<(c`O(H@=gY>3mln)(6j*lH0(WgTveR6cxs^;*C
z6URn`giM+=so|u?4dcfT3keGk4-W}#6w;_sF!>0c@cNjE(UXJ6OsG{5i6Nd2aT8+3
zj~F{~MEsZ_9&hxJ_*W;ks#%jK^uXxLHG1rWgvLzJvm=TjlcUFmgf$EeDJD?&?&gDy
z9$jR}2@^ZMMmf=!tjGi>^m~15Tu7g|3GuIvkBRH}THKh4wTj9_Y|Mjr#=bg!l#Wkq
zOi0|QxX~130%bm|$SjOCv_KvNFO-c3my0d^#1TUuR!*U?{7SLG;wFzMCK$g`5KMO~
z6x2{8-G347$Hzraj33`GK7LeG!Cm&S{Y1?tepdz6>mD65VhnFoJsBBd8t7q-Ka4M~
zL-fSBC<@y&IJ8-CXybliP3d-wXiCS;>A)zG0-q*vbf>#NHhN;TC9xFpYZ^~{?1-VS
zTNKMfpM~S--aVr0m<bc3$Hc^S?GQy}Z#ZH^Y($G@Lz)k19@Zi_u2IwI;3hHjHy7Qk
zMdRSOnC30Q!{VBShc;`ZD`er|k3`)eKIT<^D^b)1fBLcUF%<oS8zdsGNnBiPqb4!I
zjpG^*4Gs%y-Xgd~c;m*wLu0}l4{c1z#0@Q=NeLN6_DDiK$B&>VQ}ie!KfElllvvZD
zEt-T6iES1f8yhn;xJhX2kl^r`A+f>H;mu>CW1EFGj*X5sl%<Gh9!aXphzWE*y>4`$
z(cPwd_VkS#SJ>5XVbloSGh}S^_z7|RPqS4`!{6qEht7j%3J;_E6OV|F;ZL8a7=8oC
z#YTn{a($Ss2O;&rMm$=bmLVvJ-za$TX-pa(H^$uUUl5hfSMiZdh#xv}QuO$^w!`QS
zvFvZNAl||OO%sR=;m_+)Bb-nb6QW<UuOck_yK<9?cz7qr438c&EG{-G#BdWE94xE5
zf*LLS*Jb#Nee|y}GBze+X#Dum(G#OajE)`_7czFtu*i^yjt|p}eE1w{A3rL7eE0a+
zxTwaFAw@YC8H)PfdKGlPMNR0_xm{4#j_sR;g*R&!+^AugaWqE$jN;)^7eP-Py8EMb
zf9VwF5jRu+1NoC<)T=uG%^QW12?^u>>Vq0zHVrz+d{E=dra>Qu>_2A2#3*|9>oRKM
zY!r&?afA+PUwU<ni=v{LI+^<JHDYqysDT|ukX}sS&%GwRP`W^-SBeZdsMwH3SM(tZ
zZYZNyJl(URz?EJg>D@Kt!OQC-kC6w@TSp!|ERrK*HHiy}m;f<<3S8#-m|O)e6CmbK
zfy+D}ldHgG0>u0&aGB?0auv8tfS5l8F7td$t^$_{5c8+NWuA}8Rp2rKV*V7k%=0n1
z3S1^Y%%1|6c|Imrfy)Gl`BUIB&&T8{aG3xxe+pdY`IuY<E)yW;Pl3xkACs%VWdg+f
zDR7zRV{#R^On{g_1upY^Os)c#2@vzAz-69~$yMMo0b>3XxXkl0xe8n+K+K;4mw7%W
zSAoj}i1}0CGSA24DsY(qF@FkN=J}Xh1uhdH=1+mkJRg&*z-0o&{3&pm=VNjexJ-bU
zKQ)WX=izeDxG}T_bP_H0%;}f-4=of8is{m)J7ZIxpj}L+GnS>L-y4j*8p_zs!L-J7
zK4TT*KY980PR#rF?5-W!_M0qYTJj{*@_%7K00ck)1VF$_0&*+;!#fCo00@8p2<Qkv
zKyV{~00@8p2-rjb0%8+31OfpN009tyfZ!eg0T2KI5U_~=1jHt62m}Hk00JNY0l_^0
z0w4eaAYc;#2#8JC5C{Z700ck)0)l%01V8`;K)@yf5D=TNArJ_F00@8p1O)d02!H?x
zfPhT|ARsnjLm&_U0T2KI2ng;05C8!X00El_KtOE5hCm<y0w4ea5D?r0AOHd&00K4<
zfPmP94S_%a1V8`;ARxF0KmY_l00e9z00FTH8v=m<2!H?xKtOO0fB*=900`Jb00LqY
zHUt6z5C8!XfPmm0009sH0T8f>00hJ)YzPDbAOHd&00F^000JNY0w7=$0SJgq*boQ=
zKmY_l00M%000ck)1VF$h0uT_Juptl#fB*=900ad000@8p2!Mc11Rx+bVM8Dg009sH
z0SE~00T2KI5C8$22tYt=!iGQ~00JNY0uT_~10VnbAOHe35rBZ$gbjf}00ck)1Rx-|
z2S5M>KmY`6A^-ug2^#`|00@8p2tYt^4}bs&fB*>CL;wO}6E*|_0T2KI5P*Q-9smIl
z009uNi2ww|CTs`<0w4eaAOHcuJpckA00JOj69EW_P1q0!1V8`;KmY=QdjJGL00i8N
zfGi<@s_RMw6>%MFqyz#W00M4B00QDx)rrD@00@A9>j*$VT*n$IfdB}AfLjrOfVfq4
zqA(x;0wCZz0uT__u|`TD00JQ3Rs<j*ZdIKq3<!V#2)K>_1jKc$krD`i00_7h0SJg&
zRVNAq0w4eat|I^eaUE-<1Ogxc0&YbB0^(NHiNb&Y2!Md=2tYtw#~LYt00@A9TM>YO
zxK(wcFdzT|AmBOz5D?d~MoJ(60wCa41Rx-8Rh=jd2!H?xxQ+k>#C5EZ5(t0*2)Gpi
z2#8x%Ckg`sAOHfcBLD$$9c!cn0w4eaZbbkB;#Sp(!hiq>fPm`=KtNo_8YzJQ2!McF
z5rBZWRdu2;AOHd&;5q^j5ZAFrO2rUJ&`vGp3Y<Xz1Vm2&DkAzSLIyzq1VBKX1Rx;d
ztQX`81V8`;L{9($BKj&q20;J>KtP-XARywb7vu^AKmY_pPXGcU`YJ*OK>!3mK%4|1
zAmXeS<O&2p00cx&00JWVDnbT900clloCF{s;;a|s3Isp^1Vm2&0wVe<LIyzq1VBKX
z1Rx;dtQX`81V8`;L{9($BKj&q20;J>KtP-Xl-6WRCX-p?9ezPT^aQH!Od3L&3~+Hq
zzq=4s=9Y`oL~<bT2m!5D`-q!04ps?>H4(!v2uOs$Ta?f0F3xKrr3V3VF?1y7cmn9c
zay(PS2m&Ag0v<sC0^$+Xj6zyKU@3Jg@jlubdcXJix!!Gu-mSO(JX(Lg*2s_EiPg~i
znWJ}@ray0M@PJ<sa2Em)5O=9blmi4n00dl200QD-;7ASxKmY{Xg#ZM^U1}2L009sH
z0T&a1fVdbqk^=z{00DO)00D8AnnXE300cx&AVE7-^m(*8gHRExks$yGfB*=904D$e
z!F>P%AOHd&U=sldh)viK2n0X?1V8`+f_nf2KmY_lz$O9^5Sy?e5D0((2!H?t1or?4
zfB*=9fK3D-AU0t`AP@in5C8!P2<`z8009sH0h<UwKy1Q>Kp+4DAOHdo5ZnVG00JNY
z0yYtVfY^i$fj|HRKmY_FAh-uW00ck)1Z*Mz0kH`i0)YSsfB*<UKyVL$00@8p2-rjb
z0%8+31OfpN009tyfZ!eg0T2KI5U_~=1jHt62m}Hk00JNY0l_^00w4eaAYc;#nO3W{
zIG{`>v)C^@f`AkVRNt9&p7L3pY#Q0yWR+yAlI4FG7s+x{iL8d~Ewbrk{m7Ojn?d#_
zS#Ee7+*~1>OSTMIf3o+<-XrTpwjx<>!Y)LWIaqLre?dSv0@ghLi^?VcV}Sty5Ma!g
zAaH9i{B6k~3I@0Gh6DYtcM*QL_!yf&I^h-u1l*1Q1jOyC)L{im&`xz&T%wO?CFQW3
zi*uRe;`ERl2sniR`mvmX6_J7f2!Me23E10@g^_ge*D-Pk0w4eaq9gzT5oNU?Qy>5W
zARvAM5D@X#5poCuAOHfQB!H20QC5qSGqv(?BBjvU$*Gt|-<$PoxW?c}b7*_f@lS?x
z7ya&_IkasGrM2?#c{(?pa#hHS6Hda21?KWP0W6|)EdjJZT+17&fdB}AfZGs23&d@z
z(x!r3pioQ5@|A9r$Z|8S;D_-RLI~MSWcQH`BKtDg8)WB`<z_5dzR+O-+3RH6kmW6#
zLuA*G<*V?9kuAv>!W+`uK>-rU8p87xd9%rKGn_16mA91ad9p3Yb|z~`lMdNb{tua1
zWHZSQCR<V~!w|j{`Hd%=MRq1xZU&R(;eRB1oNOrBo@7suT}GB0Lz;8w_#W9VWSf&U
zlqHCcUnUD9Ab~P#FR7DyR?8MJ3vQJ(S|Dy!omLm-JawfcP$<KLlIhM1+z#qv`&I8}
ziT?b$kstn`<YvC!PonOOv4i^a`TFyce&$oxQUZB0q?xEcH-x{(&-HHC^^q;npZ}^q
zKWOAf@5E;6{hT*AnE5s2dA8n9rcpT!;g{*lwMOsfxRD=2)U)+|_URoG_2)|r9`Gv+
zfpY6Ezv-(|-7CBHQlv0BaKBU`AnsSEC=m#NfC&K-jWB<edYW3U@b*`0c9dOr39UgB
zMz)+nKy0CgFdzT|k|N-xRBn*#cl1-pWb#0@W(l=O5+qd!5oQ(wBEm{RmOuam97lkJ
z;&m^Dva)fEGA3gIYR%O0>o0$1?2cpW2tYur;|1R!00I&sK!fITAEolmqOvR_#{iXP
zB#Fq}qOQZOWC9S7k{Q7V2!Mb@2~fAycomI%n9Dwi$OwptIYPx>gMbvz23J4;1SC#C
zqfkt=qzF0@S$BDcC4S-OApr=;Ll!s!0T6H_0yOg~ipD++U-BxkWd3UP6dErXUZO{M
zct8LG@&E-6KmY{XiGWfrpJGjU_`o_%^_@#od|O)+&XfH@Ks>qjQFah;V*+Z0!s-Qs
ze5$XnQoV@=-wVy!a$`((6%7Jn7d`|A0T2))0cu6Gphbhm-zl~@n<}|nL+eKVvN(VT
zdxU^^aOI=uAmFY96f$|7J!SJ&D63Xje`UEnad<*l2#6=tGRg=79!7vxn_JU;m7q0j
zg=xykPo?fp&6!@N?l^x)04nm31&%-f1l)uGEdU9!w<vtIp^sAa9Sw?j*&CO;hKGQ-
zYt5ouAmE_{=z(921~b%-C_W9Q_)uJiEtnk<rCY@T0dcG9L}5Sx1Y|PS!I2bvm8#CP
zu%xjg<8+s}ARz8ilPCuWfPjtw&Bu*!BnrNhuSTI<>Bu<UB`yevyVNAg0RkYPBcNci
z`i@57tyBilfchXu$1C;tARtn&LF69<K%fu-YB7{6<lvwa+8gB~2Sw#J(Lg}lrYcbo
z5C8#AfV!|sIfDcVNF{28^mj(wQjHS=BGsBhzCi#4iX=b+;#1@W2RPEKthXHyjoU;4
z0dbqEL_t6R1ULcO8Byab64VN*OVfm_IxBvu#R~zET8$yUAOHep3DBe|z6Q`KhVQsY
zTm8;*O5_rZR4KtcBg>8>P>HQPJeZ<;*yJxb=PA_Y|Bz{>_fxOnl$Ft+^HV>)TMu#z
zrDJZnsjc_(c)@9j|MsZ9Gl_>aq!~)*gX!E5-cNtdBPzrHA=8E2g6OvyKOs}w$WMU_
zW6zOWI-OK9IGFi0<k>I)t2Qd9A$&V><NfP~y)qs*@?(g)AGzJ86T?iPP`w`mKZ8H~
zN|XRCEbJ`NtUEm0GObo?ain}cG>jV%Sa~>+O5y4cAM|GZ8m=+WqX&C0I{wLU?xNov
z7oy6vDU{aA!{_O|dLcLGpM(*MgU(OJGgGMk%Z(hROzyOoWB$avmzDW=QqO9aq)ynH
z=YLUUMHg04RNw{zARt)+^iG`T%*^xGXxg!Hj5E`aO59FUX{iA4(0o2a<#u)5r<t(c
zK<A}R+?;)yTSNj4$<5U-QYl5`15OSiKyTIA6qVBk(s?!&a(Ns6>*)qvSe||dp!^`<
zW(2BkxORhPOI2`Yv9j~>QZ99?6yVG>ToE_Auv|eIX@CF-NQOYZR_pW@9u1`XO9qG&
zGwSN5yAz9os6hY(K!7n4kSosSz$X;ZdJw}*J7*^++W1}F4=!2|F3H%+!+bjEaF?X@
zFp+yS<7f86Q<`#AFhw@V*v$pU%V-AF@dxRwJj|!H4t#L#nuGJiVu^85#9}O+moj#9
z!SQ@zas5F$D-XAz<1P=*U2|~IcvhTil5|Zf`AmD1Qi^hRYNR2}DUD;!PDjk~LqJ?x
zJ6u4fx;9C6fzm4^Aap*MtgEN-9;7rM3J7CdKwQmY2c@}$tg+z&Qr+0W1;=YBjfVol
z7#9#%vsg-L@_e|Rp%%y<D%1#P7fjA%PdGabvBwVq5qk|Ge;@z?RuQ0SyxXh_V7q6P
z?LqY+m!ITgDSS3!DYC{x3R!fXO7;$WwhmtmD@tRWVNqt#jWgAjx)Au3@@e`q&e5OO
zcu;13y}-{}y<0S63EHW8$KHC!9lG-ZkN5R%HS~U#K8URN1HQUWMwj_rtTX&v?`8-;
zPJiB3@8yt@p9^}oFuk8?`tzmw^DzB+Nk4pbos2v!)q9+#KR1NGU{uaSdOvOTe#Ys~
zmm2xeJ5jj`;@x3zF!O83a}B+p`$pw7gzv2{SG3;GS|dM(sB7r`%+Whc)1S9Bcqrl5
zkmt2}f6@9f^wyv6Fe>MLy;}{vpK1DY(;Mo(QJ6z|KW_U&tNgCz<mY8LyMWY>RobF7
zmY?)y%TGp<9YOYUvRlcXB%4X$lgVBn%j@NUk>&kk7s;lPzq@3Qko}2l0@=P~d6$OZ
z2F(z`s{k1Q0T6IBft>vOQ!2TFFZ6Mm(K1H=7h#s4<O@++lI=>iHQ6w-_B?BO6NTFb
zWP6b<Fw0M#po8sX*OJ{v&6S*j3$FXuo<g}Umq-Z&KmY`+Ads7%&mXK#6%dk-s}HiY
z{3P$w;<F*1CEJ^<FIi`sx|9I7!^!ei$}0MuOG3h1GA=O?5SL&^A|L<)t|XAB)qYOt
z#XB=iYJOZ+tT<gGPn#b{=?o!T(V6L$5O-<19;>s<Pwu7P_sOm$F`;Za&tM?Ld2A6g
z2!Mb<1ZW)OR90TzeP<@GmdmHhW$YxS@j6){#ly6i;pD(~E8Rz}k~XFn9eEA`aU@N|
z1p*)-8Uoq*dF!2-nS0q;6=|$R%)L0xsQkgsWB>tiCSAl00w5q50U8JSpSGBBZhJFz
zH!G8+=em5%+S+WNrT`194P=df2#7Vb;1>iyKr#fV8|y+wZZ4mx<WR$fBPq-2vxFUy
z=aDo9!nY@Ont^~g4J{%D0T2+H0Ci)%>c~9M`Vw{{Bh8UfIxDWFBp#cc6}cf^2#A3M
zen9{P+>XGV9@W-UE99ah3P$^+uxsgQe8)ydMCZ&n&Qs)Lotc0kZU~5h1b#sP1l*E9
zR(|dfM?CU*%Y(N-L~i)N%m8YA+;c@fAt0`xj5I(11Oy{Mt&nXrZt;gb8Mu>~A%#J6
zUc{j!9)H?XR%^mSK&+t!zaRhtk|aQ%5$r-!ZfzP+PR`C^_p<r6RiZajNj#RgGM5k#
zSJFmWAOHe_5TF@Z_tJ8+W327UqVW@UJ5#hf;u^D@MdI<cv4bm)At0`xj5I(11Oz8Q
zU0L6z=45|uX-4>X$MuX<C#@v0G#3{6dz-{#vPC`}><I$mV4#Q&1VBK%1a5Y(`f^%M
z_U|R-koMA|8CR)dpK-+p%!iS9Of9KA&bkf(aTZy`3j!b@N&?rrSB*@|&DmF6=J@LM
z>m(jDW>TCNF}U-cfZLOJEEF;`5D+2hBW(}>0YL~{f2K+}b!YujRN^->(phF+Zc&%S
z;<l195<=p!OXv)Vc_T2P*&uxo00B28P-g9=3QD;=#I$&Pz?{0cOr6DYewi}Dw<lRA
zmJFc<B9@v!K0p8jTtcAix=Y>sRH_SJ3S|}J1o>3m`!r=&geHaZ#6MU3l$gYWb3zM*
zQ-A>h5D+1O1g*nIhpFiyr>4jEq#y%iOjfASDb)1fD+Wbo_(#*{k^PX=<F?51rppdg
zM2xk9Jb?fRIFtZydUz{T-)R(zK+}l%7Q45^wM*g=%Hv$J-;i*KdizEQi0R#ga}WRl
zw;@2Sj_PWKVzrM_)u?crqo9a<#QZvmhqbE=odAgMJ->qNauN+LAd)Z;5J^-MG6@18
zU=0Bhj*2R|d?^V>C%H^kly)%M?_IaxLo3V{yH}_@yUA`Pn@FO;zW^mUBeMoxG4&w1
zLJOARm4`zq?F0JsdDE0n81y2mA<O4~@J?7hyTP9<H--;8`_eHNdw!k!Q<3!{%l8LO
zCCiPWY0gL8_$+pQo%_4M`ZWxq-v_4p&ZI;-X-(D;p8tUbkmbgZrXf7v35X9b^7MH=
zc-%Y<Zg?0Tmgj-TWhe_@<-|9EP>}T_%T4bKQDxQ?9MZol5BH*ff6|{D!W+`$>G5<8
z;rR<9?+@mNv*C;k{5U(Ft|3i2e87T-;bD0mcw9S(MH~8kV2H(eI;l?95WXn>hVZ;h
z+@G4PH(6ePhAswE{`@-kXDEw-A33owVsVfk=*-H)W9j!}{h1-pw$!<SzqxzKz;7wB
z7_3jzZGK2NYLIX&AmM0F!cpu@A->S#N?Hob(^|CP<01j#ag`&>8Cz=j-x6Q6ab9oF
z(C;C#2gNd`Va@ZO^8JY6H#Lkf1o#8O*zku9x5mcsP%^mjhZ462!yk&KehlJc@MG?`
zsPLxo@jn>jKN|jrWa`Ht5{9(6aGClsTr29=G&~mtZViTulxcjX{EAA`Ac}@~%>5P>
z-ZV`vaK?uJ{h0bO<!@RR<M2fto95Y;I=AFrDk^Qsy74g%wOlcSrdNfKaF{JeE{Vpq
zbc@A<zko#11OI|9(&Z=lJy3=$uX|osrXs~(0Ju$}Fczs3`IW4JfVj5mZc%b`T$?1_
z$d8(p<n-_j_|famaN%!X#)hA}nnh9F1Yc4<_yfU}hTjLq<^Y|zn#G^S8Ia;JwKgg!
z<g#fRxpE*4j+e5e41AxGt7%p(HUIU2c<=<Ct;1WP+`<q6bYbB(009t?3;`02QVN-D
zf=aG<fkY#yq}GOU!3xA9MK|_g>|VlgZxW3)CHRr-WprUlw(5{^5C8#72$WrWDNG@k
zk5bCyok%nuvqm%w@fUoPHq~13xJKcBHpGG7M+u+{>rp0f0Ra#YkN~wZno}#|1zPmi
zhFTg=(4e^Sc$n2WGl)l)^_yHRrq&0aC;?Lp0SHJjVBib_AmCgABoq~CyqnLKicl~a
zZ)MaW!6-xGVLC8vb4Co}VZ#oIeDIu)kHMHB;JE^_{A6X~(%cN2M=k}bH8p9bNBKuC
zzySn6;86lHR+_d9QPZ5La%9WUGJrr5i?U<`6f(KDBZcD8#A&{{{=*(NhzE~uGqpa>
z6%{Ys9un|e0b#5yVfgMLijt2s3MKPbna;E=IUIa|00_92fSuyOGyAb?b1co&9M)8n
zVDZaJFwe*`2!KEd1RNk9$0&)-B_xB(M8J~;qyp{$5C8%9BH#e=;6P?m_Z1%lfhmE2
zCwF0)t{5%>6)uAS2#A@0jq5y2i*%bDzBP5kdC>$sSwJjWxmq+fxPkx(h>3u1dlFh<
z&NoQ3)6ApR2j6oJ#sUJKEFi{vN?Cx4dqJz#LQwDq0xl!KH%8=pTk&5z4c~<Fb35bk
zsNkL~AXYC<%7=b<)E@^5D}DloE!lJJ7Y|<8uc-BLL;R%{PYyj<K&+lXzz67HKmY{9
zL4dC;zm}d#Te3Uk?~?a@y(f;6NhcScEFh-aW|vrNT6AHR$Os-lz!d~C=rgqZOM(u3
zsr!~%9|c>syP^PYl7`i9;m#;`c=x_l$eMm@!5K-}6{p#oH9<SouE-G>1VF%Y0;xIK
zy5@)3KT6A^<34#4<Q?mRINvut7}aE}IzJ`bQxJuU=(E3!1GBv-R)@5D*v&!hWvesl
zSpl?6mgTwMT##kc*BBksFXNWC&Hd~wcEj->GUrW@qCOZS7(;p%@-M#qNS6PK)`&tt
z_O4%bl?ZhwyNbZMsyV_x9cGoW@Ee#`#R<=a324q9WTn=9!erT=H=R<Jn@we(&Ad+i
zRTv7+bOi2XWw6_s4u84eqbM`QgqWUz{4<~{$o3+8MND}!&5I}mgn${QMLk0q+)C$_
zOfxEm^IXiua%wdw?%!hm+rMS1o9F34I)}+K4BuaOYO<n;T%MVxE3@jxdFH=!8B^TD
zj37hB@F)CDYIWSpqSl$?%@5T2IPUmpZHtkfeSDh?zL!dGeGE3NIj}8lTSAFKKq%uO
zMwt(%;{yb;wUL`M4y}HbvAYFAE1mpze9yd2{Nar9NIFi{jdQH@s`nXxkaEKxq@`DX
zz?4b6aq8YiarZhaMP*f8<DdGaZ-r79Ug=eIepOVxDuPr3ALroHtx{;*gPU^a53yQ%
zS2MZwANVLL|2gFNW>FV}aHD5lOG=l2<G7Vk`o_;jBWH0Oie)O+KocCi1+txhenP)f
zsEf<$hrLOBMV(sRg~e}X{vYjAT~vH#-S~qrVCxd5ymgUz{kMnZd;78M$DcAA#uF~e
zXiAOm-y4|EetPNB79N&T+`Gw2ub9bFBm1+Ary>c5_1wkIklzdbyMAP{oUB4wm1m~1
z(rf;YrH6H9X-&E^t;*0yFXYXwPxt~4E*^#@=7HBvv08gpk$BKOlXRJ#iRjPLO7l-M
z*lhUH^RqUGc2Gci&hb{p+hoU+HGQdnj@*7HD@r5yhtUaM4I*=tY;jFB-Um2|?Dr%j
zyfy0>v;5>Nis&_KBdg{Y!05vu76;?qFus5P!o2@Yq^}ehJs{<BmeOhf%V-cqak<}v
zu_QoTIJ}PU)rp5Z?S4t#S@vV~SW4?bEU#3>68%cS0~bf$Ri(akti<f*`vkDGrrlU(
zy$GgNs!H_l4j!`d^7IQm3jSs)(zsBKKi4vu(S9Xb`uNn1I?dUY;I=H=+v@%8_zPq$
z5)i%tmLP_nef$rfzdZA2QMF<+kxA|i>DhOxnCo^q+xua3K?Q^W@&WTivP~_Zz(s~n
zwOc_j^DOXh-plfnQ^>;%^PV2PTFKj&`C9N{5apdK%=_?m=5_K9#vhi&8Quy>i5kfA
z0?QZY#jV^G$+vYaFz=(gtRLf`2L=~h{zjhf6DUb8^7Q-6_n%GlLa~EhD6G4U^Syjo
z=2NX$#*;1G`hH2HzZcz1D{Ap;Qt#@7qx6*%#nyK|eXQqpjZk)-1lEcc$(tk|f=u0|
z=N@lm^d-xmL7~MK?BNC8trh8vo*2mr2tni@<ycLYzk*w1E|TX3WS0<7+dIgYpNyk8
z7Fv@q_ghBe%}Q(dB#B22Z*6GK9MH|8QC+p-g@IZ$8TBKnyP_k@3n=$!#1eOrr`;>y
za{3?Y=eNIKUrP^+%zEK0qhVW?Tc(O6=qQt}G4CUZI`NcI7mU3or*bWpRjV<}su{}i
z{L9!IooK?}rGfG!nr+2}qso7~Sw;Q=W`)ouR|wLHNfN!7<#_oOSFY=Hfww-K(KTLN
znv9-#{APWL>~ONxi}hIah27-bkDhrqioR@{t0V=4KyuOenyj@DjVbZ&tVFV0gnlNl
z=jqpSv;1T?^8B;q0SbKb&k|OkR*23}pS|+dC8oY|lBqBLtNXQY4!?|LS8u>F>a}3m
zK@BC_UBUbFxlpJtpCB$r8E=g_%j8t4%`)q@V41ZVF|Ec`Gr%n?4WEkab$UNdn%GAJ
z;#Ry+SQh;QU%6$gvg~U0$<||BShT95UvM4-5a9v;W4@hwkEzZdVdc;4XQeM6Cl~H&
zqoFUZ->+DM-K$!UCDU&jy=d?*FTEK`;<3nZ;>=%q*70W?f7bLN+m`HuOwh5l<}w9%
zk)Cyl)&?xjzoZ0&U_MR-nMQVSaRsu&{S1XoB)f;~-(>$I(8a&%EkD_W{QO1MLc^QW
z_gJa>H(15gJ2Xq^0zD*8(Ru~mMd^6M2Til9Jz4Nzp#J~7QWYGZhy!Be-E+!2mvutQ
zCkUv>DsR($ZZaV5fTYYvL9Mv#s&!Zv2`}fCSGtmU|4zEfXH==_;ioxwm_*|wlR0L#
zkmb3h2WM`%$5>AJ>MXZ>HL{Ph+_H~}_GN@m-Bw=yk7>^yW&y-YPHSPDVe;tjDY-%o
zmKjj)TBYNAM#;4KhbW!1^o+1Wr3&Yio^MKWsZX{s*$A?&$krw6Xv1H=-=w@>v^Qc&
z2nc~~Km{F5Hkz!fMgemvE#6<kU;TJj*EO=d`N!?uw6ax8oom|Tr+h_0cI3HPOhGrV
zf~E^9=vc+Oqp0geO?}q<SCf*YyG~&RG5ORS&!so19C{$+m8nb*g(}qDRo*oZ1`-1W
zi6{SKS0t0=zueNpQc2e3VqrlI@PTLkHl9OW8U+v0Dh?kvk*6o?rWq@5l5o=66+R7@
zk8z03a8V&a<)X^R+VTP`=(<XE$9|=04u?H2#g>(pciZXi8S2VY-nmLI8N`gHY74y9
zCzW!4mh2_H<qu@uy~P(GrIF>=`7t-VS!Zb45j4hUb8ySwRCw3a6J%?Xb=C8YzZ@?i
z`xyzzVfwYnh*m&IG<e7Cvt(Z&+tQ}eAyA0~_=7Ufzbwo54WtKT0L%CCXId{Gmaq0M
z)TN`F25LNeEI*f~j%L#vGTn#tmdv}IxaHGF`Gb-FVaqf4@qOK|wFAB-W?TRdyo)Q(
zw-n2#hbA94$oHdT8jRNx7cKE(G&9c7{UghvmL<)a<K0la4_?QCizxNY%gORzx7c!p
z%Fd^h>+T(z$;4k&I1}#1?-|{FLt{=_dePGI$s=<9lC3wy#d!KL=OO33_%FYI_<ck(
z>=g9!B}!p6ltcQzd#MQDkmVDMteRCODghzUXh?;4T5ow1&hq)L<QWD8KmY_lz-9vZ
z6q1X{2C^GTOn5h)StF=`kYLoK+(nXYLzWMWS0f7p0w4eaARs&e-gUp7>@Ko9NKlTO
zX33=j649d{UslfthFa@?c^@DQ2!H?xfPnZ3+@dV*Buk5sbfR)-&$^X%O(GC<A)(;B
z=l;HcrKSwEB_E0aU+SQ9{@|l6c|#Zw5E}t)W;V;uD7;;ZOY%q)2v|Vivus$46)s6n
zVu{$>0`cr8pj^Ji*80}w@JU`UAOHep3D9ct{L~C##Dizd+h;Gt!)y)Nb<t=_g<bJT
zGq7C#GvjY4bdy_aw7E2MiP5YS7!Uw~A_-`7^H_db!ECl7JviG@siHagif+zM#*^ds
z>=ww-=9x^T;&Z*NHrkv#n}o;egb)A(BuGG;MO{`Yv{Q)j2BNMmhmX%lHX`D#tCRJl
z^gLTYcugynd?Ard2HjXTVM8FP6G+fbHD3fnzg4;bgC52?^Y#6k4G;gq*a^puCjb>u
zD7V{+Rhx~$5L?+Hocj^r{Z@I&X-x39E0rpXX}mhRA7Sy82m+!|EU~p(bblx|45HYY
z9>RfuSPAfHRt5c5)(<K=v`l<p)7vMS#Wua?(0CD9kpw(@F0TQ}N87SlZjMbG*~opo
zm`r0+P($kY1p(<2pn(oPTFzS^qA<RGKeLgM-9?cX31k9uc^y$nYE|){tSKRWK4J(1
z0-i`fo0UUdR_Wpq4~>TQ%2xIC#JUiw%;>`6<Q2*_wpM^PFP~}Y8=Np8;4uUq43yJ6
zU9oiGDirzDb=95?ZO%7^f^iW62nYwQRDG&j6k;QEZ6@Dd83qL0p8%gYl6PMO1LdZu
zef<(hJWAX_&@>p%?IVCO5CgwC+i$Y0EStYht_Y-WXv%2-4+aF>kpORXq|;c37-t^(
z`0in&TH(79Hr#g@1F->GkwH}IUy5|M&@mrlAr_K?H>nZevki6AbHykg8ch;YtJ_MA
zsk`JCU08;iRH<gz)s001ilXTcHk1j!AYcyx-s(uB&8%ocE0!<t^xUG#p-|*9FYj>b
zy24DBqWHML4FY0-9M|k5y~$YhNiRcC-7o)RqisiFK)@XcXtQaC6(8#mW2=J$=IcFt
z{bFgi#FOs8TdHM%fEd@DT5Z?9&wN^=DBskK%ZOtTFh_u|>)>1H@|_UHGQ+B<{QCMW
zrL9Vq7Ig`3t|Nd!bYs?E{8f(KyL*#%fwOruT&7krxv!UTtR8pF;XPT}o7MK$Fn_gz
zC1>Zc6ZbRONwP5FC7}Co2X94-SvWX8AKK??RI8@qB`KYp**l010Wq!XPj?<=8R_*+
zovk^S(-)^?9{9y6Idv=as$Pl>t5=>?^nP@8{)N<RHvhky?AOcpnFxE-t*K(S^2=9|
zYxxW-TGJ$Yqw%`VyuGVq+`}<71p#pk$A_^j*!vv2fB(CO4%Q#ZlnN&I_pv^pghTkL
z6l`{jYOF~)`dp*lB;UW!l9Q8JU|=Bg4+t<gvn^MW*_;1dVVP2RU_HpS8y@g+JKDoa
z*Yzre;;B>_%*Q8)4GX_1h3rZpj}Q=N)Y9zj$t*j|-=3&FX^$)gwLBKJ3Sy1Q7KrA)
zJ$u>4pEt1U*RJUhDwRq$>5VC@dQkNTNVi>0W)uIogqFwyBCb8)qM`fFtk}D&3|JJ3
zJQ_3)r*V(J3{Lp9pMbprf<g46>OiCUvM6V3+;o4OVx0PDO(87w`+V&(55(h}B}>_t
zi@tau9z2RR?b;O*5AN2!N&xFxEs!6=xR8MEQ-SogC%!09^kW?cE^@h+`T4&9@h|`p
z&o2a|sJc)nCe!yY?c3mrcMs4UdUrQ!T74f=r(gm9j_rwT*N&Z!6uE4<vX8iNhY?R!
zDAFB{P9Q)pGkj(h-*R0vJLg(bOg>%L&wm0<*Ij0bcldEF0SHJ@y!rQTy?uTv>XJ2X
zy1_{|UmMc2ye|u+nO3|hykY&%MdIOITDkNgd4oB6<X_!kHD5KW8|c|H)(lLX`O9Zl
z6|5we;GS)M{<Em%@v$@cAa2_UKtPIPr&JE3R*2oxQgnlqV)<4=ab>l`-5>y$FI}P;
z(07ZB>B9N*?7itT*oJlMb=_N^d_0@+0d{VlEahEf7&zKbz_9V5q{cdoi|yzC6@A!z
zvau76#YI3VuIz{?H$$5zvAMf9u+&t$KTgBD4io`2z|5QDZf4483T~m~`^jcYcIo0p
z#;w8JCjkkd*;%Ei^#bEq0=kwjpIs&87Z+dOpV=!dhd7oDVskVBw{L+YXs6oAOsN`d
z_kak`f_{mwow*TZ@O!jUkQ-mWhjVx>$*8X{ZDC9%CC9$;CQH)t7(X;OTDO#3YJ(l7
z73Ax;m5pp=_uHFkv^aM>0k>BXyO8mwh_}yTyW-FX=C6dh=`W6mOhj><OUcsZrrP6=
z(>#647QmD*U!IjITSgb|RB}Oh5fw>#S<!!6RyWu|+viH!`1$Xk@6vXZbQwG-^AM1d
zDqE=>N#DwJ$VMD|0zMzrbSJa-W~y#gphBTw9lLb4sAyfEd0OZ1PF61a_inmHVc@9<
z0(^Q^dX|3YLkW(On-<B}Zx8idwJ~+Zxp)acKuW5cq0RZe(bG%vX6bd^$U5J7(M?Qx
zZa(|=^c`Jkx^{b-HE0-Ywq)TgBUsB;t#p3AIB^RbP@1Jx%tie&a$SqVT|P#m>$Zw)
zSxkxHEK&m45X;hvnUi>(Wo1^h)O$((_^yk5_eFOwK1w<Ju1!r=gLY8Nr|uL!r+3Sy
z%`7wH;bIs+KR@<#_h(r9jvZ)1fs7rzlg?sypJ%xqvf|Pq^~{BXTClqPN9fpXjGzBH
zYI*c@oAOAgAoeathk#gG*$eiypb4mZ9l3<pokWE1pg6x}b)ATCq<rxQpTnDyl0q9|
zmC`Lom&*$pyhrY4urYftvb)rU1!DmL-c>~{4Yv~xUUWWR7gMe*xCxx&1p?w6u0_ZC
z`R=tWEwx9{7j1KOClTQ-k=VNB+4Hr^GL7QVdCO_k-SySU+wAL8w^=q?9wpx}d~lq%
zIOq#cZntw7pV#i|_aTYLt0jYg4`&g8fH;e6QSr{-t6>=#Nh~MZvgt-e#ZiQt+*`wB
zUg{#Qh`@=uN)$3hhFq!MDpx39q88X=IoTP1(xa`|Wq`gUBrPlYv)Ta~7C?(VcuRwS
z5M<BIG?s;JcuTBQzPCD`Y@rj55`9b11K;4v*KaJX6#PVjxp%89LqJ?zo%8qhVJXS0
z9NCq{iy+g`*Qk6%u(t<wt<$?<zCy0NEmNwN%jJr3=`V#8>TB}(`j9d^BPB;mn_<B?
zj)0b?;Ob`TNqs7=IV60eIY0k?w87OHbKY>xH3T3auHjrbmASirqGjs63Om|=ru&$P
zAHCSSa@jg{CCO#-TxwlhlgpLcWD1>N+$*UxszrM<sTHCr$sewlOn|pEbS(~dZ=Lav
zdieUap)W%HSuz#)a0LN-1qAz<*iuVMRbQsj++<l<Mej9hOPmyjFE-3ePG@pInxRGO
zDja6`gdOUNqS;URa+xBX2D2|Sg>pLy$K3RnL;tmQEjVw1WM!miNO>HVMURWfod?E?
zs!WaMI#X-HNIb3=bs28bB!F31w$|H%ePJ}M_h))Ady%F2t6CM)<|}9(tDMg5ezKN0
zE~1;oN&ggdIdOHML}j@$nLJY_m*1n~n@lc0M8|6~UJfgIuUs3-?!EM2hup064f!&y
zNC$0fD3l9>=r*h3Gpe!+^$NN$2LdGJ<GYXkE?TiMtv#sF0&un=Nqbu$5D*)nTNGr$
zzAE%k*N~W0CI9@l9R2!}E!YH#N5X}Nu~Pid$YfGD-F~$im9inV78F{U>>l-MU1eHX
zGPNR(()BYmE^);uj8hN2mmY}C&&f{6%ge2zmGdDI7^?_S>yLL+<?{uk?%qvh42E~b
z`uWeJ!SYv(opCH40uT`K)P>vRq|-0QpA8LE{$FSruPU_yz2qMrxz1K!DA<GDZ3^jv
zf)uniXnccD!}T<yP~_5hM+|+?<7-bVx|GTb0g+N|i7>A(Y&}-SPo<hy!%x|<c7QtY
zF+YvmM^$)e?0Q-j>$3T@2y-vOEb+A)e9tr9MMcLRX*8N!wEa&6&9uTzBk~)-UI8im
zq!4*wkv-c9Y(IbXi5)jHMyX`7j+K0r)hl_cyvup3WZoneCG|;F^3|}&ioR_3jWpXc
z;Lag+T~ss$m(Qk>@`pGaQAfVMTbN4Sg$Bz#R6QL5Q95y83`9D0^+-<txO|<z0Mx#k
znHPL9H77Dp%R*IhS&)xXR*Jqg>s?x{RQjtGGL2F}6Q)X%iASO@<Zv-LgZ0>Uwvd}g
zpK#HjZ<**s!=2Y{SX#;a6P~_)6R68-wxvPfPj~|Mwm={t4ywc7PMr(P%+vlxkLfVJ
zO-DwaR!gg{^K)q%ql{c_9=Y-1(_Ff)n?FU{deH1yS-y-$(&^!@n@LNLBsrgL%d^C%
zRe961pC3`HK~9UimEN?vPbFt^H3bONC}rjSePtT8>n1~u+k2jEzwW`U5S?i7mIhh=
zp?6(PI_L(Hax@yR8_dhA4Ru)^mvS*YG4Bu%5!E`0h|i6Ty!{ou6?I*eE&d%2UoS7_
z3L&{k-=65S$-}y}4c$|Gl{i`&g>P%#s`d5zmiDuHvG4_)NriyD0)p>>IIyPMJy9c_
z#G}!rwA@n;jMi*ad3kv(IW3Ldp%0CxXJ%4+#(A&B6?`;oKn>Gb$7Zu9$%|TI%2$Tx
z)2Ctc?xpI!Bnj~_sY;bPmH7vBf_Rv4@vu{LVL73~sU@O5m7H_ri2zj{Cq!>HO8%`4
zwMxajsB4S=I@+YuTX@vQlkW8$4@1`!AJgEi3@3`PqwB*sz69-5<5MRd^QMQ7?^gO$
zXLlMccgW{DotRrhT>=4n-#VcpB>=YdGAW7TU{coKp=C6ow#H#^IQ|h14Jirl<5DRd
zH|uWG#UwWApKJDJPq^@0HE7C|ZrT)A4r+G5SU^CnPGR0Y18KlxqXoX<MFIpMAR@1%
zcYZ&%C8C0N2cfgcn<rdMc+-T7iQx-Rw&aW7bOX1aVJGfq*%I9KVQ5i?K`?Zp;Ymxv
z9YLG+%Ar=rDr$8MqE-jB(_q|%00cw=HTn9^qu+O^<THr3{>5Sx)H+e=#Y9D;@q9$y
z8gqkI7<S$)!clb+2i-?Cc&maR^Tinw?U%BqKAh&)%j+7`c=e`M#~)5h0}%^G00JTy
zdg~G%x%J4~U90-M$v@pEM#EbuN)i!+<$}VkxkV(a&fI3x58n``IJ{NCTM~v}y>LJ*
z98?`jWe)T4na+ksOm|R>h(?42ARr>Fl;W~9WYghZ9V>gUuIQ~4QCp<A+!nYSgoU?Q
zc()g~hGXs{X4iRk=&pmuQhAGk7Sw3@ejpEyx!Xh0FrRB&wV8l!klbf8Q>yrvpHgg&
z2LUBP00JV3YI>N-*iDD(gqGGEu3uWix8s$(IdLzOjoEdX(W*(^_Y7$fWWiUl%=Xuj
zXYQYigT8x7cO&b?Lh?|gS^#gKGfb`K!f{ZlML@o-BLD%hj+ZEWPfa|m&SLTtovQi<
zi6TRGW@7Exdu+}jfx5En%sYY;0gWb!c0e3S!m$iIJc|GXM8fqQv-$9%-qn0##X2rx
z4chnrxz2vQh<)F!VJ5g=l`5Tt<8AtA$1K6~f(!^k00JTicE=?ev-wEJ@N(*nHT~6&
zTd3i<>{%RBE{$1C{QVL;d^^M9Fz_f40hKC?gkuiPl6W0k=L%E@B1skkB9e-*CmSE_
zJ?eEmOM9eq72n!shYsvX#06oKv-8-f9T(Z<)NB`|h9s;epd{h&_FBjk%JEpwVKqIs
z3;+RfqiTJ5)8WaTD|x?5AMKFLEG<*~H`8<2=$#kYtqiO;Gi4*#xk{bJyfmNDEVeh;
z$W~Z(FIYv0FJTCX`0B*29L?HutV~uu+aFocySiNw2^jc7N;Vs}>ms|Cg=dw3)xZbG
z@6sZ`59mW3?+Ka@BraM45D?K;jeQv#y7kDIh_afG9`{pOw?y2&WE~dzTyhqhu=^53
z#9>4&jEMJvdU>6uPXoS5!hu;;7Gm>MZx9eSuKBO_pHTmolDoNWMeo)ch4gy0AR;cj
zIr(P+y}WkN0>Du;9ru_EQ$|t}CIA7EaOGK=^_lyQH<UB&uT9E&Rkk#YSp4w;^+|g!
zvukNNV#$(w<%4%qsWo5IjH>_9z<8>A6%M6wHUS8Tvk8kR{xQG(`&_*M)xvs#YF`m$
ztHi9_&B|qy_grD8Xw^E50|@ZehQ@0jZL9nS8y24EfEW>lhZ2B*cwoi9z30DiK|acN
zAM;guNu~H1x%q6y-`CilYj{bvsm}P=hQ{kMZK1q`wttyHp96#%+XNDUj0r$MjA?k#
zF@3N~w*5xtq-x&sw`vEdy`@lezWvo#$8NLlPTbLLg(ZbN3!X=f<_-;rucj`lX*9NR
zMezI}18zkC0^(NHX<K1t>^&Y`PA&gG`i^dC+hTBSs9jf6*!%mhv$P!AZ5O660p8M3
ztM8I%Y@%(CXHXZ_zlA;E3<MlU00QDTmXeQY$)Qu>*VFU92ri|n?=8~rju;^GLG|f>
zU1i4|y%oG60V)0JL_>3px~G0-O64pX3_l~K>?5zzB_LG+NzhJ}E_6xcocg!|cHheU
zxQ4ItxvD<m9W3FSXnpnHZT91-B>oK$&ocb0O=|UVntQu~_QC&z`lzrSrDxp%qA0CY
zRYVl<JRuWbA37a%DJ|#2x&f-jWi$#=eiQLnQU;qzTl%{7Mp|;YmIUJ}ZAP_|`lr62
z&;9-83HKk$C~g7}5OLR!XmUrb68ZkS*?sczwNpt<>IbOk`+_1eS$SIa<*{3A^_hDt
zPyeMU5oOQ%tjOj0G?;ON`lbFPyPWI_7SjYPVyq{L5Kbfj0dXQ+ca55h$*Gjwc9+s~
z{#VUg(X6(=+MD;qi@}_|pT%a=7pnffBeA{VRjN$tjyg|Mrhcc7|NcmOiEI%APvijv
z%n^Wqn4^Ph77-vpDZBetR=iTC9az;{5%id^N+q<O@Gn#?K6;zo$rRbvzFcXQN)ij@
zCF+hkKw`m#Vhst#ZHr*T69|Zi00cxtmEkT~`SIT~Wq!Yv`HHVX)~kxQyl!=0m9L*l
z?s84Z%*$uXPu<lGvh&r5E;U>z6v`~7RNSIg#c3v2kXXoeFc}HP(B|nb%?lC(0VffF
zfH(;(qAg6||NcBt>&U(AI6sA~bvcc^R%LHRDVpJ>a>X}!lc*K)_3=Aw<AwW-&)jmD
z;roIp6q(eDxJ&j5*;8Z>l1ThP?tik_rdbY43lV{U2nj$yL|7@Fl%;Wr$Eu!7&FSZ(
zkTvsD%IXBFWR**)<bi=IxtFg>rtnuOWHeyUln!XX+@vp6@ulp)6elFS)xZa@WwKoQ
z%_1R4qu={<P68pLrQEVhbbN~J5pq9(9SA+?PDNRZA^-s?iVECBM<9IFfqEn|!M;k_
z6Eyv+T28(;&|fLn<mBi3QY*%b-1y@^fIfku`v^*Au9gpeq|0TpyzG2!erBFFm$WEd
z&ScrAQ*%%JeJAq*g}6_fL)|7Z;Io~s(=4YuqANHu1Og%^;8Fn*F$ZJ~1V8`;K)}TW
zM70*c#brlwAOHd&00MRpfPmNm4?#fy1VF%(2|z$Rx%N?Z5C8!Xu!8^u#141}3IZSi
z0-j6&0^-TFkFtXR2!Mbc1Rx-Gz(Y_F009v2WC9QnPp*BG9RxrC1neLH0kH!ff`R}D
zfPg0xfPi>%?W61<00JOj2LT9(9q<qo1V8`;JedFl#FJ|uWp@RE1npE;B!e_SKp+B8
z5rM!XSr7mL5Rf_n2#C~c5cvlI5C8#z2tYst0*_=t00cll>I5JlQm;Ye9|S-E1Oy@g
z0TBp1k_7<}00F5JfPhH729bXd009sXhyVmcAn-^Q1V8`;q)q?=BJ~<X{y_i)KtLb@
z5D<aDBUumt0T7Tn0SJiHYY_Pd0T2KIfe1iA1Oks_K>!3mK<We_AX2YE<R1h;00aag
z009vQJdy<g5C8$G6M%q7y#|qg5C8!X5QqQ-L?G};76d>51f)&?0wVPqME*el1VBI_
z0uT^^z#~}@009t?IspiX)N2s=2LTWO0f7iWKm-DhWI+G~KtSpQARtn&LF69<KmY^;
zB48pQ3EHUwWdzBB00@8p2uP5CiHb<D1jsT7fB*=9fFJ}QAc9~=q96bQARv7L5D@9t
zAxZ!OAOHe_5P*OPf*py100@A9^a(&fq+f?90SJHq2na#|0wM@@Bnko`00Pn{00EJH
z9ijvv00JN&2muI)AlQ*82!H?xNS^=%MEZ4z5`X{*fPf$bARvNZN1`AA0w5rL0uT`C
z*C9#(0w4eaf)Id!2!b7nf&d7Bfb<DKK%`%XC;<q700;;|00JTib|eY{AOHf=CjbGF
zejTC&AOHd&AP4~nh#=UJC<uT62uPm*1Vs9Eh!TJR2!Mbf1Rx-SU`L`L00JN&eF6{=
z>DM7j00JNY0)h~LfCz#ei3(33K|59WOdtm!AbkQ*5$V?<N&o^N00M##fPe^s9f^Vf
z2!Md}2|z%kUxz3G2!H?x2toh?A_#UQ3IZSi0@5b{0g-+kq68oS0w5p=0SJg7*pVm*
zfB*<cp8y0z`gMpBfB*=9fFJ}QAc9~=q96bQARv7L5D@9tAxZ!OAOHe_5P*OPf*py1
z00@A9^a(&fq+f?90SJHq2na#|0wM@@Bnko`00Pn{00EJH9ijvv00JN&2muI)AlQ*8
z2!H?xNS^=%MEZ4z5`X{*fPf$bARvNZN1`AA0w5rL0uT`C*C9#(0w4eaf)Id!2!b7n
zf&d7Bfb<DKK%`%XC;<q700;;|00JTib|eY{AOHfcB9Ne+>dd5|BF?0XxIq8}K){U&
zKtSBMa#1u8009tiCIJYDGwC935C8!XaAN`x5I3$|6b%GG00f*#00QDnx`-PDKmY{X
zm;eOCjVl*L0|5{K0cR3`fH;#b;syZ_00B2900D91%0<yY00cn5nFJsp&ZLXDK>!3m
zz>Nt&K-{=;Q8W+$0T6H|0SJgQ=^}0r009tiV*(HmH?CY14Fo^{1e{3#0^&@%h#Lez
z00i8a00hL1D;Grr0T2KIXA*#bIFl~o1_2NN0XHT90deEXMbSV21VF%<1Rx;Jq>H#g
z00cn5jR`<N+_-X4G!Os*5O5{|2#7Q3B5n`>0T6Iw0uT^4u3Qui1V8`;oJjxz;!L`T
z+j;^C+NstDLI@B50l^4BMFc~Sgh2oVKtS3AARyANKja<+KmY^;BLD#r3_TJC0T2KI
zX%m2eNW1=!dk_Et5D<(21Vk|ONEie_00g8>00JWI`a|wP00cllFai(|!O$aN5C8!X
zkTwAbh_veuxd#Cd00F@WKtKdTkAy)01VBLA1Rx;Nu0P}+1V8`;1S0?e5ez*N1_2NN
z0cjI}fJnRkkb4jS0T2+300cxZ^hg*4KmY`!O#lKS?fOIRK>!3mKrjLj5W&zRVGsZT
z5Rf(j2#B=n54i^c5C8$e2tYstLyv?(00cll+5{jV(yl+`9t1!D1Oy`h0TB#65(WVf
z00C(efPhH5{*ZeR00D^-nB6gcvqZCAINMN>!aQ&W0w4eaAYdT@2#AHC;0**o00cmw
zFaZciVIDXG0T2KI5U`K{1jIs6@CE`P00JOTm;eN%Fb|x800@8p2v|q}0%9R3cmn|t
z009svOaKB>m<P^400ck)1S})~0kIGiynz4+fB*;-CIA5`%mZg200JNY0u~a0fLI6$
z-ar5ZKmY^^6M%pe=7BR1009sH0SgJp7}IJ$=+<odSD!chhKK3eu}6p1?FPU7{{_3K
AApigX

literal 0
HcmV?d00001

diff --git a/hack/make/.validate b/hack/make/.validate
new file mode 100644
index 00000000..7397d0fa
--- /dev/null
+++ b/hack/make/.validate
@@ -0,0 +1,33 @@
+#!/bin/bash
+
+if [ -z "$VALIDATE_UPSTREAM" ]; then
+	# this is kind of an expensive check, so let's not do this twice if we
+	# are running more than one validate bundlescript
+
+	VALIDATE_REPO='https://github.com/docker/docker.git'
+	VALIDATE_BRANCH='master'
+
+	if [ "$TRAVIS" = 'true' -a "$TRAVIS_PULL_REQUEST" != 'false' ]; then
+		VALIDATE_REPO="https://github.com/${TRAVIS_REPO_SLUG}.git"
+		VALIDATE_BRANCH="${TRAVIS_BRANCH}"
+	fi
+
+	VALIDATE_HEAD="$(git rev-parse --verify HEAD)"
+
+	git fetch -q "$VALIDATE_REPO" "refs/heads/$VALIDATE_BRANCH"
+	VALIDATE_UPSTREAM="$(git rev-parse --verify FETCH_HEAD)"
+
+	VALIDATE_COMMIT_LOG="$VALIDATE_UPSTREAM..$VALIDATE_HEAD"
+	VALIDATE_COMMIT_DIFF="$VALIDATE_UPSTREAM...$VALIDATE_HEAD"
+
+	validate_diff() {
+		if [ "$VALIDATE_UPSTREAM" != "$VALIDATE_HEAD" ]; then
+			git diff "$VALIDATE_COMMIT_DIFF" "$@"
+		fi
+	}
+	validate_log() {
+		if [ "$VALIDATE_UPSTREAM" != "$VALIDATE_HEAD" ]; then
+			git log "$VALIDATE_COMMIT_LOG" "$@"
+		fi
+	}
+fi
diff --git a/hack/make/README.md b/hack/make/README.md
new file mode 100644
index 00000000..6574b0ef
--- /dev/null
+++ b/hack/make/README.md
@@ -0,0 +1,17 @@
+This directory holds scripts called by `make.sh` in the parent directory.
+
+Each script is named after the bundle it creates.
+They should not be called directly - instead, pass it as argument to make.sh, for example:
+
+```
+./hack/make.sh test
+./hack/make.sh binary ubuntu
+
+# Or to run all bundles:
+./hack/make.sh
+```
+
+To add a bundle:
+
+* Create a shell-compatible file here
+* Add it to $DEFAULT_BUNDLES in make.sh
diff --git a/hack/make/binary b/hack/make/binary
new file mode 100644
index 00000000..378af761
--- /dev/null
+++ b/hack/make/binary
@@ -0,0 +1,65 @@
+#!/bin/bash
+set -e
+
+BINARY_NAME="docker-$VERSION"
+BINARY_EXTENSION="$(binary_extension)"
+BINARY_FULLNAME="$BINARY_NAME$BINARY_EXTENSION"
+
+source "${MAKEDIR}/.go-autogen"
+
+(
+export GOGC=${DOCKER_BUILD_GOGC:-1000}
+
+if [ "$(go env GOOS)/$(go env GOARCH)" != "$(go env GOHOSTOS)/$(go env GOHOSTARCH)" ]; then
+	# must be cross-compiling!
+	case "$(go env GOOS)/$(go env GOARCH)" in
+		windows/amd64)
+			export CC=x86_64-w64-mingw32-gcc
+			export CGO_ENABLED=1
+			;;
+	esac
+fi
+
+if [ "$(go env GOOS)" == "linux" ] ; then
+	case "$(go env GOARCH)" in
+		arm*|386)
+			# linking for Linux on arm or x86 needs external linking to avoid
+			# https://github.com/golang/go/issues/9510 until we move to Go 1.6
+			if [ "$IAMSTATIC" == "true" ] ; then
+				export EXTLDFLAGS_STATIC="$EXTLDFLAGS_STATIC -zmuldefs"
+				export LDFLAGS_STATIC_DOCKER="$LDFLAGS_STATIC -extldflags \"$EXTLDFLAGS_STATIC\""
+
+			else
+				export LDFLAGS="$LDFLAGS -extldflags -zmuldefs"
+			fi
+			;;
+	esac
+fi
+
+if [ "$IAMSTATIC" == "true" ] && [ "$(go env GOHOSTOS)" == "linux" ]; then
+	if  [ "${GOOS}/${GOARCH}" == "darwin/amd64" ]; then
+		export CGO_ENABLED=1
+		export CC=o64-clang
+		export LDFLAGS='-linkmode external -s'
+		export LDFLAGS_STATIC_DOCKER='-extld='${CC}
+	else
+		export BUILDFLAGS=( "${BUILDFLAGS[@]/pkcs11 /}" ) # we cannot dlopen in pkcs11 in a static binary
+	fi
+fi
+
+echo "Building: $DEST/$BINARY_FULLNAME"
+go build \
+	-o "$DEST/$BINARY_FULLNAME" \
+	"${BUILDFLAGS[@]}" \
+	-ldflags "
+		$LDFLAGS
+		$LDFLAGS_STATIC_DOCKER
+	" \
+	./docker
+)
+
+echo "Created binary: $DEST/$BINARY_FULLNAME"
+ln -sf "$BINARY_FULLNAME" "$DEST/docker$BINARY_EXTENSION"
+
+copy_containerd "$DEST" "hash"
+hash_files "$DEST/$BINARY_FULLNAME"
diff --git a/hack/make/build-deb b/hack/make/build-deb
new file mode 100644
index 00000000..fb8f2be5
--- /dev/null
+++ b/hack/make/build-deb
@@ -0,0 +1,98 @@
+#!/bin/bash
+set -e
+
+# subshell so that we can export PATH and TZ without breaking other things
+(
+	export TZ=UTC # make sure our "date" variables are UTC-based
+	bundle .integration-daemon-start
+	bundle .detect-daemon-osarch
+
+	# TODO consider using frozen images for the dockercore/builder-deb tags
+
+	tilde='~' # ouch Bash 4.2 vs 4.3, you keel me
+	debVersion="${VERSION//-/$tilde}" # using \~ or '~' here works in 4.3, but not 4.2; just ~ causes $HOME to be inserted, hence the $tilde
+	# if we have a "-dev" suffix or have change in Git, let's make this package version more complex so it works better
+	if [[ "$VERSION" == *-dev ]] || [ -n "$(git status --porcelain)" ]; then
+		gitUnix="$(git log -1 --pretty='%at')"
+		gitDate="$(date --date "@$gitUnix" +'%Y%m%d.%H%M%S')"
+		gitCommit="$(git log -1 --pretty='%h')"
+		gitVersion="git${gitDate}.0.${gitCommit}"
+		# gitVersion is now something like 'git20150128.112847.0.17e840a'
+		debVersion="$debVersion~$gitVersion"
+
+		# $ dpkg --compare-versions 1.5.0 gt 1.5.0~rc1 && echo true || echo false
+		# true
+		# $ dpkg --compare-versions 1.5.0~rc1 gt 1.5.0~git20150128.112847.17e840a && echo true || echo false
+		# true
+		# $ dpkg --compare-versions 1.5.0~git20150128.112847.17e840a gt 1.5.0~dev~git20150128.112847.17e840a && echo true || echo false
+		# true
+
+		# ie, 1.5.0 > 1.5.0~rc1 > 1.5.0~git20150128.112847.17e840a > 1.5.0~dev~git20150128.112847.17e840a
+	fi
+
+	debSource="$(awk -F ': ' '$1 == "Source" { print $2; exit }' hack/make/.build-deb/control)"
+	debMaintainer="$(awk -F ': ' '$1 == "Maintainer" { print $2; exit }' hack/make/.build-deb/control)"
+	debDate="$(date --rfc-2822)"
+
+	# if go-md2man is available, pre-generate the man pages
+	./man/md2man-all.sh -q || true
+	# TODO decide if it's worth getting go-md2man in _each_ builder environment to avoid this
+
+	builderDir="contrib/builder/deb/${PACKAGE_ARCH}"
+	pkgs=( $(find "${builderDir}/"*/ -type d) )
+	if [ ! -z "$DOCKER_BUILD_PKGS" ]; then
+		pkgs=( $(echo ${DOCKER_BUILD_PKGS[@]/#/$builderDir\/}) )
+	fi
+	for dir in "${pkgs[@]}"; do
+		[ -d "$dir" ] || { echo >&2 "skipping nonexistent $dir"; continue; }
+		version="$(basename "$dir")"
+		suite="${version##*-}"
+
+		image="dockercore/builder-deb:$version"
+		if ! docker inspect "$image" &> /dev/null; then
+			( set -x && docker build ${DOCKER_BUILD_ARGS} -t "$image" "$dir" )
+		fi
+
+		mkdir -p "$DEST/$version"
+		cat > "$DEST/$version/Dockerfile.build" <<-EOF
+			FROM $image
+			WORKDIR /usr/src/docker
+			COPY . /usr/src/docker
+			RUN mkdir -p /go/src/github.com/docker && mkdir -p /go/src/github.com/opencontainers \
+				&& ln -snf /usr/src/docker /go/src/github.com/docker/docker
+		EOF
+
+		# get the RUNC and CONTAINERD commit from the root Dockerfile, this keeps the commits in sync
+		awk '$1 == "ENV" && $2 == "RUNC_COMMIT" { print; exit }' Dockerfile >> "$DEST/$version/Dockerfile.build"
+		awk '$1 == "ENV" && $2 == "CONTAINERD_COMMIT" { print; exit }' Dockerfile >> "$DEST/$version/Dockerfile.build"
+
+		# add runc and containerd compile and install
+		cat >> "$DEST/$version/Dockerfile.build" <<-EOF
+			# Install runc
+			RUN git clone git://github.com/opencontainers/runc.git "/go/src/github.com/opencontainers/runc" \
+					&& cd "/go/src/github.com/opencontainers/runc" \
+					&& git checkout -q "\$RUNC_COMMIT"
+			RUN set -x && export GOPATH="/go" && cd "/go/src/github.com/opencontainers/runc" \
+					&& make BUILDTAGS="\$RUNC_BUILDTAGS" && make install
+			# Install containerd
+			RUN git clone git://github.com/docker/containerd.git "/go/src/github.com/docker/containerd" \
+					&& cd "/go/src/github.com/docker/containerd" \
+					&& git checkout -q "\$CONTAINERD_COMMIT"
+			RUN set -x && export GOPATH="/go" && cd "/go/src/github.com/docker/containerd" && make && make install
+		EOF
+		if [ "$DOCKER_EXPERIMENTAL" ]; then
+			echo 'ENV DOCKER_EXPERIMENTAL 1' >> "$DEST/$version/Dockerfile.build"
+		fi
+		cat >> "$DEST/$version/Dockerfile.build" <<-EOF
+			RUN cp -aL hack/make/.build-deb debian
+			RUN { echo '$debSource (${debVersion}-0~${suite}) $suite; urgency=low'; echo; echo '  * Version: $VERSION'; echo; echo " -- $debMaintainer  $debDate"; } > debian/changelog && cat >&2 debian/changelog
+			RUN dpkg-buildpackage -uc -us
+		EOF
+		tempImage="docker-temp/build-deb:$version"
+		( set -x && docker build -t "$tempImage" -f "$DEST/$version/Dockerfile.build" . )
+		docker run --rm "$tempImage" bash -c 'cd .. && tar -c *_*' | tar -xvC "$DEST/$version"
+		docker rmi "$tempImage"
+	done
+
+	bundle .integration-daemon-stop
+) 2>&1 | tee -a "$DEST/test.log"
diff --git a/hack/make/build-rpm b/hack/make/build-rpm
new file mode 100644
index 00000000..f0e496bb
--- /dev/null
+++ b/hack/make/build-rpm
@@ -0,0 +1,153 @@
+#!/bin/bash
+set -e
+
+# subshell so that we can export PATH and TZ without breaking other things
+(
+	export TZ=UTC # make sure our "date" variables are UTC-based
+
+	source "$(dirname "$BASH_SOURCE")/.integration-daemon-start"
+	source "$(dirname "$BASH_SOURCE")/.detect-daemon-osarch"
+
+	# TODO consider using frozen images for the dockercore/builder-rpm tags
+
+	rpmName=docker-engine
+	rpmVersion="$VERSION"
+	rpmRelease=1
+
+	# rpmRelease versioning is as follows
+	# Docker 1.7.0:  version=1.7.0, release=1
+	# Docker 1.7.0-rc1: version=1.7.0, release=0.1.rc1
+	# Docker 1.7.0-cs1: version=1.7.0.cs1, release=1
+	# Docker 1.7.0-cs1-rc1: version=1.7.0.cs1, release=0.1.rc1
+	# Docker 1.7.0-dev nightly: version=1.7.0, release=0.0.YYYYMMDD.HHMMSS.gitHASH
+
+	# if we have a "-rc*" suffix, set appropriate release
+	if [[ "$rpmVersion" =~ .*-rc[0-9]+$ ]] ; then
+		rcVersion=${rpmVersion#*-rc}
+		rpmVersion=${rpmVersion%-rc*}
+		rpmRelease="0.${rcVersion}.rc${rcVersion}"
+	fi
+
+	DOCKER_GITCOMMIT=$(git rev-parse --short HEAD)
+	if [ -n "$(git status --porcelain --untracked-files=no)" ]; then
+		DOCKER_GITCOMMIT="$DOCKER_GITCOMMIT-unsupported"
+	fi
+
+	# if we have a "-dev" suffix or have change in Git, let's make this package version more complex so it works better
+	if [[ "$rpmVersion" == *-dev ]] || [ -n "$(git status --porcelain)" ]; then
+		gitUnix="$(git log -1 --pretty='%at')"
+		gitDate="$(date --date "@$gitUnix" +'%Y%m%d.%H%M%S')"
+		gitCommit="$(git log -1 --pretty='%h')"
+		gitVersion="${gitDate}.git${gitCommit}"
+		# gitVersion is now something like '20150128.112847.17e840a'
+		rpmVersion="${rpmVersion%-dev}"
+		rpmRelease="0.0.$gitVersion"
+	fi
+
+	# Replace any other dashes with periods
+	rpmVersion="${rpmVersion/-/.}"
+
+	rpmPackager="$(awk -F ': ' '$1 == "Packager" { print $2; exit }' hack/make/.build-rpm/${rpmName}.spec)"
+	rpmDate="$(date +'%a %b %d %Y')"
+
+	# if go-md2man is available, pre-generate the man pages
+	./man/md2man-all.sh -q || true
+	# TODO decide if it's worth getting go-md2man in _each_ builder environment to avoid this
+
+	# Convert the CHANGELOG.md file into RPM changelog format
+	VERSION_REGEX="^\W\W (.*) \((.*)\)$"
+	ENTRY_REGEX="^[-+*] (.*)$"
+	while read -r line || [[ -n "$line" ]]; do
+		if [ -z "$line" ]; then continue; fi
+		if [[ "$line" =~ $VERSION_REGEX ]]; then
+			echo >> contrib/builder/rpm/${PACKAGE_ARCH}/changelog
+			echo "* `date -d ${BASH_REMATCH[2]} '+%a %b %d %Y'` ${rpmPackager} - ${BASH_REMATCH[1]}" >> contrib/builder/rpm/${PACKAGE_ARCH}/changelog
+		fi
+		if [[ "$line" =~ $ENTRY_REGEX ]]; then
+			echo "- ${BASH_REMATCH[1]//\`}" >> contrib/builder/rpm/${PACKAGE_ARCH}/changelog
+		fi
+	done < CHANGELOG.md
+
+	builderDir="contrib/builder/rpm/${PACKAGE_ARCH}"
+	pkgs=( $(find "${builderDir}/"*/ -type d) )
+	if [ ! -z "$DOCKER_BUILD_PKGS" ]; then
+		pkgs=( $(echo ${DOCKER_BUILD_PKGS[@]/#/$builderDir\/}) )
+	fi
+	for dir in "${pkgs[@]}"; do
+		[ -d "$dir" ] || { echo >&2 "skipping nonexistent $dir"; continue; }
+		version="$(basename "$dir")"
+		suite="${version##*-}"
+
+		image="dockercore/builder-rpm:$version"
+		if ! docker inspect "$image" &> /dev/null; then
+			( set -x && docker build ${DOCKER_BUILD_ARGS} -t "$image" "$dir" )
+		fi
+
+		mkdir -p "$DEST/$version"
+		cat > "$DEST/$version/Dockerfile.build" <<-EOF
+			FROM $image
+			COPY . /usr/src/${rpmName}
+			RUN mkdir -p /go/src/github.com/docker && mkdir -p /go/src/github.com/opencontainers
+		EOF
+
+		# get the RUNC and CONTAINERD commit from the root Dockerfile, this keeps the commits in sync
+		awk '$1 == "ENV" && $2 == "RUNC_COMMIT" { print; exit }' Dockerfile >> "$DEST/$version/Dockerfile.build"
+		awk '$1 == "ENV" && $2 == "CONTAINERD_COMMIT" { print; exit }' Dockerfile >> "$DEST/$version/Dockerfile.build"
+
+		# add runc and containerd compile and install
+		cat >> "$DEST/$version/Dockerfile.build" <<-EOF
+			# Install runc
+			RUN git clone git://github.com/opencontainers/runc.git "/go/src/github.com/opencontainers/runc" \
+					&& cd "/go/src/github.com/opencontainers/runc" \
+					&& git checkout -q "\$RUNC_COMMIT"
+			RUN set -x && export GOPATH="/go" && cd "/go/src/github.com/opencontainers/runc" \
+					&& make BUILDTAGS="\$RUNC_BUILDTAGS" && make install
+			# Install containerd
+			RUN git clone git://github.com/docker/containerd.git "/go/src/github.com/docker/containerd" \
+					&& cd "/go/src/github.com/docker/containerd" \
+					&& git checkout -q "\$CONTAINERD_COMMIT"
+			RUN set -x && export GOPATH="/go" && cd "/go/src/github.com/docker/containerd" && make && make install
+		EOF
+		if [ "$DOCKER_EXPERIMENTAL" ]; then
+			echo 'ENV DOCKER_EXPERIMENTAL 1' >> "$DEST/$version/Dockerfile.build"
+		fi
+		cat >> "$DEST/$version/Dockerfile.build" <<-EOF
+			RUN mkdir -p /root/rpmbuild/SOURCES \
+				&& echo '%_topdir /root/rpmbuild' > /root/.rpmmacros
+			WORKDIR /root/rpmbuild
+			RUN ln -sfv /usr/src/${rpmName}/hack/make/.build-rpm SPECS
+			WORKDIR /root/rpmbuild/SPECS
+			RUN tar -r -C /usr/src -f /root/rpmbuild/SOURCES/${rpmName}.tar ${rpmName}
+			RUN tar -r -C /go/src/github.com/docker -f /root/rpmbuild/SOURCES/${rpmName}.tar containerd
+			RUN tar -r -C /go/src/github.com/opencontainers -f /root/rpmbuild/SOURCES/${rpmName}.tar runc
+			RUN gzip /root/rpmbuild/SOURCES/${rpmName}.tar
+			RUN { cat /usr/src/${rpmName}/contrib/builder/rpm/${PACKAGE_ARCH}/changelog; } >> ${rpmName}.spec && tail >&2 ${rpmName}.spec
+			RUN rpmbuild -ba \
+				--define '_gitcommit $DOCKER_GITCOMMIT' \
+				--define '_release $rpmRelease' \
+				--define '_version $rpmVersion' \
+				--define '_origversion $VERSION' \
+				--define '_experimental ${DOCKER_EXPERIMENTAL:-0}' \
+				${rpmName}.spec
+		EOF
+		# selinux policy referencing systemd things won't work on non-systemd versions
+		# of centos or rhel, which we don't support anyways
+		if [ "${suite%.*}" -gt 6 ] && [[ "$version" != opensuse* ]]; then
+			cat >> "$DEST/$version/Dockerfile.build" <<-EOF
+				RUN tar -cz -C /usr/src/${rpmName}/contrib -f /root/rpmbuild/SOURCES/${rpmName}-selinux.tar.gz ${rpmName}-selinux
+				RUN rpmbuild -ba \
+						--define '_gitcommit $DOCKER_GITCOMMIT' \
+						--define '_release $rpmRelease' \
+						--define '_version $rpmVersion' \
+						--define '_origversion $VERSION' \
+						${rpmName}-selinux.spec
+			EOF
+		fi
+		tempImage="docker-temp/build-rpm:$version"
+		( set -x && docker build -t "$tempImage" -f $DEST/$version/Dockerfile.build . )
+		docker run --rm "$tempImage" bash -c 'cd /root/rpmbuild && tar -c *RPMS' | tar -xvC "$DEST/$version"
+		docker rmi "$tempImage"
+	done
+
+	source "$(dirname "$BASH_SOURCE")/.integration-daemon-stop"
+) 2>&1 | tee -a $DEST/test.log
diff --git a/hack/make/clean-apt-repo b/hack/make/clean-apt-repo
new file mode 100755
index 00000000..1c37d98e
--- /dev/null
+++ b/hack/make/clean-apt-repo
@@ -0,0 +1,43 @@
+#!/bin/bash
+set -e
+
+# This script cleans the experimental pool for the apt repo.
+# This is useful when there are a lot of old experimental debs and you only want to keep the most recent.
+#
+
+: ${DOCKER_RELEASE_DIR:=$DEST}
+APTDIR=$DOCKER_RELEASE_DIR/apt/repo/pool/experimental
+: ${DOCKER_ARCHIVE_DIR:=$DEST/archive}
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+
+latest_versions=$(dpkg-scanpackages "$APTDIR" /dev/null 2>/dev/null | awk -F ': ' '$1 == "Filename" { print $2 }')
+
+# get the latest version
+latest_docker_engine_file=$(echo "$latest_versions" | grep docker-engine)
+latest_docker_engine_version=$(basename ${latest_docker_engine_file%~*})
+
+echo "latest docker-engine version: $latest_docker_engine_version"
+
+# remove all the files that are not that version in experimental
+pool_dir=$(dirname "$latest_docker_engine_file")
+old_pkgs=( $(ls "$pool_dir" | grep -v "^${latest_docker_engine_version}" | grep "${latest_docker_engine_version%%~git*}") )
+
+echo "${old_pkgs[@]}"
+
+mkdir -p "$DOCKER_ARCHIVE_DIR"
+for old_pkg in "${old_pkgs[@]}"; do
+	echo "moving ${pool_dir}/${old_pkg} to $DOCKER_ARCHIVE_DIR"
+	mv "${pool_dir}/${old_pkg}" "$DOCKER_ARCHIVE_DIR"
+done
+
+echo
+echo "$pool_dir now has contents:"
+ls "$pool_dir"
+
+# now regenerate release files for experimental
+export COMPONENT=experimental
+source "${DIR}/update-apt-repo"
+
+echo "You will now want to: "
+echo "   - re-sign the repo with hack/make/sign-repo"
+echo "   - re-generate index files with hack/make/generate-index-listing"
diff --git a/hack/make/clean-yum-repo b/hack/make/clean-yum-repo
new file mode 100755
index 00000000..1cafbbd9
--- /dev/null
+++ b/hack/make/clean-yum-repo
@@ -0,0 +1,20 @@
+#!/bin/bash
+set -e
+
+# This script cleans the experimental pool for the yum repo.
+# This is useful when there are a lot of old experimental rpms and you only want to keep the most recent.
+#
+
+: ${DOCKER_RELEASE_DIR:=$DEST}
+YUMDIR=$DOCKER_RELEASE_DIR/yum/repo/experimental
+
+suites=( $(find "$YUMDIR" -mindepth 1 -maxdepth 1 -type d) )
+
+for suite in "${suites[@]}"; do
+	echo "cleanup in: $suite"
+	( set -x; repomanage -k2 --old "$suite" | xargs rm -f )
+done
+
+echo "You will now want to: "
+echo "   - re-sign the repo with hack/make/sign-repo"
+echo "   - re-generate index files with hack/make/generate-index-listing"
diff --git a/hack/make/cover b/hack/make/cover
new file mode 100644
index 00000000..624943b8
--- /dev/null
+++ b/hack/make/cover
@@ -0,0 +1,20 @@
+#!/bin/bash
+set -e
+
+bundle_cover() {
+	coverprofiles=( "$DEST/../"*"/coverprofiles/"* )
+	for p in "${coverprofiles[@]}"; do
+		echo
+		(
+			set -x
+			go tool cover -func="$p"
+		)
+	done
+}
+
+if [ "$HAVE_GO_TEST_COVER" ]; then
+	bundle_cover 2>&1 | tee "$DEST/report.log"
+else
+	echo >&2 'warning: the current version of go does not support -cover'
+	echo >&2 '  skipping test coverage report'
+fi
diff --git a/hack/make/cross b/hack/make/cross
new file mode 100644
index 00000000..ea8eee6c
--- /dev/null
+++ b/hack/make/cross
@@ -0,0 +1,34 @@
+#!/bin/bash
+set -e
+
+# explicit list of os/arch combos that support being a daemon
+declare -A daemonSupporting
+daemonSupporting=(
+	[linux/amd64]=1
+	[windows/amd64]=1
+)
+
+# if we have our linux/amd64 version compiled, let's symlink it in
+if [ -x "$DEST/../binary/docker-$VERSION" ]; then
+	mkdir -p "$DEST/linux/amd64"
+	(
+		cd "$DEST/linux/amd64"
+		ln -s ../../../binary/* ./
+	)
+	echo "Created symlinks:" "$DEST/linux/amd64/"*
+fi
+
+for platform in $DOCKER_CROSSPLATFORMS; do
+	(
+		export DEST="$DEST/$platform" # bundles/VERSION/cross/GOOS/GOARCH/docker-VERSION
+		mkdir -p "$DEST"
+		ABS_DEST="$(cd "$DEST" && pwd -P)"
+		export GOOS=${platform%/*}
+		export GOARCH=${platform##*/}
+		if [ -z "${daemonSupporting[$platform]}" ]; then
+			export LDFLAGS_STATIC_DOCKER="" # we just need a simple client for these platforms
+			export BUILDFLAGS=( "${ORIG_BUILDFLAGS[@]/ daemon/}" ) # remove the "daemon" build tag from platforms that aren't supported
+		fi
+		source "${MAKEDIR}/binary"
+	)
+done
diff --git a/hack/make/dynbinary b/hack/make/dynbinary
new file mode 100644
index 00000000..1d1a8e3d
--- /dev/null
+++ b/hack/make/dynbinary
@@ -0,0 +1,10 @@
+#!/bin/bash
+set -e
+
+(
+	export IAMSTATIC="false"
+	export LDFLAGS_STATIC_DOCKER=''
+	export BUILDFLAGS=( "${BUILDFLAGS[@]/netgo /}" ) # disable netgo, since we don't need it for a dynamic binary
+	export BUILDFLAGS=( "${BUILDFLAGS[@]/static_build /}" ) # we're not building a "static" binary here
+	source "${MAKEDIR}/binary"
+)
diff --git a/hack/make/dyngccgo b/hack/make/dyngccgo
new file mode 100644
index 00000000..a9019e8c
--- /dev/null
+++ b/hack/make/dyngccgo
@@ -0,0 +1,11 @@
+#!/bin/bash
+set -e
+
+(
+	export IAMSTATIC="false"
+	export EXTLDFLAGS_STATIC=''
+	export LDFLAGS_STATIC_DOCKER=''
+	export BUILDFLAGS=( "${BUILDFLAGS[@]/netgo /}" ) # disable netgo, since we don't need it for a dynamic binary
+	export BUILDFLAGS=( "${BUILDFLAGS[@]/static_build /}" ) # we're not building a "static" binary here
+	source "${MAKEDIR}/gccgo"
+)
diff --git a/hack/make/gccgo b/hack/make/gccgo
new file mode 100644
index 00000000..9da203ff
--- /dev/null
+++ b/hack/make/gccgo
@@ -0,0 +1,30 @@
+#!/bin/bash
+set -e
+
+BINARY_NAME="docker-$VERSION"
+BINARY_EXTENSION="$(binary_extension)"
+BINARY_FULLNAME="$BINARY_NAME$BINARY_EXTENSION"
+
+source "${MAKEDIR}/.go-autogen"
+
+if [[ "${BUILDFLAGS[@]}" =~ 'netgo ' ]]; then
+	EXTLDFLAGS_STATIC+=' -lnetgo'
+fi
+# gccgo require explicit flag -pthread to allow goroutines to work.
+go build -compiler=gccgo \
+	-o "$DEST/$BINARY_FULLNAME" \
+	"${BUILDFLAGS[@]}" \
+	-gccgoflags "
+		-g
+		$EXTLDFLAGS_STATIC
+		-Wl,--no-export-dynamic
+		-ldl
+		-pthread
+	" \
+	./docker
+
+echo "Created binary: $DEST/$BINARY_FULLNAME"
+ln -sf "$BINARY_FULLNAME" "$DEST/docker$BINARY_EXTENSION"
+
+copy_containerd "$DEST" "hash"
+hash_files "$DEST/$BINARY_FULLNAME"
diff --git a/hack/make/generate-index-listing b/hack/make/generate-index-listing
new file mode 100755
index 00000000..1167ed12
--- /dev/null
+++ b/hack/make/generate-index-listing
@@ -0,0 +1,74 @@
+#!/bin/bash
+set -e
+
+# This script generates index files for the directory structure
+# of the apt and yum repos
+
+: ${DOCKER_RELEASE_DIR:=$DEST}
+APTDIR=$DOCKER_RELEASE_DIR/apt
+YUMDIR=$DOCKER_RELEASE_DIR/yum
+
+if [ ! -d $APTDIR ] && [ ! -d $YUMDIR ]; then
+	echo >&2 'release-rpm or release-deb must be run before generate-index-listing'
+	exit 1
+fi
+
+create_index() {
+	local directory=$1
+	local original=$2
+	local cleaned=${directory#$original}
+
+	# the index file to create
+	local index_file="${directory}/index"
+
+	# cd into dir & touch the index file
+	cd $directory
+	touch $index_file
+
+	# print the html header
+	cat <<-EOF > "$index_file"
+	<!DOCTYPE html>
+	<html>
+	<head><title>Index of ${cleaned}/</title></head>
+	<body bgcolor="white">
+	<h1>Index of ${cleaned}/</h1><hr>
+	<pre><a href="../">../</a>
+	EOF
+
+	# start of content output
+	(
+	# change IFS locally within subshell so the for loop saves line correctly to L var
+	IFS=$'\n';
+
+	# pretty sweet, will mimick the normal apache output
+	for L in $(find -L . -mount -depth -maxdepth 1 -type f ! -name 'index' -printf "<a href=\"%f\">%f|@_@%Td-%Tb-%TY %Tk:%TM  @%f@\n"|sort|column -t -s '|' | sed 's,\([\ ]\+\)@_@,</a>\1,g');
+	do
+		# file
+		F=$(sed -e 's,^.*@\([^@]\+\)@.*$,\1,g'<<<"$L");
+
+		# file with file size
+		F=$(du -bh $F | cut -f1);
+
+		# output with correct format
+		sed -e 's,\ @.*$, '"$F"',g'<<<"$L";
+	done;
+	) >> $index_file;
+
+	# now output a list of all directories in this dir (maxdepth 1) other than '.' outputting in a sorted manner exactly like apache
+	find -L . -mount -depth -maxdepth 1 -type d ! -name '.' -printf "<a href=\"%f\">%-43f@_@%Td-%Tb-%TY %Tk:%TM  -\n"|sort -d|sed 's,\([\ ]\+\)@_@,/</a>\1,g' >> $index_file
+
+	# print the footer html
+	echo "</pre><hr></body></html>" >> $index_file
+
+}
+
+get_dirs() {
+	local directory=$1
+
+	for d in `find ${directory} -type d`; do
+		create_index $d $directory
+	done
+}
+
+get_dirs $APTDIR
+get_dirs $YUMDIR
diff --git a/hack/make/install-script b/hack/make/install-script
new file mode 100644
index 00000000..feadac2f
--- /dev/null
+++ b/hack/make/install-script
@@ -0,0 +1,63 @@
+#!/bin/bash
+set -e
+
+# This script modifies the install.sh script for domains and keys other than
+# those used by the primary opensource releases.
+#
+# You can provide `url`, `yum_url`, `apt_url` and optionally `gpg_fingerprint`
+# or `GPG_KEYID` as environment variables, or the defaults for open source are used.
+#
+# The lower-case variables are substituted into install.sh.
+#
+# gpg_fingerprint and GPG_KEYID are optional, defaulting to the opensource release
+# key ("releasedocker"). Other GPG_KEYIDs will require you to mount a volume with
+# the correct contents to /root/.gnupg.
+#
+# It outputs the modified `install.sh` file to $DOCKER_RELEASE_DIR (default: $DEST)
+#
+# Example usage:
+#
+# docker run \
+# --rm \
+# --privileged \
+# -e "GPG_KEYID=deadbeef" \
+# -e "GNUPGHOME=/root/.gnupg" \
+# -v $HOME/.gnupg:/root/.gnupg \
+# -v $(pwd):/go/src/github.com/docker/docker/bundles \
+# "$IMAGE_DOCKER" \
+# hack/make.sh install-script
+
+: ${DOCKER_RELEASE_DIR:=$DEST}
+: ${GPG_KEYID:=releasedocker}
+
+DEFAULT_URL="https://get.docker.com/"
+DEFAULT_APT_URL="https://apt.dockerproject.org"
+DEFAULT_YUM_URL="https://yum.dockerproject.org"
+DEFAULT_GPG_FINGERPRINT="58118E89F3A912897C070ADBF76221572C52609D"
+
+: ${url:=$DEFAULT_URL}
+: ${apt_url:=$DEFAULT_APT_URL}
+: ${yum_url:=$DEFAULT_YUM_URL}
+if [[ "$GPG_KEYID" == "releasedocker" ]] ; then
+	: ${gpg_fingerprint:=$DEFAULT_GPG_FINGERPRINT}
+fi
+
+DEST_FILE="$DOCKER_RELEASE_DIR/install.sh"
+
+bundle_install_script() {
+	mkdir -p "$DOCKER_RELEASE_DIR"
+
+	if [[ -z "$gpg_fingerprint" ]] ; then
+		# NOTE: if no key matching key is in /root/.gnupg, this will fail
+		gpg_fingerprint=$(gpg --with-fingerprint -k "$GPG_KEYID" | grep "Key fingerprint" | awk -F "=" '{print $2};' | tr -d ' ')
+	fi
+
+	cp hack/install.sh "$DEST_FILE"
+	sed -i.bak 's#^url=".*"$#url="'"$url"'"#' "$DEST_FILE"
+	sed -i.bak 's#^apt_url=".*"$#apt_url="'"$apt_url"'"#' "$DEST_FILE"
+	sed -i.bak 's#^yum_url=".*"$#yum_url="'"$yum_url"'"#' "$DEST_FILE"
+	sed -i.bak 's#^gpg_fingerprint=".*"$#gpg_fingerprint="'"$gpg_fingerprint"'"#' "$DEST_FILE"
+	rm "${DEST_FILE}.bak"
+}
+
+bundle_install_script
diff --git a/hack/make/release-deb b/hack/make/release-deb
new file mode 100755
index 00000000..946e5de8
--- /dev/null
+++ b/hack/make/release-deb
@@ -0,0 +1,150 @@
+#!/bin/bash
+set -e
+
+# This script creates the apt repos for the .deb files generated by hack/make/build-deb
+#
+# The following can then be used as apt sources:
+# 	deb http://apt.dockerproject.org/repo $distro-$release $version
+#
+# For example:
+#	deb http://apt.dockerproject.org/repo ubuntu-trusty main
+#	deb http://apt.dockerproject.org/repo ubuntu-trusty testing
+#	deb http://apt.dockerproject.org/repo debian-wheezy experimental
+#	deb http://apt.dockerproject.org/repo debian-jessie main
+#
+# ... and so on and so forth for the builds created by hack/make/build-deb
+
+source "$(dirname "$BASH_SOURCE")/.integration-daemon-start"
+source "$(dirname "$BASH_SOURCE")/.detect-daemon-osarch"
+
+: ${DOCKER_RELEASE_DIR:=$DEST}
+: ${GPG_KEYID:=releasedocker}
+APTDIR=$DOCKER_RELEASE_DIR/apt/repo
+
+# setup the apt repo (if it does not exist)
+mkdir -p "$APTDIR/conf" "$APTDIR/db"
+
+# supported arches/sections
+arches=( amd64 i386 )
+
+# Preserve existing components but don't add any non-existing ones
+for component in main testing experimental ; do
+	if ls "$APTDIR/dists/*/$component" >/dev/null 2>&1 ; then
+		components+=( $component )
+	fi
+done
+
+# set the component for the version being released
+component="main"
+
+if [[ "$VERSION" == *-rc* ]]; then
+	component="testing"
+fi
+
+if [ "$DOCKER_EXPERIMENTAL" ] || [[ "$VERSION" == *-dev ]] || [ -n "$(git status --porcelain)" ]; then
+	component="experimental"
+fi
+
+# Make sure our component is in the list of components
+if [[ ! "${components[*]}" =~ $component ]] ; then
+	components+=( $component )
+fi
+
+# create apt-ftparchive file on every run. This is essential to avoid
+# using stale versions of the config file that could cause unnecessary
+# refreshing of bits for EOL-ed releases.
+cat <<-EOF > "$APTDIR/conf/apt-ftparchive.conf"
+Dir {
+	ArchiveDir "${APTDIR}";
+	CacheDir "${APTDIR}/db";
+};
+
+Default {
+	Packages::Compress ". gzip bzip2";
+	Sources::Compress ". gzip bzip2";
+	Contents::Compress ". gzip bzip2";
+};
+
+TreeDefault {
+	BinCacheDB "packages-\$(SECTION)-\$(ARCH).db";
+	Directory "pool/\$(SECTION)";
+	Packages "\$(DIST)/\$(SECTION)/binary-\$(ARCH)/Packages";
+	SrcDirectory "pool/\$(SECTION)";
+	Sources "\$(DIST)/\$(SECTION)/source/Sources";
+	Contents "\$(DIST)/\$(SECTION)/Contents-\$(ARCH)";
+	FileList "$APTDIR/\$(DIST)/\$(SECTION)/filelist";
+};
+EOF
+
+for dir in contrib/builder/deb/${PACKAGE_ARCH}/*/; do
+	version="$(basename "$dir")"
+	suite="${version//debootstrap-}"
+
+	cat <<-EOF
+	Tree "dists/${suite}" {
+		Sections "${components[*]}";
+		Architectures "${arches[*]}";
+	}
+
+	EOF
+done >> "$APTDIR/conf/apt-ftparchive.conf"
+
+if [ ! -f "$APTDIR/conf/docker-engine-release.conf" ]; then
+	cat <<-EOF > "$APTDIR/conf/docker-engine-release.conf"
+	APT::FTPArchive::Release::Origin "Docker";
+	APT::FTPArchive::Release::Components "${components[*]}";
+	APT::FTPArchive::Release::Label "Docker APT Repository";
+	APT::FTPArchive::Release::Architectures "${arches[*]}";
+	EOF
+fi
+
+# release the debs
+for dir in contrib/builder/deb/${PACKAGE_ARCH}/*/; do
+	version="$(basename "$dir")"
+	codename="${version//debootstrap-}"
+
+	DEBFILE=( "bundles/$VERSION/build-deb/$version/docker-engine"*.deb )
+
+	# if we have a $GPG_PASSPHRASE we may as well
+	# dpkg-sign before copying the deb into the pool
+	if [ ! -z "$GPG_PASSPHRASE" ]; then
+		dpkg-sig -g "--no-tty --passphrase '$GPG_PASSPHRASE'" \
+			-k "$GPG_KEYID" --sign builder "${DEBFILE[@]}"
+	fi
+
+	# add the deb for each component for the distro version into the pool
+	mkdir -p "$APTDIR/pool/$component/d/docker-engine/"
+	cp "${DEBFILE[@]}" "$APTDIR/pool/$component/d/docker-engine/"
+
+	# update the filelist for this codename/component
+	mkdir -p "$APTDIR/dists/$codename/$component"
+	find "$APTDIR/pool/$component" \
+		-name *~${codename#*-}*.deb > "$APTDIR/dists/$codename/$component/filelist"
+done
+
+# run the apt-ftparchive commands so we can have pinning
+apt-ftparchive generate "$APTDIR/conf/apt-ftparchive.conf"
+
+for dir in contrib/builder/deb/${PACKAGE_ARCH}/*/; do
+	version="$(basename "$dir")"
+	codename="${version//debootstrap-}"
+
+	apt-ftparchive \
+		-o "APT::FTPArchive::Release::Codename=$codename" \
+		-o "APT::FTPArchive::Release::Suite=$codename" \
+		-c "$APTDIR/conf/docker-engine-release.conf" \
+		release \
+		"$APTDIR/dists/$codename" > "$APTDIR/dists/$codename/Release"
+
+	for arch in "${arches[@]}"; do
+		mkdir -p "$APTDIR/dists/$codename/$component/binary-$arch"
+		apt-ftparchive \
+			-o "APT::FTPArchive::Release::Codename=$codename" \
+			-o "APT::FTPArchive::Release::Suite=$codename" \
+			-o "APT::FTPArchive::Release::Component=$component" \
+			-o "APT::FTPArchive::Release::Architecture=$arch" \
+			-c "$APTDIR/conf/docker-engine-release.conf" \
+			release \
+			"$APTDIR/dists/$codename/$component/binary-$arch" > "$APTDIR/dists/$codename/$component/binary-$arch/Release"
+	done
+done
diff --git a/hack/make/release-rpm b/hack/make/release-rpm
new file mode 100755
index 00000000..b952b79e
--- /dev/null
+++ b/hack/make/release-rpm
@@ -0,0 +1,78 @@
+#!/bin/bash
+set -e
+
+# This script creates the yum repos for the .rpm files generated by hack/make/build-rpm
+#
+# The following can then be used as a yum repo:
+# 	http://yum.dockerproject.org/repo/$release/$distro/$distro-version
+#
+# For example:
+# 	http://yum.dockerproject.org/repo/main/fedora/23
+# 	http://yum.dockerproject.org/repo/testing/centos/7
+# 	http://yum.dockerproject.org/repo/experimental/fedora/23
+# 	http://yum.dockerproject.org/repo/main/centos/7
+#
+# ... and so on and so forth for the builds created by hack/make/build-rpm
+
+source "$(dirname "$BASH_SOURCE")/.integration-daemon-start"
+source "$(dirname "$BASH_SOURCE")/.detect-daemon-osarch"
+
+: ${DOCKER_RELEASE_DIR:=$DEST}
+YUMDIR=$DOCKER_RELEASE_DIR/yum/repo
+: ${GPG_KEYID:=releasedocker}
+
+# manage the repos for each distribution separately
+distros=( fedora centos opensuse oraclelinux )
+
+# get the release
+release="main"
+
+if [[ "$VERSION" == *-rc* ]]; then
+	release="testing"
+fi
+
+if [ $DOCKER_EXPERIMENTAL ] || [[ "$VERSION" == *-dev ]] || [ -n "$(git status --porcelain)" ]; then
+	release="experimental"
+fi
+
+for distro in "${distros[@]}"; do
+	# Setup the yum repo
+	REPO=$YUMDIR/$release/$distro
+
+	for dir in contrib/builder/rpm/${PACKAGE_ARCH}/$distro-*/; do
+		version="$(basename "$dir")"
+		suite="${version##*-}"
+
+		# if the directory does not exist, initialize the yum repo
+		if [[ ! -d $REPO/$suite/Packages ]]; then
+			mkdir -p "$REPO/$suite/Packages"
+
+			createrepo --pretty "$REPO/$suite"
+		fi
+
+		# path to rpms
+		RPMFILE=( "bundles/$VERSION/build-rpm/$version/RPMS/"*"/docker-engine"*.rpm "bundles/$VERSION/build-rpm/$version/SRPMS/docker-engine"*.rpm )
+
+		# if we have a $GPG_PASSPHRASE we may as well
+		# sign the rpms before adding to repo
+		if [ ! -z $GPG_PASSPHRASE ]; then
+			# export our key to rpm import
+			gpg --armor --export "$GPG_KEYID" > /tmp/gpg
+			rpm --import /tmp/gpg
+
+			# sign the rpms
+			echo "yes" | setsid rpm \
+				--define "_gpg_name $GPG_KEYID" \
+				--define "_signature gpg" \
+				--define "__gpg_check_password_cmd /bin/true" \
+				--define "__gpg_sign_cmd %{__gpg} gpg --batch --no-armor --passphrase '$GPG_PASSPHRASE' --no-secmem-warning -u '%{_gpg_name}' --sign --detach-sign --output %{__signature_filename} %{__plaintext_filename}" \
+				--resign "${RPMFILE[@]}"
+		fi
+
+		# copy the rpms to the packages folder
+		cp "${RPMFILE[@]}" "$REPO/$suite/Packages"
+
+		# update the repo
+		createrepo --pretty --update "$REPO/$suite"
+	done
+done
diff --git a/hack/make/sign-repos b/hack/make/sign-repos
new file mode 100755
index 00000000..93b640d7
--- /dev/null
+++ b/hack/make/sign-repos
@@ -0,0 +1,55 @@
+#!/bin/bash
+
+# This script signs the deliverables from release-deb and release-rpm
+# with a designated GPG key.
+
+: ${DOCKER_RELEASE_DIR:=$DEST}
+: ${GPG_KEYID:=releasedocker}
+APTDIR=$DOCKER_RELEASE_DIR/apt/repo
+YUMDIR=$DOCKER_RELEASE_DIR/yum/repo
+
+if [ -z "$GPG_PASSPHRASE" ]; then
+	echo >&2 'you need to set GPG_PASSPHRASE in order to sign artifacts'
+	exit 1
+fi
+
+if [ ! -d $APTDIR ] && [ ! -d $YUMDIR ]; then
+	echo >&2 'release-rpm or release-deb must be run before sign-repos'
+	exit 1
+fi
+
+sign_packages(){
+	# sign apt repo metadata
+	if [ -d $APTDIR ]; then
+		# create file with public key
+		gpg --armor --export "$GPG_KEYID" > "$DOCKER_RELEASE_DIR/apt/gpg"
+
+		# sign the repo metadata
+		for F in $(find $APTDIR -name Release); do
+			if test "$F" -nt "$F.gpg" ; then
+				gpg -u "$GPG_KEYID" --passphrase "$GPG_PASSPHRASE" \
+					--armor --sign --detach-sign \
+					--batch --yes \
+					--output "$F.gpg" "$F"
+			fi
+		done
+	fi
+
+	# sign yum repo metadata
+	if [ -d $YUMDIR ]; then
+		# create file with public key
+		gpg --armor --export "$GPG_KEYID" > "$DOCKER_RELEASE_DIR/yum/gpg"
+
+		# sign the repo metadata
+		for F in $(find $YUMDIR -name repomd.xml); do
+			if test "$F" -nt "$F.asc" ; then
+				gpg -u "$GPG_KEYID" --passphrase "$GPG_PASSPHRASE" \
+					--armor --sign --detach-sign \
+					--batch --yes \
+					--output "$F.asc" "$F"
+			fi
+		done
+	fi
+}
+
+sign_packages
diff --git a/hack/make/test-deb-install b/hack/make/test-deb-install
new file mode 100755
index 00000000..c4482cd4
--- /dev/null
+++ b/hack/make/test-deb-install
@@ -0,0 +1,68 @@
+#!/bin/bash
+# This script is used for testing install.sh and that it works for
+# each of component of our apt and yum repos
+set -e
+
+: ${DEB_DIR:="$(pwd)/bundles/$(cat VERSION)/build-deb"}
+
+if [[ ! -d "${DEB_DIR}" ]]; then
+	echo "you must first run `make deb` or hack/make/build-deb"
+	exit 1
+fi
+
+test_deb_install(){
+	# test for each Dockerfile in contrib/builder
+
+	builderDir="contrib/builder/deb/${PACKAGE_ARCH}"
+	pkgs=( $(find "${builderDir}/"*/ -type d) )
+	if [ ! -z "$DOCKER_BUILD_PKGS" ]; then
+		pkgs=( $(echo ${DOCKER_BUILD_PKGS[@]/#/$builderDir\/}) )
+	fi
+	for dir in "${pkgs[@]}"; do
+		[ -d "$dir" ] || { echo >&2 "skipping nonexistent $dir"; continue; }
+		local from="$(awk 'toupper($1) == "FROM" { print $2; exit }' "$dir/Dockerfile")"
+		local dir=$(basename "$dir")
+
+		if [[ ! -d "${DEB_DIR}/${dir}" ]]; then
+			echo "No deb found for ${dir}"
+			exit 1
+		fi
+
+		local script=$(mktemp /tmp/install-XXXXXXXXXX.sh)
+		cat <<-EOF > "${script}"
+		#!/bin/bash
+		set -e
+		set -x
+
+		apt-get update && apt-get install -y apparmor
+
+		dpkg -i /root/debs/*.deb || true
+
+		apt-get install -yf
+
+		/etc/init.d/apparmor start
+
+		# this will do everything _except_ load the profile into the kernel
+		(
+		cd /etc/apparmor.d
+		/sbin/apparmor_parser --skip-kernel-load docker-engine
+		)
+		EOF
+
+		chmod +x "${script}"
+
+		echo "testing deb install for ${from}"
+		docker run --rm -i --privileged \
+			-v ${DEB_DIR}/${dir}:/root/debs \
+			-v ${script}:/install.sh \
+			${from} /install.sh
+
+		rm -f ${script}
+	done
+}
+
+(
+	bundle .integration-daemon-start
+	test_deb_install
+	bundle .integration-daemon-stop
+) 2>&1 | tee -a "$DEST/test.log"
diff --git a/hack/make/test-docker-py b/hack/make/test-docker-py
new file mode 100644
index 00000000..dece8315
--- /dev/null
+++ b/hack/make/test-docker-py
@@ -0,0 +1,18 @@
+#!/bin/bash
+set -e
+
+# subshell so that we can export PATH without breaking other things
+(
+	bundle .integration-daemon-start
+
+	dockerPy='/docker-py'
+	[ -d "$dockerPy" ] || {
+		dockerPy="$DEST/docker-py"
+		git clone https://github.com/docker/docker-py.git "$dockerPy"
+	}
+
+	# exporting PYTHONPATH to import "docker" from our local docker-py
+	test_env PYTHONPATH="$dockerPy" py.test "$dockerPy/tests/integration"
+
+	bundle .integration-daemon-stop
+) 2>&1 | tee -a "$DEST/test.log"
diff --git a/hack/make/test-install-script b/hack/make/test-install-script
new file mode 100755
index 00000000..4782cbea
--- /dev/null
+++ b/hack/make/test-install-script
@@ -0,0 +1,31 @@
+#!/bin/bash
+# This script is used for testing install.sh and that it works for
+# each of component of our apt and yum repos
+set -e
+
+test_install_script(){
+	# these are equivalent to main, testing, experimental components
+	# in the repos, but its the url that will do the conversion
+	components=( experimental test get )
+
+	for component in "${components[@]}"; do
+		# change url to specific component for testing
+		local test_url=https://${component}.docker.com
+		local script=$(mktemp /tmp/install-XXXXXXXXXX.sh)
+		sed "s,url='https://get.docker.com/',url='${test_url}/'," hack/install.sh > "${script}"
+
+		chmod +x "${script}"
+
+		# test for each Dockerfile in contrib/builder
+		for dir in contrib/builder/*/*/; do
+			local from="$(awk 'toupper($1) == "FROM" { print $2; exit }' "$dir/Dockerfile")"
+
+			echo "running install.sh for ${component} with ${from}"
+			docker run --rm -i -v ${script}:/install.sh ${from} /install.sh
+		done
+
+		rm -f ${script}
+	done
+}
+
+test_install_script
diff --git a/hack/make/test-integration-cli b/hack/make/test-integration-cli
new file mode 100644
index 00000000..27897aeb
--- /dev/null
+++ b/hack/make/test-integration-cli
@@ -0,0 +1,18 @@
+#!/bin/bash
+set -e
+
+bundle_test_integration_cli() {
+	TESTFLAGS="$TESTFLAGS -check.v -check.timeout=${TIMEOUT} -timeout=360m"
+	go_test_dir ./integration-cli
+}
+
+# subshell so that we can export PATH without breaking other things
+(
+	bundle .integration-daemon-start
+
+	bundle .integration-daemon-setup
+
+	bundle_test_integration_cli
+
+	bundle .integration-daemon-stop
+) 2>&1 | tee -a "$DEST/test.log"
diff --git a/hack/make/test-old-apt-repo b/hack/make/test-old-apt-repo
new file mode 100755
index 00000000..bb20128e
--- /dev/null
+++ b/hack/make/test-old-apt-repo
@@ -0,0 +1,29 @@
+#!/bin/bash
+set -e
+
+versions=( 1.3.3 1.4.1 1.5.0 1.6.2 )
+
+install() {
+	local version=$1
+	local tmpdir=$(mktemp -d /tmp/XXXXXXXXXX)
+	local dockerfile="${tmpdir}/Dockerfile"
+	cat <<-EOF > "$dockerfile"
+	FROM debian:jessie
+	ENV VERSION ${version}
+	RUN apt-get update && apt-get install -y \
+		apt-transport-https \
+		ca-certificates \
+		--no-install-recommends
+	RUN echo "deb https://get.docker.com/ubuntu docker main" > /etc/apt/sources.list.d/docker.list
+	RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 \
+		--recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9
+	RUN apt-get update && apt-get install -y \
+		lxc-docker-\${VERSION}
+	EOF
+
+	docker build --rm --force-rm --no-cache -t docker-old-repo:${version} -f $dockerfile $tmpdir
+}
+
+for v in "${versions[@]}"; do
+	install "$v"
+done
diff --git a/hack/make/test-unit b/hack/make/test-unit
new file mode 100644
index 00000000..eee97896
--- /dev/null
+++ b/hack/make/test-unit
@@ -0,0 +1,35 @@
+#!/bin/bash
+set -e
+
+# Run Docker's test suite, including sub-packages, and store their output as a bundle
+# If $TESTFLAGS is set in the environment, it is passed as extra arguments to 'go test'.
+# You can use this to select certain tests to run, eg.
+#
+#   TESTFLAGS='-test.run ^TestBuild$' ./hack/make.sh test-unit
+#
+bundle_test_unit() {
+	TESTFLAGS+=" -test.timeout=${TIMEOUT}"
+	date
+	if [ -z "$TESTDIRS" ]; then
+		TEST_PATH=./...
+	else
+		TEST_PATH=./${TESTDIRS}
+	fi
+	pkg_list=$(go list -e \
+		-f '{{if ne .Name "github.com/docker/docker"}}
+			{{.ImportPath}}
+		    {{end}}' \
+		"${BUILDFLAGS[@]}" $TEST_PATH \
+		| grep github.com/docker/docker \
+		| grep -v github.com/docker/docker/vendor \
+		| grep -v github.com/docker/docker/integration-cli)
+	go test $COVER $GCCGOFLAGS -ldflags "$LDFLAGS" "${BUILDFLAGS[@]}" $TESTFLAGS $pkg_list
+}
+
+
+if [[ "$(go version)" == *"gccgo"* ]]; then
+	GCCGOFLAGS=-gccgoflags="-lpthread"
+else
+	COVER=-cover
+fi
+bundle_test_unit 2>&1 | tee -a "$DEST/test.log"
diff --git a/hack/make/tgz b/hack/make/tgz
new file mode 100644
index 00000000..40aa0101
--- /dev/null
+++ b/hack/make/tgz
@@ -0,0 +1,69 @@
+#!/bin/bash
+
+CROSS="$DEST/../cross"
+
+set -e
+
+if [ ! -d "$CROSS/linux/amd64" ]; then
+	echo >&2 'error: binary and cross must be run before tgz'
+	false
+fi
+
+(
+for d in "$CROSS/"*/*; do
+	export GOARCH="$(basename "$d")"
+	export GOOS="$(basename "$(dirname "$d")")"
+	BINARY_NAME="docker-$VERSION"
+	BINARY_EXTENSION="$(export GOOS && binary_extension)"
+	if [ "$GOOS" = 'windows' ]; then
+		# if windows use a zip, not tgz
+		BUNDLE_EXTENSION=".zip"
+		IS_TAR="false"
+	else
+		BUNDLE_EXTENSION=".tgz"
+		IS_TAR="true"
+	fi
+	BINARY_FULLNAME="$BINARY_NAME$BINARY_EXTENSION"
+	mkdir -p "$DEST/$GOOS/$GOARCH"
+	TGZ="$DEST/$GOOS/$GOARCH/$BINARY_NAME$BUNDLE_EXTENSION"
+
+	# The staging directory for the files in the tgz
+	BUILD_PATH="$DEST/build"
+
+	# The directory that is at the root of the tar file
+	TAR_BASE_DIRECTORY="docker"
+
+	# $DEST/build/docker
+	TAR_PATH="$BUILD_PATH/$TAR_BASE_DIRECTORY"
+
+	# Copy the correct docker binary
+	mkdir -p $TAR_PATH
+	cp -L "$d/$BINARY_FULLNAME" "$TAR_PATH/docker$BINARY_EXTENSION"
+
+	# copy over all the containerd binaries
+	copy_containerd $TAR_PATH
+
+	if [ "$IS_TAR" == "true" ]; then
+		echo "Creating tgz from $BUILD_PATH and naming it $TGZ"
+		tar --numeric-owner --owner 0 -C "$BUILD_PATH" -czf "$TGZ" $TAR_BASE_DIRECTORY
+	else
+		# ZIP needs to full absolute dir path, not the absolute path
+		ZIP=`pwd`"/$TGZ"
+		# keep track of where we are, for later.
+		pushd .
+		# go into the BUILD_PATH since zip does not have a -C equivalent.
+		cd $BUILD_PATH
+		echo "Creating zip from $BUILD_PATH and naming it $ZIP"
+		zip -q -r $ZIP $TAR_BASE_DIRECTORY
+		# go back to where we started
+		popd
+	fi
+
+	hash_files "$TGZ"
+
+	# cleanup after ourselves
+	rm -rf "$BUILD_PATH"
+
+	echo "Created tgz: $TGZ"
+done
+)
diff --git a/hack/make/ubuntu b/hack/make/ubuntu
new file mode 100644
index 00000000..0421dc36
--- /dev/null
+++ b/hack/make/ubuntu
@@ -0,0 +1,190 @@
+#!/bin/bash
+
+PKGVERSION="${VERSION//-/'~'}"
+# if we have a "-dev" suffix or have change in Git, let's make this package version more complex so it works better
+if [[ "$VERSION" == *-dev ]] || [ -n "$(git status --porcelain)" ]; then
+	GIT_UNIX="$(git log -1 --pretty='%at')"
+	GIT_DATE="$(date --date "@$GIT_UNIX" +'%Y%m%d.%H%M%S')"
+	GIT_COMMIT="$(git log -1 --pretty='%h')"
+	GIT_VERSION="git${GIT_DATE}.0.${GIT_COMMIT}"
+	# GIT_VERSION is now something like 'git20150128.112847.0.17e840a'
+	PKGVERSION="$PKGVERSION~$GIT_VERSION"
+fi
+
+# $ dpkg --compare-versions 1.5.0 gt 1.5.0~rc1 && echo true || echo false
+# true
+# $ dpkg --compare-versions 1.5.0~rc1 gt 1.5.0~git20150128.112847.17e840a && echo true || echo false
+# true
+# $ dpkg --compare-versions 1.5.0~git20150128.112847.17e840a gt 1.5.0~dev~git20150128.112847.17e840a && echo true || echo false
+# true
+
+# ie, 1.5.0 > 1.5.0~rc1 > 1.5.0~git20150128.112847.17e840a > 1.5.0~dev~git20150128.112847.17e840a
+
+PACKAGE_ARCHITECTURE="$(dpkg-architecture -qDEB_HOST_ARCH)"
+PACKAGE_URL="https://www.docker.com/"
+PACKAGE_MAINTAINER="support@docker.com"
+PACKAGE_DESCRIPTION="Linux container runtime
+Docker complements LXC with a high-level API which operates at the process
+level. It runs unix processes with strong guarantees of isolation and
+repeatability across servers.
+Docker is a great building block for automating distributed systems:
+large-scale web deployments, database clusters, continuous deployment systems,
+private PaaS, service-oriented architectures, etc."
+PACKAGE_LICENSE="Apache-2.0"
+
+# Build docker as an ubuntu package using FPM and REPREPRO (sue me).
+# bundle_binary must be called first.
+bundle_ubuntu() {
+	DIR="$ABS_DEST/build"
+
+	# Include our udev rules
+	mkdir -p "$DIR/etc/udev/rules.d"
+	cp contrib/udev/80-docker.rules "$DIR/etc/udev/rules.d/"
+
+	# Include our init scripts
+	mkdir -p "$DIR/etc/init"
+	cp contrib/init/upstart/docker.conf "$DIR/etc/init/"
+	mkdir -p "$DIR/etc/init.d"
+	cp contrib/init/sysvinit-debian/docker "$DIR/etc/init.d/"
+	mkdir -p "$DIR/etc/default"
+	cp contrib/init/sysvinit-debian/docker.default "$DIR/etc/default/docker"
+	mkdir -p "$DIR/lib/systemd/system"
+	cp contrib/init/systemd/docker.{service,socket} "$DIR/lib/systemd/system/"
+
+	# Include contributed completions
+	mkdir -p "$DIR/etc/bash_completion.d"
+	cp contrib/completion/bash/docker "$DIR/etc/bash_completion.d/"
+	mkdir -p "$DIR/usr/share/zsh/vendor-completions"
+	cp contrib/completion/zsh/_docker "$DIR/usr/share/zsh/vendor-completions/"
+	mkdir -p "$DIR/etc/fish/completions"
+	cp contrib/completion/fish/docker.fish "$DIR/etc/fish/completions/"
+
+	# Include contributed man pages
+	man/md2man-all.sh -q
+	manRoot="$DIR/usr/share/man"
+	mkdir -p "$manRoot"
+	for manDir in man/man?; do
+		manBase="$(basename "$manDir")" # "man1"
+		for manFile in "$manDir"/*; do
+			manName="$(basename "$manFile")" # "docker-build.1"
+			mkdir -p "$manRoot/$manBase"
+			gzip -c "$manFile" > "$manRoot/$manBase/$manName.gz"
+		done
+	done
+
+	# Copy the binary
+	# This will fail if the binary bundle hasn't been built
+	mkdir -p "$DIR/usr/bin"
+	cp "$DEST/../binary/docker-$VERSION" "$DIR/usr/bin/docker"
+
+	# Generate postinst/prerm/postrm scripts
+	cat > "$DEST/postinst" <<'EOF'
+#!/bin/sh
+set -e
+set -u
+
+if [ "$1" = 'configure' ] && [ -z "$2" ]; then
+	if ! getent group docker > /dev/null; then
+		groupadd --system docker
+	fi
+fi
+
+if ! { [ -x /sbin/initctl ] && /sbin/initctl version 2>/dev/null | grep -q upstart; }; then
+	# we only need to do this if upstart isn't in charge
+	update-rc.d docker defaults > /dev/null || true
+fi
+if [ -n "$2" ]; then
+	_dh_action=restart
+else
+	_dh_action=start
+fi
+service docker $_dh_action 2>/dev/null || true
+
+#DEBHELPER#
+EOF
+	cat > "$DEST/prerm" <<'EOF'
+#!/bin/sh
+set -e
+set -u
+
+service docker stop 2>/dev/null || true
+
+#DEBHELPER#
+EOF
+	cat > "$DEST/postrm" <<'EOF'
+#!/bin/sh
+set -e
+set -u
+
+if [ "$1" = "purge" ] ; then
+	update-rc.d docker remove > /dev/null || true
+fi
+
+# In case this system is running systemd, we make systemd reload the unit files
+# to pick up changes.
+if [ -d /run/systemd/system ] ; then
+	systemctl --system daemon-reload > /dev/null || true
+fi
+
+#DEBHELPER#
+EOF
+	# TODO swaths of these were borrowed from debhelper's auto-inserted stuff, because we're still using fpm - we need to use debhelper instead, and somehow reconcile Ubuntu that way
+	chmod +x "$DEST/postinst" "$DEST/prerm" "$DEST/postrm"
+
+	(
+		# switch directories so we create *.deb in the right folder
+		cd "$DEST"
+
+		# create lxc-docker-VERSION package
+		fpm -s dir -C "$DIR" \
+			--name "lxc-docker-$VERSION" --version "$PKGVERSION" \
+			--after-install "$ABS_DEST/postinst" \
+			--before-remove "$ABS_DEST/prerm" \
+			--after-remove "$ABS_DEST/postrm" \
+			--architecture "$PACKAGE_ARCHITECTURE" \
+			--prefix / \
+			--depends iptables \
+			--deb-recommends aufs-tools \
+			--deb-recommends ca-certificates \
+			--deb-recommends git \
+			--deb-recommends xz-utils \
+			--deb-recommends 'cgroupfs-mount | cgroup-lite' \
+			--deb-suggests apparmor \
+			--description "$PACKAGE_DESCRIPTION" \
+			--maintainer "$PACKAGE_MAINTAINER" \
+			--conflicts docker \
+			--conflicts docker.io \
+			--conflicts lxc-docker-virtual-package \
+			--provides lxc-docker \
+			--provides lxc-docker-virtual-package \
+			--replaces lxc-docker \
+			--replaces lxc-docker-virtual-package \
+			--url "$PACKAGE_URL" \
+			--license "$PACKAGE_LICENSE" \
+			--config-files /etc/udev/rules.d/80-docker.rules \
+			--config-files /etc/init/docker.conf \
+			--config-files /etc/init.d/docker \
+			--config-files /etc/default/docker \
+			--deb-compression gz \
+			-t deb .
+		# TODO replace "Suggests: cgroup-lite" with "Recommends: cgroupfs-mount | cgroup-lite" once cgroupfs-mount is available
+
+		# create empty lxc-docker wrapper package
+		fpm -s empty \
+			--name lxc-docker --version "$PKGVERSION" \
+			--architecture "$PACKAGE_ARCHITECTURE" \
+			--depends lxc-docker-$VERSION \
+			--description "$PACKAGE_DESCRIPTION" \
+			--maintainer "$PACKAGE_MAINTAINER" \
+			--url "$PACKAGE_URL" \
+			--license "$PACKAGE_LICENSE" \
+			--deb-compression gz \
+			-t deb
+	)
+
+	# clean up after ourselves so we have a clean output directory
+	rm "$DEST/postinst" "$DEST/prerm" "$DEST/postrm"
+	rm -r "$DIR"
+}
+
+bundle_ubuntu
diff --git a/hack/make/update-apt-repo b/hack/make/update-apt-repo
new file mode 100755
index 00000000..7354a2ec
--- /dev/null
+++ b/hack/make/update-apt-repo
@@ -0,0 +1,70 @@
+#!/bin/bash
+set -e
+
+# This script updates the apt repo in $DOCKER_RELEASE_DIR/apt/repo.
+# This script is a "fix all" for any sort of problems that might have occurred with
+# the Release or Package files in the repo.
+# It should only be used in the rare case of extreme emergencies to regenerate
+# Release and Package files for the apt repo.
+#
+# NOTE: Always be sure to re-sign the repo with hack/make/sign-repos after running
+# this script.
+
+: ${DOCKER_RELEASE_DIR:=$DEST}
+APTDIR=$DOCKER_RELEASE_DIR/apt/repo
+
+# supported arches/sections
+arches=( amd64 i386 )
+
+# Preserve existing components but don't add any non-existing ones
+for component in main testing experimental ; do
+	if ls "$APTDIR/dists/*/$component" >/dev/null 2>&1 ; then
+		components+=( $component )
+	fi
+done
+
+dists=( $(find "${APTDIR}/dists" -maxdepth 1 -mindepth 1 -type d) )
+
+# override component if it is set
+if [ "$COMPONENT" ]; then
+	components=( $COMPONENT )
+fi
+
+# release the debs
+for version in "${dists[@]}"; do
+	for component in "${components[@]}"; do
+		codename="${version//debootstrap-}"
+
+		# update the filelist for this codename/component
+		find "$APTDIR/pool/$component" \
+			-name *~${codename#*-}*.deb > "$APTDIR/dists/$codename/$component/filelist"
+	done
+done
+
+# run the apt-ftparchive commands so we can have pinning
+apt-ftparchive generate "$APTDIR/conf/apt-ftparchive.conf"
+
+for dist in "${dists[@]}"; do
+	version=$(basename "$dist")
+	for component in "${components[@]}"; do
+		codename="${version//debootstrap-}"
+
+		apt-ftparchive \
+			-o "APT::FTPArchive::Release::Codename=$codename" \
+			-o "APT::FTPArchive::Release::Suite=$codename" \
+			-c "$APTDIR/conf/docker-engine-release.conf" \
+			release \
+			"$APTDIR/dists/$codename" > "$APTDIR/dists/$codename/Release"
+
+		for arch in "${arches[@]}"; do
+			apt-ftparchive \
+				-o "APT::FTPArchive::Release::Codename=$codename" \
+				-o "APT::FTPArchive::Release::Suite=$codename" \
+				-o "APT::FTPArchive::Release::Component=$component" \
+				-o "APT::FTPArchive::Release::Architecture=$arch" \
+				-c "$APTDIR/conf/docker-engine-release.conf" \
+				release \
+				"$APTDIR/dists/$codename/$component/binary-$arch" > "$APTDIR/dists/$codename/$component/binary-$arch/Release"
+		done
+	done
+done
diff --git a/hack/make/validate-dco b/hack/make/validate-dco
new file mode 100644
index 00000000..5ac98728
--- /dev/null
+++ b/hack/make/validate-dco
@@ -0,0 +1,54 @@
+#!/bin/bash
+
+source "${MAKEDIR}/.validate"
+
+adds=$(validate_diff --numstat | awk '{ s += $1 } END { print s }')
+dels=$(validate_diff --numstat | awk '{ s += $2 } END { print s }')
+#notDocs="$(validate_diff --numstat | awk '$3 !~ /^docs\// { print $3 }')"
+
+: ${adds:=0}
+: ${dels:=0}
+
+# "Username may only contain alphanumeric characters or dashes and cannot begin with a dash"
+githubUsernameRegex='[a-zA-Z0-9][a-zA-Z0-9-]+'
+
+# https://github.com/docker/docker/blob/master/CONTRIBUTING.md#sign-your-work
+dcoPrefix='Signed-off-by:'
+dcoRegex="^(Docker-DCO-1.1-)?$dcoPrefix ([^<]+) <([^<>@]+@[^<>]+)>( \\(github: ($githubUsernameRegex)\\))?$"
+
+check_dco() {
+	grep -qE "$dcoRegex"
+}
+
+if [ $adds -eq 0 -a $dels -eq 0 ]; then
+	echo '0 adds, 0 deletions; nothing to validate! :)'
+else
+	commits=( $(validate_log --format='format:%H%n') )
+	badCommits=()
+	for commit in "${commits[@]}"; do
+		if [ -z "$(git log -1 --format='format:' --name-status "$commit")" ]; then
+			# no content (ie, Merge commit, etc)
+			continue
+		fi
+		if ! git log -1 --format='format:%B' "$commit" | check_dco; then
+			badCommits+=( "$commit" )
+		fi
+	done
+	if [ ${#badCommits[@]} -eq 0 ]; then
+		echo "Congratulations!  All commits are properly signed with the DCO!"
+	else
+		{
+			echo "These commits do not have a proper '$dcoPrefix' marker:"
+			for commit in "${badCommits[@]}"; do
+				echo " - $commit"
+			done
+			echo
+			echo 'Please amend each commit to include a properly formatted DCO marker.'
+			echo
+			echo 'Visit the following URL for information about the Docker DCO:'
+			echo ' https://github.com/docker/docker/blob/master/CONTRIBUTING.md#sign-your-work'
+			echo
+		} >&2
+		false
+	fi
+fi
diff --git a/hack/make/validate-default-seccomp b/hack/make/validate-default-seccomp
new file mode 100644
index 00000000..4facec74
--- /dev/null
+++ b/hack/make/validate-default-seccomp
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+source "${MAKEDIR}/.validate"
+
+IFS=$'\n'
+files=( $(validate_diff --diff-filter=ACMR --name-only -- 'profiles/seccomp' || true) )
+unset IFS
+
+if [ ${#files[@]} -gt 0 ]; then
+	# We run vendor.sh to and see if we have a diff afterwards
+	go generate ./profiles/seccomp/ >/dev/null
+	# Let see if the working directory is clean
+	diffs="$(git status --porcelain -- profiles/seccomp 2>/dev/null)"
+	if [ "$diffs" ]; then
+		{
+			echo 'The result of go generate ./profiles/seccomp/ differs'
+			echo
+			echo "$diffs"
+			echo
+			echo 'Please re-run go generate ./profiles/seccomp/'
+			echo
+		} >&2
+		false
+	else
+		echo 'Congratulations! Seccomp profile generation is done correctly.'
+	fi
+fi
diff --git a/hack/make/validate-gofmt b/hack/make/validate-gofmt
new file mode 100644
index 00000000..7ad9e855
--- /dev/null
+++ b/hack/make/validate-gofmt
@@ -0,0 +1,30 @@
+#!/bin/bash
+
+source "${MAKEDIR}/.validate"
+
+IFS=$'\n'
+files=( $(validate_diff --diff-filter=ACMR --name-only -- '*.go' | grep -v '^vendor/' || true) )
+unset IFS
+
+badFiles=()
+for f in "${files[@]}"; do
+	# we use "git show" here to validate that what's committed is formatted
+	if [ "$(git show "$VALIDATE_HEAD:$f" | gofmt -s -l)" ]; then
+		badFiles+=( "$f" )
+	fi
+done
+
+if [ ${#badFiles[@]} -eq 0 ]; then
+	echo 'Congratulations!  All Go source files are properly formatted.'
+else
+	{
+		echo "These files are not properly gofmt'd:"
+		for f in "${badFiles[@]}"; do
+			echo " - $f"
+		done
+		echo
+		echo 'Please reformat the above files using "gofmt -s -w" and commit the result.'
+		echo
+	} >&2
+	false
+fi
diff --git a/hack/make/validate-lint b/hack/make/validate-lint
new file mode 100644
index 00000000..df7f2b00
--- /dev/null
+++ b/hack/make/validate-lint
@@ -0,0 +1,30 @@
+#!/bin/bash
+
+source "${MAKEDIR}/.validate"
+
+IFS=$'\n'
+files=( $(validate_diff --diff-filter=ACMR --name-only -- '*.go' | grep -v '^vendor/' || true) )
+unset IFS
+
+errors=()
+for f in "${files[@]}"; do
+	failedLint=$(golint "$f")
+	if [ "$failedLint" ]; then
+		errors+=( "$failedLint" )
+	fi
+done
+
+if [ ${#errors[@]} -eq 0 ]; then
+	echo 'Congratulations!  All Go source files have been linted.'
+else
+	{
+		echo "Errors from golint:"
+		for err in "${errors[@]}"; do
+			echo "$err"
+		done
+		echo
+		echo 'Please fix the above errors. You can test via "golint" and commit the result.'
+		echo
+	} >&2
+	false
+fi
diff --git a/hack/make/validate-pkg b/hack/make/validate-pkg
new file mode 100644
index 00000000..d5843417
--- /dev/null
+++ b/hack/make/validate-pkg
@@ -0,0 +1,32 @@
+#!/bin/bash
+set -e
+
+source "${MAKEDIR}/.validate"
+
+IFS=$'\n'
+files=( $(validate_diff --diff-filter=ACMR --name-only -- 'pkg/*.go' || true) )
+unset IFS
+
+badFiles=()
+for f in "${files[@]}"; do
+	IFS=$'\n'
+	badImports=( $(go list -e -f '{{ join .Deps "\n" }}' "$f" | sort -u | grep -vE '^github.com/docker/docker/pkg/' | grep -E '^github.com/docker/docker' || true) )
+	unset IFS
+
+	for import in "${badImports[@]}"; do
+		badFiles+=( "$f imports $import" )
+	done
+done
+
+if [ ${#badFiles[@]} -eq 0 ]; then
+	echo 'Congratulations! "./pkg/..." is safely isolated from internal code.'
+else
+	{
+		echo 'These files import internal code: (either directly or indirectly)'
+		for f in "${badFiles[@]}"; do
+			echo " - $f"
+		done
+		echo
+	} >&2
+	false
+fi
diff --git a/hack/make/validate-test b/hack/make/validate-test
new file mode 100644
index 00000000..8dc86f11
--- /dev/null
+++ b/hack/make/validate-test
@@ -0,0 +1,35 @@
+#!/bin/bash
+
+# Make sure we're not using gos' Testing package any more in integration-cli
+
+source "${MAKEDIR}/.validate"
+
+IFS=$'\n'
+files=( $(validate_diff --diff-filter=ACMR --name-only -- 'integration-cli/*.go' || true) )
+unset IFS
+
+badFiles=()
+for f in "${files[@]}"; do
+	# skip check_test.go since it *does* use the testing package
+	if [ "$f" = "integration-cli/check_test.go" ]; then
+		continue
+	fi
+
+	# we use "git show" here to validate that what's committed doesn't contain golang built-in testing
+	if git show "$VALIDATE_HEAD:$f" | grep -q testing.T; then
+		badFiles+=( "$f" )
+	fi
+done
+
+if [ ${#badFiles[@]} -eq 0 ]; then
+	echo 'Congratulations! No testing.T found.'
+else
+	{
+		echo "These files use the wrong testing infrastructure:"
+		for f in "${badFiles[@]}"; do
+			echo " - $f"
+		done
+		echo
+	} >&2
+	false
+fi
diff --git a/hack/make/validate-toml b/hack/make/validate-toml
new file mode 100644
index 00000000..f6393c85
--- /dev/null
+++ b/hack/make/validate-toml
@@ -0,0 +1,30 @@
+#!/bin/bash
+
+source "${MAKEDIR}/.validate"
+
+IFS=$'\n'
+files=( $(validate_diff --diff-filter=ACMR --name-only -- 'MAINTAINERS' || true) )
+unset IFS
+
+badFiles=()
+for f in "${files[@]}"; do
+	# we use "git show" here to validate that what's committed has valid toml syntax
+	if ! git show "$VALIDATE_HEAD:$f" | tomlv /proc/self/fd/0 ; then
+		badFiles+=( "$f" )
+	fi
+done
+
+if [ ${#badFiles[@]} -eq 0 ]; then
+	echo 'Congratulations!  All toml source files changed here have valid syntax.'
+else
+	{
+		echo "These files are not valid toml:"
+		for f in "${badFiles[@]}"; do
+			echo " - $f"
+		done
+		echo
+		echo 'Please reformat the above files as valid toml'
+		echo
+	} >&2
+	false
+fi
diff --git a/hack/make/validate-vendor b/hack/make/validate-vendor
new file mode 100644
index 00000000..7c2cf33c
--- /dev/null
+++ b/hack/make/validate-vendor
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+source "${MAKEDIR}/.validate"
+
+IFS=$'\n'
+files=( $(validate_diff --diff-filter=ACMR --name-only -- 'hack/vendor.sh' 'hack/.vendor-helpers.sh' 'vendor/' || true) ) 
+unset IFS
+
+if [ ${#files[@]} -gt 0 ]; then
+	# We run vendor.sh to and see if we have a diff afterwards
+	./hack/vendor.sh >/dev/null
+	# Let see if the working directory is clean
+	diffs="$(git status --porcelain -- vendor 2>/dev/null)"
+	if [ "$diffs" ]; then
+		{
+			echo 'The result of ./hack/vendor.sh differs'
+			echo
+			echo "$diffs"
+			echo
+			echo 'Please vendor your package with ./hack/vendor.sh.'
+			echo
+		} >&2
+		false
+	else
+		echo 'Congratulations! All vendoring changes are done the right way.'
+	fi
+fi
diff --git a/hack/make/validate-vet b/hack/make/validate-vet
new file mode 100644
index 00000000..d543509a
--- /dev/null
+++ b/hack/make/validate-vet
@@ -0,0 +1,31 @@
+#!/bin/bash
+
+source "${MAKEDIR}/.validate"
+
+IFS=$'\n'
+files=( $(validate_diff --diff-filter=ACMR --name-only -- '*.go' | grep -v '^vendor/' || true) )
+unset IFS
+
+errors=()
+for f in "${files[@]}"; do
+	failedVet=$(go vet "$f")
+	if [ "$failedVet" ]; then
+		errors+=( "$failedVet" )
+	fi
+done
+
+
+if [ ${#errors[@]} -eq 0 ]; then
+	echo 'Congratulations!  All Go source files have been vetted.'
+else
+	{
+		echo "Errors from go vet:"
+		for err in "${errors[@]}"; do
+			echo " - $err"
+		done
+		echo
+		echo 'Please fix the above errors. You can test via "go vet" and commit the result.'
+		echo
+	} >&2
+	false
+fi
diff --git a/hack/make/win b/hack/make/win
new file mode 100644
index 00000000..f9f41112
--- /dev/null
+++ b/hack/make/win
@@ -0,0 +1,20 @@
+#!/bin/bash
+set -e
+
+# explicit list of os/arch combos that support being a daemon
+declare -A daemonSupporting
+daemonSupporting=(
+	[linux/amd64]=1
+	[windows/amd64]=1
+)
+platform="windows/amd64"
+export DEST="$DEST/$platform" # bundles/VERSION/cross/GOOS/GOARCH/docker-VERSION
+mkdir -p "$DEST"
+ABS_DEST="$(cd "$DEST" && pwd -P)"
+export GOOS=${platform%/*}
+export GOARCH=${platform##*/}
+if [ -z "${daemonSupporting[$platform]}" ]; then
+	export LDFLAGS_STATIC_DOCKER="" # we just need a simple client for these platforms
+	export BUILDFLAGS=( "${ORIG_BUILDFLAGS[@]/ daemon/}" ) # remove the "daemon" build tag from platforms that aren't supported
+fi
+source "${MAKEDIR}/binary"
diff --git a/hack/release.sh b/hack/release.sh
new file mode 100755
index 00000000..25d6af72
--- /dev/null
+++ b/hack/release.sh
@@ -0,0 +1,318 @@
+#!/usr/bin/env bash
+set -e
+
+# This script looks for bundles built by make.sh, and releases them on a
+# public S3 bucket.
+#
+# Bundles should be available for the VERSION string passed as argument.
+#
+# The correct way to call this script is inside a container built by the
+# official Dockerfile at the root of the Docker source code. The Dockerfile,
+# make.sh and release.sh should all be from the same source code revision.
+
+set -o pipefail
+
+# Print a usage message and exit.
+usage() {
+	cat >&2 <<'EOF'
+To run, I need:
+- to be in a container generated by the Dockerfile at the top of the Docker
+  repository;
+- to be provided with the location of an S3 bucket and path, in
+  environment variables AWS_S3_BUCKET and AWS_S3_BUCKET_PATH (default: '');
+- to be provided with AWS credentials for this S3 bucket, in environment
+  variables AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY;
+- a generous amount of good will and nice manners.
+The canonical way to run me is to run the image produced by the Dockerfile: e.g.:"
+
+docker run -e AWS_S3_BUCKET=test.docker.com \
+           -e AWS_ACCESS_KEY_ID     \
+           -e AWS_SECRET_ACCESS_KEY \
+           -e AWS_DEFAULT_REGION    \
+           -it --privileged         \
+           docker ./hack/release.sh
+EOF
+	exit 1
+}
+
+[ "$AWS_S3_BUCKET" ] || usage
+[ "$AWS_ACCESS_KEY_ID" ] || usage
+[ "$AWS_SECRET_ACCESS_KEY" ] || usage
+[ -d /go/src/github.com/docker/docker ] || usage
+cd /go/src/github.com/docker/docker
+[ -x hack/make.sh ] || usage
+
+export AWS_DEFAULT_REGION
+: ${AWS_DEFAULT_REGION:=us-west-1}
+
+RELEASE_BUNDLES=(
+	binary
+	cross
+	tgz
+)
+
+if [ "$1" != '--release-regardless-of-test-failure' ]; then
+	RELEASE_BUNDLES=(
+		test-unit
+		"${RELEASE_BUNDLES[@]}"
+		test-integration-cli
+	)
+fi
+
+VERSION=$(< VERSION)
+BUCKET=$AWS_S3_BUCKET
+BUCKET_PATH=$BUCKET
+[[ -n "$AWS_S3_BUCKET_PATH" ]] && BUCKET_PATH+=/$AWS_S3_BUCKET_PATH
+
+if command -v git &> /dev/null && git rev-parse &> /dev/null; then
+	if [ -n "$(git status --porcelain --untracked-files=no)" ]; then
+		echo "You cannot run the release script on a repo with uncommitted changes"
+		usage
+	fi
+fi
+
+# These are the 2 keys we've used to sign the deb's
+#   release (get.docker.com)
+#	GPG_KEY="36A1D7869245C8950F966E92D8576A8BA88D21E9"
+#   test    (test.docker.com)
+#	GPG_KEY="740B314AE3941731B942C66ADF4FD13717AAD7D6"
+
+setup_s3() {
+	echo "Setting up S3"
+	# Try creating the bucket. Ignore errors (it might already exist).
+	aws s3 mb "s3://$BUCKET" 2>/dev/null || true
+	# Check access to the bucket.
+	aws s3 ls "s3://$BUCKET" >/dev/null
+	# Make the bucket accessible through website endpoints.
+	aws s3 website --index-document index --error-document error "s3://$BUCKET"
+}
+
+# write_to_s3 uploads the contents of standard input to the specified S3 url.
+write_to_s3() {
+	DEST=$1
+	F=`mktemp`
+	cat > "$F"
+	aws s3 cp --acl public-read --content-type 'text/plain' "$F" "$DEST"
+	rm -f "$F"
+}
+
+s3_url() {
+	case "$BUCKET" in
+		get.docker.com|test.docker.com|experimental.docker.com)
+			echo "https://$BUCKET_PATH"
+			;;
+		*)
+			BASE_URL="http://${BUCKET}.s3-website-${AWS_DEFAULT_REGION}.amazonaws.com"
+			if [[ -n "$AWS_S3_BUCKET_PATH" ]] ; then
+				echo "$BASE_URL/$AWS_S3_BUCKET_PATH"
+			else
+				echo "$BASE_URL"
+			fi
+			;;
+	esac
+}
+
+build_all() {
+	echo "Building release"
+	if ! ./hack/make.sh "${RELEASE_BUNDLES[@]}"; then
+		echo >&2
+		echo >&2 'The build or tests appear to have failed.'
+		echo >&2
+		echo >&2 'You, as the release  maintainer, now have a couple options:'
+		echo >&2 '- delay release and fix issues'
+		echo >&2 '- delay release and fix issues'
+		echo >&2 '- did we mention how important this is?  issues need fixing :)'
+		echo >&2
+		echo >&2 'As a final LAST RESORT, you (because only you, the release maintainer,'
+		echo >&2 ' really knows all the hairy problems at hand with the current release'
+		echo >&2 ' issues) may bypass this checking by running this script again with the'
+		echo >&2 ' single argument of "--release-regardless-of-test-failure", which will skip'
+		echo >&2 ' running the test suite, and will only build the binaries and packages.  Please'
+		echo >&2 ' avoid using this if at all possible.'
+		echo >&2
+		echo >&2 'Regardless, we cannot stress enough the scarcity with which this bypass'
+		echo >&2 ' should be used.  If there are release issues, we should always err on the'
+		echo >&2 ' side of caution.'
+		echo >&2
+		exit 1
+	fi
+}
+
+upload_release_build() {
+	src="$1"
+	dst="$2"
+	latest="$3"
+
+	echo
+	echo "Uploading $src"
+	echo "  to $dst"
+	echo
+	aws s3 cp --follow-symlinks --acl public-read "$src" "$dst"
+	if [ "$latest" ]; then
+		echo
+		echo "Copying to $latest"
+		echo
+		aws s3 cp --acl public-read "$dst" "$latest"
+	fi
+
+	# get hash files too (see hash_files() in hack/make.sh)
+	for hashAlgo in md5 sha256; do
+		if [ -e "$src.$hashAlgo" ]; then
+			echo
+			echo "Uploading $src.$hashAlgo"
+			echo "  to $dst.$hashAlgo"
+			echo
+			aws s3 cp --follow-symlinks --acl public-read --content-type='text/plain' "$src.$hashAlgo" "$dst.$hashAlgo"
+			if [ "$latest" ]; then
+				echo
+				echo "Copying to $latest.$hashAlgo"
+				echo
+				aws s3 cp --acl public-read "$dst.$hashAlgo" "$latest.$hashAlgo"
+			fi
+		fi
+	done
+}
+
+release_build() {
+	echo "Releasing binaries"
+	GOOS=$1
+	GOARCH=$2
+
+	binDir=bundles/$VERSION/cross/$GOOS/$GOARCH
+	tgzDir=bundles/$VERSION/tgz/$GOOS/$GOARCH
+	binary=docker-$VERSION
+	zipExt=".tgz"
+	binaryExt=""
+	tgz=$binary$zipExt
+
+	latestBase=
+	if [ -z "$NOLATEST" ]; then
+		latestBase=docker-latest
+	fi
+
+	# we need to map our GOOS and GOARCH to uname values
+	# see https://en.wikipedia.org/wiki/Uname
+	# ie, GOOS=linux -> "uname -s"=Linux
+
+	s3Os=$GOOS
+	case "$s3Os" in
+		darwin)
+			s3Os=Darwin
+			;;
+		freebsd)
+			s3Os=FreeBSD
+			;;
+		linux)
+			s3Os=Linux
+			;;
+		windows)
+			# this is windows use the .zip and .exe extentions for the files.
+			s3Os=Windows
+			zipExt=".zip"
+			binaryExt=".exe"
+			tgz=$binary$zipExt
+			binary+=$binaryExt
+			;;
+		*)
+			echo >&2 "error: can't convert $s3Os to an appropriate value for 'uname -s'"
+			exit 1
+			;;
+	esac
+
+	s3Arch=$GOARCH
+	case "$s3Arch" in
+		amd64)
+			s3Arch=x86_64
+			;;
+		386)
+			s3Arch=i386
+			;;
+		arm)
+			s3Arch=armel
+			# someday, we might potentially support multiple GOARM values, in which case we might get armhf here too
+			;;
+		*)
+			echo >&2 "error: can't convert $s3Arch to an appropriate value for 'uname -m'"
+			exit 1
+			;;
+	esac
+
+	s3Dir="s3://$BUCKET_PATH/builds/$s3Os/$s3Arch"
+	# latest=
+	latestTgz=
+	if [ "$latestBase" ]; then
+		# commented out since we aren't uploading binaries right now.
+		# latest="$s3Dir/$latestBase$binaryExt"
+		# we don't include the $binaryExt because we don't want docker.exe.zip
+		latestTgz="$s3Dir/$latestBase$zipExt"
+	fi
+
+	if [ ! -f "$tgzDir/$tgz" ]; then
+		echo >&2 "error: can't find $tgzDir/$tgz - was it packaged properly?"
+		exit 1
+	fi
+	# disable binary uploads for now. Only providing tgz downloads
+	# upload_release_build "$binDir/$binary" "$s3Dir/$binary" "$latest"
+	upload_release_build "$tgzDir/$tgz" "$s3Dir/$tgz" "$latestTgz"
+}
+
+# Upload binaries and tgz files to S3
+release_binaries() {
+	[ -e "bundles/$VERSION/cross/linux/amd64/docker-$VERSION" ] || {
+		echo >&2 './hack/make.sh must be run before release_binaries'
+		exit 1
+	}
+
+	for d in bundles/$VERSION/cross/*/*; do
+		GOARCH="$(basename "$d")"
+		GOOS="$(basename "$(dirname "$d")")"
+		release_build "$GOOS" "$GOARCH"
+	done
+
+	# TODO create redirect from builds/*/i686 to builds/*/i386
+
+	cat <<EOF | write_to_s3 s3://$BUCKET_PATH/builds/index
+# To install, run the following command as root:
+curl -sSL -O $(s3_url)/builds/Linux/x86_64/docker-$VERSION.tgz && sudo tar zxf docker-$VERSION.tgz -C /
+# Then start docker in daemon mode:
+sudo /usr/local/bin/docker daemon
+EOF
+
+	# Add redirect at /builds/info for URL-backwards-compatibility
+	rm -rf /tmp/emptyfile && touch /tmp/emptyfile
+	aws s3 cp --acl public-read --website-redirect '/builds/' --content-type='text/plain' /tmp/emptyfile "s3://$BUCKET_PATH/builds/info"
+
+	if [ -z "$NOLATEST" ]; then
+		echo "Advertising $VERSION on $BUCKET_PATH as most recent version"
+		echo "$VERSION" | write_to_s3 "s3://$BUCKET_PATH/latest"
+	fi
+}
+
+# Upload the index script
+release_index() {
+	echo "Releasing index"
+	url="$(s3_url)/" hack/make.sh install-script
+	write_to_s3 "s3://$BUCKET_PATH/index" < "bundles/$VERSION/install-script/install.sh"
+}
+
+main() {
+	build_all
+	setup_s3
+	release_binaries
+	release_index
+}
+
+main
+
+echo
+echo
+echo "Release complete; see $(s3_url)"
+echo "Use the following text to announce the release:"
+echo
+echo "We have just pushed $VERSION to $(s3_url). You can download it with the following:"
+echo
+echo "Darwin/OSX 64bit client tgz: $(s3_url)/builds/Darwin/x86_64/docker-$VERSION.tgz"
+echo "Linux 64bit tgz: $(s3_url)/builds/Linux/x86_64/docker-$VERSION.tgz"
+echo "Windows 64bit client tgz: $(s3_url)/builds/Windows/x86_64/docker-$VERSION.zip"
+echo "Windows 32bit client tgz: $(s3_url)/builds/Windows/i386/docker-$VERSION.zip"
+echo
diff --git a/hack/vendor.sh b/hack/vendor.sh
new file mode 100755
index 00000000..34116050
--- /dev/null
+++ b/hack/vendor.sh
@@ -0,0 +1,94 @@
+#!/usr/bin/env bash
+set -e
+
+cd "$(dirname "$BASH_SOURCE")/.."
+rm -rf vendor/
+source 'hack/.vendor-helpers.sh'
+
+# the following lines are in sorted order, FYI
+clone git github.com/Azure/go-ansiterm 70b2c90b260171e829f1ebd7c17f600c11858dbe
+clone git github.com/Microsoft/hcsshim v0.1.0
+clone git github.com/Microsoft/go-winio v0.1.0
+clone git github.com/Sirupsen/logrus v0.9.0 # logrus is a common dependency among multiple deps
+clone git github.com/docker/libtrust 9cbd2a1374f46905c68a4eb3694a130610adc62a
+clone git github.com/go-check/check a625211d932a2a643d0d17352095f03fb7774663 https://github.com/cpuguy83/check.git
+clone git github.com/gorilla/context 14f550f51a
+clone git github.com/gorilla/mux e444e69cbd
+clone git github.com/kr/pty 5cf931ef8f
+clone git github.com/mattn/go-shellwords v1.0.0
+clone git github.com/mattn/go-sqlite3 v1.1.0
+clone git github.com/mistifyio/go-zfs v2.1.1
+clone git github.com/tchap/go-patricia v2.1.0
+clone git github.com/vdemeester/shakers 24d7f1d6a71aa5d9cbe7390e4afb66b7eef9e1b3
+# forked golang.org/x/net package includes a patch for lazy loading trace templates
+clone git golang.org/x/net 78cb2c067747f08b343f20614155233ab4ea2ad3 https://github.com/tonistiigi/net.git
+clone git golang.org/x/sys eb2c74142fd19a79b3f237334c7384d5167b1b46 https://github.com/golang/sys.git
+clone git github.com/docker/go-units 651fc226e7441360384da338d0fd37f2440ffbe3
+clone git github.com/docker/go-connections v0.2.0
+clone git github.com/docker/engine-api v0.3.3
+clone git github.com/RackSec/srslog 259aed10dfa74ea2961eddd1d9847619f6e98837
+clone git github.com/imdario/mergo 0.2.1
+
+#get libnetwork packages
+clone git github.com/docker/libnetwork v0.7.2-rc.1
+clone git github.com/armon/go-metrics eb0af217e5e9747e41dd5303755356b62d28e3ec
+clone git github.com/hashicorp/go-msgpack 71c2886f5a673a35f909803f38ece5810165097b
+clone git github.com/hashicorp/memberlist 9a1e242e454d2443df330bdd51a436d5a9058fc4
+clone git github.com/hashicorp/serf 7151adcef72687bf95f451a2e0ba15cb19412bf2
+clone git github.com/docker/libkv c2aac5dbbaa5c872211edea7c0f32b3bd67e7410
+clone git github.com/vishvananda/netns 604eaf189ee867d8c147fafc28def2394e878d25
+clone git github.com/vishvananda/netlink 631962935bff4f3d20ff32a72e8944f6d2836a26
+clone git github.com/BurntSushi/toml f706d00e3de6abe700c994cdd545a1a4915af060
+clone git github.com/samuel/go-zookeeper d0e0d8e11f318e000a8cc434616d69e329edc374
+clone git github.com/deckarep/golang-set ef32fa3046d9f249d399f98ebaf9be944430fd1d
+clone git github.com/coreos/etcd v2.2.0
+fix_rewritten_imports github.com/coreos/etcd
+clone git github.com/ugorji/go 5abd4e96a45c386928ed2ca2a7ef63e2533e18ec
+clone git github.com/hashicorp/consul v0.5.2
+clone git github.com/boltdb/bolt v1.2.0
+clone git github.com/miekg/dns 75e6e86cc601825c5dbcd4e0c209eab180997cd7
+
+# get graph and distribution packages
+clone git github.com/docker/distribution 467fc068d88aa6610691b7f1a677271a3fac4aac
+clone git github.com/vbatts/tar-split v0.9.11
+
+# get desired notary commit, might also need to be updated in Dockerfile
+clone git github.com/docker/notary docker-v1.11-3
+
+clone git google.golang.org/grpc a22b6611561e9f0a3e0919690dd2caf48f14c517 https://github.com/grpc/grpc-go.git
+clone git github.com/miekg/pkcs11 df8ae6ca730422dba20c768ff38ef7d79077a59f
+clone git github.com/docker/go v1.5.1-1-1-gbaf439e
+clone git github.com/agl/ed25519 d2b94fd789ea21d12fac1a4443dd3a3f79cda72c
+
+clone git github.com/opencontainers/runc baf6536d6259209c3edfa2b22237af82942d3dfa # libcontainer
+clone git github.com/opencontainers/specs f955d90e70a98ddfb886bd930ffd076da9b67998 # specs
+clone git github.com/seccomp/libseccomp-golang 1b506fc7c24eec5a3693cdcbed40d9c226cfc6a1
+# libcontainer deps (see src/github.com/opencontainers/runc/Godeps/Godeps.json)
+clone git github.com/coreos/go-systemd v4
+clone git github.com/godbus/dbus v3
+clone git github.com/syndtr/gocapability 2c00daeb6c3b45114c80ac44119e7b8801fdd852
+clone git github.com/golang/protobuf 68415e7123da32b07eab49c96d2c4d6158360e9b
+
+# gelf logging driver deps
+clone git github.com/Graylog2/go-gelf aab2f594e4585d43468ac57287b0dece9d806883
+
+clone git github.com/fluent/fluent-logger-golang v1.1.0
+# fluent-logger-golang deps
+clone git github.com/philhofer/fwd 899e4efba8eaa1fea74175308f3fae18ff3319fa
+clone git github.com/tinylib/msgp 75ee40d2601edf122ef667e2a07d600d4c44490c
+
+# fsnotify
+clone git gopkg.in/fsnotify.v1 v1.2.0
+
+# awslogs deps
+clone git github.com/aws/aws-sdk-go v0.9.9
+clone git github.com/vaughan0/go-ini a98ad7ee00ec53921f08832bc06ecf7fd600e6a1
+
+# gcplogs deps
+clone git golang.org/x/oauth2 2baa8a1b9338cf13d9eeb27696d761155fa480be https://github.com/golang/oauth2.git
+clone git google.golang.org/api dc6d2353af16e2a2b0ff6986af051d473a4ed468 https://code.googlesource.com/google-api-go-client
+clone git google.golang.org/cloud dae7e3d993bc3812a2185af60552bb6b847e52a0 https://code.googlesource.com/gocloud
+
+# containerd
+clone git github.com/docker/containerd 9dc2b3273db42c75368988a3885a3afd770069d9
+clean
diff --git a/image/fs.go b/image/fs.go
new file mode 100644
index 00000000..72c9ab42
--- /dev/null
+++ b/image/fs.go
@@ -0,0 +1,184 @@
+package image
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"sync"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/digest"
+)
+
+// IDWalkFunc is function called by StoreBackend.Walk
+type IDWalkFunc func(id ID) error
+
+// StoreBackend provides interface for image.Store persistence
+type StoreBackend interface {
+	Walk(f IDWalkFunc) error
+	Get(id ID) ([]byte, error)
+	Set(data []byte) (ID, error)
+	Delete(id ID) error
+	SetMetadata(id ID, key string, data []byte) error
+	GetMetadata(id ID, key string) ([]byte, error)
+	DeleteMetadata(id ID, key string) error
+}
+
+// fs implements StoreBackend using the filesystem.
+type fs struct {
+	sync.RWMutex
+	root string
+}
+
+const (
+	contentDirName  = "content"
+	metadataDirName = "metadata"
+)
+
+// NewFSStoreBackend returns new filesystem based backend for image.Store
+func NewFSStoreBackend(root string) (StoreBackend, error) {
+	return newFSStore(root)
+}
+
+func newFSStore(root string) (*fs, error) {
+	s := &fs{
+		root: root,
+	}
+	if err := os.MkdirAll(filepath.Join(root, contentDirName, string(digest.Canonical)), 0700); err != nil {
+		return nil, err
+	}
+	if err := os.MkdirAll(filepath.Join(root, metadataDirName, string(digest.Canonical)), 0700); err != nil {
+		return nil, err
+	}
+	return s, nil
+}
+
+func (s *fs) contentFile(id ID) string {
+	dgst := digest.Digest(id)
+	return filepath.Join(s.root, contentDirName, string(dgst.Algorithm()), dgst.Hex())
+}
+
+func (s *fs) metadataDir(id ID) string {
+	dgst := digest.Digest(id)
+	return filepath.Join(s.root, metadataDirName, string(dgst.Algorithm()), dgst.Hex())
+}
+
+// Walk calls the supplied callback for each image ID in the storage backend.
+func (s *fs) Walk(f IDWalkFunc) error {
+	// Only Canonical digest (sha256) is currently supported
+	s.RLock()
+	dir, err := ioutil.ReadDir(filepath.Join(s.root, contentDirName, string(digest.Canonical)))
+	s.RUnlock()
+	if err != nil {
+		return err
+	}
+	for _, v := range dir {
+		dgst := digest.NewDigestFromHex(string(digest.Canonical), v.Name())
+		if err := dgst.Validate(); err != nil {
+			logrus.Debugf("Skipping invalid digest %s: %s", dgst, err)
+			continue
+		}
+		if err := f(ID(dgst)); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// Get returns the content stored under a given ID.
+func (s *fs) Get(id ID) ([]byte, error) {
+	s.RLock()
+	defer s.RUnlock()
+
+	return s.get(id)
+}
+
+func (s *fs) get(id ID) ([]byte, error) {
+	content, err := ioutil.ReadFile(s.contentFile(id))
+	if err != nil {
+		return nil, err
+	}
+
+	// todo: maybe optional
+	if ID(digest.FromBytes(content)) != id {
+		return nil, fmt.Errorf("failed to verify image: %v", id)
+	}
+
+	return content, nil
+}
+
+// Set stores content under a given ID.
+func (s *fs) Set(data []byte) (ID, error) {
+	s.Lock()
+	defer s.Unlock()
+
+	if len(data) == 0 {
+		return "", fmt.Errorf("Invalid empty data")
+	}
+
+	id := ID(digest.FromBytes(data))
+	filePath := s.contentFile(id)
+	tempFilePath := s.contentFile(id) + ".tmp"
+	if err := ioutil.WriteFile(tempFilePath, data, 0600); err != nil {
+		return "", err
+	}
+	if err := os.Rename(tempFilePath, filePath); err != nil {
+		return "", err
+	}
+
+	return id, nil
+}
+
+// Delete removes content and metadata files associated with the ID.
+func (s *fs) Delete(id ID) error {
+	s.Lock()
+	defer s.Unlock()
+
+	if err := os.RemoveAll(s.metadataDir(id)); err != nil {
+		return err
+	}
+	if err := os.Remove(s.contentFile(id)); err != nil {
+		return err
+	}
+	return nil
+}
+
+// SetMetadata sets metadata for a given ID. It fails if there's no base file.
+func (s *fs) SetMetadata(id ID, key string, data []byte) error {
+	s.Lock()
+	defer s.Unlock()
+	if _, err := s.get(id); err != nil {
+		return err
+	}
+
+	baseDir := filepath.Join(s.metadataDir(id))
+	if err := os.MkdirAll(baseDir, 0700); err != nil {
+		return err
+	}
+	filePath := filepath.Join(s.metadataDir(id), key)
+	tempFilePath := filePath + ".tmp"
+	if err := ioutil.WriteFile(tempFilePath, data, 0600); err != nil {
+		return err
+	}
+	return os.Rename(tempFilePath, filePath)
+}
+
+// GetMetadata returns metadata for a given ID.
+func (s *fs) GetMetadata(id ID, key string) ([]byte, error) {
+	s.RLock()
+	defer s.RUnlock()
+
+	if _, err := s.get(id); err != nil {
+		return nil, err
+	}
+	return ioutil.ReadFile(filepath.Join(s.metadataDir(id), key))
+}
+
+// DeleteMetadata removes the metadata associated with an ID.
+func (s *fs) DeleteMetadata(id ID, key string) error {
+	s.Lock()
+	defer s.Unlock()
+
+	return os.RemoveAll(filepath.Join(s.metadataDir(id), key))
+}
diff --git a/image/fs_test.go b/image/fs_test.go
new file mode 100644
index 00000000..1a6f849f
--- /dev/null
+++ b/image/fs_test.go
@@ -0,0 +1,384 @@
+package image
+
+import (
+	"bytes"
+	"crypto/rand"
+	"crypto/sha256"
+	"encoding/hex"
+	"errors"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"testing"
+
+	"github.com/docker/distribution/digest"
+)
+
+func TestFSGetSet(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "images-fs-store")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	fs, err := NewFSStoreBackend(tmpdir)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	testGetSet(t, fs)
+}
+
+func TestFSGetInvalidData(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "images-fs-store")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	fs, err := NewFSStoreBackend(tmpdir)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	id, err := fs.Set([]byte("foobar"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	dgst := digest.Digest(id)
+
+	if err := ioutil.WriteFile(filepath.Join(tmpdir, contentDirName, string(dgst.Algorithm()), dgst.Hex()), []byte("foobar2"), 0600); err != nil {
+		t.Fatal(err)
+	}
+
+	_, err = fs.Get(id)
+	if err == nil {
+		t.Fatal("Expected get to fail after data modification.")
+	}
+}
+
+func TestFSInvalidSet(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "images-fs-store")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	fs, err := NewFSStoreBackend(tmpdir)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	id := digest.FromBytes([]byte("foobar"))
+	err = os.Mkdir(filepath.Join(tmpdir, contentDirName, string(id.Algorithm()), id.Hex()), 0700)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	_, err = fs.Set([]byte("foobar"))
+	if err == nil {
+		t.Fatal("Expecting error from invalid filesystem data.")
+	}
+}
+
+func TestFSInvalidRoot(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "images-fs-store")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+
+	tcases := []struct {
+		root, invalidFile string
+	}{
+		{"root", "root"},
+		{"root", "root/content"},
+		{"root", "root/metadata"},
+	}
+
+	for _, tc := range tcases {
+		root := filepath.Join(tmpdir, tc.root)
+		filePath := filepath.Join(tmpdir, tc.invalidFile)
+		err := os.MkdirAll(filepath.Dir(filePath), 0700)
+		if err != nil {
+			t.Fatal(err)
+		}
+		f, err := os.Create(filePath)
+		if err != nil {
+			t.Fatal(err)
+		}
+		f.Close()
+
+		_, err = NewFSStoreBackend(root)
+		if err == nil {
+			t.Fatalf("Expected error from root %q and invlid file %q", tc.root, tc.invalidFile)
+		}
+
+		os.RemoveAll(root)
+	}
+
+}
+
+func testMetadataGetSet(t *testing.T, store StoreBackend) {
+	id, err := store.Set([]byte("foo"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	id2, err := store.Set([]byte("bar"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	tcases := []struct {
+		id    ID
+		key   string
+		value []byte
+	}{
+		{id, "tkey", []byte("tval1")},
+		{id, "tkey2", []byte("tval2")},
+		{id2, "tkey", []byte("tval3")},
+	}
+
+	for _, tc := range tcases {
+		err = store.SetMetadata(tc.id, tc.key, tc.value)
+		if err != nil {
+			t.Fatal(err)
+		}
+
+		actual, err := store.GetMetadata(tc.id, tc.key)
+		if err != nil {
+			t.Fatal(err)
+		}
+		if bytes.Compare(actual, tc.value) != 0 {
+			t.Fatalf("Metadata expected %q, got %q", tc.value, actual)
+		}
+	}
+
+	_, err = store.GetMetadata(id2, "tkey2")
+	if err == nil {
+		t.Fatal("Expected error for getting metadata for unknown key")
+	}
+
+	id3 := digest.FromBytes([]byte("baz"))
+	err = store.SetMetadata(ID(id3), "tkey", []byte("tval"))
+	if err == nil {
+		t.Fatal("Expected error for setting metadata for unknown ID.")
+	}
+
+	_, err = store.GetMetadata(ID(id3), "tkey")
+	if err == nil {
+		t.Fatal("Expected error for getting metadata for unknown ID.")
+	}
+}
+
+func TestFSMetadataGetSet(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "images-fs-store")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	fs, err := NewFSStoreBackend(tmpdir)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	testMetadataGetSet(t, fs)
+}
+
+func TestFSDelete(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "images-fs-store")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	fs, err := NewFSStoreBackend(tmpdir)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	testDelete(t, fs)
+}
+
+func TestFSWalker(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "images-fs-store")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	fs, err := NewFSStoreBackend(tmpdir)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	testWalker(t, fs)
+}
+
+func TestFSInvalidWalker(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "images-fs-store")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	fs, err := NewFSStoreBackend(tmpdir)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	fooID, err := fs.Set([]byte("foo"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if err := ioutil.WriteFile(filepath.Join(tmpdir, contentDirName, "sha256/foobar"), []byte("foobar"), 0600); err != nil {
+		t.Fatal(err)
+	}
+
+	n := 0
+	err = fs.Walk(func(id ID) error {
+		if id != fooID {
+			t.Fatalf("Invalid walker ID %q, expected %q", id, fooID)
+		}
+		n++
+		return nil
+	})
+	if err != nil {
+		t.Fatalf("Invalid data should not have caused walker error, got %v", err)
+	}
+	if n != 1 {
+		t.Fatalf("Expected 1 walk initialization, got %d", n)
+	}
+}
+
+func testGetSet(t *testing.T, store StoreBackend) {
+	type tcase struct {
+		input    []byte
+		expected ID
+	}
+	tcases := []tcase{
+		{[]byte("foobar"), ID("sha256:c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2")},
+	}
+
+	randomInput := make([]byte, 8*1024)
+	_, err := rand.Read(randomInput)
+	if err != nil {
+		t.Fatal(err)
+	}
+	// skipping use of digest pkg because its used by the implementation
+	h := sha256.New()
+	_, err = h.Write(randomInput)
+	if err != nil {
+		t.Fatal(err)
+	}
+	tcases = append(tcases, tcase{
+		input:    randomInput,
+		expected: ID("sha256:" + hex.EncodeToString(h.Sum(nil))),
+	})
+
+	for _, tc := range tcases {
+		id, err := store.Set([]byte(tc.input))
+		if err != nil {
+			t.Fatal(err)
+		}
+		if id != tc.expected {
+			t.Fatalf("Expected ID %q, got %q", tc.expected, id)
+		}
+	}
+
+	for _, emptyData := range [][]byte{nil, {}} {
+		_, err := store.Set(emptyData)
+		if err == nil {
+			t.Fatal("Expected error for nil input.")
+		}
+	}
+
+	for _, tc := range tcases {
+		data, err := store.Get(tc.expected)
+		if err != nil {
+			t.Fatal(err)
+		}
+		if bytes.Compare(data, tc.input) != 0 {
+			t.Fatalf("Expected data %q, got %q", tc.input, data)
+		}
+	}
+
+	for _, key := range []ID{"foobar:abc", "sha256:abc", "sha256:c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2a"} {
+		_, err := store.Get(key)
+		if err == nil {
+			t.Fatalf("Expected error for ID %q.", key)
+		}
+	}
+
+}
+
+func testDelete(t *testing.T, store StoreBackend) {
+	id, err := store.Set([]byte("foo"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	id2, err := store.Set([]byte("bar"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	err = store.Delete(id)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	_, err = store.Get(id)
+	if err == nil {
+		t.Fatalf("Expected getting deleted item %q to fail", id)
+	}
+	_, err = store.Get(id2)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	err = store.Delete(id2)
+	if err != nil {
+		t.Fatal(err)
+	}
+	_, err = store.Get(id2)
+	if err == nil {
+		t.Fatalf("Expected getting deleted item %q to fail", id2)
+	}
+}
+
+func testWalker(t *testing.T, store StoreBackend) {
+	id, err := store.Set([]byte("foo"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	id2, err := store.Set([]byte("bar"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	tcases := make(map[ID]struct{})
+	tcases[id] = struct{}{}
+	tcases[id2] = struct{}{}
+	n := 0
+	err = store.Walk(func(id ID) error {
+		delete(tcases, id)
+		n++
+		return nil
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if n != 2 {
+		t.Fatalf("Expected 2 walk initializations, got %d", n)
+	}
+	if len(tcases) != 0 {
+		t.Fatalf("Expected empty unwalked set, got %+v", tcases)
+	}
+
+	// stop on error
+	tcases = make(map[ID]struct{})
+	tcases[id] = struct{}{}
+	err = store.Walk(func(id ID) error {
+		return errors.New("")
+	})
+	if err == nil {
+		t.Fatalf("Exected error from walker.")
+	}
+}
diff --git a/image/image.go b/image/image.go
new file mode 100644
index 00000000..52471408
--- /dev/null
+++ b/image/image.go
@@ -0,0 +1,138 @@
+package image
+
+import (
+	"encoding/json"
+	"errors"
+	"io"
+	"time"
+
+	"github.com/docker/distribution/digest"
+	"github.com/docker/engine-api/types/container"
+)
+
+// ID is the content-addressable ID of an image.
+type ID digest.Digest
+
+func (id ID) String() string {
+	return digest.Digest(id).String()
+}
+
+// V1Image stores the V1 image configuration.
+type V1Image struct {
+	// ID a unique 64 character identifier of the image
+	ID string `json:"id,omitempty"`
+	// Parent id of the image
+	Parent string `json:"parent,omitempty"`
+	// Comment user added comment
+	Comment string `json:"comment,omitempty"`
+	// Created timestamp when image was created
+	Created time.Time `json:"created"`
+	// Container is the id of the container used to commit
+	Container string `json:"container,omitempty"`
+	// ContainerConfig is the configuration of the container that is committed into the image
+	ContainerConfig container.Config `json:"container_config,omitempty"`
+	// DockerVersion specifies version on which image is built
+	DockerVersion string `json:"docker_version,omitempty"`
+	// Author of the image
+	Author string `json:"author,omitempty"`
+	// Config is the configuration of the container received from the client
+	Config *container.Config `json:"config,omitempty"`
+	// Architecture is the hardware that the image is build and runs on
+	Architecture string `json:"architecture,omitempty"`
+	// OS is the operating system used to build and run the image
+	OS string `json:"os,omitempty"`
+	// Size is the total size of the image including all layers it is composed of
+	Size int64 `json:",omitempty"`
+}
+
+// Image stores the image configuration
+type Image struct {
+	V1Image
+	Parent  ID        `json:"parent,omitempty"`
+	RootFS  *RootFS   `json:"rootfs,omitempty"`
+	History []History `json:"history,omitempty"`
+
+	// rawJSON caches the immutable JSON associated with this image.
+	rawJSON []byte
+
+	// computedID is the ID computed from the hash of the image config.
+	// Not to be confused with the legacy V1 ID in V1Image.
+	computedID ID
+}
+
+// RawJSON returns the immutable JSON associated with the image.
+func (img *Image) RawJSON() []byte {
+	return img.rawJSON
+}
+
+// ID returns the image's content-addressable ID.
+func (img *Image) ID() ID {
+	return img.computedID
+}
+
+// ImageID stringizes ID.
+func (img *Image) ImageID() string {
+	return string(img.ID())
+}
+
+// RunConfig returns the image's container config.
+func (img *Image) RunConfig() *container.Config {
+	return img.Config
+}
+
+// MarshalJSON serializes the image to JSON. It sorts the top-level keys so
+// that JSON that's been manipulated by a push/pull cycle with a legacy
+// registry won't end up with a different key order.
+func (img *Image) MarshalJSON() ([]byte, error) {
+	type MarshalImage Image
+
+	pass1, err := json.Marshal(MarshalImage(*img))
+	if err != nil {
+		return nil, err
+	}
+
+	var c map[string]*json.RawMessage
+	if err := json.Unmarshal(pass1, &c); err != nil {
+		return nil, err
+	}
+	return json.Marshal(c)
+}
+
+// History stores build commands that were used to create an image
+type History struct {
+	// Created timestamp for build point
+	Created time.Time `json:"created"`
+	// Author of the build point
+	Author string `json:"author,omitempty"`
+	// CreatedBy keeps the Dockerfile command used while building image.
+	CreatedBy string `json:"created_by,omitempty"`
+	// Comment is custom message set by the user when creating the image.
+	Comment string `json:"comment,omitempty"`
+	// EmptyLayer is set to true if this history item did not generate a
+	// layer. Otherwise, the history item is associated with the next
+	// layer in the RootFS section.
+	EmptyLayer bool `json:"empty_layer,omitempty"`
+}
+
+// Exporter provides interface for exporting and importing images
+type Exporter interface {
+	Load(io.ReadCloser, io.Writer, bool) error
+	// TODO: Load(net.Context, io.ReadCloser, <- chan StatusMessage) error
+	Save([]string, io.Writer) error
+}
+
+// NewFromJSON creates an Image configuration from json.
+func NewFromJSON(src []byte) (*Image, error) {
+	img := &Image{}
+
+	if err := json.Unmarshal(src, img); err != nil {
+		return nil, err
+	}
+	if img.RootFS == nil {
+		return nil, errors.New("Invalid image JSON, no RootFS key.")
+	}
+
+	img.rawJSON = src
+
+	return img, nil
+}
diff --git a/image/image_test.go b/image/image_test.go
new file mode 100644
index 00000000..525023b8
--- /dev/null
+++ b/image/image_test.go
@@ -0,0 +1,59 @@
+package image
+
+import (
+	"encoding/json"
+	"sort"
+	"strings"
+	"testing"
+)
+
+const sampleImageJSON = `{
+	"architecture": "amd64",
+	"os": "linux",
+	"config": {},
+	"rootfs": {
+		"type": "layers",
+		"diff_ids": []
+	}
+}`
+
+func TestJSON(t *testing.T) {
+	img, err := NewFromJSON([]byte(sampleImageJSON))
+	if err != nil {
+		t.Fatal(err)
+	}
+	rawJSON := img.RawJSON()
+	if string(rawJSON) != sampleImageJSON {
+		t.Fatalf("Raw JSON of config didn't match: expected %+v, got %v", sampleImageJSON, rawJSON)
+	}
+}
+
+func TestInvalidJSON(t *testing.T) {
+	_, err := NewFromJSON([]byte("{}"))
+	if err == nil {
+		t.Fatal("Expected JSON parse error")
+	}
+}
+
+func TestMarshalKeyOrder(t *testing.T) {
+	b, err := json.Marshal(&Image{
+		V1Image: V1Image{
+			Comment:      "a",
+			Author:       "b",
+			Architecture: "c",
+		},
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	expectedOrder := []string{"architecture", "author", "comment"}
+	var indexes []int
+	for _, k := range expectedOrder {
+		indexes = append(indexes, strings.Index(string(b), k))
+	}
+
+	if !sort.IntsAreSorted(indexes) {
+		t.Fatal("invalid key order in JSON: ", string(b))
+	}
+}
diff --git a/image/rootfs.go b/image/rootfs.go
new file mode 100644
index 00000000..b546696d
--- /dev/null
+++ b/image/rootfs.go
@@ -0,0 +1,8 @@
+package image
+
+import "github.com/docker/docker/layer"
+
+// Append appends a new diffID to rootfs
+func (r *RootFS) Append(id layer.DiffID) {
+	r.DiffIDs = append(r.DiffIDs, id)
+}
diff --git a/image/rootfs_unix.go b/image/rootfs_unix.go
new file mode 100644
index 00000000..99c1f8f4
--- /dev/null
+++ b/image/rootfs_unix.go
@@ -0,0 +1,23 @@
+// +build !windows
+
+package image
+
+import "github.com/docker/docker/layer"
+
+// RootFS describes images root filesystem
+// This is currently a placeholder that only supports layers. In the future
+// this can be made into an interface that supports different implementations.
+type RootFS struct {
+	Type    string         `json:"type"`
+	DiffIDs []layer.DiffID `json:"diff_ids,omitempty"`
+}
+
+// ChainID returns the ChainID for the top layer in RootFS.
+func (r *RootFS) ChainID() layer.ChainID {
+	return layer.CreateChainID(r.DiffIDs)
+}
+
+// NewRootFS returns empty RootFS struct
+func NewRootFS() *RootFS {
+	return &RootFS{Type: "layers"}
+}
diff --git a/image/rootfs_windows.go b/image/rootfs_windows.go
new file mode 100644
index 00000000..883d2385
--- /dev/null
+++ b/image/rootfs_windows.go
@@ -0,0 +1,37 @@
+// +build windows
+
+package image
+
+import (
+	"crypto/sha512"
+	"fmt"
+
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/layer"
+)
+
+// RootFS describes images root filesystem
+// This is currently a placeholder that only supports layers. In the future
+// this can be made into an interface that supports different implementations.
+type RootFS struct {
+	Type      string         `json:"type"`
+	DiffIDs   []layer.DiffID `json:"diff_ids,omitempty"`
+	BaseLayer string         `json:"base_layer,omitempty"`
+}
+
+// BaseLayerID returns the 64 byte hex ID for the baselayer name.
+func (r *RootFS) BaseLayerID() string {
+	baseID := sha512.Sum384([]byte(r.BaseLayer))
+	return fmt.Sprintf("%x", baseID[:32])
+}
+
+// ChainID returns the ChainID for the top layer in RootFS.
+func (r *RootFS) ChainID() layer.ChainID {
+	baseDiffID := digest.FromBytes([]byte(r.BaseLayerID()))
+	return layer.CreateChainID(append([]layer.DiffID{layer.DiffID(baseDiffID)}, r.DiffIDs...))
+}
+
+// NewRootFS returns empty RootFS struct
+func NewRootFS() *RootFS {
+	return &RootFS{Type: "layers+base"}
+}
diff --git a/image/spec/v1.md b/image/spec/v1.md
new file mode 100644
index 00000000..57a599b8
--- /dev/null
+++ b/image/spec/v1.md
@@ -0,0 +1,573 @@
+# Docker Image Specification v1.0.0
+
+An *Image* is an ordered collection of root filesystem changes and the
+corresponding execution parameters for use within a container runtime. This
+specification outlines the format of these filesystem changes and corresponding
+parameters and describes how to create and use them for use with a container
+runtime and execution tool.
+
+## Terminology
+
+This specification uses the following terms:
+
+<dl>
+    <dt>
+        Layer
+    </dt>
+    <dd>
+        Images are composed of <i>layers</i>. <i>Image layer</i> is a general
+        term which may be used to refer to one or both of the following:
+
+        <ol>
+            <li>The metadata for the layer, described in the JSON format.</li>
+            <li>The filesystem changes described by a layer.</li>
+        </ol>
+
+        To refer to the former you may use the term <i>Layer JSON</i> or
+        <i>Layer Metadata</i>. To refer to the latter you may use the term
+        <i>Image Filesystem Changeset</i> or <i>Image Diff</i>.
+    </dd>
+    <dt>
+        Image JSON
+    </dt>
+    <dd>
+        Each layer has an associated JSON structure which describes some
+        basic information about the image such as date created, author, and the
+        ID of its parent image as well as execution/runtime configuration like
+        its entry point, default arguments, CPU/memory shares, networking, and
+        volumes.
+    </dd>
+    <dt>
+        Image Filesystem Changeset
+    </dt>
+    <dd>
+        Each layer has an archive of the files which have been added, changed,
+        or deleted relative to its parent layer. Using a layer-based or union
+        filesystem such as AUFS, or by computing the diff from filesystem
+        snapshots, the filesystem changeset can be used to present a series of
+        image layers as if they were one cohesive filesystem.
+    </dd>
+    <dt>
+        Image ID <a name="id_desc"></a>
+    </dt>
+    <dd>
+        Each layer is given an ID upon its creation. It is 
+        represented as a hexadecimal encoding of 256 bits, e.g.,
+        <code>a9561eb1b190625c9adb5a9513e72c4dedafc1cb2d4c5236c9a6957ec7dfd5a9</code>.
+        Image IDs should be sufficiently random so as to be globally unique.
+        32 bytes read from <code>/dev/urandom</code> is sufficient for all
+        practical purposes. Alternatively, an image ID may be derived as a
+        cryptographic hash of image contents as the result is considered
+        indistinguishable from random. The choice is left up to implementors.
+    </dd>
+    <dt>
+        Image Parent
+    </dt>
+    <dd>
+        Most layer metadata structs contain a <code>parent</code> field which
+        refers to the Image from which another directly descends. An image
+        contains a separate JSON metadata file and set of changes relative to
+        the filesystem of its parent image. <i>Image Ancestor</i> and
+        <i>Image Descendant</i> are also common terms.
+    </dd>
+    <dt>
+        Image Checksum
+    </dt>
+    <dd>
+        Layer metadata structs contain a cryptographic hash of the contents of
+        the layer's filesystem changeset. Though the set of changes exists as a
+        simple Tar archive, two archives with identical filenames and content
+        will have different SHA digests if the last-access or last-modified
+        times of any entries differ. For this reason, image checksums are
+        generated using the TarSum algorithm which produces a cryptographic
+        hash of file contents and selected headers only. Details of this
+        algorithm are described in the separate <a href="https://github.com/docker/docker/blob/master/pkg/tarsum/tarsum_spec.md">TarSum specification</a>.
+    </dd>
+    <dt>
+        Tag
+    </dt>
+    <dd>
+        A tag serves to map a descriptive, user-given name to any single image
+        ID. An image name suffix (the name component after <code>:</code>) is
+        often referred to as a tag as well, though it strictly refers to the
+        full name of an image. Acceptable values for a tag suffix are
+        implementation specific, but they SHOULD be limited to the set of
+        alphanumeric characters <code>[a-zA-z0-9]</code>, punctuation
+        characters <code>[._-]</code>, and MUST NOT contain a <code>:</code>
+        character.
+    </dd>
+    <dt>
+        Repository
+    </dt>
+    <dd>
+        A collection of tags grouped under a common prefix (the name component
+        before <code>:</code>). For example, in an image tagged with the name
+        <code>my-app:3.1.4</code>, <code>my-app</code> is the <i>Repository</i>
+        component of the name. Acceptable values for repository name are
+        implementation specific, but they SHOULD be limited to the set of
+        alphanumeric characters <code>[a-zA-z0-9]</code>, and punctuation
+        characters <code>[._-]</code>, however it MAY contain additional
+        <code>/</code> and <code>:</code> characters for organizational
+        purposes, with the last <code>:</code> character being interpreted
+        dividing the repository component of the name from the tag suffix
+        component.
+    </dd>
+</dl>
+
+## Image JSON Description
+
+Here is an example image JSON file:
+
+```
+{  
+    "id": "a9561eb1b190625c9adb5a9513e72c4dedafc1cb2d4c5236c9a6957ec7dfd5a9",
+    "parent": "c6e3cedcda2e3982a1a6760e178355e8e65f7b80e4e5248743fa3549d284e024",
+    "checksum": "tarsum.v1+sha256:e58fcf7418d2390dec8e8fb69d88c06ec07039d651fedc3aa72af9972e7d046b",
+    "created": "2014-10-13T21:19:18.674353812Z",
+    "author": "Alyssa P. Hacker &ltalyspdev@example.com&gt",
+    "architecture": "amd64",
+    "os": "linux",
+    "Size": 271828,
+    "config": {
+        "User": "alice",
+        "Memory": 2048,
+        "MemorySwap": 4096,
+        "CpuShares": 8,
+        "ExposedPorts": {  
+            "8080/tcp": {}
+        },
+        "Env": [  
+            "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
+            "FOO=docker_is_a_really",
+            "BAR=great_tool_you_know"
+        ],
+        "Entrypoint": [
+            "/bin/my-app-binary"
+        ],
+        "Cmd": [
+            "--foreground",
+            "--config",
+            "/etc/my-app.d/default.cfg"
+        ],
+        "Volumes": {
+            "/var/job-result-data": {},
+            "/var/log/my-app-logs": {},
+        },
+        "WorkingDir": "/home/alice",
+    }
+}
+```
+
+### Image JSON Field Descriptions
+
+<dl>
+    <dt>
+        id <code>string</code>
+    </dt>
+    <dd>
+        Randomly generated, 256-bit, hexadecimal encoded. Uniquely identifies
+        the image.
+    </dd>
+    <dt>
+        parent <code>string</code>
+    </dt>
+    <dd>
+        ID of the parent image. If there is no parent image then this field
+        should be omitted. A collection of images may share many of the same
+        ancestor layers. This organizational structure is strictly a tree with
+        any one layer having either no parent or a single parent and zero or
+        more descendant layers. Cycles are not allowed and implementations
+        should be careful to avoid creating them or iterating through a cycle
+        indefinitely.
+    </dd>
+    <dt>
+        created <code>string</code>
+    </dt>
+    <dd>
+        ISO-8601 formatted combined date and time at which the image was
+        created.
+    </dd>
+    <dt>
+        author <code>string</code>
+    </dt>
+    <dd>
+        Gives the name and/or email address of the person or entity which
+        created and is responsible for maintaining the image.
+    </dd>
+    <dt>
+        architecture <code>string</code>
+    </dt>
+    <dd>
+        The CPU architecture which the binaries in this image are built to run
+        on. Possible values include:
+        <ul>
+            <li>386</li>
+            <li>amd64</li>
+            <li>arm</li>
+        </ul>
+        More values may be supported in the future and any of these may or may
+        not be supported by a given container runtime implementation.
+    </dd>
+    <dt>
+        os <code>string</code>
+    </dt>
+    <dd>
+        The name of the operating system which the image is built to run on.
+        Possible values include:
+        <ul>
+            <li>darwin</li>
+            <li>freebsd</li>
+            <li>linux</li>
+        </ul>
+        More values may be supported in the future and any of these may or may
+        not be supported by a given container runtime implementation.
+    </dd>
+    <dt>
+        checksum <code>string</code>
+    </dt>
+    <dd>
+        Image Checksum of the filesystem changeset associated with the image
+        layer.
+    </dd>
+    <dt>
+        Size <code>integer</code>
+    </dt>
+    <dd>
+        The size in bytes of the filesystem changeset associated with the image
+        layer.
+    </dd>
+    <dt>
+        config <code>struct</code>
+    </dt>
+    <dd>
+        The execution parameters which should be used as a base when running a
+        container using the image. This field can be <code>null</code>, in
+        which case any execution parameters should be specified at creation of
+        the container.
+
+        <h4>Container RunConfig Field Descriptions</h4>
+
+        <dl>
+            <dt>
+                User <code>string</code>
+            </dt>
+            <dd>
+                <p>The username or UID which the process in the container should
+                run as. This acts as a default value to use when the value is
+                not specified when creating a container.</p>
+
+                <p>All of the following are valid:</p>
+
+                <ul>
+                    <li><code>user</code></li>
+                    <li><code>uid</code></li>
+                    <li><code>user:group</code></li>
+                    <li><code>uid:gid</code></li>
+                    <li><code>uid:group</code></li>
+                    <li><code>user:gid</code></li>
+                </ul>
+
+                <p>If <code>group</code>/<code>gid</code> is not specified, the
+                default group and supplementary groups of the given
+                <code>user</code>/<code>uid</code> in <code>/etc/passwd</code>
+                from the container are applied.</p>
+            </dd>
+            <dt>
+                Memory <code>integer</code>
+            </dt>
+            <dd>
+                Memory limit (in bytes). This acts as a default value to use
+                when the value is not specified when creating a container.
+            </dd>
+            <dt>
+                MemorySwap <code>integer</code>
+            </dt>
+            <dd>
+                Total memory usage (memory + swap); set to <code>-1</code> to
+                disable swap. This acts as a default value to use when the
+                value is not specified when creating a container.
+            </dd>
+            <dt>
+                CpuShares <code>integer</code>
+            </dt>
+            <dd>
+                CPU shares (relative weight vs. other containers). This acts as
+                a default value to use when the value is not specified when
+                creating a container.
+            </dd>
+            <dt>
+                ExposedPorts <code>struct</code>
+            </dt>
+            <dd>
+                A set of ports to expose from a container running this image.
+                This JSON structure value is unusual because it is a direct
+                JSON serialization of the Go type
+                <code>map[string]struct{}</code> and is represented in JSON as
+                an object mapping its keys to an empty object. Here is an
+                example:
+
+<pre>{
+    "8080": {},
+    "53/udp": {},
+    "2356/tcp": {}
+}</pre>
+
+                Its keys can be in the format of:
+                <ul>
+                    <li>
+                        <code>"port/tcp"</code>
+                    </li>
+                    <li>
+                        <code>"port/udp"</code>
+                    </li>
+                    <li>
+                        <code>"port"</code>
+                    </li>
+                </ul>
+                with the default protocol being <code>"tcp"</code> if not
+                specified.
+
+                These values act as defaults and are merged with any specified
+                when creating a container.
+            </dd>
+            <dt>
+                Env <code>array of strings</code>
+            </dt>
+            <dd>
+                Entries are in the format of <code>VARNAME="var value"</code>.
+                These values act as defaults and are merged with any specified
+                when creating a container.
+            </dd>
+            <dt>
+                Entrypoint <code>array of strings</code>
+            </dt>
+            <dd>
+                A list of arguments to use as the command to execute when the
+                container starts. This value acts as a  default and is replaced
+                by an entrypoint specified when creating a container.
+            </dd>
+            <dt>
+                Cmd <code>array of strings</code>
+            </dt>
+            <dd>
+                Default arguments to the entry point of the container. These
+                values act as defaults and are replaced with any specified when
+                creating a container. If an <code>Entrypoint</code> value is
+                not specified, then the first entry of the <code>Cmd</code>
+                array should be interpreted as the executable to run.
+            </dd>
+            <dt>
+                Volumes <code>struct</code>
+            </dt>
+            <dd>
+                A set of directories which should be created as data volumes in
+                a container running this image. This JSON structure value is
+                unusual because it is a direct JSON serialization of the Go
+                type <code>map[string]struct{}</code> and is represented in
+                JSON as an object mapping its keys to an empty object. Here is
+                an example:
+<pre>{
+    "/var/my-app-data/": {},
+    "/etc/some-config.d/": {},
+}</pre>
+            </dd>
+            <dt>
+                WorkingDir <code>string</code>
+            </dt>
+            <dd>
+                Sets the current working directory of the entry point process
+                in the container. This value acts as a default and is replaced
+                by a working directory specified when creating a container.
+            </dd>
+        </dl>
+    </dd>
+</dl>
+
+Any extra fields in the Image JSON struct are considered implementation
+specific and should be ignored by any implementations which are unable to
+interpret them.
+
+## Creating an Image Filesystem Changeset
+
+An example of creating an Image Filesystem Changeset follows.
+
+An image root filesystem is first created as an empty directory named with the
+ID of the image being created. Here is the initial empty directory structure
+for the changeset for an image with ID `c3167915dc9d` ([real IDs are much
+longer](#id_desc), but this example use a truncated one here for brevity.
+Implementations need not name the rootfs directory in this way but it may be
+convenient for keeping record of a large number of image layers.):
+
+```
+c3167915dc9d/
+```
+
+Files and directories are then created:
+
+```
+c3167915dc9d/
+    etc/
+        my-app-config
+    bin/
+        my-app-binary
+        my-app-tools
+```
+
+The `c3167915dc9d` directory is then committed as a plain Tar archive with
+entries for the following files:
+
+```
+etc/my-app-config
+bin/my-app-binary
+bin/my-app-tools
+```
+
+The TarSum checksum for the archive file is then computed and placed in the
+JSON metadata along with the execution parameters.
+
+To make changes to the filesystem of this container image, create a new
+directory named with a new ID, such as `f60c56784b83`, and initialize it with
+a snapshot of the parent image's root filesystem, so that the directory is
+identical to that of `c3167915dc9d`. NOTE: a copy-on-write or union filesystem
+can make this very efficient:
+
+```
+f60c56784b83/
+    etc/
+        my-app-config
+    bin/
+        my-app-binary
+        my-app-tools
+```
+
+This example change is going add a configuration directory at `/etc/my-app.d`
+which contains a default config file. There's also a change to the
+`my-app-tools` binary to handle the config layout change. The `f60c56784b83`
+directory then looks like this:
+
+```
+f60c56784b83/
+    etc/
+        my-app.d/
+            default.cfg
+    bin/
+        my-app-binary
+        my-app-tools
+```
+
+This reflects the removal of `/etc/my-app-config` and creation of a file and
+directory at `/etc/my-app.d/default.cfg`. `/bin/my-app-tools` has also been
+replaced with an updated version. Before committing this directory to a
+changeset, because it has a parent image, it is first compared with the
+directory tree of the parent snapshot, `f60c56784b83`, looking for files and
+directories that have been added, modified, or removed. The following changeset
+is found:
+
+```
+Added:      /etc/my-app.d/default.cfg
+Modified:   /bin/my-app-tools
+Deleted:    /etc/my-app-config
+```
+
+A Tar Archive is then created which contains *only* this changeset: The added
+and modified files and directories in their entirety, and for each deleted item
+an entry for an empty file at the same location but with the basename of the
+deleted file or directory prefixed with `.wh.`. The filenames prefixed with
+`.wh.` are known as "whiteout" files. NOTE: For this reason, it is not possible
+to create an image root filesystem which contains a file or directory with a
+name beginning with `.wh.`. The resulting Tar archive for `f60c56784b83` has
+the following entries:
+
+```
+/etc/my-app.d/default.cfg
+/bin/my-app-tools
+/etc/.wh.my-app-config
+```
+
+Any given image is likely to be composed of several of these Image Filesystem
+Changeset tar archives.
+
+## Combined Image JSON + Filesystem Changeset Format
+
+There is also a format for a single archive which contains complete information
+about an image, including:
+
+ - repository names/tags
+ - all image layer JSON files
+ - all tar archives of each layer filesystem changesets
+
+For example, here's what the full archive of `library/busybox` is (displayed in
+`tree` format):
+
+```
+.
+├── 5785b62b697b99a5af6cd5d0aabc804d5748abbb6d3d07da5d1d3795f2dcc83e
+│   ├── VERSION
+│   ├── json
+│   └── layer.tar
+├── a7b8b41220991bfc754d7ad445ad27b7f272ab8b4a2c175b9512b97471d02a8a
+│   ├── VERSION
+│   ├── json
+│   └── layer.tar
+├── a936027c5ca8bf8f517923169a233e391cbb38469a75de8383b5228dc2d26ceb
+│   ├── VERSION
+│   ├── json
+│   └── layer.tar
+├── f60c56784b832dd990022afc120b8136ab3da9528094752ae13fe63a2d28dc8c
+│   ├── VERSION
+│   ├── json
+│   └── layer.tar
+└── repositories
+```
+
+There are one or more directories named with the ID for each layer in a full
+image. Each of these directories contains 3 files:
+
+ * `VERSION` - The schema version of the `json` file
+ * `json` - The JSON metadata for an image layer
+ * `layer.tar` - The Tar archive of the filesystem changeset for an image
+   layer.
+
+The content of the `VERSION` files is simply the semantic version of the JSON
+metadata schema:
+
+```
+1.0
+```
+
+And the `repositories` file is another JSON file which describes names/tags:
+
+```
+{  
+    "busybox":{  
+        "latest":"5785b62b697b99a5af6cd5d0aabc804d5748abbb6d3d07da5d1d3795f2dcc83e"
+    }
+}
+```
+
+Every key in this object is the name of a repository, and maps to a collection
+of tag suffixes. Each tag maps to the ID of the image represented by that tag.
+
+## Loading an Image Filesystem Changeset
+
+Unpacking a bundle of image layer JSON files and their corresponding filesystem
+changesets can be done using a series of steps:
+
+1. Follow the parent IDs of image layers to find the root ancestor (an image
+with no parent ID specified).
+2. For every image layer, in order from root ancestor and descending down,
+extract the contents of that layer's filesystem changeset archive into a
+directory which will be used as the root of a container filesystem.
+
+    - Extract all contents of each archive.
+    - Walk the directory tree once more, removing any files with the prefix
+    `.wh.` and the corresponding file or directory named without this prefix.
+
+
+## Implementations
+
+This specification is an admittedly imperfect description of an
+imperfectly-understood problem. The Docker project is, in turn, an attempt to
+implement this specification. Our goal and our execution toward it will evolve
+over time, but our primary concern in this specification and in our
+implementation is compatibility and interoperability.
diff --git a/image/store.go b/image/store.go
new file mode 100644
index 00000000..92ac438d
--- /dev/null
+++ b/image/store.go
@@ -0,0 +1,295 @@
+package image
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"sync"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/layer"
+)
+
+// Store is an interface for creating and accessing images
+type Store interface {
+	Create(config []byte) (ID, error)
+	Get(id ID) (*Image, error)
+	Delete(id ID) ([]layer.Metadata, error)
+	Search(partialID string) (ID, error)
+	SetParent(id ID, parent ID) error
+	GetParent(id ID) (ID, error)
+	Children(id ID) []ID
+	Map() map[ID]*Image
+	Heads() map[ID]*Image
+}
+
+// LayerGetReleaser is a minimal interface for getting and releasing images.
+type LayerGetReleaser interface {
+	Get(layer.ChainID) (layer.Layer, error)
+	Release(layer.Layer) ([]layer.Metadata, error)
+}
+
+type imageMeta struct {
+	layer    layer.Layer
+	children map[ID]struct{}
+}
+
+type store struct {
+	sync.Mutex
+	ls        LayerGetReleaser
+	images    map[ID]*imageMeta
+	fs        StoreBackend
+	digestSet *digest.Set
+}
+
+// NewImageStore returns new store object for given layer store
+func NewImageStore(fs StoreBackend, ls LayerGetReleaser) (Store, error) {
+	is := &store{
+		ls:        ls,
+		images:    make(map[ID]*imageMeta),
+		fs:        fs,
+		digestSet: digest.NewSet(),
+	}
+
+	// load all current images and retain layers
+	if err := is.restore(); err != nil {
+		return nil, err
+	}
+
+	return is, nil
+}
+
+func (is *store) restore() error {
+	err := is.fs.Walk(func(id ID) error {
+		img, err := is.Get(id)
+		if err != nil {
+			logrus.Errorf("invalid image %v, %v", id, err)
+			return nil
+		}
+		var l layer.Layer
+		if chainID := img.RootFS.ChainID(); chainID != "" {
+			l, err = is.ls.Get(chainID)
+			if err != nil {
+				return err
+			}
+		}
+		if err := is.digestSet.Add(digest.Digest(id)); err != nil {
+			return err
+		}
+
+		imageMeta := &imageMeta{
+			layer:    l,
+			children: make(map[ID]struct{}),
+		}
+
+		is.images[ID(id)] = imageMeta
+
+		return nil
+	})
+	if err != nil {
+		return err
+	}
+
+	// Second pass to fill in children maps
+	for id := range is.images {
+		if parent, err := is.GetParent(id); err == nil {
+			if parentMeta := is.images[parent]; parentMeta != nil {
+				parentMeta.children[id] = struct{}{}
+			}
+		}
+	}
+
+	return nil
+}
+
+func (is *store) Create(config []byte) (ID, error) {
+	var img Image
+	err := json.Unmarshal(config, &img)
+	if err != nil {
+		return "", err
+	}
+
+	// Must reject any config that references diffIDs from the history
+	// which aren't among the rootfs layers.
+	rootFSLayers := make(map[layer.DiffID]struct{})
+	for _, diffID := range img.RootFS.DiffIDs {
+		rootFSLayers[diffID] = struct{}{}
+	}
+
+	layerCounter := 0
+	for _, h := range img.History {
+		if !h.EmptyLayer {
+			layerCounter++
+		}
+	}
+	if layerCounter > len(img.RootFS.DiffIDs) {
+		return "", errors.New("too many non-empty layers in History section")
+	}
+
+	dgst, err := is.fs.Set(config)
+	if err != nil {
+		return "", err
+	}
+	imageID := ID(dgst)
+
+	is.Lock()
+	defer is.Unlock()
+
+	if _, exists := is.images[imageID]; exists {
+		return imageID, nil
+	}
+
+	layerID := img.RootFS.ChainID()
+
+	var l layer.Layer
+	if layerID != "" {
+		l, err = is.ls.Get(layerID)
+		if err != nil {
+			return "", err
+		}
+	}
+
+	imageMeta := &imageMeta{
+		layer:    l,
+		children: make(map[ID]struct{}),
+	}
+
+	is.images[imageID] = imageMeta
+	if err := is.digestSet.Add(digest.Digest(imageID)); err != nil {
+		delete(is.images, imageID)
+		return "", err
+	}
+
+	return imageID, nil
+}
+
+func (is *store) Search(term string) (ID, error) {
+	is.Lock()
+	defer is.Unlock()
+
+	dgst, err := is.digestSet.Lookup(term)
+	if err != nil {
+		if err == digest.ErrDigestNotFound {
+			err = fmt.Errorf("No such image: %s", term)
+		}
+		return "", err
+	}
+	return ID(dgst), nil
+}
+
+func (is *store) Get(id ID) (*Image, error) {
+	// todo: Check if image is in images
+	// todo: Detect manual insertions and start using them
+	config, err := is.fs.Get(id)
+	if err != nil {
+		return nil, err
+	}
+
+	img, err := NewFromJSON(config)
+	if err != nil {
+		return nil, err
+	}
+	img.computedID = id
+
+	img.Parent, err = is.GetParent(id)
+	if err != nil {
+		img.Parent = ""
+	}
+
+	return img, nil
+}
+
+func (is *store) Delete(id ID) ([]layer.Metadata, error) {
+	is.Lock()
+	defer is.Unlock()
+
+	imageMeta := is.images[id]
+	if imageMeta == nil {
+		return nil, fmt.Errorf("unrecognized image ID %s", id.String())
+	}
+	for id := range imageMeta.children {
+		is.fs.DeleteMetadata(id, "parent")
+	}
+	if parent, err := is.GetParent(id); err == nil && is.images[parent] != nil {
+		delete(is.images[parent].children, id)
+	}
+
+	if err := is.digestSet.Remove(digest.Digest(id)); err != nil {
+		logrus.Errorf("error removing %s from digest set: %q", id, err)
+	}
+	delete(is.images, id)
+	is.fs.Delete(id)
+
+	if imageMeta.layer != nil {
+		return is.ls.Release(imageMeta.layer)
+	}
+	return nil, nil
+}
+
+func (is *store) SetParent(id, parent ID) error {
+	is.Lock()
+	defer is.Unlock()
+	parentMeta := is.images[parent]
+	if parentMeta == nil {
+		return fmt.Errorf("unknown parent image ID %s", parent.String())
+	}
+	if parent, err := is.GetParent(id); err == nil && is.images[parent] != nil {
+		delete(is.images[parent].children, id)
+	}
+	parentMeta.children[id] = struct{}{}
+	return is.fs.SetMetadata(id, "parent", []byte(parent))
+}
+
+func (is *store) GetParent(id ID) (ID, error) {
+	d, err := is.fs.GetMetadata(id, "parent")
+	if err != nil {
+		return "", err
+	}
+	return ID(d), nil // todo: validate?
+}
+
+func (is *store) Children(id ID) []ID {
+	is.Lock()
+	defer is.Unlock()
+
+	return is.children(id)
+}
+
+func (is *store) children(id ID) []ID {
+	var ids []ID
+	if is.images[id] != nil {
+		for id := range is.images[id].children {
+			ids = append(ids, id)
+		}
+	}
+	return ids
+}
+
+func (is *store) Heads() map[ID]*Image {
+	return is.imagesMap(false)
+}
+
+func (is *store) Map() map[ID]*Image {
+	return is.imagesMap(true)
+}
+
+func (is *store) imagesMap(all bool) map[ID]*Image {
+	is.Lock()
+	defer is.Unlock()
+
+	images := make(map[ID]*Image)
+
+	for id := range is.images {
+		if !all && len(is.children(id)) > 0 {
+			continue
+		}
+		img, err := is.Get(id)
+		if err != nil {
+			logrus.Errorf("invalid image access: %q, error: %q", id, err)
+			continue
+		}
+		images[id] = img
+	}
+	return images
+}
diff --git a/image/store_test.go b/image/store_test.go
new file mode 100644
index 00000000..50f8aa8b
--- /dev/null
+++ b/image/store_test.go
@@ -0,0 +1,300 @@
+package image
+
+import (
+	"io/ioutil"
+	"os"
+	"testing"
+
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/layer"
+)
+
+func TestRestore(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "images-fs-store")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	fs, err := NewFSStoreBackend(tmpdir)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	id1, err := fs.Set([]byte(`{"comment": "abc", "rootfs": {"type": "layers"}}`))
+	if err != nil {
+		t.Fatal(err)
+	}
+	_, err = fs.Set([]byte(`invalid`))
+	if err != nil {
+		t.Fatal(err)
+	}
+	id2, err := fs.Set([]byte(`{"comment": "def", "rootfs": {"type": "layers", "diff_ids": ["2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae"]}}`))
+	if err != nil {
+		t.Fatal(err)
+	}
+	err = fs.SetMetadata(id2, "parent", []byte(id1))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	is, err := NewImageStore(fs, &mockLayerGetReleaser{})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	imgs := is.Map()
+	if actual, expected := len(imgs), 2; actual != expected {
+		t.Fatalf("invalid images length, expected 2, got %q", len(imgs))
+	}
+
+	img1, err := is.Get(ID(id1))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if actual, expected := img1.computedID, ID(id1); actual != expected {
+		t.Fatalf("invalid image ID: expected %q, got %q", expected, actual)
+	}
+
+	if actual, expected := img1.computedID.String(), string(id1); actual != expected {
+		t.Fatalf("invalid image ID string: expected %q, got %q", expected, actual)
+	}
+
+	img2, err := is.Get(ID(id2))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if actual, expected := img1.Comment, "abc"; actual != expected {
+		t.Fatalf("invalid comment for image1: expected %q, got %q", expected, actual)
+	}
+
+	if actual, expected := img2.Comment, "def"; actual != expected {
+		t.Fatalf("invalid comment for image2: expected %q, got %q", expected, actual)
+	}
+
+	p, err := is.GetParent(ID(id1))
+	if err == nil {
+		t.Fatal("expected error for getting parent")
+	}
+
+	p, err = is.GetParent(ID(id2))
+	if err != nil {
+		t.Fatal(err)
+	}
+	if actual, expected := p, ID(id1); actual != expected {
+		t.Fatalf("invalid parent: expected %q, got %q", expected, actual)
+	}
+
+	children := is.Children(ID(id1))
+	if len(children) != 1 {
+		t.Fatalf("invalid children length: %q", len(children))
+	}
+	if actual, expected := children[0], ID(id2); actual != expected {
+		t.Fatalf("invalid child for id1: expected %q, got %q", expected, actual)
+	}
+
+	heads := is.Heads()
+	if actual, expected := len(heads), 1; actual != expected {
+		t.Fatalf("invalid images length: expected %q, got %q", expected, actual)
+	}
+
+	sid1, err := is.Search(string(id1)[:10])
+	if err != nil {
+		t.Fatal(err)
+	}
+	if actual, expected := sid1, ID(id1); actual != expected {
+		t.Fatalf("searched ID mismatch: expected %q, got %q", expected, actual)
+	}
+
+	sid1, err = is.Search(digest.Digest(id1).Hex()[:6])
+	if err != nil {
+		t.Fatal(err)
+	}
+	if actual, expected := sid1, ID(id1); actual != expected {
+		t.Fatalf("searched ID mismatch: expected %q, got %q", expected, actual)
+	}
+
+	invalidPattern := digest.Digest(id1).Hex()[1:6]
+	_, err = is.Search(invalidPattern)
+	if err == nil {
+		t.Fatalf("expected search for %q to fail", invalidPattern)
+	}
+
+}
+
+func TestAddDelete(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "images-fs-store")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	fs, err := NewFSStoreBackend(tmpdir)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	is, err := NewImageStore(fs, &mockLayerGetReleaser{})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	id1, err := is.Create([]byte(`{"comment": "abc", "rootfs": {"type": "layers", "diff_ids": ["2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae"]}}`))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if actual, expected := id1, ID("sha256:8d25a9c45df515f9d0fe8e4a6b1c64dd3b965a84790ddbcc7954bb9bc89eb993"); actual != expected {
+		t.Fatalf("create ID mismatch: expected %q, got %q", expected, actual)
+	}
+
+	img, err := is.Get(id1)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if actual, expected := img.Comment, "abc"; actual != expected {
+		t.Fatalf("invalid comment in image: expected %q, got %q", expected, actual)
+	}
+
+	id2, err := is.Create([]byte(`{"comment": "def", "rootfs": {"type": "layers", "diff_ids": ["2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae"]}}`))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	err = is.SetParent(id2, id1)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	pid1, err := is.GetParent(id2)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if actual, expected := pid1, id1; actual != expected {
+		t.Fatalf("invalid parent for image: expected %q, got %q", expected, actual)
+	}
+
+	_, err = is.Delete(id1)
+	if err != nil {
+		t.Fatal(err)
+	}
+	_, err = is.Get(id1)
+	if err == nil {
+		t.Fatalf("expected get for deleted image %q to fail", id1)
+	}
+	_, err = is.Get(id2)
+	if err != nil {
+		t.Fatal(err)
+	}
+	pid1, err = is.GetParent(id2)
+	if err == nil {
+		t.Fatalf("expected parent check for image %q to fail, got %q", id2, pid1)
+	}
+
+}
+
+func TestSearchAfterDelete(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "images-fs-store")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	fs, err := NewFSStoreBackend(tmpdir)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	is, err := NewImageStore(fs, &mockLayerGetReleaser{})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	id, err := is.Create([]byte(`{"comment": "abc", "rootfs": {"type": "layers"}}`))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	id1, err := is.Search(string(id)[:15])
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if actual, expected := id1, id; expected != actual {
+		t.Fatalf("wrong id returned from search: expected %q, got %q", expected, actual)
+	}
+
+	if _, err := is.Delete(id); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := is.Search(string(id)[:15]); err == nil {
+		t.Fatal("expected search after deletion to fail")
+	}
+}
+
+func TestParentReset(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "images-fs-store")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	fs, err := NewFSStoreBackend(tmpdir)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	is, err := NewImageStore(fs, &mockLayerGetReleaser{})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	id, err := is.Create([]byte(`{"comment": "abc1", "rootfs": {"type": "layers"}}`))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	id2, err := is.Create([]byte(`{"comment": "abc2", "rootfs": {"type": "layers"}}`))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	id3, err := is.Create([]byte(`{"comment": "abc3", "rootfs": {"type": "layers"}}`))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if err := is.SetParent(id, id2); err != nil {
+		t.Fatal(err)
+	}
+
+	ids := is.Children(id2)
+	if actual, expected := len(ids), 1; expected != actual {
+		t.Fatalf("wrong number of children: %d, got %d", expected, actual)
+	}
+
+	if err := is.SetParent(id, id3); err != nil {
+		t.Fatal(err)
+	}
+
+	ids = is.Children(id2)
+	if actual, expected := len(ids), 0; expected != actual {
+		t.Fatalf("wrong number of children after parent reset: %d, got %d", expected, actual)
+	}
+
+	ids = is.Children(id3)
+	if actual, expected := len(ids), 1; expected != actual {
+		t.Fatalf("wrong number of children after parent reset: %d, got %d", expected, actual)
+	}
+
+}
+
+type mockLayerGetReleaser struct{}
+
+func (ls *mockLayerGetReleaser) Get(layer.ChainID) (layer.Layer, error) {
+	return nil, nil
+}
+
+func (ls *mockLayerGetReleaser) Release(layer.Layer) ([]layer.Metadata, error) {
+	return nil, nil
+}
diff --git a/image/tarexport/load.go b/image/tarexport/load.go
new file mode 100644
index 00000000..42eaa40b
--- /dev/null
+++ b/image/tarexport/load.go
@@ -0,0 +1,372 @@
+package tarexport
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"reflect"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/image/v1"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/chrootarchive"
+	"github.com/docker/docker/pkg/progress"
+	"github.com/docker/docker/pkg/streamformatter"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/docker/pkg/symlink"
+	"github.com/docker/docker/reference"
+)
+
+func (l *tarexporter) Load(inTar io.ReadCloser, outStream io.Writer, quiet bool) error {
+	var (
+		sf             = streamformatter.NewJSONStreamFormatter()
+		progressOutput progress.Output
+	)
+	if !quiet {
+		progressOutput = sf.NewProgressOutput(outStream, false)
+		outStream = &streamformatter.StdoutFormatter{Writer: outStream, StreamFormatter: streamformatter.NewJSONStreamFormatter()}
+	}
+
+	tmpDir, err := ioutil.TempDir("", "docker-import-")
+	if err != nil {
+		return err
+	}
+	defer os.RemoveAll(tmpDir)
+
+	if err := chrootarchive.Untar(inTar, tmpDir, nil); err != nil {
+		return err
+	}
+	// read manifest, if no file then load in legacy mode
+	manifestPath, err := safePath(tmpDir, manifestFileName)
+	if err != nil {
+		return err
+	}
+	manifestFile, err := os.Open(manifestPath)
+	if err != nil {
+		if os.IsNotExist(err) {
+			return l.legacyLoad(tmpDir, outStream, progressOutput)
+		}
+		return manifestFile.Close()
+	}
+	defer manifestFile.Close()
+
+	var manifest []manifestItem
+	if err := json.NewDecoder(manifestFile).Decode(&manifest); err != nil {
+		return err
+	}
+
+	var parentLinks []parentLink
+
+	for _, m := range manifest {
+		configPath, err := safePath(tmpDir, m.Config)
+		if err != nil {
+			return err
+		}
+		config, err := ioutil.ReadFile(configPath)
+		if err != nil {
+			return err
+		}
+		img, err := image.NewFromJSON(config)
+		if err != nil {
+			return err
+		}
+		var rootFS image.RootFS
+		rootFS = *img.RootFS
+		rootFS.DiffIDs = nil
+
+		if expected, actual := len(m.Layers), len(img.RootFS.DiffIDs); expected != actual {
+			return fmt.Errorf("invalid manifest, layers length mismatch: expected %q, got %q", expected, actual)
+		}
+
+		for i, diffID := range img.RootFS.DiffIDs {
+			layerPath, err := safePath(tmpDir, m.Layers[i])
+			if err != nil {
+				return err
+			}
+			r := rootFS
+			r.Append(diffID)
+			newLayer, err := l.ls.Get(r.ChainID())
+			if err != nil {
+				newLayer, err = l.loadLayer(layerPath, rootFS, diffID.String(), progressOutput)
+				if err != nil {
+					return err
+				}
+			}
+			defer layer.ReleaseAndLog(l.ls, newLayer)
+			if expected, actual := diffID, newLayer.DiffID(); expected != actual {
+				return fmt.Errorf("invalid diffID for layer %d: expected %q, got %q", i, expected, actual)
+			}
+			rootFS.Append(diffID)
+		}
+
+		imgID, err := l.is.Create(config)
+		if err != nil {
+			return err
+		}
+
+		for _, repoTag := range m.RepoTags {
+			named, err := reference.ParseNamed(repoTag)
+			if err != nil {
+				return err
+			}
+			ref, ok := named.(reference.NamedTagged)
+			if !ok {
+				return fmt.Errorf("invalid tag %q", repoTag)
+			}
+			l.setLoadedTag(ref, imgID, outStream)
+		}
+
+		parentLinks = append(parentLinks, parentLink{imgID, m.Parent})
+	}
+
+	for _, p := range validatedParentLinks(parentLinks) {
+		if p.parentID != "" {
+			if err := l.setParentID(p.id, p.parentID); err != nil {
+				return err
+			}
+		}
+	}
+
+	return nil
+}
+
+func (l *tarexporter) setParentID(id, parentID image.ID) error {
+	img, err := l.is.Get(id)
+	if err != nil {
+		return err
+	}
+	parent, err := l.is.Get(parentID)
+	if err != nil {
+		return err
+	}
+	if !checkValidParent(img, parent) {
+		return fmt.Errorf("image %v is not a valid parent for %v", parent.ID, img.ID)
+	}
+	return l.is.SetParent(id, parentID)
+}
+
+func (l *tarexporter) loadLayer(filename string, rootFS image.RootFS, id string, progressOutput progress.Output) (layer.Layer, error) {
+	rawTar, err := os.Open(filename)
+	if err != nil {
+		logrus.Debugf("Error reading embedded tar: %v", err)
+		return nil, err
+	}
+	defer rawTar.Close()
+
+	inflatedLayerData, err := archive.DecompressStream(rawTar)
+	if err != nil {
+		return nil, err
+	}
+	defer inflatedLayerData.Close()
+
+	if progressOutput != nil {
+		fileInfo, err := os.Stat(filename)
+		if err != nil {
+			logrus.Debugf("Error statting file: %v", err)
+			return nil, err
+		}
+
+		progressReader := progress.NewProgressReader(inflatedLayerData, progressOutput, fileInfo.Size(), stringid.TruncateID(id), "Loading layer")
+
+		return l.ls.Register(progressReader, rootFS.ChainID())
+	}
+	return l.ls.Register(inflatedLayerData, rootFS.ChainID())
+}
+
+func (l *tarexporter) setLoadedTag(ref reference.NamedTagged, imgID image.ID, outStream io.Writer) error {
+	if prevID, err := l.rs.Get(ref); err == nil && prevID != imgID {
+		fmt.Fprintf(outStream, "The image %s already exists, renaming the old one with ID %s to empty string\n", ref.String(), string(prevID)) // todo: this message is wrong in case of multiple tags
+	}
+
+	if err := l.rs.AddTag(ref, imgID, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (l *tarexporter) legacyLoad(tmpDir string, outStream io.Writer, progressOutput progress.Output) error {
+	legacyLoadedMap := make(map[string]image.ID)
+
+	dirs, err := ioutil.ReadDir(tmpDir)
+	if err != nil {
+		return err
+	}
+
+	// every dir represents an image
+	for _, d := range dirs {
+		if d.IsDir() {
+			if err := l.legacyLoadImage(d.Name(), tmpDir, legacyLoadedMap, progressOutput); err != nil {
+				return err
+			}
+		}
+	}
+
+	// load tags from repositories file
+	repositoriesPath, err := safePath(tmpDir, legacyRepositoriesFileName)
+	if err != nil {
+		return err
+	}
+	repositoriesFile, err := os.Open(repositoriesPath)
+	if err != nil {
+		if !os.IsNotExist(err) {
+			return err
+		}
+		return repositoriesFile.Close()
+	}
+	defer repositoriesFile.Close()
+
+	repositories := make(map[string]map[string]string)
+	if err := json.NewDecoder(repositoriesFile).Decode(&repositories); err != nil {
+		return err
+	}
+
+	for name, tagMap := range repositories {
+		for tag, oldID := range tagMap {
+			imgID, ok := legacyLoadedMap[oldID]
+			if !ok {
+				return fmt.Errorf("invalid target ID: %v", oldID)
+			}
+			named, err := reference.WithName(name)
+			if err != nil {
+				return err
+			}
+			ref, err := reference.WithTag(named, tag)
+			if err != nil {
+				return err
+			}
+			l.setLoadedTag(ref, imgID, outStream)
+		}
+	}
+
+	return nil
+}
+
+func (l *tarexporter) legacyLoadImage(oldID, sourceDir string, loadedMap map[string]image.ID, progressOutput progress.Output) error {
+	if _, loaded := loadedMap[oldID]; loaded {
+		return nil
+	}
+	configPath, err := safePath(sourceDir, filepath.Join(oldID, legacyConfigFileName))
+	if err != nil {
+		return err
+	}
+	imageJSON, err := ioutil.ReadFile(configPath)
+	if err != nil {
+		logrus.Debugf("Error reading json: %v", err)
+		return err
+	}
+
+	var img struct{ Parent string }
+	if err := json.Unmarshal(imageJSON, &img); err != nil {
+		return err
+	}
+
+	var parentID image.ID
+	if img.Parent != "" {
+		for {
+			var loaded bool
+			if parentID, loaded = loadedMap[img.Parent]; !loaded {
+				if err := l.legacyLoadImage(img.Parent, sourceDir, loadedMap, progressOutput); err != nil {
+					return err
+				}
+			} else {
+				break
+			}
+		}
+	}
+
+	// todo: try to connect with migrate code
+	rootFS := image.NewRootFS()
+	var history []image.History
+
+	if parentID != "" {
+		parentImg, err := l.is.Get(parentID)
+		if err != nil {
+			return err
+		}
+
+		rootFS = parentImg.RootFS
+		history = parentImg.History
+	}
+
+	layerPath, err := safePath(sourceDir, filepath.Join(oldID, legacyLayerFileName))
+	if err != nil {
+		return err
+	}
+	newLayer, err := l.loadLayer(layerPath, *rootFS, oldID, progressOutput)
+	if err != nil {
+		return err
+	}
+	rootFS.Append(newLayer.DiffID())
+
+	h, err := v1.HistoryFromConfig(imageJSON, false)
+	if err != nil {
+		return err
+	}
+	history = append(history, h)
+
+	config, err := v1.MakeConfigFromV1Config(imageJSON, rootFS, history)
+	if err != nil {
+		return err
+	}
+	imgID, err := l.is.Create(config)
+	if err != nil {
+		return err
+	}
+
+	metadata, err := l.ls.Release(newLayer)
+	layer.LogReleaseMetadata(metadata)
+	if err != nil {
+		return err
+	}
+
+	if parentID != "" {
+		if err := l.is.SetParent(imgID, parentID); err != nil {
+			return err
+		}
+	}
+
+	loadedMap[oldID] = imgID
+	return nil
+}
+
+func safePath(base, path string) (string, error) {
+	return symlink.FollowSymlinkInScope(filepath.Join(base, path), base)
+}
+
+type parentLink struct {
+	id, parentID image.ID
+}
+
+func validatedParentLinks(pl []parentLink) (ret []parentLink) {
+mainloop:
+	for i, p := range pl {
+		ret = append(ret, p)
+		for _, p2 := range pl {
+			if p2.id == p.parentID && p2.id != p.id {
+				continue mainloop
+			}
+		}
+		ret[i].parentID = ""
+	}
+	return
+}
+
+func checkValidParent(img, parent *image.Image) bool {
+	if len(img.History) == 0 && len(parent.History) == 0 {
+		return true // having history is not mandatory
+	}
+	if len(img.History)-len(parent.History) != 1 {
+		return false
+	}
+	for i, h := range parent.History {
+		if !reflect.DeepEqual(h, img.History[i]) {
+			return false
+		}
+	}
+	return true
+}
diff --git a/image/tarexport/save.go b/image/tarexport/save.go
new file mode 100644
index 00000000..9ec3cc9f
--- /dev/null
+++ b/image/tarexport/save.go
@@ -0,0 +1,319 @@
+package tarexport
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"time"
+
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/image/v1"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/system"
+	"github.com/docker/docker/reference"
+)
+
+type imageDescriptor struct {
+	refs   []reference.NamedTagged
+	layers []string
+}
+
+type saveSession struct {
+	*tarexporter
+	outDir      string
+	images      map[image.ID]*imageDescriptor
+	savedLayers map[string]struct{}
+}
+
+func (l *tarexporter) Save(names []string, outStream io.Writer) error {
+	images, err := l.parseNames(names)
+	if err != nil {
+		return err
+	}
+
+	return (&saveSession{tarexporter: l, images: images}).save(outStream)
+}
+
+func (l *tarexporter) parseNames(names []string) (map[image.ID]*imageDescriptor, error) {
+	imgDescr := make(map[image.ID]*imageDescriptor)
+
+	addAssoc := func(id image.ID, ref reference.Named) {
+		if _, ok := imgDescr[id]; !ok {
+			imgDescr[id] = &imageDescriptor{}
+		}
+
+		if ref != nil {
+			var tagged reference.NamedTagged
+			if _, ok := ref.(reference.Canonical); ok {
+				return
+			}
+			var ok bool
+			if tagged, ok = ref.(reference.NamedTagged); !ok {
+				var err error
+				if tagged, err = reference.WithTag(ref, reference.DefaultTag); err != nil {
+					return
+				}
+			}
+
+			for _, t := range imgDescr[id].refs {
+				if tagged.String() == t.String() {
+					return
+				}
+			}
+			imgDescr[id].refs = append(imgDescr[id].refs, tagged)
+		}
+	}
+
+	for _, name := range names {
+		id, ref, err := reference.ParseIDOrReference(name)
+		if err != nil {
+			return nil, err
+		}
+		if id != "" {
+			_, err := l.is.Get(image.ID(id))
+			if err != nil {
+				return nil, err
+			}
+			addAssoc(image.ID(id), nil)
+			continue
+		}
+		if ref.Name() == string(digest.Canonical) {
+			imgID, err := l.is.Search(name)
+			if err != nil {
+				return nil, err
+			}
+			addAssoc(imgID, nil)
+			continue
+		}
+		if reference.IsNameOnly(ref) {
+			assocs := l.rs.ReferencesByName(ref)
+			for _, assoc := range assocs {
+				addAssoc(assoc.ImageID, assoc.Ref)
+			}
+			if len(assocs) == 0 {
+				imgID, err := l.is.Search(name)
+				if err != nil {
+					return nil, err
+				}
+				addAssoc(imgID, nil)
+			}
+			continue
+		}
+		var imgID image.ID
+		if imgID, err = l.rs.Get(ref); err != nil {
+			return nil, err
+		}
+		addAssoc(imgID, ref)
+
+	}
+	return imgDescr, nil
+}
+
+func (s *saveSession) save(outStream io.Writer) error {
+	s.savedLayers = make(map[string]struct{})
+
+	// get image json
+	tempDir, err := ioutil.TempDir("", "docker-export-")
+	if err != nil {
+		return err
+	}
+	defer os.RemoveAll(tempDir)
+
+	s.outDir = tempDir
+	reposLegacy := make(map[string]map[string]string)
+
+	var manifest []manifestItem
+	var parentLinks []parentLink
+
+	for id, imageDescr := range s.images {
+		if err = s.saveImage(id); err != nil {
+			return err
+		}
+
+		var repoTags []string
+		var layers []string
+
+		for _, ref := range imageDescr.refs {
+			if _, ok := reposLegacy[ref.Name()]; !ok {
+				reposLegacy[ref.Name()] = make(map[string]string)
+			}
+			reposLegacy[ref.Name()][ref.Tag()] = imageDescr.layers[len(imageDescr.layers)-1]
+			repoTags = append(repoTags, ref.String())
+		}
+
+		for _, l := range imageDescr.layers {
+			layers = append(layers, filepath.Join(l, legacyLayerFileName))
+		}
+
+		manifest = append(manifest, manifestItem{
+			Config:   digest.Digest(id).Hex() + ".json",
+			RepoTags: repoTags,
+			Layers:   layers,
+		})
+
+		parentID, _ := s.is.GetParent(id)
+		parentLinks = append(parentLinks, parentLink{id, parentID})
+	}
+
+	for i, p := range validatedParentLinks(parentLinks) {
+		if p.parentID != "" {
+			manifest[i].Parent = p.parentID
+		}
+	}
+
+	if len(reposLegacy) > 0 {
+		reposFile := filepath.Join(tempDir, legacyRepositoriesFileName)
+		f, err := os.OpenFile(reposFile, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0644)
+		if err != nil {
+			f.Close()
+			return err
+		}
+		if err := json.NewEncoder(f).Encode(reposLegacy); err != nil {
+			return err
+		}
+		if err := f.Close(); err != nil {
+			return err
+		}
+		if err := system.Chtimes(reposFile, time.Unix(0, 0), time.Unix(0, 0)); err != nil {
+			return err
+		}
+	}
+
+	manifestFileName := filepath.Join(tempDir, manifestFileName)
+	f, err := os.OpenFile(manifestFileName, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0644)
+	if err != nil {
+		f.Close()
+		return err
+	}
+	if err := json.NewEncoder(f).Encode(manifest); err != nil {
+		return err
+	}
+	if err := f.Close(); err != nil {
+		return err
+	}
+	if err := system.Chtimes(manifestFileName, time.Unix(0, 0), time.Unix(0, 0)); err != nil {
+		return err
+	}
+
+	fs, err := archive.Tar(tempDir, archive.Uncompressed)
+	if err != nil {
+		return err
+	}
+	defer fs.Close()
+
+	if _, err := io.Copy(outStream, fs); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (s *saveSession) saveImage(id image.ID) error {
+	img, err := s.is.Get(id)
+	if err != nil {
+		return err
+	}
+
+	if len(img.RootFS.DiffIDs) == 0 {
+		return fmt.Errorf("empty export - not implemented")
+	}
+
+	var parent digest.Digest
+	var layers []string
+	for i := range img.RootFS.DiffIDs {
+		v1Img := image.V1Image{}
+		if i == len(img.RootFS.DiffIDs)-1 {
+			v1Img = img.V1Image
+		}
+		rootFS := *img.RootFS
+		rootFS.DiffIDs = rootFS.DiffIDs[:i+1]
+		v1ID, err := v1.CreateID(v1Img, rootFS.ChainID(), parent)
+		if err != nil {
+			return err
+		}
+
+		v1Img.ID = v1ID.Hex()
+		if parent != "" {
+			v1Img.Parent = parent.Hex()
+		}
+
+		if err := s.saveLayer(rootFS.ChainID(), v1Img, img.Created); err != nil {
+			return err
+		}
+		layers = append(layers, v1Img.ID)
+		parent = v1ID
+	}
+
+	configFile := filepath.Join(s.outDir, digest.Digest(id).Hex()+".json")
+	if err := ioutil.WriteFile(configFile, img.RawJSON(), 0644); err != nil {
+		return err
+	}
+	if err := system.Chtimes(configFile, img.Created, img.Created); err != nil {
+		return err
+	}
+
+	s.images[id].layers = layers
+	return nil
+}
+
+func (s *saveSession) saveLayer(id layer.ChainID, legacyImg image.V1Image, createdTime time.Time) error {
+	if _, exists := s.savedLayers[legacyImg.ID]; exists {
+		return nil
+	}
+
+	outDir := filepath.Join(s.outDir, legacyImg.ID)
+	if err := os.Mkdir(outDir, 0755); err != nil {
+		return err
+	}
+
+	// todo: why is this version file here?
+	if err := ioutil.WriteFile(filepath.Join(outDir, legacyVersionFileName), []byte("1.0"), 0644); err != nil {
+		return err
+	}
+
+	imageConfig, err := json.Marshal(legacyImg)
+	if err != nil {
+		return err
+	}
+
+	if err := ioutil.WriteFile(filepath.Join(outDir, legacyConfigFileName), imageConfig, 0644); err != nil {
+		return err
+	}
+
+	// serialize filesystem
+	tarFile, err := os.Create(filepath.Join(outDir, legacyLayerFileName))
+	if err != nil {
+		return err
+	}
+	defer tarFile.Close()
+
+	l, err := s.ls.Get(id)
+	if err != nil {
+		return err
+	}
+	defer layer.ReleaseAndLog(s.ls, l)
+
+	arch, err := l.TarStream()
+	if err != nil {
+		return err
+	}
+	defer arch.Close()
+
+	if _, err := io.Copy(tarFile, arch); err != nil {
+		return err
+	}
+
+	for _, fname := range []string{"", legacyVersionFileName, legacyConfigFileName, legacyLayerFileName} {
+		// todo: maybe save layer created timestamp?
+		if err := system.Chtimes(filepath.Join(outDir, fname), createdTime, createdTime); err != nil {
+			return err
+		}
+	}
+
+	s.savedLayers[legacyImg.ID] = struct{}{}
+	return nil
+}
diff --git a/image/tarexport/tarexport.go b/image/tarexport/tarexport.go
new file mode 100644
index 00000000..5e208777
--- /dev/null
+++ b/image/tarexport/tarexport.go
@@ -0,0 +1,37 @@
+package tarexport
+
+import (
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/reference"
+)
+
+const (
+	manifestFileName           = "manifest.json"
+	legacyLayerFileName        = "layer.tar"
+	legacyConfigFileName       = "json"
+	legacyVersionFileName      = "VERSION"
+	legacyRepositoriesFileName = "repositories"
+)
+
+type manifestItem struct {
+	Config   string
+	RepoTags []string
+	Layers   []string
+	Parent   image.ID `json:",omitempty"`
+}
+
+type tarexporter struct {
+	is image.Store
+	ls layer.Store
+	rs reference.Store
+}
+
+// NewTarExporter returns new ImageExporter for tar packages
+func NewTarExporter(is image.Store, ls layer.Store, rs reference.Store) image.Exporter {
+	return &tarexporter{
+		is: is,
+		ls: ls,
+		rs: rs,
+	}
+}
diff --git a/image/v1/imagev1.go b/image/v1/imagev1.go
new file mode 100644
index 00000000..e27ebd4c
--- /dev/null
+++ b/image/v1/imagev1.go
@@ -0,0 +1,148 @@
+package v1
+
+import (
+	"encoding/json"
+	"fmt"
+	"regexp"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/pkg/version"
+)
+
+var validHex = regexp.MustCompile(`^([a-f0-9]{64})$`)
+
+// noFallbackMinVersion is the minimum version for which v1compatibility
+// information will not be marshaled through the Image struct to remove
+// blank fields.
+var noFallbackMinVersion = version.Version("1.8.3")
+
+// HistoryFromConfig creates a History struct from v1 configuration JSON
+func HistoryFromConfig(imageJSON []byte, emptyLayer bool) (image.History, error) {
+	h := image.History{}
+	var v1Image image.V1Image
+	if err := json.Unmarshal(imageJSON, &v1Image); err != nil {
+		return h, err
+	}
+
+	return image.History{
+		Author:     v1Image.Author,
+		Created:    v1Image.Created,
+		CreatedBy:  strings.Join(v1Image.ContainerConfig.Cmd, " "),
+		Comment:    v1Image.Comment,
+		EmptyLayer: emptyLayer,
+	}, nil
+}
+
+// CreateID creates an ID from v1 image, layerID and parent ID.
+// Used for backwards compatibility with old clients.
+func CreateID(v1Image image.V1Image, layerID layer.ChainID, parent digest.Digest) (digest.Digest, error) {
+	v1Image.ID = ""
+	v1JSON, err := json.Marshal(v1Image)
+	if err != nil {
+		return "", err
+	}
+
+	var config map[string]*json.RawMessage
+	if err := json.Unmarshal(v1JSON, &config); err != nil {
+		return "", err
+	}
+
+	// FIXME: note that this is slightly incompatible with RootFS logic
+	config["layer_id"] = rawJSON(layerID)
+	if parent != "" {
+		config["parent"] = rawJSON(parent)
+	}
+
+	configJSON, err := json.Marshal(config)
+	if err != nil {
+		return "", err
+	}
+	logrus.Debugf("CreateV1ID %s", configJSON)
+
+	return digest.FromBytes(configJSON), nil
+}
+
+// MakeConfigFromV1Config creates an image config from the legacy V1 config format.
+func MakeConfigFromV1Config(imageJSON []byte, rootfs *image.RootFS, history []image.History) ([]byte, error) {
+	var dver struct {
+		DockerVersion string `json:"docker_version"`
+	}
+
+	if err := json.Unmarshal(imageJSON, &dver); err != nil {
+		return nil, err
+	}
+
+	useFallback := version.Version(dver.DockerVersion).LessThan(noFallbackMinVersion)
+
+	if useFallback {
+		var v1Image image.V1Image
+		err := json.Unmarshal(imageJSON, &v1Image)
+		if err != nil {
+			return nil, err
+		}
+		imageJSON, err = json.Marshal(v1Image)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	var c map[string]*json.RawMessage
+	if err := json.Unmarshal(imageJSON, &c); err != nil {
+		return nil, err
+	}
+
+	delete(c, "id")
+	delete(c, "parent")
+	delete(c, "Size") // Size is calculated from data on disk and is inconsistent
+	delete(c, "parent_id")
+	delete(c, "layer_id")
+	delete(c, "throwaway")
+
+	c["rootfs"] = rawJSON(rootfs)
+	c["history"] = rawJSON(history)
+
+	return json.Marshal(c)
+}
+
+// MakeV1ConfigFromConfig creates an legacy V1 image config from an Image struct
+func MakeV1ConfigFromConfig(img *image.Image, v1ID, parentV1ID string, throwaway bool) ([]byte, error) {
+	// Top-level v1compatibility string should be a modified version of the
+	// image config.
+	var configAsMap map[string]*json.RawMessage
+	if err := json.Unmarshal(img.RawJSON(), &configAsMap); err != nil {
+		return nil, err
+	}
+
+	// Delete fields that didn't exist in old manifest
+	delete(configAsMap, "rootfs")
+	delete(configAsMap, "history")
+	configAsMap["id"] = rawJSON(v1ID)
+	if parentV1ID != "" {
+		configAsMap["parent"] = rawJSON(parentV1ID)
+	}
+	if throwaway {
+		configAsMap["throwaway"] = rawJSON(true)
+	}
+
+	return json.Marshal(configAsMap)
+}
+
+func rawJSON(value interface{}) *json.RawMessage {
+	jsonval, err := json.Marshal(value)
+	if err != nil {
+		return nil
+	}
+	return (*json.RawMessage)(&jsonval)
+}
+
+// ValidateID checks whether an ID string is a valid image ID.
+func ValidateID(id string) error {
+	if ok := validHex.MatchString(id); !ok {
+		return fmt.Errorf("image ID %q is invalid", id)
+	}
+	return nil
+}
diff --git a/integration-cli/benchmark_test.go b/integration-cli/benchmark_test.go
new file mode 100644
index 00000000..647d014d
--- /dev/null
+++ b/integration-cli/benchmark_test.go
@@ -0,0 +1,95 @@
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"runtime"
+	"strings"
+	"sync"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) BenchmarkConcurrentContainerActions(c *check.C) {
+	maxConcurrency := runtime.GOMAXPROCS(0)
+	numIterations := c.N
+	outerGroup := &sync.WaitGroup{}
+	outerGroup.Add(maxConcurrency)
+	chErr := make(chan error, numIterations*2*maxConcurrency)
+
+	for i := 0; i < maxConcurrency; i++ {
+		go func() {
+			defer outerGroup.Done()
+			innerGroup := &sync.WaitGroup{}
+			innerGroup.Add(2)
+
+			go func() {
+				defer innerGroup.Done()
+				for i := 0; i < numIterations; i++ {
+					args := []string{"run", "-d", defaultSleepImage}
+					args = append(args, defaultSleepCommand...)
+					out, _, err := dockerCmdWithError(args...)
+					if err != nil {
+						chErr <- fmt.Errorf(out)
+						return
+					}
+
+					id := strings.TrimSpace(out)
+					tmpDir, err := ioutil.TempDir("", "docker-concurrent-test-"+id)
+					if err != nil {
+						chErr <- err
+						return
+					}
+					defer os.RemoveAll(tmpDir)
+					out, _, err = dockerCmdWithError("cp", id+":/tmp", tmpDir)
+					if err != nil {
+						chErr <- fmt.Errorf(out)
+						return
+					}
+
+					out, _, err = dockerCmdWithError("kill", id)
+					if err != nil {
+						chErr <- fmt.Errorf(out)
+					}
+
+					out, _, err = dockerCmdWithError("start", id)
+					if err != nil {
+						chErr <- fmt.Errorf(out)
+					}
+
+					out, _, err = dockerCmdWithError("kill", id)
+					if err != nil {
+						chErr <- fmt.Errorf(out)
+					}
+
+					// don't do an rm -f here since it can potentially ignore errors from the graphdriver
+					out, _, err = dockerCmdWithError("rm", id)
+					if err != nil {
+						chErr <- fmt.Errorf(out)
+					}
+				}
+			}()
+
+			go func() {
+				defer innerGroup.Done()
+				for i := 0; i < numIterations; i++ {
+					out, _, err := dockerCmdWithError("ps")
+					if err != nil {
+						chErr <- fmt.Errorf(out)
+					}
+				}
+			}()
+
+			innerGroup.Wait()
+		}()
+	}
+
+	outerGroup.Wait()
+	close(chErr)
+
+	for err := range chErr {
+		c.Assert(err, checker.IsNil)
+	}
+}
diff --git a/integration-cli/check_test.go b/integration-cli/check_test.go
new file mode 100644
index 00000000..aab8e4a7
--- /dev/null
+++ b/integration-cli/check_test.go
@@ -0,0 +1,216 @@
+package main
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"testing"
+
+	"github.com/docker/docker/cliconfig"
+	"github.com/docker/docker/pkg/reexec"
+	"github.com/go-check/check"
+)
+
+func Test(t *testing.T) {
+	reexec.Init() // This is required for external graphdriver tests
+
+	if !isLocalDaemon {
+		fmt.Println("INFO: Testing against a remote daemon")
+	} else {
+		fmt.Println("INFO: Testing against a local daemon")
+	}
+
+	check.TestingT(t)
+}
+
+func init() {
+	check.Suite(&DockerSuite{})
+}
+
+type DockerSuite struct {
+}
+
+func (s *DockerSuite) TearDownTest(c *check.C) {
+	unpauseAllContainers()
+	deleteAllContainers()
+	deleteAllImages()
+	deleteAllVolumes()
+	deleteAllNetworks()
+}
+
+func init() {
+	check.Suite(&DockerRegistrySuite{
+		ds: &DockerSuite{},
+	})
+}
+
+type DockerRegistrySuite struct {
+	ds  *DockerSuite
+	reg *testRegistryV2
+	d   *Daemon
+}
+
+func (s *DockerRegistrySuite) SetUpTest(c *check.C) {
+	testRequires(c, DaemonIsLinux, RegistryHosting)
+	s.reg = setupRegistry(c, false, "", "")
+	s.d = NewDaemon(c)
+}
+
+func (s *DockerRegistrySuite) TearDownTest(c *check.C) {
+	if s.reg != nil {
+		s.reg.Close()
+	}
+	if s.d != nil {
+		s.d.Stop()
+	}
+	s.ds.TearDownTest(c)
+}
+
+func init() {
+	check.Suite(&DockerSchema1RegistrySuite{
+		ds: &DockerSuite{},
+	})
+}
+
+type DockerSchema1RegistrySuite struct {
+	ds  *DockerSuite
+	reg *testRegistryV2
+	d   *Daemon
+}
+
+func (s *DockerSchema1RegistrySuite) SetUpTest(c *check.C) {
+	testRequires(c, DaemonIsLinux, RegistryHosting)
+	s.reg = setupRegistry(c, true, "", "")
+	s.d = NewDaemon(c)
+}
+
+func (s *DockerSchema1RegistrySuite) TearDownTest(c *check.C) {
+	if s.reg != nil {
+		s.reg.Close()
+	}
+	if s.d != nil {
+		s.d.Stop()
+	}
+	s.ds.TearDownTest(c)
+}
+
+func init() {
+	check.Suite(&DockerRegistryAuthHtpasswdSuite{
+		ds: &DockerSuite{},
+	})
+}
+
+type DockerRegistryAuthHtpasswdSuite struct {
+	ds  *DockerSuite
+	reg *testRegistryV2
+	d   *Daemon
+}
+
+func (s *DockerRegistryAuthHtpasswdSuite) SetUpTest(c *check.C) {
+	testRequires(c, DaemonIsLinux, RegistryHosting)
+	s.reg = setupRegistry(c, false, "htpasswd", "")
+	s.d = NewDaemon(c)
+}
+
+func (s *DockerRegistryAuthHtpasswdSuite) TearDownTest(c *check.C) {
+	if s.reg != nil {
+		out, err := s.d.Cmd("logout", privateRegistryURL)
+		c.Assert(err, check.IsNil, check.Commentf(out))
+		s.reg.Close()
+	}
+	if s.d != nil {
+		s.d.Stop()
+	}
+	s.ds.TearDownTest(c)
+}
+
+func init() {
+	check.Suite(&DockerRegistryAuthTokenSuite{
+		ds: &DockerSuite{},
+	})
+}
+
+type DockerRegistryAuthTokenSuite struct {
+	ds  *DockerSuite
+	reg *testRegistryV2
+	d   *Daemon
+}
+
+func (s *DockerRegistryAuthTokenSuite) SetUpTest(c *check.C) {
+	testRequires(c, DaemonIsLinux, RegistryHosting)
+	s.d = NewDaemon(c)
+}
+
+func (s *DockerRegistryAuthTokenSuite) TearDownTest(c *check.C) {
+	if s.reg != nil {
+		out, err := s.d.Cmd("logout", privateRegistryURL)
+		c.Assert(err, check.IsNil, check.Commentf(out))
+		s.reg.Close()
+	}
+	if s.d != nil {
+		s.d.Stop()
+	}
+	s.ds.TearDownTest(c)
+}
+
+func (s *DockerRegistryAuthTokenSuite) setupRegistryWithTokenService(c *check.C, tokenURL string) {
+	if s == nil {
+		c.Fatal("registry suite isn't initialized")
+	}
+	s.reg = setupRegistry(c, false, "token", tokenURL)
+}
+
+func init() {
+	check.Suite(&DockerDaemonSuite{
+		ds: &DockerSuite{},
+	})
+}
+
+type DockerDaemonSuite struct {
+	ds *DockerSuite
+	d  *Daemon
+}
+
+func (s *DockerDaemonSuite) SetUpTest(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	s.d = NewDaemon(c)
+}
+
+func (s *DockerDaemonSuite) TearDownTest(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	if s.d != nil {
+		s.d.Stop()
+	}
+	s.ds.TearDownTest(c)
+}
+
+func init() {
+	check.Suite(&DockerTrustSuite{
+		ds: &DockerSuite{},
+	})
+}
+
+type DockerTrustSuite struct {
+	ds  *DockerSuite
+	reg *testRegistryV2
+	not *testNotary
+}
+
+func (s *DockerTrustSuite) SetUpTest(c *check.C) {
+	testRequires(c, RegistryHosting, NotaryServerHosting)
+	s.reg = setupRegistry(c, false, "", "")
+	s.not = setupNotary(c)
+}
+
+func (s *DockerTrustSuite) TearDownTest(c *check.C) {
+	if s.reg != nil {
+		s.reg.Close()
+	}
+	if s.not != nil {
+		s.not.Close()
+	}
+
+	// Remove trusted keys and metadata after test
+	os.RemoveAll(filepath.Join(cliconfig.ConfigDir(), "trust"))
+	s.ds.TearDownTest(c)
+}
diff --git a/integration-cli/daemon.go b/integration-cli/daemon.go
new file mode 100644
index 00000000..2e3985af
--- /dev/null
+++ b/integration-cli/daemon.go
@@ -0,0 +1,486 @@
+package main
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"net/http"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/opts"
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/pkg/tlsconfig"
+	"github.com/docker/go-connections/sockets"
+	"github.com/go-check/check"
+)
+
+// Daemon represents a Docker daemon for the testing framework.
+type Daemon struct {
+	// Defaults to "daemon"
+	// Useful to set to --daemon or -d for checking backwards compatibility
+	Command     string
+	GlobalFlags []string
+
+	id                string
+	c                 *check.C
+	logFile           *os.File
+	folder            string
+	root              string
+	stdin             io.WriteCloser
+	stdout, stderr    io.ReadCloser
+	cmd               *exec.Cmd
+	storageDriver     string
+	wait              chan error
+	userlandProxy     bool
+	useDefaultHost    bool
+	useDefaultTLSHost bool
+}
+
+type clientConfig struct {
+	transport *http.Transport
+	scheme    string
+	addr      string
+}
+
+// NewDaemon returns a Daemon instance to be used for testing.
+// This will create a directory such as d123456789 in the folder specified by $DEST.
+// The daemon will not automatically start.
+func NewDaemon(c *check.C) *Daemon {
+	dest := os.Getenv("DEST")
+	c.Assert(dest, check.Not(check.Equals), "", check.Commentf("Please set the DEST environment variable"))
+
+	id := fmt.Sprintf("d%d", time.Now().UnixNano()%100000000)
+	dir := filepath.Join(dest, id)
+	daemonFolder, err := filepath.Abs(dir)
+	c.Assert(err, check.IsNil, check.Commentf("Could not make %q an absolute path", dir))
+	daemonRoot := filepath.Join(daemonFolder, "root")
+
+	c.Assert(os.MkdirAll(daemonRoot, 0755), check.IsNil, check.Commentf("Could not create daemon root %q", dir))
+
+	userlandProxy := true
+	if env := os.Getenv("DOCKER_USERLANDPROXY"); env != "" {
+		if val, err := strconv.ParseBool(env); err != nil {
+			userlandProxy = val
+		}
+	}
+
+	return &Daemon{
+		Command:       "daemon",
+		id:            id,
+		c:             c,
+		folder:        daemonFolder,
+		root:          daemonRoot,
+		storageDriver: os.Getenv("DOCKER_GRAPHDRIVER"),
+		userlandProxy: userlandProxy,
+	}
+}
+
+func (d *Daemon) getClientConfig() (*clientConfig, error) {
+	var (
+		transport *http.Transport
+		scheme    string
+		addr      string
+		proto     string
+	)
+	if d.useDefaultTLSHost {
+		option := &tlsconfig.Options{
+			CAFile:   "fixtures/https/ca.pem",
+			CertFile: "fixtures/https/client-cert.pem",
+			KeyFile:  "fixtures/https/client-key.pem",
+		}
+		tlsConfig, err := tlsconfig.Client(*option)
+		if err != nil {
+			return nil, err
+		}
+		transport = &http.Transport{
+			TLSClientConfig: tlsConfig,
+		}
+		addr = fmt.Sprintf("%s:%d", opts.DefaultHTTPHost, opts.DefaultTLSHTTPPort)
+		scheme = "https"
+		proto = "tcp"
+	} else if d.useDefaultHost {
+		addr = opts.DefaultUnixSocket
+		proto = "unix"
+		scheme = "http"
+		transport = &http.Transport{}
+	} else {
+		addr = filepath.Join(d.folder, "docker.sock")
+		proto = "unix"
+		scheme = "http"
+		transport = &http.Transport{}
+	}
+
+	d.c.Assert(sockets.ConfigureTransport(transport, proto, addr), check.IsNil)
+
+	return &clientConfig{
+		transport: transport,
+		scheme:    scheme,
+		addr:      addr,
+	}, nil
+}
+
+// Start will start the daemon and return once it is ready to receive requests.
+// You can specify additional daemon flags.
+func (d *Daemon) Start(args ...string) error {
+	logFile, err := os.OpenFile(filepath.Join(d.folder, "docker.log"), os.O_RDWR|os.O_CREATE|os.O_APPEND, 0600)
+	d.c.Assert(err, check.IsNil, check.Commentf("[%s] Could not create %s/docker.log", d.id, d.folder))
+
+	return d.StartWithLogFile(logFile, args...)
+}
+
+// StartWithLogFile will start the daemon and attach its streams to a given file.
+func (d *Daemon) StartWithLogFile(out *os.File, providedArgs ...string) error {
+	dockerBinary, err := exec.LookPath(dockerBinary)
+	d.c.Assert(err, check.IsNil, check.Commentf("[%s] could not find docker binary in $PATH", d.id))
+
+	args := append(d.GlobalFlags,
+		d.Command,
+		"--containerd", "/var/run/docker/libcontainerd/docker-containerd.sock",
+		"--graph", d.root,
+		"--exec-root", filepath.Join(d.folder, "exec-root"),
+		"--pidfile", fmt.Sprintf("%s/docker.pid", d.folder),
+		fmt.Sprintf("--userland-proxy=%t", d.userlandProxy),
+	)
+	if !(d.useDefaultHost || d.useDefaultTLSHost) {
+		args = append(args, []string{"--host", d.sock()}...)
+	}
+	if root := os.Getenv("DOCKER_REMAP_ROOT"); root != "" {
+		args = append(args, []string{"--userns-remap", root}...)
+	}
+
+	// If we don't explicitly set the log-level or debug flag(-D) then
+	// turn on debug mode
+	foundLog := false
+	foundSd := false
+	for _, a := range providedArgs {
+		if strings.Contains(a, "--log-level") || strings.Contains(a, "-D") || strings.Contains(a, "--debug") {
+			foundLog = true
+		}
+		if strings.Contains(a, "--storage-driver") {
+			foundSd = true
+		}
+	}
+	if !foundLog {
+		args = append(args, "--debug")
+	}
+	if d.storageDriver != "" && !foundSd {
+		args = append(args, "--storage-driver", d.storageDriver)
+	}
+
+	args = append(args, providedArgs...)
+	d.cmd = exec.Command(dockerBinary, args...)
+
+	d.cmd.Stdout = out
+	d.cmd.Stderr = out
+	d.logFile = out
+
+	if err := d.cmd.Start(); err != nil {
+		return fmt.Errorf("[%s] could not start daemon container: %v", d.id, err)
+	}
+
+	wait := make(chan error)
+
+	go func() {
+		wait <- d.cmd.Wait()
+		d.c.Logf("[%s] exiting daemon", d.id)
+		close(wait)
+	}()
+
+	d.wait = wait
+
+	tick := time.Tick(500 * time.Millisecond)
+	// make sure daemon is ready to receive requests
+	startTime := time.Now().Unix()
+	for {
+		d.c.Logf("[%s] waiting for daemon to start", d.id)
+		if time.Now().Unix()-startTime > 5 {
+			// After 5 seconds, give up
+			return fmt.Errorf("[%s] Daemon exited and never started", d.id)
+		}
+		select {
+		case <-time.After(2 * time.Second):
+			return fmt.Errorf("[%s] timeout: daemon does not respond", d.id)
+		case <-tick:
+			clientConfig, err := d.getClientConfig()
+			if err != nil {
+				return err
+			}
+
+			client := &http.Client{
+				Transport: clientConfig.transport,
+			}
+
+			req, err := http.NewRequest("GET", "/_ping", nil)
+			d.c.Assert(err, check.IsNil, check.Commentf("[%s] could not create new request", d.id))
+			req.URL.Host = clientConfig.addr
+			req.URL.Scheme = clientConfig.scheme
+			resp, err := client.Do(req)
+			if err != nil {
+				continue
+			}
+			if resp.StatusCode != http.StatusOK {
+				d.c.Logf("[%s] received status != 200 OK: %s", d.id, resp.Status)
+			}
+			d.c.Logf("[%s] daemon started", d.id)
+			d.root, err = d.queryRootDir()
+			if err != nil {
+				return fmt.Errorf("[%s] error querying daemon for root directory: %v", d.id, err)
+			}
+			return nil
+		}
+	}
+}
+
+// StartWithBusybox will first start the daemon with Daemon.Start()
+// then save the busybox image from the main daemon and load it into this Daemon instance.
+func (d *Daemon) StartWithBusybox(arg ...string) error {
+	if err := d.Start(arg...); err != nil {
+		return err
+	}
+	return d.LoadBusybox()
+}
+
+// Kill will send a SIGKILL to the daemon
+func (d *Daemon) Kill() error {
+	if d.cmd == nil || d.wait == nil {
+		return errors.New("daemon not started")
+	}
+
+	defer func() {
+		d.logFile.Close()
+		d.cmd = nil
+	}()
+
+	if err := d.cmd.Process.Kill(); err != nil {
+		d.c.Logf("Could not kill daemon: %v", err)
+		return err
+	}
+
+	if err := os.Remove(fmt.Sprintf("%s/docker.pid", d.folder)); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// Stop will send a SIGINT every second and wait for the daemon to stop.
+// If it timeouts, a SIGKILL is sent.
+// Stop will not delete the daemon directory. If a purged daemon is needed,
+// instantiate a new one with NewDaemon.
+func (d *Daemon) Stop() error {
+	if d.cmd == nil || d.wait == nil {
+		return errors.New("daemon not started")
+	}
+
+	defer func() {
+		d.logFile.Close()
+		d.cmd = nil
+	}()
+
+	i := 1
+	tick := time.Tick(time.Second)
+
+	if err := d.cmd.Process.Signal(os.Interrupt); err != nil {
+		return fmt.Errorf("could not send signal: %v", err)
+	}
+out1:
+	for {
+		select {
+		case err := <-d.wait:
+			return err
+		case <-time.After(15 * time.Second):
+			// time for stopping jobs and run onShutdown hooks
+			d.c.Log("timeout")
+			break out1
+		}
+	}
+
+out2:
+	for {
+		select {
+		case err := <-d.wait:
+			return err
+		case <-tick:
+			i++
+			if i > 4 {
+				d.c.Logf("tried to interrupt daemon for %d times, now try to kill it", i)
+				break out2
+			}
+			d.c.Logf("Attempt #%d: daemon is still running with pid %d", i, d.cmd.Process.Pid)
+			if err := d.cmd.Process.Signal(os.Interrupt); err != nil {
+				return fmt.Errorf("could not send signal: %v", err)
+			}
+		}
+	}
+
+	if err := d.cmd.Process.Kill(); err != nil {
+		d.c.Logf("Could not kill daemon: %v", err)
+		return err
+	}
+
+	if err := os.Remove(fmt.Sprintf("%s/docker.pid", d.folder)); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// Restart will restart the daemon by first stopping it and then starting it.
+func (d *Daemon) Restart(arg ...string) error {
+	d.Stop()
+	// in the case of tests running a user namespace-enabled daemon, we have resolved
+	// d.root to be the actual final path of the graph dir after the "uid.gid" of
+	// remapped root is added--we need to subtract it from the path before calling
+	// start or else we will continue making subdirectories rather than truly restarting
+	// with the same location/root:
+	if root := os.Getenv("DOCKER_REMAP_ROOT"); root != "" {
+		d.root = filepath.Dir(d.root)
+	}
+	return d.Start(arg...)
+}
+
+// LoadBusybox will load the stored busybox into a newly started daemon
+func (d *Daemon) LoadBusybox() error {
+	bb := filepath.Join(d.folder, "busybox.tar")
+	if _, err := os.Stat(bb); err != nil {
+		if !os.IsNotExist(err) {
+			return fmt.Errorf("unexpected error on busybox.tar stat: %v", err)
+		}
+		// saving busybox image from main daemon
+		if err := exec.Command(dockerBinary, "save", "--output", bb, "busybox:latest").Run(); err != nil {
+			return fmt.Errorf("could not save busybox image: %v", err)
+		}
+	}
+	// loading busybox image to this daemon
+	if out, err := d.Cmd("load", "--input", bb); err != nil {
+		return fmt.Errorf("could not load busybox image: %s", out)
+	}
+	if err := os.Remove(bb); err != nil {
+		d.c.Logf("could not remove %s: %v", bb, err)
+	}
+	return nil
+}
+
+func (d *Daemon) queryRootDir() (string, error) {
+	// update daemon root by asking /info endpoint (to support user
+	// namespaced daemon with root remapped uid.gid directory)
+	clientConfig, err := d.getClientConfig()
+	if err != nil {
+		return "", err
+	}
+
+	client := &http.Client{
+		Transport: clientConfig.transport,
+	}
+
+	req, err := http.NewRequest("GET", "/info", nil)
+	if err != nil {
+		return "", err
+	}
+	req.Header.Set("Content-Type", "application/json")
+	req.URL.Host = clientConfig.addr
+	req.URL.Scheme = clientConfig.scheme
+
+	resp, err := client.Do(req)
+	if err != nil {
+		return "", err
+	}
+	body := ioutils.NewReadCloserWrapper(resp.Body, func() error {
+		return resp.Body.Close()
+	})
+
+	type Info struct {
+		DockerRootDir string
+	}
+	var b []byte
+	var i Info
+	b, err = readBody(body)
+	if err == nil && resp.StatusCode == 200 {
+		// read the docker root dir
+		if err = json.Unmarshal(b, &i); err == nil {
+			return i.DockerRootDir, nil
+		}
+	}
+	return "", err
+}
+
+func (d *Daemon) sock() string {
+	return fmt.Sprintf("unix://%s/docker.sock", d.folder)
+}
+
+func (d *Daemon) waitRun(contID string) error {
+	args := []string{"--host", d.sock()}
+	return waitInspectWithArgs(contID, "{{.State.Running}}", "true", 10*time.Second, args...)
+}
+
+func (d *Daemon) getBaseDeviceSize(c *check.C) int64 {
+	infoCmdOutput, _, err := runCommandPipelineWithOutput(
+		exec.Command(dockerBinary, "-H", d.sock(), "info"),
+		exec.Command("grep", "Base Device Size"),
+	)
+	c.Assert(err, checker.IsNil)
+	basesizeSlice := strings.Split(infoCmdOutput, ":")
+	basesize := strings.Trim(basesizeSlice[1], " ")
+	basesize = strings.Trim(basesize, "\n")[:len(basesize)-3]
+	basesizeFloat, err := strconv.ParseFloat(strings.Trim(basesize, " "), 64)
+	c.Assert(err, checker.IsNil)
+	basesizeBytes := int64(basesizeFloat) * (1024 * 1024 * 1024)
+	return basesizeBytes
+}
+
+// Cmd will execute a docker CLI command against this Daemon.
+// Example: d.Cmd("version") will run docker -H unix://path/to/unix.sock version
+func (d *Daemon) Cmd(name string, arg ...string) (string, error) {
+	args := []string{"--host", d.sock(), name}
+	args = append(args, arg...)
+	c := exec.Command(dockerBinary, args...)
+	b, err := c.CombinedOutput()
+	return string(b), err
+}
+
+// CmdWithArgs will execute a docker CLI command against a daemon with the
+// given additional arguments
+func (d *Daemon) CmdWithArgs(daemonArgs []string, name string, arg ...string) (string, error) {
+	args := append(daemonArgs, name)
+	args = append(args, arg...)
+	c := exec.Command(dockerBinary, args...)
+	b, err := c.CombinedOutput()
+	return string(b), err
+}
+
+// LogFileName returns the path the the daemon's log file
+func (d *Daemon) LogFileName() string {
+	return d.logFile.Name()
+}
+
+func (d *Daemon) getIDByName(name string) (string, error) {
+	return d.inspectFieldWithError(name, "Id")
+}
+
+func (d *Daemon) inspectFilter(name, filter string) (string, error) {
+	format := fmt.Sprintf("{{%s}}", filter)
+	out, err := d.Cmd("inspect", "-f", format, name)
+	if err != nil {
+		return "", fmt.Errorf("failed to inspect %s: %s", name, out)
+	}
+	return strings.TrimSpace(out), nil
+}
+
+func (d *Daemon) inspectFieldWithError(name, field string) (string, error) {
+	return d.inspectFilter(name, fmt.Sprintf(".%s", field))
+}
+
+func (d *Daemon) findContainerIP(id string) string {
+	out, err := d.Cmd("inspect", fmt.Sprintf("--format='{{ .NetworkSettings.Networks.bridge.IPAddress }}'"), id)
+	if err != nil {
+		d.c.Log(err)
+	}
+	return strings.Trim(out, " \r\n'")
+}
diff --git a/integration-cli/docker_api_attach_test.go b/integration-cli/docker_api_attach_test.go
new file mode 100644
index 00000000..a0a8e7d6
--- /dev/null
+++ b/integration-cli/docker_api_attach_test.go
@@ -0,0 +1,164 @@
+package main
+
+import (
+	"bufio"
+	"io"
+	"net"
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+	"golang.org/x/net/websocket"
+)
+
+func (s *DockerSuite) TestGetContainersAttachWebsocket(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-dit", "busybox", "cat")
+
+	rwc, err := sockConn(time.Duration(10 * time.Second))
+	c.Assert(err, checker.IsNil)
+
+	cleanedContainerID := strings.TrimSpace(out)
+	config, err := websocket.NewConfig(
+		"/containers/"+cleanedContainerID+"/attach/ws?stream=1&stdin=1&stdout=1&stderr=1",
+		"http://localhost",
+	)
+	c.Assert(err, checker.IsNil)
+
+	ws, err := websocket.NewClient(config, rwc)
+	c.Assert(err, checker.IsNil)
+	defer ws.Close()
+
+	expected := []byte("hello")
+	actual := make([]byte, len(expected))
+
+	outChan := make(chan error)
+	go func() {
+		_, err := ws.Read(actual)
+		outChan <- err
+		close(outChan)
+	}()
+
+	inChan := make(chan error)
+	go func() {
+		_, err := ws.Write(expected)
+		inChan <- err
+		close(inChan)
+	}()
+
+	select {
+	case err := <-inChan:
+		c.Assert(err, checker.IsNil)
+	case <-time.After(5 * time.Second):
+		c.Fatal("Timeout writing to ws")
+	}
+
+	select {
+	case err := <-outChan:
+		c.Assert(err, checker.IsNil)
+	case <-time.After(5 * time.Second):
+		c.Fatal("Timeout reading from ws")
+	}
+
+	c.Assert(actual, checker.DeepEquals, expected, check.Commentf("Websocket didn't return the expected data"))
+}
+
+// regression gh14320
+func (s *DockerSuite) TestPostContainersAttachContainerNotFound(c *check.C) {
+	status, body, err := sockRequest("POST", "/containers/doesnotexist/attach", nil)
+	c.Assert(status, checker.Equals, http.StatusNotFound)
+	c.Assert(err, checker.IsNil)
+	expected := "No such container: doesnotexist\n"
+	c.Assert(string(body), checker.Contains, expected)
+}
+
+func (s *DockerSuite) TestGetContainersWsAttachContainerNotFound(c *check.C) {
+	status, body, err := sockRequest("GET", "/containers/doesnotexist/attach/ws", nil)
+	c.Assert(status, checker.Equals, http.StatusNotFound)
+	c.Assert(err, checker.IsNil)
+	expected := "No such container: doesnotexist\n"
+	c.Assert(string(body), checker.Contains, expected)
+}
+
+func (s *DockerSuite) TestPostContainersAttach(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	expectSuccess := func(conn net.Conn, br *bufio.Reader, stream string, tty bool) {
+		defer conn.Close()
+		expected := []byte("success")
+		_, err := conn.Write(expected)
+		c.Assert(err, checker.IsNil)
+
+		conn.SetReadDeadline(time.Now().Add(time.Second))
+		lenHeader := 0
+		if !tty {
+			lenHeader = 8
+		}
+		actual := make([]byte, len(expected)+lenHeader)
+		_, err = io.ReadFull(br, actual)
+		c.Assert(err, checker.IsNil)
+		if !tty {
+			fdMap := map[string]byte{
+				"stdin":  0,
+				"stdout": 1,
+				"stderr": 2,
+			}
+			c.Assert(actual[0], checker.Equals, fdMap[stream])
+		}
+		c.Assert(actual[lenHeader:], checker.DeepEquals, expected, check.Commentf("Attach didn't return the expected data from %s", stream))
+	}
+
+	expectTimeout := func(conn net.Conn, br *bufio.Reader, stream string) {
+		defer conn.Close()
+		_, err := conn.Write([]byte{'t'})
+		c.Assert(err, checker.IsNil)
+
+		conn.SetReadDeadline(time.Now().Add(time.Second))
+		actual := make([]byte, 1)
+		_, err = io.ReadFull(br, actual)
+		opErr, ok := err.(*net.OpError)
+		c.Assert(ok, checker.Equals, true, check.Commentf("Error is expected to be *net.OpError, got %v", err))
+		c.Assert(opErr.Timeout(), checker.Equals, true, check.Commentf("Read from %s is expected to timeout", stream))
+	}
+
+	// Create a container that only emits stdout.
+	cid, _ := dockerCmd(c, "run", "-di", "busybox", "cat")
+	cid = strings.TrimSpace(cid)
+	// Attach to the container's stdout stream.
+	conn, br, err := sockRequestHijack("POST", "/containers/"+cid+"/attach?stream=1&stdin=1&stdout=1", nil, "text/plain")
+	c.Assert(err, checker.IsNil)
+	// Check if the data from stdout can be received.
+	expectSuccess(conn, br, "stdout", false)
+	// Attach to the container's stderr stream.
+	conn, br, err = sockRequestHijack("POST", "/containers/"+cid+"/attach?stream=1&stdin=1&stderr=1", nil, "text/plain")
+	c.Assert(err, checker.IsNil)
+	// Since the container only emits stdout, attaching to stderr should return nothing.
+	expectTimeout(conn, br, "stdout")
+
+	// Test the similar functions of the stderr stream.
+	cid, _ = dockerCmd(c, "run", "-di", "busybox", "/bin/sh", "-c", "cat >&2")
+	cid = strings.TrimSpace(cid)
+	conn, br, err = sockRequestHijack("POST", "/containers/"+cid+"/attach?stream=1&stdin=1&stderr=1", nil, "text/plain")
+	c.Assert(err, checker.IsNil)
+	expectSuccess(conn, br, "stderr", false)
+	conn, br, err = sockRequestHijack("POST", "/containers/"+cid+"/attach?stream=1&stdin=1&stdout=1", nil, "text/plain")
+	c.Assert(err, checker.IsNil)
+	expectTimeout(conn, br, "stderr")
+
+	// Test with tty.
+	cid, _ = dockerCmd(c, "run", "-dit", "busybox", "/bin/sh", "-c", "cat >&2")
+	cid = strings.TrimSpace(cid)
+	// Attach to stdout only.
+	conn, br, err = sockRequestHijack("POST", "/containers/"+cid+"/attach?stream=1&stdin=1&stdout=1", nil, "text/plain")
+	c.Assert(err, checker.IsNil)
+	expectSuccess(conn, br, "stdout", true)
+
+	// Attach without stdout stream.
+	conn, br, err = sockRequestHijack("POST", "/containers/"+cid+"/attach?stream=1&stdin=1&stderr=1", nil, "text/plain")
+	c.Assert(err, checker.IsNil)
+	// Nothing should be received because both the stdout and stderr of the container will be
+	// sent to the client as stdout when tty is enabled.
+	expectTimeout(conn, br, "stdout")
+}
diff --git a/integration-cli/docker_api_auth_test.go b/integration-cli/docker_api_auth_test.go
new file mode 100644
index 00000000..63e78ab5
--- /dev/null
+++ b/integration-cli/docker_api_auth_test.go
@@ -0,0 +1,23 @@
+package main
+
+import (
+	"net/http"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/engine-api/types"
+	"github.com/go-check/check"
+)
+
+// Test case for #22244
+func (s *DockerSuite) TestAuthApi(c *check.C) {
+	config := types.AuthConfig{
+		Username: "no-user",
+		Password: "no-password",
+	}
+
+	expected := "Get https://registry-1.docker.io/v2/: unauthorized: incorrect username or password\n"
+	status, body, err := sockRequest("POST", "/auth", config)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusUnauthorized)
+	c.Assert(string(body), checker.Contains, expected, check.Commentf("Expected: %v, got: %v", expected, string(body)))
+}
diff --git a/integration-cli/docker_api_build_test.go b/integration-cli/docker_api_build_test.go
new file mode 100644
index 00000000..49de71c9
--- /dev/null
+++ b/integration-cli/docker_api_build_test.go
@@ -0,0 +1,257 @@
+package main
+
+import (
+	"archive/tar"
+	"bytes"
+	"net/http"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestBuildApiDockerfilePath(c *check.C) {
+	// Test to make sure we stop people from trying to leave the
+	// build context when specifying the path to the dockerfile
+	buffer := new(bytes.Buffer)
+	tw := tar.NewWriter(buffer)
+	defer tw.Close()
+
+	dockerfile := []byte("FROM busybox")
+	err := tw.WriteHeader(&tar.Header{
+		Name: "Dockerfile",
+		Size: int64(len(dockerfile)),
+	})
+	//failed to write tar file header
+	c.Assert(err, checker.IsNil)
+
+	_, err = tw.Write(dockerfile)
+	// failed to write tar file content
+	c.Assert(err, checker.IsNil)
+
+	// failed to close tar archive
+	c.Assert(tw.Close(), checker.IsNil)
+
+	res, body, err := sockRequestRaw("POST", "/build?dockerfile=../Dockerfile", buffer, "application/x-tar")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusInternalServerError)
+
+	out, err := readBody(body)
+	c.Assert(err, checker.IsNil)
+
+	// Didn't complain about leaving build context
+	c.Assert(string(out), checker.Contains, "Forbidden path outside the build context")
+}
+
+func (s *DockerSuite) TestBuildApiDockerFileRemote(c *check.C) {
+	testRequires(c, NotUserNamespace)
+	testRequires(c, DaemonIsLinux)
+	server, err := fakeStorage(map[string]string{
+		"testD": `FROM busybox
+COPY * /tmp/
+RUN find / -name ba*
+RUN find /tmp/`,
+	})
+	c.Assert(err, checker.IsNil)
+	defer server.Close()
+
+	res, body, err := sockRequestRaw("POST", "/build?dockerfile=baz&remote="+server.URL()+"/testD", nil, "application/json")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusOK)
+
+	buf, err := readBody(body)
+	c.Assert(err, checker.IsNil)
+
+	// Make sure Dockerfile exists.
+	// Make sure 'baz' doesn't exist ANYWHERE despite being mentioned in the URL
+	out := string(buf)
+	c.Assert(out, checker.Contains, "/tmp/Dockerfile")
+	c.Assert(out, checker.Not(checker.Contains), "baz")
+}
+
+func (s *DockerSuite) TestBuildApiRemoteTarballContext(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	buffer := new(bytes.Buffer)
+	tw := tar.NewWriter(buffer)
+	defer tw.Close()
+
+	dockerfile := []byte("FROM busybox")
+	err := tw.WriteHeader(&tar.Header{
+		Name: "Dockerfile",
+		Size: int64(len(dockerfile)),
+	})
+	// failed to write tar file header
+	c.Assert(err, checker.IsNil)
+
+	_, err = tw.Write(dockerfile)
+	// failed to write tar file content
+	c.Assert(err, checker.IsNil)
+
+	// failed to close tar archive
+	c.Assert(tw.Close(), checker.IsNil)
+
+	server, err := fakeBinaryStorage(map[string]*bytes.Buffer{
+		"testT.tar": buffer,
+	})
+	c.Assert(err, checker.IsNil)
+
+	defer server.Close()
+
+	res, b, err := sockRequestRaw("POST", "/build?remote="+server.URL()+"/testT.tar", nil, "application/tar")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusOK)
+	b.Close()
+}
+
+func (s *DockerSuite) TestBuildApiRemoteTarballContextWithCustomDockerfile(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	buffer := new(bytes.Buffer)
+	tw := tar.NewWriter(buffer)
+	defer tw.Close()
+
+	dockerfile := []byte(`FROM busybox
+RUN echo 'wrong'`)
+	err := tw.WriteHeader(&tar.Header{
+		Name: "Dockerfile",
+		Size: int64(len(dockerfile)),
+	})
+	// failed to write tar file header
+	c.Assert(err, checker.IsNil)
+
+	_, err = tw.Write(dockerfile)
+	// failed to write tar file content
+	c.Assert(err, checker.IsNil)
+
+	custom := []byte(`FROM busybox
+RUN echo 'right'
+`)
+	err = tw.WriteHeader(&tar.Header{
+		Name: "custom",
+		Size: int64(len(custom)),
+	})
+
+	// failed to write tar file header
+	c.Assert(err, checker.IsNil)
+
+	_, err = tw.Write(custom)
+	// failed to write tar file content
+	c.Assert(err, checker.IsNil)
+
+	// failed to close tar archive
+	c.Assert(tw.Close(), checker.IsNil)
+
+	server, err := fakeBinaryStorage(map[string]*bytes.Buffer{
+		"testT.tar": buffer,
+	})
+	c.Assert(err, checker.IsNil)
+
+	defer server.Close()
+	url := "/build?dockerfile=custom&remote=" + server.URL() + "/testT.tar"
+	res, body, err := sockRequestRaw("POST", url, nil, "application/tar")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusOK)
+
+	defer body.Close()
+	content, err := readBody(body)
+	c.Assert(err, checker.IsNil)
+
+	// Build used the wrong dockerfile.
+	c.Assert(string(content), checker.Not(checker.Contains), "wrong")
+}
+
+func (s *DockerSuite) TestBuildApiLowerDockerfile(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	git, err := newFakeGit("repo", map[string]string{
+		"dockerfile": `FROM busybox
+RUN echo from dockerfile`,
+	}, false)
+	c.Assert(err, checker.IsNil)
+	defer git.Close()
+
+	res, body, err := sockRequestRaw("POST", "/build?remote="+git.RepoURL, nil, "application/json")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusOK)
+
+	buf, err := readBody(body)
+	c.Assert(err, checker.IsNil)
+
+	out := string(buf)
+	c.Assert(out, checker.Contains, "from dockerfile")
+}
+
+func (s *DockerSuite) TestBuildApiBuildGitWithF(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	git, err := newFakeGit("repo", map[string]string{
+		"baz": `FROM busybox
+RUN echo from baz`,
+		"Dockerfile": `FROM busybox
+RUN echo from Dockerfile`,
+	}, false)
+	c.Assert(err, checker.IsNil)
+	defer git.Close()
+
+	// Make sure it tries to 'dockerfile' query param value
+	res, body, err := sockRequestRaw("POST", "/build?dockerfile=baz&remote="+git.RepoURL, nil, "application/json")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusOK)
+
+	buf, err := readBody(body)
+	c.Assert(err, checker.IsNil)
+
+	out := string(buf)
+	c.Assert(out, checker.Contains, "from baz")
+}
+
+func (s *DockerSuite) TestBuildApiDoubleDockerfile(c *check.C) {
+	testRequires(c, UnixCli) // dockerfile overwrites Dockerfile on Windows
+	git, err := newFakeGit("repo", map[string]string{
+		"Dockerfile": `FROM busybox
+RUN echo from Dockerfile`,
+		"dockerfile": `FROM busybox
+RUN echo from dockerfile`,
+	}, false)
+	c.Assert(err, checker.IsNil)
+	defer git.Close()
+
+	// Make sure it tries to 'dockerfile' query param value
+	res, body, err := sockRequestRaw("POST", "/build?remote="+git.RepoURL, nil, "application/json")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusOK)
+
+	buf, err := readBody(body)
+	c.Assert(err, checker.IsNil)
+
+	out := string(buf)
+	c.Assert(out, checker.Contains, "from Dockerfile")
+}
+
+func (s *DockerSuite) TestBuildApiDockerfileSymlink(c *check.C) {
+	// Test to make sure we stop people from trying to leave the
+	// build context when specifying a symlink as the path to the dockerfile
+	buffer := new(bytes.Buffer)
+	tw := tar.NewWriter(buffer)
+	defer tw.Close()
+
+	err := tw.WriteHeader(&tar.Header{
+		Name:     "Dockerfile",
+		Typeflag: tar.TypeSymlink,
+		Linkname: "/etc/passwd",
+	})
+	// failed to write tar file header
+	c.Assert(err, checker.IsNil)
+
+	// failed to close tar archive
+	c.Assert(tw.Close(), checker.IsNil)
+
+	res, body, err := sockRequestRaw("POST", "/build", buffer, "application/x-tar")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusInternalServerError)
+
+	out, err := readBody(body)
+	c.Assert(err, checker.IsNil)
+
+	// The reason the error is "Cannot locate specified Dockerfile" is because
+	// in the builder, the symlink is resolved within the context, therefore
+	// Dockerfile -> /etc/passwd becomes etc/passwd from the context which is
+	// a nonexistent file.
+	c.Assert(string(out), checker.Contains, "Cannot locate specified Dockerfile: Dockerfile", check.Commentf("Didn't complain about leaving build context"))
+}
diff --git a/integration-cli/docker_api_containers_test.go b/integration-cli/docker_api_containers_test.go
new file mode 100644
index 00000000..2622a544
--- /dev/null
+++ b/integration-cli/docker_api_containers_test.go
@@ -0,0 +1,1626 @@
+package main
+
+import (
+	"archive/tar"
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/http/httputil"
+	"net/url"
+	"os"
+	"regexp"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration"
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/engine-api/types"
+	containertypes "github.com/docker/engine-api/types/container"
+	networktypes "github.com/docker/engine-api/types/network"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestContainerApiGetAll(c *check.C) {
+	startCount, err := getContainerCount()
+	c.Assert(err, checker.IsNil, check.Commentf("Cannot query container count"))
+
+	name := "getall"
+	dockerCmd(c, "run", "--name", name, "busybox", "true")
+
+	status, body, err := sockRequest("GET", "/containers/json?all=1", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+
+	var inspectJSON []struct {
+		Names []string
+	}
+	err = json.Unmarshal(body, &inspectJSON)
+	c.Assert(err, checker.IsNil, check.Commentf("unable to unmarshal response body"))
+
+	c.Assert(inspectJSON, checker.HasLen, startCount+1)
+
+	actual := inspectJSON[0].Names[0]
+	c.Assert(actual, checker.Equals, "/"+name)
+}
+
+// regression test for empty json field being omitted #13691
+func (s *DockerSuite) TestContainerApiGetJSONNoFieldsOmitted(c *check.C) {
+	dockerCmd(c, "run", "busybox", "true")
+
+	status, body, err := sockRequest("GET", "/containers/json?all=1", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+
+	// empty Labels field triggered this bug, make sense to check for everything
+	// cause even Ports for instance can trigger this bug
+	// better safe than sorry..
+	fields := []string{
+		"Id",
+		"Names",
+		"Image",
+		"Command",
+		"Created",
+		"Ports",
+		"Labels",
+		"Status",
+		"NetworkSettings",
+	}
+
+	// decoding into types.Container do not work since it eventually unmarshal
+	// and empty field to an empty go map, so we just check for a string
+	for _, f := range fields {
+		if !strings.Contains(string(body), f) {
+			c.Fatalf("Field %s is missing and it shouldn't", f)
+		}
+	}
+}
+
+type containerPs struct {
+	Names []string
+	Ports []map[string]interface{}
+}
+
+// regression test for non-empty fields from #13901
+func (s *DockerSuite) TestContainerApiPsOmitFields(c *check.C) {
+	// Problematic for Windows porting due to networking not yet being passed back
+	testRequires(c, DaemonIsLinux)
+	name := "pstest"
+	port := 80
+	runSleepingContainer(c, "--name", name, "--expose", strconv.Itoa(port))
+
+	status, body, err := sockRequest("GET", "/containers/json?all=1", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+
+	var resp []containerPs
+	err = json.Unmarshal(body, &resp)
+	c.Assert(err, checker.IsNil)
+
+	var foundContainer *containerPs
+	for _, container := range resp {
+		for _, testName := range container.Names {
+			if "/"+name == testName {
+				foundContainer = &container
+				break
+			}
+		}
+	}
+
+	c.Assert(foundContainer.Ports, checker.HasLen, 1)
+	c.Assert(foundContainer.Ports[0]["PrivatePort"], checker.Equals, float64(port))
+	_, ok := foundContainer.Ports[0]["PublicPort"]
+	c.Assert(ok, checker.Not(checker.Equals), true)
+	_, ok = foundContainer.Ports[0]["IP"]
+	c.Assert(ok, checker.Not(checker.Equals), true)
+}
+
+func (s *DockerSuite) TestContainerApiGetExport(c *check.C) {
+	// TODO: Investigate why this fails on Windows to Windows CI
+	testRequires(c, DaemonIsLinux)
+	name := "exportcontainer"
+	dockerCmd(c, "run", "--name", name, "busybox", "touch", "/test")
+
+	status, body, err := sockRequest("GET", "/containers/"+name+"/export", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+
+	found := false
+	for tarReader := tar.NewReader(bytes.NewReader(body)); ; {
+		h, err := tarReader.Next()
+		if err != nil && err == io.EOF {
+			break
+		}
+		if h.Name == "test" {
+			found = true
+			break
+		}
+	}
+	c.Assert(found, checker.True, check.Commentf("The created test file has not been found in the exported image"))
+}
+
+func (s *DockerSuite) TestContainerApiGetChanges(c *check.C) {
+	// Not supported on Windows as Windows does not support docker diff (/containers/name/changes)
+	testRequires(c, DaemonIsLinux)
+	name := "changescontainer"
+	dockerCmd(c, "run", "--name", name, "busybox", "rm", "/etc/passwd")
+
+	status, body, err := sockRequest("GET", "/containers/"+name+"/changes", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+
+	changes := []struct {
+		Kind int
+		Path string
+	}{}
+	c.Assert(json.Unmarshal(body, &changes), checker.IsNil, check.Commentf("unable to unmarshal response body"))
+
+	// Check the changelog for removal of /etc/passwd
+	success := false
+	for _, elem := range changes {
+		if elem.Path == "/etc/passwd" && elem.Kind == 2 {
+			success = true
+		}
+	}
+	c.Assert(success, checker.True, check.Commentf("/etc/passwd has been removed but is not present in the diff"))
+}
+
+func (s *DockerSuite) TestContainerApiStartVolumeBinds(c *check.C) {
+	// TODO Windows CI: Investigate further why this fails on Windows to Windows CI.
+	testRequires(c, DaemonIsLinux)
+	path := "/foo"
+	if daemonPlatform == "windows" {
+		path = `c:\foo`
+	}
+	name := "testing"
+	config := map[string]interface{}{
+		"Image":   "busybox",
+		"Volumes": map[string]struct{}{path: {}},
+	}
+
+	status, _, err := sockRequest("POST", "/containers/create?name="+name, config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusCreated)
+
+	bindPath := randomTmpDirPath("test", daemonPlatform)
+	config = map[string]interface{}{
+		"Binds": []string{bindPath + ":" + path},
+	}
+	status, _, err = sockRequest("POST", "/containers/"+name+"/start", config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNoContent)
+
+	pth, err := inspectMountSourceField(name, path)
+	c.Assert(err, checker.IsNil)
+	c.Assert(pth, checker.Equals, bindPath, check.Commentf("expected volume host path to be %s, got %s", bindPath, pth))
+}
+
+// Test for GH#10618
+func (s *DockerSuite) TestContainerApiStartDupVolumeBinds(c *check.C) {
+	// TODO Windows to Windows CI - Port this
+	testRequires(c, DaemonIsLinux)
+	name := "testdups"
+	config := map[string]interface{}{
+		"Image":   "busybox",
+		"Volumes": map[string]struct{}{"/tmp": {}},
+	}
+
+	status, _, err := sockRequest("POST", "/containers/create?name="+name, config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusCreated)
+
+	bindPath1 := randomTmpDirPath("test1", daemonPlatform)
+	bindPath2 := randomTmpDirPath("test2", daemonPlatform)
+
+	config = map[string]interface{}{
+		"Binds": []string{bindPath1 + ":/tmp", bindPath2 + ":/tmp"},
+	}
+	status, body, err := sockRequest("POST", "/containers/"+name+"/start", config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusInternalServerError)
+	c.Assert(string(body), checker.Contains, "Duplicate mount point", check.Commentf("Expected failure due to duplicate bind mounts to same path, instead got: %q with error: %v", string(body), err))
+}
+
+func (s *DockerSuite) TestContainerApiStartVolumesFrom(c *check.C) {
+	// TODO Windows to Windows CI - Port this
+	testRequires(c, DaemonIsLinux)
+	volName := "voltst"
+	volPath := "/tmp"
+
+	dockerCmd(c, "run", "--name", volName, "-v", volPath, "busybox")
+
+	name := "TestContainerApiStartVolumesFrom"
+	config := map[string]interface{}{
+		"Image":   "busybox",
+		"Volumes": map[string]struct{}{volPath: {}},
+	}
+
+	status, _, err := sockRequest("POST", "/containers/create?name="+name, config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusCreated)
+
+	config = map[string]interface{}{
+		"VolumesFrom": []string{volName},
+	}
+	status, _, err = sockRequest("POST", "/containers/"+name+"/start", config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNoContent)
+
+	pth, err := inspectMountSourceField(name, volPath)
+	c.Assert(err, checker.IsNil)
+	pth2, err := inspectMountSourceField(volName, volPath)
+	c.Assert(err, checker.IsNil)
+	c.Assert(pth, checker.Equals, pth2, check.Commentf("expected volume host path to be %s, got %s", pth, pth2))
+}
+
+func (s *DockerSuite) TestGetContainerStats(c *check.C) {
+	// Problematic on Windows as Windows does not support stats
+	testRequires(c, DaemonIsLinux)
+	var (
+		name = "statscontainer"
+	)
+	dockerCmd(c, "run", "-d", "--name", name, "busybox", "top")
+
+	type b struct {
+		status int
+		body   []byte
+		err    error
+	}
+	bc := make(chan b, 1)
+	go func() {
+		status, body, err := sockRequest("GET", "/containers/"+name+"/stats", nil)
+		bc <- b{status, body, err}
+	}()
+
+	// allow some time to stream the stats from the container
+	time.Sleep(4 * time.Second)
+	dockerCmd(c, "rm", "-f", name)
+
+	// collect the results from the stats stream or timeout and fail
+	// if the stream was not disconnected.
+	select {
+	case <-time.After(2 * time.Second):
+		c.Fatal("stream was not closed after container was removed")
+	case sr := <-bc:
+		c.Assert(sr.err, checker.IsNil)
+		c.Assert(sr.status, checker.Equals, http.StatusOK)
+
+		dec := json.NewDecoder(bytes.NewBuffer(sr.body))
+		var s *types.Stats
+		// decode only one object from the stream
+		c.Assert(dec.Decode(&s), checker.IsNil)
+	}
+}
+
+func (s *DockerSuite) TestGetContainerStatsRmRunning(c *check.C) {
+	// Problematic on Windows as Windows does not support stats
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "top")
+	id := strings.TrimSpace(out)
+
+	buf := &integration.ChannelBuffer{make(chan []byte, 1)}
+	defer buf.Close()
+	chErr := make(chan error, 1)
+	go func() {
+		_, body, err := sockRequestRaw("GET", "/containers/"+id+"/stats?stream=1", nil, "application/json")
+		if err != nil {
+			chErr <- err
+		}
+		defer body.Close()
+		_, err = io.Copy(buf, body)
+		chErr <- err
+	}()
+	defer func() {
+		select {
+		case err := <-chErr:
+			c.Assert(err, checker.IsNil)
+		default:
+			return
+		}
+	}()
+
+	b := make([]byte, 32)
+	// make sure we've got some stats
+	_, err := buf.ReadTimeout(b, 2*time.Second)
+	c.Assert(err, checker.IsNil)
+
+	// Now remove without `-f` and make sure we are still pulling stats
+	_, _, err = dockerCmdWithError("rm", id)
+	c.Assert(err, checker.Not(checker.IsNil), check.Commentf("rm should have failed but didn't"))
+	_, err = buf.ReadTimeout(b, 2*time.Second)
+	c.Assert(err, checker.IsNil)
+
+	dockerCmd(c, "kill", id)
+}
+
+// regression test for gh13421
+// previous test was just checking one stat entry so it didn't fail (stats with
+// stream false always return one stat)
+func (s *DockerSuite) TestGetContainerStatsStream(c *check.C) {
+	// Problematic on Windows as Windows does not support stats
+	testRequires(c, DaemonIsLinux)
+	name := "statscontainer"
+	dockerCmd(c, "run", "-d", "--name", name, "busybox", "top")
+
+	type b struct {
+		status int
+		body   []byte
+		err    error
+	}
+	bc := make(chan b, 1)
+	go func() {
+		status, body, err := sockRequest("GET", "/containers/"+name+"/stats", nil)
+		bc <- b{status, body, err}
+	}()
+
+	// allow some time to stream the stats from the container
+	time.Sleep(4 * time.Second)
+	dockerCmd(c, "rm", "-f", name)
+
+	// collect the results from the stats stream or timeout and fail
+	// if the stream was not disconnected.
+	select {
+	case <-time.After(2 * time.Second):
+		c.Fatal("stream was not closed after container was removed")
+	case sr := <-bc:
+		c.Assert(sr.err, checker.IsNil)
+		c.Assert(sr.status, checker.Equals, http.StatusOK)
+
+		s := string(sr.body)
+		// count occurrences of "read" of types.Stats
+		if l := strings.Count(s, "read"); l < 2 {
+			c.Fatalf("Expected more than one stat streamed, got %d", l)
+		}
+	}
+}
+
+func (s *DockerSuite) TestGetContainerStatsNoStream(c *check.C) {
+	// Problematic on Windows as Windows does not support stats
+	testRequires(c, DaemonIsLinux)
+	name := "statscontainer"
+	dockerCmd(c, "run", "-d", "--name", name, "busybox", "top")
+
+	type b struct {
+		status int
+		body   []byte
+		err    error
+	}
+	bc := make(chan b, 1)
+	go func() {
+		status, body, err := sockRequest("GET", "/containers/"+name+"/stats?stream=0", nil)
+		bc <- b{status, body, err}
+	}()
+
+	// allow some time to stream the stats from the container
+	time.Sleep(4 * time.Second)
+	dockerCmd(c, "rm", "-f", name)
+
+	// collect the results from the stats stream or timeout and fail
+	// if the stream was not disconnected.
+	select {
+	case <-time.After(2 * time.Second):
+		c.Fatal("stream was not closed after container was removed")
+	case sr := <-bc:
+		c.Assert(sr.err, checker.IsNil)
+		c.Assert(sr.status, checker.Equals, http.StatusOK)
+
+		s := string(sr.body)
+		// count occurrences of "read" of types.Stats
+		c.Assert(strings.Count(s, "read"), checker.Equals, 1, check.Commentf("Expected only one stat streamed, got %d", strings.Count(s, "read")))
+	}
+}
+
+func (s *DockerSuite) TestGetStoppedContainerStats(c *check.C) {
+	// Problematic on Windows as Windows does not support stats
+	testRequires(c, DaemonIsLinux)
+	name := "statscontainer"
+	dockerCmd(c, "create", "--name", name, "busybox", "top")
+
+	type stats struct {
+		status int
+		err    error
+	}
+	chResp := make(chan stats)
+
+	// We expect an immediate response, but if it's not immediate, the test would hang, so put it in a goroutine
+	// below we'll check this on a timeout.
+	go func() {
+		resp, body, err := sockRequestRaw("GET", "/containers/"+name+"/stats", nil, "")
+		body.Close()
+		chResp <- stats{resp.StatusCode, err}
+	}()
+
+	select {
+	case r := <-chResp:
+		c.Assert(r.err, checker.IsNil)
+		c.Assert(r.status, checker.Equals, http.StatusOK)
+	case <-time.After(10 * time.Second):
+		c.Fatal("timeout waiting for stats response for stopped container")
+	}
+}
+
+// #9981 - Allow a docker created volume (ie, one in /var/lib/docker/volumes) to be used to overwrite (via passing in Binds on api start) an existing volume
+func (s *DockerSuite) TestPostContainerBindNormalVolume(c *check.C) {
+	// TODO Windows to Windows CI - Port this
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "create", "-v", "/foo", "--name=one", "busybox")
+
+	fooDir, err := inspectMountSourceField("one", "/foo")
+	c.Assert(err, checker.IsNil)
+
+	dockerCmd(c, "create", "-v", "/foo", "--name=two", "busybox")
+
+	bindSpec := map[string][]string{"Binds": {fooDir + ":/foo"}}
+	status, _, err := sockRequest("POST", "/containers/two/start", bindSpec)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNoContent)
+
+	fooDir2, err := inspectMountSourceField("two", "/foo")
+	c.Assert(err, checker.IsNil)
+	c.Assert(fooDir2, checker.Equals, fooDir, check.Commentf("expected volume path to be %s, got: %s", fooDir, fooDir2))
+}
+
+func (s *DockerSuite) TestContainerApiPause(c *check.C) {
+	// Problematic on Windows as Windows does not support pause
+	testRequires(c, DaemonIsLinux)
+	defer unpauseAllContainers()
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "sleep", "30")
+	ContainerID := strings.TrimSpace(out)
+
+	status, _, err := sockRequest("POST", "/containers/"+ContainerID+"/pause", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNoContent)
+
+	pausedContainers, err := getSliceOfPausedContainers()
+	c.Assert(err, checker.IsNil, check.Commentf("error thrown while checking if containers were paused"))
+
+	if len(pausedContainers) != 1 || stringid.TruncateID(ContainerID) != pausedContainers[0] {
+		c.Fatalf("there should be one paused container and not %d", len(pausedContainers))
+	}
+
+	status, _, err = sockRequest("POST", "/containers/"+ContainerID+"/unpause", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNoContent)
+
+	pausedContainers, err = getSliceOfPausedContainers()
+	c.Assert(err, checker.IsNil, check.Commentf("error thrown while checking if containers were paused"))
+	c.Assert(pausedContainers, checker.IsNil, check.Commentf("There should be no paused container."))
+}
+
+func (s *DockerSuite) TestContainerApiTop(c *check.C) {
+	// Problematic on Windows as Windows does not support top
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "top")
+	id := strings.TrimSpace(string(out))
+	c.Assert(waitRun(id), checker.IsNil)
+
+	type topResp struct {
+		Titles    []string
+		Processes [][]string
+	}
+	var top topResp
+	status, b, err := sockRequest("GET", "/containers/"+id+"/top?ps_args=aux", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+	c.Assert(json.Unmarshal(b, &top), checker.IsNil)
+	c.Assert(top.Titles, checker.HasLen, 11, check.Commentf("expected 11 titles, found %d: %v", len(top.Titles), top.Titles))
+
+	if top.Titles[0] != "USER" || top.Titles[10] != "COMMAND" {
+		c.Fatalf("expected `USER` at `Titles[0]` and `COMMAND` at Titles[10]: %v", top.Titles)
+	}
+	c.Assert(top.Processes, checker.HasLen, 2, check.Commentf("expected 2 processes, found %d: %v", len(top.Processes), top.Processes))
+	c.Assert(top.Processes[0][10], checker.Equals, "/bin/sh -c top")
+	c.Assert(top.Processes[1][10], checker.Equals, "top")
+}
+
+func (s *DockerSuite) TestContainerApiCommit(c *check.C) {
+	cName := "testapicommit"
+	dockerCmd(c, "run", "--name="+cName, "busybox", "/bin/sh", "-c", "touch /test")
+
+	name := "testcontainerapicommit"
+	status, b, err := sockRequest("POST", "/commit?repo="+name+"&testtag=tag&container="+cName, nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusCreated)
+
+	type resp struct {
+		ID string
+	}
+	var img resp
+	c.Assert(json.Unmarshal(b, &img), checker.IsNil)
+
+	cmd := inspectField(c, img.ID, "Config.Cmd")
+	c.Assert(cmd, checker.Equals, "[/bin/sh -c touch /test]", check.Commentf("got wrong Cmd from commit: %q", cmd))
+
+	// sanity check, make sure the image is what we think it is
+	dockerCmd(c, "run", img.ID, "ls", "/test")
+}
+
+func (s *DockerSuite) TestContainerApiCommitWithLabelInConfig(c *check.C) {
+	cName := "testapicommitwithconfig"
+	dockerCmd(c, "run", "--name="+cName, "busybox", "/bin/sh", "-c", "touch /test")
+
+	config := map[string]interface{}{
+		"Labels": map[string]string{"key1": "value1", "key2": "value2"},
+	}
+
+	name := "testcontainerapicommitwithconfig"
+	status, b, err := sockRequest("POST", "/commit?repo="+name+"&container="+cName, config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusCreated)
+
+	type resp struct {
+		ID string
+	}
+	var img resp
+	c.Assert(json.Unmarshal(b, &img), checker.IsNil)
+
+	label1 := inspectFieldMap(c, img.ID, "Config.Labels", "key1")
+	c.Assert(label1, checker.Equals, "value1")
+
+	label2 := inspectFieldMap(c, img.ID, "Config.Labels", "key2")
+	c.Assert(label2, checker.Equals, "value2")
+
+	cmd := inspectField(c, img.ID, "Config.Cmd")
+	c.Assert(cmd, checker.Equals, "[/bin/sh -c touch /test]", check.Commentf("got wrong Cmd from commit: %q", cmd))
+
+	// sanity check, make sure the image is what we think it is
+	dockerCmd(c, "run", img.ID, "ls", "/test")
+}
+
+func (s *DockerSuite) TestContainerApiBadPort(c *check.C) {
+	// TODO Windows to Windows CI - Port this test
+	testRequires(c, DaemonIsLinux)
+	config := map[string]interface{}{
+		"Image": "busybox",
+		"Cmd":   []string{"/bin/sh", "-c", "echo test"},
+		"PortBindings": map[string]interface{}{
+			"8080/tcp": []map[string]interface{}{
+				{
+					"HostIP":   "",
+					"HostPort": "aa80",
+				},
+			},
+		},
+	}
+
+	jsonData := bytes.NewBuffer(nil)
+	json.NewEncoder(jsonData).Encode(config)
+
+	status, b, err := sockRequest("POST", "/containers/create", config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusInternalServerError)
+	c.Assert(strings.TrimSpace(string(b)), checker.Equals, `Invalid port specification: "aa80"`, check.Commentf("Incorrect error msg: %s", string(b)))
+}
+
+func (s *DockerSuite) TestContainerApiCreate(c *check.C) {
+	config := map[string]interface{}{
+		"Image": "busybox",
+		"Cmd":   []string{"/bin/sh", "-c", "touch /test && ls /test"},
+	}
+
+	status, b, err := sockRequest("POST", "/containers/create", config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusCreated)
+
+	type createResp struct {
+		ID string
+	}
+	var container createResp
+	c.Assert(json.Unmarshal(b, &container), checker.IsNil)
+
+	out, _ := dockerCmd(c, "start", "-a", container.ID)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "/test")
+}
+
+func (s *DockerSuite) TestContainerApiCreateEmptyConfig(c *check.C) {
+	config := map[string]interface{}{}
+
+	status, b, err := sockRequest("POST", "/containers/create", config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusInternalServerError)
+
+	expected := "Config cannot be empty in order to create a container\n"
+	c.Assert(string(b), checker.Equals, expected)
+}
+
+func (s *DockerSuite) TestContainerApiCreateMultipleNetworksConfig(c *check.C) {
+	// Container creation must fail if client specified configurations for more than one network
+	config := map[string]interface{}{
+		"Image": "busybox",
+		"NetworkingConfig": networktypes.NetworkingConfig{
+			EndpointsConfig: map[string]*networktypes.EndpointSettings{
+				"net1": {},
+				"net2": {},
+				"net3": {},
+			},
+		},
+	}
+
+	status, b, err := sockRequest("POST", "/containers/create", config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusBadRequest)
+	// network name order in error message is not deterministic
+	c.Assert(string(b), checker.Contains, "Container cannot be connected to network endpoints")
+	c.Assert(string(b), checker.Contains, "net1")
+	c.Assert(string(b), checker.Contains, "net2")
+	c.Assert(string(b), checker.Contains, "net3")
+}
+
+func (s *DockerSuite) TestContainerApiCreateWithHostName(c *check.C) {
+	// TODO Windows: Port this test once hostname is supported
+	testRequires(c, DaemonIsLinux)
+	hostName := "test-host"
+	config := map[string]interface{}{
+		"Image":    "busybox",
+		"Hostname": hostName,
+	}
+
+	status, body, err := sockRequest("POST", "/containers/create", config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusCreated)
+
+	var container types.ContainerCreateResponse
+	c.Assert(json.Unmarshal(body, &container), checker.IsNil)
+
+	status, body, err = sockRequest("GET", "/containers/"+container.ID+"/json", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+
+	var containerJSON types.ContainerJSON
+	c.Assert(json.Unmarshal(body, &containerJSON), checker.IsNil)
+	c.Assert(containerJSON.Config.Hostname, checker.Equals, hostName, check.Commentf("Mismatched Hostname"))
+}
+
+func (s *DockerSuite) TestContainerApiCreateWithDomainName(c *check.C) {
+	// TODO Windows: Port this test once domain name is supported
+	testRequires(c, DaemonIsLinux)
+	domainName := "test-domain"
+	config := map[string]interface{}{
+		"Image":      "busybox",
+		"Domainname": domainName,
+	}
+
+	status, body, err := sockRequest("POST", "/containers/create", config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusCreated)
+
+	var container types.ContainerCreateResponse
+	c.Assert(json.Unmarshal(body, &container), checker.IsNil)
+
+	status, body, err = sockRequest("GET", "/containers/"+container.ID+"/json", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+
+	var containerJSON types.ContainerJSON
+	c.Assert(json.Unmarshal(body, &containerJSON), checker.IsNil)
+	c.Assert(containerJSON.Config.Domainname, checker.Equals, domainName, check.Commentf("Mismatched Domainname"))
+}
+
+func (s *DockerSuite) TestContainerApiCreateBridgeNetworkMode(c *check.C) {
+	// Windows does not support bridge
+	testRequires(c, DaemonIsLinux)
+	UtilCreateNetworkMode(c, "bridge")
+}
+
+func (s *DockerSuite) TestContainerApiCreateOtherNetworkModes(c *check.C) {
+	// Windows does not support these network modes
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	UtilCreateNetworkMode(c, "host")
+	UtilCreateNetworkMode(c, "container:web1")
+}
+
+func UtilCreateNetworkMode(c *check.C, networkMode string) {
+	config := map[string]interface{}{
+		"Image":      "busybox",
+		"HostConfig": map[string]interface{}{"NetworkMode": networkMode},
+	}
+
+	status, body, err := sockRequest("POST", "/containers/create", config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusCreated)
+
+	var container types.ContainerCreateResponse
+	c.Assert(json.Unmarshal(body, &container), checker.IsNil)
+
+	status, body, err = sockRequest("GET", "/containers/"+container.ID+"/json", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+
+	var containerJSON types.ContainerJSON
+	c.Assert(json.Unmarshal(body, &containerJSON), checker.IsNil)
+	c.Assert(containerJSON.HostConfig.NetworkMode, checker.Equals, containertypes.NetworkMode(networkMode), check.Commentf("Mismatched NetworkMode"))
+}
+
+func (s *DockerSuite) TestContainerApiCreateWithCpuSharesCpuset(c *check.C) {
+	// TODO Windows to Windows CI. The CpuShares part could be ported.
+	testRequires(c, DaemonIsLinux)
+	config := map[string]interface{}{
+		"Image":      "busybox",
+		"CpuShares":  512,
+		"CpusetCpus": "0",
+	}
+
+	status, body, err := sockRequest("POST", "/containers/create", config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusCreated)
+
+	var container types.ContainerCreateResponse
+	c.Assert(json.Unmarshal(body, &container), checker.IsNil)
+
+	status, body, err = sockRequest("GET", "/containers/"+container.ID+"/json", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+
+	var containerJSON types.ContainerJSON
+
+	c.Assert(json.Unmarshal(body, &containerJSON), checker.IsNil)
+
+	out := inspectField(c, containerJSON.ID, "HostConfig.CpuShares")
+	c.Assert(out, checker.Equals, "512")
+
+	outCpuset := inspectField(c, containerJSON.ID, "HostConfig.CpusetCpus")
+	c.Assert(outCpuset, checker.Equals, "0")
+}
+
+func (s *DockerSuite) TestContainerApiVerifyHeader(c *check.C) {
+	config := map[string]interface{}{
+		"Image": "busybox",
+	}
+
+	create := func(ct string) (*http.Response, io.ReadCloser, error) {
+		jsonData := bytes.NewBuffer(nil)
+		c.Assert(json.NewEncoder(jsonData).Encode(config), checker.IsNil)
+		return sockRequestRaw("POST", "/containers/create", jsonData, ct)
+	}
+
+	// Try with no content-type
+	res, body, err := create("")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusInternalServerError)
+	body.Close()
+
+	// Try with wrong content-type
+	res, body, err = create("application/xml")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusInternalServerError)
+	body.Close()
+
+	// now application/json
+	res, body, err = create("application/json")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusCreated)
+	body.Close()
+}
+
+//Issue 14230. daemon should return 500 for invalid port syntax
+func (s *DockerSuite) TestContainerApiInvalidPortSyntax(c *check.C) {
+	config := `{
+				  "Image": "busybox",
+				  "HostConfig": {
+					"NetworkMode": "default",
+					"PortBindings": {
+					  "19039;1230": [
+						{}
+					  ]
+					}
+				  }
+				}`
+
+	res, body, err := sockRequestRaw("POST", "/containers/create", strings.NewReader(config), "application/json")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusInternalServerError)
+
+	b, err := readBody(body)
+	c.Assert(err, checker.IsNil)
+	c.Assert(string(b[:]), checker.Contains, "Invalid port")
+}
+
+// Issue 7941 - test to make sure a "null" in JSON is just ignored.
+// W/o this fix a null in JSON would be parsed into a string var as "null"
+func (s *DockerSuite) TestContainerApiPostCreateNull(c *check.C) {
+	// TODO Windows to Windows CI. Bit of this with alternate fields checked
+	// can probably be ported.
+	testRequires(c, DaemonIsLinux)
+	config := `{
+		"Hostname":"",
+		"Domainname":"",
+		"Memory":0,
+		"MemorySwap":0,
+		"CpuShares":0,
+		"Cpuset":null,
+		"AttachStdin":true,
+		"AttachStdout":true,
+		"AttachStderr":true,
+		"ExposedPorts":{},
+		"Tty":true,
+		"OpenStdin":true,
+		"StdinOnce":true,
+		"Env":[],
+		"Cmd":"ls",
+		"Image":"busybox",
+		"Volumes":{},
+		"WorkingDir":"",
+		"Entrypoint":null,
+		"NetworkDisabled":false,
+		"OnBuild":null}`
+
+	res, body, err := sockRequestRaw("POST", "/containers/create", strings.NewReader(config), "application/json")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusCreated)
+
+	b, err := readBody(body)
+	c.Assert(err, checker.IsNil)
+	type createResp struct {
+		ID string
+	}
+	var container createResp
+	c.Assert(json.Unmarshal(b, &container), checker.IsNil)
+	out := inspectField(c, container.ID, "HostConfig.CpusetCpus")
+	c.Assert(out, checker.Equals, "")
+
+	outMemory := inspectField(c, container.ID, "HostConfig.Memory")
+	c.Assert(outMemory, checker.Equals, "0")
+	outMemorySwap := inspectField(c, container.ID, "HostConfig.MemorySwap")
+	c.Assert(outMemorySwap, checker.Equals, "0")
+}
+
+func (s *DockerSuite) TestCreateWithTooLowMemoryLimit(c *check.C) {
+	// TODO Windows: Port once memory is supported
+	testRequires(c, DaemonIsLinux)
+	config := `{
+		"Image":     "busybox",
+		"Cmd":       "ls",
+		"OpenStdin": true,
+		"CpuShares": 100,
+		"Memory":    524287
+	}`
+
+	res, body, err := sockRequestRaw("POST", "/containers/create", strings.NewReader(config), "application/json")
+	c.Assert(err, checker.IsNil)
+	b, err2 := readBody(body)
+	c.Assert(err2, checker.IsNil)
+
+	c.Assert(res.StatusCode, checker.Equals, http.StatusInternalServerError)
+	c.Assert(string(b), checker.Contains, "Minimum memory limit allowed is 4MB")
+}
+
+func (s *DockerSuite) TestStartWithTooLowMemoryLimit(c *check.C) {
+	// TODO Windows: Port once memory is supported
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "create", "busybox")
+
+	containerID := strings.TrimSpace(out)
+
+	config := `{
+                "CpuShares": 100,
+                "Memory":    524287
+        }`
+
+	res, body, err := sockRequestRaw("POST", "/containers/"+containerID+"/start", strings.NewReader(config), "application/json")
+	c.Assert(err, checker.IsNil)
+	b, err2 := readBody(body)
+	c.Assert(err2, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusInternalServerError)
+	c.Assert(string(b), checker.Contains, "Minimum memory limit allowed is 4MB")
+}
+
+func (s *DockerSuite) TestContainerApiRename(c *check.C) {
+	// TODO Windows: Enable for TP5. Fails on TP4.
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "--name", "TestContainerApiRename", "-d", "busybox", "sh")
+
+	containerID := strings.TrimSpace(out)
+	newName := "TestContainerApiRenameNew"
+	statusCode, _, err := sockRequest("POST", "/containers/"+containerID+"/rename?name="+newName, nil)
+	c.Assert(err, checker.IsNil)
+	// 204 No Content is expected, not 200
+	c.Assert(statusCode, checker.Equals, http.StatusNoContent)
+
+	name := inspectField(c, containerID, "Name")
+	c.Assert(name, checker.Equals, "/"+newName, check.Commentf("Failed to rename container"))
+}
+
+func (s *DockerSuite) TestContainerApiKill(c *check.C) {
+	name := "test-api-kill"
+	runSleepingContainer(c, "-i", "--name", name)
+
+	status, _, err := sockRequest("POST", "/containers/"+name+"/kill", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNoContent)
+
+	state := inspectField(c, name, "State.Running")
+	c.Assert(state, checker.Equals, "false", check.Commentf("got wrong State from container %s: %q", name, state))
+}
+
+func (s *DockerSuite) TestContainerApiRestart(c *check.C) {
+	// TODO Windows to Windows CI. This is flaky due to the timing
+	testRequires(c, DaemonIsLinux)
+	name := "test-api-restart"
+	dockerCmd(c, "run", "-di", "--name", name, "busybox", "top")
+
+	status, _, err := sockRequest("POST", "/containers/"+name+"/restart?t=1", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNoContent)
+	c.Assert(waitInspect(name, "{{ .State.Restarting  }} {{ .State.Running  }}", "false true", 5*time.Second), checker.IsNil)
+}
+
+func (s *DockerSuite) TestContainerApiRestartNotimeoutParam(c *check.C) {
+	// TODO Windows to Windows CI. This is flaky due to the timing
+	testRequires(c, DaemonIsLinux)
+	name := "test-api-restart-no-timeout-param"
+	out, _ := dockerCmd(c, "run", "-di", "--name", name, "busybox", "top")
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), checker.IsNil)
+
+	status, _, err := sockRequest("POST", "/containers/"+name+"/restart", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNoContent)
+	c.Assert(waitInspect(name, "{{ .State.Restarting  }} {{ .State.Running  }}", "false true", 5*time.Second), checker.IsNil)
+}
+
+func (s *DockerSuite) TestContainerApiStart(c *check.C) {
+	name := "testing-start"
+	config := map[string]interface{}{
+		"Image":     "busybox",
+		"Cmd":       append([]string{"/bin/sh", "-c"}, defaultSleepCommand...),
+		"OpenStdin": true,
+	}
+
+	status, _, err := sockRequest("POST", "/containers/create?name="+name, config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusCreated)
+
+	conf := make(map[string]interface{})
+	status, _, err = sockRequest("POST", "/containers/"+name+"/start", conf)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNoContent)
+
+	// second call to start should give 304
+	status, _, err = sockRequest("POST", "/containers/"+name+"/start", conf)
+	c.Assert(err, checker.IsNil)
+
+	// TODO(tibor): figure out why this doesn't work on windows
+	if isLocalDaemon {
+		c.Assert(status, checker.Equals, http.StatusNotModified)
+	}
+}
+
+func (s *DockerSuite) TestContainerApiStop(c *check.C) {
+	name := "test-api-stop"
+	runSleepingContainer(c, "-i", "--name", name)
+
+	status, _, err := sockRequest("POST", "/containers/"+name+"/stop?t=30", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNoContent)
+	c.Assert(waitInspect(name, "{{ .State.Running  }}", "false", 60*time.Second), checker.IsNil)
+
+	// second call to start should give 304
+	status, _, err = sockRequest("POST", "/containers/"+name+"/stop?t=30", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNotModified)
+}
+
+func (s *DockerSuite) TestContainerApiWait(c *check.C) {
+	name := "test-api-wait"
+
+	sleepCmd := "/bin/sleep"
+	if daemonPlatform == "windows" {
+		sleepCmd = "sleep"
+	}
+	dockerCmd(c, "run", "--name", name, "busybox", sleepCmd, "5")
+
+	status, body, err := sockRequest("POST", "/containers/"+name+"/wait", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+	c.Assert(waitInspect(name, "{{ .State.Running  }}", "false", 60*time.Second), checker.IsNil)
+
+	var waitres types.ContainerWaitResponse
+	c.Assert(json.Unmarshal(body, &waitres), checker.IsNil)
+	c.Assert(waitres.StatusCode, checker.Equals, 0)
+}
+
+func (s *DockerSuite) TestContainerApiCopy(c *check.C) {
+	// TODO Windows to Windows CI. This can be ported.
+	testRequires(c, DaemonIsLinux)
+	name := "test-container-api-copy"
+	dockerCmd(c, "run", "--name", name, "busybox", "touch", "/test.txt")
+
+	postData := types.CopyConfig{
+		Resource: "/test.txt",
+	}
+
+	status, body, err := sockRequest("POST", "/containers/"+name+"/copy", postData)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+
+	found := false
+	for tarReader := tar.NewReader(bytes.NewReader(body)); ; {
+		h, err := tarReader.Next()
+		if err != nil {
+			if err == io.EOF {
+				break
+			}
+			c.Fatal(err)
+		}
+		if h.Name == "test.txt" {
+			found = true
+			break
+		}
+	}
+	c.Assert(found, checker.True)
+}
+
+func (s *DockerSuite) TestContainerApiCopyResourcePathEmpty(c *check.C) {
+	// TODO Windows to Windows CI. This can be ported.
+	testRequires(c, DaemonIsLinux)
+	name := "test-container-api-copy-resource-empty"
+	dockerCmd(c, "run", "--name", name, "busybox", "touch", "/test.txt")
+
+	postData := types.CopyConfig{
+		Resource: "",
+	}
+
+	status, body, err := sockRequest("POST", "/containers/"+name+"/copy", postData)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusInternalServerError)
+	c.Assert(string(body), checker.Matches, "Path cannot be empty\n")
+}
+
+func (s *DockerSuite) TestContainerApiCopyResourcePathNotFound(c *check.C) {
+	// TODO Windows to Windows CI. This can be ported.
+	testRequires(c, DaemonIsLinux)
+	name := "test-container-api-copy-resource-not-found"
+	dockerCmd(c, "run", "--name", name, "busybox")
+
+	postData := types.CopyConfig{
+		Resource: "/notexist",
+	}
+
+	status, body, err := sockRequest("POST", "/containers/"+name+"/copy", postData)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusInternalServerError)
+	c.Assert(string(body), checker.Matches, "Could not find the file /notexist in container "+name+"\n")
+}
+
+func (s *DockerSuite) TestContainerApiCopyContainerNotFound(c *check.C) {
+	postData := types.CopyConfig{
+		Resource: "/something",
+	}
+
+	status, _, err := sockRequest("POST", "/containers/notexists/copy", postData)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNotFound)
+}
+
+func (s *DockerSuite) TestContainerApiDelete(c *check.C) {
+	out, _ := runSleepingContainer(c)
+
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), checker.IsNil)
+
+	dockerCmd(c, "stop", id)
+
+	status, _, err := sockRequest("DELETE", "/containers/"+id, nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNoContent)
+}
+
+func (s *DockerSuite) TestContainerApiDeleteNotExist(c *check.C) {
+	status, body, err := sockRequest("DELETE", "/containers/doesnotexist", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNotFound)
+	c.Assert(string(body), checker.Matches, "No such container: doesnotexist\n")
+}
+
+func (s *DockerSuite) TestContainerApiDeleteForce(c *check.C) {
+	out, _ := runSleepingContainer(c)
+
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), checker.IsNil)
+
+	status, _, err := sockRequest("DELETE", "/containers/"+id+"?force=1", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNoContent)
+}
+
+func (s *DockerSuite) TestContainerApiDeleteRemoveLinks(c *check.C) {
+	// Windows does not support links
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "--name", "tlink1", "busybox", "top")
+
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), checker.IsNil)
+
+	out, _ = dockerCmd(c, "run", "--link", "tlink1:tlink1", "--name", "tlink2", "-d", "busybox", "top")
+
+	id2 := strings.TrimSpace(out)
+	c.Assert(waitRun(id2), checker.IsNil)
+
+	links := inspectFieldJSON(c, id2, "HostConfig.Links")
+	c.Assert(links, checker.Equals, "[\"/tlink1:/tlink2/tlink1\"]", check.Commentf("expected to have links between containers"))
+
+	status, b, err := sockRequest("DELETE", "/containers/tlink2/tlink1?link=1", nil)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusNoContent, check.Commentf(string(b)))
+
+	linksPostRm := inspectFieldJSON(c, id2, "HostConfig.Links")
+	c.Assert(linksPostRm, checker.Equals, "null", check.Commentf("call to api deleteContainer links should have removed the specified links"))
+}
+
+func (s *DockerSuite) TestContainerApiDeleteConflict(c *check.C) {
+	out, _ := runSleepingContainer(c)
+
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), checker.IsNil)
+
+	status, _, err := sockRequest("DELETE", "/containers/"+id, nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusConflict)
+}
+
+func (s *DockerSuite) TestContainerApiDeleteRemoveVolume(c *check.C) {
+	testRequires(c, SameHostDaemon)
+
+	vol := "/testvolume"
+	if daemonPlatform == "windows" {
+		vol = `c:\testvolume`
+	}
+
+	out, _ := runSleepingContainer(c, "-v", vol)
+
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), checker.IsNil)
+
+	source, err := inspectMountSourceField(id, vol)
+	_, err = os.Stat(source)
+	c.Assert(err, checker.IsNil)
+
+	status, _, err := sockRequest("DELETE", "/containers/"+id+"?v=1&force=1", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNoContent)
+	_, err = os.Stat(source)
+	c.Assert(os.IsNotExist(err), checker.True, check.Commentf("expected to get ErrNotExist error, got %v", err))
+}
+
+// Regression test for https://github.com/docker/docker/issues/6231
+func (s *DockerSuite) TestContainerApiChunkedEncoding(c *check.C) {
+	// TODO Windows CI: This can be ported
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "create", "-v", "/foo", "busybox", "true")
+	id := strings.TrimSpace(out)
+
+	conn, err := sockConn(time.Duration(10 * time.Second))
+	c.Assert(err, checker.IsNil)
+	client := httputil.NewClientConn(conn, nil)
+	defer client.Close()
+
+	bindCfg := strings.NewReader(`{"Binds": ["/tmp:/foo"]}`)
+	req, err := http.NewRequest("POST", "/containers/"+id+"/start", bindCfg)
+	c.Assert(err, checker.IsNil)
+	req.Header.Set("Content-Type", "application/json")
+	// This is a cheat to make the http request do chunked encoding
+	// Otherwise (just setting the Content-Encoding to chunked) net/http will overwrite
+	// https://golang.org/src/pkg/net/http/request.go?s=11980:12172
+	req.ContentLength = -1
+
+	resp, err := client.Do(req)
+	c.Assert(err, checker.IsNil, check.Commentf("error starting container with chunked encoding"))
+	resp.Body.Close()
+	c.Assert(resp.StatusCode, checker.Equals, 204)
+
+	out = inspectFieldJSON(c, id, "HostConfig.Binds")
+
+	var binds []string
+	c.Assert(json.NewDecoder(strings.NewReader(out)).Decode(&binds), checker.IsNil)
+	c.Assert(binds, checker.HasLen, 1, check.Commentf("Got unexpected binds: %v", binds))
+
+	expected := "/tmp:/foo"
+	c.Assert(binds[0], checker.Equals, expected, check.Commentf("got incorrect bind spec"))
+}
+
+func (s *DockerSuite) TestContainerApiPostContainerStop(c *check.C) {
+	out, _ := runSleepingContainer(c)
+
+	containerID := strings.TrimSpace(out)
+	c.Assert(waitRun(containerID), checker.IsNil)
+
+	statusCode, _, err := sockRequest("POST", "/containers/"+containerID+"/stop", nil)
+	c.Assert(err, checker.IsNil)
+	// 204 No Content is expected, not 200
+	c.Assert(statusCode, checker.Equals, http.StatusNoContent)
+	c.Assert(waitInspect(containerID, "{{ .State.Running  }}", "false", 5*time.Second), checker.IsNil)
+}
+
+// #14170
+func (s *DockerSuite) TestPostContainerApiCreateWithStringOrSliceEntrypoint(c *check.C) {
+	config := struct {
+		Image      string
+		Entrypoint string
+		Cmd        []string
+	}{"busybox", "echo", []string{"hello", "world"}}
+	_, _, err := sockRequest("POST", "/containers/create?name=echotest", config)
+	c.Assert(err, checker.IsNil)
+	out, _ := dockerCmd(c, "start", "-a", "echotest")
+	c.Assert(strings.TrimSpace(out), checker.Equals, "hello world")
+
+	config2 := struct {
+		Image      string
+		Entrypoint []string
+		Cmd        []string
+	}{"busybox", []string{"echo"}, []string{"hello", "world"}}
+	_, _, err = sockRequest("POST", "/containers/create?name=echotest2", config2)
+	c.Assert(err, checker.IsNil)
+	out, _ = dockerCmd(c, "start", "-a", "echotest2")
+	c.Assert(strings.TrimSpace(out), checker.Equals, "hello world")
+}
+
+// #14170
+func (s *DockerSuite) TestPostContainersCreateWithStringOrSliceCmd(c *check.C) {
+	config := struct {
+		Image      string
+		Entrypoint string
+		Cmd        string
+	}{"busybox", "echo", "hello world"}
+	_, _, err := sockRequest("POST", "/containers/create?name=echotest", config)
+	c.Assert(err, checker.IsNil)
+	out, _ := dockerCmd(c, "start", "-a", "echotest")
+	c.Assert(strings.TrimSpace(out), checker.Equals, "hello world")
+
+	config2 := struct {
+		Image string
+		Cmd   []string
+	}{"busybox", []string{"echo", "hello", "world"}}
+	_, _, err = sockRequest("POST", "/containers/create?name=echotest2", config2)
+	c.Assert(err, checker.IsNil)
+	out, _ = dockerCmd(c, "start", "-a", "echotest2")
+	c.Assert(strings.TrimSpace(out), checker.Equals, "hello world")
+}
+
+// regression #14318
+func (s *DockerSuite) TestPostContainersCreateWithStringOrSliceCapAddDrop(c *check.C) {
+	// Windows doesn't support CapAdd/CapDrop
+	testRequires(c, DaemonIsLinux)
+	config := struct {
+		Image   string
+		CapAdd  string
+		CapDrop string
+	}{"busybox", "NET_ADMIN", "SYS_ADMIN"}
+	status, _, err := sockRequest("POST", "/containers/create?name=capaddtest0", config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusCreated)
+
+	config2 := struct {
+		Image   string
+		CapAdd  []string
+		CapDrop []string
+	}{"busybox", []string{"NET_ADMIN", "SYS_ADMIN"}, []string{"SETGID"}}
+	status, _, err = sockRequest("POST", "/containers/create?name=capaddtest1", config2)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusCreated)
+}
+
+// #14640
+func (s *DockerSuite) TestPostContainersStartWithoutLinksInHostConfig(c *check.C) {
+	// TODO Windows: Windows doesn't support supplying a hostconfig on start.
+	// An alternate test could be written to validate the negative testing aspect of this
+	testRequires(c, DaemonIsLinux)
+	name := "test-host-config-links"
+	dockerCmd(c, append([]string{"create", "--name", name, "busybox"}, defaultSleepCommand...)...)
+
+	hc := inspectFieldJSON(c, name, "HostConfig")
+	config := `{"HostConfig":` + hc + `}`
+
+	res, b, err := sockRequestRaw("POST", "/containers/"+name+"/start", strings.NewReader(config), "application/json")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusNoContent)
+	b.Close()
+}
+
+// #14640
+func (s *DockerSuite) TestPostContainersStartWithLinksInHostConfig(c *check.C) {
+	// TODO Windows: Windows doesn't support supplying a hostconfig on start.
+	// An alternate test could be written to validate the negative testing aspect of this
+	testRequires(c, DaemonIsLinux)
+	name := "test-host-config-links"
+	dockerCmd(c, "run", "--name", "foo", "-d", "busybox", "top")
+	dockerCmd(c, "create", "--name", name, "--link", "foo:bar", "busybox", "top")
+
+	hc := inspectFieldJSON(c, name, "HostConfig")
+	config := `{"HostConfig":` + hc + `}`
+
+	res, b, err := sockRequestRaw("POST", "/containers/"+name+"/start", strings.NewReader(config), "application/json")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusNoContent)
+	b.Close()
+}
+
+// #14640
+func (s *DockerSuite) TestPostContainersStartWithLinksInHostConfigIdLinked(c *check.C) {
+	// Windows does not support links
+	testRequires(c, DaemonIsLinux)
+	name := "test-host-config-links"
+	out, _ := dockerCmd(c, "run", "--name", "link0", "-d", "busybox", "top")
+	id := strings.TrimSpace(out)
+	dockerCmd(c, "create", "--name", name, "--link", id, "busybox", "top")
+
+	hc := inspectFieldJSON(c, name, "HostConfig")
+	config := `{"HostConfig":` + hc + `}`
+
+	res, b, err := sockRequestRaw("POST", "/containers/"+name+"/start", strings.NewReader(config), "application/json")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusNoContent)
+	b.Close()
+}
+
+// #14915
+func (s *DockerSuite) TestContainerApiCreateNoHostConfig118(c *check.C) {
+	config := struct {
+		Image string
+	}{"busybox"}
+	status, _, err := sockRequest("POST", "/v1.18/containers/create", config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusCreated)
+}
+
+// Ensure an error occurs when you have a container read-only rootfs but you
+// extract an archive to a symlink in a writable volume which points to a
+// directory outside of the volume.
+func (s *DockerSuite) TestPutContainerArchiveErrSymlinkInVolumeToReadOnlyRootfs(c *check.C) {
+	// Windows does not support read-only rootfs
+	// Requires local volume mount bind.
+	// --read-only + userns has remount issues
+	testRequires(c, SameHostDaemon, NotUserNamespace, DaemonIsLinux)
+
+	testVol := getTestDir(c, "test-put-container-archive-err-symlink-in-volume-to-read-only-rootfs-")
+	defer os.RemoveAll(testVol)
+
+	makeTestContentInDir(c, testVol)
+
+	cID := makeTestContainer(c, testContainerOptions{
+		readOnly: true,
+		volumes:  defaultVolumes(testVol), // Our bind mount is at /vol2
+	})
+	defer deleteContainer(cID)
+
+	// Attempt to extract to a symlink in the volume which points to a
+	// directory outside the volume. This should cause an error because the
+	// rootfs is read-only.
+	query := make(url.Values, 1)
+	query.Set("path", "/vol2/symlinkToAbsDir")
+	urlPath := fmt.Sprintf("/v1.20/containers/%s/archive?%s", cID, query.Encode())
+
+	statusCode, body, err := sockRequest("PUT", urlPath, nil)
+	c.Assert(err, checker.IsNil)
+
+	if !isCpCannotCopyReadOnly(fmt.Errorf(string(body))) {
+		c.Fatalf("expected ErrContainerRootfsReadonly error, but got %d: %s", statusCode, string(body))
+	}
+}
+
+func (s *DockerSuite) TestContainerApiGetContainersJSONEmpty(c *check.C) {
+	status, body, err := sockRequest("GET", "/containers/json?all=1", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+	c.Assert(string(body), checker.Equals, "[]\n")
+}
+
+func (s *DockerSuite) TestPostContainersCreateWithWrongCpusetValues(c *check.C) {
+	// Not supported on Windows
+	testRequires(c, DaemonIsLinux)
+
+	c1 := struct {
+		Image      string
+		CpusetCpus string
+	}{"busybox", "1-42,,"}
+	name := "wrong-cpuset-cpus"
+	status, body, err := sockRequest("POST", "/containers/create?name="+name, c1)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusInternalServerError)
+	expected := "Invalid value 1-42,, for cpuset cpus.\n"
+	c.Assert(string(body), checker.Equals, expected)
+
+	c2 := struct {
+		Image      string
+		CpusetMems string
+	}{"busybox", "42-3,1--"}
+	name = "wrong-cpuset-mems"
+	status, body, err = sockRequest("POST", "/containers/create?name="+name, c2)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusInternalServerError)
+	expected = "Invalid value 42-3,1-- for cpuset mems.\n"
+	c.Assert(string(body), checker.Equals, expected)
+}
+
+func (s *DockerSuite) TestStartWithNilDNS(c *check.C) {
+	// TODO Windows: Add once DNS is supported
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "create", "busybox")
+	containerID := strings.TrimSpace(out)
+
+	config := `{"HostConfig": {"Dns": null}}`
+
+	res, b, err := sockRequestRaw("POST", "/containers/"+containerID+"/start", strings.NewReader(config), "application/json")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusNoContent)
+	b.Close()
+
+	dns := inspectFieldJSON(c, containerID, "HostConfig.Dns")
+	c.Assert(dns, checker.Equals, "[]")
+}
+
+func (s *DockerSuite) TestPostContainersCreateShmSizeNegative(c *check.C) {
+	// ShmSize is not supported on Windows
+	testRequires(c, DaemonIsLinux)
+	config := map[string]interface{}{
+		"Image":      "busybox",
+		"HostConfig": map[string]interface{}{"ShmSize": -1},
+	}
+
+	status, body, err := sockRequest("POST", "/containers/create", config)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusInternalServerError)
+	c.Assert(string(body), checker.Contains, "SHM size must be greater then 0")
+}
+
+func (s *DockerSuite) TestPostContainersCreateShmSizeHostConfigOmitted(c *check.C) {
+	// ShmSize is not supported on Windows
+	testRequires(c, DaemonIsLinux)
+	var defaultSHMSize int64 = 67108864
+	config := map[string]interface{}{
+		"Image": "busybox",
+		"Cmd":   "mount",
+	}
+
+	status, body, err := sockRequest("POST", "/containers/create", config)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusCreated)
+
+	var container types.ContainerCreateResponse
+	c.Assert(json.Unmarshal(body, &container), check.IsNil)
+
+	status, body, err = sockRequest("GET", "/containers/"+container.ID+"/json", nil)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusOK)
+
+	var containerJSON types.ContainerJSON
+	c.Assert(json.Unmarshal(body, &containerJSON), check.IsNil)
+
+	c.Assert(containerJSON.HostConfig.ShmSize, check.Equals, defaultSHMSize)
+
+	out, _ := dockerCmd(c, "start", "-i", containerJSON.ID)
+	shmRegexp := regexp.MustCompile(`shm on /dev/shm type tmpfs(.*)size=65536k`)
+	if !shmRegexp.MatchString(out) {
+		c.Fatalf("Expected shm of 64MB in mount command, got %v", out)
+	}
+}
+
+func (s *DockerSuite) TestPostContainersCreateShmSizeOmitted(c *check.C) {
+	// ShmSize is not supported on Windows
+	testRequires(c, DaemonIsLinux)
+	config := map[string]interface{}{
+		"Image":      "busybox",
+		"HostConfig": map[string]interface{}{},
+		"Cmd":        "mount",
+	}
+
+	status, body, err := sockRequest("POST", "/containers/create", config)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusCreated)
+
+	var container types.ContainerCreateResponse
+	c.Assert(json.Unmarshal(body, &container), check.IsNil)
+
+	status, body, err = sockRequest("GET", "/containers/"+container.ID+"/json", nil)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusOK)
+
+	var containerJSON types.ContainerJSON
+	c.Assert(json.Unmarshal(body, &containerJSON), check.IsNil)
+
+	c.Assert(containerJSON.HostConfig.ShmSize, check.Equals, int64(67108864))
+
+	out, _ := dockerCmd(c, "start", "-i", containerJSON.ID)
+	shmRegexp := regexp.MustCompile(`shm on /dev/shm type tmpfs(.*)size=65536k`)
+	if !shmRegexp.MatchString(out) {
+		c.Fatalf("Expected shm of 64MB in mount command, got %v", out)
+	}
+}
+
+func (s *DockerSuite) TestPostContainersCreateWithShmSize(c *check.C) {
+	// ShmSize is not supported on Windows
+	testRequires(c, DaemonIsLinux)
+	config := map[string]interface{}{
+		"Image":      "busybox",
+		"Cmd":        "mount",
+		"HostConfig": map[string]interface{}{"ShmSize": 1073741824},
+	}
+
+	status, body, err := sockRequest("POST", "/containers/create", config)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusCreated)
+
+	var container types.ContainerCreateResponse
+	c.Assert(json.Unmarshal(body, &container), check.IsNil)
+
+	status, body, err = sockRequest("GET", "/containers/"+container.ID+"/json", nil)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusOK)
+
+	var containerJSON types.ContainerJSON
+	c.Assert(json.Unmarshal(body, &containerJSON), check.IsNil)
+
+	c.Assert(containerJSON.HostConfig.ShmSize, check.Equals, int64(1073741824))
+
+	out, _ := dockerCmd(c, "start", "-i", containerJSON.ID)
+	shmRegex := regexp.MustCompile(`shm on /dev/shm type tmpfs(.*)size=1048576k`)
+	if !shmRegex.MatchString(out) {
+		c.Fatalf("Expected shm of 1GB in mount command, got %v", out)
+	}
+}
+
+func (s *DockerSuite) TestPostContainersCreateMemorySwappinessHostConfigOmitted(c *check.C) {
+	// Swappiness is not supported on Windows
+	testRequires(c, DaemonIsLinux)
+	config := map[string]interface{}{
+		"Image": "busybox",
+	}
+
+	status, body, err := sockRequest("POST", "/containers/create", config)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusCreated)
+
+	var container types.ContainerCreateResponse
+	c.Assert(json.Unmarshal(body, &container), check.IsNil)
+
+	status, body, err = sockRequest("GET", "/containers/"+container.ID+"/json", nil)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusOK)
+
+	var containerJSON types.ContainerJSON
+	c.Assert(json.Unmarshal(body, &containerJSON), check.IsNil)
+
+	c.Assert(*containerJSON.HostConfig.MemorySwappiness, check.Equals, int64(-1))
+}
+
+// check validation is done daemon side and not only in cli
+func (s *DockerSuite) TestPostContainersCreateWithOomScoreAdjInvalidRange(c *check.C) {
+	// OomScoreAdj is not supported on Windows
+	testRequires(c, DaemonIsLinux)
+
+	config := struct {
+		Image       string
+		OomScoreAdj int
+	}{"busybox", 1001}
+	name := "oomscoreadj-over"
+	status, b, err := sockRequest("POST", "/containers/create?name="+name, config)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusInternalServerError)
+	expected := "Invalid value 1001, range for oom score adj is [-1000, 1000]."
+	if !strings.Contains(string(b), expected) {
+		c.Fatalf("Expected output to contain %q, got %q", expected, string(b))
+	}
+
+	config = struct {
+		Image       string
+		OomScoreAdj int
+	}{"busybox", -1001}
+	name = "oomscoreadj-low"
+	status, b, err = sockRequest("POST", "/containers/create?name="+name, config)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusInternalServerError)
+	expected = "Invalid value -1001, range for oom score adj is [-1000, 1000]."
+	if !strings.Contains(string(b), expected) {
+		c.Fatalf("Expected output to contain %q, got %q", expected, string(b))
+	}
+}
+
+// test case for #22210 where an emtpy container name caused panic.
+func (s *DockerSuite) TestContainerApiDeleteWithEmptyName(c *check.C) {
+	status, out, err := sockRequest("DELETE", "/containers/", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusBadRequest)
+	c.Assert(string(out), checker.Contains, "No container name or ID supplied")
+}
diff --git a/integration-cli/docker_api_create_test.go b/integration-cli/docker_api_create_test.go
new file mode 100644
index 00000000..d29b3550
--- /dev/null
+++ b/integration-cli/docker_api_create_test.go
@@ -0,0 +1,45 @@
+package main
+
+import (
+	"net/http"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestApiCreateWithNotExistImage(c *check.C) {
+	name := "test"
+	config := map[string]interface{}{
+		"Image":   "test456:v1",
+		"Volumes": map[string]struct{}{"/tmp": {}},
+	}
+
+	status, resp, err := sockRequest("POST", "/containers/create?name="+name, config)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusNotFound)
+	expected := "No such image: test456:v1"
+	c.Assert(strings.TrimSpace(string(resp)), checker.Contains, expected)
+
+	config2 := map[string]interface{}{
+		"Image":   "test456",
+		"Volumes": map[string]struct{}{"/tmp": {}},
+	}
+
+	status, resp, err = sockRequest("POST", "/containers/create?name="+name, config2)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusNotFound)
+	expected = "No such image: test456:latest"
+	c.Assert(strings.TrimSpace(string(resp)), checker.Equals, expected)
+
+	config3 := map[string]interface{}{
+		"Image": "sha256:0cb40641836c461bc97c793971d84d758371ed682042457523e4ae701efeaaaa",
+	}
+
+	status, resp, err = sockRequest("POST", "/containers/create?name="+name, config3)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusNotFound)
+	expected = "No such image: sha256:0cb40641836c461bc97c793971d84d758371ed682042457523e4ae701efeaaaa"
+	c.Assert(strings.TrimSpace(string(resp)), checker.Equals, expected)
+
+}
diff --git a/integration-cli/docker_api_events_test.go b/integration-cli/docker_api_events_test.go
new file mode 100644
index 00000000..cb219fbc
--- /dev/null
+++ b/integration-cli/docker_api_events_test.go
@@ -0,0 +1,73 @@
+package main
+
+import (
+	"encoding/json"
+	"io"
+	"net/http"
+	"net/url"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/jsonmessage"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestEventsApiEmptyOutput(c *check.C) {
+	type apiResp struct {
+		resp *http.Response
+		err  error
+	}
+	chResp := make(chan *apiResp)
+	go func() {
+		resp, body, err := sockRequestRaw("GET", "/events", nil, "")
+		body.Close()
+		chResp <- &apiResp{resp, err}
+	}()
+
+	select {
+	case r := <-chResp:
+		c.Assert(r.err, checker.IsNil)
+		c.Assert(r.resp.StatusCode, checker.Equals, http.StatusOK)
+	case <-time.After(3 * time.Second):
+		c.Fatal("timeout waiting for events api to respond, should have responded immediately")
+	}
+}
+
+func (s *DockerSuite) TestEventsApiBackwardsCompatible(c *check.C) {
+	since := daemonTime(c).Unix()
+	ts := strconv.FormatInt(since, 10)
+
+	out, _ := runSleepingContainer(c, "--name=foo", "-d")
+	containerID := strings.TrimSpace(out)
+	c.Assert(waitRun(containerID), checker.IsNil)
+
+	q := url.Values{}
+	q.Set("since", ts)
+
+	_, body, err := sockRequestRaw("GET", "/events?"+q.Encode(), nil, "")
+	c.Assert(err, checker.IsNil)
+	defer body.Close()
+
+	dec := json.NewDecoder(body)
+	var containerCreateEvent *jsonmessage.JSONMessage
+	for {
+		var event jsonmessage.JSONMessage
+		if err := dec.Decode(&event); err != nil {
+			if err == io.EOF {
+				break
+			}
+			c.Fatal(err)
+		}
+		if event.Status == "create" && event.ID == containerID {
+			containerCreateEvent = &event
+			break
+		}
+	}
+
+	c.Assert(containerCreateEvent, checker.Not(checker.IsNil))
+	c.Assert(containerCreateEvent.Status, checker.Equals, "create")
+	c.Assert(containerCreateEvent.ID, checker.Equals, containerID)
+	c.Assert(containerCreateEvent.From, checker.Equals, "busybox")
+}
diff --git a/integration-cli/docker_api_exec_resize_test.go b/integration-cli/docker_api_exec_resize_test.go
new file mode 100644
index 00000000..2c0c8766
--- /dev/null
+++ b/integration-cli/docker_api_exec_resize_test.go
@@ -0,0 +1,105 @@
+package main
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"strings"
+	"sync"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestExecResizeApiHeightWidthNoInt(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "top")
+	cleanedContainerID := strings.TrimSpace(out)
+
+	endpoint := "/exec/" + cleanedContainerID + "/resize?h=foo&w=bar"
+	status, _, err := sockRequest("POST", endpoint, nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusInternalServerError)
+}
+
+// Part of #14845
+func (s *DockerSuite) TestExecResizeImmediatelyAfterExecStart(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	name := "exec_resize_test"
+	dockerCmd(c, "run", "-d", "-i", "-t", "--name", name, "--restart", "always", "busybox", "/bin/sh")
+
+	testExecResize := func() error {
+		data := map[string]interface{}{
+			"AttachStdin": true,
+			"Cmd":         []string{"/bin/sh"},
+		}
+		uri := fmt.Sprintf("/containers/%s/exec", name)
+		status, body, err := sockRequest("POST", uri, data)
+		if err != nil {
+			return err
+		}
+		if status != http.StatusCreated {
+			return fmt.Errorf("POST %s is expected to return %d, got %d", uri, http.StatusCreated, status)
+		}
+
+		out := map[string]string{}
+		err = json.Unmarshal(body, &out)
+		if err != nil {
+			return fmt.Errorf("ExecCreate returned invalid json. Error: %q", err.Error())
+		}
+
+		execID := out["Id"]
+		if len(execID) < 1 {
+			return fmt.Errorf("ExecCreate got invalid execID")
+		}
+
+		payload := bytes.NewBufferString(`{"Tty":true}`)
+		conn, _, err := sockRequestHijack("POST", fmt.Sprintf("/exec/%s/start", execID), payload, "application/json")
+		if err != nil {
+			return fmt.Errorf("Failed to start the exec: %q", err.Error())
+		}
+		defer conn.Close()
+
+		_, rc, err := sockRequestRaw("POST", fmt.Sprintf("/exec/%s/resize?h=24&w=80", execID), nil, "text/plain")
+		// It's probably a panic of the daemon if io.ErrUnexpectedEOF is returned.
+		if err == io.ErrUnexpectedEOF {
+			return fmt.Errorf("The daemon might have crashed.")
+		}
+
+		if err == nil {
+			rc.Close()
+		}
+
+		// We only interested in the io.ErrUnexpectedEOF error, so we return nil otherwise.
+		return nil
+	}
+
+	// The panic happens when daemon.ContainerExecStart is called but the
+	// container.Exec is not called.
+	// Because the panic is not 100% reproducible, we send the requests concurrently
+	// to increase the probability that the problem is triggered.
+	var (
+		n  = 10
+		ch = make(chan error, n)
+		wg sync.WaitGroup
+	)
+	for i := 0; i < n; i++ {
+		wg.Add(1)
+		go func() {
+			defer wg.Done()
+			if err := testExecResize(); err != nil {
+				ch <- err
+			}
+		}()
+	}
+
+	wg.Wait()
+	select {
+	case err := <-ch:
+		c.Fatal(err.Error())
+	default:
+	}
+}
diff --git a/integration-cli/docker_api_exec_test.go b/integration-cli/docker_api_exec_test.go
new file mode 100644
index 00000000..f16582f4
--- /dev/null
+++ b/integration-cli/docker_api_exec_test.go
@@ -0,0 +1,183 @@
+// +build !test_no_exec
+
+package main
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+// Regression test for #9414
+func (s *DockerSuite) TestExecApiCreateNoCmd(c *check.C) {
+	name := "exec_test"
+	dockerCmd(c, "run", "-d", "-t", "--name", name, "busybox", "/bin/sh")
+
+	status, body, err := sockRequest("POST", fmt.Sprintf("/containers/%s/exec", name), map[string]interface{}{"Cmd": nil})
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusInternalServerError)
+
+	comment := check.Commentf("Expected message when creating exec command with no Cmd specified")
+	c.Assert(string(body), checker.Contains, "No exec command specified", comment)
+}
+
+func (s *DockerSuite) TestExecApiCreateNoValidContentType(c *check.C) {
+	name := "exec_test"
+	dockerCmd(c, "run", "-d", "-t", "--name", name, "busybox", "/bin/sh")
+
+	jsonData := bytes.NewBuffer(nil)
+	if err := json.NewEncoder(jsonData).Encode(map[string]interface{}{"Cmd": nil}); err != nil {
+		c.Fatalf("Can not encode data to json %s", err)
+	}
+
+	res, body, err := sockRequestRaw("POST", fmt.Sprintf("/containers/%s/exec", name), jsonData, "text/plain")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusInternalServerError)
+
+	b, err := readBody(body)
+	c.Assert(err, checker.IsNil)
+
+	comment := check.Commentf("Expected message when creating exec command with invalid Content-Type specified")
+	c.Assert(string(b), checker.Contains, "Content-Type specified", comment)
+}
+
+func (s *DockerSuite) TestExecApiCreateContainerPaused(c *check.C) {
+	// Not relevant on Windows as Windows containers cannot be paused
+	testRequires(c, DaemonIsLinux)
+	name := "exec_create_test"
+	dockerCmd(c, "run", "-d", "-t", "--name", name, "busybox", "/bin/sh")
+
+	dockerCmd(c, "pause", name)
+	status, body, err := sockRequest("POST", fmt.Sprintf("/containers/%s/exec", name), map[string]interface{}{"Cmd": []string{"true"}})
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusConflict)
+
+	comment := check.Commentf("Expected message when creating exec command with Container %s is paused", name)
+	c.Assert(string(body), checker.Contains, "Container "+name+" is paused, unpause the container before exec", comment)
+}
+
+func (s *DockerSuite) TestExecApiStart(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Uses pause/unpause but bits may be salvagable to Windows to Windows CI
+	dockerCmd(c, "run", "-d", "--name", "test", "busybox", "top")
+
+	id := createExec(c, "test")
+	startExec(c, id, http.StatusOK)
+
+	id = createExec(c, "test")
+	dockerCmd(c, "stop", "test")
+
+	startExec(c, id, http.StatusNotFound)
+
+	dockerCmd(c, "start", "test")
+	startExec(c, id, http.StatusNotFound)
+
+	// make sure exec is created before pausing
+	id = createExec(c, "test")
+	dockerCmd(c, "pause", "test")
+	startExec(c, id, http.StatusConflict)
+	dockerCmd(c, "unpause", "test")
+	startExec(c, id, http.StatusOK)
+}
+
+func (s *DockerSuite) TestExecApiStartBackwardsCompatible(c *check.C) {
+	runSleepingContainer(c, "-d", "--name", "test")
+	id := createExec(c, "test")
+
+	resp, body, err := sockRequestRaw("POST", fmt.Sprintf("/v1.20/exec/%s/start", id), strings.NewReader(`{"Detach": true}`), "text/plain")
+	c.Assert(err, checker.IsNil)
+
+	b, err := readBody(body)
+	comment := check.Commentf("response body: %s", b)
+	c.Assert(err, checker.IsNil, comment)
+	c.Assert(resp.StatusCode, checker.Equals, http.StatusOK, comment)
+}
+
+// #19362
+func (s *DockerSuite) TestExecApiStartMultipleTimesError(c *check.C) {
+	runSleepingContainer(c, "-d", "--name", "test")
+	execID := createExec(c, "test")
+	startExec(c, execID, http.StatusOK)
+
+	timeout := time.After(60 * time.Second)
+	var execJSON struct{ Running bool }
+	for {
+		select {
+		case <-timeout:
+			c.Fatal("timeout waiting for exec to start")
+		default:
+		}
+
+		inspectExec(c, execID, &execJSON)
+		if !execJSON.Running {
+			break
+		}
+	}
+
+	startExec(c, execID, http.StatusConflict)
+}
+
+// #20638
+func (s *DockerSuite) TestExecApiStartWithDetach(c *check.C) {
+	name := "foo"
+	runSleepingContainer(c, "-d", "-t", "--name", name)
+	data := map[string]interface{}{
+		"cmd":         []string{"true"},
+		"AttachStdin": true,
+	}
+	_, b, err := sockRequest("POST", fmt.Sprintf("/containers/%s/exec", name), data)
+	c.Assert(err, checker.IsNil, check.Commentf(string(b)))
+
+	createResp := struct {
+		ID string `json:"Id"`
+	}{}
+	c.Assert(json.Unmarshal(b, &createResp), checker.IsNil, check.Commentf(string(b)))
+
+	_, body, err := sockRequestRaw("POST", fmt.Sprintf("/exec/%s/start", createResp.ID), strings.NewReader(`{"Detach": true}`), "application/json")
+	c.Assert(err, checker.IsNil)
+
+	b, err = readBody(body)
+	comment := check.Commentf("response body: %s", b)
+	c.Assert(err, checker.IsNil, comment)
+
+	resp, _, err := sockRequestRaw("GET", "/_ping", nil, "")
+	c.Assert(err, checker.IsNil)
+	if resp.StatusCode != http.StatusOK {
+		c.Fatal("daemon is down, it should alive")
+	}
+}
+
+func createExec(c *check.C, name string) string {
+	_, b, err := sockRequest("POST", fmt.Sprintf("/containers/%s/exec", name), map[string]interface{}{"Cmd": []string{"true"}})
+	c.Assert(err, checker.IsNil, check.Commentf(string(b)))
+
+	createResp := struct {
+		ID string `json:"Id"`
+	}{}
+	c.Assert(json.Unmarshal(b, &createResp), checker.IsNil, check.Commentf(string(b)))
+	return createResp.ID
+}
+
+func startExec(c *check.C, id string, code int) {
+	resp, body, err := sockRequestRaw("POST", fmt.Sprintf("/exec/%s/start", id), strings.NewReader(`{"Detach": true}`), "application/json")
+	c.Assert(err, checker.IsNil)
+
+	b, err := readBody(body)
+	comment := check.Commentf("response body: %s", b)
+	c.Assert(err, checker.IsNil, comment)
+	c.Assert(resp.StatusCode, checker.Equals, code, comment)
+}
+
+func inspectExec(c *check.C, id string, out interface{}) {
+	resp, body, err := sockRequestRaw("GET", fmt.Sprintf("/exec/%s/json", id), nil, "")
+	c.Assert(err, checker.IsNil)
+	defer body.Close()
+	c.Assert(resp.StatusCode, checker.Equals, http.StatusOK)
+	err = json.NewDecoder(body).Decode(out)
+	c.Assert(err, checker.IsNil)
+}
diff --git a/integration-cli/docker_api_images_test.go b/integration-cli/docker_api_images_test.go
new file mode 100644
index 00000000..9d35b0c9
--- /dev/null
+++ b/integration-cli/docker_api_images_test.go
@@ -0,0 +1,129 @@
+package main
+
+import (
+	"encoding/json"
+	"net/http"
+	"net/url"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/engine-api/types"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestApiImagesFilter(c *check.C) {
+	name := "utest:tag1"
+	name2 := "utest/docker:tag2"
+	name3 := "utest:5000/docker:tag3"
+	for _, n := range []string{name, name2, name3} {
+		dockerCmd(c, "tag", "busybox", n)
+	}
+	type image types.Image
+	getImages := func(filter string) []image {
+		v := url.Values{}
+		v.Set("filter", filter)
+		status, b, err := sockRequest("GET", "/images/json?"+v.Encode(), nil)
+		c.Assert(err, checker.IsNil)
+		c.Assert(status, checker.Equals, http.StatusOK)
+
+		var images []image
+		err = json.Unmarshal(b, &images)
+		c.Assert(err, checker.IsNil)
+
+		return images
+	}
+
+	//incorrect number of matches returned
+	images := getImages("utest*/*")
+	c.Assert(images[0].RepoTags, checker.HasLen, 2)
+
+	images = getImages("utest")
+	c.Assert(images[0].RepoTags, checker.HasLen, 1)
+
+	images = getImages("utest*")
+	c.Assert(images[0].RepoTags, checker.HasLen, 1)
+
+	images = getImages("*5000*/*")
+	c.Assert(images[0].RepoTags, checker.HasLen, 1)
+}
+
+func (s *DockerSuite) TestApiImagesSaveAndLoad(c *check.C) {
+	// TODO Windows to Windows CI: Investigate further why this test fails.
+	testRequires(c, Network)
+	testRequires(c, DaemonIsLinux)
+	out, err := buildImage("saveandload", "FROM busybox\nENV FOO bar", false)
+	c.Assert(err, checker.IsNil)
+	id := strings.TrimSpace(out)
+
+	res, body, err := sockRequestRaw("GET", "/images/"+id+"/get", nil, "")
+	c.Assert(err, checker.IsNil)
+	defer body.Close()
+	c.Assert(res.StatusCode, checker.Equals, http.StatusOK)
+
+	dockerCmd(c, "rmi", id)
+
+	res, loadBody, err := sockRequestRaw("POST", "/images/load", body, "application/x-tar")
+	c.Assert(err, checker.IsNil)
+	defer loadBody.Close()
+	c.Assert(res.StatusCode, checker.Equals, http.StatusOK)
+
+	inspectOut := inspectField(c, id, "Id")
+	c.Assert(strings.TrimSpace(string(inspectOut)), checker.Equals, id, check.Commentf("load did not work properly"))
+}
+
+func (s *DockerSuite) TestApiImagesDelete(c *check.C) {
+	if daemonPlatform != "windows" {
+		testRequires(c, Network)
+	}
+	name := "test-api-images-delete"
+	out, err := buildImage(name, "FROM busybox\nENV FOO bar", false)
+	c.Assert(err, checker.IsNil)
+	id := strings.TrimSpace(out)
+
+	dockerCmd(c, "tag", name, "test:tag1")
+
+	status, _, err := sockRequest("DELETE", "/images/"+id, nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusConflict)
+
+	status, _, err = sockRequest("DELETE", "/images/test:noexist", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNotFound) //Status Codes:404 – no such image
+
+	status, _, err = sockRequest("DELETE", "/images/test:tag1", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+}
+
+func (s *DockerSuite) TestApiImagesHistory(c *check.C) {
+	if daemonPlatform != "windows" {
+		testRequires(c, Network)
+	}
+	name := "test-api-images-history"
+	out, err := buildImage(name, "FROM busybox\nENV FOO bar", false)
+	c.Assert(err, checker.IsNil)
+
+	id := strings.TrimSpace(out)
+
+	status, body, err := sockRequest("GET", "/images/"+id+"/history", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+
+	var historydata []types.ImageHistory
+	err = json.Unmarshal(body, &historydata)
+	c.Assert(err, checker.IsNil, check.Commentf("Error on unmarshal"))
+
+	c.Assert(historydata, checker.Not(checker.HasLen), 0)
+	c.Assert(historydata[0].Tags[0], checker.Equals, "test-api-images-history:latest")
+}
+
+// #14846
+func (s *DockerSuite) TestApiImagesSearchJSONContentType(c *check.C) {
+	testRequires(c, Network)
+
+	res, b, err := sockRequestRaw("GET", "/images/search?term=test", nil, "application/json")
+	c.Assert(err, check.IsNil)
+	b.Close()
+	c.Assert(res.StatusCode, checker.Equals, http.StatusOK)
+	c.Assert(res.Header.Get("Content-Type"), checker.Equals, "application/json")
+}
diff --git a/integration-cli/docker_api_info_test.go b/integration-cli/docker_api_info_test.go
new file mode 100644
index 00000000..9e6af66e
--- /dev/null
+++ b/integration-cli/docker_api_info_test.go
@@ -0,0 +1,40 @@
+package main
+
+import (
+	"net/http"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestInfoApi(c *check.C) {
+	endpoint := "/info"
+
+	status, body, err := sockRequest("GET", endpoint, nil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+	c.Assert(err, checker.IsNil)
+
+	// always shown fields
+	stringsToCheck := []string{
+		"ID",
+		"Containers",
+		"ContainersRunning",
+		"ContainersPaused",
+		"ContainersStopped",
+		"Images",
+		"ExecutionDriver",
+		"LoggingDriver",
+		"OperatingSystem",
+		"NCPU",
+		"OSType",
+		"Architecture",
+		"MemTotal",
+		"KernelVersion",
+		"Driver",
+		"ServerVersion"}
+
+	out := string(body)
+	for _, linePrefix := range stringsToCheck {
+		c.Assert(out, checker.Contains, linePrefix)
+	}
+}
diff --git a/integration-cli/docker_api_inspect_test.go b/integration-cli/docker_api_inspect_test.go
new file mode 100644
index 00000000..6b55159a
--- /dev/null
+++ b/integration-cli/docker_api_inspect_test.go
@@ -0,0 +1,183 @@
+package main
+
+import (
+	"encoding/json"
+	"net/http"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/stringutils"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/versions/v1p20"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestInspectApiContainerResponse(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "true")
+
+	cleanedContainerID := strings.TrimSpace(out)
+	keysBase := []string{"Id", "State", "Created", "Path", "Args", "Config", "Image", "NetworkSettings",
+		"ResolvConfPath", "HostnamePath", "HostsPath", "LogPath", "Name", "Driver", "MountLabel", "ProcessLabel", "GraphDriver"}
+
+	type acase struct {
+		version string
+		keys    []string
+	}
+
+	var cases []acase
+
+	if daemonPlatform == "windows" {
+		cases = []acase{
+			{"v1.20", append(keysBase, "Mounts")},
+		}
+
+	} else {
+		cases = []acase{
+			{"v1.20", append(keysBase, "Mounts")},
+			{"v1.19", append(keysBase, "Volumes", "VolumesRW")},
+		}
+	}
+
+	for _, cs := range cases {
+		body := getInspectBody(c, cs.version, cleanedContainerID)
+
+		var inspectJSON map[string]interface{}
+		err := json.Unmarshal(body, &inspectJSON)
+		c.Assert(err, checker.IsNil, check.Commentf("Unable to unmarshal body for version %s", cs.version))
+
+		for _, key := range cs.keys {
+			_, ok := inspectJSON[key]
+			c.Check(ok, checker.True, check.Commentf("%s does not exist in response for version %s", key, cs.version))
+		}
+
+		//Issue #6830: type not properly converted to JSON/back
+		_, ok := inspectJSON["Path"].(bool)
+		c.Assert(ok, checker.False, check.Commentf("Path of `true` should not be converted to boolean `true` via JSON marshalling"))
+	}
+}
+
+func (s *DockerSuite) TestInspectApiContainerVolumeDriverLegacy(c *check.C) {
+	// No legacy implications for Windows
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "true")
+
+	cleanedContainerID := strings.TrimSpace(out)
+
+	cases := []string{"v1.19", "v1.20"}
+	for _, version := range cases {
+		body := getInspectBody(c, version, cleanedContainerID)
+
+		var inspectJSON map[string]interface{}
+		err := json.Unmarshal(body, &inspectJSON)
+		c.Assert(err, checker.IsNil, check.Commentf("Unable to unmarshal body for version %s", version))
+
+		config, ok := inspectJSON["Config"]
+		c.Assert(ok, checker.True, check.Commentf("Unable to find 'Config'"))
+		cfg := config.(map[string]interface{})
+		_, ok = cfg["VolumeDriver"]
+		c.Assert(ok, checker.True, check.Commentf("Api version %s expected to include VolumeDriver in 'Config'", version))
+	}
+}
+
+func (s *DockerSuite) TestInspectApiContainerVolumeDriver(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "--volume-driver", "local", "busybox", "true")
+
+	cleanedContainerID := strings.TrimSpace(out)
+
+	body := getInspectBody(c, "v1.21", cleanedContainerID)
+
+	var inspectJSON map[string]interface{}
+	err := json.Unmarshal(body, &inspectJSON)
+	c.Assert(err, checker.IsNil, check.Commentf("Unable to unmarshal body for version 1.21"))
+
+	config, ok := inspectJSON["Config"]
+	c.Assert(ok, checker.True, check.Commentf("Unable to find 'Config'"))
+	cfg := config.(map[string]interface{})
+	_, ok = cfg["VolumeDriver"]
+	c.Assert(ok, checker.False, check.Commentf("Api version 1.21 expected to not include VolumeDriver in 'Config'"))
+
+	config, ok = inspectJSON["HostConfig"]
+	c.Assert(ok, checker.True, check.Commentf("Unable to find 'Config'"))
+	cfg = config.(map[string]interface{})
+	_, ok = cfg["VolumeDriver"]
+	c.Assert(ok, checker.True, check.Commentf("Api version 1.21 expected to include VolumeDriver in 'HostConfig'"))
+}
+
+func (s *DockerSuite) TestInspectApiImageResponse(c *check.C) {
+	dockerCmd(c, "tag", "busybox:latest", "busybox:mytag")
+
+	endpoint := "/images/busybox/json"
+	status, body, err := sockRequest("GET", endpoint, nil)
+
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+
+	var imageJSON types.ImageInspect
+	err = json.Unmarshal(body, &imageJSON)
+	c.Assert(err, checker.IsNil, check.Commentf("Unable to unmarshal body for latest version"))
+	c.Assert(imageJSON.RepoTags, checker.HasLen, 2)
+
+	c.Assert(stringutils.InSlice(imageJSON.RepoTags, "busybox:latest"), checker.Equals, true)
+	c.Assert(stringutils.InSlice(imageJSON.RepoTags, "busybox:mytag"), checker.Equals, true)
+}
+
+// #17131, #17139, #17173
+func (s *DockerSuite) TestInspectApiEmptyFieldsInConfigPre121(c *check.C) {
+	// Not relevant on Windows
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "true")
+
+	cleanedContainerID := strings.TrimSpace(out)
+
+	cases := []string{"v1.19", "v1.20"}
+	for _, version := range cases {
+		body := getInspectBody(c, version, cleanedContainerID)
+
+		var inspectJSON map[string]interface{}
+		err := json.Unmarshal(body, &inspectJSON)
+		c.Assert(err, checker.IsNil, check.Commentf("Unable to unmarshal body for version %s", version))
+		config, ok := inspectJSON["Config"]
+		c.Assert(ok, checker.True, check.Commentf("Unable to find 'Config'"))
+		cfg := config.(map[string]interface{})
+		for _, f := range []string{"MacAddress", "NetworkDisabled", "ExposedPorts"} {
+			_, ok := cfg[f]
+			c.Check(ok, checker.True, check.Commentf("Api version %s expected to include %s in 'Config'", version, f))
+		}
+	}
+}
+
+func (s *DockerSuite) TestInspectApiBridgeNetworkSettings120(c *check.C) {
+	// Not relevant on Windows, and besides it doesn't have any bridge network settings
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "top")
+	containerID := strings.TrimSpace(out)
+	waitRun(containerID)
+
+	body := getInspectBody(c, "v1.20", containerID)
+
+	var inspectJSON v1p20.ContainerJSON
+	err := json.Unmarshal(body, &inspectJSON)
+	c.Assert(err, checker.IsNil)
+
+	settings := inspectJSON.NetworkSettings
+	c.Assert(settings.IPAddress, checker.Not(checker.HasLen), 0)
+}
+
+func (s *DockerSuite) TestInspectApiBridgeNetworkSettings121(c *check.C) {
+	// Windows doesn't have any bridge network settings
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "top")
+	containerID := strings.TrimSpace(out)
+	waitRun(containerID)
+
+	body := getInspectBody(c, "v1.21", containerID)
+
+	var inspectJSON types.ContainerJSON
+	err := json.Unmarshal(body, &inspectJSON)
+	c.Assert(err, checker.IsNil)
+
+	settings := inspectJSON.NetworkSettings
+	c.Assert(settings.IPAddress, checker.Not(checker.HasLen), 0)
+	c.Assert(settings.Networks["bridge"], checker.Not(checker.IsNil))
+	c.Assert(settings.IPAddress, checker.Equals, settings.Networks["bridge"].IPAddress)
+}
diff --git a/integration-cli/docker_api_inspect_unix_test.go b/integration-cli/docker_api_inspect_unix_test.go
new file mode 100644
index 00000000..fe59860d
--- /dev/null
+++ b/integration-cli/docker_api_inspect_unix_test.go
@@ -0,0 +1,35 @@
+// +build !windows
+
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+// #16665
+func (s *DockerSuite) TestInspectApiCpusetInConfigPre120(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, cgroupCpuset)
+
+	name := "cpusetinconfig-pre120"
+	dockerCmd(c, "run", "--name", name, "--cpuset-cpus", "0", "busybox", "true")
+
+	status, body, err := sockRequest("GET", fmt.Sprintf("/v1.19/containers/%s/json", name), nil)
+	c.Assert(status, check.Equals, http.StatusOK)
+	c.Assert(err, check.IsNil)
+
+	var inspectJSON map[string]interface{}
+	err = json.Unmarshal(body, &inspectJSON)
+	c.Assert(err, checker.IsNil, check.Commentf("unable to unmarshal body for version 1.19"))
+
+	config, ok := inspectJSON["Config"]
+	c.Assert(ok, checker.True, check.Commentf("Unable to find 'Config'"))
+	cfg := config.(map[string]interface{})
+	_, ok = cfg["Cpuset"]
+	c.Assert(ok, checker.True, check.Commentf("Api version 1.19 expected to include Cpuset in 'Config'"))
+}
diff --git a/integration-cli/docker_api_logs_test.go b/integration-cli/docker_api_logs_test.go
new file mode 100644
index 00000000..2ff27f8e
--- /dev/null
+++ b/integration-cli/docker_api_logs_test.go
@@ -0,0 +1,89 @@
+package main
+
+import (
+	"bufio"
+	"bytes"
+	"fmt"
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestLogsApiWithStdout(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "-t", "busybox", "/bin/sh", "-c", "while true; do echo hello; sleep 1; done")
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), checker.IsNil)
+
+	type logOut struct {
+		out string
+		res *http.Response
+		err error
+	}
+	chLog := make(chan logOut)
+
+	go func() {
+		res, body, err := sockRequestRaw("GET", fmt.Sprintf("/containers/%s/logs?follow=1&stdout=1&timestamps=1", id), nil, "")
+		if err != nil {
+			chLog <- logOut{"", nil, err}
+			return
+		}
+		defer body.Close()
+		out, err := bufio.NewReader(body).ReadString('\n')
+		if err != nil {
+			chLog <- logOut{"", nil, err}
+			return
+		}
+		chLog <- logOut{strings.TrimSpace(out), res, err}
+	}()
+
+	select {
+	case l := <-chLog:
+		c.Assert(l.err, checker.IsNil)
+		c.Assert(l.res.StatusCode, checker.Equals, http.StatusOK)
+		if !strings.HasSuffix(l.out, "hello") {
+			c.Fatalf("expected log output to container 'hello', but it does not")
+		}
+	case <-time.After(20 * time.Second):
+		c.Fatal("timeout waiting for logs to exit")
+	}
+}
+
+func (s *DockerSuite) TestLogsApiNoStdoutNorStderr(c *check.C) {
+	name := "logs_test"
+	dockerCmd(c, "run", "-d", "-t", "--name", name, "busybox", "/bin/sh")
+
+	status, body, err := sockRequest("GET", fmt.Sprintf("/containers/%s/logs", name), nil)
+	c.Assert(status, checker.Equals, http.StatusBadRequest)
+	c.Assert(err, checker.IsNil)
+
+	expected := "Bad parameters: you must choose at least one stream"
+	if !bytes.Contains(body, []byte(expected)) {
+		c.Fatalf("Expected %s, got %s", expected, string(body[:]))
+	}
+}
+
+// Regression test for #12704
+func (s *DockerSuite) TestLogsApiFollowEmptyOutput(c *check.C) {
+	name := "logs_test"
+	t0 := time.Now()
+	dockerCmd(c, "run", "-d", "-t", "--name", name, "busybox", "sleep", "10")
+
+	_, body, err := sockRequestRaw("GET", fmt.Sprintf("/containers/%s/logs?follow=1&stdout=1&stderr=1&tail=all", name), bytes.NewBuffer(nil), "")
+	t1 := time.Now()
+	c.Assert(err, checker.IsNil)
+	body.Close()
+	elapsed := t1.Sub(t0).Seconds()
+	if elapsed > 20.0 {
+		c.Fatalf("HTTP response was not immediate (elapsed %.1fs)", elapsed)
+	}
+}
+
+func (s *DockerSuite) TestLogsApiContainerNotFound(c *check.C) {
+	name := "nonExistentContainer"
+	resp, _, err := sockRequestRaw("GET", fmt.Sprintf("/containers/%s/logs?follow=1&stdout=1&stderr=1&tail=all", name), bytes.NewBuffer(nil), "")
+	c.Assert(err, checker.IsNil)
+	c.Assert(resp.StatusCode, checker.Equals, http.StatusNotFound)
+}
diff --git a/integration-cli/docker_api_network_test.go b/integration-cli/docker_api_network_test.go
new file mode 100644
index 00000000..e65c7b5e
--- /dev/null
+++ b/integration-cli/docker_api_network_test.go
@@ -0,0 +1,337 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"net"
+	"net/http"
+	"net/url"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/filters"
+	"github.com/docker/engine-api/types/network"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestApiNetworkGetDefaults(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	// By default docker daemon creates 3 networks. check if they are present
+	defaults := []string{"bridge", "host", "none"}
+	for _, nn := range defaults {
+		c.Assert(isNetworkAvailable(c, nn), checker.Equals, true)
+	}
+}
+
+func (s *DockerSuite) TestApiNetworkCreateDelete(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	// Create a network
+	name := "testnetwork"
+	config := types.NetworkCreate{
+		Name:           name,
+		CheckDuplicate: true,
+	}
+	id := createNetwork(c, config, true)
+	c.Assert(isNetworkAvailable(c, name), checker.Equals, true)
+
+	// delete the network and make sure it is deleted
+	deleteNetwork(c, id, true)
+	c.Assert(isNetworkAvailable(c, name), checker.Equals, false)
+}
+
+func (s *DockerSuite) TestApiNetworkCreateCheckDuplicate(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testcheckduplicate"
+	configOnCheck := types.NetworkCreate{
+		Name:           name,
+		CheckDuplicate: true,
+	}
+	configNotCheck := types.NetworkCreate{
+		Name:           name,
+		CheckDuplicate: false,
+	}
+
+	// Creating a new network first
+	createNetwork(c, configOnCheck, true)
+	c.Assert(isNetworkAvailable(c, name), checker.Equals, true)
+
+	// Creating another network with same name and CheckDuplicate must fail
+	createNetwork(c, configOnCheck, false)
+
+	// Creating another network with same name and not CheckDuplicate must succeed
+	createNetwork(c, configNotCheck, true)
+}
+
+func (s *DockerSuite) TestApiNetworkFilter(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	nr := getNetworkResource(c, getNetworkIDByName(c, "bridge"))
+	c.Assert(nr.Name, checker.Equals, "bridge")
+}
+
+func (s *DockerSuite) TestApiNetworkInspect(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	// Inspect default bridge network
+	nr := getNetworkResource(c, "bridge")
+	c.Assert(nr.Name, checker.Equals, "bridge")
+
+	// run a container and attach it to the default bridge network
+	out, _ := dockerCmd(c, "run", "-d", "--name", "test", "busybox", "top")
+	containerID := strings.TrimSpace(out)
+	containerIP := findContainerIP(c, "test", "bridge")
+
+	// inspect default bridge network again and make sure the container is connected
+	nr = getNetworkResource(c, nr.ID)
+	c.Assert(nr.Driver, checker.Equals, "bridge")
+	c.Assert(nr.Scope, checker.Equals, "local")
+	c.Assert(nr.Internal, checker.Equals, false)
+	c.Assert(nr.EnableIPv6, checker.Equals, false)
+	c.Assert(nr.IPAM.Driver, checker.Equals, "default")
+	c.Assert(len(nr.Containers), checker.Equals, 1)
+	c.Assert(nr.Containers[containerID], checker.NotNil)
+
+	ip, _, err := net.ParseCIDR(nr.Containers[containerID].IPv4Address)
+	c.Assert(err, checker.IsNil)
+	c.Assert(ip.String(), checker.Equals, containerIP)
+
+	// IPAM configuration inspect
+	ipam := network.IPAM{
+		Driver: "default",
+		Config: []network.IPAMConfig{{Subnet: "172.28.0.0/16", IPRange: "172.28.5.0/24", Gateway: "172.28.5.254"}},
+	}
+	config := types.NetworkCreate{
+		Name:    "br0",
+		Driver:  "bridge",
+		IPAM:    ipam,
+		Options: map[string]string{"foo": "bar", "opts": "dopts"},
+	}
+	id0 := createNetwork(c, config, true)
+	c.Assert(isNetworkAvailable(c, "br0"), checker.Equals, true)
+
+	nr = getNetworkResource(c, id0)
+	c.Assert(len(nr.IPAM.Config), checker.Equals, 1)
+	c.Assert(nr.IPAM.Config[0].Subnet, checker.Equals, "172.28.0.0/16")
+	c.Assert(nr.IPAM.Config[0].IPRange, checker.Equals, "172.28.5.0/24")
+	c.Assert(nr.IPAM.Config[0].Gateway, checker.Equals, "172.28.5.254")
+	c.Assert(nr.Options["foo"], checker.Equals, "bar")
+	c.Assert(nr.Options["opts"], checker.Equals, "dopts")
+
+	// delete the network and make sure it is deleted
+	deleteNetwork(c, id0, true)
+	c.Assert(isNetworkAvailable(c, "br0"), checker.Equals, false)
+}
+
+func (s *DockerSuite) TestApiNetworkConnectDisconnect(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	// Create test network
+	name := "testnetwork"
+	config := types.NetworkCreate{
+		Name: name,
+	}
+	id := createNetwork(c, config, true)
+	nr := getNetworkResource(c, id)
+	c.Assert(nr.Name, checker.Equals, name)
+	c.Assert(nr.ID, checker.Equals, id)
+	c.Assert(len(nr.Containers), checker.Equals, 0)
+
+	// run a container
+	out, _ := dockerCmd(c, "run", "-d", "--name", "test", "busybox", "top")
+	containerID := strings.TrimSpace(out)
+
+	// connect the container to the test network
+	connectNetwork(c, nr.ID, containerID)
+
+	// inspect the network to make sure container is connected
+	nr = getNetworkResource(c, nr.ID)
+	c.Assert(len(nr.Containers), checker.Equals, 1)
+	c.Assert(nr.Containers[containerID], checker.NotNil)
+
+	// check if container IP matches network inspect
+	ip, _, err := net.ParseCIDR(nr.Containers[containerID].IPv4Address)
+	c.Assert(err, checker.IsNil)
+	containerIP := findContainerIP(c, "test", "testnetwork")
+	c.Assert(ip.String(), checker.Equals, containerIP)
+
+	// disconnect container from the network
+	disconnectNetwork(c, nr.ID, containerID)
+	nr = getNetworkResource(c, nr.ID)
+	c.Assert(nr.Name, checker.Equals, name)
+	c.Assert(len(nr.Containers), checker.Equals, 0)
+
+	// delete the network
+	deleteNetwork(c, nr.ID, true)
+}
+
+func (s *DockerSuite) TestApiNetworkIpamMultipleBridgeNetworks(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	// test0 bridge network
+	ipam0 := network.IPAM{
+		Driver: "default",
+		Config: []network.IPAMConfig{{Subnet: "192.178.0.0/16", IPRange: "192.178.128.0/17", Gateway: "192.178.138.100"}},
+	}
+	config0 := types.NetworkCreate{
+		Name:   "test0",
+		Driver: "bridge",
+		IPAM:   ipam0,
+	}
+	id0 := createNetwork(c, config0, true)
+	c.Assert(isNetworkAvailable(c, "test0"), checker.Equals, true)
+
+	ipam1 := network.IPAM{
+		Driver: "default",
+		Config: []network.IPAMConfig{{Subnet: "192.178.128.0/17", Gateway: "192.178.128.1"}},
+	}
+	// test1 bridge network overlaps with test0
+	config1 := types.NetworkCreate{
+		Name:   "test1",
+		Driver: "bridge",
+		IPAM:   ipam1,
+	}
+	createNetwork(c, config1, false)
+	c.Assert(isNetworkAvailable(c, "test1"), checker.Equals, false)
+
+	ipam2 := network.IPAM{
+		Driver: "default",
+		Config: []network.IPAMConfig{{Subnet: "192.169.0.0/16", Gateway: "192.169.100.100"}},
+	}
+	// test2 bridge network does not overlap
+	config2 := types.NetworkCreate{
+		Name:   "test2",
+		Driver: "bridge",
+		IPAM:   ipam2,
+	}
+	createNetwork(c, config2, true)
+	c.Assert(isNetworkAvailable(c, "test2"), checker.Equals, true)
+
+	// remove test0 and retry to create test1
+	deleteNetwork(c, id0, true)
+	createNetwork(c, config1, true)
+	c.Assert(isNetworkAvailable(c, "test1"), checker.Equals, true)
+
+	// for networks w/o ipam specified, docker will choose proper non-overlapping subnets
+	createNetwork(c, types.NetworkCreate{Name: "test3"}, true)
+	c.Assert(isNetworkAvailable(c, "test3"), checker.Equals, true)
+	createNetwork(c, types.NetworkCreate{Name: "test4"}, true)
+	c.Assert(isNetworkAvailable(c, "test4"), checker.Equals, true)
+	createNetwork(c, types.NetworkCreate{Name: "test5"}, true)
+	c.Assert(isNetworkAvailable(c, "test5"), checker.Equals, true)
+
+	for i := 1; i < 6; i++ {
+		deleteNetwork(c, fmt.Sprintf("test%d", i), true)
+	}
+}
+
+func (s *DockerSuite) TestApiCreateDeletePredefinedNetworks(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	createDeletePredefinedNetwork(c, "bridge")
+	createDeletePredefinedNetwork(c, "none")
+	createDeletePredefinedNetwork(c, "host")
+}
+
+func createDeletePredefinedNetwork(c *check.C, name string) {
+	// Create pre-defined network
+	config := types.NetworkCreate{
+		Name:           name,
+		CheckDuplicate: true,
+	}
+	shouldSucceed := false
+	createNetwork(c, config, shouldSucceed)
+	deleteNetwork(c, name, shouldSucceed)
+}
+
+func isNetworkAvailable(c *check.C, name string) bool {
+	status, body, err := sockRequest("GET", "/networks", nil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+	c.Assert(err, checker.IsNil)
+
+	nJSON := []types.NetworkResource{}
+	err = json.Unmarshal(body, &nJSON)
+	c.Assert(err, checker.IsNil)
+
+	for _, n := range nJSON {
+		if n.Name == name {
+			return true
+		}
+	}
+	return false
+}
+
+func getNetworkIDByName(c *check.C, name string) string {
+	var (
+		v          = url.Values{}
+		filterArgs = filters.NewArgs()
+	)
+	filterArgs.Add("name", name)
+	filterJSON, err := filters.ToParam(filterArgs)
+	c.Assert(err, checker.IsNil)
+	v.Set("filters", filterJSON)
+
+	status, body, err := sockRequest("GET", "/networks?"+v.Encode(), nil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+	c.Assert(err, checker.IsNil)
+
+	nJSON := []types.NetworkResource{}
+	err = json.Unmarshal(body, &nJSON)
+	c.Assert(err, checker.IsNil)
+	c.Assert(len(nJSON), checker.Equals, 1)
+
+	return nJSON[0].ID
+}
+
+func getNetworkResource(c *check.C, id string) *types.NetworkResource {
+	_, obj, err := sockRequest("GET", "/networks/"+id, nil)
+	c.Assert(err, checker.IsNil)
+
+	nr := types.NetworkResource{}
+	err = json.Unmarshal(obj, &nr)
+	c.Assert(err, checker.IsNil)
+
+	return &nr
+}
+
+func createNetwork(c *check.C, config types.NetworkCreate, shouldSucceed bool) string {
+	status, resp, err := sockRequest("POST", "/networks/create", config)
+	if !shouldSucceed {
+		c.Assert(status, checker.Not(checker.Equals), http.StatusCreated)
+		return ""
+	}
+
+	c.Assert(status, checker.Equals, http.StatusCreated)
+	c.Assert(err, checker.IsNil)
+
+	var nr types.NetworkCreateResponse
+	err = json.Unmarshal(resp, &nr)
+	c.Assert(err, checker.IsNil)
+
+	return nr.ID
+}
+
+func connectNetwork(c *check.C, nid, cid string) {
+	config := types.NetworkConnect{
+		Container: cid,
+	}
+
+	status, _, err := sockRequest("POST", "/networks/"+nid+"/connect", config)
+	c.Assert(status, checker.Equals, http.StatusOK)
+	c.Assert(err, checker.IsNil)
+}
+
+func disconnectNetwork(c *check.C, nid, cid string) {
+	config := types.NetworkConnect{
+		Container: cid,
+	}
+
+	status, _, err := sockRequest("POST", "/networks/"+nid+"/disconnect", config)
+	c.Assert(status, checker.Equals, http.StatusOK)
+	c.Assert(err, checker.IsNil)
+}
+
+func deleteNetwork(c *check.C, id string, shouldSucceed bool) {
+	status, _, err := sockRequest("DELETE", "/networks/"+id, nil)
+	if !shouldSucceed {
+		c.Assert(status, checker.Not(checker.Equals), http.StatusOK)
+		return
+	}
+	c.Assert(status, checker.Equals, http.StatusNoContent)
+	c.Assert(err, checker.IsNil)
+}
diff --git a/integration-cli/docker_api_resize_test.go b/integration-cli/docker_api_resize_test.go
new file mode 100644
index 00000000..73023dd2
--- /dev/null
+++ b/integration-cli/docker_api_resize_test.go
@@ -0,0 +1,44 @@
+package main
+
+import (
+	"net/http"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestResizeApiResponse(c *check.C) {
+	out, _ := runSleepingContainer(c, "-d")
+	cleanedContainerID := strings.TrimSpace(out)
+
+	endpoint := "/containers/" + cleanedContainerID + "/resize?h=40&w=40"
+	status, _, err := sockRequest("POST", endpoint, nil)
+	c.Assert(status, check.Equals, http.StatusOK)
+	c.Assert(err, check.IsNil)
+}
+
+func (s *DockerSuite) TestResizeApiHeightWidthNoInt(c *check.C) {
+	out, _ := runSleepingContainer(c, "-d")
+	cleanedContainerID := strings.TrimSpace(out)
+
+	endpoint := "/containers/" + cleanedContainerID + "/resize?h=foo&w=bar"
+	status, _, err := sockRequest("POST", endpoint, nil)
+	c.Assert(status, check.Equals, http.StatusInternalServerError)
+	c.Assert(err, check.IsNil)
+}
+
+func (s *DockerSuite) TestResizeApiResponseWhenContainerNotStarted(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "true")
+	cleanedContainerID := strings.TrimSpace(out)
+
+	// make sure the exited container is not running
+	dockerCmd(c, "wait", cleanedContainerID)
+
+	endpoint := "/containers/" + cleanedContainerID + "/resize?h=40&w=40"
+	status, body, err := sockRequest("POST", endpoint, nil)
+	c.Assert(status, check.Equals, http.StatusInternalServerError)
+	c.Assert(err, check.IsNil)
+
+	c.Assert(string(body), checker.Contains, "is not running", check.Commentf("resize should fail with message 'Container is not running'"))
+}
diff --git a/integration-cli/docker_api_stats_test.go b/integration-cli/docker_api_stats_test.go
new file mode 100644
index 00000000..7c3f8d39
--- /dev/null
+++ b/integration-cli/docker_api_stats_test.go
@@ -0,0 +1,257 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"os/exec"
+	"runtime"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/version"
+	"github.com/docker/engine-api/types"
+	"github.com/go-check/check"
+)
+
+var expectedNetworkInterfaceStats = strings.Split("rx_bytes rx_dropped rx_errors rx_packets tx_bytes tx_dropped tx_errors tx_packets", " ")
+
+func (s *DockerSuite) TestApiStatsNoStreamGetCpu(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "while true;do echo 'Hello'; usleep 100000; done")
+
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), checker.IsNil)
+
+	resp, body, err := sockRequestRaw("GET", fmt.Sprintf("/containers/%s/stats?stream=false", id), nil, "")
+	c.Assert(err, checker.IsNil)
+	c.Assert(resp.StatusCode, checker.Equals, http.StatusOK)
+	c.Assert(resp.Header.Get("Content-Type"), checker.Equals, "application/json")
+
+	var v *types.Stats
+	err = json.NewDecoder(body).Decode(&v)
+	c.Assert(err, checker.IsNil)
+	body.Close()
+
+	var cpuPercent = 0.0
+	cpuDelta := float64(v.CPUStats.CPUUsage.TotalUsage - v.PreCPUStats.CPUUsage.TotalUsage)
+	systemDelta := float64(v.CPUStats.SystemUsage - v.PreCPUStats.SystemUsage)
+	cpuPercent = (cpuDelta / systemDelta) * float64(len(v.CPUStats.CPUUsage.PercpuUsage)) * 100.0
+
+	c.Assert(cpuPercent, check.Not(checker.Equals), 0.0, check.Commentf("docker stats with no-stream get cpu usage failed: was %v", cpuPercent))
+}
+
+func (s *DockerSuite) TestApiStatsStoppedContainerInGoroutines(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "echo 1")
+	id := strings.TrimSpace(out)
+
+	getGoRoutines := func() int {
+		_, body, err := sockRequestRaw("GET", fmt.Sprintf("/info"), nil, "")
+		c.Assert(err, checker.IsNil)
+		info := types.Info{}
+		err = json.NewDecoder(body).Decode(&info)
+		c.Assert(err, checker.IsNil)
+		body.Close()
+		return info.NGoroutines
+	}
+
+	// When the HTTP connection is closed, the number of goroutines should not increase.
+	routines := getGoRoutines()
+	_, body, err := sockRequestRaw("GET", fmt.Sprintf("/containers/%s/stats", id), nil, "")
+	c.Assert(err, checker.IsNil)
+	body.Close()
+
+	t := time.After(30 * time.Second)
+	for {
+		select {
+		case <-t:
+			c.Assert(getGoRoutines(), checker.LessOrEqualThan, routines)
+			return
+		default:
+			if n := getGoRoutines(); n <= routines {
+				return
+			}
+			time.Sleep(200 * time.Millisecond)
+		}
+	}
+}
+
+func (s *DockerSuite) TestApiStatsNetworkStats(c *check.C) {
+	testRequires(c, SameHostDaemon)
+	testRequires(c, DaemonIsLinux)
+
+	out, _ := runSleepingContainer(c)
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), checker.IsNil)
+
+	// Retrieve the container address
+	contIP := findContainerIP(c, id, "bridge")
+	numPings := 4
+
+	var preRxPackets uint64
+	var preTxPackets uint64
+	var postRxPackets uint64
+	var postTxPackets uint64
+
+	// Get the container networking stats before and after pinging the container
+	nwStatsPre := getNetworkStats(c, id)
+	for _, v := range nwStatsPre {
+		preRxPackets += v.RxPackets
+		preTxPackets += v.TxPackets
+	}
+
+	countParam := "-c"
+	if runtime.GOOS == "windows" {
+		countParam = "-n" // Ping count parameter is -n on Windows
+	}
+	pingout, err := exec.Command("ping", contIP, countParam, strconv.Itoa(numPings)).Output()
+	pingouts := string(pingout[:])
+	c.Assert(err, checker.IsNil)
+	nwStatsPost := getNetworkStats(c, id)
+	for _, v := range nwStatsPost {
+		postRxPackets += v.RxPackets
+		postTxPackets += v.TxPackets
+	}
+
+	// Verify the stats contain at least the expected number of packets (account for ARP)
+	expRxPkts := 1 + preRxPackets + uint64(numPings)
+	expTxPkts := 1 + preTxPackets + uint64(numPings)
+	c.Assert(postTxPackets, checker.GreaterOrEqualThan, expTxPkts,
+		check.Commentf("Reported less TxPackets than expected. Expected >= %d. Found %d. %s", expTxPkts, postTxPackets, pingouts))
+	c.Assert(postRxPackets, checker.GreaterOrEqualThan, expRxPkts,
+		check.Commentf("Reported less Txbytes than expected. Expected >= %d. Found %d. %s", expRxPkts, postRxPackets, pingouts))
+}
+
+func (s *DockerSuite) TestApiStatsNetworkStatsVersioning(c *check.C) {
+	testRequires(c, SameHostDaemon)
+	testRequires(c, DaemonIsLinux)
+
+	out, _ := runSleepingContainer(c)
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), checker.IsNil)
+
+	for i := 17; i <= 21; i++ {
+		apiVersion := fmt.Sprintf("v1.%d", i)
+		statsJSONBlob := getVersionedStats(c, id, apiVersion)
+		if version.Version(apiVersion).LessThan("v1.21") {
+			c.Assert(jsonBlobHasLTv121NetworkStats(statsJSONBlob), checker.Equals, true,
+				check.Commentf("Stats JSON blob from API %s %#v does not look like a <v1.21 API stats structure", apiVersion, statsJSONBlob))
+		} else {
+			c.Assert(jsonBlobHasGTE121NetworkStats(statsJSONBlob), checker.Equals, true,
+				check.Commentf("Stats JSON blob from API %s %#v does not look like a >=v1.21 API stats structure", apiVersion, statsJSONBlob))
+		}
+	}
+}
+
+func getNetworkStats(c *check.C, id string) map[string]types.NetworkStats {
+	var st *types.StatsJSON
+
+	_, body, err := sockRequestRaw("GET", fmt.Sprintf("/containers/%s/stats?stream=false", id), nil, "")
+	c.Assert(err, checker.IsNil)
+
+	err = json.NewDecoder(body).Decode(&st)
+	c.Assert(err, checker.IsNil)
+	body.Close()
+
+	return st.Networks
+}
+
+// getVersionedStats returns stats result for the
+// container with id using an API call with version apiVersion. Since the
+// stats result type differs between API versions, we simply return
+// map[string]interface{}.
+func getVersionedStats(c *check.C, id string, apiVersion string) map[string]interface{} {
+	stats := make(map[string]interface{})
+
+	_, body, err := sockRequestRaw("GET", fmt.Sprintf("/%s/containers/%s/stats?stream=false", apiVersion, id), nil, "")
+	c.Assert(err, checker.IsNil)
+	defer body.Close()
+
+	err = json.NewDecoder(body).Decode(&stats)
+	c.Assert(err, checker.IsNil, check.Commentf("failed to decode stat: %s", err))
+
+	return stats
+}
+
+func jsonBlobHasLTv121NetworkStats(blob map[string]interface{}) bool {
+	networkStatsIntfc, ok := blob["network"]
+	if !ok {
+		return false
+	}
+	networkStats, ok := networkStatsIntfc.(map[string]interface{})
+	if !ok {
+		return false
+	}
+	for _, expectedKey := range expectedNetworkInterfaceStats {
+		if _, ok := networkStats[expectedKey]; !ok {
+			return false
+		}
+	}
+	return true
+}
+
+func jsonBlobHasGTE121NetworkStats(blob map[string]interface{}) bool {
+	networksStatsIntfc, ok := blob["networks"]
+	if !ok {
+		return false
+	}
+	networksStats, ok := networksStatsIntfc.(map[string]interface{})
+	if !ok {
+		return false
+	}
+	for _, networkInterfaceStatsIntfc := range networksStats {
+		networkInterfaceStats, ok := networkInterfaceStatsIntfc.(map[string]interface{})
+		if !ok {
+			return false
+		}
+		for _, expectedKey := range expectedNetworkInterfaceStats {
+			if _, ok := networkInterfaceStats[expectedKey]; !ok {
+				return false
+			}
+		}
+	}
+	return true
+}
+
+func (s *DockerSuite) TestApiStatsContainerNotFound(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	status, _, err := sockRequest("GET", "/containers/nonexistent/stats", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNotFound)
+
+	status, _, err = sockRequest("GET", "/containers/nonexistent/stats?stream=0", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNotFound)
+}
+
+func (s *DockerSuite) TestApiStatsContainerGetMemoryLimit(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	resp, body, err := sockRequestRaw("GET", "/info", nil, "application/json")
+	c.Assert(err, checker.IsNil)
+	c.Assert(resp.StatusCode, checker.Equals, http.StatusOK)
+	var info types.Info
+	err = json.NewDecoder(body).Decode(&info)
+	c.Assert(err, checker.IsNil)
+	body.Close()
+
+	// don't set a memory limit, the memory limit should be system memory
+	conName := "foo"
+	dockerCmd(c, "run", "-d", "--name", conName, "busybox", "top")
+	c.Assert(waitRun(conName), checker.IsNil)
+
+	resp, body, err = sockRequestRaw("GET", fmt.Sprintf("/containers/%s/stats?stream=false", conName), nil, "")
+	c.Assert(err, checker.IsNil)
+	c.Assert(resp.StatusCode, checker.Equals, http.StatusOK)
+	c.Assert(resp.Header.Get("Content-Type"), checker.Equals, "application/json")
+
+	var v *types.Stats
+	err = json.NewDecoder(body).Decode(&v)
+	c.Assert(err, checker.IsNil)
+	body.Close()
+	c.Assert(fmt.Sprintf("%d", v.MemoryStats.Limit), checker.Equals, fmt.Sprintf("%d", info.MemTotal))
+}
diff --git a/integration-cli/docker_api_test.go b/integration-cli/docker_api_test.go
new file mode 100644
index 00000000..a7257779
--- /dev/null
+++ b/integration-cli/docker_api_test.go
@@ -0,0 +1,101 @@
+package main
+
+import (
+	"fmt"
+	"net/http"
+	"net/http/httptest"
+	"net/http/httputil"
+	"os/exec"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/api"
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestApiOptionsRoute(c *check.C) {
+	status, _, err := sockRequest("OPTIONS", "/", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+}
+
+func (s *DockerSuite) TestApiGetEnabledCors(c *check.C) {
+	res, body, err := sockRequestRaw("GET", "/version", nil, "")
+	c.Assert(err, checker.IsNil)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusOK)
+	body.Close()
+	// TODO: @runcom incomplete tests, why old integration tests had this headers
+	// and here none of the headers below are in the response?
+	//c.Log(res.Header)
+	//c.Assert(res.Header.Get("Access-Control-Allow-Origin"), check.Equals, "*")
+	//c.Assert(res.Header.Get("Access-Control-Allow-Headers"), check.Equals, "Origin, X-Requested-With, Content-Type, Accept, X-Registry-Auth")
+}
+
+func (s *DockerSuite) TestApiVersionStatusCode(c *check.C) {
+	conn, err := sockConn(time.Duration(10 * time.Second))
+	c.Assert(err, checker.IsNil)
+
+	client := httputil.NewClientConn(conn, nil)
+	defer client.Close()
+
+	req, err := http.NewRequest("GET", "/v999.0/version", nil)
+	c.Assert(err, checker.IsNil)
+	req.Header.Set("User-Agent", "Docker-Client/999.0 (os)")
+
+	res, err := client.Do(req)
+	c.Assert(res.StatusCode, checker.Equals, http.StatusBadRequest)
+}
+
+func (s *DockerSuite) TestApiClientVersionNewerThanServer(c *check.C) {
+	v := strings.Split(api.DefaultVersion.String(), ".")
+	vMinInt, err := strconv.Atoi(v[1])
+	c.Assert(err, checker.IsNil)
+	vMinInt++
+	v[1] = strconv.Itoa(vMinInt)
+	version := strings.Join(v, ".")
+
+	status, body, err := sockRequest("GET", "/v"+version+"/version", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusBadRequest)
+	expected := fmt.Sprintf("client is newer than server (client API version: %s, server API version: %s)", version, api.DefaultVersion)
+	c.Assert(strings.TrimSpace(string(body)), checker.Equals, expected)
+}
+
+func (s *DockerSuite) TestApiClientVersionOldNotSupported(c *check.C) {
+	v := strings.Split(api.MinVersion.String(), ".")
+	vMinInt, err := strconv.Atoi(v[1])
+	c.Assert(err, checker.IsNil)
+	vMinInt--
+	v[1] = strconv.Itoa(vMinInt)
+	version := strings.Join(v, ".")
+
+	status, body, err := sockRequest("GET", "/v"+version+"/version", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusBadRequest)
+	expected := fmt.Sprintf("client version %s is too old. Minimum supported API version is %s, please upgrade your client to a newer version", version, api.MinVersion)
+	c.Assert(strings.TrimSpace(string(body)), checker.Equals, expected)
+}
+
+func (s *DockerSuite) TestApiDockerApiVersion(c *check.C) {
+	var svrVersion string
+
+	server := httptest.NewServer(http.HandlerFunc(
+		func(w http.ResponseWriter, r *http.Request) {
+			url := r.URL.Path
+			svrVersion = url
+		}))
+	defer server.Close()
+
+	// Test using the env var first
+	cmd := exec.Command(dockerBinary, "-H="+server.URL[7:], "version")
+	cmd.Env = appendBaseEnv(false, "DOCKER_API_VERSION=xxx")
+	out, _, _ := runCommandWithOutput(cmd)
+
+	c.Assert(svrVersion, check.Equals, "/vxxx/version")
+
+	if !strings.Contains(out, "API version:  xxx") {
+		c.Fatalf("Out didn't have 'xxx' for the API version, had:\n%s", out)
+	}
+}
diff --git a/integration-cli/docker_api_update_unix_test.go b/integration-cli/docker_api_update_unix_test.go
new file mode 100644
index 00000000..607e76a4
--- /dev/null
+++ b/integration-cli/docker_api_update_unix_test.go
@@ -0,0 +1,35 @@
+// +build !windows
+
+package main
+
+import (
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestApiUpdateContainer(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, memoryLimitSupport)
+	testRequires(c, swapMemorySupport)
+
+	name := "apiUpdateContainer"
+	hostConfig := map[string]interface{}{
+		"Memory":     314572800,
+		"MemorySwap": 524288000,
+	}
+	dockerCmd(c, "run", "-d", "--name", name, "-m", "200M", "busybox", "top")
+	_, _, err := sockRequest("POST", "/containers/"+name+"/update", hostConfig)
+	c.Assert(err, check.IsNil)
+
+	c.Assert(inspectField(c, name, "HostConfig.Memory"), checker.Equals, "314572800")
+	file := "/sys/fs/cgroup/memory/memory.limit_in_bytes"
+	out, _ := dockerCmd(c, "exec", name, "cat", file)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "314572800")
+
+	c.Assert(inspectField(c, name, "HostConfig.MemorySwap"), checker.Equals, "524288000")
+	file = "/sys/fs/cgroup/memory/memory.memsw.limit_in_bytes"
+	out, _ = dockerCmd(c, "exec", name, "cat", file)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "524288000")
+}
diff --git a/integration-cli/docker_api_version_test.go b/integration-cli/docker_api_version_test.go
new file mode 100644
index 00000000..ccb14841
--- /dev/null
+++ b/integration-cli/docker_api_version_test.go
@@ -0,0 +1,23 @@
+package main
+
+import (
+	"encoding/json"
+	"net/http"
+
+	"github.com/docker/docker/dockerversion"
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/engine-api/types"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestGetVersion(c *check.C) {
+	status, body, err := sockRequest("GET", "/version", nil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+	c.Assert(err, checker.IsNil)
+
+	var v types.Version
+
+	c.Assert(json.Unmarshal(body, &v), checker.IsNil)
+
+	c.Assert(v.Version, checker.Equals, dockerversion.Version, check.Commentf("Version mismatch"))
+}
diff --git a/integration-cli/docker_api_volumes_test.go b/integration-cli/docker_api_volumes_test.go
new file mode 100644
index 00000000..732271d0
--- /dev/null
+++ b/integration-cli/docker_api_volumes_test.go
@@ -0,0 +1,88 @@
+package main
+
+import (
+	"encoding/json"
+	"net/http"
+	"path/filepath"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/engine-api/types"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestVolumesApiList(c *check.C) {
+	prefix, _ := getPrefixAndSlashFromDaemonPlatform()
+	dockerCmd(c, "run", "-v", prefix+"/foo", "busybox")
+
+	status, b, err := sockRequest("GET", "/volumes", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+
+	var volumes types.VolumesListResponse
+	c.Assert(json.Unmarshal(b, &volumes), checker.IsNil)
+
+	c.Assert(len(volumes.Volumes), checker.Equals, 1, check.Commentf("\n%v", volumes.Volumes))
+}
+
+func (s *DockerSuite) TestVolumesApiCreate(c *check.C) {
+	config := types.VolumeCreateRequest{
+		Name: "test",
+	}
+	status, b, err := sockRequest("POST", "/volumes/create", config)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusCreated, check.Commentf(string(b)))
+
+	var vol types.Volume
+	err = json.Unmarshal(b, &vol)
+	c.Assert(err, checker.IsNil)
+
+	c.Assert(filepath.Base(filepath.Dir(vol.Mountpoint)), checker.Equals, config.Name)
+}
+
+func (s *DockerSuite) TestVolumesApiRemove(c *check.C) {
+	prefix, _ := getPrefixAndSlashFromDaemonPlatform()
+	dockerCmd(c, "run", "-v", prefix+"/foo", "--name=test", "busybox")
+
+	status, b, err := sockRequest("GET", "/volumes", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+
+	var volumes types.VolumesListResponse
+	c.Assert(json.Unmarshal(b, &volumes), checker.IsNil)
+	c.Assert(len(volumes.Volumes), checker.Equals, 1, check.Commentf("\n%v", volumes.Volumes))
+
+	v := volumes.Volumes[0]
+	status, _, err = sockRequest("DELETE", "/volumes/"+v.Name, nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusConflict, check.Commentf("Should not be able to remove a volume that is in use"))
+
+	dockerCmd(c, "rm", "-f", "test")
+	status, data, err := sockRequest("DELETE", "/volumes/"+v.Name, nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusNoContent, check.Commentf(string(data)))
+
+}
+
+func (s *DockerSuite) TestVolumesApiInspect(c *check.C) {
+	config := types.VolumeCreateRequest{
+		Name: "test",
+	}
+	status, b, err := sockRequest("POST", "/volumes/create", config)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusCreated, check.Commentf(string(b)))
+
+	status, b, err = sockRequest("GET", "/volumes", nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK, check.Commentf(string(b)))
+
+	var volumes types.VolumesListResponse
+	c.Assert(json.Unmarshal(b, &volumes), checker.IsNil)
+	c.Assert(len(volumes.Volumes), checker.Equals, 1, check.Commentf("\n%v", volumes.Volumes))
+
+	var vol types.Volume
+	status, b, err = sockRequest("GET", "/volumes/"+config.Name, nil)
+	c.Assert(err, checker.IsNil)
+	c.Assert(status, checker.Equals, http.StatusOK, check.Commentf(string(b)))
+	c.Assert(json.Unmarshal(b, &vol), checker.IsNil)
+	c.Assert(vol.Name, checker.Equals, config.Name)
+}
diff --git a/integration-cli/docker_cli_attach_test.go b/integration-cli/docker_cli_attach_test.go
new file mode 100644
index 00000000..0ac3e1ac
--- /dev/null
+++ b/integration-cli/docker_cli_attach_test.go
@@ -0,0 +1,162 @@
+package main
+
+import (
+	"bufio"
+	"fmt"
+	"io"
+	"os/exec"
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+const attachWait = 5 * time.Second
+
+func (s *DockerSuite) TestAttachMultipleAndRestart(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	endGroup := &sync.WaitGroup{}
+	startGroup := &sync.WaitGroup{}
+	endGroup.Add(3)
+	startGroup.Add(3)
+
+	err := waitForContainer("attacher", "-d", "busybox", "/bin/sh", "-c", "while true; do sleep 1; echo hello; done")
+	c.Assert(err, check.IsNil)
+
+	startDone := make(chan struct{})
+	endDone := make(chan struct{})
+
+	go func() {
+		endGroup.Wait()
+		close(endDone)
+	}()
+
+	go func() {
+		startGroup.Wait()
+		close(startDone)
+	}()
+
+	for i := 0; i < 3; i++ {
+		go func() {
+			cmd := exec.Command(dockerBinary, "attach", "attacher")
+
+			defer func() {
+				cmd.Wait()
+				endGroup.Done()
+			}()
+
+			out, err := cmd.StdoutPipe()
+			if err != nil {
+				c.Fatal(err)
+			}
+
+			if err := cmd.Start(); err != nil {
+				c.Fatal(err)
+			}
+
+			buf := make([]byte, 1024)
+
+			if _, err := out.Read(buf); err != nil && err != io.EOF {
+				c.Fatal(err)
+			}
+
+			startGroup.Done()
+
+			if !strings.Contains(string(buf), "hello") {
+				c.Fatalf("unexpected output %s expected hello\n", string(buf))
+			}
+		}()
+	}
+
+	select {
+	case <-startDone:
+	case <-time.After(attachWait):
+		c.Fatalf("Attaches did not initialize properly")
+	}
+
+	dockerCmd(c, "kill", "attacher")
+
+	select {
+	case <-endDone:
+	case <-time.After(attachWait):
+		c.Fatalf("Attaches did not finish properly")
+	}
+}
+
+func (s *DockerSuite) TestAttachTTYWithoutStdin(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "-ti", "busybox")
+
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), check.IsNil)
+
+	done := make(chan error)
+	go func() {
+		defer close(done)
+
+		cmd := exec.Command(dockerBinary, "attach", id)
+		if _, err := cmd.StdinPipe(); err != nil {
+			done <- err
+			return
+		}
+
+		expected := "cannot enable tty mode"
+		if out, _, err := runCommandWithOutput(cmd); err == nil {
+			done <- fmt.Errorf("attach should have failed")
+			return
+		} else if !strings.Contains(out, expected) {
+			done <- fmt.Errorf("attach failed with error %q: expected %q", out, expected)
+			return
+		}
+	}()
+
+	select {
+	case err := <-done:
+		c.Assert(err, check.IsNil)
+	case <-time.After(attachWait):
+		c.Fatal("attach is running but should have failed")
+	}
+}
+
+func (s *DockerSuite) TestAttachDisconnect(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-di", "busybox", "/bin/cat")
+	id := strings.TrimSpace(out)
+
+	cmd := exec.Command(dockerBinary, "attach", id)
+	stdin, err := cmd.StdinPipe()
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer stdin.Close()
+	stdout, err := cmd.StdoutPipe()
+	c.Assert(err, check.IsNil)
+	defer stdout.Close()
+	c.Assert(cmd.Start(), check.IsNil)
+	defer cmd.Process.Kill()
+
+	_, err = stdin.Write([]byte("hello\n"))
+	c.Assert(err, check.IsNil)
+	out, err = bufio.NewReader(stdout).ReadString('\n')
+	c.Assert(err, check.IsNil)
+	c.Assert(strings.TrimSpace(out), check.Equals, "hello")
+
+	c.Assert(stdin.Close(), check.IsNil)
+
+	// Expect container to still be running after stdin is closed
+	running := inspectField(c, id, "State.Running")
+	c.Assert(running, check.Equals, "true")
+}
+
+func (s *DockerSuite) TestAttachPausedContainer(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Containers cannot be paused on Windows
+	defer unpauseAllContainers()
+	dockerCmd(c, "run", "-d", "--name=test", "busybox", "top")
+	dockerCmd(c, "pause", "test")
+	out, _, err := dockerCmdWithError("attach", "test")
+	c.Assert(err, checker.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, "You cannot attach to a paused container, unpause it first")
+}
diff --git a/integration-cli/docker_cli_attach_unix_test.go b/integration-cli/docker_cli_attach_unix_test.go
new file mode 100644
index 00000000..7af761d7
--- /dev/null
+++ b/integration-cli/docker_cli_attach_unix_test.go
@@ -0,0 +1,230 @@
+// +build !windows
+
+package main
+
+import (
+	"bufio"
+	"os/exec"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/go-check/check"
+	"github.com/kr/pty"
+)
+
+// #9860 Make sure attach ends when container ends (with no errors)
+func (s *DockerSuite) TestAttachClosedOnContainerStop(c *check.C) {
+	testRequires(c, SameHostDaemon)
+
+	out, _ := dockerCmd(c, "run", "-dti", "busybox", "/bin/sh", "-c", `trap 'exit 0' SIGTERM; while true; do sleep 1; done`)
+
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), check.IsNil)
+
+	_, tty, err := pty.Open()
+	c.Assert(err, check.IsNil)
+
+	attachCmd := exec.Command(dockerBinary, "attach", id)
+	attachCmd.Stdin = tty
+	attachCmd.Stdout = tty
+	attachCmd.Stderr = tty
+	err = attachCmd.Start()
+	c.Assert(err, check.IsNil)
+
+	errChan := make(chan error)
+	go func() {
+		defer close(errChan)
+		// Container is waiting for us to signal it to stop
+		dockerCmd(c, "stop", id)
+		// And wait for the attach command to end
+		errChan <- attachCmd.Wait()
+	}()
+
+	// Wait for the docker to end (should be done by the
+	// stop command in the go routine)
+	dockerCmd(c, "wait", id)
+
+	select {
+	case err := <-errChan:
+		c.Assert(err, check.IsNil)
+	case <-time.After(attachWait):
+		c.Fatal("timed out without attach returning")
+	}
+
+}
+
+func (s *DockerSuite) TestAttachAfterDetach(c *check.C) {
+
+	name := "detachtest"
+
+	cpty, tty, err := pty.Open()
+	c.Assert(err, checker.IsNil, check.Commentf("Could not open pty: %v", err))
+	cmd := exec.Command(dockerBinary, "run", "-ti", "--name", name, "busybox")
+	cmd.Stdin = tty
+	cmd.Stdout = tty
+	cmd.Stderr = tty
+
+	errChan := make(chan error)
+	go func() {
+		errChan <- cmd.Run()
+		close(errChan)
+	}()
+
+	c.Assert(waitRun(name), check.IsNil)
+
+	cpty.Write([]byte{16})
+	time.Sleep(100 * time.Millisecond)
+	cpty.Write([]byte{17})
+
+	select {
+	case err := <-errChan:
+		c.Assert(err, check.IsNil)
+	case <-time.After(5 * time.Second):
+		c.Fatal("timeout while detaching")
+	}
+
+	cpty, tty, err = pty.Open()
+	c.Assert(err, checker.IsNil, check.Commentf("Could not open pty: %v", err))
+
+	cmd = exec.Command(dockerBinary, "attach", name)
+	cmd.Stdin = tty
+	cmd.Stdout = tty
+	cmd.Stderr = tty
+
+	err = cmd.Start()
+	c.Assert(err, checker.IsNil)
+
+	bytes := make([]byte, 10)
+	var nBytes int
+	readErr := make(chan error, 1)
+
+	go func() {
+		time.Sleep(500 * time.Millisecond)
+		cpty.Write([]byte("\n"))
+		time.Sleep(500 * time.Millisecond)
+
+		nBytes, err = cpty.Read(bytes)
+		cpty.Close()
+		readErr <- err
+	}()
+
+	select {
+	case err := <-readErr:
+		c.Assert(err, check.IsNil)
+	case <-time.After(2 * time.Second):
+		c.Fatal("timeout waiting for attach read")
+	}
+
+	err = cmd.Wait()
+	c.Assert(err, checker.IsNil)
+
+	c.Assert(string(bytes[:nBytes]), checker.Contains, "/ #")
+
+}
+
+// TestAttachDetach checks that attach in tty mode can be detached using the long container ID
+func (s *DockerSuite) TestAttachDetach(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-itd", "busybox", "cat")
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), check.IsNil)
+
+	cpty, tty, err := pty.Open()
+	c.Assert(err, check.IsNil)
+	defer cpty.Close()
+
+	cmd := exec.Command(dockerBinary, "attach", id)
+	cmd.Stdin = tty
+	stdout, err := cmd.StdoutPipe()
+	c.Assert(err, check.IsNil)
+	defer stdout.Close()
+	err = cmd.Start()
+	c.Assert(err, check.IsNil)
+	c.Assert(waitRun(id), check.IsNil)
+
+	_, err = cpty.Write([]byte("hello\n"))
+	c.Assert(err, check.IsNil)
+	out, err = bufio.NewReader(stdout).ReadString('\n')
+	c.Assert(err, check.IsNil)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "hello", check.Commentf("expected 'hello', got %q", out))
+
+	// escape sequence
+	_, err = cpty.Write([]byte{16})
+	c.Assert(err, checker.IsNil)
+	time.Sleep(100 * time.Millisecond)
+	_, err = cpty.Write([]byte{17})
+	c.Assert(err, checker.IsNil)
+
+	ch := make(chan struct{})
+	go func() {
+		cmd.Wait()
+		ch <- struct{}{}
+	}()
+
+	running := inspectField(c, id, "State.Running")
+	c.Assert(running, checker.Equals, "true", check.Commentf("expected container to still be running"))
+
+	go func() {
+		dockerCmd(c, "kill", id)
+	}()
+
+	select {
+	case <-ch:
+	case <-time.After(10 * time.Millisecond):
+		c.Fatal("timed out waiting for container to exit")
+	}
+
+}
+
+// TestAttachDetachTruncatedID checks that attach in tty mode can be detached
+func (s *DockerSuite) TestAttachDetachTruncatedID(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-itd", "busybox", "cat")
+	id := stringid.TruncateID(strings.TrimSpace(out))
+	c.Assert(waitRun(id), check.IsNil)
+
+	cpty, tty, err := pty.Open()
+	c.Assert(err, checker.IsNil)
+	defer cpty.Close()
+
+	cmd := exec.Command(dockerBinary, "attach", id)
+	cmd.Stdin = tty
+	stdout, err := cmd.StdoutPipe()
+	c.Assert(err, checker.IsNil)
+	defer stdout.Close()
+	err = cmd.Start()
+	c.Assert(err, checker.IsNil)
+
+	_, err = cpty.Write([]byte("hello\n"))
+	c.Assert(err, checker.IsNil)
+	out, err = bufio.NewReader(stdout).ReadString('\n')
+	c.Assert(err, checker.IsNil)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "hello", check.Commentf("expected 'hello', got %q", out))
+
+	// escape sequence
+	_, err = cpty.Write([]byte{16})
+	c.Assert(err, checker.IsNil)
+	time.Sleep(100 * time.Millisecond)
+	_, err = cpty.Write([]byte{17})
+	c.Assert(err, checker.IsNil)
+
+	ch := make(chan struct{})
+	go func() {
+		cmd.Wait()
+		ch <- struct{}{}
+	}()
+
+	running := inspectField(c, id, "State.Running")
+	c.Assert(running, checker.Equals, "true", check.Commentf("expected container to still be running"))
+
+	go func() {
+		dockerCmd(c, "kill", id)
+	}()
+
+	select {
+	case <-ch:
+	case <-time.After(10 * time.Millisecond):
+		c.Fatal("timed out waiting for container to exit")
+	}
+
+}
diff --git a/integration-cli/docker_cli_authz_unix_test.go b/integration-cli/docker_cli_authz_unix_test.go
new file mode 100644
index 00000000..0a208d75
--- /dev/null
+++ b/integration-cli/docker_cli_authz_unix_test.go
@@ -0,0 +1,363 @@
+// +build !windows
+
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/http/httptest"
+	"os"
+	"strings"
+
+	"bufio"
+	"bytes"
+	"os/exec"
+	"strconv"
+	"time"
+
+	"github.com/docker/docker/pkg/authorization"
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/plugins"
+	"github.com/go-check/check"
+)
+
+const (
+	testAuthZPlugin     = "authzplugin"
+	unauthorizedMessage = "User unauthorized authz plugin"
+	errorMessage        = "something went wrong..."
+	containerListAPI    = "/containers/json"
+)
+
+var (
+	alwaysAllowed = []string{"/_ping", "/info"}
+)
+
+func init() {
+	check.Suite(&DockerAuthzSuite{
+		ds: &DockerSuite{},
+	})
+}
+
+type DockerAuthzSuite struct {
+	server *httptest.Server
+	ds     *DockerSuite
+	d      *Daemon
+	ctrl   *authorizationController
+}
+
+type authorizationController struct {
+	reqRes        authorization.Response // reqRes holds the plugin response to the initial client request
+	resRes        authorization.Response // resRes holds the plugin response to the daemon response
+	psRequestCnt  int                    // psRequestCnt counts the number of calls to list container request api
+	psResponseCnt int                    // psResponseCnt counts the number of calls to list containers response API
+	requestsURIs  []string               // requestsURIs stores all request URIs that are sent to the authorization controller
+}
+
+func (s *DockerAuthzSuite) SetUpTest(c *check.C) {
+	s.d = NewDaemon(c)
+	s.ctrl = &authorizationController{}
+}
+
+func (s *DockerAuthzSuite) TearDownTest(c *check.C) {
+	s.d.Stop()
+	s.ds.TearDownTest(c)
+	s.ctrl = nil
+}
+
+func (s *DockerAuthzSuite) SetUpSuite(c *check.C) {
+	mux := http.NewServeMux()
+	s.server = httptest.NewServer(mux)
+	c.Assert(s.server, check.NotNil, check.Commentf("Failed to start a HTTP Server"))
+
+	mux.HandleFunc("/Plugin.Activate", func(w http.ResponseWriter, r *http.Request) {
+		b, err := json.Marshal(plugins.Manifest{Implements: []string{authorization.AuthZApiImplements}})
+		c.Assert(err, check.IsNil)
+		w.Write(b)
+	})
+
+	mux.HandleFunc("/AuthZPlugin.AuthZReq", func(w http.ResponseWriter, r *http.Request) {
+		defer r.Body.Close()
+		body, err := ioutil.ReadAll(r.Body)
+		c.Assert(err, check.IsNil)
+		authReq := authorization.Request{}
+		err = json.Unmarshal(body, &authReq)
+		c.Assert(err, check.IsNil)
+
+		assertBody(c, authReq.RequestURI, authReq.RequestHeaders, authReq.RequestBody)
+		assertAuthHeaders(c, authReq.RequestHeaders)
+
+		// Count only container list api
+		if strings.HasSuffix(authReq.RequestURI, containerListAPI) {
+			s.ctrl.psRequestCnt++
+		}
+
+		s.ctrl.requestsURIs = append(s.ctrl.requestsURIs, authReq.RequestURI)
+
+		reqRes := s.ctrl.reqRes
+		if isAllowed(authReq.RequestURI) {
+			reqRes = authorization.Response{Allow: true}
+		}
+		if reqRes.Err != "" {
+			w.WriteHeader(http.StatusInternalServerError)
+		}
+		b, err := json.Marshal(reqRes)
+		c.Assert(err, check.IsNil)
+		w.Write(b)
+	})
+
+	mux.HandleFunc("/AuthZPlugin.AuthZRes", func(w http.ResponseWriter, r *http.Request) {
+		defer r.Body.Close()
+		body, err := ioutil.ReadAll(r.Body)
+		c.Assert(err, check.IsNil)
+		authReq := authorization.Request{}
+		err = json.Unmarshal(body, &authReq)
+		c.Assert(err, check.IsNil)
+
+		assertBody(c, authReq.RequestURI, authReq.ResponseHeaders, authReq.ResponseBody)
+		assertAuthHeaders(c, authReq.ResponseHeaders)
+
+		// Count only container list api
+		if strings.HasSuffix(authReq.RequestURI, containerListAPI) {
+			s.ctrl.psResponseCnt++
+		}
+		resRes := s.ctrl.resRes
+		if isAllowed(authReq.RequestURI) {
+			resRes = authorization.Response{Allow: true}
+		}
+		if resRes.Err != "" {
+			w.WriteHeader(http.StatusInternalServerError)
+		}
+		b, err := json.Marshal(resRes)
+		c.Assert(err, check.IsNil)
+		w.Write(b)
+	})
+
+	err := os.MkdirAll("/etc/docker/plugins", 0755)
+	c.Assert(err, checker.IsNil)
+
+	fileName := fmt.Sprintf("/etc/docker/plugins/%s.spec", testAuthZPlugin)
+	err = ioutil.WriteFile(fileName, []byte(s.server.URL), 0644)
+	c.Assert(err, checker.IsNil)
+}
+
+// check for always allowed endpoints to not inhibit test framework functions
+func isAllowed(reqURI string) bool {
+	for _, endpoint := range alwaysAllowed {
+		if strings.HasSuffix(reqURI, endpoint) {
+			return true
+		}
+	}
+	return false
+}
+
+// assertAuthHeaders validates authentication headers are removed
+func assertAuthHeaders(c *check.C, headers map[string]string) error {
+	for k := range headers {
+		if strings.Contains(strings.ToLower(k), "auth") || strings.Contains(strings.ToLower(k), "x-registry") {
+			c.Errorf("Found authentication headers in request '%v'", headers)
+		}
+	}
+	return nil
+}
+
+// assertBody asserts that body is removed for non text/json requests
+func assertBody(c *check.C, requestURI string, headers map[string]string, body []byte) {
+	if strings.Contains(strings.ToLower(requestURI), "auth") && len(body) > 0 {
+		//return fmt.Errorf("Body included for authentication endpoint %s", string(body))
+		c.Errorf("Body included for authentication endpoint %s", string(body))
+	}
+
+	for k, v := range headers {
+		if strings.EqualFold(k, "Content-Type") && strings.HasPrefix(v, "text/") || v == "application/json" {
+			return
+		}
+	}
+	if len(body) > 0 {
+		c.Errorf("Body included while it should not (Headers: '%v')", headers)
+	}
+}
+
+func (s *DockerAuthzSuite) TearDownSuite(c *check.C) {
+	if s.server == nil {
+		return
+	}
+
+	s.server.Close()
+
+	err := os.RemoveAll("/etc/docker/plugins")
+	c.Assert(err, checker.IsNil)
+}
+
+func (s *DockerAuthzSuite) TestAuthZPluginAllowRequest(c *check.C) {
+	// start the daemon and load busybox, --net=none build fails otherwise
+	// cause it needs to pull busybox
+	c.Assert(s.d.Start("--authorization-plugin="+testAuthZPlugin), check.IsNil)
+	s.ctrl.reqRes.Allow = true
+	s.ctrl.resRes.Allow = true
+	c.Assert(s.d.LoadBusybox(), check.IsNil)
+
+	// Ensure command successful
+	out, err := s.d.Cmd("run", "-d", "busybox", "top")
+	c.Assert(err, check.IsNil)
+
+	id := strings.TrimSpace(out)
+	assertURIRecorded(c, s.ctrl.requestsURIs, "/containers/create")
+	assertURIRecorded(c, s.ctrl.requestsURIs, fmt.Sprintf("/containers/%s/start", id))
+
+	out, err = s.d.Cmd("ps")
+	c.Assert(err, check.IsNil)
+	c.Assert(assertContainerList(out, []string{id}), check.Equals, true)
+	c.Assert(s.ctrl.psRequestCnt, check.Equals, 1)
+	c.Assert(s.ctrl.psResponseCnt, check.Equals, 1)
+}
+
+func (s *DockerAuthzSuite) TestAuthZPluginDenyRequest(c *check.C) {
+	err := s.d.Start("--authorization-plugin=" + testAuthZPlugin)
+	c.Assert(err, check.IsNil)
+	s.ctrl.reqRes.Allow = false
+	s.ctrl.reqRes.Msg = unauthorizedMessage
+
+	// Ensure command is blocked
+	res, err := s.d.Cmd("ps")
+	c.Assert(err, check.NotNil)
+	c.Assert(s.ctrl.psRequestCnt, check.Equals, 1)
+	c.Assert(s.ctrl.psResponseCnt, check.Equals, 0)
+
+	// Ensure unauthorized message appears in response
+	c.Assert(res, check.Equals, fmt.Sprintf("Error response from daemon: authorization denied by plugin %s: %s\n", testAuthZPlugin, unauthorizedMessage))
+}
+
+func (s *DockerAuthzSuite) TestAuthZPluginDenyResponse(c *check.C) {
+	err := s.d.Start("--authorization-plugin=" + testAuthZPlugin)
+	c.Assert(err, check.IsNil)
+	s.ctrl.reqRes.Allow = true
+	s.ctrl.resRes.Allow = false
+	s.ctrl.resRes.Msg = unauthorizedMessage
+
+	// Ensure command is blocked
+	res, err := s.d.Cmd("ps")
+	c.Assert(err, check.NotNil)
+	c.Assert(s.ctrl.psRequestCnt, check.Equals, 1)
+	c.Assert(s.ctrl.psResponseCnt, check.Equals, 1)
+
+	// Ensure unauthorized message appears in response
+	c.Assert(res, check.Equals, fmt.Sprintf("Error response from daemon: authorization denied by plugin %s: %s\n", testAuthZPlugin, unauthorizedMessage))
+}
+
+// TestAuthZPluginAllowEventStream verifies event stream propagates correctly after request pass through by the authorization plugin
+func (s *DockerAuthzSuite) TestAuthZPluginAllowEventStream(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	// start the daemon and load busybox to avoid pulling busybox from Docker Hub
+	c.Assert(s.d.Start("--authorization-plugin="+testAuthZPlugin), check.IsNil)
+	s.ctrl.reqRes.Allow = true
+	s.ctrl.resRes.Allow = true
+	c.Assert(s.d.LoadBusybox(), check.IsNil)
+
+	startTime := strconv.FormatInt(daemonTime(c).Unix(), 10)
+	// Add another command to to enable event pipelining
+	eventsCmd := exec.Command(s.d.cmd.Path, "--host", s.d.sock(), "events", "--since", startTime)
+	stdout, err := eventsCmd.StdoutPipe()
+	if err != nil {
+		c.Assert(err, check.IsNil)
+	}
+
+	observer := eventObserver{
+		buffer:    new(bytes.Buffer),
+		command:   eventsCmd,
+		scanner:   bufio.NewScanner(stdout),
+		startTime: startTime,
+	}
+
+	err = observer.Start()
+	c.Assert(err, checker.IsNil)
+	defer observer.Stop()
+
+	// Create a container and wait for the creation events
+	out, err := s.d.Cmd("run", "-d", "busybox", "top")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	containerID := strings.TrimSpace(out)
+	c.Assert(s.d.waitRun(containerID), checker.IsNil)
+
+	events := map[string]chan bool{
+		"create": make(chan bool, 1),
+		"start":  make(chan bool, 1),
+	}
+
+	matcher := matchEventLine(containerID, "container", events)
+	processor := processEventMatch(events)
+	go observer.Match(matcher, processor)
+
+	// Ensure all events are received
+	for event, eventChannel := range events {
+
+		select {
+		case <-time.After(30 * time.Second):
+			// Fail the test
+			observer.CheckEventError(c, containerID, event, matcher)
+			c.FailNow()
+		case <-eventChannel:
+			// Ignore, event received
+		}
+	}
+
+	// Ensure both events and container endpoints are passed to the authorization plugin
+	assertURIRecorded(c, s.ctrl.requestsURIs, "/events")
+	assertURIRecorded(c, s.ctrl.requestsURIs, "/containers/create")
+	assertURIRecorded(c, s.ctrl.requestsURIs, fmt.Sprintf("/containers/%s/start", containerID))
+}
+
+func (s *DockerAuthzSuite) TestAuthZPluginErrorResponse(c *check.C) {
+	err := s.d.Start("--authorization-plugin=" + testAuthZPlugin)
+	c.Assert(err, check.IsNil)
+	s.ctrl.reqRes.Allow = true
+	s.ctrl.resRes.Err = errorMessage
+
+	// Ensure command is blocked
+	res, err := s.d.Cmd("ps")
+	c.Assert(err, check.NotNil)
+
+	c.Assert(res, check.Equals, fmt.Sprintf("Error response from daemon: plugin %s failed with error: %s: %s\n", testAuthZPlugin, authorization.AuthZApiResponse, errorMessage))
+}
+
+func (s *DockerAuthzSuite) TestAuthZPluginErrorRequest(c *check.C) {
+	err := s.d.Start("--authorization-plugin=" + testAuthZPlugin)
+	c.Assert(err, check.IsNil)
+	s.ctrl.reqRes.Err = errorMessage
+
+	// Ensure command is blocked
+	res, err := s.d.Cmd("ps")
+	c.Assert(err, check.NotNil)
+
+	c.Assert(res, check.Equals, fmt.Sprintf("Error response from daemon: plugin %s failed with error: %s: %s\n", testAuthZPlugin, authorization.AuthZApiRequest, errorMessage))
+}
+
+func (s *DockerAuthzSuite) TestAuthZPluginEnsureNoDuplicatePluginRegistration(c *check.C) {
+	c.Assert(s.d.Start("--authorization-plugin="+testAuthZPlugin, "--authorization-plugin="+testAuthZPlugin), check.IsNil)
+
+	s.ctrl.reqRes.Allow = true
+	s.ctrl.resRes.Allow = true
+
+	out, err := s.d.Cmd("ps")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	// assert plugin is only called once..
+	c.Assert(s.ctrl.psRequestCnt, check.Equals, 1)
+	c.Assert(s.ctrl.psResponseCnt, check.Equals, 1)
+}
+
+// assertURIRecorded verifies that the given URI was sent and recorded in the authz plugin
+func assertURIRecorded(c *check.C, uris []string, uri string) {
+	var found bool
+	for _, u := range uris {
+		if strings.Contains(u, uri) {
+			found = true
+			break
+		}
+	}
+	if !found {
+		c.Fatalf("Expected to find URI '%s', recorded uris '%s'", uri, strings.Join(uris, ","))
+	}
+}
diff --git a/integration-cli/docker_cli_build_test.go b/integration-cli/docker_cli_build_test.go
new file mode 100644
index 00000000..a53df642
--- /dev/null
+++ b/integration-cli/docker_cli_build_test.go
@@ -0,0 +1,6976 @@
+package main
+
+import (
+	"archive/tar"
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"reflect"
+	"regexp"
+	"runtime"
+	"strconv"
+	"strings"
+	"text/template"
+	"time"
+
+	"github.com/docker/docker/builder/dockerfile/command"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/stringutils"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestBuildJSONEmptyRun(c *check.C) {
+	name := "testbuildjsonemptyrun"
+
+	_, err := buildImage(
+		name,
+		`
+    FROM busybox
+    RUN []
+    `,
+		true)
+
+	if err != nil {
+		c.Fatal("error when dealing with a RUN statement with empty JSON array")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildEmptyWhitespace(c *check.C) {
+	name := "testbuildemptywhitespace"
+
+	_, err := buildImage(
+		name,
+		`
+    FROM busybox
+    COPY
+      quux \
+      bar
+    `,
+		true)
+
+	if err == nil {
+		c.Fatal("no error when dealing with a COPY statement with no content on the same line")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildShCmdJSONEntrypoint(c *check.C) {
+	name := "testbuildshcmdjsonentrypoint"
+
+	_, err := buildImage(
+		name,
+		`
+    FROM busybox
+    ENTRYPOINT ["echo"]
+    CMD echo test
+    `,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	out, _ := dockerCmd(c, "run", "--rm", name)
+
+	if daemonPlatform == "windows" {
+		if !strings.Contains(out, "cmd /S /C echo test") {
+			c.Fatalf("CMD did not contain cmd /S /C echo test : %q", out)
+		}
+	} else {
+		if strings.TrimSpace(out) != "/bin/sh -c echo test" {
+			c.Fatalf("CMD did not contain /bin/sh -c : %q", out)
+		}
+	}
+
+}
+
+func (s *DockerSuite) TestBuildEnvironmentReplacementUser(c *check.C) {
+	// Windows does not support FROM scratch or the USER command
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildenvironmentreplacement"
+
+	_, err := buildImage(name, `
+  FROM scratch
+  ENV user foo
+  USER ${user}
+  `, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	res := inspectFieldJSON(c, name, "Config.User")
+
+	if res != `"foo"` {
+		c.Fatal("User foo from environment not in Config.User on image")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildEnvironmentReplacementVolume(c *check.C) {
+	name := "testbuildenvironmentreplacement"
+
+	var volumePath string
+
+	if daemonPlatform == "windows" {
+		volumePath = "c:/quux"
+	} else {
+		volumePath = "/quux"
+	}
+
+	_, err := buildImage(name, `
+  FROM `+minimalBaseImage()+`
+  ENV volume `+volumePath+`
+  VOLUME ${volume}
+  `, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	res := inspectFieldJSON(c, name, "Config.Volumes")
+
+	var volumes map[string]interface{}
+
+	if err := json.Unmarshal([]byte(res), &volumes); err != nil {
+		c.Fatal(err)
+	}
+
+	if _, ok := volumes[volumePath]; !ok {
+		c.Fatal("Volume " + volumePath + " from environment not in Config.Volumes on image")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildEnvironmentReplacementExpose(c *check.C) {
+	// Windows does not support FROM scratch or the EXPOSE command
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildenvironmentreplacement"
+
+	_, err := buildImage(name, `
+  FROM scratch
+  ENV port 80
+  EXPOSE ${port}
+  ENV ports "  99   100 "
+  EXPOSE ${ports}
+  `, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	res := inspectFieldJSON(c, name, "Config.ExposedPorts")
+
+	var exposedPorts map[string]interface{}
+
+	if err := json.Unmarshal([]byte(res), &exposedPorts); err != nil {
+		c.Fatal(err)
+	}
+
+	exp := []int{80, 99, 100}
+
+	for _, p := range exp {
+		tmp := fmt.Sprintf("%d/tcp", p)
+		if _, ok := exposedPorts[tmp]; !ok {
+			c.Fatalf("Exposed port %d from environment not in Config.ExposedPorts on image", p)
+		}
+	}
+
+}
+
+func (s *DockerSuite) TestBuildEnvironmentReplacementWorkdir(c *check.C) {
+	name := "testbuildenvironmentreplacement"
+
+	_, err := buildImage(name, `
+  FROM busybox
+  ENV MYWORKDIR /work
+  RUN mkdir ${MYWORKDIR}
+  WORKDIR ${MYWORKDIR}
+  `, true)
+
+	if err != nil {
+		c.Fatal(err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildEnvironmentReplacementAddCopy(c *check.C) {
+	name := "testbuildenvironmentreplacement"
+
+	ctx, err := fakeContext(`
+  FROM `+minimalBaseImage()+`
+  ENV baz foo
+  ENV quux bar
+  ENV dot .
+  ENV fee fff
+  ENV gee ggg
+
+  ADD ${baz} ${dot}
+  COPY ${quux} ${dot}
+  ADD ${zzz:-${fee}} ${dot}
+  COPY ${zzz:-${gee}} ${dot}
+  `,
+		map[string]string{
+			"foo": "test1",
+			"bar": "test2",
+			"fff": "test3",
+			"ggg": "test4",
+		})
+
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildEnvironmentReplacementEnv(c *check.C) {
+	// ENV expansions work differently in Windows
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildenvironmentreplacement"
+
+	_, err := buildImage(name,
+		`
+  FROM busybox
+  ENV foo zzz
+  ENV bar ${foo}
+  ENV abc1='$foo'
+  ENV env1=$foo env2=${foo} env3="$foo" env4="${foo}"
+  RUN [ "$abc1" = '$foo' ] && (echo "$abc1" | grep -q foo)
+  ENV abc2="\$foo"
+  RUN [ "$abc2" = '$foo' ] && (echo "$abc2" | grep -q foo)
+  ENV abc3 '$foo'
+  RUN [ "$abc3" = '$foo' ] && (echo "$abc3" | grep -q foo)
+  ENV abc4 "\$foo"
+  RUN [ "$abc4" = '$foo' ] && (echo "$abc4" | grep -q foo)
+  `, true)
+
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	res := inspectFieldJSON(c, name, "Config.Env")
+
+	envResult := []string{}
+
+	if err = unmarshalJSON([]byte(res), &envResult); err != nil {
+		c.Fatal(err)
+	}
+
+	found := false
+	envCount := 0
+
+	for _, env := range envResult {
+		parts := strings.SplitN(env, "=", 2)
+		if parts[0] == "bar" {
+			found = true
+			if parts[1] != "zzz" {
+				c.Fatalf("Could not find replaced var for env `bar`: got %q instead of `zzz`", parts[1])
+			}
+		} else if strings.HasPrefix(parts[0], "env") {
+			envCount++
+			if parts[1] != "zzz" {
+				c.Fatalf("%s should be 'foo' but instead its %q", parts[0], parts[1])
+			}
+		} else if strings.HasPrefix(parts[0], "env") {
+			envCount++
+			if parts[1] != "foo" {
+				c.Fatalf("%s should be 'foo' but instead its %q", parts[0], parts[1])
+			}
+		}
+	}
+
+	if !found {
+		c.Fatal("Never found the `bar` env variable")
+	}
+
+	if envCount != 4 {
+		c.Fatalf("Didn't find all env vars - only saw %d\n%s", envCount, envResult)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildHandleEscapes(c *check.C) {
+	// The volume paths used in this test are invalid on Windows
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildhandleescapes"
+
+	_, err := buildImage(name,
+		`
+  FROM scratch
+  ENV FOO bar
+  VOLUME ${FOO}
+  `, true)
+
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	var result map[string]map[string]struct{}
+
+	res := inspectFieldJSON(c, name, "Config.Volumes")
+
+	if err = unmarshalJSON([]byte(res), &result); err != nil {
+		c.Fatal(err)
+	}
+
+	if _, ok := result["bar"]; !ok {
+		c.Fatal("Could not find volume bar set from env foo in volumes table")
+	}
+
+	deleteImages(name)
+
+	_, err = buildImage(name,
+		`
+  FROM scratch
+  ENV FOO bar
+  VOLUME \${FOO}
+  `, true)
+
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	res = inspectFieldJSON(c, name, "Config.Volumes")
+
+	if err = unmarshalJSON([]byte(res), &result); err != nil {
+		c.Fatal(err)
+	}
+
+	if _, ok := result["${FOO}"]; !ok {
+		c.Fatal("Could not find volume ${FOO} set from env foo in volumes table")
+	}
+
+	deleteImages(name)
+
+	// this test in particular provides *7* backslashes and expects 6 to come back.
+	// Like above, the first escape is swallowed and the rest are treated as
+	// literals, this one is just less obvious because of all the character noise.
+
+	_, err = buildImage(name,
+		`
+  FROM scratch
+  ENV FOO bar
+  VOLUME \\\\\\\${FOO}
+  `, true)
+
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	res = inspectFieldJSON(c, name, "Config.Volumes")
+
+	if err = unmarshalJSON([]byte(res), &result); err != nil {
+		c.Fatal(err)
+	}
+
+	if _, ok := result[`\\\${FOO}`]; !ok {
+		c.Fatal(`Could not find volume \\\${FOO} set from env foo in volumes table`, result)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildOnBuildLowercase(c *check.C) {
+	name := "testbuildonbuildlowercase"
+	name2 := "testbuildonbuildlowercase2"
+
+	_, err := buildImage(name,
+		`
+  FROM busybox
+  onbuild run echo quux
+  `, true)
+
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	_, out, err := buildImageWithOut(name2, fmt.Sprintf(`
+  FROM %s
+  `, name), true)
+
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	if !strings.Contains(out, "quux") {
+		c.Fatalf("Did not receive the expected echo text, got %s", out)
+	}
+
+	if strings.Contains(out, "ONBUILD ONBUILD") {
+		c.Fatalf("Got an ONBUILD ONBUILD error with no error: got %s", out)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildEnvEscapes(c *check.C) {
+	// ENV expansions work differently in Windows
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildenvescapes"
+	_, err := buildImage(name,
+		`
+    FROM busybox
+    ENV TEST foo
+    CMD echo \$
+    `,
+		true)
+
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	out, _ := dockerCmd(c, "run", "-t", name)
+
+	if strings.TrimSpace(out) != "$" {
+		c.Fatalf("Env TEST was not overwritten with bar when foo was supplied to dockerfile: was %q", strings.TrimSpace(out))
+	}
+
+}
+
+func (s *DockerSuite) TestBuildEnvOverwrite(c *check.C) {
+	// ENV expansions work differently in Windows
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildenvoverwrite"
+
+	_, err := buildImage(name,
+		`
+    FROM busybox
+    ENV TEST foo
+    CMD echo ${TEST}
+    `,
+		true)
+
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	out, _ := dockerCmd(c, "run", "-e", "TEST=bar", "-t", name)
+
+	if strings.TrimSpace(out) != "bar" {
+		c.Fatalf("Env TEST was not overwritten with bar when foo was supplied to dockerfile: was %q", strings.TrimSpace(out))
+	}
+
+}
+
+func (s *DockerSuite) TestBuildOnBuildForbiddenMaintainerInSourceImage(c *check.C) {
+	name := "testbuildonbuildforbiddenmaintainerinsourceimage"
+
+	out, _ := dockerCmd(c, "create", "busybox", "true")
+
+	cleanedContainerID := strings.TrimSpace(out)
+
+	dockerCmd(c, "commit", "--run", "{\"OnBuild\":[\"MAINTAINER docker.io\"]}", cleanedContainerID, "onbuild")
+
+	_, err := buildImage(name,
+		`FROM onbuild`,
+		true)
+	if err != nil {
+		if !strings.Contains(err.Error(), "maintainer isn't allowed as an ONBUILD trigger") {
+			c.Fatalf("Wrong error %v, must be about MAINTAINER and ONBUILD in source image", err)
+		}
+	} else {
+		c.Fatal("Error must not be nil")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildOnBuildForbiddenFromInSourceImage(c *check.C) {
+	name := "testbuildonbuildforbiddenfrominsourceimage"
+
+	out, _ := dockerCmd(c, "create", "busybox", "true")
+
+	cleanedContainerID := strings.TrimSpace(out)
+
+	dockerCmd(c, "commit", "--run", "{\"OnBuild\":[\"FROM busybox\"]}", cleanedContainerID, "onbuild")
+
+	_, err := buildImage(name,
+		`FROM onbuild`,
+		true)
+	if err != nil {
+		if !strings.Contains(err.Error(), "from isn't allowed as an ONBUILD trigger") {
+			c.Fatalf("Wrong error %v, must be about FROM and ONBUILD in source image", err)
+		}
+	} else {
+		c.Fatal("Error must not be nil")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildOnBuildForbiddenChainedInSourceImage(c *check.C) {
+	name := "testbuildonbuildforbiddenchainedinsourceimage"
+
+	out, _ := dockerCmd(c, "create", "busybox", "true")
+
+	cleanedContainerID := strings.TrimSpace(out)
+
+	dockerCmd(c, "commit", "--run", "{\"OnBuild\":[\"ONBUILD RUN ls\"]}", cleanedContainerID, "onbuild")
+
+	_, err := buildImage(name,
+		`FROM onbuild`,
+		true)
+	if err != nil {
+		if !strings.Contains(err.Error(), "Chaining ONBUILD via `ONBUILD ONBUILD` isn't allowed") {
+			c.Fatalf("Wrong error %v, must be about chaining ONBUILD in source image", err)
+		}
+	} else {
+		c.Fatal("Error must not be nil")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildOnBuildCmdEntrypointJSON(c *check.C) {
+	name1 := "onbuildcmd"
+	name2 := "onbuildgenerated"
+
+	_, err := buildImage(name1, `
+FROM busybox
+ONBUILD CMD ["hello world"]
+ONBUILD ENTRYPOINT ["echo"]
+ONBUILD RUN ["true"]`,
+		false)
+
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	_, err = buildImage(name2, fmt.Sprintf(`FROM %s`, name1), false)
+
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	out, _ := dockerCmd(c, "run", name2)
+
+	if !regexp.MustCompile(`(?m)^hello world`).MatchString(out) {
+		c.Fatalf("did not get echo output from onbuild. Got: %q", out)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildOnBuildEntrypointJSON(c *check.C) {
+	name1 := "onbuildcmd"
+	name2 := "onbuildgenerated"
+
+	_, err := buildImage(name1, `
+FROM busybox
+ONBUILD ENTRYPOINT ["echo"]`,
+		false)
+
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	_, err = buildImage(name2, fmt.Sprintf("FROM %s\nCMD [\"hello world\"]\n", name1), false)
+
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	out, _ := dockerCmd(c, "run", name2)
+
+	if !regexp.MustCompile(`(?m)^hello world`).MatchString(out) {
+		c.Fatal("got malformed output from onbuild", out)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildCacheAdd(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows doesn't have httpserver image yet
+	name := "testbuildtwoimageswithadd"
+	server, err := fakeStorage(map[string]string{
+		"robots.txt": "hello",
+		"index.html": "world",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer server.Close()
+
+	if _, err := buildImage(name,
+		fmt.Sprintf(`FROM scratch
+		ADD %s/robots.txt /`, server.URL()),
+		true); err != nil {
+		c.Fatal(err)
+	}
+	if err != nil {
+		c.Fatal(err)
+	}
+	deleteImages(name)
+	_, out, err := buildImageWithOut(name,
+		fmt.Sprintf(`FROM scratch
+		ADD %s/index.html /`, server.URL()),
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	if strings.Contains(out, "Using cache") {
+		c.Fatal("2nd build used cache on ADD, it shouldn't")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildLastModified(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows doesn't have httpserver image yet
+	name := "testbuildlastmodified"
+
+	server, err := fakeStorage(map[string]string{
+		"file": "hello",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer server.Close()
+
+	var out, out2 string
+
+	dFmt := `FROM busybox
+ADD %s/file /
+RUN ls -le /file`
+
+	dockerfile := fmt.Sprintf(dFmt, server.URL())
+
+	if _, out, err = buildImageWithOut(name, dockerfile, false); err != nil {
+		c.Fatal(err)
+	}
+
+	originMTime := regexp.MustCompile(`root.*/file.*\n`).FindString(out)
+	// Make sure our regexp is correct
+	if strings.Index(originMTime, "/file") < 0 {
+		c.Fatalf("Missing ls info on 'file':\n%s", out)
+	}
+
+	// Build it again and make sure the mtime of the file didn't change.
+	// Wait a few seconds to make sure the time changed enough to notice
+	time.Sleep(2 * time.Second)
+
+	if _, out2, err = buildImageWithOut(name, dockerfile, false); err != nil {
+		c.Fatal(err)
+	}
+
+	newMTime := regexp.MustCompile(`root.*/file.*\n`).FindString(out2)
+	if newMTime != originMTime {
+		c.Fatalf("MTime changed:\nOrigin:%s\nNew:%s", originMTime, newMTime)
+	}
+
+	// Now 'touch' the file and make sure the timestamp DID change this time
+	// Create a new fakeStorage instead of just using Add() to help windows
+	server, err = fakeStorage(map[string]string{
+		"file": "hello",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer server.Close()
+
+	dockerfile = fmt.Sprintf(dFmt, server.URL())
+
+	if _, out2, err = buildImageWithOut(name, dockerfile, false); err != nil {
+		c.Fatal(err)
+	}
+
+	newMTime = regexp.MustCompile(`root.*/file.*\n`).FindString(out2)
+	if newMTime == originMTime {
+		c.Fatalf("MTime didn't change:\nOrigin:%s\nNew:%s", originMTime, newMTime)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildSixtySteps(c *check.C) {
+	testRequires(c, DaemonIsLinux) // TODO Windows: This test passes on Windows,
+	// but currently adds a disproportionate amount of time for the value it has.
+	// Removing it from Windows CI for now, but this will be revisited in the
+	// TP5 timeframe when perf is better.
+	name := "foobuildsixtysteps"
+
+	ctx, err := fakeContext("FROM "+minimalBaseImage()+"\n"+strings.Repeat("ADD foo /\n", 60),
+		map[string]string{
+			"foo": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildAddSingleFileToRoot(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Linux specific test
+	name := "testaddimg"
+	ctx, err := fakeContext(fmt.Sprintf(`FROM busybox
+RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
+RUN echo 'dockerio:x:1001:' >> /etc/group
+RUN touch /exists
+RUN chown dockerio.dockerio /exists
+ADD test_file /
+RUN [ $(ls -l /test_file | awk '{print $3":"$4}') = 'root:root' ]
+RUN [ $(ls -l /test_file | awk '{print $1}') = '%s' ]
+RUN [ $(ls -l /exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]`, expectedFileChmod),
+		map[string]string{
+			"test_file": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+// Issue #3960: "ADD src ." hangs
+func (s *DockerSuite) TestBuildAddSingleFileToWorkdir(c *check.C) {
+	name := "testaddsinglefiletoworkdir"
+	ctx, err := fakeContext(`FROM busybox
+ADD test_file .`,
+		map[string]string{
+			"test_file": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	errChan := make(chan error)
+	go func() {
+		_, err := buildImageFromContext(name, ctx, true)
+		errChan <- err
+		close(errChan)
+	}()
+	select {
+	case <-time.After(15 * time.Second):
+		c.Fatal("Build with adding to workdir timed out")
+	case err := <-errChan:
+		c.Assert(err, check.IsNil)
+	}
+}
+
+func (s *DockerSuite) TestBuildAddSingleFileToExistDir(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Linux specific test
+	name := "testaddsinglefiletoexistdir"
+	ctx, err := fakeContext(`FROM busybox
+RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
+RUN echo 'dockerio:x:1001:' >> /etc/group
+RUN mkdir /exists
+RUN touch /exists/exists_file
+RUN chown -R dockerio.dockerio /exists
+ADD test_file /exists/
+RUN [ $(ls -l / | grep exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]
+RUN [ $(ls -l /exists/test_file | awk '{print $3":"$4}') = 'root:root' ]
+RUN [ $(ls -l /exists/exists_file | awk '{print $3":"$4}') = 'dockerio:dockerio' ]`,
+		map[string]string{
+			"test_file": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildCopyAddMultipleFiles(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Linux specific test
+	server, err := fakeStorage(map[string]string{
+		"robots.txt": "hello",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer server.Close()
+
+	name := "testcopymultiplefilestofile"
+	ctx, err := fakeContext(fmt.Sprintf(`FROM busybox
+RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
+RUN echo 'dockerio:x:1001:' >> /etc/group
+RUN mkdir /exists
+RUN touch /exists/exists_file
+RUN chown -R dockerio.dockerio /exists
+COPY test_file1 test_file2 /exists/
+ADD test_file3 test_file4 %s/robots.txt /exists/
+RUN [ $(ls -l / | grep exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]
+RUN [ $(ls -l /exists/test_file1 | awk '{print $3":"$4}') = 'root:root' ]
+RUN [ $(ls -l /exists/test_file2 | awk '{print $3":"$4}') = 'root:root' ]
+
+RUN [ $(ls -l /exists/test_file3 | awk '{print $3":"$4}') = 'root:root' ]
+RUN [ $(ls -l /exists/test_file4 | awk '{print $3":"$4}') = 'root:root' ]
+RUN [ $(ls -l /exists/robots.txt | awk '{print $3":"$4}') = 'root:root' ]
+
+RUN [ $(ls -l /exists/exists_file | awk '{print $3":"$4}') = 'dockerio:dockerio' ]
+`, server.URL()),
+		map[string]string{
+			"test_file1": "test1",
+			"test_file2": "test2",
+			"test_file3": "test3",
+			"test_file4": "test4",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+// This test is mainly for user namespaces to verify that new directories
+// are created as the remapped root uid/gid pair
+func (s *DockerSuite) TestBuildAddToNewDestination(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Linux specific test
+	name := "testaddtonewdest"
+	ctx, err := fakeContext(`FROM busybox
+ADD . /new_dir
+RUN ls -l /
+RUN [ $(ls -l / | grep new_dir | awk '{print $3":"$4}') = 'root:root' ]`,
+		map[string]string{
+			"test_dir/test_file": "test file",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+// This test is mainly for user namespaces to verify that new directories
+// are created as the remapped root uid/gid pair
+func (s *DockerSuite) TestBuildCopyToNewParentDirectory(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Linux specific test
+	name := "testcopytonewdir"
+	ctx, err := fakeContext(`FROM busybox
+COPY test_dir /new_dir
+RUN ls -l /new_dir
+RUN [ $(ls -l / | grep new_dir | awk '{print $3":"$4}') = 'root:root' ]`,
+		map[string]string{
+			"test_dir/test_file": "test file",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+// This test is mainly for user namespaces to verify that new directories
+// are created as the remapped root uid/gid pair
+func (s *DockerSuite) TestBuildWorkdirIsContainerRoot(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Linux specific test
+	name := "testworkdirownership"
+	if _, err := buildImage(name, `FROM busybox
+WORKDIR /new_dir
+RUN ls -l /
+RUN [ $(ls -l / | grep new_dir | awk '{print $3":"$4}') = 'root:root' ]`, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildAddMultipleFilesToFile(c *check.C) {
+	name := "testaddmultiplefilestofile"
+
+	ctx, err := fakeContext(`FROM `+minimalBaseImage()+`
+	ADD file1.txt file2.txt test
+	`,
+		map[string]string{
+			"file1.txt": "test1",
+			"file2.txt": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	expected := "When using ADD with more than one source file, the destination must be a directory and end with a /"
+	if _, err := buildImageFromContext(name, ctx, true); err == nil || !strings.Contains(err.Error(), expected) {
+		c.Fatalf("Wrong error: (should contain %q) got:\n%v", expected, err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildJSONAddMultipleFilesToFile(c *check.C) {
+	name := "testjsonaddmultiplefilestofile"
+
+	ctx, err := fakeContext(`FROM `+minimalBaseImage()+`
+	ADD ["file1.txt", "file2.txt", "test"]
+	`,
+		map[string]string{
+			"file1.txt": "test1",
+			"file2.txt": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	expected := "When using ADD with more than one source file, the destination must be a directory and end with a /"
+	if _, err := buildImageFromContext(name, ctx, true); err == nil || !strings.Contains(err.Error(), expected) {
+		c.Fatalf("Wrong error: (should contain %q) got:\n%v", expected, err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildAddMultipleFilesToFileWild(c *check.C) {
+	name := "testaddmultiplefilestofilewild"
+
+	ctx, err := fakeContext(`FROM `+minimalBaseImage()+`
+	ADD file*.txt test
+	`,
+		map[string]string{
+			"file1.txt": "test1",
+			"file2.txt": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	expected := "When using ADD with more than one source file, the destination must be a directory and end with a /"
+	if _, err := buildImageFromContext(name, ctx, true); err == nil || !strings.Contains(err.Error(), expected) {
+		c.Fatalf("Wrong error: (should contain %q) got:\n%v", expected, err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildJSONAddMultipleFilesToFileWild(c *check.C) {
+	name := "testjsonaddmultiplefilestofilewild"
+
+	ctx, err := fakeContext(`FROM `+minimalBaseImage()+`
+	ADD ["file*.txt", "test"]
+	`,
+		map[string]string{
+			"file1.txt": "test1",
+			"file2.txt": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	expected := "When using ADD with more than one source file, the destination must be a directory and end with a /"
+	if _, err := buildImageFromContext(name, ctx, true); err == nil || !strings.Contains(err.Error(), expected) {
+		c.Fatalf("Wrong error: (should contain %q) got:\n%v", expected, err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildCopyMultipleFilesToFile(c *check.C) {
+	name := "testcopymultiplefilestofile"
+
+	ctx, err := fakeContext(`FROM `+minimalBaseImage()+`
+	COPY file1.txt file2.txt test
+	`,
+		map[string]string{
+			"file1.txt": "test1",
+			"file2.txt": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	expected := "When using COPY with more than one source file, the destination must be a directory and end with a /"
+	if _, err := buildImageFromContext(name, ctx, true); err == nil || !strings.Contains(err.Error(), expected) {
+		c.Fatalf("Wrong error: (should contain %q) got:\n%v", expected, err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildJSONCopyMultipleFilesToFile(c *check.C) {
+	name := "testjsoncopymultiplefilestofile"
+
+	ctx, err := fakeContext(`FROM `+minimalBaseImage()+`
+	COPY ["file1.txt", "file2.txt", "test"]
+	`,
+		map[string]string{
+			"file1.txt": "test1",
+			"file2.txt": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	expected := "When using COPY with more than one source file, the destination must be a directory and end with a /"
+	if _, err := buildImageFromContext(name, ctx, true); err == nil || !strings.Contains(err.Error(), expected) {
+		c.Fatalf("Wrong error: (should contain %q) got:\n%v", expected, err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildAddFileWithWhitespace(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Not currently passing on Windows
+	name := "testaddfilewithwhitespace"
+	ctx, err := fakeContext(`FROM busybox
+RUN mkdir "/test dir"
+RUN mkdir "/test_dir"
+ADD [ "test file1", "/test_file1" ]
+ADD [ "test_file2", "/test file2" ]
+ADD [ "test file3", "/test file3" ]
+ADD [ "test dir/test_file4", "/test_dir/test_file4" ]
+ADD [ "test_dir/test_file5", "/test dir/test_file5" ]
+ADD [ "test dir/test_file6", "/test dir/test_file6" ]
+RUN [ $(cat "/test_file1") = 'test1' ]
+RUN [ $(cat "/test file2") = 'test2' ]
+RUN [ $(cat "/test file3") = 'test3' ]
+RUN [ $(cat "/test_dir/test_file4") = 'test4' ]
+RUN [ $(cat "/test dir/test_file5") = 'test5' ]
+RUN [ $(cat "/test dir/test_file6") = 'test6' ]`,
+		map[string]string{
+			"test file1":          "test1",
+			"test_file2":          "test2",
+			"test file3":          "test3",
+			"test dir/test_file4": "test4",
+			"test_dir/test_file5": "test5",
+			"test dir/test_file6": "test6",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildCopyFileWithWhitespace(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Not currently passing on Windows
+	name := "testcopyfilewithwhitespace"
+	ctx, err := fakeContext(`FROM busybox
+RUN mkdir "/test dir"
+RUN mkdir "/test_dir"
+COPY [ "test file1", "/test_file1" ]
+COPY [ "test_file2", "/test file2" ]
+COPY [ "test file3", "/test file3" ]
+COPY [ "test dir/test_file4", "/test_dir/test_file4" ]
+COPY [ "test_dir/test_file5", "/test dir/test_file5" ]
+COPY [ "test dir/test_file6", "/test dir/test_file6" ]
+RUN [ $(cat "/test_file1") = 'test1' ]
+RUN [ $(cat "/test file2") = 'test2' ]
+RUN [ $(cat "/test file3") = 'test3' ]
+RUN [ $(cat "/test_dir/test_file4") = 'test4' ]
+RUN [ $(cat "/test dir/test_file5") = 'test5' ]
+RUN [ $(cat "/test dir/test_file6") = 'test6' ]`,
+		map[string]string{
+			"test file1":          "test1",
+			"test_file2":          "test2",
+			"test file3":          "test3",
+			"test dir/test_file4": "test4",
+			"test_dir/test_file5": "test5",
+			"test dir/test_file6": "test6",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildAddMultipleFilesToFileWithWhitespace(c *check.C) {
+	name := "testaddmultiplefilestofilewithwhitespace"
+	ctx, err := fakeContext(`FROM busybox
+	ADD [ "test file1", "test file2", "test" ]
+    `,
+		map[string]string{
+			"test file1": "test1",
+			"test file2": "test2",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	expected := "When using ADD with more than one source file, the destination must be a directory and end with a /"
+	if _, err := buildImageFromContext(name, ctx, true); err == nil || !strings.Contains(err.Error(), expected) {
+		c.Fatalf("Wrong error: (should contain %q) got:\n%v", expected, err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildCopyMultipleFilesToFileWithWhitespace(c *check.C) {
+	name := "testcopymultiplefilestofilewithwhitespace"
+	ctx, err := fakeContext(`FROM busybox
+	COPY [ "test file1", "test file2", "test" ]
+        `,
+		map[string]string{
+			"test file1": "test1",
+			"test file2": "test2",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	expected := "When using COPY with more than one source file, the destination must be a directory and end with a /"
+	if _, err := buildImageFromContext(name, ctx, true); err == nil || !strings.Contains(err.Error(), expected) {
+		c.Fatalf("Wrong error: (should contain %q) got:\n%v", expected, err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildCopyWildcard(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows doesn't have httpserver image yet
+	name := "testcopywildcard"
+	server, err := fakeStorage(map[string]string{
+		"robots.txt": "hello",
+		"index.html": "world",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer server.Close()
+
+	ctx, err := fakeContext(fmt.Sprintf(`FROM busybox
+	COPY file*.txt /tmp/
+	RUN ls /tmp/file1.txt /tmp/file2.txt
+	RUN mkdir /tmp1
+	COPY dir* /tmp1/
+	RUN ls /tmp1/dirt /tmp1/nested_file /tmp1/nested_dir/nest_nest_file
+	RUN mkdir /tmp2
+        ADD dir/*dir %s/robots.txt /tmp2/
+	RUN ls /tmp2/nest_nest_file /tmp2/robots.txt
+	`, server.URL()),
+		map[string]string{
+			"file1.txt":                     "test1",
+			"file2.txt":                     "test2",
+			"dir/nested_file":               "nested file",
+			"dir/nested_dir/nest_nest_file": "2 times nested",
+			"dirt": "dirty",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	id1, err := buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	// Now make sure we use a cache the 2nd time
+	id2, err := buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	if id1 != id2 {
+		c.Fatal("didn't use the cache")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildCopyWildcardNoFind(c *check.C) {
+	name := "testcopywildcardnofind"
+	ctx, err := fakeContext(`FROM busybox
+	COPY file*.txt /tmp/
+	`, nil)
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	_, err = buildImageFromContext(name, ctx, true)
+	if err == nil {
+		c.Fatal("should have failed to find a file")
+	}
+	if !strings.Contains(err.Error(), "No source files were specified") {
+		c.Fatalf("Wrong error %v, must be about no source files", err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildCopyWildcardInName(c *check.C) {
+	name := "testcopywildcardinname"
+	ctx, err := fakeContext(`FROM busybox
+	COPY *.txt /tmp/
+	RUN [ "$(cat /tmp/\*.txt)" = 'hi there' ]
+	`, map[string]string{"*.txt": "hi there"})
+
+	if err != nil {
+		// Normally we would do c.Fatal(err) here but given that
+		// the odds of this failing are so rare, it must be because
+		// the OS we're running the client on doesn't support * in
+		// filenames (like windows).  So, instead of failing the test
+		// just let it pass. Then we don't need to explicitly
+		// say which OSs this works on or not.
+		return
+	}
+	defer ctx.Close()
+
+	_, err = buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatalf("should have built: %q", err)
+	}
+}
+
+func (s *DockerSuite) TestBuildCopyWildcardCache(c *check.C) {
+	name := "testcopywildcardcache"
+	ctx, err := fakeContext(`FROM busybox
+	COPY file1.txt /tmp/`,
+		map[string]string{
+			"file1.txt": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	id1, err := buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	// Now make sure we use a cache the 2nd time even with wild cards.
+	// Use the same context so the file is the same and the checksum will match
+	ctx.Add("Dockerfile", `FROM busybox
+	COPY file*.txt /tmp/`)
+
+	id2, err := buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	if id1 != id2 {
+		c.Fatal("didn't use the cache")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildAddSingleFileToNonExistingDir(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Linux specific test
+	name := "testaddsinglefiletononexistingdir"
+	ctx, err := fakeContext(`FROM busybox
+RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
+RUN echo 'dockerio:x:1001:' >> /etc/group
+RUN touch /exists
+RUN chown dockerio.dockerio /exists
+ADD test_file /test_dir/
+RUN [ $(ls -l / | grep test_dir | awk '{print $3":"$4}') = 'root:root' ]
+RUN [ $(ls -l /test_dir/test_file | awk '{print $3":"$4}') = 'root:root' ]
+RUN [ $(ls -l /exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]`,
+		map[string]string{
+			"test_file": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildAddDirContentToRoot(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Linux specific test
+	name := "testadddircontenttoroot"
+	ctx, err := fakeContext(`FROM busybox
+RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
+RUN echo 'dockerio:x:1001:' >> /etc/group
+RUN touch /exists
+RUN chown dockerio.dockerio exists
+ADD test_dir /
+RUN [ $(ls -l /test_file | awk '{print $3":"$4}') = 'root:root' ]
+RUN [ $(ls -l /exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]`,
+		map[string]string{
+			"test_dir/test_file": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildAddDirContentToExistingDir(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Linux specific test
+	name := "testadddircontenttoexistingdir"
+	ctx, err := fakeContext(`FROM busybox
+RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
+RUN echo 'dockerio:x:1001:' >> /etc/group
+RUN mkdir /exists
+RUN touch /exists/exists_file
+RUN chown -R dockerio.dockerio /exists
+ADD test_dir/ /exists/
+RUN [ $(ls -l / | grep exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]
+RUN [ $(ls -l /exists/exists_file | awk '{print $3":"$4}') = 'dockerio:dockerio' ]
+RUN [ $(ls -l /exists/test_file | awk '{print $3":"$4}') = 'root:root' ]`,
+		map[string]string{
+			"test_dir/test_file": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildAddWholeDirToRoot(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Linux specific test
+	name := "testaddwholedirtoroot"
+	ctx, err := fakeContext(fmt.Sprintf(`FROM busybox
+RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
+RUN echo 'dockerio:x:1001:' >> /etc/group
+RUN touch /exists
+RUN chown dockerio.dockerio exists
+ADD test_dir /test_dir
+RUN [ $(ls -l / | grep test_dir | awk '{print $3":"$4}') = 'root:root' ]
+RUN [ $(ls -l / | grep test_dir | awk '{print $1}') = 'drwxr-xr-x' ]
+RUN [ $(ls -l /test_dir/test_file | awk '{print $3":"$4}') = 'root:root' ]
+RUN [ $(ls -l /test_dir/test_file | awk '{print $1}') = '%s' ]
+RUN [ $(ls -l /exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]`, expectedFileChmod),
+		map[string]string{
+			"test_dir/test_file": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+// Testing #5941
+func (s *DockerSuite) TestBuildAddEtcToRoot(c *check.C) {
+	name := "testaddetctoroot"
+
+	ctx, err := fakeContext(`FROM `+minimalBaseImage()+`
+ADD . /`,
+		map[string]string{
+			"etc/test_file": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+// Testing #9401
+func (s *DockerSuite) TestBuildAddPreservesFilesSpecialBits(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Linux specific test
+	name := "testaddpreservesfilesspecialbits"
+	ctx, err := fakeContext(`FROM busybox
+ADD suidbin /usr/bin/suidbin
+RUN chmod 4755 /usr/bin/suidbin
+RUN [ $(ls -l /usr/bin/suidbin | awk '{print $1}') = '-rwsr-xr-x' ]
+ADD ./data/ /
+RUN [ $(ls -l /usr/bin/suidbin | awk '{print $1}') = '-rwsr-xr-x' ]`,
+		map[string]string{
+			"suidbin":             "suidbin",
+			"/data/usr/test_file": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildCopySingleFileToRoot(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Linux specific test
+	name := "testcopysinglefiletoroot"
+	ctx, err := fakeContext(fmt.Sprintf(`FROM busybox
+RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
+RUN echo 'dockerio:x:1001:' >> /etc/group
+RUN touch /exists
+RUN chown dockerio.dockerio /exists
+COPY test_file /
+RUN [ $(ls -l /test_file | awk '{print $3":"$4}') = 'root:root' ]
+RUN [ $(ls -l /test_file | awk '{print $1}') = '%s' ]
+RUN [ $(ls -l /exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]`, expectedFileChmod),
+		map[string]string{
+			"test_file": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+// Issue #3960: "ADD src ." hangs - adapted for COPY
+func (s *DockerSuite) TestBuildCopySingleFileToWorkdir(c *check.C) {
+	name := "testcopysinglefiletoworkdir"
+	ctx, err := fakeContext(`FROM busybox
+COPY test_file .`,
+		map[string]string{
+			"test_file": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	errChan := make(chan error)
+	go func() {
+		_, err := buildImageFromContext(name, ctx, true)
+		errChan <- err
+		close(errChan)
+	}()
+	select {
+	case <-time.After(15 * time.Second):
+		c.Fatal("Build with adding to workdir timed out")
+	case err := <-errChan:
+		c.Assert(err, check.IsNil)
+	}
+}
+
+func (s *DockerSuite) TestBuildCopySingleFileToExistDir(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Linux specific test
+	name := "testcopysinglefiletoexistdir"
+	ctx, err := fakeContext(`FROM busybox
+RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
+RUN echo 'dockerio:x:1001:' >> /etc/group
+RUN mkdir /exists
+RUN touch /exists/exists_file
+RUN chown -R dockerio.dockerio /exists
+COPY test_file /exists/
+RUN [ $(ls -l / | grep exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]
+RUN [ $(ls -l /exists/test_file | awk '{print $3":"$4}') = 'root:root' ]
+RUN [ $(ls -l /exists/exists_file | awk '{print $3":"$4}') = 'dockerio:dockerio' ]`,
+		map[string]string{
+			"test_file": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildCopySingleFileToNonExistDir(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Linux specific test
+	name := "testcopysinglefiletononexistdir"
+	ctx, err := fakeContext(`FROM busybox
+RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
+RUN echo 'dockerio:x:1001:' >> /etc/group
+RUN touch /exists
+RUN chown dockerio.dockerio /exists
+COPY test_file /test_dir/
+RUN [ $(ls -l / | grep test_dir | awk '{print $3":"$4}') = 'root:root' ]
+RUN [ $(ls -l /test_dir/test_file | awk '{print $3":"$4}') = 'root:root' ]
+RUN [ $(ls -l /exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]`,
+		map[string]string{
+			"test_file": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildCopyDirContentToRoot(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Linux specific test
+	name := "testcopydircontenttoroot"
+	ctx, err := fakeContext(`FROM busybox
+RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
+RUN echo 'dockerio:x:1001:' >> /etc/group
+RUN touch /exists
+RUN chown dockerio.dockerio exists
+COPY test_dir /
+RUN [ $(ls -l /test_file | awk '{print $3":"$4}') = 'root:root' ]
+RUN [ $(ls -l /exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]`,
+		map[string]string{
+			"test_dir/test_file": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildCopyDirContentToExistDir(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Linux specific test
+	name := "testcopydircontenttoexistdir"
+	ctx, err := fakeContext(`FROM busybox
+RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
+RUN echo 'dockerio:x:1001:' >> /etc/group
+RUN mkdir /exists
+RUN touch /exists/exists_file
+RUN chown -R dockerio.dockerio /exists
+COPY test_dir/ /exists/
+RUN [ $(ls -l / | grep exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]
+RUN [ $(ls -l /exists/exists_file | awk '{print $3":"$4}') = 'dockerio:dockerio' ]
+RUN [ $(ls -l /exists/test_file | awk '{print $3":"$4}') = 'root:root' ]`,
+		map[string]string{
+			"test_dir/test_file": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildCopyWholeDirToRoot(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Linux specific test
+	name := "testcopywholedirtoroot"
+	ctx, err := fakeContext(fmt.Sprintf(`FROM busybox
+RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
+RUN echo 'dockerio:x:1001:' >> /etc/group
+RUN touch /exists
+RUN chown dockerio.dockerio exists
+COPY test_dir /test_dir
+RUN [ $(ls -l / | grep test_dir | awk '{print $3":"$4}') = 'root:root' ]
+RUN [ $(ls -l / | grep test_dir | awk '{print $1}') = 'drwxr-xr-x' ]
+RUN [ $(ls -l /test_dir/test_file | awk '{print $3":"$4}') = 'root:root' ]
+RUN [ $(ls -l /test_dir/test_file | awk '{print $1}') = '%s' ]
+RUN [ $(ls -l /exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]`, expectedFileChmod),
+		map[string]string{
+			"test_dir/test_file": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildCopyEtcToRoot(c *check.C) {
+	name := "testcopyetctoroot"
+
+	ctx, err := fakeContext(`FROM `+minimalBaseImage()+`
+COPY . /`,
+		map[string]string{
+			"etc/test_file": "test1",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildCopyDisallowRemote(c *check.C) {
+	name := "testcopydisallowremote"
+
+	_, out, err := buildImageWithOut(name, `FROM `+minimalBaseImage()+`
+COPY https://index.docker.io/robots.txt /`,
+		true)
+	if err == nil || !strings.Contains(out, "Source can't be a URL for COPY") {
+		c.Fatalf("Error should be about disallowed remote source, got err: %s, out: %q", err, out)
+	}
+}
+
+func (s *DockerSuite) TestBuildAddBadLinks(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Not currently working on Windows
+
+	dockerfile := `
+		FROM scratch
+		ADD links.tar /
+		ADD foo.txt /symlink/
+		`
+	targetFile := "foo.txt"
+	var (
+		name = "test-link-absolute"
+	)
+	ctx, err := fakeContext(dockerfile, nil)
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	tempDir, err := ioutil.TempDir("", "test-link-absolute-temp-")
+	if err != nil {
+		c.Fatalf("failed to create temporary directory: %s", tempDir)
+	}
+	defer os.RemoveAll(tempDir)
+
+	var symlinkTarget string
+	if runtime.GOOS == "windows" {
+		var driveLetter string
+		if abs, err := filepath.Abs(tempDir); err != nil {
+			c.Fatal(err)
+		} else {
+			driveLetter = abs[:1]
+		}
+		tempDirWithoutDrive := tempDir[2:]
+		symlinkTarget = fmt.Sprintf(`%s:\..\..\..\..\..\..\..\..\..\..\..\..%s`, driveLetter, tempDirWithoutDrive)
+	} else {
+		symlinkTarget = fmt.Sprintf("/../../../../../../../../../../../..%s", tempDir)
+	}
+
+	tarPath := filepath.Join(ctx.Dir, "links.tar")
+	nonExistingFile := filepath.Join(tempDir, targetFile)
+	fooPath := filepath.Join(ctx.Dir, targetFile)
+
+	tarOut, err := os.Create(tarPath)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	tarWriter := tar.NewWriter(tarOut)
+
+	header := &tar.Header{
+		Name:     "symlink",
+		Typeflag: tar.TypeSymlink,
+		Linkname: symlinkTarget,
+		Mode:     0755,
+		Uid:      0,
+		Gid:      0,
+	}
+
+	err = tarWriter.WriteHeader(header)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	tarWriter.Close()
+	tarOut.Close()
+
+	foo, err := os.Create(fooPath)
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer foo.Close()
+
+	if _, err := foo.WriteString("test"); err != nil {
+		c.Fatal(err)
+	}
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+
+	if _, err := os.Stat(nonExistingFile); err == nil || err != nil && !os.IsNotExist(err) {
+		c.Fatalf("%s shouldn't have been written and it shouldn't exist", nonExistingFile)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildAddBadLinksVolume(c *check.C) {
+	testRequires(c, DaemonIsLinux) // ln not implemented on Windows busybox
+	const (
+		dockerfileTemplate = `
+		FROM busybox
+		RUN ln -s /../../../../../../../../%s /x
+		VOLUME /x
+		ADD foo.txt /x/`
+		targetFile = "foo.txt"
+	)
+	var (
+		name       = "test-link-absolute-volume"
+		dockerfile = ""
+	)
+
+	tempDir, err := ioutil.TempDir("", "test-link-absolute-volume-temp-")
+	if err != nil {
+		c.Fatalf("failed to create temporary directory: %s", tempDir)
+	}
+	defer os.RemoveAll(tempDir)
+
+	dockerfile = fmt.Sprintf(dockerfileTemplate, tempDir)
+	nonExistingFile := filepath.Join(tempDir, targetFile)
+
+	ctx, err := fakeContext(dockerfile, nil)
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	fooPath := filepath.Join(ctx.Dir, targetFile)
+
+	foo, err := os.Create(fooPath)
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer foo.Close()
+
+	if _, err := foo.WriteString("test"); err != nil {
+		c.Fatal(err)
+	}
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+
+	if _, err := os.Stat(nonExistingFile); err == nil || err != nil && !os.IsNotExist(err) {
+		c.Fatalf("%s shouldn't have been written and it shouldn't exist", nonExistingFile)
+	}
+
+}
+
+// Issue #5270 - ensure we throw a better error than "unexpected EOF"
+// when we can't access files in the context.
+func (s *DockerSuite) TestBuildWithInaccessibleFilesInContext(c *check.C) {
+	testRequires(c, DaemonIsLinux, UnixCli) // test uses chown/chmod: not available on windows
+
+	{
+		name := "testbuildinaccessiblefiles"
+		ctx, err := fakeContext("FROM scratch\nADD . /foo/", map[string]string{"fileWithoutReadAccess": "foo"})
+		if err != nil {
+			c.Fatal(err)
+		}
+		defer ctx.Close()
+		// This is used to ensure we detect inaccessible files early during build in the cli client
+		pathToFileWithoutReadAccess := filepath.Join(ctx.Dir, "fileWithoutReadAccess")
+
+		if err = os.Chown(pathToFileWithoutReadAccess, 0, 0); err != nil {
+			c.Fatalf("failed to chown file to root: %s", err)
+		}
+		if err = os.Chmod(pathToFileWithoutReadAccess, 0700); err != nil {
+			c.Fatalf("failed to chmod file to 700: %s", err)
+		}
+		buildCmd := exec.Command("su", "unprivilegeduser", "-c", fmt.Sprintf("%s build -t %s .", dockerBinary, name))
+		buildCmd.Dir = ctx.Dir
+		out, _, err := runCommandWithOutput(buildCmd)
+		if err == nil {
+			c.Fatalf("build should have failed: %s %s", err, out)
+		}
+
+		// check if we've detected the failure before we started building
+		if !strings.Contains(out, "no permission to read from ") {
+			c.Fatalf("output should've contained the string: no permission to read from but contained: %s", out)
+		}
+
+		if !strings.Contains(out, "Error checking context") {
+			c.Fatalf("output should've contained the string: Error checking context")
+		}
+	}
+	{
+		name := "testbuildinaccessibledirectory"
+		ctx, err := fakeContext("FROM scratch\nADD . /foo/", map[string]string{"directoryWeCantStat/bar": "foo"})
+		if err != nil {
+			c.Fatal(err)
+		}
+		defer ctx.Close()
+		// This is used to ensure we detect inaccessible directories early during build in the cli client
+		pathToDirectoryWithoutReadAccess := filepath.Join(ctx.Dir, "directoryWeCantStat")
+		pathToFileInDirectoryWithoutReadAccess := filepath.Join(pathToDirectoryWithoutReadAccess, "bar")
+
+		if err = os.Chown(pathToDirectoryWithoutReadAccess, 0, 0); err != nil {
+			c.Fatalf("failed to chown directory to root: %s", err)
+		}
+		if err = os.Chmod(pathToDirectoryWithoutReadAccess, 0444); err != nil {
+			c.Fatalf("failed to chmod directory to 444: %s", err)
+		}
+		if err = os.Chmod(pathToFileInDirectoryWithoutReadAccess, 0700); err != nil {
+			c.Fatalf("failed to chmod file to 700: %s", err)
+		}
+
+		buildCmd := exec.Command("su", "unprivilegeduser", "-c", fmt.Sprintf("%s build -t %s .", dockerBinary, name))
+		buildCmd.Dir = ctx.Dir
+		out, _, err := runCommandWithOutput(buildCmd)
+		if err == nil {
+			c.Fatalf("build should have failed: %s %s", err, out)
+		}
+
+		// check if we've detected the failure before we started building
+		if !strings.Contains(out, "can't stat") {
+			c.Fatalf("output should've contained the string: can't access %s", out)
+		}
+
+		if !strings.Contains(out, "Error checking context") {
+			c.Fatalf("output should've contained the string: Error checking context\ngot:%s", out)
+		}
+
+	}
+	{
+		name := "testlinksok"
+		ctx, err := fakeContext("FROM scratch\nADD . /foo/", nil)
+		if err != nil {
+			c.Fatal(err)
+		}
+		defer ctx.Close()
+
+		target := "../../../../../../../../../../../../../../../../../../../azA"
+		if err := os.Symlink(filepath.Join(ctx.Dir, "g"), target); err != nil {
+			c.Fatal(err)
+		}
+		defer os.Remove(target)
+		// This is used to ensure we don't follow links when checking if everything in the context is accessible
+		// This test doesn't require that we run commands as an unprivileged user
+		if _, err := buildImageFromContext(name, ctx, true); err != nil {
+			c.Fatal(err)
+		}
+	}
+	{
+		name := "testbuildignoredinaccessible"
+		ctx, err := fakeContext("FROM scratch\nADD . /foo/",
+			map[string]string{
+				"directoryWeCantStat/bar": "foo",
+				".dockerignore":           "directoryWeCantStat",
+			})
+		if err != nil {
+			c.Fatal(err)
+		}
+		defer ctx.Close()
+		// This is used to ensure we don't try to add inaccessible files when they are ignored by a .dockerignore pattern
+		pathToDirectoryWithoutReadAccess := filepath.Join(ctx.Dir, "directoryWeCantStat")
+		pathToFileInDirectoryWithoutReadAccess := filepath.Join(pathToDirectoryWithoutReadAccess, "bar")
+		if err = os.Chown(pathToDirectoryWithoutReadAccess, 0, 0); err != nil {
+			c.Fatalf("failed to chown directory to root: %s", err)
+		}
+		if err = os.Chmod(pathToDirectoryWithoutReadAccess, 0444); err != nil {
+			c.Fatalf("failed to chmod directory to 755: %s", err)
+		}
+		if err = os.Chmod(pathToFileInDirectoryWithoutReadAccess, 0700); err != nil {
+			c.Fatalf("failed to chmod file to 444: %s", err)
+		}
+
+		buildCmd := exec.Command("su", "unprivilegeduser", "-c", fmt.Sprintf("%s build -t %s .", dockerBinary, name))
+		buildCmd.Dir = ctx.Dir
+		if out, _, err := runCommandWithOutput(buildCmd); err != nil {
+			c.Fatalf("build should have worked: %s %s", err, out)
+		}
+
+	}
+}
+
+func (s *DockerSuite) TestBuildForceRm(c *check.C) {
+	containerCountBefore, err := getContainerCount()
+	if err != nil {
+		c.Fatalf("failed to get the container count: %s", err)
+	}
+	name := "testbuildforcerm"
+
+	ctx, err := fakeContext(`FROM `+minimalBaseImage()+`
+	RUN true
+	RUN thiswillfail`, nil)
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	dockerCmdInDir(c, ctx.Dir, "build", "-t", name, "--force-rm", ".")
+
+	containerCountAfter, err := getContainerCount()
+	if err != nil {
+		c.Fatalf("failed to get the container count: %s", err)
+	}
+
+	if containerCountBefore != containerCountAfter {
+		c.Fatalf("--force-rm shouldn't have left containers behind")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildRm(c *check.C) {
+	name := "testbuildrm"
+
+	ctx, err := fakeContext(`FROM `+minimalBaseImage()+`
+	ADD foo /
+	ADD foo /`, map[string]string{"foo": "bar"})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	{
+		containerCountBefore, err := getContainerCount()
+		if err != nil {
+			c.Fatalf("failed to get the container count: %s", err)
+		}
+
+		out, _, err := dockerCmdInDir(c, ctx.Dir, "build", "--rm", "-t", name, ".")
+
+		if err != nil {
+			c.Fatal("failed to build the image", out)
+		}
+
+		containerCountAfter, err := getContainerCount()
+		if err != nil {
+			c.Fatalf("failed to get the container count: %s", err)
+		}
+
+		if containerCountBefore != containerCountAfter {
+			c.Fatalf("-rm shouldn't have left containers behind")
+		}
+		deleteImages(name)
+	}
+
+	{
+		containerCountBefore, err := getContainerCount()
+		if err != nil {
+			c.Fatalf("failed to get the container count: %s", err)
+		}
+
+		out, _, err := dockerCmdInDir(c, ctx.Dir, "build", "-t", name, ".")
+
+		if err != nil {
+			c.Fatal("failed to build the image", out)
+		}
+
+		containerCountAfter, err := getContainerCount()
+		if err != nil {
+			c.Fatalf("failed to get the container count: %s", err)
+		}
+
+		if containerCountBefore != containerCountAfter {
+			c.Fatalf("--rm shouldn't have left containers behind")
+		}
+		deleteImages(name)
+	}
+
+	{
+		containerCountBefore, err := getContainerCount()
+		if err != nil {
+			c.Fatalf("failed to get the container count: %s", err)
+		}
+
+		out, _, err := dockerCmdInDir(c, ctx.Dir, "build", "--rm=false", "-t", name, ".")
+
+		if err != nil {
+			c.Fatal("failed to build the image", out)
+		}
+
+		containerCountAfter, err := getContainerCount()
+		if err != nil {
+			c.Fatalf("failed to get the container count: %s", err)
+		}
+
+		if containerCountBefore == containerCountAfter {
+			c.Fatalf("--rm=false should have left containers behind")
+		}
+		deleteImages(name)
+
+	}
+
+}
+
+func (s *DockerSuite) TestBuildWithVolumes(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Invalid volume paths on Windows
+	var (
+		result   map[string]map[string]struct{}
+		name     = "testbuildvolumes"
+		emptyMap = make(map[string]struct{})
+		expected = map[string]map[string]struct{}{
+			"/test1":  emptyMap,
+			"/test2":  emptyMap,
+			"/test3":  emptyMap,
+			"/test4":  emptyMap,
+			"/test5":  emptyMap,
+			"/test6":  emptyMap,
+			"[/test7": emptyMap,
+			"/test8]": emptyMap,
+		}
+	)
+	_, err := buildImage(name,
+		`FROM scratch
+		VOLUME /test1
+		VOLUME /test2
+    VOLUME /test3 /test4
+    VOLUME ["/test5", "/test6"]
+    VOLUME [/test7 /test8]
+    `,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	res := inspectFieldJSON(c, name, "Config.Volumes")
+
+	err = unmarshalJSON([]byte(res), &result)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	equal := reflect.DeepEqual(&result, &expected)
+
+	if !equal {
+		c.Fatalf("Volumes %s, expected %s", result, expected)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildMaintainer(c *check.C) {
+	name := "testbuildmaintainer"
+
+	expected := "dockerio"
+	_, err := buildImage(name,
+		`FROM `+minimalBaseImage()+`
+        MAINTAINER dockerio`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	res := inspectField(c, name, "Author")
+	if res != expected {
+		c.Fatalf("Maintainer %s, expected %s", res, expected)
+	}
+}
+
+func (s *DockerSuite) TestBuildUser(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testbuilduser"
+	expected := "dockerio"
+	_, err := buildImage(name,
+		`FROM busybox
+		RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
+		USER dockerio
+		RUN [ $(whoami) = 'dockerio' ]`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	res := inspectField(c, name, "Config.User")
+	if res != expected {
+		c.Fatalf("User %s, expected %s", res, expected)
+	}
+}
+
+func (s *DockerSuite) TestBuildRelativeWorkdir(c *check.C) {
+	name := "testbuildrelativeworkdir"
+
+	var (
+		expected1     string
+		expected2     string
+		expected3     string
+		expected4     string
+		expectedFinal string
+	)
+	if daemonPlatform == "windows" {
+		expected1 = `C:/Windows/system32`
+		expected2 = `C:/test1`
+		expected3 = `C:/test2`
+		expected4 = `C:/test2/test3`
+		expectedFinal = `\test2\test3`
+	} else {
+		expected1 = `/`
+		expected2 = `/test1`
+		expected3 = `/test2`
+		expected4 = `/test2/test3`
+		expectedFinal = `/test2/test3`
+	}
+
+	_, err := buildImage(name,
+		`FROM busybox
+		RUN sh -c "[ "$PWD" = '`+expected1+`' ]"
+		WORKDIR test1
+		RUN sh -c "[ "$PWD" = '`+expected2+`' ]"
+		WORKDIR /test2
+		RUN sh -c "[ "$PWD" = '`+expected3+`' ]"
+		WORKDIR test3
+		RUN sh -c "[ "$PWD" = '`+expected4+`' ]"`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	res := inspectField(c, name, "Config.WorkingDir")
+	if res != expectedFinal {
+		c.Fatalf("Workdir %s, expected %s", res, expectedFinal)
+	}
+}
+
+func (s *DockerSuite) TestBuildWorkdirWithEnvVariables(c *check.C) {
+	name := "testbuildworkdirwithenvvariables"
+
+	var expected string
+	if daemonPlatform == "windows" {
+		expected = `\test1\test2`
+	} else {
+		expected = `/test1/test2`
+	}
+
+	_, err := buildImage(name,
+		`FROM busybox
+		ENV DIRPATH /test1
+		ENV SUBDIRNAME test2
+		WORKDIR $DIRPATH
+		WORKDIR $SUBDIRNAME/$MISSING_VAR`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	res := inspectField(c, name, "Config.WorkingDir")
+	if res != expected {
+		c.Fatalf("Workdir %s, expected %s", res, expected)
+	}
+}
+
+func (s *DockerSuite) TestBuildRelativeCopy(c *check.C) {
+	// cat /test1/test2/foo gets permission denied for the user
+	testRequires(c, NotUserNamespace)
+
+	var expected string
+	if daemonPlatform == "windows" {
+		expected = `C:/test1/test2`
+	} else {
+		expected = `/test1/test2`
+	}
+
+	name := "testbuildrelativecopy"
+	dockerfile := `
+		FROM busybox
+			WORKDIR /test1
+			WORKDIR test2
+			RUN sh -c "[ "$PWD" = '` + expected + `' ]"
+			COPY foo ./
+			RUN sh -c "[ $(cat /test1/test2/foo) = 'hello' ]"
+			ADD foo ./bar/baz
+			RUN sh -c "[ $(cat /test1/test2/bar/baz) = 'hello' ]"
+			COPY foo ./bar/baz2
+			RUN sh -c "[ $(cat /test1/test2/bar/baz2) = 'hello' ]"
+			WORKDIR ..
+			COPY foo ./
+			RUN sh -c "[ $(cat /test1/foo) = 'hello' ]"
+			COPY foo /test3/
+			RUN sh -c "[ $(cat /test3/foo) = 'hello' ]"
+			WORKDIR /test4
+			COPY . .
+			RUN sh -c "[ $(cat /test4/foo) = 'hello' ]"
+			WORKDIR /test5/test6
+			COPY foo ../
+			RUN sh -c "[ $(cat /test5/foo) = 'hello' ]"
+			`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"foo": "hello",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	_, err = buildImageFromContext(name, ctx, false)
+	if err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildEnv(c *check.C) {
+	testRequires(c, DaemonIsLinux) // ENV expansion is different in Windows
+	name := "testbuildenv"
+	expected := "[PATH=/test:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin PORT=2375]"
+	_, err := buildImage(name,
+		`FROM busybox
+		ENV PATH /test:$PATH
+        ENV PORT 2375
+		RUN [ $(env | grep PORT) = 'PORT=2375' ]`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	res := inspectField(c, name, "Config.Env")
+	if res != expected {
+		c.Fatalf("Env %s, expected %s", res, expected)
+	}
+}
+
+func (s *DockerSuite) TestBuildPATH(c *check.C) {
+	testRequires(c, DaemonIsLinux) // ENV expansion is different in Windows
+
+	defPath := "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+
+	fn := func(dockerfile string, exp string) {
+		_, err := buildImage("testbldpath", dockerfile, true)
+		c.Assert(err, check.IsNil)
+
+		res := inspectField(c, "testbldpath", "Config.Env")
+
+		if res != exp {
+			c.Fatalf("Env %q, expected %q for dockerfile:%q", res, exp, dockerfile)
+		}
+	}
+
+	tests := []struct{ dockerfile, exp string }{
+		{"FROM scratch\nMAINTAINER me", "[PATH=" + defPath + "]"},
+		{"FROM busybox\nMAINTAINER me", "[PATH=" + defPath + "]"},
+		{"FROM scratch\nENV FOO=bar", "[PATH=" + defPath + " FOO=bar]"},
+		{"FROM busybox\nENV FOO=bar", "[PATH=" + defPath + " FOO=bar]"},
+		{"FROM scratch\nENV PATH=/test", "[PATH=/test]"},
+		{"FROM busybox\nENV PATH=/test", "[PATH=/test]"},
+		{"FROM scratch\nENV PATH=''", "[PATH=]"},
+		{"FROM busybox\nENV PATH=''", "[PATH=]"},
+	}
+
+	for _, test := range tests {
+		fn(test.dockerfile, test.exp)
+	}
+}
+
+func (s *DockerSuite) TestBuildContextCleanup(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, SameHostDaemon)
+
+	name := "testbuildcontextcleanup"
+	entries, err := ioutil.ReadDir(filepath.Join(dockerBasePath, "tmp"))
+	if err != nil {
+		c.Fatalf("failed to list contents of tmp dir: %s", err)
+	}
+	_, err = buildImage(name,
+		`FROM scratch
+        ENTRYPOINT ["/bin/echo"]`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	entriesFinal, err := ioutil.ReadDir(filepath.Join(dockerBasePath, "tmp"))
+	if err != nil {
+		c.Fatalf("failed to list contents of tmp dir: %s", err)
+	}
+	if err = compareDirectoryEntries(entries, entriesFinal); err != nil {
+		c.Fatalf("context should have been deleted, but wasn't")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildContextCleanupFailedBuild(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, SameHostDaemon)
+
+	name := "testbuildcontextcleanup"
+	entries, err := ioutil.ReadDir(filepath.Join(dockerBasePath, "tmp"))
+	if err != nil {
+		c.Fatalf("failed to list contents of tmp dir: %s", err)
+	}
+	_, err = buildImage(name,
+		`FROM scratch
+	RUN /non/existing/command`,
+		true)
+	if err == nil {
+		c.Fatalf("expected build to fail, but it didn't")
+	}
+	entriesFinal, err := ioutil.ReadDir(filepath.Join(dockerBasePath, "tmp"))
+	if err != nil {
+		c.Fatalf("failed to list contents of tmp dir: %s", err)
+	}
+	if err = compareDirectoryEntries(entries, entriesFinal); err != nil {
+		c.Fatalf("context should have been deleted, but wasn't")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildCmd(c *check.C) {
+	name := "testbuildcmd"
+
+	expected := "[/bin/echo Hello World]"
+	_, err := buildImage(name,
+		`FROM `+minimalBaseImage()+`
+        CMD ["/bin/echo", "Hello World"]`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	res := inspectField(c, name, "Config.Cmd")
+	if res != expected {
+		c.Fatalf("Cmd %s, expected %s", res, expected)
+	}
+}
+
+func (s *DockerSuite) TestBuildExpose(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Expose not implemented on Windows
+	name := "testbuildexpose"
+	expected := "map[2375/tcp:{}]"
+	_, err := buildImage(name,
+		`FROM scratch
+        EXPOSE 2375`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	res := inspectField(c, name, "Config.ExposedPorts")
+	if res != expected {
+		c.Fatalf("Exposed ports %s, expected %s", res, expected)
+	}
+}
+
+func (s *DockerSuite) TestBuildExposeMorePorts(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Expose not implemented on Windows
+	// start building docker file with a large number of ports
+	portList := make([]string, 50)
+	line := make([]string, 100)
+	expectedPorts := make([]int, len(portList)*len(line))
+	for i := 0; i < len(portList); i++ {
+		for j := 0; j < len(line); j++ {
+			p := i*len(line) + j + 1
+			line[j] = strconv.Itoa(p)
+			expectedPorts[p-1] = p
+		}
+		if i == len(portList)-1 {
+			portList[i] = strings.Join(line, " ")
+		} else {
+			portList[i] = strings.Join(line, " ") + ` \`
+		}
+	}
+
+	dockerfile := `FROM scratch
+	EXPOSE {{range .}} {{.}}
+	{{end}}`
+	tmpl := template.Must(template.New("dockerfile").Parse(dockerfile))
+	buf := bytes.NewBuffer(nil)
+	tmpl.Execute(buf, portList)
+
+	name := "testbuildexpose"
+	_, err := buildImage(name, buf.String(), true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	// check if all the ports are saved inside Config.ExposedPorts
+	res := inspectFieldJSON(c, name, "Config.ExposedPorts")
+	var exposedPorts map[string]interface{}
+	if err := json.Unmarshal([]byte(res), &exposedPorts); err != nil {
+		c.Fatal(err)
+	}
+
+	for _, p := range expectedPorts {
+		ep := fmt.Sprintf("%d/tcp", p)
+		if _, ok := exposedPorts[ep]; !ok {
+			c.Errorf("Port(%s) is not exposed", ep)
+		} else {
+			delete(exposedPorts, ep)
+		}
+	}
+	if len(exposedPorts) != 0 {
+		c.Errorf("Unexpected extra exposed ports %v", exposedPorts)
+	}
+}
+
+func (s *DockerSuite) TestBuildExposeOrder(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Expose not implemented on Windows
+	buildID := func(name, exposed string) string {
+		_, err := buildImage(name, fmt.Sprintf(`FROM scratch
+		EXPOSE %s`, exposed), true)
+		if err != nil {
+			c.Fatal(err)
+		}
+		id := inspectField(c, name, "Id")
+		return id
+	}
+
+	id1 := buildID("testbuildexpose1", "80 2375")
+	id2 := buildID("testbuildexpose2", "2375 80")
+	if id1 != id2 {
+		c.Errorf("EXPOSE should invalidate the cache only when ports actually changed")
+	}
+}
+
+func (s *DockerSuite) TestBuildExposeUpperCaseProto(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Expose not implemented on Windows
+	name := "testbuildexposeuppercaseproto"
+	expected := "map[5678/udp:{}]"
+	_, err := buildImage(name,
+		`FROM scratch
+        EXPOSE 5678/UDP`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	res := inspectField(c, name, "Config.ExposedPorts")
+	if res != expected {
+		c.Fatalf("Exposed ports %s, expected %s", res, expected)
+	}
+}
+
+func (s *DockerSuite) TestBuildEmptyEntrypointInheritance(c *check.C) {
+	name := "testbuildentrypointinheritance"
+	name2 := "testbuildentrypointinheritance2"
+
+	_, err := buildImage(name,
+		`FROM busybox
+        ENTRYPOINT ["/bin/echo"]`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	res := inspectField(c, name, "Config.Entrypoint")
+
+	expected := "[/bin/echo]"
+	if res != expected {
+		c.Fatalf("Entrypoint %s, expected %s", res, expected)
+	}
+
+	_, err = buildImage(name2,
+		fmt.Sprintf(`FROM %s
+        ENTRYPOINT []`, name),
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	res = inspectField(c, name2, "Config.Entrypoint")
+
+	expected = "[]"
+
+	if res != expected {
+		c.Fatalf("Entrypoint %s, expected %s", res, expected)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildEmptyEntrypoint(c *check.C) {
+	name := "testbuildentrypoint"
+	expected := "[]"
+
+	_, err := buildImage(name,
+		`FROM busybox
+        ENTRYPOINT []`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	res := inspectField(c, name, "Config.Entrypoint")
+	if res != expected {
+		c.Fatalf("Entrypoint %s, expected %s", res, expected)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildEntrypoint(c *check.C) {
+	name := "testbuildentrypoint"
+
+	expected := "[/bin/echo]"
+	_, err := buildImage(name,
+		`FROM `+minimalBaseImage()+`
+        ENTRYPOINT ["/bin/echo"]`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	res := inspectField(c, name, "Config.Entrypoint")
+	if res != expected {
+		c.Fatalf("Entrypoint %s, expected %s", res, expected)
+	}
+
+}
+
+// #6445 ensure ONBUILD triggers aren't committed to grandchildren
+func (s *DockerSuite) TestBuildOnBuildLimitedInheritence(c *check.C) {
+	var (
+		out2, out3 string
+	)
+	{
+		name1 := "testonbuildtrigger1"
+		dockerfile1 := `
+		FROM busybox
+		RUN echo "GRANDPARENT"
+		ONBUILD RUN echo "ONBUILD PARENT"
+		`
+		ctx, err := fakeContext(dockerfile1, nil)
+		if err != nil {
+			c.Fatal(err)
+		}
+		defer ctx.Close()
+
+		out1, _, err := dockerCmdInDir(c, ctx.Dir, "build", "-t", name1, ".")
+		if err != nil {
+			c.Fatalf("build failed to complete: %s, %v", out1, err)
+		}
+	}
+	{
+		name2 := "testonbuildtrigger2"
+		dockerfile2 := `
+		FROM testonbuildtrigger1
+		`
+		ctx, err := fakeContext(dockerfile2, nil)
+		if err != nil {
+			c.Fatal(err)
+		}
+		defer ctx.Close()
+
+		out2, _, err = dockerCmdInDir(c, ctx.Dir, "build", "-t", name2, ".")
+		if err != nil {
+			c.Fatalf("build failed to complete: %s, %v", out2, err)
+		}
+	}
+	{
+		name3 := "testonbuildtrigger3"
+		dockerfile3 := `
+		FROM testonbuildtrigger2
+		`
+		ctx, err := fakeContext(dockerfile3, nil)
+		if err != nil {
+			c.Fatal(err)
+		}
+		defer ctx.Close()
+
+		out3, _, err = dockerCmdInDir(c, ctx.Dir, "build", "-t", name3, ".")
+		if err != nil {
+			c.Fatalf("build failed to complete: %s, %v", out3, err)
+		}
+
+	}
+
+	// ONBUILD should be run in second build.
+	if !strings.Contains(out2, "ONBUILD PARENT") {
+		c.Fatalf("ONBUILD instruction did not run in child of ONBUILD parent")
+	}
+
+	// ONBUILD should *not* be run in third build.
+	if strings.Contains(out3, "ONBUILD PARENT") {
+		c.Fatalf("ONBUILD instruction ran in grandchild of ONBUILD parent")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildWithCache(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Expose not implemented on Windows
+	name := "testbuildwithcache"
+	id1, err := buildImage(name,
+		`FROM scratch
+		MAINTAINER dockerio
+		EXPOSE 5432
+        ENTRYPOINT ["/bin/echo"]`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	id2, err := buildImage(name,
+		`FROM scratch
+		MAINTAINER dockerio
+		EXPOSE 5432
+        ENTRYPOINT ["/bin/echo"]`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	if id1 != id2 {
+		c.Fatal("The cache should have been used but hasn't.")
+	}
+}
+
+func (s *DockerSuite) TestBuildWithoutCache(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Expose not implemented on Windows
+	name := "testbuildwithoutcache"
+	name2 := "testbuildwithoutcache2"
+	id1, err := buildImage(name,
+		`FROM scratch
+		MAINTAINER dockerio
+		EXPOSE 5432
+        ENTRYPOINT ["/bin/echo"]`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	id2, err := buildImage(name2,
+		`FROM scratch
+		MAINTAINER dockerio
+		EXPOSE 5432
+        ENTRYPOINT ["/bin/echo"]`,
+		false)
+	if err != nil {
+		c.Fatal(err)
+	}
+	if id1 == id2 {
+		c.Fatal("The cache should have been invalided but hasn't.")
+	}
+}
+
+func (s *DockerSuite) TestBuildConditionalCache(c *check.C) {
+	name := "testbuildconditionalcache"
+
+	dockerfile := `
+		FROM busybox
+        ADD foo /tmp/`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"foo": "hello",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	id1, err := buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatalf("Error building #1: %s", err)
+	}
+
+	if err := ctx.Add("foo", "bye"); err != nil {
+		c.Fatalf("Error modifying foo: %s", err)
+	}
+
+	id2, err := buildImageFromContext(name, ctx, false)
+	if err != nil {
+		c.Fatalf("Error building #2: %s", err)
+	}
+	if id2 == id1 {
+		c.Fatal("Should not have used the cache")
+	}
+
+	id3, err := buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatalf("Error building #3: %s", err)
+	}
+	if id3 != id2 {
+		c.Fatal("Should have used the cache")
+	}
+}
+
+func (s *DockerSuite) TestBuildAddLocalFileWithCache(c *check.C) {
+	// local files are not owned by the correct user
+	testRequires(c, NotUserNamespace)
+	name := "testbuildaddlocalfilewithcache"
+	name2 := "testbuildaddlocalfilewithcache2"
+	dockerfile := `
+		FROM busybox
+        MAINTAINER dockerio
+        ADD foo /usr/lib/bla/bar
+		RUN sh -c "[ $(cat /usr/lib/bla/bar) = "hello" ]"`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"foo": "hello",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	id1, err := buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	id2, err := buildImageFromContext(name2, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	if id1 != id2 {
+		c.Fatal("The cache should have been used but hasn't.")
+	}
+}
+
+func (s *DockerSuite) TestBuildAddMultipleLocalFileWithCache(c *check.C) {
+	name := "testbuildaddmultiplelocalfilewithcache"
+	name2 := "testbuildaddmultiplelocalfilewithcache2"
+	dockerfile := `
+		FROM busybox
+        MAINTAINER dockerio
+        ADD foo Dockerfile /usr/lib/bla/
+		RUN sh -c "[ $(cat /usr/lib/bla/foo) = "hello" ]"`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"foo": "hello",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	id1, err := buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	id2, err := buildImageFromContext(name2, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	if id1 != id2 {
+		c.Fatal("The cache should have been used but hasn't.")
+	}
+}
+
+func (s *DockerSuite) TestBuildAddLocalFileWithoutCache(c *check.C) {
+	// local files are not owned by the correct user
+	testRequires(c, NotUserNamespace)
+	name := "testbuildaddlocalfilewithoutcache"
+	name2 := "testbuildaddlocalfilewithoutcache2"
+	dockerfile := `
+		FROM busybox
+        MAINTAINER dockerio
+        ADD foo /usr/lib/bla/bar
+		RUN sh -c "[ $(cat /usr/lib/bla/bar) = "hello" ]"`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"foo": "hello",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	id1, err := buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	id2, err := buildImageFromContext(name2, ctx, false)
+	if err != nil {
+		c.Fatal(err)
+	}
+	if id1 == id2 {
+		c.Fatal("The cache should have been invalided but hasn't.")
+	}
+}
+
+func (s *DockerSuite) TestBuildCopyDirButNotFile(c *check.C) {
+	name := "testbuildcopydirbutnotfile"
+	name2 := "testbuildcopydirbutnotfile2"
+
+	dockerfile := `
+        FROM ` + minimalBaseImage() + `
+        COPY dir /tmp/`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"dir/foo": "hello",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	id1, err := buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	// Check that adding file with similar name doesn't mess with cache
+	if err := ctx.Add("dir_file", "hello2"); err != nil {
+		c.Fatal(err)
+	}
+	id2, err := buildImageFromContext(name2, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	if id1 != id2 {
+		c.Fatal("The cache should have been used but wasn't")
+	}
+}
+
+func (s *DockerSuite) TestBuildAddCurrentDirWithCache(c *check.C) {
+	name := "testbuildaddcurrentdirwithcache"
+	name2 := name + "2"
+	name3 := name + "3"
+	name4 := name + "4"
+	dockerfile := `
+        FROM ` + minimalBaseImage() + `
+        MAINTAINER dockerio
+        ADD . /usr/lib/bla`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"foo": "hello",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	id1, err := buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	// Check that adding file invalidate cache of "ADD ."
+	if err := ctx.Add("bar", "hello2"); err != nil {
+		c.Fatal(err)
+	}
+	id2, err := buildImageFromContext(name2, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	if id1 == id2 {
+		c.Fatal("The cache should have been invalided but hasn't.")
+	}
+	// Check that changing file invalidate cache of "ADD ."
+	if err := ctx.Add("foo", "hello1"); err != nil {
+		c.Fatal(err)
+	}
+	id3, err := buildImageFromContext(name3, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	if id2 == id3 {
+		c.Fatal("The cache should have been invalided but hasn't.")
+	}
+	// Check that changing file to same content with different mtime does not
+	// invalidate cache of "ADD ."
+	time.Sleep(1 * time.Second) // wait second because of mtime precision
+	if err := ctx.Add("foo", "hello1"); err != nil {
+		c.Fatal(err)
+	}
+	id4, err := buildImageFromContext(name4, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	if id3 != id4 {
+		c.Fatal("The cache should have been used but hasn't.")
+	}
+}
+
+func (s *DockerSuite) TestBuildAddCurrentDirWithoutCache(c *check.C) {
+	name := "testbuildaddcurrentdirwithoutcache"
+	name2 := "testbuildaddcurrentdirwithoutcache2"
+	dockerfile := `
+        FROM ` + minimalBaseImage() + `
+        MAINTAINER dockerio
+        ADD . /usr/lib/bla`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"foo": "hello",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	id1, err := buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	id2, err := buildImageFromContext(name2, ctx, false)
+	if err != nil {
+		c.Fatal(err)
+	}
+	if id1 == id2 {
+		c.Fatal("The cache should have been invalided but hasn't.")
+	}
+}
+
+func (s *DockerSuite) TestBuildAddRemoteFileWithCache(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows doesn't have httpserver image yet
+	name := "testbuildaddremotefilewithcache"
+	server, err := fakeStorage(map[string]string{
+		"baz": "hello",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer server.Close()
+
+	id1, err := buildImage(name,
+		fmt.Sprintf(`FROM scratch
+        MAINTAINER dockerio
+        ADD %s/baz /usr/lib/baz/quux`, server.URL()),
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	id2, err := buildImage(name,
+		fmt.Sprintf(`FROM scratch
+        MAINTAINER dockerio
+        ADD %s/baz /usr/lib/baz/quux`, server.URL()),
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	if id1 != id2 {
+		c.Fatal("The cache should have been used but hasn't.")
+	}
+}
+
+func (s *DockerSuite) TestBuildAddRemoteFileWithoutCache(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows doesn't have httpserver image yet
+	name := "testbuildaddremotefilewithoutcache"
+	name2 := "testbuildaddremotefilewithoutcache2"
+	server, err := fakeStorage(map[string]string{
+		"baz": "hello",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer server.Close()
+
+	id1, err := buildImage(name,
+		fmt.Sprintf(`FROM scratch
+        MAINTAINER dockerio
+        ADD %s/baz /usr/lib/baz/quux`, server.URL()),
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	id2, err := buildImage(name2,
+		fmt.Sprintf(`FROM scratch
+        MAINTAINER dockerio
+        ADD %s/baz /usr/lib/baz/quux`, server.URL()),
+		false)
+	if err != nil {
+		c.Fatal(err)
+	}
+	if id1 == id2 {
+		c.Fatal("The cache should have been invalided but hasn't.")
+	}
+}
+
+func (s *DockerSuite) TestBuildAddRemoteFileMTime(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows doesn't have httpserver image yet
+	name := "testbuildaddremotefilemtime"
+	name2 := name + "2"
+	name3 := name + "3"
+
+	files := map[string]string{"baz": "hello"}
+	server, err := fakeStorage(files)
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer server.Close()
+
+	ctx, err := fakeContext(fmt.Sprintf(`FROM scratch
+        MAINTAINER dockerio
+        ADD %s/baz /usr/lib/baz/quux`, server.URL()), nil)
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	id1, err := buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	id2, err := buildImageFromContext(name2, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	if id1 != id2 {
+		c.Fatal("The cache should have been used but wasn't - #1")
+	}
+
+	// Now create a different server with same contents (causes different mtime)
+	// The cache should still be used
+
+	// allow some time for clock to pass as mtime precision is only 1s
+	time.Sleep(2 * time.Second)
+
+	server2, err := fakeStorage(files)
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer server2.Close()
+
+	ctx2, err := fakeContext(fmt.Sprintf(`FROM scratch
+        MAINTAINER dockerio
+        ADD %s/baz /usr/lib/baz/quux`, server2.URL()), nil)
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx2.Close()
+	id3, err := buildImageFromContext(name3, ctx2, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	if id1 != id3 {
+		c.Fatal("The cache should have been used but wasn't")
+	}
+}
+
+func (s *DockerSuite) TestBuildAddLocalAndRemoteFilesWithCache(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows doesn't have httpserver image yet
+	name := "testbuildaddlocalandremotefilewithcache"
+	server, err := fakeStorage(map[string]string{
+		"baz": "hello",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer server.Close()
+
+	ctx, err := fakeContext(fmt.Sprintf(`FROM scratch
+        MAINTAINER dockerio
+        ADD foo /usr/lib/bla/bar
+        ADD %s/baz /usr/lib/baz/quux`, server.URL()),
+		map[string]string{
+			"foo": "hello world",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	id1, err := buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	id2, err := buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	if id1 != id2 {
+		c.Fatal("The cache should have been used but hasn't.")
+	}
+}
+
+func testContextTar(c *check.C, compression archive.Compression) {
+	ctx, err := fakeContext(
+		`FROM busybox
+ADD foo /foo
+CMD ["cat", "/foo"]`,
+		map[string]string{
+			"foo": "bar",
+		},
+	)
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	context, err := archive.Tar(ctx.Dir, compression)
+	if err != nil {
+		c.Fatalf("failed to build context tar: %v", err)
+	}
+	name := "contexttar"
+	buildCmd := exec.Command(dockerBinary, "build", "-t", name, "-")
+	buildCmd.Stdin = context
+
+	if out, _, err := runCommandWithOutput(buildCmd); err != nil {
+		c.Fatalf("build failed to complete: %v %v", out, err)
+	}
+}
+
+func (s *DockerSuite) TestBuildContextTarGzip(c *check.C) {
+	testContextTar(c, archive.Gzip)
+}
+
+func (s *DockerSuite) TestBuildContextTarNoCompression(c *check.C) {
+	testContextTar(c, archive.Uncompressed)
+}
+
+func (s *DockerSuite) TestBuildNoContext(c *check.C) {
+	buildCmd := exec.Command(dockerBinary, "build", "-t", "nocontext", "-")
+	buildCmd.Stdin = strings.NewReader(
+		`FROM busybox
+		CMD ["echo", "ok"]`)
+
+	if out, _, err := runCommandWithOutput(buildCmd); err != nil {
+		c.Fatalf("build failed to complete: %v %v", out, err)
+	}
+
+	if out, _ := dockerCmd(c, "run", "--rm", "nocontext"); out != "ok\n" {
+		c.Fatalf("run produced invalid output: %q, expected %q", out, "ok")
+	}
+}
+
+// TODO: TestCaching
+func (s *DockerSuite) TestBuildAddLocalAndRemoteFilesWithoutCache(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows doesn't have httpserver image yet
+	name := "testbuildaddlocalandremotefilewithoutcache"
+	name2 := "testbuildaddlocalandremotefilewithoutcache2"
+	server, err := fakeStorage(map[string]string{
+		"baz": "hello",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer server.Close()
+
+	ctx, err := fakeContext(fmt.Sprintf(`FROM scratch
+        MAINTAINER dockerio
+        ADD foo /usr/lib/bla/bar
+        ADD %s/baz /usr/lib/baz/quux`, server.URL()),
+		map[string]string{
+			"foo": "hello world",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	id1, err := buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	id2, err := buildImageFromContext(name2, ctx, false)
+	if err != nil {
+		c.Fatal(err)
+	}
+	if id1 == id2 {
+		c.Fatal("The cache should have been invalided but hasn't.")
+	}
+}
+
+func (s *DockerSuite) TestBuildWithVolumeOwnership(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildimg"
+
+	_, err := buildImage(name,
+		`FROM busybox:latest
+        RUN mkdir /test && chown daemon:daemon /test && chmod 0600 /test
+        VOLUME /test`,
+		true)
+
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	out, _ := dockerCmd(c, "run", "--rm", "testbuildimg", "ls", "-la", "/test")
+
+	if expected := "drw-------"; !strings.Contains(out, expected) {
+		c.Fatalf("expected %s received %s", expected, out)
+	}
+
+	if expected := "daemon   daemon"; !strings.Contains(out, expected) {
+		c.Fatalf("expected %s received %s", expected, out)
+	}
+
+}
+
+// testing #1405 - config.Cmd does not get cleaned up if
+// utilizing cache
+func (s *DockerSuite) TestBuildEntrypointRunCleanup(c *check.C) {
+	name := "testbuildcmdcleanup"
+	if _, err := buildImage(name,
+		`FROM busybox
+        RUN echo "hello"`,
+		true); err != nil {
+		c.Fatal(err)
+	}
+
+	ctx, err := fakeContext(`FROM busybox
+        RUN echo "hello"
+        ADD foo /foo
+        ENTRYPOINT ["/bin/echo"]`,
+		map[string]string{
+			"foo": "hello",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+	res := inspectField(c, name, "Config.Cmd")
+	// Cmd must be cleaned up
+	if res != "[]" {
+		c.Fatalf("Cmd %s, expected nil", res)
+	}
+}
+
+func (s *DockerSuite) TestBuildForbiddenContextPath(c *check.C) {
+	name := "testbuildforbidpath"
+	ctx, err := fakeContext(`FROM `+minimalBaseImage()+`
+        ADD ../../ test/
+        `,
+		map[string]string{
+			"test.txt":  "test1",
+			"other.txt": "other",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	expected := "Forbidden path outside the build context: ../../ "
+
+	if daemonPlatform == "windows" {
+		expected = "Forbidden path outside the build context: ..\\..\\ "
+	}
+
+	if _, err := buildImageFromContext(name, ctx, true); err == nil || !strings.Contains(err.Error(), expected) {
+		c.Fatalf("Wrong error: (should contain \"%s\") got:\n%v", expected, err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildAddFileNotFound(c *check.C) {
+	name := "testbuildaddnotfound"
+	expected := "foo: no such file or directory"
+
+	if daemonPlatform == "windows" {
+		expected = "foo: The system cannot find the file specified"
+	}
+
+	ctx, err := fakeContext(`FROM `+minimalBaseImage()+`
+        ADD foo /usr/local/bar`,
+		map[string]string{"bar": "hello"})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		if !strings.Contains(err.Error(), expected) {
+			c.Fatalf("Wrong error %v, must be about missing foo file or directory", err)
+		}
+	} else {
+		c.Fatal("Error must not be nil")
+	}
+}
+
+func (s *DockerSuite) TestBuildInheritance(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildinheritance"
+
+	_, err := buildImage(name,
+		`FROM scratch
+		EXPOSE 2375`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	ports1 := inspectField(c, name, "Config.ExposedPorts")
+
+	_, err = buildImage(name,
+		fmt.Sprintf(`FROM %s
+		ENTRYPOINT ["/bin/echo"]`, name),
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	res := inspectField(c, name, "Config.Entrypoint")
+	if expected := "[/bin/echo]"; res != expected {
+		c.Fatalf("Entrypoint %s, expected %s", res, expected)
+	}
+	ports2 := inspectField(c, name, "Config.ExposedPorts")
+	if ports1 != ports2 {
+		c.Fatalf("Ports must be same: %s != %s", ports1, ports2)
+	}
+}
+
+func (s *DockerSuite) TestBuildFails(c *check.C) {
+	name := "testbuildfails"
+	_, err := buildImage(name,
+		`FROM busybox
+		RUN sh -c "exit 23"`,
+		true)
+	if err != nil {
+		if !strings.Contains(err.Error(), "returned a non-zero code: 23") {
+			c.Fatalf("Wrong error %v, must be about non-zero code 23", err)
+		}
+	} else {
+		c.Fatal("Error must not be nil")
+	}
+}
+
+func (s *DockerSuite) TestBuildFailsDockerfileEmpty(c *check.C) {
+	name := "testbuildfails"
+	_, err := buildImage(name, ``, true)
+	if err != nil {
+		if !strings.Contains(err.Error(), "The Dockerfile (Dockerfile) cannot be empty") {
+			c.Fatalf("Wrong error %v, must be about empty Dockerfile", err)
+		}
+	} else {
+		c.Fatal("Error must not be nil")
+	}
+}
+
+func (s *DockerSuite) TestBuildOnBuild(c *check.C) {
+	name := "testbuildonbuild"
+	_, err := buildImage(name,
+		`FROM busybox
+		ONBUILD RUN touch foobar`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	_, err = buildImage(name,
+		fmt.Sprintf(`FROM %s
+		RUN [ -f foobar ]`, name),
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildOnBuildForbiddenChained(c *check.C) {
+	name := "testbuildonbuildforbiddenchained"
+	_, err := buildImage(name,
+		`FROM busybox
+		ONBUILD ONBUILD RUN touch foobar`,
+		true)
+	if err != nil {
+		if !strings.Contains(err.Error(), "Chaining ONBUILD via `ONBUILD ONBUILD` isn't allowed") {
+			c.Fatalf("Wrong error %v, must be about chaining ONBUILD", err)
+		}
+	} else {
+		c.Fatal("Error must not be nil")
+	}
+}
+
+func (s *DockerSuite) TestBuildOnBuildForbiddenFrom(c *check.C) {
+	name := "testbuildonbuildforbiddenfrom"
+	_, err := buildImage(name,
+		`FROM busybox
+		ONBUILD FROM scratch`,
+		true)
+	if err != nil {
+		if !strings.Contains(err.Error(), "FROM isn't allowed as an ONBUILD trigger") {
+			c.Fatalf("Wrong error %v, must be about FROM forbidden", err)
+		}
+	} else {
+		c.Fatal("Error must not be nil")
+	}
+}
+
+func (s *DockerSuite) TestBuildOnBuildForbiddenMaintainer(c *check.C) {
+	name := "testbuildonbuildforbiddenmaintainer"
+	_, err := buildImage(name,
+		`FROM busybox
+		ONBUILD MAINTAINER docker.io`,
+		true)
+	if err != nil {
+		if !strings.Contains(err.Error(), "MAINTAINER isn't allowed as an ONBUILD trigger") {
+			c.Fatalf("Wrong error %v, must be about MAINTAINER forbidden", err)
+		}
+	} else {
+		c.Fatal("Error must not be nil")
+	}
+}
+
+// gh #2446
+func (s *DockerSuite) TestBuildAddToSymlinkDest(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildaddtosymlinkdest"
+	ctx, err := fakeContext(`FROM busybox
+        RUN mkdir /foo
+        RUN ln -s /foo /bar
+        ADD foo /bar/
+        RUN [ -f /bar/foo ]
+        RUN [ -f /foo/foo ]`,
+		map[string]string{
+			"foo": "hello",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildEscapeWhitespace(c *check.C) {
+	name := "testbuildescaping"
+
+	_, err := buildImage(name, `
+  FROM busybox
+  MAINTAINER "Docker \
+IO <io@\
+docker.com>"
+  `, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	res := inspectField(c, name, "Author")
+
+	if res != "\"Docker IO <io@docker.com>\"" {
+		c.Fatalf("Parsed string did not match the escaped string. Got: %q", res)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildVerifyIntString(c *check.C) {
+	// Verify that strings that look like ints are still passed as strings
+	name := "testbuildstringing"
+
+	_, err := buildImage(name, `
+  FROM busybox
+  MAINTAINER 123
+  `, true)
+
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	out, _ := dockerCmd(c, "inspect", name)
+
+	if !strings.Contains(out, "\"123\"") {
+		c.Fatalf("Output does not contain the int as a string:\n%s", out)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildDockerignore(c *check.C) {
+	testRequires(c, DaemonIsLinux) // TODO Windows: This test passes on Windows,
+	// but currently adds a disproportionate amount of time for the value it has.
+	// Removing it from Windows CI for now, but this will be revisited in the
+	// TP5 timeframe when perf is better.
+	name := "testbuilddockerignore"
+	dockerfile := `
+        FROM busybox
+        ADD . /bla
+		RUN sh -c "[[ -f /bla/src/x.go ]]"
+		RUN sh -c "[[ -f /bla/Makefile ]]"
+		RUN sh -c "[[ ! -e /bla/src/_vendor ]]"
+		RUN sh -c "[[ ! -e /bla/.gitignore ]]"
+		RUN sh -c "[[ ! -e /bla/README.md ]]"
+		RUN sh -c "[[ ! -e /bla/dir/foo ]]"
+		RUN sh -c "[[ ! -e /bla/foo ]]"
+		RUN sh -c "[[ ! -e /bla/.git ]]"
+		RUN sh -c "[[ ! -e v.cc ]]"
+		RUN sh -c "[[ ! -e src/v.cc ]]"
+		RUN sh -c "[[ ! -e src/_vendor/v.cc ]]"`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"Makefile":         "all:",
+		".git/HEAD":        "ref: foo",
+		"src/x.go":         "package main",
+		"src/_vendor/v.go": "package main",
+		"src/_vendor/v.cc": "package main",
+		"src/v.cc":         "package main",
+		"v.cc":             "package main",
+		"dir/foo":          "",
+		".gitignore":       "",
+		"README.md":        "readme",
+		".dockerignore": `
+.git
+pkg
+.gitignore
+src/_vendor
+*.md
+**/*.cc
+dir`,
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildDockerignoreCleanPaths(c *check.C) {
+	name := "testbuilddockerignorecleanpaths"
+	dockerfile := `
+        FROM busybox
+        ADD . /tmp/
+        RUN sh -c "(! ls /tmp/foo) && (! ls /tmp/foo2) && (! ls /tmp/dir1/foo)"`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"foo":           "foo",
+		"foo2":          "foo2",
+		"dir1/foo":      "foo in dir1",
+		".dockerignore": "./foo\ndir1//foo\n./dir1/../foo2",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildDockerignoreExceptions(c *check.C) {
+	testRequires(c, DaemonIsLinux) // TODO Windows: This test passes on Windows,
+	// but currently adds a disproportionate amount of time for the value it has.
+	// Removing it from Windows CI for now, but this will be revisited in the
+	// TP5 timeframe when perf is better.
+	name := "testbuilddockerignoreexceptions"
+	dockerfile := `
+        FROM busybox
+        ADD . /bla
+		RUN sh -c "[[ -f /bla/src/x.go ]]"
+		RUN sh -c "[[ -f /bla/Makefile ]]"
+		RUN sh -c "[[ ! -e /bla/src/_vendor ]]"
+		RUN sh -c "[[ ! -e /bla/.gitignore ]]"
+		RUN sh -c "[[ ! -e /bla/README.md ]]"
+		RUN sh -c "[[  -e /bla/dir/dir/foo ]]"
+		RUN sh -c "[[ ! -e /bla/dir/foo1 ]]"
+		RUN sh -c "[[ -f /bla/dir/e ]]"
+		RUN sh -c "[[ -f /bla/dir/e-dir/foo ]]"
+		RUN sh -c "[[ ! -e /bla/foo ]]"
+		RUN sh -c "[[ ! -e /bla/.git ]]"
+		RUN sh -c "[[ -e /bla/dir/a.cc ]]"`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"Makefile":         "all:",
+		".git/HEAD":        "ref: foo",
+		"src/x.go":         "package main",
+		"src/_vendor/v.go": "package main",
+		"dir/foo":          "",
+		"dir/foo1":         "",
+		"dir/dir/f1":       "",
+		"dir/dir/foo":      "",
+		"dir/e":            "",
+		"dir/e-dir/foo":    "",
+		".gitignore":       "",
+		"README.md":        "readme",
+		"dir/a.cc":         "hello",
+		".dockerignore": `
+.git
+pkg
+.gitignore
+src/_vendor
+*.md
+dir
+!dir/e*
+!dir/dir/foo
+**/*.cc
+!**/*.cc`,
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildDockerignoringDockerfile(c *check.C) {
+	name := "testbuilddockerignoredockerfile"
+	dockerfile := `
+        FROM busybox
+		ADD . /tmp/
+		RUN sh -c "! ls /tmp/Dockerfile"
+		RUN ls /tmp/.dockerignore`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"Dockerfile":    dockerfile,
+		".dockerignore": "Dockerfile\n",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err = buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatalf("Didn't ignore Dockerfile correctly:%s", err)
+	}
+
+	// now try it with ./Dockerfile
+	ctx.Add(".dockerignore", "./Dockerfile\n")
+	if _, err = buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatalf("Didn't ignore ./Dockerfile correctly:%s", err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildDockerignoringRenamedDockerfile(c *check.C) {
+	name := "testbuilddockerignoredockerfile"
+	dockerfile := `
+        FROM busybox
+		ADD . /tmp/
+		RUN ls /tmp/Dockerfile
+		RUN sh -c "! ls /tmp/MyDockerfile"
+		RUN ls /tmp/.dockerignore`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"Dockerfile":    "Should not use me",
+		"MyDockerfile":  dockerfile,
+		".dockerignore": "MyDockerfile\n",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err = buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatalf("Didn't ignore MyDockerfile correctly:%s", err)
+	}
+
+	// now try it with ./MyDockerfile
+	ctx.Add(".dockerignore", "./MyDockerfile\n")
+	if _, err = buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatalf("Didn't ignore ./MyDockerfile correctly:%s", err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildDockerignoringDockerignore(c *check.C) {
+	name := "testbuilddockerignoredockerignore"
+	dockerfile := `
+        FROM busybox
+		ADD . /tmp/
+		RUN sh -c "! ls /tmp/.dockerignore"
+		RUN ls /tmp/Dockerfile`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"Dockerfile":    dockerfile,
+		".dockerignore": ".dockerignore\n",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+	if _, err = buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatalf("Didn't ignore .dockerignore correctly:%s", err)
+	}
+}
+
+func (s *DockerSuite) TestBuildDockerignoreTouchDockerfile(c *check.C) {
+	var id1 string
+	var id2 string
+
+	name := "testbuilddockerignoretouchdockerfile"
+	dockerfile := `
+        FROM busybox
+		ADD . /tmp/`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"Dockerfile":    dockerfile,
+		".dockerignore": "Dockerfile\n",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if id1, err = buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatalf("Didn't build it correctly:%s", err)
+	}
+
+	if id2, err = buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatalf("Didn't build it correctly:%s", err)
+	}
+	if id1 != id2 {
+		c.Fatalf("Didn't use the cache - 1")
+	}
+
+	// Now make sure touching Dockerfile doesn't invalidate the cache
+	if err = ctx.Add("Dockerfile", dockerfile+"\n# hi"); err != nil {
+		c.Fatalf("Didn't add Dockerfile: %s", err)
+	}
+	if id2, err = buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatalf("Didn't build it correctly:%s", err)
+	}
+	if id1 != id2 {
+		c.Fatalf("Didn't use the cache - 2")
+	}
+
+	// One more time but just 'touch' it instead of changing the content
+	if err = ctx.Add("Dockerfile", dockerfile+"\n# hi"); err != nil {
+		c.Fatalf("Didn't add Dockerfile: %s", err)
+	}
+	if id2, err = buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatalf("Didn't build it correctly:%s", err)
+	}
+	if id1 != id2 {
+		c.Fatalf("Didn't use the cache - 3")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildDockerignoringWholeDir(c *check.C) {
+	name := "testbuilddockerignorewholedir"
+	dockerfile := `
+        FROM busybox
+		COPY . /
+		RUN sh -c "[[ ! -e /.gitignore ]]"
+		RUN sh -c "[[ -f /Makefile ]]"`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"Dockerfile":    "FROM scratch",
+		"Makefile":      "all:",
+		".gitignore":    "",
+		".dockerignore": ".*\n",
+	})
+	c.Assert(err, check.IsNil)
+	defer ctx.Close()
+	if _, err = buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+
+	c.Assert(ctx.Add(".dockerfile", "*"), check.IsNil)
+	if _, err = buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+
+	c.Assert(ctx.Add(".dockerfile", "."), check.IsNil)
+	if _, err = buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+
+	c.Assert(ctx.Add(".dockerfile", "?"), check.IsNil)
+	if _, err = buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildDockerignoringBadExclusion(c *check.C) {
+	name := "testbuilddockerignorebadexclusion"
+	dockerfile := `
+        FROM busybox
+		COPY . /
+		RUN sh -c "[[ ! -e /.gitignore ]]"
+		RUN sh -c "[[ -f /Makefile ]]"`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"Dockerfile":    "FROM scratch",
+		"Makefile":      "all:",
+		".gitignore":    "",
+		".dockerignore": "!\n",
+	})
+	c.Assert(err, check.IsNil)
+	defer ctx.Close()
+	if _, err = buildImageFromContext(name, ctx, true); err == nil {
+		c.Fatalf("Build was supposed to fail but didn't")
+	}
+
+	if err.Error() != "failed to build the image: Error checking context: 'Illegal exclusion pattern: !'.\n" {
+		c.Fatalf("Incorrect output, got:%q", err.Error())
+	}
+}
+
+func (s *DockerSuite) TestBuildDockerignoringWildTopDir(c *check.C) {
+	dockerfile := `
+        FROM busybox
+		COPY . /
+		RUN sh -c "[[ ! -e /.dockerignore ]]"
+		RUN sh -c "[[ ! -e /Dockerfile ]]"
+		RUN sh -c "[[ ! -e /file1 ]]"
+		RUN sh -c "[[ ! -e /dir ]]"`
+
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"Dockerfile": "FROM scratch",
+		"file1":      "",
+		"dir/dfile1": "",
+	})
+	c.Assert(err, check.IsNil)
+	defer ctx.Close()
+
+	// All of these should result in ignoring all files
+	for _, variant := range []string{"**", "**/", "**/**", "*"} {
+		ctx.Add(".dockerignore", variant)
+		_, err = buildImageFromContext("noname", ctx, true)
+		c.Assert(err, check.IsNil, check.Commentf("variant: %s", variant))
+	}
+}
+
+func (s *DockerSuite) TestBuildDockerignoringWildDirs(c *check.C) {
+	testRequires(c, DaemonIsLinux) // TODO Windows: Fix this test; also perf
+
+	dockerfile := `
+        FROM busybox
+		COPY . /
+		#RUN sh -c "[[ -e /.dockerignore ]]"
+		RUN sh -c "[[ -e /Dockerfile ]]           && \
+		           [[ ! -e /file0 ]]              && \
+		           [[ ! -e /dir1/file0 ]]         && \
+		           [[ ! -e /dir2/file0 ]]         && \
+		           [[ ! -e /file1 ]]              && \
+		           [[ ! -e /dir1/file1 ]]         && \
+		           [[ ! -e /dir1/dir2/file1 ]]    && \
+		           [[ ! -e /dir1/file2 ]]         && \
+		           [[   -e /dir1/dir2/file2 ]]    && \
+		           [[ ! -e /dir1/dir2/file4 ]]    && \
+		           [[ ! -e /dir1/dir2/file5 ]]    && \
+		           [[ ! -e /dir1/dir2/file6 ]]    && \
+		           [[ ! -e /dir1/dir3/file7 ]]    && \
+		           [[ ! -e /dir1/dir3/file8 ]]    && \
+		           [[   -e /dir1/dir3 ]]          && \
+		           [[   -e /dir1/dir4 ]]          && \
+		           [[ ! -e 'dir1/dir5/fileAA' ]]  && \
+		           [[   -e 'dir1/dir5/fileAB' ]]  && \
+		           [[   -e 'dir1/dir5/fileB' ]]"   # "." in pattern means nothing
+
+		RUN echo all done!`
+
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"Dockerfile":      "FROM scratch",
+		"file0":           "",
+		"dir1/file0":      "",
+		"dir1/dir2/file0": "",
+
+		"file1":           "",
+		"dir1/file1":      "",
+		"dir1/dir2/file1": "",
+
+		"dir1/file2":      "",
+		"dir1/dir2/file2": "", // remains
+
+		"dir1/dir2/file4": "",
+		"dir1/dir2/file5": "",
+		"dir1/dir2/file6": "",
+		"dir1/dir3/file7": "",
+		"dir1/dir3/file8": "",
+		"dir1/dir4/file9": "",
+
+		"dir1/dir5/fileAA": "",
+		"dir1/dir5/fileAB": "",
+		"dir1/dir5/fileB":  "",
+
+		".dockerignore": `
+**/file0
+**/*file1
+**/dir1/file2
+dir1/**/file4
+**/dir2/file5
+**/dir1/dir2/file6
+dir1/dir3/**
+**/dir4/**
+**/file?A
+**/file\?B
+**/dir5/file.
+`,
+	})
+	c.Assert(err, check.IsNil)
+	defer ctx.Close()
+
+	_, err = buildImageFromContext("noname", ctx, true)
+	c.Assert(err, check.IsNil)
+}
+
+func (s *DockerSuite) TestBuildLineBreak(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildlinebreak"
+	_, err := buildImage(name,
+		`FROM  busybox
+RUN    sh -c 'echo root:testpass \
+	> /tmp/passwd'
+RUN    mkdir -p /var/run/sshd
+RUN    sh -c "[ "$(cat /tmp/passwd)" = "root:testpass" ]"
+RUN    sh -c "[ "$(ls -d /var/run/sshd)" = "/var/run/sshd" ]"`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildEOLInLine(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildeolinline"
+	_, err := buildImage(name,
+		`FROM   busybox
+RUN    sh -c 'echo root:testpass > /tmp/passwd'
+RUN    echo "foo \n bar"; echo "baz"
+RUN    mkdir -p /var/run/sshd
+RUN    sh -c "[ "$(cat /tmp/passwd)" = "root:testpass" ]"
+RUN    sh -c "[ "$(ls -d /var/run/sshd)" = "/var/run/sshd" ]"`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildCommentsShebangs(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildcomments"
+	_, err := buildImage(name,
+		`FROM busybox
+# This is an ordinary comment.
+RUN { echo '#!/bin/sh'; echo 'echo hello world'; } > /hello.sh
+RUN [ ! -x /hello.sh ]
+# comment with line break \
+RUN chmod +x /hello.sh
+RUN [ -x /hello.sh ]
+RUN [ "$(cat /hello.sh)" = $'#!/bin/sh\necho hello world' ]
+RUN [ "$(/hello.sh)" = "hello world" ]`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildUsersAndGroups(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildusers"
+	_, err := buildImage(name,
+		`FROM busybox
+
+# Make sure our defaults work
+RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)" = '0:0/root:root' ]
+
+# TODO decide if "args.user = strconv.Itoa(syscall.Getuid())" is acceptable behavior for changeUser in sysvinit instead of "return nil" when "USER" isn't specified (so that we get the proper group list even if that is the empty list, even in the default case of not supplying an explicit USER to run as, which implies USER 0)
+USER root
+RUN [ "$(id -G):$(id -Gn)" = '0 10:root wheel' ]
+
+# Setup dockerio user and group
+RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd && \
+	echo 'dockerio:x:1001:' >> /etc/group
+
+# Make sure we can switch to our user and all the information is exactly as we expect it to be
+USER dockerio
+RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1001:1001/dockerio:dockerio/1001:dockerio' ]
+
+# Switch back to root and double check that worked exactly as we might expect it to
+USER root
+RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '0:0/root:root/0 10:root wheel' ] && \
+	# Add a "supplementary" group for our dockerio user \
+	echo 'supplementary:x:1002:dockerio' >> /etc/group
+
+# ... and then go verify that we get it like we expect
+USER dockerio
+RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1001:1001/dockerio:dockerio/1001 1002:dockerio supplementary' ]
+USER 1001
+RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1001:1001/dockerio:dockerio/1001 1002:dockerio supplementary' ]
+
+# super test the new "user:group" syntax
+USER dockerio:dockerio
+RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1001:1001/dockerio:dockerio/1001:dockerio' ]
+USER 1001:dockerio
+RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1001:1001/dockerio:dockerio/1001:dockerio' ]
+USER dockerio:1001
+RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1001:1001/dockerio:dockerio/1001:dockerio' ]
+USER 1001:1001
+RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1001:1001/dockerio:dockerio/1001:dockerio' ]
+USER dockerio:supplementary
+RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1001:1002/dockerio:supplementary/1002:supplementary' ]
+USER dockerio:1002
+RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1001:1002/dockerio:supplementary/1002:supplementary' ]
+USER 1001:supplementary
+RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1001:1002/dockerio:supplementary/1002:supplementary' ]
+USER 1001:1002
+RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1001:1002/dockerio:supplementary/1002:supplementary' ]
+
+# make sure unknown uid/gid still works properly
+USER 1042:1043
+RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1042:1043/1042:1043/1043:1043' ]`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildEnvUsage(c *check.C) {
+	// /docker/world/hello is not owned by the correct user
+	testRequires(c, NotUserNamespace)
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildenvusage"
+	dockerfile := `FROM busybox
+ENV    HOME /root
+ENV    PATH $HOME/bin:$PATH
+ENV    PATH /tmp:$PATH
+RUN    [ "$PATH" = "/tmp:$HOME/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ]
+ENV    FOO /foo/baz
+ENV    BAR /bar
+ENV    BAZ $BAR
+ENV    FOOPATH $PATH:$FOO
+RUN    [ "$BAR" = "$BAZ" ]
+RUN    [ "$FOOPATH" = "$PATH:/foo/baz" ]
+ENV	   FROM hello/docker/world
+ENV    TO /docker/world/hello
+ADD    $FROM $TO
+RUN    [ "$(cat $TO)" = "hello" ]
+ENV    abc=def
+ENV    ghi=$abc
+RUN    [ "$ghi" = "def" ]
+`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"hello/docker/world": "hello",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	_, err = buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildEnvUsage2(c *check.C) {
+	// /docker/world/hello is not owned by the correct user
+	testRequires(c, NotUserNamespace)
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildenvusage2"
+	dockerfile := `FROM busybox
+ENV    abc=def def="hello world"
+RUN    [ "$abc,$def" = "def,hello world" ]
+ENV    def=hello\ world v1=abc v2="hi there" v3='boogie nights' v4="with'quotes too"
+RUN    [ "$def,$v1,$v2,$v3,$v4" = "hello world,abc,hi there,boogie nights,with'quotes too" ]
+ENV    abc=zzz FROM=hello/docker/world
+ENV    abc=zzz TO=/docker/world/hello
+ADD    $FROM $TO
+RUN    [ "$abc,$(cat $TO)" = "zzz,hello" ]
+ENV    abc 'yyy'
+RUN    [ $abc = 'yyy' ]
+ENV    abc=
+RUN    [ "$abc" = "" ]
+
+# use grep to make sure if the builder substitutes \$foo by mistake
+# we don't get a false positive
+ENV    abc=\$foo
+RUN    [ "$abc" = "\$foo" ] && (echo "$abc" | grep foo)
+ENV    abc \$foo
+RUN    [ "$abc" = "\$foo" ] && (echo "$abc" | grep foo)
+
+ENV    abc=\'foo\' abc2=\"foo\"
+RUN    [ "$abc,$abc2" = "'foo',\"foo\"" ]
+ENV    abc "foo"
+RUN    [ "$abc" = "foo" ]
+ENV    abc 'foo'
+RUN    [ "$abc" = 'foo' ]
+ENV    abc \'foo\'
+RUN    [ "$abc" = "'foo'" ]
+ENV    abc \"foo\"
+RUN    [ "$abc" = '"foo"' ]
+
+ENV    abc=ABC
+RUN    [ "$abc" = "ABC" ]
+ENV    def1=${abc:-DEF} def2=${ccc:-DEF}
+ENV    def3=${ccc:-${def2}xx} def4=${abc:+ALT} def5=${def2:+${abc}:} def6=${ccc:-\$abc:} def7=${ccc:-\${abc}:}
+RUN    [ "$def1,$def2,$def3,$def4,$def5,$def6,$def7" = 'ABC,DEF,DEFxx,ALT,ABC:,$abc:,${abc:}' ]
+ENV    mypath=${mypath:+$mypath:}/home
+ENV    mypath=${mypath:+$mypath:}/away
+RUN    [ "$mypath" = '/home:/away' ]
+
+ENV    e1=bar
+ENV    e2=$e1 e3=$e11 e4=\$e1 e5=\$e11
+RUN    [ "$e0,$e1,$e2,$e3,$e4,$e5" = ',bar,bar,,$e1,$e11' ]
+
+ENV    ee1 bar
+ENV    ee2 $ee1
+ENV    ee3 $ee11
+ENV    ee4 \$ee1
+ENV    ee5 \$ee11
+RUN    [ "$ee1,$ee2,$ee3,$ee4,$ee5" = 'bar,bar,,$ee1,$ee11' ]
+
+ENV    eee1="foo" eee2='foo'
+ENV    eee3 "foo"
+ENV    eee4 'foo'
+RUN    [ "$eee1,$eee2,$eee3,$eee4" = 'foo,foo,foo,foo' ]
+
+`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"hello/docker/world": "hello",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	_, err = buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildAddScript(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildaddscript"
+	dockerfile := `
+FROM busybox
+ADD test /test
+RUN ["chmod","+x","/test"]
+RUN ["/test"]
+RUN [ "$(cat /testfile)" = 'test!' ]`
+	ctx, err := fakeContext(dockerfile, map[string]string{
+		"test": "#!/bin/sh\necho 'test!' > /testfile",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	_, err = buildImageFromContext(name, ctx, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildAddTar(c *check.C) {
+	// /test/foo is not owned by the correct user
+	testRequires(c, NotUserNamespace)
+	name := "testbuildaddtar"
+
+	ctx := func() *FakeContext {
+		dockerfile := `
+FROM busybox
+ADD test.tar /
+RUN cat /test/foo | grep Hi
+ADD test.tar /test.tar
+RUN cat /test.tar/test/foo | grep Hi
+ADD test.tar /unlikely-to-exist
+RUN cat /unlikely-to-exist/test/foo | grep Hi
+ADD test.tar /unlikely-to-exist-trailing-slash/
+RUN cat /unlikely-to-exist-trailing-slash/test/foo | grep Hi
+RUN sh -c "mkdir /existing-directory" #sh -c is needed on Windows to use the correct mkdir
+ADD test.tar /existing-directory
+RUN cat /existing-directory/test/foo | grep Hi
+ADD test.tar /existing-directory-trailing-slash/
+RUN cat /existing-directory-trailing-slash/test/foo | grep Hi`
+		tmpDir, err := ioutil.TempDir("", "fake-context")
+		c.Assert(err, check.IsNil)
+		testTar, err := os.Create(filepath.Join(tmpDir, "test.tar"))
+		if err != nil {
+			c.Fatalf("failed to create test.tar archive: %v", err)
+		}
+		defer testTar.Close()
+
+		tw := tar.NewWriter(testTar)
+
+		if err := tw.WriteHeader(&tar.Header{
+			Name: "test/foo",
+			Size: 2,
+		}); err != nil {
+			c.Fatalf("failed to write tar file header: %v", err)
+		}
+		if _, err := tw.Write([]byte("Hi")); err != nil {
+			c.Fatalf("failed to write tar file content: %v", err)
+		}
+		if err := tw.Close(); err != nil {
+			c.Fatalf("failed to close tar archive: %v", err)
+		}
+
+		if err := ioutil.WriteFile(filepath.Join(tmpDir, "Dockerfile"), []byte(dockerfile), 0644); err != nil {
+			c.Fatalf("failed to open destination dockerfile: %v", err)
+		}
+		return fakeContextFromDir(tmpDir)
+	}()
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatalf("build failed to complete for TestBuildAddTar: %v", err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildAddBrokenTar(c *check.C) {
+	name := "testbuildaddbrokentar"
+
+	ctx := func() *FakeContext {
+		dockerfile := `
+FROM busybox
+ADD test.tar /`
+		tmpDir, err := ioutil.TempDir("", "fake-context")
+		c.Assert(err, check.IsNil)
+		testTar, err := os.Create(filepath.Join(tmpDir, "test.tar"))
+		if err != nil {
+			c.Fatalf("failed to create test.tar archive: %v", err)
+		}
+		defer testTar.Close()
+
+		tw := tar.NewWriter(testTar)
+
+		if err := tw.WriteHeader(&tar.Header{
+			Name: "test/foo",
+			Size: 2,
+		}); err != nil {
+			c.Fatalf("failed to write tar file header: %v", err)
+		}
+		if _, err := tw.Write([]byte("Hi")); err != nil {
+			c.Fatalf("failed to write tar file content: %v", err)
+		}
+		if err := tw.Close(); err != nil {
+			c.Fatalf("failed to close tar archive: %v", err)
+		}
+
+		// Corrupt the tar by removing one byte off the end
+		stat, err := testTar.Stat()
+		if err != nil {
+			c.Fatalf("failed to stat tar archive: %v", err)
+		}
+		if err := testTar.Truncate(stat.Size() - 1); err != nil {
+			c.Fatalf("failed to truncate tar archive: %v", err)
+		}
+
+		if err := ioutil.WriteFile(filepath.Join(tmpDir, "Dockerfile"), []byte(dockerfile), 0644); err != nil {
+			c.Fatalf("failed to open destination dockerfile: %v", err)
+		}
+		return fakeContextFromDir(tmpDir)
+	}()
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err == nil {
+		c.Fatalf("build should have failed for TestBuildAddBrokenTar")
+	}
+}
+
+func (s *DockerSuite) TestBuildAddNonTar(c *check.C) {
+	name := "testbuildaddnontar"
+
+	// Should not try to extract test.tar
+	ctx, err := fakeContext(`
+		FROM busybox
+		ADD test.tar /
+		RUN test -f /test.tar`,
+		map[string]string{"test.tar": "not_a_tar_file"})
+
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatalf("build failed for TestBuildAddNonTar")
+	}
+}
+
+func (s *DockerSuite) TestBuildAddTarXz(c *check.C) {
+	// /test/foo is not owned by the correct user
+	testRequires(c, NotUserNamespace)
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildaddtarxz"
+
+	ctx := func() *FakeContext {
+		dockerfile := `
+			FROM busybox
+			ADD test.tar.xz /
+			RUN cat /test/foo | grep Hi`
+		tmpDir, err := ioutil.TempDir("", "fake-context")
+		c.Assert(err, check.IsNil)
+		testTar, err := os.Create(filepath.Join(tmpDir, "test.tar"))
+		if err != nil {
+			c.Fatalf("failed to create test.tar archive: %v", err)
+		}
+		defer testTar.Close()
+
+		tw := tar.NewWriter(testTar)
+
+		if err := tw.WriteHeader(&tar.Header{
+			Name: "test/foo",
+			Size: 2,
+		}); err != nil {
+			c.Fatalf("failed to write tar file header: %v", err)
+		}
+		if _, err := tw.Write([]byte("Hi")); err != nil {
+			c.Fatalf("failed to write tar file content: %v", err)
+		}
+		if err := tw.Close(); err != nil {
+			c.Fatalf("failed to close tar archive: %v", err)
+		}
+
+		xzCompressCmd := exec.Command("xz", "-k", "test.tar")
+		xzCompressCmd.Dir = tmpDir
+		out, _, err := runCommandWithOutput(xzCompressCmd)
+		if err != nil {
+			c.Fatal(err, out)
+		}
+
+		if err := ioutil.WriteFile(filepath.Join(tmpDir, "Dockerfile"), []byte(dockerfile), 0644); err != nil {
+			c.Fatalf("failed to open destination dockerfile: %v", err)
+		}
+		return fakeContextFromDir(tmpDir)
+	}()
+
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatalf("build failed to complete for TestBuildAddTarXz: %v", err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildAddTarXzGz(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildaddtarxzgz"
+
+	ctx := func() *FakeContext {
+		dockerfile := `
+			FROM busybox
+			ADD test.tar.xz.gz /
+			RUN ls /test.tar.xz.gz`
+		tmpDir, err := ioutil.TempDir("", "fake-context")
+		c.Assert(err, check.IsNil)
+		testTar, err := os.Create(filepath.Join(tmpDir, "test.tar"))
+		if err != nil {
+			c.Fatalf("failed to create test.tar archive: %v", err)
+		}
+		defer testTar.Close()
+
+		tw := tar.NewWriter(testTar)
+
+		if err := tw.WriteHeader(&tar.Header{
+			Name: "test/foo",
+			Size: 2,
+		}); err != nil {
+			c.Fatalf("failed to write tar file header: %v", err)
+		}
+		if _, err := tw.Write([]byte("Hi")); err != nil {
+			c.Fatalf("failed to write tar file content: %v", err)
+		}
+		if err := tw.Close(); err != nil {
+			c.Fatalf("failed to close tar archive: %v", err)
+		}
+
+		xzCompressCmd := exec.Command("xz", "-k", "test.tar")
+		xzCompressCmd.Dir = tmpDir
+		out, _, err := runCommandWithOutput(xzCompressCmd)
+		if err != nil {
+			c.Fatal(err, out)
+		}
+
+		gzipCompressCmd := exec.Command("gzip", "test.tar.xz")
+		gzipCompressCmd.Dir = tmpDir
+		out, _, err = runCommandWithOutput(gzipCompressCmd)
+		if err != nil {
+			c.Fatal(err, out)
+		}
+
+		if err := ioutil.WriteFile(filepath.Join(tmpDir, "Dockerfile"), []byte(dockerfile), 0644); err != nil {
+			c.Fatalf("failed to open destination dockerfile: %v", err)
+		}
+		return fakeContextFromDir(tmpDir)
+	}()
+
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatalf("build failed to complete for TestBuildAddTarXz: %v", err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildFromGIT(c *check.C) {
+	name := "testbuildfromgit"
+	git, err := newFakeGit("repo", map[string]string{
+		"Dockerfile": `FROM busybox
+					ADD first /first
+					RUN [ -f /first ]
+					MAINTAINER docker`,
+		"first": "test git data",
+	}, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer git.Close()
+
+	_, err = buildImageFromPath(name, git.RepoURL, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	res := inspectField(c, name, "Author")
+	if res != "docker" {
+		c.Fatalf("Maintainer should be docker, got %s", res)
+	}
+}
+
+func (s *DockerSuite) TestBuildFromGITWithContext(c *check.C) {
+	name := "testbuildfromgit"
+	git, err := newFakeGit("repo", map[string]string{
+		"docker/Dockerfile": `FROM busybox
+					ADD first /first
+					RUN [ -f /first ]
+					MAINTAINER docker`,
+		"docker/first": "test git data",
+	}, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer git.Close()
+
+	u := fmt.Sprintf("%s#master:docker", git.RepoURL)
+	_, err = buildImageFromPath(name, u, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	res := inspectField(c, name, "Author")
+	if res != "docker" {
+		c.Fatalf("Maintainer should be docker, got %s", res)
+	}
+}
+
+func (s *DockerSuite) TestBuildFromGITwithF(c *check.C) {
+	name := "testbuildfromgitwithf"
+	git, err := newFakeGit("repo", map[string]string{
+		"myApp/myDockerfile": `FROM busybox
+					RUN echo hi from Dockerfile`,
+	}, true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer git.Close()
+
+	out, _, err := dockerCmdWithError("build", "-t", name, "--no-cache", "-f", "myApp/myDockerfile", git.RepoURL)
+	if err != nil {
+		c.Fatalf("Error on build. Out: %s\nErr: %v", out, err)
+	}
+
+	if !strings.Contains(out, "hi from Dockerfile") {
+		c.Fatalf("Missing expected output, got:\n%s", out)
+	}
+}
+
+func (s *DockerSuite) TestBuildFromRemoteTarball(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildfromremotetarball"
+
+	buffer := new(bytes.Buffer)
+	tw := tar.NewWriter(buffer)
+	defer tw.Close()
+
+	dockerfile := []byte(`FROM busybox
+					MAINTAINER docker`)
+	if err := tw.WriteHeader(&tar.Header{
+		Name: "Dockerfile",
+		Size: int64(len(dockerfile)),
+	}); err != nil {
+		c.Fatalf("failed to write tar file header: %v", err)
+	}
+	if _, err := tw.Write(dockerfile); err != nil {
+		c.Fatalf("failed to write tar file content: %v", err)
+	}
+	if err := tw.Close(); err != nil {
+		c.Fatalf("failed to close tar archive: %v", err)
+	}
+
+	server, err := fakeBinaryStorage(map[string]*bytes.Buffer{
+		"testT.tar": buffer,
+	})
+	c.Assert(err, check.IsNil)
+
+	defer server.Close()
+
+	_, err = buildImageFromPath(name, server.URL()+"/testT.tar", true)
+	c.Assert(err, check.IsNil)
+
+	res := inspectField(c, name, "Author")
+
+	if res != "docker" {
+		c.Fatalf("Maintainer should be docker, got %s", res)
+	}
+}
+
+func (s *DockerSuite) TestBuildCleanupCmdOnEntrypoint(c *check.C) {
+	name := "testbuildcmdcleanuponentrypoint"
+	if _, err := buildImage(name,
+		`FROM `+minimalBaseImage()+`
+        CMD ["test"]
+		ENTRYPOINT ["echo"]`,
+		true); err != nil {
+		c.Fatal(err)
+	}
+	if _, err := buildImage(name,
+		fmt.Sprintf(`FROM %s
+		ENTRYPOINT ["cat"]`, name),
+		true); err != nil {
+		c.Fatal(err)
+	}
+	res := inspectField(c, name, "Config.Cmd")
+	if res != "[]" {
+		c.Fatalf("Cmd %s, expected nil", res)
+	}
+
+	res = inspectField(c, name, "Config.Entrypoint")
+	if expected := "[cat]"; res != expected {
+		c.Fatalf("Entrypoint %s, expected %s", res, expected)
+	}
+}
+
+func (s *DockerSuite) TestBuildClearCmd(c *check.C) {
+	name := "testbuildclearcmd"
+	_, err := buildImage(name,
+		`From `+minimalBaseImage()+`
+   ENTRYPOINT ["/bin/bash"]
+   CMD []`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	res := inspectFieldJSON(c, name, "Config.Cmd")
+	if res != "[]" {
+		c.Fatalf("Cmd %s, expected %s", res, "[]")
+	}
+}
+
+func (s *DockerSuite) TestBuildEmptyCmd(c *check.C) {
+	name := "testbuildemptycmd"
+	if _, err := buildImage(name, "FROM "+minimalBaseImage()+"\nMAINTAINER quux\n", true); err != nil {
+		c.Fatal(err)
+	}
+	res := inspectFieldJSON(c, name, "Config.Cmd")
+	if res != "null" {
+		c.Fatalf("Cmd %s, expected %s", res, "null")
+	}
+}
+
+func (s *DockerSuite) TestBuildOnBuildOutput(c *check.C) {
+	name := "testbuildonbuildparent"
+	if _, err := buildImage(name, "FROM busybox\nONBUILD RUN echo foo\n", true); err != nil {
+		c.Fatal(err)
+	}
+
+	_, out, err := buildImageWithOut(name, "FROM "+name+"\nMAINTAINER quux\n", true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	if !strings.Contains(out, "# Executing 1 build trigger") {
+		c.Fatal("failed to find the build trigger output", out)
+	}
+}
+
+func (s *DockerSuite) TestBuildInvalidTag(c *check.C) {
+	name := "abcd:" + stringutils.GenerateRandomAlphaOnlyString(200)
+	_, out, err := buildImageWithOut(name, "FROM "+minimalBaseImage()+"\nMAINTAINER quux\n", true)
+	// if the error doesn't check for illegal tag name, or the image is built
+	// then this should fail
+	if !strings.Contains(out, "Error parsing reference") || strings.Contains(out, "Sending build context to Docker daemon") {
+		c.Fatalf("failed to stop before building. Error: %s, Output: %s", err, out)
+	}
+}
+
+func (s *DockerSuite) TestBuildCmdShDashC(c *check.C) {
+	name := "testbuildcmdshc"
+	if _, err := buildImage(name, "FROM busybox\nCMD echo cmd\n", true); err != nil {
+		c.Fatal(err)
+	}
+
+	res := inspectFieldJSON(c, name, "Config.Cmd")
+
+	expected := `["/bin/sh","-c","echo cmd"]`
+	if daemonPlatform == "windows" {
+		expected = `["cmd","/S","/C","echo cmd"]`
+	}
+
+	if res != expected {
+		c.Fatalf("Expected value %s not in Config.Cmd: %s", expected, res)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildCmdSpaces(c *check.C) {
+	// Test to make sure that when we strcat arrays we take into account
+	// the arg separator to make sure ["echo","hi"] and ["echo hi"] don't
+	// look the same
+	name := "testbuildcmdspaces"
+	var id1 string
+	var id2 string
+	var err error
+
+	if id1, err = buildImage(name, "FROM busybox\nCMD [\"echo hi\"]\n", true); err != nil {
+		c.Fatal(err)
+	}
+
+	if id2, err = buildImage(name, "FROM busybox\nCMD [\"echo\", \"hi\"]\n", true); err != nil {
+		c.Fatal(err)
+	}
+
+	if id1 == id2 {
+		c.Fatal("Should not have resulted in the same CMD")
+	}
+
+	// Now do the same with ENTRYPOINT
+	if id1, err = buildImage(name, "FROM busybox\nENTRYPOINT [\"echo hi\"]\n", true); err != nil {
+		c.Fatal(err)
+	}
+
+	if id2, err = buildImage(name, "FROM busybox\nENTRYPOINT [\"echo\", \"hi\"]\n", true); err != nil {
+		c.Fatal(err)
+	}
+
+	if id1 == id2 {
+		c.Fatal("Should not have resulted in the same ENTRYPOINT")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildCmdJSONNoShDashC(c *check.C) {
+	name := "testbuildcmdjson"
+	if _, err := buildImage(name, "FROM busybox\nCMD [\"echo\", \"cmd\"]", true); err != nil {
+		c.Fatal(err)
+	}
+
+	res := inspectFieldJSON(c, name, "Config.Cmd")
+
+	expected := `["echo","cmd"]`
+
+	if res != expected {
+		c.Fatalf("Expected value %s not in Config.Cmd: %s", expected, res)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildErrorInvalidInstruction(c *check.C) {
+	name := "testbuildignoreinvalidinstruction"
+
+	out, _, err := buildImageWithOut(name, "FROM busybox\nfoo bar", true)
+	if err == nil {
+		c.Fatalf("Should have failed: %s", out)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildEntrypointInheritance(c *check.C) {
+
+	if _, err := buildImage("parent", `
+    FROM busybox
+    ENTRYPOINT exit 130
+    `, true); err != nil {
+		c.Fatal(err)
+	}
+
+	if _, status, _ := dockerCmdWithError("run", "parent"); status != 130 {
+		c.Fatalf("expected exit code 130 but received %d", status)
+	}
+
+	if _, err := buildImage("child", `
+    FROM parent
+    ENTRYPOINT exit 5
+    `, true); err != nil {
+		c.Fatal(err)
+	}
+
+	if _, status, _ := dockerCmdWithError("run", "child"); status != 5 {
+		c.Fatalf("expected exit code 5 but received %d", status)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildEntrypointInheritanceInspect(c *check.C) {
+	var (
+		name     = "testbuildepinherit"
+		name2    = "testbuildepinherit2"
+		expected = `["/bin/sh","-c","echo quux"]`
+	)
+
+	if daemonPlatform == "windows" {
+		expected = `["cmd","/S","/C","echo quux"]`
+	}
+
+	if _, err := buildImage(name, "FROM busybox\nENTRYPOINT /foo/bar", true); err != nil {
+		c.Fatal(err)
+	}
+
+	if _, err := buildImage(name2, fmt.Sprintf("FROM %s\nENTRYPOINT echo quux", name), true); err != nil {
+		c.Fatal(err)
+	}
+
+	res := inspectFieldJSON(c, name2, "Config.Entrypoint")
+
+	if res != expected {
+		c.Fatalf("Expected value %s not in Config.Entrypoint: %s", expected, res)
+	}
+
+	out, _ := dockerCmd(c, "run", name2)
+
+	expected = "quux"
+
+	if strings.TrimSpace(out) != expected {
+		c.Fatalf("Expected output is %s, got %s", expected, out)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildRunShEntrypoint(c *check.C) {
+	name := "testbuildentrypoint"
+	_, err := buildImage(name,
+		`FROM busybox
+                                ENTRYPOINT echo`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	dockerCmd(c, "run", "--rm", name)
+}
+
+func (s *DockerSuite) TestBuildExoticShellInterpolation(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildexoticshellinterpolation"
+
+	_, err := buildImage(name, `
+		FROM busybox
+
+		ENV SOME_VAR a.b.c
+
+		RUN [ "$SOME_VAR"       = 'a.b.c' ]
+		RUN [ "${SOME_VAR}"     = 'a.b.c' ]
+		RUN [ "${SOME_VAR%.*}"  = 'a.b'   ]
+		RUN [ "${SOME_VAR%%.*}" = 'a'     ]
+		RUN [ "${SOME_VAR#*.}"  = 'b.c'   ]
+		RUN [ "${SOME_VAR##*.}" = 'c'     ]
+		RUN [ "${SOME_VAR/c/d}" = 'a.b.d' ]
+		RUN [ "${#SOME_VAR}"    = '5'     ]
+
+		RUN [ "${SOME_UNSET_VAR:-$SOME_VAR}" = 'a.b.c' ]
+		RUN [ "${SOME_VAR:+Version: ${SOME_VAR}}" = 'Version: a.b.c' ]
+		RUN [ "${SOME_UNSET_VAR:+${SOME_VAR}}" = '' ]
+		RUN [ "${SOME_UNSET_VAR:-${SOME_VAR:-d.e.f}}" = 'a.b.c' ]
+	`, false)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildVerifySingleQuoteFails(c *check.C) {
+	// This testcase is supposed to generate an error because the
+	// JSON array we're passing in on the CMD uses single quotes instead
+	// of double quotes (per the JSON spec). This means we interpret it
+	// as a "string" instead of "JSON array" and pass it on to "sh -c" and
+	// it should barf on it.
+	name := "testbuildsinglequotefails"
+
+	if _, err := buildImage(name,
+		`FROM busybox
+		CMD [ '/bin/sh', '-c', 'echo hi' ]`,
+		true); err != nil {
+		c.Fatal(err)
+	}
+
+	if _, _, err := dockerCmdWithError("run", "--rm", name); err == nil {
+		c.Fatal("The image was not supposed to be able to run")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildVerboseOut(c *check.C) {
+	name := "testbuildverboseout"
+	expected := "\n123\n"
+
+	if daemonPlatform == "windows" {
+		expected = "\n123\r\n"
+	}
+
+	_, out, err := buildImageWithOut(name,
+		`FROM busybox
+RUN echo 123`,
+		false)
+
+	if err != nil {
+		c.Fatal(err)
+	}
+	if !strings.Contains(out, expected) {
+		c.Fatalf("Output should contain %q: %q", "123", out)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildWithTabs(c *check.C) {
+	name := "testbuildwithtabs"
+	_, err := buildImage(name,
+		"FROM busybox\nRUN echo\tone\t\ttwo", true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	res := inspectFieldJSON(c, name, "ContainerConfig.Cmd")
+	expected1 := `["/bin/sh","-c","echo\tone\t\ttwo"]`
+	expected2 := `["/bin/sh","-c","echo\u0009one\u0009\u0009two"]` // syntactically equivalent, and what Go 1.3 generates
+	if daemonPlatform == "windows" {
+		expected1 = `["cmd","/S","/C","echo\tone\t\ttwo"]`
+		expected2 = `["cmd","/S","/C","echo\u0009one\u0009\u0009two"]` // syntactically equivalent, and what Go 1.3 generates
+	}
+	if res != expected1 && res != expected2 {
+		c.Fatalf("Missing tabs.\nGot: %s\nExp: %s or %s", res, expected1, expected2)
+	}
+}
+
+func (s *DockerSuite) TestBuildLabels(c *check.C) {
+	name := "testbuildlabel"
+	expected := `{"License":"GPL","Vendor":"Acme"}`
+	_, err := buildImage(name,
+		`FROM busybox
+		LABEL Vendor=Acme
+                LABEL License GPL`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	res := inspectFieldJSON(c, name, "Config.Labels")
+	if res != expected {
+		c.Fatalf("Labels %s, expected %s", res, expected)
+	}
+}
+
+func (s *DockerSuite) TestBuildLabelsCache(c *check.C) {
+	name := "testbuildlabelcache"
+
+	id1, err := buildImage(name,
+		`FROM busybox
+		LABEL Vendor=Acme`, false)
+	if err != nil {
+		c.Fatalf("Build 1 should have worked: %v", err)
+	}
+
+	id2, err := buildImage(name,
+		`FROM busybox
+		LABEL Vendor=Acme`, true)
+	if err != nil || id1 != id2 {
+		c.Fatalf("Build 2 should have worked & used cache(%s,%s): %v", id1, id2, err)
+	}
+
+	id2, err = buildImage(name,
+		`FROM busybox
+		LABEL Vendor=Acme1`, true)
+	if err != nil || id1 == id2 {
+		c.Fatalf("Build 3 should have worked & NOT used cache(%s,%s): %v", id1, id2, err)
+	}
+
+	id2, err = buildImage(name,
+		`FROM busybox
+		LABEL Vendor Acme`, true) // Note: " " and "=" should be same
+	if err != nil || id1 != id2 {
+		c.Fatalf("Build 4 should have worked & used cache(%s,%s): %v", id1, id2, err)
+	}
+
+	// Now make sure the cache isn't used by mistake
+	id1, err = buildImage(name,
+		`FROM busybox
+       LABEL f1=b1 f2=b2`, false)
+	if err != nil {
+		c.Fatalf("Build 5 should have worked: %q", err)
+	}
+
+	id2, err = buildImage(name,
+		`FROM busybox
+       LABEL f1="b1 f2=b2"`, true)
+	if err != nil || id1 == id2 {
+		c.Fatalf("Build 6 should have worked & NOT used the cache(%s,%s): %q", id1, id2, err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildNotVerboseSuccess(c *check.C) {
+	// This test makes sure that -q works correctly when build is successful:
+	// stdout has only the image ID (long image ID) and stderr is empty.
+	var stdout, stderr string
+	var err error
+	outRegexp := regexp.MustCompile("^(sha256:|)[a-z0-9]{64}\\n$")
+
+	tt := []struct {
+		Name      string
+		BuildFunc func(string)
+	}{
+		{
+			Name: "quiet_build_stdin_success",
+			BuildFunc: func(name string) {
+				_, stdout, stderr, err = buildImageWithStdoutStderr(name, "FROM busybox", true, "-q", "--force-rm", "--rm")
+			},
+		},
+		{
+			Name: "quiet_build_ctx_success",
+			BuildFunc: func(name string) {
+				ctx, err := fakeContext("FROM busybox", map[string]string{
+					"quiet_build_success_fctx": "test",
+				})
+				if err != nil {
+					c.Fatalf("Failed to create context: %s", err.Error())
+				}
+				defer ctx.Close()
+				_, stdout, stderr, err = buildImageFromContextWithStdoutStderr(name, ctx, true, "-q", "--force-rm", "--rm")
+			},
+		},
+		{
+			Name: "quiet_build_git_success",
+			BuildFunc: func(name string) {
+				git, err := newFakeGit("repo", map[string]string{
+					"Dockerfile": "FROM busybox",
+				}, true)
+				if err != nil {
+					c.Fatalf("Failed to create the git repo: %s", err.Error())
+				}
+				defer git.Close()
+				_, stdout, stderr, err = buildImageFromGitWithStdoutStderr(name, git, true, "-q", "--force-rm", "--rm")
+
+			},
+		},
+	}
+
+	for _, te := range tt {
+		te.BuildFunc(te.Name)
+		if err != nil {
+			c.Fatalf("Test %s shouldn't fail, but got the following error: %s", te.Name, err.Error())
+		}
+		if outRegexp.Find([]byte(stdout)) == nil {
+			c.Fatalf("Test %s expected stdout to match the [%v] regexp, but it is [%v]", te.Name, outRegexp, stdout)
+		}
+		if runtime.GOOS == "windows" {
+			// stderr contains a security warning on Windows if the daemon isn't Windows
+			lines := strings.Split(stderr, "\n")
+			warningCount := 0
+			for _, v := range lines {
+				warningText := "SECURITY WARNING: You are building a Docker image from Windows against a non-Windows Docker host."
+				if strings.Contains(v, warningText) {
+					warningCount++
+				}
+				if v != "" && !strings.Contains(v, warningText) {
+					c.Fatalf("Stderr contains unexpected output line: %q", v)
+				}
+			}
+			if warningCount != 1 && daemonPlatform != "windows" {
+				c.Fatalf("Test %s didn't get security warning running from Windows to non-Windows", te.Name)
+			}
+		} else {
+			if stderr != "" {
+				c.Fatalf("Test %s expected stderr to be empty, but it is [%#v]", te.Name, stderr)
+			}
+		}
+	}
+
+}
+
+func (s *DockerSuite) TestBuildNotVerboseFailure(c *check.C) {
+	// This test makes sure that -q works correctly when build fails by
+	// comparing between the stderr output in quiet mode and in stdout
+	// and stderr output in verbose mode
+	tt := []struct {
+		TestName  string
+		BuildCmds string
+	}{
+		{"quiet_build_no_from_at_the_beginning", "RUN whoami"},
+		{"quiet_build_unknown_instr", "FROMD busybox"},
+		{"quiet_build_not_exists_image", "FROM busybox11"},
+	}
+
+	for _, te := range tt {
+		_, _, qstderr, qerr := buildImageWithStdoutStderr(te.TestName, te.BuildCmds, false, "-q", "--force-rm", "--rm")
+		_, vstdout, vstderr, verr := buildImageWithStdoutStderr(te.TestName, te.BuildCmds, false, "--force-rm", "--rm")
+		if verr == nil || qerr == nil {
+			c.Fatal(fmt.Errorf("Test [%s] expected to fail but didn't", te.TestName))
+		}
+		if qstderr != vstdout+vstderr {
+			c.Fatal(fmt.Errorf("Test[%s] expected that quiet stderr and verbose stdout are equal; quiet [%v], verbose [%v]", te.TestName, qstderr, vstdout+vstderr))
+		}
+	}
+}
+
+func (s *DockerSuite) TestBuildNotVerboseFailureRemote(c *check.C) {
+	// This test ensures that when given a wrong URL, stderr in quiet mode and
+	// stdout and stderr in verbose mode are identical.
+	URL := "http://bla.bla.com"
+	Name := "quiet_build_wrong_remote"
+	_, _, qstderr, qerr := buildImageWithStdoutStderr(Name, "", false, "-q", "--force-rm", "--rm", URL)
+	_, vstdout, vstderr, verr := buildImageWithStdoutStderr(Name, "", false, "--force-rm", "--rm", URL)
+	if qerr == nil || verr == nil {
+		c.Fatal(fmt.Errorf("Test [%s] expected to fail but didn't", Name))
+	}
+	if qstderr != vstdout+vstderr {
+		c.Fatal(fmt.Errorf("Test[%s] expected that quiet stderr and verbose stdout are equal; quiet [%v], verbose [%v]", Name, qstderr, vstdout))
+	}
+}
+
+func (s *DockerSuite) TestBuildStderr(c *check.C) {
+	// This test just makes sure that no non-error output goes
+	// to stderr
+	name := "testbuildstderr"
+	_, _, stderr, err := buildImageWithStdoutStderr(name,
+		"FROM busybox\nRUN echo one", true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	if runtime.GOOS == "windows" {
+		// stderr might contain a security warning on windows
+		lines := strings.Split(stderr, "\n")
+		for _, v := range lines {
+			if v != "" && !strings.Contains(v, "SECURITY WARNING:") {
+				c.Fatalf("Stderr contains unexpected output line: %q", v)
+			}
+		}
+	} else {
+		if stderr != "" {
+			c.Fatalf("Stderr should have been empty, instead its: %q", stderr)
+		}
+	}
+}
+
+func (s *DockerSuite) TestBuildChownSingleFile(c *check.C) {
+	testRequires(c, UnixCli) // test uses chown: not available on windows
+	testRequires(c, DaemonIsLinux)
+
+	name := "testbuildchownsinglefile"
+
+	ctx, err := fakeContext(`
+FROM busybox
+COPY test /
+RUN ls -l /test
+RUN [ $(ls -l /test | awk '{print $3":"$4}') = 'root:root' ]
+`, map[string]string{
+		"test": "test",
+	})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if err := os.Chown(filepath.Join(ctx.Dir, "test"), 4242, 4242); err != nil {
+		c.Fatal(err)
+	}
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildSymlinkBreakout(c *check.C) {
+	name := "testbuildsymlinkbreakout"
+	tmpdir, err := ioutil.TempDir("", name)
+	c.Assert(err, check.IsNil)
+	defer os.RemoveAll(tmpdir)
+	ctx := filepath.Join(tmpdir, "context")
+	if err := os.MkdirAll(ctx, 0755); err != nil {
+		c.Fatal(err)
+	}
+	if err := ioutil.WriteFile(filepath.Join(ctx, "Dockerfile"), []byte(`
+	from busybox
+	add symlink.tar /
+	add inject /symlink/
+	`), 0644); err != nil {
+		c.Fatal(err)
+	}
+	inject := filepath.Join(ctx, "inject")
+	if err := ioutil.WriteFile(inject, nil, 0644); err != nil {
+		c.Fatal(err)
+	}
+	f, err := os.Create(filepath.Join(ctx, "symlink.tar"))
+	if err != nil {
+		c.Fatal(err)
+	}
+	w := tar.NewWriter(f)
+	w.WriteHeader(&tar.Header{
+		Name:     "symlink2",
+		Typeflag: tar.TypeSymlink,
+		Linkname: "/../../../../../../../../../../../../../../",
+		Uid:      os.Getuid(),
+		Gid:      os.Getgid(),
+	})
+	w.WriteHeader(&tar.Header{
+		Name:     "symlink",
+		Typeflag: tar.TypeSymlink,
+		Linkname: filepath.Join("symlink2", tmpdir),
+		Uid:      os.Getuid(),
+		Gid:      os.Getgid(),
+	})
+	w.Close()
+	f.Close()
+	if _, err := buildImageFromContext(name, fakeContextFromDir(ctx), false); err != nil {
+		c.Fatal(err)
+	}
+	if _, err := os.Lstat(filepath.Join(tmpdir, "inject")); err == nil {
+		c.Fatal("symlink breakout - inject")
+	} else if !os.IsNotExist(err) {
+		c.Fatalf("unexpected error: %v", err)
+	}
+}
+
+func (s *DockerSuite) TestBuildXZHost(c *check.C) {
+	// /usr/local/sbin/xz gets permission denied for the user
+	testRequires(c, NotUserNamespace)
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildxzhost"
+
+	ctx, err := fakeContext(`
+FROM busybox
+ADD xz /usr/local/sbin/
+RUN chmod 755 /usr/local/sbin/xz
+ADD test.xz /
+RUN [ ! -e /injected ]`,
+		map[string]string{
+			"test.xz": "\xfd\x37\x7a\x58\x5a\x00\x00\x04\xe6\xd6\xb4\x46\x02\x00" +
+				"\x21\x01\x16\x00\x00\x00\x74\x2f\xe5\xa3\x01\x00\x3f\xfd" +
+				"\x37\x7a\x58\x5a\x00\x00\x04\xe6\xd6\xb4\x46\x02\x00\x21",
+			"xz": "#!/bin/sh\ntouch /injected",
+		})
+
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatal(err)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildVolumesRetainContents(c *check.C) {
+	// /foo/file gets permission denied for the user
+	testRequires(c, NotUserNamespace)
+	testRequires(c, DaemonIsLinux) // TODO Windows: Issue #20127
+	var (
+		name     = "testbuildvolumescontent"
+		expected = "some text"
+		volName  = "/foo"
+	)
+
+	if daemonPlatform == "windows" {
+		volName = "C:/foo"
+	}
+
+	ctx, err := fakeContext(`
+FROM busybox
+COPY content /foo/file
+VOLUME `+volName+`
+CMD cat /foo/file`,
+		map[string]string{
+			"content": expected,
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, false); err != nil {
+		c.Fatal(err)
+	}
+
+	out, _ := dockerCmd(c, "run", "--rm", name)
+	if out != expected {
+		c.Fatalf("expected file contents for /foo/file to be %q but received %q", expected, out)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildRenamedDockerfile(c *check.C) {
+
+	ctx, err := fakeContext(`FROM busybox
+	RUN echo from Dockerfile`,
+		map[string]string{
+			"Dockerfile":       "FROM busybox\nRUN echo from Dockerfile",
+			"files/Dockerfile": "FROM busybox\nRUN echo from files/Dockerfile",
+			"files/dFile":      "FROM busybox\nRUN echo from files/dFile",
+			"dFile":            "FROM busybox\nRUN echo from dFile",
+			"files/dFile2":     "FROM busybox\nRUN echo from files/dFile2",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	out, _, err := dockerCmdInDir(c, ctx.Dir, "build", "-t", "test1", ".")
+	if err != nil {
+		c.Fatalf("Failed to build: %s\n%s", out, err)
+	}
+	if !strings.Contains(out, "from Dockerfile") {
+		c.Fatalf("test1 should have used Dockerfile, output:%s", out)
+	}
+
+	out, _, err = dockerCmdInDir(c, ctx.Dir, "build", "-f", filepath.Join("files", "Dockerfile"), "-t", "test2", ".")
+	if err != nil {
+		c.Fatal(err)
+	}
+	if !strings.Contains(out, "from files/Dockerfile") {
+		c.Fatalf("test2 should have used files/Dockerfile, output:%s", out)
+	}
+
+	out, _, err = dockerCmdInDir(c, ctx.Dir, "build", fmt.Sprintf("--file=%s", filepath.Join("files", "dFile")), "-t", "test3", ".")
+	if err != nil {
+		c.Fatal(err)
+	}
+	if !strings.Contains(out, "from files/dFile") {
+		c.Fatalf("test3 should have used files/dFile, output:%s", out)
+	}
+
+	out, _, err = dockerCmdInDir(c, ctx.Dir, "build", "--file=dFile", "-t", "test4", ".")
+	if err != nil {
+		c.Fatal(err)
+	}
+	if !strings.Contains(out, "from dFile") {
+		c.Fatalf("test4 should have used dFile, output:%s", out)
+	}
+
+	dirWithNoDockerfile, err := ioutil.TempDir(os.TempDir(), "test5")
+	c.Assert(err, check.IsNil)
+	nonDockerfileFile := filepath.Join(dirWithNoDockerfile, "notDockerfile")
+	if _, err = os.Create(nonDockerfileFile); err != nil {
+		c.Fatal(err)
+	}
+	out, _, err = dockerCmdInDir(c, ctx.Dir, "build", fmt.Sprintf("--file=%s", nonDockerfileFile), "-t", "test5", ".")
+
+	if err == nil {
+		c.Fatalf("test5 was supposed to fail to find passwd")
+	}
+
+	if expected := fmt.Sprintf("The Dockerfile (%s) must be within the build context (.)", nonDockerfileFile); !strings.Contains(out, expected) {
+		c.Fatalf("wrong error messsage:%v\nexpected to contain=%v", out, expected)
+	}
+
+	out, _, err = dockerCmdInDir(c, filepath.Join(ctx.Dir, "files"), "build", "-f", filepath.Join("..", "Dockerfile"), "-t", "test6", "..")
+	if err != nil {
+		c.Fatalf("test6 failed: %s", err)
+	}
+	if !strings.Contains(out, "from Dockerfile") {
+		c.Fatalf("test6 should have used root Dockerfile, output:%s", out)
+	}
+
+	out, _, err = dockerCmdInDir(c, filepath.Join(ctx.Dir, "files"), "build", "-f", filepath.Join(ctx.Dir, "files", "Dockerfile"), "-t", "test7", "..")
+	if err != nil {
+		c.Fatalf("test7 failed: %s", err)
+	}
+	if !strings.Contains(out, "from files/Dockerfile") {
+		c.Fatalf("test7 should have used files Dockerfile, output:%s", out)
+	}
+
+	out, _, err = dockerCmdInDir(c, filepath.Join(ctx.Dir, "files"), "build", "-f", filepath.Join("..", "Dockerfile"), "-t", "test8", ".")
+	if err == nil || !strings.Contains(out, "must be within the build context") {
+		c.Fatalf("test8 should have failed with Dockerfile out of context: %s", err)
+	}
+
+	tmpDir := os.TempDir()
+	out, _, err = dockerCmdInDir(c, tmpDir, "build", "-t", "test9", ctx.Dir)
+	if err != nil {
+		c.Fatalf("test9 - failed: %s", err)
+	}
+	if !strings.Contains(out, "from Dockerfile") {
+		c.Fatalf("test9 should have used root Dockerfile, output:%s", out)
+	}
+
+	out, _, err = dockerCmdInDir(c, filepath.Join(ctx.Dir, "files"), "build", "-f", "dFile2", "-t", "test10", ".")
+	if err != nil {
+		c.Fatalf("test10 should have worked: %s", err)
+	}
+	if !strings.Contains(out, "from files/dFile2") {
+		c.Fatalf("test10 should have used files/dFile2, output:%s", out)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildFromMixedcaseDockerfile(c *check.C) {
+	testRequires(c, UnixCli) // Dockerfile overwrites dockerfile on windows
+	testRequires(c, DaemonIsLinux)
+
+	ctx, err := fakeContext(`FROM busybox
+	RUN echo from dockerfile`,
+		map[string]string{
+			"dockerfile": "FROM busybox\nRUN echo from dockerfile",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	out, _, err := dockerCmdInDir(c, ctx.Dir, "build", "-t", "test1", ".")
+	if err != nil {
+		c.Fatalf("Failed to build: %s\n%s", out, err)
+	}
+
+	if !strings.Contains(out, "from dockerfile") {
+		c.Fatalf("Missing proper output: %s", out)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildWithTwoDockerfiles(c *check.C) {
+	testRequires(c, UnixCli) // Dockerfile overwrites dockerfile on windows
+	testRequires(c, DaemonIsLinux)
+
+	ctx, err := fakeContext(`FROM busybox
+RUN echo from Dockerfile`,
+		map[string]string{
+			"dockerfile": "FROM busybox\nRUN echo from dockerfile",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	out, _, err := dockerCmdInDir(c, ctx.Dir, "build", "-t", "test1", ".")
+	if err != nil {
+		c.Fatalf("Failed to build: %s\n%s", out, err)
+	}
+
+	if !strings.Contains(out, "from Dockerfile") {
+		c.Fatalf("Missing proper output: %s", out)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildFromURLWithF(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	server, err := fakeStorage(map[string]string{"baz": `FROM busybox
+RUN echo from baz
+COPY * /tmp/
+RUN find /tmp/`})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer server.Close()
+
+	ctx, err := fakeContext(`FROM busybox
+RUN echo from Dockerfile`,
+		map[string]string{})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	// Make sure that -f is ignored and that we don't use the Dockerfile
+	// that's in the current dir
+	out, _, err := dockerCmdInDir(c, ctx.Dir, "build", "-f", "baz", "-t", "test1", server.URL()+"/baz")
+	if err != nil {
+		c.Fatalf("Failed to build: %s\n%s", out, err)
+	}
+
+	if !strings.Contains(out, "from baz") ||
+		strings.Contains(out, "/tmp/baz") ||
+		!strings.Contains(out, "/tmp/Dockerfile") {
+		c.Fatalf("Missing proper output: %s", out)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildFromStdinWithF(c *check.C) {
+	testRequires(c, DaemonIsLinux) // TODO Windows: This test is flaky; no idea why
+	ctx, err := fakeContext(`FROM busybox
+RUN echo "from Dockerfile"`,
+		map[string]string{})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	// Make sure that -f is ignored and that we don't use the Dockerfile
+	// that's in the current dir
+	dockerCommand := exec.Command(dockerBinary, "build", "-f", "baz", "-t", "test1", "-")
+	dockerCommand.Dir = ctx.Dir
+	dockerCommand.Stdin = strings.NewReader(`FROM busybox
+RUN echo "from baz"
+COPY * /tmp/
+RUN sh -c "find /tmp/" # sh -c is needed on Windows to use the correct find`)
+	out, status, err := runCommandWithOutput(dockerCommand)
+	if err != nil || status != 0 {
+		c.Fatalf("Error building: %s", err)
+	}
+
+	if !strings.Contains(out, "from baz") ||
+		strings.Contains(out, "/tmp/baz") ||
+		!strings.Contains(out, "/tmp/Dockerfile") {
+		c.Fatalf("Missing proper output: %s", out)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildFromOfficialNames(c *check.C) {
+	name := "testbuildfromofficial"
+	fromNames := []string{
+		"busybox",
+		"docker.io/busybox",
+		"index.docker.io/busybox",
+		"library/busybox",
+		"docker.io/library/busybox",
+		"index.docker.io/library/busybox",
+	}
+	for idx, fromName := range fromNames {
+		imgName := fmt.Sprintf("%s%d", name, idx)
+		_, err := buildImage(imgName, "FROM "+fromName, true)
+		if err != nil {
+			c.Errorf("Build failed using FROM %s: %s", fromName, err)
+		}
+		deleteImages(imgName)
+	}
+}
+
+func (s *DockerSuite) TestBuildDockerfileOutsideContext(c *check.C) {
+	testRequires(c, UnixCli) // uses os.Symlink: not implemented in windows at the time of writing (go-1.4.2)
+	testRequires(c, DaemonIsLinux)
+
+	name := "testbuilddockerfileoutsidecontext"
+	tmpdir, err := ioutil.TempDir("", name)
+	c.Assert(err, check.IsNil)
+	defer os.RemoveAll(tmpdir)
+	ctx := filepath.Join(tmpdir, "context")
+	if err := os.MkdirAll(ctx, 0755); err != nil {
+		c.Fatal(err)
+	}
+	if err := ioutil.WriteFile(filepath.Join(ctx, "Dockerfile"), []byte("FROM scratch\nENV X Y"), 0644); err != nil {
+		c.Fatal(err)
+	}
+	wd, err := os.Getwd()
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer os.Chdir(wd)
+	if err := os.Chdir(ctx); err != nil {
+		c.Fatal(err)
+	}
+	if err := ioutil.WriteFile(filepath.Join(tmpdir, "outsideDockerfile"), []byte("FROM scratch\nENV x y"), 0644); err != nil {
+		c.Fatal(err)
+	}
+	if err := os.Symlink(filepath.Join("..", "outsideDockerfile"), filepath.Join(ctx, "dockerfile1")); err != nil {
+		c.Fatal(err)
+	}
+	if err := os.Symlink(filepath.Join(tmpdir, "outsideDockerfile"), filepath.Join(ctx, "dockerfile2")); err != nil {
+		c.Fatal(err)
+	}
+
+	for _, dockerfilePath := range []string{
+		filepath.Join("..", "outsideDockerfile"),
+		filepath.Join(ctx, "dockerfile1"),
+		filepath.Join(ctx, "dockerfile2"),
+	} {
+		out, _, err := dockerCmdWithError("build", "-t", name, "--no-cache", "-f", dockerfilePath, ".")
+		if err == nil {
+			c.Fatalf("Expected error with %s. Out: %s", dockerfilePath, out)
+		}
+		if !strings.Contains(out, "must be within the build context") && !strings.Contains(out, "Cannot locate Dockerfile") {
+			c.Fatalf("Unexpected error with %s. Out: %s", dockerfilePath, out)
+		}
+		deleteImages(name)
+	}
+
+	os.Chdir(tmpdir)
+
+	// Path to Dockerfile should be resolved relative to working directory, not relative to context.
+	// There is a Dockerfile in the context, but since there is no Dockerfile in the current directory, the following should fail
+	out, _, err := dockerCmdWithError("build", "-t", name, "--no-cache", "-f", "Dockerfile", ctx)
+	if err == nil {
+		c.Fatalf("Expected error. Out: %s", out)
+	}
+}
+
+func (s *DockerSuite) TestBuildSpaces(c *check.C) {
+	// Test to make sure that leading/trailing spaces on a command
+	// doesn't change the error msg we get
+	var (
+		err1 error
+		err2 error
+	)
+
+	name := "testspaces"
+	ctx, err := fakeContext("FROM busybox\nCOPY\n",
+		map[string]string{
+			"Dockerfile": "FROM busybox\nCOPY\n",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err1 = buildImageFromContext(name, ctx, false); err1 == nil {
+		c.Fatal("Build 1 was supposed to fail, but didn't")
+	}
+
+	ctx.Add("Dockerfile", "FROM busybox\nCOPY    ")
+	if _, err2 = buildImageFromContext(name, ctx, false); err2 == nil {
+		c.Fatal("Build 2 was supposed to fail, but didn't")
+	}
+
+	removeLogTimestamps := func(s string) string {
+		return regexp.MustCompile(`time="(.*?)"`).ReplaceAllString(s, `time=[TIMESTAMP]`)
+	}
+
+	// Skip over the times
+	e1 := removeLogTimestamps(err1.Error())
+	e2 := removeLogTimestamps(err2.Error())
+
+	// Ignore whitespace since that's what were verifying doesn't change stuff
+	if strings.Replace(e1, " ", "", -1) != strings.Replace(e2, " ", "", -1) {
+		c.Fatalf("Build 2's error wasn't the same as build 1's\n1:%s\n2:%s", err1, err2)
+	}
+
+	ctx.Add("Dockerfile", "FROM busybox\n   COPY")
+	if _, err2 = buildImageFromContext(name, ctx, false); err2 == nil {
+		c.Fatal("Build 3 was supposed to fail, but didn't")
+	}
+
+	// Skip over the times
+	e1 = removeLogTimestamps(err1.Error())
+	e2 = removeLogTimestamps(err2.Error())
+
+	// Ignore whitespace since that's what were verifying doesn't change stuff
+	if strings.Replace(e1, " ", "", -1) != strings.Replace(e2, " ", "", -1) {
+		c.Fatalf("Build 3's error wasn't the same as build 1's\n1:%s\n3:%s", err1, err2)
+	}
+
+	ctx.Add("Dockerfile", "FROM busybox\n   COPY    ")
+	if _, err2 = buildImageFromContext(name, ctx, false); err2 == nil {
+		c.Fatal("Build 4 was supposed to fail, but didn't")
+	}
+
+	// Skip over the times
+	e1 = removeLogTimestamps(err1.Error())
+	e2 = removeLogTimestamps(err2.Error())
+
+	// Ignore whitespace since that's what were verifying doesn't change stuff
+	if strings.Replace(e1, " ", "", -1) != strings.Replace(e2, " ", "", -1) {
+		c.Fatalf("Build 4's error wasn't the same as build 1's\n1:%s\n4:%s", err1, err2)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildSpacesWithQuotes(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	// Test to make sure that spaces in quotes aren't lost
+	name := "testspacesquotes"
+
+	dockerfile := `FROM busybox
+RUN echo "  \
+  foo  "`
+
+	_, out, err := buildImageWithOut(name, dockerfile, false)
+	if err != nil {
+		c.Fatal("Build failed:", err)
+	}
+
+	expecting := "\n    foo  \n"
+	if !strings.Contains(out, expecting) {
+		c.Fatalf("Bad output: %q expecting to contain %q", out, expecting)
+	}
+
+}
+
+// #4393
+func (s *DockerSuite) TestBuildVolumeFileExistsinContainer(c *check.C) {
+	testRequires(c, DaemonIsLinux) // TODO Windows: This should error out
+	buildCmd := exec.Command(dockerBinary, "build", "-t", "docker-test-errcreatevolumewithfile", "-")
+	buildCmd.Stdin = strings.NewReader(`
+	FROM busybox
+	RUN touch /foo
+	VOLUME /foo
+	`)
+
+	out, _, err := runCommandWithOutput(buildCmd)
+	if err == nil || !strings.Contains(out, "file exists") {
+		c.Fatalf("expected build to fail when file exists in container at requested volume path")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildMissingArgs(c *check.C) {
+	// Test to make sure that all Dockerfile commands (except the ones listed
+	// in skipCmds) will generate an error if no args are provided.
+	// Note: INSERT is deprecated so we exclude it because of that.
+	skipCmds := map[string]struct{}{
+		"CMD":        {},
+		"RUN":        {},
+		"ENTRYPOINT": {},
+		"INSERT":     {},
+	}
+
+	if daemonPlatform == "windows" {
+		skipCmds = map[string]struct{}{
+			"CMD":        {},
+			"RUN":        {},
+			"ENTRYPOINT": {},
+			"INSERT":     {},
+			"STOPSIGNAL": {},
+			"ARG":        {},
+			"USER":       {},
+			"EXPOSE":     {},
+		}
+	}
+
+	for cmd := range command.Commands {
+		cmd = strings.ToUpper(cmd)
+		if _, ok := skipCmds[cmd]; ok {
+			continue
+		}
+
+		var dockerfile string
+		if cmd == "FROM" {
+			dockerfile = cmd
+		} else {
+			// Add FROM to make sure we don't complain about it missing
+			dockerfile = "FROM busybox\n" + cmd
+		}
+
+		ctx, err := fakeContext(dockerfile, map[string]string{})
+		if err != nil {
+			c.Fatal(err)
+		}
+		defer ctx.Close()
+		var out string
+		if out, err = buildImageFromContext("args", ctx, true); err == nil {
+			c.Fatalf("%s was supposed to fail. Out:%s", cmd, out)
+		}
+		if !strings.Contains(err.Error(), cmd+" requires") {
+			c.Fatalf("%s returned the wrong type of error:%s", cmd, err)
+		}
+	}
+
+}
+
+func (s *DockerSuite) TestBuildEmptyScratch(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	_, out, err := buildImageWithOut("sc", "FROM scratch", true)
+	if err == nil {
+		c.Fatalf("Build was supposed to fail")
+	}
+	if !strings.Contains(out, "No image was generated") {
+		c.Fatalf("Wrong error message: %v", out)
+	}
+}
+
+func (s *DockerSuite) TestBuildDotDotFile(c *check.C) {
+	ctx, err := fakeContext("FROM busybox\n",
+		map[string]string{
+			"..gitme": "",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err = buildImageFromContext("sc", ctx, false); err != nil {
+		c.Fatalf("Build was supposed to work: %s", err)
+	}
+}
+
+func (s *DockerSuite) TestBuildRUNoneJSON(c *check.C) {
+	testRequires(c, DaemonIsLinux) // No hello-world Windows image
+	name := "testbuildrunonejson"
+
+	ctx, err := fakeContext(`FROM hello-world:frozen
+RUN [ "/hello" ]`, map[string]string{})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	out, _, err := dockerCmdInDir(c, ctx.Dir, "build", "--no-cache", "-t", name, ".")
+	if err != nil {
+		c.Fatalf("failed to build the image: %s, %v", out, err)
+	}
+
+	if !strings.Contains(out, "Hello from Docker") {
+		c.Fatalf("bad output: %s", out)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildEmptyStringVolume(c *check.C) {
+	name := "testbuildemptystringvolume"
+
+	_, err := buildImage(name, `
+  FROM busybox
+  ENV foo=""
+  VOLUME $foo
+  `, false)
+	if err == nil {
+		c.Fatal("Should have failed to build")
+	}
+
+}
+
+func (s *DockerSuite) TestBuildContainerWithCgroupParent(c *check.C) {
+	testRequires(c, SameHostDaemon)
+	testRequires(c, DaemonIsLinux)
+
+	cgroupParent := "test"
+	data, err := ioutil.ReadFile("/proc/self/cgroup")
+	if err != nil {
+		c.Fatalf("failed to read '/proc/self/cgroup - %v", err)
+	}
+	selfCgroupPaths := parseCgroupPaths(string(data))
+	_, found := selfCgroupPaths["memory"]
+	if !found {
+		c.Fatalf("unable to find self memory cgroup path. CgroupsPath: %v", selfCgroupPaths)
+	}
+	cmd := exec.Command(dockerBinary, "build", "--cgroup-parent", cgroupParent, "-")
+	cmd.Stdin = strings.NewReader(`
+FROM busybox
+RUN cat /proc/self/cgroup
+`)
+
+	out, _, err := runCommandWithOutput(cmd)
+	if err != nil {
+		c.Fatalf("unexpected failure when running container with --cgroup-parent option - %s\n%v", string(out), err)
+	}
+	m, err := regexp.MatchString(fmt.Sprintf("memory:.*/%s/.*", cgroupParent), out)
+	c.Assert(err, check.IsNil)
+	if !m {
+		c.Fatalf("There is no expected memory cgroup with parent /%s/: %s", cgroupParent, out)
+	}
+}
+
+func (s *DockerSuite) TestBuildNoDupOutput(c *check.C) {
+	// Check to make sure our build output prints the Dockerfile cmd
+	// property - there was a bug that caused it to be duplicated on the
+	// Step X  line
+	name := "testbuildnodupoutput"
+
+	_, out, err := buildImageWithOut(name, `
+  FROM busybox
+  RUN env`, false)
+	if err != nil {
+		c.Fatalf("Build should have worked: %q", err)
+	}
+
+	exp := "\nStep 2 : RUN env\n"
+	if !strings.Contains(out, exp) {
+		c.Fatalf("Bad output\nGot:%s\n\nExpected to contain:%s\n", out, exp)
+	}
+}
+
+// GH15826
+func (s *DockerSuite) TestBuildStartsFromOne(c *check.C) {
+	// Explicit check to ensure that build starts from step 1 rather than 0
+	name := "testbuildstartsfromone"
+
+	_, out, err := buildImageWithOut(name, `
+  FROM busybox`, false)
+	if err != nil {
+		c.Fatalf("Build should have worked: %q", err)
+	}
+
+	exp := "\nStep 1 : FROM busybox\n"
+	if !strings.Contains(out, exp) {
+		c.Fatalf("Bad output\nGot:%s\n\nExpected to contain:%s\n", out, exp)
+	}
+}
+
+func (s *DockerSuite) TestBuildBadCmdFlag(c *check.C) {
+	name := "testbuildbadcmdflag"
+
+	_, out, err := buildImageWithOut(name, `
+  FROM busybox
+  MAINTAINER --boo joe@example.com`, false)
+	if err == nil {
+		c.Fatal("Build should have failed")
+	}
+
+	exp := "\nUnknown flag: boo\n"
+	if !strings.Contains(out, exp) {
+		c.Fatalf("Bad output\nGot:%s\n\nExpected to contain:%s\n", out, exp)
+	}
+}
+
+func (s *DockerSuite) TestBuildRUNErrMsg(c *check.C) {
+	// Test to make sure the bad command is quoted with just "s and
+	// not as a Go []string
+	name := "testbuildbadrunerrmsg"
+	_, out, err := buildImageWithOut(name, `
+  FROM busybox
+  RUN badEXE a1 \& a2	a3`, false) // tab between a2 and a3
+	if err == nil {
+		c.Fatal("Should have failed to build")
+	}
+	shell := "/bin/sh -c"
+	exitCode := "127"
+	if daemonPlatform == "windows" {
+		shell = "cmd /S /C"
+		// architectural - Windows has to start the container to determine the exe is bad, Linux does not
+		exitCode = "1"
+	}
+	exp := `The command '` + shell + ` badEXE a1 \& a2	a3' returned a non-zero code: ` + exitCode
+	if !strings.Contains(out, exp) {
+		c.Fatalf("RUN doesn't have the correct output:\nGot:%s\nExpected:%s", out, exp)
+	}
+}
+
+func (s *DockerTrustSuite) TestTrustedBuild(c *check.C) {
+	repoName := s.setupTrustedImage(c, "trusted-build")
+	dockerFile := fmt.Sprintf(`
+  FROM %s
+  RUN []
+    `, repoName)
+
+	name := "testtrustedbuild"
+
+	buildCmd := buildImageCmd(name, dockerFile, true)
+	s.trustedCmd(buildCmd)
+	out, _, err := runCommandWithOutput(buildCmd)
+	if err != nil {
+		c.Fatalf("Error running trusted build: %s\n%s", err, out)
+	}
+
+	if !strings.Contains(out, fmt.Sprintf("FROM %s@sha", repoName[:len(repoName)-7])) {
+		c.Fatalf("Unexpected output on trusted build:\n%s", out)
+	}
+
+	// We should also have a tag reference for the image.
+	if out, exitCode := dockerCmd(c, "inspect", repoName); exitCode != 0 {
+		c.Fatalf("unexpected exit code inspecting image %q: %d: %s", repoName, exitCode, out)
+	}
+
+	// We should now be able to remove the tag reference.
+	if out, exitCode := dockerCmd(c, "rmi", repoName); exitCode != 0 {
+		c.Fatalf("unexpected exit code inspecting image %q: %d: %s", repoName, exitCode, out)
+	}
+}
+
+func (s *DockerTrustSuite) TestTrustedBuildUntrustedTag(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockercli/build-untrusted-tag:latest", privateRegistryURL)
+	dockerFile := fmt.Sprintf(`
+  FROM %s
+  RUN []
+    `, repoName)
+
+	name := "testtrustedbuilduntrustedtag"
+
+	buildCmd := buildImageCmd(name, dockerFile, true)
+	s.trustedCmd(buildCmd)
+	out, _, err := runCommandWithOutput(buildCmd)
+	if err == nil {
+		c.Fatalf("Expected error on trusted build with untrusted tag: %s\n%s", err, out)
+	}
+
+	if !strings.Contains(out, "does not have trust data for") {
+		c.Fatalf("Unexpected output on trusted build with untrusted tag:\n%s", out)
+	}
+}
+
+func (s *DockerTrustSuite) TestBuildContextDirIsSymlink(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	tempDir, err := ioutil.TempDir("", "test-build-dir-is-symlink-")
+	c.Assert(err, check.IsNil)
+	defer os.RemoveAll(tempDir)
+
+	// Make a real context directory in this temp directory with a simple
+	// Dockerfile.
+	realContextDirname := filepath.Join(tempDir, "context")
+	if err := os.Mkdir(realContextDirname, os.FileMode(0755)); err != nil {
+		c.Fatal(err)
+	}
+
+	if err = ioutil.WriteFile(
+		filepath.Join(realContextDirname, "Dockerfile"),
+		[]byte(`
+			FROM busybox
+			RUN echo hello world
+		`),
+		os.FileMode(0644),
+	); err != nil {
+		c.Fatal(err)
+	}
+
+	// Make a symlink to the real context directory.
+	contextSymlinkName := filepath.Join(tempDir, "context_link")
+	if err := os.Symlink(realContextDirname, contextSymlinkName); err != nil {
+		c.Fatal(err)
+	}
+
+	// Executing the build with the symlink as the specified context should
+	// *not* fail.
+	if out, exitStatus := dockerCmd(c, "build", contextSymlinkName); exitStatus != 0 {
+		c.Fatalf("build failed with exit status %d: %s", exitStatus, out)
+	}
+}
+
+func (s *DockerTrustSuite) TestTrustedBuildTagFromReleasesRole(c *check.C) {
+	testRequires(c, NotaryHosting)
+
+	latestTag := s.setupTrustedImage(c, "trusted-build-releases-role")
+	repoName := strings.TrimSuffix(latestTag, ":latest")
+
+	// Now create the releases role
+	s.notaryCreateDelegation(c, repoName, "targets/releases", s.not.keys[0].Public)
+	s.notaryImportKey(c, repoName, "targets/releases", s.not.keys[0].Private)
+	s.notaryPublish(c, repoName)
+
+	// push a different tag to the releases role
+	otherTag := fmt.Sprintf("%s:other", repoName)
+	dockerCmd(c, "tag", "busybox", otherTag)
+
+	pushCmd := exec.Command(dockerBinary, "push", otherTag)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil, check.Commentf("Trusted push failed: %s", out))
+	s.assertTargetInRoles(c, repoName, "other", "targets/releases")
+	s.assertTargetNotInRoles(c, repoName, "other", "targets")
+
+	out, status := dockerCmd(c, "rmi", otherTag)
+	c.Assert(status, check.Equals, 0, check.Commentf("docker rmi failed: %s", out))
+
+	dockerFile := fmt.Sprintf(`
+  FROM %s
+  RUN []
+    `, otherTag)
+
+	name := "testtrustedbuildreleasesrole"
+
+	buildCmd := buildImageCmd(name, dockerFile, true)
+	s.trustedCmd(buildCmd)
+	out, _, err = runCommandWithOutput(buildCmd)
+	c.Assert(err, check.IsNil, check.Commentf("Trusted build failed: %s", out))
+	c.Assert(out, checker.Contains, fmt.Sprintf("FROM %s@sha", repoName))
+}
+
+func (s *DockerTrustSuite) TestTrustedBuildTagIgnoresOtherDelegationRoles(c *check.C) {
+	testRequires(c, NotaryHosting)
+
+	latestTag := s.setupTrustedImage(c, "trusted-build-releases-role")
+	repoName := strings.TrimSuffix(latestTag, ":latest")
+
+	// Now create a non-releases delegation role
+	s.notaryCreateDelegation(c, repoName, "targets/other", s.not.keys[0].Public)
+	s.notaryImportKey(c, repoName, "targets/other", s.not.keys[0].Private)
+	s.notaryPublish(c, repoName)
+
+	// push a different tag to the other role
+	otherTag := fmt.Sprintf("%s:other", repoName)
+	dockerCmd(c, "tag", "busybox", otherTag)
+
+	pushCmd := exec.Command(dockerBinary, "push", otherTag)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil, check.Commentf("Trusted push failed: %s", out))
+	s.assertTargetInRoles(c, repoName, "other", "targets/other")
+	s.assertTargetNotInRoles(c, repoName, "other", "targets")
+
+	out, status := dockerCmd(c, "rmi", otherTag)
+	c.Assert(status, check.Equals, 0, check.Commentf("docker rmi failed: %s", out))
+
+	dockerFile := fmt.Sprintf(`
+  FROM %s
+  RUN []
+    `, otherTag)
+
+	name := "testtrustedbuildotherrole"
+
+	buildCmd := buildImageCmd(name, dockerFile, true)
+	s.trustedCmd(buildCmd)
+	out, _, err = runCommandWithOutput(buildCmd)
+	c.Assert(err, check.NotNil, check.Commentf("Trusted build expected to fail: %s", out))
+}
+
+// Issue #15634: COPY fails when path starts with "null"
+func (s *DockerSuite) TestBuildNullStringInAddCopyVolume(c *check.C) {
+	name := "testbuildnullstringinaddcopyvolume"
+
+	volName := "nullvolume"
+
+	if daemonPlatform == "windows" {
+		volName = `C:\\nullvolume`
+	}
+
+	ctx, err := fakeContext(`
+		FROM busybox
+
+		ADD null /
+		COPY nullfile /
+		VOLUME `+volName+`
+		`,
+		map[string]string{
+			"null":     "test1",
+			"nullfile": "test2",
+		},
+	)
+	c.Assert(err, check.IsNil)
+	defer ctx.Close()
+
+	_, err = buildImageFromContext(name, ctx, true)
+	c.Assert(err, check.IsNil)
+}
+
+func (s *DockerSuite) TestBuildStopSignal(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support STOPSIGNAL yet
+	imgName := "test_build_stop_signal"
+	_, err := buildImage(imgName,
+		`FROM busybox
+		 STOPSIGNAL SIGKILL`,
+		true)
+	c.Assert(err, check.IsNil)
+	res := inspectFieldJSON(c, imgName, "Config.StopSignal")
+	if res != `"SIGKILL"` {
+		c.Fatalf("Signal %s, expected SIGKILL", res)
+	}
+
+	containerName := "test-container-stop-signal"
+	dockerCmd(c, "run", "-d", "--name", containerName, imgName, "top")
+
+	res = inspectFieldJSON(c, containerName, "Config.StopSignal")
+	if res != `"SIGKILL"` {
+		c.Fatalf("Signal %s, expected SIGKILL", res)
+	}
+}
+
+func (s *DockerSuite) TestBuildBuildTimeArg(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support ARG
+	imgName := "bldargtest"
+	envKey := "foo"
+	envVal := "bar"
+	args := []string{
+		"--build-arg", fmt.Sprintf("%s=%s", envKey, envVal),
+	}
+	dockerfile := fmt.Sprintf(`FROM busybox
+		ARG %s
+		RUN echo $%s
+		CMD echo $%s`, envKey, envKey, envKey)
+
+	if _, out, err := buildImageWithOut(imgName, dockerfile, true, args...); err != nil || !strings.Contains(out, envVal) {
+		if err != nil {
+			c.Fatalf("build failed to complete: %q %q", out, err)
+		}
+		c.Fatalf("failed to access environment variable in output: %q expected: %q", out, envVal)
+	}
+
+	containerName := "bldargCont"
+	if out, _ := dockerCmd(c, "run", "--name", containerName, imgName); out != "\n" {
+		c.Fatalf("run produced invalid output: %q, expected empty string", out)
+	}
+}
+
+func (s *DockerSuite) TestBuildBuildTimeArgHistory(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support ARG
+	imgName := "bldargtest"
+	envKey := "foo"
+	envVal := "bar"
+	envDef := "bar1"
+	args := []string{
+		"--build-arg", fmt.Sprintf("%s=%s", envKey, envVal),
+	}
+	dockerfile := fmt.Sprintf(`FROM busybox
+		ARG %s=%s`, envKey, envDef)
+
+	if _, out, err := buildImageWithOut(imgName, dockerfile, true, args...); err != nil || !strings.Contains(out, envVal) {
+		if err != nil {
+			c.Fatalf("build failed to complete: %q %q", out, err)
+		}
+		c.Fatalf("failed to access environment variable in output: %q expected: %q", out, envVal)
+	}
+
+	out, _ := dockerCmd(c, "history", "--no-trunc", imgName)
+	outputTabs := strings.Split(out, "\n")[1]
+	if !strings.Contains(outputTabs, envDef) {
+		c.Fatalf("failed to find arg default in image history output: %q expected: %q", outputTabs, envDef)
+	}
+}
+
+func (s *DockerSuite) TestBuildBuildTimeArgCacheHit(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support ARG
+	imgName := "bldargtest"
+	envKey := "foo"
+	envVal := "bar"
+	args := []string{
+		"--build-arg", fmt.Sprintf("%s=%s", envKey, envVal),
+	}
+	dockerfile := fmt.Sprintf(`FROM busybox
+		ARG %s
+		RUN echo $%s`, envKey, envKey)
+
+	origImgID := ""
+	var err error
+	if origImgID, err = buildImage(imgName, dockerfile, true, args...); err != nil {
+		c.Fatal(err)
+	}
+
+	imgNameCache := "bldargtestcachehit"
+	if newImgID, err := buildImage(imgNameCache, dockerfile, true, args...); err != nil || newImgID != origImgID {
+		if err != nil {
+			c.Fatal(err)
+		}
+		c.Fatalf("build didn't use cache! expected image id: %q built image id: %q", origImgID, newImgID)
+	}
+}
+
+func (s *DockerSuite) TestBuildBuildTimeArgCacheMissExtraArg(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support ARG
+	imgName := "bldargtest"
+	envKey := "foo"
+	envVal := "bar"
+	extraEnvKey := "foo1"
+	extraEnvVal := "bar1"
+	args := []string{
+		"--build-arg", fmt.Sprintf("%s=%s", envKey, envVal),
+	}
+
+	dockerfile := fmt.Sprintf(`FROM busybox
+		ARG %s
+		ARG %s
+		RUN echo $%s`, envKey, extraEnvKey, envKey)
+
+	origImgID := ""
+	var err error
+	if origImgID, err = buildImage(imgName, dockerfile, true, args...); err != nil {
+		c.Fatal(err)
+	}
+
+	imgNameCache := "bldargtestcachemiss"
+	args = append(args, "--build-arg", fmt.Sprintf("%s=%s", extraEnvKey, extraEnvVal))
+	if newImgID, err := buildImage(imgNameCache, dockerfile, true, args...); err != nil || newImgID == origImgID {
+		if err != nil {
+			c.Fatal(err)
+		}
+		c.Fatalf("build used cache, expected a miss!")
+	}
+}
+
+func (s *DockerSuite) TestBuildBuildTimeArgCacheMissSameArgDiffVal(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support ARG
+	imgName := "bldargtest"
+	envKey := "foo"
+	envVal := "bar"
+	newEnvVal := "bar1"
+	args := []string{
+		"--build-arg", fmt.Sprintf("%s=%s", envKey, envVal),
+	}
+
+	dockerfile := fmt.Sprintf(`FROM busybox
+		ARG %s
+		RUN echo $%s`, envKey, envKey)
+
+	origImgID := ""
+	var err error
+	if origImgID, err = buildImage(imgName, dockerfile, true, args...); err != nil {
+		c.Fatal(err)
+	}
+
+	imgNameCache := "bldargtestcachemiss"
+	args = []string{
+		"--build-arg", fmt.Sprintf("%s=%s", envKey, newEnvVal),
+	}
+	if newImgID, err := buildImage(imgNameCache, dockerfile, true, args...); err != nil || newImgID == origImgID {
+		if err != nil {
+			c.Fatal(err)
+		}
+		c.Fatalf("build used cache, expected a miss!")
+	}
+}
+
+func (s *DockerSuite) TestBuildBuildTimeArgOverrideArgDefinedBeforeEnv(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support ARG
+	imgName := "bldargtest"
+	envKey := "foo"
+	envVal := "bar"
+	envValOveride := "barOverride"
+	args := []string{
+		"--build-arg", fmt.Sprintf("%s=%s", envKey, envVal),
+	}
+	dockerfile := fmt.Sprintf(`FROM busybox
+		ARG %s
+		ENV %s %s
+		RUN echo $%s
+		CMD echo $%s
+        `, envKey, envKey, envValOveride, envKey, envKey)
+
+	if _, out, err := buildImageWithOut(imgName, dockerfile, true, args...); err != nil || strings.Count(out, envValOveride) != 2 {
+		if err != nil {
+			c.Fatalf("build failed to complete: %q %q", out, err)
+		}
+		c.Fatalf("failed to access environment variable in output: %q expected: %q", out, envValOveride)
+	}
+
+	containerName := "bldargCont"
+	if out, _ := dockerCmd(c, "run", "--name", containerName, imgName); !strings.Contains(out, envValOveride) {
+		c.Fatalf("run produced invalid output: %q, expected %q", out, envValOveride)
+	}
+}
+
+func (s *DockerSuite) TestBuildBuildTimeArgOverrideEnvDefinedBeforeArg(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support ARG
+	imgName := "bldargtest"
+	envKey := "foo"
+	envVal := "bar"
+	envValOveride := "barOverride"
+	args := []string{
+		"--build-arg", fmt.Sprintf("%s=%s", envKey, envVal),
+	}
+	dockerfile := fmt.Sprintf(`FROM busybox
+		ENV %s %s
+		ARG %s
+		RUN echo $%s
+		CMD echo $%s
+        `, envKey, envValOveride, envKey, envKey, envKey)
+
+	if _, out, err := buildImageWithOut(imgName, dockerfile, true, args...); err != nil || strings.Count(out, envValOveride) != 2 {
+		if err != nil {
+			c.Fatalf("build failed to complete: %q %q", out, err)
+		}
+		c.Fatalf("failed to access environment variable in output: %q expected: %q", out, envValOveride)
+	}
+
+	containerName := "bldargCont"
+	if out, _ := dockerCmd(c, "run", "--name", containerName, imgName); !strings.Contains(out, envValOveride) {
+		c.Fatalf("run produced invalid output: %q, expected %q", out, envValOveride)
+	}
+}
+
+func (s *DockerSuite) TestBuildBuildTimeArgExpansion(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support ARG
+	imgName := "bldvarstest"
+
+	wdVar := "WDIR"
+	wdVal := "/tmp/"
+	addVar := "AFILE"
+	addVal := "addFile"
+	copyVar := "CFILE"
+	copyVal := "copyFile"
+	envVar := "foo"
+	envVal := "bar"
+	exposeVar := "EPORT"
+	exposeVal := "9999"
+	userVar := "USER"
+	userVal := "testUser"
+	volVar := "VOL"
+	volVal := "/testVol/"
+	args := []string{
+		"--build-arg", fmt.Sprintf("%s=%s", wdVar, wdVal),
+		"--build-arg", fmt.Sprintf("%s=%s", addVar, addVal),
+		"--build-arg", fmt.Sprintf("%s=%s", copyVar, copyVal),
+		"--build-arg", fmt.Sprintf("%s=%s", envVar, envVal),
+		"--build-arg", fmt.Sprintf("%s=%s", exposeVar, exposeVal),
+		"--build-arg", fmt.Sprintf("%s=%s", userVar, userVal),
+		"--build-arg", fmt.Sprintf("%s=%s", volVar, volVal),
+	}
+	ctx, err := fakeContext(fmt.Sprintf(`FROM busybox
+		ARG %s
+		WORKDIR ${%s}
+		ARG %s
+		ADD ${%s} testDir/
+		ARG %s
+		COPY $%s testDir/
+		ARG %s
+		ENV %s=${%s}
+		ARG %s
+		EXPOSE $%s
+		ARG %s
+		USER $%s
+		ARG %s
+		VOLUME ${%s}`,
+		wdVar, wdVar, addVar, addVar, copyVar, copyVar, envVar, envVar,
+		envVar, exposeVar, exposeVar, userVar, userVar, volVar, volVar),
+		map[string]string{
+			addVal:  "some stuff",
+			copyVal: "some stuff",
+		})
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(imgName, ctx, true, args...); err != nil {
+		c.Fatal(err)
+	}
+
+	var resMap map[string]interface{}
+	var resArr []string
+	res := ""
+	res = inspectField(c, imgName, "Config.WorkingDir")
+	if res != filepath.ToSlash(filepath.Clean(wdVal)) {
+		c.Fatalf("Config.WorkingDir value mismatch. Expected: %s, got: %s", filepath.ToSlash(filepath.Clean(wdVal)), res)
+	}
+
+	inspectFieldAndMarshall(c, imgName, "Config.Env", &resArr)
+
+	found := false
+	for _, v := range resArr {
+		if fmt.Sprintf("%s=%s", envVar, envVal) == v {
+			found = true
+			break
+		}
+	}
+	if !found {
+		c.Fatalf("Config.Env value mismatch. Expected <key=value> to exist: %s=%s, got: %v",
+			envVar, envVal, resArr)
+	}
+
+	inspectFieldAndMarshall(c, imgName, "Config.ExposedPorts", &resMap)
+	if _, ok := resMap[fmt.Sprintf("%s/tcp", exposeVal)]; !ok {
+		c.Fatalf("Config.ExposedPorts value mismatch. Expected exposed port: %s/tcp, got: %v", exposeVal, resMap)
+	}
+
+	res = inspectField(c, imgName, "Config.User")
+	if res != userVal {
+		c.Fatalf("Config.User value mismatch. Expected: %s, got: %s", userVal, res)
+	}
+
+	inspectFieldAndMarshall(c, imgName, "Config.Volumes", &resMap)
+	if _, ok := resMap[volVal]; !ok {
+		c.Fatalf("Config.Volumes value mismatch. Expected volume: %s, got: %v", volVal, resMap)
+	}
+}
+
+func (s *DockerSuite) TestBuildBuildTimeArgExpansionOverride(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support ARG
+	imgName := "bldvarstest"
+	envKey := "foo"
+	envVal := "bar"
+	envKey1 := "foo1"
+	envValOveride := "barOverride"
+	args := []string{
+		"--build-arg", fmt.Sprintf("%s=%s", envKey, envVal),
+	}
+	dockerfile := fmt.Sprintf(`FROM busybox
+		ARG %s
+		ENV %s %s
+		ENV %s ${%s}
+		RUN echo $%s
+		CMD echo $%s`, envKey, envKey, envValOveride, envKey1, envKey, envKey1, envKey1)
+
+	if _, out, err := buildImageWithOut(imgName, dockerfile, true, args...); err != nil || strings.Count(out, envValOveride) != 2 {
+		if err != nil {
+			c.Fatalf("build failed to complete: %q %q", out, err)
+		}
+		c.Fatalf("failed to access environment variable in output: %q expected: %q", out, envValOveride)
+	}
+
+	containerName := "bldargCont"
+	if out, _ := dockerCmd(c, "run", "--name", containerName, imgName); !strings.Contains(out, envValOveride) {
+		c.Fatalf("run produced invalid output: %q, expected %q", out, envValOveride)
+	}
+}
+
+func (s *DockerSuite) TestBuildBuildTimeArgUntrustedDefinedAfterUse(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support ARG
+	imgName := "bldargtest"
+	envKey := "foo"
+	envVal := "bar"
+	args := []string{
+		"--build-arg", fmt.Sprintf("%s=%s", envKey, envVal),
+	}
+	dockerfile := fmt.Sprintf(`FROM busybox
+		RUN echo $%s
+		ARG %s
+		CMD echo $%s`, envKey, envKey, envKey)
+
+	if _, out, err := buildImageWithOut(imgName, dockerfile, true, args...); err != nil || strings.Contains(out, envVal) {
+		if err != nil {
+			c.Fatalf("build failed to complete: %q %q", out, err)
+		}
+		c.Fatalf("able to access environment variable in output: %q expected to be missing", out)
+	}
+
+	containerName := "bldargCont"
+	if out, _ := dockerCmd(c, "run", "--name", containerName, imgName); out != "\n" {
+		c.Fatalf("run produced invalid output: %q, expected empty string", out)
+	}
+}
+
+func (s *DockerSuite) TestBuildBuildTimeArgBuiltinArg(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support --build-arg
+	imgName := "bldargtest"
+	envKey := "HTTP_PROXY"
+	envVal := "bar"
+	args := []string{
+		"--build-arg", fmt.Sprintf("%s=%s", envKey, envVal),
+	}
+	dockerfile := fmt.Sprintf(`FROM busybox
+		RUN echo $%s
+		CMD echo $%s`, envKey, envKey)
+
+	if _, out, err := buildImageWithOut(imgName, dockerfile, true, args...); err != nil || !strings.Contains(out, envVal) {
+		if err != nil {
+			c.Fatalf("build failed to complete: %q %q", out, err)
+		}
+		c.Fatalf("failed to access environment variable in output: %q expected: %q", out, envVal)
+	}
+
+	containerName := "bldargCont"
+	if out, _ := dockerCmd(c, "run", "--name", containerName, imgName); out != "\n" {
+		c.Fatalf("run produced invalid output: %q, expected empty string", out)
+	}
+}
+
+func (s *DockerSuite) TestBuildBuildTimeArgDefaultOverride(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support ARG
+	imgName := "bldargtest"
+	envKey := "foo"
+	envVal := "bar"
+	envValOveride := "barOverride"
+	args := []string{
+		"--build-arg", fmt.Sprintf("%s=%s", envKey, envValOveride),
+	}
+	dockerfile := fmt.Sprintf(`FROM busybox
+		ARG %s=%s
+		ENV %s $%s
+		RUN echo $%s
+		CMD echo $%s`, envKey, envVal, envKey, envKey, envKey, envKey)
+
+	if _, out, err := buildImageWithOut(imgName, dockerfile, true, args...); err != nil || strings.Count(out, envValOveride) != 1 {
+		if err != nil {
+			c.Fatalf("build failed to complete: %q %q", out, err)
+		}
+		c.Fatalf("failed to access environment variable in output: %q expected: %q", out, envValOveride)
+	}
+
+	containerName := "bldargCont"
+	if out, _ := dockerCmd(c, "run", "--name", containerName, imgName); !strings.Contains(out, envValOveride) {
+		c.Fatalf("run produced invalid output: %q, expected %q", out, envValOveride)
+	}
+}
+
+func (s *DockerSuite) TestBuildBuildTimeArgMultiArgsSameLine(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support ARG
+	imgName := "bldargtest"
+	envKey := "foo"
+	envKey1 := "foo1"
+	args := []string{}
+	dockerfile := fmt.Sprintf(`FROM busybox
+		ARG %s %s`, envKey, envKey1)
+
+	errStr := "ARG requires exactly one argument definition"
+	if _, out, err := buildImageWithOut(imgName, dockerfile, true, args...); err == nil {
+		c.Fatalf("build succeeded, expected to fail. Output: %v", out)
+	} else if !strings.Contains(out, errStr) {
+		c.Fatalf("Unexpected error. output: %q, expected error: %q", out, errStr)
+	}
+}
+
+func (s *DockerSuite) TestBuildBuildTimeArgUnconsumedArg(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support --build-arg
+	imgName := "bldargtest"
+	envKey := "foo"
+	envVal := "bar"
+	args := []string{
+		"--build-arg", fmt.Sprintf("%s=%s", envKey, envVal),
+	}
+	dockerfile := fmt.Sprintf(`FROM busybox
+		RUN echo $%s
+		CMD echo $%s`, envKey, envKey)
+
+	errStr := "One or more build-args"
+	if _, out, err := buildImageWithOut(imgName, dockerfile, true, args...); err == nil {
+		c.Fatalf("build succeeded, expected to fail. Output: %v", out)
+	} else if !strings.Contains(out, errStr) {
+		c.Fatalf("Unexpected error. output: %q, expected error: %q", out, errStr)
+	}
+
+}
+
+func (s *DockerSuite) TestBuildBuildTimeArgQuotedValVariants(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support ARG
+	imgName := "bldargtest"
+	envKey := "foo"
+	envKey1 := "foo1"
+	envKey2 := "foo2"
+	envKey3 := "foo3"
+	args := []string{}
+	dockerfile := fmt.Sprintf(`FROM busybox
+		ARG %s=""
+		ARG %s=''
+		ARG %s="''"
+		ARG %s='""'
+		RUN [ "$%s" != "$%s" ]
+		RUN [ "$%s" != "$%s" ]
+		RUN [ "$%s" != "$%s" ]
+		RUN [ "$%s" != "$%s" ]
+		RUN [ "$%s" != "$%s" ]`, envKey, envKey1, envKey2, envKey3,
+		envKey, envKey2, envKey, envKey3, envKey1, envKey2, envKey1, envKey3,
+		envKey2, envKey3)
+
+	if _, out, err := buildImageWithOut(imgName, dockerfile, true, args...); err != nil {
+		c.Fatalf("build failed to complete: %q %q", out, err)
+	}
+}
+
+func (s *DockerSuite) TestBuildBuildTimeArgEmptyValVariants(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support ARG
+	imgName := "bldargtest"
+	envKey := "foo"
+	envKey1 := "foo1"
+	envKey2 := "foo2"
+	args := []string{}
+	dockerfile := fmt.Sprintf(`FROM busybox
+		ARG %s=
+		ARG %s=""
+		ARG %s=''
+		RUN [ "$%s" == "$%s" ]
+		RUN [ "$%s" == "$%s" ]
+		RUN [ "$%s" == "$%s" ]`, envKey, envKey1, envKey2, envKey, envKey1, envKey1, envKey2, envKey, envKey2)
+
+	if _, out, err := buildImageWithOut(imgName, dockerfile, true, args...); err != nil {
+		c.Fatalf("build failed to complete: %q %q", out, err)
+	}
+}
+
+func (s *DockerSuite) TestBuildBuildTimeArgDefintionWithNoEnvInjection(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support ARG
+	imgName := "bldargtest"
+	envKey := "foo"
+	args := []string{}
+	dockerfile := fmt.Sprintf(`FROM busybox
+		ARG %s
+		RUN env`, envKey)
+
+	if _, out, err := buildImageWithOut(imgName, dockerfile, true, args...); err != nil || strings.Count(out, envKey) != 1 {
+		if err != nil {
+			c.Fatalf("build failed to complete: %q %q", out, err)
+		}
+		c.Fatalf("unexpected number of occurrences of the arg in output: %q expected: 1", out)
+	}
+}
+
+func (s *DockerSuite) TestBuildNoNamedVolume(c *check.C) {
+	volName := "testname:/foo"
+
+	if daemonPlatform == "windows" {
+		volName = "testname:C:\\foo"
+	}
+	dockerCmd(c, "run", "-v", volName, "busybox", "sh", "-c", "touch /foo/oops")
+
+	dockerFile := `FROM busybox
+	VOLUME ` + volName + `
+	RUN ls /foo/oops
+	`
+	_, err := buildImage("test", dockerFile, false)
+	c.Assert(err, check.NotNil, check.Commentf("image build should have failed"))
+}
+
+func (s *DockerSuite) TestBuildTagEvent(c *check.C) {
+	since := daemonTime(c).Unix()
+
+	dockerFile := `FROM busybox
+	RUN echo events
+	`
+	_, err := buildImage("test", dockerFile, false)
+	c.Assert(err, check.IsNil)
+
+	out, _ := dockerCmd(c, "events", fmt.Sprintf("--since=%d", since), fmt.Sprintf("--until=%d", daemonTime(c).Unix()), "--filter", "type=image")
+	events := strings.Split(strings.TrimSpace(out), "\n")
+	actions := eventActionsByIDAndType(c, events, "test:latest", "image")
+	var foundTag bool
+	for _, a := range actions {
+		if a == "tag" {
+			foundTag = true
+			break
+		}
+	}
+
+	c.Assert(foundTag, checker.True, check.Commentf("No tag event found:\n%s", out))
+}
+
+// #15780
+func (s *DockerSuite) TestBuildMultipleTags(c *check.C) {
+	dockerfile := `
+	FROM busybox
+	MAINTAINER test-15780
+	`
+	cmd := exec.Command(dockerBinary, "build", "-t", "tag1", "-t", "tag2:v2",
+		"-t", "tag1:latest", "-t", "tag1", "--no-cache", "-")
+	cmd.Stdin = strings.NewReader(dockerfile)
+	_, err := runCommand(cmd)
+	c.Assert(err, check.IsNil)
+
+	id1, err := getIDByName("tag1")
+	c.Assert(err, check.IsNil)
+	id2, err := getIDByName("tag2:v2")
+	c.Assert(err, check.IsNil)
+	c.Assert(id1, check.Equals, id2)
+}
+
+// #17290
+func (s *DockerSuite) TestBuildCacheBrokenSymlink(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildbrokensymlink"
+	ctx, err := fakeContext(`
+	FROM busybox
+	COPY . ./`,
+		map[string]string{
+			"foo": "bar",
+		})
+	c.Assert(err, checker.IsNil)
+	defer ctx.Close()
+
+	err = os.Symlink(filepath.Join(ctx.Dir, "nosuchfile"), filepath.Join(ctx.Dir, "asymlink"))
+	c.Assert(err, checker.IsNil)
+
+	// warm up cache
+	_, err = buildImageFromContext(name, ctx, true)
+	c.Assert(err, checker.IsNil)
+
+	// add new file to context, should invalidate cache
+	err = ioutil.WriteFile(filepath.Join(ctx.Dir, "newfile"), []byte("foo"), 0644)
+	c.Assert(err, checker.IsNil)
+
+	_, out, err := buildImageFromContextWithOut(name, ctx, true)
+	c.Assert(err, checker.IsNil)
+
+	c.Assert(out, checker.Not(checker.Contains), "Using cache")
+
+}
+
+func (s *DockerSuite) TestBuildFollowSymlinkToFile(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildbrokensymlink"
+	ctx, err := fakeContext(`
+	FROM busybox
+	COPY asymlink target`,
+		map[string]string{
+			"foo": "bar",
+		})
+	c.Assert(err, checker.IsNil)
+	defer ctx.Close()
+
+	err = os.Symlink("foo", filepath.Join(ctx.Dir, "asymlink"))
+	c.Assert(err, checker.IsNil)
+
+	id, err := buildImageFromContext(name, ctx, true)
+	c.Assert(err, checker.IsNil)
+
+	out, _ := dockerCmd(c, "run", "--rm", id, "cat", "target")
+	c.Assert(out, checker.Matches, "bar")
+
+	// change target file should invalidate cache
+	err = ioutil.WriteFile(filepath.Join(ctx.Dir, "foo"), []byte("baz"), 0644)
+	c.Assert(err, checker.IsNil)
+
+	id, out, err = buildImageFromContextWithOut(name, ctx, true)
+	c.Assert(err, checker.IsNil)
+	c.Assert(out, checker.Not(checker.Contains), "Using cache")
+
+	out, _ = dockerCmd(c, "run", "--rm", id, "cat", "target")
+	c.Assert(out, checker.Matches, "baz")
+}
+
+func (s *DockerSuite) TestBuildFollowSymlinkToDir(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildbrokensymlink"
+	ctx, err := fakeContext(`
+	FROM busybox
+	COPY asymlink /`,
+		map[string]string{
+			"foo/abc": "bar",
+			"foo/def": "baz",
+		})
+	c.Assert(err, checker.IsNil)
+	defer ctx.Close()
+
+	err = os.Symlink("foo", filepath.Join(ctx.Dir, "asymlink"))
+	c.Assert(err, checker.IsNil)
+
+	id, err := buildImageFromContext(name, ctx, true)
+	c.Assert(err, checker.IsNil)
+
+	out, _ := dockerCmd(c, "run", "--rm", id, "cat", "abc", "def")
+	c.Assert(out, checker.Matches, "barbaz")
+
+	// change target file should invalidate cache
+	err = ioutil.WriteFile(filepath.Join(ctx.Dir, "foo/def"), []byte("bax"), 0644)
+	c.Assert(err, checker.IsNil)
+
+	id, out, err = buildImageFromContextWithOut(name, ctx, true)
+	c.Assert(err, checker.IsNil)
+	c.Assert(out, checker.Not(checker.Contains), "Using cache")
+
+	out, _ = dockerCmd(c, "run", "--rm", id, "cat", "abc", "def")
+	c.Assert(out, checker.Matches, "barbax")
+
+}
+
+// TestBuildSymlinkBasename tests that target file gets basename from symlink,
+// not from the target file.
+func (s *DockerSuite) TestBuildSymlinkBasename(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildbrokensymlink"
+	ctx, err := fakeContext(`
+	FROM busybox
+	COPY asymlink /`,
+		map[string]string{
+			"foo": "bar",
+		})
+	c.Assert(err, checker.IsNil)
+	defer ctx.Close()
+
+	err = os.Symlink("foo", filepath.Join(ctx.Dir, "asymlink"))
+	c.Assert(err, checker.IsNil)
+
+	id, err := buildImageFromContext(name, ctx, true)
+	c.Assert(err, checker.IsNil)
+
+	out, _ := dockerCmd(c, "run", "--rm", id, "cat", "asymlink")
+	c.Assert(out, checker.Matches, "bar")
+
+}
+
+// #17827
+func (s *DockerSuite) TestBuildCacheRootSource(c *check.C) {
+	name := "testbuildrootsource"
+	ctx, err := fakeContext(`
+	FROM busybox
+	COPY / /data`,
+		map[string]string{
+			"foo": "bar",
+		})
+	c.Assert(err, checker.IsNil)
+	defer ctx.Close()
+
+	// warm up cache
+	_, err = buildImageFromContext(name, ctx, true)
+	c.Assert(err, checker.IsNil)
+
+	// change file, should invalidate cache
+	err = ioutil.WriteFile(filepath.Join(ctx.Dir, "foo"), []byte("baz"), 0644)
+	c.Assert(err, checker.IsNil)
+
+	_, out, err := buildImageFromContextWithOut(name, ctx, true)
+	c.Assert(err, checker.IsNil)
+
+	c.Assert(out, checker.Not(checker.Contains), "Using cache")
+}
+
+// #19375
+func (s *DockerSuite) TestBuildFailsGitNotCallable(c *check.C) {
+	cmd := exec.Command(dockerBinary, "build", "github.com/docker/v1.10-migrator.git")
+	cmd.Env = append(cmd.Env, "PATH=")
+	out, _, err := runCommandWithOutput(cmd)
+	c.Assert(err, checker.NotNil)
+	c.Assert(out, checker.Contains, "unable to prepare context: unable to find 'git': ")
+
+	cmd = exec.Command(dockerBinary, "build", "https://github.com/docker/v1.10-migrator.git")
+	cmd.Env = append(cmd.Env, "PATH=")
+	out, _, err = runCommandWithOutput(cmd)
+	c.Assert(err, checker.NotNil)
+	c.Assert(out, checker.Contains, "unable to prepare context: unable to find 'git': ")
+}
+
+// TestBuildWorkdirWindowsPath tests that a Windows style path works as a workdir
+func (s *DockerSuite) TestBuildWorkdirWindowsPath(c *check.C) {
+	testRequires(c, DaemonIsWindows)
+	name := "testbuildworkdirwindowspath"
+
+	_, err := buildImage(name, `
+	FROM windowsservercore
+	RUN mkdir C:\\work
+	WORKDIR C:\\work
+	RUN if "%CD%" NEQ "C:\work" exit -1
+	`, true)
+
+	if err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestBuildLabel(c *check.C) {
+	name := "testbuildlabel"
+	testLabel := "foo"
+
+	_, err := buildImage(name, `
+  FROM `+minimalBaseImage()+`
+  LABEL default foo
+`, false, "--label", testLabel)
+
+	c.Assert(err, checker.IsNil)
+
+	res := inspectFieldJSON(c, name, "Config.Labels")
+
+	var labels map[string]string
+
+	if err := json.Unmarshal([]byte(res), &labels); err != nil {
+		c.Fatal(err)
+	}
+
+	if _, ok := labels[testLabel]; !ok {
+		c.Fatal("label not found in image")
+	}
+}
+
+func (s *DockerSuite) TestBuildLabelOneNode(c *check.C) {
+	name := "testbuildlabel"
+
+	_, err := buildImage(name, "FROM busybox", false, "--label", "foo=bar")
+
+	c.Assert(err, checker.IsNil)
+
+	res, err := inspectImage(name, "json .Config.Labels")
+	c.Assert(err, checker.IsNil)
+	var labels map[string]string
+
+	if err := json.Unmarshal([]byte(res), &labels); err != nil {
+		c.Fatal(err)
+	}
+
+	v, ok := labels["foo"]
+	if !ok {
+		c.Fatal("label `foo` not found in image")
+	}
+	c.Assert(v, checker.Equals, "bar")
+}
+
+func (s *DockerSuite) TestBuildLabelCacheCommit(c *check.C) {
+	name := "testbuildlabelcachecommit"
+	testLabel := "foo"
+
+	if _, err := buildImage(name, `
+  FROM `+minimalBaseImage()+`
+  LABEL default foo
+  `, false); err != nil {
+		c.Fatal(err)
+	}
+
+	_, err := buildImage(name, `
+  FROM `+minimalBaseImage()+`
+  LABEL default foo
+`, true, "--label", testLabel)
+
+	c.Assert(err, checker.IsNil)
+
+	res := inspectFieldJSON(c, name, "Config.Labels")
+
+	var labels map[string]string
+
+	if err := json.Unmarshal([]byte(res), &labels); err != nil {
+		c.Fatal(err)
+	}
+
+	if _, ok := labels[testLabel]; !ok {
+		c.Fatal("label not found in image")
+	}
+}
+
+func (s *DockerSuite) TestBuildLabelMultiple(c *check.C) {
+	name := "testbuildlabelmultiple"
+	testLabels := map[string]string{
+		"foo": "bar",
+		"123": "456",
+	}
+
+	labelArgs := []string{}
+
+	for k, v := range testLabels {
+		labelArgs = append(labelArgs, "--label", k+"="+v)
+	}
+
+	_, err := buildImage(name, `
+  FROM `+minimalBaseImage()+`
+  LABEL default foo
+`, false, labelArgs...)
+
+	if err != nil {
+		c.Fatal("error building image with labels", err)
+	}
+
+	res := inspectFieldJSON(c, name, "Config.Labels")
+
+	var labels map[string]string
+
+	if err := json.Unmarshal([]byte(res), &labels); err != nil {
+		c.Fatal(err)
+	}
+
+	for k, v := range testLabels {
+		if x, ok := labels[k]; !ok || x != v {
+			c.Fatalf("label %s=%s not found in image", k, v)
+		}
+	}
+}
+
+func (s *DockerSuite) TestBuildLabelOverwrite(c *check.C) {
+	name := "testbuildlabeloverwrite"
+	testLabel := "foo"
+	testValue := "bar"
+
+	_, err := buildImage(name, `
+  FROM `+minimalBaseImage()+`
+  LABEL `+testLabel+`+ foo
+`, false, []string{"--label", testLabel + "=" + testValue}...)
+
+	if err != nil {
+		c.Fatal("error building image with labels", err)
+	}
+
+	res := inspectFieldJSON(c, name, "Config.Labels")
+
+	var labels map[string]string
+
+	if err := json.Unmarshal([]byte(res), &labels); err != nil {
+		c.Fatal(err)
+	}
+
+	v, ok := labels[testLabel]
+	if !ok {
+		c.Fatal("label not found in image")
+	}
+
+	if v != testValue {
+		c.Fatal("label not overwritten")
+	}
+}
+
+func (s *DockerRegistryAuthHtpasswdSuite) TestBuildFromAuthenticatedRegistry(c *check.C) {
+	dockerCmd(c, "login", "-u", s.reg.username, "-p", s.reg.password, privateRegistryURL)
+
+	baseImage := privateRegistryURL + "/baseimage"
+
+	_, err := buildImage(baseImage, `
+	FROM busybox
+	ENV env1 val1
+	`, true)
+
+	c.Assert(err, checker.IsNil)
+
+	dockerCmd(c, "push", baseImage)
+	dockerCmd(c, "rmi", baseImage)
+
+	_, err = buildImage(baseImage, fmt.Sprintf(`
+	FROM %s
+	ENV env2 val2
+	`, baseImage), true)
+
+	c.Assert(err, checker.IsNil)
+}
+
+func (s *DockerRegistryAuthHtpasswdSuite) TestBuildWithExternalAuth(c *check.C) {
+	osPath := os.Getenv("PATH")
+	defer os.Setenv("PATH", osPath)
+
+	workingDir, err := os.Getwd()
+	c.Assert(err, checker.IsNil)
+	absolute, err := filepath.Abs(filepath.Join(workingDir, "fixtures", "auth"))
+	c.Assert(err, checker.IsNil)
+	testPath := fmt.Sprintf("%s%c%s", osPath, filepath.ListSeparator, absolute)
+
+	os.Setenv("PATH", testPath)
+
+	repoName := fmt.Sprintf("%v/dockercli/busybox:authtest", privateRegistryURL)
+
+	tmp, err := ioutil.TempDir("", "integration-cli-")
+	c.Assert(err, checker.IsNil)
+
+	externalAuthConfig := `{ "credsStore": "shell-test" }`
+
+	configPath := filepath.Join(tmp, "config.json")
+	err = ioutil.WriteFile(configPath, []byte(externalAuthConfig), 0644)
+	c.Assert(err, checker.IsNil)
+
+	dockerCmd(c, "--config", tmp, "login", "-u", s.reg.username, "-p", s.reg.password, privateRegistryURL)
+
+	b, err := ioutil.ReadFile(configPath)
+	c.Assert(err, checker.IsNil)
+	c.Assert(string(b), checker.Not(checker.Contains), "\"auth\":")
+
+	dockerCmd(c, "--config", tmp, "tag", "busybox", repoName)
+	dockerCmd(c, "--config", tmp, "push", repoName)
+
+	// make sure the image is pulled when building
+	dockerCmd(c, "rmi", repoName)
+
+	buildCmd := exec.Command(dockerBinary, "--config", tmp, "build", "-")
+	buildCmd.Stdin = strings.NewReader(fmt.Sprintf("FROM %s", repoName))
+
+	out, _, err := runCommandWithOutput(buildCmd)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+}
+
+// Test cases in #22036
+func (s *DockerSuite) TestBuildLabelsOverride(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	// Command line option labels will always override
+	name := "scratchy"
+	expected := `{"bar":"from-flag","foo":"from-flag"}`
+	_, err := buildImage(name,
+		`FROM scratch
+                LABEL foo=from-dockerfile`,
+		true, "--label", "foo=from-flag", "--label", "bar=from-flag")
+	c.Assert(err, check.IsNil)
+
+	res := inspectFieldJSON(c, name, "Config.Labels")
+	if res != expected {
+		c.Fatalf("Labels %s, expected %s", res, expected)
+	}
+
+	name = "from"
+	expected = `{"foo":"from-dockerfile"}`
+	_, err = buildImage(name,
+		`FROM scratch
+                LABEL foo from-dockerfile`,
+		true)
+	c.Assert(err, check.IsNil)
+
+	res = inspectFieldJSON(c, name, "Config.Labels")
+	if res != expected {
+		c.Fatalf("Labels %s, expected %s", res, expected)
+	}
+
+	// Command line option label will override even via `FROM`
+	name = "new"
+	expected = `{"bar":"from-dockerfile2","foo":"new"}`
+	_, err = buildImage(name,
+		`FROM from
+                LABEL bar from-dockerfile2`,
+		true, "--label", "foo=new")
+	c.Assert(err, check.IsNil)
+
+	res = inspectFieldJSON(c, name, "Config.Labels")
+	if res != expected {
+		c.Fatalf("Labels %s, expected %s", res, expected)
+	}
+
+	// Command line option without a value set (--label foo, --label bar=)
+	// will be treated as --label foo="", --label bar=""
+	name = "scratchy2"
+	expected = `{"bar":"","foo":""}`
+	_, err = buildImage(name,
+		`FROM scratch
+                LABEL foo=from-dockerfile`,
+		true, "--label", "foo", "--label", "bar=")
+	c.Assert(err, check.IsNil)
+
+	res = inspectFieldJSON(c, name, "Config.Labels")
+	if res != expected {
+		c.Fatalf("Labels %s, expected %s", res, expected)
+	}
+
+	// Command line option without a value set (--label foo, --label bar=)
+	// will be treated as --label foo="", --label bar=""
+	// This time is for inherited images
+	name = "new2"
+	expected = `{"bar":"","foo":""}`
+	_, err = buildImage(name,
+		`FROM from
+                LABEL bar from-dockerfile2`,
+		true, "--label", "foo=", "--label", "bar")
+	c.Assert(err, check.IsNil)
+
+	res = inspectFieldJSON(c, name, "Config.Labels")
+	if res != expected {
+		c.Fatalf("Labels %s, expected %s", res, expected)
+	}
+
+	// Command line option labels with only `FROM`
+	name = "scratchy"
+	expected = `{"bar":"from-flag","foo":"from-flag"}`
+	_, err = buildImage(name,
+		`FROM scratch`,
+		true, "--label", "foo=from-flag", "--label", "bar=from-flag")
+	c.Assert(err, check.IsNil)
+
+	res = inspectFieldJSON(c, name, "Config.Labels")
+	if res != expected {
+		c.Fatalf("Labels %s, expected %s", res, expected)
+	}
+
+}
diff --git a/integration-cli/docker_cli_build_unix_test.go b/integration-cli/docker_cli_build_unix_test.go
new file mode 100644
index 00000000..56ab66ef
--- /dev/null
+++ b/integration-cli/docker_cli_build_unix_test.go
@@ -0,0 +1,206 @@
+// +build !windows
+
+package main
+
+import (
+	"bufio"
+	"bytes"
+	"encoding/json"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"regexp"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/go-units"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestBuildResourceConstraintsAreUsed(c *check.C) {
+	testRequires(c, cpuCfsQuota)
+	name := "testbuildresourceconstraints"
+
+	ctx, err := fakeContext(`
+	FROM hello-world:frozen
+	RUN ["/hello"]
+	`, map[string]string{})
+	c.Assert(err, checker.IsNil)
+
+	_, _, err = dockerCmdInDir(c, ctx.Dir, "build", "--no-cache", "--rm=false", "--memory=64m", "--memory-swap=-1", "--cpuset-cpus=0", "--cpuset-mems=0", "--cpu-shares=100", "--cpu-quota=8000", "--ulimit", "nofile=42", "-t", name, ".")
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	out, _ := dockerCmd(c, "ps", "-lq")
+	cID := strings.TrimSpace(out)
+
+	type hostConfig struct {
+		Memory     int64
+		MemorySwap int64
+		CpusetCpus string
+		CpusetMems string
+		CPUShares  int64
+		CPUQuota   int64
+		Ulimits    []*units.Ulimit
+	}
+
+	cfg := inspectFieldJSON(c, cID, "HostConfig")
+
+	var c1 hostConfig
+	err = json.Unmarshal([]byte(cfg), &c1)
+	c.Assert(err, checker.IsNil, check.Commentf(cfg))
+
+	c.Assert(c1.Memory, checker.Equals, int64(64*1024*1024), check.Commentf("resource constraints not set properly for Memory"))
+	c.Assert(c1.MemorySwap, checker.Equals, int64(-1), check.Commentf("resource constraints not set properly for MemorySwap"))
+	c.Assert(c1.CpusetCpus, checker.Equals, "0", check.Commentf("resource constraints not set properly for CpusetCpus"))
+	c.Assert(c1.CpusetMems, checker.Equals, "0", check.Commentf("resource constraints not set properly for CpusetMems"))
+	c.Assert(c1.CPUShares, checker.Equals, int64(100), check.Commentf("resource constraints not set properly for CPUShares"))
+	c.Assert(c1.CPUQuota, checker.Equals, int64(8000), check.Commentf("resource constraints not set properly for CPUQuota"))
+	c.Assert(c1.Ulimits[0].Name, checker.Equals, "nofile", check.Commentf("resource constraints not set properly for Ulimits"))
+	c.Assert(c1.Ulimits[0].Hard, checker.Equals, int64(42), check.Commentf("resource constraints not set properly for Ulimits"))
+
+	// Make sure constraints aren't saved to image
+	dockerCmd(c, "run", "--name=test", name)
+
+	cfg = inspectFieldJSON(c, "test", "HostConfig")
+
+	var c2 hostConfig
+	err = json.Unmarshal([]byte(cfg), &c2)
+	c.Assert(err, checker.IsNil, check.Commentf(cfg))
+
+	c.Assert(c2.Memory, check.Not(checker.Equals), int64(64*1024*1024), check.Commentf("resource leaked from build for Memory"))
+	c.Assert(c2.MemorySwap, check.Not(checker.Equals), int64(-1), check.Commentf("resource leaked from build for MemorySwap"))
+	c.Assert(c2.CpusetCpus, check.Not(checker.Equals), "0", check.Commentf("resource leaked from build for CpusetCpus"))
+	c.Assert(c2.CpusetMems, check.Not(checker.Equals), "0", check.Commentf("resource leaked from build for CpusetMems"))
+	c.Assert(c2.CPUShares, check.Not(checker.Equals), int64(100), check.Commentf("resource leaked from build for CPUShares"))
+	c.Assert(c2.CPUQuota, check.Not(checker.Equals), int64(8000), check.Commentf("resource leaked from build for CPUQuota"))
+	c.Assert(c2.Ulimits, checker.IsNil, check.Commentf("resource leaked from build for Ulimits"))
+}
+
+func (s *DockerSuite) TestBuildAddChangeOwnership(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildaddown"
+
+	ctx := func() *FakeContext {
+		dockerfile := `
+			FROM busybox
+			ADD foo /bar/
+			RUN [ $(stat -c %U:%G "/bar") = 'root:root' ]
+			RUN [ $(stat -c %U:%G "/bar/foo") = 'root:root' ]
+			`
+		tmpDir, err := ioutil.TempDir("", "fake-context")
+		c.Assert(err, check.IsNil)
+		testFile, err := os.Create(filepath.Join(tmpDir, "foo"))
+		if err != nil {
+			c.Fatalf("failed to create foo file: %v", err)
+		}
+		defer testFile.Close()
+
+		chownCmd := exec.Command("chown", "daemon:daemon", "foo")
+		chownCmd.Dir = tmpDir
+		out, _, err := runCommandWithOutput(chownCmd)
+		if err != nil {
+			c.Fatal(err, out)
+		}
+
+		if err := ioutil.WriteFile(filepath.Join(tmpDir, "Dockerfile"), []byte(dockerfile), 0644); err != nil {
+			c.Fatalf("failed to open destination dockerfile: %v", err)
+		}
+		return fakeContextFromDir(tmpDir)
+	}()
+
+	defer ctx.Close()
+
+	if _, err := buildImageFromContext(name, ctx, true); err != nil {
+		c.Fatalf("build failed to complete for TestBuildAddChangeOwnership: %v", err)
+	}
+}
+
+// Test that an infinite sleep during a build is killed if the client disconnects.
+// This test is fairly hairy because there are lots of ways to race.
+// Strategy:
+// * Monitor the output of docker events starting from before
+// * Run a 1-year-long sleep from a docker build.
+// * When docker events sees container start, close the "docker build" command
+// * Wait for docker events to emit a dying event.
+func (s *DockerSuite) TestBuildCancellationKillsSleep(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testbuildcancellation"
+
+	observer, err := newEventObserver(c)
+	c.Assert(err, checker.IsNil)
+	err = observer.Start()
+	c.Assert(err, checker.IsNil)
+	defer observer.Stop()
+
+	// (Note: one year, will never finish)
+	ctx, err := fakeContext("FROM busybox\nRUN sleep 31536000", nil)
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer ctx.Close()
+
+	buildCmd := exec.Command(dockerBinary, "build", "-t", name, ".")
+	buildCmd.Dir = ctx.Dir
+
+	stdoutBuild, err := buildCmd.StdoutPipe()
+	if err := buildCmd.Start(); err != nil {
+		c.Fatalf("failed to run build: %s", err)
+	}
+
+	matchCID := regexp.MustCompile("Running in (.+)")
+	scanner := bufio.NewScanner(stdoutBuild)
+
+	outputBuffer := new(bytes.Buffer)
+	var buildID string
+	for scanner.Scan() {
+		line := scanner.Text()
+		outputBuffer.WriteString(line)
+		outputBuffer.WriteString("\n")
+		if matches := matchCID.FindStringSubmatch(line); len(matches) > 0 {
+			buildID = matches[1]
+			break
+		}
+	}
+
+	if buildID == "" {
+		c.Fatalf("Unable to find build container id in build output:\n%s", outputBuffer.String())
+	}
+
+	testActions := map[string]chan bool{
+		"start": make(chan bool, 1),
+		"die":   make(chan bool, 1),
+	}
+
+	matcher := matchEventLine(buildID, "container", testActions)
+	processor := processEventMatch(testActions)
+	go observer.Match(matcher, processor)
+
+	select {
+	case <-time.After(10 * time.Second):
+		observer.CheckEventError(c, buildID, "start", matcher)
+	case <-testActions["start"]:
+		// ignore, done
+	}
+
+	// Send a kill to the `docker build` command.
+	// Causes the underlying build to be cancelled due to socket close.
+	if err := buildCmd.Process.Kill(); err != nil {
+		c.Fatalf("error killing build command: %s", err)
+	}
+
+	// Get the exit status of `docker build`, check it exited because killed.
+	if err := buildCmd.Wait(); err != nil && !isKilled(err) {
+		c.Fatalf("wait failed during build run: %T %s", err, err)
+	}
+
+	select {
+	case <-time.After(10 * time.Second):
+		observer.CheckEventError(c, buildID, "die", matcher)
+	case <-testActions["die"]:
+		// ignore, done
+	}
+}
diff --git a/integration-cli/docker_cli_by_digest_test.go b/integration-cli/docker_cli_by_digest_test.go
new file mode 100644
index 00000000..f3948d67
--- /dev/null
+++ b/integration-cli/docker_cli_by_digest_test.go
@@ -0,0 +1,585 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"os"
+	"path/filepath"
+	"regexp"
+	"strings"
+
+	"github.com/docker/distribution/digest"
+	"github.com/docker/distribution/manifest/schema1"
+	"github.com/docker/distribution/manifest/schema2"
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/stringutils"
+	"github.com/docker/engine-api/types"
+	"github.com/go-check/check"
+)
+
+var (
+	remoteRepoName  = "dockercli/busybox-by-dgst"
+	repoName        = fmt.Sprintf("%s/%s", privateRegistryURL, remoteRepoName)
+	pushDigestRegex = regexp.MustCompile("[\\S]+: digest: ([\\S]+) size: [0-9]+")
+	digestRegex     = regexp.MustCompile("Digest: ([\\S]+)")
+)
+
+func setupImage(c *check.C) (digest.Digest, error) {
+	return setupImageWithTag(c, "latest")
+}
+
+func setupImageWithTag(c *check.C, tag string) (digest.Digest, error) {
+	containerName := "busyboxbydigest"
+
+	dockerCmd(c, "run", "-e", "digest=1", "--name", containerName, "busybox")
+
+	// tag the image to upload it to the private registry
+	repoAndTag := repoName + ":" + tag
+	out, _, err := dockerCmdWithError("commit", containerName, repoAndTag)
+	c.Assert(err, checker.IsNil, check.Commentf("image tagging failed: %s", out))
+
+	// delete the container as we don't need it any more
+	err = deleteContainer(containerName)
+	c.Assert(err, checker.IsNil)
+
+	// push the image
+	out, _, err = dockerCmdWithError("push", repoAndTag)
+	c.Assert(err, checker.IsNil, check.Commentf("pushing the image to the private registry has failed: %s", out))
+
+	// delete our local repo that we previously tagged
+	rmiout, _, err := dockerCmdWithError("rmi", repoAndTag)
+	c.Assert(err, checker.IsNil, check.Commentf("error deleting images prior to real test: %s", rmiout))
+
+	matches := pushDigestRegex.FindStringSubmatch(out)
+	c.Assert(matches, checker.HasLen, 2, check.Commentf("unable to parse digest from push output: %s", out))
+	pushDigest := matches[1]
+
+	return digest.Digest(pushDigest), nil
+}
+
+func testPullByTagDisplaysDigest(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	pushDigest, err := setupImage(c)
+	c.Assert(err, checker.IsNil, check.Commentf("error setting up image"))
+
+	// pull from the registry using the tag
+	out, _ := dockerCmd(c, "pull", repoName)
+
+	// the pull output includes "Digest: <digest>", so find that
+	matches := digestRegex.FindStringSubmatch(out)
+	c.Assert(matches, checker.HasLen, 2, check.Commentf("unable to parse digest from pull output: %s", out))
+	pullDigest := matches[1]
+
+	// make sure the pushed and pull digests match
+	c.Assert(pushDigest.String(), checker.Equals, pullDigest)
+}
+
+func (s *DockerRegistrySuite) TestPullByTagDisplaysDigest(c *check.C) {
+	testPullByTagDisplaysDigest(c)
+}
+
+func (s *DockerSchema1RegistrySuite) TestPullByTagDisplaysDigest(c *check.C) {
+	testPullByTagDisplaysDigest(c)
+}
+
+func testPullByDigest(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	pushDigest, err := setupImage(c)
+	c.Assert(err, checker.IsNil, check.Commentf("error setting up image"))
+
+	// pull from the registry using the <name>@<digest> reference
+	imageReference := fmt.Sprintf("%s@%s", repoName, pushDigest)
+	out, _ := dockerCmd(c, "pull", imageReference)
+
+	// the pull output includes "Digest: <digest>", so find that
+	matches := digestRegex.FindStringSubmatch(out)
+	c.Assert(matches, checker.HasLen, 2, check.Commentf("unable to parse digest from pull output: %s", out))
+	pullDigest := matches[1]
+
+	// make sure the pushed and pull digests match
+	c.Assert(pushDigest.String(), checker.Equals, pullDigest)
+}
+
+func (s *DockerRegistrySuite) TestPullByDigest(c *check.C) {
+	testPullByDigest(c)
+}
+
+func (s *DockerSchema1RegistrySuite) TestPullByDigest(c *check.C) {
+	testPullByDigest(c)
+}
+
+func testPullByDigestNoFallback(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	// pull from the registry using the <name>@<digest> reference
+	imageReference := fmt.Sprintf("%s@sha256:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", repoName)
+	out, _, err := dockerCmdWithError("pull", imageReference)
+	c.Assert(err, checker.NotNil, check.Commentf("expected non-zero exit status and correct error message when pulling non-existing image"))
+	c.Assert(out, checker.Contains, "manifest unknown", check.Commentf("expected non-zero exit status and correct error message when pulling non-existing image"))
+}
+
+func (s *DockerRegistrySuite) TestPullByDigestNoFallback(c *check.C) {
+	testPullByDigestNoFallback(c)
+}
+
+func (s *DockerSchema1RegistrySuite) TestPullByDigestNoFallback(c *check.C) {
+	testPullByDigestNoFallback(c)
+}
+
+func (s *DockerRegistrySuite) TestCreateByDigest(c *check.C) {
+	pushDigest, err := setupImage(c)
+	c.Assert(err, checker.IsNil, check.Commentf("error setting up image"))
+
+	imageReference := fmt.Sprintf("%s@%s", repoName, pushDigest)
+
+	containerName := "createByDigest"
+	dockerCmd(c, "create", "--name", containerName, imageReference)
+
+	res := inspectField(c, containerName, "Config.Image")
+	c.Assert(res, checker.Equals, imageReference)
+}
+
+func (s *DockerRegistrySuite) TestRunByDigest(c *check.C) {
+	pushDigest, err := setupImage(c)
+	c.Assert(err, checker.IsNil)
+
+	imageReference := fmt.Sprintf("%s@%s", repoName, pushDigest)
+
+	containerName := "runByDigest"
+	out, _ := dockerCmd(c, "run", "--name", containerName, imageReference, "sh", "-c", "echo found=$digest")
+
+	foundRegex := regexp.MustCompile("found=([^\n]+)")
+	matches := foundRegex.FindStringSubmatch(out)
+	c.Assert(matches, checker.HasLen, 2, check.Commentf("unable to parse digest from pull output: %s", out))
+	c.Assert(matches[1], checker.Equals, "1", check.Commentf("Expected %q, got %q", "1", matches[1]))
+
+	res := inspectField(c, containerName, "Config.Image")
+	c.Assert(res, checker.Equals, imageReference)
+}
+
+func (s *DockerRegistrySuite) TestRemoveImageByDigest(c *check.C) {
+	digest, err := setupImage(c)
+	c.Assert(err, checker.IsNil, check.Commentf("error setting up image"))
+
+	imageReference := fmt.Sprintf("%s@%s", repoName, digest)
+
+	// pull from the registry using the <name>@<digest> reference
+	dockerCmd(c, "pull", imageReference)
+
+	// make sure inspect runs ok
+	inspectField(c, imageReference, "Id")
+
+	// do the delete
+	err = deleteImages(imageReference)
+	c.Assert(err, checker.IsNil, check.Commentf("unexpected error deleting image"))
+
+	// try to inspect again - it should error this time
+	_, err = inspectFieldWithError(imageReference, "Id")
+	//unexpected nil err trying to inspect what should be a non-existent image
+	c.Assert(err, checker.NotNil)
+	c.Assert(err.Error(), checker.Contains, "No such image")
+}
+
+func (s *DockerRegistrySuite) TestBuildByDigest(c *check.C) {
+	digest, err := setupImage(c)
+	c.Assert(err, checker.IsNil, check.Commentf("error setting up image"))
+
+	imageReference := fmt.Sprintf("%s@%s", repoName, digest)
+
+	// pull from the registry using the <name>@<digest> reference
+	dockerCmd(c, "pull", imageReference)
+
+	// get the image id
+	imageID := inspectField(c, imageReference, "Id")
+
+	// do the build
+	name := "buildbydigest"
+	_, err = buildImage(name, fmt.Sprintf(
+		`FROM %s
+     CMD ["/bin/echo", "Hello World"]`, imageReference),
+		true)
+	c.Assert(err, checker.IsNil)
+
+	// get the build's image id
+	res := inspectField(c, name, "Config.Image")
+	// make sure they match
+	c.Assert(res, checker.Equals, imageID)
+}
+
+func (s *DockerRegistrySuite) TestTagByDigest(c *check.C) {
+	digest, err := setupImage(c)
+	c.Assert(err, checker.IsNil, check.Commentf("error setting up image"))
+
+	imageReference := fmt.Sprintf("%s@%s", repoName, digest)
+
+	// pull from the registry using the <name>@<digest> reference
+	dockerCmd(c, "pull", imageReference)
+
+	// tag it
+	tag := "tagbydigest"
+	dockerCmd(c, "tag", imageReference, tag)
+
+	expectedID := inspectField(c, imageReference, "Id")
+
+	tagID := inspectField(c, tag, "Id")
+	c.Assert(tagID, checker.Equals, expectedID)
+}
+
+func (s *DockerRegistrySuite) TestListImagesWithoutDigests(c *check.C) {
+	digest, err := setupImage(c)
+	c.Assert(err, checker.IsNil, check.Commentf("error setting up image"))
+
+	imageReference := fmt.Sprintf("%s@%s", repoName, digest)
+
+	// pull from the registry using the <name>@<digest> reference
+	dockerCmd(c, "pull", imageReference)
+
+	out, _ := dockerCmd(c, "images")
+	c.Assert(out, checker.Not(checker.Contains), "DIGEST", check.Commentf("list output should not have contained DIGEST header"))
+}
+
+func (s *DockerRegistrySuite) TestListImagesWithDigests(c *check.C) {
+
+	// setup image1
+	digest1, err := setupImageWithTag(c, "tag1")
+	c.Assert(err, checker.IsNil, check.Commentf("error setting up image"))
+	imageReference1 := fmt.Sprintf("%s@%s", repoName, digest1)
+	c.Logf("imageReference1 = %s", imageReference1)
+
+	// pull image1 by digest
+	dockerCmd(c, "pull", imageReference1)
+
+	// list images
+	out, _ := dockerCmd(c, "images", "--digests")
+
+	// make sure repo shown, tag=<none>, digest = $digest1
+	re1 := regexp.MustCompile(`\s*` + repoName + `\s*<none>\s*` + digest1.String() + `\s`)
+	c.Assert(re1.MatchString(out), checker.True, check.Commentf("expected %q: %s", re1.String(), out))
+	// setup image2
+	digest2, err := setupImageWithTag(c, "tag2")
+	//error setting up image
+	c.Assert(err, checker.IsNil)
+	imageReference2 := fmt.Sprintf("%s@%s", repoName, digest2)
+	c.Logf("imageReference2 = %s", imageReference2)
+
+	// pull image1 by digest
+	dockerCmd(c, "pull", imageReference1)
+
+	// pull image2 by digest
+	dockerCmd(c, "pull", imageReference2)
+
+	// list images
+	out, _ = dockerCmd(c, "images", "--digests")
+
+	// make sure repo shown, tag=<none>, digest = $digest1
+	c.Assert(re1.MatchString(out), checker.True, check.Commentf("expected %q: %s", re1.String(), out))
+
+	// make sure repo shown, tag=<none>, digest = $digest2
+	re2 := regexp.MustCompile(`\s*` + repoName + `\s*<none>\s*` + digest2.String() + `\s`)
+	c.Assert(re2.MatchString(out), checker.True, check.Commentf("expected %q: %s", re2.String(), out))
+
+	// pull tag1
+	dockerCmd(c, "pull", repoName+":tag1")
+
+	// list images
+	out, _ = dockerCmd(c, "images", "--digests")
+
+	// make sure image 1 has repo, tag, <none> AND repo, <none>, digest
+	reWithTag1 := regexp.MustCompile(`\s*` + repoName + `\s*tag1\s*<none>\s`)
+	reWithDigest1 := regexp.MustCompile(`\s*` + repoName + `\s*<none>\s*` + digest1.String() + `\s`)
+	c.Assert(reWithDigest1.MatchString(out), checker.True, check.Commentf("expected %q: %s", reWithDigest1.String(), out))
+	c.Assert(reWithTag1.MatchString(out), checker.True, check.Commentf("expected %q: %s", reWithTag1.String(), out))
+	// make sure image 2 has repo, <none>, digest
+	c.Assert(re2.MatchString(out), checker.True, check.Commentf("expected %q: %s", re2.String(), out))
+
+	// pull tag 2
+	dockerCmd(c, "pull", repoName+":tag2")
+
+	// list images
+	out, _ = dockerCmd(c, "images", "--digests")
+
+	// make sure image 1 has repo, tag, digest
+	c.Assert(reWithTag1.MatchString(out), checker.True, check.Commentf("expected %q: %s", reWithTag1.String(), out))
+
+	// make sure image 2 has repo, tag, digest
+	reWithTag2 := regexp.MustCompile(`\s*` + repoName + `\s*tag2\s*<none>\s`)
+	reWithDigest2 := regexp.MustCompile(`\s*` + repoName + `\s*<none>\s*` + digest2.String() + `\s`)
+	c.Assert(reWithTag2.MatchString(out), checker.True, check.Commentf("expected %q: %s", reWithTag2.String(), out))
+	c.Assert(reWithDigest2.MatchString(out), checker.True, check.Commentf("expected %q: %s", reWithDigest2.String(), out))
+
+	// list images
+	out, _ = dockerCmd(c, "images", "--digests")
+
+	// make sure image 1 has repo, tag, digest
+	c.Assert(reWithTag1.MatchString(out), checker.True, check.Commentf("expected %q: %s", reWithTag1.String(), out))
+	// make sure image 2 has repo, tag, digest
+	c.Assert(reWithTag2.MatchString(out), checker.True, check.Commentf("expected %q: %s", reWithTag2.String(), out))
+	// make sure busybox has tag, but not digest
+	busyboxRe := regexp.MustCompile(`\s*busybox\s*latest\s*<none>\s`)
+	c.Assert(busyboxRe.MatchString(out), checker.True, check.Commentf("expected %q: %s", busyboxRe.String(), out))
+}
+
+func (s *DockerRegistrySuite) TestInspectImageWithDigests(c *check.C) {
+	digest, err := setupImage(c)
+	c.Assert(err, check.IsNil, check.Commentf("error setting up image"))
+
+	imageReference := fmt.Sprintf("%s@%s", repoName, digest)
+
+	// pull from the registry using the <name>@<digest> reference
+	dockerCmd(c, "pull", imageReference)
+
+	out, _ := dockerCmd(c, "inspect", imageReference)
+
+	var imageJSON []types.ImageInspect
+	err = json.Unmarshal([]byte(out), &imageJSON)
+	c.Assert(err, checker.IsNil)
+	c.Assert(imageJSON, checker.HasLen, 1)
+	c.Assert(imageJSON[0].RepoDigests, checker.HasLen, 1)
+	c.Assert(stringutils.InSlice(imageJSON[0].RepoDigests, imageReference), checker.Equals, true)
+}
+
+func (s *DockerRegistrySuite) TestPsListContainersFilterAncestorImageByDigest(c *check.C) {
+	digest, err := setupImage(c)
+	c.Assert(err, checker.IsNil, check.Commentf("error setting up image"))
+
+	imageReference := fmt.Sprintf("%s@%s", repoName, digest)
+
+	// pull from the registry using the <name>@<digest> reference
+	dockerCmd(c, "pull", imageReference)
+
+	// build a image from it
+	imageName1 := "images_ps_filter_test"
+	_, err = buildImage(imageName1, fmt.Sprintf(
+		`FROM %s
+		 LABEL match me 1`, imageReference), true)
+	c.Assert(err, checker.IsNil)
+
+	// run a container based on that
+	dockerCmd(c, "run", "--name=test1", imageReference, "echo", "hello")
+	expectedID, err := getIDByName("test1")
+	c.Assert(err, check.IsNil)
+
+	// run a container based on the a descendant of that too
+	dockerCmd(c, "run", "--name=test2", imageName1, "echo", "hello")
+	expectedID1, err := getIDByName("test2")
+	c.Assert(err, check.IsNil)
+
+	expectedIDs := []string{expectedID, expectedID1}
+
+	// Invalid imageReference
+	out, _ := dockerCmd(c, "ps", "-a", "-q", "--no-trunc", fmt.Sprintf("--filter=ancestor=busybox@%s", digest))
+	// Filter container for ancestor filter should be empty
+	c.Assert(strings.TrimSpace(out), checker.Equals, "")
+
+	// Valid imageReference
+	out, _ = dockerCmd(c, "ps", "-a", "-q", "--no-trunc", "--filter=ancestor="+imageReference)
+	checkPsAncestorFilterOutput(c, out, imageReference, expectedIDs)
+}
+
+func (s *DockerRegistrySuite) TestDeleteImageByIDOnlyPulledByDigest(c *check.C) {
+	pushDigest, err := setupImage(c)
+	c.Assert(err, checker.IsNil, check.Commentf("error setting up image"))
+
+	// pull from the registry using the <name>@<digest> reference
+	imageReference := fmt.Sprintf("%s@%s", repoName, pushDigest)
+	dockerCmd(c, "pull", imageReference)
+	// just in case...
+
+	imageID := inspectField(c, imageReference, "Id")
+
+	dockerCmd(c, "rmi", imageID)
+}
+
+func (s *DockerRegistrySuite) TestDeleteImageWithDigestAndTag(c *check.C) {
+	pushDigest, err := setupImage(c)
+	c.Assert(err, checker.IsNil, check.Commentf("error setting up image"))
+
+	// pull from the registry using the <name>@<digest> reference
+	imageReference := fmt.Sprintf("%s@%s", repoName, pushDigest)
+	dockerCmd(c, "pull", imageReference)
+
+	imageID := inspectField(c, imageReference, "Id")
+
+	repoTag := repoName + ":sometag"
+	repoTag2 := repoName + ":othertag"
+	dockerCmd(c, "tag", imageReference, repoTag)
+	dockerCmd(c, "tag", imageReference, repoTag2)
+
+	dockerCmd(c, "rmi", repoTag2)
+
+	// rmi should have deleted only repoTag2, because there's another tag
+	inspectField(c, repoTag, "Id")
+
+	dockerCmd(c, "rmi", repoTag)
+
+	// rmi should have deleted the tag, the digest reference, and the image itself
+	_, err = inspectFieldWithError(imageID, "Id")
+	c.Assert(err, checker.NotNil, check.Commentf("image should have been deleted"))
+}
+
+// TestPullFailsWithAlteredManifest tests that a `docker pull` fails when
+// we have modified a manifest blob and its digest cannot be verified.
+// This is the schema2 version of the test.
+func (s *DockerRegistrySuite) TestPullFailsWithAlteredManifest(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	manifestDigest, err := setupImage(c)
+	c.Assert(err, checker.IsNil, check.Commentf("error setting up image"))
+
+	// Load the target manifest blob.
+	manifestBlob := s.reg.readBlobContents(c, manifestDigest)
+
+	var imgManifest schema2.Manifest
+	err = json.Unmarshal(manifestBlob, &imgManifest)
+	c.Assert(err, checker.IsNil, check.Commentf("unable to decode image manifest from blob"))
+
+	// Change a layer in the manifest.
+	imgManifest.Layers[0].Digest = digest.Digest("sha256:0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef")
+
+	// Move the existing data file aside, so that we can replace it with a
+	// malicious blob of data. NOTE: we defer the returned undo func.
+	undo := s.reg.tempMoveBlobData(c, manifestDigest)
+	defer undo()
+
+	alteredManifestBlob, err := json.MarshalIndent(imgManifest, "", "   ")
+	c.Assert(err, checker.IsNil, check.Commentf("unable to encode altered image manifest to JSON"))
+
+	s.reg.writeBlobContents(c, manifestDigest, alteredManifestBlob)
+
+	// Now try pulling that image by digest. We should get an error about
+	// digest verification for the manifest digest.
+
+	// Pull from the registry using the <name>@<digest> reference.
+	imageReference := fmt.Sprintf("%s@%s", repoName, manifestDigest)
+	out, exitStatus, _ := dockerCmdWithError("pull", imageReference)
+	c.Assert(exitStatus, checker.Not(check.Equals), 0)
+
+	expectedErrorMsg := fmt.Sprintf("manifest verification failed for digest %s", manifestDigest)
+	c.Assert(out, checker.Contains, expectedErrorMsg)
+}
+
+// TestPullFailsWithAlteredManifest tests that a `docker pull` fails when
+// we have modified a manifest blob and its digest cannot be verified.
+// This is the schema1 version of the test.
+func (s *DockerSchema1RegistrySuite) TestPullFailsWithAlteredManifest(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	manifestDigest, err := setupImage(c)
+	c.Assert(err, checker.IsNil, check.Commentf("error setting up image"))
+
+	// Load the target manifest blob.
+	manifestBlob := s.reg.readBlobContents(c, manifestDigest)
+
+	var imgManifest schema1.Manifest
+	err = json.Unmarshal(manifestBlob, &imgManifest)
+	c.Assert(err, checker.IsNil, check.Commentf("unable to decode image manifest from blob"))
+
+	// Change a layer in the manifest.
+	imgManifest.FSLayers[0] = schema1.FSLayer{
+		BlobSum: digest.Digest("sha256:0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"),
+	}
+
+	// Move the existing data file aside, so that we can replace it with a
+	// malicious blob of data. NOTE: we defer the returned undo func.
+	undo := s.reg.tempMoveBlobData(c, manifestDigest)
+	defer undo()
+
+	alteredManifestBlob, err := json.MarshalIndent(imgManifest, "", "   ")
+	c.Assert(err, checker.IsNil, check.Commentf("unable to encode altered image manifest to JSON"))
+
+	s.reg.writeBlobContents(c, manifestDigest, alteredManifestBlob)
+
+	// Now try pulling that image by digest. We should get an error about
+	// digest verification for the manifest digest.
+
+	// Pull from the registry using the <name>@<digest> reference.
+	imageReference := fmt.Sprintf("%s@%s", repoName, manifestDigest)
+	out, exitStatus, _ := dockerCmdWithError("pull", imageReference)
+	c.Assert(exitStatus, checker.Not(check.Equals), 0)
+
+	expectedErrorMsg := fmt.Sprintf("image verification failed for digest %s", manifestDigest)
+	c.Assert(out, checker.Contains, expectedErrorMsg)
+}
+
+// TestPullFailsWithAlteredLayer tests that a `docker pull` fails when
+// we have modified a layer blob and its digest cannot be verified.
+// This is the schema2 version of the test.
+func (s *DockerRegistrySuite) TestPullFailsWithAlteredLayer(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	manifestDigest, err := setupImage(c)
+	c.Assert(err, checker.IsNil)
+
+	// Load the target manifest blob.
+	manifestBlob := s.reg.readBlobContents(c, manifestDigest)
+
+	var imgManifest schema2.Manifest
+	err = json.Unmarshal(manifestBlob, &imgManifest)
+	c.Assert(err, checker.IsNil)
+
+	// Next, get the digest of one of the layers from the manifest.
+	targetLayerDigest := imgManifest.Layers[0].Digest
+
+	// Move the existing data file aside, so that we can replace it with a
+	// malicious blob of data. NOTE: we defer the returned undo func.
+	undo := s.reg.tempMoveBlobData(c, targetLayerDigest)
+	defer undo()
+
+	// Now make a fake data blob in this directory.
+	s.reg.writeBlobContents(c, targetLayerDigest, []byte("This is not the data you are looking for."))
+
+	// Now try pulling that image by digest. We should get an error about
+	// digest verification for the target layer digest.
+
+	// Remove distribution cache to force a re-pull of the blobs
+	if err := os.RemoveAll(filepath.Join(dockerBasePath, "image", s.d.storageDriver, "distribution")); err != nil {
+		c.Fatalf("error clearing distribution cache: %v", err)
+	}
+
+	// Pull from the registry using the <name>@<digest> reference.
+	imageReference := fmt.Sprintf("%s@%s", repoName, manifestDigest)
+	out, exitStatus, _ := dockerCmdWithError("pull", imageReference)
+	c.Assert(exitStatus, checker.Not(check.Equals), 0, check.Commentf("expected a zero exit status"))
+
+	expectedErrorMsg := fmt.Sprintf("filesystem layer verification failed for digest %s", targetLayerDigest)
+	c.Assert(out, checker.Contains, expectedErrorMsg, check.Commentf("expected error message in output: %s", out))
+}
+
+// TestPullFailsWithAlteredLayer tests that a `docker pull` fails when
+// we have modified a layer blob and its digest cannot be verified.
+// This is the schema1 version of the test.
+func (s *DockerSchema1RegistrySuite) TestPullFailsWithAlteredLayer(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	manifestDigest, err := setupImage(c)
+	c.Assert(err, checker.IsNil)
+
+	// Load the target manifest blob.
+	manifestBlob := s.reg.readBlobContents(c, manifestDigest)
+
+	var imgManifest schema1.Manifest
+	err = json.Unmarshal(manifestBlob, &imgManifest)
+	c.Assert(err, checker.IsNil)
+
+	// Next, get the digest of one of the layers from the manifest.
+	targetLayerDigest := imgManifest.FSLayers[0].BlobSum
+
+	// Move the existing data file aside, so that we can replace it with a
+	// malicious blob of data. NOTE: we defer the returned undo func.
+	undo := s.reg.tempMoveBlobData(c, targetLayerDigest)
+	defer undo()
+
+	// Now make a fake data blob in this directory.
+	s.reg.writeBlobContents(c, targetLayerDigest, []byte("This is not the data you are looking for."))
+
+	// Now try pulling that image by digest. We should get an error about
+	// digest verification for the target layer digest.
+
+	// Remove distribution cache to force a re-pull of the blobs
+	if err := os.RemoveAll(filepath.Join(dockerBasePath, "image", s.d.storageDriver, "distribution")); err != nil {
+		c.Fatalf("error clearing distribution cache: %v", err)
+	}
+
+	// Pull from the registry using the <name>@<digest> reference.
+	imageReference := fmt.Sprintf("%s@%s", repoName, manifestDigest)
+	out, exitStatus, _ := dockerCmdWithError("pull", imageReference)
+	c.Assert(exitStatus, checker.Not(check.Equals), 0, check.Commentf("expected a zero exit status"))
+
+	expectedErrorMsg := fmt.Sprintf("filesystem layer verification failed for digest %s", targetLayerDigest)
+	c.Assert(out, checker.Contains, expectedErrorMsg, check.Commentf("expected error message in output: %s", out))
+}
diff --git a/integration-cli/docker_cli_commit_test.go b/integration-cli/docker_cli_commit_test.go
new file mode 100644
index 00000000..086a2031
--- /dev/null
+++ b/integration-cli/docker_cli_commit_test.go
@@ -0,0 +1,189 @@
+package main
+
+import (
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestCommitAfterContainerIsDone(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-i", "-a", "stdin", "busybox", "echo", "foo")
+
+	cleanedContainerID := strings.TrimSpace(out)
+
+	dockerCmd(c, "wait", cleanedContainerID)
+
+	out, _ = dockerCmd(c, "commit", cleanedContainerID)
+
+	cleanedImageID := strings.TrimSpace(out)
+
+	dockerCmd(c, "inspect", cleanedImageID)
+}
+
+func (s *DockerSuite) TestCommitWithoutPause(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-i", "-a", "stdin", "busybox", "echo", "foo")
+
+	cleanedContainerID := strings.TrimSpace(out)
+
+	dockerCmd(c, "wait", cleanedContainerID)
+
+	out, _ = dockerCmd(c, "commit", "-p=false", cleanedContainerID)
+
+	cleanedImageID := strings.TrimSpace(out)
+
+	dockerCmd(c, "inspect", cleanedImageID)
+}
+
+//test commit a paused container should not unpause it after commit
+func (s *DockerSuite) TestCommitPausedContainer(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	defer unpauseAllContainers()
+	out, _ := dockerCmd(c, "run", "-i", "-d", "busybox")
+
+	cleanedContainerID := strings.TrimSpace(out)
+
+	dockerCmd(c, "pause", cleanedContainerID)
+
+	out, _ = dockerCmd(c, "commit", cleanedContainerID)
+
+	out = inspectField(c, cleanedContainerID, "State.Paused")
+	// commit should not unpause a paused container
+	c.Assert(out, checker.Contains, "true")
+}
+
+func (s *DockerSuite) TestCommitNewFile(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "--name", "commiter", "busybox", "/bin/sh", "-c", "echo koye > /foo")
+
+	imageID, _ := dockerCmd(c, "commit", "commiter")
+	imageID = strings.TrimSpace(imageID)
+
+	out, _ := dockerCmd(c, "run", imageID, "cat", "/foo")
+	actual := strings.TrimSpace(out)
+	c.Assert(actual, checker.Equals, "koye")
+}
+
+func (s *DockerSuite) TestCommitHardlink(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	firstOutput, _ := dockerCmd(c, "run", "-t", "--name", "hardlinks", "busybox", "sh", "-c", "touch file1 && ln file1 file2 && ls -di file1 file2")
+
+	chunks := strings.Split(strings.TrimSpace(firstOutput), " ")
+	inode := chunks[0]
+	chunks = strings.SplitAfterN(strings.TrimSpace(firstOutput), " ", 2)
+	c.Assert(chunks[1], checker.Contains, chunks[0], check.Commentf("Failed to create hardlink in a container. Expected to find %q in %q", inode, chunks[1:]))
+
+	imageID, _ := dockerCmd(c, "commit", "hardlinks", "hardlinks")
+	imageID = strings.TrimSpace(imageID)
+
+	secondOutput, _ := dockerCmd(c, "run", "-t", "hardlinks", "ls", "-di", "file1", "file2")
+
+	chunks = strings.Split(strings.TrimSpace(secondOutput), " ")
+	inode = chunks[0]
+	chunks = strings.SplitAfterN(strings.TrimSpace(secondOutput), " ", 2)
+	c.Assert(chunks[1], checker.Contains, chunks[0], check.Commentf("Failed to create hardlink in a container. Expected to find %q in %q", inode, chunks[1:]))
+}
+
+func (s *DockerSuite) TestCommitTTY(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "-t", "--name", "tty", "busybox", "/bin/ls")
+
+	imageID, _ := dockerCmd(c, "commit", "tty", "ttytest")
+	imageID = strings.TrimSpace(imageID)
+
+	dockerCmd(c, "run", "ttytest", "/bin/ls")
+}
+
+func (s *DockerSuite) TestCommitWithHostBindMount(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "--name", "bind-commit", "-v", "/dev/null:/winning", "busybox", "true")
+
+	imageID, _ := dockerCmd(c, "commit", "bind-commit", "bindtest")
+	imageID = strings.TrimSpace(imageID)
+
+	dockerCmd(c, "run", "bindtest", "true")
+}
+
+func (s *DockerSuite) TestCommitChange(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "--name", "test", "busybox", "true")
+
+	imageID, _ := dockerCmd(c, "commit",
+		"--change", "EXPOSE 8080",
+		"--change", "ENV DEBUG true",
+		"--change", "ENV test 1",
+		"--change", "ENV PATH /foo",
+		"--change", "LABEL foo bar",
+		"--change", "CMD [\"/bin/sh\"]",
+		"--change", "WORKDIR /opt",
+		"--change", "ENTRYPOINT [\"/bin/sh\"]",
+		"--change", "USER testuser",
+		"--change", "VOLUME /var/lib/docker",
+		"--change", "ONBUILD /usr/local/bin/python-build --dir /app/src",
+		"test", "test-commit")
+	imageID = strings.TrimSpace(imageID)
+
+	expected := map[string]string{
+		"Config.ExposedPorts": "map[8080/tcp:{}]",
+		"Config.Env":          "[DEBUG=true test=1 PATH=/foo]",
+		"Config.Labels":       "map[foo:bar]",
+		"Config.Cmd":          "[/bin/sh]",
+		"Config.WorkingDir":   "/opt",
+		"Config.Entrypoint":   "[/bin/sh]",
+		"Config.User":         "testuser",
+		"Config.Volumes":      "map[/var/lib/docker:{}]",
+		"Config.OnBuild":      "[/usr/local/bin/python-build --dir /app/src]",
+	}
+
+	for conf, value := range expected {
+		res := inspectField(c, imageID, conf)
+		if res != value {
+			c.Errorf("%s('%s'), expected %s", conf, res, value)
+		}
+	}
+}
+
+// TODO: commit --run is deprecated, remove this once --run is removed
+func (s *DockerSuite) TestCommitMergeConfigRun(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "commit-test"
+	out, _ := dockerCmd(c, "run", "-d", "-e=FOO=bar", "busybox", "/bin/sh", "-c", "echo testing > /tmp/foo")
+	id := strings.TrimSpace(out)
+
+	dockerCmd(c, "commit", `--run={"Cmd": ["cat", "/tmp/foo"]}`, id, "commit-test")
+
+	out, _ = dockerCmd(c, "run", "--name", name, "commit-test")
+	//run config in committed container was not merged
+	c.Assert(strings.TrimSpace(out), checker.Equals, "testing")
+
+	type cfg struct {
+		Env []string
+		Cmd []string
+	}
+	config1 := cfg{}
+	inspectFieldAndMarshall(c, id, "Config", &config1)
+
+	config2 := cfg{}
+	inspectFieldAndMarshall(c, name, "Config", &config2)
+
+	// Env has at least PATH loaded as well here, so let's just grab the FOO one
+	var env1, env2 string
+	for _, e := range config1.Env {
+		if strings.HasPrefix(e, "FOO") {
+			env1 = e
+			break
+		}
+	}
+	for _, e := range config2.Env {
+		if strings.HasPrefix(e, "FOO") {
+			env2 = e
+			break
+		}
+	}
+
+	if len(config1.Env) != len(config2.Env) || env1 != env2 && env2 != "" {
+		c.Fatalf("expected envs to match: %v - %v", config1.Env, config2.Env)
+	}
+}
diff --git a/integration-cli/docker_cli_config_test.go b/integration-cli/docker_cli_config_test.go
new file mode 100644
index 00000000..60152310
--- /dev/null
+++ b/integration-cli/docker_cli_config_test.go
@@ -0,0 +1,138 @@
+package main
+
+import (
+	"io/ioutil"
+	"net/http"
+	"net/http/httptest"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"runtime"
+
+	"github.com/docker/docker/dockerversion"
+	"github.com/docker/docker/pkg/homedir"
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestConfigHttpHeader(c *check.C) {
+	testRequires(c, UnixCli) // Can't set/unset HOME on windows right now
+	// We either need a level of Go that supports Unsetenv (for cases
+	// when HOME/USERPROFILE isn't set), or we need to be able to use
+	// os/user but user.Current() only works if we aren't statically compiling
+
+	var headers map[string][]string
+
+	server := httptest.NewServer(http.HandlerFunc(
+		func(w http.ResponseWriter, r *http.Request) {
+			headers = r.Header
+		}))
+	defer server.Close()
+
+	homeKey := homedir.Key()
+	homeVal := homedir.Get()
+	tmpDir, err := ioutil.TempDir("", "fake-home")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(tmpDir)
+
+	dotDocker := filepath.Join(tmpDir, ".docker")
+	os.Mkdir(dotDocker, 0600)
+	tmpCfg := filepath.Join(dotDocker, "config.json")
+
+	defer func() { os.Setenv(homeKey, homeVal) }()
+	os.Setenv(homeKey, tmpDir)
+
+	data := `{
+		"HttpHeaders": { "MyHeader": "MyValue" }
+	}`
+
+	err = ioutil.WriteFile(tmpCfg, []byte(data), 0600)
+	c.Assert(err, checker.IsNil)
+
+	cmd := exec.Command(dockerBinary, "-H="+server.URL[7:], "ps")
+	out, _, _ := runCommandWithOutput(cmd)
+
+	c.Assert(headers["User-Agent"], checker.NotNil, check.Commentf("Missing User-Agent"))
+
+	c.Assert(headers["User-Agent"][0], checker.Equals, "Docker-Client/"+dockerversion.Version+" ("+runtime.GOOS+")", check.Commentf("Badly formatted User-Agent,out:%v", out))
+
+	c.Assert(headers["Myheader"], checker.NotNil)
+	c.Assert(headers["Myheader"][0], checker.Equals, "MyValue", check.Commentf("Missing/bad header,out:%v", out))
+
+}
+
+func (s *DockerSuite) TestConfigDir(c *check.C) {
+	cDir, err := ioutil.TempDir("", "fake-home")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(cDir)
+
+	// First make sure pointing to empty dir doesn't generate an error
+	dockerCmd(c, "--config", cDir, "ps")
+
+	// Test with env var too
+	cmd := exec.Command(dockerBinary, "ps")
+	cmd.Env = appendBaseEnv(true, "DOCKER_CONFIG="+cDir)
+	out, _, err := runCommandWithOutput(cmd)
+
+	c.Assert(err, checker.IsNil, check.Commentf("ps2 didn't work,out:%v", out))
+
+	// Start a server so we can check to see if the config file was
+	// loaded properly
+	var headers map[string][]string
+
+	server := httptest.NewServer(http.HandlerFunc(
+		func(w http.ResponseWriter, r *http.Request) {
+			headers = r.Header
+		}))
+	defer server.Close()
+
+	// Create a dummy config file in our new config dir
+	data := `{
+		"HttpHeaders": { "MyHeader": "MyValue" }
+	}`
+
+	tmpCfg := filepath.Join(cDir, "config.json")
+	err = ioutil.WriteFile(tmpCfg, []byte(data), 0600)
+	c.Assert(err, checker.IsNil, check.Commentf("Err creating file"))
+
+	env := appendBaseEnv(false)
+
+	cmd = exec.Command(dockerBinary, "--config", cDir, "-H="+server.URL[7:], "ps")
+	cmd.Env = env
+	out, _, err = runCommandWithOutput(cmd)
+
+	c.Assert(err, checker.NotNil, check.Commentf("out:%v", out))
+	c.Assert(headers["Myheader"], checker.NotNil)
+	c.Assert(headers["Myheader"][0], checker.Equals, "MyValue", check.Commentf("ps3 - Missing header,out:%v", out))
+
+	// Reset headers and try again using env var this time
+	headers = map[string][]string{}
+	cmd = exec.Command(dockerBinary, "-H="+server.URL[7:], "ps")
+	cmd.Env = append(env, "DOCKER_CONFIG="+cDir)
+	out, _, err = runCommandWithOutput(cmd)
+
+	c.Assert(err, checker.NotNil, check.Commentf("%v", out))
+	c.Assert(headers["Myheader"], checker.NotNil)
+	c.Assert(headers["Myheader"][0], checker.Equals, "MyValue", check.Commentf("ps4 - Missing header,out:%v", out))
+
+	// Reset headers and make sure flag overrides the env var
+	headers = map[string][]string{}
+	cmd = exec.Command(dockerBinary, "--config", cDir, "-H="+server.URL[7:], "ps")
+	cmd.Env = append(env, "DOCKER_CONFIG=MissingDir")
+	out, _, err = runCommandWithOutput(cmd)
+
+	c.Assert(err, checker.NotNil, check.Commentf("out:%v", out))
+	c.Assert(headers["Myheader"], checker.NotNil)
+	c.Assert(headers["Myheader"][0], checker.Equals, "MyValue", check.Commentf("ps5 - Missing header,out:%v", out))
+
+	// Reset headers and make sure flag overrides the env var.
+	// Almost same as previous but make sure the "MissingDir" isn't
+	// ignore - we don't want to default back to the env var.
+	headers = map[string][]string{}
+	cmd = exec.Command(dockerBinary, "--config", "MissingDir", "-H="+server.URL[7:], "ps")
+	cmd.Env = append(env, "DOCKER_CONFIG="+cDir)
+	out, _, err = runCommandWithOutput(cmd)
+
+	c.Assert(err, checker.NotNil, check.Commentf("out:%v", out))
+	c.Assert(headers["Myheader"], checker.IsNil, check.Commentf("ps6 - Headers shouldn't be the expected value,out:%v", out))
+}
diff --git a/integration-cli/docker_cli_cp_from_container_test.go b/integration-cli/docker_cli_cp_from_container_test.go
new file mode 100644
index 00000000..677085a1
--- /dev/null
+++ b/integration-cli/docker_cli_cp_from_container_test.go
@@ -0,0 +1,489 @@
+package main
+
+import (
+	"os"
+	"path/filepath"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+// docker cp CONTAINER:PATH LOCALPATH
+
+// Try all of the test cases from the archive package which implements the
+// internals of `docker cp` and ensure that the behavior matches when actually
+// copying to and from containers.
+
+// Basic assumptions about SRC and DST:
+// 1. SRC must exist.
+// 2. If SRC ends with a trailing separator, it must be a directory.
+// 3. DST parent directory must exist.
+// 4. If DST exists as a file, it must not end with a trailing separator.
+
+// First get these easy error cases out of the way.
+
+// Test for error when SRC does not exist.
+func (s *DockerSuite) TestCpFromErrSrcNotExists(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{})
+
+	tmpDir := getTestDir(c, "test-cp-from-err-src-not-exists")
+	defer os.RemoveAll(tmpDir)
+
+	err := runDockerCp(c, containerCpPath(containerID, "file1"), tmpDir)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpNotExist(err), checker.True, check.Commentf("expected IsNotExist error, but got %T: %s", err, err))
+}
+
+// Test for error when SRC ends in a trailing
+// path separator but it exists as a file.
+func (s *DockerSuite) TestCpFromErrSrcNotDir(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{addContent: true})
+
+	tmpDir := getTestDir(c, "test-cp-from-err-src-not-dir")
+	defer os.RemoveAll(tmpDir)
+
+	err := runDockerCp(c, containerCpPathTrailingSep(containerID, "file1"), tmpDir)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpNotDir(err), checker.True, check.Commentf("expected IsNotDir error, but got %T: %s", err, err))
+}
+
+// Test for error when SRC is a valid file or directory,
+// bu the DST parent directory does not exist.
+func (s *DockerSuite) TestCpFromErrDstParentNotExists(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{addContent: true})
+
+	tmpDir := getTestDir(c, "test-cp-from-err-dst-parent-not-exists")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	// Try with a file source.
+	srcPath := containerCpPath(containerID, "/file1")
+	dstPath := cpPath(tmpDir, "notExists", "file1")
+
+	err := runDockerCp(c, srcPath, dstPath)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpNotExist(err), checker.True, check.Commentf("expected IsNotExist error, but got %T: %s", err, err))
+
+	// Try with a directory source.
+	srcPath = containerCpPath(containerID, "/dir1")
+
+	err = runDockerCp(c, srcPath, dstPath)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpNotExist(err), checker.True, check.Commentf("expected IsNotExist error, but got %T: %s", err, err))
+}
+
+// Test for error when DST ends in a trailing
+// path separator but exists as a file.
+func (s *DockerSuite) TestCpFromErrDstNotDir(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{addContent: true})
+
+	tmpDir := getTestDir(c, "test-cp-from-err-dst-not-dir")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	// Try with a file source.
+	srcPath := containerCpPath(containerID, "/file1")
+	dstPath := cpPathTrailingSep(tmpDir, "file1")
+
+	err := runDockerCp(c, srcPath, dstPath)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpNotDir(err), checker.True, check.Commentf("expected IsNotDir error, but got %T: %s", err, err))
+
+	// Try with a directory source.
+	srcPath = containerCpPath(containerID, "/dir1")
+
+	err = runDockerCp(c, srcPath, dstPath)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpNotDir(err), checker.True, check.Commentf("expected IsNotDir error, but got %T: %s", err, err))
+}
+
+// Check that copying from a container to a local symlink copies to the symlink
+// target and does not overwrite the local symlink itself.
+func (s *DockerSuite) TestCpFromSymlinkDestination(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{addContent: true})
+
+	tmpDir := getTestDir(c, "test-cp-from-err-dst-not-dir")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	// First, copy a file from the container to a symlink to a file. This
+	// should overwrite the symlink target contents with the source contents.
+	srcPath := containerCpPath(containerID, "/file2")
+	dstPath := cpPath(tmpDir, "symlinkToFile1")
+
+	c.Assert(runDockerCp(c, srcPath, dstPath), checker.IsNil)
+
+	// The symlink should not have been modified.
+	c.Assert(symlinkTargetEquals(c, dstPath, "file1"), checker.IsNil)
+
+	// The file should have the contents of "file2" now.
+	c.Assert(fileContentEquals(c, cpPath(tmpDir, "file1"), "file2\n"), checker.IsNil)
+
+	// Next, copy a file from the container to a symlink to a directory. This
+	// should copy the file into the symlink target directory.
+	dstPath = cpPath(tmpDir, "symlinkToDir1")
+
+	c.Assert(runDockerCp(c, srcPath, dstPath), checker.IsNil)
+
+	// The symlink should not have been modified.
+	c.Assert(symlinkTargetEquals(c, dstPath, "dir1"), checker.IsNil)
+
+	// The file should have the contents of "file2" now.
+	c.Assert(fileContentEquals(c, cpPath(tmpDir, "file2"), "file2\n"), checker.IsNil)
+
+	// Next, copy a file from the container to a symlink to a file that does
+	// not exist (a broken symlink). This should create the target file with
+	// the contents of the source file.
+	dstPath = cpPath(tmpDir, "brokenSymlinkToFileX")
+
+	c.Assert(runDockerCp(c, srcPath, dstPath), checker.IsNil)
+
+	// The symlink should not have been modified.
+	c.Assert(symlinkTargetEquals(c, dstPath, "fileX"), checker.IsNil)
+
+	// The file should have the contents of "file2" now.
+	c.Assert(fileContentEquals(c, cpPath(tmpDir, "fileX"), "file2\n"), checker.IsNil)
+
+	// Next, copy a directory from the container to a symlink to a local
+	// directory. This should copy the directory into the symlink target
+	// directory and not modify the symlink.
+	srcPath = containerCpPath(containerID, "/dir2")
+	dstPath = cpPath(tmpDir, "symlinkToDir1")
+
+	c.Assert(runDockerCp(c, srcPath, dstPath), checker.IsNil)
+
+	// The symlink should not have been modified.
+	c.Assert(symlinkTargetEquals(c, dstPath, "dir1"), checker.IsNil)
+
+	// The directory should now contain a copy of "dir2".
+	c.Assert(fileContentEquals(c, cpPath(tmpDir, "dir1/dir2/file2-1"), "file2-1\n"), checker.IsNil)
+
+	// Next, copy a directory from the container to a symlink to a local
+	// directory that does not exist (a broken symlink). This should create
+	// the target as a directory with the contents of the source directory. It
+	// should not modify the symlink.
+	dstPath = cpPath(tmpDir, "brokenSymlinkToDirX")
+
+	c.Assert(runDockerCp(c, srcPath, dstPath), checker.IsNil)
+
+	// The symlink should not have been modified.
+	c.Assert(symlinkTargetEquals(c, dstPath, "dirX"), checker.IsNil)
+
+	// The "dirX" directory should now be a copy of "dir2".
+	c.Assert(fileContentEquals(c, cpPath(tmpDir, "dirX/file2-1"), "file2-1\n"), checker.IsNil)
+}
+
+// Possibilities are reduced to the remaining 10 cases:
+//
+//  case | srcIsDir | onlyDirContents | dstExists | dstIsDir | dstTrSep | action
+// ===================================================================================================
+//   A   |  no      |  -              |  no       |  -       |  no      |  create file
+//   B   |  no      |  -              |  no       |  -       |  yes     |  error
+//   C   |  no      |  -              |  yes      |  no      |  -       |  overwrite file
+//   D   |  no      |  -              |  yes      |  yes     |  -       |  create file in dst dir
+//   E   |  yes     |  no             |  no       |  -       |  -       |  create dir, copy contents
+//   F   |  yes     |  no             |  yes      |  no      |  -       |  error
+//   G   |  yes     |  no             |  yes      |  yes     |  -       |  copy dir and contents
+//   H   |  yes     |  yes            |  no       |  -       |  -       |  create dir, copy contents
+//   I   |  yes     |  yes            |  yes      |  no      |  -       |  error
+//   J   |  yes     |  yes            |  yes      |  yes     |  -       |  copy dir contents
+//
+
+// A. SRC specifies a file and DST (no trailing path separator) doesn't
+//    exist. This should create a file with the name DST and copy the
+//    contents of the source file into it.
+func (s *DockerSuite) TestCpFromCaseA(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{
+		addContent: true, workDir: "/root",
+	})
+
+	tmpDir := getTestDir(c, "test-cp-from-case-a")
+	defer os.RemoveAll(tmpDir)
+
+	srcPath := containerCpPath(containerID, "/root/file1")
+	dstPath := cpPath(tmpDir, "itWorks.txt")
+
+	c.Assert(runDockerCp(c, srcPath, dstPath), checker.IsNil)
+
+	c.Assert(fileContentEquals(c, dstPath, "file1\n"), checker.IsNil)
+}
+
+// B. SRC specifies a file and DST (with trailing path separator) doesn't
+//    exist. This should cause an error because the copy operation cannot
+//    create a directory when copying a single file.
+func (s *DockerSuite) TestCpFromCaseB(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{addContent: true})
+
+	tmpDir := getTestDir(c, "test-cp-from-case-b")
+	defer os.RemoveAll(tmpDir)
+
+	srcPath := containerCpPath(containerID, "/file1")
+	dstDir := cpPathTrailingSep(tmpDir, "testDir")
+
+	err := runDockerCp(c, srcPath, dstDir)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpDirNotExist(err), checker.True, check.Commentf("expected DirNotExists error, but got %T: %s", err, err))
+}
+
+// C. SRC specifies a file and DST exists as a file. This should overwrite
+//    the file at DST with the contents of the source file.
+func (s *DockerSuite) TestCpFromCaseC(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{
+		addContent: true, workDir: "/root",
+	})
+
+	tmpDir := getTestDir(c, "test-cp-from-case-c")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	srcPath := containerCpPath(containerID, "/root/file1")
+	dstPath := cpPath(tmpDir, "file2")
+
+	// Ensure the local file starts with different content.
+	c.Assert(fileContentEquals(c, dstPath, "file2\n"), checker.IsNil)
+
+	c.Assert(runDockerCp(c, srcPath, dstPath), checker.IsNil)
+
+	c.Assert(fileContentEquals(c, dstPath, "file1\n"), checker.IsNil)
+}
+
+// D. SRC specifies a file and DST exists as a directory. This should place
+//    a copy of the source file inside it using the basename from SRC. Ensure
+//    this works whether DST has a trailing path separator or not.
+func (s *DockerSuite) TestCpFromCaseD(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{addContent: true})
+
+	tmpDir := getTestDir(c, "test-cp-from-case-d")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	srcPath := containerCpPath(containerID, "/file1")
+	dstDir := cpPath(tmpDir, "dir1")
+	dstPath := filepath.Join(dstDir, "file1")
+
+	// Ensure that dstPath doesn't exist.
+	_, err := os.Stat(dstPath)
+	c.Assert(os.IsNotExist(err), checker.True, check.Commentf("did not expect dstPath %q to exist", dstPath))
+
+	c.Assert(runDockerCp(c, srcPath, dstDir), checker.IsNil)
+
+	c.Assert(fileContentEquals(c, dstPath, "file1\n"), checker.IsNil)
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	// unable to remove dstDir
+	c.Assert(os.RemoveAll(dstDir), checker.IsNil)
+
+	// unable to make dstDir
+	c.Assert(os.MkdirAll(dstDir, os.FileMode(0755)), checker.IsNil)
+
+	dstDir = cpPathTrailingSep(tmpDir, "dir1")
+
+	c.Assert(runDockerCp(c, srcPath, dstDir), checker.IsNil)
+
+	c.Assert(fileContentEquals(c, dstPath, "file1\n"), checker.IsNil)
+}
+
+// E. SRC specifies a directory and DST does not exist. This should create a
+//    directory at DST and copy the contents of the SRC directory into the DST
+//    directory. Ensure this works whether DST has a trailing path separator or
+//    not.
+func (s *DockerSuite) TestCpFromCaseE(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{addContent: true})
+
+	tmpDir := getTestDir(c, "test-cp-from-case-e")
+	defer os.RemoveAll(tmpDir)
+
+	srcDir := containerCpPath(containerID, "dir1")
+	dstDir := cpPath(tmpDir, "testDir")
+	dstPath := filepath.Join(dstDir, "file1-1")
+
+	c.Assert(runDockerCp(c, srcDir, dstDir), checker.IsNil)
+
+	c.Assert(fileContentEquals(c, dstPath, "file1-1\n"), checker.IsNil)
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	// unable to remove dstDir
+	c.Assert(os.RemoveAll(dstDir), checker.IsNil)
+
+	dstDir = cpPathTrailingSep(tmpDir, "testDir")
+
+	c.Assert(runDockerCp(c, srcDir, dstDir), checker.IsNil)
+
+	c.Assert(fileContentEquals(c, dstPath, "file1-1\n"), checker.IsNil)
+}
+
+// F. SRC specifies a directory and DST exists as a file. This should cause an
+//    error as it is not possible to overwrite a file with a directory.
+func (s *DockerSuite) TestCpFromCaseF(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{
+		addContent: true, workDir: "/root",
+	})
+
+	tmpDir := getTestDir(c, "test-cp-from-case-f")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	srcDir := containerCpPath(containerID, "/root/dir1")
+	dstFile := cpPath(tmpDir, "file1")
+
+	err := runDockerCp(c, srcDir, dstFile)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpCannotCopyDir(err), checker.True, check.Commentf("expected ErrCannotCopyDir error, but got %T: %s", err, err))
+}
+
+// G. SRC specifies a directory and DST exists as a directory. This should copy
+//    the SRC directory and all its contents to the DST directory. Ensure this
+//    works whether DST has a trailing path separator or not.
+func (s *DockerSuite) TestCpFromCaseG(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{
+		addContent: true, workDir: "/root",
+	})
+
+	tmpDir := getTestDir(c, "test-cp-from-case-g")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	srcDir := containerCpPath(containerID, "/root/dir1")
+	dstDir := cpPath(tmpDir, "dir2")
+	resultDir := filepath.Join(dstDir, "dir1")
+	dstPath := filepath.Join(resultDir, "file1-1")
+
+	c.Assert(runDockerCp(c, srcDir, dstDir), checker.IsNil)
+
+	c.Assert(fileContentEquals(c, dstPath, "file1-1\n"), checker.IsNil)
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	// unable to remove dstDir
+	c.Assert(os.RemoveAll(dstDir), checker.IsNil)
+
+	// unable to make dstDir
+	c.Assert(os.MkdirAll(dstDir, os.FileMode(0755)), checker.IsNil)
+
+	dstDir = cpPathTrailingSep(tmpDir, "dir2")
+
+	c.Assert(runDockerCp(c, srcDir, dstDir), checker.IsNil)
+
+	c.Assert(fileContentEquals(c, dstPath, "file1-1\n"), checker.IsNil)
+}
+
+// H. SRC specifies a directory's contents only and DST does not exist. This
+//    should create a directory at DST and copy the contents of the SRC
+//    directory (but not the directory itself) into the DST directory. Ensure
+//    this works whether DST has a trailing path separator or not.
+func (s *DockerSuite) TestCpFromCaseH(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{addContent: true})
+
+	tmpDir := getTestDir(c, "test-cp-from-case-h")
+	defer os.RemoveAll(tmpDir)
+
+	srcDir := containerCpPathTrailingSep(containerID, "dir1") + "."
+	dstDir := cpPath(tmpDir, "testDir")
+	dstPath := filepath.Join(dstDir, "file1-1")
+
+	c.Assert(runDockerCp(c, srcDir, dstDir), checker.IsNil)
+
+	c.Assert(fileContentEquals(c, dstPath, "file1-1\n"), checker.IsNil)
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	// unable to remove resultDir
+	c.Assert(os.RemoveAll(dstDir), checker.IsNil)
+
+	dstDir = cpPathTrailingSep(tmpDir, "testDir")
+
+	c.Assert(runDockerCp(c, srcDir, dstDir), checker.IsNil)
+
+	c.Assert(fileContentEquals(c, dstPath, "file1-1\n"), checker.IsNil)
+}
+
+// I. SRC specifies a directory's contents only and DST exists as a file. This
+//    should cause an error as it is not possible to overwrite a file with a
+//    directory.
+func (s *DockerSuite) TestCpFromCaseI(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{
+		addContent: true, workDir: "/root",
+	})
+
+	tmpDir := getTestDir(c, "test-cp-from-case-i")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	srcDir := containerCpPathTrailingSep(containerID, "/root/dir1") + "."
+	dstFile := cpPath(tmpDir, "file1")
+
+	err := runDockerCp(c, srcDir, dstFile)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpCannotCopyDir(err), checker.True, check.Commentf("expected ErrCannotCopyDir error, but got %T: %s", err, err))
+}
+
+// J. SRC specifies a directory's contents only and DST exists as a directory.
+//    This should copy the contents of the SRC directory (but not the directory
+//    itself) into the DST directory. Ensure this works whether DST has a
+//    trailing path separator or not.
+func (s *DockerSuite) TestCpFromCaseJ(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{
+		addContent: true, workDir: "/root",
+	})
+
+	tmpDir := getTestDir(c, "test-cp-from-case-j")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	srcDir := containerCpPathTrailingSep(containerID, "/root/dir1") + "."
+	dstDir := cpPath(tmpDir, "dir2")
+	dstPath := filepath.Join(dstDir, "file1-1")
+
+	c.Assert(runDockerCp(c, srcDir, dstDir), checker.IsNil)
+
+	c.Assert(fileContentEquals(c, dstPath, "file1-1\n"), checker.IsNil)
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	// unable to remove dstDir
+	c.Assert(os.RemoveAll(dstDir), checker.IsNil)
+
+	// unable to make dstDir
+	c.Assert(os.MkdirAll(dstDir, os.FileMode(0755)), checker.IsNil)
+
+	dstDir = cpPathTrailingSep(tmpDir, "dir2")
+
+	c.Assert(runDockerCp(c, srcDir, dstDir), checker.IsNil)
+
+	c.Assert(fileContentEquals(c, dstPath, "file1-1\n"), checker.IsNil)
+}
diff --git a/integration-cli/docker_cli_cp_test.go b/integration-cli/docker_cli_cp_test.go
new file mode 100644
index 00000000..f1ae7607
--- /dev/null
+++ b/integration-cli/docker_cli_cp_test.go
@@ -0,0 +1,665 @@
+package main
+
+import (
+	"bytes"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path"
+	"path/filepath"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+const (
+	cpTestPathParent = "/some"
+	cpTestPath       = "/some/path"
+	cpTestName       = "test"
+	cpFullPath       = "/some/path/test"
+
+	cpContainerContents = "holla, i am the container"
+	cpHostContents      = "hello, i am the host"
+)
+
+// Ensure that an all-local path case returns an error.
+func (s *DockerSuite) TestCpLocalOnly(c *check.C) {
+	err := runDockerCp(c, "foo", "bar")
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(err.Error(), checker.Contains, "must specify at least one container source")
+}
+
+// Test for #5656
+// Check that garbage paths don't escape the container's rootfs
+func (s *DockerSuite) TestCpGarbagePath(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "mkdir -p '"+cpTestPath+"' && echo -n '"+cpContainerContents+"' > "+cpFullPath)
+
+	containerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "wait", containerID)
+	// failed to set up container
+	c.Assert(strings.TrimSpace(out), checker.Equals, "0")
+
+	c.Assert(os.MkdirAll(cpTestPath, os.ModeDir), checker.IsNil)
+
+	hostFile, err := os.Create(cpFullPath)
+	c.Assert(err, checker.IsNil)
+	defer hostFile.Close()
+	defer os.RemoveAll(cpTestPathParent)
+
+	fmt.Fprintf(hostFile, "%s", cpHostContents)
+
+	tmpdir, err := ioutil.TempDir("", "docker-integration")
+	c.Assert(err, checker.IsNil)
+
+	tmpname := filepath.Join(tmpdir, cpTestName)
+	defer os.RemoveAll(tmpdir)
+
+	path := path.Join("../../../../../../../../../../../../", cpFullPath)
+
+	dockerCmd(c, "cp", containerID+":"+path, tmpdir)
+
+	file, _ := os.Open(tmpname)
+	defer file.Close()
+
+	test, err := ioutil.ReadAll(file)
+	c.Assert(err, checker.IsNil)
+
+	// output matched host file -- garbage path can escape container rootfs
+	c.Assert(string(test), checker.Not(checker.Equals), cpHostContents)
+
+	// output doesn't match the input for garbage path
+	c.Assert(string(test), checker.Equals, cpContainerContents)
+}
+
+// Check that relative paths are relative to the container's rootfs
+func (s *DockerSuite) TestCpRelativePath(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "mkdir -p '"+cpTestPath+"' && echo -n '"+cpContainerContents+"' > "+cpFullPath)
+
+	containerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "wait", containerID)
+	// failed to set up container
+	c.Assert(strings.TrimSpace(out), checker.Equals, "0")
+
+	c.Assert(os.MkdirAll(cpTestPath, os.ModeDir), checker.IsNil)
+
+	hostFile, err := os.Create(cpFullPath)
+	c.Assert(err, checker.IsNil)
+	defer hostFile.Close()
+	defer os.RemoveAll(cpTestPathParent)
+
+	fmt.Fprintf(hostFile, "%s", cpHostContents)
+
+	tmpdir, err := ioutil.TempDir("", "docker-integration")
+	c.Assert(err, checker.IsNil)
+
+	tmpname := filepath.Join(tmpdir, cpTestName)
+	defer os.RemoveAll(tmpdir)
+
+	var relPath string
+	if path.IsAbs(cpFullPath) {
+		// normally this is `filepath.Rel("/", cpFullPath)` but we cannot
+		// get this unix-path manipulation on windows with filepath.
+		relPath = cpFullPath[1:]
+	}
+	c.Assert(path.IsAbs(cpFullPath), checker.True, check.Commentf("path %s was assumed to be an absolute path", cpFullPath))
+
+	dockerCmd(c, "cp", containerID+":"+relPath, tmpdir)
+
+	file, _ := os.Open(tmpname)
+	defer file.Close()
+
+	test, err := ioutil.ReadAll(file)
+	c.Assert(err, checker.IsNil)
+
+	// output matched host file -- relative path can escape container rootfs
+	c.Assert(string(test), checker.Not(checker.Equals), cpHostContents)
+
+	// output doesn't match the input for relative path
+	c.Assert(string(test), checker.Equals, cpContainerContents)
+}
+
+// Check that absolute paths are relative to the container's rootfs
+func (s *DockerSuite) TestCpAbsolutePath(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "mkdir -p '"+cpTestPath+"' && echo -n '"+cpContainerContents+"' > "+cpFullPath)
+
+	containerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "wait", containerID)
+	// failed to set up container
+	c.Assert(strings.TrimSpace(out), checker.Equals, "0")
+
+	c.Assert(os.MkdirAll(cpTestPath, os.ModeDir), checker.IsNil)
+
+	hostFile, err := os.Create(cpFullPath)
+	c.Assert(err, checker.IsNil)
+	defer hostFile.Close()
+	defer os.RemoveAll(cpTestPathParent)
+
+	fmt.Fprintf(hostFile, "%s", cpHostContents)
+
+	tmpdir, err := ioutil.TempDir("", "docker-integration")
+	c.Assert(err, checker.IsNil)
+
+	tmpname := filepath.Join(tmpdir, cpTestName)
+	defer os.RemoveAll(tmpdir)
+
+	path := cpFullPath
+
+	dockerCmd(c, "cp", containerID+":"+path, tmpdir)
+
+	file, _ := os.Open(tmpname)
+	defer file.Close()
+
+	test, err := ioutil.ReadAll(file)
+	c.Assert(err, checker.IsNil)
+
+	// output matched host file -- absolute path can escape container rootfs
+	c.Assert(string(test), checker.Not(checker.Equals), cpHostContents)
+
+	// output doesn't match the input for absolute path
+	c.Assert(string(test), checker.Equals, cpContainerContents)
+}
+
+// Test for #5619
+// Check that absolute symlinks are still relative to the container's rootfs
+func (s *DockerSuite) TestCpAbsoluteSymlink(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "mkdir -p '"+cpTestPath+"' && echo -n '"+cpContainerContents+"' > "+cpFullPath+" && ln -s "+cpFullPath+" container_path")
+
+	containerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "wait", containerID)
+	// failed to set up container
+	c.Assert(strings.TrimSpace(out), checker.Equals, "0")
+
+	c.Assert(os.MkdirAll(cpTestPath, os.ModeDir), checker.IsNil)
+
+	hostFile, err := os.Create(cpFullPath)
+	c.Assert(err, checker.IsNil)
+	defer hostFile.Close()
+	defer os.RemoveAll(cpTestPathParent)
+
+	fmt.Fprintf(hostFile, "%s", cpHostContents)
+
+	tmpdir, err := ioutil.TempDir("", "docker-integration")
+	c.Assert(err, checker.IsNil)
+
+	tmpname := filepath.Join(tmpdir, "container_path")
+	defer os.RemoveAll(tmpdir)
+
+	path := path.Join("/", "container_path")
+
+	dockerCmd(c, "cp", containerID+":"+path, tmpdir)
+
+	// We should have copied a symlink *NOT* the file itself!
+	linkTarget, err := os.Readlink(tmpname)
+	c.Assert(err, checker.IsNil)
+
+	c.Assert(linkTarget, checker.Equals, filepath.FromSlash(cpFullPath))
+}
+
+// Check that symlinks to a directory behave as expected when copying one from
+// a container.
+func (s *DockerSuite) TestCpFromSymlinkToDirectory(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "mkdir -p '"+cpTestPath+"' && echo -n '"+cpContainerContents+"' > "+cpFullPath+" && ln -s "+cpTestPathParent+" /dir_link")
+
+	containerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "wait", containerID)
+	// failed to set up container
+	c.Assert(strings.TrimSpace(out), checker.Equals, "0")
+
+	testDir, err := ioutil.TempDir("", "test-cp-from-symlink-to-dir-")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(testDir)
+
+	// This copy command should copy the symlink, not the target, into the
+	// temporary directory.
+	dockerCmd(c, "cp", containerID+":"+"/dir_link", testDir)
+
+	expectedPath := filepath.Join(testDir, "dir_link")
+	linkTarget, err := os.Readlink(expectedPath)
+	c.Assert(err, checker.IsNil)
+
+	c.Assert(linkTarget, checker.Equals, filepath.FromSlash(cpTestPathParent))
+
+	os.Remove(expectedPath)
+
+	// This copy command should resolve the symlink (note the trailing
+	// separator), copying the target into the temporary directory.
+	dockerCmd(c, "cp", containerID+":"+"/dir_link/", testDir)
+
+	// It *should not* have copied the directory using the target's name, but
+	// used the given name instead.
+	unexpectedPath := filepath.Join(testDir, cpTestPathParent)
+	stat, err := os.Lstat(unexpectedPath)
+	if err == nil {
+		out = fmt.Sprintf("target name was copied: %q - %q", stat.Mode(), stat.Name())
+	}
+	c.Assert(err, checker.NotNil, check.Commentf(out))
+
+	// It *should* have copied the directory using the asked name "dir_link".
+	stat, err = os.Lstat(expectedPath)
+	c.Assert(err, checker.IsNil, check.Commentf("unable to stat resource at %q", expectedPath))
+
+	c.Assert(stat.IsDir(), checker.True, check.Commentf("should have copied a directory but got %q instead", stat.Mode()))
+}
+
+// Check that symlinks to a directory behave as expected when copying one to a
+// container.
+func (s *DockerSuite) TestCpToSymlinkToDirectory(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, SameHostDaemon) // Requires local volume mount bind.
+
+	testVol, err := ioutil.TempDir("", "test-cp-to-symlink-to-dir-")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(testVol)
+
+	// Create a test container with a local volume. We will test by copying
+	// to the volume path in the container which we can then verify locally.
+	out, _ := dockerCmd(c, "create", "-v", testVol+":/testVol", "busybox")
+
+	containerID := strings.TrimSpace(out)
+
+	// Create a temp directory to hold a test file nested in a direcotry.
+	testDir, err := ioutil.TempDir("", "test-cp-to-symlink-to-dir-")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(testDir)
+
+	// This file will be at "/testDir/some/path/test" and will be copied into
+	// the test volume later.
+	hostTestFilename := filepath.Join(testDir, cpFullPath)
+	c.Assert(os.MkdirAll(filepath.Dir(hostTestFilename), os.FileMode(0700)), checker.IsNil)
+	c.Assert(ioutil.WriteFile(hostTestFilename, []byte(cpHostContents), os.FileMode(0600)), checker.IsNil)
+
+	// Now create another temp directory to hold a symlink to the
+	// "/testDir/some" directory.
+	linkDir, err := ioutil.TempDir("", "test-cp-to-symlink-to-dir-")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(linkDir)
+
+	// Then symlink "/linkDir/dir_link" to "/testdir/some".
+	linkTarget := filepath.Join(testDir, cpTestPathParent)
+	localLink := filepath.Join(linkDir, "dir_link")
+	c.Assert(os.Symlink(linkTarget, localLink), checker.IsNil)
+
+	// Now copy that symlink into the test volume in the container.
+	dockerCmd(c, "cp", localLink, containerID+":/testVol")
+
+	// This copy command should have copied the symlink *not* the target.
+	expectedPath := filepath.Join(testVol, "dir_link")
+	actualLinkTarget, err := os.Readlink(expectedPath)
+	c.Assert(err, checker.IsNil, check.Commentf("unable to read symlink at %q", expectedPath))
+
+	c.Assert(actualLinkTarget, checker.Equals, linkTarget)
+
+	// Good, now remove that copied link for the next test.
+	os.Remove(expectedPath)
+
+	// This copy command should resolve the symlink (note the trailing
+	// separator), copying the target into the test volume directory in the
+	// container.
+	dockerCmd(c, "cp", localLink+"/", containerID+":/testVol")
+
+	// It *should not* have copied the directory using the target's name, but
+	// used the given name instead.
+	unexpectedPath := filepath.Join(testVol, cpTestPathParent)
+	stat, err := os.Lstat(unexpectedPath)
+	if err == nil {
+		out = fmt.Sprintf("target name was copied: %q - %q", stat.Mode(), stat.Name())
+	}
+	c.Assert(err, checker.NotNil, check.Commentf(out))
+
+	// It *should* have copied the directory using the asked name "dir_link".
+	stat, err = os.Lstat(expectedPath)
+	c.Assert(err, checker.IsNil, check.Commentf("unable to stat resource at %q", expectedPath))
+
+	c.Assert(stat.IsDir(), checker.True, check.Commentf("should have copied a directory but got %q instead", stat.Mode()))
+
+	// And this directory should contain the file copied from the host at the
+	// expected location: "/testVol/dir_link/path/test"
+	expectedFilepath := filepath.Join(testVol, "dir_link/path/test")
+	fileContents, err := ioutil.ReadFile(expectedFilepath)
+	c.Assert(err, checker.IsNil)
+
+	c.Assert(string(fileContents), checker.Equals, cpHostContents)
+}
+
+// Test for #5619
+// Check that symlinks which are part of the resource path are still relative to the container's rootfs
+func (s *DockerSuite) TestCpSymlinkComponent(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "mkdir -p '"+cpTestPath+"' && echo -n '"+cpContainerContents+"' > "+cpFullPath+" && ln -s "+cpTestPath+" container_path")
+
+	containerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "wait", containerID)
+	// failed to set up container
+	c.Assert(strings.TrimSpace(out), checker.Equals, "0")
+
+	c.Assert(os.MkdirAll(cpTestPath, os.ModeDir), checker.IsNil)
+
+	hostFile, err := os.Create(cpFullPath)
+	c.Assert(err, checker.IsNil)
+	defer hostFile.Close()
+	defer os.RemoveAll(cpTestPathParent)
+
+	fmt.Fprintf(hostFile, "%s", cpHostContents)
+
+	tmpdir, err := ioutil.TempDir("", "docker-integration")
+
+	c.Assert(err, checker.IsNil)
+
+	tmpname := filepath.Join(tmpdir, cpTestName)
+	defer os.RemoveAll(tmpdir)
+
+	path := path.Join("/", "container_path", cpTestName)
+
+	dockerCmd(c, "cp", containerID+":"+path, tmpdir)
+
+	file, _ := os.Open(tmpname)
+	defer file.Close()
+
+	test, err := ioutil.ReadAll(file)
+	c.Assert(err, checker.IsNil)
+
+	// output matched host file -- symlink path component can escape container rootfs
+	c.Assert(string(test), checker.Not(checker.Equals), cpHostContents)
+
+	// output doesn't match the input for symlink path component
+	c.Assert(string(test), checker.Equals, cpContainerContents)
+}
+
+// Check that cp with unprivileged user doesn't return any error
+func (s *DockerSuite) TestCpUnprivilegedUser(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, UnixCli) // uses chmod/su: not available on windows
+
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "touch "+cpTestName)
+
+	containerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "wait", containerID)
+	// failed to set up container
+	c.Assert(strings.TrimSpace(out), checker.Equals, "0")
+
+	tmpdir, err := ioutil.TempDir("", "docker-integration")
+	c.Assert(err, checker.IsNil)
+
+	defer os.RemoveAll(tmpdir)
+
+	c.Assert(os.Chmod(tmpdir, 0777), checker.IsNil)
+
+	path := cpTestName
+
+	_, _, err = runCommandWithOutput(exec.Command("su", "unprivilegeduser", "-c", dockerBinary+" cp "+containerID+":"+path+" "+tmpdir))
+	c.Assert(err, checker.IsNil, check.Commentf("couldn't copy with unprivileged user: %s:%s", containerID, path))
+}
+
+func (s *DockerSuite) TestCpSpecialFiles(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, SameHostDaemon)
+
+	outDir, err := ioutil.TempDir("", "cp-test-special-files")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(outDir)
+
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "touch /foo")
+
+	containerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "wait", containerID)
+	// failed to set up container
+	c.Assert(strings.TrimSpace(out), checker.Equals, "0")
+
+	// Copy actual /etc/resolv.conf
+	dockerCmd(c, "cp", containerID+":/etc/resolv.conf", outDir)
+
+	expected, err := readContainerFile(containerID, "resolv.conf")
+	actual, err := ioutil.ReadFile(outDir + "/resolv.conf")
+
+	// Expected copied file to be duplicate of the container resolvconf
+	c.Assert(bytes.Equal(actual, expected), checker.True)
+
+	// Copy actual /etc/hosts
+	dockerCmd(c, "cp", containerID+":/etc/hosts", outDir)
+
+	expected, err = readContainerFile(containerID, "hosts")
+	actual, err = ioutil.ReadFile(outDir + "/hosts")
+
+	// Expected copied file to be duplicate of the container hosts
+	c.Assert(bytes.Equal(actual, expected), checker.True)
+
+	// Copy actual /etc/resolv.conf
+	dockerCmd(c, "cp", containerID+":/etc/hostname", outDir)
+
+	expected, err = readContainerFile(containerID, "hostname")
+	actual, err = ioutil.ReadFile(outDir + "/hostname")
+
+	// Expected copied file to be duplicate of the container resolvconf
+	c.Assert(bytes.Equal(actual, expected), checker.True)
+}
+
+func (s *DockerSuite) TestCpVolumePath(c *check.C) {
+	//  stat /tmp/cp-test-volumepath851508420/test gets permission denied for the user
+	testRequires(c, NotUserNamespace)
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, SameHostDaemon)
+
+	tmpDir, err := ioutil.TempDir("", "cp-test-volumepath")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(tmpDir)
+	outDir, err := ioutil.TempDir("", "cp-test-volumepath-out")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(outDir)
+	_, err = os.Create(tmpDir + "/test")
+	c.Assert(err, checker.IsNil)
+
+	out, _ := dockerCmd(c, "run", "-d", "-v", "/foo", "-v", tmpDir+"/test:/test", "-v", tmpDir+":/baz", "busybox", "/bin/sh", "-c", "touch /foo/bar")
+
+	containerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "wait", containerID)
+	// failed to set up container
+	c.Assert(strings.TrimSpace(out), checker.Equals, "0")
+
+	// Copy actual volume path
+	dockerCmd(c, "cp", containerID+":/foo", outDir)
+
+	stat, err := os.Stat(outDir + "/foo")
+	c.Assert(err, checker.IsNil)
+	// expected copied content to be dir
+	c.Assert(stat.IsDir(), checker.True)
+	stat, err = os.Stat(outDir + "/foo/bar")
+	c.Assert(err, checker.IsNil)
+	// Expected file `bar` to be a file
+	c.Assert(stat.IsDir(), checker.False)
+
+	// Copy file nested in volume
+	dockerCmd(c, "cp", containerID+":/foo/bar", outDir)
+
+	stat, err = os.Stat(outDir + "/bar")
+	c.Assert(err, checker.IsNil)
+	// Expected file `bar` to be a file
+	c.Assert(stat.IsDir(), checker.False)
+
+	// Copy Bind-mounted dir
+	dockerCmd(c, "cp", containerID+":/baz", outDir)
+	stat, err = os.Stat(outDir + "/baz")
+	c.Assert(err, checker.IsNil)
+	// Expected `baz` to be a dir
+	c.Assert(stat.IsDir(), checker.True)
+
+	// Copy file nested in bind-mounted dir
+	dockerCmd(c, "cp", containerID+":/baz/test", outDir)
+	fb, err := ioutil.ReadFile(outDir + "/baz/test")
+	c.Assert(err, checker.IsNil)
+	fb2, err := ioutil.ReadFile(tmpDir + "/test")
+	c.Assert(err, checker.IsNil)
+	// Expected copied file to be duplicate of bind-mounted file
+	c.Assert(bytes.Equal(fb, fb2), checker.True)
+
+	// Copy bind-mounted file
+	dockerCmd(c, "cp", containerID+":/test", outDir)
+	fb, err = ioutil.ReadFile(outDir + "/test")
+	c.Assert(err, checker.IsNil)
+	fb2, err = ioutil.ReadFile(tmpDir + "/test")
+	c.Assert(err, checker.IsNil)
+	// Expected copied file to be duplicate of bind-mounted file
+	c.Assert(bytes.Equal(fb, fb2), checker.True)
+}
+
+func (s *DockerSuite) TestCpToDot(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "echo lololol > /test")
+
+	containerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "wait", containerID)
+	// failed to set up container
+	c.Assert(strings.TrimSpace(out), checker.Equals, "0")
+
+	tmpdir, err := ioutil.TempDir("", "docker-integration")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(tmpdir)
+	cwd, err := os.Getwd()
+	c.Assert(err, checker.IsNil)
+	defer os.Chdir(cwd)
+	c.Assert(os.Chdir(tmpdir), checker.IsNil)
+	dockerCmd(c, "cp", containerID+":/test", ".")
+	content, err := ioutil.ReadFile("./test")
+	c.Assert(string(content), checker.Equals, "lololol\n")
+}
+
+func (s *DockerSuite) TestCpToStdout(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "echo lololol > /test")
+
+	containerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "wait", containerID)
+	// failed to set up container
+	c.Assert(strings.TrimSpace(out), checker.Equals, "0")
+
+	out, _, err := runCommandPipelineWithOutput(
+		exec.Command(dockerBinary, "cp", containerID+":/test", "-"),
+		exec.Command("tar", "-vtf", "-"))
+
+	c.Assert(err, checker.IsNil)
+
+	c.Assert(out, checker.Contains, "test")
+	c.Assert(out, checker.Contains, "-rw")
+}
+
+func (s *DockerSuite) TestCpNameHasColon(c *check.C) {
+	testRequires(c, SameHostDaemon, DaemonIsLinux)
+
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "echo lololol > /te:s:t")
+
+	containerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "wait", containerID)
+	// failed to set up container
+	c.Assert(strings.TrimSpace(out), checker.Equals, "0")
+
+	tmpdir, err := ioutil.TempDir("", "docker-integration")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(tmpdir)
+	dockerCmd(c, "cp", containerID+":/te:s:t", tmpdir)
+	content, err := ioutil.ReadFile(tmpdir + "/te:s:t")
+	c.Assert(string(content), checker.Equals, "lololol\n")
+}
+
+func (s *DockerSuite) TestCopyAndRestart(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	expectedMsg := "hello"
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "echo", expectedMsg)
+	containerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "wait", containerID)
+	// failed to set up container
+	c.Assert(strings.TrimSpace(out), checker.Equals, "0")
+
+	tmpDir, err := ioutil.TempDir("", "test-docker-restart-after-copy-")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(tmpDir)
+
+	dockerCmd(c, "cp", fmt.Sprintf("%s:/etc/group", containerID), tmpDir)
+
+	out, _ = dockerCmd(c, "start", "-a", containerID)
+
+	c.Assert(strings.TrimSpace(out), checker.Equals, expectedMsg)
+}
+
+func (s *DockerSuite) TestCopyCreatedContainer(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "create", "--name", "test_cp", "-v", "/test", "busybox")
+
+	tmpDir, err := ioutil.TempDir("", "test")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(tmpDir)
+	dockerCmd(c, "cp", "test_cp:/bin/sh", tmpDir)
+}
+
+// test copy with option `-L`: following symbol link
+// Check that symlinks to a file behave as expected when copying one from
+// a container to host following symbol link
+func (s *DockerSuite) TestCpSymlinkFromConToHostFollowSymlink(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, exitCode := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "mkdir -p '"+cpTestPath+"' && echo -n '"+cpContainerContents+"' > "+cpFullPath+" && ln -s "+cpFullPath+" /dir_link")
+	if exitCode != 0 {
+		c.Fatal("failed to create a container", out)
+	}
+
+	cleanedContainerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "wait", cleanedContainerID)
+	if strings.TrimSpace(out) != "0" {
+		c.Fatal("failed to set up container", out)
+	}
+
+	testDir, err := ioutil.TempDir("", "test-cp-symlink-container-to-host-follow-symlink")
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer os.RemoveAll(testDir)
+
+	// This copy command should copy the symlink, not the target, into the
+	// temporary directory.
+	dockerCmd(c, "cp", "-L", cleanedContainerID+":"+"/dir_link", testDir)
+
+	expectedPath := filepath.Join(testDir, "dir_link")
+
+	expected := []byte(cpContainerContents)
+	actual, err := ioutil.ReadFile(expectedPath)
+
+	if !bytes.Equal(actual, expected) {
+		c.Fatalf("Expected copied file to be duplicate of the container symbol link target")
+	}
+	os.Remove(expectedPath)
+
+	// now test copy symbol link to an non-existing file in host
+	expectedPath = filepath.Join(testDir, "somefile_host")
+	// expectedPath shouldn't exist, if exists, remove it
+	if _, err := os.Lstat(expectedPath); err == nil {
+		os.Remove(expectedPath)
+	}
+
+	dockerCmd(c, "cp", "-L", cleanedContainerID+":"+"/dir_link", expectedPath)
+
+	actual, err = ioutil.ReadFile(expectedPath)
+
+	if !bytes.Equal(actual, expected) {
+		c.Fatalf("Expected copied file to be duplicate of the container symbol link target")
+	}
+	defer os.Remove(expectedPath)
+}
diff --git a/integration-cli/docker_cli_cp_to_container_test.go b/integration-cli/docker_cli_cp_to_container_test.go
new file mode 100644
index 00000000..63fbd446
--- /dev/null
+++ b/integration-cli/docker_cli_cp_to_container_test.go
@@ -0,0 +1,605 @@
+package main
+
+import (
+	"os"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+// docker cp LOCALPATH CONTAINER:PATH
+
+// Try all of the test cases from the archive package which implements the
+// internals of `docker cp` and ensure that the behavior matches when actually
+// copying to and from containers.
+
+// Basic assumptions about SRC and DST:
+// 1. SRC must exist.
+// 2. If SRC ends with a trailing separator, it must be a directory.
+// 3. DST parent directory must exist.
+// 4. If DST exists as a file, it must not end with a trailing separator.
+
+// First get these easy error cases out of the way.
+
+// Test for error when SRC does not exist.
+func (s *DockerSuite) TestCpToErrSrcNotExists(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{})
+
+	tmpDir := getTestDir(c, "test-cp-to-err-src-not-exists")
+	defer os.RemoveAll(tmpDir)
+
+	srcPath := cpPath(tmpDir, "file1")
+	dstPath := containerCpPath(containerID, "file1")
+
+	err := runDockerCp(c, srcPath, dstPath)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpNotExist(err), checker.True, check.Commentf("expected IsNotExist error, but got %T: %s", err, err))
+}
+
+// Test for error when SRC ends in a trailing
+// path separator but it exists as a file.
+func (s *DockerSuite) TestCpToErrSrcNotDir(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{})
+
+	tmpDir := getTestDir(c, "test-cp-to-err-src-not-dir")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	srcPath := cpPathTrailingSep(tmpDir, "file1")
+	dstPath := containerCpPath(containerID, "testDir")
+
+	err := runDockerCp(c, srcPath, dstPath)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpNotDir(err), checker.True, check.Commentf("expected IsNotDir error, but got %T: %s", err, err))
+}
+
+// Test for error when SRC is a valid file or directory,
+// bu the DST parent directory does not exist.
+func (s *DockerSuite) TestCpToErrDstParentNotExists(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{addContent: true})
+
+	tmpDir := getTestDir(c, "test-cp-to-err-dst-parent-not-exists")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	// Try with a file source.
+	srcPath := cpPath(tmpDir, "file1")
+	dstPath := containerCpPath(containerID, "/notExists", "file1")
+
+	err := runDockerCp(c, srcPath, dstPath)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpNotExist(err), checker.True, check.Commentf("expected IsNotExist error, but got %T: %s", err, err))
+
+	// Try with a directory source.
+	srcPath = cpPath(tmpDir, "dir1")
+
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpNotExist(err), checker.True, check.Commentf("expected IsNotExist error, but got %T: %s", err, err))
+}
+
+// Test for error when DST ends in a trailing path separator but exists as a
+// file. Also test that we cannot overwrite an existing directory with a
+// non-directory and cannot overwrite an existing
+func (s *DockerSuite) TestCpToErrDstNotDir(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{addContent: true})
+
+	tmpDir := getTestDir(c, "test-cp-to-err-dst-not-dir")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	// Try with a file source.
+	srcPath := cpPath(tmpDir, "dir1/file1-1")
+	dstPath := containerCpPathTrailingSep(containerID, "file1")
+
+	// The client should encounter an error trying to stat the destination
+	// and then be unable to copy since the destination is asserted to be a
+	// directory but does not exist.
+	err := runDockerCp(c, srcPath, dstPath)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpDirNotExist(err), checker.True, check.Commentf("expected DirNotExist error, but got %T: %s", err, err))
+
+	// Try with a directory source.
+	srcPath = cpPath(tmpDir, "dir1")
+
+	// The client should encounter an error trying to stat the destination and
+	// then decide to extract to the parent directory instead with a rebased
+	// name in the source archive, but this directory would overwrite the
+	// existing file with the same name.
+	err = runDockerCp(c, srcPath, dstPath)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCannotOverwriteNonDirWithDir(err), checker.True, check.Commentf("expected CannotOverwriteNonDirWithDir error, but got %T: %s", err, err))
+}
+
+// Check that copying from a local path to a symlink in a container copies to
+// the symlink target and does not overwrite the container symlink itself.
+func (s *DockerSuite) TestCpToSymlinkDestination(c *check.C) {
+	//  stat /tmp/test-cp-to-symlink-destination-262430901/vol3 gets permission denied for the user
+	testRequires(c, NotUserNamespace)
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, SameHostDaemon) // Requires local volume mount bind.
+
+	testVol := getTestDir(c, "test-cp-to-symlink-destination-")
+	defer os.RemoveAll(testVol)
+
+	makeTestContentInDir(c, testVol)
+
+	containerID := makeTestContainer(c, testContainerOptions{
+		volumes: defaultVolumes(testVol), // Our bind mount is at /vol2
+	})
+
+	// First, copy a local file to a symlink to a file in the container. This
+	// should overwrite the symlink target contents with the source contents.
+	srcPath := cpPath(testVol, "file2")
+	dstPath := containerCpPath(containerID, "/vol2/symlinkToFile1")
+
+	c.Assert(runDockerCp(c, srcPath, dstPath), checker.IsNil)
+
+	// The symlink should not have been modified.
+	c.Assert(symlinkTargetEquals(c, cpPath(testVol, "symlinkToFile1"), "file1"), checker.IsNil)
+
+	// The file should have the contents of "file2" now.
+	c.Assert(fileContentEquals(c, cpPath(testVol, "file1"), "file2\n"), checker.IsNil)
+
+	// Next, copy a local file to a symlink to a directory in the container.
+	// This should copy the file into the symlink target directory.
+	dstPath = containerCpPath(containerID, "/vol2/symlinkToDir1")
+
+	c.Assert(runDockerCp(c, srcPath, dstPath), checker.IsNil)
+
+	// The symlink should not have been modified.
+	c.Assert(symlinkTargetEquals(c, cpPath(testVol, "symlinkToDir1"), "dir1"), checker.IsNil)
+
+	// The file should have the contents of "file2" now.
+	c.Assert(fileContentEquals(c, cpPath(testVol, "file2"), "file2\n"), checker.IsNil)
+
+	// Next, copy a file to a symlink to a file that does not exist (a broken
+	// symlink) in the container. This should create the target file with the
+	// contents of the source file.
+	dstPath = containerCpPath(containerID, "/vol2/brokenSymlinkToFileX")
+
+	c.Assert(runDockerCp(c, srcPath, dstPath), checker.IsNil)
+
+	// The symlink should not have been modified.
+	c.Assert(symlinkTargetEquals(c, cpPath(testVol, "brokenSymlinkToFileX"), "fileX"), checker.IsNil)
+
+	// The file should have the contents of "file2" now.
+	c.Assert(fileContentEquals(c, cpPath(testVol, "fileX"), "file2\n"), checker.IsNil)
+
+	// Next, copy a local directory to a symlink to a directory in the
+	// container. This should copy the directory into the symlink target
+	// directory and not modify the symlink.
+	srcPath = cpPath(testVol, "/dir2")
+	dstPath = containerCpPath(containerID, "/vol2/symlinkToDir1")
+
+	c.Assert(runDockerCp(c, srcPath, dstPath), checker.IsNil)
+
+	// The symlink should not have been modified.
+	c.Assert(symlinkTargetEquals(c, cpPath(testVol, "symlinkToDir1"), "dir1"), checker.IsNil)
+
+	// The directory should now contain a copy of "dir2".
+	c.Assert(fileContentEquals(c, cpPath(testVol, "dir1/dir2/file2-1"), "file2-1\n"), checker.IsNil)
+
+	// Next, copy a local directory to a symlink to a local directory that does
+	// not exist (a broken symlink) in the container. This should create the
+	// target as a directory with the contents of the source directory. It
+	// should not modify the symlink.
+	dstPath = containerCpPath(containerID, "/vol2/brokenSymlinkToDirX")
+
+	c.Assert(runDockerCp(c, srcPath, dstPath), checker.IsNil)
+
+	// The symlink should not have been modified.
+	c.Assert(symlinkTargetEquals(c, cpPath(testVol, "brokenSymlinkToDirX"), "dirX"), checker.IsNil)
+
+	// The "dirX" directory should now be a copy of "dir2".
+	c.Assert(fileContentEquals(c, cpPath(testVol, "dirX/file2-1"), "file2-1\n"), checker.IsNil)
+}
+
+// Possibilities are reduced to the remaining 10 cases:
+//
+//  case | srcIsDir | onlyDirContents | dstExists | dstIsDir | dstTrSep | action
+// ===================================================================================================
+//   A   |  no      |  -              |  no       |  -       |  no      |  create file
+//   B   |  no      |  -              |  no       |  -       |  yes     |  error
+//   C   |  no      |  -              |  yes      |  no      |  -       |  overwrite file
+//   D   |  no      |  -              |  yes      |  yes     |  -       |  create file in dst dir
+//   E   |  yes     |  no             |  no       |  -       |  -       |  create dir, copy contents
+//   F   |  yes     |  no             |  yes      |  no      |  -       |  error
+//   G   |  yes     |  no             |  yes      |  yes     |  -       |  copy dir and contents
+//   H   |  yes     |  yes            |  no       |  -       |  -       |  create dir, copy contents
+//   I   |  yes     |  yes            |  yes      |  no      |  -       |  error
+//   J   |  yes     |  yes            |  yes      |  yes     |  -       |  copy dir contents
+//
+
+// A. SRC specifies a file and DST (no trailing path separator) doesn't
+//    exist. This should create a file with the name DST and copy the
+//    contents of the source file into it.
+func (s *DockerSuite) TestCpToCaseA(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{
+		workDir: "/root", command: makeCatFileCommand("itWorks.txt"),
+	})
+
+	tmpDir := getTestDir(c, "test-cp-to-case-a")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	srcPath := cpPath(tmpDir, "file1")
+	dstPath := containerCpPath(containerID, "/root/itWorks.txt")
+
+	c.Assert(runDockerCp(c, srcPath, dstPath), checker.IsNil)
+
+	c.Assert(containerStartOutputEquals(c, containerID, "file1\n"), checker.IsNil)
+}
+
+// B. SRC specifies a file and DST (with trailing path separator) doesn't
+//    exist. This should cause an error because the copy operation cannot
+//    create a directory when copying a single file.
+func (s *DockerSuite) TestCpToCaseB(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{
+		command: makeCatFileCommand("testDir/file1"),
+	})
+
+	tmpDir := getTestDir(c, "test-cp-to-case-b")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	srcPath := cpPath(tmpDir, "file1")
+	dstDir := containerCpPathTrailingSep(containerID, "testDir")
+
+	err := runDockerCp(c, srcPath, dstDir)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpDirNotExist(err), checker.True, check.Commentf("expected DirNotExists error, but got %T: %s", err, err))
+}
+
+// C. SRC specifies a file and DST exists as a file. This should overwrite
+//    the file at DST with the contents of the source file.
+func (s *DockerSuite) TestCpToCaseC(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{
+		addContent: true, workDir: "/root",
+		command: makeCatFileCommand("file2"),
+	})
+
+	tmpDir := getTestDir(c, "test-cp-to-case-c")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	srcPath := cpPath(tmpDir, "file1")
+	dstPath := containerCpPath(containerID, "/root/file2")
+
+	// Ensure the container's file starts with the original content.
+	c.Assert(containerStartOutputEquals(c, containerID, "file2\n"), checker.IsNil)
+
+	c.Assert(runDockerCp(c, srcPath, dstPath), checker.IsNil)
+
+	// Should now contain file1's contents.
+	c.Assert(containerStartOutputEquals(c, containerID, "file1\n"), checker.IsNil)
+}
+
+// D. SRC specifies a file and DST exists as a directory. This should place
+//    a copy of the source file inside it using the basename from SRC. Ensure
+//    this works whether DST has a trailing path separator or not.
+func (s *DockerSuite) TestCpToCaseD(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{
+		addContent: true,
+		command:    makeCatFileCommand("/dir1/file1"),
+	})
+
+	tmpDir := getTestDir(c, "test-cp-to-case-d")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	srcPath := cpPath(tmpDir, "file1")
+	dstDir := containerCpPath(containerID, "dir1")
+
+	// Ensure that dstPath doesn't exist.
+	c.Assert(containerStartOutputEquals(c, containerID, ""), checker.IsNil)
+
+	c.Assert(runDockerCp(c, srcPath, dstDir), checker.IsNil)
+
+	// Should now contain file1's contents.
+	c.Assert(containerStartOutputEquals(c, containerID, "file1\n"), checker.IsNil)
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	// Make new destination container.
+	containerID = makeTestContainer(c, testContainerOptions{
+		addContent: true,
+		command:    makeCatFileCommand("/dir1/file1"),
+	})
+
+	dstDir = containerCpPathTrailingSep(containerID, "dir1")
+
+	// Ensure that dstPath doesn't exist.
+	c.Assert(containerStartOutputEquals(c, containerID, ""), checker.IsNil)
+
+	c.Assert(runDockerCp(c, srcPath, dstDir), checker.IsNil)
+
+	// Should now contain file1's contents.
+	c.Assert(containerStartOutputEquals(c, containerID, "file1\n"), checker.IsNil)
+}
+
+// E. SRC specifies a directory and DST does not exist. This should create a
+//    directory at DST and copy the contents of the SRC directory into the DST
+//    directory. Ensure this works whether DST has a trailing path separator or
+//    not.
+func (s *DockerSuite) TestCpToCaseE(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{
+		command: makeCatFileCommand("/testDir/file1-1"),
+	})
+
+	tmpDir := getTestDir(c, "test-cp-to-case-e")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	srcDir := cpPath(tmpDir, "dir1")
+	dstDir := containerCpPath(containerID, "testDir")
+
+	c.Assert(runDockerCp(c, srcDir, dstDir), checker.IsNil)
+
+	// Should now contain file1-1's contents.
+	c.Assert(containerStartOutputEquals(c, containerID, "file1-1\n"), checker.IsNil)
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	// Make new destination container.
+	containerID = makeTestContainer(c, testContainerOptions{
+		command: makeCatFileCommand("/testDir/file1-1"),
+	})
+
+	dstDir = containerCpPathTrailingSep(containerID, "testDir")
+
+	c.Assert(runDockerCp(c, srcDir, dstDir), checker.IsNil)
+
+	// Should now contain file1-1's contents.
+	c.Assert(containerStartOutputEquals(c, containerID, "file1-1\n"), checker.IsNil)
+}
+
+// F. SRC specifies a directory and DST exists as a file. This should cause an
+//    error as it is not possible to overwrite a file with a directory.
+func (s *DockerSuite) TestCpToCaseF(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{
+		addContent: true, workDir: "/root",
+	})
+
+	tmpDir := getTestDir(c, "test-cp-to-case-f")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	srcDir := cpPath(tmpDir, "dir1")
+	dstFile := containerCpPath(containerID, "/root/file1")
+
+	err := runDockerCp(c, srcDir, dstFile)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpCannotCopyDir(err), checker.True, check.Commentf("expected ErrCannotCopyDir error, but got %T: %s", err, err))
+}
+
+// G. SRC specifies a directory and DST exists as a directory. This should copy
+//    the SRC directory and all its contents to the DST directory. Ensure this
+//    works whether DST has a trailing path separator or not.
+func (s *DockerSuite) TestCpToCaseG(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{
+		addContent: true, workDir: "/root",
+		command: makeCatFileCommand("dir2/dir1/file1-1"),
+	})
+
+	tmpDir := getTestDir(c, "test-cp-to-case-g")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	srcDir := cpPath(tmpDir, "dir1")
+	dstDir := containerCpPath(containerID, "/root/dir2")
+
+	// Ensure that dstPath doesn't exist.
+	c.Assert(containerStartOutputEquals(c, containerID, ""), checker.IsNil)
+
+	c.Assert(runDockerCp(c, srcDir, dstDir), checker.IsNil)
+
+	// Should now contain file1-1's contents.
+	c.Assert(containerStartOutputEquals(c, containerID, "file1-1\n"), checker.IsNil)
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	// Make new destination container.
+	containerID = makeTestContainer(c, testContainerOptions{
+		addContent: true,
+		command:    makeCatFileCommand("/dir2/dir1/file1-1"),
+	})
+
+	dstDir = containerCpPathTrailingSep(containerID, "/dir2")
+
+	// Ensure that dstPath doesn't exist.
+	c.Assert(containerStartOutputEquals(c, containerID, ""), checker.IsNil)
+
+	c.Assert(runDockerCp(c, srcDir, dstDir), checker.IsNil)
+
+	// Should now contain file1-1's contents.
+	c.Assert(containerStartOutputEquals(c, containerID, "file1-1\n"), checker.IsNil)
+}
+
+// H. SRC specifies a directory's contents only and DST does not exist. This
+//    should create a directory at DST and copy the contents of the SRC
+//    directory (but not the directory itself) into the DST directory. Ensure
+//    this works whether DST has a trailing path separator or not.
+func (s *DockerSuite) TestCpToCaseH(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{
+		command: makeCatFileCommand("/testDir/file1-1"),
+	})
+
+	tmpDir := getTestDir(c, "test-cp-to-case-h")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	srcDir := cpPathTrailingSep(tmpDir, "dir1") + "."
+	dstDir := containerCpPath(containerID, "testDir")
+
+	c.Assert(runDockerCp(c, srcDir, dstDir), checker.IsNil)
+
+	// Should now contain file1-1's contents.
+	c.Assert(containerStartOutputEquals(c, containerID, "file1-1\n"), checker.IsNil)
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	// Make new destination container.
+	containerID = makeTestContainer(c, testContainerOptions{
+		command: makeCatFileCommand("/testDir/file1-1"),
+	})
+
+	dstDir = containerCpPathTrailingSep(containerID, "testDir")
+
+	c.Assert(runDockerCp(c, srcDir, dstDir), checker.IsNil)
+
+	// Should now contain file1-1's contents.
+	c.Assert(containerStartOutputEquals(c, containerID, "file1-1\n"), checker.IsNil)
+}
+
+// I. SRC specifies a directory's contents only and DST exists as a file. This
+//    should cause an error as it is not possible to overwrite a file with a
+//    directory.
+func (s *DockerSuite) TestCpToCaseI(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{
+		addContent: true, workDir: "/root",
+	})
+
+	tmpDir := getTestDir(c, "test-cp-to-case-i")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	srcDir := cpPathTrailingSep(tmpDir, "dir1") + "."
+	dstFile := containerCpPath(containerID, "/root/file1")
+
+	err := runDockerCp(c, srcDir, dstFile)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpCannotCopyDir(err), checker.True, check.Commentf("expected ErrCannotCopyDir error, but got %T: %s", err, err))
+}
+
+// J. SRC specifies a directory's contents only and DST exists as a directory.
+//    This should copy the contents of the SRC directory (but not the directory
+//    itself) into the DST directory. Ensure this works whether DST has a
+//    trailing path separator or not.
+func (s *DockerSuite) TestCpToCaseJ(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := makeTestContainer(c, testContainerOptions{
+		addContent: true, workDir: "/root",
+		command: makeCatFileCommand("/dir2/file1-1"),
+	})
+
+	tmpDir := getTestDir(c, "test-cp-to-case-j")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	srcDir := cpPathTrailingSep(tmpDir, "dir1") + "."
+	dstDir := containerCpPath(containerID, "/dir2")
+
+	// Ensure that dstPath doesn't exist.
+	c.Assert(containerStartOutputEquals(c, containerID, ""), checker.IsNil)
+
+	c.Assert(runDockerCp(c, srcDir, dstDir), checker.IsNil)
+
+	// Should now contain file1-1's contents.
+	c.Assert(containerStartOutputEquals(c, containerID, "file1-1\n"), checker.IsNil)
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	// Make new destination container.
+	containerID = makeTestContainer(c, testContainerOptions{
+		command: makeCatFileCommand("/dir2/file1-1"),
+	})
+
+	dstDir = containerCpPathTrailingSep(containerID, "/dir2")
+
+	// Ensure that dstPath doesn't exist.
+	c.Assert(containerStartOutputEquals(c, containerID, ""), checker.IsNil)
+
+	c.Assert(runDockerCp(c, srcDir, dstDir), checker.IsNil)
+
+	// Should now contain file1-1's contents.
+	c.Assert(containerStartOutputEquals(c, containerID, "file1-1\n"), checker.IsNil)
+}
+
+// The `docker cp` command should also ensure that you cannot
+// write to a container rootfs that is marked as read-only.
+func (s *DockerSuite) TestCpToErrReadOnlyRootfs(c *check.C) {
+	// --read-only + userns has remount issues
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	tmpDir := getTestDir(c, "test-cp-to-err-read-only-rootfs")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	containerID := makeTestContainer(c, testContainerOptions{
+		readOnly: true, workDir: "/root",
+		command: makeCatFileCommand("shouldNotExist"),
+	})
+
+	srcPath := cpPath(tmpDir, "file1")
+	dstPath := containerCpPath(containerID, "/root/shouldNotExist")
+
+	err := runDockerCp(c, srcPath, dstPath)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpCannotCopyReadOnly(err), checker.True, check.Commentf("expected ErrContainerRootfsReadonly error, but got %T: %s", err, err))
+
+	// Ensure that dstPath doesn't exist.
+	c.Assert(containerStartOutputEquals(c, containerID, ""), checker.IsNil)
+}
+
+// The `docker cp` command should also ensure that you
+// cannot write to a volume that is mounted as read-only.
+func (s *DockerSuite) TestCpToErrReadOnlyVolume(c *check.C) {
+	// --read-only + userns has remount issues
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	tmpDir := getTestDir(c, "test-cp-to-err-read-only-volume")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	containerID := makeTestContainer(c, testContainerOptions{
+		volumes: defaultVolumes(tmpDir), workDir: "/root",
+		command: makeCatFileCommand("/vol_ro/shouldNotExist"),
+	})
+
+	srcPath := cpPath(tmpDir, "file1")
+	dstPath := containerCpPath(containerID, "/vol_ro/shouldNotExist")
+
+	err := runDockerCp(c, srcPath, dstPath)
+	c.Assert(err, checker.NotNil)
+
+	c.Assert(isCpCannotCopyReadOnly(err), checker.True, check.Commentf("expected ErrVolumeReadonly error, but got %T: %s", err, err))
+
+	// Ensure that dstPath doesn't exist.
+	c.Assert(containerStartOutputEquals(c, containerID, ""), checker.IsNil)
+}
diff --git a/integration-cli/docker_cli_cp_to_container_unix_test.go b/integration-cli/docker_cli_cp_to_container_unix_test.go
new file mode 100644
index 00000000..45d85ba5
--- /dev/null
+++ b/integration-cli/docker_cli_cp_to_container_unix_test.go
@@ -0,0 +1,39 @@
+// +build !windows
+
+package main
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/system"
+	"github.com/go-check/check"
+)
+
+// Check ownership is root, both in non-userns and userns enabled modes
+func (s *DockerSuite) TestCpCheckDestOwnership(c *check.C) {
+	testRequires(c, DaemonIsLinux, SameHostDaemon)
+	tmpVolDir := getTestDir(c, "test-cp-tmpvol")
+	containerID := makeTestContainer(c,
+		testContainerOptions{volumes: []string{fmt.Sprintf("%s:/tmpvol", tmpVolDir)}})
+
+	tmpDir := getTestDir(c, "test-cp-to-check-ownership")
+	defer os.RemoveAll(tmpDir)
+
+	makeTestContentInDir(c, tmpDir)
+
+	srcPath := cpPath(tmpDir, "file1")
+	dstPath := containerCpPath(containerID, "/tmpvol", "file1")
+
+	err := runDockerCp(c, srcPath, dstPath)
+	c.Assert(err, checker.IsNil)
+
+	stat, err := system.Stat(filepath.Join(tmpVolDir, "file1"))
+	c.Assert(err, checker.IsNil)
+	uid, gid, err := getRootUIDGID()
+	c.Assert(err, checker.IsNil)
+	c.Assert(stat.UID(), checker.Equals, uint32(uid), check.Commentf("Copied file not owned by container root UID"))
+	c.Assert(stat.GID(), checker.Equals, uint32(gid), check.Commentf("Copied file not owned by container root GID"))
+}
diff --git a/integration-cli/docker_cli_cp_utils.go b/integration-cli/docker_cli_cp_utils.go
new file mode 100644
index 00000000..0501c5d7
--- /dev/null
+++ b/integration-cli/docker_cli_cp_utils.go
@@ -0,0 +1,303 @@
+package main
+
+import (
+	"bytes"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"strings"
+
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+type fileType uint32
+
+const (
+	ftRegular fileType = iota
+	ftDir
+	ftSymlink
+)
+
+type fileData struct {
+	filetype fileType
+	path     string
+	contents string
+}
+
+func (fd fileData) creationCommand() string {
+	var command string
+
+	switch fd.filetype {
+	case ftRegular:
+		// Don't overwrite the file if it already exists!
+		command = fmt.Sprintf("if [ ! -f %s ]; then echo %q > %s; fi", fd.path, fd.contents, fd.path)
+	case ftDir:
+		command = fmt.Sprintf("mkdir -p %s", fd.path)
+	case ftSymlink:
+		command = fmt.Sprintf("ln -fs %s %s", fd.contents, fd.path)
+	}
+
+	return command
+}
+
+func mkFilesCommand(fds []fileData) string {
+	commands := make([]string, len(fds))
+
+	for i, fd := range fds {
+		commands[i] = fd.creationCommand()
+	}
+
+	return strings.Join(commands, " && ")
+}
+
+var defaultFileData = []fileData{
+	{ftRegular, "file1", "file1"},
+	{ftRegular, "file2", "file2"},
+	{ftRegular, "file3", "file3"},
+	{ftRegular, "file4", "file4"},
+	{ftRegular, "file5", "file5"},
+	{ftRegular, "file6", "file6"},
+	{ftRegular, "file7", "file7"},
+	{ftDir, "dir1", ""},
+	{ftRegular, "dir1/file1-1", "file1-1"},
+	{ftRegular, "dir1/file1-2", "file1-2"},
+	{ftDir, "dir2", ""},
+	{ftRegular, "dir2/file2-1", "file2-1"},
+	{ftRegular, "dir2/file2-2", "file2-2"},
+	{ftDir, "dir3", ""},
+	{ftRegular, "dir3/file3-1", "file3-1"},
+	{ftRegular, "dir3/file3-2", "file3-2"},
+	{ftDir, "dir4", ""},
+	{ftRegular, "dir4/file3-1", "file4-1"},
+	{ftRegular, "dir4/file3-2", "file4-2"},
+	{ftDir, "dir5", ""},
+	{ftSymlink, "symlinkToFile1", "file1"},
+	{ftSymlink, "symlinkToDir1", "dir1"},
+	{ftSymlink, "brokenSymlinkToFileX", "fileX"},
+	{ftSymlink, "brokenSymlinkToDirX", "dirX"},
+	{ftSymlink, "symlinkToAbsDir", "/root"},
+}
+
+func defaultMkContentCommand() string {
+	return mkFilesCommand(defaultFileData)
+}
+
+func makeTestContentInDir(c *check.C, dir string) {
+	for _, fd := range defaultFileData {
+		path := filepath.Join(dir, filepath.FromSlash(fd.path))
+		switch fd.filetype {
+		case ftRegular:
+			c.Assert(ioutil.WriteFile(path, []byte(fd.contents+"\n"), os.FileMode(0666)), checker.IsNil)
+		case ftDir:
+			c.Assert(os.Mkdir(path, os.FileMode(0777)), checker.IsNil)
+		case ftSymlink:
+			c.Assert(os.Symlink(fd.contents, path), checker.IsNil)
+		}
+	}
+}
+
+type testContainerOptions struct {
+	addContent bool
+	readOnly   bool
+	volumes    []string
+	workDir    string
+	command    string
+}
+
+func makeTestContainer(c *check.C, options testContainerOptions) (containerID string) {
+	if options.addContent {
+		mkContentCmd := defaultMkContentCommand()
+		if options.command == "" {
+			options.command = mkContentCmd
+		} else {
+			options.command = fmt.Sprintf("%s && %s", defaultMkContentCommand(), options.command)
+		}
+	}
+
+	if options.command == "" {
+		options.command = "#(nop)"
+	}
+
+	args := []string{"run", "-d"}
+
+	for _, volume := range options.volumes {
+		args = append(args, "-v", volume)
+	}
+
+	if options.workDir != "" {
+		args = append(args, "-w", options.workDir)
+	}
+
+	if options.readOnly {
+		args = append(args, "--read-only")
+	}
+
+	args = append(args, "busybox", "/bin/sh", "-c", options.command)
+
+	out, _ := dockerCmd(c, args...)
+
+	containerID = strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "wait", containerID)
+
+	exitCode := strings.TrimSpace(out)
+	if exitCode != "0" {
+		out, _ = dockerCmd(c, "logs", containerID)
+	}
+	c.Assert(exitCode, checker.Equals, "0", check.Commentf("failed to make test container: %s", out))
+
+	return
+}
+
+func makeCatFileCommand(path string) string {
+	return fmt.Sprintf("if [ -f %s ]; then cat %s; fi", path, path)
+}
+
+func cpPath(pathElements ...string) string {
+	localizedPathElements := make([]string, len(pathElements))
+	for i, path := range pathElements {
+		localizedPathElements[i] = filepath.FromSlash(path)
+	}
+	return strings.Join(localizedPathElements, string(filepath.Separator))
+}
+
+func cpPathTrailingSep(pathElements ...string) string {
+	return fmt.Sprintf("%s%c", cpPath(pathElements...), filepath.Separator)
+}
+
+func containerCpPath(containerID string, pathElements ...string) string {
+	joined := strings.Join(pathElements, "/")
+	return fmt.Sprintf("%s:%s", containerID, joined)
+}
+
+func containerCpPathTrailingSep(containerID string, pathElements ...string) string {
+	return fmt.Sprintf("%s/", containerCpPath(containerID, pathElements...))
+}
+
+func runDockerCp(c *check.C, src, dst string) (err error) {
+	c.Logf("running `docker cp %s %s`", src, dst)
+
+	args := []string{"cp", src, dst}
+
+	out, _, err := runCommandWithOutput(exec.Command(dockerBinary, args...))
+	if err != nil {
+		err = fmt.Errorf("error executing `docker cp` command: %s: %s", err, out)
+	}
+
+	return
+}
+
+func startContainerGetOutput(c *check.C, containerID string) (out string, err error) {
+	c.Logf("running `docker start -a %s`", containerID)
+
+	args := []string{"start", "-a", containerID}
+
+	out, _, err = runCommandWithOutput(exec.Command(dockerBinary, args...))
+	if err != nil {
+		err = fmt.Errorf("error executing `docker start` command: %s: %s", err, out)
+	}
+
+	return
+}
+
+func getTestDir(c *check.C, label string) (tmpDir string) {
+	var err error
+
+	tmpDir, err = ioutil.TempDir("", label)
+	// unable to make temporary directory
+	c.Assert(err, checker.IsNil)
+
+	return
+}
+
+func isCpNotExist(err error) bool {
+	return strings.Contains(err.Error(), "no such file or directory") || strings.Contains(err.Error(), "cannot find the file specified")
+}
+
+func isCpDirNotExist(err error) bool {
+	return strings.Contains(err.Error(), archive.ErrDirNotExists.Error())
+}
+
+func isCpNotDir(err error) bool {
+	return strings.Contains(err.Error(), archive.ErrNotDirectory.Error()) || strings.Contains(err.Error(), "filename, directory name, or volume label syntax is incorrect")
+}
+
+func isCpCannotCopyDir(err error) bool {
+	return strings.Contains(err.Error(), archive.ErrCannotCopyDir.Error())
+}
+
+func isCpCannotCopyReadOnly(err error) bool {
+	return strings.Contains(err.Error(), "marked read-only")
+}
+
+func isCannotOverwriteNonDirWithDir(err error) bool {
+	return strings.Contains(err.Error(), "cannot overwrite non-directory")
+}
+
+func fileContentEquals(c *check.C, filename, contents string) (err error) {
+	c.Logf("checking that file %q contains %q\n", filename, contents)
+
+	fileBytes, err := ioutil.ReadFile(filename)
+	if err != nil {
+		return
+	}
+
+	expectedBytes, err := ioutil.ReadAll(strings.NewReader(contents))
+	if err != nil {
+		return
+	}
+
+	if !bytes.Equal(fileBytes, expectedBytes) {
+		err = fmt.Errorf("file content not equal - expected %q, got %q", string(expectedBytes), string(fileBytes))
+	}
+
+	return
+}
+
+func symlinkTargetEquals(c *check.C, symlink, expectedTarget string) (err error) {
+	c.Logf("checking that the symlink %q points to %q\n", symlink, expectedTarget)
+
+	actualTarget, err := os.Readlink(symlink)
+	if err != nil {
+		return
+	}
+
+	if actualTarget != expectedTarget {
+		err = fmt.Errorf("symlink target points to %q not %q", actualTarget, expectedTarget)
+	}
+
+	return
+}
+
+func containerStartOutputEquals(c *check.C, containerID, contents string) (err error) {
+	c.Logf("checking that container %q start output contains %q\n", containerID, contents)
+
+	out, err := startContainerGetOutput(c, containerID)
+	if err != nil {
+		return
+	}
+
+	if out != contents {
+		err = fmt.Errorf("output contents not equal - expected %q, got %q", contents, out)
+	}
+
+	return
+}
+
+func defaultVolumes(tmpDir string) []string {
+	if SameHostDaemon.Condition() {
+		return []string{
+			"/vol1",
+			fmt.Sprintf("%s:/vol2", tmpDir),
+			fmt.Sprintf("%s:/vol3", filepath.Join(tmpDir, "vol3")),
+			fmt.Sprintf("%s:/vol_ro:ro", filepath.Join(tmpDir, "vol_ro")),
+		}
+	}
+
+	// Can't bind-mount volumes with separate host daemon.
+	return []string{"/vol1", "/vol2", "/vol3", "/vol_ro:/vol_ro:ro"}
+}
diff --git a/integration-cli/docker_cli_create_test.go b/integration-cli/docker_cli_create_test.go
new file mode 100644
index 00000000..a22bb3ec
--- /dev/null
+++ b/integration-cli/docker_cli_create_test.go
@@ -0,0 +1,460 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"os"
+	"reflect"
+	"strings"
+	"time"
+
+	"os/exec"
+
+	"io/ioutil"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/go-connections/nat"
+	"github.com/go-check/check"
+)
+
+// Make sure we can create a simple container with some args
+func (s *DockerSuite) TestCreateArgs(c *check.C) {
+	// TODO Windows. This requires further investigation for porting to
+	// Windows CI. Currently fails.
+	if daemonPlatform == "windows" {
+		c.Skip("Fails on Windows CI")
+	}
+	out, _ := dockerCmd(c, "create", "busybox", "command", "arg1", "arg2", "arg with space")
+
+	cleanedContainerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "inspect", cleanedContainerID)
+
+	containers := []struct {
+		ID      string
+		Created time.Time
+		Path    string
+		Args    []string
+		Image   string
+	}{}
+
+	err := json.Unmarshal([]byte(out), &containers)
+	c.Assert(err, check.IsNil, check.Commentf("Error inspecting the container: %s", err))
+	c.Assert(containers, checker.HasLen, 1)
+
+	cont := containers[0]
+	c.Assert(string(cont.Path), checker.Equals, "command", check.Commentf("Unexpected container path. Expected command, received: %s", cont.Path))
+
+	b := false
+	expected := []string{"arg1", "arg2", "arg with space"}
+	for i, arg := range expected {
+		if arg != cont.Args[i] {
+			b = true
+			break
+		}
+	}
+	if len(cont.Args) != len(expected) || b {
+		c.Fatalf("Unexpected args. Expected %v, received: %v", expected, cont.Args)
+	}
+
+}
+
+// Make sure we can set hostconfig options too
+func (s *DockerSuite) TestCreateHostConfig(c *check.C) {
+	out, _ := dockerCmd(c, "create", "-P", "busybox", "echo")
+
+	cleanedContainerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "inspect", cleanedContainerID)
+
+	containers := []struct {
+		HostConfig *struct {
+			PublishAllPorts bool
+		}
+	}{}
+
+	err := json.Unmarshal([]byte(out), &containers)
+	c.Assert(err, check.IsNil, check.Commentf("Error inspecting the container: %s", err))
+	c.Assert(containers, checker.HasLen, 1)
+
+	cont := containers[0]
+	c.Assert(cont.HostConfig, check.NotNil, check.Commentf("Expected HostConfig, got none"))
+	c.Assert(cont.HostConfig.PublishAllPorts, check.NotNil, check.Commentf("Expected PublishAllPorts, got false"))
+}
+
+func (s *DockerSuite) TestCreateWithPortRange(c *check.C) {
+	// Windows does not currently support port ranges.
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "create", "-p", "3300-3303:3300-3303/tcp", "busybox", "echo")
+
+	cleanedContainerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "inspect", cleanedContainerID)
+
+	containers := []struct {
+		HostConfig *struct {
+			PortBindings map[nat.Port][]nat.PortBinding
+		}
+	}{}
+	err := json.Unmarshal([]byte(out), &containers)
+	c.Assert(err, check.IsNil, check.Commentf("Error inspecting the container: %s", err))
+	c.Assert(containers, checker.HasLen, 1)
+
+	cont := containers[0]
+
+	c.Assert(cont.HostConfig, check.NotNil, check.Commentf("Expected HostConfig, got none"))
+	c.Assert(cont.HostConfig.PortBindings, checker.HasLen, 4, check.Commentf("Expected 4 ports bindings, got %d", len(cont.HostConfig.PortBindings)))
+
+	for k, v := range cont.HostConfig.PortBindings {
+		c.Assert(v, checker.HasLen, 1, check.Commentf("Expected 1 ports binding, for the port  %s but found %s", k, v))
+		c.Assert(k.Port(), checker.Equals, v[0].HostPort, check.Commentf("Expected host port %s to match published port %s", k.Port(), v[0].HostPort))
+
+	}
+
+}
+
+func (s *DockerSuite) TestCreateWithLargePortRange(c *check.C) {
+	// Windows does not currently support port ranges.
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "create", "-p", "1-65535:1-65535/tcp", "busybox", "echo")
+
+	cleanedContainerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "inspect", cleanedContainerID)
+
+	containers := []struct {
+		HostConfig *struct {
+			PortBindings map[nat.Port][]nat.PortBinding
+		}
+	}{}
+
+	err := json.Unmarshal([]byte(out), &containers)
+	c.Assert(err, check.IsNil, check.Commentf("Error inspecting the container: %s", err))
+	c.Assert(containers, checker.HasLen, 1)
+
+	cont := containers[0]
+	c.Assert(cont.HostConfig, check.NotNil, check.Commentf("Expected HostConfig, got none"))
+	c.Assert(cont.HostConfig.PortBindings, checker.HasLen, 65535)
+
+	for k, v := range cont.HostConfig.PortBindings {
+		c.Assert(v, checker.HasLen, 1)
+		c.Assert(k.Port(), checker.Equals, v[0].HostPort, check.Commentf("Expected host port %s to match published port %s", k.Port(), v[0].HostPort))
+	}
+
+}
+
+// "test123" should be printed by docker create + start
+func (s *DockerSuite) TestCreateEchoStdout(c *check.C) {
+	out, _ := dockerCmd(c, "create", "busybox", "echo", "test123")
+
+	cleanedContainerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "start", "-ai", cleanedContainerID)
+	c.Assert(out, checker.Equals, "test123\n", check.Commentf("container should've printed 'test123', got %q", out))
+
+}
+
+func (s *DockerSuite) TestCreateVolumesCreated(c *check.C) {
+	testRequires(c, SameHostDaemon)
+	prefix := "/"
+	if daemonPlatform == "windows" {
+		prefix = `c:\`
+	}
+
+	name := "test_create_volume"
+	dockerCmd(c, "create", "--name", name, "-v", prefix+"foo", "busybox")
+
+	dir, err := inspectMountSourceField(name, prefix+"foo")
+	c.Assert(err, check.IsNil, check.Commentf("Error getting volume host path: %q", err))
+
+	if _, err := os.Stat(dir); err != nil && os.IsNotExist(err) {
+		c.Fatalf("Volume was not created")
+	}
+	if err != nil {
+		c.Fatalf("Error statting volume host path: %q", err)
+	}
+
+}
+
+func (s *DockerSuite) TestCreateLabels(c *check.C) {
+	name := "test_create_labels"
+	expected := map[string]string{"k1": "v1", "k2": "v2"}
+	dockerCmd(c, "create", "--name", name, "-l", "k1=v1", "--label", "k2=v2", "busybox")
+
+	actual := make(map[string]string)
+	inspectFieldAndMarshall(c, name, "Config.Labels", &actual)
+
+	if !reflect.DeepEqual(expected, actual) {
+		c.Fatalf("Expected %s got %s", expected, actual)
+	}
+}
+
+func (s *DockerSuite) TestCreateLabelFromImage(c *check.C) {
+	imageName := "testcreatebuildlabel"
+	_, err := buildImage(imageName,
+		`FROM busybox
+		LABEL k1=v1 k2=v2`,
+		true)
+
+	c.Assert(err, check.IsNil)
+
+	name := "test_create_labels_from_image"
+	expected := map[string]string{"k2": "x", "k3": "v3", "k1": "v1"}
+	dockerCmd(c, "create", "--name", name, "-l", "k2=x", "--label", "k3=v3", imageName)
+
+	actual := make(map[string]string)
+	inspectFieldAndMarshall(c, name, "Config.Labels", &actual)
+
+	if !reflect.DeepEqual(expected, actual) {
+		c.Fatalf("Expected %s got %s", expected, actual)
+	}
+}
+
+func (s *DockerSuite) TestCreateHostnameWithNumber(c *check.C) {
+	// TODO Windows. Consider enabling this in TP5 timeframe if Windows support
+	// is fully hooked up. The hostname is passed through, but only to the
+	// environment variable "COMPUTERNAME". It is not hooked up to hostname.exe
+	// or returned in ipconfig. Needs platform support in networking.
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-h", "web.0", "busybox", "hostname")
+	c.Assert(strings.TrimSpace(out), checker.Equals, "web.0", check.Commentf("hostname not set, expected `web.0`, got: %s", out))
+
+}
+
+func (s *DockerSuite) TestCreateRM(c *check.C) {
+	// Test to make sure we can 'rm' a new container that is in
+	// "Created" state, and has ever been run. Test "rm -f" too.
+
+	// create a container
+	out, _ := dockerCmd(c, "create", "busybox")
+	cID := strings.TrimSpace(out)
+
+	dockerCmd(c, "rm", cID)
+
+	// Now do it again so we can "rm -f" this time
+	out, _ = dockerCmd(c, "create", "busybox")
+
+	cID = strings.TrimSpace(out)
+	dockerCmd(c, "rm", "-f", cID)
+}
+
+func (s *DockerSuite) TestCreateModeIpcContainer(c *check.C) {
+	// Uses Linux specific functionality (--ipc)
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, SameHostDaemon, NotUserNamespace)
+
+	out, _ := dockerCmd(c, "create", "busybox")
+	id := strings.TrimSpace(out)
+
+	dockerCmd(c, "create", fmt.Sprintf("--ipc=container:%s", id), "busybox")
+}
+
+func (s *DockerSuite) TestCreateByImageID(c *check.C) {
+	imageName := "testcreatebyimageid"
+	imageID, err := buildImage(imageName,
+		`FROM busybox
+		MAINTAINER dockerio`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	truncatedImageID := stringid.TruncateID(imageID)
+
+	dockerCmd(c, "create", imageID)
+	dockerCmd(c, "create", truncatedImageID)
+	dockerCmd(c, "create", fmt.Sprintf("%s:%s", imageName, truncatedImageID))
+
+	// Ensure this fails
+	out, exit, _ := dockerCmdWithError("create", fmt.Sprintf("%s:%s", imageName, imageID))
+	if exit == 0 {
+		c.Fatalf("expected non-zero exit code; received %d", exit)
+	}
+
+	if expected := "Error parsing reference"; !strings.Contains(out, expected) {
+		c.Fatalf(`Expected %q in output; got: %s`, expected, out)
+	}
+
+	out, exit, _ = dockerCmdWithError("create", fmt.Sprintf("%s:%s", "wrongimage", truncatedImageID))
+	if exit == 0 {
+		c.Fatalf("expected non-zero exit code; received %d", exit)
+	}
+
+	if expected := "Unable to find image"; !strings.Contains(out, expected) {
+		c.Fatalf(`Expected %q in output; got: %s`, expected, out)
+	}
+}
+
+func (s *DockerTrustSuite) TestTrustedCreate(c *check.C) {
+	repoName := s.setupTrustedImage(c, "trusted-create")
+
+	// Try create
+	createCmd := exec.Command(dockerBinary, "create", repoName)
+	s.trustedCmd(createCmd)
+	out, _, err := runCommandWithOutput(createCmd)
+	c.Assert(err, check.IsNil)
+	c.Assert(string(out), checker.Contains, "Tagging", check.Commentf("Missing expected output on trusted push:\n%s", out))
+
+	dockerCmd(c, "rmi", repoName)
+
+	// Try untrusted create to ensure we pushed the tag to the registry
+	createCmd = exec.Command(dockerBinary, "create", "--disable-content-trust=true", repoName)
+	s.trustedCmd(createCmd)
+	out, _, err = runCommandWithOutput(createCmd)
+	c.Assert(err, check.IsNil)
+	c.Assert(string(out), checker.Contains, "Status: Downloaded", check.Commentf("Missing expected output on trusted create with --disable-content-trust:\n%s", out))
+
+}
+
+func (s *DockerTrustSuite) TestUntrustedCreate(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockercliuntrusted/createtest", privateRegistryURL)
+	withTagName := fmt.Sprintf("%s:latest", repoName)
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", withTagName)
+	dockerCmd(c, "push", withTagName)
+	dockerCmd(c, "rmi", withTagName)
+
+	// Try trusted create on untrusted tag
+	createCmd := exec.Command(dockerBinary, "create", withTagName)
+	s.trustedCmd(createCmd)
+	out, _, err := runCommandWithOutput(createCmd)
+	c.Assert(err, check.Not(check.IsNil))
+	c.Assert(string(out), checker.Contains, fmt.Sprintf("does not have trust data for %s", repoName), check.Commentf("Missing expected output on trusted create:\n%s", out))
+
+}
+
+func (s *DockerTrustSuite) TestTrustedIsolatedCreate(c *check.C) {
+	repoName := s.setupTrustedImage(c, "trusted-isolated-create")
+
+	// Try create
+	createCmd := exec.Command(dockerBinary, "--config", "/tmp/docker-isolated-create", "create", repoName)
+	s.trustedCmd(createCmd)
+	out, _, err := runCommandWithOutput(createCmd)
+	c.Assert(err, check.IsNil)
+	c.Assert(string(out), checker.Contains, "Tagging", check.Commentf("Missing expected output on trusted push:\n%s", out))
+
+	dockerCmd(c, "rmi", repoName)
+}
+
+func (s *DockerTrustSuite) TestCreateWhenCertExpired(c *check.C) {
+	c.Skip("Currently changes system time, causing instability")
+	repoName := s.setupTrustedImage(c, "trusted-create-expired")
+
+	// Certificates have 10 years of expiration
+	elevenYearsFromNow := time.Now().Add(time.Hour * 24 * 365 * 11)
+
+	runAtDifferentDate(elevenYearsFromNow, func() {
+		// Try create
+		createCmd := exec.Command(dockerBinary, "create", repoName)
+		s.trustedCmd(createCmd)
+		out, _, err := runCommandWithOutput(createCmd)
+		c.Assert(err, check.Not(check.IsNil))
+		c.Assert(string(out), checker.Contains, "could not validate the path to a trusted root", check.Commentf("Missing expected output on trusted create in the distant future:\n%s", out))
+	})
+
+	runAtDifferentDate(elevenYearsFromNow, func() {
+		// Try create
+		createCmd := exec.Command(dockerBinary, "create", "--disable-content-trust", repoName)
+		s.trustedCmd(createCmd)
+		out, _, err := runCommandWithOutput(createCmd)
+		c.Assert(err, check.Not(check.IsNil))
+		c.Assert(string(out), checker.Contains, "Status: Downloaded", check.Commentf("Missing expected output on trusted create in the distant future:\n%s", out))
+
+	})
+}
+
+func (s *DockerTrustSuite) TestTrustedCreateFromBadTrustServer(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockerclievilcreate/trusted:latest", privateRegistryURL)
+	evilLocalConfigDir, err := ioutil.TempDir("", "evilcreate-local-config-dir")
+	c.Assert(err, check.IsNil)
+
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+
+	pushCmd := exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil)
+	c.Assert(string(out), checker.Contains, "Signing and pushing trust metadata", check.Commentf("Missing expected output on trusted push:\n%s", out))
+
+	dockerCmd(c, "rmi", repoName)
+
+	// Try create
+	createCmd := exec.Command(dockerBinary, "create", repoName)
+	s.trustedCmd(createCmd)
+	out, _, err = runCommandWithOutput(createCmd)
+	c.Assert(err, check.IsNil)
+	c.Assert(string(out), checker.Contains, "Tagging", check.Commentf("Missing expected output on trusted push:\n%s", out))
+
+	dockerCmd(c, "rmi", repoName)
+
+	// Kill the notary server, start a new "evil" one.
+	s.not.Close()
+	s.not, err = newTestNotary(c)
+	c.Assert(err, check.IsNil)
+
+	// In order to make an evil server, lets re-init a client (with a different trust dir) and push new data.
+	// tag an image and upload it to the private registry
+	dockerCmd(c, "--config", evilLocalConfigDir, "tag", "busybox", repoName)
+
+	// Push up to the new server
+	pushCmd = exec.Command(dockerBinary, "--config", evilLocalConfigDir, "push", repoName)
+	s.trustedCmd(pushCmd)
+	out, _, err = runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil)
+	c.Assert(string(out), checker.Contains, "Signing and pushing trust metadata", check.Commentf("Missing expected output on trusted push:\n%s", out))
+
+	// Now, try creating with the original client from this new trust server. This should fallback to our cached timestamp and metadata.
+	createCmd = exec.Command(dockerBinary, "create", repoName)
+	s.trustedCmd(createCmd)
+	out, _, err = runCommandWithOutput(createCmd)
+	if err != nil {
+		c.Fatalf("Error falling back to cached trust data: %s\n%s", err, out)
+	}
+	if !strings.Contains(string(out), "Error while downloading remote metadata, using cached timestamp") {
+		c.Fatalf("Missing expected output on trusted create:\n%s", out)
+	}
+
+}
+
+func (s *DockerSuite) TestCreateStopSignal(c *check.C) {
+	name := "test_create_stop_signal"
+	dockerCmd(c, "create", "--name", name, "--stop-signal", "9", "busybox")
+
+	res := inspectFieldJSON(c, name, "Config.StopSignal")
+	c.Assert(res, checker.Contains, "9")
+
+}
+
+func (s *DockerSuite) TestCreateWithWorkdir(c *check.C) {
+	// TODO Windows. This requires further investigation for porting to
+	// Windows CI. Currently fails.
+	if daemonPlatform == "windows" {
+		c.Skip("Fails on Windows CI")
+	}
+	name := "foo"
+
+	prefix, slash := getPrefixAndSlashFromDaemonPlatform()
+	dir := prefix + slash + "home" + slash + "foo" + slash + "bar"
+
+	dockerCmd(c, "create", "--name", name, "-w", dir, "busybox")
+	dockerCmd(c, "cp", fmt.Sprintf("%s:%s", name, dir), prefix+slash+"tmp")
+}
+
+func (s *DockerSuite) TestCreateWithInvalidLogOpts(c *check.C) {
+	name := "test-invalidate-log-opts"
+	out, _, err := dockerCmdWithError("create", "--name", name, "--log-opt", "invalid=true", "busybox")
+	c.Assert(err, checker.NotNil)
+	c.Assert(out, checker.Contains, "unknown log opt")
+
+	out, _ = dockerCmd(c, "ps", "-a")
+	c.Assert(out, checker.Not(checker.Contains), name)
+}
+
+// #20972
+func (s *DockerSuite) TestCreate64ByteHexID(c *check.C) {
+	out := inspectField(c, "busybox", "Id")
+	imageID := strings.TrimPrefix(strings.TrimSpace(string(out)), "sha256:")
+
+	dockerCmd(c, "create", imageID)
+}
diff --git a/integration-cli/docker_cli_daemon_experimental_test.go b/integration-cli/docker_cli_daemon_experimental_test.go
new file mode 100644
index 00000000..fea887d7
--- /dev/null
+++ b/integration-cli/docker_cli_daemon_experimental_test.go
@@ -0,0 +1,195 @@
+// +build daemon,!windows,experimental
+
+package main
+
+import (
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"strings"
+	"time"
+
+	"github.com/go-check/check"
+)
+
+// TestDaemonRestartWithKilledRunningContainer requires live restore of running containers
+func (s *DockerDaemonSuite) TestDaemonRestartWithKilledRunningContainer(t *check.C) {
+	// TODO(mlaventure): Not sure what would the exit code be on windows
+	testRequires(t, DaemonIsLinux)
+	if err := s.d.StartWithBusybox(); err != nil {
+		t.Fatal(err)
+	}
+
+	cid, err := s.d.Cmd("run", "-d", "--name", "test", "busybox", "top")
+	defer s.d.Stop()
+	if err != nil {
+		t.Fatal(cid, err)
+	}
+	cid = strings.TrimSpace(cid)
+
+	// Kill the daemon
+	if err := s.d.Kill(); err != nil {
+		t.Fatal(err)
+	}
+
+	// kill the container
+	runCmd := exec.Command(ctrBinary, "--address", "/var/run/docker/libcontainerd/docker-containerd.sock", "containers", "kill", cid)
+	if out, ec, err := runCommandWithOutput(runCmd); err != nil {
+		t.Fatalf("Failed to run ctr, ExitCode: %d, err: '%v' output: '%s' cid: '%s'\n", ec, err, out, cid)
+	}
+
+	// Give time to containerd to process the command if we don't
+	// the exit event might be received after we do the inspect
+	time.Sleep(3 * time.Second)
+
+	// restart the daemon
+	if err := s.d.Start(); err != nil {
+		t.Fatal(err)
+	}
+
+	// Check that we've got the correct exit code
+	out, err := s.d.Cmd("inspect", "-f", "{{.State.ExitCode}}", cid)
+	t.Assert(err, check.IsNil)
+
+	out = strings.TrimSpace(out)
+	if out != "143" {
+		t.Fatalf("Expected exit code '%s' got '%s' for container '%s'\n", "143", out, cid)
+	}
+
+}
+
+// os.Kill should kill daemon ungracefully, leaving behind live containers.
+// The live containers should be known to the restarted daemon. Stopping
+// them now, should remove the mounts.
+func (s *DockerDaemonSuite) TestCleanupMountsAfterDaemonCrash(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	c.Assert(s.d.StartWithBusybox(), check.IsNil)
+
+	out, err := s.d.Cmd("run", "-d", "busybox", "top")
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", out))
+	id := strings.TrimSpace(out)
+
+	c.Assert(s.d.cmd.Process.Signal(os.Kill), check.IsNil)
+	mountOut, err := ioutil.ReadFile("/proc/self/mountinfo")
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", mountOut))
+
+	// container mounts should exist even after daemon has crashed.
+	comment := check.Commentf("%s should stay mounted from older daemon start:\nDaemon root repository %s\n%s", id, s.d.folder, mountOut)
+	c.Assert(strings.Contains(string(mountOut), id), check.Equals, true, comment)
+
+	// restart daemon.
+	if err := s.d.Restart(); err != nil {
+		c.Fatal(err)
+	}
+
+	// container should be running.
+	out, err = s.d.Cmd("inspect", "--format='{{.State.Running}}'", id)
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", out))
+	out = strings.TrimSpace(out)
+	if out != "true" {
+		c.Fatalf("Container %s expected to stay alive after daemon restart", id)
+	}
+
+	// 'docker stop' should work.
+	out, err = s.d.Cmd("stop", id)
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", out))
+
+	// Now, container mounts should be gone.
+	mountOut, err = ioutil.ReadFile("/proc/self/mountinfo")
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", mountOut))
+	comment = check.Commentf("%s is still mounted from older daemon start:\nDaemon root repository %s\n%s", id, s.d.folder, mountOut)
+	c.Assert(strings.Contains(string(mountOut), id), check.Equals, false, comment)
+}
+
+// TestDaemonRestartWithPausedRunningContainer requires live restore of running containers
+func (s *DockerDaemonSuite) TestDaemonRestartWithPausedRunningContainer(t *check.C) {
+	if err := s.d.StartWithBusybox(); err != nil {
+		t.Fatal(err)
+	}
+
+	cid, err := s.d.Cmd("run", "-d", "--name", "test", "busybox", "top")
+	defer s.d.Stop()
+	if err != nil {
+		t.Fatal(cid, err)
+	}
+	cid = strings.TrimSpace(cid)
+
+	// Kill the daemon
+	if err := s.d.Kill(); err != nil {
+		t.Fatal(err)
+	}
+
+	// kill the container
+	runCmd := exec.Command(ctrBinary, "--address", "/var/run/docker/libcontainerd/docker-containerd.sock", "containers", "pause", cid)
+	if out, ec, err := runCommandWithOutput(runCmd); err != nil {
+		t.Fatalf("Failed to run ctr, ExitCode: %d, err: '%v' output: '%s' cid: '%s'\n", ec, err, out, cid)
+	}
+
+	// Give time to containerd to process the command if we don't
+	// the pause event might be received after we do the inspect
+	time.Sleep(3 * time.Second)
+
+	// restart the daemon
+	if err := s.d.Start(); err != nil {
+		t.Fatal(err)
+	}
+
+	// Check that we've got the correct status
+	out, err := s.d.Cmd("inspect", "-f", "{{.State.Status}}", cid)
+	t.Assert(err, check.IsNil)
+
+	out = strings.TrimSpace(out)
+	if out != "paused" {
+		t.Fatalf("Expected exit code '%s' got '%s' for container '%s'\n", "paused", out, cid)
+	}
+}
+
+// TestDaemonRestartWithUnpausedRunningContainer requires live restore of running containers.
+func (s *DockerDaemonSuite) TestDaemonRestartWithUnpausedRunningContainer(t *check.C) {
+	// TODO(mlaventure): Not sure what would the exit code be on windows
+	testRequires(t, DaemonIsLinux)
+	if err := s.d.StartWithBusybox(); err != nil {
+		t.Fatal(err)
+	}
+
+	cid, err := s.d.Cmd("run", "-d", "--name", "test", "busybox", "top")
+	defer s.d.Stop()
+	if err != nil {
+		t.Fatal(cid, err)
+	}
+	cid = strings.TrimSpace(cid)
+
+	// pause the container
+	if _, err := s.d.Cmd("pause", cid); err != nil {
+		t.Fatal(cid, err)
+	}
+
+	// Kill the daemon
+	if err := s.d.Kill(); err != nil {
+		t.Fatal(err)
+	}
+
+	// resume the container
+	runCmd := exec.Command(ctrBinary, "--address", "/var/run/docker/libcontainerd/docker-containerd.sock", "containers", "resume", cid)
+	if out, ec, err := runCommandWithOutput(runCmd); err != nil {
+		t.Fatalf("Failed to run ctr, ExitCode: %d, err: '%v' output: '%s' cid: '%s'\n", ec, err, out, cid)
+	}
+
+	// Give time to containerd to process the command if we don't
+	// the resume event might be received after we do the inspect
+	time.Sleep(3 * time.Second)
+
+	// restart the daemon
+	if err := s.d.Start(); err != nil {
+		t.Fatal(err)
+	}
+
+	// Check that we've got the correct status
+	out, err := s.d.Cmd("inspect", "-f", "{{.State.Status}}", cid)
+	t.Assert(err, check.IsNil)
+
+	out = strings.TrimSpace(out)
+	if out != "running" {
+		t.Fatalf("Expected exit code '%s' got '%s' for container '%s'\n", "running", out, cid)
+	}
+}
diff --git a/integration-cli/docker_cli_daemon_not_experimental_test.go b/integration-cli/docker_cli_daemon_not_experimental_test.go
new file mode 100644
index 00000000..8c5634cc
--- /dev/null
+++ b/integration-cli/docker_cli_daemon_not_experimental_test.go
@@ -0,0 +1,59 @@
+// +build daemon,!windows,!experimental
+
+package main
+
+import (
+	"io/ioutil"
+	"os"
+	"strings"
+
+	"github.com/go-check/check"
+)
+
+// os.Kill should kill daemon ungracefully, leaving behind container mounts.
+// A subsequent daemon restart shoud clean up said mounts.
+func (s *DockerDaemonSuite) TestCleanupMountsAfterDaemonKill(c *check.C) {
+	c.Assert(s.d.StartWithBusybox(), check.IsNil)
+
+	out, err := s.d.Cmd("run", "-d", "busybox", "top")
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", out))
+	id := strings.TrimSpace(out)
+	c.Assert(s.d.cmd.Process.Signal(os.Kill), check.IsNil)
+	mountOut, err := ioutil.ReadFile("/proc/self/mountinfo")
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", mountOut))
+
+	// container mounts should exist even after daemon has crashed.
+	comment := check.Commentf("%s should stay mounted from older daemon start:\nDaemon root repository %s\n%s", id, s.d.folder, mountOut)
+	c.Assert(strings.Contains(string(mountOut), id), check.Equals, true, comment)
+
+	// restart daemon.
+	if err := s.d.Restart(); err != nil {
+		c.Fatal(err)
+	}
+
+	// Now, container mounts should be gone.
+	mountOut, err = ioutil.ReadFile("/proc/self/mountinfo")
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", mountOut))
+	comment = check.Commentf("%s is still mounted from older daemon start:\nDaemon root repository %s\n%s", id, s.d.folder, mountOut)
+	c.Assert(strings.Contains(string(mountOut), id), check.Equals, false, comment)
+}
+
+// #22913
+func (s *DockerDaemonSuite) TestContainerStartAfterDaemonKill(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	c.Assert(s.d.StartWithBusybox(), check.IsNil)
+
+	// the application is chosen so it generates output and doesn't react to SIGTERM
+	out, err := s.d.Cmd("run", "-d", "busybox", "sh", "-c", "while true;do date;done")
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", out))
+	id := strings.TrimSpace(out)
+	c.Assert(s.d.cmd.Process.Signal(os.Kill), check.IsNil)
+
+	// restart daemon.
+	if err := s.d.Restart(); err != nil {
+		c.Fatal(err)
+	}
+
+	out, err = s.d.Cmd("start", id)
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", out))
+}
diff --git a/integration-cli/docker_cli_daemon_test.go b/integration-cli/docker_cli_daemon_test.go
new file mode 100644
index 00000000..348653bf
--- /dev/null
+++ b/integration-cli/docker_cli_daemon_test.go
@@ -0,0 +1,2161 @@
+// +build daemon,!windows
+
+package main
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net"
+	"os"
+	"os/exec"
+	"path"
+	"path/filepath"
+	"regexp"
+	"strconv"
+	"strings"
+	"sync"
+	"syscall"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/mount"
+	"github.com/docker/go-units"
+	"github.com/docker/libnetwork/iptables"
+	"github.com/docker/libtrust"
+	"github.com/go-check/check"
+	"github.com/kr/pty"
+)
+
+func (s *DockerDaemonSuite) TestDaemonRestartWithRunningContainersPorts(c *check.C) {
+	if err := s.d.StartWithBusybox(); err != nil {
+		c.Fatalf("Could not start daemon with busybox: %v", err)
+	}
+
+	if out, err := s.d.Cmd("run", "-d", "--name", "top1", "-p", "1234:80", "--restart", "always", "busybox:latest", "top"); err != nil {
+		c.Fatalf("Could not run top1: err=%v\n%s", err, out)
+	}
+	// --restart=no by default
+	if out, err := s.d.Cmd("run", "-d", "--name", "top2", "-p", "80", "busybox:latest", "top"); err != nil {
+		c.Fatalf("Could not run top2: err=%v\n%s", err, out)
+	}
+
+	testRun := func(m map[string]bool, prefix string) {
+		var format string
+		for cont, shouldRun := range m {
+			out, err := s.d.Cmd("ps")
+			if err != nil {
+				c.Fatalf("Could not run ps: err=%v\n%q", err, out)
+			}
+			if shouldRun {
+				format = "%scontainer %q is not running"
+			} else {
+				format = "%scontainer %q is running"
+			}
+			if shouldRun != strings.Contains(out, cont) {
+				c.Fatalf(format, prefix, cont)
+			}
+		}
+	}
+
+	testRun(map[string]bool{"top1": true, "top2": true}, "")
+
+	if err := s.d.Restart(); err != nil {
+		c.Fatalf("Could not restart daemon: %v", err)
+	}
+	testRun(map[string]bool{"top1": true, "top2": false}, "After daemon restart: ")
+}
+
+func (s *DockerDaemonSuite) TestDaemonRestartWithVolumesRefs(c *check.C) {
+	if err := s.d.StartWithBusybox(); err != nil {
+		c.Fatal(err)
+	}
+
+	if out, err := s.d.Cmd("run", "--name", "volrestarttest1", "-v", "/foo", "busybox"); err != nil {
+		c.Fatal(err, out)
+	}
+
+	if err := s.d.Restart(); err != nil {
+		c.Fatal(err)
+	}
+
+	if _, err := s.d.Cmd("run", "-d", "--volumes-from", "volrestarttest1", "--name", "volrestarttest2", "busybox", "top"); err != nil {
+		c.Fatal(err)
+	}
+
+	if out, err := s.d.Cmd("rm", "-fv", "volrestarttest2"); err != nil {
+		c.Fatal(err, out)
+	}
+
+	out, err := s.d.Cmd("inspect", "-f", "{{json .Mounts}}", "volrestarttest1")
+	c.Assert(err, check.IsNil)
+
+	if _, err := inspectMountPointJSON(out, "/foo"); err != nil {
+		c.Fatalf("Expected volume to exist: /foo, error: %v\n", err)
+	}
+}
+
+// #11008
+func (s *DockerDaemonSuite) TestDaemonRestartUnlessStopped(c *check.C) {
+	err := s.d.StartWithBusybox()
+	c.Assert(err, check.IsNil)
+
+	out, err := s.d.Cmd("run", "-d", "--name", "top1", "--restart", "always", "busybox:latest", "top")
+	c.Assert(err, check.IsNil, check.Commentf("run top1: %v", out))
+
+	out, err = s.d.Cmd("run", "-d", "--name", "top2", "--restart", "unless-stopped", "busybox:latest", "top")
+	c.Assert(err, check.IsNil, check.Commentf("run top2: %v", out))
+
+	testRun := func(m map[string]bool, prefix string) {
+		var format string
+		for name, shouldRun := range m {
+			out, err := s.d.Cmd("ps")
+			c.Assert(err, check.IsNil, check.Commentf("run ps: %v", out))
+			if shouldRun {
+				format = "%scontainer %q is not running"
+			} else {
+				format = "%scontainer %q is running"
+			}
+			c.Assert(strings.Contains(out, name), check.Equals, shouldRun, check.Commentf(format, prefix, name))
+		}
+	}
+
+	// both running
+	testRun(map[string]bool{"top1": true, "top2": true}, "")
+
+	out, err = s.d.Cmd("stop", "top1")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	out, err = s.d.Cmd("stop", "top2")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	// both stopped
+	testRun(map[string]bool{"top1": false, "top2": false}, "")
+
+	err = s.d.Restart()
+	c.Assert(err, check.IsNil)
+
+	// restart=always running
+	testRun(map[string]bool{"top1": true, "top2": false}, "After daemon restart: ")
+
+	out, err = s.d.Cmd("start", "top2")
+	c.Assert(err, check.IsNil, check.Commentf("start top2: %v", out))
+
+	err = s.d.Restart()
+	c.Assert(err, check.IsNil)
+
+	// both running
+	testRun(map[string]bool{"top1": true, "top2": true}, "After second daemon restart: ")
+
+}
+
+func (s *DockerDaemonSuite) TestDaemonStartIptablesFalse(c *check.C) {
+	if err := s.d.Start("--iptables=false"); err != nil {
+		c.Fatalf("we should have been able to start the daemon with passing iptables=false: %v", err)
+	}
+}
+
+// Make sure we cannot shrink base device at daemon restart.
+func (s *DockerDaemonSuite) TestDaemonRestartWithInvalidBasesize(c *check.C) {
+	testRequires(c, Devicemapper)
+	c.Assert(s.d.Start(), check.IsNil)
+
+	oldBasesizeBytes := s.d.getBaseDeviceSize(c)
+	var newBasesizeBytes int64 = 1073741824 //1GB in bytes
+
+	if newBasesizeBytes < oldBasesizeBytes {
+		err := s.d.Restart("--storage-opt", fmt.Sprintf("dm.basesize=%d", newBasesizeBytes))
+		c.Assert(err, check.IsNil, check.Commentf("daemon should not have started as new base device size is less than existing base device size: %v", err))
+	}
+	c.Assert(s.d.Stop(), check.IsNil)
+}
+
+// Make sure we can grow base device at daemon restart.
+func (s *DockerDaemonSuite) TestDaemonRestartWithIncreasedBasesize(c *check.C) {
+	testRequires(c, Devicemapper)
+	c.Assert(s.d.Start(), check.IsNil)
+
+	oldBasesizeBytes := s.d.getBaseDeviceSize(c)
+
+	var newBasesizeBytes int64 = 53687091200 //50GB in bytes
+
+	if newBasesizeBytes < oldBasesizeBytes {
+		c.Skip(fmt.Sprintf("New base device size (%v) must be greater than (%s)", units.HumanSize(float64(newBasesizeBytes)), units.HumanSize(float64(oldBasesizeBytes))))
+	}
+
+	err := s.d.Restart("--storage-opt", fmt.Sprintf("dm.basesize=%d", newBasesizeBytes))
+	c.Assert(err, check.IsNil, check.Commentf("we should have been able to start the daemon with increased base device size: %v", err))
+
+	basesizeAfterRestart := s.d.getBaseDeviceSize(c)
+	newBasesize, err := convertBasesize(newBasesizeBytes)
+	c.Assert(err, check.IsNil, check.Commentf("Error in converting base device size: %v", err))
+	c.Assert(newBasesize, check.Equals, basesizeAfterRestart, check.Commentf("Basesize passed is not equal to Basesize set"))
+	c.Assert(s.d.Stop(), check.IsNil)
+}
+
+// Issue #8444: If docker0 bridge is modified (intentionally or unintentionally) and
+// no longer has an IP associated, we should gracefully handle that case and associate
+// an IP with it rather than fail daemon start
+func (s *DockerDaemonSuite) TestDaemonStartBridgeWithoutIPAssociation(c *check.C) {
+	// rather than depending on brctl commands to verify docker0 is created and up
+	// let's start the daemon and stop it, and then make a modification to run the
+	// actual test
+	if err := s.d.Start(); err != nil {
+		c.Fatalf("Could not start daemon: %v", err)
+	}
+	if err := s.d.Stop(); err != nil {
+		c.Fatalf("Could not stop daemon: %v", err)
+	}
+
+	// now we will remove the ip from docker0 and then try starting the daemon
+	ipCmd := exec.Command("ip", "addr", "flush", "dev", "docker0")
+	stdout, stderr, _, err := runCommandWithStdoutStderr(ipCmd)
+	if err != nil {
+		c.Fatalf("failed to remove docker0 IP association: %v, stdout: %q, stderr: %q", err, stdout, stderr)
+	}
+
+	if err := s.d.Start(); err != nil {
+		warning := "**WARNING: Docker bridge network in bad state--delete docker0 bridge interface to fix"
+		c.Fatalf("Could not start daemon when docker0 has no IP address: %v\n%s", err, warning)
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonIptablesClean(c *check.C) {
+	if err := s.d.StartWithBusybox(); err != nil {
+		c.Fatalf("Could not start daemon with busybox: %v", err)
+	}
+
+	if out, err := s.d.Cmd("run", "-d", "--name", "top", "-p", "80", "busybox:latest", "top"); err != nil {
+		c.Fatalf("Could not run top: %s, %v", out, err)
+	}
+
+	// get output from iptables with container running
+	ipTablesSearchString := "tcp dpt:80"
+	ipTablesCmd := exec.Command("iptables", "-nvL")
+	out, _, err := runCommandWithOutput(ipTablesCmd)
+	if err != nil {
+		c.Fatalf("Could not run iptables -nvL: %s, %v", out, err)
+	}
+
+	if !strings.Contains(out, ipTablesSearchString) {
+		c.Fatalf("iptables output should have contained %q, but was %q", ipTablesSearchString, out)
+	}
+
+	if err := s.d.Stop(); err != nil {
+		c.Fatalf("Could not stop daemon: %v", err)
+	}
+
+	// get output from iptables after restart
+	ipTablesCmd = exec.Command("iptables", "-nvL")
+	out, _, err = runCommandWithOutput(ipTablesCmd)
+	if err != nil {
+		c.Fatalf("Could not run iptables -nvL: %s, %v", out, err)
+	}
+
+	if strings.Contains(out, ipTablesSearchString) {
+		c.Fatalf("iptables output should not have contained %q, but was %q", ipTablesSearchString, out)
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonIptablesCreate(c *check.C) {
+	if err := s.d.StartWithBusybox(); err != nil {
+		c.Fatalf("Could not start daemon with busybox: %v", err)
+	}
+
+	if out, err := s.d.Cmd("run", "-d", "--name", "top", "--restart=always", "-p", "80", "busybox:latest", "top"); err != nil {
+		c.Fatalf("Could not run top: %s, %v", out, err)
+	}
+
+	// get output from iptables with container running
+	ipTablesSearchString := "tcp dpt:80"
+	ipTablesCmd := exec.Command("iptables", "-nvL")
+	out, _, err := runCommandWithOutput(ipTablesCmd)
+	if err != nil {
+		c.Fatalf("Could not run iptables -nvL: %s, %v", out, err)
+	}
+
+	if !strings.Contains(out, ipTablesSearchString) {
+		c.Fatalf("iptables output should have contained %q, but was %q", ipTablesSearchString, out)
+	}
+
+	if err := s.d.Restart(); err != nil {
+		c.Fatalf("Could not restart daemon: %v", err)
+	}
+
+	// make sure the container is not running
+	runningOut, err := s.d.Cmd("inspect", "--format='{{.State.Running}}'", "top")
+	if err != nil {
+		c.Fatalf("Could not inspect on container: %s, %v", out, err)
+	}
+	if strings.TrimSpace(runningOut) != "true" {
+		c.Fatalf("Container should have been restarted after daemon restart. Status running should have been true but was: %q", strings.TrimSpace(runningOut))
+	}
+
+	// get output from iptables after restart
+	ipTablesCmd = exec.Command("iptables", "-nvL")
+	out, _, err = runCommandWithOutput(ipTablesCmd)
+	if err != nil {
+		c.Fatalf("Could not run iptables -nvL: %s, %v", out, err)
+	}
+
+	if !strings.Contains(out, ipTablesSearchString) {
+		c.Fatalf("iptables output after restart should have contained %q, but was %q", ipTablesSearchString, out)
+	}
+}
+
+// TestDaemonIPv6Enabled checks that when the daemon is started with --ipv6=true that the docker0 bridge
+// has the fe80::1 address and that a container is assigned a link-local address
+func (s *DockerSuite) TestDaemonIPv6Enabled(c *check.C) {
+	testRequires(c, IPv6)
+
+	if err := setupV6(); err != nil {
+		c.Fatal("Could not set up host for IPv6 tests")
+	}
+
+	d := NewDaemon(c)
+
+	if err := d.StartWithBusybox("--ipv6"); err != nil {
+		c.Fatal(err)
+	}
+	defer d.Stop()
+
+	iface, err := net.InterfaceByName("docker0")
+	if err != nil {
+		c.Fatalf("Error getting docker0 interface: %v", err)
+	}
+
+	addrs, err := iface.Addrs()
+	if err != nil {
+		c.Fatalf("Error getting addresses for docker0 interface: %v", err)
+	}
+
+	var found bool
+	expected := "fe80::1/64"
+
+	for i := range addrs {
+		if addrs[i].String() == expected {
+			found = true
+		}
+	}
+
+	if !found {
+		c.Fatalf("Bridge does not have an IPv6 Address")
+	}
+
+	if out, err := d.Cmd("run", "-itd", "--name=ipv6test", "busybox:latest"); err != nil {
+		c.Fatalf("Could not run container: %s, %v", out, err)
+	}
+
+	out, err := d.Cmd("inspect", "--format", "'{{.NetworkSettings.Networks.bridge.LinkLocalIPv6Address}}'", "ipv6test")
+	out = strings.Trim(out, " \r\n'")
+
+	if err != nil {
+		c.Fatalf("Error inspecting container: %s, %v", out, err)
+	}
+
+	if ip := net.ParseIP(out); ip == nil {
+		c.Fatalf("Container should have a link-local IPv6 address")
+	}
+
+	out, err = d.Cmd("inspect", "--format", "'{{.NetworkSettings.Networks.bridge.GlobalIPv6Address}}'", "ipv6test")
+	out = strings.Trim(out, " \r\n'")
+
+	if err != nil {
+		c.Fatalf("Error inspecting container: %s, %v", out, err)
+	}
+
+	if ip := net.ParseIP(out); ip != nil {
+		c.Fatalf("Container should not have a global IPv6 address: %v", out)
+	}
+
+	if err := teardownV6(); err != nil {
+		c.Fatal("Could not perform teardown for IPv6 tests")
+	}
+
+}
+
+// TestDaemonIPv6FixedCIDR checks that when the daemon is started with --ipv6=true and a fixed CIDR
+// that running containers are given a link-local and global IPv6 address
+func (s *DockerDaemonSuite) TestDaemonIPv6FixedCIDR(c *check.C) {
+	// IPv6 setup is messing with local bridge address.
+	testRequires(c, SameHostDaemon)
+	err := setupV6()
+	c.Assert(err, checker.IsNil, check.Commentf("Could not set up host for IPv6 tests"))
+
+	err = s.d.StartWithBusybox("--ipv6", "--fixed-cidr-v6='2001:db8:2::/64'", "--default-gateway-v6='2001:db8:2::100'")
+	c.Assert(err, checker.IsNil, check.Commentf("Could not start daemon with busybox: %v", err))
+
+	out, err := s.d.Cmd("run", "-itd", "--name=ipv6test", "busybox:latest")
+	c.Assert(err, checker.IsNil, check.Commentf("Could not run container: %s, %v", out, err))
+
+	out, err = s.d.Cmd("inspect", "--format", "'{{.NetworkSettings.Networks.bridge.GlobalIPv6Address}}'", "ipv6test")
+	out = strings.Trim(out, " \r\n'")
+
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+
+	ip := net.ParseIP(out)
+	c.Assert(ip, checker.NotNil, check.Commentf("Container should have a global IPv6 address"))
+
+	out, err = s.d.Cmd("inspect", "--format", "'{{.NetworkSettings.Networks.bridge.IPv6Gateway}}'", "ipv6test")
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+
+	c.Assert(strings.Trim(out, " \r\n'"), checker.Equals, "2001:db8:2::100", check.Commentf("Container should have a global IPv6 gateway"))
+
+	err = teardownV6()
+	c.Assert(err, checker.IsNil, check.Commentf("Could not perform teardown for IPv6 tests"))
+}
+
+// TestDaemonIPv6FixedCIDRAndMac checks that when the daemon is started with ipv6 fixed CIDR
+// the running containers are given a an IPv6 address derived from the MAC address and the ipv6 fixed CIDR
+func (s *DockerDaemonSuite) TestDaemonIPv6FixedCIDRAndMac(c *check.C) {
+	// IPv6 setup is messing with local bridge address.
+	testRequires(c, SameHostDaemon)
+	err := setupV6()
+	c.Assert(err, checker.IsNil)
+
+	err = s.d.StartWithBusybox("--ipv6", "--fixed-cidr-v6='2001:db8:1::/64'")
+	c.Assert(err, checker.IsNil)
+
+	out, err := s.d.Cmd("run", "-itd", "--name=ipv6test", "--mac-address", "AA:BB:CC:DD:EE:FF", "busybox")
+	c.Assert(err, checker.IsNil)
+
+	out, err = s.d.Cmd("inspect", "--format", "'{{.NetworkSettings.Networks.bridge.GlobalIPv6Address}}'", "ipv6test")
+	c.Assert(err, checker.IsNil)
+	c.Assert(strings.Trim(out, " \r\n'"), checker.Equals, "2001:db8:1::aabb:ccdd:eeff")
+
+	err = teardownV6()
+	c.Assert(err, checker.IsNil)
+}
+
+func (s *DockerDaemonSuite) TestDaemonLogLevelWrong(c *check.C) {
+	c.Assert(s.d.Start("--log-level=bogus"), check.NotNil, check.Commentf("Daemon shouldn't start with wrong log level"))
+}
+
+func (s *DockerDaemonSuite) TestDaemonLogLevelDebug(c *check.C) {
+	if err := s.d.Start("--log-level=debug"); err != nil {
+		c.Fatal(err)
+	}
+	content, _ := ioutil.ReadFile(s.d.logFile.Name())
+	if !strings.Contains(string(content), `level=debug`) {
+		c.Fatalf(`Missing level="debug" in log file:\n%s`, string(content))
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonLogLevelFatal(c *check.C) {
+	// we creating new daemons to create new logFile
+	if err := s.d.Start("--log-level=fatal"); err != nil {
+		c.Fatal(err)
+	}
+	content, _ := ioutil.ReadFile(s.d.logFile.Name())
+	if strings.Contains(string(content), `level=debug`) {
+		c.Fatalf(`Should not have level="debug" in log file:\n%s`, string(content))
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonFlagD(c *check.C) {
+	if err := s.d.Start("-D"); err != nil {
+		c.Fatal(err)
+	}
+	content, _ := ioutil.ReadFile(s.d.logFile.Name())
+	if !strings.Contains(string(content), `level=debug`) {
+		c.Fatalf(`Should have level="debug" in log file using -D:\n%s`, string(content))
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonFlagDebug(c *check.C) {
+	if err := s.d.Start("--debug"); err != nil {
+		c.Fatal(err)
+	}
+	content, _ := ioutil.ReadFile(s.d.logFile.Name())
+	if !strings.Contains(string(content), `level=debug`) {
+		c.Fatalf(`Should have level="debug" in log file using --debug:\n%s`, string(content))
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonFlagDebugLogLevelFatal(c *check.C) {
+	if err := s.d.Start("--debug", "--log-level=fatal"); err != nil {
+		c.Fatal(err)
+	}
+	content, _ := ioutil.ReadFile(s.d.logFile.Name())
+	if !strings.Contains(string(content), `level=debug`) {
+		c.Fatalf(`Should have level="debug" in log file when using both --debug and --log-level=fatal:\n%s`, string(content))
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonAllocatesListeningPort(c *check.C) {
+	listeningPorts := [][]string{
+		{"0.0.0.0", "0.0.0.0", "5678"},
+		{"127.0.0.1", "127.0.0.1", "1234"},
+		{"localhost", "127.0.0.1", "1235"},
+	}
+
+	cmdArgs := make([]string, 0, len(listeningPorts)*2)
+	for _, hostDirective := range listeningPorts {
+		cmdArgs = append(cmdArgs, "--host", fmt.Sprintf("tcp://%s:%s", hostDirective[0], hostDirective[2]))
+	}
+
+	if err := s.d.StartWithBusybox(cmdArgs...); err != nil {
+		c.Fatalf("Could not start daemon with busybox: %v", err)
+	}
+
+	for _, hostDirective := range listeningPorts {
+		output, err := s.d.Cmd("run", "-p", fmt.Sprintf("%s:%s:80", hostDirective[1], hostDirective[2]), "busybox", "true")
+		if err == nil {
+			c.Fatalf("Container should not start, expected port already allocated error: %q", output)
+		} else if !strings.Contains(output, "port is already allocated") {
+			c.Fatalf("Expected port is already allocated error: %q", output)
+		}
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonKeyGeneration(c *check.C) {
+	// TODO: skip or update for Windows daemon
+	os.Remove("/etc/docker/key.json")
+	if err := s.d.Start(); err != nil {
+		c.Fatalf("Could not start daemon: %v", err)
+	}
+	s.d.Stop()
+
+	k, err := libtrust.LoadKeyFile("/etc/docker/key.json")
+	if err != nil {
+		c.Fatalf("Error opening key file")
+	}
+	kid := k.KeyID()
+	// Test Key ID is a valid fingerprint (e.g. QQXN:JY5W:TBXI:MK3X:GX6P:PD5D:F56N:NHCS:LVRZ:JA46:R24J:XEFF)
+	if len(kid) != 59 {
+		c.Fatalf("Bad key ID: %s", kid)
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonKeyMigration(c *check.C) {
+	// TODO: skip or update for Windows daemon
+	os.Remove("/etc/docker/key.json")
+	k1, err := libtrust.GenerateECP256PrivateKey()
+	if err != nil {
+		c.Fatalf("Error generating private key: %s", err)
+	}
+	if err := os.MkdirAll(filepath.Join(os.Getenv("HOME"), ".docker"), 0755); err != nil {
+		c.Fatalf("Error creating .docker directory: %s", err)
+	}
+	if err := libtrust.SaveKey(filepath.Join(os.Getenv("HOME"), ".docker", "key.json"), k1); err != nil {
+		c.Fatalf("Error saving private key: %s", err)
+	}
+
+	if err := s.d.Start(); err != nil {
+		c.Fatalf("Could not start daemon: %v", err)
+	}
+	s.d.Stop()
+
+	k2, err := libtrust.LoadKeyFile("/etc/docker/key.json")
+	if err != nil {
+		c.Fatalf("Error opening key file")
+	}
+	if k1.KeyID() != k2.KeyID() {
+		c.Fatalf("Key not migrated")
+	}
+}
+
+// GH#11320 - verify that the daemon exits on failure properly
+// Note that this explicitly tests the conflict of {-b,--bridge} and {--bip} options as the means
+// to get a daemon init failure; no other tests for -b/--bip conflict are therefore required
+func (s *DockerDaemonSuite) TestDaemonExitOnFailure(c *check.C) {
+	//attempt to start daemon with incorrect flags (we know -b and --bip conflict)
+	if err := s.d.Start("--bridge", "nosuchbridge", "--bip", "1.1.1.1"); err != nil {
+		//verify we got the right error
+		if !strings.Contains(err.Error(), "Daemon exited and never started") {
+			c.Fatalf("Expected daemon not to start, got %v", err)
+		}
+		// look in the log and make sure we got the message that daemon is shutting down
+		runCmd := exec.Command("grep", "Error starting daemon", s.d.LogFileName())
+		if out, _, err := runCommandWithOutput(runCmd); err != nil {
+			c.Fatalf("Expected 'Error starting daemon' message; but doesn't exist in log: %q, err: %v", out, err)
+		}
+	} else {
+		//if we didn't get an error and the daemon is running, this is a failure
+		c.Fatal("Conflicting options should cause the daemon to error out with a failure")
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonBridgeExternal(c *check.C) {
+	d := s.d
+	err := d.Start("--bridge", "nosuchbridge")
+	c.Assert(err, check.NotNil, check.Commentf("--bridge option with an invalid bridge should cause the daemon to fail"))
+	defer d.Restart()
+
+	bridgeName := "external-bridge"
+	bridgeIP := "192.169.1.1/24"
+	_, bridgeIPNet, _ := net.ParseCIDR(bridgeIP)
+
+	out, err := createInterface(c, "bridge", bridgeName, bridgeIP)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	defer deleteInterface(c, bridgeName)
+
+	err = d.StartWithBusybox("--bridge", bridgeName)
+	c.Assert(err, check.IsNil)
+
+	ipTablesSearchString := bridgeIPNet.String()
+	ipTablesCmd := exec.Command("iptables", "-t", "nat", "-nvL")
+	out, _, err = runCommandWithOutput(ipTablesCmd)
+	c.Assert(err, check.IsNil)
+
+	c.Assert(strings.Contains(out, ipTablesSearchString), check.Equals, true,
+		check.Commentf("iptables output should have contained %q, but was %q",
+			ipTablesSearchString, out))
+
+	_, err = d.Cmd("run", "-d", "--name", "ExtContainer", "busybox", "top")
+	c.Assert(err, check.IsNil)
+
+	containerIP := d.findContainerIP("ExtContainer")
+	ip := net.ParseIP(containerIP)
+	c.Assert(bridgeIPNet.Contains(ip), check.Equals, true,
+		check.Commentf("Container IP-Address must be in the same subnet range : %s",
+			containerIP))
+}
+
+func createInterface(c *check.C, ifType string, ifName string, ipNet string) (string, error) {
+	args := []string{"link", "add", "name", ifName, "type", ifType}
+	ipLinkCmd := exec.Command("ip", args...)
+	out, _, err := runCommandWithOutput(ipLinkCmd)
+	if err != nil {
+		return out, err
+	}
+
+	ifCfgCmd := exec.Command("ifconfig", ifName, ipNet, "up")
+	out, _, err = runCommandWithOutput(ifCfgCmd)
+	return out, err
+}
+
+func deleteInterface(c *check.C, ifName string) {
+	ifCmd := exec.Command("ip", "link", "delete", ifName)
+	out, _, err := runCommandWithOutput(ifCmd)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	flushCmd := exec.Command("iptables", "-t", "nat", "--flush")
+	out, _, err = runCommandWithOutput(flushCmd)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	flushCmd = exec.Command("iptables", "--flush")
+	out, _, err = runCommandWithOutput(flushCmd)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+}
+
+func (s *DockerDaemonSuite) TestDaemonBridgeIP(c *check.C) {
+	// TestDaemonBridgeIP Steps
+	// 1. Delete the existing docker0 Bridge
+	// 2. Set --bip daemon configuration and start the new Docker Daemon
+	// 3. Check if the bip config has taken effect using ifconfig and iptables commands
+	// 4. Launch a Container and make sure the IP-Address is in the expected subnet
+	// 5. Delete the docker0 Bridge
+	// 6. Restart the Docker Daemon (via deferred action)
+	//    This Restart takes care of bringing docker0 interface back to auto-assigned IP
+
+	defaultNetworkBridge := "docker0"
+	deleteInterface(c, defaultNetworkBridge)
+
+	d := s.d
+
+	bridgeIP := "192.169.1.1/24"
+	ip, bridgeIPNet, _ := net.ParseCIDR(bridgeIP)
+
+	err := d.StartWithBusybox("--bip", bridgeIP)
+	c.Assert(err, check.IsNil)
+	defer d.Restart()
+
+	ifconfigSearchString := ip.String()
+	ifconfigCmd := exec.Command("ifconfig", defaultNetworkBridge)
+	out, _, _, err := runCommandWithStdoutStderr(ifconfigCmd)
+	c.Assert(err, check.IsNil)
+
+	c.Assert(strings.Contains(out, ifconfigSearchString), check.Equals, true,
+		check.Commentf("ifconfig output should have contained %q, but was %q",
+			ifconfigSearchString, out))
+
+	ipTablesSearchString := bridgeIPNet.String()
+	ipTablesCmd := exec.Command("iptables", "-t", "nat", "-nvL")
+	out, _, err = runCommandWithOutput(ipTablesCmd)
+	c.Assert(err, check.IsNil)
+
+	c.Assert(strings.Contains(out, ipTablesSearchString), check.Equals, true,
+		check.Commentf("iptables output should have contained %q, but was %q",
+			ipTablesSearchString, out))
+
+	out, err = d.Cmd("run", "-d", "--name", "test", "busybox", "top")
+	c.Assert(err, check.IsNil)
+
+	containerIP := d.findContainerIP("test")
+	ip = net.ParseIP(containerIP)
+	c.Assert(bridgeIPNet.Contains(ip), check.Equals, true,
+		check.Commentf("Container IP-Address must be in the same subnet range : %s",
+			containerIP))
+	deleteInterface(c, defaultNetworkBridge)
+}
+
+func (s *DockerDaemonSuite) TestDaemonRestartWithBridgeIPChange(c *check.C) {
+	if err := s.d.Start(); err != nil {
+		c.Fatalf("Could not start daemon: %v", err)
+	}
+	defer s.d.Restart()
+	if err := s.d.Stop(); err != nil {
+		c.Fatalf("Could not stop daemon: %v", err)
+	}
+
+	// now we will change the docker0's IP and then try starting the daemon
+	bridgeIP := "192.169.100.1/24"
+	_, bridgeIPNet, _ := net.ParseCIDR(bridgeIP)
+
+	ipCmd := exec.Command("ifconfig", "docker0", bridgeIP)
+	stdout, stderr, _, err := runCommandWithStdoutStderr(ipCmd)
+	if err != nil {
+		c.Fatalf("failed to change docker0's IP association: %v, stdout: %q, stderr: %q", err, stdout, stderr)
+	}
+
+	if err := s.d.Start("--bip", bridgeIP); err != nil {
+		c.Fatalf("Could not start daemon: %v", err)
+	}
+
+	//check if the iptables contains new bridgeIP MASQUERADE rule
+	ipTablesSearchString := bridgeIPNet.String()
+	ipTablesCmd := exec.Command("iptables", "-t", "nat", "-nvL")
+	out, _, err := runCommandWithOutput(ipTablesCmd)
+	if err != nil {
+		c.Fatalf("Could not run iptables -nvL: %s, %v", out, err)
+	}
+	if !strings.Contains(out, ipTablesSearchString) {
+		c.Fatalf("iptables output should have contained new MASQUERADE rule with IP %q, but was %q", ipTablesSearchString, out)
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonBridgeFixedCidr(c *check.C) {
+	d := s.d
+
+	bridgeName := "external-bridge"
+	bridgeIP := "192.169.1.1/24"
+
+	out, err := createInterface(c, "bridge", bridgeName, bridgeIP)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	defer deleteInterface(c, bridgeName)
+
+	args := []string{"--bridge", bridgeName, "--fixed-cidr", "192.169.1.0/30"}
+	err = d.StartWithBusybox(args...)
+	c.Assert(err, check.IsNil)
+	defer d.Restart()
+
+	for i := 0; i < 4; i++ {
+		cName := "Container" + strconv.Itoa(i)
+		out, err := d.Cmd("run", "-d", "--name", cName, "busybox", "top")
+		if err != nil {
+			c.Assert(strings.Contains(out, "no available IPv4 addresses"), check.Equals, true,
+				check.Commentf("Could not run a Container : %s %s", err.Error(), out))
+		}
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonBridgeFixedCidr2(c *check.C) {
+	d := s.d
+
+	bridgeName := "external-bridge"
+	bridgeIP := "10.2.2.1/16"
+
+	out, err := createInterface(c, "bridge", bridgeName, bridgeIP)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	defer deleteInterface(c, bridgeName)
+
+	err = d.StartWithBusybox("--bip", bridgeIP, "--fixed-cidr", "10.2.2.0/24")
+	c.Assert(err, check.IsNil)
+	defer s.d.Restart()
+
+	out, err = d.Cmd("run", "-d", "--name", "bb", "busybox", "top")
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+	defer d.Cmd("stop", "bb")
+
+	out, err = d.Cmd("exec", "bb", "/bin/sh", "-c", "ifconfig eth0 | awk '/inet addr/{print substr($2,6)}'")
+	c.Assert(out, checker.Equals, "10.2.2.0\n")
+
+	out, err = d.Cmd("run", "--rm", "busybox", "/bin/sh", "-c", "ifconfig eth0 | awk '/inet addr/{print substr($2,6)}'")
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+	c.Assert(out, checker.Equals, "10.2.2.2\n")
+}
+
+func (s *DockerDaemonSuite) TestDaemonBridgeFixedCIDREqualBridgeNetwork(c *check.C) {
+	d := s.d
+
+	bridgeName := "external-bridge"
+	bridgeIP := "172.27.42.1/16"
+
+	out, err := createInterface(c, "bridge", bridgeName, bridgeIP)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	defer deleteInterface(c, bridgeName)
+
+	err = d.StartWithBusybox("--bridge", bridgeName, "--fixed-cidr", bridgeIP)
+	c.Assert(err, check.IsNil)
+	defer s.d.Restart()
+
+	out, err = d.Cmd("run", "-d", "busybox", "top")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	cid1 := strings.TrimSpace(out)
+	defer d.Cmd("stop", cid1)
+}
+
+func (s *DockerDaemonSuite) TestDaemonDefaultGatewayIPv4Implicit(c *check.C) {
+	defaultNetworkBridge := "docker0"
+	deleteInterface(c, defaultNetworkBridge)
+
+	d := s.d
+
+	bridgeIP := "192.169.1.1"
+	bridgeIPNet := fmt.Sprintf("%s/24", bridgeIP)
+
+	err := d.StartWithBusybox("--bip", bridgeIPNet)
+	c.Assert(err, check.IsNil)
+	defer d.Restart()
+
+	expectedMessage := fmt.Sprintf("default via %s dev", bridgeIP)
+	out, err := d.Cmd("run", "busybox", "ip", "-4", "route", "list", "0/0")
+	c.Assert(strings.Contains(out, expectedMessage), check.Equals, true,
+		check.Commentf("Implicit default gateway should be bridge IP %s, but default route was '%s'",
+			bridgeIP, strings.TrimSpace(out)))
+	deleteInterface(c, defaultNetworkBridge)
+}
+
+func (s *DockerDaemonSuite) TestDaemonDefaultGatewayIPv4Explicit(c *check.C) {
+	defaultNetworkBridge := "docker0"
+	deleteInterface(c, defaultNetworkBridge)
+
+	d := s.d
+
+	bridgeIP := "192.169.1.1"
+	bridgeIPNet := fmt.Sprintf("%s/24", bridgeIP)
+	gatewayIP := "192.169.1.254"
+
+	err := d.StartWithBusybox("--bip", bridgeIPNet, "--default-gateway", gatewayIP)
+	c.Assert(err, check.IsNil)
+	defer d.Restart()
+
+	expectedMessage := fmt.Sprintf("default via %s dev", gatewayIP)
+	out, err := d.Cmd("run", "busybox", "ip", "-4", "route", "list", "0/0")
+	c.Assert(strings.Contains(out, expectedMessage), check.Equals, true,
+		check.Commentf("Explicit default gateway should be %s, but default route was '%s'",
+			gatewayIP, strings.TrimSpace(out)))
+	deleteInterface(c, defaultNetworkBridge)
+}
+
+func (s *DockerDaemonSuite) TestDaemonDefaultGatewayIPv4ExplicitOutsideContainerSubnet(c *check.C) {
+	defaultNetworkBridge := "docker0"
+	deleteInterface(c, defaultNetworkBridge)
+
+	// Program a custom default gateway outside of the container subnet, daemon should accept it and start
+	err := s.d.StartWithBusybox("--bip", "172.16.0.10/16", "--fixed-cidr", "172.16.1.0/24", "--default-gateway", "172.16.0.254")
+	c.Assert(err, check.IsNil)
+
+	deleteInterface(c, defaultNetworkBridge)
+	s.d.Restart()
+}
+
+func (s *DockerDaemonSuite) TestDaemonDefaultNetworkInvalidClusterConfig(c *check.C) {
+	testRequires(c, DaemonIsLinux, SameHostDaemon)
+
+	// Start daemon without docker0 bridge
+	defaultNetworkBridge := "docker0"
+	deleteInterface(c, defaultNetworkBridge)
+
+	d := NewDaemon(c)
+	discoveryBackend := "consul://consuladdr:consulport/some/path"
+	err := d.Start(fmt.Sprintf("--cluster-store=%s", discoveryBackend))
+	c.Assert(err, checker.IsNil)
+
+	// Start daemon with docker0 bridge
+	ifconfigCmd := exec.Command("ifconfig", defaultNetworkBridge)
+	_, err = runCommand(ifconfigCmd)
+	c.Assert(err, check.IsNil)
+
+	err = d.Restart(fmt.Sprintf("--cluster-store=%s", discoveryBackend))
+	c.Assert(err, checker.IsNil)
+
+	d.Stop()
+}
+
+func (s *DockerDaemonSuite) TestDaemonIP(c *check.C) {
+	d := s.d
+
+	ipStr := "192.170.1.1/24"
+	ip, _, _ := net.ParseCIDR(ipStr)
+	args := []string{"--ip", ip.String()}
+	err := d.StartWithBusybox(args...)
+	c.Assert(err, check.IsNil)
+	defer d.Restart()
+
+	out, err := d.Cmd("run", "-d", "-p", "8000:8000", "busybox", "top")
+	c.Assert(err, check.NotNil,
+		check.Commentf("Running a container must fail with an invalid --ip option"))
+	c.Assert(strings.Contains(out, "Error starting userland proxy"), check.Equals, true)
+
+	ifName := "dummy"
+	out, err = createInterface(c, "dummy", ifName, ipStr)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	defer deleteInterface(c, ifName)
+
+	_, err = d.Cmd("run", "-d", "-p", "8000:8000", "busybox", "top")
+	c.Assert(err, check.IsNil)
+
+	ipTablesCmd := exec.Command("iptables", "-t", "nat", "-nvL")
+	out, _, err = runCommandWithOutput(ipTablesCmd)
+	c.Assert(err, check.IsNil)
+
+	regex := fmt.Sprintf("DNAT.*%s.*dpt:8000", ip.String())
+	matched, _ := regexp.MatchString(regex, out)
+	c.Assert(matched, check.Equals, true,
+		check.Commentf("iptables output should have contained %q, but was %q", regex, out))
+}
+
+func (s *DockerDaemonSuite) TestDaemonICCPing(c *check.C) {
+	testRequires(c, bridgeNfIptables)
+	d := s.d
+
+	bridgeName := "external-bridge"
+	bridgeIP := "192.169.1.1/24"
+
+	out, err := createInterface(c, "bridge", bridgeName, bridgeIP)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	defer deleteInterface(c, bridgeName)
+
+	args := []string{"--bridge", bridgeName, "--icc=false"}
+	err = d.StartWithBusybox(args...)
+	c.Assert(err, check.IsNil)
+	defer d.Restart()
+
+	ipTablesCmd := exec.Command("iptables", "-nvL", "FORWARD")
+	out, _, err = runCommandWithOutput(ipTablesCmd)
+	c.Assert(err, check.IsNil)
+
+	regex := fmt.Sprintf("DROP.*all.*%s.*%s", bridgeName, bridgeName)
+	matched, _ := regexp.MatchString(regex, out)
+	c.Assert(matched, check.Equals, true,
+		check.Commentf("iptables output should have contained %q, but was %q", regex, out))
+
+	// Pinging another container must fail with --icc=false
+	pingContainers(c, d, true)
+
+	ipStr := "192.171.1.1/24"
+	ip, _, _ := net.ParseCIDR(ipStr)
+	ifName := "icc-dummy"
+
+	createInterface(c, "dummy", ifName, ipStr)
+
+	// But, Pinging external or a Host interface must succeed
+	pingCmd := fmt.Sprintf("ping -c 1 %s -W 1", ip.String())
+	runArgs := []string{"--rm", "busybox", "sh", "-c", pingCmd}
+	_, err = d.Cmd("run", runArgs...)
+	c.Assert(err, check.IsNil)
+}
+
+func (s *DockerDaemonSuite) TestDaemonICCLinkExpose(c *check.C) {
+	d := s.d
+
+	bridgeName := "external-bridge"
+	bridgeIP := "192.169.1.1/24"
+
+	out, err := createInterface(c, "bridge", bridgeName, bridgeIP)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	defer deleteInterface(c, bridgeName)
+
+	args := []string{"--bridge", bridgeName, "--icc=false"}
+	err = d.StartWithBusybox(args...)
+	c.Assert(err, check.IsNil)
+	defer d.Restart()
+
+	ipTablesCmd := exec.Command("iptables", "-nvL", "FORWARD")
+	out, _, err = runCommandWithOutput(ipTablesCmd)
+	c.Assert(err, check.IsNil)
+
+	regex := fmt.Sprintf("DROP.*all.*%s.*%s", bridgeName, bridgeName)
+	matched, _ := regexp.MatchString(regex, out)
+	c.Assert(matched, check.Equals, true,
+		check.Commentf("iptables output should have contained %q, but was %q", regex, out))
+
+	out, err = d.Cmd("run", "-d", "--expose", "4567", "--name", "icc1", "busybox", "nc", "-l", "-p", "4567")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	out, err = d.Cmd("run", "--link", "icc1:icc1", "busybox", "nc", "icc1", "4567")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+}
+
+func (s *DockerDaemonSuite) TestDaemonLinksIpTablesRulesWhenLinkAndUnlink(c *check.C) {
+	bridgeName := "external-bridge"
+	bridgeIP := "192.169.1.1/24"
+
+	out, err := createInterface(c, "bridge", bridgeName, bridgeIP)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	defer deleteInterface(c, bridgeName)
+
+	err = s.d.StartWithBusybox("--bridge", bridgeName, "--icc=false")
+	c.Assert(err, check.IsNil)
+	defer s.d.Restart()
+
+	_, err = s.d.Cmd("run", "-d", "--name", "child", "--publish", "8080:80", "busybox", "top")
+	c.Assert(err, check.IsNil)
+	_, err = s.d.Cmd("run", "-d", "--name", "parent", "--link", "child:http", "busybox", "top")
+	c.Assert(err, check.IsNil)
+
+	childIP := s.d.findContainerIP("child")
+	parentIP := s.d.findContainerIP("parent")
+
+	sourceRule := []string{"-i", bridgeName, "-o", bridgeName, "-p", "tcp", "-s", childIP, "--sport", "80", "-d", parentIP, "-j", "ACCEPT"}
+	destinationRule := []string{"-i", bridgeName, "-o", bridgeName, "-p", "tcp", "-s", parentIP, "--dport", "80", "-d", childIP, "-j", "ACCEPT"}
+	if !iptables.Exists("filter", "DOCKER", sourceRule...) || !iptables.Exists("filter", "DOCKER", destinationRule...) {
+		c.Fatal("Iptables rules not found")
+	}
+
+	s.d.Cmd("rm", "--link", "parent/http")
+	if iptables.Exists("filter", "DOCKER", sourceRule...) || iptables.Exists("filter", "DOCKER", destinationRule...) {
+		c.Fatal("Iptables rules should be removed when unlink")
+	}
+
+	s.d.Cmd("kill", "child")
+	s.d.Cmd("kill", "parent")
+}
+
+func (s *DockerDaemonSuite) TestDaemonUlimitDefaults(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	if err := s.d.StartWithBusybox("--default-ulimit", "nofile=42:42", "--default-ulimit", "nproc=1024:1024"); err != nil {
+		c.Fatal(err)
+	}
+
+	out, err := s.d.Cmd("run", "--ulimit", "nproc=2048", "--name=test", "busybox", "/bin/sh", "-c", "echo $(ulimit -n); echo $(ulimit -p)")
+	if err != nil {
+		c.Fatal(out, err)
+	}
+
+	outArr := strings.Split(out, "\n")
+	if len(outArr) < 2 {
+		c.Fatalf("got unexpected output: %s", out)
+	}
+	nofile := strings.TrimSpace(outArr[0])
+	nproc := strings.TrimSpace(outArr[1])
+
+	if nofile != "42" {
+		c.Fatalf("expected `ulimit -n` to be `42`, got: %s", nofile)
+	}
+	if nproc != "2048" {
+		c.Fatalf("exepcted `ulimit -p` to be 2048, got: %s", nproc)
+	}
+
+	// Now restart daemon with a new default
+	if err := s.d.Restart("--default-ulimit", "nofile=43"); err != nil {
+		c.Fatal(err)
+	}
+
+	out, err = s.d.Cmd("start", "-a", "test")
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	outArr = strings.Split(out, "\n")
+	if len(outArr) < 2 {
+		c.Fatalf("got unexpected output: %s", out)
+	}
+	nofile = strings.TrimSpace(outArr[0])
+	nproc = strings.TrimSpace(outArr[1])
+
+	if nofile != "43" {
+		c.Fatalf("expected `ulimit -n` to be `43`, got: %s", nofile)
+	}
+	if nproc != "2048" {
+		c.Fatalf("exepcted `ulimit -p` to be 2048, got: %s", nproc)
+	}
+}
+
+// #11315
+func (s *DockerDaemonSuite) TestDaemonRestartRenameContainer(c *check.C) {
+	if err := s.d.StartWithBusybox(); err != nil {
+		c.Fatal(err)
+	}
+
+	if out, err := s.d.Cmd("run", "--name=test", "busybox"); err != nil {
+		c.Fatal(err, out)
+	}
+
+	if out, err := s.d.Cmd("rename", "test", "test2"); err != nil {
+		c.Fatal(err, out)
+	}
+
+	if err := s.d.Restart(); err != nil {
+		c.Fatal(err)
+	}
+
+	if out, err := s.d.Cmd("start", "test2"); err != nil {
+		c.Fatal(err, out)
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonLoggingDriverDefault(c *check.C) {
+	if err := s.d.StartWithBusybox(); err != nil {
+		c.Fatal(err)
+	}
+
+	out, err := s.d.Cmd("run", "--name=test", "busybox", "echo", "testline")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	id, err := s.d.getIDByName("test")
+	c.Assert(err, check.IsNil)
+
+	logPath := filepath.Join(s.d.root, "containers", id, id+"-json.log")
+
+	if _, err := os.Stat(logPath); err != nil {
+		c.Fatal(err)
+	}
+	f, err := os.Open(logPath)
+	if err != nil {
+		c.Fatal(err)
+	}
+	var res struct {
+		Log    string    `json:"log"`
+		Stream string    `json:"stream"`
+		Time   time.Time `json:"time"`
+	}
+	if err := json.NewDecoder(f).Decode(&res); err != nil {
+		c.Fatal(err)
+	}
+	if res.Log != "testline\n" {
+		c.Fatalf("Unexpected log line: %q, expected: %q", res.Log, "testline\n")
+	}
+	if res.Stream != "stdout" {
+		c.Fatalf("Unexpected stream: %q, expected: %q", res.Stream, "stdout")
+	}
+	if !time.Now().After(res.Time) {
+		c.Fatalf("Log time %v in future", res.Time)
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonLoggingDriverDefaultOverride(c *check.C) {
+	if err := s.d.StartWithBusybox(); err != nil {
+		c.Fatal(err)
+	}
+
+	out, err := s.d.Cmd("run", "--name=test", "--log-driver=none", "busybox", "echo", "testline")
+	if err != nil {
+		c.Fatal(out, err)
+	}
+	id, err := s.d.getIDByName("test")
+	c.Assert(err, check.IsNil)
+
+	logPath := filepath.Join(s.d.root, "containers", id, id+"-json.log")
+
+	if _, err := os.Stat(logPath); err == nil || !os.IsNotExist(err) {
+		c.Fatalf("%s shouldn't exits, error on Stat: %s", logPath, err)
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonLoggingDriverNone(c *check.C) {
+	if err := s.d.StartWithBusybox("--log-driver=none"); err != nil {
+		c.Fatal(err)
+	}
+
+	out, err := s.d.Cmd("run", "--name=test", "busybox", "echo", "testline")
+	if err != nil {
+		c.Fatal(out, err)
+	}
+	id, err := s.d.getIDByName("test")
+	c.Assert(err, check.IsNil)
+
+	logPath := filepath.Join(s.d.folder, "graph", "containers", id, id+"-json.log")
+
+	if _, err := os.Stat(logPath); err == nil || !os.IsNotExist(err) {
+		c.Fatalf("%s shouldn't exits, error on Stat: %s", logPath, err)
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonLoggingDriverNoneOverride(c *check.C) {
+	if err := s.d.StartWithBusybox("--log-driver=none"); err != nil {
+		c.Fatal(err)
+	}
+
+	out, err := s.d.Cmd("run", "--name=test", "--log-driver=json-file", "busybox", "echo", "testline")
+	if err != nil {
+		c.Fatal(out, err)
+	}
+	id, err := s.d.getIDByName("test")
+	c.Assert(err, check.IsNil)
+
+	logPath := filepath.Join(s.d.root, "containers", id, id+"-json.log")
+
+	if _, err := os.Stat(logPath); err != nil {
+		c.Fatal(err)
+	}
+	f, err := os.Open(logPath)
+	if err != nil {
+		c.Fatal(err)
+	}
+	var res struct {
+		Log    string    `json:"log"`
+		Stream string    `json:"stream"`
+		Time   time.Time `json:"time"`
+	}
+	if err := json.NewDecoder(f).Decode(&res); err != nil {
+		c.Fatal(err)
+	}
+	if res.Log != "testline\n" {
+		c.Fatalf("Unexpected log line: %q, expected: %q", res.Log, "testline\n")
+	}
+	if res.Stream != "stdout" {
+		c.Fatalf("Unexpected stream: %q, expected: %q", res.Stream, "stdout")
+	}
+	if !time.Now().After(res.Time) {
+		c.Fatalf("Log time %v in future", res.Time)
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonLoggingDriverNoneLogsError(c *check.C) {
+	c.Assert(s.d.StartWithBusybox("--log-driver=none"), checker.IsNil)
+
+	out, err := s.d.Cmd("run", "--name=test", "busybox", "echo", "testline")
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+
+	out, err = s.d.Cmd("logs", "test")
+	c.Assert(err, check.NotNil, check.Commentf("Logs should fail with 'none' driver"))
+	expected := `"logs" command is supported only for "json-file" and "journald" logging drivers (got: none)`
+	c.Assert(out, checker.Contains, expected)
+}
+
+func (s *DockerDaemonSuite) TestDaemonDots(c *check.C) {
+	if err := s.d.StartWithBusybox(); err != nil {
+		c.Fatal(err)
+	}
+
+	// Now create 4 containers
+	if _, err := s.d.Cmd("create", "busybox"); err != nil {
+		c.Fatalf("Error creating container: %q", err)
+	}
+	if _, err := s.d.Cmd("create", "busybox"); err != nil {
+		c.Fatalf("Error creating container: %q", err)
+	}
+	if _, err := s.d.Cmd("create", "busybox"); err != nil {
+		c.Fatalf("Error creating container: %q", err)
+	}
+	if _, err := s.d.Cmd("create", "busybox"); err != nil {
+		c.Fatalf("Error creating container: %q", err)
+	}
+
+	s.d.Stop()
+
+	s.d.Start("--log-level=debug")
+	s.d.Stop()
+	content, _ := ioutil.ReadFile(s.d.logFile.Name())
+	if strings.Contains(string(content), "....") {
+		c.Fatalf("Debug level should not have ....\n%s", string(content))
+	}
+
+	s.d.Start("--log-level=error")
+	s.d.Stop()
+	content, _ = ioutil.ReadFile(s.d.logFile.Name())
+	if strings.Contains(string(content), "....") {
+		c.Fatalf("Error level should not have ....\n%s", string(content))
+	}
+
+	s.d.Start("--log-level=info")
+	s.d.Stop()
+	content, _ = ioutil.ReadFile(s.d.logFile.Name())
+	if !strings.Contains(string(content), "....") {
+		c.Fatalf("Info level should have ....\n%s", string(content))
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonUnixSockCleanedUp(c *check.C) {
+	dir, err := ioutil.TempDir("", "socket-cleanup-test")
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer os.RemoveAll(dir)
+
+	sockPath := filepath.Join(dir, "docker.sock")
+	if err := s.d.Start("--host", "unix://"+sockPath); err != nil {
+		c.Fatal(err)
+	}
+
+	if _, err := os.Stat(sockPath); err != nil {
+		c.Fatal("socket does not exist")
+	}
+
+	if err := s.d.Stop(); err != nil {
+		c.Fatal(err)
+	}
+
+	if _, err := os.Stat(sockPath); err == nil || !os.IsNotExist(err) {
+		c.Fatal("unix socket is not cleaned up")
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonWithWrongkey(c *check.C) {
+	type Config struct {
+		Crv string `json:"crv"`
+		D   string `json:"d"`
+		Kid string `json:"kid"`
+		Kty string `json:"kty"`
+		X   string `json:"x"`
+		Y   string `json:"y"`
+	}
+
+	os.Remove("/etc/docker/key.json")
+	if err := s.d.Start(); err != nil {
+		c.Fatalf("Failed to start daemon: %v", err)
+	}
+
+	if err := s.d.Stop(); err != nil {
+		c.Fatalf("Could not stop daemon: %v", err)
+	}
+
+	config := &Config{}
+	bytes, err := ioutil.ReadFile("/etc/docker/key.json")
+	if err != nil {
+		c.Fatalf("Error reading key.json file: %s", err)
+	}
+
+	// byte[] to Data-Struct
+	if err := json.Unmarshal(bytes, &config); err != nil {
+		c.Fatalf("Error Unmarshal: %s", err)
+	}
+
+	//replace config.Kid with the fake value
+	config.Kid = "VSAJ:FUYR:X3H2:B2VZ:KZ6U:CJD5:K7BX:ZXHY:UZXT:P4FT:MJWG:HRJ4"
+
+	// NEW Data-Struct to byte[]
+	newBytes, err := json.Marshal(&config)
+	if err != nil {
+		c.Fatalf("Error Marshal: %s", err)
+	}
+
+	// write back
+	if err := ioutil.WriteFile("/etc/docker/key.json", newBytes, 0400); err != nil {
+		c.Fatalf("Error ioutil.WriteFile: %s", err)
+	}
+
+	defer os.Remove("/etc/docker/key.json")
+
+	if err := s.d.Start(); err == nil {
+		c.Fatalf("It should not be successful to start daemon with wrong key: %v", err)
+	}
+
+	content, _ := ioutil.ReadFile(s.d.logFile.Name())
+
+	if !strings.Contains(string(content), "Public Key ID does not match") {
+		c.Fatal("Missing KeyID message from daemon logs")
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonRestartKillWait(c *check.C) {
+	if err := s.d.StartWithBusybox(); err != nil {
+		c.Fatalf("Could not start daemon with busybox: %v", err)
+	}
+
+	out, err := s.d.Cmd("run", "-id", "busybox", "/bin/cat")
+	if err != nil {
+		c.Fatalf("Could not run /bin/cat: err=%v\n%s", err, out)
+	}
+	containerID := strings.TrimSpace(out)
+
+	if out, err := s.d.Cmd("kill", containerID); err != nil {
+		c.Fatalf("Could not kill %s: err=%v\n%s", containerID, err, out)
+	}
+
+	if err := s.d.Restart(); err != nil {
+		c.Fatalf("Could not restart daemon: %v", err)
+	}
+
+	errchan := make(chan error)
+	go func() {
+		if out, err := s.d.Cmd("wait", containerID); err != nil {
+			errchan <- fmt.Errorf("%v:\n%s", err, out)
+		}
+		close(errchan)
+	}()
+
+	select {
+	case <-time.After(5 * time.Second):
+		c.Fatal("Waiting on a stopped (killed) container timed out")
+	case err := <-errchan:
+		if err != nil {
+			c.Fatal(err)
+		}
+	}
+}
+
+// TestHttpsInfo connects via two-way authenticated HTTPS to the info endpoint
+func (s *DockerDaemonSuite) TestHttpsInfo(c *check.C) {
+	const (
+		testDaemonHTTPSAddr = "tcp://localhost:4271"
+	)
+
+	if err := s.d.Start("--tlsverify", "--tlscacert", "fixtures/https/ca.pem", "--tlscert", "fixtures/https/server-cert.pem",
+		"--tlskey", "fixtures/https/server-key.pem", "-H", testDaemonHTTPSAddr); err != nil {
+		c.Fatalf("Could not start daemon with busybox: %v", err)
+	}
+
+	daemonArgs := []string{"--host", testDaemonHTTPSAddr, "--tlsverify", "--tlscacert", "fixtures/https/ca.pem", "--tlscert", "fixtures/https/client-cert.pem", "--tlskey", "fixtures/https/client-key.pem"}
+	out, err := s.d.CmdWithArgs(daemonArgs, "info")
+	if err != nil {
+		c.Fatalf("Error Occurred: %s and output: %s", err, out)
+	}
+}
+
+// TestHttpsRun connects via two-way authenticated HTTPS to the create, attach, start, and wait endpoints.
+// https://github.com/docker/docker/issues/19280
+func (s *DockerDaemonSuite) TestHttpsRun(c *check.C) {
+	const (
+		testDaemonHTTPSAddr = "tcp://localhost:4271"
+	)
+
+	if err := s.d.StartWithBusybox("--tlsverify", "--tlscacert", "fixtures/https/ca.pem", "--tlscert", "fixtures/https/server-cert.pem",
+		"--tlskey", "fixtures/https/server-key.pem", "-H", testDaemonHTTPSAddr); err != nil {
+		c.Fatalf("Could not start daemon with busybox: %v", err)
+	}
+
+	daemonArgs := []string{"--host", testDaemonHTTPSAddr, "--tlsverify", "--tlscacert", "fixtures/https/ca.pem", "--tlscert", "fixtures/https/client-cert.pem", "--tlskey", "fixtures/https/client-key.pem"}
+	out, err := s.d.CmdWithArgs(daemonArgs, "run", "busybox", "echo", "TLS response")
+	if err != nil {
+		c.Fatalf("Error Occurred: %s and output: %s", err, out)
+	}
+
+	if !strings.Contains(out, "TLS response") {
+		c.Fatalf("expected output to include `TLS response`, got %v", out)
+	}
+}
+
+// TestTlsVerify verifies that --tlsverify=false turns on tls
+func (s *DockerDaemonSuite) TestTlsVerify(c *check.C) {
+	out, err := exec.Command(dockerBinary, "daemon", "--tlsverify=false").CombinedOutput()
+	if err == nil || !strings.Contains(string(out), "Could not load X509 key pair") {
+		c.Fatalf("Daemon should not have started due to missing certs: %v\n%s", err, string(out))
+	}
+}
+
+// TestHttpsInfoRogueCert connects via two-way authenticated HTTPS to the info endpoint
+// by using a rogue client certificate and checks that it fails with the expected error.
+func (s *DockerDaemonSuite) TestHttpsInfoRogueCert(c *check.C) {
+	const (
+		errBadCertificate   = "remote error: bad certificate"
+		testDaemonHTTPSAddr = "tcp://localhost:4271"
+	)
+
+	if err := s.d.Start("--tlsverify", "--tlscacert", "fixtures/https/ca.pem", "--tlscert", "fixtures/https/server-cert.pem",
+		"--tlskey", "fixtures/https/server-key.pem", "-H", testDaemonHTTPSAddr); err != nil {
+		c.Fatalf("Could not start daemon with busybox: %v", err)
+	}
+
+	daemonArgs := []string{"--host", testDaemonHTTPSAddr, "--tlsverify", "--tlscacert", "fixtures/https/ca.pem", "--tlscert", "fixtures/https/client-rogue-cert.pem", "--tlskey", "fixtures/https/client-rogue-key.pem"}
+	out, err := s.d.CmdWithArgs(daemonArgs, "info")
+	if err == nil || !strings.Contains(out, errBadCertificate) {
+		c.Fatalf("Expected err: %s, got instead: %s and output: %s", errBadCertificate, err, out)
+	}
+}
+
+// TestHttpsInfoRogueServerCert connects via two-way authenticated HTTPS to the info endpoint
+// which provides a rogue server certificate and checks that it fails with the expected error
+func (s *DockerDaemonSuite) TestHttpsInfoRogueServerCert(c *check.C) {
+	const (
+		errCaUnknown             = "x509: certificate signed by unknown authority"
+		testDaemonRogueHTTPSAddr = "tcp://localhost:4272"
+	)
+	if err := s.d.Start("--tlsverify", "--tlscacert", "fixtures/https/ca.pem", "--tlscert", "fixtures/https/server-rogue-cert.pem",
+		"--tlskey", "fixtures/https/server-rogue-key.pem", "-H", testDaemonRogueHTTPSAddr); err != nil {
+		c.Fatalf("Could not start daemon with busybox: %v", err)
+	}
+
+	daemonArgs := []string{"--host", testDaemonRogueHTTPSAddr, "--tlsverify", "--tlscacert", "fixtures/https/ca.pem", "--tlscert", "fixtures/https/client-rogue-cert.pem", "--tlskey", "fixtures/https/client-rogue-key.pem"}
+	out, err := s.d.CmdWithArgs(daemonArgs, "info")
+	if err == nil || !strings.Contains(out, errCaUnknown) {
+		c.Fatalf("Expected err: %s, got instead: %s and output: %s", errCaUnknown, err, out)
+	}
+}
+
+func pingContainers(c *check.C, d *Daemon, expectFailure bool) {
+	var dargs []string
+	if d != nil {
+		dargs = []string{"--host", d.sock()}
+	}
+
+	args := append(dargs, "run", "-d", "--name", "container1", "busybox", "top")
+	dockerCmd(c, args...)
+
+	args = append(dargs, "run", "--rm", "--link", "container1:alias1", "busybox", "sh", "-c")
+	pingCmd := "ping -c 1 %s -W 1"
+	args = append(args, fmt.Sprintf(pingCmd, "alias1"))
+	_, _, err := dockerCmdWithError(args...)
+
+	if expectFailure {
+		c.Assert(err, check.NotNil)
+	} else {
+		c.Assert(err, check.IsNil)
+	}
+
+	args = append(dargs, "rm", "-f", "container1")
+	dockerCmd(c, args...)
+}
+
+func (s *DockerDaemonSuite) TestDaemonRestartWithSocketAsVolume(c *check.C) {
+	c.Assert(s.d.StartWithBusybox(), check.IsNil)
+
+	socket := filepath.Join(s.d.folder, "docker.sock")
+
+	out, err := s.d.Cmd("run", "--restart=always", "-v", socket+":/sock", "busybox")
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", out))
+	c.Assert(s.d.Restart(), check.IsNil)
+}
+
+// os.Kill should kill daemon ungracefully, leaving behind container mounts.
+// A subsequent daemon restart shoud clean up said mounts.
+func (s *DockerDaemonSuite) TestCleanupMountsAfterDaemonAndContainerKill(c *check.C) {
+	c.Assert(s.d.StartWithBusybox(), check.IsNil)
+
+	out, err := s.d.Cmd("run", "-d", "busybox", "top")
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", out))
+	id := strings.TrimSpace(out)
+	c.Assert(s.d.cmd.Process.Signal(os.Kill), check.IsNil)
+	mountOut, err := ioutil.ReadFile("/proc/self/mountinfo")
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", mountOut))
+
+	// container mounts should exist even after daemon has crashed.
+	comment := check.Commentf("%s should stay mounted from older daemon start:\nDaemon root repository %s\n%s", id, s.d.folder, mountOut)
+	c.Assert(strings.Contains(string(mountOut), id), check.Equals, true, comment)
+
+	// kill the container
+	runCmd := exec.Command(ctrBinary, "--address", "/var/run/docker/libcontainerd/docker-containerd.sock", "containers", "kill", id)
+	if out, ec, err := runCommandWithOutput(runCmd); err != nil {
+		c.Fatalf("Failed to run ctr, ExitCode: %d, err: %v output: %s id: %s\n", ec, err, out, id)
+	}
+
+	// restart daemon.
+	if err := s.d.Restart(); err != nil {
+		c.Fatal(err)
+	}
+
+	// Now, container mounts should be gone.
+	mountOut, err = ioutil.ReadFile("/proc/self/mountinfo")
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", mountOut))
+	comment = check.Commentf("%s is still mounted from older daemon start:\nDaemon root repository %s\n%s", id, s.d.folder, mountOut)
+	c.Assert(strings.Contains(string(mountOut), id), check.Equals, false, comment)
+}
+
+// os.Interrupt should perform a graceful daemon shutdown and hence cleanup mounts.
+func (s *DockerDaemonSuite) TestCleanupMountsAfterGracefulShutdown(c *check.C) {
+	c.Assert(s.d.StartWithBusybox(), check.IsNil)
+
+	out, err := s.d.Cmd("run", "-d", "busybox", "top")
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", out))
+	id := strings.TrimSpace(out)
+
+	// Send SIGINT and daemon should clean up
+	c.Assert(s.d.cmd.Process.Signal(os.Interrupt), check.IsNil)
+
+	// Wait a bit for the daemon to handle cleanups.
+	time.Sleep(3 * time.Second)
+
+	mountOut, err := ioutil.ReadFile("/proc/self/mountinfo")
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", mountOut))
+
+	comment := check.Commentf("%s is still mounted from older daemon start:\nDaemon root repository %s\n%s", id, s.d.folder, mountOut)
+	c.Assert(strings.Contains(string(mountOut), id), check.Equals, false, comment)
+}
+
+func (s *DockerDaemonSuite) TestRunContainerWithBridgeNone(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	c.Assert(s.d.StartWithBusybox("-b", "none"), check.IsNil)
+
+	out, err := s.d.Cmd("run", "--rm", "busybox", "ip", "l")
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", out))
+	c.Assert(strings.Contains(out, "eth0"), check.Equals, false,
+		check.Commentf("There shouldn't be eth0 in container in default(bridge) mode when bridge network is disabled: %s", out))
+
+	out, err = s.d.Cmd("run", "--rm", "--net=bridge", "busybox", "ip", "l")
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", out))
+	c.Assert(strings.Contains(out, "eth0"), check.Equals, false,
+		check.Commentf("There shouldn't be eth0 in container in bridge mode when bridge network is disabled: %s", out))
+	// the extra grep and awk clean up the output of `ip` to only list the number and name of
+	// interfaces, allowing for different versions of ip (e.g. inside and outside the container) to
+	// be used while still verifying that the interface list is the exact same
+	cmd := exec.Command("sh", "-c", "ip l | grep -E '^[0-9]+:' | awk -F: ' { print $1\":\"$2 } '")
+	stdout := bytes.NewBuffer(nil)
+	cmd.Stdout = stdout
+	if err := cmd.Run(); err != nil {
+		c.Fatal("Failed to get host network interface")
+	}
+	out, err = s.d.Cmd("run", "--rm", "--net=host", "busybox", "sh", "-c", "ip l | grep -E '^[0-9]+:' | awk -F: ' { print $1\":\"$2 } '")
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", out))
+	c.Assert(out, check.Equals, fmt.Sprintf("%s", stdout),
+		check.Commentf("The network interfaces in container should be the same with host when --net=host when bridge network is disabled: %s", out))
+}
+
+func (s *DockerDaemonSuite) TestDaemonRestartWithContainerRunning(t *check.C) {
+	if err := s.d.StartWithBusybox(); err != nil {
+		t.Fatal(err)
+	}
+	if out, err := s.d.Cmd("run", "-d", "--name", "test", "busybox", "top"); err != nil {
+		t.Fatal(out, err)
+	}
+
+	if err := s.d.Restart(); err != nil {
+		t.Fatal(err)
+	}
+	// Container 'test' should be removed without error
+	if out, err := s.d.Cmd("rm", "test"); err != nil {
+		t.Fatal(out, err)
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonRestartCleanupNetns(c *check.C) {
+	if err := s.d.StartWithBusybox(); err != nil {
+		c.Fatal(err)
+	}
+	out, err := s.d.Cmd("run", "--name", "netns", "-d", "busybox", "top")
+	if err != nil {
+		c.Fatal(out, err)
+	}
+
+	// Get sandbox key via inspect
+	out, err = s.d.Cmd("inspect", "--format", "'{{.NetworkSettings.SandboxKey}}'", "netns")
+	if err != nil {
+		c.Fatalf("Error inspecting container: %s, %v", out, err)
+	}
+	fileName := strings.Trim(out, " \r\n'")
+
+	if out, err := s.d.Cmd("stop", "netns"); err != nil {
+		c.Fatal(out, err)
+	}
+
+	// Test if the file still exists
+	out, _, err = runCommandWithOutput(exec.Command("stat", "-c", "%n", fileName))
+	out = strings.TrimSpace(out)
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", out))
+	c.Assert(out, check.Equals, fileName, check.Commentf("Output: %s", out))
+
+	// Remove the container and restart the daemon
+	if out, err := s.d.Cmd("rm", "netns"); err != nil {
+		c.Fatal(out, err)
+	}
+
+	if err := s.d.Restart(); err != nil {
+		c.Fatal(err)
+	}
+
+	// Test again and see now the netns file does not exist
+	out, _, err = runCommandWithOutput(exec.Command("stat", "-c", "%n", fileName))
+	out = strings.TrimSpace(out)
+	c.Assert(err, check.Not(check.IsNil), check.Commentf("Output: %s", out))
+}
+
+// tests regression detailed in #13964 where DOCKER_TLS_VERIFY env is ignored
+func (s *DockerDaemonSuite) TestDaemonNoTlsCliTlsVerifyWithEnv(c *check.C) {
+	host := "tcp://localhost:4271"
+	c.Assert(s.d.Start("-H", host), check.IsNil)
+	cmd := exec.Command(dockerBinary, "-H", host, "info")
+	cmd.Env = []string{"DOCKER_TLS_VERIFY=1", "DOCKER_CERT_PATH=fixtures/https"}
+	out, _, err := runCommandWithOutput(cmd)
+	c.Assert(err, check.Not(check.IsNil), check.Commentf("%s", out))
+	c.Assert(strings.Contains(out, "error occurred trying to connect"), check.Equals, true)
+
+}
+
+func setupV6() error {
+	// Hack to get the right IPv6 address on docker0, which has already been created
+	return exec.Command("ip", "addr", "add", "fe80::1/64", "dev", "docker0").Run()
+}
+
+func teardownV6() error {
+	return exec.Command("ip", "addr", "del", "fe80::1/64", "dev", "docker0").Run()
+}
+
+func (s *DockerDaemonSuite) TestDaemonRestartWithContainerWithRestartPolicyAlways(c *check.C) {
+	c.Assert(s.d.StartWithBusybox(), check.IsNil)
+
+	out, err := s.d.Cmd("run", "-d", "--restart", "always", "busybox", "top")
+	c.Assert(err, check.IsNil)
+	id := strings.TrimSpace(out)
+
+	_, err = s.d.Cmd("stop", id)
+	c.Assert(err, check.IsNil)
+	_, err = s.d.Cmd("wait", id)
+	c.Assert(err, check.IsNil)
+
+	out, err = s.d.Cmd("ps", "-q")
+	c.Assert(err, check.IsNil)
+	c.Assert(out, check.Equals, "")
+
+	c.Assert(s.d.Restart(), check.IsNil)
+
+	out, err = s.d.Cmd("ps", "-q")
+	c.Assert(err, check.IsNil)
+	c.Assert(strings.TrimSpace(out), check.Equals, id[:12])
+}
+
+func (s *DockerDaemonSuite) TestDaemonWideLogConfig(c *check.C) {
+	if err := s.d.StartWithBusybox("--log-driver=json-file", "--log-opt=max-size=1k"); err != nil {
+		c.Fatal(err)
+	}
+	out, err := s.d.Cmd("run", "-d", "--name=logtest", "busybox", "top")
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s, err: %v", out, err))
+	out, err = s.d.Cmd("inspect", "-f", "{{ .HostConfig.LogConfig.Config }}", "logtest")
+	c.Assert(err, check.IsNil, check.Commentf("Output: %s", out))
+	cfg := strings.TrimSpace(out)
+	if cfg != "map[max-size:1k]" {
+		c.Fatalf("Unexpected log-opt: %s, expected map[max-size:1k]", cfg)
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonRestartWithPausedContainer(c *check.C) {
+	if err := s.d.StartWithBusybox(); err != nil {
+		c.Fatal(err)
+	}
+	if out, err := s.d.Cmd("run", "-i", "-d", "--name", "test", "busybox", "top"); err != nil {
+		c.Fatal(err, out)
+	}
+	if out, err := s.d.Cmd("pause", "test"); err != nil {
+		c.Fatal(err, out)
+	}
+	if err := s.d.Restart(); err != nil {
+		c.Fatal(err)
+	}
+
+	errchan := make(chan error)
+	go func() {
+		out, err := s.d.Cmd("start", "test")
+		if err != nil {
+			errchan <- fmt.Errorf("%v:\n%s", err, out)
+		}
+		name := strings.TrimSpace(out)
+		if name != "test" {
+			errchan <- fmt.Errorf("Paused container start error on docker daemon restart, expected 'test' but got '%s'", name)
+		}
+		close(errchan)
+	}()
+
+	select {
+	case <-time.After(5 * time.Second):
+		c.Fatal("Waiting on start a container timed out")
+	case err := <-errchan:
+		if err != nil {
+			c.Fatal(err)
+		}
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonRestartRmVolumeInUse(c *check.C) {
+	c.Assert(s.d.StartWithBusybox(), check.IsNil)
+
+	out, err := s.d.Cmd("create", "-v", "test:/foo", "busybox")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	c.Assert(s.d.Restart(), check.IsNil)
+
+	out, err = s.d.Cmd("volume", "rm", "test")
+	c.Assert(err, check.NotNil, check.Commentf("should not be able to remove in use volume after daemon restart"))
+	c.Assert(out, checker.Contains, "in use")
+}
+
+func (s *DockerDaemonSuite) TestDaemonRestartLocalVolumes(c *check.C) {
+	c.Assert(s.d.Start(), check.IsNil)
+
+	_, err := s.d.Cmd("volume", "create", "--name", "test")
+	c.Assert(err, check.IsNil)
+	c.Assert(s.d.Restart(), check.IsNil)
+
+	_, err = s.d.Cmd("volume", "inspect", "test")
+	c.Assert(err, check.IsNil)
+}
+
+func (s *DockerDaemonSuite) TestDaemonCorruptedLogDriverAddress(c *check.C) {
+	c.Assert(s.d.Start("--log-driver=syslog", "--log-opt", "syslog-address=corrupted:42"), check.NotNil)
+	expected := "Failed to set log opts: syslog-address should be in form proto://address"
+	runCmd := exec.Command("grep", expected, s.d.LogFileName())
+	if out, _, err := runCommandWithOutput(runCmd); err != nil {
+		c.Fatalf("Expected %q message; but doesn't exist in log: %q, err: %v", expected, out, err)
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonCorruptedFluentdAddress(c *check.C) {
+	c.Assert(s.d.Start("--log-driver=fluentd", "--log-opt", "fluentd-address=corrupted:c"), check.NotNil)
+	expected := "Failed to set log opts: invalid fluentd-address corrupted:c: "
+	runCmd := exec.Command("grep", expected, s.d.LogFileName())
+	if out, _, err := runCommandWithOutput(runCmd); err != nil {
+		c.Fatalf("Expected %q message; but doesn't exist in log: %q, err: %v", expected, out, err)
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonStartWithoutHost(c *check.C) {
+	s.d.useDefaultHost = true
+	defer func() {
+		s.d.useDefaultHost = false
+	}()
+	c.Assert(s.d.Start(), check.IsNil)
+}
+
+func (s *DockerDaemonSuite) TestDaemonStartWithDefalutTlsHost(c *check.C) {
+	s.d.useDefaultTLSHost = true
+	defer func() {
+		s.d.useDefaultTLSHost = false
+	}()
+	if err := s.d.Start(
+		"--tlsverify",
+		"--tlscacert", "fixtures/https/ca.pem",
+		"--tlscert", "fixtures/https/server-cert.pem",
+		"--tlskey", "fixtures/https/server-key.pem"); err != nil {
+		c.Fatalf("Could not start daemon: %v", err)
+	}
+
+	// The client with --tlsverify should also use default host localhost:2376
+	tmpHost := os.Getenv("DOCKER_HOST")
+	defer func() {
+		os.Setenv("DOCKER_HOST", tmpHost)
+	}()
+
+	os.Setenv("DOCKER_HOST", "")
+
+	out, _ := dockerCmd(
+		c,
+		"--tlsverify",
+		"--tlscacert", "fixtures/https/ca.pem",
+		"--tlscert", "fixtures/https/client-cert.pem",
+		"--tlskey", "fixtures/https/client-key.pem",
+		"version",
+	)
+	if !strings.Contains(out, "Server") {
+		c.Fatalf("docker version should return information of server side")
+	}
+}
+
+func (s *DockerDaemonSuite) TestBridgeIPIsExcludedFromAllocatorPool(c *check.C) {
+	defaultNetworkBridge := "docker0"
+	deleteInterface(c, defaultNetworkBridge)
+
+	bridgeIP := "192.169.1.1"
+	bridgeRange := bridgeIP + "/30"
+
+	err := s.d.StartWithBusybox("--bip", bridgeRange)
+	c.Assert(err, check.IsNil)
+	defer s.d.Restart()
+
+	var cont int
+	for {
+		contName := fmt.Sprintf("container%d", cont)
+		_, err = s.d.Cmd("run", "--name", contName, "-d", "busybox", "/bin/sleep", "2")
+		if err != nil {
+			// pool exhausted
+			break
+		}
+		ip, err := s.d.Cmd("inspect", "--format", "'{{.NetworkSettings.IPAddress}}'", contName)
+		c.Assert(err, check.IsNil)
+
+		c.Assert(ip, check.Not(check.Equals), bridgeIP)
+		cont++
+	}
+}
+
+// Test daemon for no space left on device error
+func (s *DockerDaemonSuite) TestDaemonNoSpaceLeftOnDeviceError(c *check.C) {
+	testRequires(c, SameHostDaemon, DaemonIsLinux, Network)
+
+	testDir, err := ioutil.TempDir("", "no-space-left-on-device-test")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(testDir)
+	c.Assert(mount.MakeRShared(testDir), checker.IsNil)
+	defer mount.Unmount(testDir)
+	defer mount.Unmount(filepath.Join(testDir, "test-mount"))
+
+	// create a 2MiB image and mount it as graph root
+	// Why in a container? Because `mount` sometimes behaves weirdly and often fails outright on this test in debian:jessie (which is what the test suite runs under if run from the Makefile)
+	dockerCmd(c, "run", "--rm", "-v", testDir+":/test", "busybox", "sh", "-c", "dd of=/test/testfs.img bs=1M seek=2 count=0")
+	out, _, err := runCommandWithOutput(exec.Command("mkfs.ext4", "-F", filepath.Join(testDir, "testfs.img"))) // `mkfs.ext4` is not in busybox
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+	dockerCmd(c, "run", "--privileged", "--rm", "-v", testDir+":/test:shared", "busybox", "sh", "-c", "mkdir -p /test/test-mount && mount -t ext4 -no loop,rw /test/testfs.img /test/test-mount")
+
+	err = s.d.Start("--graph", filepath.Join(testDir, "test-mount"))
+	c.Assert(err, check.IsNil)
+
+	// pull a repository large enough to fill the mount point
+	out, err = s.d.Cmd("pull", "registry:2")
+	c.Assert(out, checker.Contains, "no space left on device")
+}
+
+// Test daemon restart with container links + auto restart
+func (s *DockerDaemonSuite) TestDaemonRestartContainerLinksRestart(c *check.C) {
+	d := NewDaemon(c)
+	defer d.Stop()
+	err := d.StartWithBusybox()
+	c.Assert(err, checker.IsNil)
+
+	parent1Args := []string{}
+	parent2Args := []string{}
+	wg := sync.WaitGroup{}
+	maxChildren := 10
+	chErr := make(chan error, maxChildren)
+
+	for i := 0; i < maxChildren; i++ {
+		wg.Add(1)
+		name := fmt.Sprintf("test%d", i)
+
+		if i < maxChildren/2 {
+			parent1Args = append(parent1Args, []string{"--link", name}...)
+		} else {
+			parent2Args = append(parent2Args, []string{"--link", name}...)
+		}
+
+		go func() {
+			_, err = d.Cmd("run", "-d", "--name", name, "--restart=always", "busybox", "top")
+			chErr <- err
+			wg.Done()
+		}()
+	}
+
+	wg.Wait()
+	close(chErr)
+	for err := range chErr {
+		c.Assert(err, check.IsNil)
+	}
+
+	parent1Args = append([]string{"run", "-d"}, parent1Args...)
+	parent1Args = append(parent1Args, []string{"--name=parent1", "--restart=always", "busybox", "top"}...)
+	parent2Args = append([]string{"run", "-d"}, parent2Args...)
+	parent2Args = append(parent2Args, []string{"--name=parent2", "--restart=always", "busybox", "top"}...)
+
+	_, err = d.Cmd(parent1Args[0], parent1Args[1:]...)
+	c.Assert(err, check.IsNil)
+	_, err = d.Cmd(parent2Args[0], parent2Args[1:]...)
+	c.Assert(err, check.IsNil)
+
+	err = d.Stop()
+	c.Assert(err, check.IsNil)
+	// clear the log file -- we don't need any of it but may for the next part
+	// can ignore the error here, this is just a cleanup
+	os.Truncate(d.LogFileName(), 0)
+	err = d.Start()
+	c.Assert(err, check.IsNil)
+
+	for _, num := range []string{"1", "2"} {
+		out, err := d.Cmd("inspect", "-f", "{{ .State.Running }}", "parent"+num)
+		c.Assert(err, check.IsNil)
+		if strings.TrimSpace(out) != "true" {
+			log, _ := ioutil.ReadFile(d.LogFileName())
+			c.Fatalf("parent container is not running\n%s", string(log))
+		}
+	}
+}
+
+func (s *DockerDaemonSuite) TestDaemonCgroupParent(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	cgroupParent := "test"
+	name := "cgroup-test"
+
+	err := s.d.StartWithBusybox("--cgroup-parent", cgroupParent)
+	c.Assert(err, check.IsNil)
+	defer s.d.Restart()
+
+	out, err := s.d.Cmd("run", "--name", name, "busybox", "cat", "/proc/self/cgroup")
+	c.Assert(err, checker.IsNil)
+	cgroupPaths := parseCgroupPaths(string(out))
+	c.Assert(len(cgroupPaths), checker.Not(checker.Equals), 0, check.Commentf("unexpected output - %q", string(out)))
+	out, err = s.d.Cmd("inspect", "-f", "{{.Id}}", name)
+	c.Assert(err, checker.IsNil)
+	id := strings.TrimSpace(string(out))
+	expectedCgroup := path.Join(cgroupParent, id)
+	found := false
+	for _, path := range cgroupPaths {
+		if strings.HasSuffix(path, expectedCgroup) {
+			found = true
+			break
+		}
+	}
+	c.Assert(found, checker.True, check.Commentf("Cgroup path for container (%s) doesn't found in cgroups file: %s", expectedCgroup, cgroupPaths))
+}
+
+func (s *DockerDaemonSuite) TestDaemonRestartWithLinks(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support links
+	err := s.d.StartWithBusybox()
+	c.Assert(err, check.IsNil)
+
+	out, err := s.d.Cmd("run", "-d", "--name=test", "busybox", "top")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	out, err = s.d.Cmd("run", "--name=test2", "--link", "test:abc", "busybox", "sh", "-c", "ping -c 1 -w 1 abc")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	c.Assert(s.d.Restart(), check.IsNil)
+
+	// should fail since test is not running yet
+	out, err = s.d.Cmd("start", "test2")
+	c.Assert(err, check.NotNil, check.Commentf(out))
+
+	out, err = s.d.Cmd("start", "test")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	out, err = s.d.Cmd("start", "-a", "test2")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(strings.Contains(out, "1 packets transmitted, 1 packets received"), check.Equals, true, check.Commentf(out))
+}
+
+func (s *DockerDaemonSuite) TestDaemonRestartWithNames(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support links
+	err := s.d.StartWithBusybox()
+	c.Assert(err, check.IsNil)
+
+	out, err := s.d.Cmd("create", "--name=test", "busybox")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	out, err = s.d.Cmd("run", "-d", "--name=test2", "busybox", "top")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	test2ID := strings.TrimSpace(out)
+
+	out, err = s.d.Cmd("run", "-d", "--name=test3", "--link", "test2:abc", "busybox", "top")
+	test3ID := strings.TrimSpace(out)
+
+	c.Assert(s.d.Restart(), check.IsNil)
+
+	out, err = s.d.Cmd("create", "--name=test", "busybox")
+	c.Assert(err, check.NotNil, check.Commentf("expected error trying to create container with duplicate name"))
+	// this one is no longer needed, removing simplifies the remainder of the test
+	out, err = s.d.Cmd("rm", "-f", "test")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	out, err = s.d.Cmd("ps", "-a", "--no-trunc")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	lines := strings.Split(strings.TrimSpace(out), "\n")[1:]
+
+	test2validated := false
+	test3validated := false
+	for _, line := range lines {
+		fields := strings.Fields(line)
+		names := fields[len(fields)-1]
+		switch fields[0] {
+		case test2ID:
+			c.Assert(names, check.Equals, "test2,test3/abc")
+			test2validated = true
+		case test3ID:
+			c.Assert(names, check.Equals, "test3")
+			test3validated = true
+		}
+	}
+
+	c.Assert(test2validated, check.Equals, true)
+	c.Assert(test3validated, check.Equals, true)
+}
+
+// TestRunLinksChanged checks that creating a new container with the same name does not update links
+// this ensures that the old, pre gh#16032 functionality continues on
+func (s *DockerDaemonSuite) TestRunLinksChanged(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support links
+	err := s.d.StartWithBusybox()
+	c.Assert(err, check.IsNil)
+
+	out, err := s.d.Cmd("run", "-d", "--name=test", "busybox", "top")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	out, err = s.d.Cmd("run", "--name=test2", "--link=test:abc", "busybox", "sh", "-c", "ping -c 1 abc")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, "1 packets transmitted, 1 packets received")
+
+	out, err = s.d.Cmd("rm", "-f", "test")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	out, err = s.d.Cmd("run", "-d", "--name=test", "busybox", "top")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	out, err = s.d.Cmd("start", "-a", "test2")
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	c.Assert(out, check.Not(checker.Contains), "1 packets transmitted, 1 packets received")
+
+	err = s.d.Restart()
+	c.Assert(err, check.IsNil)
+	out, err = s.d.Cmd("start", "-a", "test2")
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	c.Assert(out, check.Not(checker.Contains), "1 packets transmitted, 1 packets received")
+}
+
+func (s *DockerDaemonSuite) TestDaemonStartWithoutColors(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotPpc64le)
+	newD := NewDaemon(c)
+
+	infoLog := "\x1b[34mINFO\x1b"
+
+	p, tty, err := pty.Open()
+	c.Assert(err, checker.IsNil)
+	defer func() {
+		tty.Close()
+		p.Close()
+	}()
+
+	b := bytes.NewBuffer(nil)
+	go io.Copy(b, p)
+
+	// Enable coloring explicitly
+	newD.StartWithLogFile(tty, "--raw-logs=false")
+	newD.Stop()
+	c.Assert(b.String(), checker.Contains, infoLog)
+
+	b.Reset()
+
+	// Disable coloring explicitly
+	newD.StartWithLogFile(tty, "--raw-logs=true")
+	newD.Stop()
+	c.Assert(b.String(), check.Not(checker.Contains), infoLog)
+}
+
+func (s *DockerDaemonSuite) TestDaemonDebugLog(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotPpc64le)
+	newD := NewDaemon(c)
+
+	debugLog := "\x1b[37mDEBU\x1b"
+
+	p, tty, err := pty.Open()
+	c.Assert(err, checker.IsNil)
+	defer func() {
+		tty.Close()
+		p.Close()
+	}()
+
+	b := bytes.NewBuffer(nil)
+	go io.Copy(b, p)
+
+	newD.StartWithLogFile(tty, "--debug")
+	newD.Stop()
+	c.Assert(b.String(), checker.Contains, debugLog)
+}
+
+func (s *DockerSuite) TestDaemonDiscoveryBackendConfigReload(c *check.C) {
+	testRequires(c, SameHostDaemon, DaemonIsLinux)
+
+	// daemon config file
+	daemonConfig := `{ "debug" : false }`
+	configFilePath := "test.json"
+
+	configFile, err := os.Create(configFilePath)
+	c.Assert(err, checker.IsNil)
+	fmt.Fprintf(configFile, "%s", daemonConfig)
+
+	d := NewDaemon(c)
+	err = d.Start(fmt.Sprintf("--config-file=%s", configFilePath))
+	c.Assert(err, checker.IsNil)
+	defer d.Stop()
+
+	// daemon config file
+	daemonConfig = `{
+	      "cluster-store": "consul://consuladdr:consulport/some/path",
+	      "cluster-advertise": "192.168.56.100:0",
+	      "debug" : false
+	}`
+
+	configFile.Close()
+	os.Remove(configFilePath)
+
+	configFile, err = os.Create(configFilePath)
+	c.Assert(err, checker.IsNil)
+	defer os.Remove(configFilePath)
+	fmt.Fprintf(configFile, "%s", daemonConfig)
+	configFile.Close()
+
+	syscall.Kill(d.cmd.Process.Pid, syscall.SIGHUP)
+
+	time.Sleep(3 * time.Second)
+
+	out, err := d.Cmd("info")
+	c.Assert(err, checker.IsNil)
+	c.Assert(out, checker.Contains, fmt.Sprintf("Cluster store: consul://consuladdr:consulport/some/path"))
+	c.Assert(out, checker.Contains, fmt.Sprintf("Cluster advertise: 192.168.56.100:0"))
+}
diff --git a/integration-cli/docker_cli_diff_test.go b/integration-cli/docker_cli_diff_test.go
new file mode 100644
index 00000000..e0d0914f
--- /dev/null
+++ b/integration-cli/docker_cli_diff_test.go
@@ -0,0 +1,87 @@
+package main
+
+import (
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+// ensure that an added file shows up in docker diff
+func (s *DockerSuite) TestDiffFilenameShownInOutput(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerCmd := `echo foo > /root/bar`
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", containerCmd)
+
+	cleanCID := strings.TrimSpace(out)
+	out, _ = dockerCmd(c, "diff", cleanCID)
+
+	found := false
+	for _, line := range strings.Split(out, "\n") {
+		if strings.Contains("A /root/bar", line) {
+			found = true
+			break
+		}
+	}
+	c.Assert(found, checker.True)
+}
+
+// test to ensure GH #3840 doesn't occur any more
+func (s *DockerSuite) TestDiffEnsureInitLayerFilesAreIgnored(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	// this is a list of files which shouldn't show up in `docker diff`
+	initLayerFiles := []string{"/etc/resolv.conf", "/etc/hostname", "/etc/hosts", "/.dockerenv"}
+	containerCount := 5
+
+	// we might not run into this problem from the first run, so start a few containers
+	for i := 0; i < containerCount; i++ {
+		containerCmd := `echo foo > /root/bar`
+		out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", containerCmd)
+
+		cleanCID := strings.TrimSpace(out)
+		out, _ = dockerCmd(c, "diff", cleanCID)
+
+		for _, filename := range initLayerFiles {
+			c.Assert(out, checker.Not(checker.Contains), filename)
+		}
+	}
+}
+
+func (s *DockerSuite) TestDiffEnsureOnlyKmsgAndPtmx(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "sleep", "0")
+
+	cleanCID := strings.TrimSpace(out)
+	out, _ = dockerCmd(c, "diff", cleanCID)
+
+	expected := map[string]bool{
+		"C /dev":         true,
+		"A /dev/full":    true, // busybox
+		"C /dev/ptmx":    true, // libcontainer
+		"A /dev/mqueue":  true,
+		"A /dev/kmsg":    true,
+		"A /dev/fd":      true,
+		"A /dev/fuse":    true,
+		"A /dev/ptmx":    true,
+		"A /dev/null":    true,
+		"A /dev/random":  true,
+		"A /dev/stdout":  true,
+		"A /dev/stderr":  true,
+		"A /dev/tty1":    true,
+		"A /dev/stdin":   true,
+		"A /dev/tty":     true,
+		"A /dev/urandom": true,
+		"A /dev/zero":    true,
+	}
+
+	for _, line := range strings.Split(out, "\n") {
+		c.Assert(line == "" || expected[line], checker.True)
+	}
+}
+
+// https://github.com/docker/docker/pull/14381#discussion_r33859347
+func (s *DockerSuite) TestDiffEmptyArgClientError(c *check.C) {
+	out, _, err := dockerCmdWithError("diff", "")
+	c.Assert(err, checker.NotNil)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "Container name cannot be empty")
+}
diff --git a/integration-cli/docker_cli_events_test.go b/integration-cli/docker_cli_events_test.go
new file mode 100644
index 00000000..f17b711c
--- /dev/null
+++ b/integration-cli/docker_cli_events_test.go
@@ -0,0 +1,647 @@
+package main
+
+import (
+	"bufio"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"os"
+	"os/exec"
+	"strconv"
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/docker/docker/daemon/events/testutils"
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestEventsTimestampFormats(c *check.C) {
+	image := "busybox"
+
+	// Start stopwatch, generate an event
+	time.Sleep(1 * time.Second) // so that we don't grab events from previous test occurred in the same second
+	start := daemonTime(c)
+	dockerCmd(c, "tag", image, "timestamptest:1")
+	dockerCmd(c, "rmi", "timestamptest:1")
+	time.Sleep(1 * time.Second) // so that until > since
+	end := daemonTime(c)
+
+	// List of available time formats to --since
+	unixTs := func(t time.Time) string { return fmt.Sprintf("%v", t.Unix()) }
+	rfc3339 := func(t time.Time) string { return t.Format(time.RFC3339) }
+	duration := func(t time.Time) string { return time.Now().Sub(t).String() }
+
+	// --since=$start must contain only the 'untag' event
+	for _, f := range []func(time.Time) string{unixTs, rfc3339, duration} {
+		since, until := f(start), f(end)
+		out, _ := dockerCmd(c, "events", "--since="+since, "--until="+until)
+		events := strings.Split(strings.TrimSpace(out), "\n")
+		c.Assert(events, checker.HasLen, 2, check.Commentf("unexpected events, was expecting only 2 events tag/untag (since=%s, until=%s) out=%s", since, until, out))
+		c.Assert(out, checker.Contains, "untag", check.Commentf("expected 'untag' event not found (since=%s, until=%s)", since, until))
+	}
+
+}
+
+func (s *DockerSuite) TestEventsUntag(c *check.C) {
+	image := "busybox"
+	dockerCmd(c, "tag", image, "utest:tag1")
+	dockerCmd(c, "tag", image, "utest:tag2")
+	dockerCmd(c, "rmi", "utest:tag1")
+	dockerCmd(c, "rmi", "utest:tag2")
+	eventsCmd := exec.Command(dockerBinary, "events", "--since=1")
+	out, exitCode, _, err := runCommandWithOutputForDuration(eventsCmd, time.Duration(time.Millisecond*2500))
+	c.Assert(err, checker.IsNil)
+	c.Assert(exitCode, checker.Equals, 0, check.Commentf("Failed to get events"))
+	events := strings.Split(out, "\n")
+	nEvents := len(events)
+	// The last element after the split above will be an empty string, so we
+	// get the two elements before the last, which are the untags we're
+	// looking for.
+	for _, v := range events[nEvents-3 : nEvents-1] {
+		c.Assert(v, checker.Contains, "untag", check.Commentf("event should be untag"))
+	}
+}
+
+func (s *DockerSuite) TestEventsContainerFailStartDie(c *check.C) {
+	_, _, err := dockerCmdWithError("run", "--name", "testeventdie", "busybox", "blerg")
+	c.Assert(err, checker.NotNil, check.Commentf("Container run with command blerg should have failed, but it did not"))
+
+	out, _ := dockerCmd(c, "events", "--since=0", fmt.Sprintf("--until=%d", daemonTime(c).Unix()))
+	events := strings.Split(strings.TrimSpace(out), "\n")
+
+	nEvents := len(events)
+	c.Assert(nEvents, checker.GreaterOrEqualThan, 1) //Missing expected event
+
+	actions := eventActionsByIDAndType(c, events, "testeventdie", "container")
+
+	var startEvent bool
+	var dieEvent bool
+	for _, a := range actions {
+		switch a {
+		case "start":
+			startEvent = true
+		case "die":
+			dieEvent = true
+		}
+	}
+	c.Assert(startEvent, checker.True, check.Commentf("Start event not found: %v\n%v", actions, events))
+	c.Assert(dieEvent, checker.True, check.Commentf("Die event not found: %v\n%v", actions, events))
+}
+
+func (s *DockerSuite) TestEventsLimit(c *check.C) {
+	// TODO Windows CI: This test is not reliable enough on Windows TP4. Reports
+	// multiple errors in the analytic log sometimes.
+	// [NetSetupHelper::InstallVirtualMiniport()@2153] NetSetup install of ROOT\VMS_MP\0001 failed with error 0x80070002
+	// This should be able to be enabled on TP5.
+	testRequires(c, DaemonIsLinux)
+	var waitGroup sync.WaitGroup
+	errChan := make(chan error, 17)
+
+	args := []string{"run", "--rm", "busybox", "true"}
+	for i := 0; i < 17; i++ {
+		waitGroup.Add(1)
+		go func() {
+			defer waitGroup.Done()
+			errChan <- exec.Command(dockerBinary, args...).Run()
+		}()
+	}
+
+	waitGroup.Wait()
+	close(errChan)
+
+	for err := range errChan {
+		c.Assert(err, checker.IsNil, check.Commentf("%q failed with error", strings.Join(args, " ")))
+	}
+
+	out, _ := dockerCmd(c, "events", "--since=0", fmt.Sprintf("--until=%d", daemonTime(c).Unix()))
+	events := strings.Split(out, "\n")
+	nEvents := len(events) - 1
+	c.Assert(nEvents, checker.Equals, 64, check.Commentf("events should be limited to 64, but received %d", nEvents))
+}
+
+func (s *DockerSuite) TestEventsContainerEvents(c *check.C) {
+	containerID, _ := dockerCmd(c, "run", "--rm", "--name", "container-events-test", "busybox", "true")
+	containerID = strings.TrimSpace(containerID)
+
+	out, _ := dockerCmd(c, "events", "--since=0", fmt.Sprintf("--until=%d", daemonTime(c).Unix()))
+	events := strings.Split(out, "\n")
+	events = events[:len(events)-1]
+
+	nEvents := len(events)
+	c.Assert(nEvents, checker.GreaterOrEqualThan, 5) //Missing expected event
+	containerEvents := eventActionsByIDAndType(c, events, "container-events-test", "container")
+	c.Assert(containerEvents, checker.HasLen, 5, check.Commentf("events: %v", events))
+
+	c.Assert(containerEvents[0], checker.Equals, "create", check.Commentf(out))
+	c.Assert(containerEvents[1], checker.Equals, "attach", check.Commentf(out))
+	c.Assert(containerEvents[2], checker.Equals, "start", check.Commentf(out))
+	c.Assert(containerEvents[3], checker.Equals, "die", check.Commentf(out))
+	c.Assert(containerEvents[4], checker.Equals, "destroy", check.Commentf(out))
+}
+
+func (s *DockerSuite) TestEventsContainerEventsAttrSort(c *check.C) {
+	since := daemonTime(c).Unix()
+	containerID, _ := dockerCmd(c, "run", "-d", "--name", "container-events-test", "busybox", "true")
+	containerID = strings.TrimSpace(containerID)
+
+	out, _ := dockerCmd(c, "events", fmt.Sprintf("--since=%d", since), fmt.Sprintf("--until=%d", daemonTime(c).Unix()))
+	events := strings.Split(out, "\n")
+
+	nEvents := len(events)
+	c.Assert(nEvents, checker.GreaterOrEqualThan, 3) //Missing expected event
+	matchedEvents := 0
+	for _, event := range events {
+		matches := eventstestutils.ScanMap(event)
+		if matches["id"] != containerID {
+			continue
+		}
+		if matches["eventType"] == "container" && matches["action"] == "create" {
+			matchedEvents++
+			c.Assert(out, checker.Contains, "(image=busybox, name=container-events-test)", check.Commentf("Event attributes not sorted"))
+		} else if matches["eventType"] == "container" && matches["action"] == "start" {
+			matchedEvents++
+			c.Assert(out, checker.Contains, "(image=busybox, name=container-events-test)", check.Commentf("Event attributes not sorted"))
+		}
+	}
+	c.Assert(matchedEvents, checker.Equals, 2)
+}
+
+func (s *DockerSuite) TestEventsContainerEventsSinceUnixEpoch(c *check.C) {
+	dockerCmd(c, "run", "--rm", "--name", "since-epoch-test", "busybox", "true")
+	timeBeginning := time.Unix(0, 0).Format(time.RFC3339Nano)
+	timeBeginning = strings.Replace(timeBeginning, "Z", ".000000000Z", -1)
+	out, _ := dockerCmd(c, "events", fmt.Sprintf("--since='%s'", timeBeginning), fmt.Sprintf("--until=%d", daemonTime(c).Unix()))
+	events := strings.Split(out, "\n")
+	events = events[:len(events)-1]
+
+	nEvents := len(events)
+	c.Assert(nEvents, checker.GreaterOrEqualThan, 5) //Missing expected event
+	containerEvents := eventActionsByIDAndType(c, events, "since-epoch-test", "container")
+	c.Assert(containerEvents, checker.HasLen, 5, check.Commentf("events: %v", events))
+
+	c.Assert(containerEvents[0], checker.Equals, "create", check.Commentf(out))
+	c.Assert(containerEvents[1], checker.Equals, "attach", check.Commentf(out))
+	c.Assert(containerEvents[2], checker.Equals, "start", check.Commentf(out))
+	c.Assert(containerEvents[3], checker.Equals, "die", check.Commentf(out))
+	c.Assert(containerEvents[4], checker.Equals, "destroy", check.Commentf(out))
+}
+
+func (s *DockerSuite) TestEventsImageTag(c *check.C) {
+	time.Sleep(1 * time.Second) // because API has seconds granularity
+	since := daemonTime(c).Unix()
+	image := "testimageevents:tag"
+	dockerCmd(c, "tag", "busybox", image)
+
+	out, _ := dockerCmd(c, "events",
+		fmt.Sprintf("--since=%d", since),
+		fmt.Sprintf("--until=%d", daemonTime(c).Unix()))
+
+	events := strings.Split(strings.TrimSpace(out), "\n")
+	c.Assert(events, checker.HasLen, 1, check.Commentf("was expecting 1 event. out=%s", out))
+	event := strings.TrimSpace(events[0])
+
+	matches := eventstestutils.ScanMap(event)
+	c.Assert(matchEventID(matches, image), checker.True, check.Commentf("matches: %v\nout:\n%s", matches, out))
+	c.Assert(matches["action"], checker.Equals, "tag")
+}
+
+func (s *DockerSuite) TestEventsImagePull(c *check.C) {
+	// TODO Windows: Enable this test once pull and reliable image names are available
+	testRequires(c, DaemonIsLinux)
+	since := daemonTime(c).Unix()
+	testRequires(c, Network)
+
+	dockerCmd(c, "pull", "hello-world")
+
+	out, _ := dockerCmd(c, "events",
+		fmt.Sprintf("--since=%d", since),
+		fmt.Sprintf("--until=%d", daemonTime(c).Unix()))
+
+	events := strings.Split(strings.TrimSpace(out), "\n")
+	event := strings.TrimSpace(events[len(events)-1])
+	matches := eventstestutils.ScanMap(event)
+	c.Assert(matches["id"], checker.Equals, "hello-world:latest")
+	c.Assert(matches["action"], checker.Equals, "pull")
+
+}
+
+func (s *DockerSuite) TestEventsImageImport(c *check.C) {
+	// TODO Windows CI. This should be portable once export/import are
+	// more reliable (@swernli)
+	testRequires(c, DaemonIsLinux)
+
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "true")
+	cleanedContainerID := strings.TrimSpace(out)
+
+	since := daemonTime(c).Unix()
+	out, _, err := runCommandPipelineWithOutput(
+		exec.Command(dockerBinary, "export", cleanedContainerID),
+		exec.Command(dockerBinary, "import", "-"),
+	)
+	c.Assert(err, checker.IsNil, check.Commentf("import failed with output: %q", out))
+	imageRef := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "events", fmt.Sprintf("--since=%d", since), fmt.Sprintf("--until=%d", daemonTime(c).Unix()), "--filter", "event=import")
+	events := strings.Split(strings.TrimSpace(out), "\n")
+	c.Assert(events, checker.HasLen, 1)
+	matches := eventstestutils.ScanMap(events[0])
+	c.Assert(matches["id"], checker.Equals, imageRef, check.Commentf("matches: %v\nout:\n%s\n", matches, out))
+	c.Assert(matches["action"], checker.Equals, "import", check.Commentf("matches: %v\nout:\n%s\n", matches, out))
+}
+
+func (s *DockerSuite) TestEventsFilters(c *check.C) {
+	since := daemonTime(c).Unix()
+	dockerCmd(c, "run", "--rm", "busybox", "true")
+	dockerCmd(c, "run", "--rm", "busybox", "true")
+	out, _ := dockerCmd(c, "events", fmt.Sprintf("--since=%d", since), fmt.Sprintf("--until=%d", daemonTime(c).Unix()), "--filter", "event=die")
+	parseEvents(c, out, "die")
+
+	out, _ = dockerCmd(c, "events", fmt.Sprintf("--since=%d", since), fmt.Sprintf("--until=%d", daemonTime(c).Unix()), "--filter", "event=die", "--filter", "event=start")
+	parseEvents(c, out, "die|start")
+
+	// make sure we at least got 2 start events
+	count := strings.Count(out, "start")
+	c.Assert(strings.Count(out, "start"), checker.GreaterOrEqualThan, 2, check.Commentf("should have had 2 start events but had %d, out: %s", count, out))
+
+}
+
+func (s *DockerSuite) TestEventsFilterImageName(c *check.C) {
+	since := daemonTime(c).Unix()
+
+	out, _ := dockerCmd(c, "run", "--name", "container_1", "-d", "busybox:latest", "true")
+	container1 := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "run", "--name", "container_2", "-d", "busybox", "true")
+	container2 := strings.TrimSpace(out)
+
+	name := "busybox"
+	out, _ = dockerCmd(c, "events", fmt.Sprintf("--since=%d", since), fmt.Sprintf("--until=%d", daemonTime(c).Unix()), "--filter", fmt.Sprintf("image=%s", name))
+	events := strings.Split(out, "\n")
+	events = events[:len(events)-1]
+	c.Assert(events, checker.Not(checker.HasLen), 0) //Expected events but found none for the image busybox:latest
+	count1 := 0
+	count2 := 0
+
+	for _, e := range events {
+		if strings.Contains(e, container1) {
+			count1++
+		} else if strings.Contains(e, container2) {
+			count2++
+		}
+	}
+	c.Assert(count1, checker.Not(checker.Equals), 0, check.Commentf("Expected event from container but got %d from %s", count1, container1))
+	c.Assert(count2, checker.Not(checker.Equals), 0, check.Commentf("Expected event from container but got %d from %s", count2, container2))
+
+}
+
+func (s *DockerSuite) TestEventsFilterLabels(c *check.C) {
+	since := daemonTime(c).Unix()
+	label := "io.docker.testing=foo"
+
+	out, _ := dockerCmd(c, "run", "-d", "-l", label, "busybox:latest", "true")
+	container1 := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "run", "-d", "busybox", "true")
+	container2 := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(
+		c,
+		"events",
+		fmt.Sprintf("--since=%d", since),
+		fmt.Sprintf("--until=%d", daemonTime(c).Unix()),
+		"--filter", fmt.Sprintf("label=%s", label))
+
+	events := strings.Split(strings.TrimSpace(out), "\n")
+	c.Assert(len(events), checker.Equals, 3)
+
+	for _, e := range events {
+		c.Assert(e, checker.Contains, container1)
+		c.Assert(e, checker.Not(checker.Contains), container2)
+	}
+}
+
+func (s *DockerSuite) TestEventsFilterImageLabels(c *check.C) {
+	since := daemonTime(c).Unix()
+	name := "labelfiltertest"
+	label := "io.docker.testing=image"
+
+	// Build a test image.
+	_, err := buildImage(name, fmt.Sprintf(`
+		FROM busybox:latest
+		LABEL %s`, label), true)
+	c.Assert(err, checker.IsNil, check.Commentf("Couldn't create image"))
+
+	dockerCmd(c, "tag", name, "labelfiltertest:tag1")
+	dockerCmd(c, "tag", name, "labelfiltertest:tag2")
+	dockerCmd(c, "tag", "busybox:latest", "labelfiltertest:tag3")
+
+	out, _ := dockerCmd(
+		c,
+		"events",
+		fmt.Sprintf("--since=%d", since),
+		fmt.Sprintf("--until=%d", daemonTime(c).Unix()),
+		"--filter", fmt.Sprintf("label=%s", label),
+		"--filter", "type=image")
+
+	events := strings.Split(strings.TrimSpace(out), "\n")
+
+	// 2 events from the "docker tag" command, another one is from "docker build"
+	c.Assert(events, checker.HasLen, 3, check.Commentf("Events == %s", events))
+	for _, e := range events {
+		c.Assert(e, checker.Contains, "labelfiltertest")
+	}
+}
+
+func (s *DockerSuite) TestEventsFilterContainer(c *check.C) {
+	since := fmt.Sprintf("%d", daemonTime(c).Unix())
+	nameID := make(map[string]string)
+
+	for _, name := range []string{"container_1", "container_2"} {
+		dockerCmd(c, "run", "--name", name, "busybox", "true")
+		id := inspectField(c, name, "Id")
+		nameID[name] = id
+	}
+
+	until := fmt.Sprintf("%d", daemonTime(c).Unix())
+
+	checkEvents := func(id string, events []string) error {
+		if len(events) != 4 { // create, attach, start, die
+			return fmt.Errorf("expected 4 events, got %v", events)
+		}
+		for _, event := range events {
+			matches := eventstestutils.ScanMap(event)
+			if !matchEventID(matches, id) {
+				return fmt.Errorf("expected event for container id %s: %s - parsed container id: %s", id, event, matches["id"])
+			}
+		}
+		return nil
+	}
+
+	for name, ID := range nameID {
+		// filter by names
+		out, _ := dockerCmd(c, "events", "--since", since, "--until", until, "--filter", "container="+name)
+		events := strings.Split(strings.TrimSuffix(out, "\n"), "\n")
+		c.Assert(checkEvents(ID, events), checker.IsNil)
+
+		// filter by ID's
+		out, _ = dockerCmd(c, "events", "--since", since, "--until", until, "--filter", "container="+ID)
+		events = strings.Split(strings.TrimSuffix(out, "\n"), "\n")
+		c.Assert(checkEvents(ID, events), checker.IsNil)
+	}
+}
+
+func (s *DockerSuite) TestEventsCommit(c *check.C) {
+	// Problematic on Windows as cannot commit a running container
+	testRequires(c, DaemonIsLinux)
+	since := daemonTime(c).Unix()
+
+	out, _ := runSleepingContainer(c, "-d")
+	cID := strings.TrimSpace(out)
+	c.Assert(waitRun(cID), checker.IsNil)
+
+	dockerCmd(c, "commit", "-m", "test", cID)
+	dockerCmd(c, "stop", cID)
+
+	out, _ = dockerCmd(c, "events", "--since=0", "-f", "container="+cID, "--until="+strconv.Itoa(int(since)))
+	c.Assert(out, checker.Contains, "commit", check.Commentf("Missing 'commit' log event"))
+}
+
+func (s *DockerSuite) TestEventsCopy(c *check.C) {
+	since := daemonTime(c).Unix()
+
+	// Build a test image.
+	id, err := buildImage("cpimg", `
+		  FROM busybox
+		  RUN echo HI > /file`, true)
+	c.Assert(err, checker.IsNil, check.Commentf("Couldn't create image"))
+
+	// Create an empty test file.
+	tempFile, err := ioutil.TempFile("", "test-events-copy-")
+	c.Assert(err, checker.IsNil)
+	defer os.Remove(tempFile.Name())
+
+	c.Assert(tempFile.Close(), checker.IsNil)
+
+	dockerCmd(c, "create", "--name=cptest", id)
+
+	dockerCmd(c, "cp", "cptest:/file", tempFile.Name())
+
+	out, _ := dockerCmd(c, "events", "--since=0", "-f", "container=cptest", "--until="+strconv.Itoa(int(since)))
+	c.Assert(out, checker.Contains, "archive-path", check.Commentf("Missing 'archive-path' log event\n"))
+
+	dockerCmd(c, "cp", tempFile.Name(), "cptest:/filecopy")
+
+	out, _ = dockerCmd(c, "events", "--since=0", "-f", "container=cptest", "--until="+strconv.Itoa(int(since)))
+	c.Assert(out, checker.Contains, "extract-to-dir", check.Commentf("Missing 'extract-to-dir' log event"))
+}
+
+func (s *DockerSuite) TestEventsResize(c *check.C) {
+	since := daemonTime(c).Unix()
+
+	out, _ := runSleepingContainer(c, "-d")
+	cID := strings.TrimSpace(out)
+	c.Assert(waitRun(cID), checker.IsNil)
+
+	endpoint := "/containers/" + cID + "/resize?h=80&w=24"
+	status, _, err := sockRequest("POST", endpoint, nil)
+	c.Assert(status, checker.Equals, http.StatusOK)
+	c.Assert(err, checker.IsNil)
+
+	dockerCmd(c, "stop", cID)
+
+	out, _ = dockerCmd(c, "events", "--since=0", "-f", "container="+cID, "--until="+strconv.Itoa(int(since)))
+	c.Assert(out, checker.Contains, "resize", check.Commentf("Missing 'resize' log event"))
+}
+
+func (s *DockerSuite) TestEventsAttach(c *check.C) {
+	// TODO Windows CI: Figure out why this test fails intermittently (TP4 and TP5).
+	testRequires(c, DaemonIsLinux)
+	since := daemonTime(c).Unix()
+
+	out, _ := dockerCmd(c, "run", "-di", "busybox", "cat")
+	cID := strings.TrimSpace(out)
+
+	cmd := exec.Command(dockerBinary, "attach", cID)
+	stdin, err := cmd.StdinPipe()
+	c.Assert(err, checker.IsNil)
+	defer stdin.Close()
+	stdout, err := cmd.StdoutPipe()
+	c.Assert(err, checker.IsNil)
+	defer stdout.Close()
+	c.Assert(cmd.Start(), checker.IsNil)
+	defer cmd.Process.Kill()
+
+	// Make sure we're done attaching by writing/reading some stuff
+	_, err = stdin.Write([]byte("hello\n"))
+	c.Assert(err, checker.IsNil)
+	out, err = bufio.NewReader(stdout).ReadString('\n')
+	c.Assert(err, checker.IsNil)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "hello", check.Commentf("expected 'hello'"))
+
+	c.Assert(stdin.Close(), checker.IsNil)
+
+	dockerCmd(c, "kill", cID)
+
+	out, _ = dockerCmd(c, "events", "--since=0", "-f", "container="+cID, "--until="+strconv.Itoa(int(since)))
+	c.Assert(out, checker.Contains, "attach", check.Commentf("Missing 'attach' log event"))
+}
+
+func (s *DockerSuite) TestEventsRename(c *check.C) {
+	since := daemonTime(c).Unix()
+
+	dockerCmd(c, "run", "--name", "oldName", "busybox", "true")
+	dockerCmd(c, "rename", "oldName", "newName")
+
+	out, _ := dockerCmd(c, "events", "--since=0", "-f", "container=newName", "--until="+strconv.Itoa(int(since)))
+	c.Assert(out, checker.Contains, "rename", check.Commentf("Missing 'rename' log event\n"))
+}
+
+func (s *DockerSuite) TestEventsTop(c *check.C) {
+	// Problematic on Windows as Windows does not support top
+	testRequires(c, DaemonIsLinux)
+	since := daemonTime(c).Unix()
+
+	out, _ := runSleepingContainer(c, "-d")
+	cID := strings.TrimSpace(out)
+	c.Assert(waitRun(cID), checker.IsNil)
+
+	dockerCmd(c, "top", cID)
+	dockerCmd(c, "stop", cID)
+
+	out, _ = dockerCmd(c, "events", "--since=0", "-f", "container="+cID, "--until="+strconv.Itoa(int(since)))
+	c.Assert(out, checker.Contains, " top", check.Commentf("Missing 'top' log event"))
+}
+
+// #13753
+func (s *DockerSuite) TestEventsDefaultEmpty(c *check.C) {
+	dockerCmd(c, "run", "busybox")
+	out, _ := dockerCmd(c, "events", fmt.Sprintf("--until=%d", daemonTime(c).Unix()))
+	c.Assert(strings.TrimSpace(out), checker.Equals, "")
+}
+
+// #14316
+func (s *DockerRegistrySuite) TestEventsImageFilterPush(c *check.C) {
+	// Problematic to port for Windows CI during TP4/TP5 timeframe while
+	// not supporting push
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, Network)
+	since := daemonTime(c).Unix()
+	repoName := fmt.Sprintf("%v/dockercli/testf", privateRegistryURL)
+
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "top")
+	cID := strings.TrimSpace(out)
+	c.Assert(waitRun(cID), checker.IsNil)
+
+	dockerCmd(c, "commit", cID, repoName)
+	dockerCmd(c, "stop", cID)
+	dockerCmd(c, "push", repoName)
+
+	out, _ = dockerCmd(c, "events", "--since=0", "-f", "image="+repoName, "-f", "event=push", "--until="+strconv.Itoa(int(since)))
+	c.Assert(out, checker.Contains, repoName, check.Commentf("Missing 'push' log event for %s", repoName))
+}
+
+func (s *DockerSuite) TestEventsFilterType(c *check.C) {
+	since := daemonTime(c).Unix()
+	name := "labelfiltertest"
+	label := "io.docker.testing=image"
+
+	// Build a test image.
+	_, err := buildImage(name, fmt.Sprintf(`
+		FROM busybox:latest
+		LABEL %s`, label), true)
+	c.Assert(err, checker.IsNil, check.Commentf("Couldn't create image"))
+
+	dockerCmd(c, "tag", name, "labelfiltertest:tag1")
+	dockerCmd(c, "tag", name, "labelfiltertest:tag2")
+	dockerCmd(c, "tag", "busybox:latest", "labelfiltertest:tag3")
+
+	out, _ := dockerCmd(
+		c,
+		"events",
+		fmt.Sprintf("--since=%d", since),
+		fmt.Sprintf("--until=%d", daemonTime(c).Unix()),
+		"--filter", fmt.Sprintf("label=%s", label),
+		"--filter", "type=image")
+
+	events := strings.Split(strings.TrimSpace(out), "\n")
+
+	// 2 events from the "docker tag" command, another one is from "docker build"
+	c.Assert(events, checker.HasLen, 3, check.Commentf("Events == %s", events))
+	for _, e := range events {
+		c.Assert(e, checker.Contains, "labelfiltertest")
+	}
+
+	out, _ = dockerCmd(
+		c,
+		"events",
+		fmt.Sprintf("--since=%d", since),
+		fmt.Sprintf("--until=%d", daemonTime(c).Unix()),
+		"--filter", fmt.Sprintf("label=%s", label),
+		"--filter", "type=container")
+	events = strings.Split(strings.TrimSpace(out), "\n")
+
+	// Events generated by the container that builds the image
+	c.Assert(events, checker.HasLen, 3, check.Commentf("Events == %s", events))
+
+	out, _ = dockerCmd(
+		c,
+		"events",
+		fmt.Sprintf("--since=%d", since),
+		fmt.Sprintf("--until=%d", daemonTime(c).Unix()),
+		"--filter", "type=network")
+	events = strings.Split(strings.TrimSpace(out), "\n")
+	c.Assert(len(events), checker.GreaterOrEqualThan, 1, check.Commentf("Events == %s", events))
+}
+
+func (s *DockerSuite) TestEventsFilterImageInContainerAction(c *check.C) {
+	since := daemonTime(c).Unix()
+	dockerCmd(c, "run", "--name", "test-container", "-d", "busybox", "true")
+	waitRun("test-container")
+
+	out, _ := dockerCmd(c, "events", "--filter", "image=busybox", fmt.Sprintf("--since=%d", since), fmt.Sprintf("--until=%d", daemonTime(c).Unix()))
+	events := strings.Split(strings.TrimSpace(out), "\n")
+	c.Assert(len(events), checker.GreaterThan, 1, check.Commentf(out))
+}
+
+func (s *DockerSuite) TestEventsContainerRestart(c *check.C) {
+	dockerCmd(c, "run", "-d", "--name=testEvent", "--restart=on-failure:3", "busybox", "false")
+
+	// wait until test2 is auto removed.
+	waitTime := 10 * time.Second
+	if daemonPlatform == "windows" {
+		// nslookup isn't present in Windows busybox. Is built-in.
+		waitTime = 90 * time.Second
+	}
+
+	err := waitInspect("testEvent", "{{ .State.Restarting }} {{ .State.Running }}", "false false", waitTime)
+	c.Assert(err, checker.IsNil)
+
+	var (
+		createCount int
+		startCount  int
+		dieCount    int
+	)
+	out, _ := dockerCmd(c, "events", "--since=0", fmt.Sprintf("--until=%d", daemonTime(c).Unix()), "-f", "container=testEvent")
+	events := strings.Split(strings.TrimSpace(out), "\n")
+
+	nEvents := len(events)
+	c.Assert(nEvents, checker.GreaterOrEqualThan, 1) //Missing expected event
+	actions := eventActionsByIDAndType(c, events, "testEvent", "container")
+
+	for _, a := range actions {
+		switch a {
+		case "create":
+			createCount++
+		case "start":
+			startCount++
+		case "die":
+			dieCount++
+		}
+	}
+	c.Assert(createCount, checker.Equals, 1, check.Commentf("testEvent should be created 1 times: %v", actions))
+	c.Assert(startCount, checker.Equals, 4, check.Commentf("testEvent should start 4 times: %v", actions))
+	c.Assert(dieCount, checker.Equals, 4, check.Commentf("testEvent should die 4 times: %v", actions))
+
+}
diff --git a/integration-cli/docker_cli_events_unix_test.go b/integration-cli/docker_cli_events_unix_test.go
new file mode 100644
index 00000000..c5e48f21
--- /dev/null
+++ b/integration-cli/docker_cli_events_unix_test.go
@@ -0,0 +1,362 @@
+// +build !windows
+
+package main
+
+import (
+	"bufio"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"strings"
+	"time"
+	"unicode"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+	"github.com/kr/pty"
+)
+
+// #5979
+func (s *DockerSuite) TestEventsRedirectStdout(c *check.C) {
+	since := daemonTime(c).Unix()
+	dockerCmd(c, "run", "busybox", "true")
+
+	file, err := ioutil.TempFile("", "")
+	c.Assert(err, checker.IsNil, check.Commentf("could not create temp file"))
+	defer os.Remove(file.Name())
+
+	command := fmt.Sprintf("%s events --since=%d --until=%d > %s", dockerBinary, since, daemonTime(c).Unix(), file.Name())
+	_, tty, err := pty.Open()
+	c.Assert(err, checker.IsNil, check.Commentf("Could not open pty"))
+	cmd := exec.Command("sh", "-c", command)
+	cmd.Stdin = tty
+	cmd.Stdout = tty
+	cmd.Stderr = tty
+	c.Assert(cmd.Run(), checker.IsNil, check.Commentf("run err for command %q", command))
+
+	scanner := bufio.NewScanner(file)
+	for scanner.Scan() {
+		for _, ch := range scanner.Text() {
+			c.Assert(unicode.IsControl(ch), checker.False, check.Commentf("found control character %v", []byte(string(ch))))
+		}
+	}
+	c.Assert(scanner.Err(), checker.IsNil, check.Commentf("Scan err for command %q", command))
+
+}
+
+func (s *DockerSuite) TestEventsOOMDisableFalse(c *check.C) {
+	testRequires(c, DaemonIsLinux, oomControl, memoryLimitSupport, NotGCCGO, swapMemorySupport)
+
+	errChan := make(chan error)
+	go func() {
+		defer close(errChan)
+		out, exitCode, _ := dockerCmdWithError("run", "--name", "oomFalse", "-m", "10MB", "busybox", "sh", "-c", "x=a; while true; do x=$x$x$x$x; done")
+		if expected := 137; exitCode != expected {
+			errChan <- fmt.Errorf("wrong exit code for OOM container: expected %d, got %d (output: %q)", expected, exitCode, out)
+		}
+	}()
+	select {
+	case err := <-errChan:
+		c.Assert(err, checker.IsNil)
+	case <-time.After(30 * time.Second):
+		c.Fatal("Timeout waiting for container to die on OOM")
+	}
+
+	out, _ := dockerCmd(c, "events", "--since=0", "-f", "container=oomFalse", fmt.Sprintf("--until=%d", daemonTime(c).Unix()))
+	events := strings.Split(strings.TrimSuffix(out, "\n"), "\n")
+	nEvents := len(events)
+
+	c.Assert(nEvents, checker.GreaterOrEqualThan, 5) //Missing expected event
+	c.Assert(parseEventAction(c, events[nEvents-5]), checker.Equals, "create")
+	c.Assert(parseEventAction(c, events[nEvents-4]), checker.Equals, "attach")
+	c.Assert(parseEventAction(c, events[nEvents-3]), checker.Equals, "start")
+	c.Assert(parseEventAction(c, events[nEvents-2]), checker.Equals, "oom")
+	c.Assert(parseEventAction(c, events[nEvents-1]), checker.Equals, "die")
+}
+
+func (s *DockerSuite) TestEventsOOMDisableTrue(c *check.C) {
+	testRequires(c, DaemonIsLinux, oomControl, memoryLimitSupport, NotGCCGO, NotArm, swapMemorySupport)
+
+	errChan := make(chan error)
+	observer, err := newEventObserver(c)
+	c.Assert(err, checker.IsNil)
+	err = observer.Start()
+	c.Assert(err, checker.IsNil)
+	defer observer.Stop()
+
+	go func() {
+		defer close(errChan)
+		out, exitCode, _ := dockerCmdWithError("run", "--oom-kill-disable=true", "--name", "oomTrue", "-m", "10MB", "busybox", "sh", "-c", "x=a; while true; do x=$x$x$x$x; done")
+		if expected := 137; exitCode != expected {
+			errChan <- fmt.Errorf("wrong exit code for OOM container: expected %d, got %d (output: %q)", expected, exitCode, out)
+		}
+	}()
+
+	c.Assert(waitRun("oomTrue"), checker.IsNil)
+	defer dockerCmd(c, "kill", "oomTrue")
+	containerID := inspectField(c, "oomTrue", "Id")
+
+	testActions := map[string]chan bool{
+		"oom": make(chan bool),
+	}
+
+	matcher := matchEventLine(containerID, "container", testActions)
+	processor := processEventMatch(testActions)
+	go observer.Match(matcher, processor)
+
+	select {
+	case <-time.After(20 * time.Second):
+		observer.CheckEventError(c, containerID, "oom", matcher)
+	case <-testActions["oom"]:
+		// ignore, done
+	case errRun := <-errChan:
+		if errRun != nil {
+			c.Fatalf("%v", errRun)
+		} else {
+			c.Fatalf("container should be still running but it's not")
+		}
+	}
+
+	status := inspectField(c, "oomTrue", "State.Status")
+	c.Assert(strings.TrimSpace(status), checker.Equals, "running", check.Commentf("container should be still running"))
+}
+
+// #18453
+func (s *DockerSuite) TestEventsContainerFilterByName(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	cOut, _ := dockerCmd(c, "run", "--name=foo", "-d", "busybox", "top")
+	c1 := strings.TrimSpace(cOut)
+	waitRun("foo")
+	cOut, _ = dockerCmd(c, "run", "--name=bar", "-d", "busybox", "top")
+	c2 := strings.TrimSpace(cOut)
+	waitRun("bar")
+	out, _ := dockerCmd(c, "events", "-f", "container=foo", "--since=0", fmt.Sprintf("--until=%d", daemonTime(c).Unix()))
+	c.Assert(out, checker.Contains, c1, check.Commentf(out))
+	c.Assert(out, checker.Not(checker.Contains), c2, check.Commentf(out))
+}
+
+// #18453
+func (s *DockerSuite) TestEventsContainerFilterBeforeCreate(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	var (
+		out string
+		ch  chan struct{}
+	)
+	ch = make(chan struct{})
+
+	// calculate the time it takes to create and start a container and sleep 2 seconds
+	// this is to make sure the docker event will recevie the event of container
+	since := daemonTime(c).Unix()
+	id, _ := dockerCmd(c, "run", "-d", "busybox", "top")
+	cID := strings.TrimSpace(id)
+	waitRun(cID)
+	time.Sleep(2 * time.Second)
+	duration := daemonTime(c).Unix() - since
+
+	go func() {
+		out, _ = dockerCmd(c, "events", "-f", "container=foo", "--since=0", fmt.Sprintf("--until=%d", daemonTime(c).Unix()+2*duration))
+		close(ch)
+	}()
+	// Sleep 2 second to wait docker event to start
+	time.Sleep(2 * time.Second)
+	id, _ = dockerCmd(c, "run", "--name=foo", "-d", "busybox", "top")
+	cID = strings.TrimSpace(id)
+	waitRun(cID)
+	<-ch
+	c.Assert(out, checker.Contains, cID, check.Commentf("Missing event of container (foo)"))
+}
+
+func (s *DockerSuite) TestVolumeEvents(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	since := daemonTime(c).Unix()
+
+	// Observe create/mount volume actions
+	dockerCmd(c, "volume", "create", "--name", "test-event-volume-local")
+	dockerCmd(c, "run", "--name", "test-volume-container", "--volume", "test-event-volume-local:/foo", "-d", "busybox", "true")
+	waitRun("test-volume-container")
+
+	// Observe unmount/destroy volume actions
+	dockerCmd(c, "rm", "-f", "test-volume-container")
+	dockerCmd(c, "volume", "rm", "test-event-volume-local")
+
+	out, _ := dockerCmd(c, "events", fmt.Sprintf("--since=%d", since), fmt.Sprintf("--until=%d", daemonTime(c).Unix()))
+	events := strings.Split(strings.TrimSpace(out), "\n")
+	c.Assert(len(events), checker.GreaterThan, 4)
+
+	volumeEvents := eventActionsByIDAndType(c, events, "test-event-volume-local", "volume")
+	c.Assert(volumeEvents, checker.HasLen, 4)
+	c.Assert(volumeEvents[0], checker.Equals, "create")
+	c.Assert(volumeEvents[1], checker.Equals, "mount")
+	c.Assert(volumeEvents[2], checker.Equals, "unmount")
+	c.Assert(volumeEvents[3], checker.Equals, "destroy")
+}
+
+func (s *DockerSuite) TestNetworkEvents(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	since := daemonTime(c).Unix()
+
+	// Observe create/connect network actions
+	dockerCmd(c, "network", "create", "test-event-network-local")
+	dockerCmd(c, "run", "--name", "test-network-container", "--net", "test-event-network-local", "-d", "busybox", "true")
+	waitRun("test-network-container")
+
+	// Observe disconnect/destroy network actions
+	dockerCmd(c, "rm", "-f", "test-network-container")
+	dockerCmd(c, "network", "rm", "test-event-network-local")
+
+	out, _ := dockerCmd(c, "events", fmt.Sprintf("--since=%d", since), fmt.Sprintf("--until=%d", daemonTime(c).Unix()))
+	events := strings.Split(strings.TrimSpace(out), "\n")
+	c.Assert(len(events), checker.GreaterThan, 4)
+
+	netEvents := eventActionsByIDAndType(c, events, "test-event-network-local", "network")
+	c.Assert(netEvents, checker.HasLen, 4)
+	c.Assert(netEvents[0], checker.Equals, "create")
+	c.Assert(netEvents[1], checker.Equals, "connect")
+	c.Assert(netEvents[2], checker.Equals, "disconnect")
+	c.Assert(netEvents[3], checker.Equals, "destroy")
+}
+
+func (s *DockerSuite) TestEventsStreaming(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	observer, err := newEventObserver(c)
+	c.Assert(err, checker.IsNil)
+	err = observer.Start()
+	c.Assert(err, checker.IsNil)
+	defer observer.Stop()
+
+	out, _ := dockerCmd(c, "run", "-d", "busybox:latest", "true")
+	containerID := strings.TrimSpace(out)
+
+	testActions := map[string]chan bool{
+		"create":  make(chan bool, 1),
+		"start":   make(chan bool, 1),
+		"die":     make(chan bool, 1),
+		"destroy": make(chan bool, 1),
+	}
+
+	matcher := matchEventLine(containerID, "container", testActions)
+	processor := processEventMatch(testActions)
+	go observer.Match(matcher, processor)
+
+	select {
+	case <-time.After(5 * time.Second):
+		observer.CheckEventError(c, containerID, "create", matcher)
+	case <-testActions["create"]:
+		// ignore, done
+	}
+
+	select {
+	case <-time.After(5 * time.Second):
+		observer.CheckEventError(c, containerID, "start", matcher)
+	case <-testActions["start"]:
+		// ignore, done
+	}
+
+	select {
+	case <-time.After(5 * time.Second):
+		observer.CheckEventError(c, containerID, "die", matcher)
+	case <-testActions["die"]:
+		// ignore, done
+	}
+
+	dockerCmd(c, "rm", containerID)
+
+	select {
+	case <-time.After(5 * time.Second):
+		observer.CheckEventError(c, containerID, "destroy", matcher)
+	case <-testActions["destroy"]:
+		// ignore, done
+	}
+}
+
+func (s *DockerSuite) TestEventsImageUntagDelete(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	observer, err := newEventObserver(c)
+	c.Assert(err, checker.IsNil)
+	err = observer.Start()
+	c.Assert(err, checker.IsNil)
+	defer observer.Stop()
+
+	name := "testimageevents"
+	imageID, err := buildImage(name,
+		`FROM scratch
+		MAINTAINER "docker"`,
+		true)
+	c.Assert(err, checker.IsNil)
+	c.Assert(deleteImages(name), checker.IsNil)
+
+	testActions := map[string]chan bool{
+		"untag":  make(chan bool, 1),
+		"delete": make(chan bool, 1),
+	}
+
+	matcher := matchEventLine(imageID, "image", testActions)
+	processor := processEventMatch(testActions)
+	go observer.Match(matcher, processor)
+
+	select {
+	case <-time.After(10 * time.Second):
+		observer.CheckEventError(c, imageID, "untag", matcher)
+	case <-testActions["untag"]:
+		// ignore, done
+	}
+
+	select {
+	case <-time.After(10 * time.Second):
+		observer.CheckEventError(c, imageID, "delete", matcher)
+	case <-testActions["delete"]:
+		// ignore, done
+	}
+}
+
+func (s *DockerSuite) TestEventsFilterVolumeAndNetworkType(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	since := daemonTime(c).Unix()
+
+	dockerCmd(c, "network", "create", "test-event-network-type")
+	dockerCmd(c, "volume", "create", "--name", "test-event-volume-type")
+
+	out, _ := dockerCmd(c, "events", "--filter", "type=volume", "--filter", "type=network", fmt.Sprintf("--since=%d", since), fmt.Sprintf("--until=%d", daemonTime(c).Unix()))
+	events := strings.Split(strings.TrimSpace(out), "\n")
+	c.Assert(len(events), checker.GreaterOrEqualThan, 2, check.Commentf(out))
+
+	networkActions := eventActionsByIDAndType(c, events, "test-event-network-type", "network")
+	volumeActions := eventActionsByIDAndType(c, events, "test-event-volume-type", "volume")
+
+	c.Assert(volumeActions[0], checker.Equals, "create")
+	c.Assert(networkActions[0], checker.Equals, "create")
+}
+
+func (s *DockerSuite) TestEventsFilterVolumeID(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	since := daemonTime(c).Unix()
+
+	dockerCmd(c, "volume", "create", "--name", "test-event-volume-id")
+	out, _ := dockerCmd(c, "events", "--filter", "volume=test-event-volume-id", fmt.Sprintf("--since=%d", since), fmt.Sprintf("--until=%d", daemonTime(c).Unix()))
+	events := strings.Split(strings.TrimSpace(out), "\n")
+	c.Assert(events, checker.HasLen, 1)
+
+	c.Assert(events[0], checker.Contains, "test-event-volume-id")
+	c.Assert(events[0], checker.Contains, "driver=local")
+}
+
+func (s *DockerSuite) TestEventsFilterNetworkID(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	since := daemonTime(c).Unix()
+
+	dockerCmd(c, "network", "create", "test-event-network-local")
+	out, _ := dockerCmd(c, "events", "--filter", "network=test-event-network-local", fmt.Sprintf("--since=%d", since), fmt.Sprintf("--until=%d", daemonTime(c).Unix()))
+	events := strings.Split(strings.TrimSpace(out), "\n")
+	c.Assert(events, checker.HasLen, 1)
+
+	c.Assert(events[0], checker.Contains, "test-event-network-local")
+	c.Assert(events[0], checker.Contains, "type=bridge")
+}
diff --git a/integration-cli/docker_cli_exec_test.go b/integration-cli/docker_cli_exec_test.go
new file mode 100644
index 00000000..a8150ad2
--- /dev/null
+++ b/integration-cli/docker_cli_exec_test.go
@@ -0,0 +1,511 @@
+// +build !test_no_exec
+
+package main
+
+import (
+	"bufio"
+	"fmt"
+	"net/http"
+	"os"
+	"os/exec"
+	"reflect"
+	"sort"
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestExec(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "--name", "testing", "busybox", "sh", "-c", "echo test > /tmp/file && top")
+	c.Assert(waitRun(strings.TrimSpace(out)), check.IsNil)
+
+	out, _ = dockerCmd(c, "exec", "testing", "cat", "/tmp/file")
+	out = strings.Trim(out, "\r\n")
+	c.Assert(out, checker.Equals, "test")
+
+}
+
+func (s *DockerSuite) TestExecInteractive(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "-d", "--name", "testing", "busybox", "sh", "-c", "echo test > /tmp/file && top")
+
+	execCmd := exec.Command(dockerBinary, "exec", "-i", "testing", "sh")
+	stdin, err := execCmd.StdinPipe()
+	c.Assert(err, checker.IsNil)
+	stdout, err := execCmd.StdoutPipe()
+	c.Assert(err, checker.IsNil)
+
+	err = execCmd.Start()
+	c.Assert(err, checker.IsNil)
+	_, err = stdin.Write([]byte("cat /tmp/file\n"))
+	c.Assert(err, checker.IsNil)
+
+	r := bufio.NewReader(stdout)
+	line, err := r.ReadString('\n')
+	c.Assert(err, checker.IsNil)
+	line = strings.TrimSpace(line)
+	c.Assert(line, checker.Equals, "test")
+	err = stdin.Close()
+	c.Assert(err, checker.IsNil)
+	errChan := make(chan error)
+	go func() {
+		errChan <- execCmd.Wait()
+		close(errChan)
+	}()
+	select {
+	case err := <-errChan:
+		c.Assert(err, checker.IsNil)
+	case <-time.After(1 * time.Second):
+		c.Fatal("docker exec failed to exit on stdin close")
+	}
+
+}
+
+func (s *DockerSuite) TestExecAfterContainerRestart(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := runSleepingContainer(c)
+	cleanedContainerID := strings.TrimSpace(out)
+	c.Assert(waitRun(cleanedContainerID), check.IsNil)
+	dockerCmd(c, "restart", cleanedContainerID)
+	c.Assert(waitRun(cleanedContainerID), check.IsNil)
+
+	out, _ = dockerCmd(c, "exec", cleanedContainerID, "echo", "hello")
+	outStr := strings.TrimSpace(out)
+	c.Assert(outStr, checker.Equals, "hello")
+}
+
+func (s *DockerDaemonSuite) TestExecAfterDaemonRestart(c *check.C) {
+	// TODO Windows CI: Requires a little work to get this ported.
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, SameHostDaemon)
+
+	err := s.d.StartWithBusybox()
+	c.Assert(err, checker.IsNil)
+
+	out, err := s.d.Cmd("run", "-d", "--name", "top", "-p", "80", "busybox:latest", "top")
+	c.Assert(err, checker.IsNil, check.Commentf("Could not run top: %s", out))
+
+	err = s.d.Restart()
+	c.Assert(err, checker.IsNil, check.Commentf("Could not restart daemon"))
+
+	out, err = s.d.Cmd("start", "top")
+	c.Assert(err, checker.IsNil, check.Commentf("Could not start top after daemon restart: %s", out))
+
+	out, err = s.d.Cmd("exec", "top", "echo", "hello")
+	c.Assert(err, checker.IsNil, check.Commentf("Could not exec on container top: %s", out))
+
+	outStr := strings.TrimSpace(string(out))
+	c.Assert(outStr, checker.Equals, "hello")
+}
+
+// Regression test for #9155, #9044
+func (s *DockerSuite) TestExecEnv(c *check.C) {
+	// TODO Windows CI: This one is interesting and may just end up being a feature
+	// difference between Windows and Linux. On Windows, the environment is passed
+	// into the process that is launched, not into the machine environment. Hence
+	// a subsequent exec will not have LALA set/
+	testRequires(c, DaemonIsLinux)
+	runSleepingContainer(c, "-e", "LALA=value1", "-e", "LALA=value2", "-d", "--name", "testing")
+	c.Assert(waitRun("testing"), check.IsNil)
+
+	out, _ := dockerCmd(c, "exec", "testing", "env")
+	c.Assert(out, checker.Not(checker.Contains), "LALA=value1")
+	c.Assert(out, checker.Contains, "LALA=value2")
+	c.Assert(out, checker.Contains, "HOME=/root")
+}
+
+func (s *DockerSuite) TestExecExitStatus(c *check.C) {
+	runSleepingContainer(c, "-d", "--name", "top")
+
+	// Test normal (non-detached) case first
+	cmd := exec.Command(dockerBinary, "exec", "top", "sh", "-c", "exit 23")
+	ec, _ := runCommand(cmd)
+	c.Assert(ec, checker.Equals, 23)
+}
+
+func (s *DockerSuite) TestExecPausedContainer(c *check.C) {
+	// Windows does not support pause
+	testRequires(c, DaemonIsLinux)
+	defer unpauseAllContainers()
+
+	out, _ := dockerCmd(c, "run", "-d", "--name", "testing", "busybox", "top")
+	ContainerID := strings.TrimSpace(out)
+
+	dockerCmd(c, "pause", "testing")
+	out, _, err := dockerCmdWithError("exec", "-i", "-t", ContainerID, "echo", "hello")
+	c.Assert(err, checker.NotNil, check.Commentf("container should fail to exec new conmmand if it is paused"))
+
+	expected := ContainerID + " is paused, unpause the container before exec"
+	c.Assert(out, checker.Contains, expected, check.Commentf("container should not exec new command if it is paused"))
+}
+
+// regression test for #9476
+func (s *DockerSuite) TestExecTTYCloseStdin(c *check.C) {
+	// TODO Windows CI: This requires some work to port to Windows.
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "-d", "-it", "--name", "exec_tty_stdin", "busybox")
+
+	cmd := exec.Command(dockerBinary, "exec", "-i", "exec_tty_stdin", "cat")
+	stdinRw, err := cmd.StdinPipe()
+	c.Assert(err, checker.IsNil)
+
+	stdinRw.Write([]byte("test"))
+	stdinRw.Close()
+
+	out, _, err := runCommandWithOutput(cmd)
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+
+	out, _ = dockerCmd(c, "top", "exec_tty_stdin")
+	outArr := strings.Split(out, "\n")
+	c.Assert(len(outArr), checker.LessOrEqualThan, 3, check.Commentf("exec process left running"))
+	c.Assert(out, checker.Not(checker.Contains), "nsenter-exec")
+}
+
+func (s *DockerSuite) TestExecTTYWithoutStdin(c *check.C) {
+	// TODO Windows CI: This requires some work to port to Windows.
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "-ti", "busybox")
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), checker.IsNil)
+
+	errChan := make(chan error)
+	go func() {
+		defer close(errChan)
+
+		cmd := exec.Command(dockerBinary, "exec", "-ti", id, "true")
+		if _, err := cmd.StdinPipe(); err != nil {
+			errChan <- err
+			return
+		}
+
+		expected := "cannot enable tty mode"
+		if out, _, err := runCommandWithOutput(cmd); err == nil {
+			errChan <- fmt.Errorf("exec should have failed")
+			return
+		} else if !strings.Contains(out, expected) {
+			errChan <- fmt.Errorf("exec failed with error %q: expected %q", out, expected)
+			return
+		}
+	}()
+
+	select {
+	case err := <-errChan:
+		c.Assert(err, check.IsNil)
+	case <-time.After(3 * time.Second):
+		c.Fatal("exec is running but should have failed")
+	}
+}
+
+func (s *DockerSuite) TestExecParseError(c *check.C) {
+	// TODO Windows CI: Requires some extra work. Consider copying the
+	// runSleepingContainer helper to have an exec version.
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "-d", "--name", "top", "busybox", "top")
+
+	// Test normal (non-detached) case first
+	cmd := exec.Command(dockerBinary, "exec", "top")
+	_, stderr, _, err := runCommandWithStdoutStderr(cmd)
+	c.Assert(err, checker.NotNil)
+	c.Assert(stderr, checker.Contains, "See '"+dockerBinary+" exec --help'")
+}
+
+func (s *DockerSuite) TestExecStopNotHanging(c *check.C) {
+	// TODO Windows CI: Requires some extra work. Consider copying the
+	// runSleepingContainer helper to have an exec version.
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "-d", "--name", "testing", "busybox", "top")
+
+	err := exec.Command(dockerBinary, "exec", "testing", "top").Start()
+	c.Assert(err, checker.IsNil)
+
+	type dstop struct {
+		out []byte
+		err error
+	}
+
+	ch := make(chan dstop)
+	go func() {
+		out, err := exec.Command(dockerBinary, "stop", "testing").CombinedOutput()
+		ch <- dstop{out, err}
+		close(ch)
+	}()
+	select {
+	case <-time.After(3 * time.Second):
+		c.Fatal("Container stop timed out")
+	case s := <-ch:
+		c.Assert(s.err, check.IsNil)
+	}
+}
+
+func (s *DockerSuite) TestExecCgroup(c *check.C) {
+	// Not applicable on Windows - using Linux specific functionality
+	testRequires(c, NotUserNamespace)
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "-d", "--name", "testing", "busybox", "top")
+
+	out, _ := dockerCmd(c, "exec", "testing", "cat", "/proc/1/cgroup")
+	containerCgroups := sort.StringSlice(strings.Split(out, "\n"))
+
+	var wg sync.WaitGroup
+	var mu sync.Mutex
+	execCgroups := []sort.StringSlice{}
+	errChan := make(chan error)
+	// exec a few times concurrently to get consistent failure
+	for i := 0; i < 5; i++ {
+		wg.Add(1)
+		go func() {
+			out, _, err := dockerCmdWithError("exec", "testing", "cat", "/proc/self/cgroup")
+			if err != nil {
+				errChan <- err
+				return
+			}
+			cg := sort.StringSlice(strings.Split(out, "\n"))
+
+			mu.Lock()
+			execCgroups = append(execCgroups, cg)
+			mu.Unlock()
+			wg.Done()
+		}()
+	}
+	wg.Wait()
+	close(errChan)
+
+	for err := range errChan {
+		c.Assert(err, checker.IsNil)
+	}
+
+	for _, cg := range execCgroups {
+		if !reflect.DeepEqual(cg, containerCgroups) {
+			fmt.Println("exec cgroups:")
+			for _, name := range cg {
+				fmt.Printf(" %s\n", name)
+			}
+
+			fmt.Println("container cgroups:")
+			for _, name := range containerCgroups {
+				fmt.Printf(" %s\n", name)
+			}
+			c.Fatal("cgroups mismatched")
+		}
+	}
+}
+
+func (s *DockerSuite) TestExecInspectID(c *check.C) {
+	out, _ := runSleepingContainer(c, "-d")
+	id := strings.TrimSuffix(out, "\n")
+
+	out = inspectField(c, id, "ExecIDs")
+	c.Assert(out, checker.Equals, "[]", check.Commentf("ExecIDs should be empty, got: %s", out))
+
+	// Start an exec, have it block waiting so we can do some checking
+	cmd := exec.Command(dockerBinary, "exec", id, "sh", "-c",
+		"while ! test -e /execid1; do sleep 1; done")
+
+	err := cmd.Start()
+	c.Assert(err, checker.IsNil, check.Commentf("failed to start the exec cmd"))
+
+	// Give the exec 10 chances/seconds to start then give up and stop the test
+	tries := 10
+	for i := 0; i < tries; i++ {
+		// Since its still running we should see exec as part of the container
+		out = strings.TrimSpace(inspectField(c, id, "ExecIDs"))
+
+		if out != "[]" && out != "<no value>" {
+			break
+		}
+		c.Assert(i+1, checker.Not(checker.Equals), tries, check.Commentf("ExecIDs still empty after 10 second"))
+		time.Sleep(1 * time.Second)
+	}
+
+	// Save execID for later
+	execID, err := inspectFilter(id, "index .ExecIDs 0")
+	c.Assert(err, checker.IsNil, check.Commentf("failed to get the exec id"))
+
+	// End the exec by creating the missing file
+	err = exec.Command(dockerBinary, "exec", id,
+		"sh", "-c", "touch /execid1").Run()
+
+	c.Assert(err, checker.IsNil, check.Commentf("failed to run the 2nd exec cmd"))
+
+	// Wait for 1st exec to complete
+	cmd.Wait()
+
+	// Give the exec 10 chances/seconds to stop then give up and stop the test
+	for i := 0; i < tries; i++ {
+		// Since its still running we should see exec as part of the container
+		out = strings.TrimSpace(inspectField(c, id, "ExecIDs"))
+
+		if out == "[]" {
+			break
+		}
+		c.Assert(i+1, checker.Not(checker.Equals), tries, check.Commentf("ExecIDs still not empty after 10 second"))
+		time.Sleep(1 * time.Second)
+	}
+
+	// But we should still be able to query the execID
+	sc, body, err := sockRequest("GET", "/exec/"+execID+"/json", nil)
+	c.Assert(sc, checker.Equals, http.StatusOK, check.Commentf("received status != 200 OK: %d\n%s", sc, body))
+
+	// Now delete the container and then an 'inspect' on the exec should
+	// result in a 404 (not 'container not running')
+	out, ec := dockerCmd(c, "rm", "-f", id)
+	c.Assert(ec, checker.Equals, 0, check.Commentf("error removing container: %s", out))
+	sc, body, err = sockRequest("GET", "/exec/"+execID+"/json", nil)
+	c.Assert(sc, checker.Equals, http.StatusNotFound, check.Commentf("received status != 404: %d\n%s", sc, body))
+}
+
+func (s *DockerSuite) TestLinksPingLinkedContainersOnRename(c *check.C) {
+	// Problematic on Windows as Windows does not support links
+	testRequires(c, DaemonIsLinux)
+	var out string
+	out, _ = dockerCmd(c, "run", "-d", "--name", "container1", "busybox", "top")
+	idA := strings.TrimSpace(out)
+	c.Assert(idA, checker.Not(checker.Equals), "", check.Commentf("%s, id should not be nil", out))
+	out, _ = dockerCmd(c, "run", "-d", "--link", "container1:alias1", "--name", "container2", "busybox", "top")
+	idB := strings.TrimSpace(out)
+	c.Assert(idB, checker.Not(checker.Equals), "", check.Commentf("%s, id should not be nil", out))
+
+	dockerCmd(c, "exec", "container2", "ping", "-c", "1", "alias1", "-W", "1")
+	dockerCmd(c, "rename", "container1", "container_new")
+	dockerCmd(c, "exec", "container2", "ping", "-c", "1", "alias1", "-W", "1")
+}
+
+func (s *DockerSuite) TestRunMutableNetworkFiles(c *check.C) {
+	// Not applicable on Windows to Windows CI.
+	testRequires(c, SameHostDaemon, DaemonIsLinux)
+	for _, fn := range []string{"resolv.conf", "hosts"} {
+		deleteAllContainers()
+
+		content, err := runCommandAndReadContainerFile(fn, exec.Command(dockerBinary, "run", "-d", "--name", "c1", "busybox", "sh", "-c", fmt.Sprintf("echo success >/etc/%s && top", fn)))
+		c.Assert(err, checker.IsNil)
+
+		c.Assert(strings.TrimSpace(string(content)), checker.Equals, "success", check.Commentf("Content was not what was modified in the container", string(content)))
+
+		out, _ := dockerCmd(c, "run", "-d", "--name", "c2", "busybox", "top")
+		contID := strings.TrimSpace(out)
+		netFilePath := containerStorageFile(contID, fn)
+
+		f, err := os.OpenFile(netFilePath, os.O_WRONLY|os.O_SYNC|os.O_APPEND, 0644)
+		c.Assert(err, checker.IsNil)
+
+		if _, err := f.Seek(0, 0); err != nil {
+			f.Close()
+			c.Fatal(err)
+		}
+
+		if err := f.Truncate(0); err != nil {
+			f.Close()
+			c.Fatal(err)
+		}
+
+		if _, err := f.Write([]byte("success2\n")); err != nil {
+			f.Close()
+			c.Fatal(err)
+		}
+		f.Close()
+
+		res, _ := dockerCmd(c, "exec", contID, "cat", "/etc/"+fn)
+		c.Assert(res, checker.Equals, "success2\n")
+	}
+}
+
+func (s *DockerSuite) TestExecWithUser(c *check.C) {
+	// TODO Windows CI: This may be fixable in the future once Windows
+	// supports users
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "-d", "--name", "parent", "busybox", "top")
+
+	out, _ := dockerCmd(c, "exec", "-u", "1", "parent", "id")
+	c.Assert(out, checker.Contains, "uid=1(daemon) gid=1(daemon)")
+
+	out, _ = dockerCmd(c, "exec", "-u", "root", "parent", "id")
+	c.Assert(out, checker.Contains, "uid=0(root) gid=0(root)", check.Commentf("exec with user by id expected daemon user got %s", out))
+}
+
+func (s *DockerSuite) TestExecWithPrivileged(c *check.C) {
+	// Not applicable on Windows
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	// Start main loop which attempts mknod repeatedly
+	dockerCmd(c, "run", "-d", "--name", "parent", "--cap-drop=ALL", "busybox", "sh", "-c", `while (true); do if [ -e /exec_priv ]; then cat /exec_priv && mknod /tmp/sda b 8 0 && echo "Success"; else echo "Privileged exec has not run yet"; fi; usleep 10000; done`)
+
+	// Check exec mknod doesn't work
+	cmd := exec.Command(dockerBinary, "exec", "parent", "sh", "-c", "mknod /tmp/sdb b 8 16")
+	out, _, err := runCommandWithOutput(cmd)
+	c.Assert(err, checker.NotNil, check.Commentf("exec mknod in --cap-drop=ALL container without --privileged should fail"))
+	c.Assert(out, checker.Contains, "Operation not permitted", check.Commentf("exec mknod in --cap-drop=ALL container without --privileged should fail"))
+
+	// Check exec mknod does work with --privileged
+	cmd = exec.Command(dockerBinary, "exec", "--privileged", "parent", "sh", "-c", `echo "Running exec --privileged" > /exec_priv && mknod /tmp/sdb b 8 16 && usleep 50000 && echo "Finished exec --privileged" > /exec_priv && echo ok`)
+	out, _, err = runCommandWithOutput(cmd)
+	c.Assert(err, checker.IsNil)
+
+	actual := strings.TrimSpace(out)
+	c.Assert(actual, checker.Equals, "ok", check.Commentf("exec mknod in --cap-drop=ALL container with --privileged failed, output: %q", out))
+
+	// Check subsequent unprivileged exec cannot mknod
+	cmd = exec.Command(dockerBinary, "exec", "parent", "sh", "-c", "mknod /tmp/sdc b 8 32")
+	out, _, err = runCommandWithOutput(cmd)
+	c.Assert(err, checker.NotNil, check.Commentf("repeating exec mknod in --cap-drop=ALL container after --privileged without --privileged should fail"))
+	c.Assert(out, checker.Contains, "Operation not permitted", check.Commentf("repeating exec mknod in --cap-drop=ALL container after --privileged without --privileged should fail"))
+
+	// Confirm at no point was mknod allowed
+	logCmd := exec.Command(dockerBinary, "logs", "parent")
+	out, _, err = runCommandWithOutput(logCmd)
+	c.Assert(err, checker.IsNil)
+	c.Assert(out, checker.Not(checker.Contains), "Success")
+
+}
+
+func (s *DockerSuite) TestExecWithImageUser(c *check.C) {
+	// Not applicable on Windows
+	testRequires(c, DaemonIsLinux)
+	name := "testbuilduser"
+	_, err := buildImage(name,
+		`FROM busybox
+		RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
+		USER dockerio`,
+		true)
+	c.Assert(err, checker.IsNil)
+
+	dockerCmd(c, "run", "-d", "--name", "dockerioexec", name, "top")
+
+	out, _ := dockerCmd(c, "exec", "dockerioexec", "whoami")
+	c.Assert(out, checker.Contains, "dockerio", check.Commentf("exec with user by id expected dockerio user got %s", out))
+}
+
+func (s *DockerSuite) TestExecOnReadonlyContainer(c *check.C) {
+	// Windows does not support read-only
+	// --read-only + userns has remount issues
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	dockerCmd(c, "run", "-d", "--read-only", "--name", "parent", "busybox", "top")
+	dockerCmd(c, "exec", "parent", "true")
+}
+
+func (s *DockerSuite) TestExecUlimits(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "testexeculimits"
+	runSleepingContainer(c, "-d", "--ulimit", "nproc=21", "--name", name)
+	c.Assert(waitRun(name), checker.IsNil)
+
+	out, _, err := dockerCmdWithError("exec", name, "sh", "-c", "ulimit -p")
+	c.Assert(err, checker.IsNil)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "21")
+}
+
+// #15750
+func (s *DockerSuite) TestExecStartFails(c *check.C) {
+	// TODO Windows CI. This test should be portable. Figure out why it fails
+	// currently.
+	testRequires(c, DaemonIsLinux)
+	name := "exec-15750"
+	runSleepingContainer(c, "-d", "--name", name)
+	c.Assert(waitRun(name), checker.IsNil)
+
+	out, _, err := dockerCmdWithError("exec", name, "no-such-cmd")
+	c.Assert(err, checker.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, "executable file not found")
+}
diff --git a/integration-cli/docker_cli_exec_unix_test.go b/integration-cli/docker_cli_exec_unix_test.go
new file mode 100644
index 00000000..42db4091
--- /dev/null
+++ b/integration-cli/docker_cli_exec_unix_test.go
@@ -0,0 +1,70 @@
+// +build !windows,!test_no_exec
+
+package main
+
+import (
+	"bytes"
+	"io"
+	"os/exec"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+	"github.com/kr/pty"
+)
+
+// regression test for #12546
+func (s *DockerSuite) TestExecInteractiveStdinClose(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-itd", "busybox", "/bin/cat")
+	contID := strings.TrimSpace(out)
+
+	cmd := exec.Command(dockerBinary, "exec", "-i", contID, "echo", "-n", "hello")
+	p, err := pty.Start(cmd)
+	c.Assert(err, checker.IsNil)
+
+	b := bytes.NewBuffer(nil)
+	go io.Copy(b, p)
+
+	ch := make(chan error)
+	go func() { ch <- cmd.Wait() }()
+
+	select {
+	case err := <-ch:
+		c.Assert(err, checker.IsNil)
+		output := b.String()
+		c.Assert(strings.TrimSpace(output), checker.Equals, "hello")
+	case <-time.After(5 * time.Second):
+		c.Fatal("timed out running docker exec")
+	}
+}
+
+func (s *DockerSuite) TestExecTTY(c *check.C) {
+	testRequires(c, DaemonIsLinux, SameHostDaemon)
+	dockerCmd(c, "run", "-d", "--name=test", "busybox", "sh", "-c", "echo hello > /foo && top")
+
+	cmd := exec.Command(dockerBinary, "exec", "-it", "test", "sh")
+	p, err := pty.Start(cmd)
+	c.Assert(err, checker.IsNil)
+	defer p.Close()
+
+	_, err = p.Write([]byte("cat /foo && exit\n"))
+	c.Assert(err, checker.IsNil)
+
+	chErr := make(chan error)
+	go func() {
+		chErr <- cmd.Wait()
+	}()
+	select {
+	case err := <-chErr:
+		c.Assert(err, checker.IsNil)
+	case <-time.After(3 * time.Second):
+		c.Fatal("timeout waiting for exec to exit")
+	}
+
+	buf := make([]byte, 256)
+	read, err := p.Read(buf)
+	c.Assert(err, checker.IsNil)
+	c.Assert(bytes.Contains(buf, []byte("hello")), checker.Equals, true, check.Commentf(string(buf[:read])))
+}
diff --git a/integration-cli/docker_cli_experimental_test.go b/integration-cli/docker_cli_experimental_test.go
new file mode 100644
index 00000000..8795078f
--- /dev/null
+++ b/integration-cli/docker_cli_experimental_test.go
@@ -0,0 +1,21 @@
+// +build experimental
+
+package main
+
+import (
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+	"strings"
+)
+
+func (s *DockerSuite) TestExperimentalVersion(c *check.C) {
+	out, _ := dockerCmd(c, "version")
+	for _, line := range strings.Split(out, "\n") {
+		if strings.HasPrefix(line, "Experimental (client):") || strings.HasPrefix(line, "Experimental (server):") {
+			c.Assert(line, checker.Matches, "*true")
+		}
+	}
+
+	out, _ = dockerCmd(c, "-v")
+	c.Assert(out, checker.Contains, ", experimental", check.Commentf("docker version did not contain experimental"))
+}
diff --git a/integration-cli/docker_cli_export_import_test.go b/integration-cli/docker_cli_export_import_test.go
new file mode 100644
index 00000000..069dc081
--- /dev/null
+++ b/integration-cli/docker_cli_export_import_test.go
@@ -0,0 +1,49 @@
+package main
+
+import (
+	"os"
+	"os/exec"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+// export an image and try to import it into a new one
+func (s *DockerSuite) TestExportContainerAndImportImage(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := "testexportcontainerandimportimage"
+
+	dockerCmd(c, "run", "--name", containerID, "busybox", "true")
+
+	out, _ := dockerCmd(c, "export", containerID)
+
+	importCmd := exec.Command(dockerBinary, "import", "-", "repo/testexp:v1")
+	importCmd.Stdin = strings.NewReader(out)
+	out, _, err := runCommandWithOutput(importCmd)
+	c.Assert(err, checker.IsNil, check.Commentf("failed to import image repo/testexp:v1: %s", out))
+
+	cleanedImageID := strings.TrimSpace(out)
+	c.Assert(cleanedImageID, checker.Not(checker.Equals), "", check.Commentf("output should have been an image id"))
+}
+
+// Used to test output flag in the export command
+func (s *DockerSuite) TestExportContainerWithOutputAndImportImage(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	containerID := "testexportcontainerwithoutputandimportimage"
+
+	dockerCmd(c, "run", "--name", containerID, "busybox", "true")
+	dockerCmd(c, "export", "--output=testexp.tar", containerID)
+	defer os.Remove("testexp.tar")
+
+	out, _, err := runCommandWithOutput(exec.Command("cat", "testexp.tar"))
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+
+	importCmd := exec.Command(dockerBinary, "import", "-", "repo/testexp:v1")
+	importCmd.Stdin = strings.NewReader(out)
+	out, _, err = runCommandWithOutput(importCmd)
+	c.Assert(err, checker.IsNil, check.Commentf("failed to import image repo/testexp:v1: %s", out))
+
+	cleanedImageID := strings.TrimSpace(out)
+	c.Assert(cleanedImageID, checker.Not(checker.Equals), "", check.Commentf("output should have been an image id"))
+}
diff --git a/integration-cli/docker_cli_external_graphdriver_unix_test.go b/integration-cli/docker_cli_external_graphdriver_unix_test.go
new file mode 100644
index 00000000..33fe4058
--- /dev/null
+++ b/integration-cli/docker_cli_external_graphdriver_unix_test.go
@@ -0,0 +1,384 @@
+// +build experimental
+// +build !windows
+
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net/http"
+	"net/http/httptest"
+	"os"
+	"strings"
+
+	"github.com/docker/docker/daemon/graphdriver"
+	"github.com/docker/docker/daemon/graphdriver/vfs"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/plugins"
+	"github.com/go-check/check"
+)
+
+func init() {
+	check.Suite(&DockerExternalGraphdriverSuite{
+		ds: &DockerSuite{},
+	})
+}
+
+type DockerExternalGraphdriverSuite struct {
+	server  *httptest.Server
+	jserver *httptest.Server
+	ds      *DockerSuite
+	d       *Daemon
+	ec      map[string]*graphEventsCounter
+}
+
+type graphEventsCounter struct {
+	activations int
+	creations   int
+	removals    int
+	gets        int
+	puts        int
+	stats       int
+	cleanups    int
+	exists      int
+	init        int
+	metadata    int
+	diff        int
+	applydiff   int
+	changes     int
+	diffsize    int
+}
+
+func (s *DockerExternalGraphdriverSuite) SetUpTest(c *check.C) {
+	s.d = NewDaemon(c)
+}
+
+func (s *DockerExternalGraphdriverSuite) TearDownTest(c *check.C) {
+	s.d.Stop()
+	s.ds.TearDownTest(c)
+}
+
+func (s *DockerExternalGraphdriverSuite) SetUpSuite(c *check.C) {
+	s.ec = make(map[string]*graphEventsCounter)
+	s.setUpPluginViaSpecFile(c)
+	s.setUpPluginViaJSONFile(c)
+}
+
+func (s *DockerExternalGraphdriverSuite) setUpPluginViaSpecFile(c *check.C) {
+	mux := http.NewServeMux()
+	s.server = httptest.NewServer(mux)
+
+	s.setUpPlugin(c, "test-external-graph-driver", "spec", mux, []byte(s.server.URL))
+}
+
+func (s *DockerExternalGraphdriverSuite) setUpPluginViaJSONFile(c *check.C) {
+	mux := http.NewServeMux()
+	s.jserver = httptest.NewServer(mux)
+
+	p := plugins.Plugin{Name: "json-external-graph-driver", Addr: s.jserver.URL}
+	b, err := json.Marshal(p)
+	c.Assert(err, check.IsNil)
+
+	s.setUpPlugin(c, "json-external-graph-driver", "json", mux, b)
+}
+
+func (s *DockerExternalGraphdriverSuite) setUpPlugin(c *check.C, name string, ext string, mux *http.ServeMux, b []byte) {
+	type graphDriverRequest struct {
+		ID         string `json:",omitempty"`
+		Parent     string `json:",omitempty"`
+		MountLabel string `json:",omitempty"`
+	}
+
+	type graphDriverResponse struct {
+		Err      error             `json:",omitempty"`
+		Dir      string            `json:",omitempty"`
+		Exists   bool              `json:",omitempty"`
+		Status   [][2]string       `json:",omitempty"`
+		Metadata map[string]string `json:",omitempty"`
+		Changes  []archive.Change  `json:",omitempty"`
+		Size     int64             `json:",omitempty"`
+	}
+
+	respond := func(w http.ResponseWriter, data interface{}) {
+		w.Header().Set("Content-Type", "appplication/vnd.docker.plugins.v1+json")
+		switch t := data.(type) {
+		case error:
+			fmt.Fprintln(w, fmt.Sprintf(`{"Err": %q}`, t.Error()))
+		case string:
+			fmt.Fprintln(w, t)
+		default:
+			json.NewEncoder(w).Encode(&data)
+		}
+	}
+
+	decReq := func(b io.ReadCloser, out interface{}, w http.ResponseWriter) error {
+		defer b.Close()
+		if err := json.NewDecoder(b).Decode(&out); err != nil {
+			http.Error(w, fmt.Sprintf("error decoding json: %s", err.Error()), 500)
+		}
+		return nil
+	}
+
+	base, err := ioutil.TempDir("", name)
+	c.Assert(err, check.IsNil)
+	vfsProto, err := vfs.Init(base, []string{}, nil, nil)
+	c.Assert(err, check.IsNil, check.Commentf("error initializing graph driver"))
+	driver := graphdriver.NewNaiveDiffDriver(vfsProto, nil, nil)
+
+	s.ec[ext] = &graphEventsCounter{}
+	mux.HandleFunc("/Plugin.Activate", func(w http.ResponseWriter, r *http.Request) {
+		s.ec[ext].activations++
+		respond(w, `{"Implements": ["GraphDriver"]}`)
+	})
+
+	mux.HandleFunc("/GraphDriver.Init", func(w http.ResponseWriter, r *http.Request) {
+		s.ec[ext].init++
+		respond(w, "{}")
+	})
+
+	mux.HandleFunc("/GraphDriver.Create", func(w http.ResponseWriter, r *http.Request) {
+		s.ec[ext].creations++
+
+		var req graphDriverRequest
+		if err := decReq(r.Body, &req, w); err != nil {
+			return
+		}
+		if err := driver.Create(req.ID, req.Parent, ""); err != nil {
+			respond(w, err)
+			return
+		}
+		respond(w, "{}")
+	})
+
+	mux.HandleFunc("/GraphDriver.Remove", func(w http.ResponseWriter, r *http.Request) {
+		s.ec[ext].removals++
+
+		var req graphDriverRequest
+		if err := decReq(r.Body, &req, w); err != nil {
+			return
+		}
+
+		if err := driver.Remove(req.ID); err != nil {
+			respond(w, err)
+			return
+		}
+		respond(w, "{}")
+	})
+
+	mux.HandleFunc("/GraphDriver.Get", func(w http.ResponseWriter, r *http.Request) {
+		s.ec[ext].gets++
+
+		var req graphDriverRequest
+		if err := decReq(r.Body, &req, w); err != nil {
+			return
+		}
+
+		dir, err := driver.Get(req.ID, req.MountLabel)
+		if err != nil {
+			respond(w, err)
+			return
+		}
+		respond(w, &graphDriverResponse{Dir: dir})
+	})
+
+	mux.HandleFunc("/GraphDriver.Put", func(w http.ResponseWriter, r *http.Request) {
+		s.ec[ext].puts++
+
+		var req graphDriverRequest
+		if err := decReq(r.Body, &req, w); err != nil {
+			return
+		}
+
+		if err := driver.Put(req.ID); err != nil {
+			respond(w, err)
+			return
+		}
+		respond(w, "{}")
+	})
+
+	mux.HandleFunc("/GraphDriver.Exists", func(w http.ResponseWriter, r *http.Request) {
+		s.ec[ext].exists++
+
+		var req graphDriverRequest
+		if err := decReq(r.Body, &req, w); err != nil {
+			return
+		}
+		respond(w, &graphDriverResponse{Exists: driver.Exists(req.ID)})
+	})
+
+	mux.HandleFunc("/GraphDriver.Status", func(w http.ResponseWriter, r *http.Request) {
+		s.ec[ext].stats++
+		respond(w, &graphDriverResponse{Status: driver.Status()})
+	})
+
+	mux.HandleFunc("/GraphDriver.Cleanup", func(w http.ResponseWriter, r *http.Request) {
+		s.ec[ext].cleanups++
+		err := driver.Cleanup()
+		if err != nil {
+			respond(w, err)
+			return
+		}
+		respond(w, `{}`)
+	})
+
+	mux.HandleFunc("/GraphDriver.GetMetadata", func(w http.ResponseWriter, r *http.Request) {
+		s.ec[ext].metadata++
+
+		var req graphDriverRequest
+		if err := decReq(r.Body, &req, w); err != nil {
+			return
+		}
+
+		data, err := driver.GetMetadata(req.ID)
+		if err != nil {
+			respond(w, err)
+			return
+		}
+		respond(w, &graphDriverResponse{Metadata: data})
+	})
+
+	mux.HandleFunc("/GraphDriver.Diff", func(w http.ResponseWriter, r *http.Request) {
+		s.ec[ext].diff++
+
+		var req graphDriverRequest
+		if err := decReq(r.Body, &req, w); err != nil {
+			return
+		}
+
+		diff, err := driver.Diff(req.ID, req.Parent)
+		if err != nil {
+			respond(w, err)
+			return
+		}
+		io.Copy(w, diff)
+	})
+
+	mux.HandleFunc("/GraphDriver.Changes", func(w http.ResponseWriter, r *http.Request) {
+		s.ec[ext].changes++
+		var req graphDriverRequest
+		if err := decReq(r.Body, &req, w); err != nil {
+			return
+		}
+
+		changes, err := driver.Changes(req.ID, req.Parent)
+		if err != nil {
+			respond(w, err)
+			return
+		}
+		respond(w, &graphDriverResponse{Changes: changes})
+	})
+
+	mux.HandleFunc("/GraphDriver.ApplyDiff", func(w http.ResponseWriter, r *http.Request) {
+		s.ec[ext].applydiff++
+		var diff archive.Reader = r.Body
+		defer r.Body.Close()
+
+		id := r.URL.Query().Get("id")
+		parent := r.URL.Query().Get("parent")
+
+		if id == "" {
+			http.Error(w, fmt.Sprintf("missing id"), 409)
+		}
+
+		size, err := driver.ApplyDiff(id, parent, diff)
+		if err != nil {
+			respond(w, err)
+			return
+		}
+		respond(w, &graphDriverResponse{Size: size})
+	})
+
+	mux.HandleFunc("/GraphDriver.DiffSize", func(w http.ResponseWriter, r *http.Request) {
+		s.ec[ext].diffsize++
+
+		var req graphDriverRequest
+		if err := decReq(r.Body, &req, w); err != nil {
+			return
+		}
+
+		size, err := driver.DiffSize(req.ID, req.Parent)
+		if err != nil {
+			respond(w, err)
+			return
+		}
+		respond(w, &graphDriverResponse{Size: size})
+	})
+
+	err = os.MkdirAll("/etc/docker/plugins", 0755)
+	c.Assert(err, check.IsNil, check.Commentf("error creating /etc/docker/plugins"))
+
+	specFile := "/etc/docker/plugins/" + name + "." + ext
+	err = ioutil.WriteFile(specFile, b, 0644)
+	c.Assert(err, check.IsNil, check.Commentf("error writing to %s", specFile))
+}
+
+func (s *DockerExternalGraphdriverSuite) TearDownSuite(c *check.C) {
+	s.server.Close()
+	s.jserver.Close()
+
+	err := os.RemoveAll("/etc/docker/plugins")
+	c.Assert(err, check.IsNil, check.Commentf("error removing /etc/docker/plugins"))
+}
+
+func (s *DockerExternalGraphdriverSuite) TestExternalGraphDriver(c *check.C) {
+	s.testExternalGraphDriver("test-external-graph-driver", "spec", c)
+	s.testExternalGraphDriver("json-external-graph-driver", "json", c)
+}
+
+func (s *DockerExternalGraphdriverSuite) testExternalGraphDriver(name string, ext string, c *check.C) {
+	if err := s.d.StartWithBusybox("-s", name); err != nil {
+		b, _ := ioutil.ReadFile(s.d.LogFileName())
+		c.Assert(err, check.IsNil, check.Commentf("\n%s", string(b)))
+	}
+
+	out, err := s.d.Cmd("run", "-d", "--name=graphtest", "busybox", "sh", "-c", "echo hello > /hello")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	err = s.d.Restart("-s", name)
+
+	out, err = s.d.Cmd("inspect", "--format='{{.GraphDriver.Name}}'", "graphtest")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(strings.TrimSpace(out), check.Equals, name)
+
+	out, err = s.d.Cmd("diff", "graphtest")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(strings.Contains(out, "A /hello"), check.Equals, true)
+
+	out, err = s.d.Cmd("rm", "-f", "graphtest")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	out, err = s.d.Cmd("info")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	err = s.d.Stop()
+	c.Assert(err, check.IsNil)
+
+	// Don't check s.ec.exists, because the daemon no longer calls the
+	// Exists function.
+	c.Assert(s.ec[ext].activations, check.Equals, 2)
+	c.Assert(s.ec[ext].init, check.Equals, 2)
+	c.Assert(s.ec[ext].creations >= 1, check.Equals, true)
+	c.Assert(s.ec[ext].removals >= 1, check.Equals, true)
+	c.Assert(s.ec[ext].gets >= 1, check.Equals, true)
+	c.Assert(s.ec[ext].puts >= 1, check.Equals, true)
+	c.Assert(s.ec[ext].stats, check.Equals, 3)
+	c.Assert(s.ec[ext].cleanups, check.Equals, 2)
+	c.Assert(s.ec[ext].applydiff >= 1, check.Equals, true)
+	c.Assert(s.ec[ext].changes, check.Equals, 1)
+	c.Assert(s.ec[ext].diffsize, check.Equals, 0)
+	c.Assert(s.ec[ext].diff, check.Equals, 0)
+	c.Assert(s.ec[ext].metadata, check.Equals, 1)
+}
+
+func (s *DockerExternalGraphdriverSuite) TestExternalGraphDriverPull(c *check.C) {
+	testRequires(c, Network)
+	c.Assert(s.d.Start(), check.IsNil)
+
+	out, err := s.d.Cmd("pull", "busybox:latest")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	out, err = s.d.Cmd("run", "-d", "busybox", "top")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+}
diff --git a/integration-cli/docker_cli_help_test.go b/integration-cli/docker_cli_help_test.go
new file mode 100644
index 00000000..93ccbeb8
--- /dev/null
+++ b/integration-cli/docker_cli_help_test.go
@@ -0,0 +1,298 @@
+package main
+
+import (
+	"os/exec"
+	"runtime"
+	"strings"
+	"unicode"
+
+	"github.com/docker/docker/pkg/homedir"
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestHelpTextVerify(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	// Make sure main help text fits within 80 chars and that
+	// on non-windows system we use ~ when possible (to shorten things).
+	// Test for HOME set to its default value and set to "/" on linux
+	// Yes on windows setting up an array and looping (right now) isn't
+	// necessary because we just have one value, but we'll need the
+	// array/loop on linux so we might as well set it up so that we can
+	// test any number of home dirs later on and all we need to do is
+	// modify the array - the rest of the testing infrastructure should work
+	homes := []string{homedir.Get()}
+
+	// Non-Windows machines need to test for this special case of $HOME
+	if runtime.GOOS != "windows" {
+		homes = append(homes, "/")
+	}
+
+	homeKey := homedir.Key()
+	baseEnvs := appendBaseEnv(true)
+
+	// Remove HOME env var from list so we can add a new value later.
+	for i, env := range baseEnvs {
+		if strings.HasPrefix(env, homeKey+"=") {
+			baseEnvs = append(baseEnvs[:i], baseEnvs[i+1:]...)
+			break
+		}
+	}
+
+	for _, home := range homes {
+		// Dup baseEnvs and add our new HOME value
+		newEnvs := make([]string, len(baseEnvs)+1)
+		copy(newEnvs, baseEnvs)
+		newEnvs[len(newEnvs)-1] = homeKey + "=" + home
+
+		scanForHome := runtime.GOOS != "windows" && home != "/"
+
+		// Check main help text to make sure its not over 80 chars
+		helpCmd := exec.Command(dockerBinary, "help")
+		helpCmd.Env = newEnvs
+		out, _, err := runCommandWithOutput(helpCmd)
+		c.Assert(err, checker.IsNil, check.Commentf(out))
+		lines := strings.Split(out, "\n")
+		foundTooLongLine := false
+		for _, line := range lines {
+			if !foundTooLongLine && len(line) > 80 {
+				c.Logf("Line is too long:\n%s", line)
+				foundTooLongLine = true
+			}
+			// All lines should not end with a space
+			c.Assert(line, checker.Not(checker.HasSuffix), " ", check.Commentf("Line should not end with a space"))
+
+			if scanForHome && strings.Contains(line, `=`+home) {
+				c.Fatalf("Line should use '%q' instead of %q:\n%s", homedir.GetShortcutString(), home, line)
+			}
+			if runtime.GOOS != "windows" {
+				i := strings.Index(line, homedir.GetShortcutString())
+				if i >= 0 && i != len(line)-1 && line[i+1] != '/' {
+					c.Fatalf("Main help should not have used home shortcut:\n%s", line)
+				}
+			}
+		}
+
+		// Make sure each cmd's help text fits within 90 chars and that
+		// on non-windows system we use ~ when possible (to shorten things).
+		// Pull the list of commands from the "Commands:" section of docker help
+		helpCmd = exec.Command(dockerBinary, "help")
+		helpCmd.Env = newEnvs
+		out, _, err = runCommandWithOutput(helpCmd)
+		c.Assert(err, checker.IsNil, check.Commentf(out))
+		i := strings.Index(out, "Commands:")
+		c.Assert(i, checker.GreaterOrEqualThan, 0, check.Commentf("Missing 'Commands:' in:\n%s", out))
+
+		cmds := []string{}
+		// Grab all chars starting at "Commands:"
+		helpOut := strings.Split(out[i:], "\n")
+		// First line is just "Commands:"
+		if isLocalDaemon {
+			// Replace first line with "daemon" command since it's not part of the list of commands.
+			helpOut[0] = " daemon"
+		} else {
+			// Skip first line
+			helpOut = helpOut[1:]
+		}
+
+		// Create the list of commands we want to test
+		cmdsToTest := []string{}
+		for _, cmd := range helpOut {
+			// Stop on blank line or non-idented line
+			if cmd == "" || !unicode.IsSpace(rune(cmd[0])) {
+				break
+			}
+
+			// Grab just the first word of each line
+			cmd = strings.Split(strings.TrimSpace(cmd), " ")[0]
+			cmds = append(cmds, cmd) // Saving count for later
+
+			cmdsToTest = append(cmdsToTest, cmd)
+		}
+
+		// Add some 'two word' commands - would be nice to automatically
+		// calculate this list - somehow
+		cmdsToTest = append(cmdsToTest, "volume create")
+		cmdsToTest = append(cmdsToTest, "volume inspect")
+		cmdsToTest = append(cmdsToTest, "volume ls")
+		cmdsToTest = append(cmdsToTest, "volume rm")
+
+		for _, cmd := range cmdsToTest {
+			var stderr string
+
+			args := strings.Split(cmd+" --help", " ")
+
+			// Check the full usage text
+			helpCmd := exec.Command(dockerBinary, args...)
+			helpCmd.Env = newEnvs
+			out, stderr, _, err = runCommandWithStdoutStderr(helpCmd)
+			c.Assert(len(stderr), checker.Equals, 0, check.Commentf("Error on %q help. non-empty stderr:%q", cmd, stderr))
+			c.Assert(out, checker.Not(checker.HasSuffix), "\n\n", check.Commentf("Should not have blank line on %q\n", cmd))
+			c.Assert(out, checker.Contains, "--help", check.Commentf("All commands should mention '--help'. Command '%v' did not.\n", cmd))
+
+			c.Assert(err, checker.IsNil, check.Commentf(out))
+
+			// Check each line for lots of stuff
+			lines := strings.Split(out, "\n")
+			for _, line := range lines {
+				c.Assert(len(line), checker.LessOrEqualThan, 107, check.Commentf("Help for %q is too long:\n%s", cmd, line))
+
+				if scanForHome && strings.Contains(line, `"`+home) {
+					c.Fatalf("Help for %q should use ~ instead of %q on:\n%s",
+						cmd, home, line)
+				}
+				i := strings.Index(line, "~")
+				if i >= 0 && i != len(line)-1 && line[i+1] != '/' {
+					c.Fatalf("Help for %q should not have used ~:\n%s", cmd, line)
+				}
+
+				// If a line starts with 4 spaces then assume someone
+				// added a multi-line description for an option and we need
+				// to flag it
+				c.Assert(line, checker.Not(checker.HasPrefix), "    ", check.Commentf("Help for %q should not have a multi-line option", cmd))
+
+				// Options should NOT end with a period
+				if strings.HasPrefix(line, "  -") && strings.HasSuffix(line, ".") {
+					c.Fatalf("Help for %q should not end with a period: %s", cmd, line)
+				}
+
+				// Options should NOT end with a space
+				c.Assert(line, checker.Not(checker.HasSuffix), " ", check.Commentf("Help for %q should not end with a space", cmd))
+
+			}
+
+			// For each command make sure we generate an error
+			// if we give a bad arg
+			args = strings.Split(cmd+" --badArg", " ")
+
+			out, _, err = dockerCmdWithError(args...)
+			c.Assert(err, checker.NotNil, check.Commentf(out))
+			// Be really picky
+			c.Assert(stderr, checker.Not(checker.HasSuffix), "\n\n", check.Commentf("Should not have a blank line at the end of 'docker rm'\n"))
+
+			// Now make sure that each command will print a short-usage
+			// (not a full usage - meaning no opts section) if we
+			// are missing a required arg or pass in a bad arg
+
+			// These commands will never print a short-usage so don't test
+			noShortUsage := map[string]string{
+				"images":  "",
+				"login":   "",
+				"logout":  "",
+				"network": "",
+				"stats":   "",
+			}
+
+			if _, ok := noShortUsage[cmd]; !ok {
+				// For each command run it w/o any args. It will either return
+				// valid output or print a short-usage
+				var dCmd *exec.Cmd
+				var stdout, stderr string
+				var args []string
+
+				// skipNoArgs are ones that we don't want to try w/o
+				// any args. Either because it'll hang the test or
+				// lead to incorrect test result (like false negative).
+				// Whatever the reason, skip trying to run w/o args and
+				// jump to trying with a bogus arg.
+				skipNoArgs := map[string]struct{}{
+					"daemon": {},
+					"events": {},
+					"load":   {},
+				}
+
+				ec := 0
+				if _, ok := skipNoArgs[cmd]; !ok {
+					args = strings.Split(cmd, " ")
+					dCmd = exec.Command(dockerBinary, args...)
+					stdout, stderr, ec, err = runCommandWithStdoutStderr(dCmd)
+				}
+
+				// If its ok w/o any args then try again with an arg
+				if ec == 0 {
+					args = strings.Split(cmd+" badArg", " ")
+					dCmd = exec.Command(dockerBinary, args...)
+					stdout, stderr, ec, err = runCommandWithStdoutStderr(dCmd)
+				}
+
+				if len(stdout) != 0 || len(stderr) == 0 || ec == 0 || err == nil {
+					c.Fatalf("Bad output from %q\nstdout:%q\nstderr:%q\nec:%d\nerr:%q", args, stdout, stderr, ec, err)
+				}
+				// Should have just short usage
+				c.Assert(stderr, checker.Contains, "\nUsage:\t", check.Commentf("Missing short usage on %q\n", args))
+				// But shouldn't have full usage
+				c.Assert(stderr, checker.Not(checker.Contains), "--help=false", check.Commentf("Should not have full usage on %q\n", args))
+				c.Assert(stderr, checker.Not(checker.HasSuffix), "\n\n", check.Commentf("Should not have a blank line on %q\n", args))
+			}
+
+		}
+
+		// Number of commands for standard release and experimental release
+		standard := 41
+		experimental := 1
+		expected := standard + experimental
+		if isLocalDaemon {
+			expected++ // for the daemon command
+		}
+		c.Assert(len(cmds), checker.LessOrEqualThan, expected, check.Commentf("Wrong # of cmds, it should be: %d\nThe list:\n%q", expected, cmds))
+	}
+
+}
+
+func (s *DockerSuite) TestHelpExitCodesHelpOutput(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	// Test to make sure the exit code and output (stdout vs stderr) of
+	// various good and bad cases are what we expect
+
+	// docker : stdout=all, stderr=empty, rc=0
+	out, _, err := dockerCmdWithError()
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+	// Be really pick
+	c.Assert(out, checker.Not(checker.HasSuffix), "\n\n", check.Commentf("Should not have a blank line at the end of 'docker'\n"))
+
+	// docker help: stdout=all, stderr=empty, rc=0
+	out, _, err = dockerCmdWithError("help")
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+	// Be really pick
+	c.Assert(out, checker.Not(checker.HasSuffix), "\n\n", check.Commentf("Should not have a blank line at the end of 'docker help'\n"))
+
+	// docker --help: stdout=all, stderr=empty, rc=0
+	out, _, err = dockerCmdWithError("--help")
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+	// Be really pick
+	c.Assert(out, checker.Not(checker.HasSuffix), "\n\n", check.Commentf("Should not have a blank line at the end of 'docker --help'\n"))
+
+	// docker inspect busybox: stdout=all, stderr=empty, rc=0
+	// Just making sure stderr is empty on valid cmd
+	out, _, err = dockerCmdWithError("inspect", "busybox")
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+	// Be really pick
+	c.Assert(out, checker.Not(checker.HasSuffix), "\n\n", check.Commentf("Should not have a blank line at the end of 'docker inspect busyBox'\n"))
+
+	// docker rm: stdout=empty, stderr=all, rc!=0
+	// testing the min arg error msg
+	cmd := exec.Command(dockerBinary, "rm")
+	stdout, stderr, _, err := runCommandWithStdoutStderr(cmd)
+	c.Assert(err, checker.NotNil)
+	c.Assert(stdout, checker.Equals, "")
+	// Should not contain full help text but should contain info about
+	// # of args and Usage line
+	c.Assert(stderr, checker.Contains, "requires a minimum", check.Commentf("Missing # of args text from 'docker rm'\n"))
+
+	// docker rm NoSuchContainer: stdout=empty, stderr=all, rc=0
+	// testing to make sure no blank line on error
+	cmd = exec.Command(dockerBinary, "rm", "NoSuchContainer")
+	stdout, stderr, _, err = runCommandWithStdoutStderr(cmd)
+	c.Assert(err, checker.NotNil)
+	c.Assert(len(stderr), checker.Not(checker.Equals), 0)
+	c.Assert(stdout, checker.Equals, "")
+	// Be really picky
+	c.Assert(stderr, checker.Not(checker.HasSuffix), "\n\n", check.Commentf("Should not have a blank line at the end of 'docker rm'\n"))
+
+	// docker BadCmd: stdout=empty, stderr=all, rc=0
+	cmd = exec.Command(dockerBinary, "BadCmd")
+	stdout, stderr, _, err = runCommandWithStdoutStderr(cmd)
+	c.Assert(err, checker.NotNil)
+	c.Assert(stdout, checker.Equals, "")
+	c.Assert(stderr, checker.Equals, "docker: 'BadCmd' is not a docker command.\nSee 'docker --help'.\n", check.Commentf("Unexcepted output for 'docker badCmd'\n"))
+}
diff --git a/integration-cli/docker_cli_history_test.go b/integration-cli/docker_cli_history_test.go
new file mode 100644
index 00000000..0ee1c46b
--- /dev/null
+++ b/integration-cli/docker_cli_history_test.go
@@ -0,0 +1,125 @@
+package main
+
+import (
+	"fmt"
+	"regexp"
+	"strconv"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+// This is a heisen-test.  Because the created timestamp of images and the behavior of
+// sort is not predictable it doesn't always fail.
+func (s *DockerSuite) TestBuildHistory(c *check.C) {
+	testRequires(c, DaemonIsLinux) // TODO Windows: This test passes on Windows,
+	// but currently adds a disproportionate amount of time for the value it has.
+	// Removing it from Windows CI for now, but this will be revisited in the
+	// TP5 timeframe when perf is better.
+	name := "testbuildhistory"
+	_, err := buildImage(name, `FROM `+minimalBaseImage()+`
+LABEL label.A="A"
+LABEL label.B="B"
+LABEL label.C="C"
+LABEL label.D="D"
+LABEL label.E="E"
+LABEL label.F="F"
+LABEL label.G="G"
+LABEL label.H="H"
+LABEL label.I="I"
+LABEL label.J="J"
+LABEL label.K="K"
+LABEL label.L="L"
+LABEL label.M="M"
+LABEL label.N="N"
+LABEL label.O="O"
+LABEL label.P="P"
+LABEL label.Q="Q"
+LABEL label.R="R"
+LABEL label.S="S"
+LABEL label.T="T"
+LABEL label.U="U"
+LABEL label.V="V"
+LABEL label.W="W"
+LABEL label.X="X"
+LABEL label.Y="Y"
+LABEL label.Z="Z"`,
+		true)
+
+	c.Assert(err, checker.IsNil)
+
+	out, _ := dockerCmd(c, "history", "testbuildhistory")
+	actualValues := strings.Split(out, "\n")[1:27]
+	expectedValues := [26]string{"Z", "Y", "X", "W", "V", "U", "T", "S", "R", "Q", "P", "O", "N", "M", "L", "K", "J", "I", "H", "G", "F", "E", "D", "C", "B", "A"}
+
+	for i := 0; i < 26; i++ {
+		echoValue := fmt.Sprintf("LABEL label.%s=%s", expectedValues[i], expectedValues[i])
+		actualValue := actualValues[i]
+		c.Assert(actualValue, checker.Contains, echoValue)
+	}
+
+}
+
+func (s *DockerSuite) TestHistoryExistentImage(c *check.C) {
+	dockerCmd(c, "history", "busybox")
+}
+
+func (s *DockerSuite) TestHistoryNonExistentImage(c *check.C) {
+	_, _, err := dockerCmdWithError("history", "testHistoryNonExistentImage")
+	c.Assert(err, checker.NotNil, check.Commentf("history on a non-existent image should fail."))
+}
+
+func (s *DockerSuite) TestHistoryImageWithComment(c *check.C) {
+	name := "testhistoryimagewithcomment"
+
+	// make a image through docker commit <container id> [ -m messages ]
+
+	dockerCmd(c, "run", "--name", name, "busybox", "true")
+	dockerCmd(c, "wait", name)
+
+	comment := "This_is_a_comment"
+	dockerCmd(c, "commit", "-m="+comment, name, name)
+
+	// test docker history <image id> to check comment messages
+
+	out, _ := dockerCmd(c, "history", name)
+	outputTabs := strings.Fields(strings.Split(out, "\n")[1])
+	actualValue := outputTabs[len(outputTabs)-1]
+	c.Assert(actualValue, checker.Contains, comment)
+}
+
+func (s *DockerSuite) TestHistoryHumanOptionFalse(c *check.C) {
+	out, _ := dockerCmd(c, "history", "--human=false", "busybox")
+	lines := strings.Split(out, "\n")
+	sizeColumnRegex, _ := regexp.Compile("SIZE +")
+	indices := sizeColumnRegex.FindStringIndex(lines[0])
+	startIndex := indices[0]
+	endIndex := indices[1]
+	for i := 1; i < len(lines)-1; i++ {
+		if endIndex > len(lines[i]) {
+			endIndex = len(lines[i])
+		}
+		sizeString := lines[i][startIndex:endIndex]
+
+		_, err := strconv.Atoi(strings.TrimSpace(sizeString))
+		c.Assert(err, checker.IsNil, check.Commentf("The size '%s' was not an Integer", sizeString))
+	}
+}
+
+func (s *DockerSuite) TestHistoryHumanOptionTrue(c *check.C) {
+	out, _ := dockerCmd(c, "history", "--human=true", "busybox")
+	lines := strings.Split(out, "\n")
+	sizeColumnRegex, _ := regexp.Compile("SIZE +")
+	humanSizeRegexRaw := "\\d+.*B" // Matches human sizes like 10 MB, 3.2 KB, etc
+	indices := sizeColumnRegex.FindStringIndex(lines[0])
+	startIndex := indices[0]
+	endIndex := indices[1]
+	for i := 1; i < len(lines)-1; i++ {
+		if endIndex > len(lines[i]) {
+			endIndex = len(lines[i])
+		}
+		sizeString := lines[i][startIndex:endIndex]
+		c.Assert(strings.TrimSpace(sizeString), checker.Matches, humanSizeRegexRaw, check.Commentf("The size '%s' was not in human format", sizeString))
+	}
+}
diff --git a/integration-cli/docker_cli_images_test.go b/integration-cli/docker_cli_images_test.go
new file mode 100644
index 00000000..dbceddf1
--- /dev/null
+++ b/integration-cli/docker_cli_images_test.go
@@ -0,0 +1,290 @@
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"reflect"
+	"sort"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestImagesEnsureImageIsListed(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	imagesOut, _ := dockerCmd(c, "images")
+	c.Assert(imagesOut, checker.Contains, "busybox")
+}
+
+func (s *DockerSuite) TestImagesEnsureImageWithTagIsListed(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	name := "imagewithtag"
+	dockerCmd(c, "tag", "busybox", name+":v1")
+	dockerCmd(c, "tag", "busybox", name+":v1v1")
+	dockerCmd(c, "tag", "busybox", name+":v2")
+
+	imagesOut, _ := dockerCmd(c, "images", name+":v1")
+	c.Assert(imagesOut, checker.Contains, name)
+	c.Assert(imagesOut, checker.Contains, "v1")
+	c.Assert(imagesOut, checker.Not(checker.Contains), "v2")
+	c.Assert(imagesOut, checker.Not(checker.Contains), "v1v1")
+
+	imagesOut, _ = dockerCmd(c, "images", name)
+	c.Assert(imagesOut, checker.Contains, name)
+	c.Assert(imagesOut, checker.Contains, "v1")
+	c.Assert(imagesOut, checker.Contains, "v1v1")
+	c.Assert(imagesOut, checker.Contains, "v2")
+}
+
+func (s *DockerSuite) TestImagesEnsureImageWithBadTagIsNotListed(c *check.C) {
+	imagesOut, _ := dockerCmd(c, "images", "busybox:nonexistent")
+	c.Assert(imagesOut, checker.Not(checker.Contains), "busybox")
+}
+
+func (s *DockerSuite) TestImagesOrderedByCreationDate(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	id1, err := buildImage("order:test_a",
+		`FROM scratch
+                MAINTAINER dockerio1`, true)
+	c.Assert(err, checker.IsNil)
+	time.Sleep(1 * time.Second)
+	id2, err := buildImage("order:test_c",
+		`FROM scratch
+                MAINTAINER dockerio2`, true)
+	c.Assert(err, checker.IsNil)
+	time.Sleep(1 * time.Second)
+	id3, err := buildImage("order:test_b",
+		`FROM scratch
+                MAINTAINER dockerio3`, true)
+	c.Assert(err, checker.IsNil)
+
+	out, _ := dockerCmd(c, "images", "-q", "--no-trunc")
+	imgs := strings.Split(out, "\n")
+	c.Assert(imgs[0], checker.Equals, id3, check.Commentf("First image must be %s, got %s", id3, imgs[0]))
+	c.Assert(imgs[1], checker.Equals, id2, check.Commentf("First image must be %s, got %s", id2, imgs[1]))
+	c.Assert(imgs[2], checker.Equals, id1, check.Commentf("First image must be %s, got %s", id1, imgs[2]))
+}
+
+func (s *DockerSuite) TestImagesErrorWithInvalidFilterNameTest(c *check.C) {
+	out, _, err := dockerCmdWithError("images", "-f", "FOO=123")
+	c.Assert(err, checker.NotNil)
+	c.Assert(out, checker.Contains, "Invalid filter")
+}
+
+func (s *DockerSuite) TestImagesFilterLabelMatch(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	imageName1 := "images_filter_test1"
+	imageName2 := "images_filter_test2"
+	imageName3 := "images_filter_test3"
+	image1ID, err := buildImage(imageName1,
+		`FROM scratch
+                 LABEL match me`, true)
+	c.Assert(err, check.IsNil)
+
+	image2ID, err := buildImage(imageName2,
+		`FROM scratch
+                 LABEL match="me too"`, true)
+	c.Assert(err, check.IsNil)
+
+	image3ID, err := buildImage(imageName3,
+		`FROM scratch
+                 LABEL nomatch me`, true)
+	c.Assert(err, check.IsNil)
+
+	out, _ := dockerCmd(c, "images", "--no-trunc", "-q", "-f", "label=match")
+	out = strings.TrimSpace(out)
+	c.Assert(out, check.Matches, fmt.Sprintf("[\\s\\w:]*%s[\\s\\w:]*", image1ID))
+	c.Assert(out, check.Matches, fmt.Sprintf("[\\s\\w:]*%s[\\s\\w:]*", image2ID))
+	c.Assert(out, check.Not(check.Matches), fmt.Sprintf("[\\s\\w:]*%s[\\s\\w:]*", image3ID))
+
+	out, _ = dockerCmd(c, "images", "--no-trunc", "-q", "-f", "label=match=me too")
+	out = strings.TrimSpace(out)
+	c.Assert(out, check.Equals, image2ID)
+}
+
+// Regression : #15659
+func (s *DockerSuite) TestImagesFilterLabelWithCommit(c *check.C) {
+	// Create a container
+	dockerCmd(c, "run", "--name", "bar", "busybox", "/bin/sh")
+	// Commit with labels "using changes"
+	out, _ := dockerCmd(c, "commit", "-c", "LABEL foo.version=1.0.0-1", "-c", "LABEL foo.name=bar", "-c", "LABEL foo.author=starlord", "bar", "bar:1.0.0-1")
+	imageID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "images", "--no-trunc", "-q", "-f", "label=foo.version=1.0.0-1")
+	out = strings.TrimSpace(out)
+	c.Assert(out, check.Equals, imageID)
+}
+
+func (s *DockerSuite) TestImagesFilterSpaceTrimCase(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	imageName := "images_filter_test"
+	buildImage(imageName,
+		`FROM scratch
+                 RUN touch /test/foo
+                 RUN touch /test/bar
+                 RUN touch /test/baz`, true)
+
+	filters := []string{
+		"dangling=true",
+		"Dangling=true",
+		" dangling=true",
+		"dangling=true ",
+		"dangling = true",
+	}
+
+	imageListings := make([][]string, 5, 5)
+	for idx, filter := range filters {
+		out, _ := dockerCmd(c, "images", "-q", "-f", filter)
+		listing := strings.Split(out, "\n")
+		sort.Strings(listing)
+		imageListings[idx] = listing
+	}
+
+	for idx, listing := range imageListings {
+		if idx < 4 && !reflect.DeepEqual(listing, imageListings[idx+1]) {
+			for idx, errListing := range imageListings {
+				fmt.Printf("out %d", idx)
+				for _, image := range errListing {
+					fmt.Print(image)
+				}
+				fmt.Print("")
+			}
+			c.Fatalf("All output must be the same")
+		}
+	}
+}
+
+func (s *DockerSuite) TestImagesEnsureDanglingImageOnlyListedOnce(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	// create container 1
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "true")
+	containerID1 := strings.TrimSpace(out)
+
+	// tag as foobox
+	out, _ = dockerCmd(c, "commit", containerID1, "foobox")
+	imageID := stringid.TruncateID(strings.TrimSpace(out))
+
+	// overwrite the tag, making the previous image dangling
+	dockerCmd(c, "tag", "-f", "busybox", "foobox")
+
+	out, _ = dockerCmd(c, "images", "-q", "-f", "dangling=true")
+	// Expect one dangling image
+	c.Assert(strings.Count(out, imageID), checker.Equals, 1)
+
+	out, _ = dockerCmd(c, "images", "-q", "-f", "dangling=false")
+	//dangling=false would not include dangling images
+	c.Assert(out, checker.Not(checker.Contains), imageID)
+
+	out, _ = dockerCmd(c, "images")
+	//docker images still include dangling images
+	c.Assert(out, checker.Contains, imageID)
+
+}
+
+func (s *DockerSuite) TestImagesWithIncorrectFilter(c *check.C) {
+	out, _, err := dockerCmdWithError("images", "-f", "dangling=invalid")
+	c.Assert(err, check.NotNil)
+	c.Assert(out, checker.Contains, "Invalid filter")
+}
+
+func (s *DockerSuite) TestImagesEnsureOnlyHeadsImagesShown(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	dockerfile := `
+        FROM scratch
+        MAINTAINER docker
+        ENV foo bar`
+
+	head, out, err := buildImageWithOut("scratch-image", dockerfile, false)
+	c.Assert(err, check.IsNil)
+
+	// this is just the output of docker build
+	// we're interested in getting the image id of the MAINTAINER instruction
+	// and that's located at output, line 5, from 7 to end
+	split := strings.Split(out, "\n")
+	intermediate := strings.TrimSpace(split[5][7:])
+
+	out, _ = dockerCmd(c, "images")
+	// images shouldn't show non-heads images
+	c.Assert(out, checker.Not(checker.Contains), intermediate)
+	// images should contain final built images
+	c.Assert(out, checker.Contains, stringid.TruncateID(head))
+}
+
+func (s *DockerSuite) TestImagesEnsureImagesFromScratchShown(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	dockerfile := `
+        FROM scratch
+        MAINTAINER docker`
+
+	id, _, err := buildImageWithOut("scratch-image", dockerfile, false)
+	c.Assert(err, check.IsNil)
+
+	out, _ := dockerCmd(c, "images")
+	// images should contain images built from scratch
+	c.Assert(out, checker.Contains, stringid.TruncateID(id))
+}
+
+// #18181
+func (s *DockerSuite) TestImagesFilterNameWithPort(c *check.C) {
+	tag := "a.b.c.d:5000/hello"
+	dockerCmd(c, "tag", "busybox", tag)
+	out, _ := dockerCmd(c, "images", tag)
+	c.Assert(out, checker.Contains, tag)
+
+	out, _ = dockerCmd(c, "images", tag+":latest")
+	c.Assert(out, checker.Contains, tag)
+
+	out, _ = dockerCmd(c, "images", tag+":no-such-tag")
+	c.Assert(out, checker.Not(checker.Contains), tag)
+}
+
+func (s *DockerSuite) TestImagesFormat(c *check.C) {
+	// testRequires(c, DaemonIsLinux)
+	tag := "myimage"
+	dockerCmd(c, "tag", "busybox", tag+":v1")
+	dockerCmd(c, "tag", "busybox", tag+":v2")
+
+	out, _ := dockerCmd(c, "images", "--format", "{{.Repository}}", tag)
+	lines := strings.Split(strings.TrimSpace(string(out)), "\n")
+
+	expected := []string{"myimage", "myimage"}
+	var names []string
+	for _, l := range lines {
+		names = append(names, l)
+	}
+	c.Assert(expected, checker.DeepEquals, names, check.Commentf("Expected array with truncated names: %v, got: %v", expected, names))
+}
+
+// ImagesDefaultFormatAndQuiet
+func (s *DockerSuite) TestImagesFormatDefaultFormat(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	// create container 1
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "true")
+	containerID1 := strings.TrimSpace(out)
+
+	// tag as foobox
+	out, _ = dockerCmd(c, "commit", containerID1, "myimage")
+	imageID := stringid.TruncateID(strings.TrimSpace(out))
+
+	config := `{
+		"imagesFormat": "{{ .ID }} default"
+}`
+	d, err := ioutil.TempDir("", "integration-cli-")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(d)
+
+	err = ioutil.WriteFile(filepath.Join(d, "config.json"), []byte(config), 0644)
+	c.Assert(err, checker.IsNil)
+
+	out, _ = dockerCmd(c, "--config", d, "images", "-q", "myimage")
+	c.Assert(out, checker.Equals, imageID+"\n", check.Commentf("Expected to print only the image id, got %v\n", out))
+}
diff --git a/integration-cli/docker_cli_import_test.go b/integration-cli/docker_cli_import_test.go
new file mode 100644
index 00000000..9420dafa
--- /dev/null
+++ b/integration-cli/docker_cli_import_test.go
@@ -0,0 +1,123 @@
+package main
+
+import (
+	"bufio"
+	"compress/gzip"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"regexp"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestImportDisplay(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "true")
+	cleanedContainerID := strings.TrimSpace(out)
+
+	out, _, err := runCommandPipelineWithOutput(
+		exec.Command(dockerBinary, "export", cleanedContainerID),
+		exec.Command(dockerBinary, "import", "-"),
+	)
+	c.Assert(err, checker.IsNil)
+
+	c.Assert(out, checker.Count, "\n", 1, check.Commentf("display is expected 1 '\\n' but didn't"))
+
+	image := strings.TrimSpace(out)
+	out, _ = dockerCmd(c, "run", "--rm", image, "true")
+	c.Assert(out, checker.Equals, "", check.Commentf("command output should've been nothing."))
+}
+
+func (s *DockerSuite) TestImportBadURL(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _, err := dockerCmdWithError("import", "http://nourl/bad")
+	c.Assert(err, checker.NotNil, check.Commentf("import was supposed to fail but didn't"))
+	c.Assert(out, checker.Contains, "dial tcp", check.Commentf("expected an error msg but didn't get one"))
+}
+
+func (s *DockerSuite) TestImportFile(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "--name", "test-import", "busybox", "true")
+
+	temporaryFile, err := ioutil.TempFile("", "exportImportTest")
+	c.Assert(err, checker.IsNil, check.Commentf("failed to create temporary file"))
+	defer os.Remove(temporaryFile.Name())
+
+	runCmd := exec.Command(dockerBinary, "export", "test-import")
+	runCmd.Stdout = bufio.NewWriter(temporaryFile)
+
+	_, err = runCommand(runCmd)
+	c.Assert(err, checker.IsNil, check.Commentf("failed to export a container"))
+
+	out, _ := dockerCmd(c, "import", temporaryFile.Name())
+	c.Assert(out, checker.Count, "\n", 1, check.Commentf("display is expected 1 '\\n' but didn't"))
+	image := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "run", "--rm", image, "true")
+	c.Assert(out, checker.Equals, "", check.Commentf("command output should've been nothing."))
+}
+
+func (s *DockerSuite) TestImportGzipped(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "--name", "test-import", "busybox", "true")
+
+	temporaryFile, err := ioutil.TempFile("", "exportImportTest")
+	c.Assert(err, checker.IsNil, check.Commentf("failed to create temporary file"))
+	defer os.Remove(temporaryFile.Name())
+
+	runCmd := exec.Command(dockerBinary, "export", "test-import")
+	w := gzip.NewWriter(temporaryFile)
+	runCmd.Stdout = w
+
+	_, err = runCommand(runCmd)
+	c.Assert(err, checker.IsNil, check.Commentf("failed to export a container"))
+	err = w.Close()
+	c.Assert(err, checker.IsNil, check.Commentf("failed to close gzip writer"))
+	temporaryFile.Close()
+	out, _ := dockerCmd(c, "import", temporaryFile.Name())
+	c.Assert(out, checker.Count, "\n", 1, check.Commentf("display is expected 1 '\\n' but didn't"))
+	image := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "run", "--rm", image, "true")
+	c.Assert(out, checker.Equals, "", check.Commentf("command output should've been nothing."))
+}
+
+func (s *DockerSuite) TestImportFileWithMessage(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "--name", "test-import", "busybox", "true")
+
+	temporaryFile, err := ioutil.TempFile("", "exportImportTest")
+	c.Assert(err, checker.IsNil, check.Commentf("failed to create temporary file"))
+	defer os.Remove(temporaryFile.Name())
+
+	runCmd := exec.Command(dockerBinary, "export", "test-import")
+	runCmd.Stdout = bufio.NewWriter(temporaryFile)
+
+	_, err = runCommand(runCmd)
+	c.Assert(err, checker.IsNil, check.Commentf("failed to export a container"))
+
+	message := "Testing commit message"
+	out, _ := dockerCmd(c, "import", "-m", message, temporaryFile.Name())
+	c.Assert(out, checker.Count, "\n", 1, check.Commentf("display is expected 1 '\\n' but didn't"))
+	image := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "history", image)
+	split := strings.Split(out, "\n")
+
+	c.Assert(split, checker.HasLen, 3, check.Commentf("expected 3 lines from image history"))
+	r := regexp.MustCompile("[\\s]{2,}")
+	split = r.Split(split[1], -1)
+
+	c.Assert(message, checker.Equals, split[3], check.Commentf("didn't get expected value in commit message"))
+
+	out, _ = dockerCmd(c, "run", "--rm", image, "true")
+	c.Assert(out, checker.Equals, "", check.Commentf("command output should've been nothing"))
+}
+
+func (s *DockerSuite) TestImportFileNonExistentFile(c *check.C) {
+	_, _, err := dockerCmdWithError("import", "example.com/myImage.tar")
+	c.Assert(err, checker.NotNil, check.Commentf("import non-existing file must failed"))
+}
diff --git a/integration-cli/docker_cli_info_test.go b/integration-cli/docker_cli_info_test.go
new file mode 100644
index 00000000..dd236945
--- /dev/null
+++ b/integration-cli/docker_cli_info_test.go
@@ -0,0 +1,166 @@
+package main
+
+import (
+	"fmt"
+	"net"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/utils"
+	"github.com/go-check/check"
+)
+
+// ensure docker info succeeds
+func (s *DockerSuite) TestInfoEnsureSucceeds(c *check.C) {
+	out, _ := dockerCmd(c, "info")
+
+	// always shown fields
+	stringsToCheck := []string{
+		"ID:",
+		"Containers:",
+		" Running:",
+		" Paused:",
+		" Stopped:",
+		"Images:",
+		"OSType:",
+		"Architecture:",
+		"Logging Driver:",
+		"Operating System:",
+		"CPUs:",
+		"Total Memory:",
+		"Kernel Version:",
+		"Storage Driver:",
+		"Volume:",
+		"Network:",
+	}
+
+	if utils.ExperimentalBuild() {
+		stringsToCheck = append(stringsToCheck, "Experimental: true")
+	}
+
+	for _, linePrefix := range stringsToCheck {
+		c.Assert(out, checker.Contains, linePrefix, check.Commentf("couldn't find string %v in output", linePrefix))
+	}
+}
+
+// TestInfoDiscoveryBackend verifies that a daemon run with `--cluster-advertise` and
+// `--cluster-store` properly show the backend's endpoint in info output.
+func (s *DockerSuite) TestInfoDiscoveryBackend(c *check.C) {
+	testRequires(c, SameHostDaemon, DaemonIsLinux)
+
+	d := NewDaemon(c)
+	discoveryBackend := "consul://consuladdr:consulport/some/path"
+	discoveryAdvertise := "1.1.1.1:2375"
+	err := d.Start(fmt.Sprintf("--cluster-store=%s", discoveryBackend), fmt.Sprintf("--cluster-advertise=%s", discoveryAdvertise))
+	c.Assert(err, checker.IsNil)
+	defer d.Stop()
+
+	out, err := d.Cmd("info")
+	c.Assert(err, checker.IsNil)
+	c.Assert(out, checker.Contains, fmt.Sprintf("Cluster store: %s\n", discoveryBackend))
+	c.Assert(out, checker.Contains, fmt.Sprintf("Cluster advertise: %s\n", discoveryAdvertise))
+}
+
+// TestInfoDiscoveryInvalidAdvertise verifies that a daemon run with
+// an invalid `--cluster-advertise` configuration
+func (s *DockerSuite) TestInfoDiscoveryInvalidAdvertise(c *check.C) {
+	testRequires(c, SameHostDaemon, DaemonIsLinux)
+
+	d := NewDaemon(c)
+	discoveryBackend := "consul://consuladdr:consulport/some/path"
+
+	// --cluster-advertise with an invalid string is an error
+	err := d.Start(fmt.Sprintf("--cluster-store=%s", discoveryBackend), "--cluster-advertise=invalid")
+	c.Assert(err, checker.Not(checker.IsNil))
+
+	// --cluster-advertise without --cluster-store is also an error
+	err = d.Start("--cluster-advertise=1.1.1.1:2375")
+	c.Assert(err, checker.Not(checker.IsNil))
+}
+
+// TestInfoDiscoveryAdvertiseInterfaceName verifies that a daemon run with `--cluster-advertise`
+// configured with interface name properly show the advertise ip-address in info output.
+func (s *DockerSuite) TestInfoDiscoveryAdvertiseInterfaceName(c *check.C) {
+	testRequires(c, SameHostDaemon, Network, DaemonIsLinux)
+
+	d := NewDaemon(c)
+	discoveryBackend := "consul://consuladdr:consulport/some/path"
+	discoveryAdvertise := "eth0"
+
+	err := d.Start(fmt.Sprintf("--cluster-store=%s", discoveryBackend), fmt.Sprintf("--cluster-advertise=%s:2375", discoveryAdvertise))
+	c.Assert(err, checker.IsNil)
+	defer d.Stop()
+
+	iface, err := net.InterfaceByName(discoveryAdvertise)
+	c.Assert(err, checker.IsNil)
+	addrs, err := iface.Addrs()
+	c.Assert(err, checker.IsNil)
+	c.Assert(len(addrs), checker.GreaterThan, 0)
+	ip, _, err := net.ParseCIDR(addrs[0].String())
+	c.Assert(err, checker.IsNil)
+
+	out, err := d.Cmd("info")
+	c.Assert(err, checker.IsNil)
+	c.Assert(out, checker.Contains, fmt.Sprintf("Cluster store: %s\n", discoveryBackend))
+	c.Assert(out, checker.Contains, fmt.Sprintf("Cluster advertise: %s:2375\n", ip.String()))
+}
+
+func (s *DockerSuite) TestInfoDisplaysRunningContainers(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	dockerCmd(c, "run", "-d", "busybox", "top")
+	out, _ := dockerCmd(c, "info")
+	c.Assert(out, checker.Contains, fmt.Sprintf("Containers: %d\n", 1))
+	c.Assert(out, checker.Contains, fmt.Sprintf(" Running: %d\n", 1))
+	c.Assert(out, checker.Contains, fmt.Sprintf(" Paused: %d\n", 0))
+	c.Assert(out, checker.Contains, fmt.Sprintf(" Stopped: %d\n", 0))
+}
+
+func (s *DockerSuite) TestInfoDisplaysPausedContainers(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "top")
+	cleanedContainerID := strings.TrimSpace(out)
+
+	dockerCmd(c, "pause", cleanedContainerID)
+
+	out, _ = dockerCmd(c, "info")
+	c.Assert(out, checker.Contains, fmt.Sprintf("Containers: %d\n", 1))
+	c.Assert(out, checker.Contains, fmt.Sprintf(" Running: %d\n", 0))
+	c.Assert(out, checker.Contains, fmt.Sprintf(" Paused: %d\n", 1))
+	c.Assert(out, checker.Contains, fmt.Sprintf(" Stopped: %d\n", 0))
+}
+
+func (s *DockerSuite) TestInfoDisplaysStoppedContainers(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "top")
+	cleanedContainerID := strings.TrimSpace(out)
+
+	dockerCmd(c, "stop", cleanedContainerID)
+
+	out, _ = dockerCmd(c, "info")
+	c.Assert(out, checker.Contains, fmt.Sprintf("Containers: %d\n", 1))
+	c.Assert(out, checker.Contains, fmt.Sprintf(" Running: %d\n", 0))
+	c.Assert(out, checker.Contains, fmt.Sprintf(" Paused: %d\n", 0))
+	c.Assert(out, checker.Contains, fmt.Sprintf(" Stopped: %d\n", 1))
+}
+
+func (s *DockerSuite) TestInfoDebug(c *check.C) {
+	testRequires(c, SameHostDaemon, DaemonIsLinux)
+
+	d := NewDaemon(c)
+	err := d.Start("--debug")
+	c.Assert(err, checker.IsNil)
+	defer d.Stop()
+
+	out, err := d.Cmd("--debug", "info")
+	c.Assert(err, checker.IsNil)
+	c.Assert(out, checker.Contains, "Debug mode (client): true\n")
+	c.Assert(out, checker.Contains, "Debug mode (server): true\n")
+	c.Assert(out, checker.Contains, "File Descriptors")
+	c.Assert(out, checker.Contains, "Goroutines")
+	c.Assert(out, checker.Contains, "System Time")
+	c.Assert(out, checker.Contains, "EventsListeners")
+	c.Assert(out, checker.Contains, "Docker Root Dir")
+}
diff --git a/integration-cli/docker_cli_inspect_experimental_test.go b/integration-cli/docker_cli_inspect_experimental_test.go
new file mode 100644
index 00000000..0d9a261d
--- /dev/null
+++ b/integration-cli/docker_cli_inspect_experimental_test.go
@@ -0,0 +1,33 @@
+// +build experimental
+
+package main
+
+import (
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/engine-api/types"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestInspectNamedMountPoint(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "-d", "--name", "test", "-v", "data:/data", "busybox", "cat")
+
+	vol := inspectFieldJSON(c, "test", "Mounts")
+
+	var mp []types.MountPoint
+	err := unmarshalJSON([]byte(vol), &mp)
+	c.Assert(err, checker.IsNil)
+
+	c.Assert(mp, checker.HasLen, 1, check.Commentf("Expected 1 mount point"))
+
+	m := mp[0]
+	c.Assert(m.Name, checker.Equals, "data", check.Commentf("Expected name data"))
+
+	c.Assert(m.Driver, checker.Equals, "local", check.Commentf("Expected driver local"))
+
+	c.Assert(m.Source, checker.Not(checker.Equals), "", check.Commentf("Expected source to not be empty"))
+
+	c.Assert(m.RW, checker.Equals, true)
+
+	c.Assert(m.Destination, checker.Equals, "/data", check.Commentf("Expected destination /data"))
+}
diff --git a/integration-cli/docker_cli_inspect_test.go b/integration-cli/docker_cli_inspect_test.go
new file mode 100644
index 00000000..29614537
--- /dev/null
+++ b/integration-cli/docker_cli_inspect_test.go
@@ -0,0 +1,393 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"os/exec"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/container"
+	"github.com/go-check/check"
+)
+
+func checkValidGraphDriver(c *check.C, name string) {
+	if name != "devicemapper" && name != "overlay" && name != "vfs" && name != "zfs" && name != "btrfs" && name != "aufs" {
+		c.Fatalf("%v is not a valid graph driver name", name)
+	}
+}
+
+func (s *DockerSuite) TestInspectImage(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	imageTest := "emptyfs"
+	// It is important that this ID remain stable. If a code change causes
+	// it to be different, this is equivalent to a cache bust when pulling
+	// a legacy-format manifest. If the check at the end of this function
+	// fails, fix the difference in the image serialization instead of
+	// updating this hash.
+	imageTestID := "sha256:11f64303f0f7ffdc71f001788132bca5346831939a956e3e975c93267d89a16d"
+	id := inspectField(c, imageTest, "Id")
+
+	c.Assert(id, checker.Equals, imageTestID)
+}
+
+func (s *DockerSuite) TestInspectInt64(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	dockerCmd(c, "run", "-d", "-m=300M", "--name", "inspectTest", "busybox", "true")
+	inspectOut := inspectField(c, "inspectTest", "HostConfig.Memory")
+	c.Assert(inspectOut, checker.Equals, "314572800")
+}
+
+func (s *DockerSuite) TestInspectDefault(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	//Both the container and image are named busybox. docker inspect will fetch the container JSON.
+	//If the container JSON is not available, it will go for the image JSON.
+
+	out, _ := dockerCmd(c, "run", "--name=busybox", "-d", "busybox", "true")
+	containerID := strings.TrimSpace(out)
+
+	inspectOut := inspectField(c, "busybox", "Id")
+	c.Assert(strings.TrimSpace(inspectOut), checker.Equals, containerID)
+}
+
+func (s *DockerSuite) TestInspectStatus(c *check.C) {
+	defer unpauseAllContainers()
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "top")
+	out = strings.TrimSpace(out)
+
+	inspectOut := inspectField(c, out, "State.Status")
+	c.Assert(inspectOut, checker.Equals, "running")
+
+	dockerCmd(c, "pause", out)
+	inspectOut = inspectField(c, out, "State.Status")
+	c.Assert(inspectOut, checker.Equals, "paused")
+
+	dockerCmd(c, "unpause", out)
+	inspectOut = inspectField(c, out, "State.Status")
+	c.Assert(inspectOut, checker.Equals, "running")
+
+	dockerCmd(c, "stop", out)
+	inspectOut = inspectField(c, out, "State.Status")
+	c.Assert(inspectOut, checker.Equals, "exited")
+
+}
+
+func (s *DockerSuite) TestInspectTypeFlagContainer(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	//Both the container and image are named busybox. docker inspect will fetch container
+	//JSON State.Running field. If the field is true, it's a container.
+
+	dockerCmd(c, "run", "--name=busybox", "-d", "busybox", "top")
+
+	formatStr := "--format='{{.State.Running}}'"
+	out, _ := dockerCmd(c, "inspect", "--type=container", formatStr, "busybox")
+	c.Assert(out, checker.Equals, "true\n") // not a container JSON
+}
+
+func (s *DockerSuite) TestInspectTypeFlagWithNoContainer(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	//Run this test on an image named busybox. docker inspect will try to fetch container
+	//JSON. Since there is no container named busybox and --type=container, docker inspect will
+	//not try to get the image JSON. It will throw an error.
+
+	dockerCmd(c, "run", "-d", "busybox", "true")
+
+	_, _, err := dockerCmdWithError("inspect", "--type=container", "busybox")
+	// docker inspect should fail, as there is no container named busybox
+	c.Assert(err, checker.NotNil)
+}
+
+func (s *DockerSuite) TestInspectTypeFlagWithImage(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	//Both the container and image are named busybox. docker inspect will fetch image
+	//JSON as --type=image. if there is no image with name busybox, docker inspect
+	//will throw an error.
+
+	dockerCmd(c, "run", "--name=busybox", "-d", "busybox", "true")
+
+	out, _ := dockerCmd(c, "inspect", "--type=image", "busybox")
+	c.Assert(out, checker.Not(checker.Contains), "State") // not an image JSON
+}
+
+func (s *DockerSuite) TestInspectTypeFlagWithInvalidValue(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	//Both the container and image are named busybox. docker inspect will fail
+	//as --type=foobar is not a valid value for the flag.
+
+	dockerCmd(c, "run", "--name=busybox", "-d", "busybox", "true")
+
+	out, exitCode, err := dockerCmdWithError("inspect", "--type=foobar", "busybox")
+	c.Assert(err, checker.NotNil, check.Commentf("%s", exitCode))
+	c.Assert(exitCode, checker.Equals, 1, check.Commentf("%s", err))
+	c.Assert(out, checker.Contains, "not a valid value for --type")
+}
+
+func (s *DockerSuite) TestInspectImageFilterInt(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	imageTest := "emptyfs"
+	out := inspectField(c, imageTest, "Size")
+
+	size, err := strconv.Atoi(out)
+	c.Assert(err, checker.IsNil, check.Commentf("failed to inspect size of the image: %s, %v", out, err))
+
+	//now see if the size turns out to be the same
+	formatStr := fmt.Sprintf("--format='{{eq .Size %d}}'", size)
+	out, _ = dockerCmd(c, "inspect", formatStr, imageTest)
+	result, err := strconv.ParseBool(strings.TrimSuffix(out, "\n"))
+	c.Assert(err, checker.IsNil)
+	c.Assert(result, checker.Equals, true)
+}
+
+func (s *DockerSuite) TestInspectContainerFilterInt(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	runCmd := exec.Command(dockerBinary, "run", "-i", "-a", "stdin", "busybox", "cat")
+	runCmd.Stdin = strings.NewReader("blahblah")
+	out, _, _, err := runCommandWithStdoutStderr(runCmd)
+	c.Assert(err, checker.IsNil, check.Commentf("failed to run container: %v, output: %q", err, out))
+
+	id := strings.TrimSpace(out)
+
+	out = inspectField(c, id, "State.ExitCode")
+
+	exitCode, err := strconv.Atoi(out)
+	c.Assert(err, checker.IsNil, check.Commentf("failed to inspect exitcode of the container: %s, %v", out, err))
+
+	//now get the exit code to verify
+	formatStr := fmt.Sprintf("--format='{{eq .State.ExitCode %d}}'", exitCode)
+	out, _ = dockerCmd(c, "inspect", formatStr, id)
+	result, err := strconv.ParseBool(strings.TrimSuffix(out, "\n"))
+	c.Assert(err, checker.IsNil)
+	c.Assert(result, checker.Equals, true)
+}
+
+func (s *DockerSuite) TestInspectImageGraphDriver(c *check.C) {
+	testRequires(c, DaemonIsLinux, Devicemapper)
+	imageTest := "emptyfs"
+	name := inspectField(c, imageTest, "GraphDriver.Name")
+
+	checkValidGraphDriver(c, name)
+
+	deviceID := inspectField(c, imageTest, "GraphDriver.Data.DeviceId")
+
+	_, err := strconv.Atoi(deviceID)
+	c.Assert(err, checker.IsNil, check.Commentf("failed to inspect DeviceId of the image: %s, %v", deviceID, err))
+
+	deviceSize := inspectField(c, imageTest, "GraphDriver.Data.DeviceSize")
+
+	_, err = strconv.ParseUint(deviceSize, 10, 64)
+	c.Assert(err, checker.IsNil, check.Commentf("failed to inspect DeviceSize of the image: %s, %v", deviceSize, err))
+}
+
+func (s *DockerSuite) TestInspectContainerGraphDriver(c *check.C) {
+	testRequires(c, DaemonIsLinux, Devicemapper)
+
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "true")
+	out = strings.TrimSpace(out)
+
+	name := inspectField(c, out, "GraphDriver.Name")
+
+	checkValidGraphDriver(c, name)
+
+	imageDeviceID := inspectField(c, "busybox", "GraphDriver.Data.DeviceId")
+
+	deviceID := inspectField(c, out, "GraphDriver.Data.DeviceId")
+
+	c.Assert(imageDeviceID, checker.Not(checker.Equals), deviceID)
+
+	_, err := strconv.Atoi(deviceID)
+	c.Assert(err, checker.IsNil, check.Commentf("failed to inspect DeviceId of the image: %s, %v", deviceID, err))
+
+	deviceSize := inspectField(c, out, "GraphDriver.Data.DeviceSize")
+
+	_, err = strconv.ParseUint(deviceSize, 10, 64)
+	c.Assert(err, checker.IsNil, check.Commentf("failed to inspect DeviceSize of the image: %s, %v", deviceSize, err))
+}
+
+func (s *DockerSuite) TestInspectBindMountPoint(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "-d", "--name", "test", "-v", "/data:/data:ro,z", "busybox", "cat")
+
+	vol := inspectFieldJSON(c, "test", "Mounts")
+
+	var mp []types.MountPoint
+	err := unmarshalJSON([]byte(vol), &mp)
+	c.Assert(err, checker.IsNil)
+
+	// check that there is only one mountpoint
+	c.Assert(mp, check.HasLen, 1)
+
+	m := mp[0]
+
+	c.Assert(m.Name, checker.Equals, "")
+	c.Assert(m.Driver, checker.Equals, "")
+	c.Assert(m.Source, checker.Equals, "/data")
+	c.Assert(m.Destination, checker.Equals, "/data")
+	c.Assert(m.Mode, checker.Equals, "ro,z")
+	c.Assert(m.RW, checker.Equals, false)
+}
+
+// #14947
+func (s *DockerSuite) TestInspectTimesAsRFC3339Nano(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "true")
+	id := strings.TrimSpace(out)
+	startedAt := inspectField(c, id, "State.StartedAt")
+	finishedAt := inspectField(c, id, "State.FinishedAt")
+	created := inspectField(c, id, "Created")
+
+	_, err := time.Parse(time.RFC3339Nano, startedAt)
+	c.Assert(err, checker.IsNil)
+	_, err = time.Parse(time.RFC3339Nano, finishedAt)
+	c.Assert(err, checker.IsNil)
+	_, err = time.Parse(time.RFC3339Nano, created)
+	c.Assert(err, checker.IsNil)
+
+	created = inspectField(c, "busybox", "Created")
+
+	_, err = time.Parse(time.RFC3339Nano, created)
+	c.Assert(err, checker.IsNil)
+}
+
+// #15633
+func (s *DockerSuite) TestInspectLogConfigNoType(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "create", "--name=test", "--log-opt", "max-file=42", "busybox")
+	var logConfig container.LogConfig
+
+	out := inspectFieldJSON(c, "test", "HostConfig.LogConfig")
+
+	err := json.NewDecoder(strings.NewReader(out)).Decode(&logConfig)
+	c.Assert(err, checker.IsNil, check.Commentf("%v", out))
+
+	c.Assert(logConfig.Type, checker.Equals, "json-file")
+	c.Assert(logConfig.Config["max-file"], checker.Equals, "42", check.Commentf("%v", logConfig))
+}
+
+func (s *DockerSuite) TestInspectNoSizeFlagContainer(c *check.C) {
+
+	//Both the container and image are named busybox. docker inspect will fetch container
+	//JSON SizeRw and SizeRootFs field. If there is no flag --size/-s, there are no size fields.
+
+	runSleepingContainer(c, "--name=busybox", "-d")
+
+	formatStr := "--format='{{.SizeRw}},{{.SizeRootFs}}'"
+	out, _ := dockerCmd(c, "inspect", "--type=container", formatStr, "busybox")
+	c.Assert(strings.TrimSpace(out), check.Equals, "<nil>,<nil>", check.Commentf("Exepcted not to display size info: %s", out))
+}
+
+func (s *DockerSuite) TestInspectSizeFlagContainer(c *check.C) {
+	runSleepingContainer(c, "--name=busybox", "-d")
+
+	formatStr := "--format='{{.SizeRw}},{{.SizeRootFs}}'"
+	out, _ := dockerCmd(c, "inspect", "-s", "--type=container", formatStr, "busybox")
+	sz := strings.Split(out, ",")
+
+	c.Assert(strings.TrimSpace(sz[0]), check.Not(check.Equals), "<nil>")
+	c.Assert(strings.TrimSpace(sz[1]), check.Not(check.Equals), "<nil>")
+}
+
+func (s *DockerSuite) TestInspectSizeFlagImage(c *check.C) {
+	runSleepingContainer(c, "-d")
+
+	formatStr := "--format='{{.SizeRw}},{{.SizeRootFs}}'"
+	out, _, err := dockerCmdWithError("inspect", "-s", "--type=image", formatStr, "busybox")
+
+	// Template error rather than <no value>
+	// This is a more correct behavior because images don't have sizes associated.
+	c.Assert(err, check.Not(check.IsNil))
+	c.Assert(out, checker.Contains, "Template parsing error")
+}
+
+func (s *DockerSuite) TestInspectTemplateError(c *check.C) {
+	// Template parsing error for both the container and image.
+
+	runSleepingContainer(c, "--name=container1", "-d")
+
+	out, _, err := dockerCmdWithError("inspect", "--type=container", "--format='Format container: {{.ThisDoesNotExist}}'", "container1")
+	c.Assert(err, check.Not(check.IsNil))
+	c.Assert(out, checker.Contains, "Template parsing error")
+
+	out, _, err = dockerCmdWithError("inspect", "--type=image", "--format='Format container: {{.ThisDoesNotExist}}'", "busybox")
+	c.Assert(err, check.Not(check.IsNil))
+	c.Assert(out, checker.Contains, "Template parsing error")
+}
+
+func (s *DockerSuite) TestInspectJSONFields(c *check.C) {
+	runSleepingContainer(c, "--name=busybox", "-d")
+	out, _, err := dockerCmdWithError("inspect", "--type=container", "--format='{{.HostConfig.Dns}}'", "busybox")
+
+	c.Assert(err, check.IsNil)
+	c.Assert(out, checker.Equals, "[]\n")
+}
+
+func (s *DockerSuite) TestInspectByPrefix(c *check.C) {
+	id := inspectField(c, "busybox", "Id")
+	c.Assert(id, checker.HasPrefix, "sha256:")
+
+	id2 := inspectField(c, id[:12], "Id")
+	c.Assert(id, checker.Equals, id2)
+
+	id3 := inspectField(c, strings.TrimPrefix(id, "sha256:")[:12], "Id")
+	c.Assert(id, checker.Equals, id3)
+}
+
+func (s *DockerSuite) TestInspectStopWhenNotFound(c *check.C) {
+	runSleepingContainer(c, "--name=busybox", "-d")
+	runSleepingContainer(c, "--name=not-shown", "-d")
+	out, _, err := dockerCmdWithError("inspect", "--type=container", "--format='{{.Name}}'", "busybox", "missing", "not-shown")
+
+	c.Assert(err, checker.Not(check.IsNil))
+	c.Assert(out, checker.Contains, "busybox")
+	c.Assert(out, checker.Not(checker.Contains), "not-shown")
+	c.Assert(out, checker.Contains, "Error: No such container: missing")
+}
+
+func (s *DockerSuite) TestInspectHistory(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "--name=testcont", "-d", "busybox", "top")
+	dockerCmd(c, "commit", "-m", "test comment", "testcont", "testimg")
+	out, _, err := dockerCmdWithError("inspect", "--format='{{.Comment}}'", "testimg")
+
+	c.Assert(err, check.IsNil)
+	c.Assert(out, checker.Contains, "test comment")
+}
+
+func (s *DockerSuite) TestInspectContainerNetworkDefault(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	contName := "test1"
+	dockerCmd(c, "run", "--name", contName, "-d", "busybox", "top")
+	netOut, _ := dockerCmd(c, "network", "inspect", "--format='{{.ID}}'", "bridge")
+	out := inspectField(c, contName, "NetworkSettings.Networks")
+	c.Assert(out, checker.Contains, "bridge")
+	out = inspectField(c, contName, "NetworkSettings.Networks.bridge.NetworkID")
+	c.Assert(strings.TrimSpace(out), checker.Equals, strings.TrimSpace(netOut))
+}
+
+func (s *DockerSuite) TestInspectContainerNetworkCustom(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	netOut, _ := dockerCmd(c, "network", "create", "net1")
+	dockerCmd(c, "run", "--name=container1", "--net=net1", "-d", "busybox", "top")
+	out := inspectField(c, "container1", "NetworkSettings.Networks")
+	c.Assert(out, checker.Contains, "net1")
+	out = inspectField(c, "container1", "NetworkSettings.Networks.net1.NetworkID")
+	c.Assert(strings.TrimSpace(out), checker.Equals, strings.TrimSpace(netOut))
+}
+
+func (s *DockerSuite) TestInspectRootFS(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _, err := dockerCmdWithError("inspect", "busybox")
+	c.Assert(err, check.IsNil)
+
+	var imageJSON []types.ImageInspect
+	err = json.Unmarshal([]byte(out), &imageJSON)
+	c.Assert(err, checker.IsNil)
+
+	c.Assert(len(imageJSON[0].RootFS.Layers), checker.GreaterOrEqualThan, 1)
+}
diff --git a/integration-cli/docker_cli_kill_test.go b/integration-cli/docker_cli_kill_test.go
new file mode 100644
index 00000000..05d9a558
--- /dev/null
+++ b/integration-cli/docker_cli_kill_test.go
@@ -0,0 +1,95 @@
+package main
+
+import (
+	"fmt"
+	"net/http"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestKillContainer(c *check.C) {
+	out, _ := runSleepingContainer(c, "-d")
+	cleanedContainerID := strings.TrimSpace(out)
+	c.Assert(waitRun(cleanedContainerID), check.IsNil)
+
+	dockerCmd(c, "kill", cleanedContainerID)
+
+	out, _ = dockerCmd(c, "ps", "-q")
+	c.Assert(out, checker.Not(checker.Contains), cleanedContainerID, check.Commentf("killed container is still running"))
+
+}
+
+func (s *DockerSuite) TestKillOffStoppedContainer(c *check.C) {
+	out, _ := runSleepingContainer(c, "-d")
+	cleanedContainerID := strings.TrimSpace(out)
+
+	dockerCmd(c, "stop", cleanedContainerID)
+
+	_, _, err := dockerCmdWithError("kill", "-s", "30", cleanedContainerID)
+	c.Assert(err, check.Not(check.IsNil), check.Commentf("Container %s is not running", cleanedContainerID))
+}
+
+func (s *DockerSuite) TestKillDifferentUserContainer(c *check.C) {
+	// TODO Windows: Windows does not yet support -u (Feb 2016).
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-u", "daemon", "-d", "busybox", "top")
+	cleanedContainerID := strings.TrimSpace(out)
+	c.Assert(waitRun(cleanedContainerID), check.IsNil)
+
+	dockerCmd(c, "kill", cleanedContainerID)
+
+	out, _ = dockerCmd(c, "ps", "-q")
+	c.Assert(out, checker.Not(checker.Contains), cleanedContainerID, check.Commentf("killed container is still running"))
+
+}
+
+// regression test about correct signal parsing see #13665
+func (s *DockerSuite) TestKillWithSignal(c *check.C) {
+	// Cannot port to Windows - does not support signals in the same was a Linux does
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "top")
+	cid := strings.TrimSpace(out)
+	c.Assert(waitRun(cid), check.IsNil)
+
+	dockerCmd(c, "kill", "-s", "SIGWINCH", cid)
+
+	running := inspectField(c, cid, "State.Running")
+
+	c.Assert(running, checker.Equals, "true", check.Commentf("Container should be in running state after SIGWINCH"))
+}
+
+func (s *DockerSuite) TestKillWithInvalidSignal(c *check.C) {
+	out, _ := runSleepingContainer(c, "-d")
+	cid := strings.TrimSpace(out)
+	c.Assert(waitRun(cid), check.IsNil)
+
+	out, _, err := dockerCmdWithError("kill", "-s", "0", cid)
+	c.Assert(err, check.NotNil)
+	c.Assert(out, checker.Contains, "Invalid signal: 0", check.Commentf("Kill with an invalid signal didn't error out correctly"))
+
+	running := inspectField(c, cid, "State.Running")
+	c.Assert(running, checker.Equals, "true", check.Commentf("Container should be in running state after an invalid signal"))
+
+	out, _ = runSleepingContainer(c, "-d")
+	cid = strings.TrimSpace(out)
+	c.Assert(waitRun(cid), check.IsNil)
+
+	out, _, err = dockerCmdWithError("kill", "-s", "SIG42", cid)
+	c.Assert(err, check.NotNil)
+	c.Assert(out, checker.Contains, "Invalid signal: SIG42", check.Commentf("Kill with an invalid signal error out correctly"))
+
+	running = inspectField(c, cid, "State.Running")
+	c.Assert(running, checker.Equals, "true", check.Commentf("Container should be in running state after an invalid signal"))
+
+}
+
+func (s *DockerSuite) TestKillStoppedContainerAPIPre120(c *check.C) {
+	runSleepingContainer(c, "--name", "docker-kill-test-api", "-d")
+	dockerCmd(c, "stop", "docker-kill-test-api")
+
+	status, _, err := sockRequest("POST", fmt.Sprintf("/v1.19/containers/%s/kill", "docker-kill-test-api"), nil)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusNoContent)
+}
diff --git a/integration-cli/docker_cli_links_test.go b/integration-cli/docker_cli_links_test.go
new file mode 100644
index 00000000..322b58c6
--- /dev/null
+++ b/integration-cli/docker_cli_links_test.go
@@ -0,0 +1,213 @@
+package main
+
+import (
+	"fmt"
+	"regexp"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/runconfig"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestLinksPingUnlinkedContainers(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	_, exitCode, err := dockerCmdWithError("run", "--rm", "busybox", "sh", "-c", "ping -c 1 alias1 -W 1 && ping -c 1 alias2 -W 1")
+
+	// run ping failed with error
+	c.Assert(exitCode, checker.Equals, 1, check.Commentf("error: %v", err))
+}
+
+// Test for appropriate error when calling --link with an invalid target container
+func (s *DockerSuite) TestLinksInvalidContainerTarget(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _, err := dockerCmdWithError("run", "--link", "bogus:alias", "busybox", "true")
+
+	// an invalid container target should produce an error
+	c.Assert(err, checker.NotNil, check.Commentf("out: %s", out))
+	// an invalid container target should produce an error
+	c.Assert(out, checker.Contains, "Could not get container")
+}
+
+func (s *DockerSuite) TestLinksPingLinkedContainers(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "-d", "--name", "container1", "--hostname", "fred", "busybox", "top")
+	dockerCmd(c, "run", "-d", "--name", "container2", "--hostname", "wilma", "busybox", "top")
+
+	runArgs := []string{"run", "--rm", "--link", "container1:alias1", "--link", "container2:alias2", "busybox", "sh", "-c"}
+	pingCmd := "ping -c 1 %s -W 1 && ping -c 1 %s -W 1"
+
+	// test ping by alias, ping by name, and ping by hostname
+	// 1. Ping by alias
+	dockerCmd(c, append(runArgs, fmt.Sprintf(pingCmd, "alias1", "alias2"))...)
+	// 2. Ping by container name
+	dockerCmd(c, append(runArgs, fmt.Sprintf(pingCmd, "container1", "container2"))...)
+	// 3. Ping by hostname
+	dockerCmd(c, append(runArgs, fmt.Sprintf(pingCmd, "fred", "wilma"))...)
+
+}
+
+func (s *DockerSuite) TestLinksPingLinkedContainersAfterRename(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "--name", "container1", "busybox", "top")
+	idA := strings.TrimSpace(out)
+	out, _ = dockerCmd(c, "run", "-d", "--name", "container2", "busybox", "top")
+	idB := strings.TrimSpace(out)
+	dockerCmd(c, "rename", "container1", "container_new")
+	dockerCmd(c, "run", "--rm", "--link", "container_new:alias1", "--link", "container2:alias2", "busybox", "sh", "-c", "ping -c 1 alias1 -W 1 && ping -c 1 alias2 -W 1")
+	dockerCmd(c, "kill", idA)
+	dockerCmd(c, "kill", idB)
+
+}
+
+func (s *DockerSuite) TestLinksInspectLinksStarted(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	var (
+		expected = map[string]struct{}{"/container1:/testinspectlink/alias1": {}, "/container2:/testinspectlink/alias2": {}}
+		result   []string
+	)
+	dockerCmd(c, "run", "-d", "--name", "container1", "busybox", "top")
+	dockerCmd(c, "run", "-d", "--name", "container2", "busybox", "top")
+	dockerCmd(c, "run", "-d", "--name", "testinspectlink", "--link", "container1:alias1", "--link", "container2:alias2", "busybox", "top")
+	links := inspectFieldJSON(c, "testinspectlink", "HostConfig.Links")
+
+	err := unmarshalJSON([]byte(links), &result)
+	c.Assert(err, checker.IsNil)
+
+	output := convertSliceOfStringsToMap(result)
+
+	c.Assert(output, checker.DeepEquals, expected)
+}
+
+func (s *DockerSuite) TestLinksInspectLinksStopped(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	var (
+		expected = map[string]struct{}{"/container1:/testinspectlink/alias1": {}, "/container2:/testinspectlink/alias2": {}}
+		result   []string
+	)
+	dockerCmd(c, "run", "-d", "--name", "container1", "busybox", "top")
+	dockerCmd(c, "run", "-d", "--name", "container2", "busybox", "top")
+	dockerCmd(c, "run", "-d", "--name", "testinspectlink", "--link", "container1:alias1", "--link", "container2:alias2", "busybox", "true")
+	links := inspectFieldJSON(c, "testinspectlink", "HostConfig.Links")
+
+	err := unmarshalJSON([]byte(links), &result)
+	c.Assert(err, checker.IsNil)
+
+	output := convertSliceOfStringsToMap(result)
+
+	c.Assert(output, checker.DeepEquals, expected)
+}
+
+func (s *DockerSuite) TestLinksNotStartedParentNotFail(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "create", "--name=first", "busybox", "top")
+	dockerCmd(c, "create", "--name=second", "--link=first:first", "busybox", "top")
+	dockerCmd(c, "start", "first")
+
+}
+
+func (s *DockerSuite) TestLinksHostsFilesInject(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, SameHostDaemon, ExecSupport)
+
+	out, _ := dockerCmd(c, "run", "-itd", "--name", "one", "busybox", "top")
+	idOne := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "run", "-itd", "--name", "two", "--link", "one:onetwo", "busybox", "top")
+	idTwo := strings.TrimSpace(out)
+
+	c.Assert(waitRun(idTwo), checker.IsNil)
+
+	contentOne, err := readContainerFileWithExec(idOne, "/etc/hosts")
+	c.Assert(err, checker.IsNil, check.Commentf("contentOne: %s", string(contentOne)))
+
+	contentTwo, err := readContainerFileWithExec(idTwo, "/etc/hosts")
+	c.Assert(err, checker.IsNil, check.Commentf("contentTwo: %s", string(contentTwo)))
+	// Host is not present in updated hosts file
+	c.Assert(string(contentTwo), checker.Contains, "onetwo")
+}
+
+func (s *DockerSuite) TestLinksUpdateOnRestart(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, SameHostDaemon, ExecSupport)
+	dockerCmd(c, "run", "-d", "--name", "one", "busybox", "top")
+	out, _ := dockerCmd(c, "run", "-d", "--name", "two", "--link", "one:onetwo", "--link", "one:one", "busybox", "top")
+	id := strings.TrimSpace(string(out))
+
+	realIP := inspectField(c, "one", "NetworkSettings.Networks.bridge.IPAddress")
+	content, err := readContainerFileWithExec(id, "/etc/hosts")
+	c.Assert(err, checker.IsNil)
+
+	getIP := func(hosts []byte, hostname string) string {
+		re := regexp.MustCompile(fmt.Sprintf(`(\S*)\t%s`, regexp.QuoteMeta(hostname)))
+		matches := re.FindSubmatch(hosts)
+		c.Assert(matches, checker.NotNil, check.Commentf("Hostname %s have no matches in hosts", hostname))
+		return string(matches[1])
+	}
+	ip := getIP(content, "one")
+	c.Assert(ip, checker.Equals, realIP)
+
+	ip = getIP(content, "onetwo")
+	c.Assert(ip, checker.Equals, realIP)
+
+	dockerCmd(c, "restart", "one")
+	realIP = inspectField(c, "one", "NetworkSettings.Networks.bridge.IPAddress")
+
+	content, err = readContainerFileWithExec(id, "/etc/hosts")
+	c.Assert(err, checker.IsNil, check.Commentf("content: %s", string(content)))
+	ip = getIP(content, "one")
+	c.Assert(ip, checker.Equals, realIP)
+
+	ip = getIP(content, "onetwo")
+	c.Assert(ip, checker.Equals, realIP)
+}
+
+func (s *DockerSuite) TestLinksEnvs(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "-d", "-e", "e1=", "-e", "e2=v2", "-e", "e3=v3=v3", "--name=first", "busybox", "top")
+	out, _ := dockerCmd(c, "run", "--name=second", "--link=first:first", "busybox", "env")
+	c.Assert(out, checker.Contains, "FIRST_ENV_e1=\n")
+	c.Assert(out, checker.Contains, "FIRST_ENV_e2=v2")
+	c.Assert(out, checker.Contains, "FIRST_ENV_e3=v3=v3")
+}
+
+func (s *DockerSuite) TestLinkShortDefinition(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "--name", "shortlinkdef", "busybox", "top")
+
+	cid := strings.TrimSpace(out)
+	c.Assert(waitRun(cid), checker.IsNil)
+
+	out, _ = dockerCmd(c, "run", "-d", "--name", "link2", "--link", "shortlinkdef", "busybox", "top")
+
+	cid2 := strings.TrimSpace(out)
+	c.Assert(waitRun(cid2), checker.IsNil)
+
+	links := inspectFieldJSON(c, cid2, "HostConfig.Links")
+	c.Assert(links, checker.Equals, "[\"/shortlinkdef:/link2/shortlinkdef\"]")
+}
+
+func (s *DockerSuite) TestLinksNetworkHostContainer(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	dockerCmd(c, "run", "-d", "--net", "host", "--name", "host_container", "busybox", "top")
+	out, _, err := dockerCmdWithError("run", "--name", "should_fail", "--link", "host_container:tester", "busybox", "true")
+
+	// Running container linking to a container with --net host should have failed
+	c.Assert(err, checker.NotNil, check.Commentf("out: %s", out))
+	// Running container linking to a container with --net host should have failed
+	c.Assert(out, checker.Contains, runconfig.ErrConflictHostNetworkAndLinks.Error())
+}
+
+func (s *DockerSuite) TestLinksEtcHostsRegularFile(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	out, _ := dockerCmd(c, "run", "--net=host", "busybox", "ls", "-la", "/etc/hosts")
+	// /etc/hosts should be a regular file
+	c.Assert(out, checker.Matches, "^-.+\n")
+}
+
+func (s *DockerSuite) TestLinksMultipleWithSameName(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "-d", "--name=upstream-a", "busybox", "top")
+	dockerCmd(c, "run", "-d", "--name=upstream-b", "busybox", "top")
+	dockerCmd(c, "run", "--link", "upstream-a:upstream", "--link", "upstream-b:upstream", "busybox", "sh", "-c", "ping -c 1 upstream")
+}
diff --git a/integration-cli/docker_cli_links_unix_test.go b/integration-cli/docker_cli_links_unix_test.go
new file mode 100644
index 00000000..1af92793
--- /dev/null
+++ b/integration-cli/docker_cli_links_unix_test.go
@@ -0,0 +1,26 @@
+// +build !windows
+
+package main
+
+import (
+	"io/ioutil"
+	"os"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestLinksEtcHostsContentMatch(c *check.C) {
+	// In a _unix file as using Unix specific files, and must be on the
+	// same host as the daemon.
+	testRequires(c, SameHostDaemon, NotUserNamespace)
+
+	out, _ := dockerCmd(c, "run", "--net=host", "busybox", "cat", "/etc/hosts")
+	hosts, err := ioutil.ReadFile("/etc/hosts")
+	if os.IsNotExist(err) {
+		c.Skip("/etc/hosts does not exist, skip this test")
+	}
+
+	c.Assert(out, checker.Equals, string(hosts), check.Commentf("container: %s\n\nhost:%s", out, hosts))
+
+}
diff --git a/integration-cli/docker_cli_login_test.go b/integration-cli/docker_cli_login_test.go
new file mode 100644
index 00000000..01de75d9
--- /dev/null
+++ b/integration-cli/docker_cli_login_test.go
@@ -0,0 +1,44 @@
+package main
+
+import (
+	"bytes"
+	"os/exec"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestLoginWithoutTTY(c *check.C) {
+	cmd := exec.Command(dockerBinary, "login")
+
+	// Send to stdin so the process does not get the TTY
+	cmd.Stdin = bytes.NewBufferString("buffer test string \n")
+
+	// run the command and block until it's done
+	err := cmd.Run()
+	c.Assert(err, checker.NotNil) //"Expected non nil err when loginning in & TTY not available"
+}
+
+func (s *DockerRegistryAuthHtpasswdSuite) TestLoginToPrivateRegistry(c *check.C) {
+	// wrong credentials
+	out, _, err := dockerCmdWithError("login", "-u", s.reg.username, "-p", "WRONGPASSWORD", privateRegistryURL)
+	c.Assert(err, checker.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, "401 Unauthorized")
+
+	// now it's fine
+	dockerCmd(c, "login", "-u", s.reg.username, "-p", s.reg.password, privateRegistryURL)
+}
+
+func (s *DockerRegistryAuthHtpasswdSuite) TestLoginToPrivateRegistryDeprecatedEmailFlag(c *check.C) {
+	// Test to make sure login still works with the deprecated -e and --email flags
+	// wrong credentials
+	out, _, err := dockerCmdWithError("login", "-u", s.reg.username, "-p", "WRONGPASSWORD", "-e", s.reg.email, privateRegistryURL)
+	c.Assert(err, checker.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, "401 Unauthorized")
+
+	// now it's fine
+	// -e flag
+	dockerCmd(c, "login", "-u", s.reg.username, "-p", s.reg.password, "-e", s.reg.email, privateRegistryURL)
+	// --email flag
+	dockerCmd(c, "login", "-u", s.reg.username, "-p", s.reg.password, "--email", s.reg.email, privateRegistryURL)
+}
diff --git a/integration-cli/docker_cli_logout_test.go b/integration-cli/docker_cli_logout_test.go
new file mode 100644
index 00000000..6658da54
--- /dev/null
+++ b/integration-cli/docker_cli_logout_test.go
@@ -0,0 +1,56 @@
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerRegistryAuthHtpasswdSuite) TestLogoutWithExternalAuth(c *check.C) {
+	osPath := os.Getenv("PATH")
+	defer os.Setenv("PATH", osPath)
+
+	workingDir, err := os.Getwd()
+	c.Assert(err, checker.IsNil)
+	absolute, err := filepath.Abs(filepath.Join(workingDir, "fixtures", "auth"))
+	c.Assert(err, checker.IsNil)
+	testPath := fmt.Sprintf("%s%c%s", osPath, filepath.ListSeparator, absolute)
+
+	os.Setenv("PATH", testPath)
+
+	repoName := fmt.Sprintf("%v/dockercli/busybox:authtest", privateRegistryURL)
+
+	tmp, err := ioutil.TempDir("", "integration-cli-")
+	c.Assert(err, checker.IsNil)
+
+	externalAuthConfig := `{ "credsStore": "shell-test" }`
+
+	configPath := filepath.Join(tmp, "config.json")
+	err = ioutil.WriteFile(configPath, []byte(externalAuthConfig), 0644)
+	c.Assert(err, checker.IsNil)
+
+	dockerCmd(c, "--config", tmp, "login", "-u", s.reg.username, "-p", s.reg.password, privateRegistryURL)
+
+	b, err := ioutil.ReadFile(configPath)
+	c.Assert(err, checker.IsNil)
+	c.Assert(string(b), checker.Not(checker.Contains), "\"auth\":")
+	c.Assert(string(b), checker.Contains, privateRegistryURL)
+
+	dockerCmd(c, "--config", tmp, "tag", "busybox", repoName)
+	dockerCmd(c, "--config", tmp, "push", repoName)
+
+	dockerCmd(c, "--config", tmp, "logout", privateRegistryURL)
+
+	b, err = ioutil.ReadFile(configPath)
+	c.Assert(err, checker.IsNil)
+	c.Assert(string(b), checker.Not(checker.Contains), privateRegistryURL)
+
+	// check I cannot pull anymore
+	out, _, err := dockerCmdWithError("--config", tmp, "pull", repoName)
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, fmt.Sprintf("Error: image dockercli/busybox not found"))
+}
diff --git a/integration-cli/docker_cli_logs_bench_test.go b/integration-cli/docker_cli_logs_bench_test.go
new file mode 100644
index 00000000..eeb008de
--- /dev/null
+++ b/integration-cli/docker_cli_logs_bench_test.go
@@ -0,0 +1,32 @@
+package main
+
+import (
+	"fmt"
+	"strings"
+	"time"
+
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) BenchmarkLogsCLIRotateFollow(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "--log-opt", "max-size=1b", "--log-opt", "max-file=10", "busybox", "sh", "-c", "while true; do usleep 50000; echo hello; done")
+	id := strings.TrimSpace(out)
+	ch := make(chan error, 1)
+	go func() {
+		ch <- nil
+		out, _, _ := dockerCmdWithError("logs", "-f", id)
+		// if this returns at all, it's an error
+		ch <- fmt.Errorf(out)
+	}()
+
+	<-ch
+	select {
+	case <-time.After(30 * time.Second):
+		// ran for 30 seconds with no problem
+		return
+	case err := <-ch:
+		if err != nil {
+			c.Fatal(err)
+		}
+	}
+}
diff --git a/integration-cli/docker_cli_logs_test.go b/integration-cli/docker_cli_logs_test.go
new file mode 100644
index 00000000..e18916db
--- /dev/null
+++ b/integration-cli/docker_cli_logs_test.go
@@ -0,0 +1,309 @@
+package main
+
+import (
+	"fmt"
+	"io"
+	"os/exec"
+	"regexp"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/jsonlog"
+	"github.com/go-check/check"
+)
+
+// This used to work, it test a log of PageSize-1 (gh#4851)
+func (s *DockerSuite) TestLogsContainerSmallerThanPage(c *check.C) {
+	testLen := 32767
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", fmt.Sprintf("for i in $(seq 1 %d); do echo -n = >> a.a; done; echo >> a.a; cat a.a", testLen))
+
+	id := strings.TrimSpace(out)
+	dockerCmd(c, "wait", id)
+
+	out, _ = dockerCmd(c, "logs", id)
+
+	c.Assert(out, checker.HasLen, testLen+1)
+}
+
+// Regression test: When going over the PageSize, it used to panic (gh#4851)
+func (s *DockerSuite) TestLogsContainerBiggerThanPage(c *check.C) {
+	testLen := 32768
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", fmt.Sprintf("for i in $(seq 1 %d); do echo -n = >> a.a; done; echo >> a.a; cat a.a", testLen))
+
+	id := strings.TrimSpace(out)
+	dockerCmd(c, "wait", id)
+
+	out, _ = dockerCmd(c, "logs", id)
+
+	c.Assert(out, checker.HasLen, testLen+1)
+}
+
+// Regression test: When going much over the PageSize, it used to block (gh#4851)
+func (s *DockerSuite) TestLogsContainerMuchBiggerThanPage(c *check.C) {
+	testLen := 33000
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", fmt.Sprintf("for i in $(seq 1 %d); do echo -n = >> a.a; done; echo >> a.a; cat a.a", testLen))
+
+	id := strings.TrimSpace(out)
+	dockerCmd(c, "wait", id)
+
+	out, _ = dockerCmd(c, "logs", id)
+
+	c.Assert(out, checker.HasLen, testLen+1)
+}
+
+func (s *DockerSuite) TestLogsTimestamps(c *check.C) {
+	testLen := 100
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", fmt.Sprintf("for i in $(seq 1 %d); do echo = >> a.a; done; cat a.a", testLen))
+
+	id := strings.TrimSpace(out)
+	dockerCmd(c, "wait", id)
+
+	out, _ = dockerCmd(c, "logs", "-t", id)
+
+	lines := strings.Split(out, "\n")
+
+	c.Assert(lines, checker.HasLen, testLen+1)
+
+	ts := regexp.MustCompile(`^.* `)
+
+	for _, l := range lines {
+		if l != "" {
+			_, err := time.Parse(jsonlog.RFC3339NanoFixed+" ", ts.FindString(l))
+			c.Assert(err, checker.IsNil, check.Commentf("Failed to parse timestamp from %v", l))
+			// ensure we have padded 0's
+			c.Assert(l[29], checker.Equals, uint8('Z'))
+		}
+	}
+}
+
+func (s *DockerSuite) TestLogsSeparateStderr(c *check.C) {
+	msg := "stderr_log"
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", fmt.Sprintf("echo %s 1>&2", msg))
+
+	id := strings.TrimSpace(out)
+	dockerCmd(c, "wait", id)
+
+	stdout, stderr, _ := dockerCmdWithStdoutStderr(c, "logs", id)
+
+	c.Assert(stdout, checker.Equals, "")
+
+	stderr = strings.TrimSpace(stderr)
+
+	c.Assert(stderr, checker.Equals, msg)
+}
+
+func (s *DockerSuite) TestLogsStderrInStdout(c *check.C) {
+	// TODO Windows: Needs investigation why this fails. Obtained string includes
+	// a bunch of ANSI escape sequences before the "stderr_log" message.
+	testRequires(c, DaemonIsLinux)
+	msg := "stderr_log"
+	out, _ := dockerCmd(c, "run", "-d", "-t", "busybox", "sh", "-c", fmt.Sprintf("echo %s 1>&2", msg))
+
+	id := strings.TrimSpace(out)
+	dockerCmd(c, "wait", id)
+
+	stdout, stderr, _ := dockerCmdWithStdoutStderr(c, "logs", id)
+	c.Assert(stderr, checker.Equals, "")
+
+	stdout = strings.TrimSpace(stdout)
+	c.Assert(stdout, checker.Equals, msg)
+}
+
+func (s *DockerSuite) TestLogsTail(c *check.C) {
+	testLen := 100
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", fmt.Sprintf("for i in $(seq 1 %d); do echo =; done;", testLen))
+
+	id := strings.TrimSpace(out)
+	dockerCmd(c, "wait", id)
+
+	out, _ = dockerCmd(c, "logs", "--tail", "5", id)
+
+	lines := strings.Split(out, "\n")
+
+	c.Assert(lines, checker.HasLen, 6)
+
+	out, _ = dockerCmd(c, "logs", "--tail", "all", id)
+
+	lines = strings.Split(out, "\n")
+
+	c.Assert(lines, checker.HasLen, testLen+1)
+
+	out, _, _ = dockerCmdWithStdoutStderr(c, "logs", "--tail", "random", id)
+
+	lines = strings.Split(out, "\n")
+
+	c.Assert(lines, checker.HasLen, testLen+1)
+}
+
+func (s *DockerSuite) TestLogsFollowStopped(c *check.C) {
+	dockerCmd(c, "run", "--name=test", "busybox", "echo", "hello")
+	id, err := getIDByName("test")
+	c.Assert(err, check.IsNil)
+
+	logsCmd := exec.Command(dockerBinary, "logs", "-f", id)
+	c.Assert(logsCmd.Start(), checker.IsNil)
+
+	errChan := make(chan error)
+	go func() {
+		errChan <- logsCmd.Wait()
+		close(errChan)
+	}()
+
+	select {
+	case err := <-errChan:
+		c.Assert(err, checker.IsNil)
+	case <-time.After(30 * time.Second):
+		c.Fatal("Following logs is hanged")
+	}
+}
+
+func (s *DockerSuite) TestLogsSince(c *check.C) {
+	name := "testlogssince"
+	dockerCmd(c, "run", "--name="+name, "busybox", "/bin/sh", "-c", "for i in $(seq 1 3); do sleep 2; echo log$i; done")
+	out, _ := dockerCmd(c, "logs", "-t", name)
+
+	log2Line := strings.Split(strings.Split(out, "\n")[1], " ")
+	t, err := time.Parse(time.RFC3339Nano, log2Line[0]) // the timestamp log2 is written
+	c.Assert(err, checker.IsNil)
+	since := t.Unix() + 1 // add 1s so log1 & log2 doesn't show up
+	out, _ = dockerCmd(c, "logs", "-t", fmt.Sprintf("--since=%v", since), name)
+
+	// Skip 2 seconds
+	unexpected := []string{"log1", "log2"}
+	for _, v := range unexpected {
+		c.Assert(out, checker.Not(checker.Contains), v, check.Commentf("unexpected log message returned, since=%v", since))
+	}
+
+	// Test to make sure a bad since format is caught by the client
+	out, _, _ = dockerCmdWithError("logs", "-t", "--since=2006-01-02T15:04:0Z", name)
+	c.Assert(out, checker.Contains, "cannot parse \"0Z\" as \"05\"", check.Commentf("bad since format passed to server"))
+
+	// Test with default value specified and parameter omitted
+	expected := []string{"log1", "log2", "log3"}
+	for _, cmd := range []*exec.Cmd{
+		exec.Command(dockerBinary, "logs", "-t", name),
+		exec.Command(dockerBinary, "logs", "-t", "--since=0", name),
+	} {
+		out, _, err = runCommandWithOutput(cmd)
+		c.Assert(err, checker.IsNil, check.Commentf("failed to log container: %s", out))
+		for _, v := range expected {
+			c.Assert(out, checker.Contains, v)
+		}
+	}
+}
+
+func (s *DockerSuite) TestLogsSinceFutureFollow(c *check.C) {
+	// TODO Windows: Flakey on TP4. Enable for next technical preview.
+	testRequires(c, DaemonIsLinux)
+	name := "testlogssincefuturefollow"
+	out, _ := dockerCmd(c, "run", "-d", "--name", name, "busybox", "/bin/sh", "-c", `for i in $(seq 1 5); do echo log$i; sleep 1; done`)
+
+	// Extract one timestamp from the log file to give us a starting point for
+	// our `--since` argument. Because the log producer runs in the background,
+	// we need to check repeatedly for some output to be produced.
+	var timestamp string
+	for i := 0; i != 100 && timestamp == ""; i++ {
+		if out, _ = dockerCmd(c, "logs", "-t", name); out == "" {
+			time.Sleep(time.Millisecond * 100) // Retry
+		} else {
+			timestamp = strings.Split(strings.Split(out, "\n")[0], " ")[0]
+		}
+	}
+
+	c.Assert(timestamp, checker.Not(checker.Equals), "")
+	t, err := time.Parse(time.RFC3339Nano, timestamp)
+	c.Assert(err, check.IsNil)
+
+	since := t.Unix() + 2
+	out, _ = dockerCmd(c, "logs", "-t", "-f", fmt.Sprintf("--since=%v", since), name)
+	c.Assert(out, checker.Not(checker.HasLen), 0, check.Commentf("cannot read from empty log"))
+	lines := strings.Split(strings.TrimSpace(out), "\n")
+	for _, v := range lines {
+		ts, err := time.Parse(time.RFC3339Nano, strings.Split(v, " ")[0])
+		c.Assert(err, checker.IsNil, check.Commentf("cannot parse timestamp output from log: '%v'", v))
+		c.Assert(ts.Unix() >= since, checker.Equals, true, check.Commentf("earlier log found. since=%v logdate=%v", since, ts))
+	}
+}
+
+// Regression test for #8832
+func (s *DockerSuite) TestLogsFollowSlowStdoutConsumer(c *check.C) {
+	// TODO Windows: Consider enabling post-TP4. Too expensive to run on TP4
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", `usleep 600000;yes X | head -c 200000`)
+
+	id := strings.TrimSpace(out)
+
+	stopSlowRead := make(chan bool)
+
+	go func() {
+		exec.Command(dockerBinary, "wait", id).Run()
+		stopSlowRead <- true
+	}()
+
+	logCmd := exec.Command(dockerBinary, "logs", "-f", id)
+	stdout, err := logCmd.StdoutPipe()
+	c.Assert(err, checker.IsNil)
+	c.Assert(logCmd.Start(), checker.IsNil)
+
+	// First read slowly
+	bytes1, err := consumeWithSpeed(stdout, 10, 50*time.Millisecond, stopSlowRead)
+	c.Assert(err, checker.IsNil)
+
+	// After the container has finished we can continue reading fast
+	bytes2, err := consumeWithSpeed(stdout, 32*1024, 0, nil)
+	c.Assert(err, checker.IsNil)
+
+	actual := bytes1 + bytes2
+	expected := 200000
+	c.Assert(actual, checker.Equals, expected)
+}
+
+func (s *DockerSuite) TestLogsFollowGoroutinesWithStdout(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "while true; do echo hello; sleep 2; done")
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), checker.IsNil)
+
+	nroutines, err := getGoroutineNumber()
+	c.Assert(err, checker.IsNil)
+	cmd := exec.Command(dockerBinary, "logs", "-f", id)
+	r, w := io.Pipe()
+	cmd.Stdout = w
+	c.Assert(cmd.Start(), checker.IsNil)
+
+	// Make sure pipe is written to
+	chErr := make(chan error)
+	go func() {
+		b := make([]byte, 1)
+		_, err := r.Read(b)
+		chErr <- err
+	}()
+	c.Assert(<-chErr, checker.IsNil)
+	c.Assert(cmd.Process.Kill(), checker.IsNil)
+
+	// NGoroutines is not updated right away, so we need to wait before failing
+	c.Assert(waitForGoroutines(nroutines), checker.IsNil)
+}
+
+func (s *DockerSuite) TestLogsFollowGoroutinesNoOutput(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "while true; do sleep 2; done")
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), checker.IsNil)
+
+	nroutines, err := getGoroutineNumber()
+	c.Assert(err, checker.IsNil)
+	cmd := exec.Command(dockerBinary, "logs", "-f", id)
+	c.Assert(cmd.Start(), checker.IsNil)
+	time.Sleep(200 * time.Millisecond)
+	c.Assert(cmd.Process.Kill(), checker.IsNil)
+
+	// NGoroutines is not updated right away, so we need to wait before failing
+	c.Assert(waitForGoroutines(nroutines), checker.IsNil)
+}
+
+func (s *DockerSuite) TestLogsCLIContainerNotFound(c *check.C) {
+	name := "testlogsnocontainer"
+	out, _, _ := dockerCmdWithError("logs", name)
+	message := fmt.Sprintf("Error: No such container: %s\n", name)
+	c.Assert(out, checker.Equals, message)
+}
diff --git a/integration-cli/docker_cli_nat_test.go b/integration-cli/docker_cli_nat_test.go
new file mode 100644
index 00000000..7f4cc2cb
--- /dev/null
+++ b/integration-cli/docker_cli_nat_test.go
@@ -0,0 +1,93 @@
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func startServerContainer(c *check.C, msg string, port int) string {
+	name := "server"
+	cmd := []string{
+		"-d",
+		"-p", fmt.Sprintf("%d:%d", port, port),
+		"busybox",
+		"sh", "-c", fmt.Sprintf("echo %q | nc -lp %d", msg, port),
+	}
+	c.Assert(waitForContainer(name, cmd...), check.IsNil)
+	return name
+}
+
+func getExternalAddress(c *check.C) net.IP {
+	iface, err := net.InterfaceByName("eth0")
+	if err != nil {
+		c.Skip(fmt.Sprintf("Test not running with `make test`. Interface eth0 not found: %v", err))
+	}
+
+	ifaceAddrs, err := iface.Addrs()
+	c.Assert(err, check.IsNil)
+	c.Assert(ifaceAddrs, checker.Not(checker.HasLen), 0)
+
+	ifaceIP, _, err := net.ParseCIDR(ifaceAddrs[0].String())
+	c.Assert(err, check.IsNil)
+
+	return ifaceIP
+}
+
+func getContainerLogs(c *check.C, containerID string) string {
+	out, _ := dockerCmd(c, "logs", containerID)
+	return strings.Trim(out, "\r\n")
+}
+
+func getContainerStatus(c *check.C, containerID string) string {
+	out := inspectField(c, containerID, "State.Running")
+	return out
+}
+
+func (s *DockerSuite) TestNetworkNat(c *check.C) {
+	testRequires(c, DaemonIsLinux, SameHostDaemon)
+	msg := "it works"
+	startServerContainer(c, msg, 8080)
+	endpoint := getExternalAddress(c)
+	conn, err := net.Dial("tcp", fmt.Sprintf("%s:%d", endpoint.String(), 8080))
+	c.Assert(err, check.IsNil)
+
+	data, err := ioutil.ReadAll(conn)
+	conn.Close()
+	c.Assert(err, check.IsNil)
+
+	final := strings.TrimRight(string(data), "\n")
+	c.Assert(final, checker.Equals, msg)
+}
+
+func (s *DockerSuite) TestNetworkLocalhostTCPNat(c *check.C) {
+	testRequires(c, DaemonIsLinux, SameHostDaemon)
+	var (
+		msg = "hi yall"
+	)
+	startServerContainer(c, msg, 8081)
+	conn, err := net.Dial("tcp", "localhost:8081")
+	c.Assert(err, check.IsNil)
+
+	data, err := ioutil.ReadAll(conn)
+	conn.Close()
+	c.Assert(err, check.IsNil)
+
+	final := strings.TrimRight(string(data), "\n")
+	c.Assert(final, checker.Equals, msg)
+}
+
+func (s *DockerSuite) TestNetworkLoopbackNat(c *check.C) {
+	testRequires(c, DaemonIsLinux, SameHostDaemon, NotUserNamespace)
+	msg := "it works"
+	startServerContainer(c, msg, 8080)
+	endpoint := getExternalAddress(c)
+	out, _ := dockerCmd(c, "run", "-t", "--net=container:server", "busybox",
+		"sh", "-c", fmt.Sprintf("stty raw && nc -w 5 %s 8080", endpoint.String()))
+	final := strings.TrimRight(string(out), "\n")
+	c.Assert(final, checker.Equals, msg)
+}
diff --git a/integration-cli/docker_cli_netmode_test.go b/integration-cli/docker_cli_netmode_test.go
new file mode 100644
index 00000000..142f192d
--- /dev/null
+++ b/integration-cli/docker_cli_netmode_test.go
@@ -0,0 +1,88 @@
+package main
+
+import (
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/runconfig"
+	"github.com/go-check/check"
+)
+
+// GH14530. Validates combinations of --net= with other options
+
+// stringCheckPS is how the output of PS starts in order to validate that
+// the command executed in a container did really run PS correctly.
+const stringCheckPS = "PID   USER"
+
+// DockerCmdWithFail executes a docker command that is supposed to fail and returns
+// the output, the exit code. If the command returns an Nil error, it will fail and
+// stop the tests.
+func dockerCmdWithFail(c *check.C, args ...string) (string, int) {
+	out, status, err := dockerCmdWithError(args...)
+	c.Assert(err, check.NotNil, check.Commentf("%v", out))
+	return out, status
+}
+
+func (s *DockerSuite) TestNetHostname(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+
+	out, _ := dockerCmd(c, "run", "-h=name", "busybox", "ps")
+	c.Assert(out, checker.Contains, stringCheckPS)
+
+	out, _ = dockerCmd(c, "run", "--net=host", "busybox", "ps")
+	c.Assert(out, checker.Contains, stringCheckPS)
+
+	out, _ = dockerCmd(c, "run", "-h=name", "--net=bridge", "busybox", "ps")
+	c.Assert(out, checker.Contains, stringCheckPS)
+
+	out, _ = dockerCmd(c, "run", "-h=name", "--net=none", "busybox", "ps")
+	c.Assert(out, checker.Contains, stringCheckPS)
+
+	out, _ = dockerCmdWithFail(c, "run", "-h=name", "--net=container:other", "busybox", "ps")
+	c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkHostname.Error())
+
+	out, _ = dockerCmdWithFail(c, "run", "--net=container", "busybox", "ps")
+	c.Assert(out, checker.Contains, "--net: invalid net mode: invalid container format container:<name|id>")
+
+	out, _ = dockerCmdWithFail(c, "run", "--net=weird", "busybox", "ps")
+	c.Assert(out, checker.Contains, "network weird not found")
+}
+
+func (s *DockerSuite) TestConflictContainerNetworkAndLinks(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+
+	out, _ := dockerCmdWithFail(c, "run", "--net=container:other", "--link=zip:zap", "busybox", "ps")
+	c.Assert(out, checker.Contains, runconfig.ErrConflictContainerNetworkAndLinks.Error())
+
+	out, _ = dockerCmdWithFail(c, "run", "--net=host", "--link=zip:zap", "busybox", "ps")
+	c.Assert(out, checker.Contains, runconfig.ErrConflictHostNetworkAndLinks.Error())
+}
+
+func (s *DockerSuite) TestConflictNetworkModeAndOptions(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+
+	out, _ := dockerCmdWithFail(c, "run", "--net=host", "--dns=8.8.8.8", "busybox", "ps")
+	c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkAndDNS.Error())
+
+	out, _ = dockerCmdWithFail(c, "run", "--net=container:other", "--dns=8.8.8.8", "busybox", "ps")
+	c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkAndDNS.Error())
+
+	out, _ = dockerCmdWithFail(c, "run", "--net=host", "--add-host=name:8.8.8.8", "busybox", "ps")
+	c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkHosts.Error())
+
+	out, _ = dockerCmdWithFail(c, "run", "--net=container:other", "--add-host=name:8.8.8.8", "busybox", "ps")
+	c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkHosts.Error())
+
+	out, _ = dockerCmdWithFail(c, "run", "--net=host", "--mac-address=92:d0:c6:0a:29:33", "busybox", "ps")
+	c.Assert(out, checker.Contains, runconfig.ErrConflictContainerNetworkAndMac.Error())
+
+	out, _ = dockerCmdWithFail(c, "run", "--net=container:other", "--mac-address=92:d0:c6:0a:29:33", "busybox", "ps")
+	c.Assert(out, checker.Contains, runconfig.ErrConflictContainerNetworkAndMac.Error())
+
+	out, _ = dockerCmdWithFail(c, "run", "--net=container:other", "-P", "busybox", "ps")
+	c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkPublishPorts.Error())
+
+	out, _ = dockerCmdWithFail(c, "run", "--net=container:other", "-p", "8080", "busybox", "ps")
+	c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkPublishPorts.Error())
+
+	out, _ = dockerCmdWithFail(c, "run", "--net=container:other", "--expose", "8000-9000", "busybox", "ps")
+	c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkExposePorts.Error())
+}
diff --git a/integration-cli/docker_cli_network_unix_test.go b/integration-cli/docker_cli_network_unix_test.go
new file mode 100644
index 00000000..902766d0
--- /dev/null
+++ b/integration-cli/docker_cli_network_unix_test.go
@@ -0,0 +1,1513 @@
+// +build !windows
+
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net"
+	"net/http"
+	"net/http/httptest"
+	"os"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/runconfig"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/engine-api/types/versions/v1p20"
+	"github.com/docker/libnetwork/driverapi"
+	remoteapi "github.com/docker/libnetwork/drivers/remote/api"
+	"github.com/docker/libnetwork/ipamapi"
+	remoteipam "github.com/docker/libnetwork/ipams/remote/api"
+	"github.com/docker/libnetwork/netlabel"
+	"github.com/go-check/check"
+	"github.com/vishvananda/netlink"
+)
+
+const dummyNetworkDriver = "dummy-network-driver"
+const dummyIpamDriver = "dummy-ipam-driver"
+
+var remoteDriverNetworkRequest remoteapi.CreateNetworkRequest
+
+func init() {
+	check.Suite(&DockerNetworkSuite{
+		ds: &DockerSuite{},
+	})
+}
+
+type DockerNetworkSuite struct {
+	server *httptest.Server
+	ds     *DockerSuite
+	d      *Daemon
+}
+
+func (s *DockerNetworkSuite) SetUpTest(c *check.C) {
+	s.d = NewDaemon(c)
+}
+
+func (s *DockerNetworkSuite) TearDownTest(c *check.C) {
+	s.d.Stop()
+	s.ds.TearDownTest(c)
+}
+
+func (s *DockerNetworkSuite) SetUpSuite(c *check.C) {
+	mux := http.NewServeMux()
+	s.server = httptest.NewServer(mux)
+	c.Assert(s.server, check.NotNil, check.Commentf("Failed to start a HTTP Server"))
+	setupRemoteNetworkDrivers(c, mux, s.server.URL, dummyNetworkDriver, dummyIpamDriver)
+}
+
+func setupRemoteNetworkDrivers(c *check.C, mux *http.ServeMux, url, netDrv, ipamDrv string) {
+
+	mux.HandleFunc("/Plugin.Activate", func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		fmt.Fprintf(w, `{"Implements": ["%s", "%s"]}`, driverapi.NetworkPluginEndpointType, ipamapi.PluginEndpointType)
+	})
+
+	// Network driver implementation
+	mux.HandleFunc(fmt.Sprintf("/%s.GetCapabilities", driverapi.NetworkPluginEndpointType), func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		fmt.Fprintf(w, `{"Scope":"local"}`)
+	})
+
+	mux.HandleFunc(fmt.Sprintf("/%s.CreateNetwork", driverapi.NetworkPluginEndpointType), func(w http.ResponseWriter, r *http.Request) {
+		err := json.NewDecoder(r.Body).Decode(&remoteDriverNetworkRequest)
+		if err != nil {
+			http.Error(w, "Unable to decode JSON payload: "+err.Error(), http.StatusBadRequest)
+			return
+		}
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		fmt.Fprintf(w, "null")
+	})
+
+	mux.HandleFunc(fmt.Sprintf("/%s.DeleteNetwork", driverapi.NetworkPluginEndpointType), func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		fmt.Fprintf(w, "null")
+	})
+
+	mux.HandleFunc(fmt.Sprintf("/%s.CreateEndpoint", driverapi.NetworkPluginEndpointType), func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		fmt.Fprintf(w, `{"Interface":{"MacAddress":"a0:b1:c2:d3:e4:f5"}}`)
+	})
+
+	mux.HandleFunc(fmt.Sprintf("/%s.Join", driverapi.NetworkPluginEndpointType), func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+
+		veth := &netlink.Veth{
+			LinkAttrs: netlink.LinkAttrs{Name: "randomIfName", TxQLen: 0}, PeerName: "cnt0"}
+		if err := netlink.LinkAdd(veth); err != nil {
+			fmt.Fprintf(w, `{"Error":"failed to add veth pair: `+err.Error()+`"}`)
+		} else {
+			fmt.Fprintf(w, `{"InterfaceName":{ "SrcName":"cnt0", "DstPrefix":"veth"}}`)
+		}
+	})
+
+	mux.HandleFunc(fmt.Sprintf("/%s.Leave", driverapi.NetworkPluginEndpointType), func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		fmt.Fprintf(w, "null")
+	})
+
+	mux.HandleFunc(fmt.Sprintf("/%s.DeleteEndpoint", driverapi.NetworkPluginEndpointType), func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		if link, err := netlink.LinkByName("cnt0"); err == nil {
+			netlink.LinkDel(link)
+		}
+		fmt.Fprintf(w, "null")
+	})
+
+	// Ipam Driver implementation
+	var (
+		poolRequest       remoteipam.RequestPoolRequest
+		poolReleaseReq    remoteipam.ReleasePoolRequest
+		addressRequest    remoteipam.RequestAddressRequest
+		addressReleaseReq remoteipam.ReleaseAddressRequest
+		lAS               = "localAS"
+		gAS               = "globalAS"
+		pool              = "172.28.0.0/16"
+		poolID            = lAS + "/" + pool
+		gw                = "172.28.255.254/16"
+	)
+
+	mux.HandleFunc(fmt.Sprintf("/%s.GetDefaultAddressSpaces", ipamapi.PluginEndpointType), func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		fmt.Fprintf(w, `{"LocalDefaultAddressSpace":"`+lAS+`", "GlobalDefaultAddressSpace": "`+gAS+`"}`)
+	})
+
+	mux.HandleFunc(fmt.Sprintf("/%s.RequestPool", ipamapi.PluginEndpointType), func(w http.ResponseWriter, r *http.Request) {
+		err := json.NewDecoder(r.Body).Decode(&poolRequest)
+		if err != nil {
+			http.Error(w, "Unable to decode JSON payload: "+err.Error(), http.StatusBadRequest)
+			return
+		}
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		if poolRequest.AddressSpace != lAS && poolRequest.AddressSpace != gAS {
+			fmt.Fprintf(w, `{"Error":"Unknown address space in pool request: `+poolRequest.AddressSpace+`"}`)
+		} else if poolRequest.Pool != "" && poolRequest.Pool != pool {
+			fmt.Fprintf(w, `{"Error":"Cannot handle explicit pool requests yet"}`)
+		} else {
+			fmt.Fprintf(w, `{"PoolID":"`+poolID+`", "Pool":"`+pool+`"}`)
+		}
+	})
+
+	mux.HandleFunc(fmt.Sprintf("/%s.RequestAddress", ipamapi.PluginEndpointType), func(w http.ResponseWriter, r *http.Request) {
+		err := json.NewDecoder(r.Body).Decode(&addressRequest)
+		if err != nil {
+			http.Error(w, "Unable to decode JSON payload: "+err.Error(), http.StatusBadRequest)
+			return
+		}
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		// make sure libnetwork is now querying on the expected pool id
+		if addressRequest.PoolID != poolID {
+			fmt.Fprintf(w, `{"Error":"unknown pool id"}`)
+		} else if addressRequest.Address != "" {
+			fmt.Fprintf(w, `{"Error":"Cannot handle explicit address requests yet"}`)
+		} else {
+			fmt.Fprintf(w, `{"Address":"`+gw+`"}`)
+		}
+	})
+
+	mux.HandleFunc(fmt.Sprintf("/%s.ReleaseAddress", ipamapi.PluginEndpointType), func(w http.ResponseWriter, r *http.Request) {
+		err := json.NewDecoder(r.Body).Decode(&addressReleaseReq)
+		if err != nil {
+			http.Error(w, "Unable to decode JSON payload: "+err.Error(), http.StatusBadRequest)
+			return
+		}
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		// make sure libnetwork is now asking to release the expected address from the expected poolid
+		if addressRequest.PoolID != poolID {
+			fmt.Fprintf(w, `{"Error":"unknown pool id"}`)
+		} else if addressReleaseReq.Address != gw {
+			fmt.Fprintf(w, `{"Error":"unknown address"}`)
+		} else {
+			fmt.Fprintf(w, "null")
+		}
+	})
+
+	mux.HandleFunc(fmt.Sprintf("/%s.ReleasePool", ipamapi.PluginEndpointType), func(w http.ResponseWriter, r *http.Request) {
+		err := json.NewDecoder(r.Body).Decode(&poolReleaseReq)
+		if err != nil {
+			http.Error(w, "Unable to decode JSON payload: "+err.Error(), http.StatusBadRequest)
+			return
+		}
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		// make sure libnetwork is now asking to release the expected poolid
+		if addressRequest.PoolID != poolID {
+			fmt.Fprintf(w, `{"Error":"unknown pool id"}`)
+		} else {
+			fmt.Fprintf(w, "null")
+		}
+	})
+
+	err := os.MkdirAll("/etc/docker/plugins", 0755)
+	c.Assert(err, checker.IsNil)
+
+	fileName := fmt.Sprintf("/etc/docker/plugins/%s.spec", netDrv)
+	err = ioutil.WriteFile(fileName, []byte(url), 0644)
+	c.Assert(err, checker.IsNil)
+
+	ipamFileName := fmt.Sprintf("/etc/docker/plugins/%s.spec", ipamDrv)
+	err = ioutil.WriteFile(ipamFileName, []byte(url), 0644)
+	c.Assert(err, checker.IsNil)
+}
+
+func (s *DockerNetworkSuite) TearDownSuite(c *check.C) {
+	if s.server == nil {
+		return
+	}
+
+	s.server.Close()
+
+	err := os.RemoveAll("/etc/docker/plugins")
+	c.Assert(err, checker.IsNil)
+}
+
+func assertNwIsAvailable(c *check.C, name string) {
+	if !isNwPresent(c, name) {
+		c.Fatalf("Network %s not found in network ls o/p", name)
+	}
+}
+
+func assertNwNotAvailable(c *check.C, name string) {
+	if isNwPresent(c, name) {
+		c.Fatalf("Found network %s in network ls o/p", name)
+	}
+}
+
+func isNwPresent(c *check.C, name string) bool {
+	out, _ := dockerCmd(c, "network", "ls")
+	lines := strings.Split(out, "\n")
+	for i := 1; i < len(lines)-1; i++ {
+		netFields := strings.Fields(lines[i])
+		if netFields[1] == name {
+			return true
+		}
+	}
+	return false
+}
+
+// assertNwList checks network list retrieved with ls command
+// equals to expected network list
+// note: out should be `network ls [option]` result
+func assertNwList(c *check.C, out string, expectNws []string) {
+	lines := strings.Split(out, "\n")
+	var nwList []string
+	for _, line := range lines[1 : len(lines)-1] {
+		netFields := strings.Fields(line)
+		// wrap all network name in nwList
+		nwList = append(nwList, netFields[1])
+	}
+
+	// network ls should contains all expected networks
+	c.Assert(nwList, checker.DeepEquals, expectNws)
+}
+
+func getNwResource(c *check.C, name string) *types.NetworkResource {
+	out, _ := dockerCmd(c, "network", "inspect", name)
+	nr := []types.NetworkResource{}
+	err := json.Unmarshal([]byte(out), &nr)
+	c.Assert(err, check.IsNil)
+	return &nr[0]
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkLsDefault(c *check.C) {
+	defaults := []string{"bridge", "host", "none"}
+	for _, nn := range defaults {
+		assertNwIsAvailable(c, nn)
+	}
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkCreatePredefined(c *check.C) {
+	predefined := []string{"bridge", "host", "none", "default"}
+	for _, net := range predefined {
+		// predefined networks can't be created again
+		out, _, err := dockerCmdWithError("network", "create", net)
+		c.Assert(err, checker.NotNil, check.Commentf("%v", out))
+	}
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkCreateHostBind(c *check.C) {
+	dockerCmd(c, "network", "create", "--subnet=192.168.10.0/24", "--gateway=192.168.10.1", "-o", "com.docker.network.bridge.host_binding_ipv4=192.168.10.1", "testbind")
+	assertNwIsAvailable(c, "testbind")
+
+	out, _ := runSleepingContainer(c, "--net=testbind", "-p", "5000:5000")
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), checker.IsNil)
+	out, _ = dockerCmd(c, "ps")
+	c.Assert(out, checker.Contains, "192.168.10.1:5000->5000/tcp")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkRmPredefined(c *check.C) {
+	predefined := []string{"bridge", "host", "none", "default"}
+	for _, net := range predefined {
+		// predefined networks can't be removed
+		out, _, err := dockerCmdWithError("network", "rm", net)
+		c.Assert(err, checker.NotNil, check.Commentf("%v", out))
+	}
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkLsFilter(c *check.C) {
+	out, _ := dockerCmd(c, "network", "create", "dev")
+	defer func() {
+		dockerCmd(c, "network", "rm", "dev")
+	}()
+	networkID := strings.TrimSpace(out)
+
+	// filter with partial ID and partial name
+	// only show 'bridge' and 'dev' network
+	out, _ = dockerCmd(c, "network", "ls", "-f", "id="+networkID[0:5], "-f", "name=dge")
+	assertNwList(c, out, []string{"bridge", "dev"})
+
+	// only show built-in network (bridge, none, host)
+	out, _ = dockerCmd(c, "network", "ls", "-f", "type=builtin")
+	assertNwList(c, out, []string{"bridge", "host", "none"})
+
+	// only show custom networks (dev)
+	out, _ = dockerCmd(c, "network", "ls", "-f", "type=custom")
+	assertNwList(c, out, []string{"dev"})
+
+	// show all networks with filter
+	// it should be equivalent of ls without option
+	out, _ = dockerCmd(c, "network", "ls", "-f", "type=custom", "-f", "type=builtin")
+	assertNwList(c, out, []string{"bridge", "dev", "host", "none"})
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkCreateDelete(c *check.C) {
+	dockerCmd(c, "network", "create", "test")
+	assertNwIsAvailable(c, "test")
+
+	dockerCmd(c, "network", "rm", "test")
+	assertNwNotAvailable(c, "test")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkCreateLabel(c *check.C) {
+	testNet := "testnetcreatelabel"
+	testLabel := "foo"
+	testValue := "bar"
+
+	dockerCmd(c, "network", "create", "--label", testLabel+"="+testValue, testNet)
+	assertNwIsAvailable(c, testNet)
+
+	out, _, err := dockerCmdWithError("network", "inspect", "--format='{{ .Labels."+testLabel+" }}'", testNet)
+	c.Assert(err, check.IsNil)
+	c.Assert(strings.TrimSpace(out), check.Equals, testValue)
+
+	dockerCmd(c, "network", "rm", testNet)
+	assertNwNotAvailable(c, testNet)
+}
+
+func (s *DockerSuite) TestDockerNetworkDeleteNotExists(c *check.C) {
+	out, _, err := dockerCmdWithError("network", "rm", "test")
+	c.Assert(err, checker.NotNil, check.Commentf("%v", out))
+}
+
+func (s *DockerSuite) TestDockerNetworkDeleteMultiple(c *check.C) {
+	dockerCmd(c, "network", "create", "testDelMulti0")
+	assertNwIsAvailable(c, "testDelMulti0")
+	dockerCmd(c, "network", "create", "testDelMulti1")
+	assertNwIsAvailable(c, "testDelMulti1")
+	dockerCmd(c, "network", "create", "testDelMulti2")
+	assertNwIsAvailable(c, "testDelMulti2")
+	out, _ := dockerCmd(c, "run", "-d", "--net", "testDelMulti2", "busybox", "top")
+	containerID := strings.TrimSpace(out)
+	waitRun(containerID)
+
+	// delete three networks at the same time, since testDelMulti2
+	// contains active container, its deletion should fail.
+	out, _, err := dockerCmdWithError("network", "rm", "testDelMulti0", "testDelMulti1", "testDelMulti2")
+	// err should not be nil due to deleting testDelMulti2 failed.
+	c.Assert(err, checker.NotNil, check.Commentf("out: %s", out))
+	// testDelMulti2 should fail due to network has active endpoints
+	c.Assert(out, checker.Contains, "has active endpoints")
+	assertNwNotAvailable(c, "testDelMulti0")
+	assertNwNotAvailable(c, "testDelMulti1")
+	// testDelMulti2 can't be deleted, so it should exist
+	assertNwIsAvailable(c, "testDelMulti2")
+}
+
+func (s *DockerSuite) TestDockerNetworkInspect(c *check.C) {
+	out, _ := dockerCmd(c, "network", "inspect", "host")
+	networkResources := []types.NetworkResource{}
+	err := json.Unmarshal([]byte(out), &networkResources)
+	c.Assert(err, check.IsNil)
+	c.Assert(networkResources, checker.HasLen, 1)
+
+	out, _ = dockerCmd(c, "network", "inspect", "--format='{{ .Name }}'", "host")
+	c.Assert(strings.TrimSpace(out), check.Equals, "host")
+}
+
+func (s *DockerSuite) TestDockerInspectMultipleNetwork(c *check.C) {
+	out, _ := dockerCmd(c, "network", "inspect", "host", "none")
+	networkResources := []types.NetworkResource{}
+	err := json.Unmarshal([]byte(out), &networkResources)
+	c.Assert(err, check.IsNil)
+	c.Assert(networkResources, checker.HasLen, 2)
+
+	// Should print an error, return an exitCode 1 *but* should print the host network
+	out, exitCode, err := dockerCmdWithError("network", "inspect", "host", "nonexistent")
+	c.Assert(err, checker.NotNil)
+	c.Assert(exitCode, checker.Equals, 1)
+	c.Assert(out, checker.Contains, "Error: No such network: nonexistent")
+	networkResources = []types.NetworkResource{}
+	inspectOut := strings.SplitN(out, "\nError: No such network: nonexistent\n", 2)[0]
+	err = json.Unmarshal([]byte(inspectOut), &networkResources)
+	c.Assert(networkResources, checker.HasLen, 1)
+
+	// Should print an error and return an exitCode, nothing else
+	out, exitCode, err = dockerCmdWithError("network", "inspect", "nonexistent")
+	c.Assert(err, checker.NotNil)
+	c.Assert(exitCode, checker.Equals, 1)
+	c.Assert(out, checker.Contains, "Error: No such network: nonexistent")
+}
+
+func (s *DockerSuite) TestDockerInspectNetworkWithContainerName(c *check.C) {
+	dockerCmd(c, "network", "create", "brNetForInspect")
+	assertNwIsAvailable(c, "brNetForInspect")
+	defer func() {
+		dockerCmd(c, "network", "rm", "brNetForInspect")
+		assertNwNotAvailable(c, "brNetForInspect")
+	}()
+
+	out, _ := dockerCmd(c, "run", "-d", "--name", "testNetInspect1", "--net", "brNetForInspect", "busybox", "top")
+	c.Assert(waitRun("testNetInspect1"), check.IsNil)
+	containerID := strings.TrimSpace(out)
+	defer func() {
+		// we don't stop container by name, because we'll rename it later
+		dockerCmd(c, "stop", containerID)
+	}()
+
+	out, _ = dockerCmd(c, "network", "inspect", "brNetForInspect")
+	networkResources := []types.NetworkResource{}
+	err := json.Unmarshal([]byte(out), &networkResources)
+	c.Assert(err, check.IsNil)
+	c.Assert(networkResources, checker.HasLen, 1)
+	container, ok := networkResources[0].Containers[containerID]
+	c.Assert(ok, checker.True)
+	c.Assert(container.Name, checker.Equals, "testNetInspect1")
+
+	// rename container and check docker inspect output update
+	newName := "HappyNewName"
+	dockerCmd(c, "rename", "testNetInspect1", newName)
+
+	// check whether network inspect works properly
+	out, _ = dockerCmd(c, "network", "inspect", "brNetForInspect")
+	newNetRes := []types.NetworkResource{}
+	err = json.Unmarshal([]byte(out), &newNetRes)
+	c.Assert(err, check.IsNil)
+	c.Assert(newNetRes, checker.HasLen, 1)
+	container1, ok := newNetRes[0].Containers[containerID]
+	c.Assert(ok, checker.True)
+	c.Assert(container1.Name, checker.Equals, newName)
+
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkConnectDisconnect(c *check.C) {
+	dockerCmd(c, "network", "create", "test")
+	assertNwIsAvailable(c, "test")
+	nr := getNwResource(c, "test")
+
+	c.Assert(nr.Name, checker.Equals, "test")
+	c.Assert(len(nr.Containers), checker.Equals, 0)
+
+	// run a container
+	out, _ := dockerCmd(c, "run", "-d", "--name", "test", "busybox", "top")
+	c.Assert(waitRun("test"), check.IsNil)
+	containerID := strings.TrimSpace(out)
+
+	// connect the container to the test network
+	dockerCmd(c, "network", "connect", "test", containerID)
+
+	// inspect the network to make sure container is connected
+	nr = getNetworkResource(c, nr.ID)
+	c.Assert(len(nr.Containers), checker.Equals, 1)
+	c.Assert(nr.Containers[containerID], check.NotNil)
+
+	// check if container IP matches network inspect
+	ip, _, err := net.ParseCIDR(nr.Containers[containerID].IPv4Address)
+	c.Assert(err, check.IsNil)
+	containerIP := findContainerIP(c, "test", "test")
+	c.Assert(ip.String(), checker.Equals, containerIP)
+
+	// disconnect container from the network
+	dockerCmd(c, "network", "disconnect", "test", containerID)
+	nr = getNwResource(c, "test")
+	c.Assert(nr.Name, checker.Equals, "test")
+	c.Assert(len(nr.Containers), checker.Equals, 0)
+
+	// run another container
+	out, _ = dockerCmd(c, "run", "-d", "--net", "test", "--name", "test2", "busybox", "top")
+	c.Assert(waitRun("test2"), check.IsNil)
+	containerID = strings.TrimSpace(out)
+
+	nr = getNwResource(c, "test")
+	c.Assert(nr.Name, checker.Equals, "test")
+	c.Assert(len(nr.Containers), checker.Equals, 1)
+
+	// force disconnect the container to the test network
+	dockerCmd(c, "network", "disconnect", "-f", "test", containerID)
+
+	nr = getNwResource(c, "test")
+	c.Assert(nr.Name, checker.Equals, "test")
+	c.Assert(len(nr.Containers), checker.Equals, 0)
+
+	dockerCmd(c, "network", "rm", "test")
+	assertNwNotAvailable(c, "test")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkIpamMultipleNetworks(c *check.C) {
+	// test0 bridge network
+	dockerCmd(c, "network", "create", "--subnet=192.168.0.0/16", "test1")
+	assertNwIsAvailable(c, "test1")
+
+	// test2 bridge network does not overlap
+	dockerCmd(c, "network", "create", "--subnet=192.169.0.0/16", "test2")
+	assertNwIsAvailable(c, "test2")
+
+	// for networks w/o ipam specified, docker will choose proper non-overlapping subnets
+	dockerCmd(c, "network", "create", "test3")
+	assertNwIsAvailable(c, "test3")
+	dockerCmd(c, "network", "create", "test4")
+	assertNwIsAvailable(c, "test4")
+	dockerCmd(c, "network", "create", "test5")
+	assertNwIsAvailable(c, "test5")
+
+	// test network with multiple subnets
+	// bridge network doesn't support multiple subnets. hence, use a dummy driver that supports
+
+	dockerCmd(c, "network", "create", "-d", dummyNetworkDriver, "--subnet=192.168.0.0/16", "--subnet=192.170.0.0/16", "test6")
+	assertNwIsAvailable(c, "test6")
+
+	// test network with multiple subnets with valid ipam combinations
+	// also check same subnet across networks when the driver supports it.
+	dockerCmd(c, "network", "create", "-d", dummyNetworkDriver,
+		"--subnet=192.168.0.0/16", "--subnet=192.170.0.0/16",
+		"--gateway=192.168.0.100", "--gateway=192.170.0.100",
+		"--ip-range=192.168.1.0/24",
+		"--aux-address", "a=192.168.1.5", "--aux-address", "b=192.168.1.6",
+		"--aux-address", "a=192.170.1.5", "--aux-address", "b=192.170.1.6",
+		"test7")
+	assertNwIsAvailable(c, "test7")
+
+	// cleanup
+	for i := 1; i < 8; i++ {
+		dockerCmd(c, "network", "rm", fmt.Sprintf("test%d", i))
+	}
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkCustomIpam(c *check.C) {
+	// Create a bridge network using custom ipam driver
+	dockerCmd(c, "network", "create", "--ipam-driver", dummyIpamDriver, "br0")
+	assertNwIsAvailable(c, "br0")
+
+	// Verify expected network ipam fields are there
+	nr := getNetworkResource(c, "br0")
+	c.Assert(nr.Driver, checker.Equals, "bridge")
+	c.Assert(nr.IPAM.Driver, checker.Equals, dummyIpamDriver)
+
+	// remove network and exercise remote ipam driver
+	dockerCmd(c, "network", "rm", "br0")
+	assertNwNotAvailable(c, "br0")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkIpamOptions(c *check.C) {
+	// Create a bridge network using custom ipam driver and options
+	dockerCmd(c, "network", "create", "--ipam-driver", dummyIpamDriver, "--ipam-opt", "opt1=drv1", "--ipam-opt", "opt2=drv2", "br0")
+	assertNwIsAvailable(c, "br0")
+
+	// Verify expected network ipam options
+	nr := getNetworkResource(c, "br0")
+	opts := nr.IPAM.Options
+	c.Assert(opts["opt1"], checker.Equals, "drv1")
+	c.Assert(opts["opt2"], checker.Equals, "drv2")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkInspectDefault(c *check.C) {
+	nr := getNetworkResource(c, "none")
+	c.Assert(nr.Driver, checker.Equals, "null")
+	c.Assert(nr.Scope, checker.Equals, "local")
+	c.Assert(nr.Internal, checker.Equals, false)
+	c.Assert(nr.EnableIPv6, checker.Equals, false)
+	c.Assert(nr.IPAM.Driver, checker.Equals, "default")
+	c.Assert(len(nr.IPAM.Config), checker.Equals, 0)
+
+	nr = getNetworkResource(c, "host")
+	c.Assert(nr.Driver, checker.Equals, "host")
+	c.Assert(nr.Scope, checker.Equals, "local")
+	c.Assert(nr.Internal, checker.Equals, false)
+	c.Assert(nr.EnableIPv6, checker.Equals, false)
+	c.Assert(nr.IPAM.Driver, checker.Equals, "default")
+	c.Assert(len(nr.IPAM.Config), checker.Equals, 0)
+
+	nr = getNetworkResource(c, "bridge")
+	c.Assert(nr.Driver, checker.Equals, "bridge")
+	c.Assert(nr.Scope, checker.Equals, "local")
+	c.Assert(nr.Internal, checker.Equals, false)
+	c.Assert(nr.EnableIPv6, checker.Equals, false)
+	c.Assert(nr.IPAM.Driver, checker.Equals, "default")
+	c.Assert(len(nr.IPAM.Config), checker.Equals, 1)
+	c.Assert(nr.IPAM.Config[0].Subnet, checker.NotNil)
+	c.Assert(nr.IPAM.Config[0].Gateway, checker.NotNil)
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkInspectCustomUnspecified(c *check.C) {
+	// if unspecified, network subnet will be selected from inside preferred pool
+	dockerCmd(c, "network", "create", "test01")
+	assertNwIsAvailable(c, "test01")
+
+	nr := getNetworkResource(c, "test01")
+	c.Assert(nr.Driver, checker.Equals, "bridge")
+	c.Assert(nr.Scope, checker.Equals, "local")
+	c.Assert(nr.Internal, checker.Equals, false)
+	c.Assert(nr.EnableIPv6, checker.Equals, false)
+	c.Assert(nr.IPAM.Driver, checker.Equals, "default")
+	c.Assert(len(nr.IPAM.Config), checker.Equals, 1)
+	c.Assert(nr.IPAM.Config[0].Subnet, checker.NotNil)
+	c.Assert(nr.IPAM.Config[0].Gateway, checker.NotNil)
+
+	dockerCmd(c, "network", "rm", "test01")
+	assertNwNotAvailable(c, "test01")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkInspectCustomSpecified(c *check.C) {
+	dockerCmd(c, "network", "create", "--driver=bridge", "--ipv6", "--subnet=172.28.0.0/16", "--ip-range=172.28.5.0/24", "--gateway=172.28.5.254", "br0")
+	assertNwIsAvailable(c, "br0")
+
+	nr := getNetworkResource(c, "br0")
+	c.Assert(nr.Driver, checker.Equals, "bridge")
+	c.Assert(nr.Scope, checker.Equals, "local")
+	c.Assert(nr.Internal, checker.Equals, false)
+	c.Assert(nr.EnableIPv6, checker.Equals, true)
+	c.Assert(nr.IPAM.Driver, checker.Equals, "default")
+	c.Assert(len(nr.IPAM.Config), checker.Equals, 1)
+	c.Assert(nr.IPAM.Config[0].Subnet, checker.Equals, "172.28.0.0/16")
+	c.Assert(nr.IPAM.Config[0].IPRange, checker.Equals, "172.28.5.0/24")
+	c.Assert(nr.IPAM.Config[0].Gateway, checker.Equals, "172.28.5.254")
+	c.Assert(nr.Internal, checker.False)
+	dockerCmd(c, "network", "rm", "br0")
+	assertNwNotAvailable(c, "test01")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkIpamInvalidCombinations(c *check.C) {
+	// network with ip-range out of subnet range
+	_, _, err := dockerCmdWithError("network", "create", "--subnet=192.168.0.0/16", "--ip-range=192.170.0.0/16", "test")
+	c.Assert(err, check.NotNil)
+
+	// network with multiple gateways for a single subnet
+	_, _, err = dockerCmdWithError("network", "create", "--subnet=192.168.0.0/16", "--gateway=192.168.0.1", "--gateway=192.168.0.2", "test")
+	c.Assert(err, check.NotNil)
+
+	// Multiple overlapping subnets in the same network must fail
+	_, _, err = dockerCmdWithError("network", "create", "--subnet=192.168.0.0/16", "--subnet=192.168.1.0/16", "test")
+	c.Assert(err, check.NotNil)
+
+	// overlapping subnets across networks must fail
+	// create a valid test0 network
+	dockerCmd(c, "network", "create", "--subnet=192.168.0.0/16", "test0")
+	assertNwIsAvailable(c, "test0")
+	// create an overlapping test1 network
+	_, _, err = dockerCmdWithError("network", "create", "--subnet=192.168.128.0/17", "test1")
+	c.Assert(err, check.NotNil)
+	dockerCmd(c, "network", "rm", "test0")
+	assertNwNotAvailable(c, "test0")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkDriverOptions(c *check.C) {
+	dockerCmd(c, "network", "create", "-d", dummyNetworkDriver, "-o", "opt1=drv1", "-o", "opt2=drv2", "testopt")
+	assertNwIsAvailable(c, "testopt")
+	gopts := remoteDriverNetworkRequest.Options[netlabel.GenericData]
+	c.Assert(gopts, checker.NotNil)
+	opts, ok := gopts.(map[string]interface{})
+	c.Assert(ok, checker.Equals, true)
+	c.Assert(opts["opt1"], checker.Equals, "drv1")
+	c.Assert(opts["opt2"], checker.Equals, "drv2")
+	dockerCmd(c, "network", "rm", "testopt")
+	assertNwNotAvailable(c, "testopt")
+
+}
+
+func (s *DockerDaemonSuite) TestDockerNetworkNoDiscoveryDefaultBridgeNetwork(c *check.C) {
+	testRequires(c, ExecSupport)
+	// On default bridge network built-in service discovery should not happen
+	hostsFile := "/etc/hosts"
+	bridgeName := "external-bridge"
+	bridgeIP := "192.169.255.254/24"
+	out, err := createInterface(c, "bridge", bridgeName, bridgeIP)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	defer deleteInterface(c, bridgeName)
+
+	err = s.d.StartWithBusybox("--bridge", bridgeName)
+	c.Assert(err, check.IsNil)
+	defer s.d.Restart()
+
+	// run two containers and store first container's etc/hosts content
+	out, err = s.d.Cmd("run", "-d", "busybox", "top")
+	c.Assert(err, check.IsNil)
+	cid1 := strings.TrimSpace(out)
+	defer s.d.Cmd("stop", cid1)
+
+	hosts, err := s.d.Cmd("exec", cid1, "cat", hostsFile)
+	c.Assert(err, checker.IsNil)
+
+	out, err = s.d.Cmd("run", "-d", "--name", "container2", "busybox", "top")
+	c.Assert(err, check.IsNil)
+	cid2 := strings.TrimSpace(out)
+
+	// verify first container's etc/hosts file has not changed after spawning the second named container
+	hostsPost, err := s.d.Cmd("exec", cid1, "cat", hostsFile)
+	c.Assert(err, checker.IsNil)
+	c.Assert(string(hosts), checker.Equals, string(hostsPost),
+		check.Commentf("Unexpected %s change on second container creation", hostsFile))
+
+	// stop container 2 and verify first container's etc/hosts has not changed
+	_, err = s.d.Cmd("stop", cid2)
+	c.Assert(err, check.IsNil)
+
+	hostsPost, err = s.d.Cmd("exec", cid1, "cat", hostsFile)
+	c.Assert(err, checker.IsNil)
+	c.Assert(string(hosts), checker.Equals, string(hostsPost),
+		check.Commentf("Unexpected %s change on second container creation", hostsFile))
+
+	// but discovery is on when connecting to non default bridge network
+	network := "anotherbridge"
+	out, err = s.d.Cmd("network", "create", network)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	defer s.d.Cmd("network", "rm", network)
+
+	out, err = s.d.Cmd("network", "connect", network, cid1)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	hosts, err = s.d.Cmd("exec", cid1, "cat", hostsFile)
+	c.Assert(err, checker.IsNil)
+
+	hostsPost, err = s.d.Cmd("exec", cid1, "cat", hostsFile)
+	c.Assert(err, checker.IsNil)
+	c.Assert(string(hosts), checker.Equals, string(hostsPost),
+		check.Commentf("Unexpected %s change on second network connection", hostsFile))
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkAnonymousEndpoint(c *check.C) {
+	testRequires(c, ExecSupport, NotArm)
+	hostsFile := "/etc/hosts"
+	cstmBridgeNw := "custom-bridge-nw"
+	cstmBridgeNw1 := "custom-bridge-nw1"
+
+	dockerCmd(c, "network", "create", "-d", "bridge", cstmBridgeNw)
+	assertNwIsAvailable(c, cstmBridgeNw)
+
+	// run two anonymous containers and store their etc/hosts content
+	out, _ := dockerCmd(c, "run", "-d", "--net", cstmBridgeNw, "busybox", "top")
+	cid1 := strings.TrimSpace(out)
+
+	hosts1, err := readContainerFileWithExec(cid1, hostsFile)
+	c.Assert(err, checker.IsNil)
+
+	out, _ = dockerCmd(c, "run", "-d", "--net", cstmBridgeNw, "busybox", "top")
+	cid2 := strings.TrimSpace(out)
+
+	hosts2, err := readContainerFileWithExec(cid2, hostsFile)
+	c.Assert(err, checker.IsNil)
+
+	// verify first container etc/hosts file has not changed
+	hosts1post, err := readContainerFileWithExec(cid1, hostsFile)
+	c.Assert(err, checker.IsNil)
+	c.Assert(string(hosts1), checker.Equals, string(hosts1post),
+		check.Commentf("Unexpected %s change on anonymous container creation", hostsFile))
+
+	// Connect the 2nd container to a new network and verify the
+	// first container /etc/hosts file still hasn't changed.
+	dockerCmd(c, "network", "create", "-d", "bridge", cstmBridgeNw1)
+	assertNwIsAvailable(c, cstmBridgeNw1)
+
+	dockerCmd(c, "network", "connect", cstmBridgeNw1, cid2)
+
+	hosts2, err = readContainerFileWithExec(cid2, hostsFile)
+	c.Assert(err, checker.IsNil)
+
+	hosts1post, err = readContainerFileWithExec(cid1, hostsFile)
+	c.Assert(err, checker.IsNil)
+	c.Assert(string(hosts1), checker.Equals, string(hosts1post),
+		check.Commentf("Unexpected %s change on container connect", hostsFile))
+
+	// start a named container
+	cName := "AnyName"
+	out, _ = dockerCmd(c, "run", "-d", "--net", cstmBridgeNw, "--name", cName, "busybox", "top")
+	cid3 := strings.TrimSpace(out)
+
+	// verify that container 1 and 2 can ping the named container
+	dockerCmd(c, "exec", cid1, "ping", "-c", "1", cName)
+	dockerCmd(c, "exec", cid2, "ping", "-c", "1", cName)
+
+	// Stop named container and verify first two containers' etc/hosts file hasn't changed
+	dockerCmd(c, "stop", cid3)
+	hosts1post, err = readContainerFileWithExec(cid1, hostsFile)
+	c.Assert(err, checker.IsNil)
+	c.Assert(string(hosts1), checker.Equals, string(hosts1post),
+		check.Commentf("Unexpected %s change on name container creation", hostsFile))
+
+	hosts2post, err := readContainerFileWithExec(cid2, hostsFile)
+	c.Assert(err, checker.IsNil)
+	c.Assert(string(hosts2), checker.Equals, string(hosts2post),
+		check.Commentf("Unexpected %s change on name container creation", hostsFile))
+
+	// verify that container 1 and 2 can't ping the named container now
+	_, _, err = dockerCmdWithError("exec", cid1, "ping", "-c", "1", cName)
+	c.Assert(err, check.NotNil)
+	_, _, err = dockerCmdWithError("exec", cid2, "ping", "-c", "1", cName)
+	c.Assert(err, check.NotNil)
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkLinkOnDefaultNetworkOnly(c *check.C) {
+	// Legacy Link feature must work only on default network, and not across networks
+	cnt1 := "container1"
+	cnt2 := "container2"
+	network := "anotherbridge"
+
+	// Run first container on default network
+	dockerCmd(c, "run", "-d", "--name", cnt1, "busybox", "top")
+
+	// Create another network and run the second container on it
+	dockerCmd(c, "network", "create", network)
+	assertNwIsAvailable(c, network)
+	dockerCmd(c, "run", "-d", "--net", network, "--name", cnt2, "busybox", "top")
+
+	// Try launching a container on default network, linking to the first container. Must succeed
+	dockerCmd(c, "run", "-d", "--link", fmt.Sprintf("%s:%s", cnt1, cnt1), "busybox", "top")
+
+	// Try launching a container on default network, linking to the second container. Must fail
+	_, _, err := dockerCmdWithError("run", "-d", "--link", fmt.Sprintf("%s:%s", cnt2, cnt2), "busybox", "top")
+	c.Assert(err, checker.NotNil)
+
+	// Connect second container to default network. Now a container on default network can link to it
+	dockerCmd(c, "network", "connect", "bridge", cnt2)
+	dockerCmd(c, "run", "-d", "--link", fmt.Sprintf("%s:%s", cnt2, cnt2), "busybox", "top")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkOverlayPortMapping(c *check.C) {
+	// Verify exposed ports are present in ps output when running a container on
+	// a network managed by a driver which does not provide the default gateway
+	// for the container
+	nwn := "ov"
+	ctn := "bb"
+	port1 := 80
+	port2 := 443
+	expose1 := fmt.Sprintf("--expose=%d", port1)
+	expose2 := fmt.Sprintf("--expose=%d", port2)
+
+	dockerCmd(c, "network", "create", "-d", dummyNetworkDriver, nwn)
+	assertNwIsAvailable(c, nwn)
+
+	dockerCmd(c, "run", "-d", "--net", nwn, "--name", ctn, expose1, expose2, "busybox", "top")
+
+	// Check docker ps o/p for last created container reports the unpublished ports
+	unpPort1 := fmt.Sprintf("%d/tcp", port1)
+	unpPort2 := fmt.Sprintf("%d/tcp", port2)
+	out, _ := dockerCmd(c, "ps", "-n=1")
+	// Missing unpublished ports in docker ps output
+	c.Assert(out, checker.Contains, unpPort1)
+	// Missing unpublished ports in docker ps output
+	c.Assert(out, checker.Contains, unpPort2)
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkDriverUngracefulRestart(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	dnd := "dnd"
+	did := "did"
+
+	mux := http.NewServeMux()
+	server := httptest.NewServer(mux)
+	setupRemoteNetworkDrivers(c, mux, server.URL, dnd, did)
+
+	s.d.StartWithBusybox()
+	_, err := s.d.Cmd("network", "create", "-d", dnd, "--subnet", "1.1.1.0/24", "net1")
+	c.Assert(err, checker.IsNil)
+
+	_, err = s.d.Cmd("run", "-itd", "--net", "net1", "--name", "foo", "--ip", "1.1.1.10", "busybox", "sh")
+	c.Assert(err, checker.IsNil)
+
+	// Kill daemon and restart
+	if err = s.d.cmd.Process.Kill(); err != nil {
+		c.Fatal(err)
+	}
+
+	server.Close()
+
+	startTime := time.Now().Unix()
+	if err = s.d.Restart(); err != nil {
+		c.Fatal(err)
+	}
+	lapse := time.Now().Unix() - startTime
+	if lapse > 60 {
+		// In normal scenarios, daemon restart takes ~1 second.
+		// Plugin retry mechanism can delay the daemon start. systemd may not like it.
+		// Avoid accessing plugins during daemon bootup
+		c.Logf("daemon restart took too long : %d seconds", lapse)
+	}
+
+	// Restart the custom dummy plugin
+	mux = http.NewServeMux()
+	server = httptest.NewServer(mux)
+	setupRemoteNetworkDrivers(c, mux, server.URL, dnd, did)
+
+	// trying to reuse the same ip must succeed
+	_, err = s.d.Cmd("run", "-itd", "--net", "net1", "--name", "bar", "--ip", "1.1.1.10", "busybox", "sh")
+	c.Assert(err, checker.IsNil)
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkMacInspect(c *check.C) {
+	// Verify endpoint MAC address is correctly populated in container's network settings
+	nwn := "ov"
+	ctn := "bb"
+
+	dockerCmd(c, "network", "create", "-d", dummyNetworkDriver, nwn)
+	assertNwIsAvailable(c, nwn)
+
+	dockerCmd(c, "run", "-d", "--net", nwn, "--name", ctn, "busybox", "top")
+
+	mac := inspectField(c, ctn, "NetworkSettings.Networks."+nwn+".MacAddress")
+	c.Assert(mac, checker.Equals, "a0:b1:c2:d3:e4:f5")
+}
+
+func (s *DockerSuite) TestInspectApiMultipleNetworks(c *check.C) {
+	dockerCmd(c, "network", "create", "mybridge1")
+	dockerCmd(c, "network", "create", "mybridge2")
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "top")
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), check.IsNil)
+
+	dockerCmd(c, "network", "connect", "mybridge1", id)
+	dockerCmd(c, "network", "connect", "mybridge2", id)
+
+	body := getInspectBody(c, "v1.20", id)
+	var inspect120 v1p20.ContainerJSON
+	err := json.Unmarshal(body, &inspect120)
+	c.Assert(err, checker.IsNil)
+
+	versionedIP := inspect120.NetworkSettings.IPAddress
+
+	body = getInspectBody(c, "v1.21", id)
+	var inspect121 types.ContainerJSON
+	err = json.Unmarshal(body, &inspect121)
+	c.Assert(err, checker.IsNil)
+	c.Assert(inspect121.NetworkSettings.Networks, checker.HasLen, 3)
+
+	bridge := inspect121.NetworkSettings.Networks["bridge"]
+	c.Assert(bridge.IPAddress, checker.Equals, versionedIP)
+	c.Assert(bridge.IPAddress, checker.Equals, inspect121.NetworkSettings.IPAddress)
+}
+
+func connectContainerToNetworks(c *check.C, d *Daemon, cName string, nws []string) {
+	// Run a container on the default network
+	out, err := d.Cmd("run", "-d", "--name", cName, "busybox", "top")
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+
+	// Attach the container to other networks
+	for _, nw := range nws {
+		out, err = d.Cmd("network", "create", nw)
+		c.Assert(err, checker.IsNil, check.Commentf(out))
+		out, err = d.Cmd("network", "connect", nw, cName)
+		c.Assert(err, checker.IsNil, check.Commentf(out))
+	}
+}
+
+func verifyContainerIsConnectedToNetworks(c *check.C, d *Daemon, cName string, nws []string) {
+	// Verify container is connected to all the networks
+	for _, nw := range nws {
+		out, err := d.Cmd("inspect", "-f", fmt.Sprintf("{{.NetworkSettings.Networks.%s}}", nw), cName)
+		c.Assert(err, checker.IsNil, check.Commentf(out))
+		c.Assert(out, checker.Not(checker.Equals), "<no value>\n")
+	}
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkMultipleNetworksGracefulDaemonRestart(c *check.C) {
+	cName := "bb"
+	nwList := []string{"nw1", "nw2", "nw3"}
+
+	s.d.StartWithBusybox()
+
+	connectContainerToNetworks(c, s.d, cName, nwList)
+	verifyContainerIsConnectedToNetworks(c, s.d, cName, nwList)
+
+	// Reload daemon
+	s.d.Restart()
+
+	_, err := s.d.Cmd("start", cName)
+	c.Assert(err, checker.IsNil)
+
+	verifyContainerIsConnectedToNetworks(c, s.d, cName, nwList)
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkMultipleNetworksUngracefulDaemonRestart(c *check.C) {
+	cName := "cc"
+	nwList := []string{"nw1", "nw2", "nw3"}
+
+	s.d.StartWithBusybox()
+
+	connectContainerToNetworks(c, s.d, cName, nwList)
+	verifyContainerIsConnectedToNetworks(c, s.d, cName, nwList)
+
+	// Kill daemon and restart
+	if err := s.d.cmd.Process.Kill(); err != nil {
+		c.Fatal(err)
+	}
+	s.d.Restart()
+
+	// Restart container
+	_, err := s.d.Cmd("start", cName)
+	c.Assert(err, checker.IsNil)
+
+	verifyContainerIsConnectedToNetworks(c, s.d, cName, nwList)
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkRunNetByID(c *check.C) {
+	out, _ := dockerCmd(c, "network", "create", "one")
+	containerOut, _, err := dockerCmdWithError("run", "-d", "--net", strings.TrimSpace(out), "busybox", "top")
+	c.Assert(err, checker.IsNil, check.Commentf(containerOut))
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkHostModeUngracefulDaemonRestart(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	s.d.StartWithBusybox()
+
+	// Run a few containers on host network
+	for i := 0; i < 10; i++ {
+		cName := fmt.Sprintf("hostc-%d", i)
+		out, err := s.d.Cmd("run", "-d", "--name", cName, "--net=host", "--restart=always", "busybox", "top")
+		c.Assert(err, checker.IsNil, check.Commentf(out))
+
+		// verfiy container has finished starting before killing daemon
+		err = s.d.waitRun(cName)
+		c.Assert(err, checker.IsNil)
+	}
+
+	// Kill daemon ungracefully and restart
+	if err := s.d.cmd.Process.Kill(); err != nil {
+		c.Fatal(err)
+	}
+	if err := s.d.Restart(); err != nil {
+		c.Fatal(err)
+	}
+
+	// make sure all the containers are up and running
+	for i := 0; i < 10; i++ {
+		err := s.d.waitRun(fmt.Sprintf("hostc-%d", i))
+		c.Assert(err, checker.IsNil)
+	}
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkConnectToHostFromOtherNetwork(c *check.C) {
+	dockerCmd(c, "run", "-d", "--name", "container1", "busybox", "top")
+	c.Assert(waitRun("container1"), check.IsNil)
+	dockerCmd(c, "network", "disconnect", "bridge", "container1")
+	out, _, err := dockerCmdWithError("network", "connect", "host", "container1")
+	c.Assert(err, checker.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, runconfig.ErrConflictHostNetwork.Error())
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkDisconnectFromHost(c *check.C) {
+	dockerCmd(c, "run", "-d", "--name", "container1", "--net=host", "busybox", "top")
+	c.Assert(waitRun("container1"), check.IsNil)
+	out, _, err := dockerCmdWithError("network", "disconnect", "host", "container1")
+	c.Assert(err, checker.NotNil, check.Commentf("Should err out disconnect from host"))
+	c.Assert(out, checker.Contains, runconfig.ErrConflictHostNetwork.Error())
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkConnectWithPortMapping(c *check.C) {
+	testRequires(c, NotArm)
+	dockerCmd(c, "network", "create", "test1")
+	dockerCmd(c, "run", "-d", "--name", "c1", "-p", "5000:5000", "busybox", "top")
+	c.Assert(waitRun("c1"), check.IsNil)
+	dockerCmd(c, "network", "connect", "test1", "c1")
+}
+
+func verifyPortMap(c *check.C, container, port, originalMapping string, mustBeEqual bool) {
+	chk := checker.Equals
+	if !mustBeEqual {
+		chk = checker.Not(checker.Equals)
+	}
+	currentMapping, _ := dockerCmd(c, "port", container, port)
+	c.Assert(currentMapping, chk, originalMapping)
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkConnectDisconnectWithPortMapping(c *check.C) {
+	// Connect and disconnect a container with explicit and non-explicit
+	// host port mapping to/from networks which do cause and do not cause
+	// the container default gateway to change, and verify docker port cmd
+	// returns congruent information
+	testRequires(c, NotArm)
+	cnt := "c1"
+	dockerCmd(c, "network", "create", "aaa")
+	dockerCmd(c, "network", "create", "ccc")
+
+	dockerCmd(c, "run", "-d", "--name", cnt, "-p", "9000:90", "-p", "70", "busybox", "top")
+	c.Assert(waitRun(cnt), check.IsNil)
+	curPortMap, _ := dockerCmd(c, "port", cnt, "70")
+	curExplPortMap, _ := dockerCmd(c, "port", cnt, "90")
+
+	// Connect to a network which causes the container's default gw switch
+	dockerCmd(c, "network", "connect", "aaa", cnt)
+	verifyPortMap(c, cnt, "70", curPortMap, false)
+	verifyPortMap(c, cnt, "90", curExplPortMap, true)
+
+	// Read current mapping
+	curPortMap, _ = dockerCmd(c, "port", cnt, "70")
+
+	// Disconnect from a network which causes the container's default gw switch
+	dockerCmd(c, "network", "disconnect", "aaa", cnt)
+	verifyPortMap(c, cnt, "70", curPortMap, false)
+	verifyPortMap(c, cnt, "90", curExplPortMap, true)
+
+	// Read current mapping
+	curPortMap, _ = dockerCmd(c, "port", cnt, "70")
+
+	// Connect to a network which does not cause the container's default gw switch
+	dockerCmd(c, "network", "connect", "ccc", cnt)
+	verifyPortMap(c, cnt, "70", curPortMap, true)
+	verifyPortMap(c, cnt, "90", curExplPortMap, true)
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkConnectWithMac(c *check.C) {
+	macAddress := "02:42:ac:11:00:02"
+	dockerCmd(c, "network", "create", "mynetwork")
+	dockerCmd(c, "run", "--name=test", "-d", "--mac-address", macAddress, "busybox", "top")
+	c.Assert(waitRun("test"), check.IsNil)
+	mac1 := inspectField(c, "test", "NetworkSettings.Networks.bridge.MacAddress")
+	c.Assert(strings.TrimSpace(mac1), checker.Equals, macAddress)
+	dockerCmd(c, "network", "connect", "mynetwork", "test")
+	mac2 := inspectField(c, "test", "NetworkSettings.Networks.mynetwork.MacAddress")
+	c.Assert(strings.TrimSpace(mac2), checker.Not(checker.Equals), strings.TrimSpace(mac1))
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkInspectCreatedContainer(c *check.C) {
+	dockerCmd(c, "create", "--name", "test", "busybox")
+	networks := inspectField(c, "test", "NetworkSettings.Networks")
+	c.Assert(networks, checker.Contains, "bridge", check.Commentf("Should return 'bridge' network"))
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkRestartWithMultipleNetworks(c *check.C) {
+	dockerCmd(c, "network", "create", "test")
+	dockerCmd(c, "run", "--name=foo", "-d", "busybox", "top")
+	c.Assert(waitRun("foo"), checker.IsNil)
+	dockerCmd(c, "network", "connect", "test", "foo")
+	dockerCmd(c, "restart", "foo")
+	networks := inspectField(c, "foo", "NetworkSettings.Networks")
+	c.Assert(networks, checker.Contains, "bridge", check.Commentf("Should contain 'bridge' network"))
+	c.Assert(networks, checker.Contains, "test", check.Commentf("Should contain 'test' network"))
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkConnectDisconnectToStoppedContainer(c *check.C) {
+	dockerCmd(c, "network", "create", "test")
+	dockerCmd(c, "create", "--name=foo", "busybox", "top")
+	dockerCmd(c, "network", "connect", "test", "foo")
+	networks := inspectField(c, "foo", "NetworkSettings.Networks")
+	c.Assert(networks, checker.Contains, "test", check.Commentf("Should contain 'test' network"))
+
+	// Restart docker daemon to test the config has persisted to disk
+	s.d.Restart()
+	networks = inspectField(c, "foo", "NetworkSettings.Networks")
+	c.Assert(networks, checker.Contains, "test", check.Commentf("Should contain 'test' network"))
+
+	// start the container and test if we can ping it from another container in the same network
+	dockerCmd(c, "start", "foo")
+	c.Assert(waitRun("foo"), checker.IsNil)
+	ip := inspectField(c, "foo", "NetworkSettings.Networks.test.IPAddress")
+	ip = strings.TrimSpace(ip)
+	dockerCmd(c, "run", "--net=test", "busybox", "sh", "-c", fmt.Sprintf("ping -c 1 %s", ip))
+
+	dockerCmd(c, "stop", "foo")
+
+	// Test disconnect
+	dockerCmd(c, "network", "disconnect", "test", "foo")
+	networks = inspectField(c, "foo", "NetworkSettings.Networks")
+	c.Assert(networks, checker.Not(checker.Contains), "test", check.Commentf("Should not contain 'test' network"))
+
+	// Restart docker daemon to test the config has persisted to disk
+	s.d.Restart()
+	networks = inspectField(c, "foo", "NetworkSettings.Networks")
+	c.Assert(networks, checker.Not(checker.Contains), "test", check.Commentf("Should not contain 'test' network"))
+
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkConnectPreferredIP(c *check.C) {
+	// create two networks
+	dockerCmd(c, "network", "create", "--ipv6", "--subnet=172.28.0.0/16", "--subnet=2001:db8:1234::/64", "n0")
+	assertNwIsAvailable(c, "n0")
+
+	dockerCmd(c, "network", "create", "--ipv6", "--subnet=172.30.0.0/16", "--ip-range=172.30.5.0/24", "--subnet=2001:db8:abcd::/64", "--ip-range=2001:db8:abcd::/80", "n1")
+	assertNwIsAvailable(c, "n1")
+
+	// run a container on first network specifying the ip addresses
+	dockerCmd(c, "run", "-d", "--name", "c0", "--net=n0", "--ip", "172.28.99.88", "--ip6", "2001:db8:1234::9988", "busybox", "top")
+	c.Assert(waitRun("c0"), check.IsNil)
+	verifyIPAddressConfig(c, "c0", "n0", "172.28.99.88", "2001:db8:1234::9988")
+	verifyIPAddresses(c, "c0", "n0", "172.28.99.88", "2001:db8:1234::9988")
+
+	// connect the container to the second network specifying an ip addresses
+	dockerCmd(c, "network", "connect", "--ip", "172.30.55.44", "--ip6", "2001:db8:abcd::5544", "n1", "c0")
+	verifyIPAddressConfig(c, "c0", "n1", "172.30.55.44", "2001:db8:abcd::5544")
+	verifyIPAddresses(c, "c0", "n1", "172.30.55.44", "2001:db8:abcd::5544")
+
+	// Stop and restart the container
+	dockerCmd(c, "stop", "c0")
+	dockerCmd(c, "start", "c0")
+
+	// verify requested addresses are applied and configs are still there
+	verifyIPAddressConfig(c, "c0", "n0", "172.28.99.88", "2001:db8:1234::9988")
+	verifyIPAddresses(c, "c0", "n0", "172.28.99.88", "2001:db8:1234::9988")
+	verifyIPAddressConfig(c, "c0", "n1", "172.30.55.44", "2001:db8:abcd::5544")
+	verifyIPAddresses(c, "c0", "n1", "172.30.55.44", "2001:db8:abcd::5544")
+
+	// Still it should fail to connect to the default network with a specified IP (whatever ip)
+	out, _, err := dockerCmdWithError("network", "connect", "--ip", "172.21.55.44", "bridge", "c0")
+	c.Assert(err, checker.NotNil, check.Commentf("out: %s", out))
+	c.Assert(out, checker.Contains, runconfig.ErrUnsupportedNetworkAndIP.Error())
+
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkConnectPreferredIPStoppedContainer(c *check.C) {
+	// create a container
+	dockerCmd(c, "create", "--name", "c0", "busybox", "top")
+
+	// create a network
+	dockerCmd(c, "network", "create", "--ipv6", "--subnet=172.30.0.0/16", "--subnet=2001:db8:abcd::/64", "n0")
+	assertNwIsAvailable(c, "n0")
+
+	// connect the container to the network specifying an ip addresses
+	dockerCmd(c, "network", "connect", "--ip", "172.30.55.44", "--ip6", "2001:db8:abcd::5544", "n0", "c0")
+	verifyIPAddressConfig(c, "c0", "n0", "172.30.55.44", "2001:db8:abcd::5544")
+
+	// start the container, verify config has not changed and ip addresses are assigned
+	dockerCmd(c, "start", "c0")
+	c.Assert(waitRun("c0"), check.IsNil)
+	verifyIPAddressConfig(c, "c0", "n0", "172.30.55.44", "2001:db8:abcd::5544")
+	verifyIPAddresses(c, "c0", "n0", "172.30.55.44", "2001:db8:abcd::5544")
+
+	// stop the container and check ip config has not changed
+	dockerCmd(c, "stop", "c0")
+	verifyIPAddressConfig(c, "c0", "n0", "172.30.55.44", "2001:db8:abcd::5544")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkUnsupportedRequiredIP(c *check.C) {
+	// requested IP is not supported on predefined networks
+	for _, mode := range []string{"none", "host", "bridge", "default"} {
+		checkUnsupportedNetworkAndIP(c, mode)
+	}
+
+	// requested IP is not supported on networks with no user defined subnets
+	dockerCmd(c, "network", "create", "n0")
+	assertNwIsAvailable(c, "n0")
+
+	out, _, err := dockerCmdWithError("run", "-d", "--ip", "172.28.99.88", "--net", "n0", "busybox", "top")
+	c.Assert(err, checker.NotNil, check.Commentf("out: %s", out))
+	c.Assert(out, checker.Contains, runconfig.ErrUnsupportedNetworkNoSubnetAndIP.Error())
+
+	out, _, err = dockerCmdWithError("run", "-d", "--ip6", "2001:db8:1234::9988", "--net", "n0", "busybox", "top")
+	c.Assert(err, checker.NotNil, check.Commentf("out: %s", out))
+	c.Assert(out, checker.Contains, runconfig.ErrUnsupportedNetworkNoSubnetAndIP.Error())
+
+	dockerCmd(c, "network", "rm", "n0")
+	assertNwNotAvailable(c, "n0")
+}
+
+func checkUnsupportedNetworkAndIP(c *check.C, nwMode string) {
+	out, _, err := dockerCmdWithError("run", "-d", "--net", nwMode, "--ip", "172.28.99.88", "--ip6", "2001:db8:1234::9988", "busybox", "top")
+	c.Assert(err, checker.NotNil, check.Commentf("out: %s", out))
+	c.Assert(out, checker.Contains, runconfig.ErrUnsupportedNetworkAndIP.Error())
+}
+
+func verifyIPAddressConfig(c *check.C, cName, nwname, ipv4, ipv6 string) {
+	if ipv4 != "" {
+		out := inspectField(c, cName, fmt.Sprintf("NetworkSettings.Networks.%s.IPAMConfig.IPv4Address", nwname))
+		c.Assert(strings.TrimSpace(out), check.Equals, ipv4)
+	}
+
+	if ipv6 != "" {
+		out := inspectField(c, cName, fmt.Sprintf("NetworkSettings.Networks.%s.IPAMConfig.IPv6Address", nwname))
+		c.Assert(strings.TrimSpace(out), check.Equals, ipv6)
+	}
+}
+
+func verifyIPAddresses(c *check.C, cName, nwname, ipv4, ipv6 string) {
+	out := inspectField(c, cName, fmt.Sprintf("NetworkSettings.Networks.%s.IPAddress", nwname))
+	c.Assert(strings.TrimSpace(out), check.Equals, ipv4)
+
+	out = inspectField(c, cName, fmt.Sprintf("NetworkSettings.Networks.%s.GlobalIPv6Address", nwname))
+	c.Assert(strings.TrimSpace(out), check.Equals, ipv6)
+}
+
+func (s *DockerSuite) TestUserDefinedNetworkConnectDisconnectLink(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace, NotArm)
+	dockerCmd(c, "network", "create", "-d", "bridge", "foo1")
+	dockerCmd(c, "network", "create", "-d", "bridge", "foo2")
+
+	dockerCmd(c, "run", "-d", "--net=foo1", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+
+	// run a container in a user-defined network with a link for an existing container
+	// and a link for a container that doesn't exist
+	dockerCmd(c, "run", "-d", "--net=foo1", "--name=second", "--link=first:FirstInFoo1",
+		"--link=third:bar", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+
+	// ping to first and its alias FirstInFoo1 must succeed
+	_, _, err := dockerCmdWithError("exec", "second", "ping", "-c", "1", "first")
+	c.Assert(err, check.IsNil)
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "FirstInFoo1")
+	c.Assert(err, check.IsNil)
+
+	// connect first container to foo2 network
+	dockerCmd(c, "network", "connect", "foo2", "first")
+	// connect second container to foo2 network with a different alias for first container
+	dockerCmd(c, "network", "connect", "--link=first:FirstInFoo2", "foo2", "second")
+
+	// ping the new alias in network foo2
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "FirstInFoo2")
+	c.Assert(err, check.IsNil)
+
+	// disconnect first container from foo1 network
+	dockerCmd(c, "network", "disconnect", "foo1", "first")
+
+	// link in foo1 network must fail
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "FirstInFoo1")
+	c.Assert(err, check.NotNil)
+
+	// link in foo2 network must succeed
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "FirstInFoo2")
+	c.Assert(err, check.IsNil)
+}
+
+// #19100 This is a deprecated feature test, it should be removed in Docker 1.12
+func (s *DockerNetworkSuite) TestDockerNetworkStartAPIWithHostconfig(c *check.C) {
+	netName := "test"
+	conName := "foo"
+	dockerCmd(c, "network", "create", netName)
+	dockerCmd(c, "create", "--name", conName, "busybox", "top")
+
+	config := map[string]interface{}{
+		"HostConfig": map[string]interface{}{
+			"NetworkMode": netName,
+		},
+	}
+	_, _, err := sockRequest("POST", "/containers/"+conName+"/start", config)
+	c.Assert(err, checker.IsNil)
+	c.Assert(waitRun(conName), checker.IsNil)
+	networks := inspectField(c, conName, "NetworkSettings.Networks")
+	c.Assert(networks, checker.Contains, netName, check.Commentf(fmt.Sprintf("Should contain '%s' network", netName)))
+	c.Assert(networks, checker.Not(checker.Contains), "bridge", check.Commentf("Should not contain 'bridge' network"))
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkDisconnectDefault(c *check.C) {
+	netWorkName1 := "test1"
+	netWorkName2 := "test2"
+	containerName := "foo"
+
+	dockerCmd(c, "network", "create", netWorkName1)
+	dockerCmd(c, "network", "create", netWorkName2)
+	dockerCmd(c, "create", "--name", containerName, "busybox", "top")
+	dockerCmd(c, "network", "connect", netWorkName1, containerName)
+	dockerCmd(c, "network", "connect", netWorkName2, containerName)
+	dockerCmd(c, "network", "disconnect", "bridge", containerName)
+
+	dockerCmd(c, "start", containerName)
+	c.Assert(waitRun(containerName), checker.IsNil)
+	networks := inspectField(c, containerName, "NetworkSettings.Networks")
+	c.Assert(networks, checker.Contains, netWorkName1, check.Commentf(fmt.Sprintf("Should contain '%s' network", netWorkName1)))
+	c.Assert(networks, checker.Contains, netWorkName2, check.Commentf(fmt.Sprintf("Should contain '%s' network", netWorkName2)))
+	c.Assert(networks, checker.Not(checker.Contains), "bridge", check.Commentf("Should not contain 'bridge' network"))
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkConnectWithAliasOnDefaultNetworks(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace, NotArm)
+
+	defaults := []string{"bridge", "host", "none"}
+	out, _ := dockerCmd(c, "run", "-d", "--net=none", "busybox", "top")
+	containerID := strings.TrimSpace(out)
+	for _, net := range defaults {
+		res, _, err := dockerCmdWithError("network", "connect", "--alias", "alias"+net, net, containerID)
+		c.Assert(err, checker.NotNil)
+		c.Assert(res, checker.Contains, runconfig.ErrUnsupportedNetworkAndAlias.Error())
+	}
+}
+
+func (s *DockerSuite) TestUserDefinedNetworkConnectDisconnectAlias(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace, NotArm)
+	dockerCmd(c, "network", "create", "-d", "bridge", "net1")
+	dockerCmd(c, "network", "create", "-d", "bridge", "net2")
+
+	dockerCmd(c, "run", "-d", "--net=net1", "--name=first", "--net-alias=foo", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+
+	dockerCmd(c, "run", "-d", "--net=net1", "--name=second", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+
+	// ping first container and its alias
+	_, _, err := dockerCmdWithError("exec", "second", "ping", "-c", "1", "first")
+	c.Assert(err, check.IsNil)
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "foo")
+	c.Assert(err, check.IsNil)
+
+	// connect first container to net2 network
+	dockerCmd(c, "network", "connect", "--alias=bar", "net2", "first")
+	// connect second container to foo2 network with a different alias for first container
+	dockerCmd(c, "network", "connect", "net2", "second")
+
+	// ping the new alias in network foo2
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "bar")
+	c.Assert(err, check.IsNil)
+
+	// disconnect first container from net1 network
+	dockerCmd(c, "network", "disconnect", "net1", "first")
+
+	// ping to net1 scoped alias "foo" must fail
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "foo")
+	c.Assert(err, check.NotNil)
+
+	// ping to net2 scoped alias "bar" must still succeed
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "bar")
+	c.Assert(err, check.IsNil)
+
+	// verify the alias option is rejected when running on predefined network
+	out, _, err := dockerCmdWithError("run", "--rm", "--name=any", "--net-alias=any", "busybox", "top")
+	c.Assert(err, checker.NotNil, check.Commentf("out: %s", out))
+	c.Assert(out, checker.Contains, runconfig.ErrUnsupportedNetworkAndAlias.Error())
+
+	// verify the alias option is rejected when connecting to predefined network
+	out, _, err = dockerCmdWithError("network", "connect", "--alias=any", "bridge", "first")
+	c.Assert(err, checker.NotNil, check.Commentf("out: %s", out))
+	c.Assert(out, checker.Contains, runconfig.ErrUnsupportedNetworkAndAlias.Error())
+}
+
+func (s *DockerSuite) TestUserDefinedNetworkConnectivity(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	dockerCmd(c, "network", "create", "-d", "bridge", "br.net1")
+
+	dockerCmd(c, "run", "-d", "--net=br.net1", "--name=c1.net1", "busybox", "top")
+	c.Assert(waitRun("c1.net1"), check.IsNil)
+
+	dockerCmd(c, "run", "-d", "--net=br.net1", "--name=c2.net1", "busybox", "top")
+	c.Assert(waitRun("c2.net1"), check.IsNil)
+
+	// ping first container by its unqualified name
+	_, _, err := dockerCmdWithError("exec", "c2.net1", "ping", "-c", "1", "c1.net1")
+	c.Assert(err, check.IsNil)
+
+	// ping first container by its qualified name
+	_, _, err = dockerCmdWithError("exec", "c2.net1", "ping", "-c", "1", "c1.net1.br.net1")
+	c.Assert(err, check.IsNil)
+
+	// ping with first qualified name masked by an additional domain. should fail
+	_, _, err = dockerCmdWithError("exec", "c2.net1", "ping", "-c", "1", "c1.net1.br.net1.google.com")
+	c.Assert(err, check.NotNil)
+}
+
+func (s *DockerSuite) TestEmbeddedDNSInvalidInput(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	dockerCmd(c, "network", "create", "-d", "bridge", "nw1")
+
+	// Sending garbage to embedded DNS shouldn't crash the daemon
+	dockerCmd(c, "run", "-i", "--net=nw1", "--name=c1", "debian:jessie", "bash", "-c", "echo InvalidQuery > /dev/udp/127.0.0.11/53")
+}
+
+func (s *DockerSuite) TestDockerNetworkConnectFailsNoInspectChange(c *check.C) {
+	dockerCmd(c, "run", "-d", "--name=bb", "busybox", "top")
+	c.Assert(waitRun("bb"), check.IsNil)
+
+	ns0 := inspectField(c, "bb", "NetworkSettings.Networks.bridge")
+
+	// A failing redundant network connect should not alter current container's endpoint settings
+	_, _, err := dockerCmdWithError("network", "connect", "bridge", "bb")
+	c.Assert(err, check.NotNil)
+
+	ns1 := inspectField(c, "bb", "NetworkSettings.Networks.bridge")
+	c.Assert(ns1, check.Equals, ns0)
+}
+
+func (s *DockerSuite) TestDockerNetworkInternalMode(c *check.C) {
+	dockerCmd(c, "network", "create", "--driver=bridge", "--internal", "internal")
+	assertNwIsAvailable(c, "internal")
+	nr := getNetworkResource(c, "internal")
+	c.Assert(nr.Internal, checker.True)
+
+	dockerCmd(c, "run", "-d", "--net=internal", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+	dockerCmd(c, "run", "-d", "--net=internal", "--name=second", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+	out, _, err := dockerCmdWithError("exec", "first", "ping", "-W", "4", "-c", "1", "www.google.com")
+	c.Assert(err, check.NotNil)
+	c.Assert(out, checker.Contains, "ping: bad address")
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "first")
+	c.Assert(err, check.IsNil)
+}
+
+// Test for #21401
+func (s *DockerNetworkSuite) TestDockerNetworkCreateDeleteSpecialCharacters(c *check.C) {
+	dockerCmd(c, "network", "create", "test@#$")
+	assertNwIsAvailable(c, "test@#$")
+	dockerCmd(c, "network", "rm", "test@#$")
+	assertNwNotAvailable(c, "test@#$")
+
+	dockerCmd(c, "network", "create", "kiwl$%^")
+	assertNwIsAvailable(c, "kiwl$%^")
+	dockerCmd(c, "network", "rm", "kiwl$%^")
+	assertNwNotAvailable(c, "kiwl$%^")
+}
diff --git a/integration-cli/docker_cli_oom_killed_test.go b/integration-cli/docker_cli_oom_killed_test.go
new file mode 100644
index 00000000..ff77f572
--- /dev/null
+++ b/integration-cli/docker_cli_oom_killed_test.go
@@ -0,0 +1,30 @@
+// +build !windows
+
+package main
+
+import (
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestInspectOomKilledTrue(c *check.C) {
+	testRequires(c, DaemonIsLinux, memoryLimitSupport)
+
+	name := "testoomkilled"
+	_, exitCode, _ := dockerCmdWithError("run", "--name", name, "--memory", "32MB", "busybox", "sh", "-c", "x=a; while true; do x=$x$x$x$x; done")
+
+	c.Assert(exitCode, checker.Equals, 137, check.Commentf("OOM exit should be 137"))
+
+	oomKilled := inspectField(c, name, "State.OOMKilled")
+	c.Assert(oomKilled, checker.Equals, "true")
+}
+
+func (s *DockerSuite) TestInspectOomKilledFalse(c *check.C) {
+	testRequires(c, DaemonIsLinux, memoryLimitSupport)
+
+	name := "testoomkilled"
+	dockerCmd(c, "run", "--name", name, "--memory", "32MB", "busybox", "sh", "-c", "echo hello world")
+
+	oomKilled := inspectField(c, name, "State.OOMKilled")
+	c.Assert(oomKilled, checker.Equals, "false")
+}
diff --git a/integration-cli/docker_cli_pause_test.go b/integration-cli/docker_cli_pause_test.go
new file mode 100644
index 00000000..a42c2f54
--- /dev/null
+++ b/integration-cli/docker_cli_pause_test.go
@@ -0,0 +1,67 @@
+package main
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestPause(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	defer unpauseAllContainers()
+
+	name := "testeventpause"
+	dockerCmd(c, "run", "-d", "--name", name, "busybox", "top")
+
+	dockerCmd(c, "pause", name)
+	pausedContainers, err := getSliceOfPausedContainers()
+	c.Assert(err, checker.IsNil)
+	c.Assert(len(pausedContainers), checker.Equals, 1)
+
+	dockerCmd(c, "unpause", name)
+
+	out, _ := dockerCmd(c, "events", "--since=0", fmt.Sprintf("--until=%d", daemonTime(c).Unix()))
+	events := strings.Split(strings.TrimSpace(out), "\n")
+	actions := eventActionsByIDAndType(c, events, name, "container")
+
+	c.Assert(actions[len(actions)-2], checker.Equals, "pause")
+	c.Assert(actions[len(actions)-1], checker.Equals, "unpause")
+}
+
+func (s *DockerSuite) TestPauseMultipleContainers(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	defer unpauseAllContainers()
+
+	containers := []string{
+		"testpausewithmorecontainers1",
+		"testpausewithmorecontainers2",
+	}
+	for _, name := range containers {
+		dockerCmd(c, "run", "-d", "--name", name, "busybox", "top")
+	}
+	dockerCmd(c, append([]string{"pause"}, containers...)...)
+	pausedContainers, err := getSliceOfPausedContainers()
+	c.Assert(err, checker.IsNil)
+	c.Assert(len(pausedContainers), checker.Equals, len(containers))
+
+	dockerCmd(c, append([]string{"unpause"}, containers...)...)
+
+	out, _ := dockerCmd(c, "events", "--since=0", fmt.Sprintf("--until=%d", daemonTime(c).Unix()))
+	events := strings.Split(strings.TrimSpace(out), "\n")
+
+	for _, name := range containers {
+		actions := eventActionsByIDAndType(c, events, name, "container")
+
+		c.Assert(actions[len(actions)-2], checker.Equals, "pause")
+		c.Assert(actions[len(actions)-1], checker.Equals, "unpause")
+	}
+}
+
+func (s *DockerSuite) TestPauseFailsOnWindows(c *check.C) {
+	testRequires(c, DaemonIsWindows)
+	dockerCmd(c, "run", "-d", "--name=test", "busybox", "sleep 3")
+	out, _, _ := dockerCmdWithError("pause", "test")
+	c.Assert(out, checker.Contains, "Windows: Containers cannot be paused")
+}
diff --git a/integration-cli/docker_cli_port_test.go b/integration-cli/docker_cli_port_test.go
new file mode 100644
index 00000000..80b00fe9
--- /dev/null
+++ b/integration-cli/docker_cli_port_test.go
@@ -0,0 +1,319 @@
+package main
+
+import (
+	"fmt"
+	"net"
+	"regexp"
+	"sort"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestPortList(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	// one port
+	out, _ := dockerCmd(c, "run", "-d", "-p", "9876:80", "busybox", "top")
+	firstID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "port", firstID, "80")
+
+	err := assertPortList(c, out, []string{"0.0.0.0:9876"})
+	// Port list is not correct
+	c.Assert(err, checker.IsNil)
+
+	out, _ = dockerCmd(c, "port", firstID)
+
+	err = assertPortList(c, out, []string{"80/tcp -> 0.0.0.0:9876"})
+	// Port list is not correct
+	c.Assert(err, checker.IsNil)
+
+	dockerCmd(c, "rm", "-f", firstID)
+
+	// three port
+	out, _ = dockerCmd(c, "run", "-d",
+		"-p", "9876:80",
+		"-p", "9877:81",
+		"-p", "9878:82",
+		"busybox", "top")
+	ID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "port", ID, "80")
+
+	err = assertPortList(c, out, []string{"0.0.0.0:9876"})
+	// Port list is not correct
+	c.Assert(err, checker.IsNil)
+
+	out, _ = dockerCmd(c, "port", ID)
+
+	err = assertPortList(c, out, []string{
+		"80/tcp -> 0.0.0.0:9876",
+		"81/tcp -> 0.0.0.0:9877",
+		"82/tcp -> 0.0.0.0:9878"})
+	// Port list is not correct
+	c.Assert(err, checker.IsNil)
+
+	dockerCmd(c, "rm", "-f", ID)
+
+	// more and one port mapped to the same container port
+	out, _ = dockerCmd(c, "run", "-d",
+		"-p", "9876:80",
+		"-p", "9999:80",
+		"-p", "9877:81",
+		"-p", "9878:82",
+		"busybox", "top")
+	ID = strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "port", ID, "80")
+
+	err = assertPortList(c, out, []string{"0.0.0.0:9876", "0.0.0.0:9999"})
+	// Port list is not correct
+	c.Assert(err, checker.IsNil)
+
+	out, _ = dockerCmd(c, "port", ID)
+
+	err = assertPortList(c, out, []string{
+		"80/tcp -> 0.0.0.0:9876",
+		"80/tcp -> 0.0.0.0:9999",
+		"81/tcp -> 0.0.0.0:9877",
+		"82/tcp -> 0.0.0.0:9878"})
+	// Port list is not correct
+	c.Assert(err, checker.IsNil)
+	dockerCmd(c, "rm", "-f", ID)
+
+	testRange := func() {
+		// host port ranges used
+		IDs := make([]string, 3)
+		for i := 0; i < 3; i++ {
+			out, _ = dockerCmd(c, "run", "-d",
+				"-p", "9090-9092:80",
+				"busybox", "top")
+			IDs[i] = strings.TrimSpace(out)
+
+			out, _ = dockerCmd(c, "port", IDs[i])
+
+			err = assertPortList(c, out, []string{fmt.Sprintf("80/tcp -> 0.0.0.0:%d", 9090+i)})
+			// Port list is not correct
+			c.Assert(err, checker.IsNil)
+		}
+
+		// test port range exhaustion
+		out, _, err = dockerCmdWithError("run", "-d",
+			"-p", "9090-9092:80",
+			"busybox", "top")
+		// Exhausted port range did not return an error
+		c.Assert(err, checker.NotNil, check.Commentf("out: %s", out))
+
+		for i := 0; i < 3; i++ {
+			dockerCmd(c, "rm", "-f", IDs[i])
+		}
+	}
+	testRange()
+	// Verify we ran re-use port ranges after they are no longer in use.
+	testRange()
+
+	// test invalid port ranges
+	for _, invalidRange := range []string{"9090-9089:80", "9090-:80", "-9090:80"} {
+		out, _, err = dockerCmdWithError("run", "-d",
+			"-p", invalidRange,
+			"busybox", "top")
+		// Port range should have returned an error
+		c.Assert(err, checker.NotNil, check.Commentf("out: %s", out))
+	}
+
+	// test host range:container range spec.
+	out, _ = dockerCmd(c, "run", "-d",
+		"-p", "9800-9803:80-83",
+		"busybox", "top")
+	ID = strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "port", ID)
+
+	err = assertPortList(c, out, []string{
+		"80/tcp -> 0.0.0.0:9800",
+		"81/tcp -> 0.0.0.0:9801",
+		"82/tcp -> 0.0.0.0:9802",
+		"83/tcp -> 0.0.0.0:9803"})
+	// Port list is not correct
+	c.Assert(err, checker.IsNil)
+	dockerCmd(c, "rm", "-f", ID)
+
+	// test mixing protocols in same port range
+	out, _ = dockerCmd(c, "run", "-d",
+		"-p", "8000-8080:80",
+		"-p", "8000-8080:80/udp",
+		"busybox", "top")
+	ID = strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "port", ID)
+
+	err = assertPortList(c, out, []string{
+		"80/tcp -> 0.0.0.0:8000",
+		"80/udp -> 0.0.0.0:8000"})
+	// Port list is not correct
+	c.Assert(err, checker.IsNil)
+	dockerCmd(c, "rm", "-f", ID)
+}
+
+func assertPortList(c *check.C, out string, expected []string) error {
+	lines := strings.Split(strings.Trim(out, "\n "), "\n")
+	if len(lines) != len(expected) {
+		return fmt.Errorf("different size lists %s, %d, %d", out, len(lines), len(expected))
+	}
+	sort.Strings(lines)
+	sort.Strings(expected)
+
+	for i := 0; i < len(expected); i++ {
+		if lines[i] != expected[i] {
+			return fmt.Errorf("|" + lines[i] + "!=" + expected[i] + "|")
+		}
+	}
+
+	return nil
+}
+
+func stopRemoveContainer(id string, c *check.C) {
+	dockerCmd(c, "rm", "-f", id)
+}
+
+func (s *DockerSuite) TestUnpublishedPortsInPsOutput(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	// Run busybox with command line expose (equivalent to EXPOSE in image's Dockerfile) for the following ports
+	port1 := 80
+	port2 := 443
+	expose1 := fmt.Sprintf("--expose=%d", port1)
+	expose2 := fmt.Sprintf("--expose=%d", port2)
+	dockerCmd(c, "run", "-d", expose1, expose2, "busybox", "sleep", "5")
+
+	// Check docker ps o/p for last created container reports the unpublished ports
+	unpPort1 := fmt.Sprintf("%d/tcp", port1)
+	unpPort2 := fmt.Sprintf("%d/tcp", port2)
+	out, _ := dockerCmd(c, "ps", "-n=1")
+	// Missing unpublished ports in docker ps output
+	c.Assert(out, checker.Contains, unpPort1)
+	// Missing unpublished ports in docker ps output
+	c.Assert(out, checker.Contains, unpPort2)
+
+	// Run the container forcing to publish the exposed ports
+	dockerCmd(c, "run", "-d", "-P", expose1, expose2, "busybox", "sleep", "5")
+
+	// Check docker ps o/p for last created container reports the exposed ports in the port bindings
+	expBndRegx1 := regexp.MustCompile(`0.0.0.0:\d\d\d\d\d->` + unpPort1)
+	expBndRegx2 := regexp.MustCompile(`0.0.0.0:\d\d\d\d\d->` + unpPort2)
+	out, _ = dockerCmd(c, "ps", "-n=1")
+	// Cannot find expected port binding port (0.0.0.0:xxxxx->unpPort1) in docker ps output
+	c.Assert(expBndRegx1.MatchString(out), checker.Equals, true, check.Commentf("out: %s; unpPort1: %s", out, unpPort1))
+	// Cannot find expected port binding port (0.0.0.0:xxxxx->unpPort2) in docker ps output
+	c.Assert(expBndRegx2.MatchString(out), checker.Equals, true, check.Commentf("out: %s; unpPort2: %s", out, unpPort2))
+
+	// Run the container specifying explicit port bindings for the exposed ports
+	offset := 10000
+	pFlag1 := fmt.Sprintf("%d:%d", offset+port1, port1)
+	pFlag2 := fmt.Sprintf("%d:%d", offset+port2, port2)
+	out, _ = dockerCmd(c, "run", "-d", "-p", pFlag1, "-p", pFlag2, expose1, expose2, "busybox", "sleep", "5")
+	id := strings.TrimSpace(out)
+
+	// Check docker ps o/p for last created container reports the specified port mappings
+	expBnd1 := fmt.Sprintf("0.0.0.0:%d->%s", offset+port1, unpPort1)
+	expBnd2 := fmt.Sprintf("0.0.0.0:%d->%s", offset+port2, unpPort2)
+	out, _ = dockerCmd(c, "ps", "-n=1")
+	// Cannot find expected port binding (expBnd1) in docker ps output
+	c.Assert(out, checker.Contains, expBnd1)
+	// Cannot find expected port binding (expBnd2) in docker ps output
+	c.Assert(out, checker.Contains, expBnd2)
+
+	// Remove container now otherwise it will interfere with next test
+	stopRemoveContainer(id, c)
+
+	// Run the container with explicit port bindings and no exposed ports
+	out, _ = dockerCmd(c, "run", "-d", "-p", pFlag1, "-p", pFlag2, "busybox", "sleep", "5")
+	id = strings.TrimSpace(out)
+
+	// Check docker ps o/p for last created container reports the specified port mappings
+	out, _ = dockerCmd(c, "ps", "-n=1")
+	// Cannot find expected port binding (expBnd1) in docker ps output
+	c.Assert(out, checker.Contains, expBnd1)
+	// Cannot find expected port binding (expBnd2) in docker ps output
+	c.Assert(out, checker.Contains, expBnd2)
+	// Remove container now otherwise it will interfere with next test
+	stopRemoveContainer(id, c)
+
+	// Run the container with one unpublished exposed port and one explicit port binding
+	dockerCmd(c, "run", "-d", expose1, "-p", pFlag2, "busybox", "sleep", "5")
+
+	// Check docker ps o/p for last created container reports the specified unpublished port and port mapping
+	out, _ = dockerCmd(c, "ps", "-n=1")
+	// Missing unpublished exposed ports (unpPort1) in docker ps output
+	c.Assert(out, checker.Contains, unpPort1)
+	// Missing port binding (expBnd2) in docker ps output
+	c.Assert(out, checker.Contains, expBnd2)
+}
+
+func (s *DockerSuite) TestPortHostBinding(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	out, _ := dockerCmd(c, "run", "-d", "-p", "9876:80", "busybox",
+		"nc", "-l", "-p", "80")
+	firstID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "port", firstID, "80")
+
+	err := assertPortList(c, out, []string{"0.0.0.0:9876"})
+	// Port list is not correct
+	c.Assert(err, checker.IsNil)
+
+	dockerCmd(c, "run", "--net=host", "busybox",
+		"nc", "localhost", "9876")
+
+	dockerCmd(c, "rm", "-f", firstID)
+
+	out, _, err = dockerCmdWithError("run", "--net=host", "busybox", "nc", "localhost", "9876")
+	// Port is still bound after the Container is removed
+	c.Assert(err, checker.NotNil, check.Commentf("out: %s", out))
+}
+
+func (s *DockerSuite) TestPortExposeHostBinding(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	out, _ := dockerCmd(c, "run", "-d", "-P", "--expose", "80", "busybox",
+		"nc", "-l", "-p", "80")
+	firstID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "port", firstID, "80")
+
+	_, exposedPort, err := net.SplitHostPort(out)
+	c.Assert(err, checker.IsNil, check.Commentf("out: %s", out))
+
+	dockerCmd(c, "run", "--net=host", "busybox",
+		"nc", "localhost", strings.TrimSpace(exposedPort))
+
+	dockerCmd(c, "rm", "-f", firstID)
+
+	out, _, err = dockerCmdWithError("run", "--net=host", "busybox",
+		"nc", "localhost", strings.TrimSpace(exposedPort))
+	// Port is still bound after the Container is removed
+	c.Assert(err, checker.NotNil, check.Commentf("out: %s", out))
+}
+
+func (s *DockerSuite) TestPortBindingOnSandbox(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	dockerCmd(c, "network", "create", "--internal", "-d", "bridge", "internal-net")
+	nr := getNetworkResource(c, "internal-net")
+	c.Assert(nr.Internal, checker.Equals, true)
+
+	dockerCmd(c, "run", "--net", "internal-net", "-d", "--name", "c1",
+		"-p", "8080:8080", "busybox", "nc", "-l", "-p", "8080")
+	c.Assert(waitRun("c1"), check.IsNil)
+
+	_, _, err := dockerCmdWithError("run", "--net=host", "busybox", "nc", "localhost", "8080")
+	c.Assert(err, check.NotNil,
+		check.Commentf("Port mapping on internal network is expected to fail"))
+
+	// Connect container to another normal bridge network
+	dockerCmd(c, "network", "create", "-d", "bridge", "foo-net")
+	dockerCmd(c, "network", "connect", "foo-net", "c1")
+
+	_, _, err = dockerCmdWithError("run", "--net=host", "busybox", "nc", "localhost", "8080")
+	c.Assert(err, check.IsNil,
+		check.Commentf("Port mapping on the new network is expected to succeed"))
+
+}
diff --git a/integration-cli/docker_cli_proxy_test.go b/integration-cli/docker_cli_proxy_test.go
new file mode 100644
index 00000000..e5699ca5
--- /dev/null
+++ b/integration-cli/docker_cli_proxy_test.go
@@ -0,0 +1,53 @@
+package main
+
+import (
+	"net"
+	"os/exec"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestCliProxyDisableProxyUnixSock(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, SameHostDaemon) // test is valid when DOCKER_HOST=unix://..
+
+	cmd := exec.Command(dockerBinary, "info")
+	cmd.Env = appendBaseEnv(false, "HTTP_PROXY=http://127.0.0.1:9999")
+
+	out, _, err := runCommandWithOutput(cmd)
+	c.Assert(err, checker.IsNil, check.Commentf("%v", out))
+
+}
+
+// Can't use localhost here since go has a special case to not use proxy if connecting to localhost
+// See https://golang.org/pkg/net/http/#ProxyFromEnvironment
+func (s *DockerDaemonSuite) TestCliProxyProxyTCPSock(c *check.C) {
+	testRequires(c, SameHostDaemon)
+	// get the IP to use to connect since we can't use localhost
+	addrs, err := net.InterfaceAddrs()
+	c.Assert(err, checker.IsNil)
+	var ip string
+	for _, addr := range addrs {
+		sAddr := addr.String()
+		if !strings.Contains(sAddr, "127.0.0.1") {
+			addrArr := strings.Split(sAddr, "/")
+			ip = addrArr[0]
+			break
+		}
+	}
+
+	c.Assert(ip, checker.Not(checker.Equals), "")
+
+	err = s.d.Start("-H", "tcp://"+ip+":2375")
+	c.Assert(err, checker.IsNil)
+	cmd := exec.Command(dockerBinary, "info")
+	cmd.Env = []string{"DOCKER_HOST=tcp://" + ip + ":2375", "HTTP_PROXY=127.0.0.1:9999"}
+	out, _, err := runCommandWithOutput(cmd)
+	c.Assert(err, checker.NotNil, check.Commentf("%v", out))
+	// Test with no_proxy
+	cmd.Env = append(cmd.Env, "NO_PROXY="+ip)
+	out, _, err = runCommandWithOutput(exec.Command(dockerBinary, "info"))
+	c.Assert(err, checker.IsNil, check.Commentf("%v", out))
+}
diff --git a/integration-cli/docker_cli_ps_test.go b/integration-cli/docker_cli_ps_test.go
new file mode 100644
index 00000000..72650ff2
--- /dev/null
+++ b/integration-cli/docker_cli_ps_test.go
@@ -0,0 +1,852 @@
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"sort"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestPsListContainersBase(c *check.C) {
+	out, _ := runSleepingContainer(c, "-d")
+	firstID := strings.TrimSpace(out)
+
+	out, _ = runSleepingContainer(c, "-d")
+	secondID := strings.TrimSpace(out)
+
+	// not long running
+	out, _ = dockerCmd(c, "run", "-d", "busybox", "true")
+	thirdID := strings.TrimSpace(out)
+
+	out, _ = runSleepingContainer(c, "-d")
+	fourthID := strings.TrimSpace(out)
+
+	// make sure the second is running
+	c.Assert(waitRun(secondID), checker.IsNil)
+
+	// make sure third one is not running
+	dockerCmd(c, "wait", thirdID)
+
+	// make sure the forth is running
+	c.Assert(waitRun(fourthID), checker.IsNil)
+
+	// all
+	out, _ = dockerCmd(c, "ps", "-a")
+	c.Assert(assertContainerList(out, []string{fourthID, thirdID, secondID, firstID}), checker.Equals, true, check.Commentf("ALL: Container list is not in the correct order: \n%s", out))
+
+	// running
+	out, _ = dockerCmd(c, "ps")
+	c.Assert(assertContainerList(out, []string{fourthID, secondID, firstID}), checker.Equals, true, check.Commentf("RUNNING: Container list is not in the correct order: \n%s", out))
+
+	// limit
+	out, _ = dockerCmd(c, "ps", "-n=2", "-a")
+	expected := []string{fourthID, thirdID}
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("LIMIT & ALL: Container list is not in the correct order: \n%s", out))
+
+	out, _ = dockerCmd(c, "ps", "-n=2")
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("LIMIT: Container list is not in the correct order: \n%s", out))
+
+	// filter since
+	out, _ = dockerCmd(c, "ps", "-f", "since="+firstID, "-a")
+	expected = []string{fourthID, thirdID, secondID}
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("SINCE filter & ALL: Container list is not in the correct order: \n%s", out))
+
+	out, _ = dockerCmd(c, "ps", "-f", "since="+firstID)
+	expected = []string{fourthID, secondID}
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("SINCE filter: Container list is not in the correct order: \n%s", out))
+
+	out, _ = dockerCmd(c, "ps", "-f", "since="+thirdID)
+	expected = []string{fourthID}
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("SINCE filter: Container list is not in the correct order: \n%s", out))
+
+	// filter before
+	out, _ = dockerCmd(c, "ps", "-f", "before="+fourthID, "-a")
+	expected = []string{thirdID, secondID, firstID}
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("BEFORE filter & ALL: Container list is not in the correct order: \n%s", out))
+
+	out, _ = dockerCmd(c, "ps", "-f", "before="+fourthID)
+	expected = []string{secondID, firstID}
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("BEFORE filter: Container list is not in the correct order: \n%s", out))
+
+	out, _ = dockerCmd(c, "ps", "-f", "before="+thirdID)
+	expected = []string{secondID, firstID}
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("SINCE filter: Container list is not in the correct order: \n%s", out))
+
+	// filter since & before
+	out, _ = dockerCmd(c, "ps", "-f", "since="+firstID, "-f", "before="+fourthID, "-a")
+	expected = []string{thirdID, secondID}
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("SINCE filter, BEFORE filter & ALL: Container list is not in the correct order: \n%s", out))
+
+	out, _ = dockerCmd(c, "ps", "-f", "since="+firstID, "-f", "before="+fourthID)
+	expected = []string{secondID}
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("SINCE filter, BEFORE filter: Container list is not in the correct order: \n%s", out))
+
+	// filter since & limit
+	out, _ = dockerCmd(c, "ps", "-f", "since="+firstID, "-n=2", "-a")
+	expected = []string{fourthID, thirdID}
+
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("SINCE filter, LIMIT & ALL: Container list is not in the correct order: \n%s", out))
+
+	out, _ = dockerCmd(c, "ps", "-f", "since="+firstID, "-n=2")
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("SINCE filter, LIMIT: Container list is not in the correct order: \n%s", out))
+
+	// filter before & limit
+	out, _ = dockerCmd(c, "ps", "-f", "before="+fourthID, "-n=1", "-a")
+	expected = []string{thirdID}
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("BEFORE filter, LIMIT & ALL: Container list is not in the correct order: \n%s", out))
+
+	out, _ = dockerCmd(c, "ps", "-f", "before="+fourthID, "-n=1")
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("BEFORE filter, LIMIT: Container list is not in the correct order: \n%s", out))
+
+	// filter since & filter before & limit
+	out, _ = dockerCmd(c, "ps", "-f", "since="+firstID, "-f", "before="+fourthID, "-n=1", "-a")
+	expected = []string{thirdID}
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("SINCE filter, BEFORE filter, LIMIT & ALL: Container list is not in the correct order: \n%s", out))
+
+	out, _ = dockerCmd(c, "ps", "-f", "since="+firstID, "-f", "before="+fourthID, "-n=1")
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("SINCE filter, BEFORE filter, LIMIT: Container list is not in the correct order: \n%s", out))
+
+}
+
+// FIXME remove this for 1.12 as --since and --before are deprecated
+func (s *DockerSuite) TestPsListContainersDeprecatedSinceAndBefore(c *check.C) {
+	out, _ := runSleepingContainer(c, "-d")
+	firstID := strings.TrimSpace(out)
+
+	out, _ = runSleepingContainer(c, "-d")
+	secondID := strings.TrimSpace(out)
+
+	// not long running
+	out, _ = dockerCmd(c, "run", "-d", "busybox", "true")
+	thirdID := strings.TrimSpace(out)
+
+	out, _ = runSleepingContainer(c, "-d")
+	fourthID := strings.TrimSpace(out)
+
+	// make sure the second is running
+	c.Assert(waitRun(secondID), checker.IsNil)
+
+	// make sure third one is not running
+	dockerCmd(c, "wait", thirdID)
+
+	// make sure the forth is running
+	c.Assert(waitRun(fourthID), checker.IsNil)
+
+	// since
+	out, _ = dockerCmd(c, "ps", "--since="+firstID, "-a")
+	expected := []string{fourthID, thirdID, secondID}
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("SINCE & ALL: Container list is not in the correct order: %v \n%s", expected, out))
+
+	out, _ = dockerCmd(c, "ps", "--since="+firstID)
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("SINCE: Container list is not in the correct order: %v \n%s", expected, out))
+
+	// before
+	out, _ = dockerCmd(c, "ps", "--before="+thirdID, "-a")
+	expected = []string{secondID, firstID}
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("BEFORE & ALL: Container list is not in the correct order: %v \n%s", expected, out))
+
+	out, _ = dockerCmd(c, "ps", "--before="+thirdID)
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("BEFORE: Container list is not in the correct order: %v \n%s", expected, out))
+
+	// since & before
+	out, _ = dockerCmd(c, "ps", "--since="+firstID, "--before="+fourthID, "-a")
+	expected = []string{thirdID, secondID}
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("SINCE, BEFORE & ALL: Container list is not in the correct order: %v \n%s", expected, out))
+
+	out, _ = dockerCmd(c, "ps", "--since="+firstID, "--before="+fourthID)
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("SINCE, BEFORE: Container list is not in the correct order: %v \n%s", expected, out))
+
+	// since & limit
+	out, _ = dockerCmd(c, "ps", "--since="+firstID, "-n=2", "-a")
+	expected = []string{fourthID, thirdID}
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("SINCE, LIMIT & ALL: Container list is not in the correct order: %v \n%s", expected, out))
+
+	out, _ = dockerCmd(c, "ps", "--since="+firstID, "-n=2")
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("SINCE, LIMIT: Container list is not in the correct order: %v \n%s", expected, out))
+
+	// before & limit
+	out, _ = dockerCmd(c, "ps", "--before="+fourthID, "-n=1", "-a")
+	expected = []string{thirdID}
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("BEFORE, LIMIT & ALL: Container list is not in the correct order: %v \n%s", expected, out))
+
+	out, _ = dockerCmd(c, "ps", "--before="+fourthID, "-n=1")
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("BEFORE, LIMIT: Container list is not in the correct order: %v \n%s", expected, out))
+
+	// since & before & limit
+	out, _ = dockerCmd(c, "ps", "--since="+firstID, "--before="+fourthID, "-n=1", "-a")
+	expected = []string{thirdID}
+	c.Assert(assertContainerList(out, expected), checker.Equals, true, check.Commentf("SINCE, BEFORE, LIMIT & ALL: Container list is not in the correct order: %v \n%s", expected, out))
+
+}
+
+func assertContainerList(out string, expected []string) bool {
+	lines := strings.Split(strings.Trim(out, "\n "), "\n")
+	// FIXME remove this for 1.12 as --since and --before are deprecated
+	// This is here to remove potential Warning: lines (printed out with deprecated flags)
+	for i := 0; i < 2; i++ {
+		if strings.Contains(lines[0], "Warning:") {
+			lines = lines[1:]
+		}
+	}
+
+	if len(lines)-1 != len(expected) {
+		return false
+	}
+
+	containerIDIndex := strings.Index(lines[0], "CONTAINER ID")
+	for i := 0; i < len(expected); i++ {
+		foundID := lines[i+1][containerIDIndex : containerIDIndex+12]
+		if foundID != expected[i][:12] {
+			return false
+		}
+	}
+
+	return true
+}
+
+func (s *DockerSuite) TestPsListContainersInvalidFilterName(c *check.C) {
+	out, _, err := dockerCmdWithError("ps", "-f", "invalidFilter=test")
+	c.Assert(err, checker.NotNil)
+	c.Assert(out, checker.Contains, "Invalid filter")
+}
+
+func (s *DockerSuite) TestPsListContainersSize(c *check.C) {
+	// Problematic on Windows as it doesn't report the size correctly @swernli
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "-d", "busybox")
+
+	baseOut, _ := dockerCmd(c, "ps", "-s", "-n=1")
+	baseLines := strings.Split(strings.Trim(baseOut, "\n "), "\n")
+	baseSizeIndex := strings.Index(baseLines[0], "SIZE")
+	baseFoundsize := baseLines[1][baseSizeIndex:]
+	baseBytes, err := strconv.Atoi(strings.Split(baseFoundsize, " ")[0])
+	c.Assert(err, checker.IsNil)
+
+	name := "test_size"
+	dockerCmd(c, "run", "--name", name, "busybox", "sh", "-c", "echo 1 > test")
+	id, err := getIDByName(name)
+	c.Assert(err, checker.IsNil)
+
+	runCmd := exec.Command(dockerBinary, "ps", "-s", "-n=1")
+	var out string
+
+	wait := make(chan struct{})
+	go func() {
+		out, _, err = runCommandWithOutput(runCmd)
+		close(wait)
+	}()
+	select {
+	case <-wait:
+	case <-time.After(3 * time.Second):
+		c.Fatalf("Calling \"docker ps -s\" timed out!")
+	}
+	c.Assert(err, checker.IsNil)
+	lines := strings.Split(strings.Trim(out, "\n "), "\n")
+	c.Assert(lines, checker.HasLen, 2, check.Commentf("Expected 2 lines for 'ps -s -n=1' output, got %d", len(lines)))
+	sizeIndex := strings.Index(lines[0], "SIZE")
+	idIndex := strings.Index(lines[0], "CONTAINER ID")
+	foundID := lines[1][idIndex : idIndex+12]
+	c.Assert(foundID, checker.Equals, id[:12], check.Commentf("Expected id %s, got %s", id[:12], foundID))
+	expectedSize := fmt.Sprintf("%d B", (2 + baseBytes))
+	foundSize := lines[1][sizeIndex:]
+	c.Assert(foundSize, checker.Contains, expectedSize, check.Commentf("Expected size %q, got %q", expectedSize, foundSize))
+}
+
+func (s *DockerSuite) TestPsListContainersFilterStatus(c *check.C) {
+	// start exited container
+	out, _ := dockerCmd(c, "run", "-d", "busybox")
+	firstID := strings.TrimSpace(out)
+
+	// make sure the exited container is not running
+	dockerCmd(c, "wait", firstID)
+
+	// start running container
+	out, _ = dockerCmd(c, "run", "-itd", "busybox")
+	secondID := strings.TrimSpace(out)
+
+	// filter containers by exited
+	out, _ = dockerCmd(c, "ps", "--no-trunc", "-q", "--filter=status=exited")
+	containerOut := strings.TrimSpace(out)
+	c.Assert(containerOut, checker.Equals, firstID)
+
+	out, _ = dockerCmd(c, "ps", "-a", "--no-trunc", "-q", "--filter=status=running")
+	containerOut = strings.TrimSpace(out)
+	c.Assert(containerOut, checker.Equals, secondID)
+
+	out, _, _ = dockerCmdWithTimeout(time.Second*60, "ps", "-a", "-q", "--filter=status=rubbish")
+	c.Assert(out, checker.Contains, "Unrecognised filter value for status", check.Commentf("Expected error response due to invalid status filter output: %q", out))
+
+	// Windows doesn't support pausing of containers
+	if daemonPlatform != "windows" {
+		// pause running container
+		out, _ = dockerCmd(c, "run", "-itd", "busybox")
+		pausedID := strings.TrimSpace(out)
+		dockerCmd(c, "pause", pausedID)
+		// make sure the container is unpaused to let the daemon stop it properly
+		defer func() { dockerCmd(c, "unpause", pausedID) }()
+
+		out, _ = dockerCmd(c, "ps", "--no-trunc", "-q", "--filter=status=paused")
+		containerOut = strings.TrimSpace(out)
+		c.Assert(containerOut, checker.Equals, pausedID)
+	}
+}
+
+func (s *DockerSuite) TestPsListContainersFilterID(c *check.C) {
+	// start container
+	out, _ := dockerCmd(c, "run", "-d", "busybox")
+	firstID := strings.TrimSpace(out)
+
+	// start another container
+	runSleepingContainer(c)
+
+	// filter containers by id
+	out, _ = dockerCmd(c, "ps", "-a", "-q", "--filter=id="+firstID)
+	containerOut := strings.TrimSpace(out)
+	c.Assert(containerOut, checker.Equals, firstID[:12], check.Commentf("Expected id %s, got %s for exited filter, output: %q", firstID[:12], containerOut, out))
+
+}
+
+func (s *DockerSuite) TestPsListContainersFilterName(c *check.C) {
+	// start container
+	dockerCmd(c, "run", "--name=a_name_to_match", "busybox")
+	id, err := getIDByName("a_name_to_match")
+	c.Assert(err, check.IsNil)
+
+	// start another container
+	runSleepingContainer(c, "--name=b_name_to_match")
+
+	// filter containers by name
+	out, _ := dockerCmd(c, "ps", "-a", "-q", "--filter=name=a_name_to_match")
+	containerOut := strings.TrimSpace(out)
+	c.Assert(containerOut, checker.Equals, id[:12], check.Commentf("Expected id %s, got %s for exited filter, output: %q", id[:12], containerOut, out))
+}
+
+// Test for the ancestor filter for ps.
+// There is also the same test but with image:tag@digest in docker_cli_by_digest_test.go
+//
+// What the test setups :
+// - Create 2 image based on busybox using the same repository but different tags
+// - Create an image based on the previous image (images_ps_filter_test2)
+// - Run containers for each of those image (busybox, images_ps_filter_test1, images_ps_filter_test2)
+// - Filter them out :P
+func (s *DockerSuite) TestPsListContainersFilterAncestorImage(c *check.C) {
+	// Build images
+	imageName1 := "images_ps_filter_test1"
+	imageID1, err := buildImage(imageName1,
+		`FROM busybox
+		 LABEL match me 1`, true)
+	c.Assert(err, checker.IsNil)
+
+	imageName1Tagged := "images_ps_filter_test1:tag"
+	imageID1Tagged, err := buildImage(imageName1Tagged,
+		`FROM busybox
+		 LABEL match me 1 tagged`, true)
+	c.Assert(err, checker.IsNil)
+
+	imageName2 := "images_ps_filter_test2"
+	imageID2, err := buildImage(imageName2,
+		fmt.Sprintf(`FROM %s
+		 LABEL match me 2`, imageName1), true)
+	c.Assert(err, checker.IsNil)
+
+	// start containers
+	dockerCmd(c, "run", "--name=first", "busybox", "echo", "hello")
+	firstID, err := getIDByName("first")
+	c.Assert(err, check.IsNil)
+
+	// start another container
+	dockerCmd(c, "run", "--name=second", "busybox", "echo", "hello")
+	secondID, err := getIDByName("second")
+	c.Assert(err, check.IsNil)
+
+	// start third container
+	dockerCmd(c, "run", "--name=third", imageName1, "echo", "hello")
+	thirdID, err := getIDByName("third")
+	c.Assert(err, check.IsNil)
+
+	// start fourth container
+	dockerCmd(c, "run", "--name=fourth", imageName1Tagged, "echo", "hello")
+	fourthID, err := getIDByName("fourth")
+	c.Assert(err, check.IsNil)
+
+	// start fifth container
+	dockerCmd(c, "run", "--name=fifth", imageName2, "echo", "hello")
+	fifthID, err := getIDByName("fifth")
+	c.Assert(err, check.IsNil)
+
+	var filterTestSuite = []struct {
+		filterName  string
+		expectedIDs []string
+	}{
+		// non existent stuff
+		{"nonexistent", []string{}},
+		{"nonexistent:tag", []string{}},
+		// image
+		{"busybox", []string{firstID, secondID, thirdID, fourthID, fifthID}},
+		{imageName1, []string{thirdID, fifthID}},
+		{imageName2, []string{fifthID}},
+		// image:tag
+		{fmt.Sprintf("%s:latest", imageName1), []string{thirdID, fifthID}},
+		{imageName1Tagged, []string{fourthID}},
+		// short-id
+		{stringid.TruncateID(imageID1), []string{thirdID, fifthID}},
+		{stringid.TruncateID(imageID2), []string{fifthID}},
+		// full-id
+		{imageID1, []string{thirdID, fifthID}},
+		{imageID1Tagged, []string{fourthID}},
+		{imageID2, []string{fifthID}},
+	}
+
+	var out string
+	for _, filter := range filterTestSuite {
+		out, _ = dockerCmd(c, "ps", "-a", "-q", "--no-trunc", "--filter=ancestor="+filter.filterName)
+		checkPsAncestorFilterOutput(c, out, filter.filterName, filter.expectedIDs)
+	}
+
+	// Multiple ancestor filter
+	out, _ = dockerCmd(c, "ps", "-a", "-q", "--no-trunc", "--filter=ancestor="+imageName2, "--filter=ancestor="+imageName1Tagged)
+	checkPsAncestorFilterOutput(c, out, imageName2+","+imageName1Tagged, []string{fourthID, fifthID})
+}
+
+func checkPsAncestorFilterOutput(c *check.C, out string, filterName string, expectedIDs []string) {
+	actualIDs := []string{}
+	if out != "" {
+		actualIDs = strings.Split(out[:len(out)-1], "\n")
+	}
+	sort.Strings(actualIDs)
+	sort.Strings(expectedIDs)
+
+	c.Assert(actualIDs, checker.HasLen, len(expectedIDs), check.Commentf("Expected filtered container(s) for %s ancestor filter to be %v:%v, got %v:%v", filterName, len(expectedIDs), expectedIDs, len(actualIDs), actualIDs))
+	if len(expectedIDs) > 0 {
+		same := true
+		for i := range expectedIDs {
+			if actualIDs[i] != expectedIDs[i] {
+				c.Logf("%s, %s", actualIDs[i], expectedIDs[i])
+				same = false
+				break
+			}
+		}
+		c.Assert(same, checker.Equals, true, check.Commentf("Expected filtered container(s) for %s ancestor filter to be %v, got %v", filterName, expectedIDs, actualIDs))
+	}
+}
+
+func (s *DockerSuite) TestPsListContainersFilterLabel(c *check.C) {
+	// start container
+	dockerCmd(c, "run", "--name=first", "-l", "match=me", "-l", "second=tag", "busybox")
+	firstID, err := getIDByName("first")
+	c.Assert(err, check.IsNil)
+
+	// start another container
+	dockerCmd(c, "run", "--name=second", "-l", "match=me too", "busybox")
+	secondID, err := getIDByName("second")
+	c.Assert(err, check.IsNil)
+
+	// start third container
+	dockerCmd(c, "run", "--name=third", "-l", "nomatch=me", "busybox")
+	thirdID, err := getIDByName("third")
+	c.Assert(err, check.IsNil)
+
+	// filter containers by exact match
+	out, _ := dockerCmd(c, "ps", "-a", "-q", "--no-trunc", "--filter=label=match=me")
+	containerOut := strings.TrimSpace(out)
+	c.Assert(containerOut, checker.Equals, firstID, check.Commentf("Expected id %s, got %s for exited filter, output: %q", firstID, containerOut, out))
+
+	// filter containers by two labels
+	out, _ = dockerCmd(c, "ps", "-a", "-q", "--no-trunc", "--filter=label=match=me", "--filter=label=second=tag")
+	containerOut = strings.TrimSpace(out)
+	c.Assert(containerOut, checker.Equals, firstID, check.Commentf("Expected id %s, got %s for exited filter, output: %q", firstID, containerOut, out))
+
+	// filter containers by two labels, but expect not found because of AND behavior
+	out, _ = dockerCmd(c, "ps", "-a", "-q", "--no-trunc", "--filter=label=match=me", "--filter=label=second=tag-no")
+	containerOut = strings.TrimSpace(out)
+	c.Assert(containerOut, checker.Equals, "", check.Commentf("Expected nothing, got %s for exited filter, output: %q", containerOut, out))
+
+	// filter containers by exact key
+	out, _ = dockerCmd(c, "ps", "-a", "-q", "--no-trunc", "--filter=label=match")
+	containerOut = strings.TrimSpace(out)
+	c.Assert(containerOut, checker.Contains, firstID)
+	c.Assert(containerOut, checker.Contains, secondID)
+	c.Assert(containerOut, checker.Not(checker.Contains), thirdID)
+}
+
+func (s *DockerSuite) TestPsListContainersFilterExited(c *check.C) {
+	runSleepingContainer(c, "--name=sleep")
+
+	dockerCmd(c, "run", "--name", "zero1", "busybox", "true")
+	firstZero, err := getIDByName("zero1")
+	c.Assert(err, checker.IsNil)
+
+	dockerCmd(c, "run", "--name", "zero2", "busybox", "true")
+	secondZero, err := getIDByName("zero2")
+	c.Assert(err, checker.IsNil)
+
+	out, _, err := dockerCmdWithError("run", "--name", "nonzero1", "busybox", "false")
+	c.Assert(err, checker.NotNil, check.Commentf("Should fail.", out, err))
+
+	firstNonZero, err := getIDByName("nonzero1")
+	c.Assert(err, checker.IsNil)
+
+	out, _, err = dockerCmdWithError("run", "--name", "nonzero2", "busybox", "false")
+	c.Assert(err, checker.NotNil, check.Commentf("Should fail.", out, err))
+	secondNonZero, err := getIDByName("nonzero2")
+	c.Assert(err, checker.IsNil)
+
+	// filter containers by exited=0
+	out, _ = dockerCmd(c, "ps", "-a", "-q", "--no-trunc", "--filter=exited=0")
+	ids := strings.Split(strings.TrimSpace(out), "\n")
+	c.Assert(ids, checker.HasLen, 2, check.Commentf("Should be 2 zero exited containers got %d: %s", len(ids), out))
+	c.Assert(ids[0], checker.Equals, secondZero, check.Commentf("First in list should be %q, got %q", secondZero, ids[0]))
+	c.Assert(ids[1], checker.Equals, firstZero, check.Commentf("Second in list should be %q, got %q", firstZero, ids[1]))
+
+	out, _ = dockerCmd(c, "ps", "-a", "-q", "--no-trunc", "--filter=exited=1")
+	ids = strings.Split(strings.TrimSpace(out), "\n")
+	c.Assert(ids, checker.HasLen, 2, check.Commentf("Should be 2 zero exited containers got %d", len(ids)))
+	c.Assert(ids[0], checker.Equals, secondNonZero, check.Commentf("First in list should be %q, got %q", secondNonZero, ids[0]))
+	c.Assert(ids[1], checker.Equals, firstNonZero, check.Commentf("Second in list should be %q, got %q", firstNonZero, ids[1]))
+
+}
+
+func (s *DockerSuite) TestPsRightTagName(c *check.C) {
+	// TODO Investigate further why this fails on Windows to Windows CI
+	testRequires(c, DaemonIsLinux)
+	tag := "asybox:shmatest"
+	dockerCmd(c, "tag", "busybox", tag)
+
+	var id1 string
+	out, _ := runSleepingContainer(c)
+	id1 = strings.TrimSpace(string(out))
+
+	var id2 string
+	out, _ = runSleepingContainerInImage(c, tag)
+	id2 = strings.TrimSpace(string(out))
+
+	var imageID string
+	out = inspectField(c, "busybox", "Id")
+	imageID = strings.TrimSpace(string(out))
+
+	var id3 string
+	out, _ = runSleepingContainerInImage(c, imageID)
+	id3 = strings.TrimSpace(string(out))
+
+	out, _ = dockerCmd(c, "ps", "--no-trunc")
+	lines := strings.Split(strings.TrimSpace(string(out)), "\n")
+	// skip header
+	lines = lines[1:]
+	c.Assert(lines, checker.HasLen, 3, check.Commentf("There should be 3 running container, got %d", len(lines)))
+	for _, line := range lines {
+		f := strings.Fields(line)
+		switch f[0] {
+		case id1:
+			c.Assert(f[1], checker.Equals, "busybox", check.Commentf("Expected %s tag for id %s, got %s", "busybox", id1, f[1]))
+		case id2:
+			c.Assert(f[1], checker.Equals, tag, check.Commentf("Expected %s tag for id %s, got %s", tag, id2, f[1]))
+		case id3:
+			c.Assert(f[1], checker.Equals, imageID, check.Commentf("Expected %s imageID for id %s, got %s", tag, id3, f[1]))
+		default:
+			c.Fatalf("Unexpected id %s, expected %s and %s and %s", f[0], id1, id2, id3)
+		}
+	}
+}
+
+func (s *DockerSuite) TestPsLinkedWithNoTrunc(c *check.C) {
+	// Problematic on Windows as it doesn't support links as of Jan 2016
+	testRequires(c, DaemonIsLinux)
+	runSleepingContainer(c, "--name=first")
+	runSleepingContainer(c, "--name=second", "--link=first:first")
+
+	out, _ := dockerCmd(c, "ps", "--no-trunc")
+	lines := strings.Split(strings.TrimSpace(string(out)), "\n")
+	// strip header
+	lines = lines[1:]
+	expected := []string{"second", "first,second/first"}
+	var names []string
+	for _, l := range lines {
+		fields := strings.Fields(l)
+		names = append(names, fields[len(fields)-1])
+	}
+	c.Assert(expected, checker.DeepEquals, names, check.Commentf("Expected array: %v, got: %v", expected, names))
+}
+
+func (s *DockerSuite) TestPsGroupPortRange(c *check.C) {
+	// Problematic on Windows as it doesn't support port ranges as of Jan 2016
+	testRequires(c, DaemonIsLinux)
+	portRange := "3800-3900"
+	dockerCmd(c, "run", "-d", "--name", "porttest", "-p", portRange+":"+portRange, "busybox", "top")
+
+	out, _ := dockerCmd(c, "ps")
+
+	c.Assert(string(out), checker.Contains, portRange, check.Commentf("docker ps output should have had the port range %q: %s", portRange, string(out)))
+
+}
+
+func (s *DockerSuite) TestPsWithSize(c *check.C) {
+	// Problematic on Windows as it doesn't report the size correctly @swernli
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "-d", "--name", "sizetest", "busybox", "top")
+
+	out, _ := dockerCmd(c, "ps", "--size")
+	c.Assert(out, checker.Contains, "virtual", check.Commentf("docker ps with --size should show virtual size of container"))
+}
+
+func (s *DockerSuite) TestPsListContainersFilterCreated(c *check.C) {
+	// create a container
+	out, _ := dockerCmd(c, "create", "busybox")
+	cID := strings.TrimSpace(out)
+	shortCID := cID[:12]
+
+	// Make sure it DOESN'T show up w/o a '-a' for normal 'ps'
+	out, _ = dockerCmd(c, "ps", "-q")
+	c.Assert(out, checker.Not(checker.Contains), shortCID, check.Commentf("Should have not seen '%s' in ps output:\n%s", shortCID, out))
+
+	// Make sure it DOES show up as 'Created' for 'ps -a'
+	out, _ = dockerCmd(c, "ps", "-a")
+
+	hits := 0
+	for _, line := range strings.Split(out, "\n") {
+		if !strings.Contains(line, shortCID) {
+			continue
+		}
+		hits++
+		c.Assert(line, checker.Contains, "Created", check.Commentf("Missing 'Created' on '%s'", line))
+	}
+
+	c.Assert(hits, checker.Equals, 1, check.Commentf("Should have seen '%s' in ps -a output once:%d\n%s", shortCID, hits, out))
+
+	// filter containers by 'create' - note, no -a needed
+	out, _ = dockerCmd(c, "ps", "-q", "-f", "status=created")
+	containerOut := strings.TrimSpace(out)
+	c.Assert(cID, checker.HasPrefix, containerOut)
+}
+
+func (s *DockerSuite) TestPsFormatMultiNames(c *check.C) {
+	// Problematic on Windows as it doesn't support link as of Jan 2016
+	testRequires(c, DaemonIsLinux)
+	//create 2 containers and link them
+	dockerCmd(c, "run", "--name=child", "-d", "busybox", "top")
+	dockerCmd(c, "run", "--name=parent", "--link=child:linkedone", "-d", "busybox", "top")
+
+	//use the new format capabilities to only list the names and --no-trunc to get all names
+	out, _ := dockerCmd(c, "ps", "--format", "{{.Names}}", "--no-trunc")
+	lines := strings.Split(strings.TrimSpace(string(out)), "\n")
+	expected := []string{"parent", "child,parent/linkedone"}
+	var names []string
+	for _, l := range lines {
+		names = append(names, l)
+	}
+	c.Assert(expected, checker.DeepEquals, names, check.Commentf("Expected array with non-truncated names: %v, got: %v", expected, names))
+
+	//now list without turning off truncation and make sure we only get the non-link names
+	out, _ = dockerCmd(c, "ps", "--format", "{{.Names}}")
+	lines = strings.Split(strings.TrimSpace(string(out)), "\n")
+	expected = []string{"parent", "child"}
+	var truncNames []string
+	for _, l := range lines {
+		truncNames = append(truncNames, l)
+	}
+	c.Assert(expected, checker.DeepEquals, truncNames, check.Commentf("Expected array with truncated names: %v, got: %v", expected, truncNames))
+
+}
+
+func (s *DockerSuite) TestPsFormatHeaders(c *check.C) {
+	// make sure no-container "docker ps" still prints the header row
+	out, _ := dockerCmd(c, "ps", "--format", "table {{.ID}}")
+	c.Assert(out, checker.Equals, "CONTAINER ID\n", check.Commentf(`Expected 'CONTAINER ID\n', got %v`, out))
+
+	// verify that "docker ps" with a container still prints the header row also
+	runSleepingContainer(c, "--name=test")
+	out, _ = dockerCmd(c, "ps", "--format", "table {{.Names}}")
+	c.Assert(out, checker.Equals, "NAMES\ntest\n", check.Commentf(`Expected 'NAMES\ntest\n', got %v`, out))
+}
+
+func (s *DockerSuite) TestPsDefaultFormatAndQuiet(c *check.C) {
+	config := `{
+		"psFormat": "default {{ .ID }}"
+}`
+	d, err := ioutil.TempDir("", "integration-cli-")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(d)
+
+	err = ioutil.WriteFile(filepath.Join(d, "config.json"), []byte(config), 0644)
+	c.Assert(err, checker.IsNil)
+
+	out, _ := runSleepingContainer(c, "--name=test")
+	id := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "--config", d, "ps", "-q")
+	c.Assert(id, checker.HasPrefix, strings.TrimSpace(out), check.Commentf("Expected to print only the container id, got %v\n", out))
+}
+
+// Test for GitHub issue #12595
+func (s *DockerSuite) TestPsImageIDAfterUpdate(c *check.C) {
+	// TODO: Investigate why this fails on Windows to Windows CI further.
+	testRequires(c, DaemonIsLinux)
+	originalImageName := "busybox:TestPsImageIDAfterUpdate-original"
+	updatedImageName := "busybox:TestPsImageIDAfterUpdate-updated"
+
+	runCmd := exec.Command(dockerBinary, "tag", "busybox:latest", originalImageName)
+	out, _, err := runCommandWithOutput(runCmd)
+	c.Assert(err, checker.IsNil)
+
+	originalImageID, err := getIDByName(originalImageName)
+	c.Assert(err, checker.IsNil)
+
+	runCmd = exec.Command(dockerBinary, append([]string{"run", "-d", originalImageName}, defaultSleepCommand...)...)
+	out, _, err = runCommandWithOutput(runCmd)
+	c.Assert(err, checker.IsNil)
+	containerID := strings.TrimSpace(out)
+
+	linesOut, err := exec.Command(dockerBinary, "ps", "--no-trunc").CombinedOutput()
+	c.Assert(err, checker.IsNil)
+
+	lines := strings.Split(strings.TrimSpace(string(linesOut)), "\n")
+	// skip header
+	lines = lines[1:]
+	c.Assert(len(lines), checker.Equals, 1)
+
+	for _, line := range lines {
+		f := strings.Fields(line)
+		c.Assert(f[1], checker.Equals, originalImageName)
+	}
+
+	runCmd = exec.Command(dockerBinary, "commit", containerID, updatedImageName)
+	out, _, err = runCommandWithOutput(runCmd)
+	c.Assert(err, checker.IsNil)
+
+	runCmd = exec.Command(dockerBinary, "tag", "-f", updatedImageName, originalImageName)
+	out, _, err = runCommandWithOutput(runCmd)
+	c.Assert(err, checker.IsNil)
+
+	linesOut, err = exec.Command(dockerBinary, "ps", "--no-trunc").CombinedOutput()
+	c.Assert(err, checker.IsNil)
+
+	lines = strings.Split(strings.TrimSpace(string(linesOut)), "\n")
+	// skip header
+	lines = lines[1:]
+	c.Assert(len(lines), checker.Equals, 1)
+
+	for _, line := range lines {
+		f := strings.Fields(line)
+		c.Assert(f[1], checker.Equals, originalImageID)
+	}
+
+}
+
+func (s *DockerSuite) TestPsNotShowPortsOfStoppedContainer(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "--name=foo", "-d", "-p", "5000:5000", "busybox", "top")
+	c.Assert(waitRun("foo"), checker.IsNil)
+	out, _ := dockerCmd(c, "ps")
+	lines := strings.Split(strings.TrimSpace(string(out)), "\n")
+	expected := "0.0.0.0:5000->5000/tcp"
+	fields := strings.Fields(lines[1])
+	c.Assert(fields[len(fields)-2], checker.Equals, expected, check.Commentf("Expected: %v, got: %v", expected, fields[len(fields)-2]))
+
+	dockerCmd(c, "kill", "foo")
+	dockerCmd(c, "wait", "foo")
+	out, _ = dockerCmd(c, "ps", "-l")
+	lines = strings.Split(strings.TrimSpace(string(out)), "\n")
+	fields = strings.Fields(lines[1])
+	c.Assert(fields[len(fields)-2], checker.Not(checker.Equals), expected, check.Commentf("Should not got %v", expected))
+}
+
+func (s *DockerSuite) TestPsShowMounts(c *check.C) {
+	prefix, slash := getPrefixAndSlashFromDaemonPlatform()
+
+	mp := prefix + slash + "test"
+
+	dockerCmd(c, "volume", "create", "--name", "ps-volume-test")
+	// volume mount containers
+	runSleepingContainer(c, "--name=volume-test-1", "--volume", "ps-volume-test:"+mp)
+	c.Assert(waitRun("volume-test-1"), checker.IsNil)
+	runSleepingContainer(c, "--name=volume-test-2", "--volume", mp)
+	c.Assert(waitRun("volume-test-2"), checker.IsNil)
+	// bind mount container
+	var bindMountSource string
+	var bindMountDestination string
+	if DaemonIsWindows.Condition() {
+		bindMountSource = "c:\\"
+		bindMountDestination = "c:\\t"
+	} else {
+		bindMountSource = "/tmp"
+		bindMountDestination = "/t"
+	}
+	runSleepingContainer(c, "--name=bind-mount-test", "-v", bindMountSource+":"+bindMountDestination)
+	c.Assert(waitRun("bind-mount-test"), checker.IsNil)
+
+	out, _ := dockerCmd(c, "ps", "--format", "{{.Names}} {{.Mounts}}")
+
+	lines := strings.Split(strings.TrimSpace(string(out)), "\n")
+	c.Assert(lines, checker.HasLen, 3)
+
+	fields := strings.Fields(lines[0])
+	c.Assert(fields, checker.HasLen, 2)
+	c.Assert(fields[0], checker.Equals, "bind-mount-test")
+	c.Assert(fields[1], checker.Equals, bindMountSource)
+
+	fields = strings.Fields(lines[1])
+	c.Assert(fields, checker.HasLen, 2)
+
+	annonymounsVolumeID := fields[1]
+
+	fields = strings.Fields(lines[2])
+	c.Assert(fields[1], checker.Equals, "ps-volume-test")
+
+	// filter by volume name
+	out, _ = dockerCmd(c, "ps", "--format", "{{.Names}} {{.Mounts}}", "--filter", "volume=ps-volume-test")
+
+	lines = strings.Split(strings.TrimSpace(string(out)), "\n")
+	c.Assert(lines, checker.HasLen, 1)
+
+	fields = strings.Fields(lines[0])
+	c.Assert(fields[1], checker.Equals, "ps-volume-test")
+
+	// empty results filtering by unknown volume
+	out, _ = dockerCmd(c, "ps", "--format", "{{.Names}} {{.Mounts}}", "--filter", "volume=this-volume-should-not-exist")
+	c.Assert(strings.TrimSpace(string(out)), checker.HasLen, 0)
+
+	// filter by mount destination
+	out, _ = dockerCmd(c, "ps", "--format", "{{.Names}} {{.Mounts}}", "--filter", "volume="+mp)
+
+	lines = strings.Split(strings.TrimSpace(string(out)), "\n")
+	c.Assert(lines, checker.HasLen, 2)
+
+	fields = strings.Fields(lines[0])
+	c.Assert(fields[1], checker.Equals, annonymounsVolumeID)
+	fields = strings.Fields(lines[1])
+	c.Assert(fields[1], checker.Equals, "ps-volume-test")
+
+	// filter by bind mount source
+	out, _ = dockerCmd(c, "ps", "--format", "{{.Names}} {{.Mounts}}", "--filter", "volume="+bindMountSource)
+
+	lines = strings.Split(strings.TrimSpace(string(out)), "\n")
+	c.Assert(lines, checker.HasLen, 1)
+
+	fields = strings.Fields(lines[0])
+	c.Assert(fields, checker.HasLen, 2)
+	c.Assert(fields[0], checker.Equals, "bind-mount-test")
+	c.Assert(fields[1], checker.Equals, bindMountSource)
+
+	// filter by bind mount destination
+	out, _ = dockerCmd(c, "ps", "--format", "{{.Names}} {{.Mounts}}", "--filter", "volume="+bindMountDestination)
+
+	lines = strings.Split(strings.TrimSpace(string(out)), "\n")
+	c.Assert(lines, checker.HasLen, 1)
+
+	fields = strings.Fields(lines[0])
+	c.Assert(fields, checker.HasLen, 2)
+	c.Assert(fields[0], checker.Equals, "bind-mount-test")
+	c.Assert(fields[1], checker.Equals, bindMountSource)
+
+	// empty results filtering by unknown mount point
+	out, _ = dockerCmd(c, "ps", "--format", "{{.Names}} {{.Mounts}}", "--filter", "volume="+prefix+slash+"this-path-was-never-mounted")
+	c.Assert(strings.TrimSpace(string(out)), checker.HasLen, 0)
+}
diff --git a/integration-cli/docker_cli_pull_local_test.go b/integration-cli/docker_cli_pull_local_test.go
new file mode 100644
index 00000000..1f858320
--- /dev/null
+++ b/integration-cli/docker_cli_pull_local_test.go
@@ -0,0 +1,423 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"runtime"
+	"strings"
+
+	"github.com/docker/distribution"
+	"github.com/docker/distribution/digest"
+	"github.com/docker/distribution/manifest"
+	"github.com/docker/distribution/manifest/manifestlist"
+	"github.com/docker/distribution/manifest/schema2"
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+// testPullImageWithAliases pulls a specific image tag and verifies that any aliases (i.e., other
+// tags for the same image) are not also pulled down.
+//
+// Ref: docker/docker#8141
+func testPullImageWithAliases(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockercli/busybox", privateRegistryURL)
+
+	repos := []string{}
+	for _, tag := range []string{"recent", "fresh"} {
+		repos = append(repos, fmt.Sprintf("%v:%v", repoName, tag))
+	}
+
+	// Tag and push the same image multiple times.
+	for _, repo := range repos {
+		dockerCmd(c, "tag", "busybox", repo)
+		dockerCmd(c, "push", repo)
+	}
+
+	// Clear local images store.
+	args := append([]string{"rmi"}, repos...)
+	dockerCmd(c, args...)
+
+	// Pull a single tag and verify it doesn't bring down all aliases.
+	dockerCmd(c, "pull", repos[0])
+	dockerCmd(c, "inspect", repos[0])
+	for _, repo := range repos[1:] {
+		_, _, err := dockerCmdWithError("inspect", repo)
+		c.Assert(err, checker.NotNil, check.Commentf("Image %v shouldn't have been pulled down", repo))
+	}
+}
+
+func (s *DockerRegistrySuite) TestPullImageWithAliases(c *check.C) {
+	testPullImageWithAliases(c)
+}
+
+func (s *DockerSchema1RegistrySuite) TestPullImageWithAliases(c *check.C) {
+	testPullImageWithAliases(c)
+}
+
+// testConcurrentPullWholeRepo pulls the same repo concurrently.
+func testConcurrentPullWholeRepo(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockercli/busybox", privateRegistryURL)
+
+	repos := []string{}
+	for _, tag := range []string{"recent", "fresh", "todays"} {
+		repo := fmt.Sprintf("%v:%v", repoName, tag)
+		_, err := buildImage(repo, fmt.Sprintf(`
+		    FROM busybox
+		    ENTRYPOINT ["/bin/echo"]
+		    ENV FOO foo
+		    ENV BAR bar
+		    CMD echo %s
+		`, repo), true)
+		c.Assert(err, checker.IsNil)
+		dockerCmd(c, "push", repo)
+		repos = append(repos, repo)
+	}
+
+	// Clear local images store.
+	args := append([]string{"rmi"}, repos...)
+	dockerCmd(c, args...)
+
+	// Run multiple re-pulls concurrently
+	results := make(chan error)
+	numPulls := 3
+
+	for i := 0; i != numPulls; i++ {
+		go func() {
+			_, _, err := runCommandWithOutput(exec.Command(dockerBinary, "pull", "-a", repoName))
+			results <- err
+		}()
+	}
+
+	// These checks are separate from the loop above because the check
+	// package is not goroutine-safe.
+	for i := 0; i != numPulls; i++ {
+		err := <-results
+		c.Assert(err, checker.IsNil, check.Commentf("concurrent pull failed with error: %v", err))
+	}
+
+	// Ensure all tags were pulled successfully
+	for _, repo := range repos {
+		dockerCmd(c, "inspect", repo)
+		out, _ := dockerCmd(c, "run", "--rm", repo)
+		c.Assert(strings.TrimSpace(out), checker.Equals, "/bin/sh -c echo "+repo)
+	}
+}
+
+func (s *DockerRegistrySuite) testConcurrentPullWholeRepo(c *check.C) {
+	testConcurrentPullWholeRepo(c)
+}
+
+func (s *DockerSchema1RegistrySuite) testConcurrentPullWholeRepo(c *check.C) {
+	testConcurrentPullWholeRepo(c)
+}
+
+// testConcurrentFailingPull tries a concurrent pull that doesn't succeed.
+func testConcurrentFailingPull(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockercli/busybox", privateRegistryURL)
+
+	// Run multiple pulls concurrently
+	results := make(chan error)
+	numPulls := 3
+
+	for i := 0; i != numPulls; i++ {
+		go func() {
+			_, _, err := runCommandWithOutput(exec.Command(dockerBinary, "pull", repoName+":asdfasdf"))
+			results <- err
+		}()
+	}
+
+	// These checks are separate from the loop above because the check
+	// package is not goroutine-safe.
+	for i := 0; i != numPulls; i++ {
+		err := <-results
+		c.Assert(err, checker.NotNil, check.Commentf("expected pull to fail"))
+	}
+}
+
+func (s *DockerRegistrySuite) testConcurrentFailingPull(c *check.C) {
+	testConcurrentFailingPull(c)
+}
+
+func (s *DockerSchema1RegistrySuite) testConcurrentFailingPull(c *check.C) {
+	testConcurrentFailingPull(c)
+}
+
+// testConcurrentPullMultipleTags pulls multiple tags from the same repo
+// concurrently.
+func testConcurrentPullMultipleTags(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockercli/busybox", privateRegistryURL)
+
+	repos := []string{}
+	for _, tag := range []string{"recent", "fresh", "todays"} {
+		repo := fmt.Sprintf("%v:%v", repoName, tag)
+		_, err := buildImage(repo, fmt.Sprintf(`
+		    FROM busybox
+		    ENTRYPOINT ["/bin/echo"]
+		    ENV FOO foo
+		    ENV BAR bar
+		    CMD echo %s
+		`, repo), true)
+		c.Assert(err, checker.IsNil)
+		dockerCmd(c, "push", repo)
+		repos = append(repos, repo)
+	}
+
+	// Clear local images store.
+	args := append([]string{"rmi"}, repos...)
+	dockerCmd(c, args...)
+
+	// Re-pull individual tags, in parallel
+	results := make(chan error)
+
+	for _, repo := range repos {
+		go func(repo string) {
+			_, _, err := runCommandWithOutput(exec.Command(dockerBinary, "pull", repo))
+			results <- err
+		}(repo)
+	}
+
+	// These checks are separate from the loop above because the check
+	// package is not goroutine-safe.
+	for range repos {
+		err := <-results
+		c.Assert(err, checker.IsNil, check.Commentf("concurrent pull failed with error: %v", err))
+	}
+
+	// Ensure all tags were pulled successfully
+	for _, repo := range repos {
+		dockerCmd(c, "inspect", repo)
+		out, _ := dockerCmd(c, "run", "--rm", repo)
+		c.Assert(strings.TrimSpace(out), checker.Equals, "/bin/sh -c echo "+repo)
+	}
+}
+
+func (s *DockerRegistrySuite) TestConcurrentPullMultipleTags(c *check.C) {
+	testConcurrentPullMultipleTags(c)
+}
+
+func (s *DockerSchema1RegistrySuite) TestConcurrentPullMultipleTags(c *check.C) {
+	testConcurrentPullMultipleTags(c)
+}
+
+// testPullIDStability verifies that pushing an image and pulling it back
+// preserves the image ID.
+func testPullIDStability(c *check.C) {
+	derivedImage := privateRegistryURL + "/dockercli/id-stability"
+	baseImage := "busybox"
+
+	_, err := buildImage(derivedImage, fmt.Sprintf(`
+	    FROM %s
+	    ENV derived true
+	    ENV asdf true
+	    RUN dd if=/dev/zero of=/file bs=1024 count=1024
+	    CMD echo %s
+	`, baseImage, derivedImage), true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	originalID, err := getIDByName(derivedImage)
+	if err != nil {
+		c.Fatalf("error inspecting: %v", err)
+	}
+	dockerCmd(c, "push", derivedImage)
+
+	// Pull
+	out, _ := dockerCmd(c, "pull", derivedImage)
+	if strings.Contains(out, "Pull complete") {
+		c.Fatalf("repull redownloaded a layer: %s", out)
+	}
+
+	derivedIDAfterPull, err := getIDByName(derivedImage)
+	if err != nil {
+		c.Fatalf("error inspecting: %v", err)
+	}
+
+	if derivedIDAfterPull != originalID {
+		c.Fatal("image's ID unexpectedly changed after a repush/repull")
+	}
+
+	// Make sure the image runs correctly
+	out, _ = dockerCmd(c, "run", "--rm", derivedImage)
+	if strings.TrimSpace(out) != derivedImage {
+		c.Fatalf("expected %s; got %s", derivedImage, out)
+	}
+
+	// Confirm that repushing and repulling does not change the computed ID
+	dockerCmd(c, "push", derivedImage)
+	dockerCmd(c, "rmi", derivedImage)
+	dockerCmd(c, "pull", derivedImage)
+
+	derivedIDAfterPull, err = getIDByName(derivedImage)
+	if err != nil {
+		c.Fatalf("error inspecting: %v", err)
+	}
+
+	if derivedIDAfterPull != originalID {
+		c.Fatal("image's ID unexpectedly changed after a repush/repull")
+	}
+	if err != nil {
+		c.Fatalf("error inspecting: %v", err)
+	}
+
+	// Make sure the image still runs
+	out, _ = dockerCmd(c, "run", "--rm", derivedImage)
+	if strings.TrimSpace(out) != derivedImage {
+		c.Fatalf("expected %s; got %s", derivedImage, out)
+	}
+}
+
+func (s *DockerRegistrySuite) TestPullIDStability(c *check.C) {
+	testPullIDStability(c)
+}
+
+func (s *DockerSchema1RegistrySuite) TestPullIDStability(c *check.C) {
+	testPullIDStability(c)
+}
+
+// #21213
+func testPullNoLayers(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockercli/scratch", privateRegistryURL)
+
+	_, err := buildImage(repoName, `
+	FROM scratch
+	ENV foo bar`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	dockerCmd(c, "push", repoName)
+	dockerCmd(c, "rmi", repoName)
+	dockerCmd(c, "pull", repoName)
+}
+
+func (s *DockerRegistrySuite) TestPullNoLayers(c *check.C) {
+	testPullNoLayers(c)
+}
+
+func (s *DockerSchema1RegistrySuite) TestPullNoLayers(c *check.C) {
+	testPullNoLayers(c)
+}
+
+func (s *DockerRegistrySuite) TestPullManifestList(c *check.C) {
+	testRequires(c, NotArm)
+	pushDigest, err := setupImage(c)
+	c.Assert(err, checker.IsNil, check.Commentf("error setting up image"))
+
+	// Inject a manifest list into the registry
+	manifestList := &manifestlist.ManifestList{
+		Versioned: manifest.Versioned{
+			SchemaVersion: 2,
+			MediaType:     manifestlist.MediaTypeManifestList,
+		},
+		Manifests: []manifestlist.ManifestDescriptor{
+			{
+				Descriptor: distribution.Descriptor{
+					Digest:    "sha256:1a9ec845ee94c202b2d5da74a24f0ed2058318bfa9879fa541efaecba272e86b",
+					Size:      3253,
+					MediaType: schema2.MediaTypeManifest,
+				},
+				Platform: manifestlist.PlatformSpec{
+					Architecture: "bogus_arch",
+					OS:           "bogus_os",
+				},
+			},
+			{
+				Descriptor: distribution.Descriptor{
+					Digest:    pushDigest,
+					Size:      3253,
+					MediaType: schema2.MediaTypeManifest,
+				},
+				Platform: manifestlist.PlatformSpec{
+					Architecture: runtime.GOARCH,
+					OS:           runtime.GOOS,
+				},
+			},
+		},
+	}
+
+	manifestListJSON, err := json.MarshalIndent(manifestList, "", "   ")
+	c.Assert(err, checker.IsNil, check.Commentf("error marshalling manifest list"))
+
+	manifestListDigest := digest.FromBytes(manifestListJSON)
+	hexDigest := manifestListDigest.Hex()
+
+	registryV2Path := filepath.Join(s.reg.dir, "docker", "registry", "v2")
+
+	// Write manifest list to blob store
+	blobDir := filepath.Join(registryV2Path, "blobs", "sha256", hexDigest[:2], hexDigest)
+	err = os.MkdirAll(blobDir, 0755)
+	c.Assert(err, checker.IsNil, check.Commentf("error creating blob dir"))
+	blobPath := filepath.Join(blobDir, "data")
+	err = ioutil.WriteFile(blobPath, []byte(manifestListJSON), 0644)
+	c.Assert(err, checker.IsNil, check.Commentf("error writing manifest list"))
+
+	// Add to revision store
+	revisionDir := filepath.Join(registryV2Path, "repositories", remoteRepoName, "_manifests", "revisions", "sha256", hexDigest)
+	err = os.Mkdir(revisionDir, 0755)
+	c.Assert(err, checker.IsNil, check.Commentf("error creating revision dir"))
+	revisionPath := filepath.Join(revisionDir, "link")
+	err = ioutil.WriteFile(revisionPath, []byte(manifestListDigest.String()), 0644)
+	c.Assert(err, checker.IsNil, check.Commentf("error writing revision link"))
+
+	// Update tag
+	tagPath := filepath.Join(registryV2Path, "repositories", remoteRepoName, "_manifests", "tags", "latest", "current", "link")
+	err = ioutil.WriteFile(tagPath, []byte(manifestListDigest.String()), 0644)
+	c.Assert(err, checker.IsNil, check.Commentf("error writing tag link"))
+
+	// Verify that the image can be pulled through the manifest list.
+	out, _ := dockerCmd(c, "pull", repoName)
+
+	// The pull output includes "Digest: <digest>", so find that
+	matches := digestRegex.FindStringSubmatch(out)
+	c.Assert(matches, checker.HasLen, 2, check.Commentf("unable to parse digest from pull output: %s", out))
+	pullDigest := matches[1]
+
+	// Make sure the pushed and pull digests match
+	c.Assert(manifestListDigest.String(), checker.Equals, pullDigest)
+
+	// Was the image actually created?
+	dockerCmd(c, "inspect", repoName)
+
+	dockerCmd(c, "rmi", repoName)
+}
+
+func (s *DockerRegistryAuthHtpasswdSuite) TestPullWithExternalAuth(c *check.C) {
+	osPath := os.Getenv("PATH")
+	defer os.Setenv("PATH", osPath)
+
+	workingDir, err := os.Getwd()
+	c.Assert(err, checker.IsNil)
+	absolute, err := filepath.Abs(filepath.Join(workingDir, "fixtures", "auth"))
+	c.Assert(err, checker.IsNil)
+	testPath := fmt.Sprintf("%s%c%s", osPath, filepath.ListSeparator, absolute)
+
+	os.Setenv("PATH", testPath)
+
+	repoName := fmt.Sprintf("%v/dockercli/busybox:authtest", privateRegistryURL)
+
+	tmp, err := ioutil.TempDir("", "integration-cli-")
+	c.Assert(err, checker.IsNil)
+
+	externalAuthConfig := `{ "credsStore": "shell-test" }`
+
+	configPath := filepath.Join(tmp, "config.json")
+	err = ioutil.WriteFile(configPath, []byte(externalAuthConfig), 0644)
+	c.Assert(err, checker.IsNil)
+
+	dockerCmd(c, "--config", tmp, "login", "-u", s.reg.username, "-p", s.reg.password, privateRegistryURL)
+
+	b, err := ioutil.ReadFile(configPath)
+	c.Assert(err, checker.IsNil)
+	c.Assert(string(b), checker.Not(checker.Contains), "\"auth\":")
+
+	dockerCmd(c, "--config", tmp, "tag", "busybox", repoName)
+	dockerCmd(c, "--config", tmp, "push", repoName)
+
+	dockerCmd(c, "--config", tmp, "pull", repoName)
+}
diff --git a/integration-cli/docker_cli_pull_test.go b/integration-cli/docker_cli_pull_test.go
new file mode 100644
index 00000000..ac211d25
--- /dev/null
+++ b/integration-cli/docker_cli_pull_test.go
@@ -0,0 +1,265 @@
+package main
+
+import (
+	"fmt"
+	"regexp"
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+// TestPullFromCentralRegistry pulls an image from the central registry and verifies that the client
+// prints all expected output.
+func (s *DockerHubPullSuite) TestPullFromCentralRegistry(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out := s.Cmd(c, "pull", "hello-world")
+	defer deleteImages("hello-world")
+
+	c.Assert(out, checker.Contains, "Using default tag: latest", check.Commentf("expected the 'latest' tag to be automatically assumed"))
+	c.Assert(out, checker.Contains, "Pulling from library/hello-world", check.Commentf("expected the 'library/' prefix to be automatically assumed"))
+	c.Assert(out, checker.Contains, "Downloaded newer image for hello-world:latest")
+
+	matches := regexp.MustCompile(`Digest: (.+)\n`).FindAllStringSubmatch(out, -1)
+	c.Assert(len(matches), checker.Equals, 1, check.Commentf("expected exactly one image digest in the output"))
+	c.Assert(len(matches[0]), checker.Equals, 2, check.Commentf("unexpected number of submatches for the digest"))
+	_, err := digest.ParseDigest(matches[0][1])
+	c.Check(err, checker.IsNil, check.Commentf("invalid digest %q in output", matches[0][1]))
+
+	// We should have a single entry in images.
+	img := strings.TrimSpace(s.Cmd(c, "images"))
+	splitImg := strings.Split(img, "\n")
+	c.Assert(splitImg, checker.HasLen, 2)
+	c.Assert(splitImg[1], checker.Matches, `hello-world\s+latest.*?`, check.Commentf("invalid output for `docker images` (expected image and tag name"))
+}
+
+// TestPullNonExistingImage pulls non-existing images from the central registry, with different
+// combinations of implicit tag and library prefix.
+func (s *DockerHubPullSuite) TestPullNonExistingImage(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	type entry struct {
+		Repo  string
+		Alias string
+	}
+
+	entries := []entry{
+		{"library/asdfasdf", "asdfasdf:foobar"},
+		{"library/asdfasdf", "library/asdfasdf:foobar"},
+		{"library/asdfasdf", "asdfasdf"},
+		{"library/asdfasdf", "asdfasdf:latest"},
+		{"library/asdfasdf", "library/asdfasdf"},
+		{"library/asdfasdf", "library/asdfasdf:latest"},
+	}
+
+	// The option field indicates "-a" or not.
+	type record struct {
+		e      entry
+		option string
+		out    string
+		err    error
+	}
+
+	// Execute 'docker pull' in parallel, pass results (out, err) and
+	// necessary information ("-a" or not, and the image name) to channel.
+	var group sync.WaitGroup
+	recordChan := make(chan record, len(entries)*2)
+	for _, e := range entries {
+		group.Add(1)
+		go func(e entry) {
+			defer group.Done()
+			out, err := s.CmdWithError("pull", e.Alias)
+			recordChan <- record{e, "", out, err}
+		}(e)
+		if !strings.ContainsRune(e.Alias, ':') {
+			// pull -a on a nonexistent registry should fall back as well
+			group.Add(1)
+			go func(e entry) {
+				defer group.Done()
+				out, err := s.CmdWithError("pull", "-a", e.Alias)
+				recordChan <- record{e, "-a", out, err}
+			}(e)
+		}
+	}
+
+	// Wait for completion
+	group.Wait()
+	close(recordChan)
+
+	// Process the results (out, err).
+	for record := range recordChan {
+		if len(record.option) == 0 {
+			c.Assert(record.err, checker.NotNil, check.Commentf("expected non-zero exit status when pulling non-existing image: %s", record.out))
+			// Hub returns 401 rather than 404 for nonexistent repos over
+			// the v2 protocol - but we should end up falling back to v1,
+			// which does return a 404.
+			c.Assert(record.out, checker.Contains, fmt.Sprintf("Error: image %s not found", record.e.Repo), check.Commentf("expected image not found error messages"))
+		} else {
+			// pull -a on a nonexistent registry should fall back as well
+			c.Assert(record.err, checker.NotNil, check.Commentf("expected non-zero exit status when pulling non-existing image: %s", record.out))
+			c.Assert(record.out, checker.Contains, fmt.Sprintf("Error: image %s not found", record.e.Repo), check.Commentf("expected image not found error messages"))
+			c.Assert(record.out, checker.Not(checker.Contains), "unauthorized", check.Commentf(`message should not contain "unauthorized"`))
+		}
+	}
+
+}
+
+// TestPullFromCentralRegistryImplicitRefParts pulls an image from the central registry and verifies
+// that pulling the same image with different combinations of implicit elements of the the image
+// reference (tag, repository, central registry url, ...) doesn't trigger a new pull nor leads to
+// multiple images.
+func (s *DockerHubPullSuite) TestPullFromCentralRegistryImplicitRefParts(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	// Pull hello-world from v2
+	pullFromV2 := func(ref string) (int, string) {
+		out := s.Cmd(c, "pull", "hello-world")
+		v1Retries := 0
+		for strings.Contains(out, "this image was pulled from a legacy registry") {
+			// Some network errors may cause fallbacks to the v1
+			// protocol, which would violate the test's assumption
+			// that it will get the same images. To make the test
+			// more robust against these network glitches, allow a
+			// few retries if we end up with a v1 pull.
+
+			if v1Retries > 2 {
+				c.Fatalf("too many v1 fallback incidents when pulling %s", ref)
+			}
+
+			s.Cmd(c, "rmi", ref)
+			out = s.Cmd(c, "pull", ref)
+
+			v1Retries++
+		}
+
+		return v1Retries, out
+	}
+
+	pullFromV2("hello-world")
+	defer deleteImages("hello-world")
+
+	s.Cmd(c, "tag", "hello-world", "hello-world-backup")
+
+	for _, ref := range []string{
+		"hello-world",
+		"hello-world:latest",
+		"library/hello-world",
+		"library/hello-world:latest",
+		"docker.io/library/hello-world",
+		"index.docker.io/library/hello-world",
+	} {
+		var out string
+		for {
+			var v1Retries int
+			v1Retries, out = pullFromV2(ref)
+
+			// Keep repeating the test case until we don't hit a v1
+			// fallback case. We won't get the right "Image is up
+			// to date" message if the local image was replaced
+			// with one pulled from v1.
+			if v1Retries == 0 {
+				break
+			}
+			s.Cmd(c, "rmi", ref)
+			s.Cmd(c, "tag", "hello-world-backup", "hello-world")
+		}
+		c.Assert(out, checker.Contains, "Image is up to date for hello-world:latest")
+	}
+
+	s.Cmd(c, "rmi", "hello-world-backup")
+
+	// We should have a single entry in images.
+	img := strings.TrimSpace(s.Cmd(c, "images"))
+	splitImg := strings.Split(img, "\n")
+	c.Assert(splitImg, checker.HasLen, 2)
+	c.Assert(splitImg[1], checker.Matches, `hello-world\s+latest.*?`, check.Commentf("invalid output for `docker images` (expected image and tag name"))
+}
+
+// TestPullScratchNotAllowed verifies that pulling 'scratch' is rejected.
+func (s *DockerHubPullSuite) TestPullScratchNotAllowed(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, err := s.CmdWithError("pull", "scratch")
+	c.Assert(err, checker.NotNil, check.Commentf("expected pull of scratch to fail"))
+	c.Assert(out, checker.Contains, "'scratch' is a reserved name")
+	c.Assert(out, checker.Not(checker.Contains), "Pulling repository scratch")
+}
+
+// TestPullAllTagsFromCentralRegistry pulls using `all-tags` for a given image and verifies that it
+// results in more images than a naked pull.
+func (s *DockerHubPullSuite) TestPullAllTagsFromCentralRegistry(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	s.Cmd(c, "pull", "busybox")
+	outImageCmd := s.Cmd(c, "images", "busybox")
+	splitOutImageCmd := strings.Split(strings.TrimSpace(outImageCmd), "\n")
+	c.Assert(splitOutImageCmd, checker.HasLen, 2)
+
+	s.Cmd(c, "pull", "--all-tags=true", "busybox")
+	outImageAllTagCmd := s.Cmd(c, "images", "busybox")
+	linesCount := strings.Count(outImageAllTagCmd, "\n")
+	c.Assert(linesCount, checker.GreaterThan, 2, check.Commentf("pulling all tags should provide more than two images, got %s", outImageAllTagCmd))
+
+	// Verify that the line for 'busybox:latest' is left unchanged.
+	var latestLine string
+	for _, line := range strings.Split(outImageAllTagCmd, "\n") {
+		if strings.HasPrefix(line, "busybox") && strings.Contains(line, "latest") {
+			latestLine = line
+			break
+		}
+	}
+	c.Assert(latestLine, checker.Not(checker.Equals), "", check.Commentf("no entry for busybox:latest found after pulling all tags"))
+	splitLatest := strings.Fields(latestLine)
+	splitCurrent := strings.Fields(splitOutImageCmd[1])
+
+	// Clear relative creation times, since these can easily change between
+	// two invocations of "docker images". Without this, the test can fail
+	// like this:
+	// ... obtained []string = []string{"busybox", "latest", "d9551b4026f0", "27", "minutes", "ago", "1.113", "MB"}
+	// ... expected []string = []string{"busybox", "latest", "d9551b4026f0", "26", "minutes", "ago", "1.113", "MB"}
+	splitLatest[3] = ""
+	splitLatest[4] = ""
+	splitLatest[5] = ""
+	splitCurrent[3] = ""
+	splitCurrent[4] = ""
+	splitCurrent[5] = ""
+
+	c.Assert(splitLatest, checker.DeepEquals, splitCurrent, check.Commentf("busybox:latest was changed after pulling all tags"))
+}
+
+// TestPullClientDisconnect kills the client during a pull operation and verifies that the operation
+// gets cancelled.
+//
+// Ref: docker/docker#15589
+func (s *DockerHubPullSuite) TestPullClientDisconnect(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	repoName := "hello-world:latest"
+
+	pullCmd := s.MakeCmd("pull", repoName)
+	stdout, err := pullCmd.StdoutPipe()
+	c.Assert(err, checker.IsNil)
+	err = pullCmd.Start()
+	c.Assert(err, checker.IsNil)
+
+	// Cancel as soon as we get some output.
+	buf := make([]byte, 10)
+	_, err = stdout.Read(buf)
+	c.Assert(err, checker.IsNil)
+
+	err = pullCmd.Process.Kill()
+	c.Assert(err, checker.IsNil)
+
+	time.Sleep(2 * time.Second)
+	_, err = s.CmdWithError("inspect", repoName)
+	c.Assert(err, checker.NotNil, check.Commentf("image was pulled after client disconnected"))
+}
+
+func (s *DockerRegistryAuthHtpasswdSuite) TestPullNoCredentialsNotFound(c *check.C) {
+	// we don't care about the actual image, we just want to see image not found
+	// because that means v2 call returned 401 and we fell back to v1 which usually
+	// gives a 404 (in this case the test registry doesn't handle v1 at all)
+	out, _, err := dockerCmdWithError("pull", privateRegistryURL+"/busybox")
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, "Error: image busybox not found")
+}
diff --git a/integration-cli/docker_cli_pull_trusted_test.go b/integration-cli/docker_cli_pull_trusted_test.go
new file mode 100644
index 00000000..6bc38e69
--- /dev/null
+++ b/integration-cli/docker_cli_pull_trusted_test.go
@@ -0,0 +1,365 @@
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os/exec"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerTrustSuite) TestTrustedPull(c *check.C) {
+	repoName := s.setupTrustedImage(c, "trusted-pull")
+
+	// Try pull
+	pullCmd := exec.Command(dockerBinary, "pull", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err := runCommandWithOutput(pullCmd)
+
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(string(out), checker.Contains, "Tagging", check.Commentf(out))
+
+	dockerCmd(c, "rmi", repoName)
+	// Try untrusted pull to ensure we pushed the tag to the registry
+	pullCmd = exec.Command(dockerBinary, "pull", "--disable-content-trust=true", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(string(out), checker.Contains, "Status: Downloaded", check.Commentf(out))
+
+}
+
+func (s *DockerTrustSuite) TestTrustedIsolatedPull(c *check.C) {
+	repoName := s.setupTrustedImage(c, "trusted-isolated-pull")
+
+	// Try pull (run from isolated directory without trust information)
+	pullCmd := exec.Command(dockerBinary, "--config", "/tmp/docker-isolated", "pull", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err := runCommandWithOutput(pullCmd)
+
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(string(out), checker.Contains, "Tagging", check.Commentf(string(out)))
+
+	dockerCmd(c, "rmi", repoName)
+}
+
+func (s *DockerTrustSuite) TestUntrustedPull(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockercliuntrusted/pulltest:latest", privateRegistryURL)
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+	dockerCmd(c, "push", repoName)
+	dockerCmd(c, "rmi", repoName)
+
+	// Try trusted pull on untrusted tag
+	pullCmd := exec.Command(dockerBinary, "pull", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err := runCommandWithOutput(pullCmd)
+
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	c.Assert(string(out), checker.Contains, "Error: remote trust data does not exist", check.Commentf(out))
+}
+
+func (s *DockerTrustSuite) TestPullWhenCertExpired(c *check.C) {
+	c.Skip("Currently changes system time, causing instability")
+	repoName := s.setupTrustedImage(c, "trusted-cert-expired")
+
+	// Certificates have 10 years of expiration
+	elevenYearsFromNow := time.Now().Add(time.Hour * 24 * 365 * 11)
+
+	runAtDifferentDate(elevenYearsFromNow, func() {
+		// Try pull
+		pullCmd := exec.Command(dockerBinary, "pull", repoName)
+		s.trustedCmd(pullCmd)
+		out, _, err := runCommandWithOutput(pullCmd)
+
+		c.Assert(err, check.NotNil, check.Commentf(out))
+		c.Assert(string(out), checker.Contains, "could not validate the path to a trusted root", check.Commentf(out))
+	})
+
+	runAtDifferentDate(elevenYearsFromNow, func() {
+		// Try pull
+		pullCmd := exec.Command(dockerBinary, "pull", "--disable-content-trust", repoName)
+		s.trustedCmd(pullCmd)
+		out, _, err := runCommandWithOutput(pullCmd)
+
+		c.Assert(err, check.IsNil, check.Commentf(out))
+		c.Assert(string(out), checker.Contains, "Status: Downloaded", check.Commentf(out))
+	})
+}
+
+func (s *DockerTrustSuite) TestTrustedPullFromBadTrustServer(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockerclievilpull/trusted:latest", privateRegistryURL)
+	evilLocalConfigDir, err := ioutil.TempDir("", "evil-local-config-dir")
+	if err != nil {
+		c.Fatalf("Failed to create local temp dir")
+	}
+
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+
+	pushCmd := exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(string(out), checker.Contains, "Signing and pushing trust metadata", check.Commentf(out))
+	dockerCmd(c, "rmi", repoName)
+
+	// Try pull
+	pullCmd := exec.Command(dockerBinary, "pull", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(string(out), checker.Contains, "Tagging", check.Commentf(out))
+	dockerCmd(c, "rmi", repoName)
+
+	// Kill the notary server, start a new "evil" one.
+	s.not.Close()
+	s.not, err = newTestNotary(c)
+
+	c.Assert(err, check.IsNil, check.Commentf("Restarting notary server failed."))
+
+	// In order to make an evil server, lets re-init a client (with a different trust dir) and push new data.
+	// tag an image and upload it to the private registry
+	dockerCmd(c, "--config", evilLocalConfigDir, "tag", "busybox", repoName)
+
+	// Push up to the new server
+	pushCmd = exec.Command(dockerBinary, "--config", evilLocalConfigDir, "push", repoName)
+	s.trustedCmd(pushCmd)
+	out, _, err = runCommandWithOutput(pushCmd)
+
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(string(out), checker.Contains, "Signing and pushing trust metadata", check.Commentf(out))
+
+	// Now, try pulling with the original client from this new trust server. This should fall back to cached metadata.
+	pullCmd = exec.Command(dockerBinary, "pull", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+	if err != nil {
+		c.Fatalf("Error falling back to cached trust data: %s\n%s", err, out)
+	}
+	if !strings.Contains(string(out), "Error while downloading remote metadata, using cached timestamp") {
+		c.Fatalf("Missing expected output on trusted pull:\n%s", out)
+	}
+}
+
+func (s *DockerTrustSuite) TestTrustedPullWithExpiredSnapshot(c *check.C) {
+	c.Skip("Currently changes system time, causing instability")
+	repoName := fmt.Sprintf("%v/dockercliexpiredtimestamppull/trusted:latest", privateRegistryURL)
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+
+	// Push with default passphrases
+	pushCmd := exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(string(out), checker.Contains, "Signing and pushing trust metadata", check.Commentf(out))
+
+	dockerCmd(c, "rmi", repoName)
+
+	// Snapshots last for three years. This should be expired
+	fourYearsLater := time.Now().Add(time.Hour * 24 * 365 * 4)
+
+	runAtDifferentDate(fourYearsLater, func() {
+		// Try pull
+		pullCmd := exec.Command(dockerBinary, "pull", repoName)
+		s.trustedCmd(pullCmd)
+		out, _, err = runCommandWithOutput(pullCmd)
+
+		c.Assert(err, check.NotNil, check.Commentf("Missing expected error running trusted pull with expired snapshots"))
+		c.Assert(string(out), checker.Contains, "repository out-of-date", check.Commentf(out))
+	})
+}
+
+func (s *DockerTrustSuite) TestTrustedOfflinePull(c *check.C) {
+	repoName := s.setupTrustedImage(c, "trusted-offline-pull")
+
+	pullCmd := exec.Command(dockerBinary, "pull", repoName)
+	s.trustedCmdWithServer(pullCmd, "https://invalidnotaryserver")
+	out, _, err := runCommandWithOutput(pullCmd)
+
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	c.Assert(string(out), checker.Contains, "error contacting notary server", check.Commentf(out))
+	// Do valid trusted pull to warm cache
+	pullCmd = exec.Command(dockerBinary, "pull", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(string(out), checker.Contains, "Tagging", check.Commentf(out))
+
+	dockerCmd(c, "rmi", repoName)
+
+	// Try pull again with invalid notary server, should use cache
+	pullCmd = exec.Command(dockerBinary, "pull", repoName)
+	s.trustedCmdWithServer(pullCmd, "https://invalidnotaryserver")
+	out, _, err = runCommandWithOutput(pullCmd)
+
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(string(out), checker.Contains, "Tagging", check.Commentf(out))
+}
+
+func (s *DockerTrustSuite) TestTrustedPullDelete(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockercli/%s:latest", privateRegistryURL, "trusted-pull-delete")
+	// tag the image and upload it to the private registry
+	_, err := buildImage(repoName, `
+                    FROM busybox
+                    CMD echo trustedpulldelete
+                `, true)
+
+	pushCmd := exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+	if err != nil {
+		c.Fatalf("Error running trusted push: %s\n%s", err, out)
+	}
+	if !strings.Contains(string(out), "Signing and pushing trust metadata") {
+		c.Fatalf("Missing expected output on trusted push:\n%s", out)
+	}
+
+	if out, status := dockerCmd(c, "rmi", repoName); status != 0 {
+		c.Fatalf("Error removing image %q\n%s", repoName, out)
+	}
+
+	// Try pull
+	pullCmd := exec.Command(dockerBinary, "pull", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	matches := digestRegex.FindStringSubmatch(out)
+	c.Assert(matches, checker.HasLen, 2, check.Commentf("unable to parse digest from pull output: %s", out))
+	pullDigest := matches[1]
+
+	imageID := inspectField(c, repoName, "Id")
+
+	imageByDigest := repoName + "@" + pullDigest
+	byDigestID := inspectField(c, imageByDigest, "Id")
+
+	c.Assert(byDigestID, checker.Equals, imageID)
+
+	// rmi of tag should also remove the digest reference
+	dockerCmd(c, "rmi", repoName)
+
+	_, err = inspectFieldWithError(imageByDigest, "Id")
+	c.Assert(err, checker.NotNil, check.Commentf("digest reference should have been removed"))
+
+	_, err = inspectFieldWithError(imageID, "Id")
+	c.Assert(err, checker.NotNil, check.Commentf("image should have been deleted"))
+}
+
+func (s *DockerTrustSuite) TestTrustedPullReadsFromReleasesRole(c *check.C) {
+	testRequires(c, NotaryHosting)
+	repoName := fmt.Sprintf("%v/dockerclireleasesdelegationpulling/trusted", privateRegistryURL)
+	targetName := fmt.Sprintf("%s:latest", repoName)
+
+	// Push with targets first, initializing the repo
+	dockerCmd(c, "tag", "busybox", targetName)
+	pushCmd := exec.Command(dockerBinary, "push", targetName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	s.assertTargetInRoles(c, repoName, "latest", "targets")
+
+	// Try pull, check we retrieve from targets role
+	pullCmd := exec.Command(dockerBinary, "-D", "pull", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, "retrieving target for targets role")
+
+	// Now we'll create the releases role, and try pushing and pulling
+	s.notaryCreateDelegation(c, repoName, "targets/releases", s.not.keys[0].Public)
+	s.notaryImportKey(c, repoName, "targets/releases", s.not.keys[0].Private)
+	s.notaryPublish(c, repoName)
+
+	// try a pull, check that we can still pull because we can still read the
+	// old tag in the targets role
+	pullCmd = exec.Command(dockerBinary, "-D", "pull", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, "retrieving target for targets role")
+
+	// try a pull -a, check that it succeeds because we can still pull from the
+	// targets role
+	pullCmd = exec.Command(dockerBinary, "-D", "pull", "-a", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	// Push, should sign with targets/releases
+	dockerCmd(c, "tag", "busybox", targetName)
+	pushCmd = exec.Command(dockerBinary, "push", targetName)
+	s.trustedCmd(pushCmd)
+	out, _, err = runCommandWithOutput(pushCmd)
+	s.assertTargetInRoles(c, repoName, "latest", "targets", "targets/releases")
+
+	// Try pull, check we retrieve from targets/releases role
+	pullCmd = exec.Command(dockerBinary, "-D", "pull", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+	c.Assert(out, checker.Contains, "retrieving target for targets/releases role")
+
+	// Create another delegation that we'll sign with
+	s.notaryCreateDelegation(c, repoName, "targets/other", s.not.keys[1].Public)
+	s.notaryImportKey(c, repoName, "targets/other", s.not.keys[1].Private)
+	s.notaryPublish(c, repoName)
+
+	dockerCmd(c, "tag", "busybox", targetName)
+	pushCmd = exec.Command(dockerBinary, "push", targetName)
+	s.trustedCmd(pushCmd)
+	out, _, err = runCommandWithOutput(pushCmd)
+	s.assertTargetInRoles(c, repoName, "latest", "targets", "targets/releases", "targets/other")
+
+	// Try pull, check we retrieve from targets/releases role
+	pullCmd = exec.Command(dockerBinary, "-D", "pull", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+	c.Assert(out, checker.Contains, "retrieving target for targets/releases role")
+}
+
+func (s *DockerTrustSuite) TestTrustedPullIgnoresOtherDelegationRoles(c *check.C) {
+	testRequires(c, NotaryHosting)
+	repoName := fmt.Sprintf("%v/dockerclipullotherdelegation/trusted", privateRegistryURL)
+	targetName := fmt.Sprintf("%s:latest", repoName)
+
+	// We'll create a repo first with a non-release delegation role, so that when we
+	// push we'll sign it into the delegation role
+	s.notaryInitRepo(c, repoName)
+	s.notaryCreateDelegation(c, repoName, "targets/other", s.not.keys[0].Public)
+	s.notaryImportKey(c, repoName, "targets/other", s.not.keys[0].Private)
+	s.notaryPublish(c, repoName)
+
+	// Push should write to the delegation role, not targets
+	dockerCmd(c, "tag", "busybox", targetName)
+	pushCmd := exec.Command(dockerBinary, "push", targetName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	s.assertTargetInRoles(c, repoName, "latest", "targets/other")
+	s.assertTargetNotInRoles(c, repoName, "latest", "targets")
+
+	// Try pull - we should fail, since pull will only pull from the targets/releases
+	// role or the targets role
+	pullCmd := exec.Command(dockerBinary, "-D", "pull", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, "No trust data for")
+
+	// try a pull -a: we should fail since pull will only pull from the targets/releases
+	// role or the targets role
+	pullCmd = exec.Command(dockerBinary, "-D", "pull", "-a", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, "No trusted tags for")
+}
diff --git a/integration-cli/docker_cli_push_test.go b/integration-cli/docker_cli_push_test.go
new file mode 100644
index 00000000..6b3d8232
--- /dev/null
+++ b/integration-cli/docker_cli_push_test.go
@@ -0,0 +1,728 @@
+package main
+
+import (
+	"archive/tar"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/http/httptest"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"strings"
+	"time"
+
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/cliconfig"
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+// Pushing an image to a private registry.
+func testPushBusyboxImage(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockercli/busybox", privateRegistryURL)
+	// tag the image to upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+	// push the image to the registry
+	dockerCmd(c, "push", repoName)
+}
+
+func (s *DockerRegistrySuite) TestPushBusyboxImage(c *check.C) {
+	testPushBusyboxImage(c)
+}
+
+func (s *DockerSchema1RegistrySuite) TestPushBusyboxImage(c *check.C) {
+	testPushBusyboxImage(c)
+}
+
+// pushing an image without a prefix should throw an error
+func (s *DockerSuite) TestPushUnprefixedRepo(c *check.C) {
+	out, _, err := dockerCmdWithError("push", "busybox")
+	c.Assert(err, check.NotNil, check.Commentf("pushing an unprefixed repo didn't result in a non-zero exit status: %s", out))
+}
+
+func testPushUntagged(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockercli/busybox", privateRegistryURL)
+	expected := "Repository does not exist"
+
+	out, _, err := dockerCmdWithError("push", repoName)
+	c.Assert(err, check.NotNil, check.Commentf("pushing the image to the private registry should have failed: output %q", out))
+	c.Assert(out, checker.Contains, expected, check.Commentf("pushing the image failed"))
+}
+
+func (s *DockerRegistrySuite) TestPushUntagged(c *check.C) {
+	testPushUntagged(c)
+}
+
+func (s *DockerSchema1RegistrySuite) TestPushUntagged(c *check.C) {
+	testPushUntagged(c)
+}
+
+func testPushBadTag(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockercli/busybox:latest", privateRegistryURL)
+	expected := "does not exist"
+
+	out, _, err := dockerCmdWithError("push", repoName)
+	c.Assert(err, check.NotNil, check.Commentf("pushing the image to the private registry should have failed: output %q", out))
+	c.Assert(out, checker.Contains, expected, check.Commentf("pushing the image failed"))
+}
+
+func (s *DockerRegistrySuite) TestPushBadTag(c *check.C) {
+	testPushBadTag(c)
+}
+
+func (s *DockerSchema1RegistrySuite) TestPushBadTag(c *check.C) {
+	testPushBadTag(c)
+}
+
+func testPushMultipleTags(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockercli/busybox", privateRegistryURL)
+	repoTag1 := fmt.Sprintf("%v/dockercli/busybox:t1", privateRegistryURL)
+	repoTag2 := fmt.Sprintf("%v/dockercli/busybox:t2", privateRegistryURL)
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoTag1)
+
+	dockerCmd(c, "tag", "busybox", repoTag2)
+
+	dockerCmd(c, "push", repoName)
+
+	// Ensure layer list is equivalent for repoTag1 and repoTag2
+	out1, _ := dockerCmd(c, "pull", repoTag1)
+
+	imageAlreadyExists := ": Image already exists"
+	var out1Lines []string
+	for _, outputLine := range strings.Split(out1, "\n") {
+		if strings.Contains(outputLine, imageAlreadyExists) {
+			out1Lines = append(out1Lines, outputLine)
+		}
+	}
+
+	out2, _ := dockerCmd(c, "pull", repoTag2)
+
+	var out2Lines []string
+	for _, outputLine := range strings.Split(out2, "\n") {
+		if strings.Contains(outputLine, imageAlreadyExists) {
+			out1Lines = append(out1Lines, outputLine)
+		}
+	}
+	c.Assert(out2Lines, checker.HasLen, len(out1Lines))
+
+	for i := range out1Lines {
+		c.Assert(out1Lines[i], checker.Equals, out2Lines[i])
+	}
+}
+
+func (s *DockerRegistrySuite) TestPushMultipleTags(c *check.C) {
+	testPushMultipleTags(c)
+}
+
+func (s *DockerSchema1RegistrySuite) TestPushMultipleTags(c *check.C) {
+	testPushMultipleTags(c)
+}
+
+func testPushEmptyLayer(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockercli/emptylayer", privateRegistryURL)
+	emptyTarball, err := ioutil.TempFile("", "empty_tarball")
+	c.Assert(err, check.IsNil, check.Commentf("Unable to create test file"))
+
+	tw := tar.NewWriter(emptyTarball)
+	err = tw.Close()
+	c.Assert(err, check.IsNil, check.Commentf("Error creating empty tarball"))
+
+	freader, err := os.Open(emptyTarball.Name())
+	c.Assert(err, check.IsNil, check.Commentf("Could not open test tarball"))
+
+	importCmd := exec.Command(dockerBinary, "import", "-", repoName)
+	importCmd.Stdin = freader
+	out, _, err := runCommandWithOutput(importCmd)
+	c.Assert(err, check.IsNil, check.Commentf("import failed: %q", out))
+
+	// Now verify we can push it
+	out, _, err = dockerCmdWithError("push", repoName)
+	c.Assert(err, check.IsNil, check.Commentf("pushing the image to the private registry has failed: %s", out))
+}
+
+func (s *DockerRegistrySuite) TestPushEmptyLayer(c *check.C) {
+	testPushEmptyLayer(c)
+}
+
+func (s *DockerSchema1RegistrySuite) TestPushEmptyLayer(c *check.C) {
+	testPushEmptyLayer(c)
+}
+
+// testConcurrentPush pushes multiple tags to the same repo
+// concurrently.
+func testConcurrentPush(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockercli/busybox", privateRegistryURL)
+
+	repos := []string{}
+	for _, tag := range []string{"push1", "push2", "push3"} {
+		repo := fmt.Sprintf("%v:%v", repoName, tag)
+		_, err := buildImage(repo, fmt.Sprintf(`
+	FROM busybox
+	ENTRYPOINT ["/bin/echo"]
+	ENV FOO foo
+	ENV BAR bar
+	CMD echo %s
+`, repo), true)
+		c.Assert(err, checker.IsNil)
+		repos = append(repos, repo)
+	}
+
+	// Push tags, in parallel
+	results := make(chan error)
+
+	for _, repo := range repos {
+		go func(repo string) {
+			_, _, err := runCommandWithOutput(exec.Command(dockerBinary, "push", repo))
+			results <- err
+		}(repo)
+	}
+
+	for range repos {
+		err := <-results
+		c.Assert(err, checker.IsNil, check.Commentf("concurrent push failed with error: %v", err))
+	}
+
+	// Clear local images store.
+	args := append([]string{"rmi"}, repos...)
+	dockerCmd(c, args...)
+
+	// Re-pull and run individual tags, to make sure pushes succeeded
+	for _, repo := range repos {
+		dockerCmd(c, "pull", repo)
+		dockerCmd(c, "inspect", repo)
+		out, _ := dockerCmd(c, "run", "--rm", repo)
+		c.Assert(strings.TrimSpace(out), checker.Equals, "/bin/sh -c echo "+repo)
+	}
+}
+
+func (s *DockerRegistrySuite) TestConcurrentPush(c *check.C) {
+	testConcurrentPush(c)
+}
+
+func (s *DockerSchema1RegistrySuite) TestConcurrentPush(c *check.C) {
+	testConcurrentPush(c)
+}
+
+func (s *DockerRegistrySuite) TestCrossRepositoryLayerPush(c *check.C) {
+	sourceRepoName := fmt.Sprintf("%v/dockercli/busybox", privateRegistryURL)
+	// tag the image to upload it to the private registry
+	dockerCmd(c, "tag", "busybox", sourceRepoName)
+	// push the image to the registry
+	out1, _, err := dockerCmdWithError("push", sourceRepoName)
+	c.Assert(err, check.IsNil, check.Commentf("pushing the image to the private registry has failed: %s", out1))
+	// ensure that none of the layers were mounted from another repository during push
+	c.Assert(strings.Contains(out1, "Mounted from"), check.Equals, false)
+
+	digest1 := digest.DigestRegexp.FindString(out1)
+	c.Assert(len(digest1), checker.GreaterThan, 0, check.Commentf("no digest found for pushed manifest"))
+
+	destRepoName := fmt.Sprintf("%v/dockercli/crossrepopush", privateRegistryURL)
+	// retag the image to upload the same layers to another repo in the same registry
+	dockerCmd(c, "tag", "busybox", destRepoName)
+	// push the image to the registry
+	out2, _, err := dockerCmdWithError("push", destRepoName)
+	c.Assert(err, check.IsNil, check.Commentf("pushing the image to the private registry has failed: %s", out2))
+	// ensure that layers were mounted from the first repo during push
+	c.Assert(strings.Contains(out2, "Mounted from dockercli/busybox"), check.Equals, true)
+
+	digest2 := digest.DigestRegexp.FindString(out2)
+	c.Assert(len(digest2), checker.GreaterThan, 0, check.Commentf("no digest found for pushed manifest"))
+	c.Assert(digest1, check.Equals, digest2)
+
+	// ensure that we can pull and run the cross-repo-pushed repository
+	dockerCmd(c, "rmi", destRepoName)
+	dockerCmd(c, "pull", destRepoName)
+	out3, _ := dockerCmd(c, "run", destRepoName, "echo", "-n", "hello world")
+	c.Assert(out3, check.Equals, "hello world")
+}
+
+func (s *DockerSchema1RegistrySuite) TestCrossRepositoryLayerPushNotSupported(c *check.C) {
+	sourceRepoName := fmt.Sprintf("%v/dockercli/busybox", privateRegistryURL)
+	// tag the image to upload it to the private registry
+	dockerCmd(c, "tag", "busybox", sourceRepoName)
+	// push the image to the registry
+	out1, _, err := dockerCmdWithError("push", sourceRepoName)
+	c.Assert(err, check.IsNil, check.Commentf("pushing the image to the private registry has failed: %s", out1))
+	// ensure that none of the layers were mounted from another repository during push
+	c.Assert(strings.Contains(out1, "Mounted from"), check.Equals, false)
+
+	digest1 := digest.DigestRegexp.FindString(out1)
+	c.Assert(len(digest1), checker.GreaterThan, 0, check.Commentf("no digest found for pushed manifest"))
+
+	destRepoName := fmt.Sprintf("%v/dockercli/crossrepopush", privateRegistryURL)
+	// retag the image to upload the same layers to another repo in the same registry
+	dockerCmd(c, "tag", "busybox", destRepoName)
+	// push the image to the registry
+	out2, _, err := dockerCmdWithError("push", destRepoName)
+	c.Assert(err, check.IsNil, check.Commentf("pushing the image to the private registry has failed: %s", out2))
+	// schema1 registry should not support cross-repo layer mounts, so ensure that this does not happen
+	c.Assert(strings.Contains(out2, "Mounted from"), check.Equals, false)
+
+	digest2 := digest.DigestRegexp.FindString(out2)
+	c.Assert(len(digest2), checker.GreaterThan, 0, check.Commentf("no digest found for pushed manifest"))
+	c.Assert(digest1, check.Equals, digest2)
+
+	// ensure that we can pull and run the second pushed repository
+	dockerCmd(c, "rmi", destRepoName)
+	dockerCmd(c, "pull", destRepoName)
+	out3, _ := dockerCmd(c, "run", destRepoName, "echo", "-n", "hello world")
+	c.Assert(out3, check.Equals, "hello world")
+}
+
+func (s *DockerTrustSuite) TestTrustedPush(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockerclitrusted/pushtest:latest", privateRegistryURL)
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+
+	pushCmd := exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil, check.Commentf("Error running trusted push: %s\n%s", err, out))
+	c.Assert(out, checker.Contains, "Signing and pushing trust metadata", check.Commentf("Missing expected output on trusted push"))
+
+	// Try pull after push
+	pullCmd := exec.Command(dockerBinary, "pull", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(string(out), checker.Contains, "Status: Downloaded", check.Commentf(out))
+
+	// Assert that we rotated the snapshot key to the server by checking our local keystore
+	contents, err := ioutil.ReadDir(filepath.Join(cliconfig.ConfigDir(), "trust/private/tuf_keys", privateRegistryURL, "dockerclitrusted/pushtest"))
+	c.Assert(err, check.IsNil, check.Commentf("Unable to read local tuf key files"))
+	// Check that we only have 1 key (targets key)
+	c.Assert(contents, checker.HasLen, 1)
+}
+
+func (s *DockerTrustSuite) TestTrustedPushWithEnvPasswords(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockerclienv/trusted:latest", privateRegistryURL)
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+
+	pushCmd := exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmdWithPassphrases(pushCmd, "12345678", "12345678")
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil, check.Commentf("Error running trusted push: %s\n%s", err, out))
+	c.Assert(out, checker.Contains, "Signing and pushing trust metadata", check.Commentf("Missing expected output on trusted push"))
+
+	// Try pull after push
+	pullCmd := exec.Command(dockerBinary, "pull", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(string(out), checker.Contains, "Status: Downloaded", check.Commentf(out))
+}
+
+// This test ensures backwards compatibility with old ENV variables. Should be
+// deprecated by 1.10
+func (s *DockerTrustSuite) TestTrustedPushWithDeprecatedEnvPasswords(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockercli/trusteddeprecated:latest", privateRegistryURL)
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+
+	pushCmd := exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmdWithDeprecatedEnvPassphrases(pushCmd, "12345678", "12345678")
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil, check.Commentf("Error running trusted push: %s\n%s", err, out))
+	c.Assert(out, checker.Contains, "Signing and pushing trust metadata", check.Commentf("Missing expected output on trusted push"))
+}
+
+func (s *DockerTrustSuite) TestTrustedPushWithFailingServer(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockerclitrusted/failingserver:latest", privateRegistryURL)
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+
+	pushCmd := exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmdWithServer(pushCmd, "https://example.com:81/")
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.NotNil, check.Commentf("Missing error while running trusted push w/ no server"))
+	c.Assert(out, checker.Contains, "error contacting notary server", check.Commentf("Missing expected output on trusted push"))
+}
+
+func (s *DockerTrustSuite) TestTrustedPushWithoutServerAndUntrusted(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockerclitrusted/trustedandnot:latest", privateRegistryURL)
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+
+	pushCmd := exec.Command(dockerBinary, "push", "--disable-content-trust", repoName)
+	s.trustedCmdWithServer(pushCmd, "https://example.com/")
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil, check.Commentf("trusted push with no server and --disable-content-trust failed: %s\n%s", err, out))
+	c.Assert(out, check.Not(checker.Contains), "Error establishing connection to notary repository", check.Commentf("Missing expected output on trusted push with --disable-content-trust:"))
+}
+
+func (s *DockerTrustSuite) TestTrustedPushWithExistingTag(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockerclitag/trusted:latest", privateRegistryURL)
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+	dockerCmd(c, "push", repoName)
+
+	pushCmd := exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil, check.Commentf("trusted push failed: %s\n%s", err, out))
+	c.Assert(out, checker.Contains, "Signing and pushing trust metadata", check.Commentf("Missing expected output on trusted push with existing tag"))
+
+	// Try pull after push
+	pullCmd := exec.Command(dockerBinary, "pull", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(string(out), checker.Contains, "Status: Downloaded", check.Commentf(out))
+}
+
+func (s *DockerTrustSuite) TestTrustedPushWithExistingSignedTag(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockerclipushpush/trusted:latest", privateRegistryURL)
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+
+	// Do a trusted push
+	pushCmd := exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil, check.Commentf("trusted push failed: %s\n%s", err, out))
+	c.Assert(out, checker.Contains, "Signing and pushing trust metadata", check.Commentf("Missing expected output on trusted push with existing tag"))
+
+	// Do another trusted push
+	pushCmd = exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmd(pushCmd)
+	out, _, err = runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil, check.Commentf("trusted push failed: %s\n%s", err, out))
+	c.Assert(out, checker.Contains, "Signing and pushing trust metadata", check.Commentf("Missing expected output on trusted push with existing tag"))
+
+	dockerCmd(c, "rmi", repoName)
+
+	// Try pull to ensure the double push did not break our ability to pull
+	pullCmd := exec.Command(dockerBinary, "pull", repoName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+	c.Assert(err, check.IsNil, check.Commentf("Error running trusted pull: %s\n%s", err, out))
+	c.Assert(out, checker.Contains, "Status: Downloaded", check.Commentf("Missing expected output on trusted pull with --disable-content-trust"))
+
+}
+
+func (s *DockerTrustSuite) TestTrustedPushWithIncorrectPassphraseForNonRoot(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockercliincorretpwd/trusted:latest", privateRegistryURL)
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+
+	// Push with default passphrases
+	pushCmd := exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil, check.Commentf("trusted push failed: %s\n%s", err, out))
+	c.Assert(out, checker.Contains, "Signing and pushing trust metadata", check.Commentf("Missing expected output on trusted push:\n%s", out))
+
+	// Push with wrong passphrases
+	pushCmd = exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmdWithPassphrases(pushCmd, "12345678", "87654321")
+	out, _, err = runCommandWithOutput(pushCmd)
+	c.Assert(err, check.NotNil, check.Commentf("Error missing from trusted push with short targets passphrase: \n%s", out))
+	c.Assert(out, checker.Contains, "could not find necessary signing keys", check.Commentf("Missing expected output on trusted push with short targets/snapsnot passphrase"))
+}
+
+// This test ensures backwards compatibility with old ENV variables. Should be
+// deprecated by 1.10
+func (s *DockerTrustSuite) TestTrustedPushWithIncorrectDeprecatedPassphraseForNonRoot(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockercliincorretdeprecatedpwd/trusted:latest", privateRegistryURL)
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+
+	// Push with default passphrases
+	pushCmd := exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil, check.Commentf("trusted push failed: %s\n%s", err, out))
+	c.Assert(out, checker.Contains, "Signing and pushing trust metadata", check.Commentf("Missing expected output on trusted push"))
+
+	// Push with wrong passphrases
+	pushCmd = exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmdWithDeprecatedEnvPassphrases(pushCmd, "12345678", "87654321")
+	out, _, err = runCommandWithOutput(pushCmd)
+	c.Assert(err, check.NotNil, check.Commentf("Error missing from trusted push with short targets passphrase: \n%s", out))
+	c.Assert(out, checker.Contains, "could not find necessary signing keys", check.Commentf("Missing expected output on trusted push with short targets/snapsnot passphrase"))
+}
+
+func (s *DockerTrustSuite) TestTrustedPushWithExpiredSnapshot(c *check.C) {
+	c.Skip("Currently changes system time, causing instability")
+	repoName := fmt.Sprintf("%v/dockercliexpiredsnapshot/trusted:latest", privateRegistryURL)
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+
+	// Push with default passphrases
+	pushCmd := exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil, check.Commentf("trusted push failed: %s\n%s", err, out))
+	c.Assert(out, checker.Contains, "Signing and pushing trust metadata", check.Commentf("Missing expected output on trusted push"))
+
+	// Snapshots last for three years. This should be expired
+	fourYearsLater := time.Now().Add(time.Hour * 24 * 365 * 4)
+
+	runAtDifferentDate(fourYearsLater, func() {
+		// Push with wrong passphrases
+		pushCmd = exec.Command(dockerBinary, "push", repoName)
+		s.trustedCmd(pushCmd)
+		out, _, err = runCommandWithOutput(pushCmd)
+		c.Assert(err, check.NotNil, check.Commentf("Error missing from trusted push with expired snapshot: \n%s", out))
+		c.Assert(out, checker.Contains, "repository out-of-date", check.Commentf("Missing expected output on trusted push with expired snapshot"))
+	})
+}
+
+func (s *DockerTrustSuite) TestTrustedPushWithExpiredTimestamp(c *check.C) {
+	c.Skip("Currently changes system time, causing instability")
+	repoName := fmt.Sprintf("%v/dockercliexpiredtimestamppush/trusted:latest", privateRegistryURL)
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+
+	// Push with default passphrases
+	pushCmd := exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil, check.Commentf("trusted push failed: %s\n%s", err, out))
+	c.Assert(out, checker.Contains, "Signing and pushing trust metadata", check.Commentf("Missing expected output on trusted push"))
+
+	// The timestamps expire in two weeks. Lets check three
+	threeWeeksLater := time.Now().Add(time.Hour * 24 * 21)
+
+	// Should succeed because the server transparently re-signs one
+	runAtDifferentDate(threeWeeksLater, func() {
+		pushCmd := exec.Command(dockerBinary, "push", repoName)
+		s.trustedCmd(pushCmd)
+		out, _, err := runCommandWithOutput(pushCmd)
+		c.Assert(err, check.IsNil, check.Commentf("Error running trusted push: %s\n%s", err, out))
+		c.Assert(out, checker.Contains, "Signing and pushing trust metadata", check.Commentf("Missing expected output on trusted push with expired timestamp"))
+	})
+}
+
+func (s *DockerTrustSuite) TestTrustedPushWithReleasesDelegationOnly(c *check.C) {
+	testRequires(c, NotaryHosting)
+	repoName := fmt.Sprintf("%v/dockerclireleasedelegationinitfirst/trusted", privateRegistryURL)
+	targetName := fmt.Sprintf("%s:latest", repoName)
+	s.notaryInitRepo(c, repoName)
+	s.notaryCreateDelegation(c, repoName, "targets/releases", s.not.keys[0].Public)
+	s.notaryPublish(c, repoName)
+
+	s.notaryImportKey(c, repoName, "targets/releases", s.not.keys[0].Private)
+
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", targetName)
+
+	pushCmd := exec.Command(dockerBinary, "push", targetName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil, check.Commentf("trusted push failed: %s\n%s", err, out))
+	c.Assert(out, checker.Contains, "Signing and pushing trust metadata", check.Commentf("Missing expected output on trusted push with existing tag"))
+	// check to make sure that the target has been added to targets/releases and not targets
+	s.assertTargetInRoles(c, repoName, "latest", "targets/releases")
+	s.assertTargetNotInRoles(c, repoName, "latest", "targets")
+
+	// Try pull after push
+	os.RemoveAll(filepath.Join(cliconfig.ConfigDir(), "trust"))
+
+	pullCmd := exec.Command(dockerBinary, "pull", targetName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	c.Assert(string(out), checker.Contains, "Status: Downloaded", check.Commentf(out))
+}
+
+func (s *DockerTrustSuite) TestTrustedPushSignsAllFirstLevelRolesWeHaveKeysFor(c *check.C) {
+	testRequires(c, NotaryHosting)
+	repoName := fmt.Sprintf("%v/dockerclimanyroles/trusted", privateRegistryURL)
+	targetName := fmt.Sprintf("%s:latest", repoName)
+	s.notaryInitRepo(c, repoName)
+	s.notaryCreateDelegation(c, repoName, "targets/role1", s.not.keys[0].Public)
+	s.notaryCreateDelegation(c, repoName, "targets/role2", s.not.keys[1].Public)
+	s.notaryCreateDelegation(c, repoName, "targets/role3", s.not.keys[2].Public)
+
+	// import everything except the third key
+	s.notaryImportKey(c, repoName, "targets/role1", s.not.keys[0].Private)
+	s.notaryImportKey(c, repoName, "targets/role2", s.not.keys[1].Private)
+
+	s.notaryCreateDelegation(c, repoName, "targets/role1/subrole", s.not.keys[3].Public)
+	s.notaryImportKey(c, repoName, "targets/role1/subrole", s.not.keys[3].Private)
+
+	s.notaryPublish(c, repoName)
+
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", targetName)
+
+	pushCmd := exec.Command(dockerBinary, "push", targetName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil, check.Commentf("trusted push failed: %s\n%s", err, out))
+	c.Assert(out, checker.Contains, "Signing and pushing trust metadata", check.Commentf("Missing expected output on trusted push with existing tag"))
+
+	// check to make sure that the target has been added to targets/role1 and targets/role2, and
+	// not targets (because there are delegations) or targets/role3 (due to missing key) or
+	// targets/role1/subrole (due to it being a second level delegation)
+	s.assertTargetInRoles(c, repoName, "latest", "targets/role1", "targets/role2")
+	s.assertTargetNotInRoles(c, repoName, "latest", "targets")
+
+	// Try pull after push
+	os.RemoveAll(filepath.Join(cliconfig.ConfigDir(), "trust"))
+
+	// pull should fail because none of these are the releases role
+	pullCmd := exec.Command(dockerBinary, "pull", targetName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+	c.Assert(err, check.NotNil, check.Commentf(out))
+}
+
+func (s *DockerTrustSuite) TestTrustedPushSignsForRolesWithKeysAndValidPaths(c *check.C) {
+	repoName := fmt.Sprintf("%v/dockerclirolesbykeysandpaths/trusted", privateRegistryURL)
+	targetName := fmt.Sprintf("%s:latest", repoName)
+	s.notaryInitRepo(c, repoName)
+	s.notaryCreateDelegation(c, repoName, "targets/role1", s.not.keys[0].Public, "l", "z")
+	s.notaryCreateDelegation(c, repoName, "targets/role2", s.not.keys[1].Public, "x", "y")
+	s.notaryCreateDelegation(c, repoName, "targets/role3", s.not.keys[2].Public, "latest")
+	s.notaryCreateDelegation(c, repoName, "targets/role4", s.not.keys[3].Public, "latest")
+
+	// import everything except the third key
+	s.notaryImportKey(c, repoName, "targets/role1", s.not.keys[0].Private)
+	s.notaryImportKey(c, repoName, "targets/role2", s.not.keys[1].Private)
+	s.notaryImportKey(c, repoName, "targets/role4", s.not.keys[3].Private)
+
+	s.notaryPublish(c, repoName)
+
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", targetName)
+
+	pushCmd := exec.Command(dockerBinary, "push", targetName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.IsNil, check.Commentf("trusted push failed: %s\n%s", err, out))
+	c.Assert(out, checker.Contains, "Signing and pushing trust metadata", check.Commentf("Missing expected output on trusted push with existing tag"))
+
+	// check to make sure that the target has been added to targets/role1 and targets/role4, and
+	// not targets (because there are delegations) or targets/role2 (due to path restrictions) or
+	// targets/role3 (due to missing key)
+	s.assertTargetInRoles(c, repoName, "latest", "targets/role1", "targets/role4")
+	s.assertTargetNotInRoles(c, repoName, "latest", "targets")
+
+	// Try pull after push
+	os.RemoveAll(filepath.Join(cliconfig.ConfigDir(), "trust"))
+
+	// pull should fail because none of these are the releases role
+	pullCmd := exec.Command(dockerBinary, "pull", targetName)
+	s.trustedCmd(pullCmd)
+	out, _, err = runCommandWithOutput(pullCmd)
+	c.Assert(err, check.NotNil, check.Commentf(out))
+}
+
+func (s *DockerTrustSuite) TestTrustedPushDoesntSignTargetsIfDelegationsExist(c *check.C) {
+	testRequires(c, NotaryHosting)
+	repoName := fmt.Sprintf("%v/dockerclireleasedelegationnotsignable/trusted", privateRegistryURL)
+	targetName := fmt.Sprintf("%s:latest", repoName)
+	s.notaryInitRepo(c, repoName)
+	s.notaryCreateDelegation(c, repoName, "targets/role1", s.not.keys[0].Public)
+	s.notaryPublish(c, repoName)
+
+	// do not import any delegations key
+
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", targetName)
+
+	pushCmd := exec.Command(dockerBinary, "push", targetName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+	c.Assert(err, check.NotNil, check.Commentf("trusted push succeeded but should have failed:\n%s", out))
+	c.Assert(out, checker.Contains, "no valid signing keys",
+		check.Commentf("Missing expected output on trusted push without keys"))
+
+	s.assertTargetNotInRoles(c, repoName, "latest", "targets", "targets/role1")
+}
+
+func (s *DockerRegistryAuthHtpasswdSuite) TestPushNoCredentialsNoRetry(c *check.C) {
+	repoName := fmt.Sprintf("%s/busybox", privateRegistryURL)
+	dockerCmd(c, "tag", "busybox", repoName)
+	out, _, err := dockerCmdWithError("push", repoName)
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	c.Assert(out, check.Not(checker.Contains), "Retrying")
+	c.Assert(out, checker.Contains, "no basic auth credentials")
+}
+
+// This may be flaky but it's needed not to regress on unauthorized push, see #21054
+func (s *DockerSuite) TestPushToCentralRegistryUnauthorized(c *check.C) {
+	testRequires(c, Network)
+	repoName := "test/busybox"
+	dockerCmd(c, "tag", "busybox", repoName)
+	out, _, err := dockerCmdWithError("push", repoName)
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	c.Assert(out, check.Not(checker.Contains), "Retrying")
+}
+
+func getTestTokenService(status int, body string) *httptest.Server {
+	return httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.WriteHeader(status)
+		w.Header().Set("Content-Type", "application/json")
+		w.Write([]byte(body))
+	}))
+}
+
+func (s *DockerRegistryAuthTokenSuite) TestPushTokenServiceUnauthResponse(c *check.C) {
+	ts := getTestTokenService(http.StatusUnauthorized, `{"errors": [{"Code":"UNAUTHORIZED", "message": "a message", "detail": null}]}`)
+	defer ts.Close()
+	s.setupRegistryWithTokenService(c, ts.URL)
+	repoName := fmt.Sprintf("%s/busybox", privateRegistryURL)
+	dockerCmd(c, "tag", "busybox", repoName)
+	out, _, err := dockerCmdWithError("push", repoName)
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Not(checker.Contains), "Retrying")
+	c.Assert(out, checker.Contains, "unauthorized: a message")
+}
+
+func (s *DockerRegistryAuthTokenSuite) TestPushMisconfiguredTokenServiceResponseUnauthorized(c *check.C) {
+	ts := getTestTokenService(http.StatusUnauthorized, `{"error": "unauthorized"}`)
+	defer ts.Close()
+	s.setupRegistryWithTokenService(c, ts.URL)
+	repoName := fmt.Sprintf("%s/busybox", privateRegistryURL)
+	dockerCmd(c, "tag", "busybox", repoName)
+	out, _, err := dockerCmdWithError("push", repoName)
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Not(checker.Contains), "Retrying")
+	split := strings.Split(out, "\n")
+	c.Assert(split[len(split)-2], check.Equals, "unauthorized: authentication required")
+}
+
+func (s *DockerRegistryAuthTokenSuite) TestPushMisconfiguredTokenServiceResponseError(c *check.C) {
+	ts := getTestTokenService(http.StatusInternalServerError, `{"error": "unexpected"}`)
+	defer ts.Close()
+	s.setupRegistryWithTokenService(c, ts.URL)
+	repoName := fmt.Sprintf("%s/busybox", privateRegistryURL)
+	dockerCmd(c, "tag", "busybox", repoName)
+	out, _, err := dockerCmdWithError("push", repoName)
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, "Retrying")
+	split := strings.Split(out, "\n")
+	c.Assert(split[len(split)-2], check.Equals, "received unexpected HTTP status: 500 Internal Server Error")
+}
+
+func (s *DockerRegistryAuthTokenSuite) TestPushMisconfiguredTokenServiceResponseUnparsable(c *check.C) {
+	ts := getTestTokenService(http.StatusForbidden, `no way`)
+	defer ts.Close()
+	s.setupRegistryWithTokenService(c, ts.URL)
+	repoName := fmt.Sprintf("%s/busybox", privateRegistryURL)
+	dockerCmd(c, "tag", "busybox", repoName)
+	out, _, err := dockerCmdWithError("push", repoName)
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Not(checker.Contains), "Retrying")
+	split := strings.Split(out, "\n")
+	c.Assert(split[len(split)-2], checker.Contains, "error parsing HTTP 403 response body: ")
+}
+
+func (s *DockerRegistryAuthTokenSuite) TestPushMisconfiguredTokenServiceResponseNoToken(c *check.C) {
+	ts := getTestTokenService(http.StatusOK, `{"something": "wrong"}`)
+	defer ts.Close()
+	s.setupRegistryWithTokenService(c, ts.URL)
+	repoName := fmt.Sprintf("%s/busybox", privateRegistryURL)
+	dockerCmd(c, "tag", "busybox", repoName)
+	out, _, err := dockerCmdWithError("push", repoName)
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Not(checker.Contains), "Retrying")
+	split := strings.Split(out, "\n")
+	c.Assert(split[len(split)-2], check.Equals, "authorization server did not include a token in the response")
+}
diff --git a/integration-cli/docker_cli_registry_user_agent_test.go b/integration-cli/docker_cli_registry_user_agent_test.go
new file mode 100644
index 00000000..67a950ca
--- /dev/null
+++ b/integration-cli/docker_cli_registry_user_agent_test.go
@@ -0,0 +1,120 @@
+package main
+
+import (
+	"fmt"
+	"net/http"
+	"regexp"
+
+	"github.com/go-check/check"
+)
+
+// unescapeBackslashSemicolonParens unescapes \;()
+func unescapeBackslashSemicolonParens(s string) string {
+	re := regexp.MustCompile(`\\;`)
+	ret := re.ReplaceAll([]byte(s), []byte(";"))
+
+	re = regexp.MustCompile(`\\\(`)
+	ret = re.ReplaceAll([]byte(ret), []byte("("))
+
+	re = regexp.MustCompile(`\\\)`)
+	ret = re.ReplaceAll([]byte(ret), []byte(")"))
+
+	re = regexp.MustCompile(`\\\\`)
+	ret = re.ReplaceAll([]byte(ret), []byte(`\`))
+
+	return string(ret)
+}
+
+func regexpCheckUA(c *check.C, ua string) {
+	re := regexp.MustCompile("(?P<dockerUA>.+) UpstreamClient(?P<upstreamUA>.+)")
+	substrArr := re.FindStringSubmatch(ua)
+
+	c.Assert(substrArr, check.HasLen, 3, check.Commentf("Expected 'UpstreamClient()' with upstream client UA"))
+	dockerUA := substrArr[1]
+	upstreamUAEscaped := substrArr[2]
+
+	// check dockerUA looks correct
+	reDockerUA := regexp.MustCompile("^docker/[0-9A-Za-z+]")
+	bMatchDockerUA := reDockerUA.MatchString(dockerUA)
+	c.Assert(bMatchDockerUA, check.Equals, true, check.Commentf("Docker Engine User-Agent malformed"))
+
+	// check upstreamUA looks correct
+	// Expecting something like:  Docker-Client/1.11.0-dev (linux)
+	upstreamUA := unescapeBackslashSemicolonParens(upstreamUAEscaped)
+	reUpstreamUA := regexp.MustCompile("^\\(Docker-Client/[0-9A-Za-z+]")
+	bMatchUpstreamUA := reUpstreamUA.MatchString(upstreamUA)
+	c.Assert(bMatchUpstreamUA, check.Equals, true, check.Commentf("(Upstream) Docker Client User-Agent malformed"))
+}
+
+func registerUserAgentHandler(reg *testRegistry, result *string) {
+	reg.registerHandler("/v2/", func(w http.ResponseWriter, r *http.Request) {
+		w.WriteHeader(404)
+		var ua string
+		for k, v := range r.Header {
+			if k == "User-Agent" {
+				ua = v[0]
+			}
+		}
+		*result = ua
+	})
+}
+
+// TestUserAgentPassThroughOnPull verifies that when an image is pulled from
+// a registry, the registry should see a User-Agent string of the form
+//   [docker engine UA] UptreamClientSTREAM-CLIENT([client UA])
+func (s *DockerRegistrySuite) TestUserAgentPassThrough(c *check.C) {
+	var (
+		buildUA string
+		pullUA  string
+		pushUA  string
+		loginUA string
+	)
+
+	buildReg, err := newTestRegistry(c)
+	c.Assert(err, check.IsNil)
+	registerUserAgentHandler(buildReg, &buildUA)
+	buildRepoName := fmt.Sprintf("%s/busybox", buildReg.hostport)
+
+	pullReg, err := newTestRegistry(c)
+	c.Assert(err, check.IsNil)
+	registerUserAgentHandler(pullReg, &pullUA)
+	pullRepoName := fmt.Sprintf("%s/busybox", pullReg.hostport)
+
+	pushReg, err := newTestRegistry(c)
+	c.Assert(err, check.IsNil)
+	registerUserAgentHandler(pushReg, &pushUA)
+	pushRepoName := fmt.Sprintf("%s/busybox", pushReg.hostport)
+
+	loginReg, err := newTestRegistry(c)
+	c.Assert(err, check.IsNil)
+	registerUserAgentHandler(loginReg, &loginUA)
+
+	err = s.d.Start(
+		"--insecure-registry", buildReg.hostport,
+		"--insecure-registry", pullReg.hostport,
+		"--insecure-registry", pushReg.hostport,
+		"--insecure-registry", loginReg.hostport,
+		"--disable-legacy-registry=true")
+	c.Assert(err, check.IsNil)
+
+	dockerfileName, cleanup1, err := makefile(fmt.Sprintf("FROM %s", buildRepoName))
+	c.Assert(err, check.IsNil, check.Commentf("Unable to create test dockerfile"))
+	defer cleanup1()
+	s.d.Cmd("build", "--file", dockerfileName, ".")
+	regexpCheckUA(c, buildUA)
+
+	s.d.Cmd("login", "-u", "richard", "-p", "testtest", "-e", "testuser@testdomain.com", loginReg.hostport)
+	regexpCheckUA(c, loginUA)
+
+	s.d.Cmd("pull", pullRepoName)
+	regexpCheckUA(c, pullUA)
+
+	dockerfileName, cleanup2, err := makefile(`FROM scratch
+	ENV foo bar`)
+	c.Assert(err, check.IsNil, check.Commentf("Unable to create test dockerfile"))
+	defer cleanup2()
+	s.d.Cmd("build", "-t", pushRepoName, "--file", dockerfileName, ".")
+
+	s.d.Cmd("push", pushRepoName)
+	regexpCheckUA(c, pushUA)
+}
diff --git a/integration-cli/docker_cli_rename_test.go b/integration-cli/docker_cli_rename_test.go
new file mode 100644
index 00000000..cbb60f85
--- /dev/null
+++ b/integration-cli/docker_cli_rename_test.go
@@ -0,0 +1,86 @@
+package main
+
+import (
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestRenameStoppedContainer(c *check.C) {
+	out, _ := dockerCmd(c, "run", "--name", "first_name", "-d", "busybox", "sh")
+
+	cleanedContainerID := strings.TrimSpace(out)
+	dockerCmd(c, "wait", cleanedContainerID)
+
+	name := inspectField(c, cleanedContainerID, "Name")
+	newName := "new_name" + stringid.GenerateNonCryptoID()
+	dockerCmd(c, "rename", "first_name", newName)
+
+	name = inspectField(c, cleanedContainerID, "Name")
+	c.Assert(name, checker.Equals, "/"+newName, check.Commentf("Failed to rename container %s", name))
+
+}
+
+func (s *DockerSuite) TestRenameRunningContainer(c *check.C) {
+	out, _ := dockerCmd(c, "run", "--name", "first_name", "-d", "busybox", "sh")
+
+	newName := "new_name" + stringid.GenerateNonCryptoID()
+	cleanedContainerID := strings.TrimSpace(out)
+	dockerCmd(c, "rename", "first_name", newName)
+
+	name := inspectField(c, cleanedContainerID, "Name")
+	c.Assert(name, checker.Equals, "/"+newName, check.Commentf("Failed to rename container %s", name))
+}
+
+func (s *DockerSuite) TestRenameRunningContainerAndReuse(c *check.C) {
+	out, _ := runSleepingContainer(c, "--name", "first_name")
+	c.Assert(waitRun("first_name"), check.IsNil)
+
+	newName := "new_name"
+	ContainerID := strings.TrimSpace(out)
+	dockerCmd(c, "rename", "first_name", newName)
+
+	name := inspectField(c, ContainerID, "Name")
+	c.Assert(name, checker.Equals, "/"+newName, check.Commentf("Failed to rename container"))
+
+	out, _ = runSleepingContainer(c, "--name", "first_name")
+	c.Assert(waitRun("first_name"), check.IsNil)
+	newContainerID := strings.TrimSpace(out)
+	name = inspectField(c, newContainerID, "Name")
+	c.Assert(name, checker.Equals, "/first_name", check.Commentf("Failed to reuse container name"))
+}
+
+func (s *DockerSuite) TestRenameCheckNames(c *check.C) {
+	dockerCmd(c, "run", "--name", "first_name", "-d", "busybox", "sh")
+
+	newName := "new_name" + stringid.GenerateNonCryptoID()
+	dockerCmd(c, "rename", "first_name", newName)
+
+	name := inspectField(c, newName, "Name")
+	c.Assert(name, checker.Equals, "/"+newName, check.Commentf("Failed to rename container %s", name))
+
+	name, err := inspectFieldWithError("first_name", "Name")
+	c.Assert(err, checker.NotNil, check.Commentf(name))
+	c.Assert(err.Error(), checker.Contains, "No such image or container: first_name")
+}
+
+func (s *DockerSuite) TestRenameInvalidName(c *check.C) {
+	runSleepingContainer(c, "--name", "myname")
+
+	out, _, err := dockerCmdWithError("rename", "myname", "new:invalid")
+	c.Assert(err, checker.NotNil, check.Commentf("Renaming container to invalid name should have failed: %s", out))
+	c.Assert(out, checker.Contains, "Invalid container name", check.Commentf("%v", err))
+
+	out, _, err = dockerCmdWithError("rename", "myname", "")
+	c.Assert(err, checker.NotNil, check.Commentf("Renaming container to invalid name should have failed: %s", out))
+	c.Assert(out, checker.Contains, "may be empty", check.Commentf("%v", err))
+
+	out, _, err = dockerCmdWithError("rename", "", "newname")
+	c.Assert(err, checker.NotNil, check.Commentf("Renaming container with empty name should have failed: %s", out))
+	c.Assert(out, checker.Contains, "may be empty", check.Commentf("%v", err))
+
+	out, _ = dockerCmd(c, "ps", "-a")
+	c.Assert(out, checker.Contains, "myname", check.Commentf("Output of docker ps should have included 'myname': %s", out))
+}
diff --git a/integration-cli/docker_cli_restart_test.go b/integration-cli/docker_cli_restart_test.go
new file mode 100644
index 00000000..31c89203
--- /dev/null
+++ b/integration-cli/docker_cli_restart_test.go
@@ -0,0 +1,249 @@
+package main
+
+import (
+	"os"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestRestartStoppedContainer(c *check.C) {
+	dockerCmd(c, "run", "--name=test", "busybox", "echo", "foobar")
+	cleanedContainerID, err := getIDByName("test")
+	c.Assert(err, check.IsNil)
+
+	out, _ := dockerCmd(c, "logs", cleanedContainerID)
+	c.Assert(out, checker.Equals, "foobar\n")
+
+	dockerCmd(c, "restart", cleanedContainerID)
+
+	// Wait until the container has stopped
+	err = waitInspect(cleanedContainerID, "{{.State.Running}}", "false", 20*time.Second)
+	c.Assert(err, checker.IsNil)
+
+	out, _ = dockerCmd(c, "logs", cleanedContainerID)
+	c.Assert(out, checker.Equals, "foobar\nfoobar\n")
+}
+
+func (s *DockerSuite) TestRestartRunningContainer(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", "echo foobar && sleep 30 && echo 'should not print this'")
+
+	cleanedContainerID := strings.TrimSpace(out)
+
+	c.Assert(waitRun(cleanedContainerID), checker.IsNil)
+
+	out, _ = dockerCmd(c, "logs", cleanedContainerID)
+	c.Assert(out, checker.Equals, "foobar\n")
+
+	dockerCmd(c, "restart", "-t", "1", cleanedContainerID)
+
+	out, _ = dockerCmd(c, "logs", cleanedContainerID)
+
+	c.Assert(waitRun(cleanedContainerID), checker.IsNil)
+
+	c.Assert(out, checker.Equals, "foobar\nfoobar\n")
+}
+
+// Test that restarting a container with a volume does not create a new volume on restart. Regression test for #819.
+func (s *DockerSuite) TestRestartWithVolumes(c *check.C) {
+	prefix, slash := getPrefixAndSlashFromDaemonPlatform()
+	out, _ := runSleepingContainer(c, "-d", "-v", prefix+slash+"test")
+
+	cleanedContainerID := strings.TrimSpace(out)
+	out, err := inspectFilter(cleanedContainerID, "len .Mounts")
+	c.Assert(err, check.IsNil, check.Commentf("failed to inspect %s: %s", cleanedContainerID, out))
+	out = strings.Trim(out, " \n\r")
+	c.Assert(out, checker.Equals, "1")
+
+	source, err := inspectMountSourceField(cleanedContainerID, prefix+slash+"test")
+	c.Assert(err, checker.IsNil)
+
+	dockerCmd(c, "restart", cleanedContainerID)
+
+	out, err = inspectFilter(cleanedContainerID, "len .Mounts")
+	c.Assert(err, check.IsNil, check.Commentf("failed to inspect %s: %s", cleanedContainerID, out))
+	out = strings.Trim(out, " \n\r")
+	c.Assert(out, checker.Equals, "1")
+
+	sourceAfterRestart, err := inspectMountSourceField(cleanedContainerID, prefix+slash+"test")
+	c.Assert(err, checker.IsNil)
+	c.Assert(source, checker.Equals, sourceAfterRestart)
+}
+
+func (s *DockerSuite) TestRestartPolicyNO(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "--restart=no", "busybox", "false")
+
+	id := strings.TrimSpace(string(out))
+	name := inspectField(c, id, "HostConfig.RestartPolicy.Name")
+	c.Assert(name, checker.Equals, "no")
+}
+
+func (s *DockerSuite) TestRestartPolicyAlways(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "--restart=always", "busybox", "false")
+
+	id := strings.TrimSpace(string(out))
+	name := inspectField(c, id, "HostConfig.RestartPolicy.Name")
+	c.Assert(name, checker.Equals, "always")
+
+	MaximumRetryCount := inspectField(c, id, "HostConfig.RestartPolicy.MaximumRetryCount")
+
+	// MaximumRetryCount=0 if the restart policy is always
+	c.Assert(MaximumRetryCount, checker.Equals, "0")
+}
+
+func (s *DockerSuite) TestRestartPolicyOnFailure(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "--restart=on-failure:1", "busybox", "false")
+
+	id := strings.TrimSpace(string(out))
+	name := inspectField(c, id, "HostConfig.RestartPolicy.Name")
+	c.Assert(name, checker.Equals, "on-failure")
+
+}
+
+// a good container with --restart=on-failure:3
+// MaximumRetryCount!=0; RestartCount=0
+func (s *DockerSuite) TestRestartContainerwithGoodContainer(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "--restart=on-failure:3", "busybox", "true")
+
+	id := strings.TrimSpace(string(out))
+	err := waitInspect(id, "{{ .State.Restarting }} {{ .State.Running }}", "false false", 30*time.Second)
+	c.Assert(err, checker.IsNil)
+
+	count := inspectField(c, id, "RestartCount")
+	c.Assert(count, checker.Equals, "0")
+
+	MaximumRetryCount := inspectField(c, id, "HostConfig.RestartPolicy.MaximumRetryCount")
+	c.Assert(MaximumRetryCount, checker.Equals, "3")
+
+}
+
+func (s *DockerSuite) TestRestartContainerSuccess(c *check.C) {
+	testRequires(c, SameHostDaemon)
+
+	out, _ := runSleepingContainer(c, "-d", "--restart=always")
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), check.IsNil)
+
+	pidStr := inspectField(c, id, "State.Pid")
+
+	pid, err := strconv.Atoi(pidStr)
+	c.Assert(err, check.IsNil)
+
+	p, err := os.FindProcess(pid)
+	c.Assert(err, check.IsNil)
+	c.Assert(p, check.NotNil)
+
+	err = p.Kill()
+	c.Assert(err, check.IsNil)
+
+	err = waitInspect(id, "{{.RestartCount}}", "1", 30*time.Second)
+	c.Assert(err, check.IsNil)
+
+	err = waitInspect(id, "{{.State.Status}}", "running", 30*time.Second)
+	c.Assert(err, check.IsNil)
+}
+
+func (s *DockerSuite) TestRestartWithPolicyUserDefinedNetwork(c *check.C) {
+	// TODO Windows. This may be portable following HNS integration post TP5.
+	testRequires(c, DaemonIsLinux, SameHostDaemon, NotUserNamespace, NotArm)
+	dockerCmd(c, "network", "create", "-d", "bridge", "udNet")
+
+	dockerCmd(c, "run", "-d", "--net=udNet", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+
+	dockerCmd(c, "run", "-d", "--restart=always", "--net=udNet", "--name=second",
+		"--link=first:foo", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+
+	// ping to first and its alias foo must succeed
+	_, _, err := dockerCmdWithError("exec", "second", "ping", "-c", "1", "first")
+	c.Assert(err, check.IsNil)
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "foo")
+	c.Assert(err, check.IsNil)
+
+	// Now kill the second container and let the restart policy kick in
+	pidStr := inspectField(c, "second", "State.Pid")
+
+	pid, err := strconv.Atoi(pidStr)
+	c.Assert(err, check.IsNil)
+
+	p, err := os.FindProcess(pid)
+	c.Assert(err, check.IsNil)
+	c.Assert(p, check.NotNil)
+
+	err = p.Kill()
+	c.Assert(err, check.IsNil)
+
+	err = waitInspect("second", "{{.RestartCount}}", "1", 5*time.Second)
+	c.Assert(err, check.IsNil)
+
+	err = waitInspect("second", "{{.State.Status}}", "running", 5*time.Second)
+
+	// ping to first and its alias foo must still succeed
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "first")
+	c.Assert(err, check.IsNil)
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "foo")
+	c.Assert(err, check.IsNil)
+}
+
+func (s *DockerSuite) TestRestartPolicyAfterRestart(c *check.C) {
+	testRequires(c, SameHostDaemon)
+
+	out, _ := runSleepingContainer(c, "-d", "--restart=always")
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), check.IsNil)
+
+	dockerCmd(c, "restart", id)
+
+	c.Assert(waitRun(id), check.IsNil)
+
+	pidStr := inspectField(c, id, "State.Pid")
+
+	pid, err := strconv.Atoi(pidStr)
+	c.Assert(err, check.IsNil)
+
+	p, err := os.FindProcess(pid)
+	c.Assert(err, check.IsNil)
+	c.Assert(p, check.NotNil)
+
+	err = p.Kill()
+	c.Assert(err, check.IsNil)
+
+	err = waitInspect(id, "{{.RestartCount}}", "1", 30*time.Second)
+	c.Assert(err, check.IsNil)
+
+	err = waitInspect(id, "{{.State.Status}}", "running", 30*time.Second)
+	c.Assert(err, check.IsNil)
+}
+
+func (s *DockerSuite) TestRestartContainerwithRestartPolicy(c *check.C) {
+	out1, _ := dockerCmd(c, "run", "-d", "--restart=on-failure:3", "busybox", "false")
+	out2, _ := dockerCmd(c, "run", "-d", "--restart=always", "busybox", "false")
+
+	id1 := strings.TrimSpace(string(out1))
+	id2 := strings.TrimSpace(string(out2))
+	err := waitInspect(id1, "{{ .State.Restarting }} {{ .State.Running }}", "false false", 30*time.Second)
+	c.Assert(err, checker.IsNil)
+
+	// TODO: fix racey problem during restart:
+	// https://jenkins.dockerproject.org/job/Docker-PRs-Win2Lin/24665/console
+	// Error response from daemon: Cannot restart container 6655f620d90b390527db23c0a15b3e46d86a58ecec20a5697ab228d860174251: remove /var/run/docker/libcontainerd/6655f620d90b390527db23c0a15b3e46d86a58ecec20a5697ab228d860174251/rootfs: device or resource busy
+	if _, _, err := dockerCmdWithError("restart", id1); err != nil {
+		// if restart met racey problem, try again
+		time.Sleep(500 * time.Millisecond)
+		dockerCmd(c, "restart", id1)
+	}
+	if _, _, err := dockerCmdWithError("restart", id2); err != nil {
+		// if restart met racey problem, try again
+		time.Sleep(500 * time.Millisecond)
+		dockerCmd(c, "restart", id2)
+	}
+
+	dockerCmd(c, "stop", id1)
+	dockerCmd(c, "stop", id2)
+	dockerCmd(c, "start", id1)
+	dockerCmd(c, "start", id2)
+}
diff --git a/integration-cli/docker_cli_rm_test.go b/integration-cli/docker_cli_rm_test.go
new file mode 100644
index 00000000..0186c567
--- /dev/null
+++ b/integration-cli/docker_cli_rm_test.go
@@ -0,0 +1,86 @@
+package main
+
+import (
+	"io/ioutil"
+	"os"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestRmContainerWithRemovedVolume(c *check.C) {
+	testRequires(c, SameHostDaemon)
+
+	prefix, slash := getPrefixAndSlashFromDaemonPlatform()
+
+	tempDir, err := ioutil.TempDir("", "test-rm-container-with-removed-volume-")
+	if err != nil {
+		c.Fatalf("failed to create temporary directory: %s", tempDir)
+	}
+	defer os.RemoveAll(tempDir)
+
+	dockerCmd(c, "run", "--name", "losemyvolumes", "-v", tempDir+":"+prefix+slash+"test", "busybox", "true")
+
+	err = os.RemoveAll(tempDir)
+	c.Assert(err, check.IsNil)
+
+	dockerCmd(c, "rm", "-v", "losemyvolumes")
+}
+
+func (s *DockerSuite) TestRmContainerWithVolume(c *check.C) {
+	prefix, slash := getPrefixAndSlashFromDaemonPlatform()
+
+	dockerCmd(c, "run", "--name", "foo", "-v", prefix+slash+"srv", "busybox", "true")
+
+	dockerCmd(c, "rm", "-v", "foo")
+}
+
+func (s *DockerSuite) TestRmContainerRunning(c *check.C) {
+	createRunningContainer(c, "foo")
+
+	_, _, err := dockerCmdWithError("rm", "foo")
+	c.Assert(err, checker.NotNil, check.Commentf("Expected error, can't rm a running container"))
+}
+
+func (s *DockerSuite) TestRmContainerForceRemoveRunning(c *check.C) {
+	createRunningContainer(c, "foo")
+
+	// Stop then remove with -s
+	dockerCmd(c, "rm", "-f", "foo")
+}
+
+func (s *DockerSuite) TestRmContainerOrphaning(c *check.C) {
+	dockerfile1 := `FROM busybox:latest
+	ENTRYPOINT ["true"]`
+	img := "test-container-orphaning"
+	dockerfile2 := `FROM busybox:latest
+	ENTRYPOINT ["true"]
+	MAINTAINER Integration Tests`
+
+	// build first dockerfile
+	img1, err := buildImage(img, dockerfile1, true)
+	c.Assert(err, check.IsNil, check.Commentf("Could not build image %s", img))
+	// run container on first image
+	dockerCmd(c, "run", img)
+	// rebuild dockerfile with a small addition at the end
+	_, err = buildImage(img, dockerfile2, true)
+	c.Assert(err, check.IsNil, check.Commentf("Could not rebuild image %s", img))
+	// try to remove the image, should not error out.
+	out, _, err := dockerCmdWithError("rmi", img)
+	c.Assert(err, check.IsNil, check.Commentf("Expected to removing the image, but failed: %s", out))
+
+	// check if we deleted the first image
+	out, _ = dockerCmd(c, "images", "-q", "--no-trunc")
+	c.Assert(out, checker.Contains, img1, check.Commentf("Orphaned container (could not find %q in docker images): %s", img1, out))
+
+}
+
+func (s *DockerSuite) TestRmInvalidContainer(c *check.C) {
+	out, _, err := dockerCmdWithError("rm", "unknown")
+	c.Assert(err, checker.NotNil, check.Commentf("Expected error on rm unknown container, got none"))
+	c.Assert(out, checker.Contains, "No such container")
+}
+
+func createRunningContainer(c *check.C, name string) {
+	runSleepingContainer(c, "-dt", "--name", name)
+}
diff --git a/integration-cli/docker_cli_rmi_test.go b/integration-cli/docker_cli_rmi_test.go
new file mode 100644
index 00000000..697be326
--- /dev/null
+++ b/integration-cli/docker_cli_rmi_test.go
@@ -0,0 +1,362 @@
+package main
+
+import (
+	"fmt"
+	"os/exec"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestRmiWithContainerFails(c *check.C) {
+	errSubstr := "is using it"
+
+	// create a container
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "true")
+
+	cleanedContainerID := strings.TrimSpace(out)
+
+	// try to delete the image
+	out, _, err := dockerCmdWithError("rmi", "busybox")
+	// Container is using image, should not be able to rmi
+	c.Assert(err, checker.NotNil)
+	// Container is using image, error message should contain errSubstr
+	c.Assert(out, checker.Contains, errSubstr, check.Commentf("Container: %q", cleanedContainerID))
+
+	// make sure it didn't delete the busybox name
+	images, _ := dockerCmd(c, "images")
+	// The name 'busybox' should not have been removed from images
+	c.Assert(images, checker.Contains, "busybox")
+}
+
+func (s *DockerSuite) TestRmiTag(c *check.C) {
+	imagesBefore, _ := dockerCmd(c, "images", "-a")
+	dockerCmd(c, "tag", "busybox", "utest:tag1")
+	dockerCmd(c, "tag", "busybox", "utest/docker:tag2")
+	dockerCmd(c, "tag", "busybox", "utest:5000/docker:tag3")
+	{
+		imagesAfter, _ := dockerCmd(c, "images", "-a")
+		c.Assert(strings.Count(imagesAfter, "\n"), checker.Equals, strings.Count(imagesBefore, "\n")+3, check.Commentf("before: %q\n\nafter: %q\n", imagesBefore, imagesAfter))
+	}
+	dockerCmd(c, "rmi", "utest/docker:tag2")
+	{
+		imagesAfter, _ := dockerCmd(c, "images", "-a")
+		c.Assert(strings.Count(imagesAfter, "\n"), checker.Equals, strings.Count(imagesBefore, "\n")+2, check.Commentf("before: %q\n\nafter: %q\n", imagesBefore, imagesAfter))
+	}
+	dockerCmd(c, "rmi", "utest:5000/docker:tag3")
+	{
+		imagesAfter, _ := dockerCmd(c, "images", "-a")
+		c.Assert(strings.Count(imagesAfter, "\n"), checker.Equals, strings.Count(imagesBefore, "\n")+1, check.Commentf("before: %q\n\nafter: %q\n", imagesBefore, imagesAfter))
+
+	}
+	dockerCmd(c, "rmi", "utest:tag1")
+	{
+		imagesAfter, _ := dockerCmd(c, "images", "-a")
+		c.Assert(strings.Count(imagesAfter, "\n"), checker.Equals, strings.Count(imagesBefore, "\n"), check.Commentf("before: %q\n\nafter: %q\n", imagesBefore, imagesAfter))
+
+	}
+}
+
+func (s *DockerSuite) TestRmiImgIDMultipleTag(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "mkdir '/busybox-one'")
+
+	containerID := strings.TrimSpace(out)
+
+	// Wait for it to exit as cannot commit a running container on Windows, and
+	// it will take a few seconds to exit
+	if daemonPlatform == "windows" {
+		err := waitExited(containerID, 60*time.Second)
+		c.Assert(err, check.IsNil)
+	}
+
+	dockerCmd(c, "commit", containerID, "busybox-one")
+
+	imagesBefore, _ := dockerCmd(c, "images", "-a")
+	dockerCmd(c, "tag", "busybox-one", "busybox-one:tag1")
+	dockerCmd(c, "tag", "busybox-one", "busybox-one:tag2")
+
+	imagesAfter, _ := dockerCmd(c, "images", "-a")
+	// tag busybox to create 2 more images with same imageID
+	c.Assert(strings.Count(imagesAfter, "\n"), checker.Equals, strings.Count(imagesBefore, "\n")+2, check.Commentf("docker images shows: %q\n", imagesAfter))
+
+	imgID := inspectField(c, "busybox-one:tag1", "Id")
+
+	// run a container with the image
+	out, _ = runSleepingContainerInImage(c, "busybox-one")
+
+	containerID = strings.TrimSpace(out)
+
+	// first checkout without force it fails
+	out, _, err := dockerCmdWithError("rmi", imgID)
+	expected := fmt.Sprintf("conflict: unable to delete %s (cannot be forced) - image is being used by running container %s", stringid.TruncateID(imgID), stringid.TruncateID(containerID))
+	// rmi tagged in multiple repos should have failed without force
+	c.Assert(err, checker.NotNil)
+	c.Assert(out, checker.Contains, expected)
+
+	dockerCmd(c, "stop", containerID)
+	dockerCmd(c, "rmi", "-f", imgID)
+
+	imagesAfter, _ = dockerCmd(c, "images", "-a")
+	// rmi -f failed, image still exists
+	c.Assert(imagesAfter, checker.Not(checker.Contains), imgID[:12], check.Commentf("ImageID:%q; ImagesAfter: %q", imgID, imagesAfter))
+}
+
+func (s *DockerSuite) TestRmiImgIDForce(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "mkdir '/busybox-test'")
+
+	containerID := strings.TrimSpace(out)
+
+	// Wait for it to exit as cannot commit a running container on Windows, and
+	// it will take a few seconds to exit
+	if daemonPlatform == "windows" {
+		err := waitExited(containerID, 60*time.Second)
+		c.Assert(err, check.IsNil)
+	}
+
+	dockerCmd(c, "commit", containerID, "busybox-test")
+
+	imagesBefore, _ := dockerCmd(c, "images", "-a")
+	dockerCmd(c, "tag", "busybox-test", "utest:tag1")
+	dockerCmd(c, "tag", "busybox-test", "utest:tag2")
+	dockerCmd(c, "tag", "busybox-test", "utest/docker:tag3")
+	dockerCmd(c, "tag", "busybox-test", "utest:5000/docker:tag4")
+	{
+		imagesAfter, _ := dockerCmd(c, "images", "-a")
+		c.Assert(strings.Count(imagesAfter, "\n"), checker.Equals, strings.Count(imagesBefore, "\n")+4, check.Commentf("before: %q\n\nafter: %q\n", imagesBefore, imagesAfter))
+	}
+	imgID := inspectField(c, "busybox-test", "Id")
+
+	// first checkout without force it fails
+	out, _, err := dockerCmdWithError("rmi", imgID)
+	// rmi tagged in multiple repos should have failed without force
+	c.Assert(err, checker.NotNil)
+	// rmi tagged in multiple repos should have failed without force
+	c.Assert(out, checker.Contains, "(must be forced) - image is referenced in one or more repositories", check.Commentf("out: %s; err: %v;", out, err))
+
+	dockerCmd(c, "rmi", "-f", imgID)
+	{
+		imagesAfter, _ := dockerCmd(c, "images", "-a")
+		// rmi failed, image still exists
+		c.Assert(imagesAfter, checker.Not(checker.Contains), imgID[:12])
+	}
+}
+
+// See https://github.com/docker/docker/issues/14116
+func (s *DockerSuite) TestRmiImageIDForceWithRunningContainersAndMultipleTags(c *check.C) {
+	dockerfile := "FROM busybox\nRUN echo test 14116\n"
+	imgID, err := buildImage("test-14116", dockerfile, false)
+	c.Assert(err, checker.IsNil)
+
+	newTag := "newtag"
+	dockerCmd(c, "tag", imgID, newTag)
+	runSleepingContainerInImage(c, imgID)
+
+	out, _, err := dockerCmdWithError("rmi", "-f", imgID)
+	// rmi -f should not delete image with running containers
+	c.Assert(err, checker.NotNil)
+	c.Assert(out, checker.Contains, "(cannot be forced) - image is being used by running container")
+}
+
+func (s *DockerSuite) TestRmiTagWithExistingContainers(c *check.C) {
+	container := "test-delete-tag"
+	newtag := "busybox:newtag"
+	bb := "busybox:latest"
+	dockerCmd(c, "tag", bb, newtag)
+
+	dockerCmd(c, "run", "--name", container, bb, "/bin/true")
+
+	out, _ := dockerCmd(c, "rmi", newtag)
+	c.Assert(strings.Count(out, "Untagged: "), checker.Equals, 1)
+}
+
+func (s *DockerSuite) TestRmiForceWithExistingContainers(c *check.C) {
+	image := "busybox-clone"
+
+	cmd := exec.Command(dockerBinary, "build", "--no-cache", "-t", image, "-")
+	cmd.Stdin = strings.NewReader(`FROM busybox
+MAINTAINER foo`)
+
+	out, _, err := runCommandWithOutput(cmd)
+	c.Assert(err, checker.IsNil, check.Commentf("Could not build %s: %s", image, out))
+
+	dockerCmd(c, "run", "--name", "test-force-rmi", image, "/bin/true")
+
+	dockerCmd(c, "rmi", "-f", image)
+}
+
+func (s *DockerSuite) TestRmiWithMultipleRepositories(c *check.C) {
+	newRepo := "127.0.0.1:5000/busybox"
+	oldRepo := "busybox"
+	newTag := "busybox:test"
+	dockerCmd(c, "tag", oldRepo, newRepo)
+
+	dockerCmd(c, "run", "--name", "test", oldRepo, "touch", "/abcd")
+
+	dockerCmd(c, "commit", "test", newTag)
+
+	out, _ := dockerCmd(c, "rmi", newTag)
+	c.Assert(out, checker.Contains, "Untagged: "+newTag)
+}
+
+func (s *DockerSuite) TestRmiForceWithMultipleRepositories(c *check.C) {
+	imageName := "rmiimage"
+	tag1 := imageName + ":tag1"
+	tag2 := imageName + ":tag2"
+
+	_, err := buildImage(tag1,
+		`FROM busybox
+		MAINTAINER "docker"`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	dockerCmd(c, "tag", tag1, tag2)
+
+	out, _ := dockerCmd(c, "rmi", "-f", tag2)
+	c.Assert(out, checker.Contains, "Untagged: "+tag2)
+	c.Assert(out, checker.Not(checker.Contains), "Untagged: "+tag1)
+
+	// Check built image still exists
+	images, _ := dockerCmd(c, "images", "-a")
+	c.Assert(images, checker.Contains, imageName, check.Commentf("Built image missing %q; Images: %q", imageName, images))
+}
+
+func (s *DockerSuite) TestRmiBlank(c *check.C) {
+	// try to delete a blank image name
+	out, _, err := dockerCmdWithError("rmi", "")
+	// Should have failed to delete '' image
+	c.Assert(err, checker.NotNil)
+	// Wrong error message generated
+	c.Assert(out, checker.Not(checker.Contains), "no such id", check.Commentf("out: %s", out))
+	// Expected error message not generated
+	c.Assert(out, checker.Contains, "image name cannot be blank", check.Commentf("out: %s", out))
+
+	out, _, err = dockerCmdWithError("rmi", " ")
+	// Should have failed to delete ' ' image
+	c.Assert(err, checker.NotNil)
+	// Expected error message not generated
+	c.Assert(out, checker.Contains, "image name cannot be blank", check.Commentf("out: %s", out))
+}
+
+func (s *DockerSuite) TestRmiContainerImageNotFound(c *check.C) {
+	// Build 2 images for testing.
+	imageNames := []string{"test1", "test2"}
+	imageIds := make([]string, 2)
+	for i, name := range imageNames {
+		dockerfile := fmt.Sprintf("FROM busybox\nMAINTAINER %s\nRUN echo %s\n", name, name)
+		id, err := buildImage(name, dockerfile, false)
+		c.Assert(err, checker.IsNil)
+		imageIds[i] = id
+	}
+
+	// Create a long-running container.
+	runSleepingContainerInImage(c, imageNames[0])
+
+	// Create a stopped container, and then force remove its image.
+	dockerCmd(c, "run", imageNames[1], "true")
+	dockerCmd(c, "rmi", "-f", imageIds[1])
+
+	// Try to remove the image of the running container and see if it fails as expected.
+	out, _, err := dockerCmdWithError("rmi", "-f", imageIds[0])
+	// The image of the running container should not be removed.
+	c.Assert(err, checker.NotNil)
+	c.Assert(out, checker.Contains, "image is being used by running container", check.Commentf("out: %s", out))
+}
+
+// #13422
+func (s *DockerSuite) TestRmiUntagHistoryLayer(c *check.C) {
+	image := "tmp1"
+	// Build a image for testing.
+	dockerfile := `FROM busybox
+MAINTAINER foo
+RUN echo 0 #layer0
+RUN echo 1 #layer1
+RUN echo 2 #layer2
+`
+	_, err := buildImage(image, dockerfile, false)
+	c.Assert(err, checker.IsNil)
+
+	out, _ := dockerCmd(c, "history", "-q", image)
+	ids := strings.Split(out, "\n")
+	idToTag := ids[2]
+
+	// Tag layer0 to "tmp2".
+	newTag := "tmp2"
+	dockerCmd(c, "tag", idToTag, newTag)
+	// Create a container based on "tmp1".
+	dockerCmd(c, "run", "-d", image, "true")
+
+	// See if the "tmp2" can be untagged.
+	out, _ = dockerCmd(c, "rmi", newTag)
+	// Expected 1 untagged entry
+	c.Assert(strings.Count(out, "Untagged: "), checker.Equals, 1, check.Commentf("out: %s", out))
+
+	// Now let's add the tag again and create a container based on it.
+	dockerCmd(c, "tag", idToTag, newTag)
+	out, _ = dockerCmd(c, "run", "-d", newTag, "true")
+	cid := strings.TrimSpace(out)
+
+	// At this point we have 2 containers, one based on layer2 and another based on layer0.
+	// Try to untag "tmp2" without the -f flag.
+	out, _, err = dockerCmdWithError("rmi", newTag)
+	// should not be untagged without the -f flag
+	c.Assert(err, checker.NotNil)
+	c.Assert(out, checker.Contains, cid[:12])
+	c.Assert(out, checker.Contains, "(must force)")
+
+	// Add the -f flag and test again.
+	out, _ = dockerCmd(c, "rmi", "-f", newTag)
+	// should be allowed to untag with the -f flag
+	c.Assert(out, checker.Contains, fmt.Sprintf("Untagged: %s:latest", newTag))
+}
+
+func (*DockerSuite) TestRmiParentImageFail(c *check.C) {
+	parent := inspectField(c, "busybox", "Parent")
+	out, _, err := dockerCmdWithError("rmi", parent)
+	c.Assert(err, check.NotNil)
+	if !strings.Contains(out, "image has dependent child images") {
+		c.Fatalf("rmi should have failed because it's a parent image, got %s", out)
+	}
+}
+
+func (s *DockerSuite) TestRmiWithParentInUse(c *check.C) {
+	// TODO Windows. There is a bug either in Windows TP4, or the TP4 compatible
+	// docker which means this test fails. It has been verified to have been fixed
+	// in TP5 and docker/master, hence enable it once CI switch to TP5.
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "create", "busybox")
+	cID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "commit", cID)
+	imageID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "create", imageID)
+	cID = strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "commit", cID)
+	imageID = strings.TrimSpace(out)
+
+	dockerCmd(c, "rmi", imageID)
+}
+
+// #18873
+func (s *DockerSuite) TestRmiByIDHardConflict(c *check.C) {
+	// TODO Windows CI. This will work on a TP5 compatible docker which
+	// has content addressibility fixes. Do not run this on TP4 as it
+	// will end up deleting the busybox image causing subsequent tests to fail.
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "create", "busybox")
+
+	imgID := inspectField(c, "busybox:latest", "Id")
+
+	_, _, err := dockerCmdWithError("rmi", imgID[:12])
+	c.Assert(err, checker.NotNil)
+
+	// check that tag was not removed
+	imgID2 := inspectField(c, "busybox:latest", "Id")
+	c.Assert(imgID, checker.Equals, imgID2)
+}
diff --git a/integration-cli/docker_cli_run_test.go b/integration-cli/docker_cli_run_test.go
new file mode 100644
index 00000000..6e45fca9
--- /dev/null
+++ b/integration-cli/docker_cli_run_test.go
@@ -0,0 +1,4311 @@
+package main
+
+import (
+	"bufio"
+	"bytes"
+	"fmt"
+	"io/ioutil"
+	"net"
+	"os"
+	"os/exec"
+	"path"
+	"path/filepath"
+	"reflect"
+	"regexp"
+	"sort"
+	"strconv"
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/mount"
+	"github.com/docker/docker/pkg/stringutils"
+	"github.com/docker/docker/runconfig"
+	"github.com/docker/go-connections/nat"
+	"github.com/docker/libnetwork/netutils"
+	"github.com/docker/libnetwork/resolvconf"
+	"github.com/go-check/check"
+	libcontainerUser "github.com/opencontainers/runc/libcontainer/user"
+)
+
+// "test123" should be printed by docker run
+func (s *DockerSuite) TestRunEchoStdout(c *check.C) {
+	out, _ := dockerCmd(c, "run", "busybox", "echo", "test123")
+	if out != "test123\n" {
+		c.Fatalf("container should've printed 'test123', got '%s'", out)
+	}
+}
+
+// "test" should be printed
+func (s *DockerSuite) TestRunEchoNamedContainer(c *check.C) {
+	out, _ := dockerCmd(c, "run", "--name", "testfoonamedcontainer", "busybox", "echo", "test")
+	if out != "test\n" {
+		c.Errorf("container should've printed 'test'")
+	}
+}
+
+// docker run should not leak file descriptors. This test relies on Unix
+// specific functionality and cannot run on Windows.
+func (s *DockerSuite) TestRunLeakyFileDescriptors(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "busybox", "ls", "-C", "/proc/self/fd")
+
+	// normally, we should only get 0, 1, and 2, but 3 gets created by "ls" when it does "opendir" on the "fd" directory
+	if out != "0  1  2  3\n" {
+		c.Errorf("container should've printed '0  1  2  3', not: %s", out)
+	}
+}
+
+// it should be possible to lookup Google DNS
+// this will fail when Internet access is unavailable
+func (s *DockerSuite) TestRunLookupGoogleDns(c *check.C) {
+	testRequires(c, Network, NotArm)
+	image := DefaultImage
+	if daemonPlatform == "windows" {
+		// nslookup isn't present in Windows busybox. Is built-in.
+		image = WindowsBaseImage
+	}
+	dockerCmd(c, "run", image, "nslookup", "google.com")
+}
+
+// the exit code should be 0
+func (s *DockerSuite) TestRunExitCodeZero(c *check.C) {
+	dockerCmd(c, "run", "busybox", "true")
+}
+
+// the exit code should be 1
+func (s *DockerSuite) TestRunExitCodeOne(c *check.C) {
+	_, exitCode, err := dockerCmdWithError("run", "busybox", "false")
+	if err != nil && !strings.Contains("exit status 1", fmt.Sprintf("%s", err)) {
+		c.Fatal(err)
+	}
+	if exitCode != 1 {
+		c.Errorf("container should've exited with exit code 1. Got %d", exitCode)
+	}
+}
+
+// it should be possible to pipe in data via stdin to a process running in a container
+func (s *DockerSuite) TestRunStdinPipe(c *check.C) {
+	// TODO Windows: This needs some work to make compatible.
+	testRequires(c, DaemonIsLinux)
+	runCmd := exec.Command(dockerBinary, "run", "-i", "-a", "stdin", "busybox", "cat")
+	runCmd.Stdin = strings.NewReader("blahblah")
+	out, _, _, err := runCommandWithStdoutStderr(runCmd)
+	if err != nil {
+		c.Fatalf("failed to run container: %v, output: %q", err, out)
+	}
+
+	out = strings.TrimSpace(out)
+	dockerCmd(c, "wait", out)
+
+	logsOut, _ := dockerCmd(c, "logs", out)
+
+	containerLogs := strings.TrimSpace(logsOut)
+	if containerLogs != "blahblah" {
+		c.Errorf("logs didn't print the container's logs %s", containerLogs)
+	}
+
+	dockerCmd(c, "rm", out)
+}
+
+// the container's ID should be printed when starting a container in detached mode
+func (s *DockerSuite) TestRunDetachedContainerIDPrinting(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "true")
+
+	out = strings.TrimSpace(out)
+	dockerCmd(c, "wait", out)
+
+	rmOut, _ := dockerCmd(c, "rm", out)
+
+	rmOut = strings.TrimSpace(rmOut)
+	if rmOut != out {
+		c.Errorf("rm didn't print the container ID %s %s", out, rmOut)
+	}
+}
+
+// the working directory should be set correctly
+func (s *DockerSuite) TestRunWorkingDirectory(c *check.C) {
+	// TODO Windows: There's a Windows bug stopping this from working.
+	testRequires(c, DaemonIsLinux)
+	dir := "/root"
+	image := "busybox"
+	if daemonPlatform == "windows" {
+		dir = `/windows`
+		image = WindowsBaseImage
+	}
+
+	// First with -w
+	out, _ := dockerCmd(c, "run", "-w", dir, image, "pwd")
+	out = strings.TrimSpace(out)
+	if out != dir {
+		c.Errorf("-w failed to set working directory")
+	}
+
+	// Then with --workdir
+	out, _ = dockerCmd(c, "run", "--workdir", dir, image, "pwd")
+	out = strings.TrimSpace(out)
+	if out != dir {
+		c.Errorf("--workdir failed to set working directory")
+	}
+}
+
+// pinging Google's DNS resolver should fail when we disable the networking
+func (s *DockerSuite) TestRunWithoutNetworking(c *check.C) {
+	count := "-c"
+	image := "busybox"
+	if daemonPlatform == "windows" {
+		count = "-n"
+		image = WindowsBaseImage
+	}
+
+	// First using the long form --net
+	out, exitCode, err := dockerCmdWithError("run", "--net=none", image, "ping", count, "1", "8.8.8.8")
+	if err != nil && exitCode != 1 {
+		c.Fatal(out, err)
+	}
+	if exitCode != 1 {
+		c.Errorf("--net=none should've disabled the network; the container shouldn't have been able to ping 8.8.8.8")
+	}
+}
+
+//test --link use container name to link target
+func (s *DockerSuite) TestRunLinksContainerWithContainerName(c *check.C) {
+	// TODO Windows: This test cannot run on a Windows daemon as the networking
+	// settings are not populated back yet on inspect.
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "-i", "-t", "-d", "--name", "parent", "busybox")
+
+	ip := inspectField(c, "parent", "NetworkSettings.Networks.bridge.IPAddress")
+
+	out, _ := dockerCmd(c, "run", "--link", "parent:test", "busybox", "/bin/cat", "/etc/hosts")
+	if !strings.Contains(out, ip+"	test") {
+		c.Fatalf("use a container name to link target failed")
+	}
+}
+
+//test --link use container id to link target
+func (s *DockerSuite) TestRunLinksContainerWithContainerId(c *check.C) {
+	// TODO Windows: This test cannot run on a Windows daemon as the networking
+	// settings are not populated back yet on inspect.
+	testRequires(c, DaemonIsLinux)
+	cID, _ := dockerCmd(c, "run", "-i", "-t", "-d", "busybox")
+
+	cID = strings.TrimSpace(cID)
+	ip := inspectField(c, cID, "NetworkSettings.Networks.bridge.IPAddress")
+
+	out, _ := dockerCmd(c, "run", "--link", cID+":test", "busybox", "/bin/cat", "/etc/hosts")
+	if !strings.Contains(out, ip+"	test") {
+		c.Fatalf("use a container id to link target failed")
+	}
+}
+
+func (s *DockerSuite) TestUserDefinedNetworkLinks(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace, NotArm)
+	dockerCmd(c, "network", "create", "-d", "bridge", "udlinkNet")
+
+	dockerCmd(c, "run", "-d", "--net=udlinkNet", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+
+	// run a container in user-defined network udlinkNet with a link for an existing container
+	// and a link for a container that doesn't exist
+	dockerCmd(c, "run", "-d", "--net=udlinkNet", "--name=second", "--link=first:foo",
+		"--link=third:bar", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+
+	// ping to first and its alias foo must succeed
+	_, _, err := dockerCmdWithError("exec", "second", "ping", "-c", "1", "first")
+	c.Assert(err, check.IsNil)
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "foo")
+	c.Assert(err, check.IsNil)
+
+	// ping to third and its alias must fail
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "third")
+	c.Assert(err, check.NotNil)
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "bar")
+	c.Assert(err, check.NotNil)
+
+	// start third container now
+	dockerCmd(c, "run", "-d", "--net=udlinkNet", "--name=third", "busybox", "top")
+	c.Assert(waitRun("third"), check.IsNil)
+
+	// ping to third and its alias must succeed now
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "third")
+	c.Assert(err, check.IsNil)
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "bar")
+	c.Assert(err, check.IsNil)
+}
+
+func (s *DockerSuite) TestUserDefinedNetworkLinksWithRestart(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace, NotArm)
+	dockerCmd(c, "network", "create", "-d", "bridge", "udlinkNet")
+
+	dockerCmd(c, "run", "-d", "--net=udlinkNet", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+
+	dockerCmd(c, "run", "-d", "--net=udlinkNet", "--name=second", "--link=first:foo",
+		"busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+
+	// ping to first and its alias foo must succeed
+	_, _, err := dockerCmdWithError("exec", "second", "ping", "-c", "1", "first")
+	c.Assert(err, check.IsNil)
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "foo")
+	c.Assert(err, check.IsNil)
+
+	// Restart first container
+	dockerCmd(c, "restart", "first")
+	c.Assert(waitRun("first"), check.IsNil)
+
+	// ping to first and its alias foo must still succeed
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "first")
+	c.Assert(err, check.IsNil)
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "foo")
+	c.Assert(err, check.IsNil)
+
+	// Restart second container
+	dockerCmd(c, "restart", "second")
+	c.Assert(waitRun("second"), check.IsNil)
+
+	// ping to first and its alias foo must still succeed
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "first")
+	c.Assert(err, check.IsNil)
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "foo")
+	c.Assert(err, check.IsNil)
+}
+
+func (s *DockerSuite) TestRunWithNetAliasOnDefaultNetworks(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace, NotArm)
+
+	defaults := []string{"bridge", "host", "none"}
+	for _, net := range defaults {
+		out, _, err := dockerCmdWithError("run", "-d", "--net", net, "--net-alias", "alias_"+net, "busybox", "top")
+		c.Assert(err, checker.NotNil)
+		c.Assert(out, checker.Contains, runconfig.ErrUnsupportedNetworkAndAlias.Error())
+	}
+}
+
+func (s *DockerSuite) TestUserDefinedNetworkAlias(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace, NotArm)
+	dockerCmd(c, "network", "create", "-d", "bridge", "net1")
+
+	dockerCmd(c, "run", "-d", "--net=net1", "--name=first", "--net-alias=foo1", "--net-alias=foo2", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+
+	dockerCmd(c, "run", "-d", "--net=net1", "--name=second", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+
+	// ping to first and its network-scoped aliases
+	_, _, err := dockerCmdWithError("exec", "second", "ping", "-c", "1", "first")
+	c.Assert(err, check.IsNil)
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "foo1")
+	c.Assert(err, check.IsNil)
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "foo2")
+	c.Assert(err, check.IsNil)
+
+	// Restart first container
+	dockerCmd(c, "restart", "first")
+	c.Assert(waitRun("first"), check.IsNil)
+
+	// ping to first and its network-scoped aliases must succeed
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "first")
+	c.Assert(err, check.IsNil)
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "foo1")
+	c.Assert(err, check.IsNil)
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "foo2")
+	c.Assert(err, check.IsNil)
+}
+
+// Issue 9677.
+func (s *DockerSuite) TestRunWithDaemonFlags(c *check.C) {
+	out, _, err := dockerCmdWithError("--exec-opt", "foo=bar", "run", "-i", "busybox", "true")
+	if err != nil {
+		if !strings.Contains(out, "flag provided but not defined: --exec-opt") { // no daemon (client-only)
+			c.Fatal(err, out)
+		}
+	}
+}
+
+// Regression test for #4979
+func (s *DockerSuite) TestRunWithVolumesFromExited(c *check.C) {
+
+	var (
+		out      string
+		exitCode int
+	)
+
+	// Create a file in a volume
+	if daemonPlatform == "windows" {
+		out, exitCode = dockerCmd(c, "run", "--name", "test-data", "--volume", `c:\some\dir`, WindowsBaseImage, `cmd /c echo hello > c:\some\dir\file`)
+	} else {
+		out, exitCode = dockerCmd(c, "run", "--name", "test-data", "--volume", "/some/dir", "busybox", "touch", "/some/dir/file")
+	}
+	if exitCode != 0 {
+		c.Fatal("1", out, exitCode)
+	}
+
+	// Read the file from another container using --volumes-from to access the volume in the second container
+	if daemonPlatform == "windows" {
+		out, exitCode = dockerCmd(c, "run", "--volumes-from", "test-data", WindowsBaseImage, `cmd /c type c:\some\dir\file`)
+	} else {
+		out, exitCode = dockerCmd(c, "run", "--volumes-from", "test-data", "busybox", "cat", "/some/dir/file")
+	}
+	if exitCode != 0 {
+		c.Fatal("2", out, exitCode)
+	}
+}
+
+// Volume path is a symlink which also exists on the host, and the host side is a file not a dir
+// But the volume call is just a normal volume, not a bind mount
+func (s *DockerSuite) TestRunCreateVolumesInSymlinkDir(c *check.C) {
+	var (
+		dockerFile    string
+		containerPath string
+		cmd           string
+	)
+	testRequires(c, SameHostDaemon)
+	name := "test-volume-symlink"
+
+	dir, err := ioutil.TempDir("", name)
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer os.RemoveAll(dir)
+
+	// In the case of Windows to Windows CI, if the machine is setup so that
+	// the temp directory is not the C: drive, this test is invalid and will
+	// not work.
+	if daemonPlatform == "windows" && strings.ToLower(dir[:1]) != "c" {
+		c.Skip("Requires TEMP to point to C: drive")
+	}
+
+	f, err := os.OpenFile(filepath.Join(dir, "test"), os.O_CREATE, 0700)
+	if err != nil {
+		c.Fatal(err)
+	}
+	f.Close()
+
+	if daemonPlatform == "windows" {
+		dockerFile = fmt.Sprintf("FROM %s\nRUN mkdir %s\nRUN mklink /D c:\\test %s", WindowsBaseImage, dir, dir)
+		containerPath = `c:\test\test`
+		cmd = "tasklist"
+	} else {
+		dockerFile = fmt.Sprintf("FROM busybox\nRUN mkdir -p %s\nRUN ln -s %s /test", dir, dir)
+		containerPath = "/test/test"
+		cmd = "true"
+	}
+	if _, err := buildImage(name, dockerFile, false); err != nil {
+		c.Fatal(err)
+	}
+
+	dockerCmd(c, "run", "-v", containerPath, name, cmd)
+}
+
+// Volume path is a symlink in the container
+func (s *DockerSuite) TestRunCreateVolumesInSymlinkDir2(c *check.C) {
+	var (
+		dockerFile    string
+		containerPath string
+		cmd           string
+	)
+	testRequires(c, SameHostDaemon)
+	name := "test-volume-symlink2"
+
+	if daemonPlatform == "windows" {
+		dockerFile = fmt.Sprintf("FROM %s\nRUN mkdir c:\\%s\nRUN mklink /D c:\\test c:\\%s", WindowsBaseImage, name, name)
+		containerPath = `c:\test\test`
+		cmd = "tasklist"
+	} else {
+		dockerFile = fmt.Sprintf("FROM busybox\nRUN mkdir -p /%s\nRUN ln -s /%s /test", name, name)
+		containerPath = "/test/test"
+		cmd = "true"
+	}
+	if _, err := buildImage(name, dockerFile, false); err != nil {
+		c.Fatal(err)
+	}
+
+	dockerCmd(c, "run", "-v", containerPath, name, cmd)
+}
+
+func (s *DockerSuite) TestRunVolumesMountedAsReadonly(c *check.C) {
+	// TODO Windows (Post TP4): This test cannot run on a Windows daemon as
+	// Windows does not support read-only bind mounts.
+	testRequires(c, DaemonIsLinux)
+	if _, code, err := dockerCmdWithError("run", "-v", "/test:/test:ro", "busybox", "touch", "/test/somefile"); err == nil || code == 0 {
+		c.Fatalf("run should fail because volume is ro: exit code %d", code)
+	}
+}
+
+func (s *DockerSuite) TestRunVolumesFromInReadonlyModeFails(c *check.C) {
+	// TODO Windows (Post TP4): This test cannot run on a Windows daemon as
+	// Windows does not support read-only bind mounts. Modified for when ro is supported.
+	testRequires(c, DaemonIsLinux)
+	var (
+		volumeDir string
+		fileInVol string
+	)
+	if daemonPlatform == "windows" {
+		volumeDir = `c:/test` // Forward-slash as using busybox
+		fileInVol = `c:/test/file`
+	} else {
+		testRequires(c, DaemonIsLinux)
+		volumeDir = "/test"
+		fileInVol = `/test/file`
+	}
+	dockerCmd(c, "run", "--name", "parent", "-v", volumeDir, "busybox", "true")
+
+	if _, code, err := dockerCmdWithError("run", "--volumes-from", "parent:ro", "busybox", "touch", fileInVol); err == nil || code == 0 {
+		c.Fatalf("run should fail because volume is ro: exit code %d", code)
+	}
+}
+
+// Regression test for #1201
+func (s *DockerSuite) TestRunVolumesFromInReadWriteMode(c *check.C) {
+	var (
+		volumeDir string
+		fileInVol string
+	)
+	if daemonPlatform == "windows" {
+		volumeDir = `c:/test` // Forward-slash as using busybox
+		fileInVol = `c:/test/file`
+	} else {
+		volumeDir = "/test"
+		fileInVol = "/test/file"
+	}
+
+	dockerCmd(c, "run", "--name", "parent", "-v", volumeDir, "busybox", "true")
+	dockerCmd(c, "run", "--volumes-from", "parent:rw", "busybox", "touch", fileInVol)
+
+	if out, _, err := dockerCmdWithError("run", "--volumes-from", "parent:bar", "busybox", "touch", fileInVol); err == nil || !strings.Contains(out, `invalid mode: bar`) {
+		c.Fatalf("running --volumes-from parent:bar should have failed with invalid mode: %q", out)
+	}
+
+	dockerCmd(c, "run", "--volumes-from", "parent", "busybox", "touch", fileInVol)
+}
+
+func (s *DockerSuite) TestVolumesFromGetsProperMode(c *check.C) {
+	// TODO Windows: This test cannot yet run on a Windows daemon as Windows does
+	// not support read-only bind mounts as at TP4
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "--name", "parent", "-v", "/test:/test:ro", "busybox", "true")
+
+	// Expect this "rw" mode to be be ignored since the inherited volume is "ro"
+	if _, _, err := dockerCmdWithError("run", "--volumes-from", "parent:rw", "busybox", "touch", "/test/file"); err == nil {
+		c.Fatal("Expected volumes-from to inherit read-only volume even when passing in `rw`")
+	}
+
+	dockerCmd(c, "run", "--name", "parent2", "-v", "/test:/test:ro", "busybox", "true")
+
+	// Expect this to be read-only since both are "ro"
+	if _, _, err := dockerCmdWithError("run", "--volumes-from", "parent2:ro", "busybox", "touch", "/test/file"); err == nil {
+		c.Fatal("Expected volumes-from to inherit read-only volume even when passing in `ro`")
+	}
+}
+
+// Test for GH#10618
+func (s *DockerSuite) TestRunNoDupVolumes(c *check.C) {
+	path1 := randomTmpDirPath("test1", daemonPlatform)
+	path2 := randomTmpDirPath("test2", daemonPlatform)
+
+	someplace := ":/someplace"
+	if daemonPlatform == "windows" {
+		// Windows requires that the source directory exists before calling HCS
+		testRequires(c, SameHostDaemon)
+		someplace = `:c:\someplace`
+		if err := os.MkdirAll(path1, 0755); err != nil {
+			c.Fatalf("Failed to create %s: %q", path1, err)
+		}
+		defer os.RemoveAll(path1)
+		if err := os.MkdirAll(path2, 0755); err != nil {
+			c.Fatalf("Failed to create %s: %q", path1, err)
+		}
+		defer os.RemoveAll(path2)
+	}
+	mountstr1 := path1 + someplace
+	mountstr2 := path2 + someplace
+
+	if out, _, err := dockerCmdWithError("run", "-v", mountstr1, "-v", mountstr2, "busybox", "true"); err == nil {
+		c.Fatal("Expected error about duplicate mount definitions")
+	} else {
+		if !strings.Contains(out, "Duplicate mount point") {
+			c.Fatalf("Expected 'duplicate mount point' error, got %v", out)
+		}
+	}
+}
+
+// Test for #1351
+func (s *DockerSuite) TestRunApplyVolumesFromBeforeVolumes(c *check.C) {
+	prefix := ""
+	if daemonPlatform == "windows" {
+		prefix = `c:`
+	}
+	dockerCmd(c, "run", "--name", "parent", "-v", prefix+"/test", "busybox", "touch", prefix+"/test/foo")
+	dockerCmd(c, "run", "--volumes-from", "parent", "-v", prefix+"/test", "busybox", "cat", prefix+"/test/foo")
+}
+
+func (s *DockerSuite) TestRunMultipleVolumesFrom(c *check.C) {
+	prefix := ""
+	if daemonPlatform == "windows" {
+		prefix = `c:`
+	}
+	dockerCmd(c, "run", "--name", "parent1", "-v", prefix+"/test", "busybox", "touch", prefix+"/test/foo")
+	dockerCmd(c, "run", "--name", "parent2", "-v", prefix+"/other", "busybox", "touch", prefix+"/other/bar")
+	dockerCmd(c, "run", "--volumes-from", "parent1", "--volumes-from", "parent2", "busybox", "sh", "-c", "cat /test/foo && cat /other/bar")
+}
+
+// this tests verifies the ID format for the container
+func (s *DockerSuite) TestRunVerifyContainerID(c *check.C) {
+	out, exit, err := dockerCmdWithError("run", "-d", "busybox", "true")
+	if err != nil {
+		c.Fatal(err)
+	}
+	if exit != 0 {
+		c.Fatalf("expected exit code 0 received %d", exit)
+	}
+
+	match, err := regexp.MatchString("^[0-9a-f]{64}$", strings.TrimSuffix(out, "\n"))
+	if err != nil {
+		c.Fatal(err)
+	}
+	if !match {
+		c.Fatalf("Invalid container ID: %s", out)
+	}
+}
+
+// Test that creating a container with a volume doesn't crash. Regression test for #995.
+func (s *DockerSuite) TestRunCreateVolume(c *check.C) {
+	prefix := ""
+	if daemonPlatform == "windows" {
+		prefix = `c:`
+	}
+	dockerCmd(c, "run", "-v", prefix+"/var/lib/data", "busybox", "true")
+}
+
+// Test that creating a volume with a symlink in its path works correctly. Test for #5152.
+// Note that this bug happens only with symlinks with a target that starts with '/'.
+func (s *DockerSuite) TestRunCreateVolumeWithSymlink(c *check.C) {
+	// Cannot run on Windows as relies on Linux-specific functionality (sh -c mount...)
+	testRequires(c, DaemonIsLinux)
+	image := "docker-test-createvolumewithsymlink"
+
+	buildCmd := exec.Command(dockerBinary, "build", "-t", image, "-")
+	buildCmd.Stdin = strings.NewReader(`FROM busybox
+		RUN ln -s home /bar`)
+	buildCmd.Dir = workingDirectory
+	err := buildCmd.Run()
+	if err != nil {
+		c.Fatalf("could not build '%s': %v", image, err)
+	}
+
+	_, exitCode, err := dockerCmdWithError("run", "-v", "/bar/foo", "--name", "test-createvolumewithsymlink", image, "sh", "-c", "mount | grep -q /home/foo")
+	if err != nil || exitCode != 0 {
+		c.Fatalf("[run] err: %v, exitcode: %d", err, exitCode)
+	}
+
+	volPath, err := inspectMountSourceField("test-createvolumewithsymlink", "/bar/foo")
+	c.Assert(err, checker.IsNil)
+
+	_, exitCode, err = dockerCmdWithError("rm", "-v", "test-createvolumewithsymlink")
+	if err != nil || exitCode != 0 {
+		c.Fatalf("[rm] err: %v, exitcode: %d", err, exitCode)
+	}
+
+	_, err = os.Stat(volPath)
+	if !os.IsNotExist(err) {
+		c.Fatalf("[open] (expecting 'file does not exist' error) err: %v, volPath: %s", err, volPath)
+	}
+}
+
+// Tests that a volume path that has a symlink exists in a container mounting it with `--volumes-from`.
+func (s *DockerSuite) TestRunVolumesFromSymlinkPath(c *check.C) {
+	name := "docker-test-volumesfromsymlinkpath"
+	prefix := ""
+	dfContents := `FROM busybox
+		RUN ln -s home /foo
+		VOLUME ["/foo/bar"]`
+
+	if daemonPlatform == "windows" {
+		prefix = `c:`
+		dfContents = `FROM ` + WindowsBaseImage + `
+	    RUN mkdir c:\home
+		RUN mklink /D c:\foo c:\home
+		VOLUME ["c:/foo/bar"]
+		ENTRYPOINT c:\windows\system32\cmd.exe`
+	}
+
+	buildCmd := exec.Command(dockerBinary, "build", "-t", name, "-")
+	buildCmd.Stdin = strings.NewReader(dfContents)
+	buildCmd.Dir = workingDirectory
+	err := buildCmd.Run()
+	if err != nil {
+		c.Fatalf("could not build 'docker-test-volumesfromsymlinkpath': %v", err)
+	}
+
+	out, exitCode, err := dockerCmdWithError("run", "--name", "test-volumesfromsymlinkpath", name)
+	if err != nil || exitCode != 0 {
+		c.Fatalf("[run] (volume) err: %v, exitcode: %d, out: %s", err, exitCode, out)
+	}
+
+	_, exitCode, err = dockerCmdWithError("run", "--volumes-from", "test-volumesfromsymlinkpath", "busybox", "sh", "-c", "ls "+prefix+"/foo | grep -q bar")
+	if err != nil || exitCode != 0 {
+		c.Fatalf("[run] err: %v, exitcode: %d", err, exitCode)
+	}
+}
+
+func (s *DockerSuite) TestRunExitCode(c *check.C) {
+	var (
+		exit int
+		err  error
+	)
+
+	_, exit, err = dockerCmdWithError("run", "busybox", "/bin/sh", "-c", "exit 72")
+
+	if err == nil {
+		c.Fatal("should not have a non nil error")
+	}
+	if exit != 72 {
+		c.Fatalf("expected exit code 72 received %d", exit)
+	}
+}
+
+func (s *DockerSuite) TestRunUserDefaults(c *check.C) {
+	expected := "uid=0(root) gid=0(root)"
+	if daemonPlatform == "windows" {
+		// TODO Windows: Remove this check once TP4 is no longer supported.
+		if windowsDaemonKV < 14250 {
+			expected = "uid=1000(SYSTEM) gid=1000(SYSTEM)"
+		} else {
+			expected = "uid=1000(ContainerAdministrator) gid=1000(ContainerAdministrator)"
+		}
+	}
+	out, _ := dockerCmd(c, "run", "busybox", "id")
+	if !strings.Contains(out, expected) {
+		c.Fatalf("expected '%s' got %s", expected, out)
+	}
+}
+
+func (s *DockerSuite) TestRunUserByName(c *check.C) {
+	// TODO Windows: This test cannot run on a Windows daemon as Windows does
+	// not support the use of -u
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-u", "root", "busybox", "id")
+	if !strings.Contains(out, "uid=0(root) gid=0(root)") {
+		c.Fatalf("expected root user got %s", out)
+	}
+}
+
+func (s *DockerSuite) TestRunUserByID(c *check.C) {
+	// TODO Windows: This test cannot run on a Windows daemon as Windows does
+	// not support the use of -u
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-u", "1", "busybox", "id")
+	if !strings.Contains(out, "uid=1(daemon) gid=1(daemon)") {
+		c.Fatalf("expected daemon user got %s", out)
+	}
+}
+
+func (s *DockerSuite) TestRunUserByIDBig(c *check.C) {
+	// TODO Windows: This test cannot run on a Windows daemon as Windows does
+	// not support the use of -u
+	testRequires(c, DaemonIsLinux, NotArm)
+	out, _, err := dockerCmdWithError("run", "-u", "2147483648", "busybox", "id")
+	if err == nil {
+		c.Fatal("No error, but must be.", out)
+	}
+	if !strings.Contains(out, libcontainerUser.ErrRange.Error()) {
+		c.Fatalf("expected error about uids range, got %s", out)
+	}
+}
+
+func (s *DockerSuite) TestRunUserByIDNegative(c *check.C) {
+	// TODO Windows: This test cannot run on a Windows daemon as Windows does
+	// not support the use of -u
+	testRequires(c, DaemonIsLinux)
+	out, _, err := dockerCmdWithError("run", "-u", "-1", "busybox", "id")
+	if err == nil {
+		c.Fatal("No error, but must be.", out)
+	}
+	if !strings.Contains(out, libcontainerUser.ErrRange.Error()) {
+		c.Fatalf("expected error about uids range, got %s", out)
+	}
+}
+
+func (s *DockerSuite) TestRunUserByIDZero(c *check.C) {
+	// TODO Windows: This test cannot run on a Windows daemon as Windows does
+	// not support the use of -u
+	testRequires(c, DaemonIsLinux)
+	out, _, err := dockerCmdWithError("run", "-u", "0", "busybox", "id")
+	if err != nil {
+		c.Fatal(err, out)
+	}
+	if !strings.Contains(out, "uid=0(root) gid=0(root) groups=10(wheel)") {
+		c.Fatalf("expected daemon user got %s", out)
+	}
+}
+
+func (s *DockerSuite) TestRunUserNotFound(c *check.C) {
+	// TODO Windows: This test cannot run on a Windows daemon as Windows does
+	// not support the use of -u
+	testRequires(c, DaemonIsLinux)
+	_, _, err := dockerCmdWithError("run", "-u", "notme", "busybox", "id")
+	if err == nil {
+		c.Fatal("unknown user should cause container to fail")
+	}
+}
+
+func (s *DockerSuite) TestRunTwoConcurrentContainers(c *check.C) {
+	// TODO Windows. There are two bugs in TP4 which means this test cannot
+	// be reliably enabled. The first is a race condition where sometimes
+	// HCS CreateComputeSystem() will fail "Invalid class string". #4985252 and
+	// #4493430.
+	//
+	// The second, which is seen more readily by increasing the number of concurrent
+	// containers to 5 or more, is that CSRSS hangs. This may fixed in the TP4 ZDP.
+	// #4898773.
+	testRequires(c, DaemonIsLinux)
+	sleepTime := "2"
+	if daemonPlatform == "windows" {
+		sleepTime = "5" // Make more reliable on Windows
+	}
+	group := sync.WaitGroup{}
+	group.Add(2)
+
+	errChan := make(chan error, 2)
+	for i := 0; i < 2; i++ {
+		go func() {
+			defer group.Done()
+			_, _, err := dockerCmdWithError("run", "busybox", "sleep", sleepTime)
+			errChan <- err
+		}()
+	}
+
+	group.Wait()
+	close(errChan)
+
+	for err := range errChan {
+		c.Assert(err, check.IsNil)
+	}
+}
+
+func (s *DockerSuite) TestRunEnvironment(c *check.C) {
+	// TODO Windows: Environment handling is different between Linux and
+	// Windows and this test relies currently on unix functionality.
+	testRequires(c, DaemonIsLinux)
+	cmd := exec.Command(dockerBinary, "run", "-h", "testing", "-e=FALSE=true", "-e=TRUE", "-e=TRICKY", "-e=HOME=", "busybox", "env")
+	cmd.Env = append(os.Environ(),
+		"TRUE=false",
+		"TRICKY=tri\ncky\n",
+	)
+
+	out, _, err := runCommandWithOutput(cmd)
+	if err != nil {
+		c.Fatal(err, out)
+	}
+
+	actualEnv := strings.Split(strings.TrimSpace(out), "\n")
+	sort.Strings(actualEnv)
+
+	goodEnv := []string{
+		"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
+		"HOSTNAME=testing",
+		"FALSE=true",
+		"TRUE=false",
+		"TRICKY=tri",
+		"cky",
+		"",
+		"HOME=/root",
+	}
+	sort.Strings(goodEnv)
+	if len(goodEnv) != len(actualEnv) {
+		c.Fatalf("Wrong environment: should be %d variables, not: %q\n", len(goodEnv), strings.Join(actualEnv, ", "))
+	}
+	for i := range goodEnv {
+		if actualEnv[i] != goodEnv[i] {
+			c.Fatalf("Wrong environment variable: should be %s, not %s", goodEnv[i], actualEnv[i])
+		}
+	}
+}
+
+func (s *DockerSuite) TestRunEnvironmentErase(c *check.C) {
+	// TODO Windows: Environment handling is different between Linux and
+	// Windows and this test relies currently on unix functionality.
+	testRequires(c, DaemonIsLinux)
+
+	// Test to make sure that when we use -e on env vars that are
+	// not set in our local env that they're removed (if present) in
+	// the container
+
+	cmd := exec.Command(dockerBinary, "run", "-e", "FOO", "-e", "HOSTNAME", "busybox", "env")
+	cmd.Env = appendBaseEnv(true)
+
+	out, _, err := runCommandWithOutput(cmd)
+	if err != nil {
+		c.Fatal(err, out)
+	}
+
+	actualEnv := strings.Split(strings.TrimSpace(out), "\n")
+	sort.Strings(actualEnv)
+
+	goodEnv := []string{
+		"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
+		"HOME=/root",
+	}
+	sort.Strings(goodEnv)
+	if len(goodEnv) != len(actualEnv) {
+		c.Fatalf("Wrong environment: should be %d variables, not: %q\n", len(goodEnv), strings.Join(actualEnv, ", "))
+	}
+	for i := range goodEnv {
+		if actualEnv[i] != goodEnv[i] {
+			c.Fatalf("Wrong environment variable: should be %s, not %s", goodEnv[i], actualEnv[i])
+		}
+	}
+}
+
+func (s *DockerSuite) TestRunEnvironmentOverride(c *check.C) {
+	// TODO Windows: Environment handling is different between Linux and
+	// Windows and this test relies currently on unix functionality.
+	testRequires(c, DaemonIsLinux)
+
+	// Test to make sure that when we use -e on env vars that are
+	// already in the env that we're overriding them
+
+	cmd := exec.Command(dockerBinary, "run", "-e", "HOSTNAME", "-e", "HOME=/root2", "busybox", "env")
+	cmd.Env = appendBaseEnv(true, "HOSTNAME=bar")
+
+	out, _, err := runCommandWithOutput(cmd)
+	if err != nil {
+		c.Fatal(err, out)
+	}
+
+	actualEnv := strings.Split(strings.TrimSpace(out), "\n")
+	sort.Strings(actualEnv)
+
+	goodEnv := []string{
+		"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
+		"HOME=/root2",
+		"HOSTNAME=bar",
+	}
+	sort.Strings(goodEnv)
+	if len(goodEnv) != len(actualEnv) {
+		c.Fatalf("Wrong environment: should be %d variables, not: %q\n", len(goodEnv), strings.Join(actualEnv, ", "))
+	}
+	for i := range goodEnv {
+		if actualEnv[i] != goodEnv[i] {
+			c.Fatalf("Wrong environment variable: should be %s, not %s", goodEnv[i], actualEnv[i])
+		}
+	}
+}
+
+func (s *DockerSuite) TestRunContainerNetwork(c *check.C) {
+	if daemonPlatform == "windows" {
+		// Windows busybox does not have ping. Use built in ping instead.
+		dockerCmd(c, "run", WindowsBaseImage, "ping", "-n", "1", "127.0.0.1")
+	} else {
+		dockerCmd(c, "run", "busybox", "ping", "-c", "1", "127.0.0.1")
+	}
+}
+
+func (s *DockerSuite) TestRunNetHostNotAllowedWithLinks(c *check.C) {
+	// TODO Windows: This is Linux specific as --link is not supported and
+	// this will be deprecated in favor of container networking model.
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	dockerCmd(c, "run", "--name", "linked", "busybox", "true")
+
+	_, _, err := dockerCmdWithError("run", "--net=host", "--link", "linked:linked", "busybox", "true")
+	if err == nil {
+		c.Fatal("Expected error")
+	}
+}
+
+// #7851 hostname outside container shows FQDN, inside only shortname
+// For testing purposes it is not required to set host's hostname directly
+// and use "--net=host" (as the original issue submitter did), as the same
+// codepath is executed with "docker run -h <hostname>".  Both were manually
+// tested, but this testcase takes the simpler path of using "run -h .."
+func (s *DockerSuite) TestRunFullHostnameSet(c *check.C) {
+	// TODO Windows: -h is not yet functional.
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-h", "foo.bar.baz", "busybox", "hostname")
+	if actual := strings.Trim(out, "\r\n"); actual != "foo.bar.baz" {
+		c.Fatalf("expected hostname 'foo.bar.baz', received %s", actual)
+	}
+}
+
+func (s *DockerSuite) TestRunPrivilegedCanMknod(c *check.C) {
+	// Not applicable for Windows as Windows daemon does not support
+	// the concept of --privileged, and mknod is a Unix concept.
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	out, _ := dockerCmd(c, "run", "--privileged", "busybox", "sh", "-c", "mknod /tmp/sda b 8 0 && echo ok")
+	if actual := strings.Trim(out, "\r\n"); actual != "ok" {
+		c.Fatalf("expected output ok received %s", actual)
+	}
+}
+
+func (s *DockerSuite) TestRunUnprivilegedCanMknod(c *check.C) {
+	// Not applicable for Windows as Windows daemon does not support
+	// the concept of --privileged, and mknod is a Unix concept.
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	out, _ := dockerCmd(c, "run", "busybox", "sh", "-c", "mknod /tmp/sda b 8 0 && echo ok")
+	if actual := strings.Trim(out, "\r\n"); actual != "ok" {
+		c.Fatalf("expected output ok received %s", actual)
+	}
+}
+
+func (s *DockerSuite) TestRunCapDropInvalid(c *check.C) {
+	// Not applicable for Windows as there is no concept of --cap-drop
+	testRequires(c, DaemonIsLinux)
+	out, _, err := dockerCmdWithError("run", "--cap-drop=CHPASS", "busybox", "ls")
+	if err == nil {
+		c.Fatal(err, out)
+	}
+}
+
+func (s *DockerSuite) TestRunCapDropCannotMknod(c *check.C) {
+	// Not applicable for Windows as there is no concept of --cap-drop or mknod
+	testRequires(c, DaemonIsLinux)
+	out, _, err := dockerCmdWithError("run", "--cap-drop=MKNOD", "busybox", "sh", "-c", "mknod /tmp/sda b 8 0 && echo ok")
+
+	if err == nil {
+		c.Fatal(err, out)
+	}
+	if actual := strings.Trim(out, "\r\n"); actual == "ok" {
+		c.Fatalf("expected output not ok received %s", actual)
+	}
+}
+
+func (s *DockerSuite) TestRunCapDropCannotMknodLowerCase(c *check.C) {
+	// Not applicable for Windows as there is no concept of --cap-drop or mknod
+	testRequires(c, DaemonIsLinux)
+	out, _, err := dockerCmdWithError("run", "--cap-drop=mknod", "busybox", "sh", "-c", "mknod /tmp/sda b 8 0 && echo ok")
+
+	if err == nil {
+		c.Fatal(err, out)
+	}
+	if actual := strings.Trim(out, "\r\n"); actual == "ok" {
+		c.Fatalf("expected output not ok received %s", actual)
+	}
+}
+
+func (s *DockerSuite) TestRunCapDropALLCannotMknod(c *check.C) {
+	// Not applicable for Windows as there is no concept of --cap-drop or mknod
+	testRequires(c, DaemonIsLinux)
+	out, _, err := dockerCmdWithError("run", "--cap-drop=ALL", "--cap-add=SETGID", "busybox", "sh", "-c", "mknod /tmp/sda b 8 0 && echo ok")
+	if err == nil {
+		c.Fatal(err, out)
+	}
+	if actual := strings.Trim(out, "\r\n"); actual == "ok" {
+		c.Fatalf("expected output not ok received %s", actual)
+	}
+}
+
+func (s *DockerSuite) TestRunCapDropALLAddMknodCanMknod(c *check.C) {
+	// Not applicable for Windows as there is no concept of --cap-drop or mknod
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	out, _ := dockerCmd(c, "run", "--cap-drop=ALL", "--cap-add=MKNOD", "--cap-add=SETGID", "busybox", "sh", "-c", "mknod /tmp/sda b 8 0 && echo ok")
+
+	if actual := strings.Trim(out, "\r\n"); actual != "ok" {
+		c.Fatalf("expected output ok received %s", actual)
+	}
+}
+
+func (s *DockerSuite) TestRunCapAddInvalid(c *check.C) {
+	// Not applicable for Windows as there is no concept of --cap-add
+	testRequires(c, DaemonIsLinux)
+	out, _, err := dockerCmdWithError("run", "--cap-add=CHPASS", "busybox", "ls")
+	if err == nil {
+		c.Fatal(err, out)
+	}
+}
+
+func (s *DockerSuite) TestRunCapAddCanDownInterface(c *check.C) {
+	// Not applicable for Windows as there is no concept of --cap-add
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "--cap-add=NET_ADMIN", "busybox", "sh", "-c", "ip link set eth0 down && echo ok")
+
+	if actual := strings.Trim(out, "\r\n"); actual != "ok" {
+		c.Fatalf("expected output ok received %s", actual)
+	}
+}
+
+func (s *DockerSuite) TestRunCapAddALLCanDownInterface(c *check.C) {
+	// Not applicable for Windows as there is no concept of --cap-add
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "--cap-add=ALL", "busybox", "sh", "-c", "ip link set eth0 down && echo ok")
+
+	if actual := strings.Trim(out, "\r\n"); actual != "ok" {
+		c.Fatalf("expected output ok received %s", actual)
+	}
+}
+
+func (s *DockerSuite) TestRunCapAddALLDropNetAdminCanDownInterface(c *check.C) {
+	// Not applicable for Windows as there is no concept of --cap-add
+	testRequires(c, DaemonIsLinux)
+	out, _, err := dockerCmdWithError("run", "--cap-add=ALL", "--cap-drop=NET_ADMIN", "busybox", "sh", "-c", "ip link set eth0 down && echo ok")
+	if err == nil {
+		c.Fatal(err, out)
+	}
+	if actual := strings.Trim(out, "\r\n"); actual == "ok" {
+		c.Fatalf("expected output not ok received %s", actual)
+	}
+}
+
+func (s *DockerSuite) TestRunGroupAdd(c *check.C) {
+	// Not applicable for Windows as there is no concept of --group-add
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "--group-add=audio", "--group-add=staff", "--group-add=777", "busybox", "sh", "-c", "id")
+
+	groupsList := "uid=0(root) gid=0(root) groups=10(wheel),29(audio),50(staff),777"
+	if actual := strings.Trim(out, "\r\n"); actual != groupsList {
+		c.Fatalf("expected output %s received %s", groupsList, actual)
+	}
+}
+
+func (s *DockerSuite) TestRunPrivilegedCanMount(c *check.C) {
+	// Not applicable for Windows as there is no concept of --privileged
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	out, _ := dockerCmd(c, "run", "--privileged", "busybox", "sh", "-c", "mount -t tmpfs none /tmp && echo ok")
+
+	if actual := strings.Trim(out, "\r\n"); actual != "ok" {
+		c.Fatalf("expected output ok received %s", actual)
+	}
+}
+
+func (s *DockerSuite) TestRunUnprivilegedCannotMount(c *check.C) {
+	// Not applicable for Windows as there is no concept of unprivileged
+	testRequires(c, DaemonIsLinux)
+	out, _, err := dockerCmdWithError("run", "busybox", "sh", "-c", "mount -t tmpfs none /tmp && echo ok")
+
+	if err == nil {
+		c.Fatal(err, out)
+	}
+	if actual := strings.Trim(out, "\r\n"); actual == "ok" {
+		c.Fatalf("expected output not ok received %s", actual)
+	}
+}
+
+func (s *DockerSuite) TestRunSysNotWritableInNonPrivilegedContainers(c *check.C) {
+	// Not applicable for Windows as there is no concept of unprivileged
+	testRequires(c, DaemonIsLinux, NotArm)
+	if _, code, err := dockerCmdWithError("run", "busybox", "touch", "/sys/kernel/profiling"); err == nil || code == 0 {
+		c.Fatal("sys should not be writable in a non privileged container")
+	}
+}
+
+func (s *DockerSuite) TestRunSysWritableInPrivilegedContainers(c *check.C) {
+	// Not applicable for Windows as there is no concept of unprivileged
+	testRequires(c, DaemonIsLinux, NotUserNamespace, NotArm)
+	if _, code, err := dockerCmdWithError("run", "--privileged", "busybox", "touch", "/sys/kernel/profiling"); err != nil || code != 0 {
+		c.Fatalf("sys should be writable in privileged container")
+	}
+}
+
+func (s *DockerSuite) TestRunProcNotWritableInNonPrivilegedContainers(c *check.C) {
+	// Not applicable for Windows as there is no concept of unprivileged
+	testRequires(c, DaemonIsLinux)
+	if _, code, err := dockerCmdWithError("run", "busybox", "touch", "/proc/sysrq-trigger"); err == nil || code == 0 {
+		c.Fatal("proc should not be writable in a non privileged container")
+	}
+}
+
+func (s *DockerSuite) TestRunProcWritableInPrivilegedContainers(c *check.C) {
+	// Not applicable for Windows as there is no concept of --privileged
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	if _, code := dockerCmd(c, "run", "--privileged", "busybox", "sh", "-c", "touch /proc/sysrq-trigger"); code != 0 {
+		c.Fatalf("proc should be writable in privileged container")
+	}
+}
+
+func (s *DockerSuite) TestRunDeviceNumbers(c *check.C) {
+	// Not applicable on Windows as /dev/ is a Unix specific concept
+	// TODO: NotUserNamespace could be removed here if "root" "root" is replaced w user
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	out, _ := dockerCmd(c, "run", "busybox", "sh", "-c", "ls -l /dev/null")
+	deviceLineFields := strings.Fields(out)
+	deviceLineFields[6] = ""
+	deviceLineFields[7] = ""
+	deviceLineFields[8] = ""
+	expected := []string{"crw-rw-rw-", "1", "root", "root", "1,", "3", "", "", "", "/dev/null"}
+
+	if !(reflect.DeepEqual(deviceLineFields, expected)) {
+		c.Fatalf("expected output\ncrw-rw-rw- 1 root root 1, 3 May 24 13:29 /dev/null\n received\n %s\n", out)
+	}
+}
+
+func (s *DockerSuite) TestRunThatCharacterDevicesActLikeCharacterDevices(c *check.C) {
+	// Not applicable on Windows as /dev/ is a Unix specific concept
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "busybox", "sh", "-c", "dd if=/dev/zero of=/zero bs=1k count=5 2> /dev/null ; du -h /zero")
+	if actual := strings.Trim(out, "\r\n"); actual[0] == '0' {
+		c.Fatalf("expected a new file called /zero to be create that is greater than 0 bytes long, but du says: %s", actual)
+	}
+}
+
+func (s *DockerSuite) TestRunUnprivilegedWithChroot(c *check.C) {
+	// Not applicable on Windows as it does not support chroot
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "busybox", "chroot", "/", "true")
+}
+
+func (s *DockerSuite) TestRunAddingOptionalDevices(c *check.C) {
+	// Not applicable on Windows as Windows does not support --device
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	out, _ := dockerCmd(c, "run", "--device", "/dev/zero:/dev/nulo", "busybox", "sh", "-c", "ls /dev/nulo")
+	if actual := strings.Trim(out, "\r\n"); actual != "/dev/nulo" {
+		c.Fatalf("expected output /dev/nulo, received %s", actual)
+	}
+}
+
+func (s *DockerSuite) TestRunAddingOptionalDevicesNoSrc(c *check.C) {
+	// Not applicable on Windows as Windows does not support --device
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	out, _ := dockerCmd(c, "run", "--device", "/dev/zero:rw", "busybox", "sh", "-c", "ls /dev/zero")
+	if actual := strings.Trim(out, "\r\n"); actual != "/dev/zero" {
+		c.Fatalf("expected output /dev/zero, received %s", actual)
+	}
+}
+
+func (s *DockerSuite) TestRunAddingOptionalDevicesInvalidMode(c *check.C) {
+	// Not applicable on Windows as Windows does not support --device
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	_, _, err := dockerCmdWithError("run", "--device", "/dev/zero:ro", "busybox", "sh", "-c", "ls /dev/zero")
+	if err == nil {
+		c.Fatalf("run container with device mode ro should fail")
+	}
+}
+
+func (s *DockerSuite) TestRunModeHostname(c *check.C) {
+	// Not applicable on Windows as Windows does not support -h
+	testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace)
+
+	out, _ := dockerCmd(c, "run", "-h=testhostname", "busybox", "cat", "/etc/hostname")
+
+	if actual := strings.Trim(out, "\r\n"); actual != "testhostname" {
+		c.Fatalf("expected 'testhostname', but says: %q", actual)
+	}
+
+	out, _ = dockerCmd(c, "run", "--net=host", "busybox", "cat", "/etc/hostname")
+
+	hostname, err := os.Hostname()
+	if err != nil {
+		c.Fatal(err)
+	}
+	if actual := strings.Trim(out, "\r\n"); actual != hostname {
+		c.Fatalf("expected %q, but says: %q", hostname, actual)
+	}
+}
+
+func (s *DockerSuite) TestRunRootWorkdir(c *check.C) {
+	out, _ := dockerCmd(c, "run", "--workdir", "/", "busybox", "pwd")
+	expected := "/\n"
+	if daemonPlatform == "windows" {
+		expected = "C:" + expected
+	}
+	if out != expected {
+		c.Fatalf("pwd returned %q (expected %s)", s, expected)
+	}
+}
+
+func (s *DockerSuite) TestRunAllowBindMountingRoot(c *check.C) {
+	if daemonPlatform == "windows" {
+		// Windows busybox will fail with Permission Denied on items such as pagefile.sys
+		dockerCmd(c, "run", "-v", `c:\:c:\host`, WindowsBaseImage, "cmd", "-c", "dir", `c:\host`)
+	} else {
+		dockerCmd(c, "run", "-v", "/:/host", "busybox", "ls", "/host")
+	}
+}
+
+func (s *DockerSuite) TestRunDisallowBindMountingRootToRoot(c *check.C) {
+	mount := "/:/"
+	targetDir := "/host"
+	if daemonPlatform == "windows" {
+		mount = `c:\:c\`
+		targetDir = "c:/host" // Forward slash as using busybox
+	}
+	out, _, err := dockerCmdWithError("run", "-v", mount, "busybox", "ls", targetDir)
+	if err == nil {
+		c.Fatal(out, err)
+	}
+}
+
+// Verify that a container gets default DNS when only localhost resolvers exist
+func (s *DockerSuite) TestRunDnsDefaultOptions(c *check.C) {
+	// Not applicable on Windows as this is testing Unix specific functionality
+	testRequires(c, SameHostDaemon, DaemonIsLinux)
+
+	// preserve original resolv.conf for restoring after test
+	origResolvConf, err := ioutil.ReadFile("/etc/resolv.conf")
+	if os.IsNotExist(err) {
+		c.Fatalf("/etc/resolv.conf does not exist")
+	}
+	// defer restored original conf
+	defer func() {
+		if err := ioutil.WriteFile("/etc/resolv.conf", origResolvConf, 0644); err != nil {
+			c.Fatal(err)
+		}
+	}()
+
+	// test 3 cases: standard IPv4 localhost, commented out localhost, and IPv6 localhost
+	// 2 are removed from the file at container start, and the 3rd (commented out) one is ignored by
+	// GetNameservers(), leading to a replacement of nameservers with the default set
+	tmpResolvConf := []byte("nameserver 127.0.0.1\n#nameserver 127.0.2.1\nnameserver ::1")
+	if err := ioutil.WriteFile("/etc/resolv.conf", tmpResolvConf, 0644); err != nil {
+		c.Fatal(err)
+	}
+
+	actual, _ := dockerCmd(c, "run", "busybox", "cat", "/etc/resolv.conf")
+	// check that the actual defaults are appended to the commented out
+	// localhost resolver (which should be preserved)
+	// NOTE: if we ever change the defaults from google dns, this will break
+	expected := "#nameserver 127.0.2.1\n\nnameserver 8.8.8.8\nnameserver 8.8.4.4\n"
+	if actual != expected {
+		c.Fatalf("expected resolv.conf be: %q, but was: %q", expected, actual)
+	}
+}
+
+func (s *DockerSuite) TestRunDnsOptions(c *check.C) {
+	// Not applicable on Windows as Windows does not support --dns*, or
+	// the Unix-specific functionality of resolv.conf.
+	testRequires(c, DaemonIsLinux)
+	out, stderr, _ := dockerCmdWithStdoutStderr(c, "run", "--dns=127.0.0.1", "--dns-search=mydomain", "--dns-opt=ndots:9", "busybox", "cat", "/etc/resolv.conf")
+
+	// The client will get a warning on stderr when setting DNS to a localhost address; verify this:
+	if !strings.Contains(stderr, "Localhost DNS setting") {
+		c.Fatalf("Expected warning on stderr about localhost resolver, but got %q", stderr)
+	}
+
+	actual := strings.Replace(strings.Trim(out, "\r\n"), "\n", " ", -1)
+	if actual != "search mydomain nameserver 127.0.0.1 options ndots:9" {
+		c.Fatalf("expected 'search mydomain nameserver 127.0.0.1 options ndots:9', but says: %q", actual)
+	}
+
+	out, stderr, _ = dockerCmdWithStdoutStderr(c, "run", "--dns=127.0.0.1", "--dns-search=.", "--dns-opt=ndots:3", "busybox", "cat", "/etc/resolv.conf")
+
+	actual = strings.Replace(strings.Trim(strings.Trim(out, "\r\n"), " "), "\n", " ", -1)
+	if actual != "nameserver 127.0.0.1 options ndots:3" {
+		c.Fatalf("expected 'nameserver 127.0.0.1 options ndots:3', but says: %q", actual)
+	}
+}
+
+func (s *DockerSuite) TestRunDnsRepeatOptions(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _, _ := dockerCmdWithStdoutStderr(c, "run", "--dns=1.1.1.1", "--dns=2.2.2.2", "--dns-search=mydomain", "--dns-search=mydomain2", "--dns-opt=ndots:9", "--dns-opt=timeout:3", "busybox", "cat", "/etc/resolv.conf")
+
+	actual := strings.Replace(strings.Trim(out, "\r\n"), "\n", " ", -1)
+	if actual != "search mydomain mydomain2 nameserver 1.1.1.1 nameserver 2.2.2.2 options ndots:9 timeout:3" {
+		c.Fatalf("expected 'search mydomain mydomain2 nameserver 1.1.1.1 nameserver 2.2.2.2 options ndots:9 timeout:3', but says: %q", actual)
+	}
+}
+
+func (s *DockerSuite) TestRunDnsOptionsBasedOnHostResolvConf(c *check.C) {
+	// Not applicable on Windows as testing Unix specific functionality
+	testRequires(c, SameHostDaemon, DaemonIsLinux)
+
+	origResolvConf, err := ioutil.ReadFile("/etc/resolv.conf")
+	if os.IsNotExist(err) {
+		c.Fatalf("/etc/resolv.conf does not exist")
+	}
+
+	hostNamservers := resolvconf.GetNameservers(origResolvConf, netutils.IP)
+	hostSearch := resolvconf.GetSearchDomains(origResolvConf)
+
+	var out string
+	out, _ = dockerCmd(c, "run", "--dns=127.0.0.1", "busybox", "cat", "/etc/resolv.conf")
+
+	if actualNameservers := resolvconf.GetNameservers([]byte(out), netutils.IP); string(actualNameservers[0]) != "127.0.0.1" {
+		c.Fatalf("expected '127.0.0.1', but says: %q", string(actualNameservers[0]))
+	}
+
+	actualSearch := resolvconf.GetSearchDomains([]byte(out))
+	if len(actualSearch) != len(hostSearch) {
+		c.Fatalf("expected %q search domain(s), but it has: %q", len(hostSearch), len(actualSearch))
+	}
+	for i := range actualSearch {
+		if actualSearch[i] != hostSearch[i] {
+			c.Fatalf("expected %q domain, but says: %q", actualSearch[i], hostSearch[i])
+		}
+	}
+
+	out, _ = dockerCmd(c, "run", "--dns-search=mydomain", "busybox", "cat", "/etc/resolv.conf")
+
+	actualNameservers := resolvconf.GetNameservers([]byte(out), netutils.IP)
+	if len(actualNameservers) != len(hostNamservers) {
+		c.Fatalf("expected %q nameserver(s), but it has: %q", len(hostNamservers), len(actualNameservers))
+	}
+	for i := range actualNameservers {
+		if actualNameservers[i] != hostNamservers[i] {
+			c.Fatalf("expected %q nameserver, but says: %q", actualNameservers[i], hostNamservers[i])
+		}
+	}
+
+	if actualSearch = resolvconf.GetSearchDomains([]byte(out)); string(actualSearch[0]) != "mydomain" {
+		c.Fatalf("expected 'mydomain', but says: %q", string(actualSearch[0]))
+	}
+
+	// test with file
+	tmpResolvConf := []byte("search example.com\nnameserver 12.34.56.78\nnameserver 127.0.0.1")
+	if err := ioutil.WriteFile("/etc/resolv.conf", tmpResolvConf, 0644); err != nil {
+		c.Fatal(err)
+	}
+	// put the old resolvconf back
+	defer func() {
+		if err := ioutil.WriteFile("/etc/resolv.conf", origResolvConf, 0644); err != nil {
+			c.Fatal(err)
+		}
+	}()
+
+	resolvConf, err := ioutil.ReadFile("/etc/resolv.conf")
+	if os.IsNotExist(err) {
+		c.Fatalf("/etc/resolv.conf does not exist")
+	}
+
+	hostNamservers = resolvconf.GetNameservers(resolvConf, netutils.IP)
+	hostSearch = resolvconf.GetSearchDomains(resolvConf)
+
+	out, _ = dockerCmd(c, "run", "busybox", "cat", "/etc/resolv.conf")
+	if actualNameservers = resolvconf.GetNameservers([]byte(out), netutils.IP); string(actualNameservers[0]) != "12.34.56.78" || len(actualNameservers) != 1 {
+		c.Fatalf("expected '12.34.56.78', but has: %v", actualNameservers)
+	}
+
+	actualSearch = resolvconf.GetSearchDomains([]byte(out))
+	if len(actualSearch) != len(hostSearch) {
+		c.Fatalf("expected %q search domain(s), but it has: %q", len(hostSearch), len(actualSearch))
+	}
+	for i := range actualSearch {
+		if actualSearch[i] != hostSearch[i] {
+			c.Fatalf("expected %q domain, but says: %q", actualSearch[i], hostSearch[i])
+		}
+	}
+}
+
+// Test to see if a non-root user can resolve a DNS name. Also
+// check if the container resolv.conf file has at least 0644 perm.
+func (s *DockerSuite) TestRunNonRootUserResolvName(c *check.C) {
+	// Not applicable on Windows as Windows does not support --user
+	testRequires(c, SameHostDaemon, Network, DaemonIsLinux, NotArm)
+
+	dockerCmd(c, "run", "--name=testperm", "--user=nobody", "busybox", "nslookup", "apt.dockerproject.org")
+
+	cID, err := getIDByName("testperm")
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	fmode := (os.FileMode)(0644)
+	finfo, err := os.Stat(containerStorageFile(cID, "resolv.conf"))
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	if (finfo.Mode() & fmode) != fmode {
+		c.Fatalf("Expected container resolv.conf mode to be at least %s, instead got %s", fmode.String(), finfo.Mode().String())
+	}
+}
+
+// Test if container resolv.conf gets updated the next time it restarts
+// if host /etc/resolv.conf has changed. This only applies if the container
+// uses the host's /etc/resolv.conf and does not have any dns options provided.
+func (s *DockerSuite) TestRunResolvconfUpdate(c *check.C) {
+	// Not applicable on Windows as testing unix specific functionality
+	testRequires(c, SameHostDaemon, DaemonIsLinux)
+
+	tmpResolvConf := []byte("search pommesfrites.fr\nnameserver 12.34.56.78\n")
+	tmpLocalhostResolvConf := []byte("nameserver 127.0.0.1")
+
+	//take a copy of resolv.conf for restoring after test completes
+	resolvConfSystem, err := ioutil.ReadFile("/etc/resolv.conf")
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	// This test case is meant to test monitoring resolv.conf when it is
+	// a regular file not a bind mounc. So we unmount resolv.conf and replace
+	// it with a file containing the original settings.
+	cmd := exec.Command("umount", "/etc/resolv.conf")
+	if _, err = runCommand(cmd); err != nil {
+		c.Fatal(err)
+	}
+
+	//cleanup
+	defer func() {
+		if err := ioutil.WriteFile("/etc/resolv.conf", resolvConfSystem, 0644); err != nil {
+			c.Fatal(err)
+		}
+	}()
+
+	//1. test that a restarting container gets an updated resolv.conf
+	dockerCmd(c, "run", "--name='first'", "busybox", "true")
+	containerID1, err := getIDByName("first")
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	// replace resolv.conf with our temporary copy
+	bytesResolvConf := []byte(tmpResolvConf)
+	if err := ioutil.WriteFile("/etc/resolv.conf", bytesResolvConf, 0644); err != nil {
+		c.Fatal(err)
+	}
+
+	// start the container again to pickup changes
+	dockerCmd(c, "start", "first")
+
+	// check for update in container
+	containerResolv, err := readContainerFile(containerID1, "resolv.conf")
+	if err != nil {
+		c.Fatal(err)
+	}
+	if !bytes.Equal(containerResolv, bytesResolvConf) {
+		c.Fatalf("Restarted container does not have updated resolv.conf; expected %q, got %q", tmpResolvConf, string(containerResolv))
+	}
+
+	/*	//make a change to resolv.conf (in this case replacing our tmp copy with orig copy)
+		if err := ioutil.WriteFile("/etc/resolv.conf", resolvConfSystem, 0644); err != nil {
+						c.Fatal(err)
+								} */
+	//2. test that a restarting container does not receive resolv.conf updates
+	//   if it modified the container copy of the starting point resolv.conf
+	dockerCmd(c, "run", "--name='second'", "busybox", "sh", "-c", "echo 'search mylittlepony.com' >>/etc/resolv.conf")
+	containerID2, err := getIDByName("second")
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	//make a change to resolv.conf (in this case replacing our tmp copy with orig copy)
+	if err := ioutil.WriteFile("/etc/resolv.conf", resolvConfSystem, 0644); err != nil {
+		c.Fatal(err)
+	}
+
+	// start the container again
+	dockerCmd(c, "start", "second")
+
+	// check for update in container
+	containerResolv, err = readContainerFile(containerID2, "resolv.conf")
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	if bytes.Equal(containerResolv, resolvConfSystem) {
+		c.Fatalf("Container's resolv.conf should not have been updated with host resolv.conf: %q", string(containerResolv))
+	}
+
+	//3. test that a running container's resolv.conf is not modified while running
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "top")
+	runningContainerID := strings.TrimSpace(out)
+
+	// replace resolv.conf
+	if err := ioutil.WriteFile("/etc/resolv.conf", bytesResolvConf, 0644); err != nil {
+		c.Fatal(err)
+	}
+
+	// check for update in container
+	containerResolv, err = readContainerFile(runningContainerID, "resolv.conf")
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	if bytes.Equal(containerResolv, bytesResolvConf) {
+		c.Fatalf("Running container should not have updated resolv.conf; expected %q, got %q", string(resolvConfSystem), string(containerResolv))
+	}
+
+	//4. test that a running container's resolv.conf is updated upon restart
+	//   (the above container is still running..)
+	dockerCmd(c, "restart", runningContainerID)
+
+	// check for update in container
+	containerResolv, err = readContainerFile(runningContainerID, "resolv.conf")
+	if err != nil {
+		c.Fatal(err)
+	}
+	if !bytes.Equal(containerResolv, bytesResolvConf) {
+		c.Fatalf("Restarted container should have updated resolv.conf; expected %q, got %q", string(bytesResolvConf), string(containerResolv))
+	}
+
+	//5. test that additions of a localhost resolver are cleaned from
+	//   host resolv.conf before updating container's resolv.conf copies
+
+	// replace resolv.conf with a localhost-only nameserver copy
+	bytesResolvConf = []byte(tmpLocalhostResolvConf)
+	if err = ioutil.WriteFile("/etc/resolv.conf", bytesResolvConf, 0644); err != nil {
+		c.Fatal(err)
+	}
+
+	// start the container again to pickup changes
+	dockerCmd(c, "start", "first")
+
+	// our first exited container ID should have been updated, but with default DNS
+	// after the cleanup of resolv.conf found only a localhost nameserver:
+	containerResolv, err = readContainerFile(containerID1, "resolv.conf")
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	expected := "\nnameserver 8.8.8.8\nnameserver 8.8.4.4\n"
+	if !bytes.Equal(containerResolv, []byte(expected)) {
+		c.Fatalf("Container does not have cleaned/replaced DNS in resolv.conf; expected %q, got %q", expected, string(containerResolv))
+	}
+
+	//6. Test that replacing (as opposed to modifying) resolv.conf triggers an update
+	//   of containers' resolv.conf.
+
+	// Restore the original resolv.conf
+	if err := ioutil.WriteFile("/etc/resolv.conf", resolvConfSystem, 0644); err != nil {
+		c.Fatal(err)
+	}
+
+	// Run the container so it picks up the old settings
+	dockerCmd(c, "run", "--name='third'", "busybox", "true")
+	containerID3, err := getIDByName("third")
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	// Create a modified resolv.conf.aside and override resolv.conf with it
+	bytesResolvConf = []byte(tmpResolvConf)
+	if err := ioutil.WriteFile("/etc/resolv.conf.aside", bytesResolvConf, 0644); err != nil {
+		c.Fatal(err)
+	}
+
+	err = os.Rename("/etc/resolv.conf.aside", "/etc/resolv.conf")
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	// start the container again to pickup changes
+	dockerCmd(c, "start", "third")
+
+	// check for update in container
+	containerResolv, err = readContainerFile(containerID3, "resolv.conf")
+	if err != nil {
+		c.Fatal(err)
+	}
+	if !bytes.Equal(containerResolv, bytesResolvConf) {
+		c.Fatalf("Stopped container does not have updated resolv.conf; expected\n%q\n got\n%q", tmpResolvConf, string(containerResolv))
+	}
+
+	//cleanup, restore original resolv.conf happens in defer func()
+}
+
+func (s *DockerSuite) TestRunAddHost(c *check.C) {
+	// Not applicable on Windows as it does not support --add-host
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "--add-host=extra:86.75.30.9", "busybox", "grep", "extra", "/etc/hosts")
+
+	actual := strings.Trim(out, "\r\n")
+	if actual != "86.75.30.9\textra" {
+		c.Fatalf("expected '86.75.30.9\textra', but says: %q", actual)
+	}
+}
+
+// Regression test for #6983
+func (s *DockerSuite) TestRunAttachStdErrOnlyTTYMode(c *check.C) {
+	_, exitCode := dockerCmd(c, "run", "-t", "-a", "stderr", "busybox", "true")
+	if exitCode != 0 {
+		c.Fatalf("Container should have exited with error code 0")
+	}
+}
+
+// Regression test for #6983
+func (s *DockerSuite) TestRunAttachStdOutOnlyTTYMode(c *check.C) {
+	_, exitCode := dockerCmd(c, "run", "-t", "-a", "stdout", "busybox", "true")
+	if exitCode != 0 {
+		c.Fatalf("Container should have exited with error code 0")
+	}
+}
+
+// Regression test for #6983
+func (s *DockerSuite) TestRunAttachStdOutAndErrTTYMode(c *check.C) {
+	_, exitCode := dockerCmd(c, "run", "-t", "-a", "stdout", "-a", "stderr", "busybox", "true")
+	if exitCode != 0 {
+		c.Fatalf("Container should have exited with error code 0")
+	}
+}
+
+// Test for #10388 - this will run the same test as TestRunAttachStdOutAndErrTTYMode
+// but using --attach instead of -a to make sure we read the flag correctly
+func (s *DockerSuite) TestRunAttachWithDetach(c *check.C) {
+	cmd := exec.Command(dockerBinary, "run", "-d", "--attach", "stdout", "busybox", "true")
+	_, stderr, _, err := runCommandWithStdoutStderr(cmd)
+	if err == nil {
+		c.Fatal("Container should have exited with error code different than 0")
+	} else if !strings.Contains(stderr, "Conflicting options: -a and -d") {
+		c.Fatal("Should have been returned an error with conflicting options -a and -d")
+	}
+}
+
+func (s *DockerSuite) TestRunState(c *check.C) {
+	// TODO Windows: This needs some rework as Windows busybox does not support top
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "top")
+
+	id := strings.TrimSpace(out)
+	state := inspectField(c, id, "State.Running")
+	if state != "true" {
+		c.Fatal("Container state is 'not running'")
+	}
+	pid1 := inspectField(c, id, "State.Pid")
+	if pid1 == "0" {
+		c.Fatal("Container state Pid 0")
+	}
+
+	dockerCmd(c, "stop", id)
+	state = inspectField(c, id, "State.Running")
+	if state != "false" {
+		c.Fatal("Container state is 'running'")
+	}
+	pid2 := inspectField(c, id, "State.Pid")
+	if pid2 == pid1 {
+		c.Fatalf("Container state Pid %s, but expected %s", pid2, pid1)
+	}
+
+	dockerCmd(c, "start", id)
+	state = inspectField(c, id, "State.Running")
+	if state != "true" {
+		c.Fatal("Container state is 'not running'")
+	}
+	pid3 := inspectField(c, id, "State.Pid")
+	if pid3 == pid1 {
+		c.Fatalf("Container state Pid %s, but expected %s", pid2, pid1)
+	}
+}
+
+// Test for #1737
+func (s *DockerSuite) TestRunCopyVolumeUidGid(c *check.C) {
+	// Not applicable on Windows as it does not support uid or gid in this way
+	testRequires(c, DaemonIsLinux)
+	name := "testrunvolumesuidgid"
+	_, err := buildImage(name,
+		`FROM busybox
+		RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
+		RUN echo 'dockerio:x:1001:' >> /etc/group
+		RUN mkdir -p /hello && touch /hello/test && chown dockerio.dockerio /hello`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	// Test that the uid and gid is copied from the image to the volume
+	out, _ := dockerCmd(c, "run", "--rm", "-v", "/hello", name, "sh", "-c", "ls -l / | grep hello | awk '{print $3\":\"$4}'")
+	out = strings.TrimSpace(out)
+	if out != "dockerio:dockerio" {
+		c.Fatalf("Wrong /hello ownership: %s, expected dockerio:dockerio", out)
+	}
+}
+
+// Test for #1582
+func (s *DockerSuite) TestRunCopyVolumeContent(c *check.C) {
+	// TODO Windows, post TP4. Windows does not yet support volume functionality
+	// that copies from the image to the volume.
+	testRequires(c, DaemonIsLinux)
+	name := "testruncopyvolumecontent"
+	_, err := buildImage(name,
+		`FROM busybox
+		RUN mkdir -p /hello/local && echo hello > /hello/local/world`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	// Test that the content is copied from the image to the volume
+	out, _ := dockerCmd(c, "run", "--rm", "-v", "/hello", name, "find", "/hello")
+	if !(strings.Contains(out, "/hello/local/world") && strings.Contains(out, "/hello/local")) {
+		c.Fatal("Container failed to transfer content to volume")
+	}
+}
+
+func (s *DockerSuite) TestRunCleanupCmdOnEntrypoint(c *check.C) {
+	name := "testrunmdcleanuponentrypoint"
+	if _, err := buildImage(name,
+		`FROM busybox
+		ENTRYPOINT ["echo"]
+		CMD ["testingpoint"]`,
+		true); err != nil {
+		c.Fatal(err)
+	}
+
+	out, exit := dockerCmd(c, "run", "--entrypoint", "whoami", name)
+	if exit != 0 {
+		c.Fatalf("expected exit code 0 received %d, out: %q", exit, out)
+	}
+	out = strings.TrimSpace(out)
+	expected := "root"
+	if daemonPlatform == "windows" {
+		// TODO Windows: Remove this check once TP4 is no longer supported.
+		if windowsDaemonKV < 14250 {
+			expected = `nt authority\system`
+		} else {
+			expected = `user manager\containeradministrator`
+		}
+	}
+	if out != expected {
+		c.Fatalf("Expected output %s, got %q", expected, out)
+	}
+}
+
+// TestRunWorkdirExistsAndIsFile checks that if 'docker run -w' with existing file can be detected
+func (s *DockerSuite) TestRunWorkdirExistsAndIsFile(c *check.C) {
+	existingFile := "/bin/cat"
+	expected := "not a directory"
+	if daemonPlatform == "windows" {
+		existingFile = `\windows\system32\ntdll.dll`
+		expected = `Cannot mkdir: \windows\system32\ntdll.dll is not a directory.`
+	}
+
+	out, exitCode, err := dockerCmdWithError("run", "-w", existingFile, "busybox")
+	if !(err != nil && exitCode == 125 && strings.Contains(out, expected)) {
+		c.Fatalf("Existing binary as a directory should error out with exitCode 125; we got: %s, exitCode: %d", out, exitCode)
+	}
+}
+
+func (s *DockerSuite) TestRunExitOnStdinClose(c *check.C) {
+	name := "testrunexitonstdinclose"
+
+	meow := "/bin/cat"
+	delay := 1
+	if daemonPlatform == "windows" {
+		meow = "cat"
+		delay = 60
+	}
+	runCmd := exec.Command(dockerBinary, "run", "--name", name, "-i", "busybox", meow)
+
+	stdin, err := runCmd.StdinPipe()
+	if err != nil {
+		c.Fatal(err)
+	}
+	stdout, err := runCmd.StdoutPipe()
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	if err := runCmd.Start(); err != nil {
+		c.Fatal(err)
+	}
+	if _, err := stdin.Write([]byte("hello\n")); err != nil {
+		c.Fatal(err)
+	}
+
+	r := bufio.NewReader(stdout)
+	line, err := r.ReadString('\n')
+	if err != nil {
+		c.Fatal(err)
+	}
+	line = strings.TrimSpace(line)
+	if line != "hello" {
+		c.Fatalf("Output should be 'hello', got '%q'", line)
+	}
+	if err := stdin.Close(); err != nil {
+		c.Fatal(err)
+	}
+	finish := make(chan error)
+	go func() {
+		finish <- runCmd.Wait()
+		close(finish)
+	}()
+	select {
+	case err := <-finish:
+		c.Assert(err, check.IsNil)
+	case <-time.After(time.Duration(delay) * time.Second):
+		c.Fatal("docker run failed to exit on stdin close")
+	}
+	state := inspectField(c, name, "State.Running")
+
+	if state != "false" {
+		c.Fatal("Container must be stopped after stdin closing")
+	}
+}
+
+// Test for #2267
+func (s *DockerSuite) TestRunWriteHostsFileAndNotCommit(c *check.C) {
+	// Cannot run on Windows as Windows does not support diff.
+	testRequires(c, DaemonIsLinux)
+	name := "writehosts"
+	out, _ := dockerCmd(c, "run", "--name", name, "busybox", "sh", "-c", "echo test2267 >> /etc/hosts && cat /etc/hosts")
+	if !strings.Contains(out, "test2267") {
+		c.Fatal("/etc/hosts should contain 'test2267'")
+	}
+
+	out, _ = dockerCmd(c, "diff", name)
+	if len(strings.Trim(out, "\r\n")) != 0 && !eqToBaseDiff(out, c) {
+		c.Fatal("diff should be empty")
+	}
+}
+
+func eqToBaseDiff(out string, c *check.C) bool {
+	name := "eqToBaseDiff" + stringutils.GenerateRandomAlphaOnlyString(32)
+	dockerCmd(c, "run", "--name", name, "busybox", "echo", "hello")
+	cID, err := getIDByName(name)
+	c.Assert(err, check.IsNil)
+
+	baseDiff, _ := dockerCmd(c, "diff", cID)
+	baseArr := strings.Split(baseDiff, "\n")
+	sort.Strings(baseArr)
+	outArr := strings.Split(out, "\n")
+	sort.Strings(outArr)
+	return sliceEq(baseArr, outArr)
+}
+
+func sliceEq(a, b []string) bool {
+	if len(a) != len(b) {
+		return false
+	}
+
+	for i := range a {
+		if a[i] != b[i] {
+			return false
+		}
+	}
+
+	return true
+}
+
+// Test for #2267
+func (s *DockerSuite) TestRunWriteHostnameFileAndNotCommit(c *check.C) {
+	// Cannot run on Windows as Windows does not support diff.
+	testRequires(c, DaemonIsLinux)
+	name := "writehostname"
+	out, _ := dockerCmd(c, "run", "--name", name, "busybox", "sh", "-c", "echo test2267 >> /etc/hostname && cat /etc/hostname")
+	if !strings.Contains(out, "test2267") {
+		c.Fatal("/etc/hostname should contain 'test2267'")
+	}
+
+	out, _ = dockerCmd(c, "diff", name)
+	if len(strings.Trim(out, "\r\n")) != 0 && !eqToBaseDiff(out, c) {
+		c.Fatal("diff should be empty")
+	}
+}
+
+// Test for #2267
+func (s *DockerSuite) TestRunWriteResolvFileAndNotCommit(c *check.C) {
+	// Cannot run on Windows as Windows does not support diff.
+	testRequires(c, DaemonIsLinux)
+	name := "writeresolv"
+	out, _ := dockerCmd(c, "run", "--name", name, "busybox", "sh", "-c", "echo test2267 >> /etc/resolv.conf && cat /etc/resolv.conf")
+	if !strings.Contains(out, "test2267") {
+		c.Fatal("/etc/resolv.conf should contain 'test2267'")
+	}
+
+	out, _ = dockerCmd(c, "diff", name)
+	if len(strings.Trim(out, "\r\n")) != 0 && !eqToBaseDiff(out, c) {
+		c.Fatal("diff should be empty")
+	}
+}
+
+func (s *DockerSuite) TestRunWithBadDevice(c *check.C) {
+	// Cannot run on Windows as Windows does not support --device
+	testRequires(c, DaemonIsLinux)
+	name := "baddevice"
+	out, _, err := dockerCmdWithError("run", "--name", name, "--device", "/etc", "busybox", "true")
+
+	if err == nil {
+		c.Fatal("Run should fail with bad device")
+	}
+	expected := `"/etc": not a device node`
+	if !strings.Contains(out, expected) {
+		c.Fatalf("Output should contain %q, actual out: %q", expected, out)
+	}
+}
+
+func (s *DockerSuite) TestRunEntrypoint(c *check.C) {
+	name := "entrypoint"
+
+	// Note Windows does not have an echo.exe built in.
+	var out, expected string
+	if daemonPlatform == "windows" {
+		out, _ = dockerCmd(c, "run", "--name", name, "--entrypoint", "cmd /s /c echo", "busybox", "foobar")
+		expected = "foobar\r\n"
+	} else {
+		out, _ = dockerCmd(c, "run", "--name", name, "--entrypoint", "/bin/echo", "busybox", "-n", "foobar")
+		expected = "foobar"
+	}
+
+	if out != expected {
+		c.Fatalf("Output should be %q, actual out: %q", expected, out)
+	}
+}
+
+func (s *DockerSuite) TestRunBindMounts(c *check.C) {
+	testRequires(c, SameHostDaemon)
+	if daemonPlatform == "linux" {
+		testRequires(c, DaemonIsLinux, NotUserNamespace)
+	}
+
+	tmpDir, err := ioutil.TempDir("", "docker-test-container")
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	defer os.RemoveAll(tmpDir)
+	writeFile(path.Join(tmpDir, "touch-me"), "", c)
+
+	// TODO Windows Post TP4. Windows does not yet support :ro binds
+	if daemonPlatform != "windows" {
+		// Test reading from a read-only bind mount
+		out, _ := dockerCmd(c, "run", "-v", fmt.Sprintf("%s:/tmp:ro", tmpDir), "busybox", "ls", "/tmp")
+		if !strings.Contains(out, "touch-me") {
+			c.Fatal("Container failed to read from bind mount")
+		}
+	}
+
+	// test writing to bind mount
+	if daemonPlatform == "windows" {
+		dockerCmd(c, "run", "-v", fmt.Sprintf(`%s:c:\tmp:rw`, tmpDir), "busybox", "touch", "c:/tmp/holla")
+	} else {
+		dockerCmd(c, "run", "-v", fmt.Sprintf("%s:/tmp:rw", tmpDir), "busybox", "touch", "/tmp/holla")
+	}
+
+	readFile(path.Join(tmpDir, "holla"), c) // Will fail if the file doesn't exist
+
+	// test mounting to an illegal destination directory
+	_, _, err = dockerCmdWithError("run", "-v", fmt.Sprintf("%s:.", tmpDir), "busybox", "ls", ".")
+	if err == nil {
+		c.Fatal("Container bind mounted illegal directory")
+	}
+
+	// Windows does not (and likely never will) support mounting a single file
+	if daemonPlatform != "windows" {
+		// test mount a file
+		dockerCmd(c, "run", "-v", fmt.Sprintf("%s/holla:/tmp/holla:rw", tmpDir), "busybox", "sh", "-c", "echo -n 'yotta' > /tmp/holla")
+		content := readFile(path.Join(tmpDir, "holla"), c) // Will fail if the file doesn't exist
+		expected := "yotta"
+		if content != expected {
+			c.Fatalf("Output should be %q, actual out: %q", expected, content)
+		}
+	}
+}
+
+// Ensure that CIDFile gets deleted if it's empty
+// Perform this test by making `docker run` fail
+func (s *DockerSuite) TestRunCidFileCleanupIfEmpty(c *check.C) {
+	tmpDir, err := ioutil.TempDir("", "TestRunCidFile")
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer os.RemoveAll(tmpDir)
+	tmpCidFile := path.Join(tmpDir, "cid")
+
+	image := "emptyfs"
+	if daemonPlatform == "windows" {
+		// Windows can't support an emptyfs image. Just use the regular Windows image
+		image = WindowsBaseImage
+	}
+	out, _, err := dockerCmdWithError("run", "--cidfile", tmpCidFile, image)
+	if err == nil {
+		c.Fatalf("Run without command must fail. out=%s", out)
+	} else if !strings.Contains(out, "No command specified") {
+		c.Fatalf("Run without command failed with wrong output. out=%s\nerr=%v", out, err)
+	}
+
+	if _, err := os.Stat(tmpCidFile); err == nil {
+		c.Fatalf("empty CIDFile %q should've been deleted", tmpCidFile)
+	}
+}
+
+// #2098 - Docker cidFiles only contain short version of the containerId
+//sudo docker run --cidfile /tmp/docker_tesc.cid ubuntu echo "test"
+// TestRunCidFile tests that run --cidfile returns the longid
+func (s *DockerSuite) TestRunCidFileCheckIDLength(c *check.C) {
+	tmpDir, err := ioutil.TempDir("", "TestRunCidFile")
+	if err != nil {
+		c.Fatal(err)
+	}
+	tmpCidFile := path.Join(tmpDir, "cid")
+	defer os.RemoveAll(tmpDir)
+
+	out, _ := dockerCmd(c, "run", "-d", "--cidfile", tmpCidFile, "busybox", "true")
+
+	id := strings.TrimSpace(out)
+	buffer, err := ioutil.ReadFile(tmpCidFile)
+	if err != nil {
+		c.Fatal(err)
+	}
+	cid := string(buffer)
+	if len(cid) != 64 {
+		c.Fatalf("--cidfile should be a long id, not %q", id)
+	}
+	if cid != id {
+		c.Fatalf("cid must be equal to %s, got %s", id, cid)
+	}
+}
+
+func (s *DockerSuite) TestRunSetMacAddress(c *check.C) {
+	mac := "12:34:56:78:9a:bc"
+	var out string
+	if daemonPlatform == "windows" {
+		out, _ = dockerCmd(c, "run", "-i", "--rm", fmt.Sprintf("--mac-address=%s", mac), "busybox", "sh", "-c", "ipconfig /all | grep 'Physical Address' | awk '{print $12}'")
+		mac = strings.Replace(strings.ToUpper(mac), ":", "-", -1) // To Windows-style MACs
+	} else {
+		out, _ = dockerCmd(c, "run", "-i", "--rm", fmt.Sprintf("--mac-address=%s", mac), "busybox", "/bin/sh", "-c", "ip link show eth0 | tail -1 | awk '{print $2}'")
+	}
+
+	actualMac := strings.TrimSpace(out)
+	if actualMac != mac {
+		c.Fatalf("Set MAC address with --mac-address failed. The container has an incorrect MAC address: %q, expected: %q", actualMac, mac)
+	}
+}
+
+func (s *DockerSuite) TestRunInspectMacAddress(c *check.C) {
+	// TODO Windows. Network settings are not propagated back to inspect.
+	testRequires(c, DaemonIsLinux)
+	mac := "12:34:56:78:9a:bc"
+	out, _ := dockerCmd(c, "run", "-d", "--mac-address="+mac, "busybox", "top")
+
+	id := strings.TrimSpace(out)
+	inspectedMac := inspectField(c, id, "NetworkSettings.Networks.bridge.MacAddress")
+	if inspectedMac != mac {
+		c.Fatalf("docker inspect outputs wrong MAC address: %q, should be: %q", inspectedMac, mac)
+	}
+}
+
+// test docker run use an invalid mac address
+func (s *DockerSuite) TestRunWithInvalidMacAddress(c *check.C) {
+	out, _, err := dockerCmdWithError("run", "--mac-address", "92:d0:c6:0a:29", "busybox")
+	//use an invalid mac address should with an error out
+	if err == nil || !strings.Contains(out, "is not a valid mac address") {
+		c.Fatalf("run with an invalid --mac-address should with error out")
+	}
+}
+
+func (s *DockerSuite) TestRunDeallocatePortOnMissingIptablesRule(c *check.C) {
+	// TODO Windows. Network settings are not propagated back to inspect.
+	testRequires(c, SameHostDaemon, DaemonIsLinux)
+
+	out, _ := dockerCmd(c, "run", "-d", "-p", "23:23", "busybox", "top")
+
+	id := strings.TrimSpace(out)
+	ip := inspectField(c, id, "NetworkSettings.Networks.bridge.IPAddress")
+	iptCmd := exec.Command("iptables", "-D", "DOCKER", "-d", fmt.Sprintf("%s/32", ip),
+		"!", "-i", "docker0", "-o", "docker0", "-p", "tcp", "-m", "tcp", "--dport", "23", "-j", "ACCEPT")
+	out, _, err := runCommandWithOutput(iptCmd)
+	if err != nil {
+		c.Fatal(err, out)
+	}
+	if err := deleteContainer(id); err != nil {
+		c.Fatal(err)
+	}
+
+	dockerCmd(c, "run", "-d", "-p", "23:23", "busybox", "top")
+}
+
+func (s *DockerSuite) TestRunPortInUse(c *check.C) {
+	// TODO Windows. The duplicate NAT message returned by Windows will be
+	// changing as is currently completely undecipherable. Does need modifying
+	// to run sh rather than top though as top isn't in Windows busybox.
+	testRequires(c, SameHostDaemon, DaemonIsLinux)
+
+	port := "1234"
+	dockerCmd(c, "run", "-d", "-p", port+":80", "busybox", "top")
+
+	out, _, err := dockerCmdWithError("run", "-d", "-p", port+":80", "busybox", "top")
+	if err == nil {
+		c.Fatalf("Binding on used port must fail")
+	}
+	if !strings.Contains(out, "port is already allocated") {
+		c.Fatalf("Out must be about \"port is already allocated\", got %s", out)
+	}
+}
+
+// https://github.com/docker/docker/issues/12148
+func (s *DockerSuite) TestRunAllocatePortInReservedRange(c *check.C) {
+	// TODO Windows. -P is not yet supported
+	testRequires(c, DaemonIsLinux)
+	// allocate a dynamic port to get the most recent
+	out, _ := dockerCmd(c, "run", "-d", "-P", "-p", "80", "busybox", "top")
+
+	id := strings.TrimSpace(out)
+	out, _ = dockerCmd(c, "port", id, "80")
+
+	strPort := strings.Split(strings.TrimSpace(out), ":")[1]
+	port, err := strconv.ParseInt(strPort, 10, 64)
+	if err != nil {
+		c.Fatalf("invalid port, got: %s, error: %s", strPort, err)
+	}
+
+	// allocate a static port and a dynamic port together, with static port
+	// takes the next recent port in dynamic port range.
+	dockerCmd(c, "run", "-d", "-P", "-p", "80", "-p", fmt.Sprintf("%d:8080", port+1), "busybox", "top")
+}
+
+// Regression test for #7792
+func (s *DockerSuite) TestRunMountOrdering(c *check.C) {
+	// TODO Windows: Post TP4. Updated, but Windows does not support nested mounts currently.
+	testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace)
+	prefix, _ := getPrefixAndSlashFromDaemonPlatform()
+
+	tmpDir, err := ioutil.TempDir("", "docker_nested_mount_test")
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer os.RemoveAll(tmpDir)
+
+	tmpDir2, err := ioutil.TempDir("", "docker_nested_mount_test2")
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer os.RemoveAll(tmpDir2)
+
+	// Create a temporary tmpfs mounc.
+	fooDir := filepath.Join(tmpDir, "foo")
+	if err := os.MkdirAll(filepath.Join(tmpDir, "foo"), 0755); err != nil {
+		c.Fatalf("failed to mkdir at %s - %s", fooDir, err)
+	}
+
+	if err := ioutil.WriteFile(fmt.Sprintf("%s/touch-me", fooDir), []byte{}, 0644); err != nil {
+		c.Fatal(err)
+	}
+
+	if err := ioutil.WriteFile(fmt.Sprintf("%s/touch-me", tmpDir), []byte{}, 0644); err != nil {
+		c.Fatal(err)
+	}
+
+	if err := ioutil.WriteFile(fmt.Sprintf("%s/touch-me", tmpDir2), []byte{}, 0644); err != nil {
+		c.Fatal(err)
+	}
+
+	dockerCmd(c, "run",
+		"-v", fmt.Sprintf("%s:"+prefix+"/tmp", tmpDir),
+		"-v", fmt.Sprintf("%s:"+prefix+"/tmp/foo", fooDir),
+		"-v", fmt.Sprintf("%s:"+prefix+"/tmp/tmp2", tmpDir2),
+		"-v", fmt.Sprintf("%s:"+prefix+"/tmp/tmp2/foo", fooDir),
+		"busybox:latest", "sh", "-c",
+		"ls "+prefix+"/tmp/touch-me && ls "+prefix+"/tmp/foo/touch-me && ls "+prefix+"/tmp/tmp2/touch-me && ls "+prefix+"/tmp/tmp2/foo/touch-me")
+}
+
+// Regression test for https://github.com/docker/docker/issues/8259
+func (s *DockerSuite) TestRunReuseBindVolumeThatIsSymlink(c *check.C) {
+	// Not applicable on Windows as Windows does not support volumes
+	testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace)
+	prefix, _ := getPrefixAndSlashFromDaemonPlatform()
+
+	tmpDir, err := ioutil.TempDir(os.TempDir(), "testlink")
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer os.RemoveAll(tmpDir)
+
+	linkPath := os.TempDir() + "/testlink2"
+	if err := os.Symlink(tmpDir, linkPath); err != nil {
+		c.Fatal(err)
+	}
+	defer os.RemoveAll(linkPath)
+
+	// Create first container
+	dockerCmd(c, "run", "-v", fmt.Sprintf("%s:"+prefix+"/tmp/test", linkPath), "busybox", "ls", prefix+"/tmp/test")
+
+	// Create second container with same symlinked path
+	// This will fail if the referenced issue is hit with a "Volume exists" error
+	dockerCmd(c, "run", "-v", fmt.Sprintf("%s:"+prefix+"/tmp/test", linkPath), "busybox", "ls", prefix+"/tmp/test")
+}
+
+//GH#10604: Test an "/etc" volume doesn't overlay special bind mounts in container
+func (s *DockerSuite) TestRunCreateVolumeEtc(c *check.C) {
+	// While Windows supports volumes, it does not support --add-host hence
+	// this test is not applicable on Windows.
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "--dns=127.0.0.1", "-v", "/etc", "busybox", "cat", "/etc/resolv.conf")
+	if !strings.Contains(out, "nameserver 127.0.0.1") {
+		c.Fatal("/etc volume mount hides /etc/resolv.conf")
+	}
+
+	out, _ = dockerCmd(c, "run", "-h=test123", "-v", "/etc", "busybox", "cat", "/etc/hostname")
+	if !strings.Contains(out, "test123") {
+		c.Fatal("/etc volume mount hides /etc/hostname")
+	}
+
+	out, _ = dockerCmd(c, "run", "--add-host=test:192.168.0.1", "-v", "/etc", "busybox", "cat", "/etc/hosts")
+	out = strings.Replace(out, "\n", " ", -1)
+	if !strings.Contains(out, "192.168.0.1\ttest") || !strings.Contains(out, "127.0.0.1\tlocalhost") {
+		c.Fatal("/etc volume mount hides /etc/hosts")
+	}
+}
+
+func (s *DockerSuite) TestVolumesNoCopyData(c *check.C) {
+	// TODO Windows (Post TP4). Windows does not support volumes which
+	// are pre-populated such as is built in the dockerfile used in this test.
+	testRequires(c, DaemonIsLinux)
+	if _, err := buildImage("dataimage",
+		`FROM busybox
+		RUN mkdir -p /foo
+		RUN touch /foo/bar`,
+		true); err != nil {
+		c.Fatal(err)
+	}
+
+	dockerCmd(c, "run", "--name", "test", "-v", "/foo", "busybox")
+
+	if out, _, err := dockerCmdWithError("run", "--volumes-from", "test", "dataimage", "ls", "-lh", "/foo/bar"); err == nil || !strings.Contains(out, "No such file or directory") {
+		c.Fatalf("Data was copied on volumes-from but shouldn't be:\n%q", out)
+	}
+
+	tmpDir := randomTmpDirPath("docker_test_bind_mount_copy_data", daemonPlatform)
+	if out, _, err := dockerCmdWithError("run", "-v", tmpDir+":/foo", "dataimage", "ls", "-lh", "/foo/bar"); err == nil || !strings.Contains(out, "No such file or directory") {
+		c.Fatalf("Data was copied on bind-mount but shouldn't be:\n%q", out)
+	}
+}
+
+func (s *DockerSuite) TestRunNoOutputFromPullInStdout(c *check.C) {
+	// just run with unknown image
+	cmd := exec.Command(dockerBinary, "run", "asdfsg")
+	stdout := bytes.NewBuffer(nil)
+	cmd.Stdout = stdout
+	if err := cmd.Run(); err == nil {
+		c.Fatal("Run with unknown image should fail")
+	}
+	if stdout.Len() != 0 {
+		c.Fatalf("Stdout contains output from pull: %s", stdout)
+	}
+}
+
+func (s *DockerSuite) TestRunVolumesCleanPaths(c *check.C) {
+	testRequires(c, SameHostDaemon)
+	prefix, slash := getPrefixAndSlashFromDaemonPlatform()
+	if _, err := buildImage("run_volumes_clean_paths",
+		`FROM busybox
+		VOLUME `+prefix+`/foo/`,
+		true); err != nil {
+		c.Fatal(err)
+	}
+
+	dockerCmd(c, "run", "-v", prefix+"/foo", "-v", prefix+"/bar/", "--name", "dark_helmet", "run_volumes_clean_paths")
+
+	out, err := inspectMountSourceField("dark_helmet", prefix+slash+"foo"+slash)
+	if err != errMountNotFound {
+		c.Fatalf("Found unexpected volume entry for '%s/foo/' in volumes\n%q", prefix, out)
+	}
+
+	out, err = inspectMountSourceField("dark_helmet", prefix+slash+`foo`)
+	c.Assert(err, check.IsNil)
+	if !strings.Contains(strings.ToLower(out), strings.ToLower(volumesConfigPath)) {
+		c.Fatalf("Volume was not defined for %s/foo\n%q", prefix, out)
+	}
+
+	out, err = inspectMountSourceField("dark_helmet", prefix+slash+"bar"+slash)
+	if err != errMountNotFound {
+		c.Fatalf("Found unexpected volume entry for '%s/bar/' in volumes\n%q", prefix, out)
+	}
+
+	out, err = inspectMountSourceField("dark_helmet", prefix+slash+"bar")
+	c.Assert(err, check.IsNil)
+	if !strings.Contains(strings.ToLower(out), strings.ToLower(volumesConfigPath)) {
+		c.Fatalf("Volume was not defined for %s/bar\n%q", prefix, out)
+	}
+}
+
+// Regression test for #3631
+func (s *DockerSuite) TestRunSlowStdoutConsumer(c *check.C) {
+	// TODO Windows: This should be able to run on Windows if can find an
+	// alternate to /dev/zero and /dev/stdout.
+	testRequires(c, DaemonIsLinux)
+	cont := exec.Command(dockerBinary, "run", "--rm", "busybox", "/bin/sh", "-c", "dd if=/dev/zero of=/dev/stdout bs=1024 count=2000 | catv")
+
+	stdout, err := cont.StdoutPipe()
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	if err := cont.Start(); err != nil {
+		c.Fatal(err)
+	}
+	n, err := consumeWithSpeed(stdout, 10000, 5*time.Millisecond, nil)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	expected := 2 * 1024 * 2000
+	if n != expected {
+		c.Fatalf("Expected %d, got %d", expected, n)
+	}
+}
+
+func (s *DockerSuite) TestRunAllowPortRangeThroughExpose(c *check.C) {
+	// TODO Windows: -P is not currently supported. Also network
+	// settings are not propagated back.
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "--expose", "3000-3003", "-P", "busybox", "top")
+
+	id := strings.TrimSpace(out)
+	portstr := inspectFieldJSON(c, id, "NetworkSettings.Ports")
+	var ports nat.PortMap
+	if err := unmarshalJSON([]byte(portstr), &ports); err != nil {
+		c.Fatal(err)
+	}
+	for port, binding := range ports {
+		portnum, _ := strconv.Atoi(strings.Split(string(port), "/")[0])
+		if portnum < 3000 || portnum > 3003 {
+			c.Fatalf("Port %d is out of range ", portnum)
+		}
+		if binding == nil || len(binding) != 1 || len(binding[0].HostPort) == 0 {
+			c.Fatalf("Port is not mapped for the port %s", port)
+		}
+	}
+}
+
+func (s *DockerSuite) TestRunExposePort(c *check.C) {
+	out, _, err := dockerCmdWithError("run", "--expose", "80000", "busybox")
+	c.Assert(err, checker.NotNil, check.Commentf("--expose with an invalid port should error out"))
+	c.Assert(out, checker.Contains, "invalid range format for --expose")
+}
+
+func (s *DockerSuite) TestRunUnknownCommand(c *check.C) {
+	out, _, _ := dockerCmdWithStdoutStderr(c, "create", "busybox", "/bin/nada")
+
+	cID := strings.TrimSpace(out)
+	_, _, err := dockerCmdWithError("start", cID)
+
+	// Windows and Linux are different here by architectural design. Linux will
+	// fail to start the container, so an error is expected. Windows will
+	// successfully start the container, and once started attempt to execute
+	// the command which will fail.
+	if daemonPlatform == "windows" {
+		// Wait for it to exit.
+		waitExited(cID, 30*time.Second)
+		c.Assert(err, check.IsNil)
+	} else {
+		c.Assert(err, check.NotNil)
+	}
+
+	rc := inspectField(c, cID, "State.ExitCode")
+	if rc == "0" {
+		c.Fatalf("ExitCode(%v) cannot be 0", rc)
+	}
+}
+
+func (s *DockerSuite) TestRunModeIpcHost(c *check.C) {
+	// Not applicable on Windows as uses Unix-specific capabilities
+	testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace)
+
+	hostIpc, err := os.Readlink("/proc/1/ns/ipc")
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	out, _ := dockerCmd(c, "run", "--ipc=host", "busybox", "readlink", "/proc/self/ns/ipc")
+	out = strings.Trim(out, "\n")
+	if hostIpc != out {
+		c.Fatalf("IPC different with --ipc=host %s != %s\n", hostIpc, out)
+	}
+
+	out, _ = dockerCmd(c, "run", "busybox", "readlink", "/proc/self/ns/ipc")
+	out = strings.Trim(out, "\n")
+	if hostIpc == out {
+		c.Fatalf("IPC should be different without --ipc=host %s == %s\n", hostIpc, out)
+	}
+}
+
+func (s *DockerSuite) TestRunModeIpcContainer(c *check.C) {
+	// Not applicable on Windows as uses Unix-specific capabilities
+	testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace)
+
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", "echo -n test > /dev/shm/test && touch /dev/mqueue/toto && top")
+
+	id := strings.TrimSpace(out)
+	state := inspectField(c, id, "State.Running")
+	if state != "true" {
+		c.Fatal("Container state is 'not running'")
+	}
+	pid1 := inspectField(c, id, "State.Pid")
+
+	parentContainerIpc, err := os.Readlink(fmt.Sprintf("/proc/%s/ns/ipc", pid1))
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	out, _ = dockerCmd(c, "run", fmt.Sprintf("--ipc=container:%s", id), "busybox", "readlink", "/proc/self/ns/ipc")
+	out = strings.Trim(out, "\n")
+	if parentContainerIpc != out {
+		c.Fatalf("IPC different with --ipc=container:%s %s != %s\n", id, parentContainerIpc, out)
+	}
+
+	catOutput, _ := dockerCmd(c, "run", fmt.Sprintf("--ipc=container:%s", id), "busybox", "cat", "/dev/shm/test")
+	if catOutput != "test" {
+		c.Fatalf("Output of /dev/shm/test expected test but found: %s", catOutput)
+	}
+
+	// check that /dev/mqueue is actually of mqueue type
+	grepOutput, _ := dockerCmd(c, "run", fmt.Sprintf("--ipc=container:%s", id), "busybox", "grep", "/dev/mqueue", "/proc/mounts")
+	if !strings.HasPrefix(grepOutput, "mqueue /dev/mqueue mqueue rw") {
+		c.Fatalf("Output of 'grep /proc/mounts' expected 'mqueue /dev/mqueue mqueue rw' but found: %s", grepOutput)
+	}
+
+	lsOutput, _ := dockerCmd(c, "run", fmt.Sprintf("--ipc=container:%s", id), "busybox", "ls", "/dev/mqueue")
+	lsOutput = strings.Trim(lsOutput, "\n")
+	if lsOutput != "toto" {
+		c.Fatalf("Output of 'ls /dev/mqueue' expected 'toto' but found: %s", lsOutput)
+	}
+}
+
+func (s *DockerSuite) TestRunModeIpcContainerNotExists(c *check.C) {
+	// Not applicable on Windows as uses Unix-specific capabilities
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	out, _, err := dockerCmdWithError("run", "-d", "--ipc", "container:abcd1234", "busybox", "top")
+	if !strings.Contains(out, "abcd1234") || err == nil {
+		c.Fatalf("run IPC from a non exists container should with correct error out")
+	}
+}
+
+func (s *DockerSuite) TestRunModeIpcContainerNotRunning(c *check.C) {
+	// Not applicable on Windows as uses Unix-specific capabilities
+	testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace)
+
+	out, _ := dockerCmd(c, "create", "busybox")
+
+	id := strings.TrimSpace(out)
+	out, _, err := dockerCmdWithError("run", fmt.Sprintf("--ipc=container:%s", id), "busybox")
+	if err == nil {
+		c.Fatalf("Run container with ipc mode container should fail with non running container: %s\n%s", out, err)
+	}
+}
+
+func (s *DockerSuite) TestRunMountShmMqueueFromHost(c *check.C) {
+	// Not applicable on Windows as uses Unix-specific capabilities
+	testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace)
+
+	dockerCmd(c, "run", "-d", "--name", "shmfromhost", "-v", "/dev/shm:/dev/shm", "-v", "/dev/mqueue:/dev/mqueue", "busybox", "sh", "-c", "echo -n test > /dev/shm/test && touch /dev/mqueue/toto && top")
+	defer os.Remove("/dev/mqueue/toto")
+	defer os.Remove("/dev/shm/test")
+	volPath, err := inspectMountSourceField("shmfromhost", "/dev/shm")
+	c.Assert(err, checker.IsNil)
+	if volPath != "/dev/shm" {
+		c.Fatalf("volumePath should have been /dev/shm, was %s", volPath)
+	}
+
+	out, _ := dockerCmd(c, "run", "--name", "ipchost", "--ipc", "host", "busybox", "cat", "/dev/shm/test")
+	if out != "test" {
+		c.Fatalf("Output of /dev/shm/test expected test but found: %s", out)
+	}
+
+	// Check that the mq was created
+	if _, err := os.Stat("/dev/mqueue/toto"); err != nil {
+		c.Fatalf("Failed to confirm '/dev/mqueue/toto' presence on host: %s", err.Error())
+	}
+}
+
+func (s *DockerSuite) TestContainerNetworkMode(c *check.C) {
+	// Not applicable on Windows as uses Unix-specific capabilities
+	testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace)
+
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "top")
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), check.IsNil)
+	pid1 := inspectField(c, id, "State.Pid")
+
+	parentContainerNet, err := os.Readlink(fmt.Sprintf("/proc/%s/ns/net", pid1))
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	out, _ = dockerCmd(c, "run", fmt.Sprintf("--net=container:%s", id), "busybox", "readlink", "/proc/self/ns/net")
+	out = strings.Trim(out, "\n")
+	if parentContainerNet != out {
+		c.Fatalf("NET different with --net=container:%s %s != %s\n", id, parentContainerNet, out)
+	}
+}
+
+func (s *DockerSuite) TestRunModePidHost(c *check.C) {
+	// Not applicable on Windows as uses Unix-specific capabilities
+	testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace)
+
+	hostPid, err := os.Readlink("/proc/1/ns/pid")
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	out, _ := dockerCmd(c, "run", "--pid=host", "busybox", "readlink", "/proc/self/ns/pid")
+	out = strings.Trim(out, "\n")
+	if hostPid != out {
+		c.Fatalf("PID different with --pid=host %s != %s\n", hostPid, out)
+	}
+
+	out, _ = dockerCmd(c, "run", "busybox", "readlink", "/proc/self/ns/pid")
+	out = strings.Trim(out, "\n")
+	if hostPid == out {
+		c.Fatalf("PID should be different without --pid=host %s == %s\n", hostPid, out)
+	}
+}
+
+func (s *DockerSuite) TestRunModeUTSHost(c *check.C) {
+	// Not applicable on Windows as uses Unix-specific capabilities
+	testRequires(c, SameHostDaemon, DaemonIsLinux)
+
+	hostUTS, err := os.Readlink("/proc/1/ns/uts")
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	out, _ := dockerCmd(c, "run", "--uts=host", "busybox", "readlink", "/proc/self/ns/uts")
+	out = strings.Trim(out, "\n")
+	if hostUTS != out {
+		c.Fatalf("UTS different with --uts=host %s != %s\n", hostUTS, out)
+	}
+
+	out, _ = dockerCmd(c, "run", "busybox", "readlink", "/proc/self/ns/uts")
+	out = strings.Trim(out, "\n")
+	if hostUTS == out {
+		c.Fatalf("UTS should be different without --uts=host %s == %s\n", hostUTS, out)
+	}
+
+	out, _ = dockerCmdWithFail(c, "run", "-h=name", "--uts=host", "busybox", "ps")
+	c.Assert(out, checker.Contains, runconfig.ErrConflictUTSHostname.Error())
+}
+
+func (s *DockerSuite) TestRunTLSverify(c *check.C) {
+	// Remote daemons use TLS and this test is not applicable when TLS is required.
+	testRequires(c, SameHostDaemon)
+	if out, code, err := dockerCmdWithError("ps"); err != nil || code != 0 {
+		c.Fatalf("Should have worked: %v:\n%v", err, out)
+	}
+
+	// Regardless of whether we specify true or false we need to
+	// test to make sure tls is turned on if --tlsverify is specified at all
+	out, code, err := dockerCmdWithError("--tlsverify=false", "ps")
+	if err == nil || code == 0 || !strings.Contains(out, "trying to connect") {
+		c.Fatalf("Should have failed: \net:%v\nout:%v\nerr:%v", code, out, err)
+	}
+
+	out, code, err = dockerCmdWithError("--tlsverify=true", "ps")
+	if err == nil || code == 0 || !strings.Contains(out, "cert") {
+		c.Fatalf("Should have failed: \net:%v\nout:%v\nerr:%v", code, out, err)
+	}
+}
+
+func (s *DockerSuite) TestRunPortFromDockerRangeInUse(c *check.C) {
+	// TODO Windows. Once moved to libnetwork/CNM, this may be able to be
+	// re-instated.
+	testRequires(c, DaemonIsLinux)
+	// first find allocator current position
+	out, _ := dockerCmd(c, "run", "-d", "-p", ":80", "busybox", "top")
+
+	id := strings.TrimSpace(out)
+	out, _ = dockerCmd(c, "port", id)
+
+	out = strings.TrimSpace(out)
+	if out == "" {
+		c.Fatal("docker port command output is empty")
+	}
+	out = strings.Split(out, ":")[1]
+	lastPort, err := strconv.Atoi(out)
+	if err != nil {
+		c.Fatal(err)
+	}
+	port := lastPort + 1
+	l, err := net.Listen("tcp", ":"+strconv.Itoa(port))
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer l.Close()
+
+	out, _ = dockerCmd(c, "run", "-d", "-p", ":80", "busybox", "top")
+
+	id = strings.TrimSpace(out)
+	dockerCmd(c, "port", id)
+}
+
+func (s *DockerSuite) TestRunTTYWithPipe(c *check.C) {
+	errChan := make(chan error)
+	go func() {
+		defer close(errChan)
+
+		cmd := exec.Command(dockerBinary, "run", "-ti", "busybox", "true")
+		if _, err := cmd.StdinPipe(); err != nil {
+			errChan <- err
+			return
+		}
+
+		expected := "cannot enable tty mode"
+		if out, _, err := runCommandWithOutput(cmd); err == nil {
+			errChan <- fmt.Errorf("run should have failed")
+			return
+		} else if !strings.Contains(out, expected) {
+			errChan <- fmt.Errorf("run failed with error %q: expected %q", out, expected)
+			return
+		}
+	}()
+
+	select {
+	case err := <-errChan:
+		c.Assert(err, check.IsNil)
+	case <-time.After(6 * time.Second):
+		c.Fatal("container is running but should have failed")
+	}
+}
+
+func (s *DockerSuite) TestRunNonLocalMacAddress(c *check.C) {
+	addr := "00:16:3E:08:00:50"
+	cmd := "ifconfig"
+	image := "busybox"
+	expected := addr
+
+	if daemonPlatform == "windows" {
+		cmd = "ipconfig /all"
+		image = WindowsBaseImage
+		expected = strings.Replace(strings.ToUpper(addr), ":", "-", -1)
+
+	}
+
+	if out, _ := dockerCmd(c, "run", "--mac-address", addr, image, cmd); !strings.Contains(out, expected) {
+		c.Fatalf("Output should have contained %q: %s", expected, out)
+	}
+}
+
+func (s *DockerSuite) TestRunNetHost(c *check.C) {
+	// Not applicable on Windows as uses Unix-specific capabilities
+	testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace)
+
+	hostNet, err := os.Readlink("/proc/1/ns/net")
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	out, _ := dockerCmd(c, "run", "--net=host", "busybox", "readlink", "/proc/self/ns/net")
+	out = strings.Trim(out, "\n")
+	if hostNet != out {
+		c.Fatalf("Net namespace different with --net=host %s != %s\n", hostNet, out)
+	}
+
+	out, _ = dockerCmd(c, "run", "busybox", "readlink", "/proc/self/ns/net")
+	out = strings.Trim(out, "\n")
+	if hostNet == out {
+		c.Fatalf("Net namespace should be different without --net=host %s == %s\n", hostNet, out)
+	}
+}
+
+func (s *DockerSuite) TestRunNetHostTwiceSameName(c *check.C) {
+	// TODO Windows. As Windows networking evolves and converges towards
+	// CNM, this test may be possible to enable on Windows.
+	testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace)
+
+	dockerCmd(c, "run", "--rm", "--name=thost", "--net=host", "busybox", "true")
+	dockerCmd(c, "run", "--rm", "--name=thost", "--net=host", "busybox", "true")
+}
+
+func (s *DockerSuite) TestRunNetContainerWhichHost(c *check.C) {
+	// Not applicable on Windows as uses Unix-specific capabilities
+	testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace)
+
+	hostNet, err := os.Readlink("/proc/1/ns/net")
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	dockerCmd(c, "run", "-d", "--net=host", "--name=test", "busybox", "top")
+
+	out, _ := dockerCmd(c, "run", "--net=container:test", "busybox", "readlink", "/proc/self/ns/net")
+	out = strings.Trim(out, "\n")
+	if hostNet != out {
+		c.Fatalf("Container should have host network namespace")
+	}
+}
+
+func (s *DockerSuite) TestRunAllowPortRangeThroughPublish(c *check.C) {
+	// TODO Windows. This may be possible to enable in the future. However,
+	// Windows does not currently support --expose, or populate the network
+	// settings seen through inspect.
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "--expose", "3000-3003", "-p", "3000-3003", "busybox", "top")
+
+	id := strings.TrimSpace(out)
+	portstr := inspectFieldJSON(c, id, "NetworkSettings.Ports")
+
+	var ports nat.PortMap
+	err := unmarshalJSON([]byte(portstr), &ports)
+	c.Assert(err, checker.IsNil, check.Commentf("failed to unmarshal: %v", portstr))
+	for port, binding := range ports {
+		portnum, _ := strconv.Atoi(strings.Split(string(port), "/")[0])
+		if portnum < 3000 || portnum > 3003 {
+			c.Fatalf("Port %d is out of range ", portnum)
+		}
+		if binding == nil || len(binding) != 1 || len(binding[0].HostPort) == 0 {
+			c.Fatal("Port is not mapped for the port "+port, out)
+		}
+	}
+}
+
+func (s *DockerSuite) TestRunSetDefaultRestartPolicy(c *check.C) {
+	dockerCmd(c, "run", "-d", "--name", "test", "busybox", "sleep", "30")
+	out := inspectField(c, "test", "HostConfig.RestartPolicy.Name")
+	if out != "no" {
+		c.Fatalf("Set default restart policy failed")
+	}
+}
+
+func (s *DockerSuite) TestRunRestartMaxRetries(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "--restart=on-failure:3", "busybox", "false")
+	timeout := 10 * time.Second
+	if daemonPlatform == "windows" {
+		timeout = 120 * time.Second
+	}
+
+	id := strings.TrimSpace(string(out))
+	if err := waitInspect(id, "{{ .State.Restarting }} {{ .State.Running }}", "false false", timeout); err != nil {
+		c.Fatal(err)
+	}
+
+	count := inspectField(c, id, "RestartCount")
+	if count != "3" {
+		c.Fatalf("Container was restarted %s times, expected %d", count, 3)
+	}
+
+	MaximumRetryCount := inspectField(c, id, "HostConfig.RestartPolicy.MaximumRetryCount")
+	if MaximumRetryCount != "3" {
+		c.Fatalf("Container Maximum Retry Count is %s, expected %s", MaximumRetryCount, "3")
+	}
+}
+
+func (s *DockerSuite) TestRunContainerWithWritableRootfs(c *check.C) {
+	dockerCmd(c, "run", "--rm", "busybox", "touch", "/file")
+}
+
+func (s *DockerSuite) TestRunContainerWithReadonlyRootfs(c *check.C) {
+	// Not applicable on Windows which does not support --read-only
+	testRequires(c, DaemonIsLinux)
+
+	testReadOnlyFile(c, "/file", "/etc/hosts", "/etc/resolv.conf", "/etc/hostname", "/sys/kernel", "/dev/.dont.touch.me")
+}
+
+func (s *DockerSuite) TestPermissionsPtsReadonlyRootfs(c *check.C) {
+	// Not applicable on Windows due to use of Unix specific functionality, plus
+	// the use of --read-only which is not supported.
+	// --read-only + userns has remount issues
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+
+	// Ensure we have not broken writing /dev/pts
+	out, status := dockerCmd(c, "run", "--read-only", "--rm", "busybox", "mount")
+	if status != 0 {
+		c.Fatal("Could not obtain mounts when checking /dev/pts mntpnt.")
+	}
+	expected := "type devpts (rw,"
+	if !strings.Contains(string(out), expected) {
+		c.Fatalf("expected output to contain %s but contains %s", expected, out)
+	}
+}
+
+func testReadOnlyFile(c *check.C, filenames ...string) {
+	// Not applicable on Windows which does not support --read-only
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	touch := "touch " + strings.Join(filenames, " ")
+	out, _, err := dockerCmdWithError("run", "--read-only", "--rm", "busybox", "sh", "-c", touch)
+	c.Assert(err, checker.NotNil)
+
+	for _, f := range filenames {
+		expected := "touch: " + f + ": Read-only file system"
+		c.Assert(out, checker.Contains, expected)
+	}
+
+	out, _, err = dockerCmdWithError("run", "--read-only", "--privileged", "--rm", "busybox", "sh", "-c", touch)
+	c.Assert(err, checker.NotNil)
+
+	for _, f := range filenames {
+		expected := "touch: " + f + ": Read-only file system"
+		c.Assert(out, checker.Contains, expected)
+	}
+}
+
+func (s *DockerSuite) TestRunContainerWithReadonlyEtcHostsAndLinkedContainer(c *check.C) {
+	// Not applicable on Windows which does not support --link
+	// --read-only + userns has remount issues
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+
+	dockerCmd(c, "run", "-d", "--name", "test-etc-hosts-ro-linked", "busybox", "top")
+
+	out, _ := dockerCmd(c, "run", "--read-only", "--link", "test-etc-hosts-ro-linked:testlinked", "busybox", "cat", "/etc/hosts")
+	if !strings.Contains(string(out), "testlinked") {
+		c.Fatal("Expected /etc/hosts to be updated even if --read-only enabled")
+	}
+}
+
+func (s *DockerSuite) TestRunContainerWithReadonlyRootfsWithDnsFlag(c *check.C) {
+	// Not applicable on Windows which does not support either --read-only or --dns.
+	// --read-only + userns has remount issues
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+
+	out, _ := dockerCmd(c, "run", "--read-only", "--dns", "1.1.1.1", "busybox", "/bin/cat", "/etc/resolv.conf")
+	if !strings.Contains(string(out), "1.1.1.1") {
+		c.Fatal("Expected /etc/resolv.conf to be updated even if --read-only enabled and --dns flag used")
+	}
+}
+
+func (s *DockerSuite) TestRunContainerWithReadonlyRootfsWithAddHostFlag(c *check.C) {
+	// Not applicable on Windows which does not support --read-only
+	// --read-only + userns has remount issues
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+
+	out, _ := dockerCmd(c, "run", "--read-only", "--add-host", "testreadonly:127.0.0.1", "busybox", "/bin/cat", "/etc/hosts")
+	if !strings.Contains(string(out), "testreadonly") {
+		c.Fatal("Expected /etc/hosts to be updated even if --read-only enabled and --add-host flag used")
+	}
+}
+
+func (s *DockerSuite) TestRunVolumesFromRestartAfterRemoved(c *check.C) {
+	prefix, _ := getPrefixAndSlashFromDaemonPlatform()
+	dockerCmd(c, "run", "-d", "--name", "voltest", "-v", prefix+"/foo", "busybox", "sleep", "60")
+	dockerCmd(c, "run", "-d", "--name", "restarter", "--volumes-from", "voltest", "busybox", "sleep", "60")
+
+	// Remove the main volume container and restart the consuming container
+	dockerCmd(c, "rm", "-f", "voltest")
+
+	// This should not fail since the volumes-from were already applied
+	dockerCmd(c, "restart", "restarter")
+}
+
+// run container with --rm should remove container if exit code != 0
+func (s *DockerSuite) TestRunContainerWithRmFlagExitCodeNotEqualToZero(c *check.C) {
+	name := "flowers"
+	out, _, err := dockerCmdWithError("run", "--name", name, "--rm", "busybox", "ls", "/notexists")
+	if err == nil {
+		c.Fatal("Expected docker run to fail", out, err)
+	}
+
+	out, err = getAllContainers()
+	if err != nil {
+		c.Fatal(out, err)
+	}
+
+	if out != "" {
+		c.Fatal("Expected not to have containers", out)
+	}
+}
+
+func (s *DockerSuite) TestRunContainerWithRmFlagCannotStartContainer(c *check.C) {
+	name := "sparkles"
+	out, _, err := dockerCmdWithError("run", "--name", name, "--rm", "busybox", "commandNotFound")
+	if err == nil {
+		c.Fatal("Expected docker run to fail", out, err)
+	}
+
+	out, err = getAllContainers()
+	if err != nil {
+		c.Fatal(out, err)
+	}
+
+	if out != "" {
+		c.Fatal("Expected not to have containers", out)
+	}
+}
+
+func (s *DockerSuite) TestRunPidHostWithChildIsKillable(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	name := "ibuildthecloud"
+	dockerCmd(c, "run", "-d", "--pid=host", "--name", name, "busybox", "sh", "-c", "sleep 30; echo hi")
+
+	c.Assert(waitRun(name), check.IsNil)
+
+	errchan := make(chan error)
+	go func() {
+		if out, _, err := dockerCmdWithError("kill", name); err != nil {
+			errchan <- fmt.Errorf("%v:\n%s", err, out)
+		}
+		close(errchan)
+	}()
+	select {
+	case err := <-errchan:
+		c.Assert(err, check.IsNil)
+	case <-time.After(5 * time.Second):
+		c.Fatal("Kill container timed out")
+	}
+}
+
+func (s *DockerSuite) TestRunWithTooSmallMemoryLimit(c *check.C) {
+	// TODO Windows. This may be possible to enable once Windows supports
+	// memory limits on containers
+	testRequires(c, DaemonIsLinux)
+	// this memory limit is 1 byte less than the min, which is 4MB
+	// https://github.com/docker/docker/blob/v1.5.0/daemon/create.go#L22
+	out, _, err := dockerCmdWithError("run", "-m", "4194303", "busybox")
+	if err == nil || !strings.Contains(out, "Minimum memory limit allowed is 4MB") {
+		c.Fatalf("expected run to fail when using too low a memory limit: %q", out)
+	}
+}
+
+func (s *DockerSuite) TestRunWriteToProcAsound(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, DaemonIsLinux)
+	_, code, err := dockerCmdWithError("run", "busybox", "sh", "-c", "echo 111 >> /proc/asound/version")
+	if err == nil || code == 0 {
+		c.Fatal("standard container should not be able to write to /proc/asound")
+	}
+}
+
+func (s *DockerSuite) TestRunReadProcTimer(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, DaemonIsLinux)
+	out, code, err := dockerCmdWithError("run", "busybox", "cat", "/proc/timer_stats")
+	if code != 0 {
+		return
+	}
+	if err != nil {
+		c.Fatal(err)
+	}
+	if strings.Trim(out, "\n ") != "" {
+		c.Fatalf("expected to receive no output from /proc/timer_stats but received %q", out)
+	}
+}
+
+func (s *DockerSuite) TestRunReadProcLatency(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, DaemonIsLinux)
+	// some kernels don't have this configured so skip the test if this file is not found
+	// on the host running the tests.
+	if _, err := os.Stat("/proc/latency_stats"); err != nil {
+		c.Skip("kernel doesn't have latency_stats configured")
+		return
+	}
+	out, code, err := dockerCmdWithError("run", "busybox", "cat", "/proc/latency_stats")
+	if code != 0 {
+		return
+	}
+	if err != nil {
+		c.Fatal(err)
+	}
+	if strings.Trim(out, "\n ") != "" {
+		c.Fatalf("expected to receive no output from /proc/latency_stats but received %q", out)
+	}
+}
+
+func (s *DockerSuite) TestRunReadFilteredProc(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, Apparmor, DaemonIsLinux, NotUserNamespace)
+
+	testReadPaths := []string{
+		"/proc/latency_stats",
+		"/proc/timer_stats",
+		"/proc/kcore",
+	}
+	for i, filePath := range testReadPaths {
+		name := fmt.Sprintf("procsieve-%d", i)
+		shellCmd := fmt.Sprintf("exec 3<%s", filePath)
+
+		out, exitCode, err := dockerCmdWithError("run", "--privileged", "--security-opt", "apparmor=docker-default", "--name", name, "busybox", "sh", "-c", shellCmd)
+		if exitCode != 0 {
+			return
+		}
+		if err != nil {
+			c.Fatalf("Open FD for read should have failed with permission denied, got: %s, %v", out, err)
+		}
+	}
+}
+
+func (s *DockerSuite) TestMountIntoProc(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, DaemonIsLinux)
+	_, code, err := dockerCmdWithError("run", "-v", "/proc//sys", "busybox", "true")
+	if err == nil || code == 0 {
+		c.Fatal("container should not be able to mount into /proc")
+	}
+}
+
+func (s *DockerSuite) TestMountIntoSys(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, NotUserNamespace)
+	dockerCmd(c, "run", "-v", "/sys/fs/cgroup", "busybox", "true")
+}
+
+func (s *DockerSuite) TestRunUnshareProc(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, Apparmor, DaemonIsLinux, NotUserNamespace)
+
+	// In this test goroutines are used to run test cases in parallel to prevent the test from taking a long time to run.
+	errChan := make(chan error)
+
+	go func() {
+		name := "acidburn"
+		out, _, err := dockerCmdWithError("run", "--name", name, "--security-opt", "seccomp=unconfined", "debian:jessie", "unshare", "-p", "-m", "-f", "-r", "--mount-proc=/proc", "mount")
+		if err == nil ||
+			!(strings.Contains(strings.ToLower(out), "permission denied") ||
+				strings.Contains(strings.ToLower(out), "operation not permitted")) {
+			errChan <- fmt.Errorf("unshare with --mount-proc should have failed with 'permission denied' or 'operation not permitted', got: %s, %v", out, err)
+		} else {
+			errChan <- nil
+		}
+	}()
+
+	go func() {
+		name := "cereal"
+		out, _, err := dockerCmdWithError("run", "--name", name, "--security-opt", "seccomp=unconfined", "debian:jessie", "unshare", "-p", "-m", "-f", "-r", "mount", "-t", "proc", "none", "/proc")
+		if err == nil ||
+			!(strings.Contains(strings.ToLower(out), "mount: cannot mount none") ||
+				strings.Contains(strings.ToLower(out), "permission denied") ||
+				strings.Contains(strings.ToLower(out), "operation not permitted")) {
+			errChan <- fmt.Errorf("unshare and mount of /proc should have failed with 'mount: cannot mount none' or 'permission denied', got: %s, %v", out, err)
+		} else {
+			errChan <- nil
+		}
+	}()
+
+	/* Ensure still fails if running privileged with the default policy */
+	go func() {
+		name := "crashoverride"
+		out, _, err := dockerCmdWithError("run", "--privileged", "--security-opt", "seccomp=unconfined", "--security-opt", "apparmor=docker-default", "--name", name, "debian:jessie", "unshare", "-p", "-m", "-f", "-r", "mount", "-t", "proc", "none", "/proc")
+		if err == nil ||
+			!(strings.Contains(strings.ToLower(out), "mount: cannot mount none") ||
+				strings.Contains(strings.ToLower(out), "permission denied") ||
+				strings.Contains(strings.ToLower(out), "operation not permitted")) {
+			errChan <- fmt.Errorf("privileged unshare with apparmor should have failed with 'mount: cannot mount none' or 'permission denied', got: %s, %v", out, err)
+		} else {
+			errChan <- nil
+		}
+	}()
+
+	for i := 0; i < 3; i++ {
+		err := <-errChan
+		if err != nil {
+			c.Fatal(err)
+		}
+	}
+}
+
+func (s *DockerSuite) TestRunPublishPort(c *check.C) {
+	// TODO Windows: This may be possible once Windows moves to libnetwork and CNM
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "-d", "--name", "test", "--expose", "8080", "busybox", "top")
+	out, _ := dockerCmd(c, "port", "test")
+	out = strings.Trim(out, "\r\n")
+	if out != "" {
+		c.Fatalf("run without --publish-all should not publish port, out should be nil, but got: %s", out)
+	}
+}
+
+// Issue #10184.
+func (s *DockerSuite) TestDevicePermissions(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, DaemonIsLinux)
+	const permissions = "crw-rw-rw-"
+	out, status := dockerCmd(c, "run", "--device", "/dev/fuse:/dev/fuse:mrw", "busybox:latest", "ls", "-l", "/dev/fuse")
+	if status != 0 {
+		c.Fatalf("expected status 0, got %d", status)
+	}
+	if !strings.HasPrefix(out, permissions) {
+		c.Fatalf("output should begin with %q, got %q", permissions, out)
+	}
+}
+
+func (s *DockerSuite) TestRunCapAddCHOWN(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "--cap-drop=ALL", "--cap-add=CHOWN", "busybox", "sh", "-c", "adduser -D -H newuser && chown newuser /home && echo ok")
+
+	if actual := strings.Trim(out, "\r\n"); actual != "ok" {
+		c.Fatalf("expected output ok received %s", actual)
+	}
+}
+
+// https://github.com/docker/docker/pull/14498
+func (s *DockerSuite) TestVolumeFromMixedRWOptions(c *check.C) {
+	// TODO Windows post TP4. Enable the read-only bits once they are
+	// supported on the platform.
+	prefix, slash := getPrefixAndSlashFromDaemonPlatform()
+
+	dockerCmd(c, "run", "--name", "parent", "-v", prefix+"/test", "busybox", "true")
+	if daemonPlatform != "windows" {
+		dockerCmd(c, "run", "--volumes-from", "parent:ro", "--name", "test-volumes-1", "busybox", "true")
+	}
+	dockerCmd(c, "run", "--volumes-from", "parent:rw", "--name", "test-volumes-2", "busybox", "true")
+
+	if daemonPlatform != "windows" {
+		mRO, err := inspectMountPoint("test-volumes-1", prefix+slash+"test")
+		c.Assert(err, checker.IsNil, check.Commentf("failed to inspect mount point"))
+		if mRO.RW {
+			c.Fatalf("Expected RO volume was RW")
+		}
+	}
+
+	mRW, err := inspectMountPoint("test-volumes-2", prefix+slash+"test")
+	c.Assert(err, checker.IsNil, check.Commentf("failed to inspect mount point"))
+	if !mRW.RW {
+		c.Fatalf("Expected RW volume was RO")
+	}
+}
+
+func (s *DockerSuite) TestRunWriteFilteredProc(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, Apparmor, DaemonIsLinux, NotUserNamespace)
+
+	testWritePaths := []string{
+		/* modprobe and core_pattern should both be denied by generic
+		 * policy of denials for /proc/sys/kernel. These files have been
+		 * picked to be checked as they are particularly sensitive to writes */
+		"/proc/sys/kernel/modprobe",
+		"/proc/sys/kernel/core_pattern",
+		"/proc/sysrq-trigger",
+		"/proc/kcore",
+	}
+	for i, filePath := range testWritePaths {
+		name := fmt.Sprintf("writeprocsieve-%d", i)
+
+		shellCmd := fmt.Sprintf("exec 3>%s", filePath)
+		out, code, err := dockerCmdWithError("run", "--privileged", "--security-opt", "apparmor=docker-default", "--name", name, "busybox", "sh", "-c", shellCmd)
+		if code != 0 {
+			return
+		}
+		if err != nil {
+			c.Fatalf("Open FD for write should have failed with permission denied, got: %s, %v", out, err)
+		}
+	}
+}
+
+func (s *DockerSuite) TestRunNetworkFilesBindMount(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, SameHostDaemon, DaemonIsLinux)
+
+	expected := "test123"
+
+	filename := createTmpFile(c, expected)
+	defer os.Remove(filename)
+
+	nwfiles := []string{"/etc/resolv.conf", "/etc/hosts", "/etc/hostname"}
+
+	for i := range nwfiles {
+		actual, _ := dockerCmd(c, "run", "-v", filename+":"+nwfiles[i], "busybox", "cat", nwfiles[i])
+		if actual != expected {
+			c.Fatalf("expected %s be: %q, but was: %q", nwfiles[i], expected, actual)
+		}
+	}
+}
+
+func (s *DockerSuite) TestRunNetworkFilesBindMountRO(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, SameHostDaemon, DaemonIsLinux)
+
+	filename := createTmpFile(c, "test123")
+	defer os.Remove(filename)
+
+	nwfiles := []string{"/etc/resolv.conf", "/etc/hosts", "/etc/hostname"}
+
+	for i := range nwfiles {
+		_, exitCode, err := dockerCmdWithError("run", "-v", filename+":"+nwfiles[i]+":ro", "busybox", "touch", nwfiles[i])
+		if err == nil || exitCode == 0 {
+			c.Fatalf("run should fail because bind mount of %s is ro: exit code %d", nwfiles[i], exitCode)
+		}
+	}
+}
+
+func (s *DockerSuite) TestRunNetworkFilesBindMountROFilesystem(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	// --read-only + userns has remount issues
+	testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace)
+
+	filename := createTmpFile(c, "test123")
+	defer os.Remove(filename)
+
+	nwfiles := []string{"/etc/resolv.conf", "/etc/hosts", "/etc/hostname"}
+
+	for i := range nwfiles {
+		_, exitCode := dockerCmd(c, "run", "-v", filename+":"+nwfiles[i], "--read-only", "busybox", "touch", nwfiles[i])
+		if exitCode != 0 {
+			c.Fatalf("run should not fail because %s is mounted writable on read-only root filesystem: exit code %d", nwfiles[i], exitCode)
+		}
+	}
+
+	for i := range nwfiles {
+		_, exitCode, err := dockerCmdWithError("run", "-v", filename+":"+nwfiles[i]+":ro", "--read-only", "busybox", "touch", nwfiles[i])
+		if err == nil || exitCode == 0 {
+			c.Fatalf("run should fail because %s is mounted read-only on read-only root filesystem: exit code %d", nwfiles[i], exitCode)
+		}
+	}
+}
+
+func (s *DockerTrustSuite) TestTrustedRun(c *check.C) {
+	// Windows does not support this functionality
+	testRequires(c, DaemonIsLinux)
+	repoName := s.setupTrustedImage(c, "trusted-run")
+
+	// Try run
+	runCmd := exec.Command(dockerBinary, "run", repoName)
+	s.trustedCmd(runCmd)
+	out, _, err := runCommandWithOutput(runCmd)
+	if err != nil {
+		c.Fatalf("Error running trusted run: %s\n%s\n", err, out)
+	}
+
+	if !strings.Contains(string(out), "Tagging") {
+		c.Fatalf("Missing expected output on trusted push:\n%s", out)
+	}
+
+	dockerCmd(c, "rmi", repoName)
+
+	// Try untrusted run to ensure we pushed the tag to the registry
+	runCmd = exec.Command(dockerBinary, "run", "--disable-content-trust=true", repoName)
+	s.trustedCmd(runCmd)
+	out, _, err = runCommandWithOutput(runCmd)
+	if err != nil {
+		c.Fatalf("Error running trusted run: %s\n%s", err, out)
+	}
+
+	if !strings.Contains(string(out), "Status: Downloaded") {
+		c.Fatalf("Missing expected output on trusted run with --disable-content-trust:\n%s", out)
+	}
+}
+
+func (s *DockerTrustSuite) TestUntrustedRun(c *check.C) {
+	// Windows does not support this functionality
+	testRequires(c, DaemonIsLinux)
+	repoName := fmt.Sprintf("%v/dockercliuntrusted/runtest:latest", privateRegistryURL)
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+	dockerCmd(c, "push", repoName)
+	dockerCmd(c, "rmi", repoName)
+
+	// Try trusted run on untrusted tag
+	runCmd := exec.Command(dockerBinary, "run", repoName)
+	s.trustedCmd(runCmd)
+	out, _, err := runCommandWithOutput(runCmd)
+	if err == nil {
+		c.Fatalf("Error expected when running trusted run with:\n%s", out)
+	}
+
+	if !strings.Contains(string(out), "does not have trust data for") {
+		c.Fatalf("Missing expected output on trusted run:\n%s", out)
+	}
+}
+
+func (s *DockerTrustSuite) TestRunWhenCertExpired(c *check.C) {
+	// Windows does not support this functionality
+	testRequires(c, DaemonIsLinux)
+	c.Skip("Currently changes system time, causing instability")
+	repoName := s.setupTrustedImage(c, "trusted-run-expired")
+
+	// Certificates have 10 years of expiration
+	elevenYearsFromNow := time.Now().Add(time.Hour * 24 * 365 * 11)
+
+	runAtDifferentDate(elevenYearsFromNow, func() {
+		// Try run
+		runCmd := exec.Command(dockerBinary, "run", repoName)
+		s.trustedCmd(runCmd)
+		out, _, err := runCommandWithOutput(runCmd)
+		if err == nil {
+			c.Fatalf("Error running trusted run in the distant future: %s\n%s", err, out)
+		}
+
+		if !strings.Contains(string(out), "could not validate the path to a trusted root") {
+			c.Fatalf("Missing expected output on trusted run in the distant future:\n%s", out)
+		}
+	})
+
+	runAtDifferentDate(elevenYearsFromNow, func() {
+		// Try run
+		runCmd := exec.Command(dockerBinary, "run", "--disable-content-trust", repoName)
+		s.trustedCmd(runCmd)
+		out, _, err := runCommandWithOutput(runCmd)
+		if err != nil {
+			c.Fatalf("Error running untrusted run in the distant future: %s\n%s", err, out)
+		}
+
+		if !strings.Contains(string(out), "Status: Downloaded") {
+			c.Fatalf("Missing expected output on untrusted run in the distant future:\n%s", out)
+		}
+	})
+}
+
+func (s *DockerTrustSuite) TestTrustedRunFromBadTrustServer(c *check.C) {
+	// Windows does not support this functionality
+	testRequires(c, DaemonIsLinux)
+	repoName := fmt.Sprintf("%v/dockerclievilrun/trusted:latest", privateRegistryURL)
+	evilLocalConfigDir, err := ioutil.TempDir("", "evilrun-local-config-dir")
+	if err != nil {
+		c.Fatalf("Failed to create local temp dir")
+	}
+
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+
+	pushCmd := exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+	if err != nil {
+		c.Fatalf("Error running trusted push: %s\n%s", err, out)
+	}
+	if !strings.Contains(string(out), "Signing and pushing trust metadata") {
+		c.Fatalf("Missing expected output on trusted push:\n%s", out)
+	}
+
+	dockerCmd(c, "rmi", repoName)
+
+	// Try run
+	runCmd := exec.Command(dockerBinary, "run", repoName)
+	s.trustedCmd(runCmd)
+	out, _, err = runCommandWithOutput(runCmd)
+	if err != nil {
+		c.Fatalf("Error running trusted run: %s\n%s", err, out)
+	}
+
+	if !strings.Contains(string(out), "Tagging") {
+		c.Fatalf("Missing expected output on trusted push:\n%s", out)
+	}
+
+	dockerCmd(c, "rmi", repoName)
+
+	// Kill the notary server, start a new "evil" one.
+	s.not.Close()
+	s.not, err = newTestNotary(c)
+	if err != nil {
+		c.Fatalf("Restarting notary server failed.")
+	}
+
+	// In order to make an evil server, lets re-init a client (with a different trust dir) and push new data.
+	// tag an image and upload it to the private registry
+	dockerCmd(c, "--config", evilLocalConfigDir, "tag", "busybox", repoName)
+
+	// Push up to the new server
+	pushCmd = exec.Command(dockerBinary, "--config", evilLocalConfigDir, "push", repoName)
+	s.trustedCmd(pushCmd)
+	out, _, err = runCommandWithOutput(pushCmd)
+	if err != nil {
+		c.Fatalf("Error running trusted push: %s\n%s", err, out)
+	}
+	if !strings.Contains(string(out), "Signing and pushing trust metadata") {
+		c.Fatalf("Missing expected output on trusted push:\n%s", out)
+	}
+
+	// Now, try running with the original client from this new trust server. This should fallback to our cached timestamp and metadata.
+	runCmd = exec.Command(dockerBinary, "run", repoName)
+	s.trustedCmd(runCmd)
+	out, _, err = runCommandWithOutput(runCmd)
+
+	if err != nil {
+		c.Fatalf("Error falling back to cached trust data: %s\n%s", err, out)
+	}
+	if !strings.Contains(string(out), "Error while downloading remote metadata, using cached timestamp") {
+		c.Fatalf("Missing expected output on trusted push:\n%s", out)
+	}
+}
+
+func (s *DockerSuite) TestPtraceContainerProcsFromHost(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, DaemonIsLinux, SameHostDaemon)
+
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "top")
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), check.IsNil)
+	pid1 := inspectField(c, id, "State.Pid")
+
+	_, err := os.Readlink(fmt.Sprintf("/proc/%s/ns/net", pid1))
+	if err != nil {
+		c.Fatal(err)
+	}
+}
+
+func (s *DockerSuite) TestAppArmorDeniesPtrace(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, SameHostDaemon, Apparmor, DaemonIsLinux, NotGCCGO)
+
+	// Run through 'sh' so we are NOT pid 1. Pid 1 may be able to trace
+	// itself, but pid>1 should not be able to trace pid1.
+	_, exitCode, _ := dockerCmdWithError("run", "busybox", "sh", "-c", "sh -c readlink /proc/1/ns/net")
+	if exitCode == 0 {
+		c.Fatal("ptrace was not successfully restricted by AppArmor")
+	}
+}
+
+func (s *DockerSuite) TestAppArmorTraceSelf(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, DaemonIsLinux, SameHostDaemon, Apparmor)
+
+	_, exitCode, _ := dockerCmdWithError("run", "busybox", "readlink", "/proc/1/ns/net")
+	if exitCode != 0 {
+		c.Fatal("ptrace of self failed.")
+	}
+}
+
+func (s *DockerSuite) TestAppArmorDeniesChmodProc(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, SameHostDaemon, Apparmor, DaemonIsLinux, NotUserNamespace)
+	_, exitCode, _ := dockerCmdWithError("run", "busybox", "chmod", "744", "/proc/cpuinfo")
+	if exitCode == 0 {
+		// If our test failed, attempt to repair the host system...
+		_, exitCode, _ := dockerCmdWithError("run", "busybox", "chmod", "444", "/proc/cpuinfo")
+		if exitCode == 0 {
+			c.Fatal("AppArmor was unsuccessful in prohibiting chmod of /proc/* files.")
+		}
+	}
+}
+
+func (s *DockerSuite) TestRunCapAddSYSTIME(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, DaemonIsLinux)
+
+	dockerCmd(c, "run", "--cap-drop=ALL", "--cap-add=SYS_TIME", "busybox", "sh", "-c", "grep ^CapEff /proc/self/status | sed 's/^CapEff:\t//' | grep ^0000000002000000$")
+}
+
+// run create container failed should clean up the container
+func (s *DockerSuite) TestRunCreateContainerFailedCleanUp(c *check.C) {
+	// TODO Windows. This may be possible to enable once link is supported
+	testRequires(c, DaemonIsLinux)
+	name := "unique_name"
+	_, _, err := dockerCmdWithError("run", "--name", name, "--link", "nothing:nothing", "busybox")
+	c.Assert(err, check.NotNil, check.Commentf("Expected docker run to fail!"))
+
+	containerID, err := inspectFieldWithError(name, "Id")
+	c.Assert(err, checker.NotNil, check.Commentf("Expected not to have this container: %s!", containerID))
+	c.Assert(containerID, check.Equals, "", check.Commentf("Expected not to have this container: %s!", containerID))
+}
+
+func (s *DockerSuite) TestRunNamedVolume(c *check.C) {
+	prefix, _ := getPrefixAndSlashFromDaemonPlatform()
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "--name=test", "-v", "testing:"+prefix+"/foo", "busybox", "sh", "-c", "echo hello > "+prefix+"/foo/bar")
+
+	out, _ := dockerCmd(c, "run", "--volumes-from", "test", "busybox", "sh", "-c", "cat "+prefix+"/foo/bar")
+	c.Assert(strings.TrimSpace(out), check.Equals, "hello")
+
+	out, _ = dockerCmd(c, "run", "-v", "testing:"+prefix+"/foo", "busybox", "sh", "-c", "cat "+prefix+"/foo/bar")
+	c.Assert(strings.TrimSpace(out), check.Equals, "hello")
+}
+
+func (s *DockerSuite) TestRunWithUlimits(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, DaemonIsLinux)
+
+	out, _ := dockerCmd(c, "run", "--name=testulimits", "--ulimit", "nofile=42", "busybox", "/bin/sh", "-c", "ulimit -n")
+	ul := strings.TrimSpace(out)
+	if ul != "42" {
+		c.Fatalf("expected `ulimit -n` to be 42, got %s", ul)
+	}
+}
+
+func (s *DockerSuite) TestRunContainerWithCgroupParent(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, DaemonIsLinux)
+
+	cgroupParent := "test"
+	name := "cgroup-test"
+
+	out, _, err := dockerCmdWithError("run", "--cgroup-parent", cgroupParent, "--name", name, "busybox", "cat", "/proc/self/cgroup")
+	if err != nil {
+		c.Fatalf("unexpected failure when running container with --cgroup-parent option - %s\n%v", string(out), err)
+	}
+	cgroupPaths := parseCgroupPaths(string(out))
+	if len(cgroupPaths) == 0 {
+		c.Fatalf("unexpected output - %q", string(out))
+	}
+	id, err := getIDByName(name)
+	c.Assert(err, check.IsNil)
+	expectedCgroup := path.Join(cgroupParent, id)
+	found := false
+	for _, path := range cgroupPaths {
+		if strings.HasSuffix(path, expectedCgroup) {
+			found = true
+			break
+		}
+	}
+	if !found {
+		c.Fatalf("unexpected cgroup paths. Expected at least one cgroup path to have suffix %q. Cgroup Paths: %v", expectedCgroup, cgroupPaths)
+	}
+}
+
+func (s *DockerSuite) TestRunContainerWithCgroupParentAbsPath(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, DaemonIsLinux)
+
+	cgroupParent := "/cgroup-parent/test"
+	name := "cgroup-test"
+	out, _, err := dockerCmdWithError("run", "--cgroup-parent", cgroupParent, "--name", name, "busybox", "cat", "/proc/self/cgroup")
+	if err != nil {
+		c.Fatalf("unexpected failure when running container with --cgroup-parent option - %s\n%v", string(out), err)
+	}
+	cgroupPaths := parseCgroupPaths(string(out))
+	if len(cgroupPaths) == 0 {
+		c.Fatalf("unexpected output - %q", string(out))
+	}
+	id, err := getIDByName(name)
+	c.Assert(err, check.IsNil)
+	expectedCgroup := path.Join(cgroupParent, id)
+	found := false
+	for _, path := range cgroupPaths {
+		if strings.HasSuffix(path, expectedCgroup) {
+			found = true
+			break
+		}
+	}
+	if !found {
+		c.Fatalf("unexpected cgroup paths. Expected at least one cgroup path to have suffix %q. Cgroup Paths: %v", expectedCgroup, cgroupPaths)
+	}
+}
+
+// TestRunInvalidCgroupParent checks that a specially-crafted cgroup parent doesn't cause Docker to crash or start modifying /.
+func (s *DockerSuite) TestRunInvalidCgroupParent(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, DaemonIsLinux)
+
+	cgroupParent := "../../../../../../../../SHOULD_NOT_EXIST"
+	cleanCgroupParent := "SHOULD_NOT_EXIST"
+	name := "cgroup-invalid-test"
+
+	out, _, err := dockerCmdWithError("run", "--cgroup-parent", cgroupParent, "--name", name, "busybox", "cat", "/proc/self/cgroup")
+	if err != nil {
+		// XXX: This may include a daemon crash.
+		c.Fatalf("unexpected failure when running container with --cgroup-parent option - %s\n%v", string(out), err)
+	}
+
+	// We expect "/SHOULD_NOT_EXIST" to not exist. If not, we have a security issue.
+	if _, err := os.Stat("/SHOULD_NOT_EXIST"); err == nil || !os.IsNotExist(err) {
+		c.Fatalf("SECURITY: --cgroup-parent with ../../ relative paths cause files to be created in the host (this is bad) !!")
+	}
+
+	cgroupPaths := parseCgroupPaths(string(out))
+	if len(cgroupPaths) == 0 {
+		c.Fatalf("unexpected output - %q", string(out))
+	}
+	id, err := getIDByName(name)
+	c.Assert(err, check.IsNil)
+	expectedCgroup := path.Join(cleanCgroupParent, id)
+	found := false
+	for _, path := range cgroupPaths {
+		if strings.HasSuffix(path, expectedCgroup) {
+			found = true
+			break
+		}
+	}
+	if !found {
+		c.Fatalf("unexpected cgroup paths. Expected at least one cgroup path to have suffix %q. Cgroup Paths: %v", expectedCgroup, cgroupPaths)
+	}
+}
+
+// TestRunInvalidCgroupParent checks that a specially-crafted cgroup parent doesn't cause Docker to crash or start modifying /.
+func (s *DockerSuite) TestRunAbsoluteInvalidCgroupParent(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	testRequires(c, DaemonIsLinux)
+
+	cgroupParent := "/../../../../../../../../SHOULD_NOT_EXIST"
+	cleanCgroupParent := "/SHOULD_NOT_EXIST"
+	name := "cgroup-absolute-invalid-test"
+
+	out, _, err := dockerCmdWithError("run", "--cgroup-parent", cgroupParent, "--name", name, "busybox", "cat", "/proc/self/cgroup")
+	if err != nil {
+		// XXX: This may include a daemon crash.
+		c.Fatalf("unexpected failure when running container with --cgroup-parent option - %s\n%v", string(out), err)
+	}
+
+	// We expect "/SHOULD_NOT_EXIST" to not exist. If not, we have a security issue.
+	if _, err := os.Stat("/SHOULD_NOT_EXIST"); err == nil || !os.IsNotExist(err) {
+		c.Fatalf("SECURITY: --cgroup-parent with /../../ garbage paths cause files to be created in the host (this is bad) !!")
+	}
+
+	cgroupPaths := parseCgroupPaths(string(out))
+	if len(cgroupPaths) == 0 {
+		c.Fatalf("unexpected output - %q", string(out))
+	}
+	id, err := getIDByName(name)
+	c.Assert(err, check.IsNil)
+	expectedCgroup := path.Join(cleanCgroupParent, id)
+	found := false
+	for _, path := range cgroupPaths {
+		if strings.HasSuffix(path, expectedCgroup) {
+			found = true
+			break
+		}
+	}
+	if !found {
+		c.Fatalf("unexpected cgroup paths. Expected at least one cgroup path to have suffix %q. Cgroup Paths: %v", expectedCgroup, cgroupPaths)
+	}
+}
+
+func (s *DockerSuite) TestRunContainerWithCgroupMountRO(c *check.C) {
+	// Not applicable on Windows as uses Unix specific functionality
+	// --read-only + userns has remount issues
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+
+	filename := "/sys/fs/cgroup/devices/test123"
+	out, _, err := dockerCmdWithError("run", "busybox", "touch", filename)
+	if err == nil {
+		c.Fatal("expected cgroup mount point to be read-only, touch file should fail")
+	}
+	expected := "Read-only file system"
+	if !strings.Contains(out, expected) {
+		c.Fatalf("expected output from failure to contain %s but contains %s", expected, out)
+	}
+}
+
+func (s *DockerSuite) TestRunContainerNetworkModeToSelf(c *check.C) {
+	// Not applicable on Windows which does not support --net=container
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	out, _, err := dockerCmdWithError("run", "--name=me", "--net=container:me", "busybox", "true")
+	if err == nil || !strings.Contains(out, "cannot join own network") {
+		c.Fatalf("using container net mode to self should result in an error\nerr: %q\nout: %s", err, out)
+	}
+}
+
+func (s *DockerSuite) TestRunContainerNetModeWithDnsMacHosts(c *check.C) {
+	// Not applicable on Windows which does not support --net=container
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	out, _, err := dockerCmdWithError("run", "-d", "--name", "parent", "busybox", "top")
+	if err != nil {
+		c.Fatalf("failed to run container: %v, output: %q", err, out)
+	}
+
+	out, _, err = dockerCmdWithError("run", "--dns", "1.2.3.4", "--net=container:parent", "busybox")
+	if err == nil || !strings.Contains(out, runconfig.ErrConflictNetworkAndDNS.Error()) {
+		c.Fatalf("run --net=container with --dns should error out")
+	}
+
+	out, _, err = dockerCmdWithError("run", "--mac-address", "92:d0:c6:0a:29:33", "--net=container:parent", "busybox")
+	if err == nil || !strings.Contains(out, runconfig.ErrConflictContainerNetworkAndMac.Error()) {
+		c.Fatalf("run --net=container with --mac-address should error out")
+	}
+
+	out, _, err = dockerCmdWithError("run", "--add-host", "test:192.168.2.109", "--net=container:parent", "busybox")
+	if err == nil || !strings.Contains(out, runconfig.ErrConflictNetworkHosts.Error()) {
+		c.Fatalf("run --net=container with --add-host should error out")
+	}
+}
+
+func (s *DockerSuite) TestRunContainerNetModeWithExposePort(c *check.C) {
+	// Not applicable on Windows which does not support --net=container
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	dockerCmd(c, "run", "-d", "--name", "parent", "busybox", "top")
+
+	out, _, err := dockerCmdWithError("run", "-p", "5000:5000", "--net=container:parent", "busybox")
+	if err == nil || !strings.Contains(out, runconfig.ErrConflictNetworkPublishPorts.Error()) {
+		c.Fatalf("run --net=container with -p should error out")
+	}
+
+	out, _, err = dockerCmdWithError("run", "-P", "--net=container:parent", "busybox")
+	if err == nil || !strings.Contains(out, runconfig.ErrConflictNetworkPublishPorts.Error()) {
+		c.Fatalf("run --net=container with -P should error out")
+	}
+
+	out, _, err = dockerCmdWithError("run", "--expose", "5000", "--net=container:parent", "busybox")
+	if err == nil || !strings.Contains(out, runconfig.ErrConflictNetworkExposePorts.Error()) {
+		c.Fatalf("run --net=container with --expose should error out")
+	}
+}
+
+func (s *DockerSuite) TestRunLinkToContainerNetMode(c *check.C) {
+	// Not applicable on Windows which does not support --net=container or --link
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	dockerCmd(c, "run", "--name", "test", "-d", "busybox", "top")
+	dockerCmd(c, "run", "--name", "parent", "-d", "--net=container:test", "busybox", "top")
+	dockerCmd(c, "run", "-d", "--link=parent:parent", "busybox", "top")
+	dockerCmd(c, "run", "--name", "child", "-d", "--net=container:parent", "busybox", "top")
+	dockerCmd(c, "run", "-d", "--link=child:child", "busybox", "top")
+}
+
+func (s *DockerSuite) TestRunLoopbackOnlyExistsWhenNetworkingDisabled(c *check.C) {
+	// TODO Windows: This may be possible to convert.
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "--net=none", "busybox", "ip", "-o", "-4", "a", "show", "up")
+
+	var (
+		count = 0
+		parts = strings.Split(out, "\n")
+	)
+
+	for _, l := range parts {
+		if l != "" {
+			count++
+		}
+	}
+
+	if count != 1 {
+		c.Fatalf("Wrong interface count in container %d", count)
+	}
+
+	if !strings.HasPrefix(out, "1: lo") {
+		c.Fatalf("Wrong interface in test container: expected [1: lo], got %s", out)
+	}
+}
+
+// Issue #4681
+func (s *DockerSuite) TestRunLoopbackWhenNetworkDisabled(c *check.C) {
+	if daemonPlatform == "windows" {
+		dockerCmd(c, "run", "--net=none", WindowsBaseImage, "ping", "-n", "1", "127.0.0.1")
+	} else {
+		dockerCmd(c, "run", "--net=none", "busybox", "ping", "-c", "1", "127.0.0.1")
+	}
+}
+
+func (s *DockerSuite) TestRunModeNetContainerHostname(c *check.C) {
+	// Windows does not support --net=container
+	testRequires(c, DaemonIsLinux, ExecSupport, NotUserNamespace)
+
+	dockerCmd(c, "run", "-i", "-d", "--name", "parent", "busybox", "top")
+	out, _ := dockerCmd(c, "exec", "parent", "cat", "/etc/hostname")
+	out1, _ := dockerCmd(c, "run", "--net=container:parent", "busybox", "cat", "/etc/hostname")
+
+	if out1 != out {
+		c.Fatal("containers with shared net namespace should have same hostname")
+	}
+}
+
+func (s *DockerSuite) TestRunNetworkNotInitializedNoneMode(c *check.C) {
+	// TODO Windows: Network settings are not currently propagated. This may
+	// be resolved in the future with the move to libnetwork and CNM.
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "--net=none", "busybox", "top")
+	id := strings.TrimSpace(out)
+	res := inspectField(c, id, "NetworkSettings.Networks.none.IPAddress")
+	if res != "" {
+		c.Fatalf("For 'none' mode network must not be initialized, but container got IP: %s", res)
+	}
+}
+
+func (s *DockerSuite) TestTwoContainersInNetHost(c *check.C) {
+	// Not applicable as Windows does not support --net=host
+	testRequires(c, DaemonIsLinux, NotUserNamespace, NotUserNamespace)
+	dockerCmd(c, "run", "-d", "--net=host", "--name=first", "busybox", "top")
+	dockerCmd(c, "run", "-d", "--net=host", "--name=second", "busybox", "top")
+	dockerCmd(c, "stop", "first")
+	dockerCmd(c, "stop", "second")
+}
+
+func (s *DockerSuite) TestContainersInUserDefinedNetwork(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace, NotArm)
+	dockerCmd(c, "network", "create", "-d", "bridge", "testnetwork")
+	dockerCmd(c, "run", "-d", "--net=testnetwork", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+	dockerCmd(c, "run", "-t", "--net=testnetwork", "--name=second", "busybox", "ping", "-c", "1", "first")
+}
+
+func (s *DockerSuite) TestContainersInMultipleNetworks(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace, NotArm)
+	// Create 2 networks using bridge driver
+	dockerCmd(c, "network", "create", "-d", "bridge", "testnetwork1")
+	dockerCmd(c, "network", "create", "-d", "bridge", "testnetwork2")
+	// Run and connect containers to testnetwork1
+	dockerCmd(c, "run", "-d", "--net=testnetwork1", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+	dockerCmd(c, "run", "-d", "--net=testnetwork1", "--name=second", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+	// Check connectivity between containers in testnetwork2
+	dockerCmd(c, "exec", "first", "ping", "-c", "1", "second.testnetwork1")
+	// Connect containers to testnetwork2
+	dockerCmd(c, "network", "connect", "testnetwork2", "first")
+	dockerCmd(c, "network", "connect", "testnetwork2", "second")
+	// Check connectivity between containers
+	dockerCmd(c, "exec", "second", "ping", "-c", "1", "first.testnetwork2")
+}
+
+func (s *DockerSuite) TestContainersNetworkIsolation(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace, NotArm)
+	// Create 2 networks using bridge driver
+	dockerCmd(c, "network", "create", "-d", "bridge", "testnetwork1")
+	dockerCmd(c, "network", "create", "-d", "bridge", "testnetwork2")
+	// Run 1 container in testnetwork1 and another in testnetwork2
+	dockerCmd(c, "run", "-d", "--net=testnetwork1", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+	dockerCmd(c, "run", "-d", "--net=testnetwork2", "--name=second", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+
+	// Check Isolation between containers : ping must fail
+	_, _, err := dockerCmdWithError("exec", "first", "ping", "-c", "1", "second")
+	c.Assert(err, check.NotNil)
+	// Connect first container to testnetwork2
+	dockerCmd(c, "network", "connect", "testnetwork2", "first")
+	// ping must succeed now
+	_, _, err = dockerCmdWithError("exec", "first", "ping", "-c", "1", "second")
+	c.Assert(err, check.IsNil)
+
+	// Disconnect first container from testnetwork2
+	dockerCmd(c, "network", "disconnect", "testnetwork2", "first")
+	// ping must fail again
+	_, _, err = dockerCmdWithError("exec", "first", "ping", "-c", "1", "second")
+	c.Assert(err, check.NotNil)
+}
+
+func (s *DockerSuite) TestNetworkRmWithActiveContainers(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	// Create 2 networks using bridge driver
+	dockerCmd(c, "network", "create", "-d", "bridge", "testnetwork1")
+	// Run and connect containers to testnetwork1
+	dockerCmd(c, "run", "-d", "--net=testnetwork1", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+	dockerCmd(c, "run", "-d", "--net=testnetwork1", "--name=second", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+	// Network delete with active containers must fail
+	_, _, err := dockerCmdWithError("network", "rm", "testnetwork1")
+	c.Assert(err, check.NotNil)
+
+	dockerCmd(c, "stop", "first")
+	_, _, err = dockerCmdWithError("network", "rm", "testnetwork1")
+	c.Assert(err, check.NotNil)
+}
+
+func (s *DockerSuite) TestContainerRestartInMultipleNetworks(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace, NotArm)
+	// Create 2 networks using bridge driver
+	dockerCmd(c, "network", "create", "-d", "bridge", "testnetwork1")
+	dockerCmd(c, "network", "create", "-d", "bridge", "testnetwork2")
+
+	// Run and connect containers to testnetwork1
+	dockerCmd(c, "run", "-d", "--net=testnetwork1", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+	dockerCmd(c, "run", "-d", "--net=testnetwork1", "--name=second", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+	// Check connectivity between containers in testnetwork2
+	dockerCmd(c, "exec", "first", "ping", "-c", "1", "second.testnetwork1")
+	// Connect containers to testnetwork2
+	dockerCmd(c, "network", "connect", "testnetwork2", "first")
+	dockerCmd(c, "network", "connect", "testnetwork2", "second")
+	// Check connectivity between containers
+	dockerCmd(c, "exec", "second", "ping", "-c", "1", "first.testnetwork2")
+
+	// Stop second container and test ping failures on both networks
+	dockerCmd(c, "stop", "second")
+	_, _, err := dockerCmdWithError("exec", "first", "ping", "-c", "1", "second.testnetwork1")
+	c.Assert(err, check.NotNil)
+	_, _, err = dockerCmdWithError("exec", "first", "ping", "-c", "1", "second.testnetwork2")
+	c.Assert(err, check.NotNil)
+
+	// Start second container and connectivity must be restored on both networks
+	dockerCmd(c, "start", "second")
+	dockerCmd(c, "exec", "first", "ping", "-c", "1", "second.testnetwork1")
+	dockerCmd(c, "exec", "second", "ping", "-c", "1", "first.testnetwork2")
+}
+
+func (s *DockerSuite) TestContainerWithConflictingHostNetworks(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	// Run a container with --net=host
+	dockerCmd(c, "run", "-d", "--net=host", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+
+	// Create a network using bridge driver
+	dockerCmd(c, "network", "create", "-d", "bridge", "testnetwork1")
+
+	// Connecting to the user defined network must fail
+	_, _, err := dockerCmdWithError("network", "connect", "testnetwork1", "first")
+	c.Assert(err, check.NotNil)
+}
+
+func (s *DockerSuite) TestContainerWithConflictingSharedNetwork(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	dockerCmd(c, "run", "-d", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+	// Run second container in first container's network namespace
+	dockerCmd(c, "run", "-d", "--net=container:first", "--name=second", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+
+	// Create a network using bridge driver
+	dockerCmd(c, "network", "create", "-d", "bridge", "testnetwork1")
+
+	// Connecting to the user defined network must fail
+	out, _, err := dockerCmdWithError("network", "connect", "testnetwork1", "second")
+	c.Assert(err, check.NotNil)
+	c.Assert(out, checker.Contains, runconfig.ErrConflictSharedNetwork.Error())
+}
+
+func (s *DockerSuite) TestContainerWithConflictingNoneNetwork(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	dockerCmd(c, "run", "-d", "--net=none", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+
+	// Create a network using bridge driver
+	dockerCmd(c, "network", "create", "-d", "bridge", "testnetwork1")
+
+	// Connecting to the user defined network must fail
+	out, _, err := dockerCmdWithError("network", "connect", "testnetwork1", "first")
+	c.Assert(err, check.NotNil)
+	c.Assert(out, checker.Contains, runconfig.ErrConflictNoNetwork.Error())
+
+	// create a container connected to testnetwork1
+	dockerCmd(c, "run", "-d", "--net=testnetwork1", "--name=second", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+
+	// Connect second container to none network. it must fail as well
+	_, _, err = dockerCmdWithError("network", "connect", "none", "second")
+	c.Assert(err, check.NotNil)
+}
+
+// #11957 - stdin with no tty does not exit if stdin is not closed even though container exited
+func (s *DockerSuite) TestRunStdinBlockedAfterContainerExit(c *check.C) {
+	cmd := exec.Command(dockerBinary, "run", "-i", "--name=test", "busybox", "true")
+	in, err := cmd.StdinPipe()
+	c.Assert(err, check.IsNil)
+	defer in.Close()
+	c.Assert(cmd.Start(), check.IsNil)
+
+	waitChan := make(chan error)
+	go func() {
+		waitChan <- cmd.Wait()
+	}()
+
+	select {
+	case err := <-waitChan:
+		c.Assert(err, check.IsNil)
+	case <-time.After(30 * time.Second):
+		c.Fatal("timeout waiting for command to exit")
+	}
+}
+
+func (s *DockerSuite) TestRunWrongCpusetCpusFlagValue(c *check.C) {
+	// TODO Windows: This needs validation (error out) in the daemon.
+	testRequires(c, DaemonIsLinux)
+	out, exitCode, err := dockerCmdWithError("run", "--cpuset-cpus", "1-10,11--", "busybox", "true")
+	c.Assert(err, check.NotNil)
+	expected := "Error response from daemon: Invalid value 1-10,11-- for cpuset cpus.\n"
+	if !(strings.Contains(out, expected) || exitCode == 125) {
+		c.Fatalf("Expected output to contain %q with exitCode 125, got out: %q exitCode: %v", expected, out, exitCode)
+	}
+}
+
+func (s *DockerSuite) TestRunWrongCpusetMemsFlagValue(c *check.C) {
+	// TODO Windows: This needs validation (error out) in the daemon.
+	testRequires(c, DaemonIsLinux)
+	out, exitCode, err := dockerCmdWithError("run", "--cpuset-mems", "1-42--", "busybox", "true")
+	c.Assert(err, check.NotNil)
+	expected := "Error response from daemon: Invalid value 1-42-- for cpuset mems.\n"
+	if !(strings.Contains(out, expected) || exitCode == 125) {
+		c.Fatalf("Expected output to contain %q with exitCode 125, got out: %q exitCode: %v", expected, out, exitCode)
+	}
+}
+
+// TestRunNonExecutableCmd checks that 'docker run busybox foo' exits with error code 127'
+func (s *DockerSuite) TestRunNonExecutableCmd(c *check.C) {
+	name := "testNonExecutableCmd"
+	runCmd := exec.Command(dockerBinary, "run", "--name", name, "busybox", "foo")
+	_, exit, _ := runCommandWithOutput(runCmd)
+	stateExitCode := findContainerExitCode(c, name)
+	if !(exit == 127 && strings.Contains(stateExitCode, "127")) {
+		c.Fatalf("Run non-executable command should have errored with exit code 127, but we got exit: %d, State.ExitCode: %s", exit, stateExitCode)
+	}
+}
+
+// TestRunNonExistingCmd checks that 'docker run busybox /bin/foo' exits with code 127.
+func (s *DockerSuite) TestRunNonExistingCmd(c *check.C) {
+	name := "testNonExistingCmd"
+	runCmd := exec.Command(dockerBinary, "run", "--name", name, "busybox", "/bin/foo")
+	_, exit, _ := runCommandWithOutput(runCmd)
+	stateExitCode := findContainerExitCode(c, name)
+	if !(exit == 127 && strings.Contains(stateExitCode, "127")) {
+		c.Fatalf("Run non-existing command should have errored with exit code 127, but we got exit: %d, State.ExitCode: %s", exit, stateExitCode)
+	}
+}
+
+// TestCmdCannotBeInvoked checks that 'docker run busybox /etc' exits with 126, or
+// 127 on Windows. The difference is that in Windows, the container must be started
+// as that's when the check is made (and yes, by it's design...)
+func (s *DockerSuite) TestCmdCannotBeInvoked(c *check.C) {
+	expected := 126
+	if daemonPlatform == "windows" {
+		expected = 127
+	}
+	name := "testCmdCannotBeInvoked"
+	runCmd := exec.Command(dockerBinary, "run", "--name", name, "busybox", "/etc")
+	_, exit, _ := runCommandWithOutput(runCmd)
+	stateExitCode := findContainerExitCode(c, name)
+	if !(exit == expected && strings.Contains(stateExitCode, strconv.Itoa(expected))) {
+		c.Fatalf("Run cmd that cannot be invoked should have errored with code %d, but we got exit: %d, State.ExitCode: %s", expected, exit, stateExitCode)
+	}
+}
+
+// TestRunNonExistingImage checks that 'docker run foo' exits with error msg 125 and contains  'Unable to find image'
+func (s *DockerSuite) TestRunNonExistingImage(c *check.C) {
+	runCmd := exec.Command(dockerBinary, "run", "foo")
+	out, exit, err := runCommandWithOutput(runCmd)
+	if !(err != nil && exit == 125 && strings.Contains(out, "Unable to find image")) {
+		c.Fatalf("Run non-existing image should have errored with 'Unable to find image' code 125, but we got out: %s, exit: %d, err: %s", out, exit, err)
+	}
+}
+
+// TestDockerFails checks that 'docker run -foo busybox' exits with 125 to signal docker run failed
+func (s *DockerSuite) TestDockerFails(c *check.C) {
+	runCmd := exec.Command(dockerBinary, "run", "-foo", "busybox")
+	out, exit, err := runCommandWithOutput(runCmd)
+	if !(err != nil && exit == 125) {
+		c.Fatalf("Docker run with flag not defined should exit with 125, but we got out: %s, exit: %d, err: %s", out, exit, err)
+	}
+}
+
+// TestRunInvalidReference invokes docker run with a bad reference.
+func (s *DockerSuite) TestRunInvalidReference(c *check.C) {
+	out, exit, _ := dockerCmdWithError("run", "busybox@foo")
+	if exit == 0 {
+		c.Fatalf("expected non-zero exist code; received %d", exit)
+	}
+
+	if !strings.Contains(out, "Error parsing reference") {
+		c.Fatalf(`Expected "Error parsing reference" in output; got: %s`, out)
+	}
+}
+
+// Test fix for issue #17854
+func (s *DockerSuite) TestRunInitLayerPathOwnership(c *check.C) {
+	// Not applicable on Windows as it does not support Linux uid/gid ownership
+	testRequires(c, DaemonIsLinux)
+	name := "testetcfileownership"
+	_, err := buildImage(name,
+		`FROM busybox
+		RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
+		RUN echo 'dockerio:x:1001:' >> /etc/group
+		RUN chown dockerio:dockerio /etc`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	// Test that dockerio ownership of /etc is retained at runtime
+	out, _ := dockerCmd(c, "run", "--rm", name, "stat", "-c", "%U:%G", "/etc")
+	out = strings.TrimSpace(out)
+	if out != "dockerio:dockerio" {
+		c.Fatalf("Wrong /etc ownership: expected dockerio:dockerio, got %q", out)
+	}
+}
+
+func (s *DockerSuite) TestRunWithOomScoreAdj(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	expected := "642"
+	out, _ := dockerCmd(c, "run", "--oom-score-adj", expected, "busybox", "cat", "/proc/self/oom_score_adj")
+	oomScoreAdj := strings.TrimSpace(out)
+	if oomScoreAdj != "642" {
+		c.Fatalf("Expected oom_score_adj set to %q, got %q instead", expected, oomScoreAdj)
+	}
+}
+
+func (s *DockerSuite) TestRunWithOomScoreAdjInvalidRange(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	out, _, err := dockerCmdWithError("run", "--oom-score-adj", "1001", "busybox", "true")
+	c.Assert(err, check.NotNil)
+	expected := "Invalid value 1001, range for oom score adj is [-1000, 1000]."
+	if !strings.Contains(out, expected) {
+		c.Fatalf("Expected output to contain %q, got %q instead", expected, out)
+	}
+	out, _, err = dockerCmdWithError("run", "--oom-score-adj", "-1001", "busybox", "true")
+	c.Assert(err, check.NotNil)
+	expected = "Invalid value -1001, range for oom score adj is [-1000, 1000]."
+	if !strings.Contains(out, expected) {
+		c.Fatalf("Expected output to contain %q, got %q instead", expected, out)
+	}
+}
+
+func (s *DockerSuite) TestRunVolumesMountedAsShared(c *check.C) {
+	// Volume propagation is linux only. Also it creates directories for
+	// bind mounting, so needs to be same host.
+	testRequires(c, DaemonIsLinux, SameHostDaemon, NotUserNamespace)
+
+	// Prepare a source directory to bind mount
+	tmpDir, err := ioutil.TempDir("", "volume-source")
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer os.RemoveAll(tmpDir)
+
+	if err := os.Mkdir(path.Join(tmpDir, "mnt1"), 0755); err != nil {
+		c.Fatal(err)
+	}
+
+	// Convert this directory into a shared mount point so that we do
+	// not rely on propagation properties of parent mount.
+	cmd := exec.Command("mount", "--bind", tmpDir, tmpDir)
+	if _, err = runCommand(cmd); err != nil {
+		c.Fatal(err)
+	}
+
+	cmd = exec.Command("mount", "--make-private", "--make-shared", tmpDir)
+	if _, err = runCommand(cmd); err != nil {
+		c.Fatal(err)
+	}
+
+	dockerCmd(c, "run", "--privileged", "-v", fmt.Sprintf("%s:/volume-dest:shared", tmpDir), "busybox", "mount", "--bind", "/volume-dest/mnt1", "/volume-dest/mnt1")
+
+	// Make sure a bind mount under a shared volume propagated to host.
+	if mounted, _ := mount.Mounted(path.Join(tmpDir, "mnt1")); !mounted {
+		c.Fatalf("Bind mount under shared volume did not propagate to host")
+	}
+
+	mount.Unmount(path.Join(tmpDir, "mnt1"))
+}
+
+func (s *DockerSuite) TestRunVolumesMountedAsSlave(c *check.C) {
+	// Volume propagation is linux only. Also it creates directories for
+	// bind mounting, so needs to be same host.
+	testRequires(c, DaemonIsLinux, SameHostDaemon, NotUserNamespace)
+
+	// Prepare a source directory to bind mount
+	tmpDir, err := ioutil.TempDir("", "volume-source")
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer os.RemoveAll(tmpDir)
+
+	if err := os.Mkdir(path.Join(tmpDir, "mnt1"), 0755); err != nil {
+		c.Fatal(err)
+	}
+
+	// Prepare a source directory with file in it. We will bind mount this
+	// direcotry and see if file shows up.
+	tmpDir2, err := ioutil.TempDir("", "volume-source2")
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer os.RemoveAll(tmpDir2)
+
+	if err := ioutil.WriteFile(path.Join(tmpDir2, "slave-testfile"), []byte("Test"), 0644); err != nil {
+		c.Fatal(err)
+	}
+
+	// Convert this directory into a shared mount point so that we do
+	// not rely on propagation properties of parent mount.
+	cmd := exec.Command("mount", "--bind", tmpDir, tmpDir)
+	if _, err = runCommand(cmd); err != nil {
+		c.Fatal(err)
+	}
+
+	cmd = exec.Command("mount", "--make-private", "--make-shared", tmpDir)
+	if _, err = runCommand(cmd); err != nil {
+		c.Fatal(err)
+	}
+
+	dockerCmd(c, "run", "-i", "-d", "--name", "parent", "-v", fmt.Sprintf("%s:/volume-dest:slave", tmpDir), "busybox", "top")
+
+	// Bind mount tmpDir2/ onto tmpDir/mnt1. If mount propagates inside
+	// container then contents of tmpDir2/slave-testfile should become
+	// visible at "/volume-dest/mnt1/slave-testfile"
+	cmd = exec.Command("mount", "--bind", tmpDir2, path.Join(tmpDir, "mnt1"))
+	if _, err = runCommand(cmd); err != nil {
+		c.Fatal(err)
+	}
+
+	out, _ := dockerCmd(c, "exec", "parent", "cat", "/volume-dest/mnt1/slave-testfile")
+
+	mount.Unmount(path.Join(tmpDir, "mnt1"))
+
+	if out != "Test" {
+		c.Fatalf("Bind mount under slave volume did not propagate to container")
+	}
+}
+
+func (s *DockerSuite) TestRunNamedVolumesMountedAsShared(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	out, exitcode, _ := dockerCmdWithError("run", "-v", "foo:/test:shared", "busybox", "touch", "/test/somefile")
+
+	if exitcode == 0 {
+		c.Fatalf("expected non-zero exit code; received %d", exitcode)
+	}
+
+	if expected := "Invalid volume specification"; !strings.Contains(out, expected) {
+		c.Fatalf(`Expected %q in output; got: %s`, expected, out)
+	}
+}
+
+func (s *DockerSuite) TestRunNamedVolumeCopyImageData(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	testImg := "testvolumecopy"
+	_, err := buildImage(testImg, `
+	FROM busybox
+	RUN mkdir -p /foo && echo hello > /foo/hello
+	`, true)
+	c.Assert(err, check.IsNil)
+
+	dockerCmd(c, "run", "-v", "foo:/foo", testImg)
+	out, _ := dockerCmd(c, "run", "-v", "foo:/foo", "busybox", "cat", "/foo/hello")
+	c.Assert(strings.TrimSpace(out), check.Equals, "hello")
+}
+
+func (s *DockerSuite) TestRunNamedVolumeNotRemoved(c *check.C) {
+	prefix, _ := getPrefixAndSlashFromDaemonPlatform()
+
+	dockerCmd(c, "volume", "create", "--name", "test")
+
+	dockerCmd(c, "run", "--rm", "-v", "test:"+prefix+"/foo", "-v", prefix+"/bar", "busybox", "true")
+	dockerCmd(c, "volume", "inspect", "test")
+	out, _ := dockerCmd(c, "volume", "ls", "-q")
+	c.Assert(strings.TrimSpace(out), checker.Equals, "test")
+
+	dockerCmd(c, "run", "--name=test", "-v", "test:"+prefix+"/foo", "-v", prefix+"/bar", "busybox", "true")
+	dockerCmd(c, "rm", "-fv", "test")
+	dockerCmd(c, "volume", "inspect", "test")
+	out, _ = dockerCmd(c, "volume", "ls", "-q")
+	c.Assert(strings.TrimSpace(out), checker.Equals, "test")
+}
+
+func (s *DockerSuite) TestRunNamedVolumesFromNotRemoved(c *check.C) {
+	prefix, _ := getPrefixAndSlashFromDaemonPlatform()
+
+	dockerCmd(c, "volume", "create", "--name", "test")
+	dockerCmd(c, "run", "--name=parent", "-v", "test:"+prefix+"/foo", "-v", prefix+"/bar", "busybox", "true")
+	dockerCmd(c, "run", "--name=child", "--volumes-from=parent", "busybox", "true")
+
+	// Remove the parent so there are not other references to the volumes
+	dockerCmd(c, "rm", "-f", "parent")
+	// now remove the child and ensure the named volume (and only the named volume) still exists
+	dockerCmd(c, "rm", "-fv", "child")
+	dockerCmd(c, "volume", "inspect", "test")
+	out, _ := dockerCmd(c, "volume", "ls", "-q")
+	c.Assert(strings.TrimSpace(out), checker.Equals, "test")
+}
+
+func (s *DockerSuite) TestRunAttachFailedNoLeak(c *check.C) {
+	nroutines, err := getGoroutineNumber()
+	c.Assert(err, checker.IsNil)
+
+	runSleepingContainer(c, "--name=test", "-p", "8000:8000")
+
+	// Wait until container is fully up and running
+	c.Assert(waitRun("test"), check.IsNil)
+
+	out, _, err := dockerCmdWithError("run", "-p", "8000:8000", "busybox", "true")
+	c.Assert(err, checker.NotNil)
+	// check for windows error as well
+	// TODO Windows Post TP5. Fix the error message string
+	c.Assert(strings.Contains(string(out), "port is already allocated") ||
+		strings.Contains(string(out), "were not connected because a duplicate name exists") ||
+		strings.Contains(string(out), "HNS failed with error : Failed to create endpoint"), checker.Equals, true, check.Commentf("Output: %s", out))
+	dockerCmd(c, "rm", "-f", "test")
+
+	// NGoroutines is not updated right away, so we need to wait before failing
+	c.Assert(waitForGoroutines(nroutines), checker.IsNil)
+}
+
+// Test for one character directory name case (#20122)
+func (s *DockerSuite) TestRunVolumeWithOneCharacter(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	out, _ := dockerCmd(c, "run", "-v", "/tmp/q:/foo", "busybox", "sh", "-c", "find /foo")
+	c.Assert(strings.TrimSpace(out), checker.Equals, "/foo")
+}
+
+func (s *DockerSuite) TestRunVolumeCopyFlag(c *check.C) {
+	testRequires(c, DaemonIsLinux) // Windows does not support copying data from image to the volume
+	_, err := buildImage("volumecopy",
+		`FROM busybox
+		RUN mkdir /foo && echo hello > /foo/bar
+		CMD cat /foo/bar`,
+		true,
+	)
+	c.Assert(err, checker.IsNil)
+
+	dockerCmd(c, "volume", "create", "--name=test")
+
+	// test with the nocopy flag
+	out, _, err := dockerCmdWithError("run", "-v", "test:/foo:nocopy", "volumecopy")
+	c.Assert(err, checker.NotNil, check.Commentf(out))
+	// test default behavior which is to copy for non-binds
+	out, _ = dockerCmd(c, "run", "-v", "test:/foo", "volumecopy")
+	c.Assert(strings.TrimSpace(out), checker.Equals, "hello")
+	// error out when the volume is already populated
+	out, _, err = dockerCmdWithError("run", "-v", "test:/foo:copy", "volumecopy")
+	c.Assert(err, checker.NotNil, check.Commentf(out))
+	// do not error out when copy isn't explicitly set even though it's already populated
+	out, _ = dockerCmd(c, "run", "-v", "test:/foo", "volumecopy")
+	c.Assert(strings.TrimSpace(out), checker.Equals, "hello")
+
+	// do not allow copy modes on volumes-from
+	dockerCmd(c, "run", "--name=test", "-v", "/foo", "busybox", "true")
+	out, _, err = dockerCmdWithError("run", "--volumes-from=test:copy", "busybox", "true")
+	c.Assert(err, checker.NotNil, check.Commentf(out))
+	out, _, err = dockerCmdWithError("run", "--volumes-from=test:nocopy", "busybox", "true")
+	c.Assert(err, checker.NotNil, check.Commentf(out))
+
+	// do not allow copy modes on binds
+	out, _, err = dockerCmdWithError("run", "-v", "/foo:/bar:copy", "busybox", "true")
+	c.Assert(err, checker.NotNil, check.Commentf(out))
+	out, _, err = dockerCmdWithError("run", "-v", "/foo:/bar:nocopy", "busybox", "true")
+	c.Assert(err, checker.NotNil, check.Commentf(out))
+}
+
+func (s *DockerSuite) TestRunTooLongHostname(c *check.C) {
+	// Test case in #21445
+	hostname1 := "this-is-a-way-too-long-hostname-but-it-should-give-a-nice-error.local"
+	out, _, err := dockerCmdWithError("run", "--hostname", hostname1, "busybox", "echo", "test")
+	c.Assert(err, checker.NotNil, check.Commentf("Expected docker run to fail!"))
+	c.Assert(out, checker.Contains, "invalid hostname format for --hostname:", check.Commentf("Expected to have 'invalid hostname format for --hostname:' in the output, get: %s!", out))
+
+	// HOST_NAME_MAX=64 so 65 bytes will fail
+	hostname2 := "this-is-a-hostname-with-65-bytes-so-it-should-give-an-error.local"
+	out, _, err = dockerCmdWithError("run", "--hostname", hostname2, "busybox", "echo", "test")
+	c.Assert(err, checker.NotNil, check.Commentf("Expected docker run to fail!"))
+	c.Assert(out, checker.Contains, "invalid hostname format for --hostname:", check.Commentf("Expected to have 'invalid hostname format for --hostname:' in the output, get: %s!", out))
+
+	// 64 bytes will be OK
+	hostname3 := "this-is-a-hostname-with-64-bytes-so-will-not-give-an-error.local"
+	dockerCmd(c, "run", "--hostname", hostname3, "busybox", "echo", "test")
+}
diff --git a/integration-cli/docker_cli_run_unix_test.go b/integration-cli/docker_cli_run_unix_test.go
new file mode 100644
index 00000000..fe7cc697
--- /dev/null
+++ b/integration-cli/docker_cli_run_unix_test.go
@@ -0,0 +1,1009 @@
+// +build !windows
+
+package main
+
+import (
+	"bufio"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"regexp"
+	"strconv"
+	"strings"
+	"sync"
+	"syscall"
+	"time"
+
+	"github.com/docker/docker/pkg/homedir"
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/mount"
+	"github.com/docker/docker/pkg/parsers"
+	"github.com/docker/docker/pkg/sysinfo"
+	"github.com/go-check/check"
+	"github.com/kr/pty"
+)
+
+// #6509
+func (s *DockerSuite) TestRunRedirectStdout(c *check.C) {
+	checkRedirect := func(command string) {
+		_, tty, err := pty.Open()
+		c.Assert(err, checker.IsNil, check.Commentf("Could not open pty"))
+		cmd := exec.Command("sh", "-c", command)
+		cmd.Stdin = tty
+		cmd.Stdout = tty
+		cmd.Stderr = tty
+		c.Assert(cmd.Start(), checker.IsNil)
+		ch := make(chan error)
+		go func() {
+			ch <- cmd.Wait()
+			close(ch)
+		}()
+
+		select {
+		case <-time.After(10 * time.Second):
+			c.Fatal("command timeout")
+		case err := <-ch:
+			c.Assert(err, checker.IsNil, check.Commentf("wait err"))
+		}
+	}
+
+	checkRedirect(dockerBinary + " run -i busybox cat /etc/passwd | grep -q root")
+	checkRedirect(dockerBinary + " run busybox cat /etc/passwd | grep -q root")
+}
+
+// Test recursive bind mount works by default
+func (s *DockerSuite) TestRunWithVolumesIsRecursive(c *check.C) {
+	// /tmp gets permission denied
+	testRequires(c, NotUserNamespace, SameHostDaemon)
+	tmpDir, err := ioutil.TempDir("", "docker_recursive_mount_test")
+	c.Assert(err, checker.IsNil)
+
+	defer os.RemoveAll(tmpDir)
+
+	// Create a temporary tmpfs mount.
+	tmpfsDir := filepath.Join(tmpDir, "tmpfs")
+	c.Assert(os.MkdirAll(tmpfsDir, 0777), checker.IsNil, check.Commentf("failed to mkdir at %s", tmpfsDir))
+	c.Assert(mount.Mount("tmpfs", tmpfsDir, "tmpfs", ""), checker.IsNil, check.Commentf("failed to create a tmpfs mount at %s", tmpfsDir))
+
+	f, err := ioutil.TempFile(tmpfsDir, "touch-me")
+	c.Assert(err, checker.IsNil)
+	defer f.Close()
+
+	runCmd := exec.Command(dockerBinary, "run", "--name", "test-data", "--volume", fmt.Sprintf("%s:/tmp:ro", tmpDir), "busybox:latest", "ls", "/tmp/tmpfs")
+	out, _, _, err := runCommandWithStdoutStderr(runCmd)
+	c.Assert(err, checker.IsNil)
+	c.Assert(out, checker.Contains, filepath.Base(f.Name()), check.Commentf("Recursive bind mount test failed. Expected file not found"))
+}
+
+func (s *DockerSuite) TestRunDeviceDirectory(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace, NotArm)
+	if _, err := os.Stat("/dev/snd"); err != nil {
+		c.Skip("Host does not have /dev/snd")
+	}
+
+	out, _ := dockerCmd(c, "run", "--device", "/dev/snd:/dev/snd", "busybox", "sh", "-c", "ls /dev/snd/")
+	c.Assert(strings.Trim(out, "\r\n"), checker.Contains, "timer", check.Commentf("expected output /dev/snd/timer"))
+
+	out, _ = dockerCmd(c, "run", "--device", "/dev/snd:/dev/othersnd", "busybox", "sh", "-c", "ls /dev/othersnd/")
+	c.Assert(strings.Trim(out, "\r\n"), checker.Contains, "seq", check.Commentf("expected output /dev/othersnd/seq"))
+}
+
+// TestRunDetach checks attaching and detaching with the default escape sequence.
+func (s *DockerSuite) TestRunAttachDetach(c *check.C) {
+	name := "attach-detach"
+
+	dockerCmd(c, "run", "--name", name, "-itd", "busybox", "cat")
+
+	cmd := exec.Command(dockerBinary, "attach", name)
+	stdout, err := cmd.StdoutPipe()
+	c.Assert(err, checker.IsNil)
+	cpty, tty, err := pty.Open()
+	c.Assert(err, checker.IsNil)
+	defer cpty.Close()
+	cmd.Stdin = tty
+	c.Assert(cmd.Start(), checker.IsNil)
+	c.Assert(waitRun(name), check.IsNil)
+
+	_, err = cpty.Write([]byte("hello\n"))
+	c.Assert(err, checker.IsNil)
+
+	out, err := bufio.NewReader(stdout).ReadString('\n')
+	c.Assert(err, checker.IsNil)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "hello")
+
+	// escape sequence
+	_, err = cpty.Write([]byte{16})
+	c.Assert(err, checker.IsNil)
+	time.Sleep(100 * time.Millisecond)
+	_, err = cpty.Write([]byte{17})
+	c.Assert(err, checker.IsNil)
+
+	ch := make(chan struct{})
+	go func() {
+		cmd.Wait()
+		ch <- struct{}{}
+	}()
+
+	select {
+	case <-ch:
+	case <-time.After(10 * time.Second):
+		c.Fatal("timed out waiting for container to exit")
+	}
+
+	running := inspectField(c, name, "State.Running")
+	c.Assert(running, checker.Equals, "true", check.Commentf("expected container to still be running"))
+}
+
+// TestRunDetach checks attaching and detaching with the escape sequence specified via flags.
+func (s *DockerSuite) TestRunAttachDetachFromFlag(c *check.C) {
+	name := "attach-detach"
+	keyCtrlA := []byte{1}
+	keyA := []byte{97}
+
+	dockerCmd(c, "run", "--name", name, "-itd", "busybox", "cat")
+
+	cmd := exec.Command(dockerBinary, "attach", "--detach-keys='ctrl-a,a'", name)
+	stdout, err := cmd.StdoutPipe()
+	if err != nil {
+		c.Fatal(err)
+	}
+	cpty, tty, err := pty.Open()
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer cpty.Close()
+	cmd.Stdin = tty
+	if err := cmd.Start(); err != nil {
+		c.Fatal(err)
+	}
+	c.Assert(waitRun(name), check.IsNil)
+
+	if _, err := cpty.Write([]byte("hello\n")); err != nil {
+		c.Fatal(err)
+	}
+
+	out, err := bufio.NewReader(stdout).ReadString('\n')
+	if err != nil {
+		c.Fatal(err)
+	}
+	if strings.TrimSpace(out) != "hello" {
+		c.Fatalf("expected 'hello', got %q", out)
+	}
+
+	// escape sequence
+	if _, err := cpty.Write(keyCtrlA); err != nil {
+		c.Fatal(err)
+	}
+	time.Sleep(100 * time.Millisecond)
+	if _, err := cpty.Write(keyA); err != nil {
+		c.Fatal(err)
+	}
+
+	ch := make(chan struct{})
+	go func() {
+		cmd.Wait()
+		ch <- struct{}{}
+	}()
+
+	select {
+	case <-ch:
+	case <-time.After(10 * time.Second):
+		c.Fatal("timed out waiting for container to exit")
+	}
+
+	running := inspectField(c, name, "State.Running")
+	c.Assert(running, checker.Equals, "true", check.Commentf("expected container to still be running"))
+}
+
+// TestRunDetach checks attaching and detaching with the escape sequence specified via config file.
+func (s *DockerSuite) TestRunAttachDetachFromConfig(c *check.C) {
+	keyCtrlA := []byte{1}
+	keyA := []byte{97}
+
+	// Setup config
+	homeKey := homedir.Key()
+	homeVal := homedir.Get()
+	tmpDir, err := ioutil.TempDir("", "fake-home")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(tmpDir)
+
+	dotDocker := filepath.Join(tmpDir, ".docker")
+	os.Mkdir(dotDocker, 0600)
+	tmpCfg := filepath.Join(dotDocker, "config.json")
+
+	defer func() { os.Setenv(homeKey, homeVal) }()
+	os.Setenv(homeKey, tmpDir)
+
+	data := `{
+		"detachKeys": "ctrl-a,a"
+	}`
+
+	err = ioutil.WriteFile(tmpCfg, []byte(data), 0600)
+	c.Assert(err, checker.IsNil)
+
+	// Then do the work
+	name := "attach-detach"
+	dockerCmd(c, "run", "--name", name, "-itd", "busybox", "cat")
+
+	cmd := exec.Command(dockerBinary, "attach", name)
+	stdout, err := cmd.StdoutPipe()
+	if err != nil {
+		c.Fatal(err)
+	}
+	cpty, tty, err := pty.Open()
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer cpty.Close()
+	cmd.Stdin = tty
+	if err := cmd.Start(); err != nil {
+		c.Fatal(err)
+	}
+	c.Assert(waitRun(name), check.IsNil)
+
+	if _, err := cpty.Write([]byte("hello\n")); err != nil {
+		c.Fatal(err)
+	}
+
+	out, err := bufio.NewReader(stdout).ReadString('\n')
+	if err != nil {
+		c.Fatal(err)
+	}
+	if strings.TrimSpace(out) != "hello" {
+		c.Fatalf("expected 'hello', got %q", out)
+	}
+
+	// escape sequence
+	if _, err := cpty.Write(keyCtrlA); err != nil {
+		c.Fatal(err)
+	}
+	time.Sleep(100 * time.Millisecond)
+	if _, err := cpty.Write(keyA); err != nil {
+		c.Fatal(err)
+	}
+
+	ch := make(chan struct{})
+	go func() {
+		cmd.Wait()
+		ch <- struct{}{}
+	}()
+
+	select {
+	case <-ch:
+	case <-time.After(10 * time.Second):
+		c.Fatal("timed out waiting for container to exit")
+	}
+
+	running := inspectField(c, name, "State.Running")
+	c.Assert(running, checker.Equals, "true", check.Commentf("expected container to still be running"))
+}
+
+// TestRunDetach checks attaching and detaching with the detach flags, making sure it overrides config file
+func (s *DockerSuite) TestRunAttachDetachKeysOverrideConfig(c *check.C) {
+	keyCtrlA := []byte{1}
+	keyA := []byte{97}
+
+	// Setup config
+	homeKey := homedir.Key()
+	homeVal := homedir.Get()
+	tmpDir, err := ioutil.TempDir("", "fake-home")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(tmpDir)
+
+	dotDocker := filepath.Join(tmpDir, ".docker")
+	os.Mkdir(dotDocker, 0600)
+	tmpCfg := filepath.Join(dotDocker, "config.json")
+
+	defer func() { os.Setenv(homeKey, homeVal) }()
+	os.Setenv(homeKey, tmpDir)
+
+	data := `{
+		"detachKeys": "ctrl-e,e"
+	}`
+
+	err = ioutil.WriteFile(tmpCfg, []byte(data), 0600)
+	c.Assert(err, checker.IsNil)
+
+	// Then do the work
+	name := "attach-detach"
+	dockerCmd(c, "run", "--name", name, "-itd", "busybox", "cat")
+
+	cmd := exec.Command(dockerBinary, "attach", "--detach-keys='ctrl-a,a'", name)
+	stdout, err := cmd.StdoutPipe()
+	if err != nil {
+		c.Fatal(err)
+	}
+	cpty, tty, err := pty.Open()
+	if err != nil {
+		c.Fatal(err)
+	}
+	defer cpty.Close()
+	cmd.Stdin = tty
+	if err := cmd.Start(); err != nil {
+		c.Fatal(err)
+	}
+	c.Assert(waitRun(name), check.IsNil)
+
+	if _, err := cpty.Write([]byte("hello\n")); err != nil {
+		c.Fatal(err)
+	}
+
+	out, err := bufio.NewReader(stdout).ReadString('\n')
+	if err != nil {
+		c.Fatal(err)
+	}
+	if strings.TrimSpace(out) != "hello" {
+		c.Fatalf("expected 'hello', got %q", out)
+	}
+
+	// escape sequence
+	if _, err := cpty.Write(keyCtrlA); err != nil {
+		c.Fatal(err)
+	}
+	time.Sleep(100 * time.Millisecond)
+	if _, err := cpty.Write(keyA); err != nil {
+		c.Fatal(err)
+	}
+
+	ch := make(chan struct{})
+	go func() {
+		cmd.Wait()
+		ch <- struct{}{}
+	}()
+
+	select {
+	case <-ch:
+	case <-time.After(10 * time.Second):
+		c.Fatal("timed out waiting for container to exit")
+	}
+
+	running := inspectField(c, name, "State.Running")
+	c.Assert(running, checker.Equals, "true", check.Commentf("expected container to still be running"))
+}
+
+// "test" should be printed
+func (s *DockerSuite) TestRunWithCPUQuota(c *check.C) {
+	testRequires(c, cpuCfsQuota)
+
+	file := "/sys/fs/cgroup/cpu/cpu.cfs_quota_us"
+	out, _ := dockerCmd(c, "run", "--cpu-quota", "8000", "--name", "test", "busybox", "cat", file)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "8000")
+
+	out = inspectField(c, "test", "HostConfig.CpuQuota")
+	c.Assert(out, checker.Equals, "8000", check.Commentf("setting the CPU CFS quota failed"))
+}
+
+func (s *DockerSuite) TestRunWithCpuPeriod(c *check.C) {
+	testRequires(c, cpuCfsPeriod)
+
+	file := "/sys/fs/cgroup/cpu/cpu.cfs_period_us"
+	out, _ := dockerCmd(c, "run", "--cpu-period", "50000", "--name", "test", "busybox", "cat", file)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "50000")
+
+	out = inspectField(c, "test", "HostConfig.CpuPeriod")
+	c.Assert(out, checker.Equals, "50000", check.Commentf("setting the CPU CFS period failed"))
+}
+
+func (s *DockerSuite) TestRunWithKernelMemory(c *check.C) {
+	testRequires(c, kernelMemorySupport)
+
+	file := "/sys/fs/cgroup/memory/memory.kmem.limit_in_bytes"
+	stdout, _, _ := dockerCmdWithStdoutStderr(c, "run", "--kernel-memory", "50M", "--name", "test1", "busybox", "cat", file)
+	c.Assert(strings.TrimSpace(stdout), checker.Equals, "52428800")
+
+	out := inspectField(c, "test1", "HostConfig.KernelMemory")
+	c.Assert(out, check.Equals, "52428800")
+}
+
+func (s *DockerSuite) TestRunWithInvalidKernelMemory(c *check.C) {
+	testRequires(c, kernelMemorySupport)
+
+	out, _, err := dockerCmdWithError("run", "--kernel-memory", "2M", "busybox", "true")
+	c.Assert(err, check.NotNil)
+	expected := "Minimum kernel memory limit allowed is 4MB"
+	c.Assert(out, checker.Contains, expected)
+
+	out, _, err = dockerCmdWithError("run", "--kernel-memory", "-16m", "--name", "test2", "busybox", "echo", "test")
+	c.Assert(err, check.NotNil)
+	expected = "invalid size"
+	c.Assert(out, checker.Contains, expected)
+}
+
+func (s *DockerSuite) TestRunWithCPUShares(c *check.C) {
+	testRequires(c, cpuShare)
+
+	file := "/sys/fs/cgroup/cpu/cpu.shares"
+	out, _ := dockerCmd(c, "run", "--cpu-shares", "1000", "--name", "test", "busybox", "cat", file)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "1000")
+
+	out = inspectField(c, "test", "HostConfig.CPUShares")
+	c.Assert(out, check.Equals, "1000")
+}
+
+// "test" should be printed
+func (s *DockerSuite) TestRunEchoStdoutWithCPUSharesAndMemoryLimit(c *check.C) {
+	testRequires(c, cpuShare)
+	testRequires(c, memoryLimitSupport)
+	out, _, _ := dockerCmdWithStdoutStderr(c, "run", "--cpu-shares", "1000", "-m", "32m", "busybox", "echo", "test")
+	c.Assert(out, checker.Equals, "test\n", check.Commentf("container should've printed 'test'"))
+}
+
+func (s *DockerSuite) TestRunWithCpusetCpus(c *check.C) {
+	testRequires(c, cgroupCpuset)
+
+	file := "/sys/fs/cgroup/cpuset/cpuset.cpus"
+	out, _ := dockerCmd(c, "run", "--cpuset-cpus", "0", "--name", "test", "busybox", "cat", file)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "0")
+
+	out = inspectField(c, "test", "HostConfig.CpusetCpus")
+	c.Assert(out, check.Equals, "0")
+}
+
+func (s *DockerSuite) TestRunWithCpusetMems(c *check.C) {
+	testRequires(c, cgroupCpuset)
+
+	file := "/sys/fs/cgroup/cpuset/cpuset.mems"
+	out, _ := dockerCmd(c, "run", "--cpuset-mems", "0", "--name", "test", "busybox", "cat", file)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "0")
+
+	out = inspectField(c, "test", "HostConfig.CpusetMems")
+	c.Assert(out, check.Equals, "0")
+}
+
+func (s *DockerSuite) TestRunWithBlkioWeight(c *check.C) {
+	testRequires(c, blkioWeight)
+
+	file := "/sys/fs/cgroup/blkio/blkio.weight"
+	out, _ := dockerCmd(c, "run", "--blkio-weight", "300", "--name", "test", "busybox", "cat", file)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "300")
+
+	out = inspectField(c, "test", "HostConfig.BlkioWeight")
+	c.Assert(out, check.Equals, "300")
+}
+
+func (s *DockerSuite) TestRunWithInvalidBlkioWeight(c *check.C) {
+	testRequires(c, blkioWeight)
+	out, _, err := dockerCmdWithError("run", "--blkio-weight", "5", "busybox", "true")
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	expected := "Range of blkio weight is from 10 to 1000"
+	c.Assert(out, checker.Contains, expected)
+}
+
+func (s *DockerSuite) TestRunWithInvalidPathforBlkioWeightDevice(c *check.C) {
+	testRequires(c, blkioWeight)
+	out, _, err := dockerCmdWithError("run", "--blkio-weight-device", "/dev/sdX:100", "busybox", "true")
+	c.Assert(err, check.NotNil, check.Commentf(out))
+}
+
+func (s *DockerSuite) TestRunWithInvalidPathforBlkioDeviceReadBps(c *check.C) {
+	testRequires(c, blkioWeight)
+	out, _, err := dockerCmdWithError("run", "--device-read-bps", "/dev/sdX:500", "busybox", "true")
+	c.Assert(err, check.NotNil, check.Commentf(out))
+}
+
+func (s *DockerSuite) TestRunWithInvalidPathforBlkioDeviceWriteBps(c *check.C) {
+	testRequires(c, blkioWeight)
+	out, _, err := dockerCmdWithError("run", "--device-write-bps", "/dev/sdX:500", "busybox", "true")
+	c.Assert(err, check.NotNil, check.Commentf(out))
+}
+
+func (s *DockerSuite) TestRunWithInvalidPathforBlkioDeviceReadIOps(c *check.C) {
+	testRequires(c, blkioWeight)
+	out, _, err := dockerCmdWithError("run", "--device-read-iops", "/dev/sdX:500", "busybox", "true")
+	c.Assert(err, check.NotNil, check.Commentf(out))
+}
+
+func (s *DockerSuite) TestRunWithInvalidPathforBlkioDeviceWriteIOps(c *check.C) {
+	testRequires(c, blkioWeight)
+	out, _, err := dockerCmdWithError("run", "--device-write-iops", "/dev/sdX:500", "busybox", "true")
+	c.Assert(err, check.NotNil, check.Commentf(out))
+}
+
+func (s *DockerSuite) TestRunOOMExitCode(c *check.C) {
+	testRequires(c, oomControl)
+	errChan := make(chan error)
+	go func() {
+		defer close(errChan)
+		//changing memory to 40MB from 4MB due to an issue with GCCGO that test fails to start the container.
+		out, exitCode, _ := dockerCmdWithError("run", "-m", "40MB", "busybox", "sh", "-c", "x=a; while true; do x=$x$x$x$x; done")
+		if expected := 137; exitCode != expected {
+			errChan <- fmt.Errorf("wrong exit code for OOM container: expected %d, got %d (output: %q)", expected, exitCode, out)
+		}
+	}()
+
+	select {
+	case err := <-errChan:
+		c.Assert(err, check.IsNil)
+	case <-time.After(600 * time.Second):
+		c.Fatal("Timeout waiting for container to die on OOM")
+	}
+}
+
+func (s *DockerSuite) TestRunWithMemoryLimit(c *check.C) {
+	testRequires(c, memoryLimitSupport)
+
+	file := "/sys/fs/cgroup/memory/memory.limit_in_bytes"
+	stdout, _, _ := dockerCmdWithStdoutStderr(c, "run", "-m", "32M", "--name", "test", "busybox", "cat", file)
+	c.Assert(strings.TrimSpace(stdout), checker.Equals, "33554432")
+
+	out := inspectField(c, "test", "HostConfig.Memory")
+	c.Assert(out, check.Equals, "33554432")
+}
+
+// TestRunWithoutMemoryswapLimit sets memory limit and disables swap
+// memory limit, this means the processes in the container can use
+// 16M memory and as much swap memory as they need (if the host
+// supports swap memory).
+func (s *DockerSuite) TestRunWithoutMemoryswapLimit(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, memoryLimitSupport)
+	testRequires(c, swapMemorySupport)
+	dockerCmd(c, "run", "-m", "32m", "--memory-swap", "-1", "busybox", "true")
+}
+
+func (s *DockerSuite) TestRunWithSwappiness(c *check.C) {
+	testRequires(c, memorySwappinessSupport)
+	file := "/sys/fs/cgroup/memory/memory.swappiness"
+	out, _ := dockerCmd(c, "run", "--memory-swappiness", "0", "--name", "test", "busybox", "cat", file)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "0")
+
+	out = inspectField(c, "test", "HostConfig.MemorySwappiness")
+	c.Assert(out, check.Equals, "0")
+}
+
+func (s *DockerSuite) TestRunWithSwappinessInvalid(c *check.C) {
+	testRequires(c, memorySwappinessSupport)
+	out, _, err := dockerCmdWithError("run", "--memory-swappiness", "101", "busybox", "true")
+	c.Assert(err, check.NotNil)
+	expected := "Valid memory swappiness range is 0-100"
+	c.Assert(out, checker.Contains, expected, check.Commentf("Expected output to contain %q, not %q", out, expected))
+
+	out, _, err = dockerCmdWithError("run", "--memory-swappiness", "-10", "busybox", "true")
+	c.Assert(err, check.NotNil)
+	c.Assert(out, checker.Contains, expected, check.Commentf("Expected output to contain %q, not %q", out, expected))
+}
+
+func (s *DockerSuite) TestRunWithMemoryReservation(c *check.C) {
+	testRequires(c, memoryReservationSupport)
+
+	file := "/sys/fs/cgroup/memory/memory.soft_limit_in_bytes"
+	out, _ := dockerCmd(c, "run", "--memory-reservation", "200M", "--name", "test", "busybox", "cat", file)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "209715200")
+
+	out = inspectField(c, "test", "HostConfig.MemoryReservation")
+	c.Assert(out, check.Equals, "209715200")
+}
+
+func (s *DockerSuite) TestRunWithMemoryReservationInvalid(c *check.C) {
+	testRequires(c, memoryLimitSupport)
+	testRequires(c, memoryReservationSupport)
+	out, _, err := dockerCmdWithError("run", "-m", "500M", "--memory-reservation", "800M", "busybox", "true")
+	c.Assert(err, check.NotNil)
+	expected := "Minimum memory limit should be larger than memory reservation limit"
+	c.Assert(strings.TrimSpace(out), checker.Contains, expected, check.Commentf("run container should fail with invalid memory reservation"))
+}
+
+func (s *DockerSuite) TestStopContainerSignal(c *check.C) {
+	out, _ := dockerCmd(c, "run", "--stop-signal", "SIGUSR1", "-d", "busybox", "/bin/sh", "-c", `trap 'echo "exit trapped"; exit 0' USR1; while true; do sleep 1; done`)
+	containerID := strings.TrimSpace(out)
+
+	c.Assert(waitRun(containerID), checker.IsNil)
+
+	dockerCmd(c, "stop", containerID)
+	out, _ = dockerCmd(c, "logs", containerID)
+
+	c.Assert(out, checker.Contains, "exit trapped", check.Commentf("Expected `exit trapped` in the log"))
+}
+
+func (s *DockerSuite) TestRunSwapLessThanMemoryLimit(c *check.C) {
+	testRequires(c, memoryLimitSupport)
+	testRequires(c, swapMemorySupport)
+	out, _, err := dockerCmdWithError("run", "-m", "16m", "--memory-swap", "15m", "busybox", "echo", "test")
+	expected := "Minimum memoryswap limit should be larger than memory limit"
+	c.Assert(err, check.NotNil)
+
+	c.Assert(out, checker.Contains, expected)
+}
+
+func (s *DockerSuite) TestRunInvalidCpusetCpusFlagValue(c *check.C) {
+	testRequires(c, cgroupCpuset, SameHostDaemon)
+
+	sysInfo := sysinfo.New(true)
+	cpus, err := parsers.ParseUintList(sysInfo.Cpus)
+	c.Assert(err, check.IsNil)
+	var invalid int
+	for i := 0; i <= len(cpus)+1; i++ {
+		if !cpus[i] {
+			invalid = i
+			break
+		}
+	}
+	out, _, err := dockerCmdWithError("run", "--cpuset-cpus", strconv.Itoa(invalid), "busybox", "true")
+	c.Assert(err, check.NotNil)
+	expected := fmt.Sprintf("Error response from daemon: Requested CPUs are not available - requested %s, available: %s", strconv.Itoa(invalid), sysInfo.Cpus)
+	c.Assert(out, checker.Contains, expected)
+}
+
+func (s *DockerSuite) TestRunInvalidCpusetMemsFlagValue(c *check.C) {
+	testRequires(c, cgroupCpuset)
+
+	sysInfo := sysinfo.New(true)
+	mems, err := parsers.ParseUintList(sysInfo.Mems)
+	c.Assert(err, check.IsNil)
+	var invalid int
+	for i := 0; i <= len(mems)+1; i++ {
+		if !mems[i] {
+			invalid = i
+			break
+		}
+	}
+	out, _, err := dockerCmdWithError("run", "--cpuset-mems", strconv.Itoa(invalid), "busybox", "true")
+	c.Assert(err, check.NotNil)
+	expected := fmt.Sprintf("Error response from daemon: Requested memory nodes are not available - requested %s, available: %s", strconv.Itoa(invalid), sysInfo.Mems)
+	c.Assert(out, checker.Contains, expected)
+}
+
+func (s *DockerSuite) TestRunInvalidCPUShares(c *check.C) {
+	testRequires(c, cpuShare, DaemonIsLinux)
+	out, _, err := dockerCmdWithError("run", "--cpu-shares", "1", "busybox", "echo", "test")
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	expected := "The minimum allowed cpu-shares is 2"
+	c.Assert(out, checker.Contains, expected)
+
+	out, _, err = dockerCmdWithError("run", "--cpu-shares", "-1", "busybox", "echo", "test")
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	expected = "shares: invalid argument"
+	c.Assert(out, checker.Contains, expected)
+
+	out, _, err = dockerCmdWithError("run", "--cpu-shares", "99999999", "busybox", "echo", "test")
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	expected = "The maximum allowed cpu-shares is"
+	c.Assert(out, checker.Contains, expected)
+}
+
+func (s *DockerSuite) TestRunWithDefaultShmSize(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	name := "shm-default"
+	out, _ := dockerCmd(c, "run", "--name", name, "busybox", "mount")
+	shmRegex := regexp.MustCompile(`shm on /dev/shm type tmpfs(.*)size=65536k`)
+	if !shmRegex.MatchString(out) {
+		c.Fatalf("Expected shm of 64MB in mount command, got %v", out)
+	}
+	shmSize := inspectField(c, name, "HostConfig.ShmSize")
+	c.Assert(shmSize, check.Equals, "67108864")
+}
+
+func (s *DockerSuite) TestRunWithShmSize(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	name := "shm"
+	out, _ := dockerCmd(c, "run", "--name", name, "--shm-size=1G", "busybox", "mount")
+	shmRegex := regexp.MustCompile(`shm on /dev/shm type tmpfs(.*)size=1048576k`)
+	if !shmRegex.MatchString(out) {
+		c.Fatalf("Expected shm of 1GB in mount command, got %v", out)
+	}
+	shmSize := inspectField(c, name, "HostConfig.ShmSize")
+	c.Assert(shmSize, check.Equals, "1073741824")
+}
+
+func (s *DockerSuite) TestRunTmpfsMounts(c *check.C) {
+	// TODO Windows (Post TP4): This test cannot run on a Windows daemon as
+	// Windows does not support tmpfs mounts.
+	testRequires(c, DaemonIsLinux)
+	if out, _, err := dockerCmdWithError("run", "--tmpfs", "/run", "busybox", "touch", "/run/somefile"); err != nil {
+		c.Fatalf("/run directory not mounted on tmpfs %q %s", err, out)
+	}
+	if out, _, err := dockerCmdWithError("run", "--tmpfs", "/run:noexec", "busybox", "touch", "/run/somefile"); err != nil {
+		c.Fatalf("/run directory not mounted on tmpfs %q %s", err, out)
+	}
+	if out, _, err := dockerCmdWithError("run", "--tmpfs", "/run:noexec,nosuid,rw,size=5k,mode=700", "busybox", "touch", "/run/somefile"); err != nil {
+		c.Fatalf("/run failed to mount on tmpfs with valid options %q %s", err, out)
+	}
+	if _, _, err := dockerCmdWithError("run", "--tmpfs", "/run:foobar", "busybox", "touch", "/run/somefile"); err == nil {
+		c.Fatalf("/run mounted on tmpfs when it should have vailed within invalid mount option")
+	}
+	if _, _, err := dockerCmdWithError("run", "--tmpfs", "/run", "-v", "/run:/run", "busybox", "touch", "/run/somefile"); err == nil {
+		c.Fatalf("Should have generated an error saying Duplicate mount  points")
+	}
+}
+
+// TestRunSeccompProfileDenyUnshare checks that 'docker run --security-opt seccomp=/tmp/profile.json debian:jessie unshare' exits with operation not permitted.
+func (s *DockerSuite) TestRunSeccompProfileDenyUnshare(c *check.C) {
+	testRequires(c, SameHostDaemon, seccompEnabled, NotArm, Apparmor)
+	jsonData := `{
+	"defaultAction": "SCMP_ACT_ALLOW",
+	"syscalls": [
+		{
+			"name": "unshare",
+			"action": "SCMP_ACT_ERRNO"
+		}
+	]
+}`
+	tmpFile, err := ioutil.TempFile("", "profile.json")
+	defer tmpFile.Close()
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	if _, err := tmpFile.Write([]byte(jsonData)); err != nil {
+		c.Fatal(err)
+	}
+	runCmd := exec.Command(dockerBinary, "run", "--security-opt", "apparmor=unconfined", "--security-opt", "seccomp="+tmpFile.Name(), "debian:jessie", "unshare", "-p", "-m", "-f", "-r", "mount", "-t", "proc", "none", "/proc")
+	out, _, _ := runCommandWithOutput(runCmd)
+	if !strings.Contains(out, "Operation not permitted") {
+		c.Fatalf("expected unshare with seccomp profile denied to fail, got %s", out)
+	}
+}
+
+// TestRunSeccompProfileDenyChmod checks that 'docker run --security-opt seccomp=/tmp/profile.json busybox chmod 400 /etc/hostname' exits with operation not permitted.
+func (s *DockerSuite) TestRunSeccompProfileDenyChmod(c *check.C) {
+	testRequires(c, SameHostDaemon, seccompEnabled)
+	jsonData := `{
+	"defaultAction": "SCMP_ACT_ALLOW",
+	"syscalls": [
+		{
+			"name": "chmod",
+			"action": "SCMP_ACT_ERRNO"
+		}
+	]
+}`
+	tmpFile, err := ioutil.TempFile("", "profile.json")
+	defer tmpFile.Close()
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	if _, err := tmpFile.Write([]byte(jsonData)); err != nil {
+		c.Fatal(err)
+	}
+	runCmd := exec.Command(dockerBinary, "run", "--security-opt", "seccomp="+tmpFile.Name(), "busybox", "chmod", "400", "/etc/hostname")
+	out, _, _ := runCommandWithOutput(runCmd)
+	if !strings.Contains(out, "Operation not permitted") {
+		c.Fatalf("expected chmod with seccomp profile denied to fail, got %s", out)
+	}
+}
+
+// TestRunSeccompProfileDenyUnshareUserns checks that 'docker run debian:jessie unshare --map-root-user --user sh -c whoami' with a specific profile to
+// deny unhare of a userns exits with operation not permitted.
+func (s *DockerSuite) TestRunSeccompProfileDenyUnshareUserns(c *check.C) {
+	testRequires(c, SameHostDaemon, seccompEnabled, NotArm, Apparmor)
+	// from sched.h
+	jsonData := fmt.Sprintf(`{
+	"defaultAction": "SCMP_ACT_ALLOW",
+	"syscalls": [
+		{
+			"name": "unshare",
+			"action": "SCMP_ACT_ERRNO",
+			"args": [
+				{
+					"index": 0,
+					"value": %d,
+					"op": "SCMP_CMP_EQ"
+				}
+			]
+		}
+	]
+}`, uint64(0x10000000))
+	tmpFile, err := ioutil.TempFile("", "profile.json")
+	defer tmpFile.Close()
+	if err != nil {
+		c.Fatal(err)
+	}
+
+	if _, err := tmpFile.Write([]byte(jsonData)); err != nil {
+		c.Fatal(err)
+	}
+	runCmd := exec.Command(dockerBinary, "run", "--security-opt", "apparmor=unconfined", "--security-opt", "seccomp="+tmpFile.Name(), "debian:jessie", "unshare", "--map-root-user", "--user", "sh", "-c", "whoami")
+	out, _, _ := runCommandWithOutput(runCmd)
+	if !strings.Contains(out, "Operation not permitted") {
+		c.Fatalf("expected unshare userns with seccomp profile denied to fail, got %s", out)
+	}
+}
+
+// TestRunSeccompProfileDenyCloneUserns checks that 'docker run syscall-test'
+// with a the default seccomp profile exits with operation not permitted.
+func (s *DockerSuite) TestRunSeccompProfileDenyCloneUserns(c *check.C) {
+	testRequires(c, SameHostDaemon, seccompEnabled)
+
+	runCmd := exec.Command(dockerBinary, "run", "syscall-test", "userns-test", "id")
+	out, _, err := runCommandWithOutput(runCmd)
+	if err == nil || !strings.Contains(out, "clone failed: Operation not permitted") {
+		c.Fatalf("expected clone userns with default seccomp profile denied to fail, got %s: %v", out, err)
+	}
+}
+
+// TestRunSeccompUnconfinedCloneUserns checks that
+// 'docker run --security-opt seccomp=unconfined syscall-test' allows creating a userns.
+func (s *DockerSuite) TestRunSeccompUnconfinedCloneUserns(c *check.C) {
+	testRequires(c, SameHostDaemon, seccompEnabled, UserNamespaceInKernel, NotUserNamespace)
+
+	// make sure running w privileged is ok
+	runCmd := exec.Command(dockerBinary, "run", "--security-opt", "seccomp=unconfined", "syscall-test", "userns-test", "id")
+	if out, _, err := runCommandWithOutput(runCmd); err != nil || !strings.Contains(out, "nobody") {
+		c.Fatalf("expected clone userns with --security-opt seccomp=unconfined to succeed, got %s: %v", out, err)
+	}
+}
+
+// TestRunSeccompAllowPrivCloneUserns checks that 'docker run --privileged syscall-test'
+// allows creating a userns.
+func (s *DockerSuite) TestRunSeccompAllowPrivCloneUserns(c *check.C) {
+	testRequires(c, SameHostDaemon, seccompEnabled, UserNamespaceInKernel, NotUserNamespace)
+
+	// make sure running w privileged is ok
+	runCmd := exec.Command(dockerBinary, "run", "--privileged", "syscall-test", "userns-test", "id")
+	if out, _, err := runCommandWithOutput(runCmd); err != nil || !strings.Contains(out, "nobody") {
+		c.Fatalf("expected clone userns with --privileged to succeed, got %s: %v", out, err)
+	}
+}
+
+// TestRunSeccompAllowSetrlimit checks that 'docker run debian:jessie ulimit -v 1048510' succeeds.
+func (s *DockerSuite) TestRunSeccompAllowSetrlimit(c *check.C) {
+	testRequires(c, SameHostDaemon, seccompEnabled)
+
+	// ulimit uses setrlimit, so we want to make sure we don't break it
+	runCmd := exec.Command(dockerBinary, "run", "debian:jessie", "bash", "-c", "ulimit -v 1048510")
+	if out, _, err := runCommandWithOutput(runCmd); err != nil {
+		c.Fatalf("expected ulimit with seccomp to succeed, got %s: %v", out, err)
+	}
+}
+
+func (s *DockerSuite) TestRunSeccompDefaultProfile(c *check.C) {
+	testRequires(c, SameHostDaemon, seccompEnabled, NotUserNamespace)
+
+	var group sync.WaitGroup
+	group.Add(4)
+	errChan := make(chan error, 4)
+	go func() {
+		out, _, err := dockerCmdWithError("run", "--cap-add", "ALL", "syscall-test", "acct-test")
+		if err == nil || !strings.Contains(out, "Operation not permitted") {
+			errChan <- fmt.Errorf("expected Operation not permitted, got: %s", out)
+		}
+		group.Done()
+	}()
+
+	go func() {
+		out, _, err := dockerCmdWithError("run", "--cap-add", "ALL", "syscall-test", "ns-test", "echo", "hello")
+		if err == nil || !strings.Contains(out, "Operation not permitted") {
+			errChan <- fmt.Errorf("expected Operation not permitted, got: %s", out)
+		}
+		group.Done()
+	}()
+
+	go func() {
+		out, _, err := dockerCmdWithError("run", "--cap-add", "ALL", "--security-opt", "seccomp=unconfined", "syscall-test", "acct-test")
+		if err == nil || !strings.Contains(out, "No such file or directory") {
+			errChan <- fmt.Errorf("expected No such file or directory, got: %s", out)
+		}
+		group.Done()
+	}()
+
+	go func() {
+		out, _, err := dockerCmdWithError("run", "--cap-add", "ALL", "--security-opt", "seccomp=unconfined", "syscall-test", "ns-test", "echo", "hello")
+		if err != nil || !strings.Contains(out, "hello") {
+			errChan <- fmt.Errorf("expected hello, got: %s, %v", out, err)
+		}
+		group.Done()
+	}()
+
+	group.Wait()
+	close(errChan)
+
+	for err := range errChan {
+		c.Assert(err, checker.IsNil)
+	}
+}
+
+// TestRunNoNewPrivSetuid checks that --security-opt=no-new-privileges prevents
+// effective uid transtions on executing setuid binaries.
+func (s *DockerSuite) TestRunNoNewPrivSetuid(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace, SameHostDaemon)
+
+	// test that running a setuid binary results in no effective uid transition
+	runCmd := exec.Command(dockerBinary, "run", "--security-opt", "no-new-privileges", "--user", "1000", "nnp-test", "/usr/bin/nnp-test")
+	if out, _, err := runCommandWithOutput(runCmd); err != nil || !strings.Contains(out, "EUID=1000") {
+		c.Fatalf("expected output to contain EUID=1000, got %s: %v", out, err)
+	}
+}
+
+func (s *DockerSuite) TestRunApparmorProcDirectory(c *check.C) {
+	testRequires(c, SameHostDaemon, Apparmor)
+
+	// running w seccomp unconfined tests the apparmor profile
+	runCmd := exec.Command(dockerBinary, "run", "--security-opt", "seccomp=unconfined", "busybox", "chmod", "777", "/proc/1/cgroup")
+	if out, _, err := runCommandWithOutput(runCmd); err == nil || !(strings.Contains(out, "Permission denied") || strings.Contains(out, "Operation not permitted")) {
+		c.Fatalf("expected chmod 777 /proc/1/cgroup to fail, got %s: %v", out, err)
+	}
+
+	runCmd = exec.Command(dockerBinary, "run", "--security-opt", "seccomp=unconfined", "busybox", "chmod", "777", "/proc/1/attr/current")
+	if out, _, err := runCommandWithOutput(runCmd); err == nil || !(strings.Contains(out, "Permission denied") || strings.Contains(out, "Operation not permitted")) {
+		c.Fatalf("expected chmod 777 /proc/1/attr/current to fail, got %s: %v", out, err)
+	}
+}
+
+// make sure the default profile can be successfully parsed (using unshare as it is
+// something which we know is blocked in the default profile)
+func (s *DockerSuite) TestRunSeccompWithDefaultProfile(c *check.C) {
+	testRequires(c, SameHostDaemon, seccompEnabled)
+
+	out, _, err := dockerCmdWithError("run", "--security-opt", "seccomp=../profiles/seccomp/default.json", "debian:jessie", "unshare", "--map-root-user", "--user", "sh", "-c", "whoami")
+	c.Assert(err, checker.NotNil, check.Commentf(out))
+	c.Assert(strings.TrimSpace(out), checker.Equals, "unshare: unshare failed: Operation not permitted")
+}
+
+// TestRunDeviceSymlink checks run with device that follows symlink (#13840)
+func (s *DockerSuite) TestRunDeviceSymlink(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace, NotArm, SameHostDaemon)
+	if _, err := os.Stat("/dev/zero"); err != nil {
+		c.Skip("Host does not have /dev/zero")
+	}
+
+	// Create a temporary directory to create symlink
+	tmpDir, err := ioutil.TempDir("", "docker_device_follow_symlink_tests")
+	c.Assert(err, checker.IsNil)
+
+	defer os.RemoveAll(tmpDir)
+
+	// Create a symbolic link to /dev/zero
+	symZero := filepath.Join(tmpDir, "zero")
+	err = os.Symlink("/dev/zero", symZero)
+	c.Assert(err, checker.IsNil)
+
+	// Create a temporary file "temp" inside tmpDir, write some data to "tmpDir/temp",
+	// then create a symlink "tmpDir/file" to the temporary file "tmpDir/temp".
+	tmpFile := filepath.Join(tmpDir, "temp")
+	err = ioutil.WriteFile(tmpFile, []byte("temp"), 0666)
+	c.Assert(err, checker.IsNil)
+	symFile := filepath.Join(tmpDir, "file")
+	err = os.Symlink(tmpFile, symFile)
+	c.Assert(err, checker.IsNil)
+
+	// md5sum of 'dd if=/dev/zero bs=4K count=8' is bb7df04e1b0a2570657527a7e108ae23
+	out, _ := dockerCmd(c, "run", "--device", symZero+":/dev/symzero", "busybox", "sh", "-c", "dd if=/dev/symzero bs=4K count=8 | md5sum")
+	c.Assert(strings.Trim(out, "\r\n"), checker.Contains, "bb7df04e1b0a2570657527a7e108ae23", check.Commentf("expected output bb7df04e1b0a2570657527a7e108ae23"))
+
+	// symlink "tmpDir/file" to a file "tmpDir/temp" will result in an error as it is not a device.
+	out, _, err = dockerCmdWithError("run", "--device", symFile+":/dev/symzero", "busybox", "sh", "-c", "dd if=/dev/symzero bs=4K count=8 | md5sum")
+	c.Assert(err, check.NotNil)
+	c.Assert(strings.Trim(out, "\r\n"), checker.Contains, "not a device node", check.Commentf("expected output 'not a device node'"))
+}
+
+// TestRunPidsLimit makes sure the pids cgroup is set with --pids-limit
+func (s *DockerSuite) TestRunPidsLimit(c *check.C) {
+	testRequires(c, pidsLimit)
+
+	file := "/sys/fs/cgroup/pids/pids.max"
+	out, _ := dockerCmd(c, "run", "--name", "skittles", "--pids-limit", "2", "busybox", "cat", file)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "2")
+
+	out = inspectField(c, "skittles", "HostConfig.PidsLimit")
+	c.Assert(out, checker.Equals, "2", check.Commentf("setting the pids limit failed"))
+}
+
+func (s *DockerSuite) TestRunPrivilegedAllowedDevices(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+
+	file := "/sys/fs/cgroup/devices/devices.list"
+	out, _ := dockerCmd(c, "run", "--privileged", "busybox", "cat", file)
+	c.Logf("out: %q", out)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "a *:* rwm")
+}
+
+func (s *DockerSuite) TestRunUserDeviceAllowed(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	fi, err := os.Stat("/dev/snd/timer")
+	if err != nil {
+		c.Skip("Host does not have /dev/snd/timer")
+	}
+	stat, ok := fi.Sys().(*syscall.Stat_t)
+	if !ok {
+		c.Skip("Could not stat /dev/snd/timer")
+	}
+
+	file := "/sys/fs/cgroup/devices/devices.list"
+	out, _ := dockerCmd(c, "run", "--device", "/dev/snd/timer:w", "busybox", "cat", file)
+	c.Assert(out, checker.Contains, fmt.Sprintf("c %d:%d w", stat.Rdev/256, stat.Rdev%256))
+}
diff --git a/integration-cli/docker_cli_save_load_test.go b/integration-cli/docker_cli_save_load_test.go
new file mode 100644
index 00000000..b21c987b
--- /dev/null
+++ b/integration-cli/docker_cli_save_load_test.go
@@ -0,0 +1,352 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"reflect"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+// save a repo using gz compression and try to load it using stdout
+func (s *DockerSuite) TestSaveXzAndLoadRepoStdout(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "test-save-xz-and-load-repo-stdout"
+	dockerCmd(c, "run", "--name", name, "busybox", "true")
+
+	repoName := "foobar-save-load-test-xz-gz"
+	out, _ := dockerCmd(c, "commit", name, repoName)
+
+	dockerCmd(c, "inspect", repoName)
+
+	repoTarball, _, err := runCommandPipelineWithOutput(
+		exec.Command(dockerBinary, "save", repoName),
+		exec.Command("xz", "-c"),
+		exec.Command("gzip", "-c"))
+	c.Assert(err, checker.IsNil, check.Commentf("failed to save repo: %v %v", out, err))
+	deleteImages(repoName)
+
+	loadCmd := exec.Command(dockerBinary, "load")
+	loadCmd.Stdin = strings.NewReader(repoTarball)
+	out, _, err = runCommandWithOutput(loadCmd)
+	c.Assert(err, checker.NotNil, check.Commentf("expected error, but succeeded with no error and output: %v", out))
+
+	after, _, err := dockerCmdWithError("inspect", repoName)
+	c.Assert(err, checker.NotNil, check.Commentf("the repo should not exist: %v", after))
+}
+
+// save a repo using xz+gz compression and try to load it using stdout
+func (s *DockerSuite) TestSaveXzGzAndLoadRepoStdout(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "test-save-xz-gz-and-load-repo-stdout"
+	dockerCmd(c, "run", "--name", name, "busybox", "true")
+
+	repoName := "foobar-save-load-test-xz-gz"
+	dockerCmd(c, "commit", name, repoName)
+
+	dockerCmd(c, "inspect", repoName)
+
+	out, _, err := runCommandPipelineWithOutput(
+		exec.Command(dockerBinary, "save", repoName),
+		exec.Command("xz", "-c"),
+		exec.Command("gzip", "-c"))
+	c.Assert(err, checker.IsNil, check.Commentf("failed to save repo: %v %v", out, err))
+
+	deleteImages(repoName)
+
+	loadCmd := exec.Command(dockerBinary, "load")
+	loadCmd.Stdin = strings.NewReader(out)
+	out, _, err = runCommandWithOutput(loadCmd)
+	c.Assert(err, checker.NotNil, check.Commentf("expected error, but succeeded with no error and output: %v", out))
+
+	after, _, err := dockerCmdWithError("inspect", repoName)
+	c.Assert(err, checker.NotNil, check.Commentf("the repo should not exist: %v", after))
+}
+
+func (s *DockerSuite) TestSaveSingleTag(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	repoName := "foobar-save-single-tag-test"
+	dockerCmd(c, "tag", "busybox:latest", fmt.Sprintf("%v:latest", repoName))
+
+	out, _ := dockerCmd(c, "images", "-q", "--no-trunc", repoName)
+	cleanedImageID := strings.TrimSpace(out)
+
+	out, _, err := runCommandPipelineWithOutput(
+		exec.Command(dockerBinary, "save", fmt.Sprintf("%v:latest", repoName)),
+		exec.Command("tar", "t"),
+		exec.Command("grep", "-E", fmt.Sprintf("(^repositories$|%v)", cleanedImageID)))
+	c.Assert(err, checker.IsNil, check.Commentf("failed to save repo with image ID and 'repositories' file: %s, %v", out, err))
+}
+
+func (s *DockerSuite) TestSaveCheckTimes(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	repoName := "busybox:latest"
+	out, _ := dockerCmd(c, "inspect", repoName)
+	data := []struct {
+		ID      string
+		Created time.Time
+	}{}
+	err := json.Unmarshal([]byte(out), &data)
+	c.Assert(err, checker.IsNil, check.Commentf("failed to marshal from %q: err %v", repoName, err))
+	c.Assert(len(data), checker.Not(checker.Equals), 0, check.Commentf("failed to marshal the data from %q", repoName))
+	tarTvTimeFormat := "2006-01-02 15:04"
+	out, _, err = runCommandPipelineWithOutput(
+		exec.Command(dockerBinary, "save", repoName),
+		exec.Command("tar", "tv"),
+		exec.Command("grep", "-E", fmt.Sprintf("%s %s", data[0].Created.Format(tarTvTimeFormat), digest.Digest(data[0].ID).Hex())))
+	c.Assert(err, checker.IsNil, check.Commentf("failed to save repo with image ID and 'repositories' file: %s, %v", out, err))
+}
+
+func (s *DockerSuite) TestSaveImageId(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	repoName := "foobar-save-image-id-test"
+	dockerCmd(c, "tag", "emptyfs:latest", fmt.Sprintf("%v:latest", repoName))
+
+	out, _ := dockerCmd(c, "images", "-q", "--no-trunc", repoName)
+	cleanedLongImageID := strings.TrimPrefix(strings.TrimSpace(out), "sha256:")
+
+	out, _ = dockerCmd(c, "images", "-q", repoName)
+	cleanedShortImageID := strings.TrimSpace(out)
+
+	// Make sure IDs are not empty
+	c.Assert(cleanedLongImageID, checker.Not(check.Equals), "", check.Commentf("Id should not be empty."))
+	c.Assert(cleanedShortImageID, checker.Not(check.Equals), "", check.Commentf("Id should not be empty."))
+
+	saveCmd := exec.Command(dockerBinary, "save", cleanedShortImageID)
+	tarCmd := exec.Command("tar", "t")
+
+	var err error
+	tarCmd.Stdin, err = saveCmd.StdoutPipe()
+	c.Assert(err, checker.IsNil, check.Commentf("cannot set stdout pipe for tar: %v", err))
+	grepCmd := exec.Command("grep", cleanedLongImageID)
+	grepCmd.Stdin, err = tarCmd.StdoutPipe()
+	c.Assert(err, checker.IsNil, check.Commentf("cannot set stdout pipe for grep: %v", err))
+
+	c.Assert(tarCmd.Start(), checker.IsNil, check.Commentf("tar failed with error: %v", err))
+	c.Assert(saveCmd.Start(), checker.IsNil, check.Commentf("docker save failed with error: %v", err))
+	defer func() {
+		saveCmd.Wait()
+		tarCmd.Wait()
+		dockerCmd(c, "rmi", repoName)
+	}()
+
+	out, _, err = runCommandWithOutput(grepCmd)
+
+	c.Assert(err, checker.IsNil, check.Commentf("failed to save repo with image ID: %s, %v", out, err))
+}
+
+// save a repo and try to load it using flags
+func (s *DockerSuite) TestSaveAndLoadRepoFlags(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	name := "test-save-and-load-repo-flags"
+	dockerCmd(c, "run", "--name", name, "busybox", "true")
+
+	repoName := "foobar-save-load-test"
+
+	deleteImages(repoName)
+	dockerCmd(c, "commit", name, repoName)
+
+	before, _ := dockerCmd(c, "inspect", repoName)
+
+	out, _, err := runCommandPipelineWithOutput(
+		exec.Command(dockerBinary, "save", repoName),
+		exec.Command(dockerBinary, "load"))
+	c.Assert(err, checker.IsNil, check.Commentf("failed to save and load repo: %s, %v", out, err))
+
+	after, _ := dockerCmd(c, "inspect", repoName)
+	c.Assert(before, checker.Equals, after, check.Commentf("inspect is not the same after a save / load"))
+}
+
+func (s *DockerSuite) TestSaveWithNoExistImage(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	imgName := "foobar-non-existing-image"
+
+	out, _, err := dockerCmdWithError("save", "-o", "test-img.tar", imgName)
+	c.Assert(err, checker.NotNil, check.Commentf("save image should fail for non-existing image"))
+	c.Assert(out, checker.Contains, fmt.Sprintf("No such image: %s", imgName))
+}
+
+func (s *DockerSuite) TestSaveMultipleNames(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	repoName := "foobar-save-multi-name-test"
+
+	// Make one image
+	dockerCmd(c, "tag", "emptyfs:latest", fmt.Sprintf("%v-one:latest", repoName))
+
+	// Make two images
+	dockerCmd(c, "tag", "emptyfs:latest", fmt.Sprintf("%v-two:latest", repoName))
+
+	out, _, err := runCommandPipelineWithOutput(
+		exec.Command(dockerBinary, "save", fmt.Sprintf("%v-one", repoName), fmt.Sprintf("%v-two:latest", repoName)),
+		exec.Command("tar", "xO", "repositories"),
+		exec.Command("grep", "-q", "-E", "(-one|-two)"),
+	)
+	c.Assert(err, checker.IsNil, check.Commentf("failed to save multiple repos: %s, %v", out, err))
+}
+
+func (s *DockerSuite) TestSaveRepoWithMultipleImages(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	makeImage := func(from string, tag string) string {
+		var (
+			out string
+		)
+		out, _ = dockerCmd(c, "run", "-d", from, "true")
+		cleanedContainerID := strings.TrimSpace(out)
+
+		out, _ = dockerCmd(c, "commit", cleanedContainerID, tag)
+		imageID := strings.TrimSpace(out)
+		return imageID
+	}
+
+	repoName := "foobar-save-multi-images-test"
+	tagFoo := repoName + ":foo"
+	tagBar := repoName + ":bar"
+
+	idFoo := makeImage("busybox:latest", tagFoo)
+	idBar := makeImage("busybox:latest", tagBar)
+
+	deleteImages(repoName)
+
+	// create the archive
+	out, _, err := runCommandPipelineWithOutput(
+		exec.Command(dockerBinary, "save", repoName, "busybox:latest"),
+		exec.Command("tar", "t"))
+	c.Assert(err, checker.IsNil, check.Commentf("failed to save multiple images: %s, %v", out, err))
+
+	lines := strings.Split(strings.TrimSpace(out), "\n")
+	var actual []string
+	for _, l := range lines {
+		if regexp.MustCompile("^[a-f0-9]{64}\\.json$").Match([]byte(l)) {
+			actual = append(actual, strings.TrimSuffix(l, ".json"))
+		}
+	}
+
+	// make the list of expected layers
+	out = inspectField(c, "busybox:latest", "Id")
+	expected := []string{strings.TrimSpace(out), idFoo, idBar}
+
+	// prefixes are not in tar
+	for i := range expected {
+		expected[i] = digest.Digest(expected[i]).Hex()
+	}
+
+	sort.Strings(actual)
+	sort.Strings(expected)
+	c.Assert(actual, checker.DeepEquals, expected, check.Commentf("archive does not contains the right layers: got %v, expected %v, output: %q", actual, expected, out))
+}
+
+// Issue #6722 #5892 ensure directories are included in changes
+func (s *DockerSuite) TestSaveDirectoryPermissions(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	layerEntries := []string{"opt/", "opt/a/", "opt/a/b/", "opt/a/b/c"}
+	layerEntriesAUFS := []string{"./", ".wh..wh.aufs", ".wh..wh.orph/", ".wh..wh.plnk/", "opt/", "opt/a/", "opt/a/b/", "opt/a/b/c"}
+
+	name := "save-directory-permissions"
+	tmpDir, err := ioutil.TempDir("", "save-layers-with-directories")
+	c.Assert(err, checker.IsNil, check.Commentf("failed to create temporary directory: %s", err))
+	extractionDirectory := filepath.Join(tmpDir, "image-extraction-dir")
+	os.Mkdir(extractionDirectory, 0777)
+
+	defer os.RemoveAll(tmpDir)
+	_, err = buildImage(name,
+		`FROM busybox
+	RUN adduser -D user && mkdir -p /opt/a/b && chown -R user:user /opt/a
+	RUN touch /opt/a/b/c && chown user:user /opt/a/b/c`,
+		true)
+	c.Assert(err, checker.IsNil, check.Commentf("%v", err))
+
+	out, _, err := runCommandPipelineWithOutput(
+		exec.Command(dockerBinary, "save", name),
+		exec.Command("tar", "-xf", "-", "-C", extractionDirectory),
+	)
+	c.Assert(err, checker.IsNil, check.Commentf("failed to save and extract image: %s", out))
+
+	dirs, err := ioutil.ReadDir(extractionDirectory)
+	c.Assert(err, checker.IsNil, check.Commentf("failed to get a listing of the layer directories: %s", err))
+
+	found := false
+	for _, entry := range dirs {
+		var entriesSansDev []string
+		if entry.IsDir() {
+			layerPath := filepath.Join(extractionDirectory, entry.Name(), "layer.tar")
+
+			f, err := os.Open(layerPath)
+			c.Assert(err, checker.IsNil, check.Commentf("failed to open %s: %s", layerPath, err))
+
+			entries, err := listTar(f)
+			for _, e := range entries {
+				if !strings.Contains(e, "dev/") {
+					entriesSansDev = append(entriesSansDev, e)
+				}
+			}
+			c.Assert(err, checker.IsNil, check.Commentf("encountered error while listing tar entries: %s", err))
+
+			if reflect.DeepEqual(entriesSansDev, layerEntries) || reflect.DeepEqual(entriesSansDev, layerEntriesAUFS) {
+				found = true
+				break
+			}
+		}
+	}
+
+	c.Assert(found, checker.Equals, true, check.Commentf("failed to find the layer with the right content listing"))
+
+}
+
+// Test loading a weird image where one of the layers is of zero size.
+// The layer.tar file is actually zero bytes, no padding or anything else.
+// See issue: 18170
+func (s *DockerSuite) TestLoadZeroSizeLayer(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	dockerCmd(c, "load", "-i", "fixtures/load/emptyLayer.tar")
+}
+
+func (s *DockerSuite) TestSaveLoadParents(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	makeImage := func(from string, addfile string) string {
+		var (
+			out string
+		)
+		out, _ = dockerCmd(c, "run", "-d", from, "touch", addfile)
+		cleanedContainerID := strings.TrimSpace(out)
+
+		out, _ = dockerCmd(c, "commit", cleanedContainerID)
+		imageID := strings.TrimSpace(out)
+
+		dockerCmd(c, "rm", cleanedContainerID)
+		return imageID
+	}
+
+	idFoo := makeImage("busybox", "foo")
+	idBar := makeImage(idFoo, "bar")
+
+	tmpDir, err := ioutil.TempDir("", "save-load-parents")
+	c.Assert(err, checker.IsNil)
+	defer os.RemoveAll(tmpDir)
+
+	c.Log("tmpdir", tmpDir)
+
+	outfile := filepath.Join(tmpDir, "out.tar")
+
+	dockerCmd(c, "save", "-o", outfile, idBar, idFoo)
+	dockerCmd(c, "rmi", idBar)
+	dockerCmd(c, "load", "-i", outfile)
+
+	inspectOut := inspectField(c, idBar, "Parent")
+	c.Assert(inspectOut, checker.Equals, idFoo)
+
+	inspectOut = inspectField(c, idFoo, "Parent")
+	c.Assert(inspectOut, checker.Equals, "")
+}
diff --git a/integration-cli/docker_cli_save_load_unix_test.go b/integration-cli/docker_cli_save_load_unix_test.go
new file mode 100644
index 00000000..d9dd95f1
--- /dev/null
+++ b/integration-cli/docker_cli_save_load_unix_test.go
@@ -0,0 +1,87 @@
+// +build !windows
+
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+	"github.com/kr/pty"
+)
+
+// save a repo and try to load it using stdout
+func (s *DockerSuite) TestSaveAndLoadRepoStdout(c *check.C) {
+	name := "test-save-and-load-repo-stdout"
+	dockerCmd(c, "run", "--name", name, "busybox", "true")
+
+	repoName := "foobar-save-load-test"
+	before, _ := dockerCmd(c, "commit", name, repoName)
+	before = strings.TrimRight(before, "\n")
+
+	tmpFile, err := ioutil.TempFile("", "foobar-save-load-test.tar")
+	c.Assert(err, check.IsNil)
+	defer os.Remove(tmpFile.Name())
+
+	saveCmd := exec.Command(dockerBinary, "save", repoName)
+	saveCmd.Stdout = tmpFile
+
+	_, err = runCommand(saveCmd)
+	c.Assert(err, check.IsNil)
+
+	tmpFile, err = os.Open(tmpFile.Name())
+	c.Assert(err, check.IsNil)
+
+	deleteImages(repoName)
+
+	loadCmd := exec.Command(dockerBinary, "load")
+	loadCmd.Stdin = tmpFile
+
+	out, _, err := runCommandWithOutput(loadCmd)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+
+	after := inspectField(c, repoName, "Id")
+	after = strings.TrimRight(after, "\n")
+
+	c.Assert(after, check.Equals, before) //inspect is not the same after a save / load
+
+	deleteImages(repoName)
+
+	pty, tty, err := pty.Open()
+	c.Assert(err, check.IsNil)
+	cmd := exec.Command(dockerBinary, "save", repoName)
+	cmd.Stdin = tty
+	cmd.Stdout = tty
+	cmd.Stderr = tty
+	c.Assert(cmd.Start(), check.IsNil)
+	c.Assert(cmd.Wait(), check.NotNil) //did not break writing to a TTY
+
+	buf := make([]byte, 1024)
+
+	n, err := pty.Read(buf)
+	c.Assert(err, check.IsNil) //could not read tty output
+	c.Assert(string(buf[:n]), checker.Contains, "Cowardly refusing", check.Commentf("help output is not being yielded", out))
+}
+
+func (s *DockerSuite) TestSaveAndLoadWithProgressBar(c *check.C) {
+	name := "test-load"
+	_, err := buildImage(name, `
+	FROM busybox
+	RUN touch aa
+	`, true)
+	c.Assert(err, check.IsNil)
+
+	tmptar := name + ".tar"
+	dockerCmd(c, "save", "-o", tmptar, name)
+	defer os.Remove(tmptar)
+
+	dockerCmd(c, "rmi", name)
+	dockerCmd(c, "tag", "busybox", name)
+	out, _ := dockerCmd(c, "load", "-i", tmptar)
+	expected := fmt.Sprintf("The image %s:latest already exists, renaming the old one with ID", name)
+	c.Assert(out, checker.Contains, expected)
+}
diff --git a/integration-cli/docker_cli_search_test.go b/integration-cli/docker_cli_search_test.go
new file mode 100644
index 00000000..dfab8104
--- /dev/null
+++ b/integration-cli/docker_cli_search_test.go
@@ -0,0 +1,55 @@
+package main
+
+import (
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+// search for repos named  "registry" on the central registry
+func (s *DockerSuite) TestSearchOnCentralRegistry(c *check.C) {
+	testRequires(c, Network, DaemonIsLinux)
+
+	out, _ := dockerCmd(c, "search", "busybox")
+	c.Assert(out, checker.Contains, "Busybox base image.", check.Commentf("couldn't find any repository named (or containing) 'Busybox base image.'"))
+}
+
+func (s *DockerSuite) TestSearchStarsOptionWithWrongParameter(c *check.C) {
+	out, _, err := dockerCmdWithError("search", "--stars=a", "busybox")
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, "invalid value", check.Commentf("couldn't find the invalid value warning"))
+
+	out, _, err = dockerCmdWithError("search", "-s=-1", "busybox")
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, "invalid value", check.Commentf("couldn't find the invalid value warning"))
+}
+
+func (s *DockerSuite) TestSearchCmdOptions(c *check.C) {
+	testRequires(c, Network)
+
+	out, _ := dockerCmd(c, "search", "--help")
+	c.Assert(out, checker.Contains, "Usage:\tdocker search [OPTIONS] TERM")
+
+	outSearchCmd, _ := dockerCmd(c, "search", "busybox")
+	outSearchCmdNotrunc, _ := dockerCmd(c, "search", "--no-trunc=true", "busybox")
+	c.Assert(len(outSearchCmd) > len(outSearchCmdNotrunc), check.Equals, false, check.Commentf("The no-trunc option can't take effect."))
+
+	outSearchCmdautomated, _ := dockerCmd(c, "search", "--automated=true", "busybox") //The busybox is a busybox base image, not an AUTOMATED image.
+	outSearchCmdautomatedSlice := strings.Split(outSearchCmdautomated, "\n")
+	for i := range outSearchCmdautomatedSlice {
+		c.Assert(strings.HasPrefix(outSearchCmdautomatedSlice[i], "busybox "), check.Equals, false, check.Commentf("The busybox is not an AUTOMATED image: %s", out))
+	}
+
+	outSearchCmdStars, _ := dockerCmd(c, "search", "-s=2", "busybox")
+	c.Assert(strings.Count(outSearchCmdStars, "[OK]") > strings.Count(outSearchCmd, "[OK]"), check.Equals, false, check.Commentf("The quantity of images with stars should be less than that of all images: %s", outSearchCmdStars))
+
+	dockerCmd(c, "search", "--stars=2", "--automated=true", "--no-trunc=true", "busybox")
+}
+
+// search for repos which start with "ubuntu-" on the central registry
+func (s *DockerSuite) TestSearchOnCentralRegistryWithDash(c *check.C) {
+	testRequires(c, Network, DaemonIsLinux)
+
+	dockerCmd(c, "search", "ubuntu-")
+}
diff --git a/integration-cli/docker_cli_sni_test.go b/integration-cli/docker_cli_sni_test.go
new file mode 100644
index 00000000..fb896d52
--- /dev/null
+++ b/integration-cli/docker_cli_sni_test.go
@@ -0,0 +1,44 @@
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"log"
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"os/exec"
+	"strings"
+
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestClientSetsTLSServerName(c *check.C) {
+	c.Skip("Flakey test")
+	// there may be more than one hit to the server for each registry request
+	serverNameReceived := []string{}
+	var serverName string
+
+	virtualHostServer := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		serverNameReceived = append(serverNameReceived, r.TLS.ServerName)
+	}))
+	defer virtualHostServer.Close()
+	// discard TLS handshake errors written by default to os.Stderr
+	virtualHostServer.Config.ErrorLog = log.New(ioutil.Discard, "", 0)
+
+	u, err := url.Parse(virtualHostServer.URL)
+	c.Assert(err, check.IsNil)
+	hostPort := u.Host
+	serverName = strings.Split(hostPort, ":")[0]
+
+	repoName := fmt.Sprintf("%v/dockercli/image:latest", hostPort)
+	cmd := exec.Command(dockerBinary, "pull", repoName)
+	cmd.Run()
+
+	// check that the fake server was hit at least once
+	c.Assert(len(serverNameReceived) > 0, check.Equals, true)
+	// check that for each hit the right server name was received
+	for _, item := range serverNameReceived {
+		c.Check(item, check.Equals, serverName)
+	}
+}
diff --git a/integration-cli/docker_cli_start_test.go b/integration-cli/docker_cli_start_test.go
new file mode 100644
index 00000000..43342191
--- /dev/null
+++ b/integration-cli/docker_cli_start_test.go
@@ -0,0 +1,173 @@
+package main
+
+import (
+	"fmt"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+// Regression test for https://github.com/docker/docker/issues/7843
+func (s *DockerSuite) TestStartAttachReturnsOnError(c *check.C) {
+	// Windows does not support link
+	testRequires(c, DaemonIsLinux)
+	dockerCmd(c, "run", "--name", "test", "busybox")
+
+	// Expect this to fail because the above container is stopped, this is what we want
+	out, _, err := dockerCmdWithError("run", "--name", "test2", "--link", "test:test", "busybox")
+	// err shouldn't be nil because container test2 try to link to stopped container
+	c.Assert(err, checker.NotNil, check.Commentf("out: %s", out))
+
+	ch := make(chan error)
+	go func() {
+		// Attempt to start attached to the container that won't start
+		// This should return an error immediately since the container can't be started
+		if _, _, err := dockerCmdWithError("start", "-a", "test2"); err == nil {
+			ch <- fmt.Errorf("Expected error but got none")
+		}
+		close(ch)
+	}()
+
+	select {
+	case err := <-ch:
+		c.Assert(err, check.IsNil)
+	case <-time.After(5 * time.Second):
+		c.Fatalf("Attach did not exit properly")
+	}
+}
+
+// gh#8555: Exit code should be passed through when using start -a
+func (s *DockerSuite) TestStartAttachCorrectExitCode(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _, _ := dockerCmdWithStdoutStderr(c, "run", "-d", "busybox", "sh", "-c", "sleep 2; exit 1")
+	out = strings.TrimSpace(out)
+
+	// make sure the container has exited before trying the "start -a"
+	dockerCmd(c, "wait", out)
+
+	startOut, exitCode, err := dockerCmdWithError("start", "-a", out)
+	// start command should fail
+	c.Assert(err, checker.NotNil, check.Commentf("startOut: %s", startOut))
+	// start -a did not respond with proper exit code
+	c.Assert(exitCode, checker.Equals, 1, check.Commentf("startOut: %s", startOut))
+
+}
+
+func (s *DockerSuite) TestStartAttachSilent(c *check.C) {
+	name := "teststartattachcorrectexitcode"
+	dockerCmd(c, "run", "--name", name, "busybox", "echo", "test")
+
+	// make sure the container has exited before trying the "start -a"
+	dockerCmd(c, "wait", name)
+
+	startOut, _ := dockerCmd(c, "start", "-a", name)
+	// start -a produced unexpected output
+	c.Assert(startOut, checker.Equals, "test\n")
+}
+
+func (s *DockerSuite) TestStartRecordError(c *check.C) {
+	// TODO Windows CI: Requires further porting work. Should be possible.
+	testRequires(c, DaemonIsLinux)
+	// when container runs successfully, we should not have state.Error
+	dockerCmd(c, "run", "-d", "-p", "9999:9999", "--name", "test", "busybox", "top")
+	stateErr := inspectField(c, "test", "State.Error")
+	// Expected to not have state error
+	c.Assert(stateErr, checker.Equals, "")
+
+	// Expect this to fail and records error because of ports conflict
+	out, _, err := dockerCmdWithError("run", "-d", "--name", "test2", "-p", "9999:9999", "busybox", "top")
+	// err shouldn't be nil because docker run will fail
+	c.Assert(err, checker.NotNil, check.Commentf("out: %s", out))
+
+	stateErr = inspectField(c, "test2", "State.Error")
+	c.Assert(stateErr, checker.Contains, "port is already allocated")
+
+	// Expect the conflict to be resolved when we stop the initial container
+	dockerCmd(c, "stop", "test")
+	dockerCmd(c, "start", "test2")
+	stateErr = inspectField(c, "test2", "State.Error")
+	// Expected to not have state error but got one
+	c.Assert(stateErr, checker.Equals, "")
+}
+
+func (s *DockerSuite) TestStartPausedContainer(c *check.C) {
+	// Windows does not support pausing containers
+	testRequires(c, DaemonIsLinux)
+	defer unpauseAllContainers()
+
+	dockerCmd(c, "run", "-d", "--name", "testing", "busybox", "top")
+
+	dockerCmd(c, "pause", "testing")
+
+	out, _, err := dockerCmdWithError("start", "testing")
+	// an error should have been shown that you cannot start paused container
+	c.Assert(err, checker.NotNil, check.Commentf("out: %s", out))
+	// an error should have been shown that you cannot start paused container
+	c.Assert(out, checker.Contains, "Cannot start a paused container, try unpause instead.")
+}
+
+func (s *DockerSuite) TestStartMultipleContainers(c *check.C) {
+	// Windows does not support --link
+	testRequires(c, DaemonIsLinux)
+	// run a container named 'parent' and create two container link to `parent`
+	dockerCmd(c, "run", "-d", "--name", "parent", "busybox", "top")
+
+	for _, container := range []string{"child_first", "child_second"} {
+		dockerCmd(c, "create", "--name", container, "--link", "parent:parent", "busybox", "top")
+	}
+
+	// stop 'parent' container
+	dockerCmd(c, "stop", "parent")
+
+	out := inspectField(c, "parent", "State.Running")
+	// Container should be stopped
+	c.Assert(out, checker.Equals, "false")
+
+	// start all the three containers, container `child_first` start first which should be failed
+	// container 'parent' start second and then start container 'child_second'
+	expOut := "Cannot link to a non running container"
+	expErr := "failed to start containers: [child_first]"
+	out, _, err := dockerCmdWithError("start", "child_first", "parent", "child_second")
+	// err shouldn't be nil because start will fail
+	c.Assert(err, checker.NotNil, check.Commentf("out: %s", out))
+	// output does not correspond to what was expected
+	if !(strings.Contains(out, expOut) || strings.Contains(err.Error(), expErr)) {
+		c.Fatalf("Expected out: %v with err: %v  but got out: %v with err: %v", expOut, expErr, out, err)
+	}
+
+	for container, expected := range map[string]string{"parent": "true", "child_first": "false", "child_second": "true"} {
+		out := inspectField(c, container, "State.Running")
+		// Container running state wrong
+		c.Assert(out, checker.Equals, expected)
+	}
+}
+
+func (s *DockerSuite) TestStartAttachMultipleContainers(c *check.C) {
+	// run  multiple containers to test
+	for _, container := range []string{"test1", "test2", "test3"} {
+		runSleepingContainer(c, "--name", container)
+	}
+
+	// stop all the containers
+	for _, container := range []string{"test1", "test2", "test3"} {
+		dockerCmd(c, "stop", container)
+	}
+
+	// test start and attach multiple containers at once, expected error
+	for _, option := range []string{"-a", "-i", "-ai"} {
+		out, _, err := dockerCmdWithError("start", option, "test1", "test2", "test3")
+		// err shouldn't be nil because start will fail
+		c.Assert(err, checker.NotNil, check.Commentf("out: %s", out))
+		// output does not correspond to what was expected
+		c.Assert(out, checker.Contains, "You cannot start and attach multiple containers at once.")
+	}
+
+	// confirm the state of all the containers be stopped
+	for container, expected := range map[string]string{"test1": "false", "test2": "false", "test3": "false"} {
+		out := inspectField(c, container, "State.Running")
+		// Container running state wrong
+		c.Assert(out, checker.Equals, expected)
+	}
+}
diff --git a/integration-cli/docker_cli_start_volume_driver_unix_test.go b/integration-cli/docker_cli_start_volume_driver_unix_test.go
new file mode 100644
index 00000000..cc5d0b11
--- /dev/null
+++ b/integration-cli/docker_cli_start_volume_driver_unix_test.go
@@ -0,0 +1,443 @@
+// +build !windows
+
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net/http"
+	"net/http/httptest"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/engine-api/types"
+	"github.com/go-check/check"
+)
+
+func init() {
+	check.Suite(&DockerExternalVolumeSuite{
+		ds: &DockerSuite{},
+	})
+}
+
+type eventCounter struct {
+	activations int
+	creations   int
+	removals    int
+	mounts      int
+	unmounts    int
+	paths       int
+	lists       int
+	gets        int
+}
+
+type DockerExternalVolumeSuite struct {
+	server *httptest.Server
+	ds     *DockerSuite
+	d      *Daemon
+	ec     *eventCounter
+}
+
+func (s *DockerExternalVolumeSuite) SetUpTest(c *check.C) {
+	s.d = NewDaemon(c)
+	s.ec = &eventCounter{}
+}
+
+func (s *DockerExternalVolumeSuite) TearDownTest(c *check.C) {
+	s.d.Stop()
+	s.ds.TearDownTest(c)
+}
+
+func (s *DockerExternalVolumeSuite) SetUpSuite(c *check.C) {
+	mux := http.NewServeMux()
+	s.server = httptest.NewServer(mux)
+
+	type pluginRequest struct {
+		Name string
+		Opts map[string]string
+	}
+
+	type pluginResp struct {
+		Mountpoint string `json:",omitempty"`
+		Err        string `json:",omitempty"`
+	}
+
+	type vol struct {
+		Name       string
+		Mountpoint string
+		Ninja      bool // hack used to trigger an null volume return on `Get`
+	}
+	var volList []vol
+
+	read := func(b io.ReadCloser) (pluginRequest, error) {
+		defer b.Close()
+		var pr pluginRequest
+		if err := json.NewDecoder(b).Decode(&pr); err != nil {
+			return pr, err
+		}
+		return pr, nil
+	}
+
+	send := func(w http.ResponseWriter, data interface{}) {
+		switch t := data.(type) {
+		case error:
+			http.Error(w, t.Error(), 500)
+		case string:
+			w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+			fmt.Fprintln(w, t)
+		default:
+			w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+			json.NewEncoder(w).Encode(&data)
+		}
+	}
+
+	mux.HandleFunc("/Plugin.Activate", func(w http.ResponseWriter, r *http.Request) {
+		s.ec.activations++
+		send(w, `{"Implements": ["VolumeDriver"]}`)
+	})
+
+	mux.HandleFunc("/VolumeDriver.Create", func(w http.ResponseWriter, r *http.Request) {
+		s.ec.creations++
+		pr, err := read(r.Body)
+		if err != nil {
+			send(w, err)
+			return
+		}
+		_, isNinja := pr.Opts["ninja"]
+		volList = append(volList, vol{Name: pr.Name, Ninja: isNinja})
+		send(w, nil)
+	})
+
+	mux.HandleFunc("/VolumeDriver.List", func(w http.ResponseWriter, r *http.Request) {
+		s.ec.lists++
+		vols := []vol{}
+		for _, v := range volList {
+			if v.Ninja {
+				continue
+			}
+			vols = append(vols, v)
+		}
+		send(w, map[string][]vol{"Volumes": vols})
+	})
+
+	mux.HandleFunc("/VolumeDriver.Get", func(w http.ResponseWriter, r *http.Request) {
+		s.ec.gets++
+		pr, err := read(r.Body)
+		if err != nil {
+			send(w, err)
+			return
+		}
+
+		for _, v := range volList {
+			if v.Name == pr.Name {
+				if v.Ninja {
+					send(w, map[string]vol{})
+					return
+				}
+				v.Mountpoint = hostVolumePath(pr.Name)
+				send(w, map[string]vol{"Volume": v})
+				return
+			}
+		}
+		send(w, `{"Err": "no such volume"}`)
+	})
+
+	mux.HandleFunc("/VolumeDriver.Remove", func(w http.ResponseWriter, r *http.Request) {
+		s.ec.removals++
+		pr, err := read(r.Body)
+		if err != nil {
+			send(w, err)
+			return
+		}
+
+		for i, v := range volList {
+			if v.Name == pr.Name {
+				if err := os.RemoveAll(hostVolumePath(v.Name)); err != nil {
+					send(w, &pluginResp{Err: err.Error()})
+					return
+				}
+				volList = append(volList[:i], volList[i+1:]...)
+				break
+			}
+		}
+		send(w, nil)
+	})
+
+	mux.HandleFunc("/VolumeDriver.Path", func(w http.ResponseWriter, r *http.Request) {
+		s.ec.paths++
+
+		pr, err := read(r.Body)
+		if err != nil {
+			send(w, err)
+			return
+		}
+		p := hostVolumePath(pr.Name)
+		send(w, &pluginResp{Mountpoint: p})
+	})
+
+	mux.HandleFunc("/VolumeDriver.Mount", func(w http.ResponseWriter, r *http.Request) {
+		s.ec.mounts++
+
+		pr, err := read(r.Body)
+		if err != nil {
+			send(w, err)
+			return
+		}
+
+		p := hostVolumePath(pr.Name)
+		if err := os.MkdirAll(p, 0755); err != nil {
+			send(w, &pluginResp{Err: err.Error()})
+			return
+		}
+
+		if err := ioutil.WriteFile(filepath.Join(p, "test"), []byte(s.server.URL), 0644); err != nil {
+			send(w, err)
+			return
+		}
+
+		send(w, &pluginResp{Mountpoint: p})
+	})
+
+	mux.HandleFunc("/VolumeDriver.Unmount", func(w http.ResponseWriter, r *http.Request) {
+		s.ec.unmounts++
+
+		_, err := read(r.Body)
+		if err != nil {
+			send(w, err)
+			return
+		}
+
+		send(w, nil)
+	})
+
+	err := os.MkdirAll("/etc/docker/plugins", 0755)
+	c.Assert(err, checker.IsNil)
+
+	err = ioutil.WriteFile("/etc/docker/plugins/test-external-volume-driver.spec", []byte(s.server.URL), 0644)
+	c.Assert(err, checker.IsNil)
+}
+
+func (s *DockerExternalVolumeSuite) TearDownSuite(c *check.C) {
+	s.server.Close()
+
+	err := os.RemoveAll("/etc/docker/plugins")
+	c.Assert(err, checker.IsNil)
+}
+
+func (s *DockerExternalVolumeSuite) TestExternalVolumeDriverNamed(c *check.C) {
+	err := s.d.StartWithBusybox()
+	c.Assert(err, checker.IsNil)
+
+	out, err := s.d.Cmd("run", "--rm", "--name", "test-data", "-v", "external-volume-test:/tmp/external-volume-test", "--volume-driver", "test-external-volume-driver", "busybox:latest", "cat", "/tmp/external-volume-test/test")
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, s.server.URL)
+
+	_, err = s.d.Cmd("volume", "rm", "external-volume-test")
+	c.Assert(err, checker.IsNil)
+
+	p := hostVolumePath("external-volume-test")
+	_, err = os.Lstat(p)
+	c.Assert(err, checker.NotNil)
+	c.Assert(os.IsNotExist(err), checker.True, check.Commentf("Expected volume path in host to not exist: %s, %v\n", p, err))
+
+	c.Assert(s.ec.activations, checker.Equals, 1)
+	c.Assert(s.ec.creations, checker.Equals, 1)
+	c.Assert(s.ec.removals, checker.Equals, 1)
+	c.Assert(s.ec.mounts, checker.Equals, 1)
+	c.Assert(s.ec.unmounts, checker.Equals, 1)
+}
+
+func (s *DockerExternalVolumeSuite) TestExternalVolumeDriverUnnamed(c *check.C) {
+	err := s.d.StartWithBusybox()
+	c.Assert(err, checker.IsNil)
+
+	out, err := s.d.Cmd("run", "--rm", "--name", "test-data", "-v", "/tmp/external-volume-test", "--volume-driver", "test-external-volume-driver", "busybox:latest", "cat", "/tmp/external-volume-test/test")
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, s.server.URL)
+
+	c.Assert(s.ec.activations, checker.Equals, 1)
+	c.Assert(s.ec.creations, checker.Equals, 1)
+	c.Assert(s.ec.removals, checker.Equals, 1)
+	c.Assert(s.ec.mounts, checker.Equals, 1)
+	c.Assert(s.ec.unmounts, checker.Equals, 1)
+}
+
+func (s *DockerExternalVolumeSuite) TestExternalVolumeDriverVolumesFrom(c *check.C) {
+	err := s.d.StartWithBusybox()
+	c.Assert(err, checker.IsNil)
+
+	out, err := s.d.Cmd("run", "--name", "vol-test1", "-v", "/foo", "--volume-driver", "test-external-volume-driver", "busybox:latest")
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+
+	out, err = s.d.Cmd("run", "--rm", "--volumes-from", "vol-test1", "--name", "vol-test2", "busybox", "ls", "/tmp")
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+
+	out, err = s.d.Cmd("rm", "-fv", "vol-test1")
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+
+	c.Assert(s.ec.activations, checker.Equals, 1)
+	c.Assert(s.ec.creations, checker.Equals, 1)
+	c.Assert(s.ec.removals, checker.Equals, 1)
+	c.Assert(s.ec.mounts, checker.Equals, 2)
+	c.Assert(s.ec.unmounts, checker.Equals, 2)
+}
+
+func (s *DockerExternalVolumeSuite) TestExternalVolumeDriverDeleteContainer(c *check.C) {
+	err := s.d.StartWithBusybox()
+	c.Assert(err, checker.IsNil)
+
+	out, err := s.d.Cmd("run", "--name", "vol-test1", "-v", "/foo", "--volume-driver", "test-external-volume-driver", "busybox:latest")
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+
+	out, err = s.d.Cmd("rm", "-fv", "vol-test1")
+	c.Assert(err, checker.IsNil, check.Commentf(out))
+
+	c.Assert(s.ec.activations, checker.Equals, 1)
+	c.Assert(s.ec.creations, checker.Equals, 1)
+	c.Assert(s.ec.removals, checker.Equals, 1)
+	c.Assert(s.ec.mounts, checker.Equals, 1)
+	c.Assert(s.ec.unmounts, checker.Equals, 1)
+}
+
+func hostVolumePath(name string) string {
+	return fmt.Sprintf("/var/lib/docker/volumes/%s", name)
+}
+
+// Make sure a request to use a down driver doesn't block other requests
+func (s *DockerExternalVolumeSuite) TestExternalVolumeDriverLookupNotBlocked(c *check.C) {
+	specPath := "/etc/docker/plugins/down-driver.spec"
+	err := ioutil.WriteFile(specPath, []byte("tcp://127.0.0.7:9999"), 0644)
+	c.Assert(err, check.IsNil)
+	defer os.RemoveAll(specPath)
+
+	chCmd1 := make(chan struct{})
+	chCmd2 := make(chan error)
+	cmd1 := exec.Command(dockerBinary, "volume", "create", "-d", "down-driver")
+	cmd2 := exec.Command(dockerBinary, "volume", "create")
+
+	c.Assert(cmd1.Start(), checker.IsNil)
+	defer cmd1.Process.Kill()
+	time.Sleep(100 * time.Millisecond) // ensure API has been called
+	c.Assert(cmd2.Start(), checker.IsNil)
+
+	go func() {
+		cmd1.Wait()
+		close(chCmd1)
+	}()
+	go func() {
+		chCmd2 <- cmd2.Wait()
+	}()
+
+	select {
+	case <-chCmd1:
+		cmd2.Process.Kill()
+		c.Fatalf("volume create with down driver finished unexpectedly")
+	case err := <-chCmd2:
+		c.Assert(err, checker.IsNil)
+	case <-time.After(5 * time.Second):
+		cmd2.Process.Kill()
+		c.Fatal("volume creates are blocked by previous create requests when previous driver is down")
+	}
+}
+
+func (s *DockerExternalVolumeSuite) TestExternalVolumeDriverRetryNotImmediatelyExists(c *check.C) {
+	err := s.d.StartWithBusybox()
+	c.Assert(err, checker.IsNil)
+
+	specPath := "/etc/docker/plugins/test-external-volume-driver-retry.spec"
+	os.RemoveAll(specPath)
+	defer os.RemoveAll(specPath)
+
+	errchan := make(chan error)
+	go func() {
+		if out, err := s.d.Cmd("run", "--rm", "--name", "test-data-retry", "-v", "external-volume-test:/tmp/external-volume-test", "--volume-driver", "test-external-volume-driver-retry", "busybox:latest"); err != nil {
+			errchan <- fmt.Errorf("%v:\n%s", err, out)
+		}
+		close(errchan)
+	}()
+	go func() {
+		// wait for a retry to occur, then create spec to allow plugin to register
+		time.Sleep(2000 * time.Millisecond)
+		// no need to check for an error here since it will get picked up by the timeout later
+		ioutil.WriteFile(specPath, []byte(s.server.URL), 0644)
+	}()
+
+	select {
+	case err := <-errchan:
+		c.Assert(err, checker.IsNil)
+	case <-time.After(8 * time.Second):
+		c.Fatal("volume creates fail when plugin not immediately available")
+	}
+
+	_, err = s.d.Cmd("volume", "rm", "external-volume-test")
+	c.Assert(err, checker.IsNil)
+
+	c.Assert(s.ec.activations, checker.Equals, 1)
+	c.Assert(s.ec.creations, checker.Equals, 1)
+	c.Assert(s.ec.removals, checker.Equals, 1)
+	c.Assert(s.ec.mounts, checker.Equals, 1)
+	c.Assert(s.ec.unmounts, checker.Equals, 1)
+}
+
+func (s *DockerExternalVolumeSuite) TestExternalVolumeDriverBindExternalVolume(c *check.C) {
+	dockerCmd(c, "volume", "create", "-d", "test-external-volume-driver", "--name", "foo")
+	dockerCmd(c, "run", "-d", "--name", "testing", "-v", "foo:/bar", "busybox", "top")
+
+	var mounts []struct {
+		Name   string
+		Driver string
+	}
+	out := inspectFieldJSON(c, "testing", "Mounts")
+	c.Assert(json.NewDecoder(strings.NewReader(out)).Decode(&mounts), checker.IsNil)
+	c.Assert(len(mounts), checker.Equals, 1, check.Commentf(out))
+	c.Assert(mounts[0].Name, checker.Equals, "foo")
+	c.Assert(mounts[0].Driver, checker.Equals, "test-external-volume-driver")
+}
+
+func (s *DockerExternalVolumeSuite) TestExternalVolumeDriverList(c *check.C) {
+	dockerCmd(c, "volume", "create", "-d", "test-external-volume-driver", "--name", "abc3")
+	out, _ := dockerCmd(c, "volume", "ls")
+	ls := strings.Split(strings.TrimSpace(out), "\n")
+	c.Assert(len(ls), check.Equals, 2, check.Commentf("\n%s", out))
+
+	vol := strings.Fields(ls[len(ls)-1])
+	c.Assert(len(vol), check.Equals, 2, check.Commentf("%v", vol))
+	c.Assert(vol[0], check.Equals, "test-external-volume-driver")
+	c.Assert(vol[1], check.Equals, "abc3")
+
+	c.Assert(s.ec.lists, check.Equals, 1)
+}
+
+func (s *DockerExternalVolumeSuite) TestExternalVolumeDriverGet(c *check.C) {
+	out, _, err := dockerCmdWithError("volume", "inspect", "dummy")
+	c.Assert(err, check.NotNil, check.Commentf(out))
+	c.Assert(s.ec.gets, check.Equals, 1)
+	c.Assert(out, checker.Contains, "No such volume")
+}
+
+func (s *DockerExternalVolumeSuite) TestExternalVolumeDriverWithDaemnRestart(c *check.C) {
+	dockerCmd(c, "volume", "create", "-d", "test-external-volume-driver", "--name", "abc1")
+	err := s.d.Restart()
+	c.Assert(err, checker.IsNil)
+
+	dockerCmd(c, "run", "--name=test", "-v", "abc1:/foo", "busybox", "true")
+	var mounts []types.MountPoint
+	inspectFieldAndMarshall(c, "test", "Mounts", &mounts)
+	c.Assert(mounts, checker.HasLen, 1)
+	c.Assert(mounts[0].Driver, checker.Equals, "test-external-volume-driver")
+}
+
+// Ensures that the daemon handles when the plugin responds to a `Get` request with a null volume and a null error.
+// Prior the daemon would panic in this scenario.
+func (s *DockerExternalVolumeSuite) TestExternalVolumeDriverGetEmptyResponse(c *check.C) {
+	dockerCmd(c, "volume", "create", "-d", "test-external-volume-driver", "--name", "abc2", "--opt", "ninja=1")
+	out, _, err := dockerCmdWithError("volume", "inspect", "abc2")
+	c.Assert(err, checker.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, "No such volume")
+}
diff --git a/integration-cli/docker_cli_stats_test.go b/integration-cli/docker_cli_stats_test.go
new file mode 100644
index 00000000..e3c7a3e2
--- /dev/null
+++ b/integration-cli/docker_cli_stats_test.go
@@ -0,0 +1,162 @@
+package main
+
+import (
+	"bufio"
+	"os/exec"
+	"regexp"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestStatsNoStream(c *check.C) {
+	// Windows does not support stats
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "top")
+	id := strings.TrimSpace(out)
+	c.Assert(waitRun(id), checker.IsNil)
+
+	statsCmd := exec.Command(dockerBinary, "stats", "--no-stream", id)
+	type output struct {
+		out []byte
+		err error
+	}
+
+	ch := make(chan output)
+	go func() {
+		out, err := statsCmd.Output()
+		ch <- output{out, err}
+	}()
+
+	select {
+	case outerr := <-ch:
+		c.Assert(outerr.err, checker.IsNil, check.Commentf("Error running stats: %v", outerr.err))
+		c.Assert(string(outerr.out), checker.Contains, id) //running container wasn't present in output
+	case <-time.After(3 * time.Second):
+		statsCmd.Process.Kill()
+		c.Fatalf("stats did not return immediately when not streaming")
+	}
+}
+
+func (s *DockerSuite) TestStatsContainerNotFound(c *check.C) {
+	// Windows does not support stats
+	testRequires(c, DaemonIsLinux)
+
+	out, _, err := dockerCmdWithError("stats", "notfound")
+	c.Assert(err, checker.NotNil)
+	c.Assert(out, checker.Contains, "No such container: notfound", check.Commentf("Expected to fail on not found container stats, got %q instead", out))
+
+	out, _, err = dockerCmdWithError("stats", "--no-stream", "notfound")
+	c.Assert(err, checker.NotNil)
+	c.Assert(out, checker.Contains, "No such container: notfound", check.Commentf("Expected to fail on not found container stats with --no-stream, got %q instead", out))
+}
+
+func (s *DockerSuite) TestStatsAllRunningNoStream(c *check.C) {
+	// Windows does not support stats
+	testRequires(c, DaemonIsLinux)
+
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "top")
+	id1 := strings.TrimSpace(out)[:12]
+	c.Assert(waitRun(id1), check.IsNil)
+	out, _ = dockerCmd(c, "run", "-d", "busybox", "top")
+	id2 := strings.TrimSpace(out)[:12]
+	c.Assert(waitRun(id2), check.IsNil)
+	out, _ = dockerCmd(c, "run", "-d", "busybox", "top")
+	id3 := strings.TrimSpace(out)[:12]
+	c.Assert(waitRun(id3), check.IsNil)
+	dockerCmd(c, "stop", id3)
+
+	out, _ = dockerCmd(c, "stats", "--no-stream")
+	if !strings.Contains(out, id1) || !strings.Contains(out, id2) {
+		c.Fatalf("Expected stats output to contain both %s and %s, got %s", id1, id2, out)
+	}
+	if strings.Contains(out, id3) {
+		c.Fatalf("Did not expect %s in stats, got %s", id3, out)
+	}
+
+	// check output contains real data, but not all zeros
+	reg, _ := regexp.Compile("[1-9]+")
+	// split output with "\n", outLines[1] is id2's output
+	// outLines[2] is id1's output
+	outLines := strings.Split(out, "\n")
+	// check stat result of id2 contains real data
+	realData := reg.Find([]byte(outLines[1][12:]))
+	c.Assert(realData, checker.NotNil, check.Commentf("stat result are empty: %s", out))
+	// check stat result of id1 contains real data
+	realData = reg.Find([]byte(outLines[2][12:]))
+	c.Assert(realData, checker.NotNil, check.Commentf("stat result are empty: %s", out))
+}
+
+func (s *DockerSuite) TestStatsAllNoStream(c *check.C) {
+	// Windows does not support stats
+	testRequires(c, DaemonIsLinux)
+
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "top")
+	id1 := strings.TrimSpace(out)[:12]
+	c.Assert(waitRun(id1), check.IsNil)
+	dockerCmd(c, "stop", id1)
+	out, _ = dockerCmd(c, "run", "-d", "busybox", "top")
+	id2 := strings.TrimSpace(out)[:12]
+	c.Assert(waitRun(id2), check.IsNil)
+
+	out, _ = dockerCmd(c, "stats", "--all", "--no-stream")
+	if !strings.Contains(out, id1) || !strings.Contains(out, id2) {
+		c.Fatalf("Expected stats output to contain both %s and %s, got %s", id1, id2, out)
+	}
+
+	// check output contains real data, but not all zeros
+	reg, _ := regexp.Compile("[1-9]+")
+	// split output with "\n", outLines[1] is id2's output
+	outLines := strings.Split(out, "\n")
+	// check stat result of id2 contains real data
+	realData := reg.Find([]byte(outLines[1][12:]))
+	c.Assert(realData, checker.NotNil, check.Commentf("stat result of %s is empty: %s", id2, out))
+	// check stat result of id1 contains all zero
+	realData = reg.Find([]byte(outLines[2][12:]))
+	c.Assert(realData, checker.IsNil, check.Commentf("stat result of %s should be empty : %s", id1, out))
+}
+
+func (s *DockerSuite) TestStatsAllNewContainersAdded(c *check.C) {
+	// Windows does not support stats
+	// TODO: remove SameHostDaemon
+	//	The reason it was added is because, there seems to be some race that makes this test fail
+	//	for remote daemons (namely in the win2lin CI). We highly welcome contributions to fix this.
+	testRequires(c, DaemonIsLinux, SameHostDaemon)
+
+	id := make(chan string)
+	addedChan := make(chan struct{})
+
+	runSleepingContainer(c, "-d")
+	statsCmd := exec.Command(dockerBinary, "stats")
+	stdout, err := statsCmd.StdoutPipe()
+	c.Assert(err, check.IsNil)
+	c.Assert(statsCmd.Start(), check.IsNil)
+	defer statsCmd.Process.Kill()
+
+	go func() {
+		containerID := <-id
+		matchID := regexp.MustCompile(containerID)
+
+		scanner := bufio.NewScanner(stdout)
+		for scanner.Scan() {
+			switch {
+			case matchID.MatchString(scanner.Text()):
+				close(addedChan)
+				return
+			}
+		}
+	}()
+
+	out, _ := runSleepingContainer(c, "-d")
+	c.Assert(waitRun(strings.TrimSpace(out)), check.IsNil)
+	id <- strings.TrimSpace(out)[:12]
+
+	select {
+	case <-time.After(30 * time.Second):
+		c.Fatal("failed to observe new container created added to stats")
+	case <-addedChan:
+		// ignore, done
+	}
+}
diff --git a/integration-cli/docker_cli_tag_test.go b/integration-cli/docker_cli_tag_test.go
new file mode 100644
index 00000000..1e601527
--- /dev/null
+++ b/integration-cli/docker_cli_tag_test.go
@@ -0,0 +1,251 @@
+package main
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/docker/pkg/stringutils"
+	"github.com/go-check/check"
+)
+
+// tagging a named image in a new unprefixed repo should work
+func (s *DockerSuite) TestTagUnprefixedRepoByName(c *check.C) {
+	// Don't attempt to pull on Windows as not in hub. It's installed
+	// as an image through .ensure-frozen-images-windows
+	if daemonPlatform != "windows" {
+		if err := pullImageIfNotExist("busybox:latest"); err != nil {
+			c.Fatal("couldn't find the busybox:latest image locally and failed to pull it")
+		}
+	}
+
+	dockerCmd(c, "tag", "busybox:latest", "testfoobarbaz")
+}
+
+// tagging an image by ID in a new unprefixed repo should work
+func (s *DockerSuite) TestTagUnprefixedRepoByID(c *check.C) {
+	imageID := inspectField(c, "busybox", "Id")
+	dockerCmd(c, "tag", imageID, "testfoobarbaz")
+}
+
+// ensure we don't allow the use of invalid repository names; these tag operations should fail
+func (s *DockerSuite) TestTagInvalidUnprefixedRepo(c *check.C) {
+	invalidRepos := []string{"fo$z$", "Foo@3cc", "Foo$3", "Foo*3", "Fo^3", "Foo!3", "F)xcz(", "fo%asd", "FOO/bar"}
+
+	for _, repo := range invalidRepos {
+		out, _, err := dockerCmdWithError("tag", "busybox", repo)
+		c.Assert(err, checker.NotNil, check.Commentf("tag busybox %v should have failed : %v", repo, out))
+	}
+}
+
+// ensure we don't allow the use of invalid tags; these tag operations should fail
+func (s *DockerSuite) TestTagInvalidPrefixedRepo(c *check.C) {
+	longTag := stringutils.GenerateRandomAlphaOnlyString(121)
+
+	invalidTags := []string{"repo:fo$z$", "repo:Foo@3cc", "repo:Foo$3", "repo:Foo*3", "repo:Fo^3", "repo:Foo!3", "repo:%goodbye", "repo:#hashtagit", "repo:F)xcz(", "repo:-foo", "repo:..", longTag}
+
+	for _, repotag := range invalidTags {
+		out, _, err := dockerCmdWithError("tag", "busybox", repotag)
+		c.Assert(err, checker.NotNil, check.Commentf("tag busybox %v should have failed : %v", repotag, out))
+	}
+}
+
+// ensure we allow the use of valid tags
+func (s *DockerSuite) TestTagValidPrefixedRepo(c *check.C) {
+	// Don't attempt to pull on Windows as not in hub. It's installed
+	// as an image through .ensure-frozen-images-windows
+	if daemonPlatform != "windows" {
+		if err := pullImageIfNotExist("busybox:latest"); err != nil {
+			c.Fatal("couldn't find the busybox:latest image locally and failed to pull it")
+		}
+	}
+
+	validRepos := []string{"fooo/bar", "fooaa/test", "foooo:t", "HOSTNAME.DOMAIN.COM:443/foo/bar"}
+
+	for _, repo := range validRepos {
+		_, _, err := dockerCmdWithError("tag", "busybox:latest", repo)
+		if err != nil {
+			c.Errorf("tag busybox %v should have worked: %s", repo, err)
+			continue
+		}
+		deleteImages(repo)
+	}
+}
+
+// tag an image with an existed tag name without -f option should work
+func (s *DockerSuite) TestTagExistedNameWithoutForce(c *check.C) {
+	// Don't attempt to pull on Windows as not in hub. It's installed
+	// as an image through .ensure-frozen-images-windows
+	if daemonPlatform != "windows" {
+		if err := pullImageIfNotExist("busybox:latest"); err != nil {
+			c.Fatal("couldn't find the busybox:latest image locally and failed to pull it")
+		}
+	}
+
+	dockerCmd(c, "tag", "busybox:latest", "busybox:test")
+}
+
+// tag an image with an existed tag name with -f option should work
+func (s *DockerSuite) TestTagExistedNameWithForce(c *check.C) {
+	// Don't attempt to pull on Windows as not in hub. It's installed
+	// as an image through .ensure-frozen-images-windows
+	if daemonPlatform != "windows" {
+		if err := pullImageIfNotExist("busybox:latest"); err != nil {
+			c.Fatal("couldn't find the busybox:latest image locally and failed to pull it")
+		}
+	}
+	dockerCmd(c, "tag", "busybox:latest", "busybox:test")
+	dockerCmd(c, "tag", "-f", "busybox:latest", "busybox:test")
+}
+
+func (s *DockerSuite) TestTagWithPrefixHyphen(c *check.C) {
+	// TODO Windows CI. This fails on TP4 docker, but has since been fixed.
+	// Enable these tests for TP5.
+	testRequires(c, DaemonIsLinux)
+	// Don't attempt to pull on Windows as not in hub. It's installed
+	// as an image through .ensure-frozen-images-windows
+	if daemonPlatform != "windows" {
+		if err := pullImageIfNotExist("busybox:latest"); err != nil {
+			c.Fatal("couldn't find the busybox:latest image locally and failed to pull it")
+		}
+	}
+	// test repository name begin with '-'
+	out, _, err := dockerCmdWithError("tag", "busybox:latest", "-busybox:test")
+	c.Assert(err, checker.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, "Error parsing reference", check.Commentf("tag a name begin with '-' should failed"))
+
+	// test namespace name begin with '-'
+	out, _, err = dockerCmdWithError("tag", "busybox:latest", "-test/busybox:test")
+	c.Assert(err, checker.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, "Error parsing reference", check.Commentf("tag a name begin with '-' should failed"))
+
+	// test index name begin with '-'
+	out, _, err = dockerCmdWithError("tag", "busybox:latest", "-index:5000/busybox:test")
+	c.Assert(err, checker.NotNil, check.Commentf(out))
+	c.Assert(out, checker.Contains, "Error parsing reference", check.Commentf("tag a name begin with '-' should failed"))
+}
+
+// ensure tagging using official names works
+// ensure all tags result in the same name
+func (s *DockerSuite) TestTagOfficialNames(c *check.C) {
+	// TODO Windows CI. This fails on TP4 docker, but has since been fixed.
+	// Enable these tests for TP5.
+	testRequires(c, DaemonIsLinux)
+	names := []string{
+		"docker.io/busybox",
+		"index.docker.io/busybox",
+		"library/busybox",
+		"docker.io/library/busybox",
+		"index.docker.io/library/busybox",
+	}
+
+	for _, name := range names {
+		out, exitCode, err := dockerCmdWithError("tag", "busybox:latest", name+":latest")
+		if err != nil || exitCode != 0 {
+			c.Errorf("tag busybox %v should have worked: %s, %s", name, err, out)
+			continue
+		}
+
+		// ensure we don't have multiple tag names.
+		out, _, err = dockerCmdWithError("images")
+		if err != nil {
+			c.Errorf("listing images failed with errors: %v, %s", err, out)
+		} else if strings.Contains(out, name) {
+			c.Errorf("images should not have listed '%s'", name)
+			deleteImages(name + ":latest")
+		}
+	}
+
+	for _, name := range names {
+		_, exitCode, err := dockerCmdWithError("tag", name+":latest", "fooo/bar:latest")
+		if err != nil || exitCode != 0 {
+			c.Errorf("tag %v fooo/bar should have worked: %s", name, err)
+			continue
+		}
+		deleteImages("fooo/bar:latest")
+	}
+}
+
+// ensure tags can not match digests
+func (s *DockerSuite) TestTagMatchesDigest(c *check.C) {
+	// TODO Windows CI. This can be enabled for TP5, but will fail on TP4.
+	// This is due to the content addressibility changes which are not
+	// in the TP4 version of Docker.
+	testRequires(c, DaemonIsLinux)
+	// Don't attempt to pull on Windows as not in hub. It's installed
+	// as an image through .ensure-frozen-images-windows
+	if daemonPlatform != "windows" {
+		if err := pullImageIfNotExist("busybox:latest"); err != nil {
+			c.Fatal("couldn't find the busybox:latest image locally and failed to pull it")
+		}
+	}
+	digest := "busybox@sha256:abcdef76720241213f5303bda7704ec4c2ef75613173910a56fb1b6e20251507"
+	// test setting tag fails
+	_, _, err := dockerCmdWithError("tag", "busybox:latest", digest)
+	if err == nil {
+		c.Fatal("digest tag a name should have failed")
+	}
+	// check that no new image matches the digest
+	_, _, err = dockerCmdWithError("inspect", digest)
+	if err == nil {
+		c.Fatal("inspecting by digest should have failed")
+	}
+}
+
+func (s *DockerSuite) TestTagInvalidRepoName(c *check.C) {
+	// TODO Windows CI. This can be enabled for TP5, but will fail on the
+	// TP4 version of docker.
+	testRequires(c, DaemonIsLinux)
+	// Don't attempt to pull on Windows as not in hub. It's installed
+	// as an image through .ensure-frozen-images-windows
+	if daemonPlatform != "windows" {
+		if err := pullImageIfNotExist("busybox:latest"); err != nil {
+			c.Fatal("couldn't find the busybox:latest image locally and failed to pull it")
+		}
+	}
+
+	// test setting tag fails
+	_, _, err := dockerCmdWithError("tag", "busybox:latest", "sha256:sometag")
+	if err == nil {
+		c.Fatal("tagging with image named \"sha256\" should have failed")
+	}
+}
+
+// ensure tags cannot create ambiguity with image ids
+func (s *DockerSuite) TestTagTruncationAmbiguity(c *check.C) {
+	//testRequires(c, DaemonIsLinux)
+	// Don't attempt to pull on Windows as not in hub. It's installed
+	// as an image through .ensure-frozen-images-windows
+	if daemonPlatform != "windows" {
+		if err := pullImageIfNotExist("busybox:latest"); err != nil {
+			c.Fatal("couldn't find the busybox:latest image locally and failed to pull it")
+		}
+	}
+	imageID, err := buildImage("notbusybox:latest",
+		`FROM busybox
+		MAINTAINER dockerio`,
+		true)
+	if err != nil {
+		c.Fatal(err)
+	}
+	truncatedImageID := stringid.TruncateID(imageID)
+	truncatedTag := fmt.Sprintf("notbusybox:%s", truncatedImageID)
+
+	id := inspectField(c, truncatedTag, "Id")
+
+	// Ensure inspect by image id returns image for image id
+	c.Assert(id, checker.Equals, imageID)
+	c.Logf("Built image: %s", imageID)
+
+	// test setting tag fails
+	_, _, err = dockerCmdWithError("tag", "busybox:latest", truncatedTag)
+	if err != nil {
+		c.Fatalf("Error tagging with an image id: %s", err)
+	}
+
+	id = inspectField(c, truncatedTag, "Id")
+
+	// Ensure id is imageID and not busybox:latest
+	c.Assert(id, checker.Not(checker.Equals), imageID)
+}
diff --git a/integration-cli/docker_cli_top_test.go b/integration-cli/docker_cli_top_test.go
new file mode 100644
index 00000000..e0865b92
--- /dev/null
+++ b/integration-cli/docker_cli_top_test.go
@@ -0,0 +1,43 @@
+package main
+
+import (
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestTopMultipleArgs(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-i", "-d", "busybox", "top")
+	cleanedContainerID := strings.TrimSpace(out)
+
+	out, _ = dockerCmd(c, "top", cleanedContainerID, "-o", "pid")
+	c.Assert(out, checker.Contains, "PID", check.Commentf("did not see PID after top -o pid: %s", out))
+}
+
+func (s *DockerSuite) TestTopNonPrivileged(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-i", "-d", "busybox", "top")
+	cleanedContainerID := strings.TrimSpace(out)
+
+	out1, _ := dockerCmd(c, "top", cleanedContainerID)
+	out2, _ := dockerCmd(c, "top", cleanedContainerID)
+	dockerCmd(c, "kill", cleanedContainerID)
+
+	c.Assert(out1, checker.Contains, "top", check.Commentf("top should've listed `top` in the process list, but failed the first time"))
+	c.Assert(out2, checker.Contains, "top", check.Commentf("top should've listed `top` in the process list, but failed the second time"))
+}
+
+func (s *DockerSuite) TestTopPrivileged(c *check.C) {
+	testRequires(c, DaemonIsLinux, NotUserNamespace)
+	out, _ := dockerCmd(c, "run", "--privileged", "-i", "-d", "busybox", "top")
+	cleanedContainerID := strings.TrimSpace(out)
+
+	out1, _ := dockerCmd(c, "top", cleanedContainerID)
+	out2, _ := dockerCmd(c, "top", cleanedContainerID)
+	dockerCmd(c, "kill", cleanedContainerID)
+
+	c.Assert(out1, checker.Contains, "top", check.Commentf("top should've listed `top` in the process list, but failed the first time"))
+	c.Assert(out2, checker.Contains, "top", check.Commentf("top should've listed `top` in the process list, but failed the second time"))
+}
diff --git a/integration-cli/docker_cli_update_test.go b/integration-cli/docker_cli_update_test.go
new file mode 100644
index 00000000..188030ff
--- /dev/null
+++ b/integration-cli/docker_cli_update_test.go
@@ -0,0 +1,31 @@
+package main
+
+import (
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestUpdateRestartPolicy(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "--restart=on-failure:3", "busybox", "sh", "-c", "sleep 1 && false")
+	timeout := 60 * time.Second
+	if daemonPlatform == "windows" {
+		timeout = 180 * time.Second
+	}
+
+	id := strings.TrimSpace(string(out))
+
+	// update restart policy to on-failure:5
+	dockerCmd(c, "update", "--restart=on-failure:5", id)
+
+	err := waitExited(id, timeout)
+	c.Assert(err, checker.IsNil)
+
+	count := inspectField(c, id, "RestartCount")
+	c.Assert(count, checker.Equals, "5")
+
+	maximumRetryCount := inspectField(c, id, "HostConfig.RestartPolicy.MaximumRetryCount")
+	c.Assert(maximumRetryCount, checker.Equals, "5")
+}
diff --git a/integration-cli/docker_cli_update_unix_test.go b/integration-cli/docker_cli_update_unix_test.go
new file mode 100644
index 00000000..c40ad3ee
--- /dev/null
+++ b/integration-cli/docker_cli_update_unix_test.go
@@ -0,0 +1,212 @@
+// +build !windows
+
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/engine-api/types"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestUpdateRunningContainer(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, memoryLimitSupport)
+
+	name := "test-update-container"
+	dockerCmd(c, "run", "-d", "--name", name, "-m", "300M", "busybox", "top")
+	dockerCmd(c, "update", "-m", "500M", name)
+
+	c.Assert(inspectField(c, name, "HostConfig.Memory"), checker.Equals, "524288000")
+
+	file := "/sys/fs/cgroup/memory/memory.limit_in_bytes"
+	out, _ := dockerCmd(c, "exec", name, "cat", file)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "524288000")
+}
+
+func (s *DockerSuite) TestUpdateRunningContainerWithRestart(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, memoryLimitSupport)
+
+	name := "test-update-container"
+	dockerCmd(c, "run", "-d", "--name", name, "-m", "300M", "busybox", "top")
+	dockerCmd(c, "update", "-m", "500M", name)
+	dockerCmd(c, "restart", name)
+
+	c.Assert(inspectField(c, name, "HostConfig.Memory"), checker.Equals, "524288000")
+
+	file := "/sys/fs/cgroup/memory/memory.limit_in_bytes"
+	out, _ := dockerCmd(c, "exec", name, "cat", file)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "524288000")
+}
+
+func (s *DockerSuite) TestUpdateStoppedContainer(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, memoryLimitSupport)
+
+	name := "test-update-container"
+	file := "/sys/fs/cgroup/memory/memory.limit_in_bytes"
+	dockerCmd(c, "run", "--name", name, "-m", "300M", "busybox", "cat", file)
+	dockerCmd(c, "update", "-m", "500M", name)
+
+	c.Assert(inspectField(c, name, "HostConfig.Memory"), checker.Equals, "524288000")
+
+	out, _ := dockerCmd(c, "start", "-a", name)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "524288000")
+}
+
+func (s *DockerSuite) TestUpdatePausedContainer(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, cpuShare)
+
+	name := "test-update-container"
+	dockerCmd(c, "run", "-d", "--name", name, "--cpu-shares", "1000", "busybox", "top")
+	dockerCmd(c, "pause", name)
+	dockerCmd(c, "update", "--cpu-shares", "500", name)
+
+	c.Assert(inspectField(c, name, "HostConfig.CPUShares"), checker.Equals, "500")
+
+	dockerCmd(c, "unpause", name)
+	file := "/sys/fs/cgroup/cpu/cpu.shares"
+	out, _ := dockerCmd(c, "exec", name, "cat", file)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "500")
+}
+
+func (s *DockerSuite) TestUpdateWithUntouchedFields(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, memoryLimitSupport)
+	testRequires(c, cpuShare)
+
+	name := "test-update-container"
+	dockerCmd(c, "run", "-d", "--name", name, "-m", "300M", "--cpu-shares", "800", "busybox", "top")
+	dockerCmd(c, "update", "-m", "500M", name)
+
+	// Update memory and not touch cpus, `cpuset.cpus` should still have the old value
+	out := inspectField(c, name, "HostConfig.CPUShares")
+	c.Assert(out, check.Equals, "800")
+
+	file := "/sys/fs/cgroup/cpu/cpu.shares"
+	out, _ = dockerCmd(c, "exec", name, "cat", file)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "800")
+}
+
+func (s *DockerSuite) TestUpdateContainerInvalidValue(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, memoryLimitSupport)
+
+	name := "test-update-container"
+	dockerCmd(c, "run", "-d", "--name", name, "-m", "300M", "busybox", "true")
+	out, _, err := dockerCmdWithError("update", "-m", "2M", name)
+	c.Assert(err, check.NotNil)
+	expected := "Minimum memory limit allowed is 4MB"
+	c.Assert(out, checker.Contains, expected)
+}
+
+func (s *DockerSuite) TestUpdateContainerWithoutFlags(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, memoryLimitSupport)
+
+	name := "test-update-container"
+	dockerCmd(c, "run", "-d", "--name", name, "-m", "300M", "busybox", "true")
+	_, _, err := dockerCmdWithError("update", name)
+	c.Assert(err, check.NotNil)
+}
+
+func (s *DockerSuite) TestUpdateKernelMemory(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, kernelMemorySupport)
+
+	name := "test-update-container"
+	dockerCmd(c, "run", "-d", "--name", name, "--kernel-memory", "50M", "busybox", "top")
+	_, _, err := dockerCmdWithError("update", "--kernel-memory", "100M", name)
+	// Update kernel memory to a running container is not allowed.
+	c.Assert(err, check.NotNil)
+
+	// Update kernel memory to a running container with failure should not change HostConfig
+	c.Assert(inspectField(c, name, "HostConfig.KernelMemory"), checker.Equals, "52428800")
+
+	dockerCmd(c, "stop", name)
+	dockerCmd(c, "update", "--kernel-memory", "100M", name)
+	dockerCmd(c, "start", name)
+
+	c.Assert(inspectField(c, name, "HostConfig.KernelMemory"), checker.Equals, "104857600")
+
+	file := "/sys/fs/cgroup/memory/memory.kmem.limit_in_bytes"
+	out, _ := dockerCmd(c, "exec", name, "cat", file)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "104857600")
+}
+
+func (s *DockerSuite) TestUpdateSwapMemoryOnly(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, memoryLimitSupport)
+	testRequires(c, swapMemorySupport)
+
+	name := "test-update-container"
+	dockerCmd(c, "run", "-d", "--name", name, "--memory", "300M", "--memory-swap", "500M", "busybox", "top")
+	dockerCmd(c, "update", "--memory-swap", "600M", name)
+
+	c.Assert(inspectField(c, name, "HostConfig.MemorySwap"), checker.Equals, "629145600")
+
+	file := "/sys/fs/cgroup/memory/memory.memsw.limit_in_bytes"
+	out, _ := dockerCmd(c, "exec", name, "cat", file)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "629145600")
+}
+
+func (s *DockerSuite) TestUpdateInvalidSwapMemory(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, memoryLimitSupport)
+	testRequires(c, swapMemorySupport)
+
+	name := "test-update-container"
+	dockerCmd(c, "run", "-d", "--name", name, "--memory", "300M", "--memory-swap", "500M", "busybox", "top")
+	_, _, err := dockerCmdWithError("update", "--memory-swap", "200M", name)
+	// Update invalid swap memory should fail.
+	// This will pass docker config validation, but failed at kernel validation
+	c.Assert(err, check.NotNil)
+
+	// Update invalid swap memory with failure should not change HostConfig
+	c.Assert(inspectField(c, name, "HostConfig.Memory"), checker.Equals, "314572800")
+	c.Assert(inspectField(c, name, "HostConfig.MemorySwap"), checker.Equals, "524288000")
+
+	dockerCmd(c, "update", "--memory-swap", "600M", name)
+
+	c.Assert(inspectField(c, name, "HostConfig.MemorySwap"), checker.Equals, "629145600")
+
+	file := "/sys/fs/cgroup/memory/memory.memsw.limit_in_bytes"
+	out, _ := dockerCmd(c, "exec", name, "cat", file)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "629145600")
+}
+
+func (s *DockerSuite) TestUpdateStats(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testRequires(c, memoryLimitSupport)
+	testRequires(c, cpuCfsQuota)
+	name := "foo"
+	dockerCmd(c, "run", "-d", "-ti", "--name", name, "-m", "500m", "busybox")
+
+	c.Assert(waitRun(name), checker.IsNil)
+
+	getMemLimit := func(id string) uint64 {
+		resp, body, err := sockRequestRaw("GET", fmt.Sprintf("/containers/%s/stats?stream=false", id), nil, "")
+		c.Assert(err, checker.IsNil)
+		c.Assert(resp.Header.Get("Content-Type"), checker.Equals, "application/json")
+
+		var v *types.Stats
+		err = json.NewDecoder(body).Decode(&v)
+		c.Assert(err, checker.IsNil)
+		body.Close()
+
+		return v.MemoryStats.Limit
+	}
+	preMemLimit := getMemLimit(name)
+
+	dockerCmd(c, "update", "--cpu-quota", "2000", name)
+
+	curMemLimit := getMemLimit(name)
+
+	c.Assert(preMemLimit, checker.Equals, curMemLimit)
+
+}
diff --git a/integration-cli/docker_cli_userns_test.go b/integration-cli/docker_cli_userns_test.go
new file mode 100644
index 00000000..f8b3f77b
--- /dev/null
+++ b/integration-cli/docker_cli_userns_test.go
@@ -0,0 +1,86 @@
+// +build !windows
+
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"strconv"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/system"
+	"github.com/go-check/check"
+)
+
+// user namespaces test: run daemon with remapped root setting
+// 1. validate uid/gid maps are set properly
+// 2. verify that files created are owned by remapped root
+func (s *DockerDaemonSuite) TestDaemonUserNamespaceRootSetting(c *check.C) {
+	testRequires(c, DaemonIsLinux, SameHostDaemon, UserNamespaceInKernel)
+
+	c.Assert(s.d.StartWithBusybox("--userns-remap", "default"), checker.IsNil)
+
+	tmpDir, err := ioutil.TempDir("", "userns")
+	c.Assert(err, checker.IsNil)
+
+	defer os.RemoveAll(tmpDir)
+
+	// we need to find the uid and gid of the remapped root from the daemon's root dir info
+	uidgid := strings.Split(filepath.Base(s.d.root), ".")
+	c.Assert(uidgid, checker.HasLen, 2, check.Commentf("Should have gotten uid/gid strings from root dirname: %s", filepath.Base(s.d.root)))
+	uid, err := strconv.Atoi(uidgid[0])
+	c.Assert(err, checker.IsNil, check.Commentf("Can't parse uid"))
+	gid, err := strconv.Atoi(uidgid[1])
+	c.Assert(err, checker.IsNil, check.Commentf("Can't parse gid"))
+
+	// writable by the remapped root UID/GID pair
+	c.Assert(os.Chown(tmpDir, uid, gid), checker.IsNil)
+
+	out, err := s.d.Cmd("run", "-d", "--name", "userns", "-v", tmpDir+":/goofy", "busybox", "sh", "-c", "touch /goofy/testfile; top")
+	c.Assert(err, checker.IsNil, check.Commentf("Output: %s", out))
+	user := s.findUser(c, "userns")
+	c.Assert(uidgid[0], checker.Equals, user)
+
+	pid, err := s.d.Cmd("inspect", "--format='{{.State.Pid}}'", "userns")
+	c.Assert(err, checker.IsNil, check.Commentf("Could not inspect running container: out: %q", pid))
+	// check the uid and gid maps for the PID to ensure root is remapped
+	// (cmd = cat /proc/<pid>/uid_map | grep -E '0\s+9999\s+1')
+	out, rc1, err := runCommandPipelineWithOutput(
+		exec.Command("cat", "/proc/"+strings.TrimSpace(pid)+"/uid_map"),
+		exec.Command("grep", "-E", fmt.Sprintf("0[[:space:]]+%d[[:space:]]+", uid)))
+	c.Assert(rc1, checker.Equals, 0, check.Commentf("Didn't match uid_map: output: %s", out))
+
+	out, rc2, err := runCommandPipelineWithOutput(
+		exec.Command("cat", "/proc/"+strings.TrimSpace(pid)+"/gid_map"),
+		exec.Command("grep", "-E", fmt.Sprintf("0[[:space:]]+%d[[:space:]]+", gid)))
+	c.Assert(rc2, checker.Equals, 0, check.Commentf("Didn't match gid_map: output: %s", out))
+
+	// check that the touched file is owned by remapped uid:gid
+	stat, err := system.Stat(filepath.Join(tmpDir, "testfile"))
+	c.Assert(err, checker.IsNil)
+	c.Assert(stat.UID(), checker.Equals, uint32(uid), check.Commentf("Touched file not owned by remapped root UID"))
+	c.Assert(stat.GID(), checker.Equals, uint32(gid), check.Commentf("Touched file not owned by remapped root GID"))
+
+	// use host usernamespace
+	out, err = s.d.Cmd("run", "-d", "--name", "userns_skip", "--userns", "host", "busybox", "sh", "-c", "touch /goofy/testfile; top")
+	c.Assert(err, checker.IsNil, check.Commentf("Output: %s", out))
+	user = s.findUser(c, "userns_skip")
+	// userns are skipped, user is root
+	c.Assert(user, checker.Equals, "root")
+}
+
+// findUser finds the uid or name of the user of the first process that runs in a container
+func (s *DockerDaemonSuite) findUser(c *check.C, container string) string {
+	out, err := s.d.Cmd("top", container)
+	c.Assert(err, checker.IsNil, check.Commentf("Output: %s", out))
+	rows := strings.Split(out, "\n")
+	if len(rows) < 2 {
+		// No process rows founds
+		c.FailNow()
+	}
+	return strings.Fields(rows[1])[0]
+}
diff --git a/integration-cli/docker_cli_v2_only_test.go b/integration-cli/docker_cli_v2_only_test.go
new file mode 100644
index 00000000..889936a0
--- /dev/null
+++ b/integration-cli/docker_cli_v2_only_test.go
@@ -0,0 +1,125 @@
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"os"
+
+	"github.com/go-check/check"
+)
+
+func makefile(contents string) (string, func(), error) {
+	cleanup := func() {
+
+	}
+
+	f, err := ioutil.TempFile(".", "tmp")
+	if err != nil {
+		return "", cleanup, err
+	}
+	err = ioutil.WriteFile(f.Name(), []byte(contents), os.ModePerm)
+	if err != nil {
+		return "", cleanup, err
+	}
+
+	cleanup = func() {
+		err := os.Remove(f.Name())
+		if err != nil {
+			fmt.Println("Error removing tmpfile")
+		}
+	}
+	return f.Name(), cleanup, nil
+
+}
+
+// TestV2Only ensures that a daemon in v2-only mode does not
+// attempt to contact any v1 registry endpoints.
+func (s *DockerRegistrySuite) TestV2Only(c *check.C) {
+	reg, err := newTestRegistry(c)
+	c.Assert(err, check.IsNil)
+
+	reg.registerHandler("/v2/", func(w http.ResponseWriter, r *http.Request) {
+		w.WriteHeader(404)
+	})
+
+	reg.registerHandler("/v1/.*", func(w http.ResponseWriter, r *http.Request) {
+		c.Fatal("V1 registry contacted")
+	})
+
+	repoName := fmt.Sprintf("%s/busybox", reg.hostport)
+
+	err = s.d.Start("--insecure-registry", reg.hostport, "--disable-legacy-registry=true")
+	c.Assert(err, check.IsNil)
+
+	dockerfileName, cleanup, err := makefile(fmt.Sprintf("FROM %s/busybox", reg.hostport))
+	c.Assert(err, check.IsNil, check.Commentf("Unable to create test dockerfile"))
+	defer cleanup()
+
+	s.d.Cmd("build", "--file", dockerfileName, ".")
+
+	s.d.Cmd("run", repoName)
+	s.d.Cmd("login", "-u", "richard", "-p", "testtest", "-e", "testuser@testdomain.com", reg.hostport)
+	s.d.Cmd("tag", "busybox", repoName)
+	s.d.Cmd("push", repoName)
+	s.d.Cmd("pull", repoName)
+}
+
+// TestV1 starts a daemon in 'normal' mode
+// and ensure v1 endpoints are hit for the following operations:
+// login, push, pull, build & run
+func (s *DockerRegistrySuite) TestV1(c *check.C) {
+	reg, err := newTestRegistry(c)
+	c.Assert(err, check.IsNil)
+
+	v2Pings := 0
+	reg.registerHandler("/v2/", func(w http.ResponseWriter, r *http.Request) {
+		v2Pings++
+		// V2 ping 404 causes fallback to v1
+		w.WriteHeader(404)
+	})
+
+	v1Pings := 0
+	reg.registerHandler("/v1/_ping", func(w http.ResponseWriter, r *http.Request) {
+		v1Pings++
+	})
+
+	v1Logins := 0
+	reg.registerHandler("/v1/users/", func(w http.ResponseWriter, r *http.Request) {
+		v1Logins++
+	})
+
+	v1Repo := 0
+	reg.registerHandler("/v1/repositories/busybox/", func(w http.ResponseWriter, r *http.Request) {
+		v1Repo++
+	})
+
+	reg.registerHandler("/v1/repositories/busybox/images", func(w http.ResponseWriter, r *http.Request) {
+		v1Repo++
+	})
+
+	err = s.d.Start("--insecure-registry", reg.hostport, "--disable-legacy-registry=false")
+	c.Assert(err, check.IsNil)
+
+	dockerfileName, cleanup, err := makefile(fmt.Sprintf("FROM %s/busybox", reg.hostport))
+	c.Assert(err, check.IsNil, check.Commentf("Unable to create test dockerfile"))
+	defer cleanup()
+
+	s.d.Cmd("build", "--file", dockerfileName, ".")
+	c.Assert(v1Repo, check.Equals, 1, check.Commentf("Expected v1 repository access after build"))
+
+	repoName := fmt.Sprintf("%s/busybox", reg.hostport)
+	s.d.Cmd("run", repoName)
+	c.Assert(v1Repo, check.Equals, 2, check.Commentf("Expected v1 repository access after run"))
+
+	s.d.Cmd("login", "-u", "richard", "-p", "testtest", reg.hostport)
+	c.Assert(v1Logins, check.Equals, 1, check.Commentf("Expected v1 login attempt"))
+
+	s.d.Cmd("tag", "busybox", repoName)
+	s.d.Cmd("push", repoName)
+
+	c.Assert(v1Repo, check.Equals, 2)
+
+	s.d.Cmd("pull", repoName)
+	c.Assert(v1Repo, check.Equals, 3, check.Commentf("Expected v1 repository access after pull"))
+}
diff --git a/integration-cli/docker_cli_version_test.go b/integration-cli/docker_cli_version_test.go
new file mode 100644
index 00000000..7672beb7
--- /dev/null
+++ b/integration-cli/docker_cli_version_test.go
@@ -0,0 +1,58 @@
+package main
+
+import (
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+// ensure docker version works
+func (s *DockerSuite) TestVersionEnsureSucceeds(c *check.C) {
+	out, _ := dockerCmd(c, "version")
+	stringsToCheck := map[string]int{
+		"Client:":       1,
+		"Server:":       1,
+		" Version:":     2,
+		" API version:": 2,
+		" Go version:":  2,
+		" Git commit:":  2,
+		" OS/Arch:":     2,
+		" Built:":       2,
+	}
+
+	for k, v := range stringsToCheck {
+		c.Assert(strings.Count(out, k), checker.Equals, v, check.Commentf("The count of %v in %s does not match excepted", k, out))
+	}
+}
+
+// ensure the Windows daemon return the correct platform string
+func (s *DockerSuite) TestVersionPlatform_w(c *check.C) {
+	testRequires(c, DaemonIsWindows)
+	testVersionPlatform(c, "windows/amd64")
+}
+
+// ensure the Linux daemon return the correct platform string
+func (s *DockerSuite) TestVersionPlatform_l(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	testVersionPlatform(c, "linux")
+}
+
+func testVersionPlatform(c *check.C, platform string) {
+	out, _ := dockerCmd(c, "version")
+	expected := "OS/Arch:      " + platform
+
+	split := strings.Split(out, "\n")
+	c.Assert(len(split) >= 14, checker.Equals, true, check.Commentf("got %d lines from version", len(split)))
+
+	// Verify the second 'OS/Arch' matches the platform. Experimental has
+	// more lines of output than 'regular'
+	bFound := false
+	for i := 14; i < len(split); i++ {
+		if strings.Contains(split[i], expected) {
+			bFound = true
+			break
+		}
+	}
+	c.Assert(bFound, checker.Equals, true, check.Commentf("Could not find server '%s' in '%s'", expected, out))
+}
diff --git a/integration-cli/docker_cli_volume_test.go b/integration-cli/docker_cli_volume_test.go
new file mode 100644
index 00000000..a10316f6
--- /dev/null
+++ b/integration-cli/docker_cli_volume_test.go
@@ -0,0 +1,283 @@
+package main
+
+import (
+	"os/exec"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func (s *DockerSuite) TestVolumeCliCreate(c *check.C) {
+	dockerCmd(c, "volume", "create")
+
+	_, err := runCommand(exec.Command(dockerBinary, "volume", "create", "-d", "nosuchdriver"))
+	c.Assert(err, check.Not(check.IsNil))
+
+	out, _ := dockerCmd(c, "volume", "create", "--name=test")
+	name := strings.TrimSpace(out)
+	c.Assert(name, check.Equals, "test")
+}
+
+func (s *DockerSuite) TestVolumeCliCreateOptionConflict(c *check.C) {
+	dockerCmd(c, "volume", "create", "--name=test")
+	out, _, err := dockerCmdWithError("volume", "create", "--name", "test", "--driver", "nosuchdriver")
+	c.Assert(err, check.NotNil, check.Commentf("volume create exception name already in use with another driver"))
+	c.Assert(out, checker.Contains, "A volume named test already exists")
+
+	out, _ = dockerCmd(c, "volume", "inspect", "--format='{{ .Driver }}'", "test")
+	_, _, err = dockerCmdWithError("volume", "create", "--name", "test", "--driver", strings.TrimSpace(out))
+	c.Assert(err, check.IsNil)
+}
+
+func (s *DockerSuite) TestVolumeCliInspect(c *check.C) {
+	c.Assert(
+		exec.Command(dockerBinary, "volume", "inspect", "doesntexist").Run(),
+		check.Not(check.IsNil),
+		check.Commentf("volume inspect should error on non-existent volume"),
+	)
+
+	out, _ := dockerCmd(c, "volume", "create")
+	name := strings.TrimSpace(out)
+	out, _ = dockerCmd(c, "volume", "inspect", "--format='{{ .Name }}'", name)
+	c.Assert(strings.TrimSpace(out), check.Equals, name)
+
+	dockerCmd(c, "volume", "create", "--name", "test")
+	out, _ = dockerCmd(c, "volume", "inspect", "--format='{{ .Name }}'", "test")
+	c.Assert(strings.TrimSpace(out), check.Equals, "test")
+}
+
+func (s *DockerSuite) TestVolumeCliInspectMulti(c *check.C) {
+	dockerCmd(c, "volume", "create", "--name", "test1")
+	dockerCmd(c, "volume", "create", "--name", "test2")
+	dockerCmd(c, "volume", "create", "--name", "not-shown")
+
+	out, _, err := dockerCmdWithError("volume", "inspect", "--format='{{ .Name }}'", "test1", "test2", "doesntexist", "not-shown")
+	c.Assert(err, checker.NotNil)
+	outArr := strings.Split(strings.TrimSpace(out), "\n")
+	c.Assert(len(outArr), check.Equals, 3, check.Commentf("\n%s", out))
+
+	c.Assert(out, checker.Contains, "test1")
+	c.Assert(out, checker.Contains, "test2")
+	c.Assert(out, checker.Contains, "Error: No such volume: doesntexist")
+	c.Assert(out, checker.Not(checker.Contains), "not-shown")
+}
+
+func (s *DockerSuite) TestVolumeCliLs(c *check.C) {
+	prefix, _ := getPrefixAndSlashFromDaemonPlatform()
+	out, _ := dockerCmd(c, "volume", "create", "--name", "aaa")
+
+	dockerCmd(c, "volume", "create", "--name", "test")
+
+	dockerCmd(c, "volume", "create", "--name", "soo")
+	dockerCmd(c, "run", "-v", "soo:"+prefix+"/foo", "busybox", "ls", "/")
+
+	out, _ = dockerCmd(c, "volume", "ls")
+	outArr := strings.Split(strings.TrimSpace(out), "\n")
+	c.Assert(len(outArr), check.Equals, 4, check.Commentf("\n%s", out))
+
+	assertVolList(c, out, []string{"aaa", "soo", "test"})
+}
+
+// assertVolList checks volume retrieved with ls command
+// equals to expected volume list
+// note: out should be `volume ls [option]` result
+func assertVolList(c *check.C, out string, expectVols []string) {
+	lines := strings.Split(out, "\n")
+	var volList []string
+	for _, line := range lines[1 : len(lines)-1] {
+		volFields := strings.Fields(line)
+		// wrap all volume name in volList
+		volList = append(volList, volFields[1])
+	}
+
+	// volume ls should contains all expected volumes
+	c.Assert(volList, checker.DeepEquals, expectVols)
+}
+
+func (s *DockerSuite) TestVolumeCliLsFilterDangling(c *check.C) {
+	prefix, _ := getPrefixAndSlashFromDaemonPlatform()
+	dockerCmd(c, "volume", "create", "--name", "testnotinuse1")
+	dockerCmd(c, "volume", "create", "--name", "testisinuse1")
+	dockerCmd(c, "volume", "create", "--name", "testisinuse2")
+
+	// Make sure both "created" (but not started), and started
+	// containers are included in reference counting
+	dockerCmd(c, "run", "--name", "volume-test1", "-v", "testisinuse1:"+prefix+"/foo", "busybox", "true")
+	dockerCmd(c, "create", "--name", "volume-test2", "-v", "testisinuse2:"+prefix+"/foo", "busybox", "true")
+
+	out, _ := dockerCmd(c, "volume", "ls")
+
+	// No filter, all volumes should show
+	c.Assert(out, checker.Contains, "testnotinuse1\n", check.Commentf("expected volume 'testnotinuse1' in output"))
+	c.Assert(out, checker.Contains, "testisinuse1\n", check.Commentf("expected volume 'testisinuse1' in output"))
+	c.Assert(out, checker.Contains, "testisinuse2\n", check.Commentf("expected volume 'testisinuse2' in output"))
+
+	out, _ = dockerCmd(c, "volume", "ls", "--filter", "dangling=false")
+
+	// Explicitly disabling dangling
+	c.Assert(out, check.Not(checker.Contains), "testnotinuse1\n", check.Commentf("expected volume 'testnotinuse1' in output"))
+	c.Assert(out, checker.Contains, "testisinuse1\n", check.Commentf("expected volume 'testisinuse1' in output"))
+	c.Assert(out, checker.Contains, "testisinuse2\n", check.Commentf("expected volume 'testisinuse2' in output"))
+
+	out, _ = dockerCmd(c, "volume", "ls", "--filter", "dangling=true")
+
+	// Filter "dangling" volumes; only "dangling" (unused) volumes should be in the output
+	c.Assert(out, checker.Contains, "testnotinuse1\n", check.Commentf("expected volume 'testnotinuse1' in output"))
+	c.Assert(out, check.Not(checker.Contains), "testisinuse1\n", check.Commentf("volume 'testisinuse1' in output, but not expected"))
+	c.Assert(out, check.Not(checker.Contains), "testisinuse2\n", check.Commentf("volume 'testisinuse2' in output, but not expected"))
+
+	out, _ = dockerCmd(c, "volume", "ls", "--filter", "dangling=1")
+	// Filter "dangling" volumes; only "dangling" (unused) volumes should be in the output, dangling also accept 1
+	c.Assert(out, checker.Contains, "testnotinuse1\n", check.Commentf("expected volume 'testnotinuse1' in output"))
+	c.Assert(out, check.Not(checker.Contains), "testisinuse1\n", check.Commentf("volume 'testisinuse1' in output, but not expected"))
+	c.Assert(out, check.Not(checker.Contains), "testisinuse2\n", check.Commentf("volume 'testisinuse2' in output, but not expected"))
+
+	out, _ = dockerCmd(c, "volume", "ls", "--filter", "dangling=0")
+	// dangling=0 is same as dangling=false case
+	c.Assert(out, check.Not(checker.Contains), "testnotinuse1\n", check.Commentf("expected volume 'testnotinuse1' in output"))
+	c.Assert(out, checker.Contains, "testisinuse1\n", check.Commentf("expected volume 'testisinuse1' in output"))
+	c.Assert(out, checker.Contains, "testisinuse2\n", check.Commentf("expected volume 'testisinuse2' in output"))
+}
+
+func (s *DockerSuite) TestVolumeCliLsErrorWithInvalidFilterName(c *check.C) {
+	out, _, err := dockerCmdWithError("volume", "ls", "-f", "FOO=123")
+	c.Assert(err, checker.NotNil)
+	c.Assert(out, checker.Contains, "Invalid filter")
+}
+
+func (s *DockerSuite) TestVolumeCliLsWithIncorrectFilterValue(c *check.C) {
+	out, _, err := dockerCmdWithError("volume", "ls", "-f", "dangling=invalid")
+	c.Assert(err, check.NotNil)
+	c.Assert(out, checker.Contains, "Invalid filter")
+}
+
+func (s *DockerSuite) TestVolumeCliRm(c *check.C) {
+	prefix, _ := getPrefixAndSlashFromDaemonPlatform()
+	out, _ := dockerCmd(c, "volume", "create")
+	id := strings.TrimSpace(out)
+
+	dockerCmd(c, "volume", "create", "--name", "test")
+	dockerCmd(c, "volume", "rm", id)
+	dockerCmd(c, "volume", "rm", "test")
+
+	out, _ = dockerCmd(c, "volume", "ls")
+	outArr := strings.Split(strings.TrimSpace(out), "\n")
+	c.Assert(len(outArr), check.Equals, 1, check.Commentf("%s\n", out))
+
+	volumeID := "testing"
+	dockerCmd(c, "run", "-v", volumeID+":"+prefix+"/foo", "--name=test", "busybox", "sh", "-c", "echo hello > /foo/bar")
+	out, _, err := runCommandWithOutput(exec.Command(dockerBinary, "volume", "rm", "testing"))
+	c.Assert(
+		err,
+		check.Not(check.IsNil),
+		check.Commentf("Should not be able to remove volume that is in use by a container\n%s", out))
+
+	out, _ = dockerCmd(c, "run", "--volumes-from=test", "--name=test2", "busybox", "sh", "-c", "cat /foo/bar")
+	c.Assert(strings.TrimSpace(out), check.Equals, "hello")
+	dockerCmd(c, "rm", "-fv", "test2")
+	dockerCmd(c, "volume", "inspect", volumeID)
+	dockerCmd(c, "rm", "-f", "test")
+
+	out, _ = dockerCmd(c, "run", "--name=test2", "-v", volumeID+":"+prefix+"/foo", "busybox", "sh", "-c", "cat /foo/bar")
+	c.Assert(strings.TrimSpace(out), check.Equals, "hello", check.Commentf("volume data was removed"))
+	dockerCmd(c, "rm", "test2")
+
+	dockerCmd(c, "volume", "rm", volumeID)
+	c.Assert(
+		exec.Command("volume", "rm", "doesntexist").Run(),
+		check.Not(check.IsNil),
+		check.Commentf("volume rm should fail with non-existent volume"),
+	)
+}
+
+func (s *DockerSuite) TestVolumeCliNoArgs(c *check.C) {
+	out, _ := dockerCmd(c, "volume")
+	// no args should produce the cmd usage output
+	usage := "Usage:	docker volume [OPTIONS] [COMMAND]"
+	c.Assert(out, checker.Contains, usage)
+
+	// invalid arg should error and show the command usage on stderr
+	_, stderr, _, err := runCommandWithStdoutStderr(exec.Command(dockerBinary, "volume", "somearg"))
+	c.Assert(err, check.NotNil, check.Commentf(stderr))
+	c.Assert(stderr, checker.Contains, usage)
+
+	// invalid flag should error and show the flag error and cmd usage
+	_, stderr, _, err = runCommandWithStdoutStderr(exec.Command(dockerBinary, "volume", "--no-such-flag"))
+	c.Assert(err, check.NotNil, check.Commentf(stderr))
+	c.Assert(stderr, checker.Contains, usage)
+	c.Assert(stderr, checker.Contains, "flag provided but not defined: --no-such-flag")
+}
+
+func (s *DockerSuite) TestVolumeCliInspectTmplError(c *check.C) {
+	out, _ := dockerCmd(c, "volume", "create")
+	name := strings.TrimSpace(out)
+
+	out, exitCode, err := dockerCmdWithError("volume", "inspect", "--format='{{ .FooBar }}'", name)
+	c.Assert(err, checker.NotNil, check.Commentf("Output: %s", out))
+	c.Assert(exitCode, checker.Equals, 1, check.Commentf("Output: %s", out))
+	c.Assert(out, checker.Contains, "Template parsing error")
+}
+
+func (s *DockerSuite) TestVolumeCliCreateWithOpts(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+
+	dockerCmd(c, "volume", "create", "-d", "local", "--name", "test", "--opt=type=tmpfs", "--opt=device=tmpfs", "--opt=o=size=1m,uid=1000")
+	out, _ := dockerCmd(c, "run", "-v", "test:/foo", "busybox", "mount")
+
+	mounts := strings.Split(out, "\n")
+	var found bool
+	for _, m := range mounts {
+		if strings.Contains(m, "/foo") {
+			found = true
+			info := strings.Fields(m)
+			// tmpfs on <path> type tmpfs (rw,relatime,size=1024k,uid=1000)
+			c.Assert(info[0], checker.Equals, "tmpfs")
+			c.Assert(info[2], checker.Equals, "/foo")
+			c.Assert(info[4], checker.Equals, "tmpfs")
+			c.Assert(info[5], checker.Contains, "uid=1000")
+			c.Assert(info[5], checker.Contains, "size=1024k")
+		}
+	}
+	c.Assert(found, checker.Equals, true)
+}
+
+func (s *DockerSuite) TestVolumeCliCreateLabel(c *check.C) {
+	testVol := "testvolcreatelabel"
+	testLabel := "foo"
+	testValue := "bar"
+
+	out, _, err := dockerCmdWithError("volume", "create", "--label", testLabel+"="+testValue, "--name", testVol)
+	c.Assert(err, check.IsNil)
+
+	out, _ = dockerCmd(c, "volume", "inspect", "--format='{{ .Labels."+testLabel+" }}'", testVol)
+	c.Assert(strings.TrimSpace(out), check.Equals, testValue)
+}
+
+func (s *DockerSuite) TestVolumeCliCreateLabelMultiple(c *check.C) {
+	testVol := "testvolcreatelabel"
+
+	testLabels := map[string]string{
+		"foo": "bar",
+		"baz": "foo",
+	}
+
+	args := []string{
+		"volume",
+		"create",
+		"--name",
+		testVol,
+	}
+
+	for k, v := range testLabels {
+		args = append(args, "--label", k+"="+v)
+	}
+
+	out, _, err := dockerCmdWithError(args...)
+	c.Assert(err, check.IsNil)
+
+	for k, v := range testLabels {
+		out, _ = dockerCmd(c, "volume", "inspect", "--format='{{ .Labels."+k+" }}'", testVol)
+		c.Assert(strings.TrimSpace(out), check.Equals, v)
+	}
+}
diff --git a/integration-cli/docker_cli_wait_test.go b/integration-cli/docker_cli_wait_test.go
new file mode 100644
index 00000000..29933975
--- /dev/null
+++ b/integration-cli/docker_cli_wait_test.go
@@ -0,0 +1,95 @@
+package main
+
+import (
+	"bytes"
+	"os/exec"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+// non-blocking wait with 0 exit code
+func (s *DockerSuite) TestWaitNonBlockedExitZero(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", "true")
+	containerID := strings.TrimSpace(out)
+
+	err := waitInspect(containerID, "{{.State.Running}}", "false", 30*time.Second)
+	c.Assert(err, checker.IsNil) //Container should have stopped by now
+
+	out, _ = dockerCmd(c, "wait", containerID)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "0", check.Commentf("failed to set up container, %v", out))
+
+}
+
+// blocking wait with 0 exit code
+func (s *DockerSuite) TestWaitBlockedExitZero(c *check.C) {
+	// Windows busybox does not support trap in this way, not sleep with sub-second
+	// granularity. It will always exit 0x40010004.
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "trap 'exit 0' TERM; while true; do usleep 10; done")
+	containerID := strings.TrimSpace(out)
+
+	c.Assert(waitRun(containerID), checker.IsNil)
+
+	chWait := make(chan string)
+	go func() {
+		out, _, _ := runCommandWithOutput(exec.Command(dockerBinary, "wait", containerID))
+		chWait <- out
+	}()
+
+	time.Sleep(100 * time.Millisecond)
+	dockerCmd(c, "stop", containerID)
+
+	select {
+	case status := <-chWait:
+		c.Assert(strings.TrimSpace(status), checker.Equals, "0", check.Commentf("expected exit 0, got %s", status))
+	case <-time.After(2 * time.Second):
+		c.Fatal("timeout waiting for `docker wait` to exit")
+	}
+
+}
+
+// non-blocking wait with random exit code
+func (s *DockerSuite) TestWaitNonBlockedExitRandom(c *check.C) {
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", "exit 99")
+	containerID := strings.TrimSpace(out)
+
+	err := waitInspect(containerID, "{{.State.Running}}", "false", 30*time.Second)
+	c.Assert(err, checker.IsNil) //Container should have stopped by now
+	out, _ = dockerCmd(c, "wait", containerID)
+	c.Assert(strings.TrimSpace(out), checker.Equals, "99", check.Commentf("failed to set up container, %v", out))
+
+}
+
+// blocking wait with random exit code
+func (s *DockerSuite) TestWaitBlockedExitRandom(c *check.C) {
+	// Cannot run on Windows as trap in Windows busybox does not support trap in this way.
+	testRequires(c, DaemonIsLinux)
+	out, _ := dockerCmd(c, "run", "-d", "busybox", "/bin/sh", "-c", "trap 'exit 99' TERM; while true; do usleep 10; done")
+	containerID := strings.TrimSpace(out)
+	c.Assert(waitRun(containerID), checker.IsNil)
+
+	chWait := make(chan error)
+	waitCmd := exec.Command(dockerBinary, "wait", containerID)
+	waitCmdOut := bytes.NewBuffer(nil)
+	waitCmd.Stdout = waitCmdOut
+	c.Assert(waitCmd.Start(), checker.IsNil)
+	go func() {
+		chWait <- waitCmd.Wait()
+	}()
+
+	dockerCmd(c, "stop", containerID)
+
+	select {
+	case err := <-chWait:
+		c.Assert(err, checker.IsNil)
+		status, err := waitCmdOut.ReadString('\n')
+		c.Assert(err, checker.IsNil)
+		c.Assert(strings.TrimSpace(status), checker.Equals, "99", check.Commentf("expected exit 99, got %s", status))
+	case <-time.After(2 * time.Second):
+		waitCmd.Process.Kill()
+		c.Fatal("timeout waiting for `docker wait` to exit")
+	}
+}
diff --git a/integration-cli/docker_experimental_network_test.go b/integration-cli/docker_experimental_network_test.go
new file mode 100644
index 00000000..f33dbd1c
--- /dev/null
+++ b/integration-cli/docker_experimental_network_test.go
@@ -0,0 +1,591 @@
+// +build experimental
+
+package main
+
+import (
+	"os/exec"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/parsers/kernel"
+	"github.com/go-check/check"
+)
+
+var (
+	MacvlanKernelSupport = testRequirement{
+		func() bool {
+			const macvlanKernelVer = 3 // minimum macvlan kernel support
+			const macvlanMajorVer = 9  // minimum macvlan major kernel support
+			kv, err := kernel.GetKernelVersion()
+			if err != nil {
+				return false
+			}
+			// ensure Kernel version is >= v3.9 for macvlan support
+			if kv.Kernel < macvlanKernelVer || (kv.Kernel == macvlanKernelVer && kv.Major < macvlanMajorVer) {
+				return false
+			}
+			return true
+		},
+		"kernel version failed to meet the minimum macvlan kernel requirement of 3.9",
+	}
+	IpvlanKernelSupport = testRequirement{
+		func() bool {
+			const ipvlanKernelVer = 4 // minimum ipvlan kernel support
+			const ipvlanMajorVer = 2  // minimum ipvlan major kernel support
+			kv, err := kernel.GetKernelVersion()
+			if err != nil {
+				return false
+			}
+			// ensure Kernel version is >= v4.2 for ipvlan support
+			if kv.Kernel < ipvlanKernelVer || (kv.Kernel == ipvlanKernelVer && kv.Major < ipvlanMajorVer) {
+				return false
+			}
+			return true
+		},
+		"kernel version failed to meet the minimum ipvlan kernel requirement of 4.0.0",
+	}
+)
+
+func (s *DockerNetworkSuite) TestDockerNetworkMacvlanPersistance(c *check.C) {
+	// verify the driver automatically provisions the 802.1q link (dm-dummy0.60)
+	testRequires(c, DaemonIsLinux, MacvlanKernelSupport, NotUserNamespace, NotArm)
+	// master dummy interface 'dm' abbreviation represents 'docker macvlan'
+	master := "dm-dummy0"
+	// simulate the master link the vlan tagged subinterface parent link will use
+	out, err := createMasterDummy(c, master)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	// create a network specifying the desired sub-interface name
+	dockerCmd(c, "network", "create", "--driver=macvlan", "-o", "parent=dm-dummy0.60", "dm-persist")
+	assertNwIsAvailable(c, "dm-persist")
+	// Restart docker daemon to test the config has persisted to disk
+	s.d.Restart()
+	// verify network is recreated from persistence
+	assertNwIsAvailable(c, "dm-persist")
+	// cleanup the master interface that also collects the slave dev
+	deleteInterface(c, "dm-dummy0")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkIpvlanPersistance(c *check.C) {
+	// verify the driver automatically provisions the 802.1q link (di-dummy0.70)
+	testRequires(c, DaemonIsLinux, IpvlanKernelSupport, NotUserNamespace, NotArm)
+	// master dummy interface 'di' notation represent 'docker ipvlan'
+	master := "di-dummy0"
+	// simulate the master link the vlan tagged subinterface parent link will use
+	out, err := createMasterDummy(c, master)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	// create a network specifying the desired sub-interface name
+	dockerCmd(c, "network", "create", "--driver=ipvlan", "-o", "parent=di-dummy0.70", "di-persist")
+	assertNwIsAvailable(c, "di-persist")
+	// Restart docker daemon to test the config has persisted to disk
+	s.d.Restart()
+	// verify network is recreated from persistence
+	assertNwIsAvailable(c, "di-persist")
+	// cleanup the master interface that also collects the slave dev
+	deleteInterface(c, "di-dummy0")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkMacvlanSubIntCreate(c *check.C) {
+	// verify the driver automatically provisions the 802.1q link (dm-dummy0.50)
+	testRequires(c, DaemonIsLinux, MacvlanKernelSupport, NotUserNamespace, NotArm)
+	// master dummy interface 'dm' abbreviation represents 'docker macvlan'
+	master := "dm-dummy0"
+	// simulate the master link the vlan tagged subinterface parent link will use
+	out, err := createMasterDummy(c, master)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	// create a network specifying the desired sub-interface name
+	dockerCmd(c, "network", "create", "--driver=macvlan", "-o", "parent=dm-dummy0.50", "dm-subinterface")
+	assertNwIsAvailable(c, "dm-subinterface")
+	// cleanup the master interface which also collects the slave dev
+	deleteInterface(c, "dm-dummy0")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkIpvlanSubIntCreate(c *check.C) {
+	// verify the driver automatically provisions the 802.1q link (di-dummy0.50)
+	testRequires(c, DaemonIsLinux, IpvlanKernelSupport, NotUserNamespace, NotArm)
+	// master dummy interface 'dm' abbreviation represents 'docker ipvlan'
+	master := "di-dummy0"
+	// simulate the master link the vlan tagged subinterface parent link will use
+	out, err := createMasterDummy(c, master)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	// create a network specifying the desired sub-interface name
+	dockerCmd(c, "network", "create", "--driver=ipvlan", "-o", "parent=di-dummy0.60", "di-subinterface")
+	assertNwIsAvailable(c, "di-subinterface")
+	// cleanup the master interface which also collects the slave dev
+	deleteInterface(c, "di-dummy0")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkMacvlanOverlapParent(c *check.C) {
+	// verify the same parent interface cannot be used if already in use by an existing network
+	testRequires(c, DaemonIsLinux, MacvlanKernelSupport, NotUserNamespace, NotArm)
+	// master dummy interface 'dm' abbreviation represents 'docker macvlan'
+	master := "dm-dummy0"
+	out, err := createMasterDummy(c, master)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	out, err = createVlanInterface(c, master, "dm-dummy0.40", "40")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	// create a network using an existing parent interface
+	dockerCmd(c, "network", "create", "--driver=macvlan", "-o", "parent=dm-dummy0.40", "dm-subinterface")
+	assertNwIsAvailable(c, "dm-subinterface")
+	// attempt to create another network using the same parent iface that should fail
+	out, _, err = dockerCmdWithError("network", "create", "--driver=macvlan", "-o", "parent=dm-dummy0.40", "dm-parent-net-overlap")
+	// verify that the overlap returns an error
+	c.Assert(err, check.NotNil)
+	// cleanup the master interface which also collects the slave dev
+	deleteInterface(c, "dm-dummy0")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkIpvlanOverlapParent(c *check.C) {
+	// verify the same parent interface cannot be used if already in use by an existing network
+	testRequires(c, DaemonIsLinux, IpvlanKernelSupport, NotUserNamespace, NotArm)
+	// master dummy interface 'dm' abbreviation represents 'docker ipvlan'
+	master := "di-dummy0"
+	out, err := createMasterDummy(c, master)
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	out, err = createVlanInterface(c, master, "di-dummy0.30", "30")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	// create a network using an existing parent interface
+	dockerCmd(c, "network", "create", "--driver=ipvlan", "-o", "parent=di-dummy0.30", "di-subinterface")
+	assertNwIsAvailable(c, "di-subinterface")
+	// attempt to create another network using the same parent iface that should fail
+	out, _, err = dockerCmdWithError("network", "create", "--driver=ipvlan", "-o", "parent=di-dummy0.30", "di-parent-net-overlap")
+	// verify that the overlap returns an error
+	c.Assert(err, check.NotNil)
+	// cleanup the master interface which also collects the slave dev
+	deleteInterface(c, "di-dummy0")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkMacvlanMultiSubnet(c *check.C) {
+	// create a dual stack multi-subnet Macvlan bridge mode network and validate connectivity between four containers, two on each subnet
+	testRequires(c, DaemonIsLinux, IPv6, MacvlanKernelSupport, NotUserNamespace, NotArm)
+	dockerCmd(c, "network", "create", "--driver=macvlan", "--ipv6", "--subnet=172.28.100.0/24", "--subnet=172.28.102.0/24", "--gateway=172.28.102.254",
+		"--subnet=2001:db8:abc2::/64", "--subnet=2001:db8:abc4::/64", "--gateway=2001:db8:abc4::254", "dualstackbridge")
+	// Ensure the network was created
+	assertNwIsAvailable(c, "dualstackbridge")
+	// start dual stack containers and verify the user specified --ip and --ip6 addresses on subnets 172.28.100.0/24 and 2001:db8:abc2::/64
+	dockerCmd(c, "run", "-d", "--net=dualstackbridge", "--name=first", "--ip", "172.28.100.20", "--ip6", "2001:db8:abc2::20", "busybox", "top")
+	dockerCmd(c, "run", "-d", "--net=dualstackbridge", "--name=second", "--ip", "172.28.100.21", "--ip6", "2001:db8:abc2::21", "busybox", "top")
+
+	// Inspect and store the v4 address from specified container on the network dualstackbridge
+	ip := inspectField(c, "first", "NetworkSettings.Networks.dualstackbridge.IPAddress")
+	// Inspect and store the v6 address from specified container on the network dualstackbridge
+	ip6 := inspectField(c, "first", "NetworkSettings.Networks.dualstackbridge.GlobalIPv6Address")
+
+	// verify ipv4 connectivity to the explicit --ipv address second to first
+	_, _, err := dockerCmdWithError("exec", "second", "ping", "-c", "1", strings.TrimSpace(ip))
+	c.Assert(err, check.IsNil)
+	// verify ipv6 connectivity to the explicit --ipv6 address second to first
+	c.Skip("Temporarily skipping while invesitigating sporadic v6 CI issues")
+	_, _, err = dockerCmdWithError("exec", "second", "ping6", "-c", "1", strings.TrimSpace(ip6))
+	c.Assert(err, check.IsNil)
+
+	// start dual stack containers and verify the user specified --ip and --ip6 addresses on subnets 172.28.102.0/24 and 2001:db8:abc4::/64
+	dockerCmd(c, "run", "-d", "--net=dualstackbridge", "--name=third", "--ip", "172.28.102.20", "--ip6", "2001:db8:abc4::20", "busybox", "top")
+	dockerCmd(c, "run", "-d", "--net=dualstackbridge", "--name=fourth", "--ip", "172.28.102.21", "--ip6", "2001:db8:abc4::21", "busybox", "top")
+
+	// Inspect and store the v4 address from specified container on the network dualstackbridge
+	ip = inspectField(c, "third", "NetworkSettings.Networks.dualstackbridge.IPAddress")
+	// Inspect and store the v6 address from specified container on the network dualstackbridge
+	ip6 = inspectField(c, "third", "NetworkSettings.Networks.dualstackbridge.GlobalIPv6Address")
+
+	// verify ipv4 connectivity to the explicit --ipv address from third to fourth
+	_, _, err = dockerCmdWithError("exec", "fourth", "ping", "-c", "1", strings.TrimSpace(ip))
+	c.Assert(err, check.IsNil)
+	// verify ipv6 connectivity to the explicit --ipv6 address from third to fourth
+	_, _, err = dockerCmdWithError("exec", "fourth", "ping6", "-c", "1", strings.TrimSpace(ip6))
+	c.Assert(err, check.IsNil)
+
+	// Inspect the v4 gateway to ensure the proper default GW was assigned
+	ip4gw := inspectField(c, "first", "NetworkSettings.Networks.dualstackbridge.Gateway")
+	c.Assert(strings.TrimSpace(ip4gw), check.Equals, "172.28.100.1")
+	// Inspect the v6 gateway to ensure the proper default GW was assigned
+	ip6gw := inspectField(c, "first", "NetworkSettings.Networks.dualstackbridge.IPv6Gateway")
+	c.Assert(strings.TrimSpace(ip6gw), check.Equals, "2001:db8:abc2::1")
+
+	// Inspect the v4 gateway to ensure the proper explicitly assigned default GW was assigned
+	ip4gw = inspectField(c, "third", "NetworkSettings.Networks.dualstackbridge.Gateway")
+	c.Assert(strings.TrimSpace(ip4gw), check.Equals, "172.28.102.254")
+	// Inspect the v6 gateway to ensure the proper explicitly assigned default GW was assigned
+	ip6gw = inspectField(c, "third", "NetworkSettings.Networks.dualstackbridge.IPv6Gateway")
+	c.Assert(strings.TrimSpace(ip6gw), check.Equals, "2001:db8:abc4::254")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkIpvlanL2MultiSubnet(c *check.C) {
+	// create a dual stack multi-subnet Ipvlan L2 network and validate connectivity within the subnets, two on each subnet
+	testRequires(c, DaemonIsLinux, IPv6, IpvlanKernelSupport, NotUserNamespace, NotArm)
+	dockerCmd(c, "network", "create", "--driver=ipvlan", "--ipv6", "--subnet=172.28.200.0/24", "--subnet=172.28.202.0/24", "--gateway=172.28.202.254",
+		"--subnet=2001:db8:abc8::/64", "--subnet=2001:db8:abc6::/64", "--gateway=2001:db8:abc6::254", "dualstackl2")
+	// Ensure the network was created
+	assertNwIsAvailable(c, "dualstackl2")
+	// start dual stack containers and verify the user specified --ip and --ip6 addresses on subnets 172.28.200.0/24 and 2001:db8:abc8::/64
+	dockerCmd(c, "run", "-d", "--net=dualstackl2", "--name=first", "--ip", "172.28.200.20", "--ip6", "2001:db8:abc8::20", "busybox", "top")
+	dockerCmd(c, "run", "-d", "--net=dualstackl2", "--name=second", "--ip", "172.28.200.21", "--ip6", "2001:db8:abc8::21", "busybox", "top")
+
+	// Inspect and store the v4 address from specified container on the network dualstackl2
+	ip := inspectField(c, "first", "NetworkSettings.Networks.dualstackl2.IPAddress")
+	// Inspect and store the v6 address from specified container on the network dualstackl2
+	ip6 := inspectField(c, "first", "NetworkSettings.Networks.dualstackl2.GlobalIPv6Address")
+
+	// verify ipv4 connectivity to the explicit --ipv address second to first
+	_, _, err := dockerCmdWithError("exec", "second", "ping", "-c", "1", strings.TrimSpace(ip))
+	c.Assert(err, check.IsNil)
+	// verify ipv6 connectivity to the explicit --ipv6 address second to first
+	_, _, err = dockerCmdWithError("exec", "second", "ping6", "-c", "1", strings.TrimSpace(ip6))
+	c.Assert(err, check.IsNil)
+
+	// start dual stack containers and verify the user specified --ip and --ip6 addresses on subnets 172.28.202.0/24 and 2001:db8:abc6::/64
+	dockerCmd(c, "run", "-d", "--net=dualstackl2", "--name=third", "--ip", "172.28.202.20", "--ip6", "2001:db8:abc6::20", "busybox", "top")
+	dockerCmd(c, "run", "-d", "--net=dualstackl2", "--name=fourth", "--ip", "172.28.202.21", "--ip6", "2001:db8:abc6::21", "busybox", "top")
+
+	// Inspect and store the v4 address from specified container on the network dualstackl2
+	ip = inspectField(c, "third", "NetworkSettings.Networks.dualstackl2.IPAddress")
+	// Inspect and store the v6 address from specified container on the network dualstackl2
+	ip6 = inspectField(c, "third", "NetworkSettings.Networks.dualstackl2.GlobalIPv6Address")
+
+	// verify ipv4 connectivity to the explicit --ipv address from third to fourth
+	_, _, err = dockerCmdWithError("exec", "fourth", "ping", "-c", "1", strings.TrimSpace(ip))
+	c.Assert(err, check.IsNil)
+	// verify ipv6 connectivity to the explicit --ipv6 address from third to fourth
+	_, _, err = dockerCmdWithError("exec", "fourth", "ping6", "-c", "1", strings.TrimSpace(ip6))
+	c.Assert(err, check.IsNil)
+
+	// Inspect the v4 gateway to ensure the proper default GW was assigned
+	ip4gw := inspectField(c, "first", "NetworkSettings.Networks.dualstackl2.Gateway")
+	c.Assert(strings.TrimSpace(ip4gw), check.Equals, "172.28.200.1")
+	// Inspect the v6 gateway to ensure the proper default GW was assigned
+	ip6gw := inspectField(c, "first", "NetworkSettings.Networks.dualstackl2.IPv6Gateway")
+	c.Assert(strings.TrimSpace(ip6gw), check.Equals, "2001:db8:abc8::1")
+
+	// Inspect the v4 gateway to ensure the proper explicitly assigned default GW was assigned
+	ip4gw = inspectField(c, "third", "NetworkSettings.Networks.dualstackl2.Gateway")
+	c.Assert(strings.TrimSpace(ip4gw), check.Equals, "172.28.202.254")
+	// Inspect the v6 gateway to ensure the proper explicitly assigned default GW was assigned
+	ip6gw = inspectField(c, "third", "NetworkSettings.Networks.dualstackl2.IPv6Gateway")
+	c.Assert(strings.TrimSpace(ip6gw), check.Equals, "2001:db8:abc6::254")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkIpvlanL3MultiSubnet(c *check.C) {
+	// create a dual stack multi-subnet Ipvlan L3 network and validate connectivity between all four containers per L3 mode
+	testRequires(c, DaemonIsLinux, IPv6, IpvlanKernelSupport, NotUserNamespace, NotArm, IPv6)
+	dockerCmd(c, "network", "create", "--driver=ipvlan", "--ipv6", "--subnet=172.28.10.0/24", "--subnet=172.28.12.0/24", "--gateway=172.28.12.254",
+		"--subnet=2001:db8:abc9::/64", "--subnet=2001:db8:abc7::/64", "--gateway=2001:db8:abc7::254", "-o", "ipvlan_mode=l3", "dualstackl3")
+	// Ensure the network was created
+	assertNwIsAvailable(c, "dualstackl3")
+
+	// start dual stack containers and verify the user specified --ip and --ip6 addresses on subnets 172.28.10.0/24 and 2001:db8:abc9::/64
+	dockerCmd(c, "run", "-d", "--net=dualstackl3", "--name=first", "--ip", "172.28.10.20", "--ip6", "2001:db8:abc9::20", "busybox", "top")
+	dockerCmd(c, "run", "-d", "--net=dualstackl3", "--name=second", "--ip", "172.28.10.21", "--ip6", "2001:db8:abc9::21", "busybox", "top")
+
+	// Inspect and store the v4 address from specified container on the network dualstackl3
+	ip := inspectField(c, "first", "NetworkSettings.Networks.dualstackl3.IPAddress")
+	// Inspect and store the v6 address from specified container on the network dualstackl3
+	ip6 := inspectField(c, "first", "NetworkSettings.Networks.dualstackl3.GlobalIPv6Address")
+
+	// verify ipv4 connectivity to the explicit --ipv address second to first
+	_, _, err := dockerCmdWithError("exec", "second", "ping", "-c", "1", strings.TrimSpace(ip))
+	c.Assert(err, check.IsNil)
+	// verify ipv6 connectivity to the explicit --ipv6 address second to first
+	_, _, err = dockerCmdWithError("exec", "second", "ping6", "-c", "1", strings.TrimSpace(ip6))
+	c.Assert(err, check.IsNil)
+
+	// start dual stack containers and verify the user specified --ip and --ip6 addresses on subnets 172.28.12.0/24 and 2001:db8:abc7::/64
+	dockerCmd(c, "run", "-d", "--net=dualstackl3", "--name=third", "--ip", "172.28.12.20", "--ip6", "2001:db8:abc7::20", "busybox", "top")
+	dockerCmd(c, "run", "-d", "--net=dualstackl3", "--name=fourth", "--ip", "172.28.12.21", "--ip6", "2001:db8:abc7::21", "busybox", "top")
+
+	// Inspect and store the v4 address from specified container on the network dualstackl3
+	ip = inspectField(c, "third", "NetworkSettings.Networks.dualstackl3.IPAddress")
+	// Inspect and store the v6 address from specified container on the network dualstackl3
+	ip6 = inspectField(c, "third", "NetworkSettings.Networks.dualstackl3.GlobalIPv6Address")
+
+	// verify ipv4 connectivity to the explicit --ipv address from third to fourth
+	_, _, err = dockerCmdWithError("exec", "fourth", "ping", "-c", "1", strings.TrimSpace(ip))
+	c.Assert(err, check.IsNil)
+	// verify ipv6 connectivity to the explicit --ipv6 address from third to fourth
+	_, _, err = dockerCmdWithError("exec", "fourth", "ping6", "-c", "1", strings.TrimSpace(ip6))
+	c.Assert(err, check.IsNil)
+
+	// Inspect and store the v4 address from specified container on the network dualstackl3
+	ip = inspectField(c, "second", "NetworkSettings.Networks.dualstackl3.IPAddress")
+	// Inspect and store the v6 address from specified container on the network dualstackl3
+	ip6 = inspectField(c, "second", "NetworkSettings.Networks.dualstackl3.GlobalIPv6Address")
+
+	// Verify connectivity across disparate subnets which is unique to L3 mode only
+	_, _, err = dockerCmdWithError("exec", "third", "ping", "-c", "1", strings.TrimSpace(ip))
+	c.Assert(err, check.IsNil)
+	_, _, err = dockerCmdWithError("exec", "third", "ping6", "-c", "1", strings.TrimSpace(ip6))
+	c.Assert(err, check.IsNil)
+
+	// Inspect the v4 gateway to ensure no next hop is assigned in L3 mode
+	ip4gw := inspectField(c, "first", "NetworkSettings.Networks.dualstackl3.Gateway")
+	c.Assert(strings.TrimSpace(ip4gw), check.Equals, "")
+	// Inspect the v6 gateway to ensure the explicitly specified default GW is ignored per L3 mode enabled
+	ip6gw := inspectField(c, "third", "NetworkSettings.Networks.dualstackl3.IPv6Gateway")
+	c.Assert(strings.TrimSpace(ip6gw), check.Equals, "")
+}
+
+func (s *DockerNetworkSuite) TestDockerNetworkIpvlanAddressing(c *check.C) {
+	// Ensure the default gateways, next-hops and default dev devices are properly set
+	testRequires(c, DaemonIsLinux, IPv6, IpvlanKernelSupport, NotUserNamespace, NotArm)
+	dockerCmd(c, "network", "create", "--driver=macvlan", "--ipv6", "--subnet=172.28.130.0/24",
+		"--subnet=2001:db8:abca::/64", "--gateway=2001:db8:abca::254", "-o", "macvlan_mode=bridge", "dualstackbridge")
+	assertNwIsAvailable(c, "dualstackbridge")
+	dockerCmd(c, "run", "-d", "--net=dualstackbridge", "--name=first", "busybox", "top")
+	// Validate macvlan bridge mode defaults gateway sets the default IPAM next-hop inferred from the subnet
+	out, _, err := dockerCmdWithError("exec", "first", "ip", "route")
+	c.Assert(err, check.IsNil)
+	c.Assert(out, checker.Contains, "default via 172.28.130.1 dev eth0")
+	// Validate macvlan bridge mode sets the v6 gateway to the user specified default gateway/next-hop
+	out, _, err = dockerCmdWithError("exec", "first", "ip", "-6", "route")
+	c.Assert(err, check.IsNil)
+	c.Assert(out, checker.Contains, "default via 2001:db8:abca::254 dev eth0")
+
+	// Verify ipvlan l2 mode sets the proper default gateway routes via netlink
+	// for either an explicitly set route by the user or inferred via default IPAM
+	dockerCmd(c, "network", "create", "--driver=ipvlan", "--ipv6", "--subnet=172.28.140.0/24", "--gateway=172.28.140.254",
+		"--subnet=2001:db8:abcb::/64", "-o", "ipvlan_mode=l2", "dualstackl2")
+	assertNwIsAvailable(c, "dualstackl2")
+	dockerCmd(c, "run", "-d", "--net=dualstackl2", "--name=second", "busybox", "top")
+	// Validate ipvlan l2 mode defaults gateway sets the default IPAM next-hop inferred from the subnet
+	out, _, err = dockerCmdWithError("exec", "second", "ip", "route")
+	c.Assert(err, check.IsNil)
+	c.Assert(out, checker.Contains, "default via 172.28.140.254 dev eth0")
+	// Validate ipvlan l2 mode sets the v6 gateway to the user specified default gateway/next-hop
+	out, _, err = dockerCmdWithError("exec", "second", "ip", "-6", "route")
+	c.Assert(err, check.IsNil)
+	c.Assert(out, checker.Contains, "default via 2001:db8:abcb::1 dev eth0")
+
+	// Validate ipvlan l3 mode sets the v4 gateway to dev eth0 and disregards any explicit or inferred next-hops
+	dockerCmd(c, "network", "create", "--driver=ipvlan", "--ipv6", "--subnet=172.28.160.0/24", "--gateway=172.28.160.254",
+		"--subnet=2001:db8:abcd::/64", "--gateway=2001:db8:abcd::254", "-o", "ipvlan_mode=l3", "dualstackl3")
+	assertNwIsAvailable(c, "dualstackl3")
+	dockerCmd(c, "run", "-d", "--net=dualstackl3", "--name=third", "busybox", "top")
+	// Validate ipvlan l3 mode sets the v4 gateway to dev eth0 and disregards any explicit or inferred next-hops
+	out, _, err = dockerCmdWithError("exec", "third", "ip", "route")
+	c.Assert(err, check.IsNil)
+	c.Assert(out, checker.Contains, "default dev eth0")
+	// Validate ipvlan l3 mode sets the v6 gateway to dev eth0 and disregards any explicit or inferred next-hops
+	out, _, err = dockerCmdWithError("exec", "third", "ip", "-6", "route")
+	c.Assert(err, check.IsNil)
+	c.Assert(out, checker.Contains, "default dev eth0")
+}
+
+func (s *DockerSuite) TestDockerNetworkMacVlanBridgeNilParent(c *check.C) {
+	// macvlan bridge mode - dummy parent interface is provisioned dynamically
+	testRequires(c, DaemonIsLinux, MacvlanKernelSupport, NotUserNamespace, NotArm)
+	dockerCmd(c, "network", "create", "--driver=macvlan", "dm-nil-parent")
+	assertNwIsAvailable(c, "dm-nil-parent")
+
+	// start two containers on the same subnet
+	dockerCmd(c, "run", "-d", "--net=dm-nil-parent", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+	dockerCmd(c, "run", "-d", "--net=dm-nil-parent", "--name=second", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+
+	// intra-network communications should succeed
+	_, _, err := dockerCmdWithError("exec", "second", "ping", "-c", "1", "first")
+	c.Assert(err, check.IsNil)
+}
+
+func (s *DockerSuite) TestDockerNetworkMacVlanBridgeInternalMode(c *check.C) {
+	// macvlan bridge mode --internal containers can communicate inside the network but not externally
+	testRequires(c, DaemonIsLinux, MacvlanKernelSupport, NotUserNamespace, NotArm)
+	dockerCmd(c, "network", "create", "--driver=macvlan", "--internal", "dm-internal")
+	assertNwIsAvailable(c, "dm-internal")
+	nr := getNetworkResource(c, "dm-internal")
+	c.Assert(nr.Internal, checker.True)
+
+	// start two containers on the same subnet
+	dockerCmd(c, "run", "-d", "--net=dm-internal", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+	dockerCmd(c, "run", "-d", "--net=dm-internal", "--name=second", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+
+	// access outside of the network should fail
+	_, _, err := dockerCmdWithTimeout(time.Second, "exec", "first", "ping", "-c", "1", "-w", "1", "8.8.8.8")
+	c.Assert(err, check.NotNil)
+	// intra-network communications should succeed
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "first")
+	c.Assert(err, check.IsNil)
+}
+
+func (s *DockerSuite) TestDockerNetworkIpvlanL2NilParent(c *check.C) {
+	// ipvlan l2 mode - dummy parent interface is provisioned dynamically
+	testRequires(c, DaemonIsLinux, IpvlanKernelSupport, NotUserNamespace, NotArm)
+	dockerCmd(c, "network", "create", "--driver=ipvlan", "di-nil-parent")
+	assertNwIsAvailable(c, "di-nil-parent")
+
+	// start two containers on the same subnet
+	dockerCmd(c, "run", "-d", "--net=di-nil-parent", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+	dockerCmd(c, "run", "-d", "--net=di-nil-parent", "--name=second", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+
+	// intra-network communications should succeed
+	_, _, err := dockerCmdWithError("exec", "second", "ping", "-c", "1", "first")
+	c.Assert(err, check.IsNil)
+}
+
+func (s *DockerSuite) TestDockerNetworkIpvlanL2InternalMode(c *check.C) {
+	// ipvlan l2 mode --internal containers can communicate inside the network but not externally
+	testRequires(c, DaemonIsLinux, IpvlanKernelSupport, NotUserNamespace, NotArm)
+	dockerCmd(c, "network", "create", "--driver=ipvlan", "--internal", "di-internal")
+	assertNwIsAvailable(c, "di-internal")
+	nr := getNetworkResource(c, "di-internal")
+	c.Assert(nr.Internal, checker.True)
+
+	// start two containers on the same subnet
+	dockerCmd(c, "run", "-d", "--net=di-internal", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+	dockerCmd(c, "run", "-d", "--net=di-internal", "--name=second", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+
+	// access outside of the network should fail
+	_, _, err := dockerCmdWithTimeout(time.Second, "exec", "first", "ping", "-c", "1", "-w", "1", "8.8.8.8")
+	c.Assert(err, check.NotNil)
+	// intra-network communications should succeed
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "first")
+	c.Assert(err, check.IsNil)
+}
+
+func (s *DockerSuite) TestDockerNetworkIpvlanL3NilParent(c *check.C) {
+	// ipvlan l3 mode - dummy parent interface is provisioned dynamically
+	testRequires(c, DaemonIsLinux, IpvlanKernelSupport, NotUserNamespace, NotArm)
+	dockerCmd(c, "network", "create", "--driver=ipvlan", "--subnet=172.28.230.0/24",
+		"--subnet=172.28.220.0/24", "-o", "ipvlan_mode=l3", "di-nil-parent-l3")
+	assertNwIsAvailable(c, "di-nil-parent-l3")
+
+	// start two containers on separate subnets
+	dockerCmd(c, "run", "-d", "--ip=172.28.220.10", "--net=di-nil-parent-l3", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+	dockerCmd(c, "run", "-d", "--ip=172.28.230.10", "--net=di-nil-parent-l3", "--name=second", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+
+	// intra-network communications should succeed
+	_, _, err := dockerCmdWithError("exec", "second", "ping", "-c", "1", "first")
+	c.Assert(err, check.IsNil)
+}
+
+func (s *DockerSuite) TestDockerNetworkIpvlanL3InternalMode(c *check.C) {
+	// ipvlan l3 mode --internal containers can communicate inside the network but not externally
+	testRequires(c, DaemonIsLinux, IpvlanKernelSupport, NotUserNamespace, NotArm)
+	dockerCmd(c, "network", "create", "--driver=ipvlan", "--subnet=172.28.230.0/24",
+		"--subnet=172.28.220.0/24", "-o", "ipvlan_mode=l3", "--internal", "di-internal-l3")
+	assertNwIsAvailable(c, "di-internal-l3")
+	nr := getNetworkResource(c, "di-internal-l3")
+	c.Assert(nr.Internal, checker.True)
+
+	// start two containers on separate subnets
+	dockerCmd(c, "run", "-d", "--ip=172.28.220.10", "--net=di-internal-l3", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+	dockerCmd(c, "run", "-d", "--ip=172.28.230.10", "--net=di-internal-l3", "--name=second", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+
+	// access outside of the network should fail
+	_, _, err := dockerCmdWithTimeout(time.Second, "exec", "first", "ping", "-c", "1", "-w", "1", "8.8.8.8")
+	c.Assert(err, check.NotNil)
+	// intra-network communications should succeed
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "first")
+	c.Assert(err, check.IsNil)
+}
+
+func (s *DockerSuite) TestDockerNetworkMacVlanExistingParent(c *check.C) {
+	// macvlan bridge mode - empty parent interface containers can reach each other internally but not externally
+	testRequires(c, DaemonIsLinux, MacvlanKernelSupport, NotUserNamespace, NotArm)
+	netName := "dm-parent-exists"
+	out, err := createMasterDummy(c, "dm-dummy0")
+	//out, err := createVlanInterface(c, "dm-parent", "dm-slave", "macvlan", "bridge")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	// create a network using an existing parent interface
+	dockerCmd(c, "network", "create", "--driver=macvlan", "-o", "parent=dm-dummy0", netName)
+	assertNwIsAvailable(c, netName)
+	// delete the network while preserving the parent link
+	dockerCmd(c, "network", "rm", netName)
+	assertNwNotAvailable(c, netName)
+	// verify the network delete did not delete the predefined link
+	out, err = linkExists(c, "dm-dummy0")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	deleteInterface(c, "dm-dummy0")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+}
+
+func (s *DockerSuite) TestDockerNetworkMacVlanSubinterface(c *check.C) {
+	// macvlan bridge mode -  empty parent interface containers can reach each other internally but not externally
+	testRequires(c, DaemonIsLinux, MacvlanKernelSupport, NotUserNamespace, NotArm)
+	netName := "dm-subinterface"
+	out, err := createMasterDummy(c, "dm-dummy0")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	out, err = createVlanInterface(c, "dm-dummy0", "dm-dummy0.20", "20")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	// create a network using an existing parent interface
+	dockerCmd(c, "network", "create", "--driver=macvlan", "-o", "parent=dm-dummy0.20", netName)
+	assertNwIsAvailable(c, netName)
+
+	// start containers on 802.1q tagged '-o parent' sub-interface
+	dockerCmd(c, "run", "-d", "--net=dm-subinterface", "--name=first", "busybox", "top")
+	c.Assert(waitRun("first"), check.IsNil)
+	dockerCmd(c, "run", "-d", "--net=dm-subinterface", "--name=second", "busybox", "top")
+	c.Assert(waitRun("second"), check.IsNil)
+	// verify containers can communicate
+	_, _, err = dockerCmdWithError("exec", "second", "ping", "-c", "1", "first")
+	c.Assert(err, check.IsNil)
+
+	// remove the containers
+	dockerCmd(c, "rm", "-f", "first")
+	dockerCmd(c, "rm", "-f", "second")
+	// delete the network while preserving the parent link
+	dockerCmd(c, "network", "rm", netName)
+	assertNwNotAvailable(c, netName)
+	// verify the network delete did not delete the predefined sub-interface
+	out, err = linkExists(c, "dm-dummy0.20")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+	// delete the parent interface which also collects the slave
+	deleteInterface(c, "dm-dummy0")
+	c.Assert(err, check.IsNil, check.Commentf(out))
+}
+
+func createMasterDummy(c *check.C, master string) (string, error) {
+	// ip link add <dummy_name> type dummy
+	args := []string{"link", "add", master, "type", "dummy"}
+	ipLinkCmd := exec.Command("ip", args...)
+	out, _, err := runCommandWithOutput(ipLinkCmd)
+	if err != nil {
+		return out, err
+	}
+	// ip link set dummy_name up
+	args = []string{"link", "set", master, "up"}
+	ipLinkCmd = exec.Command("ip", args...)
+	out, _, err = runCommandWithOutput(ipLinkCmd)
+	if err != nil {
+		return out, err
+	}
+	return out, err
+}
+
+func createVlanInterface(c *check.C, master, slave, id string) (string, error) {
+	// ip link add link <master> name <master>.<VID> type vlan id <VID>
+	args := []string{"link", "add", "link", master, "name", slave, "type", "vlan", "id", id}
+	ipLinkCmd := exec.Command("ip", args...)
+	out, _, err := runCommandWithOutput(ipLinkCmd)
+	if err != nil {
+		return out, err
+	}
+	// ip link set <sub_interface_name> up
+	args = []string{"link", "set", slave, "up"}
+	ipLinkCmd = exec.Command("ip", args...)
+	out, _, err = runCommandWithOutput(ipLinkCmd)
+	if err != nil {
+		return out, err
+	}
+	return out, err
+}
+
+func linkExists(c *check.C, master string) (string, error) {
+	// verify the specified link exists, ip link show <link_name>
+	args := []string{"link", "show", master}
+	ipLinkCmd := exec.Command("ip", args...)
+	out, _, err := runCommandWithOutput(ipLinkCmd)
+	if err != nil {
+		return out, err
+	}
+	return out, err
+}
diff --git a/integration-cli/docker_hub_pull_suite_test.go b/integration-cli/docker_hub_pull_suite_test.go
new file mode 100644
index 00000000..6aa93469
--- /dev/null
+++ b/integration-cli/docker_hub_pull_suite_test.go
@@ -0,0 +1,90 @@
+package main
+
+import (
+	"os/exec"
+	"runtime"
+	"strings"
+
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+func init() {
+	// FIXME. Temporarily turning this off for Windows as GH16039 was breaking
+	// Windows to Linux CI @icecrime
+	if runtime.GOOS != "windows" {
+		check.Suite(newDockerHubPullSuite())
+	}
+}
+
+// DockerHubPullSuite provides a isolated daemon that doesn't have all the
+// images that are baked into our 'global' test environment daemon (e.g.,
+// busybox, httpserver, ...).
+//
+// We use it for push/pull tests where we want to start fresh, and measure the
+// relative impact of each individual operation. As part of this suite, all
+// images are removed after each test.
+type DockerHubPullSuite struct {
+	d  *Daemon
+	ds *DockerSuite
+}
+
+// newDockerHubPullSuite returns a new instance of a DockerHubPullSuite.
+func newDockerHubPullSuite() *DockerHubPullSuite {
+	return &DockerHubPullSuite{
+		ds: &DockerSuite{},
+	}
+}
+
+// SetUpSuite starts the suite daemon.
+func (s *DockerHubPullSuite) SetUpSuite(c *check.C) {
+	testRequires(c, DaemonIsLinux)
+	s.d = NewDaemon(c)
+	err := s.d.Start()
+	c.Assert(err, checker.IsNil, check.Commentf("starting push/pull test daemon: %v", err))
+}
+
+// TearDownSuite stops the suite daemon.
+func (s *DockerHubPullSuite) TearDownSuite(c *check.C) {
+	if s.d != nil {
+		err := s.d.Stop()
+		c.Assert(err, checker.IsNil, check.Commentf("stopping push/pull test daemon: %v", err))
+	}
+}
+
+// SetUpTest declares that all tests of this suite require network.
+func (s *DockerHubPullSuite) SetUpTest(c *check.C) {
+	testRequires(c, Network)
+}
+
+// TearDownTest removes all images from the suite daemon.
+func (s *DockerHubPullSuite) TearDownTest(c *check.C) {
+	out := s.Cmd(c, "images", "-aq")
+	images := strings.Split(out, "\n")
+	images = append([]string{"-f"}, images...)
+	s.d.Cmd("rmi", images...)
+	s.ds.TearDownTest(c)
+}
+
+// Cmd executes a command against the suite daemon and returns the combined
+// output. The function fails the test when the command returns an error.
+func (s *DockerHubPullSuite) Cmd(c *check.C, name string, arg ...string) string {
+	out, err := s.CmdWithError(name, arg...)
+	c.Assert(err, checker.IsNil, check.Commentf("%q failed with errors: %s, %v", strings.Join(arg, " "), out, err))
+	return out
+}
+
+// CmdWithError executes a command against the suite daemon and returns the
+// combined output as well as any error.
+func (s *DockerHubPullSuite) CmdWithError(name string, arg ...string) (string, error) {
+	c := s.MakeCmd(name, arg...)
+	b, err := c.CombinedOutput()
+	return string(b), err
+}
+
+// MakeCmd returns a exec.Cmd command to run against the suite daemon.
+func (s *DockerHubPullSuite) MakeCmd(name string, arg ...string) *exec.Cmd {
+	args := []string{"--host", s.d.sock(), name}
+	args = append(args, arg...)
+	return exec.Command(dockerBinary, args...)
+}
diff --git a/integration-cli/docker_test_vars.go b/integration-cli/docker_test_vars.go
new file mode 100644
index 00000000..b6113992
--- /dev/null
+++ b/integration-cli/docker_test_vars.go
@@ -0,0 +1,129 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"os"
+	"os/exec"
+
+	"github.com/docker/docker/pkg/reexec"
+)
+
+var (
+	// the docker binary to use
+	dockerBinary = "docker"
+
+	// path to containerd's ctr binary
+	ctrBinary = "docker-containerd-ctr"
+
+	// the private registry image to use for tests involving the registry
+	registryImageName = "registry"
+
+	// the private registry to use for tests
+	privateRegistryURL = "127.0.0.1:5000"
+
+	// TODO Windows CI. These are incorrect and need fixing into
+	// platform specific pieces.
+	runtimePath = "/var/run/docker"
+
+	workingDirectory string
+
+	// isLocalDaemon is true if the daemon under test is on the same
+	// host as the CLI.
+	isLocalDaemon bool
+
+	// daemonPlatform is held globally so that tests can make intelligent
+	// decisions on how to configure themselves according to the platform
+	// of the daemon. This is initialized in docker_utils by sending
+	// a version call to the daemon and examining the response header.
+	daemonPlatform string
+
+	// windowsDaemonKV is used on Windows to distinguish between different
+	// versions. This is necessary to enable certain tests based on whether
+	// the platform supports it. For example, Windows Server 2016 TP3 does
+	// not support volumes, but TP4 does.
+	windowsDaemonKV int
+
+	// daemonDefaultImage is the name of the default image to use when running
+	// tests. This is platform dependent.
+	daemonDefaultImage string
+
+	// For a local daemon on Linux, these values will be used for testing
+	// user namespace support as the standard graph path(s) will be
+	// appended with the root remapped uid.gid prefix
+	dockerBasePath       string
+	volumesConfigPath    string
+	containerStoragePath string
+
+	// daemonStorageDriver is held globally so that tests can know the storage
+	// driver of the daemon. This is initialized in docker_utils by sending
+	// a version call to the daemon and examining the response header.
+	daemonStorageDriver string
+)
+
+const (
+	// WindowsBaseImage is the name of the base image for Windows testing
+	WindowsBaseImage = "windowsservercore"
+
+	// DefaultImage is the name of the base image for the majority of tests that
+	// are run across suites
+	DefaultImage = "busybox"
+)
+
+func init() {
+	reexec.Init()
+	if dockerBin := os.Getenv("DOCKER_BINARY"); dockerBin != "" {
+		dockerBinary = dockerBin
+	}
+	var err error
+	dockerBinary, err = exec.LookPath(dockerBinary)
+	if err != nil {
+		fmt.Printf("ERROR: couldn't resolve full path to the Docker binary (%v)", err)
+		os.Exit(1)
+	}
+	if registryImage := os.Getenv("REGISTRY_IMAGE"); registryImage != "" {
+		registryImageName = registryImage
+	}
+	if registry := os.Getenv("REGISTRY_URL"); registry != "" {
+		privateRegistryURL = registry
+	}
+	workingDirectory, _ = os.Getwd()
+
+	// Deterministically working out the environment in which CI is running
+	// to evaluate whether the daemon is local or remote is not possible through
+	// a build tag.
+	//
+	// For example Windows to Linux CI under Jenkins tests the 64-bit
+	// Windows binary build with the daemon build tag, but calls a remote
+	// Linux daemon.
+	//
+	// We can't just say if Windows then assume the daemon is local as at
+	// some point, we will be testing the Windows CLI against a Windows daemon.
+	//
+	// Similarly, it will be perfectly valid to also run CLI tests from
+	// a Linux CLI (built with the daemon tag) against a Windows daemon.
+	if len(os.Getenv("DOCKER_REMOTE_DAEMON")) > 0 {
+		isLocalDaemon = false
+	} else {
+		isLocalDaemon = true
+	}
+
+	// TODO Windows CI. This are incorrect and need fixing into
+	// platform specific pieces.
+	// This is only used for a tests with local daemon true (Linux-only today)
+	// default is "/var/lib/docker", but we'll try and ask the
+	// /info endpoint for the specific root dir
+	dockerBasePath = "/var/lib/docker"
+	type Info struct {
+		DockerRootDir string
+	}
+	var i Info
+	status, b, err := sockRequest("GET", "/info", nil)
+	if err == nil && status == 200 {
+		if err = json.Unmarshal(b, &i); err == nil {
+			dockerBasePath = i.DockerRootDir
+		}
+	}
+	volumesConfigPath = dockerBasePath + "/volumes"
+	containerStoragePath = dockerBasePath + "/containers"
+}
diff --git a/integration-cli/docker_utils.go b/integration-cli/docker_utils.go
new file mode 100644
index 00000000..31982871
--- /dev/null
+++ b/integration-cli/docker_utils.go
@@ -0,0 +1,1495 @@
+package main
+
+import (
+	"bufio"
+	"bytes"
+	"crypto/tls"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net"
+	"net/http"
+	"net/http/httptest"
+	"net/http/httputil"
+	"net/url"
+	"os"
+	"os/exec"
+	"path"
+	"path/filepath"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/opts"
+	"github.com/docker/docker/pkg/httputils"
+	"github.com/docker/docker/pkg/integration"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/pkg/stringutils"
+	"github.com/docker/engine-api/types"
+	"github.com/docker/go-connections/tlsconfig"
+	"github.com/docker/go-units"
+	"github.com/go-check/check"
+)
+
+func init() {
+	cmd := exec.Command(dockerBinary, "images")
+	cmd.Env = appendBaseEnv(true)
+	out, err := cmd.CombinedOutput()
+	if err != nil {
+		panic(fmt.Errorf("err=%v\nout=%s\n", err, out))
+	}
+	lines := strings.Split(string(out), "\n")[1:]
+	for _, l := range lines {
+		if l == "" {
+			continue
+		}
+		fields := strings.Fields(l)
+		imgTag := fields[0] + ":" + fields[1]
+		// just for case if we have dangling images in tested daemon
+		if imgTag != "<none>:<none>" {
+			protectedImages[imgTag] = struct{}{}
+		}
+	}
+
+	// Obtain the daemon platform so that it can be used by tests to make
+	// intelligent decisions about how to configure themselves, and validate
+	// that the target platform is valid.
+	res, _, err := sockRequestRaw("GET", "/version", nil, "application/json")
+	if err != nil || res == nil || (res != nil && res.StatusCode != http.StatusOK) {
+		panic(fmt.Errorf("Init failed to get version: %v. Res=%v", err.Error(), res))
+	}
+	svrHeader, _ := httputils.ParseServerHeader(res.Header.Get("Server"))
+	daemonPlatform = svrHeader.OS
+	if daemonPlatform != "linux" && daemonPlatform != "windows" {
+		panic("Cannot run tests against platform: " + daemonPlatform)
+	}
+
+	// On Windows, extract out the version as we need to make selective
+	// decisions during integration testing as and when features are implemented.
+	if daemonPlatform == "windows" {
+		if body, err := ioutil.ReadAll(res.Body); err == nil {
+			var server types.Version
+			if err := json.Unmarshal(body, &server); err == nil {
+				// eg in "10.0 10550 (10550.1000.amd64fre.branch.date-time)" we want 10550
+				windowsDaemonKV, _ = strconv.Atoi(strings.Split(server.KernelVersion, " ")[1])
+			}
+		}
+	}
+
+	// Now we know the daemon platform, can set paths used by tests.
+	_, body, err := sockRequest("GET", "/info", nil)
+	if err != nil {
+		panic(err)
+	}
+
+	var info types.Info
+	err = json.Unmarshal(body, &info)
+	daemonStorageDriver = info.Driver
+	dockerBasePath = info.DockerRootDir
+	volumesConfigPath = filepath.Join(dockerBasePath, "volumes")
+	containerStoragePath = filepath.Join(dockerBasePath, "containers")
+	// Make sure in context of daemon, not the local platform. Note we can't
+	// use filepath.FromSlash or ToSlash here as they are a no-op on Unix.
+	if daemonPlatform == "windows" {
+		volumesConfigPath = strings.Replace(volumesConfigPath, `/`, `\`, -1)
+		containerStoragePath = strings.Replace(containerStoragePath, `/`, `\`, -1)
+	} else {
+		volumesConfigPath = strings.Replace(volumesConfigPath, `\`, `/`, -1)
+		containerStoragePath = strings.Replace(containerStoragePath, `\`, `/`, -1)
+	}
+}
+
+func convertBasesize(basesizeBytes int64) (int64, error) {
+	basesize := units.HumanSize(float64(basesizeBytes))
+	basesize = strings.Trim(basesize, " ")[:len(basesize)-3]
+	basesizeFloat, err := strconv.ParseFloat(strings.Trim(basesize, " "), 64)
+	if err != nil {
+		return 0, err
+	}
+	return int64(basesizeFloat) * 1024 * 1024 * 1024, nil
+}
+
+func daemonHost() string {
+	daemonURLStr := "unix://" + opts.DefaultUnixSocket
+	if daemonHostVar := os.Getenv("DOCKER_HOST"); daemonHostVar != "" {
+		daemonURLStr = daemonHostVar
+	}
+	return daemonURLStr
+}
+
+func getTLSConfig() (*tls.Config, error) {
+	dockerCertPath := os.Getenv("DOCKER_CERT_PATH")
+
+	if dockerCertPath == "" {
+		return nil, fmt.Errorf("DOCKER_TLS_VERIFY specified, but no DOCKER_CERT_PATH environment variable")
+	}
+
+	option := &tlsconfig.Options{
+		CAFile:   filepath.Join(dockerCertPath, "ca.pem"),
+		CertFile: filepath.Join(dockerCertPath, "cert.pem"),
+		KeyFile:  filepath.Join(dockerCertPath, "key.pem"),
+	}
+	tlsConfig, err := tlsconfig.Client(*option)
+	if err != nil {
+		return nil, err
+	}
+
+	return tlsConfig, nil
+}
+
+func sockConn(timeout time.Duration) (net.Conn, error) {
+	daemon := daemonHost()
+	daemonURL, err := url.Parse(daemon)
+	if err != nil {
+		return nil, fmt.Errorf("could not parse url %q: %v", daemon, err)
+	}
+
+	var c net.Conn
+	switch daemonURL.Scheme {
+	case "npipe":
+		return npipeDial(daemonURL.Path, timeout)
+	case "unix":
+		return net.DialTimeout(daemonURL.Scheme, daemonURL.Path, timeout)
+	case "tcp":
+		if os.Getenv("DOCKER_TLS_VERIFY") != "" {
+			// Setup the socket TLS configuration.
+			tlsConfig, err := getTLSConfig()
+			if err != nil {
+				return nil, err
+			}
+			dialer := &net.Dialer{Timeout: timeout}
+			return tls.DialWithDialer(dialer, daemonURL.Scheme, daemonURL.Host, tlsConfig)
+		}
+		return net.DialTimeout(daemonURL.Scheme, daemonURL.Host, timeout)
+	default:
+		return c, fmt.Errorf("unknown scheme %v (%s)", daemonURL.Scheme, daemon)
+	}
+}
+
+func sockRequest(method, endpoint string, data interface{}) (int, []byte, error) {
+	jsonData := bytes.NewBuffer(nil)
+	if err := json.NewEncoder(jsonData).Encode(data); err != nil {
+		return -1, nil, err
+	}
+
+	res, body, err := sockRequestRaw(method, endpoint, jsonData, "application/json")
+	if err != nil {
+		return -1, nil, err
+	}
+	b, err := readBody(body)
+	return res.StatusCode, b, err
+}
+
+func sockRequestRaw(method, endpoint string, data io.Reader, ct string) (*http.Response, io.ReadCloser, error) {
+	req, client, err := newRequestClient(method, endpoint, data, ct)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	resp, err := client.Do(req)
+	if err != nil {
+		client.Close()
+		return nil, nil, err
+	}
+	body := ioutils.NewReadCloserWrapper(resp.Body, func() error {
+		defer resp.Body.Close()
+		return client.Close()
+	})
+
+	return resp, body, nil
+}
+
+func sockRequestHijack(method, endpoint string, data io.Reader, ct string) (net.Conn, *bufio.Reader, error) {
+	req, client, err := newRequestClient(method, endpoint, data, ct)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	client.Do(req)
+	conn, br := client.Hijack()
+	return conn, br, nil
+}
+
+func newRequestClient(method, endpoint string, data io.Reader, ct string) (*http.Request, *httputil.ClientConn, error) {
+	c, err := sockConn(time.Duration(10 * time.Second))
+	if err != nil {
+		return nil, nil, fmt.Errorf("could not dial docker daemon: %v", err)
+	}
+
+	client := httputil.NewClientConn(c, nil)
+
+	req, err := http.NewRequest(method, endpoint, data)
+	if err != nil {
+		client.Close()
+		return nil, nil, fmt.Errorf("could not create new request: %v", err)
+	}
+
+	if ct != "" {
+		req.Header.Set("Content-Type", ct)
+	}
+	return req, client, nil
+}
+
+func readBody(b io.ReadCloser) ([]byte, error) {
+	defer b.Close()
+	return ioutil.ReadAll(b)
+}
+
+func deleteContainer(container string) error {
+	container = strings.TrimSpace(strings.Replace(container, "\n", " ", -1))
+	rmArgs := strings.Split(fmt.Sprintf("rm -fv %v", container), " ")
+	exitCode, err := runCommand(exec.Command(dockerBinary, rmArgs...))
+	// set error manually if not set
+	if exitCode != 0 && err == nil {
+		err = fmt.Errorf("failed to remove container: `docker rm` exit is non-zero")
+	}
+
+	return err
+}
+
+func getAllContainers() (string, error) {
+	getContainersCmd := exec.Command(dockerBinary, "ps", "-q", "-a")
+	out, exitCode, err := runCommandWithOutput(getContainersCmd)
+	if exitCode != 0 && err == nil {
+		err = fmt.Errorf("failed to get a list of containers: %v\n", out)
+	}
+
+	return out, err
+}
+
+func deleteAllContainers() error {
+	containers, err := getAllContainers()
+	if err != nil {
+		fmt.Println(containers)
+		return err
+	}
+
+	if containers != "" {
+		if err = deleteContainer(containers); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func deleteAllNetworks() error {
+	networks, err := getAllNetworks()
+	if err != nil {
+		return err
+	}
+	var errors []string
+	for _, n := range networks {
+		if n.Name == "bridge" || n.Name == "none" || n.Name == "host" {
+			continue
+		}
+		status, b, err := sockRequest("DELETE", "/networks/"+n.Name, nil)
+		if err != nil {
+			errors = append(errors, err.Error())
+			continue
+		}
+		if status != http.StatusNoContent {
+			errors = append(errors, fmt.Sprintf("error deleting network %s: %s", n.Name, string(b)))
+		}
+	}
+	if len(errors) > 0 {
+		return fmt.Errorf(strings.Join(errors, "\n"))
+	}
+	return nil
+}
+
+func getAllNetworks() ([]types.NetworkResource, error) {
+	var networks []types.NetworkResource
+	_, b, err := sockRequest("GET", "/networks", nil)
+	if err != nil {
+		return nil, err
+	}
+	if err := json.Unmarshal(b, &networks); err != nil {
+		return nil, err
+	}
+	return networks, nil
+}
+
+func deleteAllVolumes() error {
+	volumes, err := getAllVolumes()
+	if err != nil {
+		return err
+	}
+	var errors []string
+	for _, v := range volumes {
+		status, b, err := sockRequest("DELETE", "/volumes/"+v.Name, nil)
+		if err != nil {
+			errors = append(errors, err.Error())
+			continue
+		}
+		if status != http.StatusNoContent {
+			errors = append(errors, fmt.Sprintf("error deleting volume %s: %s", v.Name, string(b)))
+		}
+	}
+	if len(errors) > 0 {
+		return fmt.Errorf(strings.Join(errors, "\n"))
+	}
+	return nil
+}
+
+func getAllVolumes() ([]*types.Volume, error) {
+	var volumes types.VolumesListResponse
+	_, b, err := sockRequest("GET", "/volumes", nil)
+	if err != nil {
+		return nil, err
+	}
+	if err := json.Unmarshal(b, &volumes); err != nil {
+		return nil, err
+	}
+	return volumes.Volumes, nil
+}
+
+var protectedImages = map[string]struct{}{}
+
+func deleteAllImages() error {
+	cmd := exec.Command(dockerBinary, "images")
+	cmd.Env = appendBaseEnv(true)
+	out, err := cmd.CombinedOutput()
+	if err != nil {
+		return err
+	}
+	lines := strings.Split(string(out), "\n")[1:]
+	var imgs []string
+	for _, l := range lines {
+		if l == "" {
+			continue
+		}
+		fields := strings.Fields(l)
+		imgTag := fields[0] + ":" + fields[1]
+		if _, ok := protectedImages[imgTag]; !ok {
+			if fields[0] == "<none>" {
+				imgs = append(imgs, fields[2])
+				continue
+			}
+			imgs = append(imgs, imgTag)
+		}
+	}
+	if len(imgs) == 0 {
+		return nil
+	}
+	args := append([]string{"rmi", "-f"}, imgs...)
+	if err := exec.Command(dockerBinary, args...).Run(); err != nil {
+		return err
+	}
+	return nil
+}
+
+func getPausedContainers() (string, error) {
+	getPausedContainersCmd := exec.Command(dockerBinary, "ps", "-f", "status=paused", "-q", "-a")
+	out, exitCode, err := runCommandWithOutput(getPausedContainersCmd)
+	if exitCode != 0 && err == nil {
+		err = fmt.Errorf("failed to get a list of paused containers: %v\n", out)
+	}
+
+	return out, err
+}
+
+func getSliceOfPausedContainers() ([]string, error) {
+	out, err := getPausedContainers()
+	if err == nil {
+		if len(out) == 0 {
+			return nil, err
+		}
+		slice := strings.Split(strings.TrimSpace(out), "\n")
+		return slice, err
+	}
+	return []string{out}, err
+}
+
+func unpauseContainer(container string) error {
+	unpauseCmd := exec.Command(dockerBinary, "unpause", container)
+	exitCode, err := runCommand(unpauseCmd)
+	if exitCode != 0 && err == nil {
+		err = fmt.Errorf("failed to unpause container")
+	}
+
+	return nil
+}
+
+func unpauseAllContainers() error {
+	containers, err := getPausedContainers()
+	if err != nil {
+		fmt.Println(containers)
+		return err
+	}
+
+	containers = strings.Replace(containers, "\n", " ", -1)
+	containers = strings.Trim(containers, " ")
+	containerList := strings.Split(containers, " ")
+
+	for _, value := range containerList {
+		if err = unpauseContainer(value); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func deleteImages(images ...string) error {
+	args := []string{"rmi", "-f"}
+	args = append(args, images...)
+	rmiCmd := exec.Command(dockerBinary, args...)
+	exitCode, err := runCommand(rmiCmd)
+	// set error manually if not set
+	if exitCode != 0 && err == nil {
+		err = fmt.Errorf("failed to remove image: `docker rmi` exit is non-zero")
+	}
+	return err
+}
+
+func imageExists(image string) error {
+	inspectCmd := exec.Command(dockerBinary, "inspect", image)
+	exitCode, err := runCommand(inspectCmd)
+	if exitCode != 0 && err == nil {
+		err = fmt.Errorf("couldn't find image %q", image)
+	}
+	return err
+}
+
+func pullImageIfNotExist(image string) error {
+	if err := imageExists(image); err != nil {
+		pullCmd := exec.Command(dockerBinary, "pull", image)
+		_, exitCode, err := runCommandWithOutput(pullCmd)
+
+		if err != nil || exitCode != 0 {
+			return fmt.Errorf("image %q wasn't found locally and it couldn't be pulled: %s", image, err)
+		}
+	}
+	return nil
+}
+
+func dockerCmdWithError(args ...string) (string, int, error) {
+	if err := validateArgs(args...); err != nil {
+		return "", 0, err
+	}
+	return integration.DockerCmdWithError(dockerBinary, args...)
+}
+
+func dockerCmdWithStdoutStderr(c *check.C, args ...string) (string, string, int) {
+	if err := validateArgs(args...); err != nil {
+		c.Fatalf(err.Error())
+	}
+	return integration.DockerCmdWithStdoutStderr(dockerBinary, c, args...)
+}
+
+func dockerCmd(c *check.C, args ...string) (string, int) {
+	if err := validateArgs(args...); err != nil {
+		c.Fatalf(err.Error())
+	}
+	return integration.DockerCmd(dockerBinary, c, args...)
+}
+
+// execute a docker command with a timeout
+func dockerCmdWithTimeout(timeout time.Duration, args ...string) (string, int, error) {
+	if err := validateArgs(args...); err != nil {
+		return "", 0, err
+	}
+	return integration.DockerCmdWithTimeout(dockerBinary, timeout, args...)
+}
+
+// execute a docker command in a directory
+func dockerCmdInDir(c *check.C, path string, args ...string) (string, int, error) {
+	if err := validateArgs(args...); err != nil {
+		c.Fatalf(err.Error())
+	}
+	return integration.DockerCmdInDir(dockerBinary, path, args...)
+}
+
+// execute a docker command in a directory with a timeout
+func dockerCmdInDirWithTimeout(timeout time.Duration, path string, args ...string) (string, int, error) {
+	if err := validateArgs(args...); err != nil {
+		return "", 0, err
+	}
+	return integration.DockerCmdInDirWithTimeout(dockerBinary, timeout, path, args...)
+}
+
+// validateArgs is a checker to ensure tests are not running commands which are
+// not supported on platforms. Specifically on Windows this is 'busybox top'.
+func validateArgs(args ...string) error {
+	if daemonPlatform != "windows" {
+		return nil
+	}
+	foundBusybox := -1
+	for key, value := range args {
+		if strings.ToLower(value) == "busybox" {
+			foundBusybox = key
+		}
+		if (foundBusybox != -1) && (key == foundBusybox+1) && (strings.ToLower(value) == "top") {
+			return errors.New("Cannot use 'busybox top' in tests on Windows. Use runSleepingContainer()")
+		}
+	}
+	return nil
+}
+
+// find the State.ExitCode in container metadata
+func findContainerExitCode(c *check.C, name string, vargs ...string) string {
+	args := append(vargs, "inspect", "--format='{{ .State.ExitCode }} {{ .State.Error }}'", name)
+	cmd := exec.Command(dockerBinary, args...)
+	out, _, err := runCommandWithOutput(cmd)
+	if err != nil {
+		c.Fatal(err, out)
+	}
+	return out
+}
+
+func findContainerIP(c *check.C, id string, network string) string {
+	out, _ := dockerCmd(c, "inspect", fmt.Sprintf("--format='{{ .NetworkSettings.Networks.%s.IPAddress }}'", network), id)
+	return strings.Trim(out, " \r\n'")
+}
+
+func getContainerCount() (int, error) {
+	const containers = "Containers:"
+
+	cmd := exec.Command(dockerBinary, "info")
+	out, _, err := runCommandWithOutput(cmd)
+	if err != nil {
+		return 0, err
+	}
+
+	lines := strings.Split(out, "\n")
+	for _, line := range lines {
+		if strings.Contains(line, containers) {
+			output := strings.TrimSpace(line)
+			output = strings.TrimLeft(output, containers)
+			output = strings.Trim(output, " ")
+			containerCount, err := strconv.Atoi(output)
+			if err != nil {
+				return 0, err
+			}
+			return containerCount, nil
+		}
+	}
+	return 0, fmt.Errorf("couldn't find the Container count in the output")
+}
+
+// FakeContext creates directories that can be used as a build context
+type FakeContext struct {
+	Dir string
+}
+
+// Add a file at a path, creating directories where necessary
+func (f *FakeContext) Add(file, content string) error {
+	return f.addFile(file, []byte(content))
+}
+
+func (f *FakeContext) addFile(file string, content []byte) error {
+	filepath := path.Join(f.Dir, file)
+	dirpath := path.Dir(filepath)
+	if dirpath != "." {
+		if err := os.MkdirAll(dirpath, 0755); err != nil {
+			return err
+		}
+	}
+	return ioutil.WriteFile(filepath, content, 0644)
+
+}
+
+// Delete a file at a path
+func (f *FakeContext) Delete(file string) error {
+	filepath := path.Join(f.Dir, file)
+	return os.RemoveAll(filepath)
+}
+
+// Close deletes the context
+func (f *FakeContext) Close() error {
+	return os.RemoveAll(f.Dir)
+}
+
+func fakeContextFromNewTempDir() (*FakeContext, error) {
+	tmp, err := ioutil.TempDir("", "fake-context")
+	if err != nil {
+		return nil, err
+	}
+	if err := os.Chmod(tmp, 0755); err != nil {
+		return nil, err
+	}
+	return fakeContextFromDir(tmp), nil
+}
+
+func fakeContextFromDir(dir string) *FakeContext {
+	return &FakeContext{dir}
+}
+
+func fakeContextWithFiles(files map[string]string) (*FakeContext, error) {
+	ctx, err := fakeContextFromNewTempDir()
+	if err != nil {
+		return nil, err
+	}
+	for file, content := range files {
+		if err := ctx.Add(file, content); err != nil {
+			ctx.Close()
+			return nil, err
+		}
+	}
+	return ctx, nil
+}
+
+func fakeContextAddDockerfile(ctx *FakeContext, dockerfile string) error {
+	if err := ctx.Add("Dockerfile", dockerfile); err != nil {
+		ctx.Close()
+		return err
+	}
+	return nil
+}
+
+func fakeContext(dockerfile string, files map[string]string) (*FakeContext, error) {
+	ctx, err := fakeContextWithFiles(files)
+	if err != nil {
+		return nil, err
+	}
+	if err := fakeContextAddDockerfile(ctx, dockerfile); err != nil {
+		return nil, err
+	}
+	return ctx, nil
+}
+
+// FakeStorage is a static file server. It might be running locally or remotely
+// on test host.
+type FakeStorage interface {
+	Close() error
+	URL() string
+	CtxDir() string
+}
+
+func fakeBinaryStorage(archives map[string]*bytes.Buffer) (FakeStorage, error) {
+	ctx, err := fakeContextFromNewTempDir()
+	if err != nil {
+		return nil, err
+	}
+	for name, content := range archives {
+		if err := ctx.addFile(name, content.Bytes()); err != nil {
+			return nil, err
+		}
+	}
+	return fakeStorageWithContext(ctx)
+}
+
+// fakeStorage returns either a local or remote (at daemon machine) file server
+func fakeStorage(files map[string]string) (FakeStorage, error) {
+	ctx, err := fakeContextWithFiles(files)
+	if err != nil {
+		return nil, err
+	}
+	return fakeStorageWithContext(ctx)
+}
+
+// fakeStorageWithContext returns either a local or remote (at daemon machine) file server
+func fakeStorageWithContext(ctx *FakeContext) (FakeStorage, error) {
+	if isLocalDaemon {
+		return newLocalFakeStorage(ctx)
+	}
+	return newRemoteFileServer(ctx)
+}
+
+// localFileStorage is a file storage on the running machine
+type localFileStorage struct {
+	*FakeContext
+	*httptest.Server
+}
+
+func (s *localFileStorage) URL() string {
+	return s.Server.URL
+}
+
+func (s *localFileStorage) CtxDir() string {
+	return s.FakeContext.Dir
+}
+
+func (s *localFileStorage) Close() error {
+	defer s.Server.Close()
+	return s.FakeContext.Close()
+}
+
+func newLocalFakeStorage(ctx *FakeContext) (*localFileStorage, error) {
+	handler := http.FileServer(http.Dir(ctx.Dir))
+	server := httptest.NewServer(handler)
+	return &localFileStorage{
+		FakeContext: ctx,
+		Server:      server,
+	}, nil
+}
+
+// remoteFileServer is a containerized static file server started on the remote
+// testing machine to be used in URL-accepting docker build functionality.
+type remoteFileServer struct {
+	host      string // hostname/port web server is listening to on docker host e.g. 0.0.0.0:43712
+	container string
+	image     string
+	ctx       *FakeContext
+}
+
+func (f *remoteFileServer) URL() string {
+	u := url.URL{
+		Scheme: "http",
+		Host:   f.host}
+	return u.String()
+}
+
+func (f *remoteFileServer) CtxDir() string {
+	return f.ctx.Dir
+}
+
+func (f *remoteFileServer) Close() error {
+	defer func() {
+		if f.ctx != nil {
+			f.ctx.Close()
+		}
+		if f.image != "" {
+			deleteImages(f.image)
+		}
+	}()
+	if f.container == "" {
+		return nil
+	}
+	return deleteContainer(f.container)
+}
+
+func newRemoteFileServer(ctx *FakeContext) (*remoteFileServer, error) {
+	var (
+		image     = fmt.Sprintf("fileserver-img-%s", strings.ToLower(stringutils.GenerateRandomAlphaOnlyString(10)))
+		container = fmt.Sprintf("fileserver-cnt-%s", strings.ToLower(stringutils.GenerateRandomAlphaOnlyString(10)))
+	)
+
+	// Build the image
+	if err := fakeContextAddDockerfile(ctx, `FROM httpserver
+COPY . /static`); err != nil {
+		return nil, fmt.Errorf("Cannot add Dockerfile to context: %v", err)
+	}
+	if _, err := buildImageFromContext(image, ctx, false); err != nil {
+		return nil, fmt.Errorf("failed building file storage container image: %v", err)
+	}
+
+	// Start the container
+	runCmd := exec.Command(dockerBinary, "run", "-d", "-P", "--name", container, image)
+	if out, ec, err := runCommandWithOutput(runCmd); err != nil {
+		return nil, fmt.Errorf("failed to start file storage container. ec=%v\nout=%s\nerr=%v", ec, out, err)
+	}
+
+	// Find out the system assigned port
+	out, _, err := runCommandWithOutput(exec.Command(dockerBinary, "port", container, "80/tcp"))
+	if err != nil {
+		return nil, fmt.Errorf("failed to find container port: err=%v\nout=%s", err, out)
+	}
+
+	fileserverHostPort := strings.Trim(out, "\n")
+	_, port, err := net.SplitHostPort(fileserverHostPort)
+	if err != nil {
+		return nil, fmt.Errorf("unable to parse file server host:port: %v", err)
+	}
+
+	dockerHostURL, err := url.Parse(daemonHost())
+	if err != nil {
+		return nil, fmt.Errorf("unable to parse daemon host URL: %v", err)
+	}
+
+	host, _, err := net.SplitHostPort(dockerHostURL.Host)
+	if err != nil {
+		return nil, fmt.Errorf("unable to parse docker daemon host:port: %v", err)
+	}
+
+	return &remoteFileServer{
+		container: container,
+		image:     image,
+		host:      fmt.Sprintf("%s:%s", host, port),
+		ctx:       ctx}, nil
+}
+
+func inspectFieldAndMarshall(c *check.C, name, field string, output interface{}) {
+	str := inspectFieldJSON(c, name, field)
+	err := json.Unmarshal([]byte(str), output)
+	if c != nil {
+		c.Assert(err, check.IsNil, check.Commentf("failed to unmarshal: %v", err))
+	}
+}
+
+func inspectFilter(name, filter string) (string, error) {
+	format := fmt.Sprintf("{{%s}}", filter)
+	inspectCmd := exec.Command(dockerBinary, "inspect", "-f", format, name)
+	out, exitCode, err := runCommandWithOutput(inspectCmd)
+	if err != nil || exitCode != 0 {
+		return "", fmt.Errorf("failed to inspect %s: %s", name, out)
+	}
+	return strings.TrimSpace(out), nil
+}
+
+func inspectFieldWithError(name, field string) (string, error) {
+	return inspectFilter(name, fmt.Sprintf(".%s", field))
+}
+
+func inspectField(c *check.C, name, field string) string {
+	out, err := inspectFilter(name, fmt.Sprintf(".%s", field))
+	if c != nil {
+		c.Assert(err, check.IsNil)
+	}
+	return out
+}
+
+func inspectFieldJSON(c *check.C, name, field string) string {
+	out, err := inspectFilter(name, fmt.Sprintf("json .%s", field))
+	if c != nil {
+		c.Assert(err, check.IsNil)
+	}
+	return out
+}
+
+func inspectFieldMap(c *check.C, name, path, field string) string {
+	out, err := inspectFilter(name, fmt.Sprintf("index .%s %q", path, field))
+	if c != nil {
+		c.Assert(err, check.IsNil)
+	}
+	return out
+}
+
+func inspectMountSourceField(name, destination string) (string, error) {
+	m, err := inspectMountPoint(name, destination)
+	if err != nil {
+		return "", err
+	}
+	return m.Source, nil
+}
+
+func inspectMountPoint(name, destination string) (types.MountPoint, error) {
+	out, err := inspectFilter(name, "json .Mounts")
+	if err != nil {
+		return types.MountPoint{}, err
+	}
+
+	return inspectMountPointJSON(out, destination)
+}
+
+var errMountNotFound = errors.New("mount point not found")
+
+func inspectMountPointJSON(j, destination string) (types.MountPoint, error) {
+	var mp []types.MountPoint
+	if err := unmarshalJSON([]byte(j), &mp); err != nil {
+		return types.MountPoint{}, err
+	}
+
+	var m *types.MountPoint
+	for _, c := range mp {
+		if c.Destination == destination {
+			m = &c
+			break
+		}
+	}
+
+	if m == nil {
+		return types.MountPoint{}, errMountNotFound
+	}
+
+	return *m, nil
+}
+
+func inspectImage(name, filter string) (string, error) {
+	args := []string{"inspect", "--type", "image"}
+	if filter != "" {
+		format := fmt.Sprintf("{{%s}}", filter)
+		args = append(args, "-f", format)
+	}
+	args = append(args, name)
+	inspectCmd := exec.Command(dockerBinary, args...)
+	out, exitCode, err := runCommandWithOutput(inspectCmd)
+	if err != nil || exitCode != 0 {
+		return "", fmt.Errorf("failed to inspect %s: %s", name, out)
+	}
+	return strings.TrimSpace(out), nil
+}
+
+func getIDByName(name string) (string, error) {
+	return inspectFieldWithError(name, "Id")
+}
+
+// getContainerState returns the exit code of the container
+// and true if it's running
+// the exit code should be ignored if it's running
+func getContainerState(c *check.C, id string) (int, bool, error) {
+	var (
+		exitStatus int
+		running    bool
+	)
+	out, exitCode := dockerCmd(c, "inspect", "--format={{.State.Running}} {{.State.ExitCode}}", id)
+	if exitCode != 0 {
+		return 0, false, fmt.Errorf("%q doesn't exist: %s", id, out)
+	}
+
+	out = strings.Trim(out, "\n")
+	splitOutput := strings.Split(out, " ")
+	if len(splitOutput) != 2 {
+		return 0, false, fmt.Errorf("failed to get container state: output is broken")
+	}
+	if splitOutput[0] == "true" {
+		running = true
+	}
+	if n, err := strconv.Atoi(splitOutput[1]); err == nil {
+		exitStatus = n
+	} else {
+		return 0, false, fmt.Errorf("failed to get container state: couldn't parse integer")
+	}
+
+	return exitStatus, running, nil
+}
+
+func buildImageCmd(name, dockerfile string, useCache bool, buildFlags ...string) *exec.Cmd {
+	args := []string{"build", "-t", name}
+	if !useCache {
+		args = append(args, "--no-cache")
+	}
+	args = append(args, buildFlags...)
+	args = append(args, "-")
+	buildCmd := exec.Command(dockerBinary, args...)
+	buildCmd.Stdin = strings.NewReader(dockerfile)
+	return buildCmd
+}
+
+func buildImageWithOut(name, dockerfile string, useCache bool, buildFlags ...string) (string, string, error) {
+	buildCmd := buildImageCmd(name, dockerfile, useCache, buildFlags...)
+	out, exitCode, err := runCommandWithOutput(buildCmd)
+	if err != nil || exitCode != 0 {
+		return "", out, fmt.Errorf("failed to build the image: %s", out)
+	}
+	id, err := getIDByName(name)
+	if err != nil {
+		return "", out, err
+	}
+	return id, out, nil
+}
+
+func buildImageWithStdoutStderr(name, dockerfile string, useCache bool, buildFlags ...string) (string, string, string, error) {
+	buildCmd := buildImageCmd(name, dockerfile, useCache, buildFlags...)
+	stdout, stderr, exitCode, err := runCommandWithStdoutStderr(buildCmd)
+	if err != nil || exitCode != 0 {
+		return "", stdout, stderr, fmt.Errorf("failed to build the image: %s", stdout)
+	}
+	id, err := getIDByName(name)
+	if err != nil {
+		return "", stdout, stderr, err
+	}
+	return id, stdout, stderr, nil
+}
+
+func buildImage(name, dockerfile string, useCache bool, buildFlags ...string) (string, error) {
+	id, _, err := buildImageWithOut(name, dockerfile, useCache, buildFlags...)
+	return id, err
+}
+
+func buildImageFromContext(name string, ctx *FakeContext, useCache bool, buildFlags ...string) (string, error) {
+	id, _, err := buildImageFromContextWithOut(name, ctx, useCache, buildFlags...)
+	if err != nil {
+		return "", err
+	}
+	return id, nil
+}
+
+func buildImageFromContextWithOut(name string, ctx *FakeContext, useCache bool, buildFlags ...string) (string, string, error) {
+	args := []string{"build", "-t", name}
+	if !useCache {
+		args = append(args, "--no-cache")
+	}
+	args = append(args, buildFlags...)
+	args = append(args, ".")
+	buildCmd := exec.Command(dockerBinary, args...)
+	buildCmd.Dir = ctx.Dir
+	out, exitCode, err := runCommandWithOutput(buildCmd)
+	if err != nil || exitCode != 0 {
+		return "", "", fmt.Errorf("failed to build the image: %s", out)
+	}
+	id, err := getIDByName(name)
+	if err != nil {
+		return "", "", err
+	}
+	return id, out, nil
+}
+
+func buildImageFromContextWithStdoutStderr(name string, ctx *FakeContext, useCache bool, buildFlags ...string) (string, string, string, error) {
+	args := []string{"build", "-t", name}
+	if !useCache {
+		args = append(args, "--no-cache")
+	}
+	args = append(args, buildFlags...)
+	args = append(args, ".")
+	buildCmd := exec.Command(dockerBinary, args...)
+	buildCmd.Dir = ctx.Dir
+
+	stdout, stderr, exitCode, err := runCommandWithStdoutStderr(buildCmd)
+	if err != nil || exitCode != 0 {
+		return "", stdout, stderr, fmt.Errorf("failed to build the image: %s", stdout)
+	}
+	id, err := getIDByName(name)
+	if err != nil {
+		return "", stdout, stderr, err
+	}
+	return id, stdout, stderr, nil
+}
+
+func buildImageFromGitWithStdoutStderr(name string, ctx *fakeGit, useCache bool, buildFlags ...string) (string, string, string, error) {
+	args := []string{"build", "-t", name}
+	if !useCache {
+		args = append(args, "--no-cache")
+	}
+	args = append(args, buildFlags...)
+	args = append(args, ctx.RepoURL)
+	buildCmd := exec.Command(dockerBinary, args...)
+
+	stdout, stderr, exitCode, err := runCommandWithStdoutStderr(buildCmd)
+	if err != nil || exitCode != 0 {
+		return "", stdout, stderr, fmt.Errorf("failed to build the image: %s", stdout)
+	}
+	id, err := getIDByName(name)
+	if err != nil {
+		return "", stdout, stderr, err
+	}
+	return id, stdout, stderr, nil
+}
+
+func buildImageFromPath(name, path string, useCache bool, buildFlags ...string) (string, error) {
+	args := []string{"build", "-t", name}
+	if !useCache {
+		args = append(args, "--no-cache")
+	}
+	args = append(args, buildFlags...)
+	args = append(args, path)
+	buildCmd := exec.Command(dockerBinary, args...)
+	out, exitCode, err := runCommandWithOutput(buildCmd)
+	if err != nil || exitCode != 0 {
+		return "", fmt.Errorf("failed to build the image: %s", out)
+	}
+	return getIDByName(name)
+}
+
+type gitServer interface {
+	URL() string
+	Close() error
+}
+
+type localGitServer struct {
+	*httptest.Server
+}
+
+func (r *localGitServer) Close() error {
+	r.Server.Close()
+	return nil
+}
+
+func (r *localGitServer) URL() string {
+	return r.Server.URL
+}
+
+type fakeGit struct {
+	root    string
+	server  gitServer
+	RepoURL string
+}
+
+func (g *fakeGit) Close() {
+	g.server.Close()
+	os.RemoveAll(g.root)
+}
+
+func newFakeGit(name string, files map[string]string, enforceLocalServer bool) (*fakeGit, error) {
+	ctx, err := fakeContextWithFiles(files)
+	if err != nil {
+		return nil, err
+	}
+	defer ctx.Close()
+	curdir, err := os.Getwd()
+	if err != nil {
+		return nil, err
+	}
+	defer os.Chdir(curdir)
+
+	if output, err := exec.Command("git", "init", ctx.Dir).CombinedOutput(); err != nil {
+		return nil, fmt.Errorf("error trying to init repo: %s (%s)", err, output)
+	}
+	err = os.Chdir(ctx.Dir)
+	if err != nil {
+		return nil, err
+	}
+	if output, err := exec.Command("git", "config", "user.name", "Fake User").CombinedOutput(); err != nil {
+		return nil, fmt.Errorf("error trying to set 'user.name': %s (%s)", err, output)
+	}
+	if output, err := exec.Command("git", "config", "user.email", "fake.user@example.com").CombinedOutput(); err != nil {
+		return nil, fmt.Errorf("error trying to set 'user.email': %s (%s)", err, output)
+	}
+	if output, err := exec.Command("git", "add", "*").CombinedOutput(); err != nil {
+		return nil, fmt.Errorf("error trying to add files to repo: %s (%s)", err, output)
+	}
+	if output, err := exec.Command("git", "commit", "-a", "-m", "Initial commit").CombinedOutput(); err != nil {
+		return nil, fmt.Errorf("error trying to commit to repo: %s (%s)", err, output)
+	}
+
+	root, err := ioutil.TempDir("", "docker-test-git-repo")
+	if err != nil {
+		return nil, err
+	}
+	repoPath := filepath.Join(root, name+".git")
+	if output, err := exec.Command("git", "clone", "--bare", ctx.Dir, repoPath).CombinedOutput(); err != nil {
+		os.RemoveAll(root)
+		return nil, fmt.Errorf("error trying to clone --bare: %s (%s)", err, output)
+	}
+	err = os.Chdir(repoPath)
+	if err != nil {
+		os.RemoveAll(root)
+		return nil, err
+	}
+	if output, err := exec.Command("git", "update-server-info").CombinedOutput(); err != nil {
+		os.RemoveAll(root)
+		return nil, fmt.Errorf("error trying to git update-server-info: %s (%s)", err, output)
+	}
+	err = os.Chdir(curdir)
+	if err != nil {
+		os.RemoveAll(root)
+		return nil, err
+	}
+
+	var server gitServer
+	if !enforceLocalServer {
+		// use fakeStorage server, which might be local or remote (at test daemon)
+		server, err = fakeStorageWithContext(fakeContextFromDir(root))
+		if err != nil {
+			return nil, fmt.Errorf("cannot start fake storage: %v", err)
+		}
+	} else {
+		// always start a local http server on CLI test machine
+		httpServer := httptest.NewServer(http.FileServer(http.Dir(root)))
+		server = &localGitServer{httpServer}
+	}
+	return &fakeGit{
+		root:    root,
+		server:  server,
+		RepoURL: fmt.Sprintf("%s/%s.git", server.URL(), name),
+	}, nil
+}
+
+// Write `content` to the file at path `dst`, creating it if necessary,
+// as well as any missing directories.
+// The file is truncated if it already exists.
+// Fail the test when error occurs.
+func writeFile(dst, content string, c *check.C) {
+	// Create subdirectories if necessary
+	c.Assert(os.MkdirAll(path.Dir(dst), 0700), check.IsNil)
+	f, err := os.OpenFile(dst, os.O_CREATE|os.O_RDWR|os.O_TRUNC, 0700)
+	c.Assert(err, check.IsNil)
+	defer f.Close()
+	// Write content (truncate if it exists)
+	_, err = io.Copy(f, strings.NewReader(content))
+	c.Assert(err, check.IsNil)
+}
+
+// Return the contents of file at path `src`.
+// Fail the test when error occurs.
+func readFile(src string, c *check.C) (content string) {
+	data, err := ioutil.ReadFile(src)
+	c.Assert(err, check.IsNil)
+
+	return string(data)
+}
+
+func containerStorageFile(containerID, basename string) string {
+	return filepath.Join(containerStoragePath, containerID, basename)
+}
+
+// docker commands that use this function must be run with the '-d' switch.
+func runCommandAndReadContainerFile(filename string, cmd *exec.Cmd) ([]byte, error) {
+	out, _, err := runCommandWithOutput(cmd)
+	if err != nil {
+		return nil, fmt.Errorf("%v: %q", err, out)
+	}
+
+	contID := strings.TrimSpace(out)
+
+	if err := waitRun(contID); err != nil {
+		return nil, fmt.Errorf("%v: %q", contID, err)
+	}
+
+	return readContainerFile(contID, filename)
+}
+
+func readContainerFile(containerID, filename string) ([]byte, error) {
+	f, err := os.Open(containerStorageFile(containerID, filename))
+	if err != nil {
+		return nil, err
+	}
+	defer f.Close()
+
+	content, err := ioutil.ReadAll(f)
+	if err != nil {
+		return nil, err
+	}
+
+	return content, nil
+}
+
+func readContainerFileWithExec(containerID, filename string) ([]byte, error) {
+	out, _, err := runCommandWithOutput(exec.Command(dockerBinary, "exec", containerID, "cat", filename))
+	return []byte(out), err
+}
+
+// daemonTime provides the current time on the daemon host
+func daemonTime(c *check.C) time.Time {
+	if isLocalDaemon {
+		return time.Now()
+	}
+
+	status, body, err := sockRequest("GET", "/info", nil)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusOK)
+
+	type infoJSON struct {
+		SystemTime string
+	}
+	var info infoJSON
+	err = json.Unmarshal(body, &info)
+	c.Assert(err, check.IsNil, check.Commentf("unable to unmarshal GET /info response"))
+
+	dt, err := time.Parse(time.RFC3339Nano, info.SystemTime)
+	c.Assert(err, check.IsNil, check.Commentf("invalid time format in GET /info response"))
+	return dt
+}
+
+func setupRegistry(c *check.C, schema1 bool, auth, tokenURL string) *testRegistryV2 {
+	reg, err := newTestRegistryV2(c, schema1, auth, tokenURL)
+	c.Assert(err, check.IsNil)
+
+	// Wait for registry to be ready to serve requests.
+	for i := 0; i != 50; i++ {
+		if err = reg.Ping(); err == nil {
+			break
+		}
+		time.Sleep(100 * time.Millisecond)
+	}
+
+	c.Assert(err, check.IsNil, check.Commentf("Timeout waiting for test registry to become available: %v", err))
+	return reg
+}
+
+func setupNotary(c *check.C) *testNotary {
+	ts, err := newTestNotary(c)
+	c.Assert(err, check.IsNil)
+
+	return ts
+}
+
+// appendBaseEnv appends the minimum set of environment variables to exec the
+// docker cli binary for testing with correct configuration to the given env
+// list.
+func appendBaseEnv(isTLS bool, env ...string) []string {
+	preserveList := []string{
+		// preserve remote test host
+		"DOCKER_HOST",
+
+		// windows: requires preserving SystemRoot, otherwise dial tcp fails
+		// with "GetAddrInfoW: A non-recoverable error occurred during a database lookup."
+		"SystemRoot",
+	}
+	if isTLS {
+		preserveList = append(preserveList, "DOCKER_TLS_VERIFY", "DOCKER_CERT_PATH")
+	}
+
+	for _, key := range preserveList {
+		if val := os.Getenv(key); val != "" {
+			env = append(env, fmt.Sprintf("%s=%s", key, val))
+		}
+	}
+	return env
+}
+
+func createTmpFile(c *check.C, content string) string {
+	f, err := ioutil.TempFile("", "testfile")
+	c.Assert(err, check.IsNil)
+
+	filename := f.Name()
+
+	err = ioutil.WriteFile(filename, []byte(content), 0644)
+	c.Assert(err, check.IsNil)
+
+	return filename
+}
+
+func buildImageWithOutInDamon(socket string, name, dockerfile string, useCache bool) (string, error) {
+	args := []string{"--host", socket}
+	buildCmd := buildImageCmdArgs(args, name, dockerfile, useCache)
+	out, exitCode, err := runCommandWithOutput(buildCmd)
+	if err != nil || exitCode != 0 {
+		return out, fmt.Errorf("failed to build the image: %s, error: %v", out, err)
+	}
+	return out, nil
+}
+
+func buildImageCmdArgs(args []string, name, dockerfile string, useCache bool) *exec.Cmd {
+	args = append(args, []string{"-D", "build", "-t", name}...)
+	if !useCache {
+		args = append(args, "--no-cache")
+	}
+	args = append(args, "-")
+	buildCmd := exec.Command(dockerBinary, args...)
+	buildCmd.Stdin = strings.NewReader(dockerfile)
+	return buildCmd
+
+}
+
+func waitForContainer(contID string, args ...string) error {
+	args = append([]string{"run", "--name", contID}, args...)
+	cmd := exec.Command(dockerBinary, args...)
+	if _, err := runCommand(cmd); err != nil {
+		return err
+	}
+
+	if err := waitRun(contID); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// waitRun will wait for the specified container to be running, maximum 5 seconds.
+func waitRun(contID string) error {
+	return waitInspect(contID, "{{.State.Running}}", "true", 5*time.Second)
+}
+
+// waitExited will wait for the specified container to state exit, subject
+// to a maximum time limit in seconds supplied by the caller
+func waitExited(contID string, duration time.Duration) error {
+	return waitInspect(contID, "{{.State.Status}}", "exited", duration)
+}
+
+// waitInspect will wait for the specified container to have the specified string
+// in the inspect output. It will wait until the specified timeout (in seconds)
+// is reached.
+func waitInspect(name, expr, expected string, timeout time.Duration) error {
+	return waitInspectWithArgs(name, expr, expected, timeout)
+}
+
+func waitInspectWithArgs(name, expr, expected string, timeout time.Duration, arg ...string) error {
+	after := time.After(timeout)
+
+	args := append(arg, "inspect", "-f", expr, name)
+	for {
+		cmd := exec.Command(dockerBinary, args...)
+		out, _, err := runCommandWithOutput(cmd)
+		if err != nil {
+			if !strings.Contains(out, "No such") {
+				return fmt.Errorf("error executing docker inspect: %v\n%s", err, out)
+			}
+			select {
+			case <-after:
+				return err
+			default:
+				time.Sleep(10 * time.Millisecond)
+				continue
+			}
+		}
+
+		out = strings.TrimSpace(out)
+		if out == expected {
+			break
+		}
+
+		select {
+		case <-after:
+			return fmt.Errorf("condition \"%q == %q\" not true in time", out, expected)
+		default:
+		}
+
+		time.Sleep(100 * time.Millisecond)
+	}
+	return nil
+}
+
+func getInspectBody(c *check.C, version, id string) []byte {
+	endpoint := fmt.Sprintf("/%s/containers/%s/json", version, id)
+	status, body, err := sockRequest("GET", endpoint, nil)
+	c.Assert(err, check.IsNil)
+	c.Assert(status, check.Equals, http.StatusOK)
+	return body
+}
+
+// Run a long running idle task in a background container using the
+// system-specific default image and command.
+func runSleepingContainer(c *check.C, extraArgs ...string) (string, int) {
+	return runSleepingContainerInImage(c, defaultSleepImage, extraArgs...)
+}
+
+// Run a long running idle task in a background container using the specified
+// image and the system-specific command.
+func runSleepingContainerInImage(c *check.C, image string, extraArgs ...string) (string, int) {
+	args := []string{"run", "-d"}
+	args = append(args, extraArgs...)
+	args = append(args, image)
+	args = append(args, defaultSleepCommand...)
+	return dockerCmd(c, args...)
+}
+
+func getRootUIDGID() (int, int, error) {
+	uidgid := strings.Split(filepath.Base(dockerBasePath), ".")
+	if len(uidgid) == 1 {
+		//user namespace remapping is not turned on; return 0
+		return 0, 0, nil
+	}
+	uid, err := strconv.Atoi(uidgid[0])
+	if err != nil {
+		return 0, 0, err
+	}
+	gid, err := strconv.Atoi(uidgid[1])
+	if err != nil {
+		return 0, 0, err
+	}
+	return uid, gid, nil
+}
+
+// minimalBaseImage returns the name of the minimal base image for the current
+// daemon platform.
+func minimalBaseImage() string {
+	if daemonPlatform == "windows" {
+		return WindowsBaseImage
+	}
+	return "scratch"
+}
+
+func getGoroutineNumber() (int, error) {
+	i := struct {
+		NGoroutines int
+	}{}
+	status, b, err := sockRequest("GET", "/info", nil)
+	if err != nil {
+		return 0, err
+	}
+	if status != http.StatusOK {
+		return 0, fmt.Errorf("http status code: %d", status)
+	}
+	if err := json.Unmarshal(b, &i); err != nil {
+		return 0, err
+	}
+	return i.NGoroutines, nil
+}
+
+func waitForGoroutines(expected int) error {
+	t := time.After(30 * time.Second)
+	for {
+		select {
+		case <-t:
+			n, err := getGoroutineNumber()
+			if err != nil {
+				return err
+			}
+			if n > expected {
+				return fmt.Errorf("leaked goroutines: expected less than or equal to %d, got: %d", expected, n)
+			}
+		default:
+			n, err := getGoroutineNumber()
+			if err != nil {
+				return err
+			}
+			if n <= expected {
+				return nil
+			}
+			time.Sleep(200 * time.Millisecond)
+		}
+	}
+}
diff --git a/integration-cli/events_utils.go b/integration-cli/events_utils.go
new file mode 100644
index 00000000..cdd3106b
--- /dev/null
+++ b/integration-cli/events_utils.go
@@ -0,0 +1,206 @@
+package main
+
+import (
+	"bufio"
+	"bytes"
+	"io"
+	"os/exec"
+	"regexp"
+	"strconv"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/daemon/events/testutils"
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/go-check/check"
+)
+
+// eventMatcher is a function that tries to match an event input.
+// It returns true if the event matches and a map with
+// a set of key/value to identify the match.
+type eventMatcher func(text string) (map[string]string, bool)
+
+// eventMatchProcessor is a function to handle an event match.
+// It receives a map of key/value with the information extracted in a match.
+type eventMatchProcessor func(matches map[string]string)
+
+// eventObserver runs an events commands and observes its output.
+type eventObserver struct {
+	buffer             *bytes.Buffer
+	command            *exec.Cmd
+	scanner            *bufio.Scanner
+	startTime          string
+	disconnectionError error
+}
+
+// newEventObserver creates the observer and initializes the command
+// without running it. Users must call `eventObserver.Start` to start the command.
+func newEventObserver(c *check.C, args ...string) (*eventObserver, error) {
+	since := daemonTime(c).Unix()
+	return newEventObserverWithBacklog(c, since, args...)
+}
+
+// newEventObserverWithBacklog creates a new observer changing the start time of the backlog to return.
+func newEventObserverWithBacklog(c *check.C, since int64, args ...string) (*eventObserver, error) {
+	startTime := strconv.FormatInt(since, 10)
+	cmdArgs := []string{"events", "--since", startTime}
+	if len(args) > 0 {
+		cmdArgs = append(cmdArgs, args...)
+	}
+	eventsCmd := exec.Command(dockerBinary, cmdArgs...)
+	stdout, err := eventsCmd.StdoutPipe()
+	if err != nil {
+		return nil, err
+	}
+
+	return &eventObserver{
+		buffer:    new(bytes.Buffer),
+		command:   eventsCmd,
+		scanner:   bufio.NewScanner(stdout),
+		startTime: startTime,
+	}, nil
+}
+
+// Start starts the events command.
+func (e *eventObserver) Start() error {
+	return e.command.Start()
+}
+
+// Stop stops the events command.
+func (e *eventObserver) Stop() {
+	e.command.Process.Kill()
+	e.command.Process.Release()
+}
+
+// Match tries to match the events output with a given matcher.
+func (e *eventObserver) Match(match eventMatcher, process eventMatchProcessor) {
+	for e.scanner.Scan() {
+		text := e.scanner.Text()
+		e.buffer.WriteString(text)
+		e.buffer.WriteString("\n")
+
+		if matches, ok := match(text); ok {
+			process(matches)
+		}
+	}
+
+	err := e.scanner.Err()
+	if err == nil {
+		err = io.EOF
+	}
+
+	logrus.Debug("EventObserver scanner loop finished: %v", err)
+	e.disconnectionError = err
+}
+
+func (e *eventObserver) CheckEventError(c *check.C, id, event string, match eventMatcher) {
+	var foundEvent bool
+	scannerOut := e.buffer.String()
+
+	if e.disconnectionError != nil {
+		until := strconv.FormatInt(daemonTime(c).Unix(), 10)
+		out, _ := dockerCmd(c, "events", "--since", e.startTime, "--until", until)
+		events := strings.Split(strings.TrimSpace(out), "\n")
+		for _, e := range events {
+			if _, ok := match(e); ok {
+				foundEvent = true
+				break
+			}
+		}
+		scannerOut = out
+	}
+	if !foundEvent {
+		c.Fatalf("failed to observe event `%s` for %s. Disconnection error: %v\nout:\n%v", event, id, e.disconnectionError, scannerOut)
+	}
+}
+
+// matchEventLine matches a text with the event regular expression.
+// It returns the matches and true if the regular expression matches with the given id and event type.
+// It returns an empty map and false if there is no match.
+func matchEventLine(id, eventType string, actions map[string]chan bool) eventMatcher {
+	return func(text string) (map[string]string, bool) {
+		matches := eventstestutils.ScanMap(text)
+		if len(matches) == 0 {
+			return matches, false
+		}
+
+		if matchIDAndEventType(matches, id, eventType) {
+			if _, ok := actions[matches["action"]]; ok {
+				return matches, true
+			}
+		}
+		return matches, false
+	}
+}
+
+// processEventMatch closes an action channel when an event line matches the expected action.
+func processEventMatch(actions map[string]chan bool) eventMatchProcessor {
+	return func(matches map[string]string) {
+		if ch, ok := actions[matches["action"]]; ok {
+			ch <- true
+		}
+	}
+}
+
+// parseEventAction parses an event text and returns the action.
+// It fails if the text is not in the event format.
+func parseEventAction(c *check.C, text string) string {
+	matches := eventstestutils.ScanMap(text)
+	return matches["action"]
+}
+
+// eventActionsByIDAndType returns the actions for a given id and type.
+// It fails if the text is not in the event format.
+func eventActionsByIDAndType(c *check.C, events []string, id, eventType string) []string {
+	var filtered []string
+	for _, event := range events {
+		matches := eventstestutils.ScanMap(event)
+		c.Assert(matches, checker.Not(checker.IsNil))
+		if matchIDAndEventType(matches, id, eventType) {
+			filtered = append(filtered, matches["action"])
+		}
+	}
+	return filtered
+}
+
+// matchIDAndEventType returns true if an event matches a given id and type.
+// It also resolves names in the event attributes if the id doesn't match.
+func matchIDAndEventType(matches map[string]string, id, eventType string) bool {
+	return matchEventID(matches, id) && matches["eventType"] == eventType
+}
+
+func matchEventID(matches map[string]string, id string) bool {
+	matchID := matches["id"] == id || strings.HasPrefix(matches["id"], id)
+	if !matchID && matches["attributes"] != "" {
+		// try matching a name in the attributes
+		attributes := map[string]string{}
+		for _, a := range strings.Split(matches["attributes"], ", ") {
+			kv := strings.Split(a, "=")
+			attributes[kv[0]] = kv[1]
+		}
+		matchID = attributes["name"] == id
+	}
+	return matchID
+}
+
+func parseEvents(c *check.C, out, match string) {
+	events := strings.Split(strings.TrimSpace(out), "\n")
+	for _, event := range events {
+		matches := eventstestutils.ScanMap(event)
+		matched, err := regexp.MatchString(match, matches["action"])
+		c.Assert(err, checker.IsNil)
+		c.Assert(matched, checker.True, check.Commentf("Matcher: %s did not match %s", match, matches["action"]))
+	}
+}
+
+func parseEventsWithID(c *check.C, out, match, id string) {
+	events := strings.Split(strings.TrimSpace(out), "\n")
+	for _, event := range events {
+		matches := eventstestutils.ScanMap(event)
+		c.Assert(matchEventID(matches, id), checker.True)
+
+		matched, err := regexp.MatchString(match, matches["action"])
+		c.Assert(err, checker.IsNil)
+		c.Assert(matched, checker.True, check.Commentf("Matcher: %s did not match %s", match, matches["action"]))
+	}
+}
diff --git a/integration-cli/fixtures/auth/docker-credential-shell-test b/integration-cli/fixtures/auth/docker-credential-shell-test
new file mode 100755
index 00000000..1980bb18
--- /dev/null
+++ b/integration-cli/fixtures/auth/docker-credential-shell-test
@@ -0,0 +1,33 @@
+#!/bin/bash
+
+set -e
+
+case $1 in
+	"store")
+		in=$(</dev/stdin)
+		server=$(echo "$in" | jq --raw-output ".ServerURL" | sha1sum - | awk '{print $1}')
+
+		username=$(echo "$in" | jq --raw-output ".Username")
+		password=$(echo "$in" | jq --raw-output ".Secret")
+		echo "{ \"Username\": \"${username}\", \"Secret\": \"${password}\" }" > $TEMP/$server
+		;;
+	"get")
+		in=$(</dev/stdin)
+		server=$(echo "$in" | sha1sum - | awk '{print $1}')
+		if [[ ! -f $TEMP/$server ]]; then
+			echo "credentials not found in native keychain"
+			exit 1
+		fi
+		payload=$(<$TEMP/$server)
+		echo "$payload"
+		;;
+	"erase")
+		in=$(</dev/stdin)
+		server=$(echo "$in" | sha1sum - | awk '{print $1}')
+		rm -f $TEMP/$server
+		;;
+	*)
+		echo "unknown credential option"
+		exit 1
+		;;
+esac
diff --git a/integration-cli/fixtures/https/ca.pem b/integration-cli/fixtures/https/ca.pem
new file mode 100644
index 00000000..6825d6d1
--- /dev/null
+++ b/integration-cli/fixtures/https/ca.pem
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID0TCCAzqgAwIBAgIJAP2r7GqEJwSnMA0GCSqGSIb3DQEBBQUAMIGiMQswCQYD
+VQQGEwJVUzELMAkGA1UECBMCQ0ExFTATBgNVBAcTDFNhbkZyYW5jaXNjbzEVMBMG
+A1UEChMMRm9ydC1GdW5zdG9uMREwDwYDVQQLEwhjaGFuZ2VtZTERMA8GA1UEAxMI
+Y2hhbmdlbWUxETAPBgNVBCkTCGNoYW5nZW1lMR8wHQYJKoZIhvcNAQkBFhBtYWls
+QGhvc3QuZG9tYWluMB4XDTEzMTIwMzE2NTYzMFoXDTIzMTIwMTE2NTYzMFowgaIx
+CzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEVMBMGA1UEBxMMU2FuRnJhbmNpc2Nv
+MRUwEwYDVQQKEwxGb3J0LUZ1bnN0b24xETAPBgNVBAsTCGNoYW5nZW1lMREwDwYD
+VQQDEwhjaGFuZ2VtZTERMA8GA1UEKRMIY2hhbmdlbWUxHzAdBgkqhkiG9w0BCQEW
+EG1haWxAaG9zdC5kb21haW4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALAn
+0xDw+5y7ZptQacq66pUhRu82JP2WU6IDgo5QUtNU6/CX5PwQATe/OnYTZQFbksxp
+AU9boG0FCkgxfsgPYXEuZxVEGKI2fxfKHOZZI8mrkWmj6eWU/0cvCjGVc9rTITP5
+sNQvg+hORyVDdNp2IdsbMJayiB3AQYMFx3vSDOMTAgMBAAGjggELMIIBBzAdBgNV
+HQ4EFgQUZu7DFz09q0QBa2+ymRm9qgK1NPswgdcGA1UdIwSBzzCBzIAUZu7DFz09
+q0QBa2+ymRm9qgK1NPuhgaikgaUwgaIxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJD
+QTEVMBMGA1UEBxMMU2FuRnJhbmNpc2NvMRUwEwYDVQQKEwxGb3J0LUZ1bnN0b24x
+ETAPBgNVBAsTCGNoYW5nZW1lMREwDwYDVQQDEwhjaGFuZ2VtZTERMA8GA1UEKRMI
+Y2hhbmdlbWUxHzAdBgkqhkiG9w0BCQEWEG1haWxAaG9zdC5kb21haW6CCQD9q+xq
+hCcEpzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAF8fJKKM+/oOdnNi
+zEd0M1+PmZOyqvjYQn/2ZR8UHH6Imgc/OPQKZXf0bVE1Txc/DaUNn9Isd1SuCuaE
+ic3vAIYYU7PmgeNN6vwec48V96T7jr+GAi6AVMhQEc2hHCfVtx11Xx+x6aHDZzJt
+Zxtf5lL6KSO9Y+EFwM+rju6hm5hW
+-----END CERTIFICATE-----
diff --git a/integration-cli/fixtures/https/client-cert.pem b/integration-cli/fixtures/https/client-cert.pem
new file mode 100644
index 00000000..c05ed47c
--- /dev/null
+++ b/integration-cli/fixtures/https/client-cert.pem
@@ -0,0 +1,73 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 3 (0x3)
+    Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=changeme, CN=changeme/name=changeme/emailAddress=mail@host.domain
+        Validity
+            Not Before: Dec  4 14:17:54 2013 GMT
+            Not After : Dec  2 14:17:54 2023 GMT
+        Subject: C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=changeme, CN=client/name=changeme/emailAddress=mail@host.domain
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (1024 bit)
+                Modulus:
+                    00:ca:c9:05:d0:09:4e:3e:a4:fc:d5:14:f4:a5:e8:
+                    34:d3:6b:51:e3:f3:62:ea:a1:f0:e8:ed:c4:2a:bc:
+                    f0:4f:ca:07:df:e3:88:fa:f4:21:99:35:0e:3d:ea:
+                    b0:86:e7:c4:d2:8a:83:2b:42:b8:ec:a3:99:62:70:
+                    81:46:cc:fc:a5:1d:d2:63:e8:eb:07:25:9a:e2:25:
+                    6d:11:56:f2:1a:51:a1:b6:3e:1c:57:32:e9:7b:2c:
+                    aa:1b:cc:97:2d:89:2d:b1:c9:5e:35:28:4d:7c:fa:
+                    65:31:3e:f7:70:dd:6e:0b:3c:58:af:a8:2e:24:c0:
+                    7e:4e:78:7d:0a:9e:8f:42:43
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            Netscape Comment: 
+                Easy-RSA Generated Certificate
+            X509v3 Subject Key Identifier: 
+                DE:42:EF:2D:98:A3:6C:A8:AA:E0:8C:71:2C:9D:64:23:A9:E2:7E:81
+            X509v3 Authority Key Identifier: 
+                keyid:66:EE:C3:17:3D:3D:AB:44:01:6B:6F:B2:99:19:BD:AA:02:B5:34:FB
+                DirName:/C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/OU=changeme/CN=changeme/name=changeme/emailAddress=mail@host.domain
+                serial:FD:AB:EC:6A:84:27:04:A7
+
+            X509v3 Extended Key Usage: 
+                TLS Web Client Authentication
+            X509v3 Key Usage: 
+                Digital Signature
+    Signature Algorithm: sha1WithRSAEncryption
+         1c:44:26:ea:e1:66:25:cb:e4:8e:57:1c:f6:b9:17:22:62:40:
+         12:90:8f:3b:b2:61:7a:54:94:8f:b1:20:0b:bf:a3:51:e3:fa:
+         1c:a1:be:92:3a:d0:76:44:c0:57:83:ab:6a:e4:1a:45:49:a4:
+         af:39:0d:60:32:fc:3a:be:d7:fb:5d:99:7a:1f:87:e7:d5:ab:
+         84:a2:5e:90:d8:bf:fa:89:6d:32:26:02:5e:31:35:68:7f:31:
+         f5:6b:51:46:bc:af:70:ed:5a:09:7d:ec:b2:48:4f:fe:c5:2f:
+         56:04:ad:f6:c1:d2:2a:e4:6a:c4:87:fe:08:35:c5:38:cb:5e:
+         4a:c4
+-----BEGIN CERTIFICATE-----
+MIIEFTCCA36gAwIBAgIBAzANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAkNBMRUwEwYDVQQHEwxTYW5GcmFuY2lzY28xFTATBgNVBAoTDEZv
+cnQtRnVuc3RvbjERMA8GA1UECxMIY2hhbmdlbWUxETAPBgNVBAMTCGNoYW5nZW1l
+MREwDwYDVQQpEwhjaGFuZ2VtZTEfMB0GCSqGSIb3DQEJARYQbWFpbEBob3N0LmRv
+bWFpbjAeFw0xMzEyMDQxNDE3NTRaFw0yMzEyMDIxNDE3NTRaMIGgMQswCQYDVQQG
+EwJVUzELMAkGA1UECBMCQ0ExFTATBgNVBAcTDFNhbkZyYW5jaXNjbzEVMBMGA1UE
+ChMMRm9ydC1GdW5zdG9uMREwDwYDVQQLEwhjaGFuZ2VtZTEPMA0GA1UEAxMGY2xp
+ZW50MREwDwYDVQQpEwhjaGFuZ2VtZTEfMB0GCSqGSIb3DQEJARYQbWFpbEBob3N0
+LmRvbWFpbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyskF0AlOPqT81RT0
+peg002tR4/Ni6qHw6O3EKrzwT8oH3+OI+vQhmTUOPeqwhufE0oqDK0K47KOZYnCB
+Rsz8pR3SY+jrByWa4iVtEVbyGlGhtj4cVzLpeyyqG8yXLYktscleNShNfPplMT73
+cN1uCzxYr6guJMB+Tnh9Cp6PQkMCAwEAAaOCAVkwggFVMAkGA1UdEwQCMAAwLQYJ
+YIZIAYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNV
+HQ4EFgQU3kLvLZijbKiq4IxxLJ1kI6nifoEwgdcGA1UdIwSBzzCBzIAUZu7DFz09
+q0QBa2+ymRm9qgK1NPuhgaikgaUwgaIxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJD
+QTEVMBMGA1UEBxMMU2FuRnJhbmNpc2NvMRUwEwYDVQQKEwxGb3J0LUZ1bnN0b24x
+ETAPBgNVBAsTCGNoYW5nZW1lMREwDwYDVQQDEwhjaGFuZ2VtZTERMA8GA1UEKRMI
+Y2hhbmdlbWUxHzAdBgkqhkiG9w0BCQEWEG1haWxAaG9zdC5kb21haW6CCQD9q+xq
+hCcEpzATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwDQYJKoZIhvcN
+AQEFBQADgYEAHEQm6uFmJcvkjlcc9rkXImJAEpCPO7JhelSUj7EgC7+jUeP6HKG+
+kjrQdkTAV4OrauQaRUmkrzkNYDL8Or7X+12Zeh+H59WrhKJekNi/+oltMiYCXjE1
+aH8x9WtRRryvcO1aCX3sskhP/sUvVgSt9sHSKuRqxIf+CDXFOMteSsQ=
+-----END CERTIFICATE-----
diff --git a/integration-cli/fixtures/https/client-key.pem b/integration-cli/fixtures/https/client-key.pem
new file mode 100644
index 00000000..b5c15f8d
--- /dev/null
+++ b/integration-cli/fixtures/https/client-key.pem
@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAMrJBdAJTj6k/NUU
+9KXoNNNrUePzYuqh8OjtxCq88E/KB9/jiPr0IZk1Dj3qsIbnxNKKgytCuOyjmWJw
+gUbM/KUd0mPo6wclmuIlbRFW8hpRobY+HFcy6XssqhvMly2JLbHJXjUoTXz6ZTE+
+93Ddbgs8WK+oLiTAfk54fQqej0JDAgMBAAECgYBOFEzKp2qbMEexe9ofL2N3rDDh
+xkrl8OijpzkLA6i78BxMFn4dsnZlWUpciMrjhsYAExkiRRSS+QMMJimAq1jzQqc3
+FAQV2XGYwkd0cUn7iZGvfNnEPysjsfyYQM+m+sT0ATj4BZjVShC6kkSjTdm1leLN
+OSvcHdcu3Xxg9ufF0QJBAPYdnNt5sIndt2WECePuRVi+uF4mlxTobFY0fjn26yhC
+4RsnhhD3Vldygo9gvnkwrAZYaALGSPBewes2InxvjA8CQQDS7erKiNXpwoqz5XiU
+SVEsIIVTdWzBjGbIqMOu/hUwM5FK4j6JTBks0aTGMyh0YV9L1EzM0X79J29JahCe
+iQKNAkBKNMOGqTpBV0hko1sYDk96YobUXG5RL4L6uvkUIQ7mJMQam+AgXXL7Ctuy
+v0iu4a38e8tgisiTMP7nHHtpaXihAkAOiN54/lzfMsykANgCP9scE1GcoqbP34Dl
+qttxH4kOPT9xzY1JoLjLYdbc4YGUI3GRpBt2sajygNkmUey7P+2xAkBBsVCZFvTw
+qHvOpPS2kX5ml5xoc/QAHK9N7kR+X7XFYx82RTVSqJEK4lPb+aEWn+CjiIewO4Q5
+ksDFuNxAzbhl
+-----END PRIVATE KEY-----
diff --git a/integration-cli/fixtures/https/client-rogue-cert.pem b/integration-cli/fixtures/https/client-rogue-cert.pem
new file mode 100644
index 00000000..21ae4bd5
--- /dev/null
+++ b/integration-cli/fixtures/https/client-rogue-cert.pem
@@ -0,0 +1,73 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 2 (0x2)
+    Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, ST=CA, L=SanFrancisco, O=Evil Inc, OU=changeme, CN=changeme/name=changeme/emailAddress=mail@host.domain
+        Validity
+            Not Before: Feb 24 17:54:59 2014 GMT
+            Not After : Feb 22 17:54:59 2024 GMT
+        Subject: C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=changeme, CN=client/name=changeme/emailAddress=mail@host.domain
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (1024 bit)
+                Modulus:
+                    00:e8:e2:2c:b8:d4:db:89:50:4f:47:1e:68:db:f7:
+                    e4:cc:47:41:63:75:03:37:50:7a:a8:4d:27:36:d5:
+                    15:01:08:b6:cf:56:f7:56:6d:3d:f9:e2:8d:1a:5d:
+                    bf:a0:24:5e:07:55:8e:d0:dc:f1:fa:19:87:1d:d6:
+                    b6:58:82:2e:ba:69:6d:e9:d9:c8:16:0d:1d:59:7f:
+                    f4:8e:58:10:01:3d:21:14:16:3c:ec:cd:8c:b7:0e:
+                    e6:7b:77:b4:f9:90:a5:17:01:bb:84:c6:b2:12:87:
+                    70:eb:9f:6d:4f:d0:68:8b:96:c0:e7:0b:51:b4:9d:
+                    1d:7b:6c:7b:be:89:6b:88:8b
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            Netscape Comment: 
+                Easy-RSA Generated Certificate
+            X509v3 Subject Key Identifier: 
+                9E:F8:49:D0:A2:76:30:5C:AB:2B:8A:B5:8D:C6:45:1F:A7:F8:CF:85
+            X509v3 Authority Key Identifier: 
+                keyid:DC:A5:F1:76:DB:4E:CD:8E:EF:B1:23:56:1D:92:80:99:74:3B:EA:6F
+                DirName:/C=US/ST=CA/L=SanFrancisco/O=Evil Inc/OU=changeme/CN=changeme/name=changeme/emailAddress=mail@host.domain
+                serial:E7:21:1E:18:41:1B:96:83
+
+            X509v3 Extended Key Usage: 
+                TLS Web Client Authentication
+            X509v3 Key Usage: 
+                Digital Signature
+    Signature Algorithm: sha1WithRSAEncryption
+         48:76:c0:18:fa:0a:ee:4e:1a:ec:02:9d:d4:83:ca:94:54:a1:
+         3f:51:2f:3e:4b:95:c3:42:9b:71:a0:4b:d9:af:47:23:b9:1c:
+         fb:85:ba:76:e2:09:cb:65:bb:d2:7d:44:3d:4b:67:ba:80:83:
+         be:a8:ed:c4:b9:ea:1a:1b:c7:59:3b:d9:5c:0d:46:d8:c9:92:
+         cb:10:c5:f2:1a:38:a4:aa:07:2c:e3:84:16:79:c7:95:09:e3:
+         01:d2:15:a2:77:0b:8b:bf:94:04:e9:7f:c0:cd:e6:2e:64:cd:
+         1e:a3:32:ec:11:cc:62:ce:c7:4e:cd:ad:48:5c:b1:b8:e9:76:
+         b3:f9
+-----BEGIN CERTIFICATE-----
+MIIEDTCCA3agAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAkNBMRUwEwYDVQQHEwxTYW5GcmFuY2lzY28xETAPBgNVBAoTCEV2
+aWwgSW5jMREwDwYDVQQLEwhjaGFuZ2VtZTERMA8GA1UEAxMIY2hhbmdlbWUxETAP
+BgNVBCkTCGNoYW5nZW1lMR8wHQYJKoZIhvcNAQkBFhBtYWlsQGhvc3QuZG9tYWlu
+MB4XDTE0MDIyNDE3NTQ1OVoXDTI0MDIyMjE3NTQ1OVowgaAxCzAJBgNVBAYTAlVT
+MQswCQYDVQQIEwJDQTEVMBMGA1UEBxMMU2FuRnJhbmNpc2NvMRUwEwYDVQQKEwxG
+b3J0LUZ1bnN0b24xETAPBgNVBAsTCGNoYW5nZW1lMQ8wDQYDVQQDEwZjbGllbnQx
+ETAPBgNVBCkTCGNoYW5nZW1lMR8wHQYJKoZIhvcNAQkBFhBtYWlsQGhvc3QuZG9t
+YWluMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDo4iy41NuJUE9HHmjb9+TM
+R0FjdQM3UHqoTSc21RUBCLbPVvdWbT354o0aXb+gJF4HVY7Q3PH6GYcd1rZYgi66
+aW3p2cgWDR1Zf/SOWBABPSEUFjzszYy3DuZ7d7T5kKUXAbuExrISh3Drn21P0GiL
+lsDnC1G0nR17bHu+iWuIiwIDAQABo4IBVTCCAVEwCQYDVR0TBAIwADAtBglghkgB
+hvhCAQ0EIBYeRWFzeS1SU0EgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW
+BBSe+EnQonYwXKsrirWNxkUfp/jPhTCB0wYDVR0jBIHLMIHIgBTcpfF2207Nju+x
+I1YdkoCZdDvqb6GBpKSBoTCBnjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRUw
+EwYDVQQHEwxTYW5GcmFuY2lzY28xETAPBgNVBAoTCEV2aWwgSW5jMREwDwYDVQQL
+EwhjaGFuZ2VtZTERMA8GA1UEAxMIY2hhbmdlbWUxETAPBgNVBCkTCGNoYW5nZW1l
+MR8wHQYJKoZIhvcNAQkBFhBtYWlsQGhvc3QuZG9tYWluggkA5yEeGEEbloMwEwYD
+VR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMA0GCSqGSIb3DQEBBQUAA4GB
+AEh2wBj6Cu5OGuwCndSDypRUoT9RLz5LlcNCm3GgS9mvRyO5HPuFunbiCctlu9J9
+RD1LZ7qAg76o7cS56hobx1k72VwNRtjJkssQxfIaOKSqByzjhBZ5x5UJ4wHSFaJ3
+C4u/lATpf8DN5i5kzR6jMuwRzGLOx07NrUhcsbjpdrP5
+-----END CERTIFICATE-----
diff --git a/integration-cli/fixtures/https/client-rogue-key.pem b/integration-cli/fixtures/https/client-rogue-key.pem
new file mode 100644
index 00000000..53c122ab
--- /dev/null
+++ b/integration-cli/fixtures/https/client-rogue-key.pem
@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAOjiLLjU24lQT0ce
+aNv35MxHQWN1AzdQeqhNJzbVFQEIts9W91ZtPfnijRpdv6AkXgdVjtDc8foZhx3W
+tliCLrppbenZyBYNHVl/9I5YEAE9IRQWPOzNjLcO5nt3tPmQpRcBu4TGshKHcOuf
+bU/QaIuWwOcLUbSdHXtse76Ja4iLAgMBAAECgYADs+TmI2xCKKa6CL++D5jxrohZ
+nnionnz0xBVFh+nHlG3jqgxQsXf0yydXLfpn/2wHTdLxezHVuiYt0UYg7iD0CglW
++IjcgMebzyjLeYqYOE5llPlMvhp2HoEMYJNb+7bRrZ1WCITbu+Su0w1cgA7Cs+Ej
+VlfvGzN+qqnDThRUYQJBAPY0sMWZJKly8QhUmUvmcXdPczzSOf6Mm7gc5LR6wzxd
+vW7syuqk50qjqVqFpN81vCV7GoDxRUWbTM9ftf7JGFkCQQDyJc/1RMygE2o+enU1
+6UBxJyclXITEYtDn8aoEpLNc7RakP1WoPUKjZOnjkcoKcIkFNkSPeCfQujrb5f3F
+MkuDAkByAI/hzzmkpK5rFxEsjfX4Mve/L/DepyjrpaVY1IdWimlO1aJX6CeY7hNa
+8QsYt/74s/nfvtg+lNyKIV1aLq9xAkB+WSSNgfyTeg3x08vc+Xxajmdqoz/TiQwg
+OoTQL3A3iK5LvZBgXLasszcnOycFE3srcQmNItEDpGiZ3QPxJTEpAkEA45EE9NMJ
+SA7EGWSFlbz4f4u4oBeiDiJRJbGGfAyVxZlpCWUjPpg9+swsWoFEOjnGYaChAMk5
+nrOdMf15T6QF7Q==
+-----END PRIVATE KEY-----
diff --git a/integration-cli/fixtures/https/server-cert.pem b/integration-cli/fixtures/https/server-cert.pem
new file mode 100644
index 00000000..08abfd1a
--- /dev/null
+++ b/integration-cli/fixtures/https/server-cert.pem
@@ -0,0 +1,76 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 4 (0x4)
+    Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=changeme, CN=changeme/name=changeme/emailAddress=mail@host.domain
+        Validity
+            Not Before: Dec  4 15:01:20 2013 GMT
+            Not After : Dec  2 15:01:20 2023 GMT
+        Subject: C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=changeme, CN=*/name=changeme/emailAddress=mail@host.domain
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (1024 bit)
+                Modulus:
+                    00:c1:ff:7d:30:6f:64:4a:b1:92:b1:71:d1:c1:74:
+                    e2:1d:db:2d:11:24:e1:00:d4:00:ae:6f:c8:9e:ae:
+                    67:b3:4a:bd:f7:e6:9e:57:6d:19:4c:3c:23:94:2d:
+                    3d:d6:63:84:d8:fa:76:2b:38:12:c1:ed:20:9d:32:
+                    e0:e8:c2:bf:9a:77:70:04:3f:7f:ca:8c:2c:82:d6:
+                    3d:25:5c:02:1a:4f:64:93:03:dd:9c:42:97:5e:09:
+                    49:af:f0:c2:e1:30:08:0e:21:46:95:d1:13:59:c0:
+                    c8:76:be:94:0d:8b:43:67:21:33:b2:08:60:9d:76:
+                    a8:05:32:1e:f9:95:09:14:75
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            Netscape Cert Type: 
+                SSL Server
+            Netscape Comment: 
+                Easy-RSA Generated Server Certificate
+            X509v3 Subject Key Identifier: 
+                14:02:FD:FD:DD:13:38:E0:71:EA:D1:BE:C0:0E:89:1A:2D:B6:19:06
+            X509v3 Authority Key Identifier: 
+                keyid:66:EE:C3:17:3D:3D:AB:44:01:6B:6F:B2:99:19:BD:AA:02:B5:34:FB
+                DirName:/C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/OU=changeme/CN=changeme/name=changeme/emailAddress=mail@host.domain
+                serial:FD:AB:EC:6A:84:27:04:A7
+
+            X509v3 Extended Key Usage: 
+                TLS Web Server Authentication
+            X509v3 Key Usage: 
+                Digital Signature, Key Encipherment
+    Signature Algorithm: sha1WithRSAEncryption
+         40:0f:10:39:c4:b7:0f:0d:2f:bf:d2:16:cc:8e:d3:9a:fb:8b:
+         ce:4b:7b:0d:48:77:ce:f1:fe:d5:8f:ea:b1:71:ed:49:1d:9f:
+         23:3a:16:d4:70:7c:c5:29:bf:e4:90:34:d0:f0:00:24:f4:e4:
+         df:2c:c3:83:01:66:61:c9:a8:ab:29:e7:98:6d:27:89:4a:76:
+         c9:2e:19:8e:fe:6e:d5:f8:99:11:0e:97:67:4b:34:e3:1e:e3:
+         9f:35:00:a5:32:f9:b5:2c:f2:e0:c5:2e:cc:81:bd:18:dd:5c:
+         12:c8:6b:fa:0c:17:74:30:55:f6:6e:20:9a:6c:1e:09:b4:0c:
+         15:42
+-----BEGIN CERTIFICATE-----
+MIIEKjCCA5OgAwIBAgIBBDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAkNBMRUwEwYDVQQHEwxTYW5GcmFuY2lzY28xFTATBgNVBAoTDEZv
+cnQtRnVuc3RvbjERMA8GA1UECxMIY2hhbmdlbWUxETAPBgNVBAMTCGNoYW5nZW1l
+MREwDwYDVQQpEwhjaGFuZ2VtZTEfMB0GCSqGSIb3DQEJARYQbWFpbEBob3N0LmRv
+bWFpbjAeFw0xMzEyMDQxNTAxMjBaFw0yMzEyMDIxNTAxMjBaMIGbMQswCQYDVQQG
+EwJVUzELMAkGA1UECBMCQ0ExFTATBgNVBAcTDFNhbkZyYW5jaXNjbzEVMBMGA1UE
+ChMMRm9ydC1GdW5zdG9uMREwDwYDVQQLEwhjaGFuZ2VtZTEKMAgGA1UEAxQBKjER
+MA8GA1UEKRMIY2hhbmdlbWUxHzAdBgkqhkiG9w0BCQEWEG1haWxAaG9zdC5kb21h
+aW4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMH/fTBvZEqxkrFx0cF04h3b
+LREk4QDUAK5vyJ6uZ7NKvffmnldtGUw8I5QtPdZjhNj6dis4EsHtIJ0y4OjCv5p3
+cAQ/f8qMLILWPSVcAhpPZJMD3ZxCl14JSa/wwuEwCA4hRpXRE1nAyHa+lA2LQ2ch
+M7IIYJ12qAUyHvmVCRR1AgMBAAGjggFzMIIBbzAJBgNVHRMEAjAAMBEGCWCGSAGG
++EIBAQQEAwIGQDA0BglghkgBhvhCAQ0EJxYlRWFzeS1SU0EgR2VuZXJhdGVkIFNl
+cnZlciBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUFAL9/d0TOOBx6tG+wA6JGi22GQYw
+gdcGA1UdIwSBzzCBzIAUZu7DFz09q0QBa2+ymRm9qgK1NPuhgaikgaUwgaIxCzAJ
+BgNVBAYTAlVTMQswCQYDVQQIEwJDQTEVMBMGA1UEBxMMU2FuRnJhbmNpc2NvMRUw
+EwYDVQQKEwxGb3J0LUZ1bnN0b24xETAPBgNVBAsTCGNoYW5nZW1lMREwDwYDVQQD
+EwhjaGFuZ2VtZTERMA8GA1UEKRMIY2hhbmdlbWUxHzAdBgkqhkiG9w0BCQEWEG1h
+aWxAaG9zdC5kb21haW6CCQD9q+xqhCcEpzATBgNVHSUEDDAKBggrBgEFBQcDATAL
+BgNVHQ8EBAMCBaAwDQYJKoZIhvcNAQEFBQADgYEAQA8QOcS3Dw0vv9IWzI7TmvuL
+zkt7DUh3zvH+1Y/qsXHtSR2fIzoW1HB8xSm/5JA00PAAJPTk3yzDgwFmYcmoqynn
+mG0niUp2yS4Zjv5u1fiZEQ6XZ0s04x7jnzUApTL5tSzy4MUuzIG9GN1cEshr+gwX
+dDBV9m4gmmweCbQMFUI=
+-----END CERTIFICATE-----
diff --git a/integration-cli/fixtures/https/server-key.pem b/integration-cli/fixtures/https/server-key.pem
new file mode 100644
index 00000000..c269320e
--- /dev/null
+++ b/integration-cli/fixtures/https/server-key.pem
@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAMH/fTBvZEqxkrFx
+0cF04h3bLREk4QDUAK5vyJ6uZ7NKvffmnldtGUw8I5QtPdZjhNj6dis4EsHtIJ0y
+4OjCv5p3cAQ/f8qMLILWPSVcAhpPZJMD3ZxCl14JSa/wwuEwCA4hRpXRE1nAyHa+
+lA2LQ2chM7IIYJ12qAUyHvmVCRR1AgMBAAECgYAmwckb9RUfSwyYgLm8IYLPHiuJ
+wkllZfVg5Bo7gXJcQnFjZmJ56uTj8xvUjZlODIHM63TSO5ibv6kFXtXKCqZGd2M+
+wGbhZ0f+2GvKcwMmJERnIQjuoNaYSQLT0tM0VB9Iz0rJlZC+tzPZ+5pPqEumRdsS
+IzWNXfF42AhcbwAQYQJBAPVXtMYIJc9EZsz86ZcQiMPWUpCX5vnRmtwL8kKyR8D5
+4KfYeiowyFffSRMMcclwNHq7TgSXN+nIXM9WyzyzwikCQQDKbNA28AgZp9aT54HP
+WnbeE2pmt+uk/zl/BtxJSoK6H+69Jec+lf7EgL7HgOWYRSNot4uQWu8IhsHLTiUq
++0FtAkEAqwlRxRy4/x24bP+D+QRV0/D97j93joFJbE4Hved7jlSlAV4xDGilwlyv
+HNB4Iu5OJ6Gcaibhm+FKkmD3noHSwQJBAIpu3fokLzX0bS+bDFBU6qO3HXX/47xj
++tsfQvkwZrSI8AkU6c8IX0HdVhsz0FBRQAT2ORDQz1XCarfxykNZrwUCQQCGCBIc
+BBCWzhHlswlGidWJg3HqqO6hPPClEr3B5G87oCsdeYwiO23XT6rUnoJXfJHp6oCW
+5nCwDu5ZTP+khltg
+-----END PRIVATE KEY-----
diff --git a/integration-cli/fixtures/https/server-rogue-cert.pem b/integration-cli/fixtures/https/server-rogue-cert.pem
new file mode 100644
index 00000000..28feba66
--- /dev/null
+++ b/integration-cli/fixtures/https/server-rogue-cert.pem
@@ -0,0 +1,76 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 3 (0x3)
+    Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, ST=CA, L=SanFrancisco, O=Evil Inc, OU=changeme, CN=changeme/name=changeme/emailAddress=mail@host.domain
+        Validity
+            Not Before: Feb 28 18:49:31 2014 GMT
+            Not After : Feb 26 18:49:31 2024 GMT
+        Subject: C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=changeme, CN=localhost/name=changeme/emailAddress=mail@host.domain
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (1024 bit)
+                Modulus:
+                    00:d1:08:58:24:60:a1:69:65:4b:76:46:8f:88:75:
+                    7c:49:3a:d8:03:cc:5b:58:c5:d1:bb:e5:f9:54:b9:
+                    75:65:df:7e:bb:fb:54:d4:b2:e9:6f:58:a2:a4:84:
+                    43:94:77:24:81:38:36:36:f0:66:65:26:e5:5b:2a:
+                    14:1c:a9:ae:57:7f:75:00:23:14:4b:61:58:e4:82:
+                    aa:15:97:94:bd:50:35:0d:5d:18:18:ed:10:6a:bb:
+                    d3:64:5a:eb:36:98:5b:58:a7:fe:67:48:c1:6c:3f:
+                    51:2f:02:65:96:54:77:9b:34:f9:a7:d2:63:54:6a:
+                    9e:02:5c:be:65:98:a4:b4:b5
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            Netscape Cert Type: 
+                SSL Server
+            Netscape Comment: 
+                Easy-RSA Generated Server Certificate
+            X509v3 Subject Key Identifier: 
+                1F:E0:57:CA:CB:76:C9:C4:86:B9:EA:69:17:C0:F3:51:CE:95:40:EC
+            X509v3 Authority Key Identifier: 
+                keyid:DC:A5:F1:76:DB:4E:CD:8E:EF:B1:23:56:1D:92:80:99:74:3B:EA:6F
+                DirName:/C=US/ST=CA/L=SanFrancisco/O=Evil Inc/OU=changeme/CN=changeme/name=changeme/emailAddress=mail@host.domain
+                serial:E7:21:1E:18:41:1B:96:83
+
+            X509v3 Extended Key Usage: 
+                TLS Web Server Authentication
+            X509v3 Key Usage: 
+                Digital Signature, Key Encipherment
+    Signature Algorithm: sha1WithRSAEncryption
+         04:93:0e:28:01:94:18:f0:8c:7c:d3:0c:ad:e9:b7:46:b1:30:
+         65:ed:68:7c:8c:91:cd:1a:86:66:87:4a:4f:c0:97:bc:f7:85:
+         4b:38:79:31:b2:65:88:b1:76:16:9e:80:93:38:f4:b9:eb:65:
+         00:6d:bb:89:e0:a1:bf:95:5e:80:13:8e:01:73:d3:f1:08:73:
+         85:a5:33:75:0b:42:8a:a3:07:09:35:ef:d7:c6:58:eb:60:a3:
+         06:89:a0:53:99:e2:aa:41:90:e0:1a:d2:12:4b:48:7d:c3:9c:
+         ad:bd:0e:5e:5f:f7:09:0c:5d:7c:86:24:dd:92:d5:b3:14:06:
+         c7:9f
+-----BEGIN CERTIFICATE-----
+MIIEKjCCA5OgAwIBAgIBAzANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAkNBMRUwEwYDVQQHEwxTYW5GcmFuY2lzY28xETAPBgNVBAoTCEV2
+aWwgSW5jMREwDwYDVQQLEwhjaGFuZ2VtZTERMA8GA1UEAxMIY2hhbmdlbWUxETAP
+BgNVBCkTCGNoYW5nZW1lMR8wHQYJKoZIhvcNAQkBFhBtYWlsQGhvc3QuZG9tYWlu
+MB4XDTE0MDIyODE4NDkzMVoXDTI0MDIyNjE4NDkzMVowgaMxCzAJBgNVBAYTAlVT
+MQswCQYDVQQIEwJDQTEVMBMGA1UEBxMMU2FuRnJhbmNpc2NvMRUwEwYDVQQKEwxG
+b3J0LUZ1bnN0b24xETAPBgNVBAsTCGNoYW5nZW1lMRIwEAYDVQQDEwlsb2NhbGhv
+c3QxETAPBgNVBCkTCGNoYW5nZW1lMR8wHQYJKoZIhvcNAQkBFhBtYWlsQGhvc3Qu
+ZG9tYWluMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRCFgkYKFpZUt2Ro+I
+dXxJOtgDzFtYxdG75flUuXVl3367+1TUsulvWKKkhEOUdySBODY28GZlJuVbKhQc
+qa5Xf3UAIxRLYVjkgqoVl5S9UDUNXRgY7RBqu9NkWus2mFtYp/5nSMFsP1EvAmWW
+VHebNPmn0mNUap4CXL5lmKS0tQIDAQABo4IBbzCCAWswCQYDVR0TBAIwADARBglg
+hkgBhvhCAQEEBAMCBkAwNAYJYIZIAYb4QgENBCcWJUVhc3ktUlNBIEdlbmVyYXRl
+ZCBTZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFB/gV8rLdsnEhrnqaRfA81HO
+lUDsMIHTBgNVHSMEgcswgciAFNyl8XbbTs2O77EjVh2SgJl0O+pvoYGkpIGhMIGe
+MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFTATBgNVBAcTDFNhbkZyYW5jaXNj
+bzERMA8GA1UEChMIRXZpbCBJbmMxETAPBgNVBAsTCGNoYW5nZW1lMREwDwYDVQQD
+EwhjaGFuZ2VtZTERMA8GA1UEKRMIY2hhbmdlbWUxHzAdBgkqhkiG9w0BCQEWEG1h
+aWxAaG9zdC5kb21haW6CCQDnIR4YQRuWgzATBgNVHSUEDDAKBggrBgEFBQcDATAL
+BgNVHQ8EBAMCBaAwDQYJKoZIhvcNAQEFBQADgYEABJMOKAGUGPCMfNMMrem3RrEw
+Ze1ofIyRzRqGZodKT8CXvPeFSzh5MbJliLF2Fp6Akzj0uetlAG27ieChv5VegBOO
+AXPT8QhzhaUzdQtCiqMHCTXv18ZY62CjBomgU5niqkGQ4BrSEktIfcOcrb0OXl/3
+CQxdfIYk3ZLVsxQGx58=
+-----END CERTIFICATE-----
diff --git a/integration-cli/fixtures/https/server-rogue-key.pem b/integration-cli/fixtures/https/server-rogue-key.pem
new file mode 100644
index 00000000..10f7c650
--- /dev/null
+++ b/integration-cli/fixtures/https/server-rogue-key.pem
@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANEIWCRgoWllS3ZG
+j4h1fEk62APMW1jF0bvl+VS5dWXffrv7VNSy6W9YoqSEQ5R3JIE4NjbwZmUm5Vsq
+FByprld/dQAjFEthWOSCqhWXlL1QNQ1dGBjtEGq702Ra6zaYW1in/mdIwWw/US8C
+ZZZUd5s0+afSY1RqngJcvmWYpLS1AgMBAAECgYAJXh9dGfuB1qlIFqduDR3RxlJR
+8UGSu+LHUeoXkuwg8aAjWoMVuSLe+5DmYIsKx0AajmNXmPRtyg1zRXJ7SltmubJ8
+6qQVDsRk6biMdkpkl6a9Gk2av40psD9/VPGxagEoop7IKYhf3AeKPvPiwVB2qFrl
+1aYMZm0aMR55pgRajQJBAOk8IsJDf0beooDZXVdv/oe4hcbM9fxO8Cn3qzoGImqD
+37LL+PCzDP7AEV3fk43SsZDeSk+LDX+h0o9nPyhzHasCQQDlb3aDgcQY9NaGLUWO
+moOCB3148eBVcAwCocu+OSkf7sbQdvXxgThBOrZl11wwRIMQqh99c2yeUwj+tELl
+3VcfAkBZTiNpCvtDIaBLge9RuZpWUXs3wec2cutWxnSTxSGMc25GQf/R+l0xdk2w
+ChmvpktDUzpU9sN2aXn8WuY+EMX9AkEApbLpUbKPUELLB958RLA819TW/lkZXjrs
+wZ3eSoR3ufM1rOqtVvyvBxUDE+wETWu9iHSFB5Ir2PA5J9JCGkbPmwJAFI1ndfBj
+iuyU93nFX0p+JE2wVHKx4dMzKCearNKiJh/lGDtUq3REGgamTNUnG8RAITUbxFs+
+Z1hrIq8xYl2LOQ==
+-----END PRIVATE KEY-----
diff --git a/integration-cli/fixtures/load/emptyLayer.tar b/integration-cli/fixtures/load/emptyLayer.tar
new file mode 100644
index 0000000000000000000000000000000000000000..beabb569ac1e7fea69848f79ffd77fb17b2487b0
GIT binary patch
literal 30720
zcmeI4ZExeo5y$<ypF&{Yw7^N;*=GtU&};619MHx=&P{<{i^D$JOeE5vs36zFefJLa
z6wA3-%2759cnH`McbB{5Z+6L@5&sJ&f)qMsQ)-ua4x9rEL6{)5;Ym3MUi09YbwT=4
z#Ry6mE;s;FPV4it!yCiRD0S9<;&%6Ql?EJ?mIAcaXN)th<k?6au6lTh<)U-#Xmr*#
zO?O{yhw|?`_6g^~Q2T%X`n$JpF21?%5_<z{Deu~SyN|izY~TJMK%I@)eU+Xn@44H5
z@+g!~Wi6`b!~_P9{~s1jec+r9jDKL7-yQ!T4UPW;SWlAuv8ZA(Erxc3;zbdf`8?Gf
zR`zCo)3jZRque(0(YViRlfwke;|#=@=`n~)kW(h6icKsBqsuWfQ^r;m)t#&A)V>c*
zovW*2`my-BS#-6VC#(TWylUoH;FtY>E>gSBdD(R?T)*vNRTtCjW{dQq*rhc~JiEJz
zsl`J#iI?4n-S>-|RPWcb+PkO&p2Vj7>-wi+S}$j_7sXd|yt?(*H*<HjInnQ%*>av1
z+nj$j?T=M`^{U#O?d!U0Kio7`Pi=kdMg6yBHQQD7cjwb=bNHthMQp;4h~=l$E~*AE
zuwWB8>5;iMTvuHR-Lmal{@LpHT4MUleZcZ73oou6S9)q>^d-k>oX_}Qcxyo^p;T#I
z4yBjEs}MP78A@rGh|&6(B$v4q&IKEaPbcYiRLK(|Fm&Lbue#U-=g_}>K?m>u=o9SE
z|2Wfh|Nm{EC(M}~<G>AUk1=_?|0jAs(MS-F>HlGq1Fv!G%<Mjg*7r!qqoXaAV>u}F
zxq~RdI2NK#f|*#Nn~(V{vFLOO8UqEuV@wWH0lWbP;+XE!kN?B|zvfDCV+{KLI33XJ
zG420+{r|!CKbik8jnddl(C`@lF&t?A{}{IbApid{FhAKg29N*Y{y*OI0q1{v<6mif
z{ttd8A4C0_$Nx6||IluLzUGZ<*Y1BAOz<VJXr++aiR`lof&0Xy&Qki!Ts9dXc^f@X
z8M0KV6ag^opV7(0y7uA)YRoWXATK#gg`Fxr!C(Q$pDVcdcVD#GL<`XGMb9;0RorvO
zQf3yiaUmz1Ot|D+_IO664N`KOBcuR=#gwg1CX`OvtZ!HM`QXFt7O?b_3PijszI}Q5
z^<U1Hi}rlh1UEZh_^O`X+TZQ|lCer!@8Z|uzne(LyW$*o&llHtk>lPXfBaM3-28d;
z^3|(Ru4ZY9j6K(!m62PF7=SBvvY>6u9_MkwI>$<kEJWr?r&CnYl@fb^k7Wr`Y8X}Z
z=)7-k8!b^DurHutlwn$NVVt%?Fj2Y?STb4LBs6vs6|M6aq`>54a7OCT$T3-m=lJE(
zmUnm}hhi;&u@=Bq+_JlF`T)-5bsBwzUH;<j=-amW0i!RY|19yhj1XqcGLD;@#a{zv
zH;YNrUafM{XgqTB>iw#FV;!sB`|AkTbLnLJ;j*XJ0q(@q+&r#AY7K_tidj`Je@64Y
zt^SAcHvH+*phv{y_9nO&aXZ27@H1gNA7uuCn|I7u4AJ4h5%>!(#?o<k<!p`c+$L)^
zx^aqS1vV?0O%ft<p?6`tp*Q~F@gFYHJ;dk##{a{>4@01sM9=?Y<}U-wbn}~IT=+q)
zpnU-y`(0?Hj|bqk-Cup*+8<p&^#3tnME?IE=Eok~+dntWvBkfrTyNm}fB%=e@xQh|
zFhleIFJk?B4?^4j;rAXx<%s|hAOb{y2oM1xKm>>Y5g-CYfCvx)B0vO)01+SpM1Tko
z0U|&IhyW2F0z`la5CI}U1c(3;cp3zTzMXo^%Y*&<Ux)R7DEY*<#88FUzyApw^}n?K
z&%^hT!S+9${_mFkaX|=r|M%gIk1de??@=&6*+vGB|5NDyr0Vs5x5qyd^#1Ro^qGzR
zZ)i6_EzC~;H*`snUKVwGy&yRTHfC_i*;MK&hzUw<N?cO{?#lmi>eXctdy*>?6A8Sq
zp|r}Cz7&k%LWj}|qk_p<LR6?ql%?k;qVj|#&~dHDx^L~F+bv+}XD9#r$ICb0T;kvB
z??%JbZ@0yN0Dy~7IuUS9NtwBp-dL}s5V+`sO9AD;z=W3(*CgT@HBTnW$aQHG=O_uZ
zXp4sy|MB%gOAjvodoEq<j`;71b%0~Uf9o6Gp4RUKx4vI%{ZKola&SUrubqqnf|6h)
z4wvLm5vzh1fiZ4bz#)UhAj(uq8Delo+A{96exG}w488FW*Z=k2VXyz&d;a4BK&1cs
zoV`w+)~1_gQFTpQrNyc1-qzO}_&)s?;QEh!nazg!KaT4Fll`~+9`f^JF?U^ey}Y_k
zi}P9KTi1RVuVw4~x{G>@3pT0=6BEu*_dHZBTzvXOYO{wlC)G^^hyW2F0z`la5CI}U
k1c(3;AOb{y2oM1xKm>>Y5g-CYfCvx)B0vO)z%wTBe{YUtx&QzG

literal 0
HcmV?d00001

diff --git a/integration-cli/fixtures/notary/delgkey1.crt b/integration-cli/fixtures/notary/delgkey1.crt
new file mode 100644
index 00000000..306eeec9
--- /dev/null
+++ b/integration-cli/fixtures/notary/delgkey1.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIID8jCCAtqgAwIBAgIJAJkxr+7rAgXbMA0GCSqGSIb3DQEBBQUAMFgxCzAJBgNV
+BAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEPMA0G
+A1UEChMGRG9ja2VyMRMwEQYDVQQDEwpkZWxlZ2F0aW9uMCAXDTE2MDMwODAyNDEy
+MFoYDzIxMTYwMjEzMDI0MTIwWjBYMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0Ex
+FjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xDzANBgNVBAoTBkRvY2tlcjETMBEGA1UE
+AxMKZGVsZWdhdGlvbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJuz
+To1qoL/RY5pNxdPkP/jiO3f/RTvz20C90EweaKgRdIV/vTUUE+mMRQulpf1vpCP9
+uidGfEoJcq4jM1H59XTYUoUvGbAMP3Iu7Uz0rF5v+Glm82Z0WGI+PkOnwRN2bJi4
+LhAch6QlA/48IOFH/O9jnHYMb45lQFpm+gOvatRyGkPZCftD3ntkhVMk1OJ7EZC4
+LYiwzmuPEYusO/qVgcHkGtIxLWAjGmDzrV3Q5orPVwwUOxNQdRRU1L2bhfUsodcb
+Fgi/LCz4xnGx4YpF0O24Y7/0SPotSyaT0RYyj/j/bIKvYB20g4P7469klde1Ariz
+UEIf12PlaJ/H/PaIlEcCAwEAAaOBvDCBuTAdBgNVHQ4EFgQUXZK4ZGswIq54W4VZ
+OJY7zXvvndwwgYkGA1UdIwSBgTB/gBRdkrhkazAirnhbhVk4ljvNe++d3KFcpFow
+WDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1TYW4gRnJhbmNp
+c2NvMQ8wDQYDVQQKEwZEb2NrZXIxEzARBgNVBAMTCmRlbGVnYXRpb26CCQCZMa/u
+6wIF2zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQA2ktnjxB2lXF+g
+lTc2qp9LhjofgCWKwLgWEeCwXI2nUBNE4n00hA9or2wer2viWC4IJnG0kTyMzzYT
+m1lBpZ8BP6S3sSkvhohaqS+gBIUVB7U65tAof/SY2UHpeVJ1YpTE4F1GAUfqSY7V
+6IGHZAGiLeUS5kC6pzZA4siBhyCoYKRKEb9R82jSCHeFYS3ntwY1/gqcO/uIidVE
+2hLHlx6vBx9BEfXv31AGLoB3YocSTZLATwlrDHUQG1+oNh5ejQU1x/z+Y62EG5Jb
+u0yLDdJeSgup/DzPEoNpSihtdQZytKMK+KBmh22gDA5h+a6620zTZwCvJYxH9kkM
+IClUWwuD
+-----END CERTIFICATE-----
diff --git a/integration-cli/fixtures/notary/delgkey1.key b/integration-cli/fixtures/notary/delgkey1.key
new file mode 100644
index 00000000..a0d0a30e
--- /dev/null
+++ b/integration-cli/fixtures/notary/delgkey1.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAm7NOjWqgv9Fjmk3F0+Q/+OI7d/9FO/PbQL3QTB5oqBF0hX+9
+NRQT6YxFC6Wl/W+kI/26J0Z8SglyriMzUfn1dNhShS8ZsAw/ci7tTPSsXm/4aWbz
+ZnRYYj4+Q6fBE3ZsmLguEByHpCUD/jwg4Uf872OcdgxvjmVAWmb6A69q1HIaQ9kJ
++0Pee2SFUyTU4nsRkLgtiLDOa48Ri6w7+pWBweQa0jEtYCMaYPOtXdDmis9XDBQ7
+E1B1FFTUvZuF9Syh1xsWCL8sLPjGcbHhikXQ7bhjv/RI+i1LJpPRFjKP+P9sgq9g
+HbSDg/vjr2SV17UCuLNQQh/XY+Von8f89oiURwIDAQABAoIBAB7DhfDRMaPU5n41
+gbIFNlKhuKhUCsT2wMqA9qgjlgAnOsOp4qObLPgHXBkaCLsTlPX7iw15ktM6HKul
+jt1SqxoEKAHitYugT+Tqur5q1afvLcD9s3f54wC+VaUefzquOnTOZ2ONj4tyOODB
+1qlMhQBzyRVWDbCv9tAl6p5RyaTh+8IULctlER6w9m3upT9NxoRi1PrPBCRiEKKo
+4zDRvfbT/0ucLD20GS6trPv4ihTCTU7ydFujioDkFyNzCzYNGBnImpQ9/xeT5/Ys
+IJQy9Tdn6V0rXMBBb1EhyBQYw5Oxy6d6tzhjvva6LaJBGo9yzX0NHt58Ymhgm1q/
+vscj1pECgYEAyegQFP7dkmUdXdNpdrIdCvKlvni3r/hwB/9H0sJHIJbfTusfzeLL
+5Q8QSZAsaR7tSgJfr9GMdOjntvefYjKLfl3SnG/wF91m05eYfkeiZXc9RGe+XXGu
+wv5u2m/G7a05XpW1JFX+1ORyj2x5KsvF7KDtWJyR5ryIsOwHZNGQpJ8CgYEAxWoo
+r2eJBc9Xj5bhhS0VxUFODXImfeQF2aG2rSeuWMY7k4vmVkJwhBZiPW/dHBu1aMPh
+/SY1W7cgzdVIf2RIF5MgzzkmoisEApZTiSwmP6A2bTx6miXwFCLTCHIDfiXJ0tQA
+Nb+Ln+exks4BfCgKHOqWTcWizKNE/8Gb6SnhB1kCgYAgM1Z9QrhrpJyuXg0v1PA0
+0sYEPpRtCB416Ey4HCvj0qwClhUYbNc/zMs4MDok+b22U/KWw8C21H4/+/X7XzxI
+BwaT1HZiF/lSPZcgbKRFsmKfCjyeAodwqctcIv+C4GGJ6C5fgSeHJHfwz8fzP1Rt
+jKzNuQq71c2nCb2UIqgC2QKBgEieoJDFmVYVy7P6YMNIrnV9bGTt1NMCilRgdH6F
+1lC5uzivge/BSPqN8V2AROoOF1GOnRcucvpmBx8wkhaqoQprCOqxr1CAWl1JRzly
+kC9flCXi1YbW5dXCabb1metRo0h2zAz5hTcxV9UVCt7NK8svUFMTnKuCc+NRKTVA
+PpMhAoGBAJ9rFgZpWHRVuzsangbGslq3fDYGENLJ2fPNjLgfgVLi+YotG9jfgQPW
+QCvoSA1CChxzEJEB5hzEOEv9pThnBNg1LWNj+a3N5anW2UBHMEWeCrVFZwJMVdSd
+srUFtap7da8iUddc+sHC5hHHFDBdqG4pDck/uTs3CNWRF/ZqzE/G
+-----END RSA PRIVATE KEY-----
diff --git a/integration-cli/fixtures/notary/delgkey2.crt b/integration-cli/fixtures/notary/delgkey2.crt
new file mode 100644
index 00000000..40f2db2c
--- /dev/null
+++ b/integration-cli/fixtures/notary/delgkey2.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIID8jCCAtqgAwIBAgIJAMi/AxlwFquJMA0GCSqGSIb3DQEBBQUAMFgxCzAJBgNV
+BAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEPMA0G
+A1UEChMGRG9ja2VyMRMwEQYDVQQDEwpkZWxlZ2F0aW9uMCAXDTE2MDMwODAyNDEy
+MloYDzIxMTYwMjEzMDI0MTIyWjBYMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0Ex
+FjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xDzANBgNVBAoTBkRvY2tlcjETMBEGA1UE
+AxMKZGVsZWdhdGlvbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/a
+1GO+02jt1p0sME+YGaK4+uZ9jezrpkCXKMsMfItgqCKRTX7YVuR7tnRt/Y1DNVqR
+nMeGc77soDag6eW4xrYrv9LwylUsOLanvK1d/8hDxZhzJjqlJBmz6BvLWDZUF9uu
+OjULL8yuP2cmRogjn0bqmdeKztrZtDQqQiwsG02nVjfuvVi3rP4G4DhL5fUoHB0R
+E6L9Su3/2OWGpdxZqkT7GAbjgLl4/4CXs00493m8xZIHXQ9559PiVlLfk6p6FjEV
+7irZp7XXSe1My/0HGebFXkYqEL9+My2od4w+qJmBT23aTduGTo8IZC7g9lwKEykA
+hWrYhR5tjkLvOsQIE7ECAwEAAaOBvDCBuTAdBgNVHQ4EFgQUHtEAVcwI3k7W5B6c
+L3w+eKQRsIYwgYkGA1UdIwSBgTB/gBQe0QBVzAjeTtbkHpwvfD54pBGwhqFcpFow
+WDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1TYW4gRnJhbmNp
+c2NvMQ8wDQYDVQQKEwZEb2NrZXIxEzARBgNVBAMTCmRlbGVnYXRpb26CCQDIvwMZ
+cBariTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAfjsMtZ+nJ7y5t
+rH9xPwWMLmtC5MwzDRvTUAGbNbFwwm8AncfvsDmmERqsr8L2qhY8CZ9vsN4NjjBn
+QRmM/ynYA8JTbf/5ZNDnD4D6qTXLgGFqyHcBaorcB9uQ8eiMOFAbhxLYfPrKaYdV
+qj+MejcFa3HmzmYCSqsvxRhSje5b4sORe9/3jNheXsX8VZUpWtCHc3k4GiCU6KyS
+gpnXkShU4sG92cK72L8pxmGTz8ynNMj/9WKkLxpNIv5u0/D01a3z4wx5k1zfRZiz
+IQS+xqxV/ztY844MDknxENlYzcqGj0Fd6hE5OKZxnGaH83A5adldMLlnhG1rscGP
+as9uwPYP
+-----END CERTIFICATE-----
diff --git a/integration-cli/fixtures/notary/delgkey2.key b/integration-cli/fixtures/notary/delgkey2.key
new file mode 100644
index 00000000..59e85478
--- /dev/null
+++ b/integration-cli/fixtures/notary/delgkey2.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAv9rUY77TaO3WnSwwT5gZorj65n2N7OumQJcoywx8i2CoIpFN
+fthW5Hu2dG39jUM1WpGcx4ZzvuygNqDp5bjGtiu/0vDKVSw4tqe8rV3/yEPFmHMm
+OqUkGbPoG8tYNlQX2646NQsvzK4/ZyZGiCOfRuqZ14rO2tm0NCpCLCwbTadWN+69
+WLes/gbgOEvl9SgcHRETov1K7f/Y5Yal3FmqRPsYBuOAuXj/gJezTTj3ebzFkgdd
+D3nn0+JWUt+TqnoWMRXuKtmntddJ7UzL/QcZ5sVeRioQv34zLah3jD6omYFPbdpN
+24ZOjwhkLuD2XAoTKQCFatiFHm2OQu86xAgTsQIDAQABAoIBAQCDdASic1WXR58N
+AgH4B1dJT0VaOBzOgIfhKbEhruSG+ys4xCY9Cy4+TyWskNBxweMEs1CgxVb5Mlh0
+Fb0tUXWVzFQazDFWOn6BaFy2zPk81nLFCeDfvdcGZWZb5PAECYpvUuk+/vM5Ywq+
+OlOJZB72EDhonwssmI4IUAwXCAGNKjLfC4L+3ZgA3+I1xgxisJ2XWNYSLwHzIDRh
+U3zO2NpJi1edTNPltDBTb4iFhajX0SFgbARc+XVTpA3pgQujWo6CNB5YKCPuzIqr
+GFsvGSZDVzOUnfOlitaYNW+QIWAQf8VLWULwyFrS5Cb2WR/k7AmojZVuDHvzWrtg
+ZMG6b1mBAoGBAOV+3SiX8+khKBpxnOJLq0XlGjFNDWNNB34UIMVkFehRxpUr2261
+HDp4YiC9n7l47sjeFBk4IQf2vG/5MPpuqIixsk2W3siCASdMQypVZMG+zj6xDFfH
+8rwQSeZhwjmk2a+A7qgnhqvd/qa7EYOnsn1tLf2iBB2EaHV9lWBJFX0lAoGBANYD
+GbAPEiwh4Fns8pf59T3Lp0Q9XvAN3uh4DUU0mFrQ1HQHeXIw1IDCJ9JiRjLX7aHu
+79EtDssVPQ9dv0MN5rRULtrutCfRLsomm385PLLBIgBdVApnVvJJIWhQkFFMrhFt
+UP+483utiDOcCVXMxAy+1jx23EiWvl2H0xGIwsSdAoGBAMIcM+OJ4vxk1w7G2fNu
+HUfZJ/ZbPd+n35Z8X9uVdBI0WMsDdW6GMYIjIJygxuCRsSak8EsEdqvNvkTXeN3Z
+iyNTaYTG/1iI3YDnuEeuQrK9OKU+CzqUHHOFM3xxY15uWNFhNHt2MypbcnCD+aRp
+y0bbefL1fpWY0OHPfvEZ39shAoGAPbVdJc/irIkEGMni1YGEflIHo/ySMGO/f4aG
+RQs6Vw1aBS7WjN+ZlprlQpuFpElwwr2TttvoJRS1q4WbjakneZ3AeO5VUhnWBQIG
+2jNV1jEsLbC7d9h+UJRXpq18P4T9uBauQV5CDspluIPoiS3m5cntGjgnomKc93kf
+mjG1/10CgYA7kgOOva64sjWakL/IgDRiwr0YrJkAfPUZYwxYLHuiW9izUgngpqWd
+1wtq+YCsc4l7t8u9Tahb8OE0KSN5RC6QM6b8yW9qFDZ68QAX00+sN6di4qyAZlm+
+rK05W/3JmyvQbvO+JVRQtegZ1ExCj7LGuGOQ5KIpWsBEM3ic9ZP9gw==
+-----END RSA PRIVATE KEY-----
diff --git a/integration-cli/fixtures/notary/delgkey3.crt b/integration-cli/fixtures/notary/delgkey3.crt
new file mode 100644
index 00000000..be34eab5
--- /dev/null
+++ b/integration-cli/fixtures/notary/delgkey3.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIID8jCCAtqgAwIBAgIJAI3uONxeFQJtMA0GCSqGSIb3DQEBBQUAMFgxCzAJBgNV
+BAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEPMA0G
+A1UEChMGRG9ja2VyMRMwEQYDVQQDEwpkZWxlZ2F0aW9uMCAXDTE2MDMwODAyNDEy
+NFoYDzIxMTYwMjEzMDI0MTI0WjBYMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0Ex
+FjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xDzANBgNVBAoTBkRvY2tlcjETMBEGA1UE
+AxMKZGVsZWdhdGlvbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOii
+Ij01MkSExgurs5owUNxNgRvrZFxNSNGfnscYZiaT/wNcocrOz40vvY29SOBEbCSW
+oBlCi0rYu/7LZBqvsP3YItmifpJHGfRiZ6xEQ4rKznY8+8E3FHVChlmVv9x6QPhA
+9OpATlSLvcdiXHbohdc+kQsl9qM93+QadRQLmtZ6H5Sv90d1MHNViX+8d/k2WyT0
+8u6fNv0ZHeltnZFYruF82YKJCOPdAJnCLUOXWRSG6xDhhvSewjxz6gFla5n8m+D9
+jvmIUUjoMEhjORUIVeA/lXT0AT3Lx0xE8uyhJQbp+hGtcPCcwYFZdz3yLcrxKO47
+nh6qOygf7I2fiR1ogqECAwEAAaOBvDCBuTAdBgNVHQ4EFgQUUqsFJdVoos2aewDh
+m1r66zyXeI4wgYkGA1UdIwSBgTB/gBRSqwUl1WiizZp7AOGbWvrrPJd4jqFcpFow
+WDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1TYW4gRnJhbmNp
+c2NvMQ8wDQYDVQQKEwZEb2NrZXIxEzARBgNVBAMTCmRlbGVnYXRpb26CCQCN7jjc
+XhUCbTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQADcyno8/AwNatf
+pjgILCZl1DVrqaKEVbp6ciNgVRCF4cM0bE5W4mjd5tO8d3/yTilry2FPicqxiMps
+oGroMFR+X1cZbOf0U32FyEW4EyWm2jjbiuEpnM5J/EeB/QfckqP6whS/QAM7PxDV
+Sxd8sKDb9SOGZiickFU4QpG1fdmY/knrrtbzRl7Nk/3tBgRaq+Brg7YNZZKlpUNB
+Hp3q0E+MFgVAojpcL7w1oSgoNev+cUNaBdPEmWIEi7F5rosCzmAIhuIY+ghmo9Qg
+zy+byAcxLpujl8vZvE1nZKMKZ7oJayOOgjB2Ztk6bO1r+GPtK5VfqEPhKTRDbBlo
+xS3tSCDJ
+-----END CERTIFICATE-----
diff --git a/integration-cli/fixtures/notary/delgkey3.key b/integration-cli/fixtures/notary/delgkey3.key
new file mode 100644
index 00000000..4790c957
--- /dev/null
+++ b/integration-cli/fixtures/notary/delgkey3.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA6KIiPTUyRITGC6uzmjBQ3E2BG+tkXE1I0Z+exxhmJpP/A1yh
+ys7PjS+9jb1I4ERsJJagGUKLSti7/stkGq+w/dgi2aJ+kkcZ9GJnrERDisrOdjz7
+wTcUdUKGWZW/3HpA+ED06kBOVIu9x2JcduiF1z6RCyX2oz3f5Bp1FAua1noflK/3
+R3Uwc1WJf7x3+TZbJPTy7p82/Rkd6W2dkViu4XzZgokI490AmcItQ5dZFIbrEOGG
+9J7CPHPqAWVrmfyb4P2O+YhRSOgwSGM5FQhV4D+VdPQBPcvHTETy7KElBun6Ea1w
+8JzBgVl3PfItyvEo7jueHqo7KB/sjZ+JHWiCoQIDAQABAoIBADvh8HpdBTGKFAjR
+DAx2v3nWIZP0RgNUiZgcRJzvdOwdUJmm8KbqEZdAYMTpoqbINiY8971I2d5MaCgw
+ZvZPn3nYdzAamgZBczbrVdCMSe6iQf9Bt3SHHycIFtlcqOSyO6Mr5V+fagptZk66
+zR52wG0l1+RMw25F8SogfV7JlfP7Qh5Bob0lEN2xpbhwLiNaaB+IHNe0FelmRvmJ
+VUonoD0xaos25EXUES7J/9coiBqgRlDVHdUM0oaa/94UnxNPJnoNfte0yd+mC4LZ
+JVHo0Zti3x/8SiCYMbLQs5L8AL8VtPu9OPfur/J8+9Rv0Rh+L1Ben+JWzCzUw1Cj
+abH1zvkCgYEA9Q06Lu69ZLD31fTv46CphN+dGS/VgvMELkob6VQOhbV3RPhe6vqL
+p7D67J53iq4rZY5KX3zuXZ+A5s48atc8gz+hTsrE022QVXmO2ZrE22bEpL+mwpsB
+8//ul1UG51XTw6YR9CmLLD3Y4BgMjhSllx4Wwr9e9+PKl+DuSreqhxMCgYEA8wbf
+P3zh85jPN92gBG8+VIbVlXYOTK0OllYUoLt4URmLRllmrB6LyRlpODCyb9+JymMg
+WvAq5Bc0h8gMbSQEkYaAUq2CfSbyExASUHA+/nZglsTZhPkg5PJImntK6S58KAM7
+RJzyz20gxYA5H4KXFSiF+ONOE9X/cFUPxzF1AfsCgYBfgUY54GYEBkyxIIMWDhnD
+ZXtOw6vNG3V3rP5v04jNZ8oSIVKs9fTT6FADREeGzxauv+QQjxo/dtjAG4TEhxpY
+dMYjdTd8x2jHR1b7TCyI7eaZ5u/RTKRYOlj8tfC43GRqDiFVLZPGLFyIChdqkHVx
+DhME15zls+vTgaCdkjNt7QKBgQCfwDywNx8wSZqtVnoBcD7AwYFUpi3wKTIVkLAu
+mA0XAnuS2uGq8slgf9uynBAvifnBmDeEj6siFD7roozIkYyPPKLNtlC4hAlMjpv7
+VE2UZ6xGb0+tITaGSN2A7trnPS9P/g/PonvZ7hpEuWzTUbyOo/ytBn4ke99VsBSX
+E+OeUQKBgQCgmcwCj2/IH+GOpe9qAG6MTMKK7k22O8fBCrcDybL1pMWIesJEbzpv
+T5Atcx9L5ff6Q4Ysghb8ebXsErv4oZ72xyAwWJmbIaPllWn2ffUikzL3grSriWZy
+0bz6P9sRqYpbdmX3oVvTfBP5kbv+mtDXOB3h5rGfczKWNMyuZmxDOg==
+-----END RSA PRIVATE KEY-----
diff --git a/integration-cli/fixtures/notary/delgkey4.crt b/integration-cli/fixtures/notary/delgkey4.crt
new file mode 100644
index 00000000..42869c8e
--- /dev/null
+++ b/integration-cli/fixtures/notary/delgkey4.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIID8jCCAtqgAwIBAgIJAKKDRMrryBRKMA0GCSqGSIb3DQEBBQUAMFgxCzAJBgNV
+BAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEPMA0G
+A1UEChMGRG9ja2VyMRMwEQYDVQQDEwpkZWxlZ2F0aW9uMCAXDTE2MDMwODAyNDEy
+N1oYDzIxMTYwMjEzMDI0MTI3WjBYMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0Ex
+FjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xDzANBgNVBAoTBkRvY2tlcjETMBEGA1UE
+AxMKZGVsZWdhdGlvbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOCf
+Wfff5mX/ko/Y790O04eR7h8/4YtZU3LFItcjhkphMf2V2BRlhWwwW6v96gTN1xsZ
+1il6/YXjviWiLjhrtOVLQBE2yK0A7Wwdh9KJg3QgNqwtFrR1MA1LgWto1F7NyEMC
+9H6Hc95+bgWx1jN0IflfPh1C1m/sA5xGqHDl+8YzJJUOoa5bh04Yk3aIeecatso/
+z7P5c6KicPcZIjhgjxHYB95It/oj8ZuY0hQZb7B5HEGNyBbT2F0vuElWtp+mXexr
+6mzgzvHgaKG36bNCTLxr8BxGA/sbVn01LyI3wpk2uqWzyUFk21M4g2X46OPgKrh7
+2h5b+C0X8DUPi45djHcCAwEAAaOBvDCBuTAdBgNVHQ4EFgQUKcrfRFg+6o2l4xbt
+Ll6hV9pjJh8wgYkGA1UdIwSBgTB/gBQpyt9EWD7qjaXjFu0uXqFX2mMmH6FcpFow
+WDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1TYW4gRnJhbmNp
+c2NvMQ8wDQYDVQQKEwZEb2NrZXIxEzARBgNVBAMTCmRlbGVnYXRpb26CCQCig0TK
+68gUSjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAhdKgYUQ36JSPS
+f3Dws09pM5hzSsSae4+nG9XckX6dVQ7sLKmjeeeLrXuzjfygir/+h9cHyShgXFH4
+ZbGpdzf6APG1KRag3/njqEWi+kKZZduxZKvI2EHJhj1xBtf8Qru0TgS7bHPlp9bl
+1/61+aIrtj05LQhqzWzehuJFrmSdWP9cnNbvlPdOdgfgkKakAiLGwwGNvMQbqxaO
+FIB4UPuPdQgm5bpimd5/CThKbpK9/0nr9K4po/m519nvEKxZzsDw5tefGp9Xqly3
+4pk9uyAxO/E2cL0cVA/WHTVTsHPbO7lXxBi6/EjiTUi0Nj1X+btO8+jCLkJyNY0m
+qaiL5k9h
+-----END CERTIFICATE-----
diff --git a/integration-cli/fixtures/notary/delgkey4.key b/integration-cli/fixtures/notary/delgkey4.key
new file mode 100644
index 00000000..7573c208
--- /dev/null
+++ b/integration-cli/fixtures/notary/delgkey4.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA4J9Z99/mZf+Sj9jv3Q7Th5HuHz/hi1lTcsUi1yOGSmEx/ZXY
+FGWFbDBbq/3qBM3XGxnWKXr9heO+JaIuOGu05UtAETbIrQDtbB2H0omDdCA2rC0W
+tHUwDUuBa2jUXs3IQwL0fodz3n5uBbHWM3Qh+V8+HULWb+wDnEaocOX7xjMklQ6h
+rluHThiTdoh55xq2yj/Ps/lzoqJw9xkiOGCPEdgH3ki3+iPxm5jSFBlvsHkcQY3I
+FtPYXS+4SVa2n6Zd7GvqbODO8eBoobfps0JMvGvwHEYD+xtWfTUvIjfCmTa6pbPJ
+QWTbUziDZfjo4+AquHvaHlv4LRfwNQ+Ljl2MdwIDAQABAoIBAQCrN2wZsFZr2zK5
+aS/0/Y8poIe01Dm0wWMFcdULzm1XltzHIgfyDCx2ein2YPaXsNtNMhV3yuMiwqU3
+BHdc1GSv/vsX4/11Oea/6YaVafKEeuWRulC7PzRgffRpjh+LICqNQdxh8hfVOePd
+fV/8GoKnFf0/yqmv6GQcJBPS8stGmFmjo4rkBGvBBMoiUtMYllQqdfH0DtpI24Jh
+nR3lZKAPECkAciV7/Lx6+CUEaNOML2XPbLv6EyRh+J/r80jwE8myzpO7R6I+KCzo
+R/xuBb/hrUh5Sd5YmuBMa6WfF9yqawTgmVvkpD9fkRusSPSQCq3oe+AugYWu6Fht
+XBiZlvjJAoGBAPPBuUaagaUgHyjIzjbRPBHDhSYJpgYR4l/jcypfrl+m0OFC5acA
+QG7Hr8AbStIPGtaJRn2pm8dNVPtFecPoi5jVWux2n5RqYlOnwY0tziuxbhU9GQ/W
+oCp+99TJSMHFep0E7IoDk8YSxyA/86qk/Tx7KkUUlXv4sjJts17ZHxstAoGBAOvn
+mF9rm8Y+Og17WlUQyf5j7g4soWG/4zMnoGpjocDfHVms/pASKbIBp5aFtDgWCmM5
+H7InptvBUInROHlooK6paJRDLbDgzVa/m+NLHoct7N25J4NiG8xV6Wv7hlrRp+XK
+zyWL8iL95GnB21HJKvEiVBWvOuZnqfVcnzhbmzyzAoGAYT46jMkcyWRMKfgaFFJa
+lXebybX1rtw5pClYC2KKbQxerk8C0SHPkqJFIe2BZtWxzj6LiZw9UkAuk+N+lUJT
+VpBfKpCUTyA1w8vb8leAtXueQAjU07W6xdlLQ29dgDgpFzUcrF6K+G0LVXlN2xjh
+EdzM2yxACmoHpQiQk1kpCK0CgYAz640Fs1FdmGR+gx+miUNr0eKbDAeY0/rVT2tm
+/vai1HhJPGHqo5S5sNOJtXOsxG0U2YW4WDHJPArVyk57qiNzTaXOu9pai5+l8BYH
+OIlHhzwSsKWZrQYhOudc9MblRi+Fy9U7lkl8mhSjkh8LKRNibwPCogZ8n2QwtGn2
+pXLNMQKBgQDxvs46CA0M9lGvpl0ggnC7bIYYUEvIlszlBh+o2CgF3IOFlGVcvCia
+r18i7hTM5wbcct9OWDzZG4ejBIhtE+gMQ333ofQ64PPJOcfuHxT3Z/fMWfv/yDEj
+4e4ZPK44ktcTvuusxAoSe5C5dbcNX2ymAhlRg/F0LyMkhw+qGh4xOQ==
+-----END RSA PRIVATE KEY-----
diff --git a/integration-cli/fixtures/notary/localhost.cert b/integration-cli/fixtures/notary/localhost.cert
new file mode 100644
index 00000000..d1233a1b
--- /dev/null
+++ b/integration-cli/fixtures/notary/localhost.cert
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDCTCCAfOgAwIBAgIQTOoFF+ypXwgdXnXHuCTvYDALBgkqhkiG9w0BAQswJjER
+MA8GA1UEChMIUXVpY2tUTFMxETAPBgNVBAMTCFF1aWNrVExTMB4XDTE1MDcxNzE5
+NDg1M1oXDTE4MDcwMTE5NDg1M1owJzERMA8GA1UEChMIUXVpY2tUTFMxEjAQBgNV
+BAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMDO
+qvTBAi0ApXLfe90ApJkdkRGwF838Qzt1UFSxomu5fHRV6l3FjX5XCVHiFQ4w3ROh
+dMOu9NahfGLJv9VvWU2MV3YoY9Y7lIXpKwnK1v064wuls4nPh13BUWKQKofcY/e2
+qaSPd6/qmSRc/kJUvOI9jZMSX6ZRPu9K4PCqm2CivlbLq9UYuo1AbRGfuqHRvTxg
+mQG7WQCzGSvSjuSg5qX3TEh0HckTczJG9ODULNRWNE7ld0W4sfv4VF8R7Uc/G7LO
+8QwLCZ9TIl3gYMPCrhUL3Q6z9Jnn1SQS4mhDnPi6ugRYO1X8k3jjdxV9C2sXwUvN
+OZI1rLEWl9TJNA7ZXtMCAwEAAaM2MDQwDgYDVR0PAQH/BAQDAgCgMAwGA1UdEwEB
+/wQCMAAwFAYDVR0RBA0wC4IJbG9jYWxob3N0MAsGCSqGSIb3DQEBCwOCAQEAH6iq
+kM2+UMukGDLEQKHHiauioWJlHDlLXv76bJiNfjSz94B/2XOQMb9PT04//tnGUyPK
+K8Dx7RoxSodU6T5VRiz/A36mLOvt2t3bcL/1nHf9sAOHcexGtnCbQbW91V7RKfIL
+sjiLNFDkQ9VfVNY+ynQptZoyH1sy07+dplfkIiPzRs5WuVAnEGsX3r6BrhgUITzi
+g1B4kpmGZIohP4m6ZEBY5xuo/NQ0+GhjAENQMU38GpuoMyFS0i0dGcbx8weqnI/B
+Er/qa0+GE/rBnWY8TiRow8dzpneSFQnUZpJ4EwD9IoOIDHo7k2Nbz2P50HMiCXZf
+4RqzctVssRlrRVnO5w==
+-----END CERTIFICATE-----
diff --git a/integration-cli/fixtures/notary/localhost.key b/integration-cli/fixtures/notary/localhost.key
new file mode 100644
index 00000000..d7778359
--- /dev/null
+++ b/integration-cli/fixtures/notary/localhost.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEAwM6q9MECLQClct973QCkmR2REbAXzfxDO3VQVLGia7l8dFXq
+XcWNflcJUeIVDjDdE6F0w6701qF8Ysm/1W9ZTYxXdihj1juUhekrCcrW/TrjC6Wz
+ic+HXcFRYpAqh9xj97appI93r+qZJFz+QlS84j2NkxJfplE+70rg8KqbYKK+Vsur
+1Ri6jUBtEZ+6odG9PGCZAbtZALMZK9KO5KDmpfdMSHQdyRNzMkb04NQs1FY0TuV3
+Rbix+/hUXxHtRz8bss7xDAsJn1MiXeBgw8KuFQvdDrP0mefVJBLiaEOc+Lq6BFg7
+VfyTeON3FX0LaxfBS805kjWssRaX1Mk0Dtle0wIDAQABAoIBAHbuhNHZROhRn70O
+Ui9vOBki/dt1ThnH5AkHQngb4t6kWjrAzILvW2p1cdBKr0ZDqftz+rzCbVD/5+Rg
+Iq8bsnB9g23lWEBMHD/GJsAxmRA3hNooamk11IBmwTcVSsbnkdq5mEdkICYphjHC
+Ey0DbEf6RBxWlx3WvAWLoNmTw6iFaOCH8IyLavPpe7kLbZc219oNUw2qjCnCXCZE
+/NuViADHJBPN8r7g1gmyclJmTumdUK6oHgXEMMPe43vhReGcgcReK9QZjnTcIXPM
+4oJOraw+BtoZXVvvIPnC+5ntoLFOzjIzM0kaveReZbdgffqF4zy2vRfCHhWssanc
+7a0xR4ECgYEA3Xuvcqy5Xw+v/jVCO0VZj++Z7apA78dY4tWsPx5/0DUTTziTlXkC
+ADduEbwX6HgZ/iLvA9j4C3Z4mO8qByby/6UoBU8NEe+PQt6fT7S+dKSP4uy5ZxVM
+i5opkEyrJsMbve9Jrlj4bk5CICsydrZ+SBFHnpNGjbduGQick5LORWECgYEA3trt
+gepteDGiUYmnnBgjbYtcD11RvpKC8Z/QwGnzN5vk4eBu8r7DkMcLN+SiHjAovlJo
+r5j3EbF8sla1zBf/yySdQZFqUGcwtw7MaAKCLdhQl5WsViNMIx6p2OJapu0dzbv2
+KTXrnoRCafcH92k0dUX1ahE9eyc8KX6VhbWwXLMCgYATGCCuEDoC+gVAMzM8jOQF
+xrBMjwr+IP+GvskUv/pg5tJ9V/FRR5dmkWDJ4p9lCUWkZTqZ6FCqHFKVTLkg2LjG
+VWS34HLOAwskxrCRXJG22KEW/TWWr31j46yFpjZzJwrzOvftMfpo+BI3V8IH/f+x
+EtxLzYKdoRy6x8VH67YgwQKBgHor2vjV45142FuK83AHa6SqOZXSuvWWrGJ6Ep7p
+doSN2jRaLXi2S9AaznOdy6JxFGUCGJHrcccpXgsGrjNtFLXxJKTFa1sYtwQkALsk
+ZOltJQF09D1krGC0driHntrUMvqOiKye+sS0DRS6cIuaCUAhUiELwoC5SaoV0zKy
+IDUxAoGAOK8Xq+3/sqe79vTpw25RXl+nkAmOAeKjqf3Kh6jbnBhr81rmefyKXB9a
+uj0b980tzUnliwA5cCOsyxfN2vASvMnJxFE721QZI04arlcPFHcFqCtmNnUYTcLp
+0hgn/yLZptcoxpy+eTBu3eNsxz1Bu/Tx/198+2Wr3MbtGpLNIcA=
+-----END RSA PRIVATE KEY-----
diff --git a/integration-cli/fixtures/registry/cert.pem b/integration-cli/fixtures/registry/cert.pem
new file mode 100644
index 00000000..37605403
--- /dev/null
+++ b/integration-cli/fixtures/registry/cert.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDfzCCAmegAwIBAgIJAKZjzF7N4zFJMA0GCSqGSIb3DQEBCwUAMFYxCzAJBgNV
+BAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQg
+Q29tcGFueSBMdGQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xNjAzMTQxOTAzMDZa
+Fw0xNzAzMTQxOTAzMDZaMFYxCzAJBgNVBAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0
+IENpdHkxHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQxEjAQBgNVBAMMCWxv
+Y2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMAVEPA6tSNy
+MoExHvT8CWvbe0MyYqZjMmUUdGVYyAaoZgmj9HvtGKaUWY/hCtgTond3OKhPq69u
+fQSDlHQA/scq4KZovKQJhvBaRb2DqD31KcbcDyh5KUAL1aalbjTLbKmAYSFSoY93
+57KiBei2BmvS55HLhOiO8ccQOq3feH/J/XcszAdAaiGXW3woDOIumYzur6Q8Suyn
+cIUEX5Ik7mxS7oGYN1IM++Y+B6aAFT7htAZEvF7RF7sjG7QBfxNPOFg9lBWXzVSv
+0vRbVme9OCDD2QOpj8O7XAPuLDwW5b2A8Iex3CJRngBI9vAK5h1Wssst8117bur9
+AiubOrF6cxUCAwEAAaNQME4wHQYDVR0OBBYEFNTGYK7uX19yjCPeGXhmel98amoA
+MB8GA1UdIwQYMBaAFNTGYK7uX19yjCPeGXhmel98amoAMAwGA1UdEwQFMAMBAf8w
+DQYJKoZIhvcNAQELBQADggEBACW/oF6RgLbTPxb8oPI9424Uv/erYYdxdqIaO3Mz
+fQfBEvGu62A0ZLH+av4BTeqBM6iVhN6/Y3hUb8UzbbZAIo/dVJSglW7PXAfUITMM
+ca9U2r2cFqgXELZkhde6mTFTYwM3swMCP0HUEo+Hu62NX5gunKr4QMNfTlE3vHEj
+jitnkTR0ZVEKHvmdTJC9S92j+NuaJVcwe5UNP1Nj/Ksd/iUUCa2DBnw2N7YwHTDB
+jb9cQb8aNVNSrjKP3sknMslVy1JVbUB1LXsth/h+kkVFNP4dsk+dZHn20uIA/VeJ
+mJ3Wo54CeTAa3DysiWbIIYsFSASCPvki08ZKI373tCf2RvE=
+-----END CERTIFICATE-----
diff --git a/integration-cli/npipe.go b/integration-cli/npipe.go
new file mode 100644
index 00000000..fa531a1b
--- /dev/null
+++ b/integration-cli/npipe.go
@@ -0,0 +1,12 @@
+// +build !windows
+
+package main
+
+import (
+	"net"
+	"time"
+)
+
+func npipeDial(path string, timeout time.Duration) (net.Conn, error) {
+	panic("npipe protocol only supported on Windows")
+}
diff --git a/integration-cli/npipe_windows.go b/integration-cli/npipe_windows.go
new file mode 100644
index 00000000..4fd735f2
--- /dev/null
+++ b/integration-cli/npipe_windows.go
@@ -0,0 +1,12 @@
+package main
+
+import (
+	"net"
+	"time"
+
+	"github.com/Microsoft/go-winio"
+)
+
+func npipeDial(path string, timeout time.Duration) (net.Conn, error) {
+	return winio.DialPipe(path, &timeout)
+}
diff --git a/integration-cli/registry.go b/integration-cli/registry.go
new file mode 100644
index 00000000..fa3fb875
--- /dev/null
+++ b/integration-cli/registry.go
@@ -0,0 +1,175 @@
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"os"
+	"os/exec"
+	"path/filepath"
+
+	"github.com/docker/distribution/digest"
+	"github.com/go-check/check"
+)
+
+const (
+	v2binary        = "registry-v2"
+	v2binarySchema1 = "registry-v2-schema1"
+)
+
+type testRegistryV2 struct {
+	cmd      *exec.Cmd
+	dir      string
+	auth     string
+	username string
+	password string
+	email    string
+}
+
+func newTestRegistryV2(c *check.C, schema1 bool, auth, tokenURL string) (*testRegistryV2, error) {
+	tmp, err := ioutil.TempDir("", "registry-test-")
+	if err != nil {
+		return nil, err
+	}
+	template := `version: 0.1
+loglevel: debug
+storage:
+    filesystem:
+        rootdirectory: %s
+http:
+    addr: %s
+%s`
+	var (
+		authTemplate string
+		username     string
+		password     string
+		email        string
+	)
+	switch auth {
+	case "htpasswd":
+		htpasswdPath := filepath.Join(tmp, "htpasswd")
+		// generated with: htpasswd -Bbn testuser testpassword
+		userpasswd := "testuser:$2y$05$sBsSqk0OpSD1uTZkHXc4FeJ0Z70wLQdAX/82UiHuQOKbNbBrzs63m"
+		username = "testuser"
+		password = "testpassword"
+		email = "test@test.org"
+		if err := ioutil.WriteFile(htpasswdPath, []byte(userpasswd), os.FileMode(0644)); err != nil {
+			return nil, err
+		}
+		authTemplate = fmt.Sprintf(`auth:
+    htpasswd:
+        realm: basic-realm
+        path: %s
+`, htpasswdPath)
+	case "token":
+		authTemplate = fmt.Sprintf(`auth:
+    token:
+        realm: %s
+        service: "registry"
+        issuer: "auth-registry"
+        rootcertbundle: "fixtures/registry/cert.pem"
+`, tokenURL)
+	}
+
+	confPath := filepath.Join(tmp, "config.yaml")
+	config, err := os.Create(confPath)
+	if err != nil {
+		return nil, err
+	}
+	if _, err := fmt.Fprintf(config, template, tmp, privateRegistryURL, authTemplate); err != nil {
+		os.RemoveAll(tmp)
+		return nil, err
+	}
+
+	binary := v2binary
+	if schema1 {
+		binary = v2binarySchema1
+	}
+	cmd := exec.Command(binary, confPath)
+	if err := cmd.Start(); err != nil {
+		os.RemoveAll(tmp)
+		if os.IsNotExist(err) {
+			c.Skip(err.Error())
+		}
+		return nil, err
+	}
+	return &testRegistryV2{
+		cmd:      cmd,
+		dir:      tmp,
+		auth:     auth,
+		username: username,
+		password: password,
+		email:    email,
+	}, nil
+}
+
+func (t *testRegistryV2) Ping() error {
+	// We always ping through HTTP for our test registry.
+	resp, err := http.Get(fmt.Sprintf("http://%s/v2/", privateRegistryURL))
+	if err != nil {
+		return err
+	}
+	resp.Body.Close()
+
+	fail := resp.StatusCode != http.StatusOK
+	if t.auth != "" {
+		// unauthorized is a _good_ status when pinging v2/ and it needs auth
+		fail = fail && resp.StatusCode != http.StatusUnauthorized
+	}
+	if fail {
+		return fmt.Errorf("registry ping replied with an unexpected status code %d", resp.StatusCode)
+	}
+	return nil
+}
+
+func (t *testRegistryV2) Close() {
+	t.cmd.Process.Kill()
+	os.RemoveAll(t.dir)
+}
+
+func (t *testRegistryV2) getBlobFilename(blobDigest digest.Digest) string {
+	// Split the digest into it's algorithm and hex components.
+	dgstAlg, dgstHex := blobDigest.Algorithm(), blobDigest.Hex()
+
+	// The path to the target blob data looks something like:
+	//   baseDir + "docker/registry/v2/blobs/sha256/a3/a3ed...46d4/data"
+	return fmt.Sprintf("%s/docker/registry/v2/blobs/%s/%s/%s/data", t.dir, dgstAlg, dgstHex[:2], dgstHex)
+}
+
+func (t *testRegistryV2) readBlobContents(c *check.C, blobDigest digest.Digest) []byte {
+	// Load the target manifest blob.
+	manifestBlob, err := ioutil.ReadFile(t.getBlobFilename(blobDigest))
+	if err != nil {
+		c.Fatalf("unable to read blob: %s", err)
+	}
+
+	return manifestBlob
+}
+
+func (t *testRegistryV2) writeBlobContents(c *check.C, blobDigest digest.Digest, data []byte) {
+	if err := ioutil.WriteFile(t.getBlobFilename(blobDigest), data, os.FileMode(0644)); err != nil {
+		c.Fatalf("unable to write malicious data blob: %s", err)
+	}
+}
+
+func (t *testRegistryV2) tempMoveBlobData(c *check.C, blobDigest digest.Digest) (undo func()) {
+	tempFile, err := ioutil.TempFile("", "registry-temp-blob-")
+	if err != nil {
+		c.Fatalf("unable to get temporary blob file: %s", err)
+	}
+	tempFile.Close()
+
+	blobFilename := t.getBlobFilename(blobDigest)
+
+	// Move the existing data file aside, so that we can replace it with a
+	// another blob of data.
+	if err := os.Rename(blobFilename, tempFile.Name()); err != nil {
+		os.Remove(tempFile.Name())
+		c.Fatalf("unable to move data blob: %s", err)
+	}
+
+	return func() {
+		os.Rename(tempFile.Name(), blobFilename)
+		os.Remove(tempFile.Name())
+	}
+}
diff --git a/integration-cli/registry_mock.go b/integration-cli/registry_mock.go
new file mode 100644
index 00000000..300bf464
--- /dev/null
+++ b/integration-cli/registry_mock.go
@@ -0,0 +1,55 @@
+package main
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"regexp"
+	"strings"
+	"sync"
+
+	"github.com/go-check/check"
+)
+
+type handlerFunc func(w http.ResponseWriter, r *http.Request)
+
+type testRegistry struct {
+	server   *httptest.Server
+	hostport string
+	handlers map[string]handlerFunc
+	mu       sync.Mutex
+}
+
+func (tr *testRegistry) registerHandler(path string, h handlerFunc) {
+	tr.mu.Lock()
+	defer tr.mu.Unlock()
+	tr.handlers[path] = h
+}
+
+func newTestRegistry(c *check.C) (*testRegistry, error) {
+	testReg := &testRegistry{handlers: make(map[string]handlerFunc)}
+
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		url := r.URL.String()
+
+		var matched bool
+		var err error
+		for re, function := range testReg.handlers {
+			matched, err = regexp.MatchString(re, url)
+			if err != nil {
+				c.Fatal("Error with handler regexp")
+			}
+			if matched {
+				function(w, r)
+				break
+			}
+		}
+
+		if !matched {
+			c.Fatalf("Unable to match %s with regexp", url)
+		}
+	}))
+
+	testReg.server = ts
+	testReg.hostport = strings.Replace(ts.URL, "http://", "", 1)
+	return testReg, nil
+}
diff --git a/integration-cli/requirements.go b/integration-cli/requirements.go
new file mode 100644
index 00000000..e948c0aa
--- /dev/null
+++ b/integration-cli/requirements.go
@@ -0,0 +1,189 @@
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"os"
+	"os/exec"
+	"strings"
+	"time"
+
+	"github.com/go-check/check"
+)
+
+type testCondition func() bool
+
+type testRequirement struct {
+	Condition   testCondition
+	SkipMessage string
+}
+
+// List test requirements
+var (
+	DaemonIsWindows = testRequirement{
+		func() bool { return daemonPlatform == "windows" },
+		"Test requires a Windows daemon",
+	}
+	DaemonIsLinux = testRequirement{
+		func() bool { return daemonPlatform == "linux" },
+		"Test requires a Linux daemon",
+	}
+	NotArm = testRequirement{
+		func() bool { return os.Getenv("DOCKER_ENGINE_GOARCH") != "arm" },
+		"Test requires a daemon not running on ARM",
+	}
+	NotPpc64le = testRequirement{
+		func() bool { return os.Getenv("DOCKER_ENGINE_GOARCH") != "ppc64le" },
+		"Test requires a daemon not running on ppc64le",
+	}
+	SameHostDaemon = testRequirement{
+		func() bool { return isLocalDaemon },
+		"Test requires docker daemon to run on the same machine as CLI",
+	}
+	UnixCli = testRequirement{
+		func() bool { return isUnixCli },
+		"Test requires posix utilities or functionality to run.",
+	}
+	ExecSupport = testRequirement{
+		func() bool { return supportsExec },
+		"Test requires 'docker exec' capabilities on the tested daemon.",
+	}
+	Network = testRequirement{
+		func() bool {
+			// Set a timeout on the GET at 15s
+			var timeout = time.Duration(15 * time.Second)
+			var url = "https://hub.docker.com"
+
+			client := http.Client{
+				Timeout: timeout,
+			}
+
+			resp, err := client.Get(url)
+			if err != nil && strings.Contains(err.Error(), "use of closed network connection") {
+				panic(fmt.Sprintf("Timeout for GET request on %s", url))
+			}
+			if resp != nil {
+				resp.Body.Close()
+			}
+			return err == nil
+		},
+		"Test requires network availability, environment variable set to none to run in a non-network enabled mode.",
+	}
+	Apparmor = testRequirement{
+		func() bool {
+			buf, err := ioutil.ReadFile("/sys/module/apparmor/parameters/enabled")
+			return err == nil && len(buf) > 1 && buf[0] == 'Y'
+		},
+		"Test requires apparmor is enabled.",
+	}
+	RegistryHosting = testRequirement{
+		func() bool {
+			// for now registry binary is built only if we're running inside
+			// container through `make test`. Figure that out by testing if
+			// registry binary is in PATH.
+			_, err := exec.LookPath(v2binary)
+			return err == nil
+		},
+		fmt.Sprintf("Test requires an environment that can host %s in the same host", v2binary),
+	}
+	NotaryHosting = testRequirement{
+		func() bool {
+			// for now notary binary is built only if we're running inside
+			// container through `make test`. Figure that out by testing if
+			// notary-server binary is in PATH.
+			_, err := exec.LookPath(notaryServerBinary)
+			return err == nil
+		},
+		fmt.Sprintf("Test requires an environment that can host %s in the same host", notaryServerBinary),
+	}
+	NotaryServerHosting = testRequirement{
+		func() bool {
+			// for now notary-server binary is built only if we're running inside
+			// container through `make test`. Figure that out by testing if
+			// notary-server binary is in PATH.
+			_, err := exec.LookPath(notaryServerBinary)
+			return err == nil
+		},
+		fmt.Sprintf("Test requires an environment that can host %s in the same host", notaryServerBinary),
+	}
+	NotOverlay = testRequirement{
+		func() bool {
+			return !strings.HasPrefix(daemonStorageDriver, "overlay")
+		},
+		"Test requires underlying root filesystem not be backed by overlay.",
+	}
+
+	Devicemapper = testRequirement{
+		func() bool {
+			return strings.HasPrefix(daemonStorageDriver, "devicemapper")
+		},
+		"Test requires underlying root filesystem to be backed by devicemapper.",
+	}
+
+	IPv6 = testRequirement{
+		func() bool {
+			cmd := exec.Command("test", "-f", "/proc/net/if_inet6")
+
+			if err := cmd.Run(); err != nil {
+				return true
+			}
+			return false
+		},
+		"Test requires support for IPv6",
+	}
+	NotGCCGO = testRequirement{
+		func() bool {
+			out, err := exec.Command("go", "version").Output()
+			if err == nil && strings.Contains(string(out), "gccgo") {
+				return false
+			}
+			return true
+		},
+		"Test requires native Golang compiler instead of GCCGO",
+	}
+	UserNamespaceInKernel = testRequirement{
+		func() bool {
+			if _, err := os.Stat("/proc/self/uid_map"); os.IsNotExist(err) {
+				/*
+				 * This kernel-provided file only exists if user namespaces are
+				 * supported
+				 */
+				return false
+			}
+
+			// We need extra check on redhat based distributions
+			if f, err := os.Open("/sys/module/user_namespace/parameters/enable"); err == nil {
+				b := make([]byte, 1)
+				_, _ = f.Read(b)
+				if string(b) == "N" {
+					return false
+				}
+				return true
+			}
+
+			return true
+		},
+		"Kernel must have user namespaces configured and enabled.",
+	}
+	NotUserNamespace = testRequirement{
+		func() bool {
+			root := os.Getenv("DOCKER_REMAP_ROOT")
+			if root != "" {
+				return false
+			}
+			return true
+		},
+		"Test cannot be run when remapping root",
+	}
+)
+
+// testRequires checks if the environment satisfies the requirements
+// for the test to run or skips the tests.
+func testRequires(c *check.C, requirements ...testRequirement) {
+	for _, r := range requirements {
+		if !r.Condition() {
+			c.Skip(r.SkipMessage)
+		}
+	}
+}
diff --git a/integration-cli/requirements_unix.go b/integration-cli/requirements_unix.go
new file mode 100644
index 00000000..edc7bc1f
--- /dev/null
+++ b/integration-cli/requirements_unix.go
@@ -0,0 +1,106 @@
+// +build !windows
+
+package main
+
+import (
+	"github.com/docker/docker/pkg/sysinfo"
+)
+
+var (
+	// SysInfo stores information about which features a kernel supports.
+	SysInfo      *sysinfo.SysInfo
+	cpuCfsPeriod = testRequirement{
+		func() bool {
+			return SysInfo.CPUCfsPeriod
+		},
+		"Test requires an environment that supports cgroup cfs period.",
+	}
+	cpuCfsQuota = testRequirement{
+		func() bool {
+			return SysInfo.CPUCfsQuota
+		},
+		"Test requires an environment that supports cgroup cfs quota.",
+	}
+	cpuShare = testRequirement{
+		func() bool {
+			return SysInfo.CPUShares
+		},
+		"Test requires an environment that supports cgroup cpu shares.",
+	}
+	oomControl = testRequirement{
+		func() bool {
+			return SysInfo.OomKillDisable
+		},
+		"Test requires Oom control enabled.",
+	}
+	pidsLimit = testRequirement{
+		func() bool {
+			return SysInfo.PidsLimit
+		},
+		"Test requires pids limit enabled.",
+	}
+	kernelMemorySupport = testRequirement{
+		func() bool {
+			return SysInfo.KernelMemory
+		},
+		"Test requires an environment that supports cgroup kernel memory.",
+	}
+	memoryLimitSupport = testRequirement{
+		func() bool {
+			return SysInfo.MemoryLimit
+		},
+		"Test requires an environment that supports cgroup memory limit.",
+	}
+	memoryReservationSupport = testRequirement{
+		func() bool {
+			return SysInfo.MemoryReservation
+		},
+		"Test requires an environment that supports cgroup memory reservation.",
+	}
+	swapMemorySupport = testRequirement{
+		func() bool {
+			return SysInfo.SwapLimit
+		},
+		"Test requires an environment that supports cgroup swap memory limit.",
+	}
+	memorySwappinessSupport = testRequirement{
+		func() bool {
+			return SysInfo.MemorySwappiness
+		},
+		"Test requires an environment that supports cgroup memory swappiness.",
+	}
+	blkioWeight = testRequirement{
+		func() bool {
+			return SysInfo.BlkioWeight
+		},
+		"Test requires an environment that supports blkio weight.",
+	}
+	cgroupCpuset = testRequirement{
+		func() bool {
+			return SysInfo.Cpuset
+		},
+		"Test requires an environment that supports cgroup cpuset.",
+	}
+	seccompEnabled = testRequirement{
+		func() bool {
+			return supportsSeccomp && SysInfo.Seccomp
+		},
+		"Test requires that seccomp support be enabled in the daemon.",
+	}
+	bridgeNfIptables = testRequirement{
+		func() bool {
+			return !SysInfo.BridgeNFCallIPTablesDisabled
+		},
+		"Test requires that bridge-nf-call-iptables support be enabled in the daemon.",
+	}
+	bridgeNfIP6tables = testRequirement{
+		func() bool {
+			return !SysInfo.BridgeNFCallIP6TablesDisabled
+		},
+		"Test requires that bridge-nf-call-ip6tables support be enabled in the daemon.",
+	}
+)
+
+func init() {
+	SysInfo = sysinfo.New(true)
+}
diff --git a/integration-cli/test_vars_exec.go b/integration-cli/test_vars_exec.go
new file mode 100644
index 00000000..7633b346
--- /dev/null
+++ b/integration-cli/test_vars_exec.go
@@ -0,0 +1,8 @@
+// +build !test_no_exec
+
+package main
+
+const (
+	// indicates docker daemon tested supports 'docker exec'
+	supportsExec = true
+)
diff --git a/integration-cli/test_vars_noexec.go b/integration-cli/test_vars_noexec.go
new file mode 100644
index 00000000..08450905
--- /dev/null
+++ b/integration-cli/test_vars_noexec.go
@@ -0,0 +1,8 @@
+// +build test_no_exec
+
+package main
+
+const (
+	// indicates docker daemon tested supports 'docker exec'
+	supportsExec = false
+)
diff --git a/integration-cli/test_vars_noseccomp.go b/integration-cli/test_vars_noseccomp.go
new file mode 100644
index 00000000..2f47ab07
--- /dev/null
+++ b/integration-cli/test_vars_noseccomp.go
@@ -0,0 +1,8 @@
+// +build !seccomp
+
+package main
+
+const (
+	// indicates docker daemon built with seccomp support
+	supportsSeccomp = false
+)
diff --git a/integration-cli/test_vars_seccomp.go b/integration-cli/test_vars_seccomp.go
new file mode 100644
index 00000000..00cf6972
--- /dev/null
+++ b/integration-cli/test_vars_seccomp.go
@@ -0,0 +1,8 @@
+// +build seccomp
+
+package main
+
+const (
+	// indicates docker daemon built with seccomp support
+	supportsSeccomp = true
+)
diff --git a/integration-cli/test_vars_unix.go b/integration-cli/test_vars_unix.go
new file mode 100644
index 00000000..853889ab
--- /dev/null
+++ b/integration-cli/test_vars_unix.go
@@ -0,0 +1,16 @@
+// +build !windows
+
+package main
+
+const (
+	// identifies if test suite is running on a unix platform
+	isUnixCli = true
+
+	expectedFileChmod = "-rw-r--r--"
+
+	// On Unix variants, the busybox image comes with the `top` command which
+	// runs indefinitely while still being interruptible by a signal.
+	defaultSleepImage = "busybox"
+)
+
+var defaultSleepCommand = []string{"top"}
diff --git a/integration-cli/test_vars_windows.go b/integration-cli/test_vars_windows.go
new file mode 100644
index 00000000..ff51f89b
--- /dev/null
+++ b/integration-cli/test_vars_windows.go
@@ -0,0 +1,18 @@
+// +build windows
+
+package main
+
+const (
+	// identifies if test suite is running on a unix platform
+	isUnixCli = false
+
+	// this is the expected file permission set on windows: gh#11395
+	expectedFileChmod = "-rwxr-xr-x"
+
+	// On Windows, the busybox image doesn't have the `top` command, so we rely
+	// on `sleep` with a high duration.
+	defaultSleepImage = "busybox"
+)
+
+// TODO Windows: In TP5, decrease this sleep time, as performance will be better
+var defaultSleepCommand = []string{"sleep", "240"}
diff --git a/integration-cli/trust_server.go b/integration-cli/trust_server.go
new file mode 100644
index 00000000..77314c39
--- /dev/null
+++ b/integration-cli/trust_server.go
@@ -0,0 +1,336 @@
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net"
+	"net/http"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/cliconfig"
+	"github.com/docker/docker/pkg/integration/checker"
+	"github.com/docker/docker/pkg/tlsconfig"
+	"github.com/go-check/check"
+)
+
+var notaryBinary = "notary"
+var notaryServerBinary = "notary-server"
+
+type keyPair struct {
+	Public  string
+	Private string
+}
+
+type testNotary struct {
+	cmd  *exec.Cmd
+	dir  string
+	keys []keyPair
+}
+
+const notaryHost = "localhost:4443"
+const notaryURL = "https://" + notaryHost
+
+func newTestNotary(c *check.C) (*testNotary, error) {
+	// generate server config
+	template := `{
+	"server": {
+		"http_addr": "%s",
+		"tls_key_file": "%s",
+		"tls_cert_file": "%s"
+	},
+	"trust_service": {
+		"type": "local",
+		"hostname": "",
+		"port": "",
+		"key_algorithm": "ed25519"
+	},
+	"logging": {
+		"level": "debug"
+	},
+	"storage": {
+        "backend": "memory"
+    }
+}`
+	tmp, err := ioutil.TempDir("", "notary-test-")
+	if err != nil {
+		return nil, err
+	}
+	confPath := filepath.Join(tmp, "config.json")
+	config, err := os.Create(confPath)
+	defer config.Close()
+	if err != nil {
+		return nil, err
+	}
+
+	workingDir, err := os.Getwd()
+	if err != nil {
+		return nil, err
+	}
+	if _, err := fmt.Fprintf(config, template, notaryHost, filepath.Join(workingDir, "fixtures/notary/localhost.key"), filepath.Join(workingDir, "fixtures/notary/localhost.cert")); err != nil {
+		os.RemoveAll(tmp)
+		return nil, err
+	}
+
+	// generate client config
+	clientConfPath := filepath.Join(tmp, "client-config.json")
+	clientConfig, err := os.Create(clientConfPath)
+	defer clientConfig.Close()
+	if err != nil {
+		return nil, err
+	}
+	template = `{
+	"trust_dir" : "%s",
+	"remote_server": {
+		"url": "%s",
+		"skipTLSVerify": true
+	}
+}`
+	if _, err = fmt.Fprintf(clientConfig, template, filepath.Join(cliconfig.ConfigDir(), "trust"), notaryURL); err != nil {
+		os.RemoveAll(tmp)
+		return nil, err
+	}
+
+	// load key fixture filenames
+	var keys []keyPair
+	for i := 1; i < 5; i++ {
+		keys = append(keys, keyPair{
+			Public:  filepath.Join(workingDir, fmt.Sprintf("fixtures/notary/delgkey%v.crt", i)),
+			Private: filepath.Join(workingDir, fmt.Sprintf("fixtures/notary/delgkey%v.key", i)),
+		})
+	}
+
+	// run notary-server
+	cmd := exec.Command(notaryServerBinary, "-config", confPath)
+	if err := cmd.Start(); err != nil {
+		os.RemoveAll(tmp)
+		if os.IsNotExist(err) {
+			c.Skip(err.Error())
+		}
+		return nil, err
+	}
+
+	testNotary := &testNotary{
+		cmd:  cmd,
+		dir:  tmp,
+		keys: keys,
+	}
+
+	// Wait for notary to be ready to serve requests.
+	for i := 1; i <= 20; i++ {
+		if err = testNotary.Ping(); err == nil {
+			break
+		}
+		time.Sleep(10 * time.Millisecond * time.Duration(i*i))
+	}
+
+	if err != nil {
+		c.Fatalf("Timeout waiting for test notary to become available: %s", err)
+	}
+
+	return testNotary, nil
+}
+
+func (t *testNotary) Ping() error {
+	tlsConfig := tlsconfig.ClientDefault
+	tlsConfig.InsecureSkipVerify = true
+	client := http.Client{
+		Transport: &http.Transport{
+			Proxy: http.ProxyFromEnvironment,
+			Dial: (&net.Dialer{
+				Timeout:   30 * time.Second,
+				KeepAlive: 30 * time.Second,
+			}).Dial,
+			TLSHandshakeTimeout: 10 * time.Second,
+			TLSClientConfig:     &tlsConfig,
+		},
+	}
+	resp, err := client.Get(fmt.Sprintf("%s/v2/", notaryURL))
+	if err != nil {
+		return err
+	}
+	if resp.StatusCode != 200 {
+		return fmt.Errorf("notary ping replied with an unexpected status code %d", resp.StatusCode)
+	}
+	return nil
+}
+
+func (t *testNotary) Close() {
+	t.cmd.Process.Kill()
+	os.RemoveAll(t.dir)
+}
+
+func (s *DockerTrustSuite) trustedCmd(cmd *exec.Cmd) {
+	pwd := "12345678"
+	trustCmdEnv(cmd, notaryURL, pwd, pwd)
+}
+
+func (s *DockerTrustSuite) trustedCmdWithServer(cmd *exec.Cmd, server string) {
+	pwd := "12345678"
+	trustCmdEnv(cmd, server, pwd, pwd)
+}
+
+func (s *DockerTrustSuite) trustedCmdWithPassphrases(cmd *exec.Cmd, rootPwd, repositoryPwd string) {
+	trustCmdEnv(cmd, notaryURL, rootPwd, repositoryPwd)
+}
+
+func (s *DockerTrustSuite) trustedCmdWithDeprecatedEnvPassphrases(cmd *exec.Cmd, offlinePwd, taggingPwd string) {
+	trustCmdDeprecatedEnv(cmd, notaryURL, offlinePwd, taggingPwd)
+}
+
+func trustCmdEnv(cmd *exec.Cmd, server, rootPwd, repositoryPwd string) {
+	env := []string{
+		"DOCKER_CONTENT_TRUST=1",
+		fmt.Sprintf("DOCKER_CONTENT_TRUST_SERVER=%s", server),
+		fmt.Sprintf("DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE=%s", rootPwd),
+		fmt.Sprintf("DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE=%s", repositoryPwd),
+	}
+	cmd.Env = append(os.Environ(), env...)
+}
+
+// Helper method to test the old env variables OFFLINE and TAGGING that will
+// be deprecated by 1.10
+func trustCmdDeprecatedEnv(cmd *exec.Cmd, server, offlinePwd, taggingPwd string) {
+	env := []string{
+		"DOCKER_CONTENT_TRUST=1",
+		fmt.Sprintf("DOCKER_CONTENT_TRUST_SERVER=%s", server),
+		fmt.Sprintf("DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE=%s", offlinePwd),
+		fmt.Sprintf("DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE=%s", taggingPwd),
+	}
+	cmd.Env = append(os.Environ(), env...)
+}
+
+func (s *DockerTrustSuite) setupTrustedImage(c *check.C, name string) string {
+	repoName := fmt.Sprintf("%v/dockercli/%s:latest", privateRegistryURL, name)
+	// tag the image and upload it to the private registry
+	dockerCmd(c, "tag", "busybox", repoName)
+
+	pushCmd := exec.Command(dockerBinary, "push", repoName)
+	s.trustedCmd(pushCmd)
+	out, _, err := runCommandWithOutput(pushCmd)
+
+	if err != nil {
+		c.Fatalf("Error running trusted push: %s\n%s", err, out)
+	}
+	if !strings.Contains(string(out), "Signing and pushing trust metadata") {
+		c.Fatalf("Missing expected output on trusted push:\n%s", out)
+	}
+
+	if out, status := dockerCmd(c, "rmi", repoName); status != 0 {
+		c.Fatalf("Error removing image %q\n%s", repoName, out)
+	}
+
+	return repoName
+}
+
+func notaryClientEnv(cmd *exec.Cmd) {
+	pwd := "12345678"
+	env := []string{
+		fmt.Sprintf("NOTARY_ROOT_PASSPHRASE=%s", pwd),
+		fmt.Sprintf("NOTARY_TARGETS_PASSPHRASE=%s", pwd),
+		fmt.Sprintf("NOTARY_SNAPSHOT_PASSPHRASE=%s", pwd),
+		fmt.Sprintf("NOTARY_DELEGATION_PASSPHRASE=%s", pwd),
+	}
+	cmd.Env = append(os.Environ(), env...)
+}
+
+func (s *DockerTrustSuite) notaryInitRepo(c *check.C, repoName string) {
+	initCmd := exec.Command(notaryBinary, "-c", filepath.Join(s.not.dir, "client-config.json"), "init", repoName)
+	notaryClientEnv(initCmd)
+	out, _, err := runCommandWithOutput(initCmd)
+	if err != nil {
+		c.Fatalf("Error initializing notary repository: %s\n", out)
+	}
+}
+
+func (s *DockerTrustSuite) notaryCreateDelegation(c *check.C, repoName, role string, pubKey string, paths ...string) {
+	pathsArg := "--all-paths"
+	if len(paths) > 0 {
+		pathsArg = "--paths=" + strings.Join(paths, ",")
+	}
+
+	delgCmd := exec.Command(notaryBinary, "-c", filepath.Join(s.not.dir, "client-config.json"),
+		"delegation", "add", repoName, role, pubKey, pathsArg)
+	notaryClientEnv(delgCmd)
+	out, _, err := runCommandWithOutput(delgCmd)
+	if err != nil {
+		c.Fatalf("Error adding %s role to notary repository: %s\n", role, out)
+	}
+}
+
+func (s *DockerTrustSuite) notaryPublish(c *check.C, repoName string) {
+	pubCmd := exec.Command(notaryBinary, "-c", filepath.Join(s.not.dir, "client-config.json"), "publish", repoName)
+	notaryClientEnv(pubCmd)
+	out, _, err := runCommandWithOutput(pubCmd)
+	if err != nil {
+		c.Fatalf("Error publishing notary repository: %s\n", out)
+	}
+}
+
+func (s *DockerTrustSuite) notaryImportKey(c *check.C, repoName, role string, privKey string) {
+	impCmd := exec.Command(notaryBinary, "-c", filepath.Join(s.not.dir, "client-config.json"), "key",
+		"import", privKey, "-g", repoName, "-r", role)
+	notaryClientEnv(impCmd)
+	out, _, err := runCommandWithOutput(impCmd)
+	if err != nil {
+		c.Fatalf("Error importing key to notary repository: %s\n", out)
+	}
+}
+
+func (s *DockerTrustSuite) notaryListTargetsInRole(c *check.C, repoName, role string) map[string]string {
+	listCmd := exec.Command(notaryBinary, "-c", filepath.Join(s.not.dir, "client-config.json"), "list",
+		repoName, "-r", role)
+	notaryClientEnv(listCmd)
+	out, _, err := runCommandWithOutput(listCmd)
+	if err != nil {
+		c.Fatalf("Error listing targets in notary repository: %s\n", out)
+	}
+
+	// should look something like:
+	//    NAME                                 DIGEST                                SIZE (BYTES)    ROLE
+	// ------------------------------------------------------------------------------------------------------
+	//   latest   24a36bbc059b1345b7e8be0df20f1b23caa3602e85d42fff7ecd9d0bd255de56   1377           targets
+
+	targets := make(map[string]string)
+
+	// no target
+	lines := strings.Split(strings.TrimSpace(out), "\n")
+	if len(lines) == 1 && strings.Contains(out, "No targets present in this repository.") {
+		return targets
+	}
+
+	// otherwise, there is at least one target
+	c.Assert(len(lines), checker.GreaterOrEqualThan, 3)
+
+	for _, line := range lines[2:] {
+		tokens := strings.Fields(line)
+		c.Assert(tokens, checker.HasLen, 4)
+		targets[tokens[0]] = tokens[3]
+	}
+
+	return targets
+}
+
+func (s *DockerTrustSuite) assertTargetInRoles(c *check.C, repoName, target string, roles ...string) {
+	// check all the roles
+	for _, role := range roles {
+		targets := s.notaryListTargetsInRole(c, repoName, role)
+		roleName, ok := targets[target]
+		c.Assert(ok, checker.True)
+		c.Assert(roleName, checker.Equals, role)
+	}
+}
+
+func (s *DockerTrustSuite) assertTargetNotInRoles(c *check.C, repoName, target string, roles ...string) {
+	targets := s.notaryListTargetsInRole(c, repoName, "targets")
+
+	roleName, ok := targets[target]
+	if ok {
+		for _, role := range roles {
+			c.Assert(roleName, checker.Not(checker.Equals), role)
+		}
+	}
+}
diff --git a/integration-cli/utils.go b/integration-cli/utils.go
new file mode 100644
index 00000000..149f1c45
--- /dev/null
+++ b/integration-cli/utils.go
@@ -0,0 +1,85 @@
+package main
+
+import (
+	"io"
+	"os"
+	"os/exec"
+	"time"
+
+	"github.com/docker/docker/pkg/integration"
+)
+
+func getPrefixAndSlashFromDaemonPlatform() (prefix, slash string) {
+	if daemonPlatform == "windows" {
+		return "c:", `\`
+	}
+	return "", "/"
+}
+
+func getExitCode(err error) (int, error) {
+	return integration.GetExitCode(err)
+}
+
+func processExitCode(err error) (exitCode int) {
+	return integration.ProcessExitCode(err)
+}
+
+func isKilled(err error) bool {
+	return integration.IsKilled(err)
+}
+
+func runCommandWithOutput(cmd *exec.Cmd) (output string, exitCode int, err error) {
+	return integration.RunCommandWithOutput(cmd)
+}
+
+func runCommandWithStdoutStderr(cmd *exec.Cmd) (stdout string, stderr string, exitCode int, err error) {
+	return integration.RunCommandWithStdoutStderr(cmd)
+}
+
+func runCommandWithOutputForDuration(cmd *exec.Cmd, duration time.Duration) (output string, exitCode int, timedOut bool, err error) {
+	return integration.RunCommandWithOutputForDuration(cmd, duration)
+}
+
+func runCommandWithOutputAndTimeout(cmd *exec.Cmd, timeout time.Duration) (output string, exitCode int, err error) {
+	return integration.RunCommandWithOutputAndTimeout(cmd, timeout)
+}
+
+func runCommand(cmd *exec.Cmd) (exitCode int, err error) {
+	return integration.RunCommand(cmd)
+}
+
+func runCommandPipelineWithOutput(cmds ...*exec.Cmd) (output string, exitCode int, err error) {
+	return integration.RunCommandPipelineWithOutput(cmds...)
+}
+
+func unmarshalJSON(data []byte, result interface{}) error {
+	return integration.UnmarshalJSON(data, result)
+}
+
+func convertSliceOfStringsToMap(input []string) map[string]struct{} {
+	return integration.ConvertSliceOfStringsToMap(input)
+}
+
+func compareDirectoryEntries(e1 []os.FileInfo, e2 []os.FileInfo) error {
+	return integration.CompareDirectoryEntries(e1, e2)
+}
+
+func listTar(f io.Reader) ([]string, error) {
+	return integration.ListTar(f)
+}
+
+func randomTmpDirPath(s string, platform string) string {
+	return integration.RandomTmpDirPath(s, platform)
+}
+
+func consumeWithSpeed(reader io.Reader, chunkSize int, interval time.Duration, stop chan bool) (n int, err error) {
+	return integration.ConsumeWithSpeed(reader, chunkSize, interval, stop)
+}
+
+func parseCgroupPaths(procCgroupData string) map[string]string {
+	return integration.ParseCgroupPaths(procCgroupData)
+}
+
+func runAtDifferentDate(date time.Time, block func()) {
+	integration.RunAtDifferentDate(date, block)
+}
diff --git a/layer/empty.go b/layer/empty.go
new file mode 100644
index 00000000..5e1cb184
--- /dev/null
+++ b/layer/empty.go
@@ -0,0 +1,48 @@
+package layer
+
+import (
+	"archive/tar"
+	"bytes"
+	"io"
+	"io/ioutil"
+)
+
+// DigestSHA256EmptyTar is the canonical sha256 digest of empty tar file -
+// (1024 NULL bytes)
+const DigestSHA256EmptyTar = DiffID("sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef")
+
+type emptyLayer struct{}
+
+// EmptyLayer is a layer that corresponds to empty tar.
+var EmptyLayer = &emptyLayer{}
+
+func (el *emptyLayer) TarStream() (io.ReadCloser, error) {
+	buf := new(bytes.Buffer)
+	tarWriter := tar.NewWriter(buf)
+	tarWriter.Close()
+	return ioutil.NopCloser(buf), nil
+}
+
+func (el *emptyLayer) ChainID() ChainID {
+	return ChainID(DigestSHA256EmptyTar)
+}
+
+func (el *emptyLayer) DiffID() DiffID {
+	return DigestSHA256EmptyTar
+}
+
+func (el *emptyLayer) Parent() Layer {
+	return nil
+}
+
+func (el *emptyLayer) Size() (size int64, err error) {
+	return 0, nil
+}
+
+func (el *emptyLayer) DiffSize() (size int64, err error) {
+	return 0, nil
+}
+
+func (el *emptyLayer) Metadata() (map[string]string, error) {
+	return make(map[string]string), nil
+}
diff --git a/layer/empty_test.go b/layer/empty_test.go
new file mode 100644
index 00000000..c22da766
--- /dev/null
+++ b/layer/empty_test.go
@@ -0,0 +1,46 @@
+package layer
+
+import (
+	"io"
+	"testing"
+
+	"github.com/docker/distribution/digest"
+)
+
+func TestEmptyLayer(t *testing.T) {
+	if EmptyLayer.ChainID() != ChainID(DigestSHA256EmptyTar) {
+		t.Fatal("wrong ID for empty layer")
+	}
+
+	if EmptyLayer.DiffID() != DigestSHA256EmptyTar {
+		t.Fatal("wrong DiffID for empty layer")
+	}
+
+	if EmptyLayer.Parent() != nil {
+		t.Fatal("expected no parent for empty layer")
+	}
+
+	if size, err := EmptyLayer.Size(); err != nil || size != 0 {
+		t.Fatal("expected zero size for empty layer")
+	}
+
+	if diffSize, err := EmptyLayer.DiffSize(); err != nil || diffSize != 0 {
+		t.Fatal("expected zero diffsize for empty layer")
+	}
+
+	tarStream, err := EmptyLayer.TarStream()
+	if err != nil {
+		t.Fatalf("error streaming tar for empty layer: %v", err)
+	}
+
+	digester := digest.Canonical.New()
+	_, err = io.Copy(digester.Hash(), tarStream)
+
+	if err != nil {
+		t.Fatalf("error hashing empty tar layer: %v", err)
+	}
+
+	if digester.Digest() != digest.Digest(DigestSHA256EmptyTar) {
+		t.Fatal("empty layer tar stream hashes to wrong value")
+	}
+}
diff --git a/layer/filestore.go b/layer/filestore.go
new file mode 100644
index 00000000..a0044b36
--- /dev/null
+++ b/layer/filestore.go
@@ -0,0 +1,326 @@
+package layer
+
+import (
+	"compress/gzip"
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"regexp"
+	"strconv"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/pkg/ioutils"
+)
+
+var (
+	stringIDRegexp      = regexp.MustCompile(`^[a-f0-9]{64}(-init)?$`)
+	supportedAlgorithms = []digest.Algorithm{
+		digest.SHA256,
+		// digest.SHA384, // Currently not used
+		// digest.SHA512, // Currently not used
+	}
+)
+
+type fileMetadataStore struct {
+	root string
+}
+
+type fileMetadataTransaction struct {
+	store *fileMetadataStore
+	root  string
+}
+
+// NewFSMetadataStore returns an instance of a metadata store
+// which is backed by files on disk using the provided root
+// as the root of metadata files.
+func NewFSMetadataStore(root string) (MetadataStore, error) {
+	if err := os.MkdirAll(root, 0700); err != nil {
+		return nil, err
+	}
+	return &fileMetadataStore{
+		root: root,
+	}, nil
+}
+
+func (fms *fileMetadataStore) getLayerDirectory(layer ChainID) string {
+	dgst := digest.Digest(layer)
+	return filepath.Join(fms.root, string(dgst.Algorithm()), dgst.Hex())
+}
+
+func (fms *fileMetadataStore) getLayerFilename(layer ChainID, filename string) string {
+	return filepath.Join(fms.getLayerDirectory(layer), filename)
+}
+
+func (fms *fileMetadataStore) getMountDirectory(mount string) string {
+	return filepath.Join(fms.root, "mounts", mount)
+}
+
+func (fms *fileMetadataStore) getMountFilename(mount, filename string) string {
+	return filepath.Join(fms.getMountDirectory(mount), filename)
+}
+
+func (fms *fileMetadataStore) StartTransaction() (MetadataTransaction, error) {
+	tmpDir := filepath.Join(fms.root, "tmp")
+	if err := os.MkdirAll(tmpDir, 0755); err != nil {
+		return nil, err
+	}
+
+	td, err := ioutil.TempDir(tmpDir, "layer-")
+	if err != nil {
+		return nil, err
+	}
+	// Create a new tempdir
+	return &fileMetadataTransaction{
+		store: fms,
+		root:  td,
+	}, nil
+}
+
+func (fm *fileMetadataTransaction) SetSize(size int64) error {
+	content := fmt.Sprintf("%d", size)
+	return ioutil.WriteFile(filepath.Join(fm.root, "size"), []byte(content), 0644)
+}
+
+func (fm *fileMetadataTransaction) SetParent(parent ChainID) error {
+	return ioutil.WriteFile(filepath.Join(fm.root, "parent"), []byte(digest.Digest(parent).String()), 0644)
+}
+
+func (fm *fileMetadataTransaction) SetDiffID(diff DiffID) error {
+	return ioutil.WriteFile(filepath.Join(fm.root, "diff"), []byte(digest.Digest(diff).String()), 0644)
+}
+
+func (fm *fileMetadataTransaction) SetCacheID(cacheID string) error {
+	return ioutil.WriteFile(filepath.Join(fm.root, "cache-id"), []byte(cacheID), 0644)
+}
+
+func (fm *fileMetadataTransaction) TarSplitWriter(compressInput bool) (io.WriteCloser, error) {
+	f, err := os.OpenFile(filepath.Join(fm.root, "tar-split.json.gz"), os.O_TRUNC|os.O_CREATE|os.O_WRONLY, 0644)
+	if err != nil {
+		return nil, err
+	}
+	var wc io.WriteCloser
+	if compressInput {
+		wc = gzip.NewWriter(f)
+	} else {
+		wc = f
+	}
+
+	return ioutils.NewWriteCloserWrapper(wc, func() error {
+		wc.Close()
+		return f.Close()
+	}), nil
+}
+
+func (fm *fileMetadataTransaction) Commit(layer ChainID) error {
+	finalDir := fm.store.getLayerDirectory(layer)
+	if err := os.MkdirAll(filepath.Dir(finalDir), 0755); err != nil {
+		return err
+	}
+	return os.Rename(fm.root, finalDir)
+}
+
+func (fm *fileMetadataTransaction) Cancel() error {
+	return os.RemoveAll(fm.root)
+}
+
+func (fm *fileMetadataTransaction) String() string {
+	return fm.root
+}
+
+func (fms *fileMetadataStore) GetSize(layer ChainID) (int64, error) {
+	content, err := ioutil.ReadFile(fms.getLayerFilename(layer, "size"))
+	if err != nil {
+		return 0, err
+	}
+
+	size, err := strconv.ParseInt(string(content), 10, 64)
+	if err != nil {
+		return 0, err
+	}
+
+	return size, nil
+}
+
+func (fms *fileMetadataStore) GetParent(layer ChainID) (ChainID, error) {
+	content, err := ioutil.ReadFile(fms.getLayerFilename(layer, "parent"))
+	if err != nil {
+		if os.IsNotExist(err) {
+			return "", nil
+		}
+		return "", err
+	}
+
+	dgst, err := digest.ParseDigest(strings.TrimSpace(string(content)))
+	if err != nil {
+		return "", err
+	}
+
+	return ChainID(dgst), nil
+}
+
+func (fms *fileMetadataStore) GetDiffID(layer ChainID) (DiffID, error) {
+	content, err := ioutil.ReadFile(fms.getLayerFilename(layer, "diff"))
+	if err != nil {
+		return "", err
+	}
+
+	dgst, err := digest.ParseDigest(strings.TrimSpace(string(content)))
+	if err != nil {
+		return "", err
+	}
+
+	return DiffID(dgst), nil
+}
+
+func (fms *fileMetadataStore) GetCacheID(layer ChainID) (string, error) {
+	contentBytes, err := ioutil.ReadFile(fms.getLayerFilename(layer, "cache-id"))
+	if err != nil {
+		return "", err
+	}
+	content := strings.TrimSpace(string(contentBytes))
+
+	if !stringIDRegexp.MatchString(content) {
+		return "", errors.New("invalid cache id value")
+	}
+
+	return content, nil
+}
+
+func (fms *fileMetadataStore) TarSplitReader(layer ChainID) (io.ReadCloser, error) {
+	fz, err := os.Open(fms.getLayerFilename(layer, "tar-split.json.gz"))
+	if err != nil {
+		return nil, err
+	}
+	f, err := gzip.NewReader(fz)
+	if err != nil {
+		return nil, err
+	}
+
+	return ioutils.NewReadCloserWrapper(f, func() error {
+		f.Close()
+		return fz.Close()
+	}), nil
+}
+
+func (fms *fileMetadataStore) SetMountID(mount string, mountID string) error {
+	if err := os.MkdirAll(fms.getMountDirectory(mount), 0755); err != nil {
+		return err
+	}
+	return ioutil.WriteFile(fms.getMountFilename(mount, "mount-id"), []byte(mountID), 0644)
+}
+
+func (fms *fileMetadataStore) SetInitID(mount string, init string) error {
+	if err := os.MkdirAll(fms.getMountDirectory(mount), 0755); err != nil {
+		return err
+	}
+	return ioutil.WriteFile(fms.getMountFilename(mount, "init-id"), []byte(init), 0644)
+}
+
+func (fms *fileMetadataStore) SetMountParent(mount string, parent ChainID) error {
+	if err := os.MkdirAll(fms.getMountDirectory(mount), 0755); err != nil {
+		return err
+	}
+	return ioutil.WriteFile(fms.getMountFilename(mount, "parent"), []byte(digest.Digest(parent).String()), 0644)
+}
+
+func (fms *fileMetadataStore) GetMountID(mount string) (string, error) {
+	contentBytes, err := ioutil.ReadFile(fms.getMountFilename(mount, "mount-id"))
+	if err != nil {
+		return "", err
+	}
+	content := strings.TrimSpace(string(contentBytes))
+
+	if !stringIDRegexp.MatchString(content) {
+		return "", errors.New("invalid mount id value")
+	}
+
+	return content, nil
+}
+
+func (fms *fileMetadataStore) GetInitID(mount string) (string, error) {
+	contentBytes, err := ioutil.ReadFile(fms.getMountFilename(mount, "init-id"))
+	if err != nil {
+		if os.IsNotExist(err) {
+			return "", nil
+		}
+		return "", err
+	}
+	content := strings.TrimSpace(string(contentBytes))
+
+	if !stringIDRegexp.MatchString(content) {
+		return "", errors.New("invalid init id value")
+	}
+
+	return content, nil
+}
+
+func (fms *fileMetadataStore) GetMountParent(mount string) (ChainID, error) {
+	content, err := ioutil.ReadFile(fms.getMountFilename(mount, "parent"))
+	if err != nil {
+		if os.IsNotExist(err) {
+			return "", nil
+		}
+		return "", err
+	}
+
+	dgst, err := digest.ParseDigest(strings.TrimSpace(string(content)))
+	if err != nil {
+		return "", err
+	}
+
+	return ChainID(dgst), nil
+}
+
+func (fms *fileMetadataStore) List() ([]ChainID, []string, error) {
+	var ids []ChainID
+	for _, algorithm := range supportedAlgorithms {
+		fileInfos, err := ioutil.ReadDir(filepath.Join(fms.root, string(algorithm)))
+		if err != nil {
+			if os.IsNotExist(err) {
+				continue
+			}
+			return nil, nil, err
+		}
+
+		for _, fi := range fileInfos {
+			if fi.IsDir() && fi.Name() != "mounts" {
+				dgst := digest.NewDigestFromHex(string(algorithm), fi.Name())
+				if err := dgst.Validate(); err != nil {
+					logrus.Debugf("Ignoring invalid digest %s:%s", algorithm, fi.Name())
+				} else {
+					ids = append(ids, ChainID(dgst))
+				}
+			}
+		}
+	}
+
+	fileInfos, err := ioutil.ReadDir(filepath.Join(fms.root, "mounts"))
+	if err != nil {
+		if os.IsNotExist(err) {
+			return ids, []string{}, nil
+		}
+		return nil, nil, err
+	}
+
+	var mounts []string
+	for _, fi := range fileInfos {
+		if fi.IsDir() {
+			mounts = append(mounts, fi.Name())
+		}
+	}
+
+	return ids, mounts, nil
+}
+
+func (fms *fileMetadataStore) Remove(layer ChainID) error {
+	return os.RemoveAll(fms.getLayerDirectory(layer))
+}
+
+func (fms *fileMetadataStore) RemoveMount(mount string) error {
+	return os.RemoveAll(fms.getMountDirectory(mount))
+}
diff --git a/layer/filestore_test.go b/layer/filestore_test.go
new file mode 100644
index 00000000..55e3b285
--- /dev/null
+++ b/layer/filestore_test.go
@@ -0,0 +1,104 @@
+package layer
+
+import (
+	"fmt"
+	"io/ioutil"
+	"math/rand"
+	"os"
+	"path/filepath"
+	"strings"
+	"syscall"
+	"testing"
+
+	"github.com/docker/distribution/digest"
+)
+
+func randomLayerID(seed int64) ChainID {
+	r := rand.New(rand.NewSource(seed))
+
+	return ChainID(digest.FromBytes([]byte(fmt.Sprintf("%d", r.Int63()))))
+}
+
+func newFileMetadataStore(t *testing.T) (*fileMetadataStore, string, func()) {
+	td, err := ioutil.TempDir("", "layers-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	fms, err := NewFSMetadataStore(td)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	return fms.(*fileMetadataStore), td, func() {
+		if err := os.RemoveAll(td); err != nil {
+			t.Logf("Failed to cleanup %q: %s", td, err)
+		}
+	}
+}
+
+func assertNotDirectoryError(t *testing.T, err error) {
+	perr, ok := err.(*os.PathError)
+	if !ok {
+		t.Fatalf("Unexpected error %#v, expected path error", err)
+	}
+
+	if perr.Err != syscall.ENOTDIR {
+		t.Fatalf("Unexpected error %s, expected %s", perr.Err, syscall.ENOTDIR)
+	}
+}
+
+func TestCommitFailure(t *testing.T) {
+	fms, td, cleanup := newFileMetadataStore(t)
+	defer cleanup()
+
+	if err := ioutil.WriteFile(filepath.Join(td, "sha256"), []byte("was here first!"), 0644); err != nil {
+		t.Fatal(err)
+	}
+
+	tx, err := fms.StartTransaction()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if err := tx.SetSize(0); err != nil {
+		t.Fatal(err)
+	}
+
+	err = tx.Commit(randomLayerID(5))
+	if err == nil {
+		t.Fatalf("Expected error committing with invalid layer parent directory")
+	}
+	assertNotDirectoryError(t, err)
+}
+
+func TestStartTransactionFailure(t *testing.T) {
+	fms, td, cleanup := newFileMetadataStore(t)
+	defer cleanup()
+
+	if err := ioutil.WriteFile(filepath.Join(td, "tmp"), []byte("was here first!"), 0644); err != nil {
+		t.Fatal(err)
+	}
+
+	_, err := fms.StartTransaction()
+	if err == nil {
+		t.Fatalf("Expected error starting transaction with invalid layer parent directory")
+	}
+	assertNotDirectoryError(t, err)
+
+	if err := os.Remove(filepath.Join(td, "tmp")); err != nil {
+		t.Fatal(err)
+	}
+
+	tx, err := fms.StartTransaction()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if expected := filepath.Join(td, "tmp"); strings.HasPrefix(expected, tx.String()) {
+		t.Fatalf("Unexpected transaction string %q, expected prefix %q", tx.String(), expected)
+	}
+
+	if err := tx.Cancel(); err != nil {
+		t.Fatal(err)
+	}
+}
diff --git a/layer/layer.go b/layer/layer.go
new file mode 100644
index 00000000..ad01e89a
--- /dev/null
+++ b/layer/layer.go
@@ -0,0 +1,262 @@
+// Package layer is package for managing read-only
+// and read-write mounts on the union file system
+// driver. Read-only mounts are referenced using a
+// content hash and are protected from mutation in
+// the exposed interface. The tar format is used
+// to create read-only layers and export both
+// read-only and writable layers. The exported
+// tar data for a read-only layer should match
+// the tar used to create the layer.
+package layer
+
+import (
+	"errors"
+	"io"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/pkg/archive"
+)
+
+var (
+	// ErrLayerDoesNotExist is used when an operation is
+	// attempted on a layer which does not exist.
+	ErrLayerDoesNotExist = errors.New("layer does not exist")
+
+	// ErrLayerNotRetained is used when a release is
+	// attempted on a layer which is not retained.
+	ErrLayerNotRetained = errors.New("layer not retained")
+
+	// ErrMountDoesNotExist is used when an operation is
+	// attempted on a mount layer which does not exist.
+	ErrMountDoesNotExist = errors.New("mount does not exist")
+
+	// ErrMountNameConflict is used when a mount is attempted
+	// to be created but there is already a mount with the name
+	// used for creation.
+	ErrMountNameConflict = errors.New("mount already exists with name")
+
+	// ErrActiveMount is used when an operation on a
+	// mount is attempted but the layer is still
+	// mounted and the operation cannot be performed.
+	ErrActiveMount = errors.New("mount still active")
+
+	// ErrNotMounted is used when requesting an active
+	// mount but the layer is not mounted.
+	ErrNotMounted = errors.New("not mounted")
+
+	// ErrMaxDepthExceeded is used when a layer is attempted
+	// to be created which would result in a layer depth
+	// greater than the 125 max.
+	ErrMaxDepthExceeded = errors.New("max depth exceeded")
+
+	// ErrNotSupported is used when the action is not supppoted
+	// on the current platform
+	ErrNotSupported = errors.New("not support on this platform")
+)
+
+// ChainID is the content-addressable ID of a layer.
+type ChainID digest.Digest
+
+// String returns a string rendition of a layer ID
+func (id ChainID) String() string {
+	return string(id)
+}
+
+// DiffID is the hash of an individual layer tar.
+type DiffID digest.Digest
+
+// String returns a string rendition of a layer DiffID
+func (diffID DiffID) String() string {
+	return string(diffID)
+}
+
+// TarStreamer represents an object which may
+// have its contents exported as a tar stream.
+type TarStreamer interface {
+	// TarStream returns a tar archive stream
+	// for the contents of a layer.
+	TarStream() (io.ReadCloser, error)
+}
+
+// Layer represents a read-only layer
+type Layer interface {
+	TarStreamer
+
+	// ChainID returns the content hash of the entire layer chain. The hash
+	// chain is made up of DiffID of top layer and all of its parents.
+	ChainID() ChainID
+
+	// DiffID returns the content hash of the layer
+	// tar stream used to create this layer.
+	DiffID() DiffID
+
+	// Parent returns the next layer in the layer chain.
+	Parent() Layer
+
+	// Size returns the size of the entire layer chain. The size
+	// is calculated from the total size of all files in the layers.
+	Size() (int64, error)
+
+	// DiffSize returns the size difference of the top layer
+	// from parent layer.
+	DiffSize() (int64, error)
+
+	// Metadata returns the low level storage metadata associated
+	// with layer.
+	Metadata() (map[string]string, error)
+}
+
+// RWLayer represents a layer which is
+// read and writable
+type RWLayer interface {
+	TarStreamer
+
+	// Name of mounted layer
+	Name() string
+
+	// Parent returns the layer which the writable
+	// layer was created from.
+	Parent() Layer
+
+	// Mount mounts the RWLayer and returns the filesystem path
+	// the to the writable layer.
+	Mount(mountLabel string) (string, error)
+
+	// Unmount unmounts the RWLayer. This should be called
+	// for every mount. If there are multiple mount calls
+	// this operation will only decrement the internal mount counter.
+	Unmount() error
+
+	// Size represents the size of the writable layer
+	// as calculated by the total size of the files
+	// changed in the mutable layer.
+	Size() (int64, error)
+
+	// Changes returns the set of changes for the mutable layer
+	// from the base layer.
+	Changes() ([]archive.Change, error)
+
+	// Metadata returns the low level metadata for the mutable layer
+	Metadata() (map[string]string, error)
+}
+
+// Metadata holds information about a
+// read-only layer
+type Metadata struct {
+	// ChainID is the content hash of the layer
+	ChainID ChainID
+
+	// DiffID is the hash of the tar data used to
+	// create the layer
+	DiffID DiffID
+
+	// Size is the size of the layer and all parents
+	Size int64
+
+	// DiffSize is the size of the top layer
+	DiffSize int64
+}
+
+// MountInit is a function to initialize a
+// writable mount. Changes made here will
+// not be included in the Tar stream of the
+// RWLayer.
+type MountInit func(root string) error
+
+// Store represents a backend for managing both
+// read-only and read-write layers.
+type Store interface {
+	Register(io.Reader, ChainID) (Layer, error)
+	Get(ChainID) (Layer, error)
+	Release(Layer) ([]Metadata, error)
+
+	CreateRWLayer(id string, parent ChainID, mountLabel string, initFunc MountInit) (RWLayer, error)
+	GetRWLayer(id string) (RWLayer, error)
+	GetMountID(id string) (string, error)
+	ReinitRWLayer(l RWLayer) error
+	ReleaseRWLayer(RWLayer) ([]Metadata, error)
+
+	Cleanup() error
+	DriverStatus() [][2]string
+	DriverName() string
+}
+
+// MetadataTransaction represents functions for setting layer metadata
+// with a single transaction.
+type MetadataTransaction interface {
+	SetSize(int64) error
+	SetParent(parent ChainID) error
+	SetDiffID(DiffID) error
+	SetCacheID(string) error
+	TarSplitWriter(compressInput bool) (io.WriteCloser, error)
+
+	Commit(ChainID) error
+	Cancel() error
+	String() string
+}
+
+// MetadataStore represents a backend for persisting
+// metadata about layers and providing the metadata
+// for restoring a Store.
+type MetadataStore interface {
+	// StartTransaction starts an update for new metadata
+	// which will be used to represent an ID on commit.
+	StartTransaction() (MetadataTransaction, error)
+
+	GetSize(ChainID) (int64, error)
+	GetParent(ChainID) (ChainID, error)
+	GetDiffID(ChainID) (DiffID, error)
+	GetCacheID(ChainID) (string, error)
+	TarSplitReader(ChainID) (io.ReadCloser, error)
+
+	SetMountID(string, string) error
+	SetInitID(string, string) error
+	SetMountParent(string, ChainID) error
+
+	GetMountID(string) (string, error)
+	GetInitID(string) (string, error)
+	GetMountParent(string) (ChainID, error)
+
+	// List returns the full list of referenced
+	// read-only and read-write layers
+	List() ([]ChainID, []string, error)
+
+	Remove(ChainID) error
+	RemoveMount(string) error
+}
+
+// CreateChainID returns ID for a layerDigest slice
+func CreateChainID(dgsts []DiffID) ChainID {
+	return createChainIDFromParent("", dgsts...)
+}
+
+func createChainIDFromParent(parent ChainID, dgsts ...DiffID) ChainID {
+	if len(dgsts) == 0 {
+		return parent
+	}
+	if parent == "" {
+		return createChainIDFromParent(ChainID(dgsts[0]), dgsts[1:]...)
+	}
+	// H = "H(n-1) SHA256(n)"
+	dgst := digest.FromBytes([]byte(string(parent) + " " + string(dgsts[0])))
+	return createChainIDFromParent(ChainID(dgst), dgsts[1:]...)
+}
+
+// ReleaseAndLog releases the provided layer from the given layer
+// store, logging any error and release metadata
+func ReleaseAndLog(ls Store, l Layer) {
+	metadata, err := ls.Release(l)
+	if err != nil {
+		logrus.Errorf("Error releasing layer %s: %v", l.ChainID(), err)
+	}
+	LogReleaseMetadata(metadata)
+}
+
+// LogReleaseMetadata logs a metadata array, uses this to
+// ensure consistent logging for release metadata
+func LogReleaseMetadata(metadatas []Metadata) {
+	for _, metadata := range metadatas {
+		logrus.Infof("Layer %s cleaned up", metadata.ChainID)
+	}
+}
diff --git a/layer/layer_store.go b/layer/layer_store.go
new file mode 100644
index 00000000..73a1b34c
--- /dev/null
+++ b/layer/layer_store.go
@@ -0,0 +1,666 @@
+package layer
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"sync"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/daemon/graphdriver"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/vbatts/tar-split/tar/asm"
+	"github.com/vbatts/tar-split/tar/storage"
+)
+
+// maxLayerDepth represents the maximum number of
+// layers which can be chained together. 125 was
+// chosen to account for the 127 max in some
+// graphdrivers plus the 2 additional layers
+// used to create a rwlayer.
+const maxLayerDepth = 125
+
+type layerStore struct {
+	store  MetadataStore
+	driver graphdriver.Driver
+
+	layerMap map[ChainID]*roLayer
+	layerL   sync.Mutex
+
+	mounts map[string]*mountedLayer
+	mountL sync.Mutex
+}
+
+// StoreOptions are the options used to create a new Store instance
+type StoreOptions struct {
+	StorePath                 string
+	MetadataStorePathTemplate string
+	GraphDriver               string
+	GraphDriverOptions        []string
+	UIDMaps                   []idtools.IDMap
+	GIDMaps                   []idtools.IDMap
+}
+
+// NewStoreFromOptions creates a new Store instance
+func NewStoreFromOptions(options StoreOptions) (Store, error) {
+	driver, err := graphdriver.New(
+		options.StorePath,
+		options.GraphDriver,
+		options.GraphDriverOptions,
+		options.UIDMaps,
+		options.GIDMaps)
+	if err != nil {
+		return nil, fmt.Errorf("error initializing graphdriver: %v", err)
+	}
+	logrus.Debugf("Using graph driver %s", driver)
+
+	fms, err := NewFSMetadataStore(fmt.Sprintf(options.MetadataStorePathTemplate, driver))
+	if err != nil {
+		return nil, err
+	}
+
+	return NewStoreFromGraphDriver(fms, driver)
+}
+
+// NewStoreFromGraphDriver creates a new Store instance using the provided
+// metadata store and graph driver. The metadata store will be used to restore
+// the Store.
+func NewStoreFromGraphDriver(store MetadataStore, driver graphdriver.Driver) (Store, error) {
+	ls := &layerStore{
+		store:    store,
+		driver:   driver,
+		layerMap: map[ChainID]*roLayer{},
+		mounts:   map[string]*mountedLayer{},
+	}
+
+	ids, mounts, err := store.List()
+	if err != nil {
+		return nil, err
+	}
+
+	for _, id := range ids {
+		l, err := ls.loadLayer(id)
+		if err != nil {
+			logrus.Debugf("Failed to load layer %s: %s", id, err)
+			continue
+		}
+		if l.parent != nil {
+			l.parent.referenceCount++
+		}
+	}
+
+	for _, mount := range mounts {
+		if err := ls.loadMount(mount); err != nil {
+			logrus.Debugf("Failed to load mount %s: %s", mount, err)
+		}
+	}
+
+	return ls, nil
+}
+
+func (ls *layerStore) loadLayer(layer ChainID) (*roLayer, error) {
+	cl, ok := ls.layerMap[layer]
+	if ok {
+		return cl, nil
+	}
+
+	diff, err := ls.store.GetDiffID(layer)
+	if err != nil {
+		return nil, fmt.Errorf("failed to get diff id for %s: %s", layer, err)
+	}
+
+	size, err := ls.store.GetSize(layer)
+	if err != nil {
+		return nil, fmt.Errorf("failed to get size for %s: %s", layer, err)
+	}
+
+	cacheID, err := ls.store.GetCacheID(layer)
+	if err != nil {
+		return nil, fmt.Errorf("failed to get cache id for %s: %s", layer, err)
+	}
+
+	parent, err := ls.store.GetParent(layer)
+	if err != nil {
+		return nil, fmt.Errorf("failed to get parent for %s: %s", layer, err)
+	}
+
+	cl = &roLayer{
+		chainID:    layer,
+		diffID:     diff,
+		size:       size,
+		cacheID:    cacheID,
+		layerStore: ls,
+		references: map[Layer]struct{}{},
+	}
+
+	if parent != "" {
+		p, err := ls.loadLayer(parent)
+		if err != nil {
+			return nil, err
+		}
+		cl.parent = p
+	}
+
+	ls.layerMap[cl.chainID] = cl
+
+	return cl, nil
+}
+
+func (ls *layerStore) loadMount(mount string) error {
+	if _, ok := ls.mounts[mount]; ok {
+		return nil
+	}
+
+	mountID, err := ls.store.GetMountID(mount)
+	if err != nil {
+		return err
+	}
+
+	initID, err := ls.store.GetInitID(mount)
+	if err != nil {
+		return err
+	}
+
+	parent, err := ls.store.GetMountParent(mount)
+	if err != nil {
+		return err
+	}
+
+	ml := &mountedLayer{
+		name:       mount,
+		mountID:    mountID,
+		initID:     initID,
+		layerStore: ls,
+		references: map[RWLayer]*referencedRWLayer{},
+	}
+
+	if parent != "" {
+		p, err := ls.loadLayer(parent)
+		if err != nil {
+			return err
+		}
+		ml.parent = p
+
+		p.referenceCount++
+	}
+
+	ls.mounts[ml.name] = ml
+
+	return nil
+}
+
+func (ls *layerStore) applyTar(tx MetadataTransaction, ts io.Reader, parent string, layer *roLayer) error {
+	digester := digest.Canonical.New()
+	tr := io.TeeReader(ts, digester.Hash())
+
+	tsw, err := tx.TarSplitWriter(true)
+	if err != nil {
+		return err
+	}
+	metaPacker := storage.NewJSONPacker(tsw)
+	defer tsw.Close()
+
+	// we're passing nil here for the file putter, because the ApplyDiff will
+	// handle the extraction of the archive
+	rdr, err := asm.NewInputTarStream(tr, metaPacker, nil)
+	if err != nil {
+		return err
+	}
+
+	applySize, err := ls.driver.ApplyDiff(layer.cacheID, parent, archive.Reader(rdr))
+	if err != nil {
+		return err
+	}
+
+	// Discard trailing data but ensure metadata is picked up to reconstruct stream
+	io.Copy(ioutil.Discard, rdr) // ignore error as reader may be closed
+
+	layer.size = applySize
+	layer.diffID = DiffID(digester.Digest())
+
+	logrus.Debugf("Applied tar %s to %s, size: %d", layer.diffID, layer.cacheID, applySize)
+
+	return nil
+}
+
+func (ls *layerStore) Register(ts io.Reader, parent ChainID) (Layer, error) {
+	// err is used to hold the error which will always trigger
+	// cleanup of creates sources but may not be an error returned
+	// to the caller (already exists).
+	var err error
+	var pid string
+	var p *roLayer
+	if string(parent) != "" {
+		p = ls.get(parent)
+		if p == nil {
+			return nil, ErrLayerDoesNotExist
+		}
+		pid = p.cacheID
+		// Release parent chain if error
+		defer func() {
+			if err != nil {
+				ls.layerL.Lock()
+				ls.releaseLayer(p)
+				ls.layerL.Unlock()
+			}
+		}()
+		if p.depth() >= maxLayerDepth {
+			err = ErrMaxDepthExceeded
+			return nil, err
+		}
+	}
+
+	// Create new roLayer
+	layer := &roLayer{
+		parent:         p,
+		cacheID:        stringid.GenerateRandomID(),
+		referenceCount: 1,
+		layerStore:     ls,
+		references:     map[Layer]struct{}{},
+	}
+
+	if err = ls.driver.Create(layer.cacheID, pid, ""); err != nil {
+		return nil, err
+	}
+
+	tx, err := ls.store.StartTransaction()
+	if err != nil {
+		return nil, err
+	}
+
+	defer func() {
+		if err != nil {
+			logrus.Debugf("Cleaning up layer %s: %v", layer.cacheID, err)
+			if err := ls.driver.Remove(layer.cacheID); err != nil {
+				logrus.Errorf("Error cleaning up cache layer %s: %v", layer.cacheID, err)
+			}
+			if err := tx.Cancel(); err != nil {
+				logrus.Errorf("Error canceling metadata transaction %q: %s", tx.String(), err)
+			}
+		}
+	}()
+
+	if err = ls.applyTar(tx, ts, pid, layer); err != nil {
+		return nil, err
+	}
+
+	if layer.parent == nil {
+		layer.chainID = ChainID(layer.diffID)
+	} else {
+		layer.chainID = createChainIDFromParent(layer.parent.chainID, layer.diffID)
+	}
+
+	if err = storeLayer(tx, layer); err != nil {
+		return nil, err
+	}
+
+	ls.layerL.Lock()
+	defer ls.layerL.Unlock()
+
+	if existingLayer := ls.getWithoutLock(layer.chainID); existingLayer != nil {
+		// Set error for cleanup, but do not return the error
+		err = errors.New("layer already exists")
+		return existingLayer.getReference(), nil
+	}
+
+	if err = tx.Commit(layer.chainID); err != nil {
+		return nil, err
+	}
+
+	ls.layerMap[layer.chainID] = layer
+
+	return layer.getReference(), nil
+}
+
+func (ls *layerStore) getWithoutLock(layer ChainID) *roLayer {
+	l, ok := ls.layerMap[layer]
+	if !ok {
+		return nil
+	}
+
+	l.referenceCount++
+
+	return l
+}
+
+func (ls *layerStore) get(l ChainID) *roLayer {
+	ls.layerL.Lock()
+	defer ls.layerL.Unlock()
+	return ls.getWithoutLock(l)
+}
+
+func (ls *layerStore) Get(l ChainID) (Layer, error) {
+	ls.layerL.Lock()
+	defer ls.layerL.Unlock()
+
+	layer := ls.getWithoutLock(l)
+	if layer == nil {
+		return nil, ErrLayerDoesNotExist
+	}
+
+	return layer.getReference(), nil
+}
+
+func (ls *layerStore) deleteLayer(layer *roLayer, metadata *Metadata) error {
+	err := ls.driver.Remove(layer.cacheID)
+	if err != nil {
+		return err
+	}
+
+	err = ls.store.Remove(layer.chainID)
+	if err != nil {
+		return err
+	}
+	metadata.DiffID = layer.diffID
+	metadata.ChainID = layer.chainID
+	metadata.Size, err = layer.Size()
+	if err != nil {
+		return err
+	}
+	metadata.DiffSize = layer.size
+
+	return nil
+}
+
+func (ls *layerStore) releaseLayer(l *roLayer) ([]Metadata, error) {
+	depth := 0
+	removed := []Metadata{}
+	for {
+		if l.referenceCount == 0 {
+			panic("layer not retained")
+		}
+		l.referenceCount--
+		if l.referenceCount != 0 {
+			return removed, nil
+		}
+
+		if len(removed) == 0 && depth > 0 {
+			panic("cannot remove layer with child")
+		}
+		if l.hasReferences() {
+			panic("cannot delete referenced layer")
+		}
+		var metadata Metadata
+		if err := ls.deleteLayer(l, &metadata); err != nil {
+			return nil, err
+		}
+
+		delete(ls.layerMap, l.chainID)
+		removed = append(removed, metadata)
+
+		if l.parent == nil {
+			return removed, nil
+		}
+
+		depth++
+		l = l.parent
+	}
+}
+
+func (ls *layerStore) Release(l Layer) ([]Metadata, error) {
+	ls.layerL.Lock()
+	defer ls.layerL.Unlock()
+	layer, ok := ls.layerMap[l.ChainID()]
+	if !ok {
+		return []Metadata{}, nil
+	}
+	if !layer.hasReference(l) {
+		return nil, ErrLayerNotRetained
+	}
+
+	layer.deleteReference(l)
+
+	return ls.releaseLayer(layer)
+}
+
+func (ls *layerStore) CreateRWLayer(name string, parent ChainID, mountLabel string, initFunc MountInit) (RWLayer, error) {
+	ls.mountL.Lock()
+	defer ls.mountL.Unlock()
+	m, ok := ls.mounts[name]
+	if ok {
+		return nil, ErrMountNameConflict
+	}
+
+	var err error
+	var pid string
+	var p *roLayer
+	if string(parent) != "" {
+		p = ls.get(parent)
+		if p == nil {
+			return nil, ErrLayerDoesNotExist
+		}
+		pid = p.cacheID
+
+		// Release parent chain if error
+		defer func() {
+			if err != nil {
+				ls.layerL.Lock()
+				ls.releaseLayer(p)
+				ls.layerL.Unlock()
+			}
+		}()
+	}
+
+	m = &mountedLayer{
+		name:       name,
+		parent:     p,
+		mountID:    ls.mountID(name),
+		layerStore: ls,
+		references: map[RWLayer]*referencedRWLayer{},
+	}
+
+	if initFunc != nil {
+		pid, err = ls.initMount(m.mountID, pid, mountLabel, initFunc)
+		if err != nil {
+			return nil, err
+		}
+		m.initID = pid
+	}
+
+	if err = ls.driver.Create(m.mountID, pid, ""); err != nil {
+		return nil, err
+	}
+
+	if err = ls.saveMount(m); err != nil {
+		return nil, err
+	}
+
+	return m.getReference(), nil
+}
+
+func (ls *layerStore) GetRWLayer(id string) (RWLayer, error) {
+	ls.mountL.Lock()
+	defer ls.mountL.Unlock()
+	mount, ok := ls.mounts[id]
+	if !ok {
+		return nil, ErrMountDoesNotExist
+	}
+
+	return mount.getReference(), nil
+}
+
+func (ls *layerStore) GetMountID(id string) (string, error) {
+	ls.mountL.Lock()
+	defer ls.mountL.Unlock()
+	mount, ok := ls.mounts[id]
+	if !ok {
+		return "", ErrMountDoesNotExist
+	}
+	logrus.Debugf("GetMountID id: %s -> mountID: %s", id, mount.mountID)
+
+	return mount.mountID, nil
+}
+
+// ReinitRWLayer reinitializes a given mount to the layerstore, specifically
+// initializing the usage count. It should strictly only be used in the
+// daemon's restore path to restore state of live containers.
+func (ls *layerStore) ReinitRWLayer(l RWLayer) error {
+	ls.mountL.Lock()
+	defer ls.mountL.Unlock()
+
+	m, ok := ls.mounts[l.Name()]
+	if !ok {
+		return ErrMountDoesNotExist
+	}
+
+	if err := m.incActivityCount(l); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (ls *layerStore) ReleaseRWLayer(l RWLayer) ([]Metadata, error) {
+	ls.mountL.Lock()
+	defer ls.mountL.Unlock()
+	m, ok := ls.mounts[l.Name()]
+	if !ok {
+		return []Metadata{}, nil
+	}
+
+	if err := m.deleteReference(l); err != nil {
+		return nil, err
+	}
+
+	if m.hasReferences() {
+		return []Metadata{}, nil
+	}
+
+	if err := ls.driver.Remove(m.mountID); err != nil {
+		logrus.Errorf("Error removing mounted layer %s: %s", m.name, err)
+		m.retakeReference(l)
+		return nil, err
+	}
+
+	if m.initID != "" {
+		if err := ls.driver.Remove(m.initID); err != nil {
+			logrus.Errorf("Error removing init layer %s: %s", m.name, err)
+			m.retakeReference(l)
+			return nil, err
+		}
+	}
+
+	if err := ls.store.RemoveMount(m.name); err != nil {
+		logrus.Errorf("Error removing mount metadata: %s: %s", m.name, err)
+		m.retakeReference(l)
+		return nil, err
+	}
+
+	delete(ls.mounts, m.Name())
+
+	ls.layerL.Lock()
+	defer ls.layerL.Unlock()
+	if m.parent != nil {
+		return ls.releaseLayer(m.parent)
+	}
+
+	return []Metadata{}, nil
+}
+
+func (ls *layerStore) saveMount(mount *mountedLayer) error {
+	if err := ls.store.SetMountID(mount.name, mount.mountID); err != nil {
+		return err
+	}
+
+	if mount.initID != "" {
+		if err := ls.store.SetInitID(mount.name, mount.initID); err != nil {
+			return err
+		}
+	}
+
+	if mount.parent != nil {
+		if err := ls.store.SetMountParent(mount.name, mount.parent.chainID); err != nil {
+			return err
+		}
+	}
+
+	ls.mounts[mount.name] = mount
+
+	return nil
+}
+
+func (ls *layerStore) initMount(graphID, parent, mountLabel string, initFunc MountInit) (string, error) {
+	// Use "<graph-id>-init" to maintain compatibility with graph drivers
+	// which are expecting this layer with this special name. If all
+	// graph drivers can be updated to not rely on knowing about this layer
+	// then the initID should be randomly generated.
+	initID := fmt.Sprintf("%s-init", graphID)
+
+	if err := ls.driver.Create(initID, parent, mountLabel); err != nil {
+		return "", err
+	}
+	p, err := ls.driver.Get(initID, "")
+	if err != nil {
+		return "", err
+	}
+
+	if err := initFunc(p); err != nil {
+		ls.driver.Put(initID)
+		return "", err
+	}
+
+	if err := ls.driver.Put(initID); err != nil {
+		return "", err
+	}
+
+	return initID, nil
+}
+
+func (ls *layerStore) assembleTarTo(graphID string, metadata io.ReadCloser, size *int64, w io.Writer) error {
+	diffDriver, ok := ls.driver.(graphdriver.DiffGetterDriver)
+	if !ok {
+		diffDriver = &naiveDiffPathDriver{ls.driver}
+	}
+
+	defer metadata.Close()
+
+	// get our relative path to the container
+	fileGetCloser, err := diffDriver.DiffGetter(graphID)
+	if err != nil {
+		return err
+	}
+	defer fileGetCloser.Close()
+
+	metaUnpacker := storage.NewJSONUnpacker(metadata)
+	upackerCounter := &unpackSizeCounter{metaUnpacker, size}
+	logrus.Debugf("Assembling tar data for %s", graphID)
+	return asm.WriteOutputTarStream(fileGetCloser, upackerCounter, w)
+}
+
+func (ls *layerStore) Cleanup() error {
+	return ls.driver.Cleanup()
+}
+
+func (ls *layerStore) DriverStatus() [][2]string {
+	return ls.driver.Status()
+}
+
+func (ls *layerStore) DriverName() string {
+	return ls.driver.String()
+}
+
+type naiveDiffPathDriver struct {
+	graphdriver.Driver
+}
+
+type fileGetPutter struct {
+	storage.FileGetter
+	driver graphdriver.Driver
+	id     string
+}
+
+func (w *fileGetPutter) Close() error {
+	return w.driver.Put(w.id)
+}
+
+func (n *naiveDiffPathDriver) DiffGetter(id string) (graphdriver.FileGetCloser, error) {
+	p, err := n.Driver.Get(id, "")
+	if err != nil {
+		return nil, err
+	}
+	return &fileGetPutter{storage.NewPathFileGetter(p), n.Driver, id}, nil
+}
diff --git a/layer/layer_test.go b/layer/layer_test.go
new file mode 100644
index 00000000..7fb792dc
--- /dev/null
+++ b/layer/layer_test.go
@@ -0,0 +1,788 @@
+package layer
+
+import (
+	"bytes"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"runtime"
+	"strings"
+	"testing"
+
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/daemon/graphdriver"
+	"github.com/docker/docker/daemon/graphdriver/vfs"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/stringid"
+)
+
+func init() {
+	graphdriver.ApplyUncompressedLayer = archive.UnpackLayer
+	vfs.CopyWithTar = archive.CopyWithTar
+}
+
+func newVFSGraphDriver(td string) (graphdriver.Driver, error) {
+	uidMap := []idtools.IDMap{
+		{
+			ContainerID: 0,
+			HostID:      os.Getuid(),
+			Size:        1,
+		},
+	}
+	gidMap := []idtools.IDMap{
+		{
+			ContainerID: 0,
+			HostID:      os.Getgid(),
+			Size:        1,
+		},
+	}
+
+	return graphdriver.GetDriver("vfs", td, nil, uidMap, gidMap)
+}
+
+func newTestGraphDriver(t *testing.T) (graphdriver.Driver, func()) {
+	td, err := ioutil.TempDir("", "graph-")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	driver, err := newVFSGraphDriver(td)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	return driver, func() {
+		os.RemoveAll(td)
+	}
+}
+
+func newTestStore(t *testing.T) (Store, string, func()) {
+	td, err := ioutil.TempDir("", "layerstore-")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	graph, graphcleanup := newTestGraphDriver(t)
+	fms, err := NewFSMetadataStore(td)
+	if err != nil {
+		t.Fatal(err)
+	}
+	ls, err := NewStoreFromGraphDriver(fms, graph)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	return ls, td, func() {
+		graphcleanup()
+		os.RemoveAll(td)
+	}
+}
+
+type layerInit func(root string) error
+
+func createLayer(ls Store, parent ChainID, layerFunc layerInit) (Layer, error) {
+	containerID := stringid.GenerateRandomID()
+	mount, err := ls.CreateRWLayer(containerID, parent, "", nil)
+	if err != nil {
+		return nil, err
+	}
+
+	path, err := mount.Mount("")
+	if err != nil {
+		return nil, err
+	}
+
+	if err := layerFunc(path); err != nil {
+		return nil, err
+	}
+
+	ts, err := mount.TarStream()
+	if err != nil {
+		return nil, err
+	}
+	defer ts.Close()
+
+	layer, err := ls.Register(ts, parent)
+	if err != nil {
+		return nil, err
+	}
+
+	if err := mount.Unmount(); err != nil {
+		return nil, err
+	}
+
+	if _, err := ls.ReleaseRWLayer(mount); err != nil {
+		return nil, err
+	}
+
+	return layer, nil
+}
+
+type FileApplier interface {
+	ApplyFile(root string) error
+}
+
+type testFile struct {
+	name       string
+	content    []byte
+	permission os.FileMode
+}
+
+func newTestFile(name string, content []byte, perm os.FileMode) FileApplier {
+	return &testFile{
+		name:       name,
+		content:    content,
+		permission: perm,
+	}
+}
+
+func (tf *testFile) ApplyFile(root string) error {
+	fullPath := filepath.Join(root, tf.name)
+	if err := os.MkdirAll(filepath.Dir(fullPath), 0755); err != nil {
+		return err
+	}
+	// Check if already exists
+	if stat, err := os.Stat(fullPath); err == nil && stat.Mode().Perm() != tf.permission {
+		if err := os.Chmod(fullPath, tf.permission); err != nil {
+			return err
+		}
+	}
+	if err := ioutil.WriteFile(fullPath, tf.content, tf.permission); err != nil {
+		return err
+	}
+	return nil
+}
+
+func initWithFiles(files ...FileApplier) layerInit {
+	return func(root string) error {
+		for _, f := range files {
+			if err := f.ApplyFile(root); err != nil {
+				return err
+			}
+		}
+		return nil
+	}
+}
+
+func getCachedLayer(l Layer) *roLayer {
+	if rl, ok := l.(*referencedCacheLayer); ok {
+		return rl.roLayer
+	}
+	return l.(*roLayer)
+}
+
+func getMountLayer(l RWLayer) *mountedLayer {
+	if rl, ok := l.(*referencedRWLayer); ok {
+		return rl.mountedLayer
+	}
+	return l.(*mountedLayer)
+}
+
+func createMetadata(layers ...Layer) []Metadata {
+	metadata := make([]Metadata, len(layers))
+	for i := range layers {
+		size, err := layers[i].Size()
+		if err != nil {
+			panic(err)
+		}
+
+		metadata[i].ChainID = layers[i].ChainID()
+		metadata[i].DiffID = layers[i].DiffID()
+		metadata[i].Size = size
+		metadata[i].DiffSize = getCachedLayer(layers[i]).size
+	}
+
+	return metadata
+}
+
+func assertMetadata(t *testing.T, metadata, expectedMetadata []Metadata) {
+	if len(metadata) != len(expectedMetadata) {
+		t.Fatalf("Unexpected number of deletes %d, expected %d", len(metadata), len(expectedMetadata))
+	}
+
+	for i := range metadata {
+		if metadata[i] != expectedMetadata[i] {
+			t.Errorf("Unexpected metadata\n\tExpected: %#v\n\tActual: %#v", expectedMetadata[i], metadata[i])
+		}
+	}
+	if t.Failed() {
+		t.FailNow()
+	}
+}
+
+func releaseAndCheckDeleted(t *testing.T, ls Store, layer Layer, removed ...Layer) {
+	layerCount := len(ls.(*layerStore).layerMap)
+	expectedMetadata := createMetadata(removed...)
+	metadata, err := ls.Release(layer)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	assertMetadata(t, metadata, expectedMetadata)
+
+	if expected := layerCount - len(removed); len(ls.(*layerStore).layerMap) != expected {
+		t.Fatalf("Unexpected number of layers %d, expected %d", len(ls.(*layerStore).layerMap), expected)
+	}
+}
+
+func cacheID(l Layer) string {
+	return getCachedLayer(l).cacheID
+}
+
+func assertLayerEqual(t *testing.T, l1, l2 Layer) {
+	if l1.ChainID() != l2.ChainID() {
+		t.Fatalf("Mismatched ID: %s vs %s", l1.ChainID(), l2.ChainID())
+	}
+	if l1.DiffID() != l2.DiffID() {
+		t.Fatalf("Mismatched DiffID: %s vs %s", l1.DiffID(), l2.DiffID())
+	}
+
+	size1, err := l1.Size()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	size2, err := l2.Size()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if size1 != size2 {
+		t.Fatalf("Mismatched size: %d vs %d", size1, size2)
+	}
+
+	if cacheID(l1) != cacheID(l2) {
+		t.Fatalf("Mismatched cache id: %s vs %s", cacheID(l1), cacheID(l2))
+	}
+
+	p1 := l1.Parent()
+	p2 := l2.Parent()
+	if p1 != nil && p2 != nil {
+		assertLayerEqual(t, p1, p2)
+	} else if p1 != nil || p2 != nil {
+		t.Fatalf("Mismatched parents: %v vs %v", p1, p2)
+	}
+}
+
+func TestMountAndRegister(t *testing.T) {
+	ls, _, cleanup := newTestStore(t)
+	defer cleanup()
+
+	li := initWithFiles(newTestFile("testfile.txt", []byte("some test data"), 0644))
+	layer, err := createLayer(ls, "", li)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	size, _ := layer.Size()
+	t.Logf("Layer size: %d", size)
+
+	mount2, err := ls.CreateRWLayer("new-test-mount", layer.ChainID(), "", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	path2, err := mount2.Mount("")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	b, err := ioutil.ReadFile(filepath.Join(path2, "testfile.txt"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if expected := "some test data"; string(b) != expected {
+		t.Fatalf("Wrong file data, expected %q, got %q", expected, string(b))
+	}
+
+	if err := mount2.Unmount(); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := ls.ReleaseRWLayer(mount2); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestLayerRelease(t *testing.T) {
+	// TODO Windows: Figure out why this is failing
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+	ls, _, cleanup := newTestStore(t)
+	defer cleanup()
+
+	layer1, err := createLayer(ls, "", initWithFiles(newTestFile("layer1.txt", []byte("layer 1 file"), 0644)))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layer2, err := createLayer(ls, layer1.ChainID(), initWithFiles(newTestFile("layer2.txt", []byte("layer 2 file"), 0644)))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := ls.Release(layer1); err != nil {
+		t.Fatal(err)
+	}
+
+	layer3a, err := createLayer(ls, layer2.ChainID(), initWithFiles(newTestFile("layer3.txt", []byte("layer 3a file"), 0644)))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layer3b, err := createLayer(ls, layer2.ChainID(), initWithFiles(newTestFile("layer3.txt", []byte("layer 3b file"), 0644)))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := ls.Release(layer2); err != nil {
+		t.Fatal(err)
+	}
+
+	t.Logf("Layer1:  %s", layer1.ChainID())
+	t.Logf("Layer2:  %s", layer2.ChainID())
+	t.Logf("Layer3a: %s", layer3a.ChainID())
+	t.Logf("Layer3b: %s", layer3b.ChainID())
+
+	if expected := 4; len(ls.(*layerStore).layerMap) != expected {
+		t.Fatalf("Unexpected number of layers %d, expected %d", len(ls.(*layerStore).layerMap), expected)
+	}
+
+	releaseAndCheckDeleted(t, ls, layer3b, layer3b)
+	releaseAndCheckDeleted(t, ls, layer3a, layer3a, layer2, layer1)
+}
+
+func TestStoreRestore(t *testing.T) {
+	// TODO Windows: Figure out why this is failing
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+	ls, _, cleanup := newTestStore(t)
+	defer cleanup()
+
+	layer1, err := createLayer(ls, "", initWithFiles(newTestFile("layer1.txt", []byte("layer 1 file"), 0644)))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layer2, err := createLayer(ls, layer1.ChainID(), initWithFiles(newTestFile("layer2.txt", []byte("layer 2 file"), 0644)))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := ls.Release(layer1); err != nil {
+		t.Fatal(err)
+	}
+
+	layer3, err := createLayer(ls, layer2.ChainID(), initWithFiles(newTestFile("layer3.txt", []byte("layer 3 file"), 0644)))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := ls.Release(layer2); err != nil {
+		t.Fatal(err)
+	}
+
+	m, err := ls.CreateRWLayer("some-mount_name", layer3.ChainID(), "", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	path, err := m.Mount("")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if err := ioutil.WriteFile(filepath.Join(path, "testfile.txt"), []byte("nothing here"), 0644); err != nil {
+		t.Fatal(err)
+	}
+	assertActivityCount(t, m, 1)
+
+	if err := m.Unmount(); err != nil {
+		t.Fatal(err)
+	}
+
+	assertActivityCount(t, m, 0)
+
+	ls2, err := NewStoreFromGraphDriver(ls.(*layerStore).store, ls.(*layerStore).driver)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layer3b, err := ls2.Get(layer3.ChainID())
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	assertLayerEqual(t, layer3b, layer3)
+
+	// Create again with same name, should return error
+	if _, err := ls2.CreateRWLayer("some-mount_name", layer3b.ChainID(), "", nil); err == nil {
+		t.Fatal("Expected error creating mount with same name")
+	} else if err != ErrMountNameConflict {
+		t.Fatal(err)
+	}
+
+	m2, err := ls2.GetRWLayer("some-mount_name")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if mountPath, err := m2.Mount(""); err != nil {
+		t.Fatal(err)
+	} else if path != mountPath {
+		t.Fatalf("Unexpected path %s, expected %s", mountPath, path)
+	}
+
+	assertActivityCount(t, m2, 1)
+
+	if mountPath, err := m2.Mount(""); err != nil {
+		t.Fatal(err)
+	} else if path != mountPath {
+		t.Fatalf("Unexpected path %s, expected %s", mountPath, path)
+	}
+	assertActivityCount(t, m2, 2)
+	if err := m2.Unmount(); err != nil {
+		t.Fatal(err)
+	}
+
+	assertActivityCount(t, m2, 1)
+
+	b, err := ioutil.ReadFile(filepath.Join(path, "testfile.txt"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	if expected := "nothing here"; string(b) != expected {
+		t.Fatalf("Unexpected content %q, expected %q", string(b), expected)
+	}
+
+	if err := m2.Unmount(); err != nil {
+		t.Fatal(err)
+	}
+
+	assertActivityCount(t, m2, 0)
+
+	if metadata, err := ls2.ReleaseRWLayer(m2); err != nil {
+		t.Fatal(err)
+	} else if len(metadata) != 0 {
+		t.Fatalf("Unexpectedly deleted layers: %#v", metadata)
+	}
+
+	if metadata, err := ls2.ReleaseRWLayer(m2); err != nil {
+		t.Fatal(err)
+	} else if len(metadata) != 0 {
+		t.Fatalf("Unexpectedly deleted layers: %#v", metadata)
+	}
+
+	releaseAndCheckDeleted(t, ls2, layer3b, layer3, layer2, layer1)
+}
+
+func TestTarStreamStability(t *testing.T) {
+	// TODO Windows: Figure out why this is failing
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+	ls, _, cleanup := newTestStore(t)
+	defer cleanup()
+
+	files1 := []FileApplier{
+		newTestFile("/etc/hosts", []byte("mydomain 10.0.0.1"), 0644),
+		newTestFile("/etc/profile", []byte("PATH=/usr/bin"), 0644),
+	}
+	addedFile := newTestFile("/etc/shadow", []byte("root:::::::"), 0644)
+	files2 := []FileApplier{
+		newTestFile("/etc/hosts", []byte("mydomain 10.0.0.2"), 0644),
+		newTestFile("/etc/profile", []byte("PATH=/usr/bin"), 0664),
+		newTestFile("/root/.bashrc", []byte("PATH=/usr/sbin:/usr/bin"), 0644),
+	}
+
+	tar1, err := tarFromFiles(files1...)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	tar2, err := tarFromFiles(files2...)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layer1, err := ls.Register(bytes.NewReader(tar1), "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// hack layer to add file
+	p, err := ls.(*layerStore).driver.Get(layer1.(*referencedCacheLayer).cacheID, "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if err := addedFile.ApplyFile(p); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := ls.(*layerStore).driver.Put(layer1.(*referencedCacheLayer).cacheID); err != nil {
+		t.Fatal(err)
+	}
+
+	layer2, err := ls.Register(bytes.NewReader(tar2), layer1.ChainID())
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	id1 := layer1.ChainID()
+	t.Logf("Layer 1: %s", layer1.ChainID())
+	t.Logf("Layer 2: %s", layer2.ChainID())
+
+	if _, err := ls.Release(layer1); err != nil {
+		t.Fatal(err)
+	}
+
+	assertLayerDiff(t, tar2, layer2)
+
+	layer1b, err := ls.Get(id1)
+	if err != nil {
+		t.Logf("Content of layer map: %#v", ls.(*layerStore).layerMap)
+		t.Fatal(err)
+	}
+
+	if _, err := ls.Release(layer2); err != nil {
+		t.Fatal(err)
+	}
+
+	assertLayerDiff(t, tar1, layer1b)
+
+	if _, err := ls.Release(layer1b); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func assertLayerDiff(t *testing.T, expected []byte, layer Layer) {
+	expectedDigest := digest.FromBytes(expected)
+
+	if digest.Digest(layer.DiffID()) != expectedDigest {
+		t.Fatalf("Mismatched diff id for %s, got %s, expected %s", layer.ChainID(), layer.DiffID(), expected)
+	}
+
+	ts, err := layer.TarStream()
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer ts.Close()
+
+	actual, err := ioutil.ReadAll(ts)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(actual) != len(expected) {
+		logByteDiff(t, actual, expected)
+		t.Fatalf("Mismatched tar stream size for %s, got %d, expected %d", layer.ChainID(), len(actual), len(expected))
+	}
+
+	actualDigest := digest.FromBytes(actual)
+
+	if actualDigest != expectedDigest {
+		logByteDiff(t, actual, expected)
+		t.Fatalf("Wrong digest of tar stream, got %s, expected %s", actualDigest, expectedDigest)
+	}
+}
+
+const maxByteLog = 4 * 1024
+
+func logByteDiff(t *testing.T, actual, expected []byte) {
+	d1, d2 := byteDiff(actual, expected)
+	if len(d1) == 0 && len(d2) == 0 {
+		return
+	}
+
+	prefix := len(actual) - len(d1)
+	if len(d1) > maxByteLog || len(d2) > maxByteLog {
+		t.Logf("Byte diff after %d matching bytes", prefix)
+	} else {
+		t.Logf("Byte diff after %d matching bytes\nActual bytes after prefix:\n%x\nExpected bytes after prefix:\n%x", prefix, d1, d2)
+	}
+}
+
+// byteDiff returns the differing bytes after the matching prefix
+func byteDiff(b1, b2 []byte) ([]byte, []byte) {
+	i := 0
+	for i < len(b1) && i < len(b2) {
+		if b1[i] != b2[i] {
+			break
+		}
+		i++
+	}
+
+	return b1[i:], b2[i:]
+}
+
+func tarFromFiles(files ...FileApplier) ([]byte, error) {
+	td, err := ioutil.TempDir("", "tar-")
+	if err != nil {
+		return nil, err
+	}
+	defer os.RemoveAll(td)
+
+	for _, f := range files {
+		if err := f.ApplyFile(td); err != nil {
+			return nil, err
+		}
+	}
+
+	r, err := archive.Tar(td, archive.Uncompressed)
+	if err != nil {
+		return nil, err
+	}
+
+	buf := bytes.NewBuffer(nil)
+	if _, err := io.Copy(buf, r); err != nil {
+		return nil, err
+	}
+
+	return buf.Bytes(), nil
+}
+
+// assertReferences asserts that all the references are to the same
+// image and represent the full set of references to that image.
+func assertReferences(t *testing.T, references ...Layer) {
+	if len(references) == 0 {
+		return
+	}
+	base := references[0].(*referencedCacheLayer).roLayer
+	seenReferences := map[Layer]struct{}{
+		references[0]: {},
+	}
+	for i := 1; i < len(references); i++ {
+		other := references[i].(*referencedCacheLayer).roLayer
+		if base != other {
+			t.Fatalf("Unexpected referenced cache layer %s, expecting %s", other.ChainID(), base.ChainID())
+		}
+		if _, ok := base.references[references[i]]; !ok {
+			t.Fatalf("Reference not part of reference list: %v", references[i])
+		}
+		if _, ok := seenReferences[references[i]]; ok {
+			t.Fatalf("Duplicated reference %v", references[i])
+		}
+	}
+	if rc := len(base.references); rc != len(references) {
+		t.Fatalf("Unexpected number of references %d, expecting %d", rc, len(references))
+	}
+}
+
+func assertActivityCount(t *testing.T, l RWLayer, expected int) {
+	rl := l.(*referencedRWLayer)
+	if rl.activityCount != expected {
+		t.Fatalf("Unexpected activity count %d, expected %d", rl.activityCount, expected)
+	}
+}
+
+func TestRegisterExistingLayer(t *testing.T) {
+	ls, _, cleanup := newTestStore(t)
+	defer cleanup()
+
+	baseFiles := []FileApplier{
+		newTestFile("/etc/profile", []byte("# Base configuration"), 0644),
+	}
+
+	layerFiles := []FileApplier{
+		newTestFile("/root/.bashrc", []byte("# Root configuration"), 0644),
+	}
+
+	li := initWithFiles(baseFiles...)
+	layer1, err := createLayer(ls, "", li)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	tar1, err := tarFromFiles(layerFiles...)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layer2a, err := ls.Register(bytes.NewReader(tar1), layer1.ChainID())
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layer2b, err := ls.Register(bytes.NewReader(tar1), layer1.ChainID())
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	assertReferences(t, layer2a, layer2b)
+}
+
+func TestTarStreamVerification(t *testing.T) {
+	// TODO Windows: Figure out why this is failing
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+	ls, tmpdir, cleanup := newTestStore(t)
+	defer cleanup()
+
+	files1 := []FileApplier{
+		newTestFile("/foo", []byte("abc"), 0644),
+		newTestFile("/bar", []byte("def"), 0644),
+	}
+	files2 := []FileApplier{
+		newTestFile("/foo", []byte("abc"), 0644),
+		newTestFile("/bar", []byte("def"), 0600), // different perm
+	}
+
+	tar1, err := tarFromFiles(files1...)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	tar2, err := tarFromFiles(files2...)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layer1, err := ls.Register(bytes.NewReader(tar1), "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layer2, err := ls.Register(bytes.NewReader(tar2), "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	id1 := digest.Digest(layer1.ChainID())
+	id2 := digest.Digest(layer2.ChainID())
+
+	// Replace tar data files
+	src, err := os.Open(filepath.Join(tmpdir, id1.Algorithm().String(), id1.Hex(), "tar-split.json.gz"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	dst, err := os.Create(filepath.Join(tmpdir, id2.Algorithm().String(), id2.Hex(), "tar-split.json.gz"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := io.Copy(dst, src); err != nil {
+		t.Fatal(err)
+	}
+
+	src.Close()
+	dst.Close()
+
+	ts, err := layer2.TarStream()
+	if err != nil {
+		t.Fatal(err)
+	}
+	_, err = io.Copy(ioutil.Discard, ts)
+	if err == nil {
+		t.Fatal("expected data verification to fail")
+	}
+	if !strings.Contains(err.Error(), "could not verify layer data") {
+		t.Fatalf("wrong error returned from tarstream: %q", err)
+	}
+}
diff --git a/layer/layer_unix.go b/layer/layer_unix.go
new file mode 100644
index 00000000..d77e2fc6
--- /dev/null
+++ b/layer/layer_unix.go
@@ -0,0 +1,9 @@
+// +build linux freebsd darwin openbsd
+
+package layer
+
+import "github.com/docker/docker/pkg/stringid"
+
+func (ls *layerStore) mountID(name string) string {
+	return stringid.GenerateRandomID()
+}
diff --git a/layer/layer_unix_test.go b/layer/layer_unix_test.go
new file mode 100644
index 00000000..9aa1afd5
--- /dev/null
+++ b/layer/layer_unix_test.go
@@ -0,0 +1,71 @@
+// +build !windows
+
+package layer
+
+import "testing"
+
+func graphDiffSize(ls Store, l Layer) (int64, error) {
+	cl := getCachedLayer(l)
+	var parent string
+	if cl.parent != nil {
+		parent = cl.parent.cacheID
+	}
+	return ls.(*layerStore).driver.DiffSize(cl.cacheID, parent)
+}
+
+// Unix as Windows graph driver does not support Changes which is indirectly
+// invoked by calling DiffSize on the driver
+func TestLayerSize(t *testing.T) {
+	ls, _, cleanup := newTestStore(t)
+	defer cleanup()
+
+	content1 := []byte("Base contents")
+	content2 := []byte("Added contents")
+
+	layer1, err := createLayer(ls, "", initWithFiles(newTestFile("file1", content1, 0644)))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layer2, err := createLayer(ls, layer1.ChainID(), initWithFiles(newTestFile("file2", content2, 0644)))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layer1DiffSize, err := graphDiffSize(ls, layer1)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if int(layer1DiffSize) != len(content1) {
+		t.Fatalf("Unexpected diff size %d, expected %d", layer1DiffSize, len(content1))
+	}
+
+	layer1Size, err := layer1.Size()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if expected := len(content1); int(layer1Size) != expected {
+		t.Fatalf("Unexpected size %d, expected %d", layer1Size, expected)
+	}
+
+	layer2DiffSize, err := graphDiffSize(ls, layer2)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if int(layer2DiffSize) != len(content2) {
+		t.Fatalf("Unexpected diff size %d, expected %d", layer2DiffSize, len(content2))
+	}
+
+	layer2Size, err := layer2.Size()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if expected := len(content1) + len(content2); int(layer2Size) != expected {
+		t.Fatalf("Unexpected size %d, expected %d", layer2Size, expected)
+	}
+
+}
diff --git a/layer/layer_windows.go b/layer/layer_windows.go
new file mode 100644
index 00000000..e20311a0
--- /dev/null
+++ b/layer/layer_windows.go
@@ -0,0 +1,98 @@
+package layer
+
+import (
+	"errors"
+	"fmt"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/daemon/graphdriver"
+)
+
+// GetLayerPath returns the path to a layer
+func GetLayerPath(s Store, layer ChainID) (string, error) {
+	ls, ok := s.(*layerStore)
+	if !ok {
+		return "", errors.New("unsupported layer store")
+	}
+	ls.layerL.Lock()
+	defer ls.layerL.Unlock()
+
+	rl, ok := ls.layerMap[layer]
+	if !ok {
+		return "", ErrLayerDoesNotExist
+	}
+
+	path, err := ls.driver.Get(rl.cacheID, "")
+	if err != nil {
+		return "", err
+	}
+
+	if err := ls.driver.Put(rl.cacheID); err != nil {
+		return "", err
+	}
+
+	return path, nil
+}
+
+func (ls *layerStore) RegisterDiffID(graphID string, size int64) (Layer, error) {
+	var err error // this is used for cleanup in existingLayer case
+	diffID := digest.FromBytes([]byte(graphID))
+
+	// Create new roLayer
+	layer := &roLayer{
+		cacheID:        graphID,
+		diffID:         DiffID(diffID),
+		referenceCount: 1,
+		layerStore:     ls,
+		references:     map[Layer]struct{}{},
+		size:           size,
+	}
+
+	tx, err := ls.store.StartTransaction()
+	if err != nil {
+		return nil, err
+	}
+	defer func() {
+		if err != nil {
+			if err := tx.Cancel(); err != nil {
+				logrus.Errorf("Error canceling metadata transaction %q: %s", tx.String(), err)
+			}
+		}
+	}()
+
+	layer.chainID = createChainIDFromParent("", layer.diffID)
+
+	if !ls.driver.Exists(layer.cacheID) {
+		return nil, fmt.Errorf("layer %q is unknown to driver", layer.cacheID)
+	}
+	if err = storeLayer(tx, layer); err != nil {
+		return nil, err
+	}
+
+	ls.layerL.Lock()
+	defer ls.layerL.Unlock()
+
+	if existingLayer := ls.getWithoutLock(layer.chainID); existingLayer != nil {
+		// Set error for cleanup, but do not return
+		err = errors.New("layer already exists")
+		return existingLayer.getReference(), nil
+	}
+
+	if err = tx.Commit(layer.chainID); err != nil {
+		return nil, err
+	}
+
+	ls.layerMap[layer.chainID] = layer
+
+	return layer.getReference(), nil
+}
+
+func (ls *layerStore) mountID(name string) string {
+	// windows has issues if container ID doesn't match mount ID
+	return name
+}
+
+func (ls *layerStore) GraphDriver() graphdriver.Driver {
+	return ls.driver
+}
diff --git a/layer/migration.go b/layer/migration.go
new file mode 100644
index 00000000..b45c3109
--- /dev/null
+++ b/layer/migration.go
@@ -0,0 +1,256 @@
+package layer
+
+import (
+	"compress/gzip"
+	"errors"
+	"fmt"
+	"io"
+	"os"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/digest"
+	"github.com/vbatts/tar-split/tar/asm"
+	"github.com/vbatts/tar-split/tar/storage"
+)
+
+// CreateRWLayerByGraphID creates a RWLayer in the layer store using
+// the provided name with the given graphID. To get the RWLayer
+// after migration the layer may be retrieved by the given name.
+func (ls *layerStore) CreateRWLayerByGraphID(name string, graphID string, parent ChainID) (err error) {
+	ls.mountL.Lock()
+	defer ls.mountL.Unlock()
+	m, ok := ls.mounts[name]
+	if ok {
+		if m.parent.chainID != parent {
+			return errors.New("name conflict, mismatched parent")
+		}
+		if m.mountID != graphID {
+			return errors.New("mount already exists")
+		}
+
+		return nil
+	}
+
+	if !ls.driver.Exists(graphID) {
+		return fmt.Errorf("graph ID does not exist: %q", graphID)
+	}
+
+	var p *roLayer
+	if string(parent) != "" {
+		p = ls.get(parent)
+		if p == nil {
+			return ErrLayerDoesNotExist
+		}
+
+		// Release parent chain if error
+		defer func() {
+			if err != nil {
+				ls.layerL.Lock()
+				ls.releaseLayer(p)
+				ls.layerL.Unlock()
+			}
+		}()
+	}
+
+	// TODO: Ensure graphID has correct parent
+
+	m = &mountedLayer{
+		name:       name,
+		parent:     p,
+		mountID:    graphID,
+		layerStore: ls,
+		references: map[RWLayer]*referencedRWLayer{},
+	}
+
+	// Check for existing init layer
+	initID := fmt.Sprintf("%s-init", graphID)
+	if ls.driver.Exists(initID) {
+		m.initID = initID
+	}
+
+	if err = ls.saveMount(m); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (ls *layerStore) ChecksumForGraphID(id, parent, oldTarDataPath, newTarDataPath string) (diffID DiffID, size int64, err error) {
+	defer func() {
+		if err != nil {
+			logrus.Debugf("could not get checksum for %q with tar-split: %q", id, err)
+			diffID, size, err = ls.checksumForGraphIDNoTarsplit(id, parent, newTarDataPath)
+		}
+	}()
+
+	if oldTarDataPath == "" {
+		err = errors.New("no tar-split file")
+		return
+	}
+
+	tarDataFile, err := os.Open(oldTarDataPath)
+	if err != nil {
+		return
+	}
+	defer tarDataFile.Close()
+	uncompressed, err := gzip.NewReader(tarDataFile)
+	if err != nil {
+		return
+	}
+
+	dgst := digest.Canonical.New()
+	err = ls.assembleTarTo(id, uncompressed, &size, dgst.Hash())
+	if err != nil {
+		return
+	}
+
+	diffID = DiffID(dgst.Digest())
+	err = os.RemoveAll(newTarDataPath)
+	if err != nil {
+		return
+	}
+	err = os.Link(oldTarDataPath, newTarDataPath)
+
+	return
+}
+
+func (ls *layerStore) checksumForGraphIDNoTarsplit(id, parent, newTarDataPath string) (diffID DiffID, size int64, err error) {
+	rawarchive, err := ls.driver.Diff(id, parent)
+	if err != nil {
+		return
+	}
+	defer rawarchive.Close()
+
+	f, err := os.Create(newTarDataPath)
+	if err != nil {
+		return
+	}
+	defer f.Close()
+	mfz := gzip.NewWriter(f)
+	defer mfz.Close()
+	metaPacker := storage.NewJSONPacker(mfz)
+
+	packerCounter := &packSizeCounter{metaPacker, &size}
+
+	archive, err := asm.NewInputTarStream(rawarchive, packerCounter, nil)
+	if err != nil {
+		return
+	}
+	dgst, err := digest.FromReader(archive)
+	if err != nil {
+		return
+	}
+	diffID = DiffID(dgst)
+	return
+}
+
+func (ls *layerStore) RegisterByGraphID(graphID string, parent ChainID, diffID DiffID, tarDataFile string, size int64) (Layer, error) {
+	// err is used to hold the error which will always trigger
+	// cleanup of creates sources but may not be an error returned
+	// to the caller (already exists).
+	var err error
+	var p *roLayer
+	if string(parent) != "" {
+		p = ls.get(parent)
+		if p == nil {
+			return nil, ErrLayerDoesNotExist
+		}
+
+		// Release parent chain if error
+		defer func() {
+			if err != nil {
+				ls.layerL.Lock()
+				ls.releaseLayer(p)
+				ls.layerL.Unlock()
+			}
+		}()
+	}
+
+	// Create new roLayer
+	layer := &roLayer{
+		parent:         p,
+		cacheID:        graphID,
+		referenceCount: 1,
+		layerStore:     ls,
+		references:     map[Layer]struct{}{},
+		diffID:         diffID,
+		size:           size,
+		chainID:        createChainIDFromParent(parent, diffID),
+	}
+
+	ls.layerL.Lock()
+	defer ls.layerL.Unlock()
+
+	if existingLayer := ls.getWithoutLock(layer.chainID); existingLayer != nil {
+		// Set error for cleanup, but do not return
+		err = errors.New("layer already exists")
+		return existingLayer.getReference(), nil
+	}
+
+	tx, err := ls.store.StartTransaction()
+	if err != nil {
+		return nil, err
+	}
+
+	defer func() {
+		if err != nil {
+			logrus.Debugf("Cleaning up transaction after failed migration for %s: %v", graphID, err)
+			if err := tx.Cancel(); err != nil {
+				logrus.Errorf("Error canceling metadata transaction %q: %s", tx.String(), err)
+			}
+		}
+	}()
+
+	tsw, err := tx.TarSplitWriter(false)
+	if err != nil {
+		return nil, err
+	}
+	defer tsw.Close()
+	tdf, err := os.Open(tarDataFile)
+	if err != nil {
+		return nil, err
+	}
+	defer tdf.Close()
+	_, err = io.Copy(tsw, tdf)
+	if err != nil {
+		return nil, err
+	}
+
+	if err = storeLayer(tx, layer); err != nil {
+		return nil, err
+	}
+
+	if err = tx.Commit(layer.chainID); err != nil {
+		return nil, err
+	}
+
+	ls.layerMap[layer.chainID] = layer
+
+	return layer.getReference(), nil
+}
+
+type unpackSizeCounter struct {
+	unpacker storage.Unpacker
+	size     *int64
+}
+
+func (u *unpackSizeCounter) Next() (*storage.Entry, error) {
+	e, err := u.unpacker.Next()
+	if err == nil && u.size != nil {
+		*u.size += e.Size
+	}
+	return e, err
+}
+
+type packSizeCounter struct {
+	packer storage.Packer
+	size   *int64
+}
+
+func (p *packSizeCounter) AddEntry(e storage.Entry) (int, error) {
+	n, err := p.packer.AddEntry(e)
+	if err == nil && p.size != nil {
+		*p.size += e.Size
+	}
+	return n, err
+}
diff --git a/layer/migration_test.go b/layer/migration_test.go
new file mode 100644
index 00000000..0ac73a4c
--- /dev/null
+++ b/layer/migration_test.go
@@ -0,0 +1,448 @@
+package layer
+
+import (
+	"bytes"
+	"compress/gzip"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"runtime"
+	"testing"
+
+	"github.com/docker/docker/daemon/graphdriver"
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/vbatts/tar-split/tar/asm"
+	"github.com/vbatts/tar-split/tar/storage"
+)
+
+func writeTarSplitFile(name string, tarContent []byte) error {
+	f, err := os.OpenFile(name, os.O_TRUNC|os.O_CREATE|os.O_WRONLY, 0644)
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	fz := gzip.NewWriter(f)
+
+	metaPacker := storage.NewJSONPacker(fz)
+	defer fz.Close()
+
+	rdr, err := asm.NewInputTarStream(bytes.NewReader(tarContent), metaPacker, nil)
+	if err != nil {
+		return err
+	}
+
+	if _, err := io.Copy(ioutil.Discard, rdr); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func TestLayerMigration(t *testing.T) {
+	// TODO Windows: Figure out why this is failing
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+	td, err := ioutil.TempDir("", "migration-test-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(td)
+
+	layer1Files := []FileApplier{
+		newTestFile("/root/.bashrc", []byte("# Boring configuration"), 0644),
+		newTestFile("/etc/profile", []byte("# Base configuration"), 0644),
+	}
+
+	layer2Files := []FileApplier{
+		newTestFile("/root/.bashrc", []byte("# Updated configuration"), 0644),
+	}
+
+	tar1, err := tarFromFiles(layer1Files...)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	tar2, err := tarFromFiles(layer2Files...)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	graph, err := newVFSGraphDriver(filepath.Join(td, "graphdriver-"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	graphID1 := stringid.GenerateRandomID()
+	if err := graph.Create(graphID1, "", ""); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := graph.ApplyDiff(graphID1, "", archive.Reader(bytes.NewReader(tar1))); err != nil {
+		t.Fatal(err)
+	}
+
+	tf1 := filepath.Join(td, "tar1.json.gz")
+	if err := writeTarSplitFile(tf1, tar1); err != nil {
+		t.Fatal(err)
+	}
+
+	fms, err := NewFSMetadataStore(filepath.Join(td, "layers"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	ls, err := NewStoreFromGraphDriver(fms, graph)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	newTarDataPath := filepath.Join(td, ".migration-tardata")
+	diffID, size, err := ls.(*layerStore).ChecksumForGraphID(graphID1, "", tf1, newTarDataPath)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layer1a, err := ls.(*layerStore).RegisterByGraphID(graphID1, "", diffID, newTarDataPath, size)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layer1b, err := ls.Register(bytes.NewReader(tar1), "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	assertReferences(t, layer1a, layer1b)
+	// Attempt register, should be same
+	layer2a, err := ls.Register(bytes.NewReader(tar2), layer1a.ChainID())
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	graphID2 := stringid.GenerateRandomID()
+	if err := graph.Create(graphID2, graphID1, ""); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := graph.ApplyDiff(graphID2, graphID1, archive.Reader(bytes.NewReader(tar2))); err != nil {
+		t.Fatal(err)
+	}
+
+	tf2 := filepath.Join(td, "tar2.json.gz")
+	if err := writeTarSplitFile(tf2, tar2); err != nil {
+		t.Fatal(err)
+	}
+	diffID, size, err = ls.(*layerStore).ChecksumForGraphID(graphID2, graphID1, tf2, newTarDataPath)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layer2b, err := ls.(*layerStore).RegisterByGraphID(graphID2, layer1a.ChainID(), diffID, tf2, size)
+	if err != nil {
+		t.Fatal(err)
+	}
+	assertReferences(t, layer2a, layer2b)
+
+	if metadata, err := ls.Release(layer2a); err != nil {
+		t.Fatal(err)
+	} else if len(metadata) > 0 {
+		t.Fatalf("Unexpected layer removal after first release: %#v", metadata)
+	}
+
+	metadata, err := ls.Release(layer2b)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	assertMetadata(t, metadata, createMetadata(layer2a))
+}
+
+func tarFromFilesInGraph(graph graphdriver.Driver, graphID, parentID string, files ...FileApplier) ([]byte, error) {
+	t, err := tarFromFiles(files...)
+	if err != nil {
+		return nil, err
+	}
+
+	if err := graph.Create(graphID, parentID, ""); err != nil {
+		return nil, err
+	}
+	if _, err := graph.ApplyDiff(graphID, parentID, archive.Reader(bytes.NewReader(t))); err != nil {
+		return nil, err
+	}
+
+	ar, err := graph.Diff(graphID, parentID)
+	if err != nil {
+		return nil, err
+	}
+	defer ar.Close()
+
+	return ioutil.ReadAll(ar)
+}
+
+func TestLayerMigrationNoTarsplit(t *testing.T) {
+	// TODO Windows: Figure out why this is failing
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+	td, err := ioutil.TempDir("", "migration-test-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(td)
+
+	layer1Files := []FileApplier{
+		newTestFile("/root/.bashrc", []byte("# Boring configuration"), 0644),
+		newTestFile("/etc/profile", []byte("# Base configuration"), 0644),
+	}
+
+	layer2Files := []FileApplier{
+		newTestFile("/root/.bashrc", []byte("# Updated configuration"), 0644),
+	}
+
+	graph, err := newVFSGraphDriver(filepath.Join(td, "graphdriver-"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	graphID1 := stringid.GenerateRandomID()
+	graphID2 := stringid.GenerateRandomID()
+
+	tar1, err := tarFromFilesInGraph(graph, graphID1, "", layer1Files...)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	tar2, err := tarFromFilesInGraph(graph, graphID2, graphID1, layer2Files...)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	fms, err := NewFSMetadataStore(filepath.Join(td, "layers"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	ls, err := NewStoreFromGraphDriver(fms, graph)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	newTarDataPath := filepath.Join(td, ".migration-tardata")
+	diffID, size, err := ls.(*layerStore).ChecksumForGraphID(graphID1, "", "", newTarDataPath)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layer1a, err := ls.(*layerStore).RegisterByGraphID(graphID1, "", diffID, newTarDataPath, size)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layer1b, err := ls.Register(bytes.NewReader(tar1), "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	assertReferences(t, layer1a, layer1b)
+
+	// Attempt register, should be same
+	layer2a, err := ls.Register(bytes.NewReader(tar2), layer1a.ChainID())
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	diffID, size, err = ls.(*layerStore).ChecksumForGraphID(graphID2, graphID1, "", newTarDataPath)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layer2b, err := ls.(*layerStore).RegisterByGraphID(graphID2, layer1a.ChainID(), diffID, newTarDataPath, size)
+	if err != nil {
+		t.Fatal(err)
+	}
+	assertReferences(t, layer2a, layer2b)
+
+	if metadata, err := ls.Release(layer2a); err != nil {
+		t.Fatal(err)
+	} else if len(metadata) > 0 {
+		t.Fatalf("Unexpected layer removal after first release: %#v", metadata)
+	}
+
+	metadata, err := ls.Release(layer2b)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	assertMetadata(t, metadata, createMetadata(layer2a))
+}
+
+func TestMountMigration(t *testing.T) {
+	// TODO Windows: Figure out why this is failing (obvious - paths... needs porting)
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+	ls, _, cleanup := newTestStore(t)
+	defer cleanup()
+
+	baseFiles := []FileApplier{
+		newTestFile("/root/.bashrc", []byte("# Boring configuration"), 0644),
+		newTestFile("/etc/profile", []byte("# Base configuration"), 0644),
+	}
+	initFiles := []FileApplier{
+		newTestFile("/etc/hosts", []byte{}, 0644),
+		newTestFile("/etc/resolv.conf", []byte{}, 0644),
+	}
+	mountFiles := []FileApplier{
+		newTestFile("/etc/hosts", []byte("localhost 127.0.0.1"), 0644),
+		newTestFile("/root/.bashrc", []byte("# Updated configuration"), 0644),
+		newTestFile("/root/testfile1.txt", []byte("nothing valuable"), 0644),
+	}
+
+	initTar, err := tarFromFiles(initFiles...)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	mountTar, err := tarFromFiles(mountFiles...)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	graph := ls.(*layerStore).driver
+
+	layer1, err := createLayer(ls, "", initWithFiles(baseFiles...))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	graphID1 := layer1.(*referencedCacheLayer).cacheID
+
+	containerID := stringid.GenerateRandomID()
+	containerInit := fmt.Sprintf("%s-init", containerID)
+
+	if err := graph.Create(containerInit, graphID1, ""); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := graph.ApplyDiff(containerInit, graphID1, archive.Reader(bytes.NewReader(initTar))); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := graph.Create(containerID, containerInit, ""); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := graph.ApplyDiff(containerID, containerInit, archive.Reader(bytes.NewReader(mountTar))); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := ls.(*layerStore).CreateRWLayerByGraphID("migration-mount", containerID, layer1.ChainID()); err != nil {
+		t.Fatal(err)
+	}
+
+	rwLayer1, err := ls.GetRWLayer("migration-mount")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := rwLayer1.Mount(""); err != nil {
+		t.Fatal(err)
+	}
+
+	changes, err := rwLayer1.Changes()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if expected := 5; len(changes) != expected {
+		t.Logf("Changes %#v", changes)
+		t.Fatalf("Wrong number of changes %d, expected %d", len(changes), expected)
+	}
+
+	sortChanges(changes)
+
+	assertChange(t, changes[0], archive.Change{
+		Path: "/etc",
+		Kind: archive.ChangeModify,
+	})
+	assertChange(t, changes[1], archive.Change{
+		Path: "/etc/hosts",
+		Kind: archive.ChangeModify,
+	})
+	assertChange(t, changes[2], archive.Change{
+		Path: "/root",
+		Kind: archive.ChangeModify,
+	})
+	assertChange(t, changes[3], archive.Change{
+		Path: "/root/.bashrc",
+		Kind: archive.ChangeModify,
+	})
+	assertChange(t, changes[4], archive.Change{
+		Path: "/root/testfile1.txt",
+		Kind: archive.ChangeAdd,
+	})
+
+	assertActivityCount(t, rwLayer1, 1)
+
+	if _, err := ls.CreateRWLayer("migration-mount", layer1.ChainID(), "", nil); err == nil {
+		t.Fatal("Expected error creating mount with same name")
+	} else if err != ErrMountNameConflict {
+		t.Fatal(err)
+	}
+
+	rwLayer2, err := ls.GetRWLayer("migration-mount")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if getMountLayer(rwLayer1) != getMountLayer(rwLayer2) {
+		t.Fatal("Expected same layer from get with same name as from migrate")
+	}
+
+	if _, err := rwLayer2.Mount(""); err != nil {
+		t.Fatal(err)
+	}
+
+	assertActivityCount(t, rwLayer2, 1)
+	assertActivityCount(t, rwLayer1, 1)
+
+	if _, err := rwLayer2.Mount(""); err != nil {
+		t.Fatal(err)
+	}
+
+	assertActivityCount(t, rwLayer2, 2)
+	assertActivityCount(t, rwLayer1, 1)
+
+	if metadata, err := ls.Release(layer1); err != nil {
+		t.Fatal(err)
+	} else if len(metadata) > 0 {
+		t.Fatalf("Expected no layers to be deleted, deleted %#v", metadata)
+	}
+
+	if err := rwLayer1.Unmount(); err != nil {
+		t.Fatal(err)
+	}
+	assertActivityCount(t, rwLayer2, 2)
+	assertActivityCount(t, rwLayer1, 0)
+
+	if _, err := ls.ReleaseRWLayer(rwLayer1); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := rwLayer2.Unmount(); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := ls.ReleaseRWLayer(rwLayer2); err == nil {
+		t.Fatal("Expected error deleting active mount")
+	}
+	if err := rwLayer2.Unmount(); err != nil {
+		t.Fatal(err)
+	}
+	metadata, err := ls.ReleaseRWLayer(rwLayer2)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(metadata) == 0 {
+		t.Fatal("Expected base layer to be deleted when deleting mount")
+	}
+
+	assertMetadata(t, metadata, createMetadata(layer1))
+}
diff --git a/layer/mount_test.go b/layer/mount_test.go
new file mode 100644
index 00000000..5967c2b9
--- /dev/null
+++ b/layer/mount_test.go
@@ -0,0 +1,230 @@
+package layer
+
+import (
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"runtime"
+	"sort"
+	"testing"
+
+	"github.com/docker/docker/pkg/archive"
+)
+
+func TestMountInit(t *testing.T) {
+	// TODO Windows: Figure out why this is failing
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+	ls, _, cleanup := newTestStore(t)
+	defer cleanup()
+
+	basefile := newTestFile("testfile.txt", []byte("base data!"), 0644)
+	initfile := newTestFile("testfile.txt", []byte("init data!"), 0777)
+
+	li := initWithFiles(basefile)
+	layer, err := createLayer(ls, "", li)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	mountInit := func(root string) error {
+		return initfile.ApplyFile(root)
+	}
+
+	m, err := ls.CreateRWLayer("fun-mount", layer.ChainID(), "", mountInit)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	path, err := m.Mount("")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	f, err := os.Open(filepath.Join(path, "testfile.txt"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer f.Close()
+
+	fi, err := f.Stat()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	b, err := ioutil.ReadAll(f)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if expected := "init data!"; string(b) != expected {
+		t.Fatalf("Unexpected test file contents %q, expected %q", string(b), expected)
+	}
+
+	if fi.Mode().Perm() != 0777 {
+		t.Fatalf("Unexpected filemode %o, expecting %o", fi.Mode().Perm(), 0777)
+	}
+}
+
+func TestMountSize(t *testing.T) {
+	// TODO Windows: Figure out why this is failing
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+	ls, _, cleanup := newTestStore(t)
+	defer cleanup()
+
+	content1 := []byte("Base contents")
+	content2 := []byte("Mutable contents")
+	contentInit := []byte("why am I excluded from the size ☹")
+
+	li := initWithFiles(newTestFile("file1", content1, 0644))
+	layer, err := createLayer(ls, "", li)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	mountInit := func(root string) error {
+		return newTestFile("file-init", contentInit, 0777).ApplyFile(root)
+	}
+
+	m, err := ls.CreateRWLayer("mount-size", layer.ChainID(), "", mountInit)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	path, err := m.Mount("")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if err := ioutil.WriteFile(filepath.Join(path, "file2"), content2, 0755); err != nil {
+		t.Fatal(err)
+	}
+
+	mountSize, err := m.Size()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if expected := len(content2); int(mountSize) != expected {
+		t.Fatalf("Unexpected mount size %d, expected %d", int(mountSize), expected)
+	}
+}
+
+func TestMountChanges(t *testing.T) {
+	// TODO Windows: Figure out why this is failing
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+	ls, _, cleanup := newTestStore(t)
+	defer cleanup()
+
+	basefiles := []FileApplier{
+		newTestFile("testfile1.txt", []byte("base data!"), 0644),
+		newTestFile("testfile2.txt", []byte("base data!"), 0644),
+		newTestFile("testfile3.txt", []byte("base data!"), 0644),
+	}
+	initfile := newTestFile("testfile1.txt", []byte("init data!"), 0777)
+
+	li := initWithFiles(basefiles...)
+	layer, err := createLayer(ls, "", li)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	mountInit := func(root string) error {
+		return initfile.ApplyFile(root)
+	}
+
+	m, err := ls.CreateRWLayer("mount-changes", layer.ChainID(), "", mountInit)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	path, err := m.Mount("")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if err := os.Chmod(filepath.Join(path, "testfile1.txt"), 0755); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := ioutil.WriteFile(filepath.Join(path, "testfile1.txt"), []byte("mount data!"), 0755); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := os.Remove(filepath.Join(path, "testfile2.txt")); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := os.Chmod(filepath.Join(path, "testfile3.txt"), 0755); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := ioutil.WriteFile(filepath.Join(path, "testfile4.txt"), []byte("mount data!"), 0644); err != nil {
+		t.Fatal(err)
+	}
+
+	changes, err := m.Changes()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if expected := 4; len(changes) != expected {
+		t.Fatalf("Wrong number of changes %d, expected %d", len(changes), expected)
+	}
+
+	sortChanges(changes)
+
+	assertChange(t, changes[0], archive.Change{
+		Path: "/testfile1.txt",
+		Kind: archive.ChangeModify,
+	})
+	assertChange(t, changes[1], archive.Change{
+		Path: "/testfile2.txt",
+		Kind: archive.ChangeDelete,
+	})
+	assertChange(t, changes[2], archive.Change{
+		Path: "/testfile3.txt",
+		Kind: archive.ChangeModify,
+	})
+	assertChange(t, changes[3], archive.Change{
+		Path: "/testfile4.txt",
+		Kind: archive.ChangeAdd,
+	})
+}
+
+func assertChange(t *testing.T, actual, expected archive.Change) {
+	if actual.Path != expected.Path {
+		t.Fatalf("Unexpected change path %s, expected %s", actual.Path, expected.Path)
+	}
+	if actual.Kind != expected.Kind {
+		t.Fatalf("Unexpected change type %s, expected %s", actual.Kind, expected.Kind)
+	}
+}
+
+func sortChanges(changes []archive.Change) {
+	cs := &changeSorter{
+		changes: changes,
+	}
+	sort.Sort(cs)
+}
+
+type changeSorter struct {
+	changes []archive.Change
+}
+
+func (cs *changeSorter) Len() int {
+	return len(cs.changes)
+}
+
+func (cs *changeSorter) Swap(i, j int) {
+	cs.changes[i], cs.changes[j] = cs.changes[j], cs.changes[i]
+}
+
+func (cs *changeSorter) Less(i, j int) bool {
+	return cs.changes[i].Path < cs.changes[j].Path
+}
diff --git a/layer/mounted_layer.go b/layer/mounted_layer.go
new file mode 100644
index 00000000..5a07fd08
--- /dev/null
+++ b/layer/mounted_layer.go
@@ -0,0 +1,188 @@
+package layer
+
+import (
+	"io"
+	"sync"
+
+	"github.com/docker/docker/pkg/archive"
+)
+
+type mountedLayer struct {
+	name       string
+	mountID    string
+	initID     string
+	parent     *roLayer
+	path       string
+	layerStore *layerStore
+
+	references map[RWLayer]*referencedRWLayer
+}
+
+func (ml *mountedLayer) cacheParent() string {
+	if ml.initID != "" {
+		return ml.initID
+	}
+	if ml.parent != nil {
+		return ml.parent.cacheID
+	}
+	return ""
+}
+
+func (ml *mountedLayer) TarStream() (io.ReadCloser, error) {
+	archiver, err := ml.layerStore.driver.Diff(ml.mountID, ml.cacheParent())
+	if err != nil {
+		return nil, err
+	}
+	return archiver, nil
+}
+
+func (ml *mountedLayer) Name() string {
+	return ml.name
+}
+
+func (ml *mountedLayer) Parent() Layer {
+	if ml.parent != nil {
+		return ml.parent
+	}
+
+	// Return a nil interface instead of an interface wrapping a nil
+	// pointer.
+	return nil
+}
+
+func (ml *mountedLayer) Mount(mountLabel string) (string, error) {
+	return ml.layerStore.driver.Get(ml.mountID, mountLabel)
+}
+
+func (ml *mountedLayer) Unmount() error {
+	return ml.layerStore.driver.Put(ml.mountID)
+}
+
+func (ml *mountedLayer) Size() (int64, error) {
+	return ml.layerStore.driver.DiffSize(ml.mountID, ml.cacheParent())
+}
+
+func (ml *mountedLayer) Changes() ([]archive.Change, error) {
+	return ml.layerStore.driver.Changes(ml.mountID, ml.cacheParent())
+}
+
+func (ml *mountedLayer) Metadata() (map[string]string, error) {
+	return ml.layerStore.driver.GetMetadata(ml.mountID)
+}
+
+func (ml *mountedLayer) getReference() RWLayer {
+	ref := &referencedRWLayer{
+		mountedLayer: ml,
+	}
+	ml.references[ref] = ref
+
+	return ref
+}
+
+func (ml *mountedLayer) hasReferences() bool {
+	return len(ml.references) > 0
+}
+
+func (ml *mountedLayer) incActivityCount(ref RWLayer) error {
+	rl, ok := ml.references[ref]
+	if !ok {
+		return ErrLayerNotRetained
+	}
+
+	if err := rl.acquire(); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (ml *mountedLayer) deleteReference(ref RWLayer) error {
+	rl, ok := ml.references[ref]
+	if !ok {
+		return ErrLayerNotRetained
+	}
+
+	if err := rl.release(); err != nil {
+		return err
+	}
+	delete(ml.references, ref)
+
+	return nil
+}
+
+func (ml *mountedLayer) retakeReference(r RWLayer) {
+	if ref, ok := r.(*referencedRWLayer); ok {
+		ref.activityCount = 0
+		ml.references[ref] = ref
+	}
+}
+
+type referencedRWLayer struct {
+	*mountedLayer
+
+	activityL     sync.Mutex
+	activityCount int
+}
+
+func (rl *referencedRWLayer) acquire() error {
+	rl.activityL.Lock()
+	defer rl.activityL.Unlock()
+
+	rl.activityCount++
+
+	return nil
+}
+
+func (rl *referencedRWLayer) release() error {
+	rl.activityL.Lock()
+	defer rl.activityL.Unlock()
+
+	if rl.activityCount > 0 {
+		return ErrActiveMount
+	}
+
+	rl.activityCount = -1
+
+	return nil
+}
+
+func (rl *referencedRWLayer) Mount(mountLabel string) (string, error) {
+	rl.activityL.Lock()
+	defer rl.activityL.Unlock()
+
+	if rl.activityCount == -1 {
+		return "", ErrLayerNotRetained
+	}
+
+	if rl.activityCount > 0 {
+		rl.activityCount++
+		return rl.path, nil
+	}
+
+	m, err := rl.mountedLayer.Mount(mountLabel)
+	if err == nil {
+		rl.activityCount++
+		rl.path = m
+	}
+	return m, err
+}
+
+// Unmount decrements the activity count and unmounts the underlying layer
+// Callers should only call `Unmount` once per call to `Mount`, even on error.
+func (rl *referencedRWLayer) Unmount() error {
+	rl.activityL.Lock()
+	defer rl.activityL.Unlock()
+
+	if rl.activityCount == 0 {
+		return ErrNotMounted
+	}
+	if rl.activityCount == -1 {
+		return ErrLayerNotRetained
+	}
+
+	rl.activityCount--
+	if rl.activityCount > 0 {
+		return nil
+	}
+
+	return rl.mountedLayer.Unmount()
+}
diff --git a/layer/ro_layer.go b/layer/ro_layer.go
new file mode 100644
index 00000000..92b0ea0e
--- /dev/null
+++ b/layer/ro_layer.go
@@ -0,0 +1,164 @@
+package layer
+
+import (
+	"fmt"
+	"io"
+
+	"github.com/docker/distribution/digest"
+)
+
+type roLayer struct {
+	chainID    ChainID
+	diffID     DiffID
+	parent     *roLayer
+	cacheID    string
+	size       int64
+	layerStore *layerStore
+
+	referenceCount int
+	references     map[Layer]struct{}
+}
+
+func (rl *roLayer) TarStream() (io.ReadCloser, error) {
+	r, err := rl.layerStore.store.TarSplitReader(rl.chainID)
+	if err != nil {
+		return nil, err
+	}
+
+	pr, pw := io.Pipe()
+	go func() {
+		err := rl.layerStore.assembleTarTo(rl.cacheID, r, nil, pw)
+		if err != nil {
+			pw.CloseWithError(err)
+		} else {
+			pw.Close()
+		}
+	}()
+	rc, err := newVerifiedReadCloser(pr, digest.Digest(rl.diffID))
+	if err != nil {
+		return nil, err
+	}
+	return rc, nil
+}
+
+func (rl *roLayer) ChainID() ChainID {
+	return rl.chainID
+}
+
+func (rl *roLayer) DiffID() DiffID {
+	return rl.diffID
+}
+
+func (rl *roLayer) Parent() Layer {
+	if rl.parent == nil {
+		return nil
+	}
+	return rl.parent
+}
+
+func (rl *roLayer) Size() (size int64, err error) {
+	if rl.parent != nil {
+		size, err = rl.parent.Size()
+		if err != nil {
+			return
+		}
+	}
+
+	return size + rl.size, nil
+}
+
+func (rl *roLayer) DiffSize() (size int64, err error) {
+	return rl.size, nil
+}
+
+func (rl *roLayer) Metadata() (map[string]string, error) {
+	return rl.layerStore.driver.GetMetadata(rl.cacheID)
+}
+
+type referencedCacheLayer struct {
+	*roLayer
+}
+
+func (rl *roLayer) getReference() Layer {
+	ref := &referencedCacheLayer{
+		roLayer: rl,
+	}
+	rl.references[ref] = struct{}{}
+
+	return ref
+}
+
+func (rl *roLayer) hasReference(ref Layer) bool {
+	_, ok := rl.references[ref]
+	return ok
+}
+
+func (rl *roLayer) hasReferences() bool {
+	return len(rl.references) > 0
+}
+
+func (rl *roLayer) deleteReference(ref Layer) {
+	delete(rl.references, ref)
+}
+
+func (rl *roLayer) depth() int {
+	if rl.parent == nil {
+		return 1
+	}
+	return rl.parent.depth() + 1
+}
+
+func storeLayer(tx MetadataTransaction, layer *roLayer) error {
+	if err := tx.SetDiffID(layer.diffID); err != nil {
+		return err
+	}
+	if err := tx.SetSize(layer.size); err != nil {
+		return err
+	}
+	if err := tx.SetCacheID(layer.cacheID); err != nil {
+		return err
+	}
+	if layer.parent != nil {
+		if err := tx.SetParent(layer.parent.chainID); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func newVerifiedReadCloser(rc io.ReadCloser, dgst digest.Digest) (io.ReadCloser, error) {
+	verifier, err := digest.NewDigestVerifier(dgst)
+	if err != nil {
+		return nil, err
+	}
+	return &verifiedReadCloser{
+		rc:       rc,
+		dgst:     dgst,
+		verifier: verifier,
+	}, nil
+}
+
+type verifiedReadCloser struct {
+	rc       io.ReadCloser
+	dgst     digest.Digest
+	verifier digest.Verifier
+}
+
+func (vrc *verifiedReadCloser) Read(p []byte) (n int, err error) {
+	n, err = vrc.rc.Read(p)
+	if n > 0 {
+		if n, err := vrc.verifier.Write(p[:n]); err != nil {
+			return n, err
+		}
+	}
+	if err == io.EOF {
+		if !vrc.verifier.Verified() {
+			err = fmt.Errorf("could not verify layer data for: %s. This may be because internal files in the layer store were modified. Re-pulling or rebuilding this image may resolve the issue", vrc.dgst)
+		}
+	}
+	return
+}
+func (vrc *verifiedReadCloser) Close() error {
+	return vrc.rc.Close()
+}
diff --git a/libcontainerd/client.go b/libcontainerd/client.go
new file mode 100644
index 00000000..7e8e47bc
--- /dev/null
+++ b/libcontainerd/client.go
@@ -0,0 +1,46 @@
+package libcontainerd
+
+import (
+	"fmt"
+	"sync"
+
+	"github.com/docker/docker/pkg/locker"
+)
+
+// clientCommon contains the platform agnostic fields used in the client structure
+type clientCommon struct {
+	backend    Backend
+	containers map[string]*container
+	locker     *locker.Locker
+	mapMutex   sync.RWMutex // protects read/write oprations from containers map
+}
+
+func (clnt *client) lock(containerID string) {
+	clnt.locker.Lock(containerID)
+}
+
+func (clnt *client) unlock(containerID string) {
+	clnt.locker.Unlock(containerID)
+}
+
+// must hold a lock for cont.containerID
+func (clnt *client) appendContainer(cont *container) {
+	clnt.mapMutex.Lock()
+	clnt.containers[cont.containerID] = cont
+	clnt.mapMutex.Unlock()
+}
+func (clnt *client) deleteContainer(friendlyName string) {
+	clnt.mapMutex.Lock()
+	delete(clnt.containers, friendlyName)
+	clnt.mapMutex.Unlock()
+}
+
+func (clnt *client) getContainer(containerID string) (*container, error) {
+	clnt.mapMutex.RLock()
+	container, ok := clnt.containers[containerID]
+	defer clnt.mapMutex.RUnlock()
+	if !ok {
+		return nil, fmt.Errorf("invalid container: %s", containerID) // fixme: typed error
+	}
+	return container, nil
+}
diff --git a/libcontainerd/client_linux.go b/libcontainerd/client_linux.go
new file mode 100644
index 00000000..8eab7512
--- /dev/null
+++ b/libcontainerd/client_linux.go
@@ -0,0 +1,401 @@
+package libcontainerd
+
+import (
+	"encoding/json"
+	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
+	"sync"
+	"syscall"
+
+	"github.com/Sirupsen/logrus"
+	containerd "github.com/docker/containerd/api/grpc/types"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/mount"
+	"github.com/opencontainers/specs/specs-go"
+	"golang.org/x/net/context"
+)
+
+type client struct {
+	clientCommon
+
+	// Platform specific properties below here.
+	remote        *remote
+	q             queue
+	exitNotifiers map[string]*exitNotifier
+}
+
+func (clnt *client) AddProcess(containerID, processFriendlyName string, specp Process) error {
+	clnt.lock(containerID)
+	defer clnt.unlock(containerID)
+	container, err := clnt.getContainer(containerID)
+	if err != nil {
+		return err
+	}
+
+	spec, err := container.spec()
+	if err != nil {
+		return err
+	}
+	sp := spec.Process
+	sp.Args = specp.Args
+	sp.Terminal = specp.Terminal
+	if specp.Env != nil {
+		sp.Env = specp.Env
+	}
+	if specp.Cwd != nil {
+		sp.Cwd = *specp.Cwd
+	}
+	if specp.User != nil {
+		sp.User = specs.User{
+			UID:            specp.User.UID,
+			GID:            specp.User.GID,
+			AdditionalGids: specp.User.AdditionalGids,
+		}
+	}
+	if specp.Capabilities != nil {
+		sp.Capabilities = specp.Capabilities
+	}
+
+	p := container.newProcess(processFriendlyName)
+
+	r := &containerd.AddProcessRequest{
+		Args:     sp.Args,
+		Cwd:      sp.Cwd,
+		Terminal: sp.Terminal,
+		Id:       containerID,
+		Env:      sp.Env,
+		User: &containerd.User{
+			Uid:            sp.User.UID,
+			Gid:            sp.User.GID,
+			AdditionalGids: sp.User.AdditionalGids,
+		},
+		Pid:             processFriendlyName,
+		Stdin:           p.fifo(syscall.Stdin),
+		Stdout:          p.fifo(syscall.Stdout),
+		Stderr:          p.fifo(syscall.Stderr),
+		Capabilities:    sp.Capabilities,
+		ApparmorProfile: sp.ApparmorProfile,
+		SelinuxLabel:    sp.SelinuxLabel,
+		NoNewPrivileges: sp.NoNewPrivileges,
+		Rlimits:         convertRlimits(sp.Rlimits),
+	}
+
+	iopipe, err := p.openFifos(sp.Terminal)
+	if err != nil {
+		return err
+	}
+
+	if _, err := clnt.remote.apiClient.AddProcess(context.Background(), r); err != nil {
+		p.closeFifos(iopipe)
+		return err
+	}
+
+	container.processes[processFriendlyName] = p
+
+	clnt.unlock(containerID)
+
+	if err := clnt.backend.AttachStreams(processFriendlyName, *iopipe); err != nil {
+		return err
+	}
+	clnt.lock(containerID)
+
+	return nil
+}
+
+func (clnt *client) prepareBundleDir(uid, gid int) (string, error) {
+	root, err := filepath.Abs(clnt.remote.stateDir)
+	if err != nil {
+		return "", err
+	}
+	if uid == 0 && gid == 0 {
+		return root, nil
+	}
+	p := string(filepath.Separator)
+	for _, d := range strings.Split(root, string(filepath.Separator))[1:] {
+		p = filepath.Join(p, d)
+		fi, err := os.Stat(p)
+		if err != nil && !os.IsNotExist(err) {
+			return "", err
+		}
+		if os.IsNotExist(err) || fi.Mode()&1 == 0 {
+			p = fmt.Sprintf("%s.%d.%d", p, uid, gid)
+			if err := idtools.MkdirAs(p, 0700, uid, gid); err != nil && !os.IsExist(err) {
+				return "", err
+			}
+		}
+	}
+	return p, nil
+}
+
+func (clnt *client) Create(containerID string, spec Spec, options ...CreateOption) (err error) {
+	clnt.lock(containerID)
+	defer clnt.unlock(containerID)
+
+	if ctr, err := clnt.getContainer(containerID); err == nil {
+		if ctr.restarting {
+			ctr.restartManager.Cancel()
+			ctr.clean()
+		} else {
+			return fmt.Errorf("Container %s is aleady active", containerID)
+		}
+	}
+
+	uid, gid, err := getRootIDs(specs.Spec(spec))
+	if err != nil {
+		return err
+	}
+	dir, err := clnt.prepareBundleDir(uid, gid)
+	if err != nil {
+		return err
+	}
+
+	container := clnt.newContainer(filepath.Join(dir, containerID), options...)
+	if err := container.clean(); err != nil {
+		return err
+	}
+
+	defer func() {
+		if err != nil {
+			container.clean()
+			clnt.deleteContainer(containerID)
+		}
+	}()
+
+	if err := idtools.MkdirAllAs(container.dir, 0700, uid, gid); err != nil && !os.IsExist(err) {
+		return err
+	}
+
+	f, err := os.Create(filepath.Join(container.dir, configFilename))
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+	if err := json.NewEncoder(f).Encode(spec); err != nil {
+		return err
+	}
+
+	return container.start()
+}
+
+func (clnt *client) Signal(containerID string, sig int) error {
+	clnt.lock(containerID)
+	defer clnt.unlock(containerID)
+	_, err := clnt.remote.apiClient.Signal(context.Background(), &containerd.SignalRequest{
+		Id:     containerID,
+		Pid:    InitFriendlyName,
+		Signal: uint32(sig),
+	})
+	return err
+}
+
+func (clnt *client) Resize(containerID, processFriendlyName string, width, height int) error {
+	clnt.lock(containerID)
+	defer clnt.unlock(containerID)
+	if _, err := clnt.getContainer(containerID); err != nil {
+		return err
+	}
+	_, err := clnt.remote.apiClient.UpdateProcess(context.Background(), &containerd.UpdateProcessRequest{
+		Id:     containerID,
+		Pid:    processFriendlyName,
+		Width:  uint32(width),
+		Height: uint32(height),
+	})
+	return err
+}
+
+func (clnt *client) Pause(containerID string) error {
+	return clnt.setState(containerID, StatePause)
+}
+
+func (clnt *client) setState(containerID, state string) error {
+	clnt.lock(containerID)
+	container, err := clnt.getContainer(containerID)
+	if err != nil {
+		clnt.unlock(containerID)
+		return err
+	}
+	if container.systemPid == 0 {
+		clnt.unlock(containerID)
+		return fmt.Errorf("No active process for container %s", containerID)
+	}
+	st := "running"
+	if state == StatePause {
+		st = "paused"
+	}
+	chstate := make(chan struct{})
+	_, err = clnt.remote.apiClient.UpdateContainer(context.Background(), &containerd.UpdateContainerRequest{
+		Id:     containerID,
+		Pid:    InitFriendlyName,
+		Status: st,
+	})
+	if err != nil {
+		clnt.unlock(containerID)
+		return err
+	}
+	container.pauseMonitor.append(state, chstate)
+	clnt.unlock(containerID)
+	<-chstate
+	return nil
+}
+
+func (clnt *client) Resume(containerID string) error {
+	return clnt.setState(containerID, StateResume)
+}
+
+func (clnt *client) Stats(containerID string) (*Stats, error) {
+	resp, err := clnt.remote.apiClient.Stats(context.Background(), &containerd.StatsRequest{containerID})
+	if err != nil {
+		return nil, err
+	}
+	return (*Stats)(resp), nil
+}
+
+// Take care of the old 1.11.0 behavior in case the version upgrade
+// happenned without a clean daemon shutdown
+func (clnt *client) cleanupOldRootfs(containerID string) {
+	// Unmount and delete the bundle folder
+	if mts, err := mount.GetMounts(); err == nil {
+		for _, mts := range mts {
+			if strings.HasSuffix(mts.Mountpoint, containerID+"/rootfs") {
+				if err := syscall.Unmount(mts.Mountpoint, syscall.MNT_DETACH); err == nil {
+					os.RemoveAll(strings.TrimSuffix(mts.Mountpoint, "/rootfs"))
+				}
+				break
+			}
+		}
+	}
+}
+
+func (clnt *client) setExited(containerID string) error {
+	clnt.lock(containerID)
+	defer clnt.unlock(containerID)
+
+	var exitCode uint32
+	if event, ok := clnt.remote.pastEvents[containerID]; ok {
+		exitCode = event.Status
+		delete(clnt.remote.pastEvents, containerID)
+	}
+
+	err := clnt.backend.StateChanged(containerID, StateInfo{
+		State:    StateExit,
+		ExitCode: exitCode,
+	})
+
+	clnt.cleanupOldRootfs(containerID)
+
+	return err
+}
+
+func (clnt *client) GetPidsForContainer(containerID string) ([]int, error) {
+	cont, err := clnt.getContainerdContainer(containerID)
+	if err != nil {
+		return nil, err
+	}
+	pids := make([]int, len(cont.Pids))
+	for i, p := range cont.Pids {
+		pids[i] = int(p)
+	}
+	return pids, nil
+}
+
+// Summary returns a summary of the processes running in a container.
+// This is a no-op on Linux.
+func (clnt *client) Summary(containerID string) ([]Summary, error) {
+	return nil, nil
+}
+
+func (clnt *client) getContainerdContainer(containerID string) (*containerd.Container, error) {
+	resp, err := clnt.remote.apiClient.State(context.Background(), &containerd.StateRequest{Id: containerID})
+	if err != nil {
+		return nil, err
+	}
+	for _, cont := range resp.Containers {
+		if cont.Id == containerID {
+			return cont, nil
+		}
+	}
+	return nil, fmt.Errorf("invalid state response")
+}
+
+func (clnt *client) newContainer(dir string, options ...CreateOption) *container {
+	container := &container{
+		containerCommon: containerCommon{
+			process: process{
+				dir: dir,
+				processCommon: processCommon{
+					containerID:  filepath.Base(dir),
+					client:       clnt,
+					friendlyName: InitFriendlyName,
+				},
+			},
+			processes: make(map[string]*process),
+		},
+	}
+	for _, option := range options {
+		if err := option.Apply(container); err != nil {
+			logrus.Error(err)
+		}
+	}
+	return container
+}
+
+func (clnt *client) UpdateResources(containerID string, resources Resources) error {
+	clnt.lock(containerID)
+	defer clnt.unlock(containerID)
+	container, err := clnt.getContainer(containerID)
+	if err != nil {
+		return err
+	}
+	if container.systemPid == 0 {
+		return fmt.Errorf("No active process for container %s", containerID)
+	}
+	_, err = clnt.remote.apiClient.UpdateContainer(context.Background(), &containerd.UpdateContainerRequest{
+		Id:        containerID,
+		Pid:       InitFriendlyName,
+		Resources: (*containerd.UpdateResource)(&resources),
+	})
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+func (clnt *client) getExitNotifier(containerID string) *exitNotifier {
+	clnt.mapMutex.RLock()
+	defer clnt.mapMutex.RUnlock()
+	return clnt.exitNotifiers[containerID]
+}
+
+func (clnt *client) getOrCreateExitNotifier(containerID string) *exitNotifier {
+	clnt.mapMutex.Lock()
+	w, ok := clnt.exitNotifiers[containerID]
+	defer clnt.mapMutex.Unlock()
+	if !ok {
+		w = &exitNotifier{c: make(chan struct{}), client: clnt}
+		clnt.exitNotifiers[containerID] = w
+	}
+	return w
+}
+
+type exitNotifier struct {
+	id     string
+	client *client
+	c      chan struct{}
+	once   sync.Once
+}
+
+func (en *exitNotifier) close() {
+	en.once.Do(func() {
+		close(en.c)
+		en.client.mapMutex.Lock()
+		if en == en.client.exitNotifiers[en.id] {
+			delete(en.client.exitNotifiers, en.id)
+		}
+		en.client.mapMutex.Unlock()
+	})
+}
+func (en *exitNotifier) wait() <-chan struct{} {
+	return en.c
+}
diff --git a/libcontainerd/client_liverestore_linux.go b/libcontainerd/client_liverestore_linux.go
new file mode 100644
index 00000000..1a1f7fe7
--- /dev/null
+++ b/libcontainerd/client_liverestore_linux.go
@@ -0,0 +1,83 @@
+// +build experimental
+
+package libcontainerd
+
+import (
+	"fmt"
+
+	"github.com/Sirupsen/logrus"
+	containerd "github.com/docker/containerd/api/grpc/types"
+)
+
+func (clnt *client) restore(cont *containerd.Container, options ...CreateOption) (err error) {
+	clnt.lock(cont.Id)
+	defer clnt.unlock(cont.Id)
+
+	logrus.Debugf("restore container %s state %s", cont.Id, cont.Status)
+
+	containerID := cont.Id
+	if _, err := clnt.getContainer(containerID); err == nil {
+		return fmt.Errorf("container %s is aleady active", containerID)
+	}
+
+	defer func() {
+		if err != nil {
+			clnt.deleteContainer(cont.Id)
+		}
+	}()
+
+	container := clnt.newContainer(cont.BundlePath, options...)
+	container.systemPid = systemPid(cont)
+
+	var terminal bool
+	for _, p := range cont.Processes {
+		if p.Pid == InitFriendlyName {
+			terminal = p.Terminal
+		}
+	}
+
+	iopipe, err := container.openFifos(terminal)
+	if err != nil {
+		return err
+	}
+
+	if err := clnt.backend.AttachStreams(containerID, *iopipe); err != nil {
+		return err
+	}
+
+	clnt.appendContainer(container)
+
+	err = clnt.backend.StateChanged(containerID, StateInfo{
+		State: StateRestore,
+		Pid:   container.systemPid,
+	})
+
+	if err != nil {
+		return err
+	}
+
+	if event, ok := clnt.remote.pastEvents[containerID]; ok {
+		// This should only be a pause or resume event
+		if event.Type == StatePause || event.Type == StateResume {
+			return clnt.backend.StateChanged(containerID, StateInfo{
+				State: event.Type,
+				Pid:   container.systemPid,
+			})
+		}
+
+		logrus.Warnf("unexpected backlog event: %#v", event)
+	}
+
+	return nil
+}
+
+func (clnt *client) Restore(containerID string, options ...CreateOption) error {
+	cont, err := clnt.getContainerdContainer(containerID)
+	if err == nil && cont.Status != "stopped" {
+		if err := clnt.restore(cont, options...); err != nil {
+			logrus.Errorf("error restoring %s: %v", containerID, err)
+		}
+		return nil
+	}
+	return clnt.setExited(containerID)
+}
diff --git a/libcontainerd/client_shutdownrestore_linux.go b/libcontainerd/client_shutdownrestore_linux.go
new file mode 100644
index 00000000..1b4a2bc5
--- /dev/null
+++ b/libcontainerd/client_shutdownrestore_linux.go
@@ -0,0 +1,46 @@
+// +build !experimental
+
+package libcontainerd
+
+import (
+	"syscall"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+)
+
+func (clnt *client) Restore(containerID string, options ...CreateOption) error {
+	w := clnt.getOrCreateExitNotifier(containerID)
+	defer w.close()
+	cont, err := clnt.getContainerdContainer(containerID)
+	if err == nil && cont.Status != "stopped" {
+		clnt.lock(cont.Id)
+		container := clnt.newContainer(cont.BundlePath)
+		container.systemPid = systemPid(cont)
+		clnt.appendContainer(container)
+		clnt.unlock(cont.Id)
+
+		container.discardFifos()
+
+		if err := clnt.Signal(containerID, int(syscall.SIGTERM)); err != nil {
+			logrus.Errorf("error sending sigterm to %v: %v", containerID, err)
+		}
+		select {
+		case <-time.After(10 * time.Second):
+			if err := clnt.Signal(containerID, int(syscall.SIGKILL)); err != nil {
+				logrus.Errorf("error sending sigkill to %v: %v", containerID, err)
+			}
+			select {
+			case <-time.After(2 * time.Second):
+			case <-w.wait():
+				return nil
+			}
+		case <-w.wait():
+			return nil
+		}
+	}
+
+	clnt.deleteContainer(containerID)
+
+	return clnt.setExited(containerID)
+}
diff --git a/libcontainerd/client_windows.go b/libcontainerd/client_windows.go
new file mode 100644
index 00000000..50cb4168
--- /dev/null
+++ b/libcontainerd/client_windows.go
@@ -0,0 +1,567 @@
+package libcontainerd
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"path/filepath"
+	"strconv"
+	"strings"
+
+	"syscall"
+	"time"
+
+	"github.com/Microsoft/hcsshim"
+	"github.com/Sirupsen/logrus"
+)
+
+type client struct {
+	clientCommon
+
+	// Platform specific properties below here (none presently on Windows)
+}
+
+// defaultContainerNAT is the default name of the container NAT device that is
+// preconfigured on the server. TODO Windows - Remove for TP5 support as not needed.
+const defaultContainerNAT = "ContainerNAT"
+
+// Win32 error codes that are used for various workarounds
+// These really should be ALL_CAPS to match golangs syscall library and standard
+// Win32 error conventions, but golint insists on CamelCase.
+const (
+	CoEClassstring     = syscall.Errno(0x800401F3) // Invalid class string
+	ErrorNoNetwork     = syscall.Errno(1222)       // The network is not present or not started
+	ErrorBadPathname   = syscall.Errno(161)        // The specified path is invalid
+	ErrorInvalidObject = syscall.Errno(0x800710D8) // The object identifier does not represent a valid object
+)
+
+type layer struct {
+	ID   string
+	Path string
+}
+
+type defConfig struct {
+	DefFile string
+}
+
+type portBinding struct {
+	Protocol     string
+	InternalPort int
+	ExternalPort int
+}
+
+type natSettings struct {
+	Name         string
+	PortBindings []portBinding
+}
+
+type networkConnection struct {
+	NetworkName string
+	Nat         natSettings
+}
+type networkSettings struct {
+	MacAddress string
+}
+
+type device struct {
+	DeviceType string
+	Connection interface{}
+	Settings   interface{}
+}
+
+type mappedDir struct {
+	HostPath      string
+	ContainerPath string
+	ReadOnly      bool
+}
+
+// TODO Windows: @darrenstahlmsft Add ProcessorCount
+type containerInit struct {
+	SystemType              string      // HCS requires this to be hard-coded to "Container"
+	Name                    string      // Name of the container. We use the docker ID.
+	Owner                   string      // The management platform that created this container
+	IsDummy                 bool        // Used for development purposes.
+	VolumePath              string      // Windows volume path for scratch space
+	Devices                 []device    // Devices used by the container
+	IgnoreFlushesDuringBoot bool        // Optimization hint for container startup in Windows
+	LayerFolderPath         string      // Where the layer folders are located
+	Layers                  []layer     // List of storage layers
+	ProcessorWeight         uint64      `json:",omitempty"` // CPU Shares 0..10000 on Windows; where 0 will be omitted and HCS will default.
+	ProcessorMaximum        int64       `json:",omitempty"` // CPU maximum usage percent 1..100
+	StorageIOPSMaximum      uint64      `json:",omitempty"` // Maximum Storage IOPS
+	StorageBandwidthMaximum uint64      `json:",omitempty"` // Maximum Storage Bandwidth in bytes per second
+	StorageSandboxSize      uint64      `json:",omitempty"` // Size in bytes that the container system drive should be expanded to if smaller
+	MemoryMaximumInMB       int64       `json:",omitempty"` // Maximum memory available to the container in Megabytes
+	HostName                string      // Hostname
+	MappedDirectories       []mappedDir // List of mapped directories (volumes/mounts)
+	SandboxPath             string      // Location of unmounted sandbox (used for Hyper-V containers)
+	HvPartition             bool        // True if it a Hyper-V Container
+	EndpointList            []string    // List of networking endpoints to be attached to container
+}
+
+// defaultOwner is a tag passed to HCS to allow it to differentiate between
+// container creator management stacks. We hard code "docker" in the case
+// of docker.
+const defaultOwner = "docker"
+
+// Create is the entrypoint to create a container from a spec, and if successfully
+// created, start it too.
+func (clnt *client) Create(containerID string, spec Spec, options ...CreateOption) error {
+	logrus.Debugln("LCD client.Create() with spec", spec)
+
+	cu := &containerInit{
+		SystemType: "Container",
+		Name:       containerID,
+		Owner:      defaultOwner,
+
+		VolumePath:              spec.Root.Path,
+		IgnoreFlushesDuringBoot: spec.Windows.FirstStart,
+		LayerFolderPath:         spec.Windows.LayerFolder,
+		HostName:                spec.Hostname,
+	}
+
+	if spec.Windows.Networking != nil {
+		cu.EndpointList = spec.Windows.Networking.EndpointList
+	}
+
+	if spec.Windows.Resources != nil {
+		if spec.Windows.Resources.CPU != nil {
+			if spec.Windows.Resources.CPU.Shares != nil {
+				cu.ProcessorWeight = *spec.Windows.Resources.CPU.Shares
+			}
+			if spec.Windows.Resources.CPU.Percent != nil {
+				cu.ProcessorMaximum = *spec.Windows.Resources.CPU.Percent * 100 // ProcessorMaximum is a value between 1 and 10000
+			}
+		}
+		if spec.Windows.Resources.Memory != nil {
+			if spec.Windows.Resources.Memory.Limit != nil {
+				cu.MemoryMaximumInMB = *spec.Windows.Resources.Memory.Limit / 1024 / 1024
+			}
+		}
+		if spec.Windows.Resources.Storage != nil {
+			if spec.Windows.Resources.Storage.Bps != nil {
+				cu.StorageBandwidthMaximum = *spec.Windows.Resources.Storage.Bps
+			}
+			if spec.Windows.Resources.Storage.Iops != nil {
+				cu.StorageIOPSMaximum = *spec.Windows.Resources.Storage.Iops
+			}
+			if spec.Windows.Resources.Storage.SandboxSize != nil {
+				cu.StorageSandboxSize = *spec.Windows.Resources.Storage.SandboxSize
+			}
+		}
+	}
+
+	cu.HvPartition = (spec.Windows.HvRuntime != nil)
+
+	// TODO Windows @jhowardmsft. FIXME post TP5.
+	//	if spec.Windows.HvRuntime != nil {
+	//		if spec.WIndows.HVRuntime.ImagePath != "" {
+	//			cu.TBD = spec.Windows.HvRuntime.ImagePath
+	//		}
+	//	}
+
+	if cu.HvPartition {
+		cu.SandboxPath = filepath.Dir(spec.Windows.LayerFolder)
+	} else {
+		cu.VolumePath = spec.Root.Path
+		cu.LayerFolderPath = spec.Windows.LayerFolder
+	}
+
+	for _, layerPath := range spec.Windows.LayerPaths {
+		_, filename := filepath.Split(layerPath)
+		g, err := hcsshim.NameToGuid(filename)
+		if err != nil {
+			return err
+		}
+		cu.Layers = append(cu.Layers, layer{
+			ID:   g.ToString(),
+			Path: layerPath,
+		})
+	}
+
+	// Add the mounts (volumes, bind mounts etc) to the structure
+	mds := make([]mappedDir, len(spec.Mounts))
+	for i, mount := range spec.Mounts {
+		mds[i] = mappedDir{
+			HostPath:      mount.Source,
+			ContainerPath: mount.Destination,
+			ReadOnly:      mount.Readonly}
+	}
+	cu.MappedDirectories = mds
+
+	// TODO Windows: vv START OF TP4 BLOCK OF CODE. REMOVE ONCE TP4 IS NO LONGER SUPPORTED
+	if hcsshim.IsTP4() &&
+		spec.Windows.Networking != nil &&
+		spec.Windows.Networking.Bridge != "" {
+		// Enumerate through the port bindings specified by the user and convert
+		// them into the internal structure matching the JSON blob that can be
+		// understood by the HCS.
+		var pbs []portBinding
+		for i, v := range spec.Windows.Networking.PortBindings {
+			proto := strings.ToUpper(i.Proto())
+			if proto != "TCP" && proto != "UDP" {
+				return fmt.Errorf("invalid protocol %s", i.Proto())
+			}
+
+			if len(v) > 1 {
+				return fmt.Errorf("Windows does not support more than one host port in NAT settings")
+			}
+
+			for _, v2 := range v {
+				var (
+					iPort, ePort int
+					err          error
+				)
+				if len(v2.HostIP) != 0 {
+					return fmt.Errorf("Windows does not support host IP addresses in NAT settings")
+				}
+				if ePort, err = strconv.Atoi(v2.HostPort); err != nil {
+					return fmt.Errorf("invalid container port %s: %s", v2.HostPort, err)
+				}
+				if iPort, err = strconv.Atoi(i.Port()); err != nil {
+					return fmt.Errorf("invalid internal port %s: %s", i.Port(), err)
+				}
+				if iPort < 0 || iPort > 65535 || ePort < 0 || ePort > 65535 {
+					return fmt.Errorf("specified NAT port is not in allowed range")
+				}
+				pbs = append(pbs,
+					portBinding{ExternalPort: ePort,
+						InternalPort: iPort,
+						Protocol:     proto})
+			}
+		}
+
+		dev := device{
+			DeviceType: "Network",
+			Connection: &networkConnection{
+				NetworkName: spec.Windows.Networking.Bridge,
+				Nat: natSettings{
+					Name:         defaultContainerNAT,
+					PortBindings: pbs,
+				},
+			},
+		}
+
+		if spec.Windows.Networking.MacAddress != "" {
+			windowsStyleMAC := strings.Replace(
+				spec.Windows.Networking.MacAddress, ":", "-", -1)
+			dev.Settings = networkSettings{
+				MacAddress: windowsStyleMAC,
+			}
+		}
+		cu.Devices = append(cu.Devices, dev)
+	} else {
+		logrus.Debugln("No network interface")
+	}
+	// TODO Windows: ^^ END OF TP4 BLOCK OF CODE. REMOVE ONCE TP4 IS NO LONGER SUPPORTED
+
+	configurationb, err := json.Marshal(cu)
+	if err != nil {
+		return err
+	}
+
+	configuration := string(configurationb)
+
+	// TODO Windows TP5 timeframe. Remove when TP4 is no longer supported.
+	// The following a workaround for Windows TP4 which has a networking
+	// bug which fairly frequently returns an error. Back off and retry.
+	if !hcsshim.IsTP4() {
+		if err := hcsshim.CreateComputeSystem(containerID, configuration); err != nil {
+			return err
+		}
+	} else {
+		maxAttempts := 5
+		for i := 1; i <= maxAttempts; i++ {
+			err = hcsshim.CreateComputeSystem(containerID, configuration)
+			if err == nil {
+				break
+			}
+
+			if herr, ok := err.(*hcsshim.HcsError); ok {
+				if herr.Err != syscall.ERROR_NOT_FOUND && // Element not found
+					herr.Err != syscall.ERROR_FILE_NOT_FOUND && // The system cannot find the file specified
+					herr.Err != ErrorNoNetwork && // The network is not present or not started
+					herr.Err != ErrorBadPathname && // The specified path is invalid
+					herr.Err != CoEClassstring && // Invalid class string
+					herr.Err != ErrorInvalidObject { // The object identifier does not represent a valid object
+					logrus.Debugln("Failed to create temporary container ", err)
+					return err
+				}
+				logrus.Warnf("Invoking Windows TP4 retry hack (%d of %d)", i, maxAttempts-1)
+				time.Sleep(50 * time.Millisecond)
+			}
+		}
+	}
+
+	// Construct a container object for calling start on it.
+	container := &container{
+		containerCommon: containerCommon{
+			process: process{
+				processCommon: processCommon{
+					containerID:  containerID,
+					client:       clnt,
+					friendlyName: InitFriendlyName,
+				},
+				commandLine: strings.Join(spec.Process.Args, " "),
+			},
+			processes: make(map[string]*process),
+		},
+		ociSpec: spec,
+	}
+
+	container.options = options
+	for _, option := range options {
+		if err := option.Apply(container); err != nil {
+			logrus.Error(err)
+		}
+	}
+
+	// Call start, and if it fails, delete the container from our
+	// internal structure, and also keep HCS in sync by deleting the
+	// container there.
+	logrus.Debugf("Create() id=%s, Calling start()", containerID)
+	if err := container.start(); err != nil {
+		clnt.deleteContainer(containerID)
+		return err
+	}
+
+	logrus.Debugf("Create() id=%s completed successfully", containerID)
+	return nil
+
+}
+
+// AddProcess is the handler for adding a process to an already running
+// container. It's called through docker exec.
+func (clnt *client) AddProcess(containerID, processFriendlyName string, procToAdd Process) error {
+
+	clnt.lock(containerID)
+	defer clnt.unlock(containerID)
+	container, err := clnt.getContainer(containerID)
+	if err != nil {
+		return err
+	}
+
+	createProcessParms := hcsshim.CreateProcessParams{
+		EmulateConsole: procToAdd.Terminal,
+		ConsoleSize:    procToAdd.InitialConsoleSize,
+	}
+
+	// Take working directory from the process to add if it is defined,
+	// otherwise take from the first process.
+	if procToAdd.Cwd != "" {
+		createProcessParms.WorkingDirectory = procToAdd.Cwd
+	} else {
+		createProcessParms.WorkingDirectory = container.ociSpec.Process.Cwd
+	}
+
+	// Configure the environment for the process
+	createProcessParms.Environment = setupEnvironmentVariables(procToAdd.Env)
+	createProcessParms.CommandLine = strings.Join(procToAdd.Args, " ")
+
+	logrus.Debugf("commandLine: %s", createProcessParms.CommandLine)
+
+	// Start the command running in the container. Note we always tell HCS to
+	// create stdout as it's required regardless of '-i' or '-t' options, so that
+	// docker can always grab the output through logs. We also tell HCS to always
+	// create stdin, even if it's not used - it will be closed shortly. Stderr
+	// is only created if it we're not -t.
+	var stdout, stderr io.ReadCloser
+	var pid uint32
+	iopipe := &IOPipe{Terminal: procToAdd.Terminal}
+	pid, iopipe.Stdin, stdout, stderr, err = hcsshim.CreateProcessInComputeSystem(
+		containerID,
+		true,
+		true,
+		!procToAdd.Terminal,
+		createProcessParms)
+	if err != nil {
+		logrus.Errorf("AddProcess %s CreateProcessInComputeSystem() failed %s", containerID, err)
+		return err
+	}
+
+	// Convert io.ReadClosers to io.Readers
+	if stdout != nil {
+		iopipe.Stdout = openReaderFromPipe(stdout)
+	}
+	if stderr != nil {
+		iopipe.Stderr = openReaderFromPipe(stderr)
+	}
+
+	// Add the process to the containers list of processes
+	container.processes[processFriendlyName] =
+		&process{
+			processCommon: processCommon{
+				containerID:  containerID,
+				friendlyName: processFriendlyName,
+				client:       clnt,
+				systemPid:    pid,
+			},
+			commandLine: createProcessParms.CommandLine,
+		}
+
+	// Make sure the lock is not held while calling back into the daemon
+	clnt.unlock(containerID)
+
+	// Tell the engine to attach streams back to the client
+	if err := clnt.backend.AttachStreams(processFriendlyName, *iopipe); err != nil {
+		return err
+	}
+
+	// Lock again so that the defer unlock doesn't fail. (I really don't like this code)
+	clnt.lock(containerID)
+
+	// Spin up a go routine waiting for exit to handle cleanup
+	go container.waitExit(pid, processFriendlyName, false)
+
+	return nil
+}
+
+// Signal handles `docker stop` on Windows. While Linux has support for
+// the full range of signals, signals aren't really implemented on Windows.
+// We fake supporting regular stop and -9 to force kill.
+func (clnt *client) Signal(containerID string, sig int) error {
+	var (
+		cont *container
+		err  error
+	)
+
+	// Get the container as we need it to find the pid of the process.
+	clnt.lock(containerID)
+	defer clnt.unlock(containerID)
+	if cont, err = clnt.getContainer(containerID); err != nil {
+		return err
+	}
+
+	logrus.Debugf("lcd: Signal() containerID=%s sig=%d pid=%d", containerID, sig, cont.systemPid)
+	context := fmt.Sprintf("Signal: sig=%d pid=%d", sig, cont.systemPid)
+
+	if syscall.Signal(sig) == syscall.SIGKILL {
+		// Terminate the compute system
+		if err := hcsshim.TerminateComputeSystem(containerID, hcsshim.TimeoutInfinite, context); err != nil {
+			logrus.Errorf("Failed to terminate %s - %q", containerID, err)
+		}
+
+	} else {
+		// Terminate Process
+		if err = hcsshim.TerminateProcessInComputeSystem(containerID, cont.systemPid); err != nil {
+			logrus.Warnf("Failed to terminate pid %d in %s: %q", cont.systemPid, containerID, err)
+			// Ignore errors
+			err = nil
+		}
+
+		// Shutdown the compute system
+		if err := hcsshim.ShutdownComputeSystem(containerID, hcsshim.TimeoutInfinite, context); err != nil {
+			logrus.Errorf("Failed to shutdown %s - %q", containerID, err)
+		}
+	}
+	return nil
+}
+
+// Resize handles a CLI event to resize an interactive docker run or docker exec
+// window.
+func (clnt *client) Resize(containerID, processFriendlyName string, width, height int) error {
+	// Get the libcontainerd container object
+	clnt.lock(containerID)
+	defer clnt.unlock(containerID)
+	cont, err := clnt.getContainer(containerID)
+	if err != nil {
+		return err
+	}
+
+	if processFriendlyName == InitFriendlyName {
+		logrus.Debugln("Resizing systemPID in", containerID, cont.process.systemPid)
+		return hcsshim.ResizeConsoleInComputeSystem(containerID, cont.process.systemPid, height, width)
+	}
+
+	for _, p := range cont.processes {
+		if p.friendlyName == processFriendlyName {
+			logrus.Debugln("Resizing exec'd process", containerID, p.systemPid)
+			return hcsshim.ResizeConsoleInComputeSystem(containerID, p.systemPid, height, width)
+		}
+	}
+
+	return fmt.Errorf("Resize could not find containerID %s to resize", containerID)
+
+}
+
+// Pause handles pause requests for containers
+func (clnt *client) Pause(containerID string) error {
+	return errors.New("Windows: Containers cannot be paused")
+}
+
+// Resume handles resume requests for containers
+func (clnt *client) Resume(containerID string) error {
+	return errors.New("Windows: Containers cannot be paused")
+}
+
+// Stats handles stats requests for containers
+func (clnt *client) Stats(containerID string) (*Stats, error) {
+	return nil, errors.New("Windows: Stats not implemented")
+}
+
+// Restore is the handler for restoring a container
+func (clnt *client) Restore(containerID string, unusedOnWindows ...CreateOption) error {
+	// TODO Windows: Implement this. For now, just tell the backend the container exited.
+	logrus.Debugf("lcd Restore %s", containerID)
+	return clnt.backend.StateChanged(containerID, StateInfo{
+		State:    StateExit,
+		ExitCode: 1 << 31,
+	})
+}
+
+// GetPidsForContainer returns a list of process IDs running in a container.
+// Although implemented, this is not used in Windows.
+func (clnt *client) GetPidsForContainer(containerID string) ([]int, error) {
+	var pids []int
+	clnt.lock(containerID)
+	defer clnt.unlock(containerID)
+	cont, err := clnt.getContainer(containerID)
+	if err != nil {
+		return nil, err
+	}
+
+	// Add the first process
+	pids = append(pids, int(cont.containerCommon.systemPid))
+	// And add all the exec'd processes
+	for _, p := range cont.processes {
+		pids = append(pids, int(p.processCommon.systemPid))
+	}
+	return pids, nil
+}
+
+// Summary returns a summary of the processes running in a container.
+// This is present in Windows to support docker top. In linux, the
+// engine shells out to ps to get process information. On Windows, as
+// the containers could be Hyper-V containers, they would not be
+// visible on the container host. However, libcontainerd does have
+// that information.
+func (clnt *client) Summary(containerID string) ([]Summary, error) {
+	var s []Summary
+	clnt.lock(containerID)
+	defer clnt.unlock(containerID)
+	cont, err := clnt.getContainer(containerID)
+	if err != nil {
+		return nil, err
+	}
+
+	// Add the first process
+	s = append(s, Summary{
+		Pid:     cont.containerCommon.systemPid,
+		Command: cont.ociSpec.Process.Args[0]})
+	// And add all the exec'd processes
+	for _, p := range cont.processes {
+		s = append(s, Summary{
+			Pid:     p.processCommon.systemPid,
+			Command: p.commandLine})
+	}
+	return s, nil
+
+}
+
+// UpdateResources updates resources for a running container.
+func (clnt *client) UpdateResources(containerID string, resources Resources) error {
+	// Updating resource isn't supported on Windows
+	// but we should return nil for enabling updating container
+	return nil
+}
diff --git a/libcontainerd/container.go b/libcontainerd/container.go
new file mode 100644
index 00000000..30bc9502
--- /dev/null
+++ b/libcontainerd/container.go
@@ -0,0 +1,40 @@
+package libcontainerd
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/docker/docker/restartmanager"
+)
+
+const (
+	// InitFriendlyName is the name given in the lookup map of processes
+	// for the first process started in a container.
+	InitFriendlyName = "init"
+	configFilename   = "config.json"
+)
+
+type containerCommon struct {
+	process
+	restartManager restartmanager.RestartManager
+	restarting     bool
+	processes      map[string]*process
+	startedAt      time.Time
+}
+
+// WithRestartManager sets the restartmanager to be used with the container.
+func WithRestartManager(rm restartmanager.RestartManager) CreateOption {
+	return restartManager{rm}
+}
+
+type restartManager struct {
+	rm restartmanager.RestartManager
+}
+
+func (rm restartManager) Apply(p interface{}) error {
+	if pr, ok := p.(*container); ok {
+		pr.restartManager = rm.rm
+		return nil
+	}
+	return fmt.Errorf("WithRestartManager option not supported for this client")
+}
diff --git a/libcontainerd/container_linux.go b/libcontainerd/container_linux.go
new file mode 100644
index 00000000..8a49cde2
--- /dev/null
+++ b/libcontainerd/container_linux.go
@@ -0,0 +1,209 @@
+package libcontainerd
+
+import (
+	"encoding/json"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"syscall"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	containerd "github.com/docker/containerd/api/grpc/types"
+	"github.com/docker/docker/restartmanager"
+	"github.com/opencontainers/specs/specs-go"
+	"golang.org/x/net/context"
+)
+
+type container struct {
+	containerCommon
+
+	// Platform specific fields are below here.
+	pauseMonitor
+	oom bool
+}
+
+func (ctr *container) clean() error {
+	if os.Getenv("LIBCONTAINERD_NOCLEAN") == "1" {
+		return nil
+	}
+	if _, err := os.Lstat(ctr.dir); err != nil {
+		if os.IsNotExist(err) {
+			return nil
+		}
+		return err
+	}
+
+	if err := os.RemoveAll(ctr.dir); err != nil {
+		return err
+	}
+	return nil
+}
+
+// cleanProcess removes the fifos used by an additional process.
+// Caller needs to lock container ID before calling this method.
+func (ctr *container) cleanProcess(id string) {
+	if p, ok := ctr.processes[id]; ok {
+		for _, i := range []int{syscall.Stdin, syscall.Stdout, syscall.Stderr} {
+			if err := os.Remove(p.fifo(i)); err != nil {
+				logrus.Warnf("failed to remove %v for process %v: %v", p.fifo(i), id, err)
+			}
+		}
+	}
+	delete(ctr.processes, id)
+}
+
+func (ctr *container) spec() (*specs.Spec, error) {
+	var spec specs.Spec
+	dt, err := ioutil.ReadFile(filepath.Join(ctr.dir, configFilename))
+	if err != nil {
+		return nil, err
+	}
+	if err := json.Unmarshal(dt, &spec); err != nil {
+		return nil, err
+	}
+	return &spec, nil
+}
+
+func (ctr *container) start() error {
+	spec, err := ctr.spec()
+	if err != nil {
+		return nil
+	}
+	iopipe, err := ctr.openFifos(spec.Process.Terminal)
+	if err != nil {
+		return err
+	}
+
+	r := &containerd.CreateContainerRequest{
+		Id:         ctr.containerID,
+		BundlePath: ctr.dir,
+		Stdin:      ctr.fifo(syscall.Stdin),
+		Stdout:     ctr.fifo(syscall.Stdout),
+		Stderr:     ctr.fifo(syscall.Stderr),
+		// check to see if we are running in ramdisk to disable pivot root
+		NoPivotRoot: os.Getenv("DOCKER_RAMDISK") != "",
+	}
+	ctr.client.appendContainer(ctr)
+
+	resp, err := ctr.client.remote.apiClient.CreateContainer(context.Background(), r)
+	if err != nil {
+		ctr.closeFifos(iopipe)
+		return err
+	}
+	ctr.startedAt = time.Now()
+
+	if err := ctr.client.backend.AttachStreams(ctr.containerID, *iopipe); err != nil {
+		return err
+	}
+	ctr.systemPid = systemPid(resp.Container)
+
+	return ctr.client.backend.StateChanged(ctr.containerID, StateInfo{
+		State: StateStart,
+		Pid:   ctr.systemPid,
+	})
+}
+
+func (ctr *container) newProcess(friendlyName string) *process {
+	return &process{
+		dir: ctr.dir,
+		processCommon: processCommon{
+			containerID:  ctr.containerID,
+			friendlyName: friendlyName,
+			client:       ctr.client,
+		},
+	}
+}
+
+func (ctr *container) handleEvent(e *containerd.Event) error {
+	ctr.client.lock(ctr.containerID)
+	defer ctr.client.unlock(ctr.containerID)
+	switch e.Type {
+	case StateExit, StatePause, StateResume, StateOOM:
+		st := StateInfo{
+			State:     e.Type,
+			ExitCode:  e.Status,
+			OOMKilled: e.Type == StateExit && ctr.oom,
+		}
+		if e.Type == StateOOM {
+			ctr.oom = true
+		}
+		if e.Type == StateExit && e.Pid != InitFriendlyName {
+			st.ProcessID = e.Pid
+			st.State = StateExitProcess
+		}
+		if st.State == StateExit && ctr.restartManager != nil {
+			restart, wait, err := ctr.restartManager.ShouldRestart(e.Status, false, time.Since(ctr.startedAt))
+			if err != nil {
+				logrus.Warnf("container %s %v", ctr.containerID, err)
+			} else if restart {
+				st.State = StateRestart
+				ctr.restarting = true
+				ctr.client.deleteContainer(e.Id)
+				go func() {
+					err := <-wait
+					ctr.client.lock(ctr.containerID)
+					defer ctr.client.unlock(ctr.containerID)
+					ctr.restarting = false
+					if err != nil {
+						st.State = StateExit
+						ctr.clean()
+						ctr.client.q.append(e.Id, func() {
+							if err := ctr.client.backend.StateChanged(e.Id, st); err != nil {
+								logrus.Error(err)
+							}
+						})
+						if err != restartmanager.ErrRestartCanceled {
+							logrus.Error(err)
+						}
+					} else {
+						ctr.start()
+					}
+				}()
+			}
+		}
+
+		// Remove process from list if we have exited
+		// We need to do so here in case the Message Handler decides to restart it.
+		switch st.State {
+		case StateExit:
+			ctr.clean()
+			ctr.client.deleteContainer(e.Id)
+		case StateExitProcess:
+			ctr.cleanProcess(st.ProcessID)
+		}
+		ctr.client.q.append(e.Id, func() {
+			if err := ctr.client.backend.StateChanged(e.Id, st); err != nil {
+				logrus.Error(err)
+			}
+			if e.Type == StatePause || e.Type == StateResume {
+				ctr.pauseMonitor.handle(e.Type)
+			}
+			if e.Type == StateExit {
+				if en := ctr.client.getExitNotifier(e.Id); en != nil {
+					en.close()
+				}
+			}
+		})
+
+	default:
+		logrus.Debugf("event unhandled: %+v", e)
+	}
+	return nil
+}
+
+// discardFifos attempts to fully read the container fifos to unblock processes
+// that may be blocked on the writer side.
+func (ctr *container) discardFifos() {
+	for _, i := range []int{syscall.Stdout, syscall.Stderr} {
+		f := ctr.fifo(i)
+		c := make(chan struct{})
+		go func() {
+			close(c) // this channel is used to not close the writer too early, before readonly open has been called.
+			io.Copy(ioutil.Discard, openReaderFromFifo(f))
+		}()
+		<-c
+		closeReaderFifo(f) // avoid blocking permanently on open if there is no writer side
+	}
+}
diff --git a/libcontainerd/container_windows.go b/libcontainerd/container_windows.go
new file mode 100644
index 00000000..b07141ab
--- /dev/null
+++ b/libcontainerd/container_windows.go
@@ -0,0 +1,206 @@
+package libcontainerd
+
+import (
+	"io"
+	"strings"
+	"syscall"
+	"time"
+
+	"github.com/Microsoft/hcsshim"
+	"github.com/Sirupsen/logrus"
+)
+
+type container struct {
+	containerCommon
+
+	// Platform specific fields are below here. There are none presently on Windows.
+	options []CreateOption
+
+	// The ociSpec is required, as client.Create() needs a spec,
+	// but can be called from the RestartManager context which does not
+	// otherwise have access to the Spec
+	ociSpec Spec
+}
+
+func (ctr *container) newProcess(friendlyName string) *process {
+	return &process{
+		processCommon: processCommon{
+			containerID:  ctr.containerID,
+			friendlyName: friendlyName,
+			client:       ctr.client,
+		},
+	}
+}
+
+func (ctr *container) start() error {
+	var err error
+
+	// Start the container
+	logrus.Debugln("Starting container ", ctr.containerID)
+	if err = hcsshim.StartComputeSystem(ctr.containerID); err != nil {
+		logrus.Errorf("Failed to start compute system: %s", err)
+		return err
+	}
+
+	createProcessParms := hcsshim.CreateProcessParams{
+		EmulateConsole:   ctr.ociSpec.Process.Terminal,
+		WorkingDirectory: ctr.ociSpec.Process.Cwd,
+		ConsoleSize:      ctr.ociSpec.Process.InitialConsoleSize,
+	}
+
+	// Configure the environment for the process
+	createProcessParms.Environment = setupEnvironmentVariables(ctr.ociSpec.Process.Env)
+	createProcessParms.CommandLine = strings.Join(ctr.ociSpec.Process.Args, " ")
+
+	iopipe := &IOPipe{Terminal: ctr.ociSpec.Process.Terminal}
+
+	// Start the command running in the container. Note we always tell HCS to
+	// create stdout as it's required regardless of '-i' or '-t' options, so that
+	// docker can always grab the output through logs. We also tell HCS to always
+	// create stdin, even if it's not used - it will be closed shortly. Stderr
+	// is only created if it we're not -t.
+	var pid uint32
+	var stdout, stderr io.ReadCloser
+	pid, iopipe.Stdin, stdout, stderr, err = hcsshim.CreateProcessInComputeSystem(
+		ctr.containerID,
+		true,
+		true,
+		!ctr.ociSpec.Process.Terminal,
+		createProcessParms)
+	if err != nil {
+		logrus.Errorf("CreateProcessInComputeSystem() failed %s", err)
+
+		// Explicitly terminate the compute system here.
+		if err2 := hcsshim.TerminateComputeSystem(ctr.containerID, hcsshim.TimeoutInfinite, "CreateProcessInComputeSystem failed"); err2 != nil {
+			// Ignore this error, there's not a lot we can do except log it
+			logrus.Warnf("Failed to TerminateComputeSystem after a failed CreateProcessInComputeSystem. Ignoring this.", err2)
+		} else {
+			logrus.Debugln("Cleaned up after failed CreateProcessInComputeSystem by calling TerminateComputeSystem")
+		}
+		return err
+	}
+	ctr.startedAt = time.Now()
+
+	// Convert io.ReadClosers to io.Readers
+	if stdout != nil {
+		iopipe.Stdout = openReaderFromPipe(stdout)
+	}
+	if stderr != nil {
+		iopipe.Stderr = openReaderFromPipe(stderr)
+	}
+
+	// Save the PID
+	logrus.Debugf("Process started - PID %d", pid)
+	ctr.systemPid = uint32(pid)
+
+	// Spin up a go routine waiting for exit to handle cleanup
+	go ctr.waitExit(pid, InitFriendlyName, true)
+
+	ctr.client.appendContainer(ctr)
+
+	if err := ctr.client.backend.AttachStreams(ctr.containerID, *iopipe); err != nil {
+		// OK to return the error here, as waitExit will handle tear-down in HCS
+		return err
+	}
+
+	// Tell the docker engine that the container has started.
+	si := StateInfo{
+		State: StateStart,
+		Pid:   ctr.systemPid, // Not sure this is needed? Double-check monitor.go in daemon BUGBUG @jhowardmsft
+	}
+	return ctr.client.backend.StateChanged(ctr.containerID, si)
+
+}
+
+// waitExit runs as a goroutine waiting for the process to exit. It's
+// equivalent to (in the linux containerd world) where events come in for
+// state change notifications from containerd.
+func (ctr *container) waitExit(pid uint32, processFriendlyName string, isFirstProcessToStart bool) error {
+	logrus.Debugln("waitExit on pid", pid)
+
+	// Block indefinitely for the process to exit.
+	exitCode, err := hcsshim.WaitForProcessInComputeSystem(ctr.containerID, pid, hcsshim.TimeoutInfinite)
+	if err != nil {
+		if herr, ok := err.(*hcsshim.HcsError); ok && herr.Err != syscall.ERROR_BROKEN_PIPE {
+			logrus.Warnf("WaitForProcessInComputeSystem failed (container may have been killed): %s", err)
+		}
+		// Fall through here, do not return. This ensures we attempt to continue the
+		// shutdown in HCS nad tell the docker engine that the process/container
+		// has exited to avoid a container being dropped on the floor.
+	}
+
+	// Assume the container has exited
+	si := StateInfo{
+		State:     StateExit,
+		ExitCode:  uint32(exitCode),
+		Pid:       pid,
+		ProcessID: processFriendlyName,
+	}
+
+	// But it could have been an exec'd process which exited
+	if !isFirstProcessToStart {
+		si.State = StateExitProcess
+	}
+
+	// If this is the init process, always call into vmcompute.dll to
+	// shutdown the container after we have completed.
+	if isFirstProcessToStart {
+		logrus.Debugf("Shutting down container %s", ctr.containerID)
+		// Explicit timeout here rather than hcsshim.TimeoutInfinte to avoid a
+		// (remote) possibility that ShutdownComputeSystem hangs indefinitely.
+		const shutdownTimeout = 5 * 60 * 1000 // 5 minutes
+		if err := hcsshim.ShutdownComputeSystem(ctr.containerID, shutdownTimeout, "waitExit"); err != nil {
+			if herr, ok := err.(*hcsshim.HcsError); !ok ||
+				(herr.Err != hcsshim.ERROR_SHUTDOWN_IN_PROGRESS &&
+					herr.Err != ErrorBadPathname &&
+					herr.Err != syscall.ERROR_PATH_NOT_FOUND) {
+				logrus.Warnf("Ignoring error from ShutdownComputeSystem %s", err)
+			}
+		} else {
+			logrus.Debugf("Completed shutting down container %s", ctr.containerID)
+		}
+
+		// BUGBUG - Is taking the lock necessary here? Should it just be taken for
+		// the deleteContainer call, not for the restart logic? @jhowardmsft
+		ctr.client.lock(ctr.containerID)
+		defer ctr.client.unlock(ctr.containerID)
+
+		if si.State == StateExit && ctr.restartManager != nil {
+			restart, wait, err := ctr.restartManager.ShouldRestart(uint32(exitCode), false, time.Since(ctr.startedAt))
+			if err != nil {
+				logrus.Error(err)
+			} else if restart {
+				si.State = StateRestart
+				ctr.restarting = true
+				go func() {
+					err := <-wait
+					ctr.restarting = false
+					if err != nil {
+						si.State = StateExit
+						if err := ctr.client.backend.StateChanged(ctr.containerID, si); err != nil {
+							logrus.Error(err)
+						}
+						logrus.Error(err)
+					} else {
+						ctr.client.Create(ctr.containerID, ctr.ociSpec, ctr.options...)
+					}
+				}()
+			}
+		}
+
+		// Remove process from list if we have exited
+		// We need to do so here in case the Message Handler decides to restart it.
+		if si.State == StateExit {
+			ctr.client.deleteContainer(ctr.friendlyName)
+		}
+	}
+
+	// Call into the backend to notify it of the state change.
+	logrus.Debugf("waitExit() calling backend.StateChanged %v", si)
+	if err := ctr.client.backend.StateChanged(ctr.containerID, si); err != nil {
+		logrus.Error(err)
+	}
+
+	logrus.Debugln("waitExit() completed OK")
+	return nil
+}
diff --git a/libcontainerd/pausemonitor_linux.go b/libcontainerd/pausemonitor_linux.go
new file mode 100644
index 00000000..379cbf1f
--- /dev/null
+++ b/libcontainerd/pausemonitor_linux.go
@@ -0,0 +1,31 @@
+package libcontainerd
+
+// pauseMonitor is helper to get notifications from pause state changes.
+type pauseMonitor struct {
+	waiters map[string][]chan struct{}
+}
+
+func (m *pauseMonitor) handle(t string) {
+	if m.waiters == nil {
+		return
+	}
+	q, ok := m.waiters[t]
+	if !ok {
+		return
+	}
+	if len(q) > 0 {
+		close(q[0])
+		m.waiters[t] = q[1:]
+	}
+}
+
+func (m *pauseMonitor) append(t string, waiter chan struct{}) {
+	if m.waiters == nil {
+		m.waiters = make(map[string][]chan struct{})
+	}
+	_, ok := m.waiters[t]
+	if !ok {
+		m.waiters[t] = make([]chan struct{}, 0)
+	}
+	m.waiters[t] = append(m.waiters[t], waiter)
+}
diff --git a/libcontainerd/process.go b/libcontainerd/process.go
new file mode 100644
index 00000000..57562c87
--- /dev/null
+++ b/libcontainerd/process.go
@@ -0,0 +1,18 @@
+package libcontainerd
+
+// processCommon are the platform common fields as part of the process structure
+// which keeps the state for the main container process, as well as any exec
+// processes.
+type processCommon struct {
+	client *client
+
+	// containerID is the Container ID
+	containerID string
+
+	// friendlyName is an identifier for the process (or `InitFriendlyName`
+	// for the first process)
+	friendlyName string
+
+	// systemPid is the PID of the main container process
+	systemPid uint32
+}
diff --git a/libcontainerd/process_linux.go b/libcontainerd/process_linux.go
new file mode 100644
index 00000000..3c48576f
--- /dev/null
+++ b/libcontainerd/process_linux.go
@@ -0,0 +1,110 @@
+package libcontainerd
+
+import (
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+	"syscall"
+
+	containerd "github.com/docker/containerd/api/grpc/types"
+	"github.com/docker/docker/pkg/ioutils"
+	"golang.org/x/net/context"
+)
+
+var fdNames = map[int]string{
+	syscall.Stdin:  "stdin",
+	syscall.Stdout: "stdout",
+	syscall.Stderr: "stderr",
+}
+
+// process keeps the state for both main container process and exec process.
+type process struct {
+	processCommon
+
+	// Platform specific fields are below here.
+	dir string
+}
+
+func (p *process) openFifos(terminal bool) (*IOPipe, error) {
+	bundleDir := p.dir
+	if err := os.MkdirAll(bundleDir, 0700); err != nil {
+		return nil, err
+	}
+
+	for i := 0; i < 3; i++ {
+		f := p.fifo(i)
+		if err := syscall.Mkfifo(f, 0700); err != nil && !os.IsExist(err) {
+			return nil, fmt.Errorf("mkfifo: %s %v", f, err)
+		}
+	}
+
+	io := &IOPipe{}
+	stdinf, err := os.OpenFile(p.fifo(syscall.Stdin), syscall.O_RDWR, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	io.Stdout = openReaderFromFifo(p.fifo(syscall.Stdout))
+	if !terminal {
+		io.Stderr = openReaderFromFifo(p.fifo(syscall.Stderr))
+	} else {
+		io.Stderr = emptyReader{}
+	}
+
+	io.Stdin = ioutils.NewWriteCloserWrapper(stdinf, func() error {
+		stdinf.Close()
+		_, err := p.client.remote.apiClient.UpdateProcess(context.Background(), &containerd.UpdateProcessRequest{
+			Id:         p.containerID,
+			Pid:        p.friendlyName,
+			CloseStdin: true,
+		})
+		return err
+	})
+
+	return io, nil
+}
+
+func (p *process) closeFifos(io *IOPipe) {
+	io.Stdin.Close()
+	closeReaderFifo(p.fifo(syscall.Stdout))
+	closeReaderFifo(p.fifo(syscall.Stderr))
+}
+
+type emptyReader struct{}
+
+func (r emptyReader) Read(b []byte) (int, error) {
+	return 0, io.EOF
+}
+
+func openReaderFromFifo(fn string) io.Reader {
+	r, w := io.Pipe()
+	c := make(chan struct{})
+	go func() {
+		close(c)
+		stdoutf, err := os.OpenFile(fn, syscall.O_RDONLY, 0)
+		if err != nil {
+			r.CloseWithError(err)
+		}
+		if _, err := io.Copy(w, stdoutf); err != nil {
+			r.CloseWithError(err)
+		}
+		w.Close()
+		stdoutf.Close()
+	}()
+	<-c // wait for the goroutine to get scheduled and syscall to block
+	return r
+}
+
+// closeReaderFifo closes fifo that may be blocked on open by opening the write side.
+func closeReaderFifo(fn string) {
+	f, err := os.OpenFile(fn, syscall.O_WRONLY|syscall.O_NONBLOCK, 0)
+	if err != nil {
+		return
+	}
+	f.Close()
+}
+
+func (p *process) fifo(index int) string {
+	return filepath.Join(p.dir, p.friendlyName+"-"+fdNames[index])
+}
diff --git a/libcontainerd/process_windows.go b/libcontainerd/process_windows.go
new file mode 100644
index 00000000..0371aec9
--- /dev/null
+++ b/libcontainerd/process_windows.go
@@ -0,0 +1,27 @@
+package libcontainerd
+
+import (
+	"io"
+)
+
+// process keeps the state for both main container process and exec process.
+type process struct {
+	processCommon
+
+	// Platform specific fields are below here.
+
+	// commandLine is to support returning summary information for docker top
+	commandLine string
+}
+
+func openReaderFromPipe(p io.ReadCloser) io.Reader {
+	r, w := io.Pipe()
+	go func() {
+		if _, err := io.Copy(w, p); err != nil {
+			r.CloseWithError(err)
+		}
+		w.Close()
+		p.Close()
+	}()
+	return r
+}
diff --git a/libcontainerd/queue_linux.go b/libcontainerd/queue_linux.go
new file mode 100644
index 00000000..34bc81d2
--- /dev/null
+++ b/libcontainerd/queue_linux.go
@@ -0,0 +1,29 @@
+package libcontainerd
+
+import "sync"
+
+type queue struct {
+	sync.Mutex
+	fns map[string]chan struct{}
+}
+
+func (q *queue) append(id string, f func()) {
+	q.Lock()
+	defer q.Unlock()
+
+	if q.fns == nil {
+		q.fns = make(map[string]chan struct{})
+	}
+
+	done := make(chan struct{})
+
+	fn, ok := q.fns[id]
+	q.fns[id] = done
+	go func() {
+		if ok {
+			<-fn
+		}
+		f()
+		close(done)
+	}()
+}
diff --git a/libcontainerd/remote.go b/libcontainerd/remote.go
new file mode 100644
index 00000000..a679edcf
--- /dev/null
+++ b/libcontainerd/remote.go
@@ -0,0 +1,18 @@
+package libcontainerd
+
+// Remote on Linux defines the accesspoint to the containerd grpc API.
+// Remote on Windows is largely an unimplemented interface as there is
+// no remote containerd.
+type Remote interface {
+	// Client returns a new Client instance connected with given Backend.
+	Client(Backend) (Client, error)
+	// Cleanup stops containerd if it was started by libcontainerd.
+	// Note this is not used on Windows as there is no remote containerd.
+	Cleanup()
+}
+
+// RemoteOption allows to configure paramters of remotes.
+// This is unused on Windows.
+type RemoteOption interface {
+	Apply(Remote) error
+}
diff --git a/libcontainerd/remote_linux.go b/libcontainerd/remote_linux.go
new file mode 100644
index 00000000..12ce0e10
--- /dev/null
+++ b/libcontainerd/remote_linux.go
@@ -0,0 +1,449 @@
+package libcontainerd
+
+import (
+	"fmt"
+	"io"
+	"io/ioutil"
+	"log"
+	"net"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"strconv"
+	"strings"
+	"sync"
+	"syscall"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	containerd "github.com/docker/containerd/api/grpc/types"
+	"github.com/docker/docker/pkg/locker"
+	sysinfo "github.com/docker/docker/pkg/system"
+	"github.com/docker/docker/utils"
+	"golang.org/x/net/context"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/transport"
+)
+
+const (
+	maxConnectionRetryCount   = 3
+	connectionRetryDelay      = 3 * time.Second
+	containerdShutdownTimeout = 15 * time.Second
+	containerdBinary          = "docker-containerd"
+	containerdPidFilename     = "docker-containerd.pid"
+	containerdSockFilename    = "docker-containerd.sock"
+	eventTimestampFilename    = "event.ts"
+)
+
+type remote struct {
+	sync.RWMutex
+	apiClient     containerd.APIClient
+	daemonPid     int
+	stateDir      string
+	rpcAddr       string
+	startDaemon   bool
+	closeManually bool
+	debugLog      bool
+	rpcConn       *grpc.ClientConn
+	clients       []*client
+	eventTsPath   string
+	pastEvents    map[string]*containerd.Event
+	runtimeArgs   []string
+}
+
+// New creates a fresh instance of libcontainerd remote.
+func New(stateDir string, options ...RemoteOption) (_ Remote, err error) {
+	defer func() {
+		if err != nil {
+			err = fmt.Errorf("Failed to connect to containerd. Please make sure containerd is installed in your PATH or you have specificed the correct address. Got error: %v", err)
+		}
+	}()
+	r := &remote{
+		stateDir:    stateDir,
+		daemonPid:   -1,
+		eventTsPath: filepath.Join(stateDir, eventTimestampFilename),
+		pastEvents:  make(map[string]*containerd.Event),
+	}
+	for _, option := range options {
+		if err := option.Apply(r); err != nil {
+			return nil, err
+		}
+	}
+
+	if err := sysinfo.MkdirAll(stateDir, 0700); err != nil {
+		return nil, err
+	}
+
+	if r.rpcAddr == "" {
+		r.rpcAddr = filepath.Join(stateDir, containerdSockFilename)
+	}
+
+	if r.startDaemon {
+		if err := r.runContainerdDaemon(); err != nil {
+			return nil, err
+		}
+	}
+
+	// don't output the grpc reconnect logging
+	grpclog.SetLogger(log.New(ioutil.Discard, "", log.LstdFlags))
+	dialOpts := append([]grpc.DialOption{grpc.WithInsecure()},
+		grpc.WithDialer(func(addr string, timeout time.Duration) (net.Conn, error) {
+			return net.DialTimeout("unix", addr, timeout)
+		}),
+	)
+	conn, err := grpc.Dial(r.rpcAddr, dialOpts...)
+	if err != nil {
+		return nil, fmt.Errorf("error connecting to containerd: %v", err)
+	}
+
+	r.rpcConn = conn
+	r.apiClient = containerd.NewAPIClient(conn)
+
+	go r.handleConnectionChange()
+
+	if err := r.startEventsMonitor(); err != nil {
+		return nil, err
+	}
+
+	return r, nil
+}
+
+func (r *remote) handleConnectionChange() {
+	var transientFailureCount = 0
+	state := grpc.Idle
+	for {
+		s, err := r.rpcConn.WaitForStateChange(context.Background(), state)
+		if err != nil {
+			break
+		}
+		state = s
+		logrus.Debugf("containerd connection state change: %v", s)
+
+		if r.daemonPid != -1 {
+			switch state {
+			case grpc.TransientFailure:
+				// Reset state to be notified of next failure
+				transientFailureCount++
+				if transientFailureCount >= maxConnectionRetryCount {
+					transientFailureCount = 0
+					if utils.IsProcessAlive(r.daemonPid) {
+						utils.KillProcess(r.daemonPid)
+					}
+					if err := r.runContainerdDaemon(); err != nil { //FIXME: Handle error
+						logrus.Errorf("error restarting containerd: %v", err)
+					}
+				} else {
+					state = grpc.Idle
+					time.Sleep(connectionRetryDelay)
+				}
+			case grpc.Shutdown:
+				// Well, we asked for it to stop, just return
+				return
+			}
+		}
+	}
+}
+
+func (r *remote) Cleanup() {
+	if r.daemonPid == -1 {
+		return
+	}
+	r.closeManually = true
+	r.rpcConn.Close()
+	// Ask the daemon to quit
+	syscall.Kill(r.daemonPid, syscall.SIGTERM)
+
+	// Wait up to 15secs for it to stop
+	for i := time.Duration(0); i < containerdShutdownTimeout; i += time.Second {
+		if !utils.IsProcessAlive(r.daemonPid) {
+			break
+		}
+		time.Sleep(time.Second)
+	}
+
+	if utils.IsProcessAlive(r.daemonPid) {
+		logrus.Warnf("libcontainerd: containerd (%d) didn't stop within 15 secs, killing it\n", r.daemonPid)
+		syscall.Kill(r.daemonPid, syscall.SIGKILL)
+	}
+
+	// cleanup some files
+	os.Remove(filepath.Join(r.stateDir, containerdPidFilename))
+	os.Remove(filepath.Join(r.stateDir, containerdSockFilename))
+}
+
+func (r *remote) Client(b Backend) (Client, error) {
+	c := &client{
+		clientCommon: clientCommon{
+			backend:    b,
+			containers: make(map[string]*container),
+			locker:     locker.New(),
+		},
+		remote:        r,
+		exitNotifiers: make(map[string]*exitNotifier),
+	}
+
+	r.Lock()
+	r.clients = append(r.clients, c)
+	r.Unlock()
+	return c, nil
+}
+
+func (r *remote) updateEventTimestamp(t time.Time) {
+	f, err := os.OpenFile(r.eventTsPath, syscall.O_CREAT|syscall.O_WRONLY|syscall.O_TRUNC, 0600)
+	defer f.Close()
+	if err != nil {
+		logrus.Warnf("libcontainerd: failed to open event timestamp file: %v", err)
+		return
+	}
+
+	b, err := t.MarshalText()
+	if err != nil {
+		logrus.Warnf("libcontainerd: failed to encode timestamp: %v", err)
+		return
+	}
+
+	n, err := f.Write(b)
+	if err != nil || n != len(b) {
+		logrus.Warnf("libcontainerd: failed to update event timestamp file: %v", err)
+		f.Truncate(0)
+		return
+	}
+
+}
+
+func (r *remote) getLastEventTimestamp() int64 {
+	t := time.Now()
+
+	fi, err := os.Stat(r.eventTsPath)
+	if os.IsNotExist(err) || fi.Size() == 0 {
+		return t.Unix()
+	}
+
+	f, err := os.Open(r.eventTsPath)
+	defer f.Close()
+	if err != nil {
+		logrus.Warn("libcontainerd: Unable to access last event ts: %v", err)
+		return t.Unix()
+	}
+
+	b := make([]byte, fi.Size())
+	n, err := f.Read(b)
+	if err != nil || n != len(b) {
+		logrus.Warn("libcontainerd: Unable to read last event ts: %v", err)
+		return t.Unix()
+	}
+
+	t.UnmarshalText(b)
+
+	return t.Unix()
+}
+
+func (r *remote) startEventsMonitor() error {
+	// First, get past events
+	er := &containerd.EventsRequest{
+		Timestamp: uint64(r.getLastEventTimestamp()),
+	}
+	events, err := r.apiClient.Events(context.Background(), er)
+	if err != nil {
+		return err
+	}
+	go r.handleEventStream(events)
+	return nil
+}
+
+func (r *remote) handleEventStream(events containerd.API_EventsClient) {
+	live := false
+	for {
+		e, err := events.Recv()
+		if err != nil {
+			if grpc.ErrorDesc(err) == transport.ErrConnClosing.Desc &&
+				r.closeManually {
+				// ignore error if grpc remote connection is closed manually
+				return
+			}
+			logrus.Errorf("failed to receive event from containerd: %v", err)
+			go r.startEventsMonitor()
+			return
+		}
+
+		if live == false {
+			logrus.Debugf("received past containerd event: %#v", e)
+
+			// Pause/Resume events should never happens after exit one
+			switch e.Type {
+			case StateExit:
+				r.pastEvents[e.Id] = e
+			case StatePause:
+				r.pastEvents[e.Id] = e
+			case StateResume:
+				r.pastEvents[e.Id] = e
+			case stateLive:
+				live = true
+				r.updateEventTimestamp(time.Unix(int64(e.Timestamp), 0))
+			}
+		} else {
+			logrus.Debugf("received containerd event: %#v", e)
+
+			var container *container
+			var c *client
+			r.RLock()
+			for _, c = range r.clients {
+				container, err = c.getContainer(e.Id)
+				if err == nil {
+					break
+				}
+			}
+			r.RUnlock()
+			if container == nil {
+				logrus.Errorf("no state for container: %q", err)
+				continue
+			}
+
+			if err := container.handleEvent(e); err != nil {
+				logrus.Errorf("error processing state change for %s: %v", e.Id, err)
+			}
+
+			r.updateEventTimestamp(time.Unix(int64(e.Timestamp), 0))
+		}
+	}
+}
+
+func (r *remote) runContainerdDaemon() error {
+	pidFilename := filepath.Join(r.stateDir, containerdPidFilename)
+	f, err := os.OpenFile(pidFilename, os.O_RDWR|os.O_CREATE, 0600)
+	defer f.Close()
+	if err != nil {
+		return err
+	}
+
+	// File exist, check if the daemon is alive
+	b := make([]byte, 8)
+	n, err := f.Read(b)
+	if err != nil && err != io.EOF {
+		return err
+	}
+
+	if n > 0 {
+		pid, err := strconv.ParseUint(string(b[:n]), 10, 64)
+		if err != nil {
+			return err
+		}
+		if utils.IsProcessAlive(int(pid)) {
+			logrus.Infof("previous instance of containerd still alive (%d)", pid)
+			r.daemonPid = int(pid)
+			return nil
+		}
+	}
+
+	// rewind the file
+	_, err = f.Seek(0, os.SEEK_SET)
+	if err != nil {
+		return err
+	}
+
+	// Truncate it
+	err = f.Truncate(0)
+	if err != nil {
+		return err
+	}
+
+	// Start a new instance
+	args := []string{"-l", r.rpcAddr, "--runtime", "docker-runc", "--start-timeout", "2m"}
+	if r.debugLog {
+		args = append(args, "--debug", "--metrics-interval=0")
+	}
+	if len(r.runtimeArgs) > 0 {
+		for _, v := range r.runtimeArgs {
+			args = append(args, "--runtime-args")
+			args = append(args, v)
+		}
+		logrus.Debugf("runContainerdDaemon: runtimeArgs: %s", args)
+	}
+
+	cmd := exec.Command(containerdBinary, args...)
+	// redirect containerd logs to docker logs
+	cmd.Stdout = os.Stdout
+	cmd.Stderr = os.Stderr
+	cmd.SysProcAttr = &syscall.SysProcAttr{Setsid: true}
+	cmd.Env = nil
+	// clear the NOTIFY_SOCKET from the env when starting containerd
+	for _, e := range os.Environ() {
+		if !strings.HasPrefix(e, "NOTIFY_SOCKET") {
+			cmd.Env = append(cmd.Env, e)
+		}
+	}
+	if err := cmd.Start(); err != nil {
+		return err
+	}
+	logrus.Infof("New containerd process, pid: %d\n", cmd.Process.Pid)
+
+	if _, err := f.WriteString(fmt.Sprintf("%d", cmd.Process.Pid)); err != nil {
+		utils.KillProcess(cmd.Process.Pid)
+		return err
+	}
+
+	go cmd.Wait() // Reap our child when needed
+	r.daemonPid = cmd.Process.Pid
+	return nil
+}
+
+// WithRemoteAddr sets the external containerd socket to connect to.
+func WithRemoteAddr(addr string) RemoteOption {
+	return rpcAddr(addr)
+}
+
+type rpcAddr string
+
+func (a rpcAddr) Apply(r Remote) error {
+	if remote, ok := r.(*remote); ok {
+		remote.rpcAddr = string(a)
+		return nil
+	}
+	return fmt.Errorf("WithRemoteAddr option not supported for this remote")
+}
+
+// WithRuntimeArgs sets the list of runtime args passed to containerd
+func WithRuntimeArgs(args []string) RemoteOption {
+	return runtimeArgs(args)
+}
+
+type runtimeArgs []string
+
+func (rt runtimeArgs) Apply(r Remote) error {
+	if remote, ok := r.(*remote); ok {
+		remote.runtimeArgs = rt
+		return nil
+	}
+	return fmt.Errorf("WithRuntimeArgs option not supported for this remote")
+}
+
+// WithStartDaemon defines if libcontainerd should also run containerd daemon.
+func WithStartDaemon(start bool) RemoteOption {
+	return startDaemon(start)
+}
+
+type startDaemon bool
+
+func (s startDaemon) Apply(r Remote) error {
+	if remote, ok := r.(*remote); ok {
+		remote.startDaemon = bool(s)
+		return nil
+	}
+	return fmt.Errorf("WithStartDaemon option not supported for this remote")
+}
+
+// WithDebugLog defines if containerd debug logs will be enabled for daemon.
+func WithDebugLog(debug bool) RemoteOption {
+	return debugLog(debug)
+}
+
+type debugLog bool
+
+func (d debugLog) Apply(r Remote) error {
+	if remote, ok := r.(*remote); ok {
+		remote.debugLog = bool(d)
+		return nil
+	}
+	return fmt.Errorf("WithDebugLog option not supported for this remote")
+}
diff --git a/libcontainerd/remote_windows.go b/libcontainerd/remote_windows.go
new file mode 100644
index 00000000..ce01f74f
--- /dev/null
+++ b/libcontainerd/remote_windows.go
@@ -0,0 +1,27 @@
+package libcontainerd
+
+import "github.com/docker/docker/pkg/locker"
+
+type remote struct {
+}
+
+func (r *remote) Client(b Backend) (Client, error) {
+	c := &client{
+		clientCommon: clientCommon{
+			backend:    b,
+			containers: make(map[string]*container),
+			locker:     locker.New(),
+		},
+	}
+	return c, nil
+}
+
+// Cleanup is a no-op on Windows. It is here to implement the interface.
+func (r *remote) Cleanup() {
+}
+
+// New creates a fresh instance of libcontainerd remote. On Windows,
+// this is not used as there is no remote containerd process.
+func New(_ string, _ ...RemoteOption) (Remote, error) {
+	return &remote{}, nil
+}
diff --git a/libcontainerd/types.go b/libcontainerd/types.go
new file mode 100644
index 00000000..bb82fe40
--- /dev/null
+++ b/libcontainerd/types.go
@@ -0,0 +1,60 @@
+package libcontainerd
+
+import "io"
+
+// State constants used in state change reporting.
+const (
+	StateStart        = "start-container"
+	StatePause        = "pause"
+	StateResume       = "resume"
+	StateExit         = "exit"
+	StateRestart      = "restart"
+	StateRestore      = "restore"
+	StateStartProcess = "start-process"
+	StateExitProcess  = "exit-process"
+	StateOOM          = "oom" // fake state
+	stateLive         = "live"
+)
+
+// StateInfo contains description about the new state container has entered.
+type StateInfo struct { // FIXME: event?
+	State     string
+	Pid       uint32
+	ExitCode  uint32
+	ProcessID string
+	OOMKilled bool // TODO Windows containerd factor out
+}
+
+// Backend defines callbacks that the client of the library needs to implement.
+type Backend interface {
+	StateChanged(containerID string, state StateInfo) error
+	AttachStreams(processFriendlyName string, io IOPipe) error
+}
+
+// Client provides access to containerd features.
+type Client interface {
+	Create(containerID string, spec Spec, options ...CreateOption) error
+	Signal(containerID string, sig int) error
+	AddProcess(containerID, processFriendlyName string, process Process) error
+	Resize(containerID, processFriendlyName string, width, height int) error
+	Pause(containerID string) error
+	Resume(containerID string) error
+	Restore(containerID string, options ...CreateOption) error
+	Stats(containerID string) (*Stats, error)
+	GetPidsForContainer(containerID string) ([]int, error)
+	Summary(containerID string) ([]Summary, error)
+	UpdateResources(containerID string, resources Resources) error
+}
+
+// CreateOption allows to configure parameters of container creation.
+type CreateOption interface {
+	Apply(interface{}) error
+}
+
+// IOPipe contains the stdio streams.
+type IOPipe struct {
+	Stdin    io.WriteCloser
+	Stdout   io.Reader
+	Stderr   io.Reader
+	Terminal bool // Whether stderr is connected on Windows
+}
diff --git a/libcontainerd/types_linux.go b/libcontainerd/types_linux.go
new file mode 100644
index 00000000..bee12d91
--- /dev/null
+++ b/libcontainerd/types_linux.go
@@ -0,0 +1,47 @@
+package libcontainerd
+
+import (
+	containerd "github.com/docker/containerd/api/grpc/types"
+	"github.com/opencontainers/specs/specs-go"
+)
+
+// Spec is the base configuration for the container.  It specifies platform
+// independent configuration. This information must be included when the
+// bundle is packaged for distribution.
+type Spec specs.Spec
+
+// Process contains information to start a specific application inside the container.
+type Process struct {
+	// Terminal creates an interactive terminal for the container.
+	Terminal bool `json:"terminal"`
+	// User specifies user information for the process.
+	User *User `json:"user"`
+	// Args specifies the binary and arguments for the application to execute.
+	Args []string `json:"args"`
+	// Env populates the process environment for the process.
+	Env []string `json:"env,omitempty"`
+	// Cwd is the current working directory for the process and must be
+	// relative to the container's root.
+	Cwd *string `json:"cwd"`
+	// Capabilities are linux capabilities that are kept for the container.
+	Capabilities []string `json:"capabilities,omitempty"`
+	// Rlimits specifies rlimit options to apply to the process.
+	Rlimits []specs.Rlimit `json:"rlimits,omitempty"`
+	// ApparmorProfile specified the apparmor profile for the container.
+	ApparmorProfile *string `json:"apparmorProfile,omitempty"`
+	// SelinuxProcessLabel specifies the selinux context that the container process is run as.
+	SelinuxLabel *string `json:"selinuxLabel,omitempty"`
+}
+
+// Stats contains a stats properties from containerd.
+type Stats containerd.StatsResponse
+
+// Summary container a container summary from containerd
+type Summary struct{}
+
+// User specifies linux specific user and group information for the container's
+// main process.
+type User specs.User
+
+// Resources defines updatable container resource values.
+type Resources containerd.UpdateResource
diff --git a/libcontainerd/types_windows.go b/libcontainerd/types_windows.go
new file mode 100644
index 00000000..2a915ff1
--- /dev/null
+++ b/libcontainerd/types_windows.go
@@ -0,0 +1,24 @@
+package libcontainerd
+
+import "github.com/docker/docker/libcontainerd/windowsoci"
+
+// Spec is the base configuration for the container.
+type Spec windowsoci.WindowsSpec
+
+// Process contains information to start a specific application inside the container.
+type Process windowsoci.Process
+
+// User specifies user information for the containers main process.
+type User windowsoci.User
+
+// Summary container a container summary from containerd
+type Summary struct {
+	Pid     uint32
+	Command string
+}
+
+// Stats contains a stats properties from containerd.
+type Stats struct{}
+
+// Resources defines updatable container resource values.
+type Resources struct{}
diff --git a/libcontainerd/utils_linux.go b/libcontainerd/utils_linux.go
new file mode 100644
index 00000000..5b67244f
--- /dev/null
+++ b/libcontainerd/utils_linux.go
@@ -0,0 +1,52 @@
+package libcontainerd
+
+import (
+	containerd "github.com/docker/containerd/api/grpc/types"
+	"github.com/opencontainers/specs/specs-go"
+)
+
+func getRootIDs(s specs.Spec) (int, int, error) {
+	var hasUserns bool
+	for _, ns := range s.Linux.Namespaces {
+		if ns.Type == specs.UserNamespace {
+			hasUserns = true
+			break
+		}
+	}
+	if !hasUserns {
+		return 0, 0, nil
+	}
+	uid := hostIDFromMap(0, s.Linux.UIDMappings)
+	gid := hostIDFromMap(0, s.Linux.GIDMappings)
+	return uid, gid, nil
+}
+
+func hostIDFromMap(id uint32, mp []specs.IDMapping) int {
+	for _, m := range mp {
+		if id >= m.ContainerID && id <= m.ContainerID+m.Size-1 {
+			return int(m.HostID + id - m.ContainerID)
+		}
+	}
+	return 0
+}
+
+func systemPid(ctr *containerd.Container) uint32 {
+	var pid uint32
+	for _, p := range ctr.Processes {
+		if p.Pid == InitFriendlyName {
+			pid = p.SystemPid
+		}
+	}
+	return pid
+}
+
+func convertRlimits(sr []specs.Rlimit) (cr []*containerd.Rlimit) {
+	for _, r := range sr {
+		cr = append(cr, &containerd.Rlimit{
+			Type: r.Type,
+			Hard: r.Hard,
+			Soft: r.Soft,
+		})
+	}
+	return
+}
diff --git a/libcontainerd/utils_windows.go b/libcontainerd/utils_windows.go
new file mode 100644
index 00000000..a9d95d63
--- /dev/null
+++ b/libcontainerd/utils_windows.go
@@ -0,0 +1,16 @@
+package libcontainerd
+
+import "strings"
+
+// setupEnvironmentVariables convert a string array of environment variables
+// into a map as required by the HCS. Source array is in format [v1=k1] [v2=k2] etc.
+func setupEnvironmentVariables(a []string) map[string]string {
+	r := make(map[string]string)
+	for _, s := range a {
+		arr := strings.Split(s, "=")
+		if len(arr) == 2 {
+			r[arr[0]] = arr[1]
+		}
+	}
+	return r
+}
diff --git a/libcontainerd/windowsoci/oci_windows.go b/libcontainerd/windowsoci/oci_windows.go
new file mode 100644
index 00000000..3b9f5a3a
--- /dev/null
+++ b/libcontainerd/windowsoci/oci_windows.go
@@ -0,0 +1,190 @@
+package windowsoci
+
+// This file contains the Windows spec for a container. At the time of
+// writing, Windows does not have a spec defined in opencontainers/specs,
+// hence this is an interim workaround. TODO Windows: FIXME @jhowardmsft
+
+import (
+	"fmt"
+
+	"github.com/docker/go-connections/nat"
+)
+
+// WindowsSpec is the full specification for Windows containers.
+type WindowsSpec struct {
+	Spec
+
+	// Windows is platform specific configuration for Windows based containers.
+	Windows Windows `json:"windows"`
+}
+
+// Spec is the base configuration for the container.  It specifies platform
+// independent configuration. This information must be included when the
+// bundle is packaged for distribution.
+type Spec struct {
+
+	// Version is the version of the specification that is supported.
+	Version string `json:"ociVersion"`
+	// Platform is the host information for OS and Arch.
+	Platform Platform `json:"platform"`
+	// Process is the container's main process.
+	Process Process `json:"process"`
+	// Root is the root information for the container's filesystem.
+	Root Root `json:"root"`
+	// Hostname is the container's host name.
+	Hostname string `json:"hostname,omitempty"`
+	// Mounts profile configuration for adding mounts to the container's filesystem.
+	Mounts []Mount `json:"mounts"`
+}
+
+// Windows contains platform specific configuration for Windows based containers.
+type Windows struct {
+	// Resources contain information for handling resource constraints for the container
+	Resources *Resources `json:"resources,omitempty"`
+	// Networking contains the platform specific network settings for the container.
+	Networking *Networking `json:"networking,omitempty"`
+	// FirstStart is used for an optimization on first boot of Windows
+	FirstStart bool `json:"first_start,omitempty"`
+	// LayerFolder is the path to the current layer folder
+	LayerFolder string `json:"layer_folder,omitempty"`
+	// Layer paths of the parent layers
+	LayerPaths []string `json:"layer_paths,omitempty"`
+	// HvRuntime contains settings specific to Hyper-V containers, omitted if not using Hyper-V isolation
+	HvRuntime *HvRuntime `json:"hv_runtime,omitempty"`
+}
+
+// Process contains information to start a specific application inside the container.
+type Process struct {
+	// Terminal indicates if stderr should NOT be attached for the container.
+	Terminal bool `json:"terminal"`
+	// ConsoleSize contains the initial h,w of the console size
+	InitialConsoleSize [2]int `json:"-"`
+	// User specifies user information for the process.
+	User User `json:"user"`
+	// Args specifies the binary and arguments for the application to execute.
+	Args []string `json:"args"`
+	// Env populates the process environment for the process.
+	Env []string `json:"env,omitempty"`
+	// Cwd is the current working directory for the process and must be
+	// relative to the container's root.
+	Cwd string `json:"cwd"`
+}
+
+// User contains the user information for Windows
+type User struct {
+	User string `json:"user,omitempty"`
+}
+
+// Root contains information about the container's root filesystem on the host.
+type Root struct {
+	// Path is the absolute path to the container's root filesystem.
+	Path string `json:"path"`
+	// Readonly makes the root filesystem for the container readonly before the process is executed.
+	Readonly bool `json:"readonly"`
+}
+
+// Platform specifies OS and arch information for the host system that the container
+// is created for.
+type Platform struct {
+	// OS is the operating system.
+	OS string `json:"os"`
+	// Arch is the architecture
+	Arch string `json:"arch"`
+}
+
+// Mount specifies a mount for a container.
+type Mount struct {
+	// Destination is the path where the mount will be placed relative to the container's root.  The path and child directories MUST exist, a runtime MUST NOT create directories automatically to a mount point.
+	Destination string `json:"destination"`
+	// Type specifies the mount kind.
+	Type string `json:"type"`
+	// Source specifies the source path of the mount.  In the case of bind mounts
+	// this would be the file on the host.
+	Source string `json:"source"`
+	// Readonly specifies if the mount should be read-only
+	Readonly bool `json:"readonly"`
+}
+
+// HvRuntime contains settings specific to Hyper-V containers
+type HvRuntime struct {
+	// ImagePath is the path to the Utility VM image for this container
+	ImagePath string `json:"image_path,omitempty"`
+}
+
+// Networking contains the platform specific network settings for the container
+type Networking struct {
+	// TODO Windows TP5. The following three fields are for 'legacy' non-
+	// libnetwork networking through HCS. They can be removed once TP4 is
+	// no longer supported. Also remove in libcontainerd\client_windows.go,
+	// function Create(), and in daemon\oci_windows.go, function CreateSpec()
+	MacAddress   string      `json:"mac,omitempty"`
+	Bridge       string      `json:"bridge,omitempty"`
+	PortBindings nat.PortMap `json:"port_bindings,omitempty"`
+	// End of TODO Windows TP5.
+
+	// List of endpoints to be attached to the container
+	EndpointList []string `json:"endpoints,omitempty"`
+}
+
+// Storage contains storage resource management settings
+type Storage struct {
+	// Specifies maximum Iops for the system drive
+	Iops *uint64 `json:"iops,omitempty"`
+	// Specifies maximum bytes per second for the system drive
+	Bps *uint64 `json:"bps,omitempty"`
+	// Sandbox size indicates the size to expand the system drive to if it is currently smaller
+	SandboxSize *uint64 `json:"sandbox_size,omitempty"`
+}
+
+// Memory contains memory settings for the container
+type Memory struct {
+	// Memory limit (in bytes).
+	Limit *int64 `json:"limit,omitempty"`
+	// Memory reservation (in bytes).
+	Reservation *uint64 `json:"reservation,omitempty"`
+}
+
+// CPU contains information for cpu resource management
+type CPU struct {
+	// Number of CPUs available to the container. This is an appoximation for Windows Server Containers.
+	Count *uint64 `json:"count,omitempty"`
+	// CPU shares (relative weight (ratio) vs. other containers with cpu shares). Range is from 1 to 10000.
+	Shares *uint64 `json:"shares,omitempty"`
+	// Percent of available CPUs usable by the container.
+	Percent *int64 `json:"percent,omitempty"`
+}
+
+// Network network resource management information
+type Network struct {
+	// Bandwidth is the maximum egress bandwidth in bytes per second
+	Bandwidth *uint64 `json:"bandwidth,omitempty"`
+}
+
+// Resources has container runtime resource constraints
+// TODO Windows containerd. This structure needs ratifying with the old resources
+// structure used on Windows and the latest OCI spec.
+type Resources struct {
+	// Memory restriction configuration
+	Memory *Memory `json:"memory,omitempty"`
+	// CPU resource restriction configuration
+	CPU *CPU `json:"cpu,omitempty"`
+	// Storage restriction configuration
+	Storage *Storage `json:"storage,omitempty"`
+	// Network restriction configuration
+	Network *Network `json:"network,omitempty"`
+}
+
+const (
+	// VersionMajor is for an API incompatible changes
+	VersionMajor = 0
+	// VersionMinor is for functionality in a backwards-compatible manner
+	VersionMinor = 3
+	// VersionPatch is for backwards-compatible bug fixes
+	VersionPatch = 0
+
+	// VersionDev indicates development branch. Releases will be empty string.
+	VersionDev = ""
+)
+
+// Version is the specification version that the package types support.
+var Version = fmt.Sprintf("%d.%d.%d%s (Windows)", VersionMajor, VersionMinor, VersionPatch, VersionDev)
diff --git a/libcontainerd/windowsoci/unsupported.go b/libcontainerd/windowsoci/unsupported.go
new file mode 100644
index 00000000..a97c2829
--- /dev/null
+++ b/libcontainerd/windowsoci/unsupported.go
@@ -0,0 +1,3 @@
+// +build !windows
+
+package windowsoci
diff --git a/man/Dockerfile b/man/Dockerfile
new file mode 100644
index 00000000..af231952
--- /dev/null
+++ b/man/Dockerfile
@@ -0,0 +1,7 @@
+FROM golang:1.4
+RUN mkdir -p /go/src/github.com/cpuguy83
+RUN mkdir -p /go/src/github.com/cpuguy83 \
+    && git clone -b v1.0.3 https://github.com/cpuguy83/go-md2man.git /go/src/github.com/cpuguy83/go-md2man \
+    && cd /go/src/github.com/cpuguy83/go-md2man \
+    && go get -v ./...
+CMD ["/go/bin/go-md2man", "--help"]
diff --git a/man/Dockerfile.5.md b/man/Dockerfile.5.md
new file mode 100644
index 00000000..7d56bda0
--- /dev/null
+++ b/man/Dockerfile.5.md
@@ -0,0 +1,472 @@
+% DOCKERFILE(5) Docker User Manuals
+% Zac Dover
+% May 2014
+# NAME
+
+Dockerfile - automate the steps of creating a Docker image
+
+# INTRODUCTION
+
+The **Dockerfile** is a configuration file that automates the steps of creating
+a Docker image. It is similar to a Makefile. Docker reads instructions from the
+**Dockerfile** to automate the steps otherwise performed manually to create an
+image. To build an image, create a file called **Dockerfile**.
+
+The **Dockerfile** describes the steps taken to assemble the image. When the
+**Dockerfile** has been created, call the `docker build` command, using the
+path of directory that contains **Dockerfile** as the argument.
+
+# SYNOPSIS
+
+INSTRUCTION arguments
+
+For example:
+
+  FROM image
+
+# DESCRIPTION
+
+A Dockerfile is a file that automates the steps of creating a Docker image. 
+A Dockerfile is similar to a Makefile.
+
+# USAGE
+
+  docker build .
+
+  -- Runs the steps and commits them, building a final image.
+  The path to the source repository defines where to find the context of the
+  build. The build is run by the Docker daemon, not the CLI. The whole
+  context must be transferred to the daemon. The Docker CLI reports
+  `"Sending build context to Docker daemon"` when the context is sent to the
+  daemon.
+
+  ```
+  docker build -t repository/tag .
+  ```
+
+  -- specifies a repository and tag at which to save the new image if the build
+  succeeds. The Docker daemon runs the steps one-by-one, committing the result
+  to a new image if necessary, before finally outputting the ID of the new
+  image. The Docker daemon automatically cleans up the context it is given.
+
+  Docker re-uses intermediate images whenever possible. This significantly
+  accelerates the *docker build* process.
+
+# FORMAT
+
+  `FROM image`
+
+  `FROM image:tag`
+
+  `FROM image@digest`
+
+  -- The **FROM** instruction sets the base image for subsequent instructions. A
+  valid Dockerfile must have **FROM** as its first instruction. The image can be any
+  valid image. It is easy to start by pulling an image from the public
+  repositories.
+
+  -- **FROM** must be the first non-comment instruction in Dockerfile.
+
+  -- **FROM** may appear multiple times within a single Dockerfile in order to create
+  multiple images. Make a note of the last image ID output by the commit before
+  each new **FROM** command.
+
+  -- If no tag is given to the **FROM** instruction, Docker applies the 
+  `latest` tag. If the used tag does not exist, an error is returned.
+
+  -- If no digest is given to the **FROM** instruction, Docker applies the 
+  `latest` tag. If the used tag does not exist, an error is returned.
+
+**MAINTAINER**
+  -- **MAINTAINER** sets the Author field for the generated images.
+  Useful for providing users with an email or url for support.
+
+**RUN**
+  -- **RUN** has two forms:
+
+  ```
+  # the command is run in a shell - /bin/sh -c
+  RUN <command>
+
+  # Executable form
+  RUN ["executable", "param1", "param2"]
+  ```
+
+
+  -- The **RUN** instruction executes any commands in a new layer on top of the current
+  image and commits the results. The committed image is used for the next step in
+  Dockerfile.
+
+  -- Layering **RUN** instructions and generating commits conforms to the core
+  concepts of Docker where commits are cheap and containers can be created from
+  any point in the history of an image. This is similar to source control.  The
+  exec form makes it possible to avoid shell string munging. The exec form makes
+  it possible to **RUN** commands using a base image that does not contain `/bin/sh`.
+
+  Note that the exec form is parsed as a JSON array, which means that you must
+  use double-quotes (") around words not single-quotes (').
+
+**CMD**
+  -- **CMD** has three forms:
+
+  ```
+  # Executable form
+  CMD ["executable", "param1", "param2"]`
+
+  # Provide default arguments to ENTRYPOINT
+  CMD ["param1", "param2"]`
+
+  # the command is run in a shell - /bin/sh -c
+  CMD command param1 param2
+  ```
+
+  -- There should be only one **CMD** in a Dockerfile. If more than one **CMD** is listed, only
+  the last **CMD** takes effect.
+  The main purpose of a **CMD** is to provide defaults for an executing container.
+  These defaults may include an executable, or they can omit the executable. If
+  they omit the executable, an **ENTRYPOINT** must be specified.
+  When used in the shell or exec formats, the **CMD** instruction sets the command to
+  be executed when running the image.
+  If you use the shell form of the **CMD**, the `<command>` executes in `/bin/sh -c`:
+
+  Note that the exec form is parsed as a JSON array, which means that you must
+  use double-quotes (") around words not single-quotes (').
+
+  ```
+  FROM ubuntu
+  CMD echo "This is a test." | wc -
+  ```
+
+  -- If you run **command** without a shell, then you must express the command as a
+  JSON array and give the full path to the executable. This array form is the
+  preferred form of **CMD**. All additional parameters must be individually expressed
+  as strings in the array:
+
+  ```
+  FROM ubuntu
+  CMD ["/usr/bin/wc","--help"]
+  ```
+
+  -- To make the container run the same executable every time, use **ENTRYPOINT** in
+  combination with **CMD**. 
+  If the user specifies arguments to `docker run`, the specified commands
+  override the default in **CMD**.
+  Do not confuse **RUN** with **CMD**. **RUN** runs a command and commits the result.
+  **CMD** executes nothing at build time, but specifies the intended command for
+  the image.
+
+**LABEL**
+  -- `LABEL <key>=<value> [<key>=<value> ...]`or 
+  ```
+  LABEL <key>[ <value>]
+  LABEL <key>[ <value>]
+  ...
+  ```
+  The **LABEL** instruction adds metadata to an image. A **LABEL** is a
+  key-value pair. To specify a **LABEL** without a value, simply use an empty
+  string. To include spaces within a **LABEL** value, use quotes and
+  backslashes as you would in command-line parsing.
+
+  ```
+  LABEL com.example.vendor="ACME Incorporated"
+  LABEL com.example.vendor "ACME Incorporated"
+  LABEL com.example.vendor.is-beta ""
+  LABEL com.example.vendor.is-beta=
+  LABEL com.example.vendor.is-beta=""
+  ```
+
+  An image can have more than one label. To specify multiple labels, separate
+  each key-value pair by a space. 
+  
+  Labels are additive including `LABEL`s in `FROM` images. As the system
+  encounters and then applies a new label, new `key`s override any previous
+  labels with identical keys.
+
+  To display an image's labels, use the `docker inspect` command.
+
+**EXPOSE**
+  -- `EXPOSE <port> [<port>...]`
+  The **EXPOSE** instruction informs Docker that the container listens on the
+  specified network ports at runtime. Docker uses this information to
+  interconnect containers using links and to set up port redirection on the host
+  system.
+
+**ENV**
+  -- `ENV <key> <value>`
+  The **ENV** instruction sets the environment variable <key> to
+  the value `<value>`. This value is passed to all future 
+  **RUN**, **ENTRYPOINT**, and **CMD** instructions. This is
+  functionally equivalent to prefixing the command with `<key>=<value>`.  The
+  environment variables that are set with **ENV** persist when a container is run
+  from the resulting image. Use `docker inspect` to inspect these values, and
+  change them using `docker run --env <key>=<value>`.
+
+  Note that setting "`ENV DEBIAN_FRONTEND noninteractive`" may cause
+  unintended consequences, because it will persist when the container is run
+  interactively, as with the following command: `docker run -t -i image bash`
+
+**ADD**
+  -- **ADD** has two forms:
+
+  ```
+  ADD <src> <dest>
+
+  # Required for paths with whitespace
+  ADD ["<src>",... "<dest>"]
+  ```
+
+  The **ADD** instruction copies new files, directories
+  or remote file URLs to the filesystem of the container at path `<dest>`.
+  Multiple `<src>` resources may be specified but if they are files or directories
+  then they must be relative to the source directory that is being built
+  (the context of the build). The `<dest>` is the absolute path, or path relative
+  to **WORKDIR**, into which the source is copied inside the target container.
+  If the `<src>` argument is a local file in a recognized compression format
+  (tar, gzip, bzip2, etc) then it is unpacked at the specified `<dest>` in the
+  container's filesystem.  Note that only local compressed files will be unpacked,
+  i.e., the URL download and archive unpacking features cannot be used together.
+  All new directories are created with mode 0755 and with the uid and gid of **0**.
+
+**COPY**
+  -- **COPY** has two forms:
+
+  ```
+  COPY <src> <dest>
+
+  # Required for paths with whitespace
+  COPY ["<src>",... "<dest>"]
+  ```
+
+  The **COPY** instruction copies new files from `<src>` and
+  adds them to the filesystem of the container at path <dest>. The `<src>` must be
+  the path to a file or directory relative to the source directory that is
+  being built (the context of the build) or a remote file URL. The `<dest>` is an
+  absolute path, or a path relative to **WORKDIR**, into which the source will
+  be copied inside the target container. If you **COPY** an archive file it will
+  land in the container exactly as it appears in the build context without any 
+  attempt to unpack it.  All new files and directories are created with mode **0755**
+  and with the uid and gid of **0**.
+
+**ENTRYPOINT**
+  -- **ENTRYPOINT** has two forms:
+
+  ```
+  # executable form
+  ENTRYPOINT ["executable", "param1", "param2"]`
+
+  # run command in a shell - /bin/sh -c
+  ENTRYPOINT command param1 param2
+  ```
+
+  -- An **ENTRYPOINT** helps you configure a
+  container that can be run as an executable. When you specify an **ENTRYPOINT**,
+  the whole container runs as if it was only that executable.  The **ENTRYPOINT**
+  instruction adds an entry command that is not overwritten when arguments are
+  passed to docker run. This is different from the behavior of **CMD**. This allows
+  arguments to be passed to the entrypoint, for instance `docker run <image> -d`
+  passes the -d argument to the **ENTRYPOINT**.  Specify parameters either in the
+  **ENTRYPOINT** JSON array (as in the preferred exec form above), or by using a **CMD**
+  statement.  Parameters in the **ENTRYPOINT** are not overwritten by the docker run
+  arguments.  Parameters specified via **CMD** are overwritten by docker run
+  arguments.  Specify a plain string for the **ENTRYPOINT**, and it will execute in
+  `/bin/sh -c`, like a **CMD** instruction:
+
+  ```
+  FROM ubuntu
+  ENTRYPOINT wc -l -
+  ```
+
+  This means that the Dockerfile's image always takes stdin as input (that's
+  what "-" means), and prints the number of lines (that's what "-l" means). To
+  make this optional but default, use a **CMD**:
+
+  ```
+  FROM ubuntu
+  CMD ["-l", "-"]
+  ENTRYPOINT ["/usr/bin/wc"]
+  ```
+
+**VOLUME**
+  -- `VOLUME ["/data"]`
+  The **VOLUME** instruction creates a mount point with the specified name and marks
+  it as holding externally-mounted volumes from the native host or from other
+  containers.
+
+**USER**
+  -- `USER daemon`
+  Sets the username or UID used for running subsequent commands.
+
+  The **USER** instruction can optionally be used to set the group or GID. The
+  followings examples are all valid:
+  USER [user | user:group | uid | uid:gid | user:gid | uid:group ]
+
+  Until the **USER** instruction is set, instructions will be run as root. The USER
+  instruction can be used any number of times in a Dockerfile, and will only affect
+  subsequent commands.
+
+**WORKDIR**
+  -- `WORKDIR /path/to/workdir`
+  The **WORKDIR** instruction sets the working directory for the **RUN**, **CMD**,
+  **ENTRYPOINT**, **COPY** and **ADD** Dockerfile commands that follow it. It can
+  be used multiple times in a single Dockerfile. Relative paths are defined
+  relative to the path of the previous **WORKDIR** instruction. For example:
+
+  ```
+  WORKDIR /a
+  WORKDIR b
+  WORKDIR c
+  RUN pwd
+  ```
+
+  In the above example, the output of the **pwd** command is **a/b/c**.
+
+**ARG**
+   -- ARG <name>[=<default value>]
+
+  The `ARG` instruction defines a variable that users can pass at build-time to
+  the builder with the `docker build` command using the `--build-arg
+  <varname>=<value>` flag. If a user specifies a build argument that was not
+  defined in the Dockerfile, the build outputs an error.
+
+  ```
+  One or more build-args were not consumed, failing build.
+  ```
+
+  The Dockerfile author can define a single variable by specifying `ARG` once or many
+  variables by specifying `ARG` more than once. For example, a valid Dockerfile:
+
+  ```
+  FROM busybox
+  ARG user1
+  ARG buildno
+  ...
+  ```
+
+  A Dockerfile author may optionally specify a default value for an `ARG` instruction:
+
+  ```
+  FROM busybox
+  ARG user1=someuser
+  ARG buildno=1
+  ...
+  ```
+
+  If an `ARG` value has a default and if there is no value passed at build-time, the
+  builder uses the default.
+
+  An `ARG` variable definition comes into effect from the line on which it is
+  defined in the `Dockerfile` not from the argument's use on the command-line or
+  elsewhere.  For example, consider this Dockerfile:
+
+  ```
+  1 FROM busybox
+  2 USER ${user:-some_user}
+  3 ARG user
+  4 USER $user
+  ...
+  ```
+  A user builds this file by calling:
+
+  ```
+  $ docker build --build-arg user=what_user Dockerfile
+  ```
+
+  The `USER` at line 2 evaluates to `some_user` as the `user` variable is defined on the
+  subsequent line 3. The `USER` at line 4 evaluates to `what_user` as `user` is
+  defined and the `what_user` value was passed on the command line. Prior to its definition by an
+  `ARG` instruction, any use of a variable results in an empty string.
+
+  > **Note:** It is not recommended to use build-time variables for
+  >  passing secrets like github keys, user credentials etc.
+
+  You can use an `ARG` or an `ENV` instruction to specify variables that are
+  available to the `RUN` instruction. Environment variables defined using the
+  `ENV` instruction always override an `ARG` instruction of the same name. Consider
+  this Dockerfile with an `ENV` and `ARG` instruction.
+
+  ```
+  1 FROM ubuntu
+  2 ARG CONT_IMG_VER
+  3 ENV CONT_IMG_VER v1.0.0
+  4 RUN echo $CONT_IMG_VER
+  ```
+  Then, assume this image is built with this command:
+
+  ```
+  $ docker build --build-arg CONT_IMG_VER=v2.0.1 Dockerfile
+  ```
+
+  In this case, the `RUN` instruction uses `v1.0.0` instead of the `ARG` setting
+  passed by the user:`v2.0.1` This behavior is similar to a shell
+  script where a locally scoped variable overrides the variables passed as
+  arguments or inherited from environment, from its point of definition.
+
+  Using the example above but a different `ENV` specification you can create more
+  useful interactions between `ARG` and `ENV` instructions:
+
+  ```
+  1 FROM ubuntu
+  2 ARG CONT_IMG_VER
+  3 ENV CONT_IMG_VER ${CONT_IMG_VER:-v1.0.0}
+  4 RUN echo $CONT_IMG_VER
+  ```
+
+  Unlike an `ARG` instruction, `ENV` values are always persisted in the built
+  image. Consider a docker build without the --build-arg flag:
+
+  ```
+  $ docker build Dockerfile
+  ```
+
+  Using this Dockerfile example, `CONT_IMG_VER` is still persisted in the image but
+  its value would be `v1.0.0` as it is the default set in line 3 by the `ENV` instruction.
+
+  The variable expansion technique in this example allows you to pass arguments
+  from the command line and persist them in the final image by leveraging the
+  `ENV` instruction. Variable expansion is only supported for [a limited set of
+  Dockerfile instructions.](#environment-replacement)
+
+  Docker has a set of predefined `ARG` variables that you can use without a
+  corresponding `ARG` instruction in the Dockerfile.
+
+  * `HTTP_PROXY`
+  * `http_proxy`
+  * `HTTPS_PROXY`
+  * `https_proxy`
+  * `FTP_PROXY`
+  * `ftp_proxy`
+  * `NO_PROXY`
+  * `no_proxy`
+
+  To use these, simply pass them on the command line using the `--build-arg
+  <varname>=<value>` flag.
+
+**ONBUILD**
+  -- `ONBUILD [INSTRUCTION]`
+  The **ONBUILD** instruction adds a trigger instruction to an image. The
+  trigger is executed at a later time, when the image is used as the base for
+  another build. Docker executes the trigger in the context of the downstream
+  build, as if the trigger existed immediately after the **FROM** instruction in
+  the downstream Dockerfile.
+
+  You can register any build instruction as a trigger. A trigger is useful if
+  you are defining an image to use as a base for building other images. For
+  example, if you are defining an application build environment or a daemon that
+  is customized with a user-specific configuration.  
+  
+  Consider an image intended as a reusable python application builder. It must
+  add application source code to a particular directory, and might need a build
+  script called after that. You can't just call **ADD** and **RUN** now, because
+  you don't yet have access to the application source code, and it is different
+  for each application build.
+
+  -- Providing application developers with a boilerplate Dockerfile to copy-paste
+  into their application is inefficient, error-prone, and
+  difficult to update because it mixes with application-specific code.
+  The solution is to use **ONBUILD** to register instructions in advance, to
+  run later, during the next build stage.
+
+# HISTORY
+*May 2014, Compiled by Zac Dover (zdover at redhat dot com) based on docker.com Dockerfile documentation.
+*Feb 2015, updated by Brian Goff (cpuguy83@gmail.com) for readability
+*Sept 2015, updated by Sally O'Malley (somalley@redhat.com) 
diff --git a/man/README.md b/man/README.md
new file mode 100644
index 00000000..922bc3cc
--- /dev/null
+++ b/man/README.md
@@ -0,0 +1,33 @@
+Docker Documentation
+====================
+
+This directory contains the Docker user manual in the Markdown format.
+Do *not* edit the man pages in the man1 directory. Instead, amend the
+Markdown (*.md) files.
+
+# Generating man pages from the Markdown files
+
+The recommended approach for generating the man pages is via a Docker
+container using the supplied `Dockerfile` to create an image with the correct
+environment. This uses `go-md2man`, a pure Go Markdown to man page generator.
+
+## Building the md2man image
+
+There is a `Dockerfile` provided in the `/man` directory of your
+'docker/docker' fork.
+
+Using this `Dockerfile`, create a Docker image tagged `docker/md2man`:
+
+    docker build -t docker/md2man .
+
+## Utilizing the image
+
+From within the `/man` directory run the following command:
+
+    docker run -v $(pwd):/man -w /man -i docker/md2man ./md2man-all.sh
+    
+The `md2man` Docker container will process the Markdown files and generate
+the man pages inside the `/man/man1` directory of your fork using
+Docker volumes. For more information on Docker volumes see the man page for
+`docker run` and also look at the article [Sharing Directories via Volumes]
+(https://docs.docker.com/use/working_with_volumes/).
diff --git a/man/config-json.5.md b/man/config-json.5.md
new file mode 100644
index 00000000..49987f08
--- /dev/null
+++ b/man/config-json.5.md
@@ -0,0 +1,72 @@
+% CONFIG.JSON(5) Docker User Manuals
+% Docker Community
+% JANUARY 2016
+# NAME
+HOME/.docker/config.json - Default Docker configuration file
+
+# INTRODUCTION
+
+By default, the Docker command line stores its configuration files in a
+directory called `.docker` within your `$HOME` directory.  Docker manages most of
+the files in the configuration directory and you should not modify them.
+However, you *can modify* the `config.json` file to control certain aspects of
+how the `docker` command behaves.
+
+Currently, you can modify the `docker` command behavior using environment
+variables or command-line options. You can also use options within
+`config.json` to modify some of the same behavior. When using these
+mechanisms, you must keep in mind the order of precedence among them. Command
+line options override environment variables and environment variables override
+properties you specify in a `config.json` file.
+
+The `config.json` file stores a JSON encoding of several properties:
+
+* The `HttpHeaders` property specifies a set of headers to include in all messages
+sent from the Docker client to the daemon. Docker does not try to interpret or
+understand these header; it simply puts them into the messages. Docker does not
+allow these headers to change any headers it sets for itself.
+
+* The `psFormat` property specifies the default format for `docker ps` output.
+When the `--format` flag is not provided with the `docker ps` command,
+Docker's client uses this property. If this property is not set, the client
+falls back to the default table format. For a list of supported formatting
+directives, see **docker-ps(1)**.
+
+* The `detachKeys` property specifies the default key sequence which
+detaches the container. When the `--detach-keys` flag is not provide
+with the `docker attach`, `docker exec`, `docker run` or `docker
+start`, Docker's client uses this property. If this property is not
+set, the client falls back to the default sequence `ctrl-p,ctrl-q`.
+
+
+* The `imagesFormat` property  specifies the default format for `docker images`
+output. When the `--format` flag is not provided with the `docker images`
+command, Docker's client uses this property. If this property is not set, the
+client falls back to the default table format. For a list of supported
+formatting directives, see **docker-images(1)**.
+
+You can specify a different location for the configuration files via the
+`DOCKER_CONFIG` environment variable or the `--config` command line option. If
+both are specified, then the `--config` option overrides the `DOCKER_CONFIG`
+environment variable:
+
+    docker --config ~/testconfigs/ ps
+
+This command instructs Docker to use the configuration files in the
+`~/testconfigs/` directory when running the `ps` command.
+
+## Examples
+
+Following is a sample `config.json` file:
+
+    {
+      "HttpHeaders": {
+        "MyHeader": "MyValue"
+      },
+      "psFormat": "table {{.ID}}\\t{{.Image}}\\t{{.Command}}\\t{{.Labels}}",
+      "imagesFormat": "table {{.ID}}\\t{{.Repository}}\\t{{.Tag}}\\t{{.CreatedAt}}",
+      "detachKeys": "ctrl-e,e"
+    }
+
+# HISTORY
+January 2016, created by Moxiegirl <mary@docker.com>
diff --git a/man/docker-attach.1.md b/man/docker-attach.1.md
new file mode 100644
index 00000000..c78f4fbb
--- /dev/null
+++ b/man/docker-attach.1.md
@@ -0,0 +1,99 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-attach - Attach to a running container
+
+# SYNOPSIS
+**docker attach**
+[**--detach-keys**[=*[]*]]
+[**--help**]
+[**--no-stdin**]
+[**--sig-proxy**[=*true*]]
+CONTAINER
+
+# DESCRIPTION
+The **docker attach** command allows you to attach to a running container using
+the container's ID or name, either to view its ongoing output or to control it
+interactively.  You can attach to the same contained process multiple times
+simultaneously, screen sharing style, or quickly view the progress of your
+detached process.
+
+To stop a container, use `CTRL-c`. This key sequence sends `SIGKILL` to the
+container. You can detach from the container (and leave it running) using a
+configurable key sequence. The default sequence is `CTRL-p CTRL-q`. You
+configure the key sequence using the **--detach-keys** option or a configuration
+file. See **config-json(5)** for documentation on using a configuration file.
+
+It is forbidden to redirect the standard input of a `docker attach` command while
+attaching to a tty-enabled container (i.e.: launched with `-t`).
+
+# OPTIONS
+**--detach-keys**=""
+    Override the key sequence for detaching a container. Format is a single character `[a-Z]` or `ctrl-<value>` where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`.
+
+**--help**
+  Print usage statement
+
+**--no-stdin**=*true*|*false*
+   Do not attach STDIN. The default is *false*.
+
+**--sig-proxy**=*true*|*false*
+   Proxy all received signals to the process (non-TTY mode only). SIGCHLD, SIGKILL, and SIGSTOP are not proxied. The default is *true*.
+
+# Override the detach sequence
+
+If you want, you can configure a override the Docker key sequence for detach.
+This is is useful if the Docker default sequence conflicts with key squence you
+use for other applications. There are two ways to defines a your own detach key
+sequence, as a per-container override or as a configuration property on  your
+entire configuration.
+
+To override the sequence for an individual container, use the
+`--detach-keys="<sequence>"` flag with the `docker attach` command. The format of
+the `<sequence>` is either a letter [a-Z], or the `ctrl-` combined with any of
+the following:
+
+* `a-z` (a single lowercase alpha character )
+* `@` (at sign)
+* `[` (left bracket)
+* `\\` (two backward slashes)
+*  `_` (underscore)
+* `^` (caret)
+
+These `a`, `ctrl-a`, `X`, or `ctrl-\\` values are all examples of valid key
+sequences. To configure a different configuration default key sequence for all
+containers, see **docker(1)**.
+
+# EXAMPLES
+
+## Attaching to a container
+
+In this example the top command is run inside a container, from an image called
+fedora, in detached mode. The ID from the container is passed into the **docker
+attach** command:
+
+    # ID=$(sudo docker run -d fedora /usr/bin/top -b)
+    # sudo docker attach $ID
+    top - 02:05:52 up  3:05,  0 users,  load average: 0.01, 0.02, 0.05
+    Tasks:   1 total,   1 running,   0 sleeping,   0 stopped,   0 zombie
+    Cpu(s):  0.1%us,  0.2%sy,  0.0%ni, 99.7%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
+    Mem:    373572k total,   355560k used,    18012k free,    27872k buffers
+    Swap:   786428k total,        0k used,   786428k free,   221740k cached
+
+    PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
+    1 root      20   0 17200 1116  912 R    0  0.3   0:00.03 top
+
+    top - 02:05:55 up  3:05,  0 users,  load average: 0.01, 0.02, 0.05
+    Tasks:   1 total,   1 running,   0 sleeping,   0 stopped,   0 zombie
+    Cpu(s):  0.0%us,  0.2%sy,  0.0%ni, 99.8%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
+    Mem:    373572k total,   355244k used,    18328k free,    27872k buffers
+    Swap:   786428k total,        0k used,   786428k free,   221776k cached
+
+    PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
+    1 root      20   0 17208 1144  932 R    0  0.3   0:00.03 top
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
diff --git a/man/docker-build.1.md b/man/docker-build.1.md
new file mode 100644
index 00000000..c854bc11
--- /dev/null
+++ b/man/docker-build.1.md
@@ -0,0 +1,311 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-build - Build a new image from the source code at PATH
+
+# SYNOPSIS
+**docker build**
+[**--build-arg**[=*[]*]]
+[**--cpu-shares**[=*0*]]
+[**--cgroup-parent**[=*CGROUP-PARENT*]]
+[**--help**]
+[**-f**|**--file**[=*PATH/Dockerfile*]]
+[**--force-rm**]
+[**--isolation**[=*default*]]
+[**--label**[=*[]*]]
+[**--no-cache**]
+[**--pull**]
+[**-q**|**--quiet**]
+[**--rm**[=*true*]]
+[**-t**|**--tag**[=*[]*]]
+[**-m**|**--memory**[=*MEMORY*]]
+[**--memory-swap**[=*LIMIT*]]
+[**--shm-size**[=*SHM-SIZE*]]
+[**--cpu-period**[=*0*]]
+[**--cpu-quota**[=*0*]]
+[**--cpuset-cpus**[=*CPUSET-CPUS*]]
+[**--cpuset-mems**[=*CPUSET-MEMS*]]
+[**--ulimit**[=*[]*]]
+PATH | URL | -
+
+# DESCRIPTION
+This will read the Dockerfile from the directory specified in **PATH**.
+It also sends any other files and directories found in the current
+directory to the Docker daemon. The contents of this directory would
+be used by **ADD** commands found within the Dockerfile.
+
+Warning, this will send a lot of data to the Docker daemon depending
+on the contents of the current directory. The build is run by the Docker
+daemon, not by the CLI, so the whole context must be transferred to the daemon. 
+The Docker CLI reports "Sending build context to Docker daemon" when the context is sent to
+the daemon.
+
+When the URL to a tarball archive or to a single Dockerfile is given, no context is sent from
+the client to the Docker daemon. In this case, the Dockerfile at the root of the archive and
+the rest of the archive will get used as the context of the build.  When a Git repository is
+set as the **URL**, the repository is cloned locally and then sent as the context.
+
+# OPTIONS
+**-f**, **--file**=*PATH/Dockerfile*
+   Path to the Dockerfile to use. If the path is a relative path and you are
+   building from a local directory, then the path must be relative to that
+   directory. If you are building from a remote URL pointing to either a
+   tarball or a Git repository, then the path must be relative to the root of
+   the remote context. In all cases, the file must be within the build context.
+   The default is *Dockerfile*.
+
+**--build-arg**=*variable*
+   name and value of a **buildarg**.
+
+   For example, if you want to pass a value for `http_proxy`, use
+   `--build-arg=http_proxy="http://some.proxy.url"`
+
+   Users pass these values at build-time. Docker uses the `buildargs` as the
+   environment context for command(s) run via the Dockerfile's `RUN` instruction
+   or for variable expansion in other Dockerfile instructions. This is not meant
+   for passing secret values. [Read more about the buildargs instruction](/reference/builder/#arg)
+
+**--force-rm**=*true*|*false*
+   Always remove intermediate containers, even after unsuccessful builds. The default is *false*.
+
+**--isolation**="*default*"
+   Isolation specifies the type of isolation technology used by containers. 
+
+**--label**=*label*
+   Set metadata for an image
+
+**--no-cache**=*true*|*false*
+   Do not use cache when building the image. The default is *false*.
+
+**--help**
+  Print usage statement
+
+**--pull**=*true*|*false*
+   Always attempt to pull a newer version of the image. The default is *false*.
+
+**-q**, **--quiet**=*true*|*false*
+   Suppress the build output and print image ID on success. The default is *false*.
+
+**--rm**=*true*|*false*
+   Remove intermediate containers after a successful build. The default is *true*.
+
+**-t**, **--tag**=""
+   Repository names (and optionally with tags) to be applied to the resulting image in case of success.
+
+**-m**, **--memory**=*MEMORY*
+  Memory limit
+
+**--memory-swap**=*LIMIT*
+   A limit value equal to memory plus swap. Must be used with the  **-m**
+(**--memory**) flag. The swap `LIMIT` should always be larger than **-m**
+(**--memory**) value.
+
+   The format of `LIMIT` is `<number>[<unit>]`. Unit can be `b` (bytes),
+`k` (kilobytes), `m` (megabytes), or `g` (gigabytes). If you don't specify a
+unit, `b` is used. Set LIMIT to `-1` to enable unlimited swap.
+
+**--shm-size**=*SHM-SIZE*
+  Size of `/dev/shm`. The format is `<number><unit>`. `number` must be greater than `0`.
+  Unit is optional and can be `b` (bytes), `k` (kilobytes), `m` (megabytes), or `g` (gigabytes). If you omit the unit, the system uses bytes.
+  If you omit the size entirely, the system uses `64m`.
+
+**--cpu-shares**=*0*
+  CPU shares (relative weight).
+
+  By default, all containers get the same proportion of CPU cycles.
+  CPU shares is a 'relative weight', relative to the default setting of 1024.
+  This default value is defined here: 
+  ```
+   cat /sys/fs/cgroup/cpu/cpu.shares
+   1024
+  ```
+  You can change this proportion by adjusting the container's CPU share 
+  weighting relative to the weighting of all other running containers.
+
+  To modify the proportion from the default of 1024, use the **--cpu-shares**
+  flag to set the weighting to 2 or higher.
+
+      Container   CPU share    Flag             
+      {C0}        60% of CPU  --cpu-shares=614 (614 is 60% of 1024)
+      {C1}        40% of CPU  --cpu-shares=410 (410 is 40% of 1024)
+
+  The proportion is only applied when CPU-intensive processes are running.
+  When tasks in one container are idle, the other containers can use the
+  left-over CPU time. The actual amount of CPU time used varies depending on
+  the number of containers running on the system.
+
+  For example, consider three containers, where one has **--cpu-shares=1024** and
+  two others have **--cpu-shares=512**. When processes in all three
+  containers attempt to use 100% of CPU, the first container would receive
+  50% of the total CPU time. If you add a fourth container with **--cpu-shares=1024**,
+  the first container only gets 33% of the CPU. The remaining containers
+  receive 16.5%, 16.5% and 33% of the CPU.
+
+
+      Container   CPU share   Flag                CPU time            
+      {C0}        100%        --cpu-shares=1024   33%
+      {C1}        50%         --cpu-shares=512    16.5%
+      {C2}        50%         --cpu-shares=512    16.5%
+      {C4}        100%        --cpu-shares=1024   33%
+
+
+  On a multi-core system, the shares of CPU time are distributed across the CPU
+  cores. Even if a container is limited to less than 100% of CPU time, it can
+  use 100% of each individual CPU core.
+
+  For example, consider a system with more than three cores. If you start one
+  container **{C0}** with **--cpu-shares=512** running one process, and another container
+  **{C1}** with **--cpu-shares=1024** running two processes, this can result in the following
+  division of CPU shares:
+
+      PID    container    CPU    CPU share
+      100    {C0}         0      100% of CPU0
+      101    {C1}         1      100% of CPU1
+      102    {C1}         2      100% of CPU2
+
+**--cpu-period**=*0*
+  Limit the CPU CFS (Completely Fair Scheduler) period.
+
+  Limit the container's CPU usage. This flag causes the kernel to restrict the
+  container's CPU usage to the period you specify.
+
+**--cpu-quota**=*0*
+  Limit the CPU CFS (Completely Fair Scheduler) quota. 
+
+  By default, containers run with the full CPU resource. This flag causes the
+kernel to restrict the container's CPU usage to the quota you specify.
+
+**--cpuset-cpus**=*CPUSET-CPUS*
+  CPUs in which to allow execution (0-3, 0,1).
+
+**--cpuset-mems**=*CPUSET-MEMS*
+  Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on
+  NUMA systems.
+
+  For example, if you have four memory nodes on your system (0-3), use `--cpuset-mems=0,1`
+to ensure the processes in your Docker container only use memory from the first
+two memory nodes.
+
+**--cgroup-parent**=*CGROUP-PARENT*
+  Path to `cgroups` under which the container's `cgroup` are created.
+
+  If the path is not absolute, the path is considered relative to the `cgroups` path of the init process.
+Cgroups are created if they do not already exist.
+
+**--ulimit**=[]
+  Ulimit options
+
+  For more information about `ulimit` see [Setting ulimits in a 
+container](https://docs.docker.com/reference/commandline/run/#setting-ulimits-in-a-container)
+
+# EXAMPLES
+
+## Building an image using a Dockerfile located inside the current directory
+
+Docker images can be built using the build command and a Dockerfile:
+
+    docker build .
+
+During the build process Docker creates intermediate images. In order to
+keep them, you must explicitly set `--rm=false`.
+
+    docker build --rm=false .
+
+A good practice is to make a sub-directory with a related name and create
+the Dockerfile in that directory. For example, a directory called mongo may
+contain a Dockerfile to create a Docker MongoDB image. Likewise, another
+directory called httpd may be used to store Dockerfiles for Apache web
+server images.
+
+It is also a good practice to add the files required for the image to the
+sub-directory. These files will then be specified with the `COPY` or `ADD`
+instructions in the `Dockerfile`.
+
+Note: If you include a tar file (a good practice), then Docker will
+automatically extract the contents of the tar file specified within the `ADD`
+instruction into the specified target.
+
+## Building an image and naming that image
+
+A good practice is to give a name to the image you are building. Note that 
+only a-z0-9-_. should be used for consistency.  There are no hard rules here but it is best to give the names consideration. 
+
+The **-t**/**--tag** flag is used to rename an image. Here are some examples:
+
+Though it is not a good practice, image names can be arbitrary:
+
+    docker build -t myimage .
+
+A better approach is to provide a fully qualified and meaningful repository,
+name, and tag (where the tag in this context means the qualifier after 
+the ":"). In this example we build a JBoss image for the Fedora repository 
+and give it the version 1.0:
+
+    docker build -t fedora/jboss:1.0 .
+
+The next example is for the "whenry" user repository and uses Fedora and
+JBoss and gives it the version 2.1 :
+
+    docker build -t whenry/fedora-jboss:v2.1 .
+
+If you do not provide a version tag then Docker will assign `latest`:
+
+    docker build -t whenry/fedora-jboss .
+
+When you list the images, the image above will have the tag `latest`.
+
+You can apply multiple tags to an image. For example, you can apply the `latest`
+tag to a newly built image and add another tag that references a specific
+version.
+For example, to tag an image both as `whenry/fedora-jboss:latest` and
+`whenry/fedora-jboss:v2.1`, use the following:
+
+    docker build -t whenry/fedora-jboss:latest -t whenry/fedora-jboss:v2.1 .
+
+So renaming an image is arbitrary but consideration should be given to 
+a useful convention that makes sense for consumers and should also take
+into account Docker community conventions.
+
+
+## Building an image using a URL
+
+This will clone the specified GitHub repository from the URL and use it
+as context. The Dockerfile at the root of the repository is used as
+Dockerfile. This only works if the GitHub repository is a dedicated
+repository.
+
+    docker build github.com/scollier/purpletest
+
+Note: You can set an arbitrary Git repository via the `git://` schema.
+
+## Building an image using a URL to a tarball'ed context
+
+This will send the URL itself to the Docker daemon. The daemon will fetch the
+tarball archive, decompress it and use its contents as the build context.  The 
+Dockerfile at the root of the archive and the rest of the archive will get used
+as the context of the build. If you pass an **-f PATH/Dockerfile** option as well,
+the system will look for that file inside the contents of the tarball.
+
+    docker build -f dev/Dockerfile https://10.10.10.1/docker/context.tar.gz
+
+Note: supported compression formats are 'xz', 'bzip2', 'gzip' and 'identity' (no compression).
+
+## Specify isolation technology for container (--isolation)
+
+This option is useful in situations where you are running Docker containers on
+Windows. The `--isolation=<value>` option sets a container's isolation
+technology. On Linux, the only supported is the `default` option which uses
+Linux namespaces. On Microsoft Windows, you can specify these values:
+
+* `default`: Use the value specified by the Docker daemon's `--exec-opt` . If the `daemon` does not specify an isolation technology, Microsoft Windows uses `process` as its default value.
+* `process`: Namespace isolation only.
+* `hyperv`: Hyper-V hypervisor partition-based isolation.
+
+Specifying the `--isolation` flag without a value is the same as setting `--isolation="default"`.
+
+# HISTORY
+March 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+June 2015, updated by Sally O'Malley <somalley@redhat.com>
diff --git a/man/docker-commit.1.md b/man/docker-commit.1.md
new file mode 100644
index 00000000..5912d363
--- /dev/null
+++ b/man/docker-commit.1.md
@@ -0,0 +1,70 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-commit - Create a new image from a container's changes
+
+# SYNOPSIS
+**docker commit**
+[**-a**|**--author**[=*AUTHOR*]]
+[**-c**|**--change**[=\[*DOCKERFILE INSTRUCTIONS*\]]]
+[**--help**]
+[**-m**|**--message**[=*MESSAGE*]]
+[**-p**|**--pause**[=*true*]]
+CONTAINER [REPOSITORY[:TAG]]
+
+# DESCRIPTION
+Create a new image from an existing container specified by name or
+container ID.  The new image will contain the contents of the
+container filesystem, *excluding* any data volumes.
+
+While the `docker commit` command is a convenient way of extending an
+existing image, you should prefer the use of a Dockerfile and `docker
+build` for generating images that you intend to share with other
+people.
+
+# OPTIONS
+**-a**, **--author**=""
+   Author (e.g., "John Hannibal Smith <hannibal@a-team.com>")
+
+**-c** , **--change**=[]
+   Apply specified Dockerfile instructions while committing the image
+   Supported Dockerfile instructions: `CMD`|`ENTRYPOINT`|`ENV`|`EXPOSE`|`LABEL`|`ONBUILD`|`USER`|`VOLUME`|`WORKDIR`
+
+**--help**
+  Print usage statement
+
+**-m**, **--message**=""
+   Commit message
+
+**-p**, **--pause**=*true*|*false*
+   Pause container during commit. The default is *true*.
+
+# EXAMPLES
+
+## Creating a new image from an existing container
+An existing Fedora based container has had Apache installed while running
+in interactive mode with the bash shell. Apache is also running. To
+create a new image run `docker ps` to find the container's ID and then run:
+
+    # docker commit -m="Added Apache to Fedora base image" \
+      -a="A D Ministrator" 98bd7fc99854 fedora/fedora_httpd:20
+
+Note that only a-z0-9-_. are allowed when naming images from an 
+existing container.
+
+## Apply specified Dockerfile instructions while committing the image
+If an existing container was created without the DEBUG environment
+variable set to "true", you can create a new image based on that
+container by first getting the container's ID with `docker ps` and
+then running:
+
+    # docker commit -c="ENV DEBUG true" 98bd7fc99854 debug-image
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and in
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+July 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+Oct 2014, updated by Daniel, Dao Quang Minh <daniel at nitrous dot io>
+June 2015, updated by Sally O'Malley <somalley@redhat.com>
diff --git a/man/docker-cp.1.md b/man/docker-cp.1.md
new file mode 100644
index 00000000..84d64c26
--- /dev/null
+++ b/man/docker-cp.1.md
@@ -0,0 +1,166 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-cp - Copy files/folders between a container and the local filesystem.
+
+# SYNOPSIS
+**docker cp**
+[**--help**]
+CONTAINER:SRC_PATH DEST_PATH|-
+
+**docker cp**
+[**--help**]
+SRC_PATH|- CONTAINER:DEST_PATH
+
+# DESCRIPTION
+
+The `docker cp` utility copies the contents of `SRC_PATH` to the `DEST_PATH`.
+You can copy from the container's file system to the local machine or the
+reverse, from the local filesystem to the container. If `-` is specified for
+either the `SRC_PATH` or `DEST_PATH`, you can also stream a tar archive from
+`STDIN` or to `STDOUT`. The `CONTAINER` can be a running or stopped container.
+The `SRC_PATH` or `DEST_PATH` can be a file or directory.
+
+The `docker cp` command assumes container paths are relative to the container's 
+`/` (root) directory. This means supplying the initial forward slash is optional; 
+The command sees `compassionate_darwin:/tmp/foo/myfile.txt` and
+`compassionate_darwin:tmp/foo/myfile.txt` as identical. Local machine paths can
+be an absolute or relative value. The command interprets a local machine's
+relative paths as relative to the current working directory where `docker cp` is
+run.
+
+The `cp` command behaves like the Unix `cp -a` command in that directories are
+copied recursively with permissions preserved if possible. Ownership is set to
+the user and primary group at the destination. For example, files copied to a
+container are created with `UID:GID` of the root user. Files copied to the local
+machine are created with the `UID:GID` of the user which invoked the `docker cp`
+command.  If you specify the `-L` option, `docker cp` follows any symbolic link
+in the `SRC_PATH`. `docker cp` does *not* create parent directories for
+`DEST_PATH` if they do not exist.
+
+Assuming a path separator of `/`, a first argument of `SRC_PATH` and second
+argument of `DEST_PATH`, the behavior is as follows:
+
+- `SRC_PATH` specifies a file
+    - `DEST_PATH` does not exist
+        - the file is saved to a file created at `DEST_PATH`
+    - `DEST_PATH` does not exist and ends with `/`
+        - Error condition: the destination directory must exist.
+    - `DEST_PATH` exists and is a file
+        - the destination is overwritten with the source file's contents
+    - `DEST_PATH` exists and is a directory
+        - the file is copied into this directory using the basename from
+          `SRC_PATH`
+- `SRC_PATH` specifies a directory
+    - `DEST_PATH` does not exist
+        - `DEST_PATH` is created as a directory and the *contents* of the source
+           directory are copied into this directory
+    - `DEST_PATH` exists and is a file
+        - Error condition: cannot copy a directory to a file
+    - `DEST_PATH` exists and is a directory
+        - `SRC_PATH` does not end with `/.`
+            - the source directory is copied into this directory
+        - `SRC_PATH` does end with `/.`
+            - the *content* of the source directory is copied into this
+              directory
+
+The command requires `SRC_PATH` and `DEST_PATH` to exist according to the above
+rules. If `SRC_PATH` is local and is a symbolic link, the symbolic link, not
+the target, is copied by default. To copy the link target and not the link, 
+specify the `-L` option.
+
+A colon (`:`) is used as a delimiter between `CONTAINER` and its path. You can
+also use `:` when specifying paths to a `SRC_PATH` or `DEST_PATH` on a local
+machine, for example  `file:name.txt`. If you use a `:` in a local machine path,
+you must be explicit with a relative or absolute path, for example:
+
+    `/path/to/file:name.txt` or `./file:name.txt`
+
+It is not possible to copy certain system files such as resources under
+`/proc`, `/sys`, `/dev`, and mounts created by the user in the container.
+
+Using `-` as the `SRC_PATH` streams the contents of `STDIN` as a tar archive.
+The command extracts the content of the tar to the `DEST_PATH` in container's
+filesystem. In this case, `DEST_PATH` must specify a directory. Using `-` as
+the `DEST_PATH` streams the contents of the resource as a tar archive to `STDOUT`.
+
+# OPTIONS
+**-L**, **--follow-link**=*true*|*false*
+  Follow symbol link in SRC_PATH
+
+**--help**
+  Print usage statement
+
+# EXAMPLES
+
+Suppose a container has finished producing some output as a file it saves
+to somewhere in its filesystem. This could be the output of a build job or
+some other computation. You can copy these outputs from the container to a
+location on your local host.
+
+If you want to copy the `/tmp/foo` directory from a container to the
+existing `/tmp` directory on your host. If you run `docker cp` in your `~`
+(home) directory on the local host:
+
+    $ docker cp compassionate_darwin:tmp/foo /tmp
+
+Docker creates a `/tmp/foo` directory on your host. Alternatively, you can omit
+the leading slash in the command. If you execute this command from your home
+directory:
+
+    $ docker cp compassionate_darwin:tmp/foo tmp
+
+If `~/tmp` does not exist, Docker will create it and copy the contents of
+`/tmp/foo` from the container into this new directory. If `~/tmp` already
+exists as a directory, then Docker will copy the contents of `/tmp/foo` from
+the container into a directory at `~/tmp/foo`.
+
+When copying a single file to an existing `LOCALPATH`, the `docker cp` command
+will either overwrite the contents of `LOCALPATH` if it is a file or place it
+into `LOCALPATH` if it is a directory, overwriting an existing file of the same
+name if one exists. For example, this command:
+
+    $ docker cp sharp_ptolemy:/tmp/foo/myfile.txt /test
+
+If `/test` does not exist on the local machine, it will be created as a file
+with the contents of `/tmp/foo/myfile.txt` from the container. If `/test`
+exists as a file, it will be overwritten. Lastly, if `/test` exists as a
+directory, the file will be copied to `/test/myfile.txt`.
+
+Next, suppose you want to copy a file or folder into a container. For example,
+this could be a configuration file or some other input to a long running
+computation that you would like to place into a created container before it
+starts. This is useful because it does not require the configuration file or
+other input to exist in the container image.
+
+If you have a file, `config.yml`, in the current directory on your local host
+and wish to copy it to an existing directory at `/etc/my-app.d` in a container,
+this command can be used:
+
+    $ docker cp config.yml myappcontainer:/etc/my-app.d
+
+If you have several files in a local directory `/config` which you need to copy
+to a directory `/etc/my-app.d` in a container:
+
+    $ docker cp /config/. myappcontainer:/etc/my-app.d
+
+The above command will copy the contents of the local `/config` directory into
+the directory `/etc/my-app.d` in the container.
+
+Finally, if you want to copy a symbolic link into a container, you typically
+want to  copy the linked target and not the link itself. To copy the target, use
+the `-L` option, for example:
+
+    $ ln -s /tmp/somefile /tmp/somefile.ln
+    $ docker cp -L /tmp/somefile.ln myappcontainer:/tmp/
+
+This command copies content of the local `/tmp/somefile` into the file
+`/tmp/somefile.ln` in the container. Without `-L` option, the `/tmp/somefile.ln`
+preserves its symbolic link but not its content.
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+May 2015, updated by Josh Hawn <josh.hawn@docker.com>
diff --git a/man/docker-create.1.md b/man/docker-create.1.md
new file mode 100644
index 00000000..f12edb54
--- /dev/null
+++ b/man/docker-create.1.md
@@ -0,0 +1,470 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-create - Create a new container
+
+# SYNOPSIS
+**docker create**
+[**-a**|**--attach**[=*[]*]]
+[**--add-host**[=*[]*]]
+[**--blkio-weight**[=*[BLKIO-WEIGHT]*]]
+[**--blkio-weight-device**[=*[]*]]
+[**--cpu-shares**[=*0*]]
+[**--cap-add**[=*[]*]]
+[**--cap-drop**[=*[]*]]
+[**--cgroup-parent**[=*CGROUP-PATH*]]
+[**--cidfile**[=*CIDFILE*]]
+[**--cpu-period**[=*0*]]
+[**--cpu-quota**[=*0*]]
+[**--cpuset-cpus**[=*CPUSET-CPUS*]]
+[**--cpuset-mems**[=*CPUSET-MEMS*]]
+[**--device**[=*[]*]]
+[**--device-read-bps**[=*[]*]]
+[**--device-read-iops**[=*[]*]]
+[**--device-write-bps**[=*[]*]]
+[**--device-write-iops**[=*[]*]]
+[**--dns**[=*[]*]]
+[**--dns-search**[=*[]*]]
+[**--dns-opt**[=*[]*]]
+[**-e**|**--env**[=*[]*]]
+[**--entrypoint**[=*ENTRYPOINT*]]
+[**--env-file**[=*[]*]]
+[**--expose**[=*[]*]]
+[**--group-add**[=*[]*]]
+[**-h**|**--hostname**[=*HOSTNAME*]]
+[**--help**]
+[**-i**|**--interactive**]
+[**--ip**[=*IPv4-ADDRESS*]]
+[**--ip6**[=*IPv6-ADDRESS*]]
+[**--ipc**[=*IPC*]]
+[**--isolation**[=*default*]]
+[**--kernel-memory**[=*KERNEL-MEMORY*]]
+[**-l**|**--label**[=*[]*]]
+[**--label-file**[=*[]*]]
+[**--link**[=*[]*]]
+[**--log-driver**[=*[]*]]
+[**--log-opt**[=*[]*]]
+[**-m**|**--memory**[=*MEMORY*]]
+[**--mac-address**[=*MAC-ADDRESS*]]
+[**--memory-reservation**[=*MEMORY-RESERVATION*]]
+[**--memory-swap**[=*LIMIT*]]
+[**--memory-swappiness**[=*MEMORY-SWAPPINESS*]]
+[**--name**[=*NAME*]]
+[**--net**[=*"bridge"*]]
+[**--net-alias**[=*[]*]]
+[**--oom-kill-disable**]
+[**--oom-score-adj**[=*0*]]
+[**-P**|**--publish-all**]
+[**-p**|**--publish**[=*[]*]]
+[**--pid**[=*[]*]]
+[**--userns**[=*[]*]]
+[**--pids-limit**[=*PIDS_LIMIT*]]
+[**--privileged**]
+[**--read-only**]
+[**--restart**[=*RESTART*]]
+[**--security-opt**[=*[]*]]
+[**--stop-signal**[=*SIGNAL*]]
+[**--shm-size**[=*[]*]]
+[**-t**|**--tty**]
+[**--tmpfs**[=*[CONTAINER-DIR[:<OPTIONS>]*]]
+[**-u**|**--user**[=*USER*]]
+[**--ulimit**[=*[]*]]
+[**--uts**[=*[]*]]
+[**-v**|**--volume**[=*[[HOST-DIR:]CONTAINER-DIR[:OPTIONS]]*]]
+[**--volume-driver**[=*DRIVER*]]
+[**--volumes-from**[=*[]*]]
+[**-w**|**--workdir**[=*WORKDIR*]]
+IMAGE [COMMAND] [ARG...]
+
+# DESCRIPTION
+
+Creates a writeable container layer over the specified image and prepares it for
+running the specified command. The container ID is then printed to STDOUT. This
+is similar to **docker run -d** except the container is never started. You can 
+then use the **docker start <container_id>** command to start the container at
+any point.
+
+The initial status of the container created with **docker create** is 'created'.
+
+# OPTIONS
+**-a**, **--attach**=[]
+   Attach to STDIN, STDOUT or STDERR.
+
+**--add-host**=[]
+   Add a custom host-to-IP mapping (host:ip)
+
+**--blkio-weight**=*0*
+   Block IO weight (relative weight) accepts a weight value between 10 and 1000.
+
+**--blkio-weight-device**=[]
+   Block IO weight (relative device weight, format: `DEVICE_NAME:WEIGHT`).
+
+**--cpu-shares**=*0*
+   CPU shares (relative weight)
+
+**--cap-add**=[]
+   Add Linux capabilities
+
+**--cap-drop**=[]
+   Drop Linux capabilities
+
+**--cgroup-parent**=""
+   Path to cgroups under which the cgroup for the container will be created. If the path is not absolute, the path is considered to be relative to the cgroups path of the init process. Cgroups will be created if they do not already exist.
+
+**--cidfile**=""
+   Write the container ID to the file
+
+**--cpu-period**=*0*
+    Limit the CPU CFS (Completely Fair Scheduler) period
+
+**--cpuset-cpus**=""
+   CPUs in which to allow execution (0-3, 0,1)
+
+**--cpuset-mems**=""
+   Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems.
+
+   If you have four memory nodes on your system (0-3), use `--cpuset-mems=0,1`
+then processes in your Docker container will only use memory from the first
+two memory nodes.
+
+**--cpu-quota**=*0*
+   Limit the CPU CFS (Completely Fair Scheduler) quota
+
+**--device**=[]
+   Add a host device to the container (e.g. --device=/dev/sdc:/dev/xvdc:rwm)
+
+**--device-read-bps**=[]
+    Limit read rate (bytes per second) from a device (e.g. --device-read-bps=/dev/sda:1mb)
+
+**--device-read-iops**=[]
+    Limit read rate (IO per second) from a device (e.g. --device-read-iops=/dev/sda:1000)
+
+**--device-write-bps**=[]
+    Limit write rate (bytes per second) to a device (e.g. --device-write-bps=/dev/sda:1mb)
+
+**--device-write-iops**=[]
+    Limit write rate (IO per second) to a device (e.g. --device-write-iops=/dev/sda:1000)
+
+**--dns**=[]
+   Set custom DNS servers
+
+**--dns-opt**=[]
+   Set custom DNS options
+
+**--dns-search**=[]
+   Set custom DNS search domains (Use --dns-search=. if you don't wish to set the search domain)
+
+**-e**, **--env**=[]
+   Set environment variables
+
+**--entrypoint**=""
+   Overwrite the default ENTRYPOINT of the image
+
+**--env-file**=[]
+   Read in a line-delimited file of environment variables
+
+**--expose**=[]
+   Expose a port or a range of ports (e.g. --expose=3300-3310) from the container without publishing it to your host
+
+**--group-add**=[]
+   Add additional groups to run as
+
+**-h**, **--hostname**=""
+   Container host name
+
+**--help**
+  Print usage statement
+
+**-i**, **--interactive**=*true*|*false*
+   Keep STDIN open even if not attached. The default is *false*.
+
+**--ip**=""
+   Sets the container's interface IPv4 address (e.g. 172.23.0.9)
+
+   It can only be used in conjunction with **--net** for user-defined networks
+
+**--ip6**=""
+   Sets the container's interface IPv6 address (e.g. 2001:db8::1b99)
+
+   It can only be used in conjunction with **--net** for user-defined networks
+
+**--ipc**=""
+   Default is to create a private IPC namespace (POSIX SysV IPC) for the container
+                               'container:<name|id>': reuses another container shared memory, semaphores and message queues
+                               'host': use the host shared memory,semaphores and message queues inside the container.  Note: the host mode gives the container full access to local shared memory and is therefore considered insecure.
+
+**--isolation**="*default*"
+   Isolation specifies the type of isolation technology used by containers. 
+
+**--kernel-memory**=""
+   Kernel memory limit (format: `<number>[<unit>]`, where unit = b, k, m or g)
+
+   Constrains the kernel memory available to a container. If a limit of 0
+is specified (not using `--kernel-memory`), the container's kernel memory
+is not limited. If you specify a limit, it may be rounded up to a multiple
+of the operating system's page size and the value can be very large,
+millions of trillions.
+
+**-l**, **--label**=[]
+   Adds metadata to a container (e.g., --label=com.example.key=value)
+
+**--label-file**=[]
+   Read labels from a file. Delimit each label with an EOL.
+
+**--link**=[]
+   Add link to another container in the form of <name or id>:alias or just
+   <name or id> in which case the alias will match the name.
+
+**--log-driver**="*json-file*|*syslog*|*journald*|*gelf*|*fluentd*|*awslogs*|*splunk*|*etwlogs*|*gcplogs*|*none*"
+  Logging driver for container. Default is defined by daemon `--log-driver` flag.
+  **Warning**: the `docker logs` command works only for the `json-file` and
+  `journald` logging drivers.
+
+**--log-opt**=[]
+  Logging driver specific options.
+
+**-m**, **--memory**=""
+   Memory limit (format: <number>[<unit>], where unit = b, k, m or g)
+
+   Allows you to constrain the memory available to a container. If the host
+supports swap memory, then the **-m** memory setting can be larger than physical
+RAM. If a limit of 0 is specified (not using **-m**), the container's memory is
+not limited. The actual limit may be rounded up to a multiple of the operating
+system's page size (the value would be very large, that's millions of trillions).
+
+**--mac-address**=""
+   Container MAC address (e.g. 92:d0:c6:0a:29:33)
+
+**--memory-reservation**=""
+   Memory soft limit (format: <number>[<unit>], where unit = b, k, m or g)
+
+   After setting memory reservation, when the system detects memory contention
+or low memory, containers are forced to restrict their consumption to their
+reservation. So you should always set the value below **--memory**, otherwise the
+hard limit will take precedence. By default, memory reservation will be the same
+as memory limit.
+
+**--memory-swap**="LIMIT"
+   A limit value equal to memory plus swap. Must be used with the  **-m**
+(**--memory**) flag. The swap `LIMIT` should always be larger than **-m**
+(**--memory**) value.
+
+   The format of `LIMIT` is `<number>[<unit>]`. Unit can be `b` (bytes),
+`k` (kilobytes), `m` (megabytes), or `g` (gigabytes). If you don't specify a
+unit, `b` is used. Set LIMIT to `-1` to enable unlimited swap.
+
+**--memory-swappiness**=""
+   Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100.
+
+**--name**=""
+   Assign a name to the container
+
+**--net**="*bridge*"
+   Set the Network mode for the container
+                               'bridge': create a network stack on the default Docker bridge
+                               'none': no networking
+                               'container:<name|id>': reuse another container's network stack
+                               'host': use the Docker host network stack.  Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure.
+                               '<network-name>|<network-id>': connect to a user-defined network
+
+**--net-alias**=[]
+   Add network-scoped alias for the container
+
+**--oom-kill-disable**=*true*|*false*
+	Whether to disable OOM Killer for the container or not.
+
+**--oom-score-adj**=""
+    Tune the host's OOM preferences for containers (accepts -1000 to 1000)
+
+**-P**, **--publish-all**=*true*|*false*
+   Publish all exposed ports to random ports on the host interfaces. The default is *false*.
+
+**-p**, **--publish**=[]
+   Publish a container's port, or a range of ports, to the host
+                               format: ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort | containerPort
+                               Both hostPort and containerPort can be specified as a range of ports. 
+                               When specifying ranges for both, the number of container ports in the range must match the number of host ports in the range. (e.g., `-p 1234-1236:1234-1236/tcp`)
+                               (use 'docker port' to see the actual mapping)
+
+**--pid**=*host*
+   Set the PID mode for the container
+     **host**: use the host's PID namespace inside the container.
+     Note: the host mode gives the container full access to local PID and is therefore considered insecure.
+
+**--userns**=""
+   Set the usernamespace mode for the container when `userns-remap` option is enabled.
+     **host**: use the host usernamespace and enable all privileged options (e.g., `pid=host` or `--privileged`).
+
+**--pids-limit**=""
+   Tune the container's pids limit. Set `-1` to have unlimited pids for the container.
+
+**--privileged**=*true*|*false*
+   Give extended privileges to this container. The default is *false*.
+
+**--read-only**=*true*|*false*
+   Mount the container's root filesystem as read only.
+
+**--restart**="*no*"
+   Restart policy to apply when a container exits (no, on-failure[:max-retry], always, unless-stopped).
+
+**--shm-size**=""
+   Size of `/dev/shm`. The format is `<number><unit>`. `number` must be greater than `0`.
+   Unit is optional and can be `b` (bytes), `k` (kilobytes), `m` (megabytes), or `g` (gigabytes). If you omit the unit, the system uses bytes.
+   If you omit the size entirely, the system uses `64m`.
+
+**--security-opt**=[]
+   Security Options
+
+   "label:user:USER"   : Set the label user for the container
+    "label:role:ROLE"   : Set the label role for the container
+    "label:type:TYPE"   : Set the label type for the container
+    "label:level:LEVEL" : Set the label level for the container
+    "label:disable"     : Turn off label confinement for the container
+    "no-new-privileges" : Disable container processes from gaining additional privileges
+    "seccomp:unconfined" : Turn off seccomp confinement for the container
+    "seccomp:profile.json :  White listed syscalls seccomp Json file to be used as a seccomp filter
+
+**--stop-signal**=*SIGTERM*
+  Signal to stop a container. Default is SIGTERM.
+
+**-t**, **--tty**=*true*|*false*
+   Allocate a pseudo-TTY. The default is *false*.
+
+**--tmpfs**=[] Create a tmpfs mount
+
+   Mount a temporary filesystem (`tmpfs`) mount into a container, for example:
+
+   $ docker run -d --tmpfs /tmp:rw,size=787448k,mode=1777 my_image
+
+   This command mounts a `tmpfs` at `/tmp` within the container.  The supported mount
+options are the same as the Linux default `mount` flags. If you do not specify
+any options, the systems uses the following options:
+`rw,noexec,nosuid,nodev,size=65536k`.
+
+**-u**, **--user**=""
+   Username or UID
+
+**--ulimit**=[]
+   Ulimit options
+
+**--uts**=*host*
+   Set the UTS mode for the container
+     **host**: use the host's UTS namespace inside the container.
+     Note: the host mode gives the container access to changing the host's hostname and is therefore considered insecure.
+
+**-v**|**--volume**[=*[[HOST-DIR:]CONTAINER-DIR[:OPTIONS]]*]
+   Create a bind mount. If you specify, ` -v /HOST-DIR:/CONTAINER-DIR`, Docker
+   bind mounts `/HOST-DIR` in the host to `/CONTAINER-DIR` in the Docker
+   container. If 'HOST-DIR' is omitted,  Docker automatically creates the new
+   volume on the host.  The `OPTIONS` are a comma delimited list and can be:
+
+   * [rw|ro]
+   * [z|Z]
+   * [`[r]shared`|`[r]slave`|`[r]private`]
+
+The `CONTAINER-DIR` must be an absolute path such as `/src/docs`. The `HOST-DIR`
+can be an absolute path or a `name` value. A `name` value must start with an
+alphanumeric character, followed by `a-z0-9`, `_` (underscore), `.` (period) or
+`-` (hyphen). An absolute path starts with a `/` (forward slash).
+
+If you supply a `HOST-DIR` that is an absolute path,  Docker bind-mounts to the
+path you specify. If you supply a `name`, Docker creates a named volume by that
+`name`. For example, you can specify either `/foo` or `foo` for a `HOST-DIR`
+value. If you supply the `/foo` value, Docker creates a bind-mount. If you
+supply the `foo` specification, Docker creates a named volume.
+
+You can specify multiple  **-v** options to mount one or more mounts to a
+container. To use these same mounts in other containers, specify the
+**--volumes-from** option also.
+
+You can add `:ro` or `:rw` suffix to a volume to mount it  read-only or
+read-write mode, respectively. By default, the volumes are mounted read-write.
+See examples.
+
+Labeling systems like SELinux require that proper labels are placed on volume
+content mounted into a container. Without a label, the security system might
+prevent the processes running inside the container from using the content. By
+default, Docker does not change the labels set by the OS.
+
+To change a label in the container context, you can add either of two suffixes
+`:z` or `:Z` to the volume mount. These suffixes tell Docker to relabel file
+objects on the shared volumes. The `z` option tells Docker that two containers
+share the volume content. As a result, Docker labels the content with a shared
+content label. Shared volume labels allow all containers to read/write content.
+The `Z` option tells Docker to label the content with a private unshared label.
+Only the current container can use a private volume.
+
+By default bind mounted volumes are `private`. That means any mounts done
+inside container will not be visible on host and vice-a-versa. One can change
+this behavior by specifying a volume mount propagation property. Making a
+volume `shared` mounts done under that volume inside container will be
+visible on host and vice-a-versa. Making a volume `slave` enables only one
+way mount propagation and that is mounts done on host under that volume
+will be visible inside container but not the other way around.
+
+To control mount propagation property of volume one can use `:[r]shared`,
+`:[r]slave` or `:[r]private` propagation flag. Propagation property can
+be specified only for bind mounted volumes and not for internal volumes or
+named volumes. For mount propagation to work source mount point (mount point
+where source dir is mounted on) has to have right propagation properties. For
+shared volumes, source mount point has to be shared. And for slave volumes,
+source mount has to be either shared or slave.
+
+Use `df <source-dir>` to figure out the source mount and then use
+`findmnt -o TARGET,PROPAGATION <source-mount-dir>` to figure out propagation
+properties of source mount. If `findmnt` utility is not available, then one
+can look at mount entry for source mount point in `/proc/self/mountinfo`. Look
+at `optional fields` and see if any propagaion properties are specified.
+`shared:X` means mount is `shared`, `master:X` means mount is `slave` and if
+nothing is there that means mount is `private`.
+
+To change propagation properties of a mount point use `mount` command. For
+example, if one wants to bind mount source directory `/foo` one can do
+`mount --bind /foo /foo` and `mount --make-private --make-shared /foo`. This
+will convert /foo into a `shared` mount point. Alternatively one can directly
+change propagation properties of source mount. Say `/` is source mount for
+`/foo`, then use `mount --make-shared /` to convert `/` into a `shared` mount.
+
+> **Note**:
+> When using systemd to manage the Docker daemon's start and stop, in the systemd
+> unit file there is an option to control mount propagation for the Docker daemon
+> itself, called `MountFlags`. The value of this setting may cause Docker to not
+> see mount propagation changes made on the mount point. For example, if this value
+> is `slave`, you may not be able to use the `shared` or `rshared` propagation on
+> a volume.
+
+
+To disable automatic copying of data from the container path to the volume, use
+the `nocopy` flag. The `nocopy` flag can be set on bind mounts and named volumes.
+
+**--volume-driver**=""
+   Container's volume driver. This driver creates volumes specified either from
+   a Dockerfile's `VOLUME` instruction or from the `docker run -v` flag.
+   See **docker-volume-create(1)** for full details.
+
+**--volumes-from**=[]
+   Mount volumes from the specified container(s)
+
+**-w**, **--workdir**=""
+   Working directory inside the container
+
+# EXAMPLES
+
+## Specify isolation technology for container (--isolation)
+
+This option is useful in situations where you are running Docker containers on
+Windows. The `--isolation=<value>` option sets a container's isolation
+technology. On Linux, the only supported is the `default` option which uses
+Linux namespaces. On Microsoft Windows, you can specify these values:
+
+* `default`: Use the value specified by the Docker daemon's `--exec-opt` . If the `daemon` does not specify an isolation technology, Microsoft Windows uses `process` as its default value.
+* `process`: Namespace isolation only.
+* `hyperv`: Hyper-V hypervisor partition-based isolation.
+
+Specifying the `--isolation` flag without a value is the same as setting `--isolation="default"`.
+
+# HISTORY
+August 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+September 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+November 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
diff --git a/man/docker-daemon.8.md b/man/docker-daemon.8.md
new file mode 100644
index 00000000..2b95133b
--- /dev/null
+++ b/man/docker-daemon.8.md
@@ -0,0 +1,568 @@
+% DOCKER(8) Docker User Manuals
+% Shishir Mahajan
+% SEPTEMBER 2015
+# NAME
+docker-daemon - Enable daemon mode
+
+# SYNOPSIS
+**docker daemon**
+[**--api-cors-header**=[=*API-CORS-HEADER*]]
+[**--authorization-plugin**[=*[]*]]
+[**-b**|**--bridge**[=*BRIDGE*]]
+[**--bip**[=*BIP*]]
+[**--cgroup-parent**[=*[]*]]
+[**--cluster-store**[=*[]*]]
+[**--cluster-advertise**[=*[]*]]
+[**--cluster-store-opt**[=*map[]*]]
+[**--config-file**[=*/etc/docker/daemon.json*]]
+[**--containerd**[=*SOCKET-PATH*]]
+[**-D**|**--debug**]
+[**--default-gateway**[=*DEFAULT-GATEWAY*]]
+[**--default-gateway-v6**[=*DEFAULT-GATEWAY-V6*]]
+[**--default-ulimit**[=*[]*]]
+[**--disable-legacy-registry**]
+[**--dns**[=*[]*]]
+[**--dns-opt**[=*[]*]]
+[**--dns-search**[=*[]*]]
+[**--exec-opt**[=*[]*]]
+[**--exec-root**[=*/var/run/docker*]]
+[**--fixed-cidr**[=*FIXED-CIDR*]]
+[**--fixed-cidr-v6**[=*FIXED-CIDR-V6*]]
+[**-G**|**--group**[=*docker*]]
+[**-g**|**--graph**[=*/var/lib/docker*]]
+[**-H**|**--host**[=*[]*]]
+[**--help**]
+[**--icc**[=*true*]]
+[**--insecure-registry**[=*[]*]]
+[**--ip**[=*0.0.0.0*]]
+[**--ip-forward**[=*true*]]
+[**--ip-masq**[=*true*]]
+[**--iptables**[=*true*]]
+[**--ipv6**]
+[**-l**|**--log-level**[=*info*]]
+[**--label**[=*[]*]]
+[**--log-driver**[=*json-file*]]
+[**--log-opt**[=*map[]*]]
+[**--mtu**[=*0*]]
+[**-p**|**--pidfile**[=*/var/run/docker.pid*]]
+[**--raw-logs**]
+[**--registry-mirror**[=*[]*]]
+[**-s**|**--storage-driver**[=*STORAGE-DRIVER*]]
+[**--selinux-enabled**]
+[**--storage-opt**[=*[]*]]
+[**--tls**]
+[**--tlscacert**[=*~/.docker/ca.pem*]]
+[**--tlscert**[=*~/.docker/cert.pem*]]
+[**--tlskey**[=*~/.docker/key.pem*]]
+[**--tlsverify**]
+[**--userland-proxy**[=*true*]]
+[**--userns-remap**[=*default*]]
+
+# DESCRIPTION
+**docker** has two distinct functions. It is used for starting the Docker
+daemon and to run the CLI (i.e., to command the daemon to manage images,
+containers etc.) So **docker** is both a server, as a daemon, and a client
+to the daemon, through the CLI.
+
+To run the Docker daemon you can specify **docker daemon**.
+You can check the daemon options using **docker daemon --help**.
+Daemon options should be specified after the **daemon** keyword in the following
+format.
+
+**docker daemon [OPTIONS]**
+
+# OPTIONS
+
+**--api-cors-header**=""
+  Set CORS headers in the remote API. Default is cors disabled. Give urls like "http://foo, http://bar, ...". Give "*" to allow all.
+
+**--authorization-plugin**=""
+  Set authorization plugins to load
+
+**-b**, **--bridge**=""
+  Attach containers to a pre\-existing network bridge; use 'none' to disable container networking
+
+**--bip**=""
+  Use the provided CIDR notation address for the dynamically created bridge (docker0); Mutually exclusive of \-b
+
+**--cgroup-parent**=""
+  Set parent cgroup for all containers. Default is "/docker" for fs cgroup driver and "system.slice" for systemd cgroup driver.
+
+**--cluster-store**=""
+  URL of the distributed storage backend
+
+**--cluster-advertise**=""
+  Specifies the 'host:port' or `interface:port` combination that this particular
+  daemon instance should use when advertising itself to the cluster. The daemon
+  is reached through this value.
+
+**--cluster-store-opt**=""
+  Specifies options for the Key/Value store.
+
+**--config-file**="/etc/docker/daemon.json"
+  Specifies the JSON file path to load the configuration from.
+
+**--containerd**=""
+  Path to containerd socket.
+
+**-D**, **--debug**=*true*|*false*
+  Enable debug mode. Default is false.
+
+**--default-gateway**=""
+  IPv4 address of the container default gateway; this address must be part of the bridge subnet (which is defined by \-b or \--bip)
+
+**--default-gateway-v6**=""
+  IPv6 address of the container default gateway
+
+**--default-ulimit**=[]
+  Set default ulimits for containers.
+
+**--disable-legacy-registry**=*true*|*false*
+  Do not contact legacy registries
+
+**--dns**=""
+  Force Docker to use specific DNS servers
+
+**--dns-opt**=""
+  DNS options to use.
+
+**--dns-search**=[]
+  DNS search domains to use.
+
+**--exec-opt**=[]
+  Set runtime execution options. See RUNTIME EXECUTION OPTIONS.
+
+**--exec-root**=""
+  Path to use as the root of the Docker execution state files. Default is `/var/run/docker`.
+
+**--fixed-cidr**=""
+  IPv4 subnet for fixed IPs (e.g., 10.20.0.0/16); this subnet must be nested in the bridge subnet (which is defined by \-b or \-\-bip)
+
+**--fixed-cidr-v6**=""
+  IPv6 subnet for global IPv6 addresses (e.g., 2a00:1450::/64)
+
+**-G**, **--group**=""
+  Group to assign the unix socket specified by -H when running in daemon mode.
+  use '' (the empty string) to disable setting of a group. Default is `docker`.
+
+**-g**, **--graph**=""
+  Path to use as the root of the Docker runtime. Default is `/var/lib/docker`.
+
+**-H**, **--host**=[*unix:///var/run/docker.sock*]: tcp://[host:port] to bind or
+unix://[/path/to/socket] to use.
+  The socket(s) to bind to in daemon mode specified using one or more
+  tcp://host:port, unix:///path/to/socket, fd://* or fd://socketfd.
+
+**--help**
+  Print usage statement
+
+**--icc**=*true*|*false*
+  Allow unrestricted inter\-container and Docker daemon host communication. If disabled, containers can still be linked together using the **--link** option (see **docker-run(1)**). Default is true.
+
+**--insecure-registry**=[]
+  Enable insecure registry communication, i.e., enable un-encrypted and/or untrusted communication.
+
+  List of insecure registries can contain an element with CIDR notation to specify a whole subnet. Insecure registries accept HTTP and/or accept HTTPS with certificates from unknown CAs.
+
+  Enabling `--insecure-registry` is useful when running a local registry.  However, because its use creates security vulnerabilities it should ONLY be enabled for testing purposes.  For increased security, users should add their CA to their system's list of trusted CAs instead of using `--insecure-registry`.
+
+**--ip**=""
+  Default IP address to use when binding container ports. Default is `0.0.0.0`.
+
+**--ip-forward**=*true*|*false*
+  Enables IP forwarding on the Docker host. The default is `true`. This flag interacts with the IP forwarding setting on your host system's kernel. If your system has IP forwarding disabled, this setting enables it. If your system has IP forwarding enabled, setting this flag to `--ip-forward=false` has no effect.
+
+  This setting will also enable IPv6 forwarding if you have both `--ip-forward=true` and `--fixed-cidr-v6` set. Note that this may reject Router Advertisements and interfere with the host's existing IPv6 configuration. For more information, please consult the documentation about "Advanced Networking - IPv6".
+
+**--ip-masq**=*true*|*false*
+  Enable IP masquerading for bridge's IP range. Default is true.
+
+**--iptables**=*true*|*false*
+  Enable Docker's addition of iptables rules. Default is true.
+
+**--ipv6**=*true*|*false*
+  Enable IPv6 support. Default is false. Docker will create an IPv6-enabled bridge with address fe80::1 which will allow you to create IPv6-enabled containers. Use together with `--fixed-cidr-v6` to provide globally routable IPv6 addresses. IPv6 forwarding will be enabled if not used with `--ip-forward=false`. This may collide with your host's current IPv6 settings. For more information please consult the documentation about "Advanced Networking - IPv6".
+
+**-l**, **--log-level**="*debug*|*info*|*warn*|*error*|*fatal*"
+  Set the logging level. Default is `info`.
+
+**--label**="[]"
+  Set key=value labels to the daemon (displayed in `docker info`)
+
+**--log-driver**="*json-file*|*syslog*|*journald*|*gelf*|*fluentd*|*awslogs*|*splunk*|*etwlogs*|*gcplogs*|*none*"
+  Default driver for container logs. Default is `json-file`.
+  **Warning**: `docker logs` command works only for `json-file` logging driver.
+
+**--log-opt**=[]
+  Logging driver specific options.
+
+**--mtu**=*0*
+  Set the containers network mtu. Default is `0`.
+
+**-p**, **--pidfile**=""
+  Path to use for daemon PID file. Default is `/var/run/docker.pid`
+
+**--raw-logs**
+Output daemon logs in full timestamp format without ANSI coloring. If this flag is not set,
+the daemon outputs condensed, colorized logs if a terminal is detected, or full ("raw")
+output otherwise.
+
+**--registry-mirror**=*<scheme>://<host>*
+  Prepend a registry mirror to be used for image pulls. May be specified multiple times.
+
+**-s**, **--storage-driver**=""
+  Force the Docker runtime to use a specific storage driver.
+
+**--selinux-enabled**=*true*|*false*
+  Enable selinux support. Default is false. SELinux does not presently support the overlay storage driver.
+
+**--storage-opt**=[]
+  Set storage driver options. See STORAGE DRIVER OPTIONS.
+
+**--tls**=*true*|*false*
+  Use TLS; implied by --tlsverify. Default is false.
+
+**--tlscacert**=*~/.docker/ca.pem*
+  Trust certs signed only by this CA.
+
+**--tlscert**=*~/.docker/cert.pem*
+  Path to TLS certificate file.
+
+**--tlskey**=*~/.docker/key.pem*
+  Path to TLS key file.
+
+**--tlsverify**=*true*|*false*
+  Use TLS and verify the remote (daemon: verify client, client: verify daemon).
+  Default is false.
+
+**--userland-proxy**=*true*|*false*
+    Rely on a userland proxy implementation for inter-container and outside-to-container loopback communications. Default is true.
+
+**--userns-remap**=*default*|*uid:gid*|*user:group*|*user*|*uid*
+    Enable user namespaces for containers on the daemon. Specifying "default" will cause a new user and group to be created to handle UID and GID range remapping for the user namespace mappings used for contained processes. Specifying a user (or uid) and optionally a group (or gid) will cause the daemon to lookup the user and group's subordinate ID ranges for use as the user namespace mappings for contained processes.
+
+# STORAGE DRIVER OPTIONS
+
+Docker uses storage backends (known as "graphdrivers" in the Docker
+internals) to create writable containers from images.  Many of these
+backends use operating system level technologies and can be
+configured.
+
+Specify options to the storage backend with **--storage-opt** flags. The
+backends that currently take options are *devicemapper* and *zfs*.
+Options for *devicemapper* are prefixed with *dm* and options for *zfs*
+start with *zfs*.
+
+Specifically for devicemapper, the default is a "loopback" model which
+requires no pre-configuration, but is extremely inefficient.  Do not
+use it in production.
+
+To make the best use of Docker with the devicemapper backend, you must
+have a recent version of LVM.  Use `lvm` to create a thin pool; for
+more information see `man lvmthin`.  Then, use `--storage-opt
+dm.thinpooldev` to tell the Docker engine to use that pool for
+allocating images and container snapshots.
+
+## Devicemapper options
+
+#### dm.thinpooldev
+
+Specifies a custom block storage device to use for the thin pool.
+
+If using a block device for device mapper storage, it is best to use `lvm`
+to create and manage the thin-pool volume. This volume is then handed to Docker
+to exclusively create snapshot volumes needed for images and containers.
+
+Managing the thin-pool outside of Engine makes for the most feature-rich
+method of having Docker utilize device mapper thin provisioning as the
+backing storage for Docker containers. The highlights of the lvm-based
+thin-pool management feature include: automatic or interactive thin-pool
+resize support, dynamically changing thin-pool features, automatic thinp
+metadata checking when lvm activates the thin-pool, etc.
+
+As a fallback if no thin pool is provided, loopback files are
+created. Loopback is very slow, but can be used without any
+pre-configuration of storage. It is strongly recommended that you do
+not use loopback in production. Ensure your Engine daemon has a
+`--storage-opt dm.thinpooldev` argument provided.
+
+Example use:
+
+   $ docker daemon \
+         --storage-opt dm.thinpooldev=/dev/mapper/thin-pool
+
+#### dm.basesize
+
+Specifies the size to use when creating the base device, which limits
+the size of images and containers. The default value is 10G. Note,
+thin devices are inherently "sparse", so a 10G device which is mostly
+empty doesn't use 10 GB of space on the pool. However, the filesystem
+will use more space for base images the larger the device
+is.
+
+The base device size can be increased at daemon restart which will allow
+all future images and containers (based on those new images) to be of the
+new base device size.
+
+Example use: `docker daemon --storage-opt dm.basesize=50G`
+
+This will increase the base device size to 50G. The Docker daemon will throw an
+error if existing base device size is larger than 50G. A user can use
+this option to expand the base device size however shrinking is not permitted.
+
+This value affects the system-wide "base" empty filesystem that may already
+be initialized and inherited by pulled images. Typically, a change to this
+value requires additional steps to take effect:
+
+        $ sudo service docker stop
+        $ sudo rm -rf /var/lib/docker
+        $ sudo service docker start
+
+Example use: `docker daemon --storage-opt dm.basesize=20G`
+
+#### dm.fs
+
+Specifies the filesystem type to use for the base device. The
+supported options are `ext4` and `xfs`. The default is `ext4`.
+
+Example use: `docker daemon --storage-opt dm.fs=xfs`
+
+#### dm.mkfsarg
+
+Specifies extra mkfs arguments to be used when creating the base device.
+
+Example use: `docker daemon --storage-opt "dm.mkfsarg=-O ^has_journal"`
+
+#### dm.mountopt
+
+Specifies extra mount options used when mounting the thin devices.
+
+Example use: `docker daemon --storage-opt dm.mountopt=nodiscard`
+
+#### dm.use_deferred_removal
+
+Enables use of deferred device removal if `libdm` and the kernel driver
+support the mechanism.
+
+Deferred device removal means that if device is busy when devices are
+being removed/deactivated, then a deferred removal is scheduled on
+device. And devices automatically go away when last user of the device
+exits.
+
+For example, when a container exits, its associated thin device is removed. If
+that device has leaked into some other mount namespace and can't be removed,
+the container exit still succeeds and this option causes the system to schedule
+the device for deferred removal. It does not wait in a loop trying to remove a busy
+device.
+
+Example use: `docker daemon --storage-opt dm.use_deferred_removal=true`
+
+#### dm.use_deferred_deletion
+
+Enables use of deferred device deletion for thin pool devices. By default,
+thin pool device deletion is synchronous. Before a container is deleted, the
+Docker daemon removes any associated devices. If the storage driver can not
+remove a device, the container deletion fails and daemon returns.
+
+`Error deleting container: Error response from daemon: Cannot destroy container`
+
+To avoid this failure, enable both deferred device deletion and deferred
+device removal on the daemon.
+
+`docker daemon --storage-opt dm.use_deferred_deletion=true --storage-opt dm.use_deferred_removal=true`
+
+With these two options enabled, if a device is busy when the driver is
+deleting a container, the driver marks the device as deleted. Later, when the
+device isn't in use, the driver deletes it.
+
+In general it should be safe to enable this option by default. It will help
+when unintentional leaking of mount point happens across multiple mount
+namespaces.
+
+#### dm.loopdatasize
+
+**Note**: This option configures devicemapper loopback, which should not be used in production.
+
+Specifies the size to use when creating the loopback file for the
+"data" device which is used for the thin pool. The default size is
+100G. The file is sparse, so it will not initially take up
+this much space.
+
+Example use: `docker daemon --storage-opt dm.loopdatasize=200G`
+
+#### dm.loopmetadatasize
+
+**Note**: This option configures devicemapper loopback, which should not be used in production.
+
+Specifies the size to use when creating the loopback file for the
+"metadata" device which is used for the thin pool. The default size
+is 2G. The file is sparse, so it will not initially take up
+this much space.
+
+Example use: `docker daemon --storage-opt dm.loopmetadatasize=4G`
+
+#### dm.datadev
+
+(Deprecated, use `dm.thinpooldev`)
+
+Specifies a custom blockdevice to use for data for a
+Docker-managed thin pool.  It is better to use `dm.thinpooldev` - see
+the documentation for it above for discussion of the advantages.
+
+#### dm.metadatadev
+
+(Deprecated, use `dm.thinpooldev`)
+
+Specifies a custom blockdevice to use for metadata for a
+Docker-managed thin pool.  See `dm.datadev` for why this is
+deprecated.
+
+#### dm.blocksize
+
+Specifies a custom blocksize to use for the thin pool.  The default
+blocksize is 64K.
+
+Example use: `docker daemon --storage-opt dm.blocksize=512K`
+
+#### dm.blkdiscard
+
+Enables or disables the use of `blkdiscard` when removing devicemapper
+devices.  This is disabled by default due to the additional latency,
+but as a special case with loopback devices it will be enabled, in
+order to re-sparsify the loopback file on image/container removal.
+
+Disabling this on loopback can lead to *much* faster container removal
+times, but it also prevents the space used in `/var/lib/docker` directory
+from being returned to the system for other use when containers are
+removed.
+
+Example use: `docker daemon --storage-opt dm.blkdiscard=false`
+
+#### dm.override_udev_sync_check
+
+By default, the devicemapper backend attempts to synchronize with the
+`udev` device manager for the Linux kernel.  This option allows
+disabling that synchronization, to continue even though the
+configuration may be buggy.
+
+To view the `udev` sync support of a Docker daemon that is using the
+`devicemapper` driver, run:
+
+        $ docker info
+        [...]
+         Udev Sync Supported: true
+        [...]
+
+When `udev` sync support is `true`, then `devicemapper` and `udev` can
+coordinate the activation and deactivation of devices for containers.
+
+When `udev` sync support is `false`, a race condition occurs between
+the `devicemapper` and `udev` during create and cleanup. The race
+condition results in errors and failures. (For information on these
+failures, see
+[docker#4036](https://github.com/docker/docker/issues/4036))
+
+To allow the `docker` daemon to start, regardless of whether `udev` sync is
+`false`, set `dm.override_udev_sync_check` to true:
+
+        $ docker daemon --storage-opt dm.override_udev_sync_check=true
+
+When this value is `true`, the driver continues and simply warns you
+the errors are happening.
+
+**Note**: The ideal is to pursue a `docker` daemon and environment
+that does support synchronizing with `udev`. For further discussion on
+this topic, see
+[docker#4036](https://github.com/docker/docker/issues/4036).
+Otherwise, set this flag for migrating existing Docker daemons to a
+daemon with a supported environment.
+
+#### dm.min_free_space
+
+Specifies the min free space percent in a thin pool require for new device
+creation to succeed. This check applies to both free data space as well
+as free metadata space. Valid values are from 0% - 99%. Value 0% disables
+free space checking logic. If user does not specify a value for this option,
+the Engine uses a default value of 10%.
+
+Whenever a new a thin pool device is created (during `docker pull` or during
+container creation), the Engine checks if the minimum free space is
+available. If the space is unavailable, then device creation fails and any
+relevant `docker` operation fails.
+
+To recover from this error, you must create more free space in the thin pool to
+recover from the error. You can create free space by deleting some images
+and containers from tge thin pool. You can also add
+more storage to the thin pool.
+
+To add more space to an LVM (logical volume management) thin pool, just add
+more storage to the  group container thin pool; this should automatically
+resolve any errors. If your configuration uses loop devices, then stop the
+Engine daemon, grow the size of loop files and restart the daemon to resolve
+the issue.
+
+Example use:: `docker daemon --storage-opt dm.min_free_space=10%`
+
+## ZFS options
+
+#### zfs.fsname
+
+Set zfs filesystem under which docker will create its own datasets.
+By default docker will pick up the zfs filesystem where docker graph
+(`/var/lib/docker`) is located.
+
+Example use: `docker daemon -s zfs --storage-opt zfs.fsname=zroot/docker`
+
+# CLUSTER STORE OPTIONS
+
+The daemon uses libkv to advertise
+the node within the cluster.  Some Key/Value backends support mutual
+TLS, and the client TLS settings used by the daemon can be configured
+using the **--cluster-store-opt** flag, specifying the paths to PEM encoded
+files.
+
+#### kv.cacertfile
+
+Specifies the path to a local file with PEM encoded CA certificates to trust
+
+#### kv.certfile
+
+Specifies the path to a local file with a PEM encoded certificate.  This
+certificate is used as the client cert for communication with the
+Key/Value store.
+
+#### kv.keyfile
+
+Specifies the path to a local file with a PEM encoded private key.  This
+private key is used as the client key for communication with the
+Key/Value store.
+
+# Access authorization
+
+Docker's access authorization can be extended by authorization plugins that your
+organization can purchase or build themselves. You can install one or more
+authorization plugins when you start the Docker `daemon` using the
+`--authorization-plugin=PLUGIN_ID` option.
+
+```bash
+docker daemon --authorization-plugin=plugin1 --authorization-plugin=plugin2,...
+```
+
+The `PLUGIN_ID` value is either the plugin's name or a path to its specification
+file. The plugin's implementation determines whether you can specify a name or
+path. Consult with your Docker administrator to get information about the
+plugins available to you.
+
+Once a plugin is installed, requests made to the `daemon` through the command
+line or Docker's remote API are allowed or denied by the plugin.  If you have
+multiple plugins installed, at least one must allow the request for it to
+complete.
+
+For information about how to create an authorization plugin, see [authorization
+plugin](https://docs.docker.com/engine/extend/authorization/) section in the
+Docker extend section of this documentation.
+
+
+# HISTORY
+Sept 2015, Originally compiled by Shishir Mahajan <shishir.mahajan@redhat.com>
+based on docker.com source material and internal work.
diff --git a/man/docker-diff.1.md b/man/docker-diff.1.md
new file mode 100644
index 00000000..6c6c5025
--- /dev/null
+++ b/man/docker-diff.1.md
@@ -0,0 +1,49 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-diff - Inspect changes on a container's filesystem
+
+# SYNOPSIS
+**docker diff**
+[**--help**]
+CONTAINER
+
+# DESCRIPTION
+Inspect changes on a container's filesystem. You can use the full or
+shortened container ID or the container name set using
+**docker run --name** option.
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+# EXAMPLES
+Inspect the changes to on a nginx container:
+
+    # docker diff 1fdfd1f54c1b
+    C /dev
+    C /dev/console
+    C /dev/core
+    C /dev/stdout
+    C /dev/fd
+    C /dev/ptmx
+    C /dev/stderr
+    C /dev/stdin
+    C /run
+    A /run/nginx.pid
+    C /var/lib/nginx/tmp
+    A /var/lib/nginx/tmp/client_body
+    A /var/lib/nginx/tmp/fastcgi
+    A /var/lib/nginx/tmp/proxy
+    A /var/lib/nginx/tmp/scgi
+    A /var/lib/nginx/tmp/uwsgi
+    C /var/log/nginx
+    A /var/log/nginx/access.log
+    A /var/log/nginx/error.log
+
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
diff --git a/man/docker-events.1.md b/man/docker-events.1.md
new file mode 100644
index 00000000..4d0bff25
--- /dev/null
+++ b/man/docker-events.1.md
@@ -0,0 +1,96 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-events - Get real time events from the server
+
+# SYNOPSIS
+**docker events**
+[**--help**]
+[**-f**|**--filter**[=*[]*]]
+[**--since**[=*SINCE*]]
+[**--until**[=*UNTIL*]]
+
+
+# DESCRIPTION
+Get event information from the Docker daemon. Information can include historical
+information and real-time information.
+
+Docker containers will report the following events:
+
+    attach, commit, copy, create, destroy, die, exec_create, exec_start, export, kill, oom, pause, rename, resize, restart, start, stop, top, unpause
+
+and Docker images will report:
+
+    delete, import, pull, push, tag, untag
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+**-f**, **--filter**=[]
+   Provide filter values (i.e., 'event=stop')
+
+**--since**=""
+   Show all events created since timestamp
+
+**--until**=""
+   Stream events until this timestamp
+
+The `--since` and `--until` parameters can be Unix timestamps, date formatted
+timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed
+relative to the client machine’s time. If you do not provide the `--since` option,
+the command returns only new and/or live events.  Supported formats for date
+formatted time stamps include RFC3339Nano, RFC3339, `2006-01-02T15:04:05`,
+`2006-01-02T15:04:05.999999999`, `2006-01-02Z07:00`, and `2006-01-02`. The local
+timezone on the client will be used if you do not provide either a `Z` or a
+`+-00:00` timezone offset at the end of the timestamp.  When providing Unix
+timestamps enter seconds[.nanoseconds], where seconds is the number of seconds
+that have elapsed since January 1, 1970 (midnight UTC/GMT), not counting leap
+seconds (aka Unix epoch or Unix time), and the optional .nanoseconds field is a
+fraction of a second no more than nine digits long.
+
+# EXAMPLES
+
+## Listening for Docker events
+
+After running docker events a container 786d698004576 is started and stopped
+(The container name has been shortened in the output below):
+
+    # docker events
+    2015-01-28T20:21:31.000000000-08:00 59211849bc10: (from whenry/testimage:latest) start
+    2015-01-28T20:21:31.000000000-08:00 59211849bc10: (from whenry/testimage:latest) die
+    2015-01-28T20:21:32.000000000-08:00 59211849bc10: (from whenry/testimage:latest) stop
+
+## Listening for events since a given date
+Again the output container IDs have been shortened for the purposes of this document:
+
+    # docker events --since '2015-01-28'
+    2015-01-28T20:25:38.000000000-08:00 c21f6c22ba27: (from whenry/testimage:latest) create
+    2015-01-28T20:25:38.000000000-08:00 c21f6c22ba27: (from whenry/testimage:latest) start
+    2015-01-28T20:25:39.000000000-08:00 c21f6c22ba27: (from whenry/testimage:latest) create
+    2015-01-28T20:25:39.000000000-08:00 c21f6c22ba27: (from whenry/testimage:latest) start
+    2015-01-28T20:25:40.000000000-08:00 c21f6c22ba27: (from whenry/testimage:latest) die
+    2015-01-28T20:25:42.000000000-08:00 c21f6c22ba27: (from whenry/testimage:latest) stop
+    2015-01-28T20:25:45.000000000-08:00 c21f6c22ba27: (from whenry/testimage:latest) start
+    2015-01-28T20:25:45.000000000-08:00 c21f6c22ba27: (from whenry/testimage:latest) die
+    2015-01-28T20:25:46.000000000-08:00 c21f6c22ba27: (from whenry/testimage:latest) stop
+
+The following example outputs all events that were generated in the last 3 minutes,
+relative to the current time on the client machine:
+
+    # docker events --since '3m'
+    2015-05-12T11:51:30.999999999Z07:00  4386fb97867d: (from ubuntu-1:14.04) die
+    2015-05-12T15:52:12.999999999Z07:00  4386fb97867d: (from ubuntu-1:14.04) stop
+    2015-05-12T15:53:45.999999999Z07:00  7805c1d35632: (from redis:2.8) die
+    2015-05-12T15:54:03.999999999Z07:00  7805c1d35632: (from redis:2.8) stop
+
+If you do not provide the --since option, the command returns only new and/or
+live events.
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+June 2015, updated by Brian Goff <cpuguy83@gmail.com>
+October 2015, updated by Mike Brown <mikebrow@gmail.com>
diff --git a/man/docker-exec.1.md b/man/docker-exec.1.md
new file mode 100644
index 00000000..16a061d0
--- /dev/null
+++ b/man/docker-exec.1.md
@@ -0,0 +1,64 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-exec - Run a command in a running container
+
+# SYNOPSIS
+**docker exec**
+[**-d**|**--detach**]
+[**--detach-keys**[=*[]*]]
+[**--help**]
+[**-i**|**--interactive**]
+[**--privileged**]
+[**-t**|**--tty**]
+[**-u**|**--user**[=*USER*]]
+CONTAINER COMMAND [ARG...]
+
+# DESCRIPTION
+
+Run a process in a running container.
+
+The command started using `docker exec` will only run while the container's primary
+process (`PID 1`) is running, and will not be restarted if the container is restarted.
+
+If the container is paused, then the `docker exec` command will wait until the
+container is unpaused, and then run
+
+# OPTIONS
+**-d**, **--detach**=*true*|*false*
+   Detached mode: run command in the background. The default is *false*.
+
+**--detach-keys**=""
+  Override the key sequence for detaching a container. Format is a single character `[a-Z]` or `ctrl-<value>` where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`.
+
+**--help**
+  Print usage statement
+
+**-i**, **--interactive**=*true*|*false*
+   Keep STDIN open even if not attached. The default is *false*.
+
+**--privileged**=*true*|*false*
+   Give the process extended [Linux capabilities](http://man7.org/linux/man-pages/man7/capabilities.7.html)
+when running in a container. The default is *false*.
+
+   Without this flag, the process run by `docker exec` in a running container has
+the same capabilities as the container, which may be limited. Set
+`--privileged` to give all capabilities to the process.
+
+**-t**, **--tty**=*true*|*false*
+   Allocate a pseudo-TTY. The default is *false*.
+
+**-u**, **--user**=""
+   Sets the username or UID used and optionally the groupname or GID for the specified command.
+
+   The followings examples are all valid:
+   --user [user | user:group | uid | uid:gid | user:gid | uid:group ]
+
+   Without this argument the command will be run as root in the container.
+
+The **-t** option is incompatible with a redirection of the docker client
+standard input.
+
+# HISTORY
+November 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
diff --git a/man/docker-export.1.md b/man/docker-export.1.md
new file mode 100644
index 00000000..3d59e478
--- /dev/null
+++ b/man/docker-export.1.md
@@ -0,0 +1,46 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-export - Export the contents of a container's filesystem as a tar archive
+
+# SYNOPSIS
+**docker export**
+[**--help**]
+[**-o**|**--output**[=*""*]]
+CONTAINER
+
+# DESCRIPTION
+Export the contents of a container's filesystem using the full or shortened
+container ID or container name. The output is exported to STDOUT and can be
+redirected to a tar file.
+
+Stream to a file instead of STDOUT by using **-o**.
+
+# OPTIONS
+**--help**
+  Print usage statement
+  
+**-o**, **--output**=""
+  Write to a file, instead of STDOUT
+
+# EXAMPLES
+Export the contents of the container called angry_bell to a tar file
+called angry_bell.tar:
+
+    # docker export angry_bell > angry_bell.tar
+    # docker export --output=angry_bell-latest.tar angry_bell
+    # ls -sh angry_bell.tar
+    321M angry_bell.tar
+    # ls -sh angry_bell-latest.tar
+    321M angry_bell-latest.tar
+
+# See also
+**docker-import(1)** to create an empty filesystem image
+and import the contents of the tarball into it, then optionally tag it.
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+January 2015, updated by Joseph Kern (josephakern at gmail dot com)
diff --git a/man/docker-history.1.md b/man/docker-history.1.md
new file mode 100644
index 00000000..91edefe2
--- /dev/null
+++ b/man/docker-history.1.md
@@ -0,0 +1,52 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-history - Show the history of an image
+
+# SYNOPSIS
+**docker history**
+[**--help**]
+[**-H**|**--human**[=*true*]]
+[**--no-trunc**]
+[**-q**|**--quiet**]
+IMAGE
+
+# DESCRIPTION
+
+Show the history of when and how an image was created.
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+**-H**, **--human**=*true*|*false*
+    Print sizes and dates in human readable format. The default is *true*.
+
+**--no-trunc**=*true*|*false*
+   Don't truncate output. The default is *false*.
+
+**-q**, **--quiet**=*true*|*false*
+   Only show numeric IDs. The default is *false*.
+
+# EXAMPLES
+    $ docker history fedora
+    IMAGE          CREATED          CREATED BY                                      SIZE                COMMENT
+    105182bb5e8b   5 days ago       /bin/sh -c #(nop) ADD file:71356d2ad59aa3119d   372.7 MB
+    73bd853d2ea5   13 days ago      /bin/sh -c #(nop) MAINTAINER Lokesh Mandvekar   0 B
+    511136ea3c5a   10 months ago                                                    0 B                 Imported from -
+
+## Display comments in the image history
+The `docker commit` command has a **-m** flag for adding comments to the image. These comments will be displayed in the image history.
+
+    $ sudo docker history docker:scm
+    IMAGE               CREATED             CREATED BY                                      SIZE                COMMENT
+    2ac9d1098bf1        3 months ago        /bin/bash                                       241.4 MB            Added Apache to Fedora base image
+    88b42ffd1f7c        5 months ago        /bin/sh -c #(nop) ADD file:1fd8d7f9f6557cafc7   373.7 MB            
+    c69cab00d6ef        5 months ago        /bin/sh -c #(nop) MAINTAINER Lokesh Mandvekar   0 B                 
+    511136ea3c5a        19 months ago                                                       0 B                 Imported from -
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
diff --git a/man/docker-images.1.md b/man/docker-images.1.md
new file mode 100644
index 00000000..8410280a
--- /dev/null
+++ b/man/docker-images.1.md
@@ -0,0 +1,111 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-images - List images
+
+# SYNOPSIS
+**docker images**
+[**--help**]
+[**-a**|**--all**]
+[**--digests**]
+[**-f**|**--filter**[=*[]*]]
+[**--no-trunc**]
+[**-q**|**--quiet**]
+[REPOSITORY[:TAG]]
+
+# DESCRIPTION
+This command lists the images stored in the local Docker repository.
+
+By default, intermediate images, used during builds, are not listed. Some of the
+output, e.g., image ID, is truncated, for space reasons. However the truncated
+image ID, and often the first few characters, are enough to be used in other
+Docker commands that use the image ID. The output includes repository, tag, image
+ID, date created and the virtual size.
+
+The title REPOSITORY for the first title may seem confusing. It is essentially
+the image name. However, because you can tag a specific image, and multiple tags
+(image instances) can be associated with a single name, the name is really a
+repository for all tagged images of the same name. For example consider an image
+called fedora. It may be tagged with 18, 19, or 20, etc. to manage different
+versions.
+
+# OPTIONS
+**-a**, **--all**=*true*|*false*
+   Show all images (by default filter out the intermediate image layers). The default is *false*.
+
+**--digests**=*true*|*false*
+   Show image digests. The default is *false*.
+
+**-f**, **--filter**=[]
+   Filters the output. The dangling=true filter finds unused images. While label=com.foo=amd64 filters for images with a com.foo value of amd64. The label=com.foo filter finds images with the label com.foo of any value.
+
+**--format**="*TEMPLATE*"
+   Pretty-print containers using a Go template.
+   Valid placeholders:
+      .ID - Image ID
+      .Repository - Image repository
+      .Tag - Image tag
+      .Digest - Image digest
+      .CreatedSince - Elapsed time since the image was created.
+      .CreatedAt - Time when the image was created..
+      .Size - Image disk size.
+
+**--help**
+  Print usage statement
+
+**--no-trunc**=*true*|*false*
+   Don't truncate output. The default is *false*.
+
+**-q**, **--quiet**=*true*|*false*
+   Only show numeric IDs. The default is *false*.
+
+# EXAMPLES
+
+## Listing the images
+
+To list the images in a local repository (not the registry) run:
+
+    docker images
+
+The list will contain the image repository name, a tag for the image, and an
+image ID, when it was created and its virtual size. Columns: REPOSITORY, TAG,
+IMAGE ID, CREATED, and SIZE.
+
+The `docker images` command takes an optional `[REPOSITORY[:TAG]]` argument
+that restricts the list to images that match the argument. If you specify
+`REPOSITORY`but no `TAG`, the `docker images` command lists all images in the
+given repository.
+
+    docker images java
+
+The `[REPOSITORY[:TAG]]` value must be an "exact match". This means that, for example,
+`docker images jav` does not match the image `java`.
+
+If both `REPOSITORY` and `TAG` are provided, only images matching that
+repository and tag are listed.  To find all local images in the "java"
+repository with tag "8" you can use:
+
+    docker images java:8
+
+To get a verbose list of images which contains all the intermediate images
+used in builds use **-a**:
+
+    docker images -a
+
+Previously, the docker images command supported the --tree and --dot arguments,
+which displayed different visualizations of the image data. Docker core removed
+this functionality in the 1.7 version. If you liked this functionality, you can
+still find it in the third-party dockviz tool: https://github.com/justone/dockviz.
+
+## Listing only the shortened image IDs
+
+Listing just the shortened image IDs. This can be useful for some automated
+tools.
+
+    docker images -q
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
diff --git a/man/docker-import.1.md b/man/docker-import.1.md
new file mode 100644
index 00000000..43d65efe
--- /dev/null
+++ b/man/docker-import.1.md
@@ -0,0 +1,72 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-import - Create an empty filesystem image and import the contents of the tarball (.tar, .tar.gz, .tgz, .bzip, .tar.xz, .txz) into it, then optionally tag it.
+
+# SYNOPSIS
+**docker import**
+[**-c**|**--change**[=*[]*]]
+[**-m**|**--message**[=*MESSAGE*]]
+[**--help**]
+file|URL|**-**[REPOSITORY[:TAG]]
+
+# OPTIONS
+**-c**, **--change**=[]
+   Apply specified Dockerfile instructions while importing the image
+   Supported Dockerfile instructions: `CMD`|`ENTRYPOINT`|`ENV`|`EXPOSE`|`ONBUILD`|`USER`|`VOLUME`|`WORKDIR`
+
+**--help**
+  Print usage statement
+
+**-m**, **--message**=""
+   Set commit message for imported image
+
+# DESCRIPTION
+Create a new filesystem image from the contents of a tarball (`.tar`,
+`.tar.gz`, `.tgz`, `.bzip`, `.tar.xz`, `.txz`) into it, then optionally tag it.
+
+
+# EXAMPLES
+
+## Import from a remote location
+
+    # docker import http://example.com/exampleimage.tgz example/imagerepo
+
+## Import from a local file
+
+Import to docker via pipe and stdin:
+
+    # cat exampleimage.tgz | docker import - example/imagelocal
+
+Import with a commit message. 
+
+    # cat exampleimage.tgz | docker import --message "New image imported from tarball" - exampleimagelocal:new
+
+Import to a Docker image from a local file.
+
+    # docker import /path/to/exampleimage.tgz 
+
+
+## Import from a local file and tag
+
+Import to docker via pipe and stdin:
+
+    # cat exampleimageV2.tgz | docker import - example/imagelocal:V-2.0
+
+## Import from a local directory
+
+    # tar -c . | docker import - exampleimagedir
+
+## Apply specified Dockerfile instructions while importing the image
+This example sets the docker image ENV variable DEBUG to true by default.
+
+    # tar -c . | docker import -c="ENV DEBUG true" - exampleimagedir
+
+# See also
+**docker-export(1)** to export the contents of a filesystem as a tar archive to STDOUT.
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
diff --git a/man/docker-info.1.md b/man/docker-info.1.md
new file mode 100644
index 00000000..1ebcd1a4
--- /dev/null
+++ b/man/docker-info.1.md
@@ -0,0 +1,66 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-info - Display system-wide information
+
+# SYNOPSIS
+**docker info**
+[**--help**]
+
+
+# DESCRIPTION
+This command displays system wide information regarding the Docker installation.
+Information displayed includes the number of containers and images, pool name,
+data file, metadata file, data space used, total data space, metadata space used
+, total metadata space, execution driver, and the kernel version.
+
+The data file is where the images are stored and the metadata file is where the
+meta data regarding those images are stored. When run for the first time Docker
+allocates a certain amount of data space and meta data space from the space
+available on the volume where `/var/lib/docker` is mounted.
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+# EXAMPLES
+
+## Display Docker system information
+
+Here is a sample output:
+
+    # docker info
+    Containers: 14
+     Running: 3
+     Paused: 1
+     Stopped: 10
+    Images: 52
+    Server Version: 1.9.0
+    Storage Driver: aufs
+     Root Dir: /var/lib/docker/aufs
+     Dirs: 80
+    Execution Driver: native-0.2
+    Logging Driver: json-file
+    Cgroup Driver: cgroupfs
+    Plugins:
+     Volume: local
+     Network: bridge null host
+    Kernel Version: 3.13.0-24-generic
+    Operating System: Ubuntu 14.04 LTS
+    OSType: linux
+    Architecture: x86_64
+    CPUs: 1
+    Total Memory: 2 GiB
+    Name: docker
+    ID: I54V:OLXT:HVMM:TPKO:JPHQ:CQCD:JNLC:O3BZ:4ZVJ:43XJ:PFHZ:6N2S
+    Docker Root Dir: /var/lib/docker
+    Debug mode (client): false
+    Debug mode (server): false
+    Username: xyz
+    Registry: https://index.docker.io/v1/
+	
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
diff --git a/man/docker-inspect.1.md b/man/docker-inspect.1.md
new file mode 100644
index 00000000..1bc2cf0b
--- /dev/null
+++ b/man/docker-inspect.1.md
@@ -0,0 +1,322 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-inspect - Return low-level information on a container or image
+
+# SYNOPSIS
+**docker inspect**
+[**--help**]
+[**-f**|**--format**[=*FORMAT*]]
+[**-s**|**--size**]
+[**--type**=*container*|*image*]
+CONTAINER|IMAGE [CONTAINER|IMAGE...]
+
+# DESCRIPTION
+
+This displays all the information available in Docker for a given
+container or image. By default, this will render all results in a JSON
+array. If the container and image have the same name, this will return
+container JSON for unspecified type. If a format is specified, the given
+template will be executed for each result.
+
+# OPTIONS
+**--help**
+    Print usage statement
+
+**-f**, **--format**=""
+    Format the output using the given Go template.
+
+**-s**, **--size**
+    Display total file sizes if the type is container.
+
+**--type**="*container*|*image*"
+    Return JSON for specified type, permissible values are "image" or "container"
+
+# EXAMPLES
+
+Get information about an image when image name conflicts with the container name,
+e.g. both image and container are named rhel7:
+
+    $ docker inspect --type=image rhel7
+    [
+    {
+     "Id": "fe01a428b9d9de35d29531e9994157978e8c48fa693e1bf1d221dffbbb67b170",
+     "Parent": "10acc31def5d6f249b548e01e8ffbaccfd61af0240c17315a7ad393d022c5ca2",
+     ....
+    }
+    ]
+
+## Getting information on a container
+
+To get information on a container use its ID or instance name:
+
+    $ docker inspect d2cc496561d6
+    [{
+    "Id": "d2cc496561d6d520cbc0236b4ba88c362c446a7619992123f11c809cded25b47",
+    "Created": "2015-06-08T16:18:02.505155285Z",
+    "Path": "bash",
+    "Args": [],
+    "State": {
+        "Running": false,
+        "Paused": false,
+        "Restarting": false,
+        "OOMKilled": false,
+        "Dead": false,
+        "Pid": 0,
+        "ExitCode": 0,
+        "Error": "",
+        "StartedAt": "2015-06-08T16:18:03.643865954Z",
+        "FinishedAt": "2015-06-08T16:57:06.448552862Z"
+    },
+    "Image": "ded7cd95e059788f2586a51c275a4f151653779d6a7f4dad77c2bd34601d94e4",
+    "NetworkSettings": {
+        "Bridge": "",
+        "SandboxID": "6b4851d1903e16dd6a567bd526553a86664361f31036eaaa2f8454d6f4611f6f",
+        "HairpinMode": false,
+        "LinkLocalIPv6Address": "",
+        "LinkLocalIPv6PrefixLen": 0,
+        "Ports": {},
+        "SandboxKey": "/var/run/docker/netns/6b4851d1903e",
+        "SecondaryIPAddresses": null,
+        "SecondaryIPv6Addresses": null,
+        "EndpointID": "7587b82f0dada3656fda26588aee72630c6fab1536d36e394b2bfbcf898c971d",
+        "Gateway": "172.17.0.1",
+        "GlobalIPv6Address": "",
+        "GlobalIPv6PrefixLen": 0,
+        "IPAddress": "172.17.0.2",
+        "IPPrefixLen": 16,
+        "IPv6Gateway": "",
+        "MacAddress": "02:42:ac:12:00:02",
+        "Networks": {
+            "bridge": {
+                "NetworkID": "7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812",
+                "EndpointID": "7587b82f0dada3656fda26588aee72630c6fab1536d36e394b2bfbcf898c971d",
+                "Gateway": "172.17.0.1",
+                "IPAddress": "172.17.0.2",
+                "IPPrefixLen": 16,
+                "IPv6Gateway": "",
+                "GlobalIPv6Address": "",
+                "GlobalIPv6PrefixLen": 0,
+                "MacAddress": "02:42:ac:12:00:02"
+            }
+        }
+
+    },
+    "ResolvConfPath": "/var/lib/docker/containers/d2cc496561d6d520cbc0236b4ba88c362c446a7619992123f11c809cded25b47/resolv.conf",
+    "HostnamePath": "/var/lib/docker/containers/d2cc496561d6d520cbc0236b4ba88c362c446a7619992123f11c809cded25b47/hostname",
+    "HostsPath": "/var/lib/docker/containers/d2cc496561d6d520cbc0236b4ba88c362c446a7619992123f11c809cded25b47/hosts",
+    "LogPath": "/var/lib/docker/containers/d2cc496561d6d520cbc0236b4ba88c362c446a7619992123f11c809cded25b47/d2cc496561d6d520cbc0236b4ba88c362c446a7619992123f11c809cded25b47-json.log",
+    "Name": "/adoring_wozniak",
+    "RestartCount": 0,
+    "Driver": "devicemapper",
+    "MountLabel": "",
+    "ProcessLabel": "",
+    "Mounts": [
+      {
+        "Source": "/data",
+        "Destination": "/data",
+        "Mode": "ro,Z",
+        "RW": false
+	"Propagation": ""
+      }
+    ],
+    "AppArmorProfile": "",
+    "ExecIDs": null,
+    "HostConfig": {
+        "Binds": null,
+        "ContainerIDFile": "",
+        "Memory": 0,
+        "MemorySwap": 0,
+        "CpuShares": 0,
+        "CpuPeriod": 0,
+        "CpusetCpus": "",
+        "CpusetMems": "",
+        "CpuQuota": 0,
+        "BlkioWeight": 0,
+        "OomKillDisable": false,
+        "Privileged": false,
+        "PortBindings": {},
+        "Links": null,
+        "PublishAllPorts": false,
+        "Dns": null,
+        "DnsSearch": null,
+        "DnsOptions": null,
+        "ExtraHosts": null,
+        "VolumesFrom": null,
+        "Devices": [],
+        "NetworkMode": "bridge",
+        "IpcMode": "",
+        "PidMode": "",
+        "UTSMode": "",
+        "CapAdd": null,
+        "CapDrop": null,
+        "RestartPolicy": {
+            "Name": "no",
+            "MaximumRetryCount": 0
+        },
+        "SecurityOpt": null,
+        "ReadonlyRootfs": false,
+        "Ulimits": null,
+        "LogConfig": {
+            "Type": "json-file",
+            "Config": {}
+        },
+        "CgroupParent": ""
+    },
+    "GraphDriver": {
+        "Name": "devicemapper",
+        "Data": {
+            "DeviceId": "5",
+            "DeviceName": "docker-253:1-2763198-d2cc496561d6d520cbc0236b4ba88c362c446a7619992123f11c809cded25b47",
+            "DeviceSize": "171798691840"
+        }
+    },
+    "Config": {
+        "Hostname": "d2cc496561d6",
+        "Domainname": "",
+        "User": "",
+        "AttachStdin": true,
+        "AttachStdout": true,
+        "AttachStderr": true,
+        "ExposedPorts": null,
+        "Tty": true,
+        "OpenStdin": true,
+        "StdinOnce": true,
+        "Env": null,
+        "Cmd": [
+            "bash"
+        ],
+        "Image": "fedora",
+        "Volumes": null,
+        "VolumeDriver": "",
+        "WorkingDir": "",
+        "Entrypoint": null,
+        "NetworkDisabled": false,
+        "MacAddress": "",
+        "OnBuild": null,
+        "Labels": {},
+        "Memory": 0,
+        "MemorySwap": 0,
+        "CpuShares": 0,
+        "Cpuset": "",
+        "StopSignal": "SIGTERM"
+    }
+    }
+    ]
+## Getting the IP address of a container instance
+
+To get the IP address of a container use:
+
+    $ docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' d2cc496561d6
+    172.17.0.2
+
+## Listing all port bindings
+
+One can loop over arrays and maps in the results to produce simple text
+output:
+
+    $ docker inspect --format='{{range $p, $conf := .NetworkSettings.Ports}} \
+      {{$p}} -> {{(index $conf 0).HostPort}} {{end}}' d2cc496561d6
+      80/tcp -> 80
+
+You can get more information about how to write a Go template from:
+https://golang.org/pkg/text/template/.
+
+## Getting size information on an container
+
+    $ docker inspect -s d2cc496561d6
+    [
+    {
+    ....
+    "SizeRw": 0,
+    "SizeRootFs": 972,
+    ....
+    }
+    ]
+
+## Getting information on an image
+
+Use an image's ID or name (e.g., repository/name[:tag]) to get information
+about the image:
+
+    $ docker inspect ded7cd95e059
+    [{
+    "Id": "ded7cd95e059788f2586a51c275a4f151653779d6a7f4dad77c2bd34601d94e4",
+    "Parent": "48ecf305d2cf7046c1f5f8fcbcd4994403173441d4a7f125b1bb0ceead9de731",
+    "Comment": "",
+    "Created": "2015-05-27T16:58:22.937503085Z",
+    "Container": "76cf7f67d83a7a047454b33007d03e32a8f474ad332c3a03c94537edd22b312b",
+    "ContainerConfig": {
+        "Hostname": "76cf7f67d83a",
+        "Domainname": "",
+        "User": "",
+        "AttachStdin": false,
+        "AttachStdout": false,
+        "AttachStderr": false,
+        "ExposedPorts": null,
+        "Tty": false,
+        "OpenStdin": false,
+        "StdinOnce": false,
+        "Env": null,
+        "Cmd": [
+            "/bin/sh",
+            "-c",
+            "#(nop) ADD file:4be46382bcf2b095fcb9fe8334206b584eff60bb3fad8178cbd97697fcb2ea83 in /"
+        ],
+        "Image": "48ecf305d2cf7046c1f5f8fcbcd4994403173441d4a7f125b1bb0ceead9de731",
+        "Volumes": null,
+        "VolumeDriver": "",
+        "WorkingDir": "",
+        "Entrypoint": null,
+        "NetworkDisabled": false,
+        "MacAddress": "",
+        "OnBuild": null,
+        "Labels": {}
+    },
+    "DockerVersion": "1.6.0",
+    "Author": "Lokesh Mandvekar \u003clsm5@fedoraproject.org\u003e",
+    "Config": {
+        "Hostname": "76cf7f67d83a",
+        "Domainname": "",
+        "User": "",
+        "AttachStdin": false,
+        "AttachStdout": false,
+        "AttachStderr": false,
+        "ExposedPorts": null,
+        "Tty": false,
+        "OpenStdin": false,
+        "StdinOnce": false,
+        "Env": null,
+        "Cmd": null,
+        "Image": "48ecf305d2cf7046c1f5f8fcbcd4994403173441d4a7f125b1bb0ceead9de731",
+        "Volumes": null,
+        "VolumeDriver": "",
+        "WorkingDir": "",
+        "Entrypoint": null,
+        "NetworkDisabled": false,
+        "MacAddress": "",
+        "OnBuild": null,
+        "Labels": {}
+    },
+    "Architecture": "amd64",
+    "Os": "linux",
+    "Size": 186507296,
+    "VirtualSize": 186507296,
+    "GraphDriver": {
+        "Name": "devicemapper",
+        "Data": {
+            "DeviceId": "3",
+            "DeviceName": "docker-253:1-2763198-ded7cd95e059788f2586a51c275a4f151653779d6a7f4dad77c2bd34601d94e4",
+            "DeviceSize": "171798691840"
+        }
+    }
+    }
+    ]
+
+# HISTORY
+April 2014, originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+April 2015, updated by Qiang Huang <h.huangqiang@huawei.com>
+October 2015, updated by Sally O'Malley <somalley@redhat.com>
diff --git a/man/docker-kill.1.md b/man/docker-kill.1.md
new file mode 100644
index 00000000..36cbdb90
--- /dev/null
+++ b/man/docker-kill.1.md
@@ -0,0 +1,28 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-kill - Kill a running container using SIGKILL or a specified signal
+
+# SYNOPSIS
+**docker kill**
+[**--help**]
+[**-s**|**--signal**[=*"KILL"*]]
+CONTAINER [CONTAINER...]
+
+# DESCRIPTION
+
+The main process inside each container specified will be sent SIGKILL,
+ or any signal specified with option --signal.
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+**-s**, **--signal**="*KILL*"
+   Signal to send to the container
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+ based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
diff --git a/man/docker-load.1.md b/man/docker-load.1.md
new file mode 100644
index 00000000..c54fe607
--- /dev/null
+++ b/man/docker-load.1.md
@@ -0,0 +1,49 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-load - Load an image from a tar archive or STDIN
+
+# SYNOPSIS
+**docker load**
+[**--help**]
+[**-i**|**--input**[=*INPUT*]]
+[**-q**|**--quiet**]
+
+# DESCRIPTION
+
+Loads a tarred repository from a file or the standard input stream.
+Restores both images and tags.
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+**-i**, **--input**=""
+   Read from a tar archive file, instead of STDIN. The tarball may be compressed with gzip, bzip, or xz.
+
+**-q**, **--quiet**
+   Suppress the load output. Without this option, a progress bar is displayed.
+
+# EXAMPLES
+
+    $ docker images
+    REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
+    busybox             latest              769b9341d937        7 weeks ago         2.489 MB
+    $ docker load --input fedora.tar
+    $ docker images
+    REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
+    busybox             latest              769b9341d937        7 weeks ago         2.489 MB
+    fedora              rawhide             0d20aec6529d        7 weeks ago         387 MB
+    fedora              20                  58394af37342        7 weeks ago         385.5 MB
+    fedora              heisenbug           58394af37342        7 weeks ago         385.5 MB
+    fedora              latest              58394af37342        7 weeks ago         385.5 MB
+
+# See also
+**docker-save(1)** to save one or more images to a tar archive (streamed to STDOUT by default).
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+July 2015 update by Mary Anthony <mary@docker.com>
diff --git a/man/docker-login.1.md b/man/docker-login.1.md
new file mode 100644
index 00000000..ea899376
--- /dev/null
+++ b/man/docker-login.1.md
@@ -0,0 +1,56 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-login - Log in to a Docker registry.
+
+# SYNOPSIS
+**docker login**
+[**--help**]
+[**-p**|**--password**[=*PASSWORD*]]
+[**-u**|**--username**[=*USERNAME*]]
+[SERVER]
+
+# DESCRIPTION
+Log in to a Docker Registry located on the specified
+`SERVER`.  You can specify a URL or a `hostname` for the `SERVER` value. If you
+do not specify a `SERVER`, the command uses Docker's public registry located at
+`https://registry-1.docker.io/` by default.  To get a username/password for Docker's public registry, create an account on Docker Hub.
+
+`docker login` requires user to use `sudo` or be `root`, except when:
+
+1.  connecting to  a remote daemon, such as a `docker-machine` provisioned `docker engine`.
+2.  user is added to the `docker` group.  This will impact the security of your system; the `docker` group is `root` equivalent.  See [Docker Daemon Attack Surface](https://docs.docker.com/articles/security/#docker-daemon-attack-surface) for details.
+
+You can log into any public or private repository for which you have
+credentials.  When you log in, the command stores encoded credentials in
+`$HOME/.docker/config.json` on Linux or `%USERPROFILE%/.docker/config.json` on Windows.
+
+> **Note**: When running `sudo docker login` credentials are saved in `/root/.docker/config.json`.
+>
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+**-p**, **--password**=""
+   Password
+
+**-u**, **--username**=""
+   Username
+
+# EXAMPLES
+
+## Login to a registry on your localhost
+
+    # docker login localhost:8080
+
+# See also
+**docker-logout(1)** to log out from a Docker registry.
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+April 2015, updated by Mary Anthony for v2 <mary@docker.com>
+November 2015, updated by Sally O'Malley <somalley@redhat.com>
diff --git a/man/docker-logout.1.md b/man/docker-logout.1.md
new file mode 100644
index 00000000..a8a4b7c3
--- /dev/null
+++ b/man/docker-logout.1.md
@@ -0,0 +1,32 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-logout - Log out from a Docker registry.
+
+# SYNOPSIS
+**docker logout**
+[SERVER]
+
+# DESCRIPTION
+Log out of a Docker Registry located on the specified `SERVER`. You can
+specify a URL or a `hostname` for the `SERVER` value. If you do not specify a
+`SERVER`, the command attempts to log you out of Docker's public registry
+located at `https://registry-1.docker.io/` by default.  
+
+# OPTIONS
+There are no available options.
+
+# EXAMPLES
+
+## Log out from a registry on your localhost
+
+    # docker logout localhost:8080
+
+# See also
+**docker-login(1)** to log in to a Docker registry server.
+
+# HISTORY
+June 2014, Originally compiled by Daniel, Dao Quang Minh (daniel at nitrous dot io)
+July 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+April 2015, updated by Mary Anthony for v2 <mary@docker.com>
diff --git a/man/docker-logs.1.md b/man/docker-logs.1.md
new file mode 100644
index 00000000..f910b535
--- /dev/null
+++ b/man/docker-logs.1.md
@@ -0,0 +1,64 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-logs - Fetch the logs of a container
+
+# SYNOPSIS
+**docker logs**
+[**-f**|**--follow**]
+[**--help**]
+[**--since**[=*SINCE*]]
+[**-t**|**--timestamps**]
+[**--tail**[=*"all"*]]
+CONTAINER
+
+# DESCRIPTION
+The **docker logs** command batch-retrieves whatever logs are present for
+a container at the time of execution. This does not guarantee execution
+order when combined with a docker run (i.e., your run may not have generated
+any logs at the time you execute docker logs).
+
+The **docker logs --follow** command combines commands **docker logs** and
+**docker attach**. It will first return all logs from the beginning and
+then continue streaming new output from the container’s stdout and stderr.
+
+**Warning**: This command works only for the **json-file** or **journald**
+logging drivers.
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+**-f**, **--follow**=*true*|*false*
+   Follow log output. The default is *false*.
+
+**--since**=""
+   Show logs since timestamp
+
+**-t**, **--timestamps**=*true*|*false*
+   Show timestamps. The default is *false*.
+
+**--tail**="*all*"
+   Output the specified number of lines at the end of logs (defaults to all logs)
+
+The `--since` option can be Unix timestamps, date formatted timestamps, or Go
+duration strings (e.g. `10m`, `1h30m`) computed relative to the client machine’s
+time. Supported formats for date formatted time stamps include RFC3339Nano,
+RFC3339, `2006-01-02T15:04:05`, `2006-01-02T15:04:05.999999999`,
+`2006-01-02Z07:00`, and `2006-01-02`. The local timezone on the client will be
+used if you do not provide either a `Z` or a `+-00:00` timezone offset at the
+end of the timestamp.  When providing Unix timestamps enter
+seconds[.nanoseconds], where seconds is the number of seconds that have elapsed
+since January 1, 1970 (midnight UTC/GMT), not counting leap  seconds (aka Unix
+epoch or Unix time), and the optional .nanoseconds field is a fraction of a
+second no more than nine digits long. You can combine the `--since` option with
+either or both of the `--follow` or `--tail` options.
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+July 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+April 2015, updated by Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
+October 2015, updated by Mike Brown <mikebrow@gmail.com>
diff --git a/man/docker-network-connect.1.md b/man/docker-network-connect.1.md
new file mode 100644
index 00000000..d6ee1593
--- /dev/null
+++ b/man/docker-network-connect.1.md
@@ -0,0 +1,69 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% OCT 2015
+# NAME
+docker-network-connect - connect a container to a network
+
+# SYNOPSIS
+**docker network connect**
+[**--help**]
+NETWORK CONTAINER
+
+# DESCRIPTION
+
+Connects a container to a network. You can connect a container by name
+or by ID. Once connected, the container can communicate with other containers in
+the same network.
+
+```bash
+$ docker network connect multi-host-network container1
+```
+
+You can also use the `docker run --net=<network-name>` option to start a container and immediately connect it to a network.
+
+```bash
+$ docker run -itd --net=multi-host-network --ip 172.20.88.22 --ip6 2001:db8::8822 busybox
+```
+
+You can pause, restart, and stop containers that are connected to a network.
+Paused containers remain connected and can be revealed by a `network inspect`.
+When the container is stopped, it does not appear on the network until you restart
+it.
+
+If specified, the container's IP address(es) is reapplied when a stopped
+container is restarted. If the IP address is no longer available, the container
+fails to start. One way to guarantee that the IP address is available is
+to specify an `--ip-range` when creating the network, and choose the static IP
+address(es) from outside that range. This ensures that the IP address is not
+given to another container while this container is not on the network.
+
+```bash
+$ docker network create --subnet 172.20.0.0/16 --ip-range 172.20.240.0/20 multi-host-network
+```
+
+```bash
+$ docker network connect --ip 172.20.128.2 multi-host-network container2
+```
+
+To verify the container is connected, use the `docker network inspect` command. Use `docker network disconnect` to remove a container from the network.
+
+Once connected in network, containers can communicate using only another
+container's IP address or name. For `overlay` networks or custom plugins that
+support multi-host connectivity, containers connected to the same multi-host
+network but launched from different Engines can also communicate in this way.
+
+You can connect a container to one or more networks. The networks need not be the same type. For example, you can connect a single container bridge and overlay networks.
+
+
+# OPTIONS
+**NETWORK**
+  Specify network name
+
+**CONTAINER**
+  Specify container name
+
+**--help**
+  Print usage statement
+
+# HISTORY
+OCT 2015, created by Mary Anthony <mary@docker.com>
diff --git a/man/docker-network-create.1.md b/man/docker-network-create.1.md
new file mode 100644
index 00000000..885a109e
--- /dev/null
+++ b/man/docker-network-create.1.md
@@ -0,0 +1,170 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% OCT 2015
+# NAME
+docker-network-create - create a new network
+
+# SYNOPSIS
+**docker network create**
+[**--aux-address**=*map[]*]
+[**-d**|**--driver**=*DRIVER*]
+[**--gateway**=*[]*]
+[**--help**]
+[**--internal**]
+[**--ip-range**=*[]*]
+[**--ipam-driver**=*default*]
+[**--ipam-opt**=*map[]*]
+[**--ipv6**]
+[**--label**[=*[]*]]
+[**-o**|**--opt**=*map[]*]
+[**--subnet**=*[]*]
+NETWORK-NAME
+
+# DESCRIPTION
+
+Creates a new network. The `DRIVER` accepts `bridge` or `overlay` which are the
+built-in network drivers. If you have installed a third party or your own custom
+network driver you can specify that `DRIVER` here also. If you don't specify the
+`--driver` option, the command automatically creates a `bridge` network for you.
+When you install Docker Engine it creates a `bridge` network automatically. This
+network corresponds to the `docker0` bridge that Engine has traditionally relied
+on. When launch a new container with  `docker run` it automatically connects to
+this bridge network. You cannot remove this default bridge network but you can
+create new ones using the `network create` command.
+
+```bash
+$ docker network create -d bridge my-bridge-network
+```
+
+Bridge networks are isolated networks on a single Engine installation. If you
+want to create a network that spans multiple Docker hosts each running an
+Engine, you must create an `overlay` network. Unlike `bridge` networks overlay
+networks require some pre-existing conditions before you can create one. These
+conditions are:
+
+* Access to a key-value store. Engine supports Consul, Etcd, and Zookeeper (Distributed store) key-value stores.
+* A cluster of hosts with connectivity to the key-value store.
+* A properly configured Engine `daemon` on each host in the cluster.
+
+The `docker daemon` options that support the `overlay` network are:
+
+* `--cluster-store`
+* `--cluster-store-opt`
+* `--cluster-advertise`
+
+To read more about these options and how to configure them, see ["*Get started
+with multi-host
+network*"](https://docs.docker.com/engine/userguide/networking/get-started-overlay/).
+
+It is also a good idea, though not required, that you install Docker Swarm on to
+manage the cluster that makes up your network. Swarm provides sophisticated
+discovery and server management that can assist your implementation.
+
+Once you have prepared the `overlay` network prerequisites you simply choose a
+Docker host in the cluster and issue the following to create the network:
+
+```bash
+$ docker network create -d overlay my-multihost-network
+```
+
+Network names must be unique. The Docker daemon attempts to identify naming
+conflicts but this is not guaranteed. It is the user's responsibility to avoid
+name conflicts.
+
+## Connect containers
+
+When you start a container use the `--net` flag to connect it to a network.
+This adds the `busybox` container to the `mynet` network.
+
+```bash
+$ docker run -itd --net=mynet busybox
+```
+
+If you want to add a container to a network after the container is already
+running use the `docker network connect` subcommand.
+
+You can connect multiple containers to the same network. Once connected, the
+containers can communicate using only another container's IP address or name.
+For `overlay` networks or custom plugins that support multi-host connectivity,
+containers connected to the same multi-host network but launched from different
+Engines can also communicate in this way.
+
+You can disconnect a container from a network using the `docker network
+disconnect` command.
+
+## Specifying advanced options
+
+When you create a network, Engine creates a non-overlapping subnetwork for the
+network by default. This subnetwork is not a subdivision of an existing network.
+It is purely for ip-addressing purposes. You can override this default and
+specify subnetwork values directly using the `--subnet` option. On a
+`bridge` network you can only create a single subnet:
+
+```bash
+docker network create -d bridge --subnet=192.168.0.0/16 br0
+```
+Additionally, you also specify the `--gateway` `--ip-range` and `--aux-address` options.
+
+```bash
+network create --driver=bridge --subnet=172.28.0.0/16 --ip-range=172.28.5.0/24 --gateway=172.28.5.254 br0
+```
+
+If you omit the `--gateway` flag the Engine selects one for you from inside a
+preferred pool. For `overlay` networks and for network driver plugins that
+support it you can create multiple subnetworks.
+
+```bash
+docker network create -d overlay
+  --subnet=192.168.0.0/16 --subnet=192.170.0.0/16
+  --gateway=192.168.0.100 --gateway=192.170.0.100
+  --ip-range=192.168.1.0/24
+  --aux-address a=192.168.1.5 --aux-address b=192.168.1.6
+  --aux-address a=192.170.1.5 --aux-address b=192.170.1.6
+  my-multihost-network
+```
+Be sure that your subnetworks do not overlap. If they do, the network create fails and Engine returns an error.
+
+### Network internal mode
+
+By default, when you connect a container to an `overlay` network, Docker also connects a bridge network to it to provide external connectivity.
+If you want to create an externally isolated `overlay` network, you can specify the `--internal` option.
+
+# OPTIONS
+**--aux-address**=map[]
+  Auxiliary ipv4 or ipv6 addresses used by network driver
+
+**-d**, **--driver**=*DRIVER*
+  Driver to manage the Network bridge or overlay. The default is bridge.
+
+**--gateway**=[]
+  ipv4 or ipv6 Gateway for the master subnet
+
+**--help**
+  Print usage
+
+**--internal**
+  Restricts external access to the network
+
+**--ip-range**=[]
+  Allocate container ip from a sub-range
+
+**--ipam-driver**=*default*
+  IP Address Management Driver
+
+**--ipam-opt**=map[]
+  Set custom IPAM driver options
+
+**--ipv6**
+  Enable IPv6 networking
+
+**--label**=*label*
+   Set metadata for a network
+
+**-o**, **--opt**=map[]
+  Set custom driver options
+
+**--subnet**=[]
+  Subnet in CIDR format that represents a network segment
+
+# HISTORY
+OCT 2015, created by Mary Anthony <mary@docker.com>
diff --git a/man/docker-network-disconnect.1.md b/man/docker-network-disconnect.1.md
new file mode 100644
index 00000000..09bcac51
--- /dev/null
+++ b/man/docker-network-disconnect.1.md
@@ -0,0 +1,36 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% OCT 2015
+# NAME
+docker-network-disconnect - disconnect a container from a network
+
+# SYNOPSIS
+**docker network disconnect**
+[**--help**]
+[**--force**]
+NETWORK CONTAINER
+
+# DESCRIPTION
+
+Disconnects a container from a network.
+
+```bash
+  $ docker network disconnect multi-host-network container1
+```
+
+
+# OPTIONS
+**NETWORK**
+  Specify network name
+
+**CONTAINER**
+    Specify container name
+
+**--force**
+  Force the container to disconnect from a network
+
+**--help**
+  Print usage statement
+
+# HISTORY
+OCT 2015, created by Mary Anthony <mary@docker.com>
diff --git a/man/docker-network-inspect.1.md b/man/docker-network-inspect.1.md
new file mode 100644
index 00000000..da4e7c35
--- /dev/null
+++ b/man/docker-network-inspect.1.md
@@ -0,0 +1,112 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% OCT 2015
+# NAME
+docker-network-inspect - inspect a network
+
+# SYNOPSIS
+**docker network inspect**
+[**-f**|**--format**[=*FORMAT*]]
+[**--help**]
+NETWORK [NETWORK...]
+
+# DESCRIPTION
+
+Returns information about one or more networks. By default, this command renders all results in a JSON object. For example, if you connect two containers to the default `bridge` network:
+
+```bash
+$ sudo docker run -itd --name=container1 busybox
+f2870c98fd504370fb86e59f32cd0753b1ac9b69b7d80566ffc7192a82b3ed27
+
+$ sudo docker run -itd --name=container2 busybox
+bda12f8922785d1f160be70736f26c1e331ab8aaf8ed8d56728508f2e2fd4727
+```
+
+The `network inspect` command shows the containers, by id, in its
+results. You can specify an alternate format to execute a given
+template for each result. Go's
+[text/template](http://golang.org/pkg/text/template/) package
+describes all the details of the format.
+
+```bash
+$ sudo docker network inspect bridge
+[
+    {
+        "Name": "bridge",
+        "Id": "b2b1a2cba717161d984383fd68218cf70bbbd17d328496885f7c921333228b0f",
+        "Scope": "local",
+        "Driver": "bridge",
+        "IPAM": {
+            "Driver": "default",
+            "Config": [
+                {
+                    "Subnet": "172.17.42.1/16",
+                    "Gateway": "172.17.42.1"
+                }
+            ]
+        },
+        "Internal": false,
+        "Containers": {
+            "bda12f8922785d1f160be70736f26c1e331ab8aaf8ed8d56728508f2e2fd4727": {
+                "Name": "container2",
+                "EndpointID": "0aebb8fcd2b282abe1365979536f21ee4ceaf3ed56177c628eae9f706e00e019",
+                "MacAddress": "02:42:ac:11:00:02",
+                "IPv4Address": "172.17.0.2/16",
+                "IPv6Address": ""
+            },
+            "f2870c98fd504370fb86e59f32cd0753b1ac9b69b7d80566ffc7192a82b3ed27": {
+                "Name": "container1",
+                "EndpointID": "a00676d9c91a96bbe5bcfb34f705387a33d7cc365bac1a29e4e9728df92d10ad",
+                "MacAddress": "02:42:ac:11:00:01",
+                "IPv4Address": "172.17.0.1/16",
+                "IPv6Address": ""
+            }
+        },
+        "Options": {
+            "com.docker.network.bridge.default_bridge": "true",
+            "com.docker.network.bridge.enable_icc": "true",
+            "com.docker.network.bridge.enable_ip_masquerade": "true",
+            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
+            "com.docker.network.bridge.name": "docker0",
+            "com.docker.network.driver.mtu": "1500"
+        }
+    }
+]
+```
+
+Returns the information about the user-defined network:
+
+```bash
+$ docker network create simple-network
+69568e6336d8c96bbf57869030919f7c69524f71183b44d80948bd3927c87f6a
+$ docker network inspect simple-network
+[
+    {
+        "Name": "simple-network",
+        "Id": "69568e6336d8c96bbf57869030919f7c69524f71183b44d80948bd3927c87f6a",
+        "Scope": "local",
+        "Driver": "bridge",
+        "IPAM": {
+            "Driver": "default",
+            "Config": [
+                {
+                    "Subnet": "172.22.0.0/16",
+                    "Gateway": "172.22.0.1/16"
+                }
+            ]
+        },
+        "Containers": {},
+        "Options": {}
+    }
+]
+```
+
+# OPTIONS
+**-f**, **--format**=""
+  Format the output using the given go template.
+
+**--help**
+  Print usage statement
+
+# HISTORY
+OCT 2015, created by Mary Anthony <mary@docker.com>
diff --git a/man/docker-network-ls.1.md b/man/docker-network-ls.1.md
new file mode 100644
index 00000000..56a8334a
--- /dev/null
+++ b/man/docker-network-ls.1.md
@@ -0,0 +1,138 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% OCT 2015
+# NAME
+docker-network-ls - list networks
+
+# SYNOPSIS
+**docker network ls**
+[**-f**|**--filter**[=*[]*]]
+[**--no-trunc**[=*true*|*false*]]
+[**-q**|**--quiet**[=*true*|*false*]]
+[**--help**]
+
+# DESCRIPTION
+
+Lists all the networks the Engine `daemon` knows about. This includes the
+networks that span across multiple hosts in a cluster, for example:
+
+```bash
+    $ docker network ls
+    NETWORK ID          NAME                DRIVER
+    7fca4eb8c647        bridge              bridge
+    9f904ee27bf5        none                null
+    cf03ee007fb4        host                host
+    78b03ee04fc4        multi-host          overlay
+```
+
+Use the `--no-trunc` option to display the full network id:
+
+```bash
+$ docker network ls --no-trunc
+NETWORK ID                                                         NAME                DRIVER
+18a2866682b85619a026c81b98a5e375bd33e1b0936a26cc497c283d27bae9b3   none                null                
+c288470c46f6c8949c5f7e5099b5b7947b07eabe8d9a27d79a9cbf111adcbf47   host                host                
+7b369448dccbf865d397c8d2be0cda7cf7edc6b0945f77d2529912ae917a0185   bridge              bridge              
+95e74588f40db048e86320c6526440c504650a1ff3e9f7d60a497c4d2163e5bd   foo                 bridge    
+63d1ff1f77b07ca51070a8c227e962238358bd310bde1529cf62e6c307ade161   dev                 bridge
+```
+
+## Filtering
+
+The filtering flag (`-f` or `--filter`) format is a `key=value` pair. If there
+is more than one filter, then pass multiple flags (e.g. `--filter "foo=bar" --filter "bif=baz"`).
+Multiple filter flags are combined as an `OR` filter. For example, 
+`-f type=custom -f type=builtin` returns both `custom` and `builtin` networks.
+
+The currently supported filters are:
+
+* id (network's id)
+* name (network's name)
+* type (custom|builtin)
+
+#### Type
+
+The `type` filter supports two values; `builtin` displays predefined networks
+(`bridge`, `none`, `host`), whereas `custom` displays user defined networks.
+
+The following filter matches all user defined networks:
+
+```bash
+$ docker network ls --filter type=custom
+NETWORK ID          NAME                DRIVER
+95e74588f40d        foo                 bridge
+63d1ff1f77b0        dev                 bridge
+```
+
+By having this flag it allows for batch cleanup. For example, use this filter
+to delete all user defined networks:
+
+```bash
+$ docker network rm `docker network ls --filter type=custom -q`
+```
+
+A warning will be issued when trying to remove a network that has containers
+attached.
+
+#### Name
+
+The `name` filter matches on all or part of a network's name.
+
+The following filter matches all networks with a name containing the `foobar` string.
+
+```bash
+$ docker network ls --filter name=foobar
+NETWORK ID          NAME                DRIVER
+06e7eef0a170        foobar              bridge
+```
+
+You can also filter for a substring in a name as this shows:
+
+```bash
+$ docker network ls --filter name=foo
+NETWORK ID          NAME                DRIVER
+95e74588f40d        foo                 bridge
+06e7eef0a170        foobar              bridge
+```
+
+#### ID
+
+The `id` filter matches on all or part of a network's ID.
+
+The following filter matches all networks with an ID containing the
+`63d1ff1f77b0...` string.
+
+```bash
+$ docker network ls --filter id=63d1ff1f77b07ca51070a8c227e962238358bd310bde1529cf62e6c307ade161
+NETWORK ID          NAME                DRIVER
+63d1ff1f77b0        dev                 bridge
+```
+
+You can also filter for a substring in an ID as this shows:
+
+```bash
+$ docker network ls --filter id=95e74588f40d
+NETWORK ID          NAME                DRIVER
+95e74588f40d        foo                 bridge
+
+$ docker network ls --filter id=95e
+NETWORK ID          NAME                DRIVER
+95e74588f40d        foo                 bridge
+```
+
+# OPTIONS
+
+**-f**, **--filter**=*[]*
+  filter output based on conditions provided. 
+
+**--no-trunc**=*true*|*false*
+  Do not truncate the output
+
+**-q**, **--quiet**=*true*|*false*
+  Only display numeric IDs
+
+**--help**
+  Print usage statement
+
+# HISTORY
+OCT 2015, created by Mary Anthony <mary@docker.com>
diff --git a/man/docker-network-rm.1.md b/man/docker-network-rm.1.md
new file mode 100644
index 00000000..c094a152
--- /dev/null
+++ b/man/docker-network-rm.1.md
@@ -0,0 +1,43 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% OCT 2015
+# NAME
+docker-network-rm - remove one or more networks
+
+# SYNOPSIS
+**docker network rm** 
+[**--help**]
+NETWORK [NETWORK...]
+
+# DESCRIPTION
+
+Removes one or more networks by name or identifier. To remove a network,
+you must first disconnect any containers connected to it.
+To remove the network named 'my-network':
+
+```bash
+  $ docker network rm my-network
+```
+
+To delete multiple networks in a single `docker network rm` command, provide
+multiple network names or ids. The following example deletes a network with id
+`3695c422697f` and a network named `my-network`:
+
+```bash
+  $ docker network rm 3695c422697f my-network
+```
+
+When you specify multiple networks, the command attempts to delete each in turn.
+If the deletion of one network fails, the command continues to the next on the
+list and tries to delete that. The command reports success or failure for each
+deletion.
+
+# OPTIONS
+**NETWORK**
+  Specify network name or id
+
+**--help**
+  Print usage statement
+
+# HISTORY
+OCT 2015, created by Mary Anthony <mary@docker.com>
diff --git a/man/docker-pause.1.md b/man/docker-pause.1.md
new file mode 100644
index 00000000..5d2267af
--- /dev/null
+++ b/man/docker-pause.1.md
@@ -0,0 +1,30 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-pause - Pause all processes within a container
+
+# SYNOPSIS
+**docker pause**
+CONTAINER [CONTAINER...]
+
+# DESCRIPTION
+
+The `docker pause` command uses the cgroups freezer to suspend all processes in
+a container.  Traditionally when suspending a process the `SIGSTOP` signal is
+used, which is observable by the process being suspended. With the cgroups freezer
+the process is unaware, and unable to capture, that it is being suspended,
+and subsequently resumed.
+
+See the [cgroups freezer documentation]
+(https://www.kernel.org/doc/Documentation/cgroups/freezer-subsystem.txt) for
+further details.
+
+# OPTIONS
+There are no available options.
+
+# See also
+**docker-unpause(1)** to unpause all processes within a container.
+
+# HISTORY
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
diff --git a/man/docker-port.1.md b/man/docker-port.1.md
new file mode 100644
index 00000000..83e9cf93
--- /dev/null
+++ b/man/docker-port.1.md
@@ -0,0 +1,47 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-port - List port mappings for the CONTAINER, or lookup the public-facing port that is NAT-ed to the PRIVATE_PORT
+
+# SYNOPSIS
+**docker port**
+[**--help**]
+CONTAINER [PRIVATE_PORT[/PROTO]]
+
+# DESCRIPTION
+List port mappings for the CONTAINER, or lookup the public-facing port that is NAT-ed to the PRIVATE_PORT
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+# EXAMPLES
+
+    # docker ps
+    CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS                                            NAMES
+    b650456536c7        busybox:latest      top                 54 minutes ago      Up 54 minutes       0.0.0.0:1234->9876/tcp, 0.0.0.0:4321->7890/tcp   test
+
+## Find out all the ports mapped
+
+    # docker port test
+    7890/tcp -> 0.0.0.0:4321
+    9876/tcp -> 0.0.0.0:1234
+
+## Find out a specific mapping
+
+    # docker port test 7890/tcp
+    0.0.0.0:4321
+
+    # docker port test 7890
+    0.0.0.0:4321
+
+## An example showing error for non-existent mapping
+
+    # docker port test 7890/udp
+    2014/06/24 11:53:36 Error: No public port '7890/udp' published for test
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+November 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
diff --git a/man/docker-ps.1.md b/man/docker-ps.1.md
new file mode 100644
index 00000000..f5679664
--- /dev/null
+++ b/man/docker-ps.1.md
@@ -0,0 +1,141 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% FEBRUARY 2015
+# NAME
+docker-ps - List containers
+
+# SYNOPSIS
+**docker ps**
+[**-a**|**--all**]
+[**-f**|**--filter**[=*[]*]]
+[**--format**=*"TEMPLATE"*]
+[**--help**]
+[**-l**|**--latest**]
+[**-n**[=*-1*]]
+[**--no-trunc**]
+[**-q**|**--quiet**]
+[**-s**|**--size**]
+
+# DESCRIPTION
+
+List the containers in the local repository. By default this shows only
+the running containers.
+
+# OPTIONS
+**-a**, **--all**=*true*|*false*
+   Show all containers. Only running containers are shown by default. The default is *false*.
+
+**-f**, **--filter**=[]
+   Filter output based on these conditions:
+   - exited=<int> an exit code of <int>
+   - label=<key> or label=<key>=<value>
+   - status=(created|restarting|running|paused|exited|dead)
+   - name=<string> a container's name
+   - id=<ID> a container's ID
+   - before=(<container-name>|<container-id>)
+   - since=(<container-name>|<container-id>)
+   - ancestor=(<image-name>[:tag]|<image-id>|<image@digest>) - containers created from an image or a descendant.
+   - volume=(<volume-name>|<mount-point-destination>)
+
+**--format**="*TEMPLATE*"
+   Pretty-print containers using a Go template.
+   Valid placeholders:
+      .ID - Container ID
+      .Image - Image ID
+      .Command - Quoted command
+      .CreatedAt - Time when the container was created.
+      .RunningFor - Elapsed time since the container was started.
+      .Ports - Exposed ports.
+      .Status - Container status.
+      .Size - Container disk size.
+      .Names - Container names.
+      .Labels - All labels assigned to the container.
+      .Label - Value of a specific label for this container. For example `{{.Label "com.docker.swarm.cpu"}}`
+      .Mounts - Names of the volumes mounted in this container.
+
+**--help**
+  Print usage statement
+
+**-l**, **--latest**=*true*|*false*
+   Show only the latest created container (includes all states). The default is *false*.
+
+**-n**=*-1*
+   Show n last created containers (includes all states).
+
+**--no-trunc**=*true*|*false*
+   Don't truncate output. The default is *false*.
+
+**-q**, **--quiet**=*true*|*false*
+   Only display numeric IDs. The default is *false*.
+
+**-s**, **--size**=*true*|*false*
+   Display total file sizes. The default is *false*.
+
+# EXAMPLES
+# Display all containers, including non-running
+
+    # docker ps -a
+    CONTAINER ID        IMAGE                 COMMAND                CREATED             STATUS      PORTS    NAMES
+    a87ecb4f327c        fedora:20             /bin/sh -c #(nop) MA   20 minutes ago      Exit 0               desperate_brattain
+    01946d9d34d8        vpavlin/rhel7:latest  /bin/sh -c #(nop) MA   33 minutes ago      Exit 0               thirsty_bell
+    c1d3b0166030        acffc0358b9e          /bin/sh -c yum -y up   2 weeks ago         Exit 1               determined_torvalds
+    41d50ecd2f57        fedora:20             /bin/sh -c #(nop) MA   2 weeks ago         Exit 0               drunk_pike
+
+# Display only IDs of all containers, including non-running
+
+    # docker ps -a -q
+    a87ecb4f327c
+    01946d9d34d8
+    c1d3b0166030
+    41d50ecd2f57
+
+# Display only IDs of all containers that have the name `determined_torvalds`
+
+    # docker ps -a -q --filter=name=determined_torvalds
+    c1d3b0166030
+
+# Display containers with their commands
+
+    # docker ps --format "{{.ID}}: {{.Command}}"
+    a87ecb4f327c: /bin/sh -c #(nop) MA
+    01946d9d34d8: /bin/sh -c #(nop) MA
+    c1d3b0166030: /bin/sh -c yum -y up
+    41d50ecd2f57: /bin/sh -c #(nop) MA
+
+# Display containers with their labels in a table
+
+    # docker ps --format "table {{.ID}}\t{{.Labels}}"
+    CONTAINER ID        LABELS
+    a87ecb4f327c        com.docker.swarm.node=ubuntu,com.docker.swarm.storage=ssd
+    01946d9d34d8
+    c1d3b0166030        com.docker.swarm.node=debian,com.docker.swarm.cpu=6
+    41d50ecd2f57        com.docker.swarm.node=fedora,com.docker.swarm.cpu=3,com.docker.swarm.storage=ssd
+
+# Display containers with their node label in a table
+
+    # docker ps --format 'table {{.ID}}\t{{(.Label "com.docker.swarm.node")}}'
+    CONTAINER ID        NODE
+    a87ecb4f327c        ubuntu
+    01946d9d34d8
+    c1d3b0166030        debian
+    41d50ecd2f57        fedora
+
+# Display containers with `remote-volume` mounted
+
+    $ docker ps --filter volume=remote-volume --format "table {{.ID}}\t{{.Mounts}}"
+    CONTAINER ID        MOUNTS
+    9c3527ed70ce        remote-volume
+
+# Display containers with a volume mounted in `/data`
+
+    $ docker ps --filter volume=/data --format "table {{.ID}}\t{{.Mounts}}"
+    CONTAINER ID        MOUNTS
+    9c3527ed70ce        remote-volume
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+August 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+November 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+February 2015, updated by André Martins <martins@noironetworks.com>
diff --git a/man/docker-pull.1.md b/man/docker-pull.1.md
new file mode 100644
index 00000000..c61d0053
--- /dev/null
+++ b/man/docker-pull.1.md
@@ -0,0 +1,220 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-pull - Pull an image or a repository from a registry
+
+# SYNOPSIS
+**docker pull**
+[**-a**|**--all-tags**]
+[**--help**] 
+NAME[:TAG] | [REGISTRY_HOST[:REGISTRY_PORT]/]NAME[:TAG]
+
+# DESCRIPTION
+
+This command pulls down an image or a repository from a registry. If
+there is more than one image for a repository (e.g., fedora) then all
+images for that repository name can be pulled down including any tags
+(see the option **-a** or **--all-tags**).
+
+If you do not specify a `REGISTRY_HOST`, the command uses Docker's public
+registry located at `registry-1.docker.io` by default. 
+
+# OPTIONS
+**-a**, **--all-tags**=*true*|*false*
+   Download all tagged images in the repository. The default is *false*.
+
+**--help**
+  Print usage statement
+
+# EXAMPLES
+
+### Pull an image from Docker Hub
+
+To download a particular image, or set of images (i.e., a repository), use
+`docker pull`. If no tag is provided, Docker Engine uses the `:latest` tag as a
+default. This command pulls the `debian:latest` image:
+
+    $ docker pull debian
+
+    Using default tag: latest
+    latest: Pulling from library/debian
+    fdd5d7827f33: Pull complete
+    a3ed95caeb02: Pull complete
+    Digest: sha256:e7d38b3517548a1c71e41bffe9c8ae6d6d29546ce46bf62159837aad072c90aa
+    Status: Downloaded newer image for debian:latest
+
+Docker images can consist of multiple layers. In the example above, the image
+consists of two layers; `fdd5d7827f33` and `a3ed95caeb02`.
+
+Layers can be reused by images. For example, the `debian:jessie` image shares
+both layers with `debian:latest`. Pulling the `debian:jessie` image therefore
+only pulls its metadata, but not its layers, because all layers are already
+present locally:
+
+    $ docker pull debian:jessie
+
+    jessie: Pulling from library/debian
+    fdd5d7827f33: Already exists
+    a3ed95caeb02: Already exists
+    Digest: sha256:a9c958be96d7d40df920e7041608f2f017af81800ca5ad23e327bc402626b58e
+    Status: Downloaded newer image for debian:jessie
+
+To see which images are present locally, use the **docker-images(1)**
+command:
+
+    $ docker images
+
+    REPOSITORY   TAG      IMAGE ID        CREATED      SIZE
+    debian       jessie   f50f9524513f    5 days ago   125.1 MB
+    debian       latest   f50f9524513f    5 days ago   125.1 MB
+
+Docker uses a content-addressable image store, and the image ID is a SHA256
+digest covering the image's configuration and layers. In the example above,
+`debian:jessie` and `debian:latest` have the same image ID because they are
+actually the *same* image tagged with different names. Because they are the
+same image, their layers are stored only once and do not consume extra disk
+space.
+
+For more information about images, layers, and the content-addressable store,
+refer to [understand images, containers, and storage drivers](https://docs.docker.com/engine/userguide/storagedriver/imagesandcontainers/)
+in the online documentation.
+
+
+## Pull an image by digest (immutable identifier)
+
+So far, you've pulled images by their name (and "tag"). Using names and tags is
+a convenient way to work with images. When using tags, you can `docker pull` an
+image again to make sure you have the most up-to-date version of that image.
+For example, `docker pull ubuntu:14.04` pulls the latest version of the Ubuntu
+14.04 image.
+
+In some cases you don't want images to be updated to newer versions, but prefer
+to use a fixed version of an image. Docker enables you to pull an image by its
+*digest*. When pulling an image by digest, you specify *exactly* which version
+of an image to pull. Doing so, allows you to "pin" an image to that version,
+and guarantee that the image you're using is always the same.
+
+To know the digest of an image, pull the image first. Let's pull the latest
+`ubuntu:14.04` image from Docker Hub:
+
+    $ docker pull ubuntu:14.04
+
+    14.04: Pulling from library/ubuntu
+    5a132a7e7af1: Pull complete
+    fd2731e4c50c: Pull complete
+    28a2f68d1120: Pull complete
+    a3ed95caeb02: Pull complete
+    Digest: sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2
+    Status: Downloaded newer image for ubuntu:14.04
+
+Docker prints the digest of the image after the pull has finished. In the example
+above, the digest of the image is:
+
+    sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2
+
+Docker also prints the digest of an image when *pushing* to a registry. This
+may be useful if you want to pin to a version of the image you just pushed.
+
+A digest takes the place of the tag when pulling an image, for example, to 
+pull the above image by digest, run the following command:
+
+    $ docker pull ubuntu@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2
+
+    sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2: Pulling from library/ubuntu
+    5a132a7e7af1: Already exists
+    fd2731e4c50c: Already exists
+    28a2f68d1120: Already exists
+    a3ed95caeb02: Already exists
+    Digest: sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2
+    Status: Downloaded newer image for ubuntu@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2
+
+Digest can also be used in the `FROM` of a Dockerfile, for example:
+
+    FROM ubuntu@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2
+    MAINTAINER some maintainer <maintainer@example.com>
+
+> **Note**: Using this feature "pins" an image to a specific version in time.
+> Docker will therefore not pull updated versions of an image, which may include 
+> security updates. If you want to pull an updated image, you need to change the
+> digest accordingly.
+
+## Pulling from a different registry
+
+By default, `docker pull` pulls images from Docker Hub. It is also possible to
+manually specify the path of a registry to pull from. For example, if you have
+set up a local registry, you can specify its path to pull from it. A registry
+path is similar to a URL, but does not contain a protocol specifier (`https://`).
+
+The following command pulls the `testing/test-image` image from a local registry
+listening on port 5000 (`myregistry.local:5000`):
+
+    $ docker pull myregistry.local:5000/testing/test-image
+
+Registry credentials are managed by **docker-login(1)**.
+
+Docker uses the `https://` protocol to communicate with a registry, unless the
+registry is allowed to be accessed over an insecure connection. Refer to the
+[insecure registries](https://docs.docker.com/engine/reference/commandline/daemon/#insecure-registries)
+section in the online documentation for more information.
+
+
+## Pull a repository with multiple images
+
+By default, `docker pull` pulls a *single* image from the registry. A repository
+can contain multiple images. To pull all images from a repository, provide the
+`-a` (or `--all-tags`) option when using `docker pull`.
+
+This command pulls all images from the `fedora` repository:
+
+    $ docker pull --all-tags fedora
+
+    Pulling repository fedora
+    ad57ef8d78d7: Download complete
+    105182bb5e8b: Download complete
+    511136ea3c5a: Download complete
+    73bd853d2ea5: Download complete
+    ....
+
+    Status: Downloaded newer image for fedora
+
+After the pull has completed use the `docker images` command to see the
+images that were pulled. The example below shows all the `fedora` images
+that are present locally:
+
+    $ docker images fedora
+
+    REPOSITORY   TAG         IMAGE ID        CREATED      SIZE
+    fedora       rawhide     ad57ef8d78d7    5 days ago   359.3 MB
+    fedora       20          105182bb5e8b    5 days ago   372.7 MB
+    fedora       heisenbug   105182bb5e8b    5 days ago   372.7 MB
+    fedora       latest      105182bb5e8b    5 days ago   372.7 MB
+
+
+## Canceling a pull
+
+Killing the `docker pull` process, for example by pressing `CTRL-c` while it is
+running in a terminal, will terminate the pull operation.
+
+    $ docker pull fedora
+
+    Using default tag: latest
+    latest: Pulling from library/fedora
+    a3ed95caeb02: Pulling fs layer
+    236608c7b546: Pulling fs layer
+    ^C
+
+> **Note**: Technically, the Engine terminates a pull operation when the
+> connection between the Docker Engine daemon and the Docker Engine client
+> initiating the pull is lost. If the connection with the Engine daemon is
+> lost for other reasons than a manual interaction, the pull is also aborted.
+
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+August 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+April 2015, updated by John Willis <john.willis@docker.com>
+April 2015, updated by Mary Anthony for v2 <mary@docker.com>
+September 2015, updated by Sally O'Malley <somalley@redhat.com>
diff --git a/man/docker-push.1.md b/man/docker-push.1.md
new file mode 100644
index 00000000..1b487a0d
--- /dev/null
+++ b/man/docker-push.1.md
@@ -0,0 +1,54 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-push - Push an image or a repository to a registry
+
+# SYNOPSIS
+**docker push**
+[**--help**]
+NAME[:TAG] | [REGISTRY_HOST[:REGISTRY_PORT]/]NAME[:TAG]
+
+# DESCRIPTION
+
+This command pushes an image or a repository to a registry. If you do not
+specify a `REGISTRY_HOST`, the command uses Docker's public registry located at
+`registry-1.docker.io` by default. 
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+# EXAMPLES
+
+# Pushing a new image to a registry
+
+First save the new image by finding the container ID (using **docker ps**)
+and then committing it to a new image name.  Note that only a-z0-9-_. are
+allowed when naming images:
+
+    # docker commit c16378f943fe rhel-httpd
+
+Now, push the image to the registry using the image ID. In this example the
+registry is on host named `registry-host` and listening on port `5000`. To do
+this, tag the image with the host name or IP address, and the port of the
+registry:
+
+    # docker tag rhel-httpd registry-host:5000/myadmin/rhel-httpd
+    # docker push registry-host:5000/myadmin/rhel-httpd
+
+Check that this worked by running:
+
+    # docker images
+
+You should see both `rhel-httpd` and `registry-host:5000/myadmin/rhel-httpd`
+listed.
+
+Registry credentials are managed by **docker-login(1)**.
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+April 2015, updated by Mary Anthony for v2 <mary@docker.com>
+June 2015, updated by Sally O'Malley <somalley@redhat.com>
diff --git a/man/docker-rename.1.md b/man/docker-rename.1.md
new file mode 100644
index 00000000..aa19a03a
--- /dev/null
+++ b/man/docker-rename.1.md
@@ -0,0 +1,15 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% OCTOBER 2014
+# NAME
+docker-rename - Rename a container
+
+# SYNOPSIS
+**docker rename**
+OLD_NAME NEW_NAME
+
+# OPTIONS
+There are no available options.
+
+# DESCRIPTION
+Rename a container.  Container may be running, paused or stopped.
diff --git a/man/docker-restart.1.md b/man/docker-restart.1.md
new file mode 100644
index 00000000..e0ffb32d
--- /dev/null
+++ b/man/docker-restart.1.md
@@ -0,0 +1,26 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-restart - Restart a container
+
+# SYNOPSIS
+**docker restart**
+[**--help**]
+[**-t**|**--time**[=*10*]]
+CONTAINER [CONTAINER...]
+
+# DESCRIPTION
+Restart each container listed.
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+**-t**, **--time**=*10*
+   Number of seconds to try to stop for before killing the container. Once killed it will then be restarted. Default is 10 seconds.
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
diff --git a/man/docker-rm.1.md b/man/docker-rm.1.md
new file mode 100644
index 00000000..2105288d
--- /dev/null
+++ b/man/docker-rm.1.md
@@ -0,0 +1,72 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-rm - Remove one or more containers
+
+# SYNOPSIS
+**docker rm**
+[**-f**|**--force**]
+[**-l**|**--link**]
+[**-v**|**--volumes**]
+CONTAINER [CONTAINER...]
+
+# DESCRIPTION
+
+**docker rm** will remove one or more containers from the host node. The
+container name or ID can be used. This does not remove images. You cannot
+remove a running container unless you use the **-f** option. To see all
+containers on a host use the **docker ps -a** command.
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+**-f**, **--force**=*true*|*false*
+   Force the removal of a running container (uses SIGKILL). The default is *false*.
+
+**-l**, **--link**=*true*|*false*
+   Remove the specified link and not the underlying container. The default is *false*.
+
+**-v**, **--volumes**=*true*|*false*
+   Remove the volumes associated with the container. The default is *false*.
+
+# EXAMPLES
+
+## Removing a container using its ID
+
+To remove a container using its ID, find either from a **docker ps -a**
+command, or use the ID returned from the **docker run** command, or retrieve
+it from a file used to store it using the **docker run --cidfile**:
+
+    docker rm abebf7571666
+
+## Removing a container using the container name
+
+The name of the container can be found using the **docker ps -a**
+command. The use that name as follows:
+
+    docker rm hopeful_morse
+
+## Removing a container and all associated volumes
+
+    $ docker rm -v redis
+    redis
+
+This command will remove the container and any volumes associated with it.
+Note that if a volume was specified with a name, it will not be removed.
+
+    $ docker create -v awesome:/foo -v /bar --name hello redis
+    hello
+    $ docker rm -v hello
+
+In this example, the volume for `/foo` will remain in tact, but the volume for
+`/bar` will be removed. The same behavior holds for volumes inherited with
+`--volumes-from`.
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+July 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+August 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
diff --git a/man/docker-rmi.1.md b/man/docker-rmi.1.md
new file mode 100644
index 00000000..35bf8aac
--- /dev/null
+++ b/man/docker-rmi.1.md
@@ -0,0 +1,42 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-rmi - Remove one or more images
+
+# SYNOPSIS
+**docker rmi**
+[**-f**|**--force**]
+[**--help**]
+[**--no-prune**]
+IMAGE [IMAGE...]
+
+# DESCRIPTION
+
+Removes one or more images from the host node. This does not remove images from
+a registry. You cannot remove an image of a running container unless you use the
+**-f** option. To see all images on a host use the **docker images** command.
+
+# OPTIONS
+**-f**, **--force**=*true*|*false*
+   Force removal of the image. The default is *false*.
+
+**--help**
+  Print usage statement
+
+**--no-prune**=*true*|*false*
+   Do not delete untagged parents. The default is *false*.
+
+# EXAMPLES
+
+## Removing an image
+
+Here is an example of removing an image:
+
+    docker rmi fedora/httpd
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+April 2015, updated by Mary Anthony for v2 <mary@docker.com>
diff --git a/man/docker-run.1.md b/man/docker-run.1.md
new file mode 100644
index 00000000..57808f33
--- /dev/null
+++ b/man/docker-run.1.md
@@ -0,0 +1,955 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-run - Run a command in a new container
+
+# SYNOPSIS
+**docker run**
+[**-a**|**--attach**[=*[]*]]
+[**--add-host**[=*[]*]]
+[**--blkio-weight**[=*[BLKIO-WEIGHT]*]]
+[**--blkio-weight-device**[=*[]*]]
+[**--cpu-shares**[=*0*]]
+[**--cap-add**[=*[]*]]
+[**--cap-drop**[=*[]*]]
+[**--cgroup-parent**[=*CGROUP-PATH*]]
+[**--cidfile**[=*CIDFILE*]]
+[**--cpu-period**[=*0*]]
+[**--cpu-quota**[=*0*]]
+[**--cpuset-cpus**[=*CPUSET-CPUS*]]
+[**--cpuset-mems**[=*CPUSET-MEMS*]]
+[**-d**|**--detach**]
+[**--detach-keys**[=*[]*]]
+[**--device**[=*[]*]]
+[**--device-read-bps**[=*[]*]]
+[**--device-read-iops**[=*[]*]]
+[**--device-write-bps**[=*[]*]]
+[**--device-write-iops**[=*[]*]]
+[**--dns**[=*[]*]]
+[**--dns-opt**[=*[]*]]
+[**--dns-search**[=*[]*]]
+[**-e**|**--env**[=*[]*]]
+[**--entrypoint**[=*ENTRYPOINT*]]
+[**--env-file**[=*[]*]]
+[**--expose**[=*[]*]]
+[**--group-add**[=*[]*]]
+[**-h**|**--hostname**[=*HOSTNAME*]]
+[**--help**]
+[**-i**|**--interactive**]
+[**--ip**[=*IPv4-ADDRESS*]]
+[**--ip6**[=*IPv6-ADDRESS*]]
+[**--ipc**[=*IPC*]]
+[**--isolation**[=*default*]]
+[**--kernel-memory**[=*KERNEL-MEMORY*]]
+[**-l**|**--label**[=*[]*]]
+[**--label-file**[=*[]*]]
+[**--link**[=*[]*]]
+[**--log-driver**[=*[]*]]
+[**--log-opt**[=*[]*]]
+[**-m**|**--memory**[=*MEMORY*]]
+[**--mac-address**[=*MAC-ADDRESS*]]
+[**--memory-reservation**[=*MEMORY-RESERVATION*]]
+[**--memory-swap**[=*LIMIT*]]
+[**--memory-swappiness**[=*MEMORY-SWAPPINESS*]]
+[**--name**[=*NAME*]]
+[**--net**[=*"bridge"*]]
+[**--net-alias**[=*[]*]]
+[**--oom-kill-disable**]
+[**--oom-score-adj**[=*0*]]
+[**-P**|**--publish-all**]
+[**-p**|**--publish**[=*[]*]]
+[**--pid**[=*[]*]]
+[**--userns**[=*[]*]]
+[**--pids-limit**[=*PIDS_LIMIT*]]
+[**--privileged**]
+[**--read-only**]
+[**--restart**[=*RESTART*]]
+[**--rm**]
+[**--security-opt**[=*[]*]]
+[**--stop-signal**[=*SIGNAL*]]
+[**--shm-size**[=*[]*]]
+[**--sig-proxy**[=*true*]]
+[**-t**|**--tty**]
+[**--tmpfs**[=*[CONTAINER-DIR[:<OPTIONS>]*]]
+[**-u**|**--user**[=*USER*]]
+[**--ulimit**[=*[]*]]
+[**--uts**[=*[]*]]
+[**-v**|**--volume**[=*[[HOST-DIR:]CONTAINER-DIR[:OPTIONS]]*]]
+[**--volume-driver**[=*DRIVER*]]
+[**--volumes-from**[=*[]*]]
+[**-w**|**--workdir**[=*WORKDIR*]]
+IMAGE [COMMAND] [ARG...]
+
+# DESCRIPTION
+
+Run a process in a new container. **docker run** starts a process with its own
+file system, its own networking, and its own isolated process tree. The IMAGE
+which starts the process may define defaults related to the process that will be
+run in the container, the networking to expose, and more, but **docker run**
+gives final control to the operator or administrator who starts the container
+from the image. For that reason **docker run** has more options than any other
+Docker command.
+
+If the IMAGE is not already loaded then **docker run** will pull the IMAGE, and
+all image dependencies, from the repository in the same way running **docker
+pull** IMAGE, before it starts the container from that image.
+
+# OPTIONS
+**-a**, **--attach**=[]
+   Attach to STDIN, STDOUT or STDERR.
+
+   In foreground mode (the default when **-d**
+is not specified), **docker run** can start the process in the container
+and attach the console to the process’s standard input, output, and standard
+error. It can even pretend to be a TTY (this is what most commandline
+executables expect) and pass along signals. The **-a** option can be set for
+each of stdin, stdout, and stderr.
+
+**--add-host**=[]
+   Add a custom host-to-IP mapping (host:ip)
+
+   Add a line to /etc/hosts. The format is hostname:ip.  The **--add-host**
+option can be set multiple times.
+
+**--blkio-weight**=*0*
+   Block IO weight (relative weight) accepts a weight value between 10 and 1000.
+
+**--blkio-weight-device**=[]
+   Block IO weight (relative device weight, format: `DEVICE_NAME:WEIGHT`).
+
+**--cpu-shares**=*0*
+   CPU shares (relative weight)
+
+   By default, all containers get the same proportion of CPU cycles. This proportion
+can be modified by changing the container's CPU share weighting relative
+to the weighting of all other running containers.
+
+To modify the proportion from the default of 1024, use the **--cpu-shares**
+flag to set the weighting to 2 or higher.
+
+The proportion will only apply when CPU-intensive processes are running.
+When tasks in one container are idle, other containers can use the
+left-over CPU time. The actual amount of CPU time will vary depending on
+the number of containers running on the system.
+
+For example, consider three containers, one has a cpu-share of 1024 and
+two others have a cpu-share setting of 512. When processes in all three
+containers attempt to use 100% of CPU, the first container would receive
+50% of the total CPU time. If you add a fourth container with a cpu-share
+of 1024, the first container only gets 33% of the CPU. The remaining containers
+receive 16.5%, 16.5% and 33% of the CPU.
+
+On a multi-core system, the shares of CPU time are distributed over all CPU
+cores. Even if a container is limited to less than 100% of CPU time, it can
+use 100% of each individual CPU core.
+
+For example, consider a system with more than three cores. If you start one
+container **{C0}** with **-c=512** running one process, and another container
+**{C1}** with **-c=1024** running two processes, this can result in the following
+division of CPU shares:
+
+    PID    container	CPU	CPU share
+    100    {C0}		0	100% of CPU0
+    101    {C1}		1	100% of CPU1
+    102    {C1}		2	100% of CPU2
+
+**--cap-add**=[]
+   Add Linux capabilities
+
+**--cap-drop**=[]
+   Drop Linux capabilities
+
+**--cgroup-parent**=""
+   Path to cgroups under which the cgroup for the container will be created. If the path is not absolute, the path is considered to be relative to the cgroups path of the init process. Cgroups will be created if they do not already exist.
+
+**--cidfile**=""
+   Write the container ID to the file
+
+**--cpu-period**=*0*
+   Limit the CPU CFS (Completely Fair Scheduler) period
+
+   Limit the container's CPU usage. This flag tell the kernel to restrict the container's CPU usage to the period you specify.
+
+**--cpuset-cpus**=""
+   CPUs in which to allow execution (0-3, 0,1)
+
+**--cpuset-mems**=""
+   Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems.
+
+   If you have four memory nodes on your system (0-3), use `--cpuset-mems=0,1`
+then processes in your Docker container will only use memory from the first
+two memory nodes.
+
+**--cpu-quota**=*0*
+   Limit the CPU CFS (Completely Fair Scheduler) quota
+
+   Limit the container's CPU usage. By default, containers run with the full
+CPU resource. This flag tell the kernel to restrict the container's CPU usage
+to the quota you specify.
+
+**-d**, **--detach**=*true*|*false*
+   Detached mode: run the container in the background and print the new container ID. The default is *false*.
+
+   At any time you can run **docker ps** in
+the other shell to view a list of the running containers. You can reattach to a
+detached container with **docker attach**. If you choose to run a container in
+the detached mode, then you cannot use the **-rm** option.
+
+   When attached in the tty mode, you can detach from the container (and leave it
+running) using a configurable key sequence. The default sequence is `CTRL-p CTRL-q`.
+You configure the key sequence using the **--detach-keys** option or a configuration file.
+See **config-json(5)** for documentation on using a configuration file.
+
+**--detach-keys**=""
+   Override the key sequence for detaching a container. Format is a single character `[a-Z]` or `ctrl-<value>` where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`.
+
+**--device**=[]
+   Add a host device to the container (e.g. --device=/dev/sdc:/dev/xvdc:rwm)
+
+**--device-read-bps**=[]
+   Limit read rate from a device (e.g. --device-read-bps=/dev/sda:1mb)
+
+**--device-read-iops**=[]
+   Limit read rate from a device (e.g. --device-read-iops=/dev/sda:1000)
+
+**--device-write-bps**=[]
+   Limit write rate to a device (e.g. --device-write-bps=/dev/sda:1mb)
+
+**--device-write-iops**=[]
+   Limit write rate a a device (e.g. --device-write-iops=/dev/sda:1000)
+
+**--dns-search**=[]
+   Set custom DNS search domains (Use --dns-search=. if you don't wish to set the search domain)
+
+**--dns-opt**=[]
+   Set custom DNS options
+
+**--dns**=[]
+   Set custom DNS servers
+
+   This option can be used to override the DNS
+configuration passed to the container. Typically this is necessary when the
+host DNS configuration is invalid for the container (e.g., 127.0.0.1). When this
+is the case the **--dns** flags is necessary for every run.
+
+**-e**, **--env**=[]
+   Set environment variables
+
+   This option allows you to specify arbitrary
+environment variables that are available for the process that will be launched
+inside of the container.
+
+**--entrypoint**=""
+   Overwrite the default ENTRYPOINT of the image
+
+   This option allows you to overwrite the default entrypoint of the image that
+is set in the Dockerfile. The ENTRYPOINT of an image is similar to a COMMAND
+because it specifies what executable to run when the container starts, but it is
+(purposely) more difficult to override. The ENTRYPOINT gives a container its
+default nature or behavior, so that when you set an ENTRYPOINT you can run the
+container as if it were that binary, complete with default options, and you can
+pass in more options via the COMMAND. But, sometimes an operator may want to run
+something else inside the container, so you can override the default ENTRYPOINT
+at runtime by using a **--entrypoint** and a string to specify the new
+ENTRYPOINT.
+
+**--env-file**=[]
+   Read in a line delimited file of environment variables
+
+**--expose**=[]
+   Expose a port, or a range of ports (e.g. --expose=3300-3310) informs Docker
+that the container listens on the specified network ports at runtime. Docker
+uses this information to interconnect containers using links and to set up port
+redirection on the host system.
+
+**--group-add**=[]
+   Add additional groups to run as
+
+**-h**, **--hostname**=""
+   Container host name
+
+   Sets the container host name that is available inside the container.
+
+**--help**
+  Print usage statement
+
+**-i**, **--interactive**=*true*|*false*
+   Keep STDIN open even if not attached. The default is *false*.
+
+   When set to true, keep stdin open even if not attached. The default is false.
+
+**--ip**=""
+   Sets the container's interface IPv4 address (e.g. 172.23.0.9)
+
+   It can only be used in conjunction with **--net** for user-defined networks
+
+**--ip6**=""
+   Sets the container's interface IPv6 address (e.g. 2001:db8::1b99)
+
+   It can only be used in conjunction with **--net** for user-defined networks
+
+**--ipc**=""
+   Default is to create a private IPC namespace (POSIX SysV IPC) for the container
+                               'container:<name|id>': reuses another container shared memory, semaphores and message queues
+                               'host': use the host shared memory,semaphores and message queues inside the container.  Note: the host mode gives the container full access to local shared memory and is therefore considered insecure.
+
+**--isolation**="*default*"
+   Isolation specifies the type of isolation technology used by containers.
+
+**-l**, **--label**=[]
+   Set metadata on the container (e.g., --label com.example.key=value)
+
+**--kernel-memory**=""
+   Kernel memory limit (format: `<number>[<unit>]`, where unit = b, k, m or g)
+
+   Constrains the kernel memory available to a container. If a limit of 0
+is specified (not using `--kernel-memory`), the container's kernel memory
+is not limited. If you specify a limit, it may be rounded up to a multiple
+of the operating system's page size and the value can be very large,
+millions of trillions.
+
+**--label-file**=[]
+   Read in a line delimited file of labels
+
+**--link**=[]
+   Add link to another container in the form of <name or id>:alias or just <name or id>
+in which case the alias will match the name
+
+   If the operator
+uses **--link** when starting the new client container, then the client
+container can access the exposed port via a private networking interface. Docker
+will set some environment variables in the client container to help indicate
+which interface and port to use.
+
+**--log-driver**="*json-file*|*syslog*|*journald*|*gelf*|*fluentd*|*awslogs*|*splunk*|*etwlogs*|*gcplogs*|*none*"
+  Logging driver for container. Default is defined by daemon `--log-driver` flag.
+  **Warning**: the `docker logs` command works only for the `json-file` and
+  `journald` logging drivers.
+
+**--log-opt**=[]
+  Logging driver specific options.
+
+**-m**, **--memory**=""
+   Memory limit (format: <number>[<unit>], where unit = b, k, m or g)
+
+   Allows you to constrain the memory available to a container. If the host
+supports swap memory, then the **-m** memory setting can be larger than physical
+RAM. If a limit of 0 is specified (not using **-m**), the container's memory is
+not limited. The actual limit may be rounded up to a multiple of the operating
+system's page size (the value would be very large, that's millions of trillions).
+
+**--memory-reservation**=""
+   Memory soft limit (format: <number>[<unit>], where unit = b, k, m or g)
+
+   After setting memory reservation, when the system detects memory contention
+or low memory, containers are forced to restrict their consumption to their
+reservation. So you should always set the value below **--memory**, otherwise the
+hard limit will take precedence. By default, memory reservation will be the same
+as memory limit.
+
+**--memory-swap**="LIMIT"
+   A limit value equal to memory plus swap. Must be used with the  **-m**
+(**--memory**) flag. The swap `LIMIT` should always be larger than **-m**
+(**--memory**) value.
+
+   The format of `LIMIT` is `<number>[<unit>]`. Unit can be `b` (bytes),
+`k` (kilobytes), `m` (megabytes), or `g` (gigabytes). If you don't specify a
+unit, `b` is used. Set LIMIT to `-1` to enable unlimited swap.
+
+**--mac-address**=""
+   Container MAC address (e.g. 92:d0:c6:0a:29:33)
+
+   Remember that the MAC address in an Ethernet network must be unique.
+The IPv6 link-local address will be based on the device's MAC address
+according to RFC4862.
+
+**--name**=""
+   Assign a name to the container
+
+   The operator can identify a container in three ways:
+    UUID long identifier (“f78375b1c487e03c9438c729345e54db9d20cfa2ac1fc3494b6eb60872e74778”)
+    UUID short identifier (“f78375b1c487”)
+    Name (“jonah”)
+
+   The UUID identifiers come from the Docker daemon, and if a name is not assigned
+to the container with **--name** then the daemon will also generate a random
+string name. The name is useful when defining links (see **--link**) (or any
+other place you need to identify a container). This works for both background
+and foreground Docker containers.
+
+**--net**="*bridge*"
+   Set the Network mode for the container
+                               'bridge': create a network stack on the default Docker bridge
+                               'none': no networking
+                               'container:<name|id>': reuse another container's network stack
+                               'host': use the Docker host network stack. Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure.
+                               '<network-name>|<network-id>': connect to a user-defined network
+
+**--net-alias**=[]
+   Add network-scoped alias for the container
+
+**--oom-kill-disable**=*true*|*false*
+   Whether to disable OOM Killer for the container or not.
+
+**--oom-score-adj**=""
+   Tune the host's OOM preferences for containers (accepts -1000 to 1000)
+
+**-P**, **--publish-all**=*true*|*false*
+   Publish all exposed ports to random ports on the host interfaces. The default is *false*.
+
+   When set to true publish all exposed ports to the host interfaces. The
+default is false. If the operator uses -P (or -p) then Docker will make the
+exposed port accessible on the host and the ports will be available to any
+client that can reach the host. When using -P, Docker will bind any exposed
+port to a random port on the host within an *ephemeral port range* defined by
+`/proc/sys/net/ipv4/ip_local_port_range`. To find the mapping between the host
+ports and the exposed ports, use `docker port`.
+
+**-p**, **--publish**=[]
+   Publish a container's port, or range of ports, to the host.
+
+   Format: `ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort | containerPort`
+Both hostPort and containerPort can be specified as a range of ports.
+When specifying ranges for both, the number of container ports in the range must match the number of host ports in the range.
+(e.g., `docker run -p 1234-1236:1222-1224 --name thisWorks -t busybox`
+but not `docker run -p 1230-1236:1230-1240 --name RangeContainerPortsBiggerThanRangeHostPorts -t busybox`)
+With ip: `docker run -p 127.0.0.1:$HOSTPORT:$CONTAINERPORT --name CONTAINER -t someimage`
+Use `docker port` to see the actual mapping: `docker port CONTAINER $CONTAINERPORT`
+
+**--pid**=*host*
+   Set the PID mode for the container
+     **host**: use the host's PID namespace inside the container.
+     Note: the host mode gives the container full access to local PID and is therefore considered insecure.
+
+**--userns**=""
+   Set the usernamespace mode for the container when `userns-remap` option is enabled.
+     **host**: use the host usernamespace and enable all privileged options (e.g., `pid=host` or `--privileged`).
+
+**--pids-limit**=""
+   Tune the container's pids limit. Set `-1` to have unlimited pids for the container.
+
+**--uts**=*host*
+   Set the UTS mode for the container
+     **host**: use the host's UTS namespace inside the container.
+     Note: the host mode gives the container access to changing the host's hostname and is therefore considered insecure.
+
+**--privileged**=*true*|*false*
+   Give extended privileges to this container. The default is *false*.
+
+   By default, Docker containers are
+“unprivileged” (=false) and cannot, for example, run a Docker daemon inside the
+Docker container. This is because by default a container is not allowed to
+access any devices. A “privileged” container is given access to all devices.
+
+   When the operator executes **docker run --privileged**, Docker will enable access
+to all devices on the host as well as set some configuration in AppArmor to
+allow the container nearly all the same access to the host as processes running
+outside of a container on the host.
+
+**--read-only**=*true*|*false*
+   Mount the container's root filesystem as read only.
+
+   By default a container will have its root filesystem writable allowing processes
+to write files anywhere.  By specifying the `--read-only` flag the container will have
+its root filesystem mounted as read only prohibiting any writes.
+
+**--restart**="*no*"
+   Restart policy to apply when a container exits (no, on-failure[:max-retry], always, unless-stopped).
+
+**--rm**=*true*|*false*
+   Automatically remove the container when it exits (incompatible with -d). The default is *false*.
+
+**--security-opt**=[]
+   Security Options
+
+    "label=user:USER"   : Set the label user for the container
+    "label=role:ROLE"   : Set the label role for the container
+    "label=type:TYPE"   : Set the label type for the container
+    "label=level:LEVEL" : Set the label level for the container
+    "label=disable"     : Turn off label confinement for the container
+    "no-new-privileges" : Disable container processes from gaining additional privileges
+
+    "seccomp=unconfined" : Turn off seccomp confinement for the container
+    "seccomp=profile.json :  White listed syscalls seccomp Json file to be used as a seccomp filter
+
+    "apparmor=unconfined" : Turn off apparmor confinement for the container
+    "apparmor=your-profile" : Set the apparmor confinement profile for the container
+
+**--stop-signal**=*SIGTERM*
+  Signal to stop a container. Default is SIGTERM.
+
+**--shm-size**=""
+   Size of `/dev/shm`. The format is `<number><unit>`.
+   `number` must be greater than `0`.  Unit is optional and can be `b` (bytes), `k` (kilobytes), `m`(megabytes), or `g` (gigabytes).
+   If you omit the unit, the system uses bytes. If you omit the size entirely, the system uses `64m`.
+
+**--sig-proxy**=*true*|*false*
+   Proxy received signals to the process (non-TTY mode only). SIGCHLD, SIGSTOP, and SIGKILL are not proxied. The default is *true*.
+
+**--memory-swappiness**=""
+   Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100.
+
+**-t**, **--tty**=*true*|*false*
+   Allocate a pseudo-TTY. The default is *false*.
+
+   When set to true Docker can allocate a pseudo-tty and attach to the standard
+input of any container. This can be used, for example, to run a throwaway
+interactive shell. The default is false.
+
+The **-t** option is incompatible with a redirection of the docker client
+standard input.
+
+**--tmpfs**=[] Create a tmpfs mount
+
+   Mount a temporary filesystem (`tmpfs`) mount into a container, for example:
+
+   $ docker run -d --tmpfs /tmp:rw,size=787448k,mode=1777 my_image
+
+   This command mounts a `tmpfs` at `/tmp` within the container.  The supported mount
+options are the same as the Linux default `mount` flags. If you do not specify
+any options, the systems uses the following options:
+`rw,noexec,nosuid,nodev,size=65536k`.
+
+**-u**, **--user**=""
+   Sets the username or UID used and optionally the groupname or GID for the specified command.
+
+   The followings examples are all valid:
+   --user [user | user:group | uid | uid:gid | user:gid | uid:group ]
+
+   Without this argument the command will be run as root in the container.
+
+**--ulimit**=[]
+    Ulimit options
+
+**-v**|**--volume**[=*[[HOST-DIR:]CONTAINER-DIR[:OPTIONS]]*]
+   Create a bind mount. If you specify, ` -v /HOST-DIR:/CONTAINER-DIR`, Docker
+   bind mounts `/HOST-DIR` in the host to `/CONTAINER-DIR` in the Docker
+   container. If 'HOST-DIR' is omitted,  Docker automatically creates the new
+   volume on the host.  The `OPTIONS` are a comma delimited list and can be:
+
+   * [rw|ro]
+   * [z|Z]
+   * [`[r]shared`|`[r]slave`|`[r]private`]
+   * [nocopy]
+
+The `CONTAINER-DIR` must be an absolute path such as `/src/docs`. The `HOST-DIR`
+can be an absolute path or a `name` value. A `name` value must start with an
+alphanumeric character, followed by `a-z0-9`, `_` (underscore), `.` (period) or
+`-` (hyphen). An absolute path starts with a `/` (forward slash).
+
+If you supply a `HOST-DIR` that is an absolute path,  Docker bind-mounts to the
+path you specify. If you supply a `name`, Docker creates a named volume by that
+`name`. For example, you can specify either `/foo` or `foo` for a `HOST-DIR`
+value. If you supply the `/foo` value, Docker creates a bind-mount. If you
+supply the `foo` specification, Docker creates a named volume.
+
+You can specify multiple  **-v** options to mount one or more mounts to a
+container. To use these same mounts in other containers, specify the
+**--volumes-from** option also.
+
+You can add `:ro` or `:rw` suffix to a volume to mount it  read-only or
+read-write mode, respectively. By default, the volumes are mounted read-write.
+See examples.
+
+Labeling systems like SELinux require that proper labels are placed on volume
+content mounted into a container. Without a label, the security system might
+prevent the processes running inside the container from using the content. By
+default, Docker does not change the labels set by the OS.
+
+To change a label in the container context, you can add either of two suffixes
+`:z` or `:Z` to the volume mount. These suffixes tell Docker to relabel file
+objects on the shared volumes. The `z` option tells Docker that two containers
+share the volume content. As a result, Docker labels the content with a shared
+content label. Shared volume labels allow all containers to read/write content.
+The `Z` option tells Docker to label the content with a private unshared label.
+Only the current container can use a private volume.
+
+By default bind mounted volumes are `private`. That means any mounts done
+inside container will not be visible on host and vice-a-versa. One can change
+this behavior by specifying a volume mount propagation property. Making a
+volume `shared` mounts done under that volume inside container will be
+visible on host and vice-a-versa. Making a volume `slave` enables only one
+way mount propagation and that is mounts done on host under that volume
+will be visible inside container but not the other way around.
+
+To control mount propagation property of volume one can use `:[r]shared`,
+`:[r]slave` or `:[r]private` propagation flag. Propagation property can
+be specified only for bind mounted volumes and not for internal volumes or
+named volumes. For mount propagation to work source mount point (mount point
+where source dir is mounted on) has to have right propagation properties. For
+shared volumes, source mount point has to be shared. And for slave volumes,
+source mount has to be either shared or slave.
+
+Use `df <source-dir>` to figure out the source mount and then use
+`findmnt -o TARGET,PROPAGATION <source-mount-dir>` to figure out propagation
+properties of source mount. If `findmnt` utility is not available, then one
+can look at mount entry for source mount point in `/proc/self/mountinfo`. Look
+at `optional fields` and see if any propagaion properties are specified.
+`shared:X` means mount is `shared`, `master:X` means mount is `slave` and if
+nothing is there that means mount is `private`.
+
+To change propagation properties of a mount point use `mount` command. For
+example, if one wants to bind mount source directory `/foo` one can do
+`mount --bind /foo /foo` and `mount --make-private --make-shared /foo`. This
+will convert /foo into a `shared` mount point. Alternatively one can directly
+change propagation properties of source mount. Say `/` is source mount for
+`/foo`, then use `mount --make-shared /` to convert `/` into a `shared` mount.
+
+> **Note**:
+> When using systemd to manage the Docker daemon's start and stop, in the systemd
+> unit file there is an option to control mount propagation for the Docker daemon
+> itself, called `MountFlags`. The value of this setting may cause Docker to not
+> see mount propagation changes made on the mount point. For example, if this value
+> is `slave`, you may not be able to use the `shared` or `rshared` propagation on
+> a volume.
+
+To disable automatic copying of data from the container path to the volume, use
+the `nocopy` flag. The `nocopy` flag can be set on bind mounts and named volumes.
+
+**--volume-driver**=""
+   Container's volume driver. This driver creates volumes specified either from
+   a Dockerfile's `VOLUME` instruction or from the `docker run -v` flag.
+   See **docker-volume-create(1)** for full details.
+
+**--volumes-from**=[]
+   Mount volumes from the specified container(s)
+
+   Mounts already mounted volumes from a source container onto another
+   container. You must supply the source's container-id. To share
+   a volume, use the **--volumes-from** option when running
+   the target container. You can share volumes even if the source container
+   is not running.
+
+   By default, Docker mounts the volumes in the same mode (read-write or
+   read-only) as it is mounted in the source container. Optionally, you
+   can change this by suffixing the container-id with either the `:ro` or
+   `:rw ` keyword.
+
+   If the location of the volume from the source container overlaps with
+   data residing on a target container, then the volume hides
+   that data on the target.
+
+**-w**, **--workdir**=""
+   Working directory inside the container
+
+   The default working directory for
+running binaries within a container is the root directory (/). The developer can
+set a different default with the Dockerfile WORKDIR instruction. The operator
+can override the working directory by using the **-w** option.
+
+# Exit Status
+
+The exit code from `docker run` gives information about why the container
+failed to run or why it exited.  When `docker run` exits with a non-zero code,
+the exit codes follow the `chroot` standard, see below:
+
+**_125_** if the error is with Docker daemon **_itself_** 
+
+    $ docker run --foo busybox; echo $?
+    # flag provided but not defined: --foo
+      See 'docker run --help'.
+      125
+
+**_126_** if the **_contained command_** cannot be invoked
+
+    $ docker run busybox /etc; echo $?
+    # exec: "/etc": permission denied
+      docker: Error response from daemon: Contained command could not be invoked
+      126
+
+**_127_** if the **_contained command_** cannot be found
+
+    $ docker run busybox foo; echo $?
+    # exec: "foo": executable file not found in $PATH
+      docker: Error response from daemon: Contained command not found or does not exist
+      127
+
+**_Exit code_** of **_contained command_** otherwise 
+    
+    $ docker run busybox /bin/sh -c 'exit 3' 
+    # 3
+
+# EXAMPLES
+
+## Running container in read-only mode
+
+During container image development, containers often need to write to the image
+content.  Installing packages into /usr, for example.  In production,
+applications seldom need to write to the image.  Container applications write
+to volumes if they need to write to file systems at all.  Applications can be
+made more secure by running them in read-only mode using the --read-only switch.
+This protects the containers image from modification. Read only containers may
+still need to write temporary data.  The best way to handle this is to mount
+tmpfs directories on /run and /tmp.
+
+    # docker run --read-only --tmpfs /run --tmpfs /tmp -i -t fedora /bin/bash
+
+## Exposing log messages from the container to the host's log
+
+If you want messages that are logged in your container to show up in the host's
+syslog/journal then you should bind mount the /dev/log directory as follows.
+
+    # docker run -v /dev/log:/dev/log -i -t fedora /bin/bash
+
+From inside the container you can test this by sending a message to the log.
+
+    (bash)# logger "Hello from my container"
+
+Then exit and check the journal.
+
+    # exit
+
+    # journalctl -b | grep Hello
+
+This should list the message sent to logger.
+
+## Attaching to one or more from STDIN, STDOUT, STDERR
+
+If you do not specify -a then Docker will attach everything (stdin,stdout,stderr)
+. You can specify to which of the three standard streams (stdin, stdout, stderr)
+you’d like to connect instead, as in:
+
+    # docker run -a stdin -a stdout -i -t fedora /bin/bash
+
+## Sharing IPC between containers
+
+Using shm_server.c available here: https://www.cs.cf.ac.uk/Dave/C/node27.html
+
+Testing `--ipc=host` mode:
+
+Host shows a shared memory segment with 7 pids attached, happens to be from httpd:
+
+```
+ $ sudo ipcs -m
+
+ ------ Shared Memory Segments --------
+ key        shmid      owner      perms      bytes      nattch     status      
+ 0x01128e25 0          root       600        1000       7                       
+```
+
+Now run a regular container, and it correctly does NOT see the shared memory segment from the host:
+
+```
+ $ docker run -it shm ipcs -m
+
+ ------ Shared Memory Segments --------
+ key        shmid      owner      perms      bytes      nattch     status      
+```
+
+Run a container with the new `--ipc=host` option, and it now sees the shared memory segment from the host httpd:
+
+ ```
+ $ docker run -it --ipc=host shm ipcs -m
+
+ ------ Shared Memory Segments --------
+ key        shmid      owner      perms      bytes      nattch     status      
+ 0x01128e25 0          root       600        1000       7                   
+```
+Testing `--ipc=container:CONTAINERID` mode:
+
+Start a container with a program to create a shared memory segment:
+```
+ $ docker run -it shm bash
+ $ sudo shm/shm_server &
+ $ sudo ipcs -m
+
+ ------ Shared Memory Segments --------
+ key        shmid      owner      perms      bytes      nattch     status      
+ 0x0000162e 0          root       666        27         1                       
+```
+Create a 2nd container correctly shows no shared memory segment from 1st container:
+```
+ $ docker run shm ipcs -m
+
+ ------ Shared Memory Segments --------
+ key        shmid      owner      perms      bytes      nattch     status      
+```
+
+Create a 3rd container using the new --ipc=container:CONTAINERID option, now it shows the shared memory segment from the first:
+
+```
+ $ docker run -it --ipc=container:ed735b2264ac shm ipcs -m
+ $ sudo ipcs -m
+
+ ------ Shared Memory Segments --------
+ key        shmid      owner      perms      bytes      nattch     status      
+ 0x0000162e 0          root       666        27         1
+```
+
+## Linking Containers
+
+> **Note**: This section describes linking between containers on the
+> default (bridge) network, also known as "legacy links". Using `--link`
+> on user-defined networks uses the DNS-based discovery, which does not add
+> entries to `/etc/hosts`, and does not set environment variables for
+> discovery.
+
+The link feature allows multiple containers to communicate with each other. For
+example, a container whose Dockerfile has exposed port 80 can be run and named
+as follows:
+
+    # docker run --name=link-test -d -i -t fedora/httpd
+
+A second container, in this case called linker, can communicate with the httpd
+container, named link-test, by running with the **--link=<name>:<alias>**
+
+    # docker run -t -i --link=link-test:lt --name=linker fedora /bin/bash
+
+Now the container linker is linked to container link-test with the alias lt.
+Running the **env** command in the linker container shows environment variables
+ with the LT (alias) context (**LT_**)
+
+    # env
+    HOSTNAME=668231cb0978
+    TERM=xterm
+    LT_PORT_80_TCP=tcp://172.17.0.3:80
+    LT_PORT_80_TCP_PORT=80
+    LT_PORT_80_TCP_PROTO=tcp
+    LT_PORT=tcp://172.17.0.3:80
+    PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+    PWD=/
+    LT_NAME=/linker/lt
+    SHLVL=1
+    HOME=/
+    LT_PORT_80_TCP_ADDR=172.17.0.3
+    _=/usr/bin/env
+
+When linking two containers Docker will use the exposed ports of the container
+to create a secure tunnel for the parent to access.
+
+If a container is connected to the default bridge network and `linked`
+with other containers, then the container's `/etc/hosts` file is updated
+with the linked container's name.
+
+> **Note** Since Docker may live update the container’s `/etc/hosts` file, there
+may be situations when processes inside the container can end up reading an
+empty or incomplete `/etc/hosts` file. In most cases, retrying the read again
+should fix the problem.
+
+
+## Mapping Ports for External Usage
+
+The exposed port of an application can be mapped to a host port using the **-p**
+flag. For example, a httpd port 80 can be mapped to the host port 8080 using the
+following:
+
+    # docker run -p 8080:80 -d -i -t fedora/httpd
+
+## Creating and Mounting a Data Volume Container
+
+Many applications require the sharing of persistent data across several
+containers. Docker allows you to create a Data Volume Container that other
+containers can mount from. For example, create a named container that contains
+directories /var/volume1 and /tmp/volume2. The image will need to contain these
+directories so a couple of RUN mkdir instructions might be required for you
+fedora-data image:
+
+    # docker run --name=data -v /var/volume1 -v /tmp/volume2 -i -t fedora-data true
+    # docker run --volumes-from=data --name=fedora-container1 -i -t fedora bash
+
+Multiple --volumes-from parameters will bring together multiple data volumes from
+multiple containers. And it's possible to mount the volumes that came from the
+DATA container in yet another container via the fedora-container1 intermediary
+container, allowing to abstract the actual data source from users of that data:
+
+    # docker run --volumes-from=fedora-container1 --name=fedora-container2 -i -t fedora bash
+
+## Mounting External Volumes
+
+To mount a host directory as a container volume, specify the absolute path to
+the directory and the absolute path for the container directory separated by a
+colon:
+
+    # docker run -v /var/db:/data1 -i -t fedora bash
+
+When using SELinux, be aware that the host has no knowledge of container SELinux
+policy. Therefore, in the above example, if SELinux policy is enforced, the
+`/var/db` directory is not writable to the container. A "Permission Denied"
+message will occur and an avc: message in the host's syslog.
+
+
+To work around this, at time of writing this man page, the following command
+needs to be run in order for the proper SELinux policy type label to be attached
+to the host directory:
+
+    # chcon -Rt svirt_sandbox_file_t /var/db
+
+
+Now, writing to the /data1 volume in the container will be allowed and the
+changes will also be reflected on the host in /var/db.
+
+## Using alternative security labeling
+
+You can override the default labeling scheme for each container by specifying
+the `--security-opt` flag. For example, you can specify the MCS/MLS level, a
+requirement for MLS systems. Specifying the level in the following command
+allows you to share the same content between containers.
+
+    # docker run --security-opt label=level:s0:c100,c200 -i -t fedora bash
+
+An MLS example might be:
+
+    # docker run --security-opt label=level:TopSecret -i -t rhel7 bash
+
+To disable the security labeling for this container versus running with the
+`--permissive` flag, use the following command:
+
+    # docker run --security-opt label=disable -i -t fedora bash
+
+If you want a tighter security policy on the processes within a container,
+you can specify an alternate type for the container. You could run a container
+that is only allowed to listen on Apache ports by executing the following
+command:
+
+    # docker run --security-opt label=type:svirt_apache_t -i -t centos bash
+
+Note:
+
+You would have to write policy defining a `svirt_apache_t` type.
+
+## Setting device weight
+
+If you want to set `/dev/sda` device weight to `200`, you can specify the device
+weight by `--blkio-weight-device` flag. Use the following command:
+
+   # docker run -it --blkio-weight-device "/dev/sda:200" ubuntu
+
+## Specify isolation technology for container (--isolation)
+
+This option is useful in situations where you are running Docker containers on
+Microsoft Windows. The `--isolation <value>` option sets a container's isolation
+technology. On Linux, the only supported is the `default` option which uses
+Linux namespaces. These two commands are equivalent on Linux:
+
+```
+$ docker run -d busybox top
+$ docker run -d --isolation default busybox top
+```
+
+On Microsoft Windows, can take any of these values:
+
+* `default`: Use the value specified by the Docker daemon's `--exec-opt` . If the `daemon` does not specify an isolation technology, Microsoft Windows uses `process` as its default value.
+* `process`: Namespace isolation only.
+* `hyperv`: Hyper-V hypervisor partition-based isolation.
+
+In practice, when running on Microsoft Windows without a `daemon` option set,  these two commands are equivalent:
+
+```
+$ docker run -d --isolation default busybox top
+$ docker run -d --isolation process busybox top
+```
+
+If you have set the `--exec-opt isolation=hyperv` option on the Docker `daemon`, any of these commands also result in `hyperv` isolation:
+
+```
+$ docker run -d --isolation default busybox top
+$ docker run -d --isolation hyperv busybox top
+```
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+July 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+November 2015, updated by Sally O'Malley <somalley@redhat.com>
diff --git a/man/docker-save.1.md b/man/docker-save.1.md
new file mode 100644
index 00000000..1d1de8a1
--- /dev/null
+++ b/man/docker-save.1.md
@@ -0,0 +1,45 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-save - Save one or more images to a tar archive (streamed to STDOUT by default)
+
+# SYNOPSIS
+**docker save**
+[**--help**]
+[**-o**|**--output**[=*OUTPUT*]]
+IMAGE [IMAGE...]
+
+# DESCRIPTION
+Produces a tarred repository to the standard output stream. Contains all
+parent layers, and all tags + versions, or specified repo:tag.
+
+Stream to a file instead of STDOUT by using **-o**.
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+**-o**, **--output**=""
+   Write to a file, instead of STDOUT
+
+# EXAMPLES
+
+Save all fedora repository images to a fedora-all.tar and save the latest
+fedora image to a fedora-latest.tar:
+
+    $ docker save fedora > fedora-all.tar
+    $ docker save --output=fedora-latest.tar fedora:latest
+    $ ls -sh fedora-all.tar
+    721M fedora-all.tar
+    $ ls -sh fedora-latest.tar
+    367M fedora-latest.tar
+
+# See also
+**docker-load(1)** to load an image from a tar archive on STDIN.
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+November 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
diff --git a/man/docker-search.1.md b/man/docker-search.1.md
new file mode 100644
index 00000000..a95c0237
--- /dev/null
+++ b/man/docker-search.1.md
@@ -0,0 +1,65 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-search - Search the Docker Hub for images
+
+# SYNOPSIS
+**docker search**
+[**--automated**]
+[**--help**]
+[**--no-trunc**]
+[**-s**|**--stars**[=*0*]]
+TERM
+
+# DESCRIPTION
+
+Search Docker Hub for images that match the specified `TERM`. The table
+of images returned displays the name, description (truncated by default), number
+of stars awarded, whether the image is official, and whether it is automated.
+
+*Note* - Search queries will only return up to 25 results
+
+# OPTIONS
+**--automated**=*true*|*false*
+   Only show automated builds. The default is *false*.
+
+**--help**
+  Print usage statement
+
+**--no-trunc**=*true*|*false*
+   Don't truncate output. The default is *false*.
+
+**-s**, **--stars**=*X*
+   Only displays with at least X stars. The default is zero.
+
+# EXAMPLES
+
+## Search Docker Hub for ranked images
+
+Search a registry for the term 'fedora' and only display those images
+ranked 3 or higher:
+
+    $ docker search -s 3 fedora
+    NAME                  DESCRIPTION                                    STARS OFFICIAL  AUTOMATED
+    mattdm/fedora         A basic Fedora image corresponding roughly...  50
+    fedora                (Semi) Official Fedora base image.             38
+    mattdm/fedora-small   A small Fedora image on which to build. Co...  8
+    goldmann/wildfly      A WildFly application server running on a ...  3               [OK]
+
+## Search Docker Hub for automated images
+
+Search Docker Hub for the term 'fedora' and only display automated images
+ranked 1 or higher:
+
+    $ docker search --automated -s 1 fedora
+    NAME               DESCRIPTION                                     STARS OFFICIAL  AUTOMATED
+    goldmann/wildfly   A WildFly application server running on a ...   3               [OK]
+    tutum/fedora-20    Fedora 20 image with SSH access. For the r...   1               [OK]
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+April 2015, updated by Mary Anthony for v2 <mary@docker.com>
+
diff --git a/man/docker-start.1.md b/man/docker-start.1.md
new file mode 100644
index 00000000..c00b0a16
--- /dev/null
+++ b/man/docker-start.1.md
@@ -0,0 +1,39 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-start - Start one or more containers
+
+# SYNOPSIS
+**docker start**
+[**-a**|**--attach**]
+[**--detach-keys**[=*[]*]]
+[**--help**]
+[**-i**|**--interactive**]
+CONTAINER [CONTAINER...]
+
+# DESCRIPTION
+
+Start one or more containers.
+
+# OPTIONS
+**-a**, **--attach**=*true*|*false*
+   Attach container's STDOUT and STDERR and forward all signals to the
+   process. The default is *false*.
+
+**--detach-keys**=""
+   Override the key sequence for detaching a container. Format is a single character `[a-Z]` or `ctrl-<value>` where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`.
+
+**--help**
+  Print usage statement
+
+**-i**, **--interactive**=*true*|*false*
+   Attach container's STDIN. The default is *false*.
+
+# See also
+**docker-stop(1)** to stop a container.
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
diff --git a/man/docker-stats.1.md b/man/docker-stats.1.md
new file mode 100644
index 00000000..520466b5
--- /dev/null
+++ b/man/docker-stats.1.md
@@ -0,0 +1,43 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-stats - Display a live stream of one or more containers' resource usage statistics
+
+# SYNOPSIS
+**docker stats**
+[**-a**|**--all**]
+[**--help**]
+[**--no-stream**]
+[CONTAINER...]
+
+# DESCRIPTION
+
+Display a live stream of one or more containers' resource usage statistics
+
+# OPTIONS
+**-a**, **--all**=*true*|*false*
+   Show all containers. Only running containers are shown by default. The default is *false*.
+
+**--help**
+  Print usage statement
+
+**--no-stream**=*true*|*false*
+  Disable streaming stats and only pull the first result, default setting is false.
+
+# EXAMPLES
+
+Running `docker stats` on all running containers
+
+    $ docker stats
+    CONTAINER           CPU %               MEM USAGE / LIMIT     MEM %               NET I/O             BLOCK I/O
+    1285939c1fd3        0.07%               796 KB / 64 MB        1.21%               788 B / 648 B       3.568 MB / 512 KB
+    9c76f7834ae2        0.07%               2.746 MB / 64 MB      4.29%               1.266 KB / 648 B    12.4 MB / 0 B
+    d1ea048f04e4        0.03%               4.583 MB / 64 MB      6.30%               2.854 KB / 648 B    27.7 MB / 0 B
+
+Running `docker stats` on multiple containers by name and id.
+
+    $ docker stats fervent_panini 5acfcb1b4fd1
+    CONTAINER           CPU %               MEM USAGE/LIMIT     MEM %               NET I/O
+    5acfcb1b4fd1        0.00%               115.2 MB/1.045 GB   11.03%              1.422 kB/648 B
+    fervent_panini      0.02%               11.08 MB/1.045 GB   1.06%               648 B/648 B
diff --git a/man/docker-stop.1.md b/man/docker-stop.1.md
new file mode 100644
index 00000000..fa377c92
--- /dev/null
+++ b/man/docker-stop.1.md
@@ -0,0 +1,30 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-stop - Stop a container by sending SIGTERM and then SIGKILL after a grace period
+
+# SYNOPSIS
+**docker stop**
+[**--help**]
+[**-t**|**--time**[=*10*]]
+CONTAINER [CONTAINER...]
+
+# DESCRIPTION
+Stop a container (Send SIGTERM, and then SIGKILL after
+ grace period)
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+**-t**, **--time**=*10*
+  Number of seconds to wait for the container to stop before killing it. Default is 10 seconds.
+
+#See also
+**docker-start(1)** to restart a stopped container.
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
diff --git a/man/docker-tag.1.md b/man/docker-tag.1.md
new file mode 100644
index 00000000..68c90b76
--- /dev/null
+++ b/man/docker-tag.1.md
@@ -0,0 +1,61 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-tag - Tag an image into a repository
+
+# SYNOPSIS
+**docker tag**
+[**--help**]
+IMAGE[:TAG] [REGISTRY_HOST/][USERNAME/]NAME[:TAG]
+
+# DESCRIPTION
+Assigns a new alias to an image in a registry. An alias refers to the
+entire image name including the optional `TAG` after the ':'. 
+
+If you do not specify a `REGISTRY_HOST`, the command uses Docker's public
+registry located at `registry-1.docker.io` by default. 
+
+# "OPTIONS"
+**--help**
+   Print usage statement.
+
+**REGISTRY_HOST**
+   The hostname of the registry if required. This may also include the port
+separated by a ':'
+
+**USERNAME**
+   The username or other qualifying identifier for the image.
+
+**NAME**
+   The image name.
+
+**TAG**
+   The tag you are assigning to the image.  Though this is arbitrary it is
+recommended to be used for a version to distinguish images with the same name.
+Also, for consistency tags should only include a-z0-9-_. .
+Note that here TAG is a part of the overall name or "tag".
+
+# EXAMPLES
+
+## Giving an image a new alias
+
+Here is an example of aliasing an image (e.g., 0e5574283393) as "httpd" and 
+tagging it into the "fedora" repository with "version1.0":
+
+    docker tag 0e5574283393 fedora/httpd:version1.0
+
+## Tagging an image for a private repository
+
+To push an image to a private registry and not the central Docker
+registry you must tag it with the registry hostname and port (if needed).
+
+    docker tag 0e5574283393 myregistryhost:5000/fedora/httpd:version1.0
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+July 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+April 2015, updated by Mary Anthony for v2 <mary@docker.com>
+June 2015, updated by Sally O'Malley <somalley@redhat.com>
diff --git a/man/docker-top.1.md b/man/docker-top.1.md
new file mode 100644
index 00000000..a666f7cd
--- /dev/null
+++ b/man/docker-top.1.md
@@ -0,0 +1,36 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-top - Display the running processes of a container
+
+# SYNOPSIS
+**docker top**
+[**--help**]
+CONTAINER [ps OPTIONS]
+
+# DESCRIPTION
+
+Display the running process of the container. ps-OPTION can be any of the options you would pass to a Linux ps command.
+
+All displayed information is from host's point of view.
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+# EXAMPLES
+
+Run **docker top** with the ps option of -x:
+
+    $ docker top 8601afda2b -x
+    PID      TTY       STAT       TIME         COMMAND
+    16623    ?         Ss         0:00         sleep 99999
+
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+June 2015, updated by Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
+December 2015, updated by Pavel Pospisil <pospispa@gmail.com>
diff --git a/man/docker-unpause.1.md b/man/docker-unpause.1.md
new file mode 100644
index 00000000..466e1bb1
--- /dev/null
+++ b/man/docker-unpause.1.md
@@ -0,0 +1,27 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-unpause - Unpause all processes within a container
+
+# SYNOPSIS
+**docker unpause**
+CONTAINER [CONTAINER...]
+
+# DESCRIPTION
+
+The `docker unpause` command uses the cgroups freezer to un-suspend all
+processes in a container.
+
+See the [cgroups freezer documentation]
+(https://www.kernel.org/doc/Documentation/cgroups/freezer-subsystem.txt) for
+further details.
+
+# OPTIONS
+There are no available options.
+
+# See also
+**docker-pause(1)** to pause all processes within a container.
+
+# HISTORY
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
diff --git a/man/docker-update.1.md b/man/docker-update.1.md
new file mode 100644
index 00000000..87849ef8
--- /dev/null
+++ b/man/docker-update.1.md
@@ -0,0 +1,108 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-update - Update configuration of one or more containers
+
+# SYNOPSIS
+**docker update**
+[**--blkio-weight**[=*[BLKIO-WEIGHT]*]]
+[**--cpu-shares**[=*0*]]
+[**--cpu-period**[=*0*]]
+[**--cpu-quota**[=*0*]]
+[**--cpuset-cpus**[=*CPUSET-CPUS*]]
+[**--cpuset-mems**[=*CPUSET-MEMS*]]
+[**--help**]
+[**--kernel-memory**[=*KERNEL-MEMORY*]]
+[**-m**|**--memory**[=*MEMORY*]]
+[**--memory-reservation**[=*MEMORY-RESERVATION*]]
+[**--memory-swap**[=*MEMORY-SWAP*]]
+[**--restart**[=*""*]]
+CONTAINER [CONTAINER...]
+
+# DESCRIPTION
+
+The `docker update` command dynamically updates container configuration.
+you can Use this command to prevent containers from consuming too many 
+resources from their Docker host.  With a single command, you can place 
+limits on a single container or on many. To specify more than one container,
+provide space-separated list of container names or IDs.
+
+With the exception of the `--kernel-memory` value, you can specify these
+options on a running or a stopped container. You can only update
+`--kernel-memory` on a stopped container. When you run `docker update` on
+stopped container, the next time you restart it, the container uses those
+values.
+
+Another configuration you can change with this command is restart policy,
+new restart policy will take effect instantly after you run `docker update`
+on a container.
+
+# OPTIONS
+**--blkio-weight**=0
+   Block IO weight (relative weight) accepts a weight value between 10 and 1000.
+
+**--cpu-shares**=0
+   CPU shares (relative weight)
+
+**--cpu-period**=0
+   Limit the CPU CFS (Completely Fair Scheduler) period
+
+**--cpu-quota**=0
+   Limit the CPU CFS (Completely Fair Scheduler) quota
+
+**--cpuset-cpus**=""
+   CPUs in which to allow execution (0-3, 0,1)
+
+**--cpuset-mems**=""
+   Memory nodes(MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems.
+
+**--help**
+   Print usage statement
+
+**--kernel-memory**=""
+   Kernel memory limit (format: `<number>[<unit>]`, where unit = b, k, m or g)
+
+   Note that you can not update kernel memory to a running container, it can only
+be updated to a stopped container, and affect after it's started.
+
+**-m**, **--memory**=""
+   Memory limit (format: <number><optional unit>, where unit = b, k, m or g)
+
+**--memory-reservation**=""
+   Memory soft limit (format: <number>[<unit>], where unit = b, k, m or g)
+
+**--memory-swap**=""
+   Total memory limit (memory + swap)
+
+**--restart**=""
+   Restart policy to apply when a container exits (no, on-failure[:max-retry], always, unless-stopped).
+
+# EXAMPLES
+
+The following sections illustrate ways to use this command.
+
+### Update a container with cpu-shares=512
+
+To limit a container's cpu-shares to 512, first identify the container
+name or ID. You can use **docker ps** to find these values. You can also
+use the ID returned from the **docker run** command.  Then, do the following:
+
+```bash
+$ docker update --cpu-shares 512 abebf7571666
+```
+
+### Update a container with cpu-shares and memory
+
+To update multiple resource configurations for multiple containers:
+
+```bash
+$ docker update --cpu-shares 512 -m 300M abebf7571666 hopeful_morse
+```
+
+### Update a container's restart policy
+
+To update restart policy for one or more containers:
+```bash
+$ docker update --restart=on-failure:3 abebf7571666 hopeful_morse
+```
diff --git a/man/docker-version.1.md b/man/docker-version.1.md
new file mode 100644
index 00000000..04ae3464
--- /dev/null
+++ b/man/docker-version.1.md
@@ -0,0 +1,62 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2015
+# NAME
+docker-version - Show the Docker version information.
+
+# SYNOPSIS
+**docker version**
+[**--help**]
+[**-f**|**--format**[=*FORMAT*]]
+
+# DESCRIPTION
+This command displays version information for both the Docker client and 
+daemon. 
+
+# OPTIONS
+**--help**
+    Print usage statement
+
+**-f**, **--format**=""
+    Format the output using the given go template.
+
+# EXAMPLES
+
+## Display Docker version information
+
+The default output:
+
+    $ docker version
+	Client:
+	 Version:      1.8.0
+	 API version:  1.20
+	 Go version:   go1.4.2
+	 Git commit:   f5bae0a
+	 Built:        Tue Jun 23 17:56:00 UTC 2015
+	 OS/Arch:      linux/amd64
+
+	Server:
+	 Version:      1.8.0
+	 API version:  1.20
+	 Go version:   go1.4.2
+	 Git commit:   f5bae0a
+	 Built:        Tue Jun 23 17:56:00 UTC 2015
+	 OS/Arch:      linux/amd64
+
+Get server version:
+
+    $ docker version --format '{{.Server.Version}}'
+	1.8.0
+
+Dump raw data:
+
+To view all available fields, you can use the format `{{json .}}`.
+
+    $ docker version --format '{{json .}}'
+    {"Client":{"Version":"1.8.0","ApiVersion":"1.20","GitCommit":"f5bae0a","GoVersion":"go1.4.2","Os":"linux","Arch":"amd64","BuildTime":"Tue Jun 23 17:56:00 UTC 2015"},"ServerOK":true,"Server":{"Version":"1.8.0","ApiVersion":"1.20","GitCommit":"f5bae0a","GoVersion":"go1.4.2","Os":"linux","Arch":"amd64","KernelVersion":"3.13.2-gentoo","BuildTime":"Tue Jun 23 17:56:00 UTC 2015"}}
+
+	
+# HISTORY
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
+June 2015, updated by John Howard <jhoward@microsoft.com>
+June 2015, updated by Patrick Hemmer <patrick.hemmer@gmail.com
diff --git a/man/docker-volume-create.1.md b/man/docker-volume-create.1.md
new file mode 100644
index 00000000..e71a2f1d
--- /dev/null
+++ b/man/docker-volume-create.1.md
@@ -0,0 +1,65 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JULY 2015
+# NAME
+docker-volume-create - Create a new volume
+
+# SYNOPSIS
+**docker volume create**
+[**-d**|**--driver**[=*DRIVER*]]
+[**--help**]
+[**--label**[=*[]*]]
+[**--name**[=*NAME*]]
+[**-o**|**--opt**[=*[]*]]
+
+# DESCRIPTION
+
+Creates a new volume that containers can consume and store data in. If a name is not specified, Docker generates a random name. You create a volume and then configure the container to use it, for example:
+
+    $ docker volume create --name hello
+    hello
+    $ docker run -d -v hello:/world busybox ls /world
+
+The mount is created inside the container's `/src` directory. Docker doesn't not support relative paths for mount points inside the container. 
+
+Multiple containers can use the same volume in the same time period. This is useful if two containers need access to shared data. For example, if one container writes and the other reads the data.
+
+## Driver specific options
+
+Some volume drivers may take options to customize the volume creation. Use the `-o` or `--opt` flags to pass driver options:
+
+    $ docker volume create --driver fake --opt tardis=blue --opt timey=wimey
+
+These options are passed directly to the volume driver. Options for
+different volume drivers may do different things (or nothing at all).
+
+The built-in `local` driver on Windows does not support any options.
+
+The built-in `local` driver on Linux accepts options similar to the linux `mount`
+command:
+
+    $ docker volume create --driver local --opt type=tmpfs --opt device=tmpfs --opt o=size=100m,uid=1000
+
+Another example:
+
+    $ docker volume create --driver local --opt type=btrfs --opt device=/dev/sda2
+
+
+# OPTIONS
+**-d**, **--driver**="*local*"
+  Specify volume driver name
+
+**--help**
+  Print usage statement
+
+**--label**=*label*
+   Set metadata for a volume
+
+**--name**=""
+  Specify volume name
+
+**-o**, **--opt**=[]
+  Set driver specific options
+
+# HISTORY
+July 2015, created by Brian Goff <cpuguy83@gmail.com>
diff --git a/man/docker-volume-inspect.1.md b/man/docker-volume-inspect.1.md
new file mode 100644
index 00000000..6097e96e
--- /dev/null
+++ b/man/docker-volume-inspect.1.md
@@ -0,0 +1,29 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JULY 2015
+# NAME
+docker-volume-inspect - Get low-level information about a volume
+
+# SYNOPSIS
+**docker volume inspect**
+[**-f**|**--format**[=*FORMAT*]]
+[**--help**]
+VOLUME [VOLUME...]
+
+# DESCRIPTION
+
+Returns information about one or more volumes. By default, this command renders all results
+in a JSON array. You can specify an alternate format to execute a given template
+is executed for each result. Go's
+http://golang.org/pkg/text/template/ package describes all the details of the
+format.
+
+# OPTIONS
+**-f**, **--format**=""
+  Format the output using the given go template.
+
+**--help**
+  Print usage statement
+
+# HISTORY
+July 2015, created by Brian Goff <cpuguy83@gmail.com>
diff --git a/man/docker-volume-ls.1.md b/man/docker-volume-ls.1.md
new file mode 100644
index 00000000..b115a039
--- /dev/null
+++ b/man/docker-volume-ls.1.md
@@ -0,0 +1,30 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JULY 2015
+# NAME
+docker-volume-ls - List all volumes
+
+# SYNOPSIS
+**docker volume ls**
+[**-f**|**--filter**[=*FILTER*]]
+[**--help**]
+[**-q**|**--quiet**[=*true*|*false*]]
+
+# DESCRIPTION
+
+Lists all the volumes Docker knows about. You can filter using the `-f` or `--filter` flag. The filtering format is a `key=value` pair. To specify more than one filter,  pass multiple flags (for example,  `--filter "foo=bar" --filter "bif=baz"`)
+
+There is a single supported filter `dangling=value` which takes a boolean of `true` or `false`.
+
+# OPTIONS
+**-f**, **--filter**=""
+  Provide filter values (i.e. 'dangling=true')
+
+**--help**
+  Print usage statement
+
+**-q**, **--quiet**=*true*|*false*
+  Only display volume names
+
+# HISTORY
+July 2015, created by Brian Goff <cpuguy83@gmail.com>
diff --git a/man/docker-volume-rm.1.md b/man/docker-volume-rm.1.md
new file mode 100644
index 00000000..876700d4
--- /dev/null
+++ b/man/docker-volume-rm.1.md
@@ -0,0 +1,26 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JULY 2015
+# NAME
+docker-volume-rm - Remove a volume
+
+# SYNOPSIS
+**docker volume rm**
+[**--help**]
+VOLUME [VOLUME...]
+
+# DESCRIPTION
+
+Removes one or more volumes. You cannot remove a volume that is in use by a container.
+
+  ```
+  $ docker volume rm hello
+  hello
+  ```
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+# HISTORY
+July 2015, created by Brian Goff <cpuguy83@gmail.com>
diff --git a/man/docker-volume.1.md b/man/docker-volume.1.md
new file mode 100644
index 00000000..5ba8fc4b
--- /dev/null
+++ b/man/docker-volume.1.md
@@ -0,0 +1,51 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% Feb 2016
+# NAME
+docker-volume - Create a new volume
+
+# SYNOPSIS
+**docker volume** [OPTIONS] COMMAND
+[**--help**]
+
+# DESCRIPTION
+
+docker volume has subcommands for managing data volumes.
+
+## Data volumes
+
+The `docker volume` command has subcommands for managing data volumes. A data volume is a specially-designated directory that by-passes storage driver management.
+
+Data volumes persist data independent of a container's life cycle. When you delete a container, the Engine daemon does not delete any data volumes. You can share volumes across multiple containers. Moreover, you can share data volumes with other computing resources in your system.
+
+To see help for a subcommand, use:
+
+```
+docker volume CMD help
+```
+
+For full details on using docker volume visit Docker's online documentation.
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+# COMMANDS
+**create**
+  Create a volume
+  See **docker-volume-create(1)** for full documentation on the **create** command.
+
+**inspect**
+  Return low-level information on a volume
+  See **docker-volume-inspect(1)** for full documentation on the **inspect** command.
+
+**ls**
+  List volumes
+  See **docker-volume-ls(1)** for full documentation on the **ls** command.
+
+**rm**
+  Remove a volume
+  See **docker-volume-rm(1)** for full documentation on the **rm** command.
+
+# HISTORY
+Feb 2016, created by Dan Walsh <dwalsh@redhat.com>
diff --git a/man/docker-wait.1.md b/man/docker-wait.1.md
new file mode 100644
index 00000000..5f07bacc
--- /dev/null
+++ b/man/docker-wait.1.md
@@ -0,0 +1,30 @@
+% DOCKER(1) Docker User Manuals
+% Docker Community
+% JUNE 2014
+# NAME
+docker-wait - Block until a container stops, then print its exit code.
+
+# SYNOPSIS
+**docker wait**
+[**--help**]
+CONTAINER [CONTAINER...]
+
+# DESCRIPTION
+
+Block until a container stops, then print its exit code.
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+# EXAMPLES
+
+    $ docker run -d fedora sleep 99
+    079b83f558a2bc52ecad6b2a5de13622d584e6bb1aea058c11b36511e85e7622
+    $ docker wait 079b83f558a2bc
+    0
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com)
+based on docker.com source material and internal work.
+June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
diff --git a/man/docker.1.md b/man/docker.1.md
new file mode 100644
index 00000000..6f4f6ab8
--- /dev/null
+++ b/man/docker.1.md
@@ -0,0 +1,244 @@
+% DOCKER(1) Docker User Manuals
+% William Henry
+% APRIL 2014
+# NAME
+docker \- Docker image and container command line interface
+
+# SYNOPSIS
+**docker** [OPTIONS] COMMAND [arg...]
+
+**docker** daemon [--help|...]
+
+**docker** [--help|-v|--version]
+
+# DESCRIPTION
+**docker** has two distinct functions. It is used for starting the Docker
+daemon and to run the CLI (i.e., to command the daemon to manage images,
+containers etc.) So **docker** is both a server, as a daemon, and a client
+to the daemon, through the CLI.
+
+To run the Docker daemon you can specify **docker daemon**.
+You can view the daemon options using **docker daemon --help**.
+To see the man page for the daemon, run **man docker daemon**.
+
+The Docker CLI has over 30 commands. The commands are listed below and each has
+its own man page which explain usage and arguments.
+
+To see the man page for a command run **man docker <command>**.
+
+# OPTIONS
+**--help**
+  Print usage statement
+
+**--config**=""
+  Specifies the location of the Docker client configuration files. The default is '~/.docker'.
+
+**-D**, **--debug**=*true*|*false*
+  Enable debug mode. Default is false.
+
+**-H**, **--host**=[*unix:///var/run/docker.sock*]: tcp://[host]:[port][path] to bind or
+unix://[/path/to/socket] to use.
+  The socket(s) to bind to in daemon mode specified using one or more
+  tcp://host:port/path, unix:///path/to/socket, fd://* or fd://socketfd.
+  If the tcp port is not specified, then it will default to either `2375` when
+  `--tls` is off, or `2376` when `--tls` is on, or `--tlsverify` is specified.
+
+**-l**, **--log-level**="*debug*|*info*|*warn*|*error*|*fatal*"
+  Set the logging level. Default is `info`.
+
+**--tls**=*true*|*false*
+  Use TLS; implied by --tlsverify. Default is false.
+
+**--tlscacert**=*~/.docker/ca.pem*
+  Trust certs signed only by this CA.
+
+**--tlscert**=*~/.docker/cert.pem*
+  Path to TLS certificate file.
+
+**--tlskey**=*~/.docker/key.pem*
+  Path to TLS key file.
+
+**--tlsverify**=*true*|*false*
+  Use TLS and verify the remote (daemon: verify client, client: verify daemon).
+  Default is false.
+
+**-v**, **--version**=*true*|*false*
+  Print version information and quit. Default is false.
+
+# COMMANDS
+**attach**
+  Attach to a running container
+  See **docker-attach(1)** for full documentation on the **attach** command.
+
+**build**
+  Build an image from a Dockerfile
+  See **docker-build(1)** for full documentation on the **build** command.
+
+**commit**
+  Create a new image from a container's changes
+  See **docker-commit(1)** for full documentation on the **commit** command.
+
+**cp**
+  Copy files/folders between a container and the local filesystem
+  See **docker-cp(1)** for full documentation on the **cp** command.
+
+**create**
+  Create a new container
+  See **docker-create(1)** for full documentation on the **create** command.
+
+**diff**
+  Inspect changes on a container's filesystem
+  See **docker-diff(1)** for full documentation on the **diff** command.
+
+**events**
+  Get real time events from the server
+  See **docker-events(1)** for full documentation on the **events** command.
+
+**exec**
+  Run a command in a running container
+  See **docker-exec(1)** for full documentation on the **exec** command.
+
+**export**
+  Stream the contents of a container as a tar archive
+  See **docker-export(1)** for full documentation on the **export** command.
+
+**history**
+  Show the history of an image
+  See **docker-history(1)** for full documentation on the **history** command.
+
+**images**
+  List images
+  See **docker-images(1)** for full documentation on the **images** command.
+
+**import**
+  Create a new filesystem image from the contents of a tarball
+  See **docker-import(1)** for full documentation on the **import** command.
+
+**info**
+  Display system-wide information
+  See **docker-info(1)** for full documentation on the **info** command.
+
+**inspect**
+  Return low-level information on a container or image
+  See **docker-inspect(1)** for full documentation on the **inspect** command.
+
+**kill**
+  Kill a running container (which includes the wrapper process and everything
+inside it)
+  See **docker-kill(1)** for full documentation on the **kill** command.
+
+**load**
+  Load an image from a tar archive
+  See **docker-load(1)** for full documentation on the **load** command.
+
+**login**
+  Log in to a Docker Registry
+  See **docker-login(1)** for full documentation on the **login** command.
+
+**logout**
+  Log the user out of a Docker Registry
+  See **docker-logout(1)** for full documentation on the **logout** command.
+
+**logs**
+  Fetch the logs of a container
+  See **docker-logs(1)** for full documentation on the **logs** command.
+
+**pause**
+  Pause all processes within a container
+  See **docker-pause(1)** for full documentation on the **pause** command.
+
+**port**
+  Lookup the public-facing port which is NAT-ed to PRIVATE_PORT
+  See **docker-port(1)** for full documentation on the **port** command.
+
+**ps**
+  List containers
+  See **docker-ps(1)** for full documentation on the **ps** command.
+
+**pull**
+  Pull an image or a repository from a Docker Registry
+  See **docker-pull(1)** for full documentation on the **pull** command.
+
+**push**
+  Push an image or a repository to a Docker Registry
+  See **docker-push(1)** for full documentation on the **push** command.
+
+**rename**
+  Rename a container.
+  See **docker-rename(1)** for full documentation on the **rename** command.
+
+**restart**
+  Restart a container
+  See **docker-restart(1)** for full documentation on the **restart** command.
+
+**rm**
+  Remove one or more containers
+  See **docker-rm(1)** for full documentation on the **rm** command.
+
+**rmi**
+  Remove one or more images
+  See **docker-rmi(1)** for full documentation on the **rmi** command.
+
+**run**
+  Run a command in a new container
+  See **docker-run(1)** for full documentation on the **run** command.
+
+**save**
+  Save an image to a tar archive
+  See **docker-save(1)** for full documentation on the **save** command.
+
+**search**
+  Search for an image in the Docker index
+  See **docker-search(1)** for full documentation on the **search** command.
+
+**start**
+  Start a container
+  See **docker-start(1)** for full documentation on the **start** command.
+
+**stats**
+  Display a live stream of one or more containers' resource usage statistics
+  See **docker-stats(1)** for full documentation on the **stats** command.
+
+**stop**
+  Stop a container
+  See **docker-stop(1)** for full documentation on the **stop** command.
+
+**tag**
+  Tag an image into a repository
+  See **docker-tag(1)** for full documentation on the **tag** command.
+
+**top**
+  Lookup the running processes of a container
+  See **docker-top(1)** for full documentation on the **top** command.
+
+**unpause**
+  Unpause all processes within a container
+  See **docker-unpause(1)** for full documentation on the **unpause** command.
+
+**version**
+  Show the Docker version information
+  See **docker-version(1)** for full documentation on the **version** command.
+
+**wait**
+  Block until a container stops, then print its exit code
+  See **docker-wait(1)** for full documentation on the **wait** command.
+
+
+# RUNTIME EXECUTION OPTIONS
+
+Use the **--exec-opt** flags to specify options to the execution driver.
+The following options are available:
+
+#### native.cgroupdriver
+Specifies the management of the container's `cgroups`. You can specify `cgroupfs`
+or `systemd`. If you specify `systemd` and it is not available, the system errors
+out.
+
+#### Client
+For specific client examples please see the man page for the specific Docker
+command. For example:
+
+    man docker-run
+
+# HISTORY
+April 2014, Originally compiled by William Henry (whenry at redhat dot com) based on docker.com source material and internal work.
diff --git a/man/md2man-all.sh b/man/md2man-all.sh
new file mode 100755
index 00000000..97c65c93
--- /dev/null
+++ b/man/md2man-all.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+set -e
+
+# get into this script's directory
+cd "$(dirname "$(readlink -f "$BASH_SOURCE")")"
+
+[ "$1" = '-q' ] || {
+	set -x
+	pwd
+}
+
+for FILE in *.md; do
+	base="$(basename "$FILE")"
+	name="${base%.md}"
+	num="${name##*.}"
+	if [ -z "$num" -o "$name" = "$num" ]; then
+		# skip files that aren't of the format xxxx.N.md (like README.md)
+		continue
+	fi
+	mkdir -p "./man${num}"
+	go-md2man -in "$FILE" -out "./man${num}/${name}"
+done
diff --git a/migrate/v1/migratev1.go b/migrate/v1/migratev1.go
new file mode 100644
index 00000000..aa9d48cb
--- /dev/null
+++ b/migrate/v1/migratev1.go
@@ -0,0 +1,508 @@
+package v1
+
+import (
+	"errors"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"runtime"
+	"strconv"
+	"sync"
+	"time"
+
+	"encoding/json"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/distribution/metadata"
+	"github.com/docker/docker/image"
+	imagev1 "github.com/docker/docker/image/v1"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/reference"
+)
+
+type graphIDRegistrar interface {
+	RegisterByGraphID(string, layer.ChainID, layer.DiffID, string, int64) (layer.Layer, error)
+	Release(layer.Layer) ([]layer.Metadata, error)
+}
+
+type graphIDMounter interface {
+	CreateRWLayerByGraphID(string, string, layer.ChainID) error
+}
+
+type checksumCalculator interface {
+	ChecksumForGraphID(id, parent, oldTarDataPath, newTarDataPath string) (diffID layer.DiffID, size int64, err error)
+}
+
+const (
+	graphDirName                 = "graph"
+	tarDataFileName              = "tar-data.json.gz"
+	migrationFileName            = ".migration-v1-images.json"
+	migrationTagsFileName        = ".migration-v1-tags"
+	migrationDiffIDFileName      = ".migration-diffid"
+	migrationSizeFileName        = ".migration-size"
+	migrationTarDataFileName     = ".migration-tardata"
+	containersDirName            = "containers"
+	configFileNameLegacy         = "config.json"
+	configFileName               = "config.v2.json"
+	repositoriesFilePrefixLegacy = "repositories-"
+)
+
+var (
+	errUnsupported = errors.New("migration is not supported")
+)
+
+// Migrate takes an old graph directory and transforms the metadata into the
+// new format.
+func Migrate(root, driverName string, ls layer.Store, is image.Store, rs reference.Store, ms metadata.Store) error {
+	graphDir := filepath.Join(root, graphDirName)
+	if _, err := os.Lstat(graphDir); os.IsNotExist(err) {
+		return nil
+	}
+
+	mappings, err := restoreMappings(root)
+	if err != nil {
+		return err
+	}
+
+	if cc, ok := ls.(checksumCalculator); ok {
+		CalculateLayerChecksums(root, cc, mappings)
+	}
+
+	if registrar, ok := ls.(graphIDRegistrar); !ok {
+		return errUnsupported
+	} else if err := migrateImages(root, registrar, is, ms, mappings); err != nil {
+		return err
+	}
+
+	err = saveMappings(root, mappings)
+	if err != nil {
+		return err
+	}
+
+	if mounter, ok := ls.(graphIDMounter); !ok {
+		return errUnsupported
+	} else if err := migrateContainers(root, mounter, is, mappings); err != nil {
+		return err
+	}
+
+	if err := migrateRefs(root, driverName, rs, mappings); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// CalculateLayerChecksums walks an old graph directory and calculates checksums
+// for each layer. These checksums are later used for migration.
+func CalculateLayerChecksums(root string, ls checksumCalculator, mappings map[string]image.ID) {
+	graphDir := filepath.Join(root, graphDirName)
+	// spawn some extra workers also for maximum performance because the process is bounded by both cpu and io
+	workers := runtime.NumCPU() * 3
+	workQueue := make(chan string, workers)
+
+	wg := sync.WaitGroup{}
+
+	for i := 0; i < workers; i++ {
+		wg.Add(1)
+		go func() {
+			for id := range workQueue {
+				start := time.Now()
+				if err := calculateLayerChecksum(graphDir, id, ls); err != nil {
+					logrus.Errorf("could not calculate checksum for %q, %q", id, err)
+				}
+				elapsed := time.Since(start)
+				logrus.Debugf("layer %s took %.2f seconds", id, elapsed.Seconds())
+			}
+			wg.Done()
+		}()
+	}
+
+	dir, err := ioutil.ReadDir(graphDir)
+	if err != nil {
+		logrus.Errorf("could not read directory %q", graphDir)
+		return
+	}
+	for _, v := range dir {
+		v1ID := v.Name()
+		if err := imagev1.ValidateID(v1ID); err != nil {
+			continue
+		}
+		if _, ok := mappings[v1ID]; ok { // support old migrations without helper files
+			continue
+		}
+		workQueue <- v1ID
+	}
+	close(workQueue)
+	wg.Wait()
+}
+
+func calculateLayerChecksum(graphDir, id string, ls checksumCalculator) error {
+	diffIDFile := filepath.Join(graphDir, id, migrationDiffIDFileName)
+	if _, err := os.Lstat(diffIDFile); err == nil {
+		return nil
+	} else if !os.IsNotExist(err) {
+		return err
+	}
+
+	parent, err := getParent(filepath.Join(graphDir, id))
+	if err != nil {
+		return err
+	}
+
+	diffID, size, err := ls.ChecksumForGraphID(id, parent, filepath.Join(graphDir, id, tarDataFileName), filepath.Join(graphDir, id, migrationTarDataFileName))
+	if err != nil {
+		return err
+	}
+
+	if err := ioutil.WriteFile(filepath.Join(graphDir, id, migrationSizeFileName), []byte(strconv.Itoa(int(size))), 0600); err != nil {
+		return err
+	}
+
+	tmpFile := filepath.Join(graphDir, id, migrationDiffIDFileName+".tmp")
+	if err := ioutil.WriteFile(tmpFile, []byte(diffID), 0600); err != nil {
+		return err
+	}
+
+	if err := os.Rename(tmpFile, filepath.Join(graphDir, id, migrationDiffIDFileName)); err != nil {
+		return err
+	}
+
+	logrus.Infof("calculated checksum for layer %s: %s", id, diffID)
+	return nil
+}
+
+func restoreMappings(root string) (map[string]image.ID, error) {
+	mappings := make(map[string]image.ID)
+
+	mfile := filepath.Join(root, migrationFileName)
+	f, err := os.Open(mfile)
+	if err != nil && !os.IsNotExist(err) {
+		return nil, err
+	} else if err == nil {
+		err := json.NewDecoder(f).Decode(&mappings)
+		if err != nil {
+			f.Close()
+			return nil, err
+		}
+		f.Close()
+	}
+
+	return mappings, nil
+}
+
+func saveMappings(root string, mappings map[string]image.ID) error {
+	mfile := filepath.Join(root, migrationFileName)
+	f, err := os.OpenFile(mfile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+	if err := json.NewEncoder(f).Encode(mappings); err != nil {
+		return err
+	}
+	return nil
+}
+
+func migrateImages(root string, ls graphIDRegistrar, is image.Store, ms metadata.Store, mappings map[string]image.ID) error {
+	graphDir := filepath.Join(root, graphDirName)
+
+	dir, err := ioutil.ReadDir(graphDir)
+	if err != nil {
+		return err
+	}
+	for _, v := range dir {
+		v1ID := v.Name()
+		if err := imagev1.ValidateID(v1ID); err != nil {
+			continue
+		}
+		if _, exists := mappings[v1ID]; exists {
+			continue
+		}
+		if err := migrateImage(v1ID, root, ls, is, ms, mappings); err != nil {
+			continue
+		}
+	}
+
+	return nil
+}
+
+func migrateContainers(root string, ls graphIDMounter, is image.Store, imageMappings map[string]image.ID) error {
+	containersDir := filepath.Join(root, containersDirName)
+	dir, err := ioutil.ReadDir(containersDir)
+	if err != nil {
+		return err
+	}
+	for _, v := range dir {
+		id := v.Name()
+
+		if _, err := os.Stat(filepath.Join(containersDir, id, configFileName)); err == nil {
+			continue
+		}
+
+		containerJSON, err := ioutil.ReadFile(filepath.Join(containersDir, id, configFileNameLegacy))
+		if err != nil {
+			logrus.Errorf("migrate container error: %v", err)
+			continue
+		}
+
+		var c map[string]*json.RawMessage
+		if err := json.Unmarshal(containerJSON, &c); err != nil {
+			logrus.Errorf("migrate container error: %v", err)
+			continue
+		}
+
+		imageStrJSON, ok := c["Image"]
+		if !ok {
+			return fmt.Errorf("invalid container configuration for %v", id)
+		}
+
+		var image string
+		if err := json.Unmarshal([]byte(*imageStrJSON), &image); err != nil {
+			logrus.Errorf("migrate container error: %v", err)
+			continue
+		}
+
+		imageID, ok := imageMappings[image]
+		if !ok {
+			logrus.Errorf("image not migrated %v", imageID) // non-fatal error
+			continue
+		}
+
+		c["Image"] = rawJSON(imageID)
+
+		containerJSON, err = json.Marshal(c)
+		if err != nil {
+			return err
+		}
+
+		if err := ioutil.WriteFile(filepath.Join(containersDir, id, configFileName), containerJSON, 0600); err != nil {
+			return err
+		}
+
+		img, err := is.Get(imageID)
+		if err != nil {
+			return err
+		}
+
+		if err := ls.CreateRWLayerByGraphID(id, id, img.RootFS.ChainID()); err != nil {
+			logrus.Errorf("migrate container error: %v", err)
+			continue
+		}
+
+		logrus.Infof("migrated container %s to point to %s", id, imageID)
+
+	}
+	return nil
+}
+
+type refAdder interface {
+	AddTag(ref reference.Named, id image.ID, force bool) error
+	AddDigest(ref reference.Canonical, id image.ID, force bool) error
+}
+
+func migrateRefs(root, driverName string, rs refAdder, mappings map[string]image.ID) error {
+	migrationFile := filepath.Join(root, migrationTagsFileName)
+	if _, err := os.Lstat(migrationFile); !os.IsNotExist(err) {
+		return err
+	}
+
+	type repositories struct {
+		Repositories map[string]map[string]string
+	}
+
+	var repos repositories
+
+	f, err := os.Open(filepath.Join(root, repositoriesFilePrefixLegacy+driverName))
+	if err != nil {
+		if os.IsNotExist(err) {
+			return nil
+		}
+		return err
+	}
+	defer f.Close()
+	if err := json.NewDecoder(f).Decode(&repos); err != nil {
+		return err
+	}
+
+	for name, repo := range repos.Repositories {
+		for tag, id := range repo {
+			if strongID, exists := mappings[id]; exists {
+				ref, err := reference.WithName(name)
+				if err != nil {
+					logrus.Errorf("migrate tags: invalid name %q, %q", name, err)
+					continue
+				}
+				if dgst, err := digest.ParseDigest(tag); err == nil {
+					canonical, err := reference.WithDigest(ref, dgst)
+					if err != nil {
+						logrus.Errorf("migrate tags: invalid digest %q, %q", dgst, err)
+						continue
+					}
+					if err := rs.AddDigest(canonical, strongID, false); err != nil {
+						logrus.Errorf("can't migrate digest %q for %q, err: %q", ref.String(), strongID, err)
+					}
+				} else {
+					tagRef, err := reference.WithTag(ref, tag)
+					if err != nil {
+						logrus.Errorf("migrate tags: invalid tag %q, %q", tag, err)
+						continue
+					}
+					if err := rs.AddTag(tagRef, strongID, false); err != nil {
+						logrus.Errorf("can't migrate tag %q for %q, err: %q", ref.String(), strongID, err)
+					}
+				}
+				logrus.Infof("migrated tag %s:%s to point to %s", name, tag, strongID)
+			}
+		}
+	}
+
+	mf, err := os.Create(migrationFile)
+	if err != nil {
+		return err
+	}
+	mf.Close()
+
+	return nil
+}
+
+func getParent(confDir string) (string, error) {
+	jsonFile := filepath.Join(confDir, "json")
+	imageJSON, err := ioutil.ReadFile(jsonFile)
+	if err != nil {
+		return "", err
+	}
+	var parent struct {
+		Parent   string
+		ParentID digest.Digest `json:"parent_id"`
+	}
+	if err := json.Unmarshal(imageJSON, &parent); err != nil {
+		return "", err
+	}
+	if parent.Parent == "" && parent.ParentID != "" { // v1.9
+		parent.Parent = parent.ParentID.Hex()
+	}
+	// compatibilityID for parent
+	parentCompatibilityID, err := ioutil.ReadFile(filepath.Join(confDir, "parent"))
+	if err == nil && len(parentCompatibilityID) > 0 {
+		parent.Parent = string(parentCompatibilityID)
+	}
+	return parent.Parent, nil
+}
+
+func migrateImage(id, root string, ls graphIDRegistrar, is image.Store, ms metadata.Store, mappings map[string]image.ID) (err error) {
+	defer func() {
+		if err != nil {
+			logrus.Errorf("migration failed for %v, err: %v", id, err)
+		}
+	}()
+
+	parent, err := getParent(filepath.Join(root, graphDirName, id))
+	if err != nil {
+		return err
+	}
+
+	var parentID image.ID
+	if parent != "" {
+		var exists bool
+		if parentID, exists = mappings[parent]; !exists {
+			if err := migrateImage(parent, root, ls, is, ms, mappings); err != nil {
+				// todo: fail or allow broken chains?
+				return err
+			}
+			parentID = mappings[parent]
+		}
+	}
+
+	rootFS := image.NewRootFS()
+	var history []image.History
+
+	if parentID != "" {
+		parentImg, err := is.Get(parentID)
+		if err != nil {
+			return err
+		}
+
+		rootFS = parentImg.RootFS
+		history = parentImg.History
+	}
+
+	diffIDData, err := ioutil.ReadFile(filepath.Join(root, graphDirName, id, migrationDiffIDFileName))
+	if err != nil {
+		return err
+	}
+	diffID, err := digest.ParseDigest(string(diffIDData))
+	if err != nil {
+		return err
+	}
+
+	sizeStr, err := ioutil.ReadFile(filepath.Join(root, graphDirName, id, migrationSizeFileName))
+	if err != nil {
+		return err
+	}
+	size, err := strconv.ParseInt(string(sizeStr), 10, 64)
+	if err != nil {
+		return err
+	}
+
+	layer, err := ls.RegisterByGraphID(id, rootFS.ChainID(), layer.DiffID(diffID), filepath.Join(root, graphDirName, id, migrationTarDataFileName), size)
+	if err != nil {
+		return err
+	}
+	logrus.Infof("migrated layer %s to %s", id, layer.DiffID())
+
+	jsonFile := filepath.Join(root, graphDirName, id, "json")
+	imageJSON, err := ioutil.ReadFile(jsonFile)
+	if err != nil {
+		return err
+	}
+
+	h, err := imagev1.HistoryFromConfig(imageJSON, false)
+	if err != nil {
+		return err
+	}
+	history = append(history, h)
+
+	rootFS.Append(layer.DiffID())
+
+	config, err := imagev1.MakeConfigFromV1Config(imageJSON, rootFS, history)
+	if err != nil {
+		return err
+	}
+	strongID, err := is.Create(config)
+	if err != nil {
+		return err
+	}
+	logrus.Infof("migrated image %s to %s", id, strongID)
+
+	if parentID != "" {
+		if err := is.SetParent(strongID, parentID); err != nil {
+			return err
+		}
+	}
+
+	checksum, err := ioutil.ReadFile(filepath.Join(root, graphDirName, id, "checksum"))
+	if err == nil { // best effort
+		dgst, err := digest.ParseDigest(string(checksum))
+		if err == nil {
+			V2MetadataService := metadata.NewV2MetadataService(ms)
+			V2MetadataService.Add(layer.DiffID(), metadata.V2Metadata{Digest: dgst})
+		}
+	}
+	_, err = ls.Release(layer)
+	if err != nil {
+		return err
+	}
+
+	mappings[id] = strongID
+	return
+}
+
+func rawJSON(value interface{}) *json.RawMessage {
+	jsonval, err := json.Marshal(value)
+	if err != nil {
+		return nil
+	}
+	return (*json.RawMessage)(&jsonval)
+}
diff --git a/migrate/v1/migratev1_test.go b/migrate/v1/migratev1_test.go
new file mode 100644
index 00000000..73878f11
--- /dev/null
+++ b/migrate/v1/migratev1_test.go
@@ -0,0 +1,429 @@
+package v1
+
+import (
+	"crypto/rand"
+	"encoding/hex"
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"reflect"
+	"runtime"
+	"testing"
+
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/distribution/metadata"
+	"github.com/docker/docker/image"
+	"github.com/docker/docker/layer"
+	"github.com/docker/docker/reference"
+)
+
+func TestMigrateRefs(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "migrate-tags")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+
+	ioutil.WriteFile(filepath.Join(tmpdir, "repositories-generic"), []byte(`{"Repositories":{"busybox":{"latest":"b3ca410aa2c115c05969a7b2c8cf8a9fcf62c1340ed6a601c9ee50df337ec108","sha256:16a2a52884c2a9481ed267c2d46483eac7693b813a63132368ab098a71303f8a":"b3ca410aa2c115c05969a7b2c8cf8a9fcf62c1340ed6a601c9ee50df337ec108"},"registry":{"2":"5d165b8e4b203685301c815e95663231691d383fd5e3d3185d1ce3f8dddead3d","latest":"8d5547a9f329b1d3f93198cd661fb5117e5a96b721c5cf9a2c389e7dd4877128"}}}`), 0600)
+
+	ta := &mockTagAdder{}
+	err = migrateRefs(tmpdir, "generic", ta, map[string]image.ID{
+		"5d165b8e4b203685301c815e95663231691d383fd5e3d3185d1ce3f8dddead3d": image.ID("sha256:2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae"),
+		"b3ca410aa2c115c05969a7b2c8cf8a9fcf62c1340ed6a601c9ee50df337ec108": image.ID("sha256:fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9"),
+		"abcdef3434c115c05969a7b2c8cf8a9fcf62c1340ed6a601c9ee50df337ec108": image.ID("sha256:56434342345ae68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae"),
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	expected := map[string]string{
+		"busybox:latest": "sha256:fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9",
+		"busybox@sha256:16a2a52884c2a9481ed267c2d46483eac7693b813a63132368ab098a71303f8a": "sha256:fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9",
+		"registry:2": "sha256:2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae",
+	}
+
+	if !reflect.DeepEqual(expected, ta.refs) {
+		t.Fatalf("Invalid migrated tags: expected %q, got %q", expected, ta.refs)
+	}
+
+	// second migration is no-op
+	ioutil.WriteFile(filepath.Join(tmpdir, "repositories-generic"), []byte(`{"Repositories":{"busybox":{"latest":"b3ca410aa2c115c05969a7b2c8cf8a9fcf62c1340ed6a601c9ee50df337ec108"`), 0600)
+	err = migrateRefs(tmpdir, "generic", ta, map[string]image.ID{
+		"b3ca410aa2c115c05969a7b2c8cf8a9fcf62c1340ed6a601c9ee50df337ec108": image.ID("sha256:fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9"),
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !reflect.DeepEqual(expected, ta.refs) {
+		t.Fatalf("Invalid migrated tags: expected %q, got %q", expected, ta.refs)
+	}
+}
+
+func TestMigrateContainers(t *testing.T) {
+	// TODO Windows: Figure out why this is failing
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+	tmpdir, err := ioutil.TempDir("", "migrate-containers")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+
+	err = addContainer(tmpdir, `{"State":{"Running":false,"Paused":false,"Restarting":false,"OOMKilled":false,"Dead":false,"Pid":0,"ExitCode":0,"Error":"","StartedAt":"2015-11-10T21:42:40.604267436Z","FinishedAt":"2015-11-10T21:42:41.869265487Z"},"ID":"f780ee3f80e66e9b432a57049597118a66aab8932be88e5628d4c824edbee37c","Created":"2015-11-10T21:42:40.433831551Z","Path":"sh","Args":[],"Config":{"Hostname":"f780ee3f80e6","Domainname":"","User":"","AttachStdin":true,"AttachStdout":true,"AttachStderr":true,"Tty":true,"OpenStdin":true,"StdinOnce":true,"Env":null,"Cmd":["sh"],"Image":"busybox","Volumes":null,"WorkingDir":"","Entrypoint":null,"OnBuild":null,"Labels":{}},"Image":"2c5ac3f849df8627fcf2822727f87c57f38b7129d3604fbc11d861fe856ff093","NetworkSettings":{"Bridge":"","EndpointID":"","Gateway":"","GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"HairpinMode":false,"IPAddress":"","IPPrefixLen":0,"IPv6Gateway":"","LinkLocalIPv6Address":"","LinkLocalIPv6PrefixLen":0,"MacAddress":"","NetworkID":"","PortMapping":null,"Ports":null,"SandboxKey":"","SecondaryIPAddresses":null,"SecondaryIPv6Addresses":null},"ResolvConfPath":"/var/lib/docker/containers/f780ee3f80e66e9b432a57049597118a66aab8932be88e5628d4c824edbee37c/resolv.conf","HostnamePath":"/var/lib/docker/containers/f780ee3f80e66e9b432a57049597118a66aab8932be88e5628d4c824edbee37c/hostname","HostsPath":"/var/lib/docker/containers/f780ee3f80e66e9b432a57049597118a66aab8932be88e5628d4c824edbee37c/hosts","LogPath":"/var/lib/docker/containers/f780ee3f80e66e9b432a57049597118a66aab8932be88e5628d4c824edbee37c/f780ee3f80e66e9b432a57049597118a66aab8932be88e5628d4c824edbee37c-json.log","Name":"/determined_euclid","Driver":"overlay","ExecDriver":"native-0.2","MountLabel":"","ProcessLabel":"","RestartCount":0,"UpdateDns":false,"HasBeenStartedBefore":false,"MountPoints":{},"Volumes":{},"VolumesRW":{},"AppArmorProfile":""}`)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// container with invalid image
+	err = addContainer(tmpdir, `{"State":{"Running":false,"Paused":false,"Restarting":false,"OOMKilled":false,"Dead":false,"Pid":0,"ExitCode":0,"Error":"","StartedAt":"2015-11-10T21:42:40.604267436Z","FinishedAt":"2015-11-10T21:42:41.869265487Z"},"ID":"e780ee3f80e66e9b432a57049597118a66aab8932be88e5628d4c824edbee37c","Created":"2015-11-10T21:42:40.433831551Z","Path":"sh","Args":[],"Config":{"Hostname":"f780ee3f80e6","Domainname":"","User":"","AttachStdin":true,"AttachStdout":true,"AttachStderr":true,"Tty":true,"OpenStdin":true,"StdinOnce":true,"Env":null,"Cmd":["sh"],"Image":"busybox","Volumes":null,"WorkingDir":"","Entrypoint":null,"OnBuild":null,"Labels":{}},"Image":"4c5ac3f849df8627fcf2822727f87c57f38b7129d3604fbc11d861fe856ff093","NetworkSettings":{"Bridge":"","EndpointID":"","Gateway":"","GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"HairpinMode":false,"IPAddress":"","IPPrefixLen":0,"IPv6Gateway":"","LinkLocalIPv6Address":"","LinkLocalIPv6PrefixLen":0,"MacAddress":"","NetworkID":"","PortMapping":null,"Ports":null,"SandboxKey":"","SecondaryIPAddresses":null,"SecondaryIPv6Addresses":null},"ResolvConfPath":"/var/lib/docker/containers/f780ee3f80e66e9b432a57049597118a66aab8932be88e5628d4c824edbee37c/resolv.conf","HostnamePath":"/var/lib/docker/containers/f780ee3f80e66e9b432a57049597118a66aab8932be88e5628d4c824edbee37c/hostname","HostsPath":"/var/lib/docker/containers/f780ee3f80e66e9b432a57049597118a66aab8932be88e5628d4c824edbee37c/hosts","LogPath":"/var/lib/docker/containers/f780ee3f80e66e9b432a57049597118a66aab8932be88e5628d4c824edbee37c/f780ee3f80e66e9b432a57049597118a66aab8932be88e5628d4c824edbee37c-json.log","Name":"/determined_euclid","Driver":"overlay","ExecDriver":"native-0.2","MountLabel":"","ProcessLabel":"","RestartCount":0,"UpdateDns":false,"HasBeenStartedBefore":false,"MountPoints":{},"Volumes":{},"VolumesRW":{},"AppArmorProfile":""}`)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	ls := &mockMounter{}
+
+	ifs, err := image.NewFSStoreBackend(filepath.Join(tmpdir, "imagedb"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	is, err := image.NewImageStore(ifs, ls)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	imgID, err := is.Create([]byte(`{"architecture":"amd64","config":{"AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"Cmd":["sh"],"Entrypoint":null,"Env":null,"Hostname":"23304fc829f9","Image":"d1592a710ac323612bd786fa8ac20727c58d8a67847e5a65177c594f43919498","Labels":null,"OnBuild":null,"OpenStdin":false,"StdinOnce":false,"Tty":false,"Volumes":null,"WorkingDir":"","Domainname":"","User":""},"container":"349b014153779e30093d94f6df2a43c7a0a164e05aa207389917b540add39b51","container_config":{"AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"Cmd":["/bin/sh","-c","#(nop) CMD [\"sh\"]"],"Entrypoint":null,"Env":null,"Hostname":"23304fc829f9","Image":"d1592a710ac323612bd786fa8ac20727c58d8a67847e5a65177c594f43919498","Labels":null,"OnBuild":null,"OpenStdin":false,"StdinOnce":false,"Tty":false,"Volumes":null,"WorkingDir":"","Domainname":"","User":""},"created":"2015-10-31T22:22:55.613815829Z","docker_version":"1.8.2","history":[{"created":"2015-10-31T22:22:54.690851953Z","created_by":"/bin/sh -c #(nop) ADD file:a3bc1e842b69636f9df5256c49c5374fb4eef1e281fe3f282c65fb853ee171c5 in /"},{"created":"2015-10-31T22:22:55.613815829Z","created_by":"/bin/sh -c #(nop) CMD [\"sh\"]"}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:c6f988f4874bb0add23a778f753c65efe992244e148a1d2ec2a8b664fb66bbd1","sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef"]}}`))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	err = migrateContainers(tmpdir, ls, is, map[string]image.ID{
+		"2c5ac3f849df8627fcf2822727f87c57f38b7129d3604fbc11d861fe856ff093": imgID,
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	expected := []mountInfo{{
+		"f780ee3f80e66e9b432a57049597118a66aab8932be88e5628d4c824edbee37c",
+		"f780ee3f80e66e9b432a57049597118a66aab8932be88e5628d4c824edbee37c",
+		"sha256:c3191d32a37d7159b2e30830937d2e30268ad6c375a773a8994911a3aba9b93f",
+	}}
+	if !reflect.DeepEqual(expected, ls.mounts) {
+		t.Fatalf("invalid mounts: expected %q, got %q", expected, ls.mounts)
+	}
+
+	if actual, expected := ls.count, 0; actual != expected {
+		t.Fatalf("invalid active mounts: expected %d, got %d", expected, actual)
+	}
+
+	config2, err := ioutil.ReadFile(filepath.Join(tmpdir, "containers", "f780ee3f80e66e9b432a57049597118a66aab8932be88e5628d4c824edbee37c", "config.v2.json"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	var config struct{ Image string }
+	err = json.Unmarshal(config2, &config)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if actual, expected := config.Image, string(imgID); actual != expected {
+		t.Fatalf("invalid image pointer in migrated config: expected %q, got %q", expected, actual)
+	}
+
+}
+
+func TestMigrateImages(t *testing.T) {
+	// TODO Windows: Figure out why this is failing
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+	tmpdir, err := ioutil.TempDir("", "migrate-images")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+
+	// busybox from 1.9
+	id1, err := addImage(tmpdir, `{"architecture":"amd64","config":{"Hostname":"23304fc829f9","Domainname":"","User":"","AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":null,"Cmd":null,"Image":"","Volumes":null,"WorkingDir":"","Entrypoint":null,"OnBuild":null,"Labels":null},"container":"23304fc829f9b9349416f6eb1afec162907eba3a328f51d53a17f8986f865d65","container_config":{"Hostname":"23304fc829f9","Domainname":"","User":"","AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":null,"Cmd":["/bin/sh","-c","#(nop) ADD file:a3bc1e842b69636f9df5256c49c5374fb4eef1e281fe3f282c65fb853ee171c5 in /"],"Image":"","Volumes":null,"WorkingDir":"","Entrypoint":null,"OnBuild":null,"Labels":null},"created":"2015-10-31T22:22:54.690851953Z","docker_version":"1.8.2","layer_id":"sha256:55dc925c23d1ed82551fd018c27ac3ee731377b6bad3963a2a4e76e753d70e57","os":"linux"}`, "", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	id2, err := addImage(tmpdir, `{"architecture":"amd64","config":{"Hostname":"23304fc829f9","Domainname":"","User":"","AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":null,"Cmd":["sh"],"Image":"d1592a710ac323612bd786fa8ac20727c58d8a67847e5a65177c594f43919498","Volumes":null,"WorkingDir":"","Entrypoint":null,"OnBuild":null,"Labels":null},"container":"349b014153779e30093d94f6df2a43c7a0a164e05aa207389917b540add39b51","container_config":{"Hostname":"23304fc829f9","Domainname":"","User":"","AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":null,"Cmd":["/bin/sh","-c","#(nop) CMD [\"sh\"]"],"Image":"d1592a710ac323612bd786fa8ac20727c58d8a67847e5a65177c594f43919498","Volumes":null,"WorkingDir":"","Entrypoint":null,"OnBuild":null,"Labels":null},"created":"2015-10-31T22:22:55.613815829Z","docker_version":"1.8.2","layer_id":"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4","os":"linux","parent_id":"sha256:039b63dd2cbaa10d6015ea574392530571ed8d7b174090f032211285a71881d0"}`, id1, "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	ls := &mockRegistrar{}
+
+	ifs, err := image.NewFSStoreBackend(filepath.Join(tmpdir, "imagedb"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	is, err := image.NewImageStore(ifs, ls)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	ms, err := metadata.NewFSMetadataStore(filepath.Join(tmpdir, "distribution"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	mappings := make(map[string]image.ID)
+
+	err = migrateImages(tmpdir, ls, is, ms, mappings)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	expected := map[string]image.ID{
+		id1: image.ID("sha256:ca406eaf9c26898414ff5b7b3a023c33310759d6203be0663dbf1b3a712f432d"),
+		id2: image.ID("sha256:a488bec94bb96b26a968f913d25ef7d8d204d727ca328b52b4b059c7d03260b6"),
+	}
+
+	if !reflect.DeepEqual(mappings, expected) {
+		t.Fatalf("invalid image mappings: expected %q, got %q", expected, mappings)
+	}
+
+	if actual, expected := ls.count, 2; actual != expected {
+		t.Fatalf("invalid register count: expected %q, got %q", expected, actual)
+	}
+	ls.count = 0
+
+	// next images are busybox from 1.8.2
+	_, err = addImage(tmpdir, `{"id":"17583c7dd0dae6244203b8029733bdb7d17fccbb2b5d93e2b24cf48b8bfd06e2","parent":"d1592a710ac323612bd786fa8ac20727c58d8a67847e5a65177c594f43919498","created":"2015-10-31T22:22:55.613815829Z","container":"349b014153779e30093d94f6df2a43c7a0a164e05aa207389917b540add39b51","container_config":{"Hostname":"23304fc829f9","Domainname":"","User":"","AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"ExposedPorts":null,"PublishService":"","Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":null,"Cmd":["/bin/sh","-c","#(nop) CMD [\"sh\"]"],"Image":"d1592a710ac323612bd786fa8ac20727c58d8a67847e5a65177c594f43919498","Volumes":null,"VolumeDriver":"","WorkingDir":"","Entrypoint":null,"NetworkDisabled":false,"MacAddress":"","OnBuild":null,"Labels":null},"docker_version":"1.8.2","config":{"Hostname":"23304fc829f9","Domainname":"","User":"","AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"ExposedPorts":null,"PublishService":"","Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":null,"Cmd":["sh"],"Image":"d1592a710ac323612bd786fa8ac20727c58d8a67847e5a65177c594f43919498","Volumes":null,"VolumeDriver":"","WorkingDir":"","Entrypoint":null,"NetworkDisabled":false,"MacAddress":"","OnBuild":null,"Labels":null},"architecture":"amd64","os":"linux","Size":0}`, "", "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	_, err = addImage(tmpdir, `{"id":"d1592a710ac323612bd786fa8ac20727c58d8a67847e5a65177c594f43919498","created":"2015-10-31T22:22:54.690851953Z","container":"23304fc829f9b9349416f6eb1afec162907eba3a328f51d53a17f8986f865d65","container_config":{"Hostname":"23304fc829f9","Domainname":"","User":"","AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"ExposedPorts":null,"PublishService":"","Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":null,"Cmd":["/bin/sh","-c","#(nop) ADD file:a3bc1e842b69636f9df5256c49c5374fb4eef1e281fe3f282c65fb853ee171c5 in /"],"Image":"","Volumes":null,"VolumeDriver":"","WorkingDir":"","Entrypoint":null,"NetworkDisabled":false,"MacAddress":"","OnBuild":null,"Labels":null},"docker_version":"1.8.2","config":{"Hostname":"23304fc829f9","Domainname":"","User":"","AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"ExposedPorts":null,"PublishService":"","Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":null,"Cmd":null,"Image":"","Volumes":null,"VolumeDriver":"","WorkingDir":"","Entrypoint":null,"NetworkDisabled":false,"MacAddress":"","OnBuild":null,"Labels":null},"architecture":"amd64","os":"linux","Size":1108935}`, "", "sha256:55dc925c23d1ed82551fd018c27ac3ee731377b6bad3963a2a4e76e753d70e57")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	err = migrateImages(tmpdir, ls, is, ms, mappings)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	expected["d1592a710ac323612bd786fa8ac20727c58d8a67847e5a65177c594f43919498"] = image.ID("sha256:c091bb33854e57e6902b74c08719856d30b5593c7db6143b2b48376b8a588395")
+	expected["17583c7dd0dae6244203b8029733bdb7d17fccbb2b5d93e2b24cf48b8bfd06e2"] = image.ID("sha256:d963020e755ff2715b936065949472c1f8a6300144b922992a1a421999e71f07")
+
+	if actual, expected := ls.count, 2; actual != expected {
+		t.Fatalf("invalid register count: expected %q, got %q", expected, actual)
+	}
+
+	v2MetadataService := metadata.NewV2MetadataService(ms)
+	receivedMetadata, err := v2MetadataService.GetMetadata(layer.EmptyLayer.DiffID())
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	expectedMetadata := []metadata.V2Metadata{
+		{Digest: digest.Digest("sha256:55dc925c23d1ed82551fd018c27ac3ee731377b6bad3963a2a4e76e753d70e57")},
+		{Digest: digest.Digest("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4")},
+	}
+
+	if !reflect.DeepEqual(expectedMetadata, receivedMetadata) {
+		t.Fatalf("invalid metadata: expected %q, got %q", expectedMetadata, receivedMetadata)
+	}
+
+}
+
+func TestMigrateUnsupported(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "migrate-empty")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+
+	err = os.MkdirAll(filepath.Join(tmpdir, "graph"), 0700)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	err = Migrate(tmpdir, "generic", nil, nil, nil, nil)
+	if err != errUnsupported {
+		t.Fatalf("expected unsupported error, got %q", err)
+	}
+}
+
+func TestMigrateEmptyDir(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "migrate-empty")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+
+	err = Migrate(tmpdir, "generic", nil, nil, nil, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
+func addImage(dest, jsonConfig, parent, checksum string) (string, error) {
+	var config struct{ ID string }
+	if err := json.Unmarshal([]byte(jsonConfig), &config); err != nil {
+		return "", err
+	}
+	if config.ID == "" {
+		b := make([]byte, 32)
+		rand.Read(b)
+		config.ID = hex.EncodeToString(b)
+	}
+	contDir := filepath.Join(dest, "graph", config.ID)
+	if err := os.MkdirAll(contDir, 0700); err != nil {
+		return "", err
+	}
+	if err := ioutil.WriteFile(filepath.Join(contDir, "json"), []byte(jsonConfig), 0600); err != nil {
+		return "", err
+	}
+	if checksum != "" {
+		if err := ioutil.WriteFile(filepath.Join(contDir, "checksum"), []byte(checksum), 0600); err != nil {
+			return "", err
+		}
+	}
+	if err := ioutil.WriteFile(filepath.Join(contDir, ".migration-diffid"), []byte(layer.EmptyLayer.DiffID()), 0600); err != nil {
+		return "", err
+	}
+	if err := ioutil.WriteFile(filepath.Join(contDir, ".migration-size"), []byte("0"), 0600); err != nil {
+		return "", err
+	}
+	if parent != "" {
+		if err := ioutil.WriteFile(filepath.Join(contDir, "parent"), []byte(parent), 0600); err != nil {
+			return "", err
+		}
+	}
+	if checksum != "" {
+		if err := ioutil.WriteFile(filepath.Join(contDir, "checksum"), []byte(checksum), 0600); err != nil {
+			return "", err
+		}
+	}
+	return config.ID, nil
+}
+
+func addContainer(dest, jsonConfig string) error {
+	var config struct{ ID string }
+	if err := json.Unmarshal([]byte(jsonConfig), &config); err != nil {
+		return err
+	}
+	contDir := filepath.Join(dest, "containers", config.ID)
+	if err := os.MkdirAll(contDir, 0700); err != nil {
+		return err
+	}
+	if err := ioutil.WriteFile(filepath.Join(contDir, "config.json"), []byte(jsonConfig), 0600); err != nil {
+		return err
+	}
+	return nil
+}
+
+type mockTagAdder struct {
+	refs map[string]string
+}
+
+func (t *mockTagAdder) AddTag(ref reference.Named, id image.ID, force bool) error {
+	if t.refs == nil {
+		t.refs = make(map[string]string)
+	}
+	t.refs[ref.String()] = id.String()
+	return nil
+}
+func (t *mockTagAdder) AddDigest(ref reference.Canonical, id image.ID, force bool) error {
+	return t.AddTag(ref, id, force)
+}
+
+type mockRegistrar struct {
+	layers map[layer.ChainID]*mockLayer
+	count  int
+}
+
+func (r *mockRegistrar) RegisterByGraphID(graphID string, parent layer.ChainID, diffID layer.DiffID, tarDataFile string, size int64) (layer.Layer, error) {
+	r.count++
+	l := &mockLayer{}
+	if parent != "" {
+		p, exists := r.layers[parent]
+		if !exists {
+			return nil, fmt.Errorf("invalid parent %q", parent)
+		}
+		l.parent = p
+		l.diffIDs = append(l.diffIDs, p.diffIDs...)
+	}
+	l.diffIDs = append(l.diffIDs, diffID)
+	if r.layers == nil {
+		r.layers = make(map[layer.ChainID]*mockLayer)
+	}
+	r.layers[l.ChainID()] = l
+	return l, nil
+}
+func (r *mockRegistrar) Release(l layer.Layer) ([]layer.Metadata, error) {
+	return nil, nil
+}
+func (r *mockRegistrar) Get(layer.ChainID) (layer.Layer, error) {
+	return nil, nil
+}
+
+type mountInfo struct {
+	name, graphID, parent string
+}
+type mockMounter struct {
+	mounts []mountInfo
+	count  int
+}
+
+func (r *mockMounter) CreateRWLayerByGraphID(name string, graphID string, parent layer.ChainID) error {
+	r.mounts = append(r.mounts, mountInfo{name, graphID, string(parent)})
+	return nil
+}
+func (r *mockMounter) Unmount(string) error {
+	r.count--
+	return nil
+}
+func (r *mockMounter) Get(layer.ChainID) (layer.Layer, error) {
+	return nil, nil
+}
+
+func (r *mockMounter) Release(layer.Layer) ([]layer.Metadata, error) {
+	return nil, nil
+}
+
+type mockLayer struct {
+	diffIDs []layer.DiffID
+	parent  *mockLayer
+}
+
+func (l *mockLayer) TarStream() (io.ReadCloser, error) {
+	return nil, nil
+}
+
+func (l *mockLayer) ChainID() layer.ChainID {
+	return layer.CreateChainID(l.diffIDs)
+}
+
+func (l *mockLayer) DiffID() layer.DiffID {
+	return l.diffIDs[len(l.diffIDs)-1]
+}
+
+func (l *mockLayer) Parent() layer.Layer {
+	if l.parent == nil {
+		return nil
+	}
+	return l.parent
+}
+
+func (l *mockLayer) Size() (int64, error) {
+	return 0, nil
+}
+
+func (l *mockLayer) DiffSize() (int64, error) {
+	return 0, nil
+}
+
+func (l *mockLayer) Metadata() (map[string]string, error) {
+	return nil, nil
+}
diff --git a/oci/defaults_linux.go b/oci/defaults_linux.go
new file mode 100644
index 00000000..9ee75461
--- /dev/null
+++ b/oci/defaults_linux.go
@@ -0,0 +1,210 @@
+package oci
+
+import (
+	"os"
+	"runtime"
+
+	"github.com/opencontainers/specs/specs-go"
+)
+
+func sPtr(s string) *string      { return &s }
+func rPtr(r rune) *rune          { return &r }
+func iPtr(i int64) *int64        { return &i }
+func u32Ptr(i int64) *uint32     { u := uint32(i); return &u }
+func fmPtr(i int64) *os.FileMode { fm := os.FileMode(i); return &fm }
+
+// DefaultSpec returns default oci spec used by docker.
+func DefaultSpec() specs.Spec {
+	s := specs.Spec{
+		Version: specs.Version,
+		Platform: specs.Platform{
+			OS:   runtime.GOOS,
+			Arch: runtime.GOARCH,
+		},
+	}
+	s.Mounts = []specs.Mount{
+		{
+			Destination: "/proc",
+			Type:        "proc",
+			Source:      "proc",
+			Options:     []string{"nosuid", "noexec", "nodev"},
+		},
+		{
+			Destination: "/dev",
+			Type:        "tmpfs",
+			Source:      "tmpfs",
+			Options:     []string{"nosuid", "strictatime", "mode=755"},
+		},
+		{
+			Destination: "/dev/pts",
+			Type:        "devpts",
+			Source:      "devpts",
+			Options:     []string{"nosuid", "noexec", "newinstance", "ptmxmode=0666", "mode=0620", "gid=5"},
+		},
+		{
+			Destination: "/sys",
+			Type:        "sysfs",
+			Source:      "sysfs",
+			Options:     []string{"nosuid", "noexec", "nodev", "ro"},
+		},
+		{
+			Destination: "/sys/fs/cgroup",
+			Type:        "cgroup",
+			Source:      "cgroup",
+			Options:     []string{"ro", "nosuid", "noexec", "nodev"},
+		},
+		{
+			Destination: "/dev/mqueue",
+			Type:        "mqueue",
+			Source:      "mqueue",
+			Options:     []string{"nosuid", "noexec", "nodev"},
+		},
+	}
+
+	s.Process.Capabilities = []string{
+		"CAP_CHOWN",
+		"CAP_DAC_OVERRIDE",
+		"CAP_FSETID",
+		"CAP_FOWNER",
+		"CAP_MKNOD",
+		"CAP_NET_RAW",
+		"CAP_SETGID",
+		"CAP_SETUID",
+		"CAP_SETFCAP",
+		"CAP_SETPCAP",
+		"CAP_NET_BIND_SERVICE",
+		"CAP_SYS_CHROOT",
+		"CAP_KILL",
+		"CAP_AUDIT_WRITE",
+	}
+
+	s.Linux = specs.Linux{
+		MaskedPaths: []string{
+			"/proc/kcore",
+			"/proc/latency_stats",
+			"/proc/timer_stats",
+			"/proc/sched_debug",
+		},
+		ReadonlyPaths: []string{
+			"/proc/asound",
+			"/proc/bus",
+			"/proc/fs",
+			"/proc/irq",
+			"/proc/sys",
+			"/proc/sysrq-trigger",
+		},
+		Namespaces: []specs.Namespace{
+			{Type: "mount"},
+			{Type: "network"},
+			{Type: "uts"},
+			{Type: "pid"},
+			{Type: "ipc"},
+		},
+		Devices: []specs.Device{
+			{
+				Type:     "c",
+				Path:     "/dev/zero",
+				Major:    1,
+				Minor:    5,
+				FileMode: fmPtr(0666),
+				UID:      u32Ptr(0),
+				GID:      u32Ptr(0),
+			},
+			{
+				Type:     "c",
+				Path:     "/dev/null",
+				Major:    1,
+				Minor:    3,
+				FileMode: fmPtr(0666),
+				UID:      u32Ptr(0),
+				GID:      u32Ptr(0),
+			},
+			{
+				Type:     "c",
+				Path:     "/dev/urandom",
+				Major:    1,
+				Minor:    9,
+				FileMode: fmPtr(0666),
+				UID:      u32Ptr(0),
+				GID:      u32Ptr(0),
+			},
+			{
+				Type:     "c",
+				Path:     "/dev/random",
+				Major:    1,
+				Minor:    8,
+				FileMode: fmPtr(0666),
+				UID:      u32Ptr(0),
+				GID:      u32Ptr(0),
+			},
+			{
+				Type:     "c",
+				Path:     "/dev/fuse",
+				Major:    10,
+				Minor:    229,
+				FileMode: fmPtr(0666),
+				UID:      u32Ptr(0),
+				GID:      u32Ptr(0),
+			},
+		},
+		Resources: &specs.Resources{
+			Devices: []specs.DeviceCgroup{
+				{
+					Allow:  false,
+					Access: sPtr("rwm"),
+				},
+				{
+					Allow:  true,
+					Type:   sPtr("c"),
+					Major:  iPtr(1),
+					Minor:  iPtr(5),
+					Access: sPtr("rwm"),
+				},
+				{
+					Allow:  true,
+					Type:   sPtr("c"),
+					Major:  iPtr(1),
+					Minor:  iPtr(3),
+					Access: sPtr("rwm"),
+				},
+				{
+					Allow:  true,
+					Type:   sPtr("c"),
+					Major:  iPtr(1),
+					Minor:  iPtr(9),
+					Access: sPtr("rwm"),
+				},
+				{
+					Allow:  true,
+					Type:   sPtr("c"),
+					Major:  iPtr(1),
+					Minor:  iPtr(8),
+					Access: sPtr("rwm"),
+				},
+				{
+					Allow:  true,
+					Type:   sPtr("c"),
+					Major:  iPtr(5),
+					Minor:  iPtr(0),
+					Access: sPtr("rwm"),
+				},
+				{
+					Allow:  true,
+					Type:   sPtr("c"),
+					Major:  iPtr(5),
+					Minor:  iPtr(1),
+					Access: sPtr("rwm"),
+				},
+				{
+					Allow:  false,
+					Type:   sPtr("c"),
+					Major:  iPtr(10),
+					Minor:  iPtr(229),
+					Access: sPtr("rwm"),
+				},
+			},
+		},
+	}
+
+	return s
+}
diff --git a/oci/defaults_windows.go b/oci/defaults_windows.go
new file mode 100644
index 00000000..03dc942e
--- /dev/null
+++ b/oci/defaults_windows.go
@@ -0,0 +1,23 @@
+package oci
+
+import (
+	"runtime"
+
+	"github.com/docker/docker/libcontainerd/windowsoci"
+)
+
+// DefaultSpec returns default spec used by docker.
+func DefaultSpec() windowsoci.WindowsSpec {
+	s := windowsoci.Spec{
+		Version: windowsoci.Version,
+		Platform: windowsoci.Platform{
+			OS:   runtime.GOOS,
+			Arch: runtime.GOARCH,
+		},
+	}
+
+	return windowsoci.WindowsSpec{
+		Spec:    s,
+		Windows: windowsoci.Windows{},
+	}
+}
diff --git a/opts/hosts.go b/opts/hosts.go
new file mode 100644
index 00000000..ad167592
--- /dev/null
+++ b/opts/hosts.go
@@ -0,0 +1,148 @@
+package opts
+
+import (
+	"fmt"
+	"net"
+	"net/url"
+	"strconv"
+	"strings"
+)
+
+var (
+	// DefaultHTTPPort Default HTTP Port used if only the protocol is provided to -H flag e.g. docker daemon -H tcp://
+	// These are the IANA registered port numbers for use with Docker
+	// see http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=docker
+	DefaultHTTPPort = 2375 // Default HTTP Port
+	// DefaultTLSHTTPPort Default HTTP Port used when TLS enabled
+	DefaultTLSHTTPPort = 2376 // Default TLS encrypted HTTP Port
+	// DefaultUnixSocket Path for the unix socket.
+	// Docker daemon by default always listens on the default unix socket
+	DefaultUnixSocket = "/var/run/docker.sock"
+	// DefaultTCPHost constant defines the default host string used by docker on Windows
+	DefaultTCPHost = fmt.Sprintf("tcp://%s:%d", DefaultHTTPHost, DefaultHTTPPort)
+	// DefaultTLSHost constant defines the default host string used by docker for TLS sockets
+	DefaultTLSHost = fmt.Sprintf("tcp://%s:%d", DefaultHTTPHost, DefaultTLSHTTPPort)
+	// DefaultNamedPipe defines the default named pipe used by docker on Windows
+	DefaultNamedPipe = `//./pipe/docker_engine`
+)
+
+// ValidateHost validates that the specified string is a valid host and returns it.
+func ValidateHost(val string) (string, error) {
+	host := strings.TrimSpace(val)
+	// The empty string means default and is not handled by parseDockerDaemonHost
+	if host != "" {
+		_, err := parseDockerDaemonHost(host)
+		if err != nil {
+			return val, err
+		}
+	}
+	// Note: unlike most flag validators, we don't return the mutated value here
+	//       we need to know what the user entered later (using ParseHost) to adjust for tls
+	return val, nil
+}
+
+// ParseHost and set defaults for a Daemon host string
+func ParseHost(defaultToTLS bool, val string) (string, error) {
+	host := strings.TrimSpace(val)
+	if host == "" {
+		if defaultToTLS {
+			host = DefaultTLSHost
+		} else {
+			host = DefaultHost
+		}
+	} else {
+		var err error
+		host, err = parseDockerDaemonHost(host)
+		if err != nil {
+			return val, err
+		}
+	}
+	return host, nil
+}
+
+// parseDockerDaemonHost parses the specified address and returns an address that will be used as the host.
+// Depending of the address specified, this may return one of the global Default* strings defined in hosts.go.
+func parseDockerDaemonHost(addr string) (string, error) {
+	addrParts := strings.Split(addr, "://")
+	if len(addrParts) == 1 && addrParts[0] != "" {
+		addrParts = []string{"tcp", addrParts[0]}
+	}
+
+	switch addrParts[0] {
+	case "tcp":
+		return parseTCPAddr(addrParts[1], DefaultTCPHost)
+	case "unix":
+		return parseSimpleProtoAddr("unix", addrParts[1], DefaultUnixSocket)
+	case "npipe":
+		return parseSimpleProtoAddr("npipe", addrParts[1], DefaultNamedPipe)
+	case "fd":
+		return addr, nil
+	default:
+		return "", fmt.Errorf("Invalid bind address format: %s", addr)
+	}
+}
+
+// parseSimpleProtoAddr parses and validates that the specified address is a valid
+// socket address for simple protocols like unix and npipe. It returns a formatted
+// socket address, either using the address parsed from addr, or the contents of
+// defaultAddr if addr is a blank string.
+func parseSimpleProtoAddr(proto, addr, defaultAddr string) (string, error) {
+	addr = strings.TrimPrefix(addr, proto+"://")
+	if strings.Contains(addr, "://") {
+		return "", fmt.Errorf("Invalid proto, expected %s: %s", proto, addr)
+	}
+	if addr == "" {
+		addr = defaultAddr
+	}
+	return fmt.Sprintf("%s://%s", proto, addr), nil
+}
+
+// parseTCPAddr parses and validates that the specified address is a valid TCP
+// address. It returns a formatted TCP address, either using the address parsed
+// from tryAddr, or the contents of defaultAddr if tryAddr is a blank string.
+// tryAddr is expected to have already been Trim()'d
+// defaultAddr must be in the full `tcp://host:port` form
+func parseTCPAddr(tryAddr string, defaultAddr string) (string, error) {
+	if tryAddr == "" || tryAddr == "tcp://" {
+		return defaultAddr, nil
+	}
+	addr := strings.TrimPrefix(tryAddr, "tcp://")
+	if strings.Contains(addr, "://") || addr == "" {
+		return "", fmt.Errorf("Invalid proto, expected tcp: %s", tryAddr)
+	}
+
+	defaultAddr = strings.TrimPrefix(defaultAddr, "tcp://")
+	defaultHost, defaultPort, err := net.SplitHostPort(defaultAddr)
+	if err != nil {
+		return "", err
+	}
+	// url.Parse fails for trailing colon on IPv6 brackets on Go 1.5, but
+	// not 1.4. See https://github.com/golang/go/issues/12200 and
+	// https://github.com/golang/go/issues/6530.
+	if strings.HasSuffix(addr, "]:") {
+		addr += defaultPort
+	}
+
+	u, err := url.Parse("tcp://" + addr)
+	if err != nil {
+		return "", err
+	}
+
+	host, port, err := net.SplitHostPort(u.Host)
+	if err != nil {
+		return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
+	}
+
+	if host == "" {
+		host = defaultHost
+	}
+	if port == "" {
+		port = defaultPort
+	}
+	p, err := strconv.Atoi(port)
+	if err != nil && p == 0 {
+		return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
+	}
+
+	return fmt.Sprintf("tcp://%s%s", net.JoinHostPort(host, port), u.Path), nil
+}
diff --git a/opts/hosts_test.go b/opts/hosts_test.go
new file mode 100644
index 00000000..dc527e63
--- /dev/null
+++ b/opts/hosts_test.go
@@ -0,0 +1,154 @@
+package opts
+
+import (
+	"fmt"
+	"testing"
+)
+
+func TestParseHost(t *testing.T) {
+	invalid := []string{
+		"anything",
+		"something with spaces",
+		"://",
+		"unknown://",
+		"tcp://:port",
+		"tcp://invalid",
+		"tcp://invalid:port",
+	}
+
+	valid := map[string]string{
+		"":                         DefaultHost,
+		" ":                        DefaultHost,
+		"  ":                       DefaultHost,
+		"fd://":                    "fd://",
+		"fd://something":           "fd://something",
+		"tcp://host:":              fmt.Sprintf("tcp://host:%d", DefaultHTTPPort),
+		"tcp://":                   DefaultTCPHost,
+		"tcp://:2375":              fmt.Sprintf("tcp://%s:2375", DefaultHTTPHost),
+		"tcp://:2376":              fmt.Sprintf("tcp://%s:2376", DefaultHTTPHost),
+		"tcp://0.0.0.0:8080":       "tcp://0.0.0.0:8080",
+		"tcp://192.168.0.0:12000":  "tcp://192.168.0.0:12000",
+		"tcp://192.168:8080":       "tcp://192.168:8080",
+		"tcp://0.0.0.0:1234567890": "tcp://0.0.0.0:1234567890", // yeah it's valid :P
+		" tcp://:7777/path ":       fmt.Sprintf("tcp://%s:7777/path", DefaultHTTPHost),
+		"tcp://docker.com:2375":    "tcp://docker.com:2375",
+		"unix://":                  "unix://" + DefaultUnixSocket,
+		"unix://path/to/socket":    "unix://path/to/socket",
+		"npipe://":                 "npipe://" + DefaultNamedPipe,
+		"npipe:////./pipe/foo":     "npipe:////./pipe/foo",
+	}
+
+	for _, value := range invalid {
+		if _, err := ParseHost(false, value); err == nil {
+			t.Errorf("Expected an error for %v, got [nil]", value)
+		}
+	}
+
+	for value, expected := range valid {
+		if actual, err := ParseHost(false, value); err != nil || actual != expected {
+			t.Errorf("Expected for %v [%v], got [%v, %v]", value, expected, actual, err)
+		}
+	}
+}
+
+func TestParseDockerDaemonHost(t *testing.T) {
+	invalids := map[string]string{
+		"0.0.0.0":                       "Invalid bind address format: 0.0.0.0",
+		"tcp:a.b.c.d":                   "Invalid bind address format: tcp:a.b.c.d",
+		"tcp:a.b.c.d/path":              "Invalid bind address format: tcp:a.b.c.d/path",
+		"udp://127.0.0.1":               "Invalid bind address format: udp://127.0.0.1",
+		"udp://127.0.0.1:2375":          "Invalid bind address format: udp://127.0.0.1:2375",
+		"tcp://unix:///run/docker.sock": "Invalid bind address format: unix",
+		" tcp://:7777/path ":            "Invalid bind address format:  tcp://:7777/path ",
+		"tcp":                           "Invalid bind address format: tcp",
+		"unix":                          "Invalid bind address format: unix",
+		"fd":                            "Invalid bind address format: fd",
+		"":                              "Invalid bind address format: ",
+	}
+	valids := map[string]string{
+		"0.0.0.1:":                    "tcp://0.0.0.1:2375",
+		"0.0.0.1:5555":                "tcp://0.0.0.1:5555",
+		"0.0.0.1:5555/path":           "tcp://0.0.0.1:5555/path",
+		"[::1]:":                      "tcp://[::1]:2375",
+		"[::1]:5555/path":             "tcp://[::1]:5555/path",
+		"[0:0:0:0:0:0:0:1]:":          "tcp://[0:0:0:0:0:0:0:1]:2375",
+		"[0:0:0:0:0:0:0:1]:5555/path": "tcp://[0:0:0:0:0:0:0:1]:5555/path",
+		":6666":                   fmt.Sprintf("tcp://%s:6666", DefaultHTTPHost),
+		":6666/path":              fmt.Sprintf("tcp://%s:6666/path", DefaultHTTPHost),
+		"tcp://":                  DefaultTCPHost,
+		"tcp://:7777":             fmt.Sprintf("tcp://%s:7777", DefaultHTTPHost),
+		"tcp://:7777/path":        fmt.Sprintf("tcp://%s:7777/path", DefaultHTTPHost),
+		"unix:///run/docker.sock": "unix:///run/docker.sock",
+		"unix://":                 "unix://" + DefaultUnixSocket,
+		"fd://":                   "fd://",
+		"fd://something":          "fd://something",
+		"localhost:":              "tcp://localhost:2375",
+		"localhost:5555":          "tcp://localhost:5555",
+		"localhost:5555/path":     "tcp://localhost:5555/path",
+	}
+	for invalidAddr, expectedError := range invalids {
+		if addr, err := parseDockerDaemonHost(invalidAddr); err == nil || err.Error() != expectedError {
+			t.Errorf("tcp %v address expected error %v return, got %s and addr %v", invalidAddr, expectedError, err, addr)
+		}
+	}
+	for validAddr, expectedAddr := range valids {
+		if addr, err := parseDockerDaemonHost(validAddr); err != nil || addr != expectedAddr {
+			t.Errorf("%v -> expected %v, got (%v) addr (%v)", validAddr, expectedAddr, err, addr)
+		}
+	}
+}
+
+func TestParseTCP(t *testing.T) {
+	var (
+		defaultHTTPHost = "tcp://127.0.0.1:2376"
+	)
+	invalids := map[string]string{
+		"0.0.0.0":              "Invalid bind address format: 0.0.0.0",
+		"tcp:a.b.c.d":          "Invalid bind address format: tcp:a.b.c.d",
+		"tcp:a.b.c.d/path":     "Invalid bind address format: tcp:a.b.c.d/path",
+		"udp://127.0.0.1":      "Invalid proto, expected tcp: udp://127.0.0.1",
+		"udp://127.0.0.1:2375": "Invalid proto, expected tcp: udp://127.0.0.1:2375",
+	}
+	valids := map[string]string{
+		"":                            defaultHTTPHost,
+		"tcp://":                      defaultHTTPHost,
+		"0.0.0.1:":                    "tcp://0.0.0.1:2376",
+		"0.0.0.1:5555":                "tcp://0.0.0.1:5555",
+		"0.0.0.1:5555/path":           "tcp://0.0.0.1:5555/path",
+		":6666":                       "tcp://127.0.0.1:6666",
+		":6666/path":                  "tcp://127.0.0.1:6666/path",
+		"tcp://:7777":                 "tcp://127.0.0.1:7777",
+		"tcp://:7777/path":            "tcp://127.0.0.1:7777/path",
+		"[::1]:":                      "tcp://[::1]:2376",
+		"[::1]:5555":                  "tcp://[::1]:5555",
+		"[::1]:5555/path":             "tcp://[::1]:5555/path",
+		"[0:0:0:0:0:0:0:1]:":          "tcp://[0:0:0:0:0:0:0:1]:2376",
+		"[0:0:0:0:0:0:0:1]:5555":      "tcp://[0:0:0:0:0:0:0:1]:5555",
+		"[0:0:0:0:0:0:0:1]:5555/path": "tcp://[0:0:0:0:0:0:0:1]:5555/path",
+		"localhost:":                  "tcp://localhost:2376",
+		"localhost:5555":              "tcp://localhost:5555",
+		"localhost:5555/path":         "tcp://localhost:5555/path",
+	}
+	for invalidAddr, expectedError := range invalids {
+		if addr, err := parseTCPAddr(invalidAddr, defaultHTTPHost); err == nil || err.Error() != expectedError {
+			t.Errorf("tcp %v address expected error %v return, got %s and addr %v", invalidAddr, expectedError, err, addr)
+		}
+	}
+	for validAddr, expectedAddr := range valids {
+		if addr, err := parseTCPAddr(validAddr, defaultHTTPHost); err != nil || addr != expectedAddr {
+			t.Errorf("%v -> expected %v, got %v and addr %v", validAddr, expectedAddr, err, addr)
+		}
+	}
+}
+
+func TestParseInvalidUnixAddrInvalid(t *testing.T) {
+	if _, err := parseSimpleProtoAddr("unix", "tcp://127.0.0.1", "unix:///var/run/docker.sock"); err == nil || err.Error() != "Invalid proto, expected unix: tcp://127.0.0.1" {
+		t.Fatalf("Expected an error, got %v", err)
+	}
+	if _, err := parseSimpleProtoAddr("unix", "unix://tcp://127.0.0.1", "/var/run/docker.sock"); err == nil || err.Error() != "Invalid proto, expected unix: tcp://127.0.0.1" {
+		t.Fatalf("Expected an error, got %v", err)
+	}
+	if v, err := parseSimpleProtoAddr("unix", "", "/var/run/docker.sock"); err != nil || v != "unix:///var/run/docker.sock" {
+		t.Fatalf("Expected an %v, got %v", v, "unix:///var/run/docker.sock")
+	}
+}
diff --git a/opts/hosts_unix.go b/opts/hosts_unix.go
new file mode 100644
index 00000000..611407a9
--- /dev/null
+++ b/opts/hosts_unix.go
@@ -0,0 +1,8 @@
+// +build !windows
+
+package opts
+
+import "fmt"
+
+// DefaultHost constant defines the default host string used by docker on other hosts than Windows
+var DefaultHost = fmt.Sprintf("unix://%s", DefaultUnixSocket)
diff --git a/opts/hosts_windows.go b/opts/hosts_windows.go
new file mode 100644
index 00000000..7c239e00
--- /dev/null
+++ b/opts/hosts_windows.go
@@ -0,0 +1,6 @@
+// +build windows
+
+package opts
+
+// DefaultHost constant defines the default host string used by docker on Windows
+var DefaultHost = "npipe://" + DefaultNamedPipe
diff --git a/opts/ip.go b/opts/ip.go
new file mode 100644
index 00000000..c7b0dc99
--- /dev/null
+++ b/opts/ip.go
@@ -0,0 +1,42 @@
+package opts
+
+import (
+	"fmt"
+	"net"
+)
+
+// IPOpt holds an IP. It is used to store values from CLI flags.
+type IPOpt struct {
+	*net.IP
+}
+
+// NewIPOpt creates a new IPOpt from a reference net.IP and a
+// string representation of an IP. If the string is not a valid
+// IP it will fallback to the specified reference.
+func NewIPOpt(ref *net.IP, defaultVal string) *IPOpt {
+	o := &IPOpt{
+		IP: ref,
+	}
+	o.Set(defaultVal)
+	return o
+}
+
+// Set sets an IPv4 or IPv6 address from a given string. If the given
+// string is not parseable as an IP address it returns an error.
+func (o *IPOpt) Set(val string) error {
+	ip := net.ParseIP(val)
+	if ip == nil {
+		return fmt.Errorf("%s is not an ip address", val)
+	}
+	*o.IP = ip
+	return nil
+}
+
+// String returns the IP address stored in the IPOpt. If stored IP is a
+// nil pointer, it returns an empty string.
+func (o *IPOpt) String() string {
+	if *o.IP == nil {
+		return ""
+	}
+	return o.IP.String()
+}
diff --git a/opts/ip_test.go b/opts/ip_test.go
new file mode 100644
index 00000000..1027d84a
--- /dev/null
+++ b/opts/ip_test.go
@@ -0,0 +1,54 @@
+package opts
+
+import (
+	"net"
+	"testing"
+)
+
+func TestIpOptString(t *testing.T) {
+	addresses := []string{"", "0.0.0.0"}
+	var ip net.IP
+
+	for _, address := range addresses {
+		stringAddress := NewIPOpt(&ip, address).String()
+		if stringAddress != address {
+			t.Fatalf("IpOpt string should be `%s`, not `%s`", address, stringAddress)
+		}
+	}
+}
+
+func TestNewIpOptInvalidDefaultVal(t *testing.T) {
+	ip := net.IPv4(127, 0, 0, 1)
+	defaultVal := "Not an ip"
+
+	ipOpt := NewIPOpt(&ip, defaultVal)
+
+	expected := "127.0.0.1"
+	if ipOpt.String() != expected {
+		t.Fatalf("Expected [%v], got [%v]", expected, ipOpt.String())
+	}
+}
+
+func TestNewIpOptValidDefaultVal(t *testing.T) {
+	ip := net.IPv4(127, 0, 0, 1)
+	defaultVal := "192.168.1.1"
+
+	ipOpt := NewIPOpt(&ip, defaultVal)
+
+	expected := "192.168.1.1"
+	if ipOpt.String() != expected {
+		t.Fatalf("Expected [%v], got [%v]", expected, ipOpt.String())
+	}
+}
+
+func TestIpOptSetInvalidVal(t *testing.T) {
+	ip := net.IPv4(127, 0, 0, 1)
+	ipOpt := &IPOpt{IP: &ip}
+
+	invalidIP := "invalid ip"
+	expectedError := "invalid ip is not an ip address"
+	err := ipOpt.Set(invalidIP)
+	if err == nil || err.Error() != expectedError {
+		t.Fatalf("Expected an Error with [%v], got [%v]", expectedError, err.Error())
+	}
+}
diff --git a/opts/opts.go b/opts/opts.go
new file mode 100644
index 00000000..05aadbe7
--- /dev/null
+++ b/opts/opts.go
@@ -0,0 +1,242 @@
+package opts
+
+import (
+	"fmt"
+	"net"
+	"regexp"
+	"strings"
+)
+
+var (
+	alphaRegexp  = regexp.MustCompile(`[a-zA-Z]`)
+	domainRegexp = regexp.MustCompile(`^(:?(:?[a-zA-Z0-9]|(:?[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9]))(:?\.(:?[a-zA-Z0-9]|(:?[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])))*)\.?\s*$`)
+)
+
+// ListOpts holds a list of values and a validation function.
+type ListOpts struct {
+	values    *[]string
+	validator ValidatorFctType
+}
+
+// NewListOpts creates a new ListOpts with the specified validator.
+func NewListOpts(validator ValidatorFctType) ListOpts {
+	var values []string
+	return *NewListOptsRef(&values, validator)
+}
+
+// NewListOptsRef creates a new ListOpts with the specified values and validator.
+func NewListOptsRef(values *[]string, validator ValidatorFctType) *ListOpts {
+	return &ListOpts{
+		values:    values,
+		validator: validator,
+	}
+}
+
+func (opts *ListOpts) String() string {
+	return fmt.Sprintf("%v", []string((*opts.values)))
+}
+
+// Set validates if needed the input value and add it to the
+// internal slice.
+func (opts *ListOpts) Set(value string) error {
+	if opts.validator != nil {
+		v, err := opts.validator(value)
+		if err != nil {
+			return err
+		}
+		value = v
+	}
+	(*opts.values) = append((*opts.values), value)
+	return nil
+}
+
+// Delete removes the specified element from the slice.
+func (opts *ListOpts) Delete(key string) {
+	for i, k := range *opts.values {
+		if k == key {
+			(*opts.values) = append((*opts.values)[:i], (*opts.values)[i+1:]...)
+			return
+		}
+	}
+}
+
+// GetMap returns the content of values in a map in order to avoid
+// duplicates.
+func (opts *ListOpts) GetMap() map[string]struct{} {
+	ret := make(map[string]struct{})
+	for _, k := range *opts.values {
+		ret[k] = struct{}{}
+	}
+	return ret
+}
+
+// GetAll returns the values of slice.
+func (opts *ListOpts) GetAll() []string {
+	return (*opts.values)
+}
+
+// GetAllOrEmpty returns the values of the slice
+// or an empty slice when there are no values.
+func (opts *ListOpts) GetAllOrEmpty() []string {
+	v := *opts.values
+	if v == nil {
+		return make([]string, 0)
+	}
+	return v
+}
+
+// Get checks the existence of the specified key.
+func (opts *ListOpts) Get(key string) bool {
+	for _, k := range *opts.values {
+		if k == key {
+			return true
+		}
+	}
+	return false
+}
+
+// Len returns the amount of element in the slice.
+func (opts *ListOpts) Len() int {
+	return len((*opts.values))
+}
+
+// NamedOption is an interface that list and map options
+// with names implement.
+type NamedOption interface {
+	Name() string
+}
+
+// NamedListOpts is a ListOpts with a configuration name.
+// This struct is useful to keep reference to the assigned
+// field name in the internal configuration struct.
+type NamedListOpts struct {
+	name string
+	ListOpts
+}
+
+var _ NamedOption = &NamedListOpts{}
+
+// NewNamedListOptsRef creates a reference to a new NamedListOpts struct.
+func NewNamedListOptsRef(name string, values *[]string, validator ValidatorFctType) *NamedListOpts {
+	return &NamedListOpts{
+		name:     name,
+		ListOpts: *NewListOptsRef(values, validator),
+	}
+}
+
+// Name returns the name of the NamedListOpts in the configuration.
+func (o *NamedListOpts) Name() string {
+	return o.name
+}
+
+//MapOpts holds a map of values and a validation function.
+type MapOpts struct {
+	values    map[string]string
+	validator ValidatorFctType
+}
+
+// Set validates if needed the input value and add it to the
+// internal map, by splitting on '='.
+func (opts *MapOpts) Set(value string) error {
+	if opts.validator != nil {
+		v, err := opts.validator(value)
+		if err != nil {
+			return err
+		}
+		value = v
+	}
+	vals := strings.SplitN(value, "=", 2)
+	if len(vals) == 1 {
+		(opts.values)[vals[0]] = ""
+	} else {
+		(opts.values)[vals[0]] = vals[1]
+	}
+	return nil
+}
+
+// GetAll returns the values of MapOpts as a map.
+func (opts *MapOpts) GetAll() map[string]string {
+	return opts.values
+}
+
+func (opts *MapOpts) String() string {
+	return fmt.Sprintf("%v", map[string]string((opts.values)))
+}
+
+// NewMapOpts creates a new MapOpts with the specified map of values and a validator.
+func NewMapOpts(values map[string]string, validator ValidatorFctType) *MapOpts {
+	if values == nil {
+		values = make(map[string]string)
+	}
+	return &MapOpts{
+		values:    values,
+		validator: validator,
+	}
+}
+
+// NamedMapOpts is a MapOpts struct with a configuration name.
+// This struct is useful to keep reference to the assigned
+// field name in the internal configuration struct.
+type NamedMapOpts struct {
+	name string
+	MapOpts
+}
+
+var _ NamedOption = &NamedMapOpts{}
+
+// NewNamedMapOpts creates a reference to a new NamedMapOpts struct.
+func NewNamedMapOpts(name string, values map[string]string, validator ValidatorFctType) *NamedMapOpts {
+	return &NamedMapOpts{
+		name:    name,
+		MapOpts: *NewMapOpts(values, validator),
+	}
+}
+
+// Name returns the name of the NamedMapOpts in the configuration.
+func (o *NamedMapOpts) Name() string {
+	return o.name
+}
+
+// ValidatorFctType defines a validator function that returns a validated string and/or an error.
+type ValidatorFctType func(val string) (string, error)
+
+// ValidatorFctListType defines a validator function that returns a validated list of string and/or an error
+type ValidatorFctListType func(val string) ([]string, error)
+
+// ValidateIPAddress validates an Ip address.
+func ValidateIPAddress(val string) (string, error) {
+	var ip = net.ParseIP(strings.TrimSpace(val))
+	if ip != nil {
+		return ip.String(), nil
+	}
+	return "", fmt.Errorf("%s is not an ip address", val)
+}
+
+// ValidateDNSSearch validates domain for resolvconf search configuration.
+// A zero length domain is represented by a dot (.).
+func ValidateDNSSearch(val string) (string, error) {
+	if val = strings.Trim(val, " "); val == "." {
+		return val, nil
+	}
+	return validateDomain(val)
+}
+
+func validateDomain(val string) (string, error) {
+	if alphaRegexp.FindString(val) == "" {
+		return "", fmt.Errorf("%s is not a valid domain", val)
+	}
+	ns := domainRegexp.FindSubmatch([]byte(val))
+	if len(ns) > 0 && len(ns[1]) < 255 {
+		return string(ns[1]), nil
+	}
+	return "", fmt.Errorf("%s is not a valid domain", val)
+}
+
+// ValidateLabel validates that the specified string is a valid label, and returns it.
+// Labels are in the form on key=value.
+func ValidateLabel(val string) (string, error) {
+	if strings.Count(val, "=") < 1 {
+		return "", fmt.Errorf("bad attribute format: %s", val)
+	}
+	return val, nil
+}
diff --git a/opts/opts_test.go b/opts/opts_test.go
new file mode 100644
index 00000000..9f41e478
--- /dev/null
+++ b/opts/opts_test.go
@@ -0,0 +1,232 @@
+package opts
+
+import (
+	"fmt"
+	"strings"
+	"testing"
+)
+
+func TestValidateIPAddress(t *testing.T) {
+	if ret, err := ValidateIPAddress(`1.2.3.4`); err != nil || ret == "" {
+		t.Fatalf("ValidateIPAddress(`1.2.3.4`) got %s %s", ret, err)
+	}
+
+	if ret, err := ValidateIPAddress(`127.0.0.1`); err != nil || ret == "" {
+		t.Fatalf("ValidateIPAddress(`127.0.0.1`) got %s %s", ret, err)
+	}
+
+	if ret, err := ValidateIPAddress(`::1`); err != nil || ret == "" {
+		t.Fatalf("ValidateIPAddress(`::1`) got %s %s", ret, err)
+	}
+
+	if ret, err := ValidateIPAddress(`127`); err == nil || ret != "" {
+		t.Fatalf("ValidateIPAddress(`127`) got %s %s", ret, err)
+	}
+
+	if ret, err := ValidateIPAddress(`random invalid string`); err == nil || ret != "" {
+		t.Fatalf("ValidateIPAddress(`random invalid string`) got %s %s", ret, err)
+	}
+
+}
+
+func TestMapOpts(t *testing.T) {
+	tmpMap := make(map[string]string)
+	o := NewMapOpts(tmpMap, logOptsValidator)
+	o.Set("max-size=1")
+	if o.String() != "map[max-size:1]" {
+		t.Errorf("%s != [map[max-size:1]", o.String())
+	}
+
+	o.Set("max-file=2")
+	if len(tmpMap) != 2 {
+		t.Errorf("map length %d != 2", len(tmpMap))
+	}
+
+	if tmpMap["max-file"] != "2" {
+		t.Errorf("max-file = %s != 2", tmpMap["max-file"])
+	}
+
+	if tmpMap["max-size"] != "1" {
+		t.Errorf("max-size = %s != 1", tmpMap["max-size"])
+	}
+	if o.Set("dummy-val=3") == nil {
+		t.Errorf("validator is not being called")
+	}
+}
+
+func TestListOptsWithoutValidator(t *testing.T) {
+	o := NewListOpts(nil)
+	o.Set("foo")
+	if o.String() != "[foo]" {
+		t.Errorf("%s != [foo]", o.String())
+	}
+	o.Set("bar")
+	if o.Len() != 2 {
+		t.Errorf("%d != 2", o.Len())
+	}
+	o.Set("bar")
+	if o.Len() != 3 {
+		t.Errorf("%d != 3", o.Len())
+	}
+	if !o.Get("bar") {
+		t.Error("o.Get(\"bar\") == false")
+	}
+	if o.Get("baz") {
+		t.Error("o.Get(\"baz\") == true")
+	}
+	o.Delete("foo")
+	if o.String() != "[bar bar]" {
+		t.Errorf("%s != [bar bar]", o.String())
+	}
+	listOpts := o.GetAll()
+	if len(listOpts) != 2 || listOpts[0] != "bar" || listOpts[1] != "bar" {
+		t.Errorf("Expected [[bar bar]], got [%v]", listOpts)
+	}
+	mapListOpts := o.GetMap()
+	if len(mapListOpts) != 1 {
+		t.Errorf("Expected [map[bar:{}]], got [%v]", mapListOpts)
+	}
+
+}
+
+func TestListOptsWithValidator(t *testing.T) {
+	// Re-using logOptsvalidator (used by MapOpts)
+	o := NewListOpts(logOptsValidator)
+	o.Set("foo")
+	if o.String() != "[]" {
+		t.Errorf("%s != []", o.String())
+	}
+	o.Set("foo=bar")
+	if o.String() != "[]" {
+		t.Errorf("%s != []", o.String())
+	}
+	o.Set("max-file=2")
+	if o.Len() != 1 {
+		t.Errorf("%d != 1", o.Len())
+	}
+	if !o.Get("max-file=2") {
+		t.Error("o.Get(\"max-file=2\") == false")
+	}
+	if o.Get("baz") {
+		t.Error("o.Get(\"baz\") == true")
+	}
+	o.Delete("max-file=2")
+	if o.String() != "[]" {
+		t.Errorf("%s != []", o.String())
+	}
+}
+
+func TestValidateDNSSearch(t *testing.T) {
+	valid := []string{
+		`.`,
+		`a`,
+		`a.`,
+		`1.foo`,
+		`17.foo`,
+		`foo.bar`,
+		`foo.bar.baz`,
+		`foo.bar.`,
+		`foo.bar.baz`,
+		`foo1.bar2`,
+		`foo1.bar2.baz`,
+		`1foo.2bar.`,
+		`1foo.2bar.baz`,
+		`foo-1.bar-2`,
+		`foo-1.bar-2.baz`,
+		`foo-1.bar-2.`,
+		`foo-1.bar-2.baz`,
+		`1-foo.2-bar`,
+		`1-foo.2-bar.baz`,
+		`1-foo.2-bar.`,
+		`1-foo.2-bar.baz`,
+	}
+
+	invalid := []string{
+		``,
+		` `,
+		`  `,
+		`17`,
+		`17.`,
+		`.17`,
+		`17-.`,
+		`17-.foo`,
+		`.foo`,
+		`foo-.bar`,
+		`-foo.bar`,
+		`foo.bar-`,
+		`foo.bar-.baz`,
+		`foo.-bar`,
+		`foo.-bar.baz`,
+		`foo.bar.baz.this.should.fail.on.long.name.beause.it.is.longer.thanisshouldbethis.should.fail.on.long.name.beause.it.is.longer.thanisshouldbethis.should.fail.on.long.name.beause.it.is.longer.thanisshouldbethis.should.fail.on.long.name.beause.it.is.longer.thanisshouldbe`,
+	}
+
+	for _, domain := range valid {
+		if ret, err := ValidateDNSSearch(domain); err != nil || ret == "" {
+			t.Fatalf("ValidateDNSSearch(`"+domain+"`) got %s %s", ret, err)
+		}
+	}
+
+	for _, domain := range invalid {
+		if ret, err := ValidateDNSSearch(domain); err == nil || ret != "" {
+			t.Fatalf("ValidateDNSSearch(`"+domain+"`) got %s %s", ret, err)
+		}
+	}
+}
+
+func TestValidateLabel(t *testing.T) {
+	if _, err := ValidateLabel("label"); err == nil || err.Error() != "bad attribute format: label" {
+		t.Fatalf("Expected an error [bad attribute format: label], go %v", err)
+	}
+	if actual, err := ValidateLabel("key1=value1"); err != nil || actual != "key1=value1" {
+		t.Fatalf("Expected [key1=value1], got [%v,%v]", actual, err)
+	}
+	// Validate it's working with more than one =
+	if actual, err := ValidateLabel("key1=value1=value2"); err != nil {
+		t.Fatalf("Expected [key1=value1=value2], got [%v,%v]", actual, err)
+	}
+	// Validate it's working with one more
+	if actual, err := ValidateLabel("key1=value1=value2=value3"); err != nil {
+		t.Fatalf("Expected [key1=value1=value2=value2], got [%v,%v]", actual, err)
+	}
+}
+
+func logOptsValidator(val string) (string, error) {
+	allowedKeys := map[string]string{"max-size": "1", "max-file": "2"}
+	vals := strings.Split(val, "=")
+	if allowedKeys[vals[0]] != "" {
+		return val, nil
+	}
+	return "", fmt.Errorf("invalid key %s", vals[0])
+}
+
+func TestNamedListOpts(t *testing.T) {
+	var v []string
+	o := NewNamedListOptsRef("foo-name", &v, nil)
+
+	o.Set("foo")
+	if o.String() != "[foo]" {
+		t.Errorf("%s != [foo]", o.String())
+	}
+	if o.Name() != "foo-name" {
+		t.Errorf("%s != foo-name", o.Name())
+	}
+	if len(v) != 1 {
+		t.Errorf("expected foo to be in the values, got %v", v)
+	}
+}
+
+func TestNamedMapOpts(t *testing.T) {
+	tmpMap := make(map[string]string)
+	o := NewNamedMapOpts("max-name", tmpMap, nil)
+
+	o.Set("max-size=1")
+	if o.String() != "map[max-size:1]" {
+		t.Errorf("%s != [map[max-size:1]", o.String())
+	}
+	if o.Name() != "max-name" {
+		t.Errorf("%s != max-name", o.Name())
+	}
+	if _, exist := tmpMap["max-size"]; !exist {
+		t.Errorf("expected map-size to be in the values, got %v", tmpMap)
+	}
+}
diff --git a/opts/opts_unix.go b/opts/opts_unix.go
new file mode 100644
index 00000000..f1ce844a
--- /dev/null
+++ b/opts/opts_unix.go
@@ -0,0 +1,6 @@
+// +build !windows
+
+package opts
+
+// DefaultHTTPHost Default HTTP Host used if only port is provided to -H flag e.g. docker daemon -H tcp://:8080
+const DefaultHTTPHost = "localhost"
diff --git a/opts/opts_windows.go b/opts/opts_windows.go
new file mode 100644
index 00000000..2a9e2be7
--- /dev/null
+++ b/opts/opts_windows.go
@@ -0,0 +1,56 @@
+package opts
+
+// TODO Windows. Identify bug in GOLang 1.5.1 and/or Windows Server 2016 TP4.
+// @jhowardmsft, @swernli.
+//
+// On Windows, this mitigates a problem with the default options of running
+// a docker client against a local docker daemon on TP4.
+//
+// What was found that if the default host is "localhost", even if the client
+// (and daemon as this is local) is not physically on a network, and the DNS
+// cache is flushed (ipconfig /flushdns), then the client will pause for
+// exactly one second when connecting to the daemon for calls. For example
+// using docker run windowsservercore cmd, the CLI will send a create followed
+// by an attach. You see the delay between the attach finishing and the attach
+// being seen by the daemon.
+//
+// Here's some daemon debug logs with additional debug spew put in. The
+// AfterWriteJSON log is the very last thing the daemon does as part of the
+// create call. The POST /attach is the second CLI call. Notice the second
+// time gap.
+//
+// time="2015-11-06T13:38:37.259627400-08:00" level=debug msg="After createRootfs"
+// time="2015-11-06T13:38:37.263626300-08:00" level=debug msg="After setHostConfig"
+// time="2015-11-06T13:38:37.267631200-08:00" level=debug msg="before createContainerPl...."
+// time="2015-11-06T13:38:37.271629500-08:00" level=debug msg=ToDiskLocking....
+// time="2015-11-06T13:38:37.275643200-08:00" level=debug msg="loggin event...."
+// time="2015-11-06T13:38:37.277627600-08:00" level=debug msg="logged event...."
+// time="2015-11-06T13:38:37.279631800-08:00" level=debug msg="In defer func"
+// time="2015-11-06T13:38:37.282628100-08:00" level=debug msg="After daemon.create"
+// time="2015-11-06T13:38:37.286651700-08:00" level=debug msg="return 2"
+// time="2015-11-06T13:38:37.289629500-08:00" level=debug msg="Returned from daemon.ContainerCreate"
+// time="2015-11-06T13:38:37.311629100-08:00" level=debug msg="After WriteJSON"
+// ... 1 second gap here....
+// time="2015-11-06T13:38:38.317866200-08:00" level=debug msg="Calling POST /v1.22/containers/984758282b842f779e805664b2c95d563adc9a979c8a3973e68c807843ee4757/attach"
+// time="2015-11-06T13:38:38.326882500-08:00" level=info msg="POST /v1.22/containers/984758282b842f779e805664b2c95d563adc9a979c8a3973e68c807843ee4757/attach?stderr=1&stdin=1&stdout=1&stream=1"
+//
+// We suspect this is either a bug introduced in GOLang 1.5.1, or that a change
+// in GOLang 1.5.1 (from 1.4.3) is exposing a bug in Windows TP4. In theory,
+// the Windows networking stack is supposed to resolve "localhost" internally,
+// without hitting DNS, or even reading the hosts file (which is why localhost
+// is commented out in the hosts file on Windows).
+//
+// We have validated that working around this using the actual IPv4 localhost
+// address does not cause the delay.
+//
+// This does not occur with the docker client built with 1.4.3 on the same
+// Windows TP4 build, regardless of whether the daemon is built using 1.5.1
+// or 1.4.3. It does not occur on Linux. We also verified we see the same thing
+// on a cross-compiled Windows binary (from Linux).
+//
+// Final note: This is a mitigation, not a 'real' fix. It is still susceptible
+// to the delay in TP4 if a user were to do 'docker run -H=tcp://localhost:2375...'
+// explicitly.
+
+// DefaultHTTPHost Default HTTP Host used if only port is provided to -H flag e.g. docker daemon -H tcp://:8080
+const DefaultHTTPHost = "127.0.0.1"
diff --git a/pkg/README.md b/pkg/README.md
new file mode 100644
index 00000000..c4b78a8a
--- /dev/null
+++ b/pkg/README.md
@@ -0,0 +1,11 @@
+pkg/ is a collection of utility packages used by the Docker project without being specific to its internals.
+
+Utility packages are kept separate from the docker core codebase to keep it as small and concise as possible.
+If some utilities grow larger and their APIs stabilize, they may be moved to their own repository under the
+Docker organization, to facilitate re-use by other projects. However that is not the priority.
+
+The directory `pkg` is named after the same directory in the camlistore project. Since Brad is a core
+Go maintainer, we thought it made sense to copy his methods for organizing Go code :) Thanks Brad!
+
+Because utility packages are small and neatly separated from the rest of the codebase, they are a good
+place to start for aspiring maintainers and contributors. Get in touch if you want to help maintain them!
diff --git a/pkg/aaparser/aaparser.go b/pkg/aaparser/aaparser.go
new file mode 100644
index 00000000..507298f4
--- /dev/null
+++ b/pkg/aaparser/aaparser.go
@@ -0,0 +1,92 @@
+// Package aaparser is a convenience package interacting with `apparmor_parser`.
+package aaparser
+
+import (
+	"fmt"
+	"os/exec"
+	"path/filepath"
+	"strconv"
+	"strings"
+)
+
+const (
+	binary = "apparmor_parser"
+)
+
+// GetVersion returns the major and minor version of apparmor_parser.
+func GetVersion() (int, error) {
+	output, err := cmd("", "--version")
+	if err != nil {
+		return -1, err
+	}
+
+	return parseVersion(output)
+}
+
+// LoadProfile runs `apparmor_parser -r -W` on a specified apparmor profile to
+// replace and write it to disk.
+func LoadProfile(profilePath string) error {
+	_, err := cmd(filepath.Dir(profilePath), "-r", "-W", filepath.Base(profilePath))
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+// cmd runs `apparmor_parser` with the passed arguments.
+func cmd(dir string, arg ...string) (string, error) {
+	c := exec.Command(binary, arg...)
+	c.Dir = dir
+
+	output, err := c.CombinedOutput()
+	if err != nil {
+		return "", fmt.Errorf("running `%s %s` failed with output: %s\nerror: %v", c.Path, strings.Join(c.Args, " "), string(output), err)
+	}
+
+	return string(output), nil
+}
+
+// parseVersion takes the output from `apparmor_parser --version` and returns
+// a representation of the {major, minor, patch} version as a single number of
+// the form MMmmPPP {major, minor, patch}.
+func parseVersion(output string) (int, error) {
+	// output is in the form of the following:
+	// AppArmor parser version 2.9.1
+	// Copyright (C) 1999-2008 Novell Inc.
+	// Copyright 2009-2012 Canonical Ltd.
+
+	lines := strings.SplitN(output, "\n", 2)
+	words := strings.Split(lines[0], " ")
+	version := words[len(words)-1]
+
+	// split by major minor version
+	v := strings.Split(version, ".")
+	if len(v) == 0 || len(v) > 3 {
+		return -1, fmt.Errorf("parsing version failed for output: `%s`", output)
+	}
+
+	// Default the versions to 0.
+	var majorVersion, minorVersion, patchLevel int
+
+	majorVersion, err := strconv.Atoi(v[0])
+	if err != nil {
+		return -1, err
+	}
+
+	if len(v) > 1 {
+		minorVersion, err = strconv.Atoi(v[1])
+		if err != nil {
+			return -1, err
+		}
+	}
+	if len(v) > 2 {
+		patchLevel, err = strconv.Atoi(v[2])
+		if err != nil {
+			return -1, err
+		}
+	}
+
+	// major*10^5 + minor*10^3 + patch*10^0
+	numericVersion := majorVersion*1e5 + minorVersion*1e3 + patchLevel
+	return numericVersion, nil
+}
diff --git a/pkg/aaparser/aaparser_test.go b/pkg/aaparser/aaparser_test.go
new file mode 100644
index 00000000..69bc8d2f
--- /dev/null
+++ b/pkg/aaparser/aaparser_test.go
@@ -0,0 +1,73 @@
+package aaparser
+
+import (
+	"testing"
+)
+
+type versionExpected struct {
+	output  string
+	version int
+}
+
+func TestParseVersion(t *testing.T) {
+	versions := []versionExpected{
+		{
+			output: `AppArmor parser version 2.10
+Copyright (C) 1999-2008 Novell Inc.
+Copyright 2009-2012 Canonical Ltd.
+
+`,
+			version: 210000,
+		},
+		{
+			output: `AppArmor parser version 2.8
+Copyright (C) 1999-2008 Novell Inc.
+Copyright 2009-2012 Canonical Ltd.
+
+`,
+			version: 208000,
+		},
+		{
+			output: `AppArmor parser version 2.20
+Copyright (C) 1999-2008 Novell Inc.
+Copyright 2009-2012 Canonical Ltd.
+
+`,
+			version: 220000,
+		},
+		{
+			output: `AppArmor parser version 2.05
+Copyright (C) 1999-2008 Novell Inc.
+Copyright 2009-2012 Canonical Ltd.
+
+`,
+			version: 205000,
+		},
+		{
+			output: `AppArmor parser version 2.9.95
+Copyright (C) 1999-2008 Novell Inc.
+Copyright 2009-2012 Canonical Ltd.
+
+`,
+			version: 209095,
+		},
+		{
+			output: `AppArmor parser version 3.14.159
+Copyright (C) 1999-2008 Novell Inc.
+Copyright 2009-2012 Canonical Ltd.
+
+`,
+			version: 314159,
+		},
+	}
+
+	for _, v := range versions {
+		version, err := parseVersion(v.output)
+		if err != nil {
+			t.Fatalf("expected error to be nil for %#v, got: %v", v, err)
+		}
+		if version != v.version {
+			t.Fatalf("expected version to be %d, was %d, for: %#v\n", v.version, version, v)
+		}
+	}
+}
diff --git a/pkg/archive/README.md b/pkg/archive/README.md
new file mode 100644
index 00000000..7307d969
--- /dev/null
+++ b/pkg/archive/README.md
@@ -0,0 +1 @@
+This code provides helper functions for dealing with archive files.
diff --git a/pkg/archive/archive.go b/pkg/archive/archive.go
new file mode 100644
index 00000000..47c56389
--- /dev/null
+++ b/pkg/archive/archive.go
@@ -0,0 +1,1087 @@
+package archive
+
+import (
+	"archive/tar"
+	"bufio"
+	"bytes"
+	"compress/bzip2"
+	"compress/gzip"
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"runtime"
+	"strings"
+	"syscall"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/pkg/fileutils"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/pkg/pools"
+	"github.com/docker/docker/pkg/promise"
+	"github.com/docker/docker/pkg/system"
+)
+
+type (
+	// Archive is a type of io.ReadCloser which has two interfaces Read and Closer.
+	Archive io.ReadCloser
+	// Reader is a type of io.Reader.
+	Reader io.Reader
+	// Compression is the state represents if compressed or not.
+	Compression int
+	// TarChownOptions wraps the chown options UID and GID.
+	TarChownOptions struct {
+		UID, GID int
+	}
+	// TarOptions wraps the tar options.
+	TarOptions struct {
+		IncludeFiles     []string
+		ExcludePatterns  []string
+		Compression      Compression
+		NoLchown         bool
+		UIDMaps          []idtools.IDMap
+		GIDMaps          []idtools.IDMap
+		ChownOpts        *TarChownOptions
+		IncludeSourceDir bool
+		// When unpacking, specifies whether overwriting a directory with a
+		// non-directory is allowed and vice versa.
+		NoOverwriteDirNonDir bool
+		// For each include when creating an archive, the included name will be
+		// replaced with the matching name from this map.
+		RebaseNames map[string]string
+	}
+
+	// Archiver allows the reuse of most utility functions of this package
+	// with a pluggable Untar function. Also, to facilitate the passing of
+	// specific id mappings for untar, an archiver can be created with maps
+	// which will then be passed to Untar operations
+	Archiver struct {
+		Untar   func(io.Reader, string, *TarOptions) error
+		UIDMaps []idtools.IDMap
+		GIDMaps []idtools.IDMap
+	}
+
+	// breakoutError is used to differentiate errors related to breaking out
+	// When testing archive breakout in the unit tests, this error is expected
+	// in order for the test to pass.
+	breakoutError error
+)
+
+var (
+	// ErrNotImplemented is the error message of function not implemented.
+	ErrNotImplemented = errors.New("Function not implemented")
+	defaultArchiver   = &Archiver{Untar: Untar, UIDMaps: nil, GIDMaps: nil}
+)
+
+const (
+	// HeaderSize is the size in bytes of a tar header
+	HeaderSize = 512
+)
+
+const (
+	// Uncompressed represents the uncompressed.
+	Uncompressed Compression = iota
+	// Bzip2 is bzip2 compression algorithm.
+	Bzip2
+	// Gzip is gzip compression algorithm.
+	Gzip
+	// Xz is xz compression algorithm.
+	Xz
+)
+
+// IsArchive checks for the magic bytes of a tar or any supported compression
+// algorithm.
+func IsArchive(header []byte) bool {
+	compression := DetectCompression(header)
+	if compression != Uncompressed {
+		return true
+	}
+	r := tar.NewReader(bytes.NewBuffer(header))
+	_, err := r.Next()
+	return err == nil
+}
+
+// IsArchivePath checks if the (possibly compressed) file at the given path
+// starts with a tar file header.
+func IsArchivePath(path string) bool {
+	file, err := os.Open(path)
+	if err != nil {
+		return false
+	}
+	defer file.Close()
+	rdr, err := DecompressStream(file)
+	if err != nil {
+		return false
+	}
+	r := tar.NewReader(rdr)
+	_, err = r.Next()
+	return err == nil
+}
+
+// DetectCompression detects the compression algorithm of the source.
+func DetectCompression(source []byte) Compression {
+	for compression, m := range map[Compression][]byte{
+		Bzip2: {0x42, 0x5A, 0x68},
+		Gzip:  {0x1F, 0x8B, 0x08},
+		Xz:    {0xFD, 0x37, 0x7A, 0x58, 0x5A, 0x00},
+	} {
+		if len(source) < len(m) {
+			logrus.Debugf("Len too short")
+			continue
+		}
+		if bytes.Compare(m, source[:len(m)]) == 0 {
+			return compression
+		}
+	}
+	return Uncompressed
+}
+
+func xzDecompress(archive io.Reader) (io.ReadCloser, <-chan struct{}, error) {
+	args := []string{"xz", "-d", "-c", "-q"}
+
+	return cmdStream(exec.Command(args[0], args[1:]...), archive)
+}
+
+// DecompressStream decompress the archive and returns a ReaderCloser with the decompressed archive.
+func DecompressStream(archive io.Reader) (io.ReadCloser, error) {
+	p := pools.BufioReader32KPool
+	buf := p.Get(archive)
+	bs, err := buf.Peek(10)
+	if err != nil && err != io.EOF {
+		// Note: we'll ignore any io.EOF error because there are some odd
+		// cases where the layer.tar file will be empty (zero bytes) and
+		// that results in an io.EOF from the Peek() call. So, in those
+		// cases we'll just treat it as a non-compressed stream and
+		// that means just create an empty layer.
+		// See Issue 18170
+		return nil, err
+	}
+
+	compression := DetectCompression(bs)
+	switch compression {
+	case Uncompressed:
+		readBufWrapper := p.NewReadCloserWrapper(buf, buf)
+		return readBufWrapper, nil
+	case Gzip:
+		gzReader, err := gzip.NewReader(buf)
+		if err != nil {
+			return nil, err
+		}
+		readBufWrapper := p.NewReadCloserWrapper(buf, gzReader)
+		return readBufWrapper, nil
+	case Bzip2:
+		bz2Reader := bzip2.NewReader(buf)
+		readBufWrapper := p.NewReadCloserWrapper(buf, bz2Reader)
+		return readBufWrapper, nil
+	case Xz:
+		xzReader, chdone, err := xzDecompress(buf)
+		if err != nil {
+			return nil, err
+		}
+		readBufWrapper := p.NewReadCloserWrapper(buf, xzReader)
+		return ioutils.NewReadCloserWrapper(readBufWrapper, func() error {
+			<-chdone
+			return readBufWrapper.Close()
+		}), nil
+	default:
+		return nil, fmt.Errorf("Unsupported compression format %s", (&compression).Extension())
+	}
+}
+
+// CompressStream compresses the dest with specified compression algorithm.
+func CompressStream(dest io.WriteCloser, compression Compression) (io.WriteCloser, error) {
+	p := pools.BufioWriter32KPool
+	buf := p.Get(dest)
+	switch compression {
+	case Uncompressed:
+		writeBufWrapper := p.NewWriteCloserWrapper(buf, buf)
+		return writeBufWrapper, nil
+	case Gzip:
+		gzWriter := gzip.NewWriter(dest)
+		writeBufWrapper := p.NewWriteCloserWrapper(buf, gzWriter)
+		return writeBufWrapper, nil
+	case Bzip2, Xz:
+		// archive/bzip2 does not support writing, and there is no xz support at all
+		// However, this is not a problem as docker only currently generates gzipped tars
+		return nil, fmt.Errorf("Unsupported compression format %s", (&compression).Extension())
+	default:
+		return nil, fmt.Errorf("Unsupported compression format %s", (&compression).Extension())
+	}
+}
+
+// Extension returns the extension of a file that uses the specified compression algorithm.
+func (compression *Compression) Extension() string {
+	switch *compression {
+	case Uncompressed:
+		return "tar"
+	case Bzip2:
+		return "tar.bz2"
+	case Gzip:
+		return "tar.gz"
+	case Xz:
+		return "tar.xz"
+	}
+	return ""
+}
+
+type tarAppender struct {
+	TarWriter *tar.Writer
+	Buffer    *bufio.Writer
+
+	// for hardlink mapping
+	SeenFiles map[uint64]string
+	UIDMaps   []idtools.IDMap
+	GIDMaps   []idtools.IDMap
+}
+
+// canonicalTarName provides a platform-independent and consistent posix-style
+//path for files and directories to be archived regardless of the platform.
+func canonicalTarName(name string, isDir bool) (string, error) {
+	name, err := CanonicalTarNameForPath(name)
+	if err != nil {
+		return "", err
+	}
+
+	// suffix with '/' for directories
+	if isDir && !strings.HasSuffix(name, "/") {
+		name += "/"
+	}
+	return name, nil
+}
+
+func (ta *tarAppender) addTarFile(path, name string) error {
+	fi, err := os.Lstat(path)
+	if err != nil {
+		return err
+	}
+
+	link := ""
+	if fi.Mode()&os.ModeSymlink != 0 {
+		if link, err = os.Readlink(path); err != nil {
+			return err
+		}
+	}
+
+	hdr, err := tar.FileInfoHeader(fi, link)
+	if err != nil {
+		return err
+	}
+	hdr.Mode = int64(chmodTarEntry(os.FileMode(hdr.Mode)))
+
+	name, err = canonicalTarName(name, fi.IsDir())
+	if err != nil {
+		return fmt.Errorf("tar: cannot canonicalize path: %v", err)
+	}
+	hdr.Name = name
+
+	inode, err := setHeaderForSpecialDevice(hdr, ta, name, fi.Sys())
+	if err != nil {
+		return err
+	}
+
+	// if it's not a directory and has more than 1 link,
+	// it's hardlinked, so set the type flag accordingly
+	if !fi.IsDir() && hasHardlinks(fi) {
+		// a link should have a name that it links too
+		// and that linked name should be first in the tar archive
+		if oldpath, ok := ta.SeenFiles[inode]; ok {
+			hdr.Typeflag = tar.TypeLink
+			hdr.Linkname = oldpath
+			hdr.Size = 0 // This Must be here for the writer math to add up!
+		} else {
+			ta.SeenFiles[inode] = name
+		}
+	}
+
+	capability, _ := system.Lgetxattr(path, "security.capability")
+	if capability != nil {
+		hdr.Xattrs = make(map[string]string)
+		hdr.Xattrs["security.capability"] = string(capability)
+	}
+
+	//handle re-mapping container ID mappings back to host ID mappings before
+	//writing tar headers/files. We skip whiteout files because they were written
+	//by the kernel and already have proper ownership relative to the host
+	if !strings.HasPrefix(filepath.Base(hdr.Name), WhiteoutPrefix) && (ta.UIDMaps != nil || ta.GIDMaps != nil) {
+		uid, gid, err := getFileUIDGID(fi.Sys())
+		if err != nil {
+			return err
+		}
+		xUID, err := idtools.ToContainer(uid, ta.UIDMaps)
+		if err != nil {
+			return err
+		}
+		xGID, err := idtools.ToContainer(gid, ta.GIDMaps)
+		if err != nil {
+			return err
+		}
+		hdr.Uid = xUID
+		hdr.Gid = xGID
+	}
+
+	if err := ta.TarWriter.WriteHeader(hdr); err != nil {
+		return err
+	}
+
+	if hdr.Typeflag == tar.TypeReg {
+		file, err := os.Open(path)
+		if err != nil {
+			return err
+		}
+
+		ta.Buffer.Reset(ta.TarWriter)
+		defer ta.Buffer.Reset(nil)
+		_, err = io.Copy(ta.Buffer, file)
+		file.Close()
+		if err != nil {
+			return err
+		}
+		err = ta.Buffer.Flush()
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func createTarFile(path, extractDir string, hdr *tar.Header, reader io.Reader, Lchown bool, chownOpts *TarChownOptions) error {
+	// hdr.Mode is in linux format, which we can use for sycalls,
+	// but for os.Foo() calls we need the mode converted to os.FileMode,
+	// so use hdrInfo.Mode() (they differ for e.g. setuid bits)
+	hdrInfo := hdr.FileInfo()
+
+	switch hdr.Typeflag {
+	case tar.TypeDir:
+		// Create directory unless it exists as a directory already.
+		// In that case we just want to merge the two
+		if fi, err := os.Lstat(path); !(err == nil && fi.IsDir()) {
+			if err := os.Mkdir(path, hdrInfo.Mode()); err != nil {
+				return err
+			}
+		}
+
+	case tar.TypeReg, tar.TypeRegA:
+		// Source is regular file
+		file, err := os.OpenFile(path, os.O_CREATE|os.O_WRONLY, hdrInfo.Mode())
+		if err != nil {
+			return err
+		}
+		if _, err := io.Copy(file, reader); err != nil {
+			file.Close()
+			return err
+		}
+		file.Close()
+
+	case tar.TypeBlock, tar.TypeChar, tar.TypeFifo:
+		// Handle this is an OS-specific way
+		if err := handleTarTypeBlockCharFifo(hdr, path); err != nil {
+			return err
+		}
+
+	case tar.TypeLink:
+		targetPath := filepath.Join(extractDir, hdr.Linkname)
+		// check for hardlink breakout
+		if !strings.HasPrefix(targetPath, extractDir) {
+			return breakoutError(fmt.Errorf("invalid hardlink %q -> %q", targetPath, hdr.Linkname))
+		}
+		if err := os.Link(targetPath, path); err != nil {
+			return err
+		}
+
+	case tar.TypeSymlink:
+		// 	path 				-> hdr.Linkname = targetPath
+		// e.g. /extractDir/path/to/symlink 	-> ../2/file	= /extractDir/path/2/file
+		targetPath := filepath.Join(filepath.Dir(path), hdr.Linkname)
+
+		// the reason we don't need to check symlinks in the path (with FollowSymlinkInScope) is because
+		// that symlink would first have to be created, which would be caught earlier, at this very check:
+		if !strings.HasPrefix(targetPath, extractDir) {
+			return breakoutError(fmt.Errorf("invalid symlink %q -> %q", path, hdr.Linkname))
+		}
+		if err := os.Symlink(hdr.Linkname, path); err != nil {
+			return err
+		}
+
+	case tar.TypeXGlobalHeader:
+		logrus.Debugf("PAX Global Extended Headers found and ignored")
+		return nil
+
+	default:
+		return fmt.Errorf("Unhandled tar header type %d\n", hdr.Typeflag)
+	}
+
+	// Lchown is not supported on Windows.
+	if Lchown && runtime.GOOS != "windows" {
+		if chownOpts == nil {
+			chownOpts = &TarChownOptions{UID: hdr.Uid, GID: hdr.Gid}
+		}
+		if err := os.Lchown(path, chownOpts.UID, chownOpts.GID); err != nil {
+			return err
+		}
+	}
+
+	for key, value := range hdr.Xattrs {
+		if err := system.Lsetxattr(path, key, []byte(value), 0); err != nil {
+			return err
+		}
+	}
+
+	// There is no LChmod, so ignore mode for symlink. Also, this
+	// must happen after chown, as that can modify the file mode
+	if err := handleLChmod(hdr, path, hdrInfo); err != nil {
+		return err
+	}
+
+	aTime := hdr.AccessTime
+	if aTime.Before(hdr.ModTime) {
+		// Last access time should never be before last modified time.
+		aTime = hdr.ModTime
+	}
+
+	// system.Chtimes doesn't support a NOFOLLOW flag atm
+	if hdr.Typeflag == tar.TypeLink {
+		if fi, err := os.Lstat(hdr.Linkname); err == nil && (fi.Mode()&os.ModeSymlink == 0) {
+			if err := system.Chtimes(path, aTime, hdr.ModTime); err != nil {
+				return err
+			}
+		}
+	} else if hdr.Typeflag != tar.TypeSymlink {
+		if err := system.Chtimes(path, aTime, hdr.ModTime); err != nil {
+			return err
+		}
+	} else {
+		ts := []syscall.Timespec{timeToTimespec(aTime), timeToTimespec(hdr.ModTime)}
+		if err := system.LUtimesNano(path, ts); err != nil && err != system.ErrNotSupportedPlatform {
+			return err
+		}
+	}
+	return nil
+}
+
+// Tar creates an archive from the directory at `path`, and returns it as a
+// stream of bytes.
+func Tar(path string, compression Compression) (io.ReadCloser, error) {
+	return TarWithOptions(path, &TarOptions{Compression: compression})
+}
+
+// TarWithOptions creates an archive from the directory at `path`, only including files whose relative
+// paths are included in `options.IncludeFiles` (if non-nil) or not in `options.ExcludePatterns`.
+func TarWithOptions(srcPath string, options *TarOptions) (io.ReadCloser, error) {
+
+	// Fix the source path to work with long path names. This is a no-op
+	// on platforms other than Windows.
+	srcPath = fixVolumePathPrefix(srcPath)
+
+	patterns, patDirs, exceptions, err := fileutils.CleanPatterns(options.ExcludePatterns)
+
+	if err != nil {
+		return nil, err
+	}
+
+	pipeReader, pipeWriter := io.Pipe()
+
+	compressWriter, err := CompressStream(pipeWriter, options.Compression)
+	if err != nil {
+		return nil, err
+	}
+
+	go func() {
+		ta := &tarAppender{
+			TarWriter: tar.NewWriter(compressWriter),
+			Buffer:    pools.BufioWriter32KPool.Get(nil),
+			SeenFiles: make(map[uint64]string),
+			UIDMaps:   options.UIDMaps,
+			GIDMaps:   options.GIDMaps,
+		}
+
+		defer func() {
+			// Make sure to check the error on Close.
+			if err := ta.TarWriter.Close(); err != nil {
+				logrus.Errorf("Can't close tar writer: %s", err)
+			}
+			if err := compressWriter.Close(); err != nil {
+				logrus.Errorf("Can't close compress writer: %s", err)
+			}
+			if err := pipeWriter.Close(); err != nil {
+				logrus.Errorf("Can't close pipe writer: %s", err)
+			}
+		}()
+
+		// this buffer is needed for the duration of this piped stream
+		defer pools.BufioWriter32KPool.Put(ta.Buffer)
+
+		// In general we log errors here but ignore them because
+		// during e.g. a diff operation the container can continue
+		// mutating the filesystem and we can see transient errors
+		// from this
+
+		stat, err := os.Lstat(srcPath)
+		if err != nil {
+			return
+		}
+
+		if !stat.IsDir() {
+			// We can't later join a non-dir with any includes because the
+			// 'walk' will error if "file/." is stat-ed and "file" is not a
+			// directory. So, we must split the source path and use the
+			// basename as the include.
+			if len(options.IncludeFiles) > 0 {
+				logrus.Warn("Tar: Can't archive a file with includes")
+			}
+
+			dir, base := SplitPathDirEntry(srcPath)
+			srcPath = dir
+			options.IncludeFiles = []string{base}
+		}
+
+		if len(options.IncludeFiles) == 0 {
+			options.IncludeFiles = []string{"."}
+		}
+
+		seen := make(map[string]bool)
+
+		for _, include := range options.IncludeFiles {
+			rebaseName := options.RebaseNames[include]
+
+			walkRoot := getWalkRoot(srcPath, include)
+			filepath.Walk(walkRoot, func(filePath string, f os.FileInfo, err error) error {
+				if err != nil {
+					logrus.Errorf("Tar: Can't stat file %s to tar: %s", srcPath, err)
+					return nil
+				}
+
+				relFilePath, err := filepath.Rel(srcPath, filePath)
+				if err != nil || (!options.IncludeSourceDir && relFilePath == "." && f.IsDir()) {
+					// Error getting relative path OR we are looking
+					// at the source directory path. Skip in both situations.
+					return nil
+				}
+
+				if options.IncludeSourceDir && include == "." && relFilePath != "." {
+					relFilePath = strings.Join([]string{".", relFilePath}, string(filepath.Separator))
+				}
+
+				skip := false
+
+				// If "include" is an exact match for the current file
+				// then even if there's an "excludePatterns" pattern that
+				// matches it, don't skip it. IOW, assume an explicit 'include'
+				// is asking for that file no matter what - which is true
+				// for some files, like .dockerignore and Dockerfile (sometimes)
+				if include != relFilePath {
+					skip, err = fileutils.OptimizedMatches(relFilePath, patterns, patDirs)
+					if err != nil {
+						logrus.Errorf("Error matching %s: %v", relFilePath, err)
+						return err
+					}
+				}
+
+				if skip {
+					// If we want to skip this file and its a directory
+					// then we should first check to see if there's an
+					// excludes pattern (eg !dir/file) that starts with this
+					// dir. If so then we can't skip this dir.
+
+					// Its not a dir then so we can just return/skip.
+					if !f.IsDir() {
+						return nil
+					}
+
+					// No exceptions (!...) in patterns so just skip dir
+					if !exceptions {
+						return filepath.SkipDir
+					}
+
+					dirSlash := relFilePath + string(filepath.Separator)
+
+					for _, pat := range patterns {
+						if pat[0] != '!' {
+							continue
+						}
+						pat = pat[1:] + string(filepath.Separator)
+						if strings.HasPrefix(pat, dirSlash) {
+							// found a match - so can't skip this dir
+							return nil
+						}
+					}
+
+					// No matching exclusion dir so just skip dir
+					return filepath.SkipDir
+				}
+
+				if seen[relFilePath] {
+					return nil
+				}
+				seen[relFilePath] = true
+
+				// Rename the base resource.
+				if rebaseName != "" {
+					var replacement string
+					if rebaseName != string(filepath.Separator) {
+						// Special case the root directory to replace with an
+						// empty string instead so that we don't end up with
+						// double slashes in the paths.
+						replacement = rebaseName
+					}
+
+					relFilePath = strings.Replace(relFilePath, include, replacement, 1)
+				}
+
+				if err := ta.addTarFile(filePath, relFilePath); err != nil {
+					logrus.Errorf("Can't add file %s to tar: %s", filePath, err)
+					// if pipe is broken, stop writting tar stream to it
+					if err == io.ErrClosedPipe {
+						return err
+					}
+				}
+				return nil
+			})
+		}
+	}()
+
+	return pipeReader, nil
+}
+
+// Unpack unpacks the decompressedArchive to dest with options.
+func Unpack(decompressedArchive io.Reader, dest string, options *TarOptions) error {
+	tr := tar.NewReader(decompressedArchive)
+	trBuf := pools.BufioReader32KPool.Get(nil)
+	defer pools.BufioReader32KPool.Put(trBuf)
+
+	var dirs []*tar.Header
+	remappedRootUID, remappedRootGID, err := idtools.GetRootUIDGID(options.UIDMaps, options.GIDMaps)
+	if err != nil {
+		return err
+	}
+
+	// Iterate through the files in the archive.
+loop:
+	for {
+		hdr, err := tr.Next()
+		if err == io.EOF {
+			// end of tar archive
+			break
+		}
+		if err != nil {
+			return err
+		}
+
+		// Normalize name, for safety and for a simple is-root check
+		// This keeps "../" as-is, but normalizes "/../" to "/". Or Windows:
+		// This keeps "..\" as-is, but normalizes "\..\" to "\".
+		hdr.Name = filepath.Clean(hdr.Name)
+
+		for _, exclude := range options.ExcludePatterns {
+			if strings.HasPrefix(hdr.Name, exclude) {
+				continue loop
+			}
+		}
+
+		// After calling filepath.Clean(hdr.Name) above, hdr.Name will now be in
+		// the filepath format for the OS on which the daemon is running. Hence
+		// the check for a slash-suffix MUST be done in an OS-agnostic way.
+		if !strings.HasSuffix(hdr.Name, string(os.PathSeparator)) {
+			// Not the root directory, ensure that the parent directory exists
+			parent := filepath.Dir(hdr.Name)
+			parentPath := filepath.Join(dest, parent)
+			if _, err := os.Lstat(parentPath); err != nil && os.IsNotExist(err) {
+				err = idtools.MkdirAllNewAs(parentPath, 0777, remappedRootUID, remappedRootGID)
+				if err != nil {
+					return err
+				}
+			}
+		}
+
+		path := filepath.Join(dest, hdr.Name)
+		rel, err := filepath.Rel(dest, path)
+		if err != nil {
+			return err
+		}
+		if strings.HasPrefix(rel, ".."+string(os.PathSeparator)) {
+			return breakoutError(fmt.Errorf("%q is outside of %q", hdr.Name, dest))
+		}
+
+		// If path exits we almost always just want to remove and replace it
+		// The only exception is when it is a directory *and* the file from
+		// the layer is also a directory. Then we want to merge them (i.e.
+		// just apply the metadata from the layer).
+		if fi, err := os.Lstat(path); err == nil {
+			if options.NoOverwriteDirNonDir && fi.IsDir() && hdr.Typeflag != tar.TypeDir {
+				// If NoOverwriteDirNonDir is true then we cannot replace
+				// an existing directory with a non-directory from the archive.
+				return fmt.Errorf("cannot overwrite directory %q with non-directory %q", path, dest)
+			}
+
+			if options.NoOverwriteDirNonDir && !fi.IsDir() && hdr.Typeflag == tar.TypeDir {
+				// If NoOverwriteDirNonDir is true then we cannot replace
+				// an existing non-directory with a directory from the archive.
+				return fmt.Errorf("cannot overwrite non-directory %q with directory %q", path, dest)
+			}
+
+			if fi.IsDir() && hdr.Name == "." {
+				continue
+			}
+
+			if !(fi.IsDir() && hdr.Typeflag == tar.TypeDir) {
+				if err := os.RemoveAll(path); err != nil {
+					return err
+				}
+			}
+		}
+		trBuf.Reset(tr)
+
+		// if the options contain a uid & gid maps, convert header uid/gid
+		// entries using the maps such that lchown sets the proper mapped
+		// uid/gid after writing the file. We only perform this mapping if
+		// the file isn't already owned by the remapped root UID or GID, as
+		// that specific uid/gid has no mapping from container -> host, and
+		// those files already have the proper ownership for inside the
+		// container.
+		if hdr.Uid != remappedRootUID {
+			xUID, err := idtools.ToHost(hdr.Uid, options.UIDMaps)
+			if err != nil {
+				return err
+			}
+			hdr.Uid = xUID
+		}
+		if hdr.Gid != remappedRootGID {
+			xGID, err := idtools.ToHost(hdr.Gid, options.GIDMaps)
+			if err != nil {
+				return err
+			}
+			hdr.Gid = xGID
+		}
+
+		if err := createTarFile(path, dest, hdr, trBuf, !options.NoLchown, options.ChownOpts); err != nil {
+			return err
+		}
+
+		// Directory mtimes must be handled at the end to avoid further
+		// file creation in them to modify the directory mtime
+		if hdr.Typeflag == tar.TypeDir {
+			dirs = append(dirs, hdr)
+		}
+	}
+
+	for _, hdr := range dirs {
+		path := filepath.Join(dest, hdr.Name)
+
+		if err := system.Chtimes(path, hdr.AccessTime, hdr.ModTime); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// Untar reads a stream of bytes from `archive`, parses it as a tar archive,
+// and unpacks it into the directory at `dest`.
+// The archive may be compressed with one of the following algorithms:
+//  identity (uncompressed), gzip, bzip2, xz.
+// FIXME: specify behavior when target path exists vs. doesn't exist.
+func Untar(tarArchive io.Reader, dest string, options *TarOptions) error {
+	return untarHandler(tarArchive, dest, options, true)
+}
+
+// UntarUncompressed reads a stream of bytes from `archive`, parses it as a tar archive,
+// and unpacks it into the directory at `dest`.
+// The archive must be an uncompressed stream.
+func UntarUncompressed(tarArchive io.Reader, dest string, options *TarOptions) error {
+	return untarHandler(tarArchive, dest, options, false)
+}
+
+// Handler for teasing out the automatic decompression
+func untarHandler(tarArchive io.Reader, dest string, options *TarOptions, decompress bool) error {
+	if tarArchive == nil {
+		return fmt.Errorf("Empty archive")
+	}
+	dest = filepath.Clean(dest)
+	if options == nil {
+		options = &TarOptions{}
+	}
+	if options.ExcludePatterns == nil {
+		options.ExcludePatterns = []string{}
+	}
+
+	r := tarArchive
+	if decompress {
+		decompressedArchive, err := DecompressStream(tarArchive)
+		if err != nil {
+			return err
+		}
+		defer decompressedArchive.Close()
+		r = decompressedArchive
+	}
+
+	return Unpack(r, dest, options)
+}
+
+// TarUntar is a convenience function which calls Tar and Untar, with the output of one piped into the other.
+// If either Tar or Untar fails, TarUntar aborts and returns the error.
+func (archiver *Archiver) TarUntar(src, dst string) error {
+	logrus.Debugf("TarUntar(%s %s)", src, dst)
+	archive, err := TarWithOptions(src, &TarOptions{Compression: Uncompressed})
+	if err != nil {
+		return err
+	}
+	defer archive.Close()
+
+	var options *TarOptions
+	if archiver.UIDMaps != nil || archiver.GIDMaps != nil {
+		options = &TarOptions{
+			UIDMaps: archiver.UIDMaps,
+			GIDMaps: archiver.GIDMaps,
+		}
+	}
+	return archiver.Untar(archive, dst, options)
+}
+
+// TarUntar is a convenience function which calls Tar and Untar, with the output of one piped into the other.
+// If either Tar or Untar fails, TarUntar aborts and returns the error.
+func TarUntar(src, dst string) error {
+	return defaultArchiver.TarUntar(src, dst)
+}
+
+// UntarPath untar a file from path to a destination, src is the source tar file path.
+func (archiver *Archiver) UntarPath(src, dst string) error {
+	archive, err := os.Open(src)
+	if err != nil {
+		return err
+	}
+	defer archive.Close()
+	var options *TarOptions
+	if archiver.UIDMaps != nil || archiver.GIDMaps != nil {
+		options = &TarOptions{
+			UIDMaps: archiver.UIDMaps,
+			GIDMaps: archiver.GIDMaps,
+		}
+	}
+	return archiver.Untar(archive, dst, options)
+}
+
+// UntarPath is a convenience function which looks for an archive
+// at filesystem path `src`, and unpacks it at `dst`.
+func UntarPath(src, dst string) error {
+	return defaultArchiver.UntarPath(src, dst)
+}
+
+// CopyWithTar creates a tar archive of filesystem path `src`, and
+// unpacks it at filesystem path `dst`.
+// The archive is streamed directly with fixed buffering and no
+// intermediary disk IO.
+func (archiver *Archiver) CopyWithTar(src, dst string) error {
+	srcSt, err := os.Stat(src)
+	if err != nil {
+		return err
+	}
+	if !srcSt.IsDir() {
+		return archiver.CopyFileWithTar(src, dst)
+	}
+
+	// if this archiver is set up with ID mapping we need to create
+	// the new destination directory with the remapped root UID/GID pair
+	// as owner
+	rootUID, rootGID, err := idtools.GetRootUIDGID(archiver.UIDMaps, archiver.GIDMaps)
+	if err != nil {
+		return err
+	}
+	// Create dst, copy src's content into it
+	logrus.Debugf("Creating dest directory: %s", dst)
+	if err := idtools.MkdirAllNewAs(dst, 0755, rootUID, rootGID); err != nil {
+		return err
+	}
+	logrus.Debugf("Calling TarUntar(%s, %s)", src, dst)
+	return archiver.TarUntar(src, dst)
+}
+
+// CopyWithTar creates a tar archive of filesystem path `src`, and
+// unpacks it at filesystem path `dst`.
+// The archive is streamed directly with fixed buffering and no
+// intermediary disk IO.
+func CopyWithTar(src, dst string) error {
+	return defaultArchiver.CopyWithTar(src, dst)
+}
+
+// CopyFileWithTar emulates the behavior of the 'cp' command-line
+// for a single file. It copies a regular file from path `src` to
+// path `dst`, and preserves all its metadata.
+func (archiver *Archiver) CopyFileWithTar(src, dst string) (err error) {
+	logrus.Debugf("CopyFileWithTar(%s, %s)", src, dst)
+	srcSt, err := os.Stat(src)
+	if err != nil {
+		return err
+	}
+
+	if srcSt.IsDir() {
+		return fmt.Errorf("Can't copy a directory")
+	}
+
+	// Clean up the trailing slash. This must be done in an operating
+	// system specific manner.
+	if dst[len(dst)-1] == os.PathSeparator {
+		dst = filepath.Join(dst, filepath.Base(src))
+	}
+	// Create the holding directory if necessary
+	if err := system.MkdirAll(filepath.Dir(dst), 0700); err != nil {
+		return err
+	}
+
+	r, w := io.Pipe()
+	errC := promise.Go(func() error {
+		defer w.Close()
+
+		srcF, err := os.Open(src)
+		if err != nil {
+			return err
+		}
+		defer srcF.Close()
+
+		hdr, err := tar.FileInfoHeader(srcSt, "")
+		if err != nil {
+			return err
+		}
+		hdr.Name = filepath.Base(dst)
+		hdr.Mode = int64(chmodTarEntry(os.FileMode(hdr.Mode)))
+
+		remappedRootUID, remappedRootGID, err := idtools.GetRootUIDGID(archiver.UIDMaps, archiver.GIDMaps)
+		if err != nil {
+			return err
+		}
+
+		// only perform mapping if the file being copied isn't already owned by the
+		// uid or gid of the remapped root in the container
+		if remappedRootUID != hdr.Uid {
+			xUID, err := idtools.ToHost(hdr.Uid, archiver.UIDMaps)
+			if err != nil {
+				return err
+			}
+			hdr.Uid = xUID
+		}
+		if remappedRootGID != hdr.Gid {
+			xGID, err := idtools.ToHost(hdr.Gid, archiver.GIDMaps)
+			if err != nil {
+				return err
+			}
+			hdr.Gid = xGID
+		}
+
+		tw := tar.NewWriter(w)
+		defer tw.Close()
+		if err := tw.WriteHeader(hdr); err != nil {
+			return err
+		}
+		if _, err := io.Copy(tw, srcF); err != nil {
+			return err
+		}
+		return nil
+	})
+	defer func() {
+		if er := <-errC; err != nil {
+			err = er
+		}
+	}()
+
+	err = archiver.Untar(r, filepath.Dir(dst), nil)
+	if err != nil {
+		r.CloseWithError(err)
+	}
+	return err
+}
+
+// CopyFileWithTar emulates the behavior of the 'cp' command-line
+// for a single file. It copies a regular file from path `src` to
+// path `dst`, and preserves all its metadata.
+//
+// Destination handling is in an operating specific manner depending
+// where the daemon is running. If `dst` ends with a trailing slash
+// the final destination path will be `dst/base(src)`  (Linux) or
+// `dst\base(src)` (Windows).
+func CopyFileWithTar(src, dst string) (err error) {
+	return defaultArchiver.CopyFileWithTar(src, dst)
+}
+
+// cmdStream executes a command, and returns its stdout as a stream.
+// If the command fails to run or doesn't complete successfully, an error
+// will be returned, including anything written on stderr.
+func cmdStream(cmd *exec.Cmd, input io.Reader) (io.ReadCloser, <-chan struct{}, error) {
+	chdone := make(chan struct{})
+	cmd.Stdin = input
+	pipeR, pipeW := io.Pipe()
+	cmd.Stdout = pipeW
+	var errBuf bytes.Buffer
+	cmd.Stderr = &errBuf
+
+	// Run the command and return the pipe
+	if err := cmd.Start(); err != nil {
+		return nil, nil, err
+	}
+
+	// Copy stdout to the returned pipe
+	go func() {
+		if err := cmd.Wait(); err != nil {
+			pipeW.CloseWithError(fmt.Errorf("%s: %s", err, errBuf.String()))
+		} else {
+			pipeW.Close()
+		}
+		close(chdone)
+	}()
+
+	return pipeR, chdone, nil
+}
+
+// NewTempArchive reads the content of src into a temporary file, and returns the contents
+// of that file as an archive. The archive can only be read once - as soon as reading completes,
+// the file will be deleted.
+func NewTempArchive(src Archive, dir string) (*TempArchive, error) {
+	f, err := ioutil.TempFile(dir, "")
+	if err != nil {
+		return nil, err
+	}
+	if _, err := io.Copy(f, src); err != nil {
+		return nil, err
+	}
+	if _, err := f.Seek(0, 0); err != nil {
+		return nil, err
+	}
+	st, err := f.Stat()
+	if err != nil {
+		return nil, err
+	}
+	size := st.Size()
+	return &TempArchive{File: f, Size: size}, nil
+}
+
+// TempArchive is a temporary archive. The archive can only be read once - as soon as reading completes,
+// the file will be deleted.
+type TempArchive struct {
+	*os.File
+	Size   int64 // Pre-computed from Stat().Size() as a convenience
+	read   int64
+	closed bool
+}
+
+// Close closes the underlying file if it's still open, or does a no-op
+// to allow callers to try to close the TempArchive multiple times safely.
+func (archive *TempArchive) Close() error {
+	if archive.closed {
+		return nil
+	}
+
+	archive.closed = true
+
+	return archive.File.Close()
+}
+
+func (archive *TempArchive) Read(data []byte) (int, error) {
+	n, err := archive.File.Read(data)
+	archive.read += int64(n)
+	if err != nil || archive.read == archive.Size {
+		archive.Close()
+		os.Remove(archive.File.Name())
+	}
+	return n, err
+}
diff --git a/pkg/archive/archive_test.go b/pkg/archive/archive_test.go
new file mode 100644
index 00000000..495cac83
--- /dev/null
+++ b/pkg/archive/archive_test.go
@@ -0,0 +1,1148 @@
+package archive
+
+import (
+	"archive/tar"
+	"bytes"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"runtime"
+	"strings"
+	"testing"
+	"time"
+)
+
+var tmp string
+
+func init() {
+	tmp = "/tmp/"
+	if runtime.GOOS == "windows" {
+		tmp = os.Getenv("TEMP") + `\`
+	}
+}
+
+func TestIsArchiveNilHeader(t *testing.T) {
+	out := IsArchive(nil)
+	if out {
+		t.Fatalf("isArchive should return false as nil is not a valid archive header")
+	}
+}
+
+func TestIsArchiveInvalidHeader(t *testing.T) {
+	header := []byte{0x00, 0x01, 0x02}
+	out := IsArchive(header)
+	if out {
+		t.Fatalf("isArchive should return false as %s is not a valid archive header", header)
+	}
+}
+
+func TestIsArchiveBzip2(t *testing.T) {
+	header := []byte{0x42, 0x5A, 0x68}
+	out := IsArchive(header)
+	if !out {
+		t.Fatalf("isArchive should return true as %s is a bz2 header", header)
+	}
+}
+
+func TestIsArchive7zip(t *testing.T) {
+	header := []byte{0x50, 0x4b, 0x03, 0x04}
+	out := IsArchive(header)
+	if out {
+		t.Fatalf("isArchive should return false as %s is a 7z header and it is not supported", header)
+	}
+}
+
+func TestIsArchivePathDir(t *testing.T) {
+	cmd := exec.Command("sh", "-c", "mkdir -p /tmp/archivedir")
+	output, err := cmd.CombinedOutput()
+	if err != nil {
+		t.Fatalf("Fail to create an archive file for test : %s.", output)
+	}
+	if IsArchivePath(tmp + "archivedir") {
+		t.Fatalf("Incorrectly recognised directory as an archive")
+	}
+}
+
+func TestIsArchivePathInvalidFile(t *testing.T) {
+	cmd := exec.Command("sh", "-c", "dd if=/dev/zero bs=1K count=1 of=/tmp/archive && gzip --stdout /tmp/archive > /tmp/archive.gz")
+	output, err := cmd.CombinedOutput()
+	if err != nil {
+		t.Fatalf("Fail to create an archive file for test : %s.", output)
+	}
+	if IsArchivePath(tmp + "archive") {
+		t.Fatalf("Incorrectly recognised invalid tar path as archive")
+	}
+	if IsArchivePath(tmp + "archive.gz") {
+		t.Fatalf("Incorrectly recognised invalid compressed tar path as archive")
+	}
+}
+
+func TestIsArchivePathTar(t *testing.T) {
+	cmd := exec.Command("sh", "-c", "touch /tmp/archivedata && tar -cf /tmp/archive /tmp/archivedata && gzip --stdout /tmp/archive > /tmp/archive.gz")
+	output, err := cmd.CombinedOutput()
+	if err != nil {
+		t.Fatalf("Fail to create an archive file for test : %s.", output)
+	}
+	if !IsArchivePath(tmp + "/archive") {
+		t.Fatalf("Did not recognise valid tar path as archive")
+	}
+	if !IsArchivePath(tmp + "archive.gz") {
+		t.Fatalf("Did not recognise valid compressed tar path as archive")
+	}
+}
+
+func TestDecompressStreamGzip(t *testing.T) {
+	cmd := exec.Command("sh", "-c", "touch /tmp/archive && gzip -f /tmp/archive")
+	output, err := cmd.CombinedOutput()
+	if err != nil {
+		t.Fatalf("Fail to create an archive file for test : %s.", output)
+	}
+	archive, err := os.Open(tmp + "archive.gz")
+	_, err = DecompressStream(archive)
+	if err != nil {
+		t.Fatalf("Failed to decompress a gzip file.")
+	}
+}
+
+func TestDecompressStreamBzip2(t *testing.T) {
+	cmd := exec.Command("sh", "-c", "touch /tmp/archive && bzip2 -f /tmp/archive")
+	output, err := cmd.CombinedOutput()
+	if err != nil {
+		t.Fatalf("Fail to create an archive file for test : %s.", output)
+	}
+	archive, err := os.Open(tmp + "archive.bz2")
+	_, err = DecompressStream(archive)
+	if err != nil {
+		t.Fatalf("Failed to decompress a bzip2 file.")
+	}
+}
+
+func TestDecompressStreamXz(t *testing.T) {
+	if runtime.GOOS == "windows" {
+		t.Skip("Xz not present in msys2")
+	}
+	cmd := exec.Command("sh", "-c", "touch /tmp/archive && xz -f /tmp/archive")
+	output, err := cmd.CombinedOutput()
+	if err != nil {
+		t.Fatalf("Fail to create an archive file for test : %s.", output)
+	}
+	archive, err := os.Open(tmp + "archive.xz")
+	_, err = DecompressStream(archive)
+	if err != nil {
+		t.Fatalf("Failed to decompress a xz file.")
+	}
+}
+
+func TestCompressStreamXzUnsuported(t *testing.T) {
+	dest, err := os.Create(tmp + "dest")
+	if err != nil {
+		t.Fatalf("Fail to create the destination file")
+	}
+	_, err = CompressStream(dest, Xz)
+	if err == nil {
+		t.Fatalf("Should fail as xz is unsupported for compression format.")
+	}
+}
+
+func TestCompressStreamBzip2Unsupported(t *testing.T) {
+	dest, err := os.Create(tmp + "dest")
+	if err != nil {
+		t.Fatalf("Fail to create the destination file")
+	}
+	_, err = CompressStream(dest, Xz)
+	if err == nil {
+		t.Fatalf("Should fail as xz is unsupported for compression format.")
+	}
+}
+
+func TestCompressStreamInvalid(t *testing.T) {
+	dest, err := os.Create(tmp + "dest")
+	if err != nil {
+		t.Fatalf("Fail to create the destination file")
+	}
+	_, err = CompressStream(dest, -1)
+	if err == nil {
+		t.Fatalf("Should fail as xz is unsupported for compression format.")
+	}
+}
+
+func TestExtensionInvalid(t *testing.T) {
+	compression := Compression(-1)
+	output := compression.Extension()
+	if output != "" {
+		t.Fatalf("The extension of an invalid compression should be an empty string.")
+	}
+}
+
+func TestExtensionUncompressed(t *testing.T) {
+	compression := Uncompressed
+	output := compression.Extension()
+	if output != "tar" {
+		t.Fatalf("The extension of a uncompressed archive should be 'tar'.")
+	}
+}
+func TestExtensionBzip2(t *testing.T) {
+	compression := Bzip2
+	output := compression.Extension()
+	if output != "tar.bz2" {
+		t.Fatalf("The extension of a bzip2 archive should be 'tar.bz2'")
+	}
+}
+func TestExtensionGzip(t *testing.T) {
+	compression := Gzip
+	output := compression.Extension()
+	if output != "tar.gz" {
+		t.Fatalf("The extension of a bzip2 archive should be 'tar.gz'")
+	}
+}
+func TestExtensionXz(t *testing.T) {
+	compression := Xz
+	output := compression.Extension()
+	if output != "tar.xz" {
+		t.Fatalf("The extension of a bzip2 archive should be 'tar.xz'")
+	}
+}
+
+func TestCmdStreamLargeStderr(t *testing.T) {
+	cmd := exec.Command("sh", "-c", "dd if=/dev/zero bs=1k count=1000 of=/dev/stderr; echo hello")
+	out, _, err := cmdStream(cmd, nil)
+	if err != nil {
+		t.Fatalf("Failed to start command: %s", err)
+	}
+	errCh := make(chan error)
+	go func() {
+		_, err := io.Copy(ioutil.Discard, out)
+		errCh <- err
+	}()
+	select {
+	case err := <-errCh:
+		if err != nil {
+			t.Fatalf("Command should not have failed (err=%.100s...)", err)
+		}
+	case <-time.After(5 * time.Second):
+		t.Fatalf("Command did not complete in 5 seconds; probable deadlock")
+	}
+}
+
+func TestCmdStreamBad(t *testing.T) {
+	// TODO Windows: Figure out why this is failing in CI but not locally
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows CI machines")
+	}
+	badCmd := exec.Command("sh", "-c", "echo hello; echo >&2 error couldn\\'t reverse the phase pulser; exit 1")
+	out, _, err := cmdStream(badCmd, nil)
+	if err != nil {
+		t.Fatalf("Failed to start command: %s", err)
+	}
+	if output, err := ioutil.ReadAll(out); err == nil {
+		t.Fatalf("Command should have failed")
+	} else if err.Error() != "exit status 1: error couldn't reverse the phase pulser\n" {
+		t.Fatalf("Wrong error value (%s)", err)
+	} else if s := string(output); s != "hello\n" {
+		t.Fatalf("Command output should be '%s', not '%s'", "hello\\n", output)
+	}
+}
+
+func TestCmdStreamGood(t *testing.T) {
+	cmd := exec.Command("sh", "-c", "echo hello; exit 0")
+	out, _, err := cmdStream(cmd, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if output, err := ioutil.ReadAll(out); err != nil {
+		t.Fatalf("Command should not have failed (err=%s)", err)
+	} else if s := string(output); s != "hello\n" {
+		t.Fatalf("Command output should be '%s', not '%s'", "hello\\n", output)
+	}
+}
+
+func TestUntarPathWithInvalidDest(t *testing.T) {
+	tempFolder, err := ioutil.TempDir("", "docker-archive-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tempFolder)
+	invalidDestFolder := filepath.Join(tempFolder, "invalidDest")
+	// Create a src file
+	srcFile := filepath.Join(tempFolder, "src")
+	tarFile := filepath.Join(tempFolder, "src.tar")
+	os.Create(srcFile)
+	os.Create(invalidDestFolder) // being a file (not dir) should cause an error
+
+	// Translate back to Unix semantics as next exec.Command is run under sh
+	srcFileU := srcFile
+	tarFileU := tarFile
+	if runtime.GOOS == "windows" {
+		tarFileU = "/tmp/" + filepath.Base(filepath.Dir(tarFile)) + "/src.tar"
+		srcFileU = "/tmp/" + filepath.Base(filepath.Dir(srcFile)) + "/src"
+	}
+
+	cmd := exec.Command("sh", "-c", "tar cf "+tarFileU+" "+srcFileU)
+	_, err = cmd.CombinedOutput()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	err = UntarPath(tarFile, invalidDestFolder)
+	if err == nil {
+		t.Fatalf("UntarPath with invalid destination path should throw an error.")
+	}
+}
+
+func TestUntarPathWithInvalidSrc(t *testing.T) {
+	dest, err := ioutil.TempDir("", "docker-archive-test")
+	if err != nil {
+		t.Fatalf("Fail to create the destination file")
+	}
+	defer os.RemoveAll(dest)
+	err = UntarPath("/invalid/path", dest)
+	if err == nil {
+		t.Fatalf("UntarPath with invalid src path should throw an error.")
+	}
+}
+
+func TestUntarPath(t *testing.T) {
+	tmpFolder, err := ioutil.TempDir("", "docker-archive-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpFolder)
+	srcFile := filepath.Join(tmpFolder, "src")
+	tarFile := filepath.Join(tmpFolder, "src.tar")
+	os.Create(filepath.Join(tmpFolder, "src"))
+
+	destFolder := filepath.Join(tmpFolder, "dest")
+	err = os.MkdirAll(destFolder, 0740)
+	if err != nil {
+		t.Fatalf("Fail to create the destination file")
+	}
+
+	// Translate back to Unix semantics as next exec.Command is run under sh
+	srcFileU := srcFile
+	tarFileU := tarFile
+	if runtime.GOOS == "windows" {
+		tarFileU = "/tmp/" + filepath.Base(filepath.Dir(tarFile)) + "/src.tar"
+		srcFileU = "/tmp/" + filepath.Base(filepath.Dir(srcFile)) + "/src"
+	}
+	cmd := exec.Command("sh", "-c", "tar cf "+tarFileU+" "+srcFileU)
+	_, err = cmd.CombinedOutput()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	err = UntarPath(tarFile, destFolder)
+	if err != nil {
+		t.Fatalf("UntarPath shouldn't throw an error, %s.", err)
+	}
+	expectedFile := filepath.Join(destFolder, srcFileU)
+	_, err = os.Stat(expectedFile)
+	if err != nil {
+		t.Fatalf("Destination folder should contain the source file but did not.")
+	}
+}
+
+// Do the same test as above but with the destination as file, it should fail
+func TestUntarPathWithDestinationFile(t *testing.T) {
+	tmpFolder, err := ioutil.TempDir("", "docker-archive-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpFolder)
+	srcFile := filepath.Join(tmpFolder, "src")
+	tarFile := filepath.Join(tmpFolder, "src.tar")
+	os.Create(filepath.Join(tmpFolder, "src"))
+
+	// Translate back to Unix semantics as next exec.Command is run under sh
+	srcFileU := srcFile
+	tarFileU := tarFile
+	if runtime.GOOS == "windows" {
+		tarFileU = "/tmp/" + filepath.Base(filepath.Dir(tarFile)) + "/src.tar"
+		srcFileU = "/tmp/" + filepath.Base(filepath.Dir(srcFile)) + "/src"
+	}
+	cmd := exec.Command("sh", "-c", "tar cf "+tarFileU+" "+srcFileU)
+	_, err = cmd.CombinedOutput()
+	if err != nil {
+		t.Fatal(err)
+	}
+	destFile := filepath.Join(tmpFolder, "dest")
+	_, err = os.Create(destFile)
+	if err != nil {
+		t.Fatalf("Fail to create the destination file")
+	}
+	err = UntarPath(tarFile, destFile)
+	if err == nil {
+		t.Fatalf("UntarPath should throw an error if the destination if a file")
+	}
+}
+
+// Do the same test as above but with the destination folder already exists
+// and the destination file is a directory
+// It's working, see https://github.com/docker/docker/issues/10040
+func TestUntarPathWithDestinationSrcFileAsFolder(t *testing.T) {
+	tmpFolder, err := ioutil.TempDir("", "docker-archive-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpFolder)
+	srcFile := filepath.Join(tmpFolder, "src")
+	tarFile := filepath.Join(tmpFolder, "src.tar")
+	os.Create(srcFile)
+
+	// Translate back to Unix semantics as next exec.Command is run under sh
+	srcFileU := srcFile
+	tarFileU := tarFile
+	if runtime.GOOS == "windows" {
+		tarFileU = "/tmp/" + filepath.Base(filepath.Dir(tarFile)) + "/src.tar"
+		srcFileU = "/tmp/" + filepath.Base(filepath.Dir(srcFile)) + "/src"
+	}
+
+	cmd := exec.Command("sh", "-c", "tar cf "+tarFileU+" "+srcFileU)
+	_, err = cmd.CombinedOutput()
+	if err != nil {
+		t.Fatal(err)
+	}
+	destFolder := filepath.Join(tmpFolder, "dest")
+	err = os.MkdirAll(destFolder, 0740)
+	if err != nil {
+		t.Fatalf("Fail to create the destination folder")
+	}
+	// Let's create a folder that will has the same path as the extracted file (from tar)
+	destSrcFileAsFolder := filepath.Join(destFolder, srcFileU)
+	err = os.MkdirAll(destSrcFileAsFolder, 0740)
+	if err != nil {
+		t.Fatal(err)
+	}
+	err = UntarPath(tarFile, destFolder)
+	if err != nil {
+		t.Fatalf("UntarPath should throw not throw an error if the extracted file already exists and is a folder")
+	}
+}
+
+func TestCopyWithTarInvalidSrc(t *testing.T) {
+	tempFolder, err := ioutil.TempDir("", "docker-archive-test")
+	if err != nil {
+		t.Fatal(nil)
+	}
+	destFolder := filepath.Join(tempFolder, "dest")
+	invalidSrc := filepath.Join(tempFolder, "doesnotexists")
+	err = os.MkdirAll(destFolder, 0740)
+	if err != nil {
+		t.Fatal(err)
+	}
+	err = CopyWithTar(invalidSrc, destFolder)
+	if err == nil {
+		t.Fatalf("archiver.CopyWithTar with invalid src path should throw an error.")
+	}
+}
+
+func TestCopyWithTarInexistentDestWillCreateIt(t *testing.T) {
+	tempFolder, err := ioutil.TempDir("", "docker-archive-test")
+	if err != nil {
+		t.Fatal(nil)
+	}
+	srcFolder := filepath.Join(tempFolder, "src")
+	inexistentDestFolder := filepath.Join(tempFolder, "doesnotexists")
+	err = os.MkdirAll(srcFolder, 0740)
+	if err != nil {
+		t.Fatal(err)
+	}
+	err = CopyWithTar(srcFolder, inexistentDestFolder)
+	if err != nil {
+		t.Fatalf("CopyWithTar with an inexistent folder shouldn't fail.")
+	}
+	_, err = os.Stat(inexistentDestFolder)
+	if err != nil {
+		t.Fatalf("CopyWithTar with an inexistent folder should create it.")
+	}
+}
+
+// Test CopyWithTar with a file as src
+func TestCopyWithTarSrcFile(t *testing.T) {
+	folder, err := ioutil.TempDir("", "docker-archive-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(folder)
+	dest := filepath.Join(folder, "dest")
+	srcFolder := filepath.Join(folder, "src")
+	src := filepath.Join(folder, filepath.Join("src", "src"))
+	err = os.MkdirAll(srcFolder, 0740)
+	if err != nil {
+		t.Fatal(err)
+	}
+	err = os.MkdirAll(dest, 0740)
+	if err != nil {
+		t.Fatal(err)
+	}
+	ioutil.WriteFile(src, []byte("content"), 0777)
+	err = CopyWithTar(src, dest)
+	if err != nil {
+		t.Fatalf("archiver.CopyWithTar shouldn't throw an error, %s.", err)
+	}
+	_, err = os.Stat(dest)
+	// FIXME Check the content
+	if err != nil {
+		t.Fatalf("Destination file should be the same as the source.")
+	}
+}
+
+// Test CopyWithTar with a folder as src
+func TestCopyWithTarSrcFolder(t *testing.T) {
+	folder, err := ioutil.TempDir("", "docker-archive-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(folder)
+	dest := filepath.Join(folder, "dest")
+	src := filepath.Join(folder, filepath.Join("src", "folder"))
+	err = os.MkdirAll(src, 0740)
+	if err != nil {
+		t.Fatal(err)
+	}
+	err = os.MkdirAll(dest, 0740)
+	if err != nil {
+		t.Fatal(err)
+	}
+	ioutil.WriteFile(filepath.Join(src, "file"), []byte("content"), 0777)
+	err = CopyWithTar(src, dest)
+	if err != nil {
+		t.Fatalf("archiver.CopyWithTar shouldn't throw an error, %s.", err)
+	}
+	_, err = os.Stat(dest)
+	// FIXME Check the content (the file inside)
+	if err != nil {
+		t.Fatalf("Destination folder should contain the source file but did not.")
+	}
+}
+
+func TestCopyFileWithTarInvalidSrc(t *testing.T) {
+	tempFolder, err := ioutil.TempDir("", "docker-archive-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tempFolder)
+	destFolder := filepath.Join(tempFolder, "dest")
+	err = os.MkdirAll(destFolder, 0740)
+	if err != nil {
+		t.Fatal(err)
+	}
+	invalidFile := filepath.Join(tempFolder, "doesnotexists")
+	err = CopyFileWithTar(invalidFile, destFolder)
+	if err == nil {
+		t.Fatalf("archiver.CopyWithTar with invalid src path should throw an error.")
+	}
+}
+
+func TestCopyFileWithTarInexistentDestWillCreateIt(t *testing.T) {
+	tempFolder, err := ioutil.TempDir("", "docker-archive-test")
+	if err != nil {
+		t.Fatal(nil)
+	}
+	defer os.RemoveAll(tempFolder)
+	srcFile := filepath.Join(tempFolder, "src")
+	inexistentDestFolder := filepath.Join(tempFolder, "doesnotexists")
+	_, err = os.Create(srcFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+	err = CopyFileWithTar(srcFile, inexistentDestFolder)
+	if err != nil {
+		t.Fatalf("CopyWithTar with an inexistent folder shouldn't fail.")
+	}
+	_, err = os.Stat(inexistentDestFolder)
+	if err != nil {
+		t.Fatalf("CopyWithTar with an inexistent folder should create it.")
+	}
+	// FIXME Test the src file and content
+}
+
+func TestCopyFileWithTarSrcFolder(t *testing.T) {
+	folder, err := ioutil.TempDir("", "docker-archive-copyfilewithtar-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(folder)
+	dest := filepath.Join(folder, "dest")
+	src := filepath.Join(folder, "srcfolder")
+	err = os.MkdirAll(src, 0740)
+	if err != nil {
+		t.Fatal(err)
+	}
+	err = os.MkdirAll(dest, 0740)
+	if err != nil {
+		t.Fatal(err)
+	}
+	err = CopyFileWithTar(src, dest)
+	if err == nil {
+		t.Fatalf("CopyFileWithTar should throw an error with a folder.")
+	}
+}
+
+func TestCopyFileWithTarSrcFile(t *testing.T) {
+	folder, err := ioutil.TempDir("", "docker-archive-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(folder)
+	dest := filepath.Join(folder, "dest")
+	srcFolder := filepath.Join(folder, "src")
+	src := filepath.Join(folder, filepath.Join("src", "src"))
+	err = os.MkdirAll(srcFolder, 0740)
+	if err != nil {
+		t.Fatal(err)
+	}
+	err = os.MkdirAll(dest, 0740)
+	if err != nil {
+		t.Fatal(err)
+	}
+	ioutil.WriteFile(src, []byte("content"), 0777)
+	err = CopyWithTar(src, dest+"/")
+	if err != nil {
+		t.Fatalf("archiver.CopyFileWithTar shouldn't throw an error, %s.", err)
+	}
+	_, err = os.Stat(dest)
+	if err != nil {
+		t.Fatalf("Destination folder should contain the source file but did not.")
+	}
+}
+
+func TestTarFiles(t *testing.T) {
+	// TODO Windows: Figure out how to port this test.
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+	// try without hardlinks
+	if err := checkNoChanges(1000, false); err != nil {
+		t.Fatal(err)
+	}
+	// try with hardlinks
+	if err := checkNoChanges(1000, true); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func checkNoChanges(fileNum int, hardlinks bool) error {
+	srcDir, err := ioutil.TempDir("", "docker-test-srcDir")
+	if err != nil {
+		return err
+	}
+	defer os.RemoveAll(srcDir)
+
+	destDir, err := ioutil.TempDir("", "docker-test-destDir")
+	if err != nil {
+		return err
+	}
+	defer os.RemoveAll(destDir)
+
+	_, err = prepareUntarSourceDirectory(fileNum, srcDir, hardlinks)
+	if err != nil {
+		return err
+	}
+
+	err = TarUntar(srcDir, destDir)
+	if err != nil {
+		return err
+	}
+
+	changes, err := ChangesDirs(destDir, srcDir)
+	if err != nil {
+		return err
+	}
+	if len(changes) > 0 {
+		return fmt.Errorf("with %d files and %v hardlinks: expected 0 changes, got %d", fileNum, hardlinks, len(changes))
+	}
+	return nil
+}
+
+func tarUntar(t *testing.T, origin string, options *TarOptions) ([]Change, error) {
+	archive, err := TarWithOptions(origin, options)
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer archive.Close()
+
+	buf := make([]byte, 10)
+	if _, err := archive.Read(buf); err != nil {
+		return nil, err
+	}
+	wrap := io.MultiReader(bytes.NewReader(buf), archive)
+
+	detectedCompression := DetectCompression(buf)
+	compression := options.Compression
+	if detectedCompression.Extension() != compression.Extension() {
+		return nil, fmt.Errorf("Wrong compression detected. Actual compression: %s, found %s", compression.Extension(), detectedCompression.Extension())
+	}
+
+	tmp, err := ioutil.TempDir("", "docker-test-untar")
+	if err != nil {
+		return nil, err
+	}
+	defer os.RemoveAll(tmp)
+	if err := Untar(wrap, tmp, nil); err != nil {
+		return nil, err
+	}
+	if _, err := os.Stat(tmp); err != nil {
+		return nil, err
+	}
+
+	return ChangesDirs(origin, tmp)
+}
+
+func TestTarUntar(t *testing.T) {
+	// TODO Windows: Figure out how to fix this test.
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+	origin, err := ioutil.TempDir("", "docker-test-untar-origin")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(origin)
+	if err := ioutil.WriteFile(filepath.Join(origin, "1"), []byte("hello world"), 0700); err != nil {
+		t.Fatal(err)
+	}
+	if err := ioutil.WriteFile(filepath.Join(origin, "2"), []byte("welcome!"), 0700); err != nil {
+		t.Fatal(err)
+	}
+	if err := ioutil.WriteFile(filepath.Join(origin, "3"), []byte("will be ignored"), 0700); err != nil {
+		t.Fatal(err)
+	}
+
+	for _, c := range []Compression{
+		Uncompressed,
+		Gzip,
+	} {
+		changes, err := tarUntar(t, origin, &TarOptions{
+			Compression:     c,
+			ExcludePatterns: []string{"3"},
+		})
+
+		if err != nil {
+			t.Fatalf("Error tar/untar for compression %s: %s", c.Extension(), err)
+		}
+
+		if len(changes) != 1 || changes[0].Path != "/3" {
+			t.Fatalf("Unexpected differences after tarUntar: %v", changes)
+		}
+	}
+}
+
+func TestTarWithOptions(t *testing.T) {
+	// TODO Windows: Figure out how to fix this test.
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+	origin, err := ioutil.TempDir("", "docker-test-untar-origin")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := ioutil.TempDir(origin, "folder"); err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(origin)
+	if err := ioutil.WriteFile(filepath.Join(origin, "1"), []byte("hello world"), 0700); err != nil {
+		t.Fatal(err)
+	}
+	if err := ioutil.WriteFile(filepath.Join(origin, "2"), []byte("welcome!"), 0700); err != nil {
+		t.Fatal(err)
+	}
+
+	cases := []struct {
+		opts       *TarOptions
+		numChanges int
+	}{
+		{&TarOptions{IncludeFiles: []string{"1"}}, 2},
+		{&TarOptions{ExcludePatterns: []string{"2"}}, 1},
+		{&TarOptions{ExcludePatterns: []string{"1", "folder*"}}, 2},
+		{&TarOptions{IncludeFiles: []string{"1", "1"}}, 2},
+		{&TarOptions{IncludeFiles: []string{"1"}, RebaseNames: map[string]string{"1": "test"}}, 4},
+	}
+	for _, testCase := range cases {
+		changes, err := tarUntar(t, origin, testCase.opts)
+		if err != nil {
+			t.Fatalf("Error tar/untar when testing inclusion/exclusion: %s", err)
+		}
+		if len(changes) != testCase.numChanges {
+			t.Errorf("Expected %d changes, got %d for %+v:",
+				testCase.numChanges, len(changes), testCase.opts)
+		}
+	}
+}
+
+// Some tar archives such as http://haproxy.1wt.eu/download/1.5/src/devel/haproxy-1.5-dev21.tar.gz
+// use PAX Global Extended Headers.
+// Failing prevents the archives from being uncompressed during ADD
+func TestTypeXGlobalHeaderDoesNotFail(t *testing.T) {
+	hdr := tar.Header{Typeflag: tar.TypeXGlobalHeader}
+	tmpDir, err := ioutil.TempDir("", "docker-test-archive-pax-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpDir)
+	err = createTarFile(filepath.Join(tmpDir, "pax_global_header"), tmpDir, &hdr, nil, true, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
+// Some tar have both GNU specific (huge uid) and Ustar specific (long name) things.
+// Not supposed to happen (should use PAX instead of Ustar for long name) but it does and it should still work.
+func TestUntarUstarGnuConflict(t *testing.T) {
+	f, err := os.Open("testdata/broken.tar")
+	if err != nil {
+		t.Fatal(err)
+	}
+	found := false
+	tr := tar.NewReader(f)
+	// Iterate through the files in the archive.
+	for {
+		hdr, err := tr.Next()
+		if err == io.EOF {
+			// end of tar archive
+			break
+		}
+		if err != nil {
+			t.Fatal(err)
+		}
+		if hdr.Name == "root/.cpanm/work/1395823785.24209/Plack-1.0030/blib/man3/Plack::Middleware::LighttpdScriptNameFix.3pm" {
+			found = true
+			break
+		}
+	}
+	if !found {
+		t.Fatalf("%s not found in the archive", "root/.cpanm/work/1395823785.24209/Plack-1.0030/blib/man3/Plack::Middleware::LighttpdScriptNameFix.3pm")
+	}
+}
+
+func prepareUntarSourceDirectory(numberOfFiles int, targetPath string, makeLinks bool) (int, error) {
+	fileData := []byte("fooo")
+	for n := 0; n < numberOfFiles; n++ {
+		fileName := fmt.Sprintf("file-%d", n)
+		if err := ioutil.WriteFile(filepath.Join(targetPath, fileName), fileData, 0700); err != nil {
+			return 0, err
+		}
+		if makeLinks {
+			if err := os.Link(filepath.Join(targetPath, fileName), filepath.Join(targetPath, fileName+"-link")); err != nil {
+				return 0, err
+			}
+		}
+	}
+	totalSize := numberOfFiles * len(fileData)
+	return totalSize, nil
+}
+
+func BenchmarkTarUntar(b *testing.B) {
+	origin, err := ioutil.TempDir("", "docker-test-untar-origin")
+	if err != nil {
+		b.Fatal(err)
+	}
+	tempDir, err := ioutil.TempDir("", "docker-test-untar-destination")
+	if err != nil {
+		b.Fatal(err)
+	}
+	target := filepath.Join(tempDir, "dest")
+	n, err := prepareUntarSourceDirectory(100, origin, false)
+	if err != nil {
+		b.Fatal(err)
+	}
+	defer os.RemoveAll(origin)
+	defer os.RemoveAll(tempDir)
+
+	b.ResetTimer()
+	b.SetBytes(int64(n))
+	for n := 0; n < b.N; n++ {
+		err := TarUntar(origin, target)
+		if err != nil {
+			b.Fatal(err)
+		}
+		os.RemoveAll(target)
+	}
+}
+
+func BenchmarkTarUntarWithLinks(b *testing.B) {
+	origin, err := ioutil.TempDir("", "docker-test-untar-origin")
+	if err != nil {
+		b.Fatal(err)
+	}
+	tempDir, err := ioutil.TempDir("", "docker-test-untar-destination")
+	if err != nil {
+		b.Fatal(err)
+	}
+	target := filepath.Join(tempDir, "dest")
+	n, err := prepareUntarSourceDirectory(100, origin, true)
+	if err != nil {
+		b.Fatal(err)
+	}
+	defer os.RemoveAll(origin)
+	defer os.RemoveAll(tempDir)
+
+	b.ResetTimer()
+	b.SetBytes(int64(n))
+	for n := 0; n < b.N; n++ {
+		err := TarUntar(origin, target)
+		if err != nil {
+			b.Fatal(err)
+		}
+		os.RemoveAll(target)
+	}
+}
+
+func TestUntarInvalidFilenames(t *testing.T) {
+	// TODO Windows: Figure out how to fix this test.
+	if runtime.GOOS == "windows" {
+		t.Skip("Passes but hits breakoutError: platform and architecture is not supported")
+	}
+	for i, headers := range [][]*tar.Header{
+		{
+			{
+				Name:     "../victim/dotdot",
+				Typeflag: tar.TypeReg,
+				Mode:     0644,
+			},
+		},
+		{
+			{
+				// Note the leading slash
+				Name:     "/../victim/slash-dotdot",
+				Typeflag: tar.TypeReg,
+				Mode:     0644,
+			},
+		},
+	} {
+		if err := testBreakout("untar", "docker-TestUntarInvalidFilenames", headers); err != nil {
+			t.Fatalf("i=%d. %v", i, err)
+		}
+	}
+}
+
+func TestUntarHardlinkToSymlink(t *testing.T) {
+	// TODO Windows. There may be a way of running this, but turning off for now
+	if runtime.GOOS == "windows" {
+		t.Skip("hardlinks on Windows")
+	}
+	for i, headers := range [][]*tar.Header{
+		{
+			{
+				Name:     "symlink1",
+				Typeflag: tar.TypeSymlink,
+				Linkname: "regfile",
+				Mode:     0644,
+			},
+			{
+				Name:     "symlink2",
+				Typeflag: tar.TypeLink,
+				Linkname: "symlink1",
+				Mode:     0644,
+			},
+			{
+				Name:     "regfile",
+				Typeflag: tar.TypeReg,
+				Mode:     0644,
+			},
+		},
+	} {
+		if err := testBreakout("untar", "docker-TestUntarHardlinkToSymlink", headers); err != nil {
+			t.Fatalf("i=%d. %v", i, err)
+		}
+	}
+}
+
+func TestUntarInvalidHardlink(t *testing.T) {
+	// TODO Windows. There may be a way of running this, but turning off for now
+	if runtime.GOOS == "windows" {
+		t.Skip("hardlinks on Windows")
+	}
+	for i, headers := range [][]*tar.Header{
+		{ // try reading victim/hello (../)
+			{
+				Name:     "dotdot",
+				Typeflag: tar.TypeLink,
+				Linkname: "../victim/hello",
+				Mode:     0644,
+			},
+		},
+		{ // try reading victim/hello (/../)
+			{
+				Name:     "slash-dotdot",
+				Typeflag: tar.TypeLink,
+				// Note the leading slash
+				Linkname: "/../victim/hello",
+				Mode:     0644,
+			},
+		},
+		{ // try writing victim/file
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeLink,
+				Linkname: "../victim",
+				Mode:     0755,
+			},
+			{
+				Name:     "loophole-victim/file",
+				Typeflag: tar.TypeReg,
+				Mode:     0644,
+			},
+		},
+		{ // try reading victim/hello (hardlink, symlink)
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeLink,
+				Linkname: "../victim",
+				Mode:     0755,
+			},
+			{
+				Name:     "symlink",
+				Typeflag: tar.TypeSymlink,
+				Linkname: "loophole-victim/hello",
+				Mode:     0644,
+			},
+		},
+		{ // Try reading victim/hello (hardlink, hardlink)
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeLink,
+				Linkname: "../victim",
+				Mode:     0755,
+			},
+			{
+				Name:     "hardlink",
+				Typeflag: tar.TypeLink,
+				Linkname: "loophole-victim/hello",
+				Mode:     0644,
+			},
+		},
+		{ // Try removing victim directory (hardlink)
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeLink,
+				Linkname: "../victim",
+				Mode:     0755,
+			},
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeReg,
+				Mode:     0644,
+			},
+		},
+	} {
+		if err := testBreakout("untar", "docker-TestUntarInvalidHardlink", headers); err != nil {
+			t.Fatalf("i=%d. %v", i, err)
+		}
+	}
+}
+
+func TestUntarInvalidSymlink(t *testing.T) {
+	// TODO Windows. There may be a way of running this, but turning off for now
+	if runtime.GOOS == "windows" {
+		t.Skip("hardlinks on Windows")
+	}
+	for i, headers := range [][]*tar.Header{
+		{ // try reading victim/hello (../)
+			{
+				Name:     "dotdot",
+				Typeflag: tar.TypeSymlink,
+				Linkname: "../victim/hello",
+				Mode:     0644,
+			},
+		},
+		{ // try reading victim/hello (/../)
+			{
+				Name:     "slash-dotdot",
+				Typeflag: tar.TypeSymlink,
+				// Note the leading slash
+				Linkname: "/../victim/hello",
+				Mode:     0644,
+			},
+		},
+		{ // try writing victim/file
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeSymlink,
+				Linkname: "../victim",
+				Mode:     0755,
+			},
+			{
+				Name:     "loophole-victim/file",
+				Typeflag: tar.TypeReg,
+				Mode:     0644,
+			},
+		},
+		{ // try reading victim/hello (symlink, symlink)
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeSymlink,
+				Linkname: "../victim",
+				Mode:     0755,
+			},
+			{
+				Name:     "symlink",
+				Typeflag: tar.TypeSymlink,
+				Linkname: "loophole-victim/hello",
+				Mode:     0644,
+			},
+		},
+		{ // try reading victim/hello (symlink, hardlink)
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeSymlink,
+				Linkname: "../victim",
+				Mode:     0755,
+			},
+			{
+				Name:     "hardlink",
+				Typeflag: tar.TypeLink,
+				Linkname: "loophole-victim/hello",
+				Mode:     0644,
+			},
+		},
+		{ // try removing victim directory (symlink)
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeSymlink,
+				Linkname: "../victim",
+				Mode:     0755,
+			},
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeReg,
+				Mode:     0644,
+			},
+		},
+		{ // try writing to victim/newdir/newfile with a symlink in the path
+			{
+				// this header needs to be before the next one, or else there is an error
+				Name:     "dir/loophole",
+				Typeflag: tar.TypeSymlink,
+				Linkname: "../../victim",
+				Mode:     0755,
+			},
+			{
+				Name:     "dir/loophole/newdir/newfile",
+				Typeflag: tar.TypeReg,
+				Mode:     0644,
+			},
+		},
+	} {
+		if err := testBreakout("untar", "docker-TestUntarInvalidSymlink", headers); err != nil {
+			t.Fatalf("i=%d. %v", i, err)
+		}
+	}
+}
+
+func TestTempArchiveCloseMultipleTimes(t *testing.T) {
+	reader := ioutil.NopCloser(strings.NewReader("hello"))
+	tempArchive, err := NewTempArchive(reader, "")
+	buf := make([]byte, 10)
+	n, err := tempArchive.Read(buf)
+	if n != 5 {
+		t.Fatalf("Expected to read 5 bytes. Read %d instead", n)
+	}
+	for i := 0; i < 3; i++ {
+		if err = tempArchive.Close(); err != nil {
+			t.Fatalf("i=%d. Unexpected error closing temp archive: %v", i, err)
+		}
+	}
+}
diff --git a/pkg/archive/archive_unix.go b/pkg/archive/archive_unix.go
new file mode 100644
index 00000000..fbc3bb8c
--- /dev/null
+++ b/pkg/archive/archive_unix.go
@@ -0,0 +1,112 @@
+// +build !windows
+
+package archive
+
+import (
+	"archive/tar"
+	"errors"
+	"os"
+	"path/filepath"
+	"syscall"
+
+	"github.com/docker/docker/pkg/system"
+)
+
+// fixVolumePathPrefix does platform specific processing to ensure that if
+// the path being passed in is not in a volume path format, convert it to one.
+func fixVolumePathPrefix(srcPath string) string {
+	return srcPath
+}
+
+// getWalkRoot calculates the root path when performing a TarWithOptions.
+// We use a separate function as this is platform specific. On Linux, we
+// can't use filepath.Join(srcPath,include) because this will clean away
+// a trailing "." or "/" which may be important.
+func getWalkRoot(srcPath string, include string) string {
+	return srcPath + string(filepath.Separator) + include
+}
+
+// CanonicalTarNameForPath returns platform-specific filepath
+// to canonical posix-style path for tar archival. p is relative
+// path.
+func CanonicalTarNameForPath(p string) (string, error) {
+	return p, nil // already unix-style
+}
+
+// chmodTarEntry is used to adjust the file permissions used in tar header based
+// on the platform the archival is done.
+
+func chmodTarEntry(perm os.FileMode) os.FileMode {
+	return perm // noop for unix as golang APIs provide perm bits correctly
+}
+
+func setHeaderForSpecialDevice(hdr *tar.Header, ta *tarAppender, name string, stat interface{}) (inode uint64, err error) {
+	s, ok := stat.(*syscall.Stat_t)
+
+	if !ok {
+		err = errors.New("cannot convert stat value to syscall.Stat_t")
+		return
+	}
+
+	inode = uint64(s.Ino)
+
+	// Currently go does not fill in the major/minors
+	if s.Mode&syscall.S_IFBLK != 0 ||
+		s.Mode&syscall.S_IFCHR != 0 {
+		hdr.Devmajor = int64(major(uint64(s.Rdev)))
+		hdr.Devminor = int64(minor(uint64(s.Rdev)))
+	}
+
+	return
+}
+
+func getFileUIDGID(stat interface{}) (int, int, error) {
+	s, ok := stat.(*syscall.Stat_t)
+
+	if !ok {
+		return -1, -1, errors.New("cannot convert stat value to syscall.Stat_t")
+	}
+	return int(s.Uid), int(s.Gid), nil
+}
+
+func major(device uint64) uint64 {
+	return (device >> 8) & 0xfff
+}
+
+func minor(device uint64) uint64 {
+	return (device & 0xff) | ((device >> 12) & 0xfff00)
+}
+
+// handleTarTypeBlockCharFifo is an OS-specific helper function used by
+// createTarFile to handle the following types of header: Block; Char; Fifo
+func handleTarTypeBlockCharFifo(hdr *tar.Header, path string) error {
+	mode := uint32(hdr.Mode & 07777)
+	switch hdr.Typeflag {
+	case tar.TypeBlock:
+		mode |= syscall.S_IFBLK
+	case tar.TypeChar:
+		mode |= syscall.S_IFCHR
+	case tar.TypeFifo:
+		mode |= syscall.S_IFIFO
+	}
+
+	if err := system.Mknod(path, mode, int(system.Mkdev(hdr.Devmajor, hdr.Devminor))); err != nil {
+		return err
+	}
+	return nil
+}
+
+func handleLChmod(hdr *tar.Header, path string, hdrInfo os.FileInfo) error {
+	if hdr.Typeflag == tar.TypeLink {
+		if fi, err := os.Lstat(hdr.Linkname); err == nil && (fi.Mode()&os.ModeSymlink == 0) {
+			if err := os.Chmod(path, hdrInfo.Mode()); err != nil {
+				return err
+			}
+		}
+	} else if hdr.Typeflag != tar.TypeSymlink {
+		if err := os.Chmod(path, hdrInfo.Mode()); err != nil {
+			return err
+		}
+	}
+	return nil
+}
diff --git a/pkg/archive/archive_unix_test.go b/pkg/archive/archive_unix_test.go
new file mode 100644
index 00000000..548391b3
--- /dev/null
+++ b/pkg/archive/archive_unix_test.go
@@ -0,0 +1,245 @@
+// +build !windows
+
+package archive
+
+import (
+	"bytes"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"syscall"
+	"testing"
+
+	"github.com/docker/docker/pkg/system"
+)
+
+func TestCanonicalTarNameForPath(t *testing.T) {
+	cases := []struct{ in, expected string }{
+		{"foo", "foo"},
+		{"foo/bar", "foo/bar"},
+		{"foo/dir/", "foo/dir/"},
+	}
+	for _, v := range cases {
+		if out, err := CanonicalTarNameForPath(v.in); err != nil {
+			t.Fatalf("cannot get canonical name for path: %s: %v", v.in, err)
+		} else if out != v.expected {
+			t.Fatalf("wrong canonical tar name. expected:%s got:%s", v.expected, out)
+		}
+	}
+}
+
+func TestCanonicalTarName(t *testing.T) {
+	cases := []struct {
+		in       string
+		isDir    bool
+		expected string
+	}{
+		{"foo", false, "foo"},
+		{"foo", true, "foo/"},
+		{"foo/bar", false, "foo/bar"},
+		{"foo/bar", true, "foo/bar/"},
+	}
+	for _, v := range cases {
+		if out, err := canonicalTarName(v.in, v.isDir); err != nil {
+			t.Fatalf("cannot get canonical name for path: %s: %v", v.in, err)
+		} else if out != v.expected {
+			t.Fatalf("wrong canonical tar name. expected:%s got:%s", v.expected, out)
+		}
+	}
+}
+
+func TestChmodTarEntry(t *testing.T) {
+	cases := []struct {
+		in, expected os.FileMode
+	}{
+		{0000, 0000},
+		{0777, 0777},
+		{0644, 0644},
+		{0755, 0755},
+		{0444, 0444},
+	}
+	for _, v := range cases {
+		if out := chmodTarEntry(v.in); out != v.expected {
+			t.Fatalf("wrong chmod. expected:%v got:%v", v.expected, out)
+		}
+	}
+}
+
+func TestTarWithHardLink(t *testing.T) {
+	origin, err := ioutil.TempDir("", "docker-test-tar-hardlink")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(origin)
+	if err := ioutil.WriteFile(filepath.Join(origin, "1"), []byte("hello world"), 0700); err != nil {
+		t.Fatal(err)
+	}
+	if err := os.Link(filepath.Join(origin, "1"), filepath.Join(origin, "2")); err != nil {
+		t.Fatal(err)
+	}
+
+	var i1, i2 uint64
+	if i1, err = getNlink(filepath.Join(origin, "1")); err != nil {
+		t.Fatal(err)
+	}
+	// sanity check that we can hardlink
+	if i1 != 2 {
+		t.Skipf("skipping since hardlinks don't work here; expected 2 links, got %d", i1)
+	}
+
+	dest, err := ioutil.TempDir("", "docker-test-tar-hardlink-dest")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(dest)
+
+	// we'll do this in two steps to separate failure
+	fh, err := Tar(origin, Uncompressed)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// ensure we can read the whole thing with no error, before writing back out
+	buf, err := ioutil.ReadAll(fh)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	bRdr := bytes.NewReader(buf)
+	err = Untar(bRdr, dest, &TarOptions{Compression: Uncompressed})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if i1, err = getInode(filepath.Join(dest, "1")); err != nil {
+		t.Fatal(err)
+	}
+	if i2, err = getInode(filepath.Join(dest, "2")); err != nil {
+		t.Fatal(err)
+	}
+
+	if i1 != i2 {
+		t.Errorf("expected matching inodes, but got %d and %d", i1, i2)
+	}
+}
+
+func getNlink(path string) (uint64, error) {
+	stat, err := os.Stat(path)
+	if err != nil {
+		return 0, err
+	}
+	statT, ok := stat.Sys().(*syscall.Stat_t)
+	if !ok {
+		return 0, fmt.Errorf("expected type *syscall.Stat_t, got %t", stat.Sys())
+	}
+	// We need this conversion on ARM64
+	return uint64(statT.Nlink), nil
+}
+
+func getInode(path string) (uint64, error) {
+	stat, err := os.Stat(path)
+	if err != nil {
+		return 0, err
+	}
+	statT, ok := stat.Sys().(*syscall.Stat_t)
+	if !ok {
+		return 0, fmt.Errorf("expected type *syscall.Stat_t, got %t", stat.Sys())
+	}
+	return statT.Ino, nil
+}
+
+func TestTarWithBlockCharFifo(t *testing.T) {
+	origin, err := ioutil.TempDir("", "docker-test-tar-hardlink")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(origin)
+	if err := ioutil.WriteFile(filepath.Join(origin, "1"), []byte("hello world"), 0700); err != nil {
+		t.Fatal(err)
+	}
+	if err := system.Mknod(filepath.Join(origin, "2"), syscall.S_IFBLK, int(system.Mkdev(int64(12), int64(5)))); err != nil {
+		t.Fatal(err)
+	}
+	if err := system.Mknod(filepath.Join(origin, "3"), syscall.S_IFCHR, int(system.Mkdev(int64(12), int64(5)))); err != nil {
+		t.Fatal(err)
+	}
+	if err := system.Mknod(filepath.Join(origin, "4"), syscall.S_IFIFO, int(system.Mkdev(int64(12), int64(5)))); err != nil {
+		t.Fatal(err)
+	}
+
+	dest, err := ioutil.TempDir("", "docker-test-tar-hardlink-dest")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(dest)
+
+	// we'll do this in two steps to separate failure
+	fh, err := Tar(origin, Uncompressed)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// ensure we can read the whole thing with no error, before writing back out
+	buf, err := ioutil.ReadAll(fh)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	bRdr := bytes.NewReader(buf)
+	err = Untar(bRdr, dest, &TarOptions{Compression: Uncompressed})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	changes, err := ChangesDirs(origin, dest)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(changes) > 0 {
+		t.Fatalf("Tar with special device (block, char, fifo) should keep them (recreate them when untar) : %v", changes)
+	}
+}
+
+// TestTarUntarWithXattr is Unix as Lsetxattr is not supported on Windows
+func TestTarUntarWithXattr(t *testing.T) {
+	origin, err := ioutil.TempDir("", "docker-test-untar-origin")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(origin)
+	if err := ioutil.WriteFile(filepath.Join(origin, "1"), []byte("hello world"), 0700); err != nil {
+		t.Fatal(err)
+	}
+	if err := ioutil.WriteFile(filepath.Join(origin, "2"), []byte("welcome!"), 0700); err != nil {
+		t.Fatal(err)
+	}
+	if err := ioutil.WriteFile(filepath.Join(origin, "3"), []byte("will be ignored"), 0700); err != nil {
+		t.Fatal(err)
+	}
+	if err := system.Lsetxattr(filepath.Join(origin, "2"), "security.capability", []byte{0x00}, 0); err != nil {
+		t.Fatal(err)
+	}
+
+	for _, c := range []Compression{
+		Uncompressed,
+		Gzip,
+	} {
+		changes, err := tarUntar(t, origin, &TarOptions{
+			Compression:     c,
+			ExcludePatterns: []string{"3"},
+		})
+
+		if err != nil {
+			t.Fatalf("Error tar/untar for compression %s: %s", c.Extension(), err)
+		}
+
+		if len(changes) != 1 || changes[0].Path != "/3" {
+			t.Fatalf("Unexpected differences after tarUntar: %v", changes)
+		}
+		capability, _ := system.Lgetxattr(filepath.Join(origin, "2"), "security.capability")
+		if capability == nil && capability[0] != 0x00 {
+			t.Fatalf("Untar should have kept the 'security.capability' xattr.")
+		}
+	}
+}
diff --git a/pkg/archive/archive_windows.go b/pkg/archive/archive_windows.go
new file mode 100644
index 00000000..5c3a1be3
--- /dev/null
+++ b/pkg/archive/archive_windows.go
@@ -0,0 +1,70 @@
+// +build windows
+
+package archive
+
+import (
+	"archive/tar"
+	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/docker/docker/pkg/longpath"
+)
+
+// fixVolumePathPrefix does platform specific processing to ensure that if
+// the path being passed in is not in a volume path format, convert it to one.
+func fixVolumePathPrefix(srcPath string) string {
+	return longpath.AddPrefix(srcPath)
+}
+
+// getWalkRoot calculates the root path when performing a TarWithOptions.
+// We use a separate function as this is platform specific.
+func getWalkRoot(srcPath string, include string) string {
+	return filepath.Join(srcPath, include)
+}
+
+// CanonicalTarNameForPath returns platform-specific filepath
+// to canonical posix-style path for tar archival. p is relative
+// path.
+func CanonicalTarNameForPath(p string) (string, error) {
+	// windows: convert windows style relative path with backslashes
+	// into forward slashes. Since windows does not allow '/' or '\'
+	// in file names, it is mostly safe to replace however we must
+	// check just in case
+	if strings.Contains(p, "/") {
+		return "", fmt.Errorf("Windows path contains forward slash: %s", p)
+	}
+	return strings.Replace(p, string(os.PathSeparator), "/", -1), nil
+
+}
+
+// chmodTarEntry is used to adjust the file permissions used in tar header based
+// on the platform the archival is done.
+func chmodTarEntry(perm os.FileMode) os.FileMode {
+	perm &= 0755
+	// Add the x bit: make everything +x from windows
+	perm |= 0111
+
+	return perm
+}
+
+func setHeaderForSpecialDevice(hdr *tar.Header, ta *tarAppender, name string, stat interface{}) (inode uint64, err error) {
+	// do nothing. no notion of Rdev, Inode, Nlink in stat on Windows
+	return
+}
+
+// handleTarTypeBlockCharFifo is an OS-specific helper function used by
+// createTarFile to handle the following types of header: Block; Char; Fifo
+func handleTarTypeBlockCharFifo(hdr *tar.Header, path string) error {
+	return nil
+}
+
+func handleLChmod(hdr *tar.Header, path string, hdrInfo os.FileInfo) error {
+	return nil
+}
+
+func getFileUIDGID(stat interface{}) (int, int, error) {
+	// no notion of file ownership mapping yet on Windows
+	return 0, 0, nil
+}
diff --git a/pkg/archive/archive_windows_test.go b/pkg/archive/archive_windows_test.go
new file mode 100644
index 00000000..0c6733d6
--- /dev/null
+++ b/pkg/archive/archive_windows_test.go
@@ -0,0 +1,91 @@
+// +build windows
+
+package archive
+
+import (
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"testing"
+)
+
+func TestCopyFileWithInvalidDest(t *testing.T) {
+	// TODO Windows: This is currently failing. Not sure what has
+	// recently changed in CopyWithTar as used to pass. Further investigation
+	// is required.
+	t.Skip("Currently fails")
+	folder, err := ioutil.TempDir("", "docker-archive-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(folder)
+	dest := "c:dest"
+	srcFolder := filepath.Join(folder, "src")
+	src := filepath.Join(folder, "src", "src")
+	err = os.MkdirAll(srcFolder, 0740)
+	if err != nil {
+		t.Fatal(err)
+	}
+	ioutil.WriteFile(src, []byte("content"), 0777)
+	err = CopyWithTar(src, dest)
+	if err == nil {
+		t.Fatalf("archiver.CopyWithTar should throw an error on invalid dest.")
+	}
+}
+
+func TestCanonicalTarNameForPath(t *testing.T) {
+	cases := []struct {
+		in, expected string
+		shouldFail   bool
+	}{
+		{"foo", "foo", false},
+		{"foo/bar", "___", true}, // unix-styled windows path must fail
+		{`foo\bar`, "foo/bar", false},
+	}
+	for _, v := range cases {
+		if out, err := CanonicalTarNameForPath(v.in); err != nil && !v.shouldFail {
+			t.Fatalf("cannot get canonical name for path: %s: %v", v.in, err)
+		} else if v.shouldFail && err == nil {
+			t.Fatalf("canonical path call should have failed with error. in=%s out=%s", v.in, out)
+		} else if !v.shouldFail && out != v.expected {
+			t.Fatalf("wrong canonical tar name. expected:%s got:%s", v.expected, out)
+		}
+	}
+}
+
+func TestCanonicalTarName(t *testing.T) {
+	cases := []struct {
+		in       string
+		isDir    bool
+		expected string
+	}{
+		{"foo", false, "foo"},
+		{"foo", true, "foo/"},
+		{`foo\bar`, false, "foo/bar"},
+		{`foo\bar`, true, "foo/bar/"},
+	}
+	for _, v := range cases {
+		if out, err := canonicalTarName(v.in, v.isDir); err != nil {
+			t.Fatalf("cannot get canonical name for path: %s: %v", v.in, err)
+		} else if out != v.expected {
+			t.Fatalf("wrong canonical tar name. expected:%s got:%s", v.expected, out)
+		}
+	}
+}
+
+func TestChmodTarEntry(t *testing.T) {
+	cases := []struct {
+		in, expected os.FileMode
+	}{
+		{0000, 0111},
+		{0777, 0755},
+		{0644, 0755},
+		{0755, 0755},
+		{0444, 0555},
+	}
+	for _, v := range cases {
+		if out := chmodTarEntry(v.in); out != v.expected {
+			t.Fatalf("wrong chmod. expected:%v got:%v", v.expected, out)
+		}
+	}
+}
diff --git a/pkg/archive/changes.go b/pkg/archive/changes.go
new file mode 100644
index 00000000..81651c61
--- /dev/null
+++ b/pkg/archive/changes.go
@@ -0,0 +1,416 @@
+package archive
+
+import (
+	"archive/tar"
+	"bytes"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"sort"
+	"strings"
+	"syscall"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/pools"
+	"github.com/docker/docker/pkg/system"
+)
+
+// ChangeType represents the change type.
+type ChangeType int
+
+const (
+	// ChangeModify represents the modify operation.
+	ChangeModify = iota
+	// ChangeAdd represents the add operation.
+	ChangeAdd
+	// ChangeDelete represents the delete operation.
+	ChangeDelete
+)
+
+func (c ChangeType) String() string {
+	switch c {
+	case ChangeModify:
+		return "C"
+	case ChangeAdd:
+		return "A"
+	case ChangeDelete:
+		return "D"
+	}
+	return ""
+}
+
+// Change represents a change, it wraps the change type and path.
+// It describes changes of the files in the path respect to the
+// parent layers. The change could be modify, add, delete.
+// This is used for layer diff.
+type Change struct {
+	Path string
+	Kind ChangeType
+}
+
+func (change *Change) String() string {
+	return fmt.Sprintf("%s %s", change.Kind, change.Path)
+}
+
+// for sort.Sort
+type changesByPath []Change
+
+func (c changesByPath) Less(i, j int) bool { return c[i].Path < c[j].Path }
+func (c changesByPath) Len() int           { return len(c) }
+func (c changesByPath) Swap(i, j int)      { c[j], c[i] = c[i], c[j] }
+
+// Gnu tar and the go tar writer don't have sub-second mtime
+// precision, which is problematic when we apply changes via tar
+// files, we handle this by comparing for exact times, *or* same
+// second count and either a or b having exactly 0 nanoseconds
+func sameFsTime(a, b time.Time) bool {
+	return a == b ||
+		(a.Unix() == b.Unix() &&
+			(a.Nanosecond() == 0 || b.Nanosecond() == 0))
+}
+
+func sameFsTimeSpec(a, b syscall.Timespec) bool {
+	return a.Sec == b.Sec &&
+		(a.Nsec == b.Nsec || a.Nsec == 0 || b.Nsec == 0)
+}
+
+// Changes walks the path rw and determines changes for the files in the path,
+// with respect to the parent layers
+func Changes(layers []string, rw string) ([]Change, error) {
+	var (
+		changes     []Change
+		changedDirs = make(map[string]struct{})
+	)
+
+	err := filepath.Walk(rw, func(path string, f os.FileInfo, err error) error {
+		if err != nil {
+			return err
+		}
+
+		// Rebase path
+		path, err = filepath.Rel(rw, path)
+		if err != nil {
+			return err
+		}
+
+		// As this runs on the daemon side, file paths are OS specific.
+		path = filepath.Join(string(os.PathSeparator), path)
+
+		// Skip root
+		if path == string(os.PathSeparator) {
+			return nil
+		}
+
+		// Skip AUFS metadata
+		if matched, err := filepath.Match(string(os.PathSeparator)+WhiteoutMetaPrefix+"*", path); err != nil || matched {
+			return err
+		}
+
+		change := Change{
+			Path: path,
+		}
+
+		// Find out what kind of modification happened
+		file := filepath.Base(path)
+		// If there is a whiteout, then the file was removed
+		if strings.HasPrefix(file, WhiteoutPrefix) {
+			originalFile := file[len(WhiteoutPrefix):]
+			change.Path = filepath.Join(filepath.Dir(path), originalFile)
+			change.Kind = ChangeDelete
+		} else {
+			// Otherwise, the file was added
+			change.Kind = ChangeAdd
+
+			// ...Unless it already existed in a top layer, in which case, it's a modification
+			for _, layer := range layers {
+				stat, err := os.Stat(filepath.Join(layer, path))
+				if err != nil && !os.IsNotExist(err) {
+					return err
+				}
+				if err == nil {
+					// The file existed in the top layer, so that's a modification
+
+					// However, if it's a directory, maybe it wasn't actually modified.
+					// If you modify /foo/bar/baz, then /foo will be part of the changed files only because it's the parent of bar
+					if stat.IsDir() && f.IsDir() {
+						if f.Size() == stat.Size() && f.Mode() == stat.Mode() && sameFsTime(f.ModTime(), stat.ModTime()) {
+							// Both directories are the same, don't record the change
+							return nil
+						}
+					}
+					change.Kind = ChangeModify
+					break
+				}
+			}
+		}
+
+		// If /foo/bar/file.txt is modified, then /foo/bar must be part of the changed files.
+		// This block is here to ensure the change is recorded even if the
+		// modify time, mode and size of the parent directory in the rw and ro layers are all equal.
+		// Check https://github.com/docker/docker/pull/13590 for details.
+		if f.IsDir() {
+			changedDirs[path] = struct{}{}
+		}
+		if change.Kind == ChangeAdd || change.Kind == ChangeDelete {
+			parent := filepath.Dir(path)
+			if _, ok := changedDirs[parent]; !ok && parent != "/" {
+				changes = append(changes, Change{Path: parent, Kind: ChangeModify})
+				changedDirs[parent] = struct{}{}
+			}
+		}
+
+		// Record change
+		changes = append(changes, change)
+		return nil
+	})
+	if err != nil && !os.IsNotExist(err) {
+		return nil, err
+	}
+	return changes, nil
+}
+
+// FileInfo describes the information of a file.
+type FileInfo struct {
+	parent     *FileInfo
+	name       string
+	stat       *system.StatT
+	children   map[string]*FileInfo
+	capability []byte
+	added      bool
+}
+
+// LookUp looks up the file information of a file.
+func (info *FileInfo) LookUp(path string) *FileInfo {
+	// As this runs on the daemon side, file paths are OS specific.
+	parent := info
+	if path == string(os.PathSeparator) {
+		return info
+	}
+
+	pathElements := strings.Split(path, string(os.PathSeparator))
+	for _, elem := range pathElements {
+		if elem != "" {
+			child := parent.children[elem]
+			if child == nil {
+				return nil
+			}
+			parent = child
+		}
+	}
+	return parent
+}
+
+func (info *FileInfo) path() string {
+	if info.parent == nil {
+		// As this runs on the daemon side, file paths are OS specific.
+		return string(os.PathSeparator)
+	}
+	return filepath.Join(info.parent.path(), info.name)
+}
+
+func (info *FileInfo) addChanges(oldInfo *FileInfo, changes *[]Change) {
+
+	sizeAtEntry := len(*changes)
+
+	if oldInfo == nil {
+		// add
+		change := Change{
+			Path: info.path(),
+			Kind: ChangeAdd,
+		}
+		*changes = append(*changes, change)
+		info.added = true
+	}
+
+	// We make a copy so we can modify it to detect additions
+	// also, we only recurse on the old dir if the new info is a directory
+	// otherwise any previous delete/change is considered recursive
+	oldChildren := make(map[string]*FileInfo)
+	if oldInfo != nil && info.isDir() {
+		for k, v := range oldInfo.children {
+			oldChildren[k] = v
+		}
+	}
+
+	for name, newChild := range info.children {
+		oldChild, _ := oldChildren[name]
+		if oldChild != nil {
+			// change?
+			oldStat := oldChild.stat
+			newStat := newChild.stat
+			// Note: We can't compare inode or ctime or blocksize here, because these change
+			// when copying a file into a container. However, that is not generally a problem
+			// because any content change will change mtime, and any status change should
+			// be visible when actually comparing the stat fields. The only time this
+			// breaks down is if some code intentionally hides a change by setting
+			// back mtime
+			if statDifferent(oldStat, newStat) ||
+				bytes.Compare(oldChild.capability, newChild.capability) != 0 {
+				change := Change{
+					Path: newChild.path(),
+					Kind: ChangeModify,
+				}
+				*changes = append(*changes, change)
+				newChild.added = true
+			}
+
+			// Remove from copy so we can detect deletions
+			delete(oldChildren, name)
+		}
+
+		newChild.addChanges(oldChild, changes)
+	}
+	for _, oldChild := range oldChildren {
+		// delete
+		change := Change{
+			Path: oldChild.path(),
+			Kind: ChangeDelete,
+		}
+		*changes = append(*changes, change)
+	}
+
+	// If there were changes inside this directory, we need to add it, even if the directory
+	// itself wasn't changed. This is needed to properly save and restore filesystem permissions.
+	// As this runs on the daemon side, file paths are OS specific.
+	if len(*changes) > sizeAtEntry && info.isDir() && !info.added && info.path() != string(os.PathSeparator) {
+		change := Change{
+			Path: info.path(),
+			Kind: ChangeModify,
+		}
+		// Let's insert the directory entry before the recently added entries located inside this dir
+		*changes = append(*changes, change) // just to resize the slice, will be overwritten
+		copy((*changes)[sizeAtEntry+1:], (*changes)[sizeAtEntry:])
+		(*changes)[sizeAtEntry] = change
+	}
+
+}
+
+// Changes add changes to file information.
+func (info *FileInfo) Changes(oldInfo *FileInfo) []Change {
+	var changes []Change
+
+	info.addChanges(oldInfo, &changes)
+
+	return changes
+}
+
+func newRootFileInfo() *FileInfo {
+	// As this runs on the daemon side, file paths are OS specific.
+	root := &FileInfo{
+		name:     string(os.PathSeparator),
+		children: make(map[string]*FileInfo),
+	}
+	return root
+}
+
+// ChangesDirs compares two directories and generates an array of Change objects describing the changes.
+// If oldDir is "", then all files in newDir will be Add-Changes.
+func ChangesDirs(newDir, oldDir string) ([]Change, error) {
+	var (
+		oldRoot, newRoot *FileInfo
+	)
+	if oldDir == "" {
+		emptyDir, err := ioutil.TempDir("", "empty")
+		if err != nil {
+			return nil, err
+		}
+		defer os.Remove(emptyDir)
+		oldDir = emptyDir
+	}
+	oldRoot, newRoot, err := collectFileInfoForChanges(oldDir, newDir)
+	if err != nil {
+		return nil, err
+	}
+
+	return newRoot.Changes(oldRoot), nil
+}
+
+// ChangesSize calculates the size in bytes of the provided changes, based on newDir.
+func ChangesSize(newDir string, changes []Change) int64 {
+	var (
+		size int64
+		sf   = make(map[uint64]struct{})
+	)
+	for _, change := range changes {
+		if change.Kind == ChangeModify || change.Kind == ChangeAdd {
+			file := filepath.Join(newDir, change.Path)
+			fileInfo, err := os.Lstat(file)
+			if err != nil {
+				logrus.Errorf("Can not stat %q: %s", file, err)
+				continue
+			}
+
+			if fileInfo != nil && !fileInfo.IsDir() {
+				if hasHardlinks(fileInfo) {
+					inode := getIno(fileInfo)
+					if _, ok := sf[inode]; !ok {
+						size += fileInfo.Size()
+						sf[inode] = struct{}{}
+					}
+				} else {
+					size += fileInfo.Size()
+				}
+			}
+		}
+	}
+	return size
+}
+
+// ExportChanges produces an Archive from the provided changes, relative to dir.
+func ExportChanges(dir string, changes []Change, uidMaps, gidMaps []idtools.IDMap) (Archive, error) {
+	reader, writer := io.Pipe()
+	go func() {
+		ta := &tarAppender{
+			TarWriter: tar.NewWriter(writer),
+			Buffer:    pools.BufioWriter32KPool.Get(nil),
+			SeenFiles: make(map[uint64]string),
+			UIDMaps:   uidMaps,
+			GIDMaps:   gidMaps,
+		}
+		// this buffer is needed for the duration of this piped stream
+		defer pools.BufioWriter32KPool.Put(ta.Buffer)
+
+		sort.Sort(changesByPath(changes))
+
+		// In general we log errors here but ignore them because
+		// during e.g. a diff operation the container can continue
+		// mutating the filesystem and we can see transient errors
+		// from this
+		for _, change := range changes {
+			if change.Kind == ChangeDelete {
+				whiteOutDir := filepath.Dir(change.Path)
+				whiteOutBase := filepath.Base(change.Path)
+				whiteOut := filepath.Join(whiteOutDir, WhiteoutPrefix+whiteOutBase)
+				timestamp := time.Now()
+				hdr := &tar.Header{
+					Name:       whiteOut[1:],
+					Size:       0,
+					ModTime:    timestamp,
+					AccessTime: timestamp,
+					ChangeTime: timestamp,
+				}
+				if err := ta.TarWriter.WriteHeader(hdr); err != nil {
+					logrus.Debugf("Can't write whiteout header: %s", err)
+				}
+			} else {
+				path := filepath.Join(dir, change.Path)
+				if err := ta.addTarFile(path, change.Path[1:]); err != nil {
+					logrus.Debugf("Can't add file %s to tar: %s", path, err)
+				}
+			}
+		}
+
+		// Make sure to check the error on Close.
+		if err := ta.TarWriter.Close(); err != nil {
+			logrus.Debugf("Can't close layer: %s", err)
+		}
+		if err := writer.Close(); err != nil {
+			logrus.Debugf("failed close Changes writer: %s", err)
+		}
+	}()
+	return reader, nil
+}
diff --git a/pkg/archive/changes_linux.go b/pkg/archive/changes_linux.go
new file mode 100644
index 00000000..dee8b7c6
--- /dev/null
+++ b/pkg/archive/changes_linux.go
@@ -0,0 +1,285 @@
+package archive
+
+import (
+	"bytes"
+	"fmt"
+	"os"
+	"path/filepath"
+	"sort"
+	"syscall"
+	"unsafe"
+
+	"github.com/docker/docker/pkg/system"
+)
+
+// walker is used to implement collectFileInfoForChanges on linux. Where this
+// method in general returns the entire contents of two directory trees, we
+// optimize some FS calls out on linux. In particular, we take advantage of the
+// fact that getdents(2) returns the inode of each file in the directory being
+// walked, which, when walking two trees in parallel to generate a list of
+// changes, can be used to prune subtrees without ever having to lstat(2) them
+// directly. Eliminating stat calls in this way can save up to seconds on large
+// images.
+type walker struct {
+	dir1  string
+	dir2  string
+	root1 *FileInfo
+	root2 *FileInfo
+}
+
+// collectFileInfoForChanges returns a complete representation of the trees
+// rooted at dir1 and dir2, with one important exception: any subtree or
+// leaf where the inode and device numbers are an exact match between dir1
+// and dir2 will be pruned from the results. This method is *only* to be used
+// to generating a list of changes between the two directories, as it does not
+// reflect the full contents.
+func collectFileInfoForChanges(dir1, dir2 string) (*FileInfo, *FileInfo, error) {
+	w := &walker{
+		dir1:  dir1,
+		dir2:  dir2,
+		root1: newRootFileInfo(),
+		root2: newRootFileInfo(),
+	}
+
+	i1, err := os.Lstat(w.dir1)
+	if err != nil {
+		return nil, nil, err
+	}
+	i2, err := os.Lstat(w.dir2)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	if err := w.walk("/", i1, i2); err != nil {
+		return nil, nil, err
+	}
+
+	return w.root1, w.root2, nil
+}
+
+// Given a FileInfo, its path info, and a reference to the root of the tree
+// being constructed, register this file with the tree.
+func walkchunk(path string, fi os.FileInfo, dir string, root *FileInfo) error {
+	if fi == nil {
+		return nil
+	}
+	parent := root.LookUp(filepath.Dir(path))
+	if parent == nil {
+		return fmt.Errorf("collectFileInfoForChanges: Unexpectedly no parent for %s", path)
+	}
+	info := &FileInfo{
+		name:     filepath.Base(path),
+		children: make(map[string]*FileInfo),
+		parent:   parent,
+	}
+	cpath := filepath.Join(dir, path)
+	stat, err := system.FromStatT(fi.Sys().(*syscall.Stat_t))
+	if err != nil {
+		return err
+	}
+	info.stat = stat
+	info.capability, _ = system.Lgetxattr(cpath, "security.capability") // lgetxattr(2): fs access
+	parent.children[info.name] = info
+	return nil
+}
+
+// Walk a subtree rooted at the same path in both trees being iterated. For
+// example, /docker/overlay/1234/a/b/c/d and /docker/overlay/8888/a/b/c/d
+func (w *walker) walk(path string, i1, i2 os.FileInfo) (err error) {
+	// Register these nodes with the return trees, unless we're still at the
+	// (already-created) roots:
+	if path != "/" {
+		if err := walkchunk(path, i1, w.dir1, w.root1); err != nil {
+			return err
+		}
+		if err := walkchunk(path, i2, w.dir2, w.root2); err != nil {
+			return err
+		}
+	}
+
+	is1Dir := i1 != nil && i1.IsDir()
+	is2Dir := i2 != nil && i2.IsDir()
+
+	sameDevice := false
+	if i1 != nil && i2 != nil {
+		si1 := i1.Sys().(*syscall.Stat_t)
+		si2 := i2.Sys().(*syscall.Stat_t)
+		if si1.Dev == si2.Dev {
+			sameDevice = true
+		}
+	}
+
+	// If these files are both non-existent, or leaves (non-dirs), we are done.
+	if !is1Dir && !is2Dir {
+		return nil
+	}
+
+	// Fetch the names of all the files contained in both directories being walked:
+	var names1, names2 []nameIno
+	if is1Dir {
+		names1, err = readdirnames(filepath.Join(w.dir1, path)) // getdents(2): fs access
+		if err != nil {
+			return err
+		}
+	}
+	if is2Dir {
+		names2, err = readdirnames(filepath.Join(w.dir2, path)) // getdents(2): fs access
+		if err != nil {
+			return err
+		}
+	}
+
+	// We have lists of the files contained in both parallel directories, sorted
+	// in the same order. Walk them in parallel, generating a unique merged list
+	// of all items present in either or both directories.
+	var names []string
+	ix1 := 0
+	ix2 := 0
+
+	for {
+		if ix1 >= len(names1) {
+			break
+		}
+		if ix2 >= len(names2) {
+			break
+		}
+
+		ni1 := names1[ix1]
+		ni2 := names2[ix2]
+
+		switch bytes.Compare([]byte(ni1.name), []byte(ni2.name)) {
+		case -1: // ni1 < ni2 -- advance ni1
+			// we will not encounter ni1 in names2
+			names = append(names, ni1.name)
+			ix1++
+		case 0: // ni1 == ni2
+			if ni1.ino != ni2.ino || !sameDevice {
+				names = append(names, ni1.name)
+			}
+			ix1++
+			ix2++
+		case 1: // ni1 > ni2 -- advance ni2
+			// we will not encounter ni2 in names1
+			names = append(names, ni2.name)
+			ix2++
+		}
+	}
+	for ix1 < len(names1) {
+		names = append(names, names1[ix1].name)
+		ix1++
+	}
+	for ix2 < len(names2) {
+		names = append(names, names2[ix2].name)
+		ix2++
+	}
+
+	// For each of the names present in either or both of the directories being
+	// iterated, stat the name under each root, and recurse the pair of them:
+	for _, name := range names {
+		fname := filepath.Join(path, name)
+		var cInfo1, cInfo2 os.FileInfo
+		if is1Dir {
+			cInfo1, err = os.Lstat(filepath.Join(w.dir1, fname)) // lstat(2): fs access
+			if err != nil && !os.IsNotExist(err) {
+				return err
+			}
+		}
+		if is2Dir {
+			cInfo2, err = os.Lstat(filepath.Join(w.dir2, fname)) // lstat(2): fs access
+			if err != nil && !os.IsNotExist(err) {
+				return err
+			}
+		}
+		if err = w.walk(fname, cInfo1, cInfo2); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// {name,inode} pairs used to support the early-pruning logic of the walker type
+type nameIno struct {
+	name string
+	ino  uint64
+}
+
+type nameInoSlice []nameIno
+
+func (s nameInoSlice) Len() int           { return len(s) }
+func (s nameInoSlice) Swap(i, j int)      { s[i], s[j] = s[j], s[i] }
+func (s nameInoSlice) Less(i, j int) bool { return s[i].name < s[j].name }
+
+// readdirnames is a hacked-apart version of the Go stdlib code, exposing inode
+// numbers further up the stack when reading directory contents. Unlike
+// os.Readdirnames, which returns a list of filenames, this function returns a
+// list of {filename,inode} pairs.
+func readdirnames(dirname string) (names []nameIno, err error) {
+	var (
+		size = 100
+		buf  = make([]byte, 4096)
+		nbuf int
+		bufp int
+		nb   int
+	)
+
+	f, err := os.Open(dirname)
+	if err != nil {
+		return nil, err
+	}
+	defer f.Close()
+
+	names = make([]nameIno, 0, size) // Empty with room to grow.
+	for {
+		// Refill the buffer if necessary
+		if bufp >= nbuf {
+			bufp = 0
+			nbuf, err = syscall.ReadDirent(int(f.Fd()), buf) // getdents on linux
+			if nbuf < 0 {
+				nbuf = 0
+			}
+			if err != nil {
+				return nil, os.NewSyscallError("readdirent", err)
+			}
+			if nbuf <= 0 {
+				break // EOF
+			}
+		}
+
+		// Drain the buffer
+		nb, names = parseDirent(buf[bufp:nbuf], names)
+		bufp += nb
+	}
+
+	sl := nameInoSlice(names)
+	sort.Sort(sl)
+	return sl, nil
+}
+
+// parseDirent is a minor modification of syscall.ParseDirent (linux version)
+// which returns {name,inode} pairs instead of just names.
+func parseDirent(buf []byte, names []nameIno) (consumed int, newnames []nameIno) {
+	origlen := len(buf)
+	for len(buf) > 0 {
+		dirent := (*syscall.Dirent)(unsafe.Pointer(&buf[0]))
+		buf = buf[dirent.Reclen:]
+		if dirent.Ino == 0 { // File absent in directory.
+			continue
+		}
+		bytes := (*[10000]byte)(unsafe.Pointer(&dirent.Name[0]))
+		var name = string(bytes[0:clen(bytes[:])])
+		if name == "." || name == ".." { // Useless names
+			continue
+		}
+		names = append(names, nameIno{name, dirent.Ino})
+	}
+	return origlen - len(buf), names
+}
+
+func clen(n []byte) int {
+	for i := 0; i < len(n); i++ {
+		if n[i] == 0 {
+			return i
+		}
+	}
+	return len(n)
+}
diff --git a/pkg/archive/changes_other.go b/pkg/archive/changes_other.go
new file mode 100644
index 00000000..da70ed37
--- /dev/null
+++ b/pkg/archive/changes_other.go
@@ -0,0 +1,97 @@
+// +build !linux
+
+package archive
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"runtime"
+	"strings"
+
+	"github.com/docker/docker/pkg/system"
+)
+
+func collectFileInfoForChanges(oldDir, newDir string) (*FileInfo, *FileInfo, error) {
+	var (
+		oldRoot, newRoot *FileInfo
+		err1, err2       error
+		errs             = make(chan error, 2)
+	)
+	go func() {
+		oldRoot, err1 = collectFileInfo(oldDir)
+		errs <- err1
+	}()
+	go func() {
+		newRoot, err2 = collectFileInfo(newDir)
+		errs <- err2
+	}()
+
+	// block until both routines have returned
+	for i := 0; i < 2; i++ {
+		if err := <-errs; err != nil {
+			return nil, nil, err
+		}
+	}
+
+	return oldRoot, newRoot, nil
+}
+
+func collectFileInfo(sourceDir string) (*FileInfo, error) {
+	root := newRootFileInfo()
+
+	err := filepath.Walk(sourceDir, func(path string, f os.FileInfo, err error) error {
+		if err != nil {
+			return err
+		}
+
+		// Rebase path
+		relPath, err := filepath.Rel(sourceDir, path)
+		if err != nil {
+			return err
+		}
+
+		// As this runs on the daemon side, file paths are OS specific.
+		relPath = filepath.Join(string(os.PathSeparator), relPath)
+
+		// See https://github.com/golang/go/issues/9168 - bug in filepath.Join.
+		// Temporary workaround. If the returned path starts with two backslashes,
+		// trim it down to a single backslash. Only relevant on Windows.
+		if runtime.GOOS == "windows" {
+			if strings.HasPrefix(relPath, `\\`) {
+				relPath = relPath[1:]
+			}
+		}
+
+		if relPath == string(os.PathSeparator) {
+			return nil
+		}
+
+		parent := root.LookUp(filepath.Dir(relPath))
+		if parent == nil {
+			return fmt.Errorf("collectFileInfo: Unexpectedly no parent for %s", relPath)
+		}
+
+		info := &FileInfo{
+			name:     filepath.Base(relPath),
+			children: make(map[string]*FileInfo),
+			parent:   parent,
+		}
+
+		s, err := system.Lstat(path)
+		if err != nil {
+			return err
+		}
+		info.stat = s
+
+		info.capability, _ = system.Lgetxattr(path, "security.capability")
+
+		parent.children[info.name] = info
+
+		return nil
+	})
+	if err != nil {
+		return nil, err
+	}
+	return root, nil
+}
diff --git a/pkg/archive/changes_posix_test.go b/pkg/archive/changes_posix_test.go
new file mode 100644
index 00000000..5a3282b5
--- /dev/null
+++ b/pkg/archive/changes_posix_test.go
@@ -0,0 +1,127 @@
+package archive
+
+import (
+	"archive/tar"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"path"
+	"sort"
+	"testing"
+)
+
+func TestHardLinkOrder(t *testing.T) {
+	names := []string{"file1.txt", "file2.txt", "file3.txt"}
+	msg := []byte("Hey y'all")
+
+	// Create dir
+	src, err := ioutil.TempDir("", "docker-hardlink-test-src-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	//defer os.RemoveAll(src)
+	for _, name := range names {
+		func() {
+			fh, err := os.Create(path.Join(src, name))
+			if err != nil {
+				t.Fatal(err)
+			}
+			defer fh.Close()
+			if _, err = fh.Write(msg); err != nil {
+				t.Fatal(err)
+			}
+		}()
+	}
+	// Create dest, with changes that includes hardlinks
+	dest, err := ioutil.TempDir("", "docker-hardlink-test-dest-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	os.RemoveAll(dest) // we just want the name, at first
+	if err := copyDir(src, dest); err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(dest)
+	for _, name := range names {
+		for i := 0; i < 5; i++ {
+			if err := os.Link(path.Join(dest, name), path.Join(dest, fmt.Sprintf("%s.link%d", name, i))); err != nil {
+				t.Fatal(err)
+			}
+		}
+	}
+
+	// get changes
+	changes, err := ChangesDirs(dest, src)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// sort
+	sort.Sort(changesByPath(changes))
+
+	// ExportChanges
+	ar, err := ExportChanges(dest, changes, nil, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+	hdrs, err := walkHeaders(ar)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// reverse sort
+	sort.Sort(sort.Reverse(changesByPath(changes)))
+	// ExportChanges
+	arRev, err := ExportChanges(dest, changes, nil, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+	hdrsRev, err := walkHeaders(arRev)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// line up the two sets
+	sort.Sort(tarHeaders(hdrs))
+	sort.Sort(tarHeaders(hdrsRev))
+
+	// compare Size and LinkName
+	for i := range hdrs {
+		if hdrs[i].Name != hdrsRev[i].Name {
+			t.Errorf("headers - expected name %q; but got %q", hdrs[i].Name, hdrsRev[i].Name)
+		}
+		if hdrs[i].Size != hdrsRev[i].Size {
+			t.Errorf("headers - %q expected size %d; but got %d", hdrs[i].Name, hdrs[i].Size, hdrsRev[i].Size)
+		}
+		if hdrs[i].Typeflag != hdrsRev[i].Typeflag {
+			t.Errorf("headers - %q expected type %d; but got %d", hdrs[i].Name, hdrs[i].Typeflag, hdrsRev[i].Typeflag)
+		}
+		if hdrs[i].Linkname != hdrsRev[i].Linkname {
+			t.Errorf("headers - %q expected linkname %q; but got %q", hdrs[i].Name, hdrs[i].Linkname, hdrsRev[i].Linkname)
+		}
+	}
+
+}
+
+type tarHeaders []tar.Header
+
+func (th tarHeaders) Len() int           { return len(th) }
+func (th tarHeaders) Swap(i, j int)      { th[j], th[i] = th[i], th[j] }
+func (th tarHeaders) Less(i, j int) bool { return th[i].Name < th[j].Name }
+
+func walkHeaders(r io.Reader) ([]tar.Header, error) {
+	t := tar.NewReader(r)
+	headers := []tar.Header{}
+	for {
+		hdr, err := t.Next()
+		if err != nil {
+			if err == io.EOF {
+				break
+			}
+			return headers, err
+		}
+		headers = append(headers, *hdr)
+	}
+	return headers, nil
+}
diff --git a/pkg/archive/changes_test.go b/pkg/archive/changes_test.go
new file mode 100644
index 00000000..bca68250
--- /dev/null
+++ b/pkg/archive/changes_test.go
@@ -0,0 +1,565 @@
+package archive
+
+import (
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path"
+	"runtime"
+	"sort"
+	"testing"
+	"time"
+
+	"github.com/docker/docker/pkg/system"
+)
+
+func max(x, y int) int {
+	if x >= y {
+		return x
+	}
+	return y
+}
+
+func copyDir(src, dst string) error {
+	cmd := exec.Command("cp", "-a", src, dst)
+	if err := cmd.Run(); err != nil {
+		return err
+	}
+	return nil
+}
+
+type FileType uint32
+
+const (
+	Regular FileType = iota
+	Dir
+	Symlink
+)
+
+type FileData struct {
+	filetype    FileType
+	path        string
+	contents    string
+	permissions os.FileMode
+}
+
+func createSampleDir(t *testing.T, root string) {
+	files := []FileData{
+		{Regular, "file1", "file1\n", 0600},
+		{Regular, "file2", "file2\n", 0666},
+		{Regular, "file3", "file3\n", 0404},
+		{Regular, "file4", "file4\n", 0600},
+		{Regular, "file5", "file5\n", 0600},
+		{Regular, "file6", "file6\n", 0600},
+		{Regular, "file7", "file7\n", 0600},
+		{Dir, "dir1", "", 0740},
+		{Regular, "dir1/file1-1", "file1-1\n", 01444},
+		{Regular, "dir1/file1-2", "file1-2\n", 0666},
+		{Dir, "dir2", "", 0700},
+		{Regular, "dir2/file2-1", "file2-1\n", 0666},
+		{Regular, "dir2/file2-2", "file2-2\n", 0666},
+		{Dir, "dir3", "", 0700},
+		{Regular, "dir3/file3-1", "file3-1\n", 0666},
+		{Regular, "dir3/file3-2", "file3-2\n", 0666},
+		{Dir, "dir4", "", 0700},
+		{Regular, "dir4/file3-1", "file4-1\n", 0666},
+		{Regular, "dir4/file3-2", "file4-2\n", 0666},
+		{Symlink, "symlink1", "target1", 0666},
+		{Symlink, "symlink2", "target2", 0666},
+		{Symlink, "symlink3", root + "/file1", 0666},
+		{Symlink, "symlink4", root + "/symlink3", 0666},
+		{Symlink, "dirSymlink", root + "/dir1", 0740},
+	}
+
+	now := time.Now()
+	for _, info := range files {
+		p := path.Join(root, info.path)
+		if info.filetype == Dir {
+			if err := os.MkdirAll(p, info.permissions); err != nil {
+				t.Fatal(err)
+			}
+		} else if info.filetype == Regular {
+			if err := ioutil.WriteFile(p, []byte(info.contents), info.permissions); err != nil {
+				t.Fatal(err)
+			}
+		} else if info.filetype == Symlink {
+			if err := os.Symlink(info.contents, p); err != nil {
+				t.Fatal(err)
+			}
+		}
+
+		if info.filetype != Symlink {
+			// Set a consistent ctime, atime for all files and dirs
+			if err := system.Chtimes(p, now, now); err != nil {
+				t.Fatal(err)
+			}
+		}
+	}
+}
+
+func TestChangeString(t *testing.T) {
+	modifiyChange := Change{"change", ChangeModify}
+	toString := modifiyChange.String()
+	if toString != "C change" {
+		t.Fatalf("String() of a change with ChangeModifiy Kind should have been %s but was %s", "C change", toString)
+	}
+	addChange := Change{"change", ChangeAdd}
+	toString = addChange.String()
+	if toString != "A change" {
+		t.Fatalf("String() of a change with ChangeAdd Kind should have been %s but was %s", "A change", toString)
+	}
+	deleteChange := Change{"change", ChangeDelete}
+	toString = deleteChange.String()
+	if toString != "D change" {
+		t.Fatalf("String() of a change with ChangeDelete Kind should have been %s but was %s", "D change", toString)
+	}
+}
+
+func TestChangesWithNoChanges(t *testing.T) {
+	// TODO Windows. There may be a way of running this, but turning off for now
+	// as createSampleDir uses symlinks.
+	if runtime.GOOS == "windows" {
+		t.Skip("symlinks on Windows")
+	}
+	rwLayer, err := ioutil.TempDir("", "docker-changes-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(rwLayer)
+	layer, err := ioutil.TempDir("", "docker-changes-test-layer")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(layer)
+	createSampleDir(t, layer)
+	changes, err := Changes([]string{layer}, rwLayer)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(changes) != 0 {
+		t.Fatalf("Changes with no difference should have detect no changes, but detected %d", len(changes))
+	}
+}
+
+func TestChangesWithChanges(t *testing.T) {
+	// TODO Windows. There may be a way of running this, but turning off for now
+	// as createSampleDir uses symlinks.
+	if runtime.GOOS == "windows" {
+		t.Skip("symlinks on Windows")
+	}
+	// Mock the readonly layer
+	layer, err := ioutil.TempDir("", "docker-changes-test-layer")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(layer)
+	createSampleDir(t, layer)
+	os.MkdirAll(path.Join(layer, "dir1/subfolder"), 0740)
+
+	// Mock the RW layer
+	rwLayer, err := ioutil.TempDir("", "docker-changes-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(rwLayer)
+
+	// Create a folder in RW layer
+	dir1 := path.Join(rwLayer, "dir1")
+	os.MkdirAll(dir1, 0740)
+	deletedFile := path.Join(dir1, ".wh.file1-2")
+	ioutil.WriteFile(deletedFile, []byte{}, 0600)
+	modifiedFile := path.Join(dir1, "file1-1")
+	ioutil.WriteFile(modifiedFile, []byte{0x00}, 01444)
+	// Let's add a subfolder for a newFile
+	subfolder := path.Join(dir1, "subfolder")
+	os.MkdirAll(subfolder, 0740)
+	newFile := path.Join(subfolder, "newFile")
+	ioutil.WriteFile(newFile, []byte{}, 0740)
+
+	changes, err := Changes([]string{layer}, rwLayer)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	expectedChanges := []Change{
+		{"/dir1", ChangeModify},
+		{"/dir1/file1-1", ChangeModify},
+		{"/dir1/file1-2", ChangeDelete},
+		{"/dir1/subfolder", ChangeModify},
+		{"/dir1/subfolder/newFile", ChangeAdd},
+	}
+	checkChanges(expectedChanges, changes, t)
+}
+
+// See https://github.com/docker/docker/pull/13590
+func TestChangesWithChangesGH13590(t *testing.T) {
+	// TODO Windows. There may be a way of running this, but turning off for now
+	// as createSampleDir uses symlinks.
+	if runtime.GOOS == "windows" {
+		t.Skip("symlinks on Windows")
+	}
+	baseLayer, err := ioutil.TempDir("", "docker-changes-test.")
+	defer os.RemoveAll(baseLayer)
+
+	dir3 := path.Join(baseLayer, "dir1/dir2/dir3")
+	os.MkdirAll(dir3, 07400)
+
+	file := path.Join(dir3, "file.txt")
+	ioutil.WriteFile(file, []byte("hello"), 0666)
+
+	layer, err := ioutil.TempDir("", "docker-changes-test2.")
+	defer os.RemoveAll(layer)
+
+	// Test creating a new file
+	if err := copyDir(baseLayer+"/dir1", layer+"/"); err != nil {
+		t.Fatalf("Cmd failed: %q", err)
+	}
+
+	os.Remove(path.Join(layer, "dir1/dir2/dir3/file.txt"))
+	file = path.Join(layer, "dir1/dir2/dir3/file1.txt")
+	ioutil.WriteFile(file, []byte("bye"), 0666)
+
+	changes, err := Changes([]string{baseLayer}, layer)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	expectedChanges := []Change{
+		{"/dir1/dir2/dir3", ChangeModify},
+		{"/dir1/dir2/dir3/file1.txt", ChangeAdd},
+	}
+	checkChanges(expectedChanges, changes, t)
+
+	// Now test changing a file
+	layer, err = ioutil.TempDir("", "docker-changes-test3.")
+	defer os.RemoveAll(layer)
+
+	if err := copyDir(baseLayer+"/dir1", layer+"/"); err != nil {
+		t.Fatalf("Cmd failed: %q", err)
+	}
+
+	file = path.Join(layer, "dir1/dir2/dir3/file.txt")
+	ioutil.WriteFile(file, []byte("bye"), 0666)
+
+	changes, err = Changes([]string{baseLayer}, layer)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	expectedChanges = []Change{
+		{"/dir1/dir2/dir3/file.txt", ChangeModify},
+	}
+	checkChanges(expectedChanges, changes, t)
+}
+
+// Create an directory, copy it, make sure we report no changes between the two
+func TestChangesDirsEmpty(t *testing.T) {
+	// TODO Windows. There may be a way of running this, but turning off for now
+	// as createSampleDir uses symlinks.
+	if runtime.GOOS == "windows" {
+		t.Skip("symlinks on Windows")
+	}
+	src, err := ioutil.TempDir("", "docker-changes-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(src)
+	createSampleDir(t, src)
+	dst := src + "-copy"
+	if err := copyDir(src, dst); err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(dst)
+	changes, err := ChangesDirs(dst, src)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(changes) != 0 {
+		t.Fatalf("Reported changes for identical dirs: %v", changes)
+	}
+	os.RemoveAll(src)
+	os.RemoveAll(dst)
+}
+
+func mutateSampleDir(t *testing.T, root string) {
+	// Remove a regular file
+	if err := os.RemoveAll(path.Join(root, "file1")); err != nil {
+		t.Fatal(err)
+	}
+
+	// Remove a directory
+	if err := os.RemoveAll(path.Join(root, "dir1")); err != nil {
+		t.Fatal(err)
+	}
+
+	// Remove a symlink
+	if err := os.RemoveAll(path.Join(root, "symlink1")); err != nil {
+		t.Fatal(err)
+	}
+
+	// Rewrite a file
+	if err := ioutil.WriteFile(path.Join(root, "file2"), []byte("fileNN\n"), 0777); err != nil {
+		t.Fatal(err)
+	}
+
+	// Replace a file
+	if err := os.RemoveAll(path.Join(root, "file3")); err != nil {
+		t.Fatal(err)
+	}
+	if err := ioutil.WriteFile(path.Join(root, "file3"), []byte("fileMM\n"), 0404); err != nil {
+		t.Fatal(err)
+	}
+
+	// Touch file
+	if err := system.Chtimes(path.Join(root, "file4"), time.Now().Add(time.Second), time.Now().Add(time.Second)); err != nil {
+		t.Fatal(err)
+	}
+
+	// Replace file with dir
+	if err := os.RemoveAll(path.Join(root, "file5")); err != nil {
+		t.Fatal(err)
+	}
+	if err := os.MkdirAll(path.Join(root, "file5"), 0666); err != nil {
+		t.Fatal(err)
+	}
+
+	// Create new file
+	if err := ioutil.WriteFile(path.Join(root, "filenew"), []byte("filenew\n"), 0777); err != nil {
+		t.Fatal(err)
+	}
+
+	// Create new dir
+	if err := os.MkdirAll(path.Join(root, "dirnew"), 0766); err != nil {
+		t.Fatal(err)
+	}
+
+	// Create a new symlink
+	if err := os.Symlink("targetnew", path.Join(root, "symlinknew")); err != nil {
+		t.Fatal(err)
+	}
+
+	// Change a symlink
+	if err := os.RemoveAll(path.Join(root, "symlink2")); err != nil {
+		t.Fatal(err)
+	}
+	if err := os.Symlink("target2change", path.Join(root, "symlink2")); err != nil {
+		t.Fatal(err)
+	}
+
+	// Replace dir with file
+	if err := os.RemoveAll(path.Join(root, "dir2")); err != nil {
+		t.Fatal(err)
+	}
+	if err := ioutil.WriteFile(path.Join(root, "dir2"), []byte("dir2\n"), 0777); err != nil {
+		t.Fatal(err)
+	}
+
+	// Touch dir
+	if err := system.Chtimes(path.Join(root, "dir3"), time.Now().Add(time.Second), time.Now().Add(time.Second)); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestChangesDirsMutated(t *testing.T) {
+	// TODO Windows. There may be a way of running this, but turning off for now
+	// as createSampleDir uses symlinks.
+	if runtime.GOOS == "windows" {
+		t.Skip("symlinks on Windows")
+	}
+	src, err := ioutil.TempDir("", "docker-changes-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	createSampleDir(t, src)
+	dst := src + "-copy"
+	if err := copyDir(src, dst); err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(src)
+	defer os.RemoveAll(dst)
+
+	mutateSampleDir(t, dst)
+
+	changes, err := ChangesDirs(dst, src)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	sort.Sort(changesByPath(changes))
+
+	expectedChanges := []Change{
+		{"/dir1", ChangeDelete},
+		{"/dir2", ChangeModify},
+		{"/dirnew", ChangeAdd},
+		{"/file1", ChangeDelete},
+		{"/file2", ChangeModify},
+		{"/file3", ChangeModify},
+		{"/file4", ChangeModify},
+		{"/file5", ChangeModify},
+		{"/filenew", ChangeAdd},
+		{"/symlink1", ChangeDelete},
+		{"/symlink2", ChangeModify},
+		{"/symlinknew", ChangeAdd},
+	}
+
+	for i := 0; i < max(len(changes), len(expectedChanges)); i++ {
+		if i >= len(expectedChanges) {
+			t.Fatalf("unexpected change %s\n", changes[i].String())
+		}
+		if i >= len(changes) {
+			t.Fatalf("no change for expected change %s\n", expectedChanges[i].String())
+		}
+		if changes[i].Path == expectedChanges[i].Path {
+			if changes[i] != expectedChanges[i] {
+				t.Fatalf("Wrong change for %s, expected %s, got %s\n", changes[i].Path, changes[i].String(), expectedChanges[i].String())
+			}
+		} else if changes[i].Path < expectedChanges[i].Path {
+			t.Fatalf("unexpected change %s\n", changes[i].String())
+		} else {
+			t.Fatalf("no change for expected change %s != %s\n", expectedChanges[i].String(), changes[i].String())
+		}
+	}
+}
+
+func TestApplyLayer(t *testing.T) {
+	// TODO Windows. There may be a way of running this, but turning off for now
+	// as createSampleDir uses symlinks.
+	if runtime.GOOS == "windows" {
+		t.Skip("symlinks on Windows")
+	}
+	src, err := ioutil.TempDir("", "docker-changes-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	createSampleDir(t, src)
+	defer os.RemoveAll(src)
+	dst := src + "-copy"
+	if err := copyDir(src, dst); err != nil {
+		t.Fatal(err)
+	}
+	mutateSampleDir(t, dst)
+	defer os.RemoveAll(dst)
+
+	changes, err := ChangesDirs(dst, src)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layer, err := ExportChanges(dst, changes, nil, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	layerCopy, err := NewTempArchive(layer, "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := ApplyLayer(src, layerCopy); err != nil {
+		t.Fatal(err)
+	}
+
+	changes2, err := ChangesDirs(src, dst)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(changes2) != 0 {
+		t.Fatalf("Unexpected differences after reapplying mutation: %v", changes2)
+	}
+}
+
+func TestChangesSizeWithHardlinks(t *testing.T) {
+	// TODO Windows. There may be a way of running this, but turning off for now
+	// as createSampleDir uses symlinks.
+	if runtime.GOOS == "windows" {
+		t.Skip("hardlinks on Windows")
+	}
+	srcDir, err := ioutil.TempDir("", "docker-test-srcDir")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(srcDir)
+
+	destDir, err := ioutil.TempDir("", "docker-test-destDir")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(destDir)
+
+	creationSize, err := prepareUntarSourceDirectory(100, destDir, true)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	changes, err := ChangesDirs(destDir, srcDir)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	got := ChangesSize(destDir, changes)
+	if got != int64(creationSize) {
+		t.Errorf("Expected %d bytes of changes, got %d", creationSize, got)
+	}
+}
+
+func TestChangesSizeWithNoChanges(t *testing.T) {
+	size := ChangesSize("/tmp", nil)
+	if size != 0 {
+		t.Fatalf("ChangesSizes with no changes should be 0, was %d", size)
+	}
+}
+
+func TestChangesSizeWithOnlyDeleteChanges(t *testing.T) {
+	changes := []Change{
+		{Path: "deletedPath", Kind: ChangeDelete},
+	}
+	size := ChangesSize("/tmp", changes)
+	if size != 0 {
+		t.Fatalf("ChangesSizes with only delete changes should be 0, was %d", size)
+	}
+}
+
+func TestChangesSize(t *testing.T) {
+	parentPath, err := ioutil.TempDir("", "docker-changes-test")
+	defer os.RemoveAll(parentPath)
+	addition := path.Join(parentPath, "addition")
+	if err := ioutil.WriteFile(addition, []byte{0x01, 0x01, 0x01}, 0744); err != nil {
+		t.Fatal(err)
+	}
+	modification := path.Join(parentPath, "modification")
+	if err = ioutil.WriteFile(modification, []byte{0x01, 0x01, 0x01}, 0744); err != nil {
+		t.Fatal(err)
+	}
+	changes := []Change{
+		{Path: "addition", Kind: ChangeAdd},
+		{Path: "modification", Kind: ChangeModify},
+	}
+	size := ChangesSize(parentPath, changes)
+	if size != 6 {
+		t.Fatalf("Expected 6 bytes of changes, got %d", size)
+	}
+}
+
+func checkChanges(expectedChanges, changes []Change, t *testing.T) {
+	sort.Sort(changesByPath(expectedChanges))
+	sort.Sort(changesByPath(changes))
+	for i := 0; i < max(len(changes), len(expectedChanges)); i++ {
+		if i >= len(expectedChanges) {
+			t.Fatalf("unexpected change %s\n", changes[i].String())
+		}
+		if i >= len(changes) {
+			t.Fatalf("no change for expected change %s\n", expectedChanges[i].String())
+		}
+		if changes[i].Path == expectedChanges[i].Path {
+			if changes[i] != expectedChanges[i] {
+				t.Fatalf("Wrong change for %s, expected %s, got %s\n", changes[i].Path, changes[i].String(), expectedChanges[i].String())
+			}
+		} else if changes[i].Path < expectedChanges[i].Path {
+			t.Fatalf("unexpected change %s\n", changes[i].String())
+		} else {
+			t.Fatalf("no change for expected change %s != %s\n", expectedChanges[i].String(), changes[i].String())
+		}
+	}
+}
diff --git a/pkg/archive/changes_unix.go b/pkg/archive/changes_unix.go
new file mode 100644
index 00000000..3778b732
--- /dev/null
+++ b/pkg/archive/changes_unix.go
@@ -0,0 +1,36 @@
+// +build !windows
+
+package archive
+
+import (
+	"os"
+	"syscall"
+
+	"github.com/docker/docker/pkg/system"
+)
+
+func statDifferent(oldStat *system.StatT, newStat *system.StatT) bool {
+	// Don't look at size for dirs, its not a good measure of change
+	if oldStat.Mode() != newStat.Mode() ||
+		oldStat.UID() != newStat.UID() ||
+		oldStat.GID() != newStat.GID() ||
+		oldStat.Rdev() != newStat.Rdev() ||
+		// Don't look at size for dirs, its not a good measure of change
+		(oldStat.Mode()&syscall.S_IFDIR != syscall.S_IFDIR &&
+			(!sameFsTimeSpec(oldStat.Mtim(), newStat.Mtim()) || (oldStat.Size() != newStat.Size()))) {
+		return true
+	}
+	return false
+}
+
+func (info *FileInfo) isDir() bool {
+	return info.parent == nil || info.stat.Mode()&syscall.S_IFDIR != 0
+}
+
+func getIno(fi os.FileInfo) uint64 {
+	return uint64(fi.Sys().(*syscall.Stat_t).Ino)
+}
+
+func hasHardlinks(fi os.FileInfo) bool {
+	return fi.Sys().(*syscall.Stat_t).Nlink > 1
+}
diff --git a/pkg/archive/changes_windows.go b/pkg/archive/changes_windows.go
new file mode 100644
index 00000000..af94243f
--- /dev/null
+++ b/pkg/archive/changes_windows.go
@@ -0,0 +1,30 @@
+package archive
+
+import (
+	"os"
+
+	"github.com/docker/docker/pkg/system"
+)
+
+func statDifferent(oldStat *system.StatT, newStat *system.StatT) bool {
+
+	// Don't look at size for dirs, its not a good measure of change
+	if oldStat.ModTime() != newStat.ModTime() ||
+		oldStat.Mode() != newStat.Mode() ||
+		oldStat.Size() != newStat.Size() && !oldStat.IsDir() {
+		return true
+	}
+	return false
+}
+
+func (info *FileInfo) isDir() bool {
+	return info.parent == nil || info.stat.IsDir()
+}
+
+func getIno(fi os.FileInfo) (inode uint64) {
+	return
+}
+
+func hasHardlinks(fi os.FileInfo) bool {
+	return false
+}
diff --git a/pkg/archive/copy.go b/pkg/archive/copy.go
new file mode 100644
index 00000000..e1fa73f3
--- /dev/null
+++ b/pkg/archive/copy.go
@@ -0,0 +1,458 @@
+package archive
+
+import (
+	"archive/tar"
+	"errors"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/pkg/system"
+)
+
+// Errors used or returned by this file.
+var (
+	ErrNotDirectory      = errors.New("not a directory")
+	ErrDirNotExists      = errors.New("no such directory")
+	ErrCannotCopyDir     = errors.New("cannot copy directory")
+	ErrInvalidCopySource = errors.New("invalid copy source content")
+)
+
+// PreserveTrailingDotOrSeparator returns the given cleaned path (after
+// processing using any utility functions from the path or filepath stdlib
+// packages) and appends a trailing `/.` or `/` if its corresponding  original
+// path (from before being processed by utility functions from the path or
+// filepath stdlib packages) ends with a trailing `/.` or `/`. If the cleaned
+// path already ends in a `.` path segment, then another is not added. If the
+// clean path already ends in a path separator, then another is not added.
+func PreserveTrailingDotOrSeparator(cleanedPath, originalPath string) string {
+	// Ensure paths are in platform semantics
+	cleanedPath = normalizePath(cleanedPath)
+	originalPath = normalizePath(originalPath)
+
+	if !specifiesCurrentDir(cleanedPath) && specifiesCurrentDir(originalPath) {
+		if !hasTrailingPathSeparator(cleanedPath) {
+			// Add a separator if it doesn't already end with one (a cleaned
+			// path would only end in a separator if it is the root).
+			cleanedPath += string(filepath.Separator)
+		}
+		cleanedPath += "."
+	}
+
+	if !hasTrailingPathSeparator(cleanedPath) && hasTrailingPathSeparator(originalPath) {
+		cleanedPath += string(filepath.Separator)
+	}
+
+	return cleanedPath
+}
+
+// assertsDirectory returns whether the given path is
+// asserted to be a directory, i.e., the path ends with
+// a trailing '/' or `/.`, assuming a path separator of `/`.
+func assertsDirectory(path string) bool {
+	return hasTrailingPathSeparator(path) || specifiesCurrentDir(path)
+}
+
+// hasTrailingPathSeparator returns whether the given
+// path ends with the system's path separator character.
+func hasTrailingPathSeparator(path string) bool {
+	return len(path) > 0 && os.IsPathSeparator(path[len(path)-1])
+}
+
+// specifiesCurrentDir returns whether the given path specifies
+// a "current directory", i.e., the last path segment is `.`.
+func specifiesCurrentDir(path string) bool {
+	return filepath.Base(path) == "."
+}
+
+// SplitPathDirEntry splits the given path between its directory name and its
+// basename by first cleaning the path but preserves a trailing "." if the
+// original path specified the current directory.
+func SplitPathDirEntry(path string) (dir, base string) {
+	cleanedPath := filepath.Clean(normalizePath(path))
+
+	if specifiesCurrentDir(path) {
+		cleanedPath += string(filepath.Separator) + "."
+	}
+
+	return filepath.Dir(cleanedPath), filepath.Base(cleanedPath)
+}
+
+// TarResource archives the resource described by the given CopyInfo to a Tar
+// archive. A non-nil error is returned if sourcePath does not exist or is
+// asserted to be a directory but exists as another type of file.
+//
+// This function acts as a convenient wrapper around TarWithOptions, which
+// requires a directory as the source path. TarResource accepts either a
+// directory or a file path and correctly sets the Tar options.
+func TarResource(sourceInfo CopyInfo) (content Archive, err error) {
+	return TarResourceRebase(sourceInfo.Path, sourceInfo.RebaseName)
+}
+
+// TarResourceRebase is like TarResource but renames the first path element of
+// items in the resulting tar archive to match the given rebaseName if not "".
+func TarResourceRebase(sourcePath, rebaseName string) (content Archive, err error) {
+	sourcePath = normalizePath(sourcePath)
+	if _, err = os.Lstat(sourcePath); err != nil {
+		// Catches the case where the source does not exist or is not a
+		// directory if asserted to be a directory, as this also causes an
+		// error.
+		return
+	}
+
+	// Separate the source path between it's directory and
+	// the entry in that directory which we are archiving.
+	sourceDir, sourceBase := SplitPathDirEntry(sourcePath)
+
+	filter := []string{sourceBase}
+
+	logrus.Debugf("copying %q from %q", sourceBase, sourceDir)
+
+	return TarWithOptions(sourceDir, &TarOptions{
+		Compression:      Uncompressed,
+		IncludeFiles:     filter,
+		IncludeSourceDir: true,
+		RebaseNames: map[string]string{
+			sourceBase: rebaseName,
+		},
+	})
+}
+
+// CopyInfo holds basic info about the source
+// or destination path of a copy operation.
+type CopyInfo struct {
+	Path       string
+	Exists     bool
+	IsDir      bool
+	RebaseName string
+}
+
+// CopyInfoSourcePath stats the given path to create a CopyInfo
+// struct representing that resource for the source of an archive copy
+// operation. The given path should be an absolute local path. A source path
+// has all symlinks evaluated that appear before the last path separator ("/"
+// on Unix). As it is to be a copy source, the path must exist.
+func CopyInfoSourcePath(path string, followLink bool) (CopyInfo, error) {
+	// normalize the file path and then evaluate the symbol link
+	// we will use the target file instead of the symbol link if
+	// followLink is set
+	path = normalizePath(path)
+
+	resolvedPath, rebaseName, err := ResolveHostSourcePath(path, followLink)
+	if err != nil {
+		return CopyInfo{}, err
+	}
+
+	stat, err := os.Lstat(resolvedPath)
+	if err != nil {
+		return CopyInfo{}, err
+	}
+
+	return CopyInfo{
+		Path:       resolvedPath,
+		Exists:     true,
+		IsDir:      stat.IsDir(),
+		RebaseName: rebaseName,
+	}, nil
+}
+
+// CopyInfoDestinationPath stats the given path to create a CopyInfo
+// struct representing that resource for the destination of an archive copy
+// operation. The given path should be an absolute local path.
+func CopyInfoDestinationPath(path string) (info CopyInfo, err error) {
+	maxSymlinkIter := 10 // filepath.EvalSymlinks uses 255, but 10 already seems like a lot.
+	path = normalizePath(path)
+	originalPath := path
+
+	stat, err := os.Lstat(path)
+
+	if err == nil && stat.Mode()&os.ModeSymlink == 0 {
+		// The path exists and is not a symlink.
+		return CopyInfo{
+			Path:   path,
+			Exists: true,
+			IsDir:  stat.IsDir(),
+		}, nil
+	}
+
+	// While the path is a symlink.
+	for n := 0; err == nil && stat.Mode()&os.ModeSymlink != 0; n++ {
+		if n > maxSymlinkIter {
+			// Don't follow symlinks more than this arbitrary number of times.
+			return CopyInfo{}, errors.New("too many symlinks in " + originalPath)
+		}
+
+		// The path is a symbolic link. We need to evaluate it so that the
+		// destination of the copy operation is the link target and not the
+		// link itself. This is notably different than CopyInfoSourcePath which
+		// only evaluates symlinks before the last appearing path separator.
+		// Also note that it is okay if the last path element is a broken
+		// symlink as the copy operation should create the target.
+		var linkTarget string
+
+		linkTarget, err = os.Readlink(path)
+		if err != nil {
+			return CopyInfo{}, err
+		}
+
+		if !system.IsAbs(linkTarget) {
+			// Join with the parent directory.
+			dstParent, _ := SplitPathDirEntry(path)
+			linkTarget = filepath.Join(dstParent, linkTarget)
+		}
+
+		path = linkTarget
+		stat, err = os.Lstat(path)
+	}
+
+	if err != nil {
+		// It's okay if the destination path doesn't exist. We can still
+		// continue the copy operation if the parent directory exists.
+		if !os.IsNotExist(err) {
+			return CopyInfo{}, err
+		}
+
+		// Ensure destination parent dir exists.
+		dstParent, _ := SplitPathDirEntry(path)
+
+		parentDirStat, err := os.Lstat(dstParent)
+		if err != nil {
+			return CopyInfo{}, err
+		}
+		if !parentDirStat.IsDir() {
+			return CopyInfo{}, ErrNotDirectory
+		}
+
+		return CopyInfo{Path: path}, nil
+	}
+
+	// The path exists after resolving symlinks.
+	return CopyInfo{
+		Path:   path,
+		Exists: true,
+		IsDir:  stat.IsDir(),
+	}, nil
+}
+
+// PrepareArchiveCopy prepares the given srcContent archive, which should
+// contain the archived resource described by srcInfo, to the destination
+// described by dstInfo. Returns the possibly modified content archive along
+// with the path to the destination directory which it should be extracted to.
+func PrepareArchiveCopy(srcContent Reader, srcInfo, dstInfo CopyInfo) (dstDir string, content Archive, err error) {
+	// Ensure in platform semantics
+	srcInfo.Path = normalizePath(srcInfo.Path)
+	dstInfo.Path = normalizePath(dstInfo.Path)
+
+	// Separate the destination path between its directory and base
+	// components in case the source archive contents need to be rebased.
+	dstDir, dstBase := SplitPathDirEntry(dstInfo.Path)
+	_, srcBase := SplitPathDirEntry(srcInfo.Path)
+
+	switch {
+	case dstInfo.Exists && dstInfo.IsDir:
+		// The destination exists as a directory. No alteration
+		// to srcContent is needed as its contents can be
+		// simply extracted to the destination directory.
+		return dstInfo.Path, ioutil.NopCloser(srcContent), nil
+	case dstInfo.Exists && srcInfo.IsDir:
+		// The destination exists as some type of file and the source
+		// content is a directory. This is an error condition since
+		// you cannot copy a directory to an existing file location.
+		return "", nil, ErrCannotCopyDir
+	case dstInfo.Exists:
+		// The destination exists as some type of file and the source content
+		// is also a file. The source content entry will have to be renamed to
+		// have a basename which matches the destination path's basename.
+		if len(srcInfo.RebaseName) != 0 {
+			srcBase = srcInfo.RebaseName
+		}
+		return dstDir, RebaseArchiveEntries(srcContent, srcBase, dstBase), nil
+	case srcInfo.IsDir:
+		// The destination does not exist and the source content is an archive
+		// of a directory. The archive should be extracted to the parent of
+		// the destination path instead, and when it is, the directory that is
+		// created as a result should take the name of the destination path.
+		// The source content entries will have to be renamed to have a
+		// basename which matches the destination path's basename.
+		if len(srcInfo.RebaseName) != 0 {
+			srcBase = srcInfo.RebaseName
+		}
+		return dstDir, RebaseArchiveEntries(srcContent, srcBase, dstBase), nil
+	case assertsDirectory(dstInfo.Path):
+		// The destination does not exist and is asserted to be created as a
+		// directory, but the source content is not a directory. This is an
+		// error condition since you cannot create a directory from a file
+		// source.
+		return "", nil, ErrDirNotExists
+	default:
+		// The last remaining case is when the destination does not exist, is
+		// not asserted to be a directory, and the source content is not an
+		// archive of a directory. It this case, the destination file will need
+		// to be created when the archive is extracted and the source content
+		// entry will have to be renamed to have a basename which matches the
+		// destination path's basename.
+		if len(srcInfo.RebaseName) != 0 {
+			srcBase = srcInfo.RebaseName
+		}
+		return dstDir, RebaseArchiveEntries(srcContent, srcBase, dstBase), nil
+	}
+
+}
+
+// RebaseArchiveEntries rewrites the given srcContent archive replacing
+// an occurrence of oldBase with newBase at the beginning of entry names.
+func RebaseArchiveEntries(srcContent Reader, oldBase, newBase string) Archive {
+	if oldBase == string(os.PathSeparator) {
+		// If oldBase specifies the root directory, use an empty string as
+		// oldBase instead so that newBase doesn't replace the path separator
+		// that all paths will start with.
+		oldBase = ""
+	}
+
+	rebased, w := io.Pipe()
+
+	go func() {
+		srcTar := tar.NewReader(srcContent)
+		rebasedTar := tar.NewWriter(w)
+
+		for {
+			hdr, err := srcTar.Next()
+			if err == io.EOF {
+				// Signals end of archive.
+				rebasedTar.Close()
+				w.Close()
+				return
+			}
+			if err != nil {
+				w.CloseWithError(err)
+				return
+			}
+
+			hdr.Name = strings.Replace(hdr.Name, oldBase, newBase, 1)
+
+			if err = rebasedTar.WriteHeader(hdr); err != nil {
+				w.CloseWithError(err)
+				return
+			}
+
+			if _, err = io.Copy(rebasedTar, srcTar); err != nil {
+				w.CloseWithError(err)
+				return
+			}
+		}
+	}()
+
+	return rebased
+}
+
+// CopyResource performs an archive copy from the given source path to the
+// given destination path. The source path MUST exist and the destination
+// path's parent directory must exist.
+func CopyResource(srcPath, dstPath string, followLink bool) error {
+	var (
+		srcInfo CopyInfo
+		err     error
+	)
+
+	// Ensure in platform semantics
+	srcPath = normalizePath(srcPath)
+	dstPath = normalizePath(dstPath)
+
+	// Clean the source and destination paths.
+	srcPath = PreserveTrailingDotOrSeparator(filepath.Clean(srcPath), srcPath)
+	dstPath = PreserveTrailingDotOrSeparator(filepath.Clean(dstPath), dstPath)
+
+	if srcInfo, err = CopyInfoSourcePath(srcPath, followLink); err != nil {
+		return err
+	}
+
+	content, err := TarResource(srcInfo)
+	if err != nil {
+		return err
+	}
+	defer content.Close()
+
+	return CopyTo(content, srcInfo, dstPath)
+}
+
+// CopyTo handles extracting the given content whose
+// entries should be sourced from srcInfo to dstPath.
+func CopyTo(content Reader, srcInfo CopyInfo, dstPath string) error {
+	// The destination path need not exist, but CopyInfoDestinationPath will
+	// ensure that at least the parent directory exists.
+	dstInfo, err := CopyInfoDestinationPath(normalizePath(dstPath))
+	if err != nil {
+		return err
+	}
+
+	dstDir, copyArchive, err := PrepareArchiveCopy(content, srcInfo, dstInfo)
+	if err != nil {
+		return err
+	}
+	defer copyArchive.Close()
+
+	options := &TarOptions{
+		NoLchown:             true,
+		NoOverwriteDirNonDir: true,
+	}
+
+	return Untar(copyArchive, dstDir, options)
+}
+
+// ResolveHostSourcePath decides real path need to be copied with parameters such as
+// whether to follow symbol link or not, if followLink is true, resolvedPath will return
+// link target of any symbol link file, else it will only resolve symlink of directory
+// but return symbol link file itself without resolving.
+func ResolveHostSourcePath(path string, followLink bool) (resolvedPath, rebaseName string, err error) {
+	if followLink {
+		resolvedPath, err = filepath.EvalSymlinks(path)
+		if err != nil {
+			return
+		}
+
+		resolvedPath, rebaseName = GetRebaseName(path, resolvedPath)
+	} else {
+		dirPath, basePath := filepath.Split(path)
+
+		// if not follow symbol link, then resolve symbol link of parent dir
+		var resolvedDirPath string
+		resolvedDirPath, err = filepath.EvalSymlinks(dirPath)
+		if err != nil {
+			return
+		}
+		// resolvedDirPath will have been cleaned (no trailing path separators) so
+		// we can manually join it with the base path element.
+		resolvedPath = resolvedDirPath + string(filepath.Separator) + basePath
+		if hasTrailingPathSeparator(path) && filepath.Base(path) != filepath.Base(resolvedPath) {
+			rebaseName = filepath.Base(path)
+		}
+	}
+	return resolvedPath, rebaseName, nil
+}
+
+// GetRebaseName normalizes and compares path and resolvedPath,
+// return completed resolved path and rebased file name
+func GetRebaseName(path, resolvedPath string) (string, string) {
+	// linkTarget will have been cleaned (no trailing path separators and dot) so
+	// we can manually join it with them
+	var rebaseName string
+	if specifiesCurrentDir(path) && !specifiesCurrentDir(resolvedPath) {
+		resolvedPath += string(filepath.Separator) + "."
+	}
+
+	if hasTrailingPathSeparator(path) && !hasTrailingPathSeparator(resolvedPath) {
+		resolvedPath += string(filepath.Separator)
+	}
+
+	if filepath.Base(path) != filepath.Base(resolvedPath) {
+		// In the case where the path had a trailing separator and a symlink
+		// evaluation has changed the last path component, we will need to
+		// rebase the name in the archive that is being copied to match the
+		// originally requested name.
+		rebaseName = filepath.Base(path)
+	}
+	return resolvedPath, rebaseName
+}
diff --git a/pkg/archive/copy_unix.go b/pkg/archive/copy_unix.go
new file mode 100644
index 00000000..e305b5e4
--- /dev/null
+++ b/pkg/archive/copy_unix.go
@@ -0,0 +1,11 @@
+// +build !windows
+
+package archive
+
+import (
+	"path/filepath"
+)
+
+func normalizePath(path string) string {
+	return filepath.ToSlash(path)
+}
diff --git a/pkg/archive/copy_unix_test.go b/pkg/archive/copy_unix_test.go
new file mode 100644
index 00000000..ecbfc172
--- /dev/null
+++ b/pkg/archive/copy_unix_test.go
@@ -0,0 +1,978 @@
+// +build !windows
+
+// TODO Windows: Some of these tests may be salvagable and portable to Windows.
+
+package archive
+
+import (
+	"bytes"
+	"crypto/sha256"
+	"encoding/hex"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"strings"
+	"testing"
+)
+
+func removeAllPaths(paths ...string) {
+	for _, path := range paths {
+		os.RemoveAll(path)
+	}
+}
+
+func getTestTempDirs(t *testing.T) (tmpDirA, tmpDirB string) {
+	var err error
+
+	if tmpDirA, err = ioutil.TempDir("", "archive-copy-test"); err != nil {
+		t.Fatal(err)
+	}
+
+	if tmpDirB, err = ioutil.TempDir("", "archive-copy-test"); err != nil {
+		t.Fatal(err)
+	}
+
+	return
+}
+
+func isNotDir(err error) bool {
+	return strings.Contains(err.Error(), "not a directory")
+}
+
+func joinTrailingSep(pathElements ...string) string {
+	joined := filepath.Join(pathElements...)
+
+	return fmt.Sprintf("%s%c", joined, filepath.Separator)
+}
+
+func fileContentsEqual(t *testing.T, filenameA, filenameB string) (err error) {
+	t.Logf("checking for equal file contents: %q and %q\n", filenameA, filenameB)
+
+	fileA, err := os.Open(filenameA)
+	if err != nil {
+		return
+	}
+	defer fileA.Close()
+
+	fileB, err := os.Open(filenameB)
+	if err != nil {
+		return
+	}
+	defer fileB.Close()
+
+	hasher := sha256.New()
+
+	if _, err = io.Copy(hasher, fileA); err != nil {
+		return
+	}
+
+	hashA := hasher.Sum(nil)
+	hasher.Reset()
+
+	if _, err = io.Copy(hasher, fileB); err != nil {
+		return
+	}
+
+	hashB := hasher.Sum(nil)
+
+	if !bytes.Equal(hashA, hashB) {
+		err = fmt.Errorf("file content hashes not equal - expected %s, got %s", hex.EncodeToString(hashA), hex.EncodeToString(hashB))
+	}
+
+	return
+}
+
+func dirContentsEqual(t *testing.T, newDir, oldDir string) (err error) {
+	t.Logf("checking for equal directory contents: %q and %q\n", newDir, oldDir)
+
+	var changes []Change
+
+	if changes, err = ChangesDirs(newDir, oldDir); err != nil {
+		return
+	}
+
+	if len(changes) != 0 {
+		err = fmt.Errorf("expected no changes between directories, but got: %v", changes)
+	}
+
+	return
+}
+
+func logDirContents(t *testing.T, dirPath string) {
+	logWalkedPaths := filepath.WalkFunc(func(path string, info os.FileInfo, err error) error {
+		if err != nil {
+			t.Errorf("stat error for path %q: %s", path, err)
+			return nil
+		}
+
+		if info.IsDir() {
+			path = joinTrailingSep(path)
+		}
+
+		t.Logf("\t%s", path)
+
+		return nil
+	})
+
+	t.Logf("logging directory contents: %q", dirPath)
+
+	if err := filepath.Walk(dirPath, logWalkedPaths); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func testCopyHelper(t *testing.T, srcPath, dstPath string) (err error) {
+	t.Logf("copying from %q to %q (not follow symbol link)", srcPath, dstPath)
+
+	return CopyResource(srcPath, dstPath, false)
+}
+
+func testCopyHelperFSym(t *testing.T, srcPath, dstPath string) (err error) {
+	t.Logf("copying from %q to %q (follow symbol link)", srcPath, dstPath)
+
+	return CopyResource(srcPath, dstPath, true)
+}
+
+// Basic assumptions about SRC and DST:
+// 1. SRC must exist.
+// 2. If SRC ends with a trailing separator, it must be a directory.
+// 3. DST parent directory must exist.
+// 4. If DST exists as a file, it must not end with a trailing separator.
+
+// First get these easy error cases out of the way.
+
+// Test for error when SRC does not exist.
+func TestCopyErrSrcNotExists(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	if _, err := CopyInfoSourcePath(filepath.Join(tmpDirA, "file1"), false); !os.IsNotExist(err) {
+		t.Fatalf("expected IsNotExist error, but got %T: %s", err, err)
+	}
+}
+
+// Test for error when SRC ends in a trailing
+// path separator but it exists as a file.
+func TestCopyErrSrcNotDir(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+
+	if _, err := CopyInfoSourcePath(joinTrailingSep(tmpDirA, "file1"), false); !isNotDir(err) {
+		t.Fatalf("expected IsNotDir error, but got %T: %s", err, err)
+	}
+}
+
+// Test for error when SRC is a valid file or directory,
+// but the DST parent directory does not exist.
+func TestCopyErrDstParentNotExists(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+
+	srcInfo := CopyInfo{Path: filepath.Join(tmpDirA, "file1"), Exists: true, IsDir: false}
+
+	// Try with a file source.
+	content, err := TarResource(srcInfo)
+	if err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+	defer content.Close()
+
+	// Copy to a file whose parent does not exist.
+	if err = CopyTo(content, srcInfo, filepath.Join(tmpDirB, "fakeParentDir", "file1")); err == nil {
+		t.Fatal("expected IsNotExist error, but got nil instead")
+	}
+
+	if !os.IsNotExist(err) {
+		t.Fatalf("expected IsNotExist error, but got %T: %s", err, err)
+	}
+
+	// Try with a directory source.
+	srcInfo = CopyInfo{Path: filepath.Join(tmpDirA, "dir1"), Exists: true, IsDir: true}
+
+	content, err = TarResource(srcInfo)
+	if err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+	defer content.Close()
+
+	// Copy to a directory whose parent does not exist.
+	if err = CopyTo(content, srcInfo, joinTrailingSep(tmpDirB, "fakeParentDir", "fakeDstDir")); err == nil {
+		t.Fatal("expected IsNotExist error, but got nil instead")
+	}
+
+	if !os.IsNotExist(err) {
+		t.Fatalf("expected IsNotExist error, but got %T: %s", err, err)
+	}
+}
+
+// Test for error when DST ends in a trailing
+// path separator but exists as a file.
+func TestCopyErrDstNotDir(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A and B with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+	createSampleDir(t, tmpDirB)
+
+	// Try with a file source.
+	srcInfo := CopyInfo{Path: filepath.Join(tmpDirA, "file1"), Exists: true, IsDir: false}
+
+	content, err := TarResource(srcInfo)
+	if err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+	defer content.Close()
+
+	if err = CopyTo(content, srcInfo, joinTrailingSep(tmpDirB, "file1")); err == nil {
+		t.Fatal("expected IsNotDir error, but got nil instead")
+	}
+
+	if !isNotDir(err) {
+		t.Fatalf("expected IsNotDir error, but got %T: %s", err, err)
+	}
+
+	// Try with a directory source.
+	srcInfo = CopyInfo{Path: filepath.Join(tmpDirA, "dir1"), Exists: true, IsDir: true}
+
+	content, err = TarResource(srcInfo)
+	if err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+	defer content.Close()
+
+	if err = CopyTo(content, srcInfo, joinTrailingSep(tmpDirB, "file1")); err == nil {
+		t.Fatal("expected IsNotDir error, but got nil instead")
+	}
+
+	if !isNotDir(err) {
+		t.Fatalf("expected IsNotDir error, but got %T: %s", err, err)
+	}
+}
+
+// Possibilities are reduced to the remaining 10 cases:
+//
+//  case | srcIsDir | onlyDirContents | dstExists | dstIsDir | dstTrSep | action
+// ===================================================================================================
+//   A   |  no      |  -              |  no       |  -       |  no      |  create file
+//   B   |  no      |  -              |  no       |  -       |  yes     |  error
+//   C   |  no      |  -              |  yes      |  no      |  -       |  overwrite file
+//   D   |  no      |  -              |  yes      |  yes     |  -       |  create file in dst dir
+//   E   |  yes     |  no             |  no       |  -       |  -       |  create dir, copy contents
+//   F   |  yes     |  no             |  yes      |  no      |  -       |  error
+//   G   |  yes     |  no             |  yes      |  yes     |  -       |  copy dir and contents
+//   H   |  yes     |  yes            |  no       |  -       |  -       |  create dir, copy contents
+//   I   |  yes     |  yes            |  yes      |  no      |  -       |  error
+//   J   |  yes     |  yes            |  yes      |  yes     |  -       |  copy dir contents
+//
+
+// A. SRC specifies a file and DST (no trailing path separator) doesn't
+//    exist. This should create a file with the name DST and copy the
+//    contents of the source file into it.
+func TestCopyCaseA(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+
+	srcPath := filepath.Join(tmpDirA, "file1")
+	dstPath := filepath.Join(tmpDirB, "itWorks.txt")
+
+	var err error
+
+	if err = testCopyHelper(t, srcPath, dstPath); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = fileContentsEqual(t, srcPath, dstPath); err != nil {
+		t.Fatal(err)
+	}
+	os.Remove(dstPath)
+
+	symlinkPath := filepath.Join(tmpDirA, "symlink3")
+	symlinkPath1 := filepath.Join(tmpDirA, "symlink4")
+	linkTarget := filepath.Join(tmpDirA, "file1")
+
+	if err = testCopyHelperFSym(t, symlinkPath, dstPath); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = fileContentsEqual(t, linkTarget, dstPath); err != nil {
+		t.Fatal(err)
+	}
+	os.Remove(dstPath)
+	if err = testCopyHelperFSym(t, symlinkPath1, dstPath); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = fileContentsEqual(t, linkTarget, dstPath); err != nil {
+		t.Fatal(err)
+	}
+}
+
+// B. SRC specifies a file and DST (with trailing path separator) doesn't
+//    exist. This should cause an error because the copy operation cannot
+//    create a directory when copying a single file.
+func TestCopyCaseB(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+
+	srcPath := filepath.Join(tmpDirA, "file1")
+	dstDir := joinTrailingSep(tmpDirB, "testDir")
+
+	var err error
+
+	if err = testCopyHelper(t, srcPath, dstDir); err == nil {
+		t.Fatal("expected ErrDirNotExists error, but got nil instead")
+	}
+
+	if err != ErrDirNotExists {
+		t.Fatalf("expected ErrDirNotExists error, but got %T: %s", err, err)
+	}
+
+	symlinkPath := filepath.Join(tmpDirA, "symlink3")
+
+	if err = testCopyHelperFSym(t, symlinkPath, dstDir); err == nil {
+		t.Fatal("expected ErrDirNotExists error, but got nil instead")
+	}
+	if err != ErrDirNotExists {
+		t.Fatalf("expected ErrDirNotExists error, but got %T: %s", err, err)
+	}
+
+}
+
+// C. SRC specifies a file and DST exists as a file. This should overwrite
+//    the file at DST with the contents of the source file.
+func TestCopyCaseC(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A and B with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+	createSampleDir(t, tmpDirB)
+
+	srcPath := filepath.Join(tmpDirA, "file1")
+	dstPath := filepath.Join(tmpDirB, "file2")
+
+	var err error
+
+	// Ensure they start out different.
+	if err = fileContentsEqual(t, srcPath, dstPath); err == nil {
+		t.Fatal("expected different file contents")
+	}
+
+	if err = testCopyHelper(t, srcPath, dstPath); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = fileContentsEqual(t, srcPath, dstPath); err != nil {
+		t.Fatal(err)
+	}
+}
+
+// C. Symbol link following version:
+//    SRC specifies a file and DST exists as a file. This should overwrite
+//    the file at DST with the contents of the source file.
+func TestCopyCaseCFSym(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A and B with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+	createSampleDir(t, tmpDirB)
+
+	symlinkPathBad := filepath.Join(tmpDirA, "symlink1")
+	symlinkPath := filepath.Join(tmpDirA, "symlink3")
+	linkTarget := filepath.Join(tmpDirA, "file1")
+	dstPath := filepath.Join(tmpDirB, "file2")
+
+	var err error
+
+	// first to test broken link
+	if err = testCopyHelperFSym(t, symlinkPathBad, dstPath); err == nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	// test symbol link -> symbol link -> target
+	// Ensure they start out different.
+	if err = fileContentsEqual(t, linkTarget, dstPath); err == nil {
+		t.Fatal("expected different file contents")
+	}
+
+	if err = testCopyHelperFSym(t, symlinkPath, dstPath); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = fileContentsEqual(t, linkTarget, dstPath); err != nil {
+		t.Fatal(err)
+	}
+}
+
+// D. SRC specifies a file and DST exists as a directory. This should place
+//    a copy of the source file inside it using the basename from SRC. Ensure
+//    this works whether DST has a trailing path separator or not.
+func TestCopyCaseD(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A and B with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+	createSampleDir(t, tmpDirB)
+
+	srcPath := filepath.Join(tmpDirA, "file1")
+	dstDir := filepath.Join(tmpDirB, "dir1")
+	dstPath := filepath.Join(dstDir, "file1")
+
+	var err error
+
+	// Ensure that dstPath doesn't exist.
+	if _, err = os.Stat(dstPath); !os.IsNotExist(err) {
+		t.Fatalf("did not expect dstPath %q to exist", dstPath)
+	}
+
+	if err = testCopyHelper(t, srcPath, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = fileContentsEqual(t, srcPath, dstPath); err != nil {
+		t.Fatal(err)
+	}
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	if err = os.RemoveAll(dstDir); err != nil {
+		t.Fatalf("unable to remove dstDir: %s", err)
+	}
+
+	if err = os.MkdirAll(dstDir, os.FileMode(0755)); err != nil {
+		t.Fatalf("unable to make dstDir: %s", err)
+	}
+
+	dstDir = joinTrailingSep(tmpDirB, "dir1")
+
+	if err = testCopyHelper(t, srcPath, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = fileContentsEqual(t, srcPath, dstPath); err != nil {
+		t.Fatal(err)
+	}
+}
+
+// D. Symbol link following version:
+//    SRC specifies a file and DST exists as a directory. This should place
+//    a copy of the source file inside it using the basename from SRC. Ensure
+//    this works whether DST has a trailing path separator or not.
+func TestCopyCaseDFSym(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A and B with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+	createSampleDir(t, tmpDirB)
+
+	srcPath := filepath.Join(tmpDirA, "symlink4")
+	linkTarget := filepath.Join(tmpDirA, "file1")
+	dstDir := filepath.Join(tmpDirB, "dir1")
+	dstPath := filepath.Join(dstDir, "symlink4")
+
+	var err error
+
+	// Ensure that dstPath doesn't exist.
+	if _, err = os.Stat(dstPath); !os.IsNotExist(err) {
+		t.Fatalf("did not expect dstPath %q to exist", dstPath)
+	}
+
+	if err = testCopyHelperFSym(t, srcPath, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = fileContentsEqual(t, linkTarget, dstPath); err != nil {
+		t.Fatal(err)
+	}
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	if err = os.RemoveAll(dstDir); err != nil {
+		t.Fatalf("unable to remove dstDir: %s", err)
+	}
+
+	if err = os.MkdirAll(dstDir, os.FileMode(0755)); err != nil {
+		t.Fatalf("unable to make dstDir: %s", err)
+	}
+
+	dstDir = joinTrailingSep(tmpDirB, "dir1")
+
+	if err = testCopyHelperFSym(t, srcPath, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = fileContentsEqual(t, linkTarget, dstPath); err != nil {
+		t.Fatal(err)
+	}
+}
+
+// E. SRC specifies a directory and DST does not exist. This should create a
+//    directory at DST and copy the contents of the SRC directory into the DST
+//    directory. Ensure this works whether DST has a trailing path separator or
+//    not.
+func TestCopyCaseE(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+
+	srcDir := filepath.Join(tmpDirA, "dir1")
+	dstDir := filepath.Join(tmpDirB, "testDir")
+
+	var err error
+
+	if err = testCopyHelper(t, srcDir, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = dirContentsEqual(t, dstDir, srcDir); err != nil {
+		t.Log("dir contents not equal")
+		logDirContents(t, tmpDirA)
+		logDirContents(t, tmpDirB)
+		t.Fatal(err)
+	}
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	if err = os.RemoveAll(dstDir); err != nil {
+		t.Fatalf("unable to remove dstDir: %s", err)
+	}
+
+	dstDir = joinTrailingSep(tmpDirB, "testDir")
+
+	if err = testCopyHelper(t, srcDir, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = dirContentsEqual(t, dstDir, srcDir); err != nil {
+		t.Fatal(err)
+	}
+}
+
+// E. Symbol link following version:
+//    SRC specifies a directory and DST does not exist. This should create a
+//    directory at DST and copy the contents of the SRC directory into the DST
+//    directory. Ensure this works whether DST has a trailing path separator or
+//    not.
+func TestCopyCaseEFSym(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+
+	srcDir := filepath.Join(tmpDirA, "dirSymlink")
+	linkTarget := filepath.Join(tmpDirA, "dir1")
+	dstDir := filepath.Join(tmpDirB, "testDir")
+
+	var err error
+
+	if err = testCopyHelperFSym(t, srcDir, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = dirContentsEqual(t, dstDir, linkTarget); err != nil {
+		t.Log("dir contents not equal")
+		logDirContents(t, tmpDirA)
+		logDirContents(t, tmpDirB)
+		t.Fatal(err)
+	}
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	if err = os.RemoveAll(dstDir); err != nil {
+		t.Fatalf("unable to remove dstDir: %s", err)
+	}
+
+	dstDir = joinTrailingSep(tmpDirB, "testDir")
+
+	if err = testCopyHelperFSym(t, srcDir, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = dirContentsEqual(t, dstDir, linkTarget); err != nil {
+		t.Fatal(err)
+	}
+}
+
+// F. SRC specifies a directory and DST exists as a file. This should cause an
+//    error as it is not possible to overwrite a file with a directory.
+func TestCopyCaseF(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A and B with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+	createSampleDir(t, tmpDirB)
+
+	srcDir := filepath.Join(tmpDirA, "dir1")
+	symSrcDir := filepath.Join(tmpDirA, "dirSymlink")
+	dstFile := filepath.Join(tmpDirB, "file1")
+
+	var err error
+
+	if err = testCopyHelper(t, srcDir, dstFile); err == nil {
+		t.Fatal("expected ErrCannotCopyDir error, but got nil instead")
+	}
+
+	if err != ErrCannotCopyDir {
+		t.Fatalf("expected ErrCannotCopyDir error, but got %T: %s", err, err)
+	}
+
+	// now test with symbol link
+	if err = testCopyHelperFSym(t, symSrcDir, dstFile); err == nil {
+		t.Fatal("expected ErrCannotCopyDir error, but got nil instead")
+	}
+
+	if err != ErrCannotCopyDir {
+		t.Fatalf("expected ErrCannotCopyDir error, but got %T: %s", err, err)
+	}
+}
+
+// G. SRC specifies a directory and DST exists as a directory. This should copy
+//    the SRC directory and all its contents to the DST directory. Ensure this
+//    works whether DST has a trailing path separator or not.
+func TestCopyCaseG(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A and B with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+	createSampleDir(t, tmpDirB)
+
+	srcDir := filepath.Join(tmpDirA, "dir1")
+	dstDir := filepath.Join(tmpDirB, "dir2")
+	resultDir := filepath.Join(dstDir, "dir1")
+
+	var err error
+
+	if err = testCopyHelper(t, srcDir, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = dirContentsEqual(t, resultDir, srcDir); err != nil {
+		t.Fatal(err)
+	}
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	if err = os.RemoveAll(dstDir); err != nil {
+		t.Fatalf("unable to remove dstDir: %s", err)
+	}
+
+	if err = os.MkdirAll(dstDir, os.FileMode(0755)); err != nil {
+		t.Fatalf("unable to make dstDir: %s", err)
+	}
+
+	dstDir = joinTrailingSep(tmpDirB, "dir2")
+
+	if err = testCopyHelper(t, srcDir, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = dirContentsEqual(t, resultDir, srcDir); err != nil {
+		t.Fatal(err)
+	}
+}
+
+// G. Symbol link version:
+//    SRC specifies a directory and DST exists as a directory. This should copy
+//    the SRC directory and all its contents to the DST directory. Ensure this
+//    works whether DST has a trailing path separator or not.
+func TestCopyCaseGFSym(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A and B with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+	createSampleDir(t, tmpDirB)
+
+	srcDir := filepath.Join(tmpDirA, "dirSymlink")
+	linkTarget := filepath.Join(tmpDirA, "dir1")
+	dstDir := filepath.Join(tmpDirB, "dir2")
+	resultDir := filepath.Join(dstDir, "dirSymlink")
+
+	var err error
+
+	if err = testCopyHelperFSym(t, srcDir, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = dirContentsEqual(t, resultDir, linkTarget); err != nil {
+		t.Fatal(err)
+	}
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	if err = os.RemoveAll(dstDir); err != nil {
+		t.Fatalf("unable to remove dstDir: %s", err)
+	}
+
+	if err = os.MkdirAll(dstDir, os.FileMode(0755)); err != nil {
+		t.Fatalf("unable to make dstDir: %s", err)
+	}
+
+	dstDir = joinTrailingSep(tmpDirB, "dir2")
+
+	if err = testCopyHelperFSym(t, srcDir, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = dirContentsEqual(t, resultDir, linkTarget); err != nil {
+		t.Fatal(err)
+	}
+}
+
+// H. SRC specifies a directory's contents only and DST does not exist. This
+//    should create a directory at DST and copy the contents of the SRC
+//    directory (but not the directory itself) into the DST directory. Ensure
+//    this works whether DST has a trailing path separator or not.
+func TestCopyCaseH(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+
+	srcDir := joinTrailingSep(tmpDirA, "dir1") + "."
+	dstDir := filepath.Join(tmpDirB, "testDir")
+
+	var err error
+
+	if err = testCopyHelper(t, srcDir, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = dirContentsEqual(t, dstDir, srcDir); err != nil {
+		t.Log("dir contents not equal")
+		logDirContents(t, tmpDirA)
+		logDirContents(t, tmpDirB)
+		t.Fatal(err)
+	}
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	if err = os.RemoveAll(dstDir); err != nil {
+		t.Fatalf("unable to remove dstDir: %s", err)
+	}
+
+	dstDir = joinTrailingSep(tmpDirB, "testDir")
+
+	if err = testCopyHelper(t, srcDir, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = dirContentsEqual(t, dstDir, srcDir); err != nil {
+		t.Log("dir contents not equal")
+		logDirContents(t, tmpDirA)
+		logDirContents(t, tmpDirB)
+		t.Fatal(err)
+	}
+}
+
+// H. Symbol link following version:
+//    SRC specifies a directory's contents only and DST does not exist. This
+//    should create a directory at DST and copy the contents of the SRC
+//    directory (but not the directory itself) into the DST directory. Ensure
+//    this works whether DST has a trailing path separator or not.
+func TestCopyCaseHFSym(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+
+	srcDir := joinTrailingSep(tmpDirA, "dirSymlink") + "."
+	linkTarget := filepath.Join(tmpDirA, "dir1")
+	dstDir := filepath.Join(tmpDirB, "testDir")
+
+	var err error
+
+	if err = testCopyHelperFSym(t, srcDir, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = dirContentsEqual(t, dstDir, linkTarget); err != nil {
+		t.Log("dir contents not equal")
+		logDirContents(t, tmpDirA)
+		logDirContents(t, tmpDirB)
+		t.Fatal(err)
+	}
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	if err = os.RemoveAll(dstDir); err != nil {
+		t.Fatalf("unable to remove dstDir: %s", err)
+	}
+
+	dstDir = joinTrailingSep(tmpDirB, "testDir")
+
+	if err = testCopyHelperFSym(t, srcDir, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = dirContentsEqual(t, dstDir, linkTarget); err != nil {
+		t.Log("dir contents not equal")
+		logDirContents(t, tmpDirA)
+		logDirContents(t, tmpDirB)
+		t.Fatal(err)
+	}
+}
+
+// I. SRC specifies a directory's contents only and DST exists as a file. This
+//    should cause an error as it is not possible to overwrite a file with a
+//    directory.
+func TestCopyCaseI(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A and B with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+	createSampleDir(t, tmpDirB)
+
+	srcDir := joinTrailingSep(tmpDirA, "dir1") + "."
+	symSrcDir := filepath.Join(tmpDirB, "dirSymlink")
+	dstFile := filepath.Join(tmpDirB, "file1")
+
+	var err error
+
+	if err = testCopyHelper(t, srcDir, dstFile); err == nil {
+		t.Fatal("expected ErrCannotCopyDir error, but got nil instead")
+	}
+
+	if err != ErrCannotCopyDir {
+		t.Fatalf("expected ErrCannotCopyDir error, but got %T: %s", err, err)
+	}
+
+	// now try with symbol link of dir
+	if err = testCopyHelperFSym(t, symSrcDir, dstFile); err == nil {
+		t.Fatal("expected ErrCannotCopyDir error, but got nil instead")
+	}
+
+	if err != ErrCannotCopyDir {
+		t.Fatalf("expected ErrCannotCopyDir error, but got %T: %s", err, err)
+	}
+}
+
+// J. SRC specifies a directory's contents only and DST exists as a directory.
+//    This should copy the contents of the SRC directory (but not the directory
+//    itself) into the DST directory. Ensure this works whether DST has a
+//    trailing path separator or not.
+func TestCopyCaseJ(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A and B with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+	createSampleDir(t, tmpDirB)
+
+	srcDir := joinTrailingSep(tmpDirA, "dir1") + "."
+	dstDir := filepath.Join(tmpDirB, "dir5")
+
+	var err error
+
+	// first to create an empty dir
+	if err = os.MkdirAll(dstDir, os.FileMode(0755)); err != nil {
+		t.Fatalf("unable to make dstDir: %s", err)
+	}
+
+	if err = testCopyHelper(t, srcDir, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = dirContentsEqual(t, dstDir, srcDir); err != nil {
+		t.Fatal(err)
+	}
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	if err = os.RemoveAll(dstDir); err != nil {
+		t.Fatalf("unable to remove dstDir: %s", err)
+	}
+
+	if err = os.MkdirAll(dstDir, os.FileMode(0755)); err != nil {
+		t.Fatalf("unable to make dstDir: %s", err)
+	}
+
+	dstDir = joinTrailingSep(tmpDirB, "dir5")
+
+	if err = testCopyHelper(t, srcDir, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = dirContentsEqual(t, dstDir, srcDir); err != nil {
+		t.Fatal(err)
+	}
+}
+
+// J. Symbol link following version:
+//    SRC specifies a directory's contents only and DST exists as a directory.
+//    This should copy the contents of the SRC directory (but not the directory
+//    itself) into the DST directory. Ensure this works whether DST has a
+//    trailing path separator or not.
+func TestCopyCaseJFSym(t *testing.T) {
+	tmpDirA, tmpDirB := getTestTempDirs(t)
+	defer removeAllPaths(tmpDirA, tmpDirB)
+
+	// Load A and B with some sample files and directories.
+	createSampleDir(t, tmpDirA)
+	createSampleDir(t, tmpDirB)
+
+	srcDir := joinTrailingSep(tmpDirA, "dirSymlink") + "."
+	linkTarget := filepath.Join(tmpDirA, "dir1")
+	dstDir := filepath.Join(tmpDirB, "dir5")
+
+	var err error
+
+	// first to create an empty dir
+	if err = os.MkdirAll(dstDir, os.FileMode(0755)); err != nil {
+		t.Fatalf("unable to make dstDir: %s", err)
+	}
+
+	if err = testCopyHelperFSym(t, srcDir, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = dirContentsEqual(t, dstDir, linkTarget); err != nil {
+		t.Fatal(err)
+	}
+
+	// Now try again but using a trailing path separator for dstDir.
+
+	if err = os.RemoveAll(dstDir); err != nil {
+		t.Fatalf("unable to remove dstDir: %s", err)
+	}
+
+	if err = os.MkdirAll(dstDir, os.FileMode(0755)); err != nil {
+		t.Fatalf("unable to make dstDir: %s", err)
+	}
+
+	dstDir = joinTrailingSep(tmpDirB, "dir5")
+
+	if err = testCopyHelperFSym(t, srcDir, dstDir); err != nil {
+		t.Fatalf("unexpected error %T: %s", err, err)
+	}
+
+	if err = dirContentsEqual(t, dstDir, linkTarget); err != nil {
+		t.Fatal(err)
+	}
+}
diff --git a/pkg/archive/copy_windows.go b/pkg/archive/copy_windows.go
new file mode 100644
index 00000000..2b775b45
--- /dev/null
+++ b/pkg/archive/copy_windows.go
@@ -0,0 +1,9 @@
+package archive
+
+import (
+	"path/filepath"
+)
+
+func normalizePath(path string) string {
+	return filepath.FromSlash(path)
+}
diff --git a/pkg/archive/diff.go b/pkg/archive/diff.go
new file mode 100644
index 00000000..1b08ad33
--- /dev/null
+++ b/pkg/archive/diff.go
@@ -0,0 +1,279 @@
+package archive
+
+import (
+	"archive/tar"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"runtime"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/pools"
+	"github.com/docker/docker/pkg/system"
+)
+
+// UnpackLayer unpack `layer` to a `dest`. The stream `layer` can be
+// compressed or uncompressed.
+// Returns the size in bytes of the contents of the layer.
+func UnpackLayer(dest string, layer Reader, options *TarOptions) (size int64, err error) {
+	tr := tar.NewReader(layer)
+	trBuf := pools.BufioReader32KPool.Get(tr)
+	defer pools.BufioReader32KPool.Put(trBuf)
+
+	var dirs []*tar.Header
+	unpackedPaths := make(map[string]struct{})
+
+	if options == nil {
+		options = &TarOptions{}
+	}
+	if options.ExcludePatterns == nil {
+		options.ExcludePatterns = []string{}
+	}
+	remappedRootUID, remappedRootGID, err := idtools.GetRootUIDGID(options.UIDMaps, options.GIDMaps)
+	if err != nil {
+		return 0, err
+	}
+
+	aufsTempdir := ""
+	aufsHardlinks := make(map[string]*tar.Header)
+
+	if options == nil {
+		options = &TarOptions{}
+	}
+	// Iterate through the files in the archive.
+	for {
+		hdr, err := tr.Next()
+		if err == io.EOF {
+			// end of tar archive
+			break
+		}
+		if err != nil {
+			return 0, err
+		}
+
+		size += hdr.Size
+
+		// Normalize name, for safety and for a simple is-root check
+		hdr.Name = filepath.Clean(hdr.Name)
+
+		// Windows does not support filenames with colons in them. Ignore
+		// these files. This is not a problem though (although it might
+		// appear that it is). Let's suppose a client is running docker pull.
+		// The daemon it points to is Windows. Would it make sense for the
+		// client to be doing a docker pull Ubuntu for example (which has files
+		// with colons in the name under /usr/share/man/man3)? No, absolutely
+		// not as it would really only make sense that they were pulling a
+		// Windows image. However, for development, it is necessary to be able
+		// to pull Linux images which are in the repository.
+		//
+		// TODO Windows. Once the registry is aware of what images are Windows-
+		// specific or Linux-specific, this warning should be changed to an error
+		// to cater for the situation where someone does manage to upload a Linux
+		// image but have it tagged as Windows inadvertently.
+		if runtime.GOOS == "windows" {
+			if strings.Contains(hdr.Name, ":") {
+				logrus.Warnf("Windows: Ignoring %s (is this a Linux image?)", hdr.Name)
+				continue
+			}
+		}
+
+		// Note as these operations are platform specific, so must the slash be.
+		if !strings.HasSuffix(hdr.Name, string(os.PathSeparator)) {
+			// Not the root directory, ensure that the parent directory exists.
+			// This happened in some tests where an image had a tarfile without any
+			// parent directories.
+			parent := filepath.Dir(hdr.Name)
+			parentPath := filepath.Join(dest, parent)
+
+			if _, err := os.Lstat(parentPath); err != nil && os.IsNotExist(err) {
+				err = system.MkdirAll(parentPath, 0600)
+				if err != nil {
+					return 0, err
+				}
+			}
+		}
+
+		// Skip AUFS metadata dirs
+		if strings.HasPrefix(hdr.Name, WhiteoutMetaPrefix) {
+			// Regular files inside /.wh..wh.plnk can be used as hardlink targets
+			// We don't want this directory, but we need the files in them so that
+			// such hardlinks can be resolved.
+			if strings.HasPrefix(hdr.Name, WhiteoutLinkDir) && hdr.Typeflag == tar.TypeReg {
+				basename := filepath.Base(hdr.Name)
+				aufsHardlinks[basename] = hdr
+				if aufsTempdir == "" {
+					if aufsTempdir, err = ioutil.TempDir("", "dockerplnk"); err != nil {
+						return 0, err
+					}
+					defer os.RemoveAll(aufsTempdir)
+				}
+				if err := createTarFile(filepath.Join(aufsTempdir, basename), dest, hdr, tr, true, nil); err != nil {
+					return 0, err
+				}
+			}
+
+			if hdr.Name != WhiteoutOpaqueDir {
+				continue
+			}
+		}
+		path := filepath.Join(dest, hdr.Name)
+		rel, err := filepath.Rel(dest, path)
+		if err != nil {
+			return 0, err
+		}
+
+		// Note as these operations are platform specific, so must the slash be.
+		if strings.HasPrefix(rel, ".."+string(os.PathSeparator)) {
+			return 0, breakoutError(fmt.Errorf("%q is outside of %q", hdr.Name, dest))
+		}
+		base := filepath.Base(path)
+
+		if strings.HasPrefix(base, WhiteoutPrefix) {
+			dir := filepath.Dir(path)
+			if base == WhiteoutOpaqueDir {
+				_, err := os.Lstat(dir)
+				if err != nil {
+					return 0, err
+				}
+				err = filepath.Walk(dir, func(path string, info os.FileInfo, err error) error {
+					if err != nil {
+						if os.IsNotExist(err) {
+							err = nil // parent was deleted
+						}
+						return err
+					}
+					if path == dir {
+						return nil
+					}
+					if _, exists := unpackedPaths[path]; !exists {
+						err := os.RemoveAll(path)
+						return err
+					}
+					return nil
+				})
+				if err != nil {
+					return 0, err
+				}
+			} else {
+				originalBase := base[len(WhiteoutPrefix):]
+				originalPath := filepath.Join(dir, originalBase)
+				if err := os.RemoveAll(originalPath); err != nil {
+					return 0, err
+				}
+			}
+		} else {
+			// If path exits we almost always just want to remove and replace it.
+			// The only exception is when it is a directory *and* the file from
+			// the layer is also a directory. Then we want to merge them (i.e.
+			// just apply the metadata from the layer).
+			if fi, err := os.Lstat(path); err == nil {
+				if !(fi.IsDir() && hdr.Typeflag == tar.TypeDir) {
+					if err := os.RemoveAll(path); err != nil {
+						return 0, err
+					}
+				}
+			}
+
+			trBuf.Reset(tr)
+			srcData := io.Reader(trBuf)
+			srcHdr := hdr
+
+			// Hard links into /.wh..wh.plnk don't work, as we don't extract that directory, so
+			// we manually retarget these into the temporary files we extracted them into
+			if hdr.Typeflag == tar.TypeLink && strings.HasPrefix(filepath.Clean(hdr.Linkname), WhiteoutLinkDir) {
+				linkBasename := filepath.Base(hdr.Linkname)
+				srcHdr = aufsHardlinks[linkBasename]
+				if srcHdr == nil {
+					return 0, fmt.Errorf("Invalid aufs hardlink")
+				}
+				tmpFile, err := os.Open(filepath.Join(aufsTempdir, linkBasename))
+				if err != nil {
+					return 0, err
+				}
+				defer tmpFile.Close()
+				srcData = tmpFile
+			}
+
+			// if the options contain a uid & gid maps, convert header uid/gid
+			// entries using the maps such that lchown sets the proper mapped
+			// uid/gid after writing the file. We only perform this mapping if
+			// the file isn't already owned by the remapped root UID or GID, as
+			// that specific uid/gid has no mapping from container -> host, and
+			// those files already have the proper ownership for inside the
+			// container.
+			if srcHdr.Uid != remappedRootUID {
+				xUID, err := idtools.ToHost(srcHdr.Uid, options.UIDMaps)
+				if err != nil {
+					return 0, err
+				}
+				srcHdr.Uid = xUID
+			}
+			if srcHdr.Gid != remappedRootGID {
+				xGID, err := idtools.ToHost(srcHdr.Gid, options.GIDMaps)
+				if err != nil {
+					return 0, err
+				}
+				srcHdr.Gid = xGID
+			}
+			if err := createTarFile(path, dest, srcHdr, srcData, true, nil); err != nil {
+				return 0, err
+			}
+
+			// Directory mtimes must be handled at the end to avoid further
+			// file creation in them to modify the directory mtime
+			if hdr.Typeflag == tar.TypeDir {
+				dirs = append(dirs, hdr)
+			}
+			unpackedPaths[path] = struct{}{}
+		}
+	}
+
+	for _, hdr := range dirs {
+		path := filepath.Join(dest, hdr.Name)
+		if err := system.Chtimes(path, hdr.AccessTime, hdr.ModTime); err != nil {
+			return 0, err
+		}
+	}
+
+	return size, nil
+}
+
+// ApplyLayer parses a diff in the standard layer format from `layer`,
+// and applies it to the directory `dest`. The stream `layer` can be
+// compressed or uncompressed.
+// Returns the size in bytes of the contents of the layer.
+func ApplyLayer(dest string, layer Reader) (int64, error) {
+	return applyLayerHandler(dest, layer, &TarOptions{}, true)
+}
+
+// ApplyUncompressedLayer parses a diff in the standard layer format from
+// `layer`, and applies it to the directory `dest`. The stream `layer`
+// can only be uncompressed.
+// Returns the size in bytes of the contents of the layer.
+func ApplyUncompressedLayer(dest string, layer Reader, options *TarOptions) (int64, error) {
+	return applyLayerHandler(dest, layer, options, false)
+}
+
+// do the bulk load of ApplyLayer, but allow for not calling DecompressStream
+func applyLayerHandler(dest string, layer Reader, options *TarOptions, decompress bool) (int64, error) {
+	dest = filepath.Clean(dest)
+
+	// We need to be able to set any perms
+	oldmask, err := system.Umask(0)
+	if err != nil {
+		return 0, err
+	}
+	defer system.Umask(oldmask) // ignore err, ErrNotSupportedPlatform
+
+	if decompress {
+		layer, err = DecompressStream(layer)
+		if err != nil {
+			return 0, err
+		}
+	}
+	return UnpackLayer(dest, layer, options)
+}
diff --git a/pkg/archive/diff_test.go b/pkg/archive/diff_test.go
new file mode 100644
index 00000000..8167941a
--- /dev/null
+++ b/pkg/archive/diff_test.go
@@ -0,0 +1,386 @@
+package archive
+
+import (
+	"archive/tar"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"reflect"
+	"runtime"
+	"testing"
+
+	"github.com/docker/docker/pkg/ioutils"
+)
+
+func TestApplyLayerInvalidFilenames(t *testing.T) {
+	// TODO Windows: Figure out how to fix this test.
+	if runtime.GOOS == "windows" {
+		t.Skip("Passes but hits breakoutError: platform and architecture is not supported")
+	}
+	for i, headers := range [][]*tar.Header{
+		{
+			{
+				Name:     "../victim/dotdot",
+				Typeflag: tar.TypeReg,
+				Mode:     0644,
+			},
+		},
+		{
+			{
+				// Note the leading slash
+				Name:     "/../victim/slash-dotdot",
+				Typeflag: tar.TypeReg,
+				Mode:     0644,
+			},
+		},
+	} {
+		if err := testBreakout("applylayer", "docker-TestApplyLayerInvalidFilenames", headers); err != nil {
+			t.Fatalf("i=%d. %v", i, err)
+		}
+	}
+}
+
+func TestApplyLayerInvalidHardlink(t *testing.T) {
+	if runtime.GOOS == "windows" {
+		t.Skip("TypeLink support on Windows")
+	}
+	for i, headers := range [][]*tar.Header{
+		{ // try reading victim/hello (../)
+			{
+				Name:     "dotdot",
+				Typeflag: tar.TypeLink,
+				Linkname: "../victim/hello",
+				Mode:     0644,
+			},
+		},
+		{ // try reading victim/hello (/../)
+			{
+				Name:     "slash-dotdot",
+				Typeflag: tar.TypeLink,
+				// Note the leading slash
+				Linkname: "/../victim/hello",
+				Mode:     0644,
+			},
+		},
+		{ // try writing victim/file
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeLink,
+				Linkname: "../victim",
+				Mode:     0755,
+			},
+			{
+				Name:     "loophole-victim/file",
+				Typeflag: tar.TypeReg,
+				Mode:     0644,
+			},
+		},
+		{ // try reading victim/hello (hardlink, symlink)
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeLink,
+				Linkname: "../victim",
+				Mode:     0755,
+			},
+			{
+				Name:     "symlink",
+				Typeflag: tar.TypeSymlink,
+				Linkname: "loophole-victim/hello",
+				Mode:     0644,
+			},
+		},
+		{ // Try reading victim/hello (hardlink, hardlink)
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeLink,
+				Linkname: "../victim",
+				Mode:     0755,
+			},
+			{
+				Name:     "hardlink",
+				Typeflag: tar.TypeLink,
+				Linkname: "loophole-victim/hello",
+				Mode:     0644,
+			},
+		},
+		{ // Try removing victim directory (hardlink)
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeLink,
+				Linkname: "../victim",
+				Mode:     0755,
+			},
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeReg,
+				Mode:     0644,
+			},
+		},
+	} {
+		if err := testBreakout("applylayer", "docker-TestApplyLayerInvalidHardlink", headers); err != nil {
+			t.Fatalf("i=%d. %v", i, err)
+		}
+	}
+}
+
+func TestApplyLayerInvalidSymlink(t *testing.T) {
+	if runtime.GOOS == "windows" {
+		t.Skip("TypeSymLink support on Windows")
+	}
+	for i, headers := range [][]*tar.Header{
+		{ // try reading victim/hello (../)
+			{
+				Name:     "dotdot",
+				Typeflag: tar.TypeSymlink,
+				Linkname: "../victim/hello",
+				Mode:     0644,
+			},
+		},
+		{ // try reading victim/hello (/../)
+			{
+				Name:     "slash-dotdot",
+				Typeflag: tar.TypeSymlink,
+				// Note the leading slash
+				Linkname: "/../victim/hello",
+				Mode:     0644,
+			},
+		},
+		{ // try writing victim/file
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeSymlink,
+				Linkname: "../victim",
+				Mode:     0755,
+			},
+			{
+				Name:     "loophole-victim/file",
+				Typeflag: tar.TypeReg,
+				Mode:     0644,
+			},
+		},
+		{ // try reading victim/hello (symlink, symlink)
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeSymlink,
+				Linkname: "../victim",
+				Mode:     0755,
+			},
+			{
+				Name:     "symlink",
+				Typeflag: tar.TypeSymlink,
+				Linkname: "loophole-victim/hello",
+				Mode:     0644,
+			},
+		},
+		{ // try reading victim/hello (symlink, hardlink)
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeSymlink,
+				Linkname: "../victim",
+				Mode:     0755,
+			},
+			{
+				Name:     "hardlink",
+				Typeflag: tar.TypeLink,
+				Linkname: "loophole-victim/hello",
+				Mode:     0644,
+			},
+		},
+		{ // try removing victim directory (symlink)
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeSymlink,
+				Linkname: "../victim",
+				Mode:     0755,
+			},
+			{
+				Name:     "loophole-victim",
+				Typeflag: tar.TypeReg,
+				Mode:     0644,
+			},
+		},
+	} {
+		if err := testBreakout("applylayer", "docker-TestApplyLayerInvalidSymlink", headers); err != nil {
+			t.Fatalf("i=%d. %v", i, err)
+		}
+	}
+}
+
+func TestApplyLayerWhiteouts(t *testing.T) {
+	// TODO Windows: Figure out why this test fails
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+
+	wd, err := ioutil.TempDir("", "graphdriver-test-whiteouts")
+	if err != nil {
+		return
+	}
+	defer os.RemoveAll(wd)
+
+	base := []string{
+		".baz",
+		"bar/",
+		"bar/bax",
+		"bar/bay/",
+		"baz",
+		"foo/",
+		"foo/.abc",
+		"foo/.bcd/",
+		"foo/.bcd/a",
+		"foo/cde/",
+		"foo/cde/def",
+		"foo/cde/efg",
+		"foo/fgh",
+		"foobar",
+	}
+
+	type tcase struct {
+		change, expected []string
+	}
+
+	tcases := []tcase{
+		{
+			base,
+			base,
+		},
+		{
+			[]string{
+				".bay",
+				".wh.baz",
+				"foo/",
+				"foo/.bce",
+				"foo/.wh..wh..opq",
+				"foo/cde/",
+				"foo/cde/efg",
+			},
+			[]string{
+				".bay",
+				".baz",
+				"bar/",
+				"bar/bax",
+				"bar/bay/",
+				"foo/",
+				"foo/.bce",
+				"foo/cde/",
+				"foo/cde/efg",
+				"foobar",
+			},
+		},
+		{
+			[]string{
+				".bay",
+				".wh..baz",
+				".wh.foobar",
+				"foo/",
+				"foo/.abc",
+				"foo/.wh.cde",
+				"bar/",
+			},
+			[]string{
+				".bay",
+				"bar/",
+				"bar/bax",
+				"bar/bay/",
+				"foo/",
+				"foo/.abc",
+				"foo/.bce",
+			},
+		},
+		{
+			[]string{
+				".abc",
+				".wh..wh..opq",
+				"foobar",
+			},
+			[]string{
+				".abc",
+				"foobar",
+			},
+		},
+	}
+
+	for i, tc := range tcases {
+		l, err := makeTestLayer(tc.change)
+		if err != nil {
+			t.Fatal(err)
+		}
+
+		_, err = UnpackLayer(wd, l, nil)
+		if err != nil {
+			t.Fatal(err)
+		}
+		err = l.Close()
+		if err != nil {
+			t.Fatal(err)
+		}
+
+		paths, err := readDirContents(wd)
+		if err != nil {
+			t.Fatal(err)
+		}
+
+		if !reflect.DeepEqual(tc.expected, paths) {
+			t.Fatalf("invalid files for layer %d: expected %q, got %q", i, tc.expected, paths)
+		}
+	}
+
+}
+
+func makeTestLayer(paths []string) (rc io.ReadCloser, err error) {
+	tmpDir, err := ioutil.TempDir("", "graphdriver-test-mklayer")
+	if err != nil {
+		return
+	}
+	defer func() {
+		if err != nil {
+			os.RemoveAll(tmpDir)
+		}
+	}()
+	for _, p := range paths {
+		if p[len(p)-1] == filepath.Separator {
+			if err = os.MkdirAll(filepath.Join(tmpDir, p), 0700); err != nil {
+				return
+			}
+		} else {
+			if err = ioutil.WriteFile(filepath.Join(tmpDir, p), nil, 0600); err != nil {
+				return
+			}
+		}
+	}
+	archive, err := Tar(tmpDir, Uncompressed)
+	if err != nil {
+		return
+	}
+	return ioutils.NewReadCloserWrapper(archive, func() error {
+		err := archive.Close()
+		os.RemoveAll(tmpDir)
+		return err
+	}), nil
+}
+
+func readDirContents(root string) ([]string, error) {
+	var files []string
+	err := filepath.Walk(root, func(path string, info os.FileInfo, err error) error {
+		if err != nil {
+			return err
+		}
+		if path == root {
+			return nil
+		}
+		rel, err := filepath.Rel(root, path)
+		if err != nil {
+			return err
+		}
+		if info.IsDir() {
+			rel = rel + "/"
+		}
+		files = append(files, rel)
+		return nil
+	})
+	if err != nil {
+		return nil, err
+	}
+	return files, nil
+}
diff --git a/pkg/archive/example_changes.go b/pkg/archive/example_changes.go
new file mode 100644
index 00000000..cedd46a4
--- /dev/null
+++ b/pkg/archive/example_changes.go
@@ -0,0 +1,97 @@
+// +build ignore
+
+// Simple tool to create an archive stream from an old and new directory
+//
+// By default it will stream the comparison of two temporary directories with junk files
+package main
+
+import (
+	"flag"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"path"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/pkg/archive"
+)
+
+var (
+	flDebug  = flag.Bool("D", false, "debugging output")
+	flNewDir = flag.String("newdir", "", "")
+	flOldDir = flag.String("olddir", "", "")
+	log      = logrus.New()
+)
+
+func main() {
+	flag.Usage = func() {
+		fmt.Println("Produce a tar from comparing two directory paths. By default a demo tar is created of around 200 files (including hardlinks)")
+		fmt.Printf("%s [OPTIONS]\n", os.Args[0])
+		flag.PrintDefaults()
+	}
+	flag.Parse()
+	log.Out = os.Stderr
+	if (len(os.Getenv("DEBUG")) > 0) || *flDebug {
+		logrus.SetLevel(logrus.DebugLevel)
+	}
+	var newDir, oldDir string
+
+	if len(*flNewDir) == 0 {
+		var err error
+		newDir, err = ioutil.TempDir("", "docker-test-newDir")
+		if err != nil {
+			log.Fatal(err)
+		}
+		defer os.RemoveAll(newDir)
+		if _, err := prepareUntarSourceDirectory(100, newDir, true); err != nil {
+			log.Fatal(err)
+		}
+	} else {
+		newDir = *flNewDir
+	}
+
+	if len(*flOldDir) == 0 {
+		oldDir, err := ioutil.TempDir("", "docker-test-oldDir")
+		if err != nil {
+			log.Fatal(err)
+		}
+		defer os.RemoveAll(oldDir)
+	} else {
+		oldDir = *flOldDir
+	}
+
+	changes, err := archive.ChangesDirs(newDir, oldDir)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	a, err := archive.ExportChanges(newDir, changes)
+	if err != nil {
+		log.Fatal(err)
+	}
+	defer a.Close()
+
+	i, err := io.Copy(os.Stdout, a)
+	if err != nil && err != io.EOF {
+		log.Fatal(err)
+	}
+	fmt.Fprintf(os.Stderr, "wrote archive of %d bytes", i)
+}
+
+func prepareUntarSourceDirectory(numberOfFiles int, targetPath string, makeLinks bool) (int, error) {
+	fileData := []byte("fooo")
+	for n := 0; n < numberOfFiles; n++ {
+		fileName := fmt.Sprintf("file-%d", n)
+		if err := ioutil.WriteFile(path.Join(targetPath, fileName), fileData, 0700); err != nil {
+			return 0, err
+		}
+		if makeLinks {
+			if err := os.Link(path.Join(targetPath, fileName), path.Join(targetPath, fileName+"-link")); err != nil {
+				return 0, err
+			}
+		}
+	}
+	totalSize := numberOfFiles * len(fileData)
+	return totalSize, nil
+}
diff --git a/pkg/archive/testdata/broken.tar b/pkg/archive/testdata/broken.tar
new file mode 100644
index 0000000000000000000000000000000000000000..8f10ea6b87d3eb4fed572349dfe87695603b10a5
GIT binary patch
literal 13824
zcmeHN>rxv>7UtLfn5Q@^l8gXrG&7O_li)0oQBai)6v9rjo&-ixOPXbFo(r;aaqT1Q
zi|o_vJM6y3ey8Um2^?(fm~vH66==Hq^tqqYr_U$~f~3CkaX-4=)VFkfMbAE0zj=1W
zFdGeXOK)!KtrgwSO|!8=t&huAhCPiFI|54|O6#g{AByje_D5`gZ4lbN_tD%y+P?+6
zW}mCyJbT6dM$<6v?SB_8uxS5j5M6u>C%C=+&BoS!{NIK7SFYLLXgq9fL;u??&1{<b
z!#}_wZg2ml(Q4ku|6Mr1+wI?RTv6*d{;+nE;z`#Uja&M}?d`v1Y;E1!|I@Yq)BV#u
zZRWY}#v$rCeY4qI`6s}QfBo-2{9XIYzyF)p1BPLmD~7SzXl<ICn<)Hr)7Wg8EA+uN
z8R)$ABkMn+x5B**AQz@AZr%p}iLBRZHCp{)@9C2rL(>)C_QVb?f0pB4xfD_C1pX2f
z=LE&>$4O)llEszRik&8tAi~^>9~IXb2tQsXkop&XF!hz8gWXO)O@R9>nS~7H1w&*U
zWf1ryXPidjED|qMClc|F!YuB;N}eT-8}IBqwJ!w!F&$m$r;a;(N7!YIEb7h<=ej}&
zT~f;Cd!ZOC&mX2<A4GTBffw2lvz)=7iZ}sRft-@sEaqQf{#!Tbmv}UNOYws<kQA>n
zv4)UvkOa{z8}jxVC6bTq+3^R;Sok8c6EQsN&k9^`&<Ew#qD`%}b*8rzPb79NW<eyv
zG;;IZlOzdu>h(<JHK{@^4$^2KMnN<dnlF+%N4?x!yEL?>Hc32JVwt-Hrj<{`vG3V<
zCk?#){6BW>!9@+(L2u}{Jos}CZh!u_HaA;$dH(--^ZzaF-*=t<t)1ZZ_TOx6-P`}2
z;`c*=-pBr)?ceGOaC`f2H5+$&|NryGzs&BaRh;3_6;m!^cAhw6t_Fs^LF9zVAxgrI
z^Ga)k-uwDmQU6~pk+ZSU)Y0=r|JP`?471rlpV-_&ANVfo{}p;)*~)!ag?rz?DiPkz
zgJxA|FHHi^PMm@5x-%+EOX|<)I2dwy?USjQTU3?9p5ukCpoV5{uPNBif7DBCe`rTT
z3L{~Aebmu%diM|dDB4g^FC<WUE+WY)#i2bARGm(QPg6ky+gB4xV?o;SF&J}3l#mvO
zq_r;P$mfxwX%g4-KI8gEj2)kg<UYjrC=ss`MH?m5{!Y>S5&i^O)@Me!3BwBQ`@=VE
zIl)Fp0<ty)I0-2ZJn%KK`C23*!u80HT~G@An4m7!)liHaUkr(FKmIt@h^+N0?qpNP
zb)^Q!&ZPh_rG6ipy|AHL8rt#X0RtX)B_K(l(2;XbDhqQqxncyFz|$~DdGE_KNW=q4
z9tcjBfg=w6CCH4S_Qq9)$j4<aqV~oHAli25B(_TscWjdrvlWJv1i*BSZy`mO93>MG
z@%2K`G+^8HA?T&;xGZB%_q<@Vt&(_!w-gfXxk@mb9|fb)1BuBGk_ptuvx%G~pq0Kb
zb&?6Szj_3#ClOiI_3vu1e+<T{ZC$E0&A3#piCQy4)rxE8M*h5E#X6Q3R^dW|e6oJA
z6!1m_957RkFrR=qLihlW;C)rguWARo&2;UHs^RULcpxU7Z<CbFRAm&!bB*ofK>mOX
z9k`Og<ag2OH>2B5RmN7LGZ)c;3%E%Ip__9KKUf&G&zD9jkJNr-{ibNby{ds<t*Y>>
zUrSU_0z^Wf<)}gE{Jb22kgArW_I#nO79{eFvL6rZP*4oJ7H%7}fn5i&1ZT@5hDK4~
z(U`5S#`Fws86Z{2P=gP6usiI=mKaOr@4W<f_DdFo`NM}zf>|(?6Ye5$Oayf(LUxEb
zaN*HO8gZBg{sZJ1)pg4>36^kmC*dQ2;oE@^#)cw_*aI^!cM=y1Rqga(?Ey`Mja44@
zco?Vs7`J_y5ir%m6vXp*y&Gb{4lfBvR0R>wjxNBA^zHAzdc;~eK6(s=AB|{$OM8p}
zp9LwiIkAyG5Q$+F3`7h$CPJbL(j-h1h61!ZViYo4dBXOg@lop12w4V<L4&zs_AUbl
zRPBf%7W7VbALtP2MKUWDr*_mV-FCm1snL%p>Yz!&$vL+Po-n0lE6B8Y;6$Ar89(FQ
zU43m0VVC)g+}A0GY(H3=vGXH;5|6sFnZk+NN-WF&+)64KnDBNmlR?P<{j247c6ZGs
zY`hF!K4&Hi(0r~#=6sH0f#>;~|6uT_GuPArovwt~PT&t2-pNh;x9aMe7i;!lK!(<$
z?d`g5*7a@bJ?(y(Y4ln98)|Cinp8V=gdKs-N$TT&k8N344C6y&*H}a~{9Pg&%cB8(
zs3gwCMEH-=;aI?u+)#>TQj}R!`jyO-QsK*KZS|lK9+9#7oV0B(la+@sRbyfJf~*mY
z#+u;OA2B@66aq^nOW6`=t5qYdRV{oFkE8T+GhJI-*NldT<GMfrdYcObq_-4np!UTa
z62ven4N*a=kcA193+2D7wCW<x^TokWivt|3bJDNrb;(Bkcf<u=>tcr!I|PQf({z2i
zZs;`}x~m6ks)bXh@+($$(s>pJ`5X6~16{Ufo<hOp)jft@H;jVNPjA=*VXp3B-qzFy
zZvcLM4LC!MqtjbcU%z2T{o0OY(SNq8vAei$!G_W)rF&L~wiC~4DDQ;3mL2w#n^vCS
zJ2z3;0CO9x>JC(mW1b(MtJcpN$ZBT3r1B`&Cx9{-iF=!{A}z(ob033DW~d!*9$cfm
zVNC%z6l$8Qz0L<amlq9R;(1{~=%L_}f@kJr!Pk!x=@7-loMt$bG^groHAiH&Jk=VR
zR&_E%j4>iPv&`A!8a*yd3zi-in+*e-!2$MiQNyE>1xX!65{vsnGKkf9!|0+OGBAb=
z5*&U!Rl91sZq^%6Di#9<<87G)rv;99!{p6oE&}gq)LXeeJT)kYlsjz{ehkbMY(O`q
zGvc6vviAh-6>EFt+I|*)$Z&%o;(ob2LAmI=<VrwhwM%)lUw7a2hl_E@e5S9hA!K2O
z%kV<}$`HIQz@&<rp86Auh3`cqoVYj(gD*FjqM(QaSH9xFslX{4=lmc_q`SLelwDdl
zSsXkv8&n*U&mS2N$x;^Ut{sAM@~pT`aa;}pvdd?9l=LD4t~s7hOCN!<d3rJ{q1gih
zwI9wi3)?eLpB&F;*iLi8Y#G==o_-#!zTotaB##pVr$ieI75am2f4huK(YoK$DHl^z
zdDpH5p=*JSrw4SK9aJ%OqftW+H5;glLlL=j+0u+{&BX8-j$3L6T<_s^70R$<UVj`6
zQV++DyxoB$gzv!W*&Rhzj|9J@f8ceaGr~=q9TpbcbEoz!t1jjGWESE&D_6fnC5Q^*
zLcqGf1~}Al0cQLed8kWyh0C@?3?`_0Q4tSw9{Bu+`{KT94+*zOAD4*U0aXt7p6*wa
zch-beqmlCpM5a-Idau_$=^me+F%s#p$9ty-XWhfj5o$_1L0O)4jVKlgIA(gi9}bU>
zd);1Ux&vAHF3sW+ZYtInM5`<aS2kpap%%ttM^5u)K4<qEeyJy-FEKBd<Qpm&;ukq0
z)ZeoFsl2gyRpD(ME}sE?_WWCkX_byptn(#;tNuaYLBmiRZsl@Q$ge+em$zy$b=u$J
za#O>7V!gWe@@A3}gzBN4OzKHcFXhsnBZ62vkM}c;c8?C16|}T)I>F_`E4y<`7O_Uv
z_IIGuK3}j6k8x0(NE^)|N^6ztuoF5wcqyCPP4-b>1H5)kQM(q_kYzo37tjs2w1@@5
z)pou5q*BNKlggS#-4TOxF*--bZwQgZIP>8>Wh4R6qJg1trGj7P+M9C-U$bgV0-Bbc
zM}8SyaI1`5o3Hn=gK~dij~yq2v7>PXETRIqq!En36W>+P9az*N;)5;FK054lzkPPH
zcY4hR*Orc{l5us$Y*nZ!(@__9wdDn6|B~BL+;v!B^Cr<A%tOZ-b&(!im(9mvgsY|#
z4dI4!RPSSH<bvyV#mjh^W(ct>(N`)UtH54-56s#rGO&e@Q}~KNY<cNr8n?O<R`Hz0
z1w9pD6oj1ckgHrbR@j#oTzZ0&5jRwv;^>PdQ94MZxA|gP9PSIqe@Ff$9bNNvws)xH
zUYfZ#^MIJly?f4ly_CL`QQoB~o&>3jKAlL=*#tHX$;*%#;^sVnJHGU0={L0dh$?du
z$V*u|2o=sbG6HQV;$?~-5Xh?Gjf~m#{@1wY+1@T!Us<#xZ;2Rn{Y@!B=|jZ;TY#GL
zQet9G=4h_z5?#7$NWf6BJyZ3f$1aFp02S_lpyVtB;|niLX54VbZP`xU1YMSiGnf#!
zBhWBJBLfCg3eCtIG~av^x3Yo4twnBx#0a&E><Z1@4Ne^joS+N^P7<8_aH#Xax|s6v
zl(F~h^x){^%86D^{*Xp9`a61<=;bQtLMx|s5~maABA}<v%pTiQlwtB@+~23YC%vQP
z#NR7t^F!|d+`Ie(6Fzv9ukzn$jFDW@z6LAQ<>6G9&~+z{;Wn%CtG>DYD1(pjqYiYL
oJsf9Rk?Q4-IWqA2mih3}{ZBUT=3UD@m3s}`Yv5i3pOOat4?XSI`2YX_

literal 0
HcmV?d00001

diff --git a/pkg/archive/time_linux.go b/pkg/archive/time_linux.go
new file mode 100644
index 00000000..3448569b
--- /dev/null
+++ b/pkg/archive/time_linux.go
@@ -0,0 +1,16 @@
+package archive
+
+import (
+	"syscall"
+	"time"
+)
+
+func timeToTimespec(time time.Time) (ts syscall.Timespec) {
+	if time.IsZero() {
+		// Return UTIME_OMIT special value
+		ts.Sec = 0
+		ts.Nsec = ((1 << 30) - 2)
+		return
+	}
+	return syscall.NsecToTimespec(time.UnixNano())
+}
diff --git a/pkg/archive/time_unsupported.go b/pkg/archive/time_unsupported.go
new file mode 100644
index 00000000..e85aac05
--- /dev/null
+++ b/pkg/archive/time_unsupported.go
@@ -0,0 +1,16 @@
+// +build !linux
+
+package archive
+
+import (
+	"syscall"
+	"time"
+)
+
+func timeToTimespec(time time.Time) (ts syscall.Timespec) {
+	nsec := int64(0)
+	if !time.IsZero() {
+		nsec = time.UnixNano()
+	}
+	return syscall.NsecToTimespec(nsec)
+}
diff --git a/pkg/archive/utils_test.go b/pkg/archive/utils_test.go
new file mode 100644
index 00000000..98719032
--- /dev/null
+++ b/pkg/archive/utils_test.go
@@ -0,0 +1,166 @@
+package archive
+
+import (
+	"archive/tar"
+	"bytes"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"time"
+)
+
+var testUntarFns = map[string]func(string, io.Reader) error{
+	"untar": func(dest string, r io.Reader) error {
+		return Untar(r, dest, nil)
+	},
+	"applylayer": func(dest string, r io.Reader) error {
+		_, err := ApplyLayer(dest, Reader(r))
+		return err
+	},
+}
+
+// testBreakout is a helper function that, within the provided `tmpdir` directory,
+// creates a `victim` folder with a generated `hello` file in it.
+// `untar` extracts to a directory named `dest`, the tar file created from `headers`.
+//
+// Here are the tested scenarios:
+// - removed `victim` folder				(write)
+// - removed files from `victim` folder			(write)
+// - new files in `victim` folder			(write)
+// - modified files in `victim` folder			(write)
+// - file in `dest` with same content as `victim/hello` (read)
+//
+// When using testBreakout make sure you cover one of the scenarios listed above.
+func testBreakout(untarFn string, tmpdir string, headers []*tar.Header) error {
+	tmpdir, err := ioutil.TempDir("", tmpdir)
+	if err != nil {
+		return err
+	}
+	defer os.RemoveAll(tmpdir)
+
+	dest := filepath.Join(tmpdir, "dest")
+	if err := os.Mkdir(dest, 0755); err != nil {
+		return err
+	}
+
+	victim := filepath.Join(tmpdir, "victim")
+	if err := os.Mkdir(victim, 0755); err != nil {
+		return err
+	}
+	hello := filepath.Join(victim, "hello")
+	helloData, err := time.Now().MarshalText()
+	if err != nil {
+		return err
+	}
+	if err := ioutil.WriteFile(hello, helloData, 0644); err != nil {
+		return err
+	}
+	helloStat, err := os.Stat(hello)
+	if err != nil {
+		return err
+	}
+
+	reader, writer := io.Pipe()
+	go func() {
+		t := tar.NewWriter(writer)
+		for _, hdr := range headers {
+			t.WriteHeader(hdr)
+		}
+		t.Close()
+	}()
+
+	untar := testUntarFns[untarFn]
+	if untar == nil {
+		return fmt.Errorf("could not find untar function %q in testUntarFns", untarFn)
+	}
+	if err := untar(dest, reader); err != nil {
+		if _, ok := err.(breakoutError); !ok {
+			// If untar returns an error unrelated to an archive breakout,
+			// then consider this an unexpected error and abort.
+			return err
+		}
+		// Here, untar detected the breakout.
+		// Let's move on verifying that indeed there was no breakout.
+		fmt.Printf("breakoutError: %v\n", err)
+	}
+
+	// Check victim folder
+	f, err := os.Open(victim)
+	if err != nil {
+		// codepath taken if victim folder was removed
+		return fmt.Errorf("archive breakout: error reading %q: %v", victim, err)
+	}
+	defer f.Close()
+
+	// Check contents of victim folder
+	//
+	// We are only interested in getting 2 files from the victim folder, because if all is well
+	// we expect only one result, the `hello` file. If there is a second result, it cannot
+	// hold the same name `hello` and we assume that a new file got created in the victim folder.
+	// That is enough to detect an archive breakout.
+	names, err := f.Readdirnames(2)
+	if err != nil {
+		// codepath taken if victim is not a folder
+		return fmt.Errorf("archive breakout: error reading directory content of %q: %v", victim, err)
+	}
+	for _, name := range names {
+		if name != "hello" {
+			// codepath taken if new file was created in victim folder
+			return fmt.Errorf("archive breakout: new file %q", name)
+		}
+	}
+
+	// Check victim/hello
+	f, err = os.Open(hello)
+	if err != nil {
+		// codepath taken if read permissions were removed
+		return fmt.Errorf("archive breakout: could not lstat %q: %v", hello, err)
+	}
+	defer f.Close()
+	b, err := ioutil.ReadAll(f)
+	if err != nil {
+		return err
+	}
+	fi, err := f.Stat()
+	if err != nil {
+		return err
+	}
+	if helloStat.IsDir() != fi.IsDir() ||
+		// TODO: cannot check for fi.ModTime() change
+		helloStat.Mode() != fi.Mode() ||
+		helloStat.Size() != fi.Size() ||
+		!bytes.Equal(helloData, b) {
+		// codepath taken if hello has been modified
+		return fmt.Errorf("archive breakout: file %q has been modified. Contents: expected=%q, got=%q. FileInfo: expected=%#v, got=%#v", hello, helloData, b, helloStat, fi)
+	}
+
+	// Check that nothing in dest/ has the same content as victim/hello.
+	// Since victim/hello was generated with time.Now(), it is safe to assume
+	// that any file whose content matches exactly victim/hello, managed somehow
+	// to access victim/hello.
+	return filepath.Walk(dest, func(path string, info os.FileInfo, err error) error {
+		if info.IsDir() {
+			if err != nil {
+				// skip directory if error
+				return filepath.SkipDir
+			}
+			// enter directory
+			return nil
+		}
+		if err != nil {
+			// skip file if error
+			return nil
+		}
+		b, err := ioutil.ReadFile(path)
+		if err != nil {
+			// Houston, we have a problem. Aborting (space)walk.
+			return err
+		}
+		if bytes.Equal(helloData, b) {
+			return fmt.Errorf("archive breakout: file %q has been accessed via %q", hello, path)
+		}
+		return nil
+	})
+}
diff --git a/pkg/archive/whiteouts.go b/pkg/archive/whiteouts.go
new file mode 100644
index 00000000..d20478a1
--- /dev/null
+++ b/pkg/archive/whiteouts.go
@@ -0,0 +1,23 @@
+package archive
+
+// Whiteouts are files with a special meaning for the layered filesystem.
+// Docker uses AUFS whiteout files inside exported archives. In other
+// filesystems these files are generated/handled on tar creation/extraction.
+
+// WhiteoutPrefix prefix means file is a whiteout. If this is followed by a
+// filename this means that file has been removed from the base layer.
+const WhiteoutPrefix = ".wh."
+
+// WhiteoutMetaPrefix prefix means whiteout has a special meaning and is not
+// for removing an actual file. Normally these files are excluded from exported
+// archives.
+const WhiteoutMetaPrefix = WhiteoutPrefix + WhiteoutPrefix
+
+// WhiteoutLinkDir is a directory AUFS uses for storing hardlink links to other
+// layers. Normally these should not go into exported archives and all changed
+// hardlinks should be copied to the top layer.
+const WhiteoutLinkDir = WhiteoutMetaPrefix + "plnk"
+
+// WhiteoutOpaqueDir file means directory has been made opaque - meaning
+// readdir calls to this directory do not follow to lower layers.
+const WhiteoutOpaqueDir = WhiteoutMetaPrefix + ".opq"
diff --git a/pkg/archive/wrap.go b/pkg/archive/wrap.go
new file mode 100644
index 00000000..dfb335c0
--- /dev/null
+++ b/pkg/archive/wrap.go
@@ -0,0 +1,59 @@
+package archive
+
+import (
+	"archive/tar"
+	"bytes"
+	"io/ioutil"
+)
+
+// Generate generates a new archive from the content provided
+// as input.
+//
+// `files` is a sequence of path/content pairs. A new file is
+// added to the archive for each pair.
+// If the last pair is incomplete, the file is created with an
+// empty content. For example:
+//
+// Generate("foo.txt", "hello world", "emptyfile")
+//
+// The above call will return an archive with 2 files:
+//  * ./foo.txt with content "hello world"
+//  * ./empty with empty content
+//
+// FIXME: stream content instead of buffering
+// FIXME: specify permissions and other archive metadata
+func Generate(input ...string) (Archive, error) {
+	files := parseStringPairs(input...)
+	buf := new(bytes.Buffer)
+	tw := tar.NewWriter(buf)
+	for _, file := range files {
+		name, content := file[0], file[1]
+		hdr := &tar.Header{
+			Name: name,
+			Size: int64(len(content)),
+		}
+		if err := tw.WriteHeader(hdr); err != nil {
+			return nil, err
+		}
+		if _, err := tw.Write([]byte(content)); err != nil {
+			return nil, err
+		}
+	}
+	if err := tw.Close(); err != nil {
+		return nil, err
+	}
+	return ioutil.NopCloser(buf), nil
+}
+
+func parseStringPairs(input ...string) (output [][2]string) {
+	output = make([][2]string, 0, len(input)/2+1)
+	for i := 0; i < len(input); i += 2 {
+		var pair [2]string
+		pair[0] = input[i]
+		if i+1 < len(input) {
+			pair[1] = input[i+1]
+		}
+		output = append(output, pair)
+	}
+	return
+}
diff --git a/pkg/archive/wrap_test.go b/pkg/archive/wrap_test.go
new file mode 100644
index 00000000..46ab3669
--- /dev/null
+++ b/pkg/archive/wrap_test.go
@@ -0,0 +1,98 @@
+package archive
+
+import (
+	"archive/tar"
+	"bytes"
+	"io"
+	"testing"
+)
+
+func TestGenerateEmptyFile(t *testing.T) {
+	archive, err := Generate("emptyFile")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if archive == nil {
+		t.Fatal("The generated archive should not be nil.")
+	}
+
+	expectedFiles := [][]string{
+		{"emptyFile", ""},
+	}
+
+	tr := tar.NewReader(archive)
+	actualFiles := make([][]string, 0, 10)
+	i := 0
+	for {
+		hdr, err := tr.Next()
+		if err == io.EOF {
+			break
+		}
+		if err != nil {
+			t.Fatal(err)
+		}
+		buf := new(bytes.Buffer)
+		buf.ReadFrom(tr)
+		content := buf.String()
+		actualFiles = append(actualFiles, []string{hdr.Name, content})
+		i++
+	}
+	if len(actualFiles) != len(expectedFiles) {
+		t.Fatalf("Number of expected file %d, got %d.", len(expectedFiles), len(actualFiles))
+	}
+	for i := 0; i < len(expectedFiles); i++ {
+		actual := actualFiles[i]
+		expected := expectedFiles[i]
+		if actual[0] != expected[0] {
+			t.Fatalf("Expected name '%s', Actual name '%s'", expected[0], actual[0])
+		}
+		if actual[1] != expected[1] {
+			t.Fatalf("Expected content '%s', Actual content '%s'", expected[1], actual[1])
+		}
+	}
+}
+
+func TestGenerateWithContent(t *testing.T) {
+	archive, err := Generate("file", "content")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if archive == nil {
+		t.Fatal("The generated archive should not be nil.")
+	}
+
+	expectedFiles := [][]string{
+		{"file", "content"},
+	}
+
+	tr := tar.NewReader(archive)
+	actualFiles := make([][]string, 0, 10)
+	i := 0
+	for {
+		hdr, err := tr.Next()
+		if err == io.EOF {
+			break
+		}
+		if err != nil {
+			t.Fatal(err)
+		}
+		buf := new(bytes.Buffer)
+		buf.ReadFrom(tr)
+		content := buf.String()
+		actualFiles = append(actualFiles, []string{hdr.Name, content})
+		i++
+	}
+	if len(actualFiles) != len(expectedFiles) {
+		t.Fatalf("Number of expected file %d, got %d.", len(expectedFiles), len(actualFiles))
+	}
+	for i := 0; i < len(expectedFiles); i++ {
+		actual := actualFiles[i]
+		expected := expectedFiles[i]
+		if actual[0] != expected[0] {
+			t.Fatalf("Expected name '%s', Actual name '%s'", expected[0], actual[0])
+		}
+		if actual[1] != expected[1] {
+			t.Fatalf("Expected content '%s', Actual content '%s'", expected[1], actual[1])
+		}
+	}
+}
diff --git a/pkg/authorization/api.go b/pkg/authorization/api.go
new file mode 100644
index 00000000..fc82c46b
--- /dev/null
+++ b/pkg/authorization/api.go
@@ -0,0 +1,54 @@
+package authorization
+
+const (
+	// AuthZApiRequest is the url for daemon request authorization
+	AuthZApiRequest = "AuthZPlugin.AuthZReq"
+
+	// AuthZApiResponse is the url for daemon response authorization
+	AuthZApiResponse = "AuthZPlugin.AuthZRes"
+
+	// AuthZApiImplements is the name of the interface all AuthZ plugins implement
+	AuthZApiImplements = "authz"
+)
+
+// Request holds data required for authZ plugins
+type Request struct {
+	// User holds the user extracted by AuthN mechanism
+	User string `json:"User,omitempty"`
+
+	// UserAuthNMethod holds the mechanism used to extract user details (e.g., krb)
+	UserAuthNMethod string `json:"UserAuthNMethod,omitempty"`
+
+	// RequestMethod holds the HTTP method (GET/POST/PUT)
+	RequestMethod string `json:"RequestMethod,omitempty"`
+
+	// RequestUri holds the full HTTP uri (e.g., /v1.21/version)
+	RequestURI string `json:"RequestUri,omitempty"`
+
+	// RequestBody stores the raw request body sent to the docker daemon
+	RequestBody []byte `json:"RequestBody,omitempty"`
+
+	// RequestHeaders stores the raw request headers sent to the docker daemon
+	RequestHeaders map[string]string `json:"RequestHeaders,omitempty"`
+
+	// ResponseStatusCode stores the status code returned from docker daemon
+	ResponseStatusCode int `json:"ResponseStatusCode,omitempty"`
+
+	// ResponseBody stores the raw response body sent from docker daemon
+	ResponseBody []byte `json:"ResponseBody,omitempty"`
+
+	// ResponseHeaders stores the response headers sent to the docker daemon
+	ResponseHeaders map[string]string `json:"ResponseHeaders,omitempty"`
+}
+
+// Response represents authZ plugin response
+type Response struct {
+	// Allow indicating whether the user is allowed or not
+	Allow bool `json:"Allow"`
+
+	// Msg stores the authorization message
+	Msg string `json:"Msg,omitempty"`
+
+	// Err stores a message in case there's an error
+	Err string `json:"Err,omitempty"`
+}
diff --git a/pkg/authorization/authz.go b/pkg/authorization/authz.go
new file mode 100644
index 00000000..f7039086
--- /dev/null
+++ b/pkg/authorization/authz.go
@@ -0,0 +1,165 @@
+package authorization
+
+import (
+	"bufio"
+	"bytes"
+	"fmt"
+	"io"
+	"net/http"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/pkg/ioutils"
+)
+
+const maxBodySize = 1048576 // 1MB
+
+// NewCtx creates new authZ context, it is used to store authorization information related to a specific docker
+// REST http session
+// A context provides two method:
+// Authenticate Request:
+// Call authZ plugins with current REST request and AuthN response
+// Request contains full HTTP packet sent to the docker daemon
+// https://docs.docker.com/reference/api/docker_remote_api/
+//
+// Authenticate Response:
+// Call authZ plugins with full info about current REST request, REST response and AuthN response
+// The response from this method may contains content that overrides the daemon response
+// This allows authZ plugins to filter privileged content
+//
+// If multiple authZ plugins are specified, the block/allow decision is based on ANDing all plugin results
+// For response manipulation, the response from each plugin is piped between plugins. Plugin execution order
+// is determined according to daemon parameters
+func NewCtx(authZPlugins []Plugin, user, userAuthNMethod, requestMethod, requestURI string) *Ctx {
+	return &Ctx{
+		plugins:         authZPlugins,
+		user:            user,
+		userAuthNMethod: userAuthNMethod,
+		requestMethod:   requestMethod,
+		requestURI:      requestURI,
+	}
+}
+
+// Ctx stores a a single request-response interaction context
+type Ctx struct {
+	user            string
+	userAuthNMethod string
+	requestMethod   string
+	requestURI      string
+	plugins         []Plugin
+	// authReq stores the cached request object for the current transaction
+	authReq *Request
+}
+
+// AuthZRequest authorized the request to the docker daemon using authZ plugins
+func (ctx *Ctx) AuthZRequest(w http.ResponseWriter, r *http.Request) error {
+	var body []byte
+	if sendBody(ctx.requestURI, r.Header) && r.ContentLength > 0 && r.ContentLength < maxBodySize {
+		var err error
+		body, r.Body, err = drainBody(r.Body)
+		if err != nil {
+			return err
+		}
+	}
+
+	var h bytes.Buffer
+	if err := r.Header.Write(&h); err != nil {
+		return err
+	}
+
+	ctx.authReq = &Request{
+		User:            ctx.user,
+		UserAuthNMethod: ctx.userAuthNMethod,
+		RequestMethod:   ctx.requestMethod,
+		RequestURI:      ctx.requestURI,
+		RequestBody:     body,
+		RequestHeaders:  headers(r.Header),
+	}
+
+	for _, plugin := range ctx.plugins {
+		logrus.Debugf("AuthZ request using plugin %s", plugin.Name())
+
+		authRes, err := plugin.AuthZRequest(ctx.authReq)
+		if err != nil {
+			return fmt.Errorf("plugin %s failed with error: %s", plugin.Name(), err)
+		}
+
+		if !authRes.Allow {
+			return fmt.Errorf("authorization denied by plugin %s: %s", plugin.Name(), authRes.Msg)
+		}
+	}
+
+	return nil
+}
+
+// AuthZResponse authorized and manipulates the response from docker daemon using authZ plugins
+func (ctx *Ctx) AuthZResponse(rm ResponseModifier, r *http.Request) error {
+	ctx.authReq.ResponseStatusCode = rm.StatusCode()
+	ctx.authReq.ResponseHeaders = headers(rm.Header())
+
+	if sendBody(ctx.requestURI, rm.Header()) {
+		ctx.authReq.ResponseBody = rm.RawBody()
+	}
+
+	for _, plugin := range ctx.plugins {
+		logrus.Debugf("AuthZ response using plugin %s", plugin.Name())
+
+		authRes, err := plugin.AuthZResponse(ctx.authReq)
+		if err != nil {
+			return fmt.Errorf("plugin %s failed with error: %s", plugin.Name(), err)
+		}
+
+		if !authRes.Allow {
+			return fmt.Errorf("authorization denied by plugin %s: %s", plugin.Name(), authRes.Msg)
+		}
+	}
+
+	rm.FlushAll()
+
+	return nil
+}
+
+// drainBody dump the body (if it's length is less than 1MB) without modifying the request state
+func drainBody(body io.ReadCloser) ([]byte, io.ReadCloser, error) {
+	bufReader := bufio.NewReaderSize(body, maxBodySize)
+	newBody := ioutils.NewReadCloserWrapper(bufReader, func() error { return body.Close() })
+
+	data, err := bufReader.Peek(maxBodySize)
+	// Body size exceeds max body size
+	if err == nil {
+		logrus.Warnf("Request body is larger than: '%d' skipping body", maxBodySize)
+		return nil, newBody, nil
+	}
+	// Body size is less than maximum size
+	if err == io.EOF {
+		return data, newBody, nil
+	}
+	// Unknown error
+	return nil, newBody, err
+}
+
+// sendBody returns true when request/response body should be sent to AuthZPlugin
+func sendBody(url string, header http.Header) bool {
+	// Skip body for auth endpoint
+	if strings.HasSuffix(url, "/auth") {
+		return false
+	}
+
+	// body is sent only for text or json messages
+	return header.Get("Content-Type") == "application/json"
+}
+
+// headers returns flatten version of the http headers excluding authorization
+func headers(header http.Header) map[string]string {
+	v := make(map[string]string, 0)
+	for k, values := range header {
+		// Skip authorization headers
+		if strings.EqualFold(k, "Authorization") || strings.EqualFold(k, "X-Registry-Config") || strings.EqualFold(k, "X-Registry-Auth") {
+			continue
+		}
+		for _, val := range values {
+			v[k] = val
+		}
+	}
+	return v
+}
diff --git a/pkg/authorization/authz_unix_test.go b/pkg/authorization/authz_unix_test.go
new file mode 100644
index 00000000..1c6dc8a1
--- /dev/null
+++ b/pkg/authorization/authz_unix_test.go
@@ -0,0 +1,276 @@
+// +build !windows
+
+// TODO Windows: This uses a Unix socket for testing. This might be possible
+// to port to Windows using a named pipe instead.
+
+package authorization
+
+import (
+	"encoding/json"
+	"io/ioutil"
+	"log"
+	"net"
+	"net/http"
+	"net/http/httptest"
+	"os"
+	"path"
+	"reflect"
+	"testing"
+
+	"bytes"
+	"strings"
+
+	"github.com/docker/docker/pkg/plugins"
+	"github.com/docker/go-connections/tlsconfig"
+	"github.com/gorilla/mux"
+)
+
+const pluginAddress = "authzplugin.sock"
+
+func TestAuthZRequestPluginError(t *testing.T) {
+	server := authZPluginTestServer{t: t}
+	go server.start()
+	defer server.stop()
+
+	authZPlugin := createTestPlugin(t)
+
+	request := Request{
+		User:           "user",
+		RequestBody:    []byte("sample body"),
+		RequestURI:     "www.authz.com",
+		RequestMethod:  "GET",
+		RequestHeaders: map[string]string{"header": "value"},
+	}
+	server.replayResponse = Response{
+		Err: "an error",
+	}
+
+	actualResponse, err := authZPlugin.AuthZRequest(&request)
+	if err != nil {
+		t.Fatalf("Failed to authorize request %v", err)
+	}
+
+	if !reflect.DeepEqual(server.replayResponse, *actualResponse) {
+		t.Fatalf("Response must be equal")
+	}
+	if !reflect.DeepEqual(request, server.recordedRequest) {
+		t.Fatalf("Requests must be equal")
+	}
+}
+
+func TestAuthZRequestPlugin(t *testing.T) {
+	server := authZPluginTestServer{t: t}
+	go server.start()
+	defer server.stop()
+
+	authZPlugin := createTestPlugin(t)
+
+	request := Request{
+		User:           "user",
+		RequestBody:    []byte("sample body"),
+		RequestURI:     "www.authz.com",
+		RequestMethod:  "GET",
+		RequestHeaders: map[string]string{"header": "value"},
+	}
+	server.replayResponse = Response{
+		Allow: true,
+		Msg:   "Sample message",
+	}
+
+	actualResponse, err := authZPlugin.AuthZRequest(&request)
+	if err != nil {
+		t.Fatalf("Failed to authorize request %v", err)
+	}
+
+	if !reflect.DeepEqual(server.replayResponse, *actualResponse) {
+		t.Fatalf("Response must be equal")
+	}
+	if !reflect.DeepEqual(request, server.recordedRequest) {
+		t.Fatalf("Requests must be equal")
+	}
+}
+
+func TestAuthZResponsePlugin(t *testing.T) {
+	server := authZPluginTestServer{t: t}
+	go server.start()
+	defer server.stop()
+
+	authZPlugin := createTestPlugin(t)
+
+	request := Request{
+		User:        "user",
+		RequestBody: []byte("sample body"),
+	}
+	server.replayResponse = Response{
+		Allow: true,
+		Msg:   "Sample message",
+	}
+
+	actualResponse, err := authZPlugin.AuthZResponse(&request)
+	if err != nil {
+		t.Fatalf("Failed to authorize request %v", err)
+	}
+
+	if !reflect.DeepEqual(server.replayResponse, *actualResponse) {
+		t.Fatalf("Response must be equal")
+	}
+	if !reflect.DeepEqual(request, server.recordedRequest) {
+		t.Fatalf("Requests must be equal")
+	}
+}
+
+func TestResponseModifier(t *testing.T) {
+	r := httptest.NewRecorder()
+	m := NewResponseModifier(r)
+	m.Header().Set("h1", "v1")
+	m.Write([]byte("body"))
+	m.WriteHeader(500)
+
+	m.FlushAll()
+	if r.Header().Get("h1") != "v1" {
+		t.Fatalf("Header value must exists %s", r.Header().Get("h1"))
+	}
+	if !reflect.DeepEqual(r.Body.Bytes(), []byte("body")) {
+		t.Fatalf("Body value must exists %s", r.Body.Bytes())
+	}
+	if r.Code != 500 {
+		t.Fatalf("Status code must be correct %d", r.Code)
+	}
+}
+
+func TestDrainBody(t *testing.T) {
+
+	tests := []struct {
+		length             int // length is the message length send to drainBody
+		expectedBodyLength int // expectedBodyLength is the expected body length after drainBody is called
+	}{
+		{10, 10}, // Small message size
+		{maxBodySize - 1, maxBodySize - 1}, // Max message size
+		{maxBodySize * 2, 0},               // Large message size (skip copying body)
+
+	}
+
+	for _, test := range tests {
+
+		msg := strings.Repeat("a", test.length)
+		body, closer, err := drainBody(ioutil.NopCloser(bytes.NewReader([]byte(msg))))
+		if len(body) != test.expectedBodyLength {
+			t.Fatalf("Body must be copied, actual length: '%d'", len(body))
+		}
+		if closer == nil {
+			t.Fatalf("Closer must not be nil")
+		}
+		if err != nil {
+			t.Fatalf("Error must not be nil: '%v'", err)
+		}
+		modified, err := ioutil.ReadAll(closer)
+		if err != nil {
+			t.Fatalf("Error must not be nil: '%v'", err)
+		}
+		if len(modified) != len(msg) {
+			t.Fatalf("Result should not be truncated. Original length: '%d', new length: '%d'", len(msg), len(modified))
+		}
+	}
+}
+
+func TestResponseModifierOverride(t *testing.T) {
+	r := httptest.NewRecorder()
+	m := NewResponseModifier(r)
+	m.Header().Set("h1", "v1")
+	m.Write([]byte("body"))
+	m.WriteHeader(500)
+
+	overrideHeader := make(http.Header)
+	overrideHeader.Add("h1", "v2")
+	overrideHeaderBytes, err := json.Marshal(overrideHeader)
+	if err != nil {
+		t.Fatalf("override header failed %v", err)
+	}
+
+	m.OverrideHeader(overrideHeaderBytes)
+	m.OverrideBody([]byte("override body"))
+	m.OverrideStatusCode(404)
+	m.FlushAll()
+	if r.Header().Get("h1") != "v2" {
+		t.Fatalf("Header value must exists %s", r.Header().Get("h1"))
+	}
+	if !reflect.DeepEqual(r.Body.Bytes(), []byte("override body")) {
+		t.Fatalf("Body value must exists %s", r.Body.Bytes())
+	}
+	if r.Code != 404 {
+		t.Fatalf("Status code must be correct %d", r.Code)
+	}
+}
+
+// createTestPlugin creates a new sample authorization plugin
+func createTestPlugin(t *testing.T) *authorizationPlugin {
+	plugin := &plugins.Plugin{Name: "authz"}
+	pwd, err := os.Getwd()
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	plugin.Client, err = plugins.NewClient("unix:///"+path.Join(pwd, pluginAddress), tlsconfig.Options{InsecureSkipVerify: true})
+	if err != nil {
+		t.Fatalf("Failed to create client %v", err)
+	}
+
+	return &authorizationPlugin{name: "plugin", plugin: plugin}
+}
+
+// AuthZPluginTestServer is a simple server that implements the authZ plugin interface
+type authZPluginTestServer struct {
+	listener net.Listener
+	t        *testing.T
+	// request stores the request sent from the daemon to the plugin
+	recordedRequest Request
+	// response stores the response sent from the plugin to the daemon
+	replayResponse Response
+}
+
+// start starts the test server that implements the plugin
+func (t *authZPluginTestServer) start() {
+	r := mux.NewRouter()
+	os.Remove(pluginAddress)
+	l, err := net.ListenUnix("unix", &net.UnixAddr{Name: pluginAddress, Net: "unix"})
+	if err != nil {
+		t.t.Fatalf("Failed to listen %v", err)
+	}
+	t.listener = l
+
+	r.HandleFunc("/Plugin.Activate", t.activate)
+	r.HandleFunc("/"+AuthZApiRequest, t.auth)
+	r.HandleFunc("/"+AuthZApiResponse, t.auth)
+	t.listener, _ = net.Listen("tcp", pluginAddress)
+	server := http.Server{Handler: r, Addr: pluginAddress}
+	server.Serve(l)
+}
+
+// stop stops the test server that implements the plugin
+func (t *authZPluginTestServer) stop() {
+	os.Remove(pluginAddress)
+	if t.listener != nil {
+		t.listener.Close()
+	}
+}
+
+// auth is a used to record/replay the authentication api messages
+func (t *authZPluginTestServer) auth(w http.ResponseWriter, r *http.Request) {
+	t.recordedRequest = Request{}
+	defer r.Body.Close()
+	body, err := ioutil.ReadAll(r.Body)
+	json.Unmarshal(body, &t.recordedRequest)
+	b, err := json.Marshal(t.replayResponse)
+	if err != nil {
+		log.Fatal(err)
+	}
+	w.Write(b)
+}
+
+func (t *authZPluginTestServer) activate(w http.ResponseWriter, r *http.Request) {
+	b, err := json.Marshal(plugins.Manifest{Implements: []string{AuthZApiImplements}})
+	if err != nil {
+		log.Fatal(err)
+	}
+	w.Write(b)
+}
diff --git a/pkg/authorization/plugin.go b/pkg/authorization/plugin.go
new file mode 100644
index 00000000..1b65ac0a
--- /dev/null
+++ b/pkg/authorization/plugin.go
@@ -0,0 +1,83 @@
+package authorization
+
+import "github.com/docker/docker/pkg/plugins"
+
+// Plugin allows third party plugins to authorize requests and responses
+// in the context of docker API
+type Plugin interface {
+	// Name returns the registered plugin name
+	Name() string
+
+	// AuthZRequest authorize the request from the client to the daemon
+	AuthZRequest(*Request) (*Response, error)
+
+	// AuthZResponse authorize the response from the daemon to the client
+	AuthZResponse(*Request) (*Response, error)
+}
+
+// NewPlugins constructs and initialize the authorization plugins based on plugin names
+func NewPlugins(names []string) []Plugin {
+	plugins := []Plugin{}
+	pluginsMap := make(map[string]struct{})
+	for _, name := range names {
+		if _, ok := pluginsMap[name]; ok {
+			continue
+		}
+		pluginsMap[name] = struct{}{}
+		plugins = append(plugins, newAuthorizationPlugin(name))
+	}
+	return plugins
+}
+
+// authorizationPlugin is an internal adapter to docker plugin system
+type authorizationPlugin struct {
+	plugin *plugins.Plugin
+	name   string
+}
+
+func newAuthorizationPlugin(name string) Plugin {
+	return &authorizationPlugin{name: name}
+}
+
+func (a *authorizationPlugin) Name() string {
+	return a.name
+}
+
+func (a *authorizationPlugin) AuthZRequest(authReq *Request) (*Response, error) {
+	if err := a.initPlugin(); err != nil {
+		return nil, err
+	}
+
+	authRes := &Response{}
+	if err := a.plugin.Client.Call(AuthZApiRequest, authReq, authRes); err != nil {
+		return nil, err
+	}
+
+	return authRes, nil
+}
+
+func (a *authorizationPlugin) AuthZResponse(authReq *Request) (*Response, error) {
+	if err := a.initPlugin(); err != nil {
+		return nil, err
+	}
+
+	authRes := &Response{}
+	if err := a.plugin.Client.Call(AuthZApiResponse, authReq, authRes); err != nil {
+		return nil, err
+	}
+
+	return authRes, nil
+}
+
+// initPlugin initialize the authorization plugin if needed
+func (a *authorizationPlugin) initPlugin() error {
+	// Lazy loading of plugins
+	if a.plugin == nil {
+		var err error
+		a.plugin, err = plugins.Get(a.name, AuthZApiImplements)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
diff --git a/pkg/authorization/response.go b/pkg/authorization/response.go
new file mode 100644
index 00000000..245a0ef7
--- /dev/null
+++ b/pkg/authorization/response.go
@@ -0,0 +1,203 @@
+package authorization
+
+import (
+	"bufio"
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"github.com/Sirupsen/logrus"
+	"net"
+	"net/http"
+)
+
+// ResponseModifier allows authorization plugins to read and modify the content of the http.response
+type ResponseModifier interface {
+	http.ResponseWriter
+	http.Flusher
+	http.CloseNotifier
+
+	// RawBody returns the current http content
+	RawBody() []byte
+
+	// RawHeaders returns the current content of the http headers
+	RawHeaders() ([]byte, error)
+
+	// StatusCode returns the current status code
+	StatusCode() int
+
+	// OverrideBody replace the body of the HTTP reply
+	OverrideBody(b []byte)
+
+	// OverrideHeader replace the headers of the HTTP reply
+	OverrideHeader(b []byte) error
+
+	// OverrideStatusCode replaces the status code of the HTTP reply
+	OverrideStatusCode(statusCode int)
+
+	// Flush flushes all data to the HTTP response
+	FlushAll() error
+
+	// Hijacked indicates the response has been hijacked by the Docker daemon
+	Hijacked() bool
+}
+
+// NewResponseModifier creates a wrapper to an http.ResponseWriter to allow inspecting and modifying the content
+func NewResponseModifier(rw http.ResponseWriter) ResponseModifier {
+	return &responseModifier{rw: rw, header: make(http.Header)}
+}
+
+// responseModifier is used as an adapter to http.ResponseWriter in order to manipulate and explore
+// the http request/response from docker daemon
+type responseModifier struct {
+	// The original response writer
+	rw http.ResponseWriter
+
+	r *http.Request
+
+	status int
+	// body holds the response body
+	body []byte
+	// header holds the response header
+	header http.Header
+	// statusCode holds the response status code
+	statusCode int
+	// hijacked indicates the request has been hijacked
+	hijacked bool
+}
+
+func (rm *responseModifier) Hijacked() bool {
+	return rm.hijacked
+}
+
+// WriterHeader stores the http status code
+func (rm *responseModifier) WriteHeader(s int) {
+
+	// Use original request if hijacked
+	if rm.hijacked {
+		rm.rw.WriteHeader(s)
+		return
+	}
+
+	rm.statusCode = s
+}
+
+// Header returns the internal http header
+func (rm *responseModifier) Header() http.Header {
+
+	// Use original header if hijacked
+	if rm.hijacked {
+		return rm.rw.Header()
+	}
+
+	return rm.header
+}
+
+// Header returns the internal http header
+func (rm *responseModifier) StatusCode() int {
+	return rm.statusCode
+}
+
+// Override replace the body of the HTTP reply
+func (rm *responseModifier) OverrideBody(b []byte) {
+	rm.body = b
+}
+
+func (rm *responseModifier) OverrideStatusCode(statusCode int) {
+	rm.statusCode = statusCode
+}
+
+// Override replace the headers of the HTTP reply
+func (rm *responseModifier) OverrideHeader(b []byte) error {
+	header := http.Header{}
+	if err := json.Unmarshal(b, &header); err != nil {
+		return err
+	}
+	rm.header = header
+	return nil
+}
+
+// Write stores the byte array inside content
+func (rm *responseModifier) Write(b []byte) (int, error) {
+
+	if rm.hijacked {
+		return rm.rw.Write(b)
+	}
+
+	rm.body = append(rm.body, b...)
+	return len(b), nil
+}
+
+// Body returns the response body
+func (rm *responseModifier) RawBody() []byte {
+	return rm.body
+}
+
+func (rm *responseModifier) RawHeaders() ([]byte, error) {
+	var b bytes.Buffer
+	if err := rm.header.Write(&b); err != nil {
+		return nil, err
+	}
+	return b.Bytes(), nil
+}
+
+// Hijack returns the internal connection of the wrapped http.ResponseWriter
+func (rm *responseModifier) Hijack() (net.Conn, *bufio.ReadWriter, error) {
+
+	rm.hijacked = true
+	rm.FlushAll()
+
+	hijacker, ok := rm.rw.(http.Hijacker)
+	if !ok {
+		return nil, nil, fmt.Errorf("Internal response writer doesn't support the Hijacker interface")
+	}
+	return hijacker.Hijack()
+}
+
+// CloseNotify uses the internal close notify API of the wrapped http.ResponseWriter
+func (rm *responseModifier) CloseNotify() <-chan bool {
+	closeNotifier, ok := rm.rw.(http.CloseNotifier)
+	if !ok {
+		logrus.Errorf("Internal response writer doesn't support the CloseNotifier interface")
+		return nil
+	}
+	return closeNotifier.CloseNotify()
+}
+
+// Flush uses the internal flush API of the wrapped http.ResponseWriter
+func (rm *responseModifier) Flush() {
+	flusher, ok := rm.rw.(http.Flusher)
+	if !ok {
+		logrus.Errorf("Internal response writer doesn't support the Flusher interface")
+		return
+	}
+
+	rm.FlushAll()
+	flusher.Flush()
+}
+
+// FlushAll flushes all data to the HTTP response
+func (rm *responseModifier) FlushAll() error {
+	// Copy the status code
+	if rm.statusCode > 0 {
+		rm.rw.WriteHeader(rm.statusCode)
+	}
+
+	// Copy the header
+	for k, vv := range rm.header {
+		for _, v := range vv {
+			rm.rw.Header().Add(k, v)
+		}
+	}
+
+	var err error
+	if len(rm.body) > 0 {
+		// Write body
+		_, err = rm.rw.Write(rm.body)
+	}
+
+	// Clean previous data
+	rm.body = nil
+	rm.statusCode = 0
+	rm.header = http.Header{}
+	return err
+}
diff --git a/pkg/broadcaster/unbuffered.go b/pkg/broadcaster/unbuffered.go
new file mode 100644
index 00000000..784d65d6
--- /dev/null
+++ b/pkg/broadcaster/unbuffered.go
@@ -0,0 +1,49 @@
+package broadcaster
+
+import (
+	"io"
+	"sync"
+)
+
+// Unbuffered accumulates multiple io.WriteCloser by stream.
+type Unbuffered struct {
+	mu      sync.Mutex
+	writers []io.WriteCloser
+}
+
+// Add adds new io.WriteCloser.
+func (w *Unbuffered) Add(writer io.WriteCloser) {
+	w.mu.Lock()
+	w.writers = append(w.writers, writer)
+	w.mu.Unlock()
+}
+
+// Write writes bytes to all writers. Failed writers will be evicted during
+// this call.
+func (w *Unbuffered) Write(p []byte) (n int, err error) {
+	w.mu.Lock()
+	var evict []int
+	for i, sw := range w.writers {
+		if n, err := sw.Write(p); err != nil || n != len(p) {
+			// On error, evict the writer
+			evict = append(evict, i)
+		}
+	}
+	for n, i := range evict {
+		w.writers = append(w.writers[:i-n], w.writers[i-n+1:]...)
+	}
+	w.mu.Unlock()
+	return len(p), nil
+}
+
+// Clean closes and removes all writers. Last non-eol-terminated part of data
+// will be saved.
+func (w *Unbuffered) Clean() error {
+	w.mu.Lock()
+	for _, sw := range w.writers {
+		sw.Close()
+	}
+	w.writers = nil
+	w.mu.Unlock()
+	return nil
+}
diff --git a/pkg/broadcaster/unbuffered_test.go b/pkg/broadcaster/unbuffered_test.go
new file mode 100644
index 00000000..9f8e72bc
--- /dev/null
+++ b/pkg/broadcaster/unbuffered_test.go
@@ -0,0 +1,162 @@
+package broadcaster
+
+import (
+	"bytes"
+	"errors"
+	"strings"
+
+	"testing"
+)
+
+type dummyWriter struct {
+	buffer      bytes.Buffer
+	failOnWrite bool
+}
+
+func (dw *dummyWriter) Write(p []byte) (n int, err error) {
+	if dw.failOnWrite {
+		return 0, errors.New("Fake fail")
+	}
+	return dw.buffer.Write(p)
+}
+
+func (dw *dummyWriter) String() string {
+	return dw.buffer.String()
+}
+
+func (dw *dummyWriter) Close() error {
+	return nil
+}
+
+func TestUnbuffered(t *testing.T) {
+	writer := new(Unbuffered)
+
+	// Test 1: Both bufferA and bufferB should contain "foo"
+	bufferA := &dummyWriter{}
+	writer.Add(bufferA)
+	bufferB := &dummyWriter{}
+	writer.Add(bufferB)
+	writer.Write([]byte("foo"))
+
+	if bufferA.String() != "foo" {
+		t.Errorf("Buffer contains %v", bufferA.String())
+	}
+
+	if bufferB.String() != "foo" {
+		t.Errorf("Buffer contains %v", bufferB.String())
+	}
+
+	// Test2: bufferA and bufferB should contain "foobar",
+	// while bufferC should only contain "bar"
+	bufferC := &dummyWriter{}
+	writer.Add(bufferC)
+	writer.Write([]byte("bar"))
+
+	if bufferA.String() != "foobar" {
+		t.Errorf("Buffer contains %v", bufferA.String())
+	}
+
+	if bufferB.String() != "foobar" {
+		t.Errorf("Buffer contains %v", bufferB.String())
+	}
+
+	if bufferC.String() != "bar" {
+		t.Errorf("Buffer contains %v", bufferC.String())
+	}
+
+	// Test3: Test eviction on failure
+	bufferA.failOnWrite = true
+	writer.Write([]byte("fail"))
+	if bufferA.String() != "foobar" {
+		t.Errorf("Buffer contains %v", bufferA.String())
+	}
+	if bufferC.String() != "barfail" {
+		t.Errorf("Buffer contains %v", bufferC.String())
+	}
+	// Even though we reset the flag, no more writes should go in there
+	bufferA.failOnWrite = false
+	writer.Write([]byte("test"))
+	if bufferA.String() != "foobar" {
+		t.Errorf("Buffer contains %v", bufferA.String())
+	}
+	if bufferC.String() != "barfailtest" {
+		t.Errorf("Buffer contains %v", bufferC.String())
+	}
+
+	// Test4: Test eviction on multiple simultaneous failures
+	bufferB.failOnWrite = true
+	bufferC.failOnWrite = true
+	bufferD := &dummyWriter{}
+	writer.Add(bufferD)
+	writer.Write([]byte("yo"))
+	writer.Write([]byte("ink"))
+	if strings.Contains(bufferB.String(), "yoink") {
+		t.Errorf("bufferB received write. contents: %q", bufferB)
+	}
+	if strings.Contains(bufferC.String(), "yoink") {
+		t.Errorf("bufferC received write. contents: %q", bufferC)
+	}
+	if g, w := bufferD.String(), "yoink"; g != w {
+		t.Errorf("bufferD = %q, want %q", g, w)
+	}
+
+	writer.Clean()
+}
+
+type devNullCloser int
+
+func (d devNullCloser) Close() error {
+	return nil
+}
+
+func (d devNullCloser) Write(buf []byte) (int, error) {
+	return len(buf), nil
+}
+
+// This test checks for races. It is only useful when run with the race detector.
+func TestRaceUnbuffered(t *testing.T) {
+	writer := new(Unbuffered)
+	c := make(chan bool)
+	go func() {
+		writer.Add(devNullCloser(0))
+		c <- true
+	}()
+	writer.Write([]byte("hello"))
+	<-c
+}
+
+func BenchmarkUnbuffered(b *testing.B) {
+	writer := new(Unbuffered)
+	setUpWriter := func() {
+		for i := 0; i < 100; i++ {
+			writer.Add(devNullCloser(0))
+			writer.Add(devNullCloser(0))
+			writer.Add(devNullCloser(0))
+		}
+	}
+	testLine := "Line that thinks that it is log line from docker"
+	var buf bytes.Buffer
+	for i := 0; i < 100; i++ {
+		buf.Write([]byte(testLine + "\n"))
+	}
+	// line without eol
+	buf.Write([]byte(testLine))
+	testText := buf.Bytes()
+	b.SetBytes(int64(5 * len(testText)))
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		b.StopTimer()
+		setUpWriter()
+		b.StartTimer()
+
+		for j := 0; j < 5; j++ {
+			if _, err := writer.Write(testText); err != nil {
+				b.Fatal(err)
+			}
+		}
+
+		b.StopTimer()
+		writer.Clean()
+		b.StartTimer()
+	}
+}
diff --git a/pkg/chrootarchive/archive.go b/pkg/chrootarchive/archive.go
new file mode 100644
index 00000000..a7814f5b
--- /dev/null
+++ b/pkg/chrootarchive/archive.go
@@ -0,0 +1,97 @@
+package chrootarchive
+
+import (
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/idtools"
+)
+
+var chrootArchiver = &archive.Archiver{Untar: Untar}
+
+// Untar reads a stream of bytes from `archive`, parses it as a tar archive,
+// and unpacks it into the directory at `dest`.
+// The archive may be compressed with one of the following algorithms:
+//  identity (uncompressed), gzip, bzip2, xz.
+func Untar(tarArchive io.Reader, dest string, options *archive.TarOptions) error {
+	return untarHandler(tarArchive, dest, options, true)
+}
+
+// UntarUncompressed reads a stream of bytes from `archive`, parses it as a tar archive,
+// and unpacks it into the directory at `dest`.
+// The archive must be an uncompressed stream.
+func UntarUncompressed(tarArchive io.Reader, dest string, options *archive.TarOptions) error {
+	return untarHandler(tarArchive, dest, options, false)
+}
+
+// Handler for teasing out the automatic decompression
+func untarHandler(tarArchive io.Reader, dest string, options *archive.TarOptions, decompress bool) error {
+
+	if tarArchive == nil {
+		return fmt.Errorf("Empty archive")
+	}
+	if options == nil {
+		options = &archive.TarOptions{}
+	}
+	if options.ExcludePatterns == nil {
+		options.ExcludePatterns = []string{}
+	}
+
+	rootUID, rootGID, err := idtools.GetRootUIDGID(options.UIDMaps, options.GIDMaps)
+	if err != nil {
+		return err
+	}
+
+	dest = filepath.Clean(dest)
+	if _, err := os.Stat(dest); os.IsNotExist(err) {
+		if err := idtools.MkdirAllNewAs(dest, 0755, rootUID, rootGID); err != nil {
+			return err
+		}
+	}
+
+	r := ioutil.NopCloser(tarArchive)
+	if decompress {
+		decompressedArchive, err := archive.DecompressStream(tarArchive)
+		if err != nil {
+			return err
+		}
+		defer decompressedArchive.Close()
+		r = decompressedArchive
+	}
+
+	return invokeUnpack(r, dest, options)
+}
+
+// TarUntar is a convenience function which calls Tar and Untar, with the output of one piped into the other.
+// If either Tar or Untar fails, TarUntar aborts and returns the error.
+func TarUntar(src, dst string) error {
+	return chrootArchiver.TarUntar(src, dst)
+}
+
+// CopyWithTar creates a tar archive of filesystem path `src`, and
+// unpacks it at filesystem path `dst`.
+// The archive is streamed directly with fixed buffering and no
+// intermediary disk IO.
+func CopyWithTar(src, dst string) error {
+	return chrootArchiver.CopyWithTar(src, dst)
+}
+
+// CopyFileWithTar emulates the behavior of the 'cp' command-line
+// for a single file. It copies a regular file from path `src` to
+// path `dst`, and preserves all its metadata.
+//
+// If `dst` ends with a trailing slash '/' ('\' on Windows), the final
+// destination path will be `dst/base(src)` or `dst\base(src)`
+func CopyFileWithTar(src, dst string) (err error) {
+	return chrootArchiver.CopyFileWithTar(src, dst)
+}
+
+// UntarPath is a convenience function which looks for an archive
+// at filesystem path `src`, and unpacks it at `dst`.
+func UntarPath(src, dst string) error {
+	return chrootArchiver.UntarPath(src, dst)
+}
diff --git a/pkg/chrootarchive/archive_test.go b/pkg/chrootarchive/archive_test.go
new file mode 100644
index 00000000..5fbe2084
--- /dev/null
+++ b/pkg/chrootarchive/archive_test.go
@@ -0,0 +1,394 @@
+package chrootarchive
+
+import (
+	"bytes"
+	"fmt"
+	"hash/crc32"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"runtime"
+	"strings"
+	"testing"
+	"time"
+
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/reexec"
+	"github.com/docker/docker/pkg/system"
+)
+
+func init() {
+	reexec.Init()
+}
+
+func TestChrootTarUntar(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "docker-TestChrootTarUntar")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	src := filepath.Join(tmpdir, "src")
+	if err := system.MkdirAll(src, 0700); err != nil {
+		t.Fatal(err)
+	}
+	if err := ioutil.WriteFile(filepath.Join(src, "toto"), []byte("hello toto"), 0644); err != nil {
+		t.Fatal(err)
+	}
+	if err := ioutil.WriteFile(filepath.Join(src, "lolo"), []byte("hello lolo"), 0644); err != nil {
+		t.Fatal(err)
+	}
+	stream, err := archive.Tar(src, archive.Uncompressed)
+	if err != nil {
+		t.Fatal(err)
+	}
+	dest := filepath.Join(tmpdir, "src")
+	if err := system.MkdirAll(dest, 0700); err != nil {
+		t.Fatal(err)
+	}
+	if err := Untar(stream, dest, &archive.TarOptions{ExcludePatterns: []string{"lolo"}}); err != nil {
+		t.Fatal(err)
+	}
+}
+
+// gh#10426: Verify the fix for having a huge excludes list (like on `docker load` with large # of
+// local images)
+func TestChrootUntarWithHugeExcludesList(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "docker-TestChrootUntarHugeExcludes")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	src := filepath.Join(tmpdir, "src")
+	if err := system.MkdirAll(src, 0700); err != nil {
+		t.Fatal(err)
+	}
+	if err := ioutil.WriteFile(filepath.Join(src, "toto"), []byte("hello toto"), 0644); err != nil {
+		t.Fatal(err)
+	}
+	stream, err := archive.Tar(src, archive.Uncompressed)
+	if err != nil {
+		t.Fatal(err)
+	}
+	dest := filepath.Join(tmpdir, "dest")
+	if err := system.MkdirAll(dest, 0700); err != nil {
+		t.Fatal(err)
+	}
+	options := &archive.TarOptions{}
+	//65534 entries of 64-byte strings ~= 4MB of environment space which should overflow
+	//on most systems when passed via environment or command line arguments
+	excludes := make([]string, 65534, 65534)
+	for i := 0; i < 65534; i++ {
+		excludes[i] = strings.Repeat(string(i), 64)
+	}
+	options.ExcludePatterns = excludes
+	if err := Untar(stream, dest, options); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestChrootUntarEmptyArchive(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "docker-TestChrootUntarEmptyArchive")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	if err := Untar(nil, tmpdir, nil); err == nil {
+		t.Fatal("expected error on empty archive")
+	}
+}
+
+func prepareSourceDirectory(numberOfFiles int, targetPath string, makeSymLinks bool) (int, error) {
+	fileData := []byte("fooo")
+	for n := 0; n < numberOfFiles; n++ {
+		fileName := fmt.Sprintf("file-%d", n)
+		if err := ioutil.WriteFile(filepath.Join(targetPath, fileName), fileData, 0700); err != nil {
+			return 0, err
+		}
+		if makeSymLinks {
+			if err := os.Symlink(filepath.Join(targetPath, fileName), filepath.Join(targetPath, fileName+"-link")); err != nil {
+				return 0, err
+			}
+		}
+	}
+	totalSize := numberOfFiles * len(fileData)
+	return totalSize, nil
+}
+
+func getHash(filename string) (uint32, error) {
+	stream, err := ioutil.ReadFile(filename)
+	if err != nil {
+		return 0, err
+	}
+	hash := crc32.NewIEEE()
+	hash.Write(stream)
+	return hash.Sum32(), nil
+}
+
+func compareDirectories(src string, dest string) error {
+	changes, err := archive.ChangesDirs(dest, src)
+	if err != nil {
+		return err
+	}
+	if len(changes) > 0 {
+		return fmt.Errorf("Unexpected differences after untar: %v", changes)
+	}
+	return nil
+}
+
+func compareFiles(src string, dest string) error {
+	srcHash, err := getHash(src)
+	if err != nil {
+		return err
+	}
+	destHash, err := getHash(dest)
+	if err != nil {
+		return err
+	}
+	if srcHash != destHash {
+		return fmt.Errorf("%s is different from %s", src, dest)
+	}
+	return nil
+}
+
+func TestChrootTarUntarWithSymlink(t *testing.T) {
+	// TODO Windows: Figure out why this is failing
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+	tmpdir, err := ioutil.TempDir("", "docker-TestChrootTarUntarWithSymlink")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	src := filepath.Join(tmpdir, "src")
+	if err := system.MkdirAll(src, 0700); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := prepareSourceDirectory(10, src, true); err != nil {
+		t.Fatal(err)
+	}
+	dest := filepath.Join(tmpdir, "dest")
+	if err := TarUntar(src, dest); err != nil {
+		t.Fatal(err)
+	}
+	if err := compareDirectories(src, dest); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestChrootCopyWithTar(t *testing.T) {
+	// TODO Windows: Figure out why this is failing
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+	tmpdir, err := ioutil.TempDir("", "docker-TestChrootCopyWithTar")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	src := filepath.Join(tmpdir, "src")
+	if err := system.MkdirAll(src, 0700); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := prepareSourceDirectory(10, src, true); err != nil {
+		t.Fatal(err)
+	}
+
+	// Copy directory
+	dest := filepath.Join(tmpdir, "dest")
+	if err := CopyWithTar(src, dest); err != nil {
+		t.Fatal(err)
+	}
+	if err := compareDirectories(src, dest); err != nil {
+		t.Fatal(err)
+	}
+
+	// Copy file
+	srcfile := filepath.Join(src, "file-1")
+	dest = filepath.Join(tmpdir, "destFile")
+	destfile := filepath.Join(dest, "file-1")
+	if err := CopyWithTar(srcfile, destfile); err != nil {
+		t.Fatal(err)
+	}
+	if err := compareFiles(srcfile, destfile); err != nil {
+		t.Fatal(err)
+	}
+
+	// Copy symbolic link
+	srcLinkfile := filepath.Join(src, "file-1-link")
+	dest = filepath.Join(tmpdir, "destSymlink")
+	destLinkfile := filepath.Join(dest, "file-1-link")
+	if err := CopyWithTar(srcLinkfile, destLinkfile); err != nil {
+		t.Fatal(err)
+	}
+	if err := compareFiles(srcLinkfile, destLinkfile); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestChrootCopyFileWithTar(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "docker-TestChrootCopyFileWithTar")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	src := filepath.Join(tmpdir, "src")
+	if err := system.MkdirAll(src, 0700); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := prepareSourceDirectory(10, src, true); err != nil {
+		t.Fatal(err)
+	}
+
+	// Copy directory
+	dest := filepath.Join(tmpdir, "dest")
+	if err := CopyFileWithTar(src, dest); err == nil {
+		t.Fatal("Expected error on copying directory")
+	}
+
+	// Copy file
+	srcfile := filepath.Join(src, "file-1")
+	dest = filepath.Join(tmpdir, "destFile")
+	destfile := filepath.Join(dest, "file-1")
+	if err := CopyFileWithTar(srcfile, destfile); err != nil {
+		t.Fatal(err)
+	}
+	if err := compareFiles(srcfile, destfile); err != nil {
+		t.Fatal(err)
+	}
+
+	// Copy symbolic link
+	srcLinkfile := filepath.Join(src, "file-1-link")
+	dest = filepath.Join(tmpdir, "destSymlink")
+	destLinkfile := filepath.Join(dest, "file-1-link")
+	if err := CopyFileWithTar(srcLinkfile, destLinkfile); err != nil {
+		t.Fatal(err)
+	}
+	if err := compareFiles(srcLinkfile, destLinkfile); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestChrootUntarPath(t *testing.T) {
+	// TODO Windows: Figure out why this is failing
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows")
+	}
+	tmpdir, err := ioutil.TempDir("", "docker-TestChrootUntarPath")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	src := filepath.Join(tmpdir, "src")
+	if err := system.MkdirAll(src, 0700); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := prepareSourceDirectory(10, src, true); err != nil {
+		t.Fatal(err)
+	}
+	dest := filepath.Join(tmpdir, "dest")
+	// Untar a directory
+	if err := UntarPath(src, dest); err == nil {
+		t.Fatal("Expected error on untaring a directory")
+	}
+
+	// Untar a tar file
+	stream, err := archive.Tar(src, archive.Uncompressed)
+	if err != nil {
+		t.Fatal(err)
+	}
+	buf := new(bytes.Buffer)
+	buf.ReadFrom(stream)
+	tarfile := filepath.Join(tmpdir, "src.tar")
+	if err := ioutil.WriteFile(tarfile, buf.Bytes(), 0644); err != nil {
+		t.Fatal(err)
+	}
+	if err := UntarPath(tarfile, dest); err != nil {
+		t.Fatal(err)
+	}
+	if err := compareDirectories(src, dest); err != nil {
+		t.Fatal(err)
+	}
+}
+
+type slowEmptyTarReader struct {
+	size      int
+	offset    int
+	chunkSize int
+}
+
+// Read is a slow reader of an empty tar (like the output of "tar c --files-from /dev/null")
+func (s *slowEmptyTarReader) Read(p []byte) (int, error) {
+	time.Sleep(100 * time.Millisecond)
+	count := s.chunkSize
+	if len(p) < s.chunkSize {
+		count = len(p)
+	}
+	for i := 0; i < count; i++ {
+		p[i] = 0
+	}
+	s.offset += count
+	if s.offset > s.size {
+		return count, io.EOF
+	}
+	return count, nil
+}
+
+func TestChrootUntarEmptyArchiveFromSlowReader(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "docker-TestChrootUntarEmptyArchiveFromSlowReader")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	dest := filepath.Join(tmpdir, "dest")
+	if err := system.MkdirAll(dest, 0700); err != nil {
+		t.Fatal(err)
+	}
+	stream := &slowEmptyTarReader{size: 10240, chunkSize: 1024}
+	if err := Untar(stream, dest, nil); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestChrootApplyEmptyArchiveFromSlowReader(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "docker-TestChrootApplyEmptyArchiveFromSlowReader")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	dest := filepath.Join(tmpdir, "dest")
+	if err := system.MkdirAll(dest, 0700); err != nil {
+		t.Fatal(err)
+	}
+	stream := &slowEmptyTarReader{size: 10240, chunkSize: 1024}
+	if _, err := ApplyLayer(dest, stream); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestChrootApplyDotDotFile(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "docker-TestChrootApplyDotDotFile")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	src := filepath.Join(tmpdir, "src")
+	if err := system.MkdirAll(src, 0700); err != nil {
+		t.Fatal(err)
+	}
+	if err := ioutil.WriteFile(filepath.Join(src, "..gitme"), []byte(""), 0644); err != nil {
+		t.Fatal(err)
+	}
+	stream, err := archive.Tar(src, archive.Uncompressed)
+	if err != nil {
+		t.Fatal(err)
+	}
+	dest := filepath.Join(tmpdir, "dest")
+	if err := system.MkdirAll(dest, 0700); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := ApplyLayer(dest, stream); err != nil {
+		t.Fatal(err)
+	}
+}
diff --git a/pkg/chrootarchive/archive_unix.go b/pkg/chrootarchive/archive_unix.go
new file mode 100644
index 00000000..9b268566
--- /dev/null
+++ b/pkg/chrootarchive/archive_unix.go
@@ -0,0 +1,94 @@
+// +build !windows
+
+package chrootarchive
+
+import (
+	"bytes"
+	"encoding/json"
+	"flag"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"runtime"
+	"syscall"
+
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/reexec"
+)
+
+func chroot(path string) error {
+	if err := syscall.Chroot(path); err != nil {
+		return err
+	}
+	return syscall.Chdir("/")
+}
+
+// untar is the entry-point for docker-untar on re-exec. This is not used on
+// Windows as it does not support chroot, hence no point sandboxing through
+// chroot and rexec.
+func untar() {
+	runtime.LockOSThread()
+	flag.Parse()
+
+	var options *archive.TarOptions
+
+	//read the options from the pipe "ExtraFiles"
+	if err := json.NewDecoder(os.NewFile(3, "options")).Decode(&options); err != nil {
+		fatal(err)
+	}
+
+	if err := chroot(flag.Arg(0)); err != nil {
+		fatal(err)
+	}
+
+	if err := archive.Unpack(os.Stdin, "/", options); err != nil {
+		fatal(err)
+	}
+	// fully consume stdin in case it is zero padded
+	if _, err := flush(os.Stdin); err != nil {
+		fatal(err)
+	}
+
+	os.Exit(0)
+}
+
+func invokeUnpack(decompressedArchive io.Reader, dest string, options *archive.TarOptions) error {
+
+	// We can't pass a potentially large exclude list directly via cmd line
+	// because we easily overrun the kernel's max argument/environment size
+	// when the full image list is passed (e.g. when this is used by
+	// `docker load`). We will marshall the options via a pipe to the
+	// child
+	r, w, err := os.Pipe()
+	if err != nil {
+		return fmt.Errorf("Untar pipe failure: %v", err)
+	}
+
+	cmd := reexec.Command("docker-untar", dest)
+	cmd.Stdin = decompressedArchive
+
+	cmd.ExtraFiles = append(cmd.ExtraFiles, r)
+	output := bytes.NewBuffer(nil)
+	cmd.Stdout = output
+	cmd.Stderr = output
+
+	if err := cmd.Start(); err != nil {
+		return fmt.Errorf("Untar error on re-exec cmd: %v", err)
+	}
+	//write the options to the pipe for the untar exec to read
+	if err := json.NewEncoder(w).Encode(options); err != nil {
+		return fmt.Errorf("Untar json encode to pipe failed: %v", err)
+	}
+	w.Close()
+
+	if err := cmd.Wait(); err != nil {
+		// when `xz -d -c -q | docker-untar ...` failed on docker-untar side,
+		// we need to exhaust `xz`'s output, otherwise the `xz` side will be
+		// pending on write pipe forever
+		io.Copy(ioutil.Discard, decompressedArchive)
+
+		return fmt.Errorf("Untar re-exec error: %v: output: %s", err, output)
+	}
+	return nil
+}
diff --git a/pkg/chrootarchive/archive_windows.go b/pkg/chrootarchive/archive_windows.go
new file mode 100644
index 00000000..0a500ed5
--- /dev/null
+++ b/pkg/chrootarchive/archive_windows.go
@@ -0,0 +1,22 @@
+package chrootarchive
+
+import (
+	"io"
+
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/longpath"
+)
+
+// chroot is not supported by Windows
+func chroot(path string) error {
+	return nil
+}
+
+func invokeUnpack(decompressedArchive io.ReadCloser,
+	dest string,
+	options *archive.TarOptions) error {
+	// Windows is different to Linux here because Windows does not support
+	// chroot. Hence there is no point sandboxing a chrooted process to
+	// do the unpack. We call inline instead within the daemon process.
+	return archive.Unpack(decompressedArchive, longpath.AddPrefix(dest), options)
+}
diff --git a/pkg/chrootarchive/diff.go b/pkg/chrootarchive/diff.go
new file mode 100644
index 00000000..94131a6e
--- /dev/null
+++ b/pkg/chrootarchive/diff.go
@@ -0,0 +1,19 @@
+package chrootarchive
+
+import "github.com/docker/docker/pkg/archive"
+
+// ApplyLayer parses a diff in the standard layer format from `layer`,
+// and applies it to the directory `dest`. The stream `layer` can only be
+// uncompressed.
+// Returns the size in bytes of the contents of the layer.
+func ApplyLayer(dest string, layer archive.Reader) (size int64, err error) {
+	return applyLayerHandler(dest, layer, &archive.TarOptions{}, true)
+}
+
+// ApplyUncompressedLayer parses a diff in the standard layer format from
+// `layer`, and applies it to the directory `dest`. The stream `layer`
+// can only be uncompressed.
+// Returns the size in bytes of the contents of the layer.
+func ApplyUncompressedLayer(dest string, layer archive.Reader, options *archive.TarOptions) (int64, error) {
+	return applyLayerHandler(dest, layer, options, false)
+}
diff --git a/pkg/chrootarchive/diff_unix.go b/pkg/chrootarchive/diff_unix.go
new file mode 100644
index 00000000..a4adb74d
--- /dev/null
+++ b/pkg/chrootarchive/diff_unix.go
@@ -0,0 +1,120 @@
+//+build !windows
+
+package chrootarchive
+
+import (
+	"bytes"
+	"encoding/json"
+	"flag"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"runtime"
+
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/reexec"
+	"github.com/docker/docker/pkg/system"
+)
+
+type applyLayerResponse struct {
+	LayerSize int64 `json:"layerSize"`
+}
+
+// applyLayer is the entry-point for docker-applylayer on re-exec. This is not
+// used on Windows as it does not support chroot, hence no point sandboxing
+// through chroot and rexec.
+func applyLayer() {
+
+	var (
+		tmpDir  = ""
+		err     error
+		options *archive.TarOptions
+	)
+	runtime.LockOSThread()
+	flag.Parse()
+
+	if err := chroot(flag.Arg(0)); err != nil {
+		fatal(err)
+	}
+
+	// We need to be able to set any perms
+	oldmask, err := system.Umask(0)
+	defer system.Umask(oldmask)
+	if err != nil {
+		fatal(err)
+	}
+
+	if err := json.Unmarshal([]byte(os.Getenv("OPT")), &options); err != nil {
+		fatal(err)
+	}
+
+	if tmpDir, err = ioutil.TempDir("/", "temp-docker-extract"); err != nil {
+		fatal(err)
+	}
+
+	os.Setenv("TMPDIR", tmpDir)
+	size, err := archive.UnpackLayer("/", os.Stdin, options)
+	os.RemoveAll(tmpDir)
+	if err != nil {
+		fatal(err)
+	}
+
+	encoder := json.NewEncoder(os.Stdout)
+	if err := encoder.Encode(applyLayerResponse{size}); err != nil {
+		fatal(fmt.Errorf("unable to encode layerSize JSON: %s", err))
+	}
+
+	if _, err := flush(os.Stdin); err != nil {
+		fatal(err)
+	}
+
+	os.Exit(0)
+}
+
+// applyLayerHandler parses a diff in the standard layer format from `layer`, and
+// applies it to the directory `dest`. Returns the size in bytes of the
+// contents of the layer.
+func applyLayerHandler(dest string, layer archive.Reader, options *archive.TarOptions, decompress bool) (size int64, err error) {
+	dest = filepath.Clean(dest)
+	if decompress {
+		decompressed, err := archive.DecompressStream(layer)
+		if err != nil {
+			return 0, err
+		}
+		defer decompressed.Close()
+
+		layer = decompressed
+	}
+	if options == nil {
+		options = &archive.TarOptions{}
+	}
+	if options.ExcludePatterns == nil {
+		options.ExcludePatterns = []string{}
+	}
+
+	data, err := json.Marshal(options)
+	if err != nil {
+		return 0, fmt.Errorf("ApplyLayer json encode: %v", err)
+	}
+
+	cmd := reexec.Command("docker-applyLayer", dest)
+	cmd.Stdin = layer
+	cmd.Env = append(cmd.Env, fmt.Sprintf("OPT=%s", data))
+
+	outBuf, errBuf := new(bytes.Buffer), new(bytes.Buffer)
+	cmd.Stdout, cmd.Stderr = outBuf, errBuf
+
+	if err = cmd.Run(); err != nil {
+		return 0, fmt.Errorf("ApplyLayer %s stdout: %s stderr: %s", err, outBuf, errBuf)
+	}
+
+	// Stdout should be a valid JSON struct representing an applyLayerResponse.
+	response := applyLayerResponse{}
+	decoder := json.NewDecoder(outBuf)
+	if err = decoder.Decode(&response); err != nil {
+		return 0, fmt.Errorf("unable to decode ApplyLayer JSON response: %s", err)
+	}
+
+	return response.LayerSize, nil
+}
diff --git a/pkg/chrootarchive/diff_windows.go b/pkg/chrootarchive/diff_windows.go
new file mode 100644
index 00000000..8e1830cb
--- /dev/null
+++ b/pkg/chrootarchive/diff_windows.go
@@ -0,0 +1,44 @@
+package chrootarchive
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/longpath"
+)
+
+// applyLayerHandler parses a diff in the standard layer format from `layer`, and
+// applies it to the directory `dest`. Returns the size in bytes of the
+// contents of the layer.
+func applyLayerHandler(dest string, layer archive.Reader, options *archive.TarOptions, decompress bool) (size int64, err error) {
+	dest = filepath.Clean(dest)
+
+	// Ensure it is a Windows-style volume path
+	dest = longpath.AddPrefix(dest)
+
+	if decompress {
+		decompressed, err := archive.DecompressStream(layer)
+		if err != nil {
+			return 0, err
+		}
+		defer decompressed.Close()
+
+		layer = decompressed
+	}
+
+	tmpDir, err := ioutil.TempDir(os.Getenv("temp"), "temp-docker-extract")
+	if err != nil {
+		return 0, fmt.Errorf("ApplyLayer failed to create temp-docker-extract under %s. %s", dest, err)
+	}
+
+	s, err := archive.UnpackLayer(dest, layer, nil)
+	os.RemoveAll(tmpDir)
+	if err != nil {
+		return 0, fmt.Errorf("ApplyLayer %s failed UnpackLayer to %s", err, dest)
+	}
+
+	return s, nil
+}
diff --git a/pkg/chrootarchive/init_unix.go b/pkg/chrootarchive/init_unix.go
new file mode 100644
index 00000000..4f637f17
--- /dev/null
+++ b/pkg/chrootarchive/init_unix.go
@@ -0,0 +1,28 @@
+// +build !windows
+
+package chrootarchive
+
+import (
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+
+	"github.com/docker/docker/pkg/reexec"
+)
+
+func init() {
+	reexec.Register("docker-applyLayer", applyLayer)
+	reexec.Register("docker-untar", untar)
+}
+
+func fatal(err error) {
+	fmt.Fprint(os.Stderr, err)
+	os.Exit(1)
+}
+
+// flush consumes all the bytes from the reader discarding
+// any errors
+func flush(r io.Reader) (bytes int64, err error) {
+	return io.Copy(ioutil.Discard, r)
+}
diff --git a/pkg/chrootarchive/init_windows.go b/pkg/chrootarchive/init_windows.go
new file mode 100644
index 00000000..fa17c9bf
--- /dev/null
+++ b/pkg/chrootarchive/init_windows.go
@@ -0,0 +1,4 @@
+package chrootarchive
+
+func init() {
+}
diff --git a/pkg/devicemapper/devmapper.go b/pkg/devicemapper/devmapper.go
new file mode 100644
index 00000000..db3244ac
--- /dev/null
+++ b/pkg/devicemapper/devmapper.go
@@ -0,0 +1,807 @@
+// +build linux
+
+package devicemapper
+
+import (
+	"errors"
+	"fmt"
+	"os"
+	"runtime"
+	"syscall"
+	"unsafe"
+
+	"github.com/Sirupsen/logrus"
+)
+
+// DevmapperLogger defines methods for logging with devicemapper.
+type DevmapperLogger interface {
+	DMLog(level int, file string, line int, dmError int, message string)
+}
+
+const (
+	deviceCreate TaskType = iota
+	deviceReload
+	deviceRemove
+	deviceRemoveAll
+	deviceSuspend
+	deviceResume
+	deviceInfo
+	deviceDeps
+	deviceRename
+	deviceVersion
+	deviceStatus
+	deviceTable
+	deviceWaitevent
+	deviceList
+	deviceClear
+	deviceMknodes
+	deviceListVersions
+	deviceTargetMsg
+	deviceSetGeometry
+)
+
+const (
+	addNodeOnResume AddNodeType = iota
+	addNodeOnCreate
+)
+
+// List of errors returned when using devicemapper.
+var (
+	ErrTaskRun              = errors.New("dm_task_run failed")
+	ErrTaskSetName          = errors.New("dm_task_set_name failed")
+	ErrTaskSetMessage       = errors.New("dm_task_set_message failed")
+	ErrTaskSetAddNode       = errors.New("dm_task_set_add_node failed")
+	ErrTaskSetRo            = errors.New("dm_task_set_ro failed")
+	ErrTaskAddTarget        = errors.New("dm_task_add_target failed")
+	ErrTaskSetSector        = errors.New("dm_task_set_sector failed")
+	ErrTaskGetDeps          = errors.New("dm_task_get_deps failed")
+	ErrTaskGetInfo          = errors.New("dm_task_get_info failed")
+	ErrTaskGetDriverVersion = errors.New("dm_task_get_driver_version failed")
+	ErrTaskDeferredRemove   = errors.New("dm_task_deferred_remove failed")
+	ErrTaskSetCookie        = errors.New("dm_task_set_cookie failed")
+	ErrNilCookie            = errors.New("cookie ptr can't be nil")
+	ErrGetBlockSize         = errors.New("Can't get block size")
+	ErrUdevWait             = errors.New("wait on udev cookie failed")
+	ErrSetDevDir            = errors.New("dm_set_dev_dir failed")
+	ErrGetLibraryVersion    = errors.New("dm_get_library_version failed")
+	ErrCreateRemoveTask     = errors.New("Can't create task of type deviceRemove")
+	ErrRunRemoveDevice      = errors.New("running RemoveDevice failed")
+	ErrInvalidAddNode       = errors.New("Invalid AddNode type")
+	ErrBusy                 = errors.New("Device is Busy")
+	ErrDeviceIDExists       = errors.New("Device Id Exists")
+	ErrEnxio                = errors.New("No such device or address")
+)
+
+var (
+	dmSawBusy  bool
+	dmSawExist bool
+	dmSawEnxio bool // No Such Device or Address
+)
+
+type (
+	// Task represents a devicemapper task (like lvcreate, etc.) ; a task is needed for each ioctl
+	// command to execute.
+	Task struct {
+		unmanaged *cdmTask
+	}
+	// Deps represents dependents (layer) of a device.
+	Deps struct {
+		Count  uint32
+		Filler uint32
+		Device []uint64
+	}
+	// Info represents information about a device.
+	Info struct {
+		Exists         int
+		Suspended      int
+		LiveTable      int
+		InactiveTable  int
+		OpenCount      int32
+		EventNr        uint32
+		Major          uint32
+		Minor          uint32
+		ReadOnly       int
+		TargetCount    int32
+		DeferredRemove int
+	}
+	// TaskType represents a type of task
+	TaskType int
+	// AddNodeType represents a type of node to be added
+	AddNodeType int
+)
+
+// DeviceIDExists returns whether error conveys the information about device Id already
+// exist or not. This will be true if device creation or snap creation
+// operation fails if device or snap device already exists in pool.
+// Current implementation is little crude as it scans the error string
+// for exact pattern match. Replacing it with more robust implementation
+// is desirable.
+func DeviceIDExists(err error) bool {
+	return fmt.Sprint(err) == fmt.Sprint(ErrDeviceIDExists)
+}
+
+func (t *Task) destroy() {
+	if t != nil {
+		DmTaskDestroy(t.unmanaged)
+		runtime.SetFinalizer(t, nil)
+	}
+}
+
+// TaskCreateNamed is a convenience function for TaskCreate when a name
+// will be set on the task as well
+func TaskCreateNamed(t TaskType, name string) (*Task, error) {
+	task := TaskCreate(t)
+	if task == nil {
+		return nil, fmt.Errorf("devicemapper: Can't create task of type %d", int(t))
+	}
+	if err := task.setName(name); err != nil {
+		return nil, fmt.Errorf("devicemapper: Can't set task name %s", name)
+	}
+	return task, nil
+}
+
+// TaskCreate initializes a devicemapper task of tasktype
+func TaskCreate(tasktype TaskType) *Task {
+	Ctask := DmTaskCreate(int(tasktype))
+	if Ctask == nil {
+		return nil
+	}
+	task := &Task{unmanaged: Ctask}
+	runtime.SetFinalizer(task, (*Task).destroy)
+	return task
+}
+
+func (t *Task) run() error {
+	if res := DmTaskRun(t.unmanaged); res != 1 {
+		return ErrTaskRun
+	}
+	return nil
+}
+
+func (t *Task) setName(name string) error {
+	if res := DmTaskSetName(t.unmanaged, name); res != 1 {
+		return ErrTaskSetName
+	}
+	return nil
+}
+
+func (t *Task) setMessage(message string) error {
+	if res := DmTaskSetMessage(t.unmanaged, message); res != 1 {
+		return ErrTaskSetMessage
+	}
+	return nil
+}
+
+func (t *Task) setSector(sector uint64) error {
+	if res := DmTaskSetSector(t.unmanaged, sector); res != 1 {
+		return ErrTaskSetSector
+	}
+	return nil
+}
+
+func (t *Task) setCookie(cookie *uint, flags uint16) error {
+	if cookie == nil {
+		return ErrNilCookie
+	}
+	if res := DmTaskSetCookie(t.unmanaged, cookie, flags); res != 1 {
+		return ErrTaskSetCookie
+	}
+	return nil
+}
+
+func (t *Task) setAddNode(addNode AddNodeType) error {
+	if addNode != addNodeOnResume && addNode != addNodeOnCreate {
+		return ErrInvalidAddNode
+	}
+	if res := DmTaskSetAddNode(t.unmanaged, addNode); res != 1 {
+		return ErrTaskSetAddNode
+	}
+	return nil
+}
+
+func (t *Task) setRo() error {
+	if res := DmTaskSetRo(t.unmanaged); res != 1 {
+		return ErrTaskSetRo
+	}
+	return nil
+}
+
+func (t *Task) addTarget(start, size uint64, ttype, params string) error {
+	if res := DmTaskAddTarget(t.unmanaged, start, size,
+		ttype, params); res != 1 {
+		return ErrTaskAddTarget
+	}
+	return nil
+}
+
+func (t *Task) getDeps() (*Deps, error) {
+	var deps *Deps
+	if deps = DmTaskGetDeps(t.unmanaged); deps == nil {
+		return nil, ErrTaskGetDeps
+	}
+	return deps, nil
+}
+
+func (t *Task) getInfo() (*Info, error) {
+	info := &Info{}
+	if res := DmTaskGetInfo(t.unmanaged, info); res != 1 {
+		return nil, ErrTaskGetInfo
+	}
+	return info, nil
+}
+
+func (t *Task) getInfoWithDeferred() (*Info, error) {
+	info := &Info{}
+	if res := DmTaskGetInfoWithDeferred(t.unmanaged, info); res != 1 {
+		return nil, ErrTaskGetInfo
+	}
+	return info, nil
+}
+
+func (t *Task) getDriverVersion() (string, error) {
+	res := DmTaskGetDriverVersion(t.unmanaged)
+	if res == "" {
+		return "", ErrTaskGetDriverVersion
+	}
+	return res, nil
+}
+
+func (t *Task) getNextTarget(next unsafe.Pointer) (nextPtr unsafe.Pointer, start uint64,
+	length uint64, targetType string, params string) {
+
+	return DmGetNextTarget(t.unmanaged, next, &start, &length,
+			&targetType, &params),
+		start, length, targetType, params
+}
+
+// UdevWait waits for any processes that are waiting for udev to complete the specified cookie.
+func UdevWait(cookie *uint) error {
+	if res := DmUdevWait(*cookie); res != 1 {
+		logrus.Debugf("devicemapper: Failed to wait on udev cookie %d", *cookie)
+		return ErrUdevWait
+	}
+	return nil
+}
+
+// LogInitVerbose is an interface to initialize the verbose logger for the device mapper library.
+func LogInitVerbose(level int) {
+	DmLogInitVerbose(level)
+}
+
+var dmLogger DevmapperLogger
+
+// LogInit initializes the logger for the device mapper library.
+func LogInit(logger DevmapperLogger) {
+	dmLogger = logger
+	LogWithErrnoInit()
+}
+
+// SetDevDir sets the dev folder for the device mapper library (usually /dev).
+func SetDevDir(dir string) error {
+	if res := DmSetDevDir(dir); res != 1 {
+		logrus.Debugf("devicemapper: Error dm_set_dev_dir")
+		return ErrSetDevDir
+	}
+	return nil
+}
+
+// GetLibraryVersion returns the device mapper library version.
+func GetLibraryVersion() (string, error) {
+	var version string
+	if res := DmGetLibraryVersion(&version); res != 1 {
+		return "", ErrGetLibraryVersion
+	}
+	return version, nil
+}
+
+// UdevSyncSupported returns whether device-mapper is able to sync with udev
+//
+// This is essential otherwise race conditions can arise where both udev and
+// device-mapper attempt to create and destroy devices.
+func UdevSyncSupported() bool {
+	return DmUdevGetSyncSupport() != 0
+}
+
+// UdevSetSyncSupport allows setting whether the udev sync should be enabled.
+// The return bool indicates the state of whether the sync is enabled.
+func UdevSetSyncSupport(enable bool) bool {
+	if enable {
+		DmUdevSetSyncSupport(1)
+	} else {
+		DmUdevSetSyncSupport(0)
+	}
+
+	return UdevSyncSupported()
+}
+
+// CookieSupported returns whether the version of device-mapper supports the
+// use of cookie's in the tasks.
+// This is largely a lower level call that other functions use.
+func CookieSupported() bool {
+	return DmCookieSupported() != 0
+}
+
+// RemoveDevice is a useful helper for cleaning up a device.
+func RemoveDevice(name string) error {
+	task, err := TaskCreateNamed(deviceRemove, name)
+	if task == nil {
+		return err
+	}
+
+	var cookie uint
+	if err := task.setCookie(&cookie, 0); err != nil {
+		return fmt.Errorf("devicemapper: Can not set cookie: %s", err)
+	}
+	defer UdevWait(&cookie)
+
+	dmSawBusy = false // reset before the task is run
+	if err = task.run(); err != nil {
+		if dmSawBusy {
+			return ErrBusy
+		}
+		return fmt.Errorf("devicemapper: Error running RemoveDevice %s", err)
+	}
+
+	return nil
+}
+
+// RemoveDeviceDeferred is a useful helper for cleaning up a device, but deferred.
+func RemoveDeviceDeferred(name string) error {
+	logrus.Debugf("devicemapper: RemoveDeviceDeferred START(%s)", name)
+	defer logrus.Debugf("devicemapper: RemoveDeviceDeferred END(%s)", name)
+	task, err := TaskCreateNamed(deviceRemove, name)
+	if task == nil {
+		return err
+	}
+
+	if err := DmTaskDeferredRemove(task.unmanaged); err != 1 {
+		return ErrTaskDeferredRemove
+	}
+
+	if err = task.run(); err != nil {
+		return fmt.Errorf("devicemapper: Error running RemoveDeviceDeferred %s", err)
+	}
+
+	return nil
+}
+
+// CancelDeferredRemove cancels a deferred remove for a device.
+func CancelDeferredRemove(deviceName string) error {
+	task, err := TaskCreateNamed(deviceTargetMsg, deviceName)
+	if task == nil {
+		return err
+	}
+
+	if err := task.setSector(0); err != nil {
+		return fmt.Errorf("devicemapper: Can't set sector %s", err)
+	}
+
+	if err := task.setMessage(fmt.Sprintf("@cancel_deferred_remove")); err != nil {
+		return fmt.Errorf("devicemapper: Can't set message %s", err)
+	}
+
+	dmSawBusy = false
+	dmSawEnxio = false
+	if err := task.run(); err != nil {
+		// A device might be being deleted already
+		if dmSawBusy {
+			return ErrBusy
+		} else if dmSawEnxio {
+			return ErrEnxio
+		}
+		return fmt.Errorf("devicemapper: Error running CancelDeferredRemove %s", err)
+
+	}
+	return nil
+}
+
+// GetBlockDeviceSize returns the size of a block device identified by the specified file.
+func GetBlockDeviceSize(file *os.File) (uint64, error) {
+	size, err := ioctlBlkGetSize64(file.Fd())
+	if err != nil {
+		logrus.Errorf("devicemapper: Error getblockdevicesize: %s", err)
+		return 0, ErrGetBlockSize
+	}
+	return uint64(size), nil
+}
+
+// BlockDeviceDiscard runs discard for the given path.
+// This is used as a workaround for the kernel not discarding block so
+// on the thin pool when we remove a thinp device, so we do it
+// manually
+func BlockDeviceDiscard(path string) error {
+	file, err := os.OpenFile(path, os.O_RDWR, 0)
+	if err != nil {
+		return err
+	}
+	defer file.Close()
+
+	size, err := GetBlockDeviceSize(file)
+	if err != nil {
+		return err
+	}
+
+	if err := ioctlBlkDiscard(file.Fd(), 0, size); err != nil {
+		return err
+	}
+
+	// Without this sometimes the remove of the device that happens after
+	// discard fails with EBUSY.
+	syscall.Sync()
+
+	return nil
+}
+
+// CreatePool is the programmatic example of "dmsetup create".
+// It creates a device with the specified poolName, data and metadata file and block size.
+func CreatePool(poolName string, dataFile, metadataFile *os.File, poolBlockSize uint32) error {
+	task, err := TaskCreateNamed(deviceCreate, poolName)
+	if task == nil {
+		return err
+	}
+
+	size, err := GetBlockDeviceSize(dataFile)
+	if err != nil {
+		return fmt.Errorf("devicemapper: Can't get data size %s", err)
+	}
+
+	params := fmt.Sprintf("%s %s %d 32768 1 skip_block_zeroing", metadataFile.Name(), dataFile.Name(), poolBlockSize)
+	if err := task.addTarget(0, size/512, "thin-pool", params); err != nil {
+		return fmt.Errorf("devicemapper: Can't add target %s", err)
+	}
+
+	var cookie uint
+	var flags uint16
+	flags = DmUdevDisableSubsystemRulesFlag | DmUdevDisableDiskRulesFlag | DmUdevDisableOtherRulesFlag
+	if err := task.setCookie(&cookie, flags); err != nil {
+		return fmt.Errorf("devicemapper: Can't set cookie %s", err)
+	}
+	defer UdevWait(&cookie)
+
+	if err := task.run(); err != nil {
+		return fmt.Errorf("devicemapper: Error running deviceCreate (CreatePool) %s", err)
+	}
+
+	return nil
+}
+
+// ReloadPool is the programmatic example of "dmsetup reload".
+// It reloads the table with the specified poolName, data and metadata file and block size.
+func ReloadPool(poolName string, dataFile, metadataFile *os.File, poolBlockSize uint32) error {
+	task, err := TaskCreateNamed(deviceReload, poolName)
+	if task == nil {
+		return err
+	}
+
+	size, err := GetBlockDeviceSize(dataFile)
+	if err != nil {
+		return fmt.Errorf("devicemapper: Can't get data size %s", err)
+	}
+
+	params := fmt.Sprintf("%s %s %d 32768 1 skip_block_zeroing", metadataFile.Name(), dataFile.Name(), poolBlockSize)
+	if err := task.addTarget(0, size/512, "thin-pool", params); err != nil {
+		return fmt.Errorf("devicemapper: Can't add target %s", err)
+	}
+
+	if err := task.run(); err != nil {
+		return fmt.Errorf("devicemapper: Error running deviceCreate %s", err)
+	}
+
+	return nil
+}
+
+// GetDeps is the programmatic example of "dmsetup deps".
+// It outputs a list of devices referenced by the live table for the specified device.
+func GetDeps(name string) (*Deps, error) {
+	task, err := TaskCreateNamed(deviceDeps, name)
+	if task == nil {
+		return nil, err
+	}
+	if err := task.run(); err != nil {
+		return nil, err
+	}
+	return task.getDeps()
+}
+
+// GetInfo is the programmatic example of "dmsetup info".
+// It outputs some brief information about the device.
+func GetInfo(name string) (*Info, error) {
+	task, err := TaskCreateNamed(deviceInfo, name)
+	if task == nil {
+		return nil, err
+	}
+	if err := task.run(); err != nil {
+		return nil, err
+	}
+	return task.getInfo()
+}
+
+// GetInfoWithDeferred is the programmatic example of "dmsetup info", but deferred.
+// It outputs some brief information about the device.
+func GetInfoWithDeferred(name string) (*Info, error) {
+	task, err := TaskCreateNamed(deviceInfo, name)
+	if task == nil {
+		return nil, err
+	}
+	if err := task.run(); err != nil {
+		return nil, err
+	}
+	return task.getInfoWithDeferred()
+}
+
+// GetDriverVersion is the programmatic example of "dmsetup version".
+// It outputs version information of the driver.
+func GetDriverVersion() (string, error) {
+	task := TaskCreate(deviceVersion)
+	if task == nil {
+		return "", fmt.Errorf("devicemapper: Can't create deviceVersion task")
+	}
+	if err := task.run(); err != nil {
+		return "", err
+	}
+	return task.getDriverVersion()
+}
+
+// GetStatus is the programmatic example of "dmsetup status".
+// It outputs status information for the specified device name.
+func GetStatus(name string) (uint64, uint64, string, string, error) {
+	task, err := TaskCreateNamed(deviceStatus, name)
+	if task == nil {
+		logrus.Debugf("devicemapper: GetStatus() Error TaskCreateNamed: %s", err)
+		return 0, 0, "", "", err
+	}
+	if err := task.run(); err != nil {
+		logrus.Debugf("devicemapper: GetStatus() Error Run: %s", err)
+		return 0, 0, "", "", err
+	}
+
+	devinfo, err := task.getInfo()
+	if err != nil {
+		logrus.Debugf("devicemapper: GetStatus() Error GetInfo: %s", err)
+		return 0, 0, "", "", err
+	}
+	if devinfo.Exists == 0 {
+		logrus.Debugf("devicemapper: GetStatus() Non existing device %s", name)
+		return 0, 0, "", "", fmt.Errorf("devicemapper: Non existing device %s", name)
+	}
+
+	_, start, length, targetType, params := task.getNextTarget(unsafe.Pointer(nil))
+	return start, length, targetType, params, nil
+}
+
+// GetTable is the programmatic example for "dmsetup table".
+// It outputs the current table for the specified device name.
+func GetTable(name string) (uint64, uint64, string, string, error) {
+	task, err := TaskCreateNamed(deviceTable, name)
+	if task == nil {
+		logrus.Debugf("devicemapper: GetTable() Error TaskCreateNamed: %s", err)
+		return 0, 0, "", "", err
+	}
+	if err := task.run(); err != nil {
+		logrus.Debugf("devicemapper: GetTable() Error Run: %s", err)
+		return 0, 0, "", "", err
+	}
+
+	devinfo, err := task.getInfo()
+	if err != nil {
+		logrus.Debugf("devicemapper: GetTable() Error GetInfo: %s", err)
+		return 0, 0, "", "", err
+	}
+	if devinfo.Exists == 0 {
+		logrus.Debugf("devicemapper: GetTable() Non existing device %s", name)
+		return 0, 0, "", "", fmt.Errorf("devicemapper: Non existing device %s", name)
+	}
+
+	_, start, length, targetType, params := task.getNextTarget(unsafe.Pointer(nil))
+	return start, length, targetType, params, nil
+}
+
+// SetTransactionID sets a transaction id for the specified device name.
+func SetTransactionID(poolName string, oldID uint64, newID uint64) error {
+	task, err := TaskCreateNamed(deviceTargetMsg, poolName)
+	if task == nil {
+		return err
+	}
+
+	if err := task.setSector(0); err != nil {
+		return fmt.Errorf("devicemapper: Can't set sector %s", err)
+	}
+
+	if err := task.setMessage(fmt.Sprintf("set_transaction_id %d %d", oldID, newID)); err != nil {
+		return fmt.Errorf("devicemapper: Can't set message %s", err)
+	}
+
+	if err := task.run(); err != nil {
+		return fmt.Errorf("devicemapper: Error running SetTransactionID %s", err)
+	}
+	return nil
+}
+
+// SuspendDevice is the programmatic example of "dmsetup suspend".
+// It suspends the specified device.
+func SuspendDevice(name string) error {
+	task, err := TaskCreateNamed(deviceSuspend, name)
+	if task == nil {
+		return err
+	}
+	if err := task.run(); err != nil {
+		return fmt.Errorf("devicemapper: Error running deviceSuspend %s", err)
+	}
+	return nil
+}
+
+// ResumeDevice is the programmatic example of "dmsetup resume".
+// It un-suspends the specified device.
+func ResumeDevice(name string) error {
+	task, err := TaskCreateNamed(deviceResume, name)
+	if task == nil {
+		return err
+	}
+
+	var cookie uint
+	if err := task.setCookie(&cookie, 0); err != nil {
+		return fmt.Errorf("devicemapper: Can't set cookie %s", err)
+	}
+	defer UdevWait(&cookie)
+
+	if err := task.run(); err != nil {
+		return fmt.Errorf("devicemapper: Error running deviceResume %s", err)
+	}
+
+	return nil
+}
+
+// CreateDevice creates a device with the specified poolName with the specified device id.
+func CreateDevice(poolName string, deviceID int) error {
+	logrus.Debugf("devicemapper: CreateDevice(poolName=%v, deviceID=%v)", poolName, deviceID)
+	task, err := TaskCreateNamed(deviceTargetMsg, poolName)
+	if task == nil {
+		return err
+	}
+
+	if err := task.setSector(0); err != nil {
+		return fmt.Errorf("devicemapper: Can't set sector %s", err)
+	}
+
+	if err := task.setMessage(fmt.Sprintf("create_thin %d", deviceID)); err != nil {
+		return fmt.Errorf("devicemapper: Can't set message %s", err)
+	}
+
+	dmSawExist = false // reset before the task is run
+	if err := task.run(); err != nil {
+		// Caller wants to know about ErrDeviceIDExists so that it can try with a different device id.
+		if dmSawExist {
+			return ErrDeviceIDExists
+		}
+
+		return fmt.Errorf("devicemapper: Error running CreateDevice %s", err)
+
+	}
+	return nil
+}
+
+// DeleteDevice deletes a device with the specified poolName with the specified device id.
+func DeleteDevice(poolName string, deviceID int) error {
+	task, err := TaskCreateNamed(deviceTargetMsg, poolName)
+	if task == nil {
+		return err
+	}
+
+	if err := task.setSector(0); err != nil {
+		return fmt.Errorf("devicemapper: Can't set sector %s", err)
+	}
+
+	if err := task.setMessage(fmt.Sprintf("delete %d", deviceID)); err != nil {
+		return fmt.Errorf("devicemapper: Can't set message %s", err)
+	}
+
+	dmSawBusy = false
+	if err := task.run(); err != nil {
+		if dmSawBusy {
+			return ErrBusy
+		}
+		return fmt.Errorf("devicemapper: Error running DeleteDevice %s", err)
+	}
+	return nil
+}
+
+// ActivateDevice activates the device identified by the specified
+// poolName, name and deviceID with the specified size.
+func ActivateDevice(poolName string, name string, deviceID int, size uint64) error {
+	return activateDevice(poolName, name, deviceID, size, "")
+}
+
+// ActivateDeviceWithExternal activates the device identified by the specified
+// poolName, name and deviceID with the specified size.
+func ActivateDeviceWithExternal(poolName string, name string, deviceID int, size uint64, external string) error {
+	return activateDevice(poolName, name, deviceID, size, external)
+}
+
+func activateDevice(poolName string, name string, deviceID int, size uint64, external string) error {
+	task, err := TaskCreateNamed(deviceCreate, name)
+	if task == nil {
+		return err
+	}
+
+	var params string
+	if len(external) > 0 {
+		params = fmt.Sprintf("%s %d %s", poolName, deviceID, external)
+	} else {
+		params = fmt.Sprintf("%s %d", poolName, deviceID)
+	}
+	if err := task.addTarget(0, size/512, "thin", params); err != nil {
+		return fmt.Errorf("devicemapper: Can't add target %s", err)
+	}
+	if err := task.setAddNode(addNodeOnCreate); err != nil {
+		return fmt.Errorf("devicemapper: Can't add node %s", err)
+	}
+
+	var cookie uint
+	if err := task.setCookie(&cookie, 0); err != nil {
+		return fmt.Errorf("devicemapper: Can't set cookie %s", err)
+	}
+
+	defer UdevWait(&cookie)
+
+	if err := task.run(); err != nil {
+		return fmt.Errorf("devicemapper: Error running deviceCreate (ActivateDevice) %s", err)
+	}
+
+	return nil
+}
+
+// CreateSnapDevice creates a snapshot based on the device identified by the baseName and baseDeviceId,
+func CreateSnapDevice(poolName string, deviceID int, baseName string, baseDeviceID int) error {
+	devinfo, _ := GetInfo(baseName)
+	doSuspend := devinfo != nil && devinfo.Exists != 0
+
+	if doSuspend {
+		if err := SuspendDevice(baseName); err != nil {
+			return err
+		}
+	}
+
+	task, err := TaskCreateNamed(deviceTargetMsg, poolName)
+	if task == nil {
+		if doSuspend {
+			ResumeDevice(baseName)
+		}
+		return err
+	}
+
+	if err := task.setSector(0); err != nil {
+		if doSuspend {
+			ResumeDevice(baseName)
+		}
+		return fmt.Errorf("devicemapper: Can't set sector %s", err)
+	}
+
+	if err := task.setMessage(fmt.Sprintf("create_snap %d %d", deviceID, baseDeviceID)); err != nil {
+		if doSuspend {
+			ResumeDevice(baseName)
+		}
+		return fmt.Errorf("devicemapper: Can't set message %s", err)
+	}
+
+	dmSawExist = false // reset before the task is run
+	if err := task.run(); err != nil {
+		if doSuspend {
+			ResumeDevice(baseName)
+		}
+		// Caller wants to know about ErrDeviceIDExists so that it can try with a different device id.
+		if dmSawExist {
+			return ErrDeviceIDExists
+		}
+
+		return fmt.Errorf("devicemapper: Error running deviceCreate (createSnapDevice) %s", err)
+
+	}
+
+	if doSuspend {
+		if err := ResumeDevice(baseName); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
diff --git a/pkg/devicemapper/devmapper_log.go b/pkg/devicemapper/devmapper_log.go
new file mode 100644
index 00000000..8477e36f
--- /dev/null
+++ b/pkg/devicemapper/devmapper_log.go
@@ -0,0 +1,35 @@
+// +build linux
+
+package devicemapper
+
+import "C"
+
+import (
+	"strings"
+)
+
+// Due to the way cgo works this has to be in a separate file, as devmapper.go has
+// definitions in the cgo block, which is incompatible with using "//export"
+
+// DevmapperLogCallback exports the devmapper log callback for cgo.
+//export DevmapperLogCallback
+func DevmapperLogCallback(level C.int, file *C.char, line C.int, dmErrnoOrClass C.int, message *C.char) {
+	msg := C.GoString(message)
+	if level < 7 {
+		if strings.Contains(msg, "busy") {
+			dmSawBusy = true
+		}
+
+		if strings.Contains(msg, "File exists") {
+			dmSawExist = true
+		}
+
+		if strings.Contains(msg, "No such device or address") {
+			dmSawEnxio = true
+		}
+	}
+
+	if dmLogger != nil {
+		dmLogger.DMLog(int(level), C.GoString(file), int(line), int(dmErrnoOrClass), msg)
+	}
+}
diff --git a/pkg/devicemapper/devmapper_wrapper.go b/pkg/devicemapper/devmapper_wrapper.go
new file mode 100644
index 00000000..91fbc85b
--- /dev/null
+++ b/pkg/devicemapper/devmapper_wrapper.go
@@ -0,0 +1,251 @@
+// +build linux
+
+package devicemapper
+
+/*
+#cgo LDFLAGS: -L. -ldevmapper
+#include <libdevmapper.h>
+#include <linux/fs.h>   // FIXME: present only for BLKGETSIZE64, maybe we can remove it?
+
+// FIXME: Can't we find a way to do the logging in pure Go?
+extern void DevmapperLogCallback(int level, char *file, int line, int dm_errno_or_class, char *str);
+
+static void	log_cb(int level, const char *file, int line, int dm_errno_or_class, const char *f, ...)
+{
+  char buffer[256];
+  va_list ap;
+
+  va_start(ap, f);
+  vsnprintf(buffer, 256, f, ap);
+  va_end(ap);
+
+  DevmapperLogCallback(level, (char *)file, line, dm_errno_or_class, buffer);
+}
+
+static void	log_with_errno_init()
+{
+  dm_log_with_errno_init(log_cb);
+}
+*/
+import "C"
+
+import (
+	"reflect"
+	"unsafe"
+)
+
+type (
+	cdmTask C.struct_dm_task
+)
+
+// IOCTL consts
+const (
+	BlkGetSize64 = C.BLKGETSIZE64
+	BlkDiscard   = C.BLKDISCARD
+)
+
+// Devicemapper cookie flags.
+const (
+	DmUdevDisableSubsystemRulesFlag = C.DM_UDEV_DISABLE_SUBSYSTEM_RULES_FLAG
+	DmUdevDisableDiskRulesFlag      = C.DM_UDEV_DISABLE_DISK_RULES_FLAG
+	DmUdevDisableOtherRulesFlag     = C.DM_UDEV_DISABLE_OTHER_RULES_FLAG
+	DmUdevDisableLibraryFallback    = C.DM_UDEV_DISABLE_LIBRARY_FALLBACK
+)
+
+// DeviceMapper mapped functions.
+var (
+	DmGetLibraryVersion       = dmGetLibraryVersionFct
+	DmGetNextTarget           = dmGetNextTargetFct
+	DmLogInitVerbose          = dmLogInitVerboseFct
+	DmSetDevDir               = dmSetDevDirFct
+	DmTaskAddTarget           = dmTaskAddTargetFct
+	DmTaskCreate              = dmTaskCreateFct
+	DmTaskDestroy             = dmTaskDestroyFct
+	DmTaskGetDeps             = dmTaskGetDepsFct
+	DmTaskGetInfo             = dmTaskGetInfoFct
+	DmTaskGetDriverVersion    = dmTaskGetDriverVersionFct
+	DmTaskRun                 = dmTaskRunFct
+	DmTaskSetAddNode          = dmTaskSetAddNodeFct
+	DmTaskSetCookie           = dmTaskSetCookieFct
+	DmTaskSetMessage          = dmTaskSetMessageFct
+	DmTaskSetName             = dmTaskSetNameFct
+	DmTaskSetRo               = dmTaskSetRoFct
+	DmTaskSetSector           = dmTaskSetSectorFct
+	DmUdevWait                = dmUdevWaitFct
+	DmUdevSetSyncSupport      = dmUdevSetSyncSupportFct
+	DmUdevGetSyncSupport      = dmUdevGetSyncSupportFct
+	DmCookieSupported         = dmCookieSupportedFct
+	LogWithErrnoInit          = logWithErrnoInitFct
+	DmTaskDeferredRemove      = dmTaskDeferredRemoveFct
+	DmTaskGetInfoWithDeferred = dmTaskGetInfoWithDeferredFct
+)
+
+func free(p *C.char) {
+	C.free(unsafe.Pointer(p))
+}
+
+func dmTaskDestroyFct(task *cdmTask) {
+	C.dm_task_destroy((*C.struct_dm_task)(task))
+}
+
+func dmTaskCreateFct(taskType int) *cdmTask {
+	return (*cdmTask)(C.dm_task_create(C.int(taskType)))
+}
+
+func dmTaskRunFct(task *cdmTask) int {
+	ret, _ := C.dm_task_run((*C.struct_dm_task)(task))
+	return int(ret)
+}
+
+func dmTaskSetNameFct(task *cdmTask, name string) int {
+	Cname := C.CString(name)
+	defer free(Cname)
+
+	return int(C.dm_task_set_name((*C.struct_dm_task)(task), Cname))
+}
+
+func dmTaskSetMessageFct(task *cdmTask, message string) int {
+	Cmessage := C.CString(message)
+	defer free(Cmessage)
+
+	return int(C.dm_task_set_message((*C.struct_dm_task)(task), Cmessage))
+}
+
+func dmTaskSetSectorFct(task *cdmTask, sector uint64) int {
+	return int(C.dm_task_set_sector((*C.struct_dm_task)(task), C.uint64_t(sector)))
+}
+
+func dmTaskSetCookieFct(task *cdmTask, cookie *uint, flags uint16) int {
+	cCookie := C.uint32_t(*cookie)
+	defer func() {
+		*cookie = uint(cCookie)
+	}()
+	return int(C.dm_task_set_cookie((*C.struct_dm_task)(task), &cCookie, C.uint16_t(flags)))
+}
+
+func dmTaskSetAddNodeFct(task *cdmTask, addNode AddNodeType) int {
+	return int(C.dm_task_set_add_node((*C.struct_dm_task)(task), C.dm_add_node_t(addNode)))
+}
+
+func dmTaskSetRoFct(task *cdmTask) int {
+	return int(C.dm_task_set_ro((*C.struct_dm_task)(task)))
+}
+
+func dmTaskAddTargetFct(task *cdmTask,
+	start, size uint64, ttype, params string) int {
+
+	Cttype := C.CString(ttype)
+	defer free(Cttype)
+
+	Cparams := C.CString(params)
+	defer free(Cparams)
+
+	return int(C.dm_task_add_target((*C.struct_dm_task)(task), C.uint64_t(start), C.uint64_t(size), Cttype, Cparams))
+}
+
+func dmTaskGetDepsFct(task *cdmTask) *Deps {
+	Cdeps := C.dm_task_get_deps((*C.struct_dm_task)(task))
+	if Cdeps == nil {
+		return nil
+	}
+
+	// golang issue: https://github.com/golang/go/issues/11925
+	hdr := reflect.SliceHeader{
+		Data: uintptr(unsafe.Pointer(uintptr(unsafe.Pointer(Cdeps)) + unsafe.Sizeof(*Cdeps))),
+		Len:  int(Cdeps.count),
+		Cap:  int(Cdeps.count),
+	}
+	devices := *(*[]C.uint64_t)(unsafe.Pointer(&hdr))
+
+	deps := &Deps{
+		Count:  uint32(Cdeps.count),
+		Filler: uint32(Cdeps.filler),
+	}
+	for _, device := range devices {
+		deps.Device = append(deps.Device, uint64(device))
+	}
+	return deps
+}
+
+func dmTaskGetInfoFct(task *cdmTask, info *Info) int {
+	Cinfo := C.struct_dm_info{}
+	defer func() {
+		info.Exists = int(Cinfo.exists)
+		info.Suspended = int(Cinfo.suspended)
+		info.LiveTable = int(Cinfo.live_table)
+		info.InactiveTable = int(Cinfo.inactive_table)
+		info.OpenCount = int32(Cinfo.open_count)
+		info.EventNr = uint32(Cinfo.event_nr)
+		info.Major = uint32(Cinfo.major)
+		info.Minor = uint32(Cinfo.minor)
+		info.ReadOnly = int(Cinfo.read_only)
+		info.TargetCount = int32(Cinfo.target_count)
+	}()
+	return int(C.dm_task_get_info((*C.struct_dm_task)(task), &Cinfo))
+}
+
+func dmTaskGetDriverVersionFct(task *cdmTask) string {
+	buffer := C.malloc(128)
+	defer C.free(buffer)
+	res := C.dm_task_get_driver_version((*C.struct_dm_task)(task), (*C.char)(buffer), 128)
+	if res == 0 {
+		return ""
+	}
+	return C.GoString((*C.char)(buffer))
+}
+
+func dmGetNextTargetFct(task *cdmTask, next unsafe.Pointer, start, length *uint64, target, params *string) unsafe.Pointer {
+	var (
+		Cstart, Clength      C.uint64_t
+		CtargetType, Cparams *C.char
+	)
+	defer func() {
+		*start = uint64(Cstart)
+		*length = uint64(Clength)
+		*target = C.GoString(CtargetType)
+		*params = C.GoString(Cparams)
+	}()
+
+	nextp := C.dm_get_next_target((*C.struct_dm_task)(task), next, &Cstart, &Clength, &CtargetType, &Cparams)
+	return nextp
+}
+
+func dmUdevSetSyncSupportFct(syncWithUdev int) {
+	(C.dm_udev_set_sync_support(C.int(syncWithUdev)))
+}
+
+func dmUdevGetSyncSupportFct() int {
+	return int(C.dm_udev_get_sync_support())
+}
+
+func dmUdevWaitFct(cookie uint) int {
+	return int(C.dm_udev_wait(C.uint32_t(cookie)))
+}
+
+func dmCookieSupportedFct() int {
+	return int(C.dm_cookie_supported())
+}
+
+func dmLogInitVerboseFct(level int) {
+	C.dm_log_init_verbose(C.int(level))
+}
+
+func logWithErrnoInitFct() {
+	C.log_with_errno_init()
+}
+
+func dmSetDevDirFct(dir string) int {
+	Cdir := C.CString(dir)
+	defer free(Cdir)
+
+	return int(C.dm_set_dev_dir(Cdir))
+}
+
+func dmGetLibraryVersionFct(version *string) int {
+	buffer := C.CString(string(make([]byte, 128)))
+	defer free(buffer)
+	defer func() {
+		*version = C.GoString(buffer)
+	}()
+	return int(C.dm_get_library_version(buffer, 128))
+}
diff --git a/pkg/devicemapper/devmapper_wrapper_deferred_remove.go b/pkg/devicemapper/devmapper_wrapper_deferred_remove.go
new file mode 100644
index 00000000..dc361eab
--- /dev/null
+++ b/pkg/devicemapper/devmapper_wrapper_deferred_remove.go
@@ -0,0 +1,34 @@
+// +build linux,!libdm_no_deferred_remove
+
+package devicemapper
+
+/*
+#cgo LDFLAGS: -L. -ldevmapper
+#include <libdevmapper.h>
+*/
+import "C"
+
+// LibraryDeferredRemovalSupport is supported when statically linked.
+const LibraryDeferredRemovalSupport = true
+
+func dmTaskDeferredRemoveFct(task *cdmTask) int {
+	return int(C.dm_task_deferred_remove((*C.struct_dm_task)(task)))
+}
+
+func dmTaskGetInfoWithDeferredFct(task *cdmTask, info *Info) int {
+	Cinfo := C.struct_dm_info{}
+	defer func() {
+		info.Exists = int(Cinfo.exists)
+		info.Suspended = int(Cinfo.suspended)
+		info.LiveTable = int(Cinfo.live_table)
+		info.InactiveTable = int(Cinfo.inactive_table)
+		info.OpenCount = int32(Cinfo.open_count)
+		info.EventNr = uint32(Cinfo.event_nr)
+		info.Major = uint32(Cinfo.major)
+		info.Minor = uint32(Cinfo.minor)
+		info.ReadOnly = int(Cinfo.read_only)
+		info.TargetCount = int32(Cinfo.target_count)
+		info.DeferredRemove = int(Cinfo.deferred_remove)
+	}()
+	return int(C.dm_task_get_info((*C.struct_dm_task)(task), &Cinfo))
+}
diff --git a/pkg/devicemapper/devmapper_wrapper_no_deferred_remove.go b/pkg/devicemapper/devmapper_wrapper_no_deferred_remove.go
new file mode 100644
index 00000000..4a6665de
--- /dev/null
+++ b/pkg/devicemapper/devmapper_wrapper_no_deferred_remove.go
@@ -0,0 +1,15 @@
+// +build linux,libdm_no_deferred_remove
+
+package devicemapper
+
+// LibraryDeferredRemovalsupport is not supported when statically linked.
+const LibraryDeferredRemovalSupport = false
+
+func dmTaskDeferredRemoveFct(task *cdmTask) int {
+	// Error. Nobody should be calling it.
+	return -1
+}
+
+func dmTaskGetInfoWithDeferredFct(task *cdmTask, info *Info) int {
+	return -1
+}
diff --git a/pkg/devicemapper/ioctl.go b/pkg/devicemapper/ioctl.go
new file mode 100644
index 00000000..581b57eb
--- /dev/null
+++ b/pkg/devicemapper/ioctl.go
@@ -0,0 +1,27 @@
+// +build linux
+
+package devicemapper
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+func ioctlBlkGetSize64(fd uintptr) (int64, error) {
+	var size int64
+	if _, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, BlkGetSize64, uintptr(unsafe.Pointer(&size))); err != 0 {
+		return 0, err
+	}
+	return size, nil
+}
+
+func ioctlBlkDiscard(fd uintptr, offset, length uint64) error {
+	var r [2]uint64
+	r[0] = offset
+	r[1] = length
+
+	if _, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, BlkDiscard, uintptr(unsafe.Pointer(&r[0]))); err != 0 {
+		return err
+	}
+	return nil
+}
diff --git a/pkg/devicemapper/log.go b/pkg/devicemapper/log.go
new file mode 100644
index 00000000..cee5e545
--- /dev/null
+++ b/pkg/devicemapper/log.go
@@ -0,0 +1,11 @@
+package devicemapper
+
+// definitions from lvm2 lib/log/log.h
+const (
+	LogLevelFatal  = 2 + iota // _LOG_FATAL
+	LogLevelErr               // _LOG_ERR
+	LogLevelWarn              // _LOG_WARN
+	LogLevelNotice            // _LOG_NOTICE
+	LogLevelInfo              // _LOG_INFO
+	LogLevelDebug             // _LOG_DEBUG
+)
diff --git a/pkg/directory/directory.go b/pkg/directory/directory.go
new file mode 100644
index 00000000..1715ef45
--- /dev/null
+++ b/pkg/directory/directory.go
@@ -0,0 +1,26 @@
+package directory
+
+import (
+	"io/ioutil"
+	"os"
+	"path/filepath"
+)
+
+// MoveToSubdir moves all contents of a directory to a subdirectory underneath the original path
+func MoveToSubdir(oldpath, subdir string) error {
+
+	infos, err := ioutil.ReadDir(oldpath)
+	if err != nil {
+		return err
+	}
+	for _, info := range infos {
+		if info.Name() != subdir {
+			oldName := filepath.Join(oldpath, info.Name())
+			newName := filepath.Join(oldpath, subdir, info.Name())
+			if err := os.Rename(oldName, newName); err != nil {
+				return err
+			}
+		}
+	}
+	return nil
+}
diff --git a/pkg/directory/directory_test.go b/pkg/directory/directory_test.go
new file mode 100644
index 00000000..46110628
--- /dev/null
+++ b/pkg/directory/directory_test.go
@@ -0,0 +1,185 @@
+package directory
+
+import (
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"reflect"
+	"sort"
+	"testing"
+)
+
+// Size of an empty directory should be 0
+func TestSizeEmpty(t *testing.T) {
+	var dir string
+	var err error
+	if dir, err = ioutil.TempDir(os.TempDir(), "testSizeEmptyDirectory"); err != nil {
+		t.Fatalf("failed to create directory: %s", err)
+	}
+
+	var size int64
+	if size, _ = Size(dir); size != 0 {
+		t.Fatalf("empty directory has size: %d", size)
+	}
+}
+
+// Size of a directory with one empty file should be 0
+func TestSizeEmptyFile(t *testing.T) {
+	var dir string
+	var err error
+	if dir, err = ioutil.TempDir(os.TempDir(), "testSizeEmptyFile"); err != nil {
+		t.Fatalf("failed to create directory: %s", err)
+	}
+
+	var file *os.File
+	if file, err = ioutil.TempFile(dir, "file"); err != nil {
+		t.Fatalf("failed to create file: %s", err)
+	}
+
+	var size int64
+	if size, _ = Size(file.Name()); size != 0 {
+		t.Fatalf("directory with one file has size: %d", size)
+	}
+}
+
+// Size of a directory with one 5-byte file should be 5
+func TestSizeNonemptyFile(t *testing.T) {
+	var dir string
+	var err error
+	if dir, err = ioutil.TempDir(os.TempDir(), "testSizeNonemptyFile"); err != nil {
+		t.Fatalf("failed to create directory: %s", err)
+	}
+
+	var file *os.File
+	if file, err = ioutil.TempFile(dir, "file"); err != nil {
+		t.Fatalf("failed to create file: %s", err)
+	}
+
+	d := []byte{97, 98, 99, 100, 101}
+	file.Write(d)
+
+	var size int64
+	if size, _ = Size(file.Name()); size != 5 {
+		t.Fatalf("directory with one 5-byte file has size: %d", size)
+	}
+}
+
+// Size of a directory with one empty directory should be 0
+func TestSizeNestedDirectoryEmpty(t *testing.T) {
+	var dir string
+	var err error
+	if dir, err = ioutil.TempDir(os.TempDir(), "testSizeNestedDirectoryEmpty"); err != nil {
+		t.Fatalf("failed to create directory: %s", err)
+	}
+	if dir, err = ioutil.TempDir(dir, "nested"); err != nil {
+		t.Fatalf("failed to create nested directory: %s", err)
+	}
+
+	var size int64
+	if size, _ = Size(dir); size != 0 {
+		t.Fatalf("directory with one empty directory has size: %d", size)
+	}
+}
+
+// Test directory with 1 file and 1 empty directory
+func TestSizeFileAndNestedDirectoryEmpty(t *testing.T) {
+	var dir string
+	var err error
+	if dir, err = ioutil.TempDir(os.TempDir(), "testSizeFileAndNestedDirectoryEmpty"); err != nil {
+		t.Fatalf("failed to create directory: %s", err)
+	}
+	if dir, err = ioutil.TempDir(dir, "nested"); err != nil {
+		t.Fatalf("failed to create nested directory: %s", err)
+	}
+
+	var file *os.File
+	if file, err = ioutil.TempFile(dir, "file"); err != nil {
+		t.Fatalf("failed to create file: %s", err)
+	}
+
+	d := []byte{100, 111, 99, 107, 101, 114}
+	file.Write(d)
+
+	var size int64
+	if size, _ = Size(dir); size != 6 {
+		t.Fatalf("directory with 6-byte file and empty directory has size: %d", size)
+	}
+}
+
+// Test directory with 1 file and 1 non-empty directory
+func TestSizeFileAndNestedDirectoryNonempty(t *testing.T) {
+	var dir, dirNested string
+	var err error
+	if dir, err = ioutil.TempDir(os.TempDir(), "TestSizeFileAndNestedDirectoryNonempty"); err != nil {
+		t.Fatalf("failed to create directory: %s", err)
+	}
+	if dirNested, err = ioutil.TempDir(dir, "nested"); err != nil {
+		t.Fatalf("failed to create nested directory: %s", err)
+	}
+
+	var file *os.File
+	if file, err = ioutil.TempFile(dir, "file"); err != nil {
+		t.Fatalf("failed to create file: %s", err)
+	}
+
+	data := []byte{100, 111, 99, 107, 101, 114}
+	file.Write(data)
+
+	var nestedFile *os.File
+	if nestedFile, err = ioutil.TempFile(dirNested, "file"); err != nil {
+		t.Fatalf("failed to create file in nested directory: %s", err)
+	}
+
+	nestedData := []byte{100, 111, 99, 107, 101, 114}
+	nestedFile.Write(nestedData)
+
+	var size int64
+	if size, _ = Size(dir); size != 12 {
+		t.Fatalf("directory with 6-byte file and nested directory with 6-byte file has size: %d", size)
+	}
+}
+
+// Test migration of directory to a subdir underneath itself
+func TestMoveToSubdir(t *testing.T) {
+	var outerDir, subDir string
+	var err error
+
+	if outerDir, err = ioutil.TempDir(os.TempDir(), "TestMoveToSubdir"); err != nil {
+		t.Fatalf("failed to create directory: %v", err)
+	}
+
+	if subDir, err = ioutil.TempDir(outerDir, "testSub"); err != nil {
+		t.Fatalf("failed to create subdirectory: %v", err)
+	}
+
+	// write 4 temp files in the outer dir to get moved
+	filesList := []string{"a", "b", "c", "d"}
+	for _, fName := range filesList {
+		if file, err := os.Create(filepath.Join(outerDir, fName)); err != nil {
+			t.Fatalf("couldn't create temp file %q: %v", fName, err)
+		} else {
+			file.WriteString(fName)
+			file.Close()
+		}
+	}
+
+	if err = MoveToSubdir(outerDir, filepath.Base(subDir)); err != nil {
+		t.Fatalf("Error during migration of content to subdirectory: %v", err)
+	}
+	// validate that the files were moved to the subdirectory
+	infos, err := ioutil.ReadDir(subDir)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(infos) != 4 {
+		t.Fatalf("Should be four files in the subdir after the migration: actual length: %d", len(infos))
+	}
+	var results []string
+	for _, info := range infos {
+		results = append(results, info.Name())
+	}
+	sort.Sort(sort.StringSlice(results))
+	if !reflect.DeepEqual(filesList, results) {
+		t.Fatalf("Results after migration do not equal list of files: expected: %v, got: %v", filesList, results)
+	}
+}
diff --git a/pkg/directory/directory_unix.go b/pkg/directory/directory_unix.go
new file mode 100644
index 00000000..dbebdd3c
--- /dev/null
+++ b/pkg/directory/directory_unix.go
@@ -0,0 +1,39 @@
+// +build linux freebsd
+
+package directory
+
+import (
+	"os"
+	"path/filepath"
+	"syscall"
+)
+
+// Size walks a directory tree and returns its total size in bytes.
+func Size(dir string) (size int64, err error) {
+	data := make(map[uint64]struct{})
+	err = filepath.Walk(dir, func(d string, fileInfo os.FileInfo, e error) error {
+		// Ignore directory sizes
+		if fileInfo == nil {
+			return nil
+		}
+
+		s := fileInfo.Size()
+		if fileInfo.IsDir() || s == 0 {
+			return nil
+		}
+
+		// Check inode to handle hard links correctly
+		inode := fileInfo.Sys().(*syscall.Stat_t).Ino
+		// inode is not a uint64 on all platforms. Cast it to avoid issues.
+		if _, exists := data[uint64(inode)]; exists {
+			return nil
+		}
+		// inode is not a uint64 on all platforms. Cast it to avoid issues.
+		data[uint64(inode)] = struct{}{}
+
+		size += s
+
+		return nil
+	})
+	return
+}
diff --git a/pkg/directory/directory_windows.go b/pkg/directory/directory_windows.go
new file mode 100644
index 00000000..7a9f8cb6
--- /dev/null
+++ b/pkg/directory/directory_windows.go
@@ -0,0 +1,28 @@
+// +build windows
+
+package directory
+
+import (
+	"os"
+	"path/filepath"
+)
+
+// Size walks a directory tree and returns its total size in bytes.
+func Size(dir string) (size int64, err error) {
+	err = filepath.Walk(dir, func(d string, fileInfo os.FileInfo, e error) error {
+		// Ignore directory sizes
+		if fileInfo == nil {
+			return nil
+		}
+
+		s := fileInfo.Size()
+		if fileInfo.IsDir() || s == 0 {
+			return nil
+		}
+
+		size += s
+
+		return nil
+	})
+	return
+}
diff --git a/pkg/discovery/README.md b/pkg/discovery/README.md
new file mode 100644
index 00000000..39777c21
--- /dev/null
+++ b/pkg/discovery/README.md
@@ -0,0 +1,41 @@
+---
+page_title: Docker discovery
+page_description: discovery
+page_keywords: docker, clustering, discovery
+---
+
+# Discovery
+
+Docker comes with multiple Discovery backends.
+
+## Backends
+
+### Using etcd
+
+Point your Docker Engine instances to a common etcd instance. You can specify
+the address Docker uses to advertise the node using the `--cluster-advertise`
+flag.
+
+```bash
+$ docker daemon -H=<node_ip:2376> --cluster-advertise=<node_ip:2376> --cluster-store etcd://<etcd_ip1>,<etcd_ip2>/<path>
+```
+
+### Using consul
+
+Point your Docker Engine instances to a common Consul instance. You can specify
+the address Docker uses to advertise the node using the `--cluster-advertise`
+flag.
+
+```bash
+$ docker daemon -H=<node_ip:2376> --cluster-advertise=<node_ip:2376> --cluster-store consul://<consul_ip>/<path>
+```
+
+### Using zookeeper
+
+Point your Docker Engine instances to a common Zookeeper instance. You can specify
+the address Docker uses to advertise the node using the `--cluster-advertise`
+flag.
+
+```bash
+$ docker daemon -H=<node_ip:2376> --cluster-advertise=<node_ip:2376> --cluster-store zk://<zk_addr1>,<zk_addr2>/<path>
+```
diff --git a/pkg/discovery/backends.go b/pkg/discovery/backends.go
new file mode 100644
index 00000000..65364c9a
--- /dev/null
+++ b/pkg/discovery/backends.go
@@ -0,0 +1,107 @@
+package discovery
+
+import (
+	"fmt"
+	"net"
+	"strings"
+	"time"
+
+	log "github.com/Sirupsen/logrus"
+)
+
+var (
+	// Backends is a global map of discovery backends indexed by their
+	// associated scheme.
+	backends = make(map[string]Backend)
+)
+
+// Register makes a discovery backend available by the provided scheme.
+// If Register is called twice with the same scheme an error is returned.
+func Register(scheme string, d Backend) error {
+	if _, exists := backends[scheme]; exists {
+		return fmt.Errorf("scheme already registered %s", scheme)
+	}
+	log.WithField("name", scheme).Debug("Registering discovery service")
+	backends[scheme] = d
+	return nil
+}
+
+func parse(rawurl string) (string, string) {
+	parts := strings.SplitN(rawurl, "://", 2)
+
+	// nodes:port,node2:port => nodes://node1:port,node2:port
+	if len(parts) == 1 {
+		return "nodes", parts[0]
+	}
+	return parts[0], parts[1]
+}
+
+// ParseAdvertise parses the --cluster-advertise daemon config which accepts
+// <ip-address>:<port> or <interface-name>:<port>
+func ParseAdvertise(advertise string) (string, error) {
+	var (
+		iface *net.Interface
+		addrs []net.Addr
+		err   error
+	)
+
+	addr, port, err := net.SplitHostPort(advertise)
+
+	if err != nil {
+		return "", fmt.Errorf("invalid --cluster-advertise configuration: %s: %v", advertise, err)
+	}
+
+	ip := net.ParseIP(addr)
+	// If it is a valid ip-address, use it as is
+	if ip != nil {
+		return advertise, nil
+	}
+
+	// If advertise is a valid interface name, get the valid ipv4 address and use it to advertise
+	ifaceName := addr
+	iface, err = net.InterfaceByName(ifaceName)
+	if err != nil {
+		return "", fmt.Errorf("invalid cluster advertise IP address or interface name (%s) : %v", advertise, err)
+	}
+
+	addrs, err = iface.Addrs()
+	if err != nil {
+		return "", fmt.Errorf("unable to get advertise IP address from interface (%s) : %v", advertise, err)
+	}
+
+	if addrs == nil || len(addrs) == 0 {
+		return "", fmt.Errorf("no available advertise IP address in interface (%s)", advertise)
+	}
+
+	addr = ""
+	for _, a := range addrs {
+		ip, _, err := net.ParseCIDR(a.String())
+		if err != nil {
+			return "", fmt.Errorf("error deriving advertise ip-address in interface (%s) : %v", advertise, err)
+		}
+		if ip.To4() == nil || ip.IsLoopback() {
+			continue
+		}
+		addr = ip.String()
+		break
+	}
+	if addr == "" {
+		return "", fmt.Errorf("couldnt find a valid ip-address in interface %s", advertise)
+	}
+
+	addr = net.JoinHostPort(addr, port)
+	return addr, nil
+}
+
+// New returns a new Discovery given a URL, heartbeat and ttl settings.
+// Returns an error if the URL scheme is not supported.
+func New(rawurl string, heartbeat time.Duration, ttl time.Duration, clusterOpts map[string]string) (Backend, error) {
+	scheme, uri := parse(rawurl)
+	if backend, exists := backends[scheme]; exists {
+		log.WithFields(log.Fields{"name": scheme, "uri": uri}).Debug("Initializing discovery service")
+		err := backend.Initialize(uri, heartbeat, ttl, clusterOpts)
+		return backend, err
+	}
+
+	return nil, ErrNotSupported
+}
diff --git a/pkg/discovery/discovery.go b/pkg/discovery/discovery.go
new file mode 100644
index 00000000..ca7f5874
--- /dev/null
+++ b/pkg/discovery/discovery.go
@@ -0,0 +1,35 @@
+package discovery
+
+import (
+	"errors"
+	"time"
+)
+
+var (
+	// ErrNotSupported is returned when a discovery service is not supported.
+	ErrNotSupported = errors.New("discovery service not supported")
+
+	// ErrNotImplemented is returned when discovery feature is not implemented
+	// by discovery backend.
+	ErrNotImplemented = errors.New("not implemented in this discovery service")
+)
+
+// Watcher provides watching over a cluster for nodes joining and leaving.
+type Watcher interface {
+	// Watch the discovery for entry changes.
+	// Returns a channel that will receive changes or an error.
+	// Providing a non-nil stopCh can be used to stop watching.
+	Watch(stopCh <-chan struct{}) (<-chan Entries, <-chan error)
+}
+
+// Backend is implemented by discovery backends which manage cluster entries.
+type Backend interface {
+	// Watcher must be provided by every backend.
+	Watcher
+
+	// Initialize the discovery with URIs, a heartbeat, a ttl and optional settings.
+	Initialize(string, time.Duration, time.Duration, map[string]string) error
+
+	// Register to the discovery.
+	Register(string) error
+}
diff --git a/pkg/discovery/discovery_test.go b/pkg/discovery/discovery_test.go
new file mode 100644
index 00000000..6084f3ef
--- /dev/null
+++ b/pkg/discovery/discovery_test.go
@@ -0,0 +1,137 @@
+package discovery
+
+import (
+	"testing"
+
+	"github.com/go-check/check"
+)
+
+// Hook up gocheck into the "go test" runner.
+func Test(t *testing.T) { check.TestingT(t) }
+
+type DiscoverySuite struct{}
+
+var _ = check.Suite(&DiscoverySuite{})
+
+func (s *DiscoverySuite) TestNewEntry(c *check.C) {
+	entry, err := NewEntry("127.0.0.1:2375")
+	c.Assert(err, check.IsNil)
+	c.Assert(entry.Equals(&Entry{Host: "127.0.0.1", Port: "2375"}), check.Equals, true)
+	c.Assert(entry.String(), check.Equals, "127.0.0.1:2375")
+
+	entry, err = NewEntry("[2001:db8:0:f101::2]:2375")
+	c.Assert(err, check.IsNil)
+	c.Assert(entry.Equals(&Entry{Host: "2001:db8:0:f101::2", Port: "2375"}), check.Equals, true)
+	c.Assert(entry.String(), check.Equals, "[2001:db8:0:f101::2]:2375")
+
+	_, err = NewEntry("127.0.0.1")
+	c.Assert(err, check.NotNil)
+}
+
+func (s *DiscoverySuite) TestParse(c *check.C) {
+	scheme, uri := parse("127.0.0.1:2375")
+	c.Assert(scheme, check.Equals, "nodes")
+	c.Assert(uri, check.Equals, "127.0.0.1:2375")
+
+	scheme, uri = parse("localhost:2375")
+	c.Assert(scheme, check.Equals, "nodes")
+	c.Assert(uri, check.Equals, "localhost:2375")
+
+	scheme, uri = parse("scheme://127.0.0.1:2375")
+	c.Assert(scheme, check.Equals, "scheme")
+	c.Assert(uri, check.Equals, "127.0.0.1:2375")
+
+	scheme, uri = parse("scheme://localhost:2375")
+	c.Assert(scheme, check.Equals, "scheme")
+	c.Assert(uri, check.Equals, "localhost:2375")
+
+	scheme, uri = parse("")
+	c.Assert(scheme, check.Equals, "nodes")
+	c.Assert(uri, check.Equals, "")
+}
+
+func (s *DiscoverySuite) TestCreateEntries(c *check.C) {
+	entries, err := CreateEntries(nil)
+	c.Assert(entries, check.DeepEquals, Entries{})
+	c.Assert(err, check.IsNil)
+
+	entries, err = CreateEntries([]string{"127.0.0.1:2375", "127.0.0.2:2375", "[2001:db8:0:f101::2]:2375", ""})
+	c.Assert(err, check.IsNil)
+	expected := Entries{
+		&Entry{Host: "127.0.0.1", Port: "2375"},
+		&Entry{Host: "127.0.0.2", Port: "2375"},
+		&Entry{Host: "2001:db8:0:f101::2", Port: "2375"},
+	}
+	c.Assert(entries.Equals(expected), check.Equals, true)
+
+	_, err = CreateEntries([]string{"127.0.0.1", "127.0.0.2"})
+	c.Assert(err, check.NotNil)
+}
+
+func (s *DiscoverySuite) TestContainsEntry(c *check.C) {
+	entries, err := CreateEntries([]string{"127.0.0.1:2375", "127.0.0.2:2375", ""})
+	c.Assert(err, check.IsNil)
+	c.Assert(entries.Contains(&Entry{Host: "127.0.0.1", Port: "2375"}), check.Equals, true)
+	c.Assert(entries.Contains(&Entry{Host: "127.0.0.3", Port: "2375"}), check.Equals, false)
+}
+
+func (s *DiscoverySuite) TestEntriesEquality(c *check.C) {
+	entries := Entries{
+		&Entry{Host: "127.0.0.1", Port: "2375"},
+		&Entry{Host: "127.0.0.2", Port: "2375"},
+	}
+
+	// Same
+	c.Assert(entries.Equals(Entries{
+		&Entry{Host: "127.0.0.1", Port: "2375"},
+		&Entry{Host: "127.0.0.2", Port: "2375"},
+	}), check.
+		Equals, true)
+
+	// Different size
+	c.Assert(entries.Equals(Entries{
+		&Entry{Host: "127.0.0.1", Port: "2375"},
+		&Entry{Host: "127.0.0.2", Port: "2375"},
+		&Entry{Host: "127.0.0.3", Port: "2375"},
+	}), check.
+		Equals, false)
+
+	// Different content
+	c.Assert(entries.Equals(Entries{
+		&Entry{Host: "127.0.0.1", Port: "2375"},
+		&Entry{Host: "127.0.0.42", Port: "2375"},
+	}), check.
+		Equals, false)
+
+}
+
+func (s *DiscoverySuite) TestEntriesDiff(c *check.C) {
+	entry1 := &Entry{Host: "1.1.1.1", Port: "1111"}
+	entry2 := &Entry{Host: "2.2.2.2", Port: "2222"}
+	entry3 := &Entry{Host: "3.3.3.3", Port: "3333"}
+	entries := Entries{entry1, entry2}
+
+	// No diff
+	added, removed := entries.Diff(Entries{entry2, entry1})
+	c.Assert(added, check.HasLen, 0)
+	c.Assert(removed, check.HasLen, 0)
+
+	// Add
+	added, removed = entries.Diff(Entries{entry2, entry3, entry1})
+	c.Assert(added, check.HasLen, 1)
+	c.Assert(added.Contains(entry3), check.Equals, true)
+	c.Assert(removed, check.HasLen, 0)
+
+	// Remove
+	added, removed = entries.Diff(Entries{entry2})
+	c.Assert(added, check.HasLen, 0)
+	c.Assert(removed, check.HasLen, 1)
+	c.Assert(removed.Contains(entry1), check.Equals, true)
+
+	// Add and remove
+	added, removed = entries.Diff(Entries{entry1, entry3})
+	c.Assert(added, check.HasLen, 1)
+	c.Assert(added.Contains(entry3), check.Equals, true)
+	c.Assert(removed, check.HasLen, 1)
+	c.Assert(removed.Contains(entry2), check.Equals, true)
+}
diff --git a/pkg/discovery/entry.go b/pkg/discovery/entry.go
new file mode 100644
index 00000000..ce23bbf8
--- /dev/null
+++ b/pkg/discovery/entry.go
@@ -0,0 +1,94 @@
+package discovery
+
+import "net"
+
+// NewEntry creates a new entry.
+func NewEntry(url string) (*Entry, error) {
+	host, port, err := net.SplitHostPort(url)
+	if err != nil {
+		return nil, err
+	}
+	return &Entry{host, port}, nil
+}
+
+// An Entry represents a host.
+type Entry struct {
+	Host string
+	Port string
+}
+
+// Equals returns true if cmp contains the same data.
+func (e *Entry) Equals(cmp *Entry) bool {
+	return e.Host == cmp.Host && e.Port == cmp.Port
+}
+
+// String returns the string form of an entry.
+func (e *Entry) String() string {
+	return net.JoinHostPort(e.Host, e.Port)
+}
+
+// Entries is a list of *Entry with some helpers.
+type Entries []*Entry
+
+// Equals returns true if cmp contains the same data.
+func (e Entries) Equals(cmp Entries) bool {
+	// Check if the file has really changed.
+	if len(e) != len(cmp) {
+		return false
+	}
+	for i := range e {
+		if !e[i].Equals(cmp[i]) {
+			return false
+		}
+	}
+	return true
+}
+
+// Contains returns true if the Entries contain a given Entry.
+func (e Entries) Contains(entry *Entry) bool {
+	for _, curr := range e {
+		if curr.Equals(entry) {
+			return true
+		}
+	}
+	return false
+}
+
+// Diff compares two entries and returns the added and removed entries.
+func (e Entries) Diff(cmp Entries) (Entries, Entries) {
+	added := Entries{}
+	for _, entry := range cmp {
+		if !e.Contains(entry) {
+			added = append(added, entry)
+		}
+	}
+
+	removed := Entries{}
+	for _, entry := range e {
+		if !cmp.Contains(entry) {
+			removed = append(removed, entry)
+		}
+	}
+
+	return added, removed
+}
+
+// CreateEntries returns an array of entries based on the given addresses.
+func CreateEntries(addrs []string) (Entries, error) {
+	entries := Entries{}
+	if addrs == nil {
+		return entries, nil
+	}
+
+	for _, addr := range addrs {
+		if len(addr) == 0 {
+			continue
+		}
+		entry, err := NewEntry(addr)
+		if err != nil {
+			return nil, err
+		}
+		entries = append(entries, entry)
+	}
+	return entries, nil
+}
diff --git a/pkg/discovery/file/file.go b/pkg/discovery/file/file.go
new file mode 100644
index 00000000..b4f870b8
--- /dev/null
+++ b/pkg/discovery/file/file.go
@@ -0,0 +1,109 @@
+package file
+
+import (
+	"fmt"
+	"io/ioutil"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/discovery"
+)
+
+// Discovery is exported
+type Discovery struct {
+	heartbeat time.Duration
+	path      string
+}
+
+func init() {
+	Init()
+}
+
+// Init is exported
+func Init() {
+	discovery.Register("file", &Discovery{})
+}
+
+// Initialize is exported
+func (s *Discovery) Initialize(path string, heartbeat time.Duration, ttl time.Duration, _ map[string]string) error {
+	s.path = path
+	s.heartbeat = heartbeat
+	return nil
+}
+
+func parseFileContent(content []byte) []string {
+	var result []string
+	for _, line := range strings.Split(strings.TrimSpace(string(content)), "\n") {
+		line = strings.TrimSpace(line)
+		// Ignoring line starts with #
+		if strings.HasPrefix(line, "#") {
+			continue
+		}
+		// Inlined # comment also ignored.
+		if strings.Contains(line, "#") {
+			line = line[0:strings.Index(line, "#")]
+			// Trim additional spaces caused by above stripping.
+			line = strings.TrimSpace(line)
+		}
+		for _, ip := range discovery.Generate(line) {
+			result = append(result, ip)
+		}
+	}
+	return result
+}
+
+func (s *Discovery) fetch() (discovery.Entries, error) {
+	fileContent, err := ioutil.ReadFile(s.path)
+	if err != nil {
+		return nil, fmt.Errorf("failed to read '%s': %v", s.path, err)
+	}
+	return discovery.CreateEntries(parseFileContent(fileContent))
+}
+
+// Watch is exported
+func (s *Discovery) Watch(stopCh <-chan struct{}) (<-chan discovery.Entries, <-chan error) {
+	ch := make(chan discovery.Entries)
+	errCh := make(chan error)
+	ticker := time.NewTicker(s.heartbeat)
+
+	go func() {
+		defer close(errCh)
+		defer close(ch)
+
+		// Send the initial entries if available.
+		currentEntries, err := s.fetch()
+		if err != nil {
+			errCh <- err
+		} else {
+			ch <- currentEntries
+		}
+
+		// Periodically send updates.
+		for {
+			select {
+			case <-ticker.C:
+				newEntries, err := s.fetch()
+				if err != nil {
+					errCh <- err
+					continue
+				}
+
+				// Check if the file has really changed.
+				if !newEntries.Equals(currentEntries) {
+					ch <- newEntries
+				}
+				currentEntries = newEntries
+			case <-stopCh:
+				ticker.Stop()
+				return
+			}
+		}
+	}()
+
+	return ch, errCh
+}
+
+// Register is exported
+func (s *Discovery) Register(addr string) error {
+	return discovery.ErrNotImplemented
+}
diff --git a/pkg/discovery/file/file_test.go b/pkg/discovery/file/file_test.go
new file mode 100644
index 00000000..667f00ba
--- /dev/null
+++ b/pkg/discovery/file/file_test.go
@@ -0,0 +1,114 @@
+package file
+
+import (
+	"io/ioutil"
+	"os"
+	"testing"
+
+	"github.com/docker/docker/pkg/discovery"
+
+	"github.com/go-check/check"
+)
+
+// Hook up gocheck into the "go test" runner.
+func Test(t *testing.T) { check.TestingT(t) }
+
+type DiscoverySuite struct{}
+
+var _ = check.Suite(&DiscoverySuite{})
+
+func (s *DiscoverySuite) TestInitialize(c *check.C) {
+	d := &Discovery{}
+	d.Initialize("/path/to/file", 1000, 0, nil)
+	c.Assert(d.path, check.Equals, "/path/to/file")
+}
+
+func (s *DiscoverySuite) TestNew(c *check.C) {
+	d, err := discovery.New("file:///path/to/file", 0, 0, nil)
+	c.Assert(err, check.IsNil)
+	c.Assert(d.(*Discovery).path, check.Equals, "/path/to/file")
+}
+
+func (s *DiscoverySuite) TestContent(c *check.C) {
+	data := `
+1.1.1.[1:2]:1111
+2.2.2.[2:4]:2222
+`
+	ips := parseFileContent([]byte(data))
+	c.Assert(ips, check.HasLen, 5)
+	c.Assert(ips[0], check.Equals, "1.1.1.1:1111")
+	c.Assert(ips[1], check.Equals, "1.1.1.2:1111")
+	c.Assert(ips[2], check.Equals, "2.2.2.2:2222")
+	c.Assert(ips[3], check.Equals, "2.2.2.3:2222")
+	c.Assert(ips[4], check.Equals, "2.2.2.4:2222")
+}
+
+func (s *DiscoverySuite) TestRegister(c *check.C) {
+	discovery := &Discovery{path: "/path/to/file"}
+	c.Assert(discovery.Register("0.0.0.0"), check.NotNil)
+}
+
+func (s *DiscoverySuite) TestParsingContentsWithComments(c *check.C) {
+	data := `
+### test ###
+1.1.1.1:1111 # inline comment
+# 2.2.2.2:2222
+      ### empty line with comment
+    3.3.3.3:3333
+### test ###
+`
+	ips := parseFileContent([]byte(data))
+	c.Assert(ips, check.HasLen, 2)
+	c.Assert("1.1.1.1:1111", check.Equals, ips[0])
+	c.Assert("3.3.3.3:3333", check.Equals, ips[1])
+}
+
+func (s *DiscoverySuite) TestWatch(c *check.C) {
+	data := `
+1.1.1.1:1111
+2.2.2.2:2222
+`
+	expected := discovery.Entries{
+		&discovery.Entry{Host: "1.1.1.1", Port: "1111"},
+		&discovery.Entry{Host: "2.2.2.2", Port: "2222"},
+	}
+
+	// Create a temporary file and remove it.
+	tmp, err := ioutil.TempFile(os.TempDir(), "discovery-file-test")
+	c.Assert(err, check.IsNil)
+	c.Assert(tmp.Close(), check.IsNil)
+	c.Assert(os.Remove(tmp.Name()), check.IsNil)
+
+	// Set up file discovery.
+	d := &Discovery{}
+	d.Initialize(tmp.Name(), 1000, 0, nil)
+	stopCh := make(chan struct{})
+	ch, errCh := d.Watch(stopCh)
+
+	// Make sure it fires errors since the file doesn't exist.
+	c.Assert(<-errCh, check.NotNil)
+	// We have to drain the error channel otherwise Watch will get stuck.
+	go func() {
+		for range errCh {
+		}
+	}()
+
+	// Write the file and make sure we get the expected value back.
+	c.Assert(ioutil.WriteFile(tmp.Name(), []byte(data), 0600), check.IsNil)
+	c.Assert(<-ch, check.DeepEquals, expected)
+
+	// Add a new entry and look it up.
+	expected = append(expected, &discovery.Entry{Host: "3.3.3.3", Port: "3333"})
+	f, err := os.OpenFile(tmp.Name(), os.O_APPEND|os.O_WRONLY, 0600)
+	c.Assert(err, check.IsNil)
+	c.Assert(f, check.NotNil)
+	_, err = f.WriteString("\n3.3.3.3:3333\n")
+	c.Assert(err, check.IsNil)
+	f.Close()
+	c.Assert(<-ch, check.DeepEquals, expected)
+
+	// Stop and make sure it closes all channels.
+	close(stopCh)
+	c.Assert(<-ch, check.IsNil)
+	c.Assert(<-errCh, check.IsNil)
+}
diff --git a/pkg/discovery/generator.go b/pkg/discovery/generator.go
new file mode 100644
index 00000000..d2229829
--- /dev/null
+++ b/pkg/discovery/generator.go
@@ -0,0 +1,35 @@
+package discovery
+
+import (
+	"fmt"
+	"regexp"
+	"strconv"
+)
+
+// Generate takes care of IP generation
+func Generate(pattern string) []string {
+	re, _ := regexp.Compile(`\[(.+):(.+)\]`)
+	submatch := re.FindStringSubmatch(pattern)
+	if submatch == nil {
+		return []string{pattern}
+	}
+
+	from, err := strconv.Atoi(submatch[1])
+	if err != nil {
+		return []string{pattern}
+	}
+	to, err := strconv.Atoi(submatch[2])
+	if err != nil {
+		return []string{pattern}
+	}
+
+	template := re.ReplaceAllString(pattern, "%d")
+
+	var result []string
+	for val := from; val <= to; val++ {
+		entry := fmt.Sprintf(template, val)
+		result = append(result, entry)
+	}
+
+	return result
+}
diff --git a/pkg/discovery/generator_test.go b/pkg/discovery/generator_test.go
new file mode 100644
index 00000000..6281c466
--- /dev/null
+++ b/pkg/discovery/generator_test.go
@@ -0,0 +1,53 @@
+package discovery
+
+import (
+	"github.com/go-check/check"
+)
+
+func (s *DiscoverySuite) TestGeneratorNotGenerate(c *check.C) {
+	ips := Generate("127.0.0.1")
+	c.Assert(len(ips), check.Equals, 1)
+	c.Assert(ips[0], check.Equals, "127.0.0.1")
+}
+
+func (s *DiscoverySuite) TestGeneratorWithPortNotGenerate(c *check.C) {
+	ips := Generate("127.0.0.1:8080")
+	c.Assert(len(ips), check.Equals, 1)
+	c.Assert(ips[0], check.Equals, "127.0.0.1:8080")
+}
+
+func (s *DiscoverySuite) TestGeneratorMatchFailedNotGenerate(c *check.C) {
+	ips := Generate("127.0.0.[1]")
+	c.Assert(len(ips), check.Equals, 1)
+	c.Assert(ips[0], check.Equals, "127.0.0.[1]")
+}
+
+func (s *DiscoverySuite) TestGeneratorWithPort(c *check.C) {
+	ips := Generate("127.0.0.[1:11]:2375")
+	c.Assert(len(ips), check.Equals, 11)
+	c.Assert(ips[0], check.Equals, "127.0.0.1:2375")
+	c.Assert(ips[1], check.Equals, "127.0.0.2:2375")
+	c.Assert(ips[2], check.Equals, "127.0.0.3:2375")
+	c.Assert(ips[3], check.Equals, "127.0.0.4:2375")
+	c.Assert(ips[4], check.Equals, "127.0.0.5:2375")
+	c.Assert(ips[5], check.Equals, "127.0.0.6:2375")
+	c.Assert(ips[6], check.Equals, "127.0.0.7:2375")
+	c.Assert(ips[7], check.Equals, "127.0.0.8:2375")
+	c.Assert(ips[8], check.Equals, "127.0.0.9:2375")
+	c.Assert(ips[9], check.Equals, "127.0.0.10:2375")
+	c.Assert(ips[10], check.Equals, "127.0.0.11:2375")
+}
+
+func (s *DiscoverySuite) TestGenerateWithMalformedInputAtRangeStart(c *check.C) {
+	malformedInput := "127.0.0.[x:11]:2375"
+	ips := Generate(malformedInput)
+	c.Assert(len(ips), check.Equals, 1)
+	c.Assert(ips[0], check.Equals, malformedInput)
+}
+
+func (s *DiscoverySuite) TestGenerateWithMalformedInputAtRangeEnd(c *check.C) {
+	malformedInput := "127.0.0.[1:x]:2375"
+	ips := Generate(malformedInput)
+	c.Assert(len(ips), check.Equals, 1)
+	c.Assert(ips[0], check.Equals, malformedInput)
+}
diff --git a/pkg/discovery/kv/kv.go b/pkg/discovery/kv/kv.go
new file mode 100644
index 00000000..f371c0cb
--- /dev/null
+++ b/pkg/discovery/kv/kv.go
@@ -0,0 +1,192 @@
+package kv
+
+import (
+	"fmt"
+	"path"
+	"strings"
+	"time"
+
+	log "github.com/Sirupsen/logrus"
+	"github.com/docker/docker/pkg/discovery"
+	"github.com/docker/go-connections/tlsconfig"
+	"github.com/docker/libkv"
+	"github.com/docker/libkv/store"
+	"github.com/docker/libkv/store/consul"
+	"github.com/docker/libkv/store/etcd"
+	"github.com/docker/libkv/store/zookeeper"
+)
+
+const (
+	defaultDiscoveryPath = "docker/nodes"
+)
+
+// Discovery is exported
+type Discovery struct {
+	backend   store.Backend
+	store     store.Store
+	heartbeat time.Duration
+	ttl       time.Duration
+	prefix    string
+	path      string
+}
+
+func init() {
+	Init()
+}
+
+// Init is exported
+func Init() {
+	// Register to libkv
+	zookeeper.Register()
+	consul.Register()
+	etcd.Register()
+
+	// Register to internal discovery service
+	discovery.Register("zk", &Discovery{backend: store.ZK})
+	discovery.Register("consul", &Discovery{backend: store.CONSUL})
+	discovery.Register("etcd", &Discovery{backend: store.ETCD})
+}
+
+// Initialize is exported
+func (s *Discovery) Initialize(uris string, heartbeat time.Duration, ttl time.Duration, clusterOpts map[string]string) error {
+	var (
+		parts = strings.SplitN(uris, "/", 2)
+		addrs = strings.Split(parts[0], ",")
+		err   error
+	)
+
+	// A custom prefix to the path can be optionally used.
+	if len(parts) == 2 {
+		s.prefix = parts[1]
+	}
+
+	s.heartbeat = heartbeat
+	s.ttl = ttl
+
+	// Use a custom path if specified in discovery options
+	dpath := defaultDiscoveryPath
+	if clusterOpts["kv.path"] != "" {
+		dpath = clusterOpts["kv.path"]
+	}
+
+	s.path = path.Join(s.prefix, dpath)
+
+	var config *store.Config
+	if clusterOpts["kv.cacertfile"] != "" && clusterOpts["kv.certfile"] != "" && clusterOpts["kv.keyfile"] != "" {
+		log.Info("Initializing discovery with TLS")
+		tlsConfig, err := tlsconfig.Client(tlsconfig.Options{
+			CAFile:   clusterOpts["kv.cacertfile"],
+			CertFile: clusterOpts["kv.certfile"],
+			KeyFile:  clusterOpts["kv.keyfile"],
+		})
+		if err != nil {
+			return err
+		}
+		config = &store.Config{
+			// Set ClientTLS to trigger https (bug in libkv/etcd)
+			ClientTLS: &store.ClientTLSConfig{
+				CACertFile: clusterOpts["kv.cacertfile"],
+				CertFile:   clusterOpts["kv.certfile"],
+				KeyFile:    clusterOpts["kv.keyfile"],
+			},
+			// The actual TLS config that will be used
+			TLS: tlsConfig,
+		}
+	} else {
+		log.Info("Initializing discovery without TLS")
+	}
+
+	// Creates a new store, will ignore options given
+	// if not supported by the chosen store
+	s.store, err = libkv.NewStore(s.backend, addrs, config)
+	return err
+}
+
+// Watch the store until either there's a store error or we receive a stop request.
+// Returns false if we shouldn't attempt watching the store anymore (stop request received).
+func (s *Discovery) watchOnce(stopCh <-chan struct{}, watchCh <-chan []*store.KVPair, discoveryCh chan discovery.Entries, errCh chan error) bool {
+	for {
+		select {
+		case pairs := <-watchCh:
+			if pairs == nil {
+				return true
+			}
+
+			log.WithField("discovery", s.backend).Debugf("Watch triggered with %d nodes", len(pairs))
+
+			// Convert `KVPair` into `discovery.Entry`.
+			addrs := make([]string, len(pairs))
+			for _, pair := range pairs {
+				addrs = append(addrs, string(pair.Value))
+			}
+
+			entries, err := discovery.CreateEntries(addrs)
+			if err != nil {
+				errCh <- err
+			} else {
+				discoveryCh <- entries
+			}
+		case <-stopCh:
+			// We were requested to stop watching.
+			return false
+		}
+	}
+}
+
+// Watch is exported
+func (s *Discovery) Watch(stopCh <-chan struct{}) (<-chan discovery.Entries, <-chan error) {
+	ch := make(chan discovery.Entries)
+	errCh := make(chan error)
+
+	go func() {
+		defer close(ch)
+		defer close(errCh)
+
+		// Forever: Create a store watch, watch until we get an error and then try again.
+		// Will only stop if we receive a stopCh request.
+		for {
+			// Create the path to watch if it does not exist yet
+			exists, err := s.store.Exists(s.path)
+			if err != nil {
+				errCh <- err
+			}
+			if !exists {
+				if err := s.store.Put(s.path, []byte(""), &store.WriteOptions{IsDir: true}); err != nil {
+					errCh <- err
+				}
+			}
+
+			// Set up a watch.
+			watchCh, err := s.store.WatchTree(s.path, stopCh)
+			if err != nil {
+				errCh <- err
+			} else {
+				if !s.watchOnce(stopCh, watchCh, ch, errCh) {
+					return
+				}
+			}
+
+			// If we get here it means the store watch channel was closed. This
+			// is unexpected so let's retry later.
+			errCh <- fmt.Errorf("Unexpected watch error")
+			time.Sleep(s.heartbeat)
+		}
+	}()
+	return ch, errCh
+}
+
+// Register is exported
+func (s *Discovery) Register(addr string) error {
+	opts := &store.WriteOptions{TTL: s.ttl}
+	return s.store.Put(path.Join(s.path, addr), []byte(addr), opts)
+}
+
+// Store returns the underlying store used by KV discovery.
+func (s *Discovery) Store() store.Store {
+	return s.store
+}
+
+// Prefix returns the store prefix
+func (s *Discovery) Prefix() string {
+	return s.prefix
+}
diff --git a/pkg/discovery/kv/kv_test.go b/pkg/discovery/kv/kv_test.go
new file mode 100644
index 00000000..4fe5239d
--- /dev/null
+++ b/pkg/discovery/kv/kv_test.go
@@ -0,0 +1,324 @@
+package kv
+
+import (
+	"errors"
+	"io/ioutil"
+	"os"
+	"path"
+	"testing"
+	"time"
+
+	"github.com/docker/docker/pkg/discovery"
+	"github.com/docker/libkv"
+	"github.com/docker/libkv/store"
+
+	"github.com/go-check/check"
+)
+
+// Hook up gocheck into the "go test" runner.
+func Test(t *testing.T) { check.TestingT(t) }
+
+type DiscoverySuite struct{}
+
+var _ = check.Suite(&DiscoverySuite{})
+
+func (ds *DiscoverySuite) TestInitialize(c *check.C) {
+	storeMock := &FakeStore{
+		Endpoints: []string{"127.0.0.1"},
+	}
+	d := &Discovery{backend: store.CONSUL}
+	d.Initialize("127.0.0.1", 0, 0, nil)
+	d.store = storeMock
+
+	s := d.store.(*FakeStore)
+	c.Assert(s.Endpoints, check.HasLen, 1)
+	c.Assert(s.Endpoints[0], check.Equals, "127.0.0.1")
+	c.Assert(d.path, check.Equals, defaultDiscoveryPath)
+
+	storeMock = &FakeStore{
+		Endpoints: []string{"127.0.0.1:1234"},
+	}
+	d = &Discovery{backend: store.CONSUL}
+	d.Initialize("127.0.0.1:1234/path", 0, 0, nil)
+	d.store = storeMock
+
+	s = d.store.(*FakeStore)
+	c.Assert(s.Endpoints, check.HasLen, 1)
+	c.Assert(s.Endpoints[0], check.Equals, "127.0.0.1:1234")
+	c.Assert(d.path, check.Equals, "path/"+defaultDiscoveryPath)
+
+	storeMock = &FakeStore{
+		Endpoints: []string{"127.0.0.1:1234", "127.0.0.2:1234", "127.0.0.3:1234"},
+	}
+	d = &Discovery{backend: store.CONSUL}
+	d.Initialize("127.0.0.1:1234,127.0.0.2:1234,127.0.0.3:1234/path", 0, 0, nil)
+	d.store = storeMock
+
+	s = d.store.(*FakeStore)
+	c.Assert(s.Endpoints, check.HasLen, 3)
+	c.Assert(s.Endpoints[0], check.Equals, "127.0.0.1:1234")
+	c.Assert(s.Endpoints[1], check.Equals, "127.0.0.2:1234")
+	c.Assert(s.Endpoints[2], check.Equals, "127.0.0.3:1234")
+
+	c.Assert(d.path, check.Equals, "path/"+defaultDiscoveryPath)
+}
+
+// Extremely limited mock store so we can test initialization
+type Mock struct {
+	// Endpoints passed to InitializeMock
+	Endpoints []string
+
+	// Options passed to InitializeMock
+	Options *store.Config
+}
+
+func NewMock(endpoints []string, options *store.Config) (store.Store, error) {
+	s := &Mock{}
+	s.Endpoints = endpoints
+	s.Options = options
+	return s, nil
+}
+func (s *Mock) Put(key string, value []byte, opts *store.WriteOptions) error {
+	return errors.New("Put not supported")
+}
+func (s *Mock) Get(key string) (*store.KVPair, error) {
+	return nil, errors.New("Get not supported")
+}
+func (s *Mock) Delete(key string) error {
+	return errors.New("Delete not supported")
+}
+
+// Exists mock
+func (s *Mock) Exists(key string) (bool, error) {
+	return false, errors.New("Exists not supported")
+}
+
+// Watch mock
+func (s *Mock) Watch(key string, stopCh <-chan struct{}) (<-chan *store.KVPair, error) {
+	return nil, errors.New("Watch not supported")
+}
+
+// WatchTree mock
+func (s *Mock) WatchTree(prefix string, stopCh <-chan struct{}) (<-chan []*store.KVPair, error) {
+	return nil, errors.New("WatchTree not supported")
+}
+
+// NewLock mock
+func (s *Mock) NewLock(key string, options *store.LockOptions) (store.Locker, error) {
+	return nil, errors.New("NewLock not supported")
+}
+
+// List mock
+func (s *Mock) List(prefix string) ([]*store.KVPair, error) {
+	return nil, errors.New("List not supported")
+}
+
+// DeleteTree mock
+func (s *Mock) DeleteTree(prefix string) error {
+	return errors.New("DeleteTree not supported")
+}
+
+// AtomicPut mock
+func (s *Mock) AtomicPut(key string, value []byte, previous *store.KVPair, opts *store.WriteOptions) (bool, *store.KVPair, error) {
+	return false, nil, errors.New("AtomicPut not supported")
+}
+
+// AtomicDelete mock
+func (s *Mock) AtomicDelete(key string, previous *store.KVPair) (bool, error) {
+	return false, errors.New("AtomicDelete not supported")
+}
+
+// Close mock
+func (s *Mock) Close() {
+	return
+}
+
+func (ds *DiscoverySuite) TestInitializeWithCerts(c *check.C) {
+	cert := `-----BEGIN CERTIFICATE-----
+MIIDCDCCAfKgAwIBAgIICifG7YeiQOEwCwYJKoZIhvcNAQELMBIxEDAOBgNVBAMT
+B1Rlc3QgQ0EwHhcNMTUxMDAxMjMwMDAwWhcNMjAwOTI5MjMwMDAwWjASMRAwDgYD
+VQQDEwdUZXN0IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wRC
+O+flnLTK5ImjTurNRHwSejuqGbc4CAvpB0hS+z0QlSs4+zE9h80aC4hz+6caRpds
++J908Q+RvAittMHbpc7VjbZP72G6fiXk7yPPl6C10HhRSoSi3nY+B7F2E8cuz14q
+V2e+ejhWhSrBb/keyXpcyjoW1BOAAJ2TIclRRkICSCZrpXUyXxAvzXfpFXo1RhSb
+UywN11pfiCQzDUN7sPww9UzFHuAHZHoyfTr27XnJYVUerVYrCPq8vqfn//01qz55
+Xs0hvzGdlTFXhuabFtQnKFH5SNwo/fcznhB7rePOwHojxOpXTBepUCIJLbtNnWFT
+V44t9gh5IqIWtoBReQIDAQABo2YwZDAOBgNVHQ8BAf8EBAMCAAYwEgYDVR0TAQH/
+BAgwBgEB/wIBAjAdBgNVHQ4EFgQUZKUI8IIjIww7X/6hvwggQK4bD24wHwYDVR0j
+BBgwFoAUZKUI8IIjIww7X/6hvwggQK4bD24wCwYJKoZIhvcNAQELA4IBAQDES2cz
+7sCQfDCxCIWH7X8kpi/JWExzUyQEJ0rBzN1m3/x8ySRxtXyGekimBqQwQdFqlwMI
+xzAQKkh3ue8tNSzRbwqMSyH14N1KrSxYS9e9szJHfUasoTpQGPmDmGIoRJuq1h6M
+ej5x1SCJ7GWCR6xEXKUIE9OftXm9TdFzWa7Ja3OHz/mXteii8VXDuZ5ACq6EE5bY
+8sP4gcICfJ5fTrpTlk9FIqEWWQrCGa5wk95PGEj+GJpNogjXQ97wVoo/Y3p1brEn
+t5zjN9PAq4H1fuCMdNNA+p1DHNwd+ELTxcMAnb2ajwHvV6lKPXutrTFc4umJToBX
+FpTxDmJHEV4bzUzh
+-----END CERTIFICATE-----
+`
+	key := `-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEA1wRCO+flnLTK5ImjTurNRHwSejuqGbc4CAvpB0hS+z0QlSs4
++zE9h80aC4hz+6caRpds+J908Q+RvAittMHbpc7VjbZP72G6fiXk7yPPl6C10HhR
+SoSi3nY+B7F2E8cuz14qV2e+ejhWhSrBb/keyXpcyjoW1BOAAJ2TIclRRkICSCZr
+pXUyXxAvzXfpFXo1RhSbUywN11pfiCQzDUN7sPww9UzFHuAHZHoyfTr27XnJYVUe
+rVYrCPq8vqfn//01qz55Xs0hvzGdlTFXhuabFtQnKFH5SNwo/fcznhB7rePOwHoj
+xOpXTBepUCIJLbtNnWFTV44t9gh5IqIWtoBReQIDAQABAoIBAHSWipORGp/uKFXj
+i/mut776x8ofsAxhnLBARQr93ID+i49W8H7EJGkOfaDjTICYC1dbpGrri61qk8sx
+qX7p3v/5NzKwOIfEpirgwVIqSNYe/ncbxnhxkx6tXtUtFKmEx40JskvSpSYAhmmO
+1XSx0E/PWaEN/nLgX/f1eWJIlxlQkk3QeqL+FGbCXI48DEtlJ9+MzMu4pAwZTpj5
+5qtXo5JJ0jRGfJVPAOznRsYqv864AhMdMIWguzk6EGnbaCWwPcfcn+h9a5LMdony
+MDHfBS7bb5tkF3+AfnVY3IBMVx7YlsD9eAyajlgiKu4zLbwTRHjXgShy+4Oussz0
+ugNGnkECgYEA/hi+McrZC8C4gg6XqK8+9joD8tnyDZDz88BQB7CZqABUSwvjDqlP
+L8hcwo/lzvjBNYGkqaFPUICGWKjeCtd8pPS2DCVXxDQX4aHF1vUur0uYNncJiV3N
+XQz4Iemsa6wnKf6M67b5vMXICw7dw0HZCdIHD1hnhdtDz0uVpeevLZ8CgYEA2KCT
+Y43lorjrbCgMqtlefkr3GJA9dey+hTzCiWEOOqn9RqGoEGUday0sKhiLofOgmN2B
+LEukpKIey8s+Q/cb6lReajDVPDsMweX8i7hz3Wa4Ugp4Xa5BpHqu8qIAE2JUZ7bU
+t88aQAYE58pUF+/Lq1QzAQdrjjzQBx6SrBxieecCgYEAvukoPZEC8mmiN1VvbTX+
+QFHmlZha3QaDxChB+QUe7bMRojEUL/fVnzkTOLuVFqSfxevaI/km9n0ac5KtAchV
+xjp2bTnBb5EUQFqjopYktWA+xO07JRJtMfSEmjZPbbay1kKC7rdTfBm961EIHaRj
+xZUf6M+rOE8964oGrdgdLlECgYEA046GQmx6fh7/82FtdZDRQp9tj3SWQUtSiQZc
+qhO59Lq8mjUXz+MgBuJXxkiwXRpzlbaFB0Bca1fUoYw8o915SrDYf/Zu2OKGQ/qa
+V81sgiVmDuEgycR7YOlbX6OsVUHrUlpwhY3hgfMe6UtkMvhBvHF/WhroBEIJm1pV
+PXZ/CbMCgYEApNWVktFBjOaYfY6SNn4iSts1jgsQbbpglg3kT7PLKjCAhI6lNsbk
+dyT7ut01PL6RaW4SeQWtrJIVQaM6vF3pprMKqlc5XihOGAmVqH7rQx9rtQB5TicL
+BFrwkQE4HQtQBV60hYQUzzlSk44VFDz+jxIEtacRHaomDRh2FtOTz+I=
+-----END RSA PRIVATE KEY-----
+`
+	certFile, err := ioutil.TempFile("", "cert")
+	c.Assert(err, check.IsNil)
+	defer os.Remove(certFile.Name())
+	certFile.Write([]byte(cert))
+	certFile.Close()
+	keyFile, err := ioutil.TempFile("", "key")
+	c.Assert(err, check.IsNil)
+	defer os.Remove(keyFile.Name())
+	keyFile.Write([]byte(key))
+	keyFile.Close()
+
+	libkv.AddStore("mock", NewMock)
+	d := &Discovery{backend: "mock"}
+	err = d.Initialize("127.0.0.3:1234", 0, 0, map[string]string{
+		"kv.cacertfile": certFile.Name(),
+		"kv.certfile":   certFile.Name(),
+		"kv.keyfile":    keyFile.Name(),
+	})
+	c.Assert(err, check.IsNil)
+	s := d.store.(*Mock)
+	c.Assert(s.Options.TLS, check.NotNil)
+	c.Assert(s.Options.TLS.RootCAs, check.NotNil)
+	c.Assert(s.Options.TLS.Certificates, check.HasLen, 1)
+}
+
+func (ds *DiscoverySuite) TestWatch(c *check.C) {
+	mockCh := make(chan []*store.KVPair)
+
+	storeMock := &FakeStore{
+		Endpoints:  []string{"127.0.0.1:1234"},
+		mockKVChan: mockCh,
+	}
+
+	d := &Discovery{backend: store.CONSUL}
+	d.Initialize("127.0.0.1:1234/path", 0, 0, nil)
+	d.store = storeMock
+
+	expected := discovery.Entries{
+		&discovery.Entry{Host: "1.1.1.1", Port: "1111"},
+		&discovery.Entry{Host: "2.2.2.2", Port: "2222"},
+	}
+	kvs := []*store.KVPair{
+		{Key: path.Join("path", defaultDiscoveryPath, "1.1.1.1"), Value: []byte("1.1.1.1:1111")},
+		{Key: path.Join("path", defaultDiscoveryPath, "2.2.2.2"), Value: []byte("2.2.2.2:2222")},
+	}
+
+	stopCh := make(chan struct{})
+	ch, errCh := d.Watch(stopCh)
+
+	// It should fire an error since the first WatchTree call failed.
+	c.Assert(<-errCh, check.ErrorMatches, "test error")
+	// We have to drain the error channel otherwise Watch will get stuck.
+	go func() {
+		for range errCh {
+		}
+	}()
+
+	// Push the entries into the store channel and make sure discovery emits.
+	mockCh <- kvs
+	c.Assert(<-ch, check.DeepEquals, expected)
+
+	// Add a new entry.
+	expected = append(expected, &discovery.Entry{Host: "3.3.3.3", Port: "3333"})
+	kvs = append(kvs, &store.KVPair{Key: path.Join("path", defaultDiscoveryPath, "3.3.3.3"), Value: []byte("3.3.3.3:3333")})
+	mockCh <- kvs
+	c.Assert(<-ch, check.DeepEquals, expected)
+
+	close(mockCh)
+	// Give it enough time to call WatchTree.
+	time.Sleep(3)
+
+	// Stop and make sure it closes all channels.
+	close(stopCh)
+	c.Assert(<-ch, check.IsNil)
+	c.Assert(<-errCh, check.IsNil)
+}
+
+// FakeStore implements store.Store methods. It mocks all store
+// function in a simple, naive way.
+type FakeStore struct {
+	Endpoints  []string
+	Options    *store.Config
+	mockKVChan <-chan []*store.KVPair
+
+	watchTreeCallCount int
+}
+
+func (s *FakeStore) Put(key string, value []byte, options *store.WriteOptions) error {
+	return nil
+}
+
+func (s *FakeStore) Get(key string) (*store.KVPair, error) {
+	return nil, nil
+}
+
+func (s *FakeStore) Delete(key string) error {
+	return nil
+}
+
+func (s *FakeStore) Exists(key string) (bool, error) {
+	return true, nil
+}
+
+func (s *FakeStore) Watch(key string, stopCh <-chan struct{}) (<-chan *store.KVPair, error) {
+	return nil, nil
+}
+
+// WatchTree will fail the first time, and return the mockKVchan afterwards.
+// This is the behavior we need for testing.. If we need 'moar', should update this.
+func (s *FakeStore) WatchTree(directory string, stopCh <-chan struct{}) (<-chan []*store.KVPair, error) {
+	if s.watchTreeCallCount == 0 {
+		s.watchTreeCallCount = 1
+		return nil, errors.New("test error")
+	}
+	// First calls error
+	return s.mockKVChan, nil
+}
+
+func (s *FakeStore) NewLock(key string, options *store.LockOptions) (store.Locker, error) {
+	return nil, nil
+}
+
+func (s *FakeStore) List(directory string) ([]*store.KVPair, error) {
+	return []*store.KVPair{}, nil
+}
+
+func (s *FakeStore) DeleteTree(directory string) error {
+	return nil
+}
+
+func (s *FakeStore) AtomicPut(key string, value []byte, previous *store.KVPair, options *store.WriteOptions) (bool, *store.KVPair, error) {
+	return true, nil, nil
+}
+
+func (s *FakeStore) AtomicDelete(key string, previous *store.KVPair) (bool, error) {
+	return true, nil
+}
+
+func (s *FakeStore) Close() {
+}
diff --git a/pkg/discovery/memory/memory.go b/pkg/discovery/memory/memory.go
new file mode 100644
index 00000000..777a9a16
--- /dev/null
+++ b/pkg/discovery/memory/memory.go
@@ -0,0 +1,83 @@
+package memory
+
+import (
+	"time"
+
+	"github.com/docker/docker/pkg/discovery"
+)
+
+// Discovery implements a descovery backend that keeps
+// data in memory.
+type Discovery struct {
+	heartbeat time.Duration
+	values    []string
+}
+
+func init() {
+	Init()
+}
+
+// Init registers the memory backend on demand.
+func Init() {
+	discovery.Register("memory", &Discovery{})
+}
+
+// Initialize sets the heartbeat for the memory backend.
+func (s *Discovery) Initialize(_ string, heartbeat time.Duration, _ time.Duration, _ map[string]string) error {
+	s.heartbeat = heartbeat
+	s.values = make([]string, 0)
+	return nil
+}
+
+// Watch sends periodic discovery updates to a channel.
+func (s *Discovery) Watch(stopCh <-chan struct{}) (<-chan discovery.Entries, <-chan error) {
+	ch := make(chan discovery.Entries)
+	errCh := make(chan error)
+	ticker := time.NewTicker(s.heartbeat)
+
+	go func() {
+		defer close(errCh)
+		defer close(ch)
+
+		// Send the initial entries if available.
+		var currentEntries discovery.Entries
+		if len(s.values) > 0 {
+			var err error
+			currentEntries, err = discovery.CreateEntries(s.values)
+			if err != nil {
+				errCh <- err
+			} else {
+				ch <- currentEntries
+			}
+		}
+
+		// Periodically send updates.
+		for {
+			select {
+			case <-ticker.C:
+				newEntries, err := discovery.CreateEntries(s.values)
+				if err != nil {
+					errCh <- err
+					continue
+				}
+
+				// Check if the file has really changed.
+				if !newEntries.Equals(currentEntries) {
+					ch <- newEntries
+				}
+				currentEntries = newEntries
+			case <-stopCh:
+				ticker.Stop()
+				return
+			}
+		}
+	}()
+
+	return ch, errCh
+}
+
+// Register adds a new address to the discovery.
+func (s *Discovery) Register(addr string) error {
+	s.values = append(s.values, addr)
+	return nil
+}
diff --git a/pkg/discovery/memory/memory_test.go b/pkg/discovery/memory/memory_test.go
new file mode 100644
index 00000000..c2da0a06
--- /dev/null
+++ b/pkg/discovery/memory/memory_test.go
@@ -0,0 +1,48 @@
+package memory
+
+import (
+	"testing"
+
+	"github.com/docker/docker/pkg/discovery"
+	"github.com/go-check/check"
+)
+
+// Hook up gocheck into the "go test" runner.
+func Test(t *testing.T) { check.TestingT(t) }
+
+type discoverySuite struct{}
+
+var _ = check.Suite(&discoverySuite{})
+
+func (s *discoverySuite) TestWatch(c *check.C) {
+	d := &Discovery{}
+	d.Initialize("foo", 1000, 0, nil)
+	stopCh := make(chan struct{})
+	ch, errCh := d.Watch(stopCh)
+
+	// We have to drain the error channel otherwise Watch will get stuck.
+	go func() {
+		for range errCh {
+		}
+	}()
+
+	expected := discovery.Entries{
+		&discovery.Entry{Host: "1.1.1.1", Port: "1111"},
+	}
+
+	c.Assert(d.Register("1.1.1.1:1111"), check.IsNil)
+	c.Assert(<-ch, check.DeepEquals, expected)
+
+	expected = discovery.Entries{
+		&discovery.Entry{Host: "1.1.1.1", Port: "1111"},
+		&discovery.Entry{Host: "2.2.2.2", Port: "2222"},
+	}
+
+	c.Assert(d.Register("2.2.2.2:2222"), check.IsNil)
+	c.Assert(<-ch, check.DeepEquals, expected)
+
+	// Stop and make sure it closes all channels.
+	close(stopCh)
+	c.Assert(<-ch, check.IsNil)
+	c.Assert(<-errCh, check.IsNil)
+}
diff --git a/pkg/discovery/nodes/nodes.go b/pkg/discovery/nodes/nodes.go
new file mode 100644
index 00000000..c0e3c07b
--- /dev/null
+++ b/pkg/discovery/nodes/nodes.go
@@ -0,0 +1,54 @@
+package nodes
+
+import (
+	"fmt"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/discovery"
+)
+
+// Discovery is exported
+type Discovery struct {
+	entries discovery.Entries
+}
+
+func init() {
+	Init()
+}
+
+// Init is exported
+func Init() {
+	discovery.Register("nodes", &Discovery{})
+}
+
+// Initialize is exported
+func (s *Discovery) Initialize(uris string, _ time.Duration, _ time.Duration, _ map[string]string) error {
+	for _, input := range strings.Split(uris, ",") {
+		for _, ip := range discovery.Generate(input) {
+			entry, err := discovery.NewEntry(ip)
+			if err != nil {
+				return fmt.Errorf("%s, please check you are using the correct discovery (missing token:// ?)", err.Error())
+			}
+			s.entries = append(s.entries, entry)
+		}
+	}
+
+	return nil
+}
+
+// Watch is exported
+func (s *Discovery) Watch(stopCh <-chan struct{}) (<-chan discovery.Entries, <-chan error) {
+	ch := make(chan discovery.Entries)
+	go func() {
+		defer close(ch)
+		ch <- s.entries
+		<-stopCh
+	}()
+	return ch, nil
+}
+
+// Register is exported
+func (s *Discovery) Register(addr string) error {
+	return discovery.ErrNotImplemented
+}
diff --git a/pkg/discovery/nodes/nodes_test.go b/pkg/discovery/nodes/nodes_test.go
new file mode 100644
index 00000000..e26568cf
--- /dev/null
+++ b/pkg/discovery/nodes/nodes_test.go
@@ -0,0 +1,51 @@
+package nodes
+
+import (
+	"testing"
+
+	"github.com/docker/docker/pkg/discovery"
+
+	"github.com/go-check/check"
+)
+
+// Hook up gocheck into the "go test" runner.
+func Test(t *testing.T) { check.TestingT(t) }
+
+type DiscoverySuite struct{}
+
+var _ = check.Suite(&DiscoverySuite{})
+
+func (s *DiscoverySuite) TestInitialize(c *check.C) {
+	d := &Discovery{}
+	d.Initialize("1.1.1.1:1111,2.2.2.2:2222", 0, 0, nil)
+	c.Assert(len(d.entries), check.Equals, 2)
+	c.Assert(d.entries[0].String(), check.Equals, "1.1.1.1:1111")
+	c.Assert(d.entries[1].String(), check.Equals, "2.2.2.2:2222")
+}
+
+func (s *DiscoverySuite) TestInitializeWithPattern(c *check.C) {
+	d := &Discovery{}
+	d.Initialize("1.1.1.[1:2]:1111,2.2.2.[2:4]:2222", 0, 0, nil)
+	c.Assert(len(d.entries), check.Equals, 5)
+	c.Assert(d.entries[0].String(), check.Equals, "1.1.1.1:1111")
+	c.Assert(d.entries[1].String(), check.Equals, "1.1.1.2:1111")
+	c.Assert(d.entries[2].String(), check.Equals, "2.2.2.2:2222")
+	c.Assert(d.entries[3].String(), check.Equals, "2.2.2.3:2222")
+	c.Assert(d.entries[4].String(), check.Equals, "2.2.2.4:2222")
+}
+
+func (s *DiscoverySuite) TestWatch(c *check.C) {
+	d := &Discovery{}
+	d.Initialize("1.1.1.1:1111,2.2.2.2:2222", 0, 0, nil)
+	expected := discovery.Entries{
+		&discovery.Entry{Host: "1.1.1.1", Port: "1111"},
+		&discovery.Entry{Host: "2.2.2.2", Port: "2222"},
+	}
+	ch, _ := d.Watch(nil)
+	c.Assert(expected.Equals(<-ch), check.Equals, true)
+}
+
+func (s *DiscoverySuite) TestRegister(c *check.C) {
+	d := &Discovery{}
+	c.Assert(d.Register("0.0.0.0"), check.NotNil)
+}
diff --git a/pkg/filenotify/filenotify.go b/pkg/filenotify/filenotify.go
new file mode 100644
index 00000000..23befae6
--- /dev/null
+++ b/pkg/filenotify/filenotify.go
@@ -0,0 +1,40 @@
+// Package filenotify provides a mechanism for watching file(s) for changes.
+// Generally leans on fsnotify, but provides a poll-based notifier which fsnotify does not support.
+// These are wrapped up in a common interface so that either can be used interchangeably in your code.
+package filenotify
+
+import "gopkg.in/fsnotify.v1"
+
+// FileWatcher is an interface for implementing file notification watchers
+type FileWatcher interface {
+	Events() <-chan fsnotify.Event
+	Errors() <-chan error
+	Add(name string) error
+	Remove(name string) error
+	Close() error
+}
+
+// New tries to use an fs-event watcher, and falls back to the poller if there is an error
+func New() (FileWatcher, error) {
+	if watcher, err := NewEventWatcher(); err == nil {
+		return watcher, nil
+	}
+	return NewPollingWatcher(), nil
+}
+
+// NewPollingWatcher returns a poll-based file watcher
+func NewPollingWatcher() FileWatcher {
+	return &filePoller{
+		events: make(chan fsnotify.Event),
+		errors: make(chan error),
+	}
+}
+
+// NewEventWatcher returns an fs-event based file watcher
+func NewEventWatcher() (FileWatcher, error) {
+	watcher, err := fsnotify.NewWatcher()
+	if err != nil {
+		return nil, err
+	}
+	return &fsNotifyWatcher{watcher}, nil
+}
diff --git a/pkg/filenotify/fsnotify.go b/pkg/filenotify/fsnotify.go
new file mode 100644
index 00000000..42038835
--- /dev/null
+++ b/pkg/filenotify/fsnotify.go
@@ -0,0 +1,18 @@
+package filenotify
+
+import "gopkg.in/fsnotify.v1"
+
+// fsNotify wraps the fsnotify package to satisfy the FileNotifer interface
+type fsNotifyWatcher struct {
+	*fsnotify.Watcher
+}
+
+// GetEvents returns the fsnotify event channel receiver
+func (w *fsNotifyWatcher) Events() <-chan fsnotify.Event {
+	return w.Watcher.Events
+}
+
+// GetErrors returns the fsnotify error channel receiver
+func (w *fsNotifyWatcher) Errors() <-chan error {
+	return w.Watcher.Errors
+}
diff --git a/pkg/filenotify/poller.go b/pkg/filenotify/poller.go
new file mode 100644
index 00000000..52610853
--- /dev/null
+++ b/pkg/filenotify/poller.go
@@ -0,0 +1,204 @@
+package filenotify
+
+import (
+	"errors"
+	"fmt"
+	"os"
+	"sync"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+
+	"gopkg.in/fsnotify.v1"
+)
+
+var (
+	// errPollerClosed is returned when the poller is closed
+	errPollerClosed = errors.New("poller is closed")
+	// errNoSuchPoller is returned when trying to remove a watch that doesn't exist
+	errNoSuchWatch = errors.New("poller does not exist")
+)
+
+// watchWaitTime is the time to wait between file poll loops
+const watchWaitTime = 200 * time.Millisecond
+
+// filePoller is used to poll files for changes, especially in cases where fsnotify
+// can't be run (e.g. when inotify handles are exhausted)
+// filePoller satisfies the FileWatcher interface
+type filePoller struct {
+	// watches is the list of files currently being polled, close the associated channel to stop the watch
+	watches map[string]chan struct{}
+	// events is the channel to listen to for watch events
+	events chan fsnotify.Event
+	// errors is the channel to listen to for watch errors
+	errors chan error
+	// mu locks the poller for modification
+	mu sync.Mutex
+	// closed is used to specify when the poller has already closed
+	closed bool
+}
+
+// Add adds a filename to the list of watches
+// once added the file is polled for changes in a separate goroutine
+func (w *filePoller) Add(name string) error {
+	w.mu.Lock()
+	defer w.mu.Unlock()
+
+	if w.closed == true {
+		return errPollerClosed
+	}
+
+	f, err := os.Open(name)
+	if err != nil {
+		return err
+	}
+	fi, err := os.Stat(name)
+	if err != nil {
+		return err
+	}
+
+	if w.watches == nil {
+		w.watches = make(map[string]chan struct{})
+	}
+	if _, exists := w.watches[name]; exists {
+		return fmt.Errorf("watch exists")
+	}
+	chClose := make(chan struct{})
+	w.watches[name] = chClose
+
+	go w.watch(f, fi, chClose)
+	return nil
+}
+
+// Remove stops and removes watch with the specified name
+func (w *filePoller) Remove(name string) error {
+	w.mu.Lock()
+	defer w.mu.Unlock()
+	return w.remove(name)
+}
+
+func (w *filePoller) remove(name string) error {
+	if w.closed == true {
+		return errPollerClosed
+	}
+
+	chClose, exists := w.watches[name]
+	if !exists {
+		return errNoSuchWatch
+	}
+	close(chClose)
+	delete(w.watches, name)
+	return nil
+}
+
+// Events returns the event channel
+// This is used for notifications on events about watched files
+func (w *filePoller) Events() <-chan fsnotify.Event {
+	return w.events
+}
+
+// Errors returns the errors channel
+// This is used for notifications about errors on watched files
+func (w *filePoller) Errors() <-chan error {
+	return w.errors
+}
+
+// Close closes the poller
+// All watches are stopped, removed, and the poller cannot be added to
+func (w *filePoller) Close() error {
+	w.mu.Lock()
+	defer w.mu.Unlock()
+
+	if w.closed {
+		return nil
+	}
+
+	w.closed = true
+	for name := range w.watches {
+		w.remove(name)
+		delete(w.watches, name)
+	}
+	return nil
+}
+
+// sendEvent publishes the specified event to the events channel
+func (w *filePoller) sendEvent(e fsnotify.Event, chClose <-chan struct{}) error {
+	select {
+	case w.events <- e:
+	case <-chClose:
+		return fmt.Errorf("closed")
+	}
+	return nil
+}
+
+// sendErr publishes the specified error to the errors channel
+func (w *filePoller) sendErr(e error, chClose <-chan struct{}) error {
+	select {
+	case w.errors <- e:
+	case <-chClose:
+		return fmt.Errorf("closed")
+	}
+	return nil
+}
+
+// watch is responsible for polling the specified file for changes
+// upon finding changes to a file or errors, sendEvent/sendErr is called
+func (w *filePoller) watch(f *os.File, lastFi os.FileInfo, chClose chan struct{}) {
+	defer f.Close()
+	for {
+		time.Sleep(watchWaitTime)
+		select {
+		case <-chClose:
+			logrus.Debugf("watch for %s closed", f.Name())
+			return
+		default:
+		}
+
+		fi, err := os.Stat(f.Name())
+		if err != nil {
+			// if we got an error here and lastFi is not set, we can presume that nothing has changed
+			// This should be safe since before `watch()` is called, a stat is performed, there is any error `watch` is not called
+			if lastFi == nil {
+				continue
+			}
+			// If it doesn't exist at this point, it must have been removed
+			// no need to send the error here since this is a valid operation
+			if os.IsNotExist(err) {
+				if err := w.sendEvent(fsnotify.Event{Op: fsnotify.Remove, Name: f.Name()}, chClose); err != nil {
+					return
+				}
+				lastFi = nil
+				continue
+			}
+			// at this point, send the error
+			if err := w.sendErr(err, chClose); err != nil {
+				return
+			}
+			continue
+		}
+
+		if lastFi == nil {
+			if err := w.sendEvent(fsnotify.Event{Op: fsnotify.Create, Name: fi.Name()}, chClose); err != nil {
+				return
+			}
+			lastFi = fi
+			continue
+		}
+
+		if fi.Mode() != lastFi.Mode() {
+			if err := w.sendEvent(fsnotify.Event{Op: fsnotify.Chmod, Name: fi.Name()}, chClose); err != nil {
+				return
+			}
+			lastFi = fi
+			continue
+		}
+
+		if fi.ModTime() != lastFi.ModTime() || fi.Size() != lastFi.Size() {
+			if err := w.sendEvent(fsnotify.Event{Op: fsnotify.Write, Name: fi.Name()}, chClose); err != nil {
+				return
+			}
+			lastFi = fi
+			continue
+		}
+	}
+}
diff --git a/pkg/filenotify/poller_test.go b/pkg/filenotify/poller_test.go
new file mode 100644
index 00000000..4f502623
--- /dev/null
+++ b/pkg/filenotify/poller_test.go
@@ -0,0 +1,119 @@
+package filenotify
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"runtime"
+	"testing"
+	"time"
+
+	"gopkg.in/fsnotify.v1"
+)
+
+func TestPollerAddRemove(t *testing.T) {
+	w := NewPollingWatcher()
+
+	if err := w.Add("no-such-file"); err == nil {
+		t.Fatal("should have gotten error when adding a non-existent file")
+	}
+	if err := w.Remove("no-such-file"); err == nil {
+		t.Fatal("should have gotten error when removing non-existent watch")
+	}
+
+	f, err := ioutil.TempFile("", "asdf")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(f.Name())
+
+	if err := w.Add(f.Name()); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := w.Remove(f.Name()); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestPollerEvent(t *testing.T) {
+	if runtime.GOOS == "windows" {
+		t.Skip("No chmod on Windows")
+	}
+	w := NewPollingWatcher()
+
+	f, err := ioutil.TempFile("", "test-poller")
+	if err != nil {
+		t.Fatal("error creating temp file")
+	}
+	defer os.RemoveAll(f.Name())
+	f.Close()
+
+	if err := w.Add(f.Name()); err != nil {
+		t.Fatal(err)
+	}
+
+	select {
+	case <-w.Events():
+		t.Fatal("got event before anything happened")
+	case <-w.Errors():
+		t.Fatal("got error before anything happened")
+	default:
+	}
+
+	if err := ioutil.WriteFile(f.Name(), []byte("hello"), 644); err != nil {
+		t.Fatal(err)
+	}
+	if err := assertEvent(w, fsnotify.Write); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := os.Chmod(f.Name(), 600); err != nil {
+		t.Fatal(err)
+	}
+	if err := assertEvent(w, fsnotify.Chmod); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := os.Remove(f.Name()); err != nil {
+		t.Fatal(err)
+	}
+	if err := assertEvent(w, fsnotify.Remove); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestPollerClose(t *testing.T) {
+	w := NewPollingWatcher()
+	if err := w.Close(); err != nil {
+		t.Fatal(err)
+	}
+	// test double-close
+	if err := w.Close(); err != nil {
+		t.Fatal(err)
+	}
+
+	f, err := ioutil.TempFile("", "asdf")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(f.Name())
+	if err := w.Add(f.Name()); err == nil {
+		t.Fatal("should have gotten error adding watch for closed watcher")
+	}
+}
+
+func assertEvent(w FileWatcher, eType fsnotify.Op) error {
+	var err error
+	select {
+	case e := <-w.Events():
+		if e.Op != eType {
+			err = fmt.Errorf("got wrong event type, expected %q: %v", eType, e)
+		}
+	case e := <-w.Errors():
+		err = fmt.Errorf("got unexpected error waiting for events %v: %v", eType, e)
+	case <-time.After(watchWaitTime * 3):
+		err = fmt.Errorf("timeout waiting for event %v", eType)
+	}
+	return err
+}
diff --git a/pkg/fileutils/fileutils.go b/pkg/fileutils/fileutils.go
new file mode 100644
index 00000000..c1e309fe
--- /dev/null
+++ b/pkg/fileutils/fileutils.go
@@ -0,0 +1,283 @@
+package fileutils
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+	"regexp"
+	"strings"
+	"text/scanner"
+
+	"github.com/Sirupsen/logrus"
+)
+
+// exclusion return true if the specified pattern is an exclusion
+func exclusion(pattern string) bool {
+	return pattern[0] == '!'
+}
+
+// empty return true if the specified pattern is empty
+func empty(pattern string) bool {
+	return pattern == ""
+}
+
+// CleanPatterns takes a slice of patterns returns a new
+// slice of patterns cleaned with filepath.Clean, stripped
+// of any empty patterns and lets the caller know whether the
+// slice contains any exception patterns (prefixed with !).
+func CleanPatterns(patterns []string) ([]string, [][]string, bool, error) {
+	// Loop over exclusion patterns and:
+	// 1. Clean them up.
+	// 2. Indicate whether we are dealing with any exception rules.
+	// 3. Error if we see a single exclusion marker on it's own (!).
+	cleanedPatterns := []string{}
+	patternDirs := [][]string{}
+	exceptions := false
+	for _, pattern := range patterns {
+		// Eliminate leading and trailing whitespace.
+		pattern = strings.TrimSpace(pattern)
+		if empty(pattern) {
+			continue
+		}
+		if exclusion(pattern) {
+			if len(pattern) == 1 {
+				return nil, nil, false, errors.New("Illegal exclusion pattern: !")
+			}
+			exceptions = true
+		}
+		pattern = filepath.Clean(pattern)
+		cleanedPatterns = append(cleanedPatterns, pattern)
+		if exclusion(pattern) {
+			pattern = pattern[1:]
+		}
+		patternDirs = append(patternDirs, strings.Split(pattern, string(os.PathSeparator)))
+	}
+
+	return cleanedPatterns, patternDirs, exceptions, nil
+}
+
+// Matches returns true if file matches any of the patterns
+// and isn't excluded by any of the subsequent patterns.
+func Matches(file string, patterns []string) (bool, error) {
+	file = filepath.Clean(file)
+
+	if file == "." {
+		// Don't let them exclude everything, kind of silly.
+		return false, nil
+	}
+
+	patterns, patDirs, _, err := CleanPatterns(patterns)
+	if err != nil {
+		return false, err
+	}
+
+	return OptimizedMatches(file, patterns, patDirs)
+}
+
+// OptimizedMatches is basically the same as fileutils.Matches() but optimized for archive.go.
+// It will assume that the inputs have been preprocessed and therefore the function
+// doesn't need to do as much error checking and clean-up. This was done to avoid
+// repeating these steps on each file being checked during the archive process.
+// The more generic fileutils.Matches() can't make these assumptions.
+func OptimizedMatches(file string, patterns []string, patDirs [][]string) (bool, error) {
+	matched := false
+	file = filepath.FromSlash(file)
+	parentPath := filepath.Dir(file)
+	parentPathDirs := strings.Split(parentPath, string(os.PathSeparator))
+
+	for i, pattern := range patterns {
+		negative := false
+
+		if exclusion(pattern) {
+			negative = true
+			pattern = pattern[1:]
+		}
+
+		match, err := regexpMatch(pattern, file)
+		if err != nil {
+			return false, fmt.Errorf("Error in pattern (%s): %s", pattern, err)
+		}
+
+		if !match && parentPath != "." {
+			// Check to see if the pattern matches one of our parent dirs.
+			if len(patDirs[i]) <= len(parentPathDirs) {
+				match, _ = regexpMatch(strings.Join(patDirs[i], string(os.PathSeparator)),
+					strings.Join(parentPathDirs[:len(patDirs[i])], string(os.PathSeparator)))
+			}
+		}
+
+		if match {
+			matched = !negative
+		}
+	}
+
+	if matched {
+		logrus.Debugf("Skipping excluded path: %s", file)
+	}
+
+	return matched, nil
+}
+
+// regexpMatch tries to match the logic of filepath.Match but
+// does so using regexp logic. We do this so that we can expand the
+// wildcard set to include other things, like "**" to mean any number
+// of directories.  This means that we should be backwards compatible
+// with filepath.Match(). We'll end up supporting more stuff, due to
+// the fact that we're using regexp, but that's ok - it does no harm.
+//
+// As per the comment in golangs filepath.Match, on Windows, escaping
+// is disabled. Instead, '\\' is treated as path separator.
+func regexpMatch(pattern, path string) (bool, error) {
+	regStr := "^"
+
+	// Do some syntax checking on the pattern.
+	// filepath's Match() has some really weird rules that are inconsistent
+	// so instead of trying to dup their logic, just call Match() for its
+	// error state and if there is an error in the pattern return it.
+	// If this becomes an issue we can remove this since its really only
+	// needed in the error (syntax) case - which isn't really critical.
+	if _, err := filepath.Match(pattern, path); err != nil {
+		return false, err
+	}
+
+	// Go through the pattern and convert it to a regexp.
+	// We use a scanner so we can support utf-8 chars.
+	var scan scanner.Scanner
+	scan.Init(strings.NewReader(pattern))
+
+	sl := string(os.PathSeparator)
+	escSL := sl
+	if sl == `\` {
+		escSL += `\`
+	}
+
+	for scan.Peek() != scanner.EOF {
+		ch := scan.Next()
+
+		if ch == '*' {
+			if scan.Peek() == '*' {
+				// is some flavor of "**"
+				scan.Next()
+
+				if scan.Peek() == scanner.EOF {
+					// is "**EOF" - to align with .gitignore just accept all
+					regStr += ".*"
+				} else {
+					// is "**"
+					regStr += "((.*" + escSL + ")|([^" + escSL + "]*))"
+				}
+
+				// Treat **/ as ** so eat the "/"
+				if string(scan.Peek()) == sl {
+					scan.Next()
+				}
+			} else {
+				// is "*" so map it to anything but "/"
+				regStr += "[^" + escSL + "]*"
+			}
+		} else if ch == '?' {
+			// "?" is any char except "/"
+			regStr += "[^" + escSL + "]"
+		} else if strings.Index(".$", string(ch)) != -1 {
+			// Escape some regexp special chars that have no meaning
+			// in golang's filepath.Match
+			regStr += `\` + string(ch)
+		} else if ch == '\\' {
+			// escape next char. Note that a trailing \ in the pattern
+			// will be left alone (but need to escape it)
+			if sl == `\` {
+				// On windows map "\" to "\\", meaning an escaped backslash,
+				// and then just continue because filepath.Match on
+				// Windows doesn't allow escaping at all
+				regStr += escSL
+				continue
+			}
+			if scan.Peek() != scanner.EOF {
+				regStr += `\` + string(scan.Next())
+			} else {
+				regStr += `\`
+			}
+		} else {
+			regStr += string(ch)
+		}
+	}
+
+	regStr += "$"
+
+	res, err := regexp.MatchString(regStr, path)
+
+	// Map regexp's error to filepath's so no one knows we're not using filepath
+	if err != nil {
+		err = filepath.ErrBadPattern
+	}
+
+	return res, err
+}
+
+// CopyFile copies from src to dst until either EOF is reached
+// on src or an error occurs. It verifies src exists and remove
+// the dst if it exists.
+func CopyFile(src, dst string) (int64, error) {
+	cleanSrc := filepath.Clean(src)
+	cleanDst := filepath.Clean(dst)
+	if cleanSrc == cleanDst {
+		return 0, nil
+	}
+	sf, err := os.Open(cleanSrc)
+	if err != nil {
+		return 0, err
+	}
+	defer sf.Close()
+	if err := os.Remove(cleanDst); err != nil && !os.IsNotExist(err) {
+		return 0, err
+	}
+	df, err := os.Create(cleanDst)
+	if err != nil {
+		return 0, err
+	}
+	defer df.Close()
+	return io.Copy(df, sf)
+}
+
+// ReadSymlinkedDirectory returns the target directory of a symlink.
+// The target of the symbolic link may not be a file.
+func ReadSymlinkedDirectory(path string) (string, error) {
+	var realPath string
+	var err error
+	if realPath, err = filepath.Abs(path); err != nil {
+		return "", fmt.Errorf("unable to get absolute path for %s: %s", path, err)
+	}
+	if realPath, err = filepath.EvalSymlinks(realPath); err != nil {
+		return "", fmt.Errorf("failed to canonicalise path for %s: %s", path, err)
+	}
+	realPathInfo, err := os.Stat(realPath)
+	if err != nil {
+		return "", fmt.Errorf("failed to stat target '%s' of '%s': %s", realPath, path, err)
+	}
+	if !realPathInfo.Mode().IsDir() {
+		return "", fmt.Errorf("canonical path points to a file '%s'", realPath)
+	}
+	return realPath, nil
+}
+
+// CreateIfNotExists creates a file or a directory only if it does not already exist.
+func CreateIfNotExists(path string, isDir bool) error {
+	if _, err := os.Stat(path); err != nil {
+		if os.IsNotExist(err) {
+			if isDir {
+				return os.MkdirAll(path, 0755)
+			}
+			if err := os.MkdirAll(filepath.Dir(path), 0755); err != nil {
+				return err
+			}
+			f, err := os.OpenFile(path, os.O_CREATE, 0755)
+			if err != nil {
+				return err
+			}
+			f.Close()
+		}
+	}
+	return nil
+}
diff --git a/pkg/fileutils/fileutils_test.go b/pkg/fileutils/fileutils_test.go
new file mode 100644
index 00000000..6df1be89
--- /dev/null
+++ b/pkg/fileutils/fileutils_test.go
@@ -0,0 +1,585 @@
+package fileutils
+
+import (
+	"io/ioutil"
+	"os"
+	"path"
+	"path/filepath"
+	"runtime"
+	"strings"
+	"testing"
+)
+
+// CopyFile with invalid src
+func TestCopyFileWithInvalidSrc(t *testing.T) {
+	tempFolder, err := ioutil.TempDir("", "docker-fileutils-test")
+	defer os.RemoveAll(tempFolder)
+	if err != nil {
+		t.Fatal(err)
+	}
+	bytes, err := CopyFile("/invalid/file/path", path.Join(tempFolder, "dest"))
+	if err == nil {
+		t.Fatal("Should have fail to copy an invalid src file")
+	}
+	if bytes != 0 {
+		t.Fatal("Should have written 0 bytes")
+	}
+
+}
+
+// CopyFile with invalid dest
+func TestCopyFileWithInvalidDest(t *testing.T) {
+	tempFolder, err := ioutil.TempDir("", "docker-fileutils-test")
+	defer os.RemoveAll(tempFolder)
+	if err != nil {
+		t.Fatal(err)
+	}
+	src := path.Join(tempFolder, "file")
+	err = ioutil.WriteFile(src, []byte("content"), 0740)
+	if err != nil {
+		t.Fatal(err)
+	}
+	bytes, err := CopyFile(src, path.Join(tempFolder, "/invalid/dest/path"))
+	if err == nil {
+		t.Fatal("Should have fail to copy an invalid src file")
+	}
+	if bytes != 0 {
+		t.Fatal("Should have written 0 bytes")
+	}
+
+}
+
+// CopyFile with same src and dest
+func TestCopyFileWithSameSrcAndDest(t *testing.T) {
+	tempFolder, err := ioutil.TempDir("", "docker-fileutils-test")
+	defer os.RemoveAll(tempFolder)
+	if err != nil {
+		t.Fatal(err)
+	}
+	file := path.Join(tempFolder, "file")
+	err = ioutil.WriteFile(file, []byte("content"), 0740)
+	if err != nil {
+		t.Fatal(err)
+	}
+	bytes, err := CopyFile(file, file)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if bytes != 0 {
+		t.Fatal("Should have written 0 bytes as it is the same file.")
+	}
+}
+
+// CopyFile with same src and dest but path is different and not clean
+func TestCopyFileWithSameSrcAndDestWithPathNameDifferent(t *testing.T) {
+	tempFolder, err := ioutil.TempDir("", "docker-fileutils-test")
+	defer os.RemoveAll(tempFolder)
+	if err != nil {
+		t.Fatal(err)
+	}
+	testFolder := path.Join(tempFolder, "test")
+	err = os.MkdirAll(testFolder, 0740)
+	if err != nil {
+		t.Fatal(err)
+	}
+	file := path.Join(testFolder, "file")
+	sameFile := testFolder + "/../test/file"
+	err = ioutil.WriteFile(file, []byte("content"), 0740)
+	if err != nil {
+		t.Fatal(err)
+	}
+	bytes, err := CopyFile(file, sameFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if bytes != 0 {
+		t.Fatal("Should have written 0 bytes as it is the same file.")
+	}
+}
+
+func TestCopyFile(t *testing.T) {
+	tempFolder, err := ioutil.TempDir("", "docker-fileutils-test")
+	defer os.RemoveAll(tempFolder)
+	if err != nil {
+		t.Fatal(err)
+	}
+	src := path.Join(tempFolder, "src")
+	dest := path.Join(tempFolder, "dest")
+	ioutil.WriteFile(src, []byte("content"), 0777)
+	ioutil.WriteFile(dest, []byte("destContent"), 0777)
+	bytes, err := CopyFile(src, dest)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if bytes != 7 {
+		t.Fatalf("Should have written %d bytes but wrote %d", 7, bytes)
+	}
+	actual, err := ioutil.ReadFile(dest)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if string(actual) != "content" {
+		t.Fatalf("Dest content was '%s', expected '%s'", string(actual), "content")
+	}
+}
+
+// Reading a symlink to a directory must return the directory
+func TestReadSymlinkedDirectoryExistingDirectory(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+	var err error
+	if err = os.Mkdir("/tmp/testReadSymlinkToExistingDirectory", 0777); err != nil {
+		t.Errorf("failed to create directory: %s", err)
+	}
+
+	if err = os.Symlink("/tmp/testReadSymlinkToExistingDirectory", "/tmp/dirLinkTest"); err != nil {
+		t.Errorf("failed to create symlink: %s", err)
+	}
+
+	var path string
+	if path, err = ReadSymlinkedDirectory("/tmp/dirLinkTest"); err != nil {
+		t.Fatalf("failed to read symlink to directory: %s", err)
+	}
+
+	if path != "/tmp/testReadSymlinkToExistingDirectory" {
+		t.Fatalf("symlink returned unexpected directory: %s", path)
+	}
+
+	if err = os.Remove("/tmp/testReadSymlinkToExistingDirectory"); err != nil {
+		t.Errorf("failed to remove temporary directory: %s", err)
+	}
+
+	if err = os.Remove("/tmp/dirLinkTest"); err != nil {
+		t.Errorf("failed to remove symlink: %s", err)
+	}
+}
+
+// Reading a non-existing symlink must fail
+func TestReadSymlinkedDirectoryNonExistingSymlink(t *testing.T) {
+	var path string
+	var err error
+	if path, err = ReadSymlinkedDirectory("/tmp/test/foo/Non/ExistingPath"); err == nil {
+		t.Fatalf("error expected for non-existing symlink")
+	}
+
+	if path != "" {
+		t.Fatalf("expected empty path, but '%s' was returned", path)
+	}
+}
+
+// Reading a symlink to a file must fail
+func TestReadSymlinkedDirectoryToFile(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+	var err error
+	var file *os.File
+
+	if file, err = os.Create("/tmp/testReadSymlinkToFile"); err != nil {
+		t.Fatalf("failed to create file: %s", err)
+	}
+
+	file.Close()
+
+	if err = os.Symlink("/tmp/testReadSymlinkToFile", "/tmp/fileLinkTest"); err != nil {
+		t.Errorf("failed to create symlink: %s", err)
+	}
+
+	var path string
+	if path, err = ReadSymlinkedDirectory("/tmp/fileLinkTest"); err == nil {
+		t.Fatalf("ReadSymlinkedDirectory on a symlink to a file should've failed")
+	}
+
+	if path != "" {
+		t.Fatalf("path should've been empty: %s", path)
+	}
+
+	if err = os.Remove("/tmp/testReadSymlinkToFile"); err != nil {
+		t.Errorf("failed to remove file: %s", err)
+	}
+
+	if err = os.Remove("/tmp/fileLinkTest"); err != nil {
+		t.Errorf("failed to remove symlink: %s", err)
+	}
+}
+
+func TestWildcardMatches(t *testing.T) {
+	match, _ := Matches("fileutils.go", []string{"*"})
+	if match != true {
+		t.Errorf("failed to get a wildcard match, got %v", match)
+	}
+}
+
+// A simple pattern match should return true.
+func TestPatternMatches(t *testing.T) {
+	match, _ := Matches("fileutils.go", []string{"*.go"})
+	if match != true {
+		t.Errorf("failed to get a match, got %v", match)
+	}
+}
+
+// An exclusion followed by an inclusion should return true.
+func TestExclusionPatternMatchesPatternBefore(t *testing.T) {
+	match, _ := Matches("fileutils.go", []string{"!fileutils.go", "*.go"})
+	if match != true {
+		t.Errorf("failed to get true match on exclusion pattern, got %v", match)
+	}
+}
+
+// A folder pattern followed by an exception should return false.
+func TestPatternMatchesFolderExclusions(t *testing.T) {
+	match, _ := Matches("docs/README.md", []string{"docs", "!docs/README.md"})
+	if match != false {
+		t.Errorf("failed to get a false match on exclusion pattern, got %v", match)
+	}
+}
+
+// A folder pattern followed by an exception should return false.
+func TestPatternMatchesFolderWithSlashExclusions(t *testing.T) {
+	match, _ := Matches("docs/README.md", []string{"docs/", "!docs/README.md"})
+	if match != false {
+		t.Errorf("failed to get a false match on exclusion pattern, got %v", match)
+	}
+}
+
+// A folder pattern followed by an exception should return false.
+func TestPatternMatchesFolderWildcardExclusions(t *testing.T) {
+	match, _ := Matches("docs/README.md", []string{"docs/*", "!docs/README.md"})
+	if match != false {
+		t.Errorf("failed to get a false match on exclusion pattern, got %v", match)
+	}
+}
+
+// A pattern followed by an exclusion should return false.
+func TestExclusionPatternMatchesPatternAfter(t *testing.T) {
+	match, _ := Matches("fileutils.go", []string{"*.go", "!fileutils.go"})
+	if match != false {
+		t.Errorf("failed to get false match on exclusion pattern, got %v", match)
+	}
+}
+
+// A filename evaluating to . should return false.
+func TestExclusionPatternMatchesWholeDirectory(t *testing.T) {
+	match, _ := Matches(".", []string{"*.go"})
+	if match != false {
+		t.Errorf("failed to get false match on ., got %v", match)
+	}
+}
+
+// A single ! pattern should return an error.
+func TestSingleExclamationError(t *testing.T) {
+	_, err := Matches("fileutils.go", []string{"!"})
+	if err == nil {
+		t.Errorf("failed to get an error for a single exclamation point, got %v", err)
+	}
+}
+
+// A string preceded with a ! should return true from Exclusion.
+func TestExclusion(t *testing.T) {
+	exclusion := exclusion("!")
+	if !exclusion {
+		t.Errorf("failed to get true for a single !, got %v", exclusion)
+	}
+}
+
+// Matches with no patterns
+func TestMatchesWithNoPatterns(t *testing.T) {
+	matches, err := Matches("/any/path/there", []string{})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if matches {
+		t.Fatalf("Should not have match anything")
+	}
+}
+
+// Matches with malformed patterns
+func TestMatchesWithMalformedPatterns(t *testing.T) {
+	matches, err := Matches("/any/path/there", []string{"["})
+	if err == nil {
+		t.Fatal("Should have failed because of a malformed syntax in the pattern")
+	}
+	if matches {
+		t.Fatalf("Should not have match anything")
+	}
+}
+
+// Test lots of variants of patterns & strings
+func TestMatches(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+	tests := []struct {
+		pattern string
+		text    string
+		pass    bool
+	}{
+		{"**", "file", true},
+		{"**", "file/", true},
+		{"**/", "file", true}, // weird one
+		{"**/", "file/", true},
+		{"**", "/", true},
+		{"**/", "/", true},
+		{"**", "dir/file", true},
+		{"**/", "dir/file", false},
+		{"**", "dir/file/", true},
+		{"**/", "dir/file/", true},
+		{"**/**", "dir/file", true},
+		{"**/**", "dir/file/", true},
+		{"dir/**", "dir/file", true},
+		{"dir/**", "dir/file/", true},
+		{"dir/**", "dir/dir2/file", true},
+		{"dir/**", "dir/dir2/file/", true},
+		{"**/dir2/*", "dir/dir2/file", true},
+		{"**/dir2/*", "dir/dir2/file/", false},
+		{"**/dir2/**", "dir/dir2/dir3/file", true},
+		{"**/dir2/**", "dir/dir2/dir3/file/", true},
+		{"**file", "file", true},
+		{"**file", "dir/file", true},
+		{"**/file", "dir/file", true},
+		{"**file", "dir/dir/file", true},
+		{"**/file", "dir/dir/file", true},
+		{"**/file*", "dir/dir/file", true},
+		{"**/file*", "dir/dir/file.txt", true},
+		{"**/file*txt", "dir/dir/file.txt", true},
+		{"**/file*.txt", "dir/dir/file.txt", true},
+		{"**/file*.txt*", "dir/dir/file.txt", true},
+		{"**/**/*.txt", "dir/dir/file.txt", true},
+		{"**/**/*.txt2", "dir/dir/file.txt", false},
+		{"**/*.txt", "file.txt", true},
+		{"**/**/*.txt", "file.txt", true},
+		{"a**/*.txt", "a/file.txt", true},
+		{"a**/*.txt", "a/dir/file.txt", true},
+		{"a**/*.txt", "a/dir/dir/file.txt", true},
+		{"a/*.txt", "a/dir/file.txt", false},
+		{"a/*.txt", "a/file.txt", true},
+		{"a/*.txt**", "a/file.txt", true},
+		{"a[b-d]e", "ae", false},
+		{"a[b-d]e", "ace", true},
+		{"a[b-d]e", "aae", false},
+		{"a[^b-d]e", "aze", true},
+		{".*", ".foo", true},
+		{".*", "foo", false},
+		{"abc.def", "abcdef", false},
+		{"abc.def", "abc.def", true},
+		{"abc.def", "abcZdef", false},
+		{"abc?def", "abcZdef", true},
+		{"abc?def", "abcdef", false},
+		{"a\\*b", "a*b", true},
+		{"a\\", "a", false},
+		{"a\\", "a\\", false},
+		{"a\\\\", "a\\", true},
+		{"**/foo/bar", "foo/bar", true},
+		{"**/foo/bar", "dir/foo/bar", true},
+		{"**/foo/bar", "dir/dir2/foo/bar", true},
+		{"abc/**", "abc", false},
+		{"abc/**", "abc/def", true},
+		{"abc/**", "abc/def/ghi", true},
+	}
+
+	for _, test := range tests {
+		res, _ := regexpMatch(test.pattern, test.text)
+		if res != test.pass {
+			t.Fatalf("Failed: %v - res:%v", test, res)
+		}
+	}
+}
+
+// An empty string should return true from Empty.
+func TestEmpty(t *testing.T) {
+	empty := empty("")
+	if !empty {
+		t.Errorf("failed to get true for an empty string, got %v", empty)
+	}
+}
+
+func TestCleanPatterns(t *testing.T) {
+	cleaned, _, _, _ := CleanPatterns([]string{"docs", "config"})
+	if len(cleaned) != 2 {
+		t.Errorf("expected 2 element slice, got %v", len(cleaned))
+	}
+}
+
+func TestCleanPatternsStripEmptyPatterns(t *testing.T) {
+	cleaned, _, _, _ := CleanPatterns([]string{"docs", "config", ""})
+	if len(cleaned) != 2 {
+		t.Errorf("expected 2 element slice, got %v", len(cleaned))
+	}
+}
+
+func TestCleanPatternsExceptionFlag(t *testing.T) {
+	_, _, exceptions, _ := CleanPatterns([]string{"docs", "!docs/README.md"})
+	if !exceptions {
+		t.Errorf("expected exceptions to be true, got %v", exceptions)
+	}
+}
+
+func TestCleanPatternsLeadingSpaceTrimmed(t *testing.T) {
+	_, _, exceptions, _ := CleanPatterns([]string{"docs", "  !docs/README.md"})
+	if !exceptions {
+		t.Errorf("expected exceptions to be true, got %v", exceptions)
+	}
+}
+
+func TestCleanPatternsTrailingSpaceTrimmed(t *testing.T) {
+	_, _, exceptions, _ := CleanPatterns([]string{"docs", "!docs/README.md  "})
+	if !exceptions {
+		t.Errorf("expected exceptions to be true, got %v", exceptions)
+	}
+}
+
+func TestCleanPatternsErrorSingleException(t *testing.T) {
+	_, _, _, err := CleanPatterns([]string{"!"})
+	if err == nil {
+		t.Errorf("expected error on single exclamation point, got %v", err)
+	}
+}
+
+func TestCleanPatternsFolderSplit(t *testing.T) {
+	_, dirs, _, _ := CleanPatterns([]string{"docs/config/CONFIG.md"})
+	if dirs[0][0] != "docs" {
+		t.Errorf("expected first element in dirs slice to be docs, got %v", dirs[0][1])
+	}
+	if dirs[0][1] != "config" {
+		t.Errorf("expected first element in dirs slice to be config, got %v", dirs[0][1])
+	}
+}
+
+func TestCreateIfNotExistsDir(t *testing.T) {
+	tempFolder, err := ioutil.TempDir("", "docker-fileutils-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tempFolder)
+
+	folderToCreate := filepath.Join(tempFolder, "tocreate")
+
+	if err := CreateIfNotExists(folderToCreate, true); err != nil {
+		t.Fatal(err)
+	}
+	fileinfo, err := os.Stat(folderToCreate)
+	if err != nil {
+		t.Fatalf("Should have create a folder, got %v", err)
+	}
+
+	if !fileinfo.IsDir() {
+		t.Fatalf("Should have been a dir, seems it's not")
+	}
+}
+
+func TestCreateIfNotExistsFile(t *testing.T) {
+	tempFolder, err := ioutil.TempDir("", "docker-fileutils-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tempFolder)
+
+	fileToCreate := filepath.Join(tempFolder, "file/to/create")
+
+	if err := CreateIfNotExists(fileToCreate, false); err != nil {
+		t.Fatal(err)
+	}
+	fileinfo, err := os.Stat(fileToCreate)
+	if err != nil {
+		t.Fatalf("Should have create a file, got %v", err)
+	}
+
+	if fileinfo.IsDir() {
+		t.Fatalf("Should have been a file, seems it's not")
+	}
+}
+
+// These matchTests are stolen from go's filepath Match tests.
+type matchTest struct {
+	pattern, s string
+	match      bool
+	err        error
+}
+
+var matchTests = []matchTest{
+	{"abc", "abc", true, nil},
+	{"*", "abc", true, nil},
+	{"*c", "abc", true, nil},
+	{"a*", "a", true, nil},
+	{"a*", "abc", true, nil},
+	{"a*", "ab/c", false, nil},
+	{"a*/b", "abc/b", true, nil},
+	{"a*/b", "a/c/b", false, nil},
+	{"a*b*c*d*e*/f", "axbxcxdxe/f", true, nil},
+	{"a*b*c*d*e*/f", "axbxcxdxexxx/f", true, nil},
+	{"a*b*c*d*e*/f", "axbxcxdxe/xxx/f", false, nil},
+	{"a*b*c*d*e*/f", "axbxcxdxexxx/fff", false, nil},
+	{"a*b?c*x", "abxbbxdbxebxczzx", true, nil},
+	{"a*b?c*x", "abxbbxdbxebxczzy", false, nil},
+	{"ab[c]", "abc", true, nil},
+	{"ab[b-d]", "abc", true, nil},
+	{"ab[e-g]", "abc", false, nil},
+	{"ab[^c]", "abc", false, nil},
+	{"ab[^b-d]", "abc", false, nil},
+	{"ab[^e-g]", "abc", true, nil},
+	{"a\\*b", "a*b", true, nil},
+	{"a\\*b", "ab", false, nil},
+	{"a?b", "a☺b", true, nil},
+	{"a[^a]b", "a☺b", true, nil},
+	{"a???b", "a☺b", false, nil},
+	{"a[^a][^a][^a]b", "a☺b", false, nil},
+	{"[a-ζ]*", "α", true, nil},
+	{"*[a-ζ]", "A", false, nil},
+	{"a?b", "a/b", false, nil},
+	{"a*b", "a/b", false, nil},
+	{"[\\]a]", "]", true, nil},
+	{"[\\-]", "-", true, nil},
+	{"[x\\-]", "x", true, nil},
+	{"[x\\-]", "-", true, nil},
+	{"[x\\-]", "z", false, nil},
+	{"[\\-x]", "x", true, nil},
+	{"[\\-x]", "-", true, nil},
+	{"[\\-x]", "a", false, nil},
+	{"[]a]", "]", false, filepath.ErrBadPattern},
+	{"[-]", "-", false, filepath.ErrBadPattern},
+	{"[x-]", "x", false, filepath.ErrBadPattern},
+	{"[x-]", "-", false, filepath.ErrBadPattern},
+	{"[x-]", "z", false, filepath.ErrBadPattern},
+	{"[-x]", "x", false, filepath.ErrBadPattern},
+	{"[-x]", "-", false, filepath.ErrBadPattern},
+	{"[-x]", "a", false, filepath.ErrBadPattern},
+	{"\\", "a", false, filepath.ErrBadPattern},
+	{"[a-b-c]", "a", false, filepath.ErrBadPattern},
+	{"[", "a", false, filepath.ErrBadPattern},
+	{"[^", "a", false, filepath.ErrBadPattern},
+	{"[^bc", "a", false, filepath.ErrBadPattern},
+	{"a[", "a", false, filepath.ErrBadPattern}, // was nil but IMO its wrong
+	{"a[", "ab", false, filepath.ErrBadPattern},
+	{"*x", "xxx", true, nil},
+}
+
+func errp(e error) string {
+	if e == nil {
+		return "<nil>"
+	}
+	return e.Error()
+}
+
+// TestMatch test's our version of filepath.Match, called regexpMatch.
+func TestMatch(t *testing.T) {
+	for _, tt := range matchTests {
+		pattern := tt.pattern
+		s := tt.s
+		if runtime.GOOS == "windows" {
+			if strings.Index(pattern, "\\") >= 0 {
+				// no escape allowed on windows.
+				continue
+			}
+			pattern = filepath.Clean(pattern)
+			s = filepath.Clean(s)
+		}
+		ok, err := regexpMatch(pattern, s)
+		if ok != tt.match || err != tt.err {
+			t.Fatalf("Match(%#q, %#q) = %v, %q want %v, %q", pattern, s, ok, errp(err), tt.match, errp(tt.err))
+		}
+	}
+}
diff --git a/pkg/fileutils/fileutils_unix.go b/pkg/fileutils/fileutils_unix.go
new file mode 100644
index 00000000..d5c3abf5
--- /dev/null
+++ b/pkg/fileutils/fileutils_unix.go
@@ -0,0 +1,22 @@
+// +build linux freebsd
+
+package fileutils
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+
+	"github.com/Sirupsen/logrus"
+)
+
+// GetTotalUsedFds Returns the number of used File Descriptors by
+// reading it via /proc filesystem.
+func GetTotalUsedFds() int {
+	if fds, err := ioutil.ReadDir(fmt.Sprintf("/proc/%d/fd", os.Getpid())); err != nil {
+		logrus.Errorf("Error opening /proc/%d/fd: %s", os.Getpid(), err)
+	} else {
+		return len(fds)
+	}
+	return -1
+}
diff --git a/pkg/fileutils/fileutils_windows.go b/pkg/fileutils/fileutils_windows.go
new file mode 100644
index 00000000..5ec21cac
--- /dev/null
+++ b/pkg/fileutils/fileutils_windows.go
@@ -0,0 +1,7 @@
+package fileutils
+
+// GetTotalUsedFds Returns the number of used File Descriptors. Not supported
+// on Windows.
+func GetTotalUsedFds() int {
+	return -1
+}
diff --git a/pkg/gitutils/gitutils.go b/pkg/gitutils/gitutils.go
new file mode 100644
index 00000000..ded091f2
--- /dev/null
+++ b/pkg/gitutils/gitutils.go
@@ -0,0 +1,100 @@
+package gitutils
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"strings"
+
+	"github.com/docker/docker/pkg/symlink"
+	"github.com/docker/docker/pkg/urlutil"
+)
+
+// Clone clones a repository into a newly created directory which
+// will be under "docker-build-git"
+func Clone(remoteURL string) (string, error) {
+	if !urlutil.IsGitTransport(remoteURL) {
+		remoteURL = "https://" + remoteURL
+	}
+	root, err := ioutil.TempDir("", "docker-build-git")
+	if err != nil {
+		return "", err
+	}
+
+	u, err := url.Parse(remoteURL)
+	if err != nil {
+		return "", err
+	}
+
+	fragment := u.Fragment
+	clone := cloneArgs(u, root)
+
+	if output, err := git(clone...); err != nil {
+		return "", fmt.Errorf("Error trying to use git: %s (%s)", err, output)
+	}
+
+	return checkoutGit(fragment, root)
+}
+
+func cloneArgs(remoteURL *url.URL, root string) []string {
+	args := []string{"clone", "--recursive"}
+	shallow := len(remoteURL.Fragment) == 0
+
+	if shallow && strings.HasPrefix(remoteURL.Scheme, "http") {
+		res, err := http.Head(fmt.Sprintf("%s/info/refs?service=git-upload-pack", remoteURL))
+		if err != nil || res.Header.Get("Content-Type") != "application/x-git-upload-pack-advertisement" {
+			shallow = false
+		}
+	}
+
+	if shallow {
+		args = append(args, "--depth", "1")
+	}
+
+	if remoteURL.Fragment != "" {
+		remoteURL.Fragment = ""
+	}
+
+	return append(args, remoteURL.String(), root)
+}
+
+func checkoutGit(fragment, root string) (string, error) {
+	refAndDir := strings.SplitN(fragment, ":", 2)
+
+	if len(refAndDir[0]) != 0 {
+		if output, err := gitWithinDir(root, "checkout", refAndDir[0]); err != nil {
+			return "", fmt.Errorf("Error trying to use git: %s (%s)", err, output)
+		}
+	}
+
+	if len(refAndDir) > 1 && len(refAndDir[1]) != 0 {
+		newCtx, err := symlink.FollowSymlinkInScope(filepath.Join(root, refAndDir[1]), root)
+		if err != nil {
+			return "", fmt.Errorf("Error setting git context, %q not within git root: %s", refAndDir[1], err)
+		}
+
+		fi, err := os.Stat(newCtx)
+		if err != nil {
+			return "", err
+		}
+		if !fi.IsDir() {
+			return "", fmt.Errorf("Error setting git context, not a directory: %s", newCtx)
+		}
+		root = newCtx
+	}
+
+	return root, nil
+}
+
+func gitWithinDir(dir string, args ...string) ([]byte, error) {
+	a := []string{"--work-tree", dir, "--git-dir", filepath.Join(dir, ".git")}
+	return git(append(a, args...)...)
+}
+
+func git(args ...string) ([]byte, error) {
+	return exec.Command("git", args...).CombinedOutput()
+}
diff --git a/pkg/gitutils/gitutils_test.go b/pkg/gitutils/gitutils_test.go
new file mode 100644
index 00000000..ec288f00
--- /dev/null
+++ b/pkg/gitutils/gitutils_test.go
@@ -0,0 +1,204 @@
+package gitutils
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"os"
+	"path/filepath"
+	"reflect"
+	"runtime"
+	"testing"
+)
+
+func TestCloneArgsSmartHttp(t *testing.T) {
+	mux := http.NewServeMux()
+	server := httptest.NewServer(mux)
+	serverURL, _ := url.Parse(server.URL)
+
+	serverURL.Path = "/repo.git"
+	gitURL := serverURL.String()
+
+	mux.HandleFunc("/repo.git/info/refs", func(w http.ResponseWriter, r *http.Request) {
+		q := r.URL.Query().Get("service")
+		w.Header().Set("Content-Type", fmt.Sprintf("application/x-%s-advertisement", q))
+	})
+
+	args := cloneArgs(serverURL, "/tmp")
+	exp := []string{"clone", "--recursive", "--depth", "1", gitURL, "/tmp"}
+	if !reflect.DeepEqual(args, exp) {
+		t.Fatalf("Expected %v, got %v", exp, args)
+	}
+}
+
+func TestCloneArgsDumbHttp(t *testing.T) {
+	mux := http.NewServeMux()
+	server := httptest.NewServer(mux)
+	serverURL, _ := url.Parse(server.URL)
+
+	serverURL.Path = "/repo.git"
+	gitURL := serverURL.String()
+
+	mux.HandleFunc("/repo.git/info/refs", func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "text/plain")
+	})
+
+	args := cloneArgs(serverURL, "/tmp")
+	exp := []string{"clone", "--recursive", gitURL, "/tmp"}
+	if !reflect.DeepEqual(args, exp) {
+		t.Fatalf("Expected %v, got %v", exp, args)
+	}
+}
+
+func TestCloneArgsGit(t *testing.T) {
+	u, _ := url.Parse("git://github.com/docker/docker")
+	args := cloneArgs(u, "/tmp")
+	exp := []string{"clone", "--recursive", "--depth", "1", "git://github.com/docker/docker", "/tmp"}
+	if !reflect.DeepEqual(args, exp) {
+		t.Fatalf("Expected %v, got %v", exp, args)
+	}
+}
+
+func TestCloneArgsStripFragment(t *testing.T) {
+	u, _ := url.Parse("git://github.com/docker/docker#test")
+	args := cloneArgs(u, "/tmp")
+	exp := []string{"clone", "--recursive", "git://github.com/docker/docker", "/tmp"}
+	if !reflect.DeepEqual(args, exp) {
+		t.Fatalf("Expected %v, got %v", exp, args)
+	}
+}
+
+func TestCheckoutGit(t *testing.T) {
+	root, err := ioutil.TempDir("", "docker-build-git-checkout")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(root)
+
+	eol := "\n"
+	if runtime.GOOS == "windows" {
+		eol = "\r\n"
+	}
+
+	gitDir := filepath.Join(root, "repo")
+	_, err = git("init", gitDir)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err = gitWithinDir(gitDir, "config", "user.email", "test@docker.com"); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err = gitWithinDir(gitDir, "config", "user.name", "Docker test"); err != nil {
+		t.Fatal(err)
+	}
+
+	if err = ioutil.WriteFile(filepath.Join(gitDir, "Dockerfile"), []byte("FROM scratch"), 0644); err != nil {
+		t.Fatal(err)
+	}
+
+	subDir := filepath.Join(gitDir, "subdir")
+	if err = os.Mkdir(subDir, 0755); err != nil {
+		t.Fatal(err)
+	}
+
+	if err = ioutil.WriteFile(filepath.Join(subDir, "Dockerfile"), []byte("FROM scratch\nEXPOSE 5000"), 0644); err != nil {
+		t.Fatal(err)
+	}
+
+	if runtime.GOOS != "windows" {
+		if err = os.Symlink("../subdir", filepath.Join(gitDir, "parentlink")); err != nil {
+			t.Fatal(err)
+		}
+
+		if err = os.Symlink("/subdir", filepath.Join(gitDir, "absolutelink")); err != nil {
+			t.Fatal(err)
+		}
+	}
+
+	if _, err = gitWithinDir(gitDir, "add", "-A"); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err = gitWithinDir(gitDir, "commit", "-am", "First commit"); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err = gitWithinDir(gitDir, "checkout", "-b", "test"); err != nil {
+		t.Fatal(err)
+	}
+
+	if err = ioutil.WriteFile(filepath.Join(gitDir, "Dockerfile"), []byte("FROM scratch\nEXPOSE 3000"), 0644); err != nil {
+		t.Fatal(err)
+	}
+
+	if err = ioutil.WriteFile(filepath.Join(subDir, "Dockerfile"), []byte("FROM busybox\nEXPOSE 5000"), 0644); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err = gitWithinDir(gitDir, "add", "-A"); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err = gitWithinDir(gitDir, "commit", "-am", "Branch commit"); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err = gitWithinDir(gitDir, "checkout", "master"); err != nil {
+		t.Fatal(err)
+	}
+
+	type singleCase struct {
+		frag string
+		exp  string
+		fail bool
+	}
+
+	cases := []singleCase{
+		{"", "FROM scratch", false},
+		{"master", "FROM scratch", false},
+		{":subdir", "FROM scratch" + eol + "EXPOSE 5000", false},
+		{":nosubdir", "", true},   // missing directory error
+		{":Dockerfile", "", true}, // not a directory error
+		{"master:nosubdir", "", true},
+		{"master:subdir", "FROM scratch" + eol + "EXPOSE 5000", false},
+		{"master:../subdir", "", true},
+		{"test", "FROM scratch" + eol + "EXPOSE 3000", false},
+		{"test:", "FROM scratch" + eol + "EXPOSE 3000", false},
+		{"test:subdir", "FROM busybox" + eol + "EXPOSE 5000", false},
+	}
+
+	if runtime.GOOS != "windows" {
+		// Windows GIT (2.7.1 x64) does not support parentlink/absolutelink. Sample output below
+		// 	git --work-tree .\repo --git-dir .\repo\.git add -A
+		//	error: readlink("absolutelink"): Function not implemented
+		// 	error: unable to index file absolutelink
+		// 	fatal: adding files failed
+		cases = append(cases, singleCase{frag: "master:absolutelink", exp: "FROM scratch" + eol + "EXPOSE 5000", fail: false})
+		cases = append(cases, singleCase{frag: "master:parentlink", exp: "FROM scratch" + eol + "EXPOSE 5000", fail: false})
+	}
+
+	for _, c := range cases {
+		r, err := checkoutGit(c.frag, gitDir)
+
+		fail := err != nil
+		if fail != c.fail {
+			t.Fatalf("Expected %v failure, error was %v\n", c.fail, err)
+		}
+		if c.fail {
+			continue
+		}
+
+		b, err := ioutil.ReadFile(filepath.Join(r, "Dockerfile"))
+		if err != nil {
+			t.Fatal(err)
+		}
+
+		if string(b) != c.exp {
+			t.Fatalf("Expected %v, was %v\n", c.exp, string(b))
+		}
+	}
+}
diff --git a/pkg/graphdb/conn_sqlite3.go b/pkg/graphdb/conn_sqlite3.go
new file mode 100644
index 00000000..dbcf44c2
--- /dev/null
+++ b/pkg/graphdb/conn_sqlite3.go
@@ -0,0 +1,15 @@
+// +build cgo
+
+package graphdb
+
+import "database/sql"
+
+// NewSqliteConn opens a connection to a sqlite
+// database.
+func NewSqliteConn(root string) (*Database, error) {
+	conn, err := sql.Open("sqlite3", root)
+	if err != nil {
+		return nil, err
+	}
+	return NewDatabase(conn)
+}
diff --git a/pkg/graphdb/conn_sqlite3_unix.go b/pkg/graphdb/conn_sqlite3_unix.go
new file mode 100644
index 00000000..f932fff2
--- /dev/null
+++ b/pkg/graphdb/conn_sqlite3_unix.go
@@ -0,0 +1,7 @@
+// +build cgo,!windows
+
+package graphdb
+
+import (
+	_ "github.com/mattn/go-sqlite3" // registers sqlite
+)
diff --git a/pkg/graphdb/conn_sqlite3_windows.go b/pkg/graphdb/conn_sqlite3_windows.go
new file mode 100644
index 00000000..52590303
--- /dev/null
+++ b/pkg/graphdb/conn_sqlite3_windows.go
@@ -0,0 +1,7 @@
+// +build cgo,windows
+
+package graphdb
+
+import (
+	_ "github.com/mattn/go-sqlite3" // registers sqlite
+)
diff --git a/pkg/graphdb/conn_unsupported.go b/pkg/graphdb/conn_unsupported.go
new file mode 100644
index 00000000..cf977050
--- /dev/null
+++ b/pkg/graphdb/conn_unsupported.go
@@ -0,0 +1,8 @@
+// +build !cgo
+
+package graphdb
+
+// NewSqliteConn return a new sqlite connection.
+func NewSqliteConn(root string) (*Database, error) {
+	panic("Not implemented")
+}
diff --git a/pkg/graphdb/graphdb.go b/pkg/graphdb/graphdb.go
new file mode 100644
index 00000000..eca433fa
--- /dev/null
+++ b/pkg/graphdb/graphdb.go
@@ -0,0 +1,551 @@
+package graphdb
+
+import (
+	"database/sql"
+	"fmt"
+	"path"
+	"strings"
+	"sync"
+)
+
+const (
+	createEntityTable = `
+    CREATE TABLE IF NOT EXISTS entity (
+        id text NOT NULL PRIMARY KEY
+    );`
+
+	createEdgeTable = `
+    CREATE TABLE IF NOT EXISTS edge (
+        "entity_id" text NOT NULL,
+        "parent_id" text NULL,
+        "name" text NOT NULL,
+        CONSTRAINT "parent_fk" FOREIGN KEY ("parent_id") REFERENCES "entity" ("id"),
+        CONSTRAINT "entity_fk" FOREIGN KEY ("entity_id") REFERENCES "entity" ("id")
+        );
+    `
+
+	createEdgeIndices = `
+    CREATE UNIQUE INDEX IF NOT EXISTS "name_parent_ix" ON "edge" (parent_id, name);
+    `
+)
+
+// Entity with a unique id.
+type Entity struct {
+	id string
+}
+
+// An Edge connects two entities together.
+type Edge struct {
+	EntityID string
+	Name     string
+	ParentID string
+}
+
+// Entities stores the list of entities.
+type Entities map[string]*Entity
+
+// Edges stores the relationships between entities.
+type Edges []*Edge
+
+// WalkFunc is a function invoked to process an individual entity.
+type WalkFunc func(fullPath string, entity *Entity) error
+
+// Database is a graph database for storing entities and their relationships.
+type Database struct {
+	conn *sql.DB
+	mux  sync.RWMutex
+}
+
+// IsNonUniqueNameError processes the error to check if it's caused by
+// a constraint violation.
+// This is necessary because the error isn't the same across various
+// sqlite versions.
+func IsNonUniqueNameError(err error) bool {
+	str := err.Error()
+	// sqlite 3.7.17-1ubuntu1 returns:
+	// Set failure: Abort due to constraint violation: columns parent_id, name are not unique
+	if strings.HasSuffix(str, "name are not unique") {
+		return true
+	}
+	// sqlite-3.8.3-1.fc20 returns:
+	// Set failure: Abort due to constraint violation: UNIQUE constraint failed: edge.parent_id, edge.name
+	if strings.Contains(str, "UNIQUE constraint failed") && strings.Contains(str, "edge.name") {
+		return true
+	}
+	// sqlite-3.6.20-1.el6 returns:
+	// Set failure: Abort due to constraint violation: constraint failed
+	if strings.HasSuffix(str, "constraint failed") {
+		return true
+	}
+	return false
+}
+
+// NewDatabase creates a new graph database initialized with a root entity.
+func NewDatabase(conn *sql.DB) (*Database, error) {
+	if conn == nil {
+		return nil, fmt.Errorf("Database connection cannot be nil")
+	}
+	db := &Database{conn: conn}
+
+	// Create root entities
+	tx, err := conn.Begin()
+	if err != nil {
+		return nil, err
+	}
+
+	if _, err := tx.Exec(createEntityTable); err != nil {
+		return nil, err
+	}
+	if _, err := tx.Exec(createEdgeTable); err != nil {
+		return nil, err
+	}
+	if _, err := tx.Exec(createEdgeIndices); err != nil {
+		return nil, err
+	}
+
+	if _, err := tx.Exec("DELETE FROM entity where id = ?", "0"); err != nil {
+		tx.Rollback()
+		return nil, err
+	}
+
+	if _, err := tx.Exec("INSERT INTO entity (id) VALUES (?);", "0"); err != nil {
+		tx.Rollback()
+		return nil, err
+	}
+
+	if _, err := tx.Exec("DELETE FROM edge where entity_id=? and name=?", "0", "/"); err != nil {
+		tx.Rollback()
+		return nil, err
+	}
+
+	if _, err := tx.Exec("INSERT INTO edge (entity_id, name) VALUES(?,?);", "0", "/"); err != nil {
+		tx.Rollback()
+		return nil, err
+	}
+
+	if err := tx.Commit(); err != nil {
+		return nil, err
+	}
+
+	return db, nil
+}
+
+// Close the underlying connection to the database.
+func (db *Database) Close() error {
+	return db.conn.Close()
+}
+
+// Set the entity id for a given path.
+func (db *Database) Set(fullPath, id string) (*Entity, error) {
+	db.mux.Lock()
+	defer db.mux.Unlock()
+
+	tx, err := db.conn.Begin()
+	if err != nil {
+		return nil, err
+	}
+
+	var entityID string
+	if err := tx.QueryRow("SELECT id FROM entity WHERE id = ?;", id).Scan(&entityID); err != nil {
+		if err == sql.ErrNoRows {
+			if _, err := tx.Exec("INSERT INTO entity (id) VALUES(?);", id); err != nil {
+				tx.Rollback()
+				return nil, err
+			}
+		} else {
+			tx.Rollback()
+			return nil, err
+		}
+	}
+	e := &Entity{id}
+
+	parentPath, name := splitPath(fullPath)
+	if err := db.setEdge(parentPath, name, e, tx); err != nil {
+		tx.Rollback()
+		return nil, err
+	}
+
+	if err := tx.Commit(); err != nil {
+		return nil, err
+	}
+	return e, nil
+}
+
+// Exists returns true if a name already exists in the database.
+func (db *Database) Exists(name string) bool {
+	db.mux.RLock()
+	defer db.mux.RUnlock()
+
+	e, err := db.get(name)
+	if err != nil {
+		return false
+	}
+	return e != nil
+}
+
+func (db *Database) setEdge(parentPath, name string, e *Entity, tx *sql.Tx) error {
+	parent, err := db.get(parentPath)
+	if err != nil {
+		return err
+	}
+	if parent.id == e.id {
+		return fmt.Errorf("Cannot set self as child")
+	}
+
+	if _, err := tx.Exec("INSERT INTO edge (parent_id, name, entity_id) VALUES (?,?,?);", parent.id, name, e.id); err != nil {
+		return err
+	}
+	return nil
+}
+
+// RootEntity returns the root "/" entity for the database.
+func (db *Database) RootEntity() *Entity {
+	return &Entity{
+		id: "0",
+	}
+}
+
+// Get returns the entity for a given path.
+func (db *Database) Get(name string) *Entity {
+	db.mux.RLock()
+	defer db.mux.RUnlock()
+
+	e, err := db.get(name)
+	if err != nil {
+		return nil
+	}
+	return e
+}
+
+func (db *Database) get(name string) (*Entity, error) {
+	e := db.RootEntity()
+	// We always know the root name so return it if
+	// it is requested
+	if name == "/" {
+		return e, nil
+	}
+
+	parts := split(name)
+	for i := 1; i < len(parts); i++ {
+		p := parts[i]
+		if p == "" {
+			continue
+		}
+
+		next := db.child(e, p)
+		if next == nil {
+			return nil, fmt.Errorf("Cannot find child for %s", name)
+		}
+		e = next
+	}
+	return e, nil
+
+}
+
+// List all entities by from the name.
+// The key will be the full path of the entity.
+func (db *Database) List(name string, depth int) Entities {
+	db.mux.RLock()
+	defer db.mux.RUnlock()
+
+	out := Entities{}
+	e, err := db.get(name)
+	if err != nil {
+		return out
+	}
+
+	children, err := db.children(e, name, depth, nil)
+	if err != nil {
+		return out
+	}
+
+	for _, c := range children {
+		out[c.FullPath] = c.Entity
+	}
+	return out
+}
+
+// Walk through the child graph of an entity, calling walkFunc for each child entity.
+// It is safe for walkFunc to call graph functions.
+func (db *Database) Walk(name string, walkFunc WalkFunc, depth int) error {
+	children, err := db.Children(name, depth)
+	if err != nil {
+		return err
+	}
+
+	// Note: the database lock must not be held while calling walkFunc
+	for _, c := range children {
+		if err := walkFunc(c.FullPath, c.Entity); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// Children returns the children of the specified entity.
+func (db *Database) Children(name string, depth int) ([]WalkMeta, error) {
+	db.mux.RLock()
+	defer db.mux.RUnlock()
+
+	e, err := db.get(name)
+	if err != nil {
+		return nil, err
+	}
+
+	return db.children(e, name, depth, nil)
+}
+
+// Parents returns the parents of a specified entity.
+func (db *Database) Parents(name string) ([]string, error) {
+	db.mux.RLock()
+	defer db.mux.RUnlock()
+
+	e, err := db.get(name)
+	if err != nil {
+		return nil, err
+	}
+	return db.parents(e)
+}
+
+// Refs returns the reference count for a specified id.
+func (db *Database) Refs(id string) int {
+	db.mux.RLock()
+	defer db.mux.RUnlock()
+
+	var count int
+	if err := db.conn.QueryRow("SELECT COUNT(*) FROM edge WHERE entity_id = ?;", id).Scan(&count); err != nil {
+		return 0
+	}
+	return count
+}
+
+// RefPaths returns all the id's path references.
+func (db *Database) RefPaths(id string) Edges {
+	db.mux.RLock()
+	defer db.mux.RUnlock()
+
+	refs := Edges{}
+
+	rows, err := db.conn.Query("SELECT name, parent_id FROM edge WHERE entity_id = ?;", id)
+	if err != nil {
+		return refs
+	}
+	defer rows.Close()
+
+	for rows.Next() {
+		var name string
+		var parentID string
+		if err := rows.Scan(&name, &parentID); err != nil {
+			return refs
+		}
+		refs = append(refs, &Edge{
+			EntityID: id,
+			Name:     name,
+			ParentID: parentID,
+		})
+	}
+	return refs
+}
+
+// Delete the reference to an entity at a given path.
+func (db *Database) Delete(name string) error {
+	db.mux.Lock()
+	defer db.mux.Unlock()
+
+	if name == "/" {
+		return fmt.Errorf("Cannot delete root entity")
+	}
+
+	parentPath, n := splitPath(name)
+	parent, err := db.get(parentPath)
+	if err != nil {
+		return err
+	}
+
+	if _, err := db.conn.Exec("DELETE FROM edge WHERE parent_id = ? AND name = ?;", parent.id, n); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Purge removes the entity with the specified id
+// Walk the graph to make sure all references to the entity
+// are removed and return the number of references removed
+func (db *Database) Purge(id string) (int, error) {
+	db.mux.Lock()
+	defer db.mux.Unlock()
+
+	tx, err := db.conn.Begin()
+	if err != nil {
+		return -1, err
+	}
+
+	// Delete all edges
+	rows, err := tx.Exec("DELETE FROM edge WHERE entity_id = ?;", id)
+	if err != nil {
+		tx.Rollback()
+		return -1, err
+	}
+	changes, err := rows.RowsAffected()
+	if err != nil {
+		return -1, err
+	}
+
+	// Clear who's using this id as parent
+	refs, err := tx.Exec("DELETE FROM edge WHERE parent_id = ?;", id)
+	if err != nil {
+		tx.Rollback()
+		return -1, err
+	}
+	refsCount, err := refs.RowsAffected()
+	if err != nil {
+		return -1, err
+	}
+
+	// Delete entity
+	if _, err := tx.Exec("DELETE FROM entity where id = ?;", id); err != nil {
+		tx.Rollback()
+		return -1, err
+	}
+
+	if err := tx.Commit(); err != nil {
+		return -1, err
+	}
+
+	return int(changes + refsCount), nil
+}
+
+// Rename an edge for a given path
+func (db *Database) Rename(currentName, newName string) error {
+	db.mux.Lock()
+	defer db.mux.Unlock()
+
+	parentPath, name := splitPath(currentName)
+	newParentPath, newEdgeName := splitPath(newName)
+
+	if parentPath != newParentPath {
+		return fmt.Errorf("Cannot rename when root paths do not match %s != %s", parentPath, newParentPath)
+	}
+
+	parent, err := db.get(parentPath)
+	if err != nil {
+		return err
+	}
+
+	rows, err := db.conn.Exec("UPDATE edge SET name = ? WHERE parent_id = ? AND name = ?;", newEdgeName, parent.id, name)
+	if err != nil {
+		return err
+	}
+	i, err := rows.RowsAffected()
+	if err != nil {
+		return err
+	}
+	if i == 0 {
+		return fmt.Errorf("Cannot locate edge for %s %s", parent.id, name)
+	}
+	return nil
+}
+
+// WalkMeta stores the walk metadata.
+type WalkMeta struct {
+	Parent   *Entity
+	Entity   *Entity
+	FullPath string
+	Edge     *Edge
+}
+
+func (db *Database) children(e *Entity, name string, depth int, entities []WalkMeta) ([]WalkMeta, error) {
+	if e == nil {
+		return entities, nil
+	}
+
+	rows, err := db.conn.Query("SELECT entity_id, name FROM edge where parent_id = ?;", e.id)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	for rows.Next() {
+		var entityID, entityName string
+		if err := rows.Scan(&entityID, &entityName); err != nil {
+			return nil, err
+		}
+		child := &Entity{entityID}
+		edge := &Edge{
+			ParentID: e.id,
+			Name:     entityName,
+			EntityID: child.id,
+		}
+
+		meta := WalkMeta{
+			Parent:   e,
+			Entity:   child,
+			FullPath: path.Join(name, edge.Name),
+			Edge:     edge,
+		}
+
+		entities = append(entities, meta)
+
+		if depth != 0 {
+			nDepth := depth
+			if depth != -1 {
+				nDepth--
+			}
+			entities, err = db.children(child, meta.FullPath, nDepth, entities)
+			if err != nil {
+				return nil, err
+			}
+		}
+	}
+
+	return entities, nil
+}
+
+func (db *Database) parents(e *Entity) (parents []string, err error) {
+	if e == nil {
+		return parents, nil
+	}
+
+	rows, err := db.conn.Query("SELECT parent_id FROM edge where entity_id = ?;", e.id)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	for rows.Next() {
+		var parentID string
+		if err := rows.Scan(&parentID); err != nil {
+			return nil, err
+		}
+		parents = append(parents, parentID)
+	}
+
+	return parents, nil
+}
+
+// Return the entity based on the parent path and name.
+func (db *Database) child(parent *Entity, name string) *Entity {
+	var id string
+	if err := db.conn.QueryRow("SELECT entity_id FROM edge WHERE parent_id = ? AND name = ?;", parent.id, name).Scan(&id); err != nil {
+		return nil
+	}
+	return &Entity{id}
+}
+
+// ID returns the id used to reference this entity.
+func (e *Entity) ID() string {
+	return e.id
+}
+
+// Paths returns the paths sorted by depth.
+func (e Entities) Paths() []string {
+	out := make([]string, len(e))
+	var i int
+	for k := range e {
+		out[i] = k
+		i++
+	}
+	sortByDepth(out)
+
+	return out
+}
diff --git a/pkg/graphdb/graphdb_test.go b/pkg/graphdb/graphdb_test.go
new file mode 100644
index 00000000..f0fb074b
--- /dev/null
+++ b/pkg/graphdb/graphdb_test.go
@@ -0,0 +1,721 @@
+package graphdb
+
+import (
+	"database/sql"
+	"fmt"
+	"os"
+	"path"
+	"runtime"
+	"strconv"
+	"testing"
+
+	_ "github.com/mattn/go-sqlite3"
+)
+
+func newTestDb(t *testing.T) (*Database, string) {
+	p := path.Join(os.TempDir(), "sqlite.db")
+	conn, err := sql.Open("sqlite3", p)
+	db, err := NewDatabase(conn)
+	if err != nil {
+		t.Fatal(err)
+	}
+	return db, p
+}
+
+func destroyTestDb(dbPath string) {
+	os.Remove(dbPath)
+}
+
+func TestNewDatabase(t *testing.T) {
+	db, dbpath := newTestDb(t)
+	if db == nil {
+		t.Fatal("Database should not be nil")
+	}
+	db.Close()
+	defer destroyTestDb(dbpath)
+}
+
+func TestCreateRootEntity(t *testing.T) {
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+	root := db.RootEntity()
+	if root == nil {
+		t.Fatal("Root entity should not be nil")
+	}
+}
+
+func TestGetRootEntity(t *testing.T) {
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	e := db.Get("/")
+	if e == nil {
+		t.Fatal("Entity should not be nil")
+	}
+	if e.ID() != "0" {
+		t.Fatalf("Entity id should be 0, got %s", e.ID())
+	}
+}
+
+func TestSetEntityWithDifferentName(t *testing.T) {
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	db.Set("/test", "1")
+	if _, err := db.Set("/other", "1"); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestSetDuplicateEntity(t *testing.T) {
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	if _, err := db.Set("/foo", "42"); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/foo", "43"); err == nil {
+		t.Fatalf("Creating an entry with a duplicate path did not cause an error")
+	}
+}
+
+func TestCreateChild(t *testing.T) {
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	child, err := db.Set("/db", "1")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if child == nil {
+		t.Fatal("Child should not be nil")
+	}
+	if child.ID() != "1" {
+		t.Fail()
+	}
+}
+
+func TestParents(t *testing.T) {
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	for i := 1; i < 6; i++ {
+		a := strconv.Itoa(i)
+		if _, err := db.Set("/"+a, a); err != nil {
+			t.Fatal(err)
+		}
+	}
+
+	for i := 6; i < 11; i++ {
+		a := strconv.Itoa(i)
+		p := strconv.Itoa(i - 5)
+
+		key := fmt.Sprintf("/%s/%s", p, a)
+
+		if _, err := db.Set(key, a); err != nil {
+			t.Fatal(err)
+		}
+
+		parents, err := db.Parents(key)
+		if err != nil {
+			t.Fatal(err)
+		}
+
+		if len(parents) != 1 {
+			t.Fatalf("Expected 1 entry for %s got %d", key, len(parents))
+		}
+
+		if parents[0] != p {
+			t.Fatalf("ID %s received, %s expected", parents[0], p)
+		}
+	}
+}
+
+func TestChildren(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	str := "/"
+	for i := 1; i < 6; i++ {
+		a := strconv.Itoa(i)
+		if _, err := db.Set(str+a, a); err != nil {
+			t.Fatal(err)
+		}
+
+		str = str + a + "/"
+	}
+
+	str = "/"
+	for i := 10; i < 30; i++ { // 20 entities
+		a := strconv.Itoa(i)
+		if _, err := db.Set(str+a, a); err != nil {
+			t.Fatal(err)
+		}
+
+		str = str + a + "/"
+	}
+	entries, err := db.Children("/", 5)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(entries) != 11 {
+		t.Fatalf("Expect 11 entries for / got %d", len(entries))
+	}
+
+	entries, err = db.Children("/", 20)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(entries) != 25 {
+		t.Fatalf("Expect 25 entries for / got %d", len(entries))
+	}
+}
+
+func TestListAllRootChildren(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	for i := 1; i < 6; i++ {
+		a := strconv.Itoa(i)
+		if _, err := db.Set("/"+a, a); err != nil {
+			t.Fatal(err)
+		}
+	}
+	entries := db.List("/", -1)
+	if len(entries) != 5 {
+		t.Fatalf("Expect 5 entries for / got %d", len(entries))
+	}
+}
+
+func TestListAllSubChildren(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	_, err := db.Set("/webapp", "1")
+	if err != nil {
+		t.Fatal(err)
+	}
+	child2, err := db.Set("/db", "2")
+	if err != nil {
+		t.Fatal(err)
+	}
+	child4, err := db.Set("/logs", "4")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/db/logs", child4.ID()); err != nil {
+		t.Fatal(err)
+	}
+
+	child3, err := db.Set("/sentry", "3")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/webapp/sentry", child3.ID()); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/webapp/db", child2.ID()); err != nil {
+		t.Fatal(err)
+	}
+
+	entries := db.List("/webapp", 1)
+	if len(entries) != 3 {
+		t.Fatalf("Expect 3 entries for / got %d", len(entries))
+	}
+
+	entries = db.List("/webapp", 0)
+	if len(entries) != 2 {
+		t.Fatalf("Expect 2 entries for / got %d", len(entries))
+	}
+}
+
+func TestAddSelfAsChild(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	child, err := db.Set("/test", "1")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/test/other", child.ID()); err == nil {
+		t.Fatal("Error should not be nil")
+	}
+}
+
+func TestAddChildToNonExistentRoot(t *testing.T) {
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	if _, err := db.Set("/myapp", "1"); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := db.Set("/myapp/proxy/db", "2"); err == nil {
+		t.Fatal("Error should not be nil")
+	}
+}
+
+func TestWalkAll(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+	_, err := db.Set("/webapp", "1")
+	if err != nil {
+		t.Fatal(err)
+	}
+	child2, err := db.Set("/db", "2")
+	if err != nil {
+		t.Fatal(err)
+	}
+	child4, err := db.Set("/db/logs", "4")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/webapp/logs", child4.ID()); err != nil {
+		t.Fatal(err)
+	}
+
+	child3, err := db.Set("/sentry", "3")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/webapp/sentry", child3.ID()); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/webapp/db", child2.ID()); err != nil {
+		t.Fatal(err)
+	}
+
+	child5, err := db.Set("/gograph", "5")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/webapp/same-ref-diff-name", child5.ID()); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := db.Walk("/", func(p string, e *Entity) error {
+		t.Logf("Path: %s Entity: %s", p, e.ID())
+		return nil
+	}, -1); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestGetEntityByPath(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+	_, err := db.Set("/webapp", "1")
+	if err != nil {
+		t.Fatal(err)
+	}
+	child2, err := db.Set("/db", "2")
+	if err != nil {
+		t.Fatal(err)
+	}
+	child4, err := db.Set("/logs", "4")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/db/logs", child4.ID()); err != nil {
+		t.Fatal(err)
+	}
+
+	child3, err := db.Set("/sentry", "3")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/webapp/sentry", child3.ID()); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/webapp/db", child2.ID()); err != nil {
+		t.Fatal(err)
+	}
+
+	child5, err := db.Set("/gograph", "5")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/webapp/same-ref-diff-name", child5.ID()); err != nil {
+		t.Fatal(err)
+	}
+
+	entity := db.Get("/webapp/db/logs")
+	if entity == nil {
+		t.Fatal("Entity should not be nil")
+	}
+	if entity.ID() != "4" {
+		t.Fatalf("Expected to get entity with id 4, got %s", entity.ID())
+	}
+}
+
+func TestEnitiesPaths(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+	_, err := db.Set("/webapp", "1")
+	if err != nil {
+		t.Fatal(err)
+	}
+	child2, err := db.Set("/db", "2")
+	if err != nil {
+		t.Fatal(err)
+	}
+	child4, err := db.Set("/logs", "4")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/db/logs", child4.ID()); err != nil {
+		t.Fatal(err)
+	}
+
+	child3, err := db.Set("/sentry", "3")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/webapp/sentry", child3.ID()); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/webapp/db", child2.ID()); err != nil {
+		t.Fatal(err)
+	}
+
+	child5, err := db.Set("/gograph", "5")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/webapp/same-ref-diff-name", child5.ID()); err != nil {
+		t.Fatal(err)
+	}
+
+	out := db.List("/", -1)
+	for _, p := range out.Paths() {
+		t.Log(p)
+	}
+}
+
+func TestDeleteRootEntity(t *testing.T) {
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	if err := db.Delete("/"); err == nil {
+		t.Fatal("Error should not be nil")
+	}
+}
+
+func TestDeleteEntity(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+	_, err := db.Set("/webapp", "1")
+	if err != nil {
+		t.Fatal(err)
+	}
+	child2, err := db.Set("/db", "2")
+	if err != nil {
+		t.Fatal(err)
+	}
+	child4, err := db.Set("/logs", "4")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/db/logs", child4.ID()); err != nil {
+		t.Fatal(err)
+	}
+
+	child3, err := db.Set("/sentry", "3")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/webapp/sentry", child3.ID()); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/webapp/db", child2.ID()); err != nil {
+		t.Fatal(err)
+	}
+
+	child5, err := db.Set("/gograph", "5")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := db.Set("/webapp/same-ref-diff-name", child5.ID()); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := db.Delete("/webapp/sentry"); err != nil {
+		t.Fatal(err)
+	}
+	entity := db.Get("/webapp/sentry")
+	if entity != nil {
+		t.Fatal("Entity /webapp/sentry should be nil")
+	}
+}
+
+func TestCountRefs(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	db.Set("/webapp", "1")
+
+	if db.Refs("1") != 1 {
+		t.Fatal("Expect reference count to be 1")
+	}
+
+	db.Set("/db", "2")
+	db.Set("/webapp/db", "2")
+	if db.Refs("2") != 2 {
+		t.Fatal("Expect reference count to be 2")
+	}
+}
+
+func TestPurgeId(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	db.Set("/webapp", "1")
+
+	if c := db.Refs("1"); c != 1 {
+		t.Fatalf("Expect reference count to be 1, got %d", c)
+	}
+
+	db.Set("/db", "2")
+	db.Set("/webapp/db", "2")
+
+	count, err := db.Purge("2")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if count != 2 {
+		t.Fatalf("Expected 2 references to be removed, got %d", count)
+	}
+}
+
+// Regression test https://github.com/docker/docker/issues/12334
+func TestPurgeIdRefPaths(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	db.Set("/webapp", "1")
+	db.Set("/db", "2")
+
+	db.Set("/db/webapp", "1")
+
+	if c := db.Refs("1"); c != 2 {
+		t.Fatalf("Expected 2 reference for webapp, got %d", c)
+	}
+	if c := db.Refs("2"); c != 1 {
+		t.Fatalf("Expected 1 reference for db, got %d", c)
+	}
+
+	if rp := db.RefPaths("2"); len(rp) != 1 {
+		t.Fatalf("Expected 1 reference path for db, got %d", len(rp))
+	}
+
+	count, err := db.Purge("2")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if count != 2 {
+		t.Fatalf("Expected 2 rows to be removed, got %d", count)
+	}
+
+	if c := db.Refs("2"); c != 0 {
+		t.Fatalf("Expected 0 reference for db, got %d", c)
+	}
+	if c := db.Refs("1"); c != 1 {
+		t.Fatalf("Expected 1 reference for webapp, got %d", c)
+	}
+}
+
+func TestRename(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	db.Set("/webapp", "1")
+
+	if db.Refs("1") != 1 {
+		t.Fatal("Expect reference count to be 1")
+	}
+
+	db.Set("/db", "2")
+	db.Set("/webapp/db", "2")
+
+	if db.Get("/webapp/db") == nil {
+		t.Fatal("Cannot find entity at path /webapp/db")
+	}
+
+	if err := db.Rename("/webapp/db", "/webapp/newdb"); err != nil {
+		t.Fatal(err)
+	}
+	if db.Get("/webapp/db") != nil {
+		t.Fatal("Entity should not exist at /webapp/db")
+	}
+	if db.Get("/webapp/newdb") == nil {
+		t.Fatal("Cannot find entity at path /webapp/newdb")
+	}
+
+}
+
+func TestCreateMultipleNames(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	db.Set("/db", "1")
+	if _, err := db.Set("/myapp", "1"); err != nil {
+		t.Fatal(err)
+	}
+
+	db.Walk("/", func(p string, e *Entity) error {
+		t.Logf("%s\n", p)
+		return nil
+	}, -1)
+}
+
+func TestRefPaths(t *testing.T) {
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	db.Set("/webapp", "1")
+
+	db.Set("/db", "2")
+	db.Set("/webapp/db", "2")
+
+	refs := db.RefPaths("2")
+	if len(refs) != 2 {
+		t.Fatalf("Expected reference count to be 2, got %d", len(refs))
+	}
+}
+
+func TestExistsTrue(t *testing.T) {
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	db.Set("/testing", "1")
+
+	if !db.Exists("/testing") {
+		t.Fatalf("/tesing should exist")
+	}
+}
+
+func TestExistsFalse(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	db.Set("/toerhe", "1")
+
+	if db.Exists("/testing") {
+		t.Fatalf("/tesing should not exist")
+	}
+
+}
+
+func TestGetNameWithTrailingSlash(t *testing.T) {
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	db.Set("/todo", "1")
+
+	e := db.Get("/todo/")
+	if e == nil {
+		t.Fatalf("Entity should not be nil")
+	}
+}
+
+func TestConcurrentWrites(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+	db, dbpath := newTestDb(t)
+	defer destroyTestDb(dbpath)
+
+	errs := make(chan error, 2)
+
+	save := func(name string, id string) {
+		if _, err := db.Set(fmt.Sprintf("/%s", name), id); err != nil {
+			errs <- err
+		}
+		errs <- nil
+	}
+	purge := func(id string) {
+		if _, err := db.Purge(id); err != nil {
+			errs <- err
+		}
+		errs <- nil
+	}
+
+	save("/1", "1")
+
+	go purge("1")
+	go save("/2", "2")
+
+	any := false
+	for i := 0; i < 2; i++ {
+		if err := <-errs; err != nil {
+			any = true
+			t.Log(err)
+		}
+	}
+	if any {
+		t.Fail()
+	}
+}
diff --git a/pkg/graphdb/sort.go b/pkg/graphdb/sort.go
new file mode 100644
index 00000000..c07df077
--- /dev/null
+++ b/pkg/graphdb/sort.go
@@ -0,0 +1,27 @@
+package graphdb
+
+import "sort"
+
+type pathSorter struct {
+	paths []string
+	by    func(i, j string) bool
+}
+
+func sortByDepth(paths []string) {
+	s := &pathSorter{paths, func(i, j string) bool {
+		return PathDepth(i) > PathDepth(j)
+	}}
+	sort.Sort(s)
+}
+
+func (s *pathSorter) Len() int {
+	return len(s.paths)
+}
+
+func (s *pathSorter) Swap(i, j int) {
+	s.paths[i], s.paths[j] = s.paths[j], s.paths[i]
+}
+
+func (s *pathSorter) Less(i, j int) bool {
+	return s.by(s.paths[i], s.paths[j])
+}
diff --git a/pkg/graphdb/sort_test.go b/pkg/graphdb/sort_test.go
new file mode 100644
index 00000000..ddf2266f
--- /dev/null
+++ b/pkg/graphdb/sort_test.go
@@ -0,0 +1,29 @@
+package graphdb
+
+import (
+	"testing"
+)
+
+func TestSort(t *testing.T) {
+	paths := []string{
+		"/",
+		"/myreallylongname",
+		"/app/db",
+	}
+
+	sortByDepth(paths)
+
+	if len(paths) != 3 {
+		t.Fatalf("Expected 3 parts got %d", len(paths))
+	}
+
+	if paths[0] != "/app/db" {
+		t.Fatalf("Expected /app/db got %s", paths[0])
+	}
+	if paths[1] != "/myreallylongname" {
+		t.Fatalf("Expected /myreallylongname got %s", paths[1])
+	}
+	if paths[2] != "/" {
+		t.Fatalf("Expected / got %s", paths[2])
+	}
+}
diff --git a/pkg/graphdb/utils.go b/pkg/graphdb/utils.go
new file mode 100644
index 00000000..9edd79c3
--- /dev/null
+++ b/pkg/graphdb/utils.go
@@ -0,0 +1,32 @@
+package graphdb
+
+import (
+	"path"
+	"strings"
+)
+
+// Split p on /
+func split(p string) []string {
+	return strings.Split(p, "/")
+}
+
+// PathDepth returns the depth or number of / in a given path
+func PathDepth(p string) int {
+	parts := split(p)
+	if len(parts) == 2 && parts[1] == "" {
+		return 1
+	}
+	return len(parts)
+}
+
+func splitPath(p string) (parent, name string) {
+	if p[0] != '/' {
+		p = "/" + p
+	}
+	parent, name = path.Split(p)
+	l := len(parent)
+	if parent[l-1] == '/' {
+		parent = parent[:l-1]
+	}
+	return
+}
diff --git a/pkg/homedir/homedir.go b/pkg/homedir/homedir.go
new file mode 100644
index 00000000..8154e83f
--- /dev/null
+++ b/pkg/homedir/homedir.go
@@ -0,0 +1,39 @@
+package homedir
+
+import (
+	"os"
+	"runtime"
+
+	"github.com/opencontainers/runc/libcontainer/user"
+)
+
+// Key returns the env var name for the user's home dir based on
+// the platform being run on
+func Key() string {
+	if runtime.GOOS == "windows" {
+		return "USERPROFILE"
+	}
+	return "HOME"
+}
+
+// Get returns the home directory of the current user with the help of
+// environment variables depending on the target operating system.
+// Returned path should be used with "path/filepath" to form new paths.
+func Get() string {
+	home := os.Getenv(Key())
+	if home == "" && runtime.GOOS != "windows" {
+		if u, err := user.CurrentUser(); err == nil {
+			return u.Home
+		}
+	}
+	return home
+}
+
+// GetShortcutString returns the string that is shortcut to user's home directory
+// in the native shell of the platform running on.
+func GetShortcutString() string {
+	if runtime.GOOS == "windows" {
+		return "%USERPROFILE%" // be careful while using in format functions
+	}
+	return "~"
+}
diff --git a/pkg/homedir/homedir_test.go b/pkg/homedir/homedir_test.go
new file mode 100644
index 00000000..7a95cb2b
--- /dev/null
+++ b/pkg/homedir/homedir_test.go
@@ -0,0 +1,24 @@
+package homedir
+
+import (
+	"path/filepath"
+	"testing"
+)
+
+func TestGet(t *testing.T) {
+	home := Get()
+	if home == "" {
+		t.Fatal("returned home directory is empty")
+	}
+
+	if !filepath.IsAbs(home) {
+		t.Fatalf("returned path is not absolute: %s", home)
+	}
+}
+
+func TestGetShortcutString(t *testing.T) {
+	shortcut := GetShortcutString()
+	if shortcut == "" {
+		t.Fatal("returned shortcut string is empty")
+	}
+}
diff --git a/pkg/httputils/httputils.go b/pkg/httputils/httputils.go
new file mode 100644
index 00000000..d7dc4387
--- /dev/null
+++ b/pkg/httputils/httputils.go
@@ -0,0 +1,56 @@
+package httputils
+
+import (
+	"errors"
+	"fmt"
+	"net/http"
+	"regexp"
+	"strings"
+
+	"github.com/docker/docker/pkg/jsonmessage"
+)
+
+var (
+	headerRegexp     = regexp.MustCompile(`^(?:(.+)/(.+?))\((.+)\).*$`)
+	errInvalidHeader = errors.New("Bad header, should be in format `docker/version (platform)`")
+)
+
+// Download requests a given URL and returns an io.Reader.
+func Download(url string) (resp *http.Response, err error) {
+	if resp, err = http.Get(url); err != nil {
+		return nil, err
+	}
+	if resp.StatusCode >= 400 {
+		return nil, fmt.Errorf("Got HTTP status code >= 400: %s", resp.Status)
+	}
+	return resp, nil
+}
+
+// NewHTTPRequestError returns a JSON response error.
+func NewHTTPRequestError(msg string, res *http.Response) error {
+	return &jsonmessage.JSONError{
+		Message: msg,
+		Code:    res.StatusCode,
+	}
+}
+
+// ServerHeader contains the server information.
+type ServerHeader struct {
+	App string // docker
+	Ver string // 1.8.0-dev
+	OS  string // windows or linux
+}
+
+// ParseServerHeader extracts pieces from an HTTP server header
+// which is in the format "docker/version (os)" eg docker/1.8.0-dev (windows).
+func ParseServerHeader(hdr string) (*ServerHeader, error) {
+	matches := headerRegexp.FindStringSubmatch(hdr)
+	if len(matches) != 4 {
+		return nil, errInvalidHeader
+	}
+	return &ServerHeader{
+		App: strings.TrimSpace(matches[1]),
+		Ver: strings.TrimSpace(matches[2]),
+		OS:  strings.TrimSpace(matches[3]),
+	}, nil
+}
diff --git a/pkg/httputils/httputils_test.go b/pkg/httputils/httputils_test.go
new file mode 100644
index 00000000..d35d0821
--- /dev/null
+++ b/pkg/httputils/httputils_test.go
@@ -0,0 +1,115 @@
+package httputils
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/http/httptest"
+	"strings"
+	"testing"
+)
+
+func TestDownload(t *testing.T) {
+	expected := "Hello, docker !"
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		fmt.Fprintf(w, expected)
+	}))
+	defer ts.Close()
+	response, err := Download(ts.URL)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	actual, err := ioutil.ReadAll(response.Body)
+	response.Body.Close()
+
+	if err != nil || string(actual) != expected {
+		t.Fatalf("Expected the response %q, got err:%v, response:%v, actual:%s", expected, err, response, string(actual))
+	}
+}
+
+func TestDownload400Errors(t *testing.T) {
+	expectedError := "Got HTTP status code >= 400: 403 Forbidden"
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		// 403
+		http.Error(w, "something failed (forbidden)", http.StatusForbidden)
+	}))
+	defer ts.Close()
+	// Expected status code = 403
+	if _, err := Download(ts.URL); err == nil || err.Error() != expectedError {
+		t.Fatalf("Expected the the error %q, got %v", expectedError, err)
+	}
+}
+
+func TestDownloadOtherErrors(t *testing.T) {
+	if _, err := Download("I'm not an url.."); err == nil || !strings.Contains(err.Error(), "unsupported protocol scheme") {
+		t.Fatalf("Expected an error with 'unsupported protocol scheme', got %v", err)
+	}
+}
+
+func TestNewHTTPRequestError(t *testing.T) {
+	errorMessage := "Some error message"
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		// 403
+		http.Error(w, errorMessage, http.StatusForbidden)
+	}))
+	defer ts.Close()
+	httpResponse, err := http.Get(ts.URL)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err := NewHTTPRequestError(errorMessage, httpResponse); err.Error() != errorMessage {
+		t.Fatalf("Expected err to be %q, got %v", errorMessage, err)
+	}
+}
+
+func TestParseServerHeader(t *testing.T) {
+	inputs := map[string][]string{
+		"bad header":           {"error"},
+		"(bad header)":         {"error"},
+		"(without/spaces)":     {"error"},
+		"(header/with spaces)": {"error"},
+		"foo/bar (baz)":        {"foo", "bar", "baz"},
+		"foo/bar":              {"error"},
+		"foo":                  {"error"},
+		"foo/bar (baz space)":           {"foo", "bar", "baz space"},
+		"  f  f  /  b  b  (  b  s  )  ": {"f  f", "b  b", "b  s"},
+		"foo/bar (baz) ignore":          {"foo", "bar", "baz"},
+		"foo/bar ()":                    {"error"},
+		"foo/bar()":                     {"error"},
+		"foo/bar(baz)":                  {"foo", "bar", "baz"},
+		"foo/bar/zzz(baz)":              {"foo/bar", "zzz", "baz"},
+		"foo/bar(baz/abc)":              {"foo", "bar", "baz/abc"},
+		"foo/bar(baz (abc))":            {"foo", "bar", "baz (abc)"},
+	}
+
+	for header, values := range inputs {
+		serverHeader, err := ParseServerHeader(header)
+		if err != nil {
+			if err != errInvalidHeader {
+				t.Fatalf("Failed to parse %q, and got some unexpected error: %q", header, err)
+			}
+			if values[0] == "error" {
+				continue
+			}
+			t.Fatalf("Header %q failed to parse when it shouldn't have", header)
+		}
+		if values[0] == "error" {
+			t.Fatalf("Header %q parsed ok when it should have failed(%q).", header, serverHeader)
+		}
+
+		if serverHeader.App != values[0] {
+			t.Fatalf("Expected serverHeader.App for %q to equal %q, got %q", header, values[0], serverHeader.App)
+		}
+
+		if serverHeader.Ver != values[1] {
+			t.Fatalf("Expected serverHeader.Ver for %q to equal %q, got %q", header, values[1], serverHeader.Ver)
+		}
+
+		if serverHeader.OS != values[2] {
+			t.Fatalf("Expected serverHeader.OS for %q to equal %q, got %q", header, values[2], serverHeader.OS)
+		}
+
+	}
+
+}
diff --git a/pkg/httputils/mimetype.go b/pkg/httputils/mimetype.go
new file mode 100644
index 00000000..d5cf34e4
--- /dev/null
+++ b/pkg/httputils/mimetype.go
@@ -0,0 +1,30 @@
+package httputils
+
+import (
+	"mime"
+	"net/http"
+)
+
+// MimeTypes stores the MIME content type.
+var MimeTypes = struct {
+	TextPlain   string
+	Tar         string
+	OctetStream string
+}{"text/plain", "application/tar", "application/octet-stream"}
+
+// DetectContentType returns a best guess representation of the MIME
+// content type for the bytes at c.  The value detected by
+// http.DetectContentType is guaranteed not be nil, defaulting to
+// application/octet-stream when a better guess cannot be made. The
+// result of this detection is then run through mime.ParseMediaType()
+// which separates the actual MIME string from any parameters.
+func DetectContentType(c []byte) (string, map[string]string, error) {
+
+	ct := http.DetectContentType(c)
+	contentType, args, err := mime.ParseMediaType(ct)
+	if err != nil {
+		return "", nil, err
+	}
+
+	return contentType, args, nil
+}
diff --git a/pkg/httputils/mimetype_test.go b/pkg/httputils/mimetype_test.go
new file mode 100644
index 00000000..9de433ee
--- /dev/null
+++ b/pkg/httputils/mimetype_test.go
@@ -0,0 +1,13 @@
+package httputils
+
+import (
+	"testing"
+)
+
+func TestDetectContentType(t *testing.T) {
+	input := []byte("That is just a plain text")
+
+	if contentType, _, err := DetectContentType(input); err != nil || contentType != "text/plain" {
+		t.Errorf("TestDetectContentType failed")
+	}
+}
diff --git a/pkg/httputils/resumablerequestreader.go b/pkg/httputils/resumablerequestreader.go
new file mode 100644
index 00000000..bebc8608
--- /dev/null
+++ b/pkg/httputils/resumablerequestreader.go
@@ -0,0 +1,95 @@
+package httputils
+
+import (
+	"fmt"
+	"io"
+	"net/http"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+)
+
+type resumableRequestReader struct {
+	client          *http.Client
+	request         *http.Request
+	lastRange       int64
+	totalSize       int64
+	currentResponse *http.Response
+	failures        uint32
+	maxFailures     uint32
+}
+
+// ResumableRequestReader makes it possible to resume reading a request's body transparently
+// maxfail is the number of times we retry to make requests again (not resumes)
+// totalsize is the total length of the body; auto detect if not provided
+func ResumableRequestReader(c *http.Client, r *http.Request, maxfail uint32, totalsize int64) io.ReadCloser {
+	return &resumableRequestReader{client: c, request: r, maxFailures: maxfail, totalSize: totalsize}
+}
+
+// ResumableRequestReaderWithInitialResponse makes it possible to resume
+// reading the body of an already initiated request.
+func ResumableRequestReaderWithInitialResponse(c *http.Client, r *http.Request, maxfail uint32, totalsize int64, initialResponse *http.Response) io.ReadCloser {
+	return &resumableRequestReader{client: c, request: r, maxFailures: maxfail, totalSize: totalsize, currentResponse: initialResponse}
+}
+
+func (r *resumableRequestReader) Read(p []byte) (n int, err error) {
+	if r.client == nil || r.request == nil {
+		return 0, fmt.Errorf("client and request can't be nil\n")
+	}
+	isFreshRequest := false
+	if r.lastRange != 0 && r.currentResponse == nil {
+		readRange := fmt.Sprintf("bytes=%d-%d", r.lastRange, r.totalSize)
+		r.request.Header.Set("Range", readRange)
+		time.Sleep(5 * time.Second)
+	}
+	if r.currentResponse == nil {
+		r.currentResponse, err = r.client.Do(r.request)
+		isFreshRequest = true
+	}
+	if err != nil && r.failures+1 != r.maxFailures {
+		r.cleanUpResponse()
+		r.failures++
+		time.Sleep(5 * time.Duration(r.failures) * time.Second)
+		return 0, nil
+	} else if err != nil {
+		r.cleanUpResponse()
+		return 0, err
+	}
+	if r.currentResponse.StatusCode == 416 && r.lastRange == r.totalSize && r.currentResponse.ContentLength == 0 {
+		r.cleanUpResponse()
+		return 0, io.EOF
+	} else if r.currentResponse.StatusCode != 206 && r.lastRange != 0 && isFreshRequest {
+		r.cleanUpResponse()
+		return 0, fmt.Errorf("the server doesn't support byte ranges")
+	}
+	if r.totalSize == 0 {
+		r.totalSize = r.currentResponse.ContentLength
+	} else if r.totalSize <= 0 {
+		r.cleanUpResponse()
+		return 0, fmt.Errorf("failed to auto detect content length")
+	}
+	n, err = r.currentResponse.Body.Read(p)
+	r.lastRange += int64(n)
+	if err != nil {
+		r.cleanUpResponse()
+	}
+	if err != nil && err != io.EOF {
+		logrus.Infof("encountered error during pull and clearing it before resume: %s", err)
+		err = nil
+	}
+	return n, err
+}
+
+func (r *resumableRequestReader) Close() error {
+	r.cleanUpResponse()
+	r.client = nil
+	r.request = nil
+	return nil
+}
+
+func (r *resumableRequestReader) cleanUpResponse() {
+	if r.currentResponse != nil {
+		r.currentResponse.Body.Close()
+		r.currentResponse = nil
+	}
+}
diff --git a/pkg/httputils/resumablerequestreader_test.go b/pkg/httputils/resumablerequestreader_test.go
new file mode 100644
index 00000000..7006f049
--- /dev/null
+++ b/pkg/httputils/resumablerequestreader_test.go
@@ -0,0 +1,307 @@
+package httputils
+
+import (
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net/http"
+	"net/http/httptest"
+	"strings"
+	"testing"
+)
+
+func TestResumableRequestHeaderSimpleErrors(t *testing.T) {
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		fmt.Fprintln(w, "Hello, world !")
+	}))
+	defer ts.Close()
+
+	client := &http.Client{}
+
+	var req *http.Request
+	req, err := http.NewRequest("GET", ts.URL, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	expectedError := "client and request can't be nil\n"
+	resreq := &resumableRequestReader{}
+	_, err = resreq.Read([]byte{})
+	if err == nil || err.Error() != expectedError {
+		t.Fatalf("Expected an error with '%s', got %v.", expectedError, err)
+	}
+
+	resreq = &resumableRequestReader{
+		client:    client,
+		request:   req,
+		totalSize: -1,
+	}
+	expectedError = "failed to auto detect content length"
+	_, err = resreq.Read([]byte{})
+	if err == nil || err.Error() != expectedError {
+		t.Fatalf("Expected an error with '%s', got %v.", expectedError, err)
+	}
+
+}
+
+// Not too much failures, bails out after some wait
+func TestResumableRequestHeaderNotTooMuchFailures(t *testing.T) {
+	client := &http.Client{}
+
+	var badReq *http.Request
+	badReq, err := http.NewRequest("GET", "I'm not an url", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	resreq := &resumableRequestReader{
+		client:      client,
+		request:     badReq,
+		failures:    0,
+		maxFailures: 2,
+	}
+	read, err := resreq.Read([]byte{})
+	if err != nil || read != 0 {
+		t.Fatalf("Expected no error and no byte read, got err:%v, read:%v.", err, read)
+	}
+}
+
+// Too much failures, returns the error
+func TestResumableRequestHeaderTooMuchFailures(t *testing.T) {
+	client := &http.Client{}
+
+	var badReq *http.Request
+	badReq, err := http.NewRequest("GET", "I'm not an url", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	resreq := &resumableRequestReader{
+		client:      client,
+		request:     badReq,
+		failures:    0,
+		maxFailures: 1,
+	}
+	defer resreq.Close()
+
+	expectedError := `Get I%27m%20not%20an%20url: unsupported protocol scheme ""`
+	read, err := resreq.Read([]byte{})
+	if err == nil || err.Error() != expectedError || read != 0 {
+		t.Fatalf("Expected the error '%s', got err:%v, read:%v.", expectedError, err, read)
+	}
+}
+
+type errorReaderCloser struct{}
+
+func (errorReaderCloser) Close() error { return nil }
+
+func (errorReaderCloser) Read(p []byte) (n int, err error) {
+	return 0, fmt.Errorf("An error occurred")
+}
+
+// If a an unknown error is encountered, return 0, nil and log it
+func TestResumableRequestReaderWithReadError(t *testing.T) {
+	var req *http.Request
+	req, err := http.NewRequest("GET", "", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	client := &http.Client{}
+
+	response := &http.Response{
+		Status:        "500 Internal Server",
+		StatusCode:    500,
+		ContentLength: 0,
+		Close:         true,
+		Body:          errorReaderCloser{},
+	}
+
+	resreq := &resumableRequestReader{
+		client:          client,
+		request:         req,
+		currentResponse: response,
+		lastRange:       1,
+		totalSize:       1,
+	}
+	defer resreq.Close()
+
+	buf := make([]byte, 1)
+	read, err := resreq.Read(buf)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if read != 0 {
+		t.Fatalf("Expected to have read nothing, but read %v", read)
+	}
+}
+
+func TestResumableRequestReaderWithEOFWith416Response(t *testing.T) {
+	var req *http.Request
+	req, err := http.NewRequest("GET", "", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	client := &http.Client{}
+
+	response := &http.Response{
+		Status:        "416 Requested Range Not Satisfiable",
+		StatusCode:    416,
+		ContentLength: 0,
+		Close:         true,
+		Body:          ioutil.NopCloser(strings.NewReader("")),
+	}
+
+	resreq := &resumableRequestReader{
+		client:          client,
+		request:         req,
+		currentResponse: response,
+		lastRange:       1,
+		totalSize:       1,
+	}
+	defer resreq.Close()
+
+	buf := make([]byte, 1)
+	_, err = resreq.Read(buf)
+	if err == nil || err != io.EOF {
+		t.Fatalf("Expected an io.EOF error, got %v", err)
+	}
+}
+
+func TestResumableRequestReaderWithServerDoesntSupportByteRanges(t *testing.T) {
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if r.Header.Get("Range") == "" {
+			t.Fatalf("Expected a Range HTTP header, got nothing")
+		}
+	}))
+	defer ts.Close()
+
+	var req *http.Request
+	req, err := http.NewRequest("GET", ts.URL, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	client := &http.Client{}
+
+	resreq := &resumableRequestReader{
+		client:    client,
+		request:   req,
+		lastRange: 1,
+	}
+	defer resreq.Close()
+
+	buf := make([]byte, 2)
+	_, err = resreq.Read(buf)
+	if err == nil || err.Error() != "the server doesn't support byte ranges" {
+		t.Fatalf("Expected an error 'the server doesn't support byte ranges', got %v", err)
+	}
+}
+
+func TestResumableRequestReaderWithZeroTotalSize(t *testing.T) {
+
+	srvtxt := "some response text data"
+
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		fmt.Fprintln(w, srvtxt)
+	}))
+	defer ts.Close()
+
+	var req *http.Request
+	req, err := http.NewRequest("GET", ts.URL, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	client := &http.Client{}
+	retries := uint32(5)
+
+	resreq := ResumableRequestReader(client, req, retries, 0)
+	defer resreq.Close()
+
+	data, err := ioutil.ReadAll(resreq)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	resstr := strings.TrimSuffix(string(data), "\n")
+
+	if resstr != srvtxt {
+		t.Errorf("resstr != srvtxt")
+	}
+}
+
+func TestResumableRequestReader(t *testing.T) {
+
+	srvtxt := "some response text data"
+
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		fmt.Fprintln(w, srvtxt)
+	}))
+	defer ts.Close()
+
+	var req *http.Request
+	req, err := http.NewRequest("GET", ts.URL, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	client := &http.Client{}
+	retries := uint32(5)
+	imgSize := int64(len(srvtxt))
+
+	resreq := ResumableRequestReader(client, req, retries, imgSize)
+	defer resreq.Close()
+
+	data, err := ioutil.ReadAll(resreq)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	resstr := strings.TrimSuffix(string(data), "\n")
+
+	if resstr != srvtxt {
+		t.Errorf("resstr != srvtxt")
+	}
+}
+
+func TestResumableRequestReaderWithInitialResponse(t *testing.T) {
+
+	srvtxt := "some response text data"
+
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		fmt.Fprintln(w, srvtxt)
+	}))
+	defer ts.Close()
+
+	var req *http.Request
+	req, err := http.NewRequest("GET", ts.URL, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	client := &http.Client{}
+	retries := uint32(5)
+	imgSize := int64(len(srvtxt))
+
+	res, err := client.Do(req)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	resreq := ResumableRequestReaderWithInitialResponse(client, req, retries, imgSize, res)
+	defer resreq.Close()
+
+	data, err := ioutil.ReadAll(resreq)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	resstr := strings.TrimSuffix(string(data), "\n")
+
+	if resstr != srvtxt {
+		t.Errorf("resstr != srvtxt")
+	}
+}
diff --git a/pkg/idtools/idtools.go b/pkg/idtools/idtools.go
new file mode 100644
index 00000000..6bca4662
--- /dev/null
+++ b/pkg/idtools/idtools.go
@@ -0,0 +1,197 @@
+package idtools
+
+import (
+	"bufio"
+	"fmt"
+	"os"
+	"sort"
+	"strconv"
+	"strings"
+)
+
+// IDMap contains a single entry for user namespace range remapping. An array
+// of IDMap entries represents the structure that will be provided to the Linux
+// kernel for creating a user namespace.
+type IDMap struct {
+	ContainerID int `json:"container_id"`
+	HostID      int `json:"host_id"`
+	Size        int `json:"size"`
+}
+
+type subIDRange struct {
+	Start  int
+	Length int
+}
+
+type ranges []subIDRange
+
+func (e ranges) Len() int           { return len(e) }
+func (e ranges) Swap(i, j int)      { e[i], e[j] = e[j], e[i] }
+func (e ranges) Less(i, j int) bool { return e[i].Start < e[j].Start }
+
+const (
+	subuidFileName string = "/etc/subuid"
+	subgidFileName string = "/etc/subgid"
+)
+
+// MkdirAllAs creates a directory (include any along the path) and then modifies
+// ownership to the requested uid/gid.  If the directory already exists, this
+// function will still change ownership to the requested uid/gid pair.
+func MkdirAllAs(path string, mode os.FileMode, ownerUID, ownerGID int) error {
+	return mkdirAs(path, mode, ownerUID, ownerGID, true, true)
+}
+
+// MkdirAllNewAs creates a directory (include any along the path) and then modifies
+// ownership ONLY of newly created directories to the requested uid/gid. If the
+// directories along the path exist, no change of ownership will be performed
+func MkdirAllNewAs(path string, mode os.FileMode, ownerUID, ownerGID int) error {
+	return mkdirAs(path, mode, ownerUID, ownerGID, true, false)
+}
+
+// MkdirAs creates a directory and then modifies ownership to the requested uid/gid.
+// If the directory already exists, this function still changes ownership
+func MkdirAs(path string, mode os.FileMode, ownerUID, ownerGID int) error {
+	return mkdirAs(path, mode, ownerUID, ownerGID, false, true)
+}
+
+// GetRootUIDGID retrieves the remapped root uid/gid pair from the set of maps.
+// If the maps are empty, then the root uid/gid will default to "real" 0/0
+func GetRootUIDGID(uidMap, gidMap []IDMap) (int, int, error) {
+	var uid, gid int
+
+	if uidMap != nil {
+		xUID, err := ToHost(0, uidMap)
+		if err != nil {
+			return -1, -1, err
+		}
+		uid = xUID
+	}
+	if gidMap != nil {
+		xGID, err := ToHost(0, gidMap)
+		if err != nil {
+			return -1, -1, err
+		}
+		gid = xGID
+	}
+	return uid, gid, nil
+}
+
+// ToContainer takes an id mapping, and uses it to translate a
+// host ID to the remapped ID. If no map is provided, then the translation
+// assumes a 1-to-1 mapping and returns the passed in id
+func ToContainer(hostID int, idMap []IDMap) (int, error) {
+	if idMap == nil {
+		return hostID, nil
+	}
+	for _, m := range idMap {
+		if (hostID >= m.HostID) && (hostID <= (m.HostID + m.Size - 1)) {
+			contID := m.ContainerID + (hostID - m.HostID)
+			return contID, nil
+		}
+	}
+	return -1, fmt.Errorf("Host ID %d cannot be mapped to a container ID", hostID)
+}
+
+// ToHost takes an id mapping and a remapped ID, and translates the
+// ID to the mapped host ID. If no map is provided, then the translation
+// assumes a 1-to-1 mapping and returns the passed in id #
+func ToHost(contID int, idMap []IDMap) (int, error) {
+	if idMap == nil {
+		return contID, nil
+	}
+	for _, m := range idMap {
+		if (contID >= m.ContainerID) && (contID <= (m.ContainerID + m.Size - 1)) {
+			hostID := m.HostID + (contID - m.ContainerID)
+			return hostID, nil
+		}
+	}
+	return -1, fmt.Errorf("Container ID %d cannot be mapped to a host ID", contID)
+}
+
+// CreateIDMappings takes a requested user and group name and
+// using the data from /etc/sub{uid,gid} ranges, creates the
+// proper uid and gid remapping ranges for that user/group pair
+func CreateIDMappings(username, groupname string) ([]IDMap, []IDMap, error) {
+	subuidRanges, err := parseSubuid(username)
+	if err != nil {
+		return nil, nil, err
+	}
+	subgidRanges, err := parseSubgid(groupname)
+	if err != nil {
+		return nil, nil, err
+	}
+	if len(subuidRanges) == 0 {
+		return nil, nil, fmt.Errorf("No subuid ranges found for user %q", username)
+	}
+	if len(subgidRanges) == 0 {
+		return nil, nil, fmt.Errorf("No subgid ranges found for group %q", groupname)
+	}
+
+	return createIDMap(subuidRanges), createIDMap(subgidRanges), nil
+}
+
+func createIDMap(subidRanges ranges) []IDMap {
+	idMap := []IDMap{}
+
+	// sort the ranges by lowest ID first
+	sort.Sort(subidRanges)
+	containerID := 0
+	for _, idrange := range subidRanges {
+		idMap = append(idMap, IDMap{
+			ContainerID: containerID,
+			HostID:      idrange.Start,
+			Size:        idrange.Length,
+		})
+		containerID = containerID + idrange.Length
+	}
+	return idMap
+}
+
+func parseSubuid(username string) (ranges, error) {
+	return parseSubidFile(subuidFileName, username)
+}
+
+func parseSubgid(username string) (ranges, error) {
+	return parseSubidFile(subgidFileName, username)
+}
+
+// parseSubidFile will read the appropriate file (/etc/subuid or /etc/subgid)
+// and return all found ranges for a specified username. If the special value
+// "ALL" is supplied for username, then all ranges in the file will be returned
+func parseSubidFile(path, username string) (ranges, error) {
+	var rangeList ranges
+
+	subidFile, err := os.Open(path)
+	if err != nil {
+		return rangeList, err
+	}
+	defer subidFile.Close()
+
+	s := bufio.NewScanner(subidFile)
+	for s.Scan() {
+		if err := s.Err(); err != nil {
+			return rangeList, err
+		}
+
+		text := strings.TrimSpace(s.Text())
+		if text == "" || strings.HasPrefix(text, "#") {
+			continue
+		}
+		parts := strings.Split(text, ":")
+		if len(parts) != 3 {
+			return rangeList, fmt.Errorf("Cannot parse subuid/gid information: Format not correct for %s file", path)
+		}
+		if parts[0] == username || username == "ALL" {
+			startid, err := strconv.Atoi(parts[1])
+			if err != nil {
+				return rangeList, fmt.Errorf("String to int conversion failed during subuid/gid parsing of %s: %v", path, err)
+			}
+			length, err := strconv.Atoi(parts[2])
+			if err != nil {
+				return rangeList, fmt.Errorf("String to int conversion failed during subuid/gid parsing of %s: %v", path, err)
+			}
+			rangeList = append(rangeList, subIDRange{startid, length})
+		}
+	}
+	return rangeList, nil
+}
diff --git a/pkg/idtools/idtools_unix.go b/pkg/idtools/idtools_unix.go
new file mode 100644
index 00000000..b57d6ef1
--- /dev/null
+++ b/pkg/idtools/idtools_unix.go
@@ -0,0 +1,60 @@
+// +build !windows
+
+package idtools
+
+import (
+	"os"
+	"path/filepath"
+
+	"github.com/docker/docker/pkg/system"
+)
+
+func mkdirAs(path string, mode os.FileMode, ownerUID, ownerGID int, mkAll, chownExisting bool) error {
+	// make an array containing the original path asked for, plus (for mkAll == true)
+	// all path components leading up to the complete path that don't exist before we MkdirAll
+	// so that we can chown all of them properly at the end.  If chownExisting is false, we won't
+	// chown the full directory path if it exists
+	var paths []string
+	if _, err := os.Stat(path); err != nil && os.IsNotExist(err) {
+		paths = []string{path}
+	} else if err == nil && chownExisting {
+		if err := os.Chown(path, ownerUID, ownerGID); err != nil {
+			return err
+		}
+		// short-circuit--we were called with an existing directory and chown was requested
+		return nil
+	} else if err == nil {
+		// nothing to do; directory path fully exists already and chown was NOT requested
+		return nil
+	}
+
+	if mkAll {
+		// walk back to "/" looking for directories which do not exist
+		// and add them to the paths array for chown after creation
+		dirPath := path
+		for {
+			dirPath = filepath.Dir(dirPath)
+			if dirPath == "/" {
+				break
+			}
+			if _, err := os.Stat(dirPath); err != nil && os.IsNotExist(err) {
+				paths = append(paths, dirPath)
+			}
+		}
+		if err := system.MkdirAll(path, mode); err != nil && !os.IsExist(err) {
+			return err
+		}
+	} else {
+		if err := os.Mkdir(path, mode); err != nil && !os.IsExist(err) {
+			return err
+		}
+	}
+	// even if it existed, we will chown the requested path + any subpaths that
+	// didn't exist when we called MkdirAll
+	for _, pathComponent := range paths {
+		if err := os.Chown(pathComponent, ownerUID, ownerGID); err != nil {
+			return err
+		}
+	}
+	return nil
+}
diff --git a/pkg/idtools/idtools_unix_test.go b/pkg/idtools/idtools_unix_test.go
new file mode 100644
index 00000000..540d3079
--- /dev/null
+++ b/pkg/idtools/idtools_unix_test.go
@@ -0,0 +1,271 @@
+// +build !windows
+
+package idtools
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"syscall"
+	"testing"
+)
+
+type node struct {
+	uid int
+	gid int
+}
+
+func TestMkdirAllAs(t *testing.T) {
+	dirName, err := ioutil.TempDir("", "mkdirall")
+	if err != nil {
+		t.Fatalf("Couldn't create temp dir: %v", err)
+	}
+	defer os.RemoveAll(dirName)
+
+	testTree := map[string]node{
+		"usr":              {0, 0},
+		"usr/bin":          {0, 0},
+		"lib":              {33, 33},
+		"lib/x86_64":       {45, 45},
+		"lib/x86_64/share": {1, 1},
+	}
+
+	if err := buildTree(dirName, testTree); err != nil {
+		t.Fatal(err)
+	}
+
+	// test adding a directory to a pre-existing dir; only the new dir is owned by the uid/gid
+	if err := MkdirAllAs(filepath.Join(dirName, "usr", "share"), 0755, 99, 99); err != nil {
+		t.Fatal(err)
+	}
+	testTree["usr/share"] = node{99, 99}
+	verifyTree, err := readTree(dirName, "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err := compareTrees(testTree, verifyTree); err != nil {
+		t.Fatal(err)
+	}
+
+	// test 2-deep new directories--both should be owned by the uid/gid pair
+	if err := MkdirAllAs(filepath.Join(dirName, "lib", "some", "other"), 0755, 101, 101); err != nil {
+		t.Fatal(err)
+	}
+	testTree["lib/some"] = node{101, 101}
+	testTree["lib/some/other"] = node{101, 101}
+	verifyTree, err = readTree(dirName, "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err := compareTrees(testTree, verifyTree); err != nil {
+		t.Fatal(err)
+	}
+
+	// test a directory that already exists; should be chowned, but nothing else
+	if err := MkdirAllAs(filepath.Join(dirName, "usr"), 0755, 102, 102); err != nil {
+		t.Fatal(err)
+	}
+	testTree["usr"] = node{102, 102}
+	verifyTree, err = readTree(dirName, "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err := compareTrees(testTree, verifyTree); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestMkdirAllNewAs(t *testing.T) {
+
+	dirName, err := ioutil.TempDir("", "mkdirnew")
+	if err != nil {
+		t.Fatalf("Couldn't create temp dir: %v", err)
+	}
+	defer os.RemoveAll(dirName)
+
+	testTree := map[string]node{
+		"usr":              {0, 0},
+		"usr/bin":          {0, 0},
+		"lib":              {33, 33},
+		"lib/x86_64":       {45, 45},
+		"lib/x86_64/share": {1, 1},
+	}
+
+	if err := buildTree(dirName, testTree); err != nil {
+		t.Fatal(err)
+	}
+
+	// test adding a directory to a pre-existing dir; only the new dir is owned by the uid/gid
+	if err := MkdirAllNewAs(filepath.Join(dirName, "usr", "share"), 0755, 99, 99); err != nil {
+		t.Fatal(err)
+	}
+	testTree["usr/share"] = node{99, 99}
+	verifyTree, err := readTree(dirName, "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err := compareTrees(testTree, verifyTree); err != nil {
+		t.Fatal(err)
+	}
+
+	// test 2-deep new directories--both should be owned by the uid/gid pair
+	if err := MkdirAllNewAs(filepath.Join(dirName, "lib", "some", "other"), 0755, 101, 101); err != nil {
+		t.Fatal(err)
+	}
+	testTree["lib/some"] = node{101, 101}
+	testTree["lib/some/other"] = node{101, 101}
+	verifyTree, err = readTree(dirName, "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err := compareTrees(testTree, verifyTree); err != nil {
+		t.Fatal(err)
+	}
+
+	// test a directory that already exists; should NOT be chowned
+	if err := MkdirAllNewAs(filepath.Join(dirName, "usr"), 0755, 102, 102); err != nil {
+		t.Fatal(err)
+	}
+	verifyTree, err = readTree(dirName, "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err := compareTrees(testTree, verifyTree); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestMkdirAs(t *testing.T) {
+
+	dirName, err := ioutil.TempDir("", "mkdir")
+	if err != nil {
+		t.Fatalf("Couldn't create temp dir: %v", err)
+	}
+	defer os.RemoveAll(dirName)
+
+	testTree := map[string]node{
+		"usr": {0, 0},
+	}
+	if err := buildTree(dirName, testTree); err != nil {
+		t.Fatal(err)
+	}
+
+	// test a directory that already exists; should just chown to the requested uid/gid
+	if err := MkdirAs(filepath.Join(dirName, "usr"), 0755, 99, 99); err != nil {
+		t.Fatal(err)
+	}
+	testTree["usr"] = node{99, 99}
+	verifyTree, err := readTree(dirName, "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err := compareTrees(testTree, verifyTree); err != nil {
+		t.Fatal(err)
+	}
+
+	// create a subdir under a dir which doesn't exist--should fail
+	if err := MkdirAs(filepath.Join(dirName, "usr", "bin", "subdir"), 0755, 102, 102); err == nil {
+		t.Fatalf("Trying to create a directory with Mkdir where the parent doesn't exist should have failed")
+	}
+
+	// create a subdir under an existing dir; should only change the ownership of the new subdir
+	if err := MkdirAs(filepath.Join(dirName, "usr", "bin"), 0755, 102, 102); err != nil {
+		t.Fatal(err)
+	}
+	testTree["usr/bin"] = node{102, 102}
+	verifyTree, err = readTree(dirName, "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err := compareTrees(testTree, verifyTree); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func buildTree(base string, tree map[string]node) error {
+	for path, node := range tree {
+		fullPath := filepath.Join(base, path)
+		if err := os.MkdirAll(fullPath, 0755); err != nil {
+			return fmt.Errorf("Couldn't create path: %s; error: %v", fullPath, err)
+		}
+		if err := os.Chown(fullPath, node.uid, node.gid); err != nil {
+			return fmt.Errorf("Couldn't chown path: %s; error: %v", fullPath, err)
+		}
+	}
+	return nil
+}
+
+func readTree(base, root string) (map[string]node, error) {
+	tree := make(map[string]node)
+
+	dirInfos, err := ioutil.ReadDir(base)
+	if err != nil {
+		return nil, fmt.Errorf("Couldn't read directory entries for %q: %v", base, err)
+	}
+
+	for _, info := range dirInfos {
+		s := &syscall.Stat_t{}
+		if err := syscall.Stat(filepath.Join(base, info.Name()), s); err != nil {
+			return nil, fmt.Errorf("Can't stat file %q: %v", filepath.Join(base, info.Name()), err)
+		}
+		tree[filepath.Join(root, info.Name())] = node{int(s.Uid), int(s.Gid)}
+		if info.IsDir() {
+			// read the subdirectory
+			subtree, err := readTree(filepath.Join(base, info.Name()), filepath.Join(root, info.Name()))
+			if err != nil {
+				return nil, err
+			}
+			for path, nodeinfo := range subtree {
+				tree[path] = nodeinfo
+			}
+		}
+	}
+	return tree, nil
+}
+
+func compareTrees(left, right map[string]node) error {
+	if len(left) != len(right) {
+		return fmt.Errorf("Trees aren't the same size")
+	}
+	for path, nodeLeft := range left {
+		if nodeRight, ok := right[path]; ok {
+			if nodeRight.uid != nodeLeft.uid || nodeRight.gid != nodeLeft.gid {
+				// mismatch
+				return fmt.Errorf("mismatched ownership for %q: expected: %d:%d, got: %d:%d", path,
+					nodeLeft.uid, nodeLeft.gid, nodeRight.uid, nodeRight.gid)
+			}
+			continue
+		}
+		return fmt.Errorf("right tree didn't contain path %q", path)
+	}
+	return nil
+}
+
+func TestParseSubidFileWithNewlinesAndComments(t *testing.T) {
+	tmpDir, err := ioutil.TempDir("", "parsesubid")
+	if err != nil {
+		t.Fatal(err)
+	}
+	fnamePath := filepath.Join(tmpDir, "testsubuid")
+	fcontent := `tss:100000:65536
+# empty default subuid/subgid file
+
+dockremap:231072:65536`
+	if err := ioutil.WriteFile(fnamePath, []byte(fcontent), 0644); err != nil {
+		t.Fatal(err)
+	}
+	ranges, err := parseSubidFile(fnamePath, "dockremap")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(ranges) != 1 {
+		t.Fatalf("wanted 1 element in ranges, got %d instead", len(ranges))
+	}
+	if ranges[0].Start != 231072 {
+		t.Fatalf("wanted 231072, got %d instead", ranges[0].Start)
+	}
+	if ranges[0].Length != 65536 {
+		t.Fatalf("wanted 65536, got %d instead", ranges[0].Length)
+	}
+}
diff --git a/pkg/idtools/idtools_windows.go b/pkg/idtools/idtools_windows.go
new file mode 100644
index 00000000..c9e3c937
--- /dev/null
+++ b/pkg/idtools/idtools_windows.go
@@ -0,0 +1,18 @@
+// +build windows
+
+package idtools
+
+import (
+	"os"
+
+	"github.com/docker/docker/pkg/system"
+)
+
+// Platforms such as Windows do not support the UID/GID concept. So make this
+// just a wrapper around system.MkdirAll.
+func mkdirAs(path string, mode os.FileMode, ownerUID, ownerGID int, mkAll, chownExisting bool) error {
+	if err := system.MkdirAll(path, mode); err != nil && !os.IsExist(err) {
+		return err
+	}
+	return nil
+}
diff --git a/pkg/idtools/usergroupadd_linux.go b/pkg/idtools/usergroupadd_linux.go
new file mode 100644
index 00000000..86d9e21e
--- /dev/null
+++ b/pkg/idtools/usergroupadd_linux.go
@@ -0,0 +1,188 @@
+package idtools
+
+import (
+	"fmt"
+	"os/exec"
+	"path/filepath"
+	"regexp"
+	"sort"
+	"strconv"
+	"strings"
+)
+
+// add a user and/or group to Linux /etc/passwd, /etc/group using standard
+// Linux distribution commands:
+// adduser --system --shell /bin/false --disabled-login --disabled-password --no-create-home --group <username>
+// useradd -r -s /bin/false <username>
+
+var (
+	userCommand string
+
+	cmdTemplates = map[string]string{
+		"adduser": "--system --shell /bin/false --no-create-home --disabled-login --disabled-password --group %s",
+		"useradd": "-r -s /bin/false %s",
+		"usermod": "-%s %d-%d %s",
+	}
+
+	idOutRegexp = regexp.MustCompile(`uid=([0-9]+).*gid=([0-9]+)`)
+	// default length for a UID/GID subordinate range
+	defaultRangeLen   = 65536
+	defaultRangeStart = 100000
+	userMod           = "usermod"
+)
+
+func init() {
+	// set up which commands are used for adding users/groups dependent on distro
+	if _, err := resolveBinary("adduser"); err == nil {
+		userCommand = "adduser"
+	} else if _, err := resolveBinary("useradd"); err == nil {
+		userCommand = "useradd"
+	}
+}
+
+func resolveBinary(binname string) (string, error) {
+	binaryPath, err := exec.LookPath(binname)
+	if err != nil {
+		return "", err
+	}
+	resolvedPath, err := filepath.EvalSymlinks(binaryPath)
+	if err != nil {
+		return "", err
+	}
+	//only return no error if the final resolved binary basename
+	//matches what was searched for
+	if filepath.Base(resolvedPath) == binname {
+		return resolvedPath, nil
+	}
+	return "", fmt.Errorf("Binary %q does not resolve to a binary of that name in $PATH (%q)", binname, resolvedPath)
+}
+
+// AddNamespaceRangesUser takes a username and uses the standard system
+// utility to create a system user/group pair used to hold the
+// /etc/sub{uid,gid} ranges which will be used for user namespace
+// mapping ranges in containers.
+func AddNamespaceRangesUser(name string) (int, int, error) {
+	if err := addUser(name); err != nil {
+		return -1, -1, fmt.Errorf("Error adding user %q: %v", name, err)
+	}
+
+	// Query the system for the created uid and gid pair
+	out, err := execCmd("id", name)
+	if err != nil {
+		return -1, -1, fmt.Errorf("Error trying to find uid/gid for new user %q: %v", name, err)
+	}
+	matches := idOutRegexp.FindStringSubmatch(strings.TrimSpace(string(out)))
+	if len(matches) != 3 {
+		return -1, -1, fmt.Errorf("Can't find uid, gid from `id` output: %q", string(out))
+	}
+	uid, err := strconv.Atoi(matches[1])
+	if err != nil {
+		return -1, -1, fmt.Errorf("Can't convert found uid (%s) to int: %v", matches[1], err)
+	}
+	gid, err := strconv.Atoi(matches[2])
+	if err != nil {
+		return -1, -1, fmt.Errorf("Can't convert found gid (%s) to int: %v", matches[2], err)
+	}
+
+	// Now we need to create the subuid/subgid ranges for our new user/group (system users
+	// do not get auto-created ranges in subuid/subgid)
+
+	if err := createSubordinateRanges(name); err != nil {
+		return -1, -1, fmt.Errorf("Couldn't create subordinate ID ranges: %v", err)
+	}
+	return uid, gid, nil
+}
+
+func addUser(userName string) error {
+
+	if userCommand == "" {
+		return fmt.Errorf("Cannot add user; no useradd/adduser binary found")
+	}
+	args := fmt.Sprintf(cmdTemplates[userCommand], userName)
+	out, err := execCmd(userCommand, args)
+	if err != nil {
+		return fmt.Errorf("Failed to add user with error: %v; output: %q", err, string(out))
+	}
+	return nil
+}
+
+func createSubordinateRanges(name string) error {
+
+	// first, we should verify that ranges weren't automatically created
+	// by the distro tooling
+	ranges, err := parseSubuid(name)
+	if err != nil {
+		return fmt.Errorf("Error while looking for subuid ranges for user %q: %v", name, err)
+	}
+	if len(ranges) == 0 {
+		// no UID ranges; let's create one
+		startID, err := findNextUIDRange()
+		if err != nil {
+			return fmt.Errorf("Can't find available subuid range: %v", err)
+		}
+		out, err := execCmd(userMod, fmt.Sprintf(cmdTemplates[userMod], "v", startID, startID+defaultRangeLen-1, name))
+		if err != nil {
+			return fmt.Errorf("Unable to add subuid range to user: %q; output: %s, err: %v", name, out, err)
+		}
+	}
+
+	ranges, err = parseSubgid(name)
+	if err != nil {
+		return fmt.Errorf("Error while looking for subgid ranges for user %q: %v", name, err)
+	}
+	if len(ranges) == 0 {
+		// no GID ranges; let's create one
+		startID, err := findNextGIDRange()
+		if err != nil {
+			return fmt.Errorf("Can't find available subgid range: %v", err)
+		}
+		out, err := execCmd(userMod, fmt.Sprintf(cmdTemplates[userMod], "w", startID, startID+defaultRangeLen-1, name))
+		if err != nil {
+			return fmt.Errorf("Unable to add subgid range to user: %q; output: %s, err: %v", name, out, err)
+		}
+	}
+	return nil
+}
+
+func findNextUIDRange() (int, error) {
+	ranges, err := parseSubuid("ALL")
+	if err != nil {
+		return -1, fmt.Errorf("Couldn't parse all ranges in /etc/subuid file: %v", err)
+	}
+	sort.Sort(ranges)
+	return findNextRangeStart(ranges)
+}
+
+func findNextGIDRange() (int, error) {
+	ranges, err := parseSubgid("ALL")
+	if err != nil {
+		return -1, fmt.Errorf("Couldn't parse all ranges in /etc/subgid file: %v", err)
+	}
+	sort.Sort(ranges)
+	return findNextRangeStart(ranges)
+}
+
+func findNextRangeStart(rangeList ranges) (int, error) {
+	startID := defaultRangeStart
+	for _, arange := range rangeList {
+		if wouldOverlap(arange, startID) {
+			startID = arange.Start + arange.Length
+		}
+	}
+	return startID, nil
+}
+
+func wouldOverlap(arange subIDRange, ID int) bool {
+	low := ID
+	high := ID + defaultRangeLen
+	if (low >= arange.Start && low <= arange.Start+arange.Length) ||
+		(high <= arange.Start+arange.Length && high >= arange.Start) {
+		return true
+	}
+	return false
+}
+
+func execCmd(cmd, args string) ([]byte, error) {
+	execCmd := exec.Command(cmd, strings.Split(args, " ")...)
+	return execCmd.CombinedOutput()
+}
diff --git a/pkg/idtools/usergroupadd_unsupported.go b/pkg/idtools/usergroupadd_unsupported.go
new file mode 100644
index 00000000..d98b354c
--- /dev/null
+++ b/pkg/idtools/usergroupadd_unsupported.go
@@ -0,0 +1,12 @@
+// +build !linux
+
+package idtools
+
+import "fmt"
+
+// AddNamespaceRangesUser takes a name and finds an unused uid, gid pair
+// and calls the appropriate helper function to add the group and then
+// the user to the group in /etc/group and /etc/passwd respectively.
+func AddNamespaceRangesUser(name string) (int, int, error) {
+	return -1, -1, fmt.Errorf("No support for adding users or groups on this OS")
+}
diff --git a/pkg/integration/checker/checker.go b/pkg/integration/checker/checker.go
new file mode 100644
index 00000000..a5314994
--- /dev/null
+++ b/pkg/integration/checker/checker.go
@@ -0,0 +1,46 @@
+// Package checker provide Docker specific implementations of the go-check.Checker interface.
+package checker
+
+import (
+	"github.com/go-check/check"
+	"github.com/vdemeester/shakers"
+)
+
+// As a commodity, we bring all check.Checker variables into the current namespace to avoid having
+// to think about check.X versus checker.X.
+var (
+	DeepEquals   = check.DeepEquals
+	ErrorMatches = check.ErrorMatches
+	FitsTypeOf   = check.FitsTypeOf
+	HasLen       = check.HasLen
+	Implements   = check.Implements
+	IsNil        = check.IsNil
+	Matches      = check.Matches
+	Not          = check.Not
+	NotNil       = check.NotNil
+	PanicMatches = check.PanicMatches
+	Panics       = check.Panics
+
+	Contains           = shakers.Contains
+	ContainsAny        = shakers.ContainsAny
+	Count              = shakers.Count
+	Equals             = shakers.Equals
+	EqualFold          = shakers.EqualFold
+	False              = shakers.False
+	GreaterOrEqualThan = shakers.GreaterOrEqualThan
+	GreaterThan        = shakers.GreaterThan
+	HasPrefix          = shakers.HasPrefix
+	HasSuffix          = shakers.HasSuffix
+	Index              = shakers.Index
+	IndexAny           = shakers.IndexAny
+	IsAfter            = shakers.IsAfter
+	IsBefore           = shakers.IsBefore
+	IsBetween          = shakers.IsBetween
+	IsLower            = shakers.IsLower
+	IsUpper            = shakers.IsUpper
+	LessOrEqualThan    = shakers.LessOrEqualThan
+	LessThan           = shakers.LessThan
+	TimeEquals         = shakers.TimeEquals
+	True               = shakers.True
+	TimeIgnore         = shakers.TimeIgnore
+)
diff --git a/pkg/integration/dockerCmd_utils.go b/pkg/integration/dockerCmd_utils.go
new file mode 100644
index 00000000..fab3e062
--- /dev/null
+++ b/pkg/integration/dockerCmd_utils.go
@@ -0,0 +1,78 @@
+package integration
+
+import (
+	"fmt"
+	"os/exec"
+	"strings"
+	"time"
+
+	"github.com/go-check/check"
+)
+
+// We use the elongated quote mechanism for quoting error returns as
+// the use of strconv.Quote or %q in fmt.Errorf will escape characters. This
+// has a big downside on Windows where the args include paths, so instead
+// of something like c:\directory\file.txt, the output would be
+// c:\\directory\\file.txt. This is highly misleading.
+const quote = `"`
+
+var execCommand = exec.Command
+
+// DockerCmdWithError executes a docker command that is supposed to fail and returns
+// the output, the exit code and the error.
+func DockerCmdWithError(dockerBinary string, args ...string) (string, int, error) {
+	return RunCommandWithOutput(execCommand(dockerBinary, args...))
+}
+
+// DockerCmdWithStdoutStderr executes a docker command and returns the content of the
+// stdout, stderr and the exit code. If a check.C is passed, it will fail and stop tests
+// if the error is not nil.
+func DockerCmdWithStdoutStderr(dockerBinary string, c *check.C, args ...string) (string, string, int) {
+	stdout, stderr, status, err := RunCommandWithStdoutStderr(execCommand(dockerBinary, args...))
+	if c != nil {
+		c.Assert(err, check.IsNil, check.Commentf(quote+"%v"+quote+" failed with errors: %s, %v", strings.Join(args, " "), stderr, err))
+	}
+	return stdout, stderr, status
+}
+
+// DockerCmd executes a docker command and returns the output and the exit code. If the
+// command returns an error, it will fail and stop the tests.
+func DockerCmd(dockerBinary string, c *check.C, args ...string) (string, int) {
+	out, status, err := RunCommandWithOutput(execCommand(dockerBinary, args...))
+	c.Assert(err, check.IsNil, check.Commentf(quote+"%v"+quote+" failed with errors: %s, %v", strings.Join(args, " "), out, err))
+	return out, status
+}
+
+// DockerCmdWithTimeout executes a docker command with a timeout, and returns the output,
+// the exit code and the error (if any).
+func DockerCmdWithTimeout(dockerBinary string, timeout time.Duration, args ...string) (string, int, error) {
+	out, status, err := RunCommandWithOutputAndTimeout(execCommand(dockerBinary, args...), timeout)
+	if err != nil {
+		return out, status, fmt.Errorf(quote+"%v"+quote+" failed with errors: %v : %q", strings.Join(args, " "), err, out)
+	}
+	return out, status, err
+}
+
+// DockerCmdInDir executes a docker command in a directory and returns the output, the
+// exit code and the error (if any).
+func DockerCmdInDir(dockerBinary string, path string, args ...string) (string, int, error) {
+	dockerCommand := execCommand(dockerBinary, args...)
+	dockerCommand.Dir = path
+	out, status, err := RunCommandWithOutput(dockerCommand)
+	if err != nil {
+		return out, status, fmt.Errorf(quote+"%v"+quote+" failed with errors: %v : %q", strings.Join(args, " "), err, out)
+	}
+	return out, status, err
+}
+
+// DockerCmdInDirWithTimeout executes a docker command in a directory with a timeout and
+// returns the output, the exit code and the error (if any).
+func DockerCmdInDirWithTimeout(dockerBinary string, timeout time.Duration, path string, args ...string) (string, int, error) {
+	dockerCommand := execCommand(dockerBinary, args...)
+	dockerCommand.Dir = path
+	out, status, err := RunCommandWithOutputAndTimeout(dockerCommand, timeout)
+	if err != nil {
+		return out, status, fmt.Errorf(quote+"%v"+quote+" failed with errors: %v : %q", strings.Join(args, " "), err, out)
+	}
+	return out, status, err
+}
diff --git a/pkg/integration/dockerCmd_utils_test.go b/pkg/integration/dockerCmd_utils_test.go
new file mode 100644
index 00000000..3dd5d114
--- /dev/null
+++ b/pkg/integration/dockerCmd_utils_test.go
@@ -0,0 +1,405 @@
+package integration
+
+import (
+	"fmt"
+	"os"
+	"os/exec"
+	"testing"
+
+	"io/ioutil"
+	"strings"
+	"time"
+
+	"github.com/go-check/check"
+)
+
+const dockerBinary = "docker"
+
+// Setup go-check for this test
+func Test(t *testing.T) {
+	check.TestingT(t)
+}
+
+func init() {
+	check.Suite(&DockerCmdSuite{})
+}
+
+type DockerCmdSuite struct{}
+
+// Fake the exec.Command to use our mock.
+func (s *DockerCmdSuite) SetUpTest(c *check.C) {
+	execCommand = fakeExecCommand
+}
+
+// And bring it back to normal after the test.
+func (s *DockerCmdSuite) TearDownTest(c *check.C) {
+	execCommand = exec.Command
+}
+
+// DockerCmdWithError tests
+
+func (s *DockerCmdSuite) TestDockerCmdWithError(c *check.C) {
+	cmds := []struct {
+		binary           string
+		args             []string
+		expectedOut      string
+		expectedExitCode int
+		expectedError    error
+	}{
+		{
+			"doesnotexists",
+			[]string{},
+			"Command doesnotexists not found.",
+			1,
+			fmt.Errorf("exit status 1"),
+		},
+		{
+			dockerBinary,
+			[]string{"an", "error"},
+			"an error has occurred",
+			1,
+			fmt.Errorf("exit status 1"),
+		},
+		{
+			dockerBinary,
+			[]string{"an", "exitCode", "127"},
+			"an error has occurred with exitCode 127",
+			127,
+			fmt.Errorf("exit status 127"),
+		},
+		{
+			dockerBinary,
+			[]string{"run", "-ti", "ubuntu", "echo", "hello"},
+			"hello",
+			0,
+			nil,
+		},
+	}
+	for _, cmd := range cmds {
+		out, exitCode, error := DockerCmdWithError(cmd.binary, cmd.args...)
+		c.Assert(out, check.Equals, cmd.expectedOut, check.Commentf("Expected output %q for arguments %v, got %q", cmd.expectedOut, cmd.args, out))
+		c.Assert(exitCode, check.Equals, cmd.expectedExitCode, check.Commentf("Expected exitCode %q for arguments %v, got %q", cmd.expectedExitCode, cmd.args, exitCode))
+		if cmd.expectedError != nil {
+			c.Assert(error, check.NotNil, check.Commentf("Expected an error %q, got nothing", cmd.expectedError))
+			c.Assert(error.Error(), check.Equals, cmd.expectedError.Error(), check.Commentf("Expected error %q for arguments %v, got %q", cmd.expectedError.Error(), cmd.args, error.Error()))
+		} else {
+			c.Assert(error, check.IsNil, check.Commentf("Expected no error, got %v", error))
+		}
+	}
+}
+
+// DockerCmdWithStdoutStderr tests
+
+type dockerCmdWithStdoutStderrErrorSuite struct{}
+
+func (s *dockerCmdWithStdoutStderrErrorSuite) Test(c *check.C) {
+	// Should fail, the test too
+	DockerCmdWithStdoutStderr(dockerBinary, c, "an", "error")
+}
+
+type dockerCmdWithStdoutStderrSuccessSuite struct{}
+
+func (s *dockerCmdWithStdoutStderrSuccessSuite) Test(c *check.C) {
+	stdout, stderr, exitCode := DockerCmdWithStdoutStderr(dockerBinary, c, "run", "-ti", "ubuntu", "echo", "hello")
+	c.Assert(stdout, check.Equals, "hello")
+	c.Assert(stderr, check.Equals, "")
+	c.Assert(exitCode, check.Equals, 0)
+
+}
+
+func (s *DockerCmdSuite) TestDockerCmdWithStdoutStderrError(c *check.C) {
+	// Run error suite, should fail.
+	output := String{}
+	result := check.Run(&dockerCmdWithStdoutStderrErrorSuite{}, &check.RunConf{Output: &output})
+	c.Check(result.Succeeded, check.Equals, 0)
+	c.Check(result.Failed, check.Equals, 1)
+}
+
+func (s *DockerCmdSuite) TestDockerCmdWithStdoutStderrSuccess(c *check.C) {
+	// Run error suite, should fail.
+	output := String{}
+	result := check.Run(&dockerCmdWithStdoutStderrSuccessSuite{}, &check.RunConf{Output: &output})
+	c.Check(result.Succeeded, check.Equals, 1)
+	c.Check(result.Failed, check.Equals, 0)
+}
+
+// DockerCmd tests
+
+type dockerCmdErrorSuite struct{}
+
+func (s *dockerCmdErrorSuite) Test(c *check.C) {
+	// Should fail, the test too
+	DockerCmd(dockerBinary, c, "an", "error")
+}
+
+type dockerCmdSuccessSuite struct{}
+
+func (s *dockerCmdSuccessSuite) Test(c *check.C) {
+	stdout, exitCode := DockerCmd(dockerBinary, c, "run", "-ti", "ubuntu", "echo", "hello")
+	c.Assert(stdout, check.Equals, "hello")
+	c.Assert(exitCode, check.Equals, 0)
+
+}
+
+func (s *DockerCmdSuite) TestDockerCmdError(c *check.C) {
+	// Run error suite, should fail.
+	output := String{}
+	result := check.Run(&dockerCmdErrorSuite{}, &check.RunConf{Output: &output})
+	c.Check(result.Succeeded, check.Equals, 0)
+	c.Check(result.Failed, check.Equals, 1)
+}
+
+func (s *DockerCmdSuite) TestDockerCmdSuccess(c *check.C) {
+	// Run error suite, should fail.
+	output := String{}
+	result := check.Run(&dockerCmdSuccessSuite{}, &check.RunConf{Output: &output})
+	c.Check(result.Succeeded, check.Equals, 1)
+	c.Check(result.Failed, check.Equals, 0)
+}
+
+// DockerCmdWithTimeout tests
+
+func (s *DockerCmdSuite) TestDockerCmdWithTimeout(c *check.C) {
+	cmds := []struct {
+		binary           string
+		args             []string
+		timeout          time.Duration
+		expectedOut      string
+		expectedExitCode int
+		expectedError    error
+	}{
+		{
+			"doesnotexists",
+			[]string{},
+			200 * time.Millisecond,
+			`Command doesnotexists not found.`,
+			1,
+			fmt.Errorf(`"" failed with errors: exit status 1 : "Command doesnotexists not found."`),
+		},
+		{
+			dockerBinary,
+			[]string{"an", "error"},
+			200 * time.Millisecond,
+			`an error has occurred`,
+			1,
+			fmt.Errorf(`"an error" failed with errors: exit status 1 : "an error has occurred"`),
+		},
+		{
+			dockerBinary,
+			[]string{"a", "command", "that", "times", "out"},
+			5 * time.Millisecond,
+			"",
+			0,
+			fmt.Errorf(`"a command that times out" failed with errors: command timed out : ""`),
+		},
+		{
+			dockerBinary,
+			[]string{"run", "-ti", "ubuntu", "echo", "hello"},
+			200 * time.Millisecond,
+			"hello",
+			0,
+			nil,
+		},
+	}
+	for _, cmd := range cmds {
+		out, exitCode, error := DockerCmdWithTimeout(cmd.binary, cmd.timeout, cmd.args...)
+		c.Assert(out, check.Equals, cmd.expectedOut, check.Commentf("Expected output %q for arguments %v, got %q", cmd.expectedOut, cmd.args, out))
+		c.Assert(exitCode, check.Equals, cmd.expectedExitCode, check.Commentf("Expected exitCode %q for arguments %v, got %q", cmd.expectedExitCode, cmd.args, exitCode))
+		if cmd.expectedError != nil {
+			c.Assert(error, check.NotNil, check.Commentf("Expected an error %q, got nothing", cmd.expectedError))
+			c.Assert(error.Error(), check.Equals, cmd.expectedError.Error(), check.Commentf("Expected error %q for arguments %v, got %q", cmd.expectedError.Error(), cmd.args, error.Error()))
+		} else {
+			c.Assert(error, check.IsNil, check.Commentf("Expected no error, got %v", error))
+		}
+	}
+}
+
+// DockerCmdInDir tests
+
+func (s *DockerCmdSuite) TestDockerCmdInDir(c *check.C) {
+	tempFolder, err := ioutil.TempDir("", "test-docker-cmd-in-dir")
+	c.Assert(err, check.IsNil)
+
+	cmds := []struct {
+		binary           string
+		args             []string
+		expectedOut      string
+		expectedExitCode int
+		expectedError    error
+	}{
+		{
+			"doesnotexists",
+			[]string{},
+			`Command doesnotexists not found.`,
+			1,
+			fmt.Errorf(`"dir:%s" failed with errors: exit status 1 : "Command doesnotexists not found."`, tempFolder),
+		},
+		{
+			dockerBinary,
+			[]string{"an", "error"},
+			`an error has occurred`,
+			1,
+			fmt.Errorf(`"dir:%s an error" failed with errors: exit status 1 : "an error has occurred"`, tempFolder),
+		},
+		{
+			dockerBinary,
+			[]string{"run", "-ti", "ubuntu", "echo", "hello"},
+			"hello",
+			0,
+			nil,
+		},
+	}
+	for _, cmd := range cmds {
+		// We prepend the arguments with dir:thefolder.. the fake command will check
+		// that the current workdir is the same as the one we are passing.
+		args := append([]string{"dir:" + tempFolder}, cmd.args...)
+		out, exitCode, error := DockerCmdInDir(cmd.binary, tempFolder, args...)
+		c.Assert(out, check.Equals, cmd.expectedOut, check.Commentf("Expected output %q for arguments %v, got %q", cmd.expectedOut, cmd.args, out))
+		c.Assert(exitCode, check.Equals, cmd.expectedExitCode, check.Commentf("Expected exitCode %q for arguments %v, got %q", cmd.expectedExitCode, cmd.args, exitCode))
+		if cmd.expectedError != nil {
+			c.Assert(error, check.NotNil, check.Commentf("Expected an error %q, got nothing", cmd.expectedError))
+			c.Assert(error.Error(), check.Equals, cmd.expectedError.Error(), check.Commentf("Expected error %q for arguments %v, got %q", cmd.expectedError.Error(), cmd.args, error.Error()))
+		} else {
+			c.Assert(error, check.IsNil, check.Commentf("Expected no error, got %v", error))
+		}
+	}
+}
+
+// DockerCmdInDirWithTimeout tests
+
+func (s *DockerCmdSuite) TestDockerCmdInDirWithTimeout(c *check.C) {
+	tempFolder, err := ioutil.TempDir("", "test-docker-cmd-in-dir")
+	c.Assert(err, check.IsNil)
+
+	cmds := []struct {
+		binary           string
+		args             []string
+		timeout          time.Duration
+		expectedOut      string
+		expectedExitCode int
+		expectedError    error
+	}{
+		{
+			"doesnotexists",
+			[]string{},
+			200 * time.Millisecond,
+			`Command doesnotexists not found.`,
+			1,
+			fmt.Errorf(`"dir:%s" failed with errors: exit status 1 : "Command doesnotexists not found."`, tempFolder),
+		},
+		{
+			dockerBinary,
+			[]string{"an", "error"},
+			200 * time.Millisecond,
+			`an error has occurred`,
+			1,
+			fmt.Errorf(`"dir:%s an error" failed with errors: exit status 1 : "an error has occurred"`, tempFolder),
+		},
+		{
+			dockerBinary,
+			[]string{"a", "command", "that", "times", "out"},
+			5 * time.Millisecond,
+			"",
+			0,
+			fmt.Errorf(`"dir:%s a command that times out" failed with errors: command timed out : ""`, tempFolder),
+		},
+		{
+			dockerBinary,
+			[]string{"run", "-ti", "ubuntu", "echo", "hello"},
+			200 * time.Millisecond,
+			"hello",
+			0,
+			nil,
+		},
+	}
+	for _, cmd := range cmds {
+		// We prepend the arguments with dir:thefolder.. the fake command will check
+		// that the current workdir is the same as the one we are passing.
+		args := append([]string{"dir:" + tempFolder}, cmd.args...)
+		out, exitCode, error := DockerCmdInDirWithTimeout(cmd.binary, cmd.timeout, tempFolder, args...)
+		c.Assert(out, check.Equals, cmd.expectedOut, check.Commentf("Expected output %q for arguments %v, got %q", cmd.expectedOut, cmd.args, out))
+		c.Assert(exitCode, check.Equals, cmd.expectedExitCode, check.Commentf("Expected exitCode %q for arguments %v, got %q", cmd.expectedExitCode, cmd.args, exitCode))
+		if cmd.expectedError != nil {
+			c.Assert(error, check.NotNil, check.Commentf("Expected an error %q, got nothing", cmd.expectedError))
+			c.Assert(error.Error(), check.Equals, cmd.expectedError.Error(), check.Commentf("Expected error %q for arguments %v, got %q", cmd.expectedError.Error(), cmd.args, error.Error()))
+		} else {
+			c.Assert(error, check.IsNil, check.Commentf("Expected no error, got %v", error))
+		}
+	}
+}
+
+// Helpers :)
+
+// Type implementing the io.Writer interface for analyzing output.
+type String struct {
+	value string
+}
+
+// The only function required by the io.Writer interface.  Will append
+// written data to the String.value string.
+func (s *String) Write(p []byte) (n int, err error) {
+	s.value += string(p)
+	return len(p), nil
+}
+
+// Helper function that mock the exec.Command call (and call the test binary)
+func fakeExecCommand(command string, args ...string) *exec.Cmd {
+	cs := []string{"-test.run=TestHelperProcess", "--", command}
+	cs = append(cs, args...)
+	cmd := exec.Command(os.Args[0], cs...)
+	cmd.Env = []string{"GO_WANT_HELPER_PROCESS=1"}
+	return cmd
+}
+
+func TestHelperProcess(t *testing.T) {
+	if os.Getenv("GO_WANT_HELPER_PROCESS") != "1" {
+		return
+	}
+	args := os.Args
+
+	// Previous arguments are tests stuff, that looks like :
+	// /tmp/go-build970079519/…/_test/integration.test -test.run=TestHelperProcess --
+	cmd, args := args[3], args[4:]
+	// Handle the case where args[0] is dir:...
+	if len(args) > 0 && strings.HasPrefix(args[0], "dir:") {
+		expectedCwd := args[0][4:]
+		if len(args) > 1 {
+			args = args[1:]
+		}
+		cwd, err := os.Getwd()
+		if err != nil {
+			fmt.Fprintf(os.Stderr, "Failed to get workingdir: %v", err)
+			os.Exit(1)
+		}
+		// This checks that the given path is the same as the currend working dire
+		if expectedCwd != cwd {
+			fmt.Fprintf(os.Stderr, "Current workdir should be %q, but is %q", expectedCwd, cwd)
+		}
+	}
+	switch cmd {
+	case dockerBinary:
+		argsStr := strings.Join(args, " ")
+		switch argsStr {
+		case "an exitCode 127":
+			fmt.Fprintf(os.Stderr, "an error has occurred with exitCode 127")
+			os.Exit(127)
+		case "an error":
+			fmt.Fprintf(os.Stderr, "an error has occurred")
+			os.Exit(1)
+		case "a command that times out":
+			time.Sleep(10 * time.Second)
+			fmt.Fprintf(os.Stdout, "too long, should be killed")
+			// A random exit code (that should never happened in tests)
+			os.Exit(7)
+		case "run -ti ubuntu echo hello":
+			fmt.Fprintf(os.Stdout, "hello")
+		default:
+			fmt.Fprintf(os.Stdout, "no arguments")
+		}
+	default:
+		fmt.Fprintf(os.Stderr, "Command %s not found.", cmd)
+		os.Exit(1)
+	}
+	// some code here to check arguments perhaps?
+	os.Exit(0)
+}
diff --git a/pkg/integration/utils.go b/pkg/integration/utils.go
new file mode 100644
index 00000000..cfccc801
--- /dev/null
+++ b/pkg/integration/utils.go
@@ -0,0 +1,361 @@
+package integration
+
+import (
+	"archive/tar"
+	"bytes"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"reflect"
+	"strings"
+	"syscall"
+	"time"
+
+	"github.com/docker/docker/pkg/stringutils"
+)
+
+// GetExitCode returns the ExitStatus of the specified error if its type is
+// exec.ExitError, returns 0 and an error otherwise.
+func GetExitCode(err error) (int, error) {
+	exitCode := 0
+	if exiterr, ok := err.(*exec.ExitError); ok {
+		if procExit, ok := exiterr.Sys().(syscall.WaitStatus); ok {
+			return procExit.ExitStatus(), nil
+		}
+	}
+	return exitCode, fmt.Errorf("failed to get exit code")
+}
+
+// ProcessExitCode process the specified error and returns the exit status code
+// if the error was of type exec.ExitError, returns nothing otherwise.
+func ProcessExitCode(err error) (exitCode int) {
+	if err != nil {
+		var exiterr error
+		if exitCode, exiterr = GetExitCode(err); exiterr != nil {
+			// TODO: Fix this so we check the error's text.
+			// we've failed to retrieve exit code, so we set it to 127
+			exitCode = 127
+		}
+	}
+	return
+}
+
+// IsKilled process the specified error and returns whether the process was killed or not.
+func IsKilled(err error) bool {
+	if exitErr, ok := err.(*exec.ExitError); ok {
+		status, ok := exitErr.Sys().(syscall.WaitStatus)
+		if !ok {
+			return false
+		}
+		// status.ExitStatus() is required on Windows because it does not
+		// implement Signal() nor Signaled(). Just check it had a bad exit
+		// status could mean it was killed (and in tests we do kill)
+		return (status.Signaled() && status.Signal() == os.Kill) || status.ExitStatus() != 0
+	}
+	return false
+}
+
+// RunCommandWithOutput runs the specified command and returns the combined output (stdout/stderr)
+// with the exitCode different from 0 and the error if something bad happened
+func RunCommandWithOutput(cmd *exec.Cmd) (output string, exitCode int, err error) {
+	exitCode = 0
+	out, err := cmd.CombinedOutput()
+	exitCode = ProcessExitCode(err)
+	output = string(out)
+	return
+}
+
+// RunCommandWithStdoutStderr runs the specified command and returns stdout and stderr separately
+// with the exitCode different from 0 and the error if something bad happened
+func RunCommandWithStdoutStderr(cmd *exec.Cmd) (stdout string, stderr string, exitCode int, err error) {
+	var (
+		stderrBuffer, stdoutBuffer bytes.Buffer
+	)
+	exitCode = 0
+	cmd.Stderr = &stderrBuffer
+	cmd.Stdout = &stdoutBuffer
+	err = cmd.Run()
+	exitCode = ProcessExitCode(err)
+
+	stdout = stdoutBuffer.String()
+	stderr = stderrBuffer.String()
+	return
+}
+
+// RunCommandWithOutputForDuration runs the specified command "timeboxed" by the specified duration.
+// If the process is still running when the timebox is finished, the process will be killed and .
+// It will returns the output with the exitCode different from 0 and the error if something bad happened
+// and a boolean whether it has been killed or not.
+func RunCommandWithOutputForDuration(cmd *exec.Cmd, duration time.Duration) (output string, exitCode int, timedOut bool, err error) {
+	var outputBuffer bytes.Buffer
+	if cmd.Stdout != nil {
+		err = errors.New("cmd.Stdout already set")
+		return
+	}
+	cmd.Stdout = &outputBuffer
+
+	if cmd.Stderr != nil {
+		err = errors.New("cmd.Stderr already set")
+		return
+	}
+	cmd.Stderr = &outputBuffer
+
+	// Start the command in the main thread..
+	err = cmd.Start()
+	if err != nil {
+		err = fmt.Errorf("Fail to start command %v : %v", cmd, err)
+	}
+
+	type exitInfo struct {
+		exitErr  error
+		exitCode int
+	}
+
+	done := make(chan exitInfo, 1)
+
+	go func() {
+		// And wait for it to exit in the goroutine :)
+		info := exitInfo{}
+		info.exitErr = cmd.Wait()
+		info.exitCode = ProcessExitCode(info.exitErr)
+		done <- info
+	}()
+
+	select {
+	case <-time.After(duration):
+		killErr := cmd.Process.Kill()
+		if killErr != nil {
+			fmt.Printf("failed to kill (pid=%d): %v\n", cmd.Process.Pid, killErr)
+		}
+		timedOut = true
+	case info := <-done:
+		err = info.exitErr
+		exitCode = info.exitCode
+	}
+	output = outputBuffer.String()
+	return
+}
+
+var errCmdTimeout = fmt.Errorf("command timed out")
+
+// RunCommandWithOutputAndTimeout runs the specified command "timeboxed" by the specified duration.
+// It returns the output with the exitCode different from 0 and the error if something bad happened or
+// if the process timed out (and has been killed).
+func RunCommandWithOutputAndTimeout(cmd *exec.Cmd, timeout time.Duration) (output string, exitCode int, err error) {
+	var timedOut bool
+	output, exitCode, timedOut, err = RunCommandWithOutputForDuration(cmd, timeout)
+	if timedOut {
+		err = errCmdTimeout
+	}
+	return
+}
+
+// RunCommand runs the specified command and returns the exitCode different from 0
+// and the error if something bad happened.
+func RunCommand(cmd *exec.Cmd) (exitCode int, err error) {
+	exitCode = 0
+	err = cmd.Run()
+	exitCode = ProcessExitCode(err)
+	return
+}
+
+// RunCommandPipelineWithOutput runs the array of commands with the output
+// of each pipelined with the following (like cmd1 | cmd2 | cmd3 would do).
+// It returns the final output, the exitCode different from 0 and the error
+// if something bad happened.
+func RunCommandPipelineWithOutput(cmds ...*exec.Cmd) (output string, exitCode int, err error) {
+	if len(cmds) < 2 {
+		return "", 0, errors.New("pipeline does not have multiple cmds")
+	}
+
+	// connect stdin of each cmd to stdout pipe of previous cmd
+	for i, cmd := range cmds {
+		if i > 0 {
+			prevCmd := cmds[i-1]
+			cmd.Stdin, err = prevCmd.StdoutPipe()
+
+			if err != nil {
+				return "", 0, fmt.Errorf("cannot set stdout pipe for %s: %v", cmd.Path, err)
+			}
+		}
+	}
+
+	// start all cmds except the last
+	for _, cmd := range cmds[:len(cmds)-1] {
+		if err = cmd.Start(); err != nil {
+			return "", 0, fmt.Errorf("starting %s failed with error: %v", cmd.Path, err)
+		}
+	}
+
+	var pipelineError error
+	defer func() {
+		// wait all cmds except the last to release their resources
+		for _, cmd := range cmds[:len(cmds)-1] {
+			if err := cmd.Wait(); err != nil {
+				pipelineError = fmt.Errorf("command %s failed with error: %v", cmd.Path, err)
+				break
+			}
+		}
+	}()
+	if pipelineError != nil {
+		return "", 0, pipelineError
+	}
+
+	// wait on last cmd
+	return RunCommandWithOutput(cmds[len(cmds)-1])
+}
+
+// UnmarshalJSON deserialize a JSON in the given interface.
+func UnmarshalJSON(data []byte, result interface{}) error {
+	if err := json.Unmarshal(data, result); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ConvertSliceOfStringsToMap converts a slices of string in a map
+// with the strings as key and an empty string as values.
+func ConvertSliceOfStringsToMap(input []string) map[string]struct{} {
+	output := make(map[string]struct{})
+	for _, v := range input {
+		output[v] = struct{}{}
+	}
+	return output
+}
+
+// CompareDirectoryEntries compares two sets of FileInfo (usually taken from a directory)
+// and returns an error if different.
+func CompareDirectoryEntries(e1 []os.FileInfo, e2 []os.FileInfo) error {
+	var (
+		e1Entries = make(map[string]struct{})
+		e2Entries = make(map[string]struct{})
+	)
+	for _, e := range e1 {
+		e1Entries[e.Name()] = struct{}{}
+	}
+	for _, e := range e2 {
+		e2Entries[e.Name()] = struct{}{}
+	}
+	if !reflect.DeepEqual(e1Entries, e2Entries) {
+		return fmt.Errorf("entries differ")
+	}
+	return nil
+}
+
+// ListTar lists the entries of a tar.
+func ListTar(f io.Reader) ([]string, error) {
+	tr := tar.NewReader(f)
+	var entries []string
+
+	for {
+		th, err := tr.Next()
+		if err == io.EOF {
+			// end of tar archive
+			return entries, nil
+		}
+		if err != nil {
+			return entries, err
+		}
+		entries = append(entries, th.Name)
+	}
+}
+
+// RandomTmpDirPath provides a temporary path with rand string appended.
+// does not create or checks if it exists.
+func RandomTmpDirPath(s string, platform string) string {
+	tmp := "/tmp"
+	if platform == "windows" {
+		tmp = os.Getenv("TEMP")
+	}
+	path := filepath.Join(tmp, fmt.Sprintf("%s.%s", s, stringutils.GenerateRandomAlphaOnlyString(10)))
+	if platform == "windows" {
+		return filepath.FromSlash(path) // Using \
+	}
+	return filepath.ToSlash(path) // Using /
+}
+
+// ConsumeWithSpeed reads chunkSize bytes from reader before sleeping
+// for interval duration. Returns total read bytes. Send true to the
+// stop channel to return before reading to EOF on the reader.
+func ConsumeWithSpeed(reader io.Reader, chunkSize int, interval time.Duration, stop chan bool) (n int, err error) {
+	buffer := make([]byte, chunkSize)
+	for {
+		var readBytes int
+		readBytes, err = reader.Read(buffer)
+		n += readBytes
+		if err != nil {
+			if err == io.EOF {
+				err = nil
+			}
+			return
+		}
+		select {
+		case <-stop:
+			return
+		case <-time.After(interval):
+		}
+	}
+}
+
+// ParseCgroupPaths parses 'procCgroupData', which is output of '/proc/<pid>/cgroup', and returns
+// a map which cgroup name as key and path as value.
+func ParseCgroupPaths(procCgroupData string) map[string]string {
+	cgroupPaths := map[string]string{}
+	for _, line := range strings.Split(procCgroupData, "\n") {
+		parts := strings.Split(line, ":")
+		if len(parts) != 3 {
+			continue
+		}
+		cgroupPaths[parts[1]] = parts[2]
+	}
+	return cgroupPaths
+}
+
+// ChannelBuffer holds a chan of byte array that can be populate in a goroutine.
+type ChannelBuffer struct {
+	C chan []byte
+}
+
+// Write implements Writer.
+func (c *ChannelBuffer) Write(b []byte) (int, error) {
+	c.C <- b
+	return len(b), nil
+}
+
+// Close closes the go channel.
+func (c *ChannelBuffer) Close() error {
+	close(c.C)
+	return nil
+}
+
+// ReadTimeout reads the content of the channel in the specified byte array with
+// the specified duration as timeout.
+func (c *ChannelBuffer) ReadTimeout(p []byte, n time.Duration) (int, error) {
+	select {
+	case b := <-c.C:
+		return copy(p[0:], b), nil
+	case <-time.After(n):
+		return -1, fmt.Errorf("timeout reading from channel")
+	}
+}
+
+// RunAtDifferentDate runs the specified function with the given time.
+// It changes the date of the system, which can led to weird behaviors.
+func RunAtDifferentDate(date time.Time, block func()) {
+	// Layout for date. MMDDhhmmYYYY
+	const timeLayout = "010203042006"
+	// Ensure we bring time back to now
+	now := time.Now().Format(timeLayout)
+	dateReset := exec.Command("date", now)
+	defer RunCommand(dateReset)
+
+	dateChange := exec.Command("date", date.Format(timeLayout))
+	RunCommand(dateChange)
+	block()
+	return
+}
diff --git a/pkg/integration/utils_test.go b/pkg/integration/utils_test.go
new file mode 100644
index 00000000..d166489e
--- /dev/null
+++ b/pkg/integration/utils_test.go
@@ -0,0 +1,570 @@
+package integration
+
+import (
+	"io"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"runtime"
+	"strconv"
+	"strings"
+	"testing"
+	"time"
+)
+
+func TestIsKilledFalseWithNonKilledProcess(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+
+	lsCmd := exec.Command("ls")
+	lsCmd.Start()
+	// Wait for it to finish
+	err := lsCmd.Wait()
+	if IsKilled(err) {
+		t.Fatalf("Expected the ls command to not be killed, was.")
+	}
+}
+
+func TestIsKilledTrueWithKilledProcess(t *testing.T) {
+	// TODO Windows: Using golang 1.5.3, this seems to hit
+	// a bug in go where Process.Kill() causes a panic.
+	// Needs further investigation @jhowardmsft
+	if runtime.GOOS == "windows" {
+		t.SkipNow()
+	}
+	longCmd := exec.Command("top")
+	// Start a command
+	longCmd.Start()
+	// Capture the error when *dying*
+	done := make(chan error, 1)
+	go func() {
+		done <- longCmd.Wait()
+	}()
+	// Then kill it
+	longCmd.Process.Kill()
+	// Get the error
+	err := <-done
+	if !IsKilled(err) {
+		t.Fatalf("Expected the command to be killed, was not.")
+	}
+}
+
+func TestRunCommandWithOutput(t *testing.T) {
+	var (
+		echoHelloWorldCmd *exec.Cmd
+		expected          string
+	)
+	if runtime.GOOS != "windows" {
+		echoHelloWorldCmd = exec.Command("echo", "hello", "world")
+		expected = "hello world\n"
+	} else {
+		echoHelloWorldCmd = exec.Command("cmd", "/s", "/c", "echo", "hello", "world")
+		expected = "hello world\r\n"
+	}
+
+	out, exitCode, err := RunCommandWithOutput(echoHelloWorldCmd)
+	if out != expected || exitCode != 0 || err != nil {
+		t.Fatalf("Expected command to output %s, got %s, %v with exitCode %v", expected, out, err, exitCode)
+	}
+}
+
+func TestRunCommandWithOutputError(t *testing.T) {
+	var (
+		p                string
+		wrongCmd         *exec.Cmd
+		expected         string
+		expectedExitCode int
+	)
+
+	if runtime.GOOS != "windows" {
+		p = "$PATH"
+		wrongCmd = exec.Command("ls", "-z")
+		expected = `ls: invalid option -- 'z'
+Try 'ls --help' for more information.
+`
+		expectedExitCode = 2
+	} else {
+		p = "%PATH%"
+		wrongCmd = exec.Command("cmd", "/s", "/c", "dir", "/Z")
+		expected = "Invalid switch - " + strconv.Quote("Z") + ".\r\n"
+		expectedExitCode = 1
+	}
+	cmd := exec.Command("doesnotexists")
+	out, exitCode, err := RunCommandWithOutput(cmd)
+	expectedError := `exec: "doesnotexists": executable file not found in ` + p
+	if out != "" || exitCode != 127 || err == nil || err.Error() != expectedError {
+		t.Fatalf("Expected command to output %s, got %s, %v with exitCode %v", expectedError, out, err, exitCode)
+	}
+
+	out, exitCode, err = RunCommandWithOutput(wrongCmd)
+
+	if out != expected || exitCode != expectedExitCode || err == nil || !strings.Contains(err.Error(), "exit status "+strconv.Itoa(expectedExitCode)) {
+		t.Fatalf("Expected command to output %s, got out:xxx%sxxx, err:%v with exitCode %v", expected, out, err, exitCode)
+	}
+}
+
+func TestRunCommandWithStdoutStderr(t *testing.T) {
+	echoHelloWorldCmd := exec.Command("echo", "hello", "world")
+	stdout, stderr, exitCode, err := RunCommandWithStdoutStderr(echoHelloWorldCmd)
+	expected := "hello world\n"
+	if stdout != expected || stderr != "" || exitCode != 0 || err != nil {
+		t.Fatalf("Expected command to output %s, got stdout:%s, stderr:%s, err:%v with exitCode %v", expected, stdout, stderr, err, exitCode)
+	}
+}
+
+func TestRunCommandWithStdoutStderrError(t *testing.T) {
+	p := "$PATH"
+	if runtime.GOOS == "windows" {
+		p = "%PATH%"
+	}
+	cmd := exec.Command("doesnotexists")
+	stdout, stderr, exitCode, err := RunCommandWithStdoutStderr(cmd)
+	expectedError := `exec: "doesnotexists": executable file not found in ` + p
+	if stdout != "" || stderr != "" || exitCode != 127 || err == nil || err.Error() != expectedError {
+		t.Fatalf("Expected command to output out:%s, stderr:%s, got stdout:%s, stderr:%s, err:%v with exitCode %v", "", "", stdout, stderr, err, exitCode)
+	}
+
+	wrongLsCmd := exec.Command("ls", "-z")
+	expected := `ls: invalid option -- 'z'
+Try 'ls --help' for more information.
+`
+
+	stdout, stderr, exitCode, err = RunCommandWithStdoutStderr(wrongLsCmd)
+	if stdout != "" && stderr != expected || exitCode != 2 || err == nil || err.Error() != "exit status 2" {
+		t.Fatalf("Expected command to output out:%s, stderr:%s, got stdout:%s, stderr:%s, err:%v with exitCode %v", "", expectedError, stdout, stderr, err, exitCode)
+	}
+}
+
+func TestRunCommandWithOutputForDurationFinished(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+
+	cmd := exec.Command("ls")
+	out, exitCode, timedOut, err := RunCommandWithOutputForDuration(cmd, 50*time.Millisecond)
+	if out == "" || exitCode != 0 || timedOut || err != nil {
+		t.Fatalf("Expected the command to run for less 50 milliseconds and thus not time out, but did not : out:[%s], exitCode:[%d], timedOut:[%v], err:[%v]", out, exitCode, timedOut, err)
+	}
+}
+
+func TestRunCommandWithOutputForDurationKilled(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+	cmd := exec.Command("sh", "-c", "while true ; do echo 1 ; sleep .1 ; done")
+	out, exitCode, timedOut, err := RunCommandWithOutputForDuration(cmd, 500*time.Millisecond)
+	ones := strings.Split(out, "\n")
+	if len(ones) != 6 || exitCode != 0 || !timedOut || err != nil {
+		t.Fatalf("Expected the command to run for 500 milliseconds (and thus print six lines (five with 1, one empty) and time out, but did not : out:[%s], exitCode:%d, timedOut:%v, err:%v", out, exitCode, timedOut, err)
+	}
+}
+
+func TestRunCommandWithOutputForDurationErrors(t *testing.T) {
+	cmd := exec.Command("ls")
+	cmd.Stdout = os.Stdout
+	if _, _, _, err := RunCommandWithOutputForDuration(cmd, 1*time.Millisecond); err == nil || err.Error() != "cmd.Stdout already set" {
+		t.Fatalf("Expected an error as cmd.Stdout was already set, did not (err:%s).", err)
+	}
+	cmd = exec.Command("ls")
+	cmd.Stderr = os.Stderr
+	if _, _, _, err := RunCommandWithOutputForDuration(cmd, 1*time.Millisecond); err == nil || err.Error() != "cmd.Stderr already set" {
+		t.Fatalf("Expected an error as cmd.Stderr was already set, did not (err:%s).", err)
+	}
+}
+
+func TestRunCommandWithOutputAndTimeoutFinished(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+
+	cmd := exec.Command("ls")
+	out, exitCode, err := RunCommandWithOutputAndTimeout(cmd, 50*time.Millisecond)
+	if out == "" || exitCode != 0 || err != nil {
+		t.Fatalf("Expected the command to run for less 50 milliseconds and thus not time out, but did not : out:[%s], exitCode:[%d], err:[%v]", out, exitCode, err)
+	}
+}
+
+func TestRunCommandWithOutputAndTimeoutKilled(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+
+	cmd := exec.Command("sh", "-c", "while true ; do echo 1 ; sleep .1 ; done")
+	out, exitCode, err := RunCommandWithOutputAndTimeout(cmd, 500*time.Millisecond)
+	ones := strings.Split(out, "\n")
+	if len(ones) != 6 || exitCode != 0 || err == nil || err.Error() != "command timed out" {
+		t.Fatalf("Expected the command to run for 500 milliseconds (and thus print six lines (five with 1, one empty) and time out with an error 'command timed out', but did not : out:[%s], exitCode:%d, err:%v", out, exitCode, err)
+	}
+}
+
+func TestRunCommandWithOutputAndTimeoutErrors(t *testing.T) {
+	cmd := exec.Command("ls")
+	cmd.Stdout = os.Stdout
+	if _, _, err := RunCommandWithOutputAndTimeout(cmd, 1*time.Millisecond); err == nil || err.Error() != "cmd.Stdout already set" {
+		t.Fatalf("Expected an error as cmd.Stdout was already set, did not (err:%s).", err)
+	}
+	cmd = exec.Command("ls")
+	cmd.Stderr = os.Stderr
+	if _, _, err := RunCommandWithOutputAndTimeout(cmd, 1*time.Millisecond); err == nil || err.Error() != "cmd.Stderr already set" {
+		t.Fatalf("Expected an error as cmd.Stderr was already set, did not (err:%s).", err)
+	}
+}
+
+func TestRunCommand(t *testing.T) {
+	// TODO Windows: Port this test
+	if runtime.GOOS == "windows" {
+		t.Skip("Needs porting to Windows")
+	}
+
+	p := "$PATH"
+	if runtime.GOOS == "windows" {
+		p = "%PATH%"
+	}
+	lsCmd := exec.Command("ls")
+	exitCode, err := RunCommand(lsCmd)
+	if exitCode != 0 || err != nil {
+		t.Fatalf("Expected runCommand to run the command successfully, got: exitCode:%d, err:%v", exitCode, err)
+	}
+
+	var expectedError string
+
+	exitCode, err = RunCommand(exec.Command("doesnotexists"))
+	expectedError = `exec: "doesnotexists": executable file not found in ` + p
+	if exitCode != 127 || err == nil || err.Error() != expectedError {
+		t.Fatalf("Expected runCommand to run the command successfully, got: exitCode:%d, err:%v", exitCode, err)
+	}
+	wrongLsCmd := exec.Command("ls", "-z")
+	expected := 2
+	expectedError = `exit status 2`
+	exitCode, err = RunCommand(wrongLsCmd)
+	if exitCode != expected || err == nil || err.Error() != expectedError {
+		t.Fatalf("Expected runCommand to run the command successfully, got: exitCode:%d, err:%v", exitCode, err)
+	}
+}
+
+func TestRunCommandPipelineWithOutputWithNotEnoughCmds(t *testing.T) {
+	_, _, err := RunCommandPipelineWithOutput(exec.Command("ls"))
+	expectedError := "pipeline does not have multiple cmds"
+	if err == nil || err.Error() != expectedError {
+		t.Fatalf("Expected an error with %s, got err:%s", expectedError, err)
+	}
+}
+
+func TestRunCommandPipelineWithOutputErrors(t *testing.T) {
+	p := "$PATH"
+	if runtime.GOOS == "windows" {
+		p = "%PATH%"
+	}
+	cmd1 := exec.Command("ls")
+	cmd1.Stdout = os.Stdout
+	cmd2 := exec.Command("anything really")
+	_, _, err := RunCommandPipelineWithOutput(cmd1, cmd2)
+	if err == nil || err.Error() != "cannot set stdout pipe for anything really: exec: Stdout already set" {
+		t.Fatalf("Expected an error, got %v", err)
+	}
+
+	cmdWithError := exec.Command("doesnotexists")
+	cmdCat := exec.Command("cat")
+	_, _, err = RunCommandPipelineWithOutput(cmdWithError, cmdCat)
+	if err == nil || err.Error() != `starting doesnotexists failed with error: exec: "doesnotexists": executable file not found in `+p {
+		t.Fatalf("Expected an error, got %v", err)
+	}
+}
+
+func TestRunCommandPipelineWithOutput(t *testing.T) {
+	cmds := []*exec.Cmd{
+		// Print 2 characters
+		exec.Command("echo", "-n", "11"),
+		// Count the number or char from stdin (previous command)
+		exec.Command("wc", "-m"),
+	}
+	out, exitCode, err := RunCommandPipelineWithOutput(cmds...)
+	expectedOutput := "2\n"
+	if out != expectedOutput || exitCode != 0 || err != nil {
+		t.Fatalf("Expected %s for commands %v, got out:%s, exitCode:%d, err:%v", expectedOutput, cmds, out, exitCode, err)
+	}
+}
+
+// Simple simple test as it is just a passthrough for json.Unmarshal
+func TestUnmarshalJSON(t *testing.T) {
+	emptyResult := struct{}{}
+	if err := UnmarshalJSON([]byte(""), &emptyResult); err == nil {
+		t.Fatalf("Expected an error, got nothing")
+	}
+	result := struct{ Name string }{}
+	if err := UnmarshalJSON([]byte(`{"name": "name"}`), &result); err != nil {
+		t.Fatal(err)
+	}
+	if result.Name != "name" {
+		t.Fatalf("Expected result.name to be 'name', was '%s'", result.Name)
+	}
+}
+
+func TestConvertSliceOfStringsToMap(t *testing.T) {
+	input := []string{"a", "b"}
+	actual := ConvertSliceOfStringsToMap(input)
+	for _, key := range input {
+		if _, ok := actual[key]; !ok {
+			t.Fatalf("Expected output to contains key %s, did not: %v", key, actual)
+		}
+	}
+}
+
+func TestCompareDirectoryEntries(t *testing.T) {
+	tmpFolder, err := ioutil.TempDir("", "integration-cli-utils-compare-directories")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpFolder)
+
+	file1 := filepath.Join(tmpFolder, "file1")
+	file2 := filepath.Join(tmpFolder, "file2")
+	os.Create(file1)
+	os.Create(file2)
+
+	fi1, err := os.Stat(file1)
+	if err != nil {
+		t.Fatal(err)
+	}
+	fi1bis, err := os.Stat(file1)
+	if err != nil {
+		t.Fatal(err)
+	}
+	fi2, err := os.Stat(file2)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	cases := []struct {
+		e1          []os.FileInfo
+		e2          []os.FileInfo
+		shouldError bool
+	}{
+		// Empty directories
+		{
+			[]os.FileInfo{},
+			[]os.FileInfo{},
+			false,
+		},
+		// Same FileInfos
+		{
+			[]os.FileInfo{fi1},
+			[]os.FileInfo{fi1},
+			false,
+		},
+		// Different FileInfos but same names
+		{
+			[]os.FileInfo{fi1},
+			[]os.FileInfo{fi1bis},
+			false,
+		},
+		// Different FileInfos, different names
+		{
+			[]os.FileInfo{fi1},
+			[]os.FileInfo{fi2},
+			true,
+		},
+	}
+	for _, elt := range cases {
+		err := CompareDirectoryEntries(elt.e1, elt.e2)
+		if elt.shouldError && err == nil {
+			t.Fatalf("Should have return an error, did not with %v and %v", elt.e1, elt.e2)
+		}
+		if !elt.shouldError && err != nil {
+			t.Fatalf("Should have not returned an error, but did : %v with %v and %v", err, elt.e1, elt.e2)
+		}
+	}
+}
+
+// FIXME make an "unhappy path" test for ListTar without "panicking" :-)
+func TestListTar(t *testing.T) {
+	// TODO Windows: Figure out why this fails. Should be portable.
+	if runtime.GOOS == "windows" {
+		t.Skip("Failing on Windows - needs further investigation")
+	}
+	tmpFolder, err := ioutil.TempDir("", "integration-cli-utils-list-tar")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpFolder)
+
+	// Let's create a Tar file
+	srcFile := filepath.Join(tmpFolder, "src")
+	tarFile := filepath.Join(tmpFolder, "src.tar")
+	os.Create(srcFile)
+	cmd := exec.Command("sh", "-c", "tar cf "+tarFile+" "+srcFile)
+	_, err = cmd.CombinedOutput()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	reader, err := os.Open(tarFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer reader.Close()
+
+	entries, err := ListTar(reader)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(entries) != 1 && entries[0] != "src" {
+		t.Fatalf("Expected a tar file with 1 entry (%s), got %v", srcFile, entries)
+	}
+}
+
+func TestRandomTmpDirPath(t *testing.T) {
+	path := RandomTmpDirPath("something", runtime.GOOS)
+
+	prefix := "/tmp/something"
+	if runtime.GOOS == "windows" {
+		prefix = os.Getenv("TEMP") + `\something`
+	}
+	expectedSize := len(prefix) + 11
+
+	if !strings.HasPrefix(path, prefix) {
+		t.Fatalf("Expected generated path to have '%s' as prefix, got %s'", prefix, path)
+	}
+	if len(path) != expectedSize {
+		t.Fatalf("Expected generated path to be %d, got %d", expectedSize, len(path))
+	}
+}
+
+func TestConsumeWithSpeed(t *testing.T) {
+	reader := strings.NewReader("1234567890")
+	chunksize := 2
+
+	bytes1, err := ConsumeWithSpeed(reader, chunksize, 1*time.Second, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if bytes1 != 10 {
+		t.Fatalf("Expected to have read 10 bytes, got %d", bytes1)
+	}
+
+}
+
+func TestConsumeWithSpeedWithStop(t *testing.T) {
+	reader := strings.NewReader("1234567890")
+	chunksize := 2
+
+	stopIt := make(chan bool)
+
+	go func() {
+		time.Sleep(1 * time.Millisecond)
+		stopIt <- true
+	}()
+
+	bytes1, err := ConsumeWithSpeed(reader, chunksize, 20*time.Millisecond, stopIt)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if bytes1 != 2 {
+		t.Fatalf("Expected to have read 2 bytes, got %d", bytes1)
+	}
+
+}
+
+func TestParseCgroupPathsEmpty(t *testing.T) {
+	cgroupMap := ParseCgroupPaths("")
+	if len(cgroupMap) != 0 {
+		t.Fatalf("Expected an empty map, got %v", cgroupMap)
+	}
+	cgroupMap = ParseCgroupPaths("\n")
+	if len(cgroupMap) != 0 {
+		t.Fatalf("Expected an empty map, got %v", cgroupMap)
+	}
+	cgroupMap = ParseCgroupPaths("something:else\nagain:here")
+	if len(cgroupMap) != 0 {
+		t.Fatalf("Expected an empty map, got %v", cgroupMap)
+	}
+}
+
+func TestParseCgroupPaths(t *testing.T) {
+	cgroupMap := ParseCgroupPaths("2:memory:/a\n1:cpuset:/b")
+	if len(cgroupMap) != 2 {
+		t.Fatalf("Expected a map with 2 entries, got %v", cgroupMap)
+	}
+	if value, ok := cgroupMap["memory"]; !ok || value != "/a" {
+		t.Fatalf("Expected cgroupMap to contains an entry for 'memory' with value '/a', got %v", cgroupMap)
+	}
+	if value, ok := cgroupMap["cpuset"]; !ok || value != "/b" {
+		t.Fatalf("Expected cgroupMap to contains an entry for 'cpuset' with value '/b', got %v", cgroupMap)
+	}
+}
+
+func TestChannelBufferTimeout(t *testing.T) {
+	expected := "11"
+
+	buf := &ChannelBuffer{make(chan []byte, 1)}
+	defer buf.Close()
+
+	go func() {
+		time.Sleep(100 * time.Millisecond)
+		io.Copy(buf, strings.NewReader(expected))
+	}()
+
+	// Wait long enough
+	b := make([]byte, 2)
+	_, err := buf.ReadTimeout(b, 50*time.Millisecond)
+	if err == nil && err.Error() != "timeout reading from channel" {
+		t.Fatalf("Expected an error, got %s", err)
+	}
+
+	// Wait for the end :)
+	time.Sleep(150 * time.Millisecond)
+}
+
+func TestChannelBuffer(t *testing.T) {
+	expected := "11"
+
+	buf := &ChannelBuffer{make(chan []byte, 1)}
+	defer buf.Close()
+
+	go func() {
+		time.Sleep(100 * time.Millisecond)
+		io.Copy(buf, strings.NewReader(expected))
+	}()
+
+	// Wait long enough
+	b := make([]byte, 2)
+	_, err := buf.ReadTimeout(b, 200*time.Millisecond)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if string(b) != expected {
+		t.Fatalf("Expected '%s', got '%s'", expected, string(b))
+	}
+}
+
+// FIXME doesn't work
+// func TestRunAtDifferentDate(t *testing.T) {
+// 	var date string
+
+// 	// Layout for date. MMDDhhmmYYYY
+// 	const timeLayout = "20060102"
+// 	expectedDate := "20100201"
+// 	theDate, err := time.Parse(timeLayout, expectedDate)
+// 	if err != nil {
+// 		t.Fatal(err)
+// 	}
+
+// 	RunAtDifferentDate(theDate, func() {
+// 		cmd := exec.Command("date", "+%Y%M%d")
+// 		out, err := cmd.Output()
+// 		if err != nil {
+// 			t.Fatal(err)
+// 		}
+// 		date = string(out)
+// 	})
+// }
diff --git a/pkg/ioutils/bytespipe.go b/pkg/ioutils/bytespipe.go
new file mode 100644
index 00000000..fcaecc37
--- /dev/null
+++ b/pkg/ioutils/bytespipe.go
@@ -0,0 +1,156 @@
+package ioutils
+
+import (
+	"errors"
+	"io"
+	"sync"
+)
+
+// maxCap is the highest capacity to use in byte slices that buffer data.
+const maxCap = 1e6
+
+// blockThreshold is the minimum number of bytes in the buffer which will cause
+// a write to BytesPipe to block when allocating a new slice.
+const blockThreshold = 1e6
+
+// ErrClosed is returned when Write is called on a closed BytesPipe.
+var ErrClosed = errors.New("write to closed BytesPipe")
+
+// BytesPipe is io.ReadWriteCloser which works similarly to pipe(queue).
+// All written data may be read at most once. Also, BytesPipe allocates
+// and releases new byte slices to adjust to current needs, so the buffer
+// won't be overgrown after peak loads.
+type BytesPipe struct {
+	mu       sync.Mutex
+	wait     *sync.Cond
+	buf      [][]byte // slice of byte-slices of buffered data
+	lastRead int      // index in the first slice to a read point
+	bufLen   int      // length of data buffered over the slices
+	closeErr error    // error to return from next Read. set to nil if not closed.
+}
+
+// NewBytesPipe creates new BytesPipe, initialized by specified slice.
+// If buf is nil, then it will be initialized with slice which cap is 64.
+// buf will be adjusted in a way that len(buf) == 0, cap(buf) == cap(buf).
+func NewBytesPipe(buf []byte) *BytesPipe {
+	if cap(buf) == 0 {
+		buf = make([]byte, 0, 64)
+	}
+	bp := &BytesPipe{
+		buf: [][]byte{buf[:0]},
+	}
+	bp.wait = sync.NewCond(&bp.mu)
+	return bp
+}
+
+// Write writes p to BytesPipe.
+// It can allocate new []byte slices in a process of writing.
+func (bp *BytesPipe) Write(p []byte) (int, error) {
+	bp.mu.Lock()
+	defer bp.mu.Unlock()
+	written := 0
+loop0:
+	for {
+		if bp.closeErr != nil {
+			return written, ErrClosed
+		}
+		// write data to the last buffer
+		b := bp.buf[len(bp.buf)-1]
+		// copy data to the current empty allocated area
+		n := copy(b[len(b):cap(b)], p)
+		// increment buffered data length
+		bp.bufLen += n
+		// include written data in last buffer
+		bp.buf[len(bp.buf)-1] = b[:len(b)+n]
+
+		written += n
+
+		// if there was enough room to write all then break
+		if len(p) == n {
+			break
+		}
+
+		// more data: write to the next slice
+		p = p[n:]
+
+		// block if too much data is still in the buffer
+		for bp.bufLen >= blockThreshold {
+			bp.wait.Wait()
+			if bp.closeErr != nil {
+				continue loop0
+			}
+		}
+
+		// allocate slice that has twice the size of the last unless maximum reached
+		nextCap := 2 * cap(bp.buf[len(bp.buf)-1])
+		if nextCap > maxCap {
+			nextCap = maxCap
+		}
+		// add new byte slice to the buffers slice and continue writing
+		bp.buf = append(bp.buf, make([]byte, 0, nextCap))
+	}
+	bp.wait.Broadcast()
+	return written, nil
+}
+
+// CloseWithError causes further reads from a BytesPipe to return immediately.
+func (bp *BytesPipe) CloseWithError(err error) error {
+	bp.mu.Lock()
+	if err != nil {
+		bp.closeErr = err
+	} else {
+		bp.closeErr = io.EOF
+	}
+	bp.wait.Broadcast()
+	bp.mu.Unlock()
+	return nil
+}
+
+// Close causes further reads from a BytesPipe to return immediately.
+func (bp *BytesPipe) Close() error {
+	return bp.CloseWithError(nil)
+}
+
+func (bp *BytesPipe) len() int {
+	return bp.bufLen - bp.lastRead
+}
+
+// Read reads bytes from BytesPipe.
+// Data could be read only once.
+func (bp *BytesPipe) Read(p []byte) (n int, err error) {
+	bp.mu.Lock()
+	defer bp.mu.Unlock()
+	if bp.len() == 0 {
+		if bp.closeErr != nil {
+			return 0, bp.closeErr
+		}
+		bp.wait.Wait()
+		if bp.len() == 0 && bp.closeErr != nil {
+			return 0, bp.closeErr
+		}
+	}
+	for {
+		read := copy(p, bp.buf[0][bp.lastRead:])
+		n += read
+		bp.lastRead += read
+		if bp.len() == 0 {
+			// we have read everything. reset to the beginning.
+			bp.lastRead = 0
+			bp.bufLen -= len(bp.buf[0])
+			bp.buf[0] = bp.buf[0][:0]
+			break
+		}
+		// break if everything was read
+		if len(p) == read {
+			break
+		}
+		// more buffered data and more asked. read from next slice.
+		p = p[read:]
+		bp.lastRead = 0
+		bp.bufLen -= len(bp.buf[0])
+		bp.buf[0] = nil     // throw away old slice
+		bp.buf = bp.buf[1:] // switch to next
+	}
+	bp.wait.Broadcast()
+	return
+}
diff --git a/pkg/ioutils/bytespipe_test.go b/pkg/ioutils/bytespipe_test.go
new file mode 100644
index 00000000..b051139a
--- /dev/null
+++ b/pkg/ioutils/bytespipe_test.go
@@ -0,0 +1,158 @@
+package ioutils
+
+import (
+	"crypto/sha1"
+	"encoding/hex"
+	"math/rand"
+	"testing"
+	"time"
+)
+
+func TestBytesPipeRead(t *testing.T) {
+	buf := NewBytesPipe(nil)
+	buf.Write([]byte("12"))
+	buf.Write([]byte("34"))
+	buf.Write([]byte("56"))
+	buf.Write([]byte("78"))
+	buf.Write([]byte("90"))
+	rd := make([]byte, 4)
+	n, err := buf.Read(rd)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if n != 4 {
+		t.Fatalf("Wrong number of bytes read: %d, should be %d", n, 4)
+	}
+	if string(rd) != "1234" {
+		t.Fatalf("Read %s, but must be %s", rd, "1234")
+	}
+	n, err = buf.Read(rd)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if n != 4 {
+		t.Fatalf("Wrong number of bytes read: %d, should be %d", n, 4)
+	}
+	if string(rd) != "5678" {
+		t.Fatalf("Read %s, but must be %s", rd, "5679")
+	}
+	n, err = buf.Read(rd)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if n != 2 {
+		t.Fatalf("Wrong number of bytes read: %d, should be %d", n, 2)
+	}
+	if string(rd[:n]) != "90" {
+		t.Fatalf("Read %s, but must be %s", rd, "90")
+	}
+}
+
+func TestBytesPipeWrite(t *testing.T) {
+	buf := NewBytesPipe(nil)
+	buf.Write([]byte("12"))
+	buf.Write([]byte("34"))
+	buf.Write([]byte("56"))
+	buf.Write([]byte("78"))
+	buf.Write([]byte("90"))
+	if string(buf.buf[0]) != "1234567890" {
+		t.Fatalf("Buffer %s, must be %s", buf.buf, "1234567890")
+	}
+}
+
+// Write and read in different speeds/chunk sizes and check valid data is read.
+func TestBytesPipeWriteRandomChunks(t *testing.T) {
+	cases := []struct{ iterations, writesPerLoop, readsPerLoop int }{
+		{100, 10, 1},
+		{1000, 10, 5},
+		{1000, 100, 0},
+		{1000, 5, 6},
+		{10000, 50, 25},
+	}
+
+	testMessage := []byte("this is a random string for testing")
+	// random slice sizes to read and write
+	writeChunks := []int{25, 35, 15, 20}
+	readChunks := []int{5, 45, 20, 25}
+
+	for _, c := range cases {
+		// first pass: write directly to hash
+		hash := sha1.New()
+		for i := 0; i < c.iterations*c.writesPerLoop; i++ {
+			if _, err := hash.Write(testMessage[:writeChunks[i%len(writeChunks)]]); err != nil {
+				t.Fatal(err)
+			}
+		}
+		expected := hex.EncodeToString(hash.Sum(nil))
+
+		// write/read through buffer
+		buf := NewBytesPipe(nil)
+		hash.Reset()
+
+		done := make(chan struct{})
+
+		go func() {
+			// random delay before read starts
+			<-time.After(time.Duration(rand.Intn(10)) * time.Millisecond)
+			for i := 0; ; i++ {
+				p := make([]byte, readChunks[(c.iterations*c.readsPerLoop+i)%len(readChunks)])
+				n, _ := buf.Read(p)
+				if n == 0 {
+					break
+				}
+				hash.Write(p[:n])
+			}
+
+			close(done)
+		}()
+
+		for i := 0; i < c.iterations; i++ {
+			for w := 0; w < c.writesPerLoop; w++ {
+				buf.Write(testMessage[:writeChunks[(i*c.writesPerLoop+w)%len(writeChunks)]])
+			}
+		}
+		buf.Close()
+		<-done
+
+		actual := hex.EncodeToString(hash.Sum(nil))
+
+		if expected != actual {
+			t.Fatalf("BytesPipe returned invalid data. Expected checksum %v, got %v", expected, actual)
+		}
+
+	}
+}
+
+func BenchmarkBytesPipeWrite(b *testing.B) {
+	for i := 0; i < b.N; i++ {
+		readBuf := make([]byte, 1024)
+		buf := NewBytesPipe(nil)
+		go func() {
+			var err error
+			for err == nil {
+				_, err = buf.Read(readBuf)
+			}
+		}()
+		for j := 0; j < 1000; j++ {
+			buf.Write([]byte("pretty short line, because why not?"))
+		}
+		buf.Close()
+	}
+}
+
+func BenchmarkBytesPipeRead(b *testing.B) {
+	rd := make([]byte, 512)
+	for i := 0; i < b.N; i++ {
+		b.StopTimer()
+		buf := NewBytesPipe(nil)
+		for j := 0; j < 500; j++ {
+			buf.Write(make([]byte, 1024))
+		}
+		b.StartTimer()
+		for j := 0; j < 1000; j++ {
+			if n, _ := buf.Read(rd); n != 512 {
+				b.Fatalf("Wrong number of bytes: %d", n)
+			}
+		}
+	}
+}
diff --git a/pkg/ioutils/fmt.go b/pkg/ioutils/fmt.go
new file mode 100644
index 00000000..0b04b0ba
--- /dev/null
+++ b/pkg/ioutils/fmt.go
@@ -0,0 +1,22 @@
+package ioutils
+
+import (
+	"fmt"
+	"io"
+)
+
+// FprintfIfNotEmpty prints the string value if it's not empty
+func FprintfIfNotEmpty(w io.Writer, format, value string) (int, error) {
+	if value != "" {
+		return fmt.Fprintf(w, format, value)
+	}
+	return 0, nil
+}
+
+// FprintfIfTrue prints the boolean value if it's true
+func FprintfIfTrue(w io.Writer, format string, ok bool) (int, error) {
+	if ok {
+		return fmt.Fprintf(w, format, ok)
+	}
+	return 0, nil
+}
diff --git a/pkg/ioutils/fmt_test.go b/pkg/ioutils/fmt_test.go
new file mode 100644
index 00000000..89688632
--- /dev/null
+++ b/pkg/ioutils/fmt_test.go
@@ -0,0 +1,17 @@
+package ioutils
+
+import "testing"
+
+func TestFprintfIfNotEmpty(t *testing.T) {
+	wc := NewWriteCounter(&NopWriter{})
+	n, _ := FprintfIfNotEmpty(wc, "foo%s", "")
+
+	if wc.Count != 0 || n != 0 {
+		t.Errorf("Wrong count: %v vs. %v vs. 0", wc.Count, n)
+	}
+
+	n, _ = FprintfIfNotEmpty(wc, "foo%s", "bar")
+	if wc.Count != 6 || n != 6 {
+		t.Errorf("Wrong count: %v vs. %v vs. 6", wc.Count, n)
+	}
+}
diff --git a/pkg/ioutils/multireader.go b/pkg/ioutils/multireader.go
new file mode 100644
index 00000000..0d2d76b4
--- /dev/null
+++ b/pkg/ioutils/multireader.go
@@ -0,0 +1,226 @@
+package ioutils
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+	"os"
+)
+
+type pos struct {
+	idx    int
+	offset int64
+}
+
+type multiReadSeeker struct {
+	readers []io.ReadSeeker
+	pos     *pos
+	posIdx  map[io.ReadSeeker]int
+}
+
+func (r *multiReadSeeker) Seek(offset int64, whence int) (int64, error) {
+	var tmpOffset int64
+	switch whence {
+	case os.SEEK_SET:
+		for i, rdr := range r.readers {
+			// get size of the current reader
+			s, err := rdr.Seek(0, os.SEEK_END)
+			if err != nil {
+				return -1, err
+			}
+
+			if offset > tmpOffset+s {
+				if i == len(r.readers)-1 {
+					rdrOffset := s + (offset - tmpOffset)
+					if _, err := rdr.Seek(rdrOffset, os.SEEK_SET); err != nil {
+						return -1, err
+					}
+					r.pos = &pos{i, rdrOffset}
+					return offset, nil
+				}
+
+				tmpOffset += s
+				continue
+			}
+
+			rdrOffset := offset - tmpOffset
+			idx := i
+
+			rdr.Seek(rdrOffset, os.SEEK_SET)
+			// make sure all following readers are at 0
+			for _, rdr := range r.readers[i+1:] {
+				rdr.Seek(0, os.SEEK_SET)
+			}
+
+			if rdrOffset == s && i != len(r.readers)-1 {
+				idx++
+				rdrOffset = 0
+			}
+			r.pos = &pos{idx, rdrOffset}
+			return offset, nil
+		}
+	case os.SEEK_END:
+		for _, rdr := range r.readers {
+			s, err := rdr.Seek(0, os.SEEK_END)
+			if err != nil {
+				return -1, err
+			}
+			tmpOffset += s
+		}
+		r.Seek(tmpOffset+offset, os.SEEK_SET)
+		return tmpOffset + offset, nil
+	case os.SEEK_CUR:
+		if r.pos == nil {
+			return r.Seek(offset, os.SEEK_SET)
+		}
+		// Just return the current offset
+		if offset == 0 {
+			return r.getCurOffset()
+		}
+
+		curOffset, err := r.getCurOffset()
+		if err != nil {
+			return -1, err
+		}
+		rdr, rdrOffset, err := r.getReaderForOffset(curOffset + offset)
+		if err != nil {
+			return -1, err
+		}
+
+		r.pos = &pos{r.posIdx[rdr], rdrOffset}
+		return curOffset + offset, nil
+	default:
+		return -1, fmt.Errorf("Invalid whence: %d", whence)
+	}
+
+	return -1, fmt.Errorf("Error seeking for whence: %d, offset: %d", whence, offset)
+}
+
+func (r *multiReadSeeker) getReaderForOffset(offset int64) (io.ReadSeeker, int64, error) {
+	var rdr io.ReadSeeker
+	var rdrOffset int64
+
+	for i, rdr := range r.readers {
+		offsetTo, err := r.getOffsetToReader(rdr)
+		if err != nil {
+			return nil, -1, err
+		}
+		if offsetTo > offset {
+			rdr = r.readers[i-1]
+			rdrOffset = offsetTo - offset
+			break
+		}
+
+		if rdr == r.readers[len(r.readers)-1] {
+			rdrOffset = offsetTo + offset
+			break
+		}
+	}
+
+	return rdr, rdrOffset, nil
+}
+
+func (r *multiReadSeeker) getCurOffset() (int64, error) {
+	var totalSize int64
+	for _, rdr := range r.readers[:r.pos.idx+1] {
+		if r.posIdx[rdr] == r.pos.idx {
+			totalSize += r.pos.offset
+			break
+		}
+
+		size, err := getReadSeekerSize(rdr)
+		if err != nil {
+			return -1, fmt.Errorf("error getting seeker size: %v", err)
+		}
+		totalSize += size
+	}
+	return totalSize, nil
+}
+
+func (r *multiReadSeeker) getOffsetToReader(rdr io.ReadSeeker) (int64, error) {
+	var offset int64
+	for _, r := range r.readers {
+		if r == rdr {
+			break
+		}
+
+		size, err := getReadSeekerSize(rdr)
+		if err != nil {
+			return -1, err
+		}
+		offset += size
+	}
+	return offset, nil
+}
+
+func (r *multiReadSeeker) Read(b []byte) (int, error) {
+	if r.pos == nil {
+		r.pos = &pos{0, 0}
+	}
+
+	bCap := int64(cap(b))
+	buf := bytes.NewBuffer(nil)
+	var rdr io.ReadSeeker
+
+	for _, rdr = range r.readers[r.pos.idx:] {
+		readBytes, err := io.CopyN(buf, rdr, bCap)
+		if err != nil && err != io.EOF {
+			return -1, err
+		}
+		bCap -= readBytes
+
+		if bCap == 0 {
+			break
+		}
+	}
+
+	rdrPos, err := rdr.Seek(0, os.SEEK_CUR)
+	if err != nil {
+		return -1, err
+	}
+	r.pos = &pos{r.posIdx[rdr], rdrPos}
+	return buf.Read(b)
+}
+
+func getReadSeekerSize(rdr io.ReadSeeker) (int64, error) {
+	// save the current position
+	pos, err := rdr.Seek(0, os.SEEK_CUR)
+	if err != nil {
+		return -1, err
+	}
+
+	// get the size
+	size, err := rdr.Seek(0, os.SEEK_END)
+	if err != nil {
+		return -1, err
+	}
+
+	// reset the position
+	if _, err := rdr.Seek(pos, os.SEEK_SET); err != nil {
+		return -1, err
+	}
+	return size, nil
+}
+
+// MultiReadSeeker returns a ReadSeeker that's the logical concatenation of the provided
+// input readseekers. After calling this method the initial position is set to the
+// beginning of the first ReadSeeker. At the end of a ReadSeeker, Read always advances
+// to the beginning of the next ReadSeeker and returns EOF at the end of the last ReadSeeker.
+// Seek can be used over the sum of lengths of all readseekers.
+//
+// When a MultiReadSeeker is used, no Read and Seek operations should be made on
+// its ReadSeeker components. Also, users should make no assumption on the state
+// of individual readseekers while the MultiReadSeeker is used.
+func MultiReadSeeker(readers ...io.ReadSeeker) io.ReadSeeker {
+	if len(readers) == 1 {
+		return readers[0]
+	}
+	idx := make(map[io.ReadSeeker]int)
+	for i, rdr := range readers {
+		idx[rdr] = i
+	}
+	return &multiReadSeeker{
+		readers: readers,
+		posIdx:  idx,
+	}
+}
diff --git a/pkg/ioutils/multireader_test.go b/pkg/ioutils/multireader_test.go
new file mode 100644
index 00000000..de495b56
--- /dev/null
+++ b/pkg/ioutils/multireader_test.go
@@ -0,0 +1,149 @@
+package ioutils
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"strings"
+	"testing"
+)
+
+func TestMultiReadSeekerReadAll(t *testing.T) {
+	str := "hello world"
+	s1 := strings.NewReader(str + " 1")
+	s2 := strings.NewReader(str + " 2")
+	s3 := strings.NewReader(str + " 3")
+	mr := MultiReadSeeker(s1, s2, s3)
+
+	expectedSize := int64(s1.Len() + s2.Len() + s3.Len())
+
+	b, err := ioutil.ReadAll(mr)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	expected := "hello world 1hello world 2hello world 3"
+	if string(b) != expected {
+		t.Fatalf("ReadAll failed, got: %q, expected %q", string(b), expected)
+	}
+
+	size, err := mr.Seek(0, os.SEEK_END)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if size != expectedSize {
+		t.Fatalf("reader size does not match, got %d, expected %d", size, expectedSize)
+	}
+
+	// Reset the position and read again
+	pos, err := mr.Seek(0, os.SEEK_SET)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if pos != 0 {
+		t.Fatalf("expected position to be set to 0, got %d", pos)
+	}
+
+	b, err = ioutil.ReadAll(mr)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if string(b) != expected {
+		t.Fatalf("ReadAll failed, got: %q, expected %q", string(b), expected)
+	}
+}
+
+func TestMultiReadSeekerReadEach(t *testing.T) {
+	str := "hello world"
+	s1 := strings.NewReader(str + " 1")
+	s2 := strings.NewReader(str + " 2")
+	s3 := strings.NewReader(str + " 3")
+	mr := MultiReadSeeker(s1, s2, s3)
+
+	var totalBytes int64
+	for i, s := range []*strings.Reader{s1, s2, s3} {
+		sLen := int64(s.Len())
+		buf := make([]byte, s.Len())
+		expected := []byte(fmt.Sprintf("%s %d", str, i+1))
+
+		if _, err := mr.Read(buf); err != nil && err != io.EOF {
+			t.Fatal(err)
+		}
+
+		if !bytes.Equal(buf, expected) {
+			t.Fatalf("expected %q to be %q", string(buf), string(expected))
+		}
+
+		pos, err := mr.Seek(0, os.SEEK_CUR)
+		if err != nil {
+			t.Fatalf("iteration: %d, error: %v", i+1, err)
+		}
+
+		// check that the total bytes read is the current position of the seeker
+		totalBytes += sLen
+		if pos != totalBytes {
+			t.Fatalf("expected current position to be: %d, got: %d, iteration: %d", totalBytes, pos, i+1)
+		}
+
+		// This tests not only that SEEK_SET and SEEK_CUR give the same values, but that the next iteration is in the expected position as well
+		newPos, err := mr.Seek(pos, os.SEEK_SET)
+		if err != nil {
+			t.Fatal(err)
+		}
+		if newPos != pos {
+			t.Fatalf("expected to get same position when calling SEEK_SET with value from SEEK_CUR, cur: %d, set: %d", pos, newPos)
+		}
+	}
+}
+
+func TestMultiReadSeekerReadSpanningChunks(t *testing.T) {
+	str := "hello world"
+	s1 := strings.NewReader(str + " 1")
+	s2 := strings.NewReader(str + " 2")
+	s3 := strings.NewReader(str + " 3")
+	mr := MultiReadSeeker(s1, s2, s3)
+
+	buf := make([]byte, s1.Len()+3)
+	_, err := mr.Read(buf)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// expected is the contents of s1 + 3 bytes from s2, ie, the `hel` at the end of this string
+	expected := "hello world 1hel"
+	if string(buf) != expected {
+		t.Fatalf("expected %s to be %s", string(buf), expected)
+	}
+}
+
+func TestMultiReadSeekerNegativeSeek(t *testing.T) {
+	str := "hello world"
+	s1 := strings.NewReader(str + " 1")
+	s2 := strings.NewReader(str + " 2")
+	s3 := strings.NewReader(str + " 3")
+	mr := MultiReadSeeker(s1, s2, s3)
+
+	s1Len := s1.Len()
+	s2Len := s2.Len()
+	s3Len := s3.Len()
+
+	s, err := mr.Seek(int64(-1*s3.Len()), os.SEEK_END)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if s != int64(s1Len+s2Len) {
+		t.Fatalf("expected %d to be %d", s, s1.Len()+s2.Len())
+	}
+
+	buf := make([]byte, s3Len)
+	if _, err := mr.Read(buf); err != nil && err != io.EOF {
+		t.Fatal(err)
+	}
+	expected := fmt.Sprintf("%s %d", str, 3)
+	if string(buf) != fmt.Sprintf("%s %d", str, 3) {
+		t.Fatalf("expected %q to be %q", string(buf), expected)
+	}
+}
diff --git a/pkg/ioutils/readers.go b/pkg/ioutils/readers.go
new file mode 100644
index 00000000..e73b02bb
--- /dev/null
+++ b/pkg/ioutils/readers.go
@@ -0,0 +1,154 @@
+package ioutils
+
+import (
+	"crypto/sha256"
+	"encoding/hex"
+	"io"
+
+	"golang.org/x/net/context"
+)
+
+type readCloserWrapper struct {
+	io.Reader
+	closer func() error
+}
+
+func (r *readCloserWrapper) Close() error {
+	return r.closer()
+}
+
+// NewReadCloserWrapper returns a new io.ReadCloser.
+func NewReadCloserWrapper(r io.Reader, closer func() error) io.ReadCloser {
+	return &readCloserWrapper{
+		Reader: r,
+		closer: closer,
+	}
+}
+
+type readerErrWrapper struct {
+	reader io.Reader
+	closer func()
+}
+
+func (r *readerErrWrapper) Read(p []byte) (int, error) {
+	n, err := r.reader.Read(p)
+	if err != nil {
+		r.closer()
+	}
+	return n, err
+}
+
+// NewReaderErrWrapper returns a new io.Reader.
+func NewReaderErrWrapper(r io.Reader, closer func()) io.Reader {
+	return &readerErrWrapper{
+		reader: r,
+		closer: closer,
+	}
+}
+
+// HashData returns the sha256 sum of src.
+func HashData(src io.Reader) (string, error) {
+	h := sha256.New()
+	if _, err := io.Copy(h, src); err != nil {
+		return "", err
+	}
+	return "sha256:" + hex.EncodeToString(h.Sum(nil)), nil
+}
+
+// OnEOFReader wraps a io.ReadCloser and a function
+// the function will run at the end of file or close the file.
+type OnEOFReader struct {
+	Rc io.ReadCloser
+	Fn func()
+}
+
+func (r *OnEOFReader) Read(p []byte) (n int, err error) {
+	n, err = r.Rc.Read(p)
+	if err == io.EOF {
+		r.runFunc()
+	}
+	return
+}
+
+// Close closes the file and run the function.
+func (r *OnEOFReader) Close() error {
+	err := r.Rc.Close()
+	r.runFunc()
+	return err
+}
+
+func (r *OnEOFReader) runFunc() {
+	if fn := r.Fn; fn != nil {
+		fn()
+		r.Fn = nil
+	}
+}
+
+// cancelReadCloser wraps an io.ReadCloser with a context for cancelling read
+// operations.
+type cancelReadCloser struct {
+	cancel func()
+	pR     *io.PipeReader // Stream to read from
+	pW     *io.PipeWriter
+}
+
+// NewCancelReadCloser creates a wrapper that closes the ReadCloser when the
+// context is cancelled. The returned io.ReadCloser must be closed when it is
+// no longer needed.
+func NewCancelReadCloser(ctx context.Context, in io.ReadCloser) io.ReadCloser {
+	pR, pW := io.Pipe()
+
+	// Create a context used to signal when the pipe is closed
+	doneCtx, cancel := context.WithCancel(context.Background())
+
+	p := &cancelReadCloser{
+		cancel: cancel,
+		pR:     pR,
+		pW:     pW,
+	}
+
+	go func() {
+		_, err := io.Copy(pW, in)
+		select {
+		case <-ctx.Done():
+			// If the context was closed, p.closeWithError
+			// was already called. Calling it again would
+			// change the error that Read returns.
+		default:
+			p.closeWithError(err)
+		}
+		in.Close()
+	}()
+	go func() {
+		for {
+			select {
+			case <-ctx.Done():
+				p.closeWithError(ctx.Err())
+			case <-doneCtx.Done():
+				return
+			}
+		}
+	}()
+
+	return p
+}
+
+// Read wraps the Read method of the pipe that provides data from the wrapped
+// ReadCloser.
+func (p *cancelReadCloser) Read(buf []byte) (n int, err error) {
+	return p.pR.Read(buf)
+}
+
+// closeWithError closes the wrapper and its underlying reader. It will
+// cause future calls to Read to return err.
+func (p *cancelReadCloser) closeWithError(err error) {
+	p.pW.CloseWithError(err)
+	p.cancel()
+}
+
+// Close closes the wrapper its underlying reader. It will cause
+// future calls to Read to return io.EOF.
+func (p *cancelReadCloser) Close() error {
+	p.closeWithError(io.EOF)
+	return nil
+}
diff --git a/pkg/ioutils/readers_test.go b/pkg/ioutils/readers_test.go
new file mode 100644
index 00000000..9abc1054
--- /dev/null
+++ b/pkg/ioutils/readers_test.go
@@ -0,0 +1,94 @@
+package ioutils
+
+import (
+	"fmt"
+	"io/ioutil"
+	"strings"
+	"testing"
+	"time"
+
+	"golang.org/x/net/context"
+)
+
+// Implement io.Reader
+type errorReader struct{}
+
+func (r *errorReader) Read(p []byte) (int, error) {
+	return 0, fmt.Errorf("Error reader always fail.")
+}
+
+func TestReadCloserWrapperClose(t *testing.T) {
+	reader := strings.NewReader("A string reader")
+	wrapper := NewReadCloserWrapper(reader, func() error {
+		return fmt.Errorf("This will be called when closing")
+	})
+	err := wrapper.Close()
+	if err == nil || !strings.Contains(err.Error(), "This will be called when closing") {
+		t.Fatalf("readCloserWrapper should have call the anonymous func and thus, fail.")
+	}
+}
+
+func TestReaderErrWrapperReadOnError(t *testing.T) {
+	called := false
+	reader := &errorReader{}
+	wrapper := NewReaderErrWrapper(reader, func() {
+		called = true
+	})
+	_, err := wrapper.Read([]byte{})
+	if err == nil || !strings.Contains(err.Error(), "Error reader always fail.") {
+		t.Fatalf("readErrWrapper should returned an error")
+	}
+	if !called {
+		t.Fatalf("readErrWrapper should have call the anonymous function on failure")
+	}
+}
+
+func TestReaderErrWrapperRead(t *testing.T) {
+	reader := strings.NewReader("a string reader.")
+	wrapper := NewReaderErrWrapper(reader, func() {
+		t.Fatalf("readErrWrapper should not have called the anonymous function")
+	})
+	// Read 20 byte (should be ok with the string above)
+	num, err := wrapper.Read(make([]byte, 20))
+	if err != nil {
+		t.Fatal(err)
+	}
+	if num != 16 {
+		t.Fatalf("readerErrWrapper should have read 16 byte, but read %d", num)
+	}
+}
+
+func TestHashData(t *testing.T) {
+	reader := strings.NewReader("hash-me")
+	actual, err := HashData(reader)
+	if err != nil {
+		t.Fatal(err)
+	}
+	expected := "sha256:4d11186aed035cc624d553e10db358492c84a7cd6b9670d92123c144930450aa"
+	if actual != expected {
+		t.Fatalf("Expecting %s, got %s", expected, actual)
+	}
+}
+
+type perpetualReader struct{}
+
+func (p *perpetualReader) Read(buf []byte) (n int, err error) {
+	for i := 0; i != len(buf); i++ {
+		buf[i] = 'a'
+	}
+	return len(buf), nil
+}
+
+func TestCancelReadCloser(t *testing.T) {
+	ctx, _ := context.WithTimeout(context.Background(), 100*time.Millisecond)
+	cancelReadCloser := NewCancelReadCloser(ctx, ioutil.NopCloser(&perpetualReader{}))
+	for {
+		var buf [128]byte
+		_, err := cancelReadCloser.Read(buf[:])
+		if err == context.DeadlineExceeded {
+			break
+		} else if err != nil {
+			t.Fatalf("got unexpected error: %v", err)
+		}
+	}
+}
diff --git a/pkg/ioutils/scheduler.go b/pkg/ioutils/scheduler.go
new file mode 100644
index 00000000..3c88f29e
--- /dev/null
+++ b/pkg/ioutils/scheduler.go
@@ -0,0 +1,6 @@
+// +build !gccgo
+
+package ioutils
+
+func callSchedulerIfNecessary() {
+}
diff --git a/pkg/ioutils/scheduler_gccgo.go b/pkg/ioutils/scheduler_gccgo.go
new file mode 100644
index 00000000..c11d02b9
--- /dev/null
+++ b/pkg/ioutils/scheduler_gccgo.go
@@ -0,0 +1,13 @@
+// +build gccgo
+
+package ioutils
+
+import (
+	"runtime"
+)
+
+func callSchedulerIfNecessary() {
+	//allow or force Go scheduler to switch context, without explicitly
+	//forcing this will make it hang when using gccgo implementation
+	runtime.Gosched()
+}
diff --git a/pkg/ioutils/temp_unix.go b/pkg/ioutils/temp_unix.go
new file mode 100644
index 00000000..1539ad21
--- /dev/null
+++ b/pkg/ioutils/temp_unix.go
@@ -0,0 +1,10 @@
+// +build !windows
+
+package ioutils
+
+import "io/ioutil"
+
+// TempDir on Unix systems is equivalent to ioutil.TempDir.
+func TempDir(dir, prefix string) (string, error) {
+	return ioutil.TempDir(dir, prefix)
+}
diff --git a/pkg/ioutils/temp_windows.go b/pkg/ioutils/temp_windows.go
new file mode 100644
index 00000000..c258e5fd
--- /dev/null
+++ b/pkg/ioutils/temp_windows.go
@@ -0,0 +1,18 @@
+// +build windows
+
+package ioutils
+
+import (
+	"io/ioutil"
+
+	"github.com/docker/docker/pkg/longpath"
+)
+
+// TempDir is the equivalent of ioutil.TempDir, except that the result is in Windows longpath format.
+func TempDir(dir, prefix string) (string, error) {
+	tempDir, err := ioutil.TempDir(dir, prefix)
+	if err != nil {
+		return "", err
+	}
+	return longpath.AddPrefix(tempDir), nil
+}
diff --git a/pkg/ioutils/writeflusher.go b/pkg/ioutils/writeflusher.go
new file mode 100644
index 00000000..52a4901a
--- /dev/null
+++ b/pkg/ioutils/writeflusher.go
@@ -0,0 +1,92 @@
+package ioutils
+
+import (
+	"io"
+	"sync"
+)
+
+// WriteFlusher wraps the Write and Flush operation ensuring that every write
+// is a flush. In addition, the Close method can be called to intercept
+// Read/Write calls if the targets lifecycle has already ended.
+type WriteFlusher struct {
+	w           io.Writer
+	flusher     flusher
+	flushed     chan struct{}
+	flushedOnce sync.Once
+	closed      chan struct{}
+	closeLock   sync.Mutex
+}
+
+type flusher interface {
+	Flush()
+}
+
+var errWriteFlusherClosed = io.EOF
+
+func (wf *WriteFlusher) Write(b []byte) (n int, err error) {
+	select {
+	case <-wf.closed:
+		return 0, errWriteFlusherClosed
+	default:
+	}
+
+	n, err = wf.w.Write(b)
+	wf.Flush() // every write is a flush.
+	return n, err
+}
+
+// Flush the stream immediately.
+func (wf *WriteFlusher) Flush() {
+	select {
+	case <-wf.closed:
+		return
+	default:
+	}
+
+	wf.flushedOnce.Do(func() {
+		close(wf.flushed)
+	})
+	wf.flusher.Flush()
+}
+
+// Flushed returns the state of flushed.
+// If it's flushed, return true, or else it return false.
+func (wf *WriteFlusher) Flushed() bool {
+	// BUG(stevvooe): Remove this method. Its use is inherently racy. Seems to
+	// be used to detect whether or a response code has been issued or not.
+	// Another hook should be used instead.
+	var flushed bool
+	select {
+	case <-wf.flushed:
+		flushed = true
+	default:
+	}
+	return flushed
+}
+
+// Close closes the write flusher, disallowing any further writes to the
+// target. After the flusher is closed, all calls to write or flush will
+// result in an error.
+func (wf *WriteFlusher) Close() error {
+	wf.closeLock.Lock()
+	defer wf.closeLock.Unlock()
+
+	select {
+	case <-wf.closed:
+		return errWriteFlusherClosed
+	default:
+		close(wf.closed)
+	}
+	return nil
+}
+
+// NewWriteFlusher returns a new WriteFlusher.
+func NewWriteFlusher(w io.Writer) *WriteFlusher {
+	var fl flusher
+	if f, ok := w.(flusher); ok {
+		fl = f
+	} else {
+		fl = &NopFlusher{}
+	}
+	return &WriteFlusher{w: w, flusher: fl, closed: make(chan struct{}), flushed: make(chan struct{})}
+}
diff --git a/pkg/ioutils/writers.go b/pkg/ioutils/writers.go
new file mode 100644
index 00000000..ccc7f9c2
--- /dev/null
+++ b/pkg/ioutils/writers.go
@@ -0,0 +1,66 @@
+package ioutils
+
+import "io"
+
+// NopWriter represents a type which write operation is nop.
+type NopWriter struct{}
+
+func (*NopWriter) Write(buf []byte) (int, error) {
+	return len(buf), nil
+}
+
+type nopWriteCloser struct {
+	io.Writer
+}
+
+func (w *nopWriteCloser) Close() error { return nil }
+
+// NopWriteCloser returns a nopWriteCloser.
+func NopWriteCloser(w io.Writer) io.WriteCloser {
+	return &nopWriteCloser{w}
+}
+
+// NopFlusher represents a type which flush operation is nop.
+type NopFlusher struct{}
+
+// Flush is a nop operation.
+func (f *NopFlusher) Flush() {}
+
+type writeCloserWrapper struct {
+	io.Writer
+	closer func() error
+}
+
+func (r *writeCloserWrapper) Close() error {
+	return r.closer()
+}
+
+// NewWriteCloserWrapper returns a new io.WriteCloser.
+func NewWriteCloserWrapper(r io.Writer, closer func() error) io.WriteCloser {
+	return &writeCloserWrapper{
+		Writer: r,
+		closer: closer,
+	}
+}
+
+// WriteCounter wraps a concrete io.Writer and hold a count of the number
+// of bytes written to the writer during a "session".
+// This can be convenient when write return is masked
+// (e.g., json.Encoder.Encode())
+type WriteCounter struct {
+	Count  int64
+	Writer io.Writer
+}
+
+// NewWriteCounter returns a new WriteCounter.
+func NewWriteCounter(w io.Writer) *WriteCounter {
+	return &WriteCounter{
+		Writer: w,
+	}
+}
+
+func (wc *WriteCounter) Write(p []byte) (count int, err error) {
+	count, err = wc.Writer.Write(p)
+	wc.Count += int64(count)
+	return
+}
diff --git a/pkg/ioutils/writers_test.go b/pkg/ioutils/writers_test.go
new file mode 100644
index 00000000..564b1cd4
--- /dev/null
+++ b/pkg/ioutils/writers_test.go
@@ -0,0 +1,65 @@
+package ioutils
+
+import (
+	"bytes"
+	"strings"
+	"testing"
+)
+
+func TestWriteCloserWrapperClose(t *testing.T) {
+	called := false
+	writer := bytes.NewBuffer([]byte{})
+	wrapper := NewWriteCloserWrapper(writer, func() error {
+		called = true
+		return nil
+	})
+	if err := wrapper.Close(); err != nil {
+		t.Fatal(err)
+	}
+	if !called {
+		t.Fatalf("writeCloserWrapper should have call the anonymous function.")
+	}
+}
+
+func TestNopWriteCloser(t *testing.T) {
+	writer := bytes.NewBuffer([]byte{})
+	wrapper := NopWriteCloser(writer)
+	if err := wrapper.Close(); err != nil {
+		t.Fatal("NopWriteCloser always return nil on Close.")
+	}
+
+}
+
+func TestNopWriter(t *testing.T) {
+	nw := &NopWriter{}
+	l, err := nw.Write([]byte{'c'})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if l != 1 {
+		t.Fatalf("Expected 1 got %d", l)
+	}
+}
+
+func TestWriteCounter(t *testing.T) {
+	dummy1 := "This is a dummy string."
+	dummy2 := "This is another dummy string."
+	totalLength := int64(len(dummy1) + len(dummy2))
+
+	reader1 := strings.NewReader(dummy1)
+	reader2 := strings.NewReader(dummy2)
+
+	var buffer bytes.Buffer
+	wc := NewWriteCounter(&buffer)
+
+	reader1.WriteTo(wc)
+	reader2.WriteTo(wc)
+
+	if wc.Count != totalLength {
+		t.Errorf("Wrong count: %d vs. %d", wc.Count, totalLength)
+	}
+
+	if buffer.String() != dummy1+dummy2 {
+		t.Error("Wrong message written")
+	}
+}
diff --git a/pkg/jsonlog/jsonlog.go b/pkg/jsonlog/jsonlog.go
new file mode 100644
index 00000000..422e4bbd
--- /dev/null
+++ b/pkg/jsonlog/jsonlog.go
@@ -0,0 +1,40 @@
+package jsonlog
+
+import (
+	"encoding/json"
+	"fmt"
+	"time"
+)
+
+// JSONLog represents a log message, typically a single entry from a given log stream.
+// JSONLogs can be easily serialized to and from JSON and support custom formatting.
+type JSONLog struct {
+	// Log is the log message
+	Log string `json:"log,omitempty"`
+	// Stream is the log source
+	Stream string `json:"stream,omitempty"`
+	// Created is the created timestamp of log
+	Created time.Time `json:"time"`
+}
+
+// Format returns the log formatted according to format
+// If format is nil, returns the log message
+// If format is json, returns the log marshaled in json format
+// By default, returns the log with the log time formatted according to format.
+func (jl *JSONLog) Format(format string) (string, error) {
+	if format == "" {
+		return jl.Log, nil
+	}
+	if format == "json" {
+		m, err := json.Marshal(jl)
+		return string(m), err
+	}
+	return fmt.Sprintf("%s %s", jl.Created.Format(format), jl.Log), nil
+}
+
+// Reset resets the log to nil.
+func (jl *JSONLog) Reset() {
+	jl.Log = ""
+	jl.Stream = ""
+	jl.Created = time.Time{}
+}
diff --git a/pkg/jsonlog/jsonlog_marshalling.go b/pkg/jsonlog/jsonlog_marshalling.go
new file mode 100644
index 00000000..83ce684a
--- /dev/null
+++ b/pkg/jsonlog/jsonlog_marshalling.go
@@ -0,0 +1,178 @@
+// This code was initially generated by ffjson <https://github.com/pquerna/ffjson>
+// This code was generated via the following steps:
+// $ go get -u github.com/pquerna/ffjson
+// $ make BIND_DIR=. shell
+// $ ffjson pkg/jsonlog/jsonlog.go
+// $ mv pkg/jsonglog/jsonlog_ffjson.go pkg/jsonlog/jsonlog_marshalling.go
+//
+// It has been modified to improve the performance of time marshalling to JSON
+// and to clean it up.
+// Should this code need to be regenerated when the JSONLog struct is changed,
+// the relevant changes which have been made are:
+// import (
+//        "bytes"
+//-
+//        "unicode/utf8"
+// )
+//
+// func (mj *JSONLog) MarshalJSON() ([]byte, error) {
+//@@ -20,13 +16,13 @@ func (mj *JSONLog) MarshalJSON() ([]byte, error) {
+//        }
+//        return buf.Bytes(), nil
+// }
+//+
+// func (mj *JSONLog) MarshalJSONBuf(buf *bytes.Buffer) error {
+//-       var err error
+//-       var obj []byte
+//-       var first bool = true
+//-       _ = obj
+//-       _ = err
+//-       _ = first
+//+       var (
+//+               err       error
+//+               timestamp string
+//+               first     bool = true
+//+       )
+//        buf.WriteString(`{`)
+//        if len(mj.Log) != 0 {
+//                if first == true {
+//@@ -52,11 +48,11 @@ func (mj *JSONLog) MarshalJSONBuf(buf *bytes.Buffer) error {
+//                buf.WriteString(`,`)
+//        }
+//        buf.WriteString(`"time":`)
+//-       obj, err = mj.Created.MarshalJSON()
+//+       timestamp, err = FastTimeMarshalJSON(mj.Created)
+//        if err != nil {
+//                return err
+//        }
+//-       buf.Write(obj)
+//+       buf.WriteString(timestamp)
+//        buf.WriteString(`}`)
+//        return nil
+// }
+// @@ -81,9 +81,10 @@ func (mj *JSONLog) MarshalJSONBuf(buf *bytes.Buffer) error {
+//         if len(mj.Log) != 0 {
+// -                if first == true {
+// -                       first = false
+// -               } else {
+// -                       buf.WriteString(`,`)
+// -               }
+// +               first = false
+//                 buf.WriteString(`"log":`)
+//                 ffjsonWriteJSONString(buf, mj.Log)
+//         }
+
+package jsonlog
+
+import (
+	"bytes"
+	"unicode/utf8"
+)
+
+// MarshalJSON marshals the JSONLog.
+func (mj *JSONLog) MarshalJSON() ([]byte, error) {
+	var buf bytes.Buffer
+	buf.Grow(1024)
+	if err := mj.MarshalJSONBuf(&buf); err != nil {
+		return nil, err
+	}
+	return buf.Bytes(), nil
+}
+
+// MarshalJSONBuf marshals the JSONLog and stores the result to a bytes.Buffer.
+func (mj *JSONLog) MarshalJSONBuf(buf *bytes.Buffer) error {
+	var (
+		err       error
+		timestamp string
+		first     = true
+	)
+	buf.WriteString(`{`)
+	if len(mj.Log) != 0 {
+		first = false
+		buf.WriteString(`"log":`)
+		ffjsonWriteJSONString(buf, mj.Log)
+	}
+	if len(mj.Stream) != 0 {
+		if first {
+			first = false
+		} else {
+			buf.WriteString(`,`)
+		}
+		buf.WriteString(`"stream":`)
+		ffjsonWriteJSONString(buf, mj.Stream)
+	}
+	if !first {
+		buf.WriteString(`,`)
+	}
+	buf.WriteString(`"time":`)
+	timestamp, err = FastTimeMarshalJSON(mj.Created)
+	if err != nil {
+		return err
+	}
+	buf.WriteString(timestamp)
+	buf.WriteString(`}`)
+	return nil
+}
+
+func ffjsonWriteJSONString(buf *bytes.Buffer, s string) {
+	const hex = "0123456789abcdef"
+
+	buf.WriteByte('"')
+	start := 0
+	for i := 0; i < len(s); {
+		if b := s[i]; b < utf8.RuneSelf {
+			if 0x20 <= b && b != '\\' && b != '"' && b != '<' && b != '>' && b != '&' {
+				i++
+				continue
+			}
+			if start < i {
+				buf.WriteString(s[start:i])
+			}
+			switch b {
+			case '\\', '"':
+				buf.WriteByte('\\')
+				buf.WriteByte(b)
+			case '\n':
+				buf.WriteByte('\\')
+				buf.WriteByte('n')
+			case '\r':
+				buf.WriteByte('\\')
+				buf.WriteByte('r')
+			default:
+
+				buf.WriteString(`\u00`)
+				buf.WriteByte(hex[b>>4])
+				buf.WriteByte(hex[b&0xF])
+			}
+			i++
+			start = i
+			continue
+		}
+		c, size := utf8.DecodeRuneInString(s[i:])
+		if c == utf8.RuneError && size == 1 {
+			if start < i {
+				buf.WriteString(s[start:i])
+			}
+			buf.WriteString(`\ufffd`)
+			i += size
+			start = i
+			continue
+		}
+
+		if c == '\u2028' || c == '\u2029' {
+			if start < i {
+				buf.WriteString(s[start:i])
+			}
+			buf.WriteString(`\u202`)
+			buf.WriteByte(hex[c&0xF])
+			i += size
+			start = i
+			continue
+		}
+		i += size
+	}
+	if start < len(s) {
+		buf.WriteString(s[start:])
+	}
+	buf.WriteByte('"')
+}
diff --git a/pkg/jsonlog/jsonlog_marshalling_test.go b/pkg/jsonlog/jsonlog_marshalling_test.go
new file mode 100644
index 00000000..5e455685
--- /dev/null
+++ b/pkg/jsonlog/jsonlog_marshalling_test.go
@@ -0,0 +1,34 @@
+package jsonlog
+
+import (
+	"regexp"
+	"testing"
+)
+
+func TestJSONLogMarshalJSON(t *testing.T) {
+	logs := map[JSONLog]string{
+		JSONLog{Log: `"A log line with \\"`}:           `^{\"log\":\"\\\"A log line with \\\\\\\\\\\"\",\"time\":\".{20,}\"}$`,
+		JSONLog{Log: "A log line"}:                     `^{\"log\":\"A log line\",\"time\":\".{20,}\"}$`,
+		JSONLog{Log: "A log line with \r"}:             `^{\"log\":\"A log line with \\r\",\"time\":\".{20,}\"}$`,
+		JSONLog{Log: "A log line with & < >"}:          `^{\"log\":\"A log line with \\u0026 \\u003c \\u003e\",\"time\":\".{20,}\"}$`,
+		JSONLog{Log: "A log line with utf8 : 🚀 ψ ω β"}: `^{\"log\":\"A log line with utf8 : 🚀 ψ ω β\",\"time\":\".{20,}\"}$`,
+		JSONLog{Stream: "stdout"}:                      `^{\"stream\":\"stdout\",\"time\":\".{20,}\"}$`,
+		JSONLog{}:                                      `^{\"time\":\".{20,}\"}$`,
+		// These ones are a little weird
+		JSONLog{Log: "\u2028 \u2029"}:      `^{\"log\":\"\\u2028 \\u2029\",\"time\":\".{20,}\"}$`,
+		JSONLog{Log: string([]byte{0xaF})}: `^{\"log\":\"\\ufffd\",\"time\":\".{20,}\"}$`,
+		JSONLog{Log: string([]byte{0x7F})}: `^{\"log\":\"\x7f\",\"time\":\".{20,}\"}$`,
+	}
+	for jsonLog, expression := range logs {
+		data, err := jsonLog.MarshalJSON()
+		if err != nil {
+			t.Fatal(err)
+		}
+		res := string(data)
+		t.Logf("Result of WriteLog: %q", res)
+		logRe := regexp.MustCompile(expression)
+		if !logRe.MatchString(res) {
+			t.Fatalf("Log line not in expected format [%v]: %q", expression, res)
+		}
+	}
+}
diff --git a/pkg/jsonlog/jsonlogbytes.go b/pkg/jsonlog/jsonlogbytes.go
new file mode 100644
index 00000000..df522c0d
--- /dev/null
+++ b/pkg/jsonlog/jsonlogbytes.go
@@ -0,0 +1,122 @@
+package jsonlog
+
+import (
+	"bytes"
+	"encoding/json"
+	"unicode/utf8"
+)
+
+// JSONLogs is based on JSONLog.
+// It allows marshalling JSONLog from Log as []byte
+// and an already marshalled Created timestamp.
+type JSONLogs struct {
+	Log     []byte `json:"log,omitempty"`
+	Stream  string `json:"stream,omitempty"`
+	Created string `json:"time"`
+
+	// json-encoded bytes
+	RawAttrs json.RawMessage `json:"attrs,omitempty"`
+}
+
+// MarshalJSONBuf is based on the same method from JSONLog
+// It has been modified to take into account the necessary changes.
+func (mj *JSONLogs) MarshalJSONBuf(buf *bytes.Buffer) error {
+	var first = true
+
+	buf.WriteString(`{`)
+	if len(mj.Log) != 0 {
+		first = false
+		buf.WriteString(`"log":`)
+		ffjsonWriteJSONBytesAsString(buf, mj.Log)
+	}
+	if len(mj.Stream) != 0 {
+		if first == true {
+			first = false
+		} else {
+			buf.WriteString(`,`)
+		}
+		buf.WriteString(`"stream":`)
+		ffjsonWriteJSONString(buf, mj.Stream)
+	}
+	if len(mj.RawAttrs) > 0 {
+		if first {
+			first = false
+		} else {
+			buf.WriteString(`,`)
+		}
+		buf.WriteString(`"attrs":`)
+		buf.Write(mj.RawAttrs)
+	}
+	if !first {
+		buf.WriteString(`,`)
+	}
+	buf.WriteString(`"time":`)
+	buf.WriteString(mj.Created)
+	buf.WriteString(`}`)
+	return nil
+}
+
+// This is based on ffjsonWriteJSONBytesAsString. It has been changed
+// to accept a string passed as a slice of bytes.
+func ffjsonWriteJSONBytesAsString(buf *bytes.Buffer, s []byte) {
+	const hex = "0123456789abcdef"
+
+	buf.WriteByte('"')
+	start := 0
+	for i := 0; i < len(s); {
+		if b := s[i]; b < utf8.RuneSelf {
+			if 0x20 <= b && b != '\\' && b != '"' && b != '<' && b != '>' && b != '&' {
+				i++
+				continue
+			}
+			if start < i {
+				buf.Write(s[start:i])
+			}
+			switch b {
+			case '\\', '"':
+				buf.WriteByte('\\')
+				buf.WriteByte(b)
+			case '\n':
+				buf.WriteByte('\\')
+				buf.WriteByte('n')
+			case '\r':
+				buf.WriteByte('\\')
+				buf.WriteByte('r')
+			default:
+
+				buf.WriteString(`\u00`)
+				buf.WriteByte(hex[b>>4])
+				buf.WriteByte(hex[b&0xF])
+			}
+			i++
+			start = i
+			continue
+		}
+		c, size := utf8.DecodeRune(s[i:])
+		if c == utf8.RuneError && size == 1 {
+			if start < i {
+				buf.Write(s[start:i])
+			}
+			buf.WriteString(`\ufffd`)
+			i += size
+			start = i
+			continue
+		}
+
+		if c == '\u2028' || c == '\u2029' {
+			if start < i {
+				buf.Write(s[start:i])
+			}
+			buf.WriteString(`\u202`)
+			buf.WriteByte(hex[c&0xF])
+			i += size
+			start = i
+			continue
+		}
+		i += size
+	}
+	if start < len(s) {
+		buf.Write(s[start:])
+	}
+	buf.WriteByte('"')
+}
diff --git a/pkg/jsonlog/jsonlogbytes_test.go b/pkg/jsonlog/jsonlogbytes_test.go
new file mode 100644
index 00000000..6d6ad215
--- /dev/null
+++ b/pkg/jsonlog/jsonlogbytes_test.go
@@ -0,0 +1,39 @@
+package jsonlog
+
+import (
+	"bytes"
+	"regexp"
+	"testing"
+)
+
+func TestJSONLogsMarshalJSONBuf(t *testing.T) {
+	logs := map[*JSONLogs]string{
+		&JSONLogs{Log: []byte(`"A log line with \\"`)}:           `^{\"log\":\"\\\"A log line with \\\\\\\\\\\"\",\"time\":}$`,
+		&JSONLogs{Log: []byte("A log line")}:                     `^{\"log\":\"A log line\",\"time\":}$`,
+		&JSONLogs{Log: []byte("A log line with \r")}:             `^{\"log\":\"A log line with \\r\",\"time\":}$`,
+		&JSONLogs{Log: []byte("A log line with & < >")}:          `^{\"log\":\"A log line with \\u0026 \\u003c \\u003e\",\"time\":}$`,
+		&JSONLogs{Log: []byte("A log line with utf8 : 🚀 ψ ω β")}: `^{\"log\":\"A log line with utf8 : 🚀 ψ ω β\",\"time\":}$`,
+		&JSONLogs{Stream: "stdout"}:                              `^{\"stream\":\"stdout\",\"time\":}$`,
+		&JSONLogs{Stream: "stdout", Log: []byte("A log line")}:   `^{\"log\":\"A log line\",\"stream\":\"stdout\",\"time\":}$`,
+		&JSONLogs{Created: "time"}:                               `^{\"time\":time}$`,
+		&JSONLogs{}:                                              `^{\"time\":}$`,
+		// These ones are a little weird
+		&JSONLogs{Log: []byte("\u2028 \u2029")}: `^{\"log\":\"\\u2028 \\u2029\",\"time\":}$`,
+		&JSONLogs{Log: []byte{0xaF}}:            `^{\"log\":\"\\ufffd\",\"time\":}$`,
+		&JSONLogs{Log: []byte{0x7F}}:            `^{\"log\":\"\x7f\",\"time\":}$`,
+		// with raw attributes
+		&JSONLogs{Log: []byte("A log line"), RawAttrs: []byte(`{"hello":"world","value":1234}`)}: `^{\"log\":\"A log line\",\"attrs\":{\"hello\":\"world\",\"value\":1234},\"time\":}$`,
+	}
+	for jsonLog, expression := range logs {
+		var buf bytes.Buffer
+		if err := jsonLog.MarshalJSONBuf(&buf); err != nil {
+			t.Fatal(err)
+		}
+		res := buf.String()
+		t.Logf("Result of WriteLog: %q", res)
+		logRe := regexp.MustCompile(expression)
+		if !logRe.MatchString(res) {
+			t.Fatalf("Log line not in expected format [%v]: %q", expression, res)
+		}
+	}
+}
diff --git a/pkg/jsonlog/time_marshalling.go b/pkg/jsonlog/time_marshalling.go
new file mode 100644
index 00000000..21173381
--- /dev/null
+++ b/pkg/jsonlog/time_marshalling.go
@@ -0,0 +1,27 @@
+// Package jsonlog provides helper functions to parse and print time (time.Time) as JSON.
+package jsonlog
+
+import (
+	"errors"
+	"time"
+)
+
+const (
+	// RFC3339NanoFixed is our own version of RFC339Nano because we want one
+	// that pads the nano seconds part with zeros to ensure
+	// the timestamps are aligned in the logs.
+	RFC3339NanoFixed = "2006-01-02T15:04:05.000000000Z07:00"
+	// JSONFormat is the format used by FastMarshalJSON
+	JSONFormat = `"` + time.RFC3339Nano + `"`
+)
+
+// FastTimeMarshalJSON avoids one of the extra allocations that
+// time.MarshalJSON is making.
+func FastTimeMarshalJSON(t time.Time) (string, error) {
+	if y := t.Year(); y < 0 || y >= 10000 {
+		// RFC 3339 is clear that years are 4 digits exactly.
+		// See golang.org/issue/4556#c15 for more discussion.
+		return "", errors.New("time.MarshalJSON: year outside of range [0,9999]")
+	}
+	return t.Format(JSONFormat), nil
+}
diff --git a/pkg/jsonlog/time_marshalling_test.go b/pkg/jsonlog/time_marshalling_test.go
new file mode 100644
index 00000000..02d0302c
--- /dev/null
+++ b/pkg/jsonlog/time_marshalling_test.go
@@ -0,0 +1,47 @@
+package jsonlog
+
+import (
+	"testing"
+	"time"
+)
+
+// Testing to ensure 'year' fields is between 0 and 9999
+func TestFastTimeMarshalJSONWithInvalidDate(t *testing.T) {
+	aTime := time.Date(-1, 1, 1, 0, 0, 0, 0, time.Local)
+	json, err := FastTimeMarshalJSON(aTime)
+	if err == nil {
+		t.Fatalf("FastTimeMarshalJSON should throw an error, but was '%v'", json)
+	}
+	anotherTime := time.Date(10000, 1, 1, 0, 0, 0, 0, time.Local)
+	json, err = FastTimeMarshalJSON(anotherTime)
+	if err == nil {
+		t.Fatalf("FastTimeMarshalJSON should throw an error, but was '%v'", json)
+	}
+
+}
+
+func TestFastTimeMarshalJSON(t *testing.T) {
+	aTime := time.Date(2015, 5, 29, 11, 1, 2, 3, time.UTC)
+	json, err := FastTimeMarshalJSON(aTime)
+	if err != nil {
+		t.Fatal(err)
+	}
+	expected := "\"2015-05-29T11:01:02.000000003Z\""
+	if json != expected {
+		t.Fatalf("Expected %v, got %v", expected, json)
+	}
+
+	location, err := time.LoadLocation("Europe/Paris")
+	if err != nil {
+		t.Fatal(err)
+	}
+	aTime = time.Date(2015, 5, 29, 11, 1, 2, 3, location)
+	json, err = FastTimeMarshalJSON(aTime)
+	if err != nil {
+		t.Fatal(err)
+	}
+	expected = "\"2015-05-29T11:01:02.000000003+02:00\""
+	if json != expected {
+		t.Fatalf("Expected %v, got %v", expected, json)
+	}
+}
diff --git a/pkg/jsonmessage/jsonmessage.go b/pkg/jsonmessage/jsonmessage.go
new file mode 100644
index 00000000..65cccbce
--- /dev/null
+++ b/pkg/jsonmessage/jsonmessage.go
@@ -0,0 +1,221 @@
+package jsonmessage
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/pkg/jsonlog"
+	"github.com/docker/docker/pkg/term"
+	"github.com/docker/go-units"
+)
+
+// JSONError wraps a concrete Code and Message, `Code` is
+// is a integer error code, `Message` is the error message.
+type JSONError struct {
+	Code    int    `json:"code,omitempty"`
+	Message string `json:"message,omitempty"`
+}
+
+func (e *JSONError) Error() string {
+	return e.Message
+}
+
+// JSONProgress describes a Progress. terminalFd is the fd of the current terminal,
+// Start is the initial value for the operation. Current is the current status and
+// value of the progress made towards Total. Total is the end value describing when
+// we made 100% progress for an operation.
+type JSONProgress struct {
+	terminalFd uintptr
+	Current    int64 `json:"current,omitempty"`
+	Total      int64 `json:"total,omitempty"`
+	Start      int64 `json:"start,omitempty"`
+}
+
+func (p *JSONProgress) String() string {
+	var (
+		width       = 200
+		pbBox       string
+		numbersBox  string
+		timeLeftBox string
+	)
+
+	ws, err := term.GetWinsize(p.terminalFd)
+	if err == nil {
+		width = int(ws.Width)
+	}
+
+	if p.Current <= 0 && p.Total <= 0 {
+		return ""
+	}
+	current := units.HumanSize(float64(p.Current))
+	if p.Total <= 0 {
+		return fmt.Sprintf("%8v", current)
+	}
+	total := units.HumanSize(float64(p.Total))
+	percentage := int(float64(p.Current)/float64(p.Total)*100) / 2
+	if percentage > 50 {
+		percentage = 50
+	}
+	if width > 110 {
+		// this number can't be negative gh#7136
+		numSpaces := 0
+		if 50-percentage > 0 {
+			numSpaces = 50 - percentage
+		}
+		pbBox = fmt.Sprintf("[%s>%s] ", strings.Repeat("=", percentage), strings.Repeat(" ", numSpaces))
+	}
+
+	numbersBox = fmt.Sprintf("%8v/%v", current, total)
+
+	if p.Current > p.Total {
+		// remove total display if the reported current is wonky.
+		numbersBox = fmt.Sprintf("%8v", current)
+	}
+
+	if p.Current > 0 && p.Start > 0 && percentage < 50 {
+		fromStart := time.Now().UTC().Sub(time.Unix(p.Start, 0))
+		perEntry := fromStart / time.Duration(p.Current)
+		left := time.Duration(p.Total-p.Current) * perEntry
+		left = (left / time.Second) * time.Second
+
+		if width > 50 {
+			timeLeftBox = " " + left.String()
+		}
+	}
+	return pbBox + numbersBox + timeLeftBox
+}
+
+// JSONMessage defines a message struct. It describes
+// the created time, where it from, status, ID of the
+// message. It's used for docker events.
+type JSONMessage struct {
+	Stream          string        `json:"stream,omitempty"`
+	Status          string        `json:"status,omitempty"`
+	Progress        *JSONProgress `json:"progressDetail,omitempty"`
+	ProgressMessage string        `json:"progress,omitempty"` //deprecated
+	ID              string        `json:"id,omitempty"`
+	From            string        `json:"from,omitempty"`
+	Time            int64         `json:"time,omitempty"`
+	TimeNano        int64         `json:"timeNano,omitempty"`
+	Error           *JSONError    `json:"errorDetail,omitempty"`
+	ErrorMessage    string        `json:"error,omitempty"` //deprecated
+	// Aux contains out-of-band data, such as digests for push signing.
+	Aux *json.RawMessage `json:"aux,omitempty"`
+}
+
+// Display displays the JSONMessage to `out`. `isTerminal` describes if `out`
+// is a terminal. If this is the case, it will erase the entire current line
+// when displaying the progressbar.
+func (jm *JSONMessage) Display(out io.Writer, isTerminal bool) error {
+	if jm.Error != nil {
+		if jm.Error.Code == 401 {
+			return fmt.Errorf("Authentication is required.")
+		}
+		return jm.Error
+	}
+	var endl string
+	if isTerminal && jm.Stream == "" && jm.Progress != nil {
+		// <ESC>[2K = erase entire current line
+		fmt.Fprintf(out, "%c[2K\r", 27)
+		endl = "\r"
+	} else if jm.Progress != nil && jm.Progress.String() != "" { //disable progressbar in non-terminal
+		return nil
+	}
+	if jm.TimeNano != 0 {
+		fmt.Fprintf(out, "%s ", time.Unix(0, jm.TimeNano).Format(jsonlog.RFC3339NanoFixed))
+	} else if jm.Time != 0 {
+		fmt.Fprintf(out, "%s ", time.Unix(jm.Time, 0).Format(jsonlog.RFC3339NanoFixed))
+	}
+	if jm.ID != "" {
+		fmt.Fprintf(out, "%s: ", jm.ID)
+	}
+	if jm.From != "" {
+		fmt.Fprintf(out, "(from %s) ", jm.From)
+	}
+	if jm.Progress != nil && isTerminal {
+		fmt.Fprintf(out, "%s %s%s", jm.Status, jm.Progress.String(), endl)
+	} else if jm.ProgressMessage != "" { //deprecated
+		fmt.Fprintf(out, "%s %s%s", jm.Status, jm.ProgressMessage, endl)
+	} else if jm.Stream != "" {
+		fmt.Fprintf(out, "%s%s", jm.Stream, endl)
+	} else {
+		fmt.Fprintf(out, "%s%s\n", jm.Status, endl)
+	}
+	return nil
+}
+
+// DisplayJSONMessagesStream displays a json message stream from `in` to `out`, `isTerminal`
+// describes if `out` is a terminal. If this is the case, it will print `\n` at the end of
+// each line and move the cursor while displaying.
+func DisplayJSONMessagesStream(in io.Reader, out io.Writer, terminalFd uintptr, isTerminal bool, auxCallback func(*json.RawMessage)) error {
+	var (
+		dec = json.NewDecoder(in)
+		ids = make(map[string]int)
+	)
+	for {
+		diff := 0
+		var jm JSONMessage
+		if err := dec.Decode(&jm); err != nil {
+			if err == io.EOF {
+				break
+			}
+			return err
+		}
+
+		if jm.Aux != nil {
+			if auxCallback != nil {
+				auxCallback(jm.Aux)
+			}
+			continue
+		}
+
+		if jm.Progress != nil {
+			jm.Progress.terminalFd = terminalFd
+		}
+		if jm.ID != "" && (jm.Progress != nil || jm.ProgressMessage != "") {
+			line, ok := ids[jm.ID]
+			if !ok {
+				// NOTE: This approach of using len(id) to
+				// figure out the number of lines of history
+				// only works as long as we clear the history
+				// when we output something that's not
+				// accounted for in the map, such as a line
+				// with no ID.
+				line = len(ids)
+				ids[jm.ID] = line
+				if isTerminal {
+					fmt.Fprintf(out, "\n")
+				}
+			} else {
+				diff = len(ids) - line
+			}
+			if isTerminal {
+				// NOTE: this appears to be necessary even if
+				// diff == 0.
+				// <ESC>[{diff}A = move cursor up diff rows
+				fmt.Fprintf(out, "%c[%dA", 27, diff)
+			}
+		} else {
+			// When outputting something that isn't progress
+			// output, clear the history of previous lines. We
+			// don't want progress entries from some previous
+			// operation to be updated (for example, pull -a
+			// with multiple tags).
+			ids = make(map[string]int)
+		}
+		err := jm.Display(out, isTerminal)
+		if jm.ID != "" && isTerminal {
+			// NOTE: this appears to be necessary even if
+			// diff == 0.
+			// <ESC>[{diff}B = move cursor down diff rows
+			fmt.Fprintf(out, "%c[%dB", 27, diff)
+		}
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
diff --git a/pkg/jsonmessage/jsonmessage_test.go b/pkg/jsonmessage/jsonmessage_test.go
new file mode 100644
index 00000000..558effcc
--- /dev/null
+++ b/pkg/jsonmessage/jsonmessage_test.go
@@ -0,0 +1,231 @@
+package jsonmessage
+
+import (
+	"bytes"
+	"fmt"
+	"strings"
+	"testing"
+	"time"
+
+	"github.com/docker/docker/pkg/jsonlog"
+	"github.com/docker/docker/pkg/term"
+)
+
+func TestError(t *testing.T) {
+	je := JSONError{404, "Not found"}
+	if je.Error() != "Not found" {
+		t.Fatalf("Expected 'Not found' got '%s'", je.Error())
+	}
+}
+
+func TestProgress(t *testing.T) {
+	jp := JSONProgress{}
+	if jp.String() != "" {
+		t.Fatalf("Expected empty string, got '%s'", jp.String())
+	}
+
+	expected := "     1 B"
+	jp2 := JSONProgress{Current: 1}
+	if jp2.String() != expected {
+		t.Fatalf("Expected %q, got %q", expected, jp2.String())
+	}
+
+	expectedStart := "[==========>                                        ]     20 B/100 B"
+	jp3 := JSONProgress{Current: 20, Total: 100, Start: time.Now().Unix()}
+	// Just look at the start of the string
+	// (the remaining time is really hard to test -_-)
+	if jp3.String()[:len(expectedStart)] != expectedStart {
+		t.Fatalf("Expected to start with %q, got %q", expectedStart, jp3.String())
+	}
+
+	expected = "[=========================>                         ]     50 B/100 B"
+	jp4 := JSONProgress{Current: 50, Total: 100}
+	if jp4.String() != expected {
+		t.Fatalf("Expected %q, got %q", expected, jp4.String())
+	}
+
+	// this number can't be negative gh#7136
+	expected = "[==================================================>]     50 B"
+	jp5 := JSONProgress{Current: 50, Total: 40}
+	if jp5.String() != expected {
+		t.Fatalf("Expected %q, got %q", expected, jp5.String())
+	}
+}
+
+func TestJSONMessageDisplay(t *testing.T) {
+	now := time.Now()
+	messages := map[JSONMessage][]string{
+		// Empty
+		JSONMessage{}: {"\n", "\n"},
+		// Status
+		JSONMessage{
+			Status: "status",
+		}: {
+			"status\n",
+			"status\n",
+		},
+		// General
+		JSONMessage{
+			Time:   now.Unix(),
+			ID:     "ID",
+			From:   "From",
+			Status: "status",
+		}: {
+			fmt.Sprintf("%v ID: (from From) status\n", time.Unix(now.Unix(), 0).Format(jsonlog.RFC3339NanoFixed)),
+			fmt.Sprintf("%v ID: (from From) status\n", time.Unix(now.Unix(), 0).Format(jsonlog.RFC3339NanoFixed)),
+		},
+		// General, with nano precision time
+		JSONMessage{
+			TimeNano: now.UnixNano(),
+			ID:       "ID",
+			From:     "From",
+			Status:   "status",
+		}: {
+			fmt.Sprintf("%v ID: (from From) status\n", time.Unix(0, now.UnixNano()).Format(jsonlog.RFC3339NanoFixed)),
+			fmt.Sprintf("%v ID: (from From) status\n", time.Unix(0, now.UnixNano()).Format(jsonlog.RFC3339NanoFixed)),
+		},
+		// General, with both times Nano is preferred
+		JSONMessage{
+			Time:     now.Unix(),
+			TimeNano: now.UnixNano(),
+			ID:       "ID",
+			From:     "From",
+			Status:   "status",
+		}: {
+			fmt.Sprintf("%v ID: (from From) status\n", time.Unix(0, now.UnixNano()).Format(jsonlog.RFC3339NanoFixed)),
+			fmt.Sprintf("%v ID: (from From) status\n", time.Unix(0, now.UnixNano()).Format(jsonlog.RFC3339NanoFixed)),
+		},
+		// Stream over status
+		JSONMessage{
+			Status: "status",
+			Stream: "stream",
+		}: {
+			"stream",
+			"stream",
+		},
+		// With progress message
+		JSONMessage{
+			Status:          "status",
+			ProgressMessage: "progressMessage",
+		}: {
+			"status progressMessage",
+			"status progressMessage",
+		},
+		// With progress, stream empty
+		JSONMessage{
+			Status:   "status",
+			Stream:   "",
+			Progress: &JSONProgress{Current: 1},
+		}: {
+			"",
+			fmt.Sprintf("%c[2K\rstatus      1 B\r", 27),
+		},
+	}
+
+	// The tests :)
+	for jsonMessage, expectedMessages := range messages {
+		// Without terminal
+		data := bytes.NewBuffer([]byte{})
+		if err := jsonMessage.Display(data, false); err != nil {
+			t.Fatal(err)
+		}
+		if data.String() != expectedMessages[0] {
+			t.Fatalf("Expected [%v], got [%v]", expectedMessages[0], data.String())
+		}
+		// With terminal
+		data = bytes.NewBuffer([]byte{})
+		if err := jsonMessage.Display(data, true); err != nil {
+			t.Fatal(err)
+		}
+		if data.String() != expectedMessages[1] {
+			t.Fatalf("Expected [%v], got [%v]", expectedMessages[1], data.String())
+		}
+	}
+}
+
+// Test JSONMessage with an Error. It will return an error with the text as error, not the meaning of the HTTP code.
+func TestJSONMessageDisplayWithJSONError(t *testing.T) {
+	data := bytes.NewBuffer([]byte{})
+	jsonMessage := JSONMessage{Error: &JSONError{404, "Can't find it"}}
+
+	err := jsonMessage.Display(data, true)
+	if err == nil || err.Error() != "Can't find it" {
+		t.Fatalf("Expected a JSONError 404, got [%v]", err)
+	}
+
+	jsonMessage = JSONMessage{Error: &JSONError{401, "Anything"}}
+	err = jsonMessage.Display(data, true)
+	if err == nil || err.Error() != "Authentication is required." {
+		t.Fatalf("Expected an error [Authentication is required.], got [%v]", err)
+	}
+}
+
+func TestDisplayJSONMessagesStreamInvalidJSON(t *testing.T) {
+	var (
+		inFd uintptr
+	)
+	data := bytes.NewBuffer([]byte{})
+	reader := strings.NewReader("This is not a 'valid' JSON []")
+	inFd, _ = term.GetFdInfo(reader)
+
+	if err := DisplayJSONMessagesStream(reader, data, inFd, false, nil); err == nil && err.Error()[:17] != "invalid character" {
+		t.Fatalf("Should have thrown an error (invalid character in ..), got [%v]", err)
+	}
+}
+
+func TestDisplayJSONMessagesStream(t *testing.T) {
+	var (
+		inFd uintptr
+	)
+
+	messages := map[string][]string{
+		// empty string
+		"": {
+			"",
+			""},
+		// Without progress & ID
+		"{ \"status\": \"status\" }": {
+			"status\n",
+			"status\n",
+		},
+		// Without progress, with ID
+		"{ \"id\": \"ID\",\"status\": \"status\" }": {
+			"ID: status\n",
+			fmt.Sprintf("ID: status\n%c[%dB", 27, 0),
+		},
+		// With progress
+		"{ \"id\": \"ID\", \"status\": \"status\", \"progress\": \"ProgressMessage\" }": {
+			"ID: status ProgressMessage",
+			fmt.Sprintf("\n%c[%dAID: status ProgressMessage%c[%dB", 27, 0, 27, 0),
+		},
+		// With progressDetail
+		"{ \"id\": \"ID\", \"status\": \"status\", \"progressDetail\": { \"Current\": 1} }": {
+			"", // progressbar is disabled in non-terminal
+			fmt.Sprintf("\n%c[%dA%c[2K\rID: status      1 B\r%c[%dB", 27, 0, 27, 27, 0),
+		},
+	}
+	for jsonMessage, expectedMessages := range messages {
+		data := bytes.NewBuffer([]byte{})
+		reader := strings.NewReader(jsonMessage)
+		inFd, _ = term.GetFdInfo(reader)
+
+		// Without terminal
+		if err := DisplayJSONMessagesStream(reader, data, inFd, false, nil); err != nil {
+			t.Fatal(err)
+		}
+		if data.String() != expectedMessages[0] {
+			t.Fatalf("Expected an [%v], got [%v]", expectedMessages[0], data.String())
+		}
+
+		// With terminal
+		data = bytes.NewBuffer([]byte{})
+		reader = strings.NewReader(jsonMessage)
+		if err := DisplayJSONMessagesStream(reader, data, inFd, true, nil); err != nil {
+			t.Fatal(err)
+		}
+		if data.String() != expectedMessages[1] {
+			t.Fatalf("Expected an [%v], got [%v]", expectedMessages[1], data.String())
+		}
+	}
+
+}
diff --git a/pkg/locker/README.md b/pkg/locker/README.md
new file mode 100644
index 00000000..e84a815c
--- /dev/null
+++ b/pkg/locker/README.md
@@ -0,0 +1,65 @@
+Locker
+=====
+
+locker provides a mechanism for creating finer-grained locking to help
+free up more global locks to handle other tasks.
+
+The implementation looks close to a sync.Mutex, however the user must provide a
+reference to use to refer to the underlying lock when locking and unlocking,
+and unlock may generate an error.
+
+If a lock with a given name does not exist when `Lock` is called, one is
+created.
+Lock references are automatically cleaned up on `Unlock` if nothing else is
+waiting for the lock.
+
+
+## Usage
+
+```go
+package important
+
+import (
+	"sync"
+	"time"
+
+	"github.com/docker/docker/pkg/locker"
+)
+
+type important struct {
+	locks *locker.Locker
+	data  map[string]interface{}
+	mu    sync.Mutex
+}
+
+func (i *important) Get(name string) interface{} {
+	i.locks.Lock(name)
+	defer i.locks.Unlock(name)
+	return data[name]
+}
+
+func (i *important) Create(name string, data interface{}) {
+	i.locks.Lock(name)
+	defer i.locks.Unlock(name)
+
+	i.createImportant(data)
+
+	s.mu.Lock()
+	i.data[name] = data
+	s.mu.Unlock()
+}
+
+func (i *important) createImportant(data interface{}) {
+	time.Sleep(10 * time.Second)
+}
+```
+
+For functions dealing with a given name, always lock at the beginning of the
+function (or before doing anything with the underlying state), this ensures any
+other function that is dealing with the same name will block.
+
+When needing to modify the underlying data, use the global lock to ensure nothing
+else is modfying it at the same time.
+Since name lock is already in place, no reads will occur while the modification
+is being performed.
+
diff --git a/pkg/locker/locker.go b/pkg/locker/locker.go
new file mode 100644
index 00000000..0b22ddfa
--- /dev/null
+++ b/pkg/locker/locker.go
@@ -0,0 +1,112 @@
+/*
+Package locker provides a mechanism for creating finer-grained locking to help
+free up more global locks to handle other tasks.
+
+The implementation looks close to a sync.Mutex, however the user must provide a
+reference to use to refer to the underlying lock when locking and unlocking,
+and unlock may generate an error.
+
+If a lock with a given name does not exist when `Lock` is called, one is
+created.
+Lock references are automatically cleaned up on `Unlock` if nothing else is
+waiting for the lock.
+*/
+package locker
+
+import (
+	"errors"
+	"sync"
+	"sync/atomic"
+)
+
+// ErrNoSuchLock is returned when the requested lock does not exist
+var ErrNoSuchLock = errors.New("no such lock")
+
+// Locker provides a locking mechanism based on the passed in reference name
+type Locker struct {
+	mu    sync.Mutex
+	locks map[string]*lockCtr
+}
+
+// lockCtr is used by Locker to represent a lock with a given name.
+type lockCtr struct {
+	mu sync.Mutex
+	// waiters is the number of waiters waiting to acquire the lock
+	// this is int32 instead of uint32 so we can add `-1` in `dec()`
+	waiters int32
+}
+
+// inc increments the number of waiters waiting for the lock
+func (l *lockCtr) inc() {
+	atomic.AddInt32(&l.waiters, 1)
+}
+
+// dec decrements the number of waiters waiting on the lock
+func (l *lockCtr) dec() {
+	atomic.AddInt32(&l.waiters, -1)
+}
+
+// count gets the current number of waiters
+func (l *lockCtr) count() int32 {
+	return atomic.LoadInt32(&l.waiters)
+}
+
+// Lock locks the mutex
+func (l *lockCtr) Lock() {
+	l.mu.Lock()
+}
+
+// Unlock unlocks the mutex
+func (l *lockCtr) Unlock() {
+	l.mu.Unlock()
+}
+
+// New creates a new Locker
+func New() *Locker {
+	return &Locker{
+		locks: make(map[string]*lockCtr),
+	}
+}
+
+// Lock locks a mutex with the given name. If it doesn't exist, one is created
+func (l *Locker) Lock(name string) {
+	l.mu.Lock()
+	if l.locks == nil {
+		l.locks = make(map[string]*lockCtr)
+	}
+
+	nameLock, exists := l.locks[name]
+	if !exists {
+		nameLock = &lockCtr{}
+		l.locks[name] = nameLock
+	}
+
+	// increment the nameLock waiters while inside the main mutex
+	// this makes sure that the lock isn't deleted if `Lock` and `Unlock` are called concurrently
+	nameLock.inc()
+	l.mu.Unlock()
+
+	// Lock the nameLock outside the main mutex so we don't block other operations
+	// once locked then we can decrement the number of waiters for this lock
+	nameLock.Lock()
+	nameLock.dec()
+}
+
+// Unlock unlocks the mutex with the given name
+// If the given lock is not being waited on by any other callers, it is deleted
+func (l *Locker) Unlock(name string) error {
+	l.mu.Lock()
+	nameLock, exists := l.locks[name]
+	if !exists {
+		l.mu.Unlock()
+		return ErrNoSuchLock
+	}
+
+	if nameLock.count() == 0 {
+		delete(l.locks, name)
+	}
+	nameLock.Unlock()
+
+	l.mu.Unlock()
+	return nil
+}
diff --git a/pkg/locker/locker_test.go b/pkg/locker/locker_test.go
new file mode 100644
index 00000000..5a297dd4
--- /dev/null
+++ b/pkg/locker/locker_test.go
@@ -0,0 +1,124 @@
+package locker
+
+import (
+	"sync"
+	"testing"
+	"time"
+)
+
+func TestLockCounter(t *testing.T) {
+	l := &lockCtr{}
+	l.inc()
+
+	if l.waiters != 1 {
+		t.Fatal("counter inc failed")
+	}
+
+	l.dec()
+	if l.waiters != 0 {
+		t.Fatal("counter dec failed")
+	}
+}
+
+func TestLockerLock(t *testing.T) {
+	l := New()
+	l.Lock("test")
+	ctr := l.locks["test"]
+
+	if ctr.count() != 0 {
+		t.Fatalf("expected waiters to be 0, got :%d", ctr.waiters)
+	}
+
+	chDone := make(chan struct{})
+	go func() {
+		l.Lock("test")
+		close(chDone)
+	}()
+
+	chWaiting := make(chan struct{})
+	go func() {
+		for range time.Tick(1 * time.Millisecond) {
+			if ctr.count() == 1 {
+				close(chWaiting)
+				break
+			}
+		}
+	}()
+
+	select {
+	case <-chWaiting:
+	case <-time.After(3 * time.Second):
+		t.Fatal("timed out waiting for lock waiters to be incremented")
+	}
+
+	select {
+	case <-chDone:
+		t.Fatal("lock should not have returned while it was still held")
+	default:
+	}
+
+	if err := l.Unlock("test"); err != nil {
+		t.Fatal(err)
+	}
+
+	select {
+	case <-chDone:
+	case <-time.After(3 * time.Second):
+		t.Fatalf("lock should have completed")
+	}
+
+	if ctr.count() != 0 {
+		t.Fatalf("expected waiters to be 0, got: %d", ctr.count())
+	}
+}
+
+func TestLockerUnlock(t *testing.T) {
+	l := New()
+
+	l.Lock("test")
+	l.Unlock("test")
+
+	chDone := make(chan struct{})
+	go func() {
+		l.Lock("test")
+		close(chDone)
+	}()
+
+	select {
+	case <-chDone:
+	case <-time.After(3 * time.Second):
+		t.Fatalf("lock should not be blocked")
+	}
+}
+
+func TestLockerConcurrency(t *testing.T) {
+	l := New()
+
+	var wg sync.WaitGroup
+	for i := 0; i <= 10000; i++ {
+		wg.Add(1)
+		go func() {
+			l.Lock("test")
+			// if there is a concurrency issue, will very likely panic here
+			l.Unlock("test")
+			wg.Done()
+		}()
+	}
+
+	chDone := make(chan struct{})
+	go func() {
+		wg.Wait()
+		close(chDone)
+	}()
+
+	select {
+	case <-chDone:
+	case <-time.After(10 * time.Second):
+		t.Fatal("timeout waiting for locks to complete")
+	}
+
+	// Since everything has unlocked this should not exist anymore
+	if ctr, exists := l.locks["test"]; exists {
+		t.Fatalf("lock should not exist: %v", ctr)
+	}
+}
diff --git a/pkg/longpath/longpath.go b/pkg/longpath/longpath.go
new file mode 100644
index 00000000..9b15bfff
--- /dev/null
+++ b/pkg/longpath/longpath.go
@@ -0,0 +1,26 @@
+// longpath introduces some constants and helper functions for handling long paths
+// in Windows, which are expected to be prepended with `\\?\` and followed by either
+// a drive letter, a UNC server\share, or a volume identifier.
+
+package longpath
+
+import (
+	"strings"
+)
+
+// Prefix is the longpath prefix for Windows file paths.
+const Prefix = `\\?\`
+
+// AddPrefix will add the Windows long path prefix to the path provided if
+// it does not already have it.
+func AddPrefix(path string) string {
+	if !strings.HasPrefix(path, Prefix) {
+		if strings.HasPrefix(path, `\\`) {
+			// This is a UNC path, so we need to add 'UNC' to the path as well.
+			path = Prefix + `UNC` + path[1:]
+		} else {
+			path = Prefix + path
+		}
+	}
+	return path
+}
diff --git a/pkg/longpath/longpath_test.go b/pkg/longpath/longpath_test.go
new file mode 100644
index 00000000..01865eff
--- /dev/null
+++ b/pkg/longpath/longpath_test.go
@@ -0,0 +1,22 @@
+package longpath
+
+import (
+	"strings"
+	"testing"
+)
+
+func TestStandardLongPath(t *testing.T) {
+	c := `C:\simple\path`
+	longC := AddPrefix(c)
+	if !strings.EqualFold(longC, `\\?\C:\simple\path`) {
+		t.Errorf("Wrong long path returned. Original = %s ; Long = %s", c, longC)
+	}
+}
+
+func TestUNCLongPath(t *testing.T) {
+	c := `\\server\share\path`
+	longC := AddPrefix(c)
+	if !strings.EqualFold(longC, `\\?\UNC\server\share\path`) {
+		t.Errorf("Wrong UNC long path returned. Original = %s ; Long = %s", c, longC)
+	}
+}
diff --git a/pkg/loopback/attach_loopback.go b/pkg/loopback/attach_loopback.go
new file mode 100644
index 00000000..c6d72d73
--- /dev/null
+++ b/pkg/loopback/attach_loopback.go
@@ -0,0 +1,137 @@
+// +build linux
+
+package loopback
+
+import (
+	"errors"
+	"fmt"
+	"os"
+	"syscall"
+
+	"github.com/Sirupsen/logrus"
+)
+
+// Loopback related errors
+var (
+	ErrAttachLoopbackDevice   = errors.New("loopback attach failed")
+	ErrGetLoopbackBackingFile = errors.New("Unable to get loopback backing file")
+	ErrSetCapacity            = errors.New("Unable set loopback capacity")
+)
+
+func stringToLoopName(src string) [LoNameSize]uint8 {
+	var dst [LoNameSize]uint8
+	copy(dst[:], src[:])
+	return dst
+}
+
+func getNextFreeLoopbackIndex() (int, error) {
+	f, err := os.OpenFile("/dev/loop-control", os.O_RDONLY, 0644)
+	if err != nil {
+		return 0, err
+	}
+	defer f.Close()
+
+	index, err := ioctlLoopCtlGetFree(f.Fd())
+	if index < 0 {
+		index = 0
+	}
+	return index, err
+}
+
+func openNextAvailableLoopback(index int, sparseFile *os.File) (loopFile *os.File, err error) {
+	// Start looking for a free /dev/loop
+	for {
+		target := fmt.Sprintf("/dev/loop%d", index)
+		index++
+
+		fi, err := os.Stat(target)
+		if err != nil {
+			if os.IsNotExist(err) {
+				logrus.Errorf("There are no more loopback devices available.")
+			}
+			return nil, ErrAttachLoopbackDevice
+		}
+
+		if fi.Mode()&os.ModeDevice != os.ModeDevice {
+			logrus.Errorf("Loopback device %s is not a block device.", target)
+			continue
+		}
+
+		// OpenFile adds O_CLOEXEC
+		loopFile, err = os.OpenFile(target, os.O_RDWR, 0644)
+		if err != nil {
+			logrus.Errorf("Error opening loopback device: %s", err)
+			return nil, ErrAttachLoopbackDevice
+		}
+
+		// Try to attach to the loop file
+		if err := ioctlLoopSetFd(loopFile.Fd(), sparseFile.Fd()); err != nil {
+			loopFile.Close()
+
+			// If the error is EBUSY, then try the next loopback
+			if err != syscall.EBUSY {
+				logrus.Errorf("Cannot set up loopback device %s: %s", target, err)
+				return nil, ErrAttachLoopbackDevice
+			}
+
+			// Otherwise, we keep going with the loop
+			continue
+		}
+		// In case of success, we finished. Break the loop.
+		break
+	}
+
+	// This can't happen, but let's be sure
+	if loopFile == nil {
+		logrus.Errorf("Unreachable code reached! Error attaching %s to a loopback device.", sparseFile.Name())
+		return nil, ErrAttachLoopbackDevice
+	}
+
+	return loopFile, nil
+}
+
+// AttachLoopDevice attaches the given sparse file to the next
+// available loopback device. It returns an opened *os.File.
+func AttachLoopDevice(sparseName string) (loop *os.File, err error) {
+
+	// Try to retrieve the next available loopback device via syscall.
+	// If it fails, we discard error and start looping for a
+	// loopback from index 0.
+	startIndex, err := getNextFreeLoopbackIndex()
+	if err != nil {
+		logrus.Debugf("Error retrieving the next available loopback: %s", err)
+	}
+
+	// OpenFile adds O_CLOEXEC
+	sparseFile, err := os.OpenFile(sparseName, os.O_RDWR, 0644)
+	if err != nil {
+		logrus.Errorf("Error opening sparse file %s: %s", sparseName, err)
+		return nil, ErrAttachLoopbackDevice
+	}
+	defer sparseFile.Close()
+
+	loopFile, err := openNextAvailableLoopback(startIndex, sparseFile)
+	if err != nil {
+		return nil, err
+	}
+
+	// Set the status of the loopback device
+	loopInfo := &loopInfo64{
+		loFileName: stringToLoopName(loopFile.Name()),
+		loOffset:   0,
+		loFlags:    LoFlagsAutoClear,
+	}
+
+	if err := ioctlLoopSetStatus64(loopFile.Fd(), loopInfo); err != nil {
+		logrus.Errorf("Cannot set up loopback device info: %s", err)
+
+		// If the call failed, then free the loopback device
+		if err := ioctlLoopClrFd(loopFile.Fd()); err != nil {
+			logrus.Errorf("Error while cleaning up the loopback device")
+		}
+		loopFile.Close()
+		return nil, ErrAttachLoopbackDevice
+	}
+
+	return loopFile, nil
+}
diff --git a/pkg/loopback/ioctl.go b/pkg/loopback/ioctl.go
new file mode 100644
index 00000000..0714eb5f
--- /dev/null
+++ b/pkg/loopback/ioctl.go
@@ -0,0 +1,53 @@
+// +build linux
+
+package loopback
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+func ioctlLoopCtlGetFree(fd uintptr) (int, error) {
+	index, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, LoopCtlGetFree, 0)
+	if err != 0 {
+		return 0, err
+	}
+	return int(index), nil
+}
+
+func ioctlLoopSetFd(loopFd, sparseFd uintptr) error {
+	if _, _, err := syscall.Syscall(syscall.SYS_IOCTL, loopFd, LoopSetFd, sparseFd); err != 0 {
+		return err
+	}
+	return nil
+}
+
+func ioctlLoopSetStatus64(loopFd uintptr, loopInfo *loopInfo64) error {
+	if _, _, err := syscall.Syscall(syscall.SYS_IOCTL, loopFd, LoopSetStatus64, uintptr(unsafe.Pointer(loopInfo))); err != 0 {
+		return err
+	}
+	return nil
+}
+
+func ioctlLoopClrFd(loopFd uintptr) error {
+	if _, _, err := syscall.Syscall(syscall.SYS_IOCTL, loopFd, LoopClrFd, 0); err != 0 {
+		return err
+	}
+	return nil
+}
+
+func ioctlLoopGetStatus64(loopFd uintptr) (*loopInfo64, error) {
+	loopInfo := &loopInfo64{}
+
+	if _, _, err := syscall.Syscall(syscall.SYS_IOCTL, loopFd, LoopGetStatus64, uintptr(unsafe.Pointer(loopInfo))); err != 0 {
+		return nil, err
+	}
+	return loopInfo, nil
+}
+
+func ioctlLoopSetCapacity(loopFd uintptr, value int) error {
+	if _, _, err := syscall.Syscall(syscall.SYS_IOCTL, loopFd, LoopSetCapacity, uintptr(value)); err != 0 {
+		return err
+	}
+	return nil
+}
diff --git a/pkg/loopback/loop_wrapper.go b/pkg/loopback/loop_wrapper.go
new file mode 100644
index 00000000..e1100ce1
--- /dev/null
+++ b/pkg/loopback/loop_wrapper.go
@@ -0,0 +1,52 @@
+// +build linux
+
+package loopback
+
+/*
+#include <linux/loop.h> // FIXME: present only for defines, maybe we can remove it?
+
+#ifndef LOOP_CTL_GET_FREE
+  #define LOOP_CTL_GET_FREE 0x4C82
+#endif
+
+#ifndef LO_FLAGS_PARTSCAN
+  #define LO_FLAGS_PARTSCAN 8
+#endif
+
+*/
+import "C"
+
+type loopInfo64 struct {
+	loDevice         uint64 /* ioctl r/o */
+	loInode          uint64 /* ioctl r/o */
+	loRdevice        uint64 /* ioctl r/o */
+	loOffset         uint64
+	loSizelimit      uint64 /* bytes, 0 == max available */
+	loNumber         uint32 /* ioctl r/o */
+	loEncryptType    uint32
+	loEncryptKeySize uint32 /* ioctl w/o */
+	loFlags          uint32 /* ioctl r/o */
+	loFileName       [LoNameSize]uint8
+	loCryptName      [LoNameSize]uint8
+	loEncryptKey     [LoKeySize]uint8 /* ioctl w/o */
+	loInit           [2]uint64
+}
+
+// IOCTL consts
+const (
+	LoopSetFd       = C.LOOP_SET_FD
+	LoopCtlGetFree  = C.LOOP_CTL_GET_FREE
+	LoopGetStatus64 = C.LOOP_GET_STATUS64
+	LoopSetStatus64 = C.LOOP_SET_STATUS64
+	LoopClrFd       = C.LOOP_CLR_FD
+	LoopSetCapacity = C.LOOP_SET_CAPACITY
+)
+
+// LOOP consts.
+const (
+	LoFlagsAutoClear = C.LO_FLAGS_AUTOCLEAR
+	LoFlagsReadOnly  = C.LO_FLAGS_READ_ONLY
+	LoFlagsPartScan  = C.LO_FLAGS_PARTSCAN
+	LoKeySize        = C.LO_KEY_SIZE
+	LoNameSize       = C.LO_NAME_SIZE
+)
diff --git a/pkg/loopback/loopback.go b/pkg/loopback/loopback.go
new file mode 100644
index 00000000..bc047928
--- /dev/null
+++ b/pkg/loopback/loopback.go
@@ -0,0 +1,63 @@
+// +build linux
+
+package loopback
+
+import (
+	"fmt"
+	"os"
+	"syscall"
+
+	"github.com/Sirupsen/logrus"
+)
+
+func getLoopbackBackingFile(file *os.File) (uint64, uint64, error) {
+	loopInfo, err := ioctlLoopGetStatus64(file.Fd())
+	if err != nil {
+		logrus.Errorf("Error get loopback backing file: %s", err)
+		return 0, 0, ErrGetLoopbackBackingFile
+	}
+	return loopInfo.loDevice, loopInfo.loInode, nil
+}
+
+// SetCapacity reloads the size for the loopback device.
+func SetCapacity(file *os.File) error {
+	if err := ioctlLoopSetCapacity(file.Fd(), 0); err != nil {
+		logrus.Errorf("Error loopbackSetCapacity: %s", err)
+		return ErrSetCapacity
+	}
+	return nil
+}
+
+// FindLoopDeviceFor returns a loopback device file for the specified file which
+// is backing file of a loop back device.
+func FindLoopDeviceFor(file *os.File) *os.File {
+	stat, err := file.Stat()
+	if err != nil {
+		return nil
+	}
+	targetInode := stat.Sys().(*syscall.Stat_t).Ino
+	targetDevice := stat.Sys().(*syscall.Stat_t).Dev
+
+	for i := 0; true; i++ {
+		path := fmt.Sprintf("/dev/loop%d", i)
+
+		file, err := os.OpenFile(path, os.O_RDWR, 0)
+		if err != nil {
+			if os.IsNotExist(err) {
+				return nil
+			}
+
+			// Ignore all errors until the first not-exist
+			// we want to continue looking for the file
+			continue
+		}
+
+		dev, inode, err := getLoopbackBackingFile(file)
+		if err == nil && dev == targetDevice && inode == targetInode {
+			return file
+		}
+		file.Close()
+	}
+
+	return nil
+}
diff --git a/pkg/mflag/LICENSE b/pkg/mflag/LICENSE
new file mode 100644
index 00000000..9b4f4a29
--- /dev/null
+++ b/pkg/mflag/LICENSE
@@ -0,0 +1,27 @@
+Copyright (c) 2014-2016 The Docker & Go Authors. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+   * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+   * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+   * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/pkg/mflag/README.md b/pkg/mflag/README.md
new file mode 100644
index 00000000..da00efa3
--- /dev/null
+++ b/pkg/mflag/README.md
@@ -0,0 +1,40 @@
+Package mflag (aka multiple-flag) implements command-line flag parsing.  
+It's an **hacky** fork of the [official golang package](http://golang.org/pkg/flag/)
+
+It adds:
+
+* both short and long flag version  
+`./example -s red` `./example --string blue`
+
+* multiple names for the same option  
+```
+$>./example -h
+Usage of example:
+  -s, --string="": a simple string
+```
+
+___
+It is very flexible on purpose, so you can do things like:  
+```
+$>./example -h
+Usage of example:
+  -s, -string, --string="": a simple string
+```
+
+Or:  
+```
+$>./example -h
+Usage of example:
+  -oldflag, --newflag="": a simple string
+```
+
+You can also hide some flags from the usage, so if we want only `--newflag`:  
+```
+$>./example -h
+Usage of example:
+  --newflag="": a simple string
+$>./example -oldflag str
+str
+```
+
+See [example.go](example/example.go) for more details.
diff --git a/pkg/mflag/example/example.go b/pkg/mflag/example/example.go
new file mode 100644
index 00000000..2e766dd1
--- /dev/null
+++ b/pkg/mflag/example/example.go
@@ -0,0 +1,36 @@
+package main
+
+import (
+	"fmt"
+
+	flag "github.com/docker/docker/pkg/mflag"
+)
+
+var (
+	i        int
+	str      string
+	b, b2, h bool
+)
+
+func init() {
+	flag.Bool([]string{"#hp", "#-halp"}, false, "display the halp")
+	flag.BoolVar(&b, []string{"b", "#bal", "#bol", "-bal"}, false, "a simple bool")
+	flag.BoolVar(&b, []string{"g", "#gil"}, false, "a simple bool")
+	flag.BoolVar(&b2, []string{"#-bool"}, false, "a simple bool")
+	flag.IntVar(&i, []string{"-integer", "-number"}, -1, "a simple integer")
+	flag.StringVar(&str, []string{"s", "#hidden", "-string"}, "", "a simple string") //-s -hidden and --string will work, but -hidden won't be in the usage
+	flag.BoolVar(&h, []string{"h", "#help", "-help"}, false, "display the help")
+	flag.StringVar(&str, []string{"mode"}, "mode1", "set the mode\nmode1: use the mode1\nmode2: use the mode2\nmode3: use the mode3")
+	flag.Parse()
+}
+func main() {
+	if h {
+		flag.PrintDefaults()
+	} else {
+		fmt.Printf("s/#hidden/-string: %s\n", str)
+		fmt.Printf("b: %t\n", b)
+		fmt.Printf("-bool: %t\n", b2)
+		fmt.Printf("s/#hidden/-string(via lookup): %s\n", flag.Lookup("s").Value.String())
+		fmt.Printf("ARGS: %v\n", flag.Args())
+	}
+}
diff --git a/pkg/mflag/flag.go b/pkg/mflag/flag.go
new file mode 100644
index 00000000..e2a0c422
--- /dev/null
+++ b/pkg/mflag/flag.go
@@ -0,0 +1,1280 @@
+// Copyright 2014-2016 The Docker & Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//	Package mflag implements command-line flag parsing.
+//
+//	Usage:
+//
+//	Define flags using flag.String(), Bool(), Int(), etc.
+//
+//	This declares an integer flag, -f or --flagname, stored in the pointer ip, with type *int.
+//		import "flag /github.com/docker/docker/pkg/mflag"
+//		var ip = flag.Int([]string{"f", "-flagname"}, 1234, "help message for flagname")
+//	If you like, you can bind the flag to a variable using the Var() functions.
+//		var flagvar int
+//		func init() {
+//			// -flaghidden will work, but will be hidden from the usage
+//			flag.IntVar(&flagvar, []string{"f", "#flaghidden", "-flagname"}, 1234, "help message for flagname")
+//		}
+//	Or you can create custom flags that satisfy the Value interface (with
+//	pointer receivers) and couple them to flag parsing by
+//		flag.Var(&flagVal, []string{"name"}, "help message for flagname")
+//	For such flags, the default value is just the initial value of the variable.
+//
+//	You can also add "deprecated" flags, they are still usable, but are not shown
+//	in the usage and will display a warning when you try to use them. `#` before
+//	an option means this option is deprecated, if there is an following option
+//	without `#` ahead, then that's the replacement, if not, it will just be removed:
+//		var ip = flag.Int([]string{"#f", "#flagname", "-flagname"}, 1234, "help message for flagname")
+//	this will display: `Warning: '-f' is deprecated, it will be replaced by '--flagname' soon. See usage.` or
+//	this will display: `Warning: '-flagname' is deprecated, it will be replaced by '--flagname' soon. See usage.`
+//		var ip = flag.Int([]string{"f", "#flagname"}, 1234, "help message for flagname")
+//	will display: `Warning: '-flagname' is deprecated, it will be removed soon. See usage.`
+//	so you can only use `-f`.
+//
+//	You can also group one letter flags, bif you declare
+//		var v = flag.Bool([]string{"v", "-verbose"}, false, "help message for verbose")
+//		var s = flag.Bool([]string{"s", "-slow"}, false, "help message for slow")
+//	you will be able to use the -vs or -sv
+//
+//	After all flags are defined, call
+//		flag.Parse()
+//	to parse the command line into the defined flags.
+//
+//	Flags may then be used directly. If you're using the flags themselves,
+//	they are all pointers; if you bind to variables, they're values.
+//		fmt.Println("ip has value ", *ip)
+//		fmt.Println("flagvar has value ", flagvar)
+//
+//	After parsing, the arguments after the flag are available as the
+//	slice flag.Args() or individually as flag.Arg(i).
+//	The arguments are indexed from 0 through flag.NArg()-1.
+//
+//	Command line flag syntax:
+//		-flag
+//		-flag=x
+//		-flag="x"
+//		-flag='x'
+//		-flag x  // non-boolean flags only
+//	One or two minus signs may be used; they are equivalent.
+//	The last form is not permitted for boolean flags because the
+//	meaning of the command
+//		cmd -x *
+//	will change if there is a file called 0, false, etc.  You must
+//	use the -flag=false form to turn off a boolean flag.
+//
+//	Flag parsing stops just before the first non-flag argument
+//	("-" is a non-flag argument) or after the terminator "--".
+//
+//	Integer flags accept 1234, 0664, 0x1234 and may be negative.
+//	Boolean flags may be 1, 0, t, f, true, false, TRUE, FALSE, True, False.
+//	Duration flags accept any input valid for time.ParseDuration.
+//
+//	The default set of command-line flags is controlled by
+//	top-level functions.  The FlagSet type allows one to define
+//	independent sets of flags, such as to implement subcommands
+//	in a command-line interface. The methods of FlagSet are
+//	analogous to the top-level functions for the command-line
+//	flag set.
+
+package mflag
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"os"
+	"runtime"
+	"sort"
+	"strconv"
+	"strings"
+	"text/tabwriter"
+	"time"
+
+	"github.com/docker/docker/pkg/homedir"
+)
+
+// ErrHelp is the error returned if the flag -help is invoked but no such flag is defined.
+var ErrHelp = errors.New("flag: help requested")
+
+// ErrRetry is the error returned if you need to try letter by letter
+var ErrRetry = errors.New("flag: retry")
+
+// -- bool Value
+type boolValue bool
+
+func newBoolValue(val bool, p *bool) *boolValue {
+	*p = val
+	return (*boolValue)(p)
+}
+
+func (b *boolValue) Set(s string) error {
+	v, err := strconv.ParseBool(s)
+	*b = boolValue(v)
+	return err
+}
+
+func (b *boolValue) Get() interface{} { return bool(*b) }
+
+func (b *boolValue) String() string { return fmt.Sprintf("%v", *b) }
+
+func (b *boolValue) IsBoolFlag() bool { return true }
+
+// optional interface to indicate boolean flags that can be
+// supplied without "=value" text
+type boolFlag interface {
+	Value
+	IsBoolFlag() bool
+}
+
+// -- int Value
+type intValue int
+
+func newIntValue(val int, p *int) *intValue {
+	*p = val
+	return (*intValue)(p)
+}
+
+func (i *intValue) Set(s string) error {
+	v, err := strconv.ParseInt(s, 0, 64)
+	*i = intValue(v)
+	return err
+}
+
+func (i *intValue) Get() interface{} { return int(*i) }
+
+func (i *intValue) String() string { return fmt.Sprintf("%v", *i) }
+
+// -- int64 Value
+type int64Value int64
+
+func newInt64Value(val int64, p *int64) *int64Value {
+	*p = val
+	return (*int64Value)(p)
+}
+
+func (i *int64Value) Set(s string) error {
+	v, err := strconv.ParseInt(s, 0, 64)
+	*i = int64Value(v)
+	return err
+}
+
+func (i *int64Value) Get() interface{} { return int64(*i) }
+
+func (i *int64Value) String() string { return fmt.Sprintf("%v", *i) }
+
+// -- uint Value
+type uintValue uint
+
+func newUintValue(val uint, p *uint) *uintValue {
+	*p = val
+	return (*uintValue)(p)
+}
+
+func (i *uintValue) Set(s string) error {
+	v, err := strconv.ParseUint(s, 0, 64)
+	*i = uintValue(v)
+	return err
+}
+
+func (i *uintValue) Get() interface{} { return uint(*i) }
+
+func (i *uintValue) String() string { return fmt.Sprintf("%v", *i) }
+
+// -- uint64 Value
+type uint64Value uint64
+
+func newUint64Value(val uint64, p *uint64) *uint64Value {
+	*p = val
+	return (*uint64Value)(p)
+}
+
+func (i *uint64Value) Set(s string) error {
+	v, err := strconv.ParseUint(s, 0, 64)
+	*i = uint64Value(v)
+	return err
+}
+
+func (i *uint64Value) Get() interface{} { return uint64(*i) }
+
+func (i *uint64Value) String() string { return fmt.Sprintf("%v", *i) }
+
+// -- uint16 Value
+type uint16Value uint16
+
+func newUint16Value(val uint16, p *uint16) *uint16Value {
+	*p = val
+	return (*uint16Value)(p)
+}
+
+func (i *uint16Value) Set(s string) error {
+	v, err := strconv.ParseUint(s, 0, 16)
+	*i = uint16Value(v)
+	return err
+}
+
+func (i *uint16Value) Get() interface{} { return uint16(*i) }
+
+func (i *uint16Value) String() string { return fmt.Sprintf("%v", *i) }
+
+// -- string Value
+type stringValue string
+
+func newStringValue(val string, p *string) *stringValue {
+	*p = val
+	return (*stringValue)(p)
+}
+
+func (s *stringValue) Set(val string) error {
+	*s = stringValue(val)
+	return nil
+}
+
+func (s *stringValue) Get() interface{} { return string(*s) }
+
+func (s *stringValue) String() string { return fmt.Sprintf("%s", *s) }
+
+// -- float64 Value
+type float64Value float64
+
+func newFloat64Value(val float64, p *float64) *float64Value {
+	*p = val
+	return (*float64Value)(p)
+}
+
+func (f *float64Value) Set(s string) error {
+	v, err := strconv.ParseFloat(s, 64)
+	*f = float64Value(v)
+	return err
+}
+
+func (f *float64Value) Get() interface{} { return float64(*f) }
+
+func (f *float64Value) String() string { return fmt.Sprintf("%v", *f) }
+
+// -- time.Duration Value
+type durationValue time.Duration
+
+func newDurationValue(val time.Duration, p *time.Duration) *durationValue {
+	*p = val
+	return (*durationValue)(p)
+}
+
+func (d *durationValue) Set(s string) error {
+	v, err := time.ParseDuration(s)
+	*d = durationValue(v)
+	return err
+}
+
+func (d *durationValue) Get() interface{} { return time.Duration(*d) }
+
+func (d *durationValue) String() string { return (*time.Duration)(d).String() }
+
+// Value is the interface to the dynamic value stored in a flag.
+// (The default value is represented as a string.)
+//
+// If a Value has an IsBoolFlag() bool method returning true,
+// the command-line parser makes -name equivalent to -name=true
+// rather than using the next command-line argument.
+type Value interface {
+	String() string
+	Set(string) error
+}
+
+// Getter is an interface that allows the contents of a Value to be retrieved.
+// It wraps the Value interface, rather than being part of it, because it
+// appeared after Go 1 and its compatibility rules. All Value types provided
+// by this package satisfy the Getter interface.
+type Getter interface {
+	Value
+	Get() interface{}
+}
+
+// ErrorHandling defines how to handle flag parsing errors.
+type ErrorHandling int
+
+// ErrorHandling strategies available when a flag parsing error occurs
+const (
+	ContinueOnError ErrorHandling = iota
+	ExitOnError
+	PanicOnError
+)
+
+// A FlagSet represents a set of defined flags.  The zero value of a FlagSet
+// has no name and has ContinueOnError error handling.
+type FlagSet struct {
+	// Usage is the function called when an error occurs while parsing flags.
+	// The field is a function (not a method) that may be changed to point to
+	// a custom error handler.
+	Usage      func()
+	ShortUsage func()
+
+	name             string
+	parsed           bool
+	actual           map[string]*Flag
+	formal           map[string]*Flag
+	args             []string // arguments after flags
+	errorHandling    ErrorHandling
+	output           io.Writer // nil means stderr; use Out() accessor
+	nArgRequirements []nArgRequirement
+}
+
+// A Flag represents the state of a flag.
+type Flag struct {
+	Names    []string // name as it appears on command line
+	Usage    string   // help message
+	Value    Value    // value as set
+	DefValue string   // default value (as text); for usage message
+}
+
+type flagSlice []string
+
+func (p flagSlice) Len() int { return len(p) }
+func (p flagSlice) Less(i, j int) bool {
+	pi, pj := strings.TrimPrefix(p[i], "-"), strings.TrimPrefix(p[j], "-")
+	lpi, lpj := strings.ToLower(pi), strings.ToLower(pj)
+	if lpi != lpj {
+		return lpi < lpj
+	}
+	return pi < pj
+}
+func (p flagSlice) Swap(i, j int) { p[i], p[j] = p[j], p[i] }
+
+// sortFlags returns the flags as a slice in lexicographical sorted order.
+func sortFlags(flags map[string]*Flag) []*Flag {
+	var list flagSlice
+
+	// The sorted list is based on the first name, when flag map might use the other names.
+	nameMap := make(map[string]string)
+
+	for n, f := range flags {
+		fName := strings.TrimPrefix(f.Names[0], "#")
+		nameMap[fName] = n
+		if len(f.Names) == 1 {
+			list = append(list, fName)
+			continue
+		}
+
+		found := false
+		for _, name := range list {
+			if name == fName {
+				found = true
+				break
+			}
+		}
+		if !found {
+			list = append(list, fName)
+		}
+	}
+	sort.Sort(list)
+	result := make([]*Flag, len(list))
+	for i, name := range list {
+		result[i] = flags[nameMap[name]]
+	}
+	return result
+}
+
+// Name returns the name of the FlagSet.
+func (fs *FlagSet) Name() string {
+	return fs.name
+}
+
+// Out returns the destination for usage and error messages.
+func (fs *FlagSet) Out() io.Writer {
+	if fs.output == nil {
+		return os.Stderr
+	}
+	return fs.output
+}
+
+// SetOutput sets the destination for usage and error messages.
+// If output is nil, os.Stderr is used.
+func (fs *FlagSet) SetOutput(output io.Writer) {
+	fs.output = output
+}
+
+// VisitAll visits the flags in lexicographical order, calling fn for each.
+// It visits all flags, even those not set.
+func (fs *FlagSet) VisitAll(fn func(*Flag)) {
+	for _, flag := range sortFlags(fs.formal) {
+		fn(flag)
+	}
+}
+
+// VisitAll visits the command-line flags in lexicographical order, calling
+// fn for each.  It visits all flags, even those not set.
+func VisitAll(fn func(*Flag)) {
+	CommandLine.VisitAll(fn)
+}
+
+// Visit visits the flags in lexicographical order, calling fn for each.
+// It visits only those flags that have been set.
+func (fs *FlagSet) Visit(fn func(*Flag)) {
+	for _, flag := range sortFlags(fs.actual) {
+		fn(flag)
+	}
+}
+
+// Visit visits the command-line flags in lexicographical order, calling fn
+// for each.  It visits only those flags that have been set.
+func Visit(fn func(*Flag)) {
+	CommandLine.Visit(fn)
+}
+
+// Lookup returns the Flag structure of the named flag, returning nil if none exists.
+func (fs *FlagSet) Lookup(name string) *Flag {
+	return fs.formal[name]
+}
+
+// IsSet indicates whether the specified flag is set in the given FlagSet
+func (fs *FlagSet) IsSet(name string) bool {
+	return fs.actual[name] != nil
+}
+
+// Lookup returns the Flag structure of the named command-line flag,
+// returning nil if none exists.
+func Lookup(name string) *Flag {
+	return CommandLine.formal[name]
+}
+
+// IsSet indicates whether the specified flag was specified at all on the cmd line.
+func IsSet(name string) bool {
+	return CommandLine.IsSet(name)
+}
+
+type nArgRequirementType int
+
+// Indicator used to pass to BadArgs function
+const (
+	Exact nArgRequirementType = iota
+	Max
+	Min
+)
+
+type nArgRequirement struct {
+	Type nArgRequirementType
+	N    int
+}
+
+// Require adds a requirement about the number of arguments for the FlagSet.
+// The first parameter can be Exact, Max, or Min to respectively specify the exact,
+// the maximum, or the minimal number of arguments required.
+// The actual check is done in FlagSet.CheckArgs().
+func (fs *FlagSet) Require(nArgRequirementType nArgRequirementType, nArg int) {
+	fs.nArgRequirements = append(fs.nArgRequirements, nArgRequirement{nArgRequirementType, nArg})
+}
+
+// CheckArgs uses the requirements set by FlagSet.Require() to validate
+// the number of arguments. If the requirements are not met,
+// an error message string is returned.
+func (fs *FlagSet) CheckArgs() (message string) {
+	for _, req := range fs.nArgRequirements {
+		var arguments string
+		if req.N == 1 {
+			arguments = "1 argument"
+		} else {
+			arguments = fmt.Sprintf("%d arguments", req.N)
+		}
+
+		str := func(kind string) string {
+			return fmt.Sprintf("%q requires %s%s", fs.name, kind, arguments)
+		}
+
+		switch req.Type {
+		case Exact:
+			if fs.NArg() != req.N {
+				return str("")
+			}
+		case Max:
+			if fs.NArg() > req.N {
+				return str("a maximum of ")
+			}
+		case Min:
+			if fs.NArg() < req.N {
+				return str("a minimum of ")
+			}
+		}
+	}
+	return ""
+}
+
+// Set sets the value of the named flag.
+func (fs *FlagSet) Set(name, value string) error {
+	flag, ok := fs.formal[name]
+	if !ok {
+		return fmt.Errorf("no such flag -%v", name)
+	}
+	if err := flag.Value.Set(value); err != nil {
+		return err
+	}
+	if fs.actual == nil {
+		fs.actual = make(map[string]*Flag)
+	}
+	fs.actual[name] = flag
+	return nil
+}
+
+// Set sets the value of the named command-line flag.
+func Set(name, value string) error {
+	return CommandLine.Set(name, value)
+}
+
+// isZeroValue guesses whether the string represents the zero
+// value for a flag. It is not accurate but in practice works OK.
+func isZeroValue(value string) bool {
+	switch value {
+	case "false":
+		return true
+	case "":
+		return true
+	case "0":
+		return true
+	}
+	return false
+}
+
+// PrintDefaults prints, to standard error unless configured
+// otherwise, the default values of all defined flags in the set.
+func (fs *FlagSet) PrintDefaults() {
+	writer := tabwriter.NewWriter(fs.Out(), 20, 1, 3, ' ', 0)
+	home := homedir.Get()
+
+	// Don't substitute when HOME is /
+	if runtime.GOOS != "windows" && home == "/" {
+		home = ""
+	}
+
+	// Add a blank line between cmd description and list of options
+	if fs.FlagCount() > 0 {
+		fmt.Fprintln(writer, "")
+	}
+
+	fs.VisitAll(func(flag *Flag) {
+		names := []string{}
+		for _, name := range flag.Names {
+			if name[0] != '#' {
+				names = append(names, name)
+			}
+		}
+		if len(names) > 0 && len(flag.Usage) > 0 {
+			val := flag.DefValue
+
+			if home != "" && strings.HasPrefix(val, home) {
+				val = homedir.GetShortcutString() + val[len(home):]
+			}
+
+			if isZeroValue(val) {
+				format := "  -%s"
+				fmt.Fprintf(writer, format, strings.Join(names, ", -"))
+			} else {
+				format := "  -%s=%s"
+				fmt.Fprintf(writer, format, strings.Join(names, ", -"), val)
+			}
+			for _, line := range strings.Split(flag.Usage, "\n") {
+				fmt.Fprintln(writer, "\t", line)
+			}
+		}
+	})
+	writer.Flush()
+}
+
+// PrintDefaults prints to standard error the default values of all defined command-line flags.
+func PrintDefaults() {
+	CommandLine.PrintDefaults()
+}
+
+// defaultUsage is the default function to print a usage message.
+func defaultUsage(fs *FlagSet) {
+	if fs.name == "" {
+		fmt.Fprintf(fs.Out(), "Usage:\n")
+	} else {
+		fmt.Fprintf(fs.Out(), "Usage of %s:\n", fs.name)
+	}
+	fs.PrintDefaults()
+}
+
+// NOTE: Usage is not just defaultUsage(CommandLine)
+// because it serves (via godoc flag Usage) as the example
+// for how to write your own usage function.
+
+// Usage prints to standard error a usage message documenting all defined command-line flags.
+// The function is a variable that may be changed to point to a custom function.
+var Usage = func() {
+	fmt.Fprintf(CommandLine.Out(), "Usage of %s:\n", os.Args[0])
+	PrintDefaults()
+}
+
+// ShortUsage prints to standard error a usage message documenting the standard command layout
+// The function is a variable that may be changed to point to a custom function.
+var ShortUsage = func() {
+	fmt.Fprintf(CommandLine.output, "Usage of %s:\n", os.Args[0])
+}
+
+// FlagCount returns the number of flags that have been defined.
+func (fs *FlagSet) FlagCount() int { return len(sortFlags(fs.formal)) }
+
+// FlagCountUndeprecated returns the number of undeprecated flags that have been defined.
+func (fs *FlagSet) FlagCountUndeprecated() int {
+	count := 0
+	for _, flag := range sortFlags(fs.formal) {
+		for _, name := range flag.Names {
+			if name[0] != '#' {
+				count++
+				break
+			}
+		}
+	}
+	return count
+}
+
+// NFlag returns the number of flags that have been set.
+func (fs *FlagSet) NFlag() int { return len(fs.actual) }
+
+// NFlag returns the number of command-line flags that have been set.
+func NFlag() int { return len(CommandLine.actual) }
+
+// Arg returns the i'th argument.  Arg(0) is the first remaining argument
+// after flags have been processed.
+func (fs *FlagSet) Arg(i int) string {
+	if i < 0 || i >= len(fs.args) {
+		return ""
+	}
+	return fs.args[i]
+}
+
+// Arg returns the i'th command-line argument.  Arg(0) is the first remaining argument
+// after flags have been processed.
+func Arg(i int) string {
+	return CommandLine.Arg(i)
+}
+
+// NArg is the number of arguments remaining after flags have been processed.
+func (fs *FlagSet) NArg() int { return len(fs.args) }
+
+// NArg is the number of arguments remaining after flags have been processed.
+func NArg() int { return len(CommandLine.args) }
+
+// Args returns the non-flag arguments.
+func (fs *FlagSet) Args() []string { return fs.args }
+
+// Args returns the non-flag command-line arguments.
+func Args() []string { return CommandLine.args }
+
+// BoolVar defines a bool flag with specified name, default value, and usage string.
+// The argument p points to a bool variable in which to store the value of the flag.
+func (fs *FlagSet) BoolVar(p *bool, names []string, value bool, usage string) {
+	fs.Var(newBoolValue(value, p), names, usage)
+}
+
+// BoolVar defines a bool flag with specified name, default value, and usage string.
+// The argument p points to a bool variable in which to store the value of the flag.
+func BoolVar(p *bool, names []string, value bool, usage string) {
+	CommandLine.Var(newBoolValue(value, p), names, usage)
+}
+
+// Bool defines a bool flag with specified name, default value, and usage string.
+// The return value is the address of a bool variable that stores the value of the flag.
+func (fs *FlagSet) Bool(names []string, value bool, usage string) *bool {
+	p := new(bool)
+	fs.BoolVar(p, names, value, usage)
+	return p
+}
+
+// Bool defines a bool flag with specified name, default value, and usage string.
+// The return value is the address of a bool variable that stores the value of the flag.
+func Bool(names []string, value bool, usage string) *bool {
+	return CommandLine.Bool(names, value, usage)
+}
+
+// IntVar defines an int flag with specified name, default value, and usage string.
+// The argument p points to an int variable in which to store the value of the flag.
+func (fs *FlagSet) IntVar(p *int, names []string, value int, usage string) {
+	fs.Var(newIntValue(value, p), names, usage)
+}
+
+// IntVar defines an int flag with specified name, default value, and usage string.
+// The argument p points to an int variable in which to store the value of the flag.
+func IntVar(p *int, names []string, value int, usage string) {
+	CommandLine.Var(newIntValue(value, p), names, usage)
+}
+
+// Int defines an int flag with specified name, default value, and usage string.
+// The return value is the address of an int variable that stores the value of the flag.
+func (fs *FlagSet) Int(names []string, value int, usage string) *int {
+	p := new(int)
+	fs.IntVar(p, names, value, usage)
+	return p
+}
+
+// Int defines an int flag with specified name, default value, and usage string.
+// The return value is the address of an int variable that stores the value of the flag.
+func Int(names []string, value int, usage string) *int {
+	return CommandLine.Int(names, value, usage)
+}
+
+// Int64Var defines an int64 flag with specified name, default value, and usage string.
+// The argument p points to an int64 variable in which to store the value of the flag.
+func (fs *FlagSet) Int64Var(p *int64, names []string, value int64, usage string) {
+	fs.Var(newInt64Value(value, p), names, usage)
+}
+
+// Int64Var defines an int64 flag with specified name, default value, and usage string.
+// The argument p points to an int64 variable in which to store the value of the flag.
+func Int64Var(p *int64, names []string, value int64, usage string) {
+	CommandLine.Var(newInt64Value(value, p), names, usage)
+}
+
+// Int64 defines an int64 flag with specified name, default value, and usage string.
+// The return value is the address of an int64 variable that stores the value of the flag.
+func (fs *FlagSet) Int64(names []string, value int64, usage string) *int64 {
+	p := new(int64)
+	fs.Int64Var(p, names, value, usage)
+	return p
+}
+
+// Int64 defines an int64 flag with specified name, default value, and usage string.
+// The return value is the address of an int64 variable that stores the value of the flag.
+func Int64(names []string, value int64, usage string) *int64 {
+	return CommandLine.Int64(names, value, usage)
+}
+
+// UintVar defines a uint flag with specified name, default value, and usage string.
+// The argument p points to a uint variable in which to store the value of the flag.
+func (fs *FlagSet) UintVar(p *uint, names []string, value uint, usage string) {
+	fs.Var(newUintValue(value, p), names, usage)
+}
+
+// UintVar defines a uint flag with specified name, default value, and usage string.
+// The argument p points to a uint  variable in which to store the value of the flag.
+func UintVar(p *uint, names []string, value uint, usage string) {
+	CommandLine.Var(newUintValue(value, p), names, usage)
+}
+
+// Uint defines a uint flag with specified name, default value, and usage string.
+// The return value is the address of a uint  variable that stores the value of the flag.
+func (fs *FlagSet) Uint(names []string, value uint, usage string) *uint {
+	p := new(uint)
+	fs.UintVar(p, names, value, usage)
+	return p
+}
+
+// Uint defines a uint flag with specified name, default value, and usage string.
+// The return value is the address of a uint  variable that stores the value of the flag.
+func Uint(names []string, value uint, usage string) *uint {
+	return CommandLine.Uint(names, value, usage)
+}
+
+// Uint64Var defines a uint64 flag with specified name, default value, and usage string.
+// The argument p points to a uint64 variable in which to store the value of the flag.
+func (fs *FlagSet) Uint64Var(p *uint64, names []string, value uint64, usage string) {
+	fs.Var(newUint64Value(value, p), names, usage)
+}
+
+// Uint64Var defines a uint64 flag with specified name, default value, and usage string.
+// The argument p points to a uint64 variable in which to store the value of the flag.
+func Uint64Var(p *uint64, names []string, value uint64, usage string) {
+	CommandLine.Var(newUint64Value(value, p), names, usage)
+}
+
+// Uint64 defines a uint64 flag with specified name, default value, and usage string.
+// The return value is the address of a uint64 variable that stores the value of the flag.
+func (fs *FlagSet) Uint64(names []string, value uint64, usage string) *uint64 {
+	p := new(uint64)
+	fs.Uint64Var(p, names, value, usage)
+	return p
+}
+
+// Uint64 defines a uint64 flag with specified name, default value, and usage string.
+// The return value is the address of a uint64 variable that stores the value of the flag.
+func Uint64(names []string, value uint64, usage string) *uint64 {
+	return CommandLine.Uint64(names, value, usage)
+}
+
+// Uint16Var defines a uint16 flag with specified name, default value, and usage string.
+// The argument p points to a uint16 variable in which to store the value of the flag.
+func (fs *FlagSet) Uint16Var(p *uint16, names []string, value uint16, usage string) {
+	fs.Var(newUint16Value(value, p), names, usage)
+}
+
+// Uint16Var defines a uint16 flag with specified name, default value, and usage string.
+// The argument p points to a uint16 variable in which to store the value of the flag.
+func Uint16Var(p *uint16, names []string, value uint16, usage string) {
+	CommandLine.Var(newUint16Value(value, p), names, usage)
+}
+
+// Uint16 defines a uint16 flag with specified name, default value, and usage string.
+// The return value is the address of a uint16 variable that stores the value of the flag.
+func (fs *FlagSet) Uint16(names []string, value uint16, usage string) *uint16 {
+	p := new(uint16)
+	fs.Uint16Var(p, names, value, usage)
+	return p
+}
+
+// Uint16 defines a uint16 flag with specified name, default value, and usage string.
+// The return value is the address of a uint16 variable that stores the value of the flag.
+func Uint16(names []string, value uint16, usage string) *uint16 {
+	return CommandLine.Uint16(names, value, usage)
+}
+
+// StringVar defines a string flag with specified name, default value, and usage string.
+// The argument p points to a string variable in which to store the value of the flag.
+func (fs *FlagSet) StringVar(p *string, names []string, value string, usage string) {
+	fs.Var(newStringValue(value, p), names, usage)
+}
+
+// StringVar defines a string flag with specified name, default value, and usage string.
+// The argument p points to a string variable in which to store the value of the flag.
+func StringVar(p *string, names []string, value string, usage string) {
+	CommandLine.Var(newStringValue(value, p), names, usage)
+}
+
+// String defines a string flag with specified name, default value, and usage string.
+// The return value is the address of a string variable that stores the value of the flag.
+func (fs *FlagSet) String(names []string, value string, usage string) *string {
+	p := new(string)
+	fs.StringVar(p, names, value, usage)
+	return p
+}
+
+// String defines a string flag with specified name, default value, and usage string.
+// The return value is the address of a string variable that stores the value of the flag.
+func String(names []string, value string, usage string) *string {
+	return CommandLine.String(names, value, usage)
+}
+
+// Float64Var defines a float64 flag with specified name, default value, and usage string.
+// The argument p points to a float64 variable in which to store the value of the flag.
+func (fs *FlagSet) Float64Var(p *float64, names []string, value float64, usage string) {
+	fs.Var(newFloat64Value(value, p), names, usage)
+}
+
+// Float64Var defines a float64 flag with specified name, default value, and usage string.
+// The argument p points to a float64 variable in which to store the value of the flag.
+func Float64Var(p *float64, names []string, value float64, usage string) {
+	CommandLine.Var(newFloat64Value(value, p), names, usage)
+}
+
+// Float64 defines a float64 flag with specified name, default value, and usage string.
+// The return value is the address of a float64 variable that stores the value of the flag.
+func (fs *FlagSet) Float64(names []string, value float64, usage string) *float64 {
+	p := new(float64)
+	fs.Float64Var(p, names, value, usage)
+	return p
+}
+
+// Float64 defines a float64 flag with specified name, default value, and usage string.
+// The return value is the address of a float64 variable that stores the value of the flag.
+func Float64(names []string, value float64, usage string) *float64 {
+	return CommandLine.Float64(names, value, usage)
+}
+
+// DurationVar defines a time.Duration flag with specified name, default value, and usage string.
+// The argument p points to a time.Duration variable in which to store the value of the flag.
+func (fs *FlagSet) DurationVar(p *time.Duration, names []string, value time.Duration, usage string) {
+	fs.Var(newDurationValue(value, p), names, usage)
+}
+
+// DurationVar defines a time.Duration flag with specified name, default value, and usage string.
+// The argument p points to a time.Duration variable in which to store the value of the flag.
+func DurationVar(p *time.Duration, names []string, value time.Duration, usage string) {
+	CommandLine.Var(newDurationValue(value, p), names, usage)
+}
+
+// Duration defines a time.Duration flag with specified name, default value, and usage string.
+// The return value is the address of a time.Duration variable that stores the value of the flag.
+func (fs *FlagSet) Duration(names []string, value time.Duration, usage string) *time.Duration {
+	p := new(time.Duration)
+	fs.DurationVar(p, names, value, usage)
+	return p
+}
+
+// Duration defines a time.Duration flag with specified name, default value, and usage string.
+// The return value is the address of a time.Duration variable that stores the value of the flag.
+func Duration(names []string, value time.Duration, usage string) *time.Duration {
+	return CommandLine.Duration(names, value, usage)
+}
+
+// Var defines a flag with the specified name and usage string. The type and
+// value of the flag are represented by the first argument, of type Value, which
+// typically holds a user-defined implementation of Value. For instance, the
+// caller could create a flag that turns a comma-separated string into a slice
+// of strings by giving the slice the methods of Value; in particular, Set would
+// decompose the comma-separated string into the slice.
+func (fs *FlagSet) Var(value Value, names []string, usage string) {
+	// Remember the default value as a string; it won't change.
+	flag := &Flag{names, usage, value, value.String()}
+	for _, name := range names {
+		name = strings.TrimPrefix(name, "#")
+		_, alreadythere := fs.formal[name]
+		if alreadythere {
+			var msg string
+			if fs.name == "" {
+				msg = fmt.Sprintf("flag redefined: %s", name)
+			} else {
+				msg = fmt.Sprintf("%s flag redefined: %s", fs.name, name)
+			}
+			fmt.Fprintln(fs.Out(), msg)
+			panic(msg) // Happens only if flags are declared with identical names
+		}
+		if fs.formal == nil {
+			fs.formal = make(map[string]*Flag)
+		}
+		fs.formal[name] = flag
+	}
+}
+
+// Var defines a flag with the specified name and usage string. The type and
+// value of the flag are represented by the first argument, of type Value, which
+// typically holds a user-defined implementation of Value. For instance, the
+// caller could create a flag that turns a comma-separated string into a slice
+// of strings by giving the slice the methods of Value; in particular, Set would
+// decompose the comma-separated string into the slice.
+func Var(value Value, names []string, usage string) {
+	CommandLine.Var(value, names, usage)
+}
+
+// failf prints to standard error a formatted error and usage message and
+// returns the error.
+func (fs *FlagSet) failf(format string, a ...interface{}) error {
+	err := fmt.Errorf(format, a...)
+	fmt.Fprintln(fs.Out(), err)
+	if os.Args[0] == fs.name {
+		fmt.Fprintf(fs.Out(), "See '%s --help'.\n", os.Args[0])
+	} else {
+		fmt.Fprintf(fs.Out(), "See '%s %s --help'.\n", os.Args[0], fs.name)
+	}
+	return err
+}
+
+// usage calls the Usage method for the flag set, or the usage function if
+// the flag set is CommandLine.
+func (fs *FlagSet) usage() {
+	if fs == CommandLine {
+		Usage()
+	} else if fs.Usage == nil {
+		defaultUsage(fs)
+	} else {
+		fs.Usage()
+	}
+}
+
+func trimQuotes(str string) string {
+	if len(str) == 0 {
+		return str
+	}
+	type quote struct {
+		start, end byte
+	}
+
+	// All valid quote types.
+	quotes := []quote{
+		// Double quotes
+		{
+			start: '"',
+			end:   '"',
+		},
+
+		// Single quotes
+		{
+			start: '\'',
+			end:   '\'',
+		},
+	}
+
+	for _, quote := range quotes {
+		// Only strip if outermost match.
+		if str[0] == quote.start && str[len(str)-1] == quote.end {
+			str = str[1 : len(str)-1]
+			break
+		}
+	}
+
+	return str
+}
+
+// parseOne parses one flag. It reports whether a flag was seen.
+func (fs *FlagSet) parseOne() (bool, string, error) {
+	if len(fs.args) == 0 {
+		return false, "", nil
+	}
+	s := fs.args[0]
+	if len(s) == 0 || s[0] != '-' || len(s) == 1 {
+		return false, "", nil
+	}
+	if s[1] == '-' && len(s) == 2 { // "--" terminates the flags
+		fs.args = fs.args[1:]
+		return false, "", nil
+	}
+	name := s[1:]
+	if len(name) == 0 || name[0] == '=' {
+		return false, "", fs.failf("bad flag syntax: %s", s)
+	}
+
+	// it's a flag. does it have an argument?
+	fs.args = fs.args[1:]
+	hasValue := false
+	value := ""
+	if i := strings.Index(name, "="); i != -1 {
+		value = trimQuotes(name[i+1:])
+		hasValue = true
+		name = name[:i]
+	}
+
+	m := fs.formal
+	flag, alreadythere := m[name] // BUG
+	if !alreadythere {
+		if name == "-help" || name == "help" || name == "h" { // special case for nice help message.
+			fs.usage()
+			return false, "", ErrHelp
+		}
+		if len(name) > 0 && name[0] == '-' {
+			return false, "", fs.failf("flag provided but not defined: -%s", name)
+		}
+		return false, name, ErrRetry
+	}
+	if fv, ok := flag.Value.(boolFlag); ok && fv.IsBoolFlag() { // special case: doesn't need an arg
+		if hasValue {
+			if err := fv.Set(value); err != nil {
+				return false, "", fs.failf("invalid boolean value %q for  -%s: %v", value, name, err)
+			}
+		} else {
+			fv.Set("true")
+		}
+	} else {
+		// It must have a value, which might be the next argument.
+		if !hasValue && len(fs.args) > 0 {
+			// value is the next arg
+			hasValue = true
+			value, fs.args = fs.args[0], fs.args[1:]
+		}
+		if !hasValue {
+			return false, "", fs.failf("flag needs an argument: -%s", name)
+		}
+		if err := flag.Value.Set(value); err != nil {
+			return false, "", fs.failf("invalid value %q for flag -%s: %v", value, name, err)
+		}
+	}
+	if fs.actual == nil {
+		fs.actual = make(map[string]*Flag)
+	}
+	fs.actual[name] = flag
+	for i, n := range flag.Names {
+		if n == fmt.Sprintf("#%s", name) {
+			replacement := ""
+			for j := i; j < len(flag.Names); j++ {
+				if flag.Names[j][0] != '#' {
+					replacement = flag.Names[j]
+					break
+				}
+			}
+			if replacement != "" {
+				fmt.Fprintf(fs.Out(), "Warning: '-%s' is deprecated, it will be replaced by '-%s' soon. See usage.\n", name, replacement)
+			} else {
+				fmt.Fprintf(fs.Out(), "Warning: '-%s' is deprecated, it will be removed soon. See usage.\n", name)
+			}
+		}
+	}
+	return true, "", nil
+}
+
+// Parse parses flag definitions from the argument list, which should not
+// include the command name.  Must be called after all flags in the FlagSet
+// are defined and before flags are accessed by the program.
+// The return value will be ErrHelp if -help was set but not defined.
+func (fs *FlagSet) Parse(arguments []string) error {
+	fs.parsed = true
+	fs.args = arguments
+	for {
+		seen, name, err := fs.parseOne()
+		if seen {
+			continue
+		}
+		if err == nil {
+			break
+		}
+		if err == ErrRetry {
+			if len(name) > 1 {
+				err = nil
+				for _, letter := range strings.Split(name, "") {
+					fs.args = append([]string{"-" + letter}, fs.args...)
+					seen2, _, err2 := fs.parseOne()
+					if seen2 {
+						continue
+					}
+					if err2 != nil {
+						err = fs.failf("flag provided but not defined: -%s", name)
+						break
+					}
+				}
+				if err == nil {
+					continue
+				}
+			} else {
+				err = fs.failf("flag provided but not defined: -%s", name)
+			}
+		}
+		switch fs.errorHandling {
+		case ContinueOnError:
+			return err
+		case ExitOnError:
+			os.Exit(125)
+		case PanicOnError:
+			panic(err)
+		}
+	}
+	return nil
+}
+
+// ParseFlags is a utility function that adds a help flag if withHelp is true,
+// calls fs.Parse(args) and prints a relevant error message if there are
+// incorrect number of arguments. It returns error only if error handling is
+// set to ContinueOnError and parsing fails. If error handling is set to
+// ExitOnError, it's safe to ignore the return value.
+func (fs *FlagSet) ParseFlags(args []string, withHelp bool) error {
+	var help *bool
+	if withHelp {
+		help = fs.Bool([]string{"#help", "-help"}, false, "Print usage")
+	}
+	if err := fs.Parse(args); err != nil {
+		return err
+	}
+	if help != nil && *help {
+		fs.SetOutput(os.Stdout)
+		fs.Usage()
+		os.Exit(0)
+	}
+	if str := fs.CheckArgs(); str != "" {
+		fs.SetOutput(os.Stderr)
+		fs.ReportError(str, withHelp)
+		fs.ShortUsage()
+		os.Exit(1)
+	}
+	return nil
+}
+
+// ReportError is a utility method that prints a user-friendly message
+// containing the error that occurred during parsing and a suggestion to get help
+func (fs *FlagSet) ReportError(str string, withHelp bool) {
+	if withHelp {
+		if os.Args[0] == fs.Name() {
+			str += ".\nSee '" + os.Args[0] + " --help'"
+		} else {
+			str += ".\nSee '" + os.Args[0] + " " + fs.Name() + " --help'"
+		}
+	}
+	fmt.Fprintf(fs.Out(), "%s: %s.\n", os.Args[0], str)
+}
+
+// Parsed reports whether fs.Parse has been called.
+func (fs *FlagSet) Parsed() bool {
+	return fs.parsed
+}
+
+// Parse parses the command-line flags from os.Args[1:].  Must be called
+// after all flags are defined and before flags are accessed by the program.
+func Parse() {
+	// Ignore errors; CommandLine is set for ExitOnError.
+	CommandLine.Parse(os.Args[1:])
+}
+
+// Parsed returns true if the command-line flags have been parsed.
+func Parsed() bool {
+	return CommandLine.Parsed()
+}
+
+// CommandLine is the default set of command-line flags, parsed from os.Args.
+// The top-level functions such as BoolVar, Arg, and on are wrappers for the
+// methods of CommandLine.
+var CommandLine = NewFlagSet(os.Args[0], ExitOnError)
+
+// NewFlagSet returns a new, empty flag set with the specified name and
+// error handling property.
+func NewFlagSet(name string, errorHandling ErrorHandling) *FlagSet {
+	f := &FlagSet{
+		name:          name,
+		errorHandling: errorHandling,
+	}
+	return f
+}
+
+// Init sets the name and error handling property for a flag set.
+// By default, the zero FlagSet uses an empty name and the
+// ContinueOnError error handling policy.
+func (fs *FlagSet) Init(name string, errorHandling ErrorHandling) {
+	fs.name = name
+	fs.errorHandling = errorHandling
+}
+
+type mergeVal struct {
+	Value
+	key  string
+	fset *FlagSet
+}
+
+func (v mergeVal) Set(s string) error {
+	return v.fset.Set(v.key, s)
+}
+
+func (v mergeVal) IsBoolFlag() bool {
+	if b, ok := v.Value.(boolFlag); ok {
+		return b.IsBoolFlag()
+	}
+	return false
+}
+
+// Name returns the name of a mergeVal.
+// If the original value had a name, return the original name,
+// otherwise, return the key asinged to this mergeVal.
+func (v mergeVal) Name() string {
+	type namedValue interface {
+		Name() string
+	}
+	if nVal, ok := v.Value.(namedValue); ok {
+		return nVal.Name()
+	}
+	return v.key
+}
+
+// Merge is an helper function that merges n FlagSets into a single dest FlagSet
+// In case of name collision between the flagsets it will apply
+// the destination FlagSet's errorHandling behavior.
+func Merge(dest *FlagSet, flagsets ...*FlagSet) error {
+	for _, fset := range flagsets {
+		if fset.formal == nil {
+			continue
+		}
+		for k, f := range fset.formal {
+			if _, ok := dest.formal[k]; ok {
+				var err error
+				if fset.name == "" {
+					err = fmt.Errorf("flag redefined: %s", k)
+				} else {
+					err = fmt.Errorf("%s flag redefined: %s", fset.name, k)
+				}
+				fmt.Fprintln(fset.Out(), err.Error())
+				// Happens only if flags are declared with identical names
+				switch dest.errorHandling {
+				case ContinueOnError:
+					return err
+				case ExitOnError:
+					os.Exit(2)
+				case PanicOnError:
+					panic(err)
+				}
+			}
+			newF := *f
+			newF.Value = mergeVal{f.Value, k, fset}
+			if dest.formal == nil {
+				dest.formal = make(map[string]*Flag)
+			}
+			dest.formal[k] = &newF
+		}
+	}
+	return nil
+}
+
+// IsEmpty reports if the FlagSet is actually empty.
+func (fs *FlagSet) IsEmpty() bool {
+	return len(fs.actual) == 0
+}
diff --git a/pkg/mflag/flag_test.go b/pkg/mflag/flag_test.go
new file mode 100644
index 00000000..13835554
--- /dev/null
+++ b/pkg/mflag/flag_test.go
@@ -0,0 +1,527 @@
+// Copyright 2014-2016 The Docker & Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package mflag
+
+import (
+	"bytes"
+	"fmt"
+	"os"
+	"sort"
+	"strings"
+	"testing"
+	"time"
+)
+
+// ResetForTesting clears all flag state and sets the usage function as directed.
+// After calling ResetForTesting, parse errors in flag handling will not
+// exit the program.
+func ResetForTesting(usage func()) {
+	CommandLine = NewFlagSet(os.Args[0], ContinueOnError)
+	Usage = usage
+}
+func boolString(s string) string {
+	if s == "0" {
+		return "false"
+	}
+	return "true"
+}
+
+func TestEverything(t *testing.T) {
+	ResetForTesting(nil)
+	Bool([]string{"test_bool"}, false, "bool value")
+	Int([]string{"test_int"}, 0, "int value")
+	Int64([]string{"test_int64"}, 0, "int64 value")
+	Uint([]string{"test_uint"}, 0, "uint value")
+	Uint64([]string{"test_uint64"}, 0, "uint64 value")
+	String([]string{"test_string"}, "0", "string value")
+	Float64([]string{"test_float64"}, 0, "float64 value")
+	Duration([]string{"test_duration"}, 0, "time.Duration value")
+
+	m := make(map[string]*Flag)
+	desired := "0"
+	visitor := func(f *Flag) {
+		for _, name := range f.Names {
+			if len(name) > 5 && name[0:5] == "test_" {
+				m[name] = f
+				ok := false
+				switch {
+				case f.Value.String() == desired:
+					ok = true
+				case name == "test_bool" && f.Value.String() == boolString(desired):
+					ok = true
+				case name == "test_duration" && f.Value.String() == desired+"s":
+					ok = true
+				}
+				if !ok {
+					t.Error("Visit: bad value", f.Value.String(), "for", name)
+				}
+			}
+		}
+	}
+	VisitAll(visitor)
+	if len(m) != 8 {
+		t.Error("VisitAll misses some flags")
+		for k, v := range m {
+			t.Log(k, *v)
+		}
+	}
+	m = make(map[string]*Flag)
+	Visit(visitor)
+	if len(m) != 0 {
+		t.Errorf("Visit sees unset flags")
+		for k, v := range m {
+			t.Log(k, *v)
+		}
+	}
+	// Now set all flags
+	Set("test_bool", "true")
+	Set("test_int", "1")
+	Set("test_int64", "1")
+	Set("test_uint", "1")
+	Set("test_uint64", "1")
+	Set("test_string", "1")
+	Set("test_float64", "1")
+	Set("test_duration", "1s")
+	desired = "1"
+	Visit(visitor)
+	if len(m) != 8 {
+		t.Error("Visit fails after set")
+		for k, v := range m {
+			t.Log(k, *v)
+		}
+	}
+	// Now test they're visited in sort order.
+	var flagNames []string
+	Visit(func(f *Flag) {
+		for _, name := range f.Names {
+			flagNames = append(flagNames, name)
+		}
+	})
+	if !sort.StringsAreSorted(flagNames) {
+		t.Errorf("flag names not sorted: %v", flagNames)
+	}
+}
+
+func TestGet(t *testing.T) {
+	ResetForTesting(nil)
+	Bool([]string{"test_bool"}, true, "bool value")
+	Int([]string{"test_int"}, 1, "int value")
+	Int64([]string{"test_int64"}, 2, "int64 value")
+	Uint([]string{"test_uint"}, 3, "uint value")
+	Uint64([]string{"test_uint64"}, 4, "uint64 value")
+	String([]string{"test_string"}, "5", "string value")
+	Float64([]string{"test_float64"}, 6, "float64 value")
+	Duration([]string{"test_duration"}, 7, "time.Duration value")
+
+	visitor := func(f *Flag) {
+		for _, name := range f.Names {
+			if len(name) > 5 && name[0:5] == "test_" {
+				g, ok := f.Value.(Getter)
+				if !ok {
+					t.Errorf("Visit: value does not satisfy Getter: %T", f.Value)
+					return
+				}
+				switch name {
+				case "test_bool":
+					ok = g.Get() == true
+				case "test_int":
+					ok = g.Get() == int(1)
+				case "test_int64":
+					ok = g.Get() == int64(2)
+				case "test_uint":
+					ok = g.Get() == uint(3)
+				case "test_uint64":
+					ok = g.Get() == uint64(4)
+				case "test_string":
+					ok = g.Get() == "5"
+				case "test_float64":
+					ok = g.Get() == float64(6)
+				case "test_duration":
+					ok = g.Get() == time.Duration(7)
+				}
+				if !ok {
+					t.Errorf("Visit: bad value %T(%v) for %s", g.Get(), g.Get(), name)
+				}
+			}
+		}
+	}
+	VisitAll(visitor)
+}
+
+func testParse(f *FlagSet, t *testing.T) {
+	if f.Parsed() {
+		t.Error("f.Parse() = true before Parse")
+	}
+	boolFlag := f.Bool([]string{"bool"}, false, "bool value")
+	bool2Flag := f.Bool([]string{"bool2"}, false, "bool2 value")
+	f.Bool([]string{"bool3"}, false, "bool3 value")
+	bool4Flag := f.Bool([]string{"bool4"}, false, "bool4 value")
+	intFlag := f.Int([]string{"-int"}, 0, "int value")
+	int64Flag := f.Int64([]string{"-int64"}, 0, "int64 value")
+	uintFlag := f.Uint([]string{"uint"}, 0, "uint value")
+	uint64Flag := f.Uint64([]string{"-uint64"}, 0, "uint64 value")
+	stringFlag := f.String([]string{"string"}, "0", "string value")
+	f.String([]string{"string2"}, "0", "string2 value")
+	singleQuoteFlag := f.String([]string{"squote"}, "", "single quoted value")
+	doubleQuoteFlag := f.String([]string{"dquote"}, "", "double quoted value")
+	mixedQuoteFlag := f.String([]string{"mquote"}, "", "mixed quoted value")
+	mixed2QuoteFlag := f.String([]string{"mquote2"}, "", "mixed2 quoted value")
+	nestedQuoteFlag := f.String([]string{"nquote"}, "", "nested quoted value")
+	nested2QuoteFlag := f.String([]string{"nquote2"}, "", "nested2 quoted value")
+	float64Flag := f.Float64([]string{"float64"}, 0, "float64 value")
+	durationFlag := f.Duration([]string{"duration"}, 5*time.Second, "time.Duration value")
+	extra := "one-extra-argument"
+	args := []string{
+		"-bool",
+		"-bool2=true",
+		"-bool4=false",
+		"--int", "22",
+		"--int64", "0x23",
+		"-uint", "24",
+		"--uint64", "25",
+		"-string", "hello",
+		"-squote='single'",
+		`-dquote="double"`,
+		`-mquote='mixed"`,
+		`-mquote2="mixed2'`,
+		`-nquote="'single nested'"`,
+		`-nquote2='"double nested"'`,
+		"-float64", "2718e28",
+		"-duration", "2m",
+		extra,
+	}
+	if err := f.Parse(args); err != nil {
+		t.Fatal(err)
+	}
+	if !f.Parsed() {
+		t.Error("f.Parse() = false after Parse")
+	}
+	if *boolFlag != true {
+		t.Error("bool flag should be true, is ", *boolFlag)
+	}
+	if *bool2Flag != true {
+		t.Error("bool2 flag should be true, is ", *bool2Flag)
+	}
+	if !f.IsSet("bool2") {
+		t.Error("bool2 should be marked as set")
+	}
+	if f.IsSet("bool3") {
+		t.Error("bool3 should not be marked as set")
+	}
+	if !f.IsSet("bool4") {
+		t.Error("bool4 should be marked as set")
+	}
+	if *bool4Flag != false {
+		t.Error("bool4 flag should be false, is ", *bool4Flag)
+	}
+	if *intFlag != 22 {
+		t.Error("int flag should be 22, is ", *intFlag)
+	}
+	if *int64Flag != 0x23 {
+		t.Error("int64 flag should be 0x23, is ", *int64Flag)
+	}
+	if *uintFlag != 24 {
+		t.Error("uint flag should be 24, is ", *uintFlag)
+	}
+	if *uint64Flag != 25 {
+		t.Error("uint64 flag should be 25, is ", *uint64Flag)
+	}
+	if *stringFlag != "hello" {
+		t.Error("string flag should be `hello`, is ", *stringFlag)
+	}
+	if !f.IsSet("string") {
+		t.Error("string flag should be marked as set")
+	}
+	if f.IsSet("string2") {
+		t.Error("string2 flag should not be marked as set")
+	}
+	if *singleQuoteFlag != "single" {
+		t.Error("single quote string flag should be `single`, is ", *singleQuoteFlag)
+	}
+	if *doubleQuoteFlag != "double" {
+		t.Error("double quote string flag should be `double`, is ", *doubleQuoteFlag)
+	}
+	if *mixedQuoteFlag != `'mixed"` {
+		t.Error("mixed quote string flag should be `'mixed\"`, is ", *mixedQuoteFlag)
+	}
+	if *mixed2QuoteFlag != `"mixed2'` {
+		t.Error("mixed2 quote string flag should be `\"mixed2'`, is ", *mixed2QuoteFlag)
+	}
+	if *nestedQuoteFlag != "'single nested'" {
+		t.Error("nested quote string flag should be `'single nested'`, is ", *nestedQuoteFlag)
+	}
+	if *nested2QuoteFlag != `"double nested"` {
+		t.Error("double quote string flag should be `\"double nested\"`, is ", *nested2QuoteFlag)
+	}
+	if *float64Flag != 2718e28 {
+		t.Error("float64 flag should be 2718e28, is ", *float64Flag)
+	}
+	if *durationFlag != 2*time.Minute {
+		t.Error("duration flag should be 2m, is ", *durationFlag)
+	}
+	if len(f.Args()) != 1 {
+		t.Error("expected one argument, got", len(f.Args()))
+	} else if f.Args()[0] != extra {
+		t.Errorf("expected argument %q got %q", extra, f.Args()[0])
+	}
+}
+
+func testPanic(f *FlagSet, t *testing.T) {
+	f.Int([]string{"-int"}, 0, "int value")
+	if f.Parsed() {
+		t.Error("f.Parse() = true before Parse")
+	}
+	args := []string{
+		"-int", "21",
+	}
+	f.Parse(args)
+}
+
+func TestParsePanic(t *testing.T) {
+	ResetForTesting(func() {})
+	testPanic(CommandLine, t)
+}
+
+func TestParse(t *testing.T) {
+	ResetForTesting(func() { t.Error("bad parse") })
+	testParse(CommandLine, t)
+}
+
+func TestFlagSetParse(t *testing.T) {
+	testParse(NewFlagSet("test", ContinueOnError), t)
+}
+
+// Declare a user-defined flag type.
+type flagVar []string
+
+func (f *flagVar) String() string {
+	return fmt.Sprint([]string(*f))
+}
+
+func (f *flagVar) Set(value string) error {
+	*f = append(*f, value)
+	return nil
+}
+
+func TestUserDefined(t *testing.T) {
+	var flags FlagSet
+	flags.Init("test", ContinueOnError)
+	var v flagVar
+	flags.Var(&v, []string{"v"}, "usage")
+	if err := flags.Parse([]string{"-v", "1", "-v", "2", "-v=3"}); err != nil {
+		t.Error(err)
+	}
+	if len(v) != 3 {
+		t.Fatal("expected 3 args; got ", len(v))
+	}
+	expect := "[1 2 3]"
+	if v.String() != expect {
+		t.Errorf("expected value %q got %q", expect, v.String())
+	}
+}
+
+// Declare a user-defined boolean flag type.
+type boolFlagVar struct {
+	count int
+}
+
+func (b *boolFlagVar) String() string {
+	return fmt.Sprintf("%d", b.count)
+}
+
+func (b *boolFlagVar) Set(value string) error {
+	if value == "true" {
+		b.count++
+	}
+	return nil
+}
+
+func (b *boolFlagVar) IsBoolFlag() bool {
+	return b.count < 4
+}
+
+func TestUserDefinedBool(t *testing.T) {
+	var flags FlagSet
+	flags.Init("test", ContinueOnError)
+	var b boolFlagVar
+	var err error
+	flags.Var(&b, []string{"b"}, "usage")
+	if err = flags.Parse([]string{"-b", "-b", "-b", "-b=true", "-b=false", "-b", "barg", "-b"}); err != nil {
+		if b.count < 4 {
+			t.Error(err)
+		}
+	}
+
+	if b.count != 4 {
+		t.Errorf("want: %d; got: %d", 4, b.count)
+	}
+
+	if err == nil {
+		t.Error("expected error; got none")
+	}
+}
+
+func TestSetOutput(t *testing.T) {
+	var flags FlagSet
+	var buf bytes.Buffer
+	flags.SetOutput(&buf)
+	flags.Init("test", ContinueOnError)
+	flags.Parse([]string{"-unknown"})
+	if out := buf.String(); !strings.Contains(out, "-unknown") {
+		t.Logf("expected output mentioning unknown; got %q", out)
+	}
+}
+
+// This tests that one can reset the flags. This still works but not well, and is
+// superseded by FlagSet.
+func TestChangingArgs(t *testing.T) {
+	ResetForTesting(func() { t.Fatal("bad parse") })
+	oldArgs := os.Args
+	defer func() { os.Args = oldArgs }()
+	os.Args = []string{"cmd", "-before", "subcmd", "-after", "args"}
+	before := Bool([]string{"before"}, false, "")
+	if err := CommandLine.Parse(os.Args[1:]); err != nil {
+		t.Fatal(err)
+	}
+	cmd := Arg(0)
+	os.Args = Args()
+	after := Bool([]string{"after"}, false, "")
+	Parse()
+	args := Args()
+
+	if !*before || cmd != "subcmd" || !*after || len(args) != 1 || args[0] != "args" {
+		t.Fatalf("expected true subcmd true [args] got %v %v %v %v", *before, cmd, *after, args)
+	}
+}
+
+// Test that -help invokes the usage message and returns ErrHelp.
+func TestHelp(t *testing.T) {
+	var helpCalled = false
+	fs := NewFlagSet("help test", ContinueOnError)
+	fs.Usage = func() { helpCalled = true }
+	var flag bool
+	fs.BoolVar(&flag, []string{"flag"}, false, "regular flag")
+	// Regular flag invocation should work
+	err := fs.Parse([]string{"-flag=true"})
+	if err != nil {
+		t.Fatal("expected no error; got ", err)
+	}
+	if !flag {
+		t.Error("flag was not set by -flag")
+	}
+	if helpCalled {
+		t.Error("help called for regular flag")
+		helpCalled = false // reset for next test
+	}
+	// Help flag should work as expected.
+	err = fs.Parse([]string{"-help"})
+	if err == nil {
+		t.Fatal("error expected")
+	}
+	if err != ErrHelp {
+		t.Fatal("expected ErrHelp; got ", err)
+	}
+	if !helpCalled {
+		t.Fatal("help was not called")
+	}
+	// If we define a help flag, that should override.
+	var help bool
+	fs.BoolVar(&help, []string{"help"}, false, "help flag")
+	helpCalled = false
+	err = fs.Parse([]string{"-help"})
+	if err != nil {
+		t.Fatal("expected no error for defined -help; got ", err)
+	}
+	if helpCalled {
+		t.Fatal("help was called; should not have been for defined help flag")
+	}
+}
+
+// Test the flag count functions.
+func TestFlagCounts(t *testing.T) {
+	fs := NewFlagSet("help test", ContinueOnError)
+	var flag bool
+	fs.BoolVar(&flag, []string{"flag1"}, false, "regular flag")
+	fs.BoolVar(&flag, []string{"#deprecated1"}, false, "regular flag")
+	fs.BoolVar(&flag, []string{"f", "flag2"}, false, "regular flag")
+	fs.BoolVar(&flag, []string{"#d", "#deprecated2"}, false, "regular flag")
+	fs.BoolVar(&flag, []string{"flag3"}, false, "regular flag")
+	fs.BoolVar(&flag, []string{"g", "#flag4", "-flag4"}, false, "regular flag")
+
+	if fs.FlagCount() != 6 {
+		t.Fatal("FlagCount wrong. ", fs.FlagCount())
+	}
+	if fs.FlagCountUndeprecated() != 4 {
+		t.Fatal("FlagCountUndeprecated wrong. ", fs.FlagCountUndeprecated())
+	}
+	if fs.NFlag() != 0 {
+		t.Fatal("NFlag wrong. ", fs.NFlag())
+	}
+	err := fs.Parse([]string{"-fd", "-g", "-flag4"})
+	if err != nil {
+		t.Fatal("expected no error for defined -help; got ", err)
+	}
+	if fs.NFlag() != 4 {
+		t.Fatal("NFlag wrong. ", fs.NFlag())
+	}
+}
+
+// Show up bug in sortFlags
+func TestSortFlags(t *testing.T) {
+	fs := NewFlagSet("help TestSortFlags", ContinueOnError)
+
+	var err error
+
+	var b bool
+	fs.BoolVar(&b, []string{"b", "-banana"}, false, "usage")
+
+	err = fs.Parse([]string{"--banana=true"})
+	if err != nil {
+		t.Fatal("expected no error; got ", err)
+	}
+
+	count := 0
+
+	fs.VisitAll(func(flag *Flag) {
+		count++
+		if flag == nil {
+			t.Fatal("VisitAll should not return a nil flag")
+		}
+	})
+	flagcount := fs.FlagCount()
+	if flagcount != count {
+		t.Fatalf("FlagCount (%d) != number (%d) of elements visited", flagcount, count)
+	}
+	// Make sure its idempotent
+	if flagcount != fs.FlagCount() {
+		t.Fatalf("FlagCount (%d) != fs.FlagCount() (%d) of elements visited", flagcount, fs.FlagCount())
+	}
+
+	count = 0
+	fs.Visit(func(flag *Flag) {
+		count++
+		if flag == nil {
+			t.Fatal("Visit should not return a nil flag")
+		}
+	})
+	nflag := fs.NFlag()
+	if nflag != count {
+		t.Fatalf("NFlag (%d) != number (%d) of elements visited", nflag, count)
+	}
+	if nflag != fs.NFlag() {
+		t.Fatalf("NFlag (%d) != fs.NFlag() (%d) of elements visited", nflag, fs.NFlag())
+	}
+}
+
+func TestMergeFlags(t *testing.T) {
+	base := NewFlagSet("base", ContinueOnError)
+	base.String([]string{"f"}, "", "")
+
+	fs := NewFlagSet("test", ContinueOnError)
+	Merge(fs, base)
+	if len(fs.formal) != 1 {
+		t.Fatalf("FlagCount (%d) != number (1) of elements merged", len(fs.formal))
+	}
+}
diff --git a/pkg/mount/flags.go b/pkg/mount/flags.go
new file mode 100644
index 00000000..d2fb1fb4
--- /dev/null
+++ b/pkg/mount/flags.go
@@ -0,0 +1,92 @@
+package mount
+
+import (
+	"fmt"
+	"strings"
+)
+
+// Parse fstab type mount options into mount() flags
+// and device specific data
+func parseOptions(options string) (int, string) {
+	var (
+		flag int
+		data []string
+	)
+
+	flags := map[string]struct {
+		clear bool
+		flag  int
+	}{
+		"defaults":      {false, 0},
+		"ro":            {false, RDONLY},
+		"rw":            {true, RDONLY},
+		"suid":          {true, NOSUID},
+		"nosuid":        {false, NOSUID},
+		"dev":           {true, NODEV},
+		"nodev":         {false, NODEV},
+		"exec":          {true, NOEXEC},
+		"noexec":        {false, NOEXEC},
+		"sync":          {false, SYNCHRONOUS},
+		"async":         {true, SYNCHRONOUS},
+		"dirsync":       {false, DIRSYNC},
+		"remount":       {false, REMOUNT},
+		"mand":          {false, MANDLOCK},
+		"nomand":        {true, MANDLOCK},
+		"atime":         {true, NOATIME},
+		"noatime":       {false, NOATIME},
+		"diratime":      {true, NODIRATIME},
+		"nodiratime":    {false, NODIRATIME},
+		"bind":          {false, BIND},
+		"rbind":         {false, RBIND},
+		"unbindable":    {false, UNBINDABLE},
+		"runbindable":   {false, RUNBINDABLE},
+		"private":       {false, PRIVATE},
+		"rprivate":      {false, RPRIVATE},
+		"shared":        {false, SHARED},
+		"rshared":       {false, RSHARED},
+		"slave":         {false, SLAVE},
+		"rslave":        {false, RSLAVE},
+		"relatime":      {false, RELATIME},
+		"norelatime":    {true, RELATIME},
+		"strictatime":   {false, STRICTATIME},
+		"nostrictatime": {true, STRICTATIME},
+	}
+
+	for _, o := range strings.Split(options, ",") {
+		// If the option does not exist in the flags table or the flag
+		// is not supported on the platform,
+		// then it is a data value for a specific fs type
+		if f, exists := flags[o]; exists && f.flag != 0 {
+			if f.clear {
+				flag &= ^f.flag
+			} else {
+				flag |= f.flag
+			}
+		} else {
+			data = append(data, o)
+		}
+	}
+	return flag, strings.Join(data, ",")
+}
+
+// ParseTmpfsOptions parse fstab type mount options into flags and data
+func ParseTmpfsOptions(options string) (int, string, error) {
+	flags, data := parseOptions(options)
+	validFlags := map[string]bool{
+		"":          true,
+		"size":      true,
+		"mode":      true,
+		"uid":       true,
+		"gid":       true,
+		"nr_inodes": true,
+		"nr_blocks": true,
+		"mpol":      true,
+	}
+	for _, o := range strings.Split(data, ",") {
+		opt := strings.SplitN(o, "=", 2)
+		if !validFlags[opt[0]] {
+			return 0, "", fmt.Errorf("Invalid tmpfs option %q", opt)
+		}
+	}
+	return flags, data, nil
+}
diff --git a/pkg/mount/flags_freebsd.go b/pkg/mount/flags_freebsd.go
new file mode 100644
index 00000000..f166cb2f
--- /dev/null
+++ b/pkg/mount/flags_freebsd.go
@@ -0,0 +1,48 @@
+// +build freebsd,cgo
+
+package mount
+
+/*
+#include <sys/mount.h>
+*/
+import "C"
+
+const (
+	// RDONLY will mount the filesystem as read-only.
+	RDONLY = C.MNT_RDONLY
+
+	// NOSUID will not allow set-user-identifier or set-group-identifier bits to
+	// take effect.
+	NOSUID = C.MNT_NOSUID
+
+	// NOEXEC will not allow execution of any binaries on the mounted file system.
+	NOEXEC = C.MNT_NOEXEC
+
+	// SYNCHRONOUS will allow any I/O to the file system to be done synchronously.
+	SYNCHRONOUS = C.MNT_SYNCHRONOUS
+
+	// NOATIME will not update the file access time when reading from a file.
+	NOATIME = C.MNT_NOATIME
+)
+
+// These flags are unsupported.
+const (
+	BIND        = 0
+	DIRSYNC     = 0
+	MANDLOCK    = 0
+	NODEV       = 0
+	NODIRATIME  = 0
+	UNBINDABLE  = 0
+	RUNBINDABLE = 0
+	PRIVATE     = 0
+	RPRIVATE    = 0
+	SHARED      = 0
+	RSHARED     = 0
+	SLAVE       = 0
+	RSLAVE      = 0
+	RBIND       = 0
+	RELATIVE    = 0
+	RELATIME    = 0
+	REMOUNT     = 0
+	STRICTATIME = 0
+)
diff --git a/pkg/mount/flags_linux.go b/pkg/mount/flags_linux.go
new file mode 100644
index 00000000..dc696dce
--- /dev/null
+++ b/pkg/mount/flags_linux.go
@@ -0,0 +1,85 @@
+package mount
+
+import (
+	"syscall"
+)
+
+const (
+	// RDONLY will mount the file system read-only.
+	RDONLY = syscall.MS_RDONLY
+
+	// NOSUID will not allow set-user-identifier or set-group-identifier bits to
+	// take effect.
+	NOSUID = syscall.MS_NOSUID
+
+	// NODEV will not interpret character or block special devices on the file
+	// system.
+	NODEV = syscall.MS_NODEV
+
+	// NOEXEC will not allow execution of any binaries on the mounted file system.
+	NOEXEC = syscall.MS_NOEXEC
+
+	// SYNCHRONOUS will allow I/O to the file system to be done synchronously.
+	SYNCHRONOUS = syscall.MS_SYNCHRONOUS
+
+	// DIRSYNC will force all directory updates within the file system to be done
+	// synchronously. This affects the following system calls: create, link,
+	// unlink, symlink, mkdir, rmdir, mknod and rename.
+	DIRSYNC = syscall.MS_DIRSYNC
+
+	// REMOUNT will attempt to remount an already-mounted file system. This is
+	// commonly used to change the mount flags for a file system, especially to
+	// make a readonly file system writeable. It does not change device or mount
+	// point.
+	REMOUNT = syscall.MS_REMOUNT
+
+	// MANDLOCK will force mandatory locks on a filesystem.
+	MANDLOCK = syscall.MS_MANDLOCK
+
+	// NOATIME will not update the file access time when reading from a file.
+	NOATIME = syscall.MS_NOATIME
+
+	// NODIRATIME will not update the directory access time.
+	NODIRATIME = syscall.MS_NODIRATIME
+
+	// BIND remounts a subtree somewhere else.
+	BIND = syscall.MS_BIND
+
+	// RBIND remounts a subtree and all possible submounts somewhere else.
+	RBIND = syscall.MS_BIND | syscall.MS_REC
+
+	// UNBINDABLE creates a mount which cannot be cloned through a bind operation.
+	UNBINDABLE = syscall.MS_UNBINDABLE
+
+	// RUNBINDABLE marks the entire mount tree as UNBINDABLE.
+	RUNBINDABLE = syscall.MS_UNBINDABLE | syscall.MS_REC
+
+	// PRIVATE creates a mount which carries no propagation abilities.
+	PRIVATE = syscall.MS_PRIVATE
+
+	// RPRIVATE marks the entire mount tree as PRIVATE.
+	RPRIVATE = syscall.MS_PRIVATE | syscall.MS_REC
+
+	// SLAVE creates a mount which receives propagation from its master, but not
+	// vice versa.
+	SLAVE = syscall.MS_SLAVE
+
+	// RSLAVE marks the entire mount tree as SLAVE.
+	RSLAVE = syscall.MS_SLAVE | syscall.MS_REC
+
+	// SHARED creates a mount which provides the ability to create mirrors of
+	// that mount such that mounts and unmounts within any of the mirrors
+	// propagate to the other mirrors.
+	SHARED = syscall.MS_SHARED
+
+	// RSHARED marks the entire mount tree as SHARED.
+	RSHARED = syscall.MS_SHARED | syscall.MS_REC
+
+	// RELATIME updates inode access times relative to modify or change time.
+	RELATIME = syscall.MS_RELATIME
+
+	// STRICTATIME allows to explicitly request full atime updates.  This makes
+	// it possible for the kernel to default to relatime or noatime but still
+	// allow userspace to override it.
+	STRICTATIME = syscall.MS_STRICTATIME
+)
diff --git a/pkg/mount/flags_unsupported.go b/pkg/mount/flags_unsupported.go
new file mode 100644
index 00000000..a90d3d11
--- /dev/null
+++ b/pkg/mount/flags_unsupported.go
@@ -0,0 +1,30 @@
+// +build !linux,!freebsd freebsd,!cgo
+
+package mount
+
+// These flags are unsupported.
+const (
+	BIND        = 0
+	DIRSYNC     = 0
+	MANDLOCK    = 0
+	NOATIME     = 0
+	NODEV       = 0
+	NODIRATIME  = 0
+	NOEXEC      = 0
+	NOSUID      = 0
+	UNBINDABLE  = 0
+	RUNBINDABLE = 0
+	PRIVATE     = 0
+	RPRIVATE    = 0
+	SHARED      = 0
+	RSHARED     = 0
+	SLAVE       = 0
+	RSLAVE      = 0
+	RBIND       = 0
+	RELATIME    = 0
+	RELATIVE    = 0
+	REMOUNT     = 0
+	STRICTATIME = 0
+	SYNCHRONOUS = 0
+	RDONLY      = 0
+)
diff --git a/pkg/mount/mount.go b/pkg/mount/mount.go
new file mode 100644
index 00000000..ed7216e5
--- /dev/null
+++ b/pkg/mount/mount.go
@@ -0,0 +1,74 @@
+package mount
+
+import (
+	"time"
+)
+
+// GetMounts retrieves a list of mounts for the current running process.
+func GetMounts() ([]*Info, error) {
+	return parseMountTable()
+}
+
+// Mounted looks at /proc/self/mountinfo to determine of the specified
+// mountpoint has been mounted
+func Mounted(mountpoint string) (bool, error) {
+	entries, err := parseMountTable()
+	if err != nil {
+		return false, err
+	}
+
+	// Search the table for the mountpoint
+	for _, e := range entries {
+		if e.Mountpoint == mountpoint {
+			return true, nil
+		}
+	}
+	return false, nil
+}
+
+// Mount will mount filesystem according to the specified configuration, on the
+// condition that the target path is *not* already mounted. Options must be
+// specified like the mount or fstab unix commands: "opt1=val1,opt2=val2". See
+// flags.go for supported option flags.
+func Mount(device, target, mType, options string) error {
+	flag, _ := parseOptions(options)
+	if flag&REMOUNT != REMOUNT {
+		if mounted, err := Mounted(target); err != nil || mounted {
+			return err
+		}
+	}
+	return ForceMount(device, target, mType, options)
+}
+
+// ForceMount will mount a filesystem according to the specified configuration,
+// *regardless* if the target path is not already mounted. Options must be
+// specified like the mount or fstab unix commands: "opt1=val1,opt2=val2". See
+// flags.go for supported option flags.
+func ForceMount(device, target, mType, options string) error {
+	flag, data := parseOptions(options)
+	if err := mount(device, target, mType, uintptr(flag), data); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Unmount will unmount the target filesystem, so long as it is mounted.
+func Unmount(target string) error {
+	if mounted, err := Mounted(target); err != nil || !mounted {
+		return err
+	}
+	return ForceUnmount(target)
+}
+
+// ForceUnmount will force an unmount of the target filesystem, regardless if
+// it is mounted or not.
+func ForceUnmount(target string) (err error) {
+	// Simple retry logic for unmount
+	for i := 0; i < 10; i++ {
+		if err = unmount(target, 0); err == nil {
+			return nil
+		}
+		time.Sleep(100 * time.Millisecond)
+	}
+	return
+}
diff --git a/pkg/mount/mount_unix_test.go b/pkg/mount/mount_unix_test.go
new file mode 100644
index 00000000..d45fbc1b
--- /dev/null
+++ b/pkg/mount/mount_unix_test.go
@@ -0,0 +1,139 @@
+// +build !windows
+
+package mount
+
+import (
+	"os"
+	"path"
+	"testing"
+)
+
+func TestMountOptionsParsing(t *testing.T) {
+	options := "noatime,ro,size=10k"
+
+	flag, data := parseOptions(options)
+
+	if data != "size=10k" {
+		t.Fatalf("Expected size=10 got %s", data)
+	}
+
+	expectedFlag := NOATIME | RDONLY
+
+	if flag != expectedFlag {
+		t.Fatalf("Expected %d got %d", expectedFlag, flag)
+	}
+}
+
+func TestMounted(t *testing.T) {
+	tmp := path.Join(os.TempDir(), "mount-tests")
+	if err := os.MkdirAll(tmp, 0777); err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmp)
+
+	var (
+		sourceDir  = path.Join(tmp, "source")
+		targetDir  = path.Join(tmp, "target")
+		sourcePath = path.Join(sourceDir, "file.txt")
+		targetPath = path.Join(targetDir, "file.txt")
+	)
+
+	os.Mkdir(sourceDir, 0777)
+	os.Mkdir(targetDir, 0777)
+
+	f, err := os.Create(sourcePath)
+	if err != nil {
+		t.Fatal(err)
+	}
+	f.WriteString("hello")
+	f.Close()
+
+	f, err = os.Create(targetPath)
+	if err != nil {
+		t.Fatal(err)
+	}
+	f.Close()
+
+	if err := Mount(sourceDir, targetDir, "none", "bind,rw"); err != nil {
+		t.Fatal(err)
+	}
+	defer func() {
+		if err := Unmount(targetDir); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	mounted, err := Mounted(targetDir)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !mounted {
+		t.Fatalf("Expected %s to be mounted", targetDir)
+	}
+	if _, err := os.Stat(targetDir); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestMountReadonly(t *testing.T) {
+	tmp := path.Join(os.TempDir(), "mount-tests")
+	if err := os.MkdirAll(tmp, 0777); err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmp)
+
+	var (
+		sourceDir  = path.Join(tmp, "source")
+		targetDir  = path.Join(tmp, "target")
+		sourcePath = path.Join(sourceDir, "file.txt")
+		targetPath = path.Join(targetDir, "file.txt")
+	)
+
+	os.Mkdir(sourceDir, 0777)
+	os.Mkdir(targetDir, 0777)
+
+	f, err := os.Create(sourcePath)
+	if err != nil {
+		t.Fatal(err)
+	}
+	f.WriteString("hello")
+	f.Close()
+
+	f, err = os.Create(targetPath)
+	if err != nil {
+		t.Fatal(err)
+	}
+	f.Close()
+
+	if err := Mount(sourceDir, targetDir, "none", "bind,ro"); err != nil {
+		t.Fatal(err)
+	}
+	defer func() {
+		if err := Unmount(targetDir); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	f, err = os.OpenFile(targetPath, os.O_RDWR, 0777)
+	if err == nil {
+		t.Fatal("Should not be able to open a ro file as rw")
+	}
+}
+
+func TestGetMounts(t *testing.T) {
+	mounts, err := GetMounts()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	root := false
+	for _, entry := range mounts {
+		if entry.Mountpoint == "/" {
+			root = true
+		}
+	}
+
+	if !root {
+		t.Fatal("/ should be mounted at least")
+	}
+}
diff --git a/pkg/mount/mounter_freebsd.go b/pkg/mount/mounter_freebsd.go
new file mode 100644
index 00000000..bb870e6f
--- /dev/null
+++ b/pkg/mount/mounter_freebsd.go
@@ -0,0 +1,59 @@
+package mount
+
+/*
+#include <errno.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/_iovec.h>
+#include <sys/mount.h>
+#include <sys/param.h>
+*/
+import "C"
+
+import (
+	"fmt"
+	"strings"
+	"syscall"
+	"unsafe"
+)
+
+func allocateIOVecs(options []string) []C.struct_iovec {
+	out := make([]C.struct_iovec, len(options))
+	for i, option := range options {
+		out[i].iov_base = unsafe.Pointer(C.CString(option))
+		out[i].iov_len = C.size_t(len(option) + 1)
+	}
+	return out
+}
+
+func mount(device, target, mType string, flag uintptr, data string) error {
+	isNullFS := false
+
+	xs := strings.Split(data, ",")
+	for _, x := range xs {
+		if x == "bind" {
+			isNullFS = true
+		}
+	}
+
+	options := []string{"fspath", target}
+	if isNullFS {
+		options = append(options, "fstype", "nullfs", "target", device)
+	} else {
+		options = append(options, "fstype", mType, "from", device)
+	}
+	rawOptions := allocateIOVecs(options)
+	for _, rawOption := range rawOptions {
+		defer C.free(rawOption.iov_base)
+	}
+
+	if errno := C.nmount(&rawOptions[0], C.uint(len(options)), C.int(flag)); errno != 0 {
+		reason := C.GoString(C.strerror(*C.__error()))
+		return fmt.Errorf("Failed to call nmount: %s", reason)
+	}
+	return nil
+}
+
+func unmount(target string, flag int) error {
+	return syscall.Unmount(target, flag)
+}
diff --git a/pkg/mount/mounter_linux.go b/pkg/mount/mounter_linux.go
new file mode 100644
index 00000000..dd4280c7
--- /dev/null
+++ b/pkg/mount/mounter_linux.go
@@ -0,0 +1,21 @@
+package mount
+
+import (
+	"syscall"
+)
+
+func mount(device, target, mType string, flag uintptr, data string) error {
+	if err := syscall.Mount(device, target, mType, flag, data); err != nil {
+		return err
+	}
+
+	// If we have a bind mount or remount, remount...
+	if flag&syscall.MS_BIND == syscall.MS_BIND && flag&syscall.MS_RDONLY == syscall.MS_RDONLY {
+		return syscall.Mount(device, target, mType, flag|syscall.MS_REMOUNT, data)
+	}
+	return nil
+}
+
+func unmount(target string, flag int) error {
+	return syscall.Unmount(target, flag)
+}
diff --git a/pkg/mount/mounter_unsupported.go b/pkg/mount/mounter_unsupported.go
new file mode 100644
index 00000000..eb93365e
--- /dev/null
+++ b/pkg/mount/mounter_unsupported.go
@@ -0,0 +1,11 @@
+// +build !linux,!freebsd freebsd,!cgo
+
+package mount
+
+func mount(device, target, mType string, flag uintptr, data string) error {
+	panic("Not implemented")
+}
+
+func unmount(target string, flag int) error {
+	panic("Not implemented")
+}
diff --git a/pkg/mount/mountinfo.go b/pkg/mount/mountinfo.go
new file mode 100644
index 00000000..e3fc3535
--- /dev/null
+++ b/pkg/mount/mountinfo.go
@@ -0,0 +1,40 @@
+package mount
+
+// Info reveals information about a particular mounted filesystem. This
+// struct is populated from the content in the /proc/<pid>/mountinfo file.
+type Info struct {
+	// ID is a unique identifier of the mount (may be reused after umount).
+	ID int
+
+	// Parent indicates the ID of the mount parent (or of self for the top of the
+	// mount tree).
+	Parent int
+
+	// Major indicates one half of the device ID which identifies the device class.
+	Major int
+
+	// Minor indicates one half of the device ID which identifies a specific
+	// instance of device.
+	Minor int
+
+	// Root of the mount within the filesystem.
+	Root string
+
+	// Mountpoint indicates the mount point relative to the process's root.
+	Mountpoint string
+
+	// Opts represents mount-specific options.
+	Opts string
+
+	// Optional represents optional fields.
+	Optional string
+
+	// Fstype indicates the type of filesystem, such as EXT3.
+	Fstype string
+
+	// Source indicates filesystem specific information or "none".
+	Source string
+
+	// VfsOpts represents per super block options.
+	VfsOpts string
+}
diff --git a/pkg/mount/mountinfo_freebsd.go b/pkg/mount/mountinfo_freebsd.go
new file mode 100644
index 00000000..4f32edcd
--- /dev/null
+++ b/pkg/mount/mountinfo_freebsd.go
@@ -0,0 +1,41 @@
+package mount
+
+/*
+#include <sys/param.h>
+#include <sys/ucred.h>
+#include <sys/mount.h>
+*/
+import "C"
+
+import (
+	"fmt"
+	"reflect"
+	"unsafe"
+)
+
+// Parse /proc/self/mountinfo because comparing Dev and ino does not work from
+// bind mounts.
+func parseMountTable() ([]*Info, error) {
+	var rawEntries *C.struct_statfs
+
+	count := int(C.getmntinfo(&rawEntries, C.MNT_WAIT))
+	if count == 0 {
+		return nil, fmt.Errorf("Failed to call getmntinfo")
+	}
+
+	var entries []C.struct_statfs
+	header := (*reflect.SliceHeader)(unsafe.Pointer(&entries))
+	header.Cap = count
+	header.Len = count
+	header.Data = uintptr(unsafe.Pointer(rawEntries))
+
+	var out []*Info
+	for _, entry := range entries {
+		var mountinfo Info
+		mountinfo.Mountpoint = C.GoString(&entry.f_mntonname[0])
+		mountinfo.Source = C.GoString(&entry.f_mntfromname[0])
+		mountinfo.Fstype = C.GoString(&entry.f_fstypename[0])
+		out = append(out, &mountinfo)
+	}
+	return out, nil
+}
diff --git a/pkg/mount/mountinfo_linux.go b/pkg/mount/mountinfo_linux.go
new file mode 100644
index 00000000..be69fee1
--- /dev/null
+++ b/pkg/mount/mountinfo_linux.go
@@ -0,0 +1,95 @@
+// +build linux
+
+package mount
+
+import (
+	"bufio"
+	"fmt"
+	"io"
+	"os"
+	"strings"
+)
+
+const (
+	/* 36 35 98:0 /mnt1 /mnt2 rw,noatime master:1 - ext3 /dev/root rw,errors=continue
+	   (1)(2)(3)   (4)   (5)      (6)      (7)   (8) (9)   (10)         (11)
+
+	   (1) mount ID:  unique identifier of the mount (may be reused after umount)
+	   (2) parent ID:  ID of parent (or of self for the top of the mount tree)
+	   (3) major:minor:  value of st_dev for files on filesystem
+	   (4) root:  root of the mount within the filesystem
+	   (5) mount point:  mount point relative to the process's root
+	   (6) mount options:  per mount options
+	   (7) optional fields:  zero or more fields of the form "tag[:value]"
+	   (8) separator:  marks the end of the optional fields
+	   (9) filesystem type:  name of filesystem of the form "type[.subtype]"
+	   (10) mount source:  filesystem specific information or "none"
+	   (11) super options:  per super block options*/
+	mountinfoFormat = "%d %d %d:%d %s %s %s %s"
+)
+
+// Parse /proc/self/mountinfo because comparing Dev and ino does not work from
+// bind mounts
+func parseMountTable() ([]*Info, error) {
+	f, err := os.Open("/proc/self/mountinfo")
+	if err != nil {
+		return nil, err
+	}
+	defer f.Close()
+
+	return parseInfoFile(f)
+}
+
+func parseInfoFile(r io.Reader) ([]*Info, error) {
+	var (
+		s   = bufio.NewScanner(r)
+		out = []*Info{}
+	)
+
+	for s.Scan() {
+		if err := s.Err(); err != nil {
+			return nil, err
+		}
+
+		var (
+			p              = &Info{}
+			text           = s.Text()
+			optionalFields string
+		)
+
+		if _, err := fmt.Sscanf(text, mountinfoFormat,
+			&p.ID, &p.Parent, &p.Major, &p.Minor,
+			&p.Root, &p.Mountpoint, &p.Opts, &optionalFields); err != nil {
+			return nil, fmt.Errorf("Scanning '%s' failed: %s", text, err)
+		}
+		// Safe as mountinfo encodes mountpoints with spaces as \040.
+		index := strings.Index(text, " - ")
+		postSeparatorFields := strings.Fields(text[index+3:])
+		if len(postSeparatorFields) < 3 {
+			return nil, fmt.Errorf("Error found less than 3 fields post '-' in %q", text)
+		}
+
+		if optionalFields != "-" {
+			p.Optional = optionalFields
+		}
+
+		p.Fstype = postSeparatorFields[0]
+		p.Source = postSeparatorFields[1]
+		p.VfsOpts = strings.Join(postSeparatorFields[2:], " ")
+		out = append(out, p)
+	}
+	return out, nil
+}
+
+// PidMountInfo collects the mounts for a specific process ID. If the process
+// ID is unknown, it is better to use `GetMounts` which will inspect
+// "/proc/self/mountinfo" instead.
+func PidMountInfo(pid int) ([]*Info, error) {
+	f, err := os.Open(fmt.Sprintf("/proc/%d/mountinfo", pid))
+	if err != nil {
+		return nil, err
+	}
+	defer f.Close()
+
+	return parseInfoFile(f)
+}
diff --git a/pkg/mount/mountinfo_linux_test.go b/pkg/mount/mountinfo_linux_test.go
new file mode 100644
index 00000000..bd100e1d
--- /dev/null
+++ b/pkg/mount/mountinfo_linux_test.go
@@ -0,0 +1,476 @@
+// +build linux
+
+package mount
+
+import (
+	"bytes"
+	"testing"
+)
+
+const (
+	fedoraMountinfo = `15 35 0:3 / /proc rw,nosuid,nodev,noexec,relatime shared:5 - proc proc rw
+    16 35 0:14 / /sys rw,nosuid,nodev,noexec,relatime shared:6 - sysfs sysfs rw,seclabel
+    17 35 0:5 / /dev rw,nosuid shared:2 - devtmpfs devtmpfs rw,seclabel,size=8056484k,nr_inodes=2014121,mode=755
+    18 16 0:15 / /sys/kernel/security rw,nosuid,nodev,noexec,relatime shared:7 - securityfs securityfs rw
+    19 16 0:13 / /sys/fs/selinux rw,relatime shared:8 - selinuxfs selinuxfs rw
+    20 17 0:16 / /dev/shm rw,nosuid,nodev shared:3 - tmpfs tmpfs rw,seclabel
+    21 17 0:10 / /dev/pts rw,nosuid,noexec,relatime shared:4 - devpts devpts rw,seclabel,gid=5,mode=620,ptmxmode=000
+    22 35 0:17 / /run rw,nosuid,nodev shared:21 - tmpfs tmpfs rw,seclabel,mode=755
+    23 16 0:18 / /sys/fs/cgroup rw,nosuid,nodev,noexec shared:9 - tmpfs tmpfs rw,seclabel,mode=755
+    24 23 0:19 / /sys/fs/cgroup/systemd rw,nosuid,nodev,noexec,relatime shared:10 - cgroup cgroup rw,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd
+    25 16 0:20 / /sys/fs/pstore rw,nosuid,nodev,noexec,relatime shared:20 - pstore pstore rw
+    26 23 0:21 / /sys/fs/cgroup/cpuset rw,nosuid,nodev,noexec,relatime shared:11 - cgroup cgroup rw,cpuset,clone_children
+    27 23 0:22 / /sys/fs/cgroup/cpu,cpuacct rw,nosuid,nodev,noexec,relatime shared:12 - cgroup cgroup rw,cpuacct,cpu,clone_children
+    28 23 0:23 / /sys/fs/cgroup/memory rw,nosuid,nodev,noexec,relatime shared:13 - cgroup cgroup rw,memory,clone_children
+    29 23 0:24 / /sys/fs/cgroup/devices rw,nosuid,nodev,noexec,relatime shared:14 - cgroup cgroup rw,devices,clone_children
+    30 23 0:25 / /sys/fs/cgroup/freezer rw,nosuid,nodev,noexec,relatime shared:15 - cgroup cgroup rw,freezer,clone_children
+    31 23 0:26 / /sys/fs/cgroup/net_cls rw,nosuid,nodev,noexec,relatime shared:16 - cgroup cgroup rw,net_cls,clone_children
+    32 23 0:27 / /sys/fs/cgroup/blkio rw,nosuid,nodev,noexec,relatime shared:17 - cgroup cgroup rw,blkio,clone_children
+    33 23 0:28 / /sys/fs/cgroup/perf_event rw,nosuid,nodev,noexec,relatime shared:18 - cgroup cgroup rw,perf_event,clone_children
+    34 23 0:29 / /sys/fs/cgroup/hugetlb rw,nosuid,nodev,noexec,relatime shared:19 - cgroup cgroup rw,hugetlb,clone_children
+    35 1 253:2 / / rw,relatime shared:1 - ext4 /dev/mapper/ssd-root--f20 rw,seclabel,data=ordered
+    36 15 0:30 / /proc/sys/fs/binfmt_misc rw,relatime shared:22 - autofs systemd-1 rw,fd=38,pgrp=1,timeout=300,minproto=5,maxproto=5,direct
+    37 17 0:12 / /dev/mqueue rw,relatime shared:23 - mqueue mqueue rw,seclabel
+    38 35 0:31 / /tmp rw shared:24 - tmpfs tmpfs rw,seclabel
+    39 17 0:32 / /dev/hugepages rw,relatime shared:25 - hugetlbfs hugetlbfs rw,seclabel
+    40 16 0:7 / /sys/kernel/debug rw,relatime shared:26 - debugfs debugfs rw
+    41 16 0:33 / /sys/kernel/config rw,relatime shared:27 - configfs configfs rw
+    42 35 0:34 / /var/lib/nfs/rpc_pipefs rw,relatime shared:28 - rpc_pipefs sunrpc rw
+    43 15 0:35 / /proc/fs/nfsd rw,relatime shared:29 - nfsd sunrpc rw
+    45 35 8:17 / /boot rw,relatime shared:30 - ext4 /dev/sdb1 rw,seclabel,data=ordered
+    46 35 253:4 / /home rw,relatime shared:31 - ext4 /dev/mapper/ssd-home rw,seclabel,data=ordered
+    47 35 253:5 / /var/lib/libvirt/images rw,noatime,nodiratime shared:32 - ext4 /dev/mapper/ssd-virt rw,seclabel,discard,data=ordered
+    48 35 253:12 / /mnt/old rw,relatime shared:33 - ext4 /dev/mapper/HelpDeskRHEL6-FedoraRoot rw,seclabel,data=ordered
+    121 22 0:36 / /run/user/1000/gvfs rw,nosuid,nodev,relatime shared:104 - fuse.gvfsd-fuse gvfsd-fuse rw,user_id=1000,group_id=1000
+    124 16 0:37 / /sys/fs/fuse/connections rw,relatime shared:107 - fusectl fusectl rw
+    165 38 253:3 / /tmp/mnt rw,relatime shared:147 - ext4 /dev/mapper/ssd-root rw,seclabel,data=ordered
+    167 35 253:15 / /var/lib/docker/devicemapper/mnt/aae4076022f0e2b80a2afbf8fc6df450c52080191fcef7fb679a73e6f073e5c2 rw,relatime shared:149 - ext4 /dev/mapper/docker-253:2-425882-aae4076022f0e2b80a2afbf8fc6df450c52080191fcef7fb679a73e6f073e5c2 rw,seclabel,discard,stripe=16,data=ordered
+    171 35 253:16 / /var/lib/docker/devicemapper/mnt/c71be651f114db95180e472f7871b74fa597ee70a58ccc35cb87139ddea15373 rw,relatime shared:153 - ext4 /dev/mapper/docker-253:2-425882-c71be651f114db95180e472f7871b74fa597ee70a58ccc35cb87139ddea15373 rw,seclabel,discard,stripe=16,data=ordered
+    175 35 253:17 / /var/lib/docker/devicemapper/mnt/1bac6ab72862d2d5626560df6197cf12036b82e258c53d981fa29adce6f06c3c rw,relatime shared:157 - ext4 /dev/mapper/docker-253:2-425882-1bac6ab72862d2d5626560df6197cf12036b82e258c53d981fa29adce6f06c3c rw,seclabel,discard,stripe=16,data=ordered
+    179 35 253:18 / /var/lib/docker/devicemapper/mnt/d710a357d77158e80d5b2c55710ae07c94e76d34d21ee7bae65ce5418f739b09 rw,relatime shared:161 - ext4 /dev/mapper/docker-253:2-425882-d710a357d77158e80d5b2c55710ae07c94e76d34d21ee7bae65ce5418f739b09 rw,seclabel,discard,stripe=16,data=ordered
+    183 35 253:19 / /var/lib/docker/devicemapper/mnt/6479f52366114d5f518db6837254baab48fab39f2ac38d5099250e9a6ceae6c7 rw,relatime shared:165 - ext4 /dev/mapper/docker-253:2-425882-6479f52366114d5f518db6837254baab48fab39f2ac38d5099250e9a6ceae6c7 rw,seclabel,discard,stripe=16,data=ordered
+    187 35 253:20 / /var/lib/docker/devicemapper/mnt/8d9df91c4cca5aef49eeb2725292aab324646f723a7feab56be34c2ad08268e1 rw,relatime shared:169 - ext4 /dev/mapper/docker-253:2-425882-8d9df91c4cca5aef49eeb2725292aab324646f723a7feab56be34c2ad08268e1 rw,seclabel,discard,stripe=16,data=ordered
+    191 35 253:21 / /var/lib/docker/devicemapper/mnt/c8240b768603d32e920d365dc9d1dc2a6af46cd23e7ae819947f969e1b4ec661 rw,relatime shared:173 - ext4 /dev/mapper/docker-253:2-425882-c8240b768603d32e920d365dc9d1dc2a6af46cd23e7ae819947f969e1b4ec661 rw,seclabel,discard,stripe=16,data=ordered
+    195 35 253:22 / /var/lib/docker/devicemapper/mnt/2eb3a01278380bbf3ed12d86ac629eaa70a4351301ee307a5cabe7b5f3b1615f rw,relatime shared:177 - ext4 /dev/mapper/docker-253:2-425882-2eb3a01278380bbf3ed12d86ac629eaa70a4351301ee307a5cabe7b5f3b1615f rw,seclabel,discard,stripe=16,data=ordered
+    199 35 253:23 / /var/lib/docker/devicemapper/mnt/37a17fb7c9d9b80821235d5f2662879bd3483915f245f9b49cdaa0e38779b70b rw,relatime shared:181 - ext4 /dev/mapper/docker-253:2-425882-37a17fb7c9d9b80821235d5f2662879bd3483915f245f9b49cdaa0e38779b70b rw,seclabel,discard,stripe=16,data=ordered
+    203 35 253:24 / /var/lib/docker/devicemapper/mnt/aea459ae930bf1de913e2f29428fd80ee678a1e962d4080019d9f9774331ee2b rw,relatime shared:185 - ext4 /dev/mapper/docker-253:2-425882-aea459ae930bf1de913e2f29428fd80ee678a1e962d4080019d9f9774331ee2b rw,seclabel,discard,stripe=16,data=ordered
+    207 35 253:25 / /var/lib/docker/devicemapper/mnt/928ead0bc06c454bd9f269e8585aeae0a6bd697f46dc8754c2a91309bc810882 rw,relatime shared:189 - ext4 /dev/mapper/docker-253:2-425882-928ead0bc06c454bd9f269e8585aeae0a6bd697f46dc8754c2a91309bc810882 rw,seclabel,discard,stripe=16,data=ordered
+    211 35 253:26 / /var/lib/docker/devicemapper/mnt/0f284d18481d671644706e7a7244cbcf63d590d634cc882cb8721821929d0420 rw,relatime shared:193 - ext4 /dev/mapper/docker-253:2-425882-0f284d18481d671644706e7a7244cbcf63d590d634cc882cb8721821929d0420 rw,seclabel,discard,stripe=16,data=ordered
+    215 35 253:27 / /var/lib/docker/devicemapper/mnt/d9dd16722ab34c38db2733e23f69e8f4803ce59658250dd63e98adff95d04919 rw,relatime shared:197 - ext4 /dev/mapper/docker-253:2-425882-d9dd16722ab34c38db2733e23f69e8f4803ce59658250dd63e98adff95d04919 rw,seclabel,discard,stripe=16,data=ordered
+    219 35 253:28 / /var/lib/docker/devicemapper/mnt/bc4500479f18c2c08c21ad5282e5f826a016a386177d9874c2764751c031d634 rw,relatime shared:201 - ext4 /dev/mapper/docker-253:2-425882-bc4500479f18c2c08c21ad5282e5f826a016a386177d9874c2764751c031d634 rw,seclabel,discard,stripe=16,data=ordered
+    223 35 253:29 / /var/lib/docker/devicemapper/mnt/7770c8b24eb3d5cc159a065910076938910d307ab2f5d94e1dc3b24c06ee2c8a rw,relatime shared:205 - ext4 /dev/mapper/docker-253:2-425882-7770c8b24eb3d5cc159a065910076938910d307ab2f5d94e1dc3b24c06ee2c8a rw,seclabel,discard,stripe=16,data=ordered
+    227 35 253:30 / /var/lib/docker/devicemapper/mnt/c280cd3d0bf0aa36b478b292279671624cceafc1a67eaa920fa1082601297adf rw,relatime shared:209 - ext4 /dev/mapper/docker-253:2-425882-c280cd3d0bf0aa36b478b292279671624cceafc1a67eaa920fa1082601297adf rw,seclabel,discard,stripe=16,data=ordered
+    231 35 253:31 / /var/lib/docker/devicemapper/mnt/8b59a7d9340279f09fea67fd6ad89ddef711e9e7050eb647984f8b5ef006335f rw,relatime shared:213 - ext4 /dev/mapper/docker-253:2-425882-8b59a7d9340279f09fea67fd6ad89ddef711e9e7050eb647984f8b5ef006335f rw,seclabel,discard,stripe=16,data=ordered
+    235 35 253:32 / /var/lib/docker/devicemapper/mnt/1a28059f29eda821578b1bb27a60cc71f76f846a551abefabce6efd0146dce9f rw,relatime shared:217 - ext4 /dev/mapper/docker-253:2-425882-1a28059f29eda821578b1bb27a60cc71f76f846a551abefabce6efd0146dce9f rw,seclabel,discard,stripe=16,data=ordered
+    239 35 253:33 / /var/lib/docker/devicemapper/mnt/e9aa60c60128cad1 rw,relatime shared:221 - ext4 /dev/mapper/docker-253:2-425882-e9aa60c60128cad1 rw,seclabel,discard,stripe=16,data=ordered
+    243 35 253:34 / /var/lib/docker/devicemapper/mnt/5fec11304b6f4713fea7b6ccdcc1adc0a1966187f590fe25a8227428a8df275d-init rw,relatime shared:225 - ext4 /dev/mapper/docker-253:2-425882-5fec11304b6f4713fea7b6ccdcc1adc0a1966187f590fe25a8227428a8df275d-init rw,seclabel,discard,stripe=16,data=ordered
+    247 35 253:35 / /var/lib/docker/devicemapper/mnt/5fec11304b6f4713fea7b6ccdcc1adc0a1966187f590fe25a8227428a8df275d rw,relatime shared:229 - ext4 /dev/mapper/docker-253:2-425882-5fec11304b6f4713fea7b6ccdcc1adc0a1966187f590fe25a8227428a8df275d rw,seclabel,discard,stripe=16,data=ordered
+    31 21 0:23 / /DATA/foo_bla_bla rw,relatime - cifs //foo/BLA\040BLA\040BLA/ rw,sec=ntlm,cache=loose,unc=\\foo\BLA BLA BLA,username=my_login,domain=mydomain.com,uid=12345678,forceuid,gid=12345678,forcegid,addr=10.1.30.10,file_mode=0755,dir_mode=0755,nounix,rsize=61440,wsize=65536,actimeo=1`
+
+	ubuntuMountInfo = `15 20 0:14 / /sys rw,nosuid,nodev,noexec,relatime - sysfs sysfs rw
+16 20 0:3 / /proc rw,nosuid,nodev,noexec,relatime - proc proc rw
+17 20 0:5 / /dev rw,relatime - devtmpfs udev rw,size=1015140k,nr_inodes=253785,mode=755
+18 17 0:11 / /dev/pts rw,nosuid,noexec,relatime - devpts devpts rw,gid=5,mode=620,ptmxmode=000
+19 20 0:15 / /run rw,nosuid,noexec,relatime - tmpfs tmpfs rw,size=205044k,mode=755
+20 1 253:0 / / rw,relatime - ext4 /dev/disk/by-label/DOROOT rw,errors=remount-ro,data=ordered
+21 15 0:16 / /sys/fs/cgroup rw,relatime - tmpfs none rw,size=4k,mode=755
+22 15 0:17 / /sys/fs/fuse/connections rw,relatime - fusectl none rw
+23 15 0:6 / /sys/kernel/debug rw,relatime - debugfs none rw
+24 15 0:10 / /sys/kernel/security rw,relatime - securityfs none rw
+25 19 0:18 / /run/lock rw,nosuid,nodev,noexec,relatime - tmpfs none rw,size=5120k
+26 21 0:19 / /sys/fs/cgroup/cpuset rw,relatime - cgroup cgroup rw,cpuset,clone_children
+27 19 0:20 / /run/shm rw,nosuid,nodev,relatime - tmpfs none rw
+28 21 0:21 / /sys/fs/cgroup/cpu rw,relatime - cgroup cgroup rw,cpu
+29 19 0:22 / /run/user rw,nosuid,nodev,noexec,relatime - tmpfs none rw,size=102400k,mode=755
+30 15 0:23 / /sys/fs/pstore rw,relatime - pstore none rw
+31 21 0:24 / /sys/fs/cgroup/cpuacct rw,relatime - cgroup cgroup rw,cpuacct
+32 21 0:25 / /sys/fs/cgroup/memory rw,relatime - cgroup cgroup rw,memory
+33 21 0:26 / /sys/fs/cgroup/devices rw,relatime - cgroup cgroup rw,devices
+34 21 0:27 / /sys/fs/cgroup/freezer rw,relatime - cgroup cgroup rw,freezer
+35 21 0:28 / /sys/fs/cgroup/blkio rw,relatime - cgroup cgroup rw,blkio
+36 21 0:29 / /sys/fs/cgroup/perf_event rw,relatime - cgroup cgroup rw,perf_event
+37 21 0:30 / /sys/fs/cgroup/hugetlb rw,relatime - cgroup cgroup rw,hugetlb
+38 21 0:31 / /sys/fs/cgroup/systemd rw,nosuid,nodev,noexec,relatime - cgroup systemd rw,name=systemd
+39 20 0:32 / /var/lib/docker/aufs/mnt/b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc rw,relatime - aufs none rw,si=caafa54fdc06525
+40 20 0:33 / /var/lib/docker/aufs/mnt/2eed44ac7ce7c75af04f088ed6cb4ce9d164801e91d78c6db65d7ef6d572bba8-init rw,relatime - aufs none rw,si=caafa54f882b525
+41 20 0:34 / /var/lib/docker/aufs/mnt/2eed44ac7ce7c75af04f088ed6cb4ce9d164801e91d78c6db65d7ef6d572bba8 rw,relatime - aufs none rw,si=caafa54f8829525
+42 20 0:35 / /var/lib/docker/aufs/mnt/16f4d7e96dd612903f425bfe856762f291ff2e36a8ecd55a2209b7d7cd81c30b rw,relatime - aufs none rw,si=caafa54f882d525
+43 20 0:36 / /var/lib/docker/aufs/mnt/63ca08b75d7438a9469a5954e003f48ffede73541f6286ce1cb4d7dd4811da7e-init rw,relatime - aufs none rw,si=caafa54f882f525
+44 20 0:37 / /var/lib/docker/aufs/mnt/63ca08b75d7438a9469a5954e003f48ffede73541f6286ce1cb4d7dd4811da7e rw,relatime - aufs none rw,si=caafa54f88ba525
+45 20 0:38 / /var/lib/docker/aufs/mnt/283f35a910233c756409313be71ecd8fcfef0df57108b8d740b61b3e88860452 rw,relatime - aufs none rw,si=caafa54f88b8525
+46 20 0:39 / /var/lib/docker/aufs/mnt/2c6c7253d4090faa3886871fb21bd660609daeb0206588c0602007f7d0f254b1-init rw,relatime - aufs none rw,si=caafa54f88be525
+47 20 0:40 / /var/lib/docker/aufs/mnt/2c6c7253d4090faa3886871fb21bd660609daeb0206588c0602007f7d0f254b1 rw,relatime - aufs none rw,si=caafa54f882c525
+48 20 0:41 / /var/lib/docker/aufs/mnt/de2b538c97d6366cc80e8658547c923ea1d042f85580df379846f36a4df7049d rw,relatime - aufs none rw,si=caafa54f85bb525
+49 20 0:42 / /var/lib/docker/aufs/mnt/94a3d8ed7c27e5b0aa71eba46c736bfb2742afda038e74f2dd6035fb28415b49-init rw,relatime - aufs none rw,si=caafa54fdc00525
+50 20 0:43 / /var/lib/docker/aufs/mnt/94a3d8ed7c27e5b0aa71eba46c736bfb2742afda038e74f2dd6035fb28415b49 rw,relatime - aufs none rw,si=caafa54fbaec525
+51 20 0:44 / /var/lib/docker/aufs/mnt/6ac1cace985c9fc9bea32234de8b36dba49bdd5e29a2972b327ff939d78a6274 rw,relatime - aufs none rw,si=caafa54f8e1a525
+52 20 0:45 / /var/lib/docker/aufs/mnt/dff147033e3a0ef061e1de1ad34256b523d4a8c1fa6bba71a0ab538e8628ff0b-init rw,relatime - aufs none rw,si=caafa54f8e1d525
+53 20 0:46 / /var/lib/docker/aufs/mnt/dff147033e3a0ef061e1de1ad34256b523d4a8c1fa6bba71a0ab538e8628ff0b rw,relatime - aufs none rw,si=caafa54f8e1b525
+54 20 0:47 / /var/lib/docker/aufs/mnt/cabb117d997f0f93519185aea58389a9762770b7496ed0b74a3e4a083fa45902 rw,relatime - aufs none rw,si=caafa54f810a525
+55 20 0:48 / /var/lib/docker/aufs/mnt/e1c8a94ffaa9d532bbbdc6ef771ce8a6c2c06757806ecaf8b68e9108fec65f33-init rw,relatime - aufs none rw,si=caafa54f8529525
+56 20 0:49 / /var/lib/docker/aufs/mnt/e1c8a94ffaa9d532bbbdc6ef771ce8a6c2c06757806ecaf8b68e9108fec65f33 rw,relatime - aufs none rw,si=caafa54f852f525
+57 20 0:50 / /var/lib/docker/aufs/mnt/16a1526fa445b84ce84f89506d219e87fa488a814063baf045d88b02f21166b3 rw,relatime - aufs none rw,si=caafa54f9e1d525
+58 20 0:51 / /var/lib/docker/aufs/mnt/57b9c92e1e368fa7dbe5079f7462e917777829caae732828b003c355fe49da9f-init rw,relatime - aufs none rw,si=caafa54f854d525
+59 20 0:52 / /var/lib/docker/aufs/mnt/57b9c92e1e368fa7dbe5079f7462e917777829caae732828b003c355fe49da9f rw,relatime - aufs none rw,si=caafa54f854e525
+60 20 0:53 / /var/lib/docker/aufs/mnt/e370c3e286bea027917baa0e4d251262681a472a87056e880dfd0513516dffd9 rw,relatime - aufs none rw,si=caafa54f840a525
+61 20 0:54 / /var/lib/docker/aufs/mnt/6b00d3b4f32b41997ec07412b5e18204f82fbe643e7122251cdeb3582abd424e-init rw,relatime - aufs none rw,si=caafa54f8408525
+62 20 0:55 / /var/lib/docker/aufs/mnt/6b00d3b4f32b41997ec07412b5e18204f82fbe643e7122251cdeb3582abd424e rw,relatime - aufs none rw,si=caafa54f8409525
+63 20 0:56 / /var/lib/docker/aufs/mnt/abd0b5ea5d355a67f911475e271924a5388ee60c27185fcd60d095afc4a09dc7 rw,relatime - aufs none rw,si=caafa54f9eb1525
+64 20 0:57 / /var/lib/docker/aufs/mnt/336222effc3f7b89867bb39ff7792ae5412c35c749f127c29159d046b6feedd2-init rw,relatime - aufs none rw,si=caafa54f85bf525
+65 20 0:58 / /var/lib/docker/aufs/mnt/336222effc3f7b89867bb39ff7792ae5412c35c749f127c29159d046b6feedd2 rw,relatime - aufs none rw,si=caafa54f85b8525
+66 20 0:59 / /var/lib/docker/aufs/mnt/912e1bf28b80a09644503924a8a1a4fb8ed10b808ca847bda27a369919aa52fa rw,relatime - aufs none rw,si=caafa54fbaea525
+67 20 0:60 / /var/lib/docker/aufs/mnt/386f722875013b4a875118367abc783fc6617a3cb7cf08b2b4dcf550b4b9c576-init rw,relatime - aufs none rw,si=caafa54f8472525
+68 20 0:61 / /var/lib/docker/aufs/mnt/386f722875013b4a875118367abc783fc6617a3cb7cf08b2b4dcf550b4b9c576 rw,relatime - aufs none rw,si=caafa54f8474525
+69 20 0:62 / /var/lib/docker/aufs/mnt/5aaebb79ef3097dfca377889aeb61a0c9d5e3795117d2b08d0751473c671dfb2 rw,relatime - aufs none rw,si=caafa54f8c5e525
+70 20 0:63 / /var/lib/docker/aufs/mnt/5ba3e493279d01277d583600b81c7c079e691b73c3a2bdea8e4b12a35a418be2-init rw,relatime - aufs none rw,si=caafa54f8c3b525
+71 20 0:64 / /var/lib/docker/aufs/mnt/5ba3e493279d01277d583600b81c7c079e691b73c3a2bdea8e4b12a35a418be2 rw,relatime - aufs none rw,si=caafa54f8c3d525
+72 20 0:65 / /var/lib/docker/aufs/mnt/2777f0763da4de93f8bebbe1595cc77f739806a158657b033eca06f827b6028a rw,relatime - aufs none rw,si=caafa54f8c3e525
+73 20 0:66 / /var/lib/docker/aufs/mnt/5d7445562acf73c6f0ae34c3dd0921d7457de1ba92a587d9e06a44fa209eeb3e-init rw,relatime - aufs none rw,si=caafa54f8c39525
+74 20 0:67 / /var/lib/docker/aufs/mnt/5d7445562acf73c6f0ae34c3dd0921d7457de1ba92a587d9e06a44fa209eeb3e rw,relatime - aufs none rw,si=caafa54f854f525
+75 20 0:68 / /var/lib/docker/aufs/mnt/06400b526ec18b66639c96efc41a84f4ae0b117cb28dafd56be420651b4084a0 rw,relatime - aufs none rw,si=caafa54f840b525
+76 20 0:69 / /var/lib/docker/aufs/mnt/e051d45ec42d8e3e1cc57bb39871a40de486dc123522e9c067fbf2ca6a357785-init rw,relatime - aufs none rw,si=caafa54fdddf525
+77 20 0:70 / /var/lib/docker/aufs/mnt/e051d45ec42d8e3e1cc57bb39871a40de486dc123522e9c067fbf2ca6a357785 rw,relatime - aufs none rw,si=caafa54f854b525
+78 20 0:71 / /var/lib/docker/aufs/mnt/1ff414fa93fd61ec81b0ab7b365a841ff6545accae03cceac702833aaeaf718f rw,relatime - aufs none rw,si=caafa54f8d85525
+79 20 0:72 / /var/lib/docker/aufs/mnt/c661b2f871dd5360e46a2aebf8f970f6d39a2ff64e06979aa0361227c88128b8-init rw,relatime - aufs none rw,si=caafa54f8da3525
+80 20 0:73 / /var/lib/docker/aufs/mnt/c661b2f871dd5360e46a2aebf8f970f6d39a2ff64e06979aa0361227c88128b8 rw,relatime - aufs none rw,si=caafa54f8da2525
+81 20 0:74 / /var/lib/docker/aufs/mnt/b68b1d4fe4d30016c552398e78b379a39f651661d8e1fa5f2460c24a5e723420 rw,relatime - aufs none rw,si=caafa54f8d81525
+82 20 0:75 / /var/lib/docker/aufs/mnt/c5c5979c936cd0153a4c626fa9d69ce4fce7d924cc74fa68b025d2f585031739-init rw,relatime - aufs none rw,si=caafa54f8da1525
+83 20 0:76 / /var/lib/docker/aufs/mnt/c5c5979c936cd0153a4c626fa9d69ce4fce7d924cc74fa68b025d2f585031739 rw,relatime - aufs none rw,si=caafa54f8da0525
+84 20 0:77 / /var/lib/docker/aufs/mnt/53e10b0329afc0e0d3322d31efaed4064139dc7027fe6ae445cffd7104bcc94f rw,relatime - aufs none rw,si=caafa54f8c35525
+85 20 0:78 / /var/lib/docker/aufs/mnt/3bfafd09ff2603e2165efacc2215c1f51afabba6c42d04a68cc2df0e8cc31494-init rw,relatime - aufs none rw,si=caafa54f8db8525
+86 20 0:79 / /var/lib/docker/aufs/mnt/3bfafd09ff2603e2165efacc2215c1f51afabba6c42d04a68cc2df0e8cc31494 rw,relatime - aufs none rw,si=caafa54f8dba525
+87 20 0:80 / /var/lib/docker/aufs/mnt/90fdd2c03eeaf65311f88f4200e18aef6d2772482712d9aea01cd793c64781b5 rw,relatime - aufs none rw,si=caafa54f8315525
+88 20 0:81 / /var/lib/docker/aufs/mnt/7bdf2591c06c154ceb23f5e74b1d03b18fbf6fe96e35fbf539b82d446922442f-init rw,relatime - aufs none rw,si=caafa54f8fc6525
+89 20 0:82 / /var/lib/docker/aufs/mnt/7bdf2591c06c154ceb23f5e74b1d03b18fbf6fe96e35fbf539b82d446922442f rw,relatime - aufs none rw,si=caafa54f8468525
+90 20 0:83 / /var/lib/docker/aufs/mnt/8cf9a993f50f3305abad3da268c0fc44ff78a1e7bba595ef9de963497496c3f9 rw,relatime - aufs none rw,si=caafa54f8c59525
+91 20 0:84 / /var/lib/docker/aufs/mnt/ecc896fd74b21840a8d35e8316b92a08b1b9c83d722a12acff847e9f0ff17173-init rw,relatime - aufs none rw,si=caafa54f846a525
+92 20 0:85 / /var/lib/docker/aufs/mnt/ecc896fd74b21840a8d35e8316b92a08b1b9c83d722a12acff847e9f0ff17173 rw,relatime - aufs none rw,si=caafa54f846b525
+93 20 0:86 / /var/lib/docker/aufs/mnt/d8c8288ec920439a48b5796bab5883ee47a019240da65e8d8f33400c31bac5df rw,relatime - aufs none rw,si=caafa54f8dbf525
+94 20 0:87 / /var/lib/docker/aufs/mnt/ecba66710bcd03199b9398e46c005cd6b68d0266ec81dc8b722a29cc417997c6-init rw,relatime - aufs none rw,si=caafa54f810f525
+95 20 0:88 / /var/lib/docker/aufs/mnt/ecba66710bcd03199b9398e46c005cd6b68d0266ec81dc8b722a29cc417997c6 rw,relatime - aufs none rw,si=caafa54fbae9525
+96 20 0:89 / /var/lib/docker/aufs/mnt/befc1c67600df449dddbe796c0d06da7caff1d2bbff64cde1f0ba82d224996b5 rw,relatime - aufs none rw,si=caafa54f8dab525
+97 20 0:90 / /var/lib/docker/aufs/mnt/c9f470e73d2742629cdc4084a1b2c1a8302914f2aa0d0ec4542371df9a050562-init rw,relatime - aufs none rw,si=caafa54fdc02525
+98 20 0:91 / /var/lib/docker/aufs/mnt/c9f470e73d2742629cdc4084a1b2c1a8302914f2aa0d0ec4542371df9a050562 rw,relatime - aufs none rw,si=caafa54f9eb0525
+99 20 0:92 / /var/lib/docker/aufs/mnt/2a31f10029f04ff9d4381167a9b739609853d7220d55a56cb654779a700ee246 rw,relatime - aufs none rw,si=caafa54f8c37525
+100 20 0:93 / /var/lib/docker/aufs/mnt/8c4261b8e3e4b21ebba60389bd64b6261217e7e6b9fd09e201d5a7f6760f6927-init rw,relatime - aufs none rw,si=caafa54fd173525
+101 20 0:94 / /var/lib/docker/aufs/mnt/8c4261b8e3e4b21ebba60389bd64b6261217e7e6b9fd09e201d5a7f6760f6927 rw,relatime - aufs none rw,si=caafa54f8108525
+102 20 0:95 / /var/lib/docker/aufs/mnt/eaa0f57403a3dc685268f91df3fbcd7a8423cee50e1a9ee5c3e1688d9d676bb4 rw,relatime - aufs none rw,si=caafa54f852d525
+103 20 0:96 / /var/lib/docker/aufs/mnt/9cfe69a2cbffd9bfc7f396d4754f6fe5cc457ef417b277797be3762dfe955a6b-init rw,relatime - aufs none rw,si=caafa54f8d80525
+104 20 0:97 / /var/lib/docker/aufs/mnt/9cfe69a2cbffd9bfc7f396d4754f6fe5cc457ef417b277797be3762dfe955a6b rw,relatime - aufs none rw,si=caafa54f8fc3525
+105 20 0:98 / /var/lib/docker/aufs/mnt/d1b322ae17613c6adee84e709641a9244ac56675244a89a64dc0075075fcbb83 rw,relatime - aufs none rw,si=caafa54f8c58525
+106 20 0:99 / /var/lib/docker/aufs/mnt/d46c2a8e9da7e91ab34fd9c192851c246a4e770a46720bda09e55c7554b9dbbd-init rw,relatime - aufs none rw,si=caafa54f8c63525
+107 20 0:100 / /var/lib/docker/aufs/mnt/d46c2a8e9da7e91ab34fd9c192851c246a4e770a46720bda09e55c7554b9dbbd rw,relatime - aufs none rw,si=caafa54f8c67525
+108 20 0:101 / /var/lib/docker/aufs/mnt/bc9d2a264158f83a617a069bf17cbbf2a2ba453db7d3951d9dc63cc1558b1c2b rw,relatime - aufs none rw,si=caafa54f8dbe525
+109 20 0:102 / /var/lib/docker/aufs/mnt/9e6abb8d72bbeb4d5cf24b96018528015ba830ce42b4859965bd482cbd034e99-init rw,relatime - aufs none rw,si=caafa54f9e0d525
+110 20 0:103 / /var/lib/docker/aufs/mnt/9e6abb8d72bbeb4d5cf24b96018528015ba830ce42b4859965bd482cbd034e99 rw,relatime - aufs none rw,si=caafa54f9e1b525
+111 20 0:104 / /var/lib/docker/aufs/mnt/d4dca7b02569c732e740071e1c654d4ad282de5c41edb619af1f0aafa618be26 rw,relatime - aufs none rw,si=caafa54f8dae525
+112 20 0:105 / /var/lib/docker/aufs/mnt/fea63da40fa1c5ffbad430dde0bc64a8fc2edab09a051fff55b673c40a08f6b7-init rw,relatime - aufs none rw,si=caafa54f8c5c525
+113 20 0:106 / /var/lib/docker/aufs/mnt/fea63da40fa1c5ffbad430dde0bc64a8fc2edab09a051fff55b673c40a08f6b7 rw,relatime - aufs none rw,si=caafa54fd172525
+114 20 0:107 / /var/lib/docker/aufs/mnt/e60c57499c0b198a6734f77f660cdbbd950a5b78aa23f470ca4f0cfcc376abef rw,relatime - aufs none rw,si=caafa54909c4525
+115 20 0:108 / /var/lib/docker/aufs/mnt/099c78e7ccd9c8717471bb1bbfff838c0a9913321ba2f214fbeaf92c678e5b35-init rw,relatime - aufs none rw,si=caafa54909c3525
+116 20 0:109 / /var/lib/docker/aufs/mnt/099c78e7ccd9c8717471bb1bbfff838c0a9913321ba2f214fbeaf92c678e5b35 rw,relatime - aufs none rw,si=caafa54909c7525
+117 20 0:110 / /var/lib/docker/aufs/mnt/2997be666d58b9e71469759bcb8bd9608dad0e533a1a7570a896919ba3388825 rw,relatime - aufs none rw,si=caafa54f8557525
+118 20 0:111 / /var/lib/docker/aufs/mnt/730694eff438ef20569df38dfb38a920969d7ff2170cc9aa7cb32a7ed8147a93-init rw,relatime - aufs none rw,si=caafa54c6e88525
+119 20 0:112 / /var/lib/docker/aufs/mnt/730694eff438ef20569df38dfb38a920969d7ff2170cc9aa7cb32a7ed8147a93 rw,relatime - aufs none rw,si=caafa54c6e8e525
+120 20 0:113 / /var/lib/docker/aufs/mnt/a672a1e2f2f051f6e19ed1dfbe80860a2d774174c49f7c476695f5dd1d5b2f67 rw,relatime - aufs none rw,si=caafa54c6e15525
+121 20 0:114 / /var/lib/docker/aufs/mnt/aba3570e17859f76cf29d282d0d150659c6bd80780fdc52a465ba05245c2a420-init rw,relatime - aufs none rw,si=caafa54f8dad525
+122 20 0:115 / /var/lib/docker/aufs/mnt/aba3570e17859f76cf29d282d0d150659c6bd80780fdc52a465ba05245c2a420 rw,relatime - aufs none rw,si=caafa54f8d84525
+123 20 0:116 / /var/lib/docker/aufs/mnt/2abc86007aca46fb4a817a033e2a05ccacae40b78ea4b03f8ea616b9ada40e2e rw,relatime - aufs none rw,si=caafa54c6e8b525
+124 20 0:117 / /var/lib/docker/aufs/mnt/36352f27f7878e648367a135bd1ec3ed497adcb8ac13577ee892a0bd921d2374-init rw,relatime - aufs none rw,si=caafa54c6e8d525
+125 20 0:118 / /var/lib/docker/aufs/mnt/36352f27f7878e648367a135bd1ec3ed497adcb8ac13577ee892a0bd921d2374 rw,relatime - aufs none rw,si=caafa54f8c34525
+126 20 0:119 / /var/lib/docker/aufs/mnt/2f95ca1a629cea8363b829faa727dd52896d5561f2c96ddee4f697ea2fc872c2 rw,relatime - aufs none rw,si=caafa54c6e8a525
+127 20 0:120 / /var/lib/docker/aufs/mnt/f108c8291654f179ef143a3e07de2b5a34adbc0b28194a0ab17742b6db9a7fb2-init rw,relatime - aufs none rw,si=caafa54f8e19525
+128 20 0:121 / /var/lib/docker/aufs/mnt/f108c8291654f179ef143a3e07de2b5a34adbc0b28194a0ab17742b6db9a7fb2 rw,relatime - aufs none rw,si=caafa54fa8c6525
+129 20 0:122 / /var/lib/docker/aufs/mnt/c1d04dfdf8cccb3676d5a91e84e9b0781ce40623d127d038bcfbe4c761b27401 rw,relatime - aufs none rw,si=caafa54f8c30525
+130 20 0:123 / /var/lib/docker/aufs/mnt/3f4898ffd0e1239aeebf1d1412590cdb7254207fa3883663e2c40cf772e5f05a-init rw,relatime - aufs none rw,si=caafa54c6e1a525
+131 20 0:124 / /var/lib/docker/aufs/mnt/3f4898ffd0e1239aeebf1d1412590cdb7254207fa3883663e2c40cf772e5f05a rw,relatime - aufs none rw,si=caafa54c6e1c525
+132 20 0:125 / /var/lib/docker/aufs/mnt/5ae3b6fccb1539fc02d420e86f3e9637bef5b711fed2ca31a2f426c8f5deddbf rw,relatime - aufs none rw,si=caafa54c4fea525
+133 20 0:126 / /var/lib/docker/aufs/mnt/310bfaf80d57020f2e73b06aeffb0b9b0ca2f54895f88bf5e4d1529ccac58fe0-init rw,relatime - aufs none rw,si=caafa54c6e1e525
+134 20 0:127 / /var/lib/docker/aufs/mnt/310bfaf80d57020f2e73b06aeffb0b9b0ca2f54895f88bf5e4d1529ccac58fe0 rw,relatime - aufs none rw,si=caafa54fa8c0525
+135 20 0:128 / /var/lib/docker/aufs/mnt/f382bd5aaccaf2d04a59089ac7cb12ec87efd769fd0c14d623358fbfd2a3f896 rw,relatime - aufs none rw,si=caafa54c4fec525
+136 20 0:129 / /var/lib/docker/aufs/mnt/50d45e9bb2d779bc6362824085564c7578c231af5ae3b3da116acf7e17d00735-init rw,relatime - aufs none rw,si=caafa54c4fef525
+137 20 0:130 / /var/lib/docker/aufs/mnt/50d45e9bb2d779bc6362824085564c7578c231af5ae3b3da116acf7e17d00735 rw,relatime - aufs none rw,si=caafa54c4feb525
+138 20 0:131 / /var/lib/docker/aufs/mnt/a9c5ee0854dc083b6bf62b7eb1e5291aefbb10702289a446471ce73aba0d5d7d rw,relatime - aufs none rw,si=caafa54909c6525
+139 20 0:134 / /var/lib/docker/aufs/mnt/03a613e7bd5078819d1fd92df4e671c0127559a5e0b5a885cc8d5616875162f0-init rw,relatime - aufs none rw,si=caafa54804fe525
+140 20 0:135 / /var/lib/docker/aufs/mnt/03a613e7bd5078819d1fd92df4e671c0127559a5e0b5a885cc8d5616875162f0 rw,relatime - aufs none rw,si=caafa54804fa525
+141 20 0:136 / /var/lib/docker/aufs/mnt/7ec3277e5c04c907051caf9c9c35889f5fcd6463e5485971b25404566830bb70 rw,relatime - aufs none rw,si=caafa54804f9525
+142 20 0:139 / /var/lib/docker/aufs/mnt/26b5b5d71d79a5b2bfcf8bc4b2280ee829f261eb886745dd90997ed410f7e8b8-init rw,relatime - aufs none rw,si=caafa54c6ef6525
+143 20 0:140 / /var/lib/docker/aufs/mnt/26b5b5d71d79a5b2bfcf8bc4b2280ee829f261eb886745dd90997ed410f7e8b8 rw,relatime - aufs none rw,si=caafa54c6ef5525
+144 20 0:356 / /var/lib/docker/aufs/mnt/e6ecde9e2c18cd3c75f424c67b6d89685cfee0fc67abf2cb6bdc0867eb998026 rw,relatime - aufs none rw,si=caafa548068e525`
+
+	gentooMountinfo = `15 1 8:6 / / rw,noatime,nodiratime - ext4 /dev/sda6 rw,data=ordered
+16 15 0:3 / /proc rw,nosuid,nodev,noexec,relatime - proc proc rw
+17 15 0:14 / /run rw,nosuid,nodev,relatime - tmpfs tmpfs rw,size=3292172k,mode=755
+18 15 0:5 / /dev rw,nosuid,relatime - devtmpfs udev rw,size=10240k,nr_inodes=4106451,mode=755
+19 18 0:12 / /dev/mqueue rw,nosuid,nodev,noexec,relatime - mqueue mqueue rw
+20 18 0:10 / /dev/pts rw,nosuid,noexec,relatime - devpts devpts rw,gid=5,mode=620,ptmxmode=000
+21 18 0:15 / /dev/shm rw,nosuid,nodev,noexec,relatime - tmpfs shm rw
+22 15 0:16 / /sys rw,nosuid,nodev,noexec,relatime - sysfs sysfs rw
+23 22 0:7 / /sys/kernel/debug rw,nosuid,nodev,noexec,relatime - debugfs debugfs rw
+24 22 0:17 / /sys/fs/cgroup rw,nosuid,nodev,noexec,relatime - tmpfs cgroup_root rw,size=10240k,mode=755
+25 24 0:18 / /sys/fs/cgroup/openrc rw,nosuid,nodev,noexec,relatime - cgroup openrc rw,release_agent=/lib64/rc/sh/cgroup-release-agent.sh,name=openrc
+26 24 0:19 / /sys/fs/cgroup/cpuset rw,nosuid,nodev,noexec,relatime - cgroup cpuset rw,cpuset,clone_children
+27 24 0:20 / /sys/fs/cgroup/cpu rw,nosuid,nodev,noexec,relatime - cgroup cpu rw,cpu,clone_children
+28 24 0:21 / /sys/fs/cgroup/cpuacct rw,nosuid,nodev,noexec,relatime - cgroup cpuacct rw,cpuacct,clone_children
+29 24 0:22 / /sys/fs/cgroup/memory rw,nosuid,nodev,noexec,relatime - cgroup memory rw,memory,clone_children
+30 24 0:23 / /sys/fs/cgroup/devices rw,nosuid,nodev,noexec,relatime - cgroup devices rw,devices,clone_children
+31 24 0:24 / /sys/fs/cgroup/freezer rw,nosuid,nodev,noexec,relatime - cgroup freezer rw,freezer,clone_children
+32 24 0:25 / /sys/fs/cgroup/blkio rw,nosuid,nodev,noexec,relatime - cgroup blkio rw,blkio,clone_children
+33 15 8:1 / /boot rw,noatime,nodiratime - vfat /dev/sda1 rw,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro
+34 15 8:18 / /mnt/xfs rw,noatime,nodiratime - xfs /dev/sdb2 rw,attr2,inode64,noquota
+35 15 0:26 / /tmp rw,relatime - tmpfs tmpfs rw
+36 16 0:27 / /proc/sys/fs/binfmt_misc rw,nosuid,nodev,noexec,relatime - binfmt_misc binfmt_misc rw
+42 15 0:33 / /var/lib/nfs/rpc_pipefs rw,relatime - rpc_pipefs rpc_pipefs rw
+43 16 0:34 / /proc/fs/nfsd rw,nosuid,nodev,noexec,relatime - nfsd nfsd rw
+44 15 0:35 / /home/tianon/.gvfs rw,nosuid,nodev,relatime - fuse.gvfs-fuse-daemon gvfs-fuse-daemon rw,user_id=1000,group_id=1000
+68 15 0:3336 / /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd rw,relatime - aufs none rw,si=9b4a7640128db39c
+86 68 8:6 /var/lib/docker/containers/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/config.env /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/.dockerenv rw,noatime,nodiratime - ext4 /dev/sda6 rw,data=ordered
+87 68 8:6 /etc/resolv.conf /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/etc/resolv.conf rw,noatime,nodiratime - ext4 /dev/sda6 rw,data=ordered
+88 68 8:6 /var/lib/docker/containers/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/hostname /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/etc/hostname rw,noatime,nodiratime - ext4 /dev/sda6 rw,data=ordered
+89 68 8:6 /var/lib/docker/containers/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/hosts /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/etc/hosts rw,noatime,nodiratime - ext4 /dev/sda6 rw,data=ordered
+38 15 0:3384 / /var/lib/docker/aufs/mnt/0292005a9292401bb5197657f2b682d97d8edcb3b72b5e390d2a680139985b55 rw,relatime - aufs none rw,si=9b4a7642b584939c
+39 15 0:3385 / /var/lib/docker/aufs/mnt/59db98c889de5f71b70cfb82c40cbe47b64332f0f56042a2987a9e5df6e5e3aa rw,relatime - aufs none rw,si=9b4a7642b584e39c
+40 15 0:3386 / /var/lib/docker/aufs/mnt/0545f0f2b6548eb9601d08f35a08f5a0a385407d36027a28f58e06e9f61e0278 rw,relatime - aufs none rw,si=9b4a7642b584b39c
+41 15 0:3387 / /var/lib/docker/aufs/mnt/d882cfa16d1aa8fe0331a36e79be3d80b151e49f24fc39a39c3fed1735d5feb5 rw,relatime - aufs none rw,si=9b4a76453040039c
+45 15 0:3388 / /var/lib/docker/aufs/mnt/055ca3befcb1626e74f5344b3398724ff05c0de0e20021683d04305c9e70a3f6 rw,relatime - aufs none rw,si=9b4a76453040739c
+46 15 0:3389 / /var/lib/docker/aufs/mnt/b899e4567a351745d4285e7f1c18fdece75d877deb3041981cd290be348b7aa6 rw,relatime - aufs none rw,si=9b4a7647def4039c
+47 15 0:3390 / /var/lib/docker/aufs/mnt/067ca040292c58954c5129f953219accfae0d40faca26b4d05e76ca76a998f16 rw,relatime - aufs none rw,si=9b4a7647def4239c
+48 15 0:3391 / /var/lib/docker/aufs/mnt/8c995e7cb6e5082742daeea720e340b021d288d25d92e0412c03d200df308a11 rw,relatime - aufs none rw,si=9b4a764479c1639c
+49 15 0:3392 / /var/lib/docker/aufs/mnt/07cc54dfae5b45300efdacdd53cc72c01b9044956a86ce7bff42d087e426096d rw,relatime - aufs none rw,si=9b4a764479c1739c
+50 15 0:3393 / /var/lib/docker/aufs/mnt/0a9c95cf4c589c05b06baa79150b0cc1d8e7102759fe3ce4afaabb8247ca4f85 rw,relatime - aufs none rw,si=9b4a7644059c839c
+51 15 0:3394 / /var/lib/docker/aufs/mnt/468fa98cececcf4e226e8370f18f4f848d63faf287fb8321a07f73086441a3a0 rw,relatime - aufs none rw,si=9b4a7644059ca39c
+52 15 0:3395 / /var/lib/docker/aufs/mnt/0b826192231c5ce066fffb5beff4397337b5fc19a377aa7c6282c7c0ce7f111f rw,relatime - aufs none rw,si=9b4a764479c1339c
+53 15 0:3396 / /var/lib/docker/aufs/mnt/93b8ba1b772fbe79709b909c43ea4b2c30d712e53548f467db1ffdc7a384f196 rw,relatime - aufs none rw,si=9b4a7640798a739c
+54 15 0:3397 / /var/lib/docker/aufs/mnt/0c0d0acfb506859b12ef18cdfef9ebed0b43a611482403564224bde9149d373c rw,relatime - aufs none rw,si=9b4a7640798a039c
+55 15 0:3398 / /var/lib/docker/aufs/mnt/33648c39ab6c7c74af0243d6d6a81b052e9e25ad1e04b19892eb2dde013e358b rw,relatime - aufs none rw,si=9b4a7644b439b39c
+56 15 0:3399 / /var/lib/docker/aufs/mnt/0c12bea97a1c958a3c739fb148536c1c89351d48e885ecda8f0499b5cc44407e rw,relatime - aufs none rw,si=9b4a7640798a239c
+57 15 0:3400 / /var/lib/docker/aufs/mnt/ed443988ce125f172d7512e84a4de2627405990fd767a16adefa8ce700c19ce8 rw,relatime - aufs none rw,si=9b4a7644c8ed339c
+59 15 0:3402 / /var/lib/docker/aufs/mnt/f61612c324ff3c924d3f7a82fb00a0f8d8f73c248c41897061949e9f5ab7e3b1 rw,relatime - aufs none rw,si=9b4a76442810c39c
+60 15 0:3403 / /var/lib/docker/aufs/mnt/0f1ee55c6c4e25027b80de8e64b8b6fb542b3b41aa0caab9261da75752e22bfd rw,relatime - aufs none rw,si=9b4a76442810e39c
+61 15 0:3404 / /var/lib/docker/aufs/mnt/956f6cc4af5785cb3ee6963dcbca668219437d9b28f513290b1453ac64a34f97 rw,relatime - aufs none rw,si=9b4a7644303ec39c
+62 15 0:3405 / /var/lib/docker/aufs/mnt/1099769158c4b4773e2569e38024e8717e400f87a002c41d8cf47cb81b051ba6 rw,relatime - aufs none rw,si=9b4a7644303ee39c
+63 15 0:3406 / /var/lib/docker/aufs/mnt/11890ceb98d4442595b676085cd7b21550ab85c5df841e0fba997ff54e3d522d rw,relatime - aufs none rw,si=9b4a7644303ed39c
+64 15 0:3407 / /var/lib/docker/aufs/mnt/acdb90dc378e8ed2420b43a6d291f1c789a081cd1904018780cc038fcd7aae53 rw,relatime - aufs none rw,si=9b4a76434be2139c
+65 15 0:3408 / /var/lib/docker/aufs/mnt/120e716f19d4714fbe63cc1ed246204f2c1106eefebc6537ba2587d7e7711959 rw,relatime - aufs none rw,si=9b4a76434be2339c
+66 15 0:3409 / /var/lib/docker/aufs/mnt/b197b7fffb61d89e0ba1c40de9a9fc0d912e778b3c1bd828cf981ff37c1963bc rw,relatime - aufs none rw,si=9b4a76434be2039c
+70 15 0:3412 / /var/lib/docker/aufs/mnt/1434b69d2e1bb18a9f0b96b9cdac30132b2688f5d1379f68a39a5e120c2f93eb rw,relatime - aufs none rw,si=9b4a76434be2639c
+71 15 0:3413 / /var/lib/docker/aufs/mnt/16006e83caf33ab5eb0cd6afc92ea2ee8edeff897496b0bb3ec3a75b767374b3 rw,relatime - aufs none rw,si=9b4a7644d790439c
+72 15 0:3414 / /var/lib/docker/aufs/mnt/55bfa5f44e94d27f91f79ba901b118b15098449165c87abf1b53ffff147ff164 rw,relatime - aufs none rw,si=9b4a7644d790239c
+73 15 0:3415 / /var/lib/docker/aufs/mnt/1912b97a07ab21ccd98a2a27bc779bf3cf364a3138afa3c3e6f7f169a3c3eab5 rw,relatime - aufs none rw,si=9b4a76441822739c
+76 15 0:3418 / /var/lib/docker/aufs/mnt/1a7c3292e8879bd91ffd9282e954f643b1db5683093574c248ff14a9609f2f56 rw,relatime - aufs none rw,si=9b4a76438cb7239c
+77 15 0:3419 / /var/lib/docker/aufs/mnt/bb1faaf0d076ddba82c2318305a85f490dafa4e8a8640a8db8ed657c439120cc rw,relatime - aufs none rw,si=9b4a76438cb7339c
+78 15 0:3420 / /var/lib/docker/aufs/mnt/1ab869f21d2241a73ac840c7f988490313f909ac642eba71d092204fec66dd7c rw,relatime - aufs none rw,si=9b4a76438cb7639c
+79 15 0:3421 / /var/lib/docker/aufs/mnt/fd7245b2cfe3890fa5f5b452260e4edf9e7fb7746532ed9d83f7a0d7dbaa610e rw,relatime - aufs none rw,si=9b4a7644bdc0139c
+80 15 0:3422 / /var/lib/docker/aufs/mnt/1e5686c5301f26b9b3cd24e322c608913465cc6c5d0dcd7c5e498d1314747d61 rw,relatime - aufs none rw,si=9b4a7644bdc0639c
+81 15 0:3423 / /var/lib/docker/aufs/mnt/52edf6ee6e40bfec1e9301a4d4a92ab83d144e2ae4ce5099e99df6138cb844bf rw,relatime - aufs none rw,si=9b4a7644bdc0239c
+82 15 0:3424 / /var/lib/docker/aufs/mnt/1ea10fb7085d28cda4904657dff0454e52598d28e1d77e4f2965bbc3666e808f rw,relatime - aufs none rw,si=9b4a76438cb7139c
+83 15 0:3425 / /var/lib/docker/aufs/mnt/9c03e98c3593946dbd4087f8d83f9ca262f4a2efdc952ce60690838b9ba6c526 rw,relatime - aufs none rw,si=9b4a76443020639c
+84 15 0:3426 / /var/lib/docker/aufs/mnt/220a2344d67437602c6d2cee9a98c46be13f82c2a8063919dd2fad52bf2fb7dd rw,relatime - aufs none rw,si=9b4a76434bff339c
+94 15 0:3427 / /var/lib/docker/aufs/mnt/3b32876c5b200312c50baa476ff342248e88c8ea96e6a1032cd53a88738a1cf2 rw,relatime - aufs none rw,si=9b4a76434bff139c
+95 15 0:3428 / /var/lib/docker/aufs/mnt/23ee2b8b0d4ae8db6f6d1e168e2c6f79f8a18f953b09f65e0d22cc1e67a3a6fa rw,relatime - aufs none rw,si=9b4a7646c305c39c
+96 15 0:3429 / /var/lib/docker/aufs/mnt/e86e6daa70b61b57945fa178222615f3c3d6bcef12c9f28e9f8623d44dc2d429 rw,relatime - aufs none rw,si=9b4a7646c305f39c
+97 15 0:3430 / /var/lib/docker/aufs/mnt/2413d07623e80860bb2e9e306fbdee699afd07525785c025c591231e864aa162 rw,relatime - aufs none rw,si=9b4a76434bff039c
+98 15 0:3431 / /var/lib/docker/aufs/mnt/adfd622eb22340fc80b429e5564b125668e260bf9068096c46dd59f1386a4b7d rw,relatime - aufs none rw,si=9b4a7646a7a1039c
+102 15 0:3435 / /var/lib/docker/aufs/mnt/27cd92e7a91d02e2d6b44d16679a00fb6d169b19b88822891084e7fd1a84882d rw,relatime - aufs none rw,si=9b4a7646f25ec39c
+103 15 0:3436 / /var/lib/docker/aufs/mnt/27dfdaf94cfbf45055c748293c37dd68d9140240bff4c646cb09216015914a88 rw,relatime - aufs none rw,si=9b4a7646732f939c
+104 15 0:3437 / /var/lib/docker/aufs/mnt/5ed7524aff68dfbf0fc601cbaeac01bab14391850a973dabf3653282a627920f rw,relatime - aufs none rw,si=9b4a7646732f839c
+105 15 0:3438 / /var/lib/docker/aufs/mnt/2a0d4767e536beb5785b60e071e3ac8e5e812613ab143a9627bee77d0c9ab062 rw,relatime - aufs none rw,si=9b4a7646732fe39c
+106 15 0:3439 / /var/lib/docker/aufs/mnt/dea3fc045d9f4ae51ba952450b948a822cf85c39411489ca5224f6d9a8d02bad rw,relatime - aufs none rw,si=9b4a764012ad839c
+107 15 0:3440 / /var/lib/docker/aufs/mnt/2d140a787160798da60cb67c21b1210054ad4dafecdcf832f015995b9aa99cfd rw,relatime - aufs none rw,si=9b4a764012add39c
+108 15 0:3441 / /var/lib/docker/aufs/mnt/cb190b2a8e984475914430fbad2382e0d20b9b659f8ef83ae8d170cc672e519c rw,relatime - aufs none rw,si=9b4a76454d9c239c
+109 15 0:3442 / /var/lib/docker/aufs/mnt/2f4a012d5a7ffd90256a6e9aa479054b3dddbc3c6a343f26dafbf3196890223b rw,relatime - aufs none rw,si=9b4a76454d9c439c
+110 15 0:3443 / /var/lib/docker/aufs/mnt/63cc77904b80c4ffbf49cb974c5d8733dc52ad7640d3ae87554b325d7312d87f rw,relatime - aufs none rw,si=9b4a76454d9c339c
+111 15 0:3444 / /var/lib/docker/aufs/mnt/30333e872c451482ea2d235ff2192e875bd234006b238ae2bdde3b91a86d7522 rw,relatime - aufs none rw,si=9b4a76422cebf39c
+112 15 0:3445 / /var/lib/docker/aufs/mnt/6c54fc1125da3925cae65b5c9a98f3be55b0a2c2666082e5094a4ba71beb5bff rw,relatime - aufs none rw,si=9b4a7646dd5a439c
+113 15 0:3446 / /var/lib/docker/aufs/mnt/3087d48cb01cda9d0a83a9ca301e6ea40e8593d18c4921be4794c91a420ab9a3 rw,relatime - aufs none rw,si=9b4a7646dd5a739c
+114 15 0:3447 / /var/lib/docker/aufs/mnt/cc2607462a8f55b179a749b144c3fdbb50678e1a4f3065ea04e283e9b1f1d8e2 rw,relatime - aufs none rw,si=9b4a7646dd5a239c
+117 15 0:3450 / /var/lib/docker/aufs/mnt/310c5e8392b29e8658a22e08d96d63936633b7e2c38e8d220047928b00a03d24 rw,relatime - aufs none rw,si=9b4a7647932d739c
+118 15 0:3451 / /var/lib/docker/aufs/mnt/38a1f0029406ba9c3b6058f2f406d8a1d23c855046cf355c91d87d446fcc1460 rw,relatime - aufs none rw,si=9b4a76445abc939c
+119 15 0:3452 / /var/lib/docker/aufs/mnt/42e109ab7914ae997a11ccd860fd18e4d488c50c044c3240423ce15774b8b62e rw,relatime - aufs none rw,si=9b4a76445abca39c
+120 15 0:3453 / /var/lib/docker/aufs/mnt/365d832af0402d052b389c1e9c0d353b48487533d20cd4351df8e24ec4e4f9d8 rw,relatime - aufs none rw,si=9b4a7644066aa39c
+121 15 0:3454 / /var/lib/docker/aufs/mnt/d3fa8a24d695b6cda9b64f96188f701963d28bef0473343f8b212df1a2cf1d2b rw,relatime - aufs none rw,si=9b4a7644066af39c
+122 15 0:3455 / /var/lib/docker/aufs/mnt/37d4f491919abc49a15d0c7a7cc8383f087573525d7d288accd14f0b4af9eae0 rw,relatime - aufs none rw,si=9b4a7644066ad39c
+123 15 0:3456 / /var/lib/docker/aufs/mnt/93902707fe12cbdd0068ce73f2baad4b3a299189b1b19cb5f8a2025e106ae3f5 rw,relatime - aufs none rw,si=9b4a76444445f39c
+126 15 0:3459 / /var/lib/docker/aufs/mnt/3b49291670a625b9bbb329ffba99bf7fa7abff80cefef040f8b89e2b3aad4f9f rw,relatime - aufs none rw,si=9b4a7640798a339c
+127 15 0:3460 / /var/lib/docker/aufs/mnt/8d9c7b943cc8f854f4d0d4ec19f7c16c13b0cc4f67a41472a072648610cecb59 rw,relatime - aufs none rw,si=9b4a76427383039c
+128 15 0:3461 / /var/lib/docker/aufs/mnt/3b6c90036526c376307df71d49c9f5fce334c01b926faa6a78186842de74beac rw,relatime - aufs none rw,si=9b4a7644badd439c
+130 15 0:3463 / /var/lib/docker/aufs/mnt/7b24158eeddfb5d31b7e932e406ea4899fd728344335ff8e0765e89ddeb351dd rw,relatime - aufs none rw,si=9b4a7644badd539c
+131 15 0:3464 / /var/lib/docker/aufs/mnt/3ead6dd5773765c74850cf6c769f21fe65c29d622ffa712664f9f5b80364ce27 rw,relatime - aufs none rw,si=9b4a7642f469939c
+132 15 0:3465 / /var/lib/docker/aufs/mnt/3f825573b29547744a37b65597a9d6d15a8350be4429b7038d126a4c9a8e178f rw,relatime - aufs none rw,si=9b4a7642f469c39c
+133 15 0:3466 / /var/lib/docker/aufs/mnt/f67aaaeb3681e5dcb99a41f847087370bd1c206680cb8c7b6a9819fd6c97a331 rw,relatime - aufs none rw,si=9b4a7647cc25939c
+134 15 0:3467 / /var/lib/docker/aufs/mnt/41afe6cfb3c1fc2280b869db07699da88552786e28793f0bc048a265c01bd942 rw,relatime - aufs none rw,si=9b4a7647cc25c39c
+135 15 0:3468 / /var/lib/docker/aufs/mnt/b8092ea59da34a40b120e8718c3ae9fa8436996edc4fc50e4b99c72dfd81e1af rw,relatime - aufs none rw,si=9b4a76445abc439c
+136 15 0:3469 / /var/lib/docker/aufs/mnt/42c69d2cc179e2684458bb8596a9da6dad182c08eae9b74d5f0e615b399f75a5 rw,relatime - aufs none rw,si=9b4a76455ddbe39c
+137 15 0:3470 / /var/lib/docker/aufs/mnt/ea0871954acd2d62a211ac60e05969622044d4c74597870c4f818fbb0c56b09b rw,relatime - aufs none rw,si=9b4a76455ddbf39c
+138 15 0:3471 / /var/lib/docker/aufs/mnt/4307906b275ab3fc971786b3841ae3217ac85b6756ddeb7ad4ba09cd044c2597 rw,relatime - aufs none rw,si=9b4a76455ddb839c
+139 15 0:3472 / /var/lib/docker/aufs/mnt/4390b872928c53500a5035634f3421622ed6299dc1472b631fc45de9f56dc180 rw,relatime - aufs none rw,si=9b4a76402f2fd39c
+140 15 0:3473 / /var/lib/docker/aufs/mnt/6bb41e78863b85e4aa7da89455314855c8c3bda64e52a583bab15dc1fa2e80c2 rw,relatime - aufs none rw,si=9b4a76402f2fa39c
+141 15 0:3474 / /var/lib/docker/aufs/mnt/4444f583c2a79c66608f4673a32c9c812154f027045fbd558c2d69920c53f835 rw,relatime - aufs none rw,si=9b4a764479dbd39c
+142 15 0:3475 / /var/lib/docker/aufs/mnt/6f11883af4a05ea362e0c54df89058da4859f977efd07b6f539e1f55c1d2a668 rw,relatime - aufs none rw,si=9b4a76402f30b39c
+143 15 0:3476 / /var/lib/docker/aufs/mnt/453490dd32e7c2e9ef906f995d8fb3c2753923d1a5e0ba3fd3296e2e4dc238e7 rw,relatime - aufs none rw,si=9b4a76402f30c39c
+144 15 0:3477 / /var/lib/docker/aufs/mnt/45e5945735ee102b5e891c91650c57ec4b52bb53017d68f02d50ea8a6e230610 rw,relatime - aufs none rw,si=9b4a76423260739c
+147 15 0:3480 / /var/lib/docker/aufs/mnt/4727a64a5553a1125f315b96bed10d3073d6988225a292cce732617c925b56ab rw,relatime - aufs none rw,si=9b4a76443030339c
+150 15 0:3483 / /var/lib/docker/aufs/mnt/4e348b5187b9a567059306afc72d42e0ec5c893b0d4abd547526d5f9b6fb4590 rw,relatime - aufs none rw,si=9b4a7644f5d8c39c
+151 15 0:3484 / /var/lib/docker/aufs/mnt/4efc616bfbc3f906718b052da22e4335f8e9f91ee9b15866ed3a8029645189ef rw,relatime - aufs none rw,si=9b4a7644f5d8939c
+152 15 0:3485 / /var/lib/docker/aufs/mnt/83e730ae9754d5adb853b64735472d98dfa17136b8812ac9cfcd1eba7f4e7d2d rw,relatime - aufs none rw,si=9b4a76469aa7139c
+153 15 0:3486 / /var/lib/docker/aufs/mnt/4fc5ba8a5b333be2b7eefacccb626772eeec0ae8a6975112b56c9fb36c0d342f rw,relatime - aufs none rw,si=9b4a7640128dc39c
+154 15 0:3487 / /var/lib/docker/aufs/mnt/50200d5edff5dfe8d1ef3c78b0bbd709793ac6e936aa16d74ff66f7ea577b6f9 rw,relatime - aufs none rw,si=9b4a7640128da39c
+155 15 0:3488 / /var/lib/docker/aufs/mnt/51e5e51604361448f0b9777f38329f414bc5ba9cf238f26d465ff479bd574b61 rw,relatime - aufs none rw,si=9b4a76444f68939c
+156 15 0:3489 / /var/lib/docker/aufs/mnt/52a142149aa98bba83df8766bbb1c629a97b9799944ead90dd206c4bdf0b8385 rw,relatime - aufs none rw,si=9b4a76444f68b39c
+157 15 0:3490 / /var/lib/docker/aufs/mnt/52dd21a94a00f58a1ed489312fcfffb91578089c76c5650364476f1d5de031bc rw,relatime - aufs none rw,si=9b4a76444f68f39c
+158 15 0:3491 / /var/lib/docker/aufs/mnt/ee562415ddaad353ed22c88d0ca768a0c74bfba6333b6e25c46849ee22d990da rw,relatime - aufs none rw,si=9b4a7640128d839c
+159 15 0:3492 / /var/lib/docker/aufs/mnt/db47a9e87173f7554f550c8a01891de79cf12acdd32e01f95c1a527a08bdfb2c rw,relatime - aufs none rw,si=9b4a764405a1d39c
+160 15 0:3493 / /var/lib/docker/aufs/mnt/55e827bf6d44d930ec0b827c98356eb8b68c3301e2d60d1429aa72e05b4c17df rw,relatime - aufs none rw,si=9b4a764405a1a39c
+162 15 0:3495 / /var/lib/docker/aufs/mnt/578dc4e0a87fc37ec081ca098430499a59639c09f6f12a8f48de29828a091aa6 rw,relatime - aufs none rw,si=9b4a76406d7d439c
+163 15 0:3496 / /var/lib/docker/aufs/mnt/728cc1cb04fa4bc6f7bf7a90980beda6d8fc0beb71630874c0747b994efb0798 rw,relatime - aufs none rw,si=9b4a76444f20e39c
+164 15 0:3497 / /var/lib/docker/aufs/mnt/5850cc4bd9b55aea46c7ad598f1785117607974084ea643580f58ce3222e683a rw,relatime - aufs none rw,si=9b4a7644a824239c
+165 15 0:3498 / /var/lib/docker/aufs/mnt/89443b3f766d5a37bc8b84e29da8b84e6a3ea8486d3cf154e2aae1816516e4a8 rw,relatime - aufs none rw,si=9b4a7644a824139c
+166 15 0:3499 / /var/lib/docker/aufs/mnt/f5ae8fd5a41a337907d16515bc3162525154b59c32314c695ecd092c3b47943d rw,relatime - aufs none rw,si=9b4a7644a824439c
+167 15 0:3500 / /var/lib/docker/aufs/mnt/5a430854f2a03a9e5f7cbc9f3fb46a8ebca526a5b3f435236d8295e5998798f5 rw,relatime - aufs none rw,si=9b4a7647fc82439c
+168 15 0:3501 / /var/lib/docker/aufs/mnt/eda16901ae4cead35070c39845cbf1e10bd6b8cb0ffa7879ae2d8a186e460f91 rw,relatime - aufs none rw,si=9b4a76441e0df39c
+169 15 0:3502 / /var/lib/docker/aufs/mnt/5a593721430c2a51b119ff86a7e06ea2b37e3b4131f8f1344d402b61b0c8d868 rw,relatime - aufs none rw,si=9b4a764248bad39c
+170 15 0:3503 / /var/lib/docker/aufs/mnt/d662ad0a30fbfa902e0962108685b9330597e1ee2abb16dc9462eb5a67fdd23f rw,relatime - aufs none rw,si=9b4a764248bae39c
+171 15 0:3504 / /var/lib/docker/aufs/mnt/5bc9de5c79812843fb36eee96bef1ddba812407861f572e33242f4ee10da2c15 rw,relatime - aufs none rw,si=9b4a764248ba839c
+172 15 0:3505 / /var/lib/docker/aufs/mnt/5e763de8e9b0f7d58d2e12a341e029ab4efb3b99788b175090d8209e971156c1 rw,relatime - aufs none rw,si=9b4a764248baa39c
+173 15 0:3506 / /var/lib/docker/aufs/mnt/b4431dc2739936f1df6387e337f5a0c99cf051900c896bd7fd46a870ce61c873 rw,relatime - aufs none rw,si=9b4a76401263539c
+174 15 0:3507 / /var/lib/docker/aufs/mnt/5f37830e5a02561ab8c67ea3113137ba69f67a60e41c05cb0e7a0edaa1925b24 rw,relatime - aufs none rw,si=9b4a76401263639c
+184 15 0:3508 / /var/lib/docker/aufs/mnt/62ea10b957e6533538a4633a1e1d678502f50ddcdd354b2ca275c54dd7a7793a rw,relatime - aufs none rw,si=9b4a76401263039c
+187 15 0:3509 / /var/lib/docker/aufs/mnt/d56ee9d44195fe390e042fda75ec15af5132adb6d5c69468fa8792f4e54a6953 rw,relatime - aufs none rw,si=9b4a76401263239c
+188 15 0:3510 / /var/lib/docker/aufs/mnt/6a300930673174549c2b62f36c933f0332a20735978c007c805a301f897146c5 rw,relatime - aufs none rw,si=9b4a76455d4c539c
+189 15 0:3511 / /var/lib/docker/aufs/mnt/64496c45c84d348c24d410015456d101601c30cab4d1998c395591caf7e57a70 rw,relatime - aufs none rw,si=9b4a76455d4c639c
+190 15 0:3512 / /var/lib/docker/aufs/mnt/65a6a645883fe97a7422cd5e71ebe0bc17c8e6302a5361edf52e89747387e908 rw,relatime - aufs none rw,si=9b4a76455d4c039c
+191 15 0:3513 / /var/lib/docker/aufs/mnt/672be40695f7b6e13b0a3ed9fc996c73727dede3481f58155950fcfad57ed616 rw,relatime - aufs none rw,si=9b4a76455d4c239c
+192 15 0:3514 / /var/lib/docker/aufs/mnt/d42438acb2bfb2169e1c0d8e917fc824f7c85d336dadb0b0af36dfe0f001b3ba rw,relatime - aufs none rw,si=9b4a7642bfded39c
+193 15 0:3515 / /var/lib/docker/aufs/mnt/b48a54abf26d01cb2ddd908b1ed6034d17397c1341bf0eb2b251a3e5b79be854 rw,relatime - aufs none rw,si=9b4a7642bfdee39c
+194 15 0:3516 / /var/lib/docker/aufs/mnt/76f27134491f052bfb87f59092126e53ef875d6851990e59195a9da16a9412f8 rw,relatime - aufs none rw,si=9b4a7642bfde839c
+195 15 0:3517 / /var/lib/docker/aufs/mnt/6bd626a5462b4f8a8e1cc7d10351326dca97a59b2758e5ea549a4f6350ce8a90 rw,relatime - aufs none rw,si=9b4a7642bfdea39c
+196 15 0:3518 / /var/lib/docker/aufs/mnt/f1fe3549dbd6f5ca615e9139d9b53f0c83a3b825565df37628eacc13e70cbd6d rw,relatime - aufs none rw,si=9b4a7642bfdf539c
+197 15 0:3519 / /var/lib/docker/aufs/mnt/6d0458c8426a9e93d58d0625737e6122e725c9408488ed9e3e649a9984e15c34 rw,relatime - aufs none rw,si=9b4a7642bfdf639c
+198 15 0:3520 / /var/lib/docker/aufs/mnt/6e4c97db83aa82145c9cf2bafc20d500c0b5389643b689e3ae84188c270a48c5 rw,relatime - aufs none rw,si=9b4a7642bfdf039c
+199 15 0:3521 / /var/lib/docker/aufs/mnt/eb94d6498f2c5969eaa9fa11ac2934f1ab90ef88e2d002258dca08e5ba74ea27 rw,relatime - aufs none rw,si=9b4a7642bfdf239c
+200 15 0:3522 / /var/lib/docker/aufs/mnt/fe3f88f0c511608a2eec5f13a98703aa16e55dbf930309723d8a37101f539fe1 rw,relatime - aufs none rw,si=9b4a7642bfc3539c
+201 15 0:3523 / /var/lib/docker/aufs/mnt/6f40c229fb9cad85fabf4b64a2640a5403ec03fe5ac1a57d0609fb8b606b9c83 rw,relatime - aufs none rw,si=9b4a7642bfc3639c
+202 15 0:3524 / /var/lib/docker/aufs/mnt/7513e9131f7a8acf58ff15248237feb767c78732ca46e159f4d791e6ef031dbc rw,relatime - aufs none rw,si=9b4a7642bfc3039c
+203 15 0:3525 / /var/lib/docker/aufs/mnt/79f48b00aa713cdf809c6bb7c7cb911b66e9a8076c81d6c9d2504139984ea2da rw,relatime - aufs none rw,si=9b4a7642bfc3239c
+204 15 0:3526 / /var/lib/docker/aufs/mnt/c3680418350d11358f0a96c676bc5aa74fa00a7c89e629ef5909d3557b060300 rw,relatime - aufs none rw,si=9b4a7642f47cd39c
+205 15 0:3527 / /var/lib/docker/aufs/mnt/7a1744dd350d7fcc0cccb6f1757ca4cbe5453f203a5888b0f1014d96ad5a5ef9 rw,relatime - aufs none rw,si=9b4a7642f47ce39c
+206 15 0:3528 / /var/lib/docker/aufs/mnt/7fa99662db046be9f03c33c35251afda9ccdc0085636bbba1d90592cec3ff68d rw,relatime - aufs none rw,si=9b4a7642f47c839c
+207 15 0:3529 / /var/lib/docker/aufs/mnt/f815021ef20da9c9b056bd1d52d8aaf6e2c0c19f11122fc793eb2b04eb995e35 rw,relatime - aufs none rw,si=9b4a7642f47ca39c
+208 15 0:3530 / /var/lib/docker/aufs/mnt/801086ae3110192d601dfcebdba2db92e86ce6b6a9dba6678ea04488e4513669 rw,relatime - aufs none rw,si=9b4a7642dc6dd39c
+209 15 0:3531 / /var/lib/docker/aufs/mnt/822ba7db69f21daddda87c01cfbfbf73013fc03a879daf96d16cdde6f9b1fbd6 rw,relatime - aufs none rw,si=9b4a7642dc6de39c
+210 15 0:3532 / /var/lib/docker/aufs/mnt/834227c1a950fef8cae3827489129d0dd220541e60c6b731caaa765bf2e6a199 rw,relatime - aufs none rw,si=9b4a7642dc6d839c
+211 15 0:3533 / /var/lib/docker/aufs/mnt/83dccbc385299bd1c7cf19326e791b33a544eea7b4cdfb6db70ea94eed4389fb rw,relatime - aufs none rw,si=9b4a7642dc6da39c
+212 15 0:3534 / /var/lib/docker/aufs/mnt/f1b8e6f0e7c8928b5dcdab944db89306ebcae3e0b32f9ff40d2daa8329f21600 rw,relatime - aufs none rw,si=9b4a7645a126039c
+213 15 0:3535 / /var/lib/docker/aufs/mnt/970efb262c7a020c2404cbcc5b3259efba0d110a786079faeef05bc2952abf3a rw,relatime - aufs none rw,si=9b4a7644c8ed139c
+214 15 0:3536 / /var/lib/docker/aufs/mnt/84b6d73af7450f3117a77e15a5ca1255871fea6182cd8e8a7be6bc744be18c2c rw,relatime - aufs none rw,si=9b4a76406559139c
+215 15 0:3537 / /var/lib/docker/aufs/mnt/88be2716e026bc681b5e63fe7942068773efbd0b6e901ca7ba441412006a96b6 rw,relatime - aufs none rw,si=9b4a76406559339c
+216 15 0:3538 / /var/lib/docker/aufs/mnt/c81939aa166ce50cd8bca5cfbbcc420a78e0318dd5cd7c755209b9166a00a752 rw,relatime - aufs none rw,si=9b4a76406559239c
+217 15 0:3539 / /var/lib/docker/aufs/mnt/e0f241645d64b7dc5ff6a8414087cca226be08fb54ce987d1d1f6350c57083aa rw,relatime - aufs none rw,si=9b4a7647cfc0f39c
+218 15 0:3540 / /var/lib/docker/aufs/mnt/e10e2bf75234ed51d8a6a4bb39e465404fecbe318e54400d3879cdb2b0679c78 rw,relatime - aufs none rw,si=9b4a7647cfc0939c
+219 15 0:3541 / /var/lib/docker/aufs/mnt/8f71d74c8cfc3228b82564aa9f09b2e576cff0083ddfb6aa5cb350346063f080 rw,relatime - aufs none rw,si=9b4a7647cfc0a39c
+220 15 0:3542 / /var/lib/docker/aufs/mnt/9159f1eba2aef7f5205cc18d015cda7f5933cd29bba3b1b8aed5ccb5824c69ee rw,relatime - aufs none rw,si=9b4a76468cedd39c
+221 15 0:3543 / /var/lib/docker/aufs/mnt/932cad71e652e048e500d9fbb5b8ea4fc9a269d42a3134ce527ceef42a2be56b rw,relatime - aufs none rw,si=9b4a76468cede39c
+222 15 0:3544 / /var/lib/docker/aufs/mnt/bf1e1b5f529e8943cc0144ee86dbaaa37885c1ddffcef29537e0078ee7dd316a rw,relatime - aufs none rw,si=9b4a76468ced839c
+223 15 0:3545 / /var/lib/docker/aufs/mnt/949d93ecf3322e09f858ce81d5f4b434068ec44ff84c375de03104f7b45ee955 rw,relatime - aufs none rw,si=9b4a76468ceda39c
+224 15 0:3546 / /var/lib/docker/aufs/mnt/d65c6087f92dc2a3841b5251d2fe9ca07d4c6e5b021597692479740816e4e2a1 rw,relatime - aufs none rw,si=9b4a7645a126239c
+225 15 0:3547 / /var/lib/docker/aufs/mnt/98a0153119d0651c193d053d254f6e16a68345a141baa80c87ae487e9d33f290 rw,relatime - aufs none rw,si=9b4a7640787cf39c
+226 15 0:3548 / /var/lib/docker/aufs/mnt/99daf7fe5847c017392f6e59aa9706b3dfdd9e6d1ba11dae0f7fffde0a60b5e5 rw,relatime - aufs none rw,si=9b4a7640787c839c
+227 15 0:3549 / /var/lib/docker/aufs/mnt/9ad1f2fe8a5599d4e10c5a6effa7f03d932d4e92ee13149031a372087a359079 rw,relatime - aufs none rw,si=9b4a7640787ca39c
+228 15 0:3550 / /var/lib/docker/aufs/mnt/c26d64494da782ddac26f8370d86ac93e7c1666d88a7b99110fc86b35ea6a85d rw,relatime - aufs none rw,si=9b4a7642fc6b539c
+229 15 0:3551 / /var/lib/docker/aufs/mnt/a49e4a8275133c230ec640997f35f172312eb0ea5bd2bbe10abf34aae98f30eb rw,relatime - aufs none rw,si=9b4a7642fc6b639c
+230 15 0:3552 / /var/lib/docker/aufs/mnt/b5e2740c867ed843025f49d84e8d769de9e8e6039b3c8cb0735b5bf358994bc7 rw,relatime - aufs none rw,si=9b4a7642fc6b039c
+231 15 0:3553 / /var/lib/docker/aufs/mnt/a826fdcf3a7039b30570054579b65763db605a314275d7aef31b872c13311b4b rw,relatime - aufs none rw,si=9b4a7642fc6b239c
+232 15 0:3554 / /var/lib/docker/aufs/mnt/addf3025babf5e43b5a3f4a0da7ad863dda3c01fb8365c58fd8d28bb61dc11bc rw,relatime - aufs none rw,si=9b4a76407871d39c
+233 15 0:3555 / /var/lib/docker/aufs/mnt/c5b6c6813ab3e5ebdc6d22cb2a3d3106a62095f2c298be52b07a3b0fa20ff690 rw,relatime - aufs none rw,si=9b4a76407871e39c
+234 15 0:3556 / /var/lib/docker/aufs/mnt/af0609eaaf64e2392060cb46f5a9f3d681a219bb4c651d4f015bf573fbe6c4cf rw,relatime - aufs none rw,si=9b4a76407871839c
+235 15 0:3557 / /var/lib/docker/aufs/mnt/e7f20e3c37ecad39cd90a97cd3549466d0d106ce4f0a930b8495442634fa4a1f rw,relatime - aufs none rw,si=9b4a76407871a39c
+237 15 0:3559 / /var/lib/docker/aufs/mnt/b57a53d440ffd0c1295804fa68cdde35d2fed5409484627e71b9c37e4249fd5c rw,relatime - aufs none rw,si=9b4a76444445a39c
+238 15 0:3560 / /var/lib/docker/aufs/mnt/b5e7d7b8f35e47efbba3d80c5d722f5e7bd43e54c824e54b4a4b351714d36d42 rw,relatime - aufs none rw,si=9b4a7647932d439c
+239 15 0:3561 / /var/lib/docker/aufs/mnt/f1b136def157e9465640658f277f3347de593c6ae76412a2e79f7002f091cae2 rw,relatime - aufs none rw,si=9b4a76445abcd39c
+240 15 0:3562 / /var/lib/docker/aufs/mnt/b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc rw,relatime - aufs none rw,si=9b4a7644403b339c
+241 15 0:3563 / /var/lib/docker/aufs/mnt/b89b140cdbc95063761864e0a23346207fa27ee4c5c63a1ae85c9069a9d9cf1d rw,relatime - aufs none rw,si=9b4a7644aa19739c
+242 15 0:3564 / /var/lib/docker/aufs/mnt/bc6a69ed51c07f5228f6b4f161c892e6a949c0e7e86a9c3432049d4c0e5cd298 rw,relatime - aufs none rw,si=9b4a7644aa19139c
+243 15 0:3565 / /var/lib/docker/aufs/mnt/be4e2ba3f136933e239f7cf3d136f484fb9004f1fbdfee24a62a2c7b0ab30670 rw,relatime - aufs none rw,si=9b4a7644aa19339c
+244 15 0:3566 / /var/lib/docker/aufs/mnt/e04ca1a4a5171e30d20f0c92f90a50b8b6f8600af5459c4b4fb25e42e864dfe1 rw,relatime - aufs none rw,si=9b4a7647932d139c
+245 15 0:3567 / /var/lib/docker/aufs/mnt/be61576b31db893129aaffcd3dcb5ce35e49c4b71b30c392a78609a45c7323d8 rw,relatime - aufs none rw,si=9b4a7642d85f739c
+246 15 0:3568 / /var/lib/docker/aufs/mnt/dda42c191e56becf672327658ab84fcb563322db3764b91c2fefe4aaef04c624 rw,relatime - aufs none rw,si=9b4a7642d85f139c
+247 15 0:3569 / /var/lib/docker/aufs/mnt/c0a7995053330f3d88969247a2e72b07e2dd692133f5668a4a35ea3905561072 rw,relatime - aufs none rw,si=9b4a7642d85f339c
+249 15 0:3571 / /var/lib/docker/aufs/mnt/c3594b2e5f08c59ff5ed338a1ba1eceeeb1f7fc5d180068338110c00b1eb8502 rw,relatime - aufs none rw,si=9b4a7642738c739c
+250 15 0:3572 / /var/lib/docker/aufs/mnt/c58dce03a0ab0a7588393880379dc3bce9f96ec08ed3f99cf1555260ff0031e8 rw,relatime - aufs none rw,si=9b4a7642738c139c
+251 15 0:3573 / /var/lib/docker/aufs/mnt/c73e9f1d109c9d14cb36e1c7489df85649be3911116d76c2fd3648ec8fd94e23 rw,relatime - aufs none rw,si=9b4a7642738c339c
+252 15 0:3574 / /var/lib/docker/aufs/mnt/c9eef28c344877cd68aa09e543c0710ab2b305a0ff96dbb859bfa7808c3e8d01 rw,relatime - aufs none rw,si=9b4a7642d85f439c
+253 15 0:3575 / /var/lib/docker/aufs/mnt/feb67148f548d70cb7484f2aaad2a86051cd6867a561741a2f13b552457d666e rw,relatime - aufs none rw,si=9b4a76468c55739c
+254 15 0:3576 / /var/lib/docker/aufs/mnt/cdf1f96c36d35a96041a896bf398ec0f7dc3b0fb0643612a0f4b6ff96e04e1bb rw,relatime - aufs none rw,si=9b4a76468c55139c
+255 15 0:3577 / /var/lib/docker/aufs/mnt/ec6e505872353268451ac4bc034c1df00f3bae4a3ea2261c6e48f7bd5417c1b3 rw,relatime - aufs none rw,si=9b4a76468c55339c
+256 15 0:3578 / /var/lib/docker/aufs/mnt/d6dc8aca64efd90e0bc10274001882d0efb310d42ccbf5712b99b169053b8b1a rw,relatime - aufs none rw,si=9b4a7642738c439c
+257 15 0:3579 / /var/lib/docker/aufs/mnt/d712594e2ff6eaeb895bfd150d694bd1305fb927e7a186b2dab7df2ea95f8f81 rw,relatime - aufs none rw,si=9b4a76401268f39c
+259 15 0:3581 / /var/lib/docker/aufs/mnt/dbfa1174cd78cde2d7410eae442af0b416c4a0e6f87ed4ff1e9f169a0029abc0 rw,relatime - aufs none rw,si=9b4a76401268b39c
+260 15 0:3582 / /var/lib/docker/aufs/mnt/e883f5a82316d7856fbe93ee8c0af5a920b7079619dd95c4ffd88bbd309d28dd rw,relatime - aufs none rw,si=9b4a76468c55439c
+261 15 0:3583 / /var/lib/docker/aufs/mnt/fdec3eff581c4fc2b09f87befa2fa021f3f2d373bea636a87f1fb5b367d6347a rw,relatime - aufs none rw,si=9b4a7644aa1af39c
+262 15 0:3584 / /var/lib/docker/aufs/mnt/ef764e26712184653067ecf7afea18a80854c41331ca0f0ef03e1bacf90a6ffc rw,relatime - aufs none rw,si=9b4a7644aa1a939c
+263 15 0:3585 / /var/lib/docker/aufs/mnt/f3176b40c41fce8ce6942936359a2001a6f1b5c1bb40ee224186db0789ec2f76 rw,relatime - aufs none rw,si=9b4a7644aa1ab39c
+264 15 0:3586 / /var/lib/docker/aufs/mnt/f5daf06785d3565c6dd18ea7d953d9a8b9606107781e63270fe0514508736e6a rw,relatime - aufs none rw,si=9b4a76401268c39c
+58 15 0:3587 / /var/lib/docker/aufs/mnt/cde8c40f6524b7361af4f5ad05bb857dc9ee247c20852ba666195c0739e3a2b8-init rw,relatime - aufs none rw,si=9b4a76444445839c
+67 15 0:3588 / /var/lib/docker/aufs/mnt/cde8c40f6524b7361af4f5ad05bb857dc9ee247c20852ba666195c0739e3a2b8 rw,relatime - aufs none rw,si=9b4a7644badd339c
+265 15 0:3610 / /var/lib/docker/aufs/mnt/e812472cd2c8c4748d1ef71fac4e77e50d661b9349abe66ce3e23511ed44f414 rw,relatime - aufs none rw,si=9b4a76427937d39c
+270 15 0:3615 / /var/lib/docker/aufs/mnt/997636e7c5c9d0d1376a217e295c14c205350b62bc12052804fb5f90abe6f183 rw,relatime - aufs none rw,si=9b4a76406540739c
+273 15 0:3618 / /var/lib/docker/aufs/mnt/d5794d080417b6e52e69227c3873e0e4c1ff0d5a845ebe3860ec2f89a47a2a1e rw,relatime - aufs none rw,si=9b4a76454814039c
+278 15 0:3623 / /var/lib/docker/aufs/mnt/586bdd48baced671bb19bc4d294ec325f26c55545ae267db426424f157d59c48 rw,relatime - aufs none rw,si=9b4a7644b439f39c
+281 15 0:3626 / /var/lib/docker/aufs/mnt/69739d022f89f8586908bbd5edbbdd95ea5256356f177f9ffcc6ef9c0ea752d2 rw,relatime - aufs none rw,si=9b4a7644a0f1b39c
+286 15 0:3631 / /var/lib/docker/aufs/mnt/ff28c27d5f894363993622de26d5dd352dba072f219e4691d6498c19bbbc15a9 rw,relatime - aufs none rw,si=9b4a7642265b339c
+289 15 0:3634 / /var/lib/docker/aufs/mnt/aa128fe0e64fdede333aa48fd9de39530c91a9244a0f0649a3c411c61e372daa rw,relatime - aufs none rw,si=9b4a764012ada39c
+99 15 8:33 / /media/REMOVE\040ME rw,nosuid,nodev,relatime - fuseblk /dev/sdc1 rw,user_id=0,group_id=0,allow_other,blksize=4096`
+)
+
+func TestParseFedoraMountinfo(t *testing.T) {
+	r := bytes.NewBuffer([]byte(fedoraMountinfo))
+	_, err := parseInfoFile(r)
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestParseUbuntuMountinfo(t *testing.T) {
+	r := bytes.NewBuffer([]byte(ubuntuMountInfo))
+	_, err := parseInfoFile(r)
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestParseGentooMountinfo(t *testing.T) {
+	r := bytes.NewBuffer([]byte(gentooMountinfo))
+	_, err := parseInfoFile(r)
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestParseFedoraMountinfoFields(t *testing.T) {
+	r := bytes.NewBuffer([]byte(fedoraMountinfo))
+	infos, err := parseInfoFile(r)
+	if err != nil {
+		t.Fatal(err)
+	}
+	expectedLength := 58
+	if len(infos) != expectedLength {
+		t.Fatalf("Expected %d entries, got %d", expectedLength, len(infos))
+	}
+	mi := Info{
+		ID:         15,
+		Parent:     35,
+		Major:      0,
+		Minor:      3,
+		Root:       "/",
+		Mountpoint: "/proc",
+		Opts:       "rw,nosuid,nodev,noexec,relatime",
+		Optional:   "shared:5",
+		Fstype:     "proc",
+		Source:     "proc",
+		VfsOpts:    "rw",
+	}
+
+	if *infos[0] != mi {
+		t.Fatalf("expected %#v, got %#v", mi, infos[0])
+	}
+}
diff --git a/pkg/mount/mountinfo_unsupported.go b/pkg/mount/mountinfo_unsupported.go
new file mode 100644
index 00000000..b8d9aa5c
--- /dev/null
+++ b/pkg/mount/mountinfo_unsupported.go
@@ -0,0 +1,12 @@
+// +build !windows,!linux,!freebsd freebsd,!cgo
+
+package mount
+
+import (
+	"fmt"
+	"runtime"
+)
+
+func parseMountTable() ([]*Info, error) {
+	return nil, fmt.Errorf("mount.parseMountTable is not implemented on %s/%s", runtime.GOOS, runtime.GOARCH)
+}
diff --git a/pkg/mount/mountinfo_windows.go b/pkg/mount/mountinfo_windows.go
new file mode 100644
index 00000000..dab8a37e
--- /dev/null
+++ b/pkg/mount/mountinfo_windows.go
@@ -0,0 +1,6 @@
+package mount
+
+func parseMountTable() ([]*Info, error) {
+	// Do NOT return an error!
+	return nil, nil
+}
diff --git a/pkg/mount/sharedsubtree_linux.go b/pkg/mount/sharedsubtree_linux.go
new file mode 100644
index 00000000..8ceec84b
--- /dev/null
+++ b/pkg/mount/sharedsubtree_linux.go
@@ -0,0 +1,69 @@
+// +build linux
+
+package mount
+
+// MakeShared ensures a mounted filesystem has the SHARED mount option enabled.
+// See the supported options in flags.go for further reference.
+func MakeShared(mountPoint string) error {
+	return ensureMountedAs(mountPoint, "shared")
+}
+
+// MakeRShared ensures a mounted filesystem has the RSHARED mount option enabled.
+// See the supported options in flags.go for further reference.
+func MakeRShared(mountPoint string) error {
+	return ensureMountedAs(mountPoint, "rshared")
+}
+
+// MakePrivate ensures a mounted filesystem has the PRIVATE mount option enabled.
+// See the supported options in flags.go for further reference.
+func MakePrivate(mountPoint string) error {
+	return ensureMountedAs(mountPoint, "private")
+}
+
+// MakeRPrivate ensures a mounted filesystem has the RPRIVATE mount option
+// enabled. See the supported options in flags.go for further reference.
+func MakeRPrivate(mountPoint string) error {
+	return ensureMountedAs(mountPoint, "rprivate")
+}
+
+// MakeSlave ensures a mounted filesystem has the SLAVE mount option enabled.
+// See the supported options in flags.go for further reference.
+func MakeSlave(mountPoint string) error {
+	return ensureMountedAs(mountPoint, "slave")
+}
+
+// MakeRSlave ensures a mounted filesystem has the RSLAVE mount option enabled.
+// See the supported options in flags.go for further reference.
+func MakeRSlave(mountPoint string) error {
+	return ensureMountedAs(mountPoint, "rslave")
+}
+
+// MakeUnbindable ensures a mounted filesystem has the UNBINDABLE mount option
+// enabled. See the supported options in flags.go for further reference.
+func MakeUnbindable(mountPoint string) error {
+	return ensureMountedAs(mountPoint, "unbindable")
+}
+
+// MakeRUnbindable ensures a mounted filesystem has the RUNBINDABLE mount
+// option enabled. See the supported options in flags.go for further reference.
+func MakeRUnbindable(mountPoint string) error {
+	return ensureMountedAs(mountPoint, "runbindable")
+}
+
+func ensureMountedAs(mountPoint, options string) error {
+	mounted, err := Mounted(mountPoint)
+	if err != nil {
+		return err
+	}
+
+	if !mounted {
+		if err := Mount(mountPoint, mountPoint, "none", "bind,rw"); err != nil {
+			return err
+		}
+	}
+	if _, err = Mounted(mountPoint); err != nil {
+		return err
+	}
+
+	return ForceMount("", mountPoint, "none", options)
+}
diff --git a/pkg/mount/sharedsubtree_linux_test.go b/pkg/mount/sharedsubtree_linux_test.go
new file mode 100644
index 00000000..c1837942
--- /dev/null
+++ b/pkg/mount/sharedsubtree_linux_test.go
@@ -0,0 +1,331 @@
+// +build linux
+
+package mount
+
+import (
+	"os"
+	"path"
+	"syscall"
+	"testing"
+)
+
+// nothing is propagated in or out
+func TestSubtreePrivate(t *testing.T) {
+	tmp := path.Join(os.TempDir(), "mount-tests")
+	if err := os.MkdirAll(tmp, 0777); err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmp)
+
+	var (
+		sourceDir   = path.Join(tmp, "source")
+		targetDir   = path.Join(tmp, "target")
+		outside1Dir = path.Join(tmp, "outside1")
+		outside2Dir = path.Join(tmp, "outside2")
+
+		outside1Path      = path.Join(outside1Dir, "file.txt")
+		outside2Path      = path.Join(outside2Dir, "file.txt")
+		outside1CheckPath = path.Join(targetDir, "a", "file.txt")
+		outside2CheckPath = path.Join(sourceDir, "b", "file.txt")
+	)
+	if err := os.MkdirAll(path.Join(sourceDir, "a"), 0777); err != nil {
+		t.Fatal(err)
+	}
+	if err := os.MkdirAll(path.Join(sourceDir, "b"), 0777); err != nil {
+		t.Fatal(err)
+	}
+	if err := os.Mkdir(targetDir, 0777); err != nil {
+		t.Fatal(err)
+	}
+	if err := os.Mkdir(outside1Dir, 0777); err != nil {
+		t.Fatal(err)
+	}
+	if err := os.Mkdir(outside2Dir, 0777); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := createFile(outside1Path); err != nil {
+		t.Fatal(err)
+	}
+	if err := createFile(outside2Path); err != nil {
+		t.Fatal(err)
+	}
+
+	// mount the shared directory to a target
+	if err := Mount(sourceDir, targetDir, "none", "bind,rw"); err != nil {
+		t.Fatal(err)
+	}
+	defer func() {
+		if err := Unmount(targetDir); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	// next, make the target private
+	if err := MakePrivate(targetDir); err != nil {
+		t.Fatal(err)
+	}
+	defer func() {
+		if err := Unmount(targetDir); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	// mount in an outside path to a mounted path inside the _source_
+	if err := Mount(outside1Dir, path.Join(sourceDir, "a"), "none", "bind,rw"); err != nil {
+		t.Fatal(err)
+	}
+	defer func() {
+		if err := Unmount(path.Join(sourceDir, "a")); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	// check that this file _does_not_ show in the _target_
+	if _, err := os.Stat(outside1CheckPath); err != nil && !os.IsNotExist(err) {
+		t.Fatal(err)
+	} else if err == nil {
+		t.Fatalf("%q should not be visible, but is", outside1CheckPath)
+	}
+
+	// next mount outside2Dir into the _target_
+	if err := Mount(outside2Dir, path.Join(targetDir, "b"), "none", "bind,rw"); err != nil {
+		t.Fatal(err)
+	}
+	defer func() {
+		if err := Unmount(path.Join(targetDir, "b")); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	// check that this file _does_not_ show in the _source_
+	if _, err := os.Stat(outside2CheckPath); err != nil && !os.IsNotExist(err) {
+		t.Fatal(err)
+	} else if err == nil {
+		t.Fatalf("%q should not be visible, but is", outside2CheckPath)
+	}
+}
+
+// Testing that when a target is a shared mount,
+// then child mounts propagate to the source
+func TestSubtreeShared(t *testing.T) {
+	tmp := path.Join(os.TempDir(), "mount-tests")
+	if err := os.MkdirAll(tmp, 0777); err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmp)
+
+	var (
+		sourceDir  = path.Join(tmp, "source")
+		targetDir  = path.Join(tmp, "target")
+		outsideDir = path.Join(tmp, "outside")
+
+		outsidePath     = path.Join(outsideDir, "file.txt")
+		sourceCheckPath = path.Join(sourceDir, "a", "file.txt")
+	)
+
+	if err := os.MkdirAll(path.Join(sourceDir, "a"), 0777); err != nil {
+		t.Fatal(err)
+	}
+	if err := os.Mkdir(targetDir, 0777); err != nil {
+		t.Fatal(err)
+	}
+	if err := os.Mkdir(outsideDir, 0777); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := createFile(outsidePath); err != nil {
+		t.Fatal(err)
+	}
+
+	// mount the source as shared
+	if err := MakeShared(sourceDir); err != nil {
+		t.Fatal(err)
+	}
+	defer func() {
+		if err := Unmount(sourceDir); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	// mount the shared directory to a target
+	if err := Mount(sourceDir, targetDir, "none", "bind,rw"); err != nil {
+		t.Fatal(err)
+	}
+	defer func() {
+		if err := Unmount(targetDir); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	// mount in an outside path to a mounted path inside the target
+	if err := Mount(outsideDir, path.Join(targetDir, "a"), "none", "bind,rw"); err != nil {
+		t.Fatal(err)
+	}
+	defer func() {
+		if err := Unmount(path.Join(targetDir, "a")); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	// NOW, check that the file from the outside directory is available in the source directory
+	if _, err := os.Stat(sourceCheckPath); err != nil {
+		t.Fatal(err)
+	}
+}
+
+// testing that mounts to a shared source show up in the slave target,
+// and that mounts into a slave target do _not_ show up in the shared source
+func TestSubtreeSharedSlave(t *testing.T) {
+	tmp := path.Join(os.TempDir(), "mount-tests")
+	if err := os.MkdirAll(tmp, 0777); err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmp)
+
+	var (
+		sourceDir   = path.Join(tmp, "source")
+		targetDir   = path.Join(tmp, "target")
+		outside1Dir = path.Join(tmp, "outside1")
+		outside2Dir = path.Join(tmp, "outside2")
+
+		outside1Path      = path.Join(outside1Dir, "file.txt")
+		outside2Path      = path.Join(outside2Dir, "file.txt")
+		outside1CheckPath = path.Join(targetDir, "a", "file.txt")
+		outside2CheckPath = path.Join(sourceDir, "b", "file.txt")
+	)
+	if err := os.MkdirAll(path.Join(sourceDir, "a"), 0777); err != nil {
+		t.Fatal(err)
+	}
+	if err := os.MkdirAll(path.Join(sourceDir, "b"), 0777); err != nil {
+		t.Fatal(err)
+	}
+	if err := os.Mkdir(targetDir, 0777); err != nil {
+		t.Fatal(err)
+	}
+	if err := os.Mkdir(outside1Dir, 0777); err != nil {
+		t.Fatal(err)
+	}
+	if err := os.Mkdir(outside2Dir, 0777); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := createFile(outside1Path); err != nil {
+		t.Fatal(err)
+	}
+	if err := createFile(outside2Path); err != nil {
+		t.Fatal(err)
+	}
+
+	// mount the source as shared
+	if err := MakeShared(sourceDir); err != nil {
+		t.Fatal(err)
+	}
+	defer func() {
+		if err := Unmount(sourceDir); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	// mount the shared directory to a target
+	if err := Mount(sourceDir, targetDir, "none", "bind,rw"); err != nil {
+		t.Fatal(err)
+	}
+	defer func() {
+		if err := Unmount(targetDir); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	// next, make the target slave
+	if err := MakeSlave(targetDir); err != nil {
+		t.Fatal(err)
+	}
+	defer func() {
+		if err := Unmount(targetDir); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	// mount in an outside path to a mounted path inside the _source_
+	if err := Mount(outside1Dir, path.Join(sourceDir, "a"), "none", "bind,rw"); err != nil {
+		t.Fatal(err)
+	}
+	defer func() {
+		if err := Unmount(path.Join(sourceDir, "a")); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	// check that this file _does_ show in the _target_
+	if _, err := os.Stat(outside1CheckPath); err != nil {
+		t.Fatal(err)
+	}
+
+	// next mount outside2Dir into the _target_
+	if err := Mount(outside2Dir, path.Join(targetDir, "b"), "none", "bind,rw"); err != nil {
+		t.Fatal(err)
+	}
+	defer func() {
+		if err := Unmount(path.Join(targetDir, "b")); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	// check that this file _does_not_ show in the _source_
+	if _, err := os.Stat(outside2CheckPath); err != nil && !os.IsNotExist(err) {
+		t.Fatal(err)
+	} else if err == nil {
+		t.Fatalf("%q should not be visible, but is", outside2CheckPath)
+	}
+}
+
+func TestSubtreeUnbindable(t *testing.T) {
+	tmp := path.Join(os.TempDir(), "mount-tests")
+	if err := os.MkdirAll(tmp, 0777); err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmp)
+
+	var (
+		sourceDir = path.Join(tmp, "source")
+		targetDir = path.Join(tmp, "target")
+	)
+	if err := os.MkdirAll(sourceDir, 0777); err != nil {
+		t.Fatal(err)
+	}
+	if err := os.MkdirAll(targetDir, 0777); err != nil {
+		t.Fatal(err)
+	}
+
+	// next, make the source unbindable
+	if err := MakeUnbindable(sourceDir); err != nil {
+		t.Fatal(err)
+	}
+	defer func() {
+		if err := Unmount(sourceDir); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	// then attempt to mount it to target. It should fail
+	if err := Mount(sourceDir, targetDir, "none", "bind,rw"); err != nil && err != syscall.EINVAL {
+		t.Fatal(err)
+	} else if err == nil {
+		t.Fatalf("%q should not have been bindable", sourceDir)
+	}
+	defer func() {
+		if err := Unmount(targetDir); err != nil {
+			t.Fatal(err)
+		}
+	}()
+}
+
+func createFile(path string) error {
+	f, err := os.Create(path)
+	if err != nil {
+		return err
+	}
+	f.WriteString("hello world!")
+	return f.Close()
+}
diff --git a/pkg/namesgenerator/cmd/names-generator/main.go b/pkg/namesgenerator/cmd/names-generator/main.go
new file mode 100644
index 00000000..18a939b7
--- /dev/null
+++ b/pkg/namesgenerator/cmd/names-generator/main.go
@@ -0,0 +1,11 @@
+package main
+
+import (
+	"fmt"
+
+	"github.com/docker/docker/pkg/namesgenerator"
+)
+
+func main() {
+	fmt.Println(namesgenerator.GetRandomName(0))
+}
diff --git a/pkg/namesgenerator/names-generator.go b/pkg/namesgenerator/names-generator.go
new file mode 100644
index 00000000..1764fc28
--- /dev/null
+++ b/pkg/namesgenerator/names-generator.go
@@ -0,0 +1,524 @@
+package namesgenerator
+
+import (
+	"fmt"
+
+	"github.com/docker/docker/pkg/random"
+)
+
+var (
+	left = [...]string{
+		"admiring",
+		"adoring",
+		"agitated",
+		"amazing",
+		"angry",
+		"awesome",
+		"backstabbing",
+		"berserk",
+		"big",
+		"boring",
+		"clever",
+		"cocky",
+		"compassionate",
+		"condescending",
+		"cranky",
+		"desperate",
+		"determined",
+		"distracted",
+		"dreamy",
+		"drunk",
+		"ecstatic",
+		"elated",
+		"elegant",
+		"evil",
+		"fervent",
+		"focused",
+		"furious",
+		"gigantic",
+		"gloomy",
+		"goofy",
+		"grave",
+		"happy",
+		"high",
+		"hopeful",
+		"hungry",
+		"insane",
+		"jolly",
+		"jovial",
+		"kickass",
+		"lonely",
+		"loving",
+		"mad",
+		"modest",
+		"naughty",
+		"nauseous",
+		"nostalgic",
+		"pedantic",
+		"pensive",
+		"prickly",
+		"reverent",
+		"romantic",
+		"sad",
+		"serene",
+		"sharp",
+		"sick",
+		"silly",
+		"sleepy",
+		"small",
+		"stoic",
+		"stupefied",
+		"suspicious",
+		"tender",
+		"thirsty",
+		"tiny",
+		"trusting",
+	}
+
+	// Docker, starting from 0.7.x, generates names from notable scientists and hackers.
+	// Please, for any amazing man that you add to the list, consider adding an equally amazing woman to it, and vice versa.
+	right = [...]string{
+		// Muhammad ibn Jābir al-Ḥarrānī al-Battānī was a founding father of astronomy. https://en.wikipedia.org/wiki/Mu%E1%B8%A5ammad_ibn_J%C4%81bir_al-%E1%B8%A4arr%C4%81n%C4%AB_al-Batt%C4%81n%C4%AB
+		"albattani",
+
+		// Frances E. Allen, became the first female IBM Fellow in 1989. In 2006, she became the first female recipient of the ACM's Turing Award. https://en.wikipedia.org/wiki/Frances_E._Allen
+		"allen",
+
+		// June Almeida - Scottish virologist who took the first pictures of the rubella virus - https://en.wikipedia.org/wiki/June_Almeida
+		"almeida",
+
+		// Archimedes was a physicist, engineer and mathematician who invented too many things to list them here. https://en.wikipedia.org/wiki/Archimedes
+		"archimedes",
+
+		// Maria Ardinghelli - Italian translator, mathematician and physicist - https://en.wikipedia.org/wiki/Maria_Ardinghelli
+		"ardinghelli",
+
+		// Aryabhata - Ancient Indian mathematician-astronomer during 476-550 CE https://en.wikipedia.org/wiki/Aryabhata
+		"aryabhata",
+
+		// Wanda Austin - Wanda Austin is the President and CEO of The Aerospace Corporation, a leading architect for the US security space programs. https://en.wikipedia.org/wiki/Wanda_Austin
+		"austin",
+
+		// Charles Babbage invented the concept of a programmable computer. https://en.wikipedia.org/wiki/Charles_Babbage.
+		"babbage",
+
+		// Stefan Banach - Polish mathematician, was one of the founders of modern functional analysis. https://en.wikipedia.org/wiki/Stefan_Banach
+		"banach",
+
+		// John Bardeen co-invented the transistor - https://en.wikipedia.org/wiki/John_Bardeen
+		"bardeen",
+
+		// Jean Bartik, born Betty Jean Jennings, was one of the original programmers for the ENIAC computer. https://en.wikipedia.org/wiki/Jean_Bartik
+		"bartik",
+
+		// Laura Bassi, the world's first female professor https://en.wikipedia.org/wiki/Laura_Bassi
+		"bassi",
+
+		// Alexander Graham Bell - an eminent Scottish-born scientist, inventor, engineer and innovator who is credited with inventing the first practical telephone - https://en.wikipedia.org/wiki/Alexander_Graham_Bell
+		"bell",
+
+		// Homi J Bhabha - was an Indian nuclear physicist, founding director, and professor of physics at the Tata Institute of Fundamental Research. Colloquially known as "father of Indian nuclear programme"- https://en.wikipedia.org/wiki/Homi_J._Bhabha
+		"bhabha",
+
+		// Bhaskara II - Ancient Indian mathematician-astronomer whose work on calculus predates Newton and Leibniz by over half a millennium - https://en.wikipedia.org/wiki/Bh%C4%81skara_II#Calculus
+		"bhaskara",
+
+		// Elizabeth Blackwell - American doctor and first American woman to receive a medical degree - https://en.wikipedia.org/wiki/Elizabeth_Blackwell
+		"blackwell",
+
+		// Niels Bohr is the father of quantum theory. https://en.wikipedia.org/wiki/Niels_Bohr.
+		"bohr",
+
+		// Kathleen Booth, she's credited with writing the first assembly language. https://en.wikipedia.org/wiki/Kathleen_Booth
+		"booth",
+
+		// Anita Borg - Anita Borg was the founding director of the Institute for Women and Technology (IWT). https://en.wikipedia.org/wiki/Anita_Borg
+		"borg",
+
+		// Satyendra Nath Bose - He provided the foundation for Bose–Einstein statistics and the theory of the Bose–Einstein condensate. - https://en.wikipedia.org/wiki/Satyendra_Nath_Bose
+		"bose",
+
+		// Evelyn Boyd Granville - She was one of the first African-American woman to receive a Ph.D. in mathematics; she earned it in 1949 from Yale University. https://en.wikipedia.org/wiki/Evelyn_Boyd_Granville
+		"boyd",
+
+		// Brahmagupta - Ancient Indian mathematician during 598-670 CE who gave rules to compute with zero - https://en.wikipedia.org/wiki/Brahmagupta#Zero
+		"brahmagupta",
+
+		// Walter Houser Brattain co-invented the transistor - https://en.wikipedia.org/wiki/Walter_Houser_Brattain
+		"brattain",
+
+		// Emmett Brown invented time travel. https://en.wikipedia.org/wiki/Emmett_Brown (thanks Brian Goff)
+		"brown",
+
+		// Rachel Carson - American marine biologist and conservationist, her book Silent Spring and other writings are credited with advancing the global environmental movement. https://en.wikipedia.org/wiki/Rachel_Carson
+		"carson",
+
+		// Subrahmanyan Chandrasekhar - Astrophysicist known for his mathematical theory on different stages and evolution in structures of the stars. He has won nobel prize for physics - https://en.wikipedia.org/wiki/Subrahmanyan_Chandrasekhar
+		"chandrasekhar",
+
+		// Jane Colden - American botanist widely considered the first female American botanist - https://en.wikipedia.org/wiki/Jane_Colden
+		"colden",
+
+		// Gerty Theresa Cori - American biochemist who became the third woman—and first American woman—to win a Nobel Prize in science, and the first woman to be awarded the Nobel Prize in Physiology or Medicine. Cori was born in Prague. https://en.wikipedia.org/wiki/Gerty_Cori
+		"cori",
+
+		// Seymour Roger Cray was an American electrical engineer and supercomputer architect who designed a series of computers that were the fastest in the world for decades. https://en.wikipedia.org/wiki/Seymour_Cray
+		"cray",
+
+		// Marie Curie discovered radioactivity. https://en.wikipedia.org/wiki/Marie_Curie.
+		"curie",
+
+		// Charles Darwin established the principles of natural evolution. https://en.wikipedia.org/wiki/Charles_Darwin.
+		"darwin",
+
+		// Leonardo Da Vinci invented too many things to list here. https://en.wikipedia.org/wiki/Leonardo_da_Vinci.
+		"davinci",
+
+		// Edsger Wybe Dijkstra was a Dutch computer scientist and mathematical scientist. https://en.wikipedia.org/wiki/Edsger_W._Dijkstra.
+		"dijkstra",
+
+		// Donna Dubinsky - played an integral role in the development of personal digital assistants (PDAs) serving as CEO of Palm, Inc. and co-founding Handspring. https://en.wikipedia.org/wiki/Donna_Dubinsky
+		"dubinsky",
+
+		// Annie Easley - She was a leading member of the team which developed software for the Centaur rocket stage and one of the first African-Americans in her field. https://en.wikipedia.org/wiki/Annie_Easley
+		"easley",
+
+		// Albert Einstein invented the general theory of relativity. https://en.wikipedia.org/wiki/Albert_Einstein
+		"einstein",
+
+		// Gertrude Elion - American biochemist, pharmacologist and the 1988 recipient of the Nobel Prize in Medicine - https://en.wikipedia.org/wiki/Gertrude_Elion
+		"elion",
+
+		// Douglas Engelbart gave the mother of all demos: https://en.wikipedia.org/wiki/Douglas_Engelbart
+		"engelbart",
+
+		// Euclid invented geometry. https://en.wikipedia.org/wiki/Euclid
+		"euclid",
+
+		// Leonhard Euler invented large parts of modern mathematics. https://de.wikipedia.org/wiki/Leonhard_Euler
+		"euler",
+
+		// Pierre de Fermat pioneered several aspects of modern mathematics. https://en.wikipedia.org/wiki/Pierre_de_Fermat
+		"fermat",
+
+		// Enrico Fermi invented the first nuclear reactor. https://en.wikipedia.org/wiki/Enrico_Fermi.
+		"fermi",
+
+		// Richard Feynman was a key contributor to quantum mechanics and particle physics. https://en.wikipedia.org/wiki/Richard_Feynman
+		"feynman",
+
+		// Benjamin Franklin is famous for his experiments in electricity and the invention of the lightning rod.
+		"franklin",
+
+		// Galileo was a founding father of modern astronomy, and faced politics and obscurantism to establish scientific truth.  https://en.wikipedia.org/wiki/Galileo_Galilei
+		"galileo",
+
+		// William Henry "Bill" Gates III is an American business magnate, philanthropist, investor, computer programmer, and inventor. https://en.wikipedia.org/wiki/Bill_Gates
+		"gates",
+
+		// Adele Goldberg, was one of the designers and developers of the Smalltalk language. https://en.wikipedia.org/wiki/Adele_Goldberg_(computer_scientist)
+		"goldberg",
+
+		// Adele Goldstine, born Adele Katz, wrote the complete technical description for the first electronic digital computer, ENIAC. https://en.wikipedia.org/wiki/Adele_Goldstine
+		"goldstine",
+
+		// Shafi Goldwasser is a computer scientist known for creating theoretical foundations of modern cryptography. Winner of 2012 ACM Turing Award. https://en.wikipedia.org/wiki/Shafi_Goldwasser
+		"goldwasser",
+
+		// James Golick, all around gangster.
+		"golick",
+
+		// Jane Goodall - British primatologist, ethologist, and anthropologist who is considered to be the world's foremost expert on chimpanzees - https://en.wikipedia.org/wiki/Jane_Goodall
+		"goodall",
+
+		// Margaret Hamilton - Director of the Software Engineering Division of the MIT Instrumentation Laboratory, which developed on-board flight software for the Apollo space program. https://en.wikipedia.org/wiki/Margaret_Hamilton_(scientist)
+		"hamilton",
+
+		// Stephen Hawking pioneered the field of cosmology by combining general relativity and quantum mechanics. https://en.wikipedia.org/wiki/Stephen_Hawking
+		"hawking",
+
+		// Werner Heisenberg was a founding father of quantum mechanics. https://en.wikipedia.org/wiki/Werner_Heisenberg
+		"heisenberg",
+
+		// Jaroslav Heyrovský was the inventor of the polarographic method, father of the electroanalytical method, and recipient of the Nobel Prize in 1959. His main field of work was polarography. https://en.wikipedia.org/wiki/Jaroslav_Heyrovsk%C3%BD
+		"heyrovsky",
+
+		// Dorothy Hodgkin was a British biochemist, credited with the development of protein crystallography. She was awarded the Nobel Prize in Chemistry in 1964. https://en.wikipedia.org/wiki/Dorothy_Hodgkin
+		"hodgkin",
+
+		// Erna Schneider Hoover revolutionized modern communication by inventing a computerized telephon switching method. https://en.wikipedia.org/wiki/Erna_Schneider_Hoover
+		"hoover",
+
+		// Grace Hopper developed the first compiler for a computer programming language and  is credited with popularizing the term "debugging" for fixing computer glitches. https://en.wikipedia.org/wiki/Grace_Hopper
+		"hopper",
+
+		// Frances Hugle, she was an American scientist, engineer, and inventor who contributed to the understanding of semiconductors, integrated circuitry, and the unique electrical principles of microscopic materials. https://en.wikipedia.org/wiki/Frances_Hugle
+		"hugle",
+
+		// Hypatia - Greek Alexandrine Neoplatonist philosopher in Egypt who was one of the earliest mothers of mathematics - https://en.wikipedia.org/wiki/Hypatia
+		"hypatia",
+
+		// Yeong-Sil Jang was a Korean scientist and astronomer during the Joseon Dynasty; he invented the first metal printing press and water gauge. https://en.wikipedia.org/wiki/Jang_Yeong-sil
+		"jang",
+
+		// Betty Jennings - one of the original programmers of the ENIAC. https://en.wikipedia.org/wiki/ENIAC - https://en.wikipedia.org/wiki/Jean_Bartik
+		"jennings",
+
+		// Mary Lou Jepsen, was the founder and chief technology officer of One Laptop Per Child (OLPC), and the founder of Pixel Qi. https://en.wikipedia.org/wiki/Mary_Lou_Jepsen
+		"jepsen",
+
+		// Irène Joliot-Curie - French scientist who was awarded the Nobel Prize for Chemistry in 1935. Daughter of Marie and Pierre Curie. https://en.wikipedia.org/wiki/Ir%C3%A8ne_Joliot-Curie
+		"joliot",
+
+		// Karen Spärck Jones came up with the concept of inverse document frequency, which is used in most search engines today. https://en.wikipedia.org/wiki/Karen_Sp%C3%A4rck_Jones
+		"jones",
+
+		// A. P. J. Abdul Kalam - is an Indian scientist aka Missile Man of India for his work on the development of ballistic missile and launch vehicle technology - https://en.wikipedia.org/wiki/A._P._J._Abdul_Kalam
+		"kalam",
+
+		// Susan Kare, created the icons and many of the interface elements for the original Apple Macintosh in the 1980s, and was an original employee of NeXT, working as the Creative Director. https://en.wikipedia.org/wiki/Susan_Kare
+		"kare",
+
+		// Mary Kenneth Keller, Sister Mary Kenneth Keller became the first American woman to earn a PhD in Computer Science in 1965. https://en.wikipedia.org/wiki/Mary_Kenneth_Keller
+		"keller",
+
+		// Har Gobind Khorana - Indian-American biochemist who shared the 1968 Nobel Prize for Physiology - https://en.wikipedia.org/wiki/Har_Gobind_Khorana
+		"khorana",
+
+		// Jack Kilby invented silicone integrated circuits and gave Silicon Valley its name. - https://en.wikipedia.org/wiki/Jack_Kilby
+		"kilby",
+
+		// Maria Kirch - German astronomer and first woman to discover a comet - https://en.wikipedia.org/wiki/Maria_Margarethe_Kirch
+		"kirch",
+
+		// Donald Knuth - American computer scientist, author of "The Art of Computer Programming" and creator of the TeX typesetting system. https://en.wikipedia.org/wiki/Donald_Knuth
+		"knuth",
+
+		// Sophie Kowalevski - Russian mathematician responsible for important original contributions to analysis, differential equations and mechanics - https://en.wikipedia.org/wiki/Sofia_Kovalevskaya
+		"kowalevski",
+
+		// Marie-Jeanne de Lalande - French astronomer, mathematician and cataloguer of stars - https://en.wikipedia.org/wiki/Marie-Jeanne_de_Lalande
+		"lalande",
+
+		// Hedy Lamarr - Actress and inventor. The principles of her work are now incorporated into modern Wi-Fi, CDMA and Bluetooth technology. https://en.wikipedia.org/wiki/Hedy_Lamarr
+		"lamarr",
+
+		// Mary Leakey - British paleoanthropologist who discovered the first fossilized Proconsul skull - https://en.wikipedia.org/wiki/Mary_Leakey
+		"leakey",
+
+		// Henrietta Swan Leavitt - she was an American astronomer who discovered the relation between the luminosity and the period of Cepheid variable stars. https://en.wikipedia.org/wiki/Henrietta_Swan_Leavitt
+		"leavitt",
+
+		// Ruth Lichterman - one of the original programmers of the ENIAC. https://en.wikipedia.org/wiki/ENIAC - https://en.wikipedia.org/wiki/Ruth_Teitelbaum
+		"lichterman",
+
+		// Barbara Liskov - co-developed the Liskov substitution principle. Liskov was also the winner of the Turing Prize in 2008. - https://en.wikipedia.org/wiki/Barbara_Liskov
+		"liskov",
+
+		// Ada Lovelace invented the first algorithm. https://en.wikipedia.org/wiki/Ada_Lovelace (thanks James Turnbull)
+		"lovelace",
+
+		// Auguste and Louis Lumière - the first filmmakers in history - https://en.wikipedia.org/wiki/Auguste_and_Louis_Lumi%C3%A8re
+		"lumiere",
+
+		// Mahavira - Ancient Indian mathematician during 9th century AD who discovered basic algebraic identities - https://en.wikipedia.org/wiki/Mah%C4%81v%C4%ABra_(mathematician)
+		"mahavira",
+
+		// Maria Mayer - American theoretical physicist and Nobel laureate in Physics for proposing the nuclear shell model of the atomic nucleus - https://en.wikipedia.org/wiki/Maria_Mayer
+		"mayer",
+
+		// John McCarthy invented LISP: https://en.wikipedia.org/wiki/John_McCarthy_(computer_scientist)
+		"mccarthy",
+
+		// Barbara McClintock - a distinguished American cytogeneticist, 1983 Nobel Laureate in Physiology or Medicine for discovering transposons. https://en.wikipedia.org/wiki/Barbara_McClintock
+		"mcclintock",
+
+		// Malcolm McLean invented the modern shipping container: https://en.wikipedia.org/wiki/Malcom_McLean
+		"mclean",
+
+		// Kay McNulty - one of the original programmers of the ENIAC. https://en.wikipedia.org/wiki/ENIAC - https://en.wikipedia.org/wiki/Kathleen_Antonelli
+		"mcnulty",
+
+		// Lise Meitner - Austrian/Swedish physicist who was involved in the discovery of nuclear fission. The element meitnerium is named after her - https://en.wikipedia.org/wiki/Lise_Meitner
+		"meitner",
+
+		// Carla Meninsky, was the game designer and programmer for Atari 2600 games Dodge 'Em and Warlords. https://en.wikipedia.org/wiki/Carla_Meninsky
+		"meninsky",
+
+		// Johanna Mestorf - German prehistoric archaeologist and first female museum director in Germany - https://en.wikipedia.org/wiki/Johanna_Mestorf
+		"mestorf",
+
+		// Marvin Minsky - Pioneer in Artificial Intelligence, co-founder of the MIT's AI Lab, won the Turing Award in 1969. https://en.wikipedia.org/wiki/Marvin_Minsky
+		"minsky",
+
+		// Maryam Mirzakhani - an Iranian mathematician and the first woman to win the Fields Medal. https://en.wikipedia.org/wiki/Maryam_Mirzakhani
+		"mirzakhani",
+
+		// Samuel Morse - contributed to the invention of a single-wire telegraph system based on European telegraphs and was a co-developer of the Morse code - https://en.wikipedia.org/wiki/Samuel_Morse
+		"morse",
+
+		// Ian Murdock - founder of the Debian project - https://en.wikipedia.org/wiki/Ian_Murdock
+		"murdock",
+
+		// Isaac Newton invented classic mechanics and modern optics. https://en.wikipedia.org/wiki/Isaac_Newton
+		"newton",
+
+		// Alfred Nobel - a Swedish chemist, engineer, innovator, and armaments manufacturer (inventor of dynamite) - https://en.wikipedia.org/wiki/Alfred_Nobel
+		"nobel",
+
+		// Emmy Noether, German mathematician. Noether's Theorem is named after her. https://en.wikipedia.org/wiki/Emmy_Noether
+		"noether",
+
+		// Poppy Northcutt. Poppy Northcutt was the first woman to work as part of NASA’s Mission Control. http://www.businessinsider.com/poppy-northcutt-helped-apollo-astronauts-2014-12?op=1
+		"northcutt",
+
+		// Robert Noyce invented silicone integrated circuits and gave Silicon Valley its name. - https://en.wikipedia.org/wiki/Robert_Noyce
+		"noyce",
+
+		// Panini - Ancient Indian linguist and grammarian from 4th century CE who worked on the world's first formal system - https://en.wikipedia.org/wiki/P%C4%81%E1%B9%87ini#Comparison_with_modern_formal_systems
+		"panini",
+
+		// Ambroise Pare invented modern surgery. https://en.wikipedia.org/wiki/Ambroise_Par%C3%A9
+		"pare",
+
+		// Louis Pasteur discovered vaccination, fermentation and pasteurization. https://en.wikipedia.org/wiki/Louis_Pasteur.
+		"pasteur",
+
+		// Cecilia Payne-Gaposchkin was an astronomer and astrophysicist who, in 1925, proposed in her Ph.D. thesis an explanation for the composition of stars in terms of the relative abundances of hydrogen and helium. https://en.wikipedia.org/wiki/Cecilia_Payne-Gaposchkin
+		"payne",
+
+		// Radia Perlman is a software designer and network engineer and most famous for her invention of the spanning-tree protocol (STP). https://en.wikipedia.org/wiki/Radia_Perlman
+		"perlman",
+
+		// Rob Pike was a key contributor to Unix, Plan 9, the X graphic system, utf-8, and the Go programming language. https://en.wikipedia.org/wiki/Rob_Pike
+		"pike",
+
+		// Henri Poincaré made fundamental contributions in several fields of mathematics. https://en.wikipedia.org/wiki/Henri_Poincar%C3%A9
+		"poincare",
+
+		// Laura Poitras is a director and producer whose work, made possible by open source crypto tools, advances the causes of truth and freedom of information by reporting disclosures by whistleblowers such as Edward Snowden. https://en.wikipedia.org/wiki/Laura_Poitras
+		"poitras",
+
+		// Claudius Ptolemy - a Greco-Egyptian writer of Alexandria, known as a mathematician, astronomer, geographer, astrologer, and poet of a single epigram in the Greek Anthology - https://en.wikipedia.org/wiki/Ptolemy
+		"ptolemy",
+
+		// C. V. Raman - Indian physicist who won the Nobel Prize in 1930 for proposing the Raman effect. - https://en.wikipedia.org/wiki/C._V._Raman
+		"raman",
+
+		// Srinivasa Ramanujan - Indian mathematician and autodidact who made extraordinary contributions to mathematical analysis, number theory, infinite series, and continued fractions. - https://en.wikipedia.org/wiki/Srinivasa_Ramanujan
+		"ramanujan",
+
+		// Sally Kristen Ride was an American physicist and astronaut. She was the first American woman in space, and the youngest American astronaut. https://en.wikipedia.org/wiki/Sally_Ride
+		"ride",
+
+		// Dennis Ritchie - co-creator of UNIX and the C programming language. - https://en.wikipedia.org/wiki/Dennis_Ritchie
+		"ritchie",
+
+		// Wilhelm Conrad Röntgen - German physicist who was awarded the first Nobel Prize in Physics in 1901 for the discovery of X-rays (Röntgen rays). https://en.wikipedia.org/wiki/Wilhelm_R%C3%B6ntgen
+		"roentgen",
+
+		// Rosalind Franklin - British biophysicist and X-ray crystallographer whose research was critical to the understanding of DNA - https://en.wikipedia.org/wiki/Rosalind_Franklin
+		"rosalind",
+
+		// Meghnad Saha - Indian astrophysicist best known for his development of the Saha equation, used to describe chemical and physical conditions in stars - https://en.wikipedia.org/wiki/Meghnad_Saha
+		"saha",
+
+		// Jean E. Sammet developed FORMAC, the first widely used computer language for symbolic manipulation of mathematical formulas. https://en.wikipedia.org/wiki/Jean_E._Sammet
+		"sammet",
+
+		// Carol Shaw - Originally an Atari employee, Carol Shaw is said to be the first female video game designer. https://en.wikipedia.org/wiki/Carol_Shaw_(video_game_designer)
+		"shaw",
+
+		// Dame Stephanie "Steve" Shirley - Founded a software company in 1962 employing women working from home. https://en.wikipedia.org/wiki/Steve_Shirley
+		"shirley",
+
+		// William Shockley co-invented the transistor - https://en.wikipedia.org/wiki/William_Shockley
+		"shockley",
+
+		// Françoise Barré-Sinoussi - French virologist and Nobel Prize Laureate in Physiology or Medicine; her work was fundamental in identifying HIV as the cause of AIDS. https://en.wikipedia.org/wiki/Fran%C3%A7oise_Barr%C3%A9-Sinoussi
+		"sinoussi",
+
+		// Betty Snyder - one of the original programmers of the ENIAC. https://en.wikipedia.org/wiki/ENIAC - https://en.wikipedia.org/wiki/Betty_Holberton
+		"snyder",
+
+		// Frances Spence - one of the original programmers of the ENIAC. https://en.wikipedia.org/wiki/ENIAC - https://en.wikipedia.org/wiki/Frances_Spence
+		"spence",
+
+		// Richard Matthew Stallman - the founder of the Free Software movement, the GNU project, the Free Software Foundation, and the League for Programming Freedom. He also invented the concept of copyleft to protect the ideals of this movement, and enshrined this concept in the widely-used GPL (General Public License) for software. https://en.wikiquote.org/wiki/Richard_Stallman
+		"stallman",
+
+		// Michael Stonebraker is a database research pioneer and architect of Ingres, Postgres, VoltDB and SciDB. Winner of 2014 ACM Turing Award. https://en.wikipedia.org/wiki/Michael_Stonebraker
+		"stonebraker",
+
+		// Janese Swanson (with others) developed the first of the Carmen Sandiego games. She went on to found Girl Tech. https://en.wikipedia.org/wiki/Janese_Swanson
+		"swanson",
+
+		// Aaron Swartz was influential in creating RSS, Markdown, Creative Commons, Reddit, and much of the internet as we know it today. He was devoted to freedom of information on the web. https://en.wikiquote.org/wiki/Aaron_Swartz
+		"swartz",
+
+		// Bertha Swirles was a theoretical physicist who made a number of contributions to early quantum theory. https://en.wikipedia.org/wiki/Bertha_Swirles
+		"swirles",
+
+		// Nikola Tesla invented the AC electric system and every gadget ever used by a James Bond villain. https://en.wikipedia.org/wiki/Nikola_Tesla
+		"tesla",
+
+		// Ken Thompson - co-creator of UNIX and the C programming language - https://en.wikipedia.org/wiki/Ken_Thompson
+		"thompson",
+
+		// Linus Torvalds invented Linux and Git. https://en.wikipedia.org/wiki/Linus_Torvalds
+		"torvalds",
+
+		// Alan Turing was a founding father of computer science. https://en.wikipedia.org/wiki/Alan_Turing.
+		"turing",
+
+		// Varahamihira - Ancient Indian mathematician who discovered trigonometric formulae during 505-587 CE - https://en.wikipedia.org/wiki/Var%C4%81hamihira#Contributions
+		"varahamihira",
+
+		// Sir Mokshagundam Visvesvaraya - is a notable Indian engineer.  He is a recipient of the Indian Republic's highest honour, the Bharat Ratna, in 1955. On his birthday, 15 September is celebrated as Engineer's Day in India in his memory - https://en.wikipedia.org/wiki/Visvesvaraya
+		"visvesvaraya",
+
+		// Christiane Nüsslein-Volhard - German biologist, won Nobel Prize in Physiology or Medicine in 1995 for research on the genetic control of embryonic development. https://en.wikipedia.org/wiki/Christiane_N%C3%BCsslein-Volhard
+		"volhard",
+
+		// Marlyn Wescoff - one of the original programmers of the ENIAC. https://en.wikipedia.org/wiki/ENIAC - https://en.wikipedia.org/wiki/Marlyn_Meltzer
+		"wescoff",
+
+		// Roberta Williams, did pioneering work in graphical adventure games for personal computers, particularly the King's Quest series. https://en.wikipedia.org/wiki/Roberta_Williams
+		"williams",
+
+		// Sophie Wilson designed the first Acorn Micro-Computer and the instruction set for ARM processors. https://en.wikipedia.org/wiki/Sophie_Wilson
+		"wilson",
+
+		// Jeannette Wing - co-developed the Liskov substitution principle. - https://en.wikipedia.org/wiki/Jeannette_Wing
+		"wing",
+
+		// Steve Wozniak invented the Apple I and Apple II. https://en.wikipedia.org/wiki/Steve_Wozniak
+		"wozniak",
+
+		// The Wright brothers, Orville and Wilbur - credited with inventing and building the world's first successful airplane and making the first controlled, powered and sustained heavier-than-air human flight - https://en.wikipedia.org/wiki/Wright_brothers
+		"wright",
+
+		// Rosalyn Sussman Yalow - Rosalyn Sussman Yalow was an American medical physicist, and a co-winner of the 1977 Nobel Prize in Physiology or Medicine for development of the radioimmunoassay technique. https://en.wikipedia.org/wiki/Rosalyn_Sussman_Yalow
+		"yalow",
+
+		// Ada Yonath - an Israeli crystallographer, the first woman from the Middle East to win a Nobel prize in the sciences. https://en.wikipedia.org/wiki/Ada_Yonath
+		"yonath",
+	}
+)
+
+// GetRandomName generates a random name from the list of adjectives and surnames in this package
+// formatted as "adjective_surname". For example 'focused_turing'. If retry is non-zero, a random
+// integer between 0 and 10 will be added to the end of the name, e.g `focused_turing3`
+func GetRandomName(retry int) string {
+	rnd := random.Rand
+begin:
+	name := fmt.Sprintf("%s_%s", left[rnd.Intn(len(left))], right[rnd.Intn(len(right))])
+	if name == "boring_wozniak" /* Steve Wozniak is not boring */ {
+		goto begin
+	}
+
+	if retry > 0 {
+		name = fmt.Sprintf("%s%d", name, rnd.Intn(10))
+	}
+	return name
+}
diff --git a/pkg/namesgenerator/names-generator_test.go b/pkg/namesgenerator/names-generator_test.go
new file mode 100644
index 00000000..f7dae276
--- /dev/null
+++ b/pkg/namesgenerator/names-generator_test.go
@@ -0,0 +1,45 @@
+package namesgenerator
+
+import (
+	"strings"
+	"testing"
+)
+
+// Make sure the generated names are awesome
+func TestGenerateAwesomeNames(t *testing.T) {
+	name := GetRandomName(0)
+	if !isAwesome(name) {
+		t.Fatalf("Generated name '%s' is not awesome.", name)
+	}
+}
+
+func TestNameFormat(t *testing.T) {
+	name := GetRandomName(0)
+	if !strings.Contains(name, "_") {
+		t.Fatalf("Generated name does not contain an underscore")
+	}
+	if strings.ContainsAny(name, "0123456789") {
+		t.Fatalf("Generated name contains numbers!")
+	}
+}
+
+func TestNameRetries(t *testing.T) {
+	name := GetRandomName(1)
+	if !strings.Contains(name, "_") {
+		t.Fatalf("Generated name does not contain an underscore")
+	}
+	if !strings.ContainsAny(name, "0123456789") {
+		t.Fatalf("Generated name doesn't contain a number")
+	}
+
+}
+
+// To be awesome, a container name must involve cool inventors, be easy to remember,
+// be at least mildly funny, and always be politically correct for enterprise adoption.
+func isAwesome(name string) bool {
+	coolInventorNames := true
+	easyToRemember := true
+	mildlyFunnyOnOccasion := true
+	politicallyCorrect := true
+	return coolInventorNames && easyToRemember && mildlyFunnyOnOccasion && politicallyCorrect
+}
diff --git a/pkg/parsers/kernel/kernel.go b/pkg/parsers/kernel/kernel.go
new file mode 100644
index 00000000..a21ba137
--- /dev/null
+++ b/pkg/parsers/kernel/kernel.go
@@ -0,0 +1,100 @@
+// +build !windows
+
+// Package kernel provides helper function to get, parse and compare kernel
+// versions for different platforms.
+package kernel
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+)
+
+// VersionInfo holds information about the kernel.
+type VersionInfo struct {
+	Kernel int    // Version of the kernel (e.g. 4.1.2-generic -> 4)
+	Major  int    // Major part of the kernel version (e.g. 4.1.2-generic -> 1)
+	Minor  int    // Minor part of the kernel version (e.g. 4.1.2-generic -> 2)
+	Flavor string // Flavor of the kernel version (e.g. 4.1.2-generic -> generic)
+}
+
+func (k *VersionInfo) String() string {
+	return fmt.Sprintf("%d.%d.%d%s", k.Kernel, k.Major, k.Minor, k.Flavor)
+}
+
+// CompareKernelVersion compares two kernel.VersionInfo structs.
+// Returns -1 if a < b, 0 if a == b, 1 it a > b
+func CompareKernelVersion(a, b VersionInfo) int {
+	if a.Kernel < b.Kernel {
+		return -1
+	} else if a.Kernel > b.Kernel {
+		return 1
+	}
+
+	if a.Major < b.Major {
+		return -1
+	} else if a.Major > b.Major {
+		return 1
+	}
+
+	if a.Minor < b.Minor {
+		return -1
+	} else if a.Minor > b.Minor {
+		return 1
+	}
+
+	return 0
+}
+
+// GetKernelVersion gets the current kernel version.
+func GetKernelVersion() (*VersionInfo, error) {
+	var (
+		err error
+	)
+
+	uts, err := uname()
+	if err != nil {
+		return nil, err
+	}
+
+	release := make([]byte, len(uts.Release))
+
+	i := 0
+	for _, c := range uts.Release {
+		release[i] = byte(c)
+		i++
+	}
+
+	// Remove the \x00 from the release for Atoi to parse correctly
+	release = release[:bytes.IndexByte(release, 0)]
+
+	return ParseRelease(string(release))
+}
+
+// ParseRelease parses a string and creates a VersionInfo based on it.
+func ParseRelease(release string) (*VersionInfo, error) {
+	var (
+		kernel, major, minor, parsed int
+		flavor, partial              string
+	)
+
+	// Ignore error from Sscanf to allow an empty flavor.  Instead, just
+	// make sure we got all the version numbers.
+	parsed, _ = fmt.Sscanf(release, "%d.%d%s", &kernel, &major, &partial)
+	if parsed < 2 {
+		return nil, errors.New("Can't parse kernel version " + release)
+	}
+
+	// sometimes we have 3.12.25-gentoo, but sometimes we just have 3.12-1-amd64
+	parsed, _ = fmt.Sscanf(partial, ".%d%s", &minor, &flavor)
+	if parsed < 1 {
+		flavor = partial
+	}
+
+	return &VersionInfo{
+		Kernel: kernel,
+		Major:  major,
+		Minor:  minor,
+		Flavor: flavor,
+	}, nil
+}
diff --git a/pkg/parsers/kernel/kernel_unix_test.go b/pkg/parsers/kernel/kernel_unix_test.go
new file mode 100644
index 00000000..dc8c0e30
--- /dev/null
+++ b/pkg/parsers/kernel/kernel_unix_test.go
@@ -0,0 +1,96 @@
+// +build !windows
+
+package kernel
+
+import (
+	"fmt"
+	"testing"
+)
+
+func assertParseRelease(t *testing.T, release string, b *VersionInfo, result int) {
+	var (
+		a *VersionInfo
+	)
+	a, _ = ParseRelease(release)
+
+	if r := CompareKernelVersion(*a, *b); r != result {
+		t.Fatalf("Unexpected kernel version comparison result for (%v,%v). Found %d, expected %d", release, b, r, result)
+	}
+	if a.Flavor != b.Flavor {
+		t.Fatalf("Unexpected parsed kernel flavor.  Found %s, expected %s", a.Flavor, b.Flavor)
+	}
+}
+
+// TestParseRelease tests the ParseRelease() function
+func TestParseRelease(t *testing.T) {
+	assertParseRelease(t, "3.8.0", &VersionInfo{Kernel: 3, Major: 8, Minor: 0}, 0)
+	assertParseRelease(t, "3.4.54.longterm-1", &VersionInfo{Kernel: 3, Major: 4, Minor: 54, Flavor: ".longterm-1"}, 0)
+	assertParseRelease(t, "3.4.54.longterm-1", &VersionInfo{Kernel: 3, Major: 4, Minor: 54, Flavor: ".longterm-1"}, 0)
+	assertParseRelease(t, "3.8.0-19-generic", &VersionInfo{Kernel: 3, Major: 8, Minor: 0, Flavor: "-19-generic"}, 0)
+	assertParseRelease(t, "3.12.8tag", &VersionInfo{Kernel: 3, Major: 12, Minor: 8, Flavor: "tag"}, 0)
+	assertParseRelease(t, "3.12-1-amd64", &VersionInfo{Kernel: 3, Major: 12, Minor: 0, Flavor: "-1-amd64"}, 0)
+	assertParseRelease(t, "3.8.0", &VersionInfo{Kernel: 4, Major: 8, Minor: 0}, -1)
+	// Errors
+	invalids := []string{
+		"3",
+		"a",
+		"a.a",
+		"a.a.a-a",
+	}
+	for _, invalid := range invalids {
+		expectedMessage := fmt.Sprintf("Can't parse kernel version %v", invalid)
+		if _, err := ParseRelease(invalid); err == nil || err.Error() != expectedMessage {
+
+		}
+	}
+}
+
+func assertKernelVersion(t *testing.T, a, b VersionInfo, result int) {
+	if r := CompareKernelVersion(a, b); r != result {
+		t.Fatalf("Unexpected kernel version comparison result. Found %d, expected %d", r, result)
+	}
+}
+
+// TestCompareKernelVersion tests the CompareKernelVersion() function
+func TestCompareKernelVersion(t *testing.T) {
+	assertKernelVersion(t,
+		VersionInfo{Kernel: 3, Major: 8, Minor: 0},
+		VersionInfo{Kernel: 3, Major: 8, Minor: 0},
+		0)
+	assertKernelVersion(t,
+		VersionInfo{Kernel: 2, Major: 6, Minor: 0},
+		VersionInfo{Kernel: 3, Major: 8, Minor: 0},
+		-1)
+	assertKernelVersion(t,
+		VersionInfo{Kernel: 3, Major: 8, Minor: 0},
+		VersionInfo{Kernel: 2, Major: 6, Minor: 0},
+		1)
+	assertKernelVersion(t,
+		VersionInfo{Kernel: 3, Major: 8, Minor: 0},
+		VersionInfo{Kernel: 3, Major: 8, Minor: 0},
+		0)
+	assertKernelVersion(t,
+		VersionInfo{Kernel: 3, Major: 8, Minor: 5},
+		VersionInfo{Kernel: 3, Major: 8, Minor: 0},
+		1)
+	assertKernelVersion(t,
+		VersionInfo{Kernel: 3, Major: 0, Minor: 20},
+		VersionInfo{Kernel: 3, Major: 8, Minor: 0},
+		-1)
+	assertKernelVersion(t,
+		VersionInfo{Kernel: 3, Major: 7, Minor: 20},
+		VersionInfo{Kernel: 3, Major: 8, Minor: 0},
+		-1)
+	assertKernelVersion(t,
+		VersionInfo{Kernel: 3, Major: 8, Minor: 20},
+		VersionInfo{Kernel: 3, Major: 7, Minor: 0},
+		1)
+	assertKernelVersion(t,
+		VersionInfo{Kernel: 3, Major: 8, Minor: 20},
+		VersionInfo{Kernel: 3, Major: 8, Minor: 0},
+		1)
+	assertKernelVersion(t,
+		VersionInfo{Kernel: 3, Major: 8, Minor: 0},
+		VersionInfo{Kernel: 3, Major: 8, Minor: 20},
+		-1)
+}
diff --git a/pkg/parsers/kernel/kernel_windows.go b/pkg/parsers/kernel/kernel_windows.go
new file mode 100644
index 00000000..85ca250c
--- /dev/null
+++ b/pkg/parsers/kernel/kernel_windows.go
@@ -0,0 +1,67 @@
+package kernel
+
+import (
+	"fmt"
+	"syscall"
+	"unsafe"
+)
+
+// VersionInfo holds information about the kernel.
+type VersionInfo struct {
+	kvi   string // Version of the kernel (e.g. 6.1.7601.17592 -> 6)
+	major int    // Major part of the kernel version (e.g. 6.1.7601.17592 -> 1)
+	minor int    // Minor part of the kernel version (e.g. 6.1.7601.17592 -> 7601)
+	build int    // Build number of the kernel version (e.g. 6.1.7601.17592 -> 17592)
+}
+
+func (k *VersionInfo) String() string {
+	return fmt.Sprintf("%d.%d %d (%s)", k.major, k.minor, k.build, k.kvi)
+}
+
+// GetKernelVersion gets the current kernel version.
+func GetKernelVersion() (*VersionInfo, error) {
+
+	var (
+		h         syscall.Handle
+		dwVersion uint32
+		err       error
+	)
+
+	KVI := &VersionInfo{"Unknown", 0, 0, 0}
+
+	if err = syscall.RegOpenKeyEx(syscall.HKEY_LOCAL_MACHINE,
+		syscall.StringToUTF16Ptr(`SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\`),
+		0,
+		syscall.KEY_READ,
+		&h); err != nil {
+		return KVI, err
+	}
+	defer syscall.RegCloseKey(h)
+
+	var buf [1 << 10]uint16
+	var typ uint32
+	n := uint32(len(buf) * 2) // api expects array of bytes, not uint16
+
+	if err = syscall.RegQueryValueEx(h,
+		syscall.StringToUTF16Ptr("BuildLabEx"),
+		nil,
+		&typ,
+		(*byte)(unsafe.Pointer(&buf[0])),
+		&n); err != nil {
+		return KVI, err
+	}
+
+	KVI.kvi = syscall.UTF16ToString(buf[:])
+
+	// Important - docker.exe MUST be manifested for this API to return
+	// the correct information.
+	if dwVersion, err = syscall.GetVersion(); err != nil {
+		return KVI, err
+	}
+
+	KVI.major = int(dwVersion & 0xFF)
+	KVI.minor = int((dwVersion & 0XFF00) >> 8)
+	KVI.build = int((dwVersion & 0xFFFF0000) >> 16)
+
+	return KVI, nil
+}
diff --git a/pkg/parsers/kernel/uname_linux.go b/pkg/parsers/kernel/uname_linux.go
new file mode 100644
index 00000000..7d12fcbd
--- /dev/null
+++ b/pkg/parsers/kernel/uname_linux.go
@@ -0,0 +1,19 @@
+package kernel
+
+import (
+	"syscall"
+)
+
+// Utsname represents the system name structure.
+// It is passthgrouh for syscall.Utsname in order to make it portable with
+// other platforms where it is not available.
+type Utsname syscall.Utsname
+
+func uname() (*syscall.Utsname, error) {
+	uts := &syscall.Utsname{}
+
+	if err := syscall.Uname(uts); err != nil {
+		return nil, err
+	}
+	return uts, nil
+}
diff --git a/pkg/parsers/kernel/uname_unsupported.go b/pkg/parsers/kernel/uname_unsupported.go
new file mode 100644
index 00000000..79c66b32
--- /dev/null
+++ b/pkg/parsers/kernel/uname_unsupported.go
@@ -0,0 +1,18 @@
+// +build !linux
+
+package kernel
+
+import (
+	"errors"
+)
+
+// Utsname represents the system name structure.
+// It is defined here to make it portable as it is available on linux but not
+// on windows.
+type Utsname struct {
+	Release [65]byte
+}
+
+func uname() (*Utsname, error) {
+	return nil, errors.New("Kernel version detection is available only on linux")
+}
diff --git a/pkg/parsers/operatingsystem/operatingsystem_freebsd.go b/pkg/parsers/operatingsystem/operatingsystem_freebsd.go
new file mode 100644
index 00000000..0589cf2a
--- /dev/null
+++ b/pkg/parsers/operatingsystem/operatingsystem_freebsd.go
@@ -0,0 +1,18 @@
+package operatingsystem
+
+import (
+	"errors"
+)
+
+// GetOperatingSystem gets the name of the current operating system.
+func GetOperatingSystem() (string, error) {
+	// TODO: Implement OS detection
+	return "", errors.New("Cannot detect OS version")
+}
+
+// IsContainerized returns true if we are running inside a container.
+// No-op on FreeBSD, always returns false.
+func IsContainerized() (bool, error) {
+	// TODO: Implement jail detection
+	return false, errors.New("Cannot detect if we are in container")
+}
diff --git a/pkg/parsers/operatingsystem/operatingsystem_linux.go b/pkg/parsers/operatingsystem/operatingsystem_linux.go
new file mode 100644
index 00000000..e04a3499
--- /dev/null
+++ b/pkg/parsers/operatingsystem/operatingsystem_linux.go
@@ -0,0 +1,77 @@
+// Package operatingsystem provides helper function to get the operating system
+// name for different platforms.
+package operatingsystem
+
+import (
+	"bufio"
+	"bytes"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"strings"
+
+	"github.com/mattn/go-shellwords"
+)
+
+var (
+	// file to use to detect if the daemon is running in a container
+	proc1Cgroup = "/proc/1/cgroup"
+
+	// file to check to determine Operating System
+	etcOsRelease = "/etc/os-release"
+
+	// used by stateless systems like Clear Linux
+	altOsRelease = "/usr/lib/os-release"
+)
+
+// GetOperatingSystem gets the name of the current operating system.
+func GetOperatingSystem() (string, error) {
+	osReleaseFile, err := os.Open(etcOsRelease)
+	if err != nil {
+		if !os.IsNotExist(err) {
+			return "", fmt.Errorf("Error opening %s: %v", etcOsRelease, err)
+		}
+		osReleaseFile, err = os.Open(altOsRelease)
+		if err != nil {
+			return "", fmt.Errorf("Error opening %s: %v", altOsRelease, err)
+		}
+	}
+	defer osReleaseFile.Close()
+
+	var prettyName string
+	scanner := bufio.NewScanner(osReleaseFile)
+	for scanner.Scan() {
+		line := scanner.Text()
+		if strings.HasPrefix(line, "PRETTY_NAME=") {
+			data := strings.SplitN(line, "=", 2)
+			prettyNames, err := shellwords.Parse(data[1])
+			if err != nil {
+				return "", fmt.Errorf("PRETTY_NAME is invalid: %s", err.Error())
+			}
+			if len(prettyNames) != 1 {
+				return "", fmt.Errorf("PRETTY_NAME needs to be enclosed by quotes if they have spaces: %s", data[1])
+			}
+			prettyName = prettyNames[0]
+		}
+	}
+	if prettyName != "" {
+		return prettyName, nil
+	}
+	// If not set, defaults to PRETTY_NAME="Linux"
+	// c.f. http://www.freedesktop.org/software/systemd/man/os-release.html
+	return "Linux", nil
+}
+
+// IsContainerized returns true if we are running inside a container.
+func IsContainerized() (bool, error) {
+	b, err := ioutil.ReadFile(proc1Cgroup)
+	if err != nil {
+		return false, err
+	}
+	for _, line := range bytes.Split(b, []byte{'\n'}) {
+		if len(line) > 0 && !bytes.HasSuffix(line, []byte{'/'}) && !bytes.HasSuffix(line, []byte("init.scope")) {
+			return true, nil
+		}
+	}
+	return false, nil
+}
diff --git a/pkg/parsers/operatingsystem/operatingsystem_unix_test.go b/pkg/parsers/operatingsystem/operatingsystem_unix_test.go
new file mode 100644
index 00000000..e7120c65
--- /dev/null
+++ b/pkg/parsers/operatingsystem/operatingsystem_unix_test.go
@@ -0,0 +1,247 @@
+// +build linux freebsd
+
+package operatingsystem
+
+import (
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"testing"
+)
+
+func TestGetOperatingSystem(t *testing.T) {
+	var backup = etcOsRelease
+
+	invalids := []struct {
+		content       string
+		errorExpected string
+	}{
+		{
+			`PRETTY_NAME=Source Mage GNU/Linux
+PRETTY_NAME=Ubuntu 14.04.LTS`,
+			"PRETTY_NAME needs to be enclosed by quotes if they have spaces: Source Mage GNU/Linux",
+		},
+		{
+			`PRETTY_NAME="Ubuntu Linux
+PRETTY_NAME=Ubuntu 14.04.LTS`,
+			"PRETTY_NAME is invalid: invalid command line string",
+		},
+		{
+			`PRETTY_NAME=Ubuntu'
+PRETTY_NAME=Ubuntu 14.04.LTS`,
+			"PRETTY_NAME is invalid: invalid command line string",
+		},
+		{
+			`PRETTY_NAME'
+PRETTY_NAME=Ubuntu 14.04.LTS`,
+			"PRETTY_NAME needs to be enclosed by quotes if they have spaces: Ubuntu 14.04.LTS",
+		},
+	}
+
+	valids := []struct {
+		content  string
+		expected string
+	}{
+		{
+			`NAME="Ubuntu"
+PRETTY_NAME_AGAIN="Ubuntu 14.04.LTS"
+VERSION="14.04, Trusty Tahr"
+ID=ubuntu
+ID_LIKE=debian
+VERSION_ID="14.04"
+HOME_URL="http://www.ubuntu.com/"
+SUPPORT_URL="http://help.ubuntu.com/"
+BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"`,
+			"Linux",
+		},
+		{
+			`NAME="Ubuntu"
+VERSION="14.04, Trusty Tahr"
+ID=ubuntu
+ID_LIKE=debian
+VERSION_ID="14.04"
+HOME_URL="http://www.ubuntu.com/"
+SUPPORT_URL="http://help.ubuntu.com/"
+BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"`,
+			"Linux",
+		},
+		{
+			`NAME=Gentoo
+ID=gentoo
+PRETTY_NAME="Gentoo/Linux"
+ANSI_COLOR="1;32"
+HOME_URL="http://www.gentoo.org/"
+SUPPORT_URL="http://www.gentoo.org/main/en/support.xml"
+BUG_REPORT_URL="https://bugs.gentoo.org/"
+`,
+			"Gentoo/Linux",
+		},
+		{
+			`NAME="Ubuntu"
+VERSION="14.04, Trusty Tahr"
+ID=ubuntu
+ID_LIKE=debian
+PRETTY_NAME="Ubuntu 14.04 LTS"
+VERSION_ID="14.04"
+HOME_URL="http://www.ubuntu.com/"
+SUPPORT_URL="http://help.ubuntu.com/"
+BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"`,
+			"Ubuntu 14.04 LTS",
+		},
+		{
+			`NAME="Ubuntu"
+VERSION="14.04, Trusty Tahr"
+ID=ubuntu
+ID_LIKE=debian
+PRETTY_NAME='Ubuntu 14.04 LTS'`,
+			"Ubuntu 14.04 LTS",
+		},
+		{
+			`PRETTY_NAME=Source
+NAME="Source Mage"`,
+			"Source",
+		},
+		{
+			`PRETTY_NAME=Source
+PRETTY_NAME="Source Mage"`,
+			"Source Mage",
+		},
+	}
+
+	dir := os.TempDir()
+	etcOsRelease = filepath.Join(dir, "etcOsRelease")
+
+	defer func() {
+		os.Remove(etcOsRelease)
+		etcOsRelease = backup
+	}()
+
+	for _, elt := range invalids {
+		if err := ioutil.WriteFile(etcOsRelease, []byte(elt.content), 0600); err != nil {
+			t.Fatalf("failed to write to %s: %v", etcOsRelease, err)
+		}
+		s, err := GetOperatingSystem()
+		if err == nil || err.Error() != elt.errorExpected {
+			t.Fatalf("Expected an error %q, got %q (err: %v)", elt.errorExpected, s, err)
+		}
+	}
+
+	for _, elt := range valids {
+		if err := ioutil.WriteFile(etcOsRelease, []byte(elt.content), 0600); err != nil {
+			t.Fatalf("failed to write to %s: %v", etcOsRelease, err)
+		}
+		s, err := GetOperatingSystem()
+		if err != nil || s != elt.expected {
+			t.Fatalf("Expected %q, got %q (err: %v)", elt.expected, s, err)
+		}
+	}
+}
+
+func TestIsContainerized(t *testing.T) {
+	var (
+		backup                                = proc1Cgroup
+		nonContainerizedProc1Cgroupsystemd226 = []byte(`9:memory:/init.scope
+8:net_cls,net_prio:/
+7:cpuset:/
+6:freezer:/
+5:devices:/init.scope
+4:blkio:/init.scope
+3:cpu,cpuacct:/init.scope
+2:perf_event:/
+1:name=systemd:/init.scope
+`)
+		nonContainerizedProc1Cgroup = []byte(`14:name=systemd:/
+13:hugetlb:/
+12:net_prio:/
+11:perf_event:/
+10:bfqio:/
+9:blkio:/
+8:net_cls:/
+7:freezer:/
+6:devices:/
+5:memory:/
+4:cpuacct:/
+3:cpu:/
+2:cpuset:/
+`)
+		containerizedProc1Cgroup = []byte(`9:perf_event:/docker/3cef1b53c50b0fa357d994f8a1a8cd783c76bbf4f5dd08b226e38a8bd331338d
+8:blkio:/docker/3cef1b53c50b0fa357d994f8a1a8cd783c76bbf4f5dd08b226e38a8bd331338d
+7:net_cls:/
+6:freezer:/docker/3cef1b53c50b0fa357d994f8a1a8cd783c76bbf4f5dd08b226e38a8bd331338d
+5:devices:/docker/3cef1b53c50b0fa357d994f8a1a8cd783c76bbf4f5dd08b226e38a8bd331338d
+4:memory:/docker/3cef1b53c50b0fa357d994f8a1a8cd783c76bbf4f5dd08b226e38a8bd331338d
+3:cpuacct:/docker/3cef1b53c50b0fa357d994f8a1a8cd783c76bbf4f5dd08b226e38a8bd331338d
+2:cpu:/docker/3cef1b53c50b0fa357d994f8a1a8cd783c76bbf4f5dd08b226e38a8bd331338d
+1:cpuset:/`)
+	)
+
+	dir := os.TempDir()
+	proc1Cgroup = filepath.Join(dir, "proc1Cgroup")
+
+	defer func() {
+		os.Remove(proc1Cgroup)
+		proc1Cgroup = backup
+	}()
+
+	if err := ioutil.WriteFile(proc1Cgroup, nonContainerizedProc1Cgroup, 0600); err != nil {
+		t.Fatalf("failed to write to %s: %v", proc1Cgroup, err)
+	}
+	inContainer, err := IsContainerized()
+	if err != nil {
+		t.Fatal(err)
+	}
+	if inContainer {
+		t.Fatal("Wrongly assuming containerized")
+	}
+
+	if err := ioutil.WriteFile(proc1Cgroup, nonContainerizedProc1Cgroupsystemd226, 0600); err != nil {
+		t.Fatalf("failed to write to %s: %v", proc1Cgroup, err)
+	}
+	inContainer, err = IsContainerized()
+	if err != nil {
+		t.Fatal(err)
+	}
+	if inContainer {
+		t.Fatal("Wrongly assuming containerized for systemd /init.scope cgroup layout")
+	}
+
+	if err := ioutil.WriteFile(proc1Cgroup, containerizedProc1Cgroup, 0600); err != nil {
+		t.Fatalf("failed to write to %s: %v", proc1Cgroup, err)
+	}
+	inContainer, err = IsContainerized()
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !inContainer {
+		t.Fatal("Wrongly assuming non-containerized")
+	}
+}
+
+func TestOsReleaseFallback(t *testing.T) {
+	var backup = etcOsRelease
+	var altBackup = altOsRelease
+	dir := os.TempDir()
+	etcOsRelease = filepath.Join(dir, "etcOsRelease")
+	altOsRelease = filepath.Join(dir, "altOsRelease")
+
+	defer func() {
+		os.Remove(dir)
+		etcOsRelease = backup
+		altOsRelease = altBackup
+	}()
+	content := `NAME=Gentoo
+ID=gentoo
+PRETTY_NAME="Gentoo/Linux"
+ANSI_COLOR="1;32"
+HOME_URL="http://www.gentoo.org/"
+SUPPORT_URL="http://www.gentoo.org/main/en/support.xml"
+BUG_REPORT_URL="https://bugs.gentoo.org/"
+`
+	if err := ioutil.WriteFile(altOsRelease, []byte(content), 0600); err != nil {
+		t.Fatalf("failed to write to %s: %v", etcOsRelease, err)
+	}
+	s, err := GetOperatingSystem()
+	if err != nil || s != "Gentoo/Linux" {
+		t.Fatalf("Expected %q, got %q (err: %v)", "Gentoo/Linux", s, err)
+	}
+}
diff --git a/pkg/parsers/operatingsystem/operatingsystem_windows.go b/pkg/parsers/operatingsystem/operatingsystem_windows.go
new file mode 100644
index 00000000..3c86b6af
--- /dev/null
+++ b/pkg/parsers/operatingsystem/operatingsystem_windows.go
@@ -0,0 +1,49 @@
+package operatingsystem
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+// See https://code.google.com/p/go/source/browse/src/pkg/mime/type_windows.go?r=d14520ac25bf6940785aabb71f5be453a286f58c
+// for a similar sample
+
+// GetOperatingSystem gets the name of the current operating system.
+func GetOperatingSystem() (string, error) {
+
+	var h syscall.Handle
+
+	// Default return value
+	ret := "Unknown Operating System"
+
+	if err := syscall.RegOpenKeyEx(syscall.HKEY_LOCAL_MACHINE,
+		syscall.StringToUTF16Ptr(`SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\`),
+		0,
+		syscall.KEY_READ,
+		&h); err != nil {
+		return ret, err
+	}
+	defer syscall.RegCloseKey(h)
+
+	var buf [1 << 10]uint16
+	var typ uint32
+	n := uint32(len(buf) * 2) // api expects array of bytes, not uint16
+
+	if err := syscall.RegQueryValueEx(h,
+		syscall.StringToUTF16Ptr("ProductName"),
+		nil,
+		&typ,
+		(*byte)(unsafe.Pointer(&buf[0])),
+		&n); err != nil {
+		return ret, err
+	}
+	ret = syscall.UTF16ToString(buf[:])
+
+	return ret, nil
+}
+
+// IsContainerized returns true if we are running inside a container.
+// No-op on Windows, always returns false.
+func IsContainerized() (bool, error) {
+	return false, nil
+}
diff --git a/pkg/parsers/parsers.go b/pkg/parsers/parsers.go
new file mode 100644
index 00000000..acc89716
--- /dev/null
+++ b/pkg/parsers/parsers.go
@@ -0,0 +1,69 @@
+// Package parsers provides helper functions to parse and validate different type
+// of string. It can be hosts, unix addresses, tcp addresses, filters, kernel
+// operating system versions.
+package parsers
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+)
+
+// ParseKeyValueOpt parses and validates the specified string as a key/value pair (key=value)
+func ParseKeyValueOpt(opt string) (string, string, error) {
+	parts := strings.SplitN(opt, "=", 2)
+	if len(parts) != 2 {
+		return "", "", fmt.Errorf("Unable to parse key/value option: %s", opt)
+	}
+	return strings.TrimSpace(parts[0]), strings.TrimSpace(parts[1]), nil
+}
+
+// ParseUintList parses and validates the specified string as the value
+// found in some cgroup file (e.g. `cpuset.cpus`, `cpuset.mems`), which could be
+// one of the formats below. Note that duplicates are actually allowed in the
+// input string. It returns a `map[int]bool` with available elements from `val`
+// set to `true`.
+// Supported formats:
+//     7
+//     1-6
+//     0,3-4,7,8-10
+//     0-0,0,1-7
+//     03,1-3      <- this is gonna get parsed as [1,2,3]
+//     3,2,1
+//     0-2,3,1
+func ParseUintList(val string) (map[int]bool, error) {
+	if val == "" {
+		return map[int]bool{}, nil
+	}
+
+	availableInts := make(map[int]bool)
+	split := strings.Split(val, ",")
+	errInvalidFormat := fmt.Errorf("invalid format: %s", val)
+
+	for _, r := range split {
+		if !strings.Contains(r, "-") {
+			v, err := strconv.Atoi(r)
+			if err != nil {
+				return nil, errInvalidFormat
+			}
+			availableInts[v] = true
+		} else {
+			split := strings.SplitN(r, "-", 2)
+			min, err := strconv.Atoi(split[0])
+			if err != nil {
+				return nil, errInvalidFormat
+			}
+			max, err := strconv.Atoi(split[1])
+			if err != nil {
+				return nil, errInvalidFormat
+			}
+			if max < min {
+				return nil, errInvalidFormat
+			}
+			for i := min; i <= max; i++ {
+				availableInts[i] = true
+			}
+		}
+	}
+	return availableInts, nil
+}
diff --git a/pkg/parsers/parsers_test.go b/pkg/parsers/parsers_test.go
new file mode 100644
index 00000000..7f19e902
--- /dev/null
+++ b/pkg/parsers/parsers_test.go
@@ -0,0 +1,70 @@
+package parsers
+
+import (
+	"reflect"
+	"testing"
+)
+
+func TestParseKeyValueOpt(t *testing.T) {
+	invalids := map[string]string{
+		"":    "Unable to parse key/value option: ",
+		"key": "Unable to parse key/value option: key",
+	}
+	for invalid, expectedError := range invalids {
+		if _, _, err := ParseKeyValueOpt(invalid); err == nil || err.Error() != expectedError {
+			t.Fatalf("Expected error %v for %v, got %v", expectedError, invalid, err)
+		}
+	}
+	valids := map[string][]string{
+		"key=value":               {"key", "value"},
+		" key = value ":           {"key", "value"},
+		"key=value1=value2":       {"key", "value1=value2"},
+		" key = value1 = value2 ": {"key", "value1 = value2"},
+	}
+	for valid, expectedKeyValue := range valids {
+		key, value, err := ParseKeyValueOpt(valid)
+		if err != nil {
+			t.Fatal(err)
+		}
+		if key != expectedKeyValue[0] || value != expectedKeyValue[1] {
+			t.Fatalf("Expected {%v: %v} got {%v: %v}", expectedKeyValue[0], expectedKeyValue[1], key, value)
+		}
+	}
+}
+
+func TestParseUintList(t *testing.T) {
+	valids := map[string]map[int]bool{
+		"":             {},
+		"7":            {7: true},
+		"1-6":          {1: true, 2: true, 3: true, 4: true, 5: true, 6: true},
+		"0-7":          {0: true, 1: true, 2: true, 3: true, 4: true, 5: true, 6: true, 7: true},
+		"0,3-4,7,8-10": {0: true, 3: true, 4: true, 7: true, 8: true, 9: true, 10: true},
+		"0-0,0,1-4":    {0: true, 1: true, 2: true, 3: true, 4: true},
+		"03,1-3":       {1: true, 2: true, 3: true},
+		"3,2,1":        {1: true, 2: true, 3: true},
+		"0-2,3,1":      {0: true, 1: true, 2: true, 3: true},
+	}
+	for k, v := range valids {
+		out, err := ParseUintList(k)
+		if err != nil {
+			t.Fatalf("Expected not to fail, got %v", err)
+		}
+		if !reflect.DeepEqual(out, v) {
+			t.Fatalf("Expected %v, got %v", v, out)
+		}
+	}
+
+	invalids := []string{
+		"this",
+		"1--",
+		"1-10,,10",
+		"10-1",
+		"-1",
+		"-1,0",
+	}
+	for _, v := range invalids {
+		if out, err := ParseUintList(v); err == nil {
+			t.Fatalf("Expected failure with %s but got %v", v, out)
+		}
+	}
+}
diff --git a/pkg/pidfile/pidfile.go b/pkg/pidfile/pidfile.go
new file mode 100644
index 00000000..58cc4017
--- /dev/null
+++ b/pkg/pidfile/pidfile.go
@@ -0,0 +1,50 @@
+// Package pidfile provides structure and helper functions to create and remove
+// PID file. A PID file is usually a file used to store the process ID of a
+// running process.
+package pidfile
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"strconv"
+	"strings"
+)
+
+// PIDFile is a file used to store the process ID of a running process.
+type PIDFile struct {
+	path string
+}
+
+func checkPIDFileAlreadyExists(path string) error {
+	if pidByte, err := ioutil.ReadFile(path); err == nil {
+		pidString := strings.TrimSpace(string(pidByte))
+		if pid, err := strconv.Atoi(pidString); err == nil {
+			if _, err := os.Stat(filepath.Join("/proc", strconv.Itoa(pid))); err == nil {
+				return fmt.Errorf("pid file found, ensure docker is not running or delete %s", path)
+			}
+		}
+	}
+	return nil
+}
+
+// New creates a PIDfile using the specified path.
+func New(path string) (*PIDFile, error) {
+	if err := checkPIDFileAlreadyExists(path); err != nil {
+		return nil, err
+	}
+	if err := ioutil.WriteFile(path, []byte(fmt.Sprintf("%d", os.Getpid())), 0644); err != nil {
+		return nil, err
+	}
+
+	return &PIDFile{path: path}, nil
+}
+
+// Remove removes the PIDFile.
+func (file PIDFile) Remove() error {
+	if err := os.Remove(file.path); err != nil {
+		return err
+	}
+	return nil
+}
diff --git a/pkg/pidfile/pidfile_test.go b/pkg/pidfile/pidfile_test.go
new file mode 100644
index 00000000..d5ef8708
--- /dev/null
+++ b/pkg/pidfile/pidfile_test.go
@@ -0,0 +1,32 @@
+package pidfile
+
+import (
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"testing"
+)
+
+func TestNewAndRemove(t *testing.T) {
+	dir, err := ioutil.TempDir(os.TempDir(), "test-pidfile")
+	if err != nil {
+		t.Fatal("Could not create test directory")
+	}
+
+	file, err := New(filepath.Join(dir, "testfile"))
+	if err != nil {
+		t.Fatal("Could not create test file", err)
+	}
+
+	if err := file.Remove(); err != nil {
+		t.Fatal("Could not delete created test file")
+	}
+}
+
+func TestRemoveInvalidPath(t *testing.T) {
+	file := PIDFile{path: filepath.Join("foo", "bar")}
+
+	if err := file.Remove(); err == nil {
+		t.Fatal("Non-existing file doesn't give an error on delete")
+	}
+}
diff --git a/pkg/platform/architecture_freebsd.go b/pkg/platform/architecture_freebsd.go
new file mode 100644
index 00000000..06dc9fe0
--- /dev/null
+++ b/pkg/platform/architecture_freebsd.go
@@ -0,0 +1,15 @@
+package platform
+
+import (
+	"os/exec"
+)
+
+// runtimeArchitecture get the name of the current architecture (x86, x86_64, …)
+func runtimeArchitecture() (string, error) {
+	cmd := exec.Command("uname", "-m")
+	machine, err := cmd.Output()
+	if err != nil {
+		return "", err
+	}
+	return string(machine), nil
+}
diff --git a/pkg/platform/architecture_linux.go b/pkg/platform/architecture_linux.go
new file mode 100644
index 00000000..30c58c78
--- /dev/null
+++ b/pkg/platform/architecture_linux.go
@@ -0,0 +1,16 @@
+// Package platform provides helper function to get the runtime architecture
+// for different platforms.
+package platform
+
+import (
+	"syscall"
+)
+
+// runtimeArchitecture get the name of the current architecture (x86, x86_64, …)
+func runtimeArchitecture() (string, error) {
+	utsname := &syscall.Utsname{}
+	if err := syscall.Uname(utsname); err != nil {
+		return "", err
+	}
+	return charsToString(utsname.Machine), nil
+}
diff --git a/pkg/platform/architecture_windows.go b/pkg/platform/architecture_windows.go
new file mode 100644
index 00000000..c72e1662
--- /dev/null
+++ b/pkg/platform/architecture_windows.go
@@ -0,0 +1,52 @@
+package platform
+
+import (
+	"fmt"
+	"syscall"
+	"unsafe"
+)
+
+var (
+	modkernel32       = syscall.NewLazyDLL("kernel32.dll")
+	procGetSystemInfo = modkernel32.NewProc("GetSystemInfo")
+)
+
+// see http://msdn.microsoft.com/en-us/library/windows/desktop/ms724958(v=vs.85).aspx
+type systeminfo struct {
+	wProcessorArchitecture      uint16
+	wReserved                   uint16
+	dwPageSize                  uint32
+	lpMinimumApplicationAddress uintptr
+	lpMaximumApplicationAddress uintptr
+	dwActiveProcessorMask       uintptr
+	dwNumberOfProcessors        uint32
+	dwProcessorType             uint32
+	dwAllocationGranularity     uint32
+	wProcessorLevel             uint16
+	wProcessorRevision          uint16
+}
+
+// Constants
+const (
+	ProcessorArchitecture64   = 9 // PROCESSOR_ARCHITECTURE_AMD64
+	ProcessorArchitectureIA64 = 6 // PROCESSOR_ARCHITECTURE_IA64
+	ProcessorArchitecture32   = 0 // PROCESSOR_ARCHITECTURE_INTEL
+	ProcessorArchitectureArm  = 5 // PROCESSOR_ARCHITECTURE_ARM
+)
+
+var sysinfo systeminfo
+
+// runtimeArchitecture get the name of the current architecture (x86, x86_64, …)
+func runtimeArchitecture() (string, error) {
+	syscall.Syscall(procGetSystemInfo.Addr(), 1, uintptr(unsafe.Pointer(&sysinfo)), 0, 0)
+	switch sysinfo.wProcessorArchitecture {
+	case ProcessorArchitecture64, ProcessorArchitectureIA64:
+		return "x86_64", nil
+	case ProcessorArchitecture32:
+		return "i686", nil
+	case ProcessorArchitectureArm:
+		return "arm", nil
+	default:
+		return "", fmt.Errorf("Unknown processor architecture")
+	}
+}
diff --git a/pkg/platform/platform.go b/pkg/platform/platform.go
new file mode 100644
index 00000000..59e25295
--- /dev/null
+++ b/pkg/platform/platform.go
@@ -0,0 +1,23 @@
+package platform
+
+import (
+	"runtime"
+
+	"github.com/Sirupsen/logrus"
+)
+
+var (
+	// Architecture holds the runtime architecture of the process.
+	Architecture string
+	// OSType holds the runtime operating system type (Linux, …) of the process.
+	OSType string
+)
+
+func init() {
+	var err error
+	Architecture, err = runtimeArchitecture()
+	if err != nil {
+		logrus.Errorf("Could no read system architecture info: %v", err)
+	}
+	OSType = runtime.GOOS
+}
diff --git a/pkg/platform/utsname_int8.go b/pkg/platform/utsname_int8.go
new file mode 100644
index 00000000..5dcbadfd
--- /dev/null
+++ b/pkg/platform/utsname_int8.go
@@ -0,0 +1,18 @@
+// +build linux,386 linux,amd64 linux,arm64
+// see golang's sources src/syscall/ztypes_linux_*.go that use int8
+
+package platform
+
+// Convert the OS/ARCH-specific utsname.Machine to string
+// given as an array of signed int8
+func charsToString(ca [65]int8) string {
+	s := make([]byte, len(ca))
+	var lens int
+	for ; lens < len(ca); lens++ {
+		if ca[lens] == 0 {
+			break
+		}
+		s[lens] = uint8(ca[lens])
+	}
+	return string(s[0:lens])
+}
diff --git a/pkg/platform/utsname_uint8.go b/pkg/platform/utsname_uint8.go
new file mode 100644
index 00000000..c9875cf6
--- /dev/null
+++ b/pkg/platform/utsname_uint8.go
@@ -0,0 +1,18 @@
+// +build linux,arm linux,ppc64 linux,ppc64le s390x
+// see golang's sources src/syscall/ztypes_linux_*.go that use uint8
+
+package platform
+
+// Convert the OS/ARCH-specific utsname.Machine to string
+// given as an array of unsigned uint8
+func charsToString(ca [65]uint8) string {
+	s := make([]byte, len(ca))
+	var lens int
+	for ; lens < len(ca); lens++ {
+		if ca[lens] == 0 {
+			break
+		}
+		s[lens] = ca[lens]
+	}
+	return string(s[0:lens])
+}
diff --git a/pkg/plugins/client.go b/pkg/plugins/client.go
new file mode 100644
index 00000000..e3fd326e
--- /dev/null
+++ b/pkg/plugins/client.go
@@ -0,0 +1,186 @@
+package plugins
+
+import (
+	"bytes"
+	"encoding/json"
+	"io"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/pkg/plugins/transport"
+	"github.com/docker/go-connections/sockets"
+	"github.com/docker/go-connections/tlsconfig"
+)
+
+const (
+	defaultTimeOut = 30
+)
+
+// NewClient creates a new plugin client (http).
+func NewClient(addr string, tlsConfig tlsconfig.Options) (*Client, error) {
+	tr := &http.Transport{}
+
+	c, err := tlsconfig.Client(tlsConfig)
+	if err != nil {
+		return nil, err
+	}
+	tr.TLSClientConfig = c
+
+	u, err := url.Parse(addr)
+	if err != nil {
+		return nil, err
+	}
+	socket := u.Host
+	if socket == "" {
+		// valid local socket addresses have the host empty.
+		socket = u.Path
+	}
+	if err := sockets.ConfigureTransport(tr, u.Scheme, socket); err != nil {
+		return nil, err
+	}
+	scheme := httpScheme(u)
+
+	clientTransport := transport.NewHTTPTransport(tr, scheme, socket)
+	return NewClientWithTransport(clientTransport), nil
+}
+
+// NewClientWithTransport creates a new plugin client with a given transport.
+func NewClientWithTransport(tr transport.Transport) *Client {
+	return &Client{
+		http: &http.Client{
+			Transport: tr,
+		},
+		requestFactory: tr,
+	}
+}
+
+// Client represents a plugin client.
+type Client struct {
+	http           *http.Client // http client to use
+	requestFactory transport.RequestFactory
+}
+
+// Call calls the specified method with the specified arguments for the plugin.
+// It will retry for 30 seconds if a failure occurs when calling.
+func (c *Client) Call(serviceMethod string, args interface{}, ret interface{}) error {
+	var buf bytes.Buffer
+	if args != nil {
+		if err := json.NewEncoder(&buf).Encode(args); err != nil {
+			return err
+		}
+	}
+	body, err := c.callWithRetry(serviceMethod, &buf, true)
+	if err != nil {
+		return err
+	}
+	defer body.Close()
+	if ret != nil {
+		if err := json.NewDecoder(body).Decode(&ret); err != nil {
+			logrus.Errorf("%s: error reading plugin resp: %v", serviceMethod, err)
+			return err
+		}
+	}
+	return nil
+}
+
+// Stream calls the specified method with the specified arguments for the plugin and returns the response body
+func (c *Client) Stream(serviceMethod string, args interface{}) (io.ReadCloser, error) {
+	var buf bytes.Buffer
+	if err := json.NewEncoder(&buf).Encode(args); err != nil {
+		return nil, err
+	}
+	return c.callWithRetry(serviceMethod, &buf, true)
+}
+
+// SendFile calls the specified method, and passes through the IO stream
+func (c *Client) SendFile(serviceMethod string, data io.Reader, ret interface{}) error {
+	body, err := c.callWithRetry(serviceMethod, data, true)
+	if err != nil {
+		return err
+	}
+	defer body.Close()
+	if err := json.NewDecoder(body).Decode(&ret); err != nil {
+		logrus.Errorf("%s: error reading plugin resp: %v", serviceMethod, err)
+		return err
+	}
+	return nil
+}
+
+func (c *Client) callWithRetry(serviceMethod string, data io.Reader, retry bool) (io.ReadCloser, error) {
+	req, err := c.requestFactory.NewRequest(serviceMethod, data)
+	if err != nil {
+		return nil, err
+	}
+
+	var retries int
+	start := time.Now()
+
+	for {
+		resp, err := c.http.Do(req)
+		if err != nil {
+			if !retry {
+				return nil, err
+			}
+
+			timeOff := backoff(retries)
+			if abort(start, timeOff) {
+				return nil, err
+			}
+			retries++
+			logrus.Warnf("Unable to connect to plugin: %s:%s, retrying in %v", req.URL.Host, req.URL.Path, timeOff)
+			time.Sleep(timeOff)
+			continue
+		}
+
+		if resp.StatusCode != http.StatusOK {
+			b, err := ioutil.ReadAll(resp.Body)
+			resp.Body.Close()
+			if err != nil {
+				return nil, &statusError{resp.StatusCode, serviceMethod, err.Error()}
+			}
+
+			// Plugins' Response(s) should have an Err field indicating what went
+			// wrong. Try to unmarshal into ResponseErr. Otherwise fallback to just
+			// return the string(body)
+			type responseErr struct {
+				Err string
+			}
+			remoteErr := responseErr{}
+			if err := json.Unmarshal(b, &remoteErr); err == nil {
+				if remoteErr.Err != "" {
+					return nil, &statusError{resp.StatusCode, serviceMethod, remoteErr.Err}
+				}
+			}
+			// old way...
+			return nil, &statusError{resp.StatusCode, serviceMethod, string(b)}
+		}
+		return resp.Body, nil
+	}
+}
+
+func backoff(retries int) time.Duration {
+	b, max := 1, defaultTimeOut
+	for b < max && retries > 0 {
+		b *= 2
+		retries--
+	}
+	if b > max {
+		b = max
+	}
+	return time.Duration(b) * time.Second
+}
+
+func abort(start time.Time, timeOff time.Duration) bool {
+	return timeOff+time.Since(start) >= time.Duration(defaultTimeOut)*time.Second
+}
+
+func httpScheme(u *url.URL) string {
+	scheme := u.Scheme
+	if scheme != "https" {
+		scheme = "http"
+	}
+	return scheme
+}
diff --git a/pkg/plugins/client_test.go b/pkg/plugins/client_test.go
new file mode 100644
index 00000000..3fa2ff46
--- /dev/null
+++ b/pkg/plugins/client_test.go
@@ -0,0 +1,134 @@
+package plugins
+
+import (
+	"io"
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"reflect"
+	"testing"
+	"time"
+
+	"github.com/docker/docker/pkg/plugins/transport"
+	"github.com/docker/go-connections/tlsconfig"
+)
+
+var (
+	mux    *http.ServeMux
+	server *httptest.Server
+)
+
+func setupRemotePluginServer() string {
+	mux = http.NewServeMux()
+	server = httptest.NewServer(mux)
+	return server.URL
+}
+
+func teardownRemotePluginServer() {
+	if server != nil {
+		server.Close()
+	}
+}
+
+func TestFailedConnection(t *testing.T) {
+	c, _ := NewClient("tcp://127.0.0.1:1", tlsconfig.Options{InsecureSkipVerify: true})
+	_, err := c.callWithRetry("Service.Method", nil, false)
+	if err == nil {
+		t.Fatal("Unexpected successful connection")
+	}
+}
+
+func TestEchoInputOutput(t *testing.T) {
+	addr := setupRemotePluginServer()
+	defer teardownRemotePluginServer()
+
+	m := Manifest{[]string{"VolumeDriver", "NetworkDriver"}}
+
+	mux.HandleFunc("/Test.Echo", func(w http.ResponseWriter, r *http.Request) {
+		if r.Method != "POST" {
+			t.Fatalf("Expected POST, got %s\n", r.Method)
+		}
+
+		header := w.Header()
+		header.Set("Content-Type", transport.VersionMimetype)
+
+		io.Copy(w, r.Body)
+	})
+
+	c, _ := NewClient(addr, tlsconfig.Options{InsecureSkipVerify: true})
+	var output Manifest
+	err := c.Call("Test.Echo", m, &output)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if !reflect.DeepEqual(output, m) {
+		t.Fatalf("Expected %v, was %v\n", m, output)
+	}
+	err = c.Call("Test.Echo", nil, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestBackoff(t *testing.T) {
+	cases := []struct {
+		retries    int
+		expTimeOff time.Duration
+	}{
+		{0, time.Duration(1)},
+		{1, time.Duration(2)},
+		{2, time.Duration(4)},
+		{4, time.Duration(16)},
+		{6, time.Duration(30)},
+		{10, time.Duration(30)},
+	}
+
+	for _, c := range cases {
+		s := c.expTimeOff * time.Second
+		if d := backoff(c.retries); d != s {
+			t.Fatalf("Retry %v, expected %v, was %v\n", c.retries, s, d)
+		}
+	}
+}
+
+func TestAbortRetry(t *testing.T) {
+	cases := []struct {
+		timeOff  time.Duration
+		expAbort bool
+	}{
+		{time.Duration(1), false},
+		{time.Duration(2), false},
+		{time.Duration(10), false},
+		{time.Duration(30), true},
+		{time.Duration(40), true},
+	}
+
+	for _, c := range cases {
+		s := c.timeOff * time.Second
+		if a := abort(time.Now(), s); a != c.expAbort {
+			t.Fatalf("Duration %v, expected %v, was %v\n", c.timeOff, s, a)
+		}
+	}
+}
+
+func TestClientScheme(t *testing.T) {
+	cases := map[string]string{
+		"tcp://127.0.0.1:8080":          "http",
+		"unix:///usr/local/plugins/foo": "http",
+		"http://127.0.0.1:8080":         "http",
+		"https://127.0.0.1:8080":        "https",
+	}
+
+	for addr, scheme := range cases {
+		u, err := url.Parse(addr)
+		if err != nil {
+			t.Fatal(err)
+		}
+		s := httpScheme(u)
+
+		if s != scheme {
+			t.Fatalf("URL scheme mismatch, expected %s, got %s", scheme, s)
+		}
+	}
+}
diff --git a/pkg/plugins/discovery.go b/pkg/plugins/discovery.go
new file mode 100644
index 00000000..9dc64194
--- /dev/null
+++ b/pkg/plugins/discovery.go
@@ -0,0 +1,132 @@
+package plugins
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io/ioutil"
+	"net/url"
+	"os"
+	"path/filepath"
+	"strings"
+	"sync"
+)
+
+var (
+	// ErrNotFound plugin not found
+	ErrNotFound = errors.New("plugin not found")
+	socketsPath = "/run/docker/plugins"
+	specsPaths  = []string{"/etc/docker/plugins", "/usr/lib/docker/plugins"}
+)
+
+// localRegistry defines a registry that is local (using unix socket).
+type localRegistry struct{}
+
+func newLocalRegistry() localRegistry {
+	return localRegistry{}
+}
+
+// Scan scans all the plugin paths and returns all the names it found
+func Scan() ([]string, error) {
+	var names []string
+	if err := filepath.Walk(socketsPath, func(path string, fi os.FileInfo, err error) error {
+		if err != nil {
+			return nil
+		}
+
+		if fi.Mode()&os.ModeSocket != 0 {
+			name := strings.TrimSuffix(fi.Name(), filepath.Ext(fi.Name()))
+			names = append(names, name)
+		}
+		return nil
+	}); err != nil {
+		return nil, err
+	}
+
+	for _, path := range specsPaths {
+		if err := filepath.Walk(path, func(p string, fi os.FileInfo, err error) error {
+			if err != nil || fi.IsDir() {
+				return nil
+			}
+			name := strings.TrimSuffix(fi.Name(), filepath.Ext(fi.Name()))
+			names = append(names, name)
+			return nil
+		}); err != nil {
+			return nil, err
+		}
+	}
+	return names, nil
+}
+
+// Plugin returns the plugin registered with the given name (or returns an error).
+func (l *localRegistry) Plugin(name string) (*Plugin, error) {
+	socketpaths := pluginPaths(socketsPath, name, ".sock")
+
+	for _, p := range socketpaths {
+		if fi, err := os.Stat(p); err == nil && fi.Mode()&os.ModeSocket != 0 {
+			return newLocalPlugin(name, "unix://"+p), nil
+		}
+	}
+
+	var txtspecpaths []string
+	for _, p := range specsPaths {
+		txtspecpaths = append(txtspecpaths, pluginPaths(p, name, ".spec")...)
+		txtspecpaths = append(txtspecpaths, pluginPaths(p, name, ".json")...)
+	}
+
+	for _, p := range txtspecpaths {
+		if _, err := os.Stat(p); err == nil {
+			if strings.HasSuffix(p, ".json") {
+				return readPluginJSONInfo(name, p)
+			}
+			return readPluginInfo(name, p)
+		}
+	}
+	return nil, ErrNotFound
+}
+
+func readPluginInfo(name, path string) (*Plugin, error) {
+	content, err := ioutil.ReadFile(path)
+	if err != nil {
+		return nil, err
+	}
+	addr := strings.TrimSpace(string(content))
+
+	u, err := url.Parse(addr)
+	if err != nil {
+		return nil, err
+	}
+
+	if len(u.Scheme) == 0 {
+		return nil, fmt.Errorf("Unknown protocol")
+	}
+
+	return newLocalPlugin(name, addr), nil
+}
+
+func readPluginJSONInfo(name, path string) (*Plugin, error) {
+	f, err := os.Open(path)
+	if err != nil {
+		return nil, err
+	}
+	defer f.Close()
+
+	var p Plugin
+	if err := json.NewDecoder(f).Decode(&p); err != nil {
+		return nil, err
+	}
+	p.Name = name
+	if len(p.TLSConfig.CAFile) == 0 {
+		p.TLSConfig.InsecureSkipVerify = true
+	}
+	p.activateWait = sync.NewCond(&sync.Mutex{})
+
+	return &p, nil
+}
+
+func pluginPaths(base, name, ext string) []string {
+	return []string{
+		filepath.Join(base, name+ext),
+		filepath.Join(base, name, name+ext),
+	}
+}
diff --git a/pkg/plugins/discovery_test.go b/pkg/plugins/discovery_test.go
new file mode 100644
index 00000000..2e8dc704
--- /dev/null
+++ b/pkg/plugins/discovery_test.go
@@ -0,0 +1,119 @@
+package plugins
+
+import (
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"testing"
+)
+
+func Setup(t *testing.T) (string, func()) {
+	tmpdir, err := ioutil.TempDir("", "docker-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	backup := socketsPath
+	socketsPath = tmpdir
+	specsPaths = []string{tmpdir}
+
+	return tmpdir, func() {
+		socketsPath = backup
+		os.RemoveAll(tmpdir)
+	}
+}
+
+func TestFileSpecPlugin(t *testing.T) {
+	tmpdir, unregister := Setup(t)
+	defer unregister()
+
+	cases := []struct {
+		path string
+		name string
+		addr string
+		fail bool
+	}{
+		// TODO Windows: Factor out the unix:// variants.
+		{filepath.Join(tmpdir, "echo.spec"), "echo", "unix://var/lib/docker/plugins/echo.sock", false},
+		{filepath.Join(tmpdir, "echo", "echo.spec"), "echo", "unix://var/lib/docker/plugins/echo.sock", false},
+		{filepath.Join(tmpdir, "foo.spec"), "foo", "tcp://localhost:8080", false},
+		{filepath.Join(tmpdir, "foo", "foo.spec"), "foo", "tcp://localhost:8080", false},
+		{filepath.Join(tmpdir, "bar.spec"), "bar", "localhost:8080", true}, // unknown transport
+	}
+
+	for _, c := range cases {
+		if err := os.MkdirAll(filepath.Dir(c.path), 0755); err != nil {
+			t.Fatal(err)
+		}
+		if err := ioutil.WriteFile(c.path, []byte(c.addr), 0644); err != nil {
+			t.Fatal(err)
+		}
+
+		r := newLocalRegistry()
+		p, err := r.Plugin(c.name)
+		if c.fail && err == nil {
+			continue
+		}
+
+		if err != nil {
+			t.Fatal(err)
+		}
+
+		if p.Name != c.name {
+			t.Fatalf("Expected plugin `%s`, got %s\n", c.name, p.Name)
+		}
+
+		if p.Addr != c.addr {
+			t.Fatalf("Expected plugin addr `%s`, got %s\n", c.addr, p.Addr)
+		}
+
+		if p.TLSConfig.InsecureSkipVerify != true {
+			t.Fatalf("Expected TLS verification to be skipped")
+		}
+	}
+}
+
+func TestFileJSONSpecPlugin(t *testing.T) {
+	tmpdir, unregister := Setup(t)
+	defer unregister()
+
+	p := filepath.Join(tmpdir, "example.json")
+	spec := `{
+  "Name": "plugin-example",
+  "Addr": "https://example.com/docker/plugin",
+  "TLSConfig": {
+    "CAFile": "/usr/shared/docker/certs/example-ca.pem",
+    "CertFile": "/usr/shared/docker/certs/example-cert.pem",
+    "KeyFile": "/usr/shared/docker/certs/example-key.pem"
+	}
+}`
+
+	if err := ioutil.WriteFile(p, []byte(spec), 0644); err != nil {
+		t.Fatal(err)
+	}
+
+	r := newLocalRegistry()
+	plugin, err := r.Plugin("example")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if plugin.Name != "example" {
+		t.Fatalf("Expected plugin `plugin-example`, got %s\n", plugin.Name)
+	}
+
+	if plugin.Addr != "https://example.com/docker/plugin" {
+		t.Fatalf("Expected plugin addr `https://example.com/docker/plugin`, got %s\n", plugin.Addr)
+	}
+
+	if plugin.TLSConfig.CAFile != "/usr/shared/docker/certs/example-ca.pem" {
+		t.Fatalf("Expected plugin CA `/usr/shared/docker/certs/example-ca.pem`, got %s\n", plugin.TLSConfig.CAFile)
+	}
+
+	if plugin.TLSConfig.CertFile != "/usr/shared/docker/certs/example-cert.pem" {
+		t.Fatalf("Expected plugin Certificate `/usr/shared/docker/certs/example-cert.pem`, got %s\n", plugin.TLSConfig.CertFile)
+	}
+
+	if plugin.TLSConfig.KeyFile != "/usr/shared/docker/certs/example-key.pem" {
+		t.Fatalf("Expected plugin Key `/usr/shared/docker/certs/example-key.pem`, got %s\n", plugin.TLSConfig.KeyFile)
+	}
+}
diff --git a/pkg/plugins/discovery_unix_test.go b/pkg/plugins/discovery_unix_test.go
new file mode 100644
index 00000000..8166ae00
--- /dev/null
+++ b/pkg/plugins/discovery_unix_test.go
@@ -0,0 +1,61 @@
+// +build !windows
+
+package plugins
+
+import (
+	"fmt"
+	"net"
+	"os"
+	"path/filepath"
+	"reflect"
+	"testing"
+)
+
+func TestLocalSocket(t *testing.T) {
+	// TODO Windows: Enable a similar version for Windows named pipes
+	tmpdir, unregister := Setup(t)
+	defer unregister()
+
+	cases := []string{
+		filepath.Join(tmpdir, "echo.sock"),
+		filepath.Join(tmpdir, "echo", "echo.sock"),
+	}
+
+	for _, c := range cases {
+		if err := os.MkdirAll(filepath.Dir(c), 0755); err != nil {
+			t.Fatal(err)
+		}
+
+		l, err := net.Listen("unix", c)
+		if err != nil {
+			t.Fatal(err)
+		}
+
+		r := newLocalRegistry()
+		p, err := r.Plugin("echo")
+		if err != nil {
+			t.Fatal(err)
+		}
+
+		pp, err := r.Plugin("echo")
+		if err != nil {
+			t.Fatal(err)
+		}
+		if !reflect.DeepEqual(p, pp) {
+			t.Fatalf("Expected %v, was %v\n", p, pp)
+		}
+
+		if p.Name != "echo" {
+			t.Fatalf("Expected plugin `echo`, got %s\n", p.Name)
+		}
+
+		addr := fmt.Sprintf("unix://%s", c)
+		if p.Addr != addr {
+			t.Fatalf("Expected plugin addr `%s`, got %s\n", addr, p.Addr)
+		}
+		if p.TLSConfig.InsecureSkipVerify != true {
+			t.Fatalf("Expected TLS verification to be skipped")
+		}
+		l.Close()
+	}
+}
diff --git a/pkg/plugins/errors.go b/pkg/plugins/errors.go
new file mode 100644
index 00000000..79884710
--- /dev/null
+++ b/pkg/plugins/errors.go
@@ -0,0 +1,33 @@
+package plugins
+
+import (
+	"fmt"
+	"net/http"
+)
+
+type statusError struct {
+	status int
+	method string
+	err    string
+}
+
+// Error returns a formatted string for this error type
+func (e *statusError) Error() string {
+	return fmt.Sprintf("%s: %v", e.method, e.err)
+}
+
+// IsNotFound indicates if the passed in error is from an http.StatusNotFound from the plugin
+func IsNotFound(err error) bool {
+	return isStatusError(err, http.StatusNotFound)
+}
+
+func isStatusError(err error, status int) bool {
+	if err == nil {
+		return false
+	}
+	e, ok := err.(*statusError)
+	if !ok {
+		return false
+	}
+	return e.status == status
+}
diff --git a/pkg/plugins/pluginrpc-gen/README.md b/pkg/plugins/pluginrpc-gen/README.md
new file mode 100644
index 00000000..98720b21
--- /dev/null
+++ b/pkg/plugins/pluginrpc-gen/README.md
@@ -0,0 +1,68 @@
+Plugin RPC Generator
+====================
+
+Generates go code from a Go interface definition for proxying between the plugin
+API and the subsystem being extended.
+
+## Usage
+
+Given an interface definition:
+
+```go
+type volumeDriver interface {
+	Create(name string, opts opts) (err error)
+	Remove(name string) (err error)
+	Path(name string) (mountpoint string, err error)
+	Mount(name string) (mountpoint string, err error)
+	Unmount(name string) (err error)
+}
+```
+
+**Note**: All function options and return values must be named in the definition.
+
+Run the generator:
+
+```bash
+$ pluginrpc-gen --type volumeDriver --name VolumeDriver -i volumes/drivers/extpoint.go -o volumes/drivers/proxy.go
+```
+
+Where:
+- `--type` is the name of the interface to use
+- `--name` is the subsystem that the plugin "Implements"
+- `-i` is the input file containing the interface definition
+- `-o` is the output file where the the generated code should go
+
+**Note**: The generated code will use the same package name as the one defined in the input file
+
+Optionally, you can skip functions on the interface that should not be
+implemented in the generated proxy code by passing in the function name to `--skip`.
+This flag can be specified multiple times.
+
+You can also add build tags that should be prepended to the generated code by
+supplying `--tag`. This flag can be specified multiple times.
+
+## Known issues
+
+The parser can currently only handle types which are not specifically a map or
+a slice.  
+You can, however, create a type that uses a map or a slice internally, for instance:
+
+```go
+type opts map[string]string
+```
+
+This `opts` type will work, whreas using a `map[string]string` directly will not.
+
+## go-generate
+
+You can also use this with go-generate, which is pretty awesome.  
+To do so, place the code at the top of the file which contains the interface
+definition (i.e., the input file):
+
+```go
+//go:generate pluginrpc-gen -i $GOFILE -o proxy.go -type volumeDriver -name VolumeDriver
+```
+
+Then cd to the package dir and run `go generate`
+
+**Note**: the `pluginrpc-gen` binary must be within your `$PATH`
diff --git a/pkg/plugins/pluginrpc-gen/fixtures/foo.go b/pkg/plugins/pluginrpc-gen/fixtures/foo.go
new file mode 100644
index 00000000..fcb2b623
--- /dev/null
+++ b/pkg/plugins/pluginrpc-gen/fixtures/foo.go
@@ -0,0 +1,41 @@
+package foo
+
+type wobble struct {
+	Some      string
+	Val       string
+	Inception *wobble
+}
+
+// Fooer is an empty interface used for tests.
+type Fooer interface{}
+
+// Fooer2 is an interface used for tests.
+type Fooer2 interface {
+	Foo()
+}
+
+// Fooer3 is an interface used for tests.
+type Fooer3 interface {
+	Foo()
+	Bar(a string)
+	Baz(a string) (err error)
+	Qux(a, b string) (val string, err error)
+	Wobble() (w *wobble)
+	Wiggle() (w wobble)
+}
+
+// Fooer4 is an interface used for tests.
+type Fooer4 interface {
+	Foo() error
+}
+
+// Bar is an interface used for tests.
+type Bar interface {
+	Boo(a string, b string) (s string, err error)
+}
+
+// Fooer5 is an interface used for tests.
+type Fooer5 interface {
+	Foo()
+	Bar
+}
diff --git a/pkg/plugins/pluginrpc-gen/main.go b/pkg/plugins/pluginrpc-gen/main.go
new file mode 100644
index 00000000..772984ce
--- /dev/null
+++ b/pkg/plugins/pluginrpc-gen/main.go
@@ -0,0 +1,91 @@
+package main
+
+import (
+	"bytes"
+	"flag"
+	"fmt"
+	"go/format"
+	"io/ioutil"
+	"os"
+	"unicode"
+	"unicode/utf8"
+)
+
+type stringSet struct {
+	values map[string]struct{}
+}
+
+func (s stringSet) String() string {
+	return ""
+}
+
+func (s stringSet) Set(value string) error {
+	s.values[value] = struct{}{}
+	return nil
+}
+func (s stringSet) GetValues() map[string]struct{} {
+	return s.values
+}
+
+var (
+	typeName   = flag.String("type", "", "interface type to generate plugin rpc proxy for")
+	rpcName    = flag.String("name", *typeName, "RPC name, set if different from type")
+	inputFile  = flag.String("i", "", "input file path")
+	outputFile = flag.String("o", *inputFile+"_proxy.go", "output file path")
+
+	skipFuncs   map[string]struct{}
+	flSkipFuncs = stringSet{make(map[string]struct{})}
+
+	flBuildTags = stringSet{make(map[string]struct{})}
+)
+
+func errorOut(msg string, err error) {
+	if err == nil {
+		return
+	}
+	fmt.Fprintf(os.Stderr, "%s: %v\n", msg, err)
+	os.Exit(1)
+}
+
+func checkFlags() error {
+	if *outputFile == "" {
+		return fmt.Errorf("missing required flag `-o`")
+	}
+	if *inputFile == "" {
+		return fmt.Errorf("missing required flag `-i`")
+	}
+	return nil
+}
+
+func main() {
+	flag.Var(flSkipFuncs, "skip", "skip parsing for function")
+	flag.Var(flBuildTags, "tag", "build tags to add to generated files")
+	flag.Parse()
+	skipFuncs = flSkipFuncs.GetValues()
+
+	errorOut("error", checkFlags())
+
+	pkg, err := Parse(*inputFile, *typeName)
+	errorOut(fmt.Sprintf("error parsing requested type %s", *typeName), err)
+
+	var analysis = struct {
+		InterfaceType string
+		RPCName       string
+		BuildTags     map[string]struct{}
+		*ParsedPkg
+	}{toLower(*typeName), *rpcName, flBuildTags.GetValues(), pkg}
+	var buf bytes.Buffer
+
+	errorOut("parser error", generatedTempl.Execute(&buf, analysis))
+	src, err := format.Source(buf.Bytes())
+	errorOut("error formating generated source", err)
+	errorOut("error writing file", ioutil.WriteFile(*outputFile, src, 0644))
+}
+
+func toLower(s string) string {
+	if s == "" {
+		return ""
+	}
+	r, n := utf8.DecodeRuneInString(s)
+	return string(unicode.ToLower(r)) + s[n:]
+}
diff --git a/pkg/plugins/pluginrpc-gen/parser.go b/pkg/plugins/pluginrpc-gen/parser.go
new file mode 100644
index 00000000..3adeb490
--- /dev/null
+++ b/pkg/plugins/pluginrpc-gen/parser.go
@@ -0,0 +1,163 @@
+package main
+
+import (
+	"errors"
+	"fmt"
+	"go/ast"
+	"go/parser"
+	"go/token"
+	"reflect"
+)
+
+var errBadReturn = errors.New("found return arg with no name: all args must be named")
+
+type errUnexpectedType struct {
+	expected string
+	actual   interface{}
+}
+
+func (e errUnexpectedType) Error() string {
+	return fmt.Sprintf("got wrong type expecting %s, got: %v", e.expected, reflect.TypeOf(e.actual))
+}
+
+// ParsedPkg holds information about a package that has been parsed,
+// its name and the list of functions.
+type ParsedPkg struct {
+	Name      string
+	Functions []function
+}
+
+type function struct {
+	Name    string
+	Args    []arg
+	Returns []arg
+	Doc     string
+}
+
+type arg struct {
+	Name    string
+	ArgType string
+}
+
+func (a *arg) String() string {
+	return a.Name + " " + a.ArgType
+}
+
+// Parse parses the given file for an interface definition with the given name.
+func Parse(filePath string, objName string) (*ParsedPkg, error) {
+	fs := token.NewFileSet()
+	pkg, err := parser.ParseFile(fs, filePath, nil, parser.AllErrors)
+	if err != nil {
+		return nil, err
+	}
+	p := &ParsedPkg{}
+	p.Name = pkg.Name.Name
+	obj, exists := pkg.Scope.Objects[objName]
+	if !exists {
+		return nil, fmt.Errorf("could not find object %s in %s", objName, filePath)
+	}
+	if obj.Kind != ast.Typ {
+		return nil, fmt.Errorf("exected type, got %s", obj.Kind)
+	}
+	spec, ok := obj.Decl.(*ast.TypeSpec)
+	if !ok {
+		return nil, errUnexpectedType{"*ast.TypeSpec", obj.Decl}
+	}
+	iface, ok := spec.Type.(*ast.InterfaceType)
+	if !ok {
+		return nil, errUnexpectedType{"*ast.InterfaceType", spec.Type}
+	}
+
+	p.Functions, err = parseInterface(iface)
+	if err != nil {
+		return nil, err
+	}
+
+	return p, nil
+}
+
+func parseInterface(iface *ast.InterfaceType) ([]function, error) {
+	var functions []function
+	for _, field := range iface.Methods.List {
+		switch f := field.Type.(type) {
+		case *ast.FuncType:
+			method, err := parseFunc(field)
+			if err != nil {
+				return nil, err
+			}
+			if method == nil {
+				continue
+			}
+			functions = append(functions, *method)
+		case *ast.Ident:
+			spec, ok := f.Obj.Decl.(*ast.TypeSpec)
+			if !ok {
+				return nil, errUnexpectedType{"*ast.TypeSpec", f.Obj.Decl}
+			}
+			iface, ok := spec.Type.(*ast.InterfaceType)
+			if !ok {
+				return nil, errUnexpectedType{"*ast.TypeSpec", spec.Type}
+			}
+			funcs, err := parseInterface(iface)
+			if err != nil {
+				fmt.Println(err)
+				continue
+			}
+			functions = append(functions, funcs...)
+		default:
+			return nil, errUnexpectedType{"*astFuncType or *ast.Ident", f}
+		}
+	}
+	return functions, nil
+}
+
+func parseFunc(field *ast.Field) (*function, error) {
+	f := field.Type.(*ast.FuncType)
+	method := &function{Name: field.Names[0].Name}
+	if _, exists := skipFuncs[method.Name]; exists {
+		fmt.Println("skipping:", method.Name)
+		return nil, nil
+	}
+	if f.Params != nil {
+		args, err := parseArgs(f.Params.List)
+		if err != nil {
+			return nil, err
+		}
+		method.Args = args
+	}
+	if f.Results != nil {
+		returns, err := parseArgs(f.Results.List)
+		if err != nil {
+			return nil, fmt.Errorf("error parsing function returns for %q: %v", method.Name, err)
+		}
+		method.Returns = returns
+	}
+	return method, nil
+}
+
+func parseArgs(fields []*ast.Field) ([]arg, error) {
+	var args []arg
+	for _, f := range fields {
+		if len(f.Names) == 0 {
+			return nil, errBadReturn
+		}
+		for _, name := range f.Names {
+			var typeName string
+			switch argType := f.Type.(type) {
+			case *ast.Ident:
+				typeName = argType.Name
+			case *ast.StarExpr:
+				i, ok := argType.X.(*ast.Ident)
+				if !ok {
+					return nil, errUnexpectedType{"*ast.Ident", f.Type}
+				}
+				typeName = "*" + i.Name
+			default:
+				return nil, errUnexpectedType{"*ast.Ident or *ast.StarExpr", f.Type}
+			}
+
+			args = append(args, arg{name.Name, typeName})
+		}
+	}
+	return args, nil
+}
diff --git a/pkg/plugins/pluginrpc-gen/parser_test.go b/pkg/plugins/pluginrpc-gen/parser_test.go
new file mode 100644
index 00000000..5a7579cf
--- /dev/null
+++ b/pkg/plugins/pluginrpc-gen/parser_test.go
@@ -0,0 +1,168 @@
+package main
+
+import (
+	"fmt"
+	"path/filepath"
+	"runtime"
+	"strings"
+	"testing"
+)
+
+const testFixture = "fixtures/foo.go"
+
+func TestParseEmptyInterface(t *testing.T) {
+	pkg, err := Parse(testFixture, "Fooer")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	assertName(t, "foo", pkg.Name)
+	assertNum(t, 0, len(pkg.Functions))
+}
+
+func TestParseNonInterfaceType(t *testing.T) {
+	_, err := Parse(testFixture, "wobble")
+	if _, ok := err.(errUnexpectedType); !ok {
+		t.Fatal("expected type error when parsing non-interface type")
+	}
+}
+
+func TestParseWithOneFunction(t *testing.T) {
+	pkg, err := Parse(testFixture, "Fooer2")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	assertName(t, "foo", pkg.Name)
+	assertNum(t, 1, len(pkg.Functions))
+	assertName(t, "Foo", pkg.Functions[0].Name)
+	assertNum(t, 0, len(pkg.Functions[0].Args))
+	assertNum(t, 0, len(pkg.Functions[0].Returns))
+}
+
+func TestParseWithMultipleFuncs(t *testing.T) {
+	pkg, err := Parse(testFixture, "Fooer3")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	assertName(t, "foo", pkg.Name)
+	assertNum(t, 6, len(pkg.Functions))
+
+	f := pkg.Functions[0]
+	assertName(t, "Foo", f.Name)
+	assertNum(t, 0, len(f.Args))
+	assertNum(t, 0, len(f.Returns))
+
+	f = pkg.Functions[1]
+	assertName(t, "Bar", f.Name)
+	assertNum(t, 1, len(f.Args))
+	assertNum(t, 0, len(f.Returns))
+	arg := f.Args[0]
+	assertName(t, "a", arg.Name)
+	assertName(t, "string", arg.ArgType)
+
+	f = pkg.Functions[2]
+	assertName(t, "Baz", f.Name)
+	assertNum(t, 1, len(f.Args))
+	assertNum(t, 1, len(f.Returns))
+	arg = f.Args[0]
+	assertName(t, "a", arg.Name)
+	assertName(t, "string", arg.ArgType)
+	arg = f.Returns[0]
+	assertName(t, "err", arg.Name)
+	assertName(t, "error", arg.ArgType)
+
+	f = pkg.Functions[3]
+	assertName(t, "Qux", f.Name)
+	assertNum(t, 2, len(f.Args))
+	assertNum(t, 2, len(f.Returns))
+	arg = f.Args[0]
+	assertName(t, "a", f.Args[0].Name)
+	assertName(t, "string", f.Args[0].ArgType)
+	arg = f.Args[1]
+	assertName(t, "b", arg.Name)
+	assertName(t, "string", arg.ArgType)
+	arg = f.Returns[0]
+	assertName(t, "val", arg.Name)
+	assertName(t, "string", arg.ArgType)
+	arg = f.Returns[1]
+	assertName(t, "err", arg.Name)
+	assertName(t, "error", arg.ArgType)
+
+	f = pkg.Functions[4]
+	assertName(t, "Wobble", f.Name)
+	assertNum(t, 0, len(f.Args))
+	assertNum(t, 1, len(f.Returns))
+	arg = f.Returns[0]
+	assertName(t, "w", arg.Name)
+	assertName(t, "*wobble", arg.ArgType)
+
+	f = pkg.Functions[5]
+	assertName(t, "Wiggle", f.Name)
+	assertNum(t, 0, len(f.Args))
+	assertNum(t, 1, len(f.Returns))
+	arg = f.Returns[0]
+	assertName(t, "w", arg.Name)
+	assertName(t, "wobble", arg.ArgType)
+}
+
+func TestParseWithUnamedReturn(t *testing.T) {
+	_, err := Parse(testFixture, "Fooer4")
+	if !strings.HasSuffix(err.Error(), errBadReturn.Error()) {
+		t.Fatalf("expected ErrBadReturn, got %v", err)
+	}
+}
+
+func TestEmbeddedInterface(t *testing.T) {
+	pkg, err := Parse(testFixture, "Fooer5")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	assertName(t, "foo", pkg.Name)
+	assertNum(t, 2, len(pkg.Functions))
+
+	f := pkg.Functions[0]
+	assertName(t, "Foo", f.Name)
+	assertNum(t, 0, len(f.Args))
+	assertNum(t, 0, len(f.Returns))
+
+	f = pkg.Functions[1]
+	assertName(t, "Boo", f.Name)
+	assertNum(t, 2, len(f.Args))
+	assertNum(t, 2, len(f.Returns))
+
+	arg := f.Args[0]
+	assertName(t, "a", arg.Name)
+	assertName(t, "string", arg.ArgType)
+
+	arg = f.Args[1]
+	assertName(t, "b", arg.Name)
+	assertName(t, "string", arg.ArgType)
+
+	arg = f.Returns[0]
+	assertName(t, "s", arg.Name)
+	assertName(t, "string", arg.ArgType)
+
+	arg = f.Returns[1]
+	assertName(t, "err", arg.Name)
+	assertName(t, "error", arg.ArgType)
+}
+
+func assertName(t *testing.T, expected, actual string) {
+	if expected != actual {
+		fatalOut(t, fmt.Sprintf("expected name to be `%s`, got: %s", expected, actual))
+	}
+}
+
+func assertNum(t *testing.T, expected, actual int) {
+	if expected != actual {
+		fatalOut(t, fmt.Sprintf("expected number to be %d, got: %d", expected, actual))
+	}
+}
+
+func fatalOut(t *testing.T, msg string) {
+	_, file, ln, _ := runtime.Caller(2)
+	t.Fatalf("%s:%d: %s", filepath.Base(file), ln, msg)
+}
diff --git a/pkg/plugins/pluginrpc-gen/template.go b/pkg/plugins/pluginrpc-gen/template.go
new file mode 100644
index 00000000..704030cf
--- /dev/null
+++ b/pkg/plugins/pluginrpc-gen/template.go
@@ -0,0 +1,97 @@
+package main
+
+import (
+	"strings"
+	"text/template"
+)
+
+func printArgs(args []arg) string {
+	var argStr []string
+	for _, arg := range args {
+		argStr = append(argStr, arg.String())
+	}
+	return strings.Join(argStr, ", ")
+}
+
+func marshalType(t string) string {
+	switch t {
+	case "error":
+		// convert error types to plain strings to ensure the values are encoded/decoded properly
+		return "string"
+	default:
+		return t
+	}
+}
+
+func isErr(t string) bool {
+	switch t {
+	case "error":
+		return true
+	default:
+		return false
+	}
+}
+
+// Need to use this helper due to issues with go-vet
+func buildTag(s string) string {
+	return "+build " + s
+}
+
+var templFuncs = template.FuncMap{
+	"printArgs":   printArgs,
+	"marshalType": marshalType,
+	"isErr":       isErr,
+	"lower":       strings.ToLower,
+	"title":       strings.Title,
+	"tag":         buildTag,
+}
+
+var generatedTempl = template.Must(template.New("rpc_cient").Funcs(templFuncs).Parse(`
+// generated code - DO NOT EDIT
+{{ range $k, $v := .BuildTags }}
+	// {{ tag $k }} {{ end }}
+
+package {{ .Name }}
+
+import "errors"
+
+type client interface{
+	Call(string, interface{}, interface{}) error
+}
+
+type {{ .InterfaceType }}Proxy struct {
+	client
+}
+
+{{ range .Functions }}
+	type {{ $.InterfaceType }}Proxy{{ .Name }}Request struct{
+		{{ range .Args }}
+			{{ title .Name }} {{ .ArgType }} {{ end }}
+	}
+
+	type {{ $.InterfaceType }}Proxy{{ .Name }}Response struct{
+		{{ range .Returns }}
+			{{ title .Name }} {{ marshalType .ArgType }} {{ end }}
+	}
+
+	func (pp *{{ $.InterfaceType }}Proxy) {{ .Name }}({{ printArgs .Args }}) ({{ printArgs .Returns }}) {
+		var(
+			req {{ $.InterfaceType }}Proxy{{ .Name }}Request
+			ret {{ $.InterfaceType }}Proxy{{ .Name }}Response
+		)
+		{{ range .Args }}
+			req.{{ title .Name }} = {{ lower .Name }} {{ end }}
+		if err = pp.Call("{{ $.RPCName }}.{{ .Name }}", req, &ret); err != nil {
+			return
+		}
+		{{ range $r := .Returns }}
+			{{ if isErr .ArgType }}
+				if ret.{{ title .Name }} != "" {
+					{{ lower .Name }} = errors.New(ret.{{ title .Name }})
+				} {{ end }}
+			{{ if isErr .ArgType | not }} {{ lower .Name }} = ret.{{ title .Name }} {{ end }} {{ end }}
+
+		return
+	}
+{{ end }}
+`))
diff --git a/pkg/plugins/plugins.go b/pkg/plugins/plugins.go
new file mode 100644
index 00000000..4f270a40
--- /dev/null
+++ b/pkg/plugins/plugins.go
@@ -0,0 +1,257 @@
+// Package plugins provides structures and helper functions to manage Docker
+// plugins.
+//
+// Docker discovers plugins by looking for them in the plugin directory whenever
+// a user or container tries to use one by name. UNIX domain socket files must
+// be located under /run/docker/plugins, whereas spec files can be located
+// either under /etc/docker/plugins or /usr/lib/docker/plugins. This is handled
+// by the Registry interface, which lets you list all plugins or get a plugin by
+// its name if it exists.
+//
+// The plugins need to implement an HTTP server and bind this to the UNIX socket
+// or the address specified in the spec files.
+// A handshake is send at /Plugin.Activate, and plugins are expected to return
+// a Manifest with a list of of Docker subsystems which this plugin implements.
+//
+// In order to use a plugins, you can use the ``Get`` with the name of the
+// plugin and the subsystem it implements.
+//
+//	plugin, err := plugins.Get("example", "VolumeDriver")
+//	if err != nil {
+//		return fmt.Errorf("Error looking up volume plugin example: %v", err)
+//	}
+package plugins
+
+import (
+	"errors"
+	"sync"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/go-connections/tlsconfig"
+)
+
+var (
+	// ErrNotImplements is returned if the plugin does not implement the requested driver.
+	ErrNotImplements = errors.New("Plugin does not implement the requested driver")
+)
+
+type plugins struct {
+	sync.Mutex
+	plugins map[string]*Plugin
+}
+
+var (
+	storage          = plugins{plugins: make(map[string]*Plugin)}
+	extpointHandlers = make(map[string]func(string, *Client))
+)
+
+// Manifest lists what a plugin implements.
+type Manifest struct {
+	// List of subsystem the plugin implements.
+	Implements []string
+}
+
+// Plugin is the definition of a docker plugin.
+type Plugin struct {
+	// Name of the plugin
+	Name string `json:"-"`
+	// Address of the plugin
+	Addr string
+	// TLS configuration of the plugin
+	TLSConfig tlsconfig.Options
+	// Client attached to the plugin
+	Client *Client `json:"-"`
+	// Manifest of the plugin (see above)
+	Manifest *Manifest `json:"-"`
+
+	// error produced by activation
+	activateErr error
+	// specifies if the activation sequence is completed (not if it is sucessful or not)
+	activated bool
+	// wait for activation to finish
+	activateWait *sync.Cond
+}
+
+func newLocalPlugin(name, addr string) *Plugin {
+	return &Plugin{
+		Name:         name,
+		Addr:         addr,
+		TLSConfig:    tlsconfig.Options{InsecureSkipVerify: true},
+		activateWait: sync.NewCond(&sync.Mutex{}),
+	}
+}
+
+func (p *Plugin) activate() error {
+	p.activateWait.L.Lock()
+	if p.activated {
+		p.activateWait.L.Unlock()
+		return p.activateErr
+	}
+
+	p.activateErr = p.activateWithLock()
+	p.activated = true
+
+	p.activateWait.L.Unlock()
+	p.activateWait.Broadcast()
+	return p.activateErr
+}
+
+func (p *Plugin) activateWithLock() error {
+	c, err := NewClient(p.Addr, p.TLSConfig)
+	if err != nil {
+		return err
+	}
+	p.Client = c
+
+	m := new(Manifest)
+	if err = p.Client.Call("Plugin.Activate", nil, m); err != nil {
+		return err
+	}
+
+	p.Manifest = m
+
+	for _, iface := range m.Implements {
+		handler, handled := extpointHandlers[iface]
+		if !handled {
+			continue
+		}
+		handler(p.Name, p.Client)
+	}
+	return nil
+}
+
+func (p *Plugin) waitActive() error {
+	p.activateWait.L.Lock()
+	for !p.activated {
+		p.activateWait.Wait()
+	}
+	p.activateWait.L.Unlock()
+	return p.activateErr
+}
+
+func (p *Plugin) implements(kind string) bool {
+	if err := p.waitActive(); err != nil {
+		return false
+	}
+	for _, driver := range p.Manifest.Implements {
+		if driver == kind {
+			return true
+		}
+	}
+	return false
+}
+
+func load(name string) (*Plugin, error) {
+	return loadWithRetry(name, true)
+}
+
+func loadWithRetry(name string, retry bool) (*Plugin, error) {
+	registry := newLocalRegistry()
+	start := time.Now()
+
+	var retries int
+	for {
+		pl, err := registry.Plugin(name)
+		if err != nil {
+			if !retry {
+				return nil, err
+			}
+
+			timeOff := backoff(retries)
+			if abort(start, timeOff) {
+				return nil, err
+			}
+			retries++
+			logrus.Warnf("Unable to locate plugin: %s, retrying in %v", name, timeOff)
+			time.Sleep(timeOff)
+			continue
+		}
+
+		storage.Lock()
+		storage.plugins[name] = pl
+		storage.Unlock()
+
+		err = pl.activate()
+
+		if err != nil {
+			storage.Lock()
+			delete(storage.plugins, name)
+			storage.Unlock()
+		}
+
+		return pl, err
+	}
+}
+
+func get(name string) (*Plugin, error) {
+	storage.Lock()
+	pl, ok := storage.plugins[name]
+	storage.Unlock()
+	if ok {
+		return pl, pl.activate()
+	}
+	return load(name)
+}
+
+// Get returns the plugin given the specified name and requested implementation.
+func Get(name, imp string) (*Plugin, error) {
+	pl, err := get(name)
+	if err != nil {
+		return nil, err
+	}
+	if pl.implements(imp) {
+		logrus.Debugf("%s implements: %s", name, imp)
+		return pl, nil
+	}
+	return nil, ErrNotImplements
+}
+
+// Handle adds the specified function to the extpointHandlers.
+func Handle(iface string, fn func(string, *Client)) {
+	extpointHandlers[iface] = fn
+}
+
+// GetAll returns all the plugins for the specified implementation
+func GetAll(imp string) ([]*Plugin, error) {
+	pluginNames, err := Scan()
+	if err != nil {
+		return nil, err
+	}
+
+	type plLoad struct {
+		pl  *Plugin
+		err error
+	}
+
+	chPl := make(chan *plLoad, len(pluginNames))
+	var wg sync.WaitGroup
+	for _, name := range pluginNames {
+		if pl, ok := storage.plugins[name]; ok {
+			chPl <- &plLoad{pl, nil}
+			continue
+		}
+
+		wg.Add(1)
+		go func(name string) {
+			defer wg.Done()
+			pl, err := loadWithRetry(name, false)
+			chPl <- &plLoad{pl, err}
+		}(name)
+	}
+
+	wg.Wait()
+	close(chPl)
+
+	var out []*Plugin
+	for pl := range chPl {
+		if pl.err != nil {
+			logrus.Error(pl.err)
+			continue
+		}
+		if pl.pl.implements(imp) {
+			out = append(out, pl.pl)
+		}
+	}
+	return out, nil
+}
diff --git a/pkg/plugins/transport/http.go b/pkg/plugins/transport/http.go
new file mode 100644
index 00000000..5be146af
--- /dev/null
+++ b/pkg/plugins/transport/http.go
@@ -0,0 +1,36 @@
+package transport
+
+import (
+	"io"
+	"net/http"
+)
+
+// httpTransport holds an http.RoundTripper
+// and information about the scheme and address the transport
+// sends request to.
+type httpTransport struct {
+	http.RoundTripper
+	scheme string
+	addr   string
+}
+
+// NewHTTPTransport creates a new httpTransport.
+func NewHTTPTransport(r http.RoundTripper, scheme, addr string) Transport {
+	return httpTransport{
+		RoundTripper: r,
+		scheme:       scheme,
+		addr:         addr,
+	}
+}
+
+// NewRequest creates a new http.Request and sets the URL
+// scheme and address with the transport's fields.
+func (t httpTransport) NewRequest(path string, data io.Reader) (*http.Request, error) {
+	req, err := newHTTPRequest(path, data)
+	if err != nil {
+		return nil, err
+	}
+	req.URL.Scheme = t.scheme
+	req.URL.Host = t.addr
+	return req, nil
+}
diff --git a/pkg/plugins/transport/transport.go b/pkg/plugins/transport/transport.go
new file mode 100644
index 00000000..d7f1e210
--- /dev/null
+++ b/pkg/plugins/transport/transport.go
@@ -0,0 +1,36 @@
+package transport
+
+import (
+	"io"
+	"net/http"
+	"strings"
+)
+
+// VersionMimetype is the Content-Type the engine sends to plugins.
+const VersionMimetype = "application/vnd.docker.plugins.v1.2+json"
+
+// RequestFactory defines an interface that
+// transports can implement to create new requests.
+type RequestFactory interface {
+	NewRequest(path string, data io.Reader) (*http.Request, error)
+}
+
+// Transport defines an interface that plugin transports
+// must implement.
+type Transport interface {
+	http.RoundTripper
+	RequestFactory
+}
+
+// newHTTPRequest creates a new request with a path and a body.
+func newHTTPRequest(path string, data io.Reader) (*http.Request, error) {
+	if !strings.HasPrefix(path, "/") {
+		path = "/" + path
+	}
+	req, err := http.NewRequest("POST", path, data)
+	if err != nil {
+		return nil, err
+	}
+	req.Header.Add("Accept", VersionMimetype)
+	return req, nil
+}
diff --git a/pkg/pools/pools.go b/pkg/pools/pools.go
new file mode 100644
index 00000000..76e84f9d
--- /dev/null
+++ b/pkg/pools/pools.go
@@ -0,0 +1,119 @@
+// Package pools provides a collection of pools which provide various
+// data types with buffers. These can be used to lower the number of
+// memory allocations and reuse buffers.
+//
+// New pools should be added to this package to allow them to be
+// shared across packages.
+//
+// Utility functions which operate on pools should be added to this
+// package to allow them to be reused.
+package pools
+
+import (
+	"bufio"
+	"io"
+	"sync"
+
+	"github.com/docker/docker/pkg/ioutils"
+)
+
+var (
+	// BufioReader32KPool is a pool which returns bufio.Reader with a 32K buffer.
+	BufioReader32KPool *BufioReaderPool
+	// BufioWriter32KPool is a pool which returns bufio.Writer with a 32K buffer.
+	BufioWriter32KPool *BufioWriterPool
+)
+
+const buffer32K = 32 * 1024
+
+// BufioReaderPool is a bufio reader that uses sync.Pool.
+type BufioReaderPool struct {
+	pool sync.Pool
+}
+
+func init() {
+	BufioReader32KPool = newBufioReaderPoolWithSize(buffer32K)
+	BufioWriter32KPool = newBufioWriterPoolWithSize(buffer32K)
+}
+
+// newBufioReaderPoolWithSize is unexported because new pools should be
+// added here to be shared where required.
+func newBufioReaderPoolWithSize(size int) *BufioReaderPool {
+	pool := sync.Pool{
+		New: func() interface{} { return bufio.NewReaderSize(nil, size) },
+	}
+	return &BufioReaderPool{pool: pool}
+}
+
+// Get returns a bufio.Reader which reads from r. The buffer size is that of the pool.
+func (bufPool *BufioReaderPool) Get(r io.Reader) *bufio.Reader {
+	buf := bufPool.pool.Get().(*bufio.Reader)
+	buf.Reset(r)
+	return buf
+}
+
+// Put puts the bufio.Reader back into the pool.
+func (bufPool *BufioReaderPool) Put(b *bufio.Reader) {
+	b.Reset(nil)
+	bufPool.pool.Put(b)
+}
+
+// Copy is a convenience wrapper which uses a buffer to avoid allocation in io.Copy.
+func Copy(dst io.Writer, src io.Reader) (written int64, err error) {
+	buf := BufioReader32KPool.Get(src)
+	written, err = io.Copy(dst, buf)
+	BufioReader32KPool.Put(buf)
+	return
+}
+
+// NewReadCloserWrapper returns a wrapper which puts the bufio.Reader back
+// into the pool and closes the reader if it's an io.ReadCloser.
+func (bufPool *BufioReaderPool) NewReadCloserWrapper(buf *bufio.Reader, r io.Reader) io.ReadCloser {
+	return ioutils.NewReadCloserWrapper(r, func() error {
+		if readCloser, ok := r.(io.ReadCloser); ok {
+			readCloser.Close()
+		}
+		bufPool.Put(buf)
+		return nil
+	})
+}
+
+// BufioWriterPool is a bufio writer that uses sync.Pool.
+type BufioWriterPool struct {
+	pool sync.Pool
+}
+
+// newBufioWriterPoolWithSize is unexported because new pools should be
+// added here to be shared where required.
+func newBufioWriterPoolWithSize(size int) *BufioWriterPool {
+	pool := sync.Pool{
+		New: func() interface{} { return bufio.NewWriterSize(nil, size) },
+	}
+	return &BufioWriterPool{pool: pool}
+}
+
+// Get returns a bufio.Writer which writes to w. The buffer size is that of the pool.
+func (bufPool *BufioWriterPool) Get(w io.Writer) *bufio.Writer {
+	buf := bufPool.pool.Get().(*bufio.Writer)
+	buf.Reset(w)
+	return buf
+}
+
+// Put puts the bufio.Writer back into the pool.
+func (bufPool *BufioWriterPool) Put(b *bufio.Writer) {
+	b.Reset(nil)
+	bufPool.pool.Put(b)
+}
+
+// NewWriteCloserWrapper returns a wrapper which puts the bufio.Writer back
+// into the pool and closes the writer if it's an io.Writecloser.
+func (bufPool *BufioWriterPool) NewWriteCloserWrapper(buf *bufio.Writer, w io.Writer) io.WriteCloser {
+	return ioutils.NewWriteCloserWrapper(w, func() error {
+		buf.Flush()
+		if writeCloser, ok := w.(io.WriteCloser); ok {
+			writeCloser.Close()
+		}
+		bufPool.Put(buf)
+		return nil
+	})
+}
diff --git a/pkg/pools/pools_test.go b/pkg/pools/pools_test.go
new file mode 100644
index 00000000..1661b780
--- /dev/null
+++ b/pkg/pools/pools_test.go
@@ -0,0 +1,161 @@
+package pools
+
+import (
+	"bufio"
+	"bytes"
+	"io"
+	"strings"
+	"testing"
+)
+
+func TestBufioReaderPoolGetWithNoReaderShouldCreateOne(t *testing.T) {
+	reader := BufioReader32KPool.Get(nil)
+	if reader == nil {
+		t.Fatalf("BufioReaderPool should have create a bufio.Reader but did not.")
+	}
+}
+
+func TestBufioReaderPoolPutAndGet(t *testing.T) {
+	sr := bufio.NewReader(strings.NewReader("foobar"))
+	reader := BufioReader32KPool.Get(sr)
+	if reader == nil {
+		t.Fatalf("BufioReaderPool should not return a nil reader.")
+	}
+	// verify the first 3 byte
+	buf1 := make([]byte, 3)
+	_, err := reader.Read(buf1)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if actual := string(buf1); actual != "foo" {
+		t.Fatalf("The first letter should have been 'foo' but was %v", actual)
+	}
+	BufioReader32KPool.Put(reader)
+	// Try to read the next 3 bytes
+	_, err = sr.Read(make([]byte, 3))
+	if err == nil || err != io.EOF {
+		t.Fatalf("The buffer should have been empty, issue an EOF error.")
+	}
+}
+
+type simpleReaderCloser struct {
+	io.Reader
+	closed bool
+}
+
+func (r *simpleReaderCloser) Close() error {
+	r.closed = true
+	return nil
+}
+
+func TestNewReadCloserWrapperWithAReadCloser(t *testing.T) {
+	br := bufio.NewReader(strings.NewReader(""))
+	sr := &simpleReaderCloser{
+		Reader: strings.NewReader("foobar"),
+		closed: false,
+	}
+	reader := BufioReader32KPool.NewReadCloserWrapper(br, sr)
+	if reader == nil {
+		t.Fatalf("NewReadCloserWrapper should not return a nil reader.")
+	}
+	// Verify the content of reader
+	buf := make([]byte, 3)
+	_, err := reader.Read(buf)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if actual := string(buf); actual != "foo" {
+		t.Fatalf("The first 3 letter should have been 'foo' but were %v", actual)
+	}
+	reader.Close()
+	// Read 3 more bytes "bar"
+	_, err = reader.Read(buf)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if actual := string(buf); actual != "bar" {
+		t.Fatalf("The first 3 letter should have been 'bar' but were %v", actual)
+	}
+	if !sr.closed {
+		t.Fatalf("The ReaderCloser should have been closed, it is not.")
+	}
+}
+
+func TestBufioWriterPoolGetWithNoReaderShouldCreateOne(t *testing.T) {
+	writer := BufioWriter32KPool.Get(nil)
+	if writer == nil {
+		t.Fatalf("BufioWriterPool should have create a bufio.Writer but did not.")
+	}
+}
+
+func TestBufioWriterPoolPutAndGet(t *testing.T) {
+	buf := new(bytes.Buffer)
+	bw := bufio.NewWriter(buf)
+	writer := BufioWriter32KPool.Get(bw)
+	if writer == nil {
+		t.Fatalf("BufioReaderPool should not return a nil writer.")
+	}
+	written, err := writer.Write([]byte("foobar"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	if written != 6 {
+		t.Fatalf("Should have written 6 bytes, but wrote %v bytes", written)
+	}
+	// Make sure we Flush all the way ?
+	writer.Flush()
+	bw.Flush()
+	if len(buf.Bytes()) != 6 {
+		t.Fatalf("The buffer should contain 6 bytes ('foobar') but contains %v ('%v')", buf.Bytes(), string(buf.Bytes()))
+	}
+	// Reset the buffer
+	buf.Reset()
+	BufioWriter32KPool.Put(writer)
+	// Try to write something
+	if _, err = writer.Write([]byte("barfoo")); err != nil {
+		t.Fatal(err)
+	}
+	// If we now try to flush it, it should panic (the writer is nil)
+	// recover it
+	defer func() {
+		if r := recover(); r == nil {
+			t.Fatal("Trying to flush the writter should have 'paniced', did not.")
+		}
+	}()
+	writer.Flush()
+}
+
+type simpleWriterCloser struct {
+	io.Writer
+	closed bool
+}
+
+func (r *simpleWriterCloser) Close() error {
+	r.closed = true
+	return nil
+}
+
+func TestNewWriteCloserWrapperWithAWriteCloser(t *testing.T) {
+	buf := new(bytes.Buffer)
+	bw := bufio.NewWriter(buf)
+	sw := &simpleWriterCloser{
+		Writer: new(bytes.Buffer),
+		closed: false,
+	}
+	bw.Flush()
+	writer := BufioWriter32KPool.NewWriteCloserWrapper(bw, sw)
+	if writer == nil {
+		t.Fatalf("BufioReaderPool should not return a nil writer.")
+	}
+	written, err := writer.Write([]byte("foobar"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	if written != 6 {
+		t.Fatalf("Should have written 6 bytes, but wrote %v bytes", written)
+	}
+	writer.Close()
+	if !sw.closed {
+		t.Fatalf("The ReaderCloser should have been closed, it is not.")
+	}
+}
diff --git a/pkg/progress/progress.go b/pkg/progress/progress.go
new file mode 100644
index 00000000..61315cb8
--- /dev/null
+++ b/pkg/progress/progress.go
@@ -0,0 +1,73 @@
+package progress
+
+import (
+	"fmt"
+)
+
+// Progress represents the progress of a transfer.
+type Progress struct {
+	ID string
+
+	// Progress contains a Message or...
+	Message string
+
+	// ...progress of an action
+	Action  string
+	Current int64
+	Total   int64
+
+	// Aux contains extra information not presented to the user, such as
+	// digests for push signing.
+	Aux interface{}
+
+	LastUpdate bool
+}
+
+// Output is an interface for writing progress information. It's
+// like a writer for progress, but we don't call it Writer because
+// that would be confusing next to ProgressReader (also, because it
+// doesn't implement the io.Writer interface).
+type Output interface {
+	WriteProgress(Progress) error
+}
+
+type chanOutput chan<- Progress
+
+func (out chanOutput) WriteProgress(p Progress) error {
+	out <- p
+	return nil
+}
+
+// ChanOutput returns a Output that writes progress updates to the
+// supplied channel.
+func ChanOutput(progressChan chan<- Progress) Output {
+	return chanOutput(progressChan)
+}
+
+// Update is a convenience function to write a progress update to the channel.
+func Update(out Output, id, action string) {
+	out.WriteProgress(Progress{ID: id, Action: action})
+}
+
+// Updatef is a convenience function to write a printf-formatted progress update
+// to the channel.
+func Updatef(out Output, id, format string, a ...interface{}) {
+	Update(out, id, fmt.Sprintf(format, a...))
+}
+
+// Message is a convenience function to write a progress message to the channel.
+func Message(out Output, id, message string) {
+	out.WriteProgress(Progress{ID: id, Message: message})
+}
+
+// Messagef is a convenience function to write a printf-formatted progress
+// message to the channel.
+func Messagef(out Output, id, format string, a ...interface{}) {
+	Message(out, id, fmt.Sprintf(format, a...))
+}
+
+// Aux sends auxiliary information over a progress interface, which will not be
+// formatted for the UI. This is used for things such as push signing.
+func Aux(out Output, a interface{}) {
+	out.WriteProgress(Progress{Aux: a})
+}
diff --git a/pkg/progress/progressreader.go b/pkg/progress/progressreader.go
new file mode 100644
index 00000000..c39e2b69
--- /dev/null
+++ b/pkg/progress/progressreader.go
@@ -0,0 +1,59 @@
+package progress
+
+import (
+	"io"
+)
+
+// Reader is a Reader with progress bar.
+type Reader struct {
+	in         io.ReadCloser // Stream to read from
+	out        Output        // Where to send progress bar to
+	size       int64
+	current    int64
+	lastUpdate int64
+	id         string
+	action     string
+}
+
+// NewProgressReader creates a new ProgressReader.
+func NewProgressReader(in io.ReadCloser, out Output, size int64, id, action string) *Reader {
+	return &Reader{
+		in:     in,
+		out:    out,
+		size:   size,
+		id:     id,
+		action: action,
+	}
+}
+
+func (p *Reader) Read(buf []byte) (n int, err error) {
+	read, err := p.in.Read(buf)
+	p.current += int64(read)
+	updateEvery := int64(1024 * 512) //512kB
+	if p.size > 0 {
+		// Update progress for every 1% read if 1% < 512kB
+		if increment := int64(0.01 * float64(p.size)); increment < updateEvery {
+			updateEvery = increment
+		}
+	}
+	if p.current-p.lastUpdate > updateEvery || err != nil {
+		p.updateProgress(err != nil && read == 0)
+		p.lastUpdate = p.current
+	}
+
+	return read, err
+}
+
+// Close closes the progress reader and its underlying reader.
+func (p *Reader) Close() error {
+	if p.current < p.size {
+		// print a full progress bar when closing prematurely
+		p.current = p.size
+		p.updateProgress(false)
+	}
+	return p.in.Close()
+}
+
+func (p *Reader) updateProgress(last bool) {
+	p.out.WriteProgress(Progress{ID: p.id, Action: p.action, Current: p.current, Total: p.size, LastUpdate: last})
+}
diff --git a/pkg/progress/progressreader_test.go b/pkg/progress/progressreader_test.go
new file mode 100644
index 00000000..b14d4015
--- /dev/null
+++ b/pkg/progress/progressreader_test.go
@@ -0,0 +1,75 @@
+package progress
+
+import (
+	"bytes"
+	"io"
+	"io/ioutil"
+	"testing"
+)
+
+func TestOutputOnPrematureClose(t *testing.T) {
+	content := []byte("TESTING")
+	reader := ioutil.NopCloser(bytes.NewReader(content))
+	progressChan := make(chan Progress, 10)
+
+	pr := NewProgressReader(reader, ChanOutput(progressChan), int64(len(content)), "Test", "Read")
+
+	part := make([]byte, 4, 4)
+	_, err := io.ReadFull(pr, part)
+	if err != nil {
+		pr.Close()
+		t.Fatal(err)
+	}
+
+drainLoop:
+	for {
+		select {
+		case <-progressChan:
+		default:
+			break drainLoop
+		}
+	}
+
+	pr.Close()
+
+	select {
+	case <-progressChan:
+	default:
+		t.Fatalf("Expected some output when closing prematurely")
+	}
+}
+
+func TestCompleteSilently(t *testing.T) {
+	content := []byte("TESTING")
+	reader := ioutil.NopCloser(bytes.NewReader(content))
+	progressChan := make(chan Progress, 10)
+
+	pr := NewProgressReader(reader, ChanOutput(progressChan), int64(len(content)), "Test", "Read")
+
+	out, err := ioutil.ReadAll(pr)
+	if err != nil {
+		pr.Close()
+		t.Fatal(err)
+	}
+	if string(out) != "TESTING" {
+		pr.Close()
+		t.Fatalf("Unexpected output %q from reader", string(out))
+	}
+
+drainLoop:
+	for {
+		select {
+		case <-progressChan:
+		default:
+			break drainLoop
+		}
+	}
+
+	pr.Close()
+
+	select {
+	case <-progressChan:
+		t.Fatalf("Should have closed silently when read is complete")
+	default:
+	}
+}
diff --git a/pkg/promise/promise.go b/pkg/promise/promise.go
new file mode 100644
index 00000000..dd52b908
--- /dev/null
+++ b/pkg/promise/promise.go
@@ -0,0 +1,11 @@
+package promise
+
+// Go is a basic promise implementation: it wraps calls a function in a goroutine,
+// and returns a channel which will later return the function's return value.
+func Go(f func() error) chan error {
+	ch := make(chan error, 1)
+	go func() {
+		ch <- f()
+	}()
+	return ch
+}
diff --git a/pkg/proxy/network_proxy_test.go b/pkg/proxy/network_proxy_test.go
new file mode 100644
index 00000000..9e382567
--- /dev/null
+++ b/pkg/proxy/network_proxy_test.go
@@ -0,0 +1,216 @@
+package proxy
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+	"net"
+	"strings"
+	"testing"
+	"time"
+)
+
+var testBuf = []byte("Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo")
+var testBufSize = len(testBuf)
+
+type EchoServer interface {
+	Run()
+	Close()
+	LocalAddr() net.Addr
+}
+
+type TCPEchoServer struct {
+	listener net.Listener
+	testCtx  *testing.T
+}
+
+type UDPEchoServer struct {
+	conn    net.PacketConn
+	testCtx *testing.T
+}
+
+func NewEchoServer(t *testing.T, proto, address string) EchoServer {
+	var server EchoServer
+	if strings.HasPrefix(proto, "tcp") {
+		listener, err := net.Listen(proto, address)
+		if err != nil {
+			t.Fatal(err)
+		}
+		server = &TCPEchoServer{listener: listener, testCtx: t}
+	} else {
+		socket, err := net.ListenPacket(proto, address)
+		if err != nil {
+			t.Fatal(err)
+		}
+		server = &UDPEchoServer{conn: socket, testCtx: t}
+	}
+	return server
+}
+
+func (server *TCPEchoServer) Run() {
+	go func() {
+		for {
+			client, err := server.listener.Accept()
+			if err != nil {
+				return
+			}
+			go func(client net.Conn) {
+				if _, err := io.Copy(client, client); err != nil {
+					server.testCtx.Logf("can't echo to the client: %v\n", err.Error())
+				}
+				client.Close()
+			}(client)
+		}
+	}()
+}
+
+func (server *TCPEchoServer) LocalAddr() net.Addr { return server.listener.Addr() }
+func (server *TCPEchoServer) Close()              { server.listener.Addr() }
+
+func (server *UDPEchoServer) Run() {
+	go func() {
+		readBuf := make([]byte, 1024)
+		for {
+			read, from, err := server.conn.ReadFrom(readBuf)
+			if err != nil {
+				return
+			}
+			for i := 0; i != read; {
+				written, err := server.conn.WriteTo(readBuf[i:read], from)
+				if err != nil {
+					break
+				}
+				i += written
+			}
+		}
+	}()
+}
+
+func (server *UDPEchoServer) LocalAddr() net.Addr { return server.conn.LocalAddr() }
+func (server *UDPEchoServer) Close()              { server.conn.Close() }
+
+func testProxyAt(t *testing.T, proto string, proxy Proxy, addr string) {
+	defer proxy.Close()
+	go proxy.Run()
+	client, err := net.Dial(proto, addr)
+	if err != nil {
+		t.Fatalf("Can't connect to the proxy: %v", err)
+	}
+	defer client.Close()
+	client.SetDeadline(time.Now().Add(10 * time.Second))
+	if _, err = client.Write(testBuf); err != nil {
+		t.Fatal(err)
+	}
+	recvBuf := make([]byte, testBufSize)
+	if _, err = client.Read(recvBuf); err != nil {
+		t.Fatal(err)
+	}
+	if !bytes.Equal(testBuf, recvBuf) {
+		t.Fatal(fmt.Errorf("Expected [%v] but got [%v]", testBuf, recvBuf))
+	}
+}
+
+func testProxy(t *testing.T, proto string, proxy Proxy) {
+	testProxyAt(t, proto, proxy, proxy.FrontendAddr().String())
+}
+
+func TestTCP4Proxy(t *testing.T) {
+	backend := NewEchoServer(t, "tcp", "127.0.0.1:0")
+	defer backend.Close()
+	backend.Run()
+	frontendAddr := &net.TCPAddr{IP: net.IPv4(127, 0, 0, 1), Port: 0}
+	proxy, err := NewProxy(frontendAddr, backend.LocalAddr())
+	if err != nil {
+		t.Fatal(err)
+	}
+	testProxy(t, "tcp", proxy)
+}
+
+func TestTCP6Proxy(t *testing.T) {
+	backend := NewEchoServer(t, "tcp", "[::1]:0")
+	defer backend.Close()
+	backend.Run()
+	frontendAddr := &net.TCPAddr{IP: net.IPv6loopback, Port: 0}
+	proxy, err := NewProxy(frontendAddr, backend.LocalAddr())
+	if err != nil {
+		t.Fatal(err)
+	}
+	testProxy(t, "tcp", proxy)
+}
+
+func TestTCPDualStackProxy(t *testing.T) {
+	// If I understand `godoc -src net favoriteAddrFamily` (used by the
+	// net.Listen* functions) correctly this should work, but it doesn't.
+	t.Skip("No support for dual stack yet")
+	backend := NewEchoServer(t, "tcp", "[::1]:0")
+	defer backend.Close()
+	backend.Run()
+	frontendAddr := &net.TCPAddr{IP: net.IPv6loopback, Port: 0}
+	proxy, err := NewProxy(frontendAddr, backend.LocalAddr())
+	if err != nil {
+		t.Fatal(err)
+	}
+	ipv4ProxyAddr := &net.TCPAddr{
+		IP:   net.IPv4(127, 0, 0, 1),
+		Port: proxy.FrontendAddr().(*net.TCPAddr).Port,
+	}
+	testProxyAt(t, "tcp", proxy, ipv4ProxyAddr.String())
+}
+
+func TestUDP4Proxy(t *testing.T) {
+	backend := NewEchoServer(t, "udp", "127.0.0.1:0")
+	defer backend.Close()
+	backend.Run()
+	frontendAddr := &net.UDPAddr{IP: net.IPv4(127, 0, 0, 1), Port: 0}
+	proxy, err := NewProxy(frontendAddr, backend.LocalAddr())
+	if err != nil {
+		t.Fatal(err)
+	}
+	testProxy(t, "udp", proxy)
+}
+
+func TestUDP6Proxy(t *testing.T) {
+	backend := NewEchoServer(t, "udp", "[::1]:0")
+	defer backend.Close()
+	backend.Run()
+	frontendAddr := &net.UDPAddr{IP: net.IPv6loopback, Port: 0}
+	proxy, err := NewProxy(frontendAddr, backend.LocalAddr())
+	if err != nil {
+		t.Fatal(err)
+	}
+	testProxy(t, "udp", proxy)
+}
+
+func TestUDPWriteError(t *testing.T) {
+	frontendAddr := &net.UDPAddr{IP: net.IPv4(127, 0, 0, 1), Port: 0}
+	// Hopefully, this port will be free: */
+	backendAddr := &net.UDPAddr{IP: net.IPv4(127, 0, 0, 1), Port: 25587}
+	proxy, err := NewProxy(frontendAddr, backendAddr)
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer proxy.Close()
+	go proxy.Run()
+	client, err := net.Dial("udp", "127.0.0.1:25587")
+	if err != nil {
+		t.Fatalf("Can't connect to the proxy: %v", err)
+	}
+	defer client.Close()
+	// Make sure the proxy doesn't stop when there is no actual backend:
+	client.Write(testBuf)
+	client.Write(testBuf)
+	backend := NewEchoServer(t, "udp", "127.0.0.1:25587")
+	defer backend.Close()
+	backend.Run()
+	client.SetDeadline(time.Now().Add(10 * time.Second))
+	if _, err = client.Write(testBuf); err != nil {
+		t.Fatal(err)
+	}
+	recvBuf := make([]byte, testBufSize)
+	if _, err = client.Read(recvBuf); err != nil {
+		t.Fatal(err)
+	}
+	if !bytes.Equal(testBuf, recvBuf) {
+		t.Fatal(fmt.Errorf("Expected [%v] but got [%v]", testBuf, recvBuf))
+	}
+}
diff --git a/pkg/proxy/proxy.go b/pkg/proxy/proxy.go
new file mode 100644
index 00000000..4e24e5f6
--- /dev/null
+++ b/pkg/proxy/proxy.go
@@ -0,0 +1,37 @@
+// Package proxy provides a network Proxy interface and implementations for TCP
+// and UDP.
+package proxy
+
+import (
+	"fmt"
+	"net"
+)
+
+// Proxy defines the behavior of a proxy. It forwards traffic back and forth
+// between two endpoints : the frontend and the backend.
+// It can be used to do software port-mapping between two addresses.
+// e.g. forward all traffic between the frontend (host) 127.0.0.1:3000
+// to the backend (container) at 172.17.42.108:4000.
+type Proxy interface {
+	// Run starts forwarding traffic back and forth between the front
+	// and back-end addresses.
+	Run()
+	// Close stops forwarding traffic and close both ends of the Proxy.
+	Close()
+	// FrontendAddr returns the address on which the proxy is listening.
+	FrontendAddr() net.Addr
+	// BackendAddr returns the proxied address.
+	BackendAddr() net.Addr
+}
+
+// NewProxy creates a Proxy according to the specified frontendAddr and backendAddr.
+func NewProxy(frontendAddr, backendAddr net.Addr) (Proxy, error) {
+	switch frontendAddr.(type) {
+	case *net.UDPAddr:
+		return NewUDPProxy(frontendAddr.(*net.UDPAddr), backendAddr.(*net.UDPAddr))
+	case *net.TCPAddr:
+		return NewTCPProxy(frontendAddr.(*net.TCPAddr), backendAddr.(*net.TCPAddr))
+	default:
+		panic(fmt.Errorf("Unsupported protocol"))
+	}
+}
diff --git a/pkg/proxy/stub_proxy.go b/pkg/proxy/stub_proxy.go
new file mode 100644
index 00000000..571749e4
--- /dev/null
+++ b/pkg/proxy/stub_proxy.go
@@ -0,0 +1,31 @@
+package proxy
+
+import (
+	"net"
+)
+
+// StubProxy is a proxy that is a stub (does nothing).
+type StubProxy struct {
+	frontendAddr net.Addr
+	backendAddr  net.Addr
+}
+
+// Run does nothing.
+func (p *StubProxy) Run() {}
+
+// Close does nothing.
+func (p *StubProxy) Close() {}
+
+// FrontendAddr returns the frontend address.
+func (p *StubProxy) FrontendAddr() net.Addr { return p.frontendAddr }
+
+// BackendAddr returns the backend address.
+func (p *StubProxy) BackendAddr() net.Addr { return p.backendAddr }
+
+// NewStubProxy creates a new StubProxy
+func NewStubProxy(frontendAddr, backendAddr net.Addr) (Proxy, error) {
+	return &StubProxy{
+		frontendAddr: frontendAddr,
+		backendAddr:  backendAddr,
+	}, nil
+}
diff --git a/pkg/proxy/tcp_proxy.go b/pkg/proxy/tcp_proxy.go
new file mode 100644
index 00000000..3cd742af
--- /dev/null
+++ b/pkg/proxy/tcp_proxy.go
@@ -0,0 +1,99 @@
+package proxy
+
+import (
+	"io"
+	"net"
+	"syscall"
+
+	"github.com/Sirupsen/logrus"
+)
+
+// TCPProxy is a proxy for TCP connections. It implements the Proxy interface to
+// handle TCP traffic forwarding between the frontend and backend addresses.
+type TCPProxy struct {
+	listener     *net.TCPListener
+	frontendAddr *net.TCPAddr
+	backendAddr  *net.TCPAddr
+}
+
+// NewTCPProxy creates a new TCPProxy.
+func NewTCPProxy(frontendAddr, backendAddr *net.TCPAddr) (*TCPProxy, error) {
+	listener, err := net.ListenTCP("tcp", frontendAddr)
+	if err != nil {
+		return nil, err
+	}
+	// If the port in frontendAddr was 0 then ListenTCP will have a picked
+	// a port to listen on, hence the call to Addr to get that actual port:
+	return &TCPProxy{
+		listener:     listener,
+		frontendAddr: listener.Addr().(*net.TCPAddr),
+		backendAddr:  backendAddr,
+	}, nil
+}
+
+func (proxy *TCPProxy) clientLoop(client *net.TCPConn, quit chan bool) {
+	backend, err := net.DialTCP("tcp", nil, proxy.backendAddr)
+	if err != nil {
+		logrus.Printf("Can't forward traffic to backend tcp/%v: %s\n", proxy.backendAddr, err)
+		client.Close()
+		return
+	}
+
+	event := make(chan int64)
+	var broker = func(to, from *net.TCPConn) {
+		written, err := io.Copy(to, from)
+		if err != nil {
+			// If the socket we are writing to is shutdown with
+			// SHUT_WR, forward it to the other end of the pipe:
+			if err, ok := err.(*net.OpError); ok && err.Err == syscall.EPIPE {
+				from.CloseWrite()
+			}
+		}
+		to.CloseRead()
+		event <- written
+	}
+
+	go broker(client, backend)
+	go broker(backend, client)
+
+	var transferred int64
+	for i := 0; i < 2; i++ {
+		select {
+		case written := <-event:
+			transferred += written
+		case <-quit:
+			// Interrupt the two brokers and "join" them.
+			client.Close()
+			backend.Close()
+			for ; i < 2; i++ {
+				transferred += <-event
+			}
+			return
+		}
+	}
+	client.Close()
+	backend.Close()
+}
+
+// Run starts forwarding the traffic using TCP.
+func (proxy *TCPProxy) Run() {
+	quit := make(chan bool)
+	defer close(quit)
+	for {
+		client, err := proxy.listener.Accept()
+		if err != nil {
+			logrus.Printf("Stopping proxy on tcp/%v for tcp/%v (%s)", proxy.frontendAddr, proxy.backendAddr, err)
+			return
+		}
+		go proxy.clientLoop(client.(*net.TCPConn), quit)
+	}
+}
+
+// Close stops forwarding the traffic.
+func (proxy *TCPProxy) Close() { proxy.listener.Close() }
+
+// FrontendAddr returns the TCP address on which the proxy is listening.
+func (proxy *TCPProxy) FrontendAddr() net.Addr { return proxy.frontendAddr }
+
+// BackendAddr returns the TCP proxied address.
+func (proxy *TCPProxy) BackendAddr() net.Addr { return proxy.backendAddr }
diff --git a/pkg/proxy/udp_proxy.go b/pkg/proxy/udp_proxy.go
new file mode 100644
index 00000000..b8375c37
--- /dev/null
+++ b/pkg/proxy/udp_proxy.go
@@ -0,0 +1,169 @@
+package proxy
+
+import (
+	"encoding/binary"
+	"net"
+	"strings"
+	"sync"
+	"syscall"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+)
+
+const (
+	// UDPConnTrackTimeout is the timeout used for UDP connection tracking
+	UDPConnTrackTimeout = 90 * time.Second
+	// UDPBufSize is the buffer size for the UDP proxy
+	UDPBufSize = 65507
+)
+
+// A net.Addr where the IP is split into two fields so you can use it as a key
+// in a map:
+type connTrackKey struct {
+	IPHigh uint64
+	IPLow  uint64
+	Port   int
+}
+
+func newConnTrackKey(addr *net.UDPAddr) *connTrackKey {
+	if len(addr.IP) == net.IPv4len {
+		return &connTrackKey{
+			IPHigh: 0,
+			IPLow:  uint64(binary.BigEndian.Uint32(addr.IP)),
+			Port:   addr.Port,
+		}
+	}
+	return &connTrackKey{
+		IPHigh: binary.BigEndian.Uint64(addr.IP[:8]),
+		IPLow:  binary.BigEndian.Uint64(addr.IP[8:]),
+		Port:   addr.Port,
+	}
+}
+
+type connTrackMap map[connTrackKey]*net.UDPConn
+
+// UDPProxy is proxy for which handles UDP datagrams. It implements the Proxy
+// interface to handle UDP traffic forwarding between the frontend and backend
+// addresses.
+type UDPProxy struct {
+	listener       *net.UDPConn
+	frontendAddr   *net.UDPAddr
+	backendAddr    *net.UDPAddr
+	connTrackTable connTrackMap
+	connTrackLock  sync.Mutex
+}
+
+// NewUDPProxy creates a new UDPProxy.
+func NewUDPProxy(frontendAddr, backendAddr *net.UDPAddr) (*UDPProxy, error) {
+	listener, err := net.ListenUDP("udp", frontendAddr)
+	if err != nil {
+		return nil, err
+	}
+	return &UDPProxy{
+		listener:       listener,
+		frontendAddr:   listener.LocalAddr().(*net.UDPAddr),
+		backendAddr:    backendAddr,
+		connTrackTable: make(connTrackMap),
+	}, nil
+}
+
+func (proxy *UDPProxy) replyLoop(proxyConn *net.UDPConn, clientAddr *net.UDPAddr, clientKey *connTrackKey) {
+	defer func() {
+		proxy.connTrackLock.Lock()
+		delete(proxy.connTrackTable, *clientKey)
+		proxy.connTrackLock.Unlock()
+		proxyConn.Close()
+	}()
+
+	readBuf := make([]byte, UDPBufSize)
+	for {
+		proxyConn.SetReadDeadline(time.Now().Add(UDPConnTrackTimeout))
+	again:
+		read, err := proxyConn.Read(readBuf)
+		if err != nil {
+			if err, ok := err.(*net.OpError); ok && err.Err == syscall.ECONNREFUSED {
+				// This will happen if the last write failed
+				// (e.g: nothing is actually listening on the
+				// proxied port on the container), ignore it
+				// and continue until UDPConnTrackTimeout
+				// expires:
+				goto again
+			}
+			return
+		}
+		for i := 0; i != read; {
+			written, err := proxy.listener.WriteToUDP(readBuf[i:read], clientAddr)
+			if err != nil {
+				return
+			}
+			i += written
+		}
+	}
+}
+
+// Run starts forwarding the traffic using UDP.
+func (proxy *UDPProxy) Run() {
+	readBuf := make([]byte, UDPBufSize)
+	for {
+		read, from, err := proxy.listener.ReadFromUDP(readBuf)
+		if err != nil {
+			// NOTE: Apparently ReadFrom doesn't return
+			// ECONNREFUSED like Read do (see comment in
+			// UDPProxy.replyLoop)
+			if !isClosedError(err) {
+				logrus.Printf("Stopping proxy on udp/%v for udp/%v (%s)", proxy.frontendAddr, proxy.backendAddr, err)
+			}
+			break
+		}
+
+		fromKey := newConnTrackKey(from)
+		proxy.connTrackLock.Lock()
+		proxyConn, hit := proxy.connTrackTable[*fromKey]
+		if !hit {
+			proxyConn, err = net.DialUDP("udp", nil, proxy.backendAddr)
+			if err != nil {
+				logrus.Printf("Can't proxy a datagram to udp/%s: %s\n", proxy.backendAddr, err)
+				proxy.connTrackLock.Unlock()
+				continue
+			}
+			proxy.connTrackTable[*fromKey] = proxyConn
+			go proxy.replyLoop(proxyConn, from, fromKey)
+		}
+		proxy.connTrackLock.Unlock()
+		for i := 0; i != read; {
+			written, err := proxyConn.Write(readBuf[i:read])
+			if err != nil {
+				logrus.Printf("Can't proxy a datagram to udp/%s: %s\n", proxy.backendAddr, err)
+				break
+			}
+			i += written
+		}
+	}
+}
+
+// Close stops forwarding the traffic.
+func (proxy *UDPProxy) Close() {
+	proxy.listener.Close()
+	proxy.connTrackLock.Lock()
+	defer proxy.connTrackLock.Unlock()
+	for _, conn := range proxy.connTrackTable {
+		conn.Close()
+	}
+}
+
+// FrontendAddr returns the UDP address on which the proxy is listening.
+func (proxy *UDPProxy) FrontendAddr() net.Addr { return proxy.frontendAddr }
+
+// BackendAddr returns the proxied UDP address.
+func (proxy *UDPProxy) BackendAddr() net.Addr { return proxy.backendAddr }
+
+func isClosedError(err error) bool {
+	/* This comparison is ugly, but unfortunately, net.go doesn't export errClosing.
+	 * See:
+	 * http://golang.org/src/pkg/net/net.go
+	 * https://code.google.com/p/go/issues/detail?id=4337
+	 * https://groups.google.com/forum/#!msg/golang-nuts/0_aaCvBmOcM/SptmDyX1XJMJ
+	 */
+	return strings.HasSuffix(err.Error(), "use of closed network connection")
+}
diff --git a/pkg/pubsub/publisher.go b/pkg/pubsub/publisher.go
new file mode 100644
index 00000000..09364617
--- /dev/null
+++ b/pkg/pubsub/publisher.go
@@ -0,0 +1,111 @@
+package pubsub
+
+import (
+	"sync"
+	"time"
+)
+
+var wgPool = sync.Pool{New: func() interface{} { return new(sync.WaitGroup) }}
+
+// NewPublisher creates a new pub/sub publisher to broadcast messages.
+// The duration is used as the send timeout as to not block the publisher publishing
+// messages to other clients if one client is slow or unresponsive.
+// The buffer is used when creating new channels for subscribers.
+func NewPublisher(publishTimeout time.Duration, buffer int) *Publisher {
+	return &Publisher{
+		buffer:      buffer,
+		timeout:     publishTimeout,
+		subscribers: make(map[subscriber]topicFunc),
+	}
+}
+
+type subscriber chan interface{}
+type topicFunc func(v interface{}) bool
+
+// Publisher is basic pub/sub structure. Allows to send events and subscribe
+// to them. Can be safely used from multiple goroutines.
+type Publisher struct {
+	m           sync.RWMutex
+	buffer      int
+	timeout     time.Duration
+	subscribers map[subscriber]topicFunc
+}
+
+// Len returns the number of subscribers for the publisher
+func (p *Publisher) Len() int {
+	p.m.RLock()
+	i := len(p.subscribers)
+	p.m.RUnlock()
+	return i
+}
+
+// Subscribe adds a new subscriber to the publisher returning the channel.
+func (p *Publisher) Subscribe() chan interface{} {
+	return p.SubscribeTopic(nil)
+}
+
+// SubscribeTopic adds a new subscriber that filters messages sent by a topic.
+func (p *Publisher) SubscribeTopic(topic topicFunc) chan interface{} {
+	ch := make(chan interface{}, p.buffer)
+	p.m.Lock()
+	p.subscribers[ch] = topic
+	p.m.Unlock()
+	return ch
+}
+
+// Evict removes the specified subscriber from receiving any more messages.
+func (p *Publisher) Evict(sub chan interface{}) {
+	p.m.Lock()
+	delete(p.subscribers, sub)
+	close(sub)
+	p.m.Unlock()
+}
+
+// Publish sends the data in v to all subscribers currently registered with the publisher.
+func (p *Publisher) Publish(v interface{}) {
+	p.m.RLock()
+	if len(p.subscribers) == 0 {
+		p.m.RUnlock()
+		return
+	}
+
+	wg := wgPool.Get().(*sync.WaitGroup)
+	for sub, topic := range p.subscribers {
+		wg.Add(1)
+		go p.sendTopic(sub, topic, v, wg)
+	}
+	wg.Wait()
+	wgPool.Put(wg)
+	p.m.RUnlock()
+}
+
+// Close closes the channels to all subscribers registered with the publisher.
+func (p *Publisher) Close() {
+	p.m.Lock()
+	for sub := range p.subscribers {
+		delete(p.subscribers, sub)
+		close(sub)
+	}
+	p.m.Unlock()
+}
+
+func (p *Publisher) sendTopic(sub subscriber, topic topicFunc, v interface{}, wg *sync.WaitGroup) {
+	defer wg.Done()
+	if topic != nil && !topic(v) {
+		return
+	}
+
+	// send under a select as to not block if the receiver is unavailable
+	if p.timeout > 0 {
+		select {
+		case sub <- v:
+		case <-time.After(p.timeout):
+		}
+		return
+	}
+
+	select {
+	case sub <- v:
+	default:
+	}
+}
diff --git a/pkg/pubsub/publisher_test.go b/pkg/pubsub/publisher_test.go
new file mode 100644
index 00000000..d6b0a1d5
--- /dev/null
+++ b/pkg/pubsub/publisher_test.go
@@ -0,0 +1,142 @@
+package pubsub
+
+import (
+	"fmt"
+	"testing"
+	"time"
+)
+
+func TestSendToOneSub(t *testing.T) {
+	p := NewPublisher(100*time.Millisecond, 10)
+	c := p.Subscribe()
+
+	p.Publish("hi")
+
+	msg := <-c
+	if msg.(string) != "hi" {
+		t.Fatalf("expected message hi but received %v", msg)
+	}
+}
+
+func TestSendToMultipleSubs(t *testing.T) {
+	p := NewPublisher(100*time.Millisecond, 10)
+	subs := []chan interface{}{}
+	subs = append(subs, p.Subscribe(), p.Subscribe(), p.Subscribe())
+
+	p.Publish("hi")
+
+	for _, c := range subs {
+		msg := <-c
+		if msg.(string) != "hi" {
+			t.Fatalf("expected message hi but received %v", msg)
+		}
+	}
+}
+
+func TestEvictOneSub(t *testing.T) {
+	p := NewPublisher(100*time.Millisecond, 10)
+	s1 := p.Subscribe()
+	s2 := p.Subscribe()
+
+	p.Evict(s1)
+	p.Publish("hi")
+	if _, ok := <-s1; ok {
+		t.Fatal("expected s1 to not receive the published message")
+	}
+
+	msg := <-s2
+	if msg.(string) != "hi" {
+		t.Fatalf("expected message hi but received %v", msg)
+	}
+}
+
+func TestClosePublisher(t *testing.T) {
+	p := NewPublisher(100*time.Millisecond, 10)
+	subs := []chan interface{}{}
+	subs = append(subs, p.Subscribe(), p.Subscribe(), p.Subscribe())
+	p.Close()
+
+	for _, c := range subs {
+		if _, ok := <-c; ok {
+			t.Fatal("expected all subscriber channels to be closed")
+		}
+	}
+}
+
+const sampleText = "test"
+
+type testSubscriber struct {
+	dataCh chan interface{}
+	ch     chan error
+}
+
+func (s *testSubscriber) Wait() error {
+	return <-s.ch
+}
+
+func newTestSubscriber(p *Publisher) *testSubscriber {
+	ts := &testSubscriber{
+		dataCh: p.Subscribe(),
+		ch:     make(chan error),
+	}
+	go func() {
+		for data := range ts.dataCh {
+			s, ok := data.(string)
+			if !ok {
+				ts.ch <- fmt.Errorf("Unexpected type %T", data)
+				break
+			}
+			if s != sampleText {
+				ts.ch <- fmt.Errorf("Unexpected text %s", s)
+				break
+			}
+		}
+		close(ts.ch)
+	}()
+	return ts
+}
+
+// for testing with -race
+func TestPubSubRace(t *testing.T) {
+	p := NewPublisher(0, 1024)
+	var subs [](*testSubscriber)
+	for j := 0; j < 50; j++ {
+		subs = append(subs, newTestSubscriber(p))
+	}
+	for j := 0; j < 1000; j++ {
+		p.Publish(sampleText)
+	}
+	time.AfterFunc(1*time.Second, func() {
+		for _, s := range subs {
+			p.Evict(s.dataCh)
+		}
+	})
+	for _, s := range subs {
+		s.Wait()
+	}
+}
+
+func BenchmarkPubSub(b *testing.B) {
+	for i := 0; i < b.N; i++ {
+		b.StopTimer()
+		p := NewPublisher(0, 1024)
+		var subs [](*testSubscriber)
+		for j := 0; j < 50; j++ {
+			subs = append(subs, newTestSubscriber(p))
+		}
+		b.StartTimer()
+		for j := 0; j < 1000; j++ {
+			p.Publish(sampleText)
+		}
+		time.AfterFunc(1*time.Second, func() {
+			for _, s := range subs {
+				p.Evict(s.dataCh)
+			}
+		})
+		for _, s := range subs {
+			if err := s.Wait(); err != nil {
+				b.Fatal(err)
+			}
+		}
+	}
+}
diff --git a/pkg/random/random.go b/pkg/random/random.go
new file mode 100644
index 00000000..70de4d13
--- /dev/null
+++ b/pkg/random/random.go
@@ -0,0 +1,71 @@
+package random
+
+import (
+	cryptorand "crypto/rand"
+	"io"
+	"math"
+	"math/big"
+	"math/rand"
+	"sync"
+	"time"
+)
+
+// Rand is a global *rand.Rand instance, which initialized with NewSource() source.
+var Rand = rand.New(NewSource())
+
+// Reader is a global, shared instance of a pseudorandom bytes generator.
+// It doesn't consume entropy.
+var Reader io.Reader = &reader{rnd: Rand}
+
+// copypaste from standard math/rand
+type lockedSource struct {
+	lk  sync.Mutex
+	src rand.Source
+}
+
+func (r *lockedSource) Int63() (n int64) {
+	r.lk.Lock()
+	n = r.src.Int63()
+	r.lk.Unlock()
+	return
+}
+
+func (r *lockedSource) Seed(seed int64) {
+	r.lk.Lock()
+	r.src.Seed(seed)
+	r.lk.Unlock()
+}
+
+// NewSource returns math/rand.Source safe for concurrent use and initialized
+// with current unix-nano timestamp
+func NewSource() rand.Source {
+	var seed int64
+	if cryptoseed, err := cryptorand.Int(cryptorand.Reader, big.NewInt(math.MaxInt64)); err != nil {
+		// This should not happen, but worst-case fallback to time-based seed.
+		seed = time.Now().UnixNano()
+	} else {
+		seed = cryptoseed.Int64()
+	}
+	return &lockedSource{
+		src: rand.NewSource(seed),
+	}
+}
+
+type reader struct {
+	rnd *rand.Rand
+}
+
+func (r *reader) Read(b []byte) (int, error) {
+	i := 0
+	for {
+		val := r.rnd.Int63()
+		for val > 0 {
+			b[i] = byte(val)
+			i++
+			if i == len(b) {
+				return i, nil
+			}
+			val >>= 8
+		}
+	}
+}
diff --git a/pkg/random/random_test.go b/pkg/random/random_test.go
new file mode 100644
index 00000000..cf405f78
--- /dev/null
+++ b/pkg/random/random_test.go
@@ -0,0 +1,22 @@
+package random
+
+import (
+	"math/rand"
+	"sync"
+	"testing"
+)
+
+// for go test -v -race
+func TestConcurrency(t *testing.T) {
+	rnd := rand.New(NewSource())
+	var wg sync.WaitGroup
+
+	for i := 0; i < 10; i++ {
+		wg.Add(1)
+		go func() {
+			rnd.Int63()
+			wg.Done()
+		}()
+	}
+	wg.Wait()
+}
diff --git a/pkg/reexec/README.md b/pkg/reexec/README.md
new file mode 100644
index 00000000..45592ce8
--- /dev/null
+++ b/pkg/reexec/README.md
@@ -0,0 +1,5 @@
+## reexec
+
+The `reexec` package facilitates the busybox style reexec of the docker binary that we require because 
+of the forking limitations of using Go.  Handlers can be registered with a name and the argv 0 of 
+the exec of the binary will be used to find and execute custom init paths.
diff --git a/pkg/reexec/command_freebsd.go b/pkg/reexec/command_freebsd.go
new file mode 100644
index 00000000..c7f797a5
--- /dev/null
+++ b/pkg/reexec/command_freebsd.go
@@ -0,0 +1,23 @@
+// +build freebsd
+
+package reexec
+
+import (
+	"os/exec"
+)
+
+// Self returns the path to the current process's binary.
+// Uses os.Args[0].
+func Self() string {
+	return naiveSelf()
+}
+
+// Command returns *exec.Cmd which have Path as current binary.
+// For example if current binary is "docker" at "/usr/bin/", then cmd.Path will
+// be set to "/usr/bin/docker".
+func Command(args ...string) *exec.Cmd {
+	return &exec.Cmd{
+		Path: Self(),
+		Args: args,
+	}
+}
diff --git a/pkg/reexec/command_linux.go b/pkg/reexec/command_linux.go
new file mode 100644
index 00000000..3c3a73a9
--- /dev/null
+++ b/pkg/reexec/command_linux.go
@@ -0,0 +1,28 @@
+// +build linux
+
+package reexec
+
+import (
+	"os/exec"
+	"syscall"
+)
+
+// Self returns the path to the current process's binary.
+// Returns "/proc/self/exe".
+func Self() string {
+	return "/proc/self/exe"
+}
+
+// Command returns *exec.Cmd which have Path as current binary. Also it setting
+// SysProcAttr.Pdeathsig to SIGTERM.
+// This will use the in-memory version (/proc/self/exe) of the current binary,
+// it is thus safe to delete or replace the on-disk binary (os.Args[0]).
+func Command(args ...string) *exec.Cmd {
+	return &exec.Cmd{
+		Path: Self(),
+		Args: args,
+		SysProcAttr: &syscall.SysProcAttr{
+			Pdeathsig: syscall.SIGTERM,
+		},
+	}
+}
diff --git a/pkg/reexec/command_unsupported.go b/pkg/reexec/command_unsupported.go
new file mode 100644
index 00000000..ad4ea38e
--- /dev/null
+++ b/pkg/reexec/command_unsupported.go
@@ -0,0 +1,12 @@
+// +build !linux,!windows,!freebsd
+
+package reexec
+
+import (
+	"os/exec"
+)
+
+// Command is unsupported on operating systems apart from Linux and Windows.
+func Command(args ...string) *exec.Cmd {
+	return nil
+}
diff --git a/pkg/reexec/command_windows.go b/pkg/reexec/command_windows.go
new file mode 100644
index 00000000..8d65e0ae
--- /dev/null
+++ b/pkg/reexec/command_windows.go
@@ -0,0 +1,23 @@
+// +build windows
+
+package reexec
+
+import (
+	"os/exec"
+)
+
+// Self returns the path to the current process's binary.
+// Uses os.Args[0].
+func Self() string {
+	return naiveSelf()
+}
+
+// Command returns *exec.Cmd which have Path as current binary.
+// For example if current binary is "docker.exe" at "C:\", then cmd.Path will
+// be set to "C:\docker.exe".
+func Command(args ...string) *exec.Cmd {
+	return &exec.Cmd{
+		Path: Self(),
+		Args: args,
+	}
+}
diff --git a/pkg/reexec/reexec.go b/pkg/reexec/reexec.go
new file mode 100644
index 00000000..ceb98d25
--- /dev/null
+++ b/pkg/reexec/reexec.go
@@ -0,0 +1,47 @@
+package reexec
+
+import (
+	"fmt"
+	"os"
+	"os/exec"
+	"path/filepath"
+)
+
+var registeredInitializers = make(map[string]func())
+
+// Register adds an initialization func under the specified name
+func Register(name string, initializer func()) {
+	if _, exists := registeredInitializers[name]; exists {
+		panic(fmt.Sprintf("reexec func already registred under name %q", name))
+	}
+
+	registeredInitializers[name] = initializer
+}
+
+// Init is called as the first part of the exec process and returns true if an
+// initialization function was called.
+func Init() bool {
+	initializer, exists := registeredInitializers[os.Args[0]]
+	if exists {
+		initializer()
+
+		return true
+	}
+	return false
+}
+
+func naiveSelf() string {
+	name := os.Args[0]
+	if filepath.Base(name) == name {
+		if lp, err := exec.LookPath(name); err == nil {
+			return lp
+		}
+	}
+	// handle conversion of relative paths to absolute
+	if absName, err := filepath.Abs(name); err == nil {
+		return absName
+	}
+	// if we couldn't get absolute name, return original
+	// (NOTE: Go only errors on Abs() if os.Getwd fails)
+	return name
+}
diff --git a/pkg/registrar/registrar.go b/pkg/registrar/registrar.go
new file mode 100644
index 00000000..8910197f
--- /dev/null
+++ b/pkg/registrar/registrar.go
@@ -0,0 +1,127 @@
+// Package registrar provides name registration. It reserves a name to a given key.
+package registrar
+
+import (
+	"errors"
+	"sync"
+)
+
+var (
+	// ErrNameReserved is an error which is returned when a name is requested to be reserved that already is reserved
+	ErrNameReserved = errors.New("name is reserved")
+	// ErrNameNotReserved is an error which is returned when trying to find a name that is not reserved
+	ErrNameNotReserved = errors.New("name is not reserved")
+	// ErrNoSuchKey is returned when trying to find the names for a key which is not known
+	ErrNoSuchKey = errors.New("provided key does not exist")
+)
+
+// Registrar stores indexes a list of keys and their registered names as well as indexes names and the key that they are registred to
+// Names must be unique.
+// Registrar is safe for concurrent access.
+type Registrar struct {
+	idx   map[string][]string
+	names map[string]string
+	mu    sync.Mutex
+}
+
+// NewRegistrar creates a new Registrar with the an empty index
+func NewRegistrar() *Registrar {
+	return &Registrar{
+		idx:   make(map[string][]string),
+		names: make(map[string]string),
+	}
+}
+
+// Reserve registers a key to a name
+// Reserve is idempotent
+// Attempting to reserve a key to a name that already exists results in an `ErrNameReserved`
+// A name reservation is globally unique
+func (r *Registrar) Reserve(name, key string) error {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	if k, exists := r.names[name]; exists {
+		if k != key {
+			return ErrNameReserved
+		}
+		return nil
+	}
+
+	r.idx[key] = append(r.idx[key], name)
+	r.names[name] = key
+	return nil
+}
+
+// Release releases the reserved name
+// Once released, a name can be reserved again
+func (r *Registrar) Release(name string) {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	key, exists := r.names[name]
+	if !exists {
+		return
+	}
+
+	for i, n := range r.idx[key] {
+		if n != name {
+			continue
+		}
+		r.idx[key] = append(r.idx[key][:i], r.idx[key][i+1:]...)
+		break
+	}
+
+	delete(r.names, name)
+
+	if len(r.idx[key]) == 0 {
+		delete(r.idx, key)
+	}
+}
+
+// Delete removes all reservations for the passed in key.
+// All names reserved to this key are released.
+func (r *Registrar) Delete(key string) {
+	r.mu.Lock()
+	for _, name := range r.idx[key] {
+		delete(r.names, name)
+	}
+	delete(r.idx, key)
+	r.mu.Unlock()
+}
+
+// GetNames lists all the reserved names for the given key
+func (r *Registrar) GetNames(key string) ([]string, error) {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	names, exists := r.idx[key]
+	if !exists {
+		return nil, ErrNoSuchKey
+	}
+	return names, nil
+}
+
+// Get returns the key that the passed in name is reserved to
+func (r *Registrar) Get(name string) (string, error) {
+	r.mu.Lock()
+	key, exists := r.names[name]
+	r.mu.Unlock()
+
+	if !exists {
+		return "", ErrNameNotReserved
+	}
+	return key, nil
+}
+
+// GetAll returns all registered names
+func (r *Registrar) GetAll() map[string][]string {
+	out := make(map[string][]string)
+
+	r.mu.Lock()
+	// copy index into out
+	for id, names := range r.idx {
+		out[id] = names
+	}
+	r.mu.Unlock()
+	return out
+}
diff --git a/pkg/registrar/registrar_test.go b/pkg/registrar/registrar_test.go
new file mode 100644
index 00000000..0c1ef312
--- /dev/null
+++ b/pkg/registrar/registrar_test.go
@@ -0,0 +1,119 @@
+package registrar
+
+import (
+	"reflect"
+	"testing"
+)
+
+func TestReserve(t *testing.T) {
+	r := NewRegistrar()
+
+	obj := "test1"
+	if err := r.Reserve("test", obj); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := r.Reserve("test", obj); err != nil {
+		t.Fatal(err)
+	}
+
+	obj2 := "test2"
+	err := r.Reserve("test", obj2)
+	if err == nil {
+		t.Fatalf("expected error when reserving an already reserved name to another object")
+	}
+	if err != ErrNameReserved {
+		t.Fatal("expected `ErrNameReserved` error when attempting to reserve an already reserved name")
+	}
+}
+
+func TestRelease(t *testing.T) {
+	r := NewRegistrar()
+	obj := "testing"
+
+	if err := r.Reserve("test", obj); err != nil {
+		t.Fatal(err)
+	}
+	r.Release("test")
+	r.Release("test") // Ensure there is no panic here
+
+	if err := r.Reserve("test", obj); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestGetNames(t *testing.T) {
+	r := NewRegistrar()
+	obj := "testing"
+	names := []string{"test1", "test2"}
+
+	for _, name := range names {
+		if err := r.Reserve(name, obj); err != nil {
+			t.Fatal(err)
+		}
+	}
+	r.Reserve("test3", "other")
+
+	names2, err := r.GetNames(obj)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if !reflect.DeepEqual(names, names2) {
+		t.Fatalf("Exepected: %v, Got: %v", names, names2)
+	}
+}
+
+func TestDelete(t *testing.T) {
+	r := NewRegistrar()
+	obj := "testing"
+	names := []string{"test1", "test2"}
+	for _, name := range names {
+		if err := r.Reserve(name, obj); err != nil {
+			t.Fatal(err)
+		}
+	}
+
+	r.Reserve("test3", "other")
+	r.Delete(obj)
+
+	_, err := r.GetNames(obj)
+	if err == nil {
+		t.Fatal("expected error getting names for deleted key")
+	}
+
+	if err != ErrNoSuchKey {
+		t.Fatal("expected `ErrNoSuchKey`")
+	}
+}
+
+func TestGet(t *testing.T) {
+	r := NewRegistrar()
+	obj := "testing"
+	name := "test"
+
+	_, err := r.Get(name)
+	if err == nil {
+		t.Fatal("expected error when key does not exist")
+	}
+	if err != ErrNameNotReserved {
+		t.Fatal(err)
+	}
+
+	if err := r.Reserve(name, obj); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err = r.Get(name); err != nil {
+		t.Fatal(err)
+	}
+
+	r.Delete(obj)
+	_, err = r.Get(name)
+	if err == nil {
+		t.Fatal("expected error when key does not exist")
+	}
+	if err != ErrNameNotReserved {
+		t.Fatal(err)
+	}
+}
diff --git a/pkg/signal/README.md b/pkg/signal/README.md
new file mode 100644
index 00000000..2b237a59
--- /dev/null
+++ b/pkg/signal/README.md
@@ -0,0 +1 @@
+This package provides helper functions for dealing with signals across various operating systems
\ No newline at end of file
diff --git a/pkg/signal/signal.go b/pkg/signal/signal.go
new file mode 100644
index 00000000..68bb77cf
--- /dev/null
+++ b/pkg/signal/signal.go
@@ -0,0 +1,54 @@
+// Package signal provides helper functions for dealing with signals across
+// various operating systems.
+package signal
+
+import (
+	"fmt"
+	"os"
+	"os/signal"
+	"strconv"
+	"strings"
+	"syscall"
+)
+
+// CatchAll catches all signals and relays them to the specified channel.
+func CatchAll(sigc chan os.Signal) {
+	handledSigs := []os.Signal{}
+	for _, s := range SignalMap {
+		handledSigs = append(handledSigs, s)
+	}
+	signal.Notify(sigc, handledSigs...)
+}
+
+// StopCatch stops catching the signals and closes the specified channel.
+func StopCatch(sigc chan os.Signal) {
+	signal.Stop(sigc)
+	close(sigc)
+}
+
+// ParseSignal translates a string to a valid syscall signal.
+// It returns an error if the signal map doesn't include the given signal.
+func ParseSignal(rawSignal string) (syscall.Signal, error) {
+	s, err := strconv.Atoi(rawSignal)
+	if err == nil {
+		if s == 0 {
+			return -1, fmt.Errorf("Invalid signal: %s", rawSignal)
+		}
+		return syscall.Signal(s), nil
+	}
+	signal, ok := SignalMap[strings.TrimPrefix(strings.ToUpper(rawSignal), "SIG")]
+	if !ok {
+		return -1, fmt.Errorf("Invalid signal: %s", rawSignal)
+	}
+	return signal, nil
+}
+
+// ValidSignalForPlatform returns true if a signal is valid on the platform
+func ValidSignalForPlatform(sig syscall.Signal) bool {
+	for _, v := range SignalMap {
+		if v == sig {
+			return true
+		}
+	}
+	return false
+}
diff --git a/pkg/signal/signal_darwin.go b/pkg/signal/signal_darwin.go
new file mode 100644
index 00000000..946de87e
--- /dev/null
+++ b/pkg/signal/signal_darwin.go
@@ -0,0 +1,41 @@
+package signal
+
+import (
+	"syscall"
+)
+
+// SignalMap is a map of Darwin signals.
+var SignalMap = map[string]syscall.Signal{
+	"ABRT":   syscall.SIGABRT,
+	"ALRM":   syscall.SIGALRM,
+	"BUG":    syscall.SIGBUS,
+	"CHLD":   syscall.SIGCHLD,
+	"CONT":   syscall.SIGCONT,
+	"EMT":    syscall.SIGEMT,
+	"FPE":    syscall.SIGFPE,
+	"HUP":    syscall.SIGHUP,
+	"ILL":    syscall.SIGILL,
+	"INFO":   syscall.SIGINFO,
+	"INT":    syscall.SIGINT,
+	"IO":     syscall.SIGIO,
+	"IOT":    syscall.SIGIOT,
+	"KILL":   syscall.SIGKILL,
+	"PIPE":   syscall.SIGPIPE,
+	"PROF":   syscall.SIGPROF,
+	"QUIT":   syscall.SIGQUIT,
+	"SEGV":   syscall.SIGSEGV,
+	"STOP":   syscall.SIGSTOP,
+	"SYS":    syscall.SIGSYS,
+	"TERM":   syscall.SIGTERM,
+	"TRAP":   syscall.SIGTRAP,
+	"TSTP":   syscall.SIGTSTP,
+	"TTIN":   syscall.SIGTTIN,
+	"TTOU":   syscall.SIGTTOU,
+	"URG":    syscall.SIGURG,
+	"USR1":   syscall.SIGUSR1,
+	"USR2":   syscall.SIGUSR2,
+	"VTALRM": syscall.SIGVTALRM,
+	"WINCH":  syscall.SIGWINCH,
+	"XCPU":   syscall.SIGXCPU,
+	"XFSZ":   syscall.SIGXFSZ,
+}
diff --git a/pkg/signal/signal_freebsd.go b/pkg/signal/signal_freebsd.go
new file mode 100644
index 00000000..6b9569bb
--- /dev/null
+++ b/pkg/signal/signal_freebsd.go
@@ -0,0 +1,43 @@
+package signal
+
+import (
+	"syscall"
+)
+
+// SignalMap is a map of FreeBSD signals.
+var SignalMap = map[string]syscall.Signal{
+	"ABRT":   syscall.SIGABRT,
+	"ALRM":   syscall.SIGALRM,
+	"BUF":    syscall.SIGBUS,
+	"CHLD":   syscall.SIGCHLD,
+	"CONT":   syscall.SIGCONT,
+	"EMT":    syscall.SIGEMT,
+	"FPE":    syscall.SIGFPE,
+	"HUP":    syscall.SIGHUP,
+	"ILL":    syscall.SIGILL,
+	"INFO":   syscall.SIGINFO,
+	"INT":    syscall.SIGINT,
+	"IO":     syscall.SIGIO,
+	"IOT":    syscall.SIGIOT,
+	"KILL":   syscall.SIGKILL,
+	"LWP":    syscall.SIGLWP,
+	"PIPE":   syscall.SIGPIPE,
+	"PROF":   syscall.SIGPROF,
+	"QUIT":   syscall.SIGQUIT,
+	"SEGV":   syscall.SIGSEGV,
+	"STOP":   syscall.SIGSTOP,
+	"SYS":    syscall.SIGSYS,
+	"TERM":   syscall.SIGTERM,
+	"THR":    syscall.SIGTHR,
+	"TRAP":   syscall.SIGTRAP,
+	"TSTP":   syscall.SIGTSTP,
+	"TTIN":   syscall.SIGTTIN,
+	"TTOU":   syscall.SIGTTOU,
+	"URG":    syscall.SIGURG,
+	"USR1":   syscall.SIGUSR1,
+	"USR2":   syscall.SIGUSR2,
+	"VTALRM": syscall.SIGVTALRM,
+	"WINCH":  syscall.SIGWINCH,
+	"XCPU":   syscall.SIGXCPU,
+	"XFSZ":   syscall.SIGXFSZ,
+}
diff --git a/pkg/signal/signal_linux.go b/pkg/signal/signal_linux.go
new file mode 100644
index 00000000..d418cbe9
--- /dev/null
+++ b/pkg/signal/signal_linux.go
@@ -0,0 +1,80 @@
+package signal
+
+import (
+	"syscall"
+)
+
+const (
+	sigrtmin = 34
+	sigrtmax = 64
+)
+
+// SignalMap is a map of Linux signals.
+var SignalMap = map[string]syscall.Signal{
+	"ABRT":     syscall.SIGABRT,
+	"ALRM":     syscall.SIGALRM,
+	"BUS":      syscall.SIGBUS,
+	"CHLD":     syscall.SIGCHLD,
+	"CLD":      syscall.SIGCLD,
+	"CONT":     syscall.SIGCONT,
+	"FPE":      syscall.SIGFPE,
+	"HUP":      syscall.SIGHUP,
+	"ILL":      syscall.SIGILL,
+	"INT":      syscall.SIGINT,
+	"IO":       syscall.SIGIO,
+	"IOT":      syscall.SIGIOT,
+	"KILL":     syscall.SIGKILL,
+	"PIPE":     syscall.SIGPIPE,
+	"POLL":     syscall.SIGPOLL,
+	"PROF":     syscall.SIGPROF,
+	"PWR":      syscall.SIGPWR,
+	"QUIT":     syscall.SIGQUIT,
+	"SEGV":     syscall.SIGSEGV,
+	"STKFLT":   syscall.SIGSTKFLT,
+	"STOP":     syscall.SIGSTOP,
+	"SYS":      syscall.SIGSYS,
+	"TERM":     syscall.SIGTERM,
+	"TRAP":     syscall.SIGTRAP,
+	"TSTP":     syscall.SIGTSTP,
+	"TTIN":     syscall.SIGTTIN,
+	"TTOU":     syscall.SIGTTOU,
+	"UNUSED":   syscall.SIGUNUSED,
+	"URG":      syscall.SIGURG,
+	"USR1":     syscall.SIGUSR1,
+	"USR2":     syscall.SIGUSR2,
+	"VTALRM":   syscall.SIGVTALRM,
+	"WINCH":    syscall.SIGWINCH,
+	"XCPU":     syscall.SIGXCPU,
+	"XFSZ":     syscall.SIGXFSZ,
+	"RTMIN":    sigrtmin,
+	"RTMIN+1":  sigrtmin + 1,
+	"RTMIN+2":  sigrtmin + 2,
+	"RTMIN+3":  sigrtmin + 3,
+	"RTMIN+4":  sigrtmin + 4,
+	"RTMIN+5":  sigrtmin + 5,
+	"RTMIN+6":  sigrtmin + 6,
+	"RTMIN+7":  sigrtmin + 7,
+	"RTMIN+8":  sigrtmin + 8,
+	"RTMIN+9":  sigrtmin + 9,
+	"RTMIN+10": sigrtmin + 10,
+	"RTMIN+11": sigrtmin + 11,
+	"RTMIN+12": sigrtmin + 12,
+	"RTMIN+13": sigrtmin + 13,
+	"RTMIN+14": sigrtmin + 14,
+	"RTMIN+15": sigrtmin + 15,
+	"RTMAX-14": sigrtmax - 14,
+	"RTMAX-13": sigrtmax - 13,
+	"RTMAX-12": sigrtmax - 12,
+	"RTMAX-11": sigrtmax - 11,
+	"RTMAX-10": sigrtmax - 10,
+	"RTMAX-9":  sigrtmax - 9,
+	"RTMAX-8":  sigrtmax - 8,
+	"RTMAX-7":  sigrtmax - 7,
+	"RTMAX-6":  sigrtmax - 6,
+	"RTMAX-5":  sigrtmax - 5,
+	"RTMAX-4":  sigrtmax - 4,
+	"RTMAX-3":  sigrtmax - 3,
+	"RTMAX-2":  sigrtmax - 2,
+	"RTMAX-1":  sigrtmax - 1,
+	"RTMAX":    sigrtmax,
+}
diff --git a/pkg/signal/signal_unix.go b/pkg/signal/signal_unix.go
new file mode 100644
index 00000000..6621d371
--- /dev/null
+++ b/pkg/signal/signal_unix.go
@@ -0,0 +1,21 @@
+// +build !windows
+
+package signal
+
+import (
+	"syscall"
+)
+
+// Signals used in api/client (no windows equivalent, use
+// invalid signals so they don't get handled)
+
+const (
+	// SIGCHLD is a signal sent to a process when a child process terminates, is interrupted, or resumes after being interrupted.
+	SIGCHLD = syscall.SIGCHLD
+	// SIGWINCH is a signal sent to a process when its controlling terminal changes its size
+	SIGWINCH = syscall.SIGWINCH
+	// SIGPIPE is a signal sent to a process when a pipe is written to before the other end is open for reading
+	SIGPIPE = syscall.SIGPIPE
+	// DefaultStopSignal is the syscall signal used to stop a container in unix systems.
+	DefaultStopSignal = "SIGTERM"
+)
diff --git a/pkg/signal/signal_unsupported.go b/pkg/signal/signal_unsupported.go
new file mode 100644
index 00000000..161ba273
--- /dev/null
+++ b/pkg/signal/signal_unsupported.go
@@ -0,0 +1,10 @@
+// +build !linux,!darwin,!freebsd,!windows
+
+package signal
+
+import (
+	"syscall"
+)
+
+// SignalMap is an empty map of signals for unsupported platform.
+var SignalMap = map[string]syscall.Signal{}
diff --git a/pkg/signal/signal_windows.go b/pkg/signal/signal_windows.go
new file mode 100644
index 00000000..698cbf2d
--- /dev/null
+++ b/pkg/signal/signal_windows.go
@@ -0,0 +1,28 @@
+// +build windows
+
+package signal
+
+import (
+	"syscall"
+)
+
+// Signals used in api/client (no windows equivalent, use
+// invalid signals so they don't get handled)
+const (
+	SIGCHLD  = syscall.Signal(0xff)
+	SIGWINCH = syscall.Signal(0xff)
+	SIGPIPE  = syscall.Signal(0xff)
+	// DefaultStopSignal is the syscall signal used to stop a container in windows systems.
+	DefaultStopSignal = "15"
+)
+
+// SignalMap is a map of "supported" signals. As per the comment in GOLang's
+// ztypes_windows.go: "More invented values for signals". Windows doesn't
+// really support signals in any way, shape or form that Unix does.
+//
+// We have these so that docker kill can be used to gracefully (TERM) and
+// forcibly (KILL) terminate a container on Windows.
+var SignalMap = map[string]syscall.Signal{
+	"KILL": syscall.SIGKILL,
+	"TERM": syscall.SIGTERM,
+}
diff --git a/pkg/signal/trap.go b/pkg/signal/trap.go
new file mode 100644
index 00000000..2cf5ccf0
--- /dev/null
+++ b/pkg/signal/trap.go
@@ -0,0 +1,74 @@
+package signal
+
+import (
+	"os"
+	gosignal "os/signal"
+	"runtime"
+	"sync/atomic"
+	"syscall"
+
+	"github.com/Sirupsen/logrus"
+)
+
+// Trap sets up a simplified signal "trap", appropriate for common
+// behavior expected from a vanilla unix command-line tool in general
+// (and the Docker engine in particular).
+//
+// * If SIGINT or SIGTERM are received, `cleanup` is called, then the process is terminated.
+// * If SIGINT or SIGTERM are received 3 times before cleanup is complete, then cleanup is
+//   skipped and the process is terminated immediately (allows force quit of stuck daemon)
+// * A SIGQUIT always causes an exit without cleanup, with a goroutine dump preceding exit.
+//
+func Trap(cleanup func()) {
+	c := make(chan os.Signal, 1)
+	// we will handle INT, TERM, QUIT here
+	signals := []os.Signal{os.Interrupt, syscall.SIGTERM, syscall.SIGQUIT}
+	gosignal.Notify(c, signals...)
+	go func() {
+		interruptCount := uint32(0)
+		for sig := range c {
+			go func(sig os.Signal) {
+				logrus.Infof("Processing signal '%v'", sig)
+				switch sig {
+				case os.Interrupt, syscall.SIGTERM:
+					if atomic.LoadUint32(&interruptCount) < 3 {
+						// Initiate the cleanup only once
+						if atomic.AddUint32(&interruptCount, 1) == 1 {
+							// Call the provided cleanup handler
+							cleanup()
+							os.Exit(0)
+						} else {
+							return
+						}
+					} else {
+						// 3 SIGTERM/INT signals received; force exit without cleanup
+						logrus.Infof("Forcing docker daemon shutdown without cleanup; 3 interrupts received")
+					}
+				case syscall.SIGQUIT:
+					DumpStacks()
+					logrus.Infof("Forcing docker daemon shutdown without cleanup on SIGQUIT")
+				}
+				//for the SIGINT/TERM, and SIGQUIT non-clean shutdown case, exit with 128 + signal #
+				os.Exit(128 + int(sig.(syscall.Signal)))
+			}(sig)
+		}
+	}()
+}
+
+// DumpStacks dumps the runtime stack.
+func DumpStacks() {
+	var (
+		buf       []byte
+		stackSize int
+	)
+	bufferLen := 16384
+	for stackSize == len(buf) {
+		buf = make([]byte, bufferLen)
+		stackSize = runtime.Stack(buf, true)
+		bufferLen *= 2
+	}
+	buf = buf[:stackSize]
+	// Note that if the daemon is started with a less-verbose log-level than "info" (the default), the goroutine
+	// traces won't show up in the log.
+	logrus.Infof("=== BEGIN goroutine stack dump ===\n%s\n=== END goroutine stack dump ===", buf)
+}
diff --git a/pkg/stdcopy/stdcopy.go b/pkg/stdcopy/stdcopy.go
new file mode 100644
index 00000000..b37ae39f
--- /dev/null
+++ b/pkg/stdcopy/stdcopy.go
@@ -0,0 +1,178 @@
+package stdcopy
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"io"
+
+	"github.com/Sirupsen/logrus"
+)
+
+// StdType is the type of standard stream
+// a writer can multiplex to.
+type StdType byte
+
+const (
+	// Stdin represents standard input stream type.
+	Stdin StdType = iota
+	// Stdout represents standard output stream type.
+	Stdout
+	// Stderr represents standard error steam type.
+	Stderr
+
+	stdWriterPrefixLen = 8
+	stdWriterFdIndex   = 0
+	stdWriterSizeIndex = 4
+
+	startingBufLen = 32*1024 + stdWriterPrefixLen + 1
+)
+
+// stdWriter is wrapper of io.Writer with extra customized info.
+type stdWriter struct {
+	io.Writer
+	prefix byte
+}
+
+// Write sends the buffer to the underneath writer.
+// It insert the prefix header before the buffer,
+// so stdcopy.StdCopy knows where to multiplex the output.
+// It makes stdWriter to implement io.Writer.
+func (w *stdWriter) Write(buf []byte) (n int, err error) {
+	if w == nil || w.Writer == nil {
+		return 0, errors.New("Writer not instantiated")
+	}
+	if buf == nil {
+		return 0, nil
+	}
+
+	header := [stdWriterPrefixLen]byte{stdWriterFdIndex: w.prefix}
+	binary.BigEndian.PutUint32(header[stdWriterSizeIndex:], uint32(len(buf)))
+
+	line := append(header[:], buf...)
+
+	n, err = w.Writer.Write(line)
+	n -= stdWriterPrefixLen
+
+	if n < 0 {
+		n = 0
+	}
+	return
+}
+
+// NewStdWriter instantiates a new Writer.
+// Everything written to it will be encapsulated using a custom format,
+// and written to the underlying `w` stream.
+// This allows multiple write streams (e.g. stdout and stderr) to be muxed into a single connection.
+// `t` indicates the id of the stream to encapsulate.
+// It can be stdcopy.Stdin, stdcopy.Stdout, stdcopy.Stderr.
+func NewStdWriter(w io.Writer, t StdType) io.Writer {
+	return &stdWriter{
+		Writer: w,
+		prefix: byte(t),
+	}
+}
+
+// StdCopy is a modified version of io.Copy.
+//
+// StdCopy will demultiplex `src`, assuming that it contains two streams,
+// previously multiplexed together using a StdWriter instance.
+// As it reads from `src`, StdCopy will write to `dstout` and `dsterr`.
+//
+// StdCopy will read until it hits EOF on `src`. It will then return a nil error.
+// In other words: if `err` is non nil, it indicates a real underlying error.
+//
+// `written` will hold the total number of bytes written to `dstout` and `dsterr`.
+func StdCopy(dstout, dsterr io.Writer, src io.Reader) (written int64, err error) {
+	var (
+		buf       = make([]byte, startingBufLen)
+		bufLen    = len(buf)
+		nr, nw    int
+		er, ew    error
+		out       io.Writer
+		frameSize int
+	)
+
+	for {
+		// Make sure we have at least a full header
+		for nr < stdWriterPrefixLen {
+			var nr2 int
+			nr2, er = src.Read(buf[nr:])
+			nr += nr2
+			if er == io.EOF {
+				if nr < stdWriterPrefixLen {
+					logrus.Debugf("Corrupted prefix: %v", buf[:nr])
+					return written, nil
+				}
+				break
+			}
+			if er != nil {
+				logrus.Debugf("Error reading header: %s", er)
+				return 0, er
+			}
+		}
+
+		// Check the first byte to know where to write
+		switch StdType(buf[stdWriterFdIndex]) {
+		case Stdin:
+			fallthrough
+		case Stdout:
+			// Write on stdout
+			out = dstout
+		case Stderr:
+			// Write on stderr
+			out = dsterr
+		default:
+			logrus.Debugf("Error selecting output fd: (%d)", buf[stdWriterFdIndex])
+			return 0, fmt.Errorf("Unrecognized input header: %d", buf[stdWriterFdIndex])
+		}
+
+		// Retrieve the size of the frame
+		frameSize = int(binary.BigEndian.Uint32(buf[stdWriterSizeIndex : stdWriterSizeIndex+4]))
+		logrus.Debugf("framesize: %d", frameSize)
+
+		// Check if the buffer is big enough to read the frame.
+		// Extend it if necessary.
+		if frameSize+stdWriterPrefixLen > bufLen {
+			logrus.Debugf("Extending buffer cap by %d (was %d)", frameSize+stdWriterPrefixLen-bufLen+1, len(buf))
+			buf = append(buf, make([]byte, frameSize+stdWriterPrefixLen-bufLen+1)...)
+			bufLen = len(buf)
+		}
+
+		// While the amount of bytes read is less than the size of the frame + header, we keep reading
+		for nr < frameSize+stdWriterPrefixLen {
+			var nr2 int
+			nr2, er = src.Read(buf[nr:])
+			nr += nr2
+			if er == io.EOF {
+				if nr < frameSize+stdWriterPrefixLen {
+					logrus.Debugf("Corrupted frame: %v", buf[stdWriterPrefixLen:nr])
+					return written, nil
+				}
+				break
+			}
+			if er != nil {
+				logrus.Debugf("Error reading frame: %s", er)
+				return 0, er
+			}
+		}
+
+		// Write the retrieved frame (without header)
+		nw, ew = out.Write(buf[stdWriterPrefixLen : frameSize+stdWriterPrefixLen])
+		if ew != nil {
+			logrus.Debugf("Error writing frame: %s", ew)
+			return 0, ew
+		}
+		// If the frame has not been fully written: error
+		if nw != frameSize {
+			logrus.Debugf("Error Short Write: (%d on %d)", nw, frameSize)
+			return 0, io.ErrShortWrite
+		}
+		written += int64(nw)
+
+		// Move the rest of the buffer to the beginning
+		copy(buf, buf[frameSize+stdWriterPrefixLen:])
+		// Move the index
+		nr -= frameSize + stdWriterPrefixLen
+	}
+}
diff --git a/pkg/stdcopy/stdcopy_test.go b/pkg/stdcopy/stdcopy_test.go
new file mode 100644
index 00000000..3137a752
--- /dev/null
+++ b/pkg/stdcopy/stdcopy_test.go
@@ -0,0 +1,260 @@
+package stdcopy
+
+import (
+	"bytes"
+	"errors"
+	"io"
+	"io/ioutil"
+	"strings"
+	"testing"
+)
+
+func TestNewStdWriter(t *testing.T) {
+	writer := NewStdWriter(ioutil.Discard, Stdout)
+	if writer == nil {
+		t.Fatalf("NewStdWriter with an invalid StdType should not return nil.")
+	}
+}
+
+func TestWriteWithUnitializedStdWriter(t *testing.T) {
+	writer := stdWriter{
+		Writer: nil,
+		prefix: byte(Stdout),
+	}
+	n, err := writer.Write([]byte("Something here"))
+	if n != 0 || err == nil {
+		t.Fatalf("Should fail when given an uncomplete or uninitialized StdWriter")
+	}
+}
+
+func TestWriteWithNilBytes(t *testing.T) {
+	writer := NewStdWriter(ioutil.Discard, Stdout)
+	n, err := writer.Write(nil)
+	if err != nil {
+		t.Fatalf("Shouldn't have fail when given no data")
+	}
+	if n > 0 {
+		t.Fatalf("Write should have written 0 byte, but has written %d", n)
+	}
+}
+
+func TestWrite(t *testing.T) {
+	writer := NewStdWriter(ioutil.Discard, Stdout)
+	data := []byte("Test StdWrite.Write")
+	n, err := writer.Write(data)
+	if err != nil {
+		t.Fatalf("Error while writing with StdWrite")
+	}
+	if n != len(data) {
+		t.Fatalf("Write should have written %d byte but wrote %d.", len(data), n)
+	}
+}
+
+type errWriter struct {
+	n   int
+	err error
+}
+
+func (f *errWriter) Write(buf []byte) (int, error) {
+	return f.n, f.err
+}
+
+func TestWriteWithWriterError(t *testing.T) {
+	expectedError := errors.New("expected")
+	expectedReturnedBytes := 10
+	writer := NewStdWriter(&errWriter{
+		n:   stdWriterPrefixLen + expectedReturnedBytes,
+		err: expectedError}, Stdout)
+	data := []byte("This won't get written, sigh")
+	n, err := writer.Write(data)
+	if err != expectedError {
+		t.Fatalf("Didn't get expected error.")
+	}
+	if n != expectedReturnedBytes {
+		t.Fatalf("Didn't get expected written bytes %d, got %d.",
+			expectedReturnedBytes, n)
+	}
+}
+
+func TestWriteDoesNotReturnNegativeWrittenBytes(t *testing.T) {
+	writer := NewStdWriter(&errWriter{n: -1}, Stdout)
+	data := []byte("This won't get written, sigh")
+	actual, _ := writer.Write(data)
+	if actual != 0 {
+		t.Fatalf("Expected returned written bytes equal to 0, got %d", actual)
+	}
+}
+
+func getSrcBuffer(stdOutBytes, stdErrBytes []byte) (buffer *bytes.Buffer, err error) {
+	buffer = new(bytes.Buffer)
+	dstOut := NewStdWriter(buffer, Stdout)
+	_, err = dstOut.Write(stdOutBytes)
+	if err != nil {
+		return
+	}
+	dstErr := NewStdWriter(buffer, Stderr)
+	_, err = dstErr.Write(stdErrBytes)
+	return
+}
+
+func TestStdCopyWriteAndRead(t *testing.T) {
+	stdOutBytes := []byte(strings.Repeat("o", startingBufLen))
+	stdErrBytes := []byte(strings.Repeat("e", startingBufLen))
+	buffer, err := getSrcBuffer(stdOutBytes, stdErrBytes)
+	if err != nil {
+		t.Fatal(err)
+	}
+	written, err := StdCopy(ioutil.Discard, ioutil.Discard, buffer)
+	if err != nil {
+		t.Fatal(err)
+	}
+	expectedTotalWritten := len(stdOutBytes) + len(stdErrBytes)
+	if written != int64(expectedTotalWritten) {
+		t.Fatalf("Expected to have total of %d bytes written, got %d", expectedTotalWritten, written)
+	}
+}
+
+type customReader struct {
+	n            int
+	err          error
+	totalCalls   int
+	correctCalls int
+	src          *bytes.Buffer
+}
+
+func (f *customReader) Read(buf []byte) (int, error) {
+	f.totalCalls++
+	if f.totalCalls <= f.correctCalls {
+		return f.src.Read(buf)
+	}
+	return f.n, f.err
+}
+
+func TestStdCopyReturnsErrorReadingHeader(t *testing.T) {
+	expectedError := errors.New("error")
+	reader := &customReader{
+		err: expectedError}
+	written, err := StdCopy(ioutil.Discard, ioutil.Discard, reader)
+	if written != 0 {
+		t.Fatalf("Expected 0 bytes read, got %d", written)
+	}
+	if err != expectedError {
+		t.Fatalf("Didn't get expected error")
+	}
+}
+
+func TestStdCopyReturnsErrorReadingFrame(t *testing.T) {
+	expectedError := errors.New("error")
+	stdOutBytes := []byte(strings.Repeat("o", startingBufLen))
+	stdErrBytes := []byte(strings.Repeat("e", startingBufLen))
+	buffer, err := getSrcBuffer(stdOutBytes, stdErrBytes)
+	if err != nil {
+		t.Fatal(err)
+	}
+	reader := &customReader{
+		correctCalls: 1,
+		n:            stdWriterPrefixLen + 1,
+		err:          expectedError,
+		src:          buffer}
+	written, err := StdCopy(ioutil.Discard, ioutil.Discard, reader)
+	if written != 0 {
+		t.Fatalf("Expected 0 bytes read, got %d", written)
+	}
+	if err != expectedError {
+		t.Fatalf("Didn't get expected error")
+	}
+}
+
+func TestStdCopyDetectsCorruptedFrame(t *testing.T) {
+	stdOutBytes := []byte(strings.Repeat("o", startingBufLen))
+	stdErrBytes := []byte(strings.Repeat("e", startingBufLen))
+	buffer, err := getSrcBuffer(stdOutBytes, stdErrBytes)
+	if err != nil {
+		t.Fatal(err)
+	}
+	reader := &customReader{
+		correctCalls: 1,
+		n:            stdWriterPrefixLen + 1,
+		err:          io.EOF,
+		src:          buffer}
+	written, err := StdCopy(ioutil.Discard, ioutil.Discard, reader)
+	if written != startingBufLen {
+		t.Fatalf("Expected %d bytes read, got %d", startingBufLen, written)
+	}
+	if err != nil {
+		t.Fatal("Didn't get nil error")
+	}
+}
+
+func TestStdCopyWithInvalidInputHeader(t *testing.T) {
+	dstOut := NewStdWriter(ioutil.Discard, Stdout)
+	dstErr := NewStdWriter(ioutil.Discard, Stderr)
+	src := strings.NewReader("Invalid input")
+	_, err := StdCopy(dstOut, dstErr, src)
+	if err == nil {
+		t.Fatal("StdCopy with invalid input header should fail.")
+	}
+}
+
+func TestStdCopyWithCorruptedPrefix(t *testing.T) {
+	data := []byte{0x01, 0x02, 0x03}
+	src := bytes.NewReader(data)
+	written, err := StdCopy(nil, nil, src)
+	if err != nil {
+		t.Fatalf("StdCopy should not return an error with corrupted prefix.")
+	}
+	if written != 0 {
+		t.Fatalf("StdCopy should have written 0, but has written %d", written)
+	}
+}
+
+func TestStdCopyReturnsWriteErrors(t *testing.T) {
+	stdOutBytes := []byte(strings.Repeat("o", startingBufLen))
+	stdErrBytes := []byte(strings.Repeat("e", startingBufLen))
+	buffer, err := getSrcBuffer(stdOutBytes, stdErrBytes)
+	if err != nil {
+		t.Fatal(err)
+	}
+	expectedError := errors.New("expected")
+
+	dstOut := &errWriter{err: expectedError}
+
+	written, err := StdCopy(dstOut, ioutil.Discard, buffer)
+	if written != 0 {
+		t.Fatalf("StdCopy should have written 0, but has written %d", written)
+	}
+	if err != expectedError {
+		t.Fatalf("Didn't get expected error, got %v", err)
+	}
+}
+
+func TestStdCopyDetectsNotFullyWrittenFrames(t *testing.T) {
+	stdOutBytes := []byte(strings.Repeat("o", startingBufLen))
+	stdErrBytes := []byte(strings.Repeat("e", startingBufLen))
+	buffer, err := getSrcBuffer(stdOutBytes, stdErrBytes)
+	if err != nil {
+		t.Fatal(err)
+	}
+	dstOut := &errWriter{n: startingBufLen - 10}
+
+	written, err := StdCopy(dstOut, ioutil.Discard, buffer)
+	if written != 0 {
+		t.Fatalf("StdCopy should have return 0 written bytes, but returned %d", written)
+	}
+	if err != io.ErrShortWrite {
+		t.Fatalf("Didn't get expected io.ErrShortWrite error")
+	}
+}
+
+func BenchmarkWrite(b *testing.B) {
+	w := NewStdWriter(ioutil.Discard, Stdout)
+	data := []byte("Test line for testing stdwriter performance\n")
+	data = bytes.Repeat(data, 100)
+	b.SetBytes(int64(len(data)))
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		if _, err := w.Write(data); err != nil {
+			b.Fatal(err)
+		}
+	}
+}
diff --git a/pkg/streamformatter/streamformatter.go b/pkg/streamformatter/streamformatter.go
new file mode 100644
index 00000000..ce6ea79d
--- /dev/null
+++ b/pkg/streamformatter/streamformatter.go
@@ -0,0 +1,172 @@
+// Package streamformatter provides helper functions to format a stream.
+package streamformatter
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+
+	"github.com/docker/docker/pkg/jsonmessage"
+	"github.com/docker/docker/pkg/progress"
+)
+
+// StreamFormatter formats a stream, optionally using JSON.
+type StreamFormatter struct {
+	json bool
+}
+
+// NewStreamFormatter returns a simple StreamFormatter
+func NewStreamFormatter() *StreamFormatter {
+	return &StreamFormatter{}
+}
+
+// NewJSONStreamFormatter returns a StreamFormatter configured to stream json
+func NewJSONStreamFormatter() *StreamFormatter {
+	return &StreamFormatter{true}
+}
+
+const streamNewline = "\r\n"
+
+var streamNewlineBytes = []byte(streamNewline)
+
+// FormatStream formats the specified stream.
+func (sf *StreamFormatter) FormatStream(str string) []byte {
+	if sf.json {
+		b, err := json.Marshal(&jsonmessage.JSONMessage{Stream: str})
+		if err != nil {
+			return sf.FormatError(err)
+		}
+		return append(b, streamNewlineBytes...)
+	}
+	return []byte(str + "\r")
+}
+
+// FormatStatus formats the specified objects according to the specified format (and id).
+func (sf *StreamFormatter) FormatStatus(id, format string, a ...interface{}) []byte {
+	str := fmt.Sprintf(format, a...)
+	if sf.json {
+		b, err := json.Marshal(&jsonmessage.JSONMessage{ID: id, Status: str})
+		if err != nil {
+			return sf.FormatError(err)
+		}
+		return append(b, streamNewlineBytes...)
+	}
+	return []byte(str + streamNewline)
+}
+
+// FormatError formats the specified error.
+func (sf *StreamFormatter) FormatError(err error) []byte {
+	if sf.json {
+		jsonError, ok := err.(*jsonmessage.JSONError)
+		if !ok {
+			jsonError = &jsonmessage.JSONError{Message: err.Error()}
+		}
+		if b, err := json.Marshal(&jsonmessage.JSONMessage{Error: jsonError, ErrorMessage: err.Error()}); err == nil {
+			return append(b, streamNewlineBytes...)
+		}
+		return []byte("{\"error\":\"format error\"}" + streamNewline)
+	}
+	return []byte("Error: " + err.Error() + streamNewline)
+}
+
+// FormatProgress formats the progress information for a specified action.
+func (sf *StreamFormatter) FormatProgress(id, action string, progress *jsonmessage.JSONProgress, aux interface{}) []byte {
+	if progress == nil {
+		progress = &jsonmessage.JSONProgress{}
+	}
+	if sf.json {
+		var auxJSON *json.RawMessage
+		if aux != nil {
+			auxJSONBytes, err := json.Marshal(aux)
+			if err != nil {
+				return nil
+			}
+			auxJSON = new(json.RawMessage)
+			*auxJSON = auxJSONBytes
+		}
+		b, err := json.Marshal(&jsonmessage.JSONMessage{
+			Status:          action,
+			ProgressMessage: progress.String(),
+			Progress:        progress,
+			ID:              id,
+			Aux:             auxJSON,
+		})
+		if err != nil {
+			return nil
+		}
+		return append(b, streamNewlineBytes...)
+	}
+	endl := "\r"
+	if progress.String() == "" {
+		endl += "\n"
+	}
+	return []byte(action + " " + progress.String() + endl)
+}
+
+// NewProgressOutput returns a progress.Output object that can be passed to
+// progress.NewProgressReader.
+func (sf *StreamFormatter) NewProgressOutput(out io.Writer, newLines bool) progress.Output {
+	return &progressOutput{
+		sf:       sf,
+		out:      out,
+		newLines: newLines,
+	}
+}
+
+type progressOutput struct {
+	sf       *StreamFormatter
+	out      io.Writer
+	newLines bool
+}
+
+// WriteProgress formats progress information from a ProgressReader.
+func (out *progressOutput) WriteProgress(prog progress.Progress) error {
+	var formatted []byte
+	if prog.Message != "" {
+		formatted = out.sf.FormatStatus(prog.ID, prog.Message)
+	} else {
+		jsonProgress := jsonmessage.JSONProgress{Current: prog.Current, Total: prog.Total}
+		formatted = out.sf.FormatProgress(prog.ID, prog.Action, &jsonProgress, prog.Aux)
+	}
+	_, err := out.out.Write(formatted)
+	if err != nil {
+		return err
+	}
+
+	if out.newLines && prog.LastUpdate {
+		_, err = out.out.Write(out.sf.FormatStatus("", ""))
+		return err
+	}
+
+	return nil
+}
+
+// StdoutFormatter is a streamFormatter that writes to the standard output.
+type StdoutFormatter struct {
+	io.Writer
+	*StreamFormatter
+}
+
+func (sf *StdoutFormatter) Write(buf []byte) (int, error) {
+	formattedBuf := sf.StreamFormatter.FormatStream(string(buf))
+	n, err := sf.Writer.Write(formattedBuf)
+	if n != len(formattedBuf) {
+		return n, io.ErrShortWrite
+	}
+	return len(buf), err
+}
+
+// StderrFormatter is a streamFormatter that writes to the standard error.
+type StderrFormatter struct {
+	io.Writer
+	*StreamFormatter
+}
+
+func (sf *StderrFormatter) Write(buf []byte) (int, error) {
+	formattedBuf := sf.StreamFormatter.FormatStream("\033[91m" + string(buf) + "\033[0m")
+	n, err := sf.Writer.Write(formattedBuf)
+	if n != len(formattedBuf) {
+		return n, io.ErrShortWrite
+	}
+	return len(buf), err
+}
diff --git a/pkg/streamformatter/streamformatter_test.go b/pkg/streamformatter/streamformatter_test.go
new file mode 100644
index 00000000..833db626
--- /dev/null
+++ b/pkg/streamformatter/streamformatter_test.go
@@ -0,0 +1,104 @@
+package streamformatter
+
+import (
+	"encoding/json"
+	"errors"
+	"reflect"
+	"strings"
+	"testing"
+
+	"github.com/docker/docker/pkg/jsonmessage"
+)
+
+func TestFormatStream(t *testing.T) {
+	sf := NewStreamFormatter()
+	res := sf.FormatStream("stream")
+	if string(res) != "stream"+"\r" {
+		t.Fatalf("%q", res)
+	}
+}
+
+func TestFormatJSONStatus(t *testing.T) {
+	sf := NewStreamFormatter()
+	res := sf.FormatStatus("ID", "%s%d", "a", 1)
+	if string(res) != "a1\r\n" {
+		t.Fatalf("%q", res)
+	}
+}
+
+func TestFormatSimpleError(t *testing.T) {
+	sf := NewStreamFormatter()
+	res := sf.FormatError(errors.New("Error for formatter"))
+	if string(res) != "Error: Error for formatter\r\n" {
+		t.Fatalf("%q", res)
+	}
+}
+
+func TestJSONFormatStream(t *testing.T) {
+	sf := NewJSONStreamFormatter()
+	res := sf.FormatStream("stream")
+	if string(res) != `{"stream":"stream"}`+"\r\n" {
+		t.Fatalf("%q", res)
+	}
+}
+
+func TestJSONFormatStatus(t *testing.T) {
+	sf := NewJSONStreamFormatter()
+	res := sf.FormatStatus("ID", "%s%d", "a", 1)
+	if string(res) != `{"status":"a1","id":"ID"}`+"\r\n" {
+		t.Fatalf("%q", res)
+	}
+}
+
+func TestJSONFormatSimpleError(t *testing.T) {
+	sf := NewJSONStreamFormatter()
+	res := sf.FormatError(errors.New("Error for formatter"))
+	if string(res) != `{"errorDetail":{"message":"Error for formatter"},"error":"Error for formatter"}`+"\r\n" {
+		t.Fatalf("%q", res)
+	}
+}
+
+func TestJSONFormatJSONError(t *testing.T) {
+	sf := NewJSONStreamFormatter()
+	err := &jsonmessage.JSONError{Code: 50, Message: "Json error"}
+	res := sf.FormatError(err)
+	if string(res) != `{"errorDetail":{"code":50,"message":"Json error"},"error":"Json error"}`+"\r\n" {
+		t.Fatalf("%q", res)
+	}
+}
+
+func TestJSONFormatProgress(t *testing.T) {
+	sf := NewJSONStreamFormatter()
+	progress := &jsonmessage.JSONProgress{
+		Current: 15,
+		Total:   30,
+		Start:   1,
+	}
+	res := sf.FormatProgress("id", "action", progress, nil)
+	msg := &jsonmessage.JSONMessage{}
+	if err := json.Unmarshal(res, msg); err != nil {
+		t.Fatal(err)
+	}
+	if msg.ID != "id" {
+		t.Fatalf("ID must be 'id', got: %s", msg.ID)
+	}
+	if msg.Status != "action" {
+		t.Fatalf("Status must be 'action', got: %s", msg.Status)
+	}
+
+	// The progress will always be in the format of:
+	// [=========================>                         ]     15 B/30 B 404933h7m11s
+	// The last entry '404933h7m11s' is the timeLeftBox.
+	// However, the timeLeftBox field may change as progress.String() depends on time.Now().
+	// Therefore, we have to strip the timeLeftBox from the strings to do the comparison.
+
+	// Compare the progress strings before the timeLeftBox
+	expectedProgress := "[=========================>                         ]     15 B/30 B"
+	if !strings.HasPrefix(msg.ProgressMessage, expectedProgress) {
+		t.Fatalf("ProgressMessage without the timeLeftBox must be %s, got: %s", expectedProgress, msg.ProgressMessage)
+	}
+
+	if !reflect.DeepEqual(msg.Progress, progress) {
+		t.Fatal("Original progress not equals progress from FormatProgress")
+	}
+}
diff --git a/pkg/stringid/README.md b/pkg/stringid/README.md
new file mode 100644
index 00000000..37a5098f
--- /dev/null
+++ b/pkg/stringid/README.md
@@ -0,0 +1 @@
+This package provides helper functions for dealing with string identifiers
diff --git a/pkg/stringid/stringid.go b/pkg/stringid/stringid.go
new file mode 100644
index 00000000..02d2594e
--- /dev/null
+++ b/pkg/stringid/stringid.go
@@ -0,0 +1,71 @@
+// Package stringid provides helper functions for dealing with string identifiers
+package stringid
+
+import (
+	"crypto/rand"
+	"encoding/hex"
+	"io"
+	"regexp"
+	"strconv"
+	"strings"
+
+	"github.com/docker/docker/pkg/random"
+)
+
+const shortLen = 12
+
+var validShortID = regexp.MustCompile("^[a-z0-9]{12}$")
+
+// IsShortID determines if an arbitrary string *looks like* a short ID.
+func IsShortID(id string) bool {
+	return validShortID.MatchString(id)
+}
+
+// TruncateID returns a shorthand version of a string identifier for convenience.
+// A collision with other shorthands is very unlikely, but possible.
+// In case of a collision a lookup with TruncIndex.Get() will fail, and the caller
+// will need to use a langer prefix, or the full-length Id.
+func TruncateID(id string) string {
+	if i := strings.IndexRune(id, ':'); i >= 0 {
+		id = id[i+1:]
+	}
+	trimTo := shortLen
+	if len(id) < shortLen {
+		trimTo = len(id)
+	}
+	return id[:trimTo]
+}
+
+func generateID(crypto bool) string {
+	b := make([]byte, 32)
+	r := random.Reader
+	if crypto {
+		r = rand.Reader
+	}
+	for {
+		if _, err := io.ReadFull(r, b); err != nil {
+			panic(err) // This shouldn't happen
+		}
+		id := hex.EncodeToString(b)
+		// if we try to parse the truncated for as an int and we don't have
+		// an error then the value is all numeric and causes issues when
+		// used as a hostname. ref #3869
+		if _, err := strconv.ParseInt(TruncateID(id), 10, 64); err == nil {
+			continue
+		}
+		return id
+	}
+}
+
+// GenerateRandomID returns an unique id.
+func GenerateRandomID() string {
+	return generateID(true)
+
+}
+
+// GenerateNonCryptoID generates unique id without using cryptographically
+// secure sources of random.
+// It helps you to save entropy.
+func GenerateNonCryptoID() string {
+	return generateID(false)
+}
diff --git a/pkg/stringid/stringid_test.go b/pkg/stringid/stringid_test.go
new file mode 100644
index 00000000..bcb13654
--- /dev/null
+++ b/pkg/stringid/stringid_test.go
@@ -0,0 +1,56 @@
+package stringid
+
+import (
+	"strings"
+	"testing"
+)
+
+func TestGenerateRandomID(t *testing.T) {
+	id := GenerateRandomID()
+
+	if len(id) != 64 {
+		t.Fatalf("Id returned is incorrect: %s", id)
+	}
+}
+
+func TestShortenId(t *testing.T) {
+	id := GenerateRandomID()
+	truncID := TruncateID(id)
+	if len(truncID) != 12 {
+		t.Fatalf("Id returned is incorrect: truncate on %s returned %s", id, truncID)
+	}
+}
+
+func TestShortenIdEmpty(t *testing.T) {
+	id := ""
+	truncID := TruncateID(id)
+	if len(truncID) > len(id) {
+		t.Fatalf("Id returned is incorrect: truncate on %s returned %s", id, truncID)
+	}
+}
+
+func TestShortenIdInvalid(t *testing.T) {
+	id := "1234"
+	truncID := TruncateID(id)
+	if len(truncID) != len(id) {
+		t.Fatalf("Id returned is incorrect: truncate on %s returned %s", id, truncID)
+	}
+}
+
+func TestIsShortIDNonHex(t *testing.T) {
+	id := "some non-hex value"
+	if IsShortID(id) {
+		t.Fatalf("%s is not a short ID", id)
+	}
+}
+
+func TestIsShortIDNotCorrectSize(t *testing.T) {
+	id := strings.Repeat("a", shortLen+1)
+	if IsShortID(id) {
+		t.Fatalf("%s is not a short ID", id)
+	}
+	id = strings.Repeat("a", shortLen-1)
+	if IsShortID(id) {
+		t.Fatalf("%s is not a short ID", id)
+	}
+}
diff --git a/pkg/stringutils/README.md b/pkg/stringutils/README.md
new file mode 100644
index 00000000..b3e45457
--- /dev/null
+++ b/pkg/stringutils/README.md
@@ -0,0 +1 @@
+This package provides helper functions for dealing with strings
diff --git a/pkg/stringutils/stringutils.go b/pkg/stringutils/stringutils.go
new file mode 100644
index 00000000..41a0d2eb
--- /dev/null
+++ b/pkg/stringutils/stringutils.go
@@ -0,0 +1,87 @@
+// Package stringutils provides helper functions for dealing with strings.
+package stringutils
+
+import (
+	"bytes"
+	"math/rand"
+	"strings"
+
+	"github.com/docker/docker/pkg/random"
+)
+
+// GenerateRandomAlphaOnlyString generates an alphabetical random string with length n.
+func GenerateRandomAlphaOnlyString(n int) string {
+	// make a really long string
+	letters := []byte("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")
+	b := make([]byte, n)
+	for i := range b {
+		b[i] = letters[random.Rand.Intn(len(letters))]
+	}
+	return string(b)
+}
+
+// GenerateRandomASCIIString generates an ASCII random stirng with length n.
+func GenerateRandomASCIIString(n int) string {
+	chars := "abcdefghijklmnopqrstuvwxyz" +
+		"ABCDEFGHIJKLMNOPQRSTUVWXYZ" +
+		"~!@#$%^&*()-_+={}[]\\|<,>.?/\"';:` "
+	res := make([]byte, n)
+	for i := 0; i < n; i++ {
+		res[i] = chars[rand.Intn(len(chars))]
+	}
+	return string(res)
+}
+
+// Truncate truncates a string to maxlen.
+func Truncate(s string, maxlen int) string {
+	if len(s) <= maxlen {
+		return s
+	}
+	return s[:maxlen]
+}
+
+// InSlice tests whether a string is contained in a slice of strings or not.
+// Comparison is case insensitive
+func InSlice(slice []string, s string) bool {
+	for _, ss := range slice {
+		if strings.ToLower(s) == strings.ToLower(ss) {
+			return true
+		}
+	}
+	return false
+}
+
+func quote(word string, buf *bytes.Buffer) {
+	// Bail out early for "simple" strings
+	if word != "" && !strings.ContainsAny(word, "\\'\"`${[|&;<>()~*?! \t\n") {
+		buf.WriteString(word)
+		return
+	}
+
+	buf.WriteString("'")
+
+	for i := 0; i < len(word); i++ {
+		b := word[i]
+		if b == '\'' {
+			// Replace literal ' with a close ', a \', and a open '
+			buf.WriteString("'\\''")
+		} else {
+			buf.WriteByte(b)
+		}
+	}
+
+	buf.WriteString("'")
+}
+
+// ShellQuoteArguments takes a list of strings and escapes them so they will be
+// handled right when passed as arguments to an program via a shell
+func ShellQuoteArguments(args []string) string {
+	var buf bytes.Buffer
+	for i, arg := range args {
+		if i != 0 {
+			buf.WriteByte(' ')
+		}
+		quote(arg, &buf)
+	}
+	return buf.String()
+}
diff --git a/pkg/stringutils/stringutils_test.go b/pkg/stringutils/stringutils_test.go
new file mode 100644
index 00000000..fec59450
--- /dev/null
+++ b/pkg/stringutils/stringutils_test.go
@@ -0,0 +1,105 @@
+package stringutils
+
+import "testing"
+
+func testLengthHelper(generator func(int) string, t *testing.T) {
+	expectedLength := 20
+	s := generator(expectedLength)
+	if len(s) != expectedLength {
+		t.Fatalf("Length of %s was %d but expected length %d", s, len(s), expectedLength)
+	}
+}
+
+func testUniquenessHelper(generator func(int) string, t *testing.T) {
+	repeats := 25
+	set := make(map[string]struct{}, repeats)
+	for i := 0; i < repeats; i = i + 1 {
+		str := generator(64)
+		if len(str) != 64 {
+			t.Fatalf("Id returned is incorrect: %s", str)
+		}
+		if _, ok := set[str]; ok {
+			t.Fatalf("Random number is repeated")
+		}
+		set[str] = struct{}{}
+	}
+}
+
+func isASCII(s string) bool {
+	for _, c := range s {
+		if c > 127 {
+			return false
+		}
+	}
+	return true
+}
+
+func TestGenerateRandomAlphaOnlyStringLength(t *testing.T) {
+	testLengthHelper(GenerateRandomAlphaOnlyString, t)
+}
+
+func TestGenerateRandomAlphaOnlyStringUniqueness(t *testing.T) {
+	testUniquenessHelper(GenerateRandomAlphaOnlyString, t)
+}
+
+func TestGenerateRandomAsciiStringLength(t *testing.T) {
+	testLengthHelper(GenerateRandomASCIIString, t)
+}
+
+func TestGenerateRandomAsciiStringUniqueness(t *testing.T) {
+	testUniquenessHelper(GenerateRandomASCIIString, t)
+}
+
+func TestGenerateRandomAsciiStringIsAscii(t *testing.T) {
+	str := GenerateRandomASCIIString(64)
+	if !isASCII(str) {
+		t.Fatalf("%s contained non-ascii characters", str)
+	}
+}
+
+func TestTruncate(t *testing.T) {
+	str := "teststring"
+	newstr := Truncate(str, 4)
+	if newstr != "test" {
+		t.Fatalf("Expected test, got %s", newstr)
+	}
+	newstr = Truncate(str, 20)
+	if newstr != "teststring" {
+		t.Fatalf("Expected teststring, got %s", newstr)
+	}
+}
+
+func TestInSlice(t *testing.T) {
+	slice := []string{"test", "in", "slice"}
+
+	test := InSlice(slice, "test")
+	if !test {
+		t.Fatalf("Expected string test to be in slice")
+	}
+	test = InSlice(slice, "SLICE")
+	if !test {
+		t.Fatalf("Expected string SLICE to be in slice")
+	}
+	test = InSlice(slice, "notinslice")
+	if test {
+		t.Fatalf("Expected string notinslice not to be in slice")
+	}
+}
+
+func TestShellQuoteArgumentsEmpty(t *testing.T) {
+	actual := ShellQuoteArguments([]string{})
+	expected := ""
+	if actual != expected {
+		t.Fatalf("Expected an empty string")
+	}
+}
+
+func TestShellQuoteArguments(t *testing.T) {
+	simpleString := "simpleString"
+	complexString := "This is a 'more' complex $tring with some special char *"
+	actual := ShellQuoteArguments([]string{simpleString, complexString})
+	expected := "simpleString 'This is a '\\''more'\\'' complex $tring with some special char *'"
+	if actual != expected {
+		t.Fatalf("Expected \"%v\", got \"%v\"", expected, actual)
+	}
+}
diff --git a/pkg/symlink/LICENSE.APACHE b/pkg/symlink/LICENSE.APACHE
new file mode 100644
index 00000000..34c4ea7c
--- /dev/null
+++ b/pkg/symlink/LICENSE.APACHE
@@ -0,0 +1,191 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   Copyright 2014-2016 Docker, Inc.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/pkg/symlink/LICENSE.BSD b/pkg/symlink/LICENSE.BSD
new file mode 100644
index 00000000..9b4f4a29
--- /dev/null
+++ b/pkg/symlink/LICENSE.BSD
@@ -0,0 +1,27 @@
+Copyright (c) 2014-2016 The Docker & Go Authors. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+   * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+   * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+   * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/pkg/symlink/README.md b/pkg/symlink/README.md
new file mode 100644
index 00000000..8dba54fd
--- /dev/null
+++ b/pkg/symlink/README.md
@@ -0,0 +1,6 @@
+Package symlink implements EvalSymlinksInScope which is an extension of filepath.EvalSymlinks,
+as well as a Windows long-path aware version of filepath.EvalSymlinks
+from the [Go standard library](https://golang.org/pkg/path/filepath).
+
+The code from filepath.EvalSymlinks has been adapted in fs.go.
+Please read the LICENSE.BSD file that governs fs.go and LICENSE.APACHE for fs_test.go.
diff --git a/pkg/symlink/fs.go b/pkg/symlink/fs.go
new file mode 100644
index 00000000..dcf707f4
--- /dev/null
+++ b/pkg/symlink/fs.go
@@ -0,0 +1,143 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE.BSD file.
+
+// This code is a modified version of path/filepath/symlink.go from the Go standard library.
+
+package symlink
+
+import (
+	"bytes"
+	"errors"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/docker/docker/pkg/system"
+)
+
+// FollowSymlinkInScope is a wrapper around evalSymlinksInScope that returns an
+// absolute path. This function handles paths in a platform-agnostic manner.
+func FollowSymlinkInScope(path, root string) (string, error) {
+	path, err := filepath.Abs(filepath.FromSlash(path))
+	if err != nil {
+		return "", err
+	}
+	root, err = filepath.Abs(filepath.FromSlash(root))
+	if err != nil {
+		return "", err
+	}
+	return evalSymlinksInScope(path, root)
+}
+
+// evalSymlinksInScope will evaluate symlinks in `path` within a scope `root` and return
+// a result guaranteed to be contained within the scope `root`, at the time of the call.
+// Symlinks in `root` are not evaluated and left as-is.
+// Errors encountered while attempting to evaluate symlinks in path will be returned.
+// Non-existing paths are valid and do not constitute an error.
+// `path` has to contain `root` as a prefix, or else an error will be returned.
+// Trying to break out from `root` does not constitute an error.
+//
+// Example:
+//   If /foo/bar -> /outside,
+//   FollowSymlinkInScope("/foo/bar", "/foo") == "/foo/outside" instead of "/oustide"
+//
+// IMPORTANT: it is the caller's responsibility to call evalSymlinksInScope *after* relevant symlinks
+// are created and not to create subsequently, additional symlinks that could potentially make a
+// previously-safe path, unsafe. Example: if /foo/bar does not exist, evalSymlinksInScope("/foo/bar", "/foo")
+// would return "/foo/bar". If one makes /foo/bar a symlink to /baz subsequently, then "/foo/bar" should
+// no longer be considered safely contained in "/foo".
+func evalSymlinksInScope(path, root string) (string, error) {
+	root = filepath.Clean(root)
+	if path == root {
+		return path, nil
+	}
+	if !strings.HasPrefix(path, root) {
+		return "", errors.New("evalSymlinksInScope: " + path + " is not in " + root)
+	}
+	const maxIter = 255
+	originalPath := path
+	// given root of "/a" and path of "/a/b/../../c" we want path to be "/b/../../c"
+	path = path[len(root):]
+	if root == string(filepath.Separator) {
+		path = string(filepath.Separator) + path
+	}
+	if !strings.HasPrefix(path, string(filepath.Separator)) {
+		return "", errors.New("evalSymlinksInScope: " + path + " is not in " + root)
+	}
+	path = filepath.Clean(path)
+	// consume path by taking each frontmost path element,
+	// expanding it if it's a symlink, and appending it to b
+	var b bytes.Buffer
+	// b here will always be considered to be the "current absolute path inside
+	// root" when we append paths to it, we also append a slash and use
+	// filepath.Clean after the loop to trim the trailing slash
+	for n := 0; path != ""; n++ {
+		if n > maxIter {
+			return "", errors.New("evalSymlinksInScope: too many links in " + originalPath)
+		}
+
+		// find next path component, p
+		i := strings.IndexRune(path, filepath.Separator)
+		var p string
+		if i == -1 {
+			p, path = path, ""
+		} else {
+			p, path = path[:i], path[i+1:]
+		}
+
+		if p == "" {
+			continue
+		}
+
+		// this takes a b.String() like "b/../" and a p like "c" and turns it
+		// into "/b/../c" which then gets filepath.Cleaned into "/c" and then
+		// root gets prepended and we Clean again (to remove any trailing slash
+		// if the first Clean gave us just "/")
+		cleanP := filepath.Clean(string(filepath.Separator) + b.String() + p)
+		if cleanP == string(filepath.Separator) {
+			// never Lstat "/" itself
+			b.Reset()
+			continue
+		}
+		fullP := filepath.Clean(root + cleanP)
+
+		fi, err := os.Lstat(fullP)
+		if os.IsNotExist(err) {
+			// if p does not exist, accept it
+			b.WriteString(p)
+			b.WriteRune(filepath.Separator)
+			continue
+		}
+		if err != nil {
+			return "", err
+		}
+		if fi.Mode()&os.ModeSymlink == 0 {
+			b.WriteString(p + string(filepath.Separator))
+			continue
+		}
+
+		// it's a symlink, put it at the front of path
+		dest, err := os.Readlink(fullP)
+		if err != nil {
+			return "", err
+		}
+		if system.IsAbs(dest) {
+			b.Reset()
+		}
+		path = dest + string(filepath.Separator) + path
+	}
+
+	// see note above on "fullP := ..." for why this is double-cleaned and
+	// what's happening here
+	return filepath.Clean(root + filepath.Clean(string(filepath.Separator)+b.String())), nil
+}
+
+// EvalSymlinks returns the path name after the evaluation of any symbolic
+// links.
+// If path is relative the result will be relative to the current directory,
+// unless one of the components is an absolute symbolic link.
+// This version has been updated to support long paths prepended with `\\?\`.
+func EvalSymlinks(path string) (string, error) {
+	return evalSymlinks(path)
+}
diff --git a/pkg/symlink/fs_unix.go b/pkg/symlink/fs_unix.go
new file mode 100644
index 00000000..818004f2
--- /dev/null
+++ b/pkg/symlink/fs_unix.go
@@ -0,0 +1,11 @@
+// +build !windows
+
+package symlink
+
+import (
+	"path/filepath"
+)
+
+func evalSymlinks(path string) (string, error) {
+	return filepath.EvalSymlinks(path)
+}
diff --git a/pkg/symlink/fs_unix_test.go b/pkg/symlink/fs_unix_test.go
new file mode 100644
index 00000000..7085c0b6
--- /dev/null
+++ b/pkg/symlink/fs_unix_test.go
@@ -0,0 +1,407 @@
+// +build !windows
+
+// Licensed under the Apache License, Version 2.0; See LICENSE.APACHE
+
+package symlink
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"testing"
+)
+
+// TODO Windows: This needs some serious work to port to Windows. For now,
+// turning off testing in this package.
+
+type dirOrLink struct {
+	path   string
+	target string
+}
+
+func makeFs(tmpdir string, fs []dirOrLink) error {
+	for _, s := range fs {
+		s.path = filepath.Join(tmpdir, s.path)
+		if s.target == "" {
+			os.MkdirAll(s.path, 0755)
+			continue
+		}
+		if err := os.MkdirAll(filepath.Dir(s.path), 0755); err != nil {
+			return err
+		}
+		if err := os.Symlink(s.target, s.path); err != nil && !os.IsExist(err) {
+			return err
+		}
+	}
+	return nil
+}
+
+func testSymlink(tmpdir, path, expected, scope string) error {
+	rewrite, err := FollowSymlinkInScope(filepath.Join(tmpdir, path), filepath.Join(tmpdir, scope))
+	if err != nil {
+		return err
+	}
+	expected, err = filepath.Abs(filepath.Join(tmpdir, expected))
+	if err != nil {
+		return err
+	}
+	if expected != rewrite {
+		return fmt.Errorf("Expected %q got %q", expected, rewrite)
+	}
+	return nil
+}
+
+func TestFollowSymlinkAbsolute(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkAbsolute")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	if err := makeFs(tmpdir, []dirOrLink{{path: "testdata/fs/a/d", target: "/b"}}); err != nil {
+		t.Fatal(err)
+	}
+	if err := testSymlink(tmpdir, "testdata/fs/a/d/c/data", "testdata/b/c/data", "testdata"); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestFollowSymlinkRelativePath(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkRelativePath")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	if err := makeFs(tmpdir, []dirOrLink{{path: "testdata/fs/i", target: "a"}}); err != nil {
+		t.Fatal(err)
+	}
+	if err := testSymlink(tmpdir, "testdata/fs/i", "testdata/fs/a", "testdata"); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestFollowSymlinkSkipSymlinksOutsideScope(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkSkipSymlinksOutsideScope")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	if err := makeFs(tmpdir, []dirOrLink{
+		{path: "linkdir", target: "realdir"},
+		{path: "linkdir/foo/bar"},
+	}); err != nil {
+		t.Fatal(err)
+	}
+	if err := testSymlink(tmpdir, "linkdir/foo/bar", "linkdir/foo/bar", "linkdir/foo"); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestFollowSymlinkInvalidScopePathPair(t *testing.T) {
+	if _, err := FollowSymlinkInScope("toto", "testdata"); err == nil {
+		t.Fatal("expected an error")
+	}
+}
+
+func TestFollowSymlinkLastLink(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkLastLink")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	if err := makeFs(tmpdir, []dirOrLink{{path: "testdata/fs/a/d", target: "/b"}}); err != nil {
+		t.Fatal(err)
+	}
+	if err := testSymlink(tmpdir, "testdata/fs/a/d", "testdata/b", "testdata"); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestFollowSymlinkRelativeLinkChangeScope(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkRelativeLinkChangeScope")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	if err := makeFs(tmpdir, []dirOrLink{{path: "testdata/fs/a/e", target: "../b"}}); err != nil {
+		t.Fatal(err)
+	}
+	if err := testSymlink(tmpdir, "testdata/fs/a/e/c/data", "testdata/fs/b/c/data", "testdata"); err != nil {
+		t.Fatal(err)
+	}
+	// avoid letting allowing symlink e lead us to ../b
+	// normalize to the "testdata/fs/a"
+	if err := testSymlink(tmpdir, "testdata/fs/a/e", "testdata/fs/a/b", "testdata/fs/a"); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestFollowSymlinkDeepRelativeLinkChangeScope(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkDeepRelativeLinkChangeScope")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+
+	if err := makeFs(tmpdir, []dirOrLink{{path: "testdata/fs/a/f", target: "../../../../test"}}); err != nil {
+		t.Fatal(err)
+	}
+	// avoid letting symlink f lead us out of the "testdata" scope
+	// we don't normalize because symlink f is in scope and there is no
+	// information leak
+	if err := testSymlink(tmpdir, "testdata/fs/a/f", "testdata/test", "testdata"); err != nil {
+		t.Fatal(err)
+	}
+	// avoid letting symlink f lead us out of the "testdata/fs" scope
+	// we don't normalize because symlink f is in scope and there is no
+	// information leak
+	if err := testSymlink(tmpdir, "testdata/fs/a/f", "testdata/fs/test", "testdata/fs"); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestFollowSymlinkRelativeLinkChain(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkRelativeLinkChain")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+
+	// avoid letting symlink g (pointed at by symlink h) take out of scope
+	// TODO: we should probably normalize to scope here because ../[....]/root
+	// is out of scope and we leak information
+	if err := makeFs(tmpdir, []dirOrLink{
+		{path: "testdata/fs/b/h", target: "../g"},
+		{path: "testdata/fs/g", target: "../../../../../../../../../../../../root"},
+	}); err != nil {
+		t.Fatal(err)
+	}
+	if err := testSymlink(tmpdir, "testdata/fs/b/h", "testdata/root", "testdata"); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestFollowSymlinkBreakoutPath(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkBreakoutPath")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+
+	// avoid letting symlink -> ../directory/file escape from scope
+	// normalize to "testdata/fs/j"
+	if err := makeFs(tmpdir, []dirOrLink{{path: "testdata/fs/j/k", target: "../i/a"}}); err != nil {
+		t.Fatal(err)
+	}
+	if err := testSymlink(tmpdir, "testdata/fs/j/k", "testdata/fs/j/i/a", "testdata/fs/j"); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestFollowSymlinkToRoot(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkToRoot")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+
+	// make sure we don't allow escaping to /
+	// normalize to dir
+	if err := makeFs(tmpdir, []dirOrLink{{path: "foo", target: "/"}}); err != nil {
+		t.Fatal(err)
+	}
+	if err := testSymlink(tmpdir, "foo", "", ""); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestFollowSymlinkSlashDotdot(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkSlashDotdot")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	tmpdir = filepath.Join(tmpdir, "dir", "subdir")
+
+	// make sure we don't allow escaping to /
+	// normalize to dir
+	if err := makeFs(tmpdir, []dirOrLink{{path: "foo", target: "/../../"}}); err != nil {
+		t.Fatal(err)
+	}
+	if err := testSymlink(tmpdir, "foo", "", ""); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestFollowSymlinkDotdot(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkDotdot")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+	tmpdir = filepath.Join(tmpdir, "dir", "subdir")
+
+	// make sure we stay in scope without leaking information
+	// this also checks for escaping to /
+	// normalize to dir
+	if err := makeFs(tmpdir, []dirOrLink{{path: "foo", target: "../../"}}); err != nil {
+		t.Fatal(err)
+	}
+	if err := testSymlink(tmpdir, "foo", "", ""); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestFollowSymlinkRelativePath2(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkRelativePath2")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+
+	if err := makeFs(tmpdir, []dirOrLink{{path: "bar/foo", target: "baz/target"}}); err != nil {
+		t.Fatal(err)
+	}
+	if err := testSymlink(tmpdir, "bar/foo", "bar/baz/target", ""); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestFollowSymlinkScopeLink(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkScopeLink")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+
+	if err := makeFs(tmpdir, []dirOrLink{
+		{path: "root2"},
+		{path: "root", target: "root2"},
+		{path: "root2/foo", target: "../bar"},
+	}); err != nil {
+		t.Fatal(err)
+	}
+	if err := testSymlink(tmpdir, "root/foo", "root/bar", "root"); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestFollowSymlinkRootScope(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkRootScope")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+
+	expected, err := filepath.EvalSymlinks(tmpdir)
+	if err != nil {
+		t.Fatal(err)
+	}
+	rewrite, err := FollowSymlinkInScope(tmpdir, "/")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if rewrite != expected {
+		t.Fatalf("expected %q got %q", expected, rewrite)
+	}
+}
+
+func TestFollowSymlinkEmpty(t *testing.T) {
+	res, err := FollowSymlinkInScope("", "")
+	if err != nil {
+		t.Fatal(err)
+	}
+	wd, err := os.Getwd()
+	if err != nil {
+		t.Fatal(err)
+	}
+	if res != wd {
+		t.Fatalf("expected %q got %q", wd, res)
+	}
+}
+
+func TestFollowSymlinkCircular(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkCircular")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+
+	if err := makeFs(tmpdir, []dirOrLink{{path: "root/foo", target: "foo"}}); err != nil {
+		t.Fatal(err)
+	}
+	if err := testSymlink(tmpdir, "root/foo", "", "root"); err == nil {
+		t.Fatal("expected an error for foo -> foo")
+	}
+
+	if err := makeFs(tmpdir, []dirOrLink{
+		{path: "root/bar", target: "baz"},
+		{path: "root/baz", target: "../bak"},
+		{path: "root/bak", target: "/bar"},
+	}); err != nil {
+		t.Fatal(err)
+	}
+	if err := testSymlink(tmpdir, "root/foo", "", "root"); err == nil {
+		t.Fatal("expected an error for bar -> baz -> bak -> bar")
+	}
+}
+
+func TestFollowSymlinkComplexChainWithTargetPathsContainingLinks(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkComplexChainWithTargetPathsContainingLinks")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+
+	if err := makeFs(tmpdir, []dirOrLink{
+		{path: "root2"},
+		{path: "root", target: "root2"},
+		{path: "root/a", target: "r/s"},
+		{path: "root/r", target: "../root/t"},
+		{path: "root/root/t/s/b", target: "/../u"},
+		{path: "root/u/c", target: "."},
+		{path: "root/u/x/y", target: "../v"},
+		{path: "root/u/v", target: "/../w"},
+	}); err != nil {
+		t.Fatal(err)
+	}
+	if err := testSymlink(tmpdir, "root/a/b/c/x/y/z", "root/w/z", "root"); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestFollowSymlinkBreakoutNonExistent(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkBreakoutNonExistent")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+
+	if err := makeFs(tmpdir, []dirOrLink{
+		{path: "root/slash", target: "/"},
+		{path: "root/sym", target: "/idontexist/../slash"},
+	}); err != nil {
+		t.Fatal(err)
+	}
+	if err := testSymlink(tmpdir, "root/sym/file", "root/file", "root"); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestFollowSymlinkNoLexicalCleaning(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkNoLexicalCleaning")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpdir)
+
+	if err := makeFs(tmpdir, []dirOrLink{
+		{path: "root/sym", target: "/foo/bar"},
+		{path: "root/hello", target: "/sym/../baz"},
+	}); err != nil {
+		t.Fatal(err)
+	}
+	if err := testSymlink(tmpdir, "root/hello", "root/foo/baz", "root"); err != nil {
+		t.Fatal(err)
+	}
+}
diff --git a/pkg/symlink/fs_windows.go b/pkg/symlink/fs_windows.go
new file mode 100644
index 00000000..449fe564
--- /dev/null
+++ b/pkg/symlink/fs_windows.go
@@ -0,0 +1,155 @@
+package symlink
+
+import (
+	"bytes"
+	"errors"
+	"os"
+	"path/filepath"
+	"strings"
+	"syscall"
+
+	"github.com/docker/docker/pkg/longpath"
+)
+
+func toShort(path string) (string, error) {
+	p, err := syscall.UTF16FromString(path)
+	if err != nil {
+		return "", err
+	}
+	b := p // GetShortPathName says we can reuse buffer
+	n, err := syscall.GetShortPathName(&p[0], &b[0], uint32(len(b)))
+	if err != nil {
+		return "", err
+	}
+	if n > uint32(len(b)) {
+		b = make([]uint16, n)
+		if _, err = syscall.GetShortPathName(&p[0], &b[0], uint32(len(b))); err != nil {
+			return "", err
+		}
+	}
+	return syscall.UTF16ToString(b), nil
+}
+
+func toLong(path string) (string, error) {
+	p, err := syscall.UTF16FromString(path)
+	if err != nil {
+		return "", err
+	}
+	b := p // GetLongPathName says we can reuse buffer
+	n, err := syscall.GetLongPathName(&p[0], &b[0], uint32(len(b)))
+	if err != nil {
+		return "", err
+	}
+	if n > uint32(len(b)) {
+		b = make([]uint16, n)
+		n, err = syscall.GetLongPathName(&p[0], &b[0], uint32(len(b)))
+		if err != nil {
+			return "", err
+		}
+	}
+	b = b[:n]
+	return syscall.UTF16ToString(b), nil
+}
+
+func evalSymlinks(path string) (string, error) {
+	path, err := walkSymlinks(path)
+	if err != nil {
+		return "", err
+	}
+
+	p, err := toShort(path)
+	if err != nil {
+		return "", err
+	}
+	p, err = toLong(p)
+	if err != nil {
+		return "", err
+	}
+	// syscall.GetLongPathName does not change the case of the drive letter,
+	// but the result of EvalSymlinks must be unique, so we have
+	// EvalSymlinks(`c:\a`) == EvalSymlinks(`C:\a`).
+	// Make drive letter upper case.
+	if len(p) >= 2 && p[1] == ':' && 'a' <= p[0] && p[0] <= 'z' {
+		p = string(p[0]+'A'-'a') + p[1:]
+	} else if len(p) >= 6 && p[5] == ':' && 'a' <= p[4] && p[4] <= 'z' {
+		p = p[:3] + string(p[4]+'A'-'a') + p[5:]
+	}
+	return filepath.Clean(p), nil
+}
+
+const utf8RuneSelf = 0x80
+
+func walkSymlinks(path string) (string, error) {
+	const maxIter = 255
+	originalPath := path
+	// consume path by taking each frontmost path element,
+	// expanding it if it's a symlink, and appending it to b
+	var b bytes.Buffer
+	for n := 0; path != ""; n++ {
+		if n > maxIter {
+			return "", errors.New("EvalSymlinks: too many links in " + originalPath)
+		}
+
+		// A path beginning with `\\?\` represents the root, so automatically
+		// skip that part and begin processing the next segment.
+		if strings.HasPrefix(path, longpath.Prefix) {
+			b.WriteString(longpath.Prefix)
+			path = path[4:]
+			continue
+		}
+
+		// find next path component, p
+		var i = -1
+		for j, c := range path {
+			if c < utf8RuneSelf && os.IsPathSeparator(uint8(c)) {
+				i = j
+				break
+			}
+		}
+		var p string
+		if i == -1 {
+			p, path = path, ""
+		} else {
+			p, path = path[:i], path[i+1:]
+		}
+
+		if p == "" {
+			if b.Len() == 0 {
+				// must be absolute path
+				b.WriteRune(filepath.Separator)
+			}
+			continue
+		}
+
+		// If this is the first segment after the long path prefix, accept the
+		// current segment as a volume root or UNC share and move on to the next.
+		if b.String() == longpath.Prefix {
+			b.WriteString(p)
+			b.WriteRune(filepath.Separator)
+			continue
+		}
+
+		fi, err := os.Lstat(b.String() + p)
+		if err != nil {
+			return "", err
+		}
+		if fi.Mode()&os.ModeSymlink == 0 {
+			b.WriteString(p)
+			if path != "" || (b.Len() == 2 && len(p) == 2 && p[1] == ':') {
+				b.WriteRune(filepath.Separator)
+			}
+			continue
+		}
+
+		// it's a symlink, put it at the front of path
+		dest, err := os.Readlink(b.String() + p)
+		if err != nil {
+			return "", err
+		}
+		if filepath.IsAbs(dest) || os.IsPathSeparator(dest[0]) {
+			b.Reset()
+		}
+		path = dest + string(filepath.Separator) + path
+	}
+	return filepath.Clean(b.String()), nil
+}
diff --git a/pkg/sysinfo/README.md b/pkg/sysinfo/README.md
new file mode 100644
index 00000000..c1530cef
--- /dev/null
+++ b/pkg/sysinfo/README.md
@@ -0,0 +1 @@
+SysInfo stores information about which features a kernel supports.
diff --git a/pkg/sysinfo/sysinfo.go b/pkg/sysinfo/sysinfo.go
new file mode 100644
index 00000000..cbd00999
--- /dev/null
+++ b/pkg/sysinfo/sysinfo.go
@@ -0,0 +1,128 @@
+package sysinfo
+
+import "github.com/docker/docker/pkg/parsers"
+
+// SysInfo stores information about which features a kernel supports.
+// TODO Windows: Factor out platform specific capabilities.
+type SysInfo struct {
+	// Whether the kernel supports AppArmor or not
+	AppArmor bool
+	// Whether the kernel supports Seccomp or not
+	Seccomp bool
+
+	cgroupMemInfo
+	cgroupCPUInfo
+	cgroupBlkioInfo
+	cgroupCpusetInfo
+	cgroupPids
+
+	// Whether IPv4 forwarding is supported or not, if this was disabled, networking will not work
+	IPv4ForwardingDisabled bool
+
+	// Whether bridge-nf-call-iptables is supported or not
+	BridgeNFCallIPTablesDisabled bool
+
+	// Whether bridge-nf-call-ip6tables is supported or not
+	BridgeNFCallIP6TablesDisabled bool
+
+	// Whether the cgroup has the mountpoint of "devices" or not
+	CgroupDevicesEnabled bool
+}
+
+type cgroupMemInfo struct {
+	// Whether memory limit is supported or not
+	MemoryLimit bool
+
+	// Whether swap limit is supported or not
+	SwapLimit bool
+
+	// Whether soft limit is supported or not
+	MemoryReservation bool
+
+	// Whether OOM killer disable is supported or not
+	OomKillDisable bool
+
+	// Whether memory swappiness is supported or not
+	MemorySwappiness bool
+
+	// Whether kernel memory limit is supported or not
+	KernelMemory bool
+}
+
+type cgroupCPUInfo struct {
+	// Whether CPU shares is supported or not
+	CPUShares bool
+
+	// Whether CPU CFS(Completely Fair Scheduler) period is supported or not
+	CPUCfsPeriod bool
+
+	// Whether CPU CFS(Completely Fair Scheduler) quota is supported or not
+	CPUCfsQuota bool
+}
+
+type cgroupBlkioInfo struct {
+	// Whether Block IO weight is supported or not
+	BlkioWeight bool
+
+	// Whether Block IO weight_device is supported or not
+	BlkioWeightDevice bool
+
+	// Whether Block IO read limit in bytes per second is supported or not
+	BlkioReadBpsDevice bool
+
+	// Whether Block IO write limit in bytes per second is supported or not
+	BlkioWriteBpsDevice bool
+
+	// Whether Block IO read limit in IO per second is supported or not
+	BlkioReadIOpsDevice bool
+
+	// Whether Block IO write limit in IO per second is supported or not
+	BlkioWriteIOpsDevice bool
+}
+
+type cgroupCpusetInfo struct {
+	// Whether Cpuset is supported or not
+	Cpuset bool
+
+	// Available Cpuset's cpus
+	Cpus string
+
+	// Available Cpuset's memory nodes
+	Mems string
+}
+
+type cgroupPids struct {
+	// Whether Pids Limit is supported or not
+	PidsLimit bool
+}
+
+// IsCpusetCpusAvailable returns `true` if the provided string set is contained
+// in cgroup's cpuset.cpus set, `false` otherwise.
+// If error is not nil a parsing error occurred.
+func (c cgroupCpusetInfo) IsCpusetCpusAvailable(provided string) (bool, error) {
+	return isCpusetListAvailable(provided, c.Cpus)
+}
+
+// IsCpusetMemsAvailable returns `true` if the provided string set is contained
+// in cgroup's cpuset.mems set, `false` otherwise.
+// If error is not nil a parsing error occurred.
+func (c cgroupCpusetInfo) IsCpusetMemsAvailable(provided string) (bool, error) {
+	return isCpusetListAvailable(provided, c.Mems)
+}
+
+func isCpusetListAvailable(provided, available string) (bool, error) {
+	parsedProvided, err := parsers.ParseUintList(provided)
+	if err != nil {
+		return false, err
+	}
+	parsedAvailable, err := parsers.ParseUintList(available)
+	if err != nil {
+		return false, err
+	}
+	for k := range parsedProvided {
+		if !parsedAvailable[k] {
+			return false, nil
+		}
+	}
+	return true, nil
+}
diff --git a/pkg/sysinfo/sysinfo_freebsd.go b/pkg/sysinfo/sysinfo_freebsd.go
new file mode 100644
index 00000000..22ae0d95
--- /dev/null
+++ b/pkg/sysinfo/sysinfo_freebsd.go
@@ -0,0 +1,7 @@
+package sysinfo
+
+// New returns an empty SysInfo for freebsd for now.
+func New(quiet bool) *SysInfo {
+	sysInfo := &SysInfo{}
+	return sysInfo
+}
diff --git a/pkg/sysinfo/sysinfo_linux.go b/pkg/sysinfo/sysinfo_linux.go
new file mode 100644
index 00000000..41fb0d2b
--- /dev/null
+++ b/pkg/sysinfo/sysinfo_linux.go
@@ -0,0 +1,246 @@
+package sysinfo
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path"
+	"strings"
+	"syscall"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/opencontainers/runc/libcontainer/cgroups"
+)
+
+const (
+	// SeccompModeFilter refers to the syscall argument SECCOMP_MODE_FILTER.
+	SeccompModeFilter = uintptr(2)
+)
+
+func findCgroupMountpoints() (map[string]string, error) {
+	cgMounts, err := cgroups.GetCgroupMounts()
+	if err != nil {
+		return nil, fmt.Errorf("Failed to parse cgroup information: %v", err)
+	}
+	mps := make(map[string]string)
+	for _, m := range cgMounts {
+		for _, ss := range m.Subsystems {
+			mps[ss] = m.Mountpoint
+		}
+	}
+	return mps, nil
+}
+
+// New returns a new SysInfo, using the filesystem to detect which features
+// the kernel supports. If `quiet` is `false` warnings are printed in logs
+// whenever an error occurs or misconfigurations are present.
+func New(quiet bool) *SysInfo {
+	sysInfo := &SysInfo{}
+	cgMounts, err := findCgroupMountpoints()
+	if err != nil {
+		logrus.Warnf("Failed to parse cgroup information: %v", err)
+	} else {
+		sysInfo.cgroupMemInfo = checkCgroupMem(cgMounts, quiet)
+		sysInfo.cgroupCPUInfo = checkCgroupCPU(cgMounts, quiet)
+		sysInfo.cgroupBlkioInfo = checkCgroupBlkioInfo(cgMounts, quiet)
+		sysInfo.cgroupCpusetInfo = checkCgroupCpusetInfo(cgMounts, quiet)
+		sysInfo.cgroupPids = checkCgroupPids(quiet)
+	}
+
+	_, ok := cgMounts["devices"]
+	sysInfo.CgroupDevicesEnabled = ok
+
+	sysInfo.IPv4ForwardingDisabled = !readProcBool("/proc/sys/net/ipv4/ip_forward")
+	sysInfo.BridgeNFCallIPTablesDisabled = !readProcBool("/proc/sys/net/bridge/bridge-nf-call-iptables")
+	sysInfo.BridgeNFCallIP6TablesDisabled = !readProcBool("/proc/sys/net/bridge/bridge-nf-call-ip6tables")
+
+	// Check if AppArmor is supported.
+	if _, err := os.Stat("/sys/kernel/security/apparmor"); !os.IsNotExist(err) {
+		sysInfo.AppArmor = true
+	}
+
+	// Check if Seccomp is supported, via CONFIG_SECCOMP.
+	if _, _, err := syscall.RawSyscall(syscall.SYS_PRCTL, syscall.PR_GET_SECCOMP, 0, 0); err != syscall.EINVAL {
+		// Make sure the kernel has CONFIG_SECCOMP_FILTER.
+		if _, _, err := syscall.RawSyscall(syscall.SYS_PRCTL, syscall.PR_SET_SECCOMP, SeccompModeFilter, 0); err != syscall.EINVAL {
+			sysInfo.Seccomp = true
+		}
+	}
+
+	return sysInfo
+}
+
+// checkCgroupMem reads the memory information from the memory cgroup mount point.
+func checkCgroupMem(cgMounts map[string]string, quiet bool) cgroupMemInfo {
+	mountPoint, ok := cgMounts["memory"]
+	if !ok {
+		if !quiet {
+			logrus.Warnf("Your kernel does not support cgroup memory limit")
+		}
+		return cgroupMemInfo{}
+	}
+
+	swapLimit := cgroupEnabled(mountPoint, "memory.memsw.limit_in_bytes")
+	if !quiet && !swapLimit {
+		logrus.Warn("Your kernel does not support swap memory limit.")
+	}
+	memoryReservation := cgroupEnabled(mountPoint, "memory.soft_limit_in_bytes")
+	if !quiet && !memoryReservation {
+		logrus.Warn("Your kernel does not support memory reservation.")
+	}
+	oomKillDisable := cgroupEnabled(mountPoint, "memory.oom_control")
+	if !quiet && !oomKillDisable {
+		logrus.Warnf("Your kernel does not support oom control.")
+	}
+	memorySwappiness := cgroupEnabled(mountPoint, "memory.swappiness")
+	if !quiet && !memorySwappiness {
+		logrus.Warnf("Your kernel does not support memory swappiness.")
+	}
+	kernelMemory := cgroupEnabled(mountPoint, "memory.kmem.limit_in_bytes")
+	if !quiet && !kernelMemory {
+		logrus.Warnf("Your kernel does not support kernel memory limit.")
+	}
+
+	return cgroupMemInfo{
+		MemoryLimit:       true,
+		SwapLimit:         swapLimit,
+		MemoryReservation: memoryReservation,
+		OomKillDisable:    oomKillDisable,
+		MemorySwappiness:  memorySwappiness,
+		KernelMemory:      kernelMemory,
+	}
+}
+
+// checkCgroupCPU reads the cpu information from the cpu cgroup mount point.
+func checkCgroupCPU(cgMounts map[string]string, quiet bool) cgroupCPUInfo {
+	mountPoint, ok := cgMounts["cpu"]
+	if !ok {
+		if !quiet {
+			logrus.Warnf("Unable to find cpu cgroup in mounts")
+		}
+		return cgroupCPUInfo{}
+	}
+
+	cpuShares := cgroupEnabled(mountPoint, "cpu.shares")
+	if !quiet && !cpuShares {
+		logrus.Warn("Your kernel does not support cgroup cpu shares")
+	}
+
+	cpuCfsPeriod := cgroupEnabled(mountPoint, "cpu.cfs_period_us")
+	if !quiet && !cpuCfsPeriod {
+		logrus.Warn("Your kernel does not support cgroup cfs period")
+	}
+
+	cpuCfsQuota := cgroupEnabled(mountPoint, "cpu.cfs_quota_us")
+	if !quiet && !cpuCfsQuota {
+		logrus.Warn("Your kernel does not support cgroup cfs quotas")
+	}
+	return cgroupCPUInfo{
+		CPUShares:    cpuShares,
+		CPUCfsPeriod: cpuCfsPeriod,
+		CPUCfsQuota:  cpuCfsQuota,
+	}
+}
+
+// checkCgroupBlkioInfo reads the blkio information from the blkio cgroup mount point.
+func checkCgroupBlkioInfo(cgMounts map[string]string, quiet bool) cgroupBlkioInfo {
+	mountPoint, ok := cgMounts["blkio"]
+	if !ok {
+		if !quiet {
+			logrus.Warnf("Unable to find blkio cgroup in mounts")
+		}
+		return cgroupBlkioInfo{}
+	}
+
+	weight := cgroupEnabled(mountPoint, "blkio.weight")
+	if !quiet && !weight {
+		logrus.Warn("Your kernel does not support cgroup blkio weight")
+	}
+
+	weightDevice := cgroupEnabled(mountPoint, "blkio.weight_device")
+	if !quiet && !weightDevice {
+		logrus.Warn("Your kernel does not support cgroup blkio weight_device")
+	}
+
+	readBpsDevice := cgroupEnabled(mountPoint, "blkio.throttle.read_bps_device")
+	if !quiet && !readBpsDevice {
+		logrus.Warn("Your kernel does not support cgroup blkio throttle.read_bps_device")
+	}
+
+	writeBpsDevice := cgroupEnabled(mountPoint, "blkio.throttle.write_bps_device")
+	if !quiet && !writeBpsDevice {
+		logrus.Warn("Your kernel does not support cgroup blkio throttle.write_bps_device")
+	}
+	readIOpsDevice := cgroupEnabled(mountPoint, "blkio.throttle.read_iops_device")
+	if !quiet && !readIOpsDevice {
+		logrus.Warn("Your kernel does not support cgroup blkio throttle.read_iops_device")
+	}
+
+	writeIOpsDevice := cgroupEnabled(mountPoint, "blkio.throttle.write_iops_device")
+	if !quiet && !writeIOpsDevice {
+		logrus.Warn("Your kernel does not support cgroup blkio throttle.write_iops_device")
+	}
+	return cgroupBlkioInfo{
+		BlkioWeight:          weight,
+		BlkioWeightDevice:    weightDevice,
+		BlkioReadBpsDevice:   readBpsDevice,
+		BlkioWriteBpsDevice:  writeBpsDevice,
+		BlkioReadIOpsDevice:  readIOpsDevice,
+		BlkioWriteIOpsDevice: writeIOpsDevice,
+	}
+}
+
+// checkCgroupCpusetInfo reads the cpuset information from the cpuset cgroup mount point.
+func checkCgroupCpusetInfo(cgMounts map[string]string, quiet bool) cgroupCpusetInfo {
+	mountPoint, ok := cgMounts["cpuset"]
+	if !ok {
+		if !quiet {
+			logrus.Warnf("Unable to find cpuset cgroup in mounts")
+		}
+		return cgroupCpusetInfo{}
+	}
+
+	cpus, err := ioutil.ReadFile(path.Join(mountPoint, "cpuset.cpus"))
+	if err != nil {
+		return cgroupCpusetInfo{}
+	}
+
+	mems, err := ioutil.ReadFile(path.Join(mountPoint, "cpuset.mems"))
+	if err != nil {
+		return cgroupCpusetInfo{}
+	}
+
+	return cgroupCpusetInfo{
+		Cpuset: true,
+		Cpus:   strings.TrimSpace(string(cpus)),
+		Mems:   strings.TrimSpace(string(mems)),
+	}
+}
+
+// checkCgroupPids reads the pids information from the pids cgroup mount point.
+func checkCgroupPids(quiet bool) cgroupPids {
+	_, err := cgroups.FindCgroupMountpoint("pids")
+	if err != nil {
+		if !quiet {
+			logrus.Warn(err)
+		}
+		return cgroupPids{}
+	}
+
+	return cgroupPids{
+		PidsLimit: true,
+	}
+}
+
+func cgroupEnabled(mountPoint, name string) bool {
+	_, err := os.Stat(path.Join(mountPoint, name))
+	return err == nil
+}
+
+func readProcBool(path string) bool {
+	val, err := ioutil.ReadFile(path)
+	if err != nil {
+		return false
+	}
+	return strings.TrimSpace(string(val)) == "1"
+}
diff --git a/pkg/sysinfo/sysinfo_linux_test.go b/pkg/sysinfo/sysinfo_linux_test.go
new file mode 100644
index 00000000..fae0fdff
--- /dev/null
+++ b/pkg/sysinfo/sysinfo_linux_test.go
@@ -0,0 +1,58 @@
+package sysinfo
+
+import (
+	"io/ioutil"
+	"os"
+	"path"
+	"path/filepath"
+	"testing"
+)
+
+func TestReadProcBool(t *testing.T) {
+	tmpDir, err := ioutil.TempDir("", "test-sysinfo-proc")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpDir)
+
+	procFile := filepath.Join(tmpDir, "read-proc-bool")
+	if err := ioutil.WriteFile(procFile, []byte("1"), 644); err != nil {
+		t.Fatal(err)
+	}
+
+	if !readProcBool(procFile) {
+		t.Fatal("expected proc bool to be true, got false")
+	}
+
+	if err := ioutil.WriteFile(procFile, []byte("0"), 644); err != nil {
+		t.Fatal(err)
+	}
+	if readProcBool(procFile) {
+		t.Fatal("expected proc bool to be false, got false")
+	}
+
+	if readProcBool(path.Join(tmpDir, "no-exist")) {
+		t.Fatal("should be false for non-existent entry")
+	}
+
+}
+
+func TestCgroupEnabled(t *testing.T) {
+	cgroupDir, err := ioutil.TempDir("", "cgroup-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(cgroupDir)
+
+	if cgroupEnabled(cgroupDir, "test") {
+		t.Fatal("cgroupEnabled should be false")
+	}
+
+	if err := ioutil.WriteFile(path.Join(cgroupDir, "test"), []byte{}, 644); err != nil {
+		t.Fatal(err)
+	}
+
+	if !cgroupEnabled(cgroupDir, "test") {
+		t.Fatal("cgroupEnabled should be true")
+	}
+}
diff --git a/pkg/sysinfo/sysinfo_test.go b/pkg/sysinfo/sysinfo_test.go
new file mode 100644
index 00000000..b61fbcf5
--- /dev/null
+++ b/pkg/sysinfo/sysinfo_test.go
@@ -0,0 +1,26 @@
+package sysinfo
+
+import "testing"
+
+func TestIsCpusetListAvailable(t *testing.T) {
+	cases := []struct {
+		provided  string
+		available string
+		res       bool
+		err       bool
+	}{
+		{"1", "0-4", true, false},
+		{"01,3", "0-4", true, false},
+		{"", "0-7", true, false},
+		{"1--42", "0-7", false, true},
+		{"1-42", "00-1,8,,9", false, true},
+		{"1,41-42", "43,45", false, false},
+		{"0-3", "", false, false},
+	}
+	for _, c := range cases {
+		r, err := isCpusetListAvailable(c.provided, c.available)
+		if (c.err && err == nil) && r != c.res {
+			t.Fatalf("Expected pair: %v, %v for %s, %s. Got %v, %v instead", c.res, c.err, c.provided, c.available, (c.err && err == nil), r)
+		}
+	}
+}
diff --git a/pkg/sysinfo/sysinfo_windows.go b/pkg/sysinfo/sysinfo_windows.go
new file mode 100644
index 00000000..8889318c
--- /dev/null
+++ b/pkg/sysinfo/sysinfo_windows.go
@@ -0,0 +1,7 @@
+package sysinfo
+
+// New returns an empty SysInfo for windows for now.
+func New(quiet bool) *SysInfo {
+	sysInfo := &SysInfo{}
+	return sysInfo
+}
diff --git a/pkg/system/chtimes.go b/pkg/system/chtimes.go
new file mode 100644
index 00000000..7637f12e
--- /dev/null
+++ b/pkg/system/chtimes.go
@@ -0,0 +1,52 @@
+package system
+
+import (
+	"os"
+	"syscall"
+	"time"
+	"unsafe"
+)
+
+var (
+	maxTime time.Time
+)
+
+func init() {
+	if unsafe.Sizeof(syscall.Timespec{}.Nsec) == 8 {
+		// This is a 64 bit timespec
+		// os.Chtimes limits time to the following
+		maxTime = time.Unix(0, 1<<63-1)
+	} else {
+		// This is a 32 bit timespec
+		maxTime = time.Unix(1<<31-1, 0)
+	}
+}
+
+// Chtimes changes the access time and modified time of a file at the given path
+func Chtimes(name string, atime time.Time, mtime time.Time) error {
+	unixMinTime := time.Unix(0, 0)
+	unixMaxTime := maxTime
+
+	// If the modified time is prior to the Unix Epoch, or after the
+	// end of Unix Time, os.Chtimes has undefined behavior
+	// default to Unix Epoch in this case, just in case
+
+	if atime.Before(unixMinTime) || atime.After(unixMaxTime) {
+		atime = unixMinTime
+	}
+
+	if mtime.Before(unixMinTime) || mtime.After(unixMaxTime) {
+		mtime = unixMinTime
+	}
+
+	if err := os.Chtimes(name, atime, mtime); err != nil {
+		return err
+	}
+
+	// Take platform specific action for setting create time.
+	if err := setCTime(name, mtime); err != nil {
+		return err
+	}
+
+	return nil
+}
diff --git a/pkg/system/chtimes_test.go b/pkg/system/chtimes_test.go
new file mode 100644
index 00000000..5c87df32
--- /dev/null
+++ b/pkg/system/chtimes_test.go
@@ -0,0 +1,94 @@
+package system
+
+import (
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"testing"
+	"time"
+)
+
+// prepareTempFile creates a temporary file in a temporary directory.
+func prepareTempFile(t *testing.T) (string, string) {
+	dir, err := ioutil.TempDir("", "docker-system-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	file := filepath.Join(dir, "exist")
+	if err := ioutil.WriteFile(file, []byte("hello"), 0644); err != nil {
+		t.Fatal(err)
+	}
+	return file, dir
+}
+
+// TestChtimes tests Chtimes on a tempfile. Test only mTime, because aTime is OS dependent
+func TestChtimes(t *testing.T) {
+	file, dir := prepareTempFile(t)
+	defer os.RemoveAll(dir)
+
+	beforeUnixEpochTime := time.Unix(0, 0).Add(-100 * time.Second)
+	unixEpochTime := time.Unix(0, 0)
+	afterUnixEpochTime := time.Unix(100, 0)
+	unixMaxTime := maxTime
+
+	// Test both aTime and mTime set to Unix Epoch
+	Chtimes(file, unixEpochTime, unixEpochTime)
+
+	f, err := os.Stat(file)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if f.ModTime() != unixEpochTime {
+		t.Fatalf("Expected: %s, got: %s", unixEpochTime, f.ModTime())
+	}
+
+	// Test aTime before Unix Epoch and mTime set to Unix Epoch
+	Chtimes(file, beforeUnixEpochTime, unixEpochTime)
+
+	f, err = os.Stat(file)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if f.ModTime() != unixEpochTime {
+		t.Fatalf("Expected: %s, got: %s", unixEpochTime, f.ModTime())
+	}
+
+	// Test aTime set to Unix Epoch and mTime before Unix Epoch
+	Chtimes(file, unixEpochTime, beforeUnixEpochTime)
+
+	f, err = os.Stat(file)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if f.ModTime() != unixEpochTime {
+		t.Fatalf("Expected: %s, got: %s", unixEpochTime, f.ModTime())
+	}
+
+	// Test both aTime and mTime set to after Unix Epoch (valid time)
+	Chtimes(file, afterUnixEpochTime, afterUnixEpochTime)
+
+	f, err = os.Stat(file)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if f.ModTime() != afterUnixEpochTime {
+		t.Fatalf("Expected: %s, got: %s", afterUnixEpochTime, f.ModTime())
+	}
+
+	// Test both aTime and mTime set to Unix max time
+	Chtimes(file, unixMaxTime, unixMaxTime)
+
+	f, err = os.Stat(file)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if f.ModTime().Truncate(time.Second) != unixMaxTime.Truncate(time.Second) {
+		t.Fatalf("Expected: %s, got: %s", unixMaxTime.Truncate(time.Second), f.ModTime().Truncate(time.Second))
+	}
+}
diff --git a/pkg/system/chtimes_unix.go b/pkg/system/chtimes_unix.go
new file mode 100644
index 00000000..09d58bcb
--- /dev/null
+++ b/pkg/system/chtimes_unix.go
@@ -0,0 +1,14 @@
+// +build !windows
+
+package system
+
+import (
+	"time"
+)
+
+//setCTime will set the create time on a file. On Unix, the create
+//time is updated as a side effect of setting the modified time, so
+//no action is required.
+func setCTime(path string, ctime time.Time) error {
+	return nil
+}
diff --git a/pkg/system/chtimes_unix_test.go b/pkg/system/chtimes_unix_test.go
new file mode 100644
index 00000000..0aafe1d8
--- /dev/null
+++ b/pkg/system/chtimes_unix_test.go
@@ -0,0 +1,91 @@
+// +build !windows
+
+package system
+
+import (
+	"os"
+	"syscall"
+	"testing"
+	"time"
+)
+
+// TestChtimes tests Chtimes access time on a tempfile on Linux
+func TestChtimesLinux(t *testing.T) {
+	file, dir := prepareTempFile(t)
+	defer os.RemoveAll(dir)
+
+	beforeUnixEpochTime := time.Unix(0, 0).Add(-100 * time.Second)
+	unixEpochTime := time.Unix(0, 0)
+	afterUnixEpochTime := time.Unix(100, 0)
+	unixMaxTime := maxTime
+
+	// Test both aTime and mTime set to Unix Epoch
+	Chtimes(file, unixEpochTime, unixEpochTime)
+
+	f, err := os.Stat(file)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	stat := f.Sys().(*syscall.Stat_t)
+	aTime := time.Unix(int64(stat.Atim.Sec), int64(stat.Atim.Nsec))
+	if aTime != unixEpochTime {
+		t.Fatalf("Expected: %s, got: %s", unixEpochTime, aTime)
+	}
+
+	// Test aTime before Unix Epoch and mTime set to Unix Epoch
+	Chtimes(file, beforeUnixEpochTime, unixEpochTime)
+
+	f, err = os.Stat(file)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	stat = f.Sys().(*syscall.Stat_t)
+	aTime = time.Unix(int64(stat.Atim.Sec), int64(stat.Atim.Nsec))
+	if aTime != unixEpochTime {
+		t.Fatalf("Expected: %s, got: %s", unixEpochTime, aTime)
+	}
+
+	// Test aTime set to Unix Epoch and mTime before Unix Epoch
+	Chtimes(file, unixEpochTime, beforeUnixEpochTime)
+
+	f, err = os.Stat(file)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	stat = f.Sys().(*syscall.Stat_t)
+	aTime = time.Unix(int64(stat.Atim.Sec), int64(stat.Atim.Nsec))
+	if aTime != unixEpochTime {
+		t.Fatalf("Expected: %s, got: %s", unixEpochTime, aTime)
+	}
+
+	// Test both aTime and mTime set to after Unix Epoch (valid time)
+	Chtimes(file, afterUnixEpochTime, afterUnixEpochTime)
+
+	f, err = os.Stat(file)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	stat = f.Sys().(*syscall.Stat_t)
+	aTime = time.Unix(int64(stat.Atim.Sec), int64(stat.Atim.Nsec))
+	if aTime != afterUnixEpochTime {
+		t.Fatalf("Expected: %s, got: %s", afterUnixEpochTime, aTime)
+	}
+
+	// Test both aTime and mTime set to Unix max time
+	Chtimes(file, unixMaxTime, unixMaxTime)
+
+	f, err = os.Stat(file)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	stat = f.Sys().(*syscall.Stat_t)
+	aTime = time.Unix(int64(stat.Atim.Sec), int64(stat.Atim.Nsec))
+	if aTime.Truncate(time.Second) != unixMaxTime.Truncate(time.Second) {
+		t.Fatalf("Expected: %s, got: %s", unixMaxTime.Truncate(time.Second), aTime.Truncate(time.Second))
+	}
+}
diff --git a/pkg/system/chtimes_windows.go b/pkg/system/chtimes_windows.go
new file mode 100644
index 00000000..29458684
--- /dev/null
+++ b/pkg/system/chtimes_windows.go
@@ -0,0 +1,27 @@
+// +build windows
+
+package system
+
+import (
+	"syscall"
+	"time"
+)
+
+//setCTime will set the create time on a file. On Windows, this requires
+//calling SetFileTime and explicitly including the create time.
+func setCTime(path string, ctime time.Time) error {
+	ctimespec := syscall.NsecToTimespec(ctime.UnixNano())
+	pathp, e := syscall.UTF16PtrFromString(path)
+	if e != nil {
+		return e
+	}
+	h, e := syscall.CreateFile(pathp,
+		syscall.FILE_WRITE_ATTRIBUTES, syscall.FILE_SHARE_WRITE, nil,
+		syscall.OPEN_EXISTING, syscall.FILE_FLAG_BACKUP_SEMANTICS, 0)
+	if e != nil {
+		return e
+	}
+	defer syscall.Close(h)
+	c := syscall.NsecToFiletime(syscall.TimespecToNsec(ctimespec))
+	return syscall.SetFileTime(h, &c, nil, nil)
+}
diff --git a/pkg/system/chtimes_windows_test.go b/pkg/system/chtimes_windows_test.go
new file mode 100644
index 00000000..be57558e
--- /dev/null
+++ b/pkg/system/chtimes_windows_test.go
@@ -0,0 +1,86 @@
+// +build windows
+
+package system
+
+import (
+	"os"
+	"syscall"
+	"testing"
+	"time"
+)
+
+// TestChtimes tests Chtimes access time on a tempfile on Windows
+func TestChtimesWindows(t *testing.T) {
+	file, dir := prepareTempFile(t)
+	defer os.RemoveAll(dir)
+
+	beforeUnixEpochTime := time.Unix(0, 0).Add(-100 * time.Second)
+	unixEpochTime := time.Unix(0, 0)
+	afterUnixEpochTime := time.Unix(100, 0)
+	unixMaxTime := maxTime
+
+	// Test both aTime and mTime set to Unix Epoch
+	Chtimes(file, unixEpochTime, unixEpochTime)
+
+	f, err := os.Stat(file)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	aTime := time.Unix(0, f.Sys().(*syscall.Win32FileAttributeData).LastAccessTime.Nanoseconds())
+	if aTime != unixEpochTime {
+		t.Fatalf("Expected: %s, got: %s", unixEpochTime, aTime)
+	}
+
+	// Test aTime before Unix Epoch and mTime set to Unix Epoch
+	Chtimes(file, beforeUnixEpochTime, unixEpochTime)
+
+	f, err = os.Stat(file)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	aTime = time.Unix(0, f.Sys().(*syscall.Win32FileAttributeData).LastAccessTime.Nanoseconds())
+	if aTime != unixEpochTime {
+		t.Fatalf("Expected: %s, got: %s", unixEpochTime, aTime)
+	}
+
+	// Test aTime set to Unix Epoch and mTime before Unix Epoch
+	Chtimes(file, unixEpochTime, beforeUnixEpochTime)
+
+	f, err = os.Stat(file)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	aTime = time.Unix(0, f.Sys().(*syscall.Win32FileAttributeData).LastAccessTime.Nanoseconds())
+	if aTime != unixEpochTime {
+		t.Fatalf("Expected: %s, got: %s", unixEpochTime, aTime)
+	}
+
+	// Test both aTime and mTime set to after Unix Epoch (valid time)
+	Chtimes(file, afterUnixEpochTime, afterUnixEpochTime)
+
+	f, err = os.Stat(file)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	aTime = time.Unix(0, f.Sys().(*syscall.Win32FileAttributeData).LastAccessTime.Nanoseconds())
+	if aTime != afterUnixEpochTime {
+		t.Fatalf("Expected: %s, got: %s", afterUnixEpochTime, aTime)
+	}
+
+	// Test both aTime and mTime set to Unix max time
+	Chtimes(file, unixMaxTime, unixMaxTime)
+
+	f, err = os.Stat(file)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	aTime = time.Unix(0, f.Sys().(*syscall.Win32FileAttributeData).LastAccessTime.Nanoseconds())
+	if aTime.Truncate(time.Second) != unixMaxTime.Truncate(time.Second) {
+		t.Fatalf("Expected: %s, got: %s", unixMaxTime.Truncate(time.Second), aTime.Truncate(time.Second))
+	}
+}
diff --git a/pkg/system/errors.go b/pkg/system/errors.go
new file mode 100644
index 00000000..28831898
--- /dev/null
+++ b/pkg/system/errors.go
@@ -0,0 +1,10 @@
+package system
+
+import (
+	"errors"
+)
+
+var (
+	// ErrNotSupportedPlatform means the platform is not supported.
+	ErrNotSupportedPlatform = errors.New("platform and architecture is not supported")
+)
diff --git a/pkg/system/events_windows.go b/pkg/system/events_windows.go
new file mode 100644
index 00000000..04e2de78
--- /dev/null
+++ b/pkg/system/events_windows.go
@@ -0,0 +1,83 @@
+package system
+
+// This file implements syscalls for Win32 events which are not implemented
+// in golang.
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+var (
+	procCreateEvent = modkernel32.NewProc("CreateEventW")
+	procOpenEvent   = modkernel32.NewProc("OpenEventW")
+	procSetEvent    = modkernel32.NewProc("SetEvent")
+	procResetEvent  = modkernel32.NewProc("ResetEvent")
+	procPulseEvent  = modkernel32.NewProc("PulseEvent")
+)
+
+// CreateEvent implements win32 CreateEventW func in golang. It will create an event object.
+func CreateEvent(eventAttributes *syscall.SecurityAttributes, manualReset bool, initialState bool, name string) (handle syscall.Handle, err error) {
+	namep, _ := syscall.UTF16PtrFromString(name)
+	var _p1 uint32
+	if manualReset {
+		_p1 = 1
+	}
+	var _p2 uint32
+	if initialState {
+		_p2 = 1
+	}
+	r0, _, e1 := procCreateEvent.Call(uintptr(unsafe.Pointer(eventAttributes)), uintptr(_p1), uintptr(_p2), uintptr(unsafe.Pointer(namep)))
+	use(unsafe.Pointer(namep))
+	handle = syscall.Handle(r0)
+	if handle == syscall.InvalidHandle {
+		err = e1
+	}
+	return
+}
+
+// OpenEvent implements win32 OpenEventW func in golang. It opens an event object.
+func OpenEvent(desiredAccess uint32, inheritHandle bool, name string) (handle syscall.Handle, err error) {
+	namep, _ := syscall.UTF16PtrFromString(name)
+	var _p1 uint32
+	if inheritHandle {
+		_p1 = 1
+	}
+	r0, _, e1 := procOpenEvent.Call(uintptr(desiredAccess), uintptr(_p1), uintptr(unsafe.Pointer(namep)))
+	use(unsafe.Pointer(namep))
+	handle = syscall.Handle(r0)
+	if handle == syscall.InvalidHandle {
+		err = e1
+	}
+	return
+}
+
+// SetEvent implements win32 SetEvent func in golang.
+func SetEvent(handle syscall.Handle) (err error) {
+	return setResetPulse(handle, procSetEvent)
+}
+
+// ResetEvent implements win32 ResetEvent func in golang.
+func ResetEvent(handle syscall.Handle) (err error) {
+	return setResetPulse(handle, procResetEvent)
+}
+
+// PulseEvent implements win32 PulseEvent func in golang.
+func PulseEvent(handle syscall.Handle) (err error) {
+	return setResetPulse(handle, procPulseEvent)
+}
+
+func setResetPulse(handle syscall.Handle, proc *syscall.LazyProc) (err error) {
+	r0, _, _ := proc.Call(uintptr(handle))
+	if r0 != 0 {
+		err = syscall.Errno(r0)
+	}
+	return
+}
+
+var temp unsafe.Pointer
+
+// use ensures a variable is kept alive without the GC freeing while still needed
+func use(p unsafe.Pointer) {
+	temp = p
+}
diff --git a/pkg/system/filesys.go b/pkg/system/filesys.go
new file mode 100644
index 00000000..c14feb84
--- /dev/null
+++ b/pkg/system/filesys.go
@@ -0,0 +1,19 @@
+// +build !windows
+
+package system
+
+import (
+	"os"
+	"path/filepath"
+)
+
+// MkdirAll creates a directory named path along with any necessary parents,
+// with permission specified by attribute perm for all dir created.
+func MkdirAll(path string, perm os.FileMode) error {
+	return os.MkdirAll(path, perm)
+}
+
+// IsAbs is a platform-specific wrapper for filepath.IsAbs.
+func IsAbs(path string) bool {
+	return filepath.IsAbs(path)
+}
diff --git a/pkg/system/filesys_windows.go b/pkg/system/filesys_windows.go
new file mode 100644
index 00000000..16823d55
--- /dev/null
+++ b/pkg/system/filesys_windows.go
@@ -0,0 +1,82 @@
+// +build windows
+
+package system
+
+import (
+	"os"
+	"path/filepath"
+	"regexp"
+	"strings"
+	"syscall"
+)
+
+// MkdirAll implementation that is volume path aware for Windows.
+func MkdirAll(path string, perm os.FileMode) error {
+	if re := regexp.MustCompile(`^\\\\\?\\Volume{[a-z0-9-]+}$`); re.MatchString(path) {
+		return nil
+	}
+
+	// The rest of this method is copied from os.MkdirAll and should be kept
+	// as-is to ensure compatibility.
+
+	// Fast path: if we can tell whether path is a directory or file, stop with success or error.
+	dir, err := os.Stat(path)
+	if err == nil {
+		if dir.IsDir() {
+			return nil
+		}
+		return &os.PathError{
+			Op:   "mkdir",
+			Path: path,
+			Err:  syscall.ENOTDIR,
+		}
+	}
+
+	// Slow path: make sure parent exists and then call Mkdir for path.
+	i := len(path)
+	for i > 0 && os.IsPathSeparator(path[i-1]) { // Skip trailing path separator.
+		i--
+	}
+
+	j := i
+	for j > 0 && !os.IsPathSeparator(path[j-1]) { // Scan backward over element.
+		j--
+	}
+
+	if j > 1 {
+		// Create parent
+		err = MkdirAll(path[0:j-1], perm)
+		if err != nil {
+			return err
+		}
+	}
+
+	// Parent now exists; invoke Mkdir and use its result.
+	err = os.Mkdir(path, perm)
+	if err != nil {
+		// Handle arguments like "foo/." by
+		// double-checking that directory doesn't exist.
+		dir, err1 := os.Lstat(path)
+		if err1 == nil && dir.IsDir() {
+			return nil
+		}
+		return err
+	}
+	return nil
+}
+
+// IsAbs is a platform-specific wrapper for filepath.IsAbs. On Windows,
+// golang filepath.IsAbs does not consider a path \windows\system32 as absolute
+// as it doesn't start with a drive-letter/colon combination. However, in
+// docker we need to verify things such as WORKDIR /windows/system32 in
+// a Dockerfile (which gets translated to \windows\system32 when being processed
+// by the daemon. This SHOULD be treated as absolute from a docker processing
+// perspective.
+func IsAbs(path string) bool {
+	if !filepath.IsAbs(path) {
+		if !strings.HasPrefix(path, string(os.PathSeparator)) {
+			return false
+		}
+	}
+	return true
+}
diff --git a/pkg/system/lstat.go b/pkg/system/lstat.go
new file mode 100644
index 00000000..bd23c4d5
--- /dev/null
+++ b/pkg/system/lstat.go
@@ -0,0 +1,19 @@
+// +build !windows
+
+package system
+
+import (
+	"syscall"
+)
+
+// Lstat takes a path to a file and returns
+// a system.StatT type pertaining to that file.
+//
+// Throws an error if the file does not exist
+func Lstat(path string) (*StatT, error) {
+	s := &syscall.Stat_t{}
+	if err := syscall.Lstat(path, s); err != nil {
+		return nil, err
+	}
+	return fromStatT(s)
+}
diff --git a/pkg/system/lstat_unix_test.go b/pkg/system/lstat_unix_test.go
new file mode 100644
index 00000000..062cf53b
--- /dev/null
+++ b/pkg/system/lstat_unix_test.go
@@ -0,0 +1,30 @@
+// +build linux freebsd
+
+package system
+
+import (
+	"os"
+	"testing"
+)
+
+// TestLstat tests Lstat for existing and non existing files
+func TestLstat(t *testing.T) {
+	file, invalid, _, dir := prepareFiles(t)
+	defer os.RemoveAll(dir)
+
+	statFile, err := Lstat(file)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if statFile == nil {
+		t.Fatal("returned empty stat for existing file")
+	}
+
+	statInvalid, err := Lstat(invalid)
+	if err == nil {
+		t.Fatal("did not return error for non-existing file")
+	}
+	if statInvalid != nil {
+		t.Fatal("returned non-nil stat for non-existing file")
+	}
+}
diff --git a/pkg/system/lstat_windows.go b/pkg/system/lstat_windows.go
new file mode 100644
index 00000000..49e87eb4
--- /dev/null
+++ b/pkg/system/lstat_windows.go
@@ -0,0 +1,25 @@
+// +build windows
+
+package system
+
+import (
+	"os"
+)
+
+// Lstat calls os.Lstat to get a fileinfo interface back.
+// This is then copied into our own locally defined structure.
+// Note the Linux version uses fromStatT to do the copy back,
+// but that not strictly necessary when already in an OS specific module.
+func Lstat(path string) (*StatT, error) {
+	fi, err := os.Lstat(path)
+	if err != nil {
+		return nil, err
+	}
+
+	return &StatT{
+		name:    fi.Name(),
+		size:    fi.Size(),
+		mode:    fi.Mode(),
+		modTime: fi.ModTime(),
+		isDir:   fi.IsDir()}, nil
+}
diff --git a/pkg/system/meminfo.go b/pkg/system/meminfo.go
new file mode 100644
index 00000000..3b6e947e
--- /dev/null
+++ b/pkg/system/meminfo.go
@@ -0,0 +1,17 @@
+package system
+
+// MemInfo contains memory statistics of the host system.
+type MemInfo struct {
+	// Total usable RAM (i.e. physical RAM minus a few reserved bits and the
+	// kernel binary code).
+	MemTotal int64
+
+	// Amount of free memory.
+	MemFree int64
+
+	// Total amount of swap space available.
+	SwapTotal int64
+
+	// Amount of swap space that is currently unused.
+	SwapFree int64
+}
diff --git a/pkg/system/meminfo_linux.go b/pkg/system/meminfo_linux.go
new file mode 100644
index 00000000..385f1d5e
--- /dev/null
+++ b/pkg/system/meminfo_linux.go
@@ -0,0 +1,65 @@
+package system
+
+import (
+	"bufio"
+	"io"
+	"os"
+	"strconv"
+	"strings"
+
+	"github.com/docker/go-units"
+)
+
+// ReadMemInfo retrieves memory statistics of the host system and returns a
+// MemInfo type.
+func ReadMemInfo() (*MemInfo, error) {
+	file, err := os.Open("/proc/meminfo")
+	if err != nil {
+		return nil, err
+	}
+	defer file.Close()
+	return parseMemInfo(file)
+}
+
+// parseMemInfo parses the /proc/meminfo file into
+// a MemInfo object given an io.Reader to the file.
+// Throws error if there are problems reading from the file
+func parseMemInfo(reader io.Reader) (*MemInfo, error) {
+	meminfo := &MemInfo{}
+	scanner := bufio.NewScanner(reader)
+	for scanner.Scan() {
+		// Expected format: ["MemTotal:", "1234", "kB"]
+		parts := strings.Fields(scanner.Text())
+
+		// Sanity checks: Skip malformed entries.
+		if len(parts) < 3 || parts[2] != "kB" {
+			continue
+		}
+
+		// Convert to bytes.
+		size, err := strconv.Atoi(parts[1])
+		if err != nil {
+			continue
+		}
+		bytes := int64(size) * units.KiB
+
+		switch parts[0] {
+		case "MemTotal:":
+			meminfo.MemTotal = bytes
+		case "MemFree:":
+			meminfo.MemFree = bytes
+		case "SwapTotal:":
+			meminfo.SwapTotal = bytes
+		case "SwapFree:":
+			meminfo.SwapFree = bytes
+		}
+
+	}
+
+	// Handle errors that may have occurred during the reading of the file.
+	if err := scanner.Err(); err != nil {
+		return nil, err
+	}
+
+	return meminfo, nil
+}
diff --git a/pkg/system/meminfo_unix_test.go b/pkg/system/meminfo_unix_test.go
new file mode 100644
index 00000000..44f55628
--- /dev/null
+++ b/pkg/system/meminfo_unix_test.go
@@ -0,0 +1,40 @@
+// +build linux freebsd
+
+package system
+
+import (
+	"strings"
+	"testing"
+
+	"github.com/docker/go-units"
+)
+
+// TestMemInfo tests parseMemInfo with a static meminfo string
+func TestMemInfo(t *testing.T) {
+	const input = `
+	MemTotal:      1 kB
+	MemFree:       2 kB
+	SwapTotal:     3 kB
+	SwapFree:      4 kB
+	Malformed1:
+	Malformed2:    1
+	Malformed3:    2 MB
+	Malformed4:    X kB
+	`
+	meminfo, err := parseMemInfo(strings.NewReader(input))
+	if err != nil {
+		t.Fatal(err)
+	}
+	if meminfo.MemTotal != 1*units.KiB {
+		t.Fatalf("Unexpected MemTotal: %d", meminfo.MemTotal)
+	}
+	if meminfo.MemFree != 2*units.KiB {
+		t.Fatalf("Unexpected MemFree: %d", meminfo.MemFree)
+	}
+	if meminfo.SwapTotal != 3*units.KiB {
+		t.Fatalf("Unexpected SwapTotal: %d", meminfo.SwapTotal)
+	}
+	if meminfo.SwapFree != 4*units.KiB {
+		t.Fatalf("Unexpected SwapFree: %d", meminfo.SwapFree)
+	}
+}
diff --git a/pkg/system/meminfo_unsupported.go b/pkg/system/meminfo_unsupported.go
new file mode 100644
index 00000000..82ddd30c
--- /dev/null
+++ b/pkg/system/meminfo_unsupported.go
@@ -0,0 +1,8 @@
+// +build !linux,!windows
+
+package system
+
+// ReadMemInfo is not supported on platforms other than linux and windows.
+func ReadMemInfo() (*MemInfo, error) {
+	return nil, ErrNotSupportedPlatform
+}
diff --git a/pkg/system/meminfo_windows.go b/pkg/system/meminfo_windows.go
new file mode 100644
index 00000000..d4664259
--- /dev/null
+++ b/pkg/system/meminfo_windows.go
@@ -0,0 +1,44 @@
+package system
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+var (
+	modkernel32 = syscall.NewLazyDLL("kernel32.dll")
+
+	procGlobalMemoryStatusEx = modkernel32.NewProc("GlobalMemoryStatusEx")
+)
+
+// https://msdn.microsoft.com/en-us/library/windows/desktop/aa366589(v=vs.85).aspx
+// https://msdn.microsoft.com/en-us/library/windows/desktop/aa366770(v=vs.85).aspx
+type memorystatusex struct {
+	dwLength                uint32
+	dwMemoryLoad            uint32
+	ullTotalPhys            uint64
+	ullAvailPhys            uint64
+	ullTotalPageFile        uint64
+	ullAvailPageFile        uint64
+	ullTotalVirtual         uint64
+	ullAvailVirtual         uint64
+	ullAvailExtendedVirtual uint64
+}
+
+// ReadMemInfo retrieves memory statistics of the host system and returns a
+//  MemInfo type.
+func ReadMemInfo() (*MemInfo, error) {
+	msi := &memorystatusex{
+		dwLength: 64,
+	}
+	r1, _, _ := procGlobalMemoryStatusEx.Call(uintptr(unsafe.Pointer(msi)))
+	if r1 == 0 {
+		return &MemInfo{}, nil
+	}
+	return &MemInfo{
+		MemTotal:  int64(msi.ullTotalPhys),
+		MemFree:   int64(msi.ullAvailPhys),
+		SwapTotal: int64(msi.ullTotalPageFile),
+		SwapFree:  int64(msi.ullAvailPageFile),
+	}, nil
+}
diff --git a/pkg/system/mknod.go b/pkg/system/mknod.go
new file mode 100644
index 00000000..73958182
--- /dev/null
+++ b/pkg/system/mknod.go
@@ -0,0 +1,22 @@
+// +build !windows
+
+package system
+
+import (
+	"syscall"
+)
+
+// Mknod creates a filesystem node (file, device special file or named pipe) named path
+// with attributes specified by mode and dev.
+func Mknod(path string, mode uint32, dev int) error {
+	return syscall.Mknod(path, mode, dev)
+}
+
+// Mkdev is used to build the value of linux devices (in /dev/) which specifies major
+// and minor number of the newly created device special file.
+// Linux device nodes are a bit weird due to backwards compat with 16 bit device nodes.
+// They are, from low to high: the lower 8 bits of the minor, then 12 bits of the major,
+// then the top 12 bits of the minor.
+func Mkdev(major int64, minor int64) uint32 {
+	return uint32(((minor & 0xfff00) << 12) | ((major & 0xfff) << 8) | (minor & 0xff))
+}
diff --git a/pkg/system/mknod_windows.go b/pkg/system/mknod_windows.go
new file mode 100644
index 00000000..2e863c02
--- /dev/null
+++ b/pkg/system/mknod_windows.go
@@ -0,0 +1,13 @@
+// +build windows
+
+package system
+
+// Mknod is not implemented on Windows.
+func Mknod(path string, mode uint32, dev int) error {
+	return ErrNotSupportedPlatform
+}
+
+// Mkdev is not implemented on Windows.
+func Mkdev(major int64, minor int64) uint32 {
+	panic("Mkdev not implemented on Windows.")
+}
diff --git a/pkg/system/path_unix.go b/pkg/system/path_unix.go
new file mode 100644
index 00000000..1b6cc9cb
--- /dev/null
+++ b/pkg/system/path_unix.go
@@ -0,0 +1,8 @@
+// +build !windows
+
+package system
+
+// DefaultPathEnv is unix style list of directories to search for
+// executables. Each directory is separated from the next by a colon
+// ':' character .
+const DefaultPathEnv = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
diff --git a/pkg/system/path_windows.go b/pkg/system/path_windows.go
new file mode 100644
index 00000000..09e7f89f
--- /dev/null
+++ b/pkg/system/path_windows.go
@@ -0,0 +1,7 @@
+// +build windows
+
+package system
+
+// DefaultPathEnv is deliberately empty on Windows as the default path will be set by
+// the container. Docker has no context of what the default path should be.
+const DefaultPathEnv = ""
diff --git a/pkg/system/stat.go b/pkg/system/stat.go
new file mode 100644
index 00000000..087034c5
--- /dev/null
+++ b/pkg/system/stat.go
@@ -0,0 +1,53 @@
+// +build !windows
+
+package system
+
+import (
+	"syscall"
+)
+
+// StatT type contains status of a file. It contains metadata
+// like permission, owner, group, size, etc about a file.
+type StatT struct {
+	mode uint32
+	uid  uint32
+	gid  uint32
+	rdev uint64
+	size int64
+	mtim syscall.Timespec
+}
+
+// Mode returns file's permission mode.
+func (s StatT) Mode() uint32 {
+	return s.mode
+}
+
+// UID returns file's user id of owner.
+func (s StatT) UID() uint32 {
+	return s.uid
+}
+
+// GID returns file's group id of owner.
+func (s StatT) GID() uint32 {
+	return s.gid
+}
+
+// Rdev returns file's device ID (if it's special file).
+func (s StatT) Rdev() uint64 {
+	return s.rdev
+}
+
+// Size returns file's size.
+func (s StatT) Size() int64 {
+	return s.size
+}
+
+// Mtim returns file's last modification time.
+func (s StatT) Mtim() syscall.Timespec {
+	return s.mtim
+}
+
+// GetLastModification returns file's last modification time.
+func (s StatT) GetLastModification() syscall.Timespec {
+	return s.Mtim()
+}
diff --git a/pkg/system/stat_freebsd.go b/pkg/system/stat_freebsd.go
new file mode 100644
index 00000000..d0fb6f15
--- /dev/null
+++ b/pkg/system/stat_freebsd.go
@@ -0,0 +1,27 @@
+package system
+
+import (
+	"syscall"
+)
+
+// fromStatT converts a syscall.Stat_t type to a system.Stat_t type
+func fromStatT(s *syscall.Stat_t) (*StatT, error) {
+	return &StatT{size: s.Size,
+		mode: uint32(s.Mode),
+		uid:  s.Uid,
+		gid:  s.Gid,
+		rdev: uint64(s.Rdev),
+		mtim: s.Mtimespec}, nil
+}
+
+// Stat takes a path to a file and returns
+// a system.Stat_t type pertaining to that file.
+//
+// Throws an error if the file does not exist
+func Stat(path string) (*StatT, error) {
+	s := &syscall.Stat_t{}
+	if err := syscall.Stat(path, s); err != nil {
+		return nil, err
+	}
+	return fromStatT(s)
+}
diff --git a/pkg/system/stat_linux.go b/pkg/system/stat_linux.go
new file mode 100644
index 00000000..8b1eded1
--- /dev/null
+++ b/pkg/system/stat_linux.go
@@ -0,0 +1,33 @@
+package system
+
+import (
+	"syscall"
+)
+
+// fromStatT converts a syscall.Stat_t type to a system.Stat_t type
+func fromStatT(s *syscall.Stat_t) (*StatT, error) {
+	return &StatT{size: s.Size,
+		mode: s.Mode,
+		uid:  s.Uid,
+		gid:  s.Gid,
+		rdev: s.Rdev,
+		mtim: s.Mtim}, nil
+}
+
+// FromStatT exists only on linux, and loads a system.StatT from a
+// syscal.Stat_t.
+func FromStatT(s *syscall.Stat_t) (*StatT, error) {
+	return fromStatT(s)
+}
+
+// Stat takes a path to a file and returns
+// a system.StatT type pertaining to that file.
+//
+// Throws an error if the file does not exist
+func Stat(path string) (*StatT, error) {
+	s := &syscall.Stat_t{}
+	if err := syscall.Stat(path, s); err != nil {
+		return nil, err
+	}
+	return fromStatT(s)
+}
diff --git a/pkg/system/stat_openbsd.go b/pkg/system/stat_openbsd.go
new file mode 100644
index 00000000..3c3b71fb
--- /dev/null
+++ b/pkg/system/stat_openbsd.go
@@ -0,0 +1,15 @@
+package system
+
+import (
+	"syscall"
+)
+
+// fromStatT creates a system.StatT type from a syscall.Stat_t type
+func fromStatT(s *syscall.Stat_t) (*StatT, error) {
+	return &StatT{size: s.Size,
+		mode: uint32(s.Mode),
+		uid:  s.Uid,
+		gid:  s.Gid,
+		rdev: uint64(s.Rdev),
+		mtim: s.Mtim}, nil
+}
diff --git a/pkg/system/stat_solaris.go b/pkg/system/stat_solaris.go
new file mode 100644
index 00000000..b01d08ac
--- /dev/null
+++ b/pkg/system/stat_solaris.go
@@ -0,0 +1,17 @@
+// +build solaris
+
+package system
+
+import (
+	"syscall"
+)
+
+// fromStatT creates a system.StatT type from a syscall.Stat_t type
+func fromStatT(s *syscall.Stat_t) (*StatT, error) {
+	return &StatT{size: s.Size,
+		mode: uint32(s.Mode),
+		uid:  s.Uid,
+		gid:  s.Gid,
+		rdev: uint64(s.Rdev),
+		mtim: s.Mtim}, nil
+}
diff --git a/pkg/system/stat_unix_test.go b/pkg/system/stat_unix_test.go
new file mode 100644
index 00000000..dee8d30a
--- /dev/null
+++ b/pkg/system/stat_unix_test.go
@@ -0,0 +1,39 @@
+// +build linux freebsd
+
+package system
+
+import (
+	"os"
+	"syscall"
+	"testing"
+)
+
+// TestFromStatT tests fromStatT for a tempfile
+func TestFromStatT(t *testing.T) {
+	file, _, _, dir := prepareFiles(t)
+	defer os.RemoveAll(dir)
+
+	stat := &syscall.Stat_t{}
+	err := syscall.Lstat(file, stat)
+
+	s, err := fromStatT(stat)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if stat.Mode != s.Mode() {
+		t.Fatal("got invalid mode")
+	}
+	if stat.Uid != s.UID() {
+		t.Fatal("got invalid uid")
+	}
+	if stat.Gid != s.GID() {
+		t.Fatal("got invalid gid")
+	}
+	if stat.Rdev != s.Rdev() {
+		t.Fatal("got invalid rdev")
+	}
+	if stat.Mtim != s.Mtim() {
+		t.Fatal("got invalid mtim")
+	}
+}
diff --git a/pkg/system/stat_unsupported.go b/pkg/system/stat_unsupported.go
new file mode 100644
index 00000000..f53e9de4
--- /dev/null
+++ b/pkg/system/stat_unsupported.go
@@ -0,0 +1,17 @@
+// +build !linux,!windows,!freebsd,!solaris,!openbsd
+
+package system
+
+import (
+	"syscall"
+)
+
+// fromStatT creates a system.StatT type from a syscall.Stat_t type
+func fromStatT(s *syscall.Stat_t) (*StatT, error) {
+	return &StatT{size: s.Size,
+		mode: uint32(s.Mode),
+		uid:  s.Uid,
+		gid:  s.Gid,
+		rdev: uint64(s.Rdev),
+		mtim: s.Mtimespec}, nil
+}
diff --git a/pkg/system/stat_windows.go b/pkg/system/stat_windows.go
new file mode 100644
index 00000000..39490c62
--- /dev/null
+++ b/pkg/system/stat_windows.go
@@ -0,0 +1,43 @@
+// +build windows
+
+package system
+
+import (
+	"os"
+	"time"
+)
+
+// StatT type contains status of a file. It contains metadata
+// like name, permission, size, etc about a file.
+type StatT struct {
+	name    string
+	size    int64
+	mode    os.FileMode
+	modTime time.Time
+	isDir   bool
+}
+
+// Name returns file's name.
+func (s StatT) Name() string {
+	return s.name
+}
+
+// Size returns file's size.
+func (s StatT) Size() int64 {
+	return s.size
+}
+
+// Mode returns file's permission mode.
+func (s StatT) Mode() os.FileMode {
+	return s.mode
+}
+
+// ModTime returns file's last modification time.
+func (s StatT) ModTime() time.Time {
+	return s.modTime
+}
+
+// IsDir returns whether file is actually a directory.
+func (s StatT) IsDir() bool {
+	return s.isDir
+}
diff --git a/pkg/system/syscall_unix.go b/pkg/system/syscall_unix.go
new file mode 100644
index 00000000..3ae91284
--- /dev/null
+++ b/pkg/system/syscall_unix.go
@@ -0,0 +1,17 @@
+// +build linux freebsd
+
+package system
+
+import "syscall"
+
+// Unmount is a platform-specific helper function to call
+// the unmount syscall.
+func Unmount(dest string) error {
+	return syscall.Unmount(dest, 0)
+}
+
+// CommandLineToArgv should not be used on Unix.
+// It simply returns commandLine in the only element in the returned array.
+func CommandLineToArgv(commandLine string) ([]string, error) {
+	return []string{commandLine}, nil
+}
diff --git a/pkg/system/syscall_windows.go b/pkg/system/syscall_windows.go
new file mode 100644
index 00000000..061e220f
--- /dev/null
+++ b/pkg/system/syscall_windows.go
@@ -0,0 +1,60 @@
+package system
+
+import (
+	"fmt"
+	"syscall"
+	"unsafe"
+)
+
+// OSVersion is a wrapper for Windows version information
+// https://msdn.microsoft.com/en-us/library/windows/desktop/ms724439(v=vs.85).aspx
+type OSVersion struct {
+	Version      uint32
+	MajorVersion uint8
+	MinorVersion uint8
+	Build        uint16
+}
+
+// GetOSVersion gets the operating system version on Windows. Note that
+// docker.exe must be manifested to get the correct version information.
+func GetOSVersion() (OSVersion, error) {
+	var err error
+	osv := OSVersion{}
+	osv.Version, err = syscall.GetVersion()
+	if err != nil {
+		return osv, fmt.Errorf("Failed to call GetVersion()")
+	}
+	osv.MajorVersion = uint8(osv.Version & 0xFF)
+	osv.MinorVersion = uint8(osv.Version >> 8 & 0xFF)
+	osv.Build = uint16(osv.Version >> 16)
+	return osv, nil
+}
+
+// Unmount is a platform-specific helper function to call
+// the unmount syscall. Not supported on Windows
+func Unmount(dest string) error {
+	return nil
+}
+
+// CommandLineToArgv wraps the Windows syscall to turn a commandline into an argument array.
+func CommandLineToArgv(commandLine string) ([]string, error) {
+	var argc int32
+
+	argsPtr, err := syscall.UTF16PtrFromString(commandLine)
+	if err != nil {
+		return nil, err
+	}
+
+	argv, err := syscall.CommandLineToArgv(argsPtr, &argc)
+	if err != nil {
+		return nil, err
+	}
+	defer syscall.LocalFree(syscall.Handle(uintptr(unsafe.Pointer(argv))))
+
+	newArgs := make([]string, argc)
+	for i, v := range (*argv)[:argc] {
+		newArgs[i] = string(syscall.UTF16ToString((*v)[:]))
+	}
+
+	return newArgs, nil
+}
diff --git a/pkg/system/umask.go b/pkg/system/umask.go
new file mode 100644
index 00000000..c670fcd7
--- /dev/null
+++ b/pkg/system/umask.go
@@ -0,0 +1,13 @@
+// +build !windows
+
+package system
+
+import (
+	"syscall"
+)
+
+// Umask sets current process's file mode creation mask to newmask
+// and return oldmask.
+func Umask(newmask int) (oldmask int, err error) {
+	return syscall.Umask(newmask), nil
+}
diff --git a/pkg/system/umask_windows.go b/pkg/system/umask_windows.go
new file mode 100644
index 00000000..13f1de17
--- /dev/null
+++ b/pkg/system/umask_windows.go
@@ -0,0 +1,9 @@
+// +build windows
+
+package system
+
+// Umask is not supported on the windows platform.
+func Umask(newmask int) (oldmask int, err error) {
+	// should not be called on cli code path
+	return 0, ErrNotSupportedPlatform
+}
diff --git a/pkg/system/utimes_darwin.go b/pkg/system/utimes_darwin.go
new file mode 100644
index 00000000..0a161975
--- /dev/null
+++ b/pkg/system/utimes_darwin.go
@@ -0,0 +1,8 @@
+package system
+
+import "syscall"
+
+// LUtimesNano is not supported by darwin platform.
+func LUtimesNano(path string, ts []syscall.Timespec) error {
+	return ErrNotSupportedPlatform
+}
diff --git a/pkg/system/utimes_freebsd.go b/pkg/system/utimes_freebsd.go
new file mode 100644
index 00000000..e2eac3b5
--- /dev/null
+++ b/pkg/system/utimes_freebsd.go
@@ -0,0 +1,22 @@
+package system
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+// LUtimesNano is used to change access and modification time of the specified path.
+// It's used for symbol link file because syscall.UtimesNano doesn't support a NOFOLLOW flag atm.
+func LUtimesNano(path string, ts []syscall.Timespec) error {
+	var _path *byte
+	_path, err := syscall.BytePtrFromString(path)
+	if err != nil {
+		return err
+	}
+
+	if _, _, err := syscall.Syscall(syscall.SYS_LUTIMES, uintptr(unsafe.Pointer(_path)), uintptr(unsafe.Pointer(&ts[0])), 0); err != 0 && err != syscall.ENOSYS {
+		return err
+	}
+
+	return nil
+}
diff --git a/pkg/system/utimes_linux.go b/pkg/system/utimes_linux.go
new file mode 100644
index 00000000..fc8a1aba
--- /dev/null
+++ b/pkg/system/utimes_linux.go
@@ -0,0 +1,26 @@
+package system
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+// LUtimesNano is used to change access and modification time of the specified path.
+// It's used for symbol link file because syscall.UtimesNano doesn't support a NOFOLLOW flag atm.
+func LUtimesNano(path string, ts []syscall.Timespec) error {
+	// These are not currently available in syscall
+	atFdCwd := -100
+	atSymLinkNoFollow := 0x100
+
+	var _path *byte
+	_path, err := syscall.BytePtrFromString(path)
+	if err != nil {
+		return err
+	}
+
+	if _, _, err := syscall.Syscall6(syscall.SYS_UTIMENSAT, uintptr(atFdCwd), uintptr(unsafe.Pointer(_path)), uintptr(unsafe.Pointer(&ts[0])), uintptr(atSymLinkNoFollow), 0, 0); err != 0 && err != syscall.ENOSYS {
+		return err
+	}
+
+	return nil
+}
diff --git a/pkg/system/utimes_unix_test.go b/pkg/system/utimes_unix_test.go
new file mode 100644
index 00000000..1ee0d099
--- /dev/null
+++ b/pkg/system/utimes_unix_test.go
@@ -0,0 +1,68 @@
+// +build linux freebsd
+
+package system
+
+import (
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"syscall"
+	"testing"
+)
+
+// prepareFiles creates files for testing in the temp directory
+func prepareFiles(t *testing.T) (string, string, string, string) {
+	dir, err := ioutil.TempDir("", "docker-system-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	file := filepath.Join(dir, "exist")
+	if err := ioutil.WriteFile(file, []byte("hello"), 0644); err != nil {
+		t.Fatal(err)
+	}
+
+	invalid := filepath.Join(dir, "doesnt-exist")
+
+	symlink := filepath.Join(dir, "symlink")
+	if err := os.Symlink(file, symlink); err != nil {
+		t.Fatal(err)
+	}
+
+	return file, invalid, symlink, dir
+}
+
+func TestLUtimesNano(t *testing.T) {
+	file, invalid, symlink, dir := prepareFiles(t)
+	defer os.RemoveAll(dir)
+
+	before, err := os.Stat(file)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	ts := []syscall.Timespec{{0, 0}, {0, 0}}
+	if err := LUtimesNano(symlink, ts); err != nil {
+		t.Fatal(err)
+	}
+
+	symlinkInfo, err := os.Lstat(symlink)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if before.ModTime().Unix() == symlinkInfo.ModTime().Unix() {
+		t.Fatal("The modification time of the symlink should be different")
+	}
+
+	fileInfo, err := os.Stat(file)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if before.ModTime().Unix() != fileInfo.ModTime().Unix() {
+		t.Fatal("The modification time of the file should be same")
+	}
+
+	if err := LUtimesNano(invalid, ts); err == nil {
+		t.Fatal("Doesn't return an error on a non-existing file")
+	}
+}
diff --git a/pkg/system/utimes_unsupported.go b/pkg/system/utimes_unsupported.go
new file mode 100644
index 00000000..50c3a043
--- /dev/null
+++ b/pkg/system/utimes_unsupported.go
@@ -0,0 +1,10 @@
+// +build !linux,!freebsd,!darwin
+
+package system
+
+import "syscall"
+
+// LUtimesNano is not supported on platforms other than linux, freebsd and darwin.
+func LUtimesNano(path string, ts []syscall.Timespec) error {
+	return ErrNotSupportedPlatform
+}
diff --git a/pkg/system/xattrs_linux.go b/pkg/system/xattrs_linux.go
new file mode 100644
index 00000000..d2e2c057
--- /dev/null
+++ b/pkg/system/xattrs_linux.go
@@ -0,0 +1,63 @@
+package system
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+// Lgetxattr retrieves the value of the extended attribute identified by attr
+// and associated with the given path in the file system.
+// It will returns a nil slice and nil error if the xattr is not set.
+func Lgetxattr(path string, attr string) ([]byte, error) {
+	pathBytes, err := syscall.BytePtrFromString(path)
+	if err != nil {
+		return nil, err
+	}
+	attrBytes, err := syscall.BytePtrFromString(attr)
+	if err != nil {
+		return nil, err
+	}
+
+	dest := make([]byte, 128)
+	destBytes := unsafe.Pointer(&dest[0])
+	sz, _, errno := syscall.Syscall6(syscall.SYS_LGETXATTR, uintptr(unsafe.Pointer(pathBytes)), uintptr(unsafe.Pointer(attrBytes)), uintptr(destBytes), uintptr(len(dest)), 0, 0)
+	if errno == syscall.ENODATA {
+		return nil, nil
+	}
+	if errno == syscall.ERANGE {
+		dest = make([]byte, sz)
+		destBytes := unsafe.Pointer(&dest[0])
+		sz, _, errno = syscall.Syscall6(syscall.SYS_LGETXATTR, uintptr(unsafe.Pointer(pathBytes)), uintptr(unsafe.Pointer(attrBytes)), uintptr(destBytes), uintptr(len(dest)), 0, 0)
+	}
+	if errno != 0 {
+		return nil, errno
+	}
+
+	return dest[:sz], nil
+}
+
+var _zero uintptr
+
+// Lsetxattr sets the value of the extended attribute identified by attr
+// and associated with the given path in the file system.
+func Lsetxattr(path string, attr string, data []byte, flags int) error {
+	pathBytes, err := syscall.BytePtrFromString(path)
+	if err != nil {
+		return err
+	}
+	attrBytes, err := syscall.BytePtrFromString(attr)
+	if err != nil {
+		return err
+	}
+	var dataBytes unsafe.Pointer
+	if len(data) > 0 {
+		dataBytes = unsafe.Pointer(&data[0])
+	} else {
+		dataBytes = unsafe.Pointer(&_zero)
+	}
+	_, _, errno := syscall.Syscall6(syscall.SYS_LSETXATTR, uintptr(unsafe.Pointer(pathBytes)), uintptr(unsafe.Pointer(attrBytes)), uintptr(dataBytes), uintptr(len(data)), uintptr(flags), 0)
+	if errno != 0 {
+		return errno
+	}
+	return nil
+}
diff --git a/pkg/system/xattrs_unsupported.go b/pkg/system/xattrs_unsupported.go
new file mode 100644
index 00000000..0114f222
--- /dev/null
+++ b/pkg/system/xattrs_unsupported.go
@@ -0,0 +1,13 @@
+// +build !linux
+
+package system
+
+// Lgetxattr is not supported on platforms other than linux.
+func Lgetxattr(path string, attr string) ([]byte, error) {
+	return nil, ErrNotSupportedPlatform
+}
+
+// Lsetxattr is not supported on platforms other than linux.
+func Lsetxattr(path string, attr string, data []byte, flags int) error {
+	return ErrNotSupportedPlatform
+}
diff --git a/pkg/tailfile/tailfile.go b/pkg/tailfile/tailfile.go
new file mode 100644
index 00000000..d580584d
--- /dev/null
+++ b/pkg/tailfile/tailfile.go
@@ -0,0 +1,66 @@
+// Package tailfile provides helper functions to read the nth lines of any
+// ReadSeeker.
+package tailfile
+
+import (
+	"bytes"
+	"errors"
+	"io"
+	"os"
+)
+
+const blockSize = 1024
+
+var eol = []byte("\n")
+
+// ErrNonPositiveLinesNumber is an error returned if the lines number was negative.
+var ErrNonPositiveLinesNumber = errors.New("The number of lines to extract from the file must be positive")
+
+//TailFile returns last n lines of reader f (could be a fil).
+func TailFile(f io.ReadSeeker, n int) ([][]byte, error) {
+	if n <= 0 {
+		return nil, ErrNonPositiveLinesNumber
+	}
+	size, err := f.Seek(0, os.SEEK_END)
+	if err != nil {
+		return nil, err
+	}
+	block := -1
+	var data []byte
+	var cnt int
+	for {
+		var b []byte
+		step := int64(block * blockSize)
+		left := size + step // how many bytes to beginning
+		if left < 0 {
+			if _, err := f.Seek(0, os.SEEK_SET); err != nil {
+				return nil, err
+			}
+			b = make([]byte, blockSize+left)
+			if _, err := f.Read(b); err != nil {
+				return nil, err
+			}
+			data = append(b, data...)
+			break
+		} else {
+			b = make([]byte, blockSize)
+			if _, err := f.Seek(step, os.SEEK_END); err != nil {
+				return nil, err
+			}
+			if _, err := f.Read(b); err != nil {
+				return nil, err
+			}
+			data = append(b, data...)
+		}
+		cnt += bytes.Count(b, eol)
+		if cnt > n {
+			break
+		}
+		block--
+	}
+	lines := bytes.Split(data, eol)
+	if n < len(lines) {
+		return lines[len(lines)-n-1 : len(lines)-1], nil
+	}
+	return lines[:len(lines)-1], nil
+}
diff --git a/pkg/tailfile/tailfile_test.go b/pkg/tailfile/tailfile_test.go
new file mode 100644
index 00000000..31217c03
--- /dev/null
+++ b/pkg/tailfile/tailfile_test.go
@@ -0,0 +1,148 @@
+package tailfile
+
+import (
+	"io/ioutil"
+	"os"
+	"testing"
+)
+
+func TestTailFile(t *testing.T) {
+	f, err := ioutil.TempFile("", "tail-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer f.Close()
+	defer os.RemoveAll(f.Name())
+	testFile := []byte(`first line
+second line
+third line
+fourth line
+fifth line
+next first line
+next second line
+next third line
+next fourth line
+next fifth line
+last first line
+next first line
+next second line
+next third line
+next fourth line
+next fifth line
+next first line
+next second line
+next third line
+next fourth line
+next fifth line
+last second line
+last third line
+last fourth line
+last fifth line
+truncated line`)
+	if _, err := f.Write(testFile); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := f.Seek(0, os.SEEK_SET); err != nil {
+		t.Fatal(err)
+	}
+	expected := []string{"last fourth line", "last fifth line"}
+	res, err := TailFile(f, 2)
+	if err != nil {
+		t.Fatal(err)
+	}
+	for i, l := range res {
+		t.Logf("%s", l)
+		if expected[i] != string(l) {
+			t.Fatalf("Expected line %s, got %s", expected[i], l)
+		}
+	}
+}
+
+func TestTailFileManyLines(t *testing.T) {
+	f, err := ioutil.TempFile("", "tail-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer f.Close()
+	defer os.RemoveAll(f.Name())
+	testFile := []byte(`first line
+second line
+truncated line`)
+	if _, err := f.Write(testFile); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := f.Seek(0, os.SEEK_SET); err != nil {
+		t.Fatal(err)
+	}
+	expected := []string{"first line", "second line"}
+	res, err := TailFile(f, 10000)
+	if err != nil {
+		t.Fatal(err)
+	}
+	for i, l := range res {
+		t.Logf("%s", l)
+		if expected[i] != string(l) {
+			t.Fatalf("Expected line %s, got %s", expected[i], l)
+		}
+	}
+}
+
+func TestTailEmptyFile(t *testing.T) {
+	f, err := ioutil.TempFile("", "tail-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer f.Close()
+	defer os.RemoveAll(f.Name())
+	res, err := TailFile(f, 10000)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(res) != 0 {
+		t.Fatal("Must be empty slice from empty file")
+	}
+}
+
+func TestTailNegativeN(t *testing.T) {
+	f, err := ioutil.TempFile("", "tail-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer f.Close()
+	defer os.RemoveAll(f.Name())
+	testFile := []byte(`first line
+second line
+truncated line`)
+	if _, err := f.Write(testFile); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := f.Seek(0, os.SEEK_SET); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := TailFile(f, -1); err != ErrNonPositiveLinesNumber {
+		t.Fatalf("Expected ErrNonPositiveLinesNumber, got %s", err)
+	}
+	if _, err := TailFile(f, 0); err != ErrNonPositiveLinesNumber {
+		t.Fatalf("Expected ErrNonPositiveLinesNumber, got %s", err)
+	}
+}
+
+func BenchmarkTail(b *testing.B) {
+	f, err := ioutil.TempFile("", "tail-test")
+	if err != nil {
+		b.Fatal(err)
+	}
+	defer f.Close()
+	defer os.RemoveAll(f.Name())
+	for i := 0; i < 10000; i++ {
+		if _, err := f.Write([]byte("tailfile pretty interesting line\n")); err != nil {
+			b.Fatal(err)
+		}
+	}
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		if _, err := TailFile(f, 1000); err != nil {
+			b.Fatal(err)
+		}
+	}
+}
diff --git a/pkg/tarsum/builder_context.go b/pkg/tarsum/builder_context.go
new file mode 100644
index 00000000..b42983e9
--- /dev/null
+++ b/pkg/tarsum/builder_context.go
@@ -0,0 +1,21 @@
+package tarsum
+
+// BuilderContext is an interface extending TarSum by adding the Remove method.
+// In general there was concern about adding this method to TarSum itself
+// so instead it is being added just to "BuilderContext" which will then
+// only be used during the .dockerignore file processing
+// - see builder/evaluator.go
+type BuilderContext interface {
+	TarSum
+	Remove(string)
+}
+
+func (bc *tarSum) Remove(filename string) {
+	for i, fis := range bc.sums {
+		if fis.Name() == filename {
+			bc.sums = append(bc.sums[:i], bc.sums[i+1:]...)
+			// Note, we don't just return because there could be
+			// more than one with this name
+		}
+	}
+}
diff --git a/pkg/tarsum/builder_context_test.go b/pkg/tarsum/builder_context_test.go
new file mode 100644
index 00000000..719f7289
--- /dev/null
+++ b/pkg/tarsum/builder_context_test.go
@@ -0,0 +1,63 @@
+package tarsum
+
+import (
+	"io"
+	"io/ioutil"
+	"os"
+	"testing"
+)
+
+// Try to remove tarsum (in the BuilderContext) that do not exists, won't change a thing
+func TestTarSumRemoveNonExistent(t *testing.T) {
+	filename := "testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/layer.tar"
+	reader, err := os.Open(filename)
+	if err != nil {
+		t.Fatal(err)
+	}
+	ts, err := NewTarSum(reader, false, Version0)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Read and discard bytes so that it populates sums
+	_, err = io.Copy(ioutil.Discard, ts)
+	if err != nil {
+		t.Errorf("failed to read from %s: %s", filename, err)
+	}
+
+	expected := len(ts.GetSums())
+
+	ts.(BuilderContext).Remove("")
+	ts.(BuilderContext).Remove("Anything")
+
+	if len(ts.GetSums()) != expected {
+		t.Fatalf("Expected %v sums, go %v.", expected, ts.GetSums())
+	}
+}
+
+// Remove a tarsum (in the BuilderContext)
+func TestTarSumRemove(t *testing.T) {
+	filename := "testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/layer.tar"
+	reader, err := os.Open(filename)
+	if err != nil {
+		t.Fatal(err)
+	}
+	ts, err := NewTarSum(reader, false, Version0)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Read and discard bytes so that it populates sums
+	_, err = io.Copy(ioutil.Discard, ts)
+	if err != nil {
+		t.Errorf("failed to read from %s: %s", filename, err)
+	}
+
+	expected := len(ts.GetSums()) - 1
+
+	ts.(BuilderContext).Remove("etc/sudoers")
+
+	if len(ts.GetSums()) != expected {
+		t.Fatalf("Expected %v sums, go %v.", expected, len(ts.GetSums()))
+	}
+}
diff --git a/pkg/tarsum/fileinfosums.go b/pkg/tarsum/fileinfosums.go
new file mode 100644
index 00000000..5abf5e7b
--- /dev/null
+++ b/pkg/tarsum/fileinfosums.go
@@ -0,0 +1,126 @@
+package tarsum
+
+import "sort"
+
+// FileInfoSumInterface provides an interface for accessing file checksum
+// information within a tar file. This info is accessed through interface
+// so the actual name and sum cannot be melded with.
+type FileInfoSumInterface interface {
+	// File name
+	Name() string
+	// Checksum of this particular file and its headers
+	Sum() string
+	// Position of file in the tar
+	Pos() int64
+}
+
+type fileInfoSum struct {
+	name string
+	sum  string
+	pos  int64
+}
+
+func (fis fileInfoSum) Name() string {
+	return fis.name
+}
+func (fis fileInfoSum) Sum() string {
+	return fis.sum
+}
+func (fis fileInfoSum) Pos() int64 {
+	return fis.pos
+}
+
+// FileInfoSums provides a list of FileInfoSumInterfaces.
+type FileInfoSums []FileInfoSumInterface
+
+// GetFile returns the first FileInfoSumInterface with a matching name.
+func (fis FileInfoSums) GetFile(name string) FileInfoSumInterface {
+	for i := range fis {
+		if fis[i].Name() == name {
+			return fis[i]
+		}
+	}
+	return nil
+}
+
+// GetAllFile returns a FileInfoSums with all matching names.
+func (fis FileInfoSums) GetAllFile(name string) FileInfoSums {
+	f := FileInfoSums{}
+	for i := range fis {
+		if fis[i].Name() == name {
+			f = append(f, fis[i])
+		}
+	}
+	return f
+}
+
+// GetDuplicatePaths returns a FileInfoSums with all duplicated paths.
+func (fis FileInfoSums) GetDuplicatePaths() (dups FileInfoSums) {
+	seen := make(map[string]int, len(fis)) // allocate earl. no need to grow this map.
+	for i := range fis {
+		f := fis[i]
+		if _, ok := seen[f.Name()]; ok {
+			dups = append(dups, f)
+		} else {
+			seen[f.Name()] = 0
+		}
+	}
+	return dups
+}
+
+// Len returns the size of the FileInfoSums.
+func (fis FileInfoSums) Len() int { return len(fis) }
+
+// Swap swaps two FileInfoSum values if a FileInfoSums list.
+func (fis FileInfoSums) Swap(i, j int) { fis[i], fis[j] = fis[j], fis[i] }
+
+// SortByPos sorts FileInfoSums content by position.
+func (fis FileInfoSums) SortByPos() {
+	sort.Sort(byPos{fis})
+}
+
+// SortByNames sorts FileInfoSums content by name.
+func (fis FileInfoSums) SortByNames() {
+	sort.Sort(byName{fis})
+}
+
+// SortBySums sorts FileInfoSums content by sums.
+func (fis FileInfoSums) SortBySums() {
+	dups := fis.GetDuplicatePaths()
+	if len(dups) > 0 {
+		sort.Sort(bySum{fis, dups})
+	} else {
+		sort.Sort(bySum{fis, nil})
+	}
+}
+
+// byName is a sort.Sort helper for sorting by file names.
+// If names are the same, order them by their appearance in the tar archive
+type byName struct{ FileInfoSums }
+
+func (bn byName) Less(i, j int) bool {
+	if bn.FileInfoSums[i].Name() == bn.FileInfoSums[j].Name() {
+		return bn.FileInfoSums[i].Pos() < bn.FileInfoSums[j].Pos()
+	}
+	return bn.FileInfoSums[i].Name() < bn.FileInfoSums[j].Name()
+}
+
+// bySum is a sort.Sort helper for sorting by the sums of all the fileinfos in the tar archive
+type bySum struct {
+	FileInfoSums
+	dups FileInfoSums
+}
+
+func (bs bySum) Less(i, j int) bool {
+	if bs.dups != nil && bs.FileInfoSums[i].Name() == bs.FileInfoSums[j].Name() {
+		return bs.FileInfoSums[i].Pos() < bs.FileInfoSums[j].Pos()
+	}
+	return bs.FileInfoSums[i].Sum() < bs.FileInfoSums[j].Sum()
+}
+
+// byPos is a sort.Sort helper for sorting by the sums of all the fileinfos by their original order
+type byPos struct{ FileInfoSums }
+
+func (bp byPos) Less(i, j int) bool {
+	return bp.FileInfoSums[i].Pos() < bp.FileInfoSums[j].Pos()
+}
diff --git a/pkg/tarsum/fileinfosums_test.go b/pkg/tarsum/fileinfosums_test.go
new file mode 100644
index 00000000..bb700d8b
--- /dev/null
+++ b/pkg/tarsum/fileinfosums_test.go
@@ -0,0 +1,62 @@
+package tarsum
+
+import "testing"
+
+func newFileInfoSums() FileInfoSums {
+	return FileInfoSums{
+		fileInfoSum{name: "file3", sum: "2abcdef1234567890", pos: 2},
+		fileInfoSum{name: "dup1", sum: "deadbeef1", pos: 5},
+		fileInfoSum{name: "file1", sum: "0abcdef1234567890", pos: 0},
+		fileInfoSum{name: "file4", sum: "3abcdef1234567890", pos: 3},
+		fileInfoSum{name: "dup1", sum: "deadbeef0", pos: 4},
+		fileInfoSum{name: "file2", sum: "1abcdef1234567890", pos: 1},
+	}
+}
+
+func TestSortFileInfoSums(t *testing.T) {
+	dups := newFileInfoSums().GetAllFile("dup1")
+	if len(dups) != 2 {
+		t.Errorf("expected length 2, got %d", len(dups))
+	}
+	dups.SortByNames()
+	if dups[0].Pos() != 4 {
+		t.Errorf("sorted dups should be ordered by position. Expected 4, got %d", dups[0].Pos())
+	}
+
+	fis := newFileInfoSums()
+	expected := "0abcdef1234567890"
+	fis.SortBySums()
+	got := fis[0].Sum()
+	if got != expected {
+		t.Errorf("Expected %q, got %q", expected, got)
+	}
+
+	fis = newFileInfoSums()
+	expected = "dup1"
+	fis.SortByNames()
+	gotFis := fis[0]
+	if gotFis.Name() != expected {
+		t.Errorf("Expected %q, got %q", expected, gotFis.Name())
+	}
+	// since a duplicate is first, ensure it is ordered first by position too
+	if gotFis.Pos() != 4 {
+		t.Errorf("Expected %d, got %d", 4, gotFis.Pos())
+	}
+
+	fis = newFileInfoSums()
+	fis.SortByPos()
+	if fis[0].Pos() != 0 {
+		t.Errorf("sorted fileInfoSums by Pos should order them by position.")
+	}
+
+	fis = newFileInfoSums()
+	expected = "deadbeef1"
+	gotFileInfoSum := fis.GetFile("dup1")
+	if gotFileInfoSum.Sum() != expected {
+		t.Errorf("Expected %q, got %q", expected, gotFileInfoSum)
+	}
+	if fis.GetFile("noPresent") != nil {
+		t.Errorf("Should have return nil if name not found.")
+	}
+
+}
diff --git a/pkg/tarsum/tarsum.go b/pkg/tarsum/tarsum.go
new file mode 100644
index 00000000..4dc89bd4
--- /dev/null
+++ b/pkg/tarsum/tarsum.go
@@ -0,0 +1,294 @@
+// Package tarsum provides algorithms to perform checksum calculation on
+// filesystem layers.
+//
+// The transportation of filesystems, regarding Docker, is done with tar(1)
+// archives. There are a variety of tar serialization formats [2], and a key
+// concern here is ensuring a repeatable checksum given a set of inputs from a
+// generic tar archive. Types of transportation include distribution to and from a
+// registry endpoint, saving and loading through commands or Docker daemon APIs,
+// transferring the build context from client to Docker daemon, and committing the
+// filesystem of a container to become an image.
+//
+// As tar archives are used for transit, but not preserved in many situations, the
+// focus of the algorithm is to ensure the integrity of the preserved filesystem,
+// while maintaining a deterministic accountability. This includes neither
+// constraining the ordering or manipulation of the files during the creation or
+// unpacking of the archive, nor include additional metadata state about the file
+// system attributes.
+package tarsum
+
+import (
+	"archive/tar"
+	"bytes"
+	"compress/gzip"
+	"crypto"
+	"crypto/sha256"
+	"encoding/hex"
+	"errors"
+	"fmt"
+	"hash"
+	"io"
+	"strings"
+)
+
+const (
+	buf8K  = 8 * 1024
+	buf16K = 16 * 1024
+	buf32K = 32 * 1024
+)
+
+// NewTarSum creates a new interface for calculating a fixed time checksum of a
+// tar archive.
+//
+// This is used for calculating checksums of layers of an image, in some cases
+// including the byte payload of the image's json metadata as well, and for
+// calculating the checksums for buildcache.
+func NewTarSum(r io.Reader, dc bool, v Version) (TarSum, error) {
+	return NewTarSumHash(r, dc, v, DefaultTHash)
+}
+
+// NewTarSumHash creates a new TarSum, providing a THash to use rather than
+// the DefaultTHash.
+func NewTarSumHash(r io.Reader, dc bool, v Version, tHash THash) (TarSum, error) {
+	headerSelector, err := getTarHeaderSelector(v)
+	if err != nil {
+		return nil, err
+	}
+	ts := &tarSum{Reader: r, DisableCompression: dc, tarSumVersion: v, headerSelector: headerSelector, tHash: tHash}
+	err = ts.initTarSum()
+	return ts, err
+}
+
+// NewTarSumForLabel creates a new TarSum using the provided TarSum version+hash label.
+func NewTarSumForLabel(r io.Reader, disableCompression bool, label string) (TarSum, error) {
+	parts := strings.SplitN(label, "+", 2)
+	if len(parts) != 2 {
+		return nil, errors.New("tarsum label string should be of the form: {tarsum_version}+{hash_name}")
+	}
+
+	versionName, hashName := parts[0], parts[1]
+
+	version, ok := tarSumVersionsByName[versionName]
+	if !ok {
+		return nil, fmt.Errorf("unknown TarSum version name: %q", versionName)
+	}
+
+	hashConfig, ok := standardHashConfigs[hashName]
+	if !ok {
+		return nil, fmt.Errorf("unknown TarSum hash name: %q", hashName)
+	}
+
+	tHash := NewTHash(hashConfig.name, hashConfig.hash.New)
+
+	return NewTarSumHash(r, disableCompression, version, tHash)
+}
+
+// TarSum is the generic interface for calculating fixed time
+// checksums of a tar archive.
+type TarSum interface {
+	io.Reader
+	GetSums() FileInfoSums
+	Sum([]byte) string
+	Version() Version
+	Hash() THash
+}
+
+// tarSum struct is the structure for a Version0 checksum calculation.
+type tarSum struct {
+	io.Reader
+	tarR               *tar.Reader
+	tarW               *tar.Writer
+	writer             writeCloseFlusher
+	bufTar             *bytes.Buffer
+	bufWriter          *bytes.Buffer
+	bufData            []byte
+	h                  hash.Hash
+	tHash              THash
+	sums               FileInfoSums
+	fileCounter        int64
+	currentFile        string
+	finished           bool
+	first              bool
+	DisableCompression bool              // false by default. When false, the output gzip compressed.
+	tarSumVersion      Version           // this field is not exported so it can not be mutated during use
+	headerSelector     tarHeaderSelector // handles selecting and ordering headers for files in the archive
+}
+
+func (ts tarSum) Hash() THash {
+	return ts.tHash
+}
+
+func (ts tarSum) Version() Version {
+	return ts.tarSumVersion
+}
+
+// THash provides a hash.Hash type generator and its name.
+type THash interface {
+	Hash() hash.Hash
+	Name() string
+}
+
+// NewTHash is a convenience method for creating a THash.
+func NewTHash(name string, h func() hash.Hash) THash {
+	return simpleTHash{n: name, h: h}
+}
+
+type tHashConfig struct {
+	name string
+	hash crypto.Hash
+}
+
+var (
+	// NOTE: DO NOT include MD5 or SHA1, which are considered insecure.
+	standardHashConfigs = map[string]tHashConfig{
+		"sha256": {name: "sha256", hash: crypto.SHA256},
+		"sha512": {name: "sha512", hash: crypto.SHA512},
+	}
+)
+
+// DefaultTHash is default TarSum hashing algorithm - "sha256".
+var DefaultTHash = NewTHash("sha256", sha256.New)
+
+type simpleTHash struct {
+	n string
+	h func() hash.Hash
+}
+
+func (sth simpleTHash) Name() string    { return sth.n }
+func (sth simpleTHash) Hash() hash.Hash { return sth.h() }
+
+func (ts *tarSum) encodeHeader(h *tar.Header) error {
+	for _, elem := range ts.headerSelector.selectHeaders(h) {
+		if _, err := ts.h.Write([]byte(elem[0] + elem[1])); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (ts *tarSum) initTarSum() error {
+	ts.bufTar = bytes.NewBuffer([]byte{})
+	ts.bufWriter = bytes.NewBuffer([]byte{})
+	ts.tarR = tar.NewReader(ts.Reader)
+	ts.tarW = tar.NewWriter(ts.bufTar)
+	if !ts.DisableCompression {
+		ts.writer = gzip.NewWriter(ts.bufWriter)
+	} else {
+		ts.writer = &nopCloseFlusher{Writer: ts.bufWriter}
+	}
+	if ts.tHash == nil {
+		ts.tHash = DefaultTHash
+	}
+	ts.h = ts.tHash.Hash()
+	ts.h.Reset()
+	ts.first = true
+	ts.sums = FileInfoSums{}
+	return nil
+}
+
+func (ts *tarSum) Read(buf []byte) (int, error) {
+	if ts.finished {
+		return ts.bufWriter.Read(buf)
+	}
+	if len(ts.bufData) < len(buf) {
+		switch {
+		case len(buf) <= buf8K:
+			ts.bufData = make([]byte, buf8K)
+		case len(buf) <= buf16K:
+			ts.bufData = make([]byte, buf16K)
+		case len(buf) <= buf32K:
+			ts.bufData = make([]byte, buf32K)
+		default:
+			ts.bufData = make([]byte, len(buf))
+		}
+	}
+	buf2 := ts.bufData[:len(buf)]
+
+	n, err := ts.tarR.Read(buf2)
+	if err != nil {
+		if err == io.EOF {
+			if _, err := ts.h.Write(buf2[:n]); err != nil {
+				return 0, err
+			}
+			if !ts.first {
+				ts.sums = append(ts.sums, fileInfoSum{name: ts.currentFile, sum: hex.EncodeToString(ts.h.Sum(nil)), pos: ts.fileCounter})
+				ts.fileCounter++
+				ts.h.Reset()
+			} else {
+				ts.first = false
+			}
+
+			currentHeader, err := ts.tarR.Next()
+			if err != nil {
+				if err == io.EOF {
+					if err := ts.tarW.Close(); err != nil {
+						return 0, err
+					}
+					if _, err := io.Copy(ts.writer, ts.bufTar); err != nil {
+						return 0, err
+					}
+					if err := ts.writer.Close(); err != nil {
+						return 0, err
+					}
+					ts.finished = true
+					return n, nil
+				}
+				return n, err
+			}
+			ts.currentFile = strings.TrimSuffix(strings.TrimPrefix(currentHeader.Name, "./"), "/")
+			if err := ts.encodeHeader(currentHeader); err != nil {
+				return 0, err
+			}
+			if err := ts.tarW.WriteHeader(currentHeader); err != nil {
+				return 0, err
+			}
+			if _, err := ts.tarW.Write(buf2[:n]); err != nil {
+				return 0, err
+			}
+			ts.tarW.Flush()
+			if _, err := io.Copy(ts.writer, ts.bufTar); err != nil {
+				return 0, err
+			}
+			ts.writer.Flush()
+
+			return ts.bufWriter.Read(buf)
+		}
+		return n, err
+	}
+
+	// Filling the hash buffer
+	if _, err = ts.h.Write(buf2[:n]); err != nil {
+		return 0, err
+	}
+
+	// Filling the tar writer
+	if _, err = ts.tarW.Write(buf2[:n]); err != nil {
+		return 0, err
+	}
+	ts.tarW.Flush()
+
+	// Filling the output writer
+	if _, err = io.Copy(ts.writer, ts.bufTar); err != nil {
+		return 0, err
+	}
+	ts.writer.Flush()
+
+	return ts.bufWriter.Read(buf)
+}
+
+func (ts *tarSum) Sum(extra []byte) string {
+	ts.sums.SortBySums()
+	h := ts.tHash.Hash()
+	if extra != nil {
+		h.Write(extra)
+	}
+	for _, fis := range ts.sums {
+		h.Write([]byte(fis.Sum()))
+	}
+	checksum := ts.Version().String() + "+" + ts.tHash.Name() + ":" + hex.EncodeToString(h.Sum(nil))
+	return checksum
+}
+
+func (ts *tarSum) GetSums() FileInfoSums {
+	return ts.sums
+}
diff --git a/pkg/tarsum/tarsum_spec.md b/pkg/tarsum/tarsum_spec.md
new file mode 100644
index 00000000..89b2e49f
--- /dev/null
+++ b/pkg/tarsum/tarsum_spec.md
@@ -0,0 +1,230 @@
+page_title: TarSum checksum specification
+page_description: Documentation for algorithms used in the TarSum checksum calculation
+page_keywords: docker, checksum, validation, tarsum
+
+# TarSum Checksum Specification
+
+## Abstract
+
+This document describes the algorithms used in performing the TarSum checksum
+calculation on filesystem layers, the need for this method over existing
+methods, and the versioning of this calculation.
+
+## Warning
+
+This checksum algorithm is for best-effort comparison of file trees with fuzzy logic.
+
+This is _not_ a cryptographic attestation, and should not be considered secure.
+
+## Introduction
+
+The transportation of filesystems, regarding Docker, is done with tar(1)
+archives. There are a variety of tar serialization formats [2], and a key
+concern here is ensuring a repeatable checksum given a set of inputs from a
+generic tar archive. Types of transportation include distribution to and from a
+registry endpoint, saving and loading through commands or Docker daemon APIs,
+transferring the build context from client to Docker daemon, and committing the
+filesystem of a container to become an image.
+
+As tar archives are used for transit, but not preserved in many situations, the
+focus of the algorithm is to ensure the integrity of the preserved filesystem,
+while maintaining a deterministic accountability. This includes neither
+constraining the ordering or manipulation of the files during the creation or
+unpacking of the archive, nor include additional metadata state about the file
+system attributes.
+
+## Intended Audience
+
+This document is outlining the methods used for consistent checksum calculation
+for filesystems transported via tar archives.
+
+Auditing these methodologies is an open and iterative process. This document
+should accommodate the review of source code. Ultimately, this document should
+be the starting point of further refinements to the algorithm and its future
+versions.
+
+## Concept
+
+The checksum mechanism must ensure the integrity and assurance of the
+filesystem payload.
+
+## Checksum Algorithm Profile
+
+A checksum mechanism must define the following operations and attributes:
+
+* Associated hashing cipher - used to checksum each file payload and attribute
+  information.
+* Checksum list - each file of the filesystem archive has its checksum
+  calculated from the payload and attributes of the file. The final checksum is
+  calculated from this list, with specific ordering.
+* Version - as the algorithm adapts to requirements, there are behaviors of the
+  algorithm to manage by versioning.
+* Archive being calculated - the tar archive having its checksum calculated
+
+## Elements of TarSum checksum
+
+The calculated sum output is a text string. The elements included in the output
+of the calculated sum comprise the information needed for validation of the sum
+(TarSum version and hashing cipher used) and the expected checksum in hexadecimal
+form.
+
+There are two delimiters used:
+* '+' separates TarSum version from hashing cipher
+* ':' separates calculation mechanics from expected hash
+
+Example:
+
+```
+	"tarsum.v1+sha256:220a60ecd4a3c32c282622a625a54db9ba0ff55b5ba9c29c7064a2bc358b6a3e"
+	|         |       \                                                               |
+	|         |        \                                                              |
+	|_version_|_cipher__|__                                                           |
+	|                      \                                                          |
+	|_calculation_mechanics_|______________________expected_sum_______________________|
+```
+
+## Versioning
+
+Versioning was introduced [0] to accommodate differences in calculation needed,
+and ability to maintain reverse compatibility.
+
+The general algorithm will be describe further in the 'Calculation'.
+
+### Version0
+
+This is the initial version of TarSum.
+
+Its element in the TarSum checksum string is `tarsum`.
+
+### Version1
+
+Its element in the TarSum checksum is `tarsum.v1`.
+
+The notable changes in this version:
+* Exclusion of file `mtime` from the file information headers, in each file
+  checksum calculation
+* Inclusion of extended attributes (`xattrs`. Also seen as `SCHILY.xattr.` prefixed Pax
+  tar file info headers) keys and values in each file checksum calculation
+
+### VersionDev
+
+*Do not use unless validating refinements to the checksum algorithm*
+
+Its element in the TarSum checksum is `tarsum.dev`.
+
+This is a floating place holder for a next version and grounds for testing
+changes. The methods used for calculation are subject to change without notice,
+and this version is for testing and not for production use.
+
+## Ciphers
+
+The official default and standard hashing cipher used in the calculation mechanic
+is `sha256`. This refers to SHA256 hash algorithm as defined in FIPS 180-4.
+
+Though the TarSum algorithm itself is not exclusively bound to the single
+hashing cipher `sha256`, support for alternate hashing ciphers was later added
+[1]. Use cases for alternate cipher could include future-proofing TarSum
+checksum format and using faster cipher hashes for tar filesystem checksums.
+
+## Calculation
+
+### Requirement
+
+As mentioned earlier, the calculation is such that it takes into consideration
+the lifecycle of the tar archive. In that the tar archive is not an immutable,
+permanent artifact. Otherwise options like relying on a known hashing cipher
+checksum of the archive itself would be reliable enough. The tar archive of the
+filesystem is used as a transportation medium for Docker images, and the
+archive is discarded once its contents are extracted. Therefore, for consistent
+validation items such as order of files in the tar archive and time stamps are
+subject to change once an image is received.
+
+### Process
+
+The method is typically iterative due to reading tar info headers from the
+archive stream, though this is not a strict requirement.
+
+#### Files
+
+Each file in the tar archive have their contents (headers and body) checksummed
+individually using the designated associated hashing cipher. The ordered
+headers of the file are written to the checksum calculation first, and then the
+payload of the file body.
+
+The resulting checksum of the file is appended to the list of file sums. The
+sum is encoded as a string of the hexadecimal digest. Additionally, the file
+name and position in the archive is kept as reference for special ordering.
+
+#### Headers
+
+The following headers are read, in this
+order ( and the corresponding representation of its value):
+* 'name' - string
+* 'mode' - string of the base10 integer
+* 'uid' - string of the integer
+* 'gid' - string of the integer
+* 'size' - string of the integer
+* 'mtime' (_Version0 only_) - string of integer of the seconds since 1970-01-01 00:00:00 UTC
+* 'typeflag' - string of the char
+* 'linkname' - string
+* 'uname' - string
+* 'gname' - string
+* 'devmajor' - string of the integer
+* 'devminor' - string of the integer
+
+For >= Version1, the extended attribute headers ("SCHILY.xattr." prefixed pax
+headers) included after the above list. These xattrs key/values are first
+sorted by the keys.
+
+#### Header Format
+
+The ordered headers are written to the hash in the format of
+
+	"{.key}{.value}"
+
+with no newline.
+
+#### Body
+
+After the order headers of the file have been added to the checksum for the
+file, the body of the file is written to the hash.
+
+#### List of file sums
+
+The list of file sums is sorted by the string of the hexadecimal digest.
+
+If there are two files in the tar with matching paths, the order of occurrence
+for that path is reflected for the sums of the corresponding file header and
+body.
+
+#### Final Checksum
+
+Begin with a fresh or initial state of the associated hash cipher. If there is
+additional payload to include in the TarSum calculation for the archive, it is
+written first. Then each checksum from the ordered list of file sums is written
+to the hash.
+
+The resulting digest is formatted per the Elements of TarSum checksum,
+including the TarSum version, the associated hash cipher and the hexadecimal
+encoded checksum digest.
+
+## Security Considerations
+
+The initial version of TarSum has undergone one update that could invalidate
+handcrafted tar archives. The tar archive format supports appending of files
+with same names as prior files in the archive. The latter file will clobber the
+prior file of the same path. Due to this the algorithm now accounts for files
+with matching paths, and orders the list of file sums accordingly [3].
+
+## Footnotes
+
+* [0] Versioning https://github.com/docker/docker/commit/747f89cd327db9d50251b17797c4d825162226d0
+* [1] Alternate ciphers https://github.com/docker/docker/commit/4e9925d780665149b8bc940d5ba242ada1973c4e
+* [2] Tar http://en.wikipedia.org/wiki/Tar_%28computing%29
+* [3] Name collision https://github.com/docker/docker/commit/c5e6362c53cbbc09ddbabd5a7323e04438b57d31
+
+## Acknowledgments
+
+Joffrey F (shin-) and Guillaume J. Charmes (creack) on the initial work of the
+TarSum calculation.
+
diff --git a/pkg/tarsum/tarsum_test.go b/pkg/tarsum/tarsum_test.go
new file mode 100644
index 00000000..54bec53f
--- /dev/null
+++ b/pkg/tarsum/tarsum_test.go
@@ -0,0 +1,656 @@
+package tarsum
+
+import (
+	"archive/tar"
+	"bytes"
+	"compress/gzip"
+	"crypto/md5"
+	"crypto/rand"
+	"crypto/sha1"
+	"crypto/sha256"
+	"crypto/sha512"
+	"encoding/hex"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"strings"
+	"testing"
+)
+
+type testLayer struct {
+	filename string
+	options  *sizedOptions
+	jsonfile string
+	gzip     bool
+	tarsum   string
+	version  Version
+	hash     THash
+}
+
+var testLayers = []testLayer{
+	{
+		filename: "testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/layer.tar",
+		jsonfile: "testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/json",
+		version:  Version0,
+		tarsum:   "tarsum+sha256:4095cc12fa5fdb1ab2760377e1cd0c4ecdd3e61b4f9b82319d96fcea6c9a41c6"},
+	{
+		filename: "testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/layer.tar",
+		jsonfile: "testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/json",
+		version:  VersionDev,
+		tarsum:   "tarsum.dev+sha256:db56e35eec6ce65ba1588c20ba6b1ea23743b59e81fb6b7f358ccbde5580345c"},
+	{
+		filename: "testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/layer.tar",
+		jsonfile: "testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/json",
+		gzip:     true,
+		tarsum:   "tarsum+sha256:4095cc12fa5fdb1ab2760377e1cd0c4ecdd3e61b4f9b82319d96fcea6c9a41c6"},
+	{
+		// Tests existing version of TarSum when xattrs are present
+		filename: "testdata/xattr/layer.tar",
+		jsonfile: "testdata/xattr/json",
+		version:  Version0,
+		tarsum:   "tarsum+sha256:07e304a8dbcb215b37649fde1a699f8aeea47e60815707f1cdf4d55d25ff6ab4"},
+	{
+		// Tests next version of TarSum when xattrs are present
+		filename: "testdata/xattr/layer.tar",
+		jsonfile: "testdata/xattr/json",
+		version:  VersionDev,
+		tarsum:   "tarsum.dev+sha256:6c58917892d77b3b357b0f9ad1e28e1f4ae4de3a8006bd3beb8beda214d8fd16"},
+	{
+		filename: "testdata/511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158/layer.tar",
+		jsonfile: "testdata/511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158/json",
+		tarsum:   "tarsum+sha256:c66bd5ec9f87b8f4c6135ca37684618f486a3dd1d113b138d0a177bfa39c2571"},
+	{
+		options: &sizedOptions{1, 1024 * 1024, false, false}, // a 1mb file (in memory)
+		tarsum:  "tarsum+sha256:8bf12d7e67c51ee2e8306cba569398b1b9f419969521a12ffb9d8875e8836738"},
+	{
+		// this tar has two files with the same path
+		filename: "testdata/collision/collision-0.tar",
+		tarsum:   "tarsum+sha256:08653904a68d3ab5c59e65ef58c49c1581caa3c34744f8d354b3f575ea04424a"},
+	{
+		// this tar has the same two files (with the same path), but reversed order. ensuring is has different hash than above
+		filename: "testdata/collision/collision-1.tar",
+		tarsum:   "tarsum+sha256:b51c13fbefe158b5ce420d2b930eef54c5cd55c50a2ee4abdddea8fa9f081e0d"},
+	{
+		// this tar has newer of collider-0.tar, ensuring is has different hash
+		filename: "testdata/collision/collision-2.tar",
+		tarsum:   "tarsum+sha256:381547080919bb82691e995508ae20ed33ce0f6948d41cafbeb70ce20c73ee8e"},
+	{
+		// this tar has newer of collider-1.tar, ensuring is has different hash
+		filename: "testdata/collision/collision-3.tar",
+		tarsum:   "tarsum+sha256:f886e431c08143164a676805205979cd8fa535dfcef714db5515650eea5a7c0f"},
+	{
+		options: &sizedOptions{1, 1024 * 1024, false, false}, // a 1mb file (in memory)
+		tarsum:  "tarsum+md5:0d7529ec7a8360155b48134b8e599f53",
+		hash:    md5THash,
+	},
+	{
+		options: &sizedOptions{1, 1024 * 1024, false, false}, // a 1mb file (in memory)
+		tarsum:  "tarsum+sha1:f1fee39c5925807ff75ef1925e7a23be444ba4df",
+		hash:    sha1Hash,
+	},
+	{
+		options: &sizedOptions{1, 1024 * 1024, false, false}, // a 1mb file (in memory)
+		tarsum:  "tarsum+sha224:6319390c0b061d639085d8748b14cd55f697cf9313805218b21cf61c",
+		hash:    sha224Hash,
+	},
+	{
+		options: &sizedOptions{1, 1024 * 1024, false, false}, // a 1mb file (in memory)
+		tarsum:  "tarsum+sha384:a578ce3ce29a2ae03b8ed7c26f47d0f75b4fc849557c62454be4b5ffd66ba021e713b48ce71e947b43aab57afd5a7636",
+		hash:    sha384Hash,
+	},
+	{
+		options: &sizedOptions{1, 1024 * 1024, false, false}, // a 1mb file (in memory)
+		tarsum:  "tarsum+sha512:e9bfb90ca5a4dfc93c46ee061a5cf9837de6d2fdf82544d6460d3147290aecfabf7b5e415b9b6e72db9b8941f149d5d69fb17a394cbfaf2eac523bd9eae21855",
+		hash:    sha512Hash,
+	},
+}
+
+type sizedOptions struct {
+	num      int64
+	size     int64
+	isRand   bool
+	realFile bool
+}
+
+// make a tar:
+// * num is the number of files the tar should have
+// * size is the bytes per file
+// * isRand is whether the contents of the files should be a random chunk (otherwise it's all zeros)
+// * realFile will write to a TempFile, instead of an in memory buffer
+func sizedTar(opts sizedOptions) io.Reader {
+	var (
+		fh  io.ReadWriter
+		err error
+	)
+	if opts.realFile {
+		fh, err = ioutil.TempFile("", "tarsum")
+		if err != nil {
+			return nil
+		}
+	} else {
+		fh = bytes.NewBuffer([]byte{})
+	}
+	tarW := tar.NewWriter(fh)
+	defer tarW.Close()
+	for i := int64(0); i < opts.num; i++ {
+		err := tarW.WriteHeader(&tar.Header{
+			Name: fmt.Sprintf("/testdata%d", i),
+			Mode: 0755,
+			Uid:  0,
+			Gid:  0,
+			Size: opts.size,
+		})
+		if err != nil {
+			return nil
+		}
+		var rBuf []byte
+		if opts.isRand {
+			rBuf = make([]byte, 8)
+			_, err = rand.Read(rBuf)
+			if err != nil {
+				return nil
+			}
+		} else {
+			rBuf = []byte{0, 0, 0, 0, 0, 0, 0, 0}
+		}
+
+		for i := int64(0); i < opts.size/int64(8); i++ {
+			tarW.Write(rBuf)
+		}
+	}
+	return fh
+}
+
+func emptyTarSum(gzip bool) (TarSum, error) {
+	reader, writer := io.Pipe()
+	tarWriter := tar.NewWriter(writer)
+
+	// Immediately close tarWriter and write-end of the
+	// Pipe in a separate goroutine so we don't block.
+	go func() {
+		tarWriter.Close()
+		writer.Close()
+	}()
+
+	return NewTarSum(reader, !gzip, Version0)
+}
+
+// Test errors on NewTarsumForLabel
+func TestNewTarSumForLabelInvalid(t *testing.T) {
+	reader := strings.NewReader("")
+
+	if _, err := NewTarSumForLabel(reader, true, "invalidlabel"); err == nil {
+		t.Fatalf("Expected an error, got nothing.")
+	}
+
+	if _, err := NewTarSumForLabel(reader, true, "invalid+sha256"); err == nil {
+		t.Fatalf("Expected an error, got nothing.")
+	}
+	if _, err := NewTarSumForLabel(reader, true, "tarsum.v1+invalid"); err == nil {
+		t.Fatalf("Expected an error, got nothing.")
+	}
+}
+
+func TestNewTarSumForLabel(t *testing.T) {
+
+	layer := testLayers[0]
+
+	reader, err := os.Open(layer.filename)
+	if err != nil {
+		t.Fatal(err)
+	}
+	label := strings.Split(layer.tarsum, ":")[0]
+	ts, err := NewTarSumForLabel(reader, false, label)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Make sure it actually worked by reading a little bit of it
+	nbByteToRead := 8 * 1024
+	dBuf := make([]byte, nbByteToRead)
+	_, err = ts.Read(dBuf)
+	if err != nil {
+		t.Errorf("failed to read %vKB from %s: %s", nbByteToRead, layer.filename, err)
+	}
+}
+
+// TestEmptyTar tests that tarsum does not fail to read an empty tar
+// and correctly returns the hex digest of an empty hash.
+func TestEmptyTar(t *testing.T) {
+	// Test without gzip.
+	ts, err := emptyTarSum(false)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	zeroBlock := make([]byte, 1024)
+	buf := new(bytes.Buffer)
+
+	n, err := io.Copy(buf, ts)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if n != int64(len(zeroBlock)) || !bytes.Equal(buf.Bytes(), zeroBlock) {
+		t.Fatalf("tarSum did not write the correct number of zeroed bytes: %d", n)
+	}
+
+	expectedSum := ts.Version().String() + "+sha256:" + hex.EncodeToString(sha256.New().Sum(nil))
+	resultSum := ts.Sum(nil)
+
+	if resultSum != expectedSum {
+		t.Fatalf("expected [%s] but got [%s]", expectedSum, resultSum)
+	}
+
+	// Test with gzip.
+	ts, err = emptyTarSum(true)
+	if err != nil {
+		t.Fatal(err)
+	}
+	buf.Reset()
+
+	n, err = io.Copy(buf, ts)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	bufgz := new(bytes.Buffer)
+	gz := gzip.NewWriter(bufgz)
+	n, err = io.Copy(gz, bytes.NewBuffer(zeroBlock))
+	gz.Close()
+	gzBytes := bufgz.Bytes()
+
+	if n != int64(len(zeroBlock)) || !bytes.Equal(buf.Bytes(), gzBytes) {
+		t.Fatalf("tarSum did not write the correct number of gzipped-zeroed bytes: %d", n)
+	}
+
+	resultSum = ts.Sum(nil)
+
+	if resultSum != expectedSum {
+		t.Fatalf("expected [%s] but got [%s]", expectedSum, resultSum)
+	}
+
+	// Test without ever actually writing anything.
+	if ts, err = NewTarSum(bytes.NewReader([]byte{}), true, Version0); err != nil {
+		t.Fatal(err)
+	}
+
+	resultSum = ts.Sum(nil)
+
+	if resultSum != expectedSum {
+		t.Fatalf("expected [%s] but got [%s]", expectedSum, resultSum)
+	}
+}
+
+var (
+	md5THash   = NewTHash("md5", md5.New)
+	sha1Hash   = NewTHash("sha1", sha1.New)
+	sha224Hash = NewTHash("sha224", sha256.New224)
+	sha384Hash = NewTHash("sha384", sha512.New384)
+	sha512Hash = NewTHash("sha512", sha512.New)
+)
+
+// Test all the build-in read size : buf8K, buf16K, buf32K and more
+func TestTarSumsReadSize(t *testing.T) {
+	// Test always on the same layer (that is big enough)
+	layer := testLayers[0]
+
+	for i := 0; i < 5; i++ {
+
+		reader, err := os.Open(layer.filename)
+		if err != nil {
+			t.Fatal(err)
+		}
+		ts, err := NewTarSum(reader, false, layer.version)
+		if err != nil {
+			t.Fatal(err)
+		}
+
+		// Read and discard bytes so that it populates sums
+		nbByteToRead := (i + 1) * 8 * 1024
+		dBuf := make([]byte, nbByteToRead)
+		_, err = ts.Read(dBuf)
+		if err != nil {
+			t.Errorf("failed to read %vKB from %s: %s", nbByteToRead, layer.filename, err)
+			continue
+		}
+	}
+}
+
+func TestTarSums(t *testing.T) {
+	for _, layer := range testLayers {
+		var (
+			fh  io.Reader
+			err error
+		)
+		if len(layer.filename) > 0 {
+			fh, err = os.Open(layer.filename)
+			if err != nil {
+				t.Errorf("failed to open %s: %s", layer.filename, err)
+				continue
+			}
+		} else if layer.options != nil {
+			fh = sizedTar(*layer.options)
+		} else {
+			// What else is there to test?
+			t.Errorf("what to do with %#v", layer)
+			continue
+		}
+		if file, ok := fh.(*os.File); ok {
+			defer file.Close()
+		}
+
+		var ts TarSum
+		if layer.hash == nil {
+			//                           double negatives!
+			ts, err = NewTarSum(fh, !layer.gzip, layer.version)
+		} else {
+			ts, err = NewTarSumHash(fh, !layer.gzip, layer.version, layer.hash)
+		}
+		if err != nil {
+			t.Errorf("%q :: %q", err, layer.filename)
+			continue
+		}
+
+		// Read variable number of bytes to test dynamic buffer
+		dBuf := make([]byte, 1)
+		_, err = ts.Read(dBuf)
+		if err != nil {
+			t.Errorf("failed to read 1B from %s: %s", layer.filename, err)
+			continue
+		}
+		dBuf = make([]byte, 16*1024)
+		_, err = ts.Read(dBuf)
+		if err != nil {
+			t.Errorf("failed to read 16KB from %s: %s", layer.filename, err)
+			continue
+		}
+
+		// Read and discard remaining bytes
+		_, err = io.Copy(ioutil.Discard, ts)
+		if err != nil {
+			t.Errorf("failed to copy from %s: %s", layer.filename, err)
+			continue
+		}
+		var gotSum string
+		if len(layer.jsonfile) > 0 {
+			jfh, err := os.Open(layer.jsonfile)
+			if err != nil {
+				t.Errorf("failed to open %s: %s", layer.jsonfile, err)
+				continue
+			}
+			buf, err := ioutil.ReadAll(jfh)
+			if err != nil {
+				t.Errorf("failed to readAll %s: %s", layer.jsonfile, err)
+				continue
+			}
+			gotSum = ts.Sum(buf)
+		} else {
+			gotSum = ts.Sum(nil)
+		}
+
+		if layer.tarsum != gotSum {
+			t.Errorf("expecting [%s], but got [%s]", layer.tarsum, gotSum)
+		}
+		var expectedHashName string
+		if layer.hash != nil {
+			expectedHashName = layer.hash.Name()
+		} else {
+			expectedHashName = DefaultTHash.Name()
+		}
+		if expectedHashName != ts.Hash().Name() {
+			t.Errorf("expecting hash [%v], but got [%s]", expectedHashName, ts.Hash().Name())
+		}
+	}
+}
+
+func TestIteration(t *testing.T) {
+	headerTests := []struct {
+		expectedSum string // TODO(vbatts) it would be nice to get individual sums of each
+		version     Version
+		hdr         *tar.Header
+		data        []byte
+	}{
+		{
+			"tarsum+sha256:626c4a2e9a467d65c33ae81f7f3dedd4de8ccaee72af73223c4bc4718cbc7bbd",
+			Version0,
+			&tar.Header{
+				Name:     "file.txt",
+				Size:     0,
+				Typeflag: tar.TypeReg,
+				Devminor: 0,
+				Devmajor: 0,
+			},
+			[]byte(""),
+		},
+		{
+			"tarsum.dev+sha256:6ffd43a1573a9913325b4918e124ee982a99c0f3cba90fc032a65f5e20bdd465",
+			VersionDev,
+			&tar.Header{
+				Name:     "file.txt",
+				Size:     0,
+				Typeflag: tar.TypeReg,
+				Devminor: 0,
+				Devmajor: 0,
+			},
+			[]byte(""),
+		},
+		{
+			"tarsum.dev+sha256:b38166c059e11fb77bef30bf16fba7584446e80fcc156ff46d47e36c5305d8ef",
+			VersionDev,
+			&tar.Header{
+				Name:     "another.txt",
+				Uid:      1000,
+				Gid:      1000,
+				Uname:    "slartibartfast",
+				Gname:    "users",
+				Size:     4,
+				Typeflag: tar.TypeReg,
+				Devminor: 0,
+				Devmajor: 0,
+			},
+			[]byte("test"),
+		},
+		{
+			"tarsum.dev+sha256:4cc2e71ac5d31833ab2be9b4f7842a14ce595ec96a37af4ed08f87bc374228cd",
+			VersionDev,
+			&tar.Header{
+				Name:     "xattrs.txt",
+				Uid:      1000,
+				Gid:      1000,
+				Uname:    "slartibartfast",
+				Gname:    "users",
+				Size:     4,
+				Typeflag: tar.TypeReg,
+				Xattrs: map[string]string{
+					"user.key1": "value1",
+					"user.key2": "value2",
+				},
+			},
+			[]byte("test"),
+		},
+		{
+			"tarsum.dev+sha256:65f4284fa32c0d4112dd93c3637697805866415b570587e4fd266af241503760",
+			VersionDev,
+			&tar.Header{
+				Name:     "xattrs.txt",
+				Uid:      1000,
+				Gid:      1000,
+				Uname:    "slartibartfast",
+				Gname:    "users",
+				Size:     4,
+				Typeflag: tar.TypeReg,
+				Xattrs: map[string]string{
+					"user.KEY1": "value1", // adding different case to ensure different sum
+					"user.key2": "value2",
+				},
+			},
+			[]byte("test"),
+		},
+		{
+			"tarsum+sha256:c12bb6f1303a9ddbf4576c52da74973c00d14c109bcfa76b708d5da1154a07fa",
+			Version0,
+			&tar.Header{
+				Name:     "xattrs.txt",
+				Uid:      1000,
+				Gid:      1000,
+				Uname:    "slartibartfast",
+				Gname:    "users",
+				Size:     4,
+				Typeflag: tar.TypeReg,
+				Xattrs: map[string]string{
+					"user.NOT": "CALCULATED",
+				},
+			},
+			[]byte("test"),
+		},
+	}
+	for _, htest := range headerTests {
+		s, err := renderSumForHeader(htest.version, htest.hdr, htest.data)
+		if err != nil {
+			t.Fatal(err)
+		}
+
+		if s != htest.expectedSum {
+			t.Errorf("expected sum: %q, got: %q", htest.expectedSum, s)
+		}
+	}
+
+}
+
+func renderSumForHeader(v Version, h *tar.Header, data []byte) (string, error) {
+	buf := bytes.NewBuffer(nil)
+	// first build our test tar
+	tw := tar.NewWriter(buf)
+	if err := tw.WriteHeader(h); err != nil {
+		return "", err
+	}
+	if _, err := tw.Write(data); err != nil {
+		return "", err
+	}
+	tw.Close()
+
+	ts, err := NewTarSum(buf, true, v)
+	if err != nil {
+		return "", err
+	}
+	tr := tar.NewReader(ts)
+	for {
+		hdr, err := tr.Next()
+		if hdr == nil || err == io.EOF {
+			// Signals the end of the archive.
+			break
+		}
+		if err != nil {
+			return "", err
+		}
+		if _, err = io.Copy(ioutil.Discard, tr); err != nil {
+			return "", err
+		}
+	}
+	return ts.Sum(nil), nil
+}
+
+func Benchmark9kTar(b *testing.B) {
+	buf := bytes.NewBuffer([]byte{})
+	fh, err := os.Open("testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/layer.tar")
+	if err != nil {
+		b.Error(err)
+		return
+	}
+	n, err := io.Copy(buf, fh)
+	if err != nil {
+		b.Error(err)
+		return
+	}
+	fh.Close()
+
+	reader := bytes.NewReader(buf.Bytes())
+
+	b.SetBytes(n)
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		reader.Seek(0, 0)
+		ts, err := NewTarSum(reader, true, Version0)
+		if err != nil {
+			b.Error(err)
+			return
+		}
+		io.Copy(ioutil.Discard, ts)
+		ts.Sum(nil)
+	}
+}
+
+func Benchmark9kTarGzip(b *testing.B) {
+	buf := bytes.NewBuffer([]byte{})
+	fh, err := os.Open("testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/layer.tar")
+	if err != nil {
+		b.Error(err)
+		return
+	}
+	n, err := io.Copy(buf, fh)
+	if err != nil {
+		b.Error(err)
+		return
+	}
+	fh.Close()
+
+	reader := bytes.NewReader(buf.Bytes())
+
+	b.SetBytes(n)
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		reader.Seek(0, 0)
+		ts, err := NewTarSum(reader, false, Version0)
+		if err != nil {
+			b.Error(err)
+			return
+		}
+		io.Copy(ioutil.Discard, ts)
+		ts.Sum(nil)
+	}
+}
+
+// this is a single big file in the tar archive
+func Benchmark1mbSingleFileTar(b *testing.B) {
+	benchmarkTar(b, sizedOptions{1, 1024 * 1024, true, true}, false)
+}
+
+// this is a single big file in the tar archive
+func Benchmark1mbSingleFileTarGzip(b *testing.B) {
+	benchmarkTar(b, sizedOptions{1, 1024 * 1024, true, true}, true)
+}
+
+// this is 1024 1k files in the tar archive
+func Benchmark1kFilesTar(b *testing.B) {
+	benchmarkTar(b, sizedOptions{1024, 1024, true, true}, false)
+}
+
+// this is 1024 1k files in the tar archive
+func Benchmark1kFilesTarGzip(b *testing.B) {
+	benchmarkTar(b, sizedOptions{1024, 1024, true, true}, true)
+}
+
+func benchmarkTar(b *testing.B, opts sizedOptions, isGzip bool) {
+	var fh *os.File
+	tarReader := sizedTar(opts)
+	if br, ok := tarReader.(*os.File); ok {
+		fh = br
+	}
+	defer os.Remove(fh.Name())
+	defer fh.Close()
+
+	b.SetBytes(opts.size * opts.num)
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		ts, err := NewTarSum(fh, !isGzip, Version0)
+		if err != nil {
+			b.Error(err)
+			return
+		}
+		io.Copy(ioutil.Discard, ts)
+		ts.Sum(nil)
+		fh.Seek(0, 0)
+	}
+}
diff --git a/pkg/tarsum/testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/json b/pkg/tarsum/testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/json
new file mode 100644
index 00000000..48e2af34
--- /dev/null
+++ b/pkg/tarsum/testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/json
@@ -0,0 +1 @@
+{"id":"46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457","parent":"def3f9165934325dfd027c86530b2ea49bb57a0963eb1336b3a0415ff6fd56de","created":"2014-04-07T02:45:52.610504484Z","container":"e0f07f8d72cae171a3dcc35859960e7e956e0628bce6fedc4122bf55b2c287c7","container_config":{"Hostname":"88807319f25e","Domainname":"","User":"","Memory":0,"MemorySwap":0,"CpuShares":0,"AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"ExposedPorts":null,"Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":["HOME=/","PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/bin/sh","-c","sed -ri 's/^(%wheel.*)(ALL)$/\\1NOPASSWD: \\2/' /etc/sudoers"],"Image":"def3f9165934325dfd027c86530b2ea49bb57a0963eb1336b3a0415ff6fd56de","Volumes":null,"WorkingDir":"","Entrypoint":null,"NetworkDisabled":false,"OnBuild":[]},"docker_version":"0.9.1-dev","config":{"Hostname":"88807319f25e","Domainname":"","User":"","Memory":0,"MemorySwap":0,"CpuShares":0,"AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"ExposedPorts":null,"Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":["HOME=/","PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":null,"Image":"def3f9165934325dfd027c86530b2ea49bb57a0963eb1336b3a0415ff6fd56de","Volumes":null,"WorkingDir":"","Entrypoint":null,"NetworkDisabled":false,"OnBuild":[]},"architecture":"amd64","os":"linux","Size":3425}
\ No newline at end of file
diff --git a/pkg/tarsum/testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/layer.tar b/pkg/tarsum/testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/layer.tar
new file mode 100644
index 0000000000000000000000000000000000000000..dfd5c204aea77673f13fdd2f81cb4af1c155c00c
GIT binary patch
literal 9216
zcmeHMYfsx)8s=;H6|bl&iYAZ?p-5<1$(y*vYHk~c?XX{vu}|<Bd>fzRr1|&zyvK1!
zQq)nWWVPA}63Myvy*}^F5Qtg*V8=g=M!Ru&adFTnf40B*^q|=~Z#CM@#>M%EgGRH_
zXtfULV#j(J_Jz`34wZgZ*0ym!%kRHL9{_(p&BZRoHJYu)<>loz?$!PU{9Bjp<^i?p
zS)Tg!r=9Az$G@(0Ao6^75%A;qpMSV)ukcqQn%1X5y|oh!_xLmZX`y%GUBmQG;D6af
z{a@yPg@1D=8t(B&ZtcXgE2ck=f9pf*x&ANlU$J}L#UB59rsJ=#>(otde**vZ1?PXJ
z)y|dM<InY9CYzAG>h8z!Kfh=;zN!B|J)*y8)L$Hbq5c2K_rK=l{{8R8czxwV#$Odd
zDsuJ8oS)h8`+U3IsNVOszdy8F?XCC!X1jHMK)Xr!XT8koFP{Hz-;!IxPhJ$Ib48h#
zYv~t}ms6n-7Nk?ki-cxgF4IDhpT@D51d2R$2x=V)%F|Svhif#KI>gHaB|@O7JU(A%
zo>KEP56(cuboN&-&LROexgfmf&txD1^0c9NNVQI5N~dNwm64!nnnQFH317=JF`{vu
zi^$WUtCWHQq4Y!Yy@W{<dJq(dNIaUSSTR`hY#}RB8VT-?d0J$O^&|eBgi?_a9V14V
z5iDX^Y@*TYcqTb@jw|VBhfH^q;%O_Ao)SjOPlheq5_^6q6QR!NE-kQIz-}=WIqL*1
zC<JBV#qi1dOyr@LDIBvCneALgf$!z;J9|PTTEcHZ8hbKPCxjzsL|zc&LP0L!Pz#Tp
zZS=V}`Vjwobb7XHkN;(lUAm^JYS!@4`u4fL<@BDPQ?br!#Gfr=<Sim&-N;EOU;v;@
zjx|ix@O&bC=;Gyz8X|=ju$Vz%J9F`9!mD&R8~0ucsF4G5cDSlhuWOBJG;rJ+p+cR&
z9(cUM<CK15M3~h(!-Jh>oRoV29sUd<=@!~sJ;!ok8>_qYfz|Ch12+9P6$8i`#qvqS
zhsLT-8QL!zwhRx(aXaYF&PwD5LL<VTfEYw};v`s#9N3dD!|`Wl@Cjn;>Om%T#Ds>)
z<wj2ZG?~gr?D;MOgX$^>{YV0A><g8f>qPL*aFLnz9*n<Mw>fyl@!I3_Ss=Y=MKNEA
zG8|$lPj#9`#(W1sgCgK@f)P?2A)0uPB8Gf6TLITOAl@|29e$jAvBox=W-QCrr59N%
zK<cgOvnb$fK<<isCJ`Z9+z^>g$7Xy=69F7QR_X7D_-i2hs*J)6%&RIBr9LDPPP_-?
z-X`DPuwzY(j+Gk=rWL_Msf<o@Sh`8$PKIOalOZy`ng&umRf?#M9aj_)RCl~XMSEba
z*(GsW7zBA;n2izIE$b5Nk93cvQe|OV51p>vvp-prW$3W(MwPPgEZO^EI!{*XIAuLp
zlpj9k85vO{{2kR4hD{4c;~{+QmhNVfq;xeepJc>QQ@QJfEkdQVBbPJuiA~nsv9l~O
zrN&UpxC9i`6;rQ>v?7%WUrr@(gXOs4JE=IN=}4(?RS=2GEd9-ogTEiuP>Fqyb6;vM
ziV-Q;Z|ZT?Vz^rPk?`^}6a`cC_=9V1=*>jc&y0jq{h|=m&BK+Jpv}ea1?sKVi^Gj`
zk<9K<afSZo^ht;eK}<)TVQ+|1+jZPg&$^?Vp*tB^eVc9^cj7w#w#gZcZYSdoeeT*_
zXG}f!z9cz%nddLpbi}opMs5?oE&At#$++4XzC8<Nrq{W*y4^9b<z;7bH?qIOjvpEJ
zdYm9wI$e7(aXvao7-u-(lfG@aw`04H^K$FD$P4%T9Q#9*J!^c&6s2PLzU|v%r^81h
zYh=UN&iw=tKDxof-)A>*;4?gK^?Jl6-g0L4kQcX>OZUHi{>Odi#u~f!gnqSdCpW{f
zGr2q31WO6O$i;nz9#NH-D^8Rv6Xcv%<q8WE*8}lYb8AOC<spYVtr;DzmNN!o5YrJi
zH6D-VA!e7VL=p<9Y1(EOsro*>XFkhmyBsZ;8k2<zQC9=3^jx5I#>ftd;fPtN1v+`G
zPRv~5E)wm1y}~(Py<rXB^sUZ~GqA5a!+zfybkXk2B|0)yM+DPNQRkV%<UnfrWSW^-
zisuGM#}pzpi(%dt4};}kx19gHWKj(|7}}D>9Gw<jmuJ5>K;`;9K2C_2#(Rc=qFBTa
z>?ZUNHvSmq9G9)M%0u+CW!J=jv1~Cl<Gp3=UvEQRhM~x`Cj8Her<-?RNE{T`^xS4^
zRCOh+mK_DFvYyxIxv17?RRS?{m>z-avUIImk%<&=a9uI;2EY~~stiCKTsh|Oow<5;
z$eY1%WV!B_?iFikc)C2TV46YQucl=WfmM#jY|<aIc-gsSK$aQ;G}CE}vx=l#GXe~*
zAMmJ!sf@v6i6td#cwLoiv@EK}iLRT6(FsiBDcjfD#k!Zau-;Nfg$4f4FkcRGWmvDt
z=Jp-&1iaK>_4sK>Njf)j#u#Y{x@V_A!c2<g&{$u4i#-d<G<!=XKJjL&K(7&qNHxy@
kg?Z-W@U2Yzs6gDyoHpqXx84x<+r0<&9@u-}|I!2h0b4xwV*mgE

literal 0
HcmV?d00001

diff --git a/pkg/tarsum/testdata/511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158/json b/pkg/tarsum/testdata/511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158/json
new file mode 100644
index 00000000..af57be01
--- /dev/null
+++ b/pkg/tarsum/testdata/511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158/json
@@ -0,0 +1 @@
+{"id":"511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158","comment":"Imported from -","created":"2013-06-13T14:03:50.821769-07:00","container_config":{"Hostname":"","Domainname":"","User":"","Memory":0,"MemorySwap":0,"CpuShares":0,"AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"ExposedPorts":null,"Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":null,"Cmd":null,"Image":"","Volumes":null,"WorkingDir":"","Entrypoint":null,"NetworkDisabled":false,"OnBuild":null},"docker_version":"0.4.0","architecture":"x86_64","Size":0}
\ No newline at end of file
diff --git a/pkg/tarsum/testdata/511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158/layer.tar b/pkg/tarsum/testdata/511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158/layer.tar
new file mode 100644
index 0000000000000000000000000000000000000000..880b3f2c56a3e5e42a7db3b7cc020f95c15104a6
GIT binary patch
literal 1536
zcmdPXXP`MSFfcJNH#KE2fB<wFB+6iDWN2z;Vr*z;3{q!qVra~uU`lhB0WBykE=eo`
aT1ly0=$@n0yixt5Aut*Oqai@!5C8x-dJkIw

literal 0
HcmV?d00001

diff --git a/pkg/tarsum/testdata/collision/collision-0.tar b/pkg/tarsum/testdata/collision/collision-0.tar
new file mode 100644
index 0000000000000000000000000000000000000000..1c636b3bc7647b67e25e8258a8b08f577ee7ffd4
GIT binary patch
literal 10240
zcmeIxF$zL441nRxo}x!c``UT|2RBD?tYATKdaa({s_<}mI29`VSyBj1!&j28w~KTR
zZ4tefmh3j@cYc*xM6u4Rv)=pYM6I245~H2xdbhuqnr36<aZa_C^%sBD*KZD8$!V@-
zGxUfI*HIu3w*Mj6&;C31zvH(rt@nrH?!^8t9vl!r009ILKmY**5I_I{1Q0*~0R#|0
Y009ILKmY**5I_I{1Q0*~fqxTt0#kD-)Bpeg

literal 0
HcmV?d00001

diff --git a/pkg/tarsum/testdata/collision/collision-1.tar b/pkg/tarsum/testdata/collision/collision-1.tar
new file mode 100644
index 0000000000000000000000000000000000000000..b411be9785765b4dd9a4131e409bbfa6c1830ee4
GIT binary patch
literal 10240
zcmeIxF$zL441nRxo}x!c``UT|2RBD?tYATKdaa({s_<}mI29`VSyBj1!&j28w~KTR
zZ4tefmh3j@cYc*xM6u4Rv)+ebMXjCGiP6q;z1!bQO|vobIHy|6`isBn>o<q4><`D?
zX*2YQ4A)U054Qh4y3hVk?0?5^Us~rh*TViU9vl!r009ILKmY**5I_I{1Q0*~0R#|0
Y009ILKmY**5I_I{1Q0*~fqxTt0{2EK)Bpeg

literal 0
HcmV?d00001

diff --git a/pkg/tarsum/testdata/collision/collision-2.tar b/pkg/tarsum/testdata/collision/collision-2.tar
new file mode 100644
index 0000000000000000000000000000000000000000..7b5c04a9644808851fcccab5c3c240bf342abd93
GIT binary patch
literal 10240
zcmeIuF%E+;425COJw=XS2L~?Dp<74P5hRe1I+e8NZ(w35>V(Abzr};)<mnry=O711
zOKNv1!<wYqxvWZRvFIAjJtY%0t29c`gL|#dzvtY&LXc12<vj2I_;0^|dFsvW-d-P<
zQ&*%M0tg_000IagfB*srAb<b@2q1s}0tg_000IagfB*srAb<b@2q1s}0tg_0zz=~h
D#i|sa

literal 0
HcmV?d00001

diff --git a/pkg/tarsum/testdata/collision/collision-3.tar b/pkg/tarsum/testdata/collision/collision-3.tar
new file mode 100644
index 0000000000000000000000000000000000000000..f8c64586d2dcc4d38a87df60e86658d38ff39c92
GIT binary patch
literal 10240
zcmeIuF%E+;425COJw=XS2NTW{q#_|Pk-+&$J9PkcLSp#e;=ywA^iA{fmYbt3$z9s8
zq1WH}S+yjw=o-!4QxrApw3DDW_xe7+m73QOWFK>_<@(2e`|Ha`Z>GG~@_KYd${~ON
w0tg_000IagfB*srAb<b@2q1s}0tg_000IagfB*srAb<b@2q1s}0tlQ495R;`HUIzs

literal 0
HcmV?d00001

diff --git a/pkg/tarsum/testdata/xattr/json b/pkg/tarsum/testdata/xattr/json
new file mode 100644
index 00000000..288441a9
--- /dev/null
+++ b/pkg/tarsum/testdata/xattr/json
@@ -0,0 +1 @@
+{"id":"4439c3c7f847954100b42b267e7e5529cac1d6934db082f65795c5ca2e594d93","parent":"73b164f4437db87e96e90083c73a6592f549646ae2ec00ed33c6b9b49a5c4470","created":"2014-05-16T17:19:44.091534414Z","container":"5f92fb06cc58f357f0cde41394e2bbbb664e663974b2ac1693ab07b7a306749b","container_config":{"Hostname":"9565c6517a0e","Domainname":"","User":"","Memory":0,"MemorySwap":0,"CpuShares":0,"Cpuset":"","AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"ExposedPorts":null,"Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":["HOME=/","PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/bin/sh","-c","setcap 'cap_setgid,cap_setuid+ep' ./file \u0026\u0026 getcap ./file"],"Image":"73b164f4437db87e96e90083c73a6592f549646ae2ec00ed33c6b9b49a5c4470","Volumes":null,"WorkingDir":"","Entrypoint":null,"NetworkDisabled":false,"OnBuild":[]},"docker_version":"0.11.1-dev","config":{"Hostname":"9565c6517a0e","Domainname":"","User":"","Memory":0,"MemorySwap":0,"CpuShares":0,"Cpuset":"","AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"ExposedPorts":null,"Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":["HOME=/","PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":null,"Image":"73b164f4437db87e96e90083c73a6592f549646ae2ec00ed33c6b9b49a5c4470","Volumes":null,"WorkingDir":"","Entrypoint":null,"NetworkDisabled":false,"OnBuild":[]},"architecture":"amd64","os":"linux","Size":0}
\ No newline at end of file
diff --git a/pkg/tarsum/testdata/xattr/layer.tar b/pkg/tarsum/testdata/xattr/layer.tar
new file mode 100644
index 0000000000000000000000000000000000000000..819351d42f41430bf402b3c672b571e3eaf8b095
GIT binary patch
literal 2560
zcmWGYtnf%pOi3*&)-yCRu(Z@q%gjk-pe`_g00tbifq}UpgQ1bJv8joPiJ_SpgMp!u
zxuGe8LIri5f!(yy;*!K7pwqC+5-*DGIpTE=s7h0Fg<xk7PoGG=io}wVBE90&<kF(d
zl1jbg#Dc`6%p4%omXU#h=>VE5xzPBd+@To)G|2840byWhU|?oqf;;~Mb02E{2kHRk
de~R-YhD)#rjPU%AB}7JrMnhmU1V%^*0091(G-Ch&

literal 0
HcmV?d00001

diff --git a/pkg/tarsum/versioning.go b/pkg/tarsum/versioning.go
new file mode 100644
index 00000000..28822868
--- /dev/null
+++ b/pkg/tarsum/versioning.go
@@ -0,0 +1,150 @@
+package tarsum
+
+import (
+	"archive/tar"
+	"errors"
+	"sort"
+	"strconv"
+	"strings"
+)
+
+// Version is used for versioning of the TarSum algorithm
+// based on the prefix of the hash used
+// i.e. "tarsum+sha256:e58fcf7418d4390dec8e8fb69d88c06ec07039d651fedd3aa72af9972e7d046b"
+type Version int
+
+// Prefix of "tarsum"
+const (
+	Version0 Version = iota
+	Version1
+	// VersionDev this constant will be either the latest or an unsettled next-version of the TarSum calculation
+	VersionDev
+)
+
+// VersionLabelForChecksum returns the label for the given tarsum
+// checksum, i.e., everything before the first `+` character in
+// the string or an empty string if no label separator is found.
+func VersionLabelForChecksum(checksum string) string {
+	// Checksums are in the form: {versionLabel}+{hashID}:{hex}
+	sepIndex := strings.Index(checksum, "+")
+	if sepIndex < 0 {
+		return ""
+	}
+	return checksum[:sepIndex]
+}
+
+// GetVersions gets a list of all known tarsum versions.
+func GetVersions() []Version {
+	v := []Version{}
+	for k := range tarSumVersions {
+		v = append(v, k)
+	}
+	return v
+}
+
+var (
+	tarSumVersions = map[Version]string{
+		Version0:   "tarsum",
+		Version1:   "tarsum.v1",
+		VersionDev: "tarsum.dev",
+	}
+	tarSumVersionsByName = map[string]Version{
+		"tarsum":     Version0,
+		"tarsum.v1":  Version1,
+		"tarsum.dev": VersionDev,
+	}
+)
+
+func (tsv Version) String() string {
+	return tarSumVersions[tsv]
+}
+
+// GetVersionFromTarsum returns the Version from the provided string.
+func GetVersionFromTarsum(tarsum string) (Version, error) {
+	tsv := tarsum
+	if strings.Contains(tarsum, "+") {
+		tsv = strings.SplitN(tarsum, "+", 2)[0]
+	}
+	for v, s := range tarSumVersions {
+		if s == tsv {
+			return v, nil
+		}
+	}
+	return -1, ErrNotVersion
+}
+
+// Errors that may be returned by functions in this package
+var (
+	ErrNotVersion            = errors.New("string does not include a TarSum Version")
+	ErrVersionNotImplemented = errors.New("TarSum Version is not yet implemented")
+)
+
+// tarHeaderSelector is the interface which different versions
+// of tarsum should use for selecting and ordering tar headers
+// for each item in the archive.
+type tarHeaderSelector interface {
+	selectHeaders(h *tar.Header) (orderedHeaders [][2]string)
+}
+
+type tarHeaderSelectFunc func(h *tar.Header) (orderedHeaders [][2]string)
+
+func (f tarHeaderSelectFunc) selectHeaders(h *tar.Header) (orderedHeaders [][2]string) {
+	return f(h)
+}
+
+func v0TarHeaderSelect(h *tar.Header) (orderedHeaders [][2]string) {
+	return [][2]string{
+		{"name", h.Name},
+		{"mode", strconv.FormatInt(h.Mode, 10)},
+		{"uid", strconv.Itoa(h.Uid)},
+		{"gid", strconv.Itoa(h.Gid)},
+		{"size", strconv.FormatInt(h.Size, 10)},
+		{"mtime", strconv.FormatInt(h.ModTime.UTC().Unix(), 10)},
+		{"typeflag", string([]byte{h.Typeflag})},
+		{"linkname", h.Linkname},
+		{"uname", h.Uname},
+		{"gname", h.Gname},
+		{"devmajor", strconv.FormatInt(h.Devmajor, 10)},
+		{"devminor", strconv.FormatInt(h.Devminor, 10)},
+	}
+}
+
+func v1TarHeaderSelect(h *tar.Header) (orderedHeaders [][2]string) {
+	// Get extended attributes.
+	xAttrKeys := make([]string, len(h.Xattrs))
+	for k := range h.Xattrs {
+		xAttrKeys = append(xAttrKeys, k)
+	}
+	sort.Strings(xAttrKeys)
+
+	// Make the slice with enough capacity to hold the 11 basic headers
+	// we want from the v0 selector plus however many xattrs we have.
+	orderedHeaders = make([][2]string, 0, 11+len(xAttrKeys))
+
+	// Copy all headers from v0 excluding the 'mtime' header (the 5th element).
+	v0headers := v0TarHeaderSelect(h)
+	orderedHeaders = append(orderedHeaders, v0headers[0:5]...)
+	orderedHeaders = append(orderedHeaders, v0headers[6:]...)
+
+	// Finally, append the sorted xattrs.
+	for _, k := range xAttrKeys {
+		orderedHeaders = append(orderedHeaders, [2]string{k, h.Xattrs[k]})
+	}
+
+	return
+}
+
+var registeredHeaderSelectors = map[Version]tarHeaderSelectFunc{
+	Version0:   v0TarHeaderSelect,
+	Version1:   v1TarHeaderSelect,
+	VersionDev: v1TarHeaderSelect,
+}
+
+func getTarHeaderSelector(v Version) (tarHeaderSelector, error) {
+	headerSelector, ok := registeredHeaderSelectors[v]
+	if !ok {
+		return nil, ErrVersionNotImplemented
+	}
+
+	return headerSelector, nil
+}
diff --git a/pkg/tarsum/versioning_test.go b/pkg/tarsum/versioning_test.go
new file mode 100644
index 00000000..88e0a578
--- /dev/null
+++ b/pkg/tarsum/versioning_test.go
@@ -0,0 +1,98 @@
+package tarsum
+
+import (
+	"testing"
+)
+
+func TestVersionLabelForChecksum(t *testing.T) {
+	version := VersionLabelForChecksum("tarsum+sha256:deadbeef")
+	if version != "tarsum" {
+		t.Fatalf("Version should have been 'tarsum', was %v", version)
+	}
+	version = VersionLabelForChecksum("tarsum.v1+sha256:deadbeef")
+	if version != "tarsum.v1" {
+		t.Fatalf("Version should have been 'tarsum.v1', was %v", version)
+	}
+	version = VersionLabelForChecksum("something+somethingelse")
+	if version != "something" {
+		t.Fatalf("Version should have been 'something', was %v", version)
+	}
+	version = VersionLabelForChecksum("invalidChecksum")
+	if version != "" {
+		t.Fatalf("Version should have been empty, was %v", version)
+	}
+}
+
+func TestVersion(t *testing.T) {
+	expected := "tarsum"
+	var v Version
+	if v.String() != expected {
+		t.Errorf("expected %q, got %q", expected, v.String())
+	}
+
+	expected = "tarsum.v1"
+	v = 1
+	if v.String() != expected {
+		t.Errorf("expected %q, got %q", expected, v.String())
+	}
+
+	expected = "tarsum.dev"
+	v = 2
+	if v.String() != expected {
+		t.Errorf("expected %q, got %q", expected, v.String())
+	}
+}
+
+func TestGetVersion(t *testing.T) {
+	testSet := []struct {
+		Str      string
+		Expected Version
+	}{
+		{"tarsum+sha256:e58fcf7418d4390dec8e8fb69d88c06ec07039d651fedd3aa72af9972e7d046b", Version0},
+		{"tarsum+sha256", Version0},
+		{"tarsum", Version0},
+		{"tarsum.dev", VersionDev},
+		{"tarsum.dev+sha256:deadbeef", VersionDev},
+	}
+
+	for _, ts := range testSet {
+		v, err := GetVersionFromTarsum(ts.Str)
+		if err != nil {
+			t.Fatalf("%q : %s", err, ts.Str)
+		}
+		if v != ts.Expected {
+			t.Errorf("expected %d (%q), got %d (%q)", ts.Expected, ts.Expected, v, v)
+		}
+	}
+
+	// test one that does not exist, to ensure it errors
+	str := "weak+md5:abcdeabcde"
+	_, err := GetVersionFromTarsum(str)
+	if err != ErrNotVersion {
+		t.Fatalf("%q : %s", err, str)
+	}
+}
+
+func TestGetVersions(t *testing.T) {
+	expected := []Version{
+		Version0,
+		Version1,
+		VersionDev,
+	}
+	versions := GetVersions()
+	if len(versions) != len(expected) {
+		t.Fatalf("Expected %v versions, got %v", len(expected), len(versions))
+	}
+	if !containsVersion(versions, expected[0]) || !containsVersion(versions, expected[1]) || !containsVersion(versions, expected[2]) {
+		t.Fatalf("Expected [%v], got [%v]", expected, versions)
+	}
+}
+
+func containsVersion(versions []Version, version Version) bool {
+	for _, v := range versions {
+		if v == version {
+			return true
+		}
+	}
+	return false
+}
diff --git a/pkg/tarsum/writercloser.go b/pkg/tarsum/writercloser.go
new file mode 100644
index 00000000..9727ecde
--- /dev/null
+++ b/pkg/tarsum/writercloser.go
@@ -0,0 +1,22 @@
+package tarsum
+
+import (
+	"io"
+)
+
+type writeCloseFlusher interface {
+	io.WriteCloser
+	Flush() error
+}
+
+type nopCloseFlusher struct {
+	io.Writer
+}
+
+func (n *nopCloseFlusher) Close() error {
+	return nil
+}
+
+func (n *nopCloseFlusher) Flush() error {
+	return nil
+}
diff --git a/pkg/term/ascii.go b/pkg/term/ascii.go
new file mode 100644
index 00000000..f5262bcc
--- /dev/null
+++ b/pkg/term/ascii.go
@@ -0,0 +1,66 @@
+package term
+
+import (
+	"fmt"
+	"strings"
+)
+
+// ASCII list the possible supported ASCII key sequence
+var ASCII = []string{
+	"ctrl-@",
+	"ctrl-a",
+	"ctrl-b",
+	"ctrl-c",
+	"ctrl-d",
+	"ctrl-e",
+	"ctrl-f",
+	"ctrl-g",
+	"ctrl-h",
+	"ctrl-i",
+	"ctrl-j",
+	"ctrl-k",
+	"ctrl-l",
+	"ctrl-m",
+	"ctrl-n",
+	"ctrl-o",
+	"ctrl-p",
+	"ctrl-q",
+	"ctrl-r",
+	"ctrl-s",
+	"ctrl-t",
+	"ctrl-u",
+	"ctrl-v",
+	"ctrl-w",
+	"ctrl-x",
+	"ctrl-y",
+	"ctrl-z",
+	"ctrl-[",
+	"ctrl-\\",
+	"ctrl-]",
+	"ctrl-^",
+	"ctrl-_",
+}
+
+// ToBytes converts a string representing a suite of key-sequence to the corresponding ASCII code.
+func ToBytes(keys string) ([]byte, error) {
+	codes := []byte{}
+next:
+	for _, key := range strings.Split(keys, ",") {
+		if len(key) != 1 {
+			for code, ctrl := range ASCII {
+				if ctrl == key {
+					codes = append(codes, byte(code))
+					continue next
+				}
+			}
+			if key == "DEL" {
+				codes = append(codes, 127)
+			} else {
+				return nil, fmt.Errorf("Unknown character: '%s'", key)
+			}
+		} else {
+			codes = append(codes, byte(key[0]))
+		}
+	}
+	return codes, nil
+}
diff --git a/pkg/term/ascii_test.go b/pkg/term/ascii_test.go
new file mode 100644
index 00000000..4a1e7f30
--- /dev/null
+++ b/pkg/term/ascii_test.go
@@ -0,0 +1,43 @@
+package term
+
+import "testing"
+
+func TestToBytes(t *testing.T) {
+	codes, err := ToBytes("ctrl-a,a")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(codes) != 2 {
+		t.Fatalf("Expected 2 codes, got %d", len(codes))
+	}
+	if codes[0] != 1 || codes[1] != 97 {
+		t.Fatalf("Expected '1' '97', got '%d' '%d'", codes[0], codes[1])
+	}
+
+	codes, err = ToBytes("shift-z")
+	if err == nil {
+		t.Fatalf("Expected error, got none")
+	}
+
+	codes, err = ToBytes("ctrl-@,ctrl-[,~,ctrl-o")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(codes) != 4 {
+		t.Fatalf("Expected 4 codes, got %d", len(codes))
+	}
+	if codes[0] != 0 || codes[1] != 27 || codes[2] != 126 || codes[3] != 15 {
+		t.Fatalf("Expected '0' '27' '126', '15', got '%d' '%d' '%d' '%d'", codes[0], codes[1], codes[2], codes[3])
+	}
+
+	codes, err = ToBytes("DEL,+")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(codes) != 2 {
+		t.Fatalf("Expected 2 codes, got %d", len(codes))
+	}
+	if codes[0] != 127 || codes[1] != 43 {
+		t.Fatalf("Expected '127 '43'', got '%d' '%d'", codes[0], codes[1])
+	}
+}
diff --git a/pkg/term/tc_linux_cgo.go b/pkg/term/tc_linux_cgo.go
new file mode 100644
index 00000000..a22cd9d1
--- /dev/null
+++ b/pkg/term/tc_linux_cgo.go
@@ -0,0 +1,50 @@
+// +build linux,cgo
+
+package term
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+// #include <termios.h>
+import "C"
+
+// Termios is the Unix API for terminal I/O.
+// It is passthgrouh for syscall.Termios in order to make it portable with
+// other platforms where it is not available or handled differently.
+type Termios syscall.Termios
+
+// MakeRaw put the terminal connected to the given file descriptor into raw
+// mode and returns the previous state of the terminal so that it can be
+// restored.
+func MakeRaw(fd uintptr) (*State, error) {
+	var oldState State
+	if err := tcget(fd, &oldState.termios); err != 0 {
+		return nil, err
+	}
+
+	newState := oldState.termios
+
+	C.cfmakeraw((*C.struct_termios)(unsafe.Pointer(&newState)))
+	if err := tcset(fd, &newState); err != 0 {
+		return nil, err
+	}
+	return &oldState, nil
+}
+
+func tcget(fd uintptr, p *Termios) syscall.Errno {
+	ret, err := C.tcgetattr(C.int(fd), (*C.struct_termios)(unsafe.Pointer(p)))
+	if ret != 0 {
+		return err.(syscall.Errno)
+	}
+	return 0
+}
+
+func tcset(fd uintptr, p *Termios) syscall.Errno {
+	ret, err := C.tcsetattr(C.int(fd), C.TCSANOW, (*C.struct_termios)(unsafe.Pointer(p)))
+	if ret != 0 {
+		return err.(syscall.Errno)
+	}
+	return 0
+}
diff --git a/pkg/term/tc_other.go b/pkg/term/tc_other.go
new file mode 100644
index 00000000..266039ba
--- /dev/null
+++ b/pkg/term/tc_other.go
@@ -0,0 +1,19 @@
+// +build !windows
+// +build !linux !cgo
+
+package term
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+func tcget(fd uintptr, p *Termios) syscall.Errno {
+	_, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, uintptr(getTermios), uintptr(unsafe.Pointer(p)))
+	return err
+}
+
+func tcset(fd uintptr, p *Termios) syscall.Errno {
+	_, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, setTermios, uintptr(unsafe.Pointer(p)))
+	return err
+}
diff --git a/pkg/term/term.go b/pkg/term/term.go
new file mode 100644
index 00000000..11ed2093
--- /dev/null
+++ b/pkg/term/term.go
@@ -0,0 +1,131 @@
+// +build !windows
+
+// Package term provides provides structures and helper functions to work with
+// terminal (state, sizes).
+package term
+
+import (
+	"errors"
+	"io"
+	"os"
+	"os/signal"
+	"syscall"
+	"unsafe"
+)
+
+var (
+	// ErrInvalidState is returned if the state of the terminal is invalid.
+	ErrInvalidState = errors.New("Invalid terminal state")
+)
+
+// State represents the state of the terminal.
+type State struct {
+	termios Termios
+}
+
+// Winsize represents the size of the terminal window.
+type Winsize struct {
+	Height uint16
+	Width  uint16
+	x      uint16
+	y      uint16
+}
+
+// StdStreams returns the standard streams (stdin, stdout, stedrr).
+func StdStreams() (stdIn io.ReadCloser, stdOut, stdErr io.Writer) {
+	return os.Stdin, os.Stdout, os.Stderr
+}
+
+// GetFdInfo returns the file descriptor for an os.File and indicates whether the file represents a terminal.
+func GetFdInfo(in interface{}) (uintptr, bool) {
+	var inFd uintptr
+	var isTerminalIn bool
+	if file, ok := in.(*os.File); ok {
+		inFd = file.Fd()
+		isTerminalIn = IsTerminal(inFd)
+	}
+	return inFd, isTerminalIn
+}
+
+// GetWinsize returns the window size based on the specified file descriptor.
+func GetWinsize(fd uintptr) (*Winsize, error) {
+	ws := &Winsize{}
+	_, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, uintptr(syscall.TIOCGWINSZ), uintptr(unsafe.Pointer(ws)))
+	// Skip errno = 0
+	if err == 0 {
+		return ws, nil
+	}
+	return ws, err
+}
+
+// SetWinsize tries to set the specified window size for the specified file descriptor.
+func SetWinsize(fd uintptr, ws *Winsize) error {
+	_, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, uintptr(syscall.TIOCSWINSZ), uintptr(unsafe.Pointer(ws)))
+	// Skip errno = 0
+	if err == 0 {
+		return nil
+	}
+	return err
+}
+
+// IsTerminal returns true if the given file descriptor is a terminal.
+func IsTerminal(fd uintptr) bool {
+	var termios Termios
+	return tcget(fd, &termios) == 0
+}
+
+// RestoreTerminal restores the terminal connected to the given file descriptor
+// to a previous state.
+func RestoreTerminal(fd uintptr, state *State) error {
+	if state == nil {
+		return ErrInvalidState
+	}
+	if err := tcset(fd, &state.termios); err != 0 {
+		return err
+	}
+	return nil
+}
+
+// SaveState saves the state of the terminal connected to the given file descriptor.
+func SaveState(fd uintptr) (*State, error) {
+	var oldState State
+	if err := tcget(fd, &oldState.termios); err != 0 {
+		return nil, err
+	}
+
+	return &oldState, nil
+}
+
+// DisableEcho applies the specified state to the terminal connected to the file
+// descriptor, with echo disabled.
+func DisableEcho(fd uintptr, state *State) error {
+	newState := state.termios
+	newState.Lflag &^= syscall.ECHO
+
+	if err := tcset(fd, &newState); err != 0 {
+		return err
+	}
+	handleInterrupt(fd, state)
+	return nil
+}
+
+// SetRawTerminal puts the terminal connected to the given file descriptor into
+// raw mode and returns the previous state.
+func SetRawTerminal(fd uintptr) (*State, error) {
+	oldState, err := MakeRaw(fd)
+	if err != nil {
+		return nil, err
+	}
+	handleInterrupt(fd, oldState)
+	return oldState, err
+}
+
+func handleInterrupt(fd uintptr, state *State) {
+	sigchan := make(chan os.Signal, 1)
+	signal.Notify(sigchan, os.Interrupt)
+
+	go func() {
+		_ = <-sigchan
+		RestoreTerminal(fd, state)
+	}()
+}
diff --git a/pkg/term/term_windows.go b/pkg/term/term_windows.go
new file mode 100644
index 00000000..3101c80c
--- /dev/null
+++ b/pkg/term/term_windows.go
@@ -0,0 +1,305 @@
+// +build windows
+
+package term
+
+import (
+	"io"
+	"os"
+	"os/signal"
+	"syscall"
+
+	"github.com/Azure/go-ansiterm/winterm"
+	"github.com/docker/docker/pkg/system"
+	"github.com/docker/docker/pkg/term/windows"
+)
+
+// State holds the console mode for the terminal.
+type State struct {
+	inMode, outMode     uint32
+	inHandle, outHandle syscall.Handle
+}
+
+// Winsize is used for window size.
+type Winsize struct {
+	Height uint16
+	Width  uint16
+	x      uint16
+	y      uint16
+}
+
+const (
+	// https://msdn.microsoft.com/en-us/library/windows/desktop/ms683167(v=vs.85).aspx
+	enableVirtualTerminalInput      = 0x0200
+	enableVirtualTerminalProcessing = 0x0004
+)
+
+// usingNativeConsole is true if we are using the Windows native console
+var usingNativeConsole bool
+
+// StdStreams returns the standard streams (stdin, stdout, stedrr).
+func StdStreams() (stdIn io.ReadCloser, stdOut, stdErr io.Writer) {
+	switch {
+	case os.Getenv("ConEmuANSI") == "ON":
+		// The ConEmu terminal emulates ANSI on output streams well.
+		return windows.ConEmuStreams()
+	case os.Getenv("MSYSTEM") != "":
+		// MSYS (mingw) does not emulate ANSI well.
+		return windows.ConsoleStreams()
+	default:
+		if useNativeConsole() {
+			usingNativeConsole = true
+			return os.Stdin, os.Stdout, os.Stderr
+		}
+		return windows.ConsoleStreams()
+	}
+}
+
+// useNativeConsole determines if the docker client should use the built-in
+// console which supports ANSI emulation, or fall-back to the golang emulator
+// (github.com/azure/go-ansiterm).
+func useNativeConsole() bool {
+	osv, err := system.GetOSVersion()
+	if err != nil {
+		return false
+	}
+
+	// Native console is not available before major version 10
+	if osv.MajorVersion < 10 {
+		return false
+	}
+
+	// Must have a late pre-release TP4 build of Windows Server 2016/Windows 10 TH2 or later
+	if osv.Build < 10578 {
+		return false
+	}
+
+	// Get the console modes. If this fails, we can't use the native console
+	state, err := getNativeConsole()
+	if err != nil {
+		return false
+	}
+
+	// Probe the console to see if it can be enabled.
+	if nil != probeNativeConsole(state) {
+		return false
+	}
+
+	// Environment variable override
+	if e := os.Getenv("USE_NATIVE_CONSOLE"); e != "" {
+		if e == "1" {
+			return true
+		}
+		return false
+	}
+
+	// TODO Windows. The native emulator still has issues which
+	// mean it shouldn't be enabled for everyone. Change this next line to true
+	// to change the default to "enable if available". In the meantime, users
+	// can still try it out by using USE_NATIVE_CONSOLE env variable.
+	return false
+}
+
+// getNativeConsole returns the console modes ('state') for the native Windows console
+func getNativeConsole() (State, error) {
+	var (
+		err   error
+		state State
+	)
+
+	// Get the handle to stdout
+	if state.outHandle, err = syscall.GetStdHandle(syscall.STD_OUTPUT_HANDLE); err != nil {
+		return state, err
+	}
+
+	// Get the console mode from the consoles stdout handle
+	if err = syscall.GetConsoleMode(state.outHandle, &state.outMode); err != nil {
+		return state, err
+	}
+
+	// Get the handle to stdin
+	if state.inHandle, err = syscall.GetStdHandle(syscall.STD_INPUT_HANDLE); err != nil {
+		return state, err
+	}
+
+	// Get the console mode from the consoles stdin handle
+	if err = syscall.GetConsoleMode(state.inHandle, &state.inMode); err != nil {
+		return state, err
+	}
+
+	return state, nil
+}
+
+// probeNativeConsole probes the console to determine if native can be supported,
+func probeNativeConsole(state State) error {
+	if err := winterm.SetConsoleMode(uintptr(state.outHandle), state.outMode|enableVirtualTerminalProcessing); err != nil {
+		return err
+	}
+	defer winterm.SetConsoleMode(uintptr(state.outHandle), state.outMode)
+
+	if err := winterm.SetConsoleMode(uintptr(state.inHandle), state.inMode|enableVirtualTerminalInput); err != nil {
+		return err
+	}
+	defer winterm.SetConsoleMode(uintptr(state.inHandle), state.inMode)
+
+	return nil
+}
+
+// enableNativeConsole turns on native console mode
+func enableNativeConsole(state State) error {
+	if err := winterm.SetConsoleMode(uintptr(state.outHandle), state.outMode|enableVirtualTerminalProcessing); err != nil {
+		return err
+	}
+
+	if err := winterm.SetConsoleMode(uintptr(state.inHandle), state.inMode|enableVirtualTerminalInput); err != nil {
+		winterm.SetConsoleMode(uintptr(state.outHandle), state.outMode) // restore out if we can
+		return err
+	}
+
+	return nil
+}
+
+// disableNativeConsole turns off native console mode
+func disableNativeConsole(state *State) error {
+	// Try and restore both in an out before error checking.
+	errout := winterm.SetConsoleMode(uintptr(state.outHandle), state.outMode)
+	errin := winterm.SetConsoleMode(uintptr(state.inHandle), state.inMode)
+	if errout != nil {
+		return errout
+	}
+	if errin != nil {
+		return errin
+	}
+	return nil
+}
+
+// GetFdInfo returns the file descriptor for an os.File and indicates whether the file represents a terminal.
+func GetFdInfo(in interface{}) (uintptr, bool) {
+	return windows.GetHandleInfo(in)
+}
+
+// GetWinsize returns the window size based on the specified file descriptor.
+func GetWinsize(fd uintptr) (*Winsize, error) {
+	info, err := winterm.GetConsoleScreenBufferInfo(fd)
+	if err != nil {
+		return nil, err
+	}
+
+	winsize := &Winsize{
+		Width:  uint16(info.Window.Right - info.Window.Left + 1),
+		Height: uint16(info.Window.Bottom - info.Window.Top + 1),
+		x:      0,
+		y:      0}
+
+	return winsize, nil
+}
+
+// IsTerminal returns true if the given file descriptor is a terminal.
+func IsTerminal(fd uintptr) bool {
+	return windows.IsConsole(fd)
+}
+
+// RestoreTerminal restores the terminal connected to the given file descriptor
+// to a previous state.
+func RestoreTerminal(fd uintptr, state *State) error {
+	if usingNativeConsole {
+		return disableNativeConsole(state)
+	}
+	return winterm.SetConsoleMode(fd, state.outMode)
+}
+
+// SaveState saves the state of the terminal connected to the given file descriptor.
+func SaveState(fd uintptr) (*State, error) {
+	if usingNativeConsole {
+		state, err := getNativeConsole()
+		if err != nil {
+			return nil, err
+		}
+		return &state, nil
+	}
+
+	mode, e := winterm.GetConsoleMode(fd)
+	if e != nil {
+		return nil, e
+	}
+
+	return &State{outMode: mode}, nil
+}
+
+// DisableEcho disables echo for the terminal connected to the given file descriptor.
+// -- See https://msdn.microsoft.com/en-us/library/windows/desktop/ms683462(v=vs.85).aspx
+func DisableEcho(fd uintptr, state *State) error {
+	mode := state.inMode
+	mode &^= winterm.ENABLE_ECHO_INPUT
+	mode |= winterm.ENABLE_PROCESSED_INPUT | winterm.ENABLE_LINE_INPUT
+	err := winterm.SetConsoleMode(fd, mode)
+	if err != nil {
+		return err
+	}
+
+	// Register an interrupt handler to catch and restore prior state
+	restoreAtInterrupt(fd, state)
+	return nil
+}
+
+// SetRawTerminal puts the terminal connected to the given file descriptor into raw
+// mode and returns the previous state.
+func SetRawTerminal(fd uintptr) (*State, error) {
+	state, err := MakeRaw(fd)
+	if err != nil {
+		return nil, err
+	}
+
+	// Register an interrupt handler to catch and restore prior state
+	restoreAtInterrupt(fd, state)
+	return state, err
+}
+
+// MakeRaw puts the terminal (Windows Console) connected to the given file descriptor into raw
+// mode and returns the previous state of the terminal so that it can be restored.
+func MakeRaw(fd uintptr) (*State, error) {
+	state, err := SaveState(fd)
+	if err != nil {
+		return nil, err
+	}
+
+	mode := state.inMode
+	if usingNativeConsole {
+		if err := enableNativeConsole(*state); err != nil {
+			return nil, err
+		}
+		mode |= enableVirtualTerminalInput
+	}
+
+	// See
+	// -- https://msdn.microsoft.com/en-us/library/windows/desktop/ms686033(v=vs.85).aspx
+	// -- https://msdn.microsoft.com/en-us/library/windows/desktop/ms683462(v=vs.85).aspx
+
+	// Disable these modes
+	mode &^= winterm.ENABLE_ECHO_INPUT
+	mode &^= winterm.ENABLE_LINE_INPUT
+	mode &^= winterm.ENABLE_MOUSE_INPUT
+	mode &^= winterm.ENABLE_WINDOW_INPUT
+	mode &^= winterm.ENABLE_PROCESSED_INPUT
+
+	// Enable these modes
+	mode |= winterm.ENABLE_EXTENDED_FLAGS
+	mode |= winterm.ENABLE_INSERT_MODE
+	mode |= winterm.ENABLE_QUICK_EDIT_MODE
+
+	err = winterm.SetConsoleMode(fd, mode)
+	if err != nil {
+		return nil, err
+	}
+	return state, nil
+}
+
+func restoreAtInterrupt(fd uintptr, state *State) {
+	sigchan := make(chan os.Signal, 1)
+	signal.Notify(sigchan, os.Interrupt)
+
+	go func() {
+		_ = <-sigchan
+		RestoreTerminal(fd, state)
+		os.Exit(0)
+	}()
+}
diff --git a/pkg/term/termios_darwin.go b/pkg/term/termios_darwin.go
new file mode 100644
index 00000000..480db900
--- /dev/null
+++ b/pkg/term/termios_darwin.go
@@ -0,0 +1,69 @@
+package term
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+const (
+	getTermios = syscall.TIOCGETA
+	setTermios = syscall.TIOCSETA
+)
+
+// Termios magic numbers, passthrough to the ones defined in syscall.
+const (
+	IGNBRK = syscall.IGNBRK
+	PARMRK = syscall.PARMRK
+	INLCR  = syscall.INLCR
+	IGNCR  = syscall.IGNCR
+	ECHONL = syscall.ECHONL
+	CSIZE  = syscall.CSIZE
+	ICRNL  = syscall.ICRNL
+	ISTRIP = syscall.ISTRIP
+	PARENB = syscall.PARENB
+	ECHO   = syscall.ECHO
+	ICANON = syscall.ICANON
+	ISIG   = syscall.ISIG
+	IXON   = syscall.IXON
+	BRKINT = syscall.BRKINT
+	INPCK  = syscall.INPCK
+	OPOST  = syscall.OPOST
+	CS8    = syscall.CS8
+	IEXTEN = syscall.IEXTEN
+)
+
+// Termios is the Unix API for terminal I/O.
+type Termios struct {
+	Iflag  uint64
+	Oflag  uint64
+	Cflag  uint64
+	Lflag  uint64
+	Cc     [20]byte
+	Ispeed uint64
+	Ospeed uint64
+}
+
+// MakeRaw put the terminal connected to the given file descriptor into raw
+// mode and returns the previous state of the terminal so that it can be
+// restored.
+func MakeRaw(fd uintptr) (*State, error) {
+	var oldState State
+	if _, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, uintptr(getTermios), uintptr(unsafe.Pointer(&oldState.termios))); err != 0 {
+		return nil, err
+	}
+
+	newState := oldState.termios
+	newState.Iflag &^= (IGNBRK | BRKINT | PARMRK | ISTRIP | INLCR | IGNCR | ICRNL | IXON)
+	newState.Oflag &^= OPOST
+	newState.Lflag &^= (ECHO | ECHONL | ICANON | ISIG | IEXTEN)
+	newState.Cflag &^= (CSIZE | PARENB)
+	newState.Cflag |= CS8
+	newState.Cc[syscall.VMIN] = 1
+	newState.Cc[syscall.VTIME] = 0
+
+	if _, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, uintptr(setTermios), uintptr(unsafe.Pointer(&newState))); err != 0 {
+		return nil, err
+	}
+
+	return &oldState, nil
+}
diff --git a/pkg/term/termios_freebsd.go b/pkg/term/termios_freebsd.go
new file mode 100644
index 00000000..ed843ad6
--- /dev/null
+++ b/pkg/term/termios_freebsd.go
@@ -0,0 +1,69 @@
+package term
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+const (
+	getTermios = syscall.TIOCGETA
+	setTermios = syscall.TIOCSETA
+)
+
+// Termios magic numbers, passthrough to the ones defined in syscall.
+const (
+	IGNBRK = syscall.IGNBRK
+	PARMRK = syscall.PARMRK
+	INLCR  = syscall.INLCR
+	IGNCR  = syscall.IGNCR
+	ECHONL = syscall.ECHONL
+	CSIZE  = syscall.CSIZE
+	ICRNL  = syscall.ICRNL
+	ISTRIP = syscall.ISTRIP
+	PARENB = syscall.PARENB
+	ECHO   = syscall.ECHO
+	ICANON = syscall.ICANON
+	ISIG   = syscall.ISIG
+	IXON   = syscall.IXON
+	BRKINT = syscall.BRKINT
+	INPCK  = syscall.INPCK
+	OPOST  = syscall.OPOST
+	CS8    = syscall.CS8
+	IEXTEN = syscall.IEXTEN
+)
+
+// Termios is the Unix API for terminal I/O.
+type Termios struct {
+	Iflag  uint32
+	Oflag  uint32
+	Cflag  uint32
+	Lflag  uint32
+	Cc     [20]byte
+	Ispeed uint32
+	Ospeed uint32
+}
+
+// MakeRaw put the terminal connected to the given file descriptor into raw
+// mode and returns the previous state of the terminal so that it can be
+// restored.
+func MakeRaw(fd uintptr) (*State, error) {
+	var oldState State
+	if _, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, uintptr(getTermios), uintptr(unsafe.Pointer(&oldState.termios))); err != 0 {
+		return nil, err
+	}
+
+	newState := oldState.termios
+	newState.Iflag &^= (IGNBRK | BRKINT | PARMRK | ISTRIP | INLCR | IGNCR | ICRNL | IXON)
+	newState.Oflag &^= OPOST
+	newState.Lflag &^= (ECHO | ECHONL | ICANON | ISIG | IEXTEN)
+	newState.Cflag &^= (CSIZE | PARENB)
+	newState.Cflag |= CS8
+	newState.Cc[syscall.VMIN] = 1
+	newState.Cc[syscall.VTIME] = 0
+
+	if _, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, uintptr(setTermios), uintptr(unsafe.Pointer(&newState))); err != 0 {
+		return nil, err
+	}
+
+	return &oldState, nil
+}
diff --git a/pkg/term/termios_linux.go b/pkg/term/termios_linux.go
new file mode 100644
index 00000000..22921b6a
--- /dev/null
+++ b/pkg/term/termios_linux.go
@@ -0,0 +1,47 @@
+// +build !cgo
+
+package term
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+const (
+	getTermios = syscall.TCGETS
+	setTermios = syscall.TCSETS
+)
+
+// Termios is the Unix API for terminal I/O.
+type Termios struct {
+	Iflag  uint32
+	Oflag  uint32
+	Cflag  uint32
+	Lflag  uint32
+	Cc     [20]byte
+	Ispeed uint32
+	Ospeed uint32
+}
+
+// MakeRaw put the terminal connected to the given file descriptor into raw
+// mode and returns the previous state of the terminal so that it can be
+// restored.
+func MakeRaw(fd uintptr) (*State, error) {
+	var oldState State
+	if _, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, getTermios, uintptr(unsafe.Pointer(&oldState.termios))); err != 0 {
+		return nil, err
+	}
+
+	newState := oldState.termios
+
+	newState.Iflag &^= (syscall.IGNBRK | syscall.BRKINT | syscall.PARMRK | syscall.ISTRIP | syscall.INLCR | syscall.IGNCR | syscall.ICRNL | syscall.IXON)
+	newState.Oflag &^= syscall.OPOST
+	newState.Lflag &^= (syscall.ECHO | syscall.ECHONL | syscall.ICANON | syscall.ISIG | syscall.IEXTEN)
+	newState.Cflag &^= (syscall.CSIZE | syscall.PARENB)
+	newState.Cflag |= syscall.CS8
+
+	if _, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, setTermios, uintptr(unsafe.Pointer(&newState))); err != 0 {
+		return nil, err
+	}
+	return &oldState, nil
+}
diff --git a/pkg/term/termios_openbsd.go b/pkg/term/termios_openbsd.go
new file mode 100644
index 00000000..ed843ad6
--- /dev/null
+++ b/pkg/term/termios_openbsd.go
@@ -0,0 +1,69 @@
+package term
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+const (
+	getTermios = syscall.TIOCGETA
+	setTermios = syscall.TIOCSETA
+)
+
+// Termios magic numbers, passthrough to the ones defined in syscall.
+const (
+	IGNBRK = syscall.IGNBRK
+	PARMRK = syscall.PARMRK
+	INLCR  = syscall.INLCR
+	IGNCR  = syscall.IGNCR
+	ECHONL = syscall.ECHONL
+	CSIZE  = syscall.CSIZE
+	ICRNL  = syscall.ICRNL
+	ISTRIP = syscall.ISTRIP
+	PARENB = syscall.PARENB
+	ECHO   = syscall.ECHO
+	ICANON = syscall.ICANON
+	ISIG   = syscall.ISIG
+	IXON   = syscall.IXON
+	BRKINT = syscall.BRKINT
+	INPCK  = syscall.INPCK
+	OPOST  = syscall.OPOST
+	CS8    = syscall.CS8
+	IEXTEN = syscall.IEXTEN
+)
+
+// Termios is the Unix API for terminal I/O.
+type Termios struct {
+	Iflag  uint32
+	Oflag  uint32
+	Cflag  uint32
+	Lflag  uint32
+	Cc     [20]byte
+	Ispeed uint32
+	Ospeed uint32
+}
+
+// MakeRaw put the terminal connected to the given file descriptor into raw
+// mode and returns the previous state of the terminal so that it can be
+// restored.
+func MakeRaw(fd uintptr) (*State, error) {
+	var oldState State
+	if _, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, uintptr(getTermios), uintptr(unsafe.Pointer(&oldState.termios))); err != 0 {
+		return nil, err
+	}
+
+	newState := oldState.termios
+	newState.Iflag &^= (IGNBRK | BRKINT | PARMRK | ISTRIP | INLCR | IGNCR | ICRNL | IXON)
+	newState.Oflag &^= OPOST
+	newState.Lflag &^= (ECHO | ECHONL | ICANON | ISIG | IEXTEN)
+	newState.Cflag &^= (CSIZE | PARENB)
+	newState.Cflag |= CS8
+	newState.Cc[syscall.VMIN] = 1
+	newState.Cc[syscall.VTIME] = 0
+
+	if _, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, uintptr(setTermios), uintptr(unsafe.Pointer(&newState))); err != 0 {
+		return nil, err
+	}
+
+	return &oldState, nil
+}
diff --git a/pkg/term/windows/ansi_reader.go b/pkg/term/windows/ansi_reader.go
new file mode 100644
index 00000000..3bf2b2b6
--- /dev/null
+++ b/pkg/term/windows/ansi_reader.go
@@ -0,0 +1,257 @@
+// +build windows
+
+package windows
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"os"
+	"strings"
+	"unsafe"
+
+	ansiterm "github.com/Azure/go-ansiterm"
+	"github.com/Azure/go-ansiterm/winterm"
+)
+
+const (
+	escapeSequence = ansiterm.KEY_ESC_CSI
+)
+
+// ansiReader wraps a standard input file (e.g., os.Stdin) providing ANSI sequence translation.
+type ansiReader struct {
+	file     *os.File
+	fd       uintptr
+	buffer   []byte
+	cbBuffer int
+	command  []byte
+}
+
+func newAnsiReader(nFile int) *ansiReader {
+	file, fd := winterm.GetStdFile(nFile)
+	return &ansiReader{
+		file:    file,
+		fd:      fd,
+		command: make([]byte, 0, ansiterm.ANSI_MAX_CMD_LENGTH),
+		buffer:  make([]byte, 0),
+	}
+}
+
+// Close closes the wrapped file.
+func (ar *ansiReader) Close() (err error) {
+	return ar.file.Close()
+}
+
+// Fd returns the file descriptor of the wrapped file.
+func (ar *ansiReader) Fd() uintptr {
+	return ar.fd
+}
+
+// Read reads up to len(p) bytes of translated input events into p.
+func (ar *ansiReader) Read(p []byte) (int, error) {
+	if len(p) == 0 {
+		return 0, nil
+	}
+
+	// Previously read bytes exist, read as much as we can and return
+	if len(ar.buffer) > 0 {
+		logger.Debugf("Reading previously cached bytes")
+
+		originalLength := len(ar.buffer)
+		copiedLength := copy(p, ar.buffer)
+
+		if copiedLength == originalLength {
+			ar.buffer = make([]byte, 0, len(p))
+		} else {
+			ar.buffer = ar.buffer[copiedLength:]
+		}
+
+		logger.Debugf("Read from cache p[%d]: % x", copiedLength, p)
+		return copiedLength, nil
+	}
+
+	// Read and translate key events
+	events, err := readInputEvents(ar.fd, len(p))
+	if err != nil {
+		return 0, err
+	} else if len(events) == 0 {
+		logger.Debug("No input events detected")
+		return 0, nil
+	}
+
+	keyBytes := translateKeyEvents(events, []byte(escapeSequence))
+
+	// Save excess bytes and right-size keyBytes
+	if len(keyBytes) > len(p) {
+		logger.Debugf("Received %d keyBytes, only room for %d bytes", len(keyBytes), len(p))
+		ar.buffer = keyBytes[len(p):]
+		keyBytes = keyBytes[:len(p)]
+	} else if len(keyBytes) == 0 {
+		logger.Debug("No key bytes returned from the translator")
+		return 0, nil
+	}
+
+	copiedLength := copy(p, keyBytes)
+	if copiedLength != len(keyBytes) {
+		return 0, errors.New("Unexpected copy length encountered.")
+	}
+
+	logger.Debugf("Read        p[%d]: % x", copiedLength, p)
+	logger.Debugf("Read keyBytes[%d]: % x", copiedLength, keyBytes)
+	return copiedLength, nil
+}
+
+// readInputEvents polls until at least one event is available.
+func readInputEvents(fd uintptr, maxBytes int) ([]winterm.INPUT_RECORD, error) {
+	// Determine the maximum number of records to retrieve
+	// -- Cast around the type system to obtain the size of a single INPUT_RECORD.
+	//    unsafe.Sizeof requires an expression vs. a type-reference; the casting
+	//    tricks the type system into believing it has such an expression.
+	recordSize := int(unsafe.Sizeof(*((*winterm.INPUT_RECORD)(unsafe.Pointer(&maxBytes)))))
+	countRecords := maxBytes / recordSize
+	if countRecords > ansiterm.MAX_INPUT_EVENTS {
+		countRecords = ansiterm.MAX_INPUT_EVENTS
+	}
+	logger.Debugf("[windows] readInputEvents: Reading %v records (buffer size %v, record size %v)", countRecords, maxBytes, recordSize)
+
+	// Wait for and read input events
+	events := make([]winterm.INPUT_RECORD, countRecords)
+	nEvents := uint32(0)
+	eventsExist, err := winterm.WaitForSingleObject(fd, winterm.WAIT_INFINITE)
+	if err != nil {
+		return nil, err
+	}
+
+	if eventsExist {
+		err = winterm.ReadConsoleInput(fd, events, &nEvents)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	// Return a slice restricted to the number of returned records
+	logger.Debugf("[windows] readInputEvents: Read %v events", nEvents)
+	return events[:nEvents], nil
+}
+
+// KeyEvent Translation Helpers
+
+var arrowKeyMapPrefix = map[winterm.WORD]string{
+	winterm.VK_UP:    "%s%sA",
+	winterm.VK_DOWN:  "%s%sB",
+	winterm.VK_RIGHT: "%s%sC",
+	winterm.VK_LEFT:  "%s%sD",
+}
+
+var keyMapPrefix = map[winterm.WORD]string{
+	winterm.VK_UP:     "\x1B[%sA",
+	winterm.VK_DOWN:   "\x1B[%sB",
+	winterm.VK_RIGHT:  "\x1B[%sC",
+	winterm.VK_LEFT:   "\x1B[%sD",
+	winterm.VK_HOME:   "\x1B[1%s~", // showkey shows ^[[1
+	winterm.VK_END:    "\x1B[4%s~", // showkey shows ^[[4
+	winterm.VK_INSERT: "\x1B[2%s~",
+	winterm.VK_DELETE: "\x1B[3%s~",
+	winterm.VK_PRIOR:  "\x1B[5%s~",
+	winterm.VK_NEXT:   "\x1B[6%s~",
+	winterm.VK_F1:     "",
+	winterm.VK_F2:     "",
+	winterm.VK_F3:     "\x1B[13%s~",
+	winterm.VK_F4:     "\x1B[14%s~",
+	winterm.VK_F5:     "\x1B[15%s~",
+	winterm.VK_F6:     "\x1B[17%s~",
+	winterm.VK_F7:     "\x1B[18%s~",
+	winterm.VK_F8:     "\x1B[19%s~",
+	winterm.VK_F9:     "\x1B[20%s~",
+	winterm.VK_F10:    "\x1B[21%s~",
+	winterm.VK_F11:    "\x1B[23%s~",
+	winterm.VK_F12:    "\x1B[24%s~",
+}
+
+// translateKeyEvents converts the input events into the appropriate ANSI string.
+func translateKeyEvents(events []winterm.INPUT_RECORD, escapeSequence []byte) []byte {
+	var buffer bytes.Buffer
+	for _, event := range events {
+		if event.EventType == winterm.KEY_EVENT && event.KeyEvent.KeyDown != 0 {
+			buffer.WriteString(keyToString(&event.KeyEvent, escapeSequence))
+		}
+	}
+
+	return buffer.Bytes()
+}
+
+// keyToString maps the given input event record to the corresponding string.
+func keyToString(keyEvent *winterm.KEY_EVENT_RECORD, escapeSequence []byte) string {
+	if keyEvent.UnicodeChar == 0 {
+		return formatVirtualKey(keyEvent.VirtualKeyCode, keyEvent.ControlKeyState, escapeSequence)
+	}
+
+	_, alt, control := getControlKeys(keyEvent.ControlKeyState)
+	if control {
+		// TODO(azlinux): Implement following control sequences
+		// <Ctrl>-D  Signals the end of input from the keyboard; also exits current shell.
+		// <Ctrl>-H  Deletes the first character to the left of the cursor. Also called the ERASE key.
+		// <Ctrl>-Q  Restarts printing after it has been stopped with <Ctrl>-s.
+		// <Ctrl>-S  Suspends printing on the screen (does not stop the program).
+		// <Ctrl>-U  Deletes all characters on the current line. Also called the KILL key.
+		// <Ctrl>-E  Quits current command and creates a core
+
+	}
+
+	// <Alt>+Key generates ESC N Key
+	if !control && alt {
+		return ansiterm.KEY_ESC_N + strings.ToLower(string(keyEvent.UnicodeChar))
+	}
+
+	return string(keyEvent.UnicodeChar)
+}
+
+// formatVirtualKey converts a virtual key (e.g., up arrow) into the appropriate ANSI string.
+func formatVirtualKey(key winterm.WORD, controlState winterm.DWORD, escapeSequence []byte) string {
+	shift, alt, control := getControlKeys(controlState)
+	modifier := getControlKeysModifier(shift, alt, control)
+
+	if format, ok := arrowKeyMapPrefix[key]; ok {
+		return fmt.Sprintf(format, escapeSequence, modifier)
+	}
+
+	if format, ok := keyMapPrefix[key]; ok {
+		return fmt.Sprintf(format, modifier)
+	}
+
+	return ""
+}
+
+// getControlKeys extracts the shift, alt, and ctrl key states.
+func getControlKeys(controlState winterm.DWORD) (shift, alt, control bool) {
+	shift = 0 != (controlState & winterm.SHIFT_PRESSED)
+	alt = 0 != (controlState & (winterm.LEFT_ALT_PRESSED | winterm.RIGHT_ALT_PRESSED))
+	control = 0 != (controlState & (winterm.LEFT_CTRL_PRESSED | winterm.RIGHT_CTRL_PRESSED))
+	return shift, alt, control
+}
+
+// getControlKeysModifier returns the ANSI modifier for the given combination of control keys.
+func getControlKeysModifier(shift, alt, control bool) string {
+	if shift && alt && control {
+		return ansiterm.KEY_CONTROL_PARAM_8
+	}
+	if alt && control {
+		return ansiterm.KEY_CONTROL_PARAM_7
+	}
+	if shift && control {
+		return ansiterm.KEY_CONTROL_PARAM_6
+	}
+	if control {
+		return ansiterm.KEY_CONTROL_PARAM_5
+	}
+	if shift && alt {
+		return ansiterm.KEY_CONTROL_PARAM_4
+	}
+	if alt {
+		return ansiterm.KEY_CONTROL_PARAM_3
+	}
+	if shift {
+		return ansiterm.KEY_CONTROL_PARAM_2
+	}
+	return ""
+}
diff --git a/pkg/term/windows/ansi_writer.go b/pkg/term/windows/ansi_writer.go
new file mode 100644
index 00000000..9f3232c0
--- /dev/null
+++ b/pkg/term/windows/ansi_writer.go
@@ -0,0 +1,76 @@
+// +build windows
+
+package windows
+
+import (
+	"io/ioutil"
+	"os"
+
+	ansiterm "github.com/Azure/go-ansiterm"
+	"github.com/Azure/go-ansiterm/winterm"
+	"github.com/Sirupsen/logrus"
+)
+
+var logger *logrus.Logger
+
+// ansiWriter wraps a standard output file (e.g., os.Stdout) providing ANSI sequence translation.
+type ansiWriter struct {
+	file           *os.File
+	fd             uintptr
+	infoReset      *winterm.CONSOLE_SCREEN_BUFFER_INFO
+	command        []byte
+	escapeSequence []byte
+	inAnsiSequence bool
+	parser         *ansiterm.AnsiParser
+}
+
+func newAnsiWriter(nFile int) *ansiWriter {
+	logFile := ioutil.Discard
+
+	if isDebugEnv := os.Getenv(ansiterm.LogEnv); isDebugEnv == "1" {
+		logFile, _ = os.Create("ansiReaderWriter.log")
+	}
+
+	logger = &logrus.Logger{
+		Out:       logFile,
+		Formatter: new(logrus.TextFormatter),
+		Level:     logrus.DebugLevel,
+	}
+
+	file, fd := winterm.GetStdFile(nFile)
+	info, err := winterm.GetConsoleScreenBufferInfo(fd)
+	if err != nil {
+		return nil
+	}
+
+	parser := ansiterm.CreateParser("Ground", winterm.CreateWinEventHandler(fd, file))
+	logger.Infof("newAnsiWriter: parser %p", parser)
+
+	aw := &ansiWriter{
+		file:           file,
+		fd:             fd,
+		infoReset:      info,
+		command:        make([]byte, 0, ansiterm.ANSI_MAX_CMD_LENGTH),
+		escapeSequence: []byte(ansiterm.KEY_ESC_CSI),
+		parser:         parser,
+	}
+
+	logger.Infof("newAnsiWriter: aw.parser %p", aw.parser)
+	logger.Infof("newAnsiWriter: %v", aw)
+	return aw
+}
+
+func (aw *ansiWriter) Fd() uintptr {
+	return aw.fd
+}
+
+// Write writes len(p) bytes from p to the underlying data stream.
+func (aw *ansiWriter) Write(p []byte) (total int, err error) {
+	if len(p) == 0 {
+		return 0, nil
+	}
+
+	logger.Infof("Write: % x", p)
+	logger.Infof("Write: %s", string(p))
+	return aw.parser.Parse(p)
+}
diff --git a/pkg/term/windows/console.go b/pkg/term/windows/console.go
new file mode 100644
index 00000000..3036a046
--- /dev/null
+++ b/pkg/term/windows/console.go
@@ -0,0 +1,97 @@
+// +build windows
+
+package windows
+
+import (
+	"io"
+	"os"
+	"syscall"
+
+	"github.com/Azure/go-ansiterm/winterm"
+
+	ansiterm "github.com/Azure/go-ansiterm"
+	"github.com/Sirupsen/logrus"
+	"io/ioutil"
+)
+
+// ConEmuStreams returns prepared versions of console streams,
+// for proper use in ConEmu terminal.
+// The ConEmu terminal emulates ANSI on output streams well by default.
+func ConEmuStreams() (stdIn io.ReadCloser, stdOut, stdErr io.Writer) {
+	if IsConsole(os.Stdin.Fd()) {
+		stdIn = newAnsiReader(syscall.STD_INPUT_HANDLE)
+	} else {
+		stdIn = os.Stdin
+	}
+
+	stdOut = os.Stdout
+	stdErr = os.Stderr
+
+	// WARNING (BEGIN): sourced from newAnsiWriter
+
+	logFile := ioutil.Discard
+
+	if isDebugEnv := os.Getenv(ansiterm.LogEnv); isDebugEnv == "1" {
+		logFile, _ = os.Create("ansiReaderWriter.log")
+	}
+
+	logger = &logrus.Logger{
+		Out:       logFile,
+		Formatter: new(logrus.TextFormatter),
+		Level:     logrus.DebugLevel,
+	}
+
+	// WARNING (END): sourced from newAnsiWriter
+
+	return stdIn, stdOut, stdErr
+}
+
+// ConsoleStreams returns a wrapped version for each standard stream referencing a console,
+// that handles ANSI character sequences.
+func ConsoleStreams() (stdIn io.ReadCloser, stdOut, stdErr io.Writer) {
+	if IsConsole(os.Stdin.Fd()) {
+		stdIn = newAnsiReader(syscall.STD_INPUT_HANDLE)
+	} else {
+		stdIn = os.Stdin
+	}
+
+	if IsConsole(os.Stdout.Fd()) {
+		stdOut = newAnsiWriter(syscall.STD_OUTPUT_HANDLE)
+	} else {
+		stdOut = os.Stdout
+	}
+
+	if IsConsole(os.Stderr.Fd()) {
+		stdErr = newAnsiWriter(syscall.STD_ERROR_HANDLE)
+	} else {
+		stdErr = os.Stderr
+	}
+
+	return stdIn, stdOut, stdErr
+}
+
+// GetHandleInfo returns file descriptor and bool indicating whether the file is a console.
+func GetHandleInfo(in interface{}) (uintptr, bool) {
+	switch t := in.(type) {
+	case *ansiReader:
+		return t.Fd(), true
+	case *ansiWriter:
+		return t.Fd(), true
+	}
+
+	var inFd uintptr
+	var isTerminal bool
+
+	if file, ok := in.(*os.File); ok {
+		inFd = file.Fd()
+		isTerminal = IsConsole(inFd)
+	}
+	return inFd, isTerminal
+}
+
+// IsConsole returns true if the given file descriptor is a Windows Console.
+// The code assumes that GetConsoleMode will return an error for file descriptors that are not a console.
+func IsConsole(fd uintptr) bool {
+	_, e := winterm.GetConsoleMode(fd)
+	return e == nil
+}
diff --git a/pkg/term/windows/windows.go b/pkg/term/windows/windows.go
new file mode 100644
index 00000000..bf4c7b50
--- /dev/null
+++ b/pkg/term/windows/windows.go
@@ -0,0 +1,5 @@
+// These files implement ANSI-aware input and output streams for use by the Docker Windows client.
+// When asked for the set of standard streams (e.g., stdin, stdout, stderr), the code will create
+// and return pseudo-streams that convert ANSI sequences to / from Windows Console API calls.
+
+package windows
diff --git a/pkg/term/windows/windows_test.go b/pkg/term/windows/windows_test.go
new file mode 100644
index 00000000..52aeab54
--- /dev/null
+++ b/pkg/term/windows/windows_test.go
@@ -0,0 +1,3 @@
+// This file is necessary to pass the Docker tests.
+
+package windows
diff --git a/pkg/tlsconfig/config.go b/pkg/tlsconfig/config.go
new file mode 100644
index 00000000..e3dfad1f
--- /dev/null
+++ b/pkg/tlsconfig/config.go
@@ -0,0 +1,133 @@
+// Package tlsconfig provides primitives to retrieve secure-enough TLS configurations for both clients and servers.
+//
+// As a reminder from https://golang.org/pkg/crypto/tls/#Config:
+//	A Config structure is used to configure a TLS client or server. After one has been passed to a TLS function it must not be modified.
+//	A Config may be reused; the tls package will also not modify it.
+package tlsconfig
+
+import (
+	"crypto/tls"
+	"crypto/x509"
+	"fmt"
+	"io/ioutil"
+	"os"
+
+	"github.com/Sirupsen/logrus"
+)
+
+// Options represents the information needed to create client and server TLS configurations.
+type Options struct {
+	CAFile string
+
+	// If either CertFile or KeyFile is empty, Client() will not load them
+	// preventing the client from authenticating to the server.
+	// However, Server() requires them and will error out if they are empty.
+	CertFile string
+	KeyFile  string
+
+	// client-only option
+	InsecureSkipVerify bool
+	// server-only option
+	ClientAuth tls.ClientAuthType
+}
+
+// Extra (server-side) accepted CBC cipher suites - will phase out in the future
+var acceptedCBCCiphers = []uint16{
+	tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+	tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+	tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+	tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+	tls.TLS_RSA_WITH_AES_256_CBC_SHA,
+	tls.TLS_RSA_WITH_AES_128_CBC_SHA,
+}
+
+// Client TLS cipher suites (dropping CBC ciphers for client preferred suite set)
+var clientCipherSuites = []uint16{
+	tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+	tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+}
+
+// DefaultServerAcceptedCiphers should be uses by code which already has a crypto/tls
+// options struct but wants to use a commonly accepted set of TLS cipher suites, with
+// known weak algorithms removed.
+var DefaultServerAcceptedCiphers = append(clientCipherSuites, acceptedCBCCiphers...)
+
+// ServerDefault is a secure-enough TLS configuration for the server TLS configuration.
+var ServerDefault = tls.Config{
+	// Avoid fallback to SSL protocols < TLS1.0
+	MinVersion:               tls.VersionTLS10,
+	PreferServerCipherSuites: true,
+	CipherSuites:             DefaultServerAcceptedCiphers,
+}
+
+// ClientDefault is a secure-enough TLS configuration for the client TLS configuration.
+var ClientDefault = tls.Config{
+	// Prefer TLS1.2 as the client minimum
+	MinVersion:   tls.VersionTLS12,
+	CipherSuites: clientCipherSuites,
+}
+
+// certPool returns an X.509 certificate pool from `caFile`, the certificate file.
+func certPool(caFile string) (*x509.CertPool, error) {
+	// If we should verify the server, we need to load a trusted ca
+	certPool := x509.NewCertPool()
+	pem, err := ioutil.ReadFile(caFile)
+	if err != nil {
+		return nil, fmt.Errorf("Could not read CA certificate %q: %v", caFile, err)
+	}
+	if !certPool.AppendCertsFromPEM(pem) {
+		return nil, fmt.Errorf("failed to append certificates from PEM file: %q", caFile)
+	}
+	s := certPool.Subjects()
+	subjects := make([]string, len(s))
+	for i, subject := range s {
+		subjects[i] = string(subject)
+	}
+	logrus.Debugf("Trusting certs with subjects: %v", subjects)
+	return certPool, nil
+}
+
+// Client returns a TLS configuration meant to be used by a client.
+func Client(options Options) (*tls.Config, error) {
+	tlsConfig := ClientDefault
+	tlsConfig.InsecureSkipVerify = options.InsecureSkipVerify
+	if !options.InsecureSkipVerify {
+		CAs, err := certPool(options.CAFile)
+		if err != nil {
+			return nil, err
+		}
+		tlsConfig.RootCAs = CAs
+	}
+
+	if options.CertFile != "" && options.KeyFile != "" {
+		tlsCert, err := tls.LoadX509KeyPair(options.CertFile, options.KeyFile)
+		if err != nil {
+			return nil, fmt.Errorf("Could not load X509 key pair: %v. Make sure the key is not encrypted", err)
+		}
+		tlsConfig.Certificates = []tls.Certificate{tlsCert}
+	}
+
+	return &tlsConfig, nil
+}
+
+// Server returns a TLS configuration meant to be used by a server.
+func Server(options Options) (*tls.Config, error) {
+	tlsConfig := ServerDefault
+	tlsConfig.ClientAuth = options.ClientAuth
+	tlsCert, err := tls.LoadX509KeyPair(options.CertFile, options.KeyFile)
+	if err != nil {
+		if os.IsNotExist(err) {
+			return nil, fmt.Errorf("Could not load X509 key pair (cert: %q, key: %q): %v", options.CertFile, options.KeyFile, err)
+		}
+		return nil, fmt.Errorf("Error reading X509 key pair (cert: %q, key: %q): %v. Make sure the key is not encrypted.", options.CertFile, options.KeyFile, err)
+	}
+	tlsConfig.Certificates = []tls.Certificate{tlsCert}
+	if options.ClientAuth >= tls.VerifyClientCertIfGiven {
+		CAs, err := certPool(options.CAFile)
+		if err != nil {
+			return nil, err
+		}
+		tlsConfig.ClientCAs = CAs
+	}
+	return &tlsConfig, nil
+}
diff --git a/pkg/truncindex/truncindex.go b/pkg/truncindex/truncindex.go
new file mode 100644
index 00000000..02610b8b
--- /dev/null
+++ b/pkg/truncindex/truncindex.go
@@ -0,0 +1,137 @@
+// Package truncindex provides a general 'index tree', used by Docker
+// in order to be able to reference containers by only a few unambiguous
+// characters of their id.
+package truncindex
+
+import (
+	"errors"
+	"fmt"
+	"strings"
+	"sync"
+
+	"github.com/tchap/go-patricia/patricia"
+)
+
+var (
+	// ErrEmptyPrefix is an error returned if the prefix was empty.
+	ErrEmptyPrefix = errors.New("Prefix can't be empty")
+
+	// ErrIllegalChar is returned when a space is in the ID
+	ErrIllegalChar = errors.New("illegal character: ' '")
+
+	// ErrNotExist is returned when ID or its prefix not found in index.
+	ErrNotExist = errors.New("ID does not exist")
+)
+
+// ErrAmbiguousPrefix is returned if the prefix was ambiguous
+// (multiple ids for the prefix).
+type ErrAmbiguousPrefix struct {
+	prefix string
+}
+
+func (e ErrAmbiguousPrefix) Error() string {
+	return fmt.Sprintf("Multiple IDs found with provided prefix: %s", e.prefix)
+}
+
+// TruncIndex allows the retrieval of string identifiers by any of their unique prefixes.
+// This is used to retrieve image and container IDs by more convenient shorthand prefixes.
+type TruncIndex struct {
+	sync.RWMutex
+	trie *patricia.Trie
+	ids  map[string]struct{}
+}
+
+// NewTruncIndex creates a new TruncIndex and initializes with a list of IDs.
+func NewTruncIndex(ids []string) (idx *TruncIndex) {
+	idx = &TruncIndex{
+		ids: make(map[string]struct{}),
+
+		// Change patricia max prefix per node length,
+		// because our len(ID) always 64
+		trie: patricia.NewTrie(patricia.MaxPrefixPerNode(64)),
+	}
+	for _, id := range ids {
+		idx.addID(id)
+	}
+	return
+}
+
+func (idx *TruncIndex) addID(id string) error {
+	if strings.Contains(id, " ") {
+		return ErrIllegalChar
+	}
+	if id == "" {
+		return ErrEmptyPrefix
+	}
+	if _, exists := idx.ids[id]; exists {
+		return fmt.Errorf("id already exists: '%s'", id)
+	}
+	idx.ids[id] = struct{}{}
+	if inserted := idx.trie.Insert(patricia.Prefix(id), struct{}{}); !inserted {
+		return fmt.Errorf("failed to insert id: %s", id)
+	}
+	return nil
+}
+
+// Add adds a new ID to the TruncIndex.
+func (idx *TruncIndex) Add(id string) error {
+	idx.Lock()
+	defer idx.Unlock()
+	if err := idx.addID(id); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Delete removes an ID from the TruncIndex. If there are multiple IDs
+// with the given prefix, an error is thrown.
+func (idx *TruncIndex) Delete(id string) error {
+	idx.Lock()
+	defer idx.Unlock()
+	if _, exists := idx.ids[id]; !exists || id == "" {
+		return fmt.Errorf("no such id: '%s'", id)
+	}
+	delete(idx.ids, id)
+	if deleted := idx.trie.Delete(patricia.Prefix(id)); !deleted {
+		return fmt.Errorf("no such id: '%s'", id)
+	}
+	return nil
+}
+
+// Get retrieves an ID from the TruncIndex. If there are multiple IDs
+// with the given prefix, an error is thrown.
+func (idx *TruncIndex) Get(s string) (string, error) {
+	if s == "" {
+		return "", ErrEmptyPrefix
+	}
+	var (
+		id string
+	)
+	subTreeVisitFunc := func(prefix patricia.Prefix, item patricia.Item) error {
+		if id != "" {
+			// we haven't found the ID if there are two or more IDs
+			id = ""
+			return ErrAmbiguousPrefix{prefix: string(prefix)}
+		}
+		id = string(prefix)
+		return nil
+	}
+
+	idx.RLock()
+	defer idx.RUnlock()
+	if err := idx.trie.VisitSubtree(patricia.Prefix(s), subTreeVisitFunc); err != nil {
+		return "", err
+	}
+	if id != "" {
+		return id, nil
+	}
+	return "", ErrNotExist
+}
+
+// Iterate iterates over all stored IDs, and passes each of them to the given handler.
+func (idx *TruncIndex) Iterate(handler func(id string)) {
+	idx.trie.Visit(func(prefix patricia.Prefix, item patricia.Item) error {
+		handler(string(prefix))
+		return nil
+	})
+}
diff --git a/pkg/truncindex/truncindex_test.go b/pkg/truncindex/truncindex_test.go
new file mode 100644
index 00000000..8197baf7
--- /dev/null
+++ b/pkg/truncindex/truncindex_test.go
@@ -0,0 +1,429 @@
+package truncindex
+
+import (
+	"math/rand"
+	"testing"
+
+	"github.com/docker/docker/pkg/stringid"
+)
+
+// Test the behavior of TruncIndex, an index for querying IDs from a non-conflicting prefix.
+func TestTruncIndex(t *testing.T) {
+	ids := []string{}
+	index := NewTruncIndex(ids)
+	// Get on an empty index
+	if _, err := index.Get("foobar"); err == nil {
+		t.Fatal("Get on an empty index should return an error")
+	}
+
+	// Spaces should be illegal in an id
+	if err := index.Add("I have a space"); err == nil {
+		t.Fatalf("Adding an id with ' ' should return an error")
+	}
+
+	id := "99b36c2c326ccc11e726eee6ee78a0baf166ef96"
+	// Add an id
+	if err := index.Add(id); err != nil {
+		t.Fatal(err)
+	}
+
+	// Add an empty id (should fail)
+	if err := index.Add(""); err == nil {
+		t.Fatalf("Adding an empty id should return an error")
+	}
+
+	// Get a non-existing id
+	assertIndexGet(t, index, "abracadabra", "", true)
+	// Get an empty id
+	assertIndexGet(t, index, "", "", true)
+	// Get the exact id
+	assertIndexGet(t, index, id, id, false)
+	// The first letter should match
+	assertIndexGet(t, index, id[:1], id, false)
+	// The first half should match
+	assertIndexGet(t, index, id[:len(id)/2], id, false)
+	// The second half should NOT match
+	assertIndexGet(t, index, id[len(id)/2:], "", true)
+
+	id2 := id[:6] + "blabla"
+	// Add an id
+	if err := index.Add(id2); err != nil {
+		t.Fatal(err)
+	}
+	// Both exact IDs should work
+	assertIndexGet(t, index, id, id, false)
+	assertIndexGet(t, index, id2, id2, false)
+
+	// 6 characters or less should conflict
+	assertIndexGet(t, index, id[:6], "", true)
+	assertIndexGet(t, index, id[:4], "", true)
+	assertIndexGet(t, index, id[:1], "", true)
+
+	// An ambiguous id prefix should return an error
+	if _, err := index.Get(id[:4]); err == nil {
+		t.Fatal("An ambiguous id prefix should return an error")
+	}
+
+	// 7 characters should NOT conflict
+	assertIndexGet(t, index, id[:7], id, false)
+	assertIndexGet(t, index, id2[:7], id2, false)
+
+	// Deleting a non-existing id should return an error
+	if err := index.Delete("non-existing"); err == nil {
+		t.Fatalf("Deleting a non-existing id should return an error")
+	}
+
+	// Deleting an empty id should return an error
+	if err := index.Delete(""); err == nil {
+		t.Fatal("Deleting an empty id should return an error")
+	}
+
+	// Deleting id2 should remove conflicts
+	if err := index.Delete(id2); err != nil {
+		t.Fatal(err)
+	}
+	// id2 should no longer work
+	assertIndexGet(t, index, id2, "", true)
+	assertIndexGet(t, index, id2[:7], "", true)
+	assertIndexGet(t, index, id2[:11], "", true)
+
+	// conflicts between id and id2 should be gone
+	assertIndexGet(t, index, id[:6], id, false)
+	assertIndexGet(t, index, id[:4], id, false)
+	assertIndexGet(t, index, id[:1], id, false)
+
+	// non-conflicting substrings should still not conflict
+	assertIndexGet(t, index, id[:7], id, false)
+	assertIndexGet(t, index, id[:15], id, false)
+	assertIndexGet(t, index, id, id, false)
+
+	assertIndexIterate(t)
+}
+
+func assertIndexIterate(t *testing.T) {
+	ids := []string{
+		"19b36c2c326ccc11e726eee6ee78a0baf166ef96",
+		"28b36c2c326ccc11e726eee6ee78a0baf166ef96",
+		"37b36c2c326ccc11e726eee6ee78a0baf166ef96",
+		"46b36c2c326ccc11e726eee6ee78a0baf166ef96",
+	}
+
+	index := NewTruncIndex(ids)
+
+	index.Iterate(func(targetId string) {
+		for _, id := range ids {
+			if targetId == id {
+				return
+			}
+		}
+
+		t.Fatalf("An unknown ID '%s'", targetId)
+	})
+}
+
+func assertIndexGet(t *testing.T, index *TruncIndex, input, expectedResult string, expectError bool) {
+	if result, err := index.Get(input); err != nil && !expectError {
+		t.Fatalf("Unexpected error getting '%s': %s", input, err)
+	} else if err == nil && expectError {
+		t.Fatalf("Getting '%s' should return an error, not '%s'", input, result)
+	} else if result != expectedResult {
+		t.Fatalf("Getting '%s' returned '%s' instead of '%s'", input, result, expectedResult)
+	}
+}
+
+func BenchmarkTruncIndexAdd100(b *testing.B) {
+	var testSet []string
+	for i := 0; i < 100; i++ {
+		testSet = append(testSet, stringid.GenerateNonCryptoID())
+	}
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		index := NewTruncIndex([]string{})
+		for _, id := range testSet {
+			if err := index.Add(id); err != nil {
+				b.Fatal(err)
+			}
+		}
+	}
+}
+
+func BenchmarkTruncIndexAdd250(b *testing.B) {
+	var testSet []string
+	for i := 0; i < 250; i++ {
+		testSet = append(testSet, stringid.GenerateNonCryptoID())
+	}
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		index := NewTruncIndex([]string{})
+		for _, id := range testSet {
+			if err := index.Add(id); err != nil {
+				b.Fatal(err)
+			}
+		}
+	}
+}
+
+func BenchmarkTruncIndexAdd500(b *testing.B) {
+	var testSet []string
+	for i := 0; i < 500; i++ {
+		testSet = append(testSet, stringid.GenerateNonCryptoID())
+	}
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		index := NewTruncIndex([]string{})
+		for _, id := range testSet {
+			if err := index.Add(id); err != nil {
+				b.Fatal(err)
+			}
+		}
+	}
+}
+
+func BenchmarkTruncIndexGet100(b *testing.B) {
+	var testSet []string
+	var testKeys []string
+	for i := 0; i < 100; i++ {
+		testSet = append(testSet, stringid.GenerateNonCryptoID())
+	}
+	index := NewTruncIndex([]string{})
+	for _, id := range testSet {
+		if err := index.Add(id); err != nil {
+			b.Fatal(err)
+		}
+		l := rand.Intn(12) + 12
+		testKeys = append(testKeys, id[:l])
+	}
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		for _, id := range testKeys {
+			if res, err := index.Get(id); err != nil {
+				b.Fatal(res, err)
+			}
+		}
+	}
+}
+
+func BenchmarkTruncIndexGet250(b *testing.B) {
+	var testSet []string
+	var testKeys []string
+	for i := 0; i < 250; i++ {
+		testSet = append(testSet, stringid.GenerateNonCryptoID())
+	}
+	index := NewTruncIndex([]string{})
+	for _, id := range testSet {
+		if err := index.Add(id); err != nil {
+			b.Fatal(err)
+		}
+		l := rand.Intn(12) + 12
+		testKeys = append(testKeys, id[:l])
+	}
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		for _, id := range testKeys {
+			if res, err := index.Get(id); err != nil {
+				b.Fatal(res, err)
+			}
+		}
+	}
+}
+
+func BenchmarkTruncIndexGet500(b *testing.B) {
+	var testSet []string
+	var testKeys []string
+	for i := 0; i < 500; i++ {
+		testSet = append(testSet, stringid.GenerateNonCryptoID())
+	}
+	index := NewTruncIndex([]string{})
+	for _, id := range testSet {
+		if err := index.Add(id); err != nil {
+			b.Fatal(err)
+		}
+		l := rand.Intn(12) + 12
+		testKeys = append(testKeys, id[:l])
+	}
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		for _, id := range testKeys {
+			if res, err := index.Get(id); err != nil {
+				b.Fatal(res, err)
+			}
+		}
+	}
+}
+
+func BenchmarkTruncIndexDelete100(b *testing.B) {
+	var testSet []string
+	for i := 0; i < 100; i++ {
+		testSet = append(testSet, stringid.GenerateNonCryptoID())
+	}
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		b.StopTimer()
+		index := NewTruncIndex([]string{})
+		for _, id := range testSet {
+			if err := index.Add(id); err != nil {
+				b.Fatal(err)
+			}
+		}
+		b.StartTimer()
+		for _, id := range testSet {
+			if err := index.Delete(id); err != nil {
+				b.Fatal(err)
+			}
+		}
+	}
+}
+
+func BenchmarkTruncIndexDelete250(b *testing.B) {
+	var testSet []string
+	for i := 0; i < 250; i++ {
+		testSet = append(testSet, stringid.GenerateNonCryptoID())
+	}
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		b.StopTimer()
+		index := NewTruncIndex([]string{})
+		for _, id := range testSet {
+			if err := index.Add(id); err != nil {
+				b.Fatal(err)
+			}
+		}
+		b.StartTimer()
+		for _, id := range testSet {
+			if err := index.Delete(id); err != nil {
+				b.Fatal(err)
+			}
+		}
+	}
+}
+
+func BenchmarkTruncIndexDelete500(b *testing.B) {
+	var testSet []string
+	for i := 0; i < 500; i++ {
+		testSet = append(testSet, stringid.GenerateNonCryptoID())
+	}
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		b.StopTimer()
+		index := NewTruncIndex([]string{})
+		for _, id := range testSet {
+			if err := index.Add(id); err != nil {
+				b.Fatal(err)
+			}
+		}
+		b.StartTimer()
+		for _, id := range testSet {
+			if err := index.Delete(id); err != nil {
+				b.Fatal(err)
+			}
+		}
+	}
+}
+
+func BenchmarkTruncIndexNew100(b *testing.B) {
+	var testSet []string
+	for i := 0; i < 100; i++ {
+		testSet = append(testSet, stringid.GenerateNonCryptoID())
+	}
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		NewTruncIndex(testSet)
+	}
+}
+
+func BenchmarkTruncIndexNew250(b *testing.B) {
+	var testSet []string
+	for i := 0; i < 250; i++ {
+		testSet = append(testSet, stringid.GenerateNonCryptoID())
+	}
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		NewTruncIndex(testSet)
+	}
+}
+
+func BenchmarkTruncIndexNew500(b *testing.B) {
+	var testSet []string
+	for i := 0; i < 500; i++ {
+		testSet = append(testSet, stringid.GenerateNonCryptoID())
+	}
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		NewTruncIndex(testSet)
+	}
+}
+
+func BenchmarkTruncIndexAddGet100(b *testing.B) {
+	var testSet []string
+	var testKeys []string
+	for i := 0; i < 500; i++ {
+		id := stringid.GenerateNonCryptoID()
+		testSet = append(testSet, id)
+		l := rand.Intn(12) + 12
+		testKeys = append(testKeys, id[:l])
+	}
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		index := NewTruncIndex([]string{})
+		for _, id := range testSet {
+			if err := index.Add(id); err != nil {
+				b.Fatal(err)
+			}
+		}
+		for _, id := range testKeys {
+			if res, err := index.Get(id); err != nil {
+				b.Fatal(res, err)
+			}
+		}
+	}
+}
+
+func BenchmarkTruncIndexAddGet250(b *testing.B) {
+	var testSet []string
+	var testKeys []string
+	for i := 0; i < 500; i++ {
+		id := stringid.GenerateNonCryptoID()
+		testSet = append(testSet, id)
+		l := rand.Intn(12) + 12
+		testKeys = append(testKeys, id[:l])
+	}
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		index := NewTruncIndex([]string{})
+		for _, id := range testSet {
+			if err := index.Add(id); err != nil {
+				b.Fatal(err)
+			}
+		}
+		for _, id := range testKeys {
+			if res, err := index.Get(id); err != nil {
+				b.Fatal(res, err)
+			}
+		}
+	}
+}
+
+func BenchmarkTruncIndexAddGet500(b *testing.B) {
+	var testSet []string
+	var testKeys []string
+	for i := 0; i < 500; i++ {
+		id := stringid.GenerateNonCryptoID()
+		testSet = append(testSet, id)
+		l := rand.Intn(12) + 12
+		testKeys = append(testKeys, id[:l])
+	}
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		index := NewTruncIndex([]string{})
+		for _, id := range testSet {
+			if err := index.Add(id); err != nil {
+				b.Fatal(err)
+			}
+		}
+		for _, id := range testKeys {
+			if res, err := index.Get(id); err != nil {
+				b.Fatal(res, err)
+			}
+		}
+	}
+}
diff --git a/pkg/urlutil/urlutil.go b/pkg/urlutil/urlutil.go
new file mode 100644
index 00000000..1135a4c6
--- /dev/null
+++ b/pkg/urlutil/urlutil.go
@@ -0,0 +1,50 @@
+// Package urlutil provides helper function to check urls kind.
+// It supports http urls, git urls and transport url (tcp://, …)
+package urlutil
+
+import (
+	"regexp"
+	"strings"
+)
+
+var (
+	validPrefixes = map[string][]string{
+		"url":       {"http://", "https://"},
+		"git":       {"git://", "github.com/", "git@"},
+		"transport": {"tcp://", "tcp+tls://", "udp://", "unix://"},
+	}
+	urlPathWithFragmentSuffix = regexp.MustCompile(".git(?:#.+)?$")
+)
+
+// IsURL returns true if the provided str is an HTTP(S) URL.
+func IsURL(str string) bool {
+	return checkURL(str, "url")
+}
+
+// IsGitURL returns true if the provided str is a git repository URL.
+func IsGitURL(str string) bool {
+	if IsURL(str) && urlPathWithFragmentSuffix.MatchString(str) {
+		return true
+	}
+	return checkURL(str, "git")
+}
+
+// IsGitTransport returns true if the provided str is a git transport by inspecting
+// the prefix of the string for known protocols used in git.
+func IsGitTransport(str string) bool {
+	return IsURL(str) || strings.HasPrefix(str, "git://") || strings.HasPrefix(str, "git@")
+}
+
+// IsTransportURL returns true if the provided str is a transport (tcp, tcp+tls, udp, unix) URL.
+func IsTransportURL(str string) bool {
+	return checkURL(str, "transport")
+}
+
+func checkURL(str, kind string) bool {
+	for _, prefix := range validPrefixes[kind] {
+		if strings.HasPrefix(str, prefix) {
+			return true
+		}
+	}
+	return false
+}
diff --git a/pkg/urlutil/urlutil_test.go b/pkg/urlutil/urlutil_test.go
new file mode 100644
index 00000000..86d48cfe
--- /dev/null
+++ b/pkg/urlutil/urlutil_test.go
@@ -0,0 +1,69 @@
+package urlutil
+
+import "testing"
+
+var (
+	gitUrls = []string{
+		"git://github.com/docker/docker",
+		"git@github.com:docker/docker.git",
+		"git@bitbucket.org:atlassianlabs/atlassian-docker.git",
+		"https://github.com/docker/docker.git",
+		"http://github.com/docker/docker.git",
+		"http://github.com/docker/docker.git#branch",
+		"http://github.com/docker/docker.git#:dir",
+	}
+	incompleteGitUrls = []string{
+		"github.com/docker/docker",
+	}
+	invalidGitUrls = []string{
+		"http://github.com/docker/docker.git:#branch",
+	}
+	transportUrls = []string{
+		"tcp://example.com",
+		"tcp+tls://example.com",
+		"udp://example.com",
+		"unix:///example",
+	}
+)
+
+func TestValidGitTransport(t *testing.T) {
+	for _, url := range gitUrls {
+		if IsGitTransport(url) == false {
+			t.Fatalf("%q should be detected as valid Git prefix", url)
+		}
+	}
+
+	for _, url := range incompleteGitUrls {
+		if IsGitTransport(url) == true {
+			t.Fatalf("%q should not be detected as valid Git prefix", url)
+		}
+	}
+}
+
+func TestIsGIT(t *testing.T) {
+	for _, url := range gitUrls {
+		if IsGitURL(url) == false {
+			t.Fatalf("%q should be detected as valid Git url", url)
+		}
+	}
+
+	for _, url := range incompleteGitUrls {
+		if IsGitURL(url) == false {
+			t.Fatalf("%q should be detected as valid Git url", url)
+		}
+	}
+
+	for _, url := range invalidGitUrls {
+		if IsGitURL(url) == true {
+			t.Fatalf("%q should not be detected as valid Git prefix", url)
+		}
+	}
+}
+
+func TestIsTransport(t *testing.T) {
+	for _, url := range transportUrls {
+		if IsTransportURL(url) == false {
+			t.Fatalf("%q should be detected as valid Transport url", url)
+		}
+	}
+}
diff --git a/pkg/useragent/README.md b/pkg/useragent/README.md
new file mode 100644
index 00000000..d9cb367d
--- /dev/null
+++ b/pkg/useragent/README.md
@@ -0,0 +1 @@
+This package provides helper functions to pack version information into a single User-Agent header.
diff --git a/pkg/useragent/useragent.go b/pkg/useragent/useragent.go
new file mode 100644
index 00000000..1137db51
--- /dev/null
+++ b/pkg/useragent/useragent.go
@@ -0,0 +1,55 @@
+// Package useragent provides helper functions to pack
+// version information into a single User-Agent header.
+package useragent
+
+import (
+	"strings"
+)
+
+// VersionInfo is used to model UserAgent versions.
+type VersionInfo struct {
+	Name    string
+	Version string
+}
+
+func (vi *VersionInfo) isValid() bool {
+	const stopChars = " \t\r\n/"
+	name := vi.Name
+	vers := vi.Version
+	if len(name) == 0 || strings.ContainsAny(name, stopChars) {
+		return false
+	}
+	if len(vers) == 0 || strings.ContainsAny(vers, stopChars) {
+		return false
+	}
+	return true
+}
+
+// AppendVersions converts versions to a string and appends the string to the string base.
+//
+// Each VersionInfo will be converted to a string in the format of
+// "product/version", where the "product" is get from the name field, while
+// version is get from the version field. Several pieces of version information
+// will be concatenated and separated by space.
+//
+// Example:
+// AppendVersions("base", VersionInfo{"foo", "1.0"}, VersionInfo{"bar", "2.0"})
+// results in "base foo/1.0 bar/2.0".
+func AppendVersions(base string, versions ...VersionInfo) string {
+	if len(versions) == 0 {
+		return base
+	}
+
+	verstrs := make([]string, 0, 1+len(versions))
+	if len(base) > 0 {
+		verstrs = append(verstrs, base)
+	}
+
+	for _, v := range versions {
+		if !v.isValid() {
+			continue
+		}
+		verstrs = append(verstrs, v.Name+"/"+v.Version)
+	}
+	return strings.Join(verstrs, " ")
+}
diff --git a/pkg/useragent/useragent_test.go b/pkg/useragent/useragent_test.go
new file mode 100644
index 00000000..0ad7243a
--- /dev/null
+++ b/pkg/useragent/useragent_test.go
@@ -0,0 +1,31 @@
+package useragent
+
+import "testing"
+
+func TestVersionInfo(t *testing.T) {
+	vi := VersionInfo{"foo", "bar"}
+	if !vi.isValid() {
+		t.Fatalf("VersionInfo should be valid")
+	}
+	vi = VersionInfo{"", "bar"}
+	if vi.isValid() {
+		t.Fatalf("Expected VersionInfo to be invalid")
+	}
+	vi = VersionInfo{"foo", ""}
+	if vi.isValid() {
+		t.Fatalf("Expected VersionInfo to be invalid")
+	}
+}
+
+func TestAppendVersions(t *testing.T) {
+	vis := []VersionInfo{
+		{"foo", "1.0"},
+		{"bar", "0.1"},
+		{"pi", "3.1.4"},
+	}
+	v := AppendVersions("base", vis...)
+	expect := "base foo/1.0 bar/0.1 pi/3.1.4"
+	if v != expect {
+		t.Fatalf("expected %q, got %q", expect, v)
+	}
+}
diff --git a/pkg/version/version.go b/pkg/version/version.go
new file mode 100644
index 00000000..c001279f
--- /dev/null
+++ b/pkg/version/version.go
@@ -0,0 +1,68 @@
+package version
+
+import (
+	"strconv"
+	"strings"
+)
+
+// Version provides utility methods for comparing versions.
+type Version string
+
+func (v Version) compareTo(other Version) int {
+	var (
+		currTab  = strings.Split(string(v), ".")
+		otherTab = strings.Split(string(other), ".")
+	)
+
+	max := len(currTab)
+	if len(otherTab) > max {
+		max = len(otherTab)
+	}
+	for i := 0; i < max; i++ {
+		var currInt, otherInt int
+
+		if len(currTab) > i {
+			currInt, _ = strconv.Atoi(currTab[i])
+		}
+		if len(otherTab) > i {
+			otherInt, _ = strconv.Atoi(otherTab[i])
+		}
+		if currInt > otherInt {
+			return 1
+		}
+		if otherInt > currInt {
+			return -1
+		}
+	}
+	return 0
+}
+
+// String returns the version string
+func (v Version) String() string {
+	return string(v)
+}
+
+// LessThan checks if a version is less than another
+func (v Version) LessThan(other Version) bool {
+	return v.compareTo(other) == -1
+}
+
+// LessThanOrEqualTo checks if a version is less than or equal to another
+func (v Version) LessThanOrEqualTo(other Version) bool {
+	return v.compareTo(other) <= 0
+}
+
+// GreaterThan checks if a version is greater than another
+func (v Version) GreaterThan(other Version) bool {
+	return v.compareTo(other) == 1
+}
+
+// GreaterThanOrEqualTo checks if a version is greater than or equal to another
+func (v Version) GreaterThanOrEqualTo(other Version) bool {
+	return v.compareTo(other) >= 0
+}
+
+// Equal checks if a version is equal to another
+func (v Version) Equal(other Version) bool {
+	return v.compareTo(other) == 0
+}
diff --git a/pkg/version/version_test.go b/pkg/version/version_test.go
new file mode 100644
index 00000000..c02ec40f
--- /dev/null
+++ b/pkg/version/version_test.go
@@ -0,0 +1,27 @@
+package version
+
+import (
+	"testing"
+)
+
+func assertVersion(t *testing.T, a, b string, result int) {
+	if r := Version(a).compareTo(Version(b)); r != result {
+		t.Fatalf("Unexpected version comparison result. Found %d, expected %d", r, result)
+	}
+}
+
+func TestCompareVersion(t *testing.T) {
+	assertVersion(t, "1.12", "1.12", 0)
+	assertVersion(t, "1.0.0", "1", 0)
+	assertVersion(t, "1", "1.0.0", 0)
+	assertVersion(t, "1.05.00.0156", "1.0.221.9289", 1)
+	assertVersion(t, "1", "1.0.1", -1)
+	assertVersion(t, "1.0.1", "1", 1)
+	assertVersion(t, "1.0.1", "1.0.2", -1)
+	assertVersion(t, "1.0.2", "1.0.3", -1)
+	assertVersion(t, "1.0.3", "1.1", -1)
+	assertVersion(t, "1.1", "1.1.1", -1)
+	assertVersion(t, "1.1.1", "1.1.2", -1)
+	assertVersion(t, "1.1.2", "1.2", -1)
+
+}
diff --git a/profiles/apparmor/apparmor.go b/profiles/apparmor/apparmor.go
new file mode 100644
index 00000000..51dfa5cf
--- /dev/null
+++ b/profiles/apparmor/apparmor.go
@@ -0,0 +1,115 @@
+// +build linux
+
+package apparmor
+
+import (
+	"bufio"
+	"io"
+	"os"
+	"path"
+	"strings"
+
+	"github.com/docker/docker/pkg/aaparser"
+	"github.com/docker/docker/utils/templates"
+)
+
+var (
+	// profileDirectory is the file store for apparmor profiles and macros.
+	profileDirectory = "/etc/apparmor.d"
+	// defaultProfilePath is the default path for the apparmor profile to be saved.
+	defaultProfilePath = path.Join(profileDirectory, "docker")
+)
+
+// profileData holds information about the given profile for generation.
+type profileData struct {
+	// Name is profile name.
+	Name string
+	// Imports defines the apparmor functions to import, before defining the profile.
+	Imports []string
+	// InnerImports defines the apparmor functions to import in the profile.
+	InnerImports []string
+	// Version is the {major, minor, patch} version of apparmor_parser as a single number.
+	Version int
+}
+
+// generateDefault creates an apparmor profile from ProfileData.
+func (p *profileData) generateDefault(out io.Writer) error {
+	compiled, err := templates.NewParse("apparmor_profile", baseTemplate)
+	if err != nil {
+		return err
+	}
+
+	if macroExists("tunables/global") {
+		p.Imports = append(p.Imports, "#include <tunables/global>")
+	} else {
+		p.Imports = append(p.Imports, "@{PROC}=/proc/")
+	}
+
+	if macroExists("abstractions/base") {
+		p.InnerImports = append(p.InnerImports, "#include <abstractions/base>")
+	}
+
+	ver, err := aaparser.GetVersion()
+	if err != nil {
+		return err
+	}
+	p.Version = ver
+
+	if err := compiled.Execute(out, p); err != nil {
+		return err
+	}
+	return nil
+}
+
+// macrosExists checks if the passed macro exists.
+func macroExists(m string) bool {
+	_, err := os.Stat(path.Join(profileDirectory, m))
+	return err == nil
+}
+
+// InstallDefault generates a default profile and installs it in the
+// ProfileDirectory with `apparmor_parser`.
+func InstallDefault(name string) error {
+	// Make sure the path where they want to save the profile exists
+	if err := os.MkdirAll(profileDirectory, 0755); err != nil {
+		return err
+	}
+
+	p := profileData{
+		Name: name,
+	}
+
+	f, err := os.OpenFile(defaultProfilePath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0644)
+	if err != nil {
+		return err
+	}
+	if err := p.generateDefault(f); err != nil {
+		f.Close()
+		return err
+	}
+	f.Close()
+
+	if err := aaparser.LoadProfile(defaultProfilePath); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// IsLoaded checks if a passed profile has been loaded into the kernel.
+func IsLoaded(name string) error {
+	file, err := os.Open("/sys/kernel/security/apparmor/profiles")
+	if err != nil {
+		return err
+	}
+	r := bufio.NewReader(file)
+	for {
+		p, err := r.ReadString('\n')
+		if err != nil {
+			return err
+		}
+		if strings.HasPrefix(p, name+" ") {
+			return nil
+		}
+	}
+}
diff --git a/profiles/apparmor/template.go b/profiles/apparmor/template.go
new file mode 100644
index 00000000..ada33bf0
--- /dev/null
+++ b/profiles/apparmor/template.go
@@ -0,0 +1,46 @@
+// +build linux
+
+package apparmor
+
+// baseTemplate defines the default apparmor profile for containers.
+const baseTemplate = `
+{{range $value := .Imports}}
+{{$value}}
+{{end}}
+
+profile {{.Name}} flags=(attach_disconnected,mediate_deleted) {
+{{range $value := .InnerImports}}
+  {{$value}}
+{{end}}
+
+  network,
+  capability,
+  file,
+  umount,
+
+  deny @{PROC}/* w,   # deny write for all files directly in /proc (not in a subdir)
+  # deny write to files not in /proc/<number>/** or /proc/sys/**
+  deny @{PROC}/{[^1-9],[^1-9][^0-9],[^1-9s][^0-9y][^0-9s],[^1-9][^0-9][^0-9][^0-9]*}/** w,
+  deny @{PROC}/sys/[^k]** w,  # deny /proc/sys except /proc/sys/k* (effectively /proc/sys/kernel)
+  deny @{PROC}/sys/kernel/{?,??,[^s][^h][^m]**} w,  # deny everything except shm* in /proc/sys/kernel/
+  deny @{PROC}/sysrq-trigger rwklx,
+  deny @{PROC}/mem rwklx,
+  deny @{PROC}/kmem rwklx,
+  deny @{PROC}/kcore rwklx,
+
+  deny mount,
+
+  deny /sys/[^f]*/** wklx,
+  deny /sys/f[^s]*/** wklx,
+  deny /sys/fs/[^c]*/** wklx,
+  deny /sys/fs/c[^g]*/** wklx,
+  deny /sys/fs/cg[^r]*/** wklx,
+  deny /sys/firmware/efi/efivars/** rwklx,
+  deny /sys/kernel/security/** rwklx,
+
+{{if ge .Version 208095}}
+  # suppress ptrace denials when using 'docker ps' or using 'ps' inside a container
+  ptrace (trace,read) peer=docker-default,
+{{end}}
+}
+`
diff --git a/profiles/seccomp/default.json b/profiles/seccomp/default.json
new file mode 100755
index 00000000..5c70f88a
--- /dev/null
+++ b/profiles/seccomp/default.json
@@ -0,0 +1,1628 @@
+{
+	"defaultAction": "SCMP_ACT_ERRNO",
+	"architectures": [
+		"SCMP_ARCH_X86_64",
+		"SCMP_ARCH_X86",
+		"SCMP_ARCH_X32"
+	],
+	"syscalls": [
+		{
+			"name": "accept",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "accept4",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "access",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "alarm",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "arch_prctl",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "bind",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "brk",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "capget",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "capset",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "chdir",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "chmod",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "chown",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "chown32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "chroot",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "clock_getres",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "clock_gettime",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "clock_nanosleep",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "clone",
+			"action": "SCMP_ACT_ALLOW",
+			"args": [
+				{
+					"index": 0,
+					"value": 2080505856,
+					"valueTwo": 0,
+					"op": "SCMP_CMP_MASKED_EQ"
+				}
+			]
+		},
+		{
+			"name": "close",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "connect",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "copy_file_range",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "creat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "dup",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "dup2",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "dup3",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "epoll_create",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "epoll_create1",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "epoll_ctl",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "epoll_ctl_old",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "epoll_pwait",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "epoll_wait",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "epoll_wait_old",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "eventfd",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "eventfd2",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "execve",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "execveat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "exit",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "exit_group",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "faccessat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fadvise64",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fadvise64_64",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fallocate",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fanotify_init",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fanotify_mark",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fchdir",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fchmod",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fchmodat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fchown",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fchown32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fchownat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fcntl",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fcntl64",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fdatasync",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fgetxattr",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "flistxattr",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "flock",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fork",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fremovexattr",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fsetxattr",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fstat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fstat64",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fstatat64",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fstatfs",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fstatfs64",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "fsync",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "ftruncate",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "ftruncate64",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "futex",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "futimesat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getcpu",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getcwd",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getdents",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getdents64",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getegid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getegid32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "geteuid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "geteuid32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getgid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getgid32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getgroups",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getgroups32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getitimer",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getpeername",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getpgid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getpgrp",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getpid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getppid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getpriority",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getrandom",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getresgid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getresgid32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getresuid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getresuid32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getrlimit",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "get_robust_list",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getrusage",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getsid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getsockname",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getsockopt",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "get_thread_area",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "gettid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "gettimeofday",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getuid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getuid32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "getxattr",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "inotify_add_watch",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "inotify_init",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "inotify_init1",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "inotify_rm_watch",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "io_cancel",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "ioctl",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "io_destroy",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "io_getevents",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "ioprio_get",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "ioprio_set",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "io_setup",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "io_submit",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "ipc",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "kill",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "lchown",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "lchown32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "lgetxattr",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "link",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "linkat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "listen",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "listxattr",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "llistxattr",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "_llseek",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "lremovexattr",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "lseek",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "lsetxattr",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "lstat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "lstat64",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "madvise",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "memfd_create",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "mincore",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "mkdir",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "mkdirat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "mknod",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "mknodat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "mlock",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "mlock2",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "mlockall",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "mmap",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "mmap2",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "mprotect",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "mq_getsetattr",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "mq_notify",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "mq_open",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "mq_timedreceive",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "mq_timedsend",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "mq_unlink",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "mremap",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "msgctl",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "msgget",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "msgrcv",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "msgsnd",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "msync",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "munlock",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "munlockall",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "munmap",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "nanosleep",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "newfstatat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "_newselect",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "open",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "openat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "pause",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "personality",
+			"action": "SCMP_ACT_ALLOW",
+			"args": [
+				{
+					"index": 0,
+					"value": 0,
+					"valueTwo": 0,
+					"op": "SCMP_CMP_EQ"
+				}
+			]
+		},
+		{
+			"name": "personality",
+			"action": "SCMP_ACT_ALLOW",
+			"args": [
+				{
+					"index": 0,
+					"value": 8,
+					"valueTwo": 0,
+					"op": "SCMP_CMP_EQ"
+				}
+			]
+		},
+		{
+			"name": "personality",
+			"action": "SCMP_ACT_ALLOW",
+			"args": [
+				{
+					"index": 0,
+					"value": 4294967295,
+					"valueTwo": 0,
+					"op": "SCMP_CMP_EQ"
+				}
+			]
+		},
+		{
+			"name": "pipe",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "pipe2",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "poll",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "ppoll",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "prctl",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "pread64",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "preadv",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "prlimit64",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "pselect6",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "pwrite64",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "pwritev",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "read",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "readahead",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "readlink",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "readlinkat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "readv",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "recv",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "recvfrom",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "recvmmsg",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "recvmsg",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "remap_file_pages",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "removexattr",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "rename",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "renameat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "renameat2",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "restart_syscall",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "rmdir",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "rt_sigaction",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "rt_sigpending",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "rt_sigprocmask",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "rt_sigqueueinfo",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "rt_sigreturn",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "rt_sigsuspend",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "rt_sigtimedwait",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "rt_tgsigqueueinfo",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sched_getaffinity",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sched_getattr",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sched_getparam",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sched_get_priority_max",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sched_get_priority_min",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sched_getscheduler",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sched_rr_get_interval",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sched_setaffinity",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sched_setattr",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sched_setparam",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sched_setscheduler",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sched_yield",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "seccomp",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "select",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "semctl",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "semget",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "semop",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "semtimedop",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "send",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sendfile",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sendfile64",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sendmmsg",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sendmsg",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sendto",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setdomainname",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setfsgid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setfsgid32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setfsuid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setfsuid32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setgid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setgid32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setgroups",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setgroups32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sethostname",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setitimer",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setpgid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setpriority",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setregid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setregid32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setresgid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setresgid32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setresuid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setresuid32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setreuid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setreuid32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setrlimit",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "set_robust_list",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setsid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setsockopt",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "set_thread_area",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "set_tid_address",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setuid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setuid32",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "setxattr",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "shmat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "shmctl",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "shmdt",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "shmget",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "shutdown",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sigaltstack",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "signalfd",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "signalfd4",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sigreturn",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "socket",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "socketcall",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "socketpair",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "splice",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "stat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "stat64",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "statfs",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "statfs64",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "symlink",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "symlinkat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sync",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sync_file_range",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "syncfs",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "sysinfo",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "syslog",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "tee",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "tgkill",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "time",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "timer_create",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "timer_delete",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "timerfd_create",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "timerfd_gettime",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "timerfd_settime",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "timer_getoverrun",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "timer_gettime",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "timer_settime",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "times",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "tkill",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "truncate",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "truncate64",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "ugetrlimit",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "umask",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "uname",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "unlink",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "unlinkat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "utime",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "utimensat",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "utimes",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "vfork",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "vhangup",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "vmsplice",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "wait4",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "waitid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "waitpid",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "write",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "writev",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "modify_ldt",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "breakpoint",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "cacheflush",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		},
+		{
+			"name": "set_tls",
+			"action": "SCMP_ACT_ALLOW",
+			"args": []
+		}
+	]
+}
\ No newline at end of file
diff --git a/profiles/seccomp/fixtures/example.json b/profiles/seccomp/fixtures/example.json
new file mode 100755
index 00000000..674ca50f
--- /dev/null
+++ b/profiles/seccomp/fixtures/example.json
@@ -0,0 +1,27 @@
+{
+    "defaultAction": "SCMP_ACT_ERRNO",
+    "syscalls": [
+        {
+            "name": "clone",
+            "action": "SCMP_ACT_ALLOW",
+            "args": [
+                {
+                    "index": 0,
+                    "value": 2080505856,
+                    "valueTwo": 0,
+                    "op": "SCMP_CMP_MASKED_EQ"
+                }
+            ]
+        },
+        {
+            "name": "open",
+            "action": "SCMP_ACT_ALLOW",
+            "args": []
+        },
+        {
+            "name": "close",
+            "action": "SCMP_ACT_ALLOW",
+            "args": []
+        }
+    ]
+}
diff --git a/profiles/seccomp/generate.go b/profiles/seccomp/generate.go
new file mode 100644
index 00000000..bf565947
--- /dev/null
+++ b/profiles/seccomp/generate.go
@@ -0,0 +1,32 @@
+// +build ignore
+
+package main
+
+import (
+	"encoding/json"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+
+	"github.com/docker/docker/profiles/seccomp"
+)
+
+// saves the default seccomp profile as a json file so people can use it as a
+// base for their own custom profiles
+func main() {
+	wd, err := os.Getwd()
+	if err != nil {
+		panic(err)
+	}
+	f := filepath.Join(wd, "default.json")
+
+	// write the default profile to the file
+	b, err := json.MarshalIndent(seccomp.DefaultProfile, "", "\t")
+	if err != nil {
+		panic(err)
+	}
+
+	if err := ioutil.WriteFile(f, b, 0644); err != nil {
+		panic(err)
+	}
+}
diff --git a/profiles/seccomp/seccomp.go b/profiles/seccomp/seccomp.go
new file mode 100644
index 00000000..0718d840
--- /dev/null
+++ b/profiles/seccomp/seccomp.go
@@ -0,0 +1,74 @@
+// +build linux
+
+package seccomp
+
+import (
+	"encoding/json"
+	"fmt"
+
+	"github.com/docker/engine-api/types"
+	"github.com/opencontainers/specs/specs-go"
+)
+
+//go:generate go run -tags 'seccomp' generate.go
+
+// GetDefaultProfile returns the default seccomp profile.
+func GetDefaultProfile() (*specs.Seccomp, error) {
+	return setupSeccomp(DefaultProfile)
+}
+
+// LoadProfile takes a file path and decodes the seccomp profile.
+func LoadProfile(body string) (*specs.Seccomp, error) {
+	var config types.Seccomp
+	if err := json.Unmarshal([]byte(body), &config); err != nil {
+		return nil, fmt.Errorf("Decoding seccomp profile failed: %v", err)
+	}
+
+	return setupSeccomp(&config)
+}
+
+func setupSeccomp(config *types.Seccomp) (newConfig *specs.Seccomp, err error) {
+	if config == nil {
+		return nil, nil
+	}
+
+	// No default action specified, no syscalls listed, assume seccomp disabled
+	if config.DefaultAction == "" && len(config.Syscalls) == 0 {
+		return nil, nil
+	}
+
+	newConfig = &specs.Seccomp{}
+
+	// if config.Architectures == 0 then libseccomp will figure out the architecture to use
+	if len(config.Architectures) > 0 {
+		for _, arch := range config.Architectures {
+			newConfig.Architectures = append(newConfig.Architectures, specs.Arch(arch))
+		}
+	}
+
+	newConfig.DefaultAction = specs.Action(config.DefaultAction)
+
+	// Loop through all syscall blocks and convert them to libcontainer format
+	for _, call := range config.Syscalls {
+		newCall := specs.Syscall{
+			Name:   call.Name,
+			Action: specs.Action(call.Action),
+		}
+
+		// Loop through all the arguments of the syscall and convert them
+		for _, arg := range call.Args {
+			newArg := specs.Arg{
+				Index:    arg.Index,
+				Value:    arg.Value,
+				ValueTwo: arg.ValueTwo,
+				Op:       specs.Operator(arg.Op),
+			}
+
+			newCall.Args = append(newCall.Args, newArg)
+		}
+
+		newConfig.Syscalls = append(newConfig.Syscalls, newCall)
+	}
+
+	return newConfig, nil
+}
diff --git a/profiles/seccomp/seccomp_default.go b/profiles/seccomp/seccomp_default.go
new file mode 100644
index 00000000..4fad7a6c
--- /dev/null
+++ b/profiles/seccomp/seccomp_default.go
@@ -0,0 +1,1659 @@
+// +build linux,seccomp
+
+package seccomp
+
+import (
+	"syscall"
+
+	"github.com/docker/engine-api/types"
+	libseccomp "github.com/seccomp/libseccomp-golang"
+)
+
+func arches() []types.Arch {
+	var native, err = libseccomp.GetNativeArch()
+	if err != nil {
+		return []types.Arch{}
+	}
+	var a = native.String()
+	switch a {
+	case "amd64":
+		return []types.Arch{types.ArchX86_64, types.ArchX86, types.ArchX32}
+	case "arm64":
+		return []types.Arch{types.ArchARM, types.ArchAARCH64}
+	case "mips64":
+		return []types.Arch{types.ArchMIPS, types.ArchMIPS64, types.ArchMIPS64N32}
+	case "mips64n32":
+		return []types.Arch{types.ArchMIPS, types.ArchMIPS64, types.ArchMIPS64N32}
+	case "mipsel64":
+		return []types.Arch{types.ArchMIPSEL, types.ArchMIPSEL64, types.ArchMIPSEL64N32}
+	case "mipsel64n32":
+		return []types.Arch{types.ArchMIPSEL, types.ArchMIPSEL64, types.ArchMIPSEL64N32}
+	default:
+		return []types.Arch{}
+	}
+}
+
+// DefaultProfile defines the whitelist for the default seccomp profile.
+var DefaultProfile = &types.Seccomp{
+	DefaultAction: types.ActErrno,
+	Architectures: arches(),
+	Syscalls: []*types.Syscall{
+		{
+			Name:   "accept",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "accept4",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "access",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "alarm",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "arch_prctl",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "bind",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "brk",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "capget",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "capset",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "chdir",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "chmod",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "chown",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "chown32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "chroot",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "clock_getres",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "clock_gettime",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "clock_nanosleep",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "clone",
+			Action: types.ActAllow,
+			Args: []*types.Arg{
+				{
+					Index:    0,
+					Value:    syscall.CLONE_NEWNS | syscall.CLONE_NEWUTS | syscall.CLONE_NEWIPC | syscall.CLONE_NEWUSER | syscall.CLONE_NEWPID | syscall.CLONE_NEWNET,
+					ValueTwo: 0,
+					Op:       types.OpMaskedEqual,
+				},
+			},
+		},
+		{
+			Name:   "close",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "connect",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "copy_file_range",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "creat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "dup",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "dup2",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "dup3",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "epoll_create",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "epoll_create1",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "epoll_ctl",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "epoll_ctl_old",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "epoll_pwait",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "epoll_wait",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "epoll_wait_old",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "eventfd",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "eventfd2",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "execve",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "execveat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "exit",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "exit_group",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "faccessat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fadvise64",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fadvise64_64",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fallocate",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fanotify_init",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fanotify_mark",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fchdir",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fchmod",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fchmodat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fchown",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fchown32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fchownat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fcntl",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fcntl64",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fdatasync",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fgetxattr",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "flistxattr",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "flock",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fork",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fremovexattr",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fsetxattr",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fstat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fstat64",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fstatat64",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fstatfs",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fstatfs64",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "fsync",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "ftruncate",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "ftruncate64",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "futex",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "futimesat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getcpu",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getcwd",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getdents",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getdents64",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getegid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getegid32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "geteuid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "geteuid32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getgid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getgid32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getgroups",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getgroups32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getitimer",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getpeername",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getpgid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getpgrp",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getpid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getppid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getpriority",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getrandom",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getresgid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getresgid32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getresuid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getresuid32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getrlimit",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "get_robust_list",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getrusage",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getsid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getsockname",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getsockopt",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "get_thread_area",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "gettid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "gettimeofday",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getuid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getuid32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "getxattr",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "inotify_add_watch",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "inotify_init",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "inotify_init1",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "inotify_rm_watch",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "io_cancel",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "ioctl",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "io_destroy",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "io_getevents",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "ioprio_get",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "ioprio_set",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "io_setup",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "io_submit",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "ipc",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "kill",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "lchown",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "lchown32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "lgetxattr",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "link",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "linkat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "listen",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "listxattr",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "llistxattr",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "_llseek",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "lremovexattr",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "lseek",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "lsetxattr",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "lstat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "lstat64",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "madvise",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "memfd_create",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "mincore",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "mkdir",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "mkdirat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "mknod",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "mknodat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "mlock",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "mlock2",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "mlockall",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "mmap",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "mmap2",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "mprotect",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "mq_getsetattr",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "mq_notify",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "mq_open",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "mq_timedreceive",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "mq_timedsend",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "mq_unlink",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "mremap",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "msgctl",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "msgget",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "msgrcv",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "msgsnd",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "msync",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "munlock",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "munlockall",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "munmap",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "nanosleep",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "newfstatat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "_newselect",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "open",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "openat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "pause",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "personality",
+			Action: types.ActAllow,
+			Args: []*types.Arg{
+				{
+					Index: 0,
+					Value: 0x0,
+					Op:    types.OpEqualTo,
+				},
+			},
+		},
+		{
+			Name:   "personality",
+			Action: types.ActAllow,
+			Args: []*types.Arg{
+				{
+					Index: 0,
+					Value: 0x0008,
+					Op:    types.OpEqualTo,
+				},
+			},
+		},
+		{
+			Name:   "personality",
+			Action: types.ActAllow,
+			Args: []*types.Arg{
+				{
+					Index: 0,
+					Value: 0xffffffff,
+					Op:    types.OpEqualTo,
+				},
+			},
+		},
+		{
+			Name:   "pipe",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "pipe2",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "poll",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "ppoll",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "prctl",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "pread64",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "preadv",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "prlimit64",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "pselect6",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "pwrite64",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "pwritev",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "read",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "readahead",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "readlink",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "readlinkat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "readv",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "recv",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "recvfrom",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "recvmmsg",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "recvmsg",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "remap_file_pages",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "removexattr",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "rename",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "renameat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "renameat2",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "restart_syscall",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "rmdir",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "rt_sigaction",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "rt_sigpending",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "rt_sigprocmask",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "rt_sigqueueinfo",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "rt_sigreturn",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "rt_sigsuspend",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "rt_sigtimedwait",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "rt_tgsigqueueinfo",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sched_getaffinity",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sched_getattr",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sched_getparam",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sched_get_priority_max",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sched_get_priority_min",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sched_getscheduler",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sched_rr_get_interval",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sched_setaffinity",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sched_setattr",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sched_setparam",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sched_setscheduler",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sched_yield",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "seccomp",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "select",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "semctl",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "semget",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "semop",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "semtimedop",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "send",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sendfile",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sendfile64",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sendmmsg",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sendmsg",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sendto",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setdomainname",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setfsgid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setfsgid32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setfsuid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setfsuid32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setgid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setgid32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setgroups",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setgroups32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sethostname",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setitimer",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setpgid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setpriority",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setregid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setregid32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setresgid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setresgid32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setresuid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setresuid32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setreuid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setreuid32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setrlimit",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "set_robust_list",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setsid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setsockopt",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "set_thread_area",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "set_tid_address",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setuid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setuid32",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "setxattr",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "shmat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "shmctl",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "shmdt",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "shmget",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "shutdown",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sigaltstack",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "signalfd",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "signalfd4",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sigreturn",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "socket",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "socketcall",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "socketpair",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "splice",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "stat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "stat64",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "statfs",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "statfs64",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "symlink",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "symlinkat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sync",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sync_file_range",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "syncfs",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "sysinfo",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "syslog",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "tee",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "tgkill",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "time",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "timer_create",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "timer_delete",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "timerfd_create",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "timerfd_gettime",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "timerfd_settime",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "timer_getoverrun",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "timer_gettime",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "timer_settime",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "times",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "tkill",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "truncate",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "truncate64",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "ugetrlimit",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "umask",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "uname",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "unlink",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "unlinkat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "utime",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "utimensat",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "utimes",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "vfork",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "vhangup",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "vmsplice",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "wait4",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "waitid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "waitpid",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "write",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "writev",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		// i386 specific syscalls
+		{
+			Name:   "modify_ldt",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		// arm specific syscalls
+		{
+			Name:   "breakpoint",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "cacheflush",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+		{
+			Name:   "set_tls",
+			Action: types.ActAllow,
+			Args:   []*types.Arg{},
+		},
+	},
+}
diff --git a/profiles/seccomp/seccomp_test.go b/profiles/seccomp/seccomp_test.go
new file mode 100644
index 00000000..2c9929e9
--- /dev/null
+++ b/profiles/seccomp/seccomp_test.go
@@ -0,0 +1,28 @@
+// +build linux
+
+package seccomp
+
+import (
+	"io/ioutil"
+	"testing"
+)
+
+func TestLoadProfile(t *testing.T) {
+	f, err := ioutil.ReadFile("fixtures/example.json")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := LoadProfile(string(f)); err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestLoadDefaultProfile(t *testing.T) {
+	f, err := ioutil.ReadFile("default.json")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := LoadProfile(string(f)); err != nil {
+		t.Fatal(err)
+	}
+}
diff --git a/profiles/seccomp/seccomp_unsupported.go b/profiles/seccomp/seccomp_unsupported.go
new file mode 100644
index 00000000..64963292
--- /dev/null
+++ b/profiles/seccomp/seccomp_unsupported.go
@@ -0,0 +1,10 @@
+// +build linux,!seccomp
+
+package seccomp
+
+import "github.com/docker/engine-api/types"
+
+var (
+	// DefaultProfile is a nil pointer on unsupported systems.
+	DefaultProfile *types.Seccomp
+)
diff --git a/project/ARM.md b/project/ARM.md
new file mode 100644
index 00000000..c4d21bf2
--- /dev/null
+++ b/project/ARM.md
@@ -0,0 +1,45 @@
+# ARM support
+
+The ARM support should be considered experimental. It will be extended step by step in the coming weeks.
+
+Building a Docker Development Image works in the same fashion as for Intel platform (x86-64).
+Currently we have initial support for 32bit ARMv7 devices.
+
+To work with the Docker Development Image you have to clone the Docker/Docker repo on a supported device.
+It needs to have a Docker Engine installed to build the Docker Development Image.
+
+From the root of the Docker/Docker repo one can use make to execute the following make targets:
+- make validate
+- make binary
+- make build
+- make deb
+- make bundles
+- make default
+- make shell
+- make test-unit
+- make test-integration-cli
+- make
+
+The Makefile does include logic to determine on which OS and architecture the Docker Development Image is built.
+Based on OS and architecture it chooses the correct Dockerfile.
+For the ARM 32bit architecture it uses `Dockerfile.armhf`.
+
+So for example in order to build a Docker binary one has to  
+1. clone the Docker/Docker repository on an ARM device `git clone git@github.com:docker/docker.git`  
+2. change into the checked out repository with `cd docker`  
+3. execute `make binary` to create a Docker Engine binary for ARM  
+
+## Kernel modules
+A few libnetwork integration tests require that the kernel be
+configured with "dummy" network interface and has the module
+loaded. However, the dummy module may be not loaded automatically.
+
+To load the kernel module permanently, run these commands as `root`.
+
+    modprobe dummy
+    echo "dummy" >> /etc/modules
+
+On some systems you also have to sync your kernel modules.
+
+    oc-sync-kernel-modules
+    depmod
diff --git a/project/BRANCHES-AND-TAGS.md b/project/BRANCHES-AND-TAGS.md
new file mode 100644
index 00000000..1c6f2325
--- /dev/null
+++ b/project/BRANCHES-AND-TAGS.md
@@ -0,0 +1,35 @@
+Branches and tags
+=================
+
+Note: details of the release process for the Engine are documented in the
+[RELEASE-CHECKLIST](https://github.com/docker/docker/blob/master/project/RELEASE-CHECKLIST.md).
+
+# Branches
+
+The docker/docker repository should normally have only three living branches at all time, including
+the regular `master` branch:
+
+## `docs` branch
+
+The `docs` branch supports documentation updates between product releases. This branch allow us to
+decouple documentation releases from product releases.
+
+## `release` branch
+
+The `release` branch contains the last _released_ version of the code for the project.
+
+The `release` branch is only updated at each public release of the project. The mechanism for this
+is that the release is materialized by a pull request against the `release` branch which lives for
+the duration of the code freeze period. When this pull request is merged, the `release` branch gets
+updated, and its new state is tagged accordingly.
+
+# Tags
+
+Any public release of a compiled binary, with the logical exception of nightly builds, should have
+a corresponding tag in the repository.
+
+The general format of a tag is `vX.Y.Z[-suffix[N]]`:
+
+- All of `X`, `Y`, `Z` must be specified (example: `v1.0.0`)
+- First release candidate for version `1.8.0` should be tagged `v1.8.0-rc1`
+- Second alpha release of a product should be tagged `v1.0.0-alpha1`
diff --git a/project/CONTRIBUTORS.md b/project/CONTRIBUTORS.md
new file mode 120000
index 00000000..44fcc634
--- /dev/null
+++ b/project/CONTRIBUTORS.md
@@ -0,0 +1 @@
+../CONTRIBUTING.md
\ No newline at end of file
diff --git a/project/GOVERNANCE.md b/project/GOVERNANCE.md
new file mode 100644
index 00000000..6ae7baf7
--- /dev/null
+++ b/project/GOVERNANCE.md
@@ -0,0 +1,17 @@
+# Docker Governance Advisory Board Meetings
+
+In the spirit of openness, Docker created a Governance Advisory Board, and committed to make all materials and notes from the meetings of this group public.
+All output from the meetings should be considered proposals only, and are subject to the review and approval of the community and the project leadership.
+
+The materials from the first Docker Governance Advisory Board meeting, held on October 28, 2014, are available at 
+[Google Docs Folder](https://goo.gl/Alfj8r)
+
+These include:
+
+* First Meeting Notes 
+* DGAB Charter 
+* Presentation 1: Introductory Presentation, including State of The Project  
+* Presentation 2: Overall Contribution Structure/Docker Project Core Proposal 
+* Presentation 3: Long Term Roadmap/Statement of Direction 
+ 
+
diff --git a/project/IRC-ADMINISTRATION.md b/project/IRC-ADMINISTRATION.md
new file mode 100644
index 00000000..824a14bd
--- /dev/null
+++ b/project/IRC-ADMINISTRATION.md
@@ -0,0 +1,37 @@
+# Freenode IRC Administration Guidelines and Tips
+
+This is not meant to be a general "Here's how to IRC" document, so if you're
+looking for that, check Google instead. ♥
+
+If you've been charged with helping maintain one of Docker's now many IRC
+channels, this might turn out to be useful.  If there's information that you
+wish you'd known about how a particular channel is organized, you should add
+deets here! :)
+
+## `ChanServ`
+
+Most channel maintenance happens by talking to Freenode's `ChanServ` bot.  For
+example, `/msg ChanServ ACCESS <channel> LIST` will show you a list of everyone
+with "access" privileges for a particular channel.
+
+A similar command is used to give someone a particular access level.  For
+example, to add a new maintainer to the `#docker-maintainers` access list so
+that they can contribute to the discussions (after they've been merged
+appropriately in a `MAINTAINERS` file, of course), one would use `/msg ChanServ
+ACCESS #docker-maintainers ADD <nick> maintainer`.
+
+To setup a new channel with a similar `maintainer` access template, use a
+command like `/msg ChanServ TEMPLATE <channel> maintainer +AV` (`+A` for letting
+them view the `ACCESS LIST`, `+V` for auto-voice; see `/msg ChanServ HELP FLAGS`
+for more details).
+
+## Troubleshooting
+
+The most common cause of not-getting-auto-`+v` woes is people not being
+`IDENTIFY`ed with `NickServ` (or their current nickname not being `GROUP`ed with
+their main nickname) -- often manifested by `ChanServ` responding to an `ACCESS
+ADD` request with something like `xyz is not registered.`.
+
+This is easily fixed by doing `/msg NickServ IDENTIFY OldNick SecretPassword`
+followed by `/msg NickServ GROUP` to group the two nicknames together.  See
+`/msg NickServ HELP GROUP` for more information.
diff --git a/project/ISSUE-TRIAGE.md b/project/ISSUE-TRIAGE.md
new file mode 100644
index 00000000..80b2232b
--- /dev/null
+++ b/project/ISSUE-TRIAGE.md
@@ -0,0 +1,91 @@
+Triaging of issues
+------------------
+
+Triage provides an important way to contribute to an open source project.  Triage helps ensure issues resolve quickly by:
+
+- Describing the issue's intent and purpose is conveyed precisely. This is necessary because it can be difficult for an issue to explain how an end user experiences a problem and what actions they took.
+- Giving a contributor the information they need before they commit to resolving an issue.
+- Lowering the issue count by preventing duplicate issues.
+- Streamlining the development process by preventing duplicate discussions.
+
+If you don't have time to code, consider helping with triage. The community will thank you for saving them time by spending some of yours.
+
+### 1. Ensure the issue contains basic information
+
+Before triaging an issue very far, make sure that the issue's author provided the standard issue information. This will help you make an educated recommendation on how this to categorize the issue. Standard information that *must* be included in most issues are things such as:
+
+-   the output of `docker version`
+-   the output of `docker info`
+-   the output of `uname -a`
+-   a reproducible case if this is a bug, Dockerfiles FTW
+-   host distribution and version ( ubuntu 14.04, RHEL, fedora 23 )
+-   page URL if this is a docs issue or the name of a man page
+
+Depending on the issue, you might not feel all this information is needed. Use your best judgement.  If you cannot triage an issue using what its author provided, explain kindly to the author that they must provide the above information to clarify the problem.
+
+If the author provides the standard information but you are still unable to triage the issue, request additional information. Do this kindly and politely because you are asking for more of the author's time.
+
+If the author does not respond requested information within the timespan of a week, close the issue with a kind note stating that the author can request for the issue to be
+reopened when the necessary information is provided.
+
+### 2. Classify the Issue
+
+An issue can have multiple of the following labels.
+
+#### Issue kind
+
+| Kind             | Description                                                                                                                     |
+|------------------|---------------------------------------------------------------------------------------------------------------------------------|
+| kind/bug         | Bugs are bugs. The cause may or may not be known at triage time so debugging should be taken account into the time estimate.    |
+| kind/docs        | Writing documentation, man pages, articles, blogs, or other significant word-driven task.                                       |
+| kind/enhancement | Enhancement are not bugs or new features but can drastically improve usability or performance of a project component.           |
+| kind/feature     | Functionality or other elements that the project does not currently support.  Features are new and shiny.                      |
+| kind/question    | Contains a user or contributor question requiring a response.                                                                   |
+
+#### Functional area
+
+| Area                      |
+|---------------------------|
+| area/api                  |
+| area/builder              |
+| area/cli                  |
+| area/kernel               |
+| area/runtime              |
+| area/storage              |
+| area/storage/aufs         |
+| area/storage/btrfs        |
+| area/storage/devicemapper |
+| area/storage/overlay      |
+| area/storage/zfs          |
+
+#### Experience level
+
+Experience level is a way for a contributor to find an issue based on their
+skill set.  Experience types are applied to the issue or pull request using
+labels.
+
+| Level            | Experience level guideline                                                                                                                                                  |
+|------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| exp/beginner     | New to Docker, and possibly Golang, and is looking to help while learning the basics.                                                                                       |
+| exp/intermediate | Comfortable with golang and understands the core concepts of Docker and looking to dive deeper into the project.                                                            |
+| exp/expert       | Proficient with Docker and Golang and has been following, and active in, the community to understand the rationale behind design decisions and where the project is headed. |
+
+As the table states, these labels are meant as guidelines. You might have
+written a whole plugin for Docker in a personal project and never contributed to
+Docker. With that kind of experience, you could take on an <strong
+class="gh-label expert">exp/expert</strong> level task.
+
+### 3. Prioritizing issue
+
+When attached to a specific milestone, an issue can be attributed one of the
+following labels to indicate their degree of priority (from more urgent to less
+urgent).
+
+| Priority    | Description                                                                                                                       |
+|-------------|-----------------------------------------------------------------------------------------------------------------------------------|
+| priority/P0 | Urgent: Security, critical bugs, blocking issues. P0 basically means drop everything you are doing until this issue is addressed. |
+| priority/P1 | Important: P1 issues are a top priority and a must-have for the next release.                                                     |
+| priority/P2 | Normal priority: default priority applied.                                                                                        |
+| priority/P3 | Best effort: those are nice to have / minor issues.                                                                               |
+
+And that's it. That should be all the information required for a new or existing contributor to come in an resolve an issue.
diff --git a/project/PACKAGE-REPO-MAINTENANCE.md b/project/PACKAGE-REPO-MAINTENANCE.md
new file mode 100644
index 00000000..3763f879
--- /dev/null
+++ b/project/PACKAGE-REPO-MAINTENANCE.md
@@ -0,0 +1,74 @@
+# Apt & Yum Repository Maintenance
+## A maintainer's guide to managing Docker's package repos
+
+### How to clean up old experimental debs and rpms
+
+We release debs and rpms for experimental nightly, so these can build up.
+To remove old experimental debs and rpms, and _ONLY_ keep the latest, follow the
+steps below.
+
+1. Checkout docker master
+
+2. Run clean scripts
+
+```bash
+docker build --rm --force-rm -t docker-dev:master .
+docker run --rm -it --privileged \
+    -v /path/to/your/repos/dir:/volumes/repos \
+    -v $HOME/.gnupg:/root/.gnupg \
+    -e GPG_PASSPHRASE \
+    -e DOCKER_RELEASE_DIR=/volumes/repos \
+    docker-dev:master hack/make.sh clean-apt-repo clean-yum-repo generate-index-listing sign-repos
+```
+
+3. Upload the changed repos to `s3` (if you host on s3)
+
+4. Purge the cache, PURGE the cache, PURGE THE CACHE!
+
+### How to get out of a sticky situation
+
+Sh\*t happens. We know. Below are steps to get out of any "hash-sum mismatch" or
+"gpg sig error" or the likes error that might happen to the apt repo.
+
+**NOTE:** These are apt repo specific, have had no experimence with anything similar
+happening to the yum repo in the past so you can rest easy.
+
+For each step listed below, move on to the next if the previous didn't work.
+Otherwise CELEBRATE!
+
+1. Purge the cache.
+
+2. Did you remember to sign the debs after releasing?
+
+Re-sign the repo with your gpg key:
+
+```bash
+docker build --rm --force-rm -t docker-dev:master .
+docker run --rm -it --privileged \
+    -v /path/to/your/repos/dir:/volumes/repos \
+    -v $HOME/.gnupg:/root/.gnupg \
+    -e GPG_PASSPHRASE \
+    -e DOCKER_RELEASE_DIR=/volumes/repos \
+    docker-dev:master hack/make.sh sign-repos
+```
+
+Upload the changed repo to `s3` (if that is where you host)
+
+PURGE THE CACHE.
+
+3. Run Jess' magical, save all, only in case of extreme emergencies, "you are
+going to have to break this glass to get it" script.
+
+```bash
+docker build --rm --force-rm -t docker-dev:master .
+docker run --rm -it --privileged \
+    -v /path/to/your/repos/dir:/volumes/repos \
+    -v $HOME/.gnupg:/root/.gnupg \
+    -e GPG_PASSPHRASE \
+    -e DOCKER_RELEASE_DIR=/volumes/repos \
+    docker-dev:master hack/make.sh update-apt-repo generate-index-listing sign-repos
+```
+
+4. Upload the changed repo to `s3` (if that is where you host)
+
+PURGE THE CACHE.
diff --git a/project/PACKAGERS.md b/project/PACKAGERS.md
new file mode 100644
index 00000000..03a69db1
--- /dev/null
+++ b/project/PACKAGERS.md
@@ -0,0 +1,308 @@
+# Dear Packager,
+
+If you are looking to make Docker available on your favorite software
+distribution, this document is for you. It summarizes the requirements for
+building and running the Docker client and the Docker daemon.
+
+## Getting Started
+
+We want to help you package Docker successfully. Before doing any packaging, a
+good first step is to introduce yourself on the [docker-dev mailing
+list](https://groups.google.com/d/forum/docker-dev), explain what you're trying
+to achieve, and tell us how we can help. Don't worry, we don't bite! There might
+even be someone already working on packaging for the same distro!
+
+You can also join the IRC channel - #docker and #docker-dev on Freenode are both
+active and friendly.
+
+We like to refer to Tianon ("@tianon" on GitHub and "tianon" on IRC) as our
+"Packagers Relations", since he's always working to make sure our packagers have
+a good, healthy upstream to work with (both in our communication and in our
+build scripts). If you're having any kind of trouble, feel free to ping him
+directly. He also likes to keep track of what distributions we have packagers
+for, so feel free to reach out to him even just to say "Hi!"
+
+## Package Name
+
+If possible, your package should be called "docker". If that name is already
+taken, a second choice is "docker-engine". Another possible choice is "docker.io".
+
+## Official Build vs Distro Build
+
+The Docker project maintains its own build and release toolchain. It is pretty
+neat and entirely based on Docker (surprise!). This toolchain is the canonical
+way to build Docker. We encourage you to give it a try, and if the circumstances
+allow you to use it, we recommend that you do.
+
+You might not be able to use the official build toolchain - usually because your
+distribution has a toolchain and packaging policy of its own. We get it! Your
+house, your rules. The rest of this document should give you the information you
+need to package Docker your way, without denaturing it in the process.
+
+## Build Dependencies
+
+To build Docker, you will need the following:
+
+* A recent version of Git and Mercurial
+* Go version 1.4 or later (Go version 1.5 or later required for hardware signing
+  support in Docker Content Trust)
+* A clean checkout of the source added to a valid [Go
+  workspace](https://golang.org/doc/code.html#Workspaces) under the path
+  *src/github.com/docker/docker* (unless you plan to use `AUTO_GOPATH`,
+  explained in more detail below)
+
+To build the Docker daemon, you will additionally need:
+
+* An amd64/x86_64 machine running Linux
+* SQLite version 3.7.9 or later
+* libdevmapper version 1.02.68-cvs (2012-01-26) or later from lvm2 version
+  2.02.89 or later
+* btrfs-progs version 3.16.1 or later (unless using an older version is
+  absolutely necessary, in which case 3.8 is the minimum)
+* libseccomp version 2.2.1 or later (for build tag seccomp)
+
+Be sure to also check out Docker's Dockerfile for the most up-to-date list of
+these build-time dependencies.
+
+### Go Dependencies
+
+All Go dependencies are vendored under "./vendor". They are used by the official
+build, so the source of truth for the current version of each dependency is
+whatever is in "./vendor".
+
+To use the vendored dependencies, simply make sure the path to "./vendor" is
+included in `GOPATH` (or use `AUTO_GOPATH`, as explained below).
+
+If you would rather (or must, due to distro policy) package these dependencies
+yourself, take a look at "./hack/vendor.sh" for an easy-to-parse list of the
+exact version for each.
+
+NOTE: if you're not able to package the exact version (to the exact commit) of a
+given dependency, please get in touch so we can remediate! Who knows what
+discrepancies can be caused by even the slightest deviation. We promise to do
+our best to make everybody happy.
+
+## Stripping Binaries
+
+Please, please, please do not strip any compiled binaries. This is really
+important.
+
+In our own testing, stripping the resulting binaries sometimes results in a
+binary that appears to work, but more often causes random panics, segfaults, and
+other issues. Even if the binary appears to work, please don't strip.
+
+See the following quotes from Dave Cheney, which explain this position better
+from the upstream Golang perspective.
+
+### [go issue #5855, comment #3](https://code.google.com/p/go/issues/detail?id=5855#c3)
+
+> Super super important: Do not strip go binaries or archives. It isn't tested,
+> often breaks, and doesn't work.
+
+### [launchpad golang issue #1200255, comment #8](https://bugs.launchpad.net/ubuntu/+source/golang/+bug/1200255/comments/8)
+
+> To quote myself: "Please do not strip Go binaries, it is not supported, not
+> tested, is often broken, and doesn't do what you want"
+>
+> To unpack that a bit
+>
+> * not supported, as in, we don't support it, and recommend against it when
+>   asked
+> * not tested, we don't test stripped binaries as part of the build CI process
+> * is often broken, stripping a go binary will produce anywhere from no, to
+>   subtle, to outright execution failure, see above
+
+### [launchpad golang issue #1200255, comment #13](https://bugs.launchpad.net/ubuntu/+source/golang/+bug/1200255/comments/13)
+
+> To clarify my previous statements.
+>
+> * I do not disagree with the debian policy, it is there for a good reason
+> * Having said that, it stripping Go binaries doesn't work, and nobody is
+>   looking at making it work, so there is that.
+>
+> Thanks for patching the build formula.
+
+## Building Docker
+
+Please use our build script ("./hack/make.sh") for all your compilation of
+Docker. If there's something you need that it isn't doing, or something it could
+be doing to make your life as a packager easier, please get in touch with Tianon
+and help us rectify the situation. Chances are good that other packagers have
+probably run into the same problems and a fix might already be in the works, but
+none of us will know for sure unless you harass Tianon about it. :)
+
+All the commands listed within this section should be run with the Docker source
+checkout as the current working directory.
+
+### `AUTO_GOPATH`
+
+If you'd rather not be bothered with the hassles that setting up `GOPATH`
+appropriately can be, and prefer to just get a "build that works", you should
+add something similar to this to whatever script or process you're using to
+build Docker:
+
+```bash
+export AUTO_GOPATH=1
+```
+
+This will cause the build scripts to set up a reasonable `GOPATH` that
+automatically and properly includes both docker/docker from the local
+directory, and the local "./vendor" directory as necessary.
+
+### `DOCKER_BUILDTAGS`
+
+If you're building a binary that may need to be used on platforms that include
+AppArmor, you will need to set `DOCKER_BUILDTAGS` as follows:
+```bash
+export DOCKER_BUILDTAGS='apparmor'
+```
+
+If you're building a binary that may need to be used on platforms that include
+SELinux, you will need to use the `selinux` build tag:
+```bash
+export DOCKER_BUILDTAGS='selinux'
+```
+
+If you're building a binary that may need to be used on platforms that include
+seccomp, you will need to use the `seccomp` build tag:
+```bash
+export DOCKER_BUILDTAGS='seccomp'
+```
+
+There are build tags for disabling graphdrivers as well. By default, support
+for all graphdrivers are built in.
+
+To disable btrfs:
+```bash
+export DOCKER_BUILDTAGS='exclude_graphdriver_btrfs'
+```
+
+To disable devicemapper:
+```bash
+export DOCKER_BUILDTAGS='exclude_graphdriver_devicemapper'
+```
+
+To disable aufs:
+```bash
+export DOCKER_BUILDTAGS='exclude_graphdriver_aufs'
+```
+
+NOTE: if you need to set more than one build tag, space separate them:
+```bash
+export DOCKER_BUILDTAGS='apparmor selinux exclude_graphdriver_aufs'
+```
+
+### Static Daemon
+
+If it is feasible within the constraints of your distribution, you should
+seriously consider packaging Docker as a single static binary. A good comparison
+is Busybox, which is often packaged statically as a feature to enable mass
+portability. Because of the unique way Docker operates, being similarly static
+is a "feature".
+
+To build a static Docker daemon binary, run the following command (first
+ensuring that all the necessary libraries are available in static form for
+linking - see the "Build Dependencies" section above, and the relevant lines
+within Docker's own Dockerfile that set up our official build environment):
+
+```bash
+./hack/make.sh binary
+```
+
+This will create a static binary under
+"./bundles/$VERSION/binary/docker-$VERSION", where "$VERSION" is the contents of
+the file "./VERSION". This binary is usually installed somewhere like
+"/usr/bin/docker".
+
+### Dynamic Daemon / Client-only Binary
+
+If you are only interested in a Docker client binary, set `DOCKER_CLIENTONLY` to a non-empty value using something similar to the following:
+
+```bash
+export DOCKER_CLIENTONLY=1
+```
+
+If you need to (due to distro policy, distro library availability, or for other
+reasons) create a dynamically compiled daemon binary, or if you are only
+interested in creating a client binary for Docker, use something similar to the
+following:
+
+```bash
+./hack/make.sh dynbinary
+```
+
+This will create "./bundles/$VERSION/dynbinary/docker-$VERSION", which for
+client-only builds is the important file to grab and install as appropriate.
+
+## System Dependencies
+
+### Runtime Dependencies
+
+To function properly, the Docker daemon needs the following software to be
+installed and available at runtime:
+
+* iptables version 1.4 or later
+* procps (or similar provider of a "ps" executable)
+* e2fsprogs version 1.4.12 or later (in use: mkfs.ext4, tune2fs)
+* xfsprogs (in use: mkfs.xfs)
+* XZ Utils version 4.9 or later
+* a [properly
+  mounted](https://github.com/tianon/cgroupfs-mount/blob/master/cgroupfs-mount)
+  cgroupfs hierarchy (having a single, all-encompassing "cgroup" mount point
+  [is](https://github.com/docker/docker/issues/2683)
+  [not](https://github.com/docker/docker/issues/3485)
+  [sufficient](https://github.com/docker/docker/issues/4568))
+
+Additionally, the Docker client needs the following software to be installed and
+available at runtime:
+
+* Git version 1.7 or later
+
+### Kernel Requirements
+
+The Docker daemon has very specific kernel requirements. Most pre-packaged
+kernels already include the necessary options enabled. If you are building your
+own kernel, you will either need to discover the options necessary via trial and
+error, or check out the [Gentoo
+ebuild](https://github.com/tianon/docker-overlay/blob/master/app-emulation/docker/docker-9999.ebuild),
+in which a list is maintained (and if there are any issues or discrepancies in
+that list, please contact Tianon so they can be rectified).
+
+Note that in client mode, there are no specific kernel requirements, and that
+the client will even run on alternative platforms such as Mac OS X / Darwin.
+
+### Optional Dependencies
+
+Some of Docker's features are activated by using optional command-line flags or
+by having support for them in the kernel or userspace. A few examples include:
+
+* AUFS graph driver (requires AUFS patches/support enabled in the kernel, and at
+  least the "auplink" utility from aufs-tools)
+* BTRFS graph driver (requires BTRFS support enabled in the kernel)
+* ZFS graph driver (requires userspace zfs-utils and a corresponding kernel module)
+* Libseccomp to allow running seccomp profiles with containers
+
+## Daemon Init Script
+
+Docker expects to run as a daemon at machine startup. Your package will need to
+include a script for your distro's process supervisor of choice. Be sure to
+check out the "contrib/init" folder in case a suitable init script already
+exists (and if one does not, contact Tianon about whether it might be
+appropriate for your distro's init script to live there too!).
+
+In general, Docker should be run as root, similar to the following:
+
+```bash
+docker daemon
+```
+
+Generally, a `DOCKER_OPTS` variable of some kind is available for adding more
+flags (such as changing the graph driver to use BTRFS, switching the location of
+"/var/lib/docker", etc).
+
+## Communicate
+
+As a final note, please do feel free to reach out to Tianon at any time for
+pretty much anything. He really does love hearing from our packagers and wants
+to make sure we're not being a "hostile upstream". As should be a given, we
+appreciate the work our packagers do to make sure we have broad distribution!
diff --git a/project/PATCH-RELEASES.md b/project/PATCH-RELEASES.md
new file mode 100644
index 00000000..548db9ab
--- /dev/null
+++ b/project/PATCH-RELEASES.md
@@ -0,0 +1,68 @@
+# Docker patch (bugfix) release process
+
+Patch releases (the 'Z' in vX.Y.Z) are intended to fix major issues in a
+release. Docker open source projects follow these procedures when creating a
+patch release;
+
+After each release (both "major" (vX.Y.0) and "patch" releases (vX.Y.Z)), a
+patch release milestone (vX.Y.Z + 1) is created.
+
+The creation of a patch release milestone is no obligation to actually
+*create* a patch release. The purpose of these milestones is to collect
+issues and pull requests that can *justify* a patch release;
+
+- Any maintainer is allowed to add issues and PR's to the milestone, when
+  doing so, preferably leave a comment on the issue or PR explaining *why*
+  you think it should be considered for inclusion in a patch release.
+- Issues introduced in version vX.Y.0 get added to milestone X.Y.Z+1
+- Only *regressions* should be added. Issues *discovered* in version vX.Y.0,
+  but already present in version vX.Y-1.Z should not be added, unless
+  critical.
+- Patch releases can *only* contain bug-fixes. New features should
+  *never* be added to a patch release.
+
+The release captain of the "major" (X.Y.0) release, is also responsible for
+patch releases. The release captain, together with another maintainer, will
+review issues and PRs on the milestone, and assigns `priority/`labels. These
+review sessions take place on a weekly basis, more frequent if needed:
+
+- A P0 priority is assigned to critical issues. A maintainer *must* be
+  assigned to these issues. Maintainers should strive to fix a P0 within a week.
+- A P1 priority is assigned to major issues, but not critical. A maintainer
+  *must* be assigned to these issues.
+- P2 and P3 priorities are assigned to other issues. A maintainer can be
+  assigned.
+- Non-critical issues and PR's can be removed from the milestone. Minor
+  changes, such as typo-fixes or omissions in the documentation can be
+  considered for inclusion in a patch release.
+
+## Deciding if a patch release should be done
+
+- Only a P0 can justify to proceed with the patch release.
+- P1, P2, and P3 issues/PR's should not influence the decision, and
+  should be moved to the X.Y.Z+1 milestone, or removed from the
+  milestone.
+
+> **Note**: If the next "major" release is imminent, the release captain
+> can decide to cancel a patch release, and include the patches in the
+> upcoming major release.
+
+> **Note**: Security releases are also "patch releases", but follow
+> a different procedure. Security releases are developed in a private
+> repository, released and tested under embargo before they become
+> publicly available.
+
+## Deciding on the content of a patch release
+
+When the criteria for moving forward with a patch release are met, the release
+manager will decide on the exact content of the release.
+
+- Fixes to all P0 issues *must* be included in the release.
+- Fixes to *some* P1, P2, and P3 issues *may* be included as part of the patch
+  release depending on the severity of the issue and the risk associated with
+  the patch.
+
+Any code delivered as part of a patch release should make life easier for a
+significant amount of users with zero chance of degrading anybody's experience.
+A good rule of thumb for that is to limit cherry-picking to small patches, which
+fix well-understood issues, and which come with verifiable tests.
diff --git a/project/PRINCIPLES.md b/project/PRINCIPLES.md
new file mode 100644
index 00000000..53f03018
--- /dev/null
+++ b/project/PRINCIPLES.md
@@ -0,0 +1,19 @@
+# Docker principles
+
+In the design and development of Docker we try to follow these principles:
+
+(Work in progress)
+
+* Don't try to replace every tool. Instead, be an ingredient to improve them.
+* Less code is better.
+* Fewer components are better. Do you really need to add one more class?
+* 50 lines of straightforward, readable code is better than 10 lines of magic that nobody can understand.
+* Don't do later what you can do now. "//FIXME: refactor" is not acceptable in new code.
+* When hesitating between 2 options, choose the one that is easier to reverse.
+* No is temporary, Yes is forever. If you're not sure about a new feature, say no. You can change your mind later.
+* Containers must be portable to the greatest possible number of machines. Be suspicious of any change which makes machines less interchangeable.
+* The less moving parts in a container, the better.
+* Don't merge it unless you document it.
+* Don't document it unless you can keep it up-to-date.
+* Don't merge it unless you test it!
+* Everyone's problem is slightly different. Focus on the part that is the same for everyone, and solve that.
diff --git a/project/README.md b/project/README.md
new file mode 100644
index 00000000..3ed68cf2
--- /dev/null
+++ b/project/README.md
@@ -0,0 +1,24 @@
+# Hacking on Docker
+
+The `project/` directory holds information and tools for everyone involved in the process of creating and
+distributing Docker, specifically:
+
+## Guides
+
+If you're a *contributor* or aspiring contributor, you should read [CONTRIBUTORS.md](../CONTRIBUTING.md).
+
+If you're a *maintainer* or aspiring maintainer, you should read [MAINTAINERS](../MAINTAINERS).
+
+If you're a *packager* or aspiring packager, you should read [PACKAGERS.md](./PACKAGERS.md).
+
+If you're a maintainer in charge of a *release*, you should read [RELEASE-CHECKLIST.md](./RELEASE-CHECKLIST.md).
+
+## Roadmap
+
+A high-level roadmap is available at [ROADMAP.md](../ROADMAP.md).
+
+
+## Build tools
+
+[hack/make.sh](../hack/make.sh) is the primary build tool for docker. It is used for compiling the official binary,
+running the test suite, and pushing releases.
diff --git a/project/RELEASE-CHECKLIST.md b/project/RELEASE-CHECKLIST.md
new file mode 100644
index 00000000..b9dcf7f4
--- /dev/null
+++ b/project/RELEASE-CHECKLIST.md
@@ -0,0 +1,512 @@
+# Release Checklist
+## A maintainer's guide to releasing Docker
+
+So you're in charge of a Docker release? Cool. Here's what to do.
+
+If your experience deviates from this document, please document the changes
+to keep it up-to-date.
+
+It is important to note that this document assumes that the git remote in your
+repository that corresponds to "https://github.com/docker/docker" is named
+"origin".  If yours is not (for example, if you've chosen to name it "upstream"
+or something similar instead), be sure to adjust the listed snippets for your
+local environment accordingly.  If you are not sure what your upstream remote is
+named, use a command like `git remote -v` to find out.
+
+If you don't have an upstream remote, you can add one easily using something
+like:
+
+```bash
+export GITHUBUSER="YOUR_GITHUB_USER"
+git remote add origin https://github.com/docker/docker.git
+git remote add $GITHUBUSER git@github.com:$GITHUBUSER/docker.git
+```
+
+### 1. Pull from master and create a release branch
+
+All releases version numbers will be of the form: vX.Y.Z  where X is the major
+version number, Y is the minor version number and Z is the patch release version number.
+
+#### Major releases
+
+The release branch name is just vX.Y because it's going to be the basis for all .Z releases.
+
+```bash
+export BASE=vX.Y
+export VERSION=vX.Y.Z
+git fetch origin
+git checkout --track origin/master
+git checkout -b release/$BASE
+```
+
+This new branch is going to be the base for the release. We need to push it to origin so we
+can track the cherry-picked changes and the version bump:
+
+```bash
+git push origin release/$BASE
+```
+
+When you have the major release branch in origin, we need to create the bump fork branch
+that we'll push to our fork:
+
+```bash
+git checkout -b bump_$VERSION
+```
+
+#### Patch releases
+
+If we have the release branch in origin, we can create the forked bump branch from it directly:
+
+```bash
+export VERSION=vX.Y.Z
+export PATCH=vX.Y.Z+1
+git fetch origin
+git checkout --track origin/release/$BASE
+git checkout -b bump_$PATCH
+```
+
+We cherry-pick only the commits we want into the bump branch:
+
+```bash
+# get the commits ids we want to cherry-pick
+git log
+# cherry-pick the commits starting from the oldest one, without including merge commits
+git cherry-pick <commit-id>
+git cherry-pick <commit-id>
+...
+```
+
+### 2. Update the VERSION files and API version on master
+
+We don't want to stop contributions to master just because we are releasing.
+So, after the release branch is up, we bump the VERSION and API version to mark
+the start of the "next" release.
+
+#### 2.1 Update the VERSION files
+
+Update the content of the `VERSION` file to be the next minor (incrementing Y)
+and add the `-dev` suffix. For example, after the release branch for 1.5.0 is
+created, the `VERSION` file gets updated to `1.6.0-dev` (as in "1.6.0 in the
+making").
+
+#### 2.2 Update API version on master
+
+We don't want API changes to go to the now frozen API version. Create a new
+entry in `docs/reference/api/` by copying the latest and bumping the version
+number (in both the file's name and content), and submit this in a PR against
+master.
+
+### 3. Update CHANGELOG.md
+
+You can run this command for reference with git 2.0:
+
+```bash
+git fetch --tags
+LAST_VERSION=$(git tag -l --sort=-version:refname "v*" | grep -E 'v[0-9\.]+$' | head -1)
+git log --stat $LAST_VERSION..bump_$VERSION
+```
+
+If you don't have git 2.0 but have a sort command that supports `-V`:
+```bash
+git fetch --tags
+LAST_VERSION=$(git tag -l | grep -E 'v[0-9\.]+$' | sort -rV | head -1)
+git log --stat $LAST_VERSION..bump_$VERSION
+```
+
+If releasing a major version (X or Y increased in vX.Y.Z), simply listing notable user-facing features is sufficient.
+```markdown
+#### Notable features since <last major version>
+* New docker command to do something useful
+* Remote API change (deprecating old version)
+* Performance improvements in some usecases
+* ...
+```
+
+For minor releases (only Z increases in vX.Y.Z), provide a list of user-facing changes.
+Each change should be listed under a category heading formatted as `#### CATEGORY`.
+
+`CATEGORY` should describe which part of the project is affected.
+  Valid categories are:
+  * Builder
+  * Documentation
+  * Hack
+  * Packaging
+  * Remote API
+  * Runtime
+  * Other (please use this category sparingly)
+
+Each change should be formatted as `BULLET DESCRIPTION`, given:
+
+* BULLET: either `-`, `+` or `*`, to indicate a bugfix, new feature or
+  upgrade, respectively.
+
+* DESCRIPTION: a concise description of the change that is relevant to the
+  end-user, using the present tense. Changes should be described in terms
+  of how they affect the user, for example "Add new feature X which allows Y",
+  "Fix bug which caused X", "Increase performance of Y".
+
+EXAMPLES:
+
+```markdown
+## 0.3.6 (1995-12-25)
+
+#### Builder
+
++ 'docker build -t FOO .' applies the tag FOO to the newly built image
+
+#### Remote API
+
+- Fix a bug in the optional unix socket transport
+
+#### Runtime
+
+* Improve detection of kernel version
+```
+
+If you need a list of contributors between the last major release and the
+current bump branch, use something like:
+```bash
+git log --format='%aN <%aE>' v0.7.0...bump_v0.8.0 | sort -uf
+```
+Obviously, you'll need to adjust version numbers as necessary.  If you just need
+a count, add a simple `| wc -l`.
+
+### 4. Change the contents of the VERSION file
+
+Before the big thing, you'll want to make successive release candidates and get
+people to test. The release candidate number `N` should be part of the version:
+
+```bash
+export RC_VERSION=${VERSION}-rcN
+echo ${RC_VERSION#v} > VERSION
+```
+
+### 5. Test the docs
+
+Make sure that your tree includes documentation for any modified or
+new features, syntax or semantic changes.
+
+To test locally:
+
+```bash
+make docs
+```
+
+To make a shared test at https://beta-docs.docker.io:
+
+(You will need the `awsconfig` file added to the `docs/` dir)
+
+```bash
+make AWS_S3_BUCKET=beta-docs.docker.io BUILD_ROOT=yes docs-release
+```
+
+### 6. Commit and create a pull request to the "release" branch
+
+```bash
+git add VERSION CHANGELOG.md
+git commit -m "Bump version to $VERSION"
+git push $GITHUBUSER bump_$VERSION
+echo "https://github.com/$GITHUBUSER/docker/compare/docker:release/$BASE...$GITHUBUSER:bump_$VERSION?expand=1"
+```
+
+That last command will give you the proper link to visit to ensure that you
+open the PR against the "release" branch instead of accidentally against
+"master" (like so many brave souls before you already have).
+
+### 7. Build release candidate rpms and debs
+
+**NOTE**: It will be a lot faster if you pass a different graphdriver with
+`DOCKER_GRAPHDRIVER` than `vfs`.
+
+```bash
+docker build -t docker .
+docker run \
+    --rm -t --privileged \
+    -e DOCKER_GRAPHDRIVER=aufs \
+    -v $(pwd)/bundles:/go/src/github.com/docker/docker/bundles \
+    docker \
+    hack/make.sh binary build-deb build-rpm
+```
+
+### 8. Publish release candidate rpms and debs
+
+With the rpms and debs you built from the last step you can release them on the
+same server, or ideally, move them to a dedicated release box via scp into
+another docker/docker directory in bundles. This next step assumes you have
+a checkout of the docker source code at the same commit you used to build, with
+the artifacts from the last step in `bundles`.
+
+**NOTE:** If you put a space before the command your `.bash_history` will not
+save it. (for the `GPG_PASSPHRASE`).
+
+```bash
+docker build -t docker .
+docker run --rm -it --privileged \
+    -v /volumes/repos:/volumes/repos \
+    -v $(pwd)/bundles:/go/src/github.com/docker/docker/bundles \
+    -v $HOME/.gnupg:/root/.gnupg \
+    -e DOCKER_RELEASE_DIR=/volumes/repos \
+    -e GPG_PASSPHRASE \
+    -e KEEPBUNDLE=1 \
+    docker \
+    hack/make.sh release-deb release-rpm sign-repos generate-index-listing
+```
+
+### 9. Upload the changed repos to wherever you host
+
+For example, above we bind mounted `/volumes/repos` as the storage for
+`DOCKER_RELEASE_DIR`. In this case `/volumes/repos/apt` can be synced with
+a specific s3 bucket for the apt repo and `/volumes/repos/yum` can be synced with
+a s3 bucket for the yum repo.
+
+### 10. Publish release candidate binaries
+
+To run this you will need access to the release credentials. Get them from the
+Core maintainers.
+
+```bash
+docker build -t docker .
+
+# static binaries are still pushed to s3
+docker run \
+    -e AWS_S3_BUCKET=test.docker.com \
+    -e AWS_ACCESS_KEY_ID \
+    -e AWS_SECRET_ACCESS_KEY \
+    -e AWS_DEFAULT_REGION \
+    -i -t --privileged \
+    docker \
+    hack/release.sh
+```
+
+It will run the test suite, build the binaries and upload to the specified bucket,
+so this is a good time to verify that you're running against **test**.docker.com.
+
+### 11. Purge the cache!
+
+After the binaries are uploaded to test.docker.com and the packages are on
+apt.dockerproject.org and yum.dockerproject.org, make sure
+they get tested in both Ubuntu and Debian for any obvious installation
+issues or runtime issues.
+
+If everything looks good, it's time to create a git tag for this candidate:
+
+```bash
+git tag -a $RC_VERSION -m $RC_VERSION bump_$VERSION
+git push origin $RC_VERSION
+```
+
+Announcing on multiple medias is the best way to get some help testing! An easy
+way to get some useful links for sharing:
+
+```bash
+echo "Ubuntu/Debian: curl -sSL https://test.docker.com/ | sh"
+echo "Linux 64bit binary: https://test.docker.com/builds/Linux/x86_64/docker-${VERSION#v}"
+echo "Darwin/OSX 64bit client binary: https://test.docker.com/builds/Darwin/x86_64/docker-${VERSION#v}"
+echo "Linux 64bit tgz: https://test.docker.com/builds/Linux/x86_64/docker-${VERSION#v}.tgz"
+echo "Windows 64bit client binary: https://test.docker.com/builds/Windows/x86_64/docker-${VERSION#v}.exe"
+echo "Windows 32bit client binary: https://test.docker.com/builds/Windows/i386/docker-${VERSION#v}.exe"
+```
+
+We recommend announcing the release candidate on:
+
+- IRC on #docker, #docker-dev, #docker-maintainers
+- In a comment on the pull request to notify subscribed people on GitHub
+- The [docker-dev](https://groups.google.com/forum/#!forum/docker-dev) group
+- The [docker-maintainers](https://groups.google.com/a/dockerproject.org/forum/#!forum/maintainers) group
+- Any social media that can bring some attention to the release candidate
+
+### 12. Iterate on successive release candidates
+
+Spend several days along with the community explicitly investing time and
+resources to try and break Docker in every possible way, documenting any
+findings pertinent to the release.  This time should be spent testing and
+finding ways in which the release might have caused various features or upgrade
+environments to have issues, not coding.  During this time, the release is in
+code freeze, and any additional code changes will be pushed out to the next
+release.
+
+It should include various levels of breaking Docker, beyond just using Docker
+by the book.
+
+Any issues found may still remain issues for this release, but they should be
+documented and give appropriate warnings.
+
+During this phase, the `bump_$VERSION` branch will keep evolving as you will
+produce new release candidates. The frequency of new candidates is up to the
+release manager: use your best judgement taking into account the severity of
+reported issues, testers availability, and time to scheduled release date.
+
+Each time you'll want to produce a new release candidate, you will start by
+adding commits to the branch, usually by cherry-picking from master:
+
+```bash
+git cherry-pick -x -m0 <commit_id>
+```
+
+You want your "bump commit" (the one that updates the CHANGELOG and VERSION
+files) to remain on top, so you'll have to `git rebase -i` to bring it back up.
+
+Now that your bump commit is back on top, you will need to update the CHANGELOG
+file (if appropriate for this particular release candidate), and update the
+VERSION file to increment the RC number:
+
+```bash
+export RC_VERSION=$VERSION-rcN
+echo $RC_VERSION > VERSION
+```
+
+You can now amend your last commit and update the bump branch:
+
+```bash
+git commit --amend
+git push -f $GITHUBUSER bump_$VERSION
+```
+
+Repeat step 6 to tag the code, publish new binaries, announce availability, and
+get help testing.
+
+### 13. Finalize the bump branch
+
+When you're happy with the quality of a release candidate, you can move on and
+create the real thing.
+
+You will first have to amend the "bump commit" to drop the release candidate
+suffix in the VERSION file:
+
+```bash
+echo $VERSION > VERSION
+git add VERSION
+git commit --amend
+```
+
+You will then repeat step 6 to publish the binaries to test
+
+### 14. Get 2 other maintainers to validate the pull request
+
+### 15. Build final rpms and debs
+
+```bash
+docker build -t docker .
+docker run \
+    --rm -t --privileged \
+    -v $(pwd)/bundles:/go/src/github.com/docker/docker/bundles \
+    docker \
+    hack/make.sh binary build-deb build-rpm
+```
+
+### 16. Publish final rpms and debs
+
+With the rpms and debs you built from the last step you can release them on the
+same server, or ideally, move them to a dedicated release box via scp into
+another docker/docker directory in bundles. This next step assumes you have
+a checkout of the docker source code at the same commit you used to build, with
+the artifacts from the last step in `bundles`.
+
+**NOTE:** If you put a space before the command your `.bash_history` will not
+save it. (for the `GPG_PASSPHRASE`).
+
+```bash
+docker build -t docker .
+docker run --rm -it --privileged \
+    -v /volumes/repos:/volumes/repos \
+    -v $(pwd)/bundles:/go/src/github.com/docker/docker/bundles \
+    -v $HOME/.gnupg:/root/.gnupg \
+    -e DOCKER_RELEASE_DIR=/volumes/repos \
+    -e GPG_PASSPHRASE \
+    -e KEEPBUNDLE=1 \
+    docker \
+    hack/make.sh release-deb release-rpm sign-repos generate-index-listing
+```
+
+### 17. Upload the changed repos to wherever you host
+
+For example, above we bind mounted `/volumes/repos` as the storage for
+`DOCKER_RELEASE_DIR`. In this case `/volumes/repos/apt` can be synced with
+a specific s3 bucket for the apt repo and `/volumes/repos/yum` can be synced with
+a s3 bucket for the yum repo.
+
+### 18. Publish final binaries
+
+Once they're tested and reasonably believed to be working, run against
+get.docker.com:
+
+```bash
+docker build -t docker .
+# static binaries are still pushed to s3
+docker run \
+    -e AWS_S3_BUCKET=get.docker.com \
+    -e AWS_ACCESS_KEY_ID \
+    -e AWS_SECRET_ACCESS_KEY \
+    -e AWS_DEFAULT_REGION \
+    -i -t --privileged \
+    docker \
+    hack/release.sh
+```
+
+### 19. Purge the cache!
+
+### 20. Apply tag and create release
+
+It's very important that we don't make the tag until after the official
+release is uploaded to get.docker.com!
+
+```bash
+git tag -a $VERSION -m $VERSION bump_$VERSION
+git push origin $VERSION
+```
+
+Once the tag is pushed, go to GitHub and create a [new release](https://github.com/docker/docker/releases/new).
+If the tag is for an RC make sure you check `This is a pre-release` at the bottom of the form.
+
+Select the tag that you just pushed as the version and paste the changelog in the description of the release.
+You can see examples in this two links:
+
+https://github.com/docker/docker/releases/tag/v1.8.0
+https://github.com/docker/docker/releases/tag/v1.8.0-rc3
+
+### 21. Go to github to merge the `bump_$VERSION` branch into release
+
+Don't forget to push that pretty blue button to delete the leftover
+branch afterwards!
+
+### 22. Update the docs branch
+
+You will need to point the docs branch to the newly created release tag:
+
+```bash
+git checkout origin/docs
+git reset --hard origin/$VERSION
+git push -f origin docs
+```
+
+The docs will appear on https://docs.docker.com/ (though there may be cached
+versions, so its worth checking http://docs.docker.com.s3-website-us-east-1.amazonaws.com/).
+For more information about documentation releases, see `docs/README.md`.
+
+Note that the new docs will not appear live on the site until the cache (a complex,
+distributed CDN system) is flushed. The `make docs-release` command will do this
+_if_ the `DISTRIBUTION_ID` is set correctly - this will take at least 15 minutes to run
+and you can check its progress with the CDN Cloudfront Chrome addon.
+
+### 23. Create a new pull request to merge your bump commit back into master
+
+```bash
+git checkout master
+git fetch
+git reset --hard origin/master
+git cherry-pick $VERSION
+git push $GITHUBUSER merge_release_$VERSION
+echo "https://github.com/$GITHUBUSER/docker/compare/docker:master...$GITHUBUSER:merge_release_$VERSION?expand=1"
+```
+
+Again, get two maintainers to validate, then merge, then push that pretty
+blue button to delete your branch.
+
+### 24. Rejoice and Evangelize!
+
+Congratulations! You're done.
+
+Go forth and announce the glad tidings of the new release in `#docker`,
+`#docker-dev`, on the [dev mailing list](https://groups.google.com/forum/#!forum/docker-dev),
+the [announce mailing list](https://groups.google.com/forum/#!forum/docker-announce),
+and on Twitter!
diff --git a/project/RELEASE-PROCESS.md b/project/RELEASE-PROCESS.md
new file mode 100644
index 00000000..d764e9d0
--- /dev/null
+++ b/project/RELEASE-PROCESS.md
@@ -0,0 +1,78 @@
+# Docker Release Process
+
+This document describes how the Docker project is released. The Docker project
+release process targets the Engine, Compose, Kitematic, Machine, Swarm,
+Distribution, Notary and their underlying dependencies (libnetwork, libkv,
+etc...).
+
+Step-by-step technical details of the process are described in 
+[RELEASE-CHECKLIST.md](https://github.com/docker/docker/blob/master/project/RELEASE-CHECKLIST.md).
+
+## Release cycle
+
+The Docker project follows a **time-based release cycle** and ships every nine
+weeks. A release cycle starts the same day the previous release cycle ends.
+
+The first six weeks of the cycle are dedicated to development and review. During
+this phase, new features and bugfixes submitted to any of the projects are
+**eligible** to be shipped as part of the next release. No changeset submitted
+during this period is however guaranteed to be merged for the current release
+cycle.
+
+## The freeze period
+
+Six weeks after the beginning of the cycle, the codebase is officially frozen
+and the codebase reaches a state close to the final release. A Release Candidate
+(RC) gets created at the same time. The freeze period is used to find bugs and
+get feedback on the state of the RC before the release.
+
+During this freeze period, while the `master` branch will continue its normal
+development cycle, no new features are accepted into the RC. As bugs are fixed
+in `master` the release owner will selectively 'cherry-pick' critical ones to
+be included into the RC. As the RC changes, new ones are made available for the
+community to test and review.
+
+This period lasts for three weeks.
+
+## How to maximize chances of being merged before the freeze date?
+
+First of all, there is never a guarantee that a specific changeset is going to
+be merged. However there are different actions to follow to maximize the chances
+for a changeset to be merged:
+
+- The team gives priority to review the PRs aligned with the Roadmap (usually
+defined by a ROADMAP.md file at the root of the repository).
+- The earlier a PR is opened, the more time the maintainers have to review. For
+example, if a PR is opened the day before the freeze date, it’s very unlikely
+that it will be merged for the release.
+- Constant communication with the maintainers (mailing-list, IRC, Github issues,
+etc.) allows to get early feedback on the design before getting into the
+implementation, which usually reduces the time needed to discuss a changeset.
+- If the code is commented, fully tested and by extension follows every single
+rules defined by the [CONTRIBUTING guide](
+https://github.com/docker/docker/blob/master/CONTRIBUTING.md), this will help
+the maintainers by speeding up the review.
+
+## The release
+
+At the end of the freeze (nine weeks after the start of the cycle), all the
+projects are released together.
+
+```
+                                        Codebase              Release
+Start of                                is frozen             (end of the
+the Cycle                               (7th week)            9th week)
++---------------------------------------+---------------------+
+|                                       |                     |
+|           Development phase           |    Freeze phase     |
+|                                       |                     |
++---------------------------------------+---------------------+
+                   6 weeks                      3 weeks
+<---------------------------------------><-------------------->
+```
+
+## Exceptions
+
+If a critical issue is found at the end of the freeze period and more time is
+needed to address it, the release will be pushed back. When a release gets
+pushed back, the next release cycle gets delayed as well.
diff --git a/project/REVIEWING.md b/project/REVIEWING.md
new file mode 100644
index 00000000..95b9945c
--- /dev/null
+++ b/project/REVIEWING.md
@@ -0,0 +1,195 @@
+Pull request reviewing process
+==============================
+
+# Labels
+
+Labels are carefully picked to optimize for:
+
+ - Readability: maintainers must immediately know the state of a PR
+ - Filtering simplicity: different labels represent many different aspects of
+   the reviewing work, and can even be targeted at different maintainers groups.
+
+A pull request should only be attributed labels documented in this section: other labels that may
+exist on the repository should apply to issues.
+
+## DCO labels
+
+ * `dco/no`: automatically set by a bot when one of the commits lacks proper signature
+
+## Status labels
+
+ * `status/0-triage`
+ * `status/1-design-review`
+ * `status/2-code-review`
+ * `status/3-docs-review`
+ * `status/4-ready-to-merge`
+
+Special status labels:
+
+ * `status/failing-ci`: indicates that the PR in its current state fails the test suite
+ * `status/needs-attention`: calls for a collective discussion during a review session
+
+## Specialty group labels
+
+Those labels are used to raise awareness of a particular specialty group, either because we need
+help in reviewing the PR, or because of the potential impact of the PR on their work:
+
+ * `group/distribution`
+ * `group/networking`
+ * `group/security`
+ * `group/windows`
+
+## Impact labels (apply to merged pull requests)
+
+ * `impact/api`
+ * `impact/changelog`
+ * `impact/cli`
+ * `impact/deprecation`
+ * `impact/distribution`
+ * `impact/dockerfile`
+
+# Workflow
+
+An opened pull request can be in 1 of 5 distinct states, for each of which there is a corresponding
+label that needs to be applied.
+
+## Triage - `status/0-triage`
+
+Maintainers are expected to triage new incoming pull requests by removing the `status/0-triage`
+label and adding the correct labels (e.g. `status/1-design-review`) before any other interaction
+with the PR. The starting label may potentially skip some steps depending on the kind of pull
+request: use your best judgement.
+
+Maintainers should perform an initial, high-level, overview of the pull request before moving it to
+the next appropriate stage:
+
+ - Has DCO
+ - Contains sufficient justification (e.g., usecases) for the proposed change
+ - References the Github issue it fixes (if any) in the commit or the first Github comment
+
+Possible transitions from this state:
+
+ * Close: e.g., unresponsive contributor without DCO
+ * `status/1-design-review`: general case
+ * `status/2-code-review`: e.g. trivial bugfix
+ * `status/3-docs-review`: non-proposal documentation-only change
+
+## Design review - `status/1-design-review`
+
+Maintainers are expected to comment on the design of the pull request.  Review of documentation is
+expected only in the context of design validation, not for stylistic changes.
+
+Ideally, documentation should reflect the expected behavior of the code.  No code review should
+take place in this step.
+
+There are no strict rules on the way a design is validated: we usually aim for a consensus,
+although a single maintainer approval is often sufficient for obviously reasonable changes. In
+general, strong disagreement expressed by any of the maintainers should not be taken lightly.
+
+Once design is approved, a maintainer should make sure to remove this label and add the next one.
+
+Possible transitions from this state:
+
+ * Close: design rejected
+ * `status/2-code-review`: general case
+ * `status/3-docs-review`: proposals with only documentation changes
+
+## Code review - `status/2-code-review`
+
+Maintainers are expected to review the code and ensure that it is good quality and in accordance
+with the documentation in the PR.
+
+New testcases are expected to be added. Ideally, those testcases should fail when the new code is
+absent, and pass when present. The testcases should strive to test as many variants, code paths, as
+possible to ensure maximum coverage.
+
+Changes to code must be reviewed and approved (LGTM'd) by a minimum of two code maintainers. When
+the author of a PR is a maintainer, he still needs the approval of two other maintainers.
+
+Once code is approved according to the rules of the subsystem, a maintainer should make sure to
+remove this label and add the next one. If documentation is absent but expected, maintainers should
+ask for documentation and move to status `status/3-docs-review` for docs maintainer to follow.
+
+Possible transitions from this state:
+
+ * Close
+ * `status/1-design-review`: new design concerns are raised
+ * `status/3-docs-review`: general case
+ * `status/4-ready-to-merge`: change not impacting documentation
+
+## Docs review - `status/3-docs-review`
+
+Maintainers are expected to review the documentation in its bigger context, ensuring consistency,
+completeness, validity, and breadth of coverage across all existing and new documentation.
+
+They should ask for any editorial change that makes the documentation more consistent and easier to
+understand.
+
+Changes and additions to docs must be reviewed and approved (LGTM'd) by a minimum of two docs
+sub-project maintainers. If the docs change originates with a docs maintainer, only one additional
+LGTM is required (since we assume a docs maintainer approves of their own PR).
+
+Once documentation is approved (see below), a maintainer should make sure to remove this label and
+add the next one.
+
+Possible transitions from this state:
+
+ * Close
+ * `status/1-design-review`: new design concerns are raised
+ * `status/2-code-review`: requires more code changes
+ * `status/4-ready-to-merge`: general case
+
+## Merge - `status/4-ready-to-merge`
+
+Maintainers are expected to merge this pull request as soon as possible. They can ask for a rebase
+or carry the pull request themselves.
+
+Possible transitions from this state:
+
+ * Merge: general case
+ * Close: carry PR
+
+After merging a pull request, the maintainer should consider applying one or multiple impact labels
+to ease future classification:
+
+ * `impact/api` signifies the patch impacted the remote API
+ * `impact/changelog` signifies the change is significant enough to make it in the changelog
+ * `impact/cli` signifies the patch impacted a CLI command
+ * `impact/dockerfile` signifies the patch impacted the Dockerfile syntax
+ * `impact/deprecation` signifies the patch participates in deprecating an existing feature
+
+## Close
+
+If a pull request is closed it is expected that sufficient justification will be provided. In
+particular, if there are alternative ways of achieving the same net result then those needs to be
+spelled out. If the pull request is trying to solve a use case that is not one that we (as a
+community) want to support then a justification for why should be provided.
+
+The number of maintainers it takes to decide and close a PR is deliberately left unspecified. We
+assume that the group of maintainers is bound by mutual trust and respect, and that opposition from
+any single maintainer should be taken into consideration. Similarly, we expect maintainers to
+justify their reasoning and to accept debating.
+
+# Escalation process
+
+Despite the previously described reviewing process, some PR might not show any progress for various
+reasons:
+
+ - No strong opinion for or against the proposed patch
+ - Debates about the proper way to solve the problem at hand
+ - Lack of consensus
+ - ...
+
+All these will eventually lead to stalled PR, where no apparent progress is made across several
+weeks, or even months.
+
+Maintainers should use their best judgement and apply the `status/needs-attention` label. It must
+be used sparingly, as each PR with such label will be discussed by a group of maintainers during a
+review session. The goal of that session is to agree on one of the following outcomes for the PR:
+
+ * Close, explaining the rationale for not pursuing further
+ * Continue, either by pushing the PR further in the workflow, or by deciding to carry the patch
+   (ideally, a maintainer should be immediately assigned to make sure that the PR keeps continued
+   attention)
+ * Escalate to Solomon by formulating a few specific questions on which his answers will allow
+   maintainers to decide.
diff --git a/project/TOOLS.md b/project/TOOLS.md
new file mode 100644
index 00000000..26303c30
--- /dev/null
+++ b/project/TOOLS.md
@@ -0,0 +1,63 @@
+# Tools
+
+This page describes the tools we use and infrastructure that is in place for
+the Docker project.
+
+### CI
+
+The Docker project uses [Jenkins](https://jenkins.dockerproject.org/) as our
+continuous integration server. Each Pull Request to Docker is tested by running the 
+equivalent of `make all`. We chose Jenkins because we can host it ourselves and
+we run Docker in Docker to test.
+
+#### Leeroy
+
+Leeroy is a Go application which integrates Jenkins with 
+GitHub pull requests. Leeroy uses 
+[GitHub hooks](https://developer.github.com/v3/repos/hooks/) 
+to listen for pull request notifications and starts jobs on your Jenkins 
+server.  Using the Jenkins
+[notification plugin][https://wiki.jenkins-ci.org/display/JENKINS/Notification+Plugin],
+Leeroy updates the pull request using GitHub's 
+[status API](https://developer.github.com/v3/repos/statuses/)
+with pending, success, failure, or error statuses.
+
+The leeroy repository is maintained at
+[github.com/docker/leeroy](https://github.com/docker/leeroy).
+
+#### GordonTheTurtle IRC Bot
+
+The GordonTheTurtle IRC Bot lives in the
+[#docker-maintainers](https://botbot.me/freenode/docker-maintainers/) channel
+on Freenode. He is built in Go and is based off the project at
+[github.com/fabioxgn/go-bot](https://github.com/fabioxgn/go-bot). 
+
+His main command is `!rebuild`, which rebuilds a given Pull Request for a repository.
+This command works by integrating with Leroy. He has a few other commands too, such 
+as `!gif` or `!godoc`, but we are always looking for more fun commands to add.
+
+The gordon-bot repository is maintained at
+[github.com/docker/gordon-bot](https://github.com/docker/gordon-bot)
+
+### NSQ
+
+We use [NSQ](https://github.com/bitly/nsq) for various aspects of the project
+infrastructure.
+
+#### Hooks
+
+The hooks project,
+[github.com/crosbymichael/hooks](https://github.com/crosbymichael/hooks),
+is a small Go application that manages web hooks from github, hub.docker.com, or
+other third party services.
+
+It can be used for listening to github webhooks & pushing them to a queue,
+archiving hooks to rethinkdb for processing, and broadcasting hooks to various
+jobs.
+
+#### Docker Master Binaries
+
+One of the things queued from the Hooks are the building of the Master
+Binaries. This happens on every push to the master branch of Docker. The
+repository for this is maintained at
+[github.com/docker/docker-bb](https://github.com/docker/docker-bb).
diff --git a/reference/reference.go b/reference/reference.go
new file mode 100644
index 00000000..cdc8e63a
--- /dev/null
+++ b/reference/reference.go
@@ -0,0 +1,211 @@
+package reference
+
+import (
+	"errors"
+	"fmt"
+	"strings"
+
+	"github.com/docker/distribution/digest"
+	distreference "github.com/docker/distribution/reference"
+	"github.com/docker/docker/image/v1"
+)
+
+const (
+	// DefaultTag defines the default tag used when performing images related actions and no tag or digest is specified
+	DefaultTag = "latest"
+	// DefaultHostname is the default built-in hostname
+	DefaultHostname = "docker.io"
+	// LegacyDefaultHostname is automatically converted to DefaultHostname
+	LegacyDefaultHostname = "index.docker.io"
+	// DefaultRepoPrefix is the prefix used for default repositories in default host
+	DefaultRepoPrefix = "library/"
+)
+
+// Named is an object with a full name
+type Named interface {
+	// Name returns normalized repository name, like "ubuntu".
+	Name() string
+	// String returns full reference, like "ubuntu@sha256:abcdef..."
+	String() string
+	// FullName returns full repository name with hostname, like "docker.io/library/ubuntu"
+	FullName() string
+	// Hostname returns hostname for the reference, like "docker.io"
+	Hostname() string
+	// RemoteName returns the repository component of the full name, like "library/ubuntu"
+	RemoteName() string
+}
+
+// NamedTagged is an object including a name and tag.
+type NamedTagged interface {
+	Named
+	Tag() string
+}
+
+// Canonical reference is an object with a fully unique
+// name including a name with hostname and digest
+type Canonical interface {
+	Named
+	Digest() digest.Digest
+}
+
+// ParseNamed parses s and returns a syntactically valid reference implementing
+// the Named interface. The reference must have a name, otherwise an error is
+// returned.
+// If an error was encountered it is returned, along with a nil Reference.
+func ParseNamed(s string) (Named, error) {
+	named, err := distreference.ParseNamed(s)
+	if err != nil {
+		return nil, fmt.Errorf("Error parsing reference: %q is not a valid repository/tag", s)
+	}
+	r, err := WithName(named.Name())
+	if err != nil {
+		return nil, err
+	}
+	if canonical, isCanonical := named.(distreference.Canonical); isCanonical {
+		return WithDigest(r, canonical.Digest())
+	}
+	if tagged, isTagged := named.(distreference.NamedTagged); isTagged {
+		return WithTag(r, tagged.Tag())
+	}
+	return r, nil
+}
+
+// WithName returns a named object representing the given string. If the input
+// is invalid ErrReferenceInvalidFormat will be returned.
+func WithName(name string) (Named, error) {
+	name, err := normalize(name)
+	if err != nil {
+		return nil, err
+	}
+	if err := validateName(name); err != nil {
+		return nil, err
+	}
+	r, err := distreference.WithName(name)
+	if err != nil {
+		return nil, err
+	}
+	return &namedRef{r}, nil
+}
+
+// WithTag combines the name from "name" and the tag from "tag" to form a
+// reference incorporating both the name and the tag.
+func WithTag(name Named, tag string) (NamedTagged, error) {
+	r, err := distreference.WithTag(name, tag)
+	if err != nil {
+		return nil, err
+	}
+	return &taggedRef{namedRef{r}}, nil
+}
+
+// WithDigest combines the name from "name" and the digest from "digest" to form
+// a reference incorporating both the name and the digest.
+func WithDigest(name Named, digest digest.Digest) (Canonical, error) {
+	r, err := distreference.WithDigest(name, digest)
+	if err != nil {
+		return nil, err
+	}
+	return &canonicalRef{namedRef{r}}, nil
+}
+
+type namedRef struct {
+	distreference.Named
+}
+type taggedRef struct {
+	namedRef
+}
+type canonicalRef struct {
+	namedRef
+}
+
+func (r *namedRef) FullName() string {
+	hostname, remoteName := splitHostname(r.Name())
+	return hostname + "/" + remoteName
+}
+func (r *namedRef) Hostname() string {
+	hostname, _ := splitHostname(r.Name())
+	return hostname
+}
+func (r *namedRef) RemoteName() string {
+	_, remoteName := splitHostname(r.Name())
+	return remoteName
+}
+func (r *taggedRef) Tag() string {
+	return r.namedRef.Named.(distreference.NamedTagged).Tag()
+}
+func (r *canonicalRef) Digest() digest.Digest {
+	return r.namedRef.Named.(distreference.Canonical).Digest()
+}
+
+// WithDefaultTag adds a default tag to a reference if it only has a repo name.
+func WithDefaultTag(ref Named) Named {
+	if IsNameOnly(ref) {
+		ref, _ = WithTag(ref, DefaultTag)
+	}
+	return ref
+}
+
+// IsNameOnly returns true if reference only contains a repo name.
+func IsNameOnly(ref Named) bool {
+	if _, ok := ref.(NamedTagged); ok {
+		return false
+	}
+	if _, ok := ref.(Canonical); ok {
+		return false
+	}
+	return true
+}
+
+// ParseIDOrReference parses string for a image ID or a reference. ID can be
+// without a default prefix.
+func ParseIDOrReference(idOrRef string) (digest.Digest, Named, error) {
+	if err := v1.ValidateID(idOrRef); err == nil {
+		idOrRef = "sha256:" + idOrRef
+	}
+	if dgst, err := digest.ParseDigest(idOrRef); err == nil {
+		return dgst, nil, nil
+	}
+	ref, err := ParseNamed(idOrRef)
+	return "", ref, err
+}
+
+// splitHostname splits a repository name to hostname and remotename string.
+// If no valid hostname is found, the default hostname is used. Repository name
+// needs to be already validated before.
+func splitHostname(name string) (hostname, remoteName string) {
+	i := strings.IndexRune(name, '/')
+	if i == -1 || (!strings.ContainsAny(name[:i], ".:") && name[:i] != "localhost") {
+		hostname, remoteName = DefaultHostname, name
+	} else {
+		hostname, remoteName = name[:i], name[i+1:]
+	}
+	if hostname == LegacyDefaultHostname {
+		hostname = DefaultHostname
+	}
+	if hostname == DefaultHostname && !strings.ContainsRune(remoteName, '/') {
+		remoteName = DefaultRepoPrefix + remoteName
+	}
+	return
+}
+
+// normalize returns a repository name in its normalized form, meaning it
+// will not contain default hostname nor library/ prefix for official images.
+func normalize(name string) (string, error) {
+	host, remoteName := splitHostname(name)
+	if strings.ToLower(remoteName) != remoteName {
+		return "", errors.New("invalid reference format: repository name must be lowercase")
+	}
+	if host == DefaultHostname {
+		if strings.HasPrefix(remoteName, DefaultRepoPrefix) {
+			return strings.TrimPrefix(remoteName, DefaultRepoPrefix), nil
+		}
+		return remoteName, nil
+	}
+	return name, nil
+}
+
+func validateName(name string) error {
+	if err := v1.ValidateID(name); err == nil {
+		return fmt.Errorf("Invalid repository name (%s), cannot specify 64-byte hexadecimal strings", name)
+	}
+	return nil
+}
diff --git a/reference/reference_test.go b/reference/reference_test.go
new file mode 100644
index 00000000..ff35ba3d
--- /dev/null
+++ b/reference/reference_test.go
@@ -0,0 +1,275 @@
+package reference
+
+import (
+	"testing"
+
+	"github.com/docker/distribution/digest"
+)
+
+func TestValidateReferenceName(t *testing.T) {
+	validRepoNames := []string{
+		"docker/docker",
+		"library/debian",
+		"debian",
+		"docker.io/docker/docker",
+		"docker.io/library/debian",
+		"docker.io/debian",
+		"index.docker.io/docker/docker",
+		"index.docker.io/library/debian",
+		"index.docker.io/debian",
+		"127.0.0.1:5000/docker/docker",
+		"127.0.0.1:5000/library/debian",
+		"127.0.0.1:5000/debian",
+		"thisisthesongthatneverendsitgoesonandonandonthisisthesongthatnev",
+	}
+	invalidRepoNames := []string{
+		"https://github.com/docker/docker",
+		"docker/Docker",
+		"-docker",
+		"-docker/docker",
+		"-docker.io/docker/docker",
+		"docker///docker",
+		"docker.io/docker/Docker",
+		"docker.io/docker///docker",
+		"1a3f5e7d9c1b3a5f7e9d1c3b5a7f9e1d3c5b7a9f1e3d5d7c9b1a3f5e7d9c1b3a",
+		"docker.io/1a3f5e7d9c1b3a5f7e9d1c3b5a7f9e1d3c5b7a9f1e3d5d7c9b1a3f5e7d9c1b3a",
+	}
+
+	for _, name := range invalidRepoNames {
+		_, err := ParseNamed(name)
+		if err == nil {
+			t.Fatalf("Expected invalid repo name for %q", name)
+		}
+	}
+
+	for _, name := range validRepoNames {
+		_, err := ParseNamed(name)
+		if err != nil {
+			t.Fatalf("Error parsing repo name %s, got: %q", name, err)
+		}
+	}
+}
+
+func TestValidateRemoteName(t *testing.T) {
+	validRepositoryNames := []string{
+		// Sanity check.
+		"docker/docker",
+
+		// Allow 64-character non-hexadecimal names (hexadecimal names are forbidden).
+		"thisisthesongthatneverendsitgoesonandonandonthisisthesongthatnev",
+
+		// Allow embedded hyphens.
+		"docker-rules/docker",
+
+		// Allow multiple hyphens as well.
+		"docker---rules/docker",
+
+		//Username doc and image name docker being tested.
+		"doc/docker",
+
+		// single character names are now allowed.
+		"d/docker",
+		"jess/t",
+
+		// Consecutive underscores.
+		"dock__er/docker",
+	}
+	for _, repositoryName := range validRepositoryNames {
+		_, err := ParseNamed(repositoryName)
+		if err != nil {
+			t.Errorf("Repository name should be valid: %v. Error: %v", repositoryName, err)
+		}
+	}
+
+	invalidRepositoryNames := []string{
+		// Disallow capital letters.
+		"docker/Docker",
+
+		// Only allow one slash.
+		"docker///docker",
+
+		// Disallow 64-character hexadecimal.
+		"1a3f5e7d9c1b3a5f7e9d1c3b5a7f9e1d3c5b7a9f1e3d5d7c9b1a3f5e7d9c1b3a",
+
+		// Disallow leading and trailing hyphens in namespace.
+		"-docker/docker",
+		"docker-/docker",
+		"-docker-/docker",
+
+		// Don't allow underscores everywhere (as opposed to hyphens).
+		"____/____",
+
+		"_docker/_docker",
+
+		// Disallow consecutive periods.
+		"dock..er/docker",
+		"dock_.er/docker",
+		"dock-.er/docker",
+
+		// No repository.
+		"docker/",
+
+		//namespace too long
+		"this_is_not_a_valid_namespace_because_its_lenth_is_greater_than_255_this_is_not_a_valid_namespace_because_its_lenth_is_greater_than_255_this_is_not_a_valid_namespace_because_its_lenth_is_greater_than_255_this_is_not_a_valid_namespace_because_its_lenth_is_greater_than_255/docker",
+	}
+	for _, repositoryName := range invalidRepositoryNames {
+		if _, err := ParseNamed(repositoryName); err == nil {
+			t.Errorf("Repository name should be invalid: %v", repositoryName)
+		}
+	}
+}
+
+func TestParseRepositoryInfo(t *testing.T) {
+	type tcase struct {
+		RemoteName, NormalizedName, FullName, AmbiguousName, Hostname string
+	}
+
+	tcases := []tcase{
+		{
+			RemoteName:     "fooo/bar",
+			NormalizedName: "fooo/bar",
+			FullName:       "docker.io/fooo/bar",
+			AmbiguousName:  "index.docker.io/fooo/bar",
+			Hostname:       "docker.io",
+		},
+		{
+			RemoteName:     "library/ubuntu",
+			NormalizedName: "ubuntu",
+			FullName:       "docker.io/library/ubuntu",
+			AmbiguousName:  "library/ubuntu",
+			Hostname:       "docker.io",
+		},
+		{
+			RemoteName:     "nonlibrary/ubuntu",
+			NormalizedName: "nonlibrary/ubuntu",
+			FullName:       "docker.io/nonlibrary/ubuntu",
+			AmbiguousName:  "",
+			Hostname:       "docker.io",
+		},
+		{
+			RemoteName:     "other/library",
+			NormalizedName: "other/library",
+			FullName:       "docker.io/other/library",
+			AmbiguousName:  "",
+			Hostname:       "docker.io",
+		},
+		{
+			RemoteName:     "private/moonbase",
+			NormalizedName: "127.0.0.1:8000/private/moonbase",
+			FullName:       "127.0.0.1:8000/private/moonbase",
+			AmbiguousName:  "",
+			Hostname:       "127.0.0.1:8000",
+		},
+		{
+			RemoteName:     "privatebase",
+			NormalizedName: "127.0.0.1:8000/privatebase",
+			FullName:       "127.0.0.1:8000/privatebase",
+			AmbiguousName:  "",
+			Hostname:       "127.0.0.1:8000",
+		},
+		{
+			RemoteName:     "private/moonbase",
+			NormalizedName: "example.com/private/moonbase",
+			FullName:       "example.com/private/moonbase",
+			AmbiguousName:  "",
+			Hostname:       "example.com",
+		},
+		{
+			RemoteName:     "privatebase",
+			NormalizedName: "example.com/privatebase",
+			FullName:       "example.com/privatebase",
+			AmbiguousName:  "",
+			Hostname:       "example.com",
+		},
+		{
+			RemoteName:     "private/moonbase",
+			NormalizedName: "example.com:8000/private/moonbase",
+			FullName:       "example.com:8000/private/moonbase",
+			AmbiguousName:  "",
+			Hostname:       "example.com:8000",
+		},
+		{
+			RemoteName:     "privatebasee",
+			NormalizedName: "example.com:8000/privatebasee",
+			FullName:       "example.com:8000/privatebasee",
+			AmbiguousName:  "",
+			Hostname:       "example.com:8000",
+		},
+		{
+			RemoteName:     "library/ubuntu-12.04-base",
+			NormalizedName: "ubuntu-12.04-base",
+			FullName:       "docker.io/library/ubuntu-12.04-base",
+			AmbiguousName:  "index.docker.io/library/ubuntu-12.04-base",
+			Hostname:       "docker.io",
+		},
+	}
+
+	for _, tcase := range tcases {
+		refStrings := []string{tcase.NormalizedName, tcase.FullName}
+		if tcase.AmbiguousName != "" {
+			refStrings = append(refStrings, tcase.AmbiguousName)
+		}
+
+		var refs []Named
+		for _, r := range refStrings {
+			named, err := ParseNamed(r)
+			if err != nil {
+				t.Fatal(err)
+			}
+			refs = append(refs, named)
+			named, err = WithName(r)
+			if err != nil {
+				t.Fatal(err)
+			}
+			refs = append(refs, named)
+		}
+
+		for _, r := range refs {
+			if expected, actual := tcase.NormalizedName, r.Name(); expected != actual {
+				t.Fatalf("Invalid normalized reference for %q. Expected %q, got %q", r, expected, actual)
+			}
+			if expected, actual := tcase.FullName, r.FullName(); expected != actual {
+				t.Fatalf("Invalid normalized reference for %q. Expected %q, got %q", r, expected, actual)
+			}
+			if expected, actual := tcase.Hostname, r.Hostname(); expected != actual {
+				t.Fatalf("Invalid hostname for %q. Expected %q, got %q", r, expected, actual)
+			}
+			if expected, actual := tcase.RemoteName, r.RemoteName(); expected != actual {
+				t.Fatalf("Invalid remoteName for %q. Expected %q, got %q", r, expected, actual)
+			}
+
+		}
+	}
+}
+
+func TestParseReferenceWithTagAndDigest(t *testing.T) {
+	ref, err := ParseNamed("busybox:latest@sha256:86e0e091d0da6bde2456dbb48306f3956bbeb2eae1b5b9a43045843f69fe4aaa")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, isTagged := ref.(NamedTagged); isTagged {
+		t.Fatalf("Reference from %q should not support tag", ref)
+	}
+	if _, isCanonical := ref.(Canonical); !isCanonical {
+		t.Fatalf("Reference from %q should not support digest", ref)
+	}
+	if expected, actual := "busybox@sha256:86e0e091d0da6bde2456dbb48306f3956bbeb2eae1b5b9a43045843f69fe4aaa", ref.String(); actual != expected {
+		t.Fatalf("Invalid parsed reference for %q: expected %q, got %q", ref, expected, actual)
+	}
+}
+
+func TestInvalidReferenceComponents(t *testing.T) {
+	if _, err := WithName("-foo"); err == nil {
+		t.Fatal("Expected WithName to detect invalid name")
+	}
+	ref, err := WithName("busybox")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := WithTag(ref, "-foo"); err == nil {
+		t.Fatal("Expected WithName to detect invalid tag")
+	}
+	if _, err := WithDigest(ref, digest.Digest("foo")); err == nil {
+		t.Fatal("Expected WithName to detect invalid digest")
+	}
+}
diff --git a/reference/store.go b/reference/store.go
new file mode 100644
index 00000000..91c5c2ae
--- /dev/null
+++ b/reference/store.go
@@ -0,0 +1,298 @@
+package reference
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"sort"
+	"sync"
+
+	"github.com/docker/distribution/digest"
+	"github.com/docker/docker/image"
+)
+
+var (
+	// ErrDoesNotExist is returned if a reference is not found in the
+	// store.
+	ErrDoesNotExist = errors.New("reference does not exist")
+)
+
+// An Association is a tuple associating a reference with an image ID.
+type Association struct {
+	Ref     Named
+	ImageID image.ID
+}
+
+// Store provides the set of methods which can operate on a tag store.
+type Store interface {
+	References(id image.ID) []Named
+	ReferencesByName(ref Named) []Association
+	AddTag(ref Named, id image.ID, force bool) error
+	AddDigest(ref Canonical, id image.ID, force bool) error
+	Delete(ref Named) (bool, error)
+	Get(ref Named) (image.ID, error)
+}
+
+type store struct {
+	mu sync.RWMutex
+	// jsonPath is the path to the file where the serialized tag data is
+	// stored.
+	jsonPath string
+	// Repositories is a map of repositories, indexed by name.
+	Repositories map[string]repository
+	// referencesByIDCache is a cache of references indexed by ID, to speed
+	// up References.
+	referencesByIDCache map[image.ID]map[string]Named
+}
+
+// Repository maps tags to image IDs. The key is a a stringified Reference,
+// including the repository name.
+type repository map[string]image.ID
+
+type lexicalRefs []Named
+
+func (a lexicalRefs) Len() int           { return len(a) }
+func (a lexicalRefs) Swap(i, j int)      { a[i], a[j] = a[j], a[i] }
+func (a lexicalRefs) Less(i, j int) bool { return a[i].String() < a[j].String() }
+
+type lexicalAssociations []Association
+
+func (a lexicalAssociations) Len() int           { return len(a) }
+func (a lexicalAssociations) Swap(i, j int)      { a[i], a[j] = a[j], a[i] }
+func (a lexicalAssociations) Less(i, j int) bool { return a[i].Ref.String() < a[j].Ref.String() }
+
+// NewReferenceStore creates a new reference store, tied to a file path where
+// the set of references are serialized in JSON format.
+func NewReferenceStore(jsonPath string) (Store, error) {
+	abspath, err := filepath.Abs(jsonPath)
+	if err != nil {
+		return nil, err
+	}
+
+	store := &store{
+		jsonPath:            abspath,
+		Repositories:        make(map[string]repository),
+		referencesByIDCache: make(map[image.ID]map[string]Named),
+	}
+	// Load the json file if it exists, otherwise create it.
+	if err := store.reload(); os.IsNotExist(err) {
+		if err := store.save(); err != nil {
+			return nil, err
+		}
+	} else if err != nil {
+		return nil, err
+	}
+	return store, nil
+}
+
+// AddTag adds a tag reference to the store. If force is set to true, existing
+// references can be overwritten. This only works for tags, not digests.
+func (store *store) AddTag(ref Named, id image.ID, force bool) error {
+	if _, isCanonical := ref.(Canonical); isCanonical {
+		return errors.New("refusing to create a tag with a digest reference")
+	}
+	return store.addReference(WithDefaultTag(ref), id, force)
+}
+
+// AddDigest adds a digest reference to the store.
+func (store *store) AddDigest(ref Canonical, id image.ID, force bool) error {
+	return store.addReference(ref, id, force)
+}
+
+func (store *store) addReference(ref Named, id image.ID, force bool) error {
+	if ref.Name() == string(digest.Canonical) {
+		return errors.New("refusing to create an ambiguous tag using digest algorithm as name")
+	}
+
+	store.mu.Lock()
+	defer store.mu.Unlock()
+
+	repository, exists := store.Repositories[ref.Name()]
+	if !exists || repository == nil {
+		repository = make(map[string]image.ID)
+		store.Repositories[ref.Name()] = repository
+	}
+
+	refStr := ref.String()
+	oldID, exists := repository[refStr]
+
+	if exists {
+		// force only works for tags
+		if digested, isDigest := ref.(Canonical); isDigest {
+			return fmt.Errorf("Cannot overwrite digest %s", digested.Digest().String())
+		}
+
+		if !force {
+			return fmt.Errorf("Conflict: Tag %s is already set to image %s, if you want to replace it, please use -f option", ref.String(), oldID.String())
+		}
+
+		if store.referencesByIDCache[oldID] != nil {
+			delete(store.referencesByIDCache[oldID], refStr)
+			if len(store.referencesByIDCache[oldID]) == 0 {
+				delete(store.referencesByIDCache, oldID)
+			}
+		}
+	}
+
+	repository[refStr] = id
+	if store.referencesByIDCache[id] == nil {
+		store.referencesByIDCache[id] = make(map[string]Named)
+	}
+	store.referencesByIDCache[id][refStr] = ref
+
+	return store.save()
+}
+
+// Delete deletes a reference from the store. It returns true if a deletion
+// happened, or false otherwise.
+func (store *store) Delete(ref Named) (bool, error) {
+	ref = WithDefaultTag(ref)
+
+	store.mu.Lock()
+	defer store.mu.Unlock()
+
+	repoName := ref.Name()
+
+	repository, exists := store.Repositories[repoName]
+	if !exists {
+		return false, ErrDoesNotExist
+	}
+
+	refStr := ref.String()
+	if id, exists := repository[refStr]; exists {
+		delete(repository, refStr)
+		if len(repository) == 0 {
+			delete(store.Repositories, repoName)
+		}
+		if store.referencesByIDCache[id] != nil {
+			delete(store.referencesByIDCache[id], refStr)
+			if len(store.referencesByIDCache[id]) == 0 {
+				delete(store.referencesByIDCache, id)
+			}
+		}
+		return true, store.save()
+	}
+
+	return false, ErrDoesNotExist
+}
+
+// Get retrieves an item from the store by
+func (store *store) Get(ref Named) (image.ID, error) {
+	ref = WithDefaultTag(ref)
+
+	store.mu.RLock()
+	defer store.mu.RUnlock()
+
+	repository, exists := store.Repositories[ref.Name()]
+	if !exists || repository == nil {
+		return "", ErrDoesNotExist
+	}
+
+	id, exists := repository[ref.String()]
+	if !exists {
+		return "", ErrDoesNotExist
+	}
+
+	return id, nil
+}
+
+// References returns a slice of references to the given image ID. The slice
+// will be nil if there are no references to this image ID.
+func (store *store) References(id image.ID) []Named {
+	store.mu.RLock()
+	defer store.mu.RUnlock()
+
+	// Convert the internal map to an array for two reasons:
+	// 1) We must not return a mutable
+	// 2) It would be ugly to expose the extraneous map keys to callers.
+
+	var references []Named
+	for _, ref := range store.referencesByIDCache[id] {
+		references = append(references, ref)
+	}
+
+	sort.Sort(lexicalRefs(references))
+
+	return references
+}
+
+// ReferencesByName returns the references for a given repository name.
+// If there are no references known for this repository name,
+// ReferencesByName returns nil.
+func (store *store) ReferencesByName(ref Named) []Association {
+	store.mu.RLock()
+	defer store.mu.RUnlock()
+
+	repository, exists := store.Repositories[ref.Name()]
+	if !exists {
+		return nil
+	}
+
+	var associations []Association
+	for refStr, refID := range repository {
+		ref, err := ParseNamed(refStr)
+		if err != nil {
+			// Should never happen
+			return nil
+		}
+		associations = append(associations,
+			Association{
+				Ref:     ref,
+				ImageID: refID,
+			})
+	}
+
+	sort.Sort(lexicalAssociations(associations))
+
+	return associations
+}
+
+func (store *store) save() error {
+	// Store the json
+	jsonData, err := json.Marshal(store)
+	if err != nil {
+		return err
+	}
+
+	tempFilePath := store.jsonPath + ".tmp"
+
+	if err := ioutil.WriteFile(tempFilePath, jsonData, 0600); err != nil {
+		return err
+	}
+
+	if err := os.Rename(tempFilePath, store.jsonPath); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (store *store) reload() error {
+	f, err := os.Open(store.jsonPath)
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+	if err := json.NewDecoder(f).Decode(&store); err != nil {
+		return err
+	}
+
+	for _, repository := range store.Repositories {
+		for refStr, refID := range repository {
+			ref, err := ParseNamed(refStr)
+			if err != nil {
+				// Should never happen
+				continue
+			}
+			if store.referencesByIDCache[refID] == nil {
+				store.referencesByIDCache[refID] = make(map[string]Named)
+			}
+			store.referencesByIDCache[refID][refStr] = ref
+		}
+	}
+
+	return nil
+}
diff --git a/reference/store_test.go b/reference/store_test.go
new file mode 100644
index 00000000..a877c55f
--- /dev/null
+++ b/reference/store_test.go
@@ -0,0 +1,356 @@
+package reference
+
+import (
+	"bytes"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"strings"
+	"testing"
+
+	"github.com/docker/docker/image"
+)
+
+var (
+	saveLoadTestCases = map[string]image.ID{
+		"registry:5000/foobar:HEAD":                                                        "sha256:470022b8af682154f57a2163d030eb369549549cba00edc69e1b99b46bb924d6",
+		"registry:5000/foobar:alternate":                                                   "sha256:ae300ebc4a4f00693702cfb0a5e0b7bc527b353828dc86ad09fb95c8a681b793",
+		"registry:5000/foobar:latest":                                                      "sha256:6153498b9ac00968d71b66cca4eac37e990b5f9eb50c26877eb8799c8847451b",
+		"registry:5000/foobar:master":                                                      "sha256:6c9917af4c4e05001b346421959d7ea81b6dc9d25718466a37a6add865dfd7fc",
+		"jess/hollywood:latest":                                                            "sha256:ae7a5519a0a55a2d4ef20ddcbd5d0ca0888a1f7ab806acc8e2a27baf46f529fe",
+		"registry@sha256:367eb40fd0330a7e464777121e39d2f5b3e8e23a1e159342e53ab05c9e4d94e6": "sha256:24126a56805beb9711be5f4590cc2eb55ab8d4a85ebd618eed72bb19fc50631c",
+		"busybox:latest": "sha256:91e54dfb11794fad694460162bf0cb0a4fa710cfa3f60979c177d920813e267c",
+	}
+
+	marshalledSaveLoadTestCases = []byte(`{"Repositories":{"busybox":{"busybox:latest":"sha256:91e54dfb11794fad694460162bf0cb0a4fa710cfa3f60979c177d920813e267c"},"jess/hollywood":{"jess/hollywood:latest":"sha256:ae7a5519a0a55a2d4ef20ddcbd5d0ca0888a1f7ab806acc8e2a27baf46f529fe"},"registry":{"registry@sha256:367eb40fd0330a7e464777121e39d2f5b3e8e23a1e159342e53ab05c9e4d94e6":"sha256:24126a56805beb9711be5f4590cc2eb55ab8d4a85ebd618eed72bb19fc50631c"},"registry:5000/foobar":{"registry:5000/foobar:HEAD":"sha256:470022b8af682154f57a2163d030eb369549549cba00edc69e1b99b46bb924d6","registry:5000/foobar:alternate":"sha256:ae300ebc4a4f00693702cfb0a5e0b7bc527b353828dc86ad09fb95c8a681b793","registry:5000/foobar:latest":"sha256:6153498b9ac00968d71b66cca4eac37e990b5f9eb50c26877eb8799c8847451b","registry:5000/foobar:master":"sha256:6c9917af4c4e05001b346421959d7ea81b6dc9d25718466a37a6add865dfd7fc"}}}`)
+)
+
+func TestLoad(t *testing.T) {
+	jsonFile, err := ioutil.TempFile("", "tag-store-test")
+	if err != nil {
+		t.Fatalf("error creating temp file: %v", err)
+	}
+	defer os.RemoveAll(jsonFile.Name())
+
+	// Write canned json to the temp file
+	_, err = jsonFile.Write(marshalledSaveLoadTestCases)
+	if err != nil {
+		t.Fatalf("error writing to temp file: %v", err)
+	}
+	jsonFile.Close()
+
+	store, err := NewReferenceStore(jsonFile.Name())
+	if err != nil {
+		t.Fatalf("error creating tag store: %v", err)
+	}
+
+	for refStr, expectedID := range saveLoadTestCases {
+		ref, err := ParseNamed(refStr)
+		if err != nil {
+			t.Fatalf("failed to parse reference: %v", err)
+		}
+		id, err := store.Get(ref)
+		if err != nil {
+			t.Fatalf("could not find reference %s: %v", refStr, err)
+		}
+		if id != expectedID {
+			t.Fatalf("expected %s - got %s", expectedID, id)
+		}
+	}
+}
+
+func TestSave(t *testing.T) {
+	jsonFile, err := ioutil.TempFile("", "tag-store-test")
+	if err != nil {
+		t.Fatalf("error creating temp file: %v", err)
+	}
+	_, err = jsonFile.Write([]byte(`{}`))
+	jsonFile.Close()
+	defer os.RemoveAll(jsonFile.Name())
+
+	store, err := NewReferenceStore(jsonFile.Name())
+	if err != nil {
+		t.Fatalf("error creating tag store: %v", err)
+	}
+
+	for refStr, id := range saveLoadTestCases {
+		ref, err := ParseNamed(refStr)
+		if err != nil {
+			t.Fatalf("failed to parse reference: %v", err)
+		}
+		if canonical, ok := ref.(Canonical); ok {
+			err = store.AddDigest(canonical, id, false)
+			if err != nil {
+				t.Fatalf("could not add digest reference %s: %v", refStr, err)
+			}
+		} else {
+			err = store.AddTag(ref, id, false)
+			if err != nil {
+				t.Fatalf("could not add reference %s: %v", refStr, err)
+			}
+		}
+	}
+
+	jsonBytes, err := ioutil.ReadFile(jsonFile.Name())
+	if err != nil {
+		t.Fatalf("could not read json file: %v", err)
+	}
+
+	if !bytes.Equal(jsonBytes, marshalledSaveLoadTestCases) {
+		t.Fatalf("save output did not match expectations\nexpected:\n%s\ngot:\n%s", marshalledSaveLoadTestCases, jsonBytes)
+	}
+}
+
+func TestAddDeleteGet(t *testing.T) {
+	jsonFile, err := ioutil.TempFile("", "tag-store-test")
+	if err != nil {
+		t.Fatalf("error creating temp file: %v", err)
+	}
+	_, err = jsonFile.Write([]byte(`{}`))
+	jsonFile.Close()
+	defer os.RemoveAll(jsonFile.Name())
+
+	store, err := NewReferenceStore(jsonFile.Name())
+	if err != nil {
+		t.Fatalf("error creating tag store: %v", err)
+	}
+
+	testImageID1 := image.ID("sha256:9655aef5fd742a1b4e1b7b163aa9f1c76c186304bf39102283d80927c916ca9c")
+	testImageID2 := image.ID("sha256:9655aef5fd742a1b4e1b7b163aa9f1c76c186304bf39102283d80927c916ca9d")
+	testImageID3 := image.ID("sha256:9655aef5fd742a1b4e1b7b163aa9f1c76c186304bf39102283d80927c916ca9e")
+
+	// Try adding a reference with no tag or digest
+	nameOnly, err := WithName("username/repo")
+	if err != nil {
+		t.Fatalf("could not parse reference: %v", err)
+	}
+	if err = store.AddTag(nameOnly, testImageID1, false); err != nil {
+		t.Fatalf("error adding to store: %v", err)
+	}
+
+	// Add a few references
+	ref1, err := ParseNamed("username/repo1:latest")
+	if err != nil {
+		t.Fatalf("could not parse reference: %v", err)
+	}
+	if err = store.AddTag(ref1, testImageID1, false); err != nil {
+		t.Fatalf("error adding to store: %v", err)
+	}
+
+	ref2, err := ParseNamed("username/repo1:old")
+	if err != nil {
+		t.Fatalf("could not parse reference: %v", err)
+	}
+	if err = store.AddTag(ref2, testImageID2, false); err != nil {
+		t.Fatalf("error adding to store: %v", err)
+	}
+
+	ref3, err := ParseNamed("username/repo1:alias")
+	if err != nil {
+		t.Fatalf("could not parse reference: %v", err)
+	}
+	if err = store.AddTag(ref3, testImageID1, false); err != nil {
+		t.Fatalf("error adding to store: %v", err)
+	}
+
+	ref4, err := ParseNamed("username/repo2:latest")
+	if err != nil {
+		t.Fatalf("could not parse reference: %v", err)
+	}
+	if err = store.AddTag(ref4, testImageID2, false); err != nil {
+		t.Fatalf("error adding to store: %v", err)
+	}
+
+	ref5, err := ParseNamed("username/repo3@sha256:58153dfb11794fad694460162bf0cb0a4fa710cfa3f60979c177d920813e267c")
+	if err != nil {
+		t.Fatalf("could not parse reference: %v", err)
+	}
+	if err = store.AddDigest(ref5.(Canonical), testImageID2, false); err != nil {
+		t.Fatalf("error adding to store: %v", err)
+	}
+
+	// Attempt to overwrite with force == false
+	if err = store.AddTag(ref4, testImageID3, false); err == nil || !strings.HasPrefix(err.Error(), "Conflict:") {
+		t.Fatalf("did not get expected error on overwrite attempt - got %v", err)
+	}
+	// Repeat to overwrite with force == true
+	if err = store.AddTag(ref4, testImageID3, true); err != nil {
+		t.Fatalf("failed to force tag overwrite: %v", err)
+	}
+
+	// Check references so far
+	id, err := store.Get(nameOnly)
+	if err != nil {
+		t.Fatalf("Get returned error: %v", err)
+	}
+	if id != testImageID1 {
+		t.Fatalf("id mismatch: got %s instead of %s", id.String(), testImageID1.String())
+	}
+
+	id, err = store.Get(ref1)
+	if err != nil {
+		t.Fatalf("Get returned error: %v", err)
+	}
+	if id != testImageID1 {
+		t.Fatalf("id mismatch: got %s instead of %s", id.String(), testImageID1.String())
+	}
+
+	id, err = store.Get(ref2)
+	if err != nil {
+		t.Fatalf("Get returned error: %v", err)
+	}
+	if id != testImageID2 {
+		t.Fatalf("id mismatch: got %s instead of %s", id.String(), testImageID2.String())
+	}
+
+	id, err = store.Get(ref3)
+	if err != nil {
+		t.Fatalf("Get returned error: %v", err)
+	}
+	if id != testImageID1 {
+		t.Fatalf("id mismatch: got %s instead of %s", id.String(), testImageID1.String())
+	}
+
+	id, err = store.Get(ref4)
+	if err != nil {
+		t.Fatalf("Get returned error: %v", err)
+	}
+	if id != testImageID3 {
+		t.Fatalf("id mismatch: got %s instead of %s", id.String(), testImageID3.String())
+	}
+
+	id, err = store.Get(ref5)
+	if err != nil {
+		t.Fatalf("Get returned error: %v", err)
+	}
+	if id != testImageID2 {
+		t.Fatalf("id mismatch: got %s instead of %s", id.String(), testImageID3.String())
+	}
+
+	// Get should return ErrDoesNotExist for a nonexistent repo
+	nonExistRepo, err := ParseNamed("username/nonexistrepo:latest")
+	if err != nil {
+		t.Fatalf("could not parse reference: %v", err)
+	}
+	if _, err = store.Get(nonExistRepo); err != ErrDoesNotExist {
+		t.Fatal("Expected ErrDoesNotExist from Get")
+	}
+
+	// Get should return ErrDoesNotExist for a nonexistent tag
+	nonExistTag, err := ParseNamed("username/repo1:nonexist")
+	if err != nil {
+		t.Fatalf("could not parse reference: %v", err)
+	}
+	if _, err = store.Get(nonExistTag); err != ErrDoesNotExist {
+		t.Fatal("Expected ErrDoesNotExist from Get")
+	}
+
+	// Check References
+	refs := store.References(testImageID1)
+	if len(refs) != 3 {
+		t.Fatal("unexpected number of references")
+	}
+	// Looking for the references in this order verifies that they are
+	// returned lexically sorted.
+	if refs[0].String() != ref3.String() {
+		t.Fatalf("unexpected reference: %v", refs[0].String())
+	}
+	if refs[1].String() != ref1.String() {
+		t.Fatalf("unexpected reference: %v", refs[1].String())
+	}
+	if refs[2].String() != nameOnly.String()+":latest" {
+		t.Fatalf("unexpected reference: %v", refs[2].String())
+	}
+
+	// Check ReferencesByName
+	repoName, err := WithName("username/repo1")
+	if err != nil {
+		t.Fatalf("could not parse reference: %v", err)
+	}
+	associations := store.ReferencesByName(repoName)
+	if len(associations) != 3 {
+		t.Fatal("unexpected number of associations")
+	}
+	// Looking for the associations in this order verifies that they are
+	// returned lexically sorted.
+	if associations[0].Ref.String() != ref3.String() {
+		t.Fatalf("unexpected reference: %v", associations[0].Ref.String())
+	}
+	if associations[0].ImageID != testImageID1 {
+		t.Fatalf("unexpected reference: %v", associations[0].Ref.String())
+	}
+	if associations[1].Ref.String() != ref1.String() {
+		t.Fatalf("unexpected reference: %v", associations[1].Ref.String())
+	}
+	if associations[1].ImageID != testImageID1 {
+		t.Fatalf("unexpected reference: %v", associations[1].Ref.String())
+	}
+	if associations[2].Ref.String() != ref2.String() {
+		t.Fatalf("unexpected reference: %v", associations[2].Ref.String())
+	}
+	if associations[2].ImageID != testImageID2 {
+		t.Fatalf("unexpected reference: %v", associations[2].Ref.String())
+	}
+
+	// Delete should return ErrDoesNotExist for a nonexistent repo
+	if _, err = store.Delete(nonExistRepo); err != ErrDoesNotExist {
+		t.Fatal("Expected ErrDoesNotExist from Delete")
+	}
+
+	// Delete should return ErrDoesNotExist for a nonexistent tag
+	if _, err = store.Delete(nonExistTag); err != ErrDoesNotExist {
+		t.Fatal("Expected ErrDoesNotExist from Delete")
+	}
+
+	// Delete a few references
+	if deleted, err := store.Delete(ref1); err != nil || deleted != true {
+		t.Fatal("Delete failed")
+	}
+	if _, err := store.Get(ref1); err != ErrDoesNotExist {
+		t.Fatal("Expected ErrDoesNotExist from Get")
+	}
+	if deleted, err := store.Delete(ref5); err != nil || deleted != true {
+		t.Fatal("Delete failed")
+	}
+	if _, err := store.Get(ref5); err != ErrDoesNotExist {
+		t.Fatal("Expected ErrDoesNotExist from Get")
+	}
+	if deleted, err := store.Delete(nameOnly); err != nil || deleted != true {
+		t.Fatal("Delete failed")
+	}
+	if _, err := store.Get(nameOnly); err != ErrDoesNotExist {
+		t.Fatal("Expected ErrDoesNotExist from Get")
+	}
+}
+
+func TestInvalidTags(t *testing.T) {
+	tmpDir, err := ioutil.TempDir("", "tag-store-test")
+	defer os.RemoveAll(tmpDir)
+
+	store, err := NewReferenceStore(filepath.Join(tmpDir, "repositories.json"))
+	if err != nil {
+		t.Fatalf("error creating tag store: %v", err)
+	}
+	id := image.ID("sha256:470022b8af682154f57a2163d030eb369549549cba00edc69e1b99b46bb924d6")
+
+	// sha256 as repo name
+	ref, err := ParseNamed("sha256:abc")
+	if err != nil {
+		t.Fatal(err)
+	}
+	err = store.AddTag(ref, id, true)
+	if err == nil {
+		t.Fatalf("expected setting tag %q to fail", ref)
+	}
+
+	// setting digest as a tag
+	ref, err = ParseNamed("registry@sha256:367eb40fd0330a7e464777121e39d2f5b3e8e23a1e159342e53ab05c9e4d94e6")
+	if err != nil {
+		t.Fatal(err)
+	}
+	err = store.AddTag(ref, id, true)
+	if err == nil {
+		t.Fatalf("expected setting digest %q to fail", ref)
+	}
+
+}
diff --git a/registry/auth.go b/registry/auth.go
new file mode 100644
index 00000000..c5663f58
--- /dev/null
+++ b/registry/auth.go
@@ -0,0 +1,262 @@
+package registry
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"strings"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/registry/client/auth"
+	"github.com/docker/distribution/registry/client/transport"
+	"github.com/docker/engine-api/types"
+	registrytypes "github.com/docker/engine-api/types/registry"
+)
+
+const (
+	// AuthClientID is used the ClientID used for the token server
+	AuthClientID = "docker"
+)
+
+// loginV1 tries to register/login to the v1 registry server.
+func loginV1(authConfig *types.AuthConfig, apiEndpoint APIEndpoint, userAgent string) (string, string, error) {
+	registryEndpoint, err := apiEndpoint.ToV1Endpoint(userAgent, nil)
+	if err != nil {
+		return "", "", err
+	}
+
+	serverAddress := registryEndpoint.String()
+
+	logrus.Debugf("attempting v1 login to registry endpoint %s", serverAddress)
+
+	if serverAddress == "" {
+		return "", "", fmt.Errorf("Server Error: Server Address not set.")
+	}
+
+	loginAgainstOfficialIndex := serverAddress == IndexServer
+
+	req, err := http.NewRequest("GET", serverAddress+"users/", nil)
+	if err != nil {
+		return "", "", err
+	}
+	req.SetBasicAuth(authConfig.Username, authConfig.Password)
+	resp, err := registryEndpoint.client.Do(req)
+	if err != nil {
+		// fallback when request could not be completed
+		return "", "", fallbackError{
+			err: err,
+		}
+	}
+	defer resp.Body.Close()
+	body, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return "", "", err
+	}
+	if resp.StatusCode == http.StatusOK {
+		return "Login Succeeded", "", nil
+	} else if resp.StatusCode == http.StatusUnauthorized {
+		if loginAgainstOfficialIndex {
+			return "", "", fmt.Errorf("Wrong login/password, please try again. Haven't got a Docker ID? Create one at https://hub.docker.com")
+		}
+		return "", "", fmt.Errorf("Wrong login/password, please try again")
+	} else if resp.StatusCode == http.StatusForbidden {
+		if loginAgainstOfficialIndex {
+			return "", "", fmt.Errorf("Login: Account is not active. Please check your e-mail for a confirmation link.")
+		}
+		// *TODO: Use registry configuration to determine what this says, if anything?
+		return "", "", fmt.Errorf("Login: Account is not active. Please see the documentation of the registry %s for instructions how to activate it.", serverAddress)
+	} else if resp.StatusCode == http.StatusInternalServerError { // Issue #14326
+		logrus.Errorf("%s returned status code %d. Response Body :\n%s", req.URL.String(), resp.StatusCode, body)
+		return "", "", fmt.Errorf("Internal Server Error")
+	}
+	return "", "", fmt.Errorf("Login: %s (Code: %d; Headers: %s)", body,
+		resp.StatusCode, resp.Header)
+}
+
+type loginCredentialStore struct {
+	authConfig *types.AuthConfig
+}
+
+func (lcs loginCredentialStore) Basic(*url.URL) (string, string) {
+	return lcs.authConfig.Username, lcs.authConfig.Password
+}
+
+func (lcs loginCredentialStore) RefreshToken(*url.URL, string) string {
+	return lcs.authConfig.IdentityToken
+}
+
+func (lcs loginCredentialStore) SetRefreshToken(u *url.URL, service, token string) {
+	lcs.authConfig.IdentityToken = token
+}
+
+type fallbackError struct {
+	err error
+}
+
+func (err fallbackError) Error() string {
+	return err.err.Error()
+}
+
+// loginV2 tries to login to the v2 registry server. The given registry
+// endpoint will be pinged to get authorization challenges. These challenges
+// will be used to authenticate against the registry to validate credentials.
+func loginV2(authConfig *types.AuthConfig, endpoint APIEndpoint, userAgent string) (string, string, error) {
+	logrus.Debugf("attempting v2 login to registry endpoint %s", strings.TrimRight(endpoint.URL.String(), "/")+"/v2/")
+
+	modifiers := DockerHeaders(userAgent, nil)
+	authTransport := transport.NewTransport(NewTransport(endpoint.TLSConfig), modifiers...)
+
+	challengeManager, foundV2, err := PingV2Registry(endpoint, authTransport)
+	if err != nil {
+		if !foundV2 {
+			err = fallbackError{err: err}
+		}
+		return "", "", err
+	}
+
+	credentialAuthConfig := *authConfig
+	creds := loginCredentialStore{
+		authConfig: &credentialAuthConfig,
+	}
+
+	tokenHandlerOptions := auth.TokenHandlerOptions{
+		Transport:     authTransport,
+		Credentials:   creds,
+		OfflineAccess: true,
+		ClientID:      AuthClientID,
+	}
+	tokenHandler := auth.NewTokenHandlerWithOptions(tokenHandlerOptions)
+	basicHandler := auth.NewBasicHandler(creds)
+	modifiers = append(modifiers, auth.NewAuthorizer(challengeManager, tokenHandler, basicHandler))
+	tr := transport.NewTransport(authTransport, modifiers...)
+
+	loginClient := &http.Client{
+		Transport: tr,
+		Timeout:   15 * time.Second,
+	}
+
+	endpointStr := strings.TrimRight(endpoint.URL.String(), "/") + "/v2/"
+	req, err := http.NewRequest("GET", endpointStr, nil)
+	if err != nil {
+		if !foundV2 {
+			err = fallbackError{err: err}
+		}
+		return "", "", err
+	}
+
+	resp, err := loginClient.Do(req)
+	if err != nil {
+		if !foundV2 {
+			err = fallbackError{err: err}
+		}
+		return "", "", err
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		// TODO(dmcgowan): Attempt to further interpret result, status code and error code string
+		err := fmt.Errorf("login attempt to %s failed with status: %d %s", endpointStr, resp.StatusCode, http.StatusText(resp.StatusCode))
+		if !foundV2 {
+			err = fallbackError{err: err}
+		}
+		return "", "", err
+	}
+
+	return "Login Succeeded", credentialAuthConfig.IdentityToken, nil
+
+}
+
+// ResolveAuthConfig matches an auth configuration to a server address or a URL
+func ResolveAuthConfig(authConfigs map[string]types.AuthConfig, index *registrytypes.IndexInfo) types.AuthConfig {
+	configKey := GetAuthConfigKey(index)
+	// First try the happy case
+	if c, found := authConfigs[configKey]; found || index.Official {
+		return c
+	}
+
+	convertToHostname := func(url string) string {
+		stripped := url
+		if strings.HasPrefix(url, "http://") {
+			stripped = strings.Replace(url, "http://", "", 1)
+		} else if strings.HasPrefix(url, "https://") {
+			stripped = strings.Replace(url, "https://", "", 1)
+		}
+
+		nameParts := strings.SplitN(stripped, "/", 2)
+
+		return nameParts[0]
+	}
+
+	// Maybe they have a legacy config file, we will iterate the keys converting
+	// them to the new format and testing
+	for registry, ac := range authConfigs {
+		if configKey == convertToHostname(registry) {
+			return ac
+		}
+	}
+
+	// When all else fails, return an empty auth config
+	return types.AuthConfig{}
+}
+
+// PingResponseError is used when the response from a ping
+// was received but invalid.
+type PingResponseError struct {
+	Err error
+}
+
+func (err PingResponseError) Error() string {
+	return err.Error()
+}
+
+// PingV2Registry attempts to ping a v2 registry and on success return a
+// challenge manager for the supported authentication types and
+// whether v2 was confirmed by the response. If a response is received but
+// cannot be interpreted a PingResponseError will be returned.
+func PingV2Registry(endpoint APIEndpoint, transport http.RoundTripper) (auth.ChallengeManager, bool, error) {
+	var (
+		foundV2   = false
+		v2Version = auth.APIVersion{
+			Type:    "registry",
+			Version: "2.0",
+		}
+	)
+
+	pingClient := &http.Client{
+		Transport: transport,
+		Timeout:   15 * time.Second,
+	}
+	endpointStr := strings.TrimRight(endpoint.URL.String(), "/") + "/v2/"
+	req, err := http.NewRequest("GET", endpointStr, nil)
+	if err != nil {
+		return nil, false, err
+	}
+	resp, err := pingClient.Do(req)
+	if err != nil {
+		return nil, false, err
+	}
+	defer resp.Body.Close()
+
+	versions := auth.APIVersions(resp, DefaultRegistryVersionHeader)
+	for _, pingVersion := range versions {
+		if pingVersion == v2Version {
+			// The version header indicates we're definitely
+			// talking to a v2 registry. So don't allow future
+			// fallbacks to the v1 protocol.
+
+			foundV2 = true
+			break
+		}
+	}
+
+	challengeManager := auth.NewSimpleChallengeManager()
+	if err := challengeManager.AddResponse(resp); err != nil {
+		return nil, foundV2, PingResponseError{
+			Err: err,
+		}
+	}
+
+	return challengeManager, foundV2, nil
+}
diff --git a/registry/auth_test.go b/registry/auth_test.go
new file mode 100644
index 00000000..eedee44e
--- /dev/null
+++ b/registry/auth_test.go
@@ -0,0 +1,120 @@
+package registry
+
+import (
+	"testing"
+
+	"github.com/docker/engine-api/types"
+	registrytypes "github.com/docker/engine-api/types/registry"
+)
+
+func buildAuthConfigs() map[string]types.AuthConfig {
+	authConfigs := map[string]types.AuthConfig{}
+
+	for _, registry := range []string{"testIndex", IndexServer} {
+		authConfigs[registry] = types.AuthConfig{
+			Username: "docker-user",
+			Password: "docker-pass",
+		}
+	}
+
+	return authConfigs
+}
+
+func TestSameAuthDataPostSave(t *testing.T) {
+	authConfigs := buildAuthConfigs()
+	authConfig := authConfigs["testIndex"]
+	if authConfig.Username != "docker-user" {
+		t.Fail()
+	}
+	if authConfig.Password != "docker-pass" {
+		t.Fail()
+	}
+	if authConfig.Auth != "" {
+		t.Fail()
+	}
+}
+
+func TestResolveAuthConfigIndexServer(t *testing.T) {
+	authConfigs := buildAuthConfigs()
+	indexConfig := authConfigs[IndexServer]
+
+	officialIndex := &registrytypes.IndexInfo{
+		Official: true,
+	}
+	privateIndex := &registrytypes.IndexInfo{
+		Official: false,
+	}
+
+	resolved := ResolveAuthConfig(authConfigs, officialIndex)
+	assertEqual(t, resolved, indexConfig, "Expected ResolveAuthConfig to return IndexServer")
+
+	resolved = ResolveAuthConfig(authConfigs, privateIndex)
+	assertNotEqual(t, resolved, indexConfig, "Expected ResolveAuthConfig to not return IndexServer")
+}
+
+func TestResolveAuthConfigFullURL(t *testing.T) {
+	authConfigs := buildAuthConfigs()
+
+	registryAuth := types.AuthConfig{
+		Username: "foo-user",
+		Password: "foo-pass",
+	}
+	localAuth := types.AuthConfig{
+		Username: "bar-user",
+		Password: "bar-pass",
+	}
+	officialAuth := types.AuthConfig{
+		Username: "baz-user",
+		Password: "baz-pass",
+	}
+	authConfigs[IndexServer] = officialAuth
+
+	expectedAuths := map[string]types.AuthConfig{
+		"registry.example.com": registryAuth,
+		"localhost:8000":       localAuth,
+		"registry.com":         localAuth,
+	}
+
+	validRegistries := map[string][]string{
+		"registry.example.com": {
+			"https://registry.example.com/v1/",
+			"http://registry.example.com/v1/",
+			"registry.example.com",
+			"registry.example.com/v1/",
+		},
+		"localhost:8000": {
+			"https://localhost:8000/v1/",
+			"http://localhost:8000/v1/",
+			"localhost:8000",
+			"localhost:8000/v1/",
+		},
+		"registry.com": {
+			"https://registry.com/v1/",
+			"http://registry.com/v1/",
+			"registry.com",
+			"registry.com/v1/",
+		},
+	}
+
+	for configKey, registries := range validRegistries {
+		configured, ok := expectedAuths[configKey]
+		if !ok {
+			t.Fail()
+		}
+		index := &registrytypes.IndexInfo{
+			Name: configKey,
+		}
+		for _, registry := range registries {
+			authConfigs[registry] = configured
+			resolved := ResolveAuthConfig(authConfigs, index)
+			if resolved.Username != configured.Username || resolved.Password != configured.Password {
+				t.Errorf("%s -> %v != %v\n", registry, resolved, configured)
+			}
+			delete(authConfigs, registry)
+			resolved = ResolveAuthConfig(authConfigs, index)
+			if resolved.Username == configured.Username || resolved.Password == configured.Password {
+				t.Errorf("%s -> %v == %v\n", registry, resolved, configured)
+			}
+		}
+	}
+}
diff --git a/registry/config.go b/registry/config.go
new file mode 100644
index 00000000..50061329
--- /dev/null
+++ b/registry/config.go
@@ -0,0 +1,274 @@
+package registry
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"net/url"
+	"strings"
+
+	"github.com/docker/docker/opts"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/reference"
+	registrytypes "github.com/docker/engine-api/types/registry"
+)
+
+// ServiceOptions holds command line options.
+type ServiceOptions struct {
+	Mirrors            []string `json:"registry-mirrors,omitempty"`
+	InsecureRegistries []string `json:"insecure-registries,omitempty"`
+
+	// V2Only controls access to legacy registries.  If it is set to true via the
+	// command line flag the daemon will not attempt to contact v1 legacy registries
+	V2Only bool `json:"disable-legacy-registry,omitempty"`
+}
+
+// serviceConfig holds daemon configuration for the registry service.
+type serviceConfig struct {
+	registrytypes.ServiceConfig
+	V2Only bool
+}
+
+var (
+	// DefaultNamespace is the default namespace
+	DefaultNamespace = "docker.io"
+	// DefaultRegistryVersionHeader is the name of the default HTTP header
+	// that carries Registry version info
+	DefaultRegistryVersionHeader = "Docker-Distribution-Api-Version"
+
+	// IndexServer is the v1 registry server used for user auth + account creation
+	IndexServer = DefaultV1Registry.String() + "/v1/"
+	// IndexName is the name of the index
+	IndexName = "docker.io"
+
+	// NotaryServer is the endpoint serving the Notary trust server
+	NotaryServer = "https://notary.docker.io"
+
+	// DefaultV1Registry is the URI of the default v1 registry
+	DefaultV1Registry = &url.URL{
+		Scheme: "https",
+		Host:   "index.docker.io",
+	}
+
+	// DefaultV2Registry is the URI of the default v2 registry
+	DefaultV2Registry = &url.URL{
+		Scheme: "https",
+		Host:   "registry-1.docker.io",
+	}
+)
+
+var (
+	// ErrInvalidRepositoryName is an error returned if the repository name did
+	// not have the correct form
+	ErrInvalidRepositoryName = errors.New("Invalid repository name (ex: \"registry.domain.tld/myrepos\")")
+
+	emptyServiceConfig = newServiceConfig(ServiceOptions{})
+)
+
+// for mocking in unit tests
+var lookupIP = net.LookupIP
+
+// InstallCliFlags adds command-line options to the top-level flag parser for
+// the current process.
+func (options *ServiceOptions) InstallCliFlags(cmd *flag.FlagSet, usageFn func(string) string) {
+	mirrors := opts.NewNamedListOptsRef("registry-mirrors", &options.Mirrors, ValidateMirror)
+	cmd.Var(mirrors, []string{"-registry-mirror"}, usageFn("Preferred Docker registry mirror"))
+
+	insecureRegistries := opts.NewNamedListOptsRef("insecure-registries", &options.InsecureRegistries, ValidateIndexName)
+	cmd.Var(insecureRegistries, []string{"-insecure-registry"}, usageFn("Enable insecure registry communication"))
+
+	cmd.BoolVar(&options.V2Only, []string{"-disable-legacy-registry"}, false, usageFn("Do not contact legacy registries"))
+}
+
+// newServiceConfig returns a new instance of ServiceConfig
+func newServiceConfig(options ServiceOptions) *serviceConfig {
+	// Localhost is by default considered as an insecure registry
+	// This is a stop-gap for people who are running a private registry on localhost (especially on Boot2docker).
+	//
+	// TODO: should we deprecate this once it is easier for people to set up a TLS registry or change
+	// daemon flags on boot2docker?
+	options.InsecureRegistries = append(options.InsecureRegistries, "127.0.0.0/8")
+
+	config := &serviceConfig{
+		ServiceConfig: registrytypes.ServiceConfig{
+			InsecureRegistryCIDRs: make([]*registrytypes.NetIPNet, 0),
+			IndexConfigs:          make(map[string]*registrytypes.IndexInfo, 0),
+			// Hack: Bypass setting the mirrors to IndexConfigs since they are going away
+			// and Mirrors are only for the official registry anyways.
+			Mirrors: options.Mirrors,
+		},
+		V2Only: options.V2Only,
+	}
+	// Split --insecure-registry into CIDR and registry-specific settings.
+	for _, r := range options.InsecureRegistries {
+		// Check if CIDR was passed to --insecure-registry
+		_, ipnet, err := net.ParseCIDR(r)
+		if err == nil {
+			// Valid CIDR.
+			config.InsecureRegistryCIDRs = append(config.InsecureRegistryCIDRs, (*registrytypes.NetIPNet)(ipnet))
+		} else {
+			// Assume `host:port` if not CIDR.
+			config.IndexConfigs[r] = &registrytypes.IndexInfo{
+				Name:     r,
+				Mirrors:  make([]string, 0),
+				Secure:   false,
+				Official: false,
+			}
+		}
+	}
+
+	// Configure public registry.
+	config.IndexConfigs[IndexName] = &registrytypes.IndexInfo{
+		Name:     IndexName,
+		Mirrors:  config.Mirrors,
+		Secure:   true,
+		Official: true,
+	}
+
+	return config
+}
+
+// isSecureIndex returns false if the provided indexName is part of the list of insecure registries
+// Insecure registries accept HTTP and/or accept HTTPS with certificates from unknown CAs.
+//
+// The list of insecure registries can contain an element with CIDR notation to specify a whole subnet.
+// If the subnet contains one of the IPs of the registry specified by indexName, the latter is considered
+// insecure.
+//
+// indexName should be a URL.Host (`host:port` or `host`) where the `host` part can be either a domain name
+// or an IP address. If it is a domain name, then it will be resolved in order to check if the IP is contained
+// in a subnet. If the resolving is not successful, isSecureIndex will only try to match hostname to any element
+// of insecureRegistries.
+func isSecureIndex(config *serviceConfig, indexName string) bool {
+	// Check for configured index, first.  This is needed in case isSecureIndex
+	// is called from anything besides newIndexInfo, in order to honor per-index configurations.
+	if index, ok := config.IndexConfigs[indexName]; ok {
+		return index.Secure
+	}
+
+	host, _, err := net.SplitHostPort(indexName)
+	if err != nil {
+		// assume indexName is of the form `host` without the port and go on.
+		host = indexName
+	}
+
+	addrs, err := lookupIP(host)
+	if err != nil {
+		ip := net.ParseIP(host)
+		if ip != nil {
+			addrs = []net.IP{ip}
+		}
+
+		// if ip == nil, then `host` is neither an IP nor it could be looked up,
+		// either because the index is unreachable, or because the index is behind an HTTP proxy.
+		// So, len(addrs) == 0 and we're not aborting.
+	}
+
+	// Try CIDR notation only if addrs has any elements, i.e. if `host`'s IP could be determined.
+	for _, addr := range addrs {
+		for _, ipnet := range config.InsecureRegistryCIDRs {
+			// check if the addr falls in the subnet
+			if (*net.IPNet)(ipnet).Contains(addr) {
+				return false
+			}
+		}
+	}
+
+	return true
+}
+
+// ValidateMirror validates an HTTP(S) registry mirror
+func ValidateMirror(val string) (string, error) {
+	uri, err := url.Parse(val)
+	if err != nil {
+		return "", fmt.Errorf("%s is not a valid URI", val)
+	}
+
+	if uri.Scheme != "http" && uri.Scheme != "https" {
+		return "", fmt.Errorf("Unsupported scheme %s", uri.Scheme)
+	}
+
+	if uri.Path != "" || uri.RawQuery != "" || uri.Fragment != "" {
+		return "", fmt.Errorf("Unsupported path/query/fragment at end of the URI")
+	}
+
+	return fmt.Sprintf("%s://%s/", uri.Scheme, uri.Host), nil
+}
+
+// ValidateIndexName validates an index name.
+func ValidateIndexName(val string) (string, error) {
+	if val == reference.LegacyDefaultHostname {
+		val = reference.DefaultHostname
+	}
+	if strings.HasPrefix(val, "-") || strings.HasSuffix(val, "-") {
+		return "", fmt.Errorf("Invalid index name (%s). Cannot begin or end with a hyphen.", val)
+	}
+	return val, nil
+}
+
+func validateNoSchema(reposName string) error {
+	if strings.Contains(reposName, "://") {
+		// It cannot contain a scheme!
+		return ErrInvalidRepositoryName
+	}
+	return nil
+}
+
+// newIndexInfo returns IndexInfo configuration from indexName
+func newIndexInfo(config *serviceConfig, indexName string) (*registrytypes.IndexInfo, error) {
+	var err error
+	indexName, err = ValidateIndexName(indexName)
+	if err != nil {
+		return nil, err
+	}
+
+	// Return any configured index info, first.
+	if index, ok := config.IndexConfigs[indexName]; ok {
+		return index, nil
+	}
+
+	// Construct a non-configured index info.
+	index := &registrytypes.IndexInfo{
+		Name:     indexName,
+		Mirrors:  make([]string, 0),
+		Official: false,
+	}
+	index.Secure = isSecureIndex(config, indexName)
+	return index, nil
+}
+
+// GetAuthConfigKey special-cases using the full index address of the official
+// index as the AuthConfig key, and uses the (host)name[:port] for private indexes.
+func GetAuthConfigKey(index *registrytypes.IndexInfo) string {
+	if index.Official {
+		return IndexServer
+	}
+	return index.Name
+}
+
+// newRepositoryInfo validates and breaks down a repository name into a RepositoryInfo
+func newRepositoryInfo(config *serviceConfig, name reference.Named) (*RepositoryInfo, error) {
+	index, err := newIndexInfo(config, name.Hostname())
+	if err != nil {
+		return nil, err
+	}
+	official := !strings.ContainsRune(name.Name(), '/')
+	return &RepositoryInfo{name, index, official}, nil
+}
+
+// ParseRepositoryInfo performs the breakdown of a repository name into a RepositoryInfo, but
+// lacks registry configuration.
+func ParseRepositoryInfo(reposName reference.Named) (*RepositoryInfo, error) {
+	return newRepositoryInfo(emptyServiceConfig, reposName)
+}
+
+// ParseSearchIndexInfo will use repository name to get back an indexInfo.
+func ParseSearchIndexInfo(reposName string) (*registrytypes.IndexInfo, error) {
+	indexName, _ := splitReposSearchTerm(reposName)
+
+	indexInfo, err := newIndexInfo(emptyServiceConfig, indexName)
+	if err != nil {
+		return nil, err
+	}
+	return indexInfo, nil
+}
diff --git a/registry/config_test.go b/registry/config_test.go
new file mode 100644
index 00000000..25578a7f
--- /dev/null
+++ b/registry/config_test.go
@@ -0,0 +1,49 @@
+package registry
+
+import (
+	"testing"
+)
+
+func TestValidateMirror(t *testing.T) {
+	valid := []string{
+		"http://mirror-1.com",
+		"https://mirror-1.com",
+		"http://localhost",
+		"https://localhost",
+		"http://localhost:5000",
+		"https://localhost:5000",
+		"http://127.0.0.1",
+		"https://127.0.0.1",
+		"http://127.0.0.1:5000",
+		"https://127.0.0.1:5000",
+	}
+
+	invalid := []string{
+		"!invalid!://%as%",
+		"ftp://mirror-1.com",
+		"http://mirror-1.com/",
+		"http://mirror-1.com/?q=foo",
+		"http://mirror-1.com/v1/",
+		"http://mirror-1.com/v1/?q=foo",
+		"http://mirror-1.com/v1/?q=foo#frag",
+		"http://mirror-1.com?q=foo",
+		"https://mirror-1.com#frag",
+		"https://mirror-1.com/",
+		"https://mirror-1.com/#frag",
+		"https://mirror-1.com/v1/",
+		"https://mirror-1.com/v1/#",
+		"https://mirror-1.com?q",
+	}
+
+	for _, address := range valid {
+		if ret, err := ValidateMirror(address); err != nil || ret == "" {
+			t.Errorf("ValidateMirror(`"+address+"`) got %s %s", ret, err)
+		}
+	}
+
+	for _, address := range invalid {
+		if ret, err := ValidateMirror(address); err == nil || ret != "" {
+			t.Errorf("ValidateMirror(`"+address+"`) got %s %s", ret, err)
+		}
+	}
+}
diff --git a/registry/config_unix.go b/registry/config_unix.go
new file mode 100644
index 00000000..b81d2493
--- /dev/null
+++ b/registry/config_unix.go
@@ -0,0 +1,16 @@
+// +build !windows
+
+package registry
+
+var (
+	// CertsDir is the directory where certificates are stored
+	CertsDir = "/etc/docker/certs.d"
+)
+
+// cleanPath is used to ensure that a directory name is valid on the target
+// platform. It will be passed in something *similar* to a URL such as
+// https:/index.docker.io/v1. Not all platforms support directory names
+// which contain those characters (such as : on Windows)
+func cleanPath(s string) string {
+	return s
+}
diff --git a/registry/config_windows.go b/registry/config_windows.go
new file mode 100644
index 00000000..82bc4afe
--- /dev/null
+++ b/registry/config_windows.go
@@ -0,0 +1,18 @@
+package registry
+
+import (
+	"os"
+	"path/filepath"
+	"strings"
+)
+
+// CertsDir is the directory where certificates are stored
+var CertsDir = os.Getenv("programdata") + `\docker\certs.d`
+
+// cleanPath is used to ensure that a directory name is valid on the target
+// platform. It will be passed in something *similar* to a URL such as
+// https:\index.docker.io\v1. Not all platforms support directory names
+// which contain those characters (such as : on Windows)
+func cleanPath(s string) string {
+	return filepath.FromSlash(strings.Replace(s, ":", "", -1))
+}
diff --git a/registry/endpoint_test.go b/registry/endpoint_test.go
new file mode 100644
index 00000000..8451d3f6
--- /dev/null
+++ b/registry/endpoint_test.go
@@ -0,0 +1,78 @@
+package registry
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"testing"
+)
+
+func TestEndpointParse(t *testing.T) {
+	testData := []struct {
+		str      string
+		expected string
+	}{
+		{IndexServer, IndexServer},
+		{"http://0.0.0.0:5000/v1/", "http://0.0.0.0:5000/v1/"},
+		{"http://0.0.0.0:5000", "http://0.0.0.0:5000/v1/"},
+		{"0.0.0.0:5000", "https://0.0.0.0:5000/v1/"},
+		{"http://0.0.0.0:5000/nonversion/", "http://0.0.0.0:5000/nonversion/v1/"},
+		{"http://0.0.0.0:5000/v0/", "http://0.0.0.0:5000/v0/v1/"},
+	}
+	for _, td := range testData {
+		e, err := newV1EndpointFromStr(td.str, nil, "", nil)
+		if err != nil {
+			t.Errorf("%q: %s", td.str, err)
+		}
+		if e == nil {
+			t.Logf("something's fishy, endpoint for %q is nil", td.str)
+			continue
+		}
+		if e.String() != td.expected {
+			t.Errorf("expected %q, got %q", td.expected, e.String())
+		}
+	}
+}
+
+func TestEndpointParseInvalid(t *testing.T) {
+	testData := []string{
+		"http://0.0.0.0:5000/v2/",
+	}
+	for _, td := range testData {
+		e, err := newV1EndpointFromStr(td, nil, "", nil)
+		if err == nil {
+			t.Errorf("expected error parsing %q: parsed as %q", td, e)
+		}
+	}
+}
+
+// Ensure that a registry endpoint that responds with a 401 only is determined
+// to be a valid v1 registry endpoint
+func TestValidateEndpoint(t *testing.T) {
+	requireBasicAuthHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Add("WWW-Authenticate", `Basic realm="localhost"`)
+		w.WriteHeader(http.StatusUnauthorized)
+	})
+
+	// Make a test server which should validate as a v1 server.
+	testServer := httptest.NewServer(requireBasicAuthHandler)
+	defer testServer.Close()
+
+	testServerURL, err := url.Parse(testServer.URL)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	testEndpoint := V1Endpoint{
+		URL:    testServerURL,
+		client: HTTPClient(NewTransport(nil)),
+	}
+
+	if err = validateEndpoint(&testEndpoint); err != nil {
+		t.Fatal(err)
+	}
+
+	if testEndpoint.URL.Scheme != "http" {
+		t.Fatalf("expecting to validate endpoint as http, got url %s", testEndpoint.String())
+	}
+}
diff --git a/registry/endpoint_v1.go b/registry/endpoint_v1.go
new file mode 100644
index 00000000..fd81972c
--- /dev/null
+++ b/registry/endpoint_v1.go
@@ -0,0 +1,198 @@
+package registry
+
+import (
+	"crypto/tls"
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/registry/client/transport"
+	registrytypes "github.com/docker/engine-api/types/registry"
+)
+
+// V1Endpoint stores basic information about a V1 registry endpoint.
+type V1Endpoint struct {
+	client   *http.Client
+	URL      *url.URL
+	IsSecure bool
+}
+
+// NewV1Endpoint parses the given address to return a registry endpoint.
+func NewV1Endpoint(index *registrytypes.IndexInfo, userAgent string, metaHeaders http.Header) (*V1Endpoint, error) {
+	tlsConfig, err := newTLSConfig(index.Name, index.Secure)
+	if err != nil {
+		return nil, err
+	}
+
+	endpoint, err := newV1EndpointFromStr(GetAuthConfigKey(index), tlsConfig, userAgent, metaHeaders)
+	if err != nil {
+		return nil, err
+	}
+
+	if err := validateEndpoint(endpoint); err != nil {
+		return nil, err
+	}
+
+	return endpoint, nil
+}
+
+func validateEndpoint(endpoint *V1Endpoint) error {
+	logrus.Debugf("pinging registry endpoint %s", endpoint)
+
+	// Try HTTPS ping to registry
+	endpoint.URL.Scheme = "https"
+	if _, err := endpoint.Ping(); err != nil {
+		if endpoint.IsSecure {
+			// If registry is secure and HTTPS failed, show user the error and tell them about `--insecure-registry`
+			// in case that's what they need. DO NOT accept unknown CA certificates, and DO NOT fallback to HTTP.
+			return fmt.Errorf("invalid registry endpoint %s: %v. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry %s` to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/%s/ca.crt", endpoint, err, endpoint.URL.Host, endpoint.URL.Host)
+		}
+
+		// If registry is insecure and HTTPS failed, fallback to HTTP.
+		logrus.Debugf("Error from registry %q marked as insecure: %v. Insecurely falling back to HTTP", endpoint, err)
+		endpoint.URL.Scheme = "http"
+
+		var err2 error
+		if _, err2 = endpoint.Ping(); err2 == nil {
+			return nil
+		}
+
+		return fmt.Errorf("invalid registry endpoint %q. HTTPS attempt: %v. HTTP attempt: %v", endpoint, err, err2)
+	}
+
+	return nil
+}
+
+func newV1Endpoint(address url.URL, tlsConfig *tls.Config, userAgent string, metaHeaders http.Header) (*V1Endpoint, error) {
+	endpoint := &V1Endpoint{
+		IsSecure: (tlsConfig == nil || !tlsConfig.InsecureSkipVerify),
+		URL:      new(url.URL),
+	}
+
+	*endpoint.URL = address
+
+	// TODO(tiborvass): make sure a ConnectTimeout transport is used
+	tr := NewTransport(tlsConfig)
+	endpoint.client = HTTPClient(transport.NewTransport(tr, DockerHeaders(userAgent, metaHeaders)...))
+	return endpoint, nil
+}
+
+// trimV1Address trims the version off the address and returns the
+// trimmed address or an error if there is a non-V1 version.
+func trimV1Address(address string) (string, error) {
+	var (
+		chunks        []string
+		apiVersionStr string
+	)
+
+	if strings.HasSuffix(address, "/") {
+		address = address[:len(address)-1]
+	}
+
+	chunks = strings.Split(address, "/")
+	apiVersionStr = chunks[len(chunks)-1]
+	if apiVersionStr == "v1" {
+		return strings.Join(chunks[:len(chunks)-1], "/"), nil
+	}
+
+	for k, v := range apiVersions {
+		if k != APIVersion1 && apiVersionStr == v {
+			return "", fmt.Errorf("unsupported V1 version path %s", apiVersionStr)
+		}
+	}
+
+	return address, nil
+}
+
+func newV1EndpointFromStr(address string, tlsConfig *tls.Config, userAgent string, metaHeaders http.Header) (*V1Endpoint, error) {
+	if !strings.HasPrefix(address, "http://") && !strings.HasPrefix(address, "https://") {
+		address = "https://" + address
+	}
+
+	address, err := trimV1Address(address)
+	if err != nil {
+		return nil, err
+	}
+
+	uri, err := url.Parse(address)
+	if err != nil {
+		return nil, err
+	}
+
+	endpoint, err := newV1Endpoint(*uri, tlsConfig, userAgent, metaHeaders)
+	if err != nil {
+		return nil, err
+	}
+
+	return endpoint, nil
+}
+
+// Get the formatted URL for the root of this registry Endpoint
+func (e *V1Endpoint) String() string {
+	return e.URL.String() + "/v1/"
+}
+
+// Path returns a formatted string for the URL
+// of this endpoint with the given path appended.
+func (e *V1Endpoint) Path(path string) string {
+	return e.URL.String() + "/v1/" + path
+}
+
+// Ping returns a PingResult which indicates whether the registry is standalone or not.
+func (e *V1Endpoint) Ping() (PingResult, error) {
+	logrus.Debugf("attempting v1 ping for registry endpoint %s", e)
+
+	if e.String() == IndexServer {
+		// Skip the check, we know this one is valid
+		// (and we never want to fallback to http in case of error)
+		return PingResult{Standalone: false}, nil
+	}
+
+	req, err := http.NewRequest("GET", e.Path("_ping"), nil)
+	if err != nil {
+		return PingResult{Standalone: false}, err
+	}
+
+	resp, err := e.client.Do(req)
+	if err != nil {
+		return PingResult{Standalone: false}, err
+	}
+
+	defer resp.Body.Close()
+
+	jsonString, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return PingResult{Standalone: false}, fmt.Errorf("error while reading the http response: %s", err)
+	}
+
+	// If the header is absent, we assume true for compatibility with earlier
+	// versions of the registry. default to true
+	info := PingResult{
+		Standalone: true,
+	}
+	if err := json.Unmarshal(jsonString, &info); err != nil {
+		logrus.Debugf("Error unmarshalling the _ping PingResult: %s", err)
+		// don't stop here. Just assume sane defaults
+	}
+	if hdr := resp.Header.Get("X-Docker-Registry-Version"); hdr != "" {
+		logrus.Debugf("Registry version header: '%s'", hdr)
+		info.Version = hdr
+	}
+	logrus.Debugf("PingResult.Version: %q", info.Version)
+
+	standalone := resp.Header.Get("X-Docker-Registry-Standalone")
+	logrus.Debugf("Registry standalone header: '%s'", standalone)
+	// Accepted values are "true" (case-insensitive) and "1".
+	if strings.EqualFold(standalone, "true") || standalone == "1" {
+		info.Standalone = true
+	} else if len(standalone) > 0 {
+		// there is a header set, and it is not "true" or "1", so assume fails
+		info.Standalone = false
+	}
+	logrus.Debugf("PingResult.Standalone: %t", info.Standalone)
+	return info, nil
+}
diff --git a/registry/reference.go b/registry/reference.go
new file mode 100644
index 00000000..e15f83ee
--- /dev/null
+++ b/registry/reference.go
@@ -0,0 +1,68 @@
+package registry
+
+import (
+	"strings"
+
+	"github.com/docker/distribution/digest"
+)
+
+// Reference represents a tag or digest within a repository
+type Reference interface {
+	// HasDigest returns whether the reference has a verifiable
+	// content addressable reference which may be considered secure.
+	HasDigest() bool
+
+	// ImageName returns an image name for the given repository
+	ImageName(string) string
+
+	// Returns a string representation of the reference
+	String() string
+}
+
+type tagReference struct {
+	tag string
+}
+
+func (tr tagReference) HasDigest() bool {
+	return false
+}
+
+func (tr tagReference) ImageName(repo string) string {
+	return repo + ":" + tr.tag
+}
+
+func (tr tagReference) String() string {
+	return tr.tag
+}
+
+type digestReference struct {
+	digest digest.Digest
+}
+
+func (dr digestReference) HasDigest() bool {
+	return true
+}
+
+func (dr digestReference) ImageName(repo string) string {
+	return repo + "@" + dr.String()
+}
+
+func (dr digestReference) String() string {
+	return dr.digest.String()
+}
+
+// ParseReference parses a reference into either a digest or tag reference
+func ParseReference(ref string) Reference {
+	if strings.Contains(ref, ":") {
+		dgst, err := digest.ParseDigest(ref)
+		if err == nil {
+			return digestReference{digest: dgst}
+		}
+	}
+	return tagReference{tag: ref}
+}
+
+// DigestReference creates a digest reference using a digest
+func DigestReference(dgst digest.Digest) Reference {
+	return digestReference{digest: dgst}
+}
diff --git a/registry/registry.go b/registry/registry.go
new file mode 100644
index 00000000..8fdfe3b0
--- /dev/null
+++ b/registry/registry.go
@@ -0,0 +1,180 @@
+// Package registry contains client primitives to interact with a remote Docker registry.
+package registry
+
+import (
+	"crypto/tls"
+	"crypto/x509"
+	"errors"
+	"fmt"
+	"io/ioutil"
+	"net"
+	"net/http"
+	"os"
+	"path/filepath"
+	"strings"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/registry/client/transport"
+	"github.com/docker/go-connections/tlsconfig"
+)
+
+var (
+	// ErrAlreadyExists is an error returned if an image being pushed
+	// already exists on the remote side
+	ErrAlreadyExists = errors.New("Image already exists")
+)
+
+func newTLSConfig(hostname string, isSecure bool) (*tls.Config, error) {
+	// PreferredServerCipherSuites should have no effect
+	tlsConfig := tlsconfig.ServerDefault
+
+	tlsConfig.InsecureSkipVerify = !isSecure
+
+	if isSecure && CertsDir != "" {
+		hostDir := filepath.Join(CertsDir, cleanPath(hostname))
+		logrus.Debugf("hostDir: %s", hostDir)
+		if err := ReadCertsDirectory(&tlsConfig, hostDir); err != nil {
+			return nil, err
+		}
+	}
+
+	return &tlsConfig, nil
+}
+
+func hasFile(files []os.FileInfo, name string) bool {
+	for _, f := range files {
+		if f.Name() == name {
+			return true
+		}
+	}
+	return false
+}
+
+// ReadCertsDirectory reads the directory for TLS certificates
+// including roots and certificate pairs and updates the
+// provided TLS configuration.
+func ReadCertsDirectory(tlsConfig *tls.Config, directory string) error {
+	fs, err := ioutil.ReadDir(directory)
+	if err != nil && !os.IsNotExist(err) {
+		return err
+	}
+
+	for _, f := range fs {
+		if strings.HasSuffix(f.Name(), ".crt") {
+			if tlsConfig.RootCAs == nil {
+				// TODO(dmcgowan): Copy system pool
+				tlsConfig.RootCAs = x509.NewCertPool()
+			}
+			logrus.Debugf("crt: %s", filepath.Join(directory, f.Name()))
+			data, err := ioutil.ReadFile(filepath.Join(directory, f.Name()))
+			if err != nil {
+				return err
+			}
+			tlsConfig.RootCAs.AppendCertsFromPEM(data)
+		}
+		if strings.HasSuffix(f.Name(), ".cert") {
+			certName := f.Name()
+			keyName := certName[:len(certName)-5] + ".key"
+			logrus.Debugf("cert: %s", filepath.Join(directory, f.Name()))
+			if !hasFile(fs, keyName) {
+				return fmt.Errorf("Missing key %s for client certificate %s. Note that CA certificates should use the extension .crt.", keyName, certName)
+			}
+			cert, err := tls.LoadX509KeyPair(filepath.Join(directory, certName), filepath.Join(directory, keyName))
+			if err != nil {
+				return err
+			}
+			tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
+		}
+		if strings.HasSuffix(f.Name(), ".key") {
+			keyName := f.Name()
+			certName := keyName[:len(keyName)-4] + ".cert"
+			logrus.Debugf("key: %s", filepath.Join(directory, f.Name()))
+			if !hasFile(fs, certName) {
+				return fmt.Errorf("Missing client certificate %s for key %s", certName, keyName)
+			}
+		}
+	}
+
+	return nil
+}
+
+// DockerHeaders returns request modifiers with a User-Agent and metaHeaders
+func DockerHeaders(userAgent string, metaHeaders http.Header) []transport.RequestModifier {
+	modifiers := []transport.RequestModifier{}
+	if userAgent != "" {
+		modifiers = append(modifiers, transport.NewHeaderRequestModifier(http.Header{
+			"User-Agent": []string{userAgent},
+		}))
+	}
+	if metaHeaders != nil {
+		modifiers = append(modifiers, transport.NewHeaderRequestModifier(metaHeaders))
+	}
+	return modifiers
+}
+
+// HTTPClient returns a HTTP client structure which uses the given transport
+// and contains the necessary headers for redirected requests
+func HTTPClient(transport http.RoundTripper) *http.Client {
+	return &http.Client{
+		Transport:     transport,
+		CheckRedirect: addRequiredHeadersToRedirectedRequests,
+	}
+}
+
+func trustedLocation(req *http.Request) bool {
+	var (
+		trusteds = []string{"docker.com", "docker.io"}
+		hostname = strings.SplitN(req.Host, ":", 2)[0]
+	)
+	if req.URL.Scheme != "https" {
+		return false
+	}
+
+	for _, trusted := range trusteds {
+		if hostname == trusted || strings.HasSuffix(hostname, "."+trusted) {
+			return true
+		}
+	}
+	return false
+}
+
+// addRequiredHeadersToRedirectedRequests adds the necessary redirection headers
+// for redirected requests
+func addRequiredHeadersToRedirectedRequests(req *http.Request, via []*http.Request) error {
+	if via != nil && via[0] != nil {
+		if trustedLocation(req) && trustedLocation(via[0]) {
+			req.Header = via[0].Header
+			return nil
+		}
+		for k, v := range via[0].Header {
+			if k != "Authorization" {
+				for _, vv := range v {
+					req.Header.Add(k, vv)
+				}
+			}
+		}
+	}
+	return nil
+}
+
+// NewTransport returns a new HTTP transport. If tlsConfig is nil, it uses the
+// default TLS configuration.
+func NewTransport(tlsConfig *tls.Config) *http.Transport {
+	if tlsConfig == nil {
+		var cfg = tlsconfig.ServerDefault
+		tlsConfig = &cfg
+	}
+	return &http.Transport{
+		Proxy: http.ProxyFromEnvironment,
+		Dial: (&net.Dialer{
+			Timeout:   30 * time.Second,
+			KeepAlive: 30 * time.Second,
+			DualStack: true,
+		}).Dial,
+		TLSHandshakeTimeout: 10 * time.Second,
+		TLSClientConfig:     tlsConfig,
+		// TODO(dmcgowan): Call close idle connections when complete and use keep alive
+		DisableKeepAlives: true,
+	}
+}
diff --git a/registry/registry_mock_test.go b/registry/registry_mock_test.go
new file mode 100644
index 00000000..828f48fc
--- /dev/null
+++ b/registry/registry_mock_test.go
@@ -0,0 +1,476 @@
+package registry
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net"
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"strconv"
+	"strings"
+	"testing"
+	"time"
+
+	"github.com/docker/docker/reference"
+	registrytypes "github.com/docker/engine-api/types/registry"
+	"github.com/gorilla/mux"
+
+	"github.com/Sirupsen/logrus"
+)
+
+var (
+	testHTTPServer  *httptest.Server
+	testHTTPSServer *httptest.Server
+	testLayers      = map[string]map[string]string{
+		"77dbf71da1d00e3fbddc480176eac8994025630c6590d11cfc8fe1209c2a1d20": {
+			"json": `{"id":"77dbf71da1d00e3fbddc480176eac8994025630c6590d11cfc8fe1209c2a1d20",
+				"comment":"test base image","created":"2013-03-23T12:53:11.10432-07:00",
+				"container_config":{"Hostname":"","User":"","Memory":0,"MemorySwap":0,
+				"CpuShares":0,"AttachStdin":false,"AttachStdout":false,"AttachStderr":false,
+				"Tty":false,"OpenStdin":false,"StdinOnce":false,
+				"Env":null,"Cmd":null,"Dns":null,"Image":"","Volumes":null,
+				"VolumesFrom":"","Entrypoint":null},"Size":424242}`,
+			"checksum_simple": "sha256:1ac330d56e05eef6d438586545ceff7550d3bdcb6b19961f12c5ba714ee1bb37",
+			"checksum_tarsum": "tarsum+sha256:4409a0685741ca86d38df878ed6f8cbba4c99de5dc73cd71aef04be3bb70be7c",
+			"ancestry":        `["77dbf71da1d00e3fbddc480176eac8994025630c6590d11cfc8fe1209c2a1d20"]`,
+			"layer": string([]byte{
+				0x1f, 0x8b, 0x08, 0x08, 0x0e, 0xb0, 0xee, 0x51, 0x02, 0x03, 0x6c, 0x61, 0x79, 0x65,
+				0x72, 0x2e, 0x74, 0x61, 0x72, 0x00, 0xed, 0xd2, 0x31, 0x0e, 0xc2, 0x30, 0x0c, 0x05,
+				0x50, 0xcf, 0x9c, 0xc2, 0x27, 0x48, 0xed, 0x38, 0x4e, 0xce, 0x13, 0x44, 0x2b, 0x66,
+				0x62, 0x24, 0x8e, 0x4f, 0xa0, 0x15, 0x63, 0xb6, 0x20, 0x21, 0xfc, 0x96, 0xbf, 0x78,
+				0xb0, 0xf5, 0x1d, 0x16, 0x98, 0x8e, 0x88, 0x8a, 0x2a, 0xbe, 0x33, 0xef, 0x49, 0x31,
+				0xed, 0x79, 0x40, 0x8e, 0x5c, 0x44, 0x85, 0x88, 0x33, 0x12, 0x73, 0x2c, 0x02, 0xa8,
+				0xf0, 0x05, 0xf7, 0x66, 0xf5, 0xd6, 0x57, 0x69, 0xd7, 0x7a, 0x19, 0xcd, 0xf5, 0xb1,
+				0x6d, 0x1b, 0x1f, 0xf9, 0xba, 0xe3, 0x93, 0x3f, 0x22, 0x2c, 0xb6, 0x36, 0x0b, 0xf6,
+				0xb0, 0xa9, 0xfd, 0xe7, 0x94, 0x46, 0xfd, 0xeb, 0xd1, 0x7f, 0x2c, 0xc4, 0xd2, 0xfb,
+				0x97, 0xfe, 0x02, 0x80, 0xe4, 0xfd, 0x4f, 0x77, 0xae, 0x6d, 0x3d, 0x81, 0x73, 0xce,
+				0xb9, 0x7f, 0xf3, 0x04, 0x41, 0xc1, 0xab, 0xc6, 0x00, 0x0a, 0x00, 0x00,
+			}),
+		},
+		"42d718c941f5c532ac049bf0b0ab53f0062f09a03afd4aa4a02c098e46032b9d": {
+			"json": `{"id":"42d718c941f5c532ac049bf0b0ab53f0062f09a03afd4aa4a02c098e46032b9d",
+				"parent":"77dbf71da1d00e3fbddc480176eac8994025630c6590d11cfc8fe1209c2a1d20",
+				"comment":"test base image","created":"2013-03-23T12:55:11.10432-07:00",
+				"container_config":{"Hostname":"","User":"","Memory":0,"MemorySwap":0,
+				"CpuShares":0,"AttachStdin":false,"AttachStdout":false,"AttachStderr":false,
+				"Tty":false,"OpenStdin":false,"StdinOnce":false,
+				"Env":null,"Cmd":null,"Dns":null,"Image":"","Volumes":null,
+				"VolumesFrom":"","Entrypoint":null},"Size":424242}`,
+			"checksum_simple": "sha256:bea7bf2e4bacd479344b737328db47b18880d09096e6674165533aa994f5e9f2",
+			"checksum_tarsum": "tarsum+sha256:68fdb56fb364f074eec2c9b3f85ca175329c4dcabc4a6a452b7272aa613a07a2",
+			"ancestry": `["42d718c941f5c532ac049bf0b0ab53f0062f09a03afd4aa4a02c098e46032b9d",
+				"77dbf71da1d00e3fbddc480176eac8994025630c6590d11cfc8fe1209c2a1d20"]`,
+			"layer": string([]byte{
+				0x1f, 0x8b, 0x08, 0x08, 0xbd, 0xb3, 0xee, 0x51, 0x02, 0x03, 0x6c, 0x61, 0x79, 0x65,
+				0x72, 0x2e, 0x74, 0x61, 0x72, 0x00, 0xed, 0xd1, 0x31, 0x0e, 0xc2, 0x30, 0x0c, 0x05,
+				0x50, 0xcf, 0x9c, 0xc2, 0x27, 0x48, 0x9d, 0x38, 0x8e, 0xcf, 0x53, 0x51, 0xaa, 0x56,
+				0xea, 0x44, 0x82, 0xc4, 0xf1, 0x09, 0xb4, 0xea, 0x98, 0x2d, 0x48, 0x08, 0xbf, 0xe5,
+				0x2f, 0x1e, 0xfc, 0xf5, 0xdd, 0x00, 0xdd, 0x11, 0x91, 0x8a, 0xe0, 0x27, 0xd3, 0x9e,
+				0x14, 0xe2, 0x9e, 0x07, 0xf4, 0xc1, 0x2b, 0x0b, 0xfb, 0xa4, 0x82, 0xe4, 0x3d, 0x93,
+				0x02, 0x0a, 0x7c, 0xc1, 0x23, 0x97, 0xf1, 0x5e, 0x5f, 0xc9, 0xcb, 0x38, 0xb5, 0xee,
+				0xea, 0xd9, 0x3c, 0xb7, 0x4b, 0xbe, 0x7b, 0x9c, 0xf9, 0x23, 0xdc, 0x50, 0x6e, 0xb9,
+				0xb8, 0xf2, 0x2c, 0x5d, 0xf7, 0x4f, 0x31, 0xb6, 0xf6, 0x4f, 0xc7, 0xfe, 0x41, 0x55,
+				0x63, 0xdd, 0x9f, 0x89, 0x09, 0x90, 0x6c, 0xff, 0xee, 0xae, 0xcb, 0xba, 0x4d, 0x17,
+				0x30, 0xc6, 0x18, 0xf3, 0x67, 0x5e, 0xc1, 0xed, 0x21, 0x5d, 0x00, 0x0a, 0x00, 0x00,
+			}),
+		},
+	}
+	testRepositories = map[string]map[string]string{
+		"foo42/bar": {
+			"latest": "42d718c941f5c532ac049bf0b0ab53f0062f09a03afd4aa4a02c098e46032b9d",
+			"test":   "42d718c941f5c532ac049bf0b0ab53f0062f09a03afd4aa4a02c098e46032b9d",
+		},
+	}
+	mockHosts = map[string][]net.IP{
+		"":            {net.ParseIP("0.0.0.0")},
+		"localhost":   {net.ParseIP("127.0.0.1"), net.ParseIP("::1")},
+		"example.com": {net.ParseIP("42.42.42.42")},
+		"other.com":   {net.ParseIP("43.43.43.43")},
+	}
+)
+
+func init() {
+	r := mux.NewRouter()
+
+	// /v1/
+	r.HandleFunc("/v1/_ping", handlerGetPing).Methods("GET")
+	r.HandleFunc("/v1/images/{image_id:[^/]+}/{action:json|layer|ancestry}", handlerGetImage).Methods("GET")
+	r.HandleFunc("/v1/images/{image_id:[^/]+}/{action:json|layer|checksum}", handlerPutImage).Methods("PUT")
+	r.HandleFunc("/v1/repositories/{repository:.+}/tags", handlerGetDeleteTags).Methods("GET", "DELETE")
+	r.HandleFunc("/v1/repositories/{repository:.+}/tags/{tag:.+}", handlerGetTag).Methods("GET")
+	r.HandleFunc("/v1/repositories/{repository:.+}/tags/{tag:.+}", handlerPutTag).Methods("PUT")
+	r.HandleFunc("/v1/users{null:.*}", handlerUsers).Methods("GET", "POST", "PUT")
+	r.HandleFunc("/v1/repositories/{repository:.+}{action:/images|/}", handlerImages).Methods("GET", "PUT", "DELETE")
+	r.HandleFunc("/v1/repositories/{repository:.+}/auth", handlerAuth).Methods("PUT")
+	r.HandleFunc("/v1/search", handlerSearch).Methods("GET")
+
+	// /v2/
+	r.HandleFunc("/v2/version", handlerGetPing).Methods("GET")
+
+	testHTTPServer = httptest.NewServer(handlerAccessLog(r))
+	testHTTPSServer = httptest.NewTLSServer(handlerAccessLog(r))
+
+	// override net.LookupIP
+	lookupIP = func(host string) ([]net.IP, error) {
+		if host == "127.0.0.1" {
+			// I believe in future Go versions this will fail, so let's fix it later
+			return net.LookupIP(host)
+		}
+		for h, addrs := range mockHosts {
+			if host == h {
+				return addrs, nil
+			}
+			for _, addr := range addrs {
+				if addr.String() == host {
+					return []net.IP{addr}, nil
+				}
+			}
+		}
+		return nil, errors.New("lookup: no such host")
+	}
+}
+
+func handlerAccessLog(handler http.Handler) http.Handler {
+	logHandler := func(w http.ResponseWriter, r *http.Request) {
+		logrus.Debugf("%s \"%s %s\"", r.RemoteAddr, r.Method, r.URL)
+		handler.ServeHTTP(w, r)
+	}
+	return http.HandlerFunc(logHandler)
+}
+
+func makeURL(req string) string {
+	return testHTTPServer.URL + req
+}
+
+func makeHTTPSURL(req string) string {
+	return testHTTPSServer.URL + req
+}
+
+func makeIndex(req string) *registrytypes.IndexInfo {
+	index := &registrytypes.IndexInfo{
+		Name: makeURL(req),
+	}
+	return index
+}
+
+func makeHTTPSIndex(req string) *registrytypes.IndexInfo {
+	index := &registrytypes.IndexInfo{
+		Name: makeHTTPSURL(req),
+	}
+	return index
+}
+
+func makePublicIndex() *registrytypes.IndexInfo {
+	index := &registrytypes.IndexInfo{
+		Name:     IndexServer,
+		Secure:   true,
+		Official: true,
+	}
+	return index
+}
+
+func makeServiceConfig(mirrors []string, insecureRegistries []string) *serviceConfig {
+	options := ServiceOptions{
+		Mirrors:            mirrors,
+		InsecureRegistries: insecureRegistries,
+	}
+
+	return newServiceConfig(options)
+}
+
+func writeHeaders(w http.ResponseWriter) {
+	h := w.Header()
+	h.Add("Server", "docker-tests/mock")
+	h.Add("Expires", "-1")
+	h.Add("Content-Type", "application/json")
+	h.Add("Pragma", "no-cache")
+	h.Add("Cache-Control", "no-cache")
+	h.Add("X-Docker-Registry-Version", "0.0.0")
+	h.Add("X-Docker-Registry-Config", "mock")
+}
+
+func writeResponse(w http.ResponseWriter, message interface{}, code int) {
+	writeHeaders(w)
+	w.WriteHeader(code)
+	body, err := json.Marshal(message)
+	if err != nil {
+		io.WriteString(w, err.Error())
+		return
+	}
+	w.Write(body)
+}
+
+func readJSON(r *http.Request, dest interface{}) error {
+	body, err := ioutil.ReadAll(r.Body)
+	if err != nil {
+		return err
+	}
+	return json.Unmarshal(body, dest)
+}
+
+func apiError(w http.ResponseWriter, message string, code int) {
+	body := map[string]string{
+		"error": message,
+	}
+	writeResponse(w, body, code)
+}
+
+func assertEqual(t *testing.T, a interface{}, b interface{}, message string) {
+	if a == b {
+		return
+	}
+	if len(message) == 0 {
+		message = fmt.Sprintf("%v != %v", a, b)
+	}
+	t.Fatal(message)
+}
+
+func assertNotEqual(t *testing.T, a interface{}, b interface{}, message string) {
+	if a != b {
+		return
+	}
+	if len(message) == 0 {
+		message = fmt.Sprintf("%v == %v", a, b)
+	}
+	t.Fatal(message)
+}
+
+// Similar to assertEqual, but does not stop test
+func checkEqual(t *testing.T, a interface{}, b interface{}, messagePrefix string) {
+	if a == b {
+		return
+	}
+	message := fmt.Sprintf("%v != %v", a, b)
+	if len(messagePrefix) != 0 {
+		message = messagePrefix + ": " + message
+	}
+	t.Error(message)
+}
+
+// Similar to assertNotEqual, but does not stop test
+func checkNotEqual(t *testing.T, a interface{}, b interface{}, messagePrefix string) {
+	if a != b {
+		return
+	}
+	message := fmt.Sprintf("%v == %v", a, b)
+	if len(messagePrefix) != 0 {
+		message = messagePrefix + ": " + message
+	}
+	t.Error(message)
+}
+
+func requiresAuth(w http.ResponseWriter, r *http.Request) bool {
+	writeCookie := func() {
+		value := fmt.Sprintf("FAKE-SESSION-%d", time.Now().UnixNano())
+		cookie := &http.Cookie{Name: "session", Value: value, MaxAge: 3600}
+		http.SetCookie(w, cookie)
+		//FIXME(sam): this should be sent only on Index routes
+		value = fmt.Sprintf("FAKE-TOKEN-%d", time.Now().UnixNano())
+		w.Header().Add("X-Docker-Token", value)
+	}
+	if len(r.Cookies()) > 0 {
+		writeCookie()
+		return true
+	}
+	if len(r.Header.Get("Authorization")) > 0 {
+		writeCookie()
+		return true
+	}
+	w.Header().Add("WWW-Authenticate", "token")
+	apiError(w, "Wrong auth", 401)
+	return false
+}
+
+func handlerGetPing(w http.ResponseWriter, r *http.Request) {
+	writeResponse(w, true, 200)
+}
+
+func handlerGetImage(w http.ResponseWriter, r *http.Request) {
+	if !requiresAuth(w, r) {
+		return
+	}
+	vars := mux.Vars(r)
+	layer, exists := testLayers[vars["image_id"]]
+	if !exists {
+		http.NotFound(w, r)
+		return
+	}
+	writeHeaders(w)
+	layerSize := len(layer["layer"])
+	w.Header().Add("X-Docker-Size", strconv.Itoa(layerSize))
+	io.WriteString(w, layer[vars["action"]])
+}
+
+func handlerPutImage(w http.ResponseWriter, r *http.Request) {
+	if !requiresAuth(w, r) {
+		return
+	}
+	vars := mux.Vars(r)
+	imageID := vars["image_id"]
+	action := vars["action"]
+	layer, exists := testLayers[imageID]
+	if !exists {
+		if action != "json" {
+			http.NotFound(w, r)
+			return
+		}
+		layer = make(map[string]string)
+		testLayers[imageID] = layer
+	}
+	if checksum := r.Header.Get("X-Docker-Checksum"); checksum != "" {
+		if checksum != layer["checksum_simple"] && checksum != layer["checksum_tarsum"] {
+			apiError(w, "Wrong checksum", 400)
+			return
+		}
+	}
+	body, err := ioutil.ReadAll(r.Body)
+	if err != nil {
+		apiError(w, fmt.Sprintf("Error: %s", err), 500)
+		return
+	}
+	layer[action] = string(body)
+	writeResponse(w, true, 200)
+}
+
+func handlerGetDeleteTags(w http.ResponseWriter, r *http.Request) {
+	if !requiresAuth(w, r) {
+		return
+	}
+	repositoryName, err := reference.WithName(mux.Vars(r)["repository"])
+	if err != nil {
+		apiError(w, "Could not parse repository", 400)
+		return
+	}
+	tags, exists := testRepositories[repositoryName.String()]
+	if !exists {
+		apiError(w, "Repository not found", 404)
+		return
+	}
+	if r.Method == "DELETE" {
+		delete(testRepositories, repositoryName.String())
+		writeResponse(w, true, 200)
+		return
+	}
+	writeResponse(w, tags, 200)
+}
+
+func handlerGetTag(w http.ResponseWriter, r *http.Request) {
+	if !requiresAuth(w, r) {
+		return
+	}
+	vars := mux.Vars(r)
+	repositoryName, err := reference.WithName(vars["repository"])
+	if err != nil {
+		apiError(w, "Could not parse repository", 400)
+		return
+	}
+	tagName := vars["tag"]
+	tags, exists := testRepositories[repositoryName.String()]
+	if !exists {
+		apiError(w, "Repository not found", 404)
+		return
+	}
+	tag, exists := tags[tagName]
+	if !exists {
+		apiError(w, "Tag not found", 404)
+		return
+	}
+	writeResponse(w, tag, 200)
+}
+
+func handlerPutTag(w http.ResponseWriter, r *http.Request) {
+	if !requiresAuth(w, r) {
+		return
+	}
+	vars := mux.Vars(r)
+	repositoryName, err := reference.WithName(vars["repository"])
+	if err != nil {
+		apiError(w, "Could not parse repository", 400)
+		return
+	}
+	tagName := vars["tag"]
+	tags, exists := testRepositories[repositoryName.String()]
+	if !exists {
+		tags = make(map[string]string)
+		testRepositories[repositoryName.String()] = tags
+	}
+	tagValue := ""
+	readJSON(r, tagValue)
+	tags[tagName] = tagValue
+	writeResponse(w, true, 200)
+}
+
+func handlerUsers(w http.ResponseWriter, r *http.Request) {
+	code := 200
+	if r.Method == "POST" {
+		code = 201
+	} else if r.Method == "PUT" {
+		code = 204
+	}
+	writeResponse(w, "", code)
+}
+
+func handlerImages(w http.ResponseWriter, r *http.Request) {
+	u, _ := url.Parse(testHTTPServer.URL)
+	w.Header().Add("X-Docker-Endpoints", fmt.Sprintf("%s 	,  %s ", u.Host, "test.example.com"))
+	w.Header().Add("X-Docker-Token", fmt.Sprintf("FAKE-SESSION-%d", time.Now().UnixNano()))
+	if r.Method == "PUT" {
+		if strings.HasSuffix(r.URL.Path, "images") {
+			writeResponse(w, "", 204)
+			return
+		}
+		writeResponse(w, "", 200)
+		return
+	}
+	if r.Method == "DELETE" {
+		writeResponse(w, "", 204)
+		return
+	}
+	images := []map[string]string{}
+	for imageID, layer := range testLayers {
+		image := make(map[string]string)
+		image["id"] = imageID
+		image["checksum"] = layer["checksum_tarsum"]
+		image["Tag"] = "latest"
+		images = append(images, image)
+	}
+	writeResponse(w, images, 200)
+}
+
+func handlerAuth(w http.ResponseWriter, r *http.Request) {
+	writeResponse(w, "OK", 200)
+}
+
+func handlerSearch(w http.ResponseWriter, r *http.Request) {
+	result := &registrytypes.SearchResults{
+		Query:      "fakequery",
+		NumResults: 1,
+		Results:    []registrytypes.SearchResult{{Name: "fakeimage", StarCount: 42}},
+	}
+	writeResponse(w, result, 200)
+}
+
+func TestPing(t *testing.T) {
+	res, err := http.Get(makeURL("/v1/_ping"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	assertEqual(t, res.StatusCode, 200, "")
+	assertEqual(t, res.Header.Get("X-Docker-Registry-Config"), "mock",
+		"This is not a Mocked Registry")
+}
+
+/* Uncomment this to test Mocked Registry locally with curl
+ * WARNING: Don't push on the repos uncommented, it'll block the tests
+ *
+func TestWait(t *testing.T) {
+	logrus.Println("Test HTTP server ready and waiting:", testHTTPServer.URL)
+	c := make(chan int)
+	<-c
+}
+
+//*/
diff --git a/registry/registry_test.go b/registry/registry_test.go
new file mode 100644
index 00000000..7442ebc0
--- /dev/null
+++ b/registry/registry_test.go
@@ -0,0 +1,873 @@
+package registry
+
+import (
+	"fmt"
+	"net/http"
+	"net/http/httputil"
+	"net/url"
+	"strings"
+	"testing"
+
+	"github.com/docker/distribution/registry/client/transport"
+	"github.com/docker/docker/reference"
+	"github.com/docker/engine-api/types"
+	registrytypes "github.com/docker/engine-api/types/registry"
+)
+
+var (
+	token = []string{"fake-token"}
+)
+
+const (
+	imageID = "42d718c941f5c532ac049bf0b0ab53f0062f09a03afd4aa4a02c098e46032b9d"
+	REPO    = "foo42/bar"
+)
+
+func spawnTestRegistrySession(t *testing.T) *Session {
+	authConfig := &types.AuthConfig{}
+	endpoint, err := NewV1Endpoint(makeIndex("/v1/"), "", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+	userAgent := "docker test client"
+	var tr http.RoundTripper = debugTransport{NewTransport(nil), t.Log}
+	tr = transport.NewTransport(AuthTransport(tr, authConfig, false), DockerHeaders(userAgent, nil)...)
+	client := HTTPClient(tr)
+	r, err := NewSession(client, authConfig, endpoint)
+	if err != nil {
+		t.Fatal(err)
+	}
+	// In a normal scenario for the v1 registry, the client should send a `X-Docker-Token: true`
+	// header while authenticating, in order to retrieve a token that can be later used to
+	// perform authenticated actions.
+	//
+	// The mock v1 registry does not support that, (TODO(tiborvass): support it), instead,
+	// it will consider authenticated any request with the header `X-Docker-Token: fake-token`.
+	//
+	// Because we know that the client's transport is an `*authTransport` we simply cast it,
+	// in order to set the internal cached token to the fake token, and thus send that fake token
+	// upon every subsequent requests.
+	r.client.Transport.(*authTransport).token = token
+	return r
+}
+
+func TestPingRegistryEndpoint(t *testing.T) {
+	testPing := func(index *registrytypes.IndexInfo, expectedStandalone bool, assertMessage string) {
+		ep, err := NewV1Endpoint(index, "", nil)
+		if err != nil {
+			t.Fatal(err)
+		}
+		regInfo, err := ep.Ping()
+		if err != nil {
+			t.Fatal(err)
+		}
+
+		assertEqual(t, regInfo.Standalone, expectedStandalone, assertMessage)
+	}
+
+	testPing(makeIndex("/v1/"), true, "Expected standalone to be true (default)")
+	testPing(makeHTTPSIndex("/v1/"), true, "Expected standalone to be true (default)")
+	testPing(makePublicIndex(), false, "Expected standalone to be false for public index")
+}
+
+func TestEndpoint(t *testing.T) {
+	// Simple wrapper to fail test if err != nil
+	expandEndpoint := func(index *registrytypes.IndexInfo) *V1Endpoint {
+		endpoint, err := NewV1Endpoint(index, "", nil)
+		if err != nil {
+			t.Fatal(err)
+		}
+		return endpoint
+	}
+
+	assertInsecureIndex := func(index *registrytypes.IndexInfo) {
+		index.Secure = true
+		_, err := NewV1Endpoint(index, "", nil)
+		assertNotEqual(t, err, nil, index.Name+": Expected error for insecure index")
+		assertEqual(t, strings.Contains(err.Error(), "insecure-registry"), true, index.Name+": Expected insecure-registry  error for insecure index")
+		index.Secure = false
+	}
+
+	assertSecureIndex := func(index *registrytypes.IndexInfo) {
+		index.Secure = true
+		_, err := NewV1Endpoint(index, "", nil)
+		assertNotEqual(t, err, nil, index.Name+": Expected cert error for secure index")
+		assertEqual(t, strings.Contains(err.Error(), "certificate signed by unknown authority"), true, index.Name+": Expected cert error for secure index")
+		index.Secure = false
+	}
+
+	index := &registrytypes.IndexInfo{}
+	index.Name = makeURL("/v1/")
+	endpoint := expandEndpoint(index)
+	assertEqual(t, endpoint.String(), index.Name, "Expected endpoint to be "+index.Name)
+	assertInsecureIndex(index)
+
+	index.Name = makeURL("")
+	endpoint = expandEndpoint(index)
+	assertEqual(t, endpoint.String(), index.Name+"/v1/", index.Name+": Expected endpoint to be "+index.Name+"/v1/")
+	assertInsecureIndex(index)
+
+	httpURL := makeURL("")
+	index.Name = strings.SplitN(httpURL, "://", 2)[1]
+	endpoint = expandEndpoint(index)
+	assertEqual(t, endpoint.String(), httpURL+"/v1/", index.Name+": Expected endpoint to be "+httpURL+"/v1/")
+	assertInsecureIndex(index)
+
+	index.Name = makeHTTPSURL("/v1/")
+	endpoint = expandEndpoint(index)
+	assertEqual(t, endpoint.String(), index.Name, "Expected endpoint to be "+index.Name)
+	assertSecureIndex(index)
+
+	index.Name = makeHTTPSURL("")
+	endpoint = expandEndpoint(index)
+	assertEqual(t, endpoint.String(), index.Name+"/v1/", index.Name+": Expected endpoint to be "+index.Name+"/v1/")
+	assertSecureIndex(index)
+
+	httpsURL := makeHTTPSURL("")
+	index.Name = strings.SplitN(httpsURL, "://", 2)[1]
+	endpoint = expandEndpoint(index)
+	assertEqual(t, endpoint.String(), httpsURL+"/v1/", index.Name+": Expected endpoint to be "+httpsURL+"/v1/")
+	assertSecureIndex(index)
+
+	badEndpoints := []string{
+		"http://127.0.0.1/v1/",
+		"https://127.0.0.1/v1/",
+		"http://127.0.0.1",
+		"https://127.0.0.1",
+		"127.0.0.1",
+	}
+	for _, address := range badEndpoints {
+		index.Name = address
+		_, err := NewV1Endpoint(index, "", nil)
+		checkNotEqual(t, err, nil, "Expected error while expanding bad endpoint")
+	}
+}
+
+func TestGetRemoteHistory(t *testing.T) {
+	r := spawnTestRegistrySession(t)
+	hist, err := r.GetRemoteHistory(imageID, makeURL("/v1/"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	assertEqual(t, len(hist), 2, "Expected 2 images in history")
+	assertEqual(t, hist[0], imageID, "Expected "+imageID+"as first ancestry")
+	assertEqual(t, hist[1], "77dbf71da1d00e3fbddc480176eac8994025630c6590d11cfc8fe1209c2a1d20",
+		"Unexpected second ancestry")
+}
+
+func TestLookupRemoteImage(t *testing.T) {
+	r := spawnTestRegistrySession(t)
+	err := r.LookupRemoteImage(imageID, makeURL("/v1/"))
+	assertEqual(t, err, nil, "Expected error of remote lookup to nil")
+	if err := r.LookupRemoteImage("abcdef", makeURL("/v1/")); err == nil {
+		t.Fatal("Expected error of remote lookup to not nil")
+	}
+}
+
+func TestGetRemoteImageJSON(t *testing.T) {
+	r := spawnTestRegistrySession(t)
+	json, size, err := r.GetRemoteImageJSON(imageID, makeURL("/v1/"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	assertEqual(t, size, int64(154), "Expected size 154")
+	if len(json) == 0 {
+		t.Fatal("Expected non-empty json")
+	}
+
+	_, _, err = r.GetRemoteImageJSON("abcdef", makeURL("/v1/"))
+	if err == nil {
+		t.Fatal("Expected image not found error")
+	}
+}
+
+func TestGetRemoteImageLayer(t *testing.T) {
+	r := spawnTestRegistrySession(t)
+	data, err := r.GetRemoteImageLayer(imageID, makeURL("/v1/"), 0)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if data == nil {
+		t.Fatal("Expected non-nil data result")
+	}
+
+	_, err = r.GetRemoteImageLayer("abcdef", makeURL("/v1/"), 0)
+	if err == nil {
+		t.Fatal("Expected image not found error")
+	}
+}
+
+func TestGetRemoteTag(t *testing.T) {
+	r := spawnTestRegistrySession(t)
+	repoRef, err := reference.ParseNamed(REPO)
+	if err != nil {
+		t.Fatal(err)
+	}
+	tag, err := r.GetRemoteTag([]string{makeURL("/v1/")}, repoRef, "test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	assertEqual(t, tag, imageID, "Expected tag test to map to "+imageID)
+
+	bazRef, err := reference.ParseNamed("foo42/baz")
+	if err != nil {
+		t.Fatal(err)
+	}
+	_, err = r.GetRemoteTag([]string{makeURL("/v1/")}, bazRef, "foo")
+	if err != ErrRepoNotFound {
+		t.Fatal("Expected ErrRepoNotFound error when fetching tag for bogus repo")
+	}
+}
+
+func TestGetRemoteTags(t *testing.T) {
+	r := spawnTestRegistrySession(t)
+	repoRef, err := reference.ParseNamed(REPO)
+	if err != nil {
+		t.Fatal(err)
+	}
+	tags, err := r.GetRemoteTags([]string{makeURL("/v1/")}, repoRef)
+	if err != nil {
+		t.Fatal(err)
+	}
+	assertEqual(t, len(tags), 2, "Expected two tags")
+	assertEqual(t, tags["latest"], imageID, "Expected tag latest to map to "+imageID)
+	assertEqual(t, tags["test"], imageID, "Expected tag test to map to "+imageID)
+
+	bazRef, err := reference.ParseNamed("foo42/baz")
+	if err != nil {
+		t.Fatal(err)
+	}
+	_, err = r.GetRemoteTags([]string{makeURL("/v1/")}, bazRef)
+	if err != ErrRepoNotFound {
+		t.Fatal("Expected ErrRepoNotFound error when fetching tags for bogus repo")
+	}
+}
+
+func TestGetRepositoryData(t *testing.T) {
+	r := spawnTestRegistrySession(t)
+	parsedURL, err := url.Parse(makeURL("/v1/"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	host := "http://" + parsedURL.Host + "/v1/"
+	repoRef, err := reference.ParseNamed(REPO)
+	if err != nil {
+		t.Fatal(err)
+	}
+	data, err := r.GetRepositoryData(repoRef)
+	if err != nil {
+		t.Fatal(err)
+	}
+	assertEqual(t, len(data.ImgList), 2, "Expected 2 images in ImgList")
+	assertEqual(t, len(data.Endpoints), 2,
+		fmt.Sprintf("Expected 2 endpoints in Endpoints, found %d instead", len(data.Endpoints)))
+	assertEqual(t, data.Endpoints[0], host,
+		fmt.Sprintf("Expected first endpoint to be %s but found %s instead", host, data.Endpoints[0]))
+	assertEqual(t, data.Endpoints[1], "http://test.example.com/v1/",
+		fmt.Sprintf("Expected first endpoint to be http://test.example.com/v1/ but found %s instead", data.Endpoints[1]))
+
+}
+
+func TestPushImageJSONRegistry(t *testing.T) {
+	r := spawnTestRegistrySession(t)
+	imgData := &ImgData{
+		ID:       "77dbf71da1d00e3fbddc480176eac8994025630c6590d11cfc8fe1209c2a1d20",
+		Checksum: "sha256:1ac330d56e05eef6d438586545ceff7550d3bdcb6b19961f12c5ba714ee1bb37",
+	}
+
+	err := r.PushImageJSONRegistry(imgData, []byte{0x42, 0xdf, 0x0}, makeURL("/v1/"))
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestPushImageLayerRegistry(t *testing.T) {
+	r := spawnTestRegistrySession(t)
+	layer := strings.NewReader("")
+	_, _, err := r.PushImageLayerRegistry(imageID, layer, makeURL("/v1/"), []byte{})
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestParseRepositoryInfo(t *testing.T) {
+	type staticRepositoryInfo struct {
+		Index         *registrytypes.IndexInfo
+		RemoteName    string
+		CanonicalName string
+		LocalName     string
+		Official      bool
+	}
+
+	expectedRepoInfos := map[string]staticRepositoryInfo{
+		"fooo/bar": {
+			Index: &registrytypes.IndexInfo{
+				Name:     IndexName,
+				Official: true,
+			},
+			RemoteName:    "fooo/bar",
+			LocalName:     "fooo/bar",
+			CanonicalName: "docker.io/fooo/bar",
+			Official:      false,
+		},
+		"library/ubuntu": {
+			Index: &registrytypes.IndexInfo{
+				Name:     IndexName,
+				Official: true,
+			},
+			RemoteName:    "library/ubuntu",
+			LocalName:     "ubuntu",
+			CanonicalName: "docker.io/library/ubuntu",
+			Official:      true,
+		},
+		"nonlibrary/ubuntu": {
+			Index: &registrytypes.IndexInfo{
+				Name:     IndexName,
+				Official: true,
+			},
+			RemoteName:    "nonlibrary/ubuntu",
+			LocalName:     "nonlibrary/ubuntu",
+			CanonicalName: "docker.io/nonlibrary/ubuntu",
+			Official:      false,
+		},
+		"ubuntu": {
+			Index: &registrytypes.IndexInfo{
+				Name:     IndexName,
+				Official: true,
+			},
+			RemoteName:    "library/ubuntu",
+			LocalName:     "ubuntu",
+			CanonicalName: "docker.io/library/ubuntu",
+			Official:      true,
+		},
+		"other/library": {
+			Index: &registrytypes.IndexInfo{
+				Name:     IndexName,
+				Official: true,
+			},
+			RemoteName:    "other/library",
+			LocalName:     "other/library",
+			CanonicalName: "docker.io/other/library",
+			Official:      false,
+		},
+		"127.0.0.1:8000/private/moonbase": {
+			Index: &registrytypes.IndexInfo{
+				Name:     "127.0.0.1:8000",
+				Official: false,
+			},
+			RemoteName:    "private/moonbase",
+			LocalName:     "127.0.0.1:8000/private/moonbase",
+			CanonicalName: "127.0.0.1:8000/private/moonbase",
+			Official:      false,
+		},
+		"127.0.0.1:8000/privatebase": {
+			Index: &registrytypes.IndexInfo{
+				Name:     "127.0.0.1:8000",
+				Official: false,
+			},
+			RemoteName:    "privatebase",
+			LocalName:     "127.0.0.1:8000/privatebase",
+			CanonicalName: "127.0.0.1:8000/privatebase",
+			Official:      false,
+		},
+		"localhost:8000/private/moonbase": {
+			Index: &registrytypes.IndexInfo{
+				Name:     "localhost:8000",
+				Official: false,
+			},
+			RemoteName:    "private/moonbase",
+			LocalName:     "localhost:8000/private/moonbase",
+			CanonicalName: "localhost:8000/private/moonbase",
+			Official:      false,
+		},
+		"localhost:8000/privatebase": {
+			Index: &registrytypes.IndexInfo{
+				Name:     "localhost:8000",
+				Official: false,
+			},
+			RemoteName:    "privatebase",
+			LocalName:     "localhost:8000/privatebase",
+			CanonicalName: "localhost:8000/privatebase",
+			Official:      false,
+		},
+		"example.com/private/moonbase": {
+			Index: &registrytypes.IndexInfo{
+				Name:     "example.com",
+				Official: false,
+			},
+			RemoteName:    "private/moonbase",
+			LocalName:     "example.com/private/moonbase",
+			CanonicalName: "example.com/private/moonbase",
+			Official:      false,
+		},
+		"example.com/privatebase": {
+			Index: &registrytypes.IndexInfo{
+				Name:     "example.com",
+				Official: false,
+			},
+			RemoteName:    "privatebase",
+			LocalName:     "example.com/privatebase",
+			CanonicalName: "example.com/privatebase",
+			Official:      false,
+		},
+		"example.com:8000/private/moonbase": {
+			Index: &registrytypes.IndexInfo{
+				Name:     "example.com:8000",
+				Official: false,
+			},
+			RemoteName:    "private/moonbase",
+			LocalName:     "example.com:8000/private/moonbase",
+			CanonicalName: "example.com:8000/private/moonbase",
+			Official:      false,
+		},
+		"example.com:8000/privatebase": {
+			Index: &registrytypes.IndexInfo{
+				Name:     "example.com:8000",
+				Official: false,
+			},
+			RemoteName:    "privatebase",
+			LocalName:     "example.com:8000/privatebase",
+			CanonicalName: "example.com:8000/privatebase",
+			Official:      false,
+		},
+		"localhost/private/moonbase": {
+			Index: &registrytypes.IndexInfo{
+				Name:     "localhost",
+				Official: false,
+			},
+			RemoteName:    "private/moonbase",
+			LocalName:     "localhost/private/moonbase",
+			CanonicalName: "localhost/private/moonbase",
+			Official:      false,
+		},
+		"localhost/privatebase": {
+			Index: &registrytypes.IndexInfo{
+				Name:     "localhost",
+				Official: false,
+			},
+			RemoteName:    "privatebase",
+			LocalName:     "localhost/privatebase",
+			CanonicalName: "localhost/privatebase",
+			Official:      false,
+		},
+		IndexName + "/public/moonbase": {
+			Index: &registrytypes.IndexInfo{
+				Name:     IndexName,
+				Official: true,
+			},
+			RemoteName:    "public/moonbase",
+			LocalName:     "public/moonbase",
+			CanonicalName: "docker.io/public/moonbase",
+			Official:      false,
+		},
+		"index." + IndexName + "/public/moonbase": {
+			Index: &registrytypes.IndexInfo{
+				Name:     IndexName,
+				Official: true,
+			},
+			RemoteName:    "public/moonbase",
+			LocalName:     "public/moonbase",
+			CanonicalName: "docker.io/public/moonbase",
+			Official:      false,
+		},
+		"ubuntu-12.04-base": {
+			Index: &registrytypes.IndexInfo{
+				Name:     IndexName,
+				Official: true,
+			},
+			RemoteName:    "library/ubuntu-12.04-base",
+			LocalName:     "ubuntu-12.04-base",
+			CanonicalName: "docker.io/library/ubuntu-12.04-base",
+			Official:      true,
+		},
+		IndexName + "/ubuntu-12.04-base": {
+			Index: &registrytypes.IndexInfo{
+				Name:     IndexName,
+				Official: true,
+			},
+			RemoteName:    "library/ubuntu-12.04-base",
+			LocalName:     "ubuntu-12.04-base",
+			CanonicalName: "docker.io/library/ubuntu-12.04-base",
+			Official:      true,
+		},
+		"index." + IndexName + "/ubuntu-12.04-base": {
+			Index: &registrytypes.IndexInfo{
+				Name:     IndexName,
+				Official: true,
+			},
+			RemoteName:    "library/ubuntu-12.04-base",
+			LocalName:     "ubuntu-12.04-base",
+			CanonicalName: "docker.io/library/ubuntu-12.04-base",
+			Official:      true,
+		},
+	}
+
+	for reposName, expectedRepoInfo := range expectedRepoInfos {
+		named, err := reference.WithName(reposName)
+		if err != nil {
+			t.Error(err)
+		}
+
+		repoInfo, err := ParseRepositoryInfo(named)
+		if err != nil {
+			t.Error(err)
+		} else {
+			checkEqual(t, repoInfo.Index.Name, expectedRepoInfo.Index.Name, reposName)
+			checkEqual(t, repoInfo.RemoteName(), expectedRepoInfo.RemoteName, reposName)
+			checkEqual(t, repoInfo.Name(), expectedRepoInfo.LocalName, reposName)
+			checkEqual(t, repoInfo.FullName(), expectedRepoInfo.CanonicalName, reposName)
+			checkEqual(t, repoInfo.Index.Official, expectedRepoInfo.Index.Official, reposName)
+			checkEqual(t, repoInfo.Official, expectedRepoInfo.Official, reposName)
+		}
+	}
+}
+
+func TestNewIndexInfo(t *testing.T) {
+	testIndexInfo := func(config *serviceConfig, expectedIndexInfos map[string]*registrytypes.IndexInfo) {
+		for indexName, expectedIndexInfo := range expectedIndexInfos {
+			index, err := newIndexInfo(config, indexName)
+			if err != nil {
+				t.Fatal(err)
+			} else {
+				checkEqual(t, index.Name, expectedIndexInfo.Name, indexName+" name")
+				checkEqual(t, index.Official, expectedIndexInfo.Official, indexName+" is official")
+				checkEqual(t, index.Secure, expectedIndexInfo.Secure, indexName+" is secure")
+				checkEqual(t, len(index.Mirrors), len(expectedIndexInfo.Mirrors), indexName+" mirrors")
+			}
+		}
+	}
+
+	config := newServiceConfig(ServiceOptions{})
+	noMirrors := []string{}
+	expectedIndexInfos := map[string]*registrytypes.IndexInfo{
+		IndexName: {
+			Name:     IndexName,
+			Official: true,
+			Secure:   true,
+			Mirrors:  noMirrors,
+		},
+		"index." + IndexName: {
+			Name:     IndexName,
+			Official: true,
+			Secure:   true,
+			Mirrors:  noMirrors,
+		},
+		"example.com": {
+			Name:     "example.com",
+			Official: false,
+			Secure:   true,
+			Mirrors:  noMirrors,
+		},
+		"127.0.0.1:5000": {
+			Name:     "127.0.0.1:5000",
+			Official: false,
+			Secure:   false,
+			Mirrors:  noMirrors,
+		},
+	}
+	testIndexInfo(config, expectedIndexInfos)
+
+	publicMirrors := []string{"http://mirror1.local", "http://mirror2.local"}
+	config = makeServiceConfig(publicMirrors, []string{"example.com"})
+
+	expectedIndexInfos = map[string]*registrytypes.IndexInfo{
+		IndexName: {
+			Name:     IndexName,
+			Official: true,
+			Secure:   true,
+			Mirrors:  publicMirrors,
+		},
+		"index." + IndexName: {
+			Name:     IndexName,
+			Official: true,
+			Secure:   true,
+			Mirrors:  publicMirrors,
+		},
+		"example.com": {
+			Name:     "example.com",
+			Official: false,
+			Secure:   false,
+			Mirrors:  noMirrors,
+		},
+		"example.com:5000": {
+			Name:     "example.com:5000",
+			Official: false,
+			Secure:   true,
+			Mirrors:  noMirrors,
+		},
+		"127.0.0.1": {
+			Name:     "127.0.0.1",
+			Official: false,
+			Secure:   false,
+			Mirrors:  noMirrors,
+		},
+		"127.0.0.1:5000": {
+			Name:     "127.0.0.1:5000",
+			Official: false,
+			Secure:   false,
+			Mirrors:  noMirrors,
+		},
+		"other.com": {
+			Name:     "other.com",
+			Official: false,
+			Secure:   true,
+			Mirrors:  noMirrors,
+		},
+	}
+	testIndexInfo(config, expectedIndexInfos)
+
+	config = makeServiceConfig(nil, []string{"42.42.0.0/16"})
+	expectedIndexInfos = map[string]*registrytypes.IndexInfo{
+		"example.com": {
+			Name:     "example.com",
+			Official: false,
+			Secure:   false,
+			Mirrors:  noMirrors,
+		},
+		"example.com:5000": {
+			Name:     "example.com:5000",
+			Official: false,
+			Secure:   false,
+			Mirrors:  noMirrors,
+		},
+		"127.0.0.1": {
+			Name:     "127.0.0.1",
+			Official: false,
+			Secure:   false,
+			Mirrors:  noMirrors,
+		},
+		"127.0.0.1:5000": {
+			Name:     "127.0.0.1:5000",
+			Official: false,
+			Secure:   false,
+			Mirrors:  noMirrors,
+		},
+		"other.com": {
+			Name:     "other.com",
+			Official: false,
+			Secure:   true,
+			Mirrors:  noMirrors,
+		},
+	}
+	testIndexInfo(config, expectedIndexInfos)
+}
+
+func TestMirrorEndpointLookup(t *testing.T) {
+	containsMirror := func(endpoints []APIEndpoint) bool {
+		for _, pe := range endpoints {
+			if pe.URL.Host == "my.mirror" {
+				return true
+			}
+		}
+		return false
+	}
+	s := Service{config: makeServiceConfig([]string{"my.mirror"}, nil)}
+
+	imageName, err := reference.WithName(IndexName + "/test/image")
+	if err != nil {
+		t.Error(err)
+	}
+	pushAPIEndpoints, err := s.LookupPushEndpoints(imageName.Hostname())
+	if err != nil {
+		t.Fatal(err)
+	}
+	if containsMirror(pushAPIEndpoints) {
+		t.Fatal("Push endpoint should not contain mirror")
+	}
+
+	pullAPIEndpoints, err := s.LookupPullEndpoints(imageName.Hostname())
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !containsMirror(pullAPIEndpoints) {
+		t.Fatal("Pull endpoint should contain mirror")
+	}
+}
+
+func TestPushRegistryTag(t *testing.T) {
+	r := spawnTestRegistrySession(t)
+	repoRef, err := reference.ParseNamed(REPO)
+	if err != nil {
+		t.Fatal(err)
+	}
+	err = r.PushRegistryTag(repoRef, imageID, "stable", makeURL("/v1/"))
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestPushImageJSONIndex(t *testing.T) {
+	r := spawnTestRegistrySession(t)
+	imgData := []*ImgData{
+		{
+			ID:       "77dbf71da1d00e3fbddc480176eac8994025630c6590d11cfc8fe1209c2a1d20",
+			Checksum: "sha256:1ac330d56e05eef6d438586545ceff7550d3bdcb6b19961f12c5ba714ee1bb37",
+		},
+		{
+			ID:       "42d718c941f5c532ac049bf0b0ab53f0062f09a03afd4aa4a02c098e46032b9d",
+			Checksum: "sha256:bea7bf2e4bacd479344b737328db47b18880d09096e6674165533aa994f5e9f2",
+		},
+	}
+	repoRef, err := reference.ParseNamed(REPO)
+	if err != nil {
+		t.Fatal(err)
+	}
+	repoData, err := r.PushImageJSONIndex(repoRef, imgData, false, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if repoData == nil {
+		t.Fatal("Expected RepositoryData object")
+	}
+	repoData, err = r.PushImageJSONIndex(repoRef, imgData, true, []string{r.indexEndpoint.String()})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if repoData == nil {
+		t.Fatal("Expected RepositoryData object")
+	}
+}
+
+func TestSearchRepositories(t *testing.T) {
+	r := spawnTestRegistrySession(t)
+	results, err := r.SearchRepositories("fakequery")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if results == nil {
+		t.Fatal("Expected non-nil SearchResults object")
+	}
+	assertEqual(t, results.NumResults, 1, "Expected 1 search results")
+	assertEqual(t, results.Query, "fakequery", "Expected 'fakequery' as query")
+	assertEqual(t, results.Results[0].StarCount, 42, "Expected 'fakeimage' to have 42 stars")
+}
+
+func TestTrustedLocation(t *testing.T) {
+	for _, url := range []string{"http://example.com", "https://example.com:7777", "http://docker.io", "http://test.docker.com", "https://fakedocker.com"} {
+		req, _ := http.NewRequest("GET", url, nil)
+		if trustedLocation(req) == true {
+			t.Fatalf("'%s' shouldn't be detected as a trusted location", url)
+		}
+	}
+
+	for _, url := range []string{"https://docker.io", "https://test.docker.com:80"} {
+		req, _ := http.NewRequest("GET", url, nil)
+		if trustedLocation(req) == false {
+			t.Fatalf("'%s' should be detected as a trusted location", url)
+		}
+	}
+}
+
+func TestAddRequiredHeadersToRedirectedRequests(t *testing.T) {
+	for _, urls := range [][]string{
+		{"http://docker.io", "https://docker.com"},
+		{"https://foo.docker.io:7777", "http://bar.docker.com"},
+		{"https://foo.docker.io", "https://example.com"},
+	} {
+		reqFrom, _ := http.NewRequest("GET", urls[0], nil)
+		reqFrom.Header.Add("Content-Type", "application/json")
+		reqFrom.Header.Add("Authorization", "super_secret")
+		reqTo, _ := http.NewRequest("GET", urls[1], nil)
+
+		addRequiredHeadersToRedirectedRequests(reqTo, []*http.Request{reqFrom})
+
+		if len(reqTo.Header) != 1 {
+			t.Fatalf("Expected 1 headers, got %d", len(reqTo.Header))
+		}
+
+		if reqTo.Header.Get("Content-Type") != "application/json" {
+			t.Fatal("'Content-Type' should be 'application/json'")
+		}
+
+		if reqTo.Header.Get("Authorization") != "" {
+			t.Fatal("'Authorization' should be empty")
+		}
+	}
+
+	for _, urls := range [][]string{
+		{"https://docker.io", "https://docker.com"},
+		{"https://foo.docker.io:7777", "https://bar.docker.com"},
+	} {
+		reqFrom, _ := http.NewRequest("GET", urls[0], nil)
+		reqFrom.Header.Add("Content-Type", "application/json")
+		reqFrom.Header.Add("Authorization", "super_secret")
+		reqTo, _ := http.NewRequest("GET", urls[1], nil)
+
+		addRequiredHeadersToRedirectedRequests(reqTo, []*http.Request{reqFrom})
+
+		if len(reqTo.Header) != 2 {
+			t.Fatalf("Expected 2 headers, got %d", len(reqTo.Header))
+		}
+
+		if reqTo.Header.Get("Content-Type") != "application/json" {
+			t.Fatal("'Content-Type' should be 'application/json'")
+		}
+
+		if reqTo.Header.Get("Authorization") != "super_secret" {
+			t.Fatal("'Authorization' should be 'super_secret'")
+		}
+	}
+}
+
+func TestIsSecureIndex(t *testing.T) {
+	tests := []struct {
+		addr               string
+		insecureRegistries []string
+		expected           bool
+	}{
+		{IndexName, nil, true},
+		{"example.com", []string{}, true},
+		{"example.com", []string{"example.com"}, false},
+		{"localhost", []string{"localhost:5000"}, false},
+		{"localhost:5000", []string{"localhost:5000"}, false},
+		{"localhost", []string{"example.com"}, false},
+		{"127.0.0.1:5000", []string{"127.0.0.1:5000"}, false},
+		{"localhost", nil, false},
+		{"localhost:5000", nil, false},
+		{"127.0.0.1", nil, false},
+		{"localhost", []string{"example.com"}, false},
+		{"127.0.0.1", []string{"example.com"}, false},
+		{"example.com", nil, true},
+		{"example.com", []string{"example.com"}, false},
+		{"127.0.0.1", []string{"example.com"}, false},
+		{"127.0.0.1:5000", []string{"example.com"}, false},
+		{"example.com:5000", []string{"42.42.0.0/16"}, false},
+		{"example.com", []string{"42.42.0.0/16"}, false},
+		{"example.com:5000", []string{"42.42.42.42/8"}, false},
+		{"127.0.0.1:5000", []string{"127.0.0.0/8"}, false},
+		{"42.42.42.42:5000", []string{"42.1.1.1/8"}, false},
+		{"invalid.domain.com", []string{"42.42.0.0/16"}, true},
+		{"invalid.domain.com", []string{"invalid.domain.com"}, false},
+		{"invalid.domain.com:5000", []string{"invalid.domain.com"}, true},
+		{"invalid.domain.com:5000", []string{"invalid.domain.com:5000"}, false},
+	}
+	for _, tt := range tests {
+		config := makeServiceConfig(nil, tt.insecureRegistries)
+		if sec := isSecureIndex(config, tt.addr); sec != tt.expected {
+			t.Errorf("isSecureIndex failed for %q %v, expected %v got %v", tt.addr, tt.insecureRegistries, tt.expected, sec)
+		}
+	}
+}
+
+type debugTransport struct {
+	http.RoundTripper
+	log func(...interface{})
+}
+
+func (tr debugTransport) RoundTrip(req *http.Request) (*http.Response, error) {
+	dump, err := httputil.DumpRequestOut(req, false)
+	if err != nil {
+		tr.log("could not dump request")
+	}
+	tr.log(string(dump))
+	resp, err := tr.RoundTripper.RoundTrip(req)
+	if err != nil {
+		return nil, err
+	}
+	dump, err = httputil.DumpResponse(resp, false)
+	if err != nil {
+		tr.log("could not dump response")
+	}
+	tr.log(string(dump))
+	return resp, err
+}
diff --git a/registry/service.go b/registry/service.go
new file mode 100644
index 00000000..cdeca585
--- /dev/null
+++ b/registry/service.go
@@ -0,0 +1,205 @@
+package registry
+
+import (
+	"crypto/tls"
+	"fmt"
+	"net/http"
+	"net/url"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/reference"
+	"github.com/docker/engine-api/types"
+	registrytypes "github.com/docker/engine-api/types/registry"
+)
+
+// Service is a registry service. It tracks configuration data such as a list
+// of mirrors.
+type Service struct {
+	config *serviceConfig
+}
+
+// NewService returns a new instance of Service ready to be
+// installed into an engine.
+func NewService(options ServiceOptions) *Service {
+	return &Service{
+		config: newServiceConfig(options),
+	}
+}
+
+// ServiceConfig returns the public registry service configuration.
+func (s *Service) ServiceConfig() *registrytypes.ServiceConfig {
+	return &s.config.ServiceConfig
+}
+
+// Auth contacts the public registry with the provided credentials,
+// and returns OK if authentication was successful.
+// It can be used to verify the validity of a client's credentials.
+func (s *Service) Auth(authConfig *types.AuthConfig, userAgent string) (status, token string, err error) {
+	serverAddress := authConfig.ServerAddress
+	if serverAddress == "" {
+		serverAddress = IndexServer
+	}
+	if !strings.HasPrefix(serverAddress, "https://") && !strings.HasPrefix(serverAddress, "http://") {
+		serverAddress = "https://" + serverAddress
+	}
+	u, err := url.Parse(serverAddress)
+	if err != nil {
+		return "", "", fmt.Errorf("unable to parse server address: %v", err)
+	}
+
+	endpoints, err := s.LookupPushEndpoints(u.Host)
+	if err != nil {
+		return "", "", err
+	}
+
+	for _, endpoint := range endpoints {
+		login := loginV2
+		if endpoint.Version == APIVersion1 {
+			login = loginV1
+		}
+
+		status, token, err = login(authConfig, endpoint, userAgent)
+		if err == nil {
+			return
+		}
+		if fErr, ok := err.(fallbackError); ok {
+			err = fErr.err
+			logrus.Infof("Error logging in to %s endpoint, trying next endpoint: %v", endpoint.Version, err)
+			continue
+		}
+		return "", "", err
+	}
+
+	return "", "", err
+}
+
+// splitReposSearchTerm breaks a search term into an index name and remote name
+func splitReposSearchTerm(reposName string) (string, string) {
+	nameParts := strings.SplitN(reposName, "/", 2)
+	var indexName, remoteName string
+	if len(nameParts) == 1 || (!strings.Contains(nameParts[0], ".") &&
+		!strings.Contains(nameParts[0], ":") && nameParts[0] != "localhost") {
+		// This is a Docker Index repos (ex: samalba/hipache or ubuntu)
+		// 'docker.io'
+		indexName = IndexName
+		remoteName = reposName
+	} else {
+		indexName = nameParts[0]
+		remoteName = nameParts[1]
+	}
+	return indexName, remoteName
+}
+
+// Search queries the public registry for images matching the specified
+// search terms, and returns the results.
+func (s *Service) Search(term string, authConfig *types.AuthConfig, userAgent string, headers map[string][]string) (*registrytypes.SearchResults, error) {
+	if err := validateNoSchema(term); err != nil {
+		return nil, err
+	}
+
+	indexName, remoteName := splitReposSearchTerm(term)
+
+	index, err := newIndexInfo(s.config, indexName)
+	if err != nil {
+		return nil, err
+	}
+
+	// *TODO: Search multiple indexes.
+	endpoint, err := NewV1Endpoint(index, userAgent, http.Header(headers))
+	if err != nil {
+		return nil, err
+	}
+
+	r, err := NewSession(endpoint.client, authConfig, endpoint)
+	if err != nil {
+		return nil, err
+	}
+
+	if index.Official {
+		localName := remoteName
+		if strings.HasPrefix(localName, "library/") {
+			// If pull "library/foo", it's stored locally under "foo"
+			localName = strings.SplitN(localName, "/", 2)[1]
+		}
+
+		return r.SearchRepositories(localName)
+	}
+	return r.SearchRepositories(remoteName)
+}
+
+// ResolveRepository splits a repository name into its components
+// and configuration of the associated registry.
+func (s *Service) ResolveRepository(name reference.Named) (*RepositoryInfo, error) {
+	return newRepositoryInfo(s.config, name)
+}
+
+// ResolveIndex takes indexName and returns index info
+func (s *Service) ResolveIndex(name string) (*registrytypes.IndexInfo, error) {
+	return newIndexInfo(s.config, name)
+}
+
+// APIEndpoint represents a remote API endpoint
+type APIEndpoint struct {
+	Mirror       bool
+	URL          *url.URL
+	Version      APIVersion
+	Official     bool
+	TrimHostname bool
+	TLSConfig    *tls.Config
+}
+
+// ToV1Endpoint returns a V1 API endpoint based on the APIEndpoint
+func (e APIEndpoint) ToV1Endpoint(userAgent string, metaHeaders http.Header) (*V1Endpoint, error) {
+	return newV1Endpoint(*e.URL, e.TLSConfig, userAgent, metaHeaders)
+}
+
+// TLSConfig constructs a client TLS configuration based on server defaults
+func (s *Service) TLSConfig(hostname string) (*tls.Config, error) {
+	return newTLSConfig(hostname, isSecureIndex(s.config, hostname))
+}
+
+func (s *Service) tlsConfigForMirror(mirrorURL *url.URL) (*tls.Config, error) {
+	return s.TLSConfig(mirrorURL.Host)
+}
+
+// LookupPullEndpoints creates a list of endpoints to try to pull from, in order of preference.
+// It gives preference to v2 endpoints over v1, mirrors over the actual
+// registry, and HTTPS over plain HTTP.
+func (s *Service) LookupPullEndpoints(hostname string) (endpoints []APIEndpoint, err error) {
+	return s.lookupEndpoints(hostname)
+}
+
+// LookupPushEndpoints creates a list of endpoints to try to push to, in order of preference.
+// It gives preference to v2 endpoints over v1, and HTTPS over plain HTTP.
+// Mirrors are not included.
+func (s *Service) LookupPushEndpoints(hostname string) (endpoints []APIEndpoint, err error) {
+	allEndpoints, err := s.lookupEndpoints(hostname)
+	if err == nil {
+		for _, endpoint := range allEndpoints {
+			if !endpoint.Mirror {
+				endpoints = append(endpoints, endpoint)
+			}
+		}
+	}
+	return endpoints, err
+}
+
+func (s *Service) lookupEndpoints(hostname string) (endpoints []APIEndpoint, err error) {
+	endpoints, err = s.lookupV2Endpoints(hostname)
+	if err != nil {
+		return nil, err
+	}
+
+	if s.config.V2Only {
+		return endpoints, nil
+	}
+
+	legacyEndpoints, err := s.lookupV1Endpoints(hostname)
+	if err != nil {
+		return nil, err
+	}
+	endpoints = append(endpoints, legacyEndpoints...)
+
+	return endpoints, nil
+}
diff --git a/registry/service_v1.go b/registry/service_v1.go
new file mode 100644
index 00000000..56121eea
--- /dev/null
+++ b/registry/service_v1.go
@@ -0,0 +1,53 @@
+package registry
+
+import (
+	"net/url"
+
+	"github.com/docker/go-connections/tlsconfig"
+)
+
+func (s *Service) lookupV1Endpoints(hostname string) (endpoints []APIEndpoint, err error) {
+	var cfg = tlsconfig.ServerDefault
+	tlsConfig := &cfg
+	if hostname == DefaultNamespace {
+		endpoints = append(endpoints, APIEndpoint{
+			URL:          DefaultV1Registry,
+			Version:      APIVersion1,
+			Official:     true,
+			TrimHostname: true,
+			TLSConfig:    tlsConfig,
+		})
+		return endpoints, nil
+	}
+
+	tlsConfig, err = s.TLSConfig(hostname)
+	if err != nil {
+		return nil, err
+	}
+
+	endpoints = []APIEndpoint{
+		{
+			URL: &url.URL{
+				Scheme: "https",
+				Host:   hostname,
+			},
+			Version:      APIVersion1,
+			TrimHostname: true,
+			TLSConfig:    tlsConfig,
+		},
+	}
+
+	if tlsConfig.InsecureSkipVerify {
+		endpoints = append(endpoints, APIEndpoint{ // or this
+			URL: &url.URL{
+				Scheme: "http",
+				Host:   hostname,
+			},
+			Version:      APIVersion1,
+			TrimHostname: true,
+			// used to check if supposed to be secure via InsecureSkipVerify
+			TLSConfig: tlsConfig,
+		})
+	}
+	return endpoints, nil
+}
diff --git a/registry/service_v2.go b/registry/service_v2.go
new file mode 100644
index 00000000..4113d57d
--- /dev/null
+++ b/registry/service_v2.go
@@ -0,0 +1,79 @@
+package registry
+
+import (
+	"net/url"
+	"strings"
+
+	"github.com/docker/go-connections/tlsconfig"
+)
+
+func (s *Service) lookupV2Endpoints(hostname string) (endpoints []APIEndpoint, err error) {
+	var cfg = tlsconfig.ServerDefault
+	tlsConfig := &cfg
+	if hostname == DefaultNamespace || hostname == DefaultV1Registry.Host {
+		// v2 mirrors
+		for _, mirror := range s.config.Mirrors {
+			if !strings.HasPrefix(mirror, "http://") && !strings.HasPrefix(mirror, "https://") {
+				mirror = "https://" + mirror
+			}
+			mirrorURL, err := url.Parse(mirror)
+			if err != nil {
+				return nil, err
+			}
+			mirrorTLSConfig, err := s.tlsConfigForMirror(mirrorURL)
+			if err != nil {
+				return nil, err
+			}
+			endpoints = append(endpoints, APIEndpoint{
+				URL: mirrorURL,
+				// guess mirrors are v2
+				Version:      APIVersion2,
+				Mirror:       true,
+				TrimHostname: true,
+				TLSConfig:    mirrorTLSConfig,
+			})
+		}
+		// v2 registry
+		endpoints = append(endpoints, APIEndpoint{
+			URL:          DefaultV2Registry,
+			Version:      APIVersion2,
+			Official:     true,
+			TrimHostname: true,
+			TLSConfig:    tlsConfig,
+		})
+
+		return endpoints, nil
+	}
+
+	tlsConfig, err = s.TLSConfig(hostname)
+	if err != nil {
+		return nil, err
+	}
+
+	endpoints = []APIEndpoint{
+		{
+			URL: &url.URL{
+				Scheme: "https",
+				Host:   hostname,
+			},
+			Version:      APIVersion2,
+			TrimHostname: true,
+			TLSConfig:    tlsConfig,
+		},
+	}
+
+	if tlsConfig.InsecureSkipVerify {
+		endpoints = append(endpoints, APIEndpoint{
+			URL: &url.URL{
+				Scheme: "http",
+				Host:   hostname,
+			},
+			Version:      APIVersion2,
+			TrimHostname: true,
+			// used to check if supposed to be secure via InsecureSkipVerify
+			TLSConfig: tlsConfig,
+		})
+	}
+
+	return endpoints, nil
+}
diff --git a/registry/session.go b/registry/session.go
new file mode 100644
index 00000000..5647ad28
--- /dev/null
+++ b/registry/session.go
@@ -0,0 +1,770 @@
+package registry
+
+import (
+	"bytes"
+	"crypto/sha256"
+	"errors"
+	"sync"
+	// this is required for some certificates
+	_ "crypto/sha512"
+	"encoding/hex"
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net/http"
+	"net/http/cookiejar"
+	"net/url"
+	"strconv"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/registry/api/errcode"
+	"github.com/docker/docker/pkg/httputils"
+	"github.com/docker/docker/pkg/ioutils"
+	"github.com/docker/docker/pkg/stringid"
+	"github.com/docker/docker/pkg/tarsum"
+	"github.com/docker/docker/reference"
+	"github.com/docker/engine-api/types"
+	registrytypes "github.com/docker/engine-api/types/registry"
+)
+
+var (
+	// ErrRepoNotFound is returned if the repository didn't exist on the
+	// remote side
+	ErrRepoNotFound = errors.New("Repository not found")
+)
+
+// A Session is used to communicate with a V1 registry
+type Session struct {
+	indexEndpoint *V1Endpoint
+	client        *http.Client
+	// TODO(tiborvass): remove authConfig
+	authConfig *types.AuthConfig
+	id         string
+}
+
+type authTransport struct {
+	http.RoundTripper
+	*types.AuthConfig
+
+	alwaysSetBasicAuth bool
+	token              []string
+
+	mu     sync.Mutex                      // guards modReq
+	modReq map[*http.Request]*http.Request // original -> modified
+}
+
+// AuthTransport handles the auth layer when communicating with a v1 registry (private or official)
+//
+// For private v1 registries, set alwaysSetBasicAuth to true.
+//
+// For the official v1 registry, if there isn't already an Authorization header in the request,
+// but there is an X-Docker-Token header set to true, then Basic Auth will be used to set the Authorization header.
+// After sending the request with the provided base http.RoundTripper, if an X-Docker-Token header, representing
+// a token, is present in the response, then it gets cached and sent in the Authorization header of all subsequent
+// requests.
+//
+// If the server sends a token without the client having requested it, it is ignored.
+//
+// This RoundTripper also has a CancelRequest method important for correct timeout handling.
+func AuthTransport(base http.RoundTripper, authConfig *types.AuthConfig, alwaysSetBasicAuth bool) http.RoundTripper {
+	if base == nil {
+		base = http.DefaultTransport
+	}
+	return &authTransport{
+		RoundTripper:       base,
+		AuthConfig:         authConfig,
+		alwaysSetBasicAuth: alwaysSetBasicAuth,
+		modReq:             make(map[*http.Request]*http.Request),
+	}
+}
+
+// cloneRequest returns a clone of the provided *http.Request.
+// The clone is a shallow copy of the struct and its Header map.
+func cloneRequest(r *http.Request) *http.Request {
+	// shallow copy of the struct
+	r2 := new(http.Request)
+	*r2 = *r
+	// deep copy of the Header
+	r2.Header = make(http.Header, len(r.Header))
+	for k, s := range r.Header {
+		r2.Header[k] = append([]string(nil), s...)
+	}
+
+	return r2
+}
+
+// RoundTrip changes a HTTP request's headers to add the necessary
+// authentication-related headers
+func (tr *authTransport) RoundTrip(orig *http.Request) (*http.Response, error) {
+	// Authorization should not be set on 302 redirect for untrusted locations.
+	// This logic mirrors the behavior in addRequiredHeadersToRedirectedRequests.
+	// As the authorization logic is currently implemented in RoundTrip,
+	// a 302 redirect is detected by looking at the Referrer header as go http package adds said header.
+	// This is safe as Docker doesn't set Referrer in other scenarios.
+	if orig.Header.Get("Referer") != "" && !trustedLocation(orig) {
+		return tr.RoundTripper.RoundTrip(orig)
+	}
+
+	req := cloneRequest(orig)
+	tr.mu.Lock()
+	tr.modReq[orig] = req
+	tr.mu.Unlock()
+
+	if tr.alwaysSetBasicAuth {
+		if tr.AuthConfig == nil {
+			return nil, errors.New("unexpected error: empty auth config")
+		}
+		req.SetBasicAuth(tr.Username, tr.Password)
+		return tr.RoundTripper.RoundTrip(req)
+	}
+
+	// Don't override
+	if req.Header.Get("Authorization") == "" {
+		if req.Header.Get("X-Docker-Token") == "true" && tr.AuthConfig != nil && len(tr.Username) > 0 {
+			req.SetBasicAuth(tr.Username, tr.Password)
+		} else if len(tr.token) > 0 {
+			req.Header.Set("Authorization", "Token "+strings.Join(tr.token, ","))
+		}
+	}
+	resp, err := tr.RoundTripper.RoundTrip(req)
+	if err != nil {
+		delete(tr.modReq, orig)
+		return nil, err
+	}
+	if len(resp.Header["X-Docker-Token"]) > 0 {
+		tr.token = resp.Header["X-Docker-Token"]
+	}
+	resp.Body = &ioutils.OnEOFReader{
+		Rc: resp.Body,
+		Fn: func() {
+			tr.mu.Lock()
+			delete(tr.modReq, orig)
+			tr.mu.Unlock()
+		},
+	}
+	return resp, nil
+}
+
+// CancelRequest cancels an in-flight request by closing its connection.
+func (tr *authTransport) CancelRequest(req *http.Request) {
+	type canceler interface {
+		CancelRequest(*http.Request)
+	}
+	if cr, ok := tr.RoundTripper.(canceler); ok {
+		tr.mu.Lock()
+		modReq := tr.modReq[req]
+		delete(tr.modReq, req)
+		tr.mu.Unlock()
+		cr.CancelRequest(modReq)
+	}
+}
+
+// NewSession creates a new session
+// TODO(tiborvass): remove authConfig param once registry client v2 is vendored
+func NewSession(client *http.Client, authConfig *types.AuthConfig, endpoint *V1Endpoint) (r *Session, err error) {
+	r = &Session{
+		authConfig:    authConfig,
+		client:        client,
+		indexEndpoint: endpoint,
+		id:            stringid.GenerateRandomID(),
+	}
+
+	var alwaysSetBasicAuth bool
+
+	// If we're working with a standalone private registry over HTTPS, send Basic Auth headers
+	// alongside all our requests.
+	if endpoint.String() != IndexServer && endpoint.URL.Scheme == "https" {
+		info, err := endpoint.Ping()
+		if err != nil {
+			return nil, err
+		}
+		if info.Standalone && authConfig != nil {
+			logrus.Debugf("Endpoint %s is eligible for private registry. Enabling decorator.", endpoint.String())
+			alwaysSetBasicAuth = true
+		}
+	}
+
+	// Annotate the transport unconditionally so that v2 can
+	// properly fallback on v1 when an image is not found.
+	client.Transport = AuthTransport(client.Transport, authConfig, alwaysSetBasicAuth)
+
+	jar, err := cookiejar.New(nil)
+	if err != nil {
+		return nil, errors.New("cookiejar.New is not supposed to return an error")
+	}
+	client.Jar = jar
+
+	return r, nil
+}
+
+// ID returns this registry session's ID.
+func (r *Session) ID() string {
+	return r.id
+}
+
+// GetRemoteHistory retrieves the history of a given image from the registry.
+// It returns a list of the parent's JSON files (including the requested image).
+func (r *Session) GetRemoteHistory(imgID, registry string) ([]string, error) {
+	res, err := r.client.Get(registry + "images/" + imgID + "/ancestry")
+	if err != nil {
+		return nil, err
+	}
+	defer res.Body.Close()
+	if res.StatusCode != 200 {
+		if res.StatusCode == 401 {
+			return nil, errcode.ErrorCodeUnauthorized.WithArgs()
+		}
+		return nil, httputils.NewHTTPRequestError(fmt.Sprintf("Server error: %d trying to fetch remote history for %s", res.StatusCode, imgID), res)
+	}
+
+	var history []string
+	if err := json.NewDecoder(res.Body).Decode(&history); err != nil {
+		return nil, fmt.Errorf("Error while reading the http response: %v", err)
+	}
+
+	logrus.Debugf("Ancestry: %v", history)
+	return history, nil
+}
+
+// LookupRemoteImage checks if an image exists in the registry
+func (r *Session) LookupRemoteImage(imgID, registry string) error {
+	res, err := r.client.Get(registry + "images/" + imgID + "/json")
+	if err != nil {
+		return err
+	}
+	res.Body.Close()
+	if res.StatusCode != 200 {
+		return httputils.NewHTTPRequestError(fmt.Sprintf("HTTP code %d", res.StatusCode), res)
+	}
+	return nil
+}
+
+// GetRemoteImageJSON retrieves an image's JSON metadata from the registry.
+func (r *Session) GetRemoteImageJSON(imgID, registry string) ([]byte, int64, error) {
+	res, err := r.client.Get(registry + "images/" + imgID + "/json")
+	if err != nil {
+		return nil, -1, fmt.Errorf("Failed to download json: %s", err)
+	}
+	defer res.Body.Close()
+	if res.StatusCode != 200 {
+		return nil, -1, httputils.NewHTTPRequestError(fmt.Sprintf("HTTP code %d", res.StatusCode), res)
+	}
+	// if the size header is not present, then set it to '-1'
+	imageSize := int64(-1)
+	if hdr := res.Header.Get("X-Docker-Size"); hdr != "" {
+		imageSize, err = strconv.ParseInt(hdr, 10, 64)
+		if err != nil {
+			return nil, -1, err
+		}
+	}
+
+	jsonString, err := ioutil.ReadAll(res.Body)
+	if err != nil {
+		return nil, -1, fmt.Errorf("Failed to parse downloaded json: %v (%s)", err, jsonString)
+	}
+	return jsonString, imageSize, nil
+}
+
+// GetRemoteImageLayer retrieves an image layer from the registry
+func (r *Session) GetRemoteImageLayer(imgID, registry string, imgSize int64) (io.ReadCloser, error) {
+	var (
+		statusCode = 0
+		res        *http.Response
+		err        error
+		imageURL   = fmt.Sprintf("%simages/%s/layer", registry, imgID)
+	)
+
+	req, err := http.NewRequest("GET", imageURL, nil)
+	if err != nil {
+		return nil, fmt.Errorf("Error while getting from the server: %v", err)
+	}
+	statusCode = 0
+	res, err = r.client.Do(req)
+	if err != nil {
+		logrus.Debugf("Error contacting registry %s: %v", registry, err)
+		// the only case err != nil && res != nil is https://golang.org/src/net/http/client.go#L515
+		if res != nil {
+			if res.Body != nil {
+				res.Body.Close()
+			}
+			statusCode = res.StatusCode
+		}
+		return nil, fmt.Errorf("Server error: Status %d while fetching image layer (%s)",
+			statusCode, imgID)
+	}
+
+	if res.StatusCode != 200 {
+		res.Body.Close()
+		return nil, fmt.Errorf("Server error: Status %d while fetching image layer (%s)",
+			res.StatusCode, imgID)
+	}
+
+	if res.Header.Get("Accept-Ranges") == "bytes" && imgSize > 0 {
+		logrus.Debugf("server supports resume")
+		return httputils.ResumableRequestReaderWithInitialResponse(r.client, req, 5, imgSize, res), nil
+	}
+	logrus.Debugf("server doesn't support resume")
+	return res.Body, nil
+}
+
+// GetRemoteTag retrieves the tag named in the askedTag argument from the given
+// repository. It queries each of the registries supplied in the registries
+// argument, and returns data from the first one that answers the query
+// successfully.
+func (r *Session) GetRemoteTag(registries []string, repositoryRef reference.Named, askedTag string) (string, error) {
+	repository := repositoryRef.RemoteName()
+
+	if strings.Count(repository, "/") == 0 {
+		// This will be removed once the registry supports auto-resolution on
+		// the "library" namespace
+		repository = "library/" + repository
+	}
+	for _, host := range registries {
+		endpoint := fmt.Sprintf("%srepositories/%s/tags/%s", host, repository, askedTag)
+		res, err := r.client.Get(endpoint)
+		if err != nil {
+			return "", err
+		}
+
+		logrus.Debugf("Got status code %d from %s", res.StatusCode, endpoint)
+		defer res.Body.Close()
+
+		if res.StatusCode == 404 {
+			return "", ErrRepoNotFound
+		}
+		if res.StatusCode != 200 {
+			continue
+		}
+
+		var tagID string
+		if err := json.NewDecoder(res.Body).Decode(&tagID); err != nil {
+			return "", err
+		}
+		return tagID, nil
+	}
+	return "", fmt.Errorf("Could not reach any registry endpoint")
+}
+
+// GetRemoteTags retrieves all tags from the given repository. It queries each
+// of the registries supplied in the registries argument, and returns data from
+// the first one that answers the query successfully. It returns a map with
+// tag names as the keys and image IDs as the values.
+func (r *Session) GetRemoteTags(registries []string, repositoryRef reference.Named) (map[string]string, error) {
+	repository := repositoryRef.RemoteName()
+
+	if strings.Count(repository, "/") == 0 {
+		// This will be removed once the registry supports auto-resolution on
+		// the "library" namespace
+		repository = "library/" + repository
+	}
+	for _, host := range registries {
+		endpoint := fmt.Sprintf("%srepositories/%s/tags", host, repository)
+		res, err := r.client.Get(endpoint)
+		if err != nil {
+			return nil, err
+		}
+
+		logrus.Debugf("Got status code %d from %s", res.StatusCode, endpoint)
+		defer res.Body.Close()
+
+		if res.StatusCode == 404 {
+			return nil, ErrRepoNotFound
+		}
+		if res.StatusCode != 200 {
+			continue
+		}
+
+		result := make(map[string]string)
+		if err := json.NewDecoder(res.Body).Decode(&result); err != nil {
+			return nil, err
+		}
+		return result, nil
+	}
+	return nil, fmt.Errorf("Could not reach any registry endpoint")
+}
+
+func buildEndpointsList(headers []string, indexEp string) ([]string, error) {
+	var endpoints []string
+	parsedURL, err := url.Parse(indexEp)
+	if err != nil {
+		return nil, err
+	}
+	var urlScheme = parsedURL.Scheme
+	// The registry's URL scheme has to match the Index'
+	for _, ep := range headers {
+		epList := strings.Split(ep, ",")
+		for _, epListElement := range epList {
+			endpoints = append(
+				endpoints,
+				fmt.Sprintf("%s://%s/v1/", urlScheme, strings.TrimSpace(epListElement)))
+		}
+	}
+	return endpoints, nil
+}
+
+// GetRepositoryData returns lists of images and endpoints for the repository
+func (r *Session) GetRepositoryData(name reference.Named) (*RepositoryData, error) {
+	repositoryTarget := fmt.Sprintf("%srepositories/%s/images", r.indexEndpoint.String(), name.RemoteName())
+
+	logrus.Debugf("[registry] Calling GET %s", repositoryTarget)
+
+	req, err := http.NewRequest("GET", repositoryTarget, nil)
+	if err != nil {
+		return nil, err
+	}
+	// this will set basic auth in r.client.Transport and send cached X-Docker-Token headers for all subsequent requests
+	req.Header.Set("X-Docker-Token", "true")
+	res, err := r.client.Do(req)
+	if err != nil {
+		// check if the error is because of i/o timeout
+		// and return a non-obtuse error message for users
+		// "Get https://index.docker.io/v1/repositories/library/busybox/images: i/o timeout"
+		// was a top search on the docker user forum
+		if isTimeout(err) {
+			return nil, fmt.Errorf("Network timed out while trying to connect to %s. You may want to check your internet connection or if you are behind a proxy.", repositoryTarget)
+		}
+		return nil, fmt.Errorf("Error while pulling image: %v", err)
+	}
+	defer res.Body.Close()
+	if res.StatusCode == 401 {
+		return nil, errcode.ErrorCodeUnauthorized.WithArgs()
+	}
+	// TODO: Right now we're ignoring checksums in the response body.
+	// In the future, we need to use them to check image validity.
+	if res.StatusCode == 404 {
+		return nil, httputils.NewHTTPRequestError(fmt.Sprintf("HTTP code: %d", res.StatusCode), res)
+	} else if res.StatusCode != 200 {
+		errBody, err := ioutil.ReadAll(res.Body)
+		if err != nil {
+			logrus.Debugf("Error reading response body: %s", err)
+		}
+		return nil, httputils.NewHTTPRequestError(fmt.Sprintf("Error: Status %d trying to pull repository %s: %q", res.StatusCode, name.RemoteName(), errBody), res)
+	}
+
+	var endpoints []string
+	if res.Header.Get("X-Docker-Endpoints") != "" {
+		endpoints, err = buildEndpointsList(res.Header["X-Docker-Endpoints"], r.indexEndpoint.String())
+		if err != nil {
+			return nil, err
+		}
+	} else {
+		// Assume the endpoint is on the same host
+		endpoints = append(endpoints, fmt.Sprintf("%s://%s/v1/", r.indexEndpoint.URL.Scheme, req.URL.Host))
+	}
+
+	remoteChecksums := []*ImgData{}
+	if err := json.NewDecoder(res.Body).Decode(&remoteChecksums); err != nil {
+		return nil, err
+	}
+
+	// Forge a better object from the retrieved data
+	imgsData := make(map[string]*ImgData, len(remoteChecksums))
+	for _, elem := range remoteChecksums {
+		imgsData[elem.ID] = elem
+	}
+
+	return &RepositoryData{
+		ImgList:   imgsData,
+		Endpoints: endpoints,
+	}, nil
+}
+
+// PushImageChecksumRegistry uploads checksums for an image
+func (r *Session) PushImageChecksumRegistry(imgData *ImgData, registry string) error {
+	u := registry + "images/" + imgData.ID + "/checksum"
+
+	logrus.Debugf("[registry] Calling PUT %s", u)
+
+	req, err := http.NewRequest("PUT", u, nil)
+	if err != nil {
+		return err
+	}
+	req.Header.Set("X-Docker-Checksum", imgData.Checksum)
+	req.Header.Set("X-Docker-Checksum-Payload", imgData.ChecksumPayload)
+
+	res, err := r.client.Do(req)
+	if err != nil {
+		return fmt.Errorf("Failed to upload metadata: %v", err)
+	}
+	defer res.Body.Close()
+	if len(res.Cookies()) > 0 {
+		r.client.Jar.SetCookies(req.URL, res.Cookies())
+	}
+	if res.StatusCode != 200 {
+		errBody, err := ioutil.ReadAll(res.Body)
+		if err != nil {
+			return fmt.Errorf("HTTP code %d while uploading metadata and error when trying to parse response body: %s", res.StatusCode, err)
+		}
+		var jsonBody map[string]string
+		if err := json.Unmarshal(errBody, &jsonBody); err != nil {
+			errBody = []byte(err.Error())
+		} else if jsonBody["error"] == "Image already exists" {
+			return ErrAlreadyExists
+		}
+		return fmt.Errorf("HTTP code %d while uploading metadata: %q", res.StatusCode, errBody)
+	}
+	return nil
+}
+
+// PushImageJSONRegistry pushes JSON metadata for a local image to the registry
+func (r *Session) PushImageJSONRegistry(imgData *ImgData, jsonRaw []byte, registry string) error {
+
+	u := registry + "images/" + imgData.ID + "/json"
+
+	logrus.Debugf("[registry] Calling PUT %s", u)
+
+	req, err := http.NewRequest("PUT", u, bytes.NewReader(jsonRaw))
+	if err != nil {
+		return err
+	}
+	req.Header.Add("Content-type", "application/json")
+
+	res, err := r.client.Do(req)
+	if err != nil {
+		return fmt.Errorf("Failed to upload metadata: %s", err)
+	}
+	defer res.Body.Close()
+	if res.StatusCode == 401 && strings.HasPrefix(registry, "http://") {
+		return httputils.NewHTTPRequestError("HTTP code 401, Docker will not send auth headers over HTTP.", res)
+	}
+	if res.StatusCode != 200 {
+		errBody, err := ioutil.ReadAll(res.Body)
+		if err != nil {
+			return httputils.NewHTTPRequestError(fmt.Sprintf("HTTP code %d while uploading metadata and error when trying to parse response body: %s", res.StatusCode, err), res)
+		}
+		var jsonBody map[string]string
+		if err := json.Unmarshal(errBody, &jsonBody); err != nil {
+			errBody = []byte(err.Error())
+		} else if jsonBody["error"] == "Image already exists" {
+			return ErrAlreadyExists
+		}
+		return httputils.NewHTTPRequestError(fmt.Sprintf("HTTP code %d while uploading metadata: %q", res.StatusCode, errBody), res)
+	}
+	return nil
+}
+
+// PushImageLayerRegistry sends the checksum of an image layer to the registry
+func (r *Session) PushImageLayerRegistry(imgID string, layer io.Reader, registry string, jsonRaw []byte) (checksum string, checksumPayload string, err error) {
+	u := registry + "images/" + imgID + "/layer"
+
+	logrus.Debugf("[registry] Calling PUT %s", u)
+
+	tarsumLayer, err := tarsum.NewTarSum(layer, false, tarsum.Version0)
+	if err != nil {
+		return "", "", err
+	}
+	h := sha256.New()
+	h.Write(jsonRaw)
+	h.Write([]byte{'\n'})
+	checksumLayer := io.TeeReader(tarsumLayer, h)
+
+	req, err := http.NewRequest("PUT", u, checksumLayer)
+	if err != nil {
+		return "", "", err
+	}
+	req.Header.Add("Content-Type", "application/octet-stream")
+	req.ContentLength = -1
+	req.TransferEncoding = []string{"chunked"}
+	res, err := r.client.Do(req)
+	if err != nil {
+		return "", "", fmt.Errorf("Failed to upload layer: %v", err)
+	}
+	if rc, ok := layer.(io.Closer); ok {
+		if err := rc.Close(); err != nil {
+			return "", "", err
+		}
+	}
+	defer res.Body.Close()
+
+	if res.StatusCode != 200 {
+		errBody, err := ioutil.ReadAll(res.Body)
+		if err != nil {
+			return "", "", httputils.NewHTTPRequestError(fmt.Sprintf("HTTP code %d while uploading metadata and error when trying to parse response body: %s", res.StatusCode, err), res)
+		}
+		return "", "", httputils.NewHTTPRequestError(fmt.Sprintf("Received HTTP code %d while uploading layer: %q", res.StatusCode, errBody), res)
+	}
+
+	checksumPayload = "sha256:" + hex.EncodeToString(h.Sum(nil))
+	return tarsumLayer.Sum(jsonRaw), checksumPayload, nil
+}
+
+// PushRegistryTag pushes a tag on the registry.
+// Remote has the format '<user>/<repo>
+func (r *Session) PushRegistryTag(remote reference.Named, revision, tag, registry string) error {
+	// "jsonify" the string
+	revision = "\"" + revision + "\""
+	path := fmt.Sprintf("repositories/%s/tags/%s", remote.RemoteName(), tag)
+
+	req, err := http.NewRequest("PUT", registry+path, strings.NewReader(revision))
+	if err != nil {
+		return err
+	}
+	req.Header.Add("Content-type", "application/json")
+	req.ContentLength = int64(len(revision))
+	res, err := r.client.Do(req)
+	if err != nil {
+		return err
+	}
+	res.Body.Close()
+	if res.StatusCode != 200 && res.StatusCode != 201 {
+		return httputils.NewHTTPRequestError(fmt.Sprintf("Internal server error: %d trying to push tag %s on %s", res.StatusCode, tag, remote.RemoteName()), res)
+	}
+	return nil
+}
+
+// PushImageJSONIndex uploads an image list to the repository
+func (r *Session) PushImageJSONIndex(remote reference.Named, imgList []*ImgData, validate bool, regs []string) (*RepositoryData, error) {
+	cleanImgList := []*ImgData{}
+	if validate {
+		for _, elem := range imgList {
+			if elem.Checksum != "" {
+				cleanImgList = append(cleanImgList, elem)
+			}
+		}
+	} else {
+		cleanImgList = imgList
+	}
+
+	imgListJSON, err := json.Marshal(cleanImgList)
+	if err != nil {
+		return nil, err
+	}
+	var suffix string
+	if validate {
+		suffix = "images"
+	}
+	u := fmt.Sprintf("%srepositories/%s/%s", r.indexEndpoint.String(), remote.RemoteName(), suffix)
+	logrus.Debugf("[registry] PUT %s", u)
+	logrus.Debugf("Image list pushed to index:\n%s", imgListJSON)
+	headers := map[string][]string{
+		"Content-type": {"application/json"},
+		// this will set basic auth in r.client.Transport and send cached X-Docker-Token headers for all subsequent requests
+		"X-Docker-Token": {"true"},
+	}
+	if validate {
+		headers["X-Docker-Endpoints"] = regs
+	}
+
+	// Redirect if necessary
+	var res *http.Response
+	for {
+		if res, err = r.putImageRequest(u, headers, imgListJSON); err != nil {
+			return nil, err
+		}
+		if !shouldRedirect(res) {
+			break
+		}
+		res.Body.Close()
+		u = res.Header.Get("Location")
+		logrus.Debugf("Redirected to %s", u)
+	}
+	defer res.Body.Close()
+
+	if res.StatusCode == 401 {
+		return nil, errcode.ErrorCodeUnauthorized.WithArgs()
+	}
+
+	var tokens, endpoints []string
+	if !validate {
+		if res.StatusCode != 200 && res.StatusCode != 201 {
+			errBody, err := ioutil.ReadAll(res.Body)
+			if err != nil {
+				logrus.Debugf("Error reading response body: %s", err)
+			}
+			return nil, httputils.NewHTTPRequestError(fmt.Sprintf("Error: Status %d trying to push repository %s: %q", res.StatusCode, remote.RemoteName(), errBody), res)
+		}
+		tokens = res.Header["X-Docker-Token"]
+		logrus.Debugf("Auth token: %v", tokens)
+
+		if res.Header.Get("X-Docker-Endpoints") == "" {
+			return nil, fmt.Errorf("Index response didn't contain any endpoints")
+		}
+		endpoints, err = buildEndpointsList(res.Header["X-Docker-Endpoints"], r.indexEndpoint.String())
+		if err != nil {
+			return nil, err
+		}
+	} else {
+		if res.StatusCode != 204 {
+			errBody, err := ioutil.ReadAll(res.Body)
+			if err != nil {
+				logrus.Debugf("Error reading response body: %s", err)
+			}
+			return nil, httputils.NewHTTPRequestError(fmt.Sprintf("Error: Status %d trying to push checksums %s: %q", res.StatusCode, remote.RemoteName(), errBody), res)
+		}
+	}
+
+	return &RepositoryData{
+		Endpoints: endpoints,
+	}, nil
+}
+
+func (r *Session) putImageRequest(u string, headers map[string][]string, body []byte) (*http.Response, error) {
+	req, err := http.NewRequest("PUT", u, bytes.NewReader(body))
+	if err != nil {
+		return nil, err
+	}
+	req.ContentLength = int64(len(body))
+	for k, v := range headers {
+		req.Header[k] = v
+	}
+	response, err := r.client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	return response, nil
+}
+
+func shouldRedirect(response *http.Response) bool {
+	return response.StatusCode >= 300 && response.StatusCode < 400
+}
+
+// SearchRepositories performs a search against the remote repository
+func (r *Session) SearchRepositories(term string) (*registrytypes.SearchResults, error) {
+	logrus.Debugf("Index server: %s", r.indexEndpoint)
+	u := r.indexEndpoint.String() + "search?q=" + url.QueryEscape(term)
+
+	req, err := http.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, fmt.Errorf("Error while getting from the server: %v", err)
+	}
+	// Have the AuthTransport send authentication, when logged in.
+	req.Header.Set("X-Docker-Token", "true")
+	res, err := r.client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer res.Body.Close()
+	if res.StatusCode != 200 {
+		return nil, httputils.NewHTTPRequestError(fmt.Sprintf("Unexpected status code %d", res.StatusCode), res)
+	}
+	result := new(registrytypes.SearchResults)
+	return result, json.NewDecoder(res.Body).Decode(result)
+}
+
+// GetAuthConfig returns the authentication settings for a session
+// TODO(tiborvass): remove this once registry client v2 is vendored
+func (r *Session) GetAuthConfig(withPasswd bool) *types.AuthConfig {
+	password := ""
+	if withPasswd {
+		password = r.authConfig.Password
+	}
+	return &types.AuthConfig{
+		Username: r.authConfig.Username,
+		Password: password,
+	}
+}
+
+func isTimeout(err error) bool {
+	type timeout interface {
+		Timeout() bool
+	}
+	e := err
+	switch urlErr := err.(type) {
+	case *url.Error:
+		e = urlErr.Err
+	}
+	t, ok := e.(timeout)
+	return ok && t.Timeout()
+}
diff --git a/registry/types.go b/registry/types.go
new file mode 100644
index 00000000..4247fed6
--- /dev/null
+++ b/registry/types.go
@@ -0,0 +1,70 @@
+package registry
+
+import (
+	"github.com/docker/docker/reference"
+	registrytypes "github.com/docker/engine-api/types/registry"
+)
+
+// RepositoryData tracks the image list, list of endpoints, and list of tokens
+// for a repository
+type RepositoryData struct {
+	// ImgList is a list of images in the repository
+	ImgList map[string]*ImgData
+	// Endpoints is a list of endpoints returned in X-Docker-Endpoints
+	Endpoints []string
+	// Tokens is currently unused (remove it?)
+	Tokens []string
+}
+
+// ImgData is used to transfer image checksums to and from the registry
+type ImgData struct {
+	// ID is an opaque string that identifies the image
+	ID              string `json:"id"`
+	Checksum        string `json:"checksum,omitempty"`
+	ChecksumPayload string `json:"-"`
+	Tag             string `json:",omitempty"`
+}
+
+// PingResult contains the information returned when pinging a registry. It
+// indicates the registry's version and whether the registry claims to be a
+// standalone registry.
+type PingResult struct {
+	// Version is the registry version supplied by the registry in a HTTP
+	// header
+	Version string `json:"version"`
+	// Standalone is set to true if the registry indicates it is a
+	// standalone registry in the X-Docker-Registry-Standalone
+	// header
+	Standalone bool `json:"standalone"`
+}
+
+// APIVersion is an integral representation of an API version (presently
+// either 1 or 2)
+type APIVersion int
+
+func (av APIVersion) String() string {
+	return apiVersions[av]
+}
+
+// API Version identifiers.
+const (
+	_                      = iota
+	APIVersion1 APIVersion = iota
+	APIVersion2
+)
+
+var apiVersions = map[APIVersion]string{
+	APIVersion1: "v1",
+	APIVersion2: "v2",
+}
+
+// RepositoryInfo describes a repository
+type RepositoryInfo struct {
+	reference.Named
+	// Index points to registry information
+	Index *registrytypes.IndexInfo
+	// Official indicates whether the repository is considered official.
+	// If the registry is official, and the normalized name does not
+	// contain a '/' (e.g. "foo"), then it is considered an official repo.
+	Official bool
+}
diff --git a/restartmanager/restartmanager.go b/restartmanager/restartmanager.go
new file mode 100644
index 00000000..0e844de2
--- /dev/null
+++ b/restartmanager/restartmanager.go
@@ -0,0 +1,131 @@
+package restartmanager
+
+import (
+	"errors"
+	"fmt"
+	"sync"
+	"time"
+
+	"github.com/docker/engine-api/types/container"
+)
+
+const (
+	backoffMultiplier = 2
+	defaultTimeout    = 100 * time.Millisecond
+)
+
+// ErrRestartCanceled is returned when the restart manager has been
+// canceled and will no longer restart the container.
+var ErrRestartCanceled = errors.New("restart canceled")
+
+// RestartManager defines object that controls container restarting rules.
+type RestartManager interface {
+	Cancel() error
+	ShouldRestart(exitCode uint32, hasBeenManuallyStopped bool, executionDuration time.Duration) (bool, chan error, error)
+}
+
+type restartManager struct {
+	sync.Mutex
+	sync.Once
+	policy       container.RestartPolicy
+	failureCount int
+	timeout      time.Duration
+	active       bool
+	cancel       chan struct{}
+	canceled     bool
+}
+
+// New returns a new restartmanager based on a policy.
+func New(policy container.RestartPolicy) RestartManager {
+	return &restartManager{policy: policy, cancel: make(chan struct{})}
+}
+
+func (rm *restartManager) SetPolicy(policy container.RestartPolicy) {
+	rm.Lock()
+	rm.policy = policy
+	rm.Unlock()
+}
+
+func (rm *restartManager) ShouldRestart(exitCode uint32, hasBeenManuallyStopped bool, executionDuration time.Duration) (bool, chan error, error) {
+	if rm.policy.IsNone() {
+		return false, nil, nil
+	}
+	rm.Lock()
+	unlockOnExit := true
+	defer func() {
+		if unlockOnExit {
+			rm.Unlock()
+		}
+	}()
+
+	if rm.canceled {
+		return false, nil, ErrRestartCanceled
+	}
+
+	if rm.active {
+		return false, nil, fmt.Errorf("invalid call on active restartmanager")
+	}
+
+	if exitCode != 0 {
+		rm.failureCount++
+	} else {
+		rm.failureCount = 0
+	}
+
+	// if the container ran for more than 10s, reguardless of status and policy reset the
+	// the timeout back to the default.
+	if executionDuration.Seconds() >= 10 {
+		rm.timeout = 0
+	}
+	if rm.timeout == 0 {
+		rm.timeout = defaultTimeout
+	} else {
+		rm.timeout *= backoffMultiplier
+	}
+
+	var restart bool
+	switch {
+	case rm.policy.IsAlways(), rm.policy.IsUnlessStopped():
+		restart = true
+	case rm.policy.IsOnFailure():
+		// the default value of 0 for MaximumRetryCount means that we will not enforce a maximum count
+		if max := rm.policy.MaximumRetryCount; max == 0 || rm.failureCount <= max {
+			restart = exitCode != 0
+		}
+	}
+
+	if !restart {
+		rm.active = false
+		return false, nil, nil
+	}
+
+	unlockOnExit = false
+	rm.active = true
+	rm.Unlock()
+
+	ch := make(chan error)
+	go func() {
+		select {
+		case <-rm.cancel:
+			ch <- ErrRestartCanceled
+			close(ch)
+		case <-time.After(rm.timeout):
+			rm.Lock()
+			close(ch)
+			rm.active = false
+			rm.Unlock()
+		}
+	}()
+
+	return true, ch, nil
+}
+
+func (rm *restartManager) Cancel() error {
+	rm.Do(func() {
+		rm.Lock()
+		rm.canceled = true
+		close(rm.cancel)
+		rm.Unlock()
+	})
+	return nil
+}
diff --git a/restartmanager/restartmanager_test.go b/restartmanager/restartmanager_test.go
new file mode 100644
index 00000000..9c9f805e
--- /dev/null
+++ b/restartmanager/restartmanager_test.go
@@ -0,0 +1,34 @@
+package restartmanager
+
+import (
+	"testing"
+	"time"
+
+	"github.com/docker/engine-api/types/container"
+)
+
+func TestRestartManagerTimeout(t *testing.T) {
+	rm := New(container.RestartPolicy{Name: "always", MaximumRetryCount: 0}).(*restartManager)
+	should, _, err := rm.ShouldRestart(0, false, 1*time.Second)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !should {
+		t.Fatal("container should be restarted")
+	}
+	if rm.timeout != 100*time.Millisecond {
+		t.Fatalf("restart manager should have a timeout of 100ms but has %s", rm.timeout)
+	}
+}
+
+func TestRestartManagerTimeoutReset(t *testing.T) {
+	rm := New(container.RestartPolicy{Name: "always", MaximumRetryCount: 0}).(*restartManager)
+	rm.timeout = 5 * time.Second
+	_, _, err := rm.ShouldRestart(0, false, 10*time.Second)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if rm.timeout != 100*time.Millisecond {
+		t.Fatalf("restart manager should have a timeout of 100ms but has %s", rm.timeout)
+	}
+}
diff --git a/runconfig/compare.go b/runconfig/compare.go
new file mode 100644
index 00000000..61346aab
--- /dev/null
+++ b/runconfig/compare.go
@@ -0,0 +1,61 @@
+package runconfig
+
+import "github.com/docker/engine-api/types/container"
+
+// Compare two Config struct. Do not compare the "Image" nor "Hostname" fields
+// If OpenStdin is set, then it differs
+func Compare(a, b *container.Config) bool {
+	if a == nil || b == nil ||
+		a.OpenStdin || b.OpenStdin {
+		return false
+	}
+	if a.AttachStdout != b.AttachStdout ||
+		a.AttachStderr != b.AttachStderr ||
+		a.User != b.User ||
+		a.OpenStdin != b.OpenStdin ||
+		a.Tty != b.Tty {
+		return false
+	}
+
+	if len(a.Cmd) != len(b.Cmd) ||
+		len(a.Env) != len(b.Env) ||
+		len(a.Labels) != len(b.Labels) ||
+		len(a.ExposedPorts) != len(b.ExposedPorts) ||
+		len(a.Entrypoint) != len(b.Entrypoint) ||
+		len(a.Volumes) != len(b.Volumes) {
+		return false
+	}
+
+	for i := 0; i < len(a.Cmd); i++ {
+		if a.Cmd[i] != b.Cmd[i] {
+			return false
+		}
+	}
+	for i := 0; i < len(a.Env); i++ {
+		if a.Env[i] != b.Env[i] {
+			return false
+		}
+	}
+	for k, v := range a.Labels {
+		if v != b.Labels[k] {
+			return false
+		}
+	}
+	for k := range a.ExposedPorts {
+		if _, exists := b.ExposedPorts[k]; !exists {
+			return false
+		}
+	}
+
+	for i := 0; i < len(a.Entrypoint); i++ {
+		if a.Entrypoint[i] != b.Entrypoint[i] {
+			return false
+		}
+	}
+	for key := range a.Volumes {
+		if _, exists := b.Volumes[key]; !exists {
+			return false
+		}
+	}
+	return true
+}
diff --git a/runconfig/compare_test.go b/runconfig/compare_test.go
new file mode 100644
index 00000000..9c17c553
--- /dev/null
+++ b/runconfig/compare_test.go
@@ -0,0 +1,126 @@
+package runconfig
+
+import (
+	"testing"
+
+	"github.com/docker/engine-api/types/container"
+	"github.com/docker/engine-api/types/strslice"
+	"github.com/docker/go-connections/nat"
+)
+
+// Just to make life easier
+func newPortNoError(proto, port string) nat.Port {
+	p, _ := nat.NewPort(proto, port)
+	return p
+}
+
+func TestCompare(t *testing.T) {
+	ports1 := make(nat.PortSet)
+	ports1[newPortNoError("tcp", "1111")] = struct{}{}
+	ports1[newPortNoError("tcp", "2222")] = struct{}{}
+	ports2 := make(nat.PortSet)
+	ports2[newPortNoError("tcp", "3333")] = struct{}{}
+	ports2[newPortNoError("tcp", "4444")] = struct{}{}
+	ports3 := make(nat.PortSet)
+	ports3[newPortNoError("tcp", "1111")] = struct{}{}
+	ports3[newPortNoError("tcp", "2222")] = struct{}{}
+	ports3[newPortNoError("tcp", "5555")] = struct{}{}
+	volumes1 := make(map[string]struct{})
+	volumes1["/test1"] = struct{}{}
+	volumes2 := make(map[string]struct{})
+	volumes2["/test2"] = struct{}{}
+	volumes3 := make(map[string]struct{})
+	volumes3["/test1"] = struct{}{}
+	volumes3["/test3"] = struct{}{}
+	envs1 := []string{"ENV1=value1", "ENV2=value2"}
+	envs2 := []string{"ENV1=value1", "ENV3=value3"}
+	entrypoint1 := strslice.StrSlice{"/bin/sh", "-c"}
+	entrypoint2 := strslice.StrSlice{"/bin/sh", "-d"}
+	entrypoint3 := strslice.StrSlice{"/bin/sh", "-c", "echo"}
+	cmd1 := strslice.StrSlice{"/bin/sh", "-c"}
+	cmd2 := strslice.StrSlice{"/bin/sh", "-d"}
+	cmd3 := strslice.StrSlice{"/bin/sh", "-c", "echo"}
+	labels1 := map[string]string{"LABEL1": "value1", "LABEL2": "value2"}
+	labels2 := map[string]string{"LABEL1": "value1", "LABEL2": "value3"}
+	labels3 := map[string]string{"LABEL1": "value1", "LABEL2": "value2", "LABEL3": "value3"}
+
+	sameConfigs := map[*container.Config]*container.Config{
+		// Empty config
+		&container.Config{}: {},
+		// Does not compare hostname, domainname & image
+		&container.Config{
+			Hostname:   "host1",
+			Domainname: "domain1",
+			Image:      "image1",
+			User:       "user",
+		}: {
+			Hostname:   "host2",
+			Domainname: "domain2",
+			Image:      "image2",
+			User:       "user",
+		},
+		// only OpenStdin
+		&container.Config{OpenStdin: false}: {OpenStdin: false},
+		// only env
+		&container.Config{Env: envs1}: {Env: envs1},
+		// only cmd
+		&container.Config{Cmd: cmd1}: {Cmd: cmd1},
+		// only labels
+		&container.Config{Labels: labels1}: {Labels: labels1},
+		// only exposedPorts
+		&container.Config{ExposedPorts: ports1}: {ExposedPorts: ports1},
+		// only entrypoints
+		&container.Config{Entrypoint: entrypoint1}: {Entrypoint: entrypoint1},
+		// only volumes
+		&container.Config{Volumes: volumes1}: {Volumes: volumes1},
+	}
+	differentConfigs := map[*container.Config]*container.Config{
+		nil: nil,
+		&container.Config{
+			Hostname:   "host1",
+			Domainname: "domain1",
+			Image:      "image1",
+			User:       "user1",
+		}: {
+			Hostname:   "host1",
+			Domainname: "domain1",
+			Image:      "image1",
+			User:       "user2",
+		},
+		// only OpenStdin
+		&container.Config{OpenStdin: false}: {OpenStdin: true},
+		&container.Config{OpenStdin: true}:  {OpenStdin: false},
+		// only env
+		&container.Config{Env: envs1}: {Env: envs2},
+		// only cmd
+		&container.Config{Cmd: cmd1}: {Cmd: cmd2},
+		// not the same number of parts
+		&container.Config{Cmd: cmd1}: {Cmd: cmd3},
+		// only labels
+		&container.Config{Labels: labels1}: {Labels: labels2},
+		// not the same number of labels
+		&container.Config{Labels: labels1}: {Labels: labels3},
+		// only exposedPorts
+		&container.Config{ExposedPorts: ports1}: {ExposedPorts: ports2},
+		// not the same number of ports
+		&container.Config{ExposedPorts: ports1}: {ExposedPorts: ports3},
+		// only entrypoints
+		&container.Config{Entrypoint: entrypoint1}: {Entrypoint: entrypoint2},
+		// not the same number of parts
+		&container.Config{Entrypoint: entrypoint1}: {Entrypoint: entrypoint3},
+		// only volumes
+		&container.Config{Volumes: volumes1}: {Volumes: volumes2},
+		// not the same number of labels
+		&container.Config{Volumes: volumes1}: {Volumes: volumes3},
+	}
+	for config1, config2 := range sameConfigs {
+		if !Compare(config1, config2) {
+			t.Fatalf("Compare should be true for [%v] and [%v]", config1, config2)
+		}
+	}
+	for config1, config2 := range differentConfigs {
+		if Compare(config1, config2) {
+			t.Fatalf("Compare should be false for [%v] and [%v]", config1, config2)
+		}
+	}
+}
diff --git a/runconfig/config.go b/runconfig/config.go
new file mode 100644
index 00000000..9f3f9c5e
--- /dev/null
+++ b/runconfig/config.go
@@ -0,0 +1,71 @@
+package runconfig
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+
+	"github.com/docker/docker/volume"
+	"github.com/docker/engine-api/types/container"
+	networktypes "github.com/docker/engine-api/types/network"
+)
+
+// DecodeContainerConfig decodes a json encoded config into a ContainerConfigWrapper
+// struct and returns both a Config and an HostConfig struct
+// Be aware this function is not checking whether the resulted structs are nil,
+// it's your business to do so
+func DecodeContainerConfig(src io.Reader) (*container.Config, *container.HostConfig, *networktypes.NetworkingConfig, error) {
+	var w ContainerConfigWrapper
+
+	decoder := json.NewDecoder(src)
+	if err := decoder.Decode(&w); err != nil {
+		return nil, nil, nil, err
+	}
+
+	hc := w.getHostConfig()
+
+	// Perform platform-specific processing of Volumes and Binds.
+	if w.Config != nil && hc != nil {
+
+		// Initialize the volumes map if currently nil
+		if w.Config.Volumes == nil {
+			w.Config.Volumes = make(map[string]struct{})
+		}
+
+		// Now validate all the volumes and binds
+		if err := validateVolumesAndBindSettings(w.Config, hc); err != nil {
+			return nil, nil, nil, err
+		}
+	}
+
+	// Certain parameters need daemon-side validation that cannot be done
+	// on the client, as only the daemon knows what is valid for the platform.
+	if err := ValidateNetMode(w.Config, hc); err != nil {
+		return nil, nil, nil, err
+	}
+
+	// Validate isolation
+	if err := ValidateIsolation(hc); err != nil {
+		return nil, nil, nil, err
+	}
+	return w.Config, hc, w.NetworkingConfig, nil
+}
+
+// validateVolumesAndBindSettings validates each of the volumes and bind settings
+// passed by the caller to ensure they are valid.
+func validateVolumesAndBindSettings(c *container.Config, hc *container.HostConfig) error {
+
+	// Ensure all volumes and binds are valid.
+	for spec := range c.Volumes {
+		if _, err := volume.ParseMountSpec(spec, hc.VolumeDriver); err != nil {
+			return fmt.Errorf("Invalid volume spec %q: %v", spec, err)
+		}
+	}
+	for _, spec := range hc.Binds {
+		if _, err := volume.ParseMountSpec(spec, hc.VolumeDriver); err != nil {
+			return fmt.Errorf("Invalid bind mount spec %q: %v", spec, err)
+		}
+	}
+
+	return nil
+}
diff --git a/runconfig/config_test.go b/runconfig/config_test.go
new file mode 100644
index 00000000..5804b12d
--- /dev/null
+++ b/runconfig/config_test.go
@@ -0,0 +1,134 @@
+package runconfig
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"runtime"
+	"strings"
+	"testing"
+
+	"github.com/docker/engine-api/types/container"
+	networktypes "github.com/docker/engine-api/types/network"
+	"github.com/docker/engine-api/types/strslice"
+)
+
+type f struct {
+	file       string
+	entrypoint strslice.StrSlice
+}
+
+func TestDecodeContainerConfig(t *testing.T) {
+
+	var (
+		fixtures []f
+		image    string
+	)
+
+	if runtime.GOOS != "windows" {
+		image = "ubuntu"
+		fixtures = []f{
+			{"fixtures/unix/container_config_1_14.json", strslice.StrSlice{}},
+			{"fixtures/unix/container_config_1_17.json", strslice.StrSlice{"bash"}},
+			{"fixtures/unix/container_config_1_19.json", strslice.StrSlice{"bash"}},
+		}
+	} else {
+		image = "windows"
+		fixtures = []f{
+			{"fixtures/windows/container_config_1_19.json", strslice.StrSlice{"cmd"}},
+		}
+	}
+
+	for _, f := range fixtures {
+		b, err := ioutil.ReadFile(f.file)
+		if err != nil {
+			t.Fatal(err)
+		}
+
+		c, h, _, err := DecodeContainerConfig(bytes.NewReader(b))
+		if err != nil {
+			t.Fatal(fmt.Errorf("Error parsing %s: %v", f, err))
+		}
+
+		if c.Image != image {
+			t.Fatalf("Expected %s image, found %s\n", image, c.Image)
+		}
+
+		if len(c.Entrypoint) != len(f.entrypoint) {
+			t.Fatalf("Expected %v, found %v\n", f.entrypoint, c.Entrypoint)
+		}
+
+		if h != nil && h.Memory != 1000 {
+			t.Fatalf("Expected memory to be 1000, found %d\n", h.Memory)
+		}
+	}
+}
+
+// TestDecodeContainerConfigIsolation validates isolation passed
+// to the daemon in the hostConfig structure. Note this is platform specific
+// as to what level of container isolation is supported.
+func TestDecodeContainerConfigIsolation(t *testing.T) {
+
+	// An invalid isolation level
+	if _, _, _, err := callDecodeContainerConfigIsolation("invalid"); err != nil {
+		if !strings.Contains(err.Error(), `invalid --isolation: "invalid"`) {
+			t.Fatal(err)
+		}
+	}
+
+	// Blank isolation (== default)
+	if _, _, _, err := callDecodeContainerConfigIsolation(""); err != nil {
+		t.Fatal("Blank isolation should have succeeded")
+	}
+
+	// Default isolation
+	if _, _, _, err := callDecodeContainerConfigIsolation("default"); err != nil {
+		t.Fatal("default isolation should have succeeded")
+	}
+
+	// Process isolation (Valid on Windows only)
+	if runtime.GOOS == "windows" {
+		if _, _, _, err := callDecodeContainerConfigIsolation("process"); err != nil {
+			t.Fatal("process isolation should have succeeded")
+		}
+	} else {
+		if _, _, _, err := callDecodeContainerConfigIsolation("process"); err != nil {
+			if !strings.Contains(err.Error(), `invalid --isolation: "process"`) {
+				t.Fatal(err)
+			}
+		}
+	}
+
+	// Hyper-V Containers isolation (Valid on Windows only)
+	if runtime.GOOS == "windows" {
+		if _, _, _, err := callDecodeContainerConfigIsolation("hyperv"); err != nil {
+			t.Fatal("hyperv isolation should have succeeded")
+		}
+	} else {
+		if _, _, _, err := callDecodeContainerConfigIsolation("hyperv"); err != nil {
+			if !strings.Contains(err.Error(), `invalid --isolation: "hyperv"`) {
+				t.Fatal(err)
+			}
+		}
+	}
+}
+
+// callDecodeContainerConfigIsolation is a utility function to call
+// DecodeContainerConfig for validating isolation
+func callDecodeContainerConfigIsolation(isolation string) (*container.Config, *container.HostConfig, *networktypes.NetworkingConfig, error) {
+	var (
+		b   []byte
+		err error
+	)
+	w := ContainerConfigWrapper{
+		Config: &container.Config{},
+		HostConfig: &container.HostConfig{
+			NetworkMode: "none",
+			Isolation:   container.Isolation(isolation)},
+	}
+	if b, err = json.Marshal(w); err != nil {
+		return nil, nil, nil, fmt.Errorf("Error on marshal %s", err.Error())
+	}
+	return DecodeContainerConfig(bytes.NewReader(b))
+}
diff --git a/runconfig/config_unix.go b/runconfig/config_unix.go
new file mode 100644
index 00000000..e5902fb0
--- /dev/null
+++ b/runconfig/config_unix.go
@@ -0,0 +1,59 @@
+// +build !windows
+
+package runconfig
+
+import (
+	"github.com/docker/engine-api/types/container"
+	networktypes "github.com/docker/engine-api/types/network"
+)
+
+// ContainerConfigWrapper is a Config wrapper that holds the container Config (portable)
+// and the corresponding HostConfig (non-portable).
+type ContainerConfigWrapper struct {
+	*container.Config
+	InnerHostConfig       *container.HostConfig          `json:"HostConfig,omitempty"`
+	Cpuset                string                         `json:",omitempty"` // Deprecated. Exported for backwards compatibility.
+	NetworkingConfig      *networktypes.NetworkingConfig `json:"NetworkingConfig,omitempty"`
+	*container.HostConfig                                // Deprecated. Exported to read attributes from json that are not in the inner host config structure.
+}
+
+// getHostConfig gets the HostConfig of the Config.
+// It's mostly there to handle Deprecated fields of the ContainerConfigWrapper
+func (w *ContainerConfigWrapper) getHostConfig() *container.HostConfig {
+	hc := w.HostConfig
+
+	if hc == nil && w.InnerHostConfig != nil {
+		hc = w.InnerHostConfig
+	} else if w.InnerHostConfig != nil {
+		if hc.Memory != 0 && w.InnerHostConfig.Memory == 0 {
+			w.InnerHostConfig.Memory = hc.Memory
+		}
+		if hc.MemorySwap != 0 && w.InnerHostConfig.MemorySwap == 0 {
+			w.InnerHostConfig.MemorySwap = hc.MemorySwap
+		}
+		if hc.CPUShares != 0 && w.InnerHostConfig.CPUShares == 0 {
+			w.InnerHostConfig.CPUShares = hc.CPUShares
+		}
+		if hc.CpusetCpus != "" && w.InnerHostConfig.CpusetCpus == "" {
+			w.InnerHostConfig.CpusetCpus = hc.CpusetCpus
+		}
+
+		if hc.VolumeDriver != "" && w.InnerHostConfig.VolumeDriver == "" {
+			w.InnerHostConfig.VolumeDriver = hc.VolumeDriver
+		}
+
+		hc = w.InnerHostConfig
+	}
+
+	if hc != nil {
+		if w.Cpuset != "" && hc.CpusetCpus == "" {
+			hc.CpusetCpus = w.Cpuset
+		}
+	}
+
+	// Make sure NetworkMode has an acceptable value. We do this to ensure
+	// backwards compatible API behavior.
+	hc = SetDefaultNetModeIfBlank(hc)
+
+	return hc
+}
diff --git a/runconfig/config_windows.go b/runconfig/config_windows.go
new file mode 100644
index 00000000..50a52380
--- /dev/null
+++ b/runconfig/config_windows.go
@@ -0,0 +1,19 @@
+package runconfig
+
+import (
+	"github.com/docker/engine-api/types/container"
+	networktypes "github.com/docker/engine-api/types/network"
+)
+
+// ContainerConfigWrapper is a Config wrapper that holds the container Config (portable)
+// and the corresponding HostConfig (non-portable).
+type ContainerConfigWrapper struct {
+	*container.Config
+	HostConfig       *container.HostConfig          `json:"HostConfig,omitempty"`
+	NetworkingConfig *networktypes.NetworkingConfig `json:"NetworkingConfig,omitempty"`
+}
+
+// getHostConfig gets the HostConfig of the Config.
+func (w *ContainerConfigWrapper) getHostConfig() *container.HostConfig {
+	return w.HostConfig
+}
diff --git a/runconfig/errors.go b/runconfig/errors.go
new file mode 100644
index 00000000..d3608576
--- /dev/null
+++ b/runconfig/errors.go
@@ -0,0 +1,40 @@
+package runconfig
+
+import (
+	"fmt"
+)
+
+var (
+	// ErrConflictContainerNetworkAndLinks conflict between --net=container and links
+	ErrConflictContainerNetworkAndLinks = fmt.Errorf("Conflicting options: container type network can't be used with links. This would result in undefined behavior")
+	// ErrConflictUserDefinedNetworkAndLinks conflict between --net=<NETWORK> and links
+	ErrConflictUserDefinedNetworkAndLinks = fmt.Errorf("Conflicting options: networking can't be used with links. This would result in undefined behavior")
+	// ErrConflictSharedNetwork conflict between private and other networks
+	ErrConflictSharedNetwork = fmt.Errorf("Container sharing network namespace with another container or host cannot be connected to any other network")
+	// ErrConflictHostNetwork conflict from being disconnected from host network or connected to host network.
+	ErrConflictHostNetwork = fmt.Errorf("Container cannot be disconnected from host network or connected to host network")
+	// ErrConflictNoNetwork conflict between private and other networks
+	ErrConflictNoNetwork = fmt.Errorf("Container cannot be connected to multiple networks with one of the networks in private (none) mode")
+	// ErrConflictNetworkAndDNS conflict between --dns and the network mode
+	ErrConflictNetworkAndDNS = fmt.Errorf("Conflicting options: dns and the network mode")
+	// ErrConflictNetworkHostname conflict between the hostname and the network mode
+	ErrConflictNetworkHostname = fmt.Errorf("Conflicting options: hostname and the network mode")
+	// ErrConflictHostNetworkAndLinks conflict between --net=host and links
+	ErrConflictHostNetworkAndLinks = fmt.Errorf("Conflicting options: host type networking can't be used with links. This would result in undefined behavior")
+	// ErrConflictContainerNetworkAndMac conflict between the mac address and the network mode
+	ErrConflictContainerNetworkAndMac = fmt.Errorf("Conflicting options: mac-address and the network mode")
+	// ErrConflictNetworkHosts conflict between add-host and the network mode
+	ErrConflictNetworkHosts = fmt.Errorf("Conflicting options: custom host-to-IP mapping and the network mode")
+	// ErrConflictNetworkPublishPorts conflict between the publish options and the network mode
+	ErrConflictNetworkPublishPorts = fmt.Errorf("Conflicting options: port publishing and the container type network mode")
+	// ErrConflictNetworkExposePorts conflict between the expose option and the network mode
+	ErrConflictNetworkExposePorts = fmt.Errorf("Conflicting options: port exposing and the container type network mode")
+	// ErrUnsupportedNetworkAndIP conflict between network mode and requested ip address
+	ErrUnsupportedNetworkAndIP = fmt.Errorf("User specified IP address is supported on user defined networks only")
+	// ErrUnsupportedNetworkNoSubnetAndIP conflict between network with no configured subnet and requested ip address
+	ErrUnsupportedNetworkNoSubnetAndIP = fmt.Errorf("User specified IP address is supported only when connecting to networks with user configured subnets")
+	// ErrUnsupportedNetworkAndAlias conflict between network mode and alias
+	ErrUnsupportedNetworkAndAlias = fmt.Errorf("Network-scoped alias is supported only for containers in user defined networks")
+	// ErrConflictUTSHostname conflict between the hostname and the UTS mode
+	ErrConflictUTSHostname = fmt.Errorf("Conflicting options: hostname and the UTS mode")
+)
diff --git a/runconfig/fixtures/unix/container_config_1_14.json b/runconfig/fixtures/unix/container_config_1_14.json
new file mode 100644
index 00000000..b08334c0
--- /dev/null
+++ b/runconfig/fixtures/unix/container_config_1_14.json
@@ -0,0 +1,30 @@
+{
+     "Hostname":"",
+     "Domainname": "",
+     "User":"",
+     "Memory": 1000,
+     "MemorySwap":0,
+     "CpuShares": 512,
+     "Cpuset": "0,1",
+     "AttachStdin":false,
+     "AttachStdout":true,
+     "AttachStderr":true,
+     "PortSpecs":null,
+     "Tty":false,
+     "OpenStdin":false,
+     "StdinOnce":false,
+     "Env":null,
+     "Cmd":[
+             "bash"
+     ],
+     "Image":"ubuntu",
+     "Volumes":{
+             "/tmp": {}
+     },
+     "WorkingDir":"",
+     "NetworkDisabled": false,
+     "ExposedPorts":{
+             "22/tcp": {}
+     },
+     "RestartPolicy": { "Name": "always" }
+}
diff --git a/runconfig/fixtures/unix/container_config_1_17.json b/runconfig/fixtures/unix/container_config_1_17.json
new file mode 100644
index 00000000..0d780877
--- /dev/null
+++ b/runconfig/fixtures/unix/container_config_1_17.json
@@ -0,0 +1,50 @@
+{
+     "Hostname": "",
+     "Domainname": "",
+     "User": "",
+     "Memory": 1000,
+     "MemorySwap": 0,
+     "CpuShares": 512,
+     "Cpuset": "0,1",
+     "AttachStdin": false,
+     "AttachStdout": true,
+     "AttachStderr": true,
+     "Tty": false,
+     "OpenStdin": false,
+     "StdinOnce": false,
+     "Env": null,
+     "Cmd": [
+             "date"
+     ],
+     "Entrypoint": "bash",
+     "Image": "ubuntu",
+     "Volumes": {
+             "/tmp": {}
+     },
+     "WorkingDir": "",
+     "NetworkDisabled": false,
+     "MacAddress": "12:34:56:78:9a:bc",
+     "ExposedPorts": {
+             "22/tcp": {}
+     },
+     "SecurityOpt": [""],
+     "HostConfig": {
+       "Binds": ["/tmp:/tmp"],
+       "Links": ["redis3:redis"],
+       "LxcConf": {"lxc.utsname":"docker"},
+       "PortBindings": { "22/tcp": [{ "HostPort": "11022" }] },
+       "PublishAllPorts": false,
+       "Privileged": false,
+       "ReadonlyRootfs": false,
+       "Dns": ["8.8.8.8"],
+       "DnsSearch": [""],
+       "DnsOptions": [""],
+       "ExtraHosts": null,
+       "VolumesFrom": ["parent", "other:ro"],
+       "CapAdd": ["NET_ADMIN"],
+       "CapDrop": ["MKNOD"],
+       "RestartPolicy": { "Name": "", "MaximumRetryCount": 0 },
+       "NetworkMode": "bridge",
+       "Devices": []
+    }
+}
diff --git a/runconfig/fixtures/unix/container_config_1_19.json b/runconfig/fixtures/unix/container_config_1_19.json
new file mode 100644
index 00000000..de49cf32
--- /dev/null
+++ b/runconfig/fixtures/unix/container_config_1_19.json
@@ -0,0 +1,58 @@
+{
+     "Hostname": "",
+     "Domainname": "",
+     "User": "",
+     "AttachStdin": false,
+     "AttachStdout": true,
+     "AttachStderr": true,
+     "Tty": false,
+     "OpenStdin": false,
+     "StdinOnce": false,
+     "Env": null,
+     "Cmd": [
+             "date"
+     ],
+     "Entrypoint": "bash",
+     "Image": "ubuntu",
+     "Labels": {
+             "com.example.vendor": "Acme",
+             "com.example.license": "GPL",
+             "com.example.version": "1.0"
+     },
+     "Volumes": {
+             "/tmp": {}
+     },
+     "WorkingDir": "",
+     "NetworkDisabled": false,
+     "MacAddress": "12:34:56:78:9a:bc",
+     "ExposedPorts": {
+             "22/tcp": {}
+     },
+     "HostConfig": {
+       "Binds": ["/tmp:/tmp"],
+       "Links": ["redis3:redis"],
+       "LxcConf": {"lxc.utsname":"docker"},
+       "Memory": 1000,
+       "MemorySwap": 0,
+       "CpuShares": 512,
+       "CpusetCpus": "0,1",
+       "PortBindings": { "22/tcp": [{ "HostPort": "11022" }] },
+       "PublishAllPorts": false,
+       "Privileged": false,
+       "ReadonlyRootfs": false,
+       "Dns": ["8.8.8.8"],
+       "DnsSearch": [""],
+       "DnsOptions": [""],
+       "ExtraHosts": null,
+       "VolumesFrom": ["parent", "other:ro"],
+       "CapAdd": ["NET_ADMIN"],
+       "CapDrop": ["MKNOD"],
+       "RestartPolicy": { "Name": "", "MaximumRetryCount": 0 },
+       "NetworkMode": "bridge",
+       "Devices": [],
+       "Ulimits": [{}],
+       "LogConfig": { "Type": "json-file", "Config": {} },
+       "SecurityOpt": [""],
+       "CgroupParent": ""
+    }
+}
diff --git a/runconfig/fixtures/unix/container_hostconfig_1_14.json b/runconfig/fixtures/unix/container_hostconfig_1_14.json
new file mode 100644
index 00000000..c72ac91c
--- /dev/null
+++ b/runconfig/fixtures/unix/container_hostconfig_1_14.json
@@ -0,0 +1,18 @@
+{
+    "Binds": ["/tmp:/tmp"],
+    "ContainerIDFile": "",
+    "LxcConf": [],
+    "Privileged": false,
+    "PortBindings": {
+        "80/tcp": [
+            {
+                "HostIp": "0.0.0.0",
+                "HostPort": "49153"
+            }
+        ]
+    },
+    "Links": ["/name:alias"],
+    "PublishAllPorts": false,
+    "CapAdd": ["NET_ADMIN"],
+    "CapDrop": ["MKNOD"]
+}
diff --git a/runconfig/fixtures/unix/container_hostconfig_1_19.json b/runconfig/fixtures/unix/container_hostconfig_1_19.json
new file mode 100644
index 00000000..5ca8aa7e
--- /dev/null
+++ b/runconfig/fixtures/unix/container_hostconfig_1_19.json
@@ -0,0 +1,30 @@
+{
+    "Binds": ["/tmp:/tmp"],
+    "Links": ["redis3:redis"],
+    "LxcConf": {"lxc.utsname":"docker"},
+    "Memory": 0,
+    "MemorySwap": 0,
+    "CpuShares": 512,
+    "CpuPeriod": 100000,
+    "CpusetCpus": "0,1",
+    "CpusetMems": "0,1",
+    "BlkioWeight": 300,
+    "OomKillDisable": false,
+    "PortBindings": { "22/tcp": [{ "HostPort": "11022" }] },
+    "PublishAllPorts": false,
+    "Privileged": false,
+    "ReadonlyRootfs": false,
+    "Dns": ["8.8.8.8"],
+    "DnsSearch": [""],
+    "ExtraHosts": null,
+    "VolumesFrom": ["parent", "other:ro"],
+    "CapAdd": ["NET_ADMIN"],
+    "CapDrop": ["MKNOD"],
+    "RestartPolicy": { "Name": "", "MaximumRetryCount": 0 },
+    "NetworkMode": "bridge",
+    "Devices": [],
+    "Ulimits": [{}],
+    "LogConfig": { "Type": "json-file", "Config": {} },
+    "SecurityOpt": [""],
+    "CgroupParent": ""
+}
diff --git a/runconfig/fixtures/windows/container_config_1_19.json b/runconfig/fixtures/windows/container_config_1_19.json
new file mode 100644
index 00000000..724320c7
--- /dev/null
+++ b/runconfig/fixtures/windows/container_config_1_19.json
@@ -0,0 +1,58 @@
+{
+     "Hostname": "",
+     "Domainname": "",
+     "User": "",
+     "AttachStdin": false,
+     "AttachStdout": true,
+     "AttachStderr": true,
+     "Tty": false,
+     "OpenStdin": false,
+     "StdinOnce": false,
+     "Env": null,
+     "Cmd": [
+             "date"
+     ],
+     "Entrypoint": "cmd",
+     "Image": "windows",
+     "Labels": {
+             "com.example.vendor": "Acme",
+             "com.example.license": "GPL",
+             "com.example.version": "1.0"
+     },
+     "Volumes": {
+             "c:/windows": {}
+     },
+     "WorkingDir": "",
+     "NetworkDisabled": false,
+     "MacAddress": "12:34:56:78:9a:bc",
+     "ExposedPorts": {
+             "22/tcp": {}
+     },
+     "HostConfig": {
+       "Binds": ["c:/windows:d:/tmp"],
+       "Links": ["redis3:redis"],
+       "LxcConf": {"lxc.utsname":"docker"},
+       "Memory": 1000,
+       "MemorySwap": 0,
+       "CpuShares": 512,
+       "CpusetCpus": "0,1",
+       "PortBindings": { "22/tcp": [{ "HostPort": "11022" }] },
+       "PublishAllPorts": false,
+       "Privileged": false,
+       "ReadonlyRootfs": false,
+       "Dns": ["8.8.8.8"],
+       "DnsSearch": [""],
+       "DnsOptions": [""],
+       "ExtraHosts": null,
+       "VolumesFrom": ["parent", "other:ro"],
+       "CapAdd": ["NET_ADMIN"],
+       "CapDrop": ["MKNOD"],
+       "RestartPolicy": { "Name": "", "MaximumRetryCount": 0 },
+       "NetworkMode": "default",
+       "Devices": [],
+       "Ulimits": [{}],
+       "LogConfig": { "Type": "json-file", "Config": {} },
+       "SecurityOpt": [""],
+       "CgroupParent": ""
+    }
+}
diff --git a/runconfig/hostconfig.go b/runconfig/hostconfig.go
new file mode 100644
index 00000000..769cc9f5
--- /dev/null
+++ b/runconfig/hostconfig.go
@@ -0,0 +1,35 @@
+package runconfig
+
+import (
+	"encoding/json"
+	"io"
+
+	"github.com/docker/engine-api/types/container"
+)
+
+// DecodeHostConfig creates a HostConfig based on the specified Reader.
+// It assumes the content of the reader will be JSON, and decodes it.
+func DecodeHostConfig(src io.Reader) (*container.HostConfig, error) {
+	decoder := json.NewDecoder(src)
+
+	var w ContainerConfigWrapper
+	if err := decoder.Decode(&w); err != nil {
+		return nil, err
+	}
+
+	hc := w.getHostConfig()
+	return hc, nil
+}
+
+// SetDefaultNetModeIfBlank changes the NetworkMode in a HostConfig structure
+// to default if it is not populated. This ensures backwards compatibility after
+// the validation of the network mode was moved from the docker CLI to the
+// docker daemon.
+func SetDefaultNetModeIfBlank(hc *container.HostConfig) *container.HostConfig {
+	if hc != nil {
+		if hc.NetworkMode == container.NetworkMode("") {
+			hc.NetworkMode = container.NetworkMode("default")
+		}
+	}
+	return hc
+}
diff --git a/runconfig/hostconfig_test.go b/runconfig/hostconfig_test.go
new file mode 100644
index 00000000..e14443ba
--- /dev/null
+++ b/runconfig/hostconfig_test.go
@@ -0,0 +1,222 @@
+// +build !windows
+
+package runconfig
+
+import (
+	"bytes"
+	"fmt"
+	"io/ioutil"
+	"testing"
+
+	"github.com/docker/engine-api/types/container"
+)
+
+// TODO Windows: This will need addressing for a Windows daemon.
+func TestNetworkModeTest(t *testing.T) {
+	networkModes := map[container.NetworkMode][]bool{
+		// private, bridge, host, container, none, default
+		"":                         {true, false, false, false, false, false},
+		"something:weird":          {true, false, false, false, false, false},
+		"bridge":                   {true, true, false, false, false, false},
+		DefaultDaemonNetworkMode(): {true, true, false, false, false, false},
+		"host":           {false, false, true, false, false, false},
+		"container:name": {false, false, false, true, false, false},
+		"none":           {true, false, false, false, true, false},
+		"default":        {true, false, false, false, false, true},
+	}
+	networkModeNames := map[container.NetworkMode]string{
+		"":                         "",
+		"something:weird":          "something:weird",
+		"bridge":                   "bridge",
+		DefaultDaemonNetworkMode(): "bridge",
+		"host":           "host",
+		"container:name": "container",
+		"none":           "none",
+		"default":        "default",
+	}
+	for networkMode, state := range networkModes {
+		if networkMode.IsPrivate() != state[0] {
+			t.Fatalf("NetworkMode.IsPrivate for %v should have been %v but was %v", networkMode, state[0], networkMode.IsPrivate())
+		}
+		if networkMode.IsBridge() != state[1] {
+			t.Fatalf("NetworkMode.IsBridge for %v should have been %v but was %v", networkMode, state[1], networkMode.IsBridge())
+		}
+		if networkMode.IsHost() != state[2] {
+			t.Fatalf("NetworkMode.IsHost for %v should have been %v but was %v", networkMode, state[2], networkMode.IsHost())
+		}
+		if networkMode.IsContainer() != state[3] {
+			t.Fatalf("NetworkMode.IsContainer for %v should have been %v but was %v", networkMode, state[3], networkMode.IsContainer())
+		}
+		if networkMode.IsNone() != state[4] {
+			t.Fatalf("NetworkMode.IsNone for %v should have been %v but was %v", networkMode, state[4], networkMode.IsNone())
+		}
+		if networkMode.IsDefault() != state[5] {
+			t.Fatalf("NetworkMode.IsDefault for %v should have been %v but was %v", networkMode, state[5], networkMode.IsDefault())
+		}
+		if networkMode.NetworkName() != networkModeNames[networkMode] {
+			t.Fatalf("Expected name %v, got %v", networkModeNames[networkMode], networkMode.NetworkName())
+		}
+	}
+}
+
+func TestIpcModeTest(t *testing.T) {
+	ipcModes := map[container.IpcMode][]bool{
+		// private, host, container, valid
+		"":                         {true, false, false, true},
+		"something:weird":          {true, false, false, false},
+		":weird":                   {true, false, false, true},
+		"host":                     {false, true, false, true},
+		"container:name":           {false, false, true, true},
+		"container:name:something": {false, false, true, false},
+		"container:":               {false, false, true, false},
+	}
+	for ipcMode, state := range ipcModes {
+		if ipcMode.IsPrivate() != state[0] {
+			t.Fatalf("IpcMode.IsPrivate for %v should have been %v but was %v", ipcMode, state[0], ipcMode.IsPrivate())
+		}
+		if ipcMode.IsHost() != state[1] {
+			t.Fatalf("IpcMode.IsHost for %v should have been %v but was %v", ipcMode, state[1], ipcMode.IsHost())
+		}
+		if ipcMode.IsContainer() != state[2] {
+			t.Fatalf("IpcMode.IsContainer for %v should have been %v but was %v", ipcMode, state[2], ipcMode.IsContainer())
+		}
+		if ipcMode.Valid() != state[3] {
+			t.Fatalf("IpcMode.Valid for %v should have been %v but was %v", ipcMode, state[3], ipcMode.Valid())
+		}
+	}
+	containerIpcModes := map[container.IpcMode]string{
+		"":                      "",
+		"something":             "",
+		"something:weird":       "weird",
+		"container":             "",
+		"container:":            "",
+		"container:name":        "name",
+		"container:name1:name2": "name1:name2",
+	}
+	for ipcMode, container := range containerIpcModes {
+		if ipcMode.Container() != container {
+			t.Fatalf("Expected %v for %v but was %v", container, ipcMode, ipcMode.Container())
+		}
+	}
+}
+
+func TestUTSModeTest(t *testing.T) {
+	utsModes := map[container.UTSMode][]bool{
+		// private, host, valid
+		"":                {true, false, true},
+		"something:weird": {true, false, false},
+		"host":            {false, true, true},
+		"host:name":       {true, false, true},
+	}
+	for utsMode, state := range utsModes {
+		if utsMode.IsPrivate() != state[0] {
+			t.Fatalf("UtsMode.IsPrivate for %v should have been %v but was %v", utsMode, state[0], utsMode.IsPrivate())
+		}
+		if utsMode.IsHost() != state[1] {
+			t.Fatalf("UtsMode.IsHost for %v should have been %v but was %v", utsMode, state[1], utsMode.IsHost())
+		}
+		if utsMode.Valid() != state[2] {
+			t.Fatalf("UtsMode.Valid for %v should have been %v but was %v", utsMode, state[2], utsMode.Valid())
+		}
+	}
+}
+
+func TestUsernsModeTest(t *testing.T) {
+	usrensMode := map[container.UsernsMode][]bool{
+		// private, host, valid
+		"":                {true, false, true},
+		"something:weird": {true, false, false},
+		"host":            {false, true, true},
+		"host:name":       {true, false, true},
+	}
+	for usernsMode, state := range usrensMode {
+		if usernsMode.IsPrivate() != state[0] {
+			t.Fatalf("UsernsMode.IsPrivate for %v should have been %v but was %v", usernsMode, state[0], usernsMode.IsPrivate())
+		}
+		if usernsMode.IsHost() != state[1] {
+			t.Fatalf("UsernsMode.IsHost for %v should have been %v but was %v", usernsMode, state[1], usernsMode.IsHost())
+		}
+		if usernsMode.Valid() != state[2] {
+			t.Fatalf("UsernsMode.Valid for %v should have been %v but was %v", usernsMode, state[2], usernsMode.Valid())
+		}
+	}
+}
+
+func TestPidModeTest(t *testing.T) {
+	pidModes := map[container.PidMode][]bool{
+		// private, host, valid
+		"":                {true, false, true},
+		"something:weird": {true, false, false},
+		"host":            {false, true, true},
+		"host:name":       {true, false, true},
+	}
+	for pidMode, state := range pidModes {
+		if pidMode.IsPrivate() != state[0] {
+			t.Fatalf("PidMode.IsPrivate for %v should have been %v but was %v", pidMode, state[0], pidMode.IsPrivate())
+		}
+		if pidMode.IsHost() != state[1] {
+			t.Fatalf("PidMode.IsHost for %v should have been %v but was %v", pidMode, state[1], pidMode.IsHost())
+		}
+		if pidMode.Valid() != state[2] {
+			t.Fatalf("PidMode.Valid for %v should have been %v but was %v", pidMode, state[2], pidMode.Valid())
+		}
+	}
+}
+
+func TestRestartPolicy(t *testing.T) {
+	restartPolicies := map[container.RestartPolicy][]bool{
+		// none, always, failure
+		container.RestartPolicy{}:                {false, false, false},
+		container.RestartPolicy{"something", 0}:  {false, false, false},
+		container.RestartPolicy{"no", 0}:         {true, false, false},
+		container.RestartPolicy{"always", 0}:     {false, true, false},
+		container.RestartPolicy{"on-failure", 0}: {false, false, true},
+	}
+	for restartPolicy, state := range restartPolicies {
+		if restartPolicy.IsNone() != state[0] {
+			t.Fatalf("RestartPolicy.IsNone for %v should have been %v but was %v", restartPolicy, state[0], restartPolicy.IsNone())
+		}
+		if restartPolicy.IsAlways() != state[1] {
+			t.Fatalf("RestartPolicy.IsAlways for %v should have been %v but was %v", restartPolicy, state[1], restartPolicy.IsAlways())
+		}
+		if restartPolicy.IsOnFailure() != state[2] {
+			t.Fatalf("RestartPolicy.IsOnFailure for %v should have been %v but was %v", restartPolicy, state[2], restartPolicy.IsOnFailure())
+		}
+	}
+}
+func TestDecodeHostConfig(t *testing.T) {
+	fixtures := []struct {
+		file string
+	}{
+		{"fixtures/unix/container_hostconfig_1_14.json"},
+		{"fixtures/unix/container_hostconfig_1_19.json"},
+	}
+
+	for _, f := range fixtures {
+		b, err := ioutil.ReadFile(f.file)
+		if err != nil {
+			t.Fatal(err)
+		}
+
+		c, err := DecodeHostConfig(bytes.NewReader(b))
+		if err != nil {
+			t.Fatal(fmt.Errorf("Error parsing %s: %v", f, err))
+		}
+
+		if c.Privileged != false {
+			t.Fatalf("Expected privileged false, found %v\n", c.Privileged)
+		}
+
+		if l := len(c.Binds); l != 1 {
+			t.Fatalf("Expected 1 bind, found %d\n", l)
+		}
+
+		if len(c.CapAdd) != 1 && c.CapAdd[0] != "NET_ADMIN" {
+			t.Fatalf("Expected CapAdd NET_ADMIN, got %v", c.CapAdd)
+		}
+
+		if len(c.CapDrop) != 1 && c.CapDrop[0] != "NET_ADMIN" {
+			t.Fatalf("Expected CapDrop MKNOD, got %v", c.CapDrop)
+		}
+	}
+}
diff --git a/runconfig/hostconfig_unix.go b/runconfig/hostconfig_unix.go
new file mode 100644
index 00000000..efc26112
--- /dev/null
+++ b/runconfig/hostconfig_unix.go
@@ -0,0 +1,89 @@
+// +build !windows
+
+package runconfig
+
+import (
+	"fmt"
+	"runtime"
+	"strings"
+
+	"github.com/docker/engine-api/types/container"
+)
+
+// DefaultDaemonNetworkMode returns the default network stack the daemon should
+// use.
+func DefaultDaemonNetworkMode() container.NetworkMode {
+	return container.NetworkMode("bridge")
+}
+
+// IsPreDefinedNetwork indicates if a network is predefined by the daemon
+func IsPreDefinedNetwork(network string) bool {
+	n := container.NetworkMode(network)
+	return n.IsBridge() || n.IsHost() || n.IsNone() || n.IsDefault()
+}
+
+// ValidateNetMode ensures that the various combinations of requested
+// network settings are valid.
+func ValidateNetMode(c *container.Config, hc *container.HostConfig) error {
+	// We may not be passed a host config, such as in the case of docker commit
+	if hc == nil {
+		return nil
+	}
+	parts := strings.Split(string(hc.NetworkMode), ":")
+	if parts[0] == "container" {
+		if len(parts) < 2 || parts[1] == "" {
+			return fmt.Errorf("--net: invalid net mode: invalid container format container:<name|id>")
+		}
+	}
+
+	if hc.NetworkMode.IsContainer() && c.Hostname != "" {
+		return ErrConflictNetworkHostname
+	}
+
+	if hc.UTSMode.IsHost() && c.Hostname != "" {
+		return ErrConflictUTSHostname
+	}
+
+	if hc.NetworkMode.IsHost() && len(hc.Links) > 0 {
+		return ErrConflictHostNetworkAndLinks
+	}
+
+	if hc.NetworkMode.IsContainer() && len(hc.Links) > 0 {
+		return ErrConflictContainerNetworkAndLinks
+	}
+
+	if (hc.NetworkMode.IsHost() || hc.NetworkMode.IsContainer()) && len(hc.DNS) > 0 {
+		return ErrConflictNetworkAndDNS
+	}
+
+	if (hc.NetworkMode.IsContainer() || hc.NetworkMode.IsHost()) && len(hc.ExtraHosts) > 0 {
+		return ErrConflictNetworkHosts
+	}
+
+	if (hc.NetworkMode.IsContainer() || hc.NetworkMode.IsHost()) && c.MacAddress != "" {
+		return ErrConflictContainerNetworkAndMac
+	}
+
+	if hc.NetworkMode.IsContainer() && (len(hc.PortBindings) > 0 || hc.PublishAllPorts == true) {
+		return ErrConflictNetworkPublishPorts
+	}
+
+	if hc.NetworkMode.IsContainer() && len(c.ExposedPorts) > 0 {
+		return ErrConflictNetworkExposePorts
+	}
+	return nil
+}
+
+// ValidateIsolation performs platform specific validation of
+// isolation in the hostconfig structure. Linux only supports "default"
+// which is LXC container isolation
+func ValidateIsolation(hc *container.HostConfig) error {
+	// We may not be passed a host config, such as in the case of docker commit
+	if hc == nil {
+		return nil
+	}
+	if !hc.Isolation.IsValid() {
+		return fmt.Errorf("invalid --isolation: %q - %s only supports 'default'", hc.Isolation, runtime.GOOS)
+	}
+	return nil
+}
diff --git a/runconfig/hostconfig_windows.go b/runconfig/hostconfig_windows.go
new file mode 100644
index 00000000..bab24e44
--- /dev/null
+++ b/runconfig/hostconfig_windows.go
@@ -0,0 +1,46 @@
+package runconfig
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/docker/engine-api/types/container"
+)
+
+// DefaultDaemonNetworkMode returns the default network stack the daemon should
+// use.
+func DefaultDaemonNetworkMode() container.NetworkMode {
+	return container.NetworkMode("nat")
+}
+
+// IsPreDefinedNetwork indicates if a network is predefined by the daemon
+func IsPreDefinedNetwork(network string) bool {
+	return !container.NetworkMode(network).IsUserDefined()
+}
+
+// ValidateNetMode ensures that the various combinations of requested
+// network settings are valid.
+func ValidateNetMode(c *container.Config, hc *container.HostConfig) error {
+	if hc == nil {
+		return nil
+	}
+	parts := strings.Split(string(hc.NetworkMode), ":")
+	if len(parts) > 1 {
+		return fmt.Errorf("invalid --net: %s", hc.NetworkMode)
+	}
+	return nil
+}
+
+// ValidateIsolation performs platform specific validation of the
+// isolation in the hostconfig structure. Windows supports 'default' (or
+// blank), 'process', or 'hyperv'.
+func ValidateIsolation(hc *container.HostConfig) error {
+	// We may not be passed a host config, such as in the case of docker commit
+	if hc == nil {
+		return nil
+	}
+	if !hc.Isolation.IsValid() {
+		return fmt.Errorf("invalid --isolation: %q. Windows supports 'default', 'process', or 'hyperv'", hc.Isolation)
+	}
+	return nil
+}
diff --git a/runconfig/opts/envfile.go b/runconfig/opts/envfile.go
new file mode 100644
index 00000000..ba8b4f20
--- /dev/null
+++ b/runconfig/opts/envfile.go
@@ -0,0 +1,67 @@
+package opts
+
+import (
+	"bufio"
+	"fmt"
+	"os"
+	"strings"
+)
+
+// ParseEnvFile reads a file with environment variables enumerated by lines
+//
+// ``Environment variable names used by the utilities in the Shell and
+// Utilities volume of IEEE Std 1003.1-2001 consist solely of uppercase
+// letters, digits, and the '_' (underscore) from the characters defined in
+// Portable Character Set and do not begin with a digit. *But*, other
+// characters may be permitted by an implementation; applications shall
+// tolerate the presence of such names.''
+// -- http://pubs.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap08.html
+//
+// As of #16585, it's up to application inside docker to validate or not
+// environment variables, that's why we just strip leading whitespace and
+// nothing more.
+func ParseEnvFile(filename string) ([]string, error) {
+	fh, err := os.Open(filename)
+	if err != nil {
+		return []string{}, err
+	}
+	defer fh.Close()
+
+	lines := []string{}
+	scanner := bufio.NewScanner(fh)
+	for scanner.Scan() {
+		// trim the line from all leading whitespace first
+		line := strings.TrimLeft(scanner.Text(), whiteSpaces)
+		// line is not empty, and not starting with '#'
+		if len(line) > 0 && !strings.HasPrefix(line, "#") {
+			data := strings.SplitN(line, "=", 2)
+
+			// trim the front of a variable, but nothing else
+			variable := strings.TrimLeft(data[0], whiteSpaces)
+			if strings.ContainsAny(variable, whiteSpaces) {
+				return []string{}, ErrBadEnvVariable{fmt.Sprintf("variable '%s' has white spaces", variable)}
+			}
+
+			if len(data) > 1 {
+
+				// pass the value through, no trimming
+				lines = append(lines, fmt.Sprintf("%s=%s", variable, data[1]))
+			} else {
+				// if only a pass-through variable is given, clean it up.
+				lines = append(lines, fmt.Sprintf("%s=%s", strings.TrimSpace(line), os.Getenv(line)))
+			}
+		}
+	}
+	return lines, scanner.Err()
+}
+
+var whiteSpaces = " \t"
+
+// ErrBadEnvVariable typed error for bad environment variable
+type ErrBadEnvVariable struct {
+	msg string
+}
+
+func (e ErrBadEnvVariable) Error() string {
+	return fmt.Sprintf("poorly formatted environment: %s", e.msg)
+}
diff --git a/runconfig/opts/envfile_test.go b/runconfig/opts/envfile_test.go
new file mode 100644
index 00000000..a2e2200f
--- /dev/null
+++ b/runconfig/opts/envfile_test.go
@@ -0,0 +1,142 @@
+package opts
+
+import (
+	"bufio"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"reflect"
+	"strings"
+	"testing"
+)
+
+func tmpFileWithContent(content string, t *testing.T) string {
+	tmpFile, err := ioutil.TempFile("", "envfile-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer tmpFile.Close()
+
+	tmpFile.WriteString(content)
+	return tmpFile.Name()
+}
+
+// Test ParseEnvFile for a file with a few well formatted lines
+func TestParseEnvFileGoodFile(t *testing.T) {
+	content := `foo=bar
+    baz=quux
+# comment
+
+_foobar=foobaz
+with.dots=working
+and_underscore=working too
+`
+	// Adding a newline + a line with pure whitespace.
+	// This is being done like this instead of the block above
+	// because it's common for editors to trim trailing whitespace
+	// from lines, which becomes annoying since that's the
+	// exact thing we need to test.
+	content += "\n    \t  "
+	tmpFile := tmpFileWithContent(content, t)
+	defer os.Remove(tmpFile)
+
+	lines, err := ParseEnvFile(tmpFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	expectedLines := []string{
+		"foo=bar",
+		"baz=quux",
+		"_foobar=foobaz",
+		"with.dots=working",
+		"and_underscore=working too",
+	}
+
+	if !reflect.DeepEqual(lines, expectedLines) {
+		t.Fatal("lines not equal to expected_lines")
+	}
+}
+
+// Test ParseEnvFile for an empty file
+func TestParseEnvFileEmptyFile(t *testing.T) {
+	tmpFile := tmpFileWithContent("", t)
+	defer os.Remove(tmpFile)
+
+	lines, err := ParseEnvFile(tmpFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(lines) != 0 {
+		t.Fatal("lines not empty; expected empty")
+	}
+}
+
+// Test ParseEnvFile for a non existent file
+func TestParseEnvFileNonExistentFile(t *testing.T) {
+	_, err := ParseEnvFile("foo_bar_baz")
+	if err == nil {
+		t.Fatal("ParseEnvFile succeeded; expected failure")
+	}
+	if _, ok := err.(*os.PathError); !ok {
+		t.Fatalf("Expected a PathError, got [%v]", err)
+	}
+}
+
+// Test ParseEnvFile for a badly formatted file
+func TestParseEnvFileBadlyFormattedFile(t *testing.T) {
+	content := `foo=bar
+    f   =quux
+`
+
+	tmpFile := tmpFileWithContent(content, t)
+	defer os.Remove(tmpFile)
+
+	_, err := ParseEnvFile(tmpFile)
+	if err == nil {
+		t.Fatalf("Expected a ErrBadEnvVariable, got nothing")
+	}
+	if _, ok := err.(ErrBadEnvVariable); !ok {
+		t.Fatalf("Expected a ErrBadEnvVariable, got [%v]", err)
+	}
+	expectedMessage := "poorly formatted environment: variable 'f   ' has white spaces"
+	if err.Error() != expectedMessage {
+		t.Fatalf("Expected [%v], got [%v]", expectedMessage, err.Error())
+	}
+}
+
+// Test ParseEnvFile for a file with a line exceeding bufio.MaxScanTokenSize
+func TestParseEnvFileLineTooLongFile(t *testing.T) {
+	content := strings.Repeat("a", bufio.MaxScanTokenSize+42)
+	content = fmt.Sprint("foo=", content)
+
+	tmpFile := tmpFileWithContent(content, t)
+	defer os.Remove(tmpFile)
+
+	_, err := ParseEnvFile(tmpFile)
+	if err == nil {
+		t.Fatal("ParseEnvFile succeeded; expected failure")
+	}
+}
+
+// ParseEnvFile with a random file, pass through
+func TestParseEnvFileRandomFile(t *testing.T) {
+	content := `first line
+another invalid line`
+	tmpFile := tmpFileWithContent(content, t)
+	defer os.Remove(tmpFile)
+
+	_, err := ParseEnvFile(tmpFile)
+
+	if err == nil {
+		t.Fatalf("Expected a ErrBadEnvVariable, got nothing")
+	}
+	if _, ok := err.(ErrBadEnvVariable); !ok {
+		t.Fatalf("Expected a ErrBadEnvvariable, got [%v]", err)
+	}
+	expectedMessage := "poorly formatted environment: variable 'first line' has white spaces"
+	if err.Error() != expectedMessage {
+		t.Fatalf("Expected [%v], got [%v]", expectedMessage, err.Error())
+	}
+}
diff --git a/runconfig/opts/fixtures/valid.env b/runconfig/opts/fixtures/valid.env
new file mode 100644
index 00000000..3afbdc81
--- /dev/null
+++ b/runconfig/opts/fixtures/valid.env
@@ -0,0 +1 @@
+ENV1=value1
diff --git a/runconfig/opts/fixtures/valid.label b/runconfig/opts/fixtures/valid.label
new file mode 100644
index 00000000..b4208bdf
--- /dev/null
+++ b/runconfig/opts/fixtures/valid.label
@@ -0,0 +1 @@
+LABEL1=value1
diff --git a/runconfig/opts/opts.go b/runconfig/opts/opts.go
new file mode 100644
index 00000000..f919218d
--- /dev/null
+++ b/runconfig/opts/opts.go
@@ -0,0 +1,70 @@
+package opts
+
+import (
+	"fmt"
+	fopts "github.com/docker/docker/opts"
+	"net"
+	"os"
+	"strings"
+)
+
+// ValidateAttach validates that the specified string is a valid attach option.
+func ValidateAttach(val string) (string, error) {
+	s := strings.ToLower(val)
+	for _, str := range []string{"stdin", "stdout", "stderr"} {
+		if s == str {
+			return s, nil
+		}
+	}
+	return val, fmt.Errorf("valid streams are STDIN, STDOUT and STDERR")
+}
+
+// ValidateEnv validates an environment variable and returns it.
+// If no value is specified, it returns the current value using os.Getenv.
+//
+// As on ParseEnvFile and related to #16585, environment variable names
+// are not validate what so ever, it's up to application inside docker
+// to validate them or not.
+func ValidateEnv(val string) (string, error) {
+	arr := strings.Split(val, "=")
+	if len(arr) > 1 {
+		return val, nil
+	}
+	if !doesEnvExist(val) {
+		return val, nil
+	}
+	return fmt.Sprintf("%s=%s", val, os.Getenv(val)), nil
+}
+
+func doesEnvExist(name string) bool {
+	for _, entry := range os.Environ() {
+		parts := strings.SplitN(entry, "=", 2)
+		if parts[0] == name {
+			return true
+		}
+	}
+	return false
+}
+
+// ValidateExtraHost validates that the specified string is a valid extrahost and returns it.
+// ExtraHost are in the form of name:ip where the ip has to be a valid ip (ipv4 or ipv6).
+func ValidateExtraHost(val string) (string, error) {
+	// allow for IPv6 addresses in extra hosts by only splitting on first ":"
+	arr := strings.SplitN(val, ":", 2)
+	if len(arr) != 2 || len(arr[0]) == 0 {
+		return "", fmt.Errorf("bad format for add-host: %q", val)
+	}
+	if _, err := fopts.ValidateIPAddress(arr[1]); err != nil {
+		return "", fmt.Errorf("invalid IP address in add-host: %q", arr[1])
+	}
+	return val, nil
+}
+
+// ValidateMACAddress validates a MAC address.
+func ValidateMACAddress(val string) (string, error) {
+	_, err := net.ParseMAC(strings.TrimSpace(val))
+	if err != nil {
+		return "", err
+	}
+	return val, nil
+}
diff --git a/runconfig/opts/opts_test.go b/runconfig/opts/opts_test.go
new file mode 100644
index 00000000..69eac88a
--- /dev/null
+++ b/runconfig/opts/opts_test.go
@@ -0,0 +1,108 @@
+package opts
+
+import (
+	"fmt"
+	"os"
+	"strings"
+	"testing"
+)
+
+func TestValidateAttach(t *testing.T) {
+	valid := []string{
+		"stdin",
+		"stdout",
+		"stderr",
+		"STDIN",
+		"STDOUT",
+		"STDERR",
+	}
+	if _, err := ValidateAttach("invalid"); err == nil {
+		t.Fatalf("Expected error with [valid streams are STDIN, STDOUT and STDERR], got nothing")
+	}
+
+	for _, attach := range valid {
+		value, err := ValidateAttach(attach)
+		if err != nil {
+			t.Fatal(err)
+		}
+		if value != strings.ToLower(attach) {
+			t.Fatalf("Expected [%v], got [%v]", attach, value)
+		}
+	}
+}
+
+func TestValidateEnv(t *testing.T) {
+	valids := map[string]string{
+		"a":                   "a",
+		"something":           "something",
+		"_=a":                 "_=a",
+		"env1=value1":         "env1=value1",
+		"_env1=value1":        "_env1=value1",
+		"env2=value2=value3":  "env2=value2=value3",
+		"env3=abc!qwe":        "env3=abc!qwe",
+		"env_4=value 4":       "env_4=value 4",
+		"PATH":                fmt.Sprintf("PATH=%v", os.Getenv("PATH")),
+		"PATH=something":      "PATH=something",
+		"asd!qwe":             "asd!qwe",
+		"1asd":                "1asd",
+		"123":                 "123",
+		"some space":          "some space",
+		"  some space before": "  some space before",
+		"some space after  ":  "some space after  ",
+	}
+	for value, expected := range valids {
+		actual, err := ValidateEnv(value)
+		if err != nil {
+			t.Fatal(err)
+		}
+		if actual != expected {
+			t.Fatalf("Expected [%v], got [%v]", expected, actual)
+		}
+	}
+}
+
+func TestValidateExtraHosts(t *testing.T) {
+	valid := []string{
+		`myhost:192.168.0.1`,
+		`thathost:10.0.2.1`,
+		`anipv6host:2003:ab34:e::1`,
+		`ipv6local:::1`,
+	}
+
+	invalid := map[string]string{
+		`myhost:192.notanipaddress.1`:  `invalid IP`,
+		`thathost-nosemicolon10.0.0.1`: `bad format`,
+		`anipv6host:::::1`:             `invalid IP`,
+		`ipv6local:::0::`:              `invalid IP`,
+	}
+
+	for _, extrahost := range valid {
+		if _, err := ValidateExtraHost(extrahost); err != nil {
+			t.Fatalf("ValidateExtraHost(`"+extrahost+"`) should succeed: error %v", err)
+		}
+	}
+
+	for extraHost, expectedError := range invalid {
+		if _, err := ValidateExtraHost(extraHost); err == nil {
+			t.Fatalf("ValidateExtraHost(`%q`) should have failed validation", extraHost)
+		} else {
+			if !strings.Contains(err.Error(), expectedError) {
+				t.Fatalf("ValidateExtraHost(`%q`) error should contain %q", extraHost, expectedError)
+			}
+		}
+	}
+}
+
+func TestValidateMACAddress(t *testing.T) {
+	if _, err := ValidateMACAddress(`92:d0:c6:0a:29:33`); err != nil {
+		t.Fatalf("ValidateMACAddress(`92:d0:c6:0a:29:33`) got %s", err)
+	}
+
+	if _, err := ValidateMACAddress(`92:d0:c6:0a:33`); err == nil {
+		t.Fatalf("ValidateMACAddress(`92:d0:c6:0a:33`) succeeded; expected failure on invalid MAC")
+	}
+
+	if _, err := ValidateMACAddress(`random invalid string`); err == nil {
+		t.Fatalf("ValidateMACAddress(`random invalid string`) succeeded; expected failure on invalid MAC")
+	}
+}
diff --git a/runconfig/opts/parse.go b/runconfig/opts/parse.go
new file mode 100644
index 00000000..6543b406
--- /dev/null
+++ b/runconfig/opts/parse.go
@@ -0,0 +1,766 @@
+package opts
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"path"
+	"regexp"
+	"strconv"
+	"strings"
+
+	"github.com/docker/docker/opts"
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/pkg/mount"
+	"github.com/docker/docker/pkg/signal"
+	"github.com/docker/engine-api/types/container"
+	networktypes "github.com/docker/engine-api/types/network"
+	"github.com/docker/engine-api/types/strslice"
+	"github.com/docker/go-connections/nat"
+	"github.com/docker/go-units"
+)
+
+// Parse parses the specified args for the specified command and generates a Config,
+// a HostConfig and returns them with the specified command.
+// If the specified args are not valid, it will return an error.
+func Parse(cmd *flag.FlagSet, args []string) (*container.Config, *container.HostConfig, *networktypes.NetworkingConfig, *flag.FlagSet, error) {
+	var (
+		// FIXME: use utils.ListOpts for attach and volumes?
+		flAttach            = opts.NewListOpts(ValidateAttach)
+		flVolumes           = opts.NewListOpts(nil)
+		flTmpfs             = opts.NewListOpts(nil)
+		flBlkioWeightDevice = NewWeightdeviceOpt(ValidateWeightDevice)
+		flDeviceReadBps     = NewThrottledeviceOpt(ValidateThrottleBpsDevice)
+		flDeviceWriteBps    = NewThrottledeviceOpt(ValidateThrottleBpsDevice)
+		flLinks             = opts.NewListOpts(ValidateLink)
+		flAliases           = opts.NewListOpts(nil)
+		flDeviceReadIOps    = NewThrottledeviceOpt(ValidateThrottleIOpsDevice)
+		flDeviceWriteIOps   = NewThrottledeviceOpt(ValidateThrottleIOpsDevice)
+		flEnv               = opts.NewListOpts(ValidateEnv)
+		flLabels            = opts.NewListOpts(ValidateEnv)
+		flDevices           = opts.NewListOpts(ValidateDevice)
+
+		flUlimits = NewUlimitOpt(nil)
+
+		flPublish           = opts.NewListOpts(nil)
+		flExpose            = opts.NewListOpts(nil)
+		flDNS               = opts.NewListOpts(opts.ValidateIPAddress)
+		flDNSSearch         = opts.NewListOpts(opts.ValidateDNSSearch)
+		flDNSOptions        = opts.NewListOpts(nil)
+		flExtraHosts        = opts.NewListOpts(ValidateExtraHost)
+		flVolumesFrom       = opts.NewListOpts(nil)
+		flEnvFile           = opts.NewListOpts(nil)
+		flCapAdd            = opts.NewListOpts(nil)
+		flCapDrop           = opts.NewListOpts(nil)
+		flGroupAdd          = opts.NewListOpts(nil)
+		flSecurityOpt       = opts.NewListOpts(nil)
+		flLabelsFile        = opts.NewListOpts(nil)
+		flLoggingOpts       = opts.NewListOpts(nil)
+		flPrivileged        = cmd.Bool([]string{"-privileged"}, false, "Give extended privileges to this container")
+		flPidMode           = cmd.String([]string{"-pid"}, "", "PID namespace to use")
+		flUTSMode           = cmd.String([]string{"-uts"}, "", "UTS namespace to use")
+		flUsernsMode        = cmd.String([]string{"-userns"}, "", "User namespace to use")
+		flPublishAll        = cmd.Bool([]string{"P", "-publish-all"}, false, "Publish all exposed ports to random ports")
+		flStdin             = cmd.Bool([]string{"i", "-interactive"}, false, "Keep STDIN open even if not attached")
+		flTty               = cmd.Bool([]string{"t", "-tty"}, false, "Allocate a pseudo-TTY")
+		flOomKillDisable    = cmd.Bool([]string{"-oom-kill-disable"}, false, "Disable OOM Killer")
+		flOomScoreAdj       = cmd.Int([]string{"-oom-score-adj"}, 0, "Tune host's OOM preferences (-1000 to 1000)")
+		flContainerIDFile   = cmd.String([]string{"-cidfile"}, "", "Write the container ID to the file")
+		flEntrypoint        = cmd.String([]string{"-entrypoint"}, "", "Overwrite the default ENTRYPOINT of the image")
+		flHostname          = cmd.String([]string{"h", "-hostname"}, "", "Container host name")
+		flMemoryString      = cmd.String([]string{"m", "-memory"}, "", "Memory limit")
+		flMemoryReservation = cmd.String([]string{"-memory-reservation"}, "", "Memory soft limit")
+		flMemorySwap        = cmd.String([]string{"-memory-swap"}, "", "Swap limit equal to memory plus swap: '-1' to enable unlimited swap")
+		flKernelMemory      = cmd.String([]string{"-kernel-memory"}, "", "Kernel memory limit")
+		flUser              = cmd.String([]string{"u", "-user"}, "", "Username or UID (format: <name|uid>[:<group|gid>])")
+		flWorkingDir        = cmd.String([]string{"w", "-workdir"}, "", "Working directory inside the container")
+		flCPUShares         = cmd.Int64([]string{"#c", "-cpu-shares"}, 0, "CPU shares (relative weight)")
+		flCPUPeriod         = cmd.Int64([]string{"-cpu-period"}, 0, "Limit CPU CFS (Completely Fair Scheduler) period")
+		flCPUQuota          = cmd.Int64([]string{"-cpu-quota"}, 0, "Limit CPU CFS (Completely Fair Scheduler) quota")
+		flCpusetCpus        = cmd.String([]string{"-cpuset-cpus"}, "", "CPUs in which to allow execution (0-3, 0,1)")
+		flCpusetMems        = cmd.String([]string{"-cpuset-mems"}, "", "MEMs in which to allow execution (0-3, 0,1)")
+		flBlkioWeight       = cmd.Uint16([]string{"-blkio-weight"}, 0, "Block IO (relative weight), between 10 and 1000")
+		flSwappiness        = cmd.Int64([]string{"-memory-swappiness"}, -1, "Tune container memory swappiness (0 to 100)")
+		flNetMode           = cmd.String([]string{"-net"}, "default", "Connect a container to a network")
+		flMacAddress        = cmd.String([]string{"-mac-address"}, "", "Container MAC address (e.g. 92:d0:c6:0a:29:33)")
+		flIPv4Address       = cmd.String([]string{"-ip"}, "", "Container IPv4 address (e.g. 172.30.100.104)")
+		flIPv6Address       = cmd.String([]string{"-ip6"}, "", "Container IPv6 address (e.g. 2001:db8::33)")
+		flIpcMode           = cmd.String([]string{"-ipc"}, "", "IPC namespace to use")
+		flPidsLimit         = cmd.Int64([]string{"-pids-limit"}, 0, "Tune container pids limit (set -1 for unlimited)")
+		flRestartPolicy     = cmd.String([]string{"-restart"}, "no", "Restart policy to apply when a container exits")
+		flReadonlyRootfs    = cmd.Bool([]string{"-read-only"}, false, "Mount the container's root filesystem as read only")
+		flLoggingDriver     = cmd.String([]string{"-log-driver"}, "", "Logging driver for container")
+		flCgroupParent      = cmd.String([]string{"-cgroup-parent"}, "", "Optional parent cgroup for the container")
+		flVolumeDriver      = cmd.String([]string{"-volume-driver"}, "", "Optional volume driver for the container")
+		flStopSignal        = cmd.String([]string{"-stop-signal"}, signal.DefaultStopSignal, fmt.Sprintf("Signal to stop a container, %v by default", signal.DefaultStopSignal))
+		flIsolation         = cmd.String([]string{"-isolation"}, "", "Container isolation technology")
+		flShmSize           = cmd.String([]string{"-shm-size"}, "", "Size of /dev/shm, default value is 64MB")
+	)
+
+	cmd.Var(&flAttach, []string{"a", "-attach"}, "Attach to STDIN, STDOUT or STDERR")
+	cmd.Var(&flBlkioWeightDevice, []string{"-blkio-weight-device"}, "Block IO weight (relative device weight)")
+	cmd.Var(&flDeviceReadBps, []string{"-device-read-bps"}, "Limit read rate (bytes per second) from a device")
+	cmd.Var(&flDeviceWriteBps, []string{"-device-write-bps"}, "Limit write rate (bytes per second) to a device")
+	cmd.Var(&flDeviceReadIOps, []string{"-device-read-iops"}, "Limit read rate (IO per second) from a device")
+	cmd.Var(&flDeviceWriteIOps, []string{"-device-write-iops"}, "Limit write rate (IO per second) to a device")
+	cmd.Var(&flVolumes, []string{"v", "-volume"}, "Bind mount a volume")
+	cmd.Var(&flTmpfs, []string{"-tmpfs"}, "Mount a tmpfs directory")
+	cmd.Var(&flLinks, []string{"-link"}, "Add link to another container")
+	cmd.Var(&flAliases, []string{"-net-alias"}, "Add network-scoped alias for the container")
+	cmd.Var(&flDevices, []string{"-device"}, "Add a host device to the container")
+	cmd.Var(&flLabels, []string{"l", "-label"}, "Set meta data on a container")
+	cmd.Var(&flLabelsFile, []string{"-label-file"}, "Read in a line delimited file of labels")
+	cmd.Var(&flEnv, []string{"e", "-env"}, "Set environment variables")
+	cmd.Var(&flEnvFile, []string{"-env-file"}, "Read in a file of environment variables")
+	cmd.Var(&flPublish, []string{"p", "-publish"}, "Publish a container's port(s) to the host")
+	cmd.Var(&flExpose, []string{"-expose"}, "Expose a port or a range of ports")
+	cmd.Var(&flDNS, []string{"-dns"}, "Set custom DNS servers")
+	cmd.Var(&flDNSSearch, []string{"-dns-search"}, "Set custom DNS search domains")
+	cmd.Var(&flDNSOptions, []string{"-dns-opt"}, "Set DNS options")
+	cmd.Var(&flExtraHosts, []string{"-add-host"}, "Add a custom host-to-IP mapping (host:ip)")
+	cmd.Var(&flVolumesFrom, []string{"-volumes-from"}, "Mount volumes from the specified container(s)")
+	cmd.Var(&flCapAdd, []string{"-cap-add"}, "Add Linux capabilities")
+	cmd.Var(&flCapDrop, []string{"-cap-drop"}, "Drop Linux capabilities")
+	cmd.Var(&flGroupAdd, []string{"-group-add"}, "Add additional groups to join")
+	cmd.Var(&flSecurityOpt, []string{"-security-opt"}, "Security Options")
+	cmd.Var(flUlimits, []string{"-ulimit"}, "Ulimit options")
+	cmd.Var(&flLoggingOpts, []string{"-log-opt"}, "Log driver options")
+
+	cmd.Require(flag.Min, 1)
+
+	if err := cmd.ParseFlags(args, true); err != nil {
+		return nil, nil, nil, cmd, err
+	}
+
+	var (
+		attachStdin  = flAttach.Get("stdin")
+		attachStdout = flAttach.Get("stdout")
+		attachStderr = flAttach.Get("stderr")
+	)
+
+	// Validate the input mac address
+	if *flMacAddress != "" {
+		if _, err := ValidateMACAddress(*flMacAddress); err != nil {
+			return nil, nil, nil, cmd, fmt.Errorf("%s is not a valid mac address", *flMacAddress)
+		}
+	}
+	if *flStdin {
+		attachStdin = true
+	}
+	// If -a is not set attach to the output stdio
+	if flAttach.Len() == 0 {
+		attachStdout = true
+		attachStderr = true
+	}
+
+	var err error
+
+	var flMemory int64
+	if *flMemoryString != "" {
+		flMemory, err = units.RAMInBytes(*flMemoryString)
+		if err != nil {
+			return nil, nil, nil, cmd, err
+		}
+	}
+
+	var MemoryReservation int64
+	if *flMemoryReservation != "" {
+		MemoryReservation, err = units.RAMInBytes(*flMemoryReservation)
+		if err != nil {
+			return nil, nil, nil, cmd, err
+		}
+	}
+
+	var memorySwap int64
+	if *flMemorySwap != "" {
+		if *flMemorySwap == "-1" {
+			memorySwap = -1
+		} else {
+			memorySwap, err = units.RAMInBytes(*flMemorySwap)
+			if err != nil {
+				return nil, nil, nil, cmd, err
+			}
+		}
+	}
+
+	var KernelMemory int64
+	if *flKernelMemory != "" {
+		KernelMemory, err = units.RAMInBytes(*flKernelMemory)
+		if err != nil {
+			return nil, nil, nil, cmd, err
+		}
+	}
+
+	swappiness := *flSwappiness
+	if swappiness != -1 && (swappiness < 0 || swappiness > 100) {
+		return nil, nil, nil, cmd, fmt.Errorf("invalid value: %d. Valid memory swappiness range is 0-100", swappiness)
+	}
+
+	var shmSize int64
+	if *flShmSize != "" {
+		shmSize, err = units.RAMInBytes(*flShmSize)
+		if err != nil {
+			return nil, nil, nil, cmd, err
+		}
+	}
+
+	var binds []string
+	// add any bind targets to the list of container volumes
+	for bind := range flVolumes.GetMap() {
+		if arr := volumeSplitN(bind, 2); len(arr) > 1 {
+			// after creating the bind mount we want to delete it from the flVolumes values because
+			// we do not want bind mounts being committed to image configs
+			binds = append(binds, bind)
+			flVolumes.Delete(bind)
+		}
+	}
+
+	// Can't evaluate options passed into --tmpfs until we actually mount
+	tmpfs := make(map[string]string)
+	for _, t := range flTmpfs.GetAll() {
+		if arr := strings.SplitN(t, ":", 2); len(arr) > 1 {
+			if _, _, err := mount.ParseTmpfsOptions(arr[1]); err != nil {
+				return nil, nil, nil, cmd, err
+			}
+			tmpfs[arr[0]] = arr[1]
+		} else {
+			tmpfs[arr[0]] = ""
+		}
+	}
+
+	var (
+		parsedArgs = cmd.Args()
+		runCmd     strslice.StrSlice
+		entrypoint strslice.StrSlice
+		image      = cmd.Arg(0)
+	)
+	if len(parsedArgs) > 1 {
+		runCmd = strslice.StrSlice(parsedArgs[1:])
+	}
+	if *flEntrypoint != "" {
+		entrypoint = strslice.StrSlice{*flEntrypoint}
+	}
+	// Validate if the given hostname is RFC 1123 (https://tools.ietf.org/html/rfc1123) compliant.
+	hostname := *flHostname
+	if hostname != "" {
+		// Linux hostname is limited to HOST_NAME_MAX=64, not not including the terminating null byte.
+		matched, _ := regexp.MatchString("^(([[:alnum:]]|[[:alnum:]][[:alnum:]\\-]*[[:alnum:]])\\.)*([[:alnum:]]|[[:alnum:]][[:alnum:]\\-]*[[:alnum:]])$", hostname)
+		if len(hostname) > 64 || !matched {
+			return nil, nil, nil, cmd, fmt.Errorf("invalid hostname format for --hostname: %s", hostname)
+		}
+	}
+
+	ports, portBindings, err := nat.ParsePortSpecs(flPublish.GetAll())
+	if err != nil {
+		return nil, nil, nil, cmd, err
+	}
+
+	// Merge in exposed ports to the map of published ports
+	for _, e := range flExpose.GetAll() {
+		if strings.Contains(e, ":") {
+			return nil, nil, nil, cmd, fmt.Errorf("invalid port format for --expose: %s", e)
+		}
+		//support two formats for expose, original format <portnum>/[<proto>] or <startport-endport>/[<proto>]
+		proto, port := nat.SplitProtoPort(e)
+		//parse the start and end port and create a sequence of ports to expose
+		//if expose a port, the start and end port are the same
+		start, end, err := nat.ParsePortRange(port)
+		if err != nil {
+			return nil, nil, nil, cmd, fmt.Errorf("invalid range format for --expose: %s, error: %s", e, err)
+		}
+		for i := start; i <= end; i++ {
+			p, err := nat.NewPort(proto, strconv.FormatUint(i, 10))
+			if err != nil {
+				return nil, nil, nil, cmd, err
+			}
+			if _, exists := ports[p]; !exists {
+				ports[p] = struct{}{}
+			}
+		}
+	}
+
+	// parse device mappings
+	deviceMappings := []container.DeviceMapping{}
+	for _, device := range flDevices.GetAll() {
+		deviceMapping, err := ParseDevice(device)
+		if err != nil {
+			return nil, nil, nil, cmd, err
+		}
+		deviceMappings = append(deviceMappings, deviceMapping)
+	}
+
+	// collect all the environment variables for the container
+	envVariables, err := readKVStrings(flEnvFile.GetAll(), flEnv.GetAll())
+	if err != nil {
+		return nil, nil, nil, cmd, err
+	}
+
+	// collect all the labels for the container
+	labels, err := readKVStrings(flLabelsFile.GetAll(), flLabels.GetAll())
+	if err != nil {
+		return nil, nil, nil, cmd, err
+	}
+
+	ipcMode := container.IpcMode(*flIpcMode)
+	if !ipcMode.Valid() {
+		return nil, nil, nil, cmd, fmt.Errorf("--ipc: invalid IPC mode")
+	}
+
+	pidMode := container.PidMode(*flPidMode)
+	if !pidMode.Valid() {
+		return nil, nil, nil, cmd, fmt.Errorf("--pid: invalid PID mode")
+	}
+
+	utsMode := container.UTSMode(*flUTSMode)
+	if !utsMode.Valid() {
+		return nil, nil, nil, cmd, fmt.Errorf("--uts: invalid UTS mode")
+	}
+
+	usernsMode := container.UsernsMode(*flUsernsMode)
+	if !usernsMode.Valid() {
+		return nil, nil, nil, cmd, fmt.Errorf("--userns: invalid USER mode")
+	}
+
+	restartPolicy, err := ParseRestartPolicy(*flRestartPolicy)
+	if err != nil {
+		return nil, nil, nil, cmd, err
+	}
+
+	loggingOpts, err := parseLoggingOpts(*flLoggingDriver, flLoggingOpts.GetAll())
+	if err != nil {
+		return nil, nil, nil, cmd, err
+	}
+
+	securityOpts, err := parseSecurityOpts(flSecurityOpt.GetAll())
+	if err != nil {
+		return nil, nil, nil, cmd, err
+	}
+
+	resources := container.Resources{
+		CgroupParent:         *flCgroupParent,
+		Memory:               flMemory,
+		MemoryReservation:    MemoryReservation,
+		MemorySwap:           memorySwap,
+		MemorySwappiness:     flSwappiness,
+		KernelMemory:         KernelMemory,
+		OomKillDisable:       flOomKillDisable,
+		CPUShares:            *flCPUShares,
+		CPUPeriod:            *flCPUPeriod,
+		CpusetCpus:           *flCpusetCpus,
+		CpusetMems:           *flCpusetMems,
+		CPUQuota:             *flCPUQuota,
+		PidsLimit:            *flPidsLimit,
+		BlkioWeight:          *flBlkioWeight,
+		BlkioWeightDevice:    flBlkioWeightDevice.GetList(),
+		BlkioDeviceReadBps:   flDeviceReadBps.GetList(),
+		BlkioDeviceWriteBps:  flDeviceWriteBps.GetList(),
+		BlkioDeviceReadIOps:  flDeviceReadIOps.GetList(),
+		BlkioDeviceWriteIOps: flDeviceWriteIOps.GetList(),
+		Ulimits:              flUlimits.GetList(),
+		Devices:              deviceMappings,
+	}
+
+	config := &container.Config{
+		Hostname:     *flHostname,
+		ExposedPorts: ports,
+		User:         *flUser,
+		Tty:          *flTty,
+		// TODO: deprecated, it comes from -n, --networking
+		// it's still needed internally to set the network to disabled
+		// if e.g. bridge is none in daemon opts, and in inspect
+		NetworkDisabled: false,
+		OpenStdin:       *flStdin,
+		AttachStdin:     attachStdin,
+		AttachStdout:    attachStdout,
+		AttachStderr:    attachStderr,
+		Env:             envVariables,
+		Cmd:             runCmd,
+		Image:           image,
+		Volumes:         flVolumes.GetMap(),
+		MacAddress:      *flMacAddress,
+		Entrypoint:      entrypoint,
+		WorkingDir:      *flWorkingDir,
+		Labels:          ConvertKVStringsToMap(labels),
+	}
+	if cmd.IsSet("-stop-signal") {
+		config.StopSignal = *flStopSignal
+	}
+
+	hostConfig := &container.HostConfig{
+		Binds:           binds,
+		ContainerIDFile: *flContainerIDFile,
+		OomScoreAdj:     *flOomScoreAdj,
+		Privileged:      *flPrivileged,
+		PortBindings:    portBindings,
+		Links:           flLinks.GetAll(),
+		PublishAllPorts: *flPublishAll,
+		// Make sure the dns fields are never nil.
+		// New containers don't ever have those fields nil,
+		// but pre created containers can still have those nil values.
+		// See https://github.com/docker/docker/pull/17779
+		// for a more detailed explanation on why we don't want that.
+		DNS:            flDNS.GetAllOrEmpty(),
+		DNSSearch:      flDNSSearch.GetAllOrEmpty(),
+		DNSOptions:     flDNSOptions.GetAllOrEmpty(),
+		ExtraHosts:     flExtraHosts.GetAll(),
+		VolumesFrom:    flVolumesFrom.GetAll(),
+		NetworkMode:    container.NetworkMode(*flNetMode),
+		IpcMode:        ipcMode,
+		PidMode:        pidMode,
+		UTSMode:        utsMode,
+		UsernsMode:     usernsMode,
+		CapAdd:         strslice.StrSlice(flCapAdd.GetAll()),
+		CapDrop:        strslice.StrSlice(flCapDrop.GetAll()),
+		GroupAdd:       flGroupAdd.GetAll(),
+		RestartPolicy:  restartPolicy,
+		SecurityOpt:    securityOpts,
+		ReadonlyRootfs: *flReadonlyRootfs,
+		LogConfig:      container.LogConfig{Type: *flLoggingDriver, Config: loggingOpts},
+		VolumeDriver:   *flVolumeDriver,
+		Isolation:      container.Isolation(*flIsolation),
+		ShmSize:        shmSize,
+		Resources:      resources,
+		Tmpfs:          tmpfs,
+	}
+
+	// When allocating stdin in attached mode, close stdin at client disconnect
+	if config.OpenStdin && config.AttachStdin {
+		config.StdinOnce = true
+	}
+
+	networkingConfig := &networktypes.NetworkingConfig{
+		EndpointsConfig: make(map[string]*networktypes.EndpointSettings),
+	}
+
+	if *flIPv4Address != "" || *flIPv6Address != "" {
+		networkingConfig.EndpointsConfig[string(hostConfig.NetworkMode)] = &networktypes.EndpointSettings{
+			IPAMConfig: &networktypes.EndpointIPAMConfig{
+				IPv4Address: *flIPv4Address,
+				IPv6Address: *flIPv6Address,
+			},
+		}
+	}
+
+	if hostConfig.NetworkMode.IsUserDefined() && len(hostConfig.Links) > 0 {
+		epConfig := networkingConfig.EndpointsConfig[string(hostConfig.NetworkMode)]
+		if epConfig == nil {
+			epConfig = &networktypes.EndpointSettings{}
+		}
+		epConfig.Links = make([]string, len(hostConfig.Links))
+		copy(epConfig.Links, hostConfig.Links)
+		networkingConfig.EndpointsConfig[string(hostConfig.NetworkMode)] = epConfig
+	}
+
+	if flAliases.Len() > 0 {
+		epConfig := networkingConfig.EndpointsConfig[string(hostConfig.NetworkMode)]
+		if epConfig == nil {
+			epConfig = &networktypes.EndpointSettings{}
+		}
+		epConfig.Aliases = make([]string, flAliases.Len())
+		copy(epConfig.Aliases, flAliases.GetAll())
+		networkingConfig.EndpointsConfig[string(hostConfig.NetworkMode)] = epConfig
+	}
+
+	return config, hostConfig, networkingConfig, cmd, nil
+}
+
+// reads a file of line terminated key=value pairs and override that with override parameter
+func readKVStrings(files []string, override []string) ([]string, error) {
+	envVariables := []string{}
+	for _, ef := range files {
+		parsedVars, err := ParseEnvFile(ef)
+		if err != nil {
+			return nil, err
+		}
+		envVariables = append(envVariables, parsedVars...)
+	}
+	// parse the '-e' and '--env' after, to allow override
+	envVariables = append(envVariables, override...)
+
+	return envVariables, nil
+}
+
+// ConvertKVStringsToMap converts ["key=value"] to {"key":"value"}
+func ConvertKVStringsToMap(values []string) map[string]string {
+	result := make(map[string]string, len(values))
+	for _, value := range values {
+		kv := strings.SplitN(value, "=", 2)
+		if len(kv) == 1 {
+			result[kv[0]] = ""
+		} else {
+			result[kv[0]] = kv[1]
+		}
+	}
+
+	return result
+}
+
+func parseLoggingOpts(loggingDriver string, loggingOpts []string) (map[string]string, error) {
+	loggingOptsMap := ConvertKVStringsToMap(loggingOpts)
+	if loggingDriver == "none" && len(loggingOpts) > 0 {
+		return map[string]string{}, fmt.Errorf("invalid logging opts for driver %s", loggingDriver)
+	}
+	return loggingOptsMap, nil
+}
+
+// takes a local seccomp daemon, reads the file contents for sending to the daemon
+func parseSecurityOpts(securityOpts []string) ([]string, error) {
+	for key, opt := range securityOpts {
+		con := strings.SplitN(opt, "=", 2)
+		if len(con) == 1 && con[0] != "no-new-privileges" {
+			if strings.Index(opt, ":") != -1 {
+				con = strings.SplitN(opt, ":", 2)
+			} else {
+				return securityOpts, fmt.Errorf("Invalid --security-opt: %q", opt)
+			}
+		}
+		if con[0] == "seccomp" && con[1] != "unconfined" {
+			f, err := ioutil.ReadFile(con[1])
+			if err != nil {
+				return securityOpts, fmt.Errorf("opening seccomp profile (%s) failed: %v", con[1], err)
+			}
+			b := bytes.NewBuffer(nil)
+			if err := json.Compact(b, f); err != nil {
+				return securityOpts, fmt.Errorf("compacting json for seccomp profile (%s) failed: %v", con[1], err)
+			}
+			securityOpts[key] = fmt.Sprintf("seccomp=%s", b.Bytes())
+		}
+	}
+
+	return securityOpts, nil
+}
+
+// ParseRestartPolicy returns the parsed policy or an error indicating what is incorrect
+func ParseRestartPolicy(policy string) (container.RestartPolicy, error) {
+	p := container.RestartPolicy{}
+
+	if policy == "" {
+		return p, nil
+	}
+
+	var (
+		parts = strings.Split(policy, ":")
+		name  = parts[0]
+	)
+
+	p.Name = name
+	switch name {
+	case "always", "unless-stopped":
+		if len(parts) > 1 {
+			return p, fmt.Errorf("maximum restart count not valid with restart policy of \"%s\"", name)
+		}
+	case "no":
+		// do nothing
+	case "on-failure":
+		if len(parts) > 2 {
+			return p, fmt.Errorf("restart count format is not valid, usage: 'on-failure:N' or 'on-failure'")
+		}
+		if len(parts) == 2 {
+			count, err := strconv.Atoi(parts[1])
+			if err != nil {
+				return p, err
+			}
+
+			p.MaximumRetryCount = count
+		}
+	default:
+		return p, fmt.Errorf("invalid restart policy %s", name)
+	}
+
+	return p, nil
+}
+
+// ParseDevice parses a device mapping string to a container.DeviceMapping struct
+func ParseDevice(device string) (container.DeviceMapping, error) {
+	src := ""
+	dst := ""
+	permissions := "rwm"
+	arr := strings.Split(device, ":")
+	switch len(arr) {
+	case 3:
+		permissions = arr[2]
+		fallthrough
+	case 2:
+		if ValidDeviceMode(arr[1]) {
+			permissions = arr[1]
+		} else {
+			dst = arr[1]
+		}
+		fallthrough
+	case 1:
+		src = arr[0]
+	default:
+		return container.DeviceMapping{}, fmt.Errorf("invalid device specification: %s", device)
+	}
+
+	if dst == "" {
+		dst = src
+	}
+
+	deviceMapping := container.DeviceMapping{
+		PathOnHost:        src,
+		PathInContainer:   dst,
+		CgroupPermissions: permissions,
+	}
+	return deviceMapping, nil
+}
+
+// ParseLink parses and validates the specified string as a link format (name:alias)
+func ParseLink(val string) (string, string, error) {
+	if val == "" {
+		return "", "", fmt.Errorf("empty string specified for links")
+	}
+	arr := strings.Split(val, ":")
+	if len(arr) > 2 {
+		return "", "", fmt.Errorf("bad format for links: %s", val)
+	}
+	if len(arr) == 1 {
+		return val, val, nil
+	}
+	// This is kept because we can actually get an HostConfig with links
+	// from an already created container and the format is not `foo:bar`
+	// but `/foo:/c1/bar`
+	if strings.HasPrefix(arr[0], "/") {
+		_, alias := path.Split(arr[1])
+		return arr[0][1:], alias, nil
+	}
+	return arr[0], arr[1], nil
+}
+
+// ValidateLink validates that the specified string has a valid link format (containerName:alias).
+func ValidateLink(val string) (string, error) {
+	if _, _, err := ParseLink(val); err != nil {
+		return val, err
+	}
+	return val, nil
+}
+
+// ValidDeviceMode checks if the mode for device is valid or not.
+// Valid mode is a composition of r (read), w (write), and m (mknod).
+func ValidDeviceMode(mode string) bool {
+	var legalDeviceMode = map[rune]bool{
+		'r': true,
+		'w': true,
+		'm': true,
+	}
+	if mode == "" {
+		return false
+	}
+	for _, c := range mode {
+		if !legalDeviceMode[c] {
+			return false
+		}
+		legalDeviceMode[c] = false
+	}
+	return true
+}
+
+// ValidateDevice validates a path for devices
+// It will make sure 'val' is in the form:
+//    [host-dir:]container-path[:mode]
+// It also validates the device mode.
+func ValidateDevice(val string) (string, error) {
+	return validatePath(val, ValidDeviceMode)
+}
+
+func validatePath(val string, validator func(string) bool) (string, error) {
+	var containerPath string
+	var mode string
+
+	if strings.Count(val, ":") > 2 {
+		return val, fmt.Errorf("bad format for path: %s", val)
+	}
+
+	split := strings.SplitN(val, ":", 3)
+	if split[0] == "" {
+		return val, fmt.Errorf("bad format for path: %s", val)
+	}
+	switch len(split) {
+	case 1:
+		containerPath = split[0]
+		val = path.Clean(containerPath)
+	case 2:
+		if isValid := validator(split[1]); isValid {
+			containerPath = split[0]
+			mode = split[1]
+			val = fmt.Sprintf("%s:%s", path.Clean(containerPath), mode)
+		} else {
+			containerPath = split[1]
+			val = fmt.Sprintf("%s:%s", split[0], path.Clean(containerPath))
+		}
+	case 3:
+		containerPath = split[1]
+		mode = split[2]
+		if isValid := validator(split[2]); !isValid {
+			return val, fmt.Errorf("bad mode specified: %s", mode)
+		}
+		val = fmt.Sprintf("%s:%s:%s", split[0], containerPath, mode)
+	}
+
+	if !path.IsAbs(containerPath) {
+		return val, fmt.Errorf("%s is not an absolute path", containerPath)
+	}
+	return val, nil
+}
+
+// volumeSplitN splits raw into a maximum of n parts, separated by a separator colon.
+// A separator colon is the last `:` character in the regex `[:\\]?[a-zA-Z]:` (note `\\` is `\` escaped).
+// In Windows driver letter appears in two situations:
+// a. `^[a-zA-Z]:` (A colon followed  by `^[a-zA-Z]:` is OK as colon is the separator in volume option)
+// b. A string in the format like `\\?\C:\Windows\...` (UNC).
+// Therefore, a driver letter can only follow either a `:` or `\\`
+// This allows to correctly split strings such as `C:\foo:D:\:rw` or `/tmp/q:/foo`.
+func volumeSplitN(raw string, n int) []string {
+	var array []string
+	if len(raw) == 0 || raw[0] == ':' {
+		// invalid
+		return nil
+	}
+	// numberOfParts counts the number of parts separated by a separator colon
+	numberOfParts := 0
+	// left represents the left-most cursor in raw, updated at every `:` character considered as a separator.
+	left := 0
+	// right represents the right-most cursor in raw incremented with the loop. Note this
+	// starts at index 1 as index 0 is already handle above as a special case.
+	for right := 1; right < len(raw); right++ {
+		// stop parsing if reached maximum number of parts
+		if n >= 0 && numberOfParts >= n {
+			break
+		}
+		if raw[right] != ':' {
+			continue
+		}
+		potentialDriveLetter := raw[right-1]
+		if (potentialDriveLetter >= 'A' && potentialDriveLetter <= 'Z') || (potentialDriveLetter >= 'a' && potentialDriveLetter <= 'z') {
+			if right > 1 {
+				beforePotentialDriveLetter := raw[right-2]
+				// Only `:` or `\\` are checked (`/` could fall into the case of `/tmp/q:/foo`)
+				if beforePotentialDriveLetter != ':' && beforePotentialDriveLetter != '\\' {
+					// e.g. `C:` is not preceded by any delimiter, therefore it was not a drive letter but a path ending with `C:`.
+					array = append(array, raw[left:right])
+					left = right + 1
+					numberOfParts++
+				}
+				// else, `C:` is considered as a drive letter and not as a delimiter, so we continue parsing.
+			}
+			// if right == 1, then `C:` is the beginning of the raw string, therefore `:` is again not considered a delimiter and we continue parsing.
+		} else {
+			// if `:` is not preceded by a potential drive letter, then consider it as a delimiter.
+			array = append(array, raw[left:right])
+			left = right + 1
+			numberOfParts++
+		}
+	}
+	// need to take care of the last part
+	if left < len(raw) {
+		if n >= 0 && numberOfParts >= n {
+			// if the maximum number of parts is reached, just append the rest to the last part
+			// left-1 is at the last `:` that needs to be included since not considered a separator.
+			array[n-1] += raw[left-1:]
+		} else {
+			array = append(array, raw[left:])
+		}
+	}
+	return array
+}
diff --git a/runconfig/opts/parse_test.go b/runconfig/opts/parse_test.go
new file mode 100644
index 00000000..18855443
--- /dev/null
+++ b/runconfig/opts/parse_test.go
@@ -0,0 +1,839 @@
+package opts
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"runtime"
+	"strings"
+	"testing"
+
+	flag "github.com/docker/docker/pkg/mflag"
+	"github.com/docker/docker/runconfig"
+	"github.com/docker/engine-api/types/container"
+	networktypes "github.com/docker/engine-api/types/network"
+	"github.com/docker/go-connections/nat"
+)
+
+func parseRun(args []string) (*container.Config, *container.HostConfig, *networktypes.NetworkingConfig, *flag.FlagSet, error) {
+	cmd := flag.NewFlagSet("run", flag.ContinueOnError)
+	cmd.SetOutput(ioutil.Discard)
+	cmd.Usage = nil
+	return Parse(cmd, args)
+}
+
+func parse(t *testing.T, args string) (*container.Config, *container.HostConfig, error) {
+	config, hostConfig, _, _, err := parseRun(strings.Split(args+" ubuntu bash", " "))
+	return config, hostConfig, err
+}
+
+func mustParse(t *testing.T, args string) (*container.Config, *container.HostConfig) {
+	config, hostConfig, err := parse(t, args)
+	if err != nil {
+		t.Fatal(err)
+	}
+	return config, hostConfig
+}
+
+func TestParseRunLinks(t *testing.T) {
+	if _, hostConfig := mustParse(t, "--link a:b"); len(hostConfig.Links) == 0 || hostConfig.Links[0] != "a:b" {
+		t.Fatalf("Error parsing links. Expected []string{\"a:b\"}, received: %v", hostConfig.Links)
+	}
+	if _, hostConfig := mustParse(t, "--link a:b --link c:d"); len(hostConfig.Links) < 2 || hostConfig.Links[0] != "a:b" || hostConfig.Links[1] != "c:d" {
+		t.Fatalf("Error parsing links. Expected []string{\"a:b\", \"c:d\"}, received: %v", hostConfig.Links)
+	}
+	if _, hostConfig := mustParse(t, ""); len(hostConfig.Links) != 0 {
+		t.Fatalf("Error parsing links. No link expected, received: %v", hostConfig.Links)
+	}
+}
+
+func TestParseRunAttach(t *testing.T) {
+	if config, _ := mustParse(t, "-a stdin"); !config.AttachStdin || config.AttachStdout || config.AttachStderr {
+		t.Fatalf("Error parsing attach flags. Expect only Stdin enabled. Received: in: %v, out: %v, err: %v", config.AttachStdin, config.AttachStdout, config.AttachStderr)
+	}
+	if config, _ := mustParse(t, "-a stdin -a stdout"); !config.AttachStdin || !config.AttachStdout || config.AttachStderr {
+		t.Fatalf("Error parsing attach flags. Expect only Stdin and Stdout enabled. Received: in: %v, out: %v, err: %v", config.AttachStdin, config.AttachStdout, config.AttachStderr)
+	}
+	if config, _ := mustParse(t, "-a stdin -a stdout -a stderr"); !config.AttachStdin || !config.AttachStdout || !config.AttachStderr {
+		t.Fatalf("Error parsing attach flags. Expect all attach enabled. Received: in: %v, out: %v, err: %v", config.AttachStdin, config.AttachStdout, config.AttachStderr)
+	}
+	if config, _ := mustParse(t, ""); config.AttachStdin || !config.AttachStdout || !config.AttachStderr {
+		t.Fatalf("Error parsing attach flags. Expect Stdin disabled. Received: in: %v, out: %v, err: %v", config.AttachStdin, config.AttachStdout, config.AttachStderr)
+	}
+	if config, _ := mustParse(t, "-i"); !config.AttachStdin || !config.AttachStdout || !config.AttachStderr {
+		t.Fatalf("Error parsing attach flags. Expect Stdin enabled. Received: in: %v, out: %v, err: %v", config.AttachStdin, config.AttachStdout, config.AttachStderr)
+	}
+
+	if _, _, err := parse(t, "-a"); err == nil {
+		t.Fatalf("Error parsing attach flags, `-a` should be an error but is not")
+	}
+	if _, _, err := parse(t, "-a invalid"); err == nil {
+		t.Fatalf("Error parsing attach flags, `-a invalid` should be an error but is not")
+	}
+	if _, _, err := parse(t, "-a invalid -a stdout"); err == nil {
+		t.Fatalf("Error parsing attach flags, `-a stdout -a invalid` should be an error but is not")
+	}
+	if _, _, err := parse(t, "-a stdout -a stderr -d"); err == nil {
+		t.Fatalf("Error parsing attach flags, `-a stdout -a stderr -d` should be an error but is not")
+	}
+	if _, _, err := parse(t, "-a stdin -d"); err == nil {
+		t.Fatalf("Error parsing attach flags, `-a stdin -d` should be an error but is not")
+	}
+	if _, _, err := parse(t, "-a stdout -d"); err == nil {
+		t.Fatalf("Error parsing attach flags, `-a stdout -d` should be an error but is not")
+	}
+	if _, _, err := parse(t, "-a stderr -d"); err == nil {
+		t.Fatalf("Error parsing attach flags, `-a stderr -d` should be an error but is not")
+	}
+	if _, _, err := parse(t, "-d --rm"); err == nil {
+		t.Fatalf("Error parsing attach flags, `-d --rm` should be an error but is not")
+	}
+}
+
+func TestParseRunVolumes(t *testing.T) {
+
+	// A single volume
+	arr, tryit := setupPlatformVolume([]string{`/tmp`}, []string{`c:\tmp`})
+	if config, hostConfig := mustParse(t, tryit); hostConfig.Binds != nil {
+		t.Fatalf("Error parsing volume flags, %q should not mount-bind anything. Received %v", tryit, hostConfig.Binds)
+	} else if _, exists := config.Volumes[arr[0]]; !exists {
+		t.Fatalf("Error parsing volume flags, %q is missing from volumes. Received %v", tryit, config.Volumes)
+	}
+
+	// Two volumes
+	arr, tryit = setupPlatformVolume([]string{`/tmp`, `/var`}, []string{`c:\tmp`, `c:\var`})
+	if config, hostConfig := mustParse(t, tryit); hostConfig.Binds != nil {
+		t.Fatalf("Error parsing volume flags, %q should not mount-bind anything. Received %v", tryit, hostConfig.Binds)
+	} else if _, exists := config.Volumes[arr[0]]; !exists {
+		t.Fatalf("Error parsing volume flags, %s is missing from volumes. Received %v", arr[0], config.Volumes)
+	} else if _, exists := config.Volumes[arr[1]]; !exists {
+		t.Fatalf("Error parsing volume flags, %s is missing from volumes. Received %v", arr[1], config.Volumes)
+	}
+
+	// A single bind-mount
+	arr, tryit = setupPlatformVolume([]string{`/hostTmp:/containerTmp`}, []string{os.Getenv("TEMP") + `:c:\containerTmp`})
+	if config, hostConfig := mustParse(t, tryit); hostConfig.Binds == nil || hostConfig.Binds[0] != arr[0] {
+		t.Fatalf("Error parsing volume flags, %q should mount-bind the path before the colon into the path after the colon. Received %v %v", arr[0], hostConfig.Binds, config.Volumes)
+	}
+
+	// Two bind-mounts.
+	arr, tryit = setupPlatformVolume([]string{`/hostTmp:/containerTmp`, `/hostVar:/containerVar`}, []string{os.Getenv("ProgramData") + `:c:\ContainerPD`, os.Getenv("TEMP") + `:c:\containerTmp`})
+	if _, hostConfig := mustParse(t, tryit); hostConfig.Binds == nil || compareRandomizedStrings(hostConfig.Binds[0], hostConfig.Binds[1], arr[0], arr[1]) != nil {
+		t.Fatalf("Error parsing volume flags, `%s and %s` did not mount-bind correctly. Received %v", arr[0], arr[1], hostConfig.Binds)
+	}
+
+	// Two bind-mounts, first read-only, second read-write.
+	// TODO Windows: The Windows version uses read-write as that's the only mode it supports. Can change this post TP4
+	arr, tryit = setupPlatformVolume([]string{`/hostTmp:/containerTmp:ro`, `/hostVar:/containerVar:rw`}, []string{os.Getenv("TEMP") + `:c:\containerTmp:rw`, os.Getenv("ProgramData") + `:c:\ContainerPD:rw`})
+	if _, hostConfig := mustParse(t, tryit); hostConfig.Binds == nil || compareRandomizedStrings(hostConfig.Binds[0], hostConfig.Binds[1], arr[0], arr[1]) != nil {
+		t.Fatalf("Error parsing volume flags, `%s and %s` did not mount-bind correctly. Received %v", arr[0], arr[1], hostConfig.Binds)
+	}
+
+	// Similar to previous test but with alternate modes which are only supported by Linux
+	if runtime.GOOS != "windows" {
+		arr, tryit = setupPlatformVolume([]string{`/hostTmp:/containerTmp:ro,Z`, `/hostVar:/containerVar:rw,Z`}, []string{})
+		if _, hostConfig := mustParse(t, tryit); hostConfig.Binds == nil || compareRandomizedStrings(hostConfig.Binds[0], hostConfig.Binds[1], arr[0], arr[1]) != nil {
+			t.Fatalf("Error parsing volume flags, `%s and %s` did not mount-bind correctly. Received %v", arr[0], arr[1], hostConfig.Binds)
+		}
+
+		arr, tryit = setupPlatformVolume([]string{`/hostTmp:/containerTmp:Z`, `/hostVar:/containerVar:z`}, []string{})
+		if _, hostConfig := mustParse(t, tryit); hostConfig.Binds == nil || compareRandomizedStrings(hostConfig.Binds[0], hostConfig.Binds[1], arr[0], arr[1]) != nil {
+			t.Fatalf("Error parsing volume flags, `%s and %s` did not mount-bind correctly. Received %v", arr[0], arr[1], hostConfig.Binds)
+		}
+	}
+
+	// One bind mount and one volume
+	arr, tryit = setupPlatformVolume([]string{`/hostTmp:/containerTmp`, `/containerVar`}, []string{os.Getenv("TEMP") + `:c:\containerTmp`, `c:\containerTmp`})
+	if config, hostConfig := mustParse(t, tryit); hostConfig.Binds == nil || len(hostConfig.Binds) > 1 || hostConfig.Binds[0] != arr[0] {
+		t.Fatalf("Error parsing volume flags, %s and %s should only one and only one bind mount %s. Received %s", arr[0], arr[1], arr[0], hostConfig.Binds)
+	} else if _, exists := config.Volumes[arr[1]]; !exists {
+		t.Fatalf("Error parsing volume flags %s and %s. %s is missing from volumes. Received %v", arr[0], arr[1], arr[1], config.Volumes)
+	}
+
+	// Root to non-c: drive letter (Windows specific)
+	if runtime.GOOS == "windows" {
+		arr, tryit = setupPlatformVolume([]string{}, []string{os.Getenv("SystemDrive") + `\:d:`})
+		if config, hostConfig := mustParse(t, tryit); hostConfig.Binds == nil || len(hostConfig.Binds) > 1 || hostConfig.Binds[0] != arr[0] || len(config.Volumes) != 0 {
+			t.Fatalf("Error parsing %s. Should have a single bind mount and no volumes", arr[0])
+		}
+	}
+
+}
+
+// This tests the cases for binds which are generated through
+// DecodeContainerConfig rather than Parse()
+func TestDecodeContainerConfigVolumes(t *testing.T) {
+
+	// Root to root
+	bindsOrVols, _ := setupPlatformVolume([]string{`/:/`}, []string{os.Getenv("SystemDrive") + `\:c:\`})
+	if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
+		t.Fatalf("binds %v should have failed", bindsOrVols)
+	}
+	if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
+		t.Fatalf("volume %v should have failed", bindsOrVols)
+	}
+
+	// No destination path
+	bindsOrVols, _ = setupPlatformVolume([]string{`/tmp:`}, []string{os.Getenv("TEMP") + `\:`})
+	if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
+		t.Fatalf("binds %v should have failed", bindsOrVols)
+	}
+	if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
+		t.Fatalf("binds %v should have failed", bindsOrVols)
+	}
+
+	//	// No destination path or mode
+	bindsOrVols, _ = setupPlatformVolume([]string{`/tmp::`}, []string{os.Getenv("TEMP") + `\::`})
+	if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
+		t.Fatalf("binds %v should have failed", bindsOrVols)
+	}
+	if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
+		t.Fatalf("binds %v should have failed", bindsOrVols)
+	}
+
+	// A whole lot of nothing
+	bindsOrVols = []string{`:`}
+	if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
+		t.Fatalf("binds %v should have failed", bindsOrVols)
+	}
+	if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
+		t.Fatalf("binds %v should have failed", bindsOrVols)
+	}
+
+	// A whole lot of nothing with no mode
+	bindsOrVols = []string{`::`}
+	if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
+		t.Fatalf("binds %v should have failed", bindsOrVols)
+	}
+	if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
+		t.Fatalf("binds %v should have failed", bindsOrVols)
+	}
+
+	// Too much including an invalid mode
+	wTmp := os.Getenv("TEMP")
+	bindsOrVols, _ = setupPlatformVolume([]string{`/tmp:/tmp:/tmp:/tmp`}, []string{wTmp + ":" + wTmp + ":" + wTmp + ":" + wTmp})
+	if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
+		t.Fatalf("binds %v should have failed", bindsOrVols)
+	}
+	if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
+		t.Fatalf("binds %v should have failed", bindsOrVols)
+	}
+
+	// Windows specific error tests
+	if runtime.GOOS == "windows" {
+		// Volume which does not include a drive letter
+		bindsOrVols = []string{`\tmp`}
+		if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
+			t.Fatalf("binds %v should have failed", bindsOrVols)
+		}
+		if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
+			t.Fatalf("binds %v should have failed", bindsOrVols)
+		}
+
+		// Root to C-Drive
+		bindsOrVols = []string{os.Getenv("SystemDrive") + `\:c:`}
+		if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
+			t.Fatalf("binds %v should have failed", bindsOrVols)
+		}
+		if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
+			t.Fatalf("binds %v should have failed", bindsOrVols)
+		}
+
+		// Container path that does not include a drive letter
+		bindsOrVols = []string{`c:\windows:\somewhere`}
+		if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
+			t.Fatalf("binds %v should have failed", bindsOrVols)
+		}
+		if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
+			t.Fatalf("binds %v should have failed", bindsOrVols)
+		}
+	}
+
+	// Linux-specific error tests
+	if runtime.GOOS != "windows" {
+		// Just root
+		bindsOrVols = []string{`/`}
+		if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
+			t.Fatalf("binds %v should have failed", bindsOrVols)
+		}
+		if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
+			t.Fatalf("binds %v should have failed", bindsOrVols)
+		}
+
+		// A single volume that looks like a bind mount passed in Volumes.
+		// This should be handled as a bind mount, not a volume.
+		vols := []string{`/foo:/bar`}
+		if config, hostConfig, err := callDecodeContainerConfig(vols, nil); err != nil {
+			t.Fatal("Volume /foo:/bar should have succeeded as a volume name")
+		} else if hostConfig.Binds != nil {
+			t.Fatalf("Error parsing volume flags, /foo:/bar should not mount-bind anything. Received %v", hostConfig.Binds)
+		} else if _, exists := config.Volumes[vols[0]]; !exists {
+			t.Fatalf("Error parsing volume flags, /foo:/bar is missing from volumes. Received %v", config.Volumes)
+		}
+
+	}
+}
+
+// callDecodeContainerConfig is a utility function used by TestDecodeContainerConfigVolumes
+// to call DecodeContainerConfig. It effectively does what a client would
+// do when calling the daemon by constructing a JSON stream of a
+// ContainerConfigWrapper which is populated by the set of volume specs
+// passed into it. It returns a config and a hostconfig which can be
+// validated to ensure DecodeContainerConfig has manipulated the structures
+// correctly.
+func callDecodeContainerConfig(volumes []string, binds []string) (*container.Config, *container.HostConfig, error) {
+	var (
+		b   []byte
+		err error
+		c   *container.Config
+		h   *container.HostConfig
+	)
+	w := runconfig.ContainerConfigWrapper{
+		Config: &container.Config{
+			Volumes: map[string]struct{}{},
+		},
+		HostConfig: &container.HostConfig{
+			NetworkMode: "none",
+			Binds:       binds,
+		},
+	}
+	for _, v := range volumes {
+		w.Config.Volumes[v] = struct{}{}
+	}
+	if b, err = json.Marshal(w); err != nil {
+		return nil, nil, fmt.Errorf("Error on marshal %s", err.Error())
+	}
+	c, h, _, err = runconfig.DecodeContainerConfig(bytes.NewReader(b))
+	if err != nil {
+		return nil, nil, fmt.Errorf("Error parsing %s: %v", string(b), err)
+	}
+	if c == nil || h == nil {
+		return nil, nil, fmt.Errorf("Empty config or hostconfig")
+	}
+
+	return c, h, err
+}
+
+// check if (a == c && b == d) || (a == d && b == c)
+// because maps are randomized
+func compareRandomizedStrings(a, b, c, d string) error {
+	if a == c && b == d {
+		return nil
+	}
+	if a == d && b == c {
+		return nil
+	}
+	return fmt.Errorf("strings don't match")
+}
+
+// setupPlatformVolume takes two arrays of volume specs - a Unix style
+// spec and a Windows style spec. Depending on the platform being unit tested,
+// it returns one of them, along with a volume string that would be passed
+// on the docker CLI (eg -v /bar -v /foo).
+func setupPlatformVolume(u []string, w []string) ([]string, string) {
+	var a []string
+	if runtime.GOOS == "windows" {
+		a = w
+	} else {
+		a = u
+	}
+	s := ""
+	for _, v := range a {
+		s = s + "-v " + v + " "
+	}
+	return a, s
+}
+
+// Simple parse with MacAddress validation
+func TestParseWithMacAddress(t *testing.T) {
+	invalidMacAddress := "--mac-address=invalidMacAddress"
+	validMacAddress := "--mac-address=92:d0:c6:0a:29:33"
+	if _, _, _, _, err := parseRun([]string{invalidMacAddress, "img", "cmd"}); err != nil && err.Error() != "invalidMacAddress is not a valid mac address" {
+		t.Fatalf("Expected an error with %v mac-address, got %v", invalidMacAddress, err)
+	}
+	if config, _ := mustParse(t, validMacAddress); config.MacAddress != "92:d0:c6:0a:29:33" {
+		t.Fatalf("Expected the config to have '92:d0:c6:0a:29:33' as MacAddress, got '%v'", config.MacAddress)
+	}
+}
+
+func TestParseWithMemory(t *testing.T) {
+	invalidMemory := "--memory=invalid"
+	validMemory := "--memory=1G"
+	if _, _, _, _, err := parseRun([]string{invalidMemory, "img", "cmd"}); err != nil && err.Error() != "invalid size: 'invalid'" {
+		t.Fatalf("Expected an error with '%v' Memory, got '%v'", invalidMemory, err)
+	}
+	if _, hostconfig := mustParse(t, validMemory); hostconfig.Memory != 1073741824 {
+		t.Fatalf("Expected the config to have '1G' as Memory, got '%v'", hostconfig.Memory)
+	}
+}
+
+func TestParseWithMemorySwap(t *testing.T) {
+	invalidMemory := "--memory-swap=invalid"
+	validMemory := "--memory-swap=1G"
+	anotherValidMemory := "--memory-swap=-1"
+	if _, _, _, _, err := parseRun([]string{invalidMemory, "img", "cmd"}); err == nil || err.Error() != "invalid size: 'invalid'" {
+		t.Fatalf("Expected an error with '%v' MemorySwap, got '%v'", invalidMemory, err)
+	}
+	if _, hostconfig := mustParse(t, validMemory); hostconfig.MemorySwap != 1073741824 {
+		t.Fatalf("Expected the config to have '1073741824' as MemorySwap, got '%v'", hostconfig.MemorySwap)
+	}
+	if _, hostconfig := mustParse(t, anotherValidMemory); hostconfig.MemorySwap != -1 {
+		t.Fatalf("Expected the config to have '-1' as MemorySwap, got '%v'", hostconfig.MemorySwap)
+	}
+}
+
+func TestParseHostname(t *testing.T) {
+	validHostnames := map[string]string{
+		"hostname":    "hostname",
+		"host-name":   "host-name",
+		"hostname123": "hostname123",
+		"123hostname": "123hostname",
+		"hostname-of-64-bytes-long-should-be-valid-and-without-any-errors": "hostname-of-64-bytes-long-should-be-valid-and-without-any-errors",
+	}
+	invalidHostnames := map[string]string{
+		"^hostname": "invalid hostname format for --hostname: ^hostname",
+		"hostname%": "invalid hostname format for --hostname: hostname%",
+		"host&name": "invalid hostname format for --hostname: host&name",
+		"-hostname": "invalid hostname format for --hostname: -hostname",
+		"host_name": "invalid hostname format for --hostname: host_name",
+		"hostname-of-65-bytes-long-should-be-invalid-and-be-given-an-error": "invalid hostname format for --hostname: hostname-of-65-bytes-long-should-be-invalid-and-be-given-an-error",
+	}
+	hostnameWithDomain := "--hostname=hostname.domainname"
+	hostnameWithDomainTld := "--hostname=hostname.domainname.tld"
+	for hostname, expectedHostname := range validHostnames {
+		if config, _ := mustParse(t, fmt.Sprintf("--hostname=%s", hostname)); config.Hostname != expectedHostname {
+			t.Fatalf("Expected the config to have 'hostname' as hostname, got '%v'", config.Hostname)
+		}
+	}
+	for hostname, expectedError := range invalidHostnames {
+		if _, _, err := parse(t, fmt.Sprintf("--hostname=%s", hostname)); err == nil || err.Error() != expectedError {
+			t.Fatalf("Expected error '%v' with '--hostname=%s', got '%s'", expectedError, hostname, err)
+		}
+	}
+	if config, _ := mustParse(t, hostnameWithDomain); config.Hostname != "hostname.domainname" && config.Domainname != "" {
+		t.Fatalf("Expected the config to have 'hostname' as hostname.domainname, got '%v'", config.Hostname)
+	}
+	if config, _ := mustParse(t, hostnameWithDomainTld); config.Hostname != "hostname.domainname.tld" && config.Domainname != "" {
+		t.Fatalf("Expected the config to have 'hostname' as hostname.domainname.tld, got '%v'", config.Hostname)
+	}
+}
+
+func TestParseWithExpose(t *testing.T) {
+	invalids := map[string]string{
+		":":                   "invalid port format for --expose: :",
+		"8080:9090":           "invalid port format for --expose: 8080:9090",
+		"/tcp":                "invalid range format for --expose: /tcp, error: Empty string specified for ports.",
+		"/udp":                "invalid range format for --expose: /udp, error: Empty string specified for ports.",
+		"NaN/tcp":             `invalid range format for --expose: NaN/tcp, error: strconv.ParseUint: parsing "NaN": invalid syntax`,
+		"NaN-NaN/tcp":         `invalid range format for --expose: NaN-NaN/tcp, error: strconv.ParseUint: parsing "NaN": invalid syntax`,
+		"8080-NaN/tcp":        `invalid range format for --expose: 8080-NaN/tcp, error: strconv.ParseUint: parsing "NaN": invalid syntax`,
+		"1234567890-8080/tcp": `invalid range format for --expose: 1234567890-8080/tcp, error: strconv.ParseUint: parsing "1234567890": value out of range`,
+	}
+	valids := map[string][]nat.Port{
+		"8080/tcp":      {"8080/tcp"},
+		"8080/udp":      {"8080/udp"},
+		"8080/ncp":      {"8080/ncp"},
+		"8080-8080/udp": {"8080/udp"},
+		"8080-8082/tcp": {"8080/tcp", "8081/tcp", "8082/tcp"},
+	}
+	for expose, expectedError := range invalids {
+		if _, _, _, _, err := parseRun([]string{fmt.Sprintf("--expose=%v", expose), "img", "cmd"}); err == nil || err.Error() != expectedError {
+			t.Fatalf("Expected error '%v' with '--expose=%v', got '%v'", expectedError, expose, err)
+		}
+	}
+	for expose, exposedPorts := range valids {
+		config, _, _, _, err := parseRun([]string{fmt.Sprintf("--expose=%v", expose), "img", "cmd"})
+		if err != nil {
+			t.Fatal(err)
+		}
+		if len(config.ExposedPorts) != len(exposedPorts) {
+			t.Fatalf("Expected %v exposed port, got %v", len(exposedPorts), len(config.ExposedPorts))
+		}
+		for _, port := range exposedPorts {
+			if _, ok := config.ExposedPorts[port]; !ok {
+				t.Fatalf("Expected %v, got %v", exposedPorts, config.ExposedPorts)
+			}
+		}
+	}
+	// Merge with actual published port
+	config, _, _, _, err := parseRun([]string{"--publish=80", "--expose=80-81/tcp", "img", "cmd"})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(config.ExposedPorts) != 2 {
+		t.Fatalf("Expected 2 exposed ports, got %v", config.ExposedPorts)
+	}
+	ports := []nat.Port{"80/tcp", "81/tcp"}
+	for _, port := range ports {
+		if _, ok := config.ExposedPorts[port]; !ok {
+			t.Fatalf("Expected %v, got %v", ports, config.ExposedPorts)
+		}
+	}
+}
+
+func TestParseDevice(t *testing.T) {
+	valids := map[string]container.DeviceMapping{
+		"/dev/snd": {
+			PathOnHost:        "/dev/snd",
+			PathInContainer:   "/dev/snd",
+			CgroupPermissions: "rwm",
+		},
+		"/dev/snd:rw": {
+			PathOnHost:        "/dev/snd",
+			PathInContainer:   "/dev/snd",
+			CgroupPermissions: "rw",
+		},
+		"/dev/snd:/something": {
+			PathOnHost:        "/dev/snd",
+			PathInContainer:   "/something",
+			CgroupPermissions: "rwm",
+		},
+		"/dev/snd:/something:rw": {
+			PathOnHost:        "/dev/snd",
+			PathInContainer:   "/something",
+			CgroupPermissions: "rw",
+		},
+	}
+	for device, deviceMapping := range valids {
+		_, hostconfig, _, _, err := parseRun([]string{fmt.Sprintf("--device=%v", device), "img", "cmd"})
+		if err != nil {
+			t.Fatal(err)
+		}
+		if len(hostconfig.Devices) != 1 {
+			t.Fatalf("Expected 1 devices, got %v", hostconfig.Devices)
+		}
+		if hostconfig.Devices[0] != deviceMapping {
+			t.Fatalf("Expected %v, got %v", deviceMapping, hostconfig.Devices)
+		}
+	}
+
+}
+
+func TestParseModes(t *testing.T) {
+	// ipc ko
+	if _, _, _, _, err := parseRun([]string{"--ipc=container:", "img", "cmd"}); err == nil || err.Error() != "--ipc: invalid IPC mode" {
+		t.Fatalf("Expected an error with message '--ipc: invalid IPC mode', got %v", err)
+	}
+	// ipc ok
+	_, hostconfig, _, _, err := parseRun([]string{"--ipc=host", "img", "cmd"})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !hostconfig.IpcMode.Valid() {
+		t.Fatalf("Expected a valid IpcMode, got %v", hostconfig.IpcMode)
+	}
+	// pid ko
+	if _, _, _, _, err := parseRun([]string{"--pid=container:", "img", "cmd"}); err == nil || err.Error() != "--pid: invalid PID mode" {
+		t.Fatalf("Expected an error with message '--pid: invalid PID mode', got %v", err)
+	}
+	// pid ok
+	_, hostconfig, _, _, err = parseRun([]string{"--pid=host", "img", "cmd"})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !hostconfig.PidMode.Valid() {
+		t.Fatalf("Expected a valid PidMode, got %v", hostconfig.PidMode)
+	}
+	// uts ko
+	if _, _, _, _, err := parseRun([]string{"--uts=container:", "img", "cmd"}); err == nil || err.Error() != "--uts: invalid UTS mode" {
+		t.Fatalf("Expected an error with message '--uts: invalid UTS mode', got %v", err)
+	}
+	// uts ok
+	_, hostconfig, _, _, err = parseRun([]string{"--uts=host", "img", "cmd"})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !hostconfig.UTSMode.Valid() {
+		t.Fatalf("Expected a valid UTSMode, got %v", hostconfig.UTSMode)
+	}
+	// shm-size ko
+	if _, _, _, _, err = parseRun([]string{"--shm-size=a128m", "img", "cmd"}); err == nil || err.Error() != "invalid size: 'a128m'" {
+		t.Fatalf("Expected an error with message 'invalid size: a128m', got %v", err)
+	}
+	// shm-size ok
+	_, hostconfig, _, _, err = parseRun([]string{"--shm-size=128m", "img", "cmd"})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if hostconfig.ShmSize != 134217728 {
+		t.Fatalf("Expected a valid ShmSize, got %d", hostconfig.ShmSize)
+	}
+}
+
+func TestParseRestartPolicy(t *testing.T) {
+	invalids := map[string]string{
+		"something":          "invalid restart policy something",
+		"always:2":           "maximum restart count not valid with restart policy of \"always\"",
+		"always:2:3":         "maximum restart count not valid with restart policy of \"always\"",
+		"on-failure:invalid": `strconv.ParseInt: parsing "invalid": invalid syntax`,
+		"on-failure:2:5":     "restart count format is not valid, usage: 'on-failure:N' or 'on-failure'",
+	}
+	valids := map[string]container.RestartPolicy{
+		"": {},
+		"always": {
+			Name:              "always",
+			MaximumRetryCount: 0,
+		},
+		"on-failure:1": {
+			Name:              "on-failure",
+			MaximumRetryCount: 1,
+		},
+	}
+	for restart, expectedError := range invalids {
+		if _, _, _, _, err := parseRun([]string{fmt.Sprintf("--restart=%s", restart), "img", "cmd"}); err == nil || err.Error() != expectedError {
+			t.Fatalf("Expected an error with message '%v' for %v, got %v", expectedError, restart, err)
+		}
+	}
+	for restart, expected := range valids {
+		_, hostconfig, _, _, err := parseRun([]string{fmt.Sprintf("--restart=%v", restart), "img", "cmd"})
+		if err != nil {
+			t.Fatal(err)
+		}
+		if hostconfig.RestartPolicy != expected {
+			t.Fatalf("Expected %v, got %v", expected, hostconfig.RestartPolicy)
+		}
+	}
+}
+
+func TestParseLoggingOpts(t *testing.T) {
+	// logging opts ko
+	if _, _, _, _, err := parseRun([]string{"--log-driver=none", "--log-opt=anything", "img", "cmd"}); err == nil || err.Error() != "invalid logging opts for driver none" {
+		t.Fatalf("Expected an error with message 'invalid logging opts for driver none', got %v", err)
+	}
+	// logging opts ok
+	_, hostconfig, _, _, err := parseRun([]string{"--log-driver=syslog", "--log-opt=something", "img", "cmd"})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if hostconfig.LogConfig.Type != "syslog" || len(hostconfig.LogConfig.Config) != 1 {
+		t.Fatalf("Expected a 'syslog' LogConfig with one config, got %v", hostconfig.RestartPolicy)
+	}
+}
+
+func TestParseEnvfileVariables(t *testing.T) {
+	e := "open nonexistent: no such file or directory"
+	if runtime.GOOS == "windows" {
+		e = "open nonexistent: The system cannot find the file specified."
+	}
+	// env ko
+	if _, _, _, _, err := parseRun([]string{"--env-file=nonexistent", "img", "cmd"}); err == nil || err.Error() != e {
+		t.Fatalf("Expected an error with message '%s', got %v", e, err)
+	}
+	// env ok
+	config, _, _, _, err := parseRun([]string{"--env-file=fixtures/valid.env", "img", "cmd"})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(config.Env) != 1 || config.Env[0] != "ENV1=value1" {
+		t.Fatalf("Expected a a config with [ENV1=value1], got %v", config.Env)
+	}
+	config, _, _, _, err = parseRun([]string{"--env-file=fixtures/valid.env", "--env=ENV2=value2", "img", "cmd"})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(config.Env) != 2 || config.Env[0] != "ENV1=value1" || config.Env[1] != "ENV2=value2" {
+		t.Fatalf("Expected a a config with [ENV1=value1 ENV2=value2], got %v", config.Env)
+	}
+}
+
+func TestParseLabelfileVariables(t *testing.T) {
+	e := "open nonexistent: no such file or directory"
+	if runtime.GOOS == "windows" {
+		e = "open nonexistent: The system cannot find the file specified."
+	}
+	// label ko
+	if _, _, _, _, err := parseRun([]string{"--label-file=nonexistent", "img", "cmd"}); err == nil || err.Error() != e {
+		t.Fatalf("Expected an error with message '%s', got %v", e, err)
+	}
+	// label ok
+	config, _, _, _, err := parseRun([]string{"--label-file=fixtures/valid.label", "img", "cmd"})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(config.Labels) != 1 || config.Labels["LABEL1"] != "value1" {
+		t.Fatalf("Expected a a config with [LABEL1:value1], got %v", config.Labels)
+	}
+	config, _, _, _, err = parseRun([]string{"--label-file=fixtures/valid.label", "--label=LABEL2=value2", "img", "cmd"})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(config.Labels) != 2 || config.Labels["LABEL1"] != "value1" || config.Labels["LABEL2"] != "value2" {
+		t.Fatalf("Expected a a config with [LABEL1:value1 LABEL2:value2], got %v", config.Labels)
+	}
+}
+
+func TestParseEntryPoint(t *testing.T) {
+	config, _, _, _, err := parseRun([]string{"--entrypoint=anything", "cmd", "img"})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(config.Entrypoint) != 1 && config.Entrypoint[0] != "anything" {
+		t.Fatalf("Expected entrypoint 'anything', got %v", config.Entrypoint)
+	}
+}
+
+func TestValidateLink(t *testing.T) {
+	valid := []string{
+		"name",
+		"dcdfbe62ecd0:alias",
+		"7a67485460b7642516a4ad82ecefe7f57d0c4916f530561b71a50a3f9c4e33da",
+		"angry_torvalds:linus",
+	}
+	invalid := map[string]string{
+		"":               "empty string specified for links",
+		"too:much:of:it": "bad format for links: too:much:of:it",
+	}
+
+	for _, link := range valid {
+		if _, err := ValidateLink(link); err != nil {
+			t.Fatalf("ValidateLink(`%q`) should succeed: error %q", link, err)
+		}
+	}
+
+	for link, expectedError := range invalid {
+		if _, err := ValidateLink(link); err == nil {
+			t.Fatalf("ValidateLink(`%q`) should have failed validation", link)
+		} else {
+			if !strings.Contains(err.Error(), expectedError) {
+				t.Fatalf("ValidateLink(`%q`) error should contain %q", link, expectedError)
+			}
+		}
+	}
+}
+
+func TestParseLink(t *testing.T) {
+	name, alias, err := ParseLink("name:alias")
+	if err != nil {
+		t.Fatalf("Expected not to error out on a valid name:alias format but got: %v", err)
+	}
+	if name != "name" {
+		t.Fatalf("Link name should have been name, got %s instead", name)
+	}
+	if alias != "alias" {
+		t.Fatalf("Link alias should have been alias, got %s instead", alias)
+	}
+	// short format definition
+	name, alias, err = ParseLink("name")
+	if err != nil {
+		t.Fatalf("Expected not to error out on a valid name only format but got: %v", err)
+	}
+	if name != "name" {
+		t.Fatalf("Link name should have been name, got %s instead", name)
+	}
+	if alias != "name" {
+		t.Fatalf("Link alias should have been name, got %s instead", alias)
+	}
+	// empty string link definition is not allowed
+	if _, _, err := ParseLink(""); err == nil || !strings.Contains(err.Error(), "empty string specified for links") {
+		t.Fatalf("Expected error 'empty string specified for links' but got: %v", err)
+	}
+	// more than two colons are not allowed
+	if _, _, err := ParseLink("link:alias:wrong"); err == nil || !strings.Contains(err.Error(), "bad format for links: link:alias:wrong") {
+		t.Fatalf("Expected error 'bad format for links: link:alias:wrong' but got: %v", err)
+	}
+}
+
+func TestValidateDevice(t *testing.T) {
+	valid := []string{
+		"/home",
+		"/home:/home",
+		"/home:/something/else",
+		"/with space",
+		"/home:/with space",
+		"relative:/absolute-path",
+		"hostPath:/containerPath:r",
+		"/hostPath:/containerPath:rw",
+		"/hostPath:/containerPath:mrw",
+	}
+	invalid := map[string]string{
+		"":        "bad format for path: ",
+		"./":      "./ is not an absolute path",
+		"../":     "../ is not an absolute path",
+		"/:../":   "../ is not an absolute path",
+		"/:path":  "path is not an absolute path",
+		":":       "bad format for path: :",
+		"/tmp:":   " is not an absolute path",
+		":test":   "bad format for path: :test",
+		":/test":  "bad format for path: :/test",
+		"tmp:":    " is not an absolute path",
+		":test:":  "bad format for path: :test:",
+		"::":      "bad format for path: ::",
+		":::":     "bad format for path: :::",
+		"/tmp:::": "bad format for path: /tmp:::",
+		":/tmp::": "bad format for path: :/tmp::",
+		"path:ro": "ro is not an absolute path",
+		"path:rr": "rr is not an absolute path",
+		"a:/b:ro": "bad mode specified: ro",
+		"a:/b:rr": "bad mode specified: rr",
+	}
+
+	for _, path := range valid {
+		if _, err := ValidateDevice(path); err != nil {
+			t.Fatalf("ValidateDevice(`%q`) should succeed: error %q", path, err)
+		}
+	}
+
+	for path, expectedError := range invalid {
+		if _, err := ValidateDevice(path); err == nil {
+			t.Fatalf("ValidateDevice(`%q`) should have failed validation", path)
+		} else {
+			if err.Error() != expectedError {
+				t.Fatalf("ValidateDevice(`%q`) error should contain %q, got %q", path, expectedError, err.Error())
+			}
+		}
+	}
+}
+
+func TestVolumeSplitN(t *testing.T) {
+	for _, x := range []struct {
+		input    string
+		n        int
+		expected []string
+	}{
+		{`C:\foo:d:`, -1, []string{`C:\foo`, `d:`}},
+		{`:C:\foo:d:`, -1, nil},
+		{`/foo:/bar:ro`, 3, []string{`/foo`, `/bar`, `ro`}},
+		{`/foo:/bar:ro`, 2, []string{`/foo`, `/bar:ro`}},
+		{`C:\foo\:/foo`, -1, []string{`C:\foo\`, `/foo`}},
+
+		{`d:\`, -1, []string{`d:\`}},
+		{`d:`, -1, []string{`d:`}},
+		{`d:\path`, -1, []string{`d:\path`}},
+		{`d:\path with space`, -1, []string{`d:\path with space`}},
+		{`d:\pathandmode:rw`, -1, []string{`d:\pathandmode`, `rw`}},
+		{`c:\:d:\`, -1, []string{`c:\`, `d:\`}},
+		{`c:\windows\:d:`, -1, []string{`c:\windows\`, `d:`}},
+		{`c:\windows:d:\s p a c e`, -1, []string{`c:\windows`, `d:\s p a c e`}},
+		{`c:\windows:d:\s p a c e:RW`, -1, []string{`c:\windows`, `d:\s p a c e`, `RW`}},
+		{`c:\program files:d:\s p a c e i n h o s t d i r`, -1, []string{`c:\program files`, `d:\s p a c e i n h o s t d i r`}},
+		{`0123456789name:d:`, -1, []string{`0123456789name`, `d:`}},
+		{`MiXeDcAsEnAmE:d:`, -1, []string{`MiXeDcAsEnAmE`, `d:`}},
+		{`name:D:`, -1, []string{`name`, `D:`}},
+		{`name:D::rW`, -1, []string{`name`, `D:`, `rW`}},
+		{`name:D::RW`, -1, []string{`name`, `D:`, `RW`}},
+		{`c:/:d:/forward/slashes/are/good/too`, -1, []string{`c:/`, `d:/forward/slashes/are/good/too`}},
+		{`c:\Windows`, -1, []string{`c:\Windows`}},
+		{`c:\Program Files (x86)`, -1, []string{`c:\Program Files (x86)`}},
+
+		{``, -1, nil},
+		{`.`, -1, []string{`.`}},
+		{`..\`, -1, []string{`..\`}},
+		{`c:\:..\`, -1, []string{`c:\`, `..\`}},
+		{`c:\:d:\:xyzzy`, -1, []string{`c:\`, `d:\`, `xyzzy`}},
+
+		// Cover directories with one-character name
+		{`/tmp/x/y:/foo/x/y`, -1, []string{`/tmp/x/y`, `/foo/x/y`}},
+	} {
+		res := volumeSplitN(x.input, x.n)
+		if len(res) < len(x.expected) {
+			t.Fatalf("input: %v, expected: %v, got: %v", x.input, x.expected, res)
+		}
+		for i, e := range res {
+			if e != x.expected[i] {
+				t.Fatalf("input: %v, expected: %v, got: %v", x.input, x.expected, res)
+			}
+		}
+	}
+}
diff --git a/runconfig/opts/throttledevice.go b/runconfig/opts/throttledevice.go
new file mode 100644
index 00000000..acb00ed5
--- /dev/null
+++ b/runconfig/opts/throttledevice.go
@@ -0,0 +1,108 @@
+package opts
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+
+	"github.com/docker/engine-api/types/blkiodev"
+	"github.com/docker/go-units"
+)
+
+// ValidatorThrottleFctType defines a validator function that returns a validated struct and/or an error.
+type ValidatorThrottleFctType func(val string) (*blkiodev.ThrottleDevice, error)
+
+// ValidateThrottleBpsDevice validates that the specified string has a valid device-rate format.
+func ValidateThrottleBpsDevice(val string) (*blkiodev.ThrottleDevice, error) {
+	split := strings.SplitN(val, ":", 2)
+	if len(split) != 2 {
+		return nil, fmt.Errorf("bad format: %s", val)
+	}
+	if !strings.HasPrefix(split[0], "/dev/") {
+		return nil, fmt.Errorf("bad format for device path: %s", val)
+	}
+	rate, err := units.RAMInBytes(split[1])
+	if err != nil {
+		return nil, fmt.Errorf("invalid rate for device: %s. The correct format is <device-path>:<number>[<unit>]. Number must be a positive integer. Unit is optional and can be kb, mb, or gb", val)
+	}
+	if rate < 0 {
+		return nil, fmt.Errorf("invalid rate for device: %s. The correct format is <device-path>:<number>[<unit>]. Number must be a positive integer. Unit is optional and can be kb, mb, or gb", val)
+	}
+
+	return &blkiodev.ThrottleDevice{
+		Path: split[0],
+		Rate: uint64(rate),
+	}, nil
+}
+
+// ValidateThrottleIOpsDevice validates that the specified string has a valid device-rate format.
+func ValidateThrottleIOpsDevice(val string) (*blkiodev.ThrottleDevice, error) {
+	split := strings.SplitN(val, ":", 2)
+	if len(split) != 2 {
+		return nil, fmt.Errorf("bad format: %s", val)
+	}
+	if !strings.HasPrefix(split[0], "/dev/") {
+		return nil, fmt.Errorf("bad format for device path: %s", val)
+	}
+	rate, err := strconv.ParseUint(split[1], 10, 64)
+	if err != nil {
+		return nil, fmt.Errorf("invalid rate for device: %s. The correct format is <device-path>:<number>. Number must be a positive integer", val)
+	}
+	if rate < 0 {
+		return nil, fmt.Errorf("invalid rate for device: %s. The correct format is <device-path>:<number>. Number must be a positive integer", val)
+	}
+
+	return &blkiodev.ThrottleDevice{
+		Path: split[0],
+		Rate: uint64(rate),
+	}, nil
+}
+
+// ThrottledeviceOpt defines a map of ThrottleDevices
+type ThrottledeviceOpt struct {
+	values    []*blkiodev.ThrottleDevice
+	validator ValidatorThrottleFctType
+}
+
+// NewThrottledeviceOpt creates a new ThrottledeviceOpt
+func NewThrottledeviceOpt(validator ValidatorThrottleFctType) ThrottledeviceOpt {
+	values := []*blkiodev.ThrottleDevice{}
+	return ThrottledeviceOpt{
+		values:    values,
+		validator: validator,
+	}
+}
+
+// Set validates a ThrottleDevice and sets its name as a key in ThrottledeviceOpt
+func (opt *ThrottledeviceOpt) Set(val string) error {
+	var value *blkiodev.ThrottleDevice
+	if opt.validator != nil {
+		v, err := opt.validator(val)
+		if err != nil {
+			return err
+		}
+		value = v
+	}
+	(opt.values) = append((opt.values), value)
+	return nil
+}
+
+// String returns ThrottledeviceOpt values as a string.
+func (opt *ThrottledeviceOpt) String() string {
+	var out []string
+	for _, v := range opt.values {
+		out = append(out, v.String())
+	}
+
+	return fmt.Sprintf("%v", out)
+}
+
+// GetList returns a slice of pointers to ThrottleDevices.
+func (opt *ThrottledeviceOpt) GetList() []*blkiodev.ThrottleDevice {
+	var throttledevice []*blkiodev.ThrottleDevice
+	for _, v := range opt.values {
+		throttledevice = append(throttledevice, v)
+	}
+
+	return throttledevice
+}
diff --git a/runconfig/opts/ulimit.go b/runconfig/opts/ulimit.go
new file mode 100644
index 00000000..0aec91f1
--- /dev/null
+++ b/runconfig/opts/ulimit.go
@@ -0,0 +1,52 @@
+package opts
+
+import (
+	"fmt"
+
+	"github.com/docker/go-units"
+)
+
+// UlimitOpt defines a map of Ulimits
+type UlimitOpt struct {
+	values *map[string]*units.Ulimit
+}
+
+// NewUlimitOpt creates a new UlimitOpt
+func NewUlimitOpt(ref *map[string]*units.Ulimit) *UlimitOpt {
+	if ref == nil {
+		ref = &map[string]*units.Ulimit{}
+	}
+	return &UlimitOpt{ref}
+}
+
+// Set validates a Ulimit and sets its name as a key in UlimitOpt
+func (o *UlimitOpt) Set(val string) error {
+	l, err := units.ParseUlimit(val)
+	if err != nil {
+		return err
+	}
+
+	(*o.values)[l.Name] = l
+
+	return nil
+}
+
+// String returns Ulimit values as a string.
+func (o *UlimitOpt) String() string {
+	var out []string
+	for _, v := range *o.values {
+		out = append(out, v.String())
+	}
+
+	return fmt.Sprintf("%v", out)
+}
+
+// GetList returns a slice of pointers to Ulimits.
+func (o *UlimitOpt) GetList() []*units.Ulimit {
+	var ulimits []*units.Ulimit
+	for _, v := range *o.values {
+		ulimits = append(ulimits, v)
+	}
+
+	return ulimits
+}
diff --git a/runconfig/opts/ulimit_test.go b/runconfig/opts/ulimit_test.go
new file mode 100644
index 00000000..0aa3facd
--- /dev/null
+++ b/runconfig/opts/ulimit_test.go
@@ -0,0 +1,42 @@
+package opts
+
+import (
+	"testing"
+
+	"github.com/docker/go-units"
+)
+
+func TestUlimitOpt(t *testing.T) {
+	ulimitMap := map[string]*units.Ulimit{
+		"nofile": {"nofile", 1024, 512},
+	}
+
+	ulimitOpt := NewUlimitOpt(&ulimitMap)
+
+	expected := "[nofile=512:1024]"
+	if ulimitOpt.String() != expected {
+		t.Fatalf("Expected %v, got %v", expected, ulimitOpt)
+	}
+
+	// Valid ulimit append to opts
+	if err := ulimitOpt.Set("core=1024:1024"); err != nil {
+		t.Fatal(err)
+	}
+
+	// Invalid ulimit type returns an error and do not append to opts
+	if err := ulimitOpt.Set("notavalidtype=1024:1024"); err == nil {
+		t.Fatalf("Expected error on invalid ulimit type")
+	}
+	expected = "[nofile=512:1024 core=1024:1024]"
+	expected2 := "[core=1024:1024 nofile=512:1024]"
+	result := ulimitOpt.String()
+	if result != expected && result != expected2 {
+		t.Fatalf("Expected %v or %v, got %v", expected, expected2, ulimitOpt)
+	}
+
+	// And test GetList
+	ulimits := ulimitOpt.GetList()
+	if len(ulimits) != 2 {
+		t.Fatalf("Expected a ulimit list of 2, got %v", ulimits)
+	}
+}
diff --git a/runconfig/opts/weightdevice.go b/runconfig/opts/weightdevice.go
new file mode 100644
index 00000000..bd3c0b17
--- /dev/null
+++ b/runconfig/opts/weightdevice.go
@@ -0,0 +1,84 @@
+package opts
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+
+	"github.com/docker/engine-api/types/blkiodev"
+)
+
+// ValidatorWeightFctType defines a validator function that returns a validated struct and/or an error.
+type ValidatorWeightFctType func(val string) (*blkiodev.WeightDevice, error)
+
+// ValidateWeightDevice validates that the specified string has a valid device-weight format.
+func ValidateWeightDevice(val string) (*blkiodev.WeightDevice, error) {
+	split := strings.SplitN(val, ":", 2)
+	if len(split) != 2 {
+		return nil, fmt.Errorf("bad format: %s", val)
+	}
+	if !strings.HasPrefix(split[0], "/dev/") {
+		return nil, fmt.Errorf("bad format for device path: %s", val)
+	}
+	weight, err := strconv.ParseUint(split[1], 10, 0)
+	if err != nil {
+		return nil, fmt.Errorf("invalid weight for device: %s", val)
+	}
+	if weight > 0 && (weight < 10 || weight > 1000) {
+		return nil, fmt.Errorf("invalid weight for device: %s", val)
+	}
+
+	return &blkiodev.WeightDevice{
+		Path:   split[0],
+		Weight: uint16(weight),
+	}, nil
+}
+
+// WeightdeviceOpt defines a map of WeightDevices
+type WeightdeviceOpt struct {
+	values    []*blkiodev.WeightDevice
+	validator ValidatorWeightFctType
+}
+
+// NewWeightdeviceOpt creates a new WeightdeviceOpt
+func NewWeightdeviceOpt(validator ValidatorWeightFctType) WeightdeviceOpt {
+	values := []*blkiodev.WeightDevice{}
+	return WeightdeviceOpt{
+		values:    values,
+		validator: validator,
+	}
+}
+
+// Set validates a WeightDevice and sets its name as a key in WeightdeviceOpt
+func (opt *WeightdeviceOpt) Set(val string) error {
+	var value *blkiodev.WeightDevice
+	if opt.validator != nil {
+		v, err := opt.validator(val)
+		if err != nil {
+			return err
+		}
+		value = v
+	}
+	(opt.values) = append((opt.values), value)
+	return nil
+}
+
+// String returns WeightdeviceOpt values as a string.
+func (opt *WeightdeviceOpt) String() string {
+	var out []string
+	for _, v := range opt.values {
+		out = append(out, v.String())
+	}
+
+	return fmt.Sprintf("%v", out)
+}
+
+// GetList returns a slice of pointers to WeightDevices.
+func (opt *WeightdeviceOpt) GetList() []*blkiodev.WeightDevice {
+	var weightdevice []*blkiodev.WeightDevice
+	for _, v := range opt.values {
+		weightdevice = append(weightdevice, v)
+	}
+
+	return weightdevice
+}
diff --git a/runconfig/streams.go b/runconfig/streams.go
new file mode 100644
index 00000000..548c7826
--- /dev/null
+++ b/runconfig/streams.go
@@ -0,0 +1,109 @@
+package runconfig
+
+import (
+	"fmt"
+	"io"
+	"io/ioutil"
+	"strings"
+	"sync"
+
+	"github.com/docker/docker/pkg/broadcaster"
+	"github.com/docker/docker/pkg/ioutils"
+)
+
+// StreamConfig holds information about I/O streams managed together.
+//
+// streamConfig.StdinPipe returns a WriteCloser which can be used to feed data
+// to the standard input of the streamConfig's active process.
+// streamConfig.StdoutPipe and streamConfig.StderrPipe each return a ReadCloser
+// which can be used to retrieve the standard output (and error) generated
+// by the container's active process. The output (and error) are actually
+// copied and delivered to all StdoutPipe and StderrPipe consumers, using
+// a kind of "broadcaster".
+type StreamConfig struct {
+	sync.WaitGroup
+	stdout    *broadcaster.Unbuffered
+	stderr    *broadcaster.Unbuffered
+	stdin     io.ReadCloser
+	stdinPipe io.WriteCloser
+}
+
+// NewStreamConfig creates a stream config and initializes
+// the standard err and standard out to new unbuffered broadcasters.
+func NewStreamConfig() *StreamConfig {
+	return &StreamConfig{
+		stderr: new(broadcaster.Unbuffered),
+		stdout: new(broadcaster.Unbuffered),
+	}
+}
+
+// Stdout returns the standard output in the configuration.
+func (streamConfig *StreamConfig) Stdout() *broadcaster.Unbuffered {
+	return streamConfig.stdout
+}
+
+// Stderr returns the standard error in the configuration.
+func (streamConfig *StreamConfig) Stderr() *broadcaster.Unbuffered {
+	return streamConfig.stderr
+}
+
+// Stdin returns the standard input in the configuration.
+func (streamConfig *StreamConfig) Stdin() io.ReadCloser {
+	return streamConfig.stdin
+}
+
+// StdinPipe returns an input writer pipe as an io.WriteCloser.
+func (streamConfig *StreamConfig) StdinPipe() io.WriteCloser {
+	return streamConfig.stdinPipe
+}
+
+// StdoutPipe creates a new io.ReadCloser with an empty bytes pipe.
+// It adds this new out pipe to the Stdout broadcaster.
+func (streamConfig *StreamConfig) StdoutPipe() io.ReadCloser {
+	bytesPipe := ioutils.NewBytesPipe(nil)
+	streamConfig.stdout.Add(bytesPipe)
+	return bytesPipe
+}
+
+// StderrPipe creates a new io.ReadCloser with an empty bytes pipe.
+// It adds this new err pipe to the Stderr broadcaster.
+func (streamConfig *StreamConfig) StderrPipe() io.ReadCloser {
+	bytesPipe := ioutils.NewBytesPipe(nil)
+	streamConfig.stderr.Add(bytesPipe)
+	return bytesPipe
+}
+
+// NewInputPipes creates new pipes for both standard inputs, Stdin and StdinPipe.
+func (streamConfig *StreamConfig) NewInputPipes() {
+	streamConfig.stdin, streamConfig.stdinPipe = io.Pipe()
+}
+
+// NewNopInputPipe creates a new input pipe that will silently drop all messages in the input.
+func (streamConfig *StreamConfig) NewNopInputPipe() {
+	streamConfig.stdinPipe = ioutils.NopWriteCloser(ioutil.Discard)
+}
+
+// CloseStreams ensures that the configured streams are properly closed.
+func (streamConfig *StreamConfig) CloseStreams() error {
+	var errors []string
+
+	if streamConfig.stdin != nil {
+		if err := streamConfig.stdin.Close(); err != nil {
+			errors = append(errors, fmt.Sprintf("error close stdin: %s", err))
+		}
+	}
+
+	if err := streamConfig.stdout.Clean(); err != nil {
+		errors = append(errors, fmt.Sprintf("error close stdout: %s", err))
+	}
+
+	if err := streamConfig.stderr.Clean(); err != nil {
+		errors = append(errors, fmt.Sprintf("error close stderr: %s", err))
+	}
+
+	if len(errors) > 0 {
+		return fmt.Errorf(strings.Join(errors, "\n"))
+	}
+
+	return nil
+}
diff --git a/utils/debug.go b/utils/debug.go
new file mode 100644
index 00000000..d2038911
--- /dev/null
+++ b/utils/debug.go
@@ -0,0 +1,26 @@
+package utils
+
+import (
+	"os"
+
+	"github.com/Sirupsen/logrus"
+)
+
+// EnableDebug sets the DEBUG env var to true
+// and makes the logger to log at debug level.
+func EnableDebug() {
+	os.Setenv("DEBUG", "1")
+	logrus.SetLevel(logrus.DebugLevel)
+}
+
+// DisableDebug sets the DEBUG env var to false
+// and makes the logger to log at info level.
+func DisableDebug() {
+	os.Setenv("DEBUG", "")
+	logrus.SetLevel(logrus.InfoLevel)
+}
+
+// IsDebugEnabled checks whether the debug flag is set or not.
+func IsDebugEnabled() bool {
+	return os.Getenv("DEBUG") != ""
+}
diff --git a/utils/debug_test.go b/utils/debug_test.go
new file mode 100644
index 00000000..6f9c4dfb
--- /dev/null
+++ b/utils/debug_test.go
@@ -0,0 +1,43 @@
+package utils
+
+import (
+	"os"
+	"testing"
+
+	"github.com/Sirupsen/logrus"
+)
+
+func TestEnableDebug(t *testing.T) {
+	defer func() {
+		os.Setenv("DEBUG", "")
+		logrus.SetLevel(logrus.InfoLevel)
+	}()
+	EnableDebug()
+	if os.Getenv("DEBUG") != "1" {
+		t.Fatalf("expected DEBUG=1, got %s\n", os.Getenv("DEBUG"))
+	}
+	if logrus.GetLevel() != logrus.DebugLevel {
+		t.Fatalf("expected log level %v, got %v\n", logrus.DebugLevel, logrus.GetLevel())
+	}
+}
+
+func TestDisableDebug(t *testing.T) {
+	DisableDebug()
+	if os.Getenv("DEBUG") != "" {
+		t.Fatalf("expected DEBUG=\"\", got %s\n", os.Getenv("DEBUG"))
+	}
+	if logrus.GetLevel() != logrus.InfoLevel {
+		t.Fatalf("expected log level %v, got %v\n", logrus.InfoLevel, logrus.GetLevel())
+	}
+}
+
+func TestDebugEnabled(t *testing.T) {
+	EnableDebug()
+	if !IsDebugEnabled() {
+		t.Fatal("expected debug enabled, got false")
+	}
+	DisableDebug()
+	if IsDebugEnabled() {
+		t.Fatal("expected debug disabled, got true")
+	}
+}
diff --git a/utils/experimental.go b/utils/experimental.go
new file mode 100644
index 00000000..ceed0cb3
--- /dev/null
+++ b/utils/experimental.go
@@ -0,0 +1,9 @@
+// +build experimental
+
+package utils
+
+// ExperimentalBuild is a stub which always returns true for
+// builds that include the "experimental" build tag
+func ExperimentalBuild() bool {
+	return true
+}
diff --git a/utils/names.go b/utils/names.go
new file mode 100644
index 00000000..8239c0de
--- /dev/null
+++ b/utils/names.go
@@ -0,0 +1,12 @@
+package utils
+
+import "regexp"
+
+// RestrictedNameChars collects the characters allowed to represent a name, normally used to validate container and volume names.
+const RestrictedNameChars = `[a-zA-Z0-9][a-zA-Z0-9_.-]`
+
+// RestrictedNamePattern is a regular expression to validate names against the collection of restricted characters.
+var RestrictedNamePattern = regexp.MustCompile(`^/?` + RestrictedNameChars + `+$`)
+
+// RestrictedVolumeNamePattern is a regular expression to validate volume names against the collection of restricted characters.
+var RestrictedVolumeNamePattern = regexp.MustCompile(`^` + RestrictedNameChars + `+$`)
diff --git a/utils/process_unix.go b/utils/process_unix.go
new file mode 100644
index 00000000..bdb1b46b
--- /dev/null
+++ b/utils/process_unix.go
@@ -0,0 +1,22 @@
+// +build linux freebsd
+
+package utils
+
+import (
+	"syscall"
+)
+
+// IsProcessAlive returns true if process with a given pid is running.
+func IsProcessAlive(pid int) bool {
+	err := syscall.Kill(pid, syscall.Signal(0))
+	if err == nil || err == syscall.EPERM {
+		return true
+	}
+
+	return false
+}
+
+// KillProcess force-stops a process.
+func KillProcess(pid int) {
+	syscall.Kill(pid, syscall.SIGKILL)
+}
diff --git a/utils/process_windows.go b/utils/process_windows.go
new file mode 100644
index 00000000..03cb8551
--- /dev/null
+++ b/utils/process_windows.go
@@ -0,0 +1,20 @@
+package utils
+
+// IsProcessAlive returns true if process with a given pid is running.
+func IsProcessAlive(pid int) bool {
+	// TODO Windows containerd. Not sure this is needed
+	//	p, err := os.FindProcess(pid)
+	//	if err == nil {
+	//		return true
+	//	}
+	return false
+}
+
+// KillProcess force-stops a process.
+func KillProcess(pid int) {
+	// TODO Windows containerd. Not sure this is needed
+	//	p, err := os.FindProcess(pid)
+	//	if err == nil {
+	//		p.Kill()
+	//	}
+}
diff --git a/utils/stubs.go b/utils/stubs.go
new file mode 100644
index 00000000..8a496d39
--- /dev/null
+++ b/utils/stubs.go
@@ -0,0 +1,9 @@
+// +build !experimental
+
+package utils
+
+// ExperimentalBuild is a stub which always returns false for
+// builds that do not include the "experimental" build tag
+func ExperimentalBuild() bool {
+	return false
+}
diff --git a/utils/templates/templates.go b/utils/templates/templates.go
new file mode 100644
index 00000000..749da3d5
--- /dev/null
+++ b/utils/templates/templates.go
@@ -0,0 +1,33 @@
+package templates
+
+import (
+	"encoding/json"
+	"strings"
+	"text/template"
+)
+
+// basicFunctions are the set of initial
+// functions provided to every template.
+var basicFunctions = template.FuncMap{
+	"json": func(v interface{}) string {
+		a, _ := json.Marshal(v)
+		return string(a)
+	},
+	"split": strings.Split,
+	"join":  strings.Join,
+	"title": strings.Title,
+	"lower": strings.ToLower,
+	"upper": strings.ToUpper,
+}
+
+// Parse creates a new annonymous template with the basic functions
+// and parses the given format.
+func Parse(format string) (*template.Template, error) {
+	return NewParse("", format)
+}
+
+// NewParse creates a new tagged template with the basic functions
+// and parses the given format.
+func NewParse(tag, format string) (*template.Template, error) {
+	return template.New(tag).Funcs(basicFunctions).Parse(format)
+}
diff --git a/utils/templates/templates_test.go b/utils/templates/templates_test.go
new file mode 100644
index 00000000..dd42901a
--- /dev/null
+++ b/utils/templates/templates_test.go
@@ -0,0 +1,38 @@
+package templates
+
+import (
+	"bytes"
+	"testing"
+)
+
+func TestParseStringFunctions(t *testing.T) {
+	tm, err := Parse(`{{join (split . ":") "/"}}`)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	var b bytes.Buffer
+	if err := tm.Execute(&b, "text:with:colon"); err != nil {
+		t.Fatal(err)
+	}
+	want := "text/with/colon"
+	if b.String() != want {
+		t.Fatalf("expected %s, got %s", want, b.String())
+	}
+}
+
+func TestNewParse(t *testing.T) {
+	tm, err := NewParse("foo", "this is a {{ . }}")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	var b bytes.Buffer
+	if err := tm.Execute(&b, "string"); err != nil {
+		t.Fatal(err)
+	}
+	want := "this is a string"
+	if b.String() != want {
+		t.Fatalf("expected %s, got %s", want, b.String())
+	}
+}
diff --git a/utils/utils.go b/utils/utils.go
new file mode 100644
index 00000000..d3dd00ab
--- /dev/null
+++ b/utils/utils.go
@@ -0,0 +1,87 @@
+package utils
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"runtime"
+	"strings"
+
+	"github.com/docker/docker/pkg/archive"
+	"github.com/docker/docker/pkg/stringid"
+)
+
+var globalTestID string
+
+// TestDirectory creates a new temporary directory and returns its path.
+// The contents of directory at path `templateDir` is copied into the
+// new directory.
+func TestDirectory(templateDir string) (dir string, err error) {
+	if globalTestID == "" {
+		globalTestID = stringid.GenerateNonCryptoID()[:4]
+	}
+	prefix := fmt.Sprintf("docker-test%s-%s-", globalTestID, GetCallerName(2))
+	if prefix == "" {
+		prefix = "docker-test-"
+	}
+	dir, err = ioutil.TempDir("", prefix)
+	if err = os.Remove(dir); err != nil {
+		return
+	}
+	if templateDir != "" {
+		if err = archive.CopyWithTar(templateDir, dir); err != nil {
+			return
+		}
+	}
+	return
+}
+
+// GetCallerName introspects the call stack and returns the name of the
+// function `depth` levels down in the stack.
+func GetCallerName(depth int) string {
+	// Use the caller function name as a prefix.
+	// This helps trace temp directories back to their test.
+	pc, _, _, _ := runtime.Caller(depth + 1)
+	callerLongName := runtime.FuncForPC(pc).Name()
+	parts := strings.Split(callerLongName, ".")
+	callerShortName := parts[len(parts)-1]
+	return callerShortName
+}
+
+// ReplaceOrAppendEnvValues returns the defaults with the overrides either
+// replaced by env key or appended to the list
+func ReplaceOrAppendEnvValues(defaults, overrides []string) []string {
+	cache := make(map[string]int, len(defaults))
+	for i, e := range defaults {
+		parts := strings.SplitN(e, "=", 2)
+		cache[parts[0]] = i
+	}
+
+	for _, value := range overrides {
+		// Values w/o = means they want this env to be removed/unset.
+		if !strings.Contains(value, "=") {
+			if i, exists := cache[value]; exists {
+				defaults[i] = "" // Used to indicate it should be removed
+			}
+			continue
+		}
+
+		// Just do a normal set/update
+		parts := strings.SplitN(value, "=", 2)
+		if i, exists := cache[parts[0]]; exists {
+			defaults[i] = value
+		} else {
+			defaults = append(defaults, value)
+		}
+	}
+
+	// Now remove all entries that we want to "unset"
+	for i := 0; i < len(defaults); i++ {
+		if defaults[i] == "" {
+			defaults = append(defaults[:i], defaults[i+1:]...)
+			i--
+		}
+	}
+
+	return defaults
+}
diff --git a/utils/utils_test.go b/utils/utils_test.go
new file mode 100644
index 00000000..ab3911e8
--- /dev/null
+++ b/utils/utils_test.go
@@ -0,0 +1,21 @@
+package utils
+
+import "testing"
+
+func TestReplaceAndAppendEnvVars(t *testing.T) {
+	var (
+		d = []string{"HOME=/"}
+		o = []string{"HOME=/root", "TERM=xterm"}
+	)
+
+	env := ReplaceOrAppendEnvValues(d, o)
+	if len(env) != 2 {
+		t.Fatalf("expected len of 2 got %d", len(env))
+	}
+	if env[0] != "HOME=/root" {
+		t.Fatalf("expected HOME=/root got '%s'", env[0])
+	}
+	if env[1] != "TERM=xterm" {
+		t.Fatalf("expected TERM=xterm got '%s'", env[1])
+	}
+}
diff --git a/vendor/src/github.com/docker/notary/.gitignore b/vendor/src/github.com/docker/notary/.gitignore
new file mode 100644
index 00000000..8439935e
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/.gitignore
@@ -0,0 +1,11 @@
+/cmd/notary-server/notary-server
+/cmd/notary-server/local.config.json
+/cmd/notary-signer/local.config.json
+cover
+bin
+cross
+.cover
+*.swp
+.idea
+*.iml
+coverage.out
diff --git a/vendor/src/github.com/docker/notary/CHANGELOG.md b/vendor/src/github.com/docker/notary/CHANGELOG.md
new file mode 100644
index 00000000..0e12db59
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/CHANGELOG.md
@@ -0,0 +1,26 @@
+# Changelog
+
+## [v0.2](https://github.com/docker/notary/releases/tag/v0.2.0) 2/24/2016
++ Add support for delegation roles in `notary` server and client
++ Add `notary CLI` commands for managing delegation roles: `notary delegation`
+    + `add`, `list` and `remove` subcommands
++ Enhance `notary CLI` commands for adding targets to delegation roles
+    + `notary add --roles` and `notary remove --roles` to manipulate targets for delegations
++ Support for rotating the snapshot key to one managed by the `notary` server
++ Add consistent download functionality to download metadata and content by checksum
++ Update `docker-compose` configuration to use official mariadb image
+    + deprecate `notarymysql`
+    + default to using a volume for `data` directory
+    + use separate databases for `notary-server` and `notary-signer` with separate users
++ Add `notary CLI` command for changing private key passphrases: `notary key passwd`
++ Enhance `notary CLI` commands for importing and exporting keys
++ Change default `notary CLI` log level to fatal, introduce new verbose (error-level) and debug-level settings
++ Store roles as PEM headers in private keys, incompatible with previous notary v0.1 key format
+    + No longer store keys as `<KEY_ID>_role.key`, instead store as `<KEY_ID>.key`; new private keys from new notary clients will crash old notary clients
++ Support logging as JSON format on server and signer
++ Support mutual TLS between notary client and notary server
+
+## [v0.1](https://github.com/docker/notary/releases/tag/v0.1) 11/15/2015
++ Initial non-alpha `notary` version
++ Implement TUF (the update framework) with support for root, targets, snapshot, and timestamp roles
++ Add PKCS11 interface to store and sign with keys in HSMs (i.e. Yubikey)
diff --git a/vendor/src/github.com/docker/notary/CONTRIBUTING.md b/vendor/src/github.com/docker/notary/CONTRIBUTING.md
new file mode 100644
index 00000000..0d4d16fc
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/CONTRIBUTING.md
@@ -0,0 +1,85 @@
+# Contributing to notary
+
+## Before reporting an issue...
+
+### If your problem is with...
+
+ - automated builds
+ - your account on the [Docker Hub](https://hub.docker.com/)
+ - any other [Docker Hub](https://hub.docker.com/) issue
+
+Then please do not report your issue here - you should instead report it to [https://support.docker.com](https://support.docker.com)
+
+### If you...
+
+ - need help setting up notary
+ - can't figure out something
+ - are not sure what's going on or what your problem is
+
+Then please do not open an issue here yet - you should first try one of the following support forums:
+
+ - irc: #docker-trust on freenode
+
+## Reporting an issue properly
+
+By following these simple rules you will get better and faster feedback on your issue.
+
+ - search the bugtracker for an already reported issue
+
+### If you found an issue that describes your problem:
+
+ - please read other user comments first, and confirm this is the same issue: a given error condition might be indicative of different problems - you may also find a workaround in the comments
+ - please refrain from adding "same thing here" or "+1" comments
+ - you don't need to comment on an issue to get notified of updates: just hit the "subscribe" button
+ - comment if you have some new, technical and relevant information to add to the case
+
+### If you have not found an existing issue that describes your problem:
+
+ 1. create a new issue, with a succinct title that describes your issue:
+   - bad title: "It doesn't work with my docker"
+   - good title: "Publish fail: 400 error with E_INVALID_DIGEST"
+ 2. copy the output of:
+   - `docker version`
+   - `docker info`
+   - `docker exec <registry-container> registry -version`
+ 3. copy the command line you used to run `notary` or launch `notaryserver`
+ 4. if relevant, copy your `notaryserver` logs that show the error
+
+## Contributing a patch for a known bug, or a small correction
+
+You should follow the basic GitHub workflow:
+
+ 1. fork
+ 2. commit a change
+ 3. make sure the tests pass
+ 4. PR
+
+Additionally, you must [sign your commits](https://github.com/docker/docker/blob/master/CONTRIBUTING.md#sign-your-work). It's very simple:
+
+ - configure your name with git: `git config user.name "Real Name" && git config user.email mail@example.com`
+ - sign your commits using `-s`: `git commit -s -m "My commit"`
+
+Some simple rules to ensure quick merge:
+
+ - clearly point to the issue(s) you want to fix in your PR comment (e.g., `closes #12345`)
+ - prefer multiple (smaller) PRs addressing individual issues over a big one trying to address multiple issues at once
+ - if you need to amend your PR following comments, please squash instead of adding more commits
+
+## Contributing new features
+
+You are heavily encouraged to first discuss what you want to do. You can do so on the irc channel, or by opening an issue that clearly describes the use case you want to fulfill, or the problem you are trying to solve.
+
+If this is a major new feature, you should then submit a proposal that describes your technical solution and reasoning.
+If you did discuss it first, this will likely be greenlighted very fast. It's advisable to address all feedback on this proposal before starting actual work
+
+Then you should submit your implementation, clearly linking to the issue (and possible proposal).
+
+Your PR will be reviewed by the community, then ultimately by the project maintainers, before being merged.
+
+It's mandatory to:
+
+ - interact respectfully with other community members and maintainers - more generally, you are expected to abide by the [Docker community rules](https://github.com/docker/docker/blob/master/CONTRIBUTING.md#docker-community-guidelines)
+ - address maintainers' comments and modify your submission accordingly
+ - write tests for any new code
+
+Complying to these simple rules will greatly accelerate the review process, and will ensure you have a pleasant experience in contributing code to the Registry.
diff --git a/vendor/src/github.com/docker/notary/CONTRIBUTORS b/vendor/src/github.com/docker/notary/CONTRIBUTORS
new file mode 100644
index 00000000..4bc6c096
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/CONTRIBUTORS
@@ -0,0 +1,4 @@
+David Williamson <david.williamson@docker.com> (github: davidwilliamson)
+Aaron Lehmann <aaron.lehmann@docker.com> (github: aaronlehmann)
+Lewis Marshall <lewis@flynn.io> (github: lmars)
+Jonathan Rudenberg <jonathan@flynn.io> (github: titanous)
diff --git a/vendor/src/github.com/docker/notary/Dockerfile b/vendor/src/github.com/docker/notary/Dockerfile
new file mode 100644
index 00000000..3f8ae14d
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/Dockerfile
@@ -0,0 +1,15 @@
+FROM golang:1.6.0
+
+RUN apt-get update && apt-get install -y \
+	libltdl-dev \
+	libsqlite3-dev \
+	--no-install-recommends \
+	&& rm -rf /var/lib/apt/lists/*
+
+RUN go get golang.org/x/tools/cmd/vet \
+	&& go get golang.org/x/tools/cmd/cover \
+	&& go get github.com/tools/godep
+
+COPY . /go/src/github.com/docker/notary
+
+WORKDIR /go/src/github.com/docker/notary
diff --git a/vendor/src/github.com/docker/notary/LICENSE b/vendor/src/github.com/docker/notary/LICENSE
new file mode 100644
index 00000000..6daf85e9
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/LICENSE
@@ -0,0 +1,201 @@
+Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "{}"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright 2015 Docker, Inc.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/vendor/src/github.com/docker/notary/MAINTAINERS b/vendor/src/github.com/docker/notary/MAINTAINERS
new file mode 100644
index 00000000..999e280c
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/MAINTAINERS
@@ -0,0 +1,58 @@
+# Notary maintainers file
+#
+# This file describes who runs the docker/notary project and how.
+# This is a living document - if you see something out of date or missing, speak up!
+#
+# It is structured to be consumable by both humans and programs.
+# To extract its contents programmatically, use any TOML-compliant parser.
+#
+# This file is compiled into the MAINTAINERS file in docker/opensource.
+#
+[Org]
+	[Org."Core maintainers"]
+		people = [
+			"cyli",
+			"diogomonica",
+			"dmcgowan",
+			"endophage",
+			"nathanmccauley",
+			"riyazdf",
+		]
+
+[people]
+
+# A reference list of all people associated with the project.
+# All other sections should refer to people by their canonical key
+# in the people section.
+
+	# ADD YOURSELF HERE IN ALPHABETICAL ORDER
+
+	[people.cyli]
+	Name = "Ying Li"
+	Email = "ying.li@docker.com"
+	GitHub = "cyli"
+
+	[people.diogomonica]
+	Name = "Diogo Monica"
+	Email = "diogo@docker.com"
+	GitHub = "diogomonica"
+
+	[people.dmcgowan]
+	Name = "Derek McGowan"
+	Email = "derek@docker.com"
+	GitHub = "dmcgowan"
+
+	[people.endophage]
+	Name = "David Lawrence"
+	Email = "david.lawrence@docker.com"
+	GitHub = "endophage"
+
+	[people.nathanmccauley]
+	Name = "Nathan McCauley"
+	Email = "nathan.mccauley@docker.com"
+	GitHub = "nathanmccauley"
+
+	[people.riyazdf]
+	Name = "Riyaz Faizullabhoy"
+	Email = "riyaz@docker.com"
+	GitHub = "riyazdf"
diff --git a/vendor/src/github.com/docker/notary/Makefile b/vendor/src/github.com/docker/notary/Makefile
new file mode 100644
index 00000000..0756159e
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/Makefile
@@ -0,0 +1,204 @@
+# Set an output prefix, which is the local directory if not specified
+PREFIX?=$(shell pwd)
+
+# Populate version variables
+# Add to compile time flags
+NOTARY_PKG := github.com/docker/notary
+NOTARY_VERSION := $(shell cat NOTARY_VERSION)
+GITCOMMIT := $(shell git rev-parse --short HEAD)
+GITUNTRACKEDCHANGES := $(shell git status --porcelain --untracked-files=no)
+ifneq ($(GITUNTRACKEDCHANGES),)
+GITCOMMIT := $(GITCOMMIT)-dirty
+endif
+CTIMEVAR=-X $(NOTARY_PKG)/version.GitCommit=$(GITCOMMIT) -X $(NOTARY_PKG)/version.NotaryVersion=$(NOTARY_VERSION)
+GO_LDFLAGS=-ldflags "-w $(CTIMEVAR)"
+GO_LDFLAGS_STATIC=-ldflags "-w $(CTIMEVAR) -extldflags -static"
+GOOSES = darwin freebsd linux
+GOARCHS = amd64
+NOTARY_BUILDTAGS ?= pkcs11
+GO_EXC = go
+NOTARYDIR := /go/src/github.com/docker/notary
+
+# check to be sure pkcs11 lib is always imported with a build tag
+GO_LIST_PKCS11 := $(shell go list -e -f '{{join .Deps "\n"}}' ./... | grep -v /vendor/ | xargs go list -e -f '{{if not .Standard}}{{.ImportPath}}{{end}}' | grep -q pkcs11)
+ifeq ($(GO_LIST_PKCS11),)
+$(info pkcs11 import was not found anywhere without a build tag, yay)
+else
+$(error You are importing pkcs11 somewhere and not using a build tag)
+endif
+
+_empty :=
+_space := $(empty) $(empty)
+
+# go cover test variables
+COVERDIR=.cover
+COVERPROFILE?=$(COVERDIR)/cover.out
+COVERMODE=count
+PKGS ?= $(shell go list ./... | grep -v /vendor/ | tr '\n' ' ')
+
+GO_VERSION = $(shell go version | awk '{print $$3}')
+
+.PHONY: clean all fmt vet lint build test binaries cross cover docker-images notary-dockerfile
+.DELETE_ON_ERROR: cover
+.DEFAULT: default
+
+all: AUTHORS clean fmt vet fmt lint build test binaries
+
+AUTHORS: .git/HEAD
+	git log --format='%aN <%aE>' | sort -fu > $@
+
+# This only needs to be generated by hand when cutting full releases.
+version/version.go:
+	./version/version.sh > $@
+
+${PREFIX}/bin/notary-server: NOTARY_VERSION $(shell find . -type f -name '*.go')
+	@echo "+ $@"
+	@godep go build -tags ${NOTARY_BUILDTAGS} -o $@ ${GO_LDFLAGS} ./cmd/notary-server
+
+${PREFIX}/bin/notary: NOTARY_VERSION $(shell find . -type f -name '*.go')
+	@echo "+ $@"
+	@godep go build -tags ${NOTARY_BUILDTAGS} -o $@ ${GO_LDFLAGS} ./cmd/notary
+
+${PREFIX}/bin/notary-signer: NOTARY_VERSION $(shell find . -type f -name '*.go')
+	@echo "+ $@"
+	@godep go build -tags ${NOTARY_BUILDTAGS} -o $@ ${GO_LDFLAGS} ./cmd/notary-signer
+
+ifeq ($(shell uname -s),Darwin)
+${PREFIX}/bin/static/notary-server:
+	@echo "notary-server: static builds not supported on OS X"
+
+${PREFIX}/bin/static/notary-signer:
+	@echo "notary-signer: static builds not supported on OS X"
+else
+${PREFIX}/bin/static/notary-server: NOTARY_VERSION $(shell find . -type f -name '*.go')
+	@echo "+ $@"
+	@godep go build -tags ${NOTARY_BUILDTAGS} -o $@ ${GO_LDFLAGS_STATIC} ./cmd/notary-server
+
+${PREFIX}/bin/static/notary-signer: NOTARY_VERSION $(shell find . -type f -name '*.go')
+	@echo "+ $@"
+	@godep go build -tags ${NOTARY_BUILDTAGS} -o $@ ${GO_LDFLAGS_STATIC} ./cmd/notary-signer
+endif
+
+vet:
+	@echo "+ $@"
+ifeq ($(shell uname -s), Darwin)
+	@test -z "$(shell find . -iname *test*.go | grep -v _test.go | grep -v vendor | xargs echo "This file should end with '_test':"  | tee /dev/stderr)"
+else
+	@test -z "$(shell find . -iname *test*.go | grep -v _test.go | grep -v vendor | xargs -r echo "This file should end with '_test':"  | tee /dev/stderr)"
+endif
+	@test -z "$$(go tool vet -printf=false . 2>&1 | grep -v vendor/ | tee /dev/stderr)"
+
+fmt:
+	@echo "+ $@"
+	@test -z "$$(gofmt -s -l .| grep -v .pb. | grep -v vendor/ | tee /dev/stderr)"
+
+lint:
+	@echo "+ $@"
+	@test -z "$$(golint ./... | grep -v .pb. | grep -v vendor/ | tee /dev/stderr)"
+
+# Requires that the following:
+# go get -u github.com/client9/misspell/cmd/misspell
+#
+# be run first
+
+# misspell target, don't include Godeps, binaries, python tests, or git files
+misspell:
+	@echo "+ $@"
+	@test -z "$$(find . -name '*' | grep -v vendor/ | grep -v bin/ | grep -v misc/ | grep -v .git/ | xargs misspell | tee /dev/stderr)"
+
+build:
+	@echo "+ $@"
+	@go build -tags "${NOTARY_BUILDTAGS}" -v ${GO_LDFLAGS} $(PKGS)
+
+# When running `go test ./...`, it runs all the suites in parallel, which causes
+# problems when running with a yubikey
+test: TESTOPTS =
+test:
+	@echo Note: when testing with a yubikey plugged in, make sure to include 'TESTOPTS="-p 1"'
+	@echo "+ $@ $(TESTOPTS)"
+	@echo
+	go test -tags "${NOTARY_BUILDTAGS}" $(TESTOPTS) $(PKGS)
+
+test-full: TESTOPTS =
+test-full: vet lint
+	@echo Note: when testing with a yubikey plugged in, make sure to include 'TESTOPTS="-p 1"'
+	@echo "+ $@"
+	@echo
+	go test -tags "${NOTARY_BUILDTAGS}" $(TESTOPTS) -v $(PKGS)
+
+protos:
+	@protoc --go_out=plugins=grpc:. proto/*.proto
+
+# This allows coverage for a package to come from tests in different package.
+# Requires that the following:
+# go get github.com/wadey/gocovmerge; go install github.com/wadey/gocovmerge
+#
+# be run first
+
+define gocover
+$(GO_EXC) test $(OPTS) $(TESTOPTS) -covermode="$(COVERMODE)" -coverprofile="$(COVERDIR)/$(subst /,-,$(1)).$(subst $(_space),.,$(NOTARY_BUILDTAGS)).coverage.txt" "$(1)" || exit 1;
+endef
+
+gen-cover:
+	@mkdir -p "$(COVERDIR)"
+	$(foreach PKG,$(PKGS),$(call gocover,$(PKG)))
+	rm -f "$(COVERDIR)"/*testutils*.coverage.txt
+
+# Generates the cover binaries and runs them all in serial, so this can be used
+# run all tests with a yubikey without any problems
+cover: GO_EXC := go
+       OPTS = -tags "${NOTARY_BUILDTAGS}" -coverpkg "$(shell ./coverpkg.sh $(1) $(NOTARY_PKG))"
+cover: gen-cover covmerge
+	@go tool cover -html="$(COVERPROFILE)"
+
+# Generates the cover binaries and runs them all in serial, so this can be used
+# run all tests with a yubikey without any problems
+ci: OPTS = -tags "${NOTARY_BUILDTAGS}" -race -coverpkg "$(shell ./coverpkg.sh $(1) $(NOTARY_PKG))"
+    GO_EXC := godep go
+# Codecov knows how to merge multiple coverage files, so covmerge is not needed
+ci: gen-cover
+
+yubikey-tests: override PKGS = github.com/docker/notary/cmd/notary github.com/docker/notary/trustmanager/yubikey
+yubikey-tests: ci
+
+covmerge:
+	@gocovmerge $(shell ls -1 $(COVERDIR)/* | tr "\n" " ") > $(COVERPROFILE)
+	@go tool cover -func="$(COVERPROFILE)"
+
+clean-protos:
+	@rm proto/*.pb.go
+
+binaries: ${PREFIX}/bin/notary-server ${PREFIX}/bin/notary ${PREFIX}/bin/notary-signer
+	@echo "+ $@"
+
+static: ${PREFIX}/bin/static/notary-server ${PREFIX}/bin/static/notary-signer
+	@echo "+ $@"
+
+define template
+mkdir -p ${PREFIX}/cross/$(1)/$(2);
+GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 go build -o ${PREFIX}/cross/$(1)/$(2)/notary -a -tags "static_build netgo" -installsuffix netgo ${GO_LDFLAGS_STATIC} ./cmd/notary;
+endef
+
+cross:
+	$(foreach GOARCH,$(GOARCHS),$(foreach GOOS,$(GOOSES),$(call template,$(GOOS),$(GOARCH))))
+
+
+notary-dockerfile:
+	@docker build --rm --force-rm -t notary .
+
+server-dockerfile:
+	@docker build --rm --force-rm -f server.Dockerfile -t notary-server .
+
+signer-dockerfile:
+	@docker build --rm --force-rm -f signer.Dockerfile -t notary-signer .
+
+docker-images: notary-dockerfile server-dockerfile signer-dockerfile
+
+shell: notary-dockerfile
+	docker run --rm -it -v $(CURDIR)/cross:$(NOTARYDIR)/cross -v $(CURDIR)/bin:$(NOTARYDIR)/bin notary bash
+
+
+clean:
+	@echo "+ $@"
+	@rm -rf "$(COVERDIR)"
+	@rm -rf "${PREFIX}/bin/notary-server" "${PREFIX}/bin/notary" "${PREFIX}/bin/notary-signer"
diff --git a/vendor/src/github.com/docker/notary/NOTARY_VERSION b/vendor/src/github.com/docker/notary/NOTARY_VERSION
new file mode 100644
index 00000000..3b04cfb6
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/NOTARY_VERSION
@@ -0,0 +1 @@
+0.2
diff --git a/vendor/src/github.com/docker/notary/README.md b/vendor/src/github.com/docker/notary/README.md
new file mode 100644
index 00000000..96cd5be5
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/README.md
@@ -0,0 +1,194 @@
+# Notary 
+[![Circle CI](https://circleci.com/gh/docker/notary/tree/master.svg?style=shield)](https://circleci.com/gh/docker/notary/tree/master) [![CodeCov](https://codecov.io/github/docker/notary/coverage.svg?branch=master)](https://codecov.io/github/docker/notary)
+
+The Notary project comprises a [server](cmd/notary-server) and a [client](cmd/notary) for running and interacting
+with trusted collections.
+
+
+Notary aims to make the internet more secure by making it easy for people to
+publish and verify content. We often rely on TLS to secure our communications
+with a web server which is inherently flawed, as any compromise of the server
+enables malicious content to be substituted for the legitimate content.
+
+With Notary, publishers can sign their content offline using keys kept highly
+secure. Once the publisher is ready to make the content available, they can
+push their signed trusted collection to a Notary Server.
+
+Consumers, having acquired the publisher's public key through a secure channel,
+can then communicate with any notary server or (insecure) mirror, relying
+only on the publisher's key to determine the validity and integrity of the
+received content.
+
+## Goals
+
+Notary is based on [The Update Framework](http://theupdateframework.com/), a secure general design for the problem of software distribution and updates. By using TUF, notary achieves a number of key advantages:
+
+* **Survivable Key Compromise**: Content publishers must manage keys in order to sign their content. Signing keys may be compromised or lost so systems must be designed in order to be flexible and recoverable in the case of key compromise. TUF's notion of key roles is utilized to separate responsibilities across a hierarchy of keys such that loss of any particular key (except the root role) by itself is not fatal to the security of the system.
+* **Freshness Guarantees**: Replay attacks are a common problem in designing secure systems, where previously valid payloads are replayed to trick another system. The same problem exists in the software update systems, where old signed can be presented as the most recent. notary makes use of timestamping on publishing so that consumers can know that they are receiving the most up to date content. This is particularly important when dealing with software update where old vulnerable versions could be used to attack users.
+* **Configurable Trust Thresholds**: Oftentimes there are a large number of publishers that are allowed to publish a particular piece of content. For example, open source projects where there are a number of core maintainers. Trust thresholds can be used so that content consumers require a configurable number of signatures on a piece of content in order to trust it. Using thresholds increases security so that loss of individual signing keys doesn't allow publishing of malicious content.
+* **Signing Delegation**: To allow for flexible publishing of trusted collections, a content publisher can delegate part of their collection to another signer. This delegation is represented as signed metadata so that a consumer of the content can verify both the content and the delegation.
+* **Use of Existing Distribution**: Notary's trust guarantees are not tied at all to particular distribution channels from which content is delivered. Therefore, trust can be added to any existing content delivery mechanism.
+* **Untrusted Mirrors and Transport**: All of the notary metadata can be mirrored and distributed via arbitrary channels.
+
+# Notary CLI
+
+Notary is a tool for publishing and managing trusted collections of content. Publishers can digitally sign collections and consumers can verify integrity and origin of content. This ability is built on a straightforward key management and signing interface to create signed collections and configure trusted publishers.
+
+## Using Notary
+Lets try using notary.
+
+Prerequisites:
+
+- Requirements from the [Compiling Notary Server](#compiling-notary-server) section (such as go 1.5.1)
+- [docker and docker-compose](http://docs.docker.com/compose/install/)
+- [Notary server configuration](#configuring-notary-server)
+
+As setup, let's build notary and then start up a local notary-server (don't forget to add `127.0.0.1 notary-server` to your `/etc/hosts`, or if using docker-machine, add `$(docker-machine ip) notary-server`).
+
+```sh
+make binaries
+docker-compose build
+docker-compose up -d
+```
+
+Note: In order to have notary use the local notary server and development root CA we can load the local development configuration by appending `-c cmd/notary/config.json` to every command. If you would rather not have to use `-c` on every command, copy `cmd/notary/config.json and cmd/notary/root-ca.crt` to `~/.notary`.
+
+
+First, let's initiate a notary collection called `example.com/scripts`
+
+```sh
+notary init example.com/scripts
+```
+
+Now, look at the keys you created as a result of initialization
+```sh
+notary key list
+```
+
+Cool, now add a local file `install.sh` and call it `v1`
+```sh
+notary add example.com/scripts v1 install.sh
+```
+
+Wouldn't it be nice if others could know that you've signed this content? Use `publish` to publish your collection to your default notary-server
+```sh
+notary publish example.com/scripts
+```
+
+Now, others can pull your trusted collection
+```sh
+notary list example.com/scripts
+```
+
+More importantly, they can verify the content of your script by using `notary verify`:
+```sh
+curl example.com/install.sh | notary verify example.com/scripts v1 | sh
+```
+
+# Notary Server
+
+Notary Server manages TUF data over an HTTP API compatible with the
+[notary client](cmd/notary).
+
+It may be configured to use either JWT or HTTP Basic Auth for authentication.
+Currently it only supports MySQL for storage of the TUF data, we intend to
+expand this to other storage options.
+
+## Setup for Development
+
+The notary repository comes with Dockerfiles and a docker-compose file
+to facilitate development. Simply run the following commands to start
+a notary server with a temporary MySQL database in containers:
+
+```
+$ docker-compose build
+$ docker-compose up
+```
+
+If you are on Mac OSX with boot2docker or kitematic, you'll need to
+update your hosts file such that the name `notary` is associated with
+the IP address of your VM (for boot2docker, this can be determined
+by running `boot2docker ip`, with kitematic, `echo $DOCKER_HOST` should
+show the IP of the VM). If you are using the default Linux setup,
+you need to add `127.0.0.1 notary` to your hosts file.
+
+## Successfully connecting over TLS
+
+By default notary-server runs with TLS with certificates signed by a local
+CA. In order to be able to successfully connect to it using
+either `curl` or `openssl`, you will have to use the root CA file in `fixtures/root-ca.crt`.
+
+OpenSSL example:
+
+`openssl s_client -connect notary-server:4443 -CAfile fixtures/root-ca.crt`
+
+## Compiling Notary Server
+
+Prerequisites:
+
+- Go = 1.5.1
+- [godep](https://github.com/tools/godep) installed
+- libtool development headers installed
+
+Install dependencies by running `godep restore`.
+
+From the root of this git repository, run `make binaries`. This will
+compile the `notary`, `notary-server`, and `notary-signer` applications and
+place them in a `bin` directory at the root of the git repository (the `bin`
+directory is ignored by the .gitignore file).
+
+`notary-signer` depends upon `pkcs11`, which requires that libtool headers be installed (`libtool-dev` on Ubuntu, `libtool-ltdl-devel` on CentOS/RedHat). If you are using Mac OS, you can `brew install libtool`, and run `make binaries` with the following environment variables (assuming a standard installation of Homebrew):
+
+```sh
+export CPATH=/usr/local/include:${CPATH}
+export LIBRARY_PATH=/usr/local/lib:${LIBRARY_PATH}
+```
+
+## Running Notary Server
+
+The `notary-server` application has the following usage:
+
+```
+$ bin/notary-server --help
+usage: bin/notary-serve
+  -config="": Path to configuration file
+  -debug=false: Enable the debugging server on localhost:8080
+```
+
+## Configuring Notary Server
+
+The configuration file must be a json file with the following format:
+
+```json
+{
+    "server": {
+        "addr": ":4443",
+        "tls_cert_file": "./fixtures/notary-server.crt",
+        "tls_key_file": "./fixtures/notary-server.key"
+    },
+    "logging": {
+        "level": 5
+    }
+}
+```
+
+The pem and key provided in fixtures are purely for local development and
+testing. For production, you must create your own keypair and certificate,
+either via the CA of your choice, or a self signed certificate.
+
+If using the pem and key provided in fixtures, either:
+- Add `fixtures/root-ca.crt` to your trusted root certificates
+- Use the default configuration for notary client that loads the CA root for you by using the flag `-c ./cmd/notary/config.json`
+- Disable TLS verification by adding the following option notary configuration file in `~/.notary/config.json`:
+
+            "skipTLSVerify": true
+
+Otherwise, you will see TLS errors or X509 errors upon initializing the
+notary collection:
+
+```
+$ notary list diogomonica.com/openvpn
+* fatal: Get https://notary-server:4443/v2/: x509: certificate signed by unknown authority
+$ notary list diogomonica.com/openvpn -c cmd/notary/config.json
+latest b1df2ad7cbc19f06f08b69b4bcd817649b509f3e5420cdd2245a85144288e26d 4056
+```
diff --git a/vendor/src/github.com/docker/notary/ROADMAP.md b/vendor/src/github.com/docker/notary/ROADMAP.md
new file mode 100644
index 00000000..b3e9d713
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/ROADMAP.md
@@ -0,0 +1,7 @@
+# Roadmap
+
+The Trust project consists of a number of moving parts of which Notary Server is one. Notary Server is the front line metadata service
+that clients interact with. It manages TUF metadata and interacts with a pluggable signing service to issue new TUF timestamp
+files.
+
+The Notary-signer is provided as our reference implementation of a signing service. It supports HSMs along with Ed25519 software signing.
diff --git a/vendor/src/github.com/docker/notary/certs/certs.go b/vendor/src/github.com/docker/notary/certs/certs.go
new file mode 100644
index 00000000..d8ba0d92
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/certs/certs.go
@@ -0,0 +1,280 @@
+package certs
+
+import (
+	"crypto/x509"
+	"errors"
+	"fmt"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/notary/trustmanager"
+	"github.com/docker/notary/tuf/data"
+	"github.com/docker/notary/tuf/signed"
+)
+
+// ErrValidationFail is returned when there is no valid trusted certificates
+// being served inside of the roots.json
+type ErrValidationFail struct {
+	Reason string
+}
+
+// ErrValidationFail is returned when there is no valid trusted certificates
+// being served inside of the roots.json
+func (err ErrValidationFail) Error() string {
+	return fmt.Sprintf("could not validate the path to a trusted root: %s", err.Reason)
+}
+
+// ErrRootRotationFail is returned when we fail to do a full root key rotation
+// by either failing to add the new root certificate, or delete the old ones
+type ErrRootRotationFail struct {
+	Reason string
+}
+
+// ErrRootRotationFail is returned when we fail to do a full root key rotation
+// by either failing to add the new root certificate, or delete the old ones
+func (err ErrRootRotationFail) Error() string {
+	return fmt.Sprintf("could not rotate trust to a new trusted root: %s", err.Reason)
+}
+
+/*
+ValidateRoot receives a new root, validates its correctness and attempts to
+do root key rotation if needed.
+
+First we list the current trusted certificates we have for a particular GUN. If
+that list is non-empty means that we've already seen this repository before, and
+have a list of trusted certificates for it. In this case, we use this list of
+certificates to attempt to validate this root file.
+
+If the previous validation succeeds, or in the case where we found no trusted
+certificates for this particular GUN, we check the integrity of the root by
+making sure that it is validated by itself. This means that we will attempt to
+validate the root data with the certificates that are included in the root keys
+themselves.
+
+If this last steps succeeds, we attempt to do root rotation, by ensuring that
+we only trust the certificates that are present in the new root.
+
+This mechanism of operation is essentially Trust On First Use (TOFU): if we
+have never seen a certificate for a particular CN, we trust it. If later we see
+a different certificate for that certificate, we return an ErrValidationFailed error.
+
+Note that since we only allow trust data to be downloaded over an HTTPS channel
+we are using the current public PKI to validate the first download of the certificate
+adding an extra layer of security over the normal (SSH style) trust model.
+We shall call this: TOFUS.
+*/
+func ValidateRoot(certStore trustmanager.X509Store, root *data.Signed, gun string) error {
+	logrus.Debugf("entered ValidateRoot with dns: %s", gun)
+	signedRoot, err := data.RootFromSigned(root)
+	if err != nil {
+		return err
+	}
+
+	// Retrieve all the leaf certificates in root for which the CN matches the GUN
+	allValidCerts, err := validRootLeafCerts(signedRoot, gun)
+	if err != nil {
+		logrus.Debugf("error retrieving valid leaf certificates for: %s, %v", gun, err)
+		return &ErrValidationFail{Reason: "unable to retrieve valid leaf certificates"}
+	}
+
+	// Retrieve all the trusted certificates that match this gun
+	certsForCN, err := certStore.GetCertificatesByCN(gun)
+	if err != nil {
+		// If the error that we get back is different than ErrNoCertificatesFound
+		// we couldn't check if there are any certificates with this CN already
+		// trusted. Let's take the conservative approach and return a failed validation
+		if _, ok := err.(*trustmanager.ErrNoCertificatesFound); !ok {
+			logrus.Debugf("error retrieving trusted certificates for: %s, %v", gun, err)
+			return &ErrValidationFail{Reason: "unable to retrieve trusted certificates"}
+		}
+	}
+
+	// If we have certificates that match this specific GUN, let's make sure to
+	// use them first to validate that this new root is valid.
+	if len(certsForCN) != 0 {
+		logrus.Debugf("found %d valid root certificates for %s", len(certsForCN), gun)
+		err = signed.VerifyRoot(root, 0, trustmanager.CertsToKeys(certsForCN))
+		if err != nil {
+			logrus.Debugf("failed to verify TUF data for: %s, %v", gun, err)
+			return &ErrValidationFail{Reason: "failed to validate data with current trusted certificates"}
+		}
+	} else {
+		logrus.Debugf("found no currently valid root certificates for %s", gun)
+	}
+
+	// Validate the integrity of the new root (does it have valid signatures)
+	err = signed.VerifyRoot(root, 0, trustmanager.CertsToKeys(allValidCerts))
+	if err != nil {
+		logrus.Debugf("failed to verify TUF data for: %s, %v", gun, err)
+		return &ErrValidationFail{Reason: "failed to validate integrity of roots"}
+	}
+
+	// Getting here means A) we had trusted certificates and both the
+	// old and new validated this root; or B) we had no trusted certificates but
+	// the new set of certificates has integrity (self-signed)
+	logrus.Debugf("entering root certificate rotation for: %s", gun)
+
+	// Do root certificate rotation: we trust only the certs present in the new root
+	// First we add all the new certificates (even if they already exist)
+	for _, cert := range allValidCerts {
+		err := certStore.AddCert(cert)
+		if err != nil {
+			// If the error is already exists we don't fail the rotation
+			if _, ok := err.(*trustmanager.ErrCertExists); ok {
+				logrus.Debugf("ignoring certificate addition to: %s", gun)
+				continue
+			}
+			logrus.Debugf("error adding new trusted certificate for: %s, %v", gun, err)
+		}
+	}
+
+	// Now we delete old certificates that aren't present in the new root
+	for certID, cert := range certsToRemove(certsForCN, allValidCerts) {
+		logrus.Debugf("removing certificate with certID: %s", certID)
+		err = certStore.RemoveCert(cert)
+		if err != nil {
+			logrus.Debugf("failed to remove trusted certificate with keyID: %s, %v", certID, err)
+			return &ErrRootRotationFail{Reason: "failed to rotate root keys"}
+		}
+	}
+
+	logrus.Debugf("Root validation succeeded for %s", gun)
+	return nil
+}
+
+// validRootLeafCerts returns a list of non-exipired, non-sha1 certificates whose
+// Common-Names match the provided GUN
+func validRootLeafCerts(root *data.SignedRoot, gun string) ([]*x509.Certificate, error) {
+	// Get a list of all of the leaf certificates present in root
+	allLeafCerts, _ := parseAllCerts(root)
+	var validLeafCerts []*x509.Certificate
+
+	// Go through every leaf certificate and check that the CN matches the gun
+	for _, cert := range allLeafCerts {
+		// Validate that this leaf certificate has a CN that matches the exact gun
+		if cert.Subject.CommonName != gun {
+			logrus.Debugf("error leaf certificate CN: %s doesn't match the given GUN: %s",
+				cert.Subject.CommonName, gun)
+			continue
+		}
+		// Make sure the certificate is not expired
+		if time.Now().After(cert.NotAfter) {
+			logrus.Debugf("error leaf certificate is expired")
+			continue
+		}
+
+		// We don't allow root certificates that use SHA1
+		if cert.SignatureAlgorithm == x509.SHA1WithRSA ||
+			cert.SignatureAlgorithm == x509.DSAWithSHA1 ||
+			cert.SignatureAlgorithm == x509.ECDSAWithSHA1 {
+
+			logrus.Debugf("error certificate uses deprecated hashing algorithm (SHA1)")
+			continue
+		}
+
+		validLeafCerts = append(validLeafCerts, cert)
+	}
+
+	if len(validLeafCerts) < 1 {
+		logrus.Debugf("didn't find any valid leaf certificates for %s", gun)
+		return nil, errors.New("no valid leaf certificates found in any of the root keys")
+	}
+
+	logrus.Debugf("found %d valid leaf certificates for %s", len(validLeafCerts), gun)
+	return validLeafCerts, nil
+}
+
+// parseAllCerts returns two maps, one with all of the leafCertificates and one
+// with all the intermediate certificates found in signedRoot
+func parseAllCerts(signedRoot *data.SignedRoot) (map[string]*x509.Certificate, map[string][]*x509.Certificate) {
+	leafCerts := make(map[string]*x509.Certificate)
+	intCerts := make(map[string][]*x509.Certificate)
+
+	// Before we loop through all root keys available, make sure any exist
+	rootRoles, ok := signedRoot.Signed.Roles["root"]
+	if !ok {
+		logrus.Debugf("tried to parse certificates from invalid root signed data")
+		return nil, nil
+	}
+
+	logrus.Debugf("found the following root keys: %v", rootRoles.KeyIDs)
+	// Iterate over every keyID for the root role inside of roots.json
+	for _, keyID := range rootRoles.KeyIDs {
+		// check that the key exists in the signed root keys map
+		key, ok := signedRoot.Signed.Keys[keyID]
+		if !ok {
+			logrus.Debugf("error while getting data for keyID: %s", keyID)
+			continue
+		}
+
+		// Decode all the x509 certificates that were bundled with this
+		// Specific root key
+		decodedCerts, err := trustmanager.LoadCertBundleFromPEM(key.Public())
+		if err != nil {
+			logrus.Debugf("error while parsing root certificate with keyID: %s, %v", keyID, err)
+			continue
+		}
+
+		// Get all non-CA certificates in the decoded certificates
+		leafCertList := trustmanager.GetLeafCerts(decodedCerts)
+
+		// If we got no leaf certificates or we got more than one, fail
+		if len(leafCertList) != 1 {
+			logrus.Debugf("invalid chain due to leaf certificate missing or too many leaf certificates for keyID: %s", keyID)
+			continue
+		}
+
+		// Get the ID of the leaf certificate
+		leafCert := leafCertList[0]
+		leafID, err := trustmanager.FingerprintCert(leafCert)
+		if err != nil {
+			logrus.Debugf("error while fingerprinting root certificate with keyID: %s, %v", keyID, err)
+			continue
+		}
+
+		// Store the leaf cert in the map
+		leafCerts[leafID] = leafCert
+
+		// Get all the remainder certificates marked as a CA to be used as intermediates
+		intermediateCerts := trustmanager.GetIntermediateCerts(decodedCerts)
+		intCerts[leafID] = intermediateCerts
+	}
+
+	return leafCerts, intCerts
+}
+
+// certsToRemove returns all the certifificates from oldCerts that aren't present
+// in newCerts
+func certsToRemove(oldCerts, newCerts []*x509.Certificate) map[string]*x509.Certificate {
+	certsToRemove := make(map[string]*x509.Certificate)
+
+	// If no newCerts were provided
+	if len(newCerts) == 0 {
+		return certsToRemove
+	}
+
+	// Populate a map with all the IDs from newCert
+	var newCertMap = make(map[string]struct{})
+	for _, cert := range newCerts {
+		certID, err := trustmanager.FingerprintCert(cert)
+		if err != nil {
+			logrus.Debugf("error while fingerprinting root certificate with keyID: %s, %v", certID, err)
+			continue
+		}
+		newCertMap[certID] = struct{}{}
+	}
+
+	// Iterate over all the old certificates and check to see if we should remove them
+	for _, cert := range oldCerts {
+		certID, err := trustmanager.FingerprintCert(cert)
+		if err != nil {
+			logrus.Debugf("error while fingerprinting root certificate with certID: %s, %v", certID, err)
+			continue
+		}
+		if _, ok := newCertMap[certID]; !ok {
+			certsToRemove[certID] = cert
+		}
+	}
+
+	return certsToRemove
+}
diff --git a/vendor/src/github.com/docker/notary/circle.yml b/vendor/src/github.com/docker/notary/circle.yml
new file mode 100644
index 00000000..6b98a161
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/circle.yml
@@ -0,0 +1,82 @@
+# Pony-up!
+machine:
+  pre:
+  # Install gvm
+    - bash < <(curl -s -S -L https://raw.githubusercontent.com/moovweb/gvm/1.0.22/binscripts/gvm-installer)
+
+  post:
+  # Install many go versions
+    - gvm install go1.6 -B --name=stable
+
+  environment:
+  # Convenient shortcuts to "common" locations
+    CHECKOUT: /home/ubuntu/$CIRCLE_PROJECT_REPONAME
+    BASE_DIR: src/github.com/docker/notary
+  # Trick circle brainflat "no absolute path" behavior
+    BASE_STABLE: ../../../$HOME/.gvm/pkgsets/stable/global/$BASE_DIR
+  # Workaround Circle parsing dumb bugs and/or YAML wonkyness
+    CIRCLE_PAIN: "mode: set"
+  # Put the coverage profile somewhere codecov's script can find it
+    COVERPROFILE: coverage.out
+
+  hosts:
+  # Not used yet
+    fancy: 127.0.0.1
+
+dependencies:
+  pre:
+  # Copy the code to the gopath of all go versions
+    - >
+      gvm use stable &&
+      mkdir -p "$(dirname $BASE_STABLE)" &&
+      cp -R "$CHECKOUT" "$BASE_STABLE"
+
+  override:
+  # Install dependencies for every copied clone/go version
+    - gvm use stable && go get github.com/tools/godep:
+        pwd: $BASE_STABLE
+
+  post:
+  # For the stable go version, additionally install linting and misspell tools
+    - >
+      gvm use stable &&
+      go get github.com/golang/lint/golint &&
+      go get -u github.com/client9/misspell/cmd/misspell
+test:
+  pre:
+  # Output the go versions we are going to test
+    - gvm use stable && go version
+
+  # CLEAN
+    - gvm use stable && make clean:
+        pwd: $BASE_STABLE
+
+  # FMT
+    - gvm use stable && make fmt:
+        pwd: $BASE_STABLE
+
+  # VET
+    - gvm use stable && make vet:
+        pwd: $BASE_STABLE
+
+  # LINT
+    - gvm use stable && make lint:
+        pwd: $BASE_STABLE
+
+  # MISSPELL
+    - gvm use stable && make misspell:
+        pwd: $BASE_STABLE
+
+  override:
+  # Test stable, and report
+  # hacking this to be parallel
+    - case $CIRCLE_NODE_INDEX in 0) gvm use stable && NOTARY_BUILDTAGS=pkcs11 make ci ;; 1) gvm use stable && NOTARY_BUILDTAGS=none make ci ;; esac:
+        parallel: true
+        timeout: 600
+        pwd: $BASE_STABLE
+
+  post:
+  # Report to codecov.io
+    - bash <(curl -s https://codecov.io/bash):
+        parallel: true
+        pwd: $BASE_STABLE
diff --git a/vendor/src/github.com/docker/notary/client/changelist/change.go b/vendor/src/github.com/docker/notary/client/changelist/change.go
new file mode 100644
index 00000000..3307189c
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/client/changelist/change.go
@@ -0,0 +1,101 @@
+package changelist
+
+import (
+	"github.com/docker/notary/tuf/data"
+)
+
+// Scopes for TufChanges are simply the TUF roles.
+// Unfortunately because of targets delegations, we can only
+// cover the base roles.
+const (
+	ScopeRoot      = "root"
+	ScopeTargets   = "targets"
+	ScopeSnapshot  = "snapshot"
+	ScopeTimestamp = "timestamp"
+)
+
+// Types for TufChanges are namespaced by the Role they
+// are relevant for. The Root and Targets roles are the
+// only ones for which user action can cause a change, as
+// all changes in Snapshot and Timestamp are programmatically
+// generated base on Root and Targets changes.
+const (
+	TypeRootRole          = "role"
+	TypeTargetsTarget     = "target"
+	TypeTargetsDelegation = "delegation"
+)
+
+// TufChange represents a change to a TUF repo
+type TufChange struct {
+	// Abbreviated because Go doesn't permit a field and method of the same name
+	Actn       string `json:"action"`
+	Role       string `json:"role"`
+	ChangeType string `json:"type"`
+	ChangePath string `json:"path"`
+	Data       []byte `json:"data"`
+}
+
+// TufRootData represents a modification of the keys associated
+// with a role that appears in the root.json
+type TufRootData struct {
+	Keys     data.KeyList `json:"keys"`
+	RoleName string       `json:"role"`
+}
+
+// NewTufChange initializes a tufChange object
+func NewTufChange(action string, role, changeType, changePath string, content []byte) *TufChange {
+	return &TufChange{
+		Actn:       action,
+		Role:       role,
+		ChangeType: changeType,
+		ChangePath: changePath,
+		Data:       content,
+	}
+}
+
+// Action return c.Actn
+func (c TufChange) Action() string {
+	return c.Actn
+}
+
+// Scope returns c.Role
+func (c TufChange) Scope() string {
+	return c.Role
+}
+
+// Type returns c.ChangeType
+func (c TufChange) Type() string {
+	return c.ChangeType
+}
+
+// Path return c.ChangePath
+func (c TufChange) Path() string {
+	return c.ChangePath
+}
+
+// Content returns c.Data
+func (c TufChange) Content() []byte {
+	return c.Data
+}
+
+// TufDelegation represents a modification to a target delegation
+// this includes creating a delegations. This format is used to avoid
+// unexpected race conditions between humans modifying the same delegation
+type TufDelegation struct {
+	NewName       string       `json:"new_name,omitempty"`
+	NewThreshold  int          `json:"threshold, omitempty"`
+	AddKeys       data.KeyList `json:"add_keys, omitempty"`
+	RemoveKeys    []string     `json:"remove_keys,omitempty"`
+	AddPaths      []string     `json:"add_paths,omitempty"`
+	RemovePaths   []string     `json:"remove_paths,omitempty"`
+	ClearAllPaths bool         `json:"clear_paths,omitempty"`
+}
+
+// ToNewRole creates a fresh role object from the TufDelegation data
+func (td TufDelegation) ToNewRole(scope string) (*data.Role, error) {
+	name := scope
+	if td.NewName != "" {
+		name = td.NewName
+	}
+	return data.NewRole(name, td.NewThreshold, td.AddKeys.IDs(), td.AddPaths)
+}
diff --git a/vendor/src/github.com/docker/notary/client/changelist/changelist.go b/vendor/src/github.com/docker/notary/client/changelist/changelist.go
new file mode 100644
index 00000000..a91b16cb
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/client/changelist/changelist.go
@@ -0,0 +1,59 @@
+package changelist
+
+// memChangeList implements a simple in memory change list.
+type memChangelist struct {
+	changes []Change
+}
+
+// NewMemChangelist instantiates a new in-memory changelist
+func NewMemChangelist() Changelist {
+	return &memChangelist{}
+}
+
+// List returns a list of Changes
+func (cl memChangelist) List() []Change {
+	return cl.changes
+}
+
+// Add adds a change to the in-memory change list
+func (cl *memChangelist) Add(c Change) error {
+	cl.changes = append(cl.changes, c)
+	return nil
+}
+
+// Clear empties the changelist file.
+func (cl *memChangelist) Clear(archive string) error {
+	// appending to a nil list initializes it.
+	cl.changes = nil
+	return nil
+}
+
+// Close is a no-op in this in-memory change-list
+func (cl *memChangelist) Close() error {
+	return nil
+}
+
+func (cl *memChangelist) NewIterator() (ChangeIterator, error) {
+	return &MemChangeListIterator{index: 0, collection: cl.changes}, nil
+}
+
+// MemChangeListIterator is a concrete instance of ChangeIterator
+type MemChangeListIterator struct {
+	index      int
+	collection []Change // Same type as memChangeList.changes
+}
+
+// Next returns the next Change
+func (m *MemChangeListIterator) Next() (item Change, err error) {
+	if m.index >= len(m.collection) {
+		return nil, IteratorBoundsError(m.index)
+	}
+	item = m.collection[m.index]
+	m.index++
+	return item, err
+}
+
+// HasNext indicates whether the iterator is exhausted
+func (m *MemChangeListIterator) HasNext() bool {
+	return m.index < len(m.collection)
+}
diff --git a/vendor/src/github.com/docker/notary/client/changelist/file_changelist.go b/vendor/src/github.com/docker/notary/client/changelist/file_changelist.go
new file mode 100644
index 00000000..5ab237d8
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/client/changelist/file_changelist.go
@@ -0,0 +1,176 @@
+package changelist
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path"
+	"sort"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/uuid"
+)
+
+// FileChangelist stores all the changes as files
+type FileChangelist struct {
+	dir string
+}
+
+// NewFileChangelist is a convenience method for returning FileChangeLists
+func NewFileChangelist(dir string) (*FileChangelist, error) {
+	logrus.Debug("Making dir path: ", dir)
+	err := os.MkdirAll(dir, 0700)
+	if err != nil {
+		return nil, err
+	}
+	return &FileChangelist{dir: dir}, nil
+}
+
+// getFileNames reads directory, filtering out child directories
+func getFileNames(dirName string) ([]os.FileInfo, error) {
+	var dirListing, fileInfos []os.FileInfo
+	dir, err := os.Open(dirName)
+	if err != nil {
+		return fileInfos, err
+	}
+	defer dir.Close()
+	dirListing, err = dir.Readdir(0)
+	if err != nil {
+		return fileInfos, err
+	}
+	for _, f := range dirListing {
+		if f.IsDir() {
+			continue
+		}
+		fileInfos = append(fileInfos, f)
+	}
+	return fileInfos, nil
+}
+
+// Read a JSON formatted file from disk; convert to TufChange struct
+func unmarshalFile(dirname string, f os.FileInfo) (*TufChange, error) {
+	c := &TufChange{}
+	raw, err := ioutil.ReadFile(path.Join(dirname, f.Name()))
+	if err != nil {
+		return c, err
+	}
+	err = json.Unmarshal(raw, c)
+	if err != nil {
+		return c, err
+	}
+	return c, nil
+}
+
+// List returns a list of sorted changes
+func (cl FileChangelist) List() []Change {
+	var changes []Change
+	fileInfos, err := getFileNames(cl.dir)
+	if err != nil {
+		return changes
+	}
+	sort.Sort(fileChanges(fileInfos))
+	for _, f := range fileInfos {
+		c, err := unmarshalFile(cl.dir, f)
+		if err != nil {
+			logrus.Warn(err.Error())
+			continue
+		}
+		changes = append(changes, c)
+	}
+	return changes
+}
+
+// Add adds a change to the file change list
+func (cl FileChangelist) Add(c Change) error {
+	cJSON, err := json.Marshal(c)
+	if err != nil {
+		return err
+	}
+	filename := fmt.Sprintf("%020d_%s.change", time.Now().UnixNano(), uuid.Generate())
+	return ioutil.WriteFile(path.Join(cl.dir, filename), cJSON, 0644)
+}
+
+// Clear clears the change list
+func (cl FileChangelist) Clear(archive string) error {
+	dir, err := os.Open(cl.dir)
+	if err != nil {
+		return err
+	}
+	defer dir.Close()
+	files, err := dir.Readdir(0)
+	if err != nil {
+		return err
+	}
+	for _, f := range files {
+		os.Remove(path.Join(cl.dir, f.Name()))
+	}
+	return nil
+}
+
+// Close is a no-op
+func (cl FileChangelist) Close() error {
+	// Nothing to do here
+	return nil
+}
+
+// NewIterator creates an iterator from FileChangelist
+func (cl FileChangelist) NewIterator() (ChangeIterator, error) {
+	fileInfos, err := getFileNames(cl.dir)
+	if err != nil {
+		return &FileChangeListIterator{}, err
+	}
+	sort.Sort(fileChanges(fileInfos))
+	return &FileChangeListIterator{dirname: cl.dir, collection: fileInfos}, nil
+}
+
+// IteratorBoundsError is an Error type used by Next()
+type IteratorBoundsError int
+
+// Error implements the Error interface
+func (e IteratorBoundsError) Error() string {
+	return fmt.Sprintf("Iterator index (%d) out of bounds", e)
+}
+
+// FileChangeListIterator is a concrete instance of ChangeIterator
+type FileChangeListIterator struct {
+	index      int
+	dirname    string
+	collection []os.FileInfo
+}
+
+// Next returns the next Change in the FileChangeList
+func (m *FileChangeListIterator) Next() (item Change, err error) {
+	if m.index >= len(m.collection) {
+		return nil, IteratorBoundsError(m.index)
+	}
+	f := m.collection[m.index]
+	m.index++
+	item, err = unmarshalFile(m.dirname, f)
+	return
+}
+
+// HasNext indicates whether iterator is exhausted
+func (m *FileChangeListIterator) HasNext() bool {
+	return m.index < len(m.collection)
+}
+
+type fileChanges []os.FileInfo
+
+// Len returns the length of a file change list
+func (cs fileChanges) Len() int {
+	return len(cs)
+}
+
+// Less compares the names of two different file changes
+func (cs fileChanges) Less(i, j int) bool {
+	return cs[i].Name() < cs[j].Name()
+}
+
+// Swap swaps the position of two file changes
+func (cs fileChanges) Swap(i, j int) {
+	tmp := cs[i]
+	cs[i] = cs[j]
+	cs[j] = tmp
+}
diff --git a/vendor/src/github.com/docker/notary/client/changelist/interface.go b/vendor/src/github.com/docker/notary/client/changelist/interface.go
new file mode 100644
index 00000000..4369623c
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/client/changelist/interface.go
@@ -0,0 +1,70 @@
+package changelist
+
+// Changelist is the interface for all TUF change lists
+type Changelist interface {
+	// List returns the ordered list of changes
+	// currently stored
+	List() []Change
+
+	// Add change appends the provided change to
+	// the list of changes
+	Add(Change) error
+
+	// Clear empties the current change list.
+	// Archive may be provided as a directory path
+	// to save a copy of the changelist in that location
+	Clear(archive string) error
+
+	// Close syncronizes any pending writes to the underlying
+	// storage and closes the file/connection
+	Close() error
+
+	// NewIterator returns an iterator for walking through the list
+	// of changes currently stored
+	NewIterator() (ChangeIterator, error)
+}
+
+const (
+	// ActionCreate represents a Create action
+	ActionCreate = "create"
+	// ActionUpdate represents an Update action
+	ActionUpdate = "update"
+	// ActionDelete represents a Delete action
+	ActionDelete = "delete"
+)
+
+// Change is the interface for a TUF Change
+type Change interface {
+	// "create","update", or "delete"
+	Action() string
+
+	// Where the change should be made.
+	// For TUF this will be the role
+	Scope() string
+
+	// The content type being affected.
+	// For TUF this will be "target", or "delegation".
+	// If the type is "delegation", the Scope will be
+	// used to determine if a root role is being updated
+	// or a target delegation.
+	Type() string
+
+	// Path indicates the entry within a role to be affected by the
+	// change. For targets, this is simply the target's path,
+	// for delegations it's the delegated role name.
+	Path() string
+
+	// Serialized content that the interpreter of a changelist
+	// can use to apply the change.
+	// For TUF this will be the serialized JSON that needs
+	// to be inserted or merged. In the case of a "delete"
+	// action, it will be nil.
+	Content() []byte
+}
+
+// ChangeIterator is the interface for iterating across collections of
+// TUF Change items
+type ChangeIterator interface {
+	Next() (Change, error)
+	HasNext() bool
+}
diff --git a/vendor/src/github.com/docker/notary/client/client.go b/vendor/src/github.com/docker/notary/client/client.go
new file mode 100644
index 00000000..4dfb6b5c
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/client/client.go
@@ -0,0 +1,965 @@
+package client
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"os"
+	"path/filepath"
+	"strings"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/notary"
+	"github.com/docker/notary/certs"
+	"github.com/docker/notary/client/changelist"
+	"github.com/docker/notary/cryptoservice"
+	"github.com/docker/notary/trustmanager"
+	"github.com/docker/notary/tuf"
+	tufclient "github.com/docker/notary/tuf/client"
+	"github.com/docker/notary/tuf/data"
+	"github.com/docker/notary/tuf/signed"
+	"github.com/docker/notary/tuf/store"
+	"github.com/docker/notary/tuf/utils"
+)
+
+func init() {
+	data.SetDefaultExpiryTimes(notary.NotaryDefaultExpiries)
+}
+
+// ErrRepoNotInitialized is returned when trying to publish an uninitialized
+// notary repository
+type ErrRepoNotInitialized struct{}
+
+func (err ErrRepoNotInitialized) Error() string {
+	return "repository has not been initialized"
+}
+
+// ErrInvalidRemoteRole is returned when the server is requested to manage
+// a key type that is not permitted
+type ErrInvalidRemoteRole struct {
+	Role string
+}
+
+func (err ErrInvalidRemoteRole) Error() string {
+	return fmt.Sprintf(
+		"notary does not permit the server managing the %s key", err.Role)
+}
+
+// ErrInvalidLocalRole is returned when the client wants to manage
+// a key type that is not permitted
+type ErrInvalidLocalRole struct {
+	Role string
+}
+
+func (err ErrInvalidLocalRole) Error() string {
+	return fmt.Sprintf(
+		"notary does not permit the client managing the %s key", err.Role)
+}
+
+// ErrRepositoryNotExist is returned when an action is taken on a remote
+// repository that doesn't exist
+type ErrRepositoryNotExist struct {
+	remote string
+	gun    string
+}
+
+func (err ErrRepositoryNotExist) Error() string {
+	return fmt.Sprintf("%s does not have trust data for %s", err.remote, err.gun)
+}
+
+const (
+	tufDir = "tuf"
+)
+
+// NotaryRepository stores all the information needed to operate on a notary
+// repository.
+type NotaryRepository struct {
+	baseDir       string
+	gun           string
+	baseURL       string
+	tufRepoPath   string
+	fileStore     store.MetadataStore
+	CryptoService signed.CryptoService
+	tufRepo       *tuf.Repo
+	roundTrip     http.RoundTripper
+	CertStore     trustmanager.X509Store
+}
+
+// repositoryFromKeystores is a helper function for NewNotaryRepository that
+// takes some basic NotaryRepository parameters as well as keystores (in order
+// of usage preference), and returns a NotaryRepository.
+func repositoryFromKeystores(baseDir, gun, baseURL string, rt http.RoundTripper,
+	keyStores []trustmanager.KeyStore) (*NotaryRepository, error) {
+
+	certPath := filepath.Join(baseDir, notary.TrustedCertsDir)
+	certStore, err := trustmanager.NewX509FilteredFileStore(
+		certPath,
+		trustmanager.FilterCertsExpiredSha1,
+	)
+	if err != nil {
+		return nil, err
+	}
+
+	cryptoService := cryptoservice.NewCryptoService(keyStores...)
+
+	nRepo := &NotaryRepository{
+		gun:           gun,
+		baseDir:       baseDir,
+		baseURL:       baseURL,
+		tufRepoPath:   filepath.Join(baseDir, tufDir, filepath.FromSlash(gun)),
+		CryptoService: cryptoService,
+		roundTrip:     rt,
+		CertStore:     certStore,
+	}
+
+	fileStore, err := store.NewFilesystemStore(
+		nRepo.tufRepoPath,
+		"metadata",
+		"json",
+	)
+	if err != nil {
+		return nil, err
+	}
+	nRepo.fileStore = fileStore
+
+	return nRepo, nil
+}
+
+// Target represents a simplified version of the data TUF operates on, so external
+// applications don't have to depend on tuf data types.
+type Target struct {
+	Name   string      // the name of the target
+	Hashes data.Hashes // the hash of the target
+	Length int64       // the size in bytes of the target
+}
+
+// TargetWithRole represents a Target that exists in a particular role - this is
+// produced by ListTargets and GetTargetByName
+type TargetWithRole struct {
+	Target
+	Role string
+}
+
+// NewTarget is a helper method that returns a Target
+func NewTarget(targetName string, targetPath string) (*Target, error) {
+	b, err := ioutil.ReadFile(targetPath)
+	if err != nil {
+		return nil, err
+	}
+
+	meta, err := data.NewFileMeta(bytes.NewBuffer(b), data.NotaryDefaultHashes...)
+	if err != nil {
+		return nil, err
+	}
+
+	return &Target{Name: targetName, Hashes: meta.Hashes, Length: meta.Length}, nil
+}
+
+// Initialize creates a new repository by using rootKey as the root Key for the
+// TUF repository.
+func (r *NotaryRepository) Initialize(rootKeyID string, serverManagedRoles ...string) error {
+	privKey, _, err := r.CryptoService.GetPrivateKey(rootKeyID)
+	if err != nil {
+		return err
+	}
+
+	// currently we only support server managing timestamps and snapshots, and
+	// nothing else - timestamps are always managed by the server, and implicit
+	// (do not have to be passed in as part of `serverManagedRoles`, so that
+	// the API of Initialize doesn't change).
+	var serverManagesSnapshot bool
+	locallyManagedKeys := []string{
+		data.CanonicalTargetsRole,
+		data.CanonicalSnapshotRole,
+		// root is also locally managed, but that should have been created
+		// already
+	}
+	remotelyManagedKeys := []string{data.CanonicalTimestampRole}
+	for _, role := range serverManagedRoles {
+		switch role {
+		case data.CanonicalTimestampRole:
+			continue // timestamp is already in the right place
+		case data.CanonicalSnapshotRole:
+			// because we put Snapshot last
+			locallyManagedKeys = []string{data.CanonicalTargetsRole}
+			remotelyManagedKeys = append(
+				remotelyManagedKeys, data.CanonicalSnapshotRole)
+			serverManagesSnapshot = true
+		default:
+			return ErrInvalidRemoteRole{Role: role}
+		}
+	}
+
+	// Hard-coded policy: the generated certificate expires in 10 years.
+	startTime := time.Now()
+	rootCert, err := cryptoservice.GenerateCertificate(
+		privKey, r.gun, startTime, startTime.AddDate(10, 0, 0))
+
+	if err != nil {
+		return err
+	}
+	r.CertStore.AddCert(rootCert)
+
+	// The root key gets stored in the TUF metadata X509 encoded, linking
+	// the tuf root.json to our X509 PKI.
+	// If the key is RSA, we store it as type RSAx509, if it is ECDSA we store it
+	// as ECDSAx509 to allow the gotuf verifiers to correctly decode the
+	// key on verification of signatures.
+	var rootKey data.PublicKey
+	switch privKey.Algorithm() {
+	case data.RSAKey:
+		rootKey = data.NewRSAx509PublicKey(trustmanager.CertToPEM(rootCert))
+	case data.ECDSAKey:
+		rootKey = data.NewECDSAx509PublicKey(trustmanager.CertToPEM(rootCert))
+	default:
+		return fmt.Errorf("invalid format for root key: %s", privKey.Algorithm())
+	}
+
+	var (
+		rootRole = data.NewBaseRole(
+			data.CanonicalRootRole,
+			notary.MinThreshold,
+			rootKey,
+		)
+		timestampRole data.BaseRole
+		snapshotRole  data.BaseRole
+		targetsRole   data.BaseRole
+	)
+
+	// we want to create all the local keys first so we don't have to
+	// make unnecessary network calls
+	for _, role := range locallyManagedKeys {
+		// This is currently hardcoding the keys to ECDSA.
+		key, err := r.CryptoService.Create(role, r.gun, data.ECDSAKey)
+		if err != nil {
+			return err
+		}
+		switch role {
+		case data.CanonicalSnapshotRole:
+			snapshotRole = data.NewBaseRole(
+				role,
+				notary.MinThreshold,
+				key,
+			)
+		case data.CanonicalTargetsRole:
+			targetsRole = data.NewBaseRole(
+				role,
+				notary.MinThreshold,
+				key,
+			)
+		}
+	}
+	for _, role := range remotelyManagedKeys {
+		// This key is generated by the remote server.
+		key, err := getRemoteKey(r.baseURL, r.gun, role, r.roundTrip)
+		if err != nil {
+			return err
+		}
+		logrus.Debugf("got remote %s %s key with keyID: %s",
+			role, key.Algorithm(), key.ID())
+		switch role {
+		case data.CanonicalSnapshotRole:
+			snapshotRole = data.NewBaseRole(
+				role,
+				notary.MinThreshold,
+				key,
+			)
+		case data.CanonicalTimestampRole:
+			timestampRole = data.NewBaseRole(
+				role,
+				notary.MinThreshold,
+				key,
+			)
+		}
+	}
+
+	r.tufRepo = tuf.NewRepo(r.CryptoService)
+
+	err = r.tufRepo.InitRoot(
+		rootRole,
+		timestampRole,
+		snapshotRole,
+		targetsRole,
+		false,
+	)
+	if err != nil {
+		logrus.Debug("Error on InitRoot: ", err.Error())
+		return err
+	}
+	_, err = r.tufRepo.InitTargets(data.CanonicalTargetsRole)
+	if err != nil {
+		logrus.Debug("Error on InitTargets: ", err.Error())
+		return err
+	}
+	err = r.tufRepo.InitSnapshot()
+	if err != nil {
+		logrus.Debug("Error on InitSnapshot: ", err.Error())
+		return err
+	}
+
+	return r.saveMetadata(serverManagesSnapshot)
+}
+
+// adds a TUF Change template to the given roles
+func addChange(cl *changelist.FileChangelist, c changelist.Change, roles ...string) error {
+
+	if len(roles) == 0 {
+		roles = []string{data.CanonicalTargetsRole}
+	}
+
+	var changes []changelist.Change
+	for _, role := range roles {
+		// Ensure we can only add targets to the CanonicalTargetsRole,
+		// or a Delegation role (which is <CanonicalTargetsRole>/something else)
+		if role != data.CanonicalTargetsRole && !data.IsDelegation(role) {
+			return data.ErrInvalidRole{
+				Role:   role,
+				Reason: "cannot add targets to this role",
+			}
+		}
+
+		changes = append(changes, changelist.NewTufChange(
+			c.Action(),
+			role,
+			c.Type(),
+			c.Path(),
+			c.Content(),
+		))
+	}
+
+	for _, c := range changes {
+		if err := cl.Add(c); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// AddTarget creates new changelist entries to add a target to the given roles
+// in the repository when the changelist gets applied at publish time.
+// If roles are unspecified, the default role is "targets".
+func (r *NotaryRepository) AddTarget(target *Target, roles ...string) error {
+
+	cl, err := changelist.NewFileChangelist(filepath.Join(r.tufRepoPath, "changelist"))
+	if err != nil {
+		return err
+	}
+	defer cl.Close()
+	logrus.Debugf("Adding target \"%s\" with sha256 \"%x\" and size %d bytes.\n", target.Name, target.Hashes["sha256"], target.Length)
+
+	meta := data.FileMeta{Length: target.Length, Hashes: target.Hashes}
+	metaJSON, err := json.Marshal(meta)
+	if err != nil {
+		return err
+	}
+
+	template := changelist.NewTufChange(
+		changelist.ActionCreate, "", changelist.TypeTargetsTarget,
+		target.Name, metaJSON)
+	return addChange(cl, template, roles...)
+}
+
+// RemoveTarget creates new changelist entries to remove a target from the given
+// roles in the repository when the changelist gets applied at publish time.
+// If roles are unspecified, the default role is "target".
+func (r *NotaryRepository) RemoveTarget(targetName string, roles ...string) error {
+
+	cl, err := changelist.NewFileChangelist(filepath.Join(r.tufRepoPath, "changelist"))
+	if err != nil {
+		return err
+	}
+	logrus.Debugf("Removing target \"%s\"", targetName)
+	template := changelist.NewTufChange(changelist.ActionDelete, "",
+		changelist.TypeTargetsTarget, targetName, nil)
+	return addChange(cl, template, roles...)
+}
+
+// ListTargets lists all targets for the current repository. The list of
+// roles should be passed in order from highest to lowest priority.
+// IMPORTANT: if you pass a set of roles such as [ "targets/a", "targets/x"
+// "targets/a/b" ], even though "targets/a/b" is part of the "targets/a" subtree
+// its entries will be strictly shadowed by those in other parts of the "targets/a"
+// subtree and also the "targets/x" subtree, as we will defer parsing it until
+// we explicitly reach it in our iteration of the provided list of roles.
+func (r *NotaryRepository) ListTargets(roles ...string) ([]*TargetWithRole, error) {
+	_, err := r.Update(false)
+	if err != nil {
+		return nil, err
+	}
+
+	if len(roles) == 0 {
+		roles = []string{data.CanonicalTargetsRole}
+	}
+	targets := make(map[string]*TargetWithRole)
+	for _, role := range roles {
+		// Define an array of roles to skip for this walk (see IMPORTANT comment above)
+		skipRoles := utils.StrSliceRemove(roles, role)
+
+		// Define a visitor function to populate the targets map in priority order
+		listVisitorFunc := func(tgt *data.SignedTargets, validRole data.DelegationRole) interface{} {
+			// We found targets so we should try to add them to our targets map
+			for targetName, targetMeta := range tgt.Signed.Targets {
+				// Follow the priority by not overriding previously set targets
+				// and check that this path is valid with this role
+				if _, ok := targets[targetName]; ok || !validRole.CheckPaths(targetName) {
+					continue
+				}
+				targets[targetName] =
+					&TargetWithRole{Target: Target{Name: targetName, Hashes: targetMeta.Hashes, Length: targetMeta.Length}, Role: validRole.Name}
+			}
+			return nil
+		}
+		r.tufRepo.WalkTargets("", role, listVisitorFunc, skipRoles...)
+	}
+
+	var targetList []*TargetWithRole
+	for _, v := range targets {
+		targetList = append(targetList, v)
+	}
+
+	return targetList, nil
+}
+
+// GetTargetByName returns a target given a name. If no roles are passed
+// it uses the targets role and does a search of the entire delegation
+// graph, finding the first entry in a breadth first search of the delegations.
+// If roles are passed, they should be passed in descending priority and
+// the target entry found in the subtree of the highest priority role
+// will be returned
+// See the IMPORTANT section on ListTargets above. Those roles also apply here.
+func (r *NotaryRepository) GetTargetByName(name string, roles ...string) (*TargetWithRole, error) {
+	_, err := r.Update(false)
+	if err != nil {
+		return nil, err
+	}
+
+	if len(roles) == 0 {
+		roles = append(roles, data.CanonicalTargetsRole)
+	}
+	var resultMeta data.FileMeta
+	var resultRoleName string
+	var foundTarget bool
+	for _, role := range roles {
+		// Define an array of roles to skip for this walk (see IMPORTANT comment above)
+		skipRoles := utils.StrSliceRemove(roles, role)
+
+		// Define a visitor function to find the specified target
+		getTargetVisitorFunc := func(tgt *data.SignedTargets, validRole data.DelegationRole) interface{} {
+			if tgt == nil {
+				return nil
+			}
+			// We found the target and validated path compatibility in our walk,
+			// so we should stop our walk and set the resultMeta and resultRoleName variables
+			if resultMeta, foundTarget = tgt.Signed.Targets[name]; foundTarget {
+				resultRoleName = validRole.Name
+				return tuf.StopWalk{}
+			}
+			return nil
+		}
+		err = r.tufRepo.WalkTargets(name, role, getTargetVisitorFunc, skipRoles...)
+		// Check that we didn't error, and that we assigned to our target
+		if err == nil && foundTarget {
+			return &TargetWithRole{Target: Target{Name: name, Hashes: resultMeta.Hashes, Length: resultMeta.Length}, Role: resultRoleName}, nil
+		}
+	}
+	return nil, fmt.Errorf("No trust data for %s", name)
+
+}
+
+// GetChangelist returns the list of the repository's unpublished changes
+func (r *NotaryRepository) GetChangelist() (changelist.Changelist, error) {
+	changelistDir := filepath.Join(r.tufRepoPath, "changelist")
+	cl, err := changelist.NewFileChangelist(changelistDir)
+	if err != nil {
+		logrus.Debug("Error initializing changelist")
+		return nil, err
+	}
+	return cl, nil
+}
+
+// RoleWithSignatures is a Role with its associated signatures
+type RoleWithSignatures struct {
+	Signatures []data.Signature
+	data.Role
+}
+
+// ListRoles returns a list of RoleWithSignatures objects for this repo
+// This represents the latest metadata for each role in this repo
+func (r *NotaryRepository) ListRoles() ([]RoleWithSignatures, error) {
+	// Update to latest repo state
+	_, err := r.Update(false)
+	if err != nil {
+		return nil, err
+	}
+
+	// Get all role info from our updated keysDB, can be empty
+	roles := r.tufRepo.GetAllLoadedRoles()
+
+	var roleWithSigs []RoleWithSignatures
+
+	// Populate RoleWithSignatures with Role from keysDB and signatures from TUF metadata
+	for _, role := range roles {
+		roleWithSig := RoleWithSignatures{Role: *role, Signatures: nil}
+		switch role.Name {
+		case data.CanonicalRootRole:
+			roleWithSig.Signatures = r.tufRepo.Root.Signatures
+		case data.CanonicalTargetsRole:
+			roleWithSig.Signatures = r.tufRepo.Targets[data.CanonicalTargetsRole].Signatures
+		case data.CanonicalSnapshotRole:
+			roleWithSig.Signatures = r.tufRepo.Snapshot.Signatures
+		case data.CanonicalTimestampRole:
+			roleWithSig.Signatures = r.tufRepo.Timestamp.Signatures
+		default:
+			// If the role isn't a delegation, we should error -- this is only possible if we have invalid state
+			if !data.IsDelegation(role.Name) {
+				return nil, data.ErrInvalidRole{Role: role.Name, Reason: "invalid role name"}
+			}
+			if _, ok := r.tufRepo.Targets[role.Name]; ok {
+				// We'll only find a signature if we've published any targets with this delegation
+				roleWithSig.Signatures = r.tufRepo.Targets[role.Name].Signatures
+			}
+		}
+		roleWithSigs = append(roleWithSigs, roleWithSig)
+	}
+	return roleWithSigs, nil
+}
+
+// Publish pushes the local changes in signed material to the remote notary-server
+// Conceptually it performs an operation similar to a `git rebase`
+func (r *NotaryRepository) Publish() error {
+	cl, err := r.GetChangelist()
+	if err != nil {
+		return err
+	}
+	if err = r.publish(cl); err != nil {
+		return err
+	}
+	if err = cl.Clear(""); err != nil {
+		// This is not a critical problem when only a single host is pushing
+		// but will cause weird behaviour if changelist cleanup is failing
+		// and there are multiple hosts writing to the repo.
+		logrus.Warn("Unable to clear changelist. You may want to manually delete the folder ", filepath.Join(r.tufRepoPath, "changelist"))
+	}
+	return nil
+}
+
+// publish pushes the changes in the given changelist to the remote notary-server
+// Conceptually it performs an operation similar to a `git rebase`
+func (r *NotaryRepository) publish(cl changelist.Changelist) error {
+	var initialPublish bool
+	// update first before publishing
+	_, err := r.Update(true)
+	if err != nil {
+		// If the remote is not aware of the repo, then this is being published
+		// for the first time.  Try to load from disk instead for publishing.
+		if _, ok := err.(ErrRepositoryNotExist); ok {
+			err := r.bootstrapRepo()
+			if err != nil {
+				logrus.Debugf("Unable to load repository from local files: %s",
+					err.Error())
+				if _, ok := err.(store.ErrMetaNotFound); ok {
+					return ErrRepoNotInitialized{}
+				}
+				return err
+			}
+			// Ensure we will push the initial root and targets file.  Either or
+			// both of the root and targets may not be marked as Dirty, since
+			// there may not be any changes that update them, so use a
+			// different boolean.
+			initialPublish = true
+		} else {
+			// We could not update, so we cannot publish.
+			logrus.Error("Could not publish Repository since we could not update: ", err.Error())
+			return err
+		}
+	}
+	// apply the changelist to the repo
+	err = applyChangelist(r.tufRepo, cl)
+	if err != nil {
+		logrus.Debug("Error applying changelist")
+		return err
+	}
+
+	// these are the tuf files we will need to update, serialized as JSON before
+	// we send anything to remote
+	updatedFiles := make(map[string][]byte)
+
+	// check if our root file is nearing expiry or dirty. Resign if it is.  If
+	// root is not dirty but we are publishing for the first time, then just
+	// publish the existing root we have.
+	if nearExpiry(r.tufRepo.Root) || r.tufRepo.Root.Dirty {
+		rootJSON, err := serializeCanonicalRole(r.tufRepo, data.CanonicalRootRole)
+		if err != nil {
+			return err
+		}
+		updatedFiles[data.CanonicalRootRole] = rootJSON
+	} else if initialPublish {
+		rootJSON, err := r.tufRepo.Root.MarshalJSON()
+		if err != nil {
+			return err
+		}
+		updatedFiles[data.CanonicalRootRole] = rootJSON
+	}
+
+	// iterate through all the targets files - if they are dirty, sign and update
+	for roleName, roleObj := range r.tufRepo.Targets {
+		if roleObj.Dirty || (roleName == data.CanonicalTargetsRole && initialPublish) {
+			targetsJSON, err := serializeCanonicalRole(r.tufRepo, roleName)
+			if err != nil {
+				return err
+			}
+			updatedFiles[roleName] = targetsJSON
+		}
+	}
+
+	// if we initialized the repo while designating the server as the snapshot
+	// signer, then there won't be a snapshots file.  However, we might now
+	// have a local key (if there was a rotation), so initialize one.
+	if r.tufRepo.Snapshot == nil {
+		if err := r.tufRepo.InitSnapshot(); err != nil {
+			return err
+		}
+	}
+
+	snapshotJSON, err := serializeCanonicalRole(
+		r.tufRepo, data.CanonicalSnapshotRole)
+
+	if err == nil {
+		// Only update the snapshot if we've successfully signed it.
+		updatedFiles[data.CanonicalSnapshotRole] = snapshotJSON
+	} else if _, ok := err.(signed.ErrNoKeys); ok {
+		// If signing fails due to us not having the snapshot key, then
+		// assume the server is going to sign, and do not include any snapshot
+		// data.
+		logrus.Debugf("Client does not have the key to sign snapshot. " +
+			"Assuming that server should sign the snapshot.")
+	} else {
+		logrus.Debugf("Client was unable to sign the snapshot: %s", err.Error())
+		return err
+	}
+
+	remote, err := getRemoteStore(r.baseURL, r.gun, r.roundTrip)
+	if err != nil {
+		return err
+	}
+
+	return remote.SetMultiMeta(updatedFiles)
+}
+
+// bootstrapRepo loads the repository from the local file system.  This attempts
+// to load metadata for all roles.  Since server snapshots are supported,
+// if the snapshot metadata fails to load, that's ok.
+// This can also be unified with some cache reading tools from tuf/client.
+// This assumes that bootstrapRepo is only used by Publish() or RotateKey()
+func (r *NotaryRepository) bootstrapRepo() error {
+	tufRepo := tuf.NewRepo(r.CryptoService)
+
+	logrus.Debugf("Loading trusted collection.")
+	rootJSON, err := r.fileStore.GetMeta("root", -1)
+	if err != nil {
+		return err
+	}
+	root := &data.SignedRoot{}
+	err = json.Unmarshal(rootJSON, root)
+	if err != nil {
+		return err
+	}
+	err = tufRepo.SetRoot(root)
+	if err != nil {
+		return err
+	}
+	targetsJSON, err := r.fileStore.GetMeta("targets", -1)
+	if err != nil {
+		return err
+	}
+	targets := &data.SignedTargets{}
+	err = json.Unmarshal(targetsJSON, targets)
+	if err != nil {
+		return err
+	}
+	tufRepo.SetTargets("targets", targets)
+
+	snapshotJSON, err := r.fileStore.GetMeta("snapshot", -1)
+	if err == nil {
+		snapshot := &data.SignedSnapshot{}
+		err = json.Unmarshal(snapshotJSON, snapshot)
+		if err != nil {
+			return err
+		}
+		tufRepo.SetSnapshot(snapshot)
+	} else if _, ok := err.(store.ErrMetaNotFound); !ok {
+		return err
+	}
+
+	r.tufRepo = tufRepo
+
+	return nil
+}
+
+func (r *NotaryRepository) saveMetadata(ignoreSnapshot bool) error {
+	logrus.Debugf("Saving changes to Trusted Collection.")
+
+	rootJSON, err := serializeCanonicalRole(r.tufRepo, data.CanonicalRootRole)
+	if err != nil {
+		return err
+	}
+	err = r.fileStore.SetMeta(data.CanonicalRootRole, rootJSON)
+	if err != nil {
+		return err
+	}
+
+	targetsToSave := make(map[string][]byte)
+	for t := range r.tufRepo.Targets {
+		signedTargets, err := r.tufRepo.SignTargets(t, data.DefaultExpires("targets"))
+		if err != nil {
+			return err
+		}
+		targetsJSON, err := json.Marshal(signedTargets)
+		if err != nil {
+			return err
+		}
+		targetsToSave[t] = targetsJSON
+	}
+
+	for role, blob := range targetsToSave {
+		parentDir := filepath.Dir(role)
+		os.MkdirAll(parentDir, 0755)
+		r.fileStore.SetMeta(role, blob)
+	}
+
+	if ignoreSnapshot {
+		return nil
+	}
+
+	snapshotJSON, err := serializeCanonicalRole(r.tufRepo, data.CanonicalSnapshotRole)
+	if err != nil {
+		return err
+	}
+
+	return r.fileStore.SetMeta(data.CanonicalSnapshotRole, snapshotJSON)
+}
+
+// returns a properly constructed ErrRepositoryNotExist error based on this
+// repo's information
+func (r *NotaryRepository) errRepositoryNotExist() error {
+	host := r.baseURL
+	parsed, err := url.Parse(r.baseURL)
+	if err == nil {
+		host = parsed.Host // try to exclude the scheme and any paths
+	}
+	return ErrRepositoryNotExist{remote: host, gun: r.gun}
+}
+
+// Update bootstraps a trust anchor (root.json) before updating all the
+// metadata from the repo.
+func (r *NotaryRepository) Update(forWrite bool) (*tufclient.Client, error) {
+	c, err := r.bootstrapClient(forWrite)
+	if err != nil {
+		if _, ok := err.(store.ErrMetaNotFound); ok {
+			return nil, r.errRepositoryNotExist()
+		}
+		return nil, err
+	}
+	err = c.Update()
+	if err != nil {
+		// notFound.Resource may include a checksum so when the role is root,
+		// it will be root.json or root.<checksum>.json. Therefore best we can
+		// do it match a "root." prefix
+		if notFound, ok := err.(store.ErrMetaNotFound); ok && strings.HasPrefix(notFound.Resource, data.CanonicalRootRole+".") {
+			return nil, r.errRepositoryNotExist()
+		}
+		return nil, err
+	}
+	return c, nil
+}
+
+// bootstrapClient attempts to bootstrap a root.json to be used as the trust
+// anchor for a repository. The checkInitialized argument indicates whether
+// we should always attempt to contact the server to determine if the repository
+// is initialized or not. If set to true, we will always attempt to download
+// and return an error if the remote repository errors.
+func (r *NotaryRepository) bootstrapClient(checkInitialized bool) (*tufclient.Client, error) {
+	var (
+		rootJSON   []byte
+		err        error
+		signedRoot *data.SignedRoot
+	)
+	// try to read root from cache first. We will trust this root
+	// until we detect a problem during update which will cause
+	// us to download a new root and perform a rotation.
+	rootJSON, cachedRootErr := r.fileStore.GetMeta("root", -1)
+
+	if cachedRootErr == nil {
+		signedRoot, cachedRootErr = r.validateRoot(rootJSON)
+	}
+
+	remote, remoteErr := getRemoteStore(r.baseURL, r.gun, r.roundTrip)
+	if remoteErr != nil {
+		logrus.Error(remoteErr)
+	} else if cachedRootErr != nil || checkInitialized {
+		// remoteErr was nil and we had a cachedRootErr (or are specifically
+		// checking for initialization of the repo).
+
+		// if remote store successfully set up, try and get root from remote
+		// We don't have any local data to determine the size of root, so try the maximum (though it is restricted at 100MB)
+		tmpJSON, err := remote.GetMeta("root", -1)
+		if err != nil {
+			// we didn't have a root in cache and were unable to load one from
+			// the server. Nothing we can do but error.
+			return nil, err
+		}
+		if cachedRootErr != nil {
+			// we always want to use the downloaded root if there was a cache
+			// error.
+			signedRoot, err = r.validateRoot(tmpJSON)
+			if err != nil {
+				return nil, err
+			}
+
+			err = r.fileStore.SetMeta("root", tmpJSON)
+			if err != nil {
+				// if we can't write cache we should still continue, just log error
+				logrus.Errorf("could not save root to cache: %s", err.Error())
+			}
+		}
+	}
+
+	r.tufRepo = tuf.NewRepo(r.CryptoService)
+
+	if signedRoot == nil {
+		return nil, ErrRepoNotInitialized{}
+	}
+
+	err = r.tufRepo.SetRoot(signedRoot)
+	if err != nil {
+		return nil, err
+	}
+
+	return tufclient.NewClient(
+		r.tufRepo,
+		remote,
+		r.fileStore,
+	), nil
+}
+
+// validateRoot MUST only be used during bootstrapping. It will only validate
+// signatures of the root based on known keys, not expiry or other metadata.
+// This is so that an out of date root can be loaded to be used in a rotation
+// should the TUF update process detect a problem.
+func (r *NotaryRepository) validateRoot(rootJSON []byte) (*data.SignedRoot, error) {
+	// can't just unmarshal into SignedRoot because validate root
+	// needs the root.Signed field to still be []byte for signature
+	// validation
+	root := &data.Signed{}
+	err := json.Unmarshal(rootJSON, root)
+	if err != nil {
+		return nil, err
+	}
+
+	err = certs.ValidateRoot(r.CertStore, root, r.gun)
+	if err != nil {
+		return nil, err
+	}
+
+	return data.RootFromSigned(root)
+}
+
+// RotateKey removes all existing keys associated with the role, and either
+// creates and adds one new key or delegates managing the key to the server.
+// These changes are staged in a changelist until publish is called.
+func (r *NotaryRepository) RotateKey(role string, serverManagesKey bool) error {
+	switch {
+	// We currently support locally or remotely managing snapshot keys...
+	case role == data.CanonicalSnapshotRole:
+		break
+
+	// locally managing targets keys only
+	case role == data.CanonicalTargetsRole && !serverManagesKey:
+		break
+	case role == data.CanonicalTargetsRole && serverManagesKey:
+		return ErrInvalidRemoteRole{Role: data.CanonicalTargetsRole}
+
+	// and remotely managing timestamp keys only
+	case role == data.CanonicalTimestampRole && serverManagesKey:
+		break
+	case role == data.CanonicalTimestampRole && !serverManagesKey:
+		return ErrInvalidLocalRole{Role: data.CanonicalTimestampRole}
+
+	default:
+		return fmt.Errorf("notary does not currently permit rotating the %s key", role)
+	}
+
+	var (
+		pubKey    data.PublicKey
+		err       error
+		errFmtMsg string
+	)
+	switch serverManagesKey {
+	case true:
+		pubKey, err = getRemoteKey(r.baseURL, r.gun, role, r.roundTrip)
+		errFmtMsg = "unable to rotate remote key: %s"
+	default:
+		pubKey, err = r.CryptoService.Create(role, r.gun, data.ECDSAKey)
+		errFmtMsg = "unable to generate key: %s"
+	}
+
+	if err != nil {
+		return fmt.Errorf(errFmtMsg, err)
+	}
+
+	cl := changelist.NewMemChangelist()
+	if err := r.rootFileKeyChange(cl, role, changelist.ActionCreate, pubKey); err != nil {
+		return err
+	}
+	return r.publish(cl)
+}
+
+func (r *NotaryRepository) rootFileKeyChange(cl changelist.Changelist, role, action string, key data.PublicKey) error {
+	kl := make(data.KeyList, 0, 1)
+	kl = append(kl, key)
+	meta := changelist.TufRootData{
+		RoleName: role,
+		Keys:     kl,
+	}
+	metaJSON, err := json.Marshal(meta)
+	if err != nil {
+		return err
+	}
+
+	c := changelist.NewTufChange(
+		action,
+		changelist.ScopeRoot,
+		changelist.TypeRootRole,
+		role,
+		metaJSON,
+	)
+	return cl.Add(c)
+}
+
+// DeleteTrustData removes the trust data stored for this repo in the TUF cache and certificate store on the client side
+func (r *NotaryRepository) DeleteTrustData() error {
+	// Clear TUF files and cache
+	if err := r.fileStore.RemoveAll(); err != nil {
+		return fmt.Errorf("error clearing TUF repo data: %v", err)
+	}
+	r.tufRepo = tuf.NewRepo(nil)
+	// Clear certificates
+	certificates, err := r.CertStore.GetCertificatesByCN(r.gun)
+	if err != nil {
+		// If there were no certificates to delete, we're done
+		if _, ok := err.(*trustmanager.ErrNoCertificatesFound); ok {
+			return nil
+		}
+		return fmt.Errorf("error retrieving certificates for %s: %v", r.gun, err)
+	}
+	for _, cert := range certificates {
+		if err := r.CertStore.RemoveCert(cert); err != nil {
+			return fmt.Errorf("error removing certificate: %v: %v", cert, err)
+		}
+	}
+	return nil
+}
diff --git a/vendor/src/github.com/docker/notary/client/delegations.go b/vendor/src/github.com/docker/notary/client/delegations.go
new file mode 100644
index 00000000..c28e3d84
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/client/delegations.go
@@ -0,0 +1,294 @@
+package client
+
+import (
+	"encoding/json"
+	"fmt"
+	"path/filepath"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/notary"
+	"github.com/docker/notary/client/changelist"
+	"github.com/docker/notary/tuf/data"
+	"github.com/docker/notary/tuf/store"
+	"github.com/docker/notary/tuf/utils"
+)
+
+// AddDelegation creates changelist entries to add provided delegation public keys and paths.
+// This method composes AddDelegationRoleAndKeys and AddDelegationPaths (each creates one changelist if called).
+func (r *NotaryRepository) AddDelegation(name string, delegationKeys []data.PublicKey, paths []string) error {
+	if len(delegationKeys) > 0 {
+		err := r.AddDelegationRoleAndKeys(name, delegationKeys)
+		if err != nil {
+			return err
+		}
+	}
+	if len(paths) > 0 {
+		err := r.AddDelegationPaths(name, paths)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// AddDelegationRoleAndKeys creates a changelist entry to add provided delegation public keys.
+// This method is the simplest way to create a new delegation, because the delegation must have at least
+// one key upon creation to be valid since we will reject the changelist while validating the threshold.
+func (r *NotaryRepository) AddDelegationRoleAndKeys(name string, delegationKeys []data.PublicKey) error {
+
+	if !data.IsDelegation(name) {
+		return data.ErrInvalidRole{Role: name, Reason: "invalid delegation role name"}
+	}
+
+	cl, err := changelist.NewFileChangelist(filepath.Join(r.tufRepoPath, "changelist"))
+	if err != nil {
+		return err
+	}
+	defer cl.Close()
+
+	logrus.Debugf(`Adding delegation "%s" with threshold %d, and %d keys\n`,
+		name, notary.MinThreshold, len(delegationKeys))
+
+	// Defaulting to threshold of 1, since we don't allow for larger thresholds at the moment.
+	tdJSON, err := json.Marshal(&changelist.TufDelegation{
+		NewThreshold: notary.MinThreshold,
+		AddKeys:      data.KeyList(delegationKeys),
+	})
+	if err != nil {
+		return err
+	}
+
+	template := newCreateDelegationChange(name, tdJSON)
+	return addChange(cl, template, name)
+}
+
+// AddDelegationPaths creates a changelist entry to add provided paths to an existing delegation.
+// This method cannot create a new delegation itself because the role must meet the key threshold upon creation.
+func (r *NotaryRepository) AddDelegationPaths(name string, paths []string) error {
+
+	if !data.IsDelegation(name) {
+		return data.ErrInvalidRole{Role: name, Reason: "invalid delegation role name"}
+	}
+
+	cl, err := changelist.NewFileChangelist(filepath.Join(r.tufRepoPath, "changelist"))
+	if err != nil {
+		return err
+	}
+	defer cl.Close()
+
+	logrus.Debugf(`Adding %s paths to delegation %s\n`, paths, name)
+
+	tdJSON, err := json.Marshal(&changelist.TufDelegation{
+		AddPaths: paths,
+	})
+	if err != nil {
+		return err
+	}
+
+	template := newCreateDelegationChange(name, tdJSON)
+	return addChange(cl, template, name)
+}
+
+// RemoveDelegationKeysAndPaths creates changelist entries to remove provided delegation key IDs and paths.
+// This method composes RemoveDelegationPaths and RemoveDelegationKeys (each creates one changelist if called).
+func (r *NotaryRepository) RemoveDelegationKeysAndPaths(name string, keyIDs, paths []string) error {
+	if len(paths) > 0 {
+		err := r.RemoveDelegationPaths(name, paths)
+		if err != nil {
+			return err
+		}
+	}
+	if len(keyIDs) > 0 {
+		err := r.RemoveDelegationKeys(name, keyIDs)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// RemoveDelegationRole creates a changelist to remove all paths and keys from a role, and delete the role in its entirety.
+func (r *NotaryRepository) RemoveDelegationRole(name string) error {
+
+	if !data.IsDelegation(name) {
+		return data.ErrInvalidRole{Role: name, Reason: "invalid delegation role name"}
+	}
+
+	cl, err := changelist.NewFileChangelist(filepath.Join(r.tufRepoPath, "changelist"))
+	if err != nil {
+		return err
+	}
+	defer cl.Close()
+
+	logrus.Debugf(`Removing delegation "%s"\n`, name)
+
+	template := newDeleteDelegationChange(name, nil)
+	return addChange(cl, template, name)
+}
+
+// RemoveDelegationPaths creates a changelist entry to remove provided paths from an existing delegation.
+func (r *NotaryRepository) RemoveDelegationPaths(name string, paths []string) error {
+
+	if !data.IsDelegation(name) {
+		return data.ErrInvalidRole{Role: name, Reason: "invalid delegation role name"}
+	}
+
+	cl, err := changelist.NewFileChangelist(filepath.Join(r.tufRepoPath, "changelist"))
+	if err != nil {
+		return err
+	}
+	defer cl.Close()
+
+	logrus.Debugf(`Removing %s paths from delegation "%s"\n`, paths, name)
+
+	tdJSON, err := json.Marshal(&changelist.TufDelegation{
+		RemovePaths: paths,
+	})
+	if err != nil {
+		return err
+	}
+
+	template := newUpdateDelegationChange(name, tdJSON)
+	return addChange(cl, template, name)
+}
+
+// RemoveDelegationKeys creates a changelist entry to remove provided keys from an existing delegation.
+// When this changelist is applied, if the specified keys are the only keys left in the role,
+// the role itself will be deleted in its entirety.
+func (r *NotaryRepository) RemoveDelegationKeys(name string, keyIDs []string) error {
+
+	if !data.IsDelegation(name) {
+		return data.ErrInvalidRole{Role: name, Reason: "invalid delegation role name"}
+	}
+
+	cl, err := changelist.NewFileChangelist(filepath.Join(r.tufRepoPath, "changelist"))
+	if err != nil {
+		return err
+	}
+	defer cl.Close()
+
+	logrus.Debugf(`Removing %s keys from delegation "%s"\n`, keyIDs, name)
+
+	tdJSON, err := json.Marshal(&changelist.TufDelegation{
+		RemoveKeys: keyIDs,
+	})
+	if err != nil {
+		return err
+	}
+
+	template := newUpdateDelegationChange(name, tdJSON)
+	return addChange(cl, template, name)
+}
+
+// ClearDelegationPaths creates a changelist entry to remove all paths from an existing delegation.
+func (r *NotaryRepository) ClearDelegationPaths(name string) error {
+
+	if !data.IsDelegation(name) {
+		return data.ErrInvalidRole{Role: name, Reason: "invalid delegation role name"}
+	}
+
+	cl, err := changelist.NewFileChangelist(filepath.Join(r.tufRepoPath, "changelist"))
+	if err != nil {
+		return err
+	}
+	defer cl.Close()
+
+	logrus.Debugf(`Removing all paths from delegation "%s"\n`, name)
+
+	tdJSON, err := json.Marshal(&changelist.TufDelegation{
+		ClearAllPaths: true,
+	})
+	if err != nil {
+		return err
+	}
+
+	template := newUpdateDelegationChange(name, tdJSON)
+	return addChange(cl, template, name)
+}
+
+func newUpdateDelegationChange(name string, content []byte) *changelist.TufChange {
+	return changelist.NewTufChange(
+		changelist.ActionUpdate,
+		name,
+		changelist.TypeTargetsDelegation,
+		"", // no path for delegations
+		content,
+	)
+}
+
+func newCreateDelegationChange(name string, content []byte) *changelist.TufChange {
+	return changelist.NewTufChange(
+		changelist.ActionCreate,
+		name,
+		changelist.TypeTargetsDelegation,
+		"", // no path for delegations
+		content,
+	)
+}
+
+func newDeleteDelegationChange(name string, content []byte) *changelist.TufChange {
+	return changelist.NewTufChange(
+		changelist.ActionDelete,
+		name,
+		changelist.TypeTargetsDelegation,
+		"", // no path for delegations
+		content,
+	)
+}
+
+// GetDelegationRoles returns the keys and roles of the repository's delegations
+// Also converts key IDs to canonical key IDs to keep consistent with signing prompts
+func (r *NotaryRepository) GetDelegationRoles() ([]*data.Role, error) {
+	// Update state of the repo to latest
+	if _, err := r.Update(false); err != nil {
+		return nil, err
+	}
+
+	// All top level delegations (ex: targets/level1) are stored exclusively in targets.json
+	_, ok := r.tufRepo.Targets[data.CanonicalTargetsRole]
+	if !ok {
+		return nil, store.ErrMetaNotFound{Resource: data.CanonicalTargetsRole}
+	}
+
+	// make a copy for traversing nested delegations
+	allDelegations := []*data.Role{}
+
+	// Define a visitor function to populate the delegations list and translate their key IDs to canonical IDs
+	delegationCanonicalListVisitor := func(tgt *data.SignedTargets, validRole data.DelegationRole) interface{} {
+		// For the return list, update with a copy that includes canonicalKeyIDs
+		// These aren't validated by the validRole
+		canonicalDelegations, err := translateDelegationsToCanonicalIDs(tgt.Signed.Delegations)
+		if err != nil {
+			return err
+		}
+		allDelegations = append(allDelegations, canonicalDelegations...)
+		return nil
+	}
+	err := r.tufRepo.WalkTargets("", "", delegationCanonicalListVisitor)
+	if err != nil {
+		return nil, err
+	}
+	return allDelegations, nil
+}
+
+func translateDelegationsToCanonicalIDs(delegationInfo data.Delegations) ([]*data.Role, error) {
+	canonicalDelegations := make([]*data.Role, len(delegationInfo.Roles))
+	copy(canonicalDelegations, delegationInfo.Roles)
+	delegationKeys := delegationInfo.Keys
+	for i, delegation := range canonicalDelegations {
+		canonicalKeyIDs := []string{}
+		for _, keyID := range delegation.KeyIDs {
+			pubKey, ok := delegationKeys[keyID]
+			if !ok {
+				return nil, fmt.Errorf("Could not translate canonical key IDs for %s", delegation.Name)
+			}
+			canonicalKeyID, err := utils.CanonicalKeyID(pubKey)
+			if err != nil {
+				return nil, fmt.Errorf("Could not translate canonical key IDs for %s: %v", delegation.Name, err)
+			}
+			canonicalKeyIDs = append(canonicalKeyIDs, canonicalKeyID)
+		}
+		canonicalDelegations[i].KeyIDs = canonicalKeyIDs
+	}
+	return canonicalDelegations, nil
+}
diff --git a/vendor/src/github.com/docker/notary/client/helpers.go b/vendor/src/github.com/docker/notary/client/helpers.go
new file mode 100644
index 00000000..38f1b43c
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/client/helpers.go
@@ -0,0 +1,237 @@
+package client
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/notary/client/changelist"
+	tuf "github.com/docker/notary/tuf"
+	"github.com/docker/notary/tuf/data"
+	"github.com/docker/notary/tuf/store"
+	"github.com/docker/notary/tuf/utils"
+)
+
+// Use this to initialize remote HTTPStores from the config settings
+func getRemoteStore(baseURL, gun string, rt http.RoundTripper) (store.RemoteStore, error) {
+	s, err := store.NewHTTPStore(
+		baseURL+"/v2/"+gun+"/_trust/tuf/",
+		"",
+		"json",
+		"key",
+		rt,
+	)
+	if err != nil {
+		return store.OfflineStore{}, err
+	}
+	return s, err
+}
+
+func applyChangelist(repo *tuf.Repo, cl changelist.Changelist) error {
+	it, err := cl.NewIterator()
+	if err != nil {
+		return err
+	}
+	index := 0
+	for it.HasNext() {
+		c, err := it.Next()
+		if err != nil {
+			return err
+		}
+		isDel := data.IsDelegation(c.Scope())
+		switch {
+		case c.Scope() == changelist.ScopeTargets || isDel:
+			err = applyTargetsChange(repo, c)
+		case c.Scope() == changelist.ScopeRoot:
+			err = applyRootChange(repo, c)
+		default:
+			logrus.Debug("scope not supported: ", c.Scope())
+		}
+		index++
+		if err != nil {
+			return err
+		}
+	}
+	logrus.Debugf("applied %d change(s)", index)
+	return nil
+}
+
+func applyTargetsChange(repo *tuf.Repo, c changelist.Change) error {
+	switch c.Type() {
+	case changelist.TypeTargetsTarget:
+		return changeTargetMeta(repo, c)
+	case changelist.TypeTargetsDelegation:
+		return changeTargetsDelegation(repo, c)
+	default:
+		return fmt.Errorf("only target meta and delegations changes supported")
+	}
+}
+
+func changeTargetsDelegation(repo *tuf.Repo, c changelist.Change) error {
+	switch c.Action() {
+	case changelist.ActionCreate:
+		td := changelist.TufDelegation{}
+		err := json.Unmarshal(c.Content(), &td)
+		if err != nil {
+			return err
+		}
+
+		// Try to create brand new role or update one
+		// First add the keys, then the paths.  We can only add keys and paths in this scenario
+		err = repo.UpdateDelegationKeys(c.Scope(), td.AddKeys, []string{}, td.NewThreshold)
+		if err != nil {
+			return err
+		}
+		return repo.UpdateDelegationPaths(c.Scope(), td.AddPaths, []string{}, false)
+	case changelist.ActionUpdate:
+		td := changelist.TufDelegation{}
+		err := json.Unmarshal(c.Content(), &td)
+		if err != nil {
+			return err
+		}
+		delgRole, err := repo.GetDelegationRole(c.Scope())
+		if err != nil {
+			return err
+		}
+
+		// We need to translate the keys from canonical ID to TUF ID for compatibility
+		canonicalToTUFID := make(map[string]string)
+		for tufID, pubKey := range delgRole.Keys {
+			canonicalID, err := utils.CanonicalKeyID(pubKey)
+			if err != nil {
+				return err
+			}
+			canonicalToTUFID[canonicalID] = tufID
+		}
+
+		removeTUFKeyIDs := []string{}
+		for _, canonID := range td.RemoveKeys {
+			removeTUFKeyIDs = append(removeTUFKeyIDs, canonicalToTUFID[canonID])
+		}
+
+		// If we specify the only keys left delete the role, else just delete specified keys
+		if strings.Join(delgRole.ListKeyIDs(), ";") == strings.Join(removeTUFKeyIDs, ";") && len(td.AddKeys) == 0 {
+			return repo.DeleteDelegation(c.Scope())
+		}
+		err = repo.UpdateDelegationKeys(c.Scope(), td.AddKeys, removeTUFKeyIDs, td.NewThreshold)
+		if err != nil {
+			return err
+		}
+		return repo.UpdateDelegationPaths(c.Scope(), td.AddPaths, td.RemovePaths, td.ClearAllPaths)
+	case changelist.ActionDelete:
+		return repo.DeleteDelegation(c.Scope())
+	default:
+		return fmt.Errorf("unsupported action against delegations: %s", c.Action())
+	}
+
+}
+
+func changeTargetMeta(repo *tuf.Repo, c changelist.Change) error {
+	var err error
+	switch c.Action() {
+	case changelist.ActionCreate:
+		logrus.Debug("changelist add: ", c.Path())
+		meta := &data.FileMeta{}
+		err = json.Unmarshal(c.Content(), meta)
+		if err != nil {
+			return err
+		}
+		files := data.Files{c.Path(): *meta}
+
+		// Attempt to add the target to this role
+		if _, err = repo.AddTargets(c.Scope(), files); err != nil {
+			logrus.Errorf("couldn't add target to %s: %s", c.Scope(), err.Error())
+		}
+
+	case changelist.ActionDelete:
+		logrus.Debug("changelist remove: ", c.Path())
+
+		// Attempt to remove the target from this role
+		if err = repo.RemoveTargets(c.Scope(), c.Path()); err != nil {
+			logrus.Errorf("couldn't remove target from %s: %s", c.Scope(), err.Error())
+		}
+
+	default:
+		logrus.Debug("action not yet supported: ", c.Action())
+	}
+	return err
+}
+
+func applyRootChange(repo *tuf.Repo, c changelist.Change) error {
+	var err error
+	switch c.Type() {
+	case changelist.TypeRootRole:
+		err = applyRootRoleChange(repo, c)
+	default:
+		logrus.Debug("type of root change not yet supported: ", c.Type())
+	}
+	return err // might be nil
+}
+
+func applyRootRoleChange(repo *tuf.Repo, c changelist.Change) error {
+	switch c.Action() {
+	case changelist.ActionCreate:
+		// replaces all keys for a role
+		d := &changelist.TufRootData{}
+		err := json.Unmarshal(c.Content(), d)
+		if err != nil {
+			return err
+		}
+		err = repo.ReplaceBaseKeys(d.RoleName, d.Keys...)
+		if err != nil {
+			return err
+		}
+	default:
+		logrus.Debug("action not yet supported for root: ", c.Action())
+	}
+	return nil
+}
+
+func nearExpiry(r *data.SignedRoot) bool {
+	plus6mo := time.Now().AddDate(0, 6, 0)
+	return r.Signed.Expires.Before(plus6mo)
+}
+
+// Fetches a public key from a remote store, given a gun and role
+func getRemoteKey(url, gun, role string, rt http.RoundTripper) (data.PublicKey, error) {
+	remote, err := getRemoteStore(url, gun, rt)
+	if err != nil {
+		return nil, err
+	}
+	rawPubKey, err := remote.GetKey(role)
+	if err != nil {
+		return nil, err
+	}
+
+	pubKey, err := data.UnmarshalPublicKey(rawPubKey)
+	if err != nil {
+		return nil, err
+	}
+
+	return pubKey, nil
+}
+
+// signs and serializes the metadata for a canonical role in a tuf repo to JSON
+func serializeCanonicalRole(tufRepo *tuf.Repo, role string) (out []byte, err error) {
+	var s *data.Signed
+	switch {
+	case role == data.CanonicalRootRole:
+		s, err = tufRepo.SignRoot(data.DefaultExpires(role))
+	case role == data.CanonicalSnapshotRole:
+		s, err = tufRepo.SignSnapshot(data.DefaultExpires(role))
+	case tufRepo.Targets[role] != nil:
+		s, err = tufRepo.SignTargets(
+			role, data.DefaultExpires(data.CanonicalTargetsRole))
+	default:
+		err = fmt.Errorf("%s not supported role to sign on the client", role)
+	}
+
+	if err != nil {
+		return
+	}
+
+	return json.Marshal(s)
+}
diff --git a/vendor/src/github.com/docker/notary/client/repo.go b/vendor/src/github.com/docker/notary/client/repo.go
new file mode 100644
index 00000000..d9931891
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/client/repo.go
@@ -0,0 +1,27 @@
+// +build !pkcs11
+
+package client
+
+import (
+	"fmt"
+	"net/http"
+
+	"github.com/docker/notary/passphrase"
+	"github.com/docker/notary/trustmanager"
+)
+
+// NewNotaryRepository is a helper method that returns a new notary repository.
+// It takes the base directory under where all the trust files will be stored
+// (usually ~/.docker/trust/).
+func NewNotaryRepository(baseDir, gun, baseURL string, rt http.RoundTripper,
+	retriever passphrase.Retriever) (
+	*NotaryRepository, error) {
+
+	fileKeyStore, err := trustmanager.NewKeyFileStore(baseDir, retriever)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create private key store in directory: %s", baseDir)
+	}
+
+	return repositoryFromKeystores(baseDir, gun, baseURL, rt,
+		[]trustmanager.KeyStore{fileKeyStore})
+}
diff --git a/vendor/src/github.com/docker/notary/client/repo_pkcs11.go b/vendor/src/github.com/docker/notary/client/repo_pkcs11.go
new file mode 100644
index 00000000..dd697ff4
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/client/repo_pkcs11.go
@@ -0,0 +1,33 @@
+// +build pkcs11
+
+package client
+
+import (
+	"fmt"
+	"net/http"
+
+	"github.com/docker/notary/passphrase"
+	"github.com/docker/notary/trustmanager"
+	"github.com/docker/notary/trustmanager/yubikey"
+)
+
+// NewNotaryRepository is a helper method that returns a new notary repository.
+// It takes the base directory under where all the trust files will be stored
+// (usually ~/.docker/trust/).
+func NewNotaryRepository(baseDir, gun, baseURL string, rt http.RoundTripper,
+	retriever passphrase.Retriever) (
+	*NotaryRepository, error) {
+
+	fileKeyStore, err := trustmanager.NewKeyFileStore(baseDir, retriever)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create private key store in directory: %s", baseDir)
+	}
+
+	keyStores := []trustmanager.KeyStore{fileKeyStore}
+	yubiKeyStore, _ := yubikey.NewYubiKeyStore(fileKeyStore, retriever)
+	if yubiKeyStore != nil {
+		keyStores = []trustmanager.KeyStore{yubiKeyStore, fileKeyStore}
+	}
+
+	return repositoryFromKeystores(baseDir, gun, baseURL, rt, keyStores)
+}
diff --git a/vendor/src/github.com/docker/notary/const.go b/vendor/src/github.com/docker/notary/const.go
new file mode 100644
index 00000000..22296f71
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/const.go
@@ -0,0 +1,61 @@
+package notary
+
+import (
+	"time"
+)
+
+// application wide constants
+const (
+	// MaxDownloadSize is the maximum size we'll download for metadata if no limit is given
+	MaxDownloadSize int64 = 100 << 20
+	// MaxTimestampSize is the maximum size of timestamp metadata - 1MiB.
+	MaxTimestampSize int64 = 1 << 20
+	// MinRSABitSize is the minimum bit size for RSA keys allowed in notary
+	MinRSABitSize = 2048
+	// MinThreshold requires a minimum of one threshold for roles; currently we do not support a higher threshold
+	MinThreshold = 1
+	// PrivKeyPerms are the file permissions to use when writing private keys to disk
+	PrivKeyPerms = 0700
+	// PubCertPerms are the file permissions to use when writing public certificates to disk
+	PubCertPerms = 0755
+	// Sha256HexSize is how big a Sha256 hex is in number of characters
+	Sha256HexSize = 64
+	// SHA256 is the name of SHA256 hash algorithm
+	SHA256 = "sha256"
+	// SHA512 is the name of SHA512 hash algorithm
+	SHA512 = "sha512"
+	// TrustedCertsDir is the directory, under the notary repo base directory, where trusted certs are stored
+	TrustedCertsDir = "trusted_certificates"
+	// PrivDir is the directory, under the notary repo base directory, where private keys are stored
+	PrivDir = "private"
+	// RootKeysSubdir is the subdirectory under PrivDir where root private keys are stored
+	RootKeysSubdir = "root_keys"
+	// NonRootKeysSubdir is the subdirectory under PrivDir where non-root private keys are stored
+	NonRootKeysSubdir = "tuf_keys"
+
+	// Day is a duration of one day
+	Day  = 24 * time.Hour
+	Year = 365 * Day
+
+	// NotaryRootExpiry is the duration representing the expiry time of the Root role
+	NotaryRootExpiry      = 10 * Year
+	NotaryTargetsExpiry   = 3 * Year
+	NotarySnapshotExpiry  = 3 * Year
+	NotaryTimestampExpiry = 14 * Day
+
+	ConsistentMetadataCacheMaxAge = 30 * Day
+	CurrentMetadataCacheMaxAge    = 5 * time.Minute
+	// CacheMaxAgeLimit is the generally recommended maximum age for Cache-Control headers
+	// (one year, in seconds, since one year is forever in terms of internet
+	// content)
+	CacheMaxAgeLimit = 1 * Year
+)
+
+// NotaryDefaultExpiries is the construct used to configure the default expiry times of
+// the various role files.
+var NotaryDefaultExpiries = map[string]time.Duration{
+	"root":      NotaryRootExpiry,
+	"targets":   NotaryTargetsExpiry,
+	"snapshot":  NotarySnapshotExpiry,
+	"timestamp": NotaryTimestampExpiry,
+}
diff --git a/vendor/src/github.com/docker/notary/coverpkg.sh b/vendor/src/github.com/docker/notary/coverpkg.sh
new file mode 100755
index 00000000..00ec5d11
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/coverpkg.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+# Given a subpackage and the containing package, figures out which packages
+# need to be passed to `go test -coverpkg`:  this includes all of the
+# subpackage's dependencies within the containing package, as well as the
+# subpackage itself.
+
+DEPENDENCIES="$(go list -f $'{{range $f := .Deps}}{{$f}}\n{{end}}' ${1} | grep ${2} | grep -v ${2}/vendor)"
+
+echo "${1} ${DEPENDENCIES}" | xargs echo -n | tr ' ' ','
diff --git a/vendor/src/github.com/docker/notary/cryptoservice/certificate.go b/vendor/src/github.com/docker/notary/cryptoservice/certificate.go
new file mode 100644
index 00000000..25183aea
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/cryptoservice/certificate.go
@@ -0,0 +1,48 @@
+package cryptoservice
+
+import (
+	"crypto"
+	"crypto/rand"
+	"crypto/x509"
+	"fmt"
+	"time"
+
+	"github.com/docker/notary/trustmanager"
+	"github.com/docker/notary/tuf/data"
+)
+
+// GenerateCertificate generates an X509 Certificate from a template, given a GUN and validity interval
+func GenerateCertificate(rootKey data.PrivateKey, gun string, startTime, endTime time.Time) (*x509.Certificate, error) {
+	signer := rootKey.CryptoSigner()
+	if signer == nil {
+		return nil, fmt.Errorf("key type not supported for Certificate generation: %s\n", rootKey.Algorithm())
+	}
+
+	return generateCertificate(signer, gun, startTime, endTime)
+}
+
+// GenerateTestingCertificate generates a non-expired X509 Certificate from a template, given a GUN.
+// Good enough for tests where expiration does not really matter; do not use if you care about the policy.
+func GenerateTestingCertificate(signer crypto.Signer, gun string) (*x509.Certificate, error) {
+	startTime := time.Now()
+	return generateCertificate(signer, gun, startTime, startTime.AddDate(10, 0, 0))
+}
+
+func generateCertificate(signer crypto.Signer, gun string, startTime, endTime time.Time) (*x509.Certificate, error) {
+	template, err := trustmanager.NewCertificate(gun, startTime, endTime)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create the certificate template for: %s (%v)", gun, err)
+	}
+
+	derBytes, err := x509.CreateCertificate(rand.Reader, template, template, signer.Public(), signer)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create the certificate for: %s (%v)", gun, err)
+	}
+
+	cert, err := x509.ParseCertificate(derBytes)
+	if err != nil {
+		return nil, fmt.Errorf("failed to parse the certificate for key: %s (%v)", gun, err)
+	}
+
+	return cert, nil
+}
diff --git a/vendor/src/github.com/docker/notary/cryptoservice/crypto_service.go b/vendor/src/github.com/docker/notary/cryptoservice/crypto_service.go
new file mode 100644
index 00000000..7c32ba72
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/cryptoservice/crypto_service.go
@@ -0,0 +1,155 @@
+package cryptoservice
+
+import (
+	"crypto/rand"
+	"fmt"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/notary/trustmanager"
+	"github.com/docker/notary/tuf/data"
+)
+
+const (
+	rsaKeySize = 2048 // Used for snapshots and targets keys
+)
+
+// CryptoService implements Sign and Create, holding a specific GUN and keystore to
+// operate on
+type CryptoService struct {
+	keyStores []trustmanager.KeyStore
+}
+
+// NewCryptoService returns an instance of CryptoService
+func NewCryptoService(keyStores ...trustmanager.KeyStore) *CryptoService {
+	return &CryptoService{keyStores: keyStores}
+}
+
+// Create is used to generate keys for targets, snapshots and timestamps
+func (cs *CryptoService) Create(role, gun, algorithm string) (data.PublicKey, error) {
+	var privKey data.PrivateKey
+	var err error
+
+	switch algorithm {
+	case data.RSAKey:
+		privKey, err = trustmanager.GenerateRSAKey(rand.Reader, rsaKeySize)
+		if err != nil {
+			return nil, fmt.Errorf("failed to generate RSA key: %v", err)
+		}
+	case data.ECDSAKey:
+		privKey, err = trustmanager.GenerateECDSAKey(rand.Reader)
+		if err != nil {
+			return nil, fmt.Errorf("failed to generate EC key: %v", err)
+		}
+	case data.ED25519Key:
+		privKey, err = trustmanager.GenerateED25519Key(rand.Reader)
+		if err != nil {
+			return nil, fmt.Errorf("failed to generate ED25519 key: %v", err)
+		}
+	default:
+		return nil, fmt.Errorf("private key type not supported for key generation: %s", algorithm)
+	}
+	logrus.Debugf("generated new %s key for role: %s and keyID: %s", algorithm, role, privKey.ID())
+
+	// Store the private key into our keystore
+	for _, ks := range cs.keyStores {
+		err = ks.AddKey(trustmanager.KeyInfo{Role: role, Gun: gun}, privKey)
+		if err == nil {
+			return data.PublicKeyFromPrivate(privKey), nil
+		}
+	}
+	if err != nil {
+		return nil, fmt.Errorf("failed to add key to filestore: %v", err)
+	}
+
+	return nil, fmt.Errorf("keystores would not accept new private keys for unknown reasons")
+}
+
+// GetPrivateKey returns a private key and role if present by ID.
+func (cs *CryptoService) GetPrivateKey(keyID string) (k data.PrivateKey, role string, err error) {
+	for _, ks := range cs.keyStores {
+		if k, role, err = ks.GetKey(keyID); err == nil {
+			return
+		}
+		switch err.(type) {
+		case trustmanager.ErrPasswordInvalid, trustmanager.ErrAttemptsExceeded:
+			return
+		default:
+			continue
+		}
+	}
+	return // returns whatever the final values were
+}
+
+// GetKey returns a key by ID
+func (cs *CryptoService) GetKey(keyID string) data.PublicKey {
+	privKey, _, err := cs.GetPrivateKey(keyID)
+	if err != nil {
+		return nil
+	}
+	return data.PublicKeyFromPrivate(privKey)
+}
+
+// GetKeyInfo returns role and GUN info of a key by ID
+func (cs *CryptoService) GetKeyInfo(keyID string) (trustmanager.KeyInfo, error) {
+	for _, store := range cs.keyStores {
+		if info, err := store.GetKeyInfo(keyID); err == nil {
+			return info, nil
+		}
+	}
+	return trustmanager.KeyInfo{}, fmt.Errorf("Could not find info for keyID %s", keyID)
+}
+
+// RemoveKey deletes a key by ID
+func (cs *CryptoService) RemoveKey(keyID string) (err error) {
+	for _, ks := range cs.keyStores {
+		ks.RemoveKey(keyID)
+	}
+	return // returns whatever the final values were
+}
+
+// AddKey adds a private key to a specified role.
+// The GUN is inferred from the cryptoservice itself for non-root roles
+func (cs *CryptoService) AddKey(role, gun string, key data.PrivateKey) (err error) {
+	// First check if this key already exists in any of our keystores
+	for _, ks := range cs.keyStores {
+		if keyInfo, err := ks.GetKeyInfo(key.ID()); err == nil {
+			if keyInfo.Role != role {
+				return fmt.Errorf("key with same ID already exists for role: %s", keyInfo.Role)
+			}
+			logrus.Debugf("key with same ID %s and role %s already exists", key.ID(), keyInfo.Role)
+			return nil
+		}
+	}
+	// If the key didn't exist in any of our keystores, add and return on the first successful keystore
+	for _, ks := range cs.keyStores {
+		// Try to add to this keystore, return if successful
+		if err = ks.AddKey(trustmanager.KeyInfo{Role: role, Gun: gun}, key); err == nil {
+			return nil
+		}
+	}
+	return // returns whatever the final values were
+}
+
+// ListKeys returns a list of key IDs valid for the given role
+func (cs *CryptoService) ListKeys(role string) []string {
+	var res []string
+	for _, ks := range cs.keyStores {
+		for k, r := range ks.ListKeys() {
+			if r.Role == role {
+				res = append(res, k)
+			}
+		}
+	}
+	return res
+}
+
+// ListAllKeys returns a map of key IDs to role
+func (cs *CryptoService) ListAllKeys() map[string]string {
+	res := make(map[string]string)
+	for _, ks := range cs.keyStores {
+		for k, r := range ks.ListKeys() {
+			res[k] = r.Role // keys are content addressed so don't care about overwrites
+		}
+	}
+	return res
+}
diff --git a/vendor/src/github.com/docker/notary/cryptoservice/import_export.go b/vendor/src/github.com/docker/notary/cryptoservice/import_export.go
new file mode 100644
index 00000000..99445cda
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/cryptoservice/import_export.go
@@ -0,0 +1,313 @@
+package cryptoservice
+
+import (
+	"archive/zip"
+	"crypto/x509"
+	"encoding/pem"
+	"errors"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/docker/notary/passphrase"
+	"github.com/docker/notary/trustmanager"
+)
+
+const zipMadeByUNIX = 3 << 8
+
+var (
+	// ErrNoValidPrivateKey is returned if a key being imported doesn't
+	// look like a private key
+	ErrNoValidPrivateKey = errors.New("no valid private key found")
+
+	// ErrRootKeyNotEncrypted is returned if a root key being imported is
+	// unencrypted
+	ErrRootKeyNotEncrypted = errors.New("only encrypted root keys may be imported")
+
+	// ErrNoKeysFoundForGUN is returned if no keys are found for the
+	// specified GUN during export
+	ErrNoKeysFoundForGUN = errors.New("no keys found for specified GUN")
+)
+
+// ExportKey exports the specified private key to an io.Writer in PEM format.
+// The key's existing encryption is preserved.
+func (cs *CryptoService) ExportKey(dest io.Writer, keyID, role string) error {
+	var (
+		pemBytes []byte
+		err      error
+	)
+
+	for _, ks := range cs.keyStores {
+		pemBytes, err = ks.ExportKey(keyID)
+		if err != nil {
+			continue
+		}
+	}
+	if err != nil {
+		return err
+	}
+
+	nBytes, err := dest.Write(pemBytes)
+	if err != nil {
+		return err
+	}
+	if nBytes != len(pemBytes) {
+		return errors.New("Unable to finish writing exported key.")
+	}
+	return nil
+}
+
+// ExportKeyReencrypt exports the specified private key to an io.Writer in
+// PEM format. The key is reencrypted with a new passphrase.
+func (cs *CryptoService) ExportKeyReencrypt(dest io.Writer, keyID string, newPassphraseRetriever passphrase.Retriever) error {
+	privateKey, _, err := cs.GetPrivateKey(keyID)
+	if err != nil {
+		return err
+	}
+
+	keyInfo, err := cs.GetKeyInfo(keyID)
+	if err != nil {
+		return err
+	}
+
+	// Create temporary keystore to use as a staging area
+	tempBaseDir, err := ioutil.TempDir("", "notary-key-export-")
+	defer os.RemoveAll(tempBaseDir)
+
+	tempKeyStore, err := trustmanager.NewKeyFileStore(tempBaseDir, newPassphraseRetriever)
+	if err != nil {
+		return err
+	}
+
+	err = tempKeyStore.AddKey(keyInfo, privateKey)
+	if err != nil {
+		return err
+	}
+
+	pemBytes, err := tempKeyStore.ExportKey(keyID)
+	if err != nil {
+		return err
+	}
+	nBytes, err := dest.Write(pemBytes)
+	if err != nil {
+		return err
+	}
+	if nBytes != len(pemBytes) {
+		return errors.New("Unable to finish writing exported key.")
+	}
+	return nil
+}
+
+// ExportAllKeys exports all keys to an io.Writer in zip format.
+// newPassphraseRetriever will be used to obtain passphrases to use to encrypt the existing keys.
+func (cs *CryptoService) ExportAllKeys(dest io.Writer, newPassphraseRetriever passphrase.Retriever) error {
+	tempBaseDir, err := ioutil.TempDir("", "notary-key-export-")
+	defer os.RemoveAll(tempBaseDir)
+
+	// Create temporary keystore to use as a staging area
+	tempKeyStore, err := trustmanager.NewKeyFileStore(tempBaseDir, newPassphraseRetriever)
+	if err != nil {
+		return err
+	}
+
+	for _, ks := range cs.keyStores {
+		if err := moveKeys(ks, tempKeyStore); err != nil {
+			return err
+		}
+	}
+
+	zipWriter := zip.NewWriter(dest)
+
+	if err := addKeysToArchive(zipWriter, tempKeyStore); err != nil {
+		return err
+	}
+
+	zipWriter.Close()
+
+	return nil
+}
+
+// ImportKeysZip imports keys from a zip file provided as an zip.Reader. The
+// keys in the root_keys directory are left encrypted, but the other keys are
+// decrypted with the specified passphrase.
+func (cs *CryptoService) ImportKeysZip(zipReader zip.Reader, retriever passphrase.Retriever) error {
+	// Temporarily store the keys in maps, so we can bail early if there's
+	// an error (for example, wrong passphrase), without leaving the key
+	// store in an inconsistent state
+	newKeys := make(map[string][]byte)
+
+	// Iterate through the files in the archive. Don't add the keys
+	for _, f := range zipReader.File {
+		fNameTrimmed := strings.TrimSuffix(f.Name, filepath.Ext(f.Name))
+		rc, err := f.Open()
+		if err != nil {
+			return err
+		}
+		defer rc.Close()
+
+		fileBytes, err := ioutil.ReadAll(rc)
+		if err != nil {
+			return nil
+		}
+
+		// Note that using / as a separator is okay here - the zip
+		// package guarantees that the separator will be /
+		if fNameTrimmed[len(fNameTrimmed)-5:] == "_root" {
+			if err = CheckRootKeyIsEncrypted(fileBytes); err != nil {
+				return err
+			}
+		}
+		newKeys[fNameTrimmed] = fileBytes
+	}
+
+	for keyName, pemBytes := range newKeys {
+		// Get the key role information as well as its data.PrivateKey representation
+		_, keyInfo, err := trustmanager.KeyInfoFromPEM(pemBytes, keyName)
+		if err != nil {
+			return err
+		}
+		privKey, err := trustmanager.ParsePEMPrivateKey(pemBytes, "")
+		if err != nil {
+			privKey, _, err = trustmanager.GetPasswdDecryptBytes(retriever, pemBytes, "", "imported "+keyInfo.Role)
+			if err != nil {
+				return err
+			}
+		}
+		// Add the key to our cryptoservice, will add to the first successful keystore
+		if err = cs.AddKey(keyInfo.Role, keyInfo.Gun, privKey); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// ExportKeysByGUN exports all keys associated with a specified GUN to an
+// io.Writer in zip format. passphraseRetriever is used to select new passphrases to use to
+// encrypt the keys.
+func (cs *CryptoService) ExportKeysByGUN(dest io.Writer, gun string, passphraseRetriever passphrase.Retriever) error {
+	tempBaseDir, err := ioutil.TempDir("", "notary-key-export-")
+	defer os.RemoveAll(tempBaseDir)
+
+	// Create temporary keystore to use as a staging area
+	tempKeyStore, err := trustmanager.NewKeyFileStore(tempBaseDir, passphraseRetriever)
+	if err != nil {
+		return err
+	}
+
+	for _, ks := range cs.keyStores {
+		if err := moveKeysByGUN(ks, tempKeyStore, gun); err != nil {
+			return err
+		}
+	}
+
+	zipWriter := zip.NewWriter(dest)
+
+	if len(tempKeyStore.ListKeys()) == 0 {
+		return ErrNoKeysFoundForGUN
+	}
+
+	if err := addKeysToArchive(zipWriter, tempKeyStore); err != nil {
+		return err
+	}
+
+	zipWriter.Close()
+
+	return nil
+}
+
+func moveKeysByGUN(oldKeyStore, newKeyStore trustmanager.KeyStore, gun string) error {
+	for keyID, keyInfo := range oldKeyStore.ListKeys() {
+		// Skip keys that aren't associated with this GUN
+		if keyInfo.Gun != gun {
+			continue
+		}
+
+		privKey, _, err := oldKeyStore.GetKey(keyID)
+		if err != nil {
+			return err
+		}
+
+		err = newKeyStore.AddKey(keyInfo, privKey)
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func moveKeys(oldKeyStore, newKeyStore trustmanager.KeyStore) error {
+	for keyID, keyInfo := range oldKeyStore.ListKeys() {
+		privateKey, _, err := oldKeyStore.GetKey(keyID)
+		if err != nil {
+			return err
+		}
+
+		err = newKeyStore.AddKey(keyInfo, privateKey)
+
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func addKeysToArchive(zipWriter *zip.Writer, newKeyStore *trustmanager.KeyFileStore) error {
+	for _, relKeyPath := range newKeyStore.ListFiles() {
+		fullKeyPath, err := newKeyStore.GetPath(relKeyPath)
+		if err != nil {
+			return err
+		}
+
+		fi, err := os.Lstat(fullKeyPath)
+		if err != nil {
+			return err
+		}
+
+		infoHeader, err := zip.FileInfoHeader(fi)
+		if err != nil {
+			return err
+		}
+
+		relPath, err := filepath.Rel(newKeyStore.BaseDir(), fullKeyPath)
+		if err != nil {
+			return err
+		}
+		infoHeader.Name = relPath
+
+		zipFileEntryWriter, err := zipWriter.CreateHeader(infoHeader)
+		if err != nil {
+			return err
+		}
+
+		fileContents, err := ioutil.ReadFile(fullKeyPath)
+		if err != nil {
+			return err
+		}
+
+		if _, err = zipFileEntryWriter.Write(fileContents); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// CheckRootKeyIsEncrypted makes sure the root key is encrypted. We have
+// internal assumptions that depend on this.
+func CheckRootKeyIsEncrypted(pemBytes []byte) error {
+	block, _ := pem.Decode(pemBytes)
+	if block == nil {
+		return ErrNoValidPrivateKey
+	}
+
+	if !x509.IsEncryptedPEMBlock(block) {
+		return ErrRootKeyNotEncrypted
+	}
+
+	return nil
+}
diff --git a/vendor/src/github.com/docker/notary/docker-compose.yml b/vendor/src/github.com/docker/notary/docker-compose.yml
new file mode 100644
index 00000000..4f8705f3
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/docker-compose.yml
@@ -0,0 +1,34 @@
+server:
+  build: .
+  dockerfile: server.Dockerfile
+  links:
+    - mysql
+    - signer
+    - signer:notarysigner
+  environment:
+    - SERVICE_NAME=notary_server
+  ports:
+    - "8080"
+    - "4443:4443"
+  entrypoint: /bin/bash
+  command: -c "./migrations/migrate.sh && notary-server -config=fixtures/server-config.json"
+signer:
+  build: .
+  dockerfile: signer.Dockerfile
+  links:
+    - mysql
+  environment:
+    - SERVICE_NAME=notary_signer
+  entrypoint: /bin/bash
+  command: -c "./migrations/migrate.sh && notary-signer -config=fixtures/signer-config.json"
+mysql:
+  volumes:
+    - ./notarymysql/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
+    - notary_data:/var/lib/mysql
+  image: mariadb:10.1.10
+  ports:
+    - "3306:3306"
+  environment:
+    - TERM=dumb
+    - MYSQL_ALLOW_EMPTY_PASSWORD="true"
+  command: mysqld --innodb_file_per_table
diff --git a/vendor/src/github.com/docker/notary/passphrase/passphrase.go b/vendor/src/github.com/docker/notary/passphrase/passphrase.go
new file mode 100644
index 00000000..9e6d1b4d
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/passphrase/passphrase.go
@@ -0,0 +1,201 @@
+// Package passphrase is a utility function for managing passphrase
+// for TUF and Notary keys.
+package passphrase
+
+import (
+	"bufio"
+	"errors"
+	"fmt"
+	"io"
+	"os"
+	"strings"
+
+	"path/filepath"
+
+	"github.com/docker/docker/pkg/term"
+)
+
+// Retriever is a callback function that should retrieve a passphrase
+// for a given named key. If it should be treated as new passphrase (e.g. with
+// confirmation), createNew will be true. Attempts is passed in so that implementers
+// decide how many chances to give to a human, for example.
+type Retriever func(keyName, alias string, createNew bool, attempts int) (passphrase string, giveup bool, err error)
+
+const (
+	idBytesToDisplay            = 7
+	tufRootAlias                = "root"
+	tufTargetsAlias             = "targets"
+	tufSnapshotAlias            = "snapshot"
+	tufRootKeyGenerationWarning = `You are about to create a new root signing key passphrase. This passphrase
+will be used to protect the most sensitive key in your signing system. Please
+choose a long, complex passphrase and be careful to keep the password and the
+key file itself secure and backed up. It is highly recommended that you use a
+password manager to generate the passphrase and keep it safe. There will be no
+way to recover this key. You can find the key in your config directory.`
+)
+
+var (
+	// ErrTooShort is returned if the passphrase entered for a new key is
+	// below the minimum length
+	ErrTooShort = errors.New("Passphrase too short")
+
+	// ErrDontMatch is returned if the two entered passphrases don't match.
+	// new key is below the minimum length
+	ErrDontMatch = errors.New("The entered passphrases do not match")
+
+	// ErrTooManyAttempts is returned if the maximum number of passphrase
+	// entry attempts is reached.
+	ErrTooManyAttempts = errors.New("Too many attempts")
+)
+
+// PromptRetriever returns a new Retriever which will provide a prompt on stdin
+// and stdout to retrieve a passphrase. The passphrase will be cached such that
+// subsequent prompts will produce the same passphrase.
+func PromptRetriever() Retriever {
+	return PromptRetrieverWithInOut(os.Stdin, os.Stdout, nil)
+}
+
+// PromptRetrieverWithInOut returns a new Retriever which will provide a
+// prompt using the given in and out readers. The passphrase will be cached
+// such that subsequent prompts will produce the same passphrase.
+// aliasMap can be used to specify display names for TUF key aliases. If aliasMap
+// is nil, a sensible default will be used.
+func PromptRetrieverWithInOut(in io.Reader, out io.Writer, aliasMap map[string]string) Retriever {
+	userEnteredTargetsSnapshotsPass := false
+	targetsSnapshotsPass := ""
+	userEnteredRootsPass := false
+	rootsPass := ""
+
+	return func(keyName string, alias string, createNew bool, numAttempts int) (string, bool, error) {
+		if alias == tufRootAlias && createNew && numAttempts == 0 {
+			fmt.Fprintln(out, tufRootKeyGenerationWarning)
+		}
+		if numAttempts > 0 {
+			if !createNew {
+				fmt.Fprintln(out, "Passphrase incorrect. Please retry.")
+			}
+		}
+
+		// Figure out if we should display a different string for this alias
+		displayAlias := alias
+		if aliasMap != nil {
+			if val, ok := aliasMap[alias]; ok {
+				displayAlias = val
+			}
+
+		}
+
+		// First, check if we have a password cached for this alias.
+		if numAttempts == 0 {
+			if userEnteredTargetsSnapshotsPass && (alias == tufSnapshotAlias || alias == tufTargetsAlias) {
+				return targetsSnapshotsPass, false, nil
+			}
+			if userEnteredRootsPass && (alias == "root") {
+				return rootsPass, false, nil
+			}
+		}
+
+		if numAttempts > 3 && !createNew {
+			return "", true, ErrTooManyAttempts
+		}
+
+		// If typing on the terminal, we do not want the terminal to echo the
+		// password that is typed (so it doesn't display)
+		if term.IsTerminal(0) {
+			state, err := term.SaveState(0)
+			if err != nil {
+				return "", false, err
+			}
+			term.DisableEcho(0, state)
+			defer term.RestoreTerminal(0, state)
+		}
+
+		stdin := bufio.NewReader(in)
+
+		indexOfLastSeparator := strings.LastIndex(keyName, string(filepath.Separator))
+		if indexOfLastSeparator == -1 {
+			indexOfLastSeparator = 0
+		}
+
+		var shortName string
+		if len(keyName) > indexOfLastSeparator+idBytesToDisplay {
+			if indexOfLastSeparator > 0 {
+				keyNamePrefix := keyName[:indexOfLastSeparator]
+				keyNameID := keyName[indexOfLastSeparator+1 : indexOfLastSeparator+idBytesToDisplay+1]
+				shortName = keyNameID + " (" + keyNamePrefix + ")"
+			} else {
+				shortName = keyName[indexOfLastSeparator : indexOfLastSeparator+idBytesToDisplay]
+			}
+		}
+
+		withID := fmt.Sprintf(" with ID %s", shortName)
+		if shortName == "" {
+			withID = ""
+		}
+
+		if createNew {
+			fmt.Fprintf(out, "Enter passphrase for new %s key%s: ", displayAlias, withID)
+		} else if displayAlias == "yubikey" {
+			fmt.Fprintf(out, "Enter the %s for the attached Yubikey: ", keyName)
+		} else {
+			fmt.Fprintf(out, "Enter passphrase for %s key%s: ", displayAlias, withID)
+		}
+
+		passphrase, err := stdin.ReadBytes('\n')
+		fmt.Fprintln(out)
+		if err != nil {
+			return "", false, err
+		}
+
+		retPass := strings.TrimSpace(string(passphrase))
+
+		if !createNew {
+			if alias == tufSnapshotAlias || alias == tufTargetsAlias {
+				userEnteredTargetsSnapshotsPass = true
+				targetsSnapshotsPass = retPass
+			}
+			if alias == tufRootAlias {
+				userEnteredRootsPass = true
+				rootsPass = retPass
+			}
+			return retPass, false, nil
+		}
+
+		if len(retPass) < 8 {
+			fmt.Fprintln(out, "Passphrase is too short. Please use a password manager to generate and store a good random passphrase.")
+			return "", false, ErrTooShort
+		}
+
+		fmt.Fprintf(out, "Repeat passphrase for new %s key%s: ", displayAlias, withID)
+		confirmation, err := stdin.ReadBytes('\n')
+		fmt.Fprintln(out)
+		if err != nil {
+			return "", false, err
+		}
+		confirmationStr := strings.TrimSpace(string(confirmation))
+
+		if retPass != confirmationStr {
+			fmt.Fprintln(out, "Passphrases do not match. Please retry.")
+			return "", false, ErrDontMatch
+		}
+
+		if alias == tufSnapshotAlias || alias == tufTargetsAlias {
+			userEnteredTargetsSnapshotsPass = true
+			targetsSnapshotsPass = retPass
+		}
+		if alias == tufRootAlias {
+			userEnteredRootsPass = true
+			rootsPass = retPass
+		}
+
+		return retPass, false, nil
+	}
+}
+
+// ConstantRetriever returns a new Retriever which will return a constant string
+// as a passphrase.
+func ConstantRetriever(constantPassphrase string) Retriever {
+	return func(k, a string, c bool, n int) (string, bool, error) {
+		return constantPassphrase, false, nil
+	}
+}
diff --git a/vendor/src/github.com/docker/notary/server.Dockerfile b/vendor/src/github.com/docker/notary/server.Dockerfile
new file mode 100644
index 00000000..0966cea2
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/server.Dockerfile
@@ -0,0 +1,28 @@
+FROM golang:1.6.0
+MAINTAINER David Lawrence "david.lawrence@docker.com"
+
+RUN apt-get update && apt-get install -y \
+    libltdl-dev \
+    --no-install-recommends \
+    && rm -rf /var/lib/apt/lists/*
+
+EXPOSE 4443
+
+# Install DB migration tool
+RUN go get github.com/mattes/migrate
+
+ENV NOTARYPKG github.com/docker/notary
+
+# Copy the local repo to the expected go path
+COPY . /go/src/github.com/docker/notary
+
+WORKDIR /go/src/${NOTARYPKG}
+
+# Install notary-server
+RUN go install \
+    -tags pkcs11 \
+    -ldflags "-w -X ${NOTARYPKG}/version.GitCommit=`git rev-parse --short HEAD` -X ${NOTARYPKG}/version.NotaryVersion=`cat NOTARY_VERSION`" \
+    ${NOTARYPKG}/cmd/notary-server
+
+ENTRYPOINT [ "notary-server" ]
+CMD [ "-config=fixtures/server-config-local.json" ]
diff --git a/vendor/src/github.com/docker/notary/signer.Dockerfile b/vendor/src/github.com/docker/notary/signer.Dockerfile
new file mode 100644
index 00000000..846e30e5
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/signer.Dockerfile
@@ -0,0 +1,30 @@
+FROM golang:1.6.0
+MAINTAINER David Lawrence "david.lawrence@docker.com"
+
+RUN apt-get update && apt-get install -y \
+    libltdl-dev \
+    --no-install-recommends \
+    && rm -rf /var/lib/apt/lists/*
+
+EXPOSE 4444
+
+# Install DB migration tool
+RUN go get github.com/mattes/migrate
+
+ENV NOTARYPKG github.com/docker/notary
+ENV NOTARY_SIGNER_DEFAULT_ALIAS="timestamp_1"
+ENV NOTARY_SIGNER_TIMESTAMP_1="testpassword"
+
+# Copy the local repo to the expected go path
+COPY . /go/src/github.com/docker/notary
+
+WORKDIR /go/src/${NOTARYPKG}
+
+# Install notary-signer
+RUN go install \
+    -tags pkcs11 \
+    -ldflags "-w -X ${NOTARYPKG}/version.GitCommit=`git rev-parse --short HEAD` -X ${NOTARYPKG}/version.NotaryVersion=`cat NOTARY_VERSION`" \
+    ${NOTARYPKG}/cmd/notary-signer
+
+ENTRYPOINT [ "notary-signer" ]
+CMD [ "-config=fixtures/signer-config-local.json" ]
diff --git a/vendor/src/github.com/docker/notary/trustmanager/filestore.go b/vendor/src/github.com/docker/notary/trustmanager/filestore.go
new file mode 100644
index 00000000..b970159e
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/trustmanager/filestore.go
@@ -0,0 +1,191 @@
+package trustmanager
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"strings"
+)
+
+// SimpleFileStore implements FileStore
+type SimpleFileStore struct {
+	baseDir string
+	fileExt string
+	perms   os.FileMode
+}
+
+// NewSimpleFileStore creates a directory with 755 permissions
+func NewSimpleFileStore(baseDir string, fileExt string) (*SimpleFileStore, error) {
+	baseDir = filepath.Clean(baseDir)
+
+	if err := CreateDirectory(baseDir); err != nil {
+		return nil, err
+	}
+
+	if !strings.HasPrefix(fileExt, ".") {
+		fileExt = "." + fileExt
+	}
+
+	return &SimpleFileStore{
+		baseDir: baseDir,
+		fileExt: fileExt,
+		perms:   visible,
+	}, nil
+}
+
+// NewPrivateSimpleFileStore creates a directory with 700 permissions
+func NewPrivateSimpleFileStore(baseDir string, fileExt string) (*SimpleFileStore, error) {
+	if err := CreatePrivateDirectory(baseDir); err != nil {
+		return nil, err
+	}
+
+	if !strings.HasPrefix(fileExt, ".") {
+		fileExt = "." + fileExt
+	}
+
+	return &SimpleFileStore{
+		baseDir: baseDir,
+		fileExt: fileExt,
+		perms:   private,
+	}, nil
+}
+
+// Add writes data to a file with a given name
+func (f *SimpleFileStore) Add(name string, data []byte) error {
+	filePath, err := f.GetPath(name)
+	if err != nil {
+		return err
+	}
+	createDirectory(filepath.Dir(filePath), f.perms)
+	return ioutil.WriteFile(filePath, data, f.perms)
+}
+
+// Remove removes a file identified by name
+func (f *SimpleFileStore) Remove(name string) error {
+	// Attempt to remove
+	filePath, err := f.GetPath(name)
+	if err != nil {
+		return err
+	}
+	return os.Remove(filePath)
+}
+
+// RemoveDir removes the directory identified by name
+func (f *SimpleFileStore) RemoveDir(name string) error {
+	dirPath := filepath.Join(f.baseDir, name)
+
+	// Check to see if directory exists
+	fi, err := os.Stat(dirPath)
+	if err != nil {
+		return err
+	}
+
+	// Check to see if it is a directory
+	if !fi.IsDir() {
+		return fmt.Errorf("directory not found: %s", name)
+	}
+
+	return os.RemoveAll(dirPath)
+}
+
+// Get returns the data given a file name
+func (f *SimpleFileStore) Get(name string) ([]byte, error) {
+	filePath, err := f.GetPath(name)
+	if err != nil {
+		return nil, err
+	}
+	data, err := ioutil.ReadFile(filePath)
+	if err != nil {
+		return nil, err
+	}
+
+	return data, nil
+}
+
+// GetPath returns the full final path of a file with a given name
+func (f *SimpleFileStore) GetPath(name string) (string, error) {
+	fileName := f.genFileName(name)
+	fullPath := filepath.Clean(filepath.Join(f.baseDir, fileName))
+
+	if !strings.HasPrefix(fullPath, f.baseDir) {
+		return "", ErrPathOutsideStore
+	}
+	return fullPath, nil
+}
+
+// ListFiles lists all the files inside of a store
+func (f *SimpleFileStore) ListFiles() []string {
+	return f.list(f.baseDir)
+}
+
+// ListDir lists all the files inside of a directory identified by a name
+func (f *SimpleFileStore) ListDir(name string) []string {
+	fullPath := filepath.Join(f.baseDir, name)
+	return f.list(fullPath)
+}
+
+// list lists all the files in a directory given a full path. Ignores symlinks.
+func (f *SimpleFileStore) list(path string) []string {
+	files := make([]string, 0, 0)
+	filepath.Walk(path, func(fp string, fi os.FileInfo, err error) error {
+		// If there are errors, ignore this particular file
+		if err != nil {
+			return nil
+		}
+		// Ignore if it is a directory
+		if fi.IsDir() {
+			return nil
+		}
+
+		// If this is a symlink, ignore it
+		if fi.Mode()&os.ModeSymlink == os.ModeSymlink {
+			return nil
+		}
+
+		// Only allow matches that end with our certificate extension (e.g. *.crt)
+		matched, _ := filepath.Match("*"+f.fileExt, fi.Name())
+
+		if matched {
+			// Find the relative path for this file relative to the base path.
+			fp, err = filepath.Rel(path, fp)
+			if err != nil {
+				return err
+			}
+			trimmed := strings.TrimSuffix(fp, f.fileExt)
+			files = append(files, trimmed)
+		}
+		return nil
+	})
+	return files
+}
+
+// genFileName returns the name using the right extension
+func (f *SimpleFileStore) genFileName(name string) string {
+	return fmt.Sprintf("%s%s", name, f.fileExt)
+}
+
+// BaseDir returns the base directory of the filestore
+func (f *SimpleFileStore) BaseDir() string {
+	return f.baseDir
+}
+
+// CreateDirectory uses createDirectory to create a chmod 755 Directory
+func CreateDirectory(dir string) error {
+	return createDirectory(dir, visible)
+}
+
+// CreatePrivateDirectory uses createDirectory to create a chmod 700 Directory
+func CreatePrivateDirectory(dir string) error {
+	return createDirectory(dir, private)
+}
+
+// createDirectory receives a string of the path to a directory.
+// It does not support passing files, so the caller has to remove
+// the filename by doing filepath.Dir(full_path_to_file)
+func createDirectory(dir string, perms os.FileMode) error {
+	// This prevents someone passing /path/to/dir and 'dir' not being created
+	// If two '//' exist, MkdirAll deals it with correctly
+	dir = dir + "/"
+	return os.MkdirAll(dir, perms)
+}
diff --git a/vendor/src/github.com/docker/notary/trustmanager/keyfilestore.go b/vendor/src/github.com/docker/notary/trustmanager/keyfilestore.go
new file mode 100644
index 00000000..13fe4704
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/trustmanager/keyfilestore.go
@@ -0,0 +1,497 @@
+package trustmanager
+
+import (
+	"encoding/pem"
+	"fmt"
+	"path/filepath"
+	"strings"
+	"sync"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/notary"
+	"github.com/docker/notary/passphrase"
+	"github.com/docker/notary/tuf/data"
+)
+
+type keyInfoMap map[string]KeyInfo
+
+// KeyFileStore persists and manages private keys on disk
+type KeyFileStore struct {
+	sync.Mutex
+	SimpleFileStore
+	passphrase.Retriever
+	cachedKeys map[string]*cachedKey
+	keyInfoMap
+}
+
+// KeyMemoryStore manages private keys in memory
+type KeyMemoryStore struct {
+	sync.Mutex
+	MemoryFileStore
+	passphrase.Retriever
+	cachedKeys map[string]*cachedKey
+	keyInfoMap
+}
+
+// KeyInfo stores the role, path, and gun for a corresponding private key ID
+// It is assumed that each private key ID is unique
+type KeyInfo struct {
+	Gun  string
+	Role string
+}
+
+// NewKeyFileStore returns a new KeyFileStore creating a private directory to
+// hold the keys.
+func NewKeyFileStore(baseDir string, passphraseRetriever passphrase.Retriever) (*KeyFileStore, error) {
+	baseDir = filepath.Join(baseDir, notary.PrivDir)
+	fileStore, err := NewPrivateSimpleFileStore(baseDir, keyExtension)
+	if err != nil {
+		return nil, err
+	}
+	cachedKeys := make(map[string]*cachedKey)
+	keyInfoMap := make(keyInfoMap)
+
+	keyStore := &KeyFileStore{SimpleFileStore: *fileStore,
+		Retriever:  passphraseRetriever,
+		cachedKeys: cachedKeys,
+		keyInfoMap: keyInfoMap,
+	}
+
+	// Load this keystore's ID --> gun/role map
+	keyStore.loadKeyInfo()
+	return keyStore, nil
+}
+
+func generateKeyInfoMap(s LimitedFileStore) map[string]KeyInfo {
+	keyInfoMap := make(map[string]KeyInfo)
+	for _, keyPath := range s.ListFiles() {
+		d, err := s.Get(keyPath)
+		if err != nil {
+			logrus.Error(err)
+			continue
+		}
+		keyID, keyInfo, err := KeyInfoFromPEM(d, keyPath)
+		if err != nil {
+			logrus.Error(err)
+			continue
+		}
+		keyInfoMap[keyID] = keyInfo
+	}
+	return keyInfoMap
+}
+
+// Attempts to infer the keyID, role, and GUN from the specified key path.
+// Note that non-root roles can only be inferred if this is a legacy style filename: KEYID_ROLE.key
+func inferKeyInfoFromKeyPath(keyPath string) (string, string, string) {
+	var keyID, role, gun string
+	keyID = filepath.Base(keyPath)
+	underscoreIndex := strings.LastIndex(keyID, "_")
+
+	// This is the legacy KEYID_ROLE filename
+	// The keyID is the first part of the keyname
+	// The keyRole is the second part of the keyname
+	// in a key named abcde_root, abcde is the keyID and root is the KeyAlias
+	if underscoreIndex != -1 {
+		role = keyID[underscoreIndex+1:]
+		keyID = keyID[:underscoreIndex]
+	}
+
+	if filepath.HasPrefix(keyPath, notary.RootKeysSubdir+"/") {
+		return keyID, data.CanonicalRootRole, ""
+	}
+
+	keyPath = strings.TrimPrefix(keyPath, notary.NonRootKeysSubdir+"/")
+	gun = getGunFromFullID(keyPath)
+	return keyID, role, gun
+}
+
+func getGunFromFullID(fullKeyID string) string {
+	keyGun := filepath.Dir(fullKeyID)
+	// If the gun is empty, Dir will return .
+	if keyGun == "." {
+		keyGun = ""
+	}
+	return keyGun
+}
+
+func (s *KeyFileStore) loadKeyInfo() {
+	s.keyInfoMap = generateKeyInfoMap(s)
+}
+
+func (s *KeyMemoryStore) loadKeyInfo() {
+	s.keyInfoMap = generateKeyInfoMap(s)
+}
+
+// GetKeyInfo returns the corresponding gun and role key info for a keyID
+func (s *KeyFileStore) GetKeyInfo(keyID string) (KeyInfo, error) {
+	if info, ok := s.keyInfoMap[keyID]; ok {
+		return info, nil
+	}
+	return KeyInfo{}, fmt.Errorf("Could not find info for keyID %s", keyID)
+}
+
+// GetKeyInfo returns the corresponding gun and role key info for a keyID
+func (s *KeyMemoryStore) GetKeyInfo(keyID string) (KeyInfo, error) {
+	if info, ok := s.keyInfoMap[keyID]; ok {
+		return info, nil
+	}
+	return KeyInfo{}, fmt.Errorf("Could not find info for keyID %s", keyID)
+}
+
+// Name returns a user friendly name for the location this store
+// keeps its data
+func (s *KeyFileStore) Name() string {
+	return fmt.Sprintf("file (%s)", s.SimpleFileStore.BaseDir())
+}
+
+// AddKey stores the contents of a PEM-encoded private key as a PEM block
+func (s *KeyFileStore) AddKey(keyInfo KeyInfo, privKey data.PrivateKey) error {
+	s.Lock()
+	defer s.Unlock()
+	if keyInfo.Role == data.CanonicalRootRole || data.IsDelegation(keyInfo.Role) || !data.ValidRole(keyInfo.Role) {
+		keyInfo.Gun = ""
+	}
+	err := addKey(s, s.Retriever, s.cachedKeys, filepath.Join(keyInfo.Gun, privKey.ID()), keyInfo.Role, privKey)
+	if err != nil {
+		return err
+	}
+	s.keyInfoMap[privKey.ID()] = keyInfo
+	return nil
+}
+
+// GetKey returns the PrivateKey given a KeyID
+func (s *KeyFileStore) GetKey(name string) (data.PrivateKey, string, error) {
+	s.Lock()
+	defer s.Unlock()
+	// If this is a bare key ID without the gun, prepend the gun so the filestore lookup succeeds
+	if keyInfo, ok := s.keyInfoMap[name]; ok {
+		name = filepath.Join(keyInfo.Gun, name)
+	}
+	return getKey(s, s.Retriever, s.cachedKeys, name)
+}
+
+// ListKeys returns a list of unique PublicKeys present on the KeyFileStore, by returning a copy of the keyInfoMap
+func (s *KeyFileStore) ListKeys() map[string]KeyInfo {
+	return copyKeyInfoMap(s.keyInfoMap)
+}
+
+// RemoveKey removes the key from the keyfilestore
+func (s *KeyFileStore) RemoveKey(keyID string) error {
+	s.Lock()
+	defer s.Unlock()
+	// If this is a bare key ID without the gun, prepend the gun so the filestore lookup succeeds
+	if keyInfo, ok := s.keyInfoMap[keyID]; ok {
+		keyID = filepath.Join(keyInfo.Gun, keyID)
+	}
+	err := removeKey(s, s.cachedKeys, keyID)
+	if err != nil {
+		return err
+	}
+	// Remove this key from our keyInfo map if we removed from our filesystem
+	delete(s.keyInfoMap, filepath.Base(keyID))
+	return nil
+}
+
+// ExportKey exports the encrypted bytes from the keystore
+func (s *KeyFileStore) ExportKey(keyID string) ([]byte, error) {
+	if keyInfo, ok := s.keyInfoMap[keyID]; ok {
+		keyID = filepath.Join(keyInfo.Gun, keyID)
+	}
+	keyBytes, _, err := getRawKey(s, keyID)
+	if err != nil {
+		return nil, err
+	}
+	return keyBytes, nil
+}
+
+// NewKeyMemoryStore returns a new KeyMemoryStore which holds keys in memory
+func NewKeyMemoryStore(passphraseRetriever passphrase.Retriever) *KeyMemoryStore {
+	memStore := NewMemoryFileStore()
+	cachedKeys := make(map[string]*cachedKey)
+
+	keyInfoMap := make(keyInfoMap)
+
+	keyStore := &KeyMemoryStore{MemoryFileStore: *memStore,
+		Retriever:  passphraseRetriever,
+		cachedKeys: cachedKeys,
+		keyInfoMap: keyInfoMap,
+	}
+
+	// Load this keystore's ID --> gun/role map
+	keyStore.loadKeyInfo()
+	return keyStore
+}
+
+// Name returns a user friendly name for the location this store
+// keeps its data
+func (s *KeyMemoryStore) Name() string {
+	return "memory"
+}
+
+// AddKey stores the contents of a PEM-encoded private key as a PEM block
+func (s *KeyMemoryStore) AddKey(keyInfo KeyInfo, privKey data.PrivateKey) error {
+	s.Lock()
+	defer s.Unlock()
+	if keyInfo.Role == data.CanonicalRootRole || data.IsDelegation(keyInfo.Role) || !data.ValidRole(keyInfo.Role) {
+		keyInfo.Gun = ""
+	}
+	err := addKey(s, s.Retriever, s.cachedKeys, filepath.Join(keyInfo.Gun, privKey.ID()), keyInfo.Role, privKey)
+	if err != nil {
+		return err
+	}
+	s.keyInfoMap[privKey.ID()] = keyInfo
+	return nil
+}
+
+// GetKey returns the PrivateKey given a KeyID
+func (s *KeyMemoryStore) GetKey(name string) (data.PrivateKey, string, error) {
+	s.Lock()
+	defer s.Unlock()
+	// If this is a bare key ID without the gun, prepend the gun so the filestore lookup succeeds
+	if keyInfo, ok := s.keyInfoMap[name]; ok {
+		name = filepath.Join(keyInfo.Gun, name)
+	}
+	return getKey(s, s.Retriever, s.cachedKeys, name)
+}
+
+// ListKeys returns a list of unique PublicKeys present on the KeyFileStore, by returning a copy of the keyInfoMap
+func (s *KeyMemoryStore) ListKeys() map[string]KeyInfo {
+	return copyKeyInfoMap(s.keyInfoMap)
+}
+
+// copyKeyInfoMap returns a deep copy of the passed-in keyInfoMap
+func copyKeyInfoMap(keyInfoMap map[string]KeyInfo) map[string]KeyInfo {
+	copyMap := make(map[string]KeyInfo)
+	for keyID, keyInfo := range keyInfoMap {
+		copyMap[keyID] = KeyInfo{Role: keyInfo.Role, Gun: keyInfo.Gun}
+	}
+	return copyMap
+}
+
+// RemoveKey removes the key from the keystore
+func (s *KeyMemoryStore) RemoveKey(keyID string) error {
+	s.Lock()
+	defer s.Unlock()
+	// If this is a bare key ID without the gun, prepend the gun so the filestore lookup succeeds
+	if keyInfo, ok := s.keyInfoMap[keyID]; ok {
+		keyID = filepath.Join(keyInfo.Gun, keyID)
+	}
+	err := removeKey(s, s.cachedKeys, keyID)
+	if err != nil {
+		return err
+	}
+	// Remove this key from our keyInfo map if we removed from our filesystem
+	delete(s.keyInfoMap, filepath.Base(keyID))
+	return nil
+}
+
+// ExportKey exports the encrypted bytes from the keystore
+func (s *KeyMemoryStore) ExportKey(keyID string) ([]byte, error) {
+	keyBytes, _, err := getRawKey(s, keyID)
+	if err != nil {
+		return nil, err
+	}
+	return keyBytes, nil
+}
+
+// KeyInfoFromPEM attempts to get a keyID and KeyInfo from the filename and PEM bytes of a key
+func KeyInfoFromPEM(pemBytes []byte, filename string) (string, KeyInfo, error) {
+	keyID, role, gun := inferKeyInfoFromKeyPath(filename)
+	if role == "" {
+		block, _ := pem.Decode(pemBytes)
+		if block == nil {
+			return "", KeyInfo{}, fmt.Errorf("could not decode PEM block for key %s", filename)
+		}
+		if keyRole, ok := block.Headers["role"]; ok {
+			role = keyRole
+		}
+	}
+	return keyID, KeyInfo{Gun: gun, Role: role}, nil
+}
+
+func addKey(s LimitedFileStore, passphraseRetriever passphrase.Retriever, cachedKeys map[string]*cachedKey, name, role string, privKey data.PrivateKey) error {
+
+	var (
+		chosenPassphrase string
+		giveup           bool
+		err              error
+	)
+
+	for attempts := 0; ; attempts++ {
+		chosenPassphrase, giveup, err = passphraseRetriever(name, role, true, attempts)
+		if err != nil {
+			continue
+		}
+		if giveup {
+			return ErrAttemptsExceeded{}
+		}
+		if attempts > 10 {
+			return ErrAttemptsExceeded{}
+		}
+		break
+	}
+
+	return encryptAndAddKey(s, chosenPassphrase, cachedKeys, name, role, privKey)
+}
+
+// getKeyRole finds the role for the given keyID. It attempts to look
+// both in the newer format PEM headers, and also in the legacy filename
+// format. It returns: the role, whether it was found in the legacy format
+// (true == legacy), and an error
+func getKeyRole(s LimitedFileStore, keyID string) (string, bool, error) {
+	name := strings.TrimSpace(strings.TrimSuffix(filepath.Base(keyID), filepath.Ext(keyID)))
+
+	for _, file := range s.ListFiles() {
+		filename := filepath.Base(file)
+
+		if strings.HasPrefix(filename, name) {
+			d, err := s.Get(file)
+			if err != nil {
+				return "", false, err
+			}
+			block, _ := pem.Decode(d)
+			if block != nil {
+				if role, ok := block.Headers["role"]; ok {
+					return role, false, nil
+				}
+			}
+
+			role := strings.TrimPrefix(filename, name+"_")
+			return role, true, nil
+		}
+	}
+
+	return "", false, &ErrKeyNotFound{KeyID: keyID}
+}
+
+// GetKey returns the PrivateKey given a KeyID
+func getKey(s LimitedFileStore, passphraseRetriever passphrase.Retriever, cachedKeys map[string]*cachedKey, name string) (data.PrivateKey, string, error) {
+	cachedKeyEntry, ok := cachedKeys[name]
+	if ok {
+		return cachedKeyEntry.key, cachedKeyEntry.alias, nil
+	}
+
+	keyBytes, keyAlias, err := getRawKey(s, name)
+	if err != nil {
+		return nil, "", err
+	}
+
+	// See if the key is encrypted. If its encrypted we'll fail to parse the private key
+	privKey, err := ParsePEMPrivateKey(keyBytes, "")
+	if err != nil {
+		privKey, _, err = GetPasswdDecryptBytes(passphraseRetriever, keyBytes, name, string(keyAlias))
+		if err != nil {
+			return nil, "", err
+		}
+	}
+	cachedKeys[name] = &cachedKey{alias: keyAlias, key: privKey}
+	return privKey, keyAlias, nil
+}
+
+// RemoveKey removes the key from the keyfilestore
+func removeKey(s LimitedFileStore, cachedKeys map[string]*cachedKey, name string) error {
+	role, legacy, err := getKeyRole(s, name)
+	if err != nil {
+		return err
+	}
+
+	delete(cachedKeys, name)
+
+	if legacy {
+		name = name + "_" + role
+	}
+
+	// being in a subdirectory is for backwards compatibliity
+	err = s.Remove(filepath.Join(getSubdir(role), name))
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+// Assumes 2 subdirectories, 1 containing root keys and 1 containing tuf keys
+func getSubdir(alias string) string {
+	if alias == data.CanonicalRootRole {
+		return notary.RootKeysSubdir
+	}
+	return notary.NonRootKeysSubdir
+}
+
+// Given a key ID, gets the bytes and alias belonging to that key if the key
+// exists
+func getRawKey(s LimitedFileStore, name string) ([]byte, string, error) {
+	role, legacy, err := getKeyRole(s, name)
+	if err != nil {
+		return nil, "", err
+	}
+
+	if legacy {
+		name = name + "_" + role
+	}
+
+	var keyBytes []byte
+	keyBytes, err = s.Get(filepath.Join(getSubdir(role), name))
+	if err != nil {
+		return nil, "", err
+	}
+	return keyBytes, role, nil
+}
+
+// GetPasswdDecryptBytes gets the password to decrypt the given pem bytes.
+// Returns the password and private key
+func GetPasswdDecryptBytes(passphraseRetriever passphrase.Retriever, pemBytes []byte, name, alias string) (data.PrivateKey, string, error) {
+	var (
+		passwd  string
+		retErr  error
+		privKey data.PrivateKey
+	)
+	for attempts := 0; ; attempts++ {
+		var (
+			giveup bool
+			err    error
+		)
+		passwd, giveup, err = passphraseRetriever(name, alias, false, attempts)
+		// Check if the passphrase retriever got an error or if it is telling us to give up
+		if giveup || err != nil {
+			return nil, "", ErrPasswordInvalid{}
+		}
+		if attempts > 10 {
+			return nil, "", ErrAttemptsExceeded{}
+		}
+
+		// Try to convert PEM encoded bytes back to a PrivateKey using the passphrase
+		privKey, err = ParsePEMPrivateKey(pemBytes, passwd)
+		if err != nil {
+			retErr = ErrPasswordInvalid{}
+		} else {
+			// We managed to parse the PrivateKey. We've succeeded!
+			retErr = nil
+			break
+		}
+	}
+	if retErr != nil {
+		return nil, "", retErr
+	}
+	return privKey, passwd, nil
+}
+
+func encryptAndAddKey(s LimitedFileStore, passwd string, cachedKeys map[string]*cachedKey, name, role string, privKey data.PrivateKey) error {
+
+	var (
+		pemPrivKey []byte
+		err        error
+	)
+
+	if passwd != "" {
+		pemPrivKey, err = EncryptPrivateKey(privKey, role, passwd)
+	} else {
+		pemPrivKey, err = KeyToPEM(privKey, role)
+	}
+
+	if err != nil {
+		return err
+	}
+
+	cachedKeys[name] = &cachedKey{alias: role, key: privKey}
+	return s.Add(filepath.Join(getSubdir(role), name), pemPrivKey)
+}
diff --git a/vendor/src/github.com/docker/notary/trustmanager/keystore.go b/vendor/src/github.com/docker/notary/trustmanager/keystore.go
new file mode 100644
index 00000000..4f1338e4
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/trustmanager/keystore.go
@@ -0,0 +1,57 @@
+package trustmanager
+
+import (
+	"fmt"
+
+	"github.com/docker/notary/tuf/data"
+)
+
+// ErrAttemptsExceeded is returned when too many attempts have been made to decrypt a key
+type ErrAttemptsExceeded struct{}
+
+// ErrAttemptsExceeded is returned when too many attempts have been made to decrypt a key
+func (err ErrAttemptsExceeded) Error() string {
+	return "maximum number of passphrase attempts exceeded"
+}
+
+// ErrPasswordInvalid is returned when signing fails. It could also mean the signing
+// key file was corrupted, but we have no way to distinguish.
+type ErrPasswordInvalid struct{}
+
+// ErrPasswordInvalid is returned when signing fails. It could also mean the signing
+// key file was corrupted, but we have no way to distinguish.
+func (err ErrPasswordInvalid) Error() string {
+	return "password invalid, operation has failed."
+}
+
+// ErrKeyNotFound is returned when the keystore fails to retrieve a specific key.
+type ErrKeyNotFound struct {
+	KeyID string
+}
+
+// ErrKeyNotFound is returned when the keystore fails to retrieve a specific key.
+func (err ErrKeyNotFound) Error() string {
+	return fmt.Sprintf("signing key not found: %s", err.KeyID)
+}
+
+const (
+	keyExtension = "key"
+)
+
+// KeyStore is a generic interface for private key storage
+type KeyStore interface {
+	// AddKey adds a key to the KeyStore, and if the key already exists,
+	// succeeds.  Otherwise, returns an error if it cannot add.
+	AddKey(keyInfo KeyInfo, privKey data.PrivateKey) error
+	GetKey(keyID string) (data.PrivateKey, string, error)
+	GetKeyInfo(keyID string) (KeyInfo, error)
+	ListKeys() map[string]KeyInfo
+	RemoveKey(keyID string) error
+	ExportKey(keyID string) ([]byte, error)
+	Name() string
+}
+
+type cachedKey struct {
+	alias string
+	key   data.PrivateKey
+}
diff --git a/vendor/src/github.com/docker/notary/trustmanager/memorystore.go b/vendor/src/github.com/docker/notary/trustmanager/memorystore.go
new file mode 100644
index 00000000..ffb825fa
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/trustmanager/memorystore.go
@@ -0,0 +1,67 @@
+package trustmanager
+
+import (
+	"os"
+	"sync"
+)
+
+// MemoryFileStore is an implementation of LimitedFileStore that keeps
+// the contents in memory.
+type MemoryFileStore struct {
+	sync.Mutex
+
+	files map[string][]byte
+}
+
+// NewMemoryFileStore creates a MemoryFileStore
+func NewMemoryFileStore() *MemoryFileStore {
+	return &MemoryFileStore{
+		files: make(map[string][]byte),
+	}
+}
+
+// Add writes data to a file with a given name
+func (f *MemoryFileStore) Add(name string, data []byte) error {
+	f.Lock()
+	defer f.Unlock()
+
+	f.files[name] = data
+	return nil
+}
+
+// Remove removes a file identified by name
+func (f *MemoryFileStore) Remove(name string) error {
+	f.Lock()
+	defer f.Unlock()
+
+	if _, present := f.files[name]; !present {
+		return os.ErrNotExist
+	}
+	delete(f.files, name)
+
+	return nil
+}
+
+// Get returns the data given a file name
+func (f *MemoryFileStore) Get(name string) ([]byte, error) {
+	f.Lock()
+	defer f.Unlock()
+
+	fileData, present := f.files[name]
+	if !present {
+		return nil, os.ErrNotExist
+	}
+
+	return fileData, nil
+}
+
+// ListFiles lists all the files inside of a store
+func (f *MemoryFileStore) ListFiles() []string {
+	var list []string
+
+	for name := range f.files {
+		list = append(list, name)
+	}
+
+	return list
+}
diff --git a/vendor/src/github.com/docker/notary/trustmanager/store.go b/vendor/src/github.com/docker/notary/trustmanager/store.go
new file mode 100644
index 00000000..6672449c
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/trustmanager/store.go
@@ -0,0 +1,52 @@
+package trustmanager
+
+import (
+	"errors"
+
+	"github.com/docker/notary"
+)
+
+const (
+	visible = notary.PubCertPerms
+	private = notary.PrivKeyPerms
+)
+
+var (
+	// ErrPathOutsideStore indicates that the returned path would be
+	// outside the store
+	ErrPathOutsideStore = errors.New("path outside file store")
+)
+
+// LimitedFileStore implements the bare bones primitives (no hierarchy)
+type LimitedFileStore interface {
+	// Add writes a file to the specified location, returning an error if this
+	// is not possible (reasons may include permissions errors). The path is cleaned
+	// before being made absolute against the store's base dir.
+	Add(fileName string, data []byte) error
+
+	// Remove deletes a file from the store relative to the store's base directory.
+	// The path is cleaned before being made absolute to ensure no path traversal
+	// outside the base directory is possible.
+	Remove(fileName string) error
+
+	// Get returns the file content found at fileName relative to the base directory
+	// of the file store. The path is cleaned before being made absolute to ensure
+	// path traversal outside the store is not possible. If the file is not found
+	// an error to that effect is returned.
+	Get(fileName string) ([]byte, error)
+
+	// ListFiles returns a list of paths relative to the base directory of the
+	// filestore. Any of these paths must be retrievable via the
+	// LimitedFileStore.Get method.
+	ListFiles() []string
+}
+
+// FileStore is the interface for full-featured FileStores
+type FileStore interface {
+	LimitedFileStore
+
+	RemoveDir(directoryName string) error
+	GetPath(fileName string) (string, error)
+	ListDir(directoryName string) []string
+	BaseDir() string
+}
diff --git a/vendor/src/github.com/docker/notary/trustmanager/x509filestore.go b/vendor/src/github.com/docker/notary/trustmanager/x509filestore.go
new file mode 100644
index 00000000..84178055
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/trustmanager/x509filestore.go
@@ -0,0 +1,276 @@
+package trustmanager
+
+import (
+	"crypto/x509"
+	"errors"
+	"os"
+	"path"
+
+	"github.com/Sirupsen/logrus"
+)
+
+// X509FileStore implements X509Store that persists on disk
+type X509FileStore struct {
+	validate       Validator
+	fileMap        map[CertID]string
+	fingerprintMap map[CertID]*x509.Certificate
+	nameMap        map[string][]CertID
+	fileStore      FileStore
+}
+
+// NewX509FileStore returns a new X509FileStore.
+func NewX509FileStore(directory string) (*X509FileStore, error) {
+	validate := ValidatorFunc(func(cert *x509.Certificate) bool { return true })
+	return newX509FileStore(directory, validate)
+}
+
+// NewX509FilteredFileStore returns a new X509FileStore that validates certificates
+// that are added.
+func NewX509FilteredFileStore(directory string, validate func(*x509.Certificate) bool) (*X509FileStore, error) {
+	return newX509FileStore(directory, validate)
+}
+
+func newX509FileStore(directory string, validate func(*x509.Certificate) bool) (*X509FileStore, error) {
+	fileStore, err := NewSimpleFileStore(directory, certExtension)
+	if err != nil {
+		return nil, err
+	}
+
+	s := &X509FileStore{
+		validate:       ValidatorFunc(validate),
+		fileMap:        make(map[CertID]string),
+		fingerprintMap: make(map[CertID]*x509.Certificate),
+		nameMap:        make(map[string][]CertID),
+		fileStore:      fileStore,
+	}
+
+	err = loadCertsFromDir(s)
+	if err != nil {
+		return nil, err
+	}
+
+	return s, nil
+}
+
+// AddCert creates a filename for a given cert and adds a certificate with that name
+func (s *X509FileStore) AddCert(cert *x509.Certificate) error {
+	if cert == nil {
+		return errors.New("adding nil Certificate to X509Store")
+	}
+
+	// Check if this certificate meets our validation criteria
+	if !s.validate.Validate(cert) {
+		return &ErrCertValidation{}
+	}
+	// Attempt to write the certificate to the file
+	if err := s.addNamedCert(cert); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// addNamedCert allows adding a certificate while controlling the filename it gets
+// stored under. If the file does not exist on disk, saves it.
+func (s *X509FileStore) addNamedCert(cert *x509.Certificate) error {
+	fileName, certID, err := fileName(cert)
+	if err != nil {
+		return err
+	}
+
+	logrus.Debug("Adding cert with certID: ", certID)
+	// Validate if we already added this certificate before
+	if _, ok := s.fingerprintMap[certID]; ok {
+		return &ErrCertExists{}
+	}
+
+	// Convert certificate to PEM
+	certBytes := CertToPEM(cert)
+
+	// Save the file to disk if not already there.
+	filePath, err := s.fileStore.GetPath(fileName)
+	if err != nil {
+		return err
+	}
+	if _, err := os.Stat(filePath); os.IsNotExist(err) {
+		if err := s.fileStore.Add(fileName, certBytes); err != nil {
+			return err
+		}
+	} else if err != nil {
+		return err
+	}
+
+	// We wrote the certificate succcessfully, add it to our in-memory storage
+	s.fingerprintMap[certID] = cert
+	s.fileMap[certID] = fileName
+
+	name := string(cert.Subject.CommonName)
+	s.nameMap[name] = append(s.nameMap[name], certID)
+
+	return nil
+}
+
+// RemoveCert removes a certificate from a X509FileStore.
+func (s *X509FileStore) RemoveCert(cert *x509.Certificate) error {
+	if cert == nil {
+		return errors.New("removing nil Certificate from X509Store")
+	}
+
+	certID, err := fingerprintCert(cert)
+	if err != nil {
+		return err
+	}
+	delete(s.fingerprintMap, certID)
+	filename := s.fileMap[certID]
+	delete(s.fileMap, certID)
+
+	name := string(cert.Subject.CommonName)
+
+	// Filter the fingerprint out of this name entry
+	fpList := s.nameMap[name]
+	newfpList := fpList[:0]
+	for _, x := range fpList {
+		if x != certID {
+			newfpList = append(newfpList, x)
+		}
+	}
+
+	s.nameMap[name] = newfpList
+
+	if err := s.fileStore.Remove(filename); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// RemoveAll removes all the certificates from the store
+func (s *X509FileStore) RemoveAll() error {
+	for _, filename := range s.fileMap {
+		if err := s.fileStore.Remove(filename); err != nil {
+			return err
+		}
+	}
+	s.fileMap = make(map[CertID]string)
+	s.fingerprintMap = make(map[CertID]*x509.Certificate)
+	s.nameMap = make(map[string][]CertID)
+
+	return nil
+}
+
+// AddCertFromPEM adds the first certificate that it finds in the byte[], returning
+// an error if no Certificates are found
+func (s X509FileStore) AddCertFromPEM(pemBytes []byte) error {
+	cert, err := LoadCertFromPEM(pemBytes)
+	if err != nil {
+		return err
+	}
+	return s.AddCert(cert)
+}
+
+// AddCertFromFile tries to adds a X509 certificate to the store given a filename
+func (s *X509FileStore) AddCertFromFile(filename string) error {
+	cert, err := LoadCertFromFile(filename)
+	if err != nil {
+		return err
+	}
+
+	return s.AddCert(cert)
+}
+
+// GetCertificates returns an array with all of the current X509 Certificates.
+func (s *X509FileStore) GetCertificates() []*x509.Certificate {
+	certs := make([]*x509.Certificate, len(s.fingerprintMap))
+	i := 0
+	for _, v := range s.fingerprintMap {
+		certs[i] = v
+		i++
+	}
+	return certs
+}
+
+// GetCertificatePool returns an x509 CertPool loaded with all the certificates
+// in the store.
+func (s *X509FileStore) GetCertificatePool() *x509.CertPool {
+	pool := x509.NewCertPool()
+
+	for _, v := range s.fingerprintMap {
+		pool.AddCert(v)
+	}
+	return pool
+}
+
+// GetCertificateByCertID returns the certificate that matches a certain certID
+func (s *X509FileStore) GetCertificateByCertID(certID string) (*x509.Certificate, error) {
+	return s.getCertificateByCertID(CertID(certID))
+}
+
+// getCertificateByCertID returns the certificate that matches a certain certID
+func (s *X509FileStore) getCertificateByCertID(certID CertID) (*x509.Certificate, error) {
+	// If it does not look like a hex encoded sha256 hash, error
+	if len(certID) != 64 {
+		return nil, errors.New("invalid Subject Key Identifier")
+	}
+
+	// Check to see if this subject key identifier exists
+	if cert, ok := s.fingerprintMap[CertID(certID)]; ok {
+		return cert, nil
+
+	}
+	return nil, &ErrNoCertificatesFound{query: string(certID)}
+}
+
+// GetCertificatesByCN returns all the certificates that match a specific
+// CommonName
+func (s *X509FileStore) GetCertificatesByCN(cn string) ([]*x509.Certificate, error) {
+	var certs []*x509.Certificate
+	if ids, ok := s.nameMap[cn]; ok {
+		for _, v := range ids {
+			cert, err := s.getCertificateByCertID(v)
+			if err != nil {
+				// This error should never happen. This would mean that we have
+				// an inconsistent X509FileStore
+				return nil, &ErrBadCertificateStore{}
+			}
+			certs = append(certs, cert)
+		}
+	}
+	if len(certs) == 0 {
+		return nil, &ErrNoCertificatesFound{query: cn}
+	}
+
+	return certs, nil
+}
+
+// GetVerifyOptions returns VerifyOptions with the certificates within the KeyStore
+// as part of the roots list. This never allows the use of system roots, returning
+// an error if there are no root CAs.
+func (s *X509FileStore) GetVerifyOptions(dnsName string) (x509.VerifyOptions, error) {
+	// If we have no Certificates loaded return error (we don't want to rever to using
+	// system CAs).
+	if len(s.fingerprintMap) == 0 {
+		return x509.VerifyOptions{}, errors.New("no root CAs available")
+	}
+
+	opts := x509.VerifyOptions{
+		DNSName: dnsName,
+		Roots:   s.GetCertificatePool(),
+	}
+
+	return opts, nil
+}
+
+// Empty returns true if there are no certificates in the X509FileStore, false
+// otherwise.
+func (s *X509FileStore) Empty() bool {
+	return len(s.fingerprintMap) == 0
+}
+
+func fileName(cert *x509.Certificate) (string, CertID, error) {
+	certID, err := fingerprintCert(cert)
+	if err != nil {
+		return "", "", err
+	}
+
+	return path.Join(cert.Subject.CommonName, string(certID)), certID, nil
+}
diff --git a/vendor/src/github.com/docker/notary/trustmanager/x509memstore.go b/vendor/src/github.com/docker/notary/trustmanager/x509memstore.go
new file mode 100644
index 00000000..55666c09
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/trustmanager/x509memstore.go
@@ -0,0 +1,203 @@
+package trustmanager
+
+import (
+	"crypto/x509"
+	"errors"
+
+	"github.com/Sirupsen/logrus"
+)
+
+// X509MemStore implements X509Store as an in-memory object with no persistence
+type X509MemStore struct {
+	validate       Validator
+	fingerprintMap map[CertID]*x509.Certificate
+	nameMap        map[string][]CertID
+}
+
+// NewX509MemStore returns a new X509MemStore.
+func NewX509MemStore() *X509MemStore {
+	validate := ValidatorFunc(func(cert *x509.Certificate) bool { return true })
+
+	return &X509MemStore{
+		validate:       validate,
+		fingerprintMap: make(map[CertID]*x509.Certificate),
+		nameMap:        make(map[string][]CertID),
+	}
+}
+
+// NewX509FilteredMemStore returns a new X509Memstore that validates certificates
+// that are added.
+func NewX509FilteredMemStore(validate func(*x509.Certificate) bool) *X509MemStore {
+	s := &X509MemStore{
+
+		validate:       ValidatorFunc(validate),
+		fingerprintMap: make(map[CertID]*x509.Certificate),
+		nameMap:        make(map[string][]CertID),
+	}
+
+	return s
+}
+
+// AddCert adds a certificate to the store
+func (s *X509MemStore) AddCert(cert *x509.Certificate) error {
+	if cert == nil {
+		return errors.New("adding nil Certificate to X509Store")
+	}
+
+	if !s.validate.Validate(cert) {
+		return &ErrCertValidation{}
+	}
+
+	certID, err := fingerprintCert(cert)
+	if err != nil {
+		return err
+	}
+
+	logrus.Debug("Adding cert with certID: ", certID)
+
+	// In this store we overwrite the certificate if it already exists
+	s.fingerprintMap[certID] = cert
+	name := string(cert.RawSubject)
+	s.nameMap[name] = append(s.nameMap[name], certID)
+
+	return nil
+}
+
+// RemoveCert removes a certificate from a X509MemStore.
+func (s *X509MemStore) RemoveCert(cert *x509.Certificate) error {
+	if cert == nil {
+		return errors.New("removing nil Certificate to X509Store")
+	}
+
+	certID, err := fingerprintCert(cert)
+	if err != nil {
+		return err
+	}
+	delete(s.fingerprintMap, certID)
+	name := string(cert.RawSubject)
+
+	// Filter the fingerprint out of this name entry
+	fpList := s.nameMap[name]
+	newfpList := fpList[:0]
+	for _, x := range fpList {
+		if x != certID {
+			newfpList = append(newfpList, x)
+		}
+	}
+
+	s.nameMap[name] = newfpList
+	return nil
+}
+
+// RemoveAll removes all the certificates from the store
+func (s *X509MemStore) RemoveAll() error {
+
+	for _, cert := range s.fingerprintMap {
+		if err := s.RemoveCert(cert); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// AddCertFromPEM adds a certificate to the store from a PEM blob
+func (s *X509MemStore) AddCertFromPEM(pemBytes []byte) error {
+	cert, err := LoadCertFromPEM(pemBytes)
+	if err != nil {
+		return err
+	}
+	return s.AddCert(cert)
+}
+
+// AddCertFromFile tries to adds a X509 certificate to the store given a filename
+func (s *X509MemStore) AddCertFromFile(originFilname string) error {
+	cert, err := LoadCertFromFile(originFilname)
+	if err != nil {
+		return err
+	}
+
+	return s.AddCert(cert)
+}
+
+// GetCertificates returns an array with all of the current X509 Certificates.
+func (s *X509MemStore) GetCertificates() []*x509.Certificate {
+	certs := make([]*x509.Certificate, len(s.fingerprintMap))
+	i := 0
+	for _, v := range s.fingerprintMap {
+		certs[i] = v
+		i++
+	}
+	return certs
+}
+
+// GetCertificatePool returns an x509 CertPool loaded with all the certificates
+// in the store.
+func (s *X509MemStore) GetCertificatePool() *x509.CertPool {
+	pool := x509.NewCertPool()
+
+	for _, v := range s.fingerprintMap {
+		pool.AddCert(v)
+	}
+	return pool
+}
+
+// GetCertificateByCertID returns the certificate that matches a certain certID
+func (s *X509MemStore) GetCertificateByCertID(certID string) (*x509.Certificate, error) {
+	return s.getCertificateByCertID(CertID(certID))
+}
+
+// getCertificateByCertID returns the certificate that matches a certain certID or error
+func (s *X509MemStore) getCertificateByCertID(certID CertID) (*x509.Certificate, error) {
+	// If it does not look like a hex encoded sha256 hash, error
+	if len(certID) != 64 {
+		return nil, errors.New("invalid Subject Key Identifier")
+	}
+
+	// Check to see if this subject key identifier exists
+	if cert, ok := s.fingerprintMap[CertID(certID)]; ok {
+		return cert, nil
+
+	}
+	return nil, &ErrNoCertificatesFound{query: string(certID)}
+}
+
+// GetCertificatesByCN returns all the certificates that match a specific
+// CommonName
+func (s *X509MemStore) GetCertificatesByCN(cn string) ([]*x509.Certificate, error) {
+	var certs []*x509.Certificate
+	if ids, ok := s.nameMap[cn]; ok {
+		for _, v := range ids {
+			cert, err := s.getCertificateByCertID(v)
+			if err != nil {
+				// This error should never happen. This would mean that we have
+				// an inconsistent X509MemStore
+				return nil, err
+			}
+			certs = append(certs, cert)
+		}
+	}
+	if len(certs) == 0 {
+		return nil, &ErrNoCertificatesFound{query: cn}
+	}
+
+	return certs, nil
+}
+
+// GetVerifyOptions returns VerifyOptions with the certificates within the KeyStore
+// as part of the roots list. This never allows the use of system roots, returning
+// an error if there are no root CAs.
+func (s *X509MemStore) GetVerifyOptions(dnsName string) (x509.VerifyOptions, error) {
+	// If we have no Certificates loaded return error (we don't want to rever to using
+	// system CAs).
+	if len(s.fingerprintMap) == 0 {
+		return x509.VerifyOptions{}, errors.New("no root CAs available")
+	}
+
+	opts := x509.VerifyOptions{
+		DNSName: dnsName,
+		Roots:   s.GetCertificatePool(),
+	}
+
+	return opts, nil
+}
diff --git a/vendor/src/github.com/docker/notary/trustmanager/x509store.go b/vendor/src/github.com/docker/notary/trustmanager/x509store.go
new file mode 100644
index 00000000..3736ff63
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/trustmanager/x509store.go
@@ -0,0 +1,144 @@
+package trustmanager
+
+import (
+	"crypto/x509"
+	"errors"
+	"fmt"
+)
+
+const certExtension string = "crt"
+
+// ErrNoCertificatesFound is returned when no certificates are found for a
+// GetCertificatesBy*
+type ErrNoCertificatesFound struct {
+	query string
+}
+
+// ErrNoCertificatesFound is returned when no certificates are found for a
+// GetCertificatesBy*
+func (err ErrNoCertificatesFound) Error() string {
+	return fmt.Sprintf("error, no certificates found in the keystore match: %s", err.query)
+}
+
+// ErrCertValidation is returned when a certificate doesn't pass the store specific
+// validations
+type ErrCertValidation struct {
+}
+
+// ErrCertValidation is returned when a certificate doesn't pass the store specific
+// validations
+func (err ErrCertValidation) Error() string {
+	return fmt.Sprintf("store-specific certificate validations failed")
+}
+
+// ErrCertExists is returned when a Certificate already exists in the key store
+type ErrCertExists struct {
+}
+
+// ErrCertExists is returned when a Certificate already exists in the key store
+func (err ErrCertExists) Error() string {
+	return fmt.Sprintf("certificate already in the store")
+}
+
+// ErrBadCertificateStore is returned when there is an internal inconsistency
+// in our x509 store
+type ErrBadCertificateStore struct {
+}
+
+// ErrBadCertificateStore is returned when there is an internal inconsistency
+// in our x509 store
+func (err ErrBadCertificateStore) Error() string {
+	return fmt.Sprintf("inconsistent certificate store")
+}
+
+// X509Store is the interface for all X509Stores
+type X509Store interface {
+	AddCert(cert *x509.Certificate) error
+	AddCertFromPEM(pemCerts []byte) error
+	AddCertFromFile(filename string) error
+	RemoveCert(cert *x509.Certificate) error
+	RemoveAll() error
+	GetCertificateByCertID(certID string) (*x509.Certificate, error)
+	GetCertificatesByCN(cn string) ([]*x509.Certificate, error)
+	GetCertificates() []*x509.Certificate
+	GetCertificatePool() *x509.CertPool
+	GetVerifyOptions(dnsName string) (x509.VerifyOptions, error)
+}
+
+// CertID represent the ID used to identify certificates
+type CertID string
+
+// Validator is a convenience type to create validating function that filters
+// certificates that get added to the store
+type Validator interface {
+	Validate(cert *x509.Certificate) bool
+}
+
+// ValidatorFunc is a convenience type to create functions that implement
+// the Validator interface
+type ValidatorFunc func(cert *x509.Certificate) bool
+
+// Validate implements the Validator interface to allow for any func() bool method
+// to be passed as a Validator
+func (vf ValidatorFunc) Validate(cert *x509.Certificate) bool {
+	return vf(cert)
+}
+
+// Verify operates on an X509Store and validates the existence of a chain of trust
+// between a leafCertificate and a CA present inside of the X509 Store.
+// It requires at least two certificates in certList, a leaf Certificate and an
+// intermediate CA certificate.
+func Verify(s X509Store, dnsName string, certList []*x509.Certificate) error {
+	// If we have no Certificates loaded return error (we don't want to revert to using
+	// system CAs).
+	if len(s.GetCertificates()) == 0 {
+		return errors.New("no root CAs available")
+	}
+
+	// At a minimum we should be provided a leaf cert and an intermediate.
+	if len(certList) < 2 {
+		return errors.New("certificate and at least one intermediate needed")
+	}
+
+	// Get the VerifyOptions from the keystore for a base dnsName
+	opts, err := s.GetVerifyOptions(dnsName)
+	if err != nil {
+		return err
+	}
+
+	// Create a Certificate Pool for our intermediate certificates
+	intPool := x509.NewCertPool()
+	var leafCert *x509.Certificate
+
+	// Iterate through all the certificates
+	for _, c := range certList {
+		// If the cert is a CA, we add it to the intermediates pool. If not, we call
+		// it the leaf cert
+		if c.IsCA {
+			intPool.AddCert(c)
+			continue
+		}
+		// Certificate is not a CA, it must be our leaf certificate.
+		// If we already found one, bail with error
+		if leafCert != nil {
+			return errors.New("more than one leaf certificate found")
+		}
+		leafCert = c
+	}
+
+	// We exited the loop with no leaf certificates
+	if leafCert == nil {
+		return errors.New("no leaf certificates found")
+	}
+
+	// We have one leaf certificate and at least one intermediate. Lets add this
+	// Cert Pool as the Intermediates list on our VerifyOptions
+	opts.Intermediates = intPool
+
+	// Finally, let's call Verify on our leafCert with our fully configured options
+	chains, err := leafCert.Verify(opts)
+	if len(chains) == 0 || err != nil {
+		return fmt.Errorf("certificate verification failed: %v", err)
+	}
+	return nil
+}
diff --git a/vendor/src/github.com/docker/notary/trustmanager/x509utils.go b/vendor/src/github.com/docker/notary/trustmanager/x509utils.go
new file mode 100644
index 00000000..e2ce8add
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/trustmanager/x509utils.go
@@ -0,0 +1,613 @@
+package trustmanager
+
+import (
+	"crypto/ecdsa"
+	"crypto/elliptic"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/x509"
+	"crypto/x509/pkix"
+	"encoding/pem"
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"math/big"
+	"net/http"
+	"net/url"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/agl/ed25519"
+	"github.com/docker/notary"
+	"github.com/docker/notary/tuf/data"
+)
+
+// GetCertFromURL tries to get a X509 certificate given a HTTPS URL
+func GetCertFromURL(urlStr string) (*x509.Certificate, error) {
+	url, err := url.Parse(urlStr)
+	if err != nil {
+		return nil, err
+	}
+
+	// Check if we are adding via HTTPS
+	if url.Scheme != "https" {
+		return nil, errors.New("only HTTPS URLs allowed")
+	}
+
+	// Download the certificate and write to directory
+	resp, err := http.Get(url.String())
+	if err != nil {
+		return nil, err
+	}
+
+	// Copy the content to certBytes
+	defer resp.Body.Close()
+	certBytes, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	// Try to extract the first valid PEM certificate from the bytes
+	cert, err := LoadCertFromPEM(certBytes)
+	if err != nil {
+		return nil, err
+	}
+
+	return cert, nil
+}
+
+// CertToPEM is an utility function returns a PEM encoded x509 Certificate
+func CertToPEM(cert *x509.Certificate) []byte {
+	pemCert := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: cert.Raw})
+
+	return pemCert
+}
+
+// LoadCertFromPEM returns the first certificate found in a bunch of bytes or error
+// if nothing is found. Taken from https://golang.org/src/crypto/x509/cert_pool.go#L85.
+func LoadCertFromPEM(pemBytes []byte) (*x509.Certificate, error) {
+	for len(pemBytes) > 0 {
+		var block *pem.Block
+		block, pemBytes = pem.Decode(pemBytes)
+		if block == nil {
+			return nil, errors.New("no certificates found in PEM data")
+		}
+		if block.Type != "CERTIFICATE" || len(block.Headers) != 0 {
+			continue
+		}
+
+		cert, err := x509.ParseCertificate(block.Bytes)
+		if err != nil {
+			continue
+		}
+
+		return cert, nil
+	}
+
+	return nil, errors.New("no certificates found in PEM data")
+}
+
+// FingerprintCert returns a TUF compliant fingerprint for a X509 Certificate
+func FingerprintCert(cert *x509.Certificate) (string, error) {
+	certID, err := fingerprintCert(cert)
+	if err != nil {
+		return "", err
+	}
+
+	return string(certID), nil
+}
+
+func fingerprintCert(cert *x509.Certificate) (CertID, error) {
+	block := pem.Block{Type: "CERTIFICATE", Bytes: cert.Raw}
+	pemdata := pem.EncodeToMemory(&block)
+
+	var tufKey data.PublicKey
+	switch cert.PublicKeyAlgorithm {
+	case x509.RSA:
+		tufKey = data.NewRSAx509PublicKey(pemdata)
+	case x509.ECDSA:
+		tufKey = data.NewECDSAx509PublicKey(pemdata)
+	default:
+		return "", fmt.Errorf("got Unknown key type while fingerprinting certificate")
+	}
+
+	return CertID(tufKey.ID()), nil
+}
+
+// loadCertsFromDir receives a store AddCertFromFile for each certificate found
+func loadCertsFromDir(s *X509FileStore) error {
+	for _, f := range s.fileStore.ListFiles() {
+		// ListFiles returns relative paths
+		data, err := s.fileStore.Get(f)
+		if err != nil {
+			// the filestore told us it had a file that it then couldn't serve.
+			// this is a serious problem so error immediately
+			return err
+		}
+		err = s.AddCertFromPEM(data)
+		if err != nil {
+			if _, ok := err.(*ErrCertValidation); ok {
+				logrus.Debugf("ignoring certificate, did not pass validation: %s", f)
+				continue
+			}
+			if _, ok := err.(*ErrCertExists); ok {
+				logrus.Debugf("ignoring certificate, already exists in the store: %s", f)
+				continue
+			}
+
+			return err
+		}
+	}
+	return nil
+}
+
+// LoadCertFromFile loads the first certificate from the file provided. The
+// data is expected to be PEM Encoded and contain one of more certificates
+// with PEM type "CERTIFICATE"
+func LoadCertFromFile(filename string) (*x509.Certificate, error) {
+	certs, err := LoadCertBundleFromFile(filename)
+	if err != nil {
+		return nil, err
+	}
+	return certs[0], nil
+}
+
+// LoadCertBundleFromFile loads certificates from the []byte provided. The
+// data is expected to be PEM Encoded and contain one of more certificates
+// with PEM type "CERTIFICATE"
+func LoadCertBundleFromFile(filename string) ([]*x509.Certificate, error) {
+	b, err := ioutil.ReadFile(filename)
+	if err != nil {
+		return nil, err
+	}
+
+	return LoadCertBundleFromPEM(b)
+}
+
+// LoadCertBundleFromPEM loads certificates from the []byte provided. The
+// data is expected to be PEM Encoded and contain one of more certificates
+// with PEM type "CERTIFICATE"
+func LoadCertBundleFromPEM(pemBytes []byte) ([]*x509.Certificate, error) {
+	certificates := []*x509.Certificate{}
+	var block *pem.Block
+	block, pemBytes = pem.Decode(pemBytes)
+	for ; block != nil; block, pemBytes = pem.Decode(pemBytes) {
+		if block.Type == "CERTIFICATE" {
+			cert, err := x509.ParseCertificate(block.Bytes)
+			if err != nil {
+				return nil, err
+			}
+			certificates = append(certificates, cert)
+		} else {
+			return nil, fmt.Errorf("invalid pem block type: %s", block.Type)
+		}
+	}
+
+	if len(certificates) == 0 {
+		return nil, fmt.Errorf("no valid certificates found")
+	}
+
+	return certificates, nil
+}
+
+// GetLeafCerts parses a list of x509 Certificates and returns all of them
+// that aren't CA
+func GetLeafCerts(certs []*x509.Certificate) []*x509.Certificate {
+	var leafCerts []*x509.Certificate
+	for _, cert := range certs {
+		if cert.IsCA {
+			continue
+		}
+		leafCerts = append(leafCerts, cert)
+	}
+	return leafCerts
+}
+
+// GetIntermediateCerts parses a list of x509 Certificates and returns all of the
+// ones marked as a CA, to be used as intermediates
+func GetIntermediateCerts(certs []*x509.Certificate) []*x509.Certificate {
+	var intCerts []*x509.Certificate
+	for _, cert := range certs {
+		if cert.IsCA {
+			intCerts = append(intCerts, cert)
+		}
+	}
+	return intCerts
+}
+
+// ParsePEMPrivateKey returns a data.PrivateKey from a PEM encoded private key. It
+// only supports RSA (PKCS#1) and attempts to decrypt using the passphrase, if encrypted.
+func ParsePEMPrivateKey(pemBytes []byte, passphrase string) (data.PrivateKey, error) {
+	block, _ := pem.Decode(pemBytes)
+	if block == nil {
+		return nil, errors.New("no valid private key found")
+	}
+
+	switch block.Type {
+	case "RSA PRIVATE KEY":
+		var privKeyBytes []byte
+		var err error
+
+		if x509.IsEncryptedPEMBlock(block) {
+			privKeyBytes, err = x509.DecryptPEMBlock(block, []byte(passphrase))
+			if err != nil {
+				return nil, errors.New("could not decrypt private key")
+			}
+		} else {
+			privKeyBytes = block.Bytes
+		}
+
+		rsaPrivKey, err := x509.ParsePKCS1PrivateKey(privKeyBytes)
+		if err != nil {
+			return nil, fmt.Errorf("could not parse DER encoded key: %v", err)
+		}
+
+		tufRSAPrivateKey, err := RSAToPrivateKey(rsaPrivKey)
+		if err != nil {
+			return nil, fmt.Errorf("could not convert rsa.PrivateKey to data.PrivateKey: %v", err)
+		}
+
+		return tufRSAPrivateKey, nil
+	case "EC PRIVATE KEY":
+		var privKeyBytes []byte
+		var err error
+
+		if x509.IsEncryptedPEMBlock(block) {
+			privKeyBytes, err = x509.DecryptPEMBlock(block, []byte(passphrase))
+			if err != nil {
+				return nil, errors.New("could not decrypt private key")
+			}
+		} else {
+			privKeyBytes = block.Bytes
+		}
+
+		ecdsaPrivKey, err := x509.ParseECPrivateKey(privKeyBytes)
+		if err != nil {
+			return nil, fmt.Errorf("could not parse DER encoded private key: %v", err)
+		}
+
+		tufECDSAPrivateKey, err := ECDSAToPrivateKey(ecdsaPrivKey)
+		if err != nil {
+			return nil, fmt.Errorf("could not convert ecdsa.PrivateKey to data.PrivateKey: %v", err)
+		}
+
+		return tufECDSAPrivateKey, nil
+	case "ED25519 PRIVATE KEY":
+		// We serialize ED25519 keys by concatenating the private key
+		// to the public key and encoding with PEM. See the
+		// ED25519ToPrivateKey function.
+		var privKeyBytes []byte
+		var err error
+
+		if x509.IsEncryptedPEMBlock(block) {
+			privKeyBytes, err = x509.DecryptPEMBlock(block, []byte(passphrase))
+			if err != nil {
+				return nil, errors.New("could not decrypt private key")
+			}
+		} else {
+			privKeyBytes = block.Bytes
+		}
+
+		tufECDSAPrivateKey, err := ED25519ToPrivateKey(privKeyBytes)
+		if err != nil {
+			return nil, fmt.Errorf("could not convert ecdsa.PrivateKey to data.PrivateKey: %v", err)
+		}
+
+		return tufECDSAPrivateKey, nil
+
+	default:
+		return nil, fmt.Errorf("unsupported key type %q", block.Type)
+	}
+}
+
+// ParsePEMPublicKey returns a data.PublicKey from a PEM encoded public key or certificate.
+func ParsePEMPublicKey(pubKeyBytes []byte) (data.PublicKey, error) {
+	pemBlock, _ := pem.Decode(pubKeyBytes)
+	if pemBlock == nil {
+		return nil, errors.New("no valid public key found")
+	}
+
+	switch pemBlock.Type {
+	case "CERTIFICATE":
+		cert, err := x509.ParseCertificate(pemBlock.Bytes)
+		if err != nil {
+			return nil, fmt.Errorf("could not parse provided certificate: %v", err)
+		}
+		err = ValidateCertificate(cert)
+		if err != nil {
+			return nil, fmt.Errorf("invalid certificate: %v", err)
+		}
+		return CertToKey(cert), nil
+	default:
+		return nil, fmt.Errorf("unsupported PEM block type %q, expected certificate", pemBlock.Type)
+	}
+}
+
+// ValidateCertificate returns an error if the certificate is not valid for notary
+// Currently this is only a time expiry check, and ensuring the public key has a large enough modulus if RSA
+func ValidateCertificate(c *x509.Certificate) error {
+	if (c.NotBefore).After(c.NotAfter) {
+		return fmt.Errorf("certificate validity window is invalid")
+	}
+	now := time.Now()
+	tomorrow := now.AddDate(0, 0, 1)
+	// Give one day leeway on creation "before" time, check "after" against today
+	if (tomorrow).Before(c.NotBefore) || now.After(c.NotAfter) {
+		return fmt.Errorf("certificate is expired")
+	}
+	// If we have an RSA key, make sure it's long enough
+	if c.PublicKeyAlgorithm == x509.RSA {
+		rsaKey, ok := c.PublicKey.(*rsa.PublicKey)
+		if !ok {
+			return fmt.Errorf("unable to parse RSA public key")
+		}
+		if rsaKey.N.BitLen() < notary.MinRSABitSize {
+			return fmt.Errorf("RSA bit length is too short")
+		}
+	}
+	return nil
+}
+
+// GenerateRSAKey generates an RSA private key and returns a TUF PrivateKey
+func GenerateRSAKey(random io.Reader, bits int) (data.PrivateKey, error) {
+	rsaPrivKey, err := rsa.GenerateKey(random, bits)
+	if err != nil {
+		return nil, fmt.Errorf("could not generate private key: %v", err)
+	}
+
+	tufPrivKey, err := RSAToPrivateKey(rsaPrivKey)
+	if err != nil {
+		return nil, err
+	}
+
+	logrus.Debugf("generated RSA key with keyID: %s", tufPrivKey.ID())
+
+	return tufPrivKey, nil
+}
+
+// RSAToPrivateKey converts an rsa.Private key to a TUF data.PrivateKey type
+func RSAToPrivateKey(rsaPrivKey *rsa.PrivateKey) (data.PrivateKey, error) {
+	// Get a DER-encoded representation of the PublicKey
+	rsaPubBytes, err := x509.MarshalPKIXPublicKey(&rsaPrivKey.PublicKey)
+	if err != nil {
+		return nil, fmt.Errorf("failed to marshal public key: %v", err)
+	}
+
+	// Get a DER-encoded representation of the PrivateKey
+	rsaPrivBytes := x509.MarshalPKCS1PrivateKey(rsaPrivKey)
+
+	pubKey := data.NewRSAPublicKey(rsaPubBytes)
+	return data.NewRSAPrivateKey(pubKey, rsaPrivBytes)
+}
+
+// GenerateECDSAKey generates an ECDSA Private key and returns a TUF PrivateKey
+func GenerateECDSAKey(random io.Reader) (data.PrivateKey, error) {
+	ecdsaPrivKey, err := ecdsa.GenerateKey(elliptic.P256(), random)
+	if err != nil {
+		return nil, err
+	}
+
+	tufPrivKey, err := ECDSAToPrivateKey(ecdsaPrivKey)
+	if err != nil {
+		return nil, err
+	}
+
+	logrus.Debugf("generated ECDSA key with keyID: %s", tufPrivKey.ID())
+
+	return tufPrivKey, nil
+}
+
+// GenerateED25519Key generates an ED25519 private key and returns a TUF
+// PrivateKey. The serialization format we use is just the public key bytes
+// followed by the private key bytes
+func GenerateED25519Key(random io.Reader) (data.PrivateKey, error) {
+	pub, priv, err := ed25519.GenerateKey(random)
+	if err != nil {
+		return nil, err
+	}
+
+	var serialized [ed25519.PublicKeySize + ed25519.PrivateKeySize]byte
+	copy(serialized[:], pub[:])
+	copy(serialized[ed25519.PublicKeySize:], priv[:])
+
+	tufPrivKey, err := ED25519ToPrivateKey(serialized[:])
+	if err != nil {
+		return nil, err
+	}
+
+	logrus.Debugf("generated ED25519 key with keyID: %s", tufPrivKey.ID())
+
+	return tufPrivKey, nil
+}
+
+// ECDSAToPrivateKey converts an ecdsa.Private key to a TUF data.PrivateKey type
+func ECDSAToPrivateKey(ecdsaPrivKey *ecdsa.PrivateKey) (data.PrivateKey, error) {
+	// Get a DER-encoded representation of the PublicKey
+	ecdsaPubBytes, err := x509.MarshalPKIXPublicKey(&ecdsaPrivKey.PublicKey)
+	if err != nil {
+		return nil, fmt.Errorf("failed to marshal public key: %v", err)
+	}
+
+	// Get a DER-encoded representation of the PrivateKey
+	ecdsaPrivKeyBytes, err := x509.MarshalECPrivateKey(ecdsaPrivKey)
+	if err != nil {
+		return nil, fmt.Errorf("failed to marshal private key: %v", err)
+	}
+
+	pubKey := data.NewECDSAPublicKey(ecdsaPubBytes)
+	return data.NewECDSAPrivateKey(pubKey, ecdsaPrivKeyBytes)
+}
+
+// ED25519ToPrivateKey converts a serialized ED25519 key to a TUF
+// data.PrivateKey type
+func ED25519ToPrivateKey(privKeyBytes []byte) (data.PrivateKey, error) {
+	if len(privKeyBytes) != ed25519.PublicKeySize+ed25519.PrivateKeySize {
+		return nil, errors.New("malformed ed25519 private key")
+	}
+
+	pubKey := data.NewED25519PublicKey(privKeyBytes[:ed25519.PublicKeySize])
+	return data.NewED25519PrivateKey(*pubKey, privKeyBytes)
+}
+
+func blockType(k data.PrivateKey) (string, error) {
+	switch k.Algorithm() {
+	case data.RSAKey, data.RSAx509Key:
+		return "RSA PRIVATE KEY", nil
+	case data.ECDSAKey, data.ECDSAx509Key:
+		return "EC PRIVATE KEY", nil
+	case data.ED25519Key:
+		return "ED25519 PRIVATE KEY", nil
+	default:
+		return "", fmt.Errorf("algorithm %s not supported", k.Algorithm())
+	}
+}
+
+// KeyToPEM returns a PEM encoded key from a Private Key
+func KeyToPEM(privKey data.PrivateKey, role string) ([]byte, error) {
+	bt, err := blockType(privKey)
+	if err != nil {
+		return nil, err
+	}
+
+	headers := map[string]string{}
+	if role != "" {
+		headers = map[string]string{
+			"role": role,
+		}
+	}
+
+	block := &pem.Block{
+		Type:    bt,
+		Headers: headers,
+		Bytes:   privKey.Private(),
+	}
+
+	return pem.EncodeToMemory(block), nil
+}
+
+// EncryptPrivateKey returns an encrypted PEM key given a Privatekey
+// and a passphrase
+func EncryptPrivateKey(key data.PrivateKey, role, passphrase string) ([]byte, error) {
+	bt, err := blockType(key)
+	if err != nil {
+		return nil, err
+	}
+
+	password := []byte(passphrase)
+	cipherType := x509.PEMCipherAES256
+
+	encryptedPEMBlock, err := x509.EncryptPEMBlock(rand.Reader,
+		bt,
+		key.Private(),
+		password,
+		cipherType)
+	if err != nil {
+		return nil, err
+	}
+
+	if encryptedPEMBlock.Headers == nil {
+		return nil, fmt.Errorf("unable to encrypt key - invalid PEM file produced")
+	}
+	encryptedPEMBlock.Headers["role"] = role
+
+	return pem.EncodeToMemory(encryptedPEMBlock), nil
+}
+
+// ReadRoleFromPEM returns the value from the role PEM header, if it exists
+func ReadRoleFromPEM(pemBytes []byte) string {
+	pemBlock, _ := pem.Decode(pemBytes)
+	if pemBlock == nil || pemBlock.Headers == nil {
+		return ""
+	}
+	role, ok := pemBlock.Headers["role"]
+	if !ok {
+		return ""
+	}
+	return role
+}
+
+// CertToKey transforms a single input certificate into its corresponding
+// PublicKey
+func CertToKey(cert *x509.Certificate) data.PublicKey {
+	block := pem.Block{Type: "CERTIFICATE", Bytes: cert.Raw}
+	pemdata := pem.EncodeToMemory(&block)
+
+	switch cert.PublicKeyAlgorithm {
+	case x509.RSA:
+		return data.NewRSAx509PublicKey(pemdata)
+	case x509.ECDSA:
+		return data.NewECDSAx509PublicKey(pemdata)
+	default:
+		logrus.Debugf("Unknown key type parsed from certificate: %v", cert.PublicKeyAlgorithm)
+		return nil
+	}
+}
+
+// CertsToKeys transforms each of the input certificates into it's corresponding
+// PublicKey
+func CertsToKeys(certs []*x509.Certificate) map[string]data.PublicKey {
+	keys := make(map[string]data.PublicKey)
+	for _, cert := range certs {
+		newKey := CertToKey(cert)
+		keys[newKey.ID()] = newKey
+	}
+	return keys
+}
+
+// NewCertificate returns an X509 Certificate following a template, given a GUN and validity interval.
+func NewCertificate(gun string, startTime, endTime time.Time) (*x509.Certificate, error) {
+	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
+
+	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
+	if err != nil {
+		return nil, fmt.Errorf("failed to generate new certificate: %v", err)
+	}
+
+	return &x509.Certificate{
+		SerialNumber: serialNumber,
+		Subject: pkix.Name{
+			CommonName: gun,
+		},
+		NotBefore: startTime,
+		NotAfter:  endTime,
+
+		KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
+		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageCodeSigning},
+		BasicConstraintsValid: true,
+	}, nil
+}
+
+// X509PublicKeyID returns a public key ID as a string, given a
+// data.PublicKey that contains an X509 Certificate
+func X509PublicKeyID(certPubKey data.PublicKey) (string, error) {
+	cert, err := LoadCertFromPEM(certPubKey.Public())
+	if err != nil {
+		return "", err
+	}
+	pubKeyBytes, err := x509.MarshalPKIXPublicKey(cert.PublicKey)
+	if err != nil {
+		return "", err
+	}
+
+	var key data.PublicKey
+	switch certPubKey.Algorithm() {
+	case data.ECDSAx509Key:
+		key = data.NewECDSAPublicKey(pubKeyBytes)
+	case data.RSAx509Key:
+		key = data.NewRSAPublicKey(pubKeyBytes)
+	}
+
+	return key.ID(), nil
+}
+
+// FilterCertsExpiredSha1 can be used as the filter function to cert store
+// initializers to filter out all expired or SHA-1 certificate that we
+// shouldn't load.
+func FilterCertsExpiredSha1(cert *x509.Certificate) bool {
+	return !cert.IsCA &&
+		time.Now().Before(cert.NotAfter) &&
+		cert.SignatureAlgorithm != x509.SHA1WithRSA &&
+		cert.SignatureAlgorithm != x509.DSAWithSHA1 &&
+		cert.SignatureAlgorithm != x509.ECDSAWithSHA1
+}
diff --git a/vendor/src/github.com/docker/notary/trustmanager/yubikey/non_pkcs11.go b/vendor/src/github.com/docker/notary/trustmanager/yubikey/non_pkcs11.go
new file mode 100644
index 00000000..77c07e6f
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/trustmanager/yubikey/non_pkcs11.go
@@ -0,0 +1,9 @@
+// go list ./... and go test ./... will not pick up this package without this
+// file, because go ? ./... does not honor build tags.
+
+// e.g. "go list -tags pkcs11 ./..." will not list this package if all the
+// files in it have a build tag.
+
+// See https://github.com/golang/go/issues/11246
+
+package yubikey
diff --git a/vendor/src/github.com/docker/notary/trustmanager/yubikey/pkcs11_darwin.go b/vendor/src/github.com/docker/notary/trustmanager/yubikey/pkcs11_darwin.go
new file mode 100644
index 00000000..f399dff3
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/trustmanager/yubikey/pkcs11_darwin.go
@@ -0,0 +1,9 @@
+// +build pkcs11,darwin
+
+package yubikey
+
+var possiblePkcs11Libs = []string{
+	"/usr/local/lib/libykcs11.dylib",
+	"/usr/local/docker/lib/libykcs11.dylib",
+	"/usr/local/docker-experimental/lib/libykcs11.dylib",
+}
diff --git a/vendor/src/github.com/docker/notary/trustmanager/yubikey/pkcs11_interface.go b/vendor/src/github.com/docker/notary/trustmanager/yubikey/pkcs11_interface.go
new file mode 100644
index 00000000..4a46e05f
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/trustmanager/yubikey/pkcs11_interface.go
@@ -0,0 +1,40 @@
+// +build pkcs11
+
+// an interface around the pkcs11 library, so that things can be mocked out
+// for testing
+
+package yubikey
+
+import "github.com/miekg/pkcs11"
+
+// IPKCS11 is an interface for wrapping github.com/miekg/pkcs11
+type pkcs11LibLoader func(module string) IPKCS11Ctx
+
+func defaultLoader(module string) IPKCS11Ctx {
+	return pkcs11.New(module)
+}
+
+// IPKCS11Ctx is an interface for wrapping the parts of
+// github.com/miekg/pkcs11.Ctx that yubikeystore requires
+type IPKCS11Ctx interface {
+	Destroy()
+	Initialize() error
+	Finalize() error
+	GetSlotList(tokenPresent bool) ([]uint, error)
+	OpenSession(slotID uint, flags uint) (pkcs11.SessionHandle, error)
+	CloseSession(sh pkcs11.SessionHandle) error
+	Login(sh pkcs11.SessionHandle, userType uint, pin string) error
+	Logout(sh pkcs11.SessionHandle) error
+	CreateObject(sh pkcs11.SessionHandle, temp []*pkcs11.Attribute) (
+		pkcs11.ObjectHandle, error)
+	DestroyObject(sh pkcs11.SessionHandle, oh pkcs11.ObjectHandle) error
+	GetAttributeValue(sh pkcs11.SessionHandle, o pkcs11.ObjectHandle,
+		a []*pkcs11.Attribute) ([]*pkcs11.Attribute, error)
+	FindObjectsInit(sh pkcs11.SessionHandle, temp []*pkcs11.Attribute) error
+	FindObjects(sh pkcs11.SessionHandle, max int) (
+		[]pkcs11.ObjectHandle, bool, error)
+	FindObjectsFinal(sh pkcs11.SessionHandle) error
+	SignInit(sh pkcs11.SessionHandle, m []*pkcs11.Mechanism,
+		o pkcs11.ObjectHandle) error
+	Sign(sh pkcs11.SessionHandle, message []byte) ([]byte, error)
+}
diff --git a/vendor/src/github.com/docker/notary/trustmanager/yubikey/pkcs11_linux.go b/vendor/src/github.com/docker/notary/trustmanager/yubikey/pkcs11_linux.go
new file mode 100644
index 00000000..9967e89e
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/trustmanager/yubikey/pkcs11_linux.go
@@ -0,0 +1,10 @@
+// +build pkcs11,linux
+
+package yubikey
+
+var possiblePkcs11Libs = []string{
+	"/usr/lib/libykcs11.so",
+	"/usr/lib64/libykcs11.so",
+	"/usr/lib/x86_64-linux-gnu/libykcs11.so",
+	"/usr/local/lib/libykcs11.so",
+}
diff --git a/vendor/src/github.com/docker/notary/trustmanager/yubikey/yubikeystore.go b/vendor/src/github.com/docker/notary/trustmanager/yubikey/yubikeystore.go
new file mode 100644
index 00000000..e1653aa6
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/trustmanager/yubikey/yubikeystore.go
@@ -0,0 +1,888 @@
+// +build pkcs11
+
+package yubikey
+
+import (
+	"crypto"
+	"crypto/ecdsa"
+	"crypto/elliptic"
+	"crypto/rand"
+	"crypto/sha256"
+	"crypto/x509"
+	"errors"
+	"fmt"
+	"io"
+	"math/big"
+	"os"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/notary/passphrase"
+	"github.com/docker/notary/trustmanager"
+	"github.com/docker/notary/tuf/data"
+	"github.com/docker/notary/tuf/signed"
+	"github.com/miekg/pkcs11"
+)
+
+const (
+	USER_PIN    = "123456"
+	SO_USER_PIN = "010203040506070801020304050607080102030405060708"
+	numSlots    = 4 // number of slots in the yubikey
+
+	KeymodeNone      = 0
+	KeymodeTouch     = 1 // touch enabled
+	KeymodePinOnce   = 2 // require pin entry once
+	KeymodePinAlways = 4 // require pin entry all the time
+
+	// the key size, when importing a key into yubikey, MUST be 32 bytes
+	ecdsaPrivateKeySize = 32
+
+	sigAttempts = 5
+)
+
+// what key mode to use when generating keys
+var (
+	yubikeyKeymode = KeymodeTouch | KeymodePinOnce
+	// order in which to prefer token locations on the yubikey.
+	// corresponds to: 9c, 9e, 9d, 9a
+	slotIDs = []int{2, 1, 3, 0}
+)
+
+// SetYubikeyKeyMode - sets the mode when generating yubikey keys.
+// This is to be used for testing.  It does nothing if not building with tag
+// pkcs11.
+func SetYubikeyKeyMode(keyMode int) error {
+	// technically 7 (1 | 2 | 4) is valid, but KeymodePinOnce +
+	// KeymdoePinAlways don't really make sense together
+	if keyMode < 0 || keyMode > 5 {
+		return errors.New("Invalid key mode")
+	}
+	yubikeyKeymode = keyMode
+	return nil
+}
+
+// SetTouchToSignUI - allows configurable UX for notifying a user that they
+// need to touch the yubikey to sign. The callback may be used to provide a
+// mechanism for updating a GUI (such as removing a modal) after the touch
+// has been made
+func SetTouchToSignUI(notifier func(), callback func()) {
+	touchToSignUI = notifier
+	if callback != nil {
+		touchDoneCallback = callback
+	}
+}
+
+var touchToSignUI = func() {
+	fmt.Println("Please touch the attached Yubikey to perform signing.")
+}
+
+var touchDoneCallback = func() {
+	// noop
+}
+
+var pkcs11Lib string
+
+func init() {
+	for _, loc := range possiblePkcs11Libs {
+		_, err := os.Stat(loc)
+		if err == nil {
+			p := pkcs11.New(loc)
+			if p != nil {
+				pkcs11Lib = loc
+				return
+			}
+		}
+	}
+}
+
+type ErrBackupFailed struct {
+	err string
+}
+
+func (err ErrBackupFailed) Error() string {
+	return fmt.Sprintf("Failed to backup private key to: %s", err.err)
+}
+
+type yubiSlot struct {
+	role   string
+	slotID []byte
+}
+
+// YubiPrivateKey represents a private key inside of a yubikey
+type YubiPrivateKey struct {
+	data.ECDSAPublicKey
+	passRetriever passphrase.Retriever
+	slot          []byte
+	libLoader     pkcs11LibLoader
+}
+
+type YubikeySigner struct {
+	YubiPrivateKey
+}
+
+func NewYubiPrivateKey(slot []byte, pubKey data.ECDSAPublicKey,
+	passRetriever passphrase.Retriever) *YubiPrivateKey {
+
+	return &YubiPrivateKey{
+		ECDSAPublicKey: pubKey,
+		passRetriever:  passRetriever,
+		slot:           slot,
+		libLoader:      defaultLoader,
+	}
+}
+
+func (ys *YubikeySigner) Public() crypto.PublicKey {
+	publicKey, err := x509.ParsePKIXPublicKey(ys.YubiPrivateKey.Public())
+	if err != nil {
+		return nil
+	}
+
+	return publicKey
+}
+
+func (y *YubiPrivateKey) setLibLoader(loader pkcs11LibLoader) {
+	y.libLoader = loader
+}
+
+// CryptoSigner returns a crypto.Signer tha wraps the YubiPrivateKey. Needed for
+// Certificate generation only
+func (y *YubiPrivateKey) CryptoSigner() crypto.Signer {
+	return &YubikeySigner{YubiPrivateKey: *y}
+}
+
+// Private is not implemented in hardware  keys
+func (y *YubiPrivateKey) Private() []byte {
+	// We cannot return the private material from a Yubikey
+	// TODO(david): We probably want to return an error here
+	return nil
+}
+
+func (y YubiPrivateKey) SignatureAlgorithm() data.SigAlgorithm {
+	return data.ECDSASignature
+}
+
+func (y *YubiPrivateKey) Sign(rand io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error) {
+	ctx, session, err := SetupHSMEnv(pkcs11Lib, y.libLoader)
+	if err != nil {
+		return nil, err
+	}
+	defer cleanup(ctx, session)
+
+	v := signed.Verifiers[data.ECDSASignature]
+	for i := 0; i < sigAttempts; i++ {
+		sig, err := sign(ctx, session, y.slot, y.passRetriever, msg)
+		if err != nil {
+			return nil, fmt.Errorf("failed to sign using Yubikey: %v", err)
+		}
+		if err := v.Verify(&y.ECDSAPublicKey, sig, msg); err == nil {
+			return sig, nil
+		}
+	}
+	return nil, errors.New("Failed to generate signature on Yubikey.")
+}
+
+// If a byte array is less than the number of bytes specified by
+// ecdsaPrivateKeySize, left-zero-pad the byte array until
+// it is the required size.
+func ensurePrivateKeySize(payload []byte) []byte {
+	final := payload
+	if len(payload) < ecdsaPrivateKeySize {
+		final = make([]byte, ecdsaPrivateKeySize)
+		copy(final[ecdsaPrivateKeySize-len(payload):], payload)
+	}
+	return final
+}
+
+// addECDSAKey adds a key to the yubikey
+func addECDSAKey(
+	ctx IPKCS11Ctx,
+	session pkcs11.SessionHandle,
+	privKey data.PrivateKey,
+	pkcs11KeyID []byte,
+	passRetriever passphrase.Retriever,
+	role string,
+) error {
+	logrus.Debugf("Attempting to add key to yubikey with ID: %s", privKey.ID())
+
+	err := login(ctx, session, passRetriever, pkcs11.CKU_SO, SO_USER_PIN)
+	if err != nil {
+		return err
+	}
+	defer ctx.Logout(session)
+
+	// Create an ecdsa.PrivateKey out of the private key bytes
+	ecdsaPrivKey, err := x509.ParseECPrivateKey(privKey.Private())
+	if err != nil {
+		return err
+	}
+
+	ecdsaPrivKeyD := ensurePrivateKeySize(ecdsaPrivKey.D.Bytes())
+
+	// Hard-coded policy: the generated certificate expires in 10 years.
+	startTime := time.Now()
+	template, err := trustmanager.NewCertificate(role, startTime, startTime.AddDate(10, 0, 0))
+	if err != nil {
+		return fmt.Errorf("failed to create the certificate template: %v", err)
+	}
+
+	certBytes, err := x509.CreateCertificate(rand.Reader, template, template, ecdsaPrivKey.Public(), ecdsaPrivKey)
+	if err != nil {
+		return fmt.Errorf("failed to create the certificate: %v", err)
+	}
+
+	certTemplate := []*pkcs11.Attribute{
+		pkcs11.NewAttribute(pkcs11.CKA_CLASS, pkcs11.CKO_CERTIFICATE),
+		pkcs11.NewAttribute(pkcs11.CKA_VALUE, certBytes),
+		pkcs11.NewAttribute(pkcs11.CKA_ID, pkcs11KeyID),
+	}
+
+	privateKeyTemplate := []*pkcs11.Attribute{
+		pkcs11.NewAttribute(pkcs11.CKA_CLASS, pkcs11.CKO_PRIVATE_KEY),
+		pkcs11.NewAttribute(pkcs11.CKA_KEY_TYPE, pkcs11.CKK_ECDSA),
+		pkcs11.NewAttribute(pkcs11.CKA_ID, pkcs11KeyID),
+		pkcs11.NewAttribute(pkcs11.CKA_EC_PARAMS, []byte{0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07}),
+		pkcs11.NewAttribute(pkcs11.CKA_VALUE, ecdsaPrivKeyD),
+		pkcs11.NewAttribute(pkcs11.CKA_VENDOR_DEFINED, yubikeyKeymode),
+	}
+
+	_, err = ctx.CreateObject(session, certTemplate)
+	if err != nil {
+		return fmt.Errorf("error importing: %v", err)
+	}
+
+	_, err = ctx.CreateObject(session, privateKeyTemplate)
+	if err != nil {
+		return fmt.Errorf("error importing: %v", err)
+	}
+
+	return nil
+}
+
+func getECDSAKey(ctx IPKCS11Ctx, session pkcs11.SessionHandle, pkcs11KeyID []byte) (*data.ECDSAPublicKey, string, error) {
+	findTemplate := []*pkcs11.Attribute{
+		pkcs11.NewAttribute(pkcs11.CKA_TOKEN, true),
+		pkcs11.NewAttribute(pkcs11.CKA_ID, pkcs11KeyID),
+		pkcs11.NewAttribute(pkcs11.CKA_CLASS, pkcs11.CKO_PUBLIC_KEY),
+	}
+
+	attrTemplate := []*pkcs11.Attribute{
+		pkcs11.NewAttribute(pkcs11.CKA_KEY_TYPE, []byte{0}),
+		pkcs11.NewAttribute(pkcs11.CKA_EC_POINT, []byte{0}),
+		pkcs11.NewAttribute(pkcs11.CKA_EC_PARAMS, []byte{0}),
+	}
+
+	if err := ctx.FindObjectsInit(session, findTemplate); err != nil {
+		logrus.Debugf("Failed to init: %s", err.Error())
+		return nil, "", err
+	}
+	obj, _, err := ctx.FindObjects(session, 1)
+	if err != nil {
+		logrus.Debugf("Failed to find objects: %v", err)
+		return nil, "", err
+	}
+	if err := ctx.FindObjectsFinal(session); err != nil {
+		logrus.Debugf("Failed to finalize: %s", err.Error())
+		return nil, "", err
+	}
+	if len(obj) != 1 {
+		logrus.Debugf("should have found one object")
+		return nil, "", errors.New("no matching keys found inside of yubikey")
+	}
+
+	// Retrieve the public-key material to be able to create a new ECSAKey
+	attr, err := ctx.GetAttributeValue(session, obj[0], attrTemplate)
+	if err != nil {
+		logrus.Debugf("Failed to get Attribute for: %v", obj[0])
+		return nil, "", err
+	}
+
+	// Iterate through all the attributes of this key and saves CKA_PUBLIC_EXPONENT and CKA_MODULUS. Removes ordering specific issues.
+	var rawPubKey []byte
+	for _, a := range attr {
+		if a.Type == pkcs11.CKA_EC_POINT {
+			rawPubKey = a.Value
+		}
+
+	}
+
+	ecdsaPubKey := ecdsa.PublicKey{Curve: elliptic.P256(), X: new(big.Int).SetBytes(rawPubKey[3:35]), Y: new(big.Int).SetBytes(rawPubKey[35:])}
+	pubBytes, err := x509.MarshalPKIXPublicKey(&ecdsaPubKey)
+	if err != nil {
+		logrus.Debugf("Failed to Marshal public key")
+		return nil, "", err
+	}
+
+	return data.NewECDSAPublicKey(pubBytes), data.CanonicalRootRole, nil
+}
+
+// Sign returns a signature for a given signature request
+func sign(ctx IPKCS11Ctx, session pkcs11.SessionHandle, pkcs11KeyID []byte, passRetriever passphrase.Retriever, payload []byte) ([]byte, error) {
+	err := login(ctx, session, passRetriever, pkcs11.CKU_USER, USER_PIN)
+	if err != nil {
+		return nil, fmt.Errorf("error logging in: %v", err)
+	}
+	defer ctx.Logout(session)
+
+	// Define the ECDSA Private key template
+	class := pkcs11.CKO_PRIVATE_KEY
+	privateKeyTemplate := []*pkcs11.Attribute{
+		pkcs11.NewAttribute(pkcs11.CKA_CLASS, class),
+		pkcs11.NewAttribute(pkcs11.CKA_KEY_TYPE, pkcs11.CKK_ECDSA),
+		pkcs11.NewAttribute(pkcs11.CKA_ID, pkcs11KeyID),
+	}
+
+	if err := ctx.FindObjectsInit(session, privateKeyTemplate); err != nil {
+		logrus.Debugf("Failed to init find objects: %s", err.Error())
+		return nil, err
+	}
+	obj, _, err := ctx.FindObjects(session, 1)
+	if err != nil {
+		logrus.Debugf("Failed to find objects: %v", err)
+		return nil, err
+	}
+	if err = ctx.FindObjectsFinal(session); err != nil {
+		logrus.Debugf("Failed to finalize find objects: %s", err.Error())
+		return nil, err
+	}
+	if len(obj) != 1 {
+		return nil, errors.New("length of objects found not 1")
+	}
+
+	var sig []byte
+	err = ctx.SignInit(
+		session, []*pkcs11.Mechanism{pkcs11.NewMechanism(pkcs11.CKM_ECDSA, nil)}, obj[0])
+	if err != nil {
+		return nil, err
+	}
+
+	// Get the SHA256 of the payload
+	digest := sha256.Sum256(payload)
+
+	if (yubikeyKeymode & KeymodeTouch) > 0 {
+		touchToSignUI()
+		defer touchDoneCallback()
+	}
+	// a call to Sign, whether or not Sign fails, will clear the SignInit
+	sig, err = ctx.Sign(session, digest[:])
+	if err != nil {
+		logrus.Debugf("Error while signing: %s", err)
+		return nil, err
+	}
+
+	if sig == nil {
+		return nil, errors.New("Failed to create signature")
+	}
+	return sig[:], nil
+}
+
+func yubiRemoveKey(ctx IPKCS11Ctx, session pkcs11.SessionHandle, pkcs11KeyID []byte, passRetriever passphrase.Retriever, keyID string) error {
+	err := login(ctx, session, passRetriever, pkcs11.CKU_SO, SO_USER_PIN)
+	if err != nil {
+		return err
+	}
+	defer ctx.Logout(session)
+
+	template := []*pkcs11.Attribute{
+		pkcs11.NewAttribute(pkcs11.CKA_TOKEN, true),
+		pkcs11.NewAttribute(pkcs11.CKA_ID, pkcs11KeyID),
+		//pkcs11.NewAttribute(pkcs11.CKA_CLASS, pkcs11.CKO_PRIVATE_KEY),
+		pkcs11.NewAttribute(pkcs11.CKA_CLASS, pkcs11.CKO_CERTIFICATE),
+	}
+
+	if err := ctx.FindObjectsInit(session, template); err != nil {
+		logrus.Debugf("Failed to init find objects: %s", err.Error())
+		return err
+	}
+	obj, b, err := ctx.FindObjects(session, 1)
+	if err != nil {
+		logrus.Debugf("Failed to find objects: %s %v", err.Error(), b)
+		return err
+	}
+	if err := ctx.FindObjectsFinal(session); err != nil {
+		logrus.Debugf("Failed to finalize find objects: %s", err.Error())
+		return err
+	}
+	if len(obj) != 1 {
+		logrus.Debugf("should have found exactly one object")
+		return err
+	}
+
+	// Delete the certificate
+	err = ctx.DestroyObject(session, obj[0])
+	if err != nil {
+		logrus.Debugf("Failed to delete cert")
+		return err
+	}
+	return nil
+}
+
+func yubiListKeys(ctx IPKCS11Ctx, session pkcs11.SessionHandle) (keys map[string]yubiSlot, err error) {
+	keys = make(map[string]yubiSlot)
+	findTemplate := []*pkcs11.Attribute{
+		pkcs11.NewAttribute(pkcs11.CKA_TOKEN, true),
+		//pkcs11.NewAttribute(pkcs11.CKA_ID, pkcs11KeyID),
+		pkcs11.NewAttribute(pkcs11.CKA_CLASS, pkcs11.CKO_CERTIFICATE),
+	}
+
+	attrTemplate := []*pkcs11.Attribute{
+		pkcs11.NewAttribute(pkcs11.CKA_ID, []byte{0}),
+		pkcs11.NewAttribute(pkcs11.CKA_VALUE, []byte{0}),
+	}
+
+	if err = ctx.FindObjectsInit(session, findTemplate); err != nil {
+		logrus.Debugf("Failed to init: %s", err.Error())
+		return
+	}
+	objs, b, err := ctx.FindObjects(session, numSlots)
+	for err == nil {
+		var o []pkcs11.ObjectHandle
+		o, b, err = ctx.FindObjects(session, numSlots)
+		if err != nil {
+			continue
+		}
+		if len(o) == 0 {
+			break
+		}
+		objs = append(objs, o...)
+	}
+	if err != nil {
+		logrus.Debugf("Failed to find: %s %v", err.Error(), b)
+		if len(objs) == 0 {
+			return nil, err
+		}
+	}
+	if err = ctx.FindObjectsFinal(session); err != nil {
+		logrus.Debugf("Failed to finalize: %s", err.Error())
+		return
+	}
+	if len(objs) == 0 {
+		return nil, errors.New("No keys found in yubikey.")
+	}
+	logrus.Debugf("Found %d objects matching list filters", len(objs))
+	for _, obj := range objs {
+		var (
+			cert *x509.Certificate
+			slot []byte
+		)
+		// Retrieve the public-key material to be able to create a new ECDSA
+		attr, err := ctx.GetAttributeValue(session, obj, attrTemplate)
+		if err != nil {
+			logrus.Debugf("Failed to get Attribute for: %v", obj)
+			continue
+		}
+
+		// Iterate through all the attributes of this key and saves CKA_PUBLIC_EXPONENT and CKA_MODULUS. Removes ordering specific issues.
+		for _, a := range attr {
+			if a.Type == pkcs11.CKA_ID {
+				slot = a.Value
+			}
+			if a.Type == pkcs11.CKA_VALUE {
+				cert, err = x509.ParseCertificate(a.Value)
+				if err != nil {
+					continue
+				}
+				if !data.ValidRole(cert.Subject.CommonName) {
+					continue
+				}
+			}
+		}
+
+		// we found nothing
+		if cert == nil {
+			continue
+		}
+
+		var ecdsaPubKey *ecdsa.PublicKey
+		switch cert.PublicKeyAlgorithm {
+		case x509.ECDSA:
+			ecdsaPubKey = cert.PublicKey.(*ecdsa.PublicKey)
+		default:
+			logrus.Infof("Unsupported x509 PublicKeyAlgorithm: %d", cert.PublicKeyAlgorithm)
+			continue
+		}
+
+		pubBytes, err := x509.MarshalPKIXPublicKey(ecdsaPubKey)
+		if err != nil {
+			logrus.Debugf("Failed to Marshal public key")
+			continue
+		}
+
+		keys[data.NewECDSAPublicKey(pubBytes).ID()] = yubiSlot{
+			role:   cert.Subject.CommonName,
+			slotID: slot,
+		}
+	}
+	return
+}
+
+func getNextEmptySlot(ctx IPKCS11Ctx, session pkcs11.SessionHandle) ([]byte, error) {
+	findTemplate := []*pkcs11.Attribute{
+		pkcs11.NewAttribute(pkcs11.CKA_TOKEN, true),
+	}
+	attrTemplate := []*pkcs11.Attribute{
+		pkcs11.NewAttribute(pkcs11.CKA_ID, []byte{0}),
+	}
+
+	if err := ctx.FindObjectsInit(session, findTemplate); err != nil {
+		logrus.Debugf("Failed to init: %s", err.Error())
+		return nil, err
+	}
+	objs, b, err := ctx.FindObjects(session, numSlots)
+	// if there are more objects than `numSlots`, get all of them until
+	// there are no more to get
+	for err == nil {
+		var o []pkcs11.ObjectHandle
+		o, b, err = ctx.FindObjects(session, numSlots)
+		if err != nil {
+			continue
+		}
+		if len(o) == 0 {
+			break
+		}
+		objs = append(objs, o...)
+	}
+	taken := make(map[int]bool)
+	if err != nil {
+		logrus.Debugf("Failed to find: %s %v", err.Error(), b)
+		return nil, err
+	}
+	if err = ctx.FindObjectsFinal(session); err != nil {
+		logrus.Debugf("Failed to finalize: %s\n", err.Error())
+		return nil, err
+	}
+	for _, obj := range objs {
+		// Retrieve the slot ID
+		attr, err := ctx.GetAttributeValue(session, obj, attrTemplate)
+		if err != nil {
+			continue
+		}
+
+		// Iterate through attributes. If an ID attr was found, mark it as taken
+		for _, a := range attr {
+			if a.Type == pkcs11.CKA_ID {
+				if len(a.Value) < 1 {
+					continue
+				}
+				// a byte will always be capable of representing all slot IDs
+				// for the Yubikeys
+				slotNum := int(a.Value[0])
+				if slotNum >= numSlots {
+					// defensive
+					continue
+				}
+				taken[slotNum] = true
+			}
+		}
+	}
+	// iterate the token locations in our preferred order and use the first
+	// available one. Otherwise exit the loop and return an error.
+	for _, loc := range slotIDs {
+		if !taken[loc] {
+			return []byte{byte(loc)}, nil
+		}
+	}
+	return nil, errors.New("Yubikey has no available slots.")
+}
+
+// YubiKeyStore is a KeyStore for private keys inside a Yubikey
+type YubiKeyStore struct {
+	passRetriever passphrase.Retriever
+	keys          map[string]yubiSlot
+	backupStore   trustmanager.KeyStore
+	libLoader     pkcs11LibLoader
+}
+
+// NewYubiKeyStore returns a YubiKeyStore, given a backup key store to write any
+// generated keys to (usually a KeyFileStore)
+func NewYubiKeyStore(backupStore trustmanager.KeyStore, passphraseRetriever passphrase.Retriever) (
+	*YubiKeyStore, error) {
+
+	s := &YubiKeyStore{
+		passRetriever: passphraseRetriever,
+		keys:          make(map[string]yubiSlot),
+		backupStore:   backupStore,
+		libLoader:     defaultLoader,
+	}
+	s.ListKeys() // populate keys field
+	return s, nil
+}
+
+// Name returns a user friendly name for the location this store
+// keeps its data
+func (s YubiKeyStore) Name() string {
+	return "yubikey"
+}
+
+func (s *YubiKeyStore) setLibLoader(loader pkcs11LibLoader) {
+	s.libLoader = loader
+}
+
+func (s *YubiKeyStore) ListKeys() map[string]trustmanager.KeyInfo {
+	if len(s.keys) > 0 {
+		return buildKeyMap(s.keys)
+	}
+	ctx, session, err := SetupHSMEnv(pkcs11Lib, s.libLoader)
+	if err != nil {
+		logrus.Debugf("Failed to initialize PKCS11 environment: %s", err.Error())
+		return nil
+	}
+	defer cleanup(ctx, session)
+
+	keys, err := yubiListKeys(ctx, session)
+	if err != nil {
+		logrus.Debugf("Failed to list key from the yubikey: %s", err.Error())
+		return nil
+	}
+	s.keys = keys
+
+	return buildKeyMap(keys)
+}
+
+// AddKey puts a key inside the Yubikey, as well as writing it to the backup store
+func (s *YubiKeyStore) AddKey(keyInfo trustmanager.KeyInfo, privKey data.PrivateKey) error {
+	added, err := s.addKey(privKey.ID(), keyInfo.Role, privKey)
+	if err != nil {
+		return err
+	}
+	if added && s.backupStore != nil {
+		err = s.backupStore.AddKey(keyInfo, privKey)
+		if err != nil {
+			defer s.RemoveKey(privKey.ID())
+			return ErrBackupFailed{err: err.Error()}
+		}
+	}
+	return nil
+}
+
+// Only add if we haven't seen the key already.  Return whether the key was
+// added.
+func (s *YubiKeyStore) addKey(keyID, role string, privKey data.PrivateKey) (
+	bool, error) {
+
+	// We only allow adding root keys for now
+	if role != data.CanonicalRootRole {
+		return false, fmt.Errorf(
+			"yubikey only supports storing root keys, got %s for key: %s", role, keyID)
+	}
+
+	ctx, session, err := SetupHSMEnv(pkcs11Lib, s.libLoader)
+	if err != nil {
+		logrus.Debugf("Failed to initialize PKCS11 environment: %s", err.Error())
+		return false, err
+	}
+	defer cleanup(ctx, session)
+
+	if k, ok := s.keys[keyID]; ok {
+		if k.role == role {
+			// already have the key and it's associated with the correct role
+			return false, nil
+		}
+	}
+
+	slot, err := getNextEmptySlot(ctx, session)
+	if err != nil {
+		logrus.Debugf("Failed to get an empty yubikey slot: %s", err.Error())
+		return false, err
+	}
+	logrus.Debugf("Attempting to store key using yubikey slot %v", slot)
+
+	err = addECDSAKey(
+		ctx, session, privKey, slot, s.passRetriever, role)
+	if err == nil {
+		s.keys[privKey.ID()] = yubiSlot{
+			role:   role,
+			slotID: slot,
+		}
+		return true, nil
+	}
+	logrus.Debugf("Failed to add key to yubikey: %v", err)
+
+	return false, err
+}
+
+// GetKey retrieves a key from the Yubikey only (it does not look inside the
+// backup store)
+func (s *YubiKeyStore) GetKey(keyID string) (data.PrivateKey, string, error) {
+	ctx, session, err := SetupHSMEnv(pkcs11Lib, s.libLoader)
+	if err != nil {
+		logrus.Debugf("Failed to initialize PKCS11 environment: %s", err.Error())
+		return nil, "", err
+	}
+	defer cleanup(ctx, session)
+
+	key, ok := s.keys[keyID]
+	if !ok {
+		return nil, "", errors.New("no matching keys found inside of yubikey")
+	}
+
+	pubKey, alias, err := getECDSAKey(ctx, session, key.slotID)
+	if err != nil {
+		logrus.Debugf("Failed to get key from slot %s: %s", key.slotID, err.Error())
+		return nil, "", err
+	}
+	// Check to see if we're returning the intended keyID
+	if pubKey.ID() != keyID {
+		return nil, "", fmt.Errorf("expected root key: %s, but found: %s", keyID, pubKey.ID())
+	}
+	privKey := NewYubiPrivateKey(key.slotID, *pubKey, s.passRetriever)
+	if privKey == nil {
+		return nil, "", errors.New("could not initialize new YubiPrivateKey")
+	}
+
+	return privKey, alias, err
+}
+
+// RemoveKey deletes a key from the Yubikey only (it does not remove it from the
+// backup store)
+func (s *YubiKeyStore) RemoveKey(keyID string) error {
+	ctx, session, err := SetupHSMEnv(pkcs11Lib, s.libLoader)
+	if err != nil {
+		logrus.Debugf("Failed to initialize PKCS11 environment: %s", err.Error())
+		return nil
+	}
+	defer cleanup(ctx, session)
+
+	key, ok := s.keys[keyID]
+	if !ok {
+		return errors.New("Key not present in yubikey")
+	}
+	err = yubiRemoveKey(ctx, session, key.slotID, s.passRetriever, keyID)
+	if err == nil {
+		delete(s.keys, keyID)
+	} else {
+		logrus.Debugf("Failed to remove from the yubikey KeyID %s: %v", keyID, err)
+	}
+
+	return err
+}
+
+// ExportKey doesn't work, because you can't export data from a Yubikey
+func (s *YubiKeyStore) ExportKey(keyID string) ([]byte, error) {
+	logrus.Debugf("Attempting to export: %s key inside of YubiKeyStore", keyID)
+	return nil, errors.New("Keys cannot be exported from a Yubikey.")
+}
+
+// Not yet implemented
+func (s *YubiKeyStore) GetKeyInfo(keyID string) (trustmanager.KeyInfo, error) {
+	return trustmanager.KeyInfo{}, fmt.Errorf("Not yet implemented")
+}
+
+func cleanup(ctx IPKCS11Ctx, session pkcs11.SessionHandle) {
+	err := ctx.CloseSession(session)
+	if err != nil {
+		logrus.Debugf("Error closing session: %s", err.Error())
+	}
+	finalizeAndDestroy(ctx)
+}
+
+func finalizeAndDestroy(ctx IPKCS11Ctx) {
+	err := ctx.Finalize()
+	if err != nil {
+		logrus.Debugf("Error finalizing: %s", err.Error())
+	}
+	ctx.Destroy()
+}
+
+// SetupHSMEnv is a method that depends on the existences
+func SetupHSMEnv(libraryPath string, libLoader pkcs11LibLoader) (
+	IPKCS11Ctx, pkcs11.SessionHandle, error) {
+
+	if libraryPath == "" {
+		return nil, 0, fmt.Errorf("no library found.")
+	}
+	p := libLoader(libraryPath)
+
+	if p == nil {
+		return nil, 0, fmt.Errorf("failed to load library %s", libraryPath)
+	}
+
+	if err := p.Initialize(); err != nil {
+		defer finalizeAndDestroy(p)
+		return nil, 0, fmt.Errorf(
+			"found library %s, but initialize error %s", libraryPath, err.Error())
+	}
+
+	slots, err := p.GetSlotList(true)
+	if err != nil {
+		defer finalizeAndDestroy(p)
+		return nil, 0, fmt.Errorf(
+			"loaded library %s, but failed to list HSM slots %s", libraryPath, err)
+	}
+	// Check to see if we got any slots from the HSM.
+	if len(slots) < 1 {
+		defer finalizeAndDestroy(p)
+		return nil, 0, fmt.Errorf(
+			"loaded library %s, but no HSM slots found", libraryPath)
+	}
+
+	// CKF_SERIAL_SESSION: TRUE if cryptographic functions are performed in serial with the application; FALSE if the functions may be performed in parallel with the application.
+	// CKF_RW_SESSION: TRUE if the session is read/write; FALSE if the session is read-only
+	session, err := p.OpenSession(slots[0], pkcs11.CKF_SERIAL_SESSION|pkcs11.CKF_RW_SESSION)
+	if err != nil {
+		defer cleanup(p, session)
+		return nil, 0, fmt.Errorf(
+			"loaded library %s, but failed to start session with HSM %s",
+			libraryPath, err)
+	}
+
+	logrus.Debugf("Initialized PKCS11 library %s and started HSM session", libraryPath)
+	return p, session, nil
+}
+
+// YubikeyAccessible returns true if a Yubikey can be accessed
+func YubikeyAccessible() bool {
+	if pkcs11Lib == "" {
+		return false
+	}
+	ctx, session, err := SetupHSMEnv(pkcs11Lib, defaultLoader)
+	if err != nil {
+		return false
+	}
+	defer cleanup(ctx, session)
+	return true
+}
+
+func login(ctx IPKCS11Ctx, session pkcs11.SessionHandle, passRetriever passphrase.Retriever, userFlag uint, defaultPassw string) error {
+	// try default password
+	err := ctx.Login(session, userFlag, defaultPassw)
+	if err == nil {
+		return nil
+	}
+
+	// default failed, ask user for password
+	for attempts := 0; ; attempts++ {
+		var (
+			giveup bool
+			err    error
+			user   string
+		)
+		if userFlag == pkcs11.CKU_SO {
+			user = "SO Pin"
+		} else {
+			user = "User Pin"
+		}
+		passwd, giveup, err := passRetriever(user, "yubikey", false, attempts)
+		// Check if the passphrase retriever got an error or if it is telling us to give up
+		if giveup || err != nil {
+			return trustmanager.ErrPasswordInvalid{}
+		}
+		if attempts > 2 {
+			return trustmanager.ErrAttemptsExceeded{}
+		}
+
+		// Try to convert PEM encoded bytes back to a PrivateKey using the passphrase
+		err = ctx.Login(session, userFlag, passwd)
+		if err == nil {
+			return nil
+		}
+	}
+	return nil
+}
+
+func buildKeyMap(keys map[string]yubiSlot) map[string]trustmanager.KeyInfo {
+	res := make(map[string]trustmanager.KeyInfo)
+	for k, v := range keys {
+		res[k] = trustmanager.KeyInfo{Role: v.role, Gun: ""}
+	}
+	return res
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/LICENSE b/vendor/src/github.com/docker/notary/tuf/LICENSE
new file mode 100644
index 00000000..d92ae9ee
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/LICENSE
@@ -0,0 +1,30 @@
+Copyright (c) 2015, Docker Inc.
+Copyright (c) 2014-2015 Prime Directive, Inc.
+
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+   * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+   * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+   * Neither the name of Prime Directive, Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/src/github.com/docker/notary/tuf/README.md b/vendor/src/github.com/docker/notary/tuf/README.md
new file mode 100644
index 00000000..00a342e8
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/README.md
@@ -0,0 +1,36 @@
+# GOTUF 
+
+This is still a work in progress but will shortly be a fully compliant 
+Go implementation of [The Update Framework (TUF)](http://theupdateframework.com/).
+
+## Where's the CLI
+
+This repository provides a library only. The [Notary project](https://github.com/docker/notary)
+from Docker should be considered the official CLI to be used with this implementation of TUF.
+
+## TODOs:
+
+- [X] Add Targets to existing repo
+- [X] Sign metadata files
+- [X] Refactor TufRepo to take care of signing ~~and verification~~
+- [ ] Ensure consistent capitalization in naming (TUF\_\_\_ vs Tuf\_\_\_)
+- [X] Make caching of metadata files smarter - PR #5
+- [ ] ~~Add configuration for CLI commands. Order of configuration priority from most to least: flags, config file, defaults~~ Notary should be the official CLI
+- [X] Reasses organization of data types. Possibly consolidate a few things into the data package but break up package into a few more distinct files
+- [ ] Comprehensive test cases
+- [ ] Delete files no longer in use
+- [ ] Fix up errors. Some have to be instantiated, others don't, the inconsistency is annoying.
+- [X] Bump version numbers in meta files (could probably be done better)
+
+## Credits
+
+This implementation was originally forked from [flynn/go-tuf](https://github.com/flynn/go-tuf),
+however in attempting to add delegations I found I was making such
+significant changes that I could not maintain backwards compatibility
+without the code becoming overly convoluted.
+
+Some features such as pluggable verifiers have already been merged upstream to flynn/go-tuf
+and we are in discussion with [titanous](https://github.com/titanous) about working to merge the 2 implementations.
+
+This implementation retains the same 3 Clause BSD license present on 
+the original flynn implementation.
diff --git a/vendor/src/github.com/docker/notary/tuf/client/client.go b/vendor/src/github.com/docker/notary/tuf/client/client.go
new file mode 100644
index 00000000..4feed077
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/client/client.go
@@ -0,0 +1,546 @@
+package client
+
+import (
+	"encoding/json"
+	"fmt"
+	"path"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/notary"
+	tuf "github.com/docker/notary/tuf"
+	"github.com/docker/notary/tuf/data"
+	"github.com/docker/notary/tuf/signed"
+	"github.com/docker/notary/tuf/store"
+	"github.com/docker/notary/tuf/utils"
+)
+
+// Client is a usability wrapper around a raw TUF repo
+type Client struct {
+	local  *tuf.Repo
+	remote store.RemoteStore
+	cache  store.MetadataStore
+}
+
+// NewClient initialized a Client with the given repo, remote source of content, and cache
+func NewClient(local *tuf.Repo, remote store.RemoteStore, cache store.MetadataStore) *Client {
+	return &Client{
+		local:  local,
+		remote: remote,
+		cache:  cache,
+	}
+}
+
+// Update performs an update to the TUF repo as defined by the TUF spec
+func (c *Client) Update() error {
+	// 1. Get timestamp
+	//   a. If timestamp error (verification, expired, etc...) download new root and return to 1.
+	// 2. Check if local snapshot is up to date
+	//   a. If out of date, get updated snapshot
+	//     i. If snapshot error, download new root and return to 1.
+	// 3. Check if root correct against snapshot
+	//   a. If incorrect, download new root and return to 1.
+	// 4. Iteratively download and search targets and delegations to find target meta
+	logrus.Debug("updating TUF client")
+	err := c.update()
+	if err != nil {
+		logrus.Debug("Error occurred. Root will be downloaded and another update attempted")
+		if err := c.downloadRoot(); err != nil {
+			logrus.Debug("Client Update (Root):", err)
+			return err
+		}
+		// If we error again, we now have the latest root and just want to fail
+		// out as there's no expectation the problem can be resolved automatically
+		logrus.Debug("retrying TUF client update")
+		return c.update()
+	}
+	return nil
+}
+
+func (c *Client) update() error {
+	err := c.downloadTimestamp()
+	if err != nil {
+		logrus.Debugf("Client Update (Timestamp): %s", err.Error())
+		return err
+	}
+	err = c.downloadSnapshot()
+	if err != nil {
+		logrus.Debugf("Client Update (Snapshot): %s", err.Error())
+		return err
+	}
+	err = c.checkRoot()
+	if err != nil {
+		// In this instance the root has not expired base on time, but is
+		// expired based on the snapshot dictating a new root has been produced.
+		logrus.Debug(err)
+		return err
+	}
+	// will always need top level targets at a minimum
+	err = c.downloadTargets("targets")
+	if err != nil {
+		logrus.Debugf("Client Update (Targets): %s", err.Error())
+		return err
+	}
+	return nil
+}
+
+// checkRoot determines if the hash, and size are still those reported
+// in the snapshot file. It will also check the expiry, however, if the
+// hash and size in snapshot are unchanged but the root file has expired,
+// there is little expectation that the situation can be remedied.
+func (c Client) checkRoot() error {
+	role := data.CanonicalRootRole
+	size := c.local.Snapshot.Signed.Meta[role].Length
+
+	expectedHashes := c.local.Snapshot.Signed.Meta[role].Hashes
+
+	raw, err := c.cache.GetMeta("root", size)
+	if err != nil {
+		return err
+	}
+
+	if err := data.CheckHashes(raw, expectedHashes); err != nil {
+		return fmt.Errorf("Cached root hashes did not match snapshot root hashes")
+	}
+
+	if int64(len(raw)) != size {
+		return fmt.Errorf("Cached root size did not match snapshot size")
+	}
+
+	root := &data.SignedRoot{}
+	err = json.Unmarshal(raw, root)
+	if err != nil {
+		return ErrCorruptedCache{file: "root.json"}
+	}
+
+	if signed.IsExpired(root.Signed.Expires) {
+		return tuf.ErrLocalRootExpired{}
+	}
+	return nil
+}
+
+// downloadRoot is responsible for downloading the root.json
+func (c *Client) downloadRoot() error {
+	logrus.Debug("Downloading Root...")
+	role := data.CanonicalRootRole
+	// We can't read an exact size for the root metadata without risking getting stuck in the TUF update cycle
+	// since it's possible that downloading timestamp/snapshot metadata may fail due to a signature mismatch
+	var size int64 = -1
+
+	// We could not expect what the "snapshot" meta has specified.
+	//
+	// In some old clients, there is only the "sha256",
+	// but both "sha256" and "sha512" in the newer ones.
+	//
+	// And possibly more in the future.
+	var expectedHashes data.Hashes
+
+	if c.local.Snapshot != nil {
+		if prevRootMeta, ok := c.local.Snapshot.Signed.Meta[role]; ok {
+			size = prevRootMeta.Length
+			expectedHashes = prevRootMeta.Hashes
+		}
+	}
+
+	// if we're bootstrapping we may not have a cached root, an
+	// error will result in the "previous root version" being
+	// interpreted as 0.
+	var download bool
+	var err error
+	var cachedRoot []byte
+	old := &data.Signed{}
+	version := 0
+
+	// Due to the same reason, we don't really know how many hashes are there.
+	if len(expectedHashes) != 0 {
+		// can only trust cache if we have an expected sha256(for example) to trust
+		cachedRoot, err = c.cache.GetMeta(role, size)
+	}
+
+	if cachedRoot == nil || err != nil {
+		logrus.Debug("didn't find a cached root, must download")
+		download = true
+	} else {
+		if err := data.CheckHashes(cachedRoot, expectedHashes); err != nil {
+			logrus.Debug("cached root's hash didn't match expected, must download")
+			download = true
+		}
+
+		err := json.Unmarshal(cachedRoot, old)
+		if err == nil {
+			root, err := data.RootFromSigned(old)
+			if err == nil {
+				version = root.Signed.Version
+			} else {
+				logrus.Debug("couldn't parse Signed part of cached root, must download")
+				download = true
+			}
+		} else {
+			logrus.Debug("couldn't parse cached root, must download")
+			download = true
+		}
+	}
+	var s *data.Signed
+	var raw []byte
+	if download {
+		// use consistent download if we have the checksum.
+		raw, s, err = c.downloadSigned(role, size, expectedHashes)
+		if err != nil {
+			return err
+		}
+	} else {
+		logrus.Debug("using cached root")
+		s = old
+	}
+	if err := c.verifyRoot(role, s, version); err != nil {
+		return err
+	}
+	if download {
+		logrus.Debug("caching downloaded root")
+		// Now that we have accepted new root, write it to cache
+		if err = c.cache.SetMeta(role, raw); err != nil {
+			logrus.Errorf("Failed to write root to local cache: %s", err.Error())
+		}
+	}
+	return nil
+}
+
+func (c Client) verifyRoot(role string, s *data.Signed, minVersion int) error {
+	// this will confirm that the root has been signed by the old root role
+	// with the root keys we bootstrapped with.
+	// Still need to determine if there has been a root key update and
+	// confirm signature with new root key
+	logrus.Debug("verifying root with existing keys")
+	rootRole, err := c.local.GetBaseRole(role)
+	if err != nil {
+		logrus.Debug("no previous root role loaded")
+		return err
+	}
+	// Verify using the rootRole loaded from the known root.json
+	if err = signed.Verify(s, rootRole, minVersion); err != nil {
+		logrus.Debug("root did not verify with existing keys")
+		return err
+	}
+
+	logrus.Debug("updating known root roles and keys")
+	root, err := data.RootFromSigned(s)
+	if err != nil {
+		logrus.Error(err.Error())
+		return err
+	}
+	// replace the existing root.json with the new one (just in memory, we
+	// have another validation step before we fully accept the new root)
+	err = c.local.SetRoot(root)
+	if err != nil {
+		logrus.Error(err.Error())
+		return err
+	}
+	// Verify the new root again having loaded the rootRole out of this new
+	// file (verifies self-referential integrity)
+	// TODO(endophage): be more intelligent and only re-verify if we detect
+	//                  there has been a change in root keys
+	logrus.Debug("verifying root with updated keys")
+	rootRole, err = c.local.GetBaseRole(role)
+	if err != nil {
+		logrus.Debug("root role with new keys not loaded")
+		return err
+	}
+	err = signed.Verify(s, rootRole, minVersion)
+	if err != nil {
+		logrus.Debug("root did not verify with new keys")
+		return err
+	}
+	logrus.Debug("successfully verified root")
+	return nil
+}
+
+// downloadTimestamp is responsible for downloading the timestamp.json
+// Timestamps are special in that we ALWAYS attempt to download and only
+// use cache if the download fails (and the cache is still valid).
+func (c *Client) downloadTimestamp() error {
+	logrus.Debug("Downloading Timestamp...")
+	role := data.CanonicalTimestampRole
+
+	// We may not have a cached timestamp if this is the first time
+	// we're interacting with the repo. This will result in the
+	// version being 0
+	var (
+		old     *data.Signed
+		ts      *data.SignedTimestamp
+		version = 0
+	)
+	cachedTS, err := c.cache.GetMeta(role, notary.MaxTimestampSize)
+	if err == nil {
+		cached := &data.Signed{}
+		err := json.Unmarshal(cachedTS, cached)
+		if err == nil {
+			ts, err := data.TimestampFromSigned(cached)
+			if err == nil {
+				version = ts.Signed.Version
+			}
+			old = cached
+		}
+	}
+	// unlike root, targets and snapshot, always try and download timestamps
+	// from remote, only using the cache one if we couldn't reach remote.
+	raw, s, err := c.downloadSigned(role, notary.MaxTimestampSize, nil)
+	if err == nil {
+		ts, err = c.verifyTimestamp(s, version)
+		if err == nil {
+			logrus.Debug("successfully verified downloaded timestamp")
+			c.cache.SetMeta(role, raw)
+			c.local.SetTimestamp(ts)
+			return nil
+		}
+	}
+	if old == nil {
+		// couldn't retrieve valid data from server and don't have unmarshallable data in cache.
+		logrus.Debug("no cached timestamp available")
+		return err
+	}
+	logrus.Debug(err.Error())
+	logrus.Warn("Error while downloading remote metadata, using cached timestamp - this might not be the latest version available remotely")
+	ts, err = c.verifyTimestamp(old, version)
+	if err != nil {
+		return err
+	}
+	logrus.Debug("successfully verified cached timestamp")
+	c.local.SetTimestamp(ts)
+	return nil
+}
+
+// verifies that a timestamp is valid, and returned the SignedTimestamp object to add to the tuf repo
+func (c *Client) verifyTimestamp(s *data.Signed, minVersion int) (*data.SignedTimestamp, error) {
+	timestampRole, err := c.local.GetBaseRole(data.CanonicalTimestampRole)
+	if err != nil {
+		logrus.Debug("no timestamp role loaded")
+		return nil, err
+	}
+	if err := signed.Verify(s, timestampRole, minVersion); err != nil {
+		return nil, err
+	}
+	return data.TimestampFromSigned(s)
+}
+
+// downloadSnapshot is responsible for downloading the snapshot.json
+func (c *Client) downloadSnapshot() error {
+	logrus.Debug("Downloading Snapshot...")
+	role := data.CanonicalSnapshotRole
+	if c.local.Timestamp == nil {
+		return tuf.ErrNotLoaded{Role: data.CanonicalTimestampRole}
+	}
+	size := c.local.Timestamp.Signed.Meta[role].Length
+	expectedHashes := c.local.Timestamp.Signed.Meta[role].Hashes
+	if len(expectedHashes) == 0 {
+		return data.ErrMissingMeta{Role: "snapshot"}
+	}
+
+	var download bool
+	old := &data.Signed{}
+	version := 0
+	raw, err := c.cache.GetMeta(role, size)
+	if raw == nil || err != nil {
+		logrus.Debug("no snapshot in cache, must download")
+		download = true
+	} else {
+		// file may have been tampered with on disk. Always check the hash!
+		if err := data.CheckHashes(raw, expectedHashes); err != nil {
+			logrus.Debug("hash of snapshot in cache did not match expected hash, must download")
+			download = true
+		}
+
+		err := json.Unmarshal(raw, old)
+		if err == nil {
+			snap, err := data.SnapshotFromSigned(old)
+			if err == nil {
+				version = snap.Signed.Version
+			} else {
+				logrus.Debug("Could not parse Signed part of snapshot, must download")
+				download = true
+			}
+		} else {
+			logrus.Debug("Could not parse snapshot, must download")
+			download = true
+		}
+	}
+	var s *data.Signed
+	if download {
+		raw, s, err = c.downloadSigned(role, size, expectedHashes)
+		if err != nil {
+			return err
+		}
+	} else {
+		logrus.Debug("using cached snapshot")
+		s = old
+	}
+
+	snapshotRole, err := c.local.GetBaseRole(role)
+	if err != nil {
+		logrus.Debug("no snapshot role loaded")
+		return err
+	}
+	err = signed.Verify(s, snapshotRole, version)
+	if err != nil {
+		return err
+	}
+	logrus.Debug("successfully verified snapshot")
+	snap, err := data.SnapshotFromSigned(s)
+	if err != nil {
+		return err
+	}
+	c.local.SetSnapshot(snap)
+	if download {
+		err = c.cache.SetMeta(role, raw)
+		if err != nil {
+			logrus.Errorf("Failed to write snapshot to local cache: %s", err.Error())
+		}
+	}
+	return nil
+}
+
+// downloadTargets downloads all targets and delegated targets for the repository.
+// It uses a pre-order tree traversal as it's necessary to download parents first
+// to obtain the keys to validate children.
+func (c *Client) downloadTargets(role string) error {
+	logrus.Debug("Downloading Targets...")
+	stack := utils.NewStack()
+	stack.Push(role)
+	for !stack.Empty() {
+		role, err := stack.PopString()
+		if err != nil {
+			return err
+		}
+		if c.local.Snapshot == nil {
+			return tuf.ErrNotLoaded{Role: data.CanonicalSnapshotRole}
+		}
+		snap := c.local.Snapshot.Signed
+		root := c.local.Root.Signed
+
+		s, err := c.getTargetsFile(role, snap.Meta, root.ConsistentSnapshot)
+		if err != nil {
+			if _, ok := err.(data.ErrMissingMeta); ok && role != data.CanonicalTargetsRole {
+				// if the role meta hasn't been published,
+				// that's ok, continue
+				continue
+			}
+			logrus.Error("Error getting targets file:", err)
+			return err
+		}
+		t, err := data.TargetsFromSigned(s, role)
+		if err != nil {
+			return err
+		}
+		err = c.local.SetTargets(role, t)
+		if err != nil {
+			return err
+		}
+
+		// push delegated roles contained in the targets file onto the stack
+		for _, r := range t.Signed.Delegations.Roles {
+			if path.Dir(r.Name) == role {
+				// only load children that are direct 1st generation descendants
+				// of the role we've just downloaded
+				stack.Push(r.Name)
+			}
+		}
+	}
+	return nil
+}
+
+func (c *Client) downloadSigned(role string, size int64, expectedHashes data.Hashes) ([]byte, *data.Signed, error) {
+	rolePath := utils.ConsistentName(role, expectedHashes["sha256"])
+	raw, err := c.remote.GetMeta(rolePath, size)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	if expectedHashes != nil {
+		if err := data.CheckHashes(raw, expectedHashes); err != nil {
+			return nil, nil, ErrChecksumMismatch{role: role}
+		}
+	}
+
+	s := &data.Signed{}
+	err = json.Unmarshal(raw, s)
+	if err != nil {
+		return nil, nil, err
+	}
+	return raw, s, nil
+}
+
+func (c Client) getTargetsFile(role string, snapshotMeta data.Files, consistent bool) (*data.Signed, error) {
+	// require role exists in snapshots
+	roleMeta, ok := snapshotMeta[role]
+	if !ok {
+		return nil, data.ErrMissingMeta{Role: role}
+	}
+	expectedHashes := snapshotMeta[role].Hashes
+	if len(expectedHashes) == 0 {
+		return nil, data.ErrMissingMeta{Role: role}
+	}
+
+	// try to get meta file from content addressed cache
+	var download bool
+	old := &data.Signed{}
+	version := 0
+	raw, err := c.cache.GetMeta(role, roleMeta.Length)
+	if err != nil || raw == nil {
+		logrus.Debugf("Couldn't not find cached %s, must download", role)
+		download = true
+	} else {
+		// file may have been tampered with on disk. Always check the hash!
+		if err := data.CheckHashes(raw, expectedHashes); err != nil {
+			download = true
+		}
+
+		err := json.Unmarshal(raw, old)
+		if err == nil {
+			targ, err := data.TargetsFromSigned(old, role)
+			if err == nil {
+				version = targ.Signed.Version
+			} else {
+				download = true
+			}
+		} else {
+			download = true
+		}
+	}
+
+	size := snapshotMeta[role].Length
+	var s *data.Signed
+	if download {
+		raw, s, err = c.downloadSigned(role, size, expectedHashes)
+		if err != nil {
+			return nil, err
+		}
+	} else {
+		logrus.Debug("using cached ", role)
+		s = old
+	}
+	var targetOrDelgRole data.BaseRole
+	if data.IsDelegation(role) {
+		delgRole, err := c.local.GetDelegationRole(role)
+		if err != nil {
+			logrus.Debugf("no %s delegation role loaded", role)
+			return nil, err
+		}
+		targetOrDelgRole = delgRole.BaseRole
+	} else {
+		targetOrDelgRole, err = c.local.GetBaseRole(role)
+		if err != nil {
+			logrus.Debugf("no %s role loaded", role)
+			return nil, err
+		}
+	}
+	if err = signed.Verify(s, targetOrDelgRole, version); err != nil {
+		return nil, err
+	}
+	logrus.Debugf("successfully verified %s", role)
+	if download {
+		// if we error when setting meta, we should continue.
+		err = c.cache.SetMeta(role, raw)
+		if err != nil {
+			logrus.Errorf("Failed to write %s to local cache: %s", role, err.Error())
+		}
+	}
+	return s, nil
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/client/errors.go b/vendor/src/github.com/docker/notary/tuf/client/errors.go
new file mode 100644
index 00000000..ad055512
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/client/errors.go
@@ -0,0 +1,23 @@
+package client
+
+import (
+	"fmt"
+)
+
+// ErrChecksumMismatch - a checksum failed verification
+type ErrChecksumMismatch struct {
+	role string
+}
+
+func (e ErrChecksumMismatch) Error() string {
+	return fmt.Sprintf("tuf: checksum for %s did not match", e.role)
+}
+
+// ErrCorruptedCache - local data is incorrect
+type ErrCorruptedCache struct {
+	file string
+}
+
+func (e ErrCorruptedCache) Error() string {
+	return fmt.Sprintf("cache is corrupted: %s", e.file)
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/data/errors.go b/vendor/src/github.com/docker/notary/tuf/data/errors.go
new file mode 100644
index 00000000..7ff5814c
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/data/errors.go
@@ -0,0 +1,22 @@
+package data
+
+import "fmt"
+
+// ErrInvalidMetadata is the error to be returned when metadata is invalid
+type ErrInvalidMetadata struct {
+	role string
+	msg  string
+}
+
+func (e ErrInvalidMetadata) Error() string {
+	return fmt.Sprintf("%s type metadata invalid: %s", e.role, e.msg)
+}
+
+// ErrMissingMeta - couldn't find the FileMeta object for a role or target
+type ErrMissingMeta struct {
+	Role string
+}
+
+func (e ErrMissingMeta) Error() string {
+	return fmt.Sprintf("tuf: sha256 checksum required for %s", e.Role)
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/data/keys.go b/vendor/src/github.com/docker/notary/tuf/data/keys.go
new file mode 100644
index 00000000..25df598c
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/data/keys.go
@@ -0,0 +1,528 @@
+package data
+
+import (
+	"crypto"
+	"crypto/ecdsa"
+	"crypto/rsa"
+	"crypto/sha256"
+	"crypto/x509"
+	"encoding/asn1"
+	"encoding/hex"
+	"errors"
+	"io"
+	"math/big"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/agl/ed25519"
+	"github.com/docker/go/canonical/json"
+)
+
+// PublicKey is the necessary interface for public keys
+type PublicKey interface {
+	ID() string
+	Algorithm() string
+	Public() []byte
+}
+
+// PrivateKey adds the ability to access the private key
+type PrivateKey interface {
+	PublicKey
+	Sign(rand io.Reader, msg []byte, opts crypto.SignerOpts) (signature []byte, err error)
+	Private() []byte
+	CryptoSigner() crypto.Signer
+	SignatureAlgorithm() SigAlgorithm
+}
+
+// KeyPair holds the public and private key bytes
+type KeyPair struct {
+	Public  []byte `json:"public"`
+	Private []byte `json:"private"`
+}
+
+// Keys represents a map of key ID to PublicKey object. It's necessary
+// to allow us to unmarshal into an interface via the json.Unmarshaller
+// interface
+type Keys map[string]PublicKey
+
+// UnmarshalJSON implements the json.Unmarshaller interface
+func (ks *Keys) UnmarshalJSON(data []byte) error {
+	parsed := make(map[string]TUFKey)
+	err := json.Unmarshal(data, &parsed)
+	if err != nil {
+		return err
+	}
+	final := make(map[string]PublicKey)
+	for k, tk := range parsed {
+		final[k] = typedPublicKey(tk)
+	}
+	*ks = final
+	return nil
+}
+
+// KeyList represents a list of keys
+type KeyList []PublicKey
+
+// UnmarshalJSON implements the json.Unmarshaller interface
+func (ks *KeyList) UnmarshalJSON(data []byte) error {
+	parsed := make([]TUFKey, 0, 1)
+	err := json.Unmarshal(data, &parsed)
+	if err != nil {
+		return err
+	}
+	final := make([]PublicKey, 0, len(parsed))
+	for _, tk := range parsed {
+		final = append(final, typedPublicKey(tk))
+	}
+	*ks = final
+	return nil
+}
+
+// IDs generates a list of the hex encoded key IDs in the KeyList
+func (ks KeyList) IDs() []string {
+	keyIDs := make([]string, 0, len(ks))
+	for _, k := range ks {
+		keyIDs = append(keyIDs, k.ID())
+	}
+	return keyIDs
+}
+
+func typedPublicKey(tk TUFKey) PublicKey {
+	switch tk.Algorithm() {
+	case ECDSAKey:
+		return &ECDSAPublicKey{TUFKey: tk}
+	case ECDSAx509Key:
+		return &ECDSAx509PublicKey{TUFKey: tk}
+	case RSAKey:
+		return &RSAPublicKey{TUFKey: tk}
+	case RSAx509Key:
+		return &RSAx509PublicKey{TUFKey: tk}
+	case ED25519Key:
+		return &ED25519PublicKey{TUFKey: tk}
+	}
+	return &UnknownPublicKey{TUFKey: tk}
+}
+
+func typedPrivateKey(tk TUFKey) (PrivateKey, error) {
+	private := tk.Value.Private
+	tk.Value.Private = nil
+	switch tk.Algorithm() {
+	case ECDSAKey:
+		return NewECDSAPrivateKey(
+			&ECDSAPublicKey{
+				TUFKey: tk,
+			},
+			private,
+		)
+	case ECDSAx509Key:
+		return NewECDSAPrivateKey(
+			&ECDSAx509PublicKey{
+				TUFKey: tk,
+			},
+			private,
+		)
+	case RSAKey:
+		return NewRSAPrivateKey(
+			&RSAPublicKey{
+				TUFKey: tk,
+			},
+			private,
+		)
+	case RSAx509Key:
+		return NewRSAPrivateKey(
+			&RSAx509PublicKey{
+				TUFKey: tk,
+			},
+			private,
+		)
+	case ED25519Key:
+		return NewED25519PrivateKey(
+			ED25519PublicKey{
+				TUFKey: tk,
+			},
+			private,
+		)
+	}
+	return &UnknownPrivateKey{
+		TUFKey:     tk,
+		privateKey: privateKey{private: private},
+	}, nil
+}
+
+// NewPublicKey creates a new, correctly typed PublicKey, using the
+// UnknownPublicKey catchall for unsupported ciphers
+func NewPublicKey(alg string, public []byte) PublicKey {
+	tk := TUFKey{
+		Type: alg,
+		Value: KeyPair{
+			Public: public,
+		},
+	}
+	return typedPublicKey(tk)
+}
+
+// NewPrivateKey creates a new, correctly typed PrivateKey, using the
+// UnknownPrivateKey catchall for unsupported ciphers
+func NewPrivateKey(pubKey PublicKey, private []byte) (PrivateKey, error) {
+	tk := TUFKey{
+		Type: pubKey.Algorithm(),
+		Value: KeyPair{
+			Public:  pubKey.Public(),
+			Private: private, // typedPrivateKey moves this value
+		},
+	}
+	return typedPrivateKey(tk)
+}
+
+// UnmarshalPublicKey is used to parse individual public keys in JSON
+func UnmarshalPublicKey(data []byte) (PublicKey, error) {
+	var parsed TUFKey
+	err := json.Unmarshal(data, &parsed)
+	if err != nil {
+		return nil, err
+	}
+	return typedPublicKey(parsed), nil
+}
+
+// UnmarshalPrivateKey is used to parse individual private keys in JSON
+func UnmarshalPrivateKey(data []byte) (PrivateKey, error) {
+	var parsed TUFKey
+	err := json.Unmarshal(data, &parsed)
+	if err != nil {
+		return nil, err
+	}
+	return typedPrivateKey(parsed)
+}
+
+// TUFKey is the structure used for both public and private keys in TUF.
+// Normally it would make sense to use a different structures for public and
+// private keys, but that would change the key ID algorithm (since the canonical
+// JSON would be different). This structure should normally be accessed through
+// the PublicKey or PrivateKey interfaces.
+type TUFKey struct {
+	id    string
+	Type  string  `json:"keytype"`
+	Value KeyPair `json:"keyval"`
+}
+
+// Algorithm returns the algorithm of the key
+func (k TUFKey) Algorithm() string {
+	return k.Type
+}
+
+// ID efficiently generates if necessary, and caches the ID of the key
+func (k *TUFKey) ID() string {
+	if k.id == "" {
+		pubK := TUFKey{
+			Type: k.Algorithm(),
+			Value: KeyPair{
+				Public:  k.Public(),
+				Private: nil,
+			},
+		}
+		data, err := json.MarshalCanonical(&pubK)
+		if err != nil {
+			logrus.Error("Error generating key ID:", err)
+		}
+		digest := sha256.Sum256(data)
+		k.id = hex.EncodeToString(digest[:])
+	}
+	return k.id
+}
+
+// Public returns the public bytes
+func (k TUFKey) Public() []byte {
+	return k.Value.Public
+}
+
+// Public key types
+
+// ECDSAPublicKey represents an ECDSA key using a raw serialization
+// of the public key
+type ECDSAPublicKey struct {
+	TUFKey
+}
+
+// ECDSAx509PublicKey represents an ECDSA key using an x509 cert
+// as the serialized format of the public key
+type ECDSAx509PublicKey struct {
+	TUFKey
+}
+
+// RSAPublicKey represents an RSA key using a raw serialization
+// of the public key
+type RSAPublicKey struct {
+	TUFKey
+}
+
+// RSAx509PublicKey represents an RSA key using an x509 cert
+// as the serialized format of the public key
+type RSAx509PublicKey struct {
+	TUFKey
+}
+
+// ED25519PublicKey represents an ED25519 key using a raw serialization
+// of the public key
+type ED25519PublicKey struct {
+	TUFKey
+}
+
+// UnknownPublicKey is a catchall for key types that are not supported
+type UnknownPublicKey struct {
+	TUFKey
+}
+
+// NewECDSAPublicKey initializes a new public key with the ECDSAKey type
+func NewECDSAPublicKey(public []byte) *ECDSAPublicKey {
+	return &ECDSAPublicKey{
+		TUFKey: TUFKey{
+			Type: ECDSAKey,
+			Value: KeyPair{
+				Public:  public,
+				Private: nil,
+			},
+		},
+	}
+}
+
+// NewECDSAx509PublicKey initializes a new public key with the ECDSAx509Key type
+func NewECDSAx509PublicKey(public []byte) *ECDSAx509PublicKey {
+	return &ECDSAx509PublicKey{
+		TUFKey: TUFKey{
+			Type: ECDSAx509Key,
+			Value: KeyPair{
+				Public:  public,
+				Private: nil,
+			},
+		},
+	}
+}
+
+// NewRSAPublicKey initializes a new public key with the RSA type
+func NewRSAPublicKey(public []byte) *RSAPublicKey {
+	return &RSAPublicKey{
+		TUFKey: TUFKey{
+			Type: RSAKey,
+			Value: KeyPair{
+				Public:  public,
+				Private: nil,
+			},
+		},
+	}
+}
+
+// NewRSAx509PublicKey initializes a new public key with the RSAx509Key type
+func NewRSAx509PublicKey(public []byte) *RSAx509PublicKey {
+	return &RSAx509PublicKey{
+		TUFKey: TUFKey{
+			Type: RSAx509Key,
+			Value: KeyPair{
+				Public:  public,
+				Private: nil,
+			},
+		},
+	}
+}
+
+// NewED25519PublicKey initializes a new public key with the ED25519Key type
+func NewED25519PublicKey(public []byte) *ED25519PublicKey {
+	return &ED25519PublicKey{
+		TUFKey: TUFKey{
+			Type: ED25519Key,
+			Value: KeyPair{
+				Public:  public,
+				Private: nil,
+			},
+		},
+	}
+}
+
+// Private key types
+type privateKey struct {
+	private []byte
+}
+
+type signer struct {
+	signer crypto.Signer
+}
+
+// ECDSAPrivateKey represents a private ECDSA key
+type ECDSAPrivateKey struct {
+	PublicKey
+	privateKey
+	signer
+}
+
+// RSAPrivateKey represents a private RSA key
+type RSAPrivateKey struct {
+	PublicKey
+	privateKey
+	signer
+}
+
+// ED25519PrivateKey represents a private ED25519 key
+type ED25519PrivateKey struct {
+	ED25519PublicKey
+	privateKey
+}
+
+// UnknownPrivateKey is a catchall for unsupported key types
+type UnknownPrivateKey struct {
+	TUFKey
+	privateKey
+}
+
+// NewECDSAPrivateKey initializes a new ECDSA private key
+func NewECDSAPrivateKey(public PublicKey, private []byte) (*ECDSAPrivateKey, error) {
+	switch public.(type) {
+	case *ECDSAPublicKey, *ECDSAx509PublicKey:
+	default:
+		return nil, errors.New("Invalid public key type provided to NewECDSAPrivateKey")
+	}
+	ecdsaPrivKey, err := x509.ParseECPrivateKey(private)
+	if err != nil {
+		return nil, err
+	}
+	return &ECDSAPrivateKey{
+		PublicKey:  public,
+		privateKey: privateKey{private: private},
+		signer:     signer{signer: ecdsaPrivKey},
+	}, nil
+}
+
+// NewRSAPrivateKey initialized a new RSA private key
+func NewRSAPrivateKey(public PublicKey, private []byte) (*RSAPrivateKey, error) {
+	switch public.(type) {
+	case *RSAPublicKey, *RSAx509PublicKey:
+	default:
+		return nil, errors.New("Invalid public key type provided to NewRSAPrivateKey")
+	}
+	rsaPrivKey, err := x509.ParsePKCS1PrivateKey(private)
+	if err != nil {
+		return nil, err
+	}
+	return &RSAPrivateKey{
+		PublicKey:  public,
+		privateKey: privateKey{private: private},
+		signer:     signer{signer: rsaPrivKey},
+	}, nil
+}
+
+// NewED25519PrivateKey initialized a new ED25519 private key
+func NewED25519PrivateKey(public ED25519PublicKey, private []byte) (*ED25519PrivateKey, error) {
+	return &ED25519PrivateKey{
+		ED25519PublicKey: public,
+		privateKey:       privateKey{private: private},
+	}, nil
+}
+
+// Private return the serialized private bytes of the key
+func (k privateKey) Private() []byte {
+	return k.private
+}
+
+// CryptoSigner returns the underlying crypto.Signer for use cases where we need the default
+// signature or public key functionality (like when we generate certificates)
+func (s signer) CryptoSigner() crypto.Signer {
+	return s.signer
+}
+
+// CryptoSigner returns the ED25519PrivateKey which already implements crypto.Signer
+func (k ED25519PrivateKey) CryptoSigner() crypto.Signer {
+	return nil
+}
+
+// CryptoSigner returns the UnknownPrivateKey which already implements crypto.Signer
+func (k UnknownPrivateKey) CryptoSigner() crypto.Signer {
+	return nil
+}
+
+type ecdsaSig struct {
+	R *big.Int
+	S *big.Int
+}
+
+// Sign creates an ecdsa signature
+func (k ECDSAPrivateKey) Sign(rand io.Reader, msg []byte, opts crypto.SignerOpts) (signature []byte, err error) {
+	ecdsaPrivKey, ok := k.CryptoSigner().(*ecdsa.PrivateKey)
+	if !ok {
+		return nil, errors.New("Signer was based on the wrong key type")
+	}
+	hashed := sha256.Sum256(msg)
+	sigASN1, err := ecdsaPrivKey.Sign(rand, hashed[:], opts)
+	if err != nil {
+		return nil, err
+	}
+
+	sig := ecdsaSig{}
+	_, err = asn1.Unmarshal(sigASN1, &sig)
+	if err != nil {
+		return nil, err
+	}
+	rBytes, sBytes := sig.R.Bytes(), sig.S.Bytes()
+	octetLength := (ecdsaPrivKey.Params().BitSize + 7) >> 3
+
+	// MUST include leading zeros in the output
+	rBuf := make([]byte, octetLength-len(rBytes), octetLength)
+	sBuf := make([]byte, octetLength-len(sBytes), octetLength)
+
+	rBuf = append(rBuf, rBytes...)
+	sBuf = append(sBuf, sBytes...)
+	return append(rBuf, sBuf...), nil
+}
+
+// Sign creates an rsa signature
+func (k RSAPrivateKey) Sign(rand io.Reader, msg []byte, opts crypto.SignerOpts) (signature []byte, err error) {
+	hashed := sha256.Sum256(msg)
+	if opts == nil {
+		opts = &rsa.PSSOptions{
+			SaltLength: rsa.PSSSaltLengthEqualsHash,
+			Hash:       crypto.SHA256,
+		}
+	}
+	return k.CryptoSigner().Sign(rand, hashed[:], opts)
+}
+
+// Sign creates an ed25519 signature
+func (k ED25519PrivateKey) Sign(rand io.Reader, msg []byte, opts crypto.SignerOpts) (signature []byte, err error) {
+	priv := [ed25519.PrivateKeySize]byte{}
+	copy(priv[:], k.private[ed25519.PublicKeySize:])
+	return ed25519.Sign(&priv, msg)[:], nil
+}
+
+// Sign on an UnknownPrivateKey raises an error because the client does not
+// know how to sign with this key type.
+func (k UnknownPrivateKey) Sign(rand io.Reader, msg []byte, opts crypto.SignerOpts) (signature []byte, err error) {
+	return nil, errors.New("Unknown key type, cannot sign.")
+}
+
+// SignatureAlgorithm returns the SigAlgorithm for a ECDSAPrivateKey
+func (k ECDSAPrivateKey) SignatureAlgorithm() SigAlgorithm {
+	return ECDSASignature
+}
+
+// SignatureAlgorithm returns the SigAlgorithm for a RSAPrivateKey
+func (k RSAPrivateKey) SignatureAlgorithm() SigAlgorithm {
+	return RSAPSSSignature
+}
+
+// SignatureAlgorithm returns the SigAlgorithm for a ED25519PrivateKey
+func (k ED25519PrivateKey) SignatureAlgorithm() SigAlgorithm {
+	return EDDSASignature
+}
+
+// SignatureAlgorithm returns the SigAlgorithm for an UnknownPrivateKey
+func (k UnknownPrivateKey) SignatureAlgorithm() SigAlgorithm {
+	return ""
+}
+
+// PublicKeyFromPrivate returns a new TUFKey based on a private key, with
+// the private key bytes guaranteed to be nil.
+func PublicKeyFromPrivate(pk PrivateKey) PublicKey {
+	return typedPublicKey(TUFKey{
+		Type: pk.Algorithm(),
+		Value: KeyPair{
+			Public:  pk.Public(),
+			Private: nil,
+		},
+	})
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/data/roles.go b/vendor/src/github.com/docker/notary/tuf/data/roles.go
new file mode 100644
index 00000000..b1a2988b
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/data/roles.go
@@ -0,0 +1,297 @@
+package data
+
+import (
+	"fmt"
+	"path"
+	"regexp"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+)
+
+// Canonical base role names
+const (
+	CanonicalRootRole      = "root"
+	CanonicalTargetsRole   = "targets"
+	CanonicalSnapshotRole  = "snapshot"
+	CanonicalTimestampRole = "timestamp"
+)
+
+// BaseRoles is an easy to iterate list of the top level
+// roles.
+var BaseRoles = []string{
+	CanonicalRootRole,
+	CanonicalTargetsRole,
+	CanonicalSnapshotRole,
+	CanonicalTimestampRole,
+}
+
+// Regex for validating delegation names
+var delegationRegexp = regexp.MustCompile("^[-a-z0-9_/]+$")
+
+// ErrNoSuchRole indicates the roles doesn't exist
+type ErrNoSuchRole struct {
+	Role string
+}
+
+func (e ErrNoSuchRole) Error() string {
+	return fmt.Sprintf("role does not exist: %s", e.Role)
+}
+
+// ErrInvalidRole represents an error regarding a role. Typically
+// something like a role for which sone of the public keys were
+// not found in the TUF repo.
+type ErrInvalidRole struct {
+	Role   string
+	Reason string
+}
+
+func (e ErrInvalidRole) Error() string {
+	if e.Reason != "" {
+		return fmt.Sprintf("tuf: invalid role %s. %s", e.Role, e.Reason)
+	}
+	return fmt.Sprintf("tuf: invalid role %s.", e.Role)
+}
+
+// ValidRole only determines the name is semantically
+// correct. For target delegated roles, it does NOT check
+// the the appropriate parent roles exist.
+func ValidRole(name string) bool {
+	if IsDelegation(name) {
+		return true
+	}
+
+	for _, v := range BaseRoles {
+		if name == v {
+			return true
+		}
+	}
+	return false
+}
+
+// IsDelegation checks if the role is a delegation or a root role
+func IsDelegation(role string) bool {
+	targetsBase := CanonicalTargetsRole + "/"
+
+	whitelistedChars := delegationRegexp.MatchString(role)
+
+	// Limit size of full role string to 255 chars for db column size limit
+	correctLength := len(role) < 256
+
+	// Removes ., .., extra slashes, and trailing slash
+	isClean := path.Clean(role) == role
+	return strings.HasPrefix(role, targetsBase) &&
+		whitelistedChars &&
+		correctLength &&
+		isClean
+}
+
+// BaseRole is an internal representation of a root/targets/snapshot/timestamp role, with its public keys included
+type BaseRole struct {
+	Keys      map[string]PublicKey
+	Name      string
+	Threshold int
+}
+
+// NewBaseRole creates a new BaseRole object with the provided parameters
+func NewBaseRole(name string, threshold int, keys ...PublicKey) BaseRole {
+	r := BaseRole{
+		Name:      name,
+		Threshold: threshold,
+		Keys:      make(map[string]PublicKey),
+	}
+	for _, k := range keys {
+		r.Keys[k.ID()] = k
+	}
+	return r
+}
+
+// ListKeys retrieves the public keys valid for this role
+func (b BaseRole) ListKeys() KeyList {
+	return listKeys(b.Keys)
+}
+
+// ListKeyIDs retrieves the list of key IDs valid for this role
+func (b BaseRole) ListKeyIDs() []string {
+	return listKeyIDs(b.Keys)
+}
+
+// DelegationRole is an internal representation of a delegation role, with its public keys included
+type DelegationRole struct {
+	BaseRole
+	Paths []string
+}
+
+func listKeys(keyMap map[string]PublicKey) KeyList {
+	keys := KeyList{}
+	for _, key := range keyMap {
+		keys = append(keys, key)
+	}
+	return keys
+}
+
+func listKeyIDs(keyMap map[string]PublicKey) []string {
+	keyIDs := []string{}
+	for id := range keyMap {
+		keyIDs = append(keyIDs, id)
+	}
+	return keyIDs
+}
+
+// Restrict restricts the paths and path hash prefixes for the passed in delegation role,
+// returning a copy of the role with validated paths as if it was a direct child
+func (d DelegationRole) Restrict(child DelegationRole) (DelegationRole, error) {
+	if !d.IsParentOf(child) {
+		return DelegationRole{}, fmt.Errorf("%s is not a parent of %s", d.Name, child.Name)
+	}
+	return DelegationRole{
+		BaseRole: BaseRole{
+			Keys:      child.Keys,
+			Name:      child.Name,
+			Threshold: child.Threshold,
+		},
+		Paths: RestrictDelegationPathPrefixes(d.Paths, child.Paths),
+	}, nil
+}
+
+// IsParentOf returns whether the passed in delegation role is the direct child of this role,
+// determined by delegation name.
+// Ex: targets/a is a direct parent of targets/a/b, but targets/a is not a direct parent of targets/a/b/c
+func (d DelegationRole) IsParentOf(child DelegationRole) bool {
+	return path.Dir(child.Name) == d.Name
+}
+
+// CheckPaths checks if a given path is valid for the role
+func (d DelegationRole) CheckPaths(path string) bool {
+	return checkPaths(path, d.Paths)
+}
+
+func checkPaths(path string, permitted []string) bool {
+	for _, p := range permitted {
+		if strings.HasPrefix(path, p) {
+			return true
+		}
+	}
+	return false
+}
+
+// RestrictDelegationPathPrefixes returns the list of valid delegationPaths that are prefixed by parentPaths
+func RestrictDelegationPathPrefixes(parentPaths, delegationPaths []string) []string {
+	validPaths := []string{}
+	if len(delegationPaths) == 0 {
+		return validPaths
+	}
+
+	// Validate each individual delegation path
+	for _, delgPath := range delegationPaths {
+		isPrefixed := false
+		for _, parentPath := range parentPaths {
+			if strings.HasPrefix(delgPath, parentPath) {
+				isPrefixed = true
+				break
+			}
+		}
+		// If the delegation path did not match prefix against any parent path, it is not valid
+		if isPrefixed {
+			validPaths = append(validPaths, delgPath)
+		}
+	}
+	return validPaths
+}
+
+// RootRole is a cut down role as it appears in the root.json
+// Eventually should only be used for immediately before and after serialization/deserialization
+type RootRole struct {
+	KeyIDs    []string `json:"keyids"`
+	Threshold int      `json:"threshold"`
+}
+
+// Role is a more verbose role as they appear in targets delegations
+// Eventually should only be used for immediately before and after serialization/deserialization
+type Role struct {
+	RootRole
+	Name  string   `json:"name"`
+	Paths []string `json:"paths,omitempty"`
+}
+
+// NewRole creates a new Role object from the given parameters
+func NewRole(name string, threshold int, keyIDs, paths []string) (*Role, error) {
+	if IsDelegation(name) {
+		if len(paths) == 0 {
+			logrus.Debugf("role %s with no Paths will never be able to publish content until one or more are added", name)
+		}
+	}
+	if threshold < 1 {
+		return nil, ErrInvalidRole{Role: name}
+	}
+	if !ValidRole(name) {
+		return nil, ErrInvalidRole{Role: name}
+	}
+	return &Role{
+		RootRole: RootRole{
+			KeyIDs:    keyIDs,
+			Threshold: threshold,
+		},
+		Name:  name,
+		Paths: paths,
+	}, nil
+
+}
+
+// CheckPaths checks if a given path is valid for the role
+func (r Role) CheckPaths(path string) bool {
+	return checkPaths(path, r.Paths)
+}
+
+// AddKeys merges the ids into the current list of role key ids
+func (r *Role) AddKeys(ids []string) {
+	r.KeyIDs = mergeStrSlices(r.KeyIDs, ids)
+}
+
+// AddPaths merges the paths into the current list of role paths
+func (r *Role) AddPaths(paths []string) error {
+	if len(paths) == 0 {
+		return nil
+	}
+	r.Paths = mergeStrSlices(r.Paths, paths)
+	return nil
+}
+
+// RemoveKeys removes the ids from the current list of key ids
+func (r *Role) RemoveKeys(ids []string) {
+	r.KeyIDs = subtractStrSlices(r.KeyIDs, ids)
+}
+
+// RemovePaths removes the paths from the current list of role paths
+func (r *Role) RemovePaths(paths []string) {
+	r.Paths = subtractStrSlices(r.Paths, paths)
+}
+
+func mergeStrSlices(orig, new []string) []string {
+	have := make(map[string]bool)
+	for _, e := range orig {
+		have[e] = true
+	}
+	merged := make([]string, len(orig), len(orig)+len(new))
+	copy(merged, orig)
+	for _, e := range new {
+		if !have[e] {
+			merged = append(merged, e)
+		}
+	}
+	return merged
+}
+
+func subtractStrSlices(orig, remove []string) []string {
+	kill := make(map[string]bool)
+	for _, e := range remove {
+		kill[e] = true
+	}
+	var keep []string
+	for _, e := range orig {
+		if !kill[e] {
+			keep = append(keep, e)
+		}
+	}
+	return keep
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/data/root.go b/vendor/src/github.com/docker/notary/tuf/data/root.go
new file mode 100644
index 00000000..02030caa
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/data/root.go
@@ -0,0 +1,161 @@
+package data
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/docker/go/canonical/json"
+)
+
+// SignedRoot is a fully unpacked root.json
+type SignedRoot struct {
+	Signatures []Signature
+	Signed     Root
+	Dirty      bool
+}
+
+// Root is the Signed component of a root.json
+type Root struct {
+	Type               string               `json:"_type"`
+	Version            int                  `json:"version"`
+	Expires            time.Time            `json:"expires"`
+	Keys               Keys                 `json:"keys"`
+	Roles              map[string]*RootRole `json:"roles"`
+	ConsistentSnapshot bool                 `json:"consistent_snapshot"`
+}
+
+// isValidRootStructure returns an error, or nil, depending on whether the content of the struct
+// is valid for root metadata.  This does not check signatures or expiry, just that
+// the metadata content is valid.
+func isValidRootStructure(r Root) error {
+	expectedType := TUFTypes[CanonicalRootRole]
+	if r.Type != expectedType {
+		return ErrInvalidMetadata{
+			role: CanonicalRootRole, msg: fmt.Sprintf("expected type %s, not %s", expectedType, r.Type)}
+	}
+
+	// all the base roles MUST appear in the root.json - other roles are allowed,
+	// but other than the mirror role (not currently supported) are out of spec
+	for _, roleName := range BaseRoles {
+		roleObj, ok := r.Roles[roleName]
+		if !ok || roleObj == nil {
+			return ErrInvalidMetadata{
+				role: CanonicalRootRole, msg: fmt.Sprintf("missing %s role specification", roleName)}
+		}
+		if err := isValidRootRoleStructure(CanonicalRootRole, roleName, *roleObj, r.Keys); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func isValidRootRoleStructure(metaContainingRole, rootRoleName string, r RootRole, validKeys Keys) error {
+	if r.Threshold < 1 {
+		return ErrInvalidMetadata{
+			role: metaContainingRole,
+			msg:  fmt.Sprintf("invalid threshold specified for %s: %v ", rootRoleName, r.Threshold),
+		}
+	}
+	for _, keyID := range r.KeyIDs {
+		if _, ok := validKeys[keyID]; !ok {
+			return ErrInvalidMetadata{
+				role: metaContainingRole,
+				msg:  fmt.Sprintf("key ID %s specified in %s without corresponding key", keyID, rootRoleName),
+			}
+		}
+	}
+	return nil
+}
+
+// NewRoot initializes a new SignedRoot with a set of keys, roles, and the consistent flag
+func NewRoot(keys map[string]PublicKey, roles map[string]*RootRole, consistent bool) (*SignedRoot, error) {
+	signedRoot := &SignedRoot{
+		Signatures: make([]Signature, 0),
+		Signed: Root{
+			Type:               TUFTypes[CanonicalRootRole],
+			Version:            0,
+			Expires:            DefaultExpires(CanonicalRootRole),
+			Keys:               keys,
+			Roles:              roles,
+			ConsistentSnapshot: consistent,
+		},
+		Dirty: true,
+	}
+
+	return signedRoot, nil
+}
+
+// BuildBaseRole returns a copy of a BaseRole using the information in this SignedRoot for the specified role name.
+// Will error for invalid role name or key metadata within this SignedRoot
+func (r SignedRoot) BuildBaseRole(roleName string) (BaseRole, error) {
+	roleData, ok := r.Signed.Roles[roleName]
+	if !ok {
+		return BaseRole{}, ErrInvalidRole{Role: roleName, Reason: "role not found in root file"}
+	}
+	// Get all public keys for the base role from TUF metadata
+	keyIDs := roleData.KeyIDs
+	pubKeys := make(map[string]PublicKey)
+	for _, keyID := range keyIDs {
+		pubKey, ok := r.Signed.Keys[keyID]
+		if !ok {
+			return BaseRole{}, ErrInvalidRole{
+				Role:   roleName,
+				Reason: fmt.Sprintf("key with ID %s was not found in root metadata", keyID),
+			}
+		}
+		pubKeys[keyID] = pubKey
+	}
+
+	return BaseRole{
+		Name:      roleName,
+		Keys:      pubKeys,
+		Threshold: roleData.Threshold,
+	}, nil
+}
+
+// ToSigned partially serializes a SignedRoot for further signing
+func (r SignedRoot) ToSigned() (*Signed, error) {
+	s, err := defaultSerializer.MarshalCanonical(r.Signed)
+	if err != nil {
+		return nil, err
+	}
+	// cast into a json.RawMessage
+	signed := json.RawMessage{}
+	err = signed.UnmarshalJSON(s)
+	if err != nil {
+		return nil, err
+	}
+	sigs := make([]Signature, len(r.Signatures))
+	copy(sigs, r.Signatures)
+	return &Signed{
+		Signatures: sigs,
+		Signed:     &signed,
+	}, nil
+}
+
+// MarshalJSON returns the serialized form of SignedRoot as bytes
+func (r SignedRoot) MarshalJSON() ([]byte, error) {
+	signed, err := r.ToSigned()
+	if err != nil {
+		return nil, err
+	}
+	return defaultSerializer.Marshal(signed)
+}
+
+// RootFromSigned fully unpacks a Signed object into a SignedRoot and ensures
+// that it is a valid SignedRoot
+func RootFromSigned(s *Signed) (*SignedRoot, error) {
+	r := Root{}
+	if err := defaultSerializer.Unmarshal(*s.Signed, &r); err != nil {
+		return nil, err
+	}
+	if err := isValidRootStructure(r); err != nil {
+		return nil, err
+	}
+	sigs := make([]Signature, len(s.Signatures))
+	copy(sigs, s.Signatures)
+	return &SignedRoot{
+		Signatures: sigs,
+		Signed:     r,
+	}, nil
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/data/serializer.go b/vendor/src/github.com/docker/notary/tuf/data/serializer.go
new file mode 100644
index 00000000..5c33d129
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/data/serializer.go
@@ -0,0 +1,36 @@
+package data
+
+import "github.com/docker/go/canonical/json"
+
+// Serializer is an interface that can marshal and unmarshal TUF data.  This
+// is expected to be a canonical JSON marshaller
+type serializer interface {
+	MarshalCanonical(from interface{}) ([]byte, error)
+	Marshal(from interface{}) ([]byte, error)
+	Unmarshal(from []byte, to interface{}) error
+}
+
+// CanonicalJSON marshals to and from canonical JSON
+type canonicalJSON struct{}
+
+// MarshalCanonical returns the canonical JSON form of a thing
+func (c canonicalJSON) MarshalCanonical(from interface{}) ([]byte, error) {
+	return json.MarshalCanonical(from)
+}
+
+// Marshal returns the regular non-canonical JSON form of a thing
+func (c canonicalJSON) Marshal(from interface{}) ([]byte, error) {
+	return json.Marshal(from)
+}
+
+// Unmarshal unmarshals some JSON bytes
+func (c canonicalJSON) Unmarshal(from []byte, to interface{}) error {
+	return json.Unmarshal(from, to)
+}
+
+// defaultSerializer is a canonical JSON serializer
+var defaultSerializer serializer = canonicalJSON{}
+
+func setDefaultSerializer(s serializer) {
+	defaultSerializer = s
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/data/snapshot.go b/vendor/src/github.com/docker/notary/tuf/data/snapshot.go
new file mode 100644
index 00000000..0ed2a7e8
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/data/snapshot.go
@@ -0,0 +1,163 @@
+package data
+
+import (
+	"bytes"
+	"fmt"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/go/canonical/json"
+	"github.com/docker/notary"
+)
+
+// SignedSnapshot is a fully unpacked snapshot.json
+type SignedSnapshot struct {
+	Signatures []Signature
+	Signed     Snapshot
+	Dirty      bool
+}
+
+// Snapshot is the Signed component of a snapshot.json
+type Snapshot struct {
+	Type    string    `json:"_type"`
+	Version int       `json:"version"`
+	Expires time.Time `json:"expires"`
+	Meta    Files     `json:"meta"`
+}
+
+// isValidSnapshotStructure returns an error, or nil, depending on whether the content of the
+// struct is valid for snapshot metadata.  This does not check signatures or expiry, just that
+// the metadata content is valid.
+func isValidSnapshotStructure(s Snapshot) error {
+	expectedType := TUFTypes[CanonicalSnapshotRole]
+	if s.Type != expectedType {
+		return ErrInvalidMetadata{
+			role: CanonicalSnapshotRole, msg: fmt.Sprintf("expected type %s, not %s", expectedType, s.Type)}
+	}
+
+	for _, role := range []string{CanonicalRootRole, CanonicalTargetsRole} {
+		// Meta is a map of FileMeta, so if the role isn't in the map it returns
+		// an empty FileMeta, which has an empty map, and you can check on keys
+		// from an empty map.
+		//
+		// For now sha256 is required and sha512 is not.
+		if _, ok := s.Meta[role].Hashes[notary.SHA256]; !ok {
+			return ErrInvalidMetadata{
+				role: CanonicalSnapshotRole,
+				msg:  fmt.Sprintf("missing %s sha256 checksum information", role),
+			}
+		}
+		if err := CheckValidHashStructures(s.Meta[role].Hashes); err != nil {
+			return ErrInvalidMetadata{
+				role: CanonicalSnapshotRole,
+				msg:  fmt.Sprintf("invalid %s checksum information, %v", role, err),
+			}
+		}
+	}
+	return nil
+}
+
+// NewSnapshot initilizes a SignedSnapshot with a given top level root
+// and targets objects
+func NewSnapshot(root *Signed, targets *Signed) (*SignedSnapshot, error) {
+	logrus.Debug("generating new snapshot...")
+	targetsJSON, err := json.Marshal(targets)
+	if err != nil {
+		logrus.Debug("Error Marshalling Targets")
+		return nil, err
+	}
+	rootJSON, err := json.Marshal(root)
+	if err != nil {
+		logrus.Debug("Error Marshalling Root")
+		return nil, err
+	}
+	rootMeta, err := NewFileMeta(bytes.NewReader(rootJSON), NotaryDefaultHashes...)
+	if err != nil {
+		return nil, err
+	}
+	targetsMeta, err := NewFileMeta(bytes.NewReader(targetsJSON), NotaryDefaultHashes...)
+	if err != nil {
+		return nil, err
+	}
+	return &SignedSnapshot{
+		Signatures: make([]Signature, 0),
+		Signed: Snapshot{
+			Type:    TUFTypes["snapshot"],
+			Version: 0,
+			Expires: DefaultExpires("snapshot"),
+			Meta: Files{
+				CanonicalRootRole:    rootMeta,
+				CanonicalTargetsRole: targetsMeta,
+			},
+		},
+	}, nil
+}
+
+// ToSigned partially serializes a SignedSnapshot for further signing
+func (sp *SignedSnapshot) ToSigned() (*Signed, error) {
+	s, err := defaultSerializer.MarshalCanonical(sp.Signed)
+	if err != nil {
+		return nil, err
+	}
+	signed := json.RawMessage{}
+	err = signed.UnmarshalJSON(s)
+	if err != nil {
+		return nil, err
+	}
+	sigs := make([]Signature, len(sp.Signatures))
+	copy(sigs, sp.Signatures)
+	return &Signed{
+		Signatures: sigs,
+		Signed:     &signed,
+	}, nil
+}
+
+// AddMeta updates a role in the snapshot with new meta
+func (sp *SignedSnapshot) AddMeta(role string, meta FileMeta) {
+	sp.Signed.Meta[role] = meta
+	sp.Dirty = true
+}
+
+// GetMeta gets the metadata for a particular role, returning an error if it's
+// not found
+func (sp *SignedSnapshot) GetMeta(role string) (*FileMeta, error) {
+	if meta, ok := sp.Signed.Meta[role]; ok {
+		return &meta, nil
+	}
+	return nil, ErrMissingMeta{Role: role}
+}
+
+// DeleteMeta removes a role from the snapshot. If the role doesn't
+// exist in the snapshot, it's a noop.
+func (sp *SignedSnapshot) DeleteMeta(role string) {
+	if _, ok := sp.Signed.Meta[role]; ok {
+		delete(sp.Signed.Meta, role)
+		sp.Dirty = true
+	}
+}
+
+// MarshalJSON returns the serialized form of SignedSnapshot as bytes
+func (sp *SignedSnapshot) MarshalJSON() ([]byte, error) {
+	signed, err := sp.ToSigned()
+	if err != nil {
+		return nil, err
+	}
+	return defaultSerializer.Marshal(signed)
+}
+
+// SnapshotFromSigned fully unpacks a Signed object into a SignedSnapshot
+func SnapshotFromSigned(s *Signed) (*SignedSnapshot, error) {
+	sp := Snapshot{}
+	if err := defaultSerializer.Unmarshal(*s.Signed, &sp); err != nil {
+		return nil, err
+	}
+	if err := isValidSnapshotStructure(sp); err != nil {
+		return nil, err
+	}
+	sigs := make([]Signature, len(s.Signatures))
+	copy(sigs, s.Signatures)
+	return &SignedSnapshot{
+		Signatures: sigs,
+		Signed:     sp,
+	}, nil
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/data/targets.go b/vendor/src/github.com/docker/notary/tuf/data/targets.go
new file mode 100644
index 00000000..43468d40
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/data/targets.go
@@ -0,0 +1,194 @@
+package data
+
+import (
+	"errors"
+	"fmt"
+	"path"
+
+	"github.com/docker/go/canonical/json"
+)
+
+// SignedTargets is a fully unpacked targets.json, or target delegation
+// json file
+type SignedTargets struct {
+	Signatures []Signature
+	Signed     Targets
+	Dirty      bool
+}
+
+// Targets is the Signed components of a targets.json or delegation json file
+type Targets struct {
+	SignedCommon
+	Targets     Files       `json:"targets"`
+	Delegations Delegations `json:"delegations,omitempty"`
+}
+
+// isValidTargetsStructure returns an error, or nil, depending on whether the content of the struct
+// is valid for targets metadata.  This does not check signatures or expiry, just that
+// the metadata content is valid.
+func isValidTargetsStructure(t Targets, roleName string) error {
+	if roleName != CanonicalTargetsRole && !IsDelegation(roleName) {
+		return ErrInvalidRole{Role: roleName}
+	}
+
+	// even if it's a delegated role, the metadata type is "Targets"
+	expectedType := TUFTypes[CanonicalTargetsRole]
+	if t.Type != expectedType {
+		return ErrInvalidMetadata{
+			role: roleName, msg: fmt.Sprintf("expected type %s, not %s", expectedType, t.Type)}
+	}
+
+	for _, roleObj := range t.Delegations.Roles {
+		if !IsDelegation(roleObj.Name) || path.Dir(roleObj.Name) != roleName {
+			return ErrInvalidMetadata{
+				role: roleName, msg: fmt.Sprintf("delegation role %s invalid", roleObj.Name)}
+		}
+		if err := isValidRootRoleStructure(roleName, roleObj.Name, roleObj.RootRole, t.Delegations.Keys); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// NewTargets intiializes a new empty SignedTargets object
+func NewTargets() *SignedTargets {
+	return &SignedTargets{
+		Signatures: make([]Signature, 0),
+		Signed: Targets{
+			SignedCommon: SignedCommon{
+				Type:    TUFTypes["targets"],
+				Version: 0,
+				Expires: DefaultExpires("targets"),
+			},
+			Targets:     make(Files),
+			Delegations: *NewDelegations(),
+		},
+		Dirty: true,
+	}
+}
+
+// GetMeta attempts to find the targets entry for the path. It
+// will return nil in the case of the target not being found.
+func (t SignedTargets) GetMeta(path string) *FileMeta {
+	for p, meta := range t.Signed.Targets {
+		if p == path {
+			return &meta
+		}
+	}
+	return nil
+}
+
+// GetValidDelegations filters the delegation roles specified in the signed targets, and
+// only returns roles that are direct children and restricts their paths
+func (t SignedTargets) GetValidDelegations(parent DelegationRole) []DelegationRole {
+	roles := t.buildDelegationRoles()
+	result := []DelegationRole{}
+	for _, r := range roles {
+		validRole, err := parent.Restrict(r)
+		if err != nil {
+			continue
+		}
+		result = append(result, validRole)
+	}
+	return result
+}
+
+// BuildDelegationRole returns a copy of a DelegationRole using the information in this SignedTargets for the specified role name.
+// Will error for invalid role name or key metadata within this SignedTargets.  Path data is not validated.
+func (t *SignedTargets) BuildDelegationRole(roleName string) (DelegationRole, error) {
+	for _, role := range t.Signed.Delegations.Roles {
+		if role.Name == roleName {
+			pubKeys := make(map[string]PublicKey)
+			for _, keyID := range role.KeyIDs {
+				pubKey, ok := t.Signed.Delegations.Keys[keyID]
+				if !ok {
+					// Couldn't retrieve all keys, so stop walking and return invalid role
+					return DelegationRole{}, ErrInvalidRole{Role: roleName, Reason: "delegation does not exist with all specified keys"}
+				}
+				pubKeys[keyID] = pubKey
+			}
+			return DelegationRole{
+				BaseRole: BaseRole{
+					Name:      role.Name,
+					Keys:      pubKeys,
+					Threshold: role.Threshold,
+				},
+				Paths: role.Paths,
+			}, nil
+		}
+	}
+	return DelegationRole{}, ErrNoSuchRole{Role: roleName}
+}
+
+// helper function to create DelegationRole structures from all delegations in a SignedTargets,
+// these delegations are read directly from the SignedTargets and not modified or validated
+func (t SignedTargets) buildDelegationRoles() []DelegationRole {
+	var roles []DelegationRole
+	for _, roleData := range t.Signed.Delegations.Roles {
+		delgRole, err := t.BuildDelegationRole(roleData.Name)
+		if err != nil {
+			continue
+		}
+		roles = append(roles, delgRole)
+	}
+	return roles
+}
+
+// AddTarget adds or updates the meta for the given path
+func (t *SignedTargets) AddTarget(path string, meta FileMeta) {
+	t.Signed.Targets[path] = meta
+	t.Dirty = true
+}
+
+// AddDelegation will add a new delegated role with the given keys,
+// ensuring the keys either already exist, or are added to the map
+// of delegation keys
+func (t *SignedTargets) AddDelegation(role *Role, keys []*PublicKey) error {
+	return errors.New("Not Implemented")
+}
+
+// ToSigned partially serializes a SignedTargets for further signing
+func (t *SignedTargets) ToSigned() (*Signed, error) {
+	s, err := defaultSerializer.MarshalCanonical(t.Signed)
+	if err != nil {
+		return nil, err
+	}
+	signed := json.RawMessage{}
+	err = signed.UnmarshalJSON(s)
+	if err != nil {
+		return nil, err
+	}
+	sigs := make([]Signature, len(t.Signatures))
+	copy(sigs, t.Signatures)
+	return &Signed{
+		Signatures: sigs,
+		Signed:     &signed,
+	}, nil
+}
+
+// MarshalJSON returns the serialized form of SignedTargets as bytes
+func (t *SignedTargets) MarshalJSON() ([]byte, error) {
+	signed, err := t.ToSigned()
+	if err != nil {
+		return nil, err
+	}
+	return defaultSerializer.Marshal(signed)
+}
+
+// TargetsFromSigned fully unpacks a Signed object into a SignedTargets, given
+// a role name (so it can validate the SignedTargets object)
+func TargetsFromSigned(s *Signed, roleName string) (*SignedTargets, error) {
+	t := Targets{}
+	if err := defaultSerializer.Unmarshal(*s.Signed, &t); err != nil {
+		return nil, err
+	}
+	if err := isValidTargetsStructure(t, roleName); err != nil {
+		return nil, err
+	}
+	sigs := make([]Signature, len(s.Signatures))
+	copy(sigs, s.Signatures)
+	return &SignedTargets{
+		Signatures: sigs,
+		Signed:     t,
+	}, nil
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/data/timestamp.go b/vendor/src/github.com/docker/notary/tuf/data/timestamp.go
new file mode 100644
index 00000000..cc75e0e7
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/data/timestamp.go
@@ -0,0 +1,132 @@
+package data
+
+import (
+	"bytes"
+	"fmt"
+	"time"
+
+	"github.com/docker/go/canonical/json"
+	"github.com/docker/notary"
+)
+
+// SignedTimestamp is a fully unpacked timestamp.json
+type SignedTimestamp struct {
+	Signatures []Signature
+	Signed     Timestamp
+	Dirty      bool
+}
+
+// Timestamp is the Signed component of a timestamp.json
+type Timestamp struct {
+	Type    string    `json:"_type"`
+	Version int       `json:"version"`
+	Expires time.Time `json:"expires"`
+	Meta    Files     `json:"meta"`
+}
+
+// isValidTimestampStructure returns an error, or nil, depending on whether the content of the struct
+// is valid for timestamp metadata.  This does not check signatures or expiry, just that
+// the metadata content is valid.
+func isValidTimestampStructure(t Timestamp) error {
+	expectedType := TUFTypes[CanonicalTimestampRole]
+	if t.Type != expectedType {
+		return ErrInvalidMetadata{
+			role: CanonicalTimestampRole, msg: fmt.Sprintf("expected type %s, not %s", expectedType, t.Type)}
+	}
+
+	// Meta is a map of FileMeta, so if the role isn't in the map it returns
+	// an empty FileMeta, which has an empty map, and you can check on keys
+	// from an empty map.
+	//
+	// For now sha256 is required and sha512 is not.
+	if _, ok := t.Meta[CanonicalSnapshotRole].Hashes[notary.SHA256]; !ok {
+		return ErrInvalidMetadata{
+			role: CanonicalTimestampRole, msg: "missing snapshot sha256 checksum information"}
+	}
+	if err := CheckValidHashStructures(t.Meta[CanonicalSnapshotRole].Hashes); err != nil {
+		return ErrInvalidMetadata{
+			role: CanonicalTimestampRole, msg: fmt.Sprintf("invalid snapshot checksum information, %v", err)}
+	}
+
+	return nil
+}
+
+// NewTimestamp initializes a timestamp with an existing snapshot
+func NewTimestamp(snapshot *Signed) (*SignedTimestamp, error) {
+	snapshotJSON, err := json.Marshal(snapshot)
+	if err != nil {
+		return nil, err
+	}
+	snapshotMeta, err := NewFileMeta(bytes.NewReader(snapshotJSON), NotaryDefaultHashes...)
+	if err != nil {
+		return nil, err
+	}
+	return &SignedTimestamp{
+		Signatures: make([]Signature, 0),
+		Signed: Timestamp{
+			Type:    TUFTypes["timestamp"],
+			Version: 0,
+			Expires: DefaultExpires("timestamp"),
+			Meta: Files{
+				CanonicalSnapshotRole: snapshotMeta,
+			},
+		},
+	}, nil
+}
+
+// ToSigned partially serializes a SignedTimestamp such that it can
+// be signed
+func (ts *SignedTimestamp) ToSigned() (*Signed, error) {
+	s, err := defaultSerializer.MarshalCanonical(ts.Signed)
+	if err != nil {
+		return nil, err
+	}
+	signed := json.RawMessage{}
+	err = signed.UnmarshalJSON(s)
+	if err != nil {
+		return nil, err
+	}
+	sigs := make([]Signature, len(ts.Signatures))
+	copy(sigs, ts.Signatures)
+	return &Signed{
+		Signatures: sigs,
+		Signed:     &signed,
+	}, nil
+}
+
+// GetSnapshot gets the expected snapshot metadata hashes in the timestamp metadata,
+// or nil if it doesn't exist
+func (ts *SignedTimestamp) GetSnapshot() (*FileMeta, error) {
+	snapshotExpected, ok := ts.Signed.Meta[CanonicalSnapshotRole]
+	if !ok {
+		return nil, ErrMissingMeta{Role: CanonicalSnapshotRole}
+	}
+	return &snapshotExpected, nil
+}
+
+// MarshalJSON returns the serialized form of SignedTimestamp as bytes
+func (ts *SignedTimestamp) MarshalJSON() ([]byte, error) {
+	signed, err := ts.ToSigned()
+	if err != nil {
+		return nil, err
+	}
+	return defaultSerializer.Marshal(signed)
+}
+
+// TimestampFromSigned parsed a Signed object into a fully unpacked
+// SignedTimestamp
+func TimestampFromSigned(s *Signed) (*SignedTimestamp, error) {
+	ts := Timestamp{}
+	if err := defaultSerializer.Unmarshal(*s.Signed, &ts); err != nil {
+		return nil, err
+	}
+	if err := isValidTimestampStructure(ts); err != nil {
+		return nil, err
+	}
+	sigs := make([]Signature, len(s.Signatures))
+	copy(sigs, s.Signatures)
+	return &SignedTimestamp{
+		Signatures: sigs,
+		Signed:     ts,
+	}, nil
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/data/types.go b/vendor/src/github.com/docker/notary/tuf/data/types.go
new file mode 100644
index 00000000..2a61b3f5
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/data/types.go
@@ -0,0 +1,275 @@
+package data
+
+import (
+	"crypto/sha256"
+	"crypto/sha512"
+	"crypto/subtle"
+	"fmt"
+	"hash"
+	"io"
+	"io/ioutil"
+	"strings"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/go/canonical/json"
+	"github.com/docker/notary"
+)
+
+// SigAlgorithm for types of signatures
+type SigAlgorithm string
+
+func (k SigAlgorithm) String() string {
+	return string(k)
+}
+
+const defaultHashAlgorithm = "sha256"
+
+// Signature types
+const (
+	EDDSASignature       SigAlgorithm = "eddsa"
+	RSAPSSSignature      SigAlgorithm = "rsapss"
+	RSAPKCS1v15Signature SigAlgorithm = "rsapkcs1v15"
+	ECDSASignature       SigAlgorithm = "ecdsa"
+	PyCryptoSignature    SigAlgorithm = "pycrypto-pkcs#1 pss"
+)
+
+// Key types
+const (
+	ED25519Key   = "ed25519"
+	RSAKey       = "rsa"
+	RSAx509Key   = "rsa-x509"
+	ECDSAKey     = "ecdsa"
+	ECDSAx509Key = "ecdsa-x509"
+)
+
+// TUFTypes is the set of metadata types
+var TUFTypes = map[string]string{
+	CanonicalRootRole:      "Root",
+	CanonicalTargetsRole:   "Targets",
+	CanonicalSnapshotRole:  "Snapshot",
+	CanonicalTimestampRole: "Timestamp",
+}
+
+// SetTUFTypes allows one to override some or all of the default
+// type names in TUF.
+func SetTUFTypes(ts map[string]string) {
+	for k, v := range ts {
+		TUFTypes[k] = v
+	}
+}
+
+// ValidTUFType checks if the given type is valid for the role
+func ValidTUFType(typ, role string) bool {
+	if ValidRole(role) {
+		// All targets delegation roles must have
+		// the valid type is for targets.
+		if role == "" {
+			// role is unknown and does not map to
+			// a type
+			return false
+		}
+		if strings.HasPrefix(role, CanonicalTargetsRole+"/") {
+			role = CanonicalTargetsRole
+		}
+	}
+	// most people will just use the defaults so have this optimal check
+	// first. Do comparison just in case there is some unknown vulnerability
+	// if a key and value in the map differ.
+	if v, ok := TUFTypes[role]; ok {
+		return typ == v
+	}
+	return false
+}
+
+// Signed is the high level, partially deserialized metadata object
+// used to verify signatures before fully unpacking, or to add signatures
+// before fully packing
+type Signed struct {
+	Signed     *json.RawMessage `json:"signed"`
+	Signatures []Signature      `json:"signatures"`
+}
+
+// SignedCommon contains the fields common to the Signed component of all
+// TUF metadata files
+type SignedCommon struct {
+	Type    string    `json:"_type"`
+	Expires time.Time `json:"expires"`
+	Version int       `json:"version"`
+}
+
+// SignedMeta is used in server validation where we only need signatures
+// and common fields
+type SignedMeta struct {
+	Signed     SignedCommon `json:"signed"`
+	Signatures []Signature  `json:"signatures"`
+}
+
+// Signature is a signature on a piece of metadata
+type Signature struct {
+	KeyID     string       `json:"keyid"`
+	Method    SigAlgorithm `json:"method"`
+	Signature []byte       `json:"sig"`
+}
+
+// Files is the map of paths to file meta container in targets and delegations
+// metadata files
+type Files map[string]FileMeta
+
+// Hashes is the map of hash type to digest created for each metadata
+// and target file
+type Hashes map[string][]byte
+
+// NotaryDefaultHashes contains the default supported hash algorithms.
+var NotaryDefaultHashes = []string{notary.SHA256, notary.SHA512}
+
+// FileMeta contains the size and hashes for a metadata or target file. Custom
+// data can be optionally added.
+type FileMeta struct {
+	Length int64            `json:"length"`
+	Hashes Hashes           `json:"hashes"`
+	Custom *json.RawMessage `json:"custom,omitempty"`
+}
+
+// CheckHashes verifies all the checksums specified by the "hashes" of the payload.
+func CheckHashes(payload []byte, hashes Hashes) error {
+	cnt := 0
+
+	// k, v indicate the hash algorithm and the corresponding value
+	for k, v := range hashes {
+		switch k {
+		case notary.SHA256:
+			checksum := sha256.Sum256(payload)
+			if subtle.ConstantTimeCompare(checksum[:], v) == 0 {
+				return fmt.Errorf("%s checksum mismatched", k)
+			}
+			cnt++
+		case notary.SHA512:
+			checksum := sha512.Sum512(payload)
+			if subtle.ConstantTimeCompare(checksum[:], v) == 0 {
+				return fmt.Errorf("%s checksum mismatched", k)
+			}
+			cnt++
+		}
+	}
+
+	if cnt == 0 {
+		return fmt.Errorf("at least one supported hash needed")
+	}
+
+	return nil
+}
+
+// CheckValidHashStructures returns an error, or nil, depending on whether
+// the content of the hashes is valid or not.
+func CheckValidHashStructures(hashes Hashes) error {
+	cnt := 0
+
+	for k, v := range hashes {
+		switch k {
+		case notary.SHA256:
+			if len(v) != sha256.Size {
+				return fmt.Errorf("invalid %s checksum", notary.SHA256)
+			}
+			cnt++
+		case notary.SHA512:
+			if len(v) != sha512.Size {
+				return fmt.Errorf("invalid %s checksum", notary.SHA512)
+			}
+			cnt++
+		}
+	}
+
+	if cnt == 0 {
+		return fmt.Errorf("at least one supported hash needed")
+	}
+
+	return nil
+}
+
+// NewFileMeta generates a FileMeta object from the reader, using the
+// hash algorithms provided
+func NewFileMeta(r io.Reader, hashAlgorithms ...string) (FileMeta, error) {
+	if len(hashAlgorithms) == 0 {
+		hashAlgorithms = []string{defaultHashAlgorithm}
+	}
+	hashes := make(map[string]hash.Hash, len(hashAlgorithms))
+	for _, hashAlgorithm := range hashAlgorithms {
+		var h hash.Hash
+		switch hashAlgorithm {
+		case notary.SHA256:
+			h = sha256.New()
+		case notary.SHA512:
+			h = sha512.New()
+		default:
+			return FileMeta{}, fmt.Errorf("Unknown hash algorithm: %s", hashAlgorithm)
+		}
+		hashes[hashAlgorithm] = h
+		r = io.TeeReader(r, h)
+	}
+	n, err := io.Copy(ioutil.Discard, r)
+	if err != nil {
+		return FileMeta{}, err
+	}
+	m := FileMeta{Length: n, Hashes: make(Hashes, len(hashes))}
+	for hashAlgorithm, h := range hashes {
+		m.Hashes[hashAlgorithm] = h.Sum(nil)
+	}
+	return m, nil
+}
+
+// Delegations holds a tier of targets delegations
+type Delegations struct {
+	Keys  Keys    `json:"keys"`
+	Roles []*Role `json:"roles"`
+}
+
+// NewDelegations initializes an empty Delegations object
+func NewDelegations() *Delegations {
+	return &Delegations{
+		Keys:  make(map[string]PublicKey),
+		Roles: make([]*Role, 0),
+	}
+}
+
+// These values are recommended TUF expiry times.
+var defaultExpiryTimes = map[string]time.Duration{
+	CanonicalRootRole:      notary.Year,
+	CanonicalTargetsRole:   90 * notary.Day,
+	CanonicalSnapshotRole:  7 * notary.Day,
+	CanonicalTimestampRole: notary.Day,
+}
+
+// SetDefaultExpiryTimes allows one to change the default expiries.
+func SetDefaultExpiryTimes(times map[string]time.Duration) {
+	for key, value := range times {
+		if _, ok := defaultExpiryTimes[key]; !ok {
+			logrus.Errorf("Attempted to set default expiry for an unknown role: %s", key)
+			continue
+		}
+		defaultExpiryTimes[key] = value
+	}
+}
+
+// DefaultExpires gets the default expiry time for the given role
+func DefaultExpires(role string) time.Time {
+	if d, ok := defaultExpiryTimes[role]; ok {
+		return time.Now().Add(d)
+	}
+	var t time.Time
+	return t.UTC().Round(time.Second)
+}
+
+type unmarshalledSignature Signature
+
+// UnmarshalJSON does a custom unmarshalling of the signature JSON
+func (s *Signature) UnmarshalJSON(data []byte) error {
+	uSignature := unmarshalledSignature{}
+	err := json.Unmarshal(data, &uSignature)
+	if err != nil {
+		return err
+	}
+	uSignature.Method = SigAlgorithm(strings.ToLower(string(uSignature.Method)))
+	*s = Signature(uSignature)
+	return nil
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/signed/ed25519.go b/vendor/src/github.com/docker/notary/tuf/signed/ed25519.go
new file mode 100644
index 00000000..bc884bdb
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/signed/ed25519.go
@@ -0,0 +1,107 @@
+package signed
+
+import (
+	"crypto/rand"
+	"errors"
+
+	"github.com/docker/notary/trustmanager"
+	"github.com/docker/notary/tuf/data"
+)
+
+type edCryptoKey struct {
+	role    string
+	privKey data.PrivateKey
+}
+
+// Ed25519 implements a simple in memory cryptosystem for ED25519 keys
+type Ed25519 struct {
+	keys map[string]edCryptoKey
+}
+
+// NewEd25519 initializes a new empty Ed25519 CryptoService that operates
+// entirely in memory
+func NewEd25519() *Ed25519 {
+	return &Ed25519{
+		make(map[string]edCryptoKey),
+	}
+}
+
+// AddKey allows you to add a private key
+func (e *Ed25519) AddKey(role, gun string, k data.PrivateKey) error {
+	e.addKey(role, k)
+	return nil
+}
+
+// addKey allows you to add a private key
+func (e *Ed25519) addKey(role string, k data.PrivateKey) {
+	e.keys[k.ID()] = edCryptoKey{
+		role:    role,
+		privKey: k,
+	}
+}
+
+// RemoveKey deletes a key from the signer
+func (e *Ed25519) RemoveKey(keyID string) error {
+	delete(e.keys, keyID)
+	return nil
+}
+
+// ListKeys returns the list of keys IDs for the role
+func (e *Ed25519) ListKeys(role string) []string {
+	keyIDs := make([]string, 0, len(e.keys))
+	for id, edCryptoKey := range e.keys {
+		if edCryptoKey.role == role {
+			keyIDs = append(keyIDs, id)
+		}
+	}
+	return keyIDs
+}
+
+// ListAllKeys returns the map of keys IDs to role
+func (e *Ed25519) ListAllKeys() map[string]string {
+	keys := make(map[string]string)
+	for id, edKey := range e.keys {
+		keys[id] = edKey.role
+	}
+	return keys
+}
+
+// Create generates a new key and returns the public part
+func (e *Ed25519) Create(role, gun, algorithm string) (data.PublicKey, error) {
+	if algorithm != data.ED25519Key {
+		return nil, errors.New("only ED25519 supported by this cryptoservice")
+	}
+
+	private, err := trustmanager.GenerateED25519Key(rand.Reader)
+	if err != nil {
+		return nil, err
+	}
+
+	e.addKey(role, private)
+	return data.PublicKeyFromPrivate(private), nil
+}
+
+// PublicKeys returns a map of public keys for the ids provided, when those IDs are found
+// in the store.
+func (e *Ed25519) PublicKeys(keyIDs ...string) (map[string]data.PublicKey, error) {
+	k := make(map[string]data.PublicKey)
+	for _, keyID := range keyIDs {
+		if edKey, ok := e.keys[keyID]; ok {
+			k[keyID] = data.PublicKeyFromPrivate(edKey.privKey)
+		}
+	}
+	return k, nil
+}
+
+// GetKey returns a single public key based on the ID
+func (e *Ed25519) GetKey(keyID string) data.PublicKey {
+	return data.PublicKeyFromPrivate(e.keys[keyID].privKey)
+}
+
+// GetPrivateKey returns a single private key and role if present, based on the ID
+func (e *Ed25519) GetPrivateKey(keyID string) (data.PrivateKey, string, error) {
+	if k, ok := e.keys[keyID]; ok {
+		return k.privKey, k.role, nil
+	}
+	return nil, "", trustmanager.ErrKeyNotFound{KeyID: keyID}
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/signed/errors.go b/vendor/src/github.com/docker/notary/tuf/signed/errors.go
new file mode 100644
index 00000000..2c5174be
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/signed/errors.go
@@ -0,0 +1,72 @@
+package signed
+
+import (
+	"fmt"
+	"strings"
+)
+
+// ErrInsufficientSignatures - do not have enough signatures on a piece of
+// metadata
+type ErrInsufficientSignatures struct {
+	Name string
+}
+
+func (e ErrInsufficientSignatures) Error() string {
+	return fmt.Sprintf("tuf: insufficient signatures: %s", e.Name)
+}
+
+// ErrExpired indicates a piece of metadata has expired
+type ErrExpired struct {
+	Role    string
+	Expired string
+}
+
+func (e ErrExpired) Error() string {
+	return fmt.Sprintf("%s expired at %v", e.Role, e.Expired)
+}
+
+// ErrLowVersion indicates the piece of metadata has a version number lower than
+// a version number we're already seen for this role
+type ErrLowVersion struct {
+	Actual  int
+	Current int
+}
+
+func (e ErrLowVersion) Error() string {
+	return fmt.Sprintf("version %d is lower than current version %d", e.Actual, e.Current)
+}
+
+// ErrRoleThreshold indicates we did not validate enough signatures to meet the threshold
+type ErrRoleThreshold struct{}
+
+func (e ErrRoleThreshold) Error() string {
+	return "valid signatures did not meet threshold"
+}
+
+// ErrInvalidKeyType indicates the types for the key and signature it's associated with are
+// mismatched. Probably a sign of malicious behaviour
+type ErrInvalidKeyType struct{}
+
+func (e ErrInvalidKeyType) Error() string {
+	return "key type is not valid for signature"
+}
+
+// ErrInvalidKeyLength indicates that while we may support the cipher, the provided
+// key length is not specifically supported, i.e. we support RSA, but not 1024 bit keys
+type ErrInvalidKeyLength struct {
+	msg string
+}
+
+func (e ErrInvalidKeyLength) Error() string {
+	return fmt.Sprintf("key length is not supported: %s", e.msg)
+}
+
+// ErrNoKeys indicates no signing keys were found when trying to sign
+type ErrNoKeys struct {
+	KeyIDs []string
+}
+
+func (e ErrNoKeys) Error() string {
+	return fmt.Sprintf("could not find necessary signing keys, at least one of these keys must be available: %s",
+		strings.Join(e.KeyIDs, ", "))
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/signed/interface.go b/vendor/src/github.com/docker/notary/tuf/signed/interface.go
new file mode 100644
index 00000000..2d6027e9
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/signed/interface.go
@@ -0,0 +1,46 @@
+package signed
+
+import (
+	"github.com/docker/notary/tuf/data"
+)
+
+// KeyService provides management of keys locally. It will never
+// accept or provide private keys. Communication between the KeyService
+// and a SigningService happen behind the Create function.
+type KeyService interface {
+	// Create issues a new key pair and is responsible for loading
+	// the private key into the appropriate signing service.
+	Create(role, gun, algorithm string) (data.PublicKey, error)
+
+	// AddKey adds a private key to the specified role and gun
+	AddKey(role, gun string, key data.PrivateKey) error
+
+	// GetKey retrieves the public key if present, otherwise it returns nil
+	GetKey(keyID string) data.PublicKey
+
+	// GetPrivateKey retrieves the private key and role if present, otherwise
+	// it returns nil
+	GetPrivateKey(keyID string) (data.PrivateKey, string, error)
+
+	// RemoveKey deletes the specified key
+	RemoveKey(keyID string) error
+
+	// ListKeys returns a list of key IDs for the role
+	ListKeys(role string) []string
+
+	// ListAllKeys returns a map of all available signing key IDs to role
+	ListAllKeys() map[string]string
+}
+
+// CryptoService is deprecated and all instances of its use should be
+// replaced with KeyService
+type CryptoService interface {
+	KeyService
+}
+
+// Verifier defines an interface for verfying signatures. An implementer
+// of this interface should verify signatures for one and only one
+// signing scheme.
+type Verifier interface {
+	Verify(key data.PublicKey, sig []byte, msg []byte) error
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/signed/sign.go b/vendor/src/github.com/docker/notary/tuf/signed/sign.go
new file mode 100644
index 00000000..52e716e0
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/signed/sign.go
@@ -0,0 +1,103 @@
+package signed
+
+// The Sign function is a choke point for all code paths that do signing.
+// We use this fact to do key ID translation. There are 2 types of key ID:
+//   - Scoped: the key ID based purely on the data that appears in the TUF
+//             files. This may be wrapped by a certificate that scopes the
+//             key to be used in a specific context.
+//   - Canonical: the key ID based purely on the public key bytes. This is
+//             used by keystores to easily identify keys that may be reused
+//             in many scoped locations.
+// Currently these types only differ in the context of Root Keys in Notary
+// for which the root key is wrapped using an x509 certificate.
+
+import (
+	"crypto/rand"
+	"fmt"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/notary/tuf/data"
+	"github.com/docker/notary/tuf/utils"
+)
+
+// Sign takes a data.Signed and a key, calculated and adds the signature
+// to the data.Signed
+// N.B. All public keys for a role should be passed so that this function
+//      can correctly clean up signatures that are no longer valid.
+func Sign(service CryptoService, s *data.Signed, keys ...data.PublicKey) error {
+	logrus.Debugf("sign called with %d keys", len(keys))
+	signatures := make([]data.Signature, 0, len(s.Signatures)+1)
+	signingKeyIDs := make(map[string]struct{})
+	tufIDs := make(map[string]data.PublicKey)
+	ids := make([]string, 0, len(keys))
+
+	privKeys := make(map[string]data.PrivateKey)
+
+	// Get all the private key objects related to the public keys
+	for _, key := range keys {
+		canonicalID, err := utils.CanonicalKeyID(key)
+		ids = append(ids, canonicalID)
+		tufIDs[key.ID()] = key
+		if err != nil {
+			continue
+		}
+		k, _, err := service.GetPrivateKey(canonicalID)
+		if err != nil {
+			continue
+		}
+		privKeys[key.ID()] = k
+	}
+
+	// Check to ensure we have at least one signing key
+	if len(privKeys) == 0 {
+		return ErrNoKeys{KeyIDs: ids}
+	}
+
+	// Do signing and generate list of signatures
+	for keyID, pk := range privKeys {
+		sig, err := pk.Sign(rand.Reader, *s.Signed, nil)
+		if err != nil {
+			logrus.Debugf("Failed to sign with key: %s. Reason: %v", keyID, err)
+			continue
+		}
+		signingKeyIDs[keyID] = struct{}{}
+		signatures = append(signatures, data.Signature{
+			KeyID:     keyID,
+			Method:    pk.SignatureAlgorithm(),
+			Signature: sig[:],
+		})
+	}
+
+	// Check we produced at least on signature
+	if len(signatures) < 1 {
+		return ErrInsufficientSignatures{
+			Name: fmt.Sprintf(
+				"cryptoservice failed to produce any signatures for keys with IDs: %v",
+				ids),
+		}
+	}
+
+	for _, sig := range s.Signatures {
+		if _, ok := signingKeyIDs[sig.KeyID]; ok {
+			// key is in the set of key IDs for which a signature has been created
+			continue
+		}
+		var (
+			k  data.PublicKey
+			ok bool
+		)
+		if k, ok = tufIDs[sig.KeyID]; !ok {
+			// key is no longer a valid signing key
+			continue
+		}
+		if err := VerifySignature(*s.Signed, sig, k); err != nil {
+			// signature is no longer valid
+			continue
+		}
+		// keep any signatures that still represent valid keys and are
+		// themselves valid
+		signatures = append(signatures, sig)
+	}
+	s.Signatures = signatures
+	return nil
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/signed/verifiers.go b/vendor/src/github.com/docker/notary/tuf/signed/verifiers.go
new file mode 100644
index 00000000..79218636
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/signed/verifiers.go
@@ -0,0 +1,283 @@
+package signed
+
+import (
+	"crypto"
+	"crypto/ecdsa"
+	"crypto/rsa"
+	"crypto/sha256"
+	"crypto/x509"
+	"encoding/pem"
+	"fmt"
+	"math/big"
+	"reflect"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/agl/ed25519"
+	"github.com/docker/notary/tuf/data"
+)
+
+const (
+	minRSAKeySizeBit  = 2048 // 2048 bits = 256 bytes
+	minRSAKeySizeByte = minRSAKeySizeBit / 8
+)
+
+// Verifiers serves as a map of all verifiers available on the system and
+// can be injected into a verificationService. For testing and configuration
+// purposes, it will not be used by default.
+var Verifiers = map[data.SigAlgorithm]Verifier{
+	data.RSAPSSSignature:      RSAPSSVerifier{},
+	data.RSAPKCS1v15Signature: RSAPKCS1v15Verifier{},
+	data.PyCryptoSignature:    RSAPyCryptoVerifier{},
+	data.ECDSASignature:       ECDSAVerifier{},
+	data.EDDSASignature:       Ed25519Verifier{},
+}
+
+// RegisterVerifier provides a convenience function for init() functions
+// to register additional verifiers or replace existing ones.
+func RegisterVerifier(algorithm data.SigAlgorithm, v Verifier) {
+	curr, ok := Verifiers[algorithm]
+	if ok {
+		typOld := reflect.TypeOf(curr)
+		typNew := reflect.TypeOf(v)
+		logrus.Debugf(
+			"replacing already loaded verifier %s:%s with %s:%s",
+			typOld.PkgPath(), typOld.Name(),
+			typNew.PkgPath(), typNew.Name(),
+		)
+	} else {
+		logrus.Debug("adding verifier for: ", algorithm)
+	}
+	Verifiers[algorithm] = v
+}
+
+// Ed25519Verifier used to verify Ed25519 signatures
+type Ed25519Verifier struct{}
+
+// Verify checks that an ed25519 signature is valid
+func (v Ed25519Verifier) Verify(key data.PublicKey, sig []byte, msg []byte) error {
+	if key.Algorithm() != data.ED25519Key {
+		return ErrInvalidKeyType{}
+	}
+	var sigBytes [ed25519.SignatureSize]byte
+	if len(sig) != ed25519.SignatureSize {
+		logrus.Debugf("signature length is incorrect, must be %d, was %d.", ed25519.SignatureSize, len(sig))
+		return ErrInvalid
+	}
+	copy(sigBytes[:], sig)
+
+	var keyBytes [ed25519.PublicKeySize]byte
+	pub := key.Public()
+	if len(pub) != ed25519.PublicKeySize {
+		logrus.Errorf("public key is incorrect size, must be %d, was %d.", ed25519.PublicKeySize, len(pub))
+		return ErrInvalidKeyLength{msg: fmt.Sprintf("ed25519 public key must be %d bytes.", ed25519.PublicKeySize)}
+	}
+	n := copy(keyBytes[:], key.Public())
+	if n < ed25519.PublicKeySize {
+		logrus.Errorf("failed to copy the key, must have %d bytes, copied %d bytes.", ed25519.PublicKeySize, n)
+		return ErrInvalid
+	}
+
+	if !ed25519.Verify(&keyBytes, msg, &sigBytes) {
+		logrus.Debugf("failed ed25519 verification")
+		return ErrInvalid
+	}
+	return nil
+}
+
+func verifyPSS(key interface{}, digest, sig []byte) error {
+	rsaPub, ok := key.(*rsa.PublicKey)
+	if !ok {
+		logrus.Debugf("value was not an RSA public key")
+		return ErrInvalid
+	}
+
+	if rsaPub.N.BitLen() < minRSAKeySizeBit {
+		logrus.Debugf("RSA keys less than 2048 bits are not acceptable, provided key has length %d.", rsaPub.N.BitLen())
+		return ErrInvalidKeyLength{msg: fmt.Sprintf("RSA key must be at least %d bits.", minRSAKeySizeBit)}
+	}
+
+	if len(sig) < minRSAKeySizeByte {
+		logrus.Debugf("RSA keys less than 2048 bits are not acceptable, provided signature has length %d.", len(sig))
+		return ErrInvalid
+	}
+
+	opts := rsa.PSSOptions{SaltLength: sha256.Size, Hash: crypto.SHA256}
+	if err := rsa.VerifyPSS(rsaPub, crypto.SHA256, digest[:], sig, &opts); err != nil {
+		logrus.Debugf("failed RSAPSS verification: %s", err)
+		return ErrInvalid
+	}
+	return nil
+}
+
+func getRSAPubKey(key data.PublicKey) (crypto.PublicKey, error) {
+	algorithm := key.Algorithm()
+	var pubKey crypto.PublicKey
+
+	switch algorithm {
+	case data.RSAx509Key:
+		pemCert, _ := pem.Decode([]byte(key.Public()))
+		if pemCert == nil {
+			logrus.Debugf("failed to decode PEM-encoded x509 certificate")
+			return nil, ErrInvalid
+		}
+		cert, err := x509.ParseCertificate(pemCert.Bytes)
+		if err != nil {
+			logrus.Debugf("failed to parse x509 certificate: %s\n", err)
+			return nil, ErrInvalid
+		}
+		pubKey = cert.PublicKey
+	case data.RSAKey:
+		var err error
+		pubKey, err = x509.ParsePKIXPublicKey(key.Public())
+		if err != nil {
+			logrus.Debugf("failed to parse public key: %s\n", err)
+			return nil, ErrInvalid
+		}
+	default:
+		// only accept RSA keys
+		logrus.Debugf("invalid key type for RSAPSS verifier: %s", algorithm)
+		return nil, ErrInvalidKeyType{}
+	}
+
+	return pubKey, nil
+}
+
+// RSAPSSVerifier checks RSASSA-PSS signatures
+type RSAPSSVerifier struct{}
+
+// Verify does the actual check.
+func (v RSAPSSVerifier) Verify(key data.PublicKey, sig []byte, msg []byte) error {
+	// will return err if keytype is not a recognized RSA type
+	pubKey, err := getRSAPubKey(key)
+	if err != nil {
+		return err
+	}
+
+	digest := sha256.Sum256(msg)
+
+	return verifyPSS(pubKey, digest[:], sig)
+}
+
+// RSAPKCS1v15Verifier checks RSA PKCS1v15 signatures
+type RSAPKCS1v15Verifier struct{}
+
+// Verify does the actual verification
+func (v RSAPKCS1v15Verifier) Verify(key data.PublicKey, sig []byte, msg []byte) error {
+	// will return err if keytype is not a recognized RSA type
+	pubKey, err := getRSAPubKey(key)
+	if err != nil {
+		return err
+	}
+	digest := sha256.Sum256(msg)
+
+	rsaPub, ok := pubKey.(*rsa.PublicKey)
+	if !ok {
+		logrus.Debugf("value was not an RSA public key")
+		return ErrInvalid
+	}
+
+	if rsaPub.N.BitLen() < minRSAKeySizeBit {
+		logrus.Debugf("RSA keys less than 2048 bits are not acceptable, provided key has length %d.", rsaPub.N.BitLen())
+		return ErrInvalidKeyLength{msg: fmt.Sprintf("RSA key must be at least %d bits.", minRSAKeySizeBit)}
+	}
+
+	if len(sig) < minRSAKeySizeByte {
+		logrus.Debugf("RSA keys less than 2048 bits are not acceptable, provided signature has length %d.", len(sig))
+		return ErrInvalid
+	}
+
+	if err = rsa.VerifyPKCS1v15(rsaPub, crypto.SHA256, digest[:], sig); err != nil {
+		logrus.Errorf("Failed verification: %s", err.Error())
+		return ErrInvalid
+	}
+	return nil
+}
+
+// RSAPyCryptoVerifier checks RSASSA-PSS signatures
+type RSAPyCryptoVerifier struct{}
+
+// Verify does the actual check.
+// N.B. We have not been able to make this work in a way that is compatible
+// with PyCrypto.
+func (v RSAPyCryptoVerifier) Verify(key data.PublicKey, sig []byte, msg []byte) error {
+	digest := sha256.Sum256(msg)
+	if key.Algorithm() != data.RSAKey {
+		return ErrInvalidKeyType{}
+	}
+
+	k, _ := pem.Decode([]byte(key.Public()))
+	if k == nil {
+		logrus.Debugf("failed to decode PEM-encoded x509 certificate")
+		return ErrInvalid
+	}
+
+	pub, err := x509.ParsePKIXPublicKey(k.Bytes)
+	if err != nil {
+		logrus.Debugf("failed to parse public key: %s\n", err)
+		return ErrInvalid
+	}
+
+	return verifyPSS(pub, digest[:], sig)
+}
+
+// ECDSAVerifier checks ECDSA signatures, decoding the keyType appropriately
+type ECDSAVerifier struct{}
+
+// Verify does the actual check.
+func (v ECDSAVerifier) Verify(key data.PublicKey, sig []byte, msg []byte) error {
+	algorithm := key.Algorithm()
+	var pubKey crypto.PublicKey
+
+	switch algorithm {
+	case data.ECDSAx509Key:
+		pemCert, _ := pem.Decode([]byte(key.Public()))
+		if pemCert == nil {
+			logrus.Debugf("failed to decode PEM-encoded x509 certificate for keyID: %s", key.ID())
+			logrus.Debugf("certificate bytes: %s", string(key.Public()))
+			return ErrInvalid
+		}
+		cert, err := x509.ParseCertificate(pemCert.Bytes)
+		if err != nil {
+			logrus.Debugf("failed to parse x509 certificate: %s\n", err)
+			return ErrInvalid
+		}
+		pubKey = cert.PublicKey
+	case data.ECDSAKey:
+		var err error
+		pubKey, err = x509.ParsePKIXPublicKey(key.Public())
+		if err != nil {
+			logrus.Debugf("Failed to parse private key for keyID: %s, %s\n", key.ID(), err)
+			return ErrInvalid
+		}
+	default:
+		// only accept ECDSA keys.
+		logrus.Debugf("invalid key type for ECDSA verifier: %s", algorithm)
+		return ErrInvalidKeyType{}
+	}
+
+	ecdsaPubKey, ok := pubKey.(*ecdsa.PublicKey)
+	if !ok {
+		logrus.Debugf("value isn't an ECDSA public key")
+		return ErrInvalid
+	}
+
+	sigLength := len(sig)
+	expectedOctetLength := 2 * ((ecdsaPubKey.Params().BitSize + 7) >> 3)
+	if sigLength != expectedOctetLength {
+		logrus.Debugf("signature had an unexpected length")
+		return ErrInvalid
+	}
+
+	rBytes, sBytes := sig[:sigLength/2], sig[sigLength/2:]
+	r := new(big.Int).SetBytes(rBytes)
+	s := new(big.Int).SetBytes(sBytes)
+
+	digest := sha256.Sum256(msg)
+
+	if !ecdsa.Verify(ecdsaPubKey, digest[:], r, s) {
+		logrus.Debugf("failed ECDSA signature validation")
+		return ErrInvalid
+	}
+
+	return nil
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/signed/verify.go b/vendor/src/github.com/docker/notary/tuf/signed/verify.go
new file mode 100644
index 00000000..7e34e259
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/signed/verify.go
@@ -0,0 +1,155 @@
+package signed
+
+import (
+	"errors"
+	"fmt"
+	"strings"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/go/canonical/json"
+	"github.com/docker/notary/tuf/data"
+)
+
+// Various basic signing errors
+var (
+	ErrMissingKey   = errors.New("tuf: missing key")
+	ErrNoSignatures = errors.New("tuf: data has no signatures")
+	ErrInvalid      = errors.New("tuf: signature verification failed")
+	ErrWrongMethod  = errors.New("tuf: invalid signature type")
+	ErrUnknownRole  = errors.New("tuf: unknown role")
+	ErrWrongType    = errors.New("tuf: meta file has wrong type")
+)
+
+// VerifyRoot checks if a given root file is valid against a known set of keys.
+// Threshold is always assumed to be 1
+func VerifyRoot(s *data.Signed, minVersion int, keys map[string]data.PublicKey) error {
+	if len(s.Signatures) == 0 {
+		return ErrNoSignatures
+	}
+
+	var decoded map[string]interface{}
+	if err := json.Unmarshal(*s.Signed, &decoded); err != nil {
+		return err
+	}
+	msg, err := json.MarshalCanonical(decoded)
+	if err != nil {
+		return err
+	}
+
+	for _, sig := range s.Signatures {
+		// method lookup is consistent due to Unmarshal JSON doing lower case for us.
+		method := sig.Method
+		verifier, ok := Verifiers[method]
+		if !ok {
+			logrus.Debugf("continuing b/c signing method is not supported for verify root: %s\n", sig.Method)
+			continue
+		}
+
+		key, ok := keys[sig.KeyID]
+		if !ok {
+			logrus.Debugf("continuing b/c signing key isn't present in keys: %s\n", sig.KeyID)
+			continue
+		}
+
+		if err := verifier.Verify(key, sig.Signature, msg); err != nil {
+			logrus.Debugf("continuing b/c signature was invalid\n")
+			continue
+		}
+		// threshold of 1 so return on first success
+		return verifyMeta(s, data.CanonicalRootRole, minVersion)
+	}
+	return ErrRoleThreshold{}
+}
+
+// Verify checks the signatures and metadata (expiry, version) for the signed role
+// data
+func Verify(s *data.Signed, role data.BaseRole, minVersion int) error {
+	if err := verifyMeta(s, role.Name, minVersion); err != nil {
+		return err
+	}
+	return VerifySignatures(s, role)
+}
+
+func verifyMeta(s *data.Signed, role string, minVersion int) error {
+	sm := &data.SignedCommon{}
+	if err := json.Unmarshal(*s.Signed, sm); err != nil {
+		return err
+	}
+	if !data.ValidTUFType(sm.Type, role) {
+		return ErrWrongType
+	}
+	if IsExpired(sm.Expires) {
+		logrus.Errorf("Metadata for %s expired", role)
+		return ErrExpired{Role: role, Expired: sm.Expires.Format("Mon Jan 2 15:04:05 MST 2006")}
+	}
+	if sm.Version < minVersion {
+		return ErrLowVersion{sm.Version, minVersion}
+	}
+
+	return nil
+}
+
+// IsExpired checks if the given time passed before the present time
+func IsExpired(t time.Time) bool {
+	return t.Before(time.Now())
+}
+
+// VerifySignatures checks the we have sufficient valid signatures for the given role
+func VerifySignatures(s *data.Signed, roleData data.BaseRole) error {
+	if len(s.Signatures) == 0 {
+		return ErrNoSignatures
+	}
+
+	if roleData.Threshold < 1 {
+		return ErrRoleThreshold{}
+	}
+	logrus.Debugf("%s role has key IDs: %s", roleData.Name, strings.Join(roleData.ListKeyIDs(), ","))
+
+	// remarshal the signed part so we can verify the signature, since the signature has
+	// to be of a canonically marshalled signed object
+	var decoded map[string]interface{}
+	if err := json.Unmarshal(*s.Signed, &decoded); err != nil {
+		return err
+	}
+	msg, err := json.MarshalCanonical(decoded)
+	if err != nil {
+		return err
+	}
+
+	valid := make(map[string]struct{})
+	for _, sig := range s.Signatures {
+		logrus.Debug("verifying signature for key ID: ", sig.KeyID)
+		key, ok := roleData.Keys[sig.KeyID]
+		if !ok {
+			logrus.Debugf("continuing b/c keyid lookup was nil: %s\n", sig.KeyID)
+			continue
+		}
+		if err := VerifySignature(msg, sig, key); err != nil {
+			logrus.Debugf("continuing b/c %s", err.Error())
+			continue
+		}
+		valid[sig.KeyID] = struct{}{}
+
+	}
+	if len(valid) < roleData.Threshold {
+		return ErrRoleThreshold{}
+	}
+
+	return nil
+}
+
+// VerifySignature checks a single signature and public key against a payload
+func VerifySignature(msg []byte, sig data.Signature, pk data.PublicKey) error {
+	// method lookup is consistent due to Unmarshal JSON doing lower case for us.
+	method := sig.Method
+	verifier, ok := Verifiers[method]
+	if !ok {
+		return fmt.Errorf("signing method is not supported: %s\n", sig.Method)
+	}
+
+	if err := verifier.Verify(pk, sig.Signature, msg); err != nil {
+		return fmt.Errorf("signature was invalid\n")
+	}
+	return nil
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/store/errors.go b/vendor/src/github.com/docker/notary/tuf/store/errors.go
new file mode 100644
index 00000000..a7f63d6b
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/store/errors.go
@@ -0,0 +1,13 @@
+package store
+
+import "fmt"
+
+// ErrMetaNotFound indicates we did not find a particular piece
+// of metadata in the store
+type ErrMetaNotFound struct {
+	Resource string
+}
+
+func (err ErrMetaNotFound) Error() string {
+	return fmt.Sprintf("%s trust data unavailable.  Has a notary repository been initialized?", err.Resource)
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/store/filestore.go b/vendor/src/github.com/docker/notary/tuf/store/filestore.go
new file mode 100644
index 00000000..44401707
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/store/filestore.go
@@ -0,0 +1,101 @@
+package store
+
+import (
+	"fmt"
+	"github.com/docker/notary"
+	"io/ioutil"
+	"os"
+	"path"
+	"path/filepath"
+)
+
+// NewFilesystemStore creates a new store in a directory tree
+func NewFilesystemStore(baseDir, metaSubDir, metaExtension string) (*FilesystemStore, error) {
+	metaDir := path.Join(baseDir, metaSubDir)
+
+	// Make sure we can create the necessary dirs and they are writable
+	err := os.MkdirAll(metaDir, 0700)
+	if err != nil {
+		return nil, err
+	}
+
+	return &FilesystemStore{
+		baseDir:       baseDir,
+		metaDir:       metaDir,
+		metaExtension: metaExtension,
+	}, nil
+}
+
+// FilesystemStore is a store in a locally accessible directory
+type FilesystemStore struct {
+	baseDir       string
+	metaDir       string
+	metaExtension string
+}
+
+func (f *FilesystemStore) getPath(name string) string {
+	fileName := fmt.Sprintf("%s.%s", name, f.metaExtension)
+	return filepath.Join(f.metaDir, fileName)
+}
+
+// GetMeta returns the meta for the given name (a role) up to size bytes
+// If size is -1, this corresponds to "infinite," but we cut off at 100MB
+func (f *FilesystemStore) GetMeta(name string, size int64) ([]byte, error) {
+	meta, err := ioutil.ReadFile(f.getPath(name))
+	if err != nil {
+		if os.IsNotExist(err) {
+			err = ErrMetaNotFound{Resource: name}
+		}
+		return nil, err
+	}
+	if size == -1 {
+		size = notary.MaxDownloadSize
+	}
+	// Only return up to size bytes
+	if int64(len(meta)) < size {
+		return meta, nil
+	}
+	return meta[:size], nil
+}
+
+// SetMultiMeta sets the metadata for multiple roles in one operation
+func (f *FilesystemStore) SetMultiMeta(metas map[string][]byte) error {
+	for role, blob := range metas {
+		err := f.SetMeta(role, blob)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// SetMeta sets the meta for a single role
+func (f *FilesystemStore) SetMeta(name string, meta []byte) error {
+	fp := f.getPath(name)
+
+	// Ensures the parent directories of the file we are about to write exist
+	err := os.MkdirAll(filepath.Dir(fp), 0700)
+	if err != nil {
+		return err
+	}
+
+	// if something already exists, just delete it and re-write it
+	os.RemoveAll(fp)
+
+	// Write the file to disk
+	if err = ioutil.WriteFile(fp, meta, 0600); err != nil {
+		return err
+	}
+	return nil
+}
+
+// RemoveAll clears the existing filestore by removing its base directory
+func (f *FilesystemStore) RemoveAll() error {
+	return os.RemoveAll(f.baseDir)
+}
+
+// RemoveMeta removes the metadata for a single role - if the metadata doesn't
+// exist, no error is returned
+func (f *FilesystemStore) RemoveMeta(name string) error {
+	return os.RemoveAll(f.getPath(name)) // RemoveAll succeeds if path doesn't exist
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/store/httpstore.go b/vendor/src/github.com/docker/notary/tuf/store/httpstore.go
new file mode 100644
index 00000000..8b0d8501
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/store/httpstore.go
@@ -0,0 +1,296 @@
+// A Store that can fetch and set metadata on a remote server.
+// Some API constraints:
+// - Response bodies for error codes should be unmarshallable as:
+//   {"errors": [{..., "detail": <serialized validation error>}]}
+//   else validation error details, etc. will be unparsable.  The errors
+//   should have a github.com/docker/notary/tuf/validation/SerializableError
+//   in the Details field.
+//   If writing your own server, please have a look at
+//   github.com/docker/distribution/registry/api/errcode
+
+package store
+
+import (
+	"bytes"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"mime/multipart"
+	"net/http"
+	"net/url"
+	"path"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/notary"
+	"github.com/docker/notary/tuf/validation"
+)
+
+// ErrServerUnavailable indicates an error from the server. code allows us to
+// populate the http error we received
+type ErrServerUnavailable struct {
+	code int
+}
+
+func (err ErrServerUnavailable) Error() string {
+	if err.code == 401 {
+		return fmt.Sprintf("you are not authorized to perform this operation: server returned 401.")
+	}
+	return fmt.Sprintf("unable to reach trust server at this time: %d.", err.code)
+}
+
+// ErrMaliciousServer indicates the server returned a response that is highly suspected
+// of being malicious. i.e. it attempted to send us more data than the known size of a
+// particular role metadata.
+type ErrMaliciousServer struct{}
+
+func (err ErrMaliciousServer) Error() string {
+	return "trust server returned a bad response."
+}
+
+// ErrInvalidOperation indicates that the server returned a 400 response and
+// propagate any body we received.
+type ErrInvalidOperation struct {
+	msg string
+}
+
+func (err ErrInvalidOperation) Error() string {
+	if err.msg != "" {
+		return fmt.Sprintf("trust server rejected operation: %s", err.msg)
+	}
+	return "trust server rejected operation."
+}
+
+// HTTPStore manages pulling and pushing metadata from and to a remote
+// service over HTTP. It assumes the URL structure of the remote service
+// maps identically to the structure of the TUF repo:
+// <baseURL>/<metaPrefix>/(root|targets|snapshot|timestamp).json
+// <baseURL>/<targetsPrefix>/foo.sh
+//
+// If consistent snapshots are disabled, it is advised that caching is not
+// enabled. Simple set a cachePath (and ensure it's writeable) to enable
+// caching.
+type HTTPStore struct {
+	baseURL       url.URL
+	metaPrefix    string
+	metaExtension string
+	keyExtension  string
+	roundTrip     http.RoundTripper
+}
+
+// NewHTTPStore initializes a new store against a URL and a number of configuration options
+func NewHTTPStore(baseURL, metaPrefix, metaExtension, keyExtension string, roundTrip http.RoundTripper) (RemoteStore, error) {
+	base, err := url.Parse(baseURL)
+	if err != nil {
+		return nil, err
+	}
+	if !base.IsAbs() {
+		return nil, errors.New("HTTPStore requires an absolute baseURL")
+	}
+	if roundTrip == nil {
+		return &OfflineStore{}, nil
+	}
+	return &HTTPStore{
+		baseURL:       *base,
+		metaPrefix:    metaPrefix,
+		metaExtension: metaExtension,
+		keyExtension:  keyExtension,
+		roundTrip:     roundTrip,
+	}, nil
+}
+
+func tryUnmarshalError(resp *http.Response, defaultError error) error {
+	bodyBytes, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return defaultError
+	}
+	var parsedErrors struct {
+		Errors []struct {
+			Detail validation.SerializableError `json:"detail"`
+		} `json:"errors"`
+	}
+	if err := json.Unmarshal(bodyBytes, &parsedErrors); err != nil {
+		return defaultError
+	}
+	if len(parsedErrors.Errors) != 1 {
+		return defaultError
+	}
+	err = parsedErrors.Errors[0].Detail.Error
+	if err == nil {
+		return defaultError
+	}
+	return err
+}
+
+func translateStatusToError(resp *http.Response, resource string) error {
+	switch resp.StatusCode {
+	case http.StatusOK:
+		return nil
+	case http.StatusNotFound:
+		return ErrMetaNotFound{Resource: resource}
+	case http.StatusBadRequest:
+		return tryUnmarshalError(resp, ErrInvalidOperation{})
+	default:
+		return ErrServerUnavailable{code: resp.StatusCode}
+	}
+}
+
+// GetMeta downloads the named meta file with the given size. A short body
+// is acceptable because in the case of timestamp.json, the size is a cap,
+// not an exact length.
+// If size is -1, this corresponds to "infinite," but we cut off at 100MB
+func (s HTTPStore) GetMeta(name string, size int64) ([]byte, error) {
+	url, err := s.buildMetaURL(name)
+	if err != nil {
+		return nil, err
+	}
+	req, err := http.NewRequest("GET", url.String(), nil)
+	if err != nil {
+		return nil, err
+	}
+	resp, err := s.roundTrip.RoundTrip(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+	if err := translateStatusToError(resp, name); err != nil {
+		logrus.Debugf("received HTTP status %d when requesting %s.", resp.StatusCode, name)
+		return nil, err
+	}
+	if size == -1 {
+		size = notary.MaxDownloadSize
+	}
+	if resp.ContentLength > size {
+		return nil, ErrMaliciousServer{}
+	}
+	logrus.Debugf("%d when retrieving metadata for %s", resp.StatusCode, name)
+	b := io.LimitReader(resp.Body, size)
+	body, err := ioutil.ReadAll(b)
+	if err != nil {
+		return nil, err
+	}
+	return body, nil
+}
+
+// SetMeta uploads a piece of TUF metadata to the server
+func (s HTTPStore) SetMeta(name string, blob []byte) error {
+	url, err := s.buildMetaURL("")
+	if err != nil {
+		return err
+	}
+	req, err := http.NewRequest("POST", url.String(), bytes.NewReader(blob))
+	if err != nil {
+		return err
+	}
+	resp, err := s.roundTrip.RoundTrip(req)
+	if err != nil {
+		return err
+	}
+	defer resp.Body.Close()
+	return translateStatusToError(resp, "POST "+name)
+}
+
+// RemoveMeta always fails, because we should never be able to delete metadata
+// remotely
+func (s HTTPStore) RemoveMeta(name string) error {
+	return ErrInvalidOperation{msg: "cannot delete metadata"}
+}
+
+// NewMultiPartMetaRequest builds a request with the provided metadata updates
+// in multipart form
+func NewMultiPartMetaRequest(url string, metas map[string][]byte) (*http.Request, error) {
+	body := &bytes.Buffer{}
+	writer := multipart.NewWriter(body)
+	for role, blob := range metas {
+		part, err := writer.CreateFormFile("files", role)
+		_, err = io.Copy(part, bytes.NewBuffer(blob))
+		if err != nil {
+			return nil, err
+		}
+	}
+	err := writer.Close()
+	if err != nil {
+		return nil, err
+	}
+	req, err := http.NewRequest("POST", url, body)
+	if err != nil {
+		return nil, err
+	}
+	req.Header.Set("Content-Type", writer.FormDataContentType())
+	return req, nil
+}
+
+// SetMultiMeta does a single batch upload of multiple pieces of TUF metadata.
+// This should be preferred for updating a remote server as it enable the server
+// to remain consistent, either accepting or rejecting the complete update.
+func (s HTTPStore) SetMultiMeta(metas map[string][]byte) error {
+	url, err := s.buildMetaURL("")
+	if err != nil {
+		return err
+	}
+	req, err := NewMultiPartMetaRequest(url.String(), metas)
+	if err != nil {
+		return err
+	}
+	resp, err := s.roundTrip.RoundTrip(req)
+	if err != nil {
+		return err
+	}
+	defer resp.Body.Close()
+	// if this 404's something is pretty wrong
+	return translateStatusToError(resp, "POST metadata endpoint")
+}
+
+// RemoveAll in the interface is not supported, admins should use the DeleteHandler endpoint directly to delete remote data for a GUN
+func (s HTTPStore) RemoveAll() error {
+	return errors.New("remove all functionality not supported for HTTPStore")
+}
+
+func (s HTTPStore) buildMetaURL(name string) (*url.URL, error) {
+	var filename string
+	if name != "" {
+		filename = fmt.Sprintf("%s.%s", name, s.metaExtension)
+	}
+	uri := path.Join(s.metaPrefix, filename)
+	return s.buildURL(uri)
+}
+
+func (s HTTPStore) buildKeyURL(name string) (*url.URL, error) {
+	filename := fmt.Sprintf("%s.%s", name, s.keyExtension)
+	uri := path.Join(s.metaPrefix, filename)
+	return s.buildURL(uri)
+}
+
+func (s HTTPStore) buildURL(uri string) (*url.URL, error) {
+	sub, err := url.Parse(uri)
+	if err != nil {
+		return nil, err
+	}
+	return s.baseURL.ResolveReference(sub), nil
+}
+
+// GetKey retrieves a public key from the remote server
+func (s HTTPStore) GetKey(role string) ([]byte, error) {
+	url, err := s.buildKeyURL(role)
+	if err != nil {
+		return nil, err
+	}
+	req, err := http.NewRequest("GET", url.String(), nil)
+	if err != nil {
+		return nil, err
+	}
+	resp, err := s.roundTrip.RoundTrip(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+	if err := translateStatusToError(resp, role+" key"); err != nil {
+		return nil, err
+	}
+	body, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
+	return body, nil
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/store/interfaces.go b/vendor/src/github.com/docker/notary/tuf/store/interfaces.go
new file mode 100644
index 00000000..dd307168
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/store/interfaces.go
@@ -0,0 +1,28 @@
+package store
+
+// MetadataStore must be implemented by anything that intends to interact
+// with a store of TUF files
+type MetadataStore interface {
+	GetMeta(name string, size int64) ([]byte, error)
+	SetMeta(name string, blob []byte) error
+	SetMultiMeta(map[string][]byte) error
+	RemoveAll() error
+	RemoveMeta(name string) error
+}
+
+// PublicKeyStore must be implemented by a key service
+type PublicKeyStore interface {
+	GetKey(role string) ([]byte, error)
+}
+
+// LocalStore represents a local TUF sture
+type LocalStore interface {
+	MetadataStore
+}
+
+// RemoteStore is similar to LocalStore with the added expectation that it should
+// provide a way to download targets once located
+type RemoteStore interface {
+	MetadataStore
+	PublicKeyStore
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/store/memorystore.go b/vendor/src/github.com/docker/notary/tuf/store/memorystore.go
new file mode 100644
index 00000000..493bb6f0
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/store/memorystore.go
@@ -0,0 +1,106 @@
+package store
+
+import (
+	"crypto/sha256"
+	"fmt"
+
+	"github.com/docker/notary"
+	"github.com/docker/notary/tuf/data"
+	"github.com/docker/notary/tuf/utils"
+)
+
+// NewMemoryStore returns a MetadataStore that operates entirely in memory.
+// Very useful for testing
+func NewMemoryStore(meta map[string][]byte) *MemoryStore {
+	var consistent = make(map[string][]byte)
+	if meta == nil {
+		meta = make(map[string][]byte)
+	} else {
+		// add all seed meta to consistent
+		for name, data := range meta {
+			checksum := sha256.Sum256(data)
+			path := utils.ConsistentName(name, checksum[:])
+			consistent[path] = data
+		}
+	}
+	return &MemoryStore{
+		meta:       meta,
+		consistent: consistent,
+		keys:       make(map[string][]data.PrivateKey),
+	}
+}
+
+// MemoryStore implements a mock RemoteStore entirely in memory.
+// For testing purposes only.
+type MemoryStore struct {
+	meta       map[string][]byte
+	consistent map[string][]byte
+	keys       map[string][]data.PrivateKey
+}
+
+// GetMeta returns up to size bytes of data references by name.
+// If size is -1, this corresponds to "infinite," but we cut off at 100MB
+// as we will always know the size for everything but a timestamp and
+// sometimes a root, neither of which should be exceptionally large
+func (m *MemoryStore) GetMeta(name string, size int64) ([]byte, error) {
+	d, ok := m.meta[name]
+	if ok {
+		if size == -1 {
+			size = notary.MaxDownloadSize
+		}
+		if int64(len(d)) < size {
+			return d, nil
+		}
+		return d[:size], nil
+	}
+	d, ok = m.consistent[name]
+	if ok {
+		if int64(len(d)) < size {
+			return d, nil
+		}
+		return d[:size], nil
+	}
+	return nil, ErrMetaNotFound{Resource: name}
+}
+
+// SetMeta sets the metadata value for the given name
+func (m *MemoryStore) SetMeta(name string, meta []byte) error {
+	m.meta[name] = meta
+
+	checksum := sha256.Sum256(meta)
+	path := utils.ConsistentName(name, checksum[:])
+	m.consistent[path] = meta
+	return nil
+}
+
+// SetMultiMeta sets multiple pieces of metadata for multiple names
+// in a single operation.
+func (m *MemoryStore) SetMultiMeta(metas map[string][]byte) error {
+	for role, blob := range metas {
+		m.SetMeta(role, blob)
+	}
+	return nil
+}
+
+// RemoveMeta removes the metadata for a single role - if the metadata doesn't
+// exist, no error is returned
+func (m *MemoryStore) RemoveMeta(name string) error {
+	if meta, ok := m.meta[name]; ok {
+		checksum := sha256.Sum256(meta)
+		path := utils.ConsistentName(name, checksum[:])
+		delete(m.meta, name)
+		delete(m.consistent, path)
+	}
+	return nil
+}
+
+// GetKey returns the public key for the given role
+func (m *MemoryStore) GetKey(role string) ([]byte, error) {
+	return nil, fmt.Errorf("GetKey is not implemented for the MemoryStore")
+}
+
+// RemoveAll clears the existing memory store by setting this store as new empty one
+func (m *MemoryStore) RemoveAll() error {
+	*m = *NewMemoryStore(nil)
+	return nil
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/store/offlinestore.go b/vendor/src/github.com/docker/notary/tuf/store/offlinestore.go
new file mode 100644
index 00000000..b0f057b2
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/store/offlinestore.go
@@ -0,0 +1,53 @@
+package store
+
+import (
+	"io"
+)
+
+// ErrOffline is used to indicate we are operating offline
+type ErrOffline struct{}
+
+func (e ErrOffline) Error() string {
+	return "client is offline"
+}
+
+var err = ErrOffline{}
+
+// OfflineStore is to be used as a placeholder for a nil store. It simply
+// returns ErrOffline for every operation
+type OfflineStore struct{}
+
+// GetMeta returns ErrOffline
+func (es OfflineStore) GetMeta(name string, size int64) ([]byte, error) {
+	return nil, err
+}
+
+// SetMeta returns ErrOffline
+func (es OfflineStore) SetMeta(name string, blob []byte) error {
+	return err
+}
+
+// SetMultiMeta returns ErrOffline
+func (es OfflineStore) SetMultiMeta(map[string][]byte) error {
+	return err
+}
+
+// RemoveMeta returns ErrOffline
+func (es OfflineStore) RemoveMeta(name string) error {
+	return err
+}
+
+// GetKey returns ErrOffline
+func (es OfflineStore) GetKey(role string) ([]byte, error) {
+	return nil, err
+}
+
+// GetTarget returns ErrOffline
+func (es OfflineStore) GetTarget(path string) (io.ReadCloser, error) {
+	return nil, err
+}
+
+// RemoveAll return ErrOffline
+func (es OfflineStore) RemoveAll() error {
+	return err
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/tuf.go b/vendor/src/github.com/docker/notary/tuf/tuf.go
new file mode 100644
index 00000000..0cedf74e
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/tuf.go
@@ -0,0 +1,926 @@
+// Package tuf defines the core TUF logic around manipulating a repo.
+package tuf
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"path"
+	"strings"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/notary"
+	"github.com/docker/notary/tuf/data"
+	"github.com/docker/notary/tuf/signed"
+	"github.com/docker/notary/tuf/utils"
+)
+
+// ErrSigVerifyFail - signature verification failed
+type ErrSigVerifyFail struct{}
+
+func (e ErrSigVerifyFail) Error() string {
+	return "Error: Signature verification failed"
+}
+
+// ErrMetaExpired - metadata file has expired
+type ErrMetaExpired struct{}
+
+func (e ErrMetaExpired) Error() string {
+	return "Error: Metadata has expired"
+}
+
+// ErrLocalRootExpired - the local root file is out of date
+type ErrLocalRootExpired struct{}
+
+func (e ErrLocalRootExpired) Error() string {
+	return "Error: Local Root Has Expired"
+}
+
+// ErrNotLoaded - attempted to access data that has not been loaded into
+// the repo. This means specifically that the relevant JSON file has not
+// been loaded.
+type ErrNotLoaded struct {
+	Role string
+}
+
+func (err ErrNotLoaded) Error() string {
+	return fmt.Sprintf("%s role has not been loaded", err.Role)
+}
+
+// StopWalk - used by visitor functions to signal WalkTargets to stop walking
+type StopWalk struct{}
+
+// Repo is an in memory representation of the TUF Repo.
+// It operates at the data.Signed level, accepting and producing
+// data.Signed objects. Users of a Repo are responsible for
+// fetching raw JSON and using the Set* functions to populate
+// the Repo instance.
+type Repo struct {
+	Root          *data.SignedRoot
+	Targets       map[string]*data.SignedTargets
+	Snapshot      *data.SignedSnapshot
+	Timestamp     *data.SignedTimestamp
+	cryptoService signed.CryptoService
+}
+
+// NewRepo initializes a Repo instance with a CryptoService.
+// If the Repo will only be used for reading, the CryptoService
+// can be nil.
+func NewRepo(cryptoService signed.CryptoService) *Repo {
+	repo := &Repo{
+		Targets:       make(map[string]*data.SignedTargets),
+		cryptoService: cryptoService,
+	}
+	return repo
+}
+
+// AddBaseKeys is used to add keys to the role in root.json
+func (tr *Repo) AddBaseKeys(role string, keys ...data.PublicKey) error {
+	if tr.Root == nil {
+		return ErrNotLoaded{Role: data.CanonicalRootRole}
+	}
+	ids := []string{}
+	for _, k := range keys {
+		// Store only the public portion
+		tr.Root.Signed.Keys[k.ID()] = k
+		tr.Root.Signed.Roles[role].KeyIDs = append(tr.Root.Signed.Roles[role].KeyIDs, k.ID())
+		ids = append(ids, k.ID())
+	}
+	tr.Root.Dirty = true
+
+	// also, whichever role was switched out needs to be re-signed
+	// root has already been marked dirty
+	switch role {
+	case data.CanonicalSnapshotRole:
+		if tr.Snapshot != nil {
+			tr.Snapshot.Dirty = true
+		}
+	case data.CanonicalTargetsRole:
+		if target, ok := tr.Targets[data.CanonicalTargetsRole]; ok {
+			target.Dirty = true
+		}
+	case data.CanonicalTimestampRole:
+		if tr.Timestamp != nil {
+			tr.Timestamp.Dirty = true
+		}
+	}
+	return nil
+}
+
+// ReplaceBaseKeys is used to replace all keys for the given role with the new keys
+func (tr *Repo) ReplaceBaseKeys(role string, keys ...data.PublicKey) error {
+	r, err := tr.GetBaseRole(role)
+	if err != nil {
+		return err
+	}
+	err = tr.RemoveBaseKeys(role, r.ListKeyIDs()...)
+	if err != nil {
+		return err
+	}
+	return tr.AddBaseKeys(role, keys...)
+}
+
+// RemoveBaseKeys is used to remove keys from the roles in root.json
+func (tr *Repo) RemoveBaseKeys(role string, keyIDs ...string) error {
+	if tr.Root == nil {
+		return ErrNotLoaded{Role: data.CanonicalRootRole}
+	}
+	var keep []string
+	toDelete := make(map[string]struct{})
+	// remove keys from specified role
+	for _, k := range keyIDs {
+		toDelete[k] = struct{}{}
+		for _, rk := range tr.Root.Signed.Roles[role].KeyIDs {
+			if k != rk {
+				keep = append(keep, rk)
+			}
+		}
+	}
+	tr.Root.Signed.Roles[role].KeyIDs = keep
+
+	// determine which keys are no longer in use by any roles
+	for roleName, r := range tr.Root.Signed.Roles {
+		if roleName == role {
+			continue
+		}
+		for _, rk := range r.KeyIDs {
+			if _, ok := toDelete[rk]; ok {
+				delete(toDelete, rk)
+			}
+		}
+	}
+
+	// remove keys no longer in use by any roles
+	for k := range toDelete {
+		delete(tr.Root.Signed.Keys, k)
+		// remove the signing key from the cryptoservice if it
+		// isn't a root key. Root keys must be kept for rotation
+		// signing
+		if role != data.CanonicalRootRole {
+			tr.cryptoService.RemoveKey(k)
+		}
+	}
+	tr.Root.Dirty = true
+	return nil
+}
+
+// GetBaseRole gets a base role from this repo's metadata
+func (tr *Repo) GetBaseRole(name string) (data.BaseRole, error) {
+	if !data.ValidRole(name) {
+		return data.BaseRole{}, data.ErrInvalidRole{Role: name, Reason: "invalid base role name"}
+	}
+	if tr.Root == nil {
+		return data.BaseRole{}, ErrNotLoaded{data.CanonicalRootRole}
+	}
+	// Find the role data public keys for the base role from TUF metadata
+	baseRole, err := tr.Root.BuildBaseRole(name)
+	if err != nil {
+		return data.BaseRole{}, err
+	}
+
+	return baseRole, nil
+}
+
+// GetDelegationRole gets a delegation role from this repo's metadata, walking from the targets role down to the delegation itself
+func (tr *Repo) GetDelegationRole(name string) (data.DelegationRole, error) {
+	if !data.IsDelegation(name) {
+		return data.DelegationRole{}, data.ErrInvalidRole{Role: name, Reason: "invalid delegation name"}
+	}
+	if tr.Root == nil {
+		return data.DelegationRole{}, ErrNotLoaded{data.CanonicalRootRole}
+	}
+	_, ok := tr.Root.Signed.Roles[data.CanonicalTargetsRole]
+	if !ok {
+		return data.DelegationRole{}, ErrNotLoaded{data.CanonicalTargetsRole}
+	}
+	// Traverse target metadata, down to delegation itself
+	// Get all public keys for the base role from TUF metadata
+	_, ok = tr.Targets[data.CanonicalTargetsRole]
+	if !ok {
+		return data.DelegationRole{}, ErrNotLoaded{data.CanonicalTargetsRole}
+	}
+
+	// Start with top level roles in targets. Walk the chain of ancestors
+	// until finding the desired role, or we run out of targets files to search.
+	var foundRole *data.DelegationRole
+	buildDelegationRoleVisitor := func(tgt *data.SignedTargets, validRole data.DelegationRole) interface{} {
+		// Try to find the delegation and build a DelegationRole structure
+		for _, role := range tgt.Signed.Delegations.Roles {
+			if role.Name == name {
+				delgRole, err := tgt.BuildDelegationRole(name)
+				if err != nil {
+					return err
+				}
+				foundRole = &delgRole
+				return StopWalk{}
+			}
+		}
+		return nil
+	}
+
+	// Walk to the parent of this delegation, since that is where its role metadata exists
+	err := tr.WalkTargets("", path.Dir(name), buildDelegationRoleVisitor)
+	if err != nil {
+		return data.DelegationRole{}, err
+	}
+
+	// We never found the delegation. In the context of this repo it is considered
+	// invalid. N.B. it may be that it existed at one point but an ancestor has since
+	// been modified/removed.
+	if foundRole == nil {
+		return data.DelegationRole{}, data.ErrInvalidRole{Role: name, Reason: "delegation does not exist"}
+	}
+
+	return *foundRole, nil
+}
+
+// GetAllLoadedRoles returns a list of all role entries loaded in this TUF repo, could be empty
+func (tr *Repo) GetAllLoadedRoles() []*data.Role {
+	var res []*data.Role
+	if tr.Root == nil {
+		// if root isn't loaded, we should consider we have no loaded roles because we can't
+		// trust any other state that might be present
+		return res
+	}
+	for name, rr := range tr.Root.Signed.Roles {
+		res = append(res, &data.Role{
+			RootRole: *rr,
+			Name:     name,
+		})
+	}
+	for _, delegate := range tr.Targets {
+		for _, r := range delegate.Signed.Delegations.Roles {
+			res = append(res, r)
+		}
+	}
+	return res
+}
+
+// Walk to parent, and either create or update this delegation.  We can only create a new delegation if we're given keys
+// Ensure all updates are valid, by checking against parent ancestor paths and ensuring the keys meet the role threshold.
+func delegationUpdateVisitor(roleName string, addKeys data.KeyList, removeKeys, addPaths, removePaths []string, clearAllPaths bool, newThreshold int) walkVisitorFunc {
+	return func(tgt *data.SignedTargets, validRole data.DelegationRole) interface{} {
+		var err error
+		// Validate the changes underneath this restricted validRole for adding paths, reject invalid path additions
+		if len(addPaths) != len(data.RestrictDelegationPathPrefixes(validRole.Paths, addPaths)) {
+			return data.ErrInvalidRole{Role: roleName, Reason: "invalid paths to add to role"}
+		}
+		// Try to find the delegation and amend it using our changelist
+		var delgRole *data.Role
+		for _, role := range tgt.Signed.Delegations.Roles {
+			if role.Name == roleName {
+				// Make a copy and operate on this role until we validate the changes
+				keyIDCopy := make([]string, len(role.KeyIDs))
+				copy(keyIDCopy, role.KeyIDs)
+				pathsCopy := make([]string, len(role.Paths))
+				copy(pathsCopy, role.Paths)
+				delgRole = &data.Role{
+					RootRole: data.RootRole{
+						KeyIDs:    keyIDCopy,
+						Threshold: role.Threshold,
+					},
+					Name:  role.Name,
+					Paths: pathsCopy,
+				}
+				delgRole.RemovePaths(removePaths)
+				if clearAllPaths {
+					delgRole.Paths = []string{}
+				}
+				delgRole.AddPaths(addPaths)
+				delgRole.RemoveKeys(removeKeys)
+				break
+			}
+		}
+		// We didn't find the role earlier, so create it only if we have keys to add
+		if delgRole == nil {
+			if len(addKeys) > 0 {
+				delgRole, err = data.NewRole(roleName, newThreshold, addKeys.IDs(), addPaths)
+				if err != nil {
+					return err
+				}
+			} else {
+				// If we can't find the role and didn't specify keys to add, this is an error
+				return data.ErrInvalidRole{Role: roleName, Reason: "cannot create new delegation without keys"}
+			}
+		}
+		// Add the key IDs to the role and the keys themselves to the parent
+		for _, k := range addKeys {
+			if !utils.StrSliceContains(delgRole.KeyIDs, k.ID()) {
+				delgRole.KeyIDs = append(delgRole.KeyIDs, k.ID())
+			}
+		}
+		// Make sure we have a valid role still
+		if len(delgRole.KeyIDs) < delgRole.Threshold {
+			return data.ErrInvalidRole{Role: roleName, Reason: "insufficient keys to meet threshold"}
+		}
+		// NOTE: this closure CANNOT error after this point, as we've committed to editing the SignedTargets metadata in the repo object.
+		// Any errors related to updating this delegation must occur before this point.
+		// If all of our changes were valid, we should edit the actual SignedTargets to match our copy
+		for _, k := range addKeys {
+			tgt.Signed.Delegations.Keys[k.ID()] = k
+		}
+		foundAt := utils.FindRoleIndex(tgt.Signed.Delegations.Roles, delgRole.Name)
+		if foundAt < 0 {
+			tgt.Signed.Delegations.Roles = append(tgt.Signed.Delegations.Roles, delgRole)
+		} else {
+			tgt.Signed.Delegations.Roles[foundAt] = delgRole
+		}
+		tgt.Dirty = true
+		utils.RemoveUnusedKeys(tgt)
+		return StopWalk{}
+	}
+}
+
+// UpdateDelegationKeys updates the appropriate delegations, either adding
+// a new delegation or updating an existing one. If keys are
+// provided, the IDs will be added to the role (if they do not exist
+// there already), and the keys will be added to the targets file.
+func (tr *Repo) UpdateDelegationKeys(roleName string, addKeys data.KeyList, removeKeys []string, newThreshold int) error {
+	if !data.IsDelegation(roleName) {
+		return data.ErrInvalidRole{Role: roleName, Reason: "not a valid delegated role"}
+	}
+	parent := path.Dir(roleName)
+
+	if err := tr.VerifyCanSign(parent); err != nil {
+		return err
+	}
+
+	// check the parent role's metadata
+	_, ok := tr.Targets[parent]
+	if !ok { // the parent targetfile may not exist yet - if not, then create it
+		var err error
+		_, err = tr.InitTargets(parent)
+		if err != nil {
+			return err
+		}
+	}
+
+	// Walk to the parent of this delegation, since that is where its role metadata exists
+	// We do not have to verify that the walker reached its desired role in this scenario
+	// since we've already done another walk to the parent role in VerifyCanSign, and potentially made a targets file
+	err := tr.WalkTargets("", parent, delegationUpdateVisitor(roleName, addKeys, removeKeys, []string{}, []string{}, false, newThreshold))
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+// UpdateDelegationPaths updates the appropriate delegation's paths.
+// It is not allowed to create a new delegation.
+func (tr *Repo) UpdateDelegationPaths(roleName string, addPaths, removePaths []string, clearPaths bool) error {
+	if !data.IsDelegation(roleName) {
+		return data.ErrInvalidRole{Role: roleName, Reason: "not a valid delegated role"}
+	}
+	parent := path.Dir(roleName)
+
+	if err := tr.VerifyCanSign(parent); err != nil {
+		return err
+	}
+
+	// check the parent role's metadata
+	_, ok := tr.Targets[parent]
+	if !ok { // the parent targetfile may not exist yet
+		// if not, this is an error because a delegation must exist to edit only paths
+		return data.ErrInvalidRole{Role: roleName, Reason: "no valid delegated role exists"}
+	}
+
+	// Walk to the parent of this delegation, since that is where its role metadata exists
+	// We do not have to verify that the walker reached its desired role in this scenario
+	// since we've already done another walk to the parent role in VerifyCanSign
+	err := tr.WalkTargets("", parent, delegationUpdateVisitor(roleName, data.KeyList{}, []string{}, addPaths, removePaths, clearPaths, notary.MinThreshold))
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+// DeleteDelegation removes a delegated targets role from its parent
+// targets object. It also deletes the delegation from the snapshot.
+// DeleteDelegation will only make use of the role Name field.
+func (tr *Repo) DeleteDelegation(roleName string) error {
+	if !data.IsDelegation(roleName) {
+		return data.ErrInvalidRole{Role: roleName, Reason: "not a valid delegated role"}
+	}
+
+	parent := path.Dir(roleName)
+	if err := tr.VerifyCanSign(parent); err != nil {
+		return err
+	}
+
+	// delete delegated data from Targets map and Snapshot - if they don't
+	// exist, these are no-op
+	delete(tr.Targets, roleName)
+	tr.Snapshot.DeleteMeta(roleName)
+
+	p, ok := tr.Targets[parent]
+	if !ok {
+		// if there is no parent metadata (the role exists though), then this
+		// is as good as done.
+		return nil
+	}
+
+	foundAt := utils.FindRoleIndex(p.Signed.Delegations.Roles, roleName)
+
+	if foundAt >= 0 {
+		var roles []*data.Role
+		// slice out deleted role
+		roles = append(roles, p.Signed.Delegations.Roles[:foundAt]...)
+		if foundAt+1 < len(p.Signed.Delegations.Roles) {
+			roles = append(roles, p.Signed.Delegations.Roles[foundAt+1:]...)
+		}
+		p.Signed.Delegations.Roles = roles
+
+		utils.RemoveUnusedKeys(p)
+
+		p.Dirty = true
+	} // if the role wasn't found, it's a good as deleted
+
+	return nil
+}
+
+// InitRoot initializes an empty root file with the 4 core roles passed to the
+// method, and the consistent flag.
+func (tr *Repo) InitRoot(root, timestamp, snapshot, targets data.BaseRole, consistent bool) error {
+	rootRoles := make(map[string]*data.RootRole)
+	rootKeys := make(map[string]data.PublicKey)
+
+	for _, r := range []data.BaseRole{root, timestamp, snapshot, targets} {
+		rootRoles[r.Name] = &data.RootRole{
+			Threshold: r.Threshold,
+			KeyIDs:    r.ListKeyIDs(),
+		}
+		for kid, k := range r.Keys {
+			rootKeys[kid] = k
+		}
+	}
+	r, err := data.NewRoot(rootKeys, rootRoles, consistent)
+	if err != nil {
+		return err
+	}
+	tr.Root = r
+	return nil
+}
+
+// InitTargets initializes an empty targets, and returns the new empty target
+func (tr *Repo) InitTargets(role string) (*data.SignedTargets, error) {
+	if !data.IsDelegation(role) && role != data.CanonicalTargetsRole {
+		return nil, data.ErrInvalidRole{
+			Role:   role,
+			Reason: fmt.Sprintf("role is not a valid targets role name: %s", role),
+		}
+	}
+	targets := data.NewTargets()
+	tr.Targets[role] = targets
+	return targets, nil
+}
+
+// InitSnapshot initializes a snapshot based on the current root and targets
+func (tr *Repo) InitSnapshot() error {
+	if tr.Root == nil {
+		return ErrNotLoaded{Role: data.CanonicalRootRole}
+	}
+	root, err := tr.Root.ToSigned()
+	if err != nil {
+		return err
+	}
+
+	if _, ok := tr.Targets[data.CanonicalTargetsRole]; !ok {
+		return ErrNotLoaded{Role: data.CanonicalTargetsRole}
+	}
+	targets, err := tr.Targets[data.CanonicalTargetsRole].ToSigned()
+	if err != nil {
+		return err
+	}
+	snapshot, err := data.NewSnapshot(root, targets)
+	if err != nil {
+		return err
+	}
+	tr.Snapshot = snapshot
+	return nil
+}
+
+// InitTimestamp initializes a timestamp based on the current snapshot
+func (tr *Repo) InitTimestamp() error {
+	snap, err := tr.Snapshot.ToSigned()
+	if err != nil {
+		return err
+	}
+	timestamp, err := data.NewTimestamp(snap)
+	if err != nil {
+		return err
+	}
+
+	tr.Timestamp = timestamp
+	return nil
+}
+
+// SetRoot sets the Repo.Root field to the SignedRoot object.
+func (tr *Repo) SetRoot(s *data.SignedRoot) error {
+	tr.Root = s
+	return nil
+}
+
+// SetTimestamp parses the Signed object into a SignedTimestamp object
+// and sets the Repo.Timestamp field.
+func (tr *Repo) SetTimestamp(s *data.SignedTimestamp) error {
+	tr.Timestamp = s
+	return nil
+}
+
+// SetSnapshot parses the Signed object into a SignedSnapshots object
+// and sets the Repo.Snapshot field.
+func (tr *Repo) SetSnapshot(s *data.SignedSnapshot) error {
+	tr.Snapshot = s
+	return nil
+}
+
+// SetTargets sets the SignedTargets object agaist the role in the
+// Repo.Targets map.
+func (tr *Repo) SetTargets(role string, s *data.SignedTargets) error {
+	tr.Targets[role] = s
+	return nil
+}
+
+// TargetMeta returns the FileMeta entry for the given path in the
+// targets file associated with the given role. This may be nil if
+// the target isn't found in the targets file.
+func (tr Repo) TargetMeta(role, path string) *data.FileMeta {
+	if t, ok := tr.Targets[role]; ok {
+		if m, ok := t.Signed.Targets[path]; ok {
+			return &m
+		}
+	}
+	return nil
+}
+
+// TargetDelegations returns a slice of Roles that are valid publishers
+// for the target path provided.
+func (tr Repo) TargetDelegations(role, path string) []*data.Role {
+	var roles []*data.Role
+	if t, ok := tr.Targets[role]; ok {
+		for _, r := range t.Signed.Delegations.Roles {
+			if r.CheckPaths(path) {
+				roles = append(roles, r)
+			}
+		}
+	}
+	return roles
+}
+
+// VerifyCanSign returns nil if the role exists and we have at least one
+// signing key for the role, false otherwise.  This does not check that we have
+// enough signing keys to meet the threshold, since we want to support the use
+// case of multiple signers for a role.  It returns an error if the role doesn't
+// exist or if there are no signing keys.
+func (tr *Repo) VerifyCanSign(roleName string) error {
+	var (
+		role            data.BaseRole
+		err             error
+		canonicalKeyIDs []string
+	)
+	// we only need the BaseRole part of a delegation because we're just
+	// checking KeyIDs
+	if data.IsDelegation(roleName) {
+		r, err := tr.GetDelegationRole(roleName)
+		if err != nil {
+			return err
+		}
+		role = r.BaseRole
+	} else {
+		role, err = tr.GetBaseRole(roleName)
+	}
+	if err != nil {
+		return data.ErrInvalidRole{Role: roleName, Reason: "does not exist"}
+	}
+
+	for keyID, k := range role.Keys {
+		check := []string{keyID}
+		if canonicalID, err := utils.CanonicalKeyID(k); err == nil {
+			check = append(check, canonicalID)
+			canonicalKeyIDs = append(canonicalKeyIDs, canonicalID)
+		}
+		for _, id := range check {
+			p, _, err := tr.cryptoService.GetPrivateKey(id)
+			if err == nil && p != nil {
+				return nil
+			}
+		}
+	}
+	return signed.ErrNoKeys{KeyIDs: canonicalKeyIDs}
+}
+
+// used for walking the targets/delegations tree, potentially modifying the underlying SignedTargets for the repo
+type walkVisitorFunc func(*data.SignedTargets, data.DelegationRole) interface{}
+
+// WalkTargets will apply the specified visitor function to iteratively walk the targets/delegation metadata tree,
+// until receiving a StopWalk.  The walk starts from the base "targets" role, and searches for the correct targetPath and/or rolePath
+// to call the visitor function on.  Any roles passed into skipRoles will be excluded from the walk, as well as roles in those subtrees
+func (tr *Repo) WalkTargets(targetPath, rolePath string, visitTargets walkVisitorFunc, skipRoles ...string) error {
+	// Start with the base targets role, which implicitly has the "" targets path
+	targetsRole, err := tr.GetBaseRole(data.CanonicalTargetsRole)
+	if err != nil {
+		return err
+	}
+	// Make the targets role have the empty path, when we treat it as a delegation role
+	roles := []data.DelegationRole{
+		{
+			BaseRole: targetsRole,
+			Paths:    []string{""},
+		},
+	}
+
+	for len(roles) > 0 {
+		role := roles[0]
+		roles = roles[1:]
+
+		// Check the role metadata
+		signedTgt, ok := tr.Targets[role.Name]
+		if !ok {
+			// The role meta doesn't exist in the repo so continue onward
+			continue
+		}
+
+		// We're at a prefix of the desired role subtree, so add its delegation role children and continue walking
+		if strings.HasPrefix(rolePath, role.Name+"/") {
+			roles = append(roles, signedTgt.GetValidDelegations(role)...)
+			continue
+		}
+
+		// Determine whether to visit this role or not:
+		// If the paths validate against the specified targetPath and the rolePath is empty or is in the subtree
+		// Also check if we are choosing to skip visiting this role on this walk (see ListTargets and GetTargetByName priority)
+		if isValidPath(targetPath, role) && isAncestorRole(role.Name, rolePath) && !utils.StrSliceContains(skipRoles, role.Name) {
+			// If we had matching path or role name, visit this target and determine whether or not to keep walking
+			res := visitTargets(signedTgt, role)
+			switch typedRes := res.(type) {
+			case StopWalk:
+				// If the visitor function signalled a stop, return nil to finish the walk
+				return nil
+			case nil:
+				// If the visitor function signalled to continue, add this role's delegation to the walk
+				roles = append(roles, signedTgt.GetValidDelegations(role)...)
+			case error:
+				// Propagate any errors from the visitor
+				return typedRes
+			default:
+				// Return out with an error if we got a different result
+				return fmt.Errorf("unexpected return while walking: %v", res)
+			}
+
+		}
+	}
+	return nil
+}
+
+// helper function that returns whether the candidateChild role name is an ancestor or equal to the candidateAncestor role name
+// Will return true if given an empty candidateAncestor role name
+// The HasPrefix check is for determining whether the role name for candidateChild is a child (direct or further down the chain)
+// of candidateAncestor, for ex: candidateAncestor targets/a and candidateChild targets/a/b/c
+func isAncestorRole(candidateChild, candidateAncestor string) bool {
+	return candidateAncestor == "" || candidateAncestor == candidateChild || strings.HasPrefix(candidateChild, candidateAncestor+"/")
+}
+
+// helper function that returns whether the delegation Role is valid against the given path
+// Will return true if given an empty candidatePath
+func isValidPath(candidatePath string, delgRole data.DelegationRole) bool {
+	return candidatePath == "" || delgRole.CheckPaths(candidatePath)
+}
+
+// AddTargets will attempt to add the given targets specifically to
+// the directed role. If the metadata for the role doesn't exist yet,
+// AddTargets will create one.
+func (tr *Repo) AddTargets(role string, targets data.Files) (data.Files, error) {
+	err := tr.VerifyCanSign(role)
+	if err != nil {
+		return nil, err
+	}
+
+	// check existence of the role's metadata
+	_, ok := tr.Targets[role]
+	if !ok { // the targetfile may not exist yet - if not, then create it
+		var err error
+		_, err = tr.InitTargets(role)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	addedTargets := make(data.Files)
+	addTargetVisitor := func(targetPath string, targetMeta data.FileMeta) func(*data.SignedTargets, data.DelegationRole) interface{} {
+		return func(tgt *data.SignedTargets, validRole data.DelegationRole) interface{} {
+			// We've already validated the role's target path in our walk, so just modify the metadata
+			tgt.Signed.Targets[targetPath] = targetMeta
+			tgt.Dirty = true
+			// Also add to our new addedTargets map to keep track of every target we've added successfully
+			addedTargets[targetPath] = targetMeta
+			return StopWalk{}
+		}
+	}
+
+	// Walk the role tree while validating the target paths, and add all of our targets
+	for path, target := range targets {
+		tr.WalkTargets(path, role, addTargetVisitor(path, target))
+	}
+	if len(addedTargets) != len(targets) {
+		return nil, fmt.Errorf("Could not add all targets")
+	}
+	return nil, nil
+}
+
+// RemoveTargets removes the given target (paths) from the given target role (delegation)
+func (tr *Repo) RemoveTargets(role string, targets ...string) error {
+	if err := tr.VerifyCanSign(role); err != nil {
+		return err
+	}
+
+	removeTargetVisitor := func(targetPath string) func(*data.SignedTargets, data.DelegationRole) interface{} {
+		return func(tgt *data.SignedTargets, validRole data.DelegationRole) interface{} {
+			// We've already validated the role path in our walk, so just modify the metadata
+			// We don't check against the target path against the valid role paths because it's
+			// possible we got into an invalid state and are trying to fix it
+			delete(tgt.Signed.Targets, targetPath)
+			tgt.Dirty = true
+			return StopWalk{}
+		}
+	}
+
+	// if the role exists but metadata does not yet, then our work is done
+	_, ok := tr.Targets[role]
+	if ok {
+		for _, path := range targets {
+			tr.WalkTargets("", role, removeTargetVisitor(path))
+		}
+	}
+
+	return nil
+}
+
+// UpdateSnapshot updates the FileMeta for the given role based on the Signed object
+func (tr *Repo) UpdateSnapshot(role string, s *data.Signed) error {
+	jsonData, err := json.Marshal(s)
+	if err != nil {
+		return err
+	}
+	meta, err := data.NewFileMeta(bytes.NewReader(jsonData), data.NotaryDefaultHashes...)
+	if err != nil {
+		return err
+	}
+	tr.Snapshot.Signed.Meta[role] = meta
+	tr.Snapshot.Dirty = true
+	return nil
+}
+
+// UpdateTimestamp updates the snapshot meta in the timestamp based on the Signed object
+func (tr *Repo) UpdateTimestamp(s *data.Signed) error {
+	jsonData, err := json.Marshal(s)
+	if err != nil {
+		return err
+	}
+	meta, err := data.NewFileMeta(bytes.NewReader(jsonData), data.NotaryDefaultHashes...)
+	if err != nil {
+		return err
+	}
+	tr.Timestamp.Signed.Meta["snapshot"] = meta
+	tr.Timestamp.Dirty = true
+	return nil
+}
+
+// SignRoot signs the root
+func (tr *Repo) SignRoot(expires time.Time) (*data.Signed, error) {
+	logrus.Debug("signing root...")
+	tr.Root.Signed.Expires = expires
+	tr.Root.Signed.Version++
+	root, err := tr.GetBaseRole(data.CanonicalRootRole)
+	if err != nil {
+		return nil, err
+	}
+	signed, err := tr.Root.ToSigned()
+	if err != nil {
+		return nil, err
+	}
+	signed, err = tr.sign(signed, root)
+	if err != nil {
+		return nil, err
+	}
+	tr.Root.Signatures = signed.Signatures
+	return signed, nil
+}
+
+// SignTargets signs the targets file for the given top level or delegated targets role
+func (tr *Repo) SignTargets(role string, expires time.Time) (*data.Signed, error) {
+	logrus.Debugf("sign targets called for role %s", role)
+	if _, ok := tr.Targets[role]; !ok {
+		return nil, data.ErrInvalidRole{
+			Role:   role,
+			Reason: "SignTargets called with non-existant targets role",
+		}
+	}
+	tr.Targets[role].Signed.Expires = expires
+	tr.Targets[role].Signed.Version++
+	signed, err := tr.Targets[role].ToSigned()
+	if err != nil {
+		logrus.Debug("errored getting targets data.Signed object")
+		return nil, err
+	}
+
+	var targets data.BaseRole
+	if role == data.CanonicalTargetsRole {
+		targets, err = tr.GetBaseRole(role)
+	} else {
+		tr, err := tr.GetDelegationRole(role)
+		if err != nil {
+			return nil, err
+		}
+		targets = tr.BaseRole
+	}
+	if err != nil {
+		return nil, err
+	}
+
+	signed, err = tr.sign(signed, targets)
+	if err != nil {
+		logrus.Debug("errored signing ", role)
+		return nil, err
+	}
+	tr.Targets[role].Signatures = signed.Signatures
+	return signed, nil
+}
+
+// SignSnapshot updates the snapshot based on the current targets and root then signs it
+func (tr *Repo) SignSnapshot(expires time.Time) (*data.Signed, error) {
+	logrus.Debug("signing snapshot...")
+	signedRoot, err := tr.Root.ToSigned()
+	if err != nil {
+		return nil, err
+	}
+	err = tr.UpdateSnapshot("root", signedRoot)
+	if err != nil {
+		return nil, err
+	}
+	tr.Root.Dirty = false // root dirty until changes captures in snapshot
+	for role, targets := range tr.Targets {
+		signedTargets, err := targets.ToSigned()
+		if err != nil {
+			return nil, err
+		}
+		err = tr.UpdateSnapshot(role, signedTargets)
+		if err != nil {
+			return nil, err
+		}
+		targets.Dirty = false
+	}
+	tr.Snapshot.Signed.Expires = expires
+	tr.Snapshot.Signed.Version++
+	signed, err := tr.Snapshot.ToSigned()
+	if err != nil {
+		return nil, err
+	}
+	snapshot, err := tr.GetBaseRole(data.CanonicalSnapshotRole)
+	if err != nil {
+		return nil, err
+	}
+	signed, err = tr.sign(signed, snapshot)
+	if err != nil {
+		return nil, err
+	}
+	tr.Snapshot.Signatures = signed.Signatures
+	return signed, nil
+}
+
+// SignTimestamp updates the timestamp based on the current snapshot then signs it
+func (tr *Repo) SignTimestamp(expires time.Time) (*data.Signed, error) {
+	logrus.Debug("SignTimestamp")
+	signedSnapshot, err := tr.Snapshot.ToSigned()
+	if err != nil {
+		return nil, err
+	}
+	err = tr.UpdateTimestamp(signedSnapshot)
+	if err != nil {
+		return nil, err
+	}
+	tr.Timestamp.Signed.Expires = expires
+	tr.Timestamp.Signed.Version++
+	signed, err := tr.Timestamp.ToSigned()
+	if err != nil {
+		return nil, err
+	}
+	timestamp, err := tr.GetBaseRole(data.CanonicalTimestampRole)
+	if err != nil {
+		return nil, err
+	}
+	signed, err = tr.sign(signed, timestamp)
+	if err != nil {
+		return nil, err
+	}
+	tr.Timestamp.Signatures = signed.Signatures
+	tr.Snapshot.Dirty = false // snapshot is dirty until changes have been captured in timestamp
+	return signed, nil
+}
+
+func (tr Repo) sign(signedData *data.Signed, role data.BaseRole) (*data.Signed, error) {
+	if err := signed.Sign(tr.cryptoService, signedData, role.ListKeys()...); err != nil {
+		return nil, err
+	}
+	return signedData, nil
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/utils/role_sort.go b/vendor/src/github.com/docker/notary/tuf/utils/role_sort.go
new file mode 100644
index 00000000..368925c3
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/utils/role_sort.go
@@ -0,0 +1,31 @@
+package utils
+
+import (
+	"strings"
+)
+
+// RoleList is a list of roles
+type RoleList []string
+
+// Len returns the length of the list
+func (r RoleList) Len() int {
+	return len(r)
+}
+
+// Less returns true if the item at i should be sorted
+// before the item at j. It's an unstable partial ordering
+// based on the number of segments, separated by "/", in
+// the role name
+func (r RoleList) Less(i, j int) bool {
+	segsI := strings.Split(r[i], "/")
+	segsJ := strings.Split(r[j], "/")
+	if len(segsI) == len(segsJ) {
+		return r[i] < r[j]
+	}
+	return len(segsI) < len(segsJ)
+}
+
+// Swap the items at 2 locations in the list
+func (r RoleList) Swap(i, j int) {
+	r[i], r[j] = r[j], r[i]
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/utils/stack.go b/vendor/src/github.com/docker/notary/tuf/utils/stack.go
new file mode 100644
index 00000000..e79b5c86
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/utils/stack.go
@@ -0,0 +1,85 @@
+package utils
+
+import (
+	"fmt"
+	"sync"
+)
+
+// ErrEmptyStack is used when an action that requires some
+// content is invoked and the stack is empty
+type ErrEmptyStack struct {
+	action string
+}
+
+func (err ErrEmptyStack) Error() string {
+	return fmt.Sprintf("attempted to %s with empty stack", err.action)
+}
+
+// ErrBadTypeCast is used by PopX functions when the item
+// cannot be typed to X
+type ErrBadTypeCast struct{}
+
+func (err ErrBadTypeCast) Error() string {
+	return "attempted to do a typed pop and item was not of type"
+}
+
+// Stack is a simple type agnostic stack implementation
+type Stack struct {
+	s []interface{}
+	l sync.Mutex
+}
+
+// NewStack create a new stack
+func NewStack() *Stack {
+	s := &Stack{
+		s: make([]interface{}, 0),
+	}
+	return s
+}
+
+// Push adds an item to the top of the stack.
+func (s *Stack) Push(item interface{}) {
+	s.l.Lock()
+	defer s.l.Unlock()
+	s.s = append(s.s, item)
+}
+
+// Pop removes and returns the top item on the stack, or returns
+// ErrEmptyStack if the stack has no content
+func (s *Stack) Pop() (interface{}, error) {
+	s.l.Lock()
+	defer s.l.Unlock()
+	l := len(s.s)
+	if l > 0 {
+		item := s.s[l-1]
+		s.s = s.s[:l-1]
+		return item, nil
+	}
+	return nil, ErrEmptyStack{action: "Pop"}
+}
+
+// PopString attempts to cast the top item on the stack to the string type.
+// If this succeeds, it removes and returns the top item. If the item
+// is not of the string type, ErrBadTypeCast is returned. If the stack
+// is empty, ErrEmptyStack is returned
+func (s *Stack) PopString() (string, error) {
+	s.l.Lock()
+	defer s.l.Unlock()
+	l := len(s.s)
+	if l > 0 {
+		item := s.s[l-1]
+		if item, ok := item.(string); ok {
+			s.s = s.s[:l-1]
+			return item, nil
+		}
+		return "", ErrBadTypeCast{}
+	}
+	return "", ErrEmptyStack{action: "PopString"}
+}
+
+// Empty returns true if the stack is empty
+func (s *Stack) Empty() bool {
+	s.l.Lock()
+	defer s.l.Unlock()
+	return len(s.s) == 0
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/utils/util.go b/vendor/src/github.com/docker/notary/tuf/utils/util.go
new file mode 100644
index 00000000..fe5d5598
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/utils/util.go
@@ -0,0 +1,109 @@
+package utils
+
+import (
+	"crypto/hmac"
+	"encoding/hex"
+	"errors"
+	"fmt"
+	gopath "path"
+	"path/filepath"
+
+	"github.com/docker/notary/trustmanager"
+	"github.com/docker/notary/tuf/data"
+)
+
+// ErrWrongLength indicates the length was different to that expected
+var ErrWrongLength = errors.New("wrong length")
+
+// ErrWrongHash indicates the hash was different to that expected
+type ErrWrongHash struct {
+	Type     string
+	Expected []byte
+	Actual   []byte
+}
+
+// Error implements error interface
+func (e ErrWrongHash) Error() string {
+	return fmt.Sprintf("wrong %s hash, expected %#x got %#x", e.Type, e.Expected, e.Actual)
+}
+
+// ErrNoCommonHash indicates the metadata did not provide any hashes this
+// client recognizes
+type ErrNoCommonHash struct {
+	Expected data.Hashes
+	Actual   data.Hashes
+}
+
+// Error implements error interface
+func (e ErrNoCommonHash) Error() string {
+	types := func(a data.Hashes) []string {
+		t := make([]string, 0, len(a))
+		for typ := range a {
+			t = append(t, typ)
+		}
+		return t
+	}
+	return fmt.Sprintf("no common hash function, expected one of %s, got %s", types(e.Expected), types(e.Actual))
+}
+
+// ErrUnknownHashAlgorithm - client was ashed to use a hash algorithm
+// it is not familiar with
+type ErrUnknownHashAlgorithm struct {
+	Name string
+}
+
+// Error implements error interface
+func (e ErrUnknownHashAlgorithm) Error() string {
+	return fmt.Sprintf("unknown hash algorithm: %s", e.Name)
+}
+
+// PassphraseFunc type for func that request a passphrase
+type PassphraseFunc func(role string, confirm bool) ([]byte, error)
+
+// FileMetaEqual checks whether 2 FileMeta objects are consistent with eachother
+func FileMetaEqual(actual data.FileMeta, expected data.FileMeta) error {
+	if actual.Length != expected.Length {
+		return ErrWrongLength
+	}
+	hashChecked := false
+	for typ, hash := range expected.Hashes {
+		if h, ok := actual.Hashes[typ]; ok {
+			hashChecked = true
+			if !hmac.Equal(h, hash) {
+				return ErrWrongHash{typ, hash, h}
+			}
+		}
+	}
+	if !hashChecked {
+		return ErrNoCommonHash{expected.Hashes, actual.Hashes}
+	}
+	return nil
+}
+
+// NormalizeTarget adds a slash, if required, to the front of a target path
+func NormalizeTarget(path string) string {
+	return gopath.Join("/", path)
+}
+
+// HashedPaths prefixes the filename with the known hashes for the file,
+// returning a list of possible consistent paths.
+func HashedPaths(path string, hashes data.Hashes) []string {
+	paths := make([]string, 0, len(hashes))
+	for _, hash := range hashes {
+		hashedPath := filepath.Join(filepath.Dir(path), hex.EncodeToString(hash)+"."+filepath.Base(path))
+		paths = append(paths, hashedPath)
+	}
+	return paths
+}
+
+// CanonicalKeyID returns the ID of the public bytes version of a TUF key.
+// On regular RSA/ECDSA TUF keys, this is just the key ID.  On X509 RSA/ECDSA
+// TUF keys, this is the key ID of the public key part of the key.
+func CanonicalKeyID(k data.PublicKey) (string, error) {
+	switch k.Algorithm() {
+	case data.ECDSAx509Key, data.RSAx509Key:
+		return trustmanager.X509PublicKeyID(k)
+	default:
+		return k.ID(), nil
+	}
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/utils/utils.go b/vendor/src/github.com/docker/notary/tuf/utils/utils.go
new file mode 100644
index 00000000..8de72b67
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/utils/utils.go
@@ -0,0 +1,152 @@
+package utils
+
+import (
+	"crypto/sha256"
+	"crypto/sha512"
+	"crypto/tls"
+	"encoding/hex"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"os"
+	"strings"
+
+	"github.com/docker/notary/tuf/data"
+)
+
+// Download does a simple download from a URL
+func Download(url url.URL) (*http.Response, error) {
+	tr := &http.Transport{
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+	}
+	client := &http.Client{Transport: tr}
+	return client.Get(url.String())
+}
+
+// Upload does a simple JSON upload to a URL
+func Upload(url string, body io.Reader) (*http.Response, error) {
+	tr := &http.Transport{
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+	}
+	client := &http.Client{Transport: tr}
+	return client.Post(url, "application/json", body)
+}
+
+// StrSliceContains checks if the given string appears in the slice
+func StrSliceContains(ss []string, s string) bool {
+	for _, v := range ss {
+		if v == s {
+			return true
+		}
+	}
+	return false
+}
+
+// StrSliceRemove removes the the given string from the slice, returning a new slice
+func StrSliceRemove(ss []string, s string) []string {
+	res := []string{}
+	for _, v := range ss {
+		if v != s {
+			res = append(res, v)
+		}
+	}
+	return res
+}
+
+// StrSliceContainsI checks if the given string appears in the slice
+// in a case insensitive manner
+func StrSliceContainsI(ss []string, s string) bool {
+	s = strings.ToLower(s)
+	for _, v := range ss {
+		v = strings.ToLower(v)
+		if v == s {
+			return true
+		}
+	}
+	return false
+}
+
+// FileExists returns true if a file (or dir) exists at the given path,
+// false otherwise
+func FileExists(path string) bool {
+	_, err := os.Stat(path)
+	return os.IsNotExist(err)
+}
+
+// NoopCloser is a simple Reader wrapper that does nothing when Close is
+// called
+type NoopCloser struct {
+	io.Reader
+}
+
+// Close does nothing for a NoopCloser
+func (nc *NoopCloser) Close() error {
+	return nil
+}
+
+// DoHash returns the digest of d using the hashing algorithm named
+// in alg
+func DoHash(alg string, d []byte) []byte {
+	switch alg {
+	case "sha256":
+		digest := sha256.Sum256(d)
+		return digest[:]
+	case "sha512":
+		digest := sha512.Sum512(d)
+		return digest[:]
+	}
+	return nil
+}
+
+// UnusedDelegationKeys prunes a list of keys, returning those that are no
+// longer in use for a given targets file
+func UnusedDelegationKeys(t data.SignedTargets) []string {
+	// compare ids to all still active key ids in all active roles
+	// with the targets file
+	found := make(map[string]bool)
+	for _, r := range t.Signed.Delegations.Roles {
+		for _, id := range r.KeyIDs {
+			found[id] = true
+		}
+	}
+	var discard []string
+	for id := range t.Signed.Delegations.Keys {
+		if !found[id] {
+			discard = append(discard, id)
+		}
+	}
+	return discard
+}
+
+// RemoveUnusedKeys determines which keys in the slice of IDs are no longer
+// used in the given targets file and removes them from the delegated keys
+// map
+func RemoveUnusedKeys(t *data.SignedTargets) {
+	unusedIDs := UnusedDelegationKeys(*t)
+	for _, id := range unusedIDs {
+		delete(t.Signed.Delegations.Keys, id)
+	}
+}
+
+// FindRoleIndex returns the index of the role named <name> or -1 if no
+// matching role is found.
+func FindRoleIndex(rs []*data.Role, name string) int {
+	for i, r := range rs {
+		if r.Name == name {
+			return i
+		}
+	}
+	return -1
+}
+
+// ConsistentName generates the appropriate HTTP URL path for the role,
+// based on whether the repo is marked as consistent. The RemoteStore
+// is responsible for adding file extensions.
+func ConsistentName(role string, hashSha256 []byte) string {
+	if len(hashSha256) > 0 {
+		hash := hex.EncodeToString(hashSha256)
+		return fmt.Sprintf("%s.%s", role, hash)
+	}
+	return role
+}
diff --git a/vendor/src/github.com/docker/notary/tuf/validation/errors.go b/vendor/src/github.com/docker/notary/tuf/validation/errors.go
new file mode 100644
index 00000000..6cca0dfa
--- /dev/null
+++ b/vendor/src/github.com/docker/notary/tuf/validation/errors.go
@@ -0,0 +1,126 @@
+package validation
+
+import (
+	"encoding/json"
+	"fmt"
+)
+
+// VALIDATION ERRORS
+
+// ErrValidation represents a general validation error
+type ErrValidation struct {
+	Msg string
+}
+
+func (err ErrValidation) Error() string {
+	return fmt.Sprintf("An error occurred during validation: %s", err.Msg)
+}
+
+// ErrBadHierarchy represents missing metadata.  Currently: a missing snapshot
+// at this current time. When delegations are implemented it will also
+// represent a missing delegation parent
+type ErrBadHierarchy struct {
+	Missing string
+	Msg     string
+}
+
+func (err ErrBadHierarchy) Error() string {
+	return fmt.Sprintf("Metadata hierarchy is incomplete: %s", err.Msg)
+}
+
+// ErrBadRoot represents a failure validating the root
+type ErrBadRoot struct {
+	Msg string
+}
+
+func (err ErrBadRoot) Error() string {
+	return fmt.Sprintf("The root metadata is invalid: %s", err.Msg)
+}
+
+// ErrBadTargets represents a failure to validate a targets (incl delegations)
+type ErrBadTargets struct {
+	Msg string
+}
+
+func (err ErrBadTargets) Error() string {
+	return fmt.Sprintf("The targets metadata is invalid: %s", err.Msg)
+}
+
+// ErrBadSnapshot represents a failure to validate the snapshot
+type ErrBadSnapshot struct {
+	Msg string
+}
+
+func (err ErrBadSnapshot) Error() string {
+	return fmt.Sprintf("The snapshot metadata is invalid: %s", err.Msg)
+}
+
+// END VALIDATION ERRORS
+
+// SerializableError is a struct that can be used to serialize an error as JSON
+type SerializableError struct {
+	Name  string
+	Error error
+}
+
+// UnmarshalJSON attempts to unmarshal the error into the right type
+func (s *SerializableError) UnmarshalJSON(text []byte) (err error) {
+	var x struct{ Name string }
+	err = json.Unmarshal(text, &x)
+	if err != nil {
+		return
+	}
+	var theError error
+	switch x.Name {
+	case "ErrValidation":
+		var e struct{ Error ErrValidation }
+		err = json.Unmarshal(text, &e)
+		theError = e.Error
+	case "ErrBadHierarchy":
+		var e struct{ Error ErrBadHierarchy }
+		err = json.Unmarshal(text, &e)
+		theError = e.Error
+	case "ErrBadRoot":
+		var e struct{ Error ErrBadRoot }
+		err = json.Unmarshal(text, &e)
+		theError = e.Error
+	case "ErrBadTargets":
+		var e struct{ Error ErrBadTargets }
+		err = json.Unmarshal(text, &e)
+		theError = e.Error
+	case "ErrBadSnapshot":
+		var e struct{ Error ErrBadSnapshot }
+		err = json.Unmarshal(text, &e)
+		theError = e.Error
+	default:
+		err = fmt.Errorf("do not know how to unmarshal %s", x.Name)
+		return
+	}
+	if err != nil {
+		return
+	}
+	s.Name = x.Name
+	s.Error = theError
+	return nil
+}
+
+// NewSerializableError serializes one of the above errors into JSON
+func NewSerializableError(err error) (*SerializableError, error) {
+	// make sure it's one of our errors
+	var name string
+	switch err.(type) {
+	case ErrValidation:
+		name = "ErrValidation"
+	case ErrBadHierarchy:
+		name = "ErrBadHierarchy"
+	case ErrBadRoot:
+		name = "ErrBadRoot"
+	case ErrBadTargets:
+		name = "ErrBadTargets"
+	case ErrBadSnapshot:
+		name = "ErrBadSnapshot"
+	default:
+		return nil, fmt.Errorf("does not support serializing non-validation errors")
+	}
+	return &SerializableError{Name: name, Error: err}, nil
+}
diff --git a/volume/drivers/adapter.go b/volume/drivers/adapter.go
new file mode 100644
index 00000000..e7ca3d50
--- /dev/null
+++ b/volume/drivers/adapter.go
@@ -0,0 +1,106 @@
+package volumedrivers
+
+import (
+	"fmt"
+
+	"github.com/docker/docker/volume"
+)
+
+type volumeDriverAdapter struct {
+	name  string
+	proxy *volumeDriverProxy
+}
+
+func (a *volumeDriverAdapter) Name() string {
+	return a.name
+}
+
+func (a *volumeDriverAdapter) Create(name string, opts map[string]string) (volume.Volume, error) {
+	if err := a.proxy.Create(name, opts); err != nil {
+		return nil, err
+	}
+	return &volumeAdapter{
+		proxy:      a.proxy,
+		name:       name,
+		driverName: a.name,
+	}, nil
+}
+
+func (a *volumeDriverAdapter) Remove(v volume.Volume) error {
+	return a.proxy.Remove(v.Name())
+}
+
+func (a *volumeDriverAdapter) List() ([]volume.Volume, error) {
+	ls, err := a.proxy.List()
+	if err != nil {
+		return nil, err
+	}
+
+	var out []volume.Volume
+	for _, vp := range ls {
+		out = append(out, &volumeAdapter{
+			proxy:      a.proxy,
+			name:       vp.Name,
+			driverName: a.name,
+			eMount:     vp.Mountpoint,
+		})
+	}
+	return out, nil
+}
+
+func (a *volumeDriverAdapter) Get(name string) (volume.Volume, error) {
+	v, err := a.proxy.Get(name)
+	if err != nil {
+		return nil, err
+	}
+
+	// plugin may have returned no volume and no error
+	if v == nil {
+		return nil, fmt.Errorf("no such volume")
+	}
+
+	return &volumeAdapter{
+		proxy:      a.proxy,
+		name:       v.Name,
+		driverName: a.Name(),
+		eMount:     v.Mountpoint,
+	}, nil
+}
+
+type volumeAdapter struct {
+	proxy      *volumeDriverProxy
+	name       string
+	driverName string
+	eMount     string // ephemeral host volume path
+}
+
+type proxyVolume struct {
+	Name       string
+	Mountpoint string
+}
+
+func (a *volumeAdapter) Name() string {
+	return a.name
+}
+
+func (a *volumeAdapter) DriverName() string {
+	return a.driverName
+}
+
+func (a *volumeAdapter) Path() string {
+	if len(a.eMount) > 0 {
+		return a.eMount
+	}
+	m, _ := a.proxy.Path(a.name)
+	return m
+}
+
+func (a *volumeAdapter) Mount() (string, error) {
+	var err error
+	a.eMount, err = a.proxy.Mount(a.name)
+	return a.eMount, err
+}
+
+func (a *volumeAdapter) Unmount() error {
+	return a.proxy.Unmount(a.name)
+}
diff --git a/volume/drivers/extpoint.go b/volume/drivers/extpoint.go
new file mode 100644
index 00000000..a55da5af
--- /dev/null
+++ b/volume/drivers/extpoint.go
@@ -0,0 +1,164 @@
+//go:generate pluginrpc-gen -i $GOFILE -o proxy.go -type volumeDriver -name VolumeDriver
+
+package volumedrivers
+
+import (
+	"fmt"
+	"sync"
+
+	"github.com/docker/docker/pkg/locker"
+	"github.com/docker/docker/pkg/plugins"
+	"github.com/docker/docker/volume"
+)
+
+// currently created by hand. generation tool would generate this like:
+// $ extpoint-gen Driver > volume/extpoint.go
+
+var drivers = &driverExtpoint{extensions: make(map[string]volume.Driver), driverLock: &locker.Locker{}}
+
+const extName = "VolumeDriver"
+
+// NewVolumeDriver returns a driver has the given name mapped on the given client.
+func NewVolumeDriver(name string, c client) volume.Driver {
+	proxy := &volumeDriverProxy{c}
+	return &volumeDriverAdapter{name: name, proxy: proxy}
+}
+
+type opts map[string]string
+type list []*proxyVolume
+
+// volumeDriver defines the available functions that volume plugins must implement.
+// This interface is only defined to generate the proxy objects.
+// It's not intended to be public or reused.
+type volumeDriver interface {
+	// Create a volume with the given name
+	Create(name string, opts opts) (err error)
+	// Remove the volume with the given name
+	Remove(name string) (err error)
+	// Get the mountpoint of the given volume
+	Path(name string) (mountpoint string, err error)
+	// Mount the given volume and return the mountpoint
+	Mount(name string) (mountpoint string, err error)
+	// Unmount the given volume
+	Unmount(name string) (err error)
+	// List lists all the volumes known to the driver
+	List() (volumes list, err error)
+	// Get retrieves the volume with the requested name
+	Get(name string) (volume *proxyVolume, err error)
+}
+
+type driverExtpoint struct {
+	extensions map[string]volume.Driver
+	sync.Mutex
+	driverLock *locker.Locker
+}
+
+// Register associates the given driver to the given name, checking if
+// the name is already associated
+func Register(extension volume.Driver, name string) bool {
+	if name == "" {
+		return false
+	}
+
+	drivers.Lock()
+	defer drivers.Unlock()
+
+	_, exists := drivers.extensions[name]
+	if exists {
+		return false
+	}
+	drivers.extensions[name] = extension
+	return true
+}
+
+// Unregister dissociates the name from its driver, if the association exists.
+func Unregister(name string) bool {
+	drivers.Lock()
+	defer drivers.Unlock()
+
+	_, exists := drivers.extensions[name]
+	if !exists {
+		return false
+	}
+	delete(drivers.extensions, name)
+	return true
+}
+
+// Lookup returns the driver associated with the given name. If a
+// driver with the given name has not been registered it checks if
+// there is a VolumeDriver plugin available with the given name.
+func Lookup(name string) (volume.Driver, error) {
+	drivers.driverLock.Lock(name)
+	defer drivers.driverLock.Unlock(name)
+
+	drivers.Lock()
+	ext, ok := drivers.extensions[name]
+	drivers.Unlock()
+	if ok {
+		return ext, nil
+	}
+
+	pl, err := plugins.Get(name, extName)
+	if err != nil {
+		return nil, fmt.Errorf("Error looking up volume plugin %s: %v", name, err)
+	}
+
+	drivers.Lock()
+	defer drivers.Unlock()
+	if ext, ok := drivers.extensions[name]; ok {
+		return ext, nil
+	}
+
+	d := NewVolumeDriver(name, pl.Client)
+	drivers.extensions[name] = d
+	return d, nil
+}
+
+// GetDriver returns a volume driver by its name.
+// If the driver is empty, it looks for the local driver.
+func GetDriver(name string) (volume.Driver, error) {
+	if name == "" {
+		name = volume.DefaultDriverName
+	}
+	return Lookup(name)
+}
+
+// GetDriverList returns list of volume drivers registered.
+// If no driver is registered, empty string list will be returned.
+func GetDriverList() []string {
+	var driverList []string
+	drivers.Lock()
+	for driverName := range drivers.extensions {
+		driverList = append(driverList, driverName)
+	}
+	drivers.Unlock()
+	return driverList
+}
+
+// GetAllDrivers lists all the registered drivers
+func GetAllDrivers() ([]volume.Driver, error) {
+	plugins, err := plugins.GetAll(extName)
+	if err != nil {
+		return nil, err
+	}
+	var ds []volume.Driver
+
+	drivers.Lock()
+	defer drivers.Unlock()
+
+	for _, d := range drivers.extensions {
+		ds = append(ds, d)
+	}
+
+	for _, p := range plugins {
+		ext, ok := drivers.extensions[p.Name]
+		if ok {
+			continue
+		}
+
+		ext = NewVolumeDriver(p.Name, p.Client)
+		drivers.extensions[p.Name] = ext
+		ds = append(ds, ext)
+	}
+	return ds, nil
+}
diff --git a/volume/drivers/extpoint_test.go b/volume/drivers/extpoint_test.go
new file mode 100644
index 00000000..26c06954
--- /dev/null
+++ b/volume/drivers/extpoint_test.go
@@ -0,0 +1,23 @@
+package volumedrivers
+
+import (
+	"testing"
+
+	"github.com/docker/docker/volume/testutils"
+)
+
+func TestGetDriver(t *testing.T) {
+	_, err := GetDriver("missing")
+	if err == nil {
+		t.Fatal("Expected error, was nil")
+	}
+
+	Register(volumetestutils.NewFakeDriver("fake"), "fake")
+	d, err := GetDriver("fake")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if d.Name() != "fake" {
+		t.Fatalf("Expected fake driver, got %s\n", d.Name())
+	}
+}
diff --git a/volume/drivers/proxy.go b/volume/drivers/proxy.go
new file mode 100644
index 00000000..5c7cdcb7
--- /dev/null
+++ b/volume/drivers/proxy.go
@@ -0,0 +1,207 @@
+// generated code - DO NOT EDIT
+
+package volumedrivers
+
+import "errors"
+
+type client interface {
+	Call(string, interface{}, interface{}) error
+}
+
+type volumeDriverProxy struct {
+	client
+}
+
+type volumeDriverProxyCreateRequest struct {
+	Name string
+	Opts opts
+}
+
+type volumeDriverProxyCreateResponse struct {
+	Err string
+}
+
+func (pp *volumeDriverProxy) Create(name string, opts opts) (err error) {
+	var (
+		req volumeDriverProxyCreateRequest
+		ret volumeDriverProxyCreateResponse
+	)
+
+	req.Name = name
+	req.Opts = opts
+	if err = pp.Call("VolumeDriver.Create", req, &ret); err != nil {
+		return
+	}
+
+	if ret.Err != "" {
+		err = errors.New(ret.Err)
+	}
+
+	return
+}
+
+type volumeDriverProxyRemoveRequest struct {
+	Name string
+}
+
+type volumeDriverProxyRemoveResponse struct {
+	Err string
+}
+
+func (pp *volumeDriverProxy) Remove(name string) (err error) {
+	var (
+		req volumeDriverProxyRemoveRequest
+		ret volumeDriverProxyRemoveResponse
+	)
+
+	req.Name = name
+	if err = pp.Call("VolumeDriver.Remove", req, &ret); err != nil {
+		return
+	}
+
+	if ret.Err != "" {
+		err = errors.New(ret.Err)
+	}
+
+	return
+}
+
+type volumeDriverProxyPathRequest struct {
+	Name string
+}
+
+type volumeDriverProxyPathResponse struct {
+	Mountpoint string
+	Err        string
+}
+
+func (pp *volumeDriverProxy) Path(name string) (mountpoint string, err error) {
+	var (
+		req volumeDriverProxyPathRequest
+		ret volumeDriverProxyPathResponse
+	)
+
+	req.Name = name
+	if err = pp.Call("VolumeDriver.Path", req, &ret); err != nil {
+		return
+	}
+
+	mountpoint = ret.Mountpoint
+
+	if ret.Err != "" {
+		err = errors.New(ret.Err)
+	}
+
+	return
+}
+
+type volumeDriverProxyMountRequest struct {
+	Name string
+}
+
+type volumeDriverProxyMountResponse struct {
+	Mountpoint string
+	Err        string
+}
+
+func (pp *volumeDriverProxy) Mount(name string) (mountpoint string, err error) {
+	var (
+		req volumeDriverProxyMountRequest
+		ret volumeDriverProxyMountResponse
+	)
+
+	req.Name = name
+	if err = pp.Call("VolumeDriver.Mount", req, &ret); err != nil {
+		return
+	}
+
+	mountpoint = ret.Mountpoint
+
+	if ret.Err != "" {
+		err = errors.New(ret.Err)
+	}
+
+	return
+}
+
+type volumeDriverProxyUnmountRequest struct {
+	Name string
+}
+
+type volumeDriverProxyUnmountResponse struct {
+	Err string
+}
+
+func (pp *volumeDriverProxy) Unmount(name string) (err error) {
+	var (
+		req volumeDriverProxyUnmountRequest
+		ret volumeDriverProxyUnmountResponse
+	)
+
+	req.Name = name
+	if err = pp.Call("VolumeDriver.Unmount", req, &ret); err != nil {
+		return
+	}
+
+	if ret.Err != "" {
+		err = errors.New(ret.Err)
+	}
+
+	return
+}
+
+type volumeDriverProxyListRequest struct {
+}
+
+type volumeDriverProxyListResponse struct {
+	Volumes list
+	Err     string
+}
+
+func (pp *volumeDriverProxy) List() (volumes list, err error) {
+	var (
+		req volumeDriverProxyListRequest
+		ret volumeDriverProxyListResponse
+	)
+
+	if err = pp.Call("VolumeDriver.List", req, &ret); err != nil {
+		return
+	}
+
+	volumes = ret.Volumes
+
+	if ret.Err != "" {
+		err = errors.New(ret.Err)
+	}
+
+	return
+}
+
+type volumeDriverProxyGetRequest struct {
+	Name string
+}
+
+type volumeDriverProxyGetResponse struct {
+	Volume *proxyVolume
+	Err    string
+}
+
+func (pp *volumeDriverProxy) Get(name string) (volume *proxyVolume, err error) {
+	var (
+		req volumeDriverProxyGetRequest
+		ret volumeDriverProxyGetResponse
+	)
+
+	req.Name = name
+	if err = pp.Call("VolumeDriver.Get", req, &ret); err != nil {
+		return
+	}
+
+	volume = ret.Volume
+
+	if ret.Err != "" {
+		err = errors.New(ret.Err)
+	}
+
+	return
+}
diff --git a/volume/drivers/proxy_test.go b/volume/drivers/proxy_test.go
new file mode 100644
index 00000000..6b26f9dc
--- /dev/null
+++ b/volume/drivers/proxy_test.go
@@ -0,0 +1,122 @@
+package volumedrivers
+
+import (
+	"fmt"
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"strings"
+	"testing"
+
+	"github.com/docker/docker/pkg/plugins"
+	"github.com/docker/go-connections/tlsconfig"
+)
+
+func TestVolumeRequestError(t *testing.T) {
+	mux := http.NewServeMux()
+	server := httptest.NewServer(mux)
+	defer server.Close()
+
+	mux.HandleFunc("/VolumeDriver.Create", func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		fmt.Fprintln(w, `{"Err": "Cannot create volume"}`)
+	})
+
+	mux.HandleFunc("/VolumeDriver.Remove", func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		fmt.Fprintln(w, `{"Err": "Cannot remove volume"}`)
+	})
+
+	mux.HandleFunc("/VolumeDriver.Mount", func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		fmt.Fprintln(w, `{"Err": "Cannot mount volume"}`)
+	})
+
+	mux.HandleFunc("/VolumeDriver.Unmount", func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		fmt.Fprintln(w, `{"Err": "Cannot unmount volume"}`)
+	})
+
+	mux.HandleFunc("/VolumeDriver.Path", func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		fmt.Fprintln(w, `{"Err": "Unknown volume"}`)
+	})
+
+	mux.HandleFunc("/VolumeDriver.List", func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		fmt.Fprintln(w, `{"Err": "Cannot list volumes"}`)
+	})
+
+	mux.HandleFunc("/VolumeDriver.Get", func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
+		fmt.Fprintln(w, `{"Err": "Cannot get volume"}`)
+	})
+
+	u, _ := url.Parse(server.URL)
+	client, err := plugins.NewClient("tcp://"+u.Host, tlsconfig.Options{InsecureSkipVerify: true})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	driver := volumeDriverProxy{client}
+
+	if err = driver.Create("volume", nil); err == nil {
+		t.Fatal("Expected error, was nil")
+	}
+
+	if !strings.Contains(err.Error(), "Cannot create volume") {
+		t.Fatalf("Unexpected error: %v\n", err)
+	}
+
+	_, err = driver.Mount("volume")
+	if err == nil {
+		t.Fatal("Expected error, was nil")
+	}
+
+	if !strings.Contains(err.Error(), "Cannot mount volume") {
+		t.Fatalf("Unexpected error: %v\n", err)
+	}
+
+	err = driver.Unmount("volume")
+	if err == nil {
+		t.Fatal("Expected error, was nil")
+	}
+
+	if !strings.Contains(err.Error(), "Cannot unmount volume") {
+		t.Fatalf("Unexpected error: %v\n", err)
+	}
+
+	err = driver.Remove("volume")
+	if err == nil {
+		t.Fatal("Expected error, was nil")
+	}
+
+	if !strings.Contains(err.Error(), "Cannot remove volume") {
+		t.Fatalf("Unexpected error: %v\n", err)
+	}
+
+	_, err = driver.Path("volume")
+	if err == nil {
+		t.Fatal("Expected error, was nil")
+	}
+
+	if !strings.Contains(err.Error(), "Unknown volume") {
+		t.Fatalf("Unexpected error: %v\n", err)
+	}
+
+	_, err = driver.List()
+	if err == nil {
+		t.Fatal("Expected error, was nil")
+	}
+	if !strings.Contains(err.Error(), "Cannot list volumes") {
+		t.Fatalf("Unexpected error: %v\n", err)
+	}
+
+	_, err = driver.Get("volume")
+	if err == nil {
+		t.Fatal("Expected error, was nil")
+	}
+	if !strings.Contains(err.Error(), "Cannot get volume") {
+		t.Fatalf("Unexpected error: %v\n", err)
+	}
+}
diff --git a/volume/local/local.go b/volume/local/local.go
new file mode 100644
index 00000000..0bca731a
--- /dev/null
+++ b/volume/local/local.go
@@ -0,0 +1,330 @@
+// Package local provides the default implementation for volumes. It
+// is used to mount data volume containers and directories local to
+// the host server.
+package local
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"sync"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/docker/docker/pkg/idtools"
+	"github.com/docker/docker/pkg/mount"
+	"github.com/docker/docker/utils"
+	"github.com/docker/docker/volume"
+)
+
+// VolumeDataPathName is the name of the directory where the volume data is stored.
+// It uses a very distinctive name to avoid collisions migrating data between
+// Docker versions.
+const (
+	VolumeDataPathName = "_data"
+	volumesPathName    = "volumes"
+)
+
+var (
+	// ErrNotFound is the typed error returned when the requested volume name can't be found
+	ErrNotFound = fmt.Errorf("volume not found")
+	// volumeNameRegex ensures the name assigned for the volume is valid.
+	// This name is used to create the bind directory, so we need to avoid characters that
+	// would make the path to escape the root directory.
+	volumeNameRegex = utils.RestrictedVolumeNamePattern
+)
+
+type validationError struct {
+	error
+}
+
+func (validationError) IsValidationError() bool {
+	return true
+}
+
+type activeMount struct {
+	count   uint64
+	mounted bool
+}
+
+// New instantiates a new Root instance with the provided scope. Scope
+// is the base path that the Root instance uses to store its
+// volumes. The base path is created here if it does not exist.
+func New(scope string, rootUID, rootGID int) (*Root, error) {
+	rootDirectory := filepath.Join(scope, volumesPathName)
+
+	if err := idtools.MkdirAllAs(rootDirectory, 0700, rootUID, rootGID); err != nil {
+		return nil, err
+	}
+
+	r := &Root{
+		scope:   scope,
+		path:    rootDirectory,
+		volumes: make(map[string]*localVolume),
+		rootUID: rootUID,
+		rootGID: rootGID,
+	}
+
+	dirs, err := ioutil.ReadDir(rootDirectory)
+	if err != nil {
+		return nil, err
+	}
+
+	mountInfos, err := mount.GetMounts()
+	if err != nil {
+		logrus.Debugf("error looking up mounts for local volume cleanup: %v", err)
+	}
+
+	for _, d := range dirs {
+		if !d.IsDir() {
+			continue
+		}
+
+		name := filepath.Base(d.Name())
+		v := &localVolume{
+			driverName: r.Name(),
+			name:       name,
+			path:       r.DataPath(name),
+		}
+		r.volumes[name] = v
+		if b, err := ioutil.ReadFile(filepath.Join(name, "opts.json")); err == nil {
+			if err := json.Unmarshal(b, v.opts); err != nil {
+				return nil, err
+			}
+
+			// unmount anything that may still be mounted (for example, from an unclean shutdown)
+			for _, info := range mountInfos {
+				if info.Mountpoint == v.path {
+					mount.Unmount(v.path)
+					break
+				}
+			}
+		}
+	}
+
+	return r, nil
+}
+
+// Root implements the Driver interface for the volume package and
+// manages the creation/removal of volumes. It uses only standard vfs
+// commands to create/remove dirs within its provided scope.
+type Root struct {
+	m       sync.Mutex
+	scope   string
+	path    string
+	volumes map[string]*localVolume
+	rootUID int
+	rootGID int
+}
+
+// List lists all the volumes
+func (r *Root) List() ([]volume.Volume, error) {
+	var ls []volume.Volume
+	r.m.Lock()
+	for _, v := range r.volumes {
+		ls = append(ls, v)
+	}
+	r.m.Unlock()
+	return ls, nil
+}
+
+// DataPath returns the constructed path of this volume.
+func (r *Root) DataPath(volumeName string) string {
+	return filepath.Join(r.path, volumeName, VolumeDataPathName)
+}
+
+// Name returns the name of Root, defined in the volume package in the DefaultDriverName constant.
+func (r *Root) Name() string {
+	return volume.DefaultDriverName
+}
+
+// Create creates a new volume.Volume with the provided name, creating
+// the underlying directory tree required for this volume in the
+// process.
+func (r *Root) Create(name string, opts map[string]string) (volume.Volume, error) {
+	if err := r.validateName(name); err != nil {
+		return nil, err
+	}
+
+	r.m.Lock()
+	defer r.m.Unlock()
+
+	v, exists := r.volumes[name]
+	if exists {
+		return v, nil
+	}
+
+	path := r.DataPath(name)
+	if err := idtools.MkdirAllAs(path, 0755, r.rootUID, r.rootGID); err != nil {
+		if os.IsExist(err) {
+			return nil, fmt.Errorf("volume already exists under %s", filepath.Dir(path))
+		}
+		return nil, err
+	}
+
+	var err error
+	defer func() {
+		if err != nil {
+			os.RemoveAll(filepath.Dir(path))
+		}
+	}()
+
+	v = &localVolume{
+		driverName: r.Name(),
+		name:       name,
+		path:       path,
+	}
+
+	if opts != nil {
+		if err = setOpts(v, opts); err != nil {
+			return nil, err
+		}
+		var b []byte
+		b, err = json.Marshal(v.opts)
+		if err != nil {
+			return nil, err
+		}
+		if err = ioutil.WriteFile(filepath.Join(filepath.Dir(path), "opts.json"), b, 600); err != nil {
+			return nil, err
+		}
+	}
+
+	r.volumes[name] = v
+	return v, nil
+}
+
+// Remove removes the specified volume and all underlying data. If the
+// given volume does not belong to this driver and an error is
+// returned. The volume is reference counted, if all references are
+// not released then the volume is not removed.
+func (r *Root) Remove(v volume.Volume) error {
+	r.m.Lock()
+	defer r.m.Unlock()
+
+	lv, ok := v.(*localVolume)
+	if !ok {
+		return fmt.Errorf("unknown volume type %T", v)
+	}
+
+	realPath, err := filepath.EvalSymlinks(lv.path)
+	if err != nil {
+		if !os.IsNotExist(err) {
+			return err
+		}
+		realPath = filepath.Dir(lv.path)
+	}
+
+	if !r.scopedPath(realPath) {
+		return fmt.Errorf("Unable to remove a directory of out the Docker root %s: %s", r.scope, realPath)
+	}
+
+	if err := removePath(realPath); err != nil {
+		return err
+	}
+
+	delete(r.volumes, lv.name)
+	return removePath(filepath.Dir(lv.path))
+}
+
+func removePath(path string) error {
+	if err := os.RemoveAll(path); err != nil {
+		if os.IsNotExist(err) {
+			return nil
+		}
+		return err
+	}
+	return nil
+}
+
+// Get looks up the volume for the given name and returns it if found
+func (r *Root) Get(name string) (volume.Volume, error) {
+	r.m.Lock()
+	v, exists := r.volumes[name]
+	r.m.Unlock()
+	if !exists {
+		return nil, ErrNotFound
+	}
+	return v, nil
+}
+
+func (r *Root) validateName(name string) error {
+	if !volumeNameRegex.MatchString(name) {
+		return validationError{fmt.Errorf("%q includes invalid characters for a local volume name, only %q are allowed", name, utils.RestrictedNameChars)}
+	}
+	return nil
+}
+
+// localVolume implements the Volume interface from the volume package and
+// represents the volumes created by Root.
+type localVolume struct {
+	m         sync.Mutex
+	usedCount int
+	// unique name of the volume
+	name string
+	// path is the path on the host where the data lives
+	path string
+	// driverName is the name of the driver that created the volume.
+	driverName string
+	// opts is the parsed list of options used to create the volume
+	opts *optsConfig
+	// active refcounts the active mounts
+	active activeMount
+}
+
+// Name returns the name of the given Volume.
+func (v *localVolume) Name() string {
+	return v.name
+}
+
+// DriverName returns the driver that created the given Volume.
+func (v *localVolume) DriverName() string {
+	return v.driverName
+}
+
+// Path returns the data location.
+func (v *localVolume) Path() string {
+	return v.path
+}
+
+// Mount implements the localVolume interface, returning the data location.
+func (v *localVolume) Mount() (string, error) {
+	v.m.Lock()
+	defer v.m.Unlock()
+	if v.opts != nil {
+		if !v.active.mounted {
+			if err := v.mount(); err != nil {
+				return "", err
+			}
+			v.active.mounted = true
+		}
+		v.active.count++
+	}
+	return v.path, nil
+}
+
+// Umount is for satisfying the localVolume interface and does not do anything in this driver.
+func (v *localVolume) Unmount() error {
+	v.m.Lock()
+	defer v.m.Unlock()
+	if v.opts != nil {
+		v.active.count--
+		if v.active.count == 0 {
+			if err := mount.Unmount(v.path); err != nil {
+				v.active.count++
+				return err
+			}
+			v.active.mounted = false
+		}
+	}
+	return nil
+}
+
+func validateOpts(opts map[string]string) error {
+	for opt := range opts {
+		if !validOpts[opt] {
+			return validationError{fmt.Errorf("invalid option key: %q", opt)}
+		}
+	}
+	return nil
+}
diff --git a/volume/local/local_test.go b/volume/local/local_test.go
new file mode 100644
index 00000000..1baa0854
--- /dev/null
+++ b/volume/local/local_test.go
@@ -0,0 +1,249 @@
+package local
+
+import (
+	"io/ioutil"
+	"os"
+	"runtime"
+	"strings"
+	"testing"
+
+	"github.com/docker/docker/pkg/mount"
+)
+
+func TestRemove(t *testing.T) {
+	// TODO Windows: Investigate why this test fails on Windows under CI
+	//               but passes locally.
+	if runtime.GOOS == "windows" {
+		t.Skip("Test failing on Windows CI")
+	}
+	rootDir, err := ioutil.TempDir("", "local-volume-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(rootDir)
+
+	r, err := New(rootDir, 0, 0)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	vol, err := r.Create("testing", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if err := r.Remove(vol); err != nil {
+		t.Fatal(err)
+	}
+
+	vol, err = r.Create("testing2", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err := os.RemoveAll(vol.Path()); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := r.Remove(vol); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := os.Stat(vol.Path()); err != nil && !os.IsNotExist(err) {
+		t.Fatal("volume dir not removed")
+	}
+
+	if l, _ := r.List(); len(l) != 0 {
+		t.Fatal("expected there to be no volumes")
+	}
+}
+
+func TestInitializeWithVolumes(t *testing.T) {
+	rootDir, err := ioutil.TempDir("", "local-volume-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(rootDir)
+
+	r, err := New(rootDir, 0, 0)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	vol, err := r.Create("testing", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	r, err = New(rootDir, 0, 0)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	v, err := r.Get(vol.Name())
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if v.Path() != vol.Path() {
+		t.Fatal("expected to re-initialize root with existing volumes")
+	}
+}
+
+func TestCreate(t *testing.T) {
+	rootDir, err := ioutil.TempDir("", "local-volume-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(rootDir)
+
+	r, err := New(rootDir, 0, 0)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	cases := map[string]bool{
+		"name":                  true,
+		"name-with-dash":        true,
+		"name_with_underscore":  true,
+		"name/with/slash":       false,
+		"name/with/../../slash": false,
+		"./name":                false,
+		"../name":               false,
+		"./":                    false,
+		"../":                   false,
+		"~":                     false,
+		".":                     false,
+		"..":                    false,
+		"...":                   false,
+	}
+
+	for name, success := range cases {
+		v, err := r.Create(name, nil)
+		if success {
+			if err != nil {
+				t.Fatal(err)
+			}
+			if v.Name() != name {
+				t.Fatalf("Expected volume with name %s, got %s", name, v.Name())
+			}
+		} else {
+			if err == nil {
+				t.Fatalf("Expected error creating volume with name %s, got nil", name)
+			}
+		}
+	}
+}
+
+func TestValidateName(t *testing.T) {
+	r := &Root{}
+	names := map[string]bool{
+		"/testvol":    false,
+		"thing.d":     true,
+		"hello-world": true,
+		"./hello":     false,
+		".hello":      false,
+	}
+
+	for vol, expected := range names {
+		err := r.validateName(vol)
+		if expected && err != nil {
+			t.Fatalf("expected %s to be valid got %v", vol, err)
+		}
+		if !expected && err == nil {
+			t.Fatalf("expected %s to be invalid", vol)
+		}
+	}
+}
+
+func TestCreateWithOpts(t *testing.T) {
+	if runtime.GOOS == "windows" {
+		t.Skip()
+	}
+
+	rootDir, err := ioutil.TempDir("", "local-volume-test")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(rootDir)
+
+	r, err := New(rootDir, 0, 0)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := r.Create("test", map[string]string{"invalidopt": "notsupported"}); err == nil {
+		t.Fatal("expected invalid opt to cause error")
+	}
+
+	vol, err := r.Create("test", map[string]string{"device": "tmpfs", "type": "tmpfs", "o": "size=1m,uid=1000"})
+	if err != nil {
+		t.Fatal(err)
+	}
+	v := vol.(*localVolume)
+
+	dir, err := v.Mount()
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer func() {
+		if err := v.Unmount(); err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	mountInfos, err := mount.GetMounts()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	var found bool
+	for _, info := range mountInfos {
+		if info.Mountpoint == dir {
+			found = true
+			if info.Fstype != "tmpfs" {
+				t.Fatalf("expected tmpfs mount, got %q", info.Fstype)
+			}
+			if info.Source != "tmpfs" {
+				t.Fatalf("expected tmpfs mount, got %q", info.Source)
+			}
+			if !strings.Contains(info.VfsOpts, "uid=1000") {
+				t.Fatalf("expected mount info to have uid=1000: %q", info.VfsOpts)
+			}
+			if !strings.Contains(info.VfsOpts, "size=1024k") {
+				t.Fatalf("expected mount info to have size=1024k: %q", info.VfsOpts)
+			}
+			break
+		}
+	}
+
+	if !found {
+		t.Fatal("mount not found")
+	}
+
+	if v.active.count != 1 {
+		t.Fatalf("Expected active mount count to be 1, got %d", v.active.count)
+	}
+
+	// test double mount
+	if _, err := v.Mount(); err != nil {
+		t.Fatal(err)
+	}
+	if v.active.count != 2 {
+		t.Fatalf("Expected active mount count to be 2, got %d", v.active.count)
+	}
+
+	if err := v.Unmount(); err != nil {
+		t.Fatal(err)
+	}
+	if v.active.count != 1 {
+		t.Fatalf("Expected active mount count to be 1, got %d", v.active.count)
+	}
+
+	mounted, err := mount.Mounted(v.path)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !mounted {
+		t.Fatal("expected mount to still be active")
+	}
+}
diff --git a/volume/local/local_unix.go b/volume/local/local_unix.go
new file mode 100644
index 00000000..2e63777a
--- /dev/null
+++ b/volume/local/local_unix.go
@@ -0,0 +1,69 @@
+// +build linux freebsd
+
+// Package local provides the default implementation for volumes. It
+// is used to mount data volume containers and directories local to
+// the host server.
+package local
+
+import (
+	"fmt"
+	"path/filepath"
+	"strings"
+
+	"github.com/docker/docker/pkg/mount"
+)
+
+var (
+	oldVfsDir = filepath.Join("vfs", "dir")
+
+	validOpts = map[string]bool{
+		"type":   true, // specify the filesystem type for mount, e.g. nfs
+		"o":      true, // generic mount options
+		"device": true, // device to mount from
+	}
+)
+
+type optsConfig struct {
+	MountType   string
+	MountOpts   string
+	MountDevice string
+}
+
+// scopedPath verifies that the path where the volume is located
+// is under Docker's root and the valid local paths.
+func (r *Root) scopedPath(realPath string) bool {
+	// Volumes path for Docker version >= 1.7
+	if strings.HasPrefix(realPath, filepath.Join(r.scope, volumesPathName)) && realPath != filepath.Join(r.scope, volumesPathName) {
+		return true
+	}
+
+	// Volumes path for Docker version < 1.7
+	if strings.HasPrefix(realPath, filepath.Join(r.scope, oldVfsDir)) {
+		return true
+	}
+
+	return false
+}
+
+func setOpts(v *localVolume, opts map[string]string) error {
+	if len(opts) == 0 {
+		return nil
+	}
+	if err := validateOpts(opts); err != nil {
+		return err
+	}
+
+	v.opts = &optsConfig{
+		MountType:   opts["type"],
+		MountOpts:   opts["o"],
+		MountDevice: opts["device"],
+	}
+	return nil
+}
+
+func (v *localVolume) mount() error {
+	if v.opts.MountDevice == "" {
+		return fmt.Errorf("missing device in volume options")
+	}
+	return mount.Mount(v.opts.MountDevice, v.path, v.opts.MountType, v.opts.MountOpts)
+}
diff --git a/volume/local/local_windows.go b/volume/local/local_windows.go
new file mode 100644
index 00000000..1bdb368a
--- /dev/null
+++ b/volume/local/local_windows.go
@@ -0,0 +1,34 @@
+// Package local provides the default implementation for volumes. It
+// is used to mount data volume containers and directories local to
+// the host server.
+package local
+
+import (
+	"fmt"
+	"path/filepath"
+	"strings"
+)
+
+type optsConfig struct{}
+
+var validOpts map[string]bool
+
+// scopedPath verifies that the path where the volume is located
+// is under Docker's root and the valid local paths.
+func (r *Root) scopedPath(realPath string) bool {
+	if strings.HasPrefix(realPath, filepath.Join(r.scope, volumesPathName)) && realPath != filepath.Join(r.scope, volumesPathName) {
+		return true
+	}
+	return false
+}
+
+func setOpts(v *localVolume, opts map[string]string) error {
+	if len(opts) > 0 {
+		return fmt.Errorf("options are not supported on this platform")
+	}
+	return nil
+}
+
+func (v *localVolume) mount() error {
+	return nil
+}
diff --git a/volume/store/errors.go b/volume/store/errors.go
new file mode 100644
index 00000000..7bdfa12b
--- /dev/null
+++ b/volume/store/errors.go
@@ -0,0 +1,74 @@
+package store
+
+import (
+	"errors"
+	"strings"
+)
+
+var (
+	// errVolumeInUse is a typed error returned when trying to remove a volume that is currently in use by a container
+	errVolumeInUse = errors.New("volume is in use")
+	// errNoSuchVolume is a typed error returned if the requested volume doesn't exist in the volume store
+	errNoSuchVolume = errors.New("no such volume")
+	// errInvalidName is a typed error returned when creating a volume with a name that is not valid on the platform
+	errInvalidName = errors.New("volume name is not valid on this platform")
+	// errNameConflict is a typed error returned on create when a volume exists with the given name, but for a different driver
+	errNameConflict = errors.New("conflict: volume name must be unique")
+)
+
+// OpErr is the error type returned by functions in the store package. It describes
+// the operation, volume name, and error.
+type OpErr struct {
+	// Err is the error that occurred during the operation.
+	Err error
+	// Op is the operation which caused the error, such as "create", or "list".
+	Op string
+	// Name is the name of the resource being requested for this op, typically the volume name or the driver name.
+	Name string
+	// Refs is the list of references associated with the resource.
+	Refs []string
+}
+
+// Error satisfies the built-in error interface type.
+func (e *OpErr) Error() string {
+	if e == nil {
+		return "<nil>"
+	}
+	s := e.Op
+	if e.Name != "" {
+		s = s + " " + e.Name
+	}
+
+	s = s + ": " + e.Err.Error()
+	if len(e.Refs) > 0 {
+		s = s + " - " + "[" + strings.Join(e.Refs, ", ") + "]"
+	}
+	return s
+}
+
+// IsInUse returns a boolean indicating whether the error indicates that a
+// volume is in use
+func IsInUse(err error) bool {
+	return isErr(err, errVolumeInUse)
+}
+
+// IsNotExist returns a boolean indicating whether the error indicates that the volume does not exist
+func IsNotExist(err error) bool {
+	return isErr(err, errNoSuchVolume)
+}
+
+// IsNameConflict returns a boolean indicating whether the error indicates that a
+// volume name is already taken
+func IsNameConflict(err error) bool {
+	return isErr(err, errNameConflict)
+}
+
+func isErr(err error, expected error) bool {
+	switch pe := err.(type) {
+	case nil:
+		return false
+	case *OpErr:
+		err = pe.Err
+	}
+	return err == expected
+}
diff --git a/volume/store/store.go b/volume/store/store.go
new file mode 100644
index 00000000..b2ac9a8c
--- /dev/null
+++ b/volume/store/store.go
@@ -0,0 +1,506 @@
+package store
+
+import (
+	"bytes"
+	"encoding/json"
+	"os"
+	"path/filepath"
+	"sync"
+	"time"
+
+	"github.com/Sirupsen/logrus"
+	"github.com/boltdb/bolt"
+	"github.com/docker/docker/pkg/locker"
+	"github.com/docker/docker/volume"
+	"github.com/docker/docker/volume/drivers"
+)
+
+const (
+	volumeDataDir    = "volumes"
+	volumeBucketName = "volumes"
+)
+
+type volumeMetadata struct {
+	Name   string
+	Labels map[string]string
+}
+
+type volumeWithLabels struct {
+	volume.Volume
+	labels map[string]string
+}
+
+func (v volumeWithLabels) Labels() map[string]string {
+	return v.labels
+}
+
+// New initializes a VolumeStore to keep
+// reference counting of volumes in the system.
+func New(rootPath string) (*VolumeStore, error) {
+	vs := &VolumeStore{
+		locks:  &locker.Locker{},
+		names:  make(map[string]volume.Volume),
+		refs:   make(map[string][]string),
+		labels: make(map[string]map[string]string),
+	}
+
+	if rootPath != "" {
+		// initialize metadata store
+		volPath := filepath.Join(rootPath, volumeDataDir)
+		if err := os.MkdirAll(volPath, 750); err != nil {
+			return nil, err
+		}
+
+		dbPath := filepath.Join(volPath, "metadata.db")
+
+		var err error
+		vs.db, err = bolt.Open(dbPath, 0600, &bolt.Options{Timeout: 1 * time.Second})
+		if err != nil {
+			return nil, err
+		}
+
+		// initialize volumes bucket
+		if err := vs.db.Update(func(tx *bolt.Tx) error {
+			if _, err := tx.CreateBucketIfNotExists([]byte(volumeBucketName)); err != nil {
+				return err
+			}
+
+			return nil
+		}); err != nil {
+			return nil, err
+		}
+	}
+
+	return vs, nil
+}
+
+func (s *VolumeStore) getNamed(name string) (volume.Volume, bool) {
+	s.globalLock.Lock()
+	v, exists := s.names[name]
+	s.globalLock.Unlock()
+	return v, exists
+}
+
+func (s *VolumeStore) setNamed(v volume.Volume, ref string) {
+	s.globalLock.Lock()
+	s.names[v.Name()] = v
+	if len(ref) > 0 {
+		s.refs[v.Name()] = append(s.refs[v.Name()], ref)
+	}
+	s.globalLock.Unlock()
+}
+
+func (s *VolumeStore) purge(name string) {
+	s.globalLock.Lock()
+	delete(s.names, name)
+	delete(s.refs, name)
+	delete(s.labels, name)
+	s.globalLock.Unlock()
+}
+
+// VolumeStore is a struct that stores the list of volumes available and keeps track of their usage counts
+type VolumeStore struct {
+	locks      *locker.Locker
+	globalLock sync.Mutex
+	// names stores the volume name -> driver name relationship.
+	// This is used for making lookups faster so we don't have to probe all drivers
+	names map[string]volume.Volume
+	// refs stores the volume name and the list of things referencing it
+	refs map[string][]string
+	// labels stores volume labels for each volume
+	labels map[string]map[string]string
+	db     *bolt.DB
+}
+
+// List proxies to all registered volume drivers to get the full list of volumes
+// If a driver returns a volume that has name which conflicts with another volume from a different driver,
+// the first volume is chosen and the conflicting volume is dropped.
+func (s *VolumeStore) List() ([]volume.Volume, []string, error) {
+	vols, warnings, err := s.list()
+	if err != nil {
+		return nil, nil, &OpErr{Err: err, Op: "list"}
+	}
+	var out []volume.Volume
+
+	for _, v := range vols {
+		name := normaliseVolumeName(v.Name())
+
+		s.locks.Lock(name)
+		storedV, exists := s.getNamed(name)
+		// Note: it's not safe to populate the cache here because the volume may have been
+		// deleted before we acquire a lock on its name
+		if exists && storedV.DriverName() != v.DriverName() {
+			logrus.Warnf("Volume name %s already exists for driver %s, not including volume returned by %s", v.Name(), storedV.DriverName(), v.DriverName())
+			s.locks.Unlock(v.Name())
+			continue
+		}
+
+		out = append(out, v)
+		s.locks.Unlock(v.Name())
+	}
+	return out, warnings, nil
+}
+
+// list goes through each volume driver and asks for its list of volumes.
+func (s *VolumeStore) list() ([]volume.Volume, []string, error) {
+	drivers, err := volumedrivers.GetAllDrivers()
+	if err != nil {
+		return nil, nil, err
+	}
+	var (
+		ls       []volume.Volume
+		warnings []string
+	)
+
+	type vols struct {
+		vols       []volume.Volume
+		err        error
+		driverName string
+	}
+	chVols := make(chan vols, len(drivers))
+
+	for _, vd := range drivers {
+		go func(d volume.Driver) {
+			vs, err := d.List()
+			if err != nil {
+				chVols <- vols{driverName: d.Name(), err: &OpErr{Err: err, Name: d.Name(), Op: "list"}}
+				return
+			}
+			chVols <- vols{vols: vs}
+		}(vd)
+	}
+
+	badDrivers := make(map[string]struct{})
+	for i := 0; i < len(drivers); i++ {
+		vs := <-chVols
+
+		if vs.err != nil {
+			warnings = append(warnings, vs.err.Error())
+			badDrivers[vs.driverName] = struct{}{}
+			logrus.Warn(vs.err)
+		}
+		ls = append(ls, vs.vols...)
+	}
+
+	if len(badDrivers) > 0 {
+		for _, v := range s.names {
+			if _, exists := badDrivers[v.DriverName()]; exists {
+				ls = append(ls, v)
+			}
+		}
+	}
+	return ls, warnings, nil
+}
+
+// CreateWithRef creates a volume with the given name and driver and stores the ref
+// This is just like Create() except we store the reference while holding the lock.
+// This ensures there's no race between creating a volume and then storing a reference.
+func (s *VolumeStore) CreateWithRef(name, driverName, ref string, opts, labels map[string]string) (volume.Volume, error) {
+	name = normaliseVolumeName(name)
+	s.locks.Lock(name)
+	defer s.locks.Unlock(name)
+
+	v, err := s.create(name, driverName, opts, labels)
+	if err != nil {
+		return nil, &OpErr{Err: err, Name: name, Op: "create"}
+	}
+
+	s.setNamed(v, ref)
+	return v, nil
+}
+
+// Create creates a volume with the given name and driver.
+func (s *VolumeStore) Create(name, driverName string, opts, labels map[string]string) (volume.Volume, error) {
+	name = normaliseVolumeName(name)
+	s.locks.Lock(name)
+	defer s.locks.Unlock(name)
+
+	v, err := s.create(name, driverName, opts, labels)
+	if err != nil {
+		return nil, &OpErr{Err: err, Name: name, Op: "create"}
+	}
+	s.setNamed(v, "")
+	return v, nil
+}
+
+// create asks the given driver to create a volume with the name/opts.
+// If a volume with the name is already known, it will ask the stored driver for the volume.
+// If the passed in driver name does not match the driver name which is stored for the given volume name, an error is returned.
+// It is expected that callers of this function hold any necessary locks.
+func (s *VolumeStore) create(name, driverName string, opts, labels map[string]string) (volume.Volume, error) {
+	// Validate the name in a platform-specific manner
+	valid, err := volume.IsVolumeNameValid(name)
+	if err != nil {
+		return nil, err
+	}
+	if !valid {
+		return nil, &OpErr{Err: errInvalidName, Name: name, Op: "create"}
+	}
+
+	if v, exists := s.getNamed(name); exists {
+		if v.DriverName() != driverName && driverName != "" && driverName != volume.DefaultDriverName {
+			return nil, errNameConflict
+		}
+		return v, nil
+	}
+
+	// Since there isn't a specified driver name, let's see if any of the existing drivers have this volume name
+	if driverName == "" {
+		v, _ := s.getVolume(name)
+		if v != nil {
+			return v, nil
+		}
+	}
+
+	vd, err := volumedrivers.GetDriver(driverName)
+
+	if err != nil {
+		return nil, &OpErr{Op: "create", Name: name, Err: err}
+	}
+
+	logrus.Debugf("Registering new volume reference: driver %q, name %q", vd.Name(), name)
+
+	if v, _ := vd.Get(name); v != nil {
+		return v, nil
+	}
+	v, err := vd.Create(name, opts)
+	if err != nil {
+		return nil, err
+	}
+	s.globalLock.Lock()
+	s.labels[name] = labels
+	s.globalLock.Unlock()
+
+	if s.db != nil {
+		metadata := &volumeMetadata{
+			Name:   name,
+			Labels: labels,
+		}
+
+		volData, err := json.Marshal(metadata)
+		if err != nil {
+			return nil, err
+		}
+
+		if err := s.db.Update(func(tx *bolt.Tx) error {
+			b := tx.Bucket([]byte(volumeBucketName))
+			err := b.Put([]byte(name), volData)
+			return err
+		}); err != nil {
+			return nil, err
+		}
+	}
+
+	return volumeWithLabels{v, labels}, nil
+}
+
+// GetWithRef gets a volume with the given name from the passed in driver and stores the ref
+// This is just like Get(), but we store the reference while holding the lock.
+// This makes sure there are no races between checking for the existence of a volume and adding a reference for it
+func (s *VolumeStore) GetWithRef(name, driverName, ref string) (volume.Volume, error) {
+	name = normaliseVolumeName(name)
+	s.locks.Lock(name)
+	defer s.locks.Unlock(name)
+
+	vd, err := volumedrivers.GetDriver(driverName)
+	if err != nil {
+		return nil, &OpErr{Err: err, Name: name, Op: "get"}
+	}
+
+	v, err := vd.Get(name)
+	if err != nil {
+		return nil, &OpErr{Err: err, Name: name, Op: "get"}
+	}
+
+	s.setNamed(v, ref)
+	if labels, ok := s.labels[name]; ok {
+		return volumeWithLabels{v, labels}, nil
+	}
+	return v, nil
+}
+
+// Get looks if a volume with the given name exists and returns it if so
+func (s *VolumeStore) Get(name string) (volume.Volume, error) {
+	name = normaliseVolumeName(name)
+	s.locks.Lock(name)
+	defer s.locks.Unlock(name)
+
+	v, err := s.getVolume(name)
+	if err != nil {
+		return nil, &OpErr{Err: err, Name: name, Op: "get"}
+	}
+	s.setNamed(v, "")
+	return v, nil
+}
+
+// getVolume requests the volume, if the driver info is stored it just accesses that driver,
+// if the driver is unknown it probes all drivers until it finds the first volume with that name.
+// it is expected that callers of this function hold any necessary locks
+func (s *VolumeStore) getVolume(name string) (volume.Volume, error) {
+	labels := map[string]string{}
+
+	if s.db != nil {
+		// get meta
+		if err := s.db.Update(func(tx *bolt.Tx) error {
+			b := tx.Bucket([]byte(volumeBucketName))
+			data := b.Get([]byte(name))
+
+			if string(data) == "" {
+				return nil
+			}
+
+			var meta volumeMetadata
+			buf := bytes.NewBuffer(data)
+
+			if err := json.NewDecoder(buf).Decode(&meta); err != nil {
+				return err
+			}
+			labels = meta.Labels
+
+			return nil
+		}); err != nil {
+			return nil, err
+		}
+	}
+
+	logrus.Debugf("Getting volume reference for name: %s", name)
+	s.globalLock.Lock()
+	v, exists := s.names[name]
+	s.globalLock.Unlock()
+	if exists {
+		vd, err := volumedrivers.GetDriver(v.DriverName())
+		if err != nil {
+			return nil, err
+		}
+		vol, err := vd.Get(name)
+		if err != nil {
+			return nil, err
+		}
+		return volumeWithLabels{vol, labels}, nil
+	}
+
+	logrus.Debugf("Probing all drivers for volume with name: %s", name)
+	drivers, err := volumedrivers.GetAllDrivers()
+	if err != nil {
+		return nil, err
+	}
+
+	for _, d := range drivers {
+		v, err := d.Get(name)
+		if err != nil {
+			continue
+		}
+
+		return volumeWithLabels{v, labels}, nil
+	}
+	return nil, errNoSuchVolume
+}
+
+// Remove removes the requested volume. A volume is not removed if it has any refs
+func (s *VolumeStore) Remove(v volume.Volume) error {
+	name := normaliseVolumeName(v.Name())
+	s.locks.Lock(name)
+	defer s.locks.Unlock(name)
+
+	if refs, exists := s.refs[name]; exists && len(refs) > 0 {
+		return &OpErr{Err: errVolumeInUse, Name: v.Name(), Op: "remove", Refs: refs}
+	}
+
+	vd, err := volumedrivers.GetDriver(v.DriverName())
+	if err != nil {
+		return &OpErr{Err: err, Name: vd.Name(), Op: "remove"}
+	}
+
+	logrus.Debugf("Removing volume reference: driver %s, name %s", v.DriverName(), name)
+	vol := withoutLabels(v)
+	if err := vd.Remove(vol); err != nil {
+		return &OpErr{Err: err, Name: name, Op: "remove"}
+	}
+
+	s.purge(name)
+	return nil
+}
+
+// Dereference removes the specified reference to the volume
+func (s *VolumeStore) Dereference(v volume.Volume, ref string) {
+	s.locks.Lock(v.Name())
+	defer s.locks.Unlock(v.Name())
+
+	s.globalLock.Lock()
+	defer s.globalLock.Unlock()
+	var refs []string
+
+	for _, r := range s.refs[v.Name()] {
+		if r != ref {
+			refs = append(refs, r)
+		}
+	}
+	s.refs[v.Name()] = refs
+}
+
+// Refs gets the current list of refs for the given volume
+func (s *VolumeStore) Refs(v volume.Volume) []string {
+	s.locks.Lock(v.Name())
+	defer s.locks.Unlock(v.Name())
+
+	s.globalLock.Lock()
+	defer s.globalLock.Unlock()
+	refs, exists := s.refs[v.Name()]
+	if !exists {
+		return nil
+	}
+
+	refsOut := make([]string, len(refs))
+	copy(refsOut, refs)
+	return refsOut
+}
+
+// FilterByDriver returns the available volumes filtered by driver name
+func (s *VolumeStore) FilterByDriver(name string) ([]volume.Volume, error) {
+	vd, err := volumedrivers.GetDriver(name)
+	if err != nil {
+		return nil, &OpErr{Err: err, Name: name, Op: "list"}
+	}
+	ls, err := vd.List()
+	if err != nil {
+		return nil, &OpErr{Err: err, Name: name, Op: "list"}
+	}
+	return ls, nil
+}
+
+// FilterByUsed returns the available volumes filtered by if they are in use or not.
+// `used=true` returns only volumes that are being used, while `used=false` returns
+// only volumes that are not being used.
+func (s *VolumeStore) FilterByUsed(vols []volume.Volume, used bool) []volume.Volume {
+	return s.filter(vols, func(v volume.Volume) bool {
+		s.locks.Lock(v.Name())
+		l := len(s.refs[v.Name()])
+		s.locks.Unlock(v.Name())
+		if (used && l > 0) || (!used && l == 0) {
+			return true
+		}
+		return false
+	})
+}
+
+// filterFunc defines a function to allow filter volumes in the store
+type filterFunc func(vol volume.Volume) bool
+
+// filter returns the available volumes filtered by a filterFunc function
+func (s *VolumeStore) filter(vols []volume.Volume, f filterFunc) []volume.Volume {
+	var ls []volume.Volume
+	for _, v := range vols {
+		if f(v) {
+			ls = append(ls, v)
+		}
+	}
+	return ls
+}
+
+func withoutLabels(v volume.Volume) volume.Volume {
+	if vol, ok := v.(volumeWithLabels); ok {
+		return vol.Volume
+	}
+
+	return v
+}
diff --git a/volume/store/store_test.go b/volume/store/store_test.go
new file mode 100644
index 00000000..4f3e3cbd
--- /dev/null
+++ b/volume/store/store_test.go
@@ -0,0 +1,201 @@
+package store
+
+import (
+	"errors"
+	"strings"
+	"testing"
+
+	"github.com/docker/docker/volume/drivers"
+	vt "github.com/docker/docker/volume/testutils"
+)
+
+func TestCreate(t *testing.T) {
+	volumedrivers.Register(vt.NewFakeDriver("fake"), "fake")
+	defer volumedrivers.Unregister("fake")
+	s, err := New("")
+	if err != nil {
+		t.Fatal(err)
+	}
+	v, err := s.Create("fake1", "fake", nil, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if v.Name() != "fake1" {
+		t.Fatalf("Expected fake1 volume, got %v", v)
+	}
+	if l, _, _ := s.List(); len(l) != 1 {
+		t.Fatalf("Expected 1 volume in the store, got %v: %v", len(l), l)
+	}
+
+	if _, err := s.Create("none", "none", nil, nil); err == nil {
+		t.Fatalf("Expected unknown driver error, got nil")
+	}
+
+	_, err = s.Create("fakeerror", "fake", map[string]string{"error": "create error"}, nil)
+	expected := &OpErr{Op: "create", Name: "fakeerror", Err: errors.New("create error")}
+	if err != nil && err.Error() != expected.Error() {
+		t.Fatalf("Expected create fakeError: create error, got %v", err)
+	}
+}
+
+func TestRemove(t *testing.T) {
+	volumedrivers.Register(vt.NewFakeDriver("fake"), "fake")
+	volumedrivers.Register(vt.NewFakeDriver("noop"), "noop")
+	defer volumedrivers.Unregister("fake")
+	defer volumedrivers.Unregister("noop")
+	s, err := New("")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// doing string compare here since this error comes directly from the driver
+	expected := "no such volume"
+	if err := s.Remove(vt.NoopVolume{}); err == nil || !strings.Contains(err.Error(), expected) {
+		t.Fatalf("Expected error %q, got %v", expected, err)
+	}
+
+	v, err := s.CreateWithRef("fake1", "fake", "fake", nil, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if err := s.Remove(v); !IsInUse(err) {
+		t.Fatalf("Expected ErrVolumeInUse error, got %v", err)
+	}
+	s.Dereference(v, "fake")
+	if err := s.Remove(v); err != nil {
+		t.Fatal(err)
+	}
+	if l, _, _ := s.List(); len(l) != 0 {
+		t.Fatalf("Expected 0 volumes in the store, got %v, %v", len(l), l)
+	}
+}
+
+func TestList(t *testing.T) {
+	volumedrivers.Register(vt.NewFakeDriver("fake"), "fake")
+	volumedrivers.Register(vt.NewFakeDriver("fake2"), "fake2")
+	defer volumedrivers.Unregister("fake")
+	defer volumedrivers.Unregister("fake2")
+
+	s, err := New("")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if _, err := s.Create("test", "fake", nil, nil); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := s.Create("test2", "fake2", nil, nil); err != nil {
+		t.Fatal(err)
+	}
+
+	ls, _, err := s.List()
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(ls) != 2 {
+		t.Fatalf("expected 2 volumes, got: %d", len(ls))
+	}
+
+	// and again with a new store
+	s, err = New("")
+	if err != nil {
+		t.Fatal(err)
+	}
+	ls, _, err = s.List()
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(ls) != 2 {
+		t.Fatalf("expected 2 volumes, got: %d", len(ls))
+	}
+}
+
+func TestFilterByDriver(t *testing.T) {
+	volumedrivers.Register(vt.NewFakeDriver("fake"), "fake")
+	volumedrivers.Register(vt.NewFakeDriver("noop"), "noop")
+	defer volumedrivers.Unregister("fake")
+	defer volumedrivers.Unregister("noop")
+	s, err := New("")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := s.Create("fake1", "fake", nil, nil); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := s.Create("fake2", "fake", nil, nil); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := s.Create("fake3", "noop", nil, nil); err != nil {
+		t.Fatal(err)
+	}
+
+	if l, _ := s.FilterByDriver("fake"); len(l) != 2 {
+		t.Fatalf("Expected 2 volumes, got %v, %v", len(l), l)
+	}
+
+	if l, _ := s.FilterByDriver("noop"); len(l) != 1 {
+		t.Fatalf("Expected 1 volume, got %v, %v", len(l), l)
+	}
+}
+
+func TestFilterByUsed(t *testing.T) {
+	volumedrivers.Register(vt.NewFakeDriver("fake"), "fake")
+	volumedrivers.Register(vt.NewFakeDriver("noop"), "noop")
+
+	s, err := New("")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := s.CreateWithRef("fake1", "fake", "volReference", nil, nil); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := s.Create("fake2", "fake", nil, nil); err != nil {
+		t.Fatal(err)
+	}
+
+	vols, _, err := s.List()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	dangling := s.FilterByUsed(vols, false)
+	if len(dangling) != 1 {
+		t.Fatalf("expected 1 danging volume, got %v", len(dangling))
+	}
+	if dangling[0].Name() != "fake2" {
+		t.Fatalf("expected danging volume fake2, got %s", dangling[0].Name())
+	}
+
+	used := s.FilterByUsed(vols, true)
+	if len(used) != 1 {
+		t.Fatalf("expected 1 used volume, got %v", len(used))
+	}
+	if used[0].Name() != "fake1" {
+		t.Fatalf("expected used volume fake1, got %s", used[0].Name())
+	}
+}
+
+func TestDerefMultipleOfSameRef(t *testing.T) {
+	volumedrivers.Register(vt.NewFakeDriver("fake"), "fake")
+
+	s, err := New("")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	v, err := s.CreateWithRef("fake1", "fake", "volReference", nil, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := s.GetWithRef("fake1", "fake", "volReference"); err != nil {
+		t.Fatal(err)
+	}
+
+	s.Dereference(v, "volReference")
+	if err := s.Remove(v); err != nil {
+		t.Fatal(err)
+	}
+}
diff --git a/volume/store/store_unix.go b/volume/store/store_unix.go
new file mode 100644
index 00000000..319c541d
--- /dev/null
+++ b/volume/store/store_unix.go
@@ -0,0 +1,9 @@
+// +build linux freebsd
+
+package store
+
+// normaliseVolumeName is a platform specific function to normalise the name
+// of a volume. This is a no-op on Unix-like platforms
+func normaliseVolumeName(name string) string {
+	return name
+}
diff --git a/volume/store/store_windows.go b/volume/store/store_windows.go
new file mode 100644
index 00000000..8601cdd5
--- /dev/null
+++ b/volume/store/store_windows.go
@@ -0,0 +1,12 @@
+package store
+
+import "strings"
+
+// normaliseVolumeName is a platform specific function to normalise the name
+// of a volume. On Windows, as NTFS is case insensitive, under
+// c:\ProgramData\Docker\Volumes\, the folders John and john would be synonymous.
+// Hence we can't allow the volume "John" and "john" to be created as separate
+// volumes.
+func normaliseVolumeName(name string) string {
+	return strings.ToLower(name)
+}
diff --git a/volume/testutils/testutils.go b/volume/testutils/testutils.go
new file mode 100644
index 00000000..65353369
--- /dev/null
+++ b/volume/testutils/testutils.go
@@ -0,0 +1,105 @@
+package volumetestutils
+
+import (
+	"fmt"
+
+	"github.com/docker/docker/volume"
+)
+
+// NoopVolume is a volume that doesn't perform any operation
+type NoopVolume struct{}
+
+// Name is the name of the volume
+func (NoopVolume) Name() string { return "noop" }
+
+// DriverName is the name of the driver
+func (NoopVolume) DriverName() string { return "noop" }
+
+// Path is the filesystem path to the volume
+func (NoopVolume) Path() string { return "noop" }
+
+// Mount mounts the volume in the container
+func (NoopVolume) Mount() (string, error) { return "noop", nil }
+
+// Unmount unmounts the volume from the container
+func (NoopVolume) Unmount() error { return nil }
+
+// FakeVolume is a fake volume with a random name
+type FakeVolume struct {
+	name       string
+	driverName string
+}
+
+// NewFakeVolume creates a new fake volume for testing
+func NewFakeVolume(name string, driverName string) volume.Volume {
+	return FakeVolume{name: name, driverName: driverName}
+}
+
+// Name is the name of the volume
+func (f FakeVolume) Name() string { return f.name }
+
+// DriverName is the name of the driver
+func (f FakeVolume) DriverName() string { return f.driverName }
+
+// Path is the filesystem path to the volume
+func (FakeVolume) Path() string { return "fake" }
+
+// Mount mounts the volume in the container
+func (FakeVolume) Mount() (string, error) { return "fake", nil }
+
+// Unmount unmounts the volume from the container
+func (FakeVolume) Unmount() error { return nil }
+
+// FakeDriver is a driver that generates fake volumes
+type FakeDriver struct {
+	name string
+	vols map[string]volume.Volume
+}
+
+// NewFakeDriver creates a new FakeDriver with the specified name
+func NewFakeDriver(name string) volume.Driver {
+	return &FakeDriver{
+		name: name,
+		vols: make(map[string]volume.Volume),
+	}
+}
+
+// Name is the name of the driver
+func (d *FakeDriver) Name() string { return d.name }
+
+// Create initializes a fake volume.
+// It returns an error if the options include an "error" key with a message
+func (d *FakeDriver) Create(name string, opts map[string]string) (volume.Volume, error) {
+	if opts != nil && opts["error"] != "" {
+		return nil, fmt.Errorf(opts["error"])
+	}
+	v := NewFakeVolume(name, d.name)
+	d.vols[name] = v
+	return v, nil
+}
+
+// Remove deletes a volume.
+func (d *FakeDriver) Remove(v volume.Volume) error {
+	if _, exists := d.vols[v.Name()]; !exists {
+		return fmt.Errorf("no such volume")
+	}
+	delete(d.vols, v.Name())
+	return nil
+}
+
+// List lists the volumes
+func (d *FakeDriver) List() ([]volume.Volume, error) {
+	var vols []volume.Volume
+	for _, v := range d.vols {
+		vols = append(vols, v)
+	}
+	return vols, nil
+}
+
+// Get gets the volume
+func (d *FakeDriver) Get(name string) (volume.Volume, error) {
+	if v, exists := d.vols[name]; exists {
+		return v, nil
+	}
+	return nil, fmt.Errorf("no such volume")
+}
diff --git a/volume/volume.go b/volume/volume.go
new file mode 100644
index 00000000..077cddfb
--- /dev/null
+++ b/volume/volume.go
@@ -0,0 +1,133 @@
+package volume
+
+import (
+	"fmt"
+	"os"
+	"runtime"
+	"strings"
+)
+
+// DefaultDriverName is the driver name used for the driver
+// implemented in the local package.
+const DefaultDriverName string = "local"
+
+// Driver is for creating and removing volumes.
+type Driver interface {
+	// Name returns the name of the volume driver.
+	Name() string
+	// Create makes a new volume with the given id.
+	Create(name string, opts map[string]string) (Volume, error)
+	// Remove deletes the volume.
+	Remove(vol Volume) (err error)
+	// List lists all the volumes the driver has
+	List() ([]Volume, error)
+	// Get retrieves the volume with the requested name
+	Get(name string) (Volume, error)
+}
+
+// Volume is a place to store data. It is backed by a specific driver, and can be mounted.
+type Volume interface {
+	// Name returns the name of the volume
+	Name() string
+	// DriverName returns the name of the driver which owns this volume.
+	DriverName() string
+	// Path returns the absolute path to the volume.
+	Path() string
+	// Mount mounts the volume and returns the absolute path to
+	// where it can be consumed.
+	Mount() (string, error)
+	// Unmount unmounts the volume when it is no longer in use.
+	Unmount() error
+}
+
+// MountPoint is the intersection point between a volume and a container. It
+// specifies which volume is to be used and where inside a container it should
+// be mounted.
+type MountPoint struct {
+	Source      string // Container host directory
+	Destination string // Inside the container
+	RW          bool   // True if writable
+	Name        string // Name set by user
+	Driver      string // Volume driver to use
+	Volume      Volume `json:"-"`
+
+	// Note Mode is not used on Windows
+	Mode string `json:"Relabel"` // Originally field was `Relabel`"
+
+	// Note Propagation is not used on Windows
+	Propagation string // Mount propagation string
+	Named       bool   // specifies if the mountpoint was specified by name
+
+	// Specifies if data should be copied from the container before the first mount
+	// Use a pointer here so we can tell if the user set this value explicitly
+	// This allows us to error out when the user explicitly enabled copy but we can't copy due to the volume being populated
+	CopyData bool `json:"-"`
+}
+
+// Setup sets up a mount point by either mounting the volume if it is
+// configured, or creating the source directory if supplied.
+func (m *MountPoint) Setup() (string, error) {
+	if m.Volume != nil {
+		return m.Volume.Mount()
+	}
+	if len(m.Source) > 0 {
+		if _, err := os.Stat(m.Source); err != nil {
+			if !os.IsNotExist(err) {
+				return "", err
+			}
+			if runtime.GOOS != "windows" { // Windows does not have deprecation issues here
+				if err := os.MkdirAll(m.Source, 0755); err != nil {
+					return "", err
+				}
+			}
+		}
+		return m.Source, nil
+	}
+	return "", fmt.Errorf("Unable to setup mount point, neither source nor volume defined")
+}
+
+// Path returns the path of a volume in a mount point.
+func (m *MountPoint) Path() string {
+	if m.Volume != nil {
+		return m.Volume.Path()
+	}
+	return m.Source
+}
+
+// ParseVolumesFrom ensures that the supplied volumes-from is valid.
+func ParseVolumesFrom(spec string) (string, string, error) {
+	if len(spec) == 0 {
+		return "", "", fmt.Errorf("malformed volumes-from specification: %s", spec)
+	}
+
+	specParts := strings.SplitN(spec, ":", 2)
+	id := specParts[0]
+	mode := "rw"
+
+	if len(specParts) == 2 {
+		mode = specParts[1]
+		if !ValidMountMode(mode) {
+			return "", "", errInvalidMode(mode)
+		}
+		// For now don't allow propagation properties while importing
+		// volumes from data container. These volumes will inherit
+		// the same propagation property as of the original volume
+		// in data container. This probably can be relaxed in future.
+		if HasPropagation(mode) {
+			return "", "", errInvalidMode(mode)
+		}
+		// Do not allow copy modes on volumes-from
+		if _, isSet := getCopyMode(mode); isSet {
+			return "", "", errInvalidMode(mode)
+		}
+	}
+	return id, mode, nil
+}
+
+func errInvalidMode(mode string) error {
+	return fmt.Errorf("invalid mode: %v", mode)
+}
+
+func errInvalidSpec(spec string) error {
+	return fmt.Errorf("Invalid volume specification: '%s'", spec)
+}
diff --git a/volume/volume_copy.go b/volume/volume_copy.go
new file mode 100644
index 00000000..067537fb
--- /dev/null
+++ b/volume/volume_copy.go
@@ -0,0 +1,28 @@
+package volume
+
+import "strings"
+
+const (
+	// DefaultCopyMode is the copy mode used by default for normal/named volumes
+	DefaultCopyMode = true
+)
+
+// {<copy mode>=isEnabled}
+var copyModes = map[string]bool{
+	"nocopy": false,
+}
+
+func copyModeExists(mode string) bool {
+	_, exists := copyModes[mode]
+	return exists
+}
+
+// GetCopyMode gets the copy mode from the mode string for mounts
+func getCopyMode(mode string) (bool, bool) {
+	for _, o := range strings.Split(mode, ",") {
+		if isEnabled, exists := copyModes[o]; exists {
+			return isEnabled, true
+		}
+	}
+	return DefaultCopyMode, false
+}
diff --git a/volume/volume_propagation_linux.go b/volume/volume_propagation_linux.go
new file mode 100644
index 00000000..f5f28205
--- /dev/null
+++ b/volume/volume_propagation_linux.go
@@ -0,0 +1,44 @@
+// +build linux
+
+package volume
+
+import (
+	"strings"
+)
+
+// DefaultPropagationMode defines what propagation mode should be used by
+// default if user has not specified one explicitly.
+const DefaultPropagationMode string = "rprivate"
+
+// propagation modes
+var propagationModes = map[string]bool{
+	"private":  true,
+	"rprivate": true,
+	"slave":    true,
+	"rslave":   true,
+	"shared":   true,
+	"rshared":  true,
+}
+
+// GetPropagation extracts and returns the mount propagation mode. If there
+// are no specifications, then by default it is "private".
+func GetPropagation(mode string) string {
+	for _, o := range strings.Split(mode, ",") {
+		if propagationModes[o] {
+			return o
+		}
+	}
+	return DefaultPropagationMode
+}
+
+// HasPropagation checks if there is a valid propagation mode present in
+// passed string. Returns true if a valid propagation mode specifier is
+// present, false otherwise.
+func HasPropagation(mode string) bool {
+	for _, o := range strings.Split(mode, ",") {
+		if propagationModes[o] {
+			return true
+		}
+	}
+	return false
+}
diff --git a/volume/volume_propagation_linux_test.go b/volume/volume_propagation_linux_test.go
new file mode 100644
index 00000000..e579fa05
--- /dev/null
+++ b/volume/volume_propagation_linux_test.go
@@ -0,0 +1,65 @@
+// +build linux
+
+package volume
+
+import (
+	"strings"
+	"testing"
+)
+
+func TestParseMountSpecPropagation(t *testing.T) {
+	var (
+		valid   []string
+		invalid map[string]string
+	)
+
+	valid = []string{
+		"/hostPath:/containerPath:shared",
+		"/hostPath:/containerPath:rshared",
+		"/hostPath:/containerPath:slave",
+		"/hostPath:/containerPath:rslave",
+		"/hostPath:/containerPath:private",
+		"/hostPath:/containerPath:rprivate",
+		"/hostPath:/containerPath:ro,shared",
+		"/hostPath:/containerPath:ro,slave",
+		"/hostPath:/containerPath:ro,private",
+		"/hostPath:/containerPath:ro,z,shared",
+		"/hostPath:/containerPath:ro,Z,slave",
+		"/hostPath:/containerPath:Z,ro,slave",
+		"/hostPath:/containerPath:slave,Z,ro",
+		"/hostPath:/containerPath:Z,slave,ro",
+		"/hostPath:/containerPath:slave,ro,Z",
+		"/hostPath:/containerPath:rslave,ro,Z",
+		"/hostPath:/containerPath:ro,rshared,Z",
+		"/hostPath:/containerPath:ro,Z,rprivate",
+	}
+	invalid = map[string]string{
+		"/path:/path:ro,rshared,rslave":   `invalid mode: ro,rshared,rslave`,
+		"/path:/path:ro,z,rshared,rslave": `invalid mode: ro,z,rshared,rslave`,
+		"/path:shared":                    "Invalid volume specification",
+		"/path:slave":                     "Invalid volume specification",
+		"/path:private":                   "Invalid volume specification",
+		"name:/absolute-path:shared":      "Invalid volume specification",
+		"name:/absolute-path:rshared":     "Invalid volume specification",
+		"name:/absolute-path:slave":       "Invalid volume specification",
+		"name:/absolute-path:rslave":      "Invalid volume specification",
+		"name:/absolute-path:private":     "Invalid volume specification",
+		"name:/absolute-path:rprivate":    "Invalid volume specification",
+	}
+
+	for _, path := range valid {
+		if _, err := ParseMountSpec(path, "local"); err != nil {
+			t.Fatalf("ParseMountSpec(`%q`) should succeed: error %q", path, err)
+		}
+	}
+
+	for path, expectedError := range invalid {
+		if _, err := ParseMountSpec(path, "local"); err == nil {
+			t.Fatalf("ParseMountSpec(`%q`) should have failed validation. Err %v", path, err)
+		} else {
+			if !strings.Contains(err.Error(), expectedError) {
+				t.Fatalf("ParseMountSpec(`%q`) error should contain %q, got %v", path, expectedError, err.Error())
+			}
+		}
+	}
+}
diff --git a/volume/volume_propagation_unsupported.go b/volume/volume_propagation_unsupported.go
new file mode 100644
index 00000000..0edc89ab
--- /dev/null
+++ b/volume/volume_propagation_unsupported.go
@@ -0,0 +1,22 @@
+// +build !linux
+
+package volume
+
+// DefaultPropagationMode is used only in linux. In other cases it returns
+// empty string.
+const DefaultPropagationMode string = ""
+
+// propagation modes not supported on this platform.
+var propagationModes = map[string]bool{}
+
+// GetPropagation is not supported. Return empty string.
+func GetPropagation(mode string) string {
+	return DefaultPropagationMode
+}
+
+// HasPropagation checks if there is a valid propagation mode present in
+// passed string. Returns true if a valid propagation mode specifier is
+// present, false otherwise.
+func HasPropagation(mode string) bool {
+	return false
+}
diff --git a/volume/volume_test.go b/volume/volume_test.go
new file mode 100644
index 00000000..0077e82b
--- /dev/null
+++ b/volume/volume_test.go
@@ -0,0 +1,212 @@
+package volume
+
+import (
+	"runtime"
+	"strings"
+	"testing"
+)
+
+func TestParseMountSpec(t *testing.T) {
+	var (
+		valid   []string
+		invalid map[string]string
+	)
+
+	if runtime.GOOS == "windows" {
+		valid = []string{
+			`d:\`,
+			`d:`,
+			`d:\path`,
+			`d:\path with space`,
+			// TODO Windows post TP4 - readonly support `d:\pathandmode:ro`,
+			`c:\:d:\`,
+			`c:\windows\:d:`,
+			`c:\windows:d:\s p a c e`,
+			`c:\windows:d:\s p a c e:RW`,
+			`c:\program files:d:\s p a c e i n h o s t d i r`,
+			`0123456789name:d:`,
+			`MiXeDcAsEnAmE:d:`,
+			`name:D:`,
+			`name:D::rW`,
+			`name:D::RW`,
+			// TODO Windows post TP4 - readonly support `name:D::RO`,
+			`c:/:d:/forward/slashes/are/good/too`,
+			// TODO Windows post TP4 - readonly support `c:/:d:/including with/spaces:ro`,
+			`c:\Windows`,             // With capital
+			`c:\Program Files (x86)`, // With capitals and brackets
+		}
+		invalid = map[string]string{
+			``:                                 "Invalid volume specification: ",
+			`.`:                                "Invalid volume specification: ",
+			`..\`:                              "Invalid volume specification: ",
+			`c:\:..\`:                          "Invalid volume specification: ",
+			`c:\:d:\:xyzzy`:                    "Invalid volume specification: ",
+			`c:`:                               "cannot be c:",
+			`c:\`:                              `cannot be c:\`,
+			`c:\notexist:d:`:                   `The system cannot find the file specified`,
+			`c:\windows\system32\ntdll.dll:d:`: `Source 'c:\windows\system32\ntdll.dll' is not a directory`,
+			`name<:d:`:                         `Invalid volume specification`,
+			`name>:d:`:                         `Invalid volume specification`,
+			`name::d:`:                         `Invalid volume specification`,
+			`name":d:`:                         `Invalid volume specification`,
+			`name\:d:`:                         `Invalid volume specification`,
+			`name*:d:`:                         `Invalid volume specification`,
+			`name|:d:`:                         `Invalid volume specification`,
+			`name?:d:`:                         `Invalid volume specification`,
+			`name/:d:`:                         `Invalid volume specification`,
+			`d:\pathandmode:rw`:                `Invalid volume specification`,
+			`con:d:`:                           `cannot be a reserved word for Windows filenames`,
+			`PRN:d:`:                           `cannot be a reserved word for Windows filenames`,
+			`aUx:d:`:                           `cannot be a reserved word for Windows filenames`,
+			`nul:d:`:                           `cannot be a reserved word for Windows filenames`,
+			`com1:d:`:                          `cannot be a reserved word for Windows filenames`,
+			`com2:d:`:                          `cannot be a reserved word for Windows filenames`,
+			`com3:d:`:                          `cannot be a reserved word for Windows filenames`,
+			`com4:d:`:                          `cannot be a reserved word for Windows filenames`,
+			`com5:d:`:                          `cannot be a reserved word for Windows filenames`,
+			`com6:d:`:                          `cannot be a reserved word for Windows filenames`,
+			`com7:d:`:                          `cannot be a reserved word for Windows filenames`,
+			`com8:d:`:                          `cannot be a reserved word for Windows filenames`,
+			`com9:d:`:                          `cannot be a reserved word for Windows filenames`,
+			`lpt1:d:`:                          `cannot be a reserved word for Windows filenames`,
+			`lpt2:d:`:                          `cannot be a reserved word for Windows filenames`,
+			`lpt3:d:`:                          `cannot be a reserved word for Windows filenames`,
+			`lpt4:d:`:                          `cannot be a reserved word for Windows filenames`,
+			`lpt5:d:`:                          `cannot be a reserved word for Windows filenames`,
+			`lpt6:d:`:                          `cannot be a reserved word for Windows filenames`,
+			`lpt7:d:`:                          `cannot be a reserved word for Windows filenames`,
+			`lpt8:d:`:                          `cannot be a reserved word for Windows filenames`,
+			`lpt9:d:`:                          `cannot be a reserved word for Windows filenames`,
+		}
+
+	} else {
+		valid = []string{
+			"/home",
+			"/home:/home",
+			"/home:/something/else",
+			"/with space",
+			"/home:/with space",
+			"relative:/absolute-path",
+			"hostPath:/containerPath:ro",
+			"/hostPath:/containerPath:rw",
+			"/rw:/ro",
+		}
+		invalid = map[string]string{
+			"":                "Invalid volume specification",
+			"./":              "Invalid volume destination",
+			"../":             "Invalid volume destination",
+			"/:../":           "Invalid volume destination",
+			"/:path":          "Invalid volume destination",
+			":":               "Invalid volume specification",
+			"/tmp:":           "Invalid volume destination",
+			":test":           "Invalid volume specification",
+			":/test":          "Invalid volume specification",
+			"tmp:":            "Invalid volume destination",
+			":test:":          "Invalid volume specification",
+			"::":              "Invalid volume specification",
+			":::":             "Invalid volume specification",
+			"/tmp:::":         "Invalid volume specification",
+			":/tmp::":         "Invalid volume specification",
+			"/path:rw":        "Invalid volume specification",
+			"/path:ro":        "Invalid volume specification",
+			"/rw:rw":          "Invalid volume specification",
+			"path:ro":         "Invalid volume specification",
+			"/path:/path:sw":  `invalid mode: sw`,
+			"/path:/path:rwz": `invalid mode: rwz`,
+		}
+	}
+
+	for _, path := range valid {
+		if _, err := ParseMountSpec(path, "local"); err != nil {
+			t.Fatalf("ParseMountSpec(`%q`) should succeed: error %q", path, err)
+		}
+	}
+
+	for path, expectedError := range invalid {
+		if _, err := ParseMountSpec(path, "local"); err == nil {
+			t.Fatalf("ParseMountSpec(`%q`) should have failed validation. Err %v", path, err)
+		} else {
+			if !strings.Contains(err.Error(), expectedError) {
+				t.Fatalf("ParseMountSpec(`%q`) error should contain %q, got %v", path, expectedError, err.Error())
+			}
+		}
+	}
+}
+
+// testParseMountSpec is a structure used by TestParseMountSpecSplit for
+// specifying test cases for the ParseMountSpec() function.
+type testParseMountSpec struct {
+	bind      string
+	driver    string
+	expDest   string
+	expSource string
+	expName   string
+	expDriver string
+	expRW     bool
+	fail      bool
+}
+
+func TestParseMountSpecSplit(t *testing.T) {
+	var cases []testParseMountSpec
+	if runtime.GOOS == "windows" {
+		cases = []testParseMountSpec{
+			{`c:\:d:`, "local", `d:`, `c:\`, ``, "", true, false},
+			{`c:\:d:\`, "local", `d:\`, `c:\`, ``, "", true, false},
+			// TODO Windows post TP4 - Add readonly support {`c:\:d:\:ro`, "local", `d:\`, `c:\`, ``, "", false, false},
+			{`c:\:d:\:rw`, "local", `d:\`, `c:\`, ``, "", true, false},
+			{`c:\:d:\:foo`, "local", `d:\`, `c:\`, ``, "", false, true},
+			{`name:d::rw`, "local", `d:`, ``, `name`, "local", true, false},
+			{`name:d:`, "local", `d:`, ``, `name`, "local", true, false},
+			// TODO Windows post TP4 - Add readonly support {`name:d::ro`, "local", `d:`, ``, `name`, "local", false, false},
+			{`name:c:`, "", ``, ``, ``, "", true, true},
+			{`driver/name:c:`, "", ``, ``, ``, "", true, true},
+		}
+	} else {
+		cases = []testParseMountSpec{
+			{"/tmp:/tmp1", "", "/tmp1", "/tmp", "", "", true, false},
+			{"/tmp:/tmp2:ro", "", "/tmp2", "/tmp", "", "", false, false},
+			{"/tmp:/tmp3:rw", "", "/tmp3", "/tmp", "", "", true, false},
+			{"/tmp:/tmp4:foo", "", "", "", "", "", false, true},
+			{"name:/named1", "", "/named1", "", "name", "", true, false},
+			{"name:/named2", "external", "/named2", "", "name", "external", true, false},
+			{"name:/named3:ro", "local", "/named3", "", "name", "local", false, false},
+			{"local/name:/tmp:rw", "", "/tmp", "", "local/name", "", true, false},
+			{"/tmp:tmp", "", "", "", "", "", true, true},
+		}
+	}
+
+	for _, c := range cases {
+		m, err := ParseMountSpec(c.bind, c.driver)
+		if c.fail {
+			if err == nil {
+				t.Fatalf("Expected error, was nil, for spec %s\n", c.bind)
+			}
+			continue
+		}
+
+		if m == nil || err != nil {
+			t.Fatalf("ParseMountSpec failed for spec %s driver %s error %v\n", c.bind, c.driver, err.Error())
+			continue
+		}
+
+		if m.Destination != c.expDest {
+			t.Fatalf("Expected destination %s, was %s, for spec %s\n", c.expDest, m.Destination, c.bind)
+		}
+
+		if m.Source != c.expSource {
+			t.Fatalf("Expected source %s, was %s, for spec %s\n", c.expSource, m.Source, c.bind)
+		}
+
+		if m.Name != c.expName {
+			t.Fatalf("Expected name %s, was %s for spec %s\n", c.expName, m.Name, c.bind)
+		}
+
+		if m.Driver != c.expDriver {
+			t.Fatalf("Expected driver %s, was %s, for spec %s\n", c.expDriver, m.Driver, c.bind)
+		}
+
+		if m.RW != c.expRW {
+			t.Fatalf("Expected RW %v, was %v for spec %s\n", c.expRW, m.RW, c.bind)
+		}
+	}
+}
diff --git a/volume/volume_unix.go b/volume/volume_unix.go
new file mode 100644
index 00000000..2520d7c1
--- /dev/null
+++ b/volume/volume_unix.go
@@ -0,0 +1,186 @@
+// +build linux freebsd darwin solaris
+
+package volume
+
+import (
+	"fmt"
+	"path/filepath"
+	"strings"
+)
+
+// read-write modes
+var rwModes = map[string]bool{
+	"rw": true,
+	"ro": true,
+}
+
+// label modes
+var labelModes = map[string]bool{
+	"Z": true,
+	"z": true,
+}
+
+// BackwardsCompatible decides whether this mount point can be
+// used in old versions of Docker or not.
+// Only bind mounts and local volumes can be used in old versions of Docker.
+func (m *MountPoint) BackwardsCompatible() bool {
+	return len(m.Source) > 0 || m.Driver == DefaultDriverName
+}
+
+// HasResource checks whether the given absolute path for a container is in
+// this mount point. If the relative path starts with `../` then the resource
+// is outside of this mount point, but we can't simply check for this prefix
+// because it misses `..` which is also outside of the mount, so check both.
+func (m *MountPoint) HasResource(absolutePath string) bool {
+	relPath, err := filepath.Rel(m.Destination, absolutePath)
+	return err == nil && relPath != ".." && !strings.HasPrefix(relPath, fmt.Sprintf("..%c", filepath.Separator))
+}
+
+// ParseMountSpec validates the configuration of mount information is valid.
+func ParseMountSpec(spec, volumeDriver string) (*MountPoint, error) {
+	spec = filepath.ToSlash(spec)
+
+	mp := &MountPoint{
+		RW:          true,
+		Propagation: DefaultPropagationMode,
+	}
+	if strings.Count(spec, ":") > 2 {
+		return nil, errInvalidSpec(spec)
+	}
+
+	arr := strings.SplitN(spec, ":", 3)
+	if arr[0] == "" {
+		return nil, errInvalidSpec(spec)
+	}
+
+	switch len(arr) {
+	case 1:
+		// Just a destination path in the container
+		mp.Destination = filepath.Clean(arr[0])
+	case 2:
+		if isValid := ValidMountMode(arr[1]); isValid {
+			// Destination + Mode is not a valid volume - volumes
+			// cannot include a mode. eg /foo:rw
+			return nil, errInvalidSpec(spec)
+		}
+		// Host Source Path or Name + Destination
+		mp.Source = arr[0]
+		mp.Destination = arr[1]
+	case 3:
+		// HostSourcePath+DestinationPath+Mode
+		mp.Source = arr[0]
+		mp.Destination = arr[1]
+		mp.Mode = arr[2] // Mode field is used by SELinux to decide whether to apply label
+		if !ValidMountMode(mp.Mode) {
+			return nil, errInvalidMode(mp.Mode)
+		}
+		mp.RW = ReadWrite(mp.Mode)
+		mp.Propagation = GetPropagation(mp.Mode)
+	default:
+		return nil, errInvalidSpec(spec)
+	}
+
+	//validate the volumes destination path
+	mp.Destination = filepath.Clean(mp.Destination)
+	if !filepath.IsAbs(mp.Destination) {
+		return nil, fmt.Errorf("Invalid volume destination path: '%s' mount path must be absolute.", mp.Destination)
+	}
+
+	// Destination cannot be "/"
+	if mp.Destination == "/" {
+		return nil, fmt.Errorf("Invalid specification: destination can't be '/' in '%s'", spec)
+	}
+
+	name, source := ParseVolumeSource(mp.Source)
+	if len(source) == 0 {
+		mp.Source = "" // Clear it out as we previously assumed it was not a name
+		mp.Driver = volumeDriver
+		// Named volumes can't have propagation properties specified.
+		// Their defaults will be decided by docker. This is just a
+		// safeguard. Don't want to get into situations where named
+		// volumes were mounted as '[r]shared' inside container and
+		// container does further mounts under that volume and these
+		// mounts become visible on  host and later original volume
+		// cleanup becomes an issue if container does not unmount
+		// submounts explicitly.
+		if HasPropagation(mp.Mode) {
+			return nil, errInvalidSpec(spec)
+		}
+	} else {
+		mp.Source = filepath.Clean(source)
+	}
+
+	copyData, isSet := getCopyMode(mp.Mode)
+	// do not allow copy modes on binds
+	if len(name) == 0 && isSet {
+		return nil, errInvalidMode(mp.Mode)
+	}
+
+	mp.CopyData = copyData
+	mp.Name = name
+
+	return mp, nil
+}
+
+// ParseVolumeSource parses the origin sources that's mounted into the container.
+// It returns a name and a source. It looks to see if the spec passed in
+// is an absolute file. If it is, it assumes the spec is a source. If not,
+// it assumes the spec is a name.
+func ParseVolumeSource(spec string) (string, string) {
+	if !filepath.IsAbs(spec) {
+		return spec, ""
+	}
+	return "", spec
+}
+
+// IsVolumeNameValid checks a volume name in a platform specific manner.
+func IsVolumeNameValid(name string) (bool, error) {
+	return true, nil
+}
+
+// ValidMountMode will make sure the mount mode is valid.
+// returns if it's a valid mount mode or not.
+func ValidMountMode(mode string) bool {
+	rwModeCount := 0
+	labelModeCount := 0
+	propagationModeCount := 0
+	copyModeCount := 0
+
+	for _, o := range strings.Split(mode, ",") {
+		switch {
+		case rwModes[o]:
+			rwModeCount++
+		case labelModes[o]:
+			labelModeCount++
+		case propagationModes[o]:
+			propagationModeCount++
+		case copyModeExists(o):
+			copyModeCount++
+		default:
+			return false
+		}
+	}
+
+	// Only one string for each mode is allowed.
+	if rwModeCount > 1 || labelModeCount > 1 || propagationModeCount > 1 || copyModeCount > 1 {
+		return false
+	}
+	return true
+}
+
+// ReadWrite tells you if a mode string is a valid read-write mode or not.
+// If there are no specifications w.r.t read write mode, then by default
+// it returns true.
+func ReadWrite(mode string) bool {
+	if !ValidMountMode(mode) {
+		return false
+	}
+
+	for _, o := range strings.Split(mode, ",") {
+		if o == "ro" {
+			return false
+		}
+	}
+
+	return true
+}
diff --git a/volume/volume_windows.go b/volume/volume_windows.go
new file mode 100644
index 00000000..d01d10d6
--- /dev/null
+++ b/volume/volume_windows.go
@@ -0,0 +1,199 @@
+package volume
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"regexp"
+	"strings"
+
+	"github.com/Sirupsen/logrus"
+)
+
+// read-write modes
+var rwModes = map[string]bool{
+	"rw": true,
+}
+
+// read-only modes
+var roModes = map[string]bool{
+	"ro": true,
+}
+
+const (
+	// Spec should be in the format [source:]destination[:mode]
+	//
+	// Examples: c:\foo bar:d:rw
+	//           c:\foo:d:\bar
+	//           myname:d:
+	//           d:\
+	//
+	// Explanation of this regex! Thanks @thaJeztah on IRC and gist for help. See
+	// https://gist.github.com/thaJeztah/6185659e4978789fb2b2. A good place to
+	// test is https://regex-golang.appspot.com/assets/html/index.html
+	//
+	// Useful link for referencing named capturing groups:
+	// http://stackoverflow.com/questions/20750843/using-named-matches-from-go-regex
+	//
+	// There are three match groups: source, destination and mode.
+	//
+
+	// RXHostDir is the first option of a source
+	RXHostDir = `[a-z]:\\(?:[^\\/:*?"<>|\r\n]+\\?)*`
+	// RXName is the second option of a source
+	RXName = `[^\\/:*?"<>|\r\n]+`
+	// RXReservedNames are reserved names not possible on Windows
+	RXReservedNames = `(con)|(prn)|(nul)|(aux)|(com[1-9])|(lpt[1-9])`
+
+	// RXSource is the combined possibilities for a source
+	RXSource = `((?P<source>((` + RXHostDir + `)|(` + RXName + `))):)?`
+
+	// Source. Can be either a host directory, a name, or omitted:
+	//  HostDir:
+	//    -  Essentially using the folder solution from
+	//       https://www.safaribooksonline.com/library/view/regular-expressions-cookbook/9781449327453/ch08s18.html
+	//       but adding case insensitivity.
+	//    -  Must be an absolute path such as c:\path
+	//    -  Can include spaces such as `c:\program files`
+	//    -  And then followed by a colon which is not in the capture group
+	//    -  And can be optional
+	//  Name:
+	//    -  Must not contain invalid NTFS filename characters (https://msdn.microsoft.com/en-us/library/windows/desktop/aa365247(v=vs.85).aspx)
+	//    -  And then followed by a colon which is not in the capture group
+	//    -  And can be optional
+
+	// RXDestination is the regex expression for the mount destination
+	RXDestination = `(?P<destination>([a-z]):((?:\\[^\\/:*?"<>\r\n]+)*\\?))`
+	// Destination (aka container path):
+	//    -  Variation on hostdir but can be a drive followed by colon as well
+	//    -  If a path, must be absolute. Can include spaces
+	//    -  Drive cannot be c: (explicitly checked in code, not RegEx)
+	//
+
+	// RXMode is the regex expression for the mode of the mount
+	RXMode = `(:(?P<mode>(?i)rw))?`
+	// Temporarily for TP4, disabling the use of ro as it's not supported yet
+	// in the platform. TODO Windows: `(:(?P<mode>(?i)ro|rw))?`
+	// mode (optional)
+	//    -  Hopefully self explanatory in comparison to above.
+	//    -  Colon is not in the capture group
+	//
+)
+
+// BackwardsCompatible decides whether this mount point can be
+// used in old versions of Docker or not.
+// Windows volumes are never backwards compatible.
+func (m *MountPoint) BackwardsCompatible() bool {
+	return false
+}
+
+// ParseMountSpec validates the configuration of mount information is valid.
+func ParseMountSpec(spec string, volumeDriver string) (*MountPoint, error) {
+	var specExp = regexp.MustCompile(`^` + RXSource + RXDestination + RXMode + `$`)
+
+	// Ensure in platform semantics for matching. The CLI will send in Unix semantics.
+	match := specExp.FindStringSubmatch(filepath.FromSlash(strings.ToLower(spec)))
+
+	// Must have something back
+	if len(match) == 0 {
+		return nil, errInvalidSpec(spec)
+	}
+
+	// Pull out the sub expressions from the named capture groups
+	matchgroups := make(map[string]string)
+	for i, name := range specExp.SubexpNames() {
+		matchgroups[name] = strings.ToLower(match[i])
+	}
+
+	mp := &MountPoint{
+		Source:      matchgroups["source"],
+		Destination: matchgroups["destination"],
+		RW:          true,
+	}
+	if strings.ToLower(matchgroups["mode"]) == "ro" {
+		mp.RW = false
+	}
+
+	// Volumes cannot include an explicitly supplied mode eg c:\path:rw
+	if mp.Source == "" && mp.Destination != "" && matchgroups["mode"] != "" {
+		return nil, errInvalidSpec(spec)
+	}
+
+	// Note: No need to check if destination is absolute as it must be by
+	// definition of matching the regex.
+
+	if filepath.VolumeName(mp.Destination) == mp.Destination {
+		// Ensure the destination path, if a drive letter, is not the c drive
+		if strings.ToLower(mp.Destination) == "c:" {
+			return nil, fmt.Errorf("Destination drive letter in '%s' cannot be c:", spec)
+		}
+	} else {
+		// So we know the destination is a path, not drive letter. Clean it up.
+		mp.Destination = filepath.Clean(mp.Destination)
+		// Ensure the destination path, if a path, is not the c root directory
+		if strings.ToLower(mp.Destination) == `c:\` {
+			return nil, fmt.Errorf(`Destination path in '%s' cannot be c:\`, spec)
+		}
+	}
+
+	// See if the source is a name instead of a host directory
+	if len(mp.Source) > 0 {
+		validName, err := IsVolumeNameValid(mp.Source)
+		if err != nil {
+			return nil, err
+		}
+		if validName {
+			// OK, so the source is a name.
+			mp.Name = mp.Source
+			mp.Source = ""
+
+			// Set the driver accordingly
+			mp.Driver = volumeDriver
+			if len(mp.Driver) == 0 {
+				mp.Driver = DefaultDriverName
+			}
+		} else {
+			// OK, so the source must be a host directory. Make sure it's clean.
+			mp.Source = filepath.Clean(mp.Source)
+		}
+	}
+
+	// Ensure the host path source, if supplied, exists and is a directory
+	if len(mp.Source) > 0 {
+		var fi os.FileInfo
+		var err error
+		if fi, err = os.Stat(mp.Source); err != nil {
+			return nil, fmt.Errorf("Source directory '%s' could not be found: %s", mp.Source, err)
+		}
+		if !fi.IsDir() {
+			return nil, fmt.Errorf("Source '%s' is not a directory", mp.Source)
+		}
+	}
+
+	logrus.Debugf("MP: Source '%s', Dest '%s', RW %t, Name '%s', Driver '%s'", mp.Source, mp.Destination, mp.RW, mp.Name, mp.Driver)
+	return mp, nil
+}
+
+// IsVolumeNameValid checks a volume name in a platform specific manner.
+func IsVolumeNameValid(name string) (bool, error) {
+	nameExp := regexp.MustCompile(`^` + RXName + `$`)
+	if !nameExp.MatchString(name) {
+		return false, nil
+	}
+	nameExp = regexp.MustCompile(`^` + RXReservedNames + `$`)
+	if nameExp.MatchString(name) {
+		return false, fmt.Errorf("Volume name %q cannot be a reserved word for Windows filenames", name)
+	}
+	return true, nil
+}
+
+// ValidMountMode will make sure the mount mode is valid.
+// returns if it's a valid mount mode or not.
+func ValidMountMode(mode string) bool {
+	return roModes[strings.ToLower(mode)] || rwModes[strings.ToLower(mode)]
+}
+
+// ReadWrite tells you if a mode string is a valid read-write mode or not.
+func ReadWrite(mode string) bool {
+	return rwModes[strings.ToLower(mode)]
+}
-- 
2.30.2